- update to 0.9.0:
  - fixes: boo#1226398
  - swtpm:
    - Use umask() to create/truncated state file rather than fchmod()
    - Use fchmod to set mode bits provided by user
    - Replace mkstemp with g_mkstemp_full (Coverity)
    - fix typo in help message
    - cuse: Fix Coverity complaints regarding locks
    - Fix double free in error path
    - Close fd after main loop
    - Restore logging to stderr on log open failure
  - swtpm_setup:
    - Fail --pcr-banks without --tpm2
    - Fail --decryption or --allow-signing without --tpm2
    - Initialized argv in get_swtpm_capabilities()
    - Flush spk after persisting to create room for another key
    - Refactor duplicate code into swtpm_tpm2_write_cert_nvram
    - Move persisting of certificate into tpm2_persist_certificate
    - Pass key_type to function creating filename for key
    - Add scheme parameter before curveid to createprimary_ecc
    - Rename is_ek to preserve for future extension
    - Mask-out EK and plaform certificate flags and set cert_flags
    - Move common code into new function read_certificate_file()
    - Exit with '0' upon --version rather than '1'
    - Close file descriptors passed to swtpm process on parent side
    - Make stdout unbuffered
    - Use medium duration on TSC_PhysicalPresence to avoid timeouts
    - Add poll() after write() and before read() to detect errors
  - swtpm_localca:
    - Add support for up to 20 bytes serial numbers

• Files Changed
• Browse Source