[PATCH tpm-work 0/3] move the tpm-work branch to an assuan based tpm handling daemon

James Bottomley James.Bottomley at HansenPartnership.com
Mon Jul 30 22:47:54 CEST 2018 

It turns out that this code works in my test environment where I
specify the tpm2daemon location but it fails on a production build for
openSUSE where they try to reconfigure the default daemon locations
(largely because the config code doesn't exist in my current copy).

The below is the patch I needed to plumb it in properly and get the
openSUSE gpg2 build working.

James

---

>From 41b2c2df461cd54813ba951a4fe7a97bdce29e74 Mon Sep 17 00:00:00 2001
From: James Bottomley <James.Bottomley at HansenPartnership.com>
Date: Mon, 30 Jul 2018 08:39:26 -0700
Subject: [PATCH] Fix tpm2 daemon configs and gpgconf

Signed-off-by: James Bottomley <James.Bottomley at HansenPartnership.com>
---
 agent/call-daemon.c  |  9 ++++++++-
 am/cmacros.am        |  3 +++
 configure.ac         | 10 ++++++++++
 tools/gpgconf-comp.c | 17 +++++++++++++++--
 4 files changed, 36 insertions(+), 3 deletions(-)

diff --git a/agent/call-daemon.c b/agent/call-daemon.c
index 8b5bae955..472ab0635 100644
--- a/agent/call-daemon.c
+++ b/agent/call-daemon.c
@@ -239,7 +239,14 @@ daemon_start (enum daemon_type type, ctrl_t ctrl)
     }
 
   if (!opt.daemon_program[type] || !*opt.daemon_program[type])
-    opt.daemon_program[type] = gnupg_module_name (GNUPG_MODULE_NAME_SCDAEMON);
+    {
+      int map_types[] = {
+	[DAEMON_SCD] = GNUPG_MODULE_NAME_SCDAEMON,
+	[DAEMON_TPM2D] = GNUPG_MODULE_NAME_TPM2DAEMON,
+      };
+
+      opt.daemon_program[type] = gnupg_module_name (map_types[type]);
+    }
   if ( !(pgmname = strrchr (opt.daemon_program[type], '/')))
     pgmname = opt.daemon_program[type];
   else
diff --git a/am/cmacros.am b/am/cmacros.am
index 9610e4efe..e71bc4e9d 100644
--- a/am/cmacros.am
+++ b/am/cmacros.am
@@ -44,6 +44,9 @@ endif
 if GNUPG_SCDAEMON_PGM
 AM_CPPFLAGS += -DGNUPG_DEFAULT_SCDAEMON="\"@GNUPG_SCDAEMON_PGM@\""
 endif
+if GNUPG_TPM2DAEMON_PGM
+AM_CPPFLAGS += -DGNUPG_DEFAULT_TPM2DAEMON="\"@GNUPG_TPM2DAEMON_PGM@\""
+endif
 if GNUPG_DIRMNGR_PGM
 AM_CPPFLAGS += -DGNUPG_DEFAULT_DIRMNGR="\"@GNUPG_DIRMNGR_PGM@\""
 endif
diff --git a/configure.ac b/configure.ac
index ce3145a36..1fe5ba33c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -181,6 +181,15 @@ show_gnupg_scdaemon_pgm="(default)"
 test -n "$GNUPG_SCDAEMON_PGM" && show_gnupg_scdaemon_pgm="$GNUPG_SCDAEMON_PGM"
 
 
+AC_ARG_WITH(tpm2daemon-pgm,
+    [  --with-tpm2daemon-pgm=PATH  Use PATH as the default for the tpm2daemon)],
+          GNUPG_TPM2DAEMON_PGM="$withval", GNUPG_TPM2DAEMON_PGM="" )
+AC_SUBST(GNUPG_TPM2DAEMON_PGM)
+AM_CONDITIONAL(GNUPG_TPM2DAEMON_PGM, test -n "$GNUPG_TPM2DAEMON_PGM")
+show_gnupg_tpm2daemon_pgm="(default)"
+test -n "$GNUPG_TPM2DAEMON_PGM" && show_gnupg_tpm2daemon_pgm="$GNUPG_TPM2DAEMON_PGM"
+
+
 AC_ARG_WITH(dirmngr-pgm,
     [  --with-dirmngr-pgm=PATH  Use PATH as the default for the dirmngr)],
           GNUPG_DIRMNGR_PGM="$withval", GNUPG_DIRMNGR_PGM="" )
@@ -2071,6 +2080,7 @@ echo "
         Default agent:     $show_gnupg_agent_pgm
         Default pinentry:  $show_gnupg_pinentry_pgm
         Default scdaemon:  $show_gnupg_scdaemon_pgm
+	Default tpm2daemon: $show_gnupg_tpm2daemon_pgm
         Default dirmngr:   $show_gnupg_dirmngr_pgm
 
         Dirmngr auto start:  $dirmngr_auto_start
diff --git a/tools/gpgconf-comp.c b/tools/gpgconf-comp.c
index 799154c83..d3f52dd68 100644
--- a/tools/gpgconf-comp.c
+++ b/tools/gpgconf-comp.c
@@ -134,6 +134,9 @@ typedef enum
     /* The GnuPG SCDaemon.  */
     GC_BACKEND_SCDAEMON,
 
+    /* The TPM2 daemon */
+    GC_BACKEND_TPM2DAEMON,
+
     /* The GnuPG directory manager.  */
     GC_BACKEND_DIRMNGR,
 
@@ -188,10 +191,10 @@ static const struct
       NULL, GPGCONF_NAME "-" GPGSM_NAME ".conf" },
     { GPG_AGENT_DISP_NAME, GPG_AGENT_NAME, GNUPG_MODULE_NAME_AGENT,
       gpg_agent_runtime_change, GPGCONF_NAME"-" GPG_AGENT_NAME ".conf" },
-    { TPM2DAEMON_DISP_NAME, TPM2DAEMON_NAME, GNUPG_MODULE_NAME_TPM2DAEMON,
-      NULL, GPGCONF_NAME"-" TPM2DAEMON_NAME ".conf" },
     { SCDAEMON_DISP_NAME, SCDAEMON_NAME, GNUPG_MODULE_NAME_SCDAEMON,
       scdaemon_runtime_change, GPGCONF_NAME"-" SCDAEMON_NAME ".conf" },
+    { TPM2DAEMON_DISP_NAME, TPM2DAEMON_NAME, GNUPG_MODULE_NAME_TPM2DAEMON,
+      NULL, GPGCONF_NAME"-" TPM2DAEMON_NAME ".conf" },
     { DIRMNGR_DISP_NAME, DIRMNGR_NAME, GNUPG_MODULE_NAME_DIRMNGR,
       dirmngr_runtime_change, GPGCONF_NAME "-" DIRMNGR_NAME ".conf" },
     { DIRMNGR_DISP_NAME " LDAP Server List", NULL, 0,
@@ -602,6 +605,15 @@ static gc_option_t gc_options_gpg_agent[] =
  };
 #endif /*BUILD_WITH_AGENT*/
 
+static gc_option_t gc_options_tpm2daemon[] =
+  {
+   /* The configuration file to which we write the changes.  */
+   { GPGCONF_NAME"-"TPM2DAEMON_NAME".conf",
+     GC_OPT_FLAG_NONE, GC_LEVEL_INTERNAL,
+     NULL, NULL, GC_ARG_TYPE_FILENAME, GC_BACKEND_TPM2DAEMON },
+
+    GC_OPTION_NULL,
+  };
 
 #ifndef BUILD_WITH_SCDAEMON
 #define gc_options_scdaemon NULL
@@ -1118,6 +1130,7 @@ static const struct
     { "gpg",      "gnupg", N_("OpenPGP"), gc_options_gpg },
     { "gpg-agent","gnupg", N_("Private Keys"), gc_options_gpg_agent },
     { "scdaemon", "gnupg", N_("Smartcards"), gc_options_scdaemon },
+    { "tpm2daemon", "gnupg", N_("TPM2"), gc_options_tpm2daemon },
     { "gpgsm",    "gnupg", N_("S/MIME"), gc_options_gpgsm },
     { "dirmngr",  "gnupg", N_("Network"), gc_options_dirmngr },
     { "pinentry", "gnupg", N_("Passphrase Entry"), gc_options_pinentry }
-- 
2.13.7

More information about the Gnupg-devel mailing list