diff options
| author |   Christopher Byrne <salah.coronya@gmail.com> | 2022-03-13 22:19:35 -0500 |
|---|---|---|
| committer |   Matt Turner <mattst88@gentoo.org> | 2022-03-15 19:07:26 -0700 |
| commit | d365c45e634a03d664b17037fdc7843beadf8193 (patch) | |
| tree | 56329f9e3c5113d272f9d27879fe0ec476efc2e3 /app-crypt | |
| parent | dev-lang/go: stabilize 1.17.8 for amd64 (diff) | |
| download | gentoo-d365c45e634a03d664b17037fdc7843beadf8193.tar.gz gentoo-d365c45e634a03d664b17037fdc7843beadf8193.tar.bz2 gentoo-d365c45e634a03d664b17037fdc7843beadf8193.zip | |
app-crypt/libsecret: Create an emulated TPM2 for tests
Libsecret runs tests against the TPM2 already in the machine and require
tpm2-abrmd. Hence the tests will fail if the user does not have tpm2-abrmd
installed or does not have a TPM2 in the machine. It shouldn't do this
- it should provision a virtual TPM2 spawn an emulator (swtpm) and the use
the swtpm TCTI with tpm2-abrmd.
However its not too difficult to setup the TPM2 simulator for the test,
which is what this patch does.
Bug: https://bugs.gentoo.org/834830
Closes: https://github.com/gentoo/gentoo/pull/24509
Signed-off-by: Christopher Byrne <salah.coronya@gmail.com>
Signed-off-by: Matt Turner <mattst88@gentoo.org>
Diffstat (limited to 'app-crypt')
| -rw-r--r-- | app-crypt/libsecret/libsecret-0.20.5-r1.ebuild | 155 |
1 files changed, 155 insertions, 0 deletions
diff --git a/app-crypt/libsecret/libsecret-0.20.5-r1.ebuild b/app-crypt/libsecret/libsecret-0.20.5-r1.ebuild new file mode 100644 index 000000000000..5d82c2b3179e --- /dev/null +++ b/app-crypt/libsecret/libsecret-0.20.5-r1.ebuild @@ -0,0 +1,155 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 +PYTHON_COMPAT=( python3_{8..10} ) +VALA_USE_DEPEND=vapigen + +inherit bash-completion-r1 gnome2 meson-multilib python-any-r1 vala virtualx + +DESCRIPTION="GObject library for accessing the freedesktop.org Secret Service API" +HOMEPAGE="https://wiki.gnome.org/Projects/Libsecret" + +LICENSE="LGPL-2.1+ Apache-2.0" # Apache-2.0 license is used for tests only +SLOT="0" + +IUSE="+crypt gtk-doc +introspection test tpm +vala" +RESTRICT="!test? ( test )" +REQUIRED_USE=" + vala? ( introspection ) + gtk-doc? ( crypt ) +" + +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86" + +DEPEND=" + >=dev-libs/glib-2.44:2[${MULTILIB_USEDEP}] + crypt? ( >=dev-libs/libgcrypt-1.2.2:0=[${MULTILIB_USEDEP}] ) + tpm? ( >=app-crypt/tpm2-tss-3.0.3 ) + introspection? ( >=dev-libs/gobject-introspection-1.54:= ) +" +RDEPEND="${DEPEND} + virtual/secret-service" +BDEPEND=" + app-text/docbook-xml-dtd:4.2 + dev-libs/libxslt + dev-util/gdbus-codegen + dev-util/glib-utils + >=sys-devel/gettext-0.19.8 + virtual/pkgconfig + gtk-doc? ( + app-text/docbook-xml-dtd:4.1.2 + >=dev-util/gi-docgen-2021.7 + ) + test? ( + $(python_gen_any_dep ' + dev-python/mock[${PYTHON_USEDEP}] + dev-python/dbus-python[${PYTHON_USEDEP}] + introspection? ( dev-python/pygobject:3[${PYTHON_USEDEP}] )') + introspection? ( >=dev-libs/gjs-1.32 ) + tpm? ( + app-crypt/swtpm + app-crypt/tpm2-abrmd + >=app-crypt/tpm2-tss-3.2.0 + ) + ) + vala? ( $(vala_depend) ) +" + +dbus_run() { + ( + # start isolated dbus session bus + dbus_data=$(dbus-launch --sh-syntax) || exit + eval "${dbus_data}" + + $@ + ret=${?} + + kill "${DBUS_SESSION_BUS_PID}" + exit "${ret}" + ) || die +} + +tpm2_run_with_emulator() { + export XDG_CONFIG_HOME=${T}/.config/swtpm + ${BROOT}/usr/share/swtpm/swtpm-create-user-config-files || die + + mkdir -p ${XDG_CONFIG_HOME}/mytpm1 || die + swtpm_setup_args=( + --tpm2 + --tpmstate ${XDG_CONFIG_HOME}/mytpm1 + --createek + --allow-signing + --decryption + --create-ek-cert + --create-platform-cert + --lock-nvram + --overwrite + --display + ) + swtpm_setup "${swtpm_setup_args[@]}" || die + + swtpm_socket_args=( + --tpm2 + --tpmstate dir=${XDG_CONFIG_HOME}/mytpm1 + --flags startup-clear + --ctrl type=unixio,path=${XDG_CONFIG_HOME}/mytpm1/swtpm.socket.ctrl + --server type=unixio,path=${XDG_CONFIG_HOME}/mytpm1/swtpm.socket + --pid file=${XDG_CONFIG_HOME}/mytpm1/swtpm.pid + --daemon + ) + swtpm socket "${swtpm_socket_args[@]}" || die + + tpm2_abrmd_args=( + --logger=stdout + --tcti=swtpm:path=${XDG_CONFIG_HOME}/mytpm1/swtpm.socket + --session + --flush-all + ) + tpm2-abrmd "${tpm2_abrmd_args[@]}" & + export TCTI=tabrmd:bus_type=session + + $@ || die + + # When swtpm dies, tmp2-abrmd will exit + kill $(< ${XDG_CONFIG_HOME}/mytpm1/swtpm.pid) || die +} + +python_check_deps() { + if use introspection; then + has_version -b "dev-python/pygobject:3[${PYTHON_USEDEP}]" || return + fi + has_version -b "dev-python/mock[${PYTHON_USEDEP}]" && + has_version -b "dev-python/dbus-python[${PYTHON_USEDEP}]" +} + +pkg_setup() { + use test && python-any-r1_pkg_setup +} + +src_prepare() { + use vala && vala_src_prepare + default +} + +multilib_src_configure() { + local emesonargs=( + $(meson_native_true manpage) + $(meson_use crypt gcrypt) + $(meson_native_use_bool vala vapi) + $(meson_native_use_bool gtk-doc gtk_doc) + $(meson_native_use_bool introspection) + -Dbashcompdir="$(get_bashcompdir)" + $(meson_native_enabled bash_completion) + $(meson_native_use_bool tpm tpm2) + ) + meson_src_configure +} + +multilib_src_test() { + if use tpm; then + dbus_run tpm2_run_with_emulator virtx meson test -C "${BUILD_DIR}" + else + virtx dbus-run-session meson test -C "${BUILD_DIR}" + fi +} |