app-crypt/swtpm: New ebuild

swtpm is a libtpms TPM emulator. It is used by qemu to emulate a TPM for
guests.

Closes: https://bugs.gentoo.org/675298
Signed-off-by: Salah Coronya <salah.coronya@gmail.com>
Package-Manager: Portage-2.3.66, Repoman-2.3.11
Closes: https://github.com/gentoo/gentoo/pull/11247
Signed-off-by: Joonas Niilola <juippis@gentoo.org>

5 files changed, 145 insertions, 0 deletions

diff --git a/app-crypt/swtpm/Manifest b/app-crypt/swtpm/Manifest
new file mode 100644
index 000000000000..c3415f424e07
--- /dev/null
+++ b/app-crypt/swtpm/Manifest
@@ -0,0 +1 @@
+DIST swtpm-0.2.0.tar.gz 297419 BLAKE2B 9045cfd127d2f7e8e2e202818a375b4f6398806a097ed0df73abb76426db3af65a0d27f5e7212ce099d796862d3a9b3d421e987cf159bdce8879fc764eb5e923 SHA512 bda54690c0438138ff7adcc212fb125d2bb62618b10305eeced776e014bb135ea1a1dd1271a99fb2c60bf7e418644ded029c3c09ec2c6c1258e5062122cacf19
diff --git a/app-crypt/swtpm/files/swtpm-disable-test-dependencies.patch b/app-crypt/swtpm/files/swtpm-disable-test-dependencies.patch
new file mode 100644
index 000000000000..ff2536676637
--- /dev/null
+++ b/app-crypt/swtpm/files/swtpm-disable-test-dependencies.patch
@@ -0,0 +1,36 @@
+diff --git a/Makefile.am b/Makefile.am
+index 47b091a..61192bf 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -9,9 +9,7 @@ SUBDIRS   = \
+ 	include \
+ 	man \
+ 	samples \
+-	src \
+-	tests
+-
++	src
+ ACLOCAL_AMFLAGS = -I m4
+ 
+ EXTRA_DIST = \
+diff --git a/configure.ac b/configure.ac
+index c7b4e98..8e6445b 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -330,16 +330,6 @@ if test "x$GAWK" = "x"; then
+ 	AC_MSG_ERROR([gawk is required: gawk package])
+ fi
+ 
+-AC_PATH_PROG([SOCAT], socat)
+-if test "x$SOCAT" = "x"; then
+-	AC_MSG_ERROR([socat is required: socat package])
+-fi
+-
+-AC_PATH_PROG([PYTHON], python3)
+-if test "x$PYTHON" = "x"; then
+-	AC_MSG_ERROR([python3 is required])
+-fi
+-
+ AC_ARG_ENABLE([hardening],
+   AS_HELP_STRING([--disable-hardening], [Disable hardening flags]))
+ 
diff --git a/app-crypt/swtpm/files/swtpm-fix-localca-path.patch b/app-crypt/swtpm/files/swtpm-fix-localca-path.patch
new file mode 100644
index 000000000000..c83758da5636
--- /dev/null
+++ b/app-crypt/swtpm/files/swtpm-fix-localca-path.patch
@@ -0,0 +1,29 @@
+diff --git a/samples/Makefile.am b/samples/Makefile.am
+index 4558d66..6fc6d77 100644
+--- a/samples/Makefile.am
++++ b/samples/Makefile.am
+@@ -16,9 +16,9 @@ samplessysconf_DATA = \
+ 	swtpm-localca.options
+ 
+ install-data-local:
+-	$(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/swtpm-localca
++	$(MKDIR_P) $(DESTDIR)$(localstatedir)/swtpm-localca
+ 	if test -z $(DESTDIR); then \
+-		chown @TSS_USER@:@TSS_GROUP@ $(DESTDIR)$(localstatedir)/lib/swtpm-localca || true; \
++		chown @TSS_USER@:@TSS_GROUP@ $(DESTDIR)$(localstatedir)/swtpm-localca || true; \
+ 	fi
+ 
+ EXTRA_DIST= \
+diff --git a/samples/swtpm-localca.conf.in b/samples/swtpm-localca.conf.in
+index 1f0b48d..63f1fed 100644
+--- a/samples/swtpm-localca.conf.in
++++ b/samples/swtpm-localca.conf.in
+@@ -1,4 +1,4 @@
+-statedir = @LOCALSTATEDIR@/lib/swtpm-localca
+-signingkey = @LOCALSTATEDIR@/lib/swtpm-localca/signkey.pem
+-issuercert = @LOCALSTATEDIR@/lib/swtpm-localca/issuercert.pem
+-certserial = @LOCALSTATEDIR@/lib/swtpm-localca/certserial
++statedir = @LOCALSTATEDIR@/swtpm-localca
++signingkey = @LOCALSTATEDIR@/swtpm-localca/signkey.pem
++issuercert = @LOCALSTATEDIR@/swtpm-localca/issuercert.pem
++certserial = @LOCALSTATEDIR@/swtpm-localca/certserial
diff --git a/app-crypt/swtpm/metadata.xml b/app-crypt/swtpm/metadata.xml
new file mode 100644
index 000000000000..261b73cab058
--- /dev/null
+++ b/app-crypt/swtpm/metadata.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="person">
+		<email>salah.coronya@gmail.com</email>
+		<name>Salah Coronya</name>
+	</maintainer>
+	<maintainer type="project">
+		<email>proxy-maint@gentoo.org</email>
+		<name>Proxy Maintainers</name>
+	</maintainer>
+	<use>
+		<flag name="fuse">Support sys-fs/fuse based /dev/tpm interface</flag>
+	</use>
+</pkgmetadata>
+
diff --git a/app-crypt/swtpm/swtpm-0.2.0.ebuild b/app-crypt/swtpm/swtpm-0.2.0.ebuild
new file mode 100644
index 000000000000..0ee3facecabc
--- /dev/null
+++ b/app-crypt/swtpm/swtpm-0.2.0.ebuild
@@ -0,0 +1,63 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python3_{5,6,7} )
+
+inherit autotools python-any-r1
+
+DESCRIPTION="Libtpms-based TPM emulator"
+HOMEPAGE="https://github.com/stefanberger/swtpm"
+SRC_URI="https://github.com/stefanberger/swtpm/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64"
+IUSE="fuse gnutls seccomp test"
+
+COMMON_DEPEND="dev-libs/libtpms
+	dev-libs/openssl:0
+	fuse? (
+		dev-libs/glib:2
+		sys-fs/fuse:0
+	      )
+	gnutls? (
+		   dev-libs/libtasn1:=
+		   >=net-libs/gnutls-3.1.0[tools]
+		)
+	seccomp? ( sys-libs/libseccomp )
+"
+
+DEPEND="${COMMON_DEPEND}
+	test? (
+		net-misc/socat
+		${PYTHON_DEPS}
+	      )
+"
+
+RDEPEND="${COMMON_DEPEND}
+	app-crypt/tpm-tools
+	app-crypt/trousers
+	dev-tcltk/expect"
+
+src_prepare() {
+	use test || eapply "${FILESDIR}/${PN}-disable-test-dependencies.patch"
+	eapply "${FILESDIR}/${PN}-fix-localca-path.patch"
+	default
+	eautoreconf
+}
+
+src_configure() {
+	econf \
+	  --with-openssl \
+	  --without-selinux \
+	  $(use_with fuse cuse) \
+	  $(use_with gnutls) \
+	  $(use_with seccomp)
+}
+
+src_install() {
+	default
+	fowners tss:tss /var/lib/swtpm-localca
+	keepdir /var/lib/swtpm-localca
+}