Re: TSS aligned with TPM2 engine

James Bottomley
 

On Mon, 2019-01-21 at 12:01 +0100, Fredrik Ternerot wrote:
On Mon, Jan 14, 2019 at 3:38 PM James Bottomley
<James.Bottomley@...> wrote:

On Mon, 2019-01-14 at 14:47 +0100, Fredrik Ternerot wrote:
On Sat, Dec 22, 2018 at 7:21 PM James Bottomley
<James.Bottomley@...> wrote:

On Fri, 2018-12-21 at 15:22 +0000, Doug Fraser wrote:
[...]
On to openssl-tpm2-engine:

I had to make one small change to openssl-tpm2-engine before
running bootstrap/configure prior to the build.
Right after pulling the git tree, at the top of the tree I
do:

#$ sed -i 's/ create_tpm2_key.1//' Makefile.am

This removes a documentation dependency on help2man.
This is required because I am cross-compiling, and I cannot
execute
`create_tpm2_key --help` on the build host to extract the
document.

It would be helpful if there were a configure option to block
documentation generation completely.
Well, as I said, I've never actually done a cross
compile. However, leafing through the somewhat confusing
automake documentation on cross compiles, I think this is the
fix.
I can confirm that this solves the problem with help2man for me.

The changes in configure.ac are present in the latest commit
(b43aa97 Version: 2.1.1). Would you mind to add the changes in
Makefile.am as well?
Heh, well, I was supposed to be keeping that local to my tree until
someone tested it, but it must have got partially pushed with the
version update. Thanks for testing, I've added a commit for the
rest of the Makefile stuff. Note, I don't think this is
sufficient, but like I said I got out of cross compiling ages ago
mainly because of the need to run make check, so I only use
emulation containers nowadays, so I'm betting there will be other
issues.
You are right, another issue is the detection of enginesdir in
configure.ac. This is done by generating a test program that is
compiled and executed, which doesn't work when cross compiling. Do
you know any other ways to do it?
Yes, we can use pkg-config to get that. The reason we didn't before is
that openSUSE actually had the wrong directory in the openssl.pc file
(so you couldn't build working engines on openSUSE unless you detected the engines directory yourself). They've since fixed this as a bug and it should now work on all distributions.

James

Join openssl-tpm2-engine@groups.io to automatically receive all group messages.