Closed dnoliver closed 4 years ago
OpenSSL 1.1 changed the file name it looks for for when trying to load the engine name
from libname.so
to just name.so
, see https://github.com/openssl/openssl/commit/9ee0ed3de66678a15db126d10b3e4226e835b8f5. For this reason, tpm2-tss-engine creates a symlink from libtpm2tss.so
to tpm2tss.so
during installation so that the given example code works with OpenSSL 1.0 and OpenSSL 1.1. It seems like a packaging error if the Fedora package does not create this symlink as well.
Make sense! and seems like a easy fix. Will post the request in RedHat Bugzilla
@diabonas explained it already. Please notify when fixed downstream. I'll keep this open until then so people with the same issue find a hint here.
@dnoliver I think I found the issue in the spec file https://copr-be.cloud.fedoraproject.org/results/mzavalavz/tpm2-tss-engine/fedora-31-x86_64/01138511-tpm2-tss-engine/tpm2-tss-engine.spec
tpm2tss.so is listed under %files devel
for the devel package instead of the main package.
Hope this helps.
Hello! I'm the maintainer of the tpm2-tss-engine package for fedora, I've already updated the spec file, so this should be fixed by now
Thanks !
Hello!
As today, there is a tpm2-tss-engine package available for Fedora Rawhide (soon to be 32) https://src.fedoraproject.org/rpms/tpm2-tss-engine.
I tested the package, and was able to get the basic workflow working, creating keys with tpms_tools and generating a CSR with openssl (https://gist.github.com/dnoliver/04364e72d8b81368f72ad4e6896f688d#file-enrollment-sh-L121)
The problem I found is that, in the installed package, the engine is installed as
libtpm2tss
, instead oftpm2tss
, that is provided when you compile the package.The information on how this package was created is here https://bugzilla.redhat.com/show_bug.cgi?id=1773855. The impact is that, the documentation provided by this repo is not accurate.
The SPEC file is here https://src.fedoraproject.org/rpms/tpm2-tss-engine/blob/master/f/tpm2-tss-engine.spec
Functionality is not impacted as far as I know.
Is this an rpm package creation error, or the
make install
command is doing something special?