
* TROUSERS_0_2_9_1

- Set stdout to be unbuffered when debug is on so that stderr
and stdout are interleaved correctly.
- Fixed bugs in PcrExtend: 3 fields of the PCR event struct
were not being set by trousers before sending the event to
the TCS.
- Added error returns when setting attributes of an already
created TPM key object.
- bugfix: spi_tpm.c, removed refs to the ID key's migration
policy in CollateIdentityRequest.
- bugfix: clntside.c, line 175: sd is not always >= 0
- bugfix: spi_tpm.c, line 1951: uninitialized pubBlob
- bugfix: spi_tpm.c, line 2541: passing NULL to argument 2 of
memcpy
- bugfix: tcspbg.c, line 1847: leaving function internal_TCSGetCap
with a pointer to freed memory
- bugfix: tcskcm.c, line 939: uninitialized pubKey.key
- bugfix: biosem.c, line 210: uninitialized bytes_read

* TROUSERS_0_2_9

- Manpage updates by Niko Ehrenfeuchter.
- Updated trousers' policy usage to match the spec. Added
a configure option, --enable-policy-copying, to enable
trousers to match its old behavior.
- In spi_context.c: trousers only added the TSP's default
context once Tspi_Context_Connect has been called -- this
was changed so that a default policy was created when the
context is created.
- In spi_tpm.c: Bugfix in ActivateIdentity: changed it to
reflect the fact that the rgbSymCAAttestationBlob parameter
is sent in unencrypted.  Only the credential field of that
struct is encrypted by the PrivacyCA. Thanks to Thomas
Winkler for pointing this out.
- Removed all tracking of the TCS context in the TSP, and left
that job entirely to the host table. This fixes a bug where
2 TCSDs on different systems happen to return the same TCS
context handle, which used to confuse a threaded TSP.
- Added a check for the size Tcsi_StirRandom's entropy data.
- Several bugs fixed in the Tspi_Context_GetRegisteredKeysByUUID
  code path in the TSP lib.
- Added a lock around all TCSP functions; removed auth_mgr_lock
  since the TCSP lock now suffices. This fixed some TCSD multi-
  threaded errors.
- hosttable.c: Fixed bug in host table entry removal, thanks
  to Thomas Winkler for the testcase that helped in finding this.
- Updated the TCSD event manager to read PC-Client format
  event log entries from the BIOS supplied event source.
- Removed OpenSSL references in the trousers utility functions.
- Added fix on biosem.c: when ppEvents==NULL, return only the
  number of events.
- Updated the TCSD communication mechanism to allow a much
  larger amount of data to be returned from the TCSD.
- Changed the Trspi_* blob manipluation functions to take a
  UINT64 instead of a UINT16. This was gating the amount of
  data that could be returned from the TCSD.
- Removed AUTH as one of the default properties of the SRK when
  a user passes in TSS_KEY_TSP_SRK as a flag to create object.
- Changed the way Tspi_TPM_PcrExtend behaves. The new code matches
  the 1.2 spec, since the 1.1 spec was vague.
- In the TCS GetPcrEventsByPcr, fixed a bug in calculating
  the number of events to return. Thanks to Seiji Munetoh.
- In obj_policy.c and obj_tpm.c, if NULL is passed in when trying
  to set a 1.2 style callback, clear the callback address.
- Fix in Tspi_TPM_ActivateIdentity: Only validate over the out
  parameters from the TPM, not the TCS (size of data).
- obj_encdata.c: fixed reference of pcrSelect, which caused
  bad data to be returned as the PCR selection.
- added TSS_TSPATTRIB_ENCDATAPCR_DIGEST_ATRELEASE, which was
  type-o'd in the 1.1 header files.
- Fix for SF1570380: Algorithm ID not compliant with TSS spec.
- Corrected off by 1 errors in PCR index bounds checking.
- Changed logging in the TCSD so that FILE:LINE isn't printed
  unless debugging is on.
- Changed build/code so that the system PS dir is mode 0700, not
  1777.  It used to be 1777 when user PS was not in ~/.trousers.
- Fix for SF1565726: Segfault when connecting from remote host.
- Fix for SF1565208: User PS load key by UUID failed.

* TROUSERS_0_2_8

- Fixed bug in mc_add_entry, where the PCRInfo data was not being
  copied into the mem cache with the other fields of the key.
- Fixed 2 bugs in spi_getset.c where setting the secret hash mode
  was passing subFlag to the internal set function instead of
  ulAttrib.
- Added patch to retry the libtspi's recv() call to the TCSD
  if the call was interrupted before completion.
- Made the popup string appear as a label on the popup, not the
  title. Also, got rid of annoying mouse-over texts.
- Added a flag to pass to the get_secret function internally to
  indicate whether a popup should contain the confirm box.
- Added support for callbacks in the identity creation code.
- Updated the identity creation code in the TSP/TCS to support
  AES, DES, 3DES during identity creation.
- Added symmetric encryption interfaces for openssl, Trspi.
- In Tspi_Hash_Sign, fixed memory leak.
- Added SetAttribData functions for RSA modulus/exponent per
  the upcoming additions to the TSS 1.2 errata 1 spec.
- Fixed bug in TCS key cache where if 2 keys had the same public
  modulus, they could confuse the key cache manager.
- Bind/Seal functions now return more descriptive errors codes
  and won't do the encryption if the data to use is larger than
  the RSA pubkey.
- Made updates to the code/headers for the TSS_VALIDATION struct
  change to be issued as TSS 1.1 header file errata 1.
- Bug fix: In LoadManuMaintPub's wrapping function in the TSP,
  we incorrectly passed a reference to the pubkey in loading the
  blob.
- Fixed bugs in the maintenance commands, owner auth'd commands
  were using no auth tags in their commands sent to the TPM.
- Fixed SF1546344: Track the release of auth handles by TCS
  context and take the fContinueAuthSession variable into account
  when calling the TPM to release a handle.
- Fixed SF1545614: deadlock due to auth_mgr_osap taking the
  auth_mgr_lock before calling ensureKeyIsLoaded, which took the
  mem_cache_lock.
- Added checks to ensure corrupt packets don't crash the tcsd.
- Added configure option --with-gui=gtk/none to enable building
  with no popup support for embedded apps. The default secret
  mode becomes TSS_SECRET_MODE_NONE for all policies and the
  default context mode becomes TSS_TSPATTRIB_CONTEXT_SILENT to
  supress all popups.
- Changed the Tspi_GetAttribData function to return a TCPA_PUBKEY
  blob as is specified in the portable data section.
- Added a debugging #define in req_mgr.c to print all data passed
  to/from the TPM.
- Updated Tspi_Context_LoadKeyByUUID to check in-memory keys by
  UUID when the TCS returns a filled-out loadkey info struct.
- Removed the free of all context related memory when the context
  closes. Allows an app more flexibility in choosing what to free.
- Removed check for secret mode None in establishing an OSAP
  session. Now, a secret of all 0's is used if no secret exists.
- Added checks for 2 return codes in secret_TakeOwnership.
- Fixed TSS_VERSION problem. There are no specific getcaps for
  software version vs. TSS spec version. Instead, the TSP's
  version structure contains spec version and software major/minor.
- Removed obj_regdkey list references.

* TROUSERS_0_2_7

- Added 3 new TCSD config options to allow admins to set paths
  to the 3 types of credentials returned on Make Identity calls.
- Added an implementation for returning the MANUFACTURER TCS
  caps.
- Added translation of TSS caps that are destined for the TPM.
- Updated DirWrite to work correctly (thanks Kylie).
- Updated the Tspi_TPM_DirWrite manpage with more info, removed
  a confusing statement.
- Changed the number of loops in TCSP_GetRandom_Internal to 50,
  which should allow TPMs that return few bytes per request to
  fullfill up to 4K bytes.
- Removed the TCS's getSomeMemory() function, which was really
  dumb.
- Changed the way user PS operates. User PS is now really
  persistent, its kept in ~/.trousers/users.data, which is
  created if it doesn't exist. Also, the environment variable
  TSS_USER_PS_FILE can be set to a path that will override the
  default location for as long as the TSP context is open.
- Lots of memory leaks found in error paths by Coverity, mostly
  in tcsd_wrap.c.
- Fix for SF #1501811, setting some SetAttribUint32 flags not
  supported.
- Lots of updates to the fedora specific RPM specfile.
- Fix for SF #1490845, 'make install' overwrites old tcsd.conf
- Added code to return TSS_E_POLICY_NO_SECRET when setting up
  an OIAP or OSAP session.
- Added fix for SF #1490745, trousers demands too much from
  /dev/random. Default random device is now /dev/urandom.
- Changed severity of the ioctl fallback print stmts to
  warning and info.
- Added implementation of the maintenance functions.
- Added fix for SF #1487664, Offset in PS cache is not
  updated correctly.
- Removed some Atmel specific code and commented out code.
- Added some missing auth_mgr_check calls in tcspbg.c.
- Fixed some unchecked mallocs in the TSP.
- Added build variables to automatically update the TSP
  library version and TCSD version getcap variables.
- Added call to return the modulus of an RSA key on a
  GetAttribData call.
- Added implementation of the migration functions.
- Fix for SF 1477178, random numbers get hosed by the tcsd.

* TROUSERS_0_2_6

- Removed unnecessary call to obj_encdata_get_data in
 Tspi_Data_Seal.
- Added support for using the trousers.h APIs in C++.
- Fixed Tspi_PcrComposite_GetPcrValue's man page, which had
 left out *'s in two parameters.
- Fix for SF 1414817, Quote's PCR object doesn't get set on
 return.
- Lots of function renaming to make code reading clearer.
- Return TSS_E_INVALID_OBJ_ACCESS when trying to retrieve data
 from an encrypted data object that hasn't been set.
- Added contact info to the README.
- Fix for ordering of params in call to set callback by
  Tspi_SetAttribUint32. Thanks to Thomas Winkler for the fix.
- Fix for SF 1410948, get random numbers from /dev/urandom
  unless Tspi_TPM_GetRandom is called explicitly.
- Fix for SF 1342026, print TPM error codes during bring-up.
- Added support for a TCS_LOADKEY_INFO structure returned from
 a TCSP_LoadKeyByUUID call.
- Fixed 2 free_tspi's that should have been plain free's

* TROUSERS_0_2_5

- Changed all prints of size_t to %z (matters on 64bit platforms).
- Backport of the context and policy object's
 TSS_TSPATTRIB_SECRET_HASH_MODE attribute from the TSS 1.2 spec.
 This will allow 1.1 apps to decide whether they want to
 include the 2 bytes of NULL in the hashes of their secrets.
 This will in turn allow various TSS's to interoperate better.
- SF#1397265 'getpubek' to 'readpubek' in tcsd.conf.
- Added an implementation of TSS 1.2 style callbacks.
- Added Emily's patch to explain the TSS_DEBUG_OFF flag, added
 blurb to README.
- Fixed bug that only manifested on PPC64: if errno is not set
to 0 explicitly before making a call to iconv, iconv will not
set it on failure.

* TROUSERS_0_2_4

 - Updated README with how to use new system.data files.
 - Added sample system.data files for users who've taken
 ownership of their TPMs under other OS's.
 - Updated unicode routines to NULL terminate their strings
 with the same number of bytes as is the width of the
 encoding.
 - Fixed bug in TCS_EnumRegisteredKeys_TP, returned data should
 be alloc'd on the TSP heap.
 - Added a logging statement when tcsd_startup fails due to an
 error returned by the TPM itself.
 - Fixed validation data in Tspi_TPM_Quote and
 Tspi_TPM_GetPubEndorsementKey.
 - Implemented Tspi_TPM_CollateIdentityRequest and
 Tspi_TPM_ActivateIdentity.
 - Bug fix in TCSP_Sign_TP, signature should be alloc'd using
 the TSP heap.
 - Fix for SF#1351593, authdata was always 0 for the SRK. This
 was due to the defaults set in Tspi_Context_CreateObject for
 the SRK key flag. The default SRK key is now set to require
 auth. If you want an authless SRK, you need to either set
 the authdatausage attribute directly or pass in your own
 SRK initFlags to the create object call.
 - Return bad parameter when no the pcr object is not
 initialized instead of internal error.
 - Several fixes added for list locking in the obj_*.c files.
 - Added initial support for Tspi_TPM_CollateIdentityRequest
 and its supporting functions (symmetric encryption).
 - Fix for SF#1338785: Support TSS_TSPATTRIB_HASH_IDENTIFIER.
 - Changed default kernel and firmware controlled PCRs to
 none, which should have happened a long time ago. :-/
 - Fix for SF#1324108: Tspi_TPM_GetEvents should return a
 number of events
 - Fix for RFE#1301441: Fallback support for the device
 node. ioctl is tried first, if that fails, r/w is tried,
 if that fails, error is returned.
 - Fixes for SF#1332479: HMAC and XOR callbacks were being
 passed wrong params.
 - Fix for SF#1334235, uuid data wasn't being set correctly
 when keys were registered or loaded by uuid.
 - Fix for SF#1332316, Tspi_GetAttribData doesn't always
 return data alloc'd by TSP. Unicode data returned from the
 function was being allocated off the TSP heap.
 - Changed default return value for Tspi_GetAttribUint32 to
 success.
 - Corrected Tspi_TPM_PcrExtend manpage to state that the
 application should fill out the TSS_PCR_EVENT structure.
 -Fixes for SF BUG#1312194, and SF BUG#1312196.  Get
 Attribs for key usage and size were not being returned
 correctly. Imported values for size from the TSS 1.2
 header files and translated TPM <-> TSP values for
 key usage in the get attrib calls.
 - Accepted Halcrow's patch to add a TSP key object
 removal function, invoked at object close time.
 This was SF BUG#1276133.
 - increased the size of the return buffer from TCS to
 TSP to 8K, so that larger requests won't fail.
 - added a loop to TCSP_GetRandom_Internal to try several
 (currently 5) times to get the number of requested bytes
 from the TPM. Since the TSP has no way to tell an
 application that a single request failed, this will help
 improve the odds of a large request succeeding.

* TROUSERS_0_2_3

 - SF#1291256 bugs fixed. A UINT16 was being passed instead
 of a UINT32 to TCS_LoadKeyByBlob_Internal.
 - Removed test in spi_context.c's call to TCS_LoadKeyByUUID,
 which would always fail, since there was no TCS layer bit
 set. This kept us in a success path.
 - Added debug logging functions that print the function
 name at the beginning of the statement.
 - Added GetPubKey as an option for TCSD's remote ops.
 - SF#1249767 bug fixed. UTF16 strings are now hashed when
 passwords are passed in through the popups.
 - SF#1286333 bug fixed. New unicode functions added that
 convert to UTF-16 and from the nl_langinfo(CODESET)
 encoding.
 - SF#1285428 bug fixed. obj_context_get_machine_name copied
   too many bytes out. Code added to Tspi_GetAttribData to
   convert to UTF16 before returning.

* TROUSERS_0_2_2

 - deleted section on ssh-askpass in README
 - Modified popup code to hash UTF16 instead of UTF8.
 - Restructured TCS calls to the TPM so that all auth sessions
   are released correctly.
 - Removed TSP contexts from all Trspi functions and modified
   all trousers code to free its own memory instead.
 - Fixed the TSP seal command to allow Sealing with a no-auth
   key by using null auth data. Also changes the TCS seal
   to return bad parameter if it gets null auth data.
 - Removed lots of unused code and made formatting changes.
 - Don't require Tspi_Key_WrapKey to be connected to succeed
   and return a default value (or from the environment) if
   we're doing PCR operations on an unconnected context.
 - Fixed bug where a tcsd created system.data file was not
   getting the right version info put into it.
 - SF BUG#1269290 Fixed: Protect the SRK pub key. Upon taking
   ownership, the unaltered SRK blob is passed back to the TSP
   to create a valid key object with the SRK pub key intact.
   The copies of the SRK pub key data that do into the TCSd's
   mem cache and PS are zeroed out. From then on, the only way
   to get the SRK pub key is through Tspi_Key_GetPubKey.
 - tcspbg.c: deleted unused code and always release auth session
   on an Unbind call.
 - Bugfix for SF#1274308, Tspi_Key_CreateKey doesn't add PCRs
   correctly. Ordering of calls in obj_rsakey_set_pcr_data
   and calculation of PCRInfo size were incorrect.
 - Close auth sessions in TCS_GetCapabilityOwner
 - Removed volatile flag from the SRK key handle at key object
   create time. This was keeping National TPM's from having the
   ability to be owned!
 - Moved calcCompositeHash to obj_pcrs.c and renamed it.
 - Check returns everywhere for addKeyHandle calls.
 - Call pthread_mutex_init on the host table's mutex.
 - Modified TSSWG headers so that code w/o BSD types compiles
   (such as the PKCS#11 TPM STDLL).
 - Removed ssh_askpass, since UNICODE must be hashed from the GUI
   input source.
 - Updated all manpages to include the TSSWG header file names
   instead of trousers specific files.
 - Don't log debug data when TSS_DEBUG_OFF env var is available.
 - Converted UNICODE to unsigned short and modified code accordingly.
 - Only allow INADDR_LOCALHOST connections when no remote_ops are
   defined in the tcsd.conf file.
 - Bugfix in obj_pcrs.c, setting pcr indices and values was buggy.
 - Moved macros from trousers_types.h (internal) to trousers.h
   (external), since new header files make them virtually a
   requirement
 - Bugfix for SF#1249780, PCR selection structure was incomplete.
 - Bugfix for SF#1249769, addKeyHandle now returns a TSS_RESULT.

* TROUSERS_0_2_1

 - return invalid handle int Tspi_ChangeAuth when hParentObject
   is not of the right type.
 - Fixed bug in TCS ps, write_key_init returned the wrong offset.
 - Fixed mem leak in spi_getset.c:791, found by Coverity.
 - Fixed mem leak in calltcsapi.c:70, found by Coverity.
 - Fixed mem leak in tcskcm.c:531, found by Coverity.
 - Fixed type-o mem leak in tspps.c:319/tcsps.c:349, found by Coverity.
 - Fixed mem leak bug in memmgr.c:173, found by Coverity.
 - Fixed bounds error bugs in tcstp.c:38/98, found by Coverity.
 - Fixed bounds error bug in tcsd_wrap.c:154, found by Coverity.
 - Fixed unchecked return bug in spi_utils.c:430, found by Coverity.
 - Fixed unchecked return bug in calltcsapi.c:1159, found by Coverity.
 - Fixed negative return value bug tcs/ps/ps_utils.c:365, found by Coverity.
 - Fixed negative array index bug readpass.c:65, found by Coverity.
 - Fixed null deref bugs spi_tpm.c:1292/1309/1302, and uninitialized
   variable 1272, found by Coverity.
 - Fixed null deref bugs spi_context.c:358/378, found by Coverity.
 - Fixed null deref bug tcspbg.c:1413, found by Coverity.
 - Fixed null deref bug tcspbg.c:745, found by Coverity.
 - Fixed null deref bug imaem.c:356, found by Coverity.
 - changed config file defaults for kernel/firmware pcrs.
 - added better logging for when user/group "tss" doesn't exist
 - in sendTCSDPacket: set transmitBuffer to 0 to prevent sending
   bogus data.
 - added some sanity checking in getTCSDPacket to prevent segfaults.
 - added TCSERR where needed in tcs/ps files.
 - BUG 1233031 fixed, TSP now stores PACKAGE_STRING as the vendor
   data when registering a key.
 - Added better debugging of auth mapping table, also closed two
   auth handles that were getting left opened in CreateWrapKey and
   Seal/Unseal.
 - fixed ps_inspect's printing function.
 - added SELinux files and README.selinux.
 - updated ps_inspect tool to recognize non-PS files,
   print out version 1 PS files and added a license
   statement. Also added ps_convert tool to convert
   version 0 PS files to version 1.
 - updated ps_inspect tool to print out blobs and keys.
 - change assert to DBG_ASSERT in tcs/ps files, also
   assert that data sizes are > 0 when read off disk.
 - Lots of malloc error logging changes where %d should
   have been %u in the print statment.
 - auth_mgr.c: allow a TSP to open a max of max_auths/2
   sessions before its denied any more, for TPMs that
   can handle a lot of auth sessions.
 - Big-endian fixes for the persistent store functions.
   Trousers now runs fine on ppc64, for example.
 - BUG 1226617: Audit of code for auth handle termination.
 - Use @PACKAGE_BUGREPORT@ instead of a static email addr in
   manpages.
 - Added man page for tcsd.conf in section 5.
 - Bugfix in remove_table_entry. Host table head was left
   pointing at free'd memory.
 - corrected comment in spi_context.c.
 - added 64bit stuff to configure.in
 - fixed bug in Tspi_ChangeAuth where parent object was
   assumed to be an rsakey.
 - fixed debug logging of data.
 - modified calcCompositeHash for accepting incomplete pcr
   select structures & to fill out the structure correctly.

* TROUSERS_0_2_0

 - removed unused code and added debugging in clearUnusedKeys().
 - Updated README with info on the 2.6.12 kernel device driver.
 - fixed bug in calculating pcr select size
 - fixed bug in init'ing PCRS, spi_utils.c:431
 - Changed TCPA sig schemes to TSS sig schemes in
   Hash_VerifySignature.
 - Implemented Tspi_Context_GetKeyByPublicInfo on the TCS side.
 - Fixed PS bug in storing the pub key data.
 - Implemented Tspi_Key_UnloadKey
 - Implemented the guts of Tspi_Key_CertifyKey, which now works
   in at least the case where both keys passed in are authless.
 - in obj_rsakey_set_es/ss, added mapping from TCPA numbers
   to TSS numbers and vice versa.
 - added #includes in readpass.c to get rid of compile errors.
   (thanks Emily).
 - Fixed popup secret handling. Bug #1194607 closed.
 - Fixed up the LogBlobData functions, no more strcat. Bug #1221974
   closed.
 - changed sprintf's to snprintf. Bug #1221932 closed.
 - Changed the TCPA_RSA_KEY_PARMS management at key creation time.
 - Re-implemented TSP object management.
 - Integrated TSSWG header files.
 - Added valid_keys variable for the debugging build of
   tcs/ps/ps_utils.c.
 - Changed >= to > in openssl/crypto.c to correct off by one in
   checking the size of the input data.
 - added cvs commit logging to CVSROOT/loginfo file.

* TROUSERS_0_1_11

 - Changed TCSD logging to only log on remote connection attempts,
   local connections will be left silent.
 - mended compiled time warnings
 - updated src/tspi/Makefile.am to respect libtool.
 - added x86_64 case to configure.in
 - added args to print stmt tcsd_wrap.c:3640 (thanks Kylie).
 - commited fix for detecting past runlevel states (thanks Kylie).
 - committed fix for RNG problem: a TPM's RNG is disabled when
   the TPM is in the disabled state, yet needs a random number
   to open an OSAP session to call the owner auth'd TPM enable
   command.
 - added code for CreatePubEK plumbing (thanks Kylie).
 - fixed a couple signed/unsigned comparison warnings
 - fixed endianess stuff in TPM GetCap spi_tpm.c.
 - added Trspi_Error functions to manipulate TSS_RESULTs.
 - Fixed order of receiving for the TCS_OwnerReadPubek call
   (thanks Kylie).
 - Added defns for volatile and non-volatile flags (thanks Kylie).
 - Added Trspi_Error, which converts a TSS_RESULT to a string.
   (thanks Kylie).
 - In tcsd_wrap.c, added function bodies for tcs_wrap_OwnerClear,
   tcs_wrap_DisablePubekRead, tcs_wrap_OwnerReadPubek,
   tcs_wrap_DisableForceClear and tcs_wrap_DisableOwnerClear.
   (thanks Kylie).
 - Added an unload of the auth returned from the TPM in
   TCSP_OwnerReadPubek_Internal. (thanks Kylie).
 - Corrected the TAG for the TPM command in
   TCSP_OwnerReadPubek_Internal. (thanks Kylie).

* TROUSERS_0_1_10

 - Updated implementation of Tspi_Key_WrapKey.
 - Added missing goto in ReadPubEK in tcstp.c. (thanks Kylie).
 - Added function guts for various functions in tcstp.c. (thanks
   Kylie).
 - In Tspi_TPM_SetStatus, do the right in the physical presence
   path based on boolean. (thanks Kylie).
 - Actually pass in the bool flag on TCSP_PhysicalPresence_Internal
   (thanks Kylie).
 - corrected force clear logic in spi_tpm.c:818 (thanks Kylie).
 - fixed error return code check to socket() syscall clntside.c:52.
 - added comment about TDDL reries and added log statement when a
   physical presence command is denied because of runlevel.
 - Fixed Tspi_Hash_VerifySignature to check signatures based on the
   signature scheme of the key in use. Also, crypto.c was changed
   to do a verify based on TSS_HASH_OTHER.
 - Added 2 new highlevel Unbind testcases to test PKCS1.5 vs OAEP.
 - In Tspi_Context_LoadKeyByUUID, the uninitialized keyBlob variable
   was causing an invalid free on exit. Corrected that.
 - changed return value from internal error to invalid handle when a
   bad object handle is passed to Tspi_Hash_Sign and the Tspi_Data
   functions.
 - added Tspi_TPM_CertifySelfTest functionality
 - corrected iptables string in the tcsd manpage.
 - Corrected return code in Tspi_Key_UnloadKey02.c testcase.
 - enabled Tspi_TPM_GetTestResult functionality
 - added selftest as an option to the list of remote ops for the access
   control
 - added compatibility with openssh-askpass for the popup dialog box.
   Now either gtk2-devel OR openssh-askpass must be installed to build
   trousers. Using openssh-askpass reduces the size of libtspi.so by
   about 40K and reduces the number of dependencies from 26 to 6!
 - Bugfixes
   - The entityType field was being passed between the TCSD and
   TSP as a UINT32 instead of UINT16. This was keeping Tspi_ChangeAuth
   from working as advertised.
   - Secrets were being hashed incorrectly when secret mode was PLAIN
   and the secret data length was 0. Now, when secret mode is plain, the
   passed in data is always hashed, even if its 0 length.
   - Popups are hopefully being handled more correctly now. Previously
   the dialog popped up at the time SetSecret was called, but now its
   just when the secret is actually needed.
   - sf.net Bug #118026: memory allocations and free's fixed in almost
   all paths from app to tcstp.c wrt correctly returning calloc_tspi'd
   memory vs. malloc'd memory. Only problem remaining is the PCR event
   functions, which have dangling malloc'd references, which is an
   architectural problem which should be solved in the 1.2 rewrite.

* TROUSERS_0_1_9

 - added tcsd manpage
 - added access control functionality so that sets of ordinals
   cannot be executed by non-local hosts. This is now a
   configurable option in tcsd.conf as "remote_ops".
 - Set Physical Presence now works from the TSP when the TCSD
   detects that it is running in single user mode. When not
   running in single user mode, the TCS_PhysicalPresence
   command returns TSS_E_NOTIMPL.
 - Changed an fprintf to LogError in gtk/support.c
 - TCP/IP server-side fixes in svrside.c
 - various compile warnings fixed
 - moved commonly used utility functions to trspi/trousers.c and
   exported these functions in the header file tss/trousers.h.
 - added new testcases for ChangeAuth of the TPM owner and SRK in
   tcg/highlevel/tspi.
 - added test tcg/highlevel/tpm/Tspi_TPM_PcrRead04.c
 - updated Tspi_TPM_GetCapability manpage.
 - added code to detect a 1.2 TPM and get auth sessions the 1.2 way.
 - added manpage for Tspi_TPM_GetPubEndorsementKey
 - Bugfixes
    - in crypto.c, encrypted data area should be RSA_size(rsa) bytes
    large, not always 256. This was keeping non-2048 bit keys from
    working with the TPM keyring app.
    - Fixed detection of an already closed Tddl.
    - Allow validating the entire TCPA_PUBKEY structure in
    Tspi_TPM_GetPubEndorsementKey, as National chips do this.
    - Added support for TSS_TPMCAP_ORD and TSS_TPMCAP_FLAG in
    Tspi_TPM_GetCapability, which required a call to
    TCSP_GetCapabilityOwner to fetch the TPM's internal flags. Added
    tcg/highlevel/tpm/Tspi_TPM_GetCapability0{4,5}.c to test.
    - When loading the SRK from TCS PS, the TCS key handle should now
    be 0x40000000 (TSS_SRK_KEY_HANDLE). There were checks for this in
    the ChangeAuth code paths, which caused failing of various sorts.
    - Bug fixed in roll over of TCS key handle generation. Previously we
    would have smashed the SRK's fixed value and we would have thought
    there were 2 SRK's loaded.
    - sf.net bug #1154611, old SRK was not being removed from mem cache,
    though disk cache was being deleted. This means that after re-taking
    ownership the mem cache was corrupted until a restart of the TCSD.
 - Feature Requests
    - sf.net RFE #1122608 completed. Several different device locations
    are now supported by default.  If /dev/tpm is created its assumed that
    the IBM Research device driver is being used and therefore ioctl's are
    sent to the driver, all others get read/write's. Updated README.

* TROUSERS_0_1_8

 - added a manpage for Tspi_TPM_PcrExtend
 - added SHA1_HASH_SIZE #define tied to openssl/sha.h
 - Corrected typo in tcpa_types.h of pValdationData -> pValidationData
 - updated README with info on device file stuff
 - added a usage function and long options to tcsd
 - added an error message when incorrect params are passed to tcsd on
   the command line.
 - added -lcrypto and -lpthread to the build of libtspi.so, so that app
   writers will avoid having to include those when they don't have to.
 - Connected up Tspi_TPM_SetStatus and Tspi_TPM_SelfTestFull to
   TCSP_SetTempDeactivated, TCSP_SelfTestFull, TCSP_SetOwnerInstall,
   TCSP_OwnerSetDisable and TCSP_PhysicalDisable.
 - Bugfixes
   - tcsem.c:507, error in calculating number of PCR events to copy out.
   - sf.net bug #1151183 fixed. Tspi_TPM_GetPubEndorsementKey now takes
   the correct number of params, and all testcases/TSS calls are changed.
   - sf.net bug #1113313 fixed. Tspi_TPM_TakeOwnership now allows a NULL
   pub endorsement key handle and a testcase,
   tcg/highlevel/tpm/Tspi_TPM_TakeOwnership03.c, exists to test this.
   - In Tspi_SetAttribData, set the TCPA_KEY's privkey, not the wrapper
   object on a TSS_TSPATTRIB_KEYBLOB_PRIVATE_KEY.

* TROUSERS_0_1_7

 - Fixed the logging up so that if tcsd -f is specified, all logs go the
   foreground, else all logs go to syslog.
 - Moved the TPM_IOCTL #define into the tddl.h file. Now, if you're
   using the IBM research device driver, compiling with #define TPM_IOCTL
   will use ioctl's to open /dev/tpm and #undef TPM_IOCTL will use
   read/write calls to /dev/tpm0.
 - Revert accidental change in tddl.c
 - Lots of 0's replaced with non-magic #define's in the TSP code
 - In spi_getset.c: removed unimportant debugging stmts; make
   Tspi_{Get|Set}AttribData set the correct public and private key data
   when asked to.
 - Lots of manpage verbage changes.
 - added new manpages for: Tspi_TPM_TakeOwnership, Tspi_Key_LoadKey,
   Tspi_Context_Create and Tspi_TPM_ClearOwner.
 - Bugfixes
   - cxt.c: when destroying a context object, release the tcs_ctx_lock before
     calling ctx_ref_count_keys(). This prevents a deadlock.
   - added a mutex unlock call for an error path that would have caused a
     deadlock

* TROUSERS_0_1_6

 - Logging functionality changes only, for bug #1106301
   - TCSD:
     - Logs now go to stdout/stderr until a successful startup
     - After a successful startup, cmdline args are parsed
     - if -f is specified, logging continues to stdout/stderr and daemon runs
       in the foreground, killable by ctrl-c.
     - If -f is not specified, logs go to syslog and the tcsd forks into the
       background
   - TSP library
     - If compiled w/o debugging, there is no logging of any kind
     - If compiled w/ debugging, all logs go to stdout/stderr, unless the
       environment variable TSS_DEBUG_OFF is set, then, there is no logging of
       any kind
 - There is no longer a --enable-stderrlog option to the configure script

* TROUSERS_0_1_5

 - Complete memory management overhaul. calloc_tspi is now used to clean up
   memory allocated by Tspi functions. TCS blob functions have been changed
   to not require a context, since there's no need w/o calloc_tspi. Its
   now necessary to call free explicitly everywhere in the TCS. In the TSP,
   calloc_tspi is now always called with the TSP context of the session, which
   would will ensure all memory allocated by the session is accounted for.
 - Unused #defines and variables removed from spi_utils.h
 - Commented out code removed throughout the source.
 - Removed log.o on a 'make clean'.
 - commented out unnecessary logging, added more descriptive logging
 - renamed variables named 'hContext' to specifiy whether they represent TSP
   of TCS context handles.
 - got rid of a few magic numbers
 - Bugfixes
   - in tcs/cache.c, getNextTimeStamp() was unlocking the mutex twice.
   - removed destroy_key_refs() in TSP, which caused double free errors
   - added call to event_log_final() in tcsd_shutdown() to clean up the event log
   - added an intermediate copy stage of data in getTCSDPacket() to avoid
   memcpy() calls with overlapping source and dest fields.

* TROUSERS_0_1_4

 - added ChangeLog :-)
 - TSP object management overhaul. All API's should be correct for contexts
    whether they're connected to a TCS or not.
 - testsuite changes based on object mgmt overhaul
 - various internal fixes and simplifications of the code due to object mgmt
    overhaul

* TROUSERS_0_1_3

 - added helpful message when package gtk2-devel is not found in configure.in
 - chown changes in dist/Makefile for new syntax
 - added detailed flags to various manpages
 - TSP memory management overhaul
 - added more complete destroy_key_refs() function
 - Bugfixes
    - quashed memory leaks in TSP found by valgrind
    - return TRUE/FALSE from getAttribData
    - added TSS_TSPATTRIB_KEYINFO_SIZE to Tspi_GetAttribData
    - call free() not Tspi_Context_FreeMemory() in spi_utils.c

* TROUSERS_0_1_2

 - added bug report mailing list to configure.in
 - added --enable-stderrlog feature to configure.in
 - Marked Tspi_TPM_GetCapabilitySigned as not implemented (per TSS v1.1b spec)
 - Bugfixes
    - Removed common.h from Tspi_Context_RegisterKey manpage
    - added endianess macros to spi_utils.h
    - made all endianess fixes to the TSP and testsuite
    - logging improvements tcspbg.c
    - tcs_utils.c compile time warning quashed

* TROUSERS_0_1_1

 - Updated design doc
 - Updated README
 - More sensible function naming (no addNewObject, just addObject)
 - Bugfixes
    - return data correctly in Tspi_GetAttribData
    - malloc space for returned UUID correctly in tspps.c
    - log errors in tddl.c
    - follow a failure path in auth_mgr.c
    - don't always return success in req_mgr.c

* TROUSERS_0_1_0

 - Initial code drop
