| blob | 40df5cb0843b2554930cb7c3507faa1d86988e37 |
1 --- trousers-0.3.11.2/src/tspi/rpc/hosttable.c.orig
2 +++ trousers-0.3.11.2/src/tspi/rpc/hosttable.c
3 @@ -21,7 +21,7 @@
5 static struct host_table *ht = NULL;
7 -TSS_RESULT
8 +static TSS_RESULT
9 host_table_init()
10 {
11 ht = calloc(1, sizeof(struct host_table));
12 @@ -35,9 +35,8 @@
13 return TSS_SUCCESS;
14 }
16 -#ifdef SOLARIS
17 -#pragma init(_init)
18 -void _init(void)
19 +#ifdef SOLARIS && defined(__SUNPRO_C))
20 +static void my_init(void)
21 #else
22 void __attribute__ ((constructor)) my_init(void)
23 #endif
24 @@ -46,11 +45,14 @@
25 __tspi_obj_list_init();
26 }
28 -void
29 +static void
30 host_table_final()
31 {
32 struct host_table_entry *hte, *next = NULL;
34 + if (ht == NULL) /* no host table to free */
35 + return;
36 +
37 MUTEX_LOCK(ht->lock);
39 for (hte = ht->entries; hte; hte = next) {
40 @@ -69,9 +71,8 @@
41 ht = NULL;
42 }
44 -#ifdef SOLARIS
45 -#pragma fini(_fini)
46 -void _fini(void)
47 +#ifdef SOLARIS && defined(__SUNPRO_C))
48 +static void my_fini(void)
49 #else
50 void __attribute__ ((destructor)) my_fini(void)
51 #endif
52 @@ -79,6 +80,11 @@
53 host_table_final();
54 }
56 +#ifdef SOLARIS
57 +#pragma init(my_init)
58 +#pragma fini(my_fini)
59 +#endif
60 +
61 TSS_RESULT
62 __tspi_add_table_entry(TSS_HCONTEXT tspContext, BYTE *host, int type, struct host_table_entry **ret)
63 {
64 --- trousers-0.3.11.2/src/tcsd/Makefile.am.orig
65 +++ trousers-0.3.11.2/src/tcsd/Makefile.am
66 @@ -2,7 +2,7 @@
68 tcsd_CFLAGS=-DAPPID=\"TCSD\" -DVAR_PREFIX=\"@localstatedir@\" -DETC_PREFIX=\"@sysconfdir@\" -I${top_srcdir}/src/include -fPIE -DPIE
69 tcsd_LDADD=${top_builddir}/src/tcs/libtcs.a ${top_builddir}/src/tddl/libtddl.a -lpthread @CRYPTOLIB@
70 -tcsd_LDFLAGS=-pie -Wl,-z,relro -Wl,-z,now
71 +tcsd_LDFLAGS=-Wl,-z,now
73 tcsd_SOURCES=svrside.c tcsd_conf.c tcsd_threads.c platform.c
75 --- trousers-0.3.11.2/src/tcsd/Makefile.in.orig
76 +++ trousers-0.3.11.2/src/tcsd/Makefile.in
77 @@ -64,7 +64,7 @@
78 mkinstalldirs = $(install_sh) -d
79 CONFIG_CLEAN_FILES =
80 CONFIG_CLEAN_VPATH_FILES =
81 -am__installdirs = "$(DESTDIR)$(sbindir)"
82 +am__installdirs = "$(DESTDIR)$(libdir)"
83 PROGRAMS = $(sbin_PROGRAMS)
84 am_tcsd_OBJECTS = tcsd-svrside.$(OBJEXT) tcsd-tcsd_conf.$(OBJEXT) \
85 tcsd-tcsd_threads.$(OBJEXT) tcsd-platform.$(OBJEXT)
86 @@ -212,7 +212,7 @@
87 prefix = @prefix@
88 program_transform_name = @program_transform_name@
89 psdir = @psdir@
90 -sbindir = @sbindir@
91 +sbindir = @libdir@
92 sharedstatedir = @sharedstatedir@
93 srcdir = @srcdir@
94 sysconfdir = @sysconfdir@
95 @@ -227,8 +227,9 @@
96 tcsd_CFLAGS = -DAPPID=\"TCSD\" -DVAR_PREFIX=\"@localstatedir@\" \
97 -DETC_PREFIX=\"@sysconfdir@\" -I${top_srcdir}/src/include \
98 -fPIE -DPIE $(am__append_1) $(am__append_2)
99 -tcsd_LDADD = ${top_builddir}/src/tcs/libtcs.a ${top_builddir}/src/tddl/libtddl.a -lpthread @CRYPTOLIB@
100 -tcsd_LDFLAGS = -pie -Wl,-z,relro -Wl,-z,now
101 +tcsd_LDADD = ${top_builddir}/src/tcs/libtcs.a ${top_builddir}/src/tddl/libtddl.a \
102 + -lpthread -lbsm -lscf -lresolv @CRYPTOLIB@
103 +tcsd_LDFLAGS = -Wl,-z,now
104 tcsd_SOURCES = svrside.c tcsd_conf.c tcsd_threads.c platform.c
105 all: all-am
107 --- trousers-0.3.11.2/src/include/tcsd.h.orig
108 +++ trousers-0.3.11.2/src/include/tcsd.h
109 @@ -48,15 +48,25 @@
110 of this TCS System */
111 };
113 +#ifdef SOLARIS
114 +#define TCSD_DEFAULT_CONFIG_FILE "/etc/security/tcsd.conf"
115 +#else
116 #define TCSD_DEFAULT_CONFIG_FILE ETC_PREFIX "/tcsd.conf"
117 +#endif
118 extern char *tcsd_config_file;
120 #define TSS_USER_NAME "tss"
121 #define TSS_GROUP_NAME "tss"
123 #define TCSD_DEFAULT_MAX_THREADS 10
124 +#ifdef SOLARIS
125 +#define TCSD_DEFAULT_SYSTEM_PS_DIR "/var/tpm/system"
126 +#define TCSD_DEFAULT_SYSTEM_PS_FILE "/var/tpm/system/system.data"
127 +#define TCSD_DEFAULT_SOCKET "/var/tpm/tcsd-socket"
128 +#else
129 #define TCSD_DEFAULT_SYSTEM_PS_FILE VAR_PREFIX "/lib/tpm/system.data"
130 #define TCSD_DEFAULT_SYSTEM_PS_DIR VAR_PREFIX "/lib/tpm"
131 +#endif /* SOLARIS */
132 #define TCSD_DEFAULT_FIRMWARE_LOG_FILE "/sys/kernel/security/tpm0/binary_bios_measurements"
133 #define TCSD_DEFAULT_KERNEL_LOG_FILE "/sys/kernel/security/ima/binary_runtime_measurements"
134 #define TCSD_DEFAULT_FIRMWARE_PCRS 0x00000000
135 --- trousers-0.3.11.2/src/include/tspps.h.orig
136 +++ trousers-0.3.11.2/src/include/tspps.h
137 @@ -13,13 +13,17 @@
139 #define PASSWD_BUFSIZE 4096
141 +#ifdef SOLARIS
142 +#define TSS_USER_PS_DIR "/var/user/"
143 +#else
144 #define TSS_USER_PS_DIR ".trousers"
145 +#endif
146 #define TSS_USER_PS_FILE "user.data"
148 TSS_RESULT get_file(int *);
149 int put_file(int);
150 -inline TSS_RESULT read_data(int, void *, UINT32);
151 -inline TSS_RESULT write_data(int, void *, UINT32);
152 +TSS_RESULT read_data(int, void *, UINT32);
153 +TSS_RESULT write_data(int, void *, UINT32);
154 UINT32 psfile_get_num_keys(int);
155 TSS_RESULT psfile_get_parent_uuid_by_uuid(int, TSS_UUID *, TSS_UUID *);
156 TSS_RESULT psfile_remove_key_by_uuid(int, TSS_UUID *);
157 --- trousers-0.3.11.2/src/tcsd/svrside.c.orig
158 +++ trousers-0.3.11.2/src/tcsd/svrside.c
159 @@ -27,6 +27,15 @@
160 #include <arpa/inet.h>
161 #include <errno.h>
162 #include <getopt.h>
163 +#ifdef SOLARIS
164 +#include <priv.h>
165 +#include <fcntl.h>
166 +#endif
167 +#ifndef HAVE_DAEMON
168 +#include <fcntl.h>
169 +#include <syslog.h>
170 +#endif
171 +
172 #include "trousers/tss.h"
173 #include "trousers_types.h"
174 #include "tcs_tsp.h"
175 @@ -46,6 +55,10 @@
176 int sd;
177 char *tcsd_config_file = NULL;
179 +#ifdef SOLARIS
180 +static int get_event_log_from_kernel(void);
181 +#endif
182 +
183 static void
184 tcsd_shutdown(void)
185 {
186 @@ -173,6 +186,10 @@
187 (void)req_mgr_final();
188 return result;
189 }
190 +#ifdef SOLARIS
191 + /* Not fatal if this fails */
192 + (void) get_event_log_from_kernel();
193 +#endif
195 result = owner_evict_init();
196 if (result != TSS_SUCCESS) {
197 @@ -211,16 +228,171 @@
198 return result;
199 }
201 +#ifdef SOLARIS
202 +
203 +extern int get_device_fd(void);
204 +
205 +#define TPM_IOCTL_GETEVTABLE 1
206 +struct tpm_evtable_ioblk {
207 + uint32_t buflen;
208 + caddr_t buf;
209 +};
210 +
211 +static int
212 +store_eventlog(char *filename, struct tpm_evtable_ioblk *evlog)
213 +{
214 + int fd;
215 + unsigned int bytes = 0;
216 +
217 + fd = open(filename, O_WRONLY | O_TRUNC | O_CREAT, 0600);
218 + if (fd == -1) {
219 + LogError("Error opening logfile %s: %s", filename,
220 + strerror(errno));
221 + return (-1);
222 + }
223 + while (bytes < evlog->buflen) {
224 + int n;
225 + n = write(fd, evlog->buf, evlog->buflen - bytes);
226 + if (n == -1 && errno != EAGAIN) {
227 + LogError("Error writing logfile %s: %s",
228 + filename, strerror(errno));
229 + close(fd);
230 + return (-1);
231 + }
232 + if (n != -1)
233 + bytes += n;
234 + }
235 + close(fd);
236 +
237 + return (0);
238 +}
239 +
240 +static int
241 +get_event_log_from_kernel(void)
242 +{
243 + int fd = get_device_fd();
244 + struct tpm_evtable_ioblk ioblk;
245 +
246 + if (fd == -1)
247 + return (-1);
248 +
249 + (void) memset(&ioblk, 0, sizeof (ioblk));
250 + if (ioctl(fd, TPM_IOCTL_GETEVTABLE, &ioblk)) {
251 + LogDebug("Cannot get event log from kernel: %s",
252 + strerror(errno));
253 + return (-1);
254 + }
255 + if (ioblk.buflen == 0)
256 + return (0);
257 +
258 + ioblk.buf = calloc(1, ioblk.buflen);
259 + if (ioblk.buf == NULL) {
260 + return (-1);
261 + }
262 + if (ioctl(fd, TPM_IOCTL_GETEVTABLE, &ioblk)) {
263 + free(ioblk.buf);
264 + LogDebug("Cannot get event log from kernel: %s",
265 + strerror(errno));
266 + return (-1);
267 + }
268 +
269 + return (store_eventlog(tcsd_options.firmware_log_file, &ioblk));
270 +}
271 +
272 +/*
273 + * For Solaris, make the tcsd privilege aware and drop
274 + * risky privileges if they are not needed.
275 + */
276 +static int
277 +drop_privs(void)
278 +{
279 + priv_set_t *myprivs;
280 + int rv;
281 +
282 + /*
283 + * Drop unneeded privs such as fork/exec.
284 + *
285 + * Get "basic" privs and remove the ones we don't want.
286 + */
287 + if ((myprivs = priv_str_to_set("basic", ",", NULL)) == NULL) {
288 + LogError("priv_str_to_set failed: %s", strerror(errno));
289 + return (1);
290 + } else {
291 + (void) priv_delset(myprivs, PRIV_PROC_EXEC);
292 + (void) priv_delset(myprivs, PRIV_PROC_FORK);
293 + (void) priv_delset(myprivs, PRIV_FILE_LINK_ANY);
294 + (void) priv_delset(myprivs, PRIV_PROC_INFO);
295 + (void) priv_delset(myprivs, PRIV_PROC_SESSION);
296 + (void) priv_delset(myprivs, PRIV_PROC_SETID);
297 +
298 + /* for auditing */
299 + (void) priv_addset(myprivs, PRIV_PROC_AUDIT);
300 +
301 + if ((rv = setppriv(PRIV_SET, PRIV_PERMITTED, myprivs)))
302 + return (rv);
303 + if ((rv = setppriv(PRIV_SET, PRIV_LIMIT, myprivs)))
304 + return (rv);
305 + if ((rv = setppriv(PRIV_SET, PRIV_INHERITABLE, myprivs)))
306 + return (rv);
307 +
308 + (void) priv_freeset(myprivs);
309 + }
310 + return (0);
311 +}
312 +#endif /* SOLARIS */
313 +
314 +#ifndef HAVE_DAEMON
315 +static int
316 +daemon(int nochdir, int noclose) {
317 + int rv, fd;
318 +
319 + if (!noclose) {
320 + closelog();
321 + closefrom(0);
322 + }
323 +
324 + switch (fork()) {
325 + case -1: /* failure: parent process */
326 + return (-1);
327 + case 0: /* success: child process */
328 + break;
329 + default: /* success: parent process */
330 + exit (0);
331 + }
332 +
333 + /* Create a new SID for the child process */
334 + if (setsid() == -1)
335 + return (-1);
336 + /* Prevent cwd from being left open and unremovable */
337 + if (!nochdir)
338 + (void) chdir("/");
339 + (void) umask(0);
340 + /* Redirect stdin, stdout, and stderr to /dev/null */
341 + if (!noclose && (fd = open("/dev/null", O_RDWR, 0)) != -1) {
342 + (void) dup2(fd, STDIN_FILENO);
343 + (void) dup2(fd, STDOUT_FILENO);
344 + (void) dup2(fd, STDERR_FILENO);
345 + if (fd > 2)
346 + (void)close (fd);
347 + }
348 + return (0);
349 +}
350 +#endif /* !HAVE_DAEMON */
352 int
353 main(int argc, char **argv)
354 {
355 - struct sockaddr_in serv_addr, client_addr;
356 + typedef union {
357 + struct sockaddr_in in;
358 + struct sockaddr_un un;
359 + } sockaddr_un_in_t;
360 + sockaddr_un_in_t serv_addr, client_addr;
361 + int rv;
362 TSS_RESULT result;
363 int newsd, c, option_index = 0;
364 - unsigned client_len;
365 + unsigned client_len, serv_len;
366 char *hostname = NULL;
367 - struct passwd *pwd;
368 + struct passwd *pwd = NULL;
369 struct hostent *client_hostent = NULL;
370 struct option long_options[] = {
371 {"help", 0, NULL, 'h'},
372 @@ -256,26 +428,50 @@
373 if ((result = tcsd_startup()))
374 return (int)result;
376 - sd = socket(AF_INET, SOCK_STREAM, 0);
377 - if (sd < 0) {
378 - LogError("Failed socket: %s", strerror(errno));
379 - return -1;
380 - }
381 + if (tcsd_options.port == 0) { /* UNIX Domain socket */
382 + /* Use UNIX Domain socket instead of TCP/IP socket */
383 + sd = socket(AF_UNIX, SOCK_STREAM, 0);
384 + if (sd < 0) {
385 + LogError("Failed socket: %s", strerror(errno));
386 + return -1;
387 + }
388 +
389 + memset(&serv_addr, 0, sizeof (serv_addr));
390 + serv_addr.un.sun_family = AF_UNIX;
391 + strncpy(serv_addr.un.sun_path, TCSD_DEFAULT_SOCKET,
392 + sizeof (serv_addr.un.sun_path));
393 + (void) unlink(TCSD_DEFAULT_SOCKET);
394 +
395 + } else { /* TCP socket */
396 + sd = socket(AF_INET, SOCK_STREAM, 0);
397 + if (sd < 0) {
398 + LogError("Failed socket: %s", strerror(errno));
399 + return -1;
400 + }
402 - memset(&serv_addr, 0, sizeof (serv_addr));
403 - serv_addr.sin_family = AF_INET;
404 - serv_addr.sin_port = htons(tcsd_options.port);
405 -
406 - /* If no remote_ops are defined, restrict connections to localhost
407 - * only at the socket. */
408 - if (tcsd_options.remote_ops[0] == 0)
409 - serv_addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
410 - else
411 - serv_addr.sin_addr.s_addr = htonl(INADDR_ANY);
412 -
413 - c = 1;
414 - setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, &c, sizeof(c));
415 - if (bind(sd, (struct sockaddr *) &serv_addr, sizeof (serv_addr)) < 0) {
416 + memset(&serv_addr, 0, sizeof (serv_addr));
417 + serv_addr.in.sin_family = AF_INET;
418 + serv_addr.in.sin_port = htons(tcsd_options.port);
419 +
420 + /* If no remote_ops are defined, restrict connections to localhost
421 + * only at the socket. */
422 + if (tcsd_options.remote_ops[0] == 0)
423 + serv_addr.in.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
424 + else
425 + serv_addr.in.sin_addr.s_addr = htonl(INADDR_ANY);
426 +
427 + c = 1;
428 + setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, &c, sizeof(c));
429 + }
430 +
431 + if (tcsd_options.port == 0) { /* UNIX Domain socket */
432 + serv_len = (unsigned)sizeof(serv_addr.un);
433 + client_len = (unsigned)sizeof(client_addr.un);
434 + } else { /* TCP socket */
435 + serv_len = (unsigned)sizeof(serv_addr.in);
436 + client_len = (unsigned)sizeof(client_addr.in);
437 + }
438 + if (bind(sd, (struct sockaddr *) &serv_addr, serv_len) < 0) {
439 LogError("Failed bind: %s", strerror(errno));
440 return -1;
441 }
442 @@ -296,7 +492,6 @@
443 LogError("Failed listen: %s", strerror(errno));
444 return -1;
445 }
446 - client_len = (unsigned)sizeof(client_addr);
448 if (getenv("TCSD_FOREGROUND") == NULL) {
449 if (daemon(0, 0) == -1) {
450 @@ -306,6 +501,12 @@
451 }
452 }
454 +#ifdef SOLARIS
455 + /* For Solaris, drop privileges for security. */
456 + if ((rv = drop_privs()))
457 + return (rv);
458 +#endif /* SOLARIS */
459 +
460 LogInfo("%s: TCSD up and running.", PACKAGE_STRING);
461 do {
462 newsd = accept(sd, (struct sockaddr *) &client_addr, &client_len);
463 @@ -325,20 +526,22 @@
464 }
465 LogDebug("accepted socket %i", newsd);
467 - if ((client_hostent = gethostbyaddr((char *) &client_addr.sin_addr,
468 - sizeof(client_addr.sin_addr),
469 + if (tcsd_options.port != 0) { /* TCP socket */
470 + if ((client_hostent = gethostbyaddr((char *) &client_addr.in.sin_addr,
471 + sizeof(client_addr.in.sin_addr),
472 AF_INET)) == NULL) {
473 - char buf[16];
474 - uint32_t addr = htonl(client_addr.sin_addr.s_addr);
475 + char buf[16];
476 + uint32_t addr = htonl(client_addr.in.sin_addr.s_addr);
478 - snprintf(buf, 16, "%d.%d.%d.%d", (addr & 0xff000000) >> 24,
479 - (addr & 0x00ff0000) >> 16, (addr & 0x0000ff00) >> 8,
480 - addr & 0x000000ff);
481 + snprintf(buf, 16, "%d.%d.%d.%d", (addr & 0xff000000) >> 24,
482 + (addr & 0x00ff0000) >> 16, (addr & 0x0000ff00) >> 8,
483 + addr & 0x000000ff);
485 - LogWarn("Host name for connecting IP %s could not be resolved", buf);
486 - hostname = strdup(buf);
487 - } else {
488 - hostname = strdup(client_hostent->h_name);
489 + LogWarn("Host name for connecting IP %s could not be resolved", buf);
490 + hostname = strdup(buf);
491 + } else {
492 + hostname = strdup(client_hostent->h_name);
493 + }
494 }
496 tcsd_thread_create(newsd, hostname);
497 --- trousers-0.3.11.2/src/tspi/rpc/tcstp/rpc.c.orig
498 +++ trousers-0.3.11.2/src/tspi/rpc/tcstp/rpc.c
499 @@ -342,41 +342,68 @@
500 BYTE *buffer;
501 TSS_RESULT result;
503 - struct sockaddr_in addr;
504 - struct hostent *hEnt = NULL;
505 + if (get_port() == 0) { /* use UNIX Domain socket */
506 + struct sockaddr_un addr;
508 - sd = socket(PF_INET, SOCK_STREAM, 0);
509 - if (sd == -1) {
510 - LogError("socket: %s", strerror(errno));
511 - result = TSPERR(TSS_E_COMM_FAILURE);
512 - goto err_exit;
513 - }
515 - __tspi_memset(&addr, 0, sizeof(addr));
516 - addr.sin_family = AF_INET;
517 - addr.sin_port = htons(get_port());
518 -
519 - LogDebug("Sending TSP packet to host %s.", hte->hostname);
520 -
521 - /* try to resolve by hostname first */
522 - hEnt = gethostbyname((char *)hte->hostname);
523 - if (hEnt == NULL) {
524 - /* if by hostname fails, try by dot notation */
525 - if (inet_aton((char *)hte->hostname, &addr.sin_addr) == 0) {
526 - LogError("hostname %s does not resolve to a valid address.", hte->hostname);
527 - result = TSPERR(TSS_E_CONNECTION_FAILED);
528 + sd = socket(PF_UNIX, SOCK_STREAM, 0);
529 + if (sd == -1) {
530 + LogError("socket(PF_UNIX): %s", strerror(errno));
531 + result = TSPERR(TSS_E_COMM_FAILURE);
532 goto err_exit;
533 }
534 - } else {
535 - memcpy(&addr.sin_addr, hEnt->h_addr_list[0], 4);
536 - }
538 - LogDebug("Connecting to %s", inet_ntoa(addr.sin_addr));
539 + __tspi_memset(&addr, 0, sizeof(addr));
540 + addr.sun_family = AF_UNIX;
541 + strncpy(addr.sun_path, TCSD_DEFAULT_SOCKET,
542 + sizeof(addr.sun_path));
543 +
544 + LogDebug("Connecting to UNIX Domain socket %s",
545 + TCSD_DEFAULT_SOCKET);
546 +
547 + if (connect(sd, (struct sockaddr *) &addr, sizeof (addr))) {
548 + LogError("connect: %s", strerror(errno));
549 + result = TSPERR(TSS_E_COMM_FAILURE);
550 + goto err_exit;
551 + }
552 +
553 + } else { /* use TCP socket */
554 + struct sockaddr_in addr;
555 + struct hostent *hEnt = NULL;
556 +
557 + sd = socket(PF_INET, SOCK_STREAM, 0);
558 + if (sd == -1) {
559 + LogError("socket: %s", strerror(errno));
560 + result = TSPERR(TSS_E_COMM_FAILURE);
561 + goto err_exit;
562 + }
563 +
564 + __tspi_memset(&addr, 0, sizeof(addr));
565 + addr.sin_family = AF_INET;
566 + addr.sin_port = htons(get_port());
567 +
568 + LogDebug("Sending TSP packet to host %s.", hte->hostname);
569 +
570 + /* try to resolve by hostname first */
571 + hEnt = gethostbyname((char *)hte->hostname);
572 + if (hEnt == NULL) {
573 + /* if by hostname fails, try by dot notation */
574 + if (inet_aton((char *)hte->hostname, &addr.sin_addr) == 0) {
575 + LogError("hostname %s does not resolve to a valid address.", hte->hostname);
576 + result = TSPERR(TSS_E_CONNECTION_FAILED);
577 + goto err_exit;
578 + }
579 + } else {
580 + memcpy(&addr.sin_addr, hEnt->h_addr_list[0], 4);
581 + }
582 +
583 + LogDebug("Connecting to %s", inet_ntoa(addr.sin_addr));
585 - if (connect(sd, (struct sockaddr *) &addr, sizeof (addr))) {
586 - LogError("connect: %s", strerror(errno));
587 - result = TSPERR(TSS_E_COMM_FAILURE);
588 - goto err_exit;
589 + if (connect(sd, (struct sockaddr *) &addr, sizeof (addr))) {
590 + LogError("connect: %s", strerror(errno));
591 + result = TSPERR(TSS_E_COMM_FAILURE);
592 + goto err_exit;
593 + }
594 }
596 if (send_to_socket(sd, hte->comm.buf, hte->comm.hdr.packet_size) < 0) {