security/tpm2-tss: Update 4.0.1 => 4.1.3 (CVE-2024-29040)

Changelog:
https://github.com/tpm2-software/tpm2-tss/blob/4.1.3/CHANGELOG.md

- Fix warnings from portclippy.
- Merge MKDIRs and RMDIRs.
- Refresh patches.

PR:		295403
Approved by:	Tadeusz Struk <tstruk@gmail.com> (maintainer, timeout 2 weeks)
Security:	CVE-2024-29040
Sponsored by:	UNIS Labs
Co-authored-by:	Vladimir Druzenko <vvd@FreeBSD.org>
MFH:		2026Q2

security/tpm2-tss/Makefile

@@ -1,6 +1,5 @@
 PORTNAME=	tpm2-tss
-DISTVERSION=	4.0.1
-PORTREVISION=	3
+DISTVERSION=	4.1.3
 CATEGORIES=	security
 MASTER_SITES=	https://github.com/tpm2-software/tpm2-tss/releases/download/${DISTVERSION}/
 
@@ -17,22 +16,19 @@ USES=		compiler:c11 gmake libtool pkgconfig ssl
 USE_LDCONFIG=	yes
 
 GNU_CONFIGURE=	yes
-GNU_CONFIGURE_MANPREFIX=${PREFIX}/share
-CONFIGURE_ENV=	CRYPTO_CFLAGS="-I${OPENSSLINC}" CRYPTO_LIBS="-L${OPENSSLLIB} -lcrypto" \
-		EXTRA_CFLAGS="-I${LOCALBASE}/include"
-
 KEYDIR=		/var/lib/tpm2-tss/system/keystore
 RUNDIR=		/var/run/tpm2-tss/eventlog
 CONFIGURE_ARGS=	--disable-doxygen-doc --disable-dependency-tracking --enable-valgrind=no \
 		--with-runstatedir=${RUNDIR}
+CONFIGURE_ENV=	CRYPTO_CFLAGS="-I${OPENSSLINC}" CRYPTO_LIBS="-L${OPENSSLLIB} -lcrypto" \
+		EXTRA_CFLAGS="-I${LOCALBASE}/include"
 
 INSTALL_TARGET=	install-strip
 
 post-install:
 	@${RM} ${STAGEDIR}${PREFIX}/lib/udev/rules.d/tpm-udev.rules
-	@${RMDIR} ${STAGEDIR}${PREFIX}/lib/udev/rules.d
-	@${RMDIR} ${STAGEDIR}${PREFIX}/lib/udev
-	@${MKDIR} ${STAGEDIR}${RUNDIR}
-	@${MKDIR} ${STAGEDIR}${KEYDIR}
+	@${RMDIR} ${STAGEDIR}${PREFIX}/lib/udev/rules.d \
+		  ${STAGEDIR}${PREFIX}/lib/udev
+	@${MKDIR} ${STAGEDIR}${RUNDIR} ${STAGEDIR}${KEYDIR}
 
 .include <bsd.port.mk>

security/tpm2-tss/distinfo

@@ -1,3 +1,3 @@
-TIMESTAMP = 1694301508
-SHA256 (tpm2-tss-4.0.1.tar.gz) = 532a70133910b6bd842289915b3f9423c0205c0ea009d65294ca18a74087c950
-SIZE (tpm2-tss-4.0.1.tar.gz) = 1787139
+TIMESTAMP = 1779167796
+SHA256 (tpm2-tss-4.1.3.tar.gz) = 37f1580200ab78305d1fc872d89241aaee0c93cbe85bc559bf332737a60d3be8
+SIZE (tpm2-tss-4.1.3.tar.gz) = 1902009

security/tpm2-tss/files/patch-src_tss2-esys_esys__context.c

@@ -1,4 +1,4 @@
---- src/tss2-esys/esys_context.c.orig	2025-02-22 22:43:21 UTC
+--- src/tss2-esys/esys_context.c.orig	2024-05-17 08:04:10 UTC
 +++ src/tss2-esys/esys_context.c
 @@ -26,7 +26,7 @@
   * If not specified, load a TCTI in this order:
@@ -7,5 +7,5 @@
 - *       Device /dev/tpmrm0 (kernel resident resource manager)
 + *       Device /dev/tpmrm0 (kernel resident resource manager, SKIPPED on FreeBSD)
   *       Device /dev/tpm0 (hardware TPM)
+  *       Device /dev/tcm0 (hardware TCM)
   *       TCP socket localhost:2321 (TPM simulator)
-  * @param esys_context [out] The ESYS_CONTEXT.

security/tpm2-tss/files/patch-src_tss2-tcti_tcti-device.c

@@ -1,6 +1,6 @@
---- src/tss2-tcti/tcti-device.c.orig	2023-01-23 18:36:16.000000000 +0000
-+++ src/tss2-tcti/tcti-device.c	2025-05-08 08:40:29.255475000 +0000
-@@ -61,7 +61,9 @@
+--- src/tss2-tcti/tcti-device.c.orig	2024-05-21 12:44:23 UTC
++++ src/tss2-tcti/tcti-device.c
+@@ -61,7 +61,9 @@ static char *default_conf[] = {
  #ifdef __VXWORKS__
      "/tpm0"
  #else
@@ -8,5 +8,5 @@
      "/dev/tpmrm0",
 +#endif /* __FreeBSD__ */
      "/dev/tpm0",
+     "/dev/tcm0",
  #endif /* __VX_WORKS__ */
- };

security/tpm2-tss/files/patch-test_unit_tctildr-nodl.c

@@ -1,6 +1,6 @@
---- test/unit/tctildr-nodl.c.orig	2025-02-22 22:43:21 UTC
+--- test/unit/tctildr-nodl.c.orig	2024-05-17 08:04:10 UTC
 +++ test/unit/tctildr-nodl.c
-@@ -65,9 +65,11 @@ test_tctildr_get_default_all_fail (void **state)
+@@ -68,9 +68,11 @@ test_tctildr_get_default_all_fail (void **state)
      /* device:/dev/tpm0 */
      will_return (__wrap_tcti_from_init, tcti_ctx);
      will_return (__wrap_tcti_from_init, TEST_RC);

security/tpm2-tss/pkg-plist

@@ -4,11 +4,11 @@
 @dir /var/lib
 @dir /var/run/tpm2-tss/eventlog
 @dir /var/run/tpm2-tss
-etc/sysusers.d/tpm2-tss.conf
-etc/tmpfiles.d/tpm2-tss-fapi.conf
 %%ETCDIR%%/fapi-config.json
 %%ETCDIR%%/fapi-profiles/P_ECCP256SHA256.json
+%%ETCDIR%%/fapi-profiles/P_ECCP384SHA384.json
 %%ETCDIR%%/fapi-profiles/P_RSA2048SHA256.json
+%%ETCDIR%%/fapi-profiles/P_RSA3072SHA384.json
 include/tss2/tss2_common.h
 include/tss2/tss2_esys.h
 include/tss2/tss2_fapi.h
@@ -19,6 +19,7 @@ include/tss2/tss2_sys.h
 include/tss2/tss2_tcti.h
 include/tss2/tss2_tcti_cmd.h
 include/tss2/tss2_tcti_device.h
+include/tss2/tss2_tcti_i2c_helper.h
 include/tss2/tss2_tcti_mssim.h
 include/tss2/tss2_tcti_pcap.h
 include/tss2/tss2_tcti_spi_helper.h
@@ -45,6 +46,10 @@ lib/libtss2-rc.a
 lib/libtss2-rc.so
 lib/libtss2-rc.so.0
 lib/libtss2-rc.so.0.0.0
+lib/libtss2-tcti-i2c-helper.a
+lib/libtss2-tcti-i2c-helper.so
+lib/libtss2-tcti-i2c-helper.so.0
+lib/libtss2-tcti-i2c-helper.so.0.0.0
 lib/libtss2-tcti-spi-helper.a
 lib/libtss2-tcti-spi-helper.so
 lib/libtss2-tcti-spi-helper.so.0
@@ -85,6 +90,7 @@ libdata/pkgconfig/tss2-rc.pc
 libdata/pkgconfig/tss2-sys.pc
 libdata/pkgconfig/tss2-tcti-cmd.pc
 libdata/pkgconfig/tss2-tcti-device.pc
+libdata/pkgconfig/tss2-tcti-i2c-helper.pc
 libdata/pkgconfig/tss2-tcti-mssim.pc
 libdata/pkgconfig/tss2-tcti-pcap.pc
 libdata/pkgconfig/tss2-tcti-spi-helper.pc
@@ -101,6 +107,12 @@ share/man/man5/fapi-config.5.gz
 share/man/man5/fapi-profile.5.gz
 share/man/man7/tss2-tcti-cmd.7.gz
 share/man/man7/tss2-tcti-device.7.gz
+share/man/man7/tss2-tcti-i2c-ftdi.7.gz
+share/man/man7/tss2-tcti-i2c-helper.7.gz
 share/man/man7/tss2-tcti-mssim.7.gz
+share/man/man7/tss2-tcti-spi-ftdi.7.gz
+share/man/man7/tss2-tcti-spi-helper.7.gz
+share/man/man7/tss2-tcti-spi-ltt2go.7.gz
+share/man/man7/tss2-tcti-spidev.7.gz
 share/man/man7/tss2-tcti-swtpm.7.gz
 share/man/man7/tss2-tctildr.7.gz