From 31c2c5f6f70a6c8b585c66a097bc6248a8aa7a39 Mon Sep 17 00:00:00 2001
From: Jarrod Johnson <jjohnson2@lenovo.com>
Date: Fri, 6 Nov 2020 13:38:37 -0500
Subject: [PATCH] Fix errors in the TPM2 support

---
 confluent_osdeploy/utils/clortho.c       |  4 +++-
 confluent_server/confluent/credserver.py | 11 ++++++-----
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/confluent_osdeploy/utils/clortho.c b/confluent_osdeploy/utils/clortho.c
index 97d63472..359e0ccc 100644
--- a/confluent_osdeploy/utils/clortho.c
+++ b/confluent_osdeploy/utils/clortho.c
@@ -109,7 +109,9 @@ int main(int argc, char* argv[]) {
         while (buffer[0] != 255) {
             currtype = buffer[0];
 	    if (currtype & 0b10000000) {
-                currlen = buffer[1] << 8 & buffer[2];
+                currlen = buffer[1] << 8;
+                read(sock, buffer, 1);
+                currlen |= buffer[0];
             } else {
                 currlen = buffer[1];
 	    }
diff --git a/confluent_server/confluent/credserver.py b/confluent_server/confluent/credserver.py
index 7e2040ce..e0894091 100644
--- a/confluent_server/confluent/credserver.py
+++ b/confluent_server/confluent/credserver.py
@@ -22,6 +22,7 @@ import eventlet
 import eventlet.green.socket as socket
 import eventlet.greenpool
 import os
+import struct
 
 # cred grant tlvs:
 # 0, 0 - null
@@ -48,16 +49,16 @@ class CredServer(object):
                 return
             nodename = util.stringify(client.recv(tlv[1]))
             tlv = bytearray(client.recv(2))  # should always be null
-            apiarmed = self.cfm.get_node_attributes(nodename,
+            apimats = self.cfm.get_node_attributes(nodename,
                 ['deployment.apiarmed', 'deployment.sealedapikey'])
-            apiarmed = apiarmed.get(nodename, {}).get('deployment.apiarmed', {}).get(
+            apiarmed = apimats.get(nodename, {}).get('deployment.apiarmed', {}).get(
                 'value', None)
             if not apiarmed:
-                if apiarmed.get(nodename, {}).get(
+                if apimats.get(nodename, {}).get(
                     'deployment.sealedapikey', {}).get('value', None):
-                    sealed = apiarmed[nodename]['deployment.sealedapikey'][
+                    sealed = apimats[nodename]['deployment.sealedapikey'][
                         'value']
-                    if not isintance(sealed, bytes):
+                    if not isinstance(sealed, bytes):
                         sealed = sealed.encode('utf8')
                     reply = b'\x80' + struct.pack('>H', len(sealed) + 1) + sealed + b'\x00'
                     client.send(reply)