pool/mokutil
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Accepting request 214658 from home:gary_lin:branches:Base:System

Browse Source 
Update mokutil-mokx-support.patch to fix the test-key request check

OBS-URL: https://build.opensuse.org/request/show/214658
OBS-URL: https://build.opensuse.org/package/show/Base:System/mokutil?expand=0&rev=14
This commit is contained in:
Gary Ching-Pang Lin 2014-01-22 06:52:14 +00:00 committed by Git OBS Bridge
parent 30ebafa53a
commit 3f236fd3e4
3 changed files with 94 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

123
mokutil-mokx-support.patch
View File

@ -1,7 +1,7 @@
From 65c8d2eb32beda5e90af891de3e5bda41a8aa6f1 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Mon, 21 Oct 2013 17:49:33 +0800
Subject: [PATCH 01/18] Update TODO
Subject: [PATCH 01/20] Update TODO
---
TODO | 16 ++--------------
@ -32,13 +32,13 @@ index 373e48d..465835a 100644
+* Support MokX
+* Import hash into MokNew, NokDel, MokXNew
--
1.8.1.4
1.8.4
From 012d82be0468e876a10691fbabab2ed11b7a4954 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Tue, 22 Oct 2013 14:24:13 +0800
Subject: [PATCH 02/18] Show the hashes in the database
Subject: [PATCH 02/20] Show the hashes in the database
---
src/efi.h | 2 +-
@ -252,13 +252,13 @@ index df88e98..02f0211 100644
+
+#endif /* SIGNATURE_H */
--
1.8.1.4
1.8.4
From 77a215f86139b21fd55dca4d032b7269f62b51c1 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Tue, 22 Oct 2013 14:34:21 +0800
Subject: [PATCH 03/18] Don't allocate the MOK list until there is a node
Subject: [PATCH 03/20] Don't allocate the MOK list until there is a node
---
src/mokutil.c | 9 +--------
@ -290,13 +290,13 @@ index 62690ef..ec476dd 100644
if ((efi_guidcmp (CertList->SignatureType, EfiCertX509Guid) != 0) &&
(efi_guidcmp (CertList->SignatureType, EfiHashSha1Guid) != 0) &&
--
1.8.1.4
1.8.4
From befae0e92ea24e35208b07786857d195ce8aa086 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Tue, 22 Oct 2013 14:40:58 +0800
Subject: [PATCH 04/18] Skip hashes while exporting MokListRT
Subject: [PATCH 04/20] Skip hashes while exporting MokListRT
---
src/mokutil.c | 4 ++++
@ -318,13 +318,13 @@ index ec476dd..04f7655 100644
fd = open (filename, O_CREAT | O_WRONLY, mode);
if (fd == -1) {
--
1.8.1.4
1.8.4
From 9cfc5f93e15e05dabf46a86e4f8e899e32443176 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Tue, 22 Oct 2013 16:05:33 +0800
Subject: [PATCH 05/18] Match the hashes in the database
Subject: [PATCH 05/20] Match the hashes in the database
---
src/mokutil.c | 162 +++++++++++++++++++++++++++++++++++++++-------------------
@ -571,13 +571,13 @@ index 04f7655..fa5d668 100644
ret = 0;
} else {
--
1.8.1.4
1.8.4
From 9ec6f6836a386d527cf62d6583c3ea5e394f62a5 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Tue, 22 Oct 2013 18:01:11 +0800
Subject: [PATCH 06/18] Support MOK blacklist
Subject: [PATCH 06/20] Support MOK blacklist
---
src/mokutil.c | 223 ++++++++++++++++++++++++++++++++++++++++++++++++++--------
@ -1003,13 +1003,13 @@ index fa5d668..f10e6e8 100644
print_help ();
break;
--
1.8.1.4
1.8.4
From 73c2a558b6fa9fb42526d4d2ac5c7db40d402c8f Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Wed, 23 Oct 2013 10:41:58 +0800
Subject: [PATCH 07/18] Fix the memory leakage
Subject: [PATCH 07/20] Fix the memory leakage
---
src/mokutil.c | 12 ++++++++++++
@ -1050,13 +1050,13 @@ index f10e6e8..bcc12ca 100644
if (key_file == NULL) {
fprintf (stderr, "Could not allocate space: %m\n");
--
1.8.1.4
1.8.4
From 62162fc5a5c33c987e4b8106a9e98c3abf8288ae Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Wed, 23 Oct 2013 17:29:53 +0800
Subject: [PATCH 08/18] Support import and delete a hash
Subject: [PATCH 08/20] Support import and delete a hash
---
src/mokutil.c | 424 ++++++++++++++++++++++++++++++++++++++++++++--------------
@ -1692,13 +1692,13 @@ index bcc12ca..b8edf74 100644
return ret;
}
--
1.8.1.4
1.8.4
From e852519aad00c669716c76db8908b89c6b5583e1 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Wed, 23 Oct 2013 17:42:05 +0800
Subject: [PATCH 09/18] Reorganize issue_*_request
Subject: [PATCH 09/20] Reorganize issue_*_request
---
src/mokutil.c | 75 +++++++++++++++++++----------------------------------------
@ -1849,13 +1849,13 @@ index b8edf74..862cfbf 100644
if (old_req.Data) {
memcpy (new_list + sig_list_size, old_req.Data, old_req.DataSize);
--
1.8.1.4
1.8.4
From 8603b648095d847fbed56b956b0b5aeaa62f091a Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Wed, 23 Oct 2013 18:29:09 +0800
Subject: [PATCH 10/18] Merge the hash into an existed signature list
Subject: [PATCH 10/20] Merge the hash into an existed signature list
---
src/mokutil.c | 87 +++++++++++++++++++++++++++++++++++++++++++++++------------
@ -1996,13 +1996,13 @@ index 862cfbf..f87ae7a 100644
free (new_list);
--
1.8.1.4
1.8.4
From d933eba21ebad708d85ff23a715a14a7d67f51a9 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Thu, 24 Oct 2013 17:54:18 +0800
Subject: [PATCH 11/18] Initialize the request variable to avoid the potential
Subject: [PATCH 11/20] Initialize the request variable to avoid the potential
crash
---
@ -2032,13 +2032,13 @@ index f87ae7a..880c38f 100644
old_req.VendorGuid = SHIM_LOCK_GUID;
if (read_variable (&old_req) == EFI_SUCCESS) {
--
1.8.1.4
1.8.4
From 6c9d5519172ca5f87a08d1a46105c2a68b9f4db7 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Fri, 25 Oct 2013 18:29:07 +0800
Subject: [PATCH 12/18] Make test-key and reset support MOK blacklist
Subject: [PATCH 12/20] Make test-key and reset support MOK blacklist
---
src/mokutil.c | 22 +++++++++++++++-------
@ -2117,13 +2117,13 @@ index 880c38f..8ff4b41 100644
print_help ();
break;
--
1.8.1.4
1.8.4
From 0fdc023cf98addb23ae511b91c963619ec1e8e2d Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Wed, 30 Oct 2013 10:29:25 +0800
Subject: [PATCH 13/18] Set the verbosity for shim and MokManager
Subject: [PATCH 13/20] Set the verbosity for shim and MokManager
---
src/mokutil.c | 40 ++++++++++++++++++++++++++++++++++++++++
@ -2223,13 +2223,13 @@ index 8ff4b41..cd3b622 100644
print_help ();
break;
--
1.8.1.4
1.8.4
From 96dfa331c2067c3a44d6086ec86e6abb87f3c30f Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Tue, 26 Nov 2013 12:36:12 +0800
Subject: [PATCH 14/18] Update the help and manpage
Subject: [PATCH 14/20] Update the help and manpage
---
man/mokutil.1 | 30 +++++++++++++++++++++++++++---
@ -2321,13 +2321,13 @@ index cd3b622..a1f1213 100644
printf ("\n");
printf ("Supplimentary Options:\n");
--
1.8.1.4
1.8.4
From e2ea0acb875247d70626545d5f3837f2a422af2f Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Tue, 26 Nov 2013 12:40:57 +0800
Subject: [PATCH 15/18] Make the help less verbose
Subject: [PATCH 15/20] Make the help less verbose
It's all in the manpage anyway.
---
@ -2363,13 +2363,13 @@ index a1f1213..628df7d 100644
static int
--
1.8.1.4
1.8.4
From 72dd17981660747bc84b7ce643451110529ece38 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Tue, 26 Nov 2013 16:26:16 +0800
Subject: [PATCH 16/18] New options to list the firmware keys
Subject: [PATCH 16/20] New options to list the firmware keys
---
man/mokutil.1 | 20 +++++++++++++
@ -2594,13 +2594,13 @@ index 628df7d..6f5aec4 100644
case IMPORT | MOKX:
case IMPORT | SIMPLE_HASH | MOKX:
--
1.8.1.4
1.8.4
From 9820c083e2a9b605a59aae7bdf56992f63abf7b8 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Tue, 26 Nov 2013 16:49:14 +0800
Subject: [PATCH 17/18] Add more short options
Subject: [PATCH 17/20] Add more short options
---
man/mokutil.1 | 54 +++++++++++++++++++++++++++++-------------------------
@ -2837,13 +2837,13 @@ index 6f5aec4..6fe8ae2 100644
case '?':
command |= HELP;
--
1.8.1.4
1.8.4
From 0ff8112146c355c1bc4eec57cdeb0aed4cc4065c Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Tue, 26 Nov 2013 18:13:20 +0800
Subject: [PATCH 18/18] Catch the error from strdup()
Subject: [PATCH 18/20] Catch the error from strdup()
---
src/mokutil.c | 23 ++++++++++++++++++++++-
@ -2913,5 +2913,56 @@ index 6fe8ae2..27b9585 100644
command |= GENERATE_PW_HASH;
break;
--
1.8.1.4
1.8.4
From f77d5e52b0318dbf8f92b2bd89aab0a3d5d77078 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Wed, 22 Jan 2014 13:46:24 +0800
Subject: [PATCH 19/20] Fix the test-key request check
---
src/mokutil.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/mokutil.c b/src/mokutil.c
index 27b9585..dbec25b 100644
--- a/src/mokutil.c
+++ b/src/mokutil.c
@@ -1776,7 +1776,7 @@ test_key (MokRequest req, const char *key_file)
goto error;
}
- if (!is_valid_request (EfiCertX509Guid, key, read_size, req)) {
+ if (is_valid_request (EfiCertX509Guid, key, read_size, req)) {
printf ("%s is not enrolled\n", key_file);
ret = 0;
} else {
--
1.8.4
From d921883b2f8ce4e9e9304af5d9b44aac1e701e51 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Wed, 22 Jan 2014 13:51:36 +0800
Subject: [PATCH 20/20] Update manpage for --test-key
---
man/mokutil.1 | 1 +
1 file changed, 1 insertion(+)
diff --git a/man/mokutil.1 b/man/mokutil.1
index 02b346f..ca9380d 100644
--- a/man/mokutil.1
+++ b/man/mokutil.1
@@ -43,6 +43,7 @@ mokutil \- utility to manipulate machine owner keys
\fBmokutil\fR [--sb-state]
.br
\fBmokutil\fR [--test-key \fIkeyfile\fR | -t \fIkeyfile\fR]
+ ([--mokx | -X])
.br
\fBmokutil\fR [--reset]
([--hash-file \fIhashfile\fR | -f \fIhashfile\fR] | [--root-pw | -P] |
--
1.8.4

6
mokutil.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Wed Jan 22 05:55:45 UTC 2014 - glin@suse.com
- Update mokutil-mokx-support.patch to fix the test-key request
check
-------------------------------------------------------------------
Thu Dec 5 02:11:40 UTC 2013 - glin@suse.com

2
mokutil.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package mokutil
#
# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed