mokutil/mokutil-no-invalid-x509.patch

From 0806111a850304a0490376d568ea5bf74fcdbd04 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Thu, 10 Apr 2014 12:37:54 +0800
Subject: [PATCH] Don't import an invalid x509 cert

Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
---
 src/mokutil.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/mokutil.c b/src/mokutil.c
index 6792823..cdb5739 100644
--- a/src/mokutil.c
+++ b/src/mokutil.c
@@ -1265,8 +1265,9 @@ issue_mok_request (char **files, uint32_t total, MokRequest req,
 			goto error;
 		}
 		if (!is_valid_cert (ptr, read_size)) {
-			fprintf (stderr, "Warning!!! %s is not a valid x509 certificate in DER format\n",
+			fprintf (stderr, "Abort!!! %s is not a valid x509 certificate in DER format\n",
 			         files[i]);
+			goto error;
 		}
 
 		if (is_valid_request (EfiCertX509Guid, ptr, sizes[i], req)) {
-- 
1.8.4.5