| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 10 Jun 2014 11:48:16 +0300
From: Dmitry Kasatkin <d.kasatkin@...sung.com>
To: zohar@...ux.vnet.ibm.com, dhowells@...hat.com, jwboyer@...hat.com,
keyrings@...ux-nfs.org, linux-security-module@...r.kernel.org
Cc: linux-kernel@...r.kernel.org, dmitry.kasatkin@...il.com,
Dmitry Kasatkin <d.kasatkin@...sung.com>
Subject: [PATCH 2/4] KEYS: fix couple of things
Signed-off-by: Dmitry Kasatkin <d.kasatkin@...sung.com>
---
crypto/asymmetric_keys/x509_public_key.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c
index 6af338f..962f9b9 100644
--- a/crypto/asymmetric_keys/x509_public_key.c
+++ b/crypto/asymmetric_keys/x509_public_key.c
@@ -177,6 +177,7 @@ static int x509_validate_trust(struct x509_certificate *cert,
if (!IS_ERR(key)) {
pk = key->payload.data;
ret = x509_check_signature(pk, cert);
+ key_put(key);
}
return ret;
}
@@ -237,7 +238,7 @@ static int x509_key_preparse(struct key_preparsed_payload *prep)
ret = x509_check_signature(cert->pub, cert); /* self-signed */
if (ret < 0)
goto error_free_cert;
- } else {
+ } else if (!prep->trusted) {
ret = x509_validate_trust(cert,
get_system_or_owner_trusted_keyring());
if (!ret)
--
1.9.1
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists