lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 03 Mar 2021 09:24:41 +0000
From:   David Howells <dhowells@...hat.com>
To:     Eric Snowberg <eric.snowberg@...cle.com>
Cc:     dhowells@...hat.com, rdunlap@...radead.org, dwmw2@...radead.org,
        keyrings@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] certs: Fix wrong kconfig option used for x509_revocation_list

Eric Snowberg <eric.snowberg@...cle.com> wrote:

> +ifeq ($(CONFIG_SYSTEM_REVOCATION_LIST),y)
> +obj-$(CONFIG_SYSTEM_BLACKLIST_KEYRING) += revocation_certificates.o
> +endif

Should the ifeq be referring to CONFIG_SYSTEM_REVOCATION_KEYS rather than
CONFIG_SYSTEM_REVOCATION_LIST?  In fact, since S_R_K depends indirectly on
S_B_K, you should be able to just do:

	+obj-$(CONFIG_SYSTEM_REVOCATION_KEYS) += revocation_certificates.o

> +#ifdef CONFIG_SYSTEM_REVOCATION_LIST

Here also?

> + hostprogs-always-$(CONFIG_SYSTEM_BLACKLIST_KEYRING)   += extract-cert

And here too?

(As an aside, I wonder if SYSTEM_REVOCATION_CERTS would be a better name, but
I'm okay with leaving it as-is for now).

David

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ