| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <77085577-01EB-48F5-868B-E7A1813363A1@oracle.com>
Date: Mon, 8 Mar 2021 19:28:37 -0700
From: Eric Snowberg <eric.snowberg@...cle.com>
To: David Howells <dhowells@...hat.com>
Cc: Randy Dunlap <rdunlap@...radead.org>,
Jarkko Sakkinen <jarkko@...nel.org>, nathan@...nel.org,
David Woodhouse <dwmw2@...radead.org>,
keyrings@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] certs: Fix wrong kconfig option used for
x509_revocation_list
> On Mar 5, 2021, at 2:50 PM, David Howells <dhowells@...hat.com> wrote:
>
> Eric Snowberg <eric.snowberg@...cle.com> wrote:
>
>> @@ -11,7 +11,7 @@ hostprogs-always-$(CONFIG_ASN1) += asn1_compiler
>> hostprogs-always-$(CONFIG_MODULE_SIG_FORMAT) += sign-file
>> hostprogs-always-$(CONFIG_SYSTEM_TRUSTED_KEYRING) += extract-cert
>> hostprogs-always-$(CONFIG_SYSTEM_EXTRA_CERTIFICATE) += insert-sys-cert
>> - hostprogs-always-$(CONFIG_SYSTEM_BLACKLIST_KEYRING) += extract-cert
>> +hostprogs-always-$(CONFIG_SYSTEM_REVOCATION_LIST) += extract-cert
>
> Hmmm... We have extract-cert listed twice. Does that matter, I wonder?
Isn’t this necessary, since one could build with either
CONFIG_SYSTEM_REVOCATION_LIST or CONFIG_SYSTEM_TRUSTED_KEYRING, without
the other being defined?
Powered by blists - more mailing lists