lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 10 Mar 2021 17:04:02 -0700
From:   Eric Snowberg <eric.snowberg@...cle.com>
To:     Jarkko Sakkinen <jarkko@...nel.org>
Cc:     Randy Dunlap <rdunlap@...radead.org>,
        David Howells <dhowells@...hat.com>, nathan@...nel.org,
        dwmw2@...radead.org, keyrings@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] certs: Fix wrong kconfig option used for
 x509_revocation_list


> On Mar 10, 2021, at 12:43 PM, Jarkko Sakkinen <jarkko@...nel.org> wrote:
> 
> On Thu, Mar 04, 2021 at 12:50:30PM -0500, Eric Snowberg wrote:
>> Fix a build issue when x509_revocation_list is not defined.
>> 
>> $ make ARCH=x86_64 O=build64 all
>> 
>> EXTRACT_CERTS   ../
>> At main.c:154:
>> - SSL error:0909006C:PEM routines:get_name:no start line: crypto/pem/pem_lib.c:745
>> extract-cert: ../: Is a directory
>> make[2]: [../certs/Makefile:119: certs/x509_revocation_list] Error 1 (ignored)
>> 
>> When the new CONFIG_SYSTEM_REVOCATION_LIST was added [1], it was not carried
>> into the code for preloading the revocation certificates [2].  Change from
>> using the original CONFIG_SYSTEM_BLACKLIST_KEYRING  to the new
>> CONFIG_SYSTEM_REVOCATION_LIST.
>> 
>> [1] https://lore.kernel.org/keyrings/EDA280F9-F72D-4181-93C7-CDBE95976FF7@oracle.com/T/#m562c1b27bf402190e7bb573ad20eff5b6310d08f
>> [2] https://lore.kernel.org/keyrings/EDA280F9-F72D-4181-93C7-CDBE95976FF7@oracle.com/T/#m07e258bf019ccbac23820fad5192ceffa74fc6ab
>> 
>> Reported-by: Randy Dunlap <rdunlap@...radead.org>
>> Signed-off-by: Eric Snowberg <eric.snowberg@...cle.com>
> 
> Got my first ever chance to try out b4:
> 
> $ b4 am 20210304175030.184131-1-eric.snowberg@...cle.com
> Looking up https://lore.kernel.org/r/20210304175030.184131-1-eric.snowberg%40oracle.com
> Grabbing thread from lore.kernel.org/keyrings
> Analyzing 5 messages in the thread
> ---
> Writing ./v2_20210304_eric_snowberg_certs_fix_wrong_kconfig_option_used_for_x509_revocation_list.mbx
>  ✓ [PATCH v2] certs: Fix wrong kconfig option used for x509_revocation_list
>    + Tested-by: Nathan Chancellor <nathan@...nel.org> (✓ DKIM/kernel.org)
>  ---
>  ✓ Attestation-by: DKIM/oracle.com (From: eric.snowberg@...cle.com)
> ---
> Total patches: 1
> ---
> Link: https://lore.kernel.org/r/20210304175030.184131-1-eric.snowberg@oracle.com
> Base: not found
>       git am ./v2_20210304_eric_snowberg_certs_fix_wrong_kconfig_option_used_for_x509_revocation_list.mbx
> 
> Wondering tho, what "Base: not found" means?

This was based off David’s keys-next branch, which I think has now
changed.  I probably should have sent this with the following base-commit:

base-commit: ea20ea8b8ba4d475ebc79da63350850780933a81

I’ll try to remember to make sure to have the base-commit added in
the future.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ