| Message ID | 1507652749-9860-1-git-send-email-sbabic@denx.de |
|---|---|
| State | Accepted |
| Headers | show
Return-Path: <swupdate+bncBAABBIPJ6PHAKGQEEFWQWJY@googlegroups.com> X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=googlegroups.com (client-ip=2a00:1450:400c:c09::240; helo=mail-wm0-x240.google.com; envelope-from=swupdate+bncbaabbipj6phakgqeefwqwjy@googlegroups.com; receiver=<UNKNOWN>) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=googlegroups.com header.i=@googlegroups.com header.b="HOBh77eL"; dkim-atps=neutral Received: from mail-wm0-x240.google.com (mail-wm0-x240.google.com [IPv6:2a00:1450:400c:c09::240]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3yBMtc3WqZz9tYR for <incoming@patchwork.ozlabs.org>; Wed, 11 Oct 2017 03:26:15 +1100 (AEDT) Received: by mail-wm0-x240.google.com with SMTP id u78sf5786847wmd.13 for <incoming@patchwork.ozlabs.org>; Tue, 10 Oct 2017 09:26:15 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1507652771; cv=pass; d=google.com; s=arc-20160816; b=tfEmbOgL3vuErhAvwID105OtH01jebp144dczVTn7W7hoFYzScQoN5XVFkbpbU0Ylq 1vQMCvGQIZeSfsLcrxGj9egX+xT94/Zepcuvg4+vjLzQecqnSP98dvuBMW5VoA71QUln Z5/MXZUFmHDMgv1H09WLM6qCF25zrSJKj8GIOR3FrglXYyAlqMKYPcn1oFa4bH38Olf8 iKKNlv2bSFz5waZ3m5Q6cJCADqDyAkNkgujS7Ym8Dn6U+lv+MfA7xD9algeTuTV2lMgo K65zeiexnqKz24SjPbaFgRj4O1NjprIEY74Bir2Sl5jMvUlKsxo5BtUS32IrWEJNiNEX 2WkA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:message-id:date:subject:cc:to:from :arc-authentication-results:arc-message-signature:mime-version :sender:dkim-signature:arc-authentication-results; bh=vCnrzRXSR2h/uRLTR92aIR5X1NdkHRw7VYvdQI5YK3s=; b=AI0EQgVx0sJUhzZTSb1gYfe2vkUsv9AkHkOV/ZeBF1zYfOsbNYyu6bjkfURr/Wjvbo iyr3WRAXb01IDCyEtPMPyGWEV10LxFIxEoOu6jvJSzt88wCY/30Frnby/0XDtsa3bXKK BGX/zg3D4AxTBMNXPoyKD+61S9P1SeGPn3eefO5qxta8D7Ik0CV80xK2/q2AABmy87Rf A4ZynNcTYaUxJ3G6+gqNyME1I/03w7hjH27xsBmrcPpErKccb+ygQPCH8hgyzUAZmKn9 fPMcdDS62Pzj2+jT7Wtb14bxq+JsIrBl8ZPfo1q6+U4tqsRmVET22ivYe/OR90+QWMqC /8lg== ARC-Authentication-Results: i=2; gmr-mx.google.com; spf=neutral (google.com: 212.18.0.10 is neither permitted nor denied by best guess record for domain of sbabic@denx.de) smtp.mailfrom=sbabic@denx.de DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20161025; h=sender:mime-version:from:to:cc:subject:date:message-id :x-original-sender:x-original-authentication-results:precedence :mailing-list:list-id:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=vCnrzRXSR2h/uRLTR92aIR5X1NdkHRw7VYvdQI5YK3s=; b=HOBh77eLg8opIaiP3vwQAot0BJLyrRPL2D0tuVbdxOOJzdDtZInVAi5rA0DCe+9tmj fg9BH2vQCPD1WCZro3fOSBpQIb2zqDs0fTlWizBQPmUdfSnHy2+mHbTGEkEmrDz21MPL ATDfvcfPQxg9f/pHnayUCAjNBaazX3o3rno2iuB9TLHMpxx+Df4Y0N0ENhz4cmwSHrja 8z1cKcJqpZeB6qpZW0+389LpFx8ukzJDGQKsF7Q38HdRqDNKOkdVu+T3D1U+I8bk/io0 lhIC1MTRSsBfmk4bEsg+pNDiI3ixyl+e6wYhwBVBARe7jccA2/l7aChXzxT9nRFACVf0 KXSQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=sender:x-gm-message-state:mime-version:from:to:cc:subject:date :message-id:x-original-sender:x-original-authentication-results :precedence:mailing-list:list-id:x-spam-checked-in-group:list-post :list-help:list-archive:list-subscribe:list-unsubscribe; bh=vCnrzRXSR2h/uRLTR92aIR5X1NdkHRw7VYvdQI5YK3s=; b=c2WjfTfy1OFV+vbvndudpaQal2Ikim2zz+cukaaCUSSvzp3oQiBCSNdex0ZdDvSxGe YSAxeJm3OAt2S9uuVYGCb96ZcYjVWwTL6y5pQTgRkDtR0JxCzX80IuOPEzbFgOYAqWff yxJX8VJymMoIZWeAWI+2CV5qQ09hg0JbUTQiVFVVgRenT8YOQX+zkKENWFky4AIZ5UaZ XAWhyJ2dDxbNqxNy7j+wujlRW/wwYchqBjEPtXy00zKK0tPZE3+T1nRKicsKkN4A7jxe 82L/lwSjJfvuSCTSU4b90TE0g2NCqC7+LXrPxHTgG5/vBQPCtaoHUZMoZ0odw2cgyDWW EL/A== Sender: swupdate@googlegroups.com X-Gm-Message-State: AMCzsaWn0PlyZm+Cq0fa4/1/VtZeaVUvbDhD4vjtITtGctAdx/nLhjCu Jxl78brHcuyuPlRVufZX+G0= X-Google-Smtp-Source: AOwi7QDo4y5511JtDB0j6GCUeKKcjwzwbzH0GUjSjVP/gd3QRsL/wy9WAV4pMJ3lKkfS3EkSZo4FKw== X-Received: by 10.28.45.205 with SMTP id t196mr41300wmt.20.1507652771305; Tue, 10 Oct 2017 09:26:11 -0700 (PDT) MIME-Version: 1.0 X-BeenThere: swupdate@googlegroups.com Received: by 10.28.168.14 with SMTP id r14ls895663wme.3.canary-gmail; Tue, 10 Oct 2017 09:26:09 -0700 (PDT) X-Received: by 10.28.21.65 with SMTP id 62mr1678174wmv.22.1507652769297; Tue, 10 Oct 2017 09:26:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1507652769; cv=none; d=google.com; s=arc-20160816; b=XqK6ZpAFbhUMjuYjPrqHgbTlWJ+F5+KcNUY1KdWXdDIPkRpyVxwKEsxJPKqVgFyTcg w+9ElvbmOcNs652Imll29JrvDvteoViBuQmiy0geG8olaHBm+kP8oS20kxg0tXZ32c2S WgSnWtuOzrLEfIsPm5AHYHs7erQJDC3zDzwDejdlMwYhPDwceQz+SIhLdIRBRxEJJ0Cn 2sPcm6eyBpAaY+17VPFxKsoZBKUYNoKKQoK3GrCRj/H/OpAFx5hB7uPjInMjFdGeruEV wuKPR1UgXwJ0aYKYbXWbh0mKDXulzH/qTtN4iN3acUFIRBAFxZNEaJoRPEnj5BBshPng FmPQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=message-id:date:subject:cc:to:from:arc-authentication-results; bh=0DREyu6yrHl0TRLVXfo4SEMw7wen1bbOUcAtQH8A0Gc=; b=nRJS6HUh3qV0dzM8Smu/wuGzcBgZsqHSCypY/y9jhKycUJCVgB0ZxSsrTfhPvOlhBt f3jmXwblgVSgK4ZI7xp6+4oH7t/miVdp//zoS126u8TWkj2F7r/2Y1XeB2spG+tGCCvz kHrxcMqW5nm9fAsZFkQGB1RHtIp+zO+jsz300JizPdoM+5gb8GzajxtGMfzQWQrr5uFR F2mo3TzLxMcO9oSzmfAG8znrD8ghNeeTFeeot3GYFD4a5T2yz2ruyQhoiCNdQrL1j9Wu sW/muvZAl5aoQlN/WmCaUvfRxoQ09m8CeQCiKjR9kIDRvebZm1nu4ei5c2bqdl4S73ST dMSA== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=neutral (google.com: 212.18.0.10 is neither permitted nor denied by best guess record for domain of sbabic@denx.de) smtp.mailfrom=sbabic@denx.de Received: from mail-out.m-online.net (mail-out.m-online.net. [212.18.0.10]) by gmr-mx.google.com with ESMTPS id p137si1095360wmd.4.2017.10.10.09.26.09 for <swupdate@googlegroups.com> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 10 Oct 2017 09:26:09 -0700 (PDT) Received-SPF: neutral (google.com: 212.18.0.10 is neither permitted nor denied by best guess record for domain of sbabic@denx.de) client-ip=212.18.0.10; Received: from frontend01.mail.m-online.net (unknown [192.168.8.182]) by mail-out.m-online.net (Postfix) with ESMTP id 3yBMtT0Lcjz1rZJd; Tue, 10 Oct 2017 18:26:09 +0200 (CEST) Received: from localhost (dynscan1.mnet-online.de [192.168.6.70]) by mail.m-online.net (Postfix) with ESMTP id 3yBMtT0171z1qySs; Tue, 10 Oct 2017 18:26:08 +0200 (CEST) X-Virus-Scanned: amavisd-new at mnet-online.de Received: from mail.mnet-online.de ([192.168.8.182]) by localhost (dynscan1.mail.m-online.net [192.168.6.70]) (amavisd-new, port 10024) with ESMTP id wiSPtMVAvS4B; Tue, 10 Oct 2017 18:26:03 +0200 (CEST) Received: from babic.homelinux.org (host-88-217-136-221.customer.m-online.net [88.217.136.221]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.mnet-online.de (Postfix) with ESMTPS; Tue, 10 Oct 2017 18:26:03 +0200 (CEST) Received: from localhost (mail.babic.homelinux.org [127.0.0.1]) by babic.homelinux.org (Postfix) with ESMTP id 0929945404DD; Tue, 10 Oct 2017 18:26:03 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at babic.homelinux.org Received: from babic.homelinux.org ([127.0.0.1]) by localhost (mail.babic.homelinux.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YnZnWOM_Uvf2; Tue, 10 Oct 2017 18:26:00 +0200 (CEST) Received: from papero.fritz.box (papero.fritz.box [192.168.178.132]) by babic.homelinux.org (Postfix) with ESMTP id 9204E454042E; Tue, 10 Oct 2017 18:26:00 +0200 (CEST) From: Stefano Babic <sbabic@denx.de> To: swupdate@googlegroups.com Cc: Stefano Babic <sbabic@denx.de>, Lars Lockenvitz <Lars.Lockenvitz@smartray.de> Subject: [swupdate] [PATCH] Fix usage of CONFIG_CMS_IGNORE_EXPIRED_CERTIFICATE Date: Tue, 10 Oct 2017 18:25:49 +0200 Message-Id: <1507652749-9860-1-git-send-email-sbabic@denx.de> X-Mailer: git-send-email 2.7.4 X-Original-Sender: sbabic@denx.de X-Original-Authentication-Results: gmr-mx.google.com; spf=neutral (google.com: 212.18.0.10 is neither permitted nor denied by best guess record for domain of sbabic@denx.de) smtp.mailfrom=sbabic@denx.de Content-Type: text/plain; charset="UTF-8" Precedence: list Mailing-list: list swupdate@googlegroups.com; contact swupdate+owners@googlegroups.com List-ID: <swupdate.googlegroups.com> X-Spam-Checked-In-Group: swupdate@googlegroups.com X-Google-Group-Id: 605343134186 List-Post: <https://groups.google.com/group/swupdate/post>, <mailto:swupdate@googlegroups.com> List-Help: <https://groups.google.com/support/>, <mailto:swupdate+help@googlegroups.com> List-Archive: <https://groups.google.com/group/swupdate List-Subscribe: <https://groups.google.com/group/swupdate/subscribe>, <mailto:swupdate+subscribe@googlegroups.com> List-Unsubscribe: <mailto:googlegroups-manage+605343134186+unsubscribe@googlegroups.com>, <https://groups.google.com/group/swupdate/subscribe> |
| Series |
Fix usage of CONFIG_CMS_IGNORE_EXPIRED_CERTIFICATE
|
expand
|
diff --git a/corelib/verify_signature.c b/corelib/verify_signature.c index 3e50061..0596578 100644 --- a/corelib/verify_signature.c +++ b/corelib/verify_signature.c @@ -212,7 +212,7 @@ static int cms_verify_callback(int ok, X509_STORE_CTX *ctx) { if (!ok) { switch (cert_error) { -#if defined(CONFIG_CMS_IGNORE_CERTIFICATE_PURPOSE) +#if defined(CONFIG_CMS_IGNORE_EXPIRED_CERTIFICATE) case X509_V_ERR_CERT_HAS_EXPIRED: case X509_V_ERR_CERT_NOT_YET_VALID: ok = 1;
Commit 764de5e69d2cc47df0adbc047ebe8714b1b9ed6b introduces a way to disable if a certificate is elapsed. However, CONFIG_CMS_IGNORE_CERTIFICATE_PURPOSE was used instead. Signed-off-by: Stefano Babic <sbabic@denx.de> Reported-by: Lars Lockenvitz <Lars.Lockenvitz@smartray.de> CC: Lars Lockenvitz <Lars.Lockenvitz@smartray.de> --- corelib/verify_signature.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)