* [ptxdist] [PATCH] ptxd_lib_code_signing: Check for errors in cs_import_cert_from_pem()
@ 2022-10-25 8:59 Uwe Kleine-König
2022-11-11 14:31 ` [ptxdist] [APPLIED] " Michael Olbrich
0 siblings, 1 reply; 2+ messages in thread
From: Uwe Kleine-König @ 2022-10-25 8:59 UTC (permalink / raw)
To: ptxdist
cs_import_cert_from_pem() uses a pipe command to do the necessary
things. If the first command in that pipe fails the whole command should
be considered failing. So add a call to check_pipe_status as is done in
cs_import_privkey_from_pem().
Fixes: 8f41183e0afe ("Add initial code signing support")
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
---
scripts/lib/ptxd_lib_code_signing.sh | 1 +
1 file changed, 1 insertion(+)
diff --git a/scripts/lib/ptxd_lib_code_signing.sh b/scripts/lib/ptxd_lib_code_signing.sh
index 5ba1a4666af4..bafdc16544d3 100644
--- a/scripts/lib/ptxd_lib_code_signing.sh
+++ b/scripts/lib/ptxd_lib_code_signing.sh
@@ -213,6 +213,7 @@ cs_import_cert_from_pem() {
"${openssl_keyopt[@]}" \
-in "${pem}" -inform pem -outform der |
softhsm_pkcs11_tool --type cert --write-object /dev/stdin --label "${role}"
+ check_pipe_status
}
export -f cs_import_cert_from_pem
--
2.37.2
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [ptxdist] [APPLIED] ptxd_lib_code_signing: Check for errors in cs_import_cert_from_pem()
2022-10-25 8:59 [ptxdist] [PATCH] ptxd_lib_code_signing: Check for errors in cs_import_cert_from_pem() Uwe Kleine-König
@ 2022-11-11 14:31 ` Michael Olbrich
0 siblings, 0 replies; 2+ messages in thread
From: Michael Olbrich @ 2022-11-11 14:31 UTC (permalink / raw)
To: ptxdist; +Cc: Uwe Kleine-König
Thanks, applied as cdb645fbca7ac4b4752a2eb1223ba9baf29cb969.
Michael
[sent from post-receive hook]
On Fri, 11 Nov 2022 15:31:11 +0100, Uwe Kleine-König <u.kleine-koenig@pengutronix.de> wrote:
> cs_import_cert_from_pem() uses a pipe command to do the necessary
> things. If the first command in that pipe fails the whole command should
> be considered failing. So add a call to check_pipe_status as is done in
> cs_import_privkey_from_pem().
>
> Fixes: 8f41183e0afe ("Add initial code signing support")
> Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
> Message-Id: <20221025085921.986289-1-u.kleine-koenig@pengutronix.de>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
>
> diff --git a/scripts/lib/ptxd_lib_code_signing.sh b/scripts/lib/ptxd_lib_code_signing.sh
> index 5ba1a4666af4..bafdc16544d3 100644
> --- a/scripts/lib/ptxd_lib_code_signing.sh
> +++ b/scripts/lib/ptxd_lib_code_signing.sh
> @@ -213,6 +213,7 @@ cs_import_cert_from_pem() {
> "${openssl_keyopt[@]}" \
> -in "${pem}" -inform pem -outform der |
> softhsm_pkcs11_tool --type cert --write-object /dev/stdin --label "${role}"
> + check_pipe_status
> }
> export -f cs_import_cert_from_pem
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-11-11 14:32 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-10-25 8:59 [ptxdist] [PATCH] ptxd_lib_code_signing: Check for errors in cs_import_cert_from_pem() Uwe Kleine-König
2022-11-11 14:31 ` [ptxdist] [APPLIED] " Michael Olbrich
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox