diff options
author | Mauro Carvalho Chehab <mchehab@osg.samsung.com> | 2015-09-13 11:10:12 -0300 |
---|---|---|
committer | Mauro Carvalho Chehab <mchehab@osg.samsung.com> | 2015-09-13 11:10:12 -0300 |
commit | 64af4a27c71a2e29a1ea4f7ee1848dec09f146df (patch) | |
tree | 656970a5239e257a9a4ba5b333d8b547233c6b94 /crypto/asymmetric_keys/pkcs7_trust.c | |
parent | 2d361b75fadcca0a45fc1dccc96c3c74ce80dd6c (diff) | |
parent | fc4d0d2a1b069a231939ca4b01a3d003e77c723a (diff) | |
download | linux-crypto-64af4a27c71a2e29a1ea4f7ee1848dec09f146df.tar.gz linux-crypto-64af4a27c71a2e29a1ea4f7ee1848dec09f146df.zip |
Merge tag 'v4.3-rc1' into patchwork
Linux 4.3-rc1
* tag 'v4.3-rc1': (11838 commits)
Linux 4.3-rc1
blk: rq_data_dir() should not return a boolean
writeback: plug writeback in wb_writeback() and writeback_inodes_wb()
thermal: fix intel PCH thermal driver mismerge
ARCv2: [axs103_smp] Reduce clk for SMP FPGA configs
revert "ocfs2/dlm: use list_for_each_entry instead of list_for_each"
mm/early_ioremap: add explicit #include of asm/early_ioremap.h
fs/seq_file: convert int seq_vprint/seq_printf/etc... returns to void
selftests: enhance membarrier syscall test
selftests: add membarrier syscall test
sys_membarrier(): system-wide memory barrier (generic, x86)
MODSIGN: fix a compilation warning in extract-cert
Revert "writeback: plug writeback at a high level"
scsi_dh: fix randconfig build error
target: use stringify.h instead of own definition
target/user: Fix UFLAG_UNKNOWN_OP handling
target: Remove no-op conditional
target/user: Remove unused variable
target: Fix max_cmd_sn increment w/o cmdsn mutex regressions
target: Attach EXTENDED_COPY local I/O descriptors to xcopy_pt_sess
...
Diffstat (limited to 'crypto/asymmetric_keys/pkcs7_trust.c')
-rw-r--r-- | crypto/asymmetric_keys/pkcs7_trust.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/crypto/asymmetric_keys/pkcs7_trust.c b/crypto/asymmetric_keys/pkcs7_trust.c index 1d293760..90d6d479 100644 --- a/crypto/asymmetric_keys/pkcs7_trust.c +++ b/crypto/asymmetric_keys/pkcs7_trust.c @@ -54,7 +54,8 @@ static int pkcs7_validate_trust_one(struct pkcs7_message *pkcs7, /* Look to see if this certificate is present in the trusted * keys. */ - key = x509_request_asymmetric_key(trust_keyring, x509->id, + key = x509_request_asymmetric_key(trust_keyring, + x509->id, x509->skid, false); if (!IS_ERR(key)) { /* One of the X.509 certificates in the PKCS#7 message @@ -85,8 +86,10 @@ static int pkcs7_validate_trust_one(struct pkcs7_message *pkcs7, /* No match - see if the root certificate has a signer amongst the * trusted keys. */ - if (last && last->authority) { - key = x509_request_asymmetric_key(trust_keyring, last->authority, + if (last && (last->akid_id || last->akid_skid)) { + key = x509_request_asymmetric_key(trust_keyring, + last->akid_id, + last->akid_skid, false); if (!IS_ERR(key)) { x509 = last; @@ -103,6 +106,7 @@ static int pkcs7_validate_trust_one(struct pkcs7_message *pkcs7, */ key = x509_request_asymmetric_key(trust_keyring, sinfo->signing_cert_id, + NULL, false); if (!IS_ERR(key)) { pr_devel("sinfo %u: Direct signer is key %x\n", |