summaryrefslogtreecommitdiffstats
path: root/certs/extract-cert.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3Jan Stancek2024-09-201-30/+73
| | | | | | | | | | | | | | | | | | | ENGINE API has been deprecated since OpenSSL version 3.0 [1]. Distros have started dropping support from headers and in future it will likely disappear also from library. It has been superseded by the PROVIDER API, so use it instead for OPENSSL MAJOR >= 3. [1] https://github.com/openssl/openssl/blob/master/README-ENGINES.md [jarkko: fixed up alignment issues reported by checkpatch.pl --strict] Signed-off-by: Jan Stancek <jstancek@redhat.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Tested-by: R Nageswara Sastry <rnsastry@linux.ibm.com> Reviewed-by: Neal Gompa <neal@gompa.dev> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
* sign-file,extract-cert: avoid using deprecated ERR_get_error_line()Jan Stancek2024-09-201-2/+2
| | | | | | | | | | | | | | ERR_get_error_line() is deprecated since OpenSSL 3.0. Use ERR_peek_error_line() instead, and combine display_openssl_errors() and drain_openssl_errors() to a single function where parameter decides if it should consume errors silently. Signed-off-by: Jan Stancek <jstancek@redhat.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Tested-by: R Nageswara Sastry <rnsastry@linux.ibm.com> Reviewed-by: Neal Gompa <neal@gompa.dev> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
* sign-file,extract-cert: move common SSL helper functions to a headerJan Stancek2024-09-201-35/+2
| | | | | | | | | | | Couple error handling helpers are repeated in both tools, so move them to a common header. Signed-off-by: Jan Stancek <jstancek@redhat.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Tested-by: R Nageswara Sastry <rnsastry@linux.ibm.com> Reviewed-by: Neal Gompa <neal@gompa.dev> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
* kbuild: do not print extra logs for V=2Masahiro Yamada2023-01-221-3/+6
| | | | | | | | | | | Some scripts increase the verbose level when V=1, but others when not V=0. I think the former is correct because V=2 is not a log level but a switch to print the reason for rebuilding. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org> Reviewed-by: Nicolas Schier <nicolas@fjasle.eu>
* cert host tools: Stop complaining about deprecated OpenSSL functionsLinus Torvalds2022-06-081-0/+7
| | | | | | | | OpenSSL 3.0 deprecated the OpenSSL's ENGINE API. That is as may be, but the kernel build host tools still use it. Disable the warning about deprecated declarations until somebody who cares fixes it. Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* certs: move scripts/extract-cert to certs/Masahiro Yamada2022-01-081-0/+162
extract-cert is only used in certs/Makefile. Move it there and build extract-cert on demand. Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-02 03:51:46 +0100