[crypto] Rename KEY= to PRIVKEY= and "key" to "privkey"
The setting name "key" conflicts with the setting name "key" already in use by the 802.11 code. Resolve the conflict by renaming the newer setting to "privkey". Signed-off-by: Michael Brown <mcb30@ipxe.org>
This commit is contained in:
Michael Brown
parent
7fa1f41f7d
commit
4fa1a2b4fe
@ -608,36 +608,39 @@ CFLAGS_clientcert += $(if $(CERT),-DCERTIFICATE="\"$(CERT_INC)\"")
|
||||
|
||||
# (Single-element) list of client private keys
|
||||
#
|
||||
KEY_LIST := $(BIN)/.private_key.list
|
||||
ifeq ($(wildcard $(KEY_LIST)),)
|
||||
KEY_OLD := <invalid>
|
||||
ifdef KEY
|
||||
PRIVKEY := $(KEY) # Maintain backwards compatibility
|
||||
endif
|
||||
PRIVKEY_LIST := $(BIN)/.private_key.list
|
||||
ifeq ($(wildcard $(PRIVKEY_LIST)),)
|
||||
PRIVKEY_OLD := <invalid>
|
||||
else
|
||||
KEY_OLD := $(shell cat $(KEY_LIST))
|
||||
PRIVKEY_OLD := $(shell cat $(PRIVKEY_LIST))
|
||||
endif
|
||||
ifneq ($(KEY_OLD),$(KEY))
|
||||
$(shell $(ECHO) "$(KEY)" > $(KEY_LIST))
|
||||
ifneq ($(PRIVKEY_OLD),$(PRIVKEY))
|
||||
$(shell $(ECHO) "$(PRIVKEY)" > $(PRIVKEY_LIST))
|
||||
endif
|
||||
|
||||
$(KEY_LIST) :
|
||||
$(PRIVKEY_LIST) :
|
||||
|
||||
VERYCLEANUP += $(KEY_LIST)
|
||||
VERYCLEANUP += $(PRIVKEY_LIST)
|
||||
|
||||
# Embedded client private key
|
||||
#
|
||||
KEY_INC := $(BIN)/.private_key.der
|
||||
PRIVKEY_INC := $(BIN)/.private_key.der
|
||||
|
||||
ifdef KEY
|
||||
$(KEY_INC) : $(KEY) $(KEY_LIST)
|
||||
ifdef PRIVKEY
|
||||
$(PRIVKEY_INC) : $(PRIVKEY) $(PRIVKEY_LIST)
|
||||
$(Q)$(OPENSSL) rsa -in $< -outform DER -out $@
|
||||
|
||||
clientcert_DEPS += $(KEY_INC)
|
||||
clientcert_DEPS += $(PRIVKEY_INC)
|
||||
endif
|
||||
|
||||
CLEANUP += $(KEY_INC)
|
||||
CLEANUP += $(PRIVKEY_INC)
|
||||
|
||||
clientcert_DEPS += $(KEY_LIST)
|
||||
clientcert_DEPS += $(PRIVKEY_LIST)
|
||||
|
||||
CFLAGS_clientcert += $(if $(KEY),-DPRIVATE_KEY="\"$(KEY_INC)\"")
|
||||
CFLAGS_clientcert += $(if $(PRIVKEY),-DPRIVATE_KEY="\"$(PRIVKEY_INC)\"")
|
||||
|
||||
# These files use .incbin inline assembly to include a binary file.
|
||||
# Unfortunately ccache does not detect this dependency and caches
|
||||
|
||||
@ -99,8 +99,8 @@ static struct setting cert_setting __setting ( SETTING_CRYPTO ) = {
|
||||
};
|
||||
|
||||
/** Client private key setting */
|
||||
static struct setting key_setting __setting ( SETTING_CRYPTO ) = {
|
||||
.name = "key",
|
||||
static struct setting privkey_setting __setting ( SETTING_CRYPTO ) = {
|
||||
.name = "privkey",
|
||||
.description = "Client private key",
|
||||
.tag = DHCP_EB_KEY,
|
||||
.type = &setting_type_hex,
|
||||
@ -146,7 +146,7 @@ static int clientcert_apply_settings ( void ) {
|
||||
|
||||
/* Fetch new client private key, if any */
|
||||
free ( key );
|
||||
len = fetch_setting_copy ( NULL, &key_setting, &key );
|
||||
len = fetch_setting_copy ( NULL, &privkey_setting, &key );
|
||||
if ( len < 0 ) {
|
||||
rc = len;
|
||||
DBGC ( &client_certificate, "CLIENTCERT cannot fetch "
|
||||
|
||||
Reference in New Issue
Block a user