diff options
| author | Michael Brown | 2012-05-22 02:09:34 +0200 |
|---|---|---|
| committer | Michael Brown | 2012-05-22 02:13:43 +0200 |
| commit | 4fa1a2b4fe7f49b46c44fb3985984efd7dec212d (patch) | |
| tree | bc741636a3c4ddfab7fa6690effc3294b263d757 | |
| parent | [crypto] Require OCSP check if certificate provides an OCSP URI (diff) | |
| download | ipxe-4fa1a2b4fe7f49b46c44fb3985984efd7dec212d.tar.gz ipxe-4fa1a2b4fe7f49b46c44fb3985984efd7dec212d.tar.xz ipxe-4fa1a2b4fe7f49b46c44fb3985984efd7dec212d.zip | |
[crypto] Rename KEY= to PRIVKEY= and "key" to "privkey"
The setting name "key" conflicts with the setting name "key" already
in use by the 802.11 code. Resolve the conflict by renaming the newer
setting to "privkey".
Signed-off-by: Michael Brown <mcb30@ipxe.org>
| -rw-r--r-- | src/Makefile.housekeeping | 33 | ||||
| -rw-r--r-- | src/crypto/clientcert.c | 6 |
2 files changed, 21 insertions, 18 deletions
diff --git a/src/Makefile.housekeeping b/src/Makefile.housekeeping index d2b4ee38..9cfb8a3e 100644 --- a/src/Makefile.housekeeping +++ b/src/Makefile.housekeeping @@ -608,36 +608,39 @@ CFLAGS_clientcert += $(if $(CERT),-DCERTIFICATE="\"$(CERT_INC)\"") # (Single-element) list of client private keys # -KEY_LIST := $(BIN)/.private_key.list -ifeq ($(wildcard $(KEY_LIST)),) -KEY_OLD := <invalid> +ifdef KEY +PRIVKEY := $(KEY) # Maintain backwards compatibility +endif +PRIVKEY_LIST := $(BIN)/.private_key.list +ifeq ($(wildcard $(PRIVKEY_LIST)),) +PRIVKEY_OLD := <invalid> else -KEY_OLD := $(shell cat $(KEY_LIST)) +PRIVKEY_OLD := $(shell cat $(PRIVKEY_LIST)) endif -ifneq ($(KEY_OLD),$(KEY)) -$(shell $(ECHO) "$(KEY)" > $(KEY_LIST)) +ifneq ($(PRIVKEY_OLD),$(PRIVKEY)) +$(shell $(ECHO) "$(PRIVKEY)" > $(PRIVKEY_LIST)) endif -$(KEY_LIST) : +$(PRIVKEY_LIST) : -VERYCLEANUP += $(KEY_LIST) +VERYCLEANUP += $(PRIVKEY_LIST) # Embedded client private key # -KEY_INC := $(BIN)/.private_key.der +PRIVKEY_INC := $(BIN)/.private_key.der -ifdef KEY -$(KEY_INC) : $(KEY) $(KEY_LIST) +ifdef PRIVKEY +$(PRIVKEY_INC) : $(PRIVKEY) $(PRIVKEY_LIST) $(Q)$(OPENSSL) rsa -in $< -outform DER -out $@ -clientcert_DEPS += $(KEY_INC) +clientcert_DEPS += $(PRIVKEY_INC) endif -CLEANUP += $(KEY_INC) +CLEANUP += $(PRIVKEY_INC) -clientcert_DEPS += $(KEY_LIST) +clientcert_DEPS += $(PRIVKEY_LIST) -CFLAGS_clientcert += $(if $(KEY),-DPRIVATE_KEY="\"$(KEY_INC)\"") +CFLAGS_clientcert += $(if $(PRIVKEY),-DPRIVATE_KEY="\"$(PRIVKEY_INC)\"") # These files use .incbin inline assembly to include a binary file. # Unfortunately ccache does not detect this dependency and caches diff --git a/src/crypto/clientcert.c b/src/crypto/clientcert.c index 159a3f4e..01ab2e38 100644 --- a/src/crypto/clientcert.c +++ b/src/crypto/clientcert.c @@ -99,8 +99,8 @@ static struct setting cert_setting __setting ( SETTING_CRYPTO ) = { }; /** Client private key setting */ -static struct setting key_setting __setting ( SETTING_CRYPTO ) = { - .name = "key", +static struct setting privkey_setting __setting ( SETTING_CRYPTO ) = { + .name = "privkey", .description = "Client private key", .tag = DHCP_EB_KEY, .type = &setting_type_hex, @@ -146,7 +146,7 @@ static int clientcert_apply_settings ( void ) { /* Fetch new client private key, if any */ free ( key ); - len = fetch_setting_copy ( NULL, &key_setting, &key ); + len = fetch_setting_copy ( NULL, &privkey_setting, &key ); if ( len < 0 ) { rc = len; DBGC ( &client_certificate, "CLIENTCERT cannot fetch " |