All of lore.kernel.org
 help / color / mirror / Atom feed
From: David Howells <dhowells@redhat.com>
To: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: "Alexander A. Klimov" <grandmaster@al2klimov.de>,
	dhowells@redhat.com, keyrings@vger.kernel.org,
	linux-kernel@vger.kernel.org
Subject: [PATCH 09/18] encrypted-keys: Replace HTTP links with HTTPS ones
Date: Wed, 09 Dec 2020 12:15:33 +0000	[thread overview]
Message-ID: <160751613305.1238376.10058420900385575623.stgit@warthog.procyon.org.uk> (raw)
In-Reply-To: <160751606428.1238376.14935502103503420781.stgit@warthog.procyon.org.uk>

From: Alexander A. Klimov <grandmaster@al2klimov.de>

Rationale:
Reduces attack surface on kernel devs opening the links for MITM
as HTTPS traffic is much harder to manipulate.

Deterministic algorithm:
For each file:
  If not .svg:
    For each line:
      If doesn't contain `\bxmlns\b`:
        For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`:
	  If neither `\bgnu\.org/license`, nor `\bmozilla\.org/MPL\b`:
            If both the HTTP and HTTPS versions
            return 200 OK and serve the same content:
              Replace HTTP with HTTPS.

Signed-off-by: Alexander A. Klimov <grandmaster@al2klimov.de>
Signed-off-by: David Howells <dhowells@redhat.com>
---

 include/keys/encrypted-type.h |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/keys/encrypted-type.h b/include/keys/encrypted-type.h
index 38afb341c3f2..abfcbe02001a 100644
--- a/include/keys/encrypted-type.h
+++ b/include/keys/encrypted-type.h
@@ -2,7 +2,7 @@
 /*
  * Copyright (C) 2010 IBM Corporation
  * Copyright (C) 2010 Politecnico di Torino, Italy
- *                    TORSEC group -- http://security.polito.it
+ *                    TORSEC group -- https://security.polito.it
  *
  * Authors:
  * Mimi Zohar <zohar@us.ibm.com>



  parent reply	other threads:[~2020-12-09 12:20 UTC|newest]

Thread overview: 33+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-12-09 12:14 [PATCH 00/18] keys: Miscellaneous fixes David Howells
2020-12-09 12:14 ` [PATCH 01/18] security: keys: Fix fall-through warnings for Clang David Howells
2020-12-09 12:14 ` [PATCH 02/18] keys: Remove outdated __user annotations David Howells
2020-12-09 12:14 ` [PATCH 03/18] watch_queue: Drop references to /dev/watch_queue David Howells
2020-12-09 12:14 ` [PATCH 04/18] security/keys: use kvfree_sensitive() David Howells
2020-12-09 12:15 ` [PATCH 05/18] KEYS: asymmetric: Fix kerneldoc David Howells
2020-12-09 12:15 ` [PATCH 06/18] security: keys: delete repeated words in comments David Howells
2020-12-09 12:15 ` [PATCH 07/18] KEYS: remove redundant memset David Howells
2020-12-09 19:07   ` Ben Boeckel
2020-12-10  9:21   ` David Howells
2020-12-09 12:15 ` [PATCH 08/18] crypto: asymmetric_keys: fix some comments in pkcs7_parser.h David Howells
2020-12-09 12:15 ` David Howells [this message]
2020-12-09 12:15 ` [PATCH 10/18] PKCS#7: drop function from kernel-doc pkcs7_validate_trust_one David Howells
2020-12-09 12:15 ` [PATCH 11/18] crypto: pkcs7: Use match_string() helper to simplify the code David Howells
2020-12-09 12:15 ` [PATCH 12/18] keys: remove trailing semicolon in macro definition David Howells
2020-12-09 12:16 ` [PATCH 13/18] crypto: public_key: Remove redundant header file from public_key.h David Howells
2020-12-09 12:16 ` [PATCH 14/18] certs/blacklist: fix kernel doc interface issue David Howells
2020-12-09 12:16 ` [PATCH 15/18] certs: Fix blacklisted hexadecimal hash string check David Howells
2020-12-09 12:16 ` [PATCH 16/18] PKCS#7: Fix missing include David Howells
2020-12-09 12:16 ` [PATCH 17/18] certs: Fix blacklist flag type confusion David Howells
2020-12-09 12:16 ` [PATCH 18/18] certs: Replace K{U,G}IDT_INIT() with GLOBAL_ROOT_{U,G}ID David Howells
2020-12-09 19:12 ` [PATCH 00/18] keys: Miscellaneous fixes Ben Boeckel
2020-12-10  9:30 ` David Howells
2020-12-11  8:17 ` Jarkko Sakkinen
2020-12-11 10:51 ` Jarkko Sakkinen
2020-12-11 10:56   ` Jarkko Sakkinen
2021-02-18 16:24 ` [PATCH 17/18] certs: Fix blacklist flag type confusion David Howells
2021-02-18 19:30   ` Mickaël Salaün
2021-02-18 22:55   ` David Howells
2021-02-19  9:43     ` Mickaël Salaün
2021-02-19  9:31   ` Jarkko Sakkinen
2021-02-19  9:45   ` David Howells
2021-02-19  9:50     ` Mickaël Salaün

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=160751613305.1238376.10058420900385575623.stgit@warthog.procyon.org.uk \
    --to=dhowells@redhat.com \
    --cc=grandmaster@al2klimov.de \
    --cc=jarkko.sakkinen@linux.intel.com \
    --cc=keyrings@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --subject='Re: [PATCH 09/18] encrypted-keys: Replace HTTP links with HTTPS ones' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.