From: Jarkko Sakkinen <jarkko@kernel.org> To: keyrings@vger.kernel.org Subject: Re: [RESEND][PATCH] keys: Update comment for restrict_link_by_key_or_keyring_chain Date: Sun, 18 Oct 2020 20:25:26 +0000 [thread overview] Message-ID: <20201018202526.GB574776@kapsi.fi> (raw) In-Reply-To: <20200504090800.129593-1-andrew.zaborowski@intel.com> On Tue, Oct 13, 2020 at 03:39:39PM +0200, Andrew Zaborowski wrote: > Add the bit of information that makes > restrict_link_by_key_or_keyring_chain different from > restrict_link_by_key_or_keyring to the inline docs comment. > > Signed-off-by: Andrew Zaborowski <andrew.zaborowski@intel.com> Acked-by: Jarkko Sakkinen <jarkko@kernel.org> > --- > crypto/asymmetric_keys/restrict.c | 7 ++++--- > 1 file changed, 4 insertions(+), 3 deletions(-) > > diff --git a/crypto/asymmetric_keys/restrict.c b/crypto/asymmetric_keys/restrict.c > index 77ebebada29..84cefe3b358 100644 > --- a/crypto/asymmetric_keys/restrict.c > +++ b/crypto/asymmetric_keys/restrict.c > @@ -244,9 +244,10 @@ int restrict_link_by_key_or_keyring(struct key *dest_keyring, > * @payload: The payload of the new key. > * @trusted: A key or ring of keys that can be used to vouch for the new cert. > * > - * Check the new certificate only against the key or keys passed in the data > - * parameter. If one of those is the signing key and validates the new > - * certificate, then mark the new certificate as being ok to link. > + * Check the new certificate against the key or keys passed in the data > + * parameter and against the keys already linked to the destination keyring. If > + * one of those is the signing key and validates the new certificate, then mark > + * the new certificate as being ok to link. > * > * Returns 0 if the new certificate was accepted, -ENOKEY if we > * couldn't find a matching parent certificate in the trusted list, > -- > 2.20.1 > > /Jarkko
WARNING: multiple messages have this Message-ID (diff)
From: Jarkko Sakkinen <jarkko@kernel.org> To: Andrew Zaborowski <andrew.zaborowski@intel.com> Cc: keyrings@vger.kernel.org, dhowells@redhat.com Subject: Re: [RESEND][PATCH] keys: Update comment for restrict_link_by_key_or_keyring_chain Date: Sun, 18 Oct 2020 23:25:26 +0300 [thread overview] Message-ID: <20201018202526.GB574776@kapsi.fi> (raw) Message-ID: <20201018202526.GFKasrgXJ8wXMvJZKzuQpBWpCeoFTpooEeofcV5CPjk@z> (raw) In-Reply-To: <20201013133939.1182462-2-andrew.zaborowski@intel.com> On Tue, Oct 13, 2020 at 03:39:39PM +0200, Andrew Zaborowski wrote: > Add the bit of information that makes > restrict_link_by_key_or_keyring_chain different from > restrict_link_by_key_or_keyring to the inline docs comment. > > Signed-off-by: Andrew Zaborowski <andrew.zaborowski@intel.com> Acked-by: Jarkko Sakkinen <jarkko@kernel.org> > --- > crypto/asymmetric_keys/restrict.c | 7 ++++--- > 1 file changed, 4 insertions(+), 3 deletions(-) > > diff --git a/crypto/asymmetric_keys/restrict.c b/crypto/asymmetric_keys/restrict.c > index 77ebebada29..84cefe3b358 100644 > --- a/crypto/asymmetric_keys/restrict.c > +++ b/crypto/asymmetric_keys/restrict.c > @@ -244,9 +244,10 @@ int restrict_link_by_key_or_keyring(struct key *dest_keyring, > * @payload: The payload of the new key. > * @trusted: A key or ring of keys that can be used to vouch for the new cert. > * > - * Check the new certificate only against the key or keys passed in the data > - * parameter. If one of those is the signing key and validates the new > - * certificate, then mark the new certificate as being ok to link. > + * Check the new certificate against the key or keys passed in the data > + * parameter and against the keys already linked to the destination keyring. If > + * one of those is the signing key and validates the new certificate, then mark > + * the new certificate as being ok to link. > * > * Returns 0 if the new certificate was accepted, -ENOKEY if we > * couldn't find a matching parent certificate in the trusted list, > -- > 2.20.1 > > /Jarkko
next prev parent reply other threads:[~2020-10-18 20:25 UTC|newest] Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-05-04 9:08 [RESEND][PATCH] keys: Update comment for restrict_link_by_key_or_keyring_chain Andrew Zaborowski 2020-10-18 20:25 ` Jarkko Sakkinen [this message] 2020-10-18 20:25 ` Jarkko Sakkinen -- strict thread matches above, loose matches on Subject: below -- 2018-05-05 6:01 [RESEND][PATCH] KEYS: Handle missing Authority Key Identifier x509 extension Andrew Zaborowski 2018-08-18 0:11 ` Andrew Zaborowski 2018-10-19 22:13 ` Andrew Zaborowski 2019-02-08 14:35 ` Andrew Zaborowski 2020-04-07 0:25 ` [RESEND][PATCH] keys: Handle missing Authority Key Identifier X509 extension Andrew Zaborowski 2020-05-04 8:51 ` Andrew Zaborowski 2020-06-25 22:10 ` Andrew Zaborowski 2020-06-25 22:10 ` [RESEND][PATCH] keys: Update comment for restrict_link_by_key_or_keyring_chain Andrew Zaborowski 2020-07-29 23:49 ` [RESEND][PATCH] keys: Handle missing Authority Key Identifier X509 extension Andrew Zaborowski 2020-07-29 23:50 ` [RESEND][PATCH] keys: Update comment for restrict_link_by_key_or_keyring_chain Andrew Zaborowski 2020-09-07 10:39 ` [RESEND][PATCH] keys: Handle missing Authority Key Identifier X509 extension Andrew Zaborowski 2020-09-07 10:39 ` [RESEND][PATCH] keys: Update comment for restrict_link_by_key_or_keyring_chain Andrew Zaborowski 2020-10-13 13:39 ` [RESEND][PATCH] keys: Handle missing Authority Key Identifier X509 extension Andrew Zaborowski 2020-10-13 13:39 ` [RESEND][PATCH] keys: Update comment for restrict_link_by_key_or_keyring_chain Andrew Zaborowski 2020-10-18 20:22 ` [RESEND][PATCH] keys: Handle missing Authority Key Identifier X509 extension Jarkko Sakkinen 2020-10-18 20:22 ` Jarkko Sakkinen
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20201018202526.GB574776@kapsi.fi \ --to=jarkko@kernel.org \ --cc=keyrings@vger.kernel.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.