From: Andrew Zaborowski <andrew.zaborowski@intel.com>
To: keyrings@vger.kernel.org
Subject: [RESEND][PATCH] keys: Update comment for restrict_link_by_key_or_keyring_chain
Date: Tue, 13 Oct 2020 13:39:39 +0000 [thread overview]
Message-ID: <20201013133939.1182462-2-andrew.zaborowski@intel.com> (raw)
In-Reply-To: <20201013133939.1182462-1-andrew.zaborowski@intel.com>
Add the bit of information that makes
restrict_link_by_key_or_keyring_chain different from
restrict_link_by_key_or_keyring to the inline docs comment.
Signed-off-by: Andrew Zaborowski <andrew.zaborowski@intel.com>
---
crypto/asymmetric_keys/restrict.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/crypto/asymmetric_keys/restrict.c b/crypto/asymmetric_keys/restrict.c
index 77ebebada29..84cefe3b358 100644
--- a/crypto/asymmetric_keys/restrict.c
+++ b/crypto/asymmetric_keys/restrict.c
@@ -244,9 +244,10 @@ int restrict_link_by_key_or_keyring(struct key *dest_keyring,
* @payload: The payload of the new key.
* @trusted: A key or ring of keys that can be used to vouch for the new cert.
*
- * Check the new certificate only against the key or keys passed in the data
- * parameter. If one of those is the signing key and validates the new
- * certificate, then mark the new certificate as being ok to link.
+ * Check the new certificate against the key or keys passed in the data
+ * parameter and against the keys already linked to the destination keyring. If
+ * one of those is the signing key and validates the new certificate, then mark
+ * the new certificate as being ok to link.
*
* Returns 0 if the new certificate was accepted, -ENOKEY if we
* couldn't find a matching parent certificate in the trusted list,
--
2.20.1
next prev parent reply other threads:[~2020-10-13 13:39 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-05 6:01 [RESEND][PATCH] KEYS: Handle missing Authority Key Identifier x509 extension Andrew Zaborowski
2018-08-18 0:11 ` Andrew Zaborowski
2018-10-19 22:13 ` Andrew Zaborowski
2019-02-08 14:35 ` Andrew Zaborowski
2020-04-07 0:25 ` [RESEND][PATCH] keys: Handle missing Authority Key Identifier X509 extension Andrew Zaborowski
2020-05-04 8:51 ` Andrew Zaborowski
2020-06-25 22:10 ` Andrew Zaborowski
2020-06-25 22:10 ` [RESEND][PATCH] keys: Update comment for restrict_link_by_key_or_keyring_chain Andrew Zaborowski
2020-07-29 23:49 ` [RESEND][PATCH] keys: Handle missing Authority Key Identifier X509 extension Andrew Zaborowski
2020-07-29 23:50 ` [RESEND][PATCH] keys: Update comment for restrict_link_by_key_or_keyring_chain Andrew Zaborowski
2020-09-07 10:39 ` [RESEND][PATCH] keys: Handle missing Authority Key Identifier X509 extension Andrew Zaborowski
2020-09-07 10:39 ` [RESEND][PATCH] keys: Update comment for restrict_link_by_key_or_keyring_chain Andrew Zaborowski
2020-10-13 13:39 ` [RESEND][PATCH] keys: Handle missing Authority Key Identifier X509 extension Andrew Zaborowski
2020-10-13 13:39 ` Andrew Zaborowski [this message]
2020-10-18 20:22 ` Jarkko Sakkinen
2020-10-18 20:22 ` Jarkko Sakkinen
2020-05-04 9:08 [RESEND][PATCH] keys: Update comment for restrict_link_by_key_or_keyring_chain Andrew Zaborowski
2020-10-18 20:25 ` Jarkko Sakkinen
2020-10-18 20:25 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201013133939.1182462-2-andrew.zaborowski@intel.com \
--to=andrew.zaborowski@intel.com \
--cc=keyrings@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).