Don't leave in_protocol==1 when shim_verify() isn't enforcing. - efi-boot-shim.git - (mirror of https://github.com/vyos/efi-boot-shim.git)

diff options

author	Peter Jones <pjones@redhat.com>	2015-06-11 13:20:09 -0400
committer	Peter Jones <pjones@redhat.com>	2015-06-11 13:20:09 -0400
commit	b9f98904ba133f437ced3660b3b9f033f02244ec (patch)
tree	fda359f31ebcb1cfb4d0a07edfee966a8164dcbd /Cryptlib/OpenSSL/crypto/dsa/dsa_gen.c
parent	8837b9054f544fd9701cf0bd4b1bd4e596f4c2e7 (diff)
download	efi-boot-shim-b9f98904ba133f437ced3660b3b9f033f02244ec.tar.gz efi-boot-shim-b9f98904ba133f437ced3660b3b9f033f02244ec.zip

Don't leave in_protocol==1 when shim_verify() isn't enforcing.

Right now if shim_verify() sees secure_mode()==0, it exits with EFI_SUCCESS, but accidentally leaves in_protocol=1. This means any other call will have supressed error/warning messages. That's wrong, so don't do it. Signed-off-by: Peter Jones <pjones@redhat.com>

Diffstat (limited to 'Cryptlib/OpenSSL/crypto/dsa/dsa_gen.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: