| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2013-10-01 | Make vendor_cert/vendor_dbx actually replaceable by an external tool. | Peter Jones | |
| This moves them both to be computed at runtime from a pointer+offset rather than just a pointer, so that their real address can be entirely derived from the section they're in. This means you can replace the whole .vendor_cert section with a new one with certs that don't have the same size. | |||
| 2013-10-01 | Remove TODO items fixed by merging lf_merge and lcp/lf-security-override. | Peter Jones | |
| Signed-off-by: Peter Jones <pjones@redhat.com> | |||
| 2013-09-26 | Don't use LibGetVariable(), since it doesn't give us real error codes. | Peter Jones | |
| 2013-09-26 | integrate security override | Gary Ching-Pang Lin | |
| 2013-09-26 | Clean up tarballs in "make clean" | Peter Jones | |
| Signed-off-by: Peter Jones <pjones@redhat.com> | |||
| 2013-09-26 | Merge variable retrieving functions | Gary Ching-Pang Lin | |
| 2013-09-26 | Merge signature.h into efiauthenticated.h and guid.h | Gary Ching-Pang Lin | |
| Conflicts: shim.c | |||
| 2013-09-26 | Merge two PeImage.h into one | Peter Jones | |
| Conflicts: Makefile | |||
| 2013-09-26 | Free unused memory space | Gary Ching-Pang Lin | |
| 2013-09-26 | Adjust the result of gmtime() to fit the definition | Gary Ching-Pang Lin | |
| 2013-09-26 | Rand: check the status of the pseudorandom number generator | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: check the suffix of the key file | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: fetch more info from X509 name | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: reboot the system after clearing MOK password | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: enhance the password prompt for SB state | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: rearrange the output of MOK info | Gary Ching-Pang Lin | |
| 2013-09-26 | Disable floating points in b_print | Gary Ching-Pang Lin | |
| The long double declaration will enable SSE and cause a compilation error. Disabling everything related to floating points avoids the error. | |||
| 2013-09-26 | Enable openssl bio_printf() | Gary Ching-Pang Lin | |
| bio_printf() was replaced with a dummy function and this made several openssl functions useless. This commit adds the print functions back, so that we don't have to implement our own ASN1 time print function. | |||
| 2013-09-26 | MokManager: enhance the password prompt | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: remove the duplicate get_keystroke() | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: draw the countdown screen | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: Remove the unnecessary string duplication | Gary Ching-Pang Lin | |
| 2013-09-26 | Correct the certificate count of the signature list | Gary Ching-Pang Lin | |
| 2013-09-26 | Since different distros name grub*.efi differently, make it compile-time. | Peter Jones | |
| Basically, if you don't want grub.efi, you do: make 'DEFAULT_LOADER=\\\\grubx64.efi' Signed-off-by: Peter Jones <pjones@redhat.com> | |||
| 2013-09-26 | Define the PXE 2nd stage loader in the beginning of the file | Gary Ching-Pang Lin | |
| Make it easier to change the PXE 2nd stage loader. Conflicts: netboot.c | |||
| 2013-09-26 | Remove double-separators from the bootpath | Gary Ching-Pang Lin | |
| 2013-09-26 | Fix the broken bootpath | Gary Ching-Pang Lin | |
| - The file path from DevicePathToStr may use slash as the file seperator. Change all slashes to backslashes to avoid the strange bootpath. - Remove the redundant backslashes. - ImagePath no longer requires the leading backslash. - Fix a memory leak Based on the patch from Michal Marek <mmarek@suse.com> | |||
| 2013-09-26 | MokManager: support Tradition DES hash | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: support MD5-based crypt() hash | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: support blowfish-based crypt() hash | Gary Ching-Pang Lin | |
| Conflicts: Makefile | |||
| 2013-09-26 | MokManager: support SHA512-based crypt() hash | Gary Ching-Pang Lin | |
| 2013-09-26 | MokManager: support crypt() password hash | Gary Ching-Pang Lin | |
| The password format is introduced for the password hash generated by crypt(), so that the user can import the password hash from /etc/shadow. The packager, especially those who packages 3rd party drivers, can utilize this feature to import a 3rd party certificate without interfering the package installation. This commit implements the sha256-based crypt() hash function. Conflicts: Makefile MokManager.c | |||
| 2013-09-26 | Make EFI_PATH easily resettable from the build command line. | Peter Jones | |
| Signed-off-by: Peter Jones <pjones@redhat.com> | |||
| 2013-09-26 | Clean lib/, too | Gary Ching-Pang Lin | |
| 2013-09-26 | simple_file: Allocate buffers for file entries | Gary Ching-Pang Lin | |
| The dir filter appends L'/' to the directory entries without allocating a new buffer, and this could crash the whole program. | |||
| 2013-09-26 | Port MokManager to Linux Foundation loader UI code | Matthew Garrett | |
| This is the first stage of porting the MokManager UI to the UI code used by the Linux Foundation UEFI loader. | |||
| 2013-09-26 | Port MokManager to Linux Foundation loader UI code | Peter Jones | |
| This is the first stage of porting the MokManager UI to the UI code used by the Linux Foundation UEFI loader. Conflicts: MokManager.c | |||
| 2013-09-26 | We have to declare SHIM_LOCK_GUID here as well. | Peter Jones | |
| Signed-off-by: Peter Jones <pjones@redhat.com> Conflicts: MokManager.c | |||
| 2013-09-26 | Ignore tarballs. | Peter Jones | |
| Signed-off-by: Peter Jones <pjones@redhat.com> | |||
| 2013-09-26 | MokManager needs to disable the graphics console. | Peter Jones | |
| Without this patch, on some machines we never see MokManager's UI. This protocol has never (I think?) been officially published, and yet I still have new hardware that needs it. If you're looking for a reference, look at: EdkCompatibilityPkg/Foundation/Protocol/ConsoleControl/ConsoleControl.c in the edk2 tree from Tiano. Signed-off-by: Peter Jones <pjones@redhat.com> | |||
| 2013-09-24 | Fix a memory leak | Steve Langasek | |
| 2013-09-24 | Correct limits on the length of ipv6 addresses | Steve Langasek | |
| The maximum length of a string representation of an ipv6 address is 39 characters (8 groups of 4 hex chars, with 7 colons in between). So don't allocate more room than this - and more importantly, don't blindly accept strings from the server that are longer than our buffer... | |||
| 2013-09-24 | More consistent types, fewer casts | Steve Langasek | |
| 2013-09-24 | Misc allocation cleanups | Steve Langasek | |
| 2013-09-24 | Fix an off-by-one error | Steve Langasek | |
| We don't need to add one because our end pointer is already off the end of the string we want to copy. | |||
| 2013-09-24 | Fix nul termination errors in filenames passed to tftp | Steve Langasek | |
| Fix various errors in the tftp string handling, to ensure we always have properly nul-terminated strings. | |||
| 2013-09-24 | Build with -Werror to catch future prototype mismatches. | Steve Langasek | |
| 2013-09-24 | Pass the right arguments to EFI_PXE_BASE_CODE_TFTP_READ_FILE | Steve Langasek | |
| A wrong pointer was being passed to EFI_PXE_BASE_CODE_TFTP_READ_FILE, preventing us from getting the file size back from the tftp call, ensuring that we don't have enough information to properly secureboot-validate the retrieved image. | |||
| 2013-09-23 | Add MokListRT option rom entry. | Peter Jones | |
| Signed-off-by: Peter Jones <pjones@redhat.com> | |||
| 2013-09-23 | Update TODO with missing description. | Peter Jones | |
| Signed-off-by: Peter Jones <pjones@redhat.com> | |||
 |
index : efi-boot-shim.git | |
| (mirror of https://github.com/vyos/efi-boot-shim.git) |
| summaryrefslogtreecommitdiff |