| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2012-10-05 | Add filesystem browsing and enrollment | Matthew Garrett | |
| Add a basic menu system and file explorer. This makes it possible for the user to enrol keys from media from within shim rather than having to boot an OS first. This would permit vendors to distribute a signed shim without having to install their own keys first - the keys could be stored on the install media instead. | |||
| 2012-10-05 | releasing version 0~20120906.bcd0a4e8-0ubuntu3 | Steve Langasek | |
| 2012-10-05 | debian/patches/second-stage-path: Chainload grubx64.efi, not | Steve Langasek | |
| grub.efi. | |||
| 2012-10-04 | releasing version 0~20120906.bcd0a4e8-0ubuntu2 | Steve Langasek | |
| 2012-10-04 | Only build the package for amd64; we're not signing an i386 shim at this | Steve Langasek | |
| stage so there's no point in building it. | |||
| 2012-10-04 | debian/patches/prototypes: Include missing prototypes, and disable | Steve Langasek | |
| use of BIO_new_file. | |||
| 2012-10-04 | Don't show the invalid key number | Gary Ching-Pang Lin | |
| 2012-10-04 | Use the same function to get commands and password | Gary Ching-Pang Lin | |
| 2012-10-04 | Print the key number for the non-existent key also | Gary Ching-Pang Lin | |
| 2012-10-04 | releasing version 0~20120906.bcd0a4e8-0ubuntu1 | Steve Langasek | |
| 2012-10-04 | Fix the changelog, which is inaccurate now that we just include the file | Steve Langasek | |
| 2012-10-04 | Use a clearer name for the VENDOR_CERT_FILE. | Steve Langasek | |
| 2012-10-04 | Pull newer upstream snapshot, which fixes verification of the signature on ↵ | Steve Langasek | |
| our signed GRUB efi | |||
| 2012-10-03 | Import upstream version 0~20120906.bcd0a4e8 | Steve Langasek | |
| 2012-10-03 | Include the Canonical Secure Boot master CA (cert.der) and include as | Steve Langasek | |
| cert.h at build time. | |||
| 2012-10-02 | Don't print Backspace as we print nothing | Gary Ching-Pang Lin | |
| 2012-10-02 | Calculate SHA1 fingerprint | Gary Ching-Pang Lin | |
| openssl shows sha1 fingerprint by default. | |||
| 2012-10-02 | Replace functions with the ones in gnu-efi | Gary Ching-Pang Lin | |
| 2012-10-02 | Use LibDeleteVariable in gnu-efi | Gary Ching-Pang Lin | |
| 2012-09-27 | More tips for the MOK password | Gary Ching-Pang Lin | |
| 2012-09-26 | Filter out newline from the password array | Gary Ching-Pang Lin | |
| 2012-09-26 | correct wording | Gary Ching-Pang Lin | |
| 2012-09-26 | Build debug image for all efi files | Gary Ching-Pang Lin | |
| 2012-09-24 | Define the max length of password | Gary Ching-Pang Lin | |
| 2012-09-24 | Request a password to verify the key list | Gary Ching-Pang Lin | |
| The password must contain 8 characters at least and 16 characters at most and will be hashed with the key list altogether. The keys in MokNew won't be allowed to be enrolled unless the user provides the correct password. | |||
| 2012-09-21 | Erase stored keys when there is no key in the new key list | Gary Ching-Pang Lin | |
| 2012-09-21 | Make sure the variables are not broken | Gary Ching-Pang Lin | |
| 2012-09-21 | Allow the new keys to be listed again | Gary Ching-Pang Lin | |
| 2012-09-21 | Reject the binary when there is no key in MokList | Gary Ching-Pang Lin | |
| 2012-09-20 | Make the key list interactive | Gary Ching-Pang Lin | |
| 2012-09-20 | Make sure the time string is set | Gary Ching-Pang Lin | |
| 2012-09-20 | Improve the layout of the key info | Gary Ching-Pang Lin | |
| 2012-09-20 | Remove the unused debug message | Gary Ching-Pang Lin | |
| 2012-09-20 | Check the MOK list correctly | Gary Ching-Pang Lin | |
| 2012-09-19 | Simplify the key management | Gary Ching-Pang Lin | |
| Move the key list building and management to mokutil to keep MokManager as simple as possible. | |||
| 2012-09-19 | Abandon the variable, MokMgmt | Gary Ching-Pang Lin | |
| 2012-09-11 | Copy the MOK list to a RT variable | Gary Ching-Pang Lin | |
| The RT variable, MokListRT, is a copy of MokList so that the runtime applications can synchronize the key list without touching the BS variable. | |||
| 2012-09-11 | Use the machine owner keys to verify images | Gary Ching-Pang Lin | |
| 2012-09-11 | Add a separate efi application to manage MOKs | Gary Ching-Pang Lin | |
| 2012-09-11 | Always try StartImage first | Gary Ching-Pang Lin | |
| 2012-09-11 | Only launch MokManager when necessary | Gary Ching-Pang Lin | |
| 2012-09-11 | Retrieve attributes of variables | Gary Ching-Pang Lin | |
| We have to make sure the machine owner key is stored in a BS variable. | |||
| 2012-09-07 | Merge branch 'master' into mok-prototype3 | Gary Ching-Pang Lin | |
| Conflicts: shim.c | |||
| 2012-09-07 | Load MokManager for MOK management | Gary Ching-Pang Lin | |
| 2012-09-07 | Make the image loading process more generic | Gary Ching-Pang Lin | |
| 2012-09-06 | Fix data alignment on vendor_cert so we don't wind up with padding. | Peter Jones | |
| 2012-09-06 | Add some convenience make targets. | Peter Jones | |
| Adds targets for "test-archive" and "archive" | |||
| 2012-09-06 | Break out of our db checking loop at the appropriate time. | Peter Jones | |
| The break in check_db_cert is at the wrong level due to a typo in indentation, and as a result only the last cert in the list can correctly match. Rectify that. Signed-off-by: Peter Jones <pjones@redhat.com> | |||
| 2012-09-06 | Use the file size, not the image size field, for verification. | Matthew Garrett | |
| 2012-09-06 | Allow specification of vendor_cert through a build command line option. | Peter Jones | |
| This allows you to specify the vendor_cert as a file on the command line during build. | |||
 |
index : efi-boot-shim.git | |
| (mirror of https://github.com/vyos/efi-boot-shim.git) |
| summaryrefslogtreecommitdiff |