| Age | Commit message (Collapse) | Author |
|---|
|
If there is no OpenSSL installation on the system, where the
`make-certs` script is run at, no error message will be shown; instead
the script will fail silently and no certificates will be generated.
This change introduces a simple check, if the `openssl` binary is
present and informs the user, if it's missing, shortening debugging time
from minutes to mere seconds.
A bashism has been used so a pretty message gets printed without moving
the check to a section before `set -e`.
Signed-off-by: Kamil Aronowski <kamil.aronowski@yahoo.com>
|
|
Upstream-commit-id: 6a73ca814af
|
|
shim needs to verify that MokManager hasn't been modified, but we want to
be able to support configurations where shim is shipped without a vendor
certificate. This patch adds support for generating a certificate at build
time, incorporating the public half into shim and signing MokManager with
the private half. It uses pesign and nss, but still requires openssl for
key generation. Anyone using sbsign will need to figure this out for
themselves.
|
