diff options
| author | Yauheni Kaliuta <yauheni.kaliuta@redhat.com> | 2019-02-01 22:20:02 +0200 |
|---|---|---|
| committer | Lucas De Marchi <lucas.demarchi@intel.com> | 2019-02-04 13:51:27 -0800 |
| commit | 391b4714b495183baefa9cb10ac8e1600c166a59 (patch) | |
| tree | a674ab2034405859716de1e75b5d15f6f4be5de5 /configure.ac | |
| parent | dec990483bcb5f36557ab34918256a2251a6cf25 (diff) | |
| download | kmod-391b4714b495183baefa9cb10ac8e1600c166a59.tar.gz | |
libkmod-signature: implement pkcs7 parsing with openssl
The patch adds data fetching from the PKCS#7 certificate using
openssl library (which is used by scripts/sign-file.c in the linux
kernel to sign modules).
In general the certificate can contain many signatures, but since
kmod (modinfo) supports only one signature at the moment, only first
one is taken.
With the current sign-file.c certificate doesn't contain signer
key's fingerprint, so "serial number" is used for the key id.
Signed-off-by: Yauheni Kaliuta <yauheni.kaliuta@redhat.com>
Diffstat (limited to 'configure.ac')
| -rw-r--r-- | configure.ac | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac index fbc7391..2e33380 100644 --- a/configure.ac +++ b/configure.ac @@ -106,6 +106,17 @@ AS_IF([test "x$with_zlib" != "xno"], [ ]) CC_FEATURE_APPEND([with_features], [with_zlib], [ZLIB]) +AC_ARG_WITH([openssl], + AS_HELP_STRING([--with-openssl], [handle PKCS7 signatures @<:@default=disabled@:>@]), + [], [with_openssl=no]) +AS_IF([test "x$with_openssl" != "xno"], [ + PKG_CHECK_MODULES([openssl], [openssl]) + AC_DEFINE([ENABLE_OPENSSL], [1], [Enable openssl for modinfo.]) +], [ + AC_MSG_NOTICE([openssl support not requested]) +]) +CC_FEATURE_APPEND([with_features], [with_openssl], [OPENSSL]) + AC_ARG_WITH([bashcompletiondir], AS_HELP_STRING([--with-bashcompletiondir=DIR], [Bash completions directory]), [], |