Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
[crypto] Allow trusted certificates to be stored in non-volatile options
The intention of the existing code (as documented in its own comments)
is that it should be possible to override the list of trusted root
certificates using a "trust" setting held in non-volatile stored
options.  However, the rootcert_init() function currently executes
before any devices have been probed, and so will not be able to
retrieve any such non-volatile stored options.

Fix by executing rootcert_init() only after devices have been probed.
Since startup functions may be executed multiple times (unlike
initialisation functions), add an explicit flag to preserve the
property that rootcert_init() should run only once.

As before, if an explicit root of trust is specified at build time,
then any runtime "trust" setting will be ignored.

Signed-off-by: Michael Brown <mcb30@ipxe.org>
  • Loading branch information
mcb30 committed Mar 20, 2016
1 parent 4a861cc commit 0141ea3
Showing 1 changed file with 7 additions and 3 deletions.
10 changes: 7 additions & 3 deletions src/crypto/rootcert.c
Expand Up @@ -93,13 +93,14 @@ struct x509_root root_certificates = {
* a rebuild.
*/
static void rootcert_init ( void ) {
static int initialised;
void *external = NULL;
int len;

/* Allow trusted root certificates to be overridden only if
* not explicitly specified at build time.
*/
if ( ALLOW_TRUST_OVERRIDE ) {
if ( ALLOW_TRUST_OVERRIDE && ( ! initialised ) ) {

/* Fetch copy of "trust" setting, if it exists. This
* memory will never be freed.
Expand All @@ -109,6 +110,9 @@ static void rootcert_init ( void ) {
root_certificates.fingerprints = external;
root_certificates.count = ( len / FINGERPRINT_LEN );
}

/* Prevent subsequent modifications */
initialised = 1;
}

DBGC ( &root_certificates, "ROOTCERT using %d %s certificate(s):\n",
Expand All @@ -118,6 +122,6 @@ static void rootcert_init ( void ) {
}

/** Root certificate initialiser */
struct init_fn rootcert_init_fn __init_fn ( INIT_LATE ) = {
.initialise = rootcert_init,
struct startup_fn rootcert_startup_fn __startup_fn ( STARTUP_LATE ) = {
.startup = rootcert_init,
};

0 comments on commit 0141ea3

Please sign in to comment.