|
 |
d4b2f2 |
From 6ebe5695a626c6cd254b249bbebf9846bcb936c0 Mon Sep 17 00:00:00 2001
|
|
|
d4b2f2 |
From: Rob Crittenden <rcritten@redhat.com>
|
|
|
d4b2f2 |
Date: Tue, 4 Sep 2018 11:06:13 -0400
|
|
|
d4b2f2 |
Subject: [PATCH 4/7] Only de-duplicate certificates within the same token
|
|
|
d4b2f2 |
|
|
|
d4b2f2 |
certmonger may not have read/write access to tokens other than
|
|
|
d4b2f2 |
the one it is examining so don't try to de-duplicate certificates
|
|
|
d4b2f2 |
on other tokens.
|
|
|
d4b2f2 |
---
|
|
|
d4b2f2 |
src/certsave-n.c | 8 +++++---
|
|
|
d4b2f2 |
1 file changed, 5 insertions(+), 3 deletions(-)
|
|
|
d4b2f2 |
|
|
|
d4b2f2 |
diff --git a/src/certsave-n.c b/src/certsave-n.c
|
|
|
d4b2f2 |
index 193309c5..d0152cad 100644
|
|
|
d4b2f2 |
--- a/src/certsave-n.c
|
|
|
d4b2f2 |
+++ b/src/certsave-n.c
|
|
|
d4b2f2 |
@@ -391,8 +391,9 @@ cm_certsave_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
|
|
|
d4b2f2 |
!CERT_LIST_EMPTY(certlist) &&
|
|
|
d4b2f2 |
!CERT_LIST_END(node, certlist);
|
|
|
d4b2f2 |
node = CERT_LIST_NEXT(node)) {
|
|
|
d4b2f2 |
- if (!SECITEM_ItemsAreEqual(&subject,
|
|
|
d4b2f2 |
- &node->cert->derSubject)) {
|
|
|
d4b2f2 |
+ if ((!SECITEM_ItemsAreEqual(&subject,
|
|
|
d4b2f2 |
+ &node->cert->derSubject)) &&
|
|
|
d4b2f2 |
+ (sle->slot == node->cert->slot)) {
|
|
|
d4b2f2 |
cm_log(3, "Found a "
|
|
|
d4b2f2 |
"certificate "
|
|
|
d4b2f2 |
"with the same "
|
|
|
d4b2f2 |
@@ -441,7 +442,8 @@ cm_certsave_n_main(int fd, struct cm_store_ca *ca, struct cm_store_entry *entry,
|
|
|
d4b2f2 |
node = CERT_LIST_NEXT(node)) {
|
|
|
d4b2f2 |
if ((node->cert->nickname != NULL) &&
|
|
|
d4b2f2 |
(strcmp(entry->cm_cert_nickname,
|
|
|
d4b2f2 |
- node->cert->nickname) != 0))
|
|
|
d4b2f2 |
+ node->cert->nickname) != 0) &&
|
|
|
d4b2f2 |
+ (sle->slot == node->cert->slot))
|
|
|
d4b2f2 |
{
|
|
|
d4b2f2 |
i++;
|
|
|
d4b2f2 |
cm_log(3, "Found a "
|
|
|
d4b2f2 |
--
|
|
|
d4b2f2 |
2.14.4
|
|
|
d4b2f2 |
|