git.ipfire.org Git - thirdparty/ipxe.git/commit

author	Michael Brown <mcb30@ipxe.org>
	Tue, 20 Mar 2012 13:32:20 +0000 (13:32 +0000)
committer	Michael Brown <mcb30@ipxe.org>
	Tue, 20 Mar 2012 20:39:11 +0000 (20:39 +0000)
commit	8685280cbddc6e2d050d5e94719cab5d4ba866fc
tree	53a8892a384c29516558eaca59cc9038cb9072f4	tree \| snapshot
parent	05c13716f9a6323d8c8b4006f11dc2fc86493371	commit \| diff

[build] Allow a client certificate to be specified at build time

Allow a client certificate and corresponding private key to be
specified at build time using the syntax

make CERT=/path/to/certificate KEY=/path/to/key

The build process uses openssl to convert the files into DER format,
and includes them within the client certificate store in
clientcert.c. The build process will prompt for the private key
password if applicable.

Note that the private key is stored unencrypted, and so the resulting
iPXE binary (and the temporary files created during the build process)
should be treated as being equivalent to an unencrypted private key
file.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

src/Makefile.housekeeping		diff \| blob \| blame \| history
src/crypto/clientcert.c	[new file with mode: 0644]	blob
src/include/ipxe/clientcert.h	[new file with mode: 0644]	blob