Blob Blame History Raw
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 9 Aug 2017 17:31:31 -0400
Subject: [PATCH] rpm: Make the client signer use the fedora values unless
 overridden

Signed-off-by: Peter Jones <pjones@redhat.com>
---
 src/macros.pesign | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/macros.pesign b/src/macros.pesign
index 69280e9..22a3ee6 100644
--- a/src/macros.pesign
+++ b/src/macros.pesign
@@ -9,6 +9,9 @@
 %__pesign_token %{nil}%{?pe_signing_token:-t "%{pe_signing_token}"}
 %__pesign_cert %{!?pe_signing_cert:"Red Hat Test Certificate"}%{?pe_signing_cert:"%{pe_signing_cert}"}
 
+%__pesign_client_token %{!?pe_signing_token:"Fedora Signer (OpenSC Card)"}%{?pe_signing_token:"%{pe_signing_token}}
+%__pesign_client_cert %{!?pe_signing_cert:"/CN=Fedora Secure Boot Signer"}%{?pe_signing_cert:"%{pe_signing_cert}}
+
 %_pesign /usr/bin/pesign
 %_pesign_client /usr/bin/pesign-client
 
@@ -41,11 +44,11 @@
                  --certdir ${nss} -c signer %{-o}			\
       rm -rf ${sattrs} ${sattrs}.sig ${nss}				\
     elif [ -S /var/run/pesign/socket ]; then				\
-      %{_pesign_client} -t %{__pesign_token}				\\\
-                        -c %{__pesign_cert}				\\\
+      %{_pesign_client} -t %{__pesign_client_token}			\\\
+                        -c %{__pesign_client_cert}			\\\
                         %{-i} %{-o} %{-e} %{-s} %{-C}			\
     else								\
-      %{_pesign} -t %{__pesign_token} -c %{__pesign_cert}		\\\
+      %{_pesign} %{__pesign_token} -c %{__pesign_cert}			\\\
 		 --certdir ${_pesign_nssdir}				\\\
                  %{-i} %{-o} %{-e} %{-s} %{-C}				\
     fi									\