From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 9 Aug 2017 17:31:31 -0400
Subject: [PATCH] rpm: Make the client signer use the fedora values unless
overridden
Signed-off-by: Peter Jones <pjones@redhat.com>
---
src/macros.pesign | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/src/macros.pesign b/src/macros.pesign
index 69280e9..22a3ee6 100644
--- a/src/macros.pesign
+++ b/src/macros.pesign
@@ -9,6 +9,9 @@
%__pesign_token %{nil}%{?pe_signing_token:-t "%{pe_signing_token}"}
%__pesign_cert %{!?pe_signing_cert:"Red Hat Test Certificate"}%{?pe_signing_cert:"%{pe_signing_cert}"}
+%__pesign_client_token %{!?pe_signing_token:"Fedora Signer (OpenSC Card)"}%{?pe_signing_token:"%{pe_signing_token}}
+%__pesign_client_cert %{!?pe_signing_cert:"/CN=Fedora Secure Boot Signer"}%{?pe_signing_cert:"%{pe_signing_cert}}
+
%_pesign /usr/bin/pesign
%_pesign_client /usr/bin/pesign-client
@@ -41,11 +44,11 @@
--certdir ${nss} -c signer %{-o} \
rm -rf ${sattrs} ${sattrs}.sig ${nss} \
elif [ -S /var/run/pesign/socket ]; then \
- %{_pesign_client} -t %{__pesign_token} \\\
- -c %{__pesign_cert} \\\
+ %{_pesign_client} -t %{__pesign_client_token} \\\
+ -c %{__pesign_client_cert} \\\
%{-i} %{-o} %{-e} %{-s} %{-C} \
else \
- %{_pesign} -t %{__pesign_token} -c %{__pesign_cert} \\\
+ %{_pesign} %{__pesign_token} -c %{__pesign_cert} \\\
--certdir ${_pesign_nssdir} \\\
%{-i} %{-o} %{-e} %{-s} %{-C} \
fi \