Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
path: root/CHANGELOG.rst
diff options
context:
space:
mode:
authorAnton Hvornum <anton@hvornum.se>2022-05-18 16:42:28 +0200
committerDavid Runge <dvzrv@archlinux.org>2022-09-25 19:54:41 +0200
commit326cfed7cc59af487cdae1d1a75e1e3a8f84cb67 (patch)
tree4e717352509de8de4e30b64581dddc83fc715114 /CHANGELOG.rst
parent5f135b4342eb8306bce917bc9f3095fc38985c4c (diff)
Add the ability to generate rootfs signatures using openssl CMS module if ``-c`` is given.
(gitlab ci) Added a CA structure to the codesigning certificates. This to test the functionality of optional CA being in the signing message. (mkarchiso) Removed the ``sign_netboot_artifacts`` variable and instead we'll now rely on ``if [[ -v cert_list ]]; then``. Added ``ARCHISO_TLS_FD`` and ``ARCHISO_TLSCA_FD`` environment variables to override the certificates used. This is so that third party CA's can be used during building in a meaningful way without distrupting the CA trust that is shipped by default. _cms_sign_artifact() was added which signs the rootfs using OpenSSL CMS. The files will be saved as "${artifact}.cms.sig". That would be for instance "${isofs_dir}/${install_dir}/${arch}/airootfs.sfs.cms.sig".
Diffstat (limited to 'CHANGELOG.rst')
-rw-r--r--CHANGELOG.rst2
1 files changed, 2 insertions, 0 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 687b413..1d9eeea 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -8,6 +8,8 @@ Changelog
Added
-----
+- The ability to generate rootfs signatures using openssl CMS module if ``-c`` is given.
+
Changed
-------

Copyright © 2002-2022 Judd Vinet and Aaron Griffin. Copyright © 2022 Erich Eckner.
The Arch Linux name and logo are recognized trademarks. Some rights reserved. The registered trademark Linux® is used pursuant to a sublicense from LMI, the exclusive licensee of Linus Torvalds, owner of the mark on a world-wide basis.