2cab315
From 0b9048cbcc1cfc2afd9cbf781732882736cbe965 Mon Sep 17 00:00:00 2001
2335e63
From: Peter Jones <pjones@redhat.com>
2335e63
Date: Tue, 14 Jul 2020 16:42:39 -0400
2335e63
Subject: [PATCH 11/11] kernel building hack
2335e63
2335e63
Signed-off-by: Peter Jones <pjones@redhat.com>
2335e63
---
1f46918
 src/pesign-rpmbuild-helper.in | 17 +++++++++++++++++
1f46918
 1 file changed, 17 insertions(+)
2335e63
2335e63
diff --git a/src/pesign-rpmbuild-helper.in b/src/pesign-rpmbuild-helper.in
2cab315
index c5287c27e0c..27b8261bc17 100644
2335e63
--- a/src/pesign-rpmbuild-helper.in
2335e63
+++ b/src/pesign-rpmbuild-helper.in
1f46918
@@ -202,6 +202,23 @@ main() {
2335e63
 	    "${input[@]}" "${output[@]}"
2335e63
 	rm -rf "${sattrs}" "${sattrs}.sig" "${nssdir}"
2335e63
     elif [[ -n "${socket}" ]] ; then
2335e63
+	### welcome haaaaack city
2cab315
+	if [[ "${client_token[1]}" = "OpenSC Card (Fedora Signer)" ]] ; then
2335e63
+	    if [[ "${input[1]}" =~ (/|^)vmlinuz($|[_.-]) ]] \
2335e63
+	       || [[ "${input[1]}" =~ (/|^)bzImage($|[_.-]) ]] ; then
2335e63
+		if [[ "${rhelcertfile}" =~ redhatsecureboot501.* ]] \
c43a6a2
+		   || [[ "${rhelcertfile}" =~ redhatsecureboot401.* ]] \
2335e63
+		   || [[ "${rhelcertfile}" =~ centossecureboot201.* ]] ; then
2cab315
+		    client_cert[1]=kernel-signer
2335e63
+		elif [[ "${rhelcertfile}" =~ redhatsecureboot502.* ]] \
2335e63
+		   || [[ "${rhelcertfile}" =~ centossecureboot202.* ]] ; then
2cab315
+		    client_cert[1]=grub2-signer
2335e63
+		elif [[ "${rhelcertfile}" =~ redhatsecureboot503.* ]] \
2335e63
+		   || [[ "${rhelcertfile}" =~ centossecureboot203.* ]] ; then
2cab315
+		    client_cert[1]=fwupd-signer
2335e63
+		fi
2335e63
+	    fi
2335e63
+	fi
2335e63
 	"${client}" "${client_token[@]}" "${client_cert[@]}"    \
2335e63
 	    "${sattrout[@]}" "${certout[@]}"	\
2335e63
 	    ${sign} "${input[@]}" "${output[@]}"
2335e63
-- 
2335e63
2.26.2
2335e63