X-Git-Url: http://git.ozlabs.org/?p=petitboot;a=blobdiff_plain;f=lib%2Fsecurity%2Fgpg.c;h=76e2c6cb58c6f4b7b4a4257ae44fa9a5fc255d32;hp=41d1306812fa8c6c86aeb4ba97e06e29a93f3b12;hb=3dfa4123bdf987aaa0e4bfd73d436c6bab0184ce;hpb=abf92c05c31955333719f1a83cffb0d0d194c770

diff --git a/lib/security/gpg.c b/lib/security/gpg.c
index 41d1306..76e2c6c 100644
--- a/lib/security/gpg.c
+++ b/lib/security/gpg.c
@@ -462,10 +462,12 @@ int gpg_validate_boot_files(struct boot_task *boot_task) {
 			local_image_signature,
 			authorized_signatures_handle,
 			"/etc/gpg"))
+			result = KEXEC_LOAD_SIGNATURE_FAILURE;
 		if (verify_file_signature(cmdline_template,
 			local_cmdline_signature,
 			authorized_signatures_handle,
 			"/etc/gpg"))
+			result = KEXEC_LOAD_SIGNATURE_FAILURE;
 
 		if (boot_task->local_initrd_signature)
 			if (verify_file_signature(initrd_filename,
@@ -498,7 +500,7 @@ int gpg_validate_boot_files(struct boot_task *boot_task) {
 			"/etc/gpg"))
 			result = KEXEC_LOAD_SIGNATURE_FAILURE;
 		if (boot_task->local_initrd)
-		if (decrypt_file(initrd_filename,
+			if (decrypt_file(initrd_filename,
 				authorized_signatures_handle,
 				"/etc/gpg"))
 				result = KEXEC_LOAD_DECRYPTION_FALURE;
@@ -570,4 +572,4 @@ int lockdown_status() {
 	free(auth_sig_line);
 
 	return ret;
-}
\ No newline at end of file
+}