ssh: generate SK config file using private cbor and fido2 libs
ClosedPublic
Actions

Authored by emaste on Mar 4 2022, 3:14 PM.

Details

Reviewers

kevans
des
bdrewery

Commits

rGfaa9ffff57d4: ssh: generate SK config file using private cbor and fido2 libs
rG73104d583850: ssh: generate SK config file using private cbor and fido2 libs

Summary

Specify -lprivatecbor and -lprivatefido2 in OpenSSH's configure.ac, and pass -I paths to libcbor and libfido2's contrib src location.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

This will be needed for the 8.9p1 update but doesn't hurt to do now against 8.8p1. This was the least hacky simple approach I could find.

emaste added a subscriber: imp.Mar 4 2022, 3:15 PM

This is not actually a NFC, it adds the following to sk_config.h:

#define HAVE_FIDO_CRED_PROT 1
#define HAVE_FIDO_CRED_SET_PROT 1
#define HAVE_FIDO_DEV_GET_TOUCH_BEGIN 1
#define HAVE_FIDO_DEV_GET_TOUCH_STATUS 1
#define HAVE_FIDO_DEV_SUPPORTS_CRED_PROT 1

Prior to 8.9p1 these are #defined to stubs if the HAVE_* macros are not set but 8.9p1 introduced local implementations, which caused a build failure.

This revision was not accepted when it landed; it landed in state Needs Review.Mar 6 2022, 12:58 AM

Closed by commit rG73104d583850: ssh: generate SK config file using private cbor and fido2 libs (authored by emaste). · Explain Why

This revision was automatically updated to reflect the committed changes.

emaste added a commit: rG73104d583850: ssh: generate SK config file using private cbor and fido2 libs.

emaste added a commit: rGfaa9ffff57d4: ssh: generate SK config file using private cbor and fido2 libs.Apr 15 2022, 4:37 PM