diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2020-05-13 11:57:17 +0200 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2020-05-27 02:09:19 +0200 |
| commit | 1e70dc3285fc9b4f6454975acb81e8702c23dd89 (patch) | |
| tree | 1cfd98661b0fb0df23ac1d323cfb59da0976ee9d | |
| parent | upstream: preserve group/world read permission on known_hosts (diff) | |
| download | openssh-1e70dc3285fc9b4f6454975acb81e8702c23dd89.tar.xz openssh-1e70dc3285fc9b4f6454975acb81e8702c23dd89.zip | |
upstream: always call fido_init(); previous behaviour only called
fido_init() when SK_DEBUG was defined. Harmless with current libfido2, but
this isn't guaranteed in the future.
OpenBSD-Commit-ID: c7ea20ff2bcd98dd12015d748d3672d4f01f0864
| -rw-r--r-- | sk-usbhid.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/sk-usbhid.c b/sk-usbhid.c index 25250824d..8097cc7f4 100644 --- a/sk-usbhid.c +++ b/sk-usbhid.c @@ -57,6 +57,12 @@ /* #define SK_DEBUG 1 */ +#ifdef SK_DEBUG +#define SSH_FIDO_INIT_ARG FIDO_DEBUG +#else +#define SSH_FIDO_INIT_ARG 0 +#endif + #define MAX_FIDO_DEVICES 256 /* Compatibility with OpenSSH 1.0.x */ @@ -459,9 +465,8 @@ sk_enroll(uint32_t alg, const uint8_t *challenge, size_t challenge_len, int r; char *device = NULL; -#ifdef SK_DEBUG - fido_init(FIDO_DEBUG); -#endif + fido_init(SSH_FIDO_INIT_ARG); + if (enroll_response == NULL) { skdebug(__func__, "enroll_response == NULL"); goto out; @@ -749,9 +754,7 @@ sk_sign(uint32_t alg, const uint8_t *data, size_t datalen, int ret = SSH_SK_ERR_GENERAL; int r; -#ifdef SK_DEBUG - fido_init(FIDO_DEBUG); -#endif + fido_init(SSH_FIDO_INIT_ARG); if (sign_response == NULL) { skdebug(__func__, "sign_response == NULL"); @@ -995,6 +998,8 @@ sk_load_resident_keys(const char *pin, struct sk_option **options, *rksp = NULL; *nrksp = 0; + fido_init(SSH_FIDO_INIT_ARG); + if (check_sign_load_resident_options(options, &device) != 0) goto out; /* error already logged */ if (device != NULL) { |