diff options
author | Corinna Vinschen <vinschen@redhat.com> | 2022-02-15 11:28:08 +0100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2022-08-05 06:42:10 +0200 |
commit | 242c044ab111a37aad3b0775727c36a4c5f0102c (patch) | |
tree | bcd9a206862f9e5d5545409f3c7180304432e058 | |
parent | compat code for fido_dev_is_winhello() (diff) | |
download | openssh-242c044ab111a37aad3b0775727c36a4c5f0102c.tar.xz openssh-242c044ab111a37aad3b0775727c36a4c5f0102c.zip |
check_sk_options: add temporary WinHello workaround
Up to libfido 1.10.0, WinHello advertises "clientPin" rather
than "uv" capability. This is fixed in 1.11.0. For the time
being, workaround it here.
Signed-off-by: Corinna Vinschen <vinschen@redhat.com>
-rw-r--r-- | sk-usbhid.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/sk-usbhid.c b/sk-usbhid.c index dfe88789a..06bf0e85c 100644 --- a/sk-usbhid.c +++ b/sk-usbhid.c @@ -450,6 +450,15 @@ check_sk_options(fido_dev_t *dev, const char *opt, int *ret) skdebug(__func__, "device is not fido2"); return 0; } + /* + * Workaround required up to libfido2 1.10.0. As soon as 1.11.0 + * is released and updated in the Cygwin release, we can drop this. + */ + if (fido_dev_is_winhello(dev) && strcmp (opt, "uv") == 0) { + skdebug(__func__, "device is winhello"); + *ret = 1; + return 0; + } if ((info = fido_cbor_info_new()) == NULL) { skdebug(__func__, "fido_cbor_info_new failed"); return -1; |