diff options
| author | Jeremy Stott <jeremy@stott.co.nz> | 2024-10-19 01:10:52 +0200 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2024-11-28 17:15:49 +0100 |
| commit | ca0697a90e5720ba4d76cb0ae9d5572b5260a16c (patch) | |
| tree | 63265622e117c921db998b0f81231ff7e005b3e0 /configure.ac | |
| parent | mdoc2man: balance nested square brackets (diff) | |
| download | openssh-ca0697a90e5720ba4d76cb0ae9d5572b5260a16c.tar.xz openssh-ca0697a90e5720ba4d76cb0ae9d5572b5260a16c.zip | |
Add make target for standalone sk-libfido2
Add a Makefile target for sk-libfido2, the standalone fido2 security
key shared library, suitable for use with the SecurityKeyProvider
option.
Add a new configure option `--with-security-key-standalone` that
optionally sets the shared library target sk-libfido2$(SHLIBEXT), and
adds it to $(TARGETS).
misc.h is required when SK_STANDALONE is defined, because of the use
of `monotime_tv` in `sk_select_by_touch`.
Sets the shared library extension for sk-libfido2 is by setting
`SHLIBEXT` depending on the platform in configure.ac.
Add the shared library to the CI builds in the `sk` target config to
make sure it can compile under the same conditions as
`--with-security-key-builtin`.
Add a libssh-pic.a static library that compiles with `-fPIC` reusing
.c.lo method in sk-dummy.so for use in the shared library sk-libfido2.
Note, a separate static library libssh-pic.a is needed, since defining
-DSK_STANDALONE excludes some symbols needed in sshkey.lo.
Diffstat (limited to 'configure.ac')
| -rw-r--r-- | configure.ac | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac index 4e0539fa2..3728187c4 100644 --- a/configure.ac +++ b/configure.ac @@ -614,6 +614,9 @@ SPP_MSG="no" # the --with-solaris-privs option and --with-sandbox=solaris). SOLARIS_PRIVS="no" +# Default shared library extension +SHLIBEXT=".so" + # Check for some target-specific stuff case "$host" in *-*-aix*) @@ -732,6 +735,7 @@ case "$host" in # Cygwin defines optargs, optargs as declspec(dllimport) for historical # reasons which cause compile warnings, so we disable those warnings. OSSH_CHECK_CFLAG_COMPILE([-Wno-attributes]) + SHLIBEXT=".dll" ;; *-*-dgux*) AC_DEFINE([IP_TOS_IS_BROKEN], [1], @@ -791,6 +795,7 @@ int main(void) { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) # cf. Apple bug 3710161 (not public, but searchable) AC_DEFINE([BROKEN_POLL], [1], [System poll(2) implementation is broken]) + SHLIBEXT=".dylib" ;; *-*-dragonfly*) SSHDLIBS="$SSHDLIBS" @@ -2079,6 +2084,12 @@ AC_ARG_WITH([security-key-builtin], [ enable_sk_internal=$withval ] ) +enable_sk_standalone= +AC_ARG_WITH([security-key-standalone], + [ --with-security-key-standalone build standalone sk-libfido2 SecurityKeyProvider], + [ enable_sk_standalone=$withval ] +) + enable_dsa= AC_ARG_ENABLE([dsa-keys], [ --enable-dsa-keys enable DSA key support [no]], @@ -3316,6 +3327,16 @@ if test "x$enable_sk" = "xyes" -a "x$enable_sk_internal" != "xno" ; then fi fi +# Check for standalone SecurityKeyProvider +AC_MSG_CHECKING([whether to build standlone sk-libfido2]) +if test "x$enable_sk_standalone" = "xyes" ; then + AC_MSG_RESULT([yes]) + AC_SUBST([SK_STANDALONE], [sk-libfido2$SHLIBEXT]) +else + AC_MSG_RESULT([no]) + AC_SUBST([SK_STANDALONE], [""]) +fi + AC_CHECK_FUNCS([ \ arc4random \ arc4random_buf \ |