[openssh-commits] [openssh] 01/01: upstream: U2F tokens may return FIDO_ERR_USER_PRESENCE_REQUIRED when

Fri Nov 15 14:43:38 AEDT 2019

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 01362cf7cb979525c014714e2bccf799a46e772e
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Fri Nov 15 03:41:57 2019 +0000

    upstream: U2F tokens may return FIDO_ERR_USER_PRESENCE_REQUIRED when
    
    probed to see if they own a key handle. Handle this case so the find_device()
    look can work for them. Reported by Michael Forney
    
    OpenBSD-Commit-ID: 2ccd5b30a6ddfe4dba228b7159bf168601bd9166
---
 sk-usbhid.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/sk-usbhid.c b/sk-usbhid.c
index f81dc8f2..e07b49e9 100644
--- a/sk-usbhid.c
+++ b/sk-usbhid.c
@@ -201,6 +201,10 @@ try_device(fido_dev_t *dev, const uint8_t *message, size_t message_len,
 	}
 	r = fido_dev_get_assert(dev, assert, NULL);
 	skdebug(__func__, "fido_dev_get_assert: %s", fido_strerr(r));
+	if (r == FIDO_ERR_USER_PRESENCE_REQUIRED) {
+		/* U2F tokens may return this */
+		r = FIDO_OK;
+	}
  out:
 	fido_assert_free(&assert);
 

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
