[openssh-commits] [openssh] branch master updated (3d3a932a -> 2886975c)

git+noreply at mindrot.org git+noreply at mindrot.org
Fri Aug 5 15:02:30 AEST 2022 

This is an automated email from the git hooks/post-receive script.

djm pushed a change to branch master
in repository openssh.

      from  3d3a932a  Factor out getrnd() and rename to getentropy().
       new  78774c08  compat code for fido_dev_is_winhello()
       new  242c044a  check_sk_options: add temporary WinHello workaround
       new  2886975c  sk_sign: set FIDO2 uv attribute explicitely for WinHello

The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.


Detailed log of new commits:

commit 2886975c0ad9244e60dc5e4be34fde3aa573a4b5
Author: Corinna Vinschen <vinschen at redhat.com>
Date:   Fri Feb 11 14:33:41 2022 +0100

    sk_sign: set FIDO2 uv attribute explicitely for WinHello
    
    WinHello via libfido2 performs user verification by default.
    However, if we stick to that, there's no way to differentiate
    between keys created with or without "-O  verify-required".
    Set FIDO2 uv attribute explicitely to FIDO_OPT_FALSE, then check
    if user verification has been requested.
    
    Signed-off-by: Corinna Vinschen <vinschen at redhat.com>

commit 242c044ab111a37aad3b0775727c36a4c5f0102c
Author: Corinna Vinschen <vinschen at redhat.com>
Date:   Tue Feb 15 11:28:08 2022 +0100

    check_sk_options: add temporary WinHello workaround
    
    Up to libfido 1.10.0, WinHello advertises "clientPin" rather
    than "uv" capability.  This is fixed in 1.11.0.  For the time
    being, workaround it here.
    
    Signed-off-by: Corinna Vinschen <vinschen at redhat.com>

commit 78774c08cc4b4997382975b0f414a86e06b6780c
Author: Corinna Vinschen <vinschen at redhat.com>
Date:   Thu Feb 10 18:19:29 2022 +0100

    compat code for fido_dev_is_winhello()
    
    Signed-off-by: Corinna Vinschen <vinschen at redhat.com>

Summary of changes:
 configure.ac |  1 +
 sk-usbhid.c  | 25 +++++++++++++++++++++++++
 2 files changed, 26 insertions(+)

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list