[openssh-commits] [openssh] 02/03: check_sk_options: add temporary WinHello workaround
git+noreply at mindrot.org
git+noreply at mindrot.org
Fri Aug 5 15:02:32 AEST 2022
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit 242c044ab111a37aad3b0775727c36a4c5f0102c
Author: Corinna Vinschen <vinschen at redhat.com>
Date: Tue Feb 15 11:28:08 2022 +0100
check_sk_options: add temporary WinHello workaround
Up to libfido 1.10.0, WinHello advertises "clientPin" rather
than "uv" capability. This is fixed in 1.11.0. For the time
being, workaround it here.
Signed-off-by: Corinna Vinschen <vinschen at redhat.com>
---
sk-usbhid.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/sk-usbhid.c b/sk-usbhid.c
index dfe88789..06bf0e85 100644
--- a/sk-usbhid.c
+++ b/sk-usbhid.c
@@ -450,6 +450,15 @@ check_sk_options(fido_dev_t *dev, const char *opt, int *ret)
skdebug(__func__, "device is not fido2");
return 0;
}
+ /*
+ * Workaround required up to libfido2 1.10.0. As soon as 1.11.0
+ * is released and updated in the Cygwin release, we can drop this.
+ */
+ if (fido_dev_is_winhello(dev) && strcmp (opt, "uv") == 0) {
+ skdebug(__func__, "device is winhello");
+ *ret = 1;
+ return 0;
+ }
if ((info = fido_cbor_info_new()) == NULL) {
skdebug(__func__, "fido_cbor_info_new failed");
return -1;
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list