[openssh-commits] [openssh] 06/15: upstream: always call fido_init(); previous behaviour only called

[git+noreply at mindrot.org]

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 1e70dc3285fc9b4f6454975acb81e8702c23dd89
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Wed May 13 09:57:17 2020 +0000

    upstream: always call fido_init(); previous behaviour only called
    
    fido_init() when SK_DEBUG was defined. Harmless with current libfido2, but
    this isn't guaranteed in the future.
    
    OpenBSD-Commit-ID: c7ea20ff2bcd98dd12015d748d3672d4f01f0864
---
 sk-usbhid.c | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/sk-usbhid.c b/sk-usbhid.c
index 25250824..8097cc7f 100644
--- a/sk-usbhid.c
+++ b/sk-usbhid.c
@@ -57,6 +57,12 @@
 
 /* #define SK_DEBUG 1 */
 
+#ifdef SK_DEBUG
+#define SSH_FIDO_INIT_ARG	FIDO_DEBUG
+#else
+#define SSH_FIDO_INIT_ARG	0
+#endif
+
 #define MAX_FIDO_DEVICES	256
 
 /* Compatibility with OpenSSH 1.0.x */
@@ -459,9 +465,8 @@ sk_enroll(uint32_t alg, const uint8_t *challenge, size_t challenge_len,
 	int r;
 	char *device = NULL;
 
-#ifdef SK_DEBUG
-	fido_init(FIDO_DEBUG);
-#endif
+	fido_init(SSH_FIDO_INIT_ARG);
+
 	if (enroll_response == NULL) {
 		skdebug(__func__, "enroll_response == NULL");
 		goto out;
@@ -749,9 +754,7 @@ sk_sign(uint32_t alg, const uint8_t *data, size_t datalen,
 	int ret = SSH_SK_ERR_GENERAL;
 	int r;
 
-#ifdef SK_DEBUG
-	fido_init(FIDO_DEBUG);
-#endif
+	fido_init(SSH_FIDO_INIT_ARG);
 
 	if (sign_response == NULL) {
 		skdebug(__func__, "sign_response == NULL");
@@ -995,6 +998,8 @@ sk_load_resident_keys(const char *pin, struct sk_option **options,
 	*rksp = NULL;
 	*nrksp = 0;
 
+	fido_init(SSH_FIDO_INIT_ARG);
+
 	if (check_sign_load_resident_options(options, &device) != 0)
 		goto out; /* error already logged */
 	if (device != NULL) {

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.