diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-11-14 21:27:29 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-11-15 09:57:30 +1100 |
commit | 6bff9521ab9a9f7396d635755c342b72373bb4f9 (patch) | |
tree | c434974d93c1b918b1a0ae045f421d247f75f391 /configure.ac | |
parent | 4f5e331cb8e11face3025aa6578662dde489c3ad (diff) |
upstream: directly support U2F/FIDO2 security keys in OpenSSH by
linking against the (previously external) USB HID middleware. The dlopen()
capability still exists for alternate middlewares, e.g. for Bluetooth, NFC
and test/debugging.
OpenBSD-Commit-ID: 14446cf170ac0351f0d4792ba0bca53024930069
Diffstat (limited to 'configure.ac')
-rw-r--r-- | configure.ac | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac index 70019e03b..6e32374cc 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -3061,6 +3061,39 @@ if test "x$enable_sk" = "xyes" ; then | |||
3061 | fi | 3061 | fi |
3062 | AC_MSG_RESULT([$enable_sk]) | 3062 | AC_MSG_RESULT([$enable_sk]) |
3063 | 3063 | ||
3064 | # Now check for built-in security key support. | ||
3065 | if test "x$enable_sk" = "xyes" ; then | ||
3066 | AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no]) | ||
3067 | use_pkgconfig_for_libfido2= | ||
3068 | if test "x$PKGCONFIG" != "xno"; then | ||
3069 | AC_MSG_CHECKING([if $PKGCONFIG knows about libfido2]) | ||
3070 | if "$PKGCONFIG" libfido2; then | ||
3071 | AC_MSG_RESULT([yes]) | ||
3072 | use_pkgconfig_for_libfido2=yes | ||
3073 | else | ||
3074 | AC_MSG_RESULT([no]) | ||
3075 | fi | ||
3076 | fi | ||
3077 | if test "x$use_pkgconfig_for_libfido2" = "xyes"; then | ||
3078 | LIBFIDO2=`$PKGCONFIG --libs libfido2` | ||
3079 | CPPFLAGS="$CPPFLAGS `$PKGCONFIG --cflags libfido2`" | ||
3080 | else | ||
3081 | LIBFIDO2="-lfido2 -lcbor" | ||
3082 | fi | ||
3083 | OTHERLIBS=`echo $LIBFIDO2 | sed 's/-lfido2//'` | ||
3084 | AC_CHECK_LIB([fido2], [fido_init], | ||
3085 | [ | ||
3086 | LIBS="$LIBS $LIBFIDO2" # XXX avoid linking to all. | ||
3087 | AC_SUBST([LIBFIDO2]) | ||
3088 | AC_DEFINE([ENABLE_SK_INTERNAL], [], | ||
3089 | [Enable for built-in U2F/FIDO support]) | ||
3090 | enable_sk="built-in" | ||
3091 | ], | ||
3092 | [ AC_MSG_ERROR([libfido2 not found]) ], | ||
3093 | [ $OTHERLIBS ] | ||
3094 | ) | ||
3095 | fi | ||
3096 | |||
3064 | AC_CHECK_FUNCS([ \ | 3097 | AC_CHECK_FUNCS([ \ |
3065 | arc4random \ | 3098 | arc4random \ |
3066 | arc4random_buf \ | 3099 | arc4random_buf \ |