summaryrefslogtreecommitdiff
path: root/configure.ac
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2019-11-14 21:27:29 +0000
committerDamien Miller <djm@mindrot.org>2019-11-15 09:57:30 +1100
commit6bff9521ab9a9f7396d635755c342b72373bb4f9 (patch)
treec434974d93c1b918b1a0ae045f421d247f75f391 /configure.ac
parent4f5e331cb8e11face3025aa6578662dde489c3ad (diff)
upstream: directly support U2F/FIDO2 security keys in OpenSSH by
linking against the (previously external) USB HID middleware. The dlopen() capability still exists for alternate middlewares, e.g. for Bluetooth, NFC and test/debugging. OpenBSD-Commit-ID: 14446cf170ac0351f0d4792ba0bca53024930069
Diffstat (limited to 'configure.ac')
-rw-r--r--configure.ac33
1 files changed, 33 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac
index 70019e03b..6e32374cc 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3061,6 +3061,39 @@ if test "x$enable_sk" = "xyes" ; then
3061fi 3061fi
3062AC_MSG_RESULT([$enable_sk]) 3062AC_MSG_RESULT([$enable_sk])
3063 3063
3064# Now check for built-in security key support.
3065if test "x$enable_sk" = "xyes" ; then
3066 AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no])
3067 use_pkgconfig_for_libfido2=
3068 if test "x$PKGCONFIG" != "xno"; then
3069 AC_MSG_CHECKING([if $PKGCONFIG knows about libfido2])
3070 if "$PKGCONFIG" libfido2; then
3071 AC_MSG_RESULT([yes])
3072 use_pkgconfig_for_libfido2=yes
3073 else
3074 AC_MSG_RESULT([no])
3075 fi
3076 fi
3077 if test "x$use_pkgconfig_for_libfido2" = "xyes"; then
3078 LIBFIDO2=`$PKGCONFIG --libs libfido2`
3079 CPPFLAGS="$CPPFLAGS `$PKGCONFIG --cflags libfido2`"
3080 else
3081 LIBFIDO2="-lfido2 -lcbor"
3082 fi
3083 OTHERLIBS=`echo $LIBFIDO2 | sed 's/-lfido2//'`
3084 AC_CHECK_LIB([fido2], [fido_init],
3085 [
3086 LIBS="$LIBS $LIBFIDO2" # XXX avoid linking to all.
3087 AC_SUBST([LIBFIDO2])
3088 AC_DEFINE([ENABLE_SK_INTERNAL], [],
3089 [Enable for built-in U2F/FIDO support])
3090 enable_sk="built-in"
3091 ],
3092 [ AC_MSG_ERROR([libfido2 not found]) ],
3093 [ $OTHERLIBS ]
3094 )
3095fi
3096
3064AC_CHECK_FUNCS([ \ 3097AC_CHECK_FUNCS([ \
3065 arc4random \ 3098 arc4random \
3066 arc4random_buf \ 3099 arc4random_buf \