From 1e70dc3285fc9b4f6454975acb81e8702c23dd89 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 13 May 2020 09:57:17 +0000 Subject: [PATCH] upstream: always call fido_init(); previous behaviour only called fido_init() when SK_DEBUG was defined. Harmless with current libfido2, but this isn't guaranteed in the future. OpenBSD-Commit-ID: c7ea20ff2bcd98dd12015d748d3672d4f01f0864 --- sk-usbhid.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/sk-usbhid.c b/sk-usbhid.c index 25250824d..8097cc7f4 100644 --- a/sk-usbhid.c +++ b/sk-usbhid.c @@ -57,6 +57,12 @@ /* #define SK_DEBUG 1 */ +#ifdef SK_DEBUG +#define SSH_FIDO_INIT_ARG FIDO_DEBUG +#else +#define SSH_FIDO_INIT_ARG 0 +#endif + #define MAX_FIDO_DEVICES 256 /* Compatibility with OpenSSH 1.0.x */ @@ -459,9 +465,8 @@ sk_enroll(uint32_t alg, const uint8_t *challenge, size_t challenge_len, int r; char *device = NULL; -#ifdef SK_DEBUG - fido_init(FIDO_DEBUG); -#endif + fido_init(SSH_FIDO_INIT_ARG); + if (enroll_response == NULL) { skdebug(__func__, "enroll_response == NULL"); goto out; @@ -749,9 +754,7 @@ sk_sign(uint32_t alg, const uint8_t *data, size_t datalen, int ret = SSH_SK_ERR_GENERAL; int r; -#ifdef SK_DEBUG - fido_init(FIDO_DEBUG); -#endif + fido_init(SSH_FIDO_INIT_ARG); if (sign_response == NULL) { skdebug(__func__, "sign_response == NULL"); @@ -995,6 +998,8 @@ sk_load_resident_keys(const char *pin, struct sk_option **options, *rksp = NULL; *nrksp = 0; + fido_init(SSH_FIDO_INIT_ARG); + if (check_sign_load_resident_options(options, &device) != 0) goto out; /* error already logged */ if (device != NULL) {