upstream: don't prompt for FIDO passphrase before attempting to enroll
the credential, just let the enroll operating fail and we'll attempt to get a PIN anyway. Might avoid some unneccessary PIN prompts. Part of GHPR#302 from Corinna Vinschen; ok dtucker@ OpenBSD-Commit-ID: bd5342ffc353ee37d39617906867c305564d1ce2
This commit is contained in:
parent
2886975c0a
commit
2a108c0ea9
11
ssh-keygen.c
11
ssh-keygen.c
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: ssh-keygen.c,v 1.457 2022/07/20 03:33:22 djm Exp $ */
|
||||
/* $OpenBSD: ssh-keygen.c,v 1.458 2022/08/05 05:01:40 djm Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
|
@ -3288,7 +3288,7 @@ usage(void)
|
|||
int
|
||||
main(int argc, char **argv)
|
||||
{
|
||||
char comment[1024], *passphrase;
|
||||
char comment[1024], *passphrase = NULL;
|
||||
char *rr_hostname = NULL, *ep, *fp, *ra;
|
||||
struct sshkey *private, *public;
|
||||
struct passwd *pw;
|
||||
|
@ -3801,13 +3801,6 @@ main(int argc, char **argv)
|
|||
}
|
||||
if ((attest = sshbuf_new()) == NULL)
|
||||
fatal("sshbuf_new failed");
|
||||
if ((sk_flags &
|
||||
(SSH_SK_USER_VERIFICATION_REQD|SSH_SK_RESIDENT_KEY))) {
|
||||
passphrase = read_passphrase("Enter PIN for "
|
||||
"authenticator: ", RP_ALLOW_STDIN);
|
||||
} else {
|
||||
passphrase = NULL;
|
||||
}
|
||||
r = 0;
|
||||
for (i = 0 ;;) {
|
||||
if (!quiet) {
|
||||
|
|
Loading…
Reference in New Issue