summaryrefslogtreecommitdiffstats
path: root/lib/libfido2 (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Back-out USB data toggle fix for HID devices, since we received multiplemglocker2021-02-151-0/+66
| | | | | | reports about broken devices, e.g. for ukbd(4) and fido(4). ok mpi@
* Remove the terrible_ping_kludge() workaround. We have committed a fix tomglocker2021-02-051-66/+0
| | | | | | | the USB stack in the meantime for uhidev(4) and ugen(4) to resolve the data toggle issue in relation to xhci(4). ok gnezdo@, djm@
* sync a couple of minor fixes (no API/ABI change) to bring libfido2djm2020-09-074-4/+10
| | | | in line with upstream 1.5.0
* check errno against EINTR; not return value from poll()djm2020-08-231-1/+1
| | | | spotted by Pedro Martelletto
* update to libfido2 46710ac06, picking up a few API changesdjm2020-08-239-37/+45
| | | | | | ok tb@ deraadt@ NB. major crank
* sync with upstream libfido2 rev 2fa20b889, picking up ~7 monthsdjm2020-08-1140-224/+1066
| | | | | | of fixes and a few new APIs that we'd like to use in OpenSSH ok deraadt@
* It appears we have come full-circle, where source code starts to usederaadt2020-02-071-4/+2
| | | | | | clang / "super new gcc" ism's, in particular ones which are totally pointless as far as language goes. Delete them.
* update to upstream libfido2 780ad3c25 (20120123)djm2020-02-0763-1063/+1800
| | | | | | | | install manual pages crank major feedback & ok jmc@ and naddy@
* Add fido(4), a HID driver for FIDO/U2F security keysreyk2019-12-172-76/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | While FIDO/U2F keys were already supported by the generic uhid(4) driver, this driver adds the first step to tighten the security of FIDO/U2F access. Specifically, users don't need read/write access to all USB/HID devices anymore and the driver also improves integration with pledge(2) and unveil(2): It is pledge-friendly because it doesn't require any ioctls to discover the device and unveil-friendly because it uses a single /dev/fido/* directory for its device nodes. It also allows to support FIDO/U2F in firefox without further weakening the "sandbox" of the browser. Firefox does not have a proper privsep design and many operations, such as U2F access, are handled directly by the main process. This means that the browser's "fat" main process needs direct read/write access to all USB HID devices, at least on other operating systems. With fido(4) we can support security keys in Firefox under OpenBSD without such a compromise. With this change, libfido2 stops using the ioctl to query the device vendor/product and just assumes "OpenBSD" "fido(4)" instead. The ioctl is still supported but there was no benefit in obtaining the vendor product or name; it also allows to use libfido2 under pledge. With feedback from deraadt@ and many others OK kettenis@ djm@ and jmc@ for the manpage bits
* sync upstream commit with manpage fixes from jmc@djm2019-11-2717-59/+59
| | | | | | | | > commit 437896dcafc67d9596774c3bb9f97bfdb4810bb1 > Author: pedro martelletto <pedro@yubico.com> > Date: Wed Nov 20 09:38:22 2019 +0100 > > man: mop up dangling .Xr's; Jason McIntyre <jmc@openbsd.org>
* Sync documentation fixes from upstream:djm2019-11-1928-660/+39
| | | | | | | | | | | commit 99c4cb00b50b846e4ba2492f67d44171de8c7066 Author: pedro martelletto <pedro@yubico.com> Date: Mon Nov 18 16:55:37 2019 +0100 documentation fixes ensure man pages are named after existing functions; pointed out by Jason McIntyre <jmc@openbsd.org>; thanks!
* our older gcc requires forced -std=c99deraadt2019-11-151-2/+2
|
* LDADD for libcbor and libusbhiddjm2019-11-141-1/+4
|
* extra whitespacederaadt2019-11-141-1/+0
|
* import libfido2 (git HEAD). This library allows communication withdjm2019-11-1470-0/+14154
U2F/FIDO2 devices over USB. feedback and "start the churn" deraadt@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.