aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorEd Maste <emaste@FreeBSD.org>2021-10-07 01:52:05 +0000
committerEd Maste <emaste@FreeBSD.org>2021-10-22 23:57:57 +0000
commit7b1e19ad78c6a3f84f81cb1a16a39500f0337062 (patch)
tree382d61f76d3f23295343cd549cee776a68bd55ed /lib
parent362c6d8dec6dfbedc5717e45769042279a1dd3df (diff)
downloadsrc-7b1e19ad78c6a3f84f81cb1a16a39500f0337062.tar.gz
src-7b1e19ad78c6a3f84f81cb1a16a39500f0337062.zip
Add libfido2 to the build
From https://github.com/Yubico/libfido2: libfido2 provides library functionality and command-line tools to communicate with a FIDO device over USB, and to verify attestation and assertion signatures. libfido2 supports the FIDO U2F (CTAP 1) and FIDO 2.0 (CTAP 2) protocols. libfido2 will be used by ssh to support FIDO/U2F keys. It is currently intended only for use by ssh, and so is installed as a PRIVATELIB and is placed in the ssh pkgbase package. This is currently disabled for the 32-bit library build as libfido2 is not compatible with the COMPAT_32BIT hack in usb_ioctl.h. Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D32448
Diffstat (limited to 'lib')
-rw-r--r--lib/Makefile2
-rw-r--r--lib/libfido2/Makefile73
2 files changed, 74 insertions, 1 deletions
diff --git a/lib/Makefile b/lib/Makefile
index d39bbd37c910..81ace36ba990 100644
--- a/lib/Makefile
+++ b/lib/Makefile
@@ -216,7 +216,7 @@ SUBDIR.${MK_BHYVE}+= libvmmapi
SUBDIR.${MK_OPENMP}+= libomp
.endif
.if !defined(COMPAT_32BIT)
-SUBDIR.${MK_OPENSSH}+= libcbor
+SUBDIR.${MK_OPENSSH}+= libcbor libfido2
.endif
SUBDIR.${MK_OPENSSL}+= libmp
SUBDIR.${MK_PF}+= libpfctl
diff --git a/lib/libfido2/Makefile b/lib/libfido2/Makefile
new file mode 100644
index 000000000000..edf737b9dafc
--- /dev/null
+++ b/lib/libfido2/Makefile
@@ -0,0 +1,73 @@
+PACKAGE=ssh
+LIB= fido2
+PRIVATELIB=
+DIST= ${SRCTOP}/contrib/libfido2
+
+.PATH: ${DIST}/src ${DIST}
+
+SRCS+= aes256.c
+SRCS+= assert.c
+SRCS+= authkey.c
+SRCS+= bio.c
+SRCS+= blob.c
+SRCS+= buf.c
+SRCS+= cbor.c
+SRCS+= compress.c
+SRCS+= config.c
+SRCS+= cred.c
+SRCS+= credman.c
+SRCS+= dev.c
+SRCS+= ecdh.c
+SRCS+= eddsa.c
+SRCS+= err.c
+SRCS+= es256.c
+SRCS+= hid_freebsd.c
+SRCS+= hid_unix.c
+SRCS+= hid.c
+SRCS+= info.c
+SRCS+= io.c
+SRCS+= iso7816.c
+SRCS+= largeblob.c
+SRCS+= log.c
+SRCS+= pin.c
+SRCS+= random.c
+SRCS+= reset.c
+SRCS+= rs256.c
+SRCS+= u2f.c
+
+SRCS+= openbsd-compat/freezero.c
+SRCS+= openbsd-compat/recallocarray.c
+
+CFLAGS+= -I ${DIST}/src -I${SRCTOP}/contrib/libcbor/src -I${.CURDIR}/../libcbor
+CFLAGS+= -D_FIDO_INTERNAL
+CFLAGS+= -DHAVE_ARC4RANDOM_BUF
+CFLAGS+= -DHAVE_CLOCK_GETTIME
+CFLAGS+= -DHAVE_DEV_URANDOM
+CFLAGS+= -DHAVE_ERR_H
+CFLAGS+= -DHAVE_EXPLICIT_BZERO
+CFLAGS+= -DHAVE_GETLINE
+CFLAGS+= -DHAVE_GETOPT
+CFLAGS+= -DHAVE_GETPAGESIZE
+CFLAGS+= -DHAVE_GETRANDOM
+CFLAGS+= -DHAVE_OPENSSLV_H
+CFLAGS+= -DHAVE_READPASSPHRASE
+CFLAGS+= -DHAVE_SIGNAL_H
+CFLAGS+= -DHAVE_STRLCAT
+CFLAGS+= -DHAVE_STRLCPY
+CFLAGS+= -DHAVE_STRSEP
+CFLAGS+= -DHAVE_SYSCONF
+CFLAGS+= -DHAVE_SYS_RANDOM_H
+CFLAGS+= -DHAVE_TIMESPECSUB
+CFLAGS+= -DHAVE_TIMINGSAFE_BCMP
+CFLAGS+= -DHAVE_UNISTD_H
+CFLAGS+= -DTLS=__thread
+CFLAGS+= -D_FIDO_MAJOR=1
+CFLAGS+= -D_FIDO_MINOR=9
+CFLAGS+= -D_FIDO_PATCH=0
+
+LIBADD= crypto z
+
+WARNS=2
+MAN=
+
+.include <bsd.lib.mk>