From nobody Fri Apr 15 16:37:17 2022 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 971797EE766; Fri, 15 Apr 2022 16:37:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Kg26j3sg8z3MkD; Fri, 15 Apr 2022 16:37:17 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1650040637; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Q+8yVNRuuOHxokv0M1DHAlmZx0ALRLGSqz/d6XQImlg=; b=NV85HixwUrYe6NxCavUYCup0ssM7c4pHKj+85/gz9CP9WWA78dc21rANTBSJcmDO3kxlDi CLTbzsrwAIGBGoJQI1I2/9E5YMYrIJ6dqwIqISc0qjv+eD07uB/C/L2xX2UWXNJs/s4bC+ qQfMIX1JdxPVVY5xFLhraouHazFAKG99/1YsIbjHiHHpcaiCfXtbeYFRLV8NrLT5ygQwkj QPDfbtKl8HfUvU2wcjxEgFtdNW1I8LiQicUZkkCFDxepH5OGAAC4JQyuO9iXysi/kgYccq HhOY59QfC4YzenJMdSmMKlc5qjpatO926s1icsSI4qyYrddRwN498z8a9e9rlA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 605EF18AA9; Fri, 15 Apr 2022 16:37:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 23FGbHuQ038995; Fri, 15 Apr 2022 16:37:17 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 23FGbHBk038994; Fri, 15 Apr 2022 16:37:17 GMT (envelope-from git) Date: Fri, 15 Apr 2022 16:37:17 GMT Message-Id: <202204151637.23FGbHBk038994@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Ed Maste Subject: git: bf6262c210d4 - stable/13 - ssh: use standalone config file for security key support List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-branches@freebsd.org X-BeenThere: dev-commits-src-branches@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: bf6262c210d49cf52545e3e26de850890ae845ea Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1650040637; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Q+8yVNRuuOHxokv0M1DHAlmZx0ALRLGSqz/d6XQImlg=; b=OkQha169TKmn3m+5juMFeWVUa52AvVkFDWNERTlf3ZUc60cXC+tUmDLK2V3li1ZNUXo3cT dyCI++5nPsTzo4R3/Y3B2oAEpp16TRtq3p4QXlYn2Wi2mjNcqLEeG/xKxS+Ec4359htQbL txBT1jMbEkbqle+DmVLadvnXGgKbUnir0/oVO1Y0hUkCuYPkMmgkivoonjLuDJDCJISt5m 8qiIv/sLoVEw8VHXUIqlyQ9J9tU9G6U/Lt/+fydT5OyvSNK0CFAbKxwQ4fakiW/L9JSRsh /jLplJ88lxS76z1ueicqu0IYTKNxjKxewoW3BTLUap8kU4KEBuyjUIIvuNyLVg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1650040637; a=rsa-sha256; cv=none; b=e4JaU/nFlXiCpKSjHz00+JngMzOn/pDwqSs3M/wy4RpmWLJ5o37aXdfZ1zSkK6RjNZd9No 5ylOjqhLeVXWYzNuQxin7BglwQD7ikizqi/zGaGDkKQYHU8okPs9dJ4oh2EtassDuIooO6 Wk8/FijKUWENXXbFbQko8cHB0w3+W7nAV9j3Gr6WJDkynCrD9nTjevJfXYUfypIkO+NDkX 4JjUW41Xz3tZ3Q66dNql6hmrPB3Y4DChibmzS8CrBbJ95qROgJ2zcNH5xulYMy/nf8J3zb Ws5hF39ahc/4CESZSs2C0667GJ2rb0sxkQuaR2sY1qBv9n5zoGmYvbbRR9dunA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=bf6262c210d49cf52545e3e26de850890ae845ea commit bf6262c210d49cf52545e3e26de850890ae845ea Author: Ed Maste AuthorDate: 2022-03-01 21:42:13 +0000 Commit: Ed Maste CommitDate: 2022-04-15 16:30:21 +0000 ssh: use standalone config file for security key support An upcoming OpenSSH update has multiple config.h settings that change depending on whether builtin security key support is enabled. Prepare for this by moving ENABLE_SK_INTERNAL to a new sk_config.h header (similar to the approach used for optional krb5 support) and optionally including that, instead of defining the macro directly from CFLAGS. Reviewed by: kevans MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D34407 (cherry picked from commit 92ef98b8fa9273049af3cf2fcb4f5e13a6775ff8) --- crypto/openssh/sk_config.h | 1 + secure/ssh.mk | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/crypto/openssh/sk_config.h b/crypto/openssh/sk_config.h new file mode 100644 index 000000000000..b22487587dfc --- /dev/null +++ b/crypto/openssh/sk_config.h @@ -0,0 +1 @@ +#define ENABLE_SK_INTERNAL /**/ diff --git a/secure/ssh.mk b/secure/ssh.mk index 822946253263..9ee533c10eca 100644 --- a/secure/ssh.mk +++ b/secure/ssh.mk @@ -8,5 +8,6 @@ CFLAGS+= -I${SSHDIR} -include ssh_namespace.h SRCS+= ssh_namespace.h .if ${MK_USB} != "no" -CFLAGS+= -DENABLE_SK_INTERNAL=1 +# Built-in security key support +CFLAGS+= -include sk_config.h .endif