From nobody Wed Mar 02 14:35:59 2022 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id A431A19F59E7; Wed, 2 Mar 2022 14:35:59 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4K7xW34BJzz56cL; Wed, 2 Mar 2022 14:35:59 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1646231759; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=k9X2NUug47506vlH8VWNcaFNopF4/ImAr8RKALDfrsA=; b=IpZgb+6PJc7ff60FOTufD5X4QFch4iT3JqwRVIM3XqhgfvvrpWBouTmnf+AXB+6QGxmBkf j9vK6EzM1lzBE1zexlpMoEBNfionvtsgakcOwE41v9CY4XFSUP3+J/7Uysp/2RZdt+T6kW sTMbngjPMVbhaeFiTr5lerv0kz3Vw1EyjMl8ZF1p+W8FrW8yYfdqrnFD3YmnZQJa73Q//o hvKmw1S5Uiw41oEugO7flEed9ZVrev00BUCYunxfLxir7aeoIse8uWAEjrxlU64xMIyH88 eI4SkQ1Gtfgjmfo7evWT6Lx0xBkspujXCkcNpY2JBehjNepsjLvA5P5yQzP3tQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 706EC24E72; Wed, 2 Mar 2022 14:35:59 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 222EZxQs074029; Wed, 2 Mar 2022 14:35:59 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 222EZxmi074028; Wed, 2 Mar 2022 14:35:59 GMT (envelope-from git) Date: Wed, 2 Mar 2022 14:35:59 GMT Message-Id: <202203021435.222EZxmi074028@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Ed Maste Subject: git: 92ef98b8fa92 - main - ssh: use standalone config file for security key support List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 92ef98b8fa9273049af3cf2fcb4f5e13a6775ff8 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1646231759; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=k9X2NUug47506vlH8VWNcaFNopF4/ImAr8RKALDfrsA=; b=qTnqeqpA43NepNM8cLM+MYI66ghqNtMj7TM/KgUWlTV9FqCbMJQH0QpY8dOMEF5BcFZsW8 xx4IATAlXWnkv4Wc+pRj0lnZp0PnEAVfdh5C//gEHrnrcXQ28II2CGxL5FTbPdSYwGkwsD YNEgMjTzb2BH/85SJVrn5Ou9zGe63XroStquPo020Ys6Fq5MHQIcoEI/4ZGKjYC7SGsaGk WyZwMKxKUAPZAIpoD7EPJ2Crd0JXm6PmNvXcey5BBnSaZS6jlhTP63D1Qr8M89ppaA6gLQ 2K+bFCdlswca5y9TZAv/0552tZXc6ZlnMb7pIIDBWW/k7uanbufqQdJffqac3g== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1646231759; a=rsa-sha256; cv=none; b=bSTo0iJ1lqD6V3xd97mqpvhAwz+Dlx/qs4QLVmmNDnwxZ4oWvHL7A7YPY7eJNhxrL030k9 7oXkrn/PG/99qp/ZUbGUlB1cn0tOMzdkNJVoj3ibQ9OOm7aPvNeR9+FxJhinDOq+li4Ae+ GMOZPnEVAyNCcMOpkhQx0ZAvTmeEqEidc02AOtQmXx1l51CiEzz/oywJzOgqKphrE5ra2d yhQVyKgoG9baSk3ScfIOaRz0R72393g1YV4RfER47MyK5smZ7oObdzuInA7ZqaFCLvAtCo GHnv47m9RDkv9sS+X1jYLBtRyKlieRUgI5ZwoPZHa68P7OYYjeLb7tasKEyMXA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=92ef98b8fa9273049af3cf2fcb4f5e13a6775ff8 commit 92ef98b8fa9273049af3cf2fcb4f5e13a6775ff8 Author: Ed Maste AuthorDate: 2022-03-01 21:42:13 +0000 Commit: Ed Maste CommitDate: 2022-03-02 14:35:12 +0000 ssh: use standalone config file for security key support An upcoming OpenSSH update has multiple config.h settings that change depending on whether builtin security key support is enabled. Prepare for this by moving ENABLE_SK_INTERNAL to a new sk_config.h header (similar to the approach used for optional krb5 support) and optionally including that, instead of defining the macro directly from CFLAGS. Reviewed by: kevans MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D34407 --- crypto/openssh/sk_config.h | 1 + secure/ssh.mk | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/crypto/openssh/sk_config.h b/crypto/openssh/sk_config.h new file mode 100644 index 000000000000..b22487587dfc --- /dev/null +++ b/crypto/openssh/sk_config.h @@ -0,0 +1 @@ +#define ENABLE_SK_INTERNAL /**/ diff --git a/secure/ssh.mk b/secure/ssh.mk index 822946253263..9ee533c10eca 100644 --- a/secure/ssh.mk +++ b/secure/ssh.mk @@ -8,5 +8,6 @@ CFLAGS+= -I${SSHDIR} -include ssh_namespace.h SRCS+= ssh_namespace.h .if ${MK_USB} != "no" -CFLAGS+= -DENABLE_SK_INTERNAL=1 +# Built-in security key support +CFLAGS+= -include sk_config.h .endif