Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 15 Apr 2022 16:37:17 GMT
From:      Ed Maste <emaste@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: bf6262c210d4 - stable/13 - ssh: use standalone config file for security key support
Message-ID:  <202204151637.23FGbHBk038994@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch stable/13 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=bf6262c210d49cf52545e3e26de850890ae845ea

commit bf6262c210d49cf52545e3e26de850890ae845ea
Author:     Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2022-03-01 21:42:13 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2022-04-15 16:30:21 +0000

    ssh: use standalone config file for security key support
    
    An upcoming OpenSSH update has multiple config.h settings that change
    depending on whether builtin security key support is enabled.  Prepare
    for this by moving ENABLE_SK_INTERNAL to a new sk_config.h header
    (similar to the approach used for optional krb5 support) and optionally
    including that, instead of defining the macro directly from CFLAGS.
    
    Reviewed by:    kevans
    MFC after:      2 weeks
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D34407
    
    (cherry picked from commit 92ef98b8fa9273049af3cf2fcb4f5e13a6775ff8)
---
 crypto/openssh/sk_config.h | 1 +
 secure/ssh.mk              | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/crypto/openssh/sk_config.h b/crypto/openssh/sk_config.h
new file mode 100644
index 000000000000..b22487587dfc
--- /dev/null
+++ b/crypto/openssh/sk_config.h
@@ -0,0 +1 @@
+#define ENABLE_SK_INTERNAL /**/
diff --git a/secure/ssh.mk b/secure/ssh.mk
index 822946253263..9ee533c10eca 100644
--- a/secure/ssh.mk
+++ b/secure/ssh.mk
@@ -8,5 +8,6 @@ CFLAGS+= -I${SSHDIR} -include ssh_namespace.h
 SRCS+=	 ssh_namespace.h
 
 .if ${MK_USB} != "no"
-CFLAGS+=	-DENABLE_SK_INTERNAL=1
+# Built-in security key support
+CFLAGS+= -include sk_config.h
 .endif

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202204151637.23FGbHBk038994>