mirror of
https://github.com/systemd/systemd.git
synced 2024-10-31 16:21:26 +03:00
fido2: properly handle case when no PINs are specified during auth
Also, drop redundant check for has_client_pin, which can never happen, since we already filtered this case a bit further up.
This commit is contained in:
parent
ec543d18d4
commit
1ce8f69dbd
@ -325,15 +325,15 @@ static int fido2_use_hmac_hash_specific_token(
|
||||
if (FLAGS_SET(required, FIDO2ENROLL_PIN)) {
|
||||
char **i;
|
||||
|
||||
if (!has_client_pin)
|
||||
log_warning("Weird, device asked for client PIN, but does not advertise it as feature. Ignoring.");
|
||||
|
||||
/* OK, we needed a pin, try with all pins in turn */
|
||||
STRV_FOREACH(i, pins) {
|
||||
r = sym_fido_dev_get_assert(d, a, *i);
|
||||
if (r != FIDO_ERR_PIN_INVALID)
|
||||
break;
|
||||
}
|
||||
/* OK, we need a pin, try with all pins in turn */
|
||||
if (strv_isempty(pins))
|
||||
r = FIDO_ERR_PIN_REQUIRED;
|
||||
else
|
||||
STRV_FOREACH(i, pins) {
|
||||
r = sym_fido_dev_get_assert(d, a, *i);
|
||||
if (r != FIDO_ERR_PIN_INVALID)
|
||||
break;
|
||||
}
|
||||
} else
|
||||
r = sym_fido_dev_get_assert(d, a, NULL);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user