diff options
| author | Lennart Poettering <lennart@poettering.net> | 2021-05-28 18:18:54 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2021-06-01 13:31:53 +0200 |
| commit | 17e7561a973495992014dd102135f15eb808ae01 (patch) | |
| tree | 2ee7ecb59582619e814b9662171f75374521d7ea /src/home/user-record-util.h | |
| parent | 7dba77a67ed334d9336b89371b0601661609d277 (diff) | |
| download | systemd-17e7561a973495992014dd102135f15eb808ae01.tar.gz | |
homectl: store FIDO2 up/uv/clientPin fields in user records too
This catches up homed's FIDO2 support with cryptsetup's: we'll now store
the uv/up/clientPin configuration at enrollment in the user record JSON
data, and use it when authenticating with it.
This also adds explicit "uv" support: we'll only allow it to happen when
the client explicity said it's OK. This is then used by clients to print
a nice message suggesting "uv" has to take place before retrying
allowing it this time. This is modelled after the existing handling for
"up".
Diffstat (limited to 'src/home/user-record-util.h')
| -rw-r--r-- | src/home/user-record-util.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/home/user-record-util.h b/src/home/user-record-util.h index f7cc4e04eb..74f4a0eaab 100644 --- a/src/home/user-record-util.h +++ b/src/home/user-record-util.h @@ -52,6 +52,7 @@ int user_record_set_hashed_password(UserRecord *h, char **hashed_password); int user_record_set_token_pin(UserRecord *h, char **pin, bool prepend); int user_record_set_pkcs11_protected_authentication_path_permitted(UserRecord *h, int b); int user_record_set_fido2_user_presence_permitted(UserRecord *h, int b); +int user_record_set_fido2_user_verification_permitted(UserRecord *h, int b); int user_record_set_password_change_now(UserRecord *h, int b); int user_record_merge_secret(UserRecord *h, UserRecord *secret); int user_record_good_authentication(UserRecord *h); |