diff -Nru yubikey-personalization-1.15.1/69-yubikey.rules yubikey-personalization-1.16.0/69-yubikey.rules --- yubikey-personalization-1.15.1/69-yubikey.rules 2013-11-18 13:21:00.000000000 +0000 +++ yubikey-personalization-1.16.0/69-yubikey.rules 2014-09-23 11:28:18.000000000 +0000 @@ -4,7 +4,7 @@ # device node, needed for challenge/response to work correctly. # Yubico Yubikey II -ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0010|0110|0111", \ +ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0010|0110|0111|114|116", \ ENV{ID_SECURITY_TOKEN}="1" LABEL="yubico_end" diff -Nru yubikey-personalization-1.15.1/70-yubikey.rules yubikey-personalization-1.16.0/70-yubikey.rules --- yubikey-personalization-1.15.1/70-yubikey.rules 2013-11-18 13:21:00.000000000 +0000 +++ yubikey-personalization-1.16.0/70-yubikey.rules 2014-09-23 11:28:18.000000000 +0000 @@ -3,6 +3,6 @@ # device node, needed for challenge/response to work correctly. ACTION=="add|change", SUBSYSTEM=="usb", \ - ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0010|0110|0111", \ + ATTRS{idVendor}=="1050", ATTRS{idProduct}=="0010|0110|0111|114|116", \ TEST=="/var/run/ConsoleKit/database", \ RUN+="udev-acl --action=$env{ACTION} --device=$env{DEVNAME}" diff -Nru yubikey-personalization-1.15.1/aclocal.m4 yubikey-personalization-1.16.0/aclocal.m4 --- yubikey-personalization-1.15.1/aclocal.m4 2014-03-07 12:18:19.000000000 +0000 +++ yubikey-personalization-1.16.0/aclocal.m4 2014-09-23 11:52:38.000000000 +0000 @@ -1,4 +1,4 @@ -# generated automatically by aclocal 1.13.3 -*- Autoconf -*- +# generated automatically by aclocal 1.14.1 -*- Autoconf -*- # Copyright (C) 1996-2013 Free Software Foundation, Inc. @@ -32,10 +32,10 @@ # generated from the m4 files accompanying Automake X.Y. # (This private macro should not be called outside this file.) AC_DEFUN([AM_AUTOMAKE_VERSION], -[am__api_version='1.13' +[am__api_version='1.14' dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to dnl require some minimum version. Point them to the right macro. -m4_if([$1], [1.13.3], [], +m4_if([$1], [1.14.1], [], [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl ]) @@ -51,7 +51,7 @@ # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. # This function is AC_REQUIREd by AM_INIT_AUTOMAKE. AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], -[AM_AUTOMAKE_VERSION([1.13.3])dnl +[AM_AUTOMAKE_VERSION([1.14.1])dnl m4_ifndef([AC_AUTOCONF_VERSION], [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) @@ -76,7 +76,8 @@ : ${AR=ar} AC_CACHE_CHECK([the archiver ($AR) interface], [am_cv_ar_interface], - [am_cv_ar_interface=ar + [AC_LANG_PUSH([C]) + am_cv_ar_interface=ar AC_COMPILE_IFELSE([AC_LANG_SOURCE([[int some_variable = 0;]])], [am_ar_try='$AR cru libconftest.a conftest.$ac_objext >&AS_MESSAGE_LOG_FD' AC_TRY_EVAL([am_ar_try]) @@ -93,7 +94,7 @@ fi rm -f conftest.lib libconftest.a ]) - ]) + AC_LANG_POP([C])]) case $am_cv_ar_interface in ar) @@ -477,6 +478,12 @@ # This macro actually does too much. Some checks are only needed if # your package does certain things. But this isn't really a big deal. +dnl Redefine AC_PROG_CC to automatically invoke _AM_PROG_CC_C_O. +m4_define([AC_PROG_CC], +m4_defn([AC_PROG_CC]) +[_AM_PROG_CC_C_O +]) + # AM_INIT_AUTOMAKE(PACKAGE, VERSION, [NO-DEFINE]) # AM_INIT_AUTOMAKE([OPTIONS]) # ----------------------------------------------- @@ -585,7 +592,48 @@ AC_CONFIG_COMMANDS_PRE(dnl [m4_provide_if([_AM_COMPILER_EXEEXT], [AM_CONDITIONAL([am__EXEEXT], [test -n "$EXEEXT"])])])dnl -]) + +# POSIX will say in a future version that running "rm -f" with no argument +# is OK; and we want to be able to make that assumption in our Makefile +# recipes. So use an aggressive probe to check that the usage we want is +# actually supported "in the wild" to an acceptable degree. +# See automake bug#10828. +# To make any issue more visible, cause the running configure to be aborted +# by default if the 'rm' program in use doesn't match our expectations; the +# user can still override this though. +if rm -f && rm -fr && rm -rf; then : OK; else + cat >&2 <<'END' +Oops! + +Your 'rm' program seems unable to run without file operands specified +on the command line, even when the '-f' option is present. This is contrary +to the behaviour of most rm programs out there, and not conforming with +the upcoming POSIX standard: + +Please tell bug-automake@gnu.org about your system, including the value +of your $PATH and any error possibly output before this message. This +can help us improve future automake versions. + +END + if test x"$ACCEPT_INFERIOR_RM_PROGRAM" = x"yes"; then + echo 'Configuration will proceed anyway, since you have set the' >&2 + echo 'ACCEPT_INFERIOR_RM_PROGRAM variable to "yes"' >&2 + echo >&2 + else + cat >&2 <<'END' +Aborting the configuration process, to ensure you take notice of the issue. + +You can download and install GNU coreutils to get an 'rm' implementation +that behaves properly: . + +If you want to complete the configuration process using your problematic +'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM +to "yes", and re-run configure. + +END + AC_MSG_ERROR([Your 'rm' program is bad, sorry.]) + fi +fi]) dnl Hook into '_AC_COMPILER_EXEEXT' early to learn its expansion. Do not dnl add the conditional right here, as _AC_COMPILER_EXEEXT may be further @@ -593,7 +641,6 @@ m4_define([_AC_COMPILER_EXEEXT], m4_defn([_AC_COMPILER_EXEEXT])[m4_provide([_AM_COMPILER_EXEEXT])]) - # When config.status generates a header, we must update the stamp-h file. # This file resides in the same directory as the config header # that is generated. The stamp files are numbered to have different names. @@ -775,6 +822,70 @@ AC_DEFUN([_AM_IF_OPTION], [m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])]) +# Copyright (C) 1999-2013 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# _AM_PROG_CC_C_O +# --------------- +# Like AC_PROG_CC_C_O, but changed for automake. We rewrite AC_PROG_CC +# to automatically call this. +AC_DEFUN([_AM_PROG_CC_C_O], +[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl +AC_REQUIRE_AUX_FILE([compile])dnl +AC_LANG_PUSH([C])dnl +AC_CACHE_CHECK( + [whether $CC understands -c and -o together], + [am_cv_prog_cc_c_o], + [AC_LANG_CONFTEST([AC_LANG_PROGRAM([])]) + # Make sure it works both with $CC and with simple cc. + # Following AC_PROG_CC_C_O, we do the test twice because some + # compilers refuse to overwrite an existing .o file with -o, + # though they will create one. + am_cv_prog_cc_c_o=yes + for am_i in 1 2; do + if AM_RUN_LOG([$CC -c conftest.$ac_ext -o conftest2.$ac_objext]) \ + && test -f conftest2.$ac_objext; then + : OK + else + am_cv_prog_cc_c_o=no + break + fi + done + rm -f core conftest* + unset am_i]) +if test "$am_cv_prog_cc_c_o" != yes; then + # Losing compiler, so override with the script. + # FIXME: It is wrong to rewrite CC. + # But if we don't then we get into trouble of one sort or another. + # A longer-term fix would be to have automake use am__CC in this case, + # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" + CC="$am_aux_dir/compile $CC" +fi +AC_LANG_POP([C])]) + +# For backward compatibility. +AC_DEFUN_ONCE([AM_PROG_CC_C_O], [AC_REQUIRE([AC_PROG_CC])]) + +# Copyright (C) 2001-2013 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_RUN_LOG(COMMAND) +# ------------------- +# Run COMMAND, save the exit status in ac_status, and log it. +# (This has been adapted from Autoconf's _AC_RUN_LOG macro.) +AC_DEFUN([AM_RUN_LOG], +[{ echo "$as_me:$LINENO: $1" >&AS_MESSAGE_LOG_FD + ($1) >&AS_MESSAGE_LOG_FD 2>&AS_MESSAGE_LOG_FD + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&AS_MESSAGE_LOG_FD + (exit $ac_status); }]) + # Check to make sure that the build environment is sane. -*- Autoconf -*- # Copyright (C) 1996-2013 Free Software Foundation, Inc. diff -Nru yubikey-personalization-1.15.1/build-aux/compile yubikey-personalization-1.16.0/build-aux/compile --- yubikey-personalization-1.15.1/build-aux/compile 1970-01-01 00:00:00.000000000 +0000 +++ yubikey-personalization-1.16.0/build-aux/compile 2014-08-26 13:07:48.000000000 +0000 @@ -0,0 +1,347 @@ +#! /bin/sh +# Wrapper for compilers which do not understand '-c -o'. + +scriptversion=2012-10-14.11; # UTC + +# Copyright (C) 1999-2013 Free Software Foundation, Inc. +# Written by Tom Tromey . +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# This file is maintained in Automake, please report +# bugs to or send patches to +# . + +nl=' +' + +# We need space, tab and new line, in precisely that order. Quoting is +# there to prevent tools from complaining about whitespace usage. +IFS=" "" $nl" + +file_conv= + +# func_file_conv build_file lazy +# Convert a $build file to $host form and store it in $file +# Currently only supports Windows hosts. If the determined conversion +# type is listed in (the comma separated) LAZY, no conversion will +# take place. +func_file_conv () +{ + file=$1 + case $file in + / | /[!/]*) # absolute file, and not a UNC file + if test -z "$file_conv"; then + # lazily determine how to convert abs files + case `uname -s` in + MINGW*) + file_conv=mingw + ;; + CYGWIN*) + file_conv=cygwin + ;; + *) + file_conv=wine + ;; + esac + fi + case $file_conv/,$2, in + *,$file_conv,*) + ;; + mingw/*) + file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'` + ;; + cygwin/*) + file=`cygpath -m "$file" || echo "$file"` + ;; + wine/*) + file=`winepath -w "$file" || echo "$file"` + ;; + esac + ;; + esac +} + +# func_cl_dashL linkdir +# Make cl look for libraries in LINKDIR +func_cl_dashL () +{ + func_file_conv "$1" + if test -z "$lib_path"; then + lib_path=$file + else + lib_path="$lib_path;$file" + fi + linker_opts="$linker_opts -LIBPATH:$file" +} + +# func_cl_dashl library +# Do a library search-path lookup for cl +func_cl_dashl () +{ + lib=$1 + found=no + save_IFS=$IFS + IFS=';' + for dir in $lib_path $LIB + do + IFS=$save_IFS + if $shared && test -f "$dir/$lib.dll.lib"; then + found=yes + lib=$dir/$lib.dll.lib + break + fi + if test -f "$dir/$lib.lib"; then + found=yes + lib=$dir/$lib.lib + break + fi + if test -f "$dir/lib$lib.a"; then + found=yes + lib=$dir/lib$lib.a + break + fi + done + IFS=$save_IFS + + if test "$found" != yes; then + lib=$lib.lib + fi +} + +# func_cl_wrapper cl arg... +# Adjust compile command to suit cl +func_cl_wrapper () +{ + # Assume a capable shell + lib_path= + shared=: + linker_opts= + for arg + do + if test -n "$eat"; then + eat= + else + case $1 in + -o) + # configure might choose to run compile as 'compile cc -o foo foo.c'. + eat=1 + case $2 in + *.o | *.[oO][bB][jJ]) + func_file_conv "$2" + set x "$@" -Fo"$file" + shift + ;; + *) + func_file_conv "$2" + set x "$@" -Fe"$file" + shift + ;; + esac + ;; + -I) + eat=1 + func_file_conv "$2" mingw + set x "$@" -I"$file" + shift + ;; + -I*) + func_file_conv "${1#-I}" mingw + set x "$@" -I"$file" + shift + ;; + -l) + eat=1 + func_cl_dashl "$2" + set x "$@" "$lib" + shift + ;; + -l*) + func_cl_dashl "${1#-l}" + set x "$@" "$lib" + shift + ;; + -L) + eat=1 + func_cl_dashL "$2" + ;; + -L*) + func_cl_dashL "${1#-L}" + ;; + -static) + shared=false + ;; + -Wl,*) + arg=${1#-Wl,} + save_ifs="$IFS"; IFS=',' + for flag in $arg; do + IFS="$save_ifs" + linker_opts="$linker_opts $flag" + done + IFS="$save_ifs" + ;; + -Xlinker) + eat=1 + linker_opts="$linker_opts $2" + ;; + -*) + set x "$@" "$1" + shift + ;; + *.cc | *.CC | *.cxx | *.CXX | *.[cC]++) + func_file_conv "$1" + set x "$@" -Tp"$file" + shift + ;; + *.c | *.cpp | *.CPP | *.lib | *.LIB | *.Lib | *.OBJ | *.obj | *.[oO]) + func_file_conv "$1" mingw + set x "$@" "$file" + shift + ;; + *) + set x "$@" "$1" + shift + ;; + esac + fi + shift + done + if test -n "$linker_opts"; then + linker_opts="-link$linker_opts" + fi + exec "$@" $linker_opts + exit 1 +} + +eat= + +case $1 in + '') + echo "$0: No command. Try '$0 --help' for more information." 1>&2 + exit 1; + ;; + -h | --h*) + cat <<\EOF +Usage: compile [--help] [--version] PROGRAM [ARGS] + +Wrapper for compilers which do not understand '-c -o'. +Remove '-o dest.o' from ARGS, run PROGRAM with the remaining +arguments, and rename the output as expected. + +If you are trying to build a whole package this is not the +right script to run: please start by reading the file 'INSTALL'. + +Report bugs to . +EOF + exit $? + ;; + -v | --v*) + echo "compile $scriptversion" + exit $? + ;; + cl | *[/\\]cl | cl.exe | *[/\\]cl.exe ) + func_cl_wrapper "$@" # Doesn't return... + ;; +esac + +ofile= +cfile= + +for arg +do + if test -n "$eat"; then + eat= + else + case $1 in + -o) + # configure might choose to run compile as 'compile cc -o foo foo.c'. + # So we strip '-o arg' only if arg is an object. + eat=1 + case $2 in + *.o | *.obj) + ofile=$2 + ;; + *) + set x "$@" -o "$2" + shift + ;; + esac + ;; + *.c) + cfile=$1 + set x "$@" "$1" + shift + ;; + *) + set x "$@" "$1" + shift + ;; + esac + fi + shift +done + +if test -z "$ofile" || test -z "$cfile"; then + # If no '-o' option was seen then we might have been invoked from a + # pattern rule where we don't need one. That is ok -- this is a + # normal compilation that the losing compiler can handle. If no + # '.c' file was seen then we are probably linking. That is also + # ok. + exec "$@" +fi + +# Name of file we expect compiler to create. +cofile=`echo "$cfile" | sed 's|^.*[\\/]||; s|^[a-zA-Z]:||; s/\.c$/.o/'` + +# Create the lock directory. +# Note: use '[/\\:.-]' here to ensure that we don't use the same name +# that we are using for the .o file. Also, base the name on the expected +# object file name, since that is what matters with a parallel build. +lockdir=`echo "$cofile" | sed -e 's|[/\\:.-]|_|g'`.d +while true; do + if mkdir "$lockdir" >/dev/null 2>&1; then + break + fi + sleep 1 +done +# FIXME: race condition here if user kills between mkdir and trap. +trap "rmdir '$lockdir'; exit 1" 1 2 15 + +# Run the compile. +"$@" +ret=$? + +if test -f "$cofile"; then + test "$cofile" = "$ofile" || mv "$cofile" "$ofile" +elif test -f "${cofile}bj"; then + test "${cofile}bj" = "$ofile" || mv "${cofile}bj" "$ofile" +fi + +rmdir "$lockdir" +exit $ret + +# Local Variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: diff -Nru yubikey-personalization-1.15.1/build-aux/ltmain.sh yubikey-personalization-1.16.0/build-aux/ltmain.sh --- yubikey-personalization-1.15.1/build-aux/ltmain.sh 2013-12-20 09:13:31.000000000 +0000 +++ yubikey-personalization-1.16.0/build-aux/ltmain.sh 2014-08-26 13:07:46.000000000 +0000 @@ -70,7 +70,7 @@ # compiler: $LTCC # compiler flags: $LTCFLAGS # linker: $LD (gnu? $with_gnu_ld) -# $progname: (GNU libtool) 2.4.2 Debian-2.4.2-1.3ubuntu1 +# $progname: (GNU libtool) 2.4.2 Debian-2.4.2-1.7ubuntu1 # automake: $automake_version # autoconf: $autoconf_version # @@ -80,7 +80,7 @@ PROGRAM=libtool PACKAGE=libtool -VERSION="2.4.2 Debian-2.4.2-1.3ubuntu1" +VERSION="2.4.2 Debian-2.4.2-1.7ubuntu1" TIMESTAMP="" package_revision=1.3337 diff -Nru yubikey-personalization-1.15.1/build-aux/missing yubikey-personalization-1.16.0/build-aux/missing --- yubikey-personalization-1.15.1/build-aux/missing 2013-12-20 09:13:35.000000000 +0000 +++ yubikey-personalization-1.16.0/build-aux/missing 2014-08-26 13:07:49.000000000 +0000 @@ -1,7 +1,7 @@ #! /bin/sh # Common wrapper for a few potentially missing GNU programs. -scriptversion=2012-06-26.16; # UTC +scriptversion=2013-10-28.13; # UTC # Copyright (C) 1996-2013 Free Software Foundation, Inc. # Originally written by Fran,cois Pinard , 1996. @@ -160,7 +160,7 @@ ;; autom4te*) echo "You might have modified some maintainer files that require" - echo "the 'automa4te' program to be rebuilt." + echo "the 'autom4te' program to be rebuilt." program_details 'autom4te' ;; bison*|yacc*) diff -Nru yubikey-personalization-1.15.1/build-aux/test-driver yubikey-personalization-1.16.0/build-aux/test-driver --- yubikey-personalization-1.15.1/build-aux/test-driver 2013-12-20 09:13:35.000000000 +0000 +++ yubikey-personalization-1.16.0/build-aux/test-driver 2014-08-26 13:07:49.000000000 +0000 @@ -1,7 +1,7 @@ #! /bin/sh # test-driver - basic testsuite driver script. -scriptversion=2012-06-27.10; # UTC +scriptversion=2013-07-13.22; # UTC # Copyright (C) 2011-2013 Free Software Foundation, Inc. # @@ -44,13 +44,12 @@ Usage: test-driver --test-name=NAME --log-file=PATH --trs-file=PATH [--expect-failure={yes|no}] [--color-tests={yes|no}] - [--enable-hard-errors={yes|no}] [--] TEST-SCRIPT + [--enable-hard-errors={yes|no}] [--] + TEST-SCRIPT [TEST-SCRIPT-ARGUMENTS] The '--test-name', '--log-file' and '--trs-file' options are mandatory. END } -# TODO: better error handling in option parsing (in particular, ensure -# TODO: $log_file, $trs_file and $test_name are defined). test_name= # Used for reporting. log_file= # Where to save the output of the test script. trs_file= # Where to save the metadata of the test run. @@ -69,10 +68,23 @@ --enable-hard-errors) enable_hard_errors=$2; shift;; --) shift; break;; -*) usage_error "invalid option: '$1'";; + *) break;; esac shift done +missing_opts= +test x"$test_name" = x && missing_opts="$missing_opts --test-name" +test x"$log_file" = x && missing_opts="$missing_opts --log-file" +test x"$trs_file" = x && missing_opts="$missing_opts --trs-file" +if test x"$missing_opts" != x; then + usage_error "the following mandatory options are missing:$missing_opts" +fi + +if test $# -eq 0; then + usage_error "missing argument" +fi + if test $color_tests = yes; then # Keep this in sync with 'lib/am/check.am:$(am__tty_colors)'. red='' # Red. diff -Nru yubikey-personalization-1.15.1/ChangeLog yubikey-personalization-1.16.0/ChangeLog --- yubikey-personalization-1.15.1/ChangeLog 2014-03-12 07:13:15.000000000 +0000 +++ yubikey-personalization-1.16.0/ChangeLog 2014-09-26 07:47:00.000000000 +0000 @@ -1,3 +1,173 @@ +2014-09-26 Klas Lindfors + + * NEWS: release 1.16.0 + +2014-09-26 Simon Josefsson + + * ykcore/ykdef.h: Typo. + +2014-09-24 Klas Lindfors + + * NEWS: NEWS + +2014-09-24 Klas Lindfors + + * ykcore/ykcore_osx.c: look at usagePage and usage to make sure we + get a keyboard interface + +2014-09-23 Klas Lindfors + + * NEWS: preparing NEWS for 1.16.0 + +2014-09-23 Klas Lindfors + + * ykcore/ykcore_libusb.c: fixup libusb vid/pid function + +2014-09-23 Klas Lindfors + + * ykinfo.c: let ykinfo print vid/pid + +2014-09-23 Klas Lindfors + + * configure.ac, libykpers-1.map, ykcore/ykcore.c, ykcore/ykcore.h: + add yk_get_key_vid_pid() to get the vid and pid of an opened device + +2014-09-23 Klas Lindfors + + * ykcore/ykcore_backend.h, ykcore/ykcore_libusb-1.0.c, + ykcore/ykcore_libusb.c, ykcore/ykcore_osx.c, ykcore/ykcore_stub.c, + ykcore/ykcore_windows.c: add a function for the backend to expose + vid/pid of an opened device + +2014-09-04 Simon Josefsson + + * ykpers4win.mk: Abstract. + +2014-09-04 Simon Josefsson + + * doc/Make-Release.asciidoc: Fix markup. + +2014-09-04 Simon Josefsson + + * NEWS: Version 1.15.3. + +2014-09-04 Simon Josefsson + + * BLURB, Makefile.am, NEWS, README, configure.ac, ykchalresp.1, + ykinfo.1, ykpers4mac.mk, ykpers4win.mk, ykpersonalize.1, + ykpersonalize.c: Fix URLs for opensource.y.com -> developers.y.com + move. + +2014-09-04 Simon Josefsson + + * NEWS, doc/Compatibility.asciidoc: Doc fix. + +2014-09-04 Simon Josefsson + + * : Merge remote-tracking branch 'remotes/origin/feature/v3.3' into + upstream-master + +2014-08-14 Klas Lindfors + + * 69-yubikey.rules, 70-yubikey.rules: add new pids to the udev rules + +2014-08-14 Klas Lindfors + + * ykcore/ykdef.h: correct comment for U2F + CCID mode + +2014-08-14 Klas Lindfors + + * ykpersonalize.1: add documentation for new mode flags + +2014-08-12 Klas Lindfors + + * : commit ef1274821bf0a74da856e23ae84acf3615d7e5ef Author: Klas + Lindfors Date: Wed Jul 30 11:09:53 2014 +0200 + +2014-07-30 Klas Lindfors + + * NEWS, configure.ac: bump versions after release + +2014-07-30 Klas Lindfors + + * NEWS: NEWS for 1.15.2 + +2014-07-28 Klas Lindfors + + * ykcore/ykcore.c: add the new otp pids when opening key + +2014-07-28 Klas Lindfors + + * tests/test_args_to_config.c: drop const on argv variables since the parse function isn't const + +2014-07-28 Klas Lindfors + + * ykcore/ykdef.h: update ykdef for version 3.3 + +2014-07-28 Klas Lindfors + + * tests/test_yk_utilities.c, ykcore/ykcore.c: whitelist firmware 3.3 + +2014-06-24 Klas Lindfors + + * .gitignore, Makefile.am, tests/Makefile.am, tests/ykpers-args.c, + tests/ykpers-args.h: re-work linking of ykpers-args so the test is linked in a sane way.. + +2014-06-19 Klas Lindfors + + * ykcore/ykcore.c: when YK_DEBUG is configured, dump all writes + +2014-06-19 Klas Lindfors + + * ykpersonalize.c: actually check return states when dealing with + ndef there is a very real risk of trying to do a to long write, that + isn't reported before this fix. relates to #45 + +2014-05-28 Klas Lindfors + + * README.adoc: test add README.adoc -> README symlink + +2014-04-28 Klas Lindfors + + * ykpers-json.c: defint json_bool for older json-c + +2014-04-28 Klas Lindfors + + * configure.ac, ykpers-json.c: json_object_object_get() is + deprecated from json-c 0.11 but only added in 0.10, so add a configure check for it and a macro + that calls json_object_object_get_ex() if it's available. resolves #44 + +2014-04-28 Klas Lindfors + + * ykpers.c: let strncpy copy \0 as well.. + +2014-04-28 Klas Lindfors + + * ykpersonalize.c: read in key even if we're importing a + configuration + +2014-04-28 Klas Lindfors + + * ykpers-json.c: slight refactor of duplicated code to set options + from json object + +2014-04-23 Klas Lindfors + + * ykpersonalize.c: set error to true from the start instead of + reassigning + +2014-03-25 Klas Lindfors + + * tests/test_yk_utilities.c, ykcore/ykcore.c: whitelist 2.5 firmware + +2014-03-17 Klas Lindfors + + * : Merge pull request #43 from eworm-de/var use macro for response size + +2014-03-12 Klas Lindfors + + * NEWS, configure.ac: bump versions after release + 2014-03-12 Klas Lindfors * NEWS: NEWS for 1.15.1 diff -Nru yubikey-personalization-1.15.1/configure yubikey-personalization-1.16.0/configure --- yubikey-personalization-1.15.1/configure 2014-03-07 12:18:20.000000000 +0000 +++ yubikey-personalization-1.16.0/configure 2014-09-23 11:52:39.000000000 +0000 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for yubikey-personalization 1.15.1. +# Generated by GNU Autoconf 2.69 for yubikey-personalization 1.16.0. # # Report bugs to . # @@ -590,10 +590,10 @@ # Identity of this package. PACKAGE_NAME='yubikey-personalization' PACKAGE_TARNAME='ykpers' -PACKAGE_VERSION='1.15.1' -PACKAGE_STRING='yubikey-personalization 1.15.1' +PACKAGE_VERSION='1.16.0' +PACKAGE_STRING='yubikey-personalization 1.16.0' PACKAGE_BUGREPORT='yubico-devel@googlegroups.com' -PACKAGE_URL='http://opensource.yubico.com/yubikey-personalization/' +PACKAGE_URL='https://developers.yubico.com/yubikey-personalization/' # Factoring default headers for most tests. ac_includes_default="\ @@ -1368,7 +1368,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures yubikey-personalization 1.15.1 to adapt to many kinds of systems. +\`configure' configures yubikey-personalization 1.16.0 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1438,7 +1438,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of yubikey-personalization 1.15.1:";; + short | recursive ) echo "Configuration of yubikey-personalization 1.16.0:";; esac cat <<\_ACEOF @@ -1506,7 +1506,7 @@ it to find libraries and programs with nonstandard names/locations. Report bugs to . -yubikey-personalization home page: . +yubikey-personalization home page: . _ACEOF ac_status=$? fi @@ -1569,7 +1569,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -yubikey-personalization configure 1.15.1 +yubikey-personalization configure 1.16.0 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1847,7 +1847,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by yubikey-personalization $as_me 1.15.1, which was +It was created by yubikey-personalization $as_me 1.16.0, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -2230,14 +2230,14 @@ # Interfaces changed/added/removed: CURRENT++ REVISION=0 # Interfaces added: AGE++ # Interfaces removed: AGE=0 -LT_CURRENT=16 +LT_CURRENT=17 -LT_REVISION=1 +LT_REVISION=0 -LT_AGE=15 +LT_AGE=16 -am__api_version='1.13' +am__api_version='1.14' # Find a good install program. We prefer a C program (faster), # so one script is as good as another. But avoid the broken or @@ -2723,7 +2723,7 @@ # Define the identity of the package. PACKAGE='ykpers' - VERSION='1.15.1' + VERSION='1.16.0' cat >>confdefs.h <<_ACEOF @@ -2774,6 +2774,47 @@ +# POSIX will say in a future version that running "rm -f" with no argument +# is OK; and we want to be able to make that assumption in our Makefile +# recipes. So use an aggressive probe to check that the usage we want is +# actually supported "in the wild" to an acceptable degree. +# See automake bug#10828. +# To make any issue more visible, cause the running configure to be aborted +# by default if the 'rm' program in use doesn't match our expectations; the +# user can still override this though. +if rm -f && rm -fr && rm -rf; then : OK; else + cat >&2 <<'END' +Oops! + +Your 'rm' program seems unable to run without file operands specified +on the command line, even when the '-f' option is present. This is contrary +to the behaviour of most rm programs out there, and not conforming with +the upcoming POSIX standard: + +Please tell bug-automake@gnu.org about your system, including the value +of your $PATH and any error possibly output before this message. This +can help us improve future automake versions. + +END + if test x"$ACCEPT_INFERIOR_RM_PROGRAM" = x"yes"; then + echo 'Configuration will proceed anyway, since you have set the' >&2 + echo 'ACCEPT_INFERIOR_RM_PROGRAM variable to "yes"' >&2 + echo >&2 + else + cat >&2 <<'END' +Aborting the configuration process, to ensure you take notice of the issue. + +You can download and install GNU coreutils to get an 'rm' implementation +that behaves properly: . + +If you want to complete the configuration process using your problematic +'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM +to "yes", and re-run configure. + +END + as_fn_error $? "Your 'rm' program is bad, sorry." "$LINENO" 5 + fi +fi # Check whether --enable-silent-rules was given. if test "${enable_silent_rules+set}" = set; then : enableval=$enable_silent_rules; @@ -3601,6 +3642,65 @@ ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC understands -c and -o together" >&5 +$as_echo_n "checking whether $CC understands -c and -o together... " >&6; } +if ${am_cv_prog_cc_c_o+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF + # Make sure it works both with $CC and with simple cc. + # Following AC_PROG_CC_C_O, we do the test twice because some + # compilers refuse to overwrite an existing .o file with -o, + # though they will create one. + am_cv_prog_cc_c_o=yes + for am_i in 1 2; do + if { echo "$as_me:$LINENO: $CC -c conftest.$ac_ext -o conftest2.$ac_objext" >&5 + ($CC -c conftest.$ac_ext -o conftest2.$ac_objext) >&5 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } \ + && test -f conftest2.$ac_objext; then + : OK + else + am_cv_prog_cc_c_o=no + break + fi + done + rm -f core conftest* + unset am_i +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_cc_c_o" >&5 +$as_echo "$am_cv_prog_cc_c_o" >&6; } +if test "$am_cv_prog_cc_c_o" != yes; then + # Losing compiler, so override with the script. + # FIXME: It is wrong to rewrite CC. + # But if we don't then we get into trouble of one sort or another. + # A longer-term fix would be to have automake use am__CC in this case, + # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" + CC="$am_aux_dir/compile $CC" +fi +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + DEPDIR="${am__leading_dot}deps" ac_config_commands="$ac_config_commands depfiles" @@ -4325,7 +4425,13 @@ if ${am_cv_ar_interface+:} false; then : $as_echo_n "(cached) " >&6 else - am_cv_ar_interface=ar + ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + am_cv_ar_interface=ar cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int some_variable = 0; @@ -4356,6 +4462,11 @@ fi rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_ar_interface" >&5 @@ -5496,7 +5607,8 @@ ;; *) lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null` - if test -n "$lt_cv_sys_max_cmd_len"; then + if test -n "$lt_cv_sys_max_cmd_len" && \ + test undefined != "$lt_cv_sys_max_cmd_len"; then lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` else @@ -5894,10 +6006,6 @@ fi ;; -gnu*) - lt_cv_deplibs_check_method=pass_all - ;; - haiku*) lt_cv_deplibs_check_method=pass_all ;; @@ -5936,7 +6044,7 @@ ;; # This must be glibc/ELF. -linux* | k*bsd*-gnu | kopensolaris*-gnu) +linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) lt_cv_deplibs_check_method=pass_all ;; @@ -7014,7 +7122,7 @@ rm -rf conftest* ;; -x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \ +x86_64-*kfreebsd*-gnu|x86_64-*linux*|powerpc*-*linux*| \ s390*-*linux*|s390*-*tpf*|sparc*-*linux*) # Find out which ABI we are using. echo 'int i;' > conftest.$ac_ext @@ -7030,9 +7138,19 @@ LD="${LD-ld} -m elf_i386_fbsd" ;; x86_64-*linux*) - LD="${LD-ld} -m elf_i386" + case `/usr/bin/file conftest.o` in + *x86-64*) + LD="${LD-ld} -m elf32_x86_64" + ;; + *) + LD="${LD-ld} -m elf_i386" + ;; + esac + ;; + powerpc64le-*) + LD="${LD-ld} -m elf32lppclinux" ;; - ppc64-*linux*|powerpc64-*linux*) + powerpc64-*) LD="${LD-ld} -m elf32ppclinux" ;; s390x-*linux*) @@ -7051,7 +7169,10 @@ x86_64-*linux*) LD="${LD-ld} -m elf_x86_64" ;; - ppc*-*linux*|powerpc*-*linux*) + powerpcle-*) + LD="${LD-ld} -m elf64lppc" + ;; + powerpc-*) LD="${LD-ld} -m elf64ppc" ;; s390*-*linux*|s390*-*tpf*) @@ -8857,7 +8978,7 @@ lt_prog_compiler_static='-non_shared' ;; - linux* | k*bsd*-gnu | kopensolaris*-gnu) + linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) case $cc_basename in # old Intel for x86_64 which still supported -KPIC. ecc*) @@ -11027,17 +11148,6 @@ esac ;; -gnu*) - version_type=linux # correct to gnu/linux during the next big refactor - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - haiku*) version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no @@ -11154,7 +11264,7 @@ ;; # This must be glibc/ELF. -linux* | k*bsd*-gnu | kopensolaris*-gnu) +linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no @@ -13091,7 +13201,7 @@ if test "$ac_cv_libyubikey" != yes; then - as_fn_error $? "libyubikey v1.5+ not found, see http://opensource.yubico.com/yubico-c/" "$LINENO" 5 + as_fn_error $? "libyubikey v1.5+ not found, see https://developers.yubico.com/yubico-c/" "$LINENO" 5 fi @@ -14664,6 +14774,17 @@ fi done +for ac_func in json_object_object_get_ex +do : + ac_fn_c_check_func "$LINENO" "json_object_object_get_ex" "ac_cv_func_json_object_object_get_ex" +if test "x$ac_cv_func_json_object_object_get_ex" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_JSON_OBJECT_OBJECT_GET_EX 1 +_ACEOF + +fi +done + CFLAGS=$am_save_CFLAGS LIBS=$am_save_LIBS @@ -15795,7 +15916,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by yubikey-personalization $as_me 1.15.1, which was +This file was extended by yubikey-personalization $as_me 1.16.0, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -15847,13 +15968,13 @@ $config_commands Report bugs to . -yubikey-personalization home page: ." +yubikey-personalization home page: ." _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -yubikey-personalization config.status 1.15.1 +yubikey-personalization config.status 1.16.0 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -Nru yubikey-personalization-1.15.1/configure.ac yubikey-personalization-1.16.0/configure.ac --- yubikey-personalization-1.15.1/configure.ac 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/configure.ac 2014-09-23 11:52:31.000000000 +0000 @@ -26,9 +26,9 @@ # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -AC_INIT([yubikey-personalization], [1.15.1], +AC_INIT([yubikey-personalization], [1.16.0], [yubico-devel@googlegroups.com], [ykpers], - [http://opensource.yubico.com/yubikey-personalization/]) + [https://developers.yubico.com/yubikey-personalization/]) AC_CONFIG_AUX_DIR([build-aux]) AC_CONFIG_MACRO_DIR([m4]) @@ -36,9 +36,9 @@ # Interfaces changed/added/removed: CURRENT++ REVISION=0 # Interfaces added: AGE++ # Interfaces removed: AGE=0 -AC_SUBST(LT_CURRENT, 16) -AC_SUBST(LT_REVISION, 1) -AC_SUBST(LT_AGE, 15) +AC_SUBST(LT_CURRENT, 17) +AC_SUBST(LT_REVISION, 0) +AC_SUBST(LT_AGE, 16) AM_INIT_AUTOMAKE([1.11.3 -Wall -Werror]) AM_SILENT_RULES([yes]) @@ -62,7 +62,7 @@ [#include ], [yubikey_modhex_p("foo")]) if test "$ac_cv_libyubikey" != yes; then - AC_MSG_ERROR([libyubikey v1.5+ not found, see http://opensource.yubico.com/yubico-c/]) + AC_MSG_ERROR([libyubikey v1.5+ not found, see https://developers.yubico.com/yubico-c/]) fi AC_ARG_WITH([backend], @@ -142,6 +142,7 @@ CFLAGS="$CFLAGS $libjson_CFLAGS" LIBS="$LIBS $libjson_LIBS" AC_CHECK_FUNCS([json_object_to_json_string_ext]) +AC_CHECK_FUNCS([json_object_object_get_ex]) CFLAGS=$am_save_CFLAGS LIBS=$am_save_LIBS diff -Nru yubikey-personalization-1.15.1/debian/changelog yubikey-personalization-1.16.0/debian/changelog --- yubikey-personalization-1.15.1/debian/changelog 2014-06-09 21:01:16.000000000 +0000 +++ yubikey-personalization-1.16.0/debian/changelog 2014-10-01 14:51:23.000000000 +0000 @@ -1,3 +1,27 @@ +yubikey-personalization (1.16.0-1) unstable; urgency=low + + * New upstream release. + * Update Standards-Version to 3.9.6. + * Add new symbols. + + -- Simon Josefsson Wed, 01 Oct 2014 16:46:59 +0200 + +yubikey-personalization (1.15.3-1) unstable; urgency=low + + * New upstream release. + * Update copyright file with URL and new copyright years. + * Update URL in watch file. + + -- Simon Josefsson Thu, 04 Sep 2014 11:53:59 +0200 + +yubikey-personalization (1.15.2-1) unstable; urgency=low + + * New upstream release. + * Move VC to github. + * Fix upstream homepage URL. + + -- Simon Josefsson Mon, 04 Aug 2014 14:52:25 +0200 + yubikey-personalization (1.15.1-4) unstable; urgency=low * Make udev dependency linux-any. Closes: #749912. diff -Nru yubikey-personalization-1.15.1/debian/control yubikey-personalization-1.16.0/debian/control --- yubikey-personalization-1.15.1/debian/control 2014-06-09 21:01:16.000000000 +0000 +++ yubikey-personalization-1.16.0/debian/control 2014-10-01 14:51:23.000000000 +0000 @@ -4,10 +4,10 @@ Maintainer: Tollef Fog Heen Uploaders: Simon Josefsson , Klas Lindfors , Dain Nilsson Build-Depends: debhelper (>= 9), autotools-dev, libusb-1.0-0-dev [!hurd-i386], libusb-dev [hurd-i386], libyubikey-dev(>= 1.5), libjson-c-dev, chrpath, pkg-config, dh-autoreconf, udev [linux-any] -Standards-Version: 3.9.5 -Homepage: http://yubico.github.io/yubikey-personalization/ -Vcs-Git: git://git.err.no/yubikey-personalization/ -Vcs-Browser: http://git.err.no/cgi-bin/gitweb.cgi?p=yubikey-personalization;a=summary +Standards-Version: 3.9.6 +Homepage: https://developers.yubico.com/yubikey-personalization/ +Vcs-Git: git://github.com/Yubico/yubikey-personalization-dpkg.git +Vcs-Browser: https://github.com/Yubico/yubikey-personalization-dpkg Package: yubikey-personalization Architecture: any diff -Nru yubikey-personalization-1.15.1/debian/copyright yubikey-personalization-1.16.0/debian/copyright --- yubikey-personalization-1.15.1/debian/copyright 2014-06-09 21:01:16.000000000 +0000 +++ yubikey-personalization-1.16.0/debian/copyright 2014-10-01 14:51:23.000000000 +0000 @@ -1,11 +1,11 @@ Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: Yubikey Personalization -Source: http://code.google.com/p/yubikey-personalization/ +Source: https://developers.yubico.com/yubikey-personalization/ https://github.com/Yubico/yubikey-personalization Files: * Copyright: - Copyright (c) 2008-2013 Yubico AB + Copyright (c) 2008-2014 Yubico AB Copyright (c) 2009-2010 Tollef Fog Heen Copyright (c) 2009 Christer Kaivo-oja Copyright (c) 2010 Simon Josefsson diff -Nru yubikey-personalization-1.15.1/debian/libykpers-1-1.symbols yubikey-personalization-1.16.0/debian/libykpers-1-1.symbols --- yubikey-personalization-1.15.1/debian/libykpers-1-1.symbols 2014-06-09 21:01:16.000000000 +0000 +++ yubikey-personalization-1.16.0/debian/libykpers-1-1.symbols 2014-10-01 14:51:23.000000000 +0000 @@ -157,3 +157,5 @@ ykp_AES_key_from_raw@LIBYKPERS_1.15 1.15.0 ykp_HMAC_key_from_raw@LIBYKPERS_1.15 1.15.0 ykp_get_supported_key_length@LIBYKPERS_1.15 1.15.0 + LIBYKPERS_1.16@LIBYKPERS_1.16 1.16.0 + yk_get_key_vid_pid@LIBYKPERS_1.16 1.16.0 diff -Nru yubikey-personalization-1.15.1/debian/README.source yubikey-personalization-1.16.0/debian/README.source --- yubikey-personalization-1.15.1/debian/README.source 2014-06-09 21:01:16.000000000 +0000 +++ yubikey-personalization-1.16.0/debian/README.source 2014-10-01 14:51:23.000000000 +0000 @@ -16,42 +16,42 @@ Example initial checkout: -$ git clone git@git.err.no:yubikey-personalization yubikey-personalization-dpkg -$ cd yubikey-personalization-dpkg -$ git config gitpkg.deb-export-hook /usr/share/gitpkg/hooks/quilt-patches-deb-export-hook -$ git config gitpkg.pre-export-hook /usr/share/gitpkg/hooks/pristine-tar-pre-export-hook -$ git config gitpkg.create-fake-orig false -$ git config gitpkg.force-overwrite-orig false +git clone git@github.com:Yubico/yubikey-personalization-dpkg.git +cd yubikey-personalization-dpkg +git config gitpkg.deb-export-hook /usr/share/gitpkg/hooks/quilt-patches-deb-export-hook +git config gitpkg.pre-export-hook /usr/share/gitpkg/hooks/pristine-tar-pre-export-hook +git config gitpkg.create-fake-orig false +git config gitpkg.force-overwrite-orig false To merge in a new upstream version do: -$ git remote add yubico git@github.com:Yubico/yubikey-personalization.git -$ git pull yubico -$ git checkout master -$ git merge -$ git checkout debian -$ git merge master -[update debian/ files and commit as appropriate] -$ git tag -s yubikey-personalization_$debversion +git remote add yubico git@github.com:Yubico/yubikey-personalization.git +git pull yubico +git checkout master +git merge +git checkout debian +git merge master +# update debian/ files and commit as appropriate +git tag -s yubikey-personalization_$debversion Preserve the upstream tarball: -$ cp ../path/to/ykpers-X.Y.Z.tar.gz yubikey-personalization_X.Y.Z.orig.tar.gz -$ pristine-tar commit yubikey-personalization_X.Y.Z.orig.tar.gz master +cp ../path/to/ykpers-X.Y.Z.tar.gz yubikey-personalization_X.Y.Z.orig.tar.gz +pristine-tar commit yubikey-personalization_X.Y.Z.orig.tar.gz master To build the package you first initialize cowbuilder, for example: -$ sudo cowbuilder --create --distribution sid --mirror http://http.debian.net/debian --debootstrapopts "--keyring=/usr/share/keyrings/debian-archive-keyring.gpg" --basepath /var/cache/pbuilder/base-debian-sid.cow +sudo cowbuilder --create --distribution sid --mirror http://http.debian.net/debian --debootstrapopts "--keyring=/usr/share/keyrings/debian-archive-keyring.gpg" --basepath /var/cache/pbuilder/base-debian-sid.cow Optionally update cowbuilder: -$ sudo cowbuilder --update --basepath /var/cache/pbuilder/base-debian-sid.cow +sudo cowbuilder --update --basepath /var/cache/pbuilder/base-debian-sid.cow Build the package: -$ gitpkg HEAD -$ cd ../deb-packages/yubikey-personalization/yubikey-personalization-$VER/ -$ pdebuild --auto-debsign --pbuilder cowbuilder -- --twice --basepath /var/cache/pbuilder/base-debian-sid.cow +gitpkg HEAD +cd ../deb-packages/yubikey-personalization/yubikey-personalization-$VER/ +pdebuild --auto-debsign --pbuilder cowbuilder -- --twice --basepath /var/cache/pbuilder/base-debian-sid.cow If all goes well, you should have newly built packages in /var/cache/pbuilder/result/. diff -Nru yubikey-personalization-1.15.1/debian/source/options yubikey-personalization-1.16.0/debian/source/options --- yubikey-personalization-1.15.1/debian/source/options 2014-06-09 21:01:16.000000000 +0000 +++ yubikey-personalization-1.16.0/debian/source/options 2014-10-01 14:51:23.000000000 +0000 @@ -1 +1 @@ -diff-ignore=build-and-test.sh|.travis.yml|.gitignore|.gitmodules|contrib/draft-josefsson-yubikey-config.xml|ykpers4mac.mk|tests/ykpers-args.h|tests/ykpers-args.c|BLURB +diff-ignore=build-and-test.sh|.travis.yml|.gitignore|.gitmodules|contrib/draft-josefsson-yubikey-config.xml|ykpers4mac.mk|tests/ykpers-args.h|tests/ykpers-args.c|BLURB|README.adoc diff -Nru yubikey-personalization-1.15.1/debian/watch yubikey-personalization-1.16.0/debian/watch --- yubikey-personalization-1.15.1/debian/watch 2014-06-09 21:01:16.000000000 +0000 +++ yubikey-personalization-1.16.0/debian/watch 2014-10-01 14:51:23.000000000 +0000 @@ -1,3 +1,3 @@ version=3 opts=pgpsigurlmangle=s/$/.sig/ \ - http://opensource.yubico.com/yubikey-personalization/releases.html releases/ykpers-(.*)\.tar\.gz + https://developers.yubico.com/yubikey-personalization/releases.html releases/ykpers-(.*)\.tar\.gz diff -Nru yubikey-personalization-1.15.1/doc/Compatibility.asciidoc yubikey-personalization-1.16.0/doc/Compatibility.asciidoc --- yubikey-personalization-1.15.1/doc/Compatibility.asciidoc 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/doc/Compatibility.asciidoc 2014-09-23 11:28:18.000000000 +0000 @@ -24,6 +24,8 @@ |1.11.0 |3.0 |3.x series is the Neo |1.12.0 |2.4 & 3.1| |1.15.0 |3.2 | +|1.15.2 |2.5 | +|1.15.3 |3.3 | |========================================================= diff -Nru yubikey-personalization-1.15.1/doc/Make-Release.asciidoc yubikey-personalization-1.16.0/doc/Make-Release.asciidoc --- yubikey-personalization-1.15.1/doc/Make-Release.asciidoc 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/doc/Make-Release.asciidoc 2014-09-23 11:28:18.000000000 +0000 @@ -1,5 +1,5 @@ Maintainer instructions for making releases -=============================== +=========================================== Introduction ------------ diff -Nru yubikey-personalization-1.15.1/.gitignore yubikey-personalization-1.16.0/.gitignore --- yubikey-personalization-1.15.1/.gitignore 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/.gitignore 2014-06-24 10:40:11.000000000 +0000 @@ -15,6 +15,7 @@ build-aux/ltmain.sh build-aux/missing build-aux/test-driver +build-aux/compile config.log config.status configure @@ -22,6 +23,7 @@ hmac.o libtool libykpers-1.la +libykpers_args.la m4/libtool.m4 m4/ltoptions.m4 m4/ltsugar.m4 @@ -103,6 +105,7 @@ ykpers-*.tar.gz ykpers-*.tar.gz.sig ykpers-1.pc +ykpers-args.lo ykpers-args.o ykpers-json.lo ykpers-json.o diff -Nru yubikey-personalization-1.15.1/INSTALL yubikey-personalization-1.16.0/INSTALL --- yubikey-personalization-1.15.1/INSTALL 2012-06-07 12:20:59.000000000 +0000 +++ yubikey-personalization-1.16.0/INSTALL 2014-08-26 13:07:49.000000000 +0000 @@ -1,7 +1,7 @@ Installation Instructions ************************* -Copyright (C) 1994-1996, 1999-2002, 2004-2011 Free Software Foundation, +Copyright (C) 1994-1996, 1999-2002, 2004-2013 Free Software Foundation, Inc. Copying and distribution of this file, with or without modification, @@ -12,8 +12,8 @@ Basic Installation ================== - Briefly, the shell commands `./configure; make; make install' should -configure, build, and install this package. The following + Briefly, the shell command `./configure && make && make install' +should configure, build, and install this package. The following more-detailed instructions are generic; see the `README' file for instructions specific to this package. Some packages provide this `INSTALL' file but do not implement all of the features documented @@ -309,9 +309,10 @@ overridden in the site shell script). Unfortunately, this technique does not work for `CONFIG_SHELL' due to -an Autoconf bug. Until the bug is fixed you can use this workaround: +an Autoconf limitation. Until the limitation is lifted, you can use +this workaround: - CONFIG_SHELL=/bin/bash /bin/bash ./configure CONFIG_SHELL=/bin/bash + CONFIG_SHELL=/bin/bash ./configure CONFIG_SHELL=/bin/bash `configure' Invocation ====================== @@ -367,4 +368,3 @@ `configure' also accepts some other, not widely useful, options. Run `configure --help' for more details. - diff -Nru yubikey-personalization-1.15.1/libykpers-1.map yubikey-personalization-1.16.0/libykpers-1.map --- yubikey-personalization-1.15.1/libykpers-1.map 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/libykpers-1.map 2014-09-23 11:52:31.000000000 +0000 @@ -251,3 +251,10 @@ ykp_HMAC_key_from_raw; # Variables: } LIBYKPERS_1.14; + +LIBYKPERS_1.16 { + global: +# Functions: + yk_get_key_vid_pid; +# Variables: +} LIBYKPERS_1.15; diff -Nru yubikey-personalization-1.15.1/m4/libtool.m4 yubikey-personalization-1.16.0/m4/libtool.m4 --- yubikey-personalization-1.15.1/m4/libtool.m4 2012-06-07 12:20:56.000000000 +0000 +++ yubikey-personalization-1.16.0/m4/libtool.m4 2014-08-26 13:07:46.000000000 +0000 @@ -1312,7 +1312,7 @@ rm -rf conftest* ;; -x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \ +x86_64-*kfreebsd*-gnu|x86_64-*linux*|powerpc*-*linux*| \ s390*-*linux*|s390*-*tpf*|sparc*-*linux*) # Find out which ABI we are using. echo 'int i;' > conftest.$ac_ext @@ -1324,9 +1324,19 @@ LD="${LD-ld} -m elf_i386_fbsd" ;; x86_64-*linux*) - LD="${LD-ld} -m elf_i386" + case `/usr/bin/file conftest.o` in + *x86-64*) + LD="${LD-ld} -m elf32_x86_64" + ;; + *) + LD="${LD-ld} -m elf_i386" + ;; + esac + ;; + powerpc64le-*) + LD="${LD-ld} -m elf32lppclinux" ;; - ppc64-*linux*|powerpc64-*linux*) + powerpc64-*) LD="${LD-ld} -m elf32ppclinux" ;; s390x-*linux*) @@ -1345,7 +1355,10 @@ x86_64-*linux*) LD="${LD-ld} -m elf_x86_64" ;; - ppc*-*linux*|powerpc*-*linux*) + powerpcle-*) + LD="${LD-ld} -m elf64lppc" + ;; + powerpc-*) LD="${LD-ld} -m elf64ppc" ;; s390*-*linux*|s390*-*tpf*) @@ -1688,7 +1701,8 @@ ;; *) lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null` - if test -n "$lt_cv_sys_max_cmd_len"; then + if test -n "$lt_cv_sys_max_cmd_len" && \ + test undefined != "$lt_cv_sys_max_cmd_len"; then lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` else @@ -2512,17 +2526,6 @@ esac ;; -gnu*) - version_type=linux # correct to gnu/linux during the next big refactor - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; - haiku*) version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no @@ -2639,7 +2642,7 @@ ;; # This must be glibc/ELF. -linux* | k*bsd*-gnu | kopensolaris*-gnu) +linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no @@ -3255,10 +3258,6 @@ fi ;; -gnu*) - lt_cv_deplibs_check_method=pass_all - ;; - haiku*) lt_cv_deplibs_check_method=pass_all ;; @@ -3297,7 +3296,7 @@ ;; # This must be glibc/ELF. -linux* | k*bsd*-gnu | kopensolaris*-gnu) +linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) lt_cv_deplibs_check_method=pass_all ;; @@ -4049,7 +4048,7 @@ ;; esac ;; - linux* | k*bsd*-gnu | kopensolaris*-gnu) + linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) case $cc_basename in KCC*) # KAI C++ Compiler @@ -4348,7 +4347,7 @@ _LT_TAGVAR(lt_prog_compiler_static, $1)='-non_shared' ;; - linux* | k*bsd*-gnu | kopensolaris*-gnu) + linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) case $cc_basename in # old Intel for x86_64 which still supported -KPIC. ecc*) @@ -6241,9 +6240,6 @@ _LT_TAGVAR(ld_shlibs, $1)=yes ;; - gnu*) - ;; - haiku*) _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' _LT_TAGVAR(link_all_deplibs, $1)=yes @@ -6405,7 +6401,7 @@ _LT_TAGVAR(inherit_rpath, $1)=yes ;; - linux* | k*bsd*-gnu | kopensolaris*-gnu) + linux* | k*bsd*-gnu | kopensolaris*-gnu | gnu*) case $cc_basename in KCC*) # Kuck and Associates, Inc. (KAI) C++ Compiler diff -Nru yubikey-personalization-1.15.1/Makefile.am yubikey-personalization-1.16.0/Makefile.am --- yubikey-personalization-1.15.1/Makefile.am 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/Makefile.am 2014-09-23 11:28:18.000000000 +0000 @@ -1,5 +1,5 @@ -# Written by Richard Levitte . -# Copyright (c) 2008-2013 Yubico AB +# Written by Richard Levitte et al. +# Copyright (c) 2008-2014 Yubico AB # All rights reserved. # # Redistribution and use in source and binary forms, with or without @@ -73,8 +73,13 @@ bin_PROGRAMS = ykpersonalize ykchalresp ykinfo -ykpersonalize_SOURCES = ykpersonalize.c ykpers-args.h ykpers-args.c -ykpersonalize_LDADD = ./libykpers-1.la $(LTLIBYUBIKEY) +ykpersonalize_SOURCES = ykpersonalize.c +ykpersonalize_LDADD = ./libykpers-1.la +ykpersonalize_LDADD += ./libykpers_args.la + +noinst_LTLIBRARIES = libykpers_args.la +libykpers_args_la_SOURCES = ykpers-args.c ykpers-args.h +libykpers_args_la_LIBADD = libykpers-1.la $(LTLIBYUBIKEY) ykchalresp_SOURCES = ykchalresp.c ykchalresp_LDADD = ./libykpers-1.la $(LTLIBYUBIKEY) @@ -127,9 +132,9 @@ fi @head -3 $(srcdir)/NEWS | grep -q "Version $(VERSION) .released `date -I`" || \ (echo 'error: You need to update date/version in $(srcdir)/NEWS, see doc/MakeRelease.wiki.'; exit 1) - @if test ! -d "$(YUBICO_GITHUB_REPO)"; then \ - echo "yubico.github.com repo not found!"; \ - echo "Make sure that YUBICO_GITHUB_REPO is set"; \ + @if test ! -d "$(YUBICO_WWW_REPO)"; then \ + echo "yubico www repo not found!"; \ + echo "Make sure that YUBICO_WWW_REPO is set"; \ exit 1; \ fi rm -f $(srcdir)/ChangeLog @@ -139,4 +144,4 @@ cd $(srcdir) && git push cd $(srcdir) && git tag -u $(KEYID) -m $(VERSION) v$(VERSION) cd $(srcdir) && git push --tags - $(YUBICO_GITHUB_REPO)/publish $(PROJECT) $(VERSION) $(PACKAGE)-$(VERSION).tar.gz* + $(YUBICO_WWW_REPO)/publish $(PROJECT) $(VERSION) $(PACKAGE)-$(VERSION).tar.gz* diff -Nru yubikey-personalization-1.15.1/Makefile.in yubikey-personalization-1.16.0/Makefile.in --- yubikey-personalization-1.15.1/Makefile.in 2014-03-07 12:18:20.000000000 +0000 +++ yubikey-personalization-1.16.0/Makefile.in 2014-09-23 11:52:39.000000000 +0000 @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. +# Makefile.in generated by automake 1.14.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2013 Free Software Foundation, Inc. @@ -14,8 +14,8 @@ @SET_MAKE@ -# Written by Richard Levitte . -# Copyright (c) 2008-2013 Yubico AB +# Written by Richard Levitte et al. +# Copyright (c) 2008-2014 Yubico AB # All rights reserved. # # Redistribution and use in source and binary forms, with or without @@ -124,10 +124,10 @@ $(srcdir)/ykpers-1.pc.in $(srcdir)/ykpers-version.h.in \ $(top_srcdir)/build-aux/depcomp $(dist_man1_MANS) \ $(dist_udevrules_DATA) $(ykpers_include_HEADERS) COPYING \ - build-aux/ar-lib build-aux/config.guess build-aux/config.rpath \ - build-aux/config.sub build-aux/depcomp build-aux/install-sh \ - build-aux/missing build-aux/ltmain.sh \ - $(top_srcdir)/build-aux/ar-lib \ + build-aux/ar-lib build-aux/compile build-aux/config.guess \ + build-aux/config.rpath build-aux/config.sub build-aux/depcomp \ + build-aux/install-sh build-aux/missing build-aux/ltmain.sh \ + $(top_srcdir)/build-aux/ar-lib $(top_srcdir)/build-aux/compile \ $(top_srcdir)/build-aux/config.guess \ $(top_srcdir)/build-aux/config.rpath \ $(top_srcdir)/build-aux/config.sub \ @@ -181,7 +181,7 @@ am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" \ "$(DESTDIR)$(man1dir)" "$(DESTDIR)$(udevrulesdir)" \ "$(DESTDIR)$(pkgconfigdir)" "$(DESTDIR)$(ykpers_includedir)" -LTLIBRARIES = $(lib_LTLIBRARIES) +LTLIBRARIES = $(lib_LTLIBRARIES) $(noinst_LTLIBRARIES) am__DEPENDENCIES_1 = libykpers_1_la_DEPENDENCIES = $(am__DEPENDENCIES_1) \ ./ykcore/libykcore.la $(am__DEPENDENCIES_1) @@ -203,6 +203,9 @@ $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ $(AM_CFLAGS) $(CFLAGS) $(libykpers_1_la_LDFLAGS) $(LDFLAGS) -o \ $@ +libykpers_args_la_DEPENDENCIES = libykpers-1.la $(am__DEPENDENCIES_1) +am_libykpers_args_la_OBJECTS = ykpers-args.lo +libykpers_args_la_OBJECTS = $(am_libykpers_args_la_OBJECTS) PROGRAMS = $(bin_PROGRAMS) am_ykchalresp_OBJECTS = ykchalresp.$(OBJEXT) ykchalresp_OBJECTS = $(am_ykchalresp_OBJECTS) @@ -210,10 +213,9 @@ am_ykinfo_OBJECTS = ykinfo.$(OBJEXT) ykinfo_OBJECTS = $(am_ykinfo_OBJECTS) ykinfo_DEPENDENCIES = ./libykpers-1.la $(am__DEPENDENCIES_1) -am_ykpersonalize_OBJECTS = ykpersonalize.$(OBJEXT) \ - ykpers-args.$(OBJEXT) +am_ykpersonalize_OBJECTS = ykpersonalize.$(OBJEXT) ykpersonalize_OBJECTS = $(am_ykpersonalize_OBJECTS) -ykpersonalize_DEPENDENCIES = ./libykpers-1.la $(am__DEPENDENCIES_1) +ykpersonalize_DEPENDENCIES = ./libykpers-1.la ./libykpers_args.la AM_V_P = $(am__v_P_@AM_V@) am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) am__v_P_0 = false @@ -248,11 +250,12 @@ am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) am__v_CCLD_0 = @echo " CCLD " $@; am__v_CCLD_1 = -SOURCES = $(libykpers_1_la_SOURCES) $(ykchalresp_SOURCES) \ - $(ykinfo_SOURCES) $(ykpersonalize_SOURCES) -DIST_SOURCES = $(am__libykpers_1_la_SOURCES_DIST) \ +SOURCES = $(libykpers_1_la_SOURCES) $(libykpers_args_la_SOURCES) \ $(ykchalresp_SOURCES) $(ykinfo_SOURCES) \ $(ykpersonalize_SOURCES) +DIST_SOURCES = $(am__libykpers_1_la_SOURCES_DIST) \ + $(libykpers_args_la_SOURCES) $(ykchalresp_SOURCES) \ + $(ykinfo_SOURCES) $(ykpersonalize_SOURCES) RECURSIVE_TARGETS = all-recursive check-recursive cscopelist-recursive \ ctags-recursive dvi-recursive html-recursive info-recursive \ install-data-recursive install-dvi-recursive \ @@ -508,8 +511,11 @@ EXTRA_libykpers_1_la_DEPENDENCIES = libykpers-1.map pkgconfigdir = $(libdir)/pkgconfig pkgconfig_DATA = ykpers-1.pc -ykpersonalize_SOURCES = ykpersonalize.c ykpers-args.h ykpers-args.c -ykpersonalize_LDADD = ./libykpers-1.la $(LTLIBYUBIKEY) +ykpersonalize_SOURCES = ykpersonalize.c +ykpersonalize_LDADD = ./libykpers-1.la ./libykpers_args.la +noinst_LTLIBRARIES = libykpers_args.la +libykpers_args_la_SOURCES = ykpers-args.c ykpers-args.h +libykpers_args_la_LIBADD = libykpers-1.la $(LTLIBYUBIKEY) ykchalresp_SOURCES = ykchalresp.c ykchalresp_LDADD = ./libykpers-1.la $(LTLIBYUBIKEY) ykinfo_SOURCES = ykinfo.c @@ -616,8 +622,22 @@ rm -f $${locs}; \ } +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + @list='$(noinst_LTLIBRARIES)'; \ + locs=`for p in $$list; do echo $$p; done | \ + sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \ + sort -u`; \ + test -z "$$locs" || { \ + echo rm -f $${locs}; \ + rm -f $${locs}; \ + } + libykpers-1.la: $(libykpers_1_la_OBJECTS) $(libykpers_1_la_DEPENDENCIES) $(EXTRA_libykpers_1_la_DEPENDENCIES) $(AM_V_CCLD)$(libykpers_1_la_LINK) -rpath $(libdir) $(libykpers_1_la_OBJECTS) $(libykpers_1_la_LIBADD) $(LIBS) + +libykpers_args.la: $(libykpers_args_la_OBJECTS) $(libykpers_args_la_DEPENDENCIES) $(EXTRA_libykpers_args_la_DEPENDENCIES) + $(AM_V_CCLD)$(LINK) $(libykpers_args_la_OBJECTS) $(libykpers_args_la_LIBADD) $(LIBS) install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ @@ -694,7 +714,7 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ykchalresp.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ykinfo.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ykpbkdf2.Plo@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ykpers-args.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ykpers-args.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ykpers-json.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ykpers-nojson.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ykpers-version.Plo@am__quote@ @@ -707,14 +727,14 @@ @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c $< +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< .c.obj: @am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` .c.lo: @am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @@ -1023,10 +1043,16 @@ $(am__post_remove_distdir) dist-tarZ: distdir + @echo WARNING: "Support for shar distribution archives is" \ + "deprecated." >&2 + @echo WARNING: "It will be removed altogether in Automake 2.0" >&2 tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z $(am__post_remove_distdir) dist-shar: distdir + @echo WARNING: "Support for distribution archives compressed with" \ + "legacy program 'compress' is deprecated." >&2 + @echo WARNING: "It will be removed altogether in Automake 2.0" >&2 shar $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz $(am__post_remove_distdir) @@ -1068,9 +1094,10 @@ && dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \ && am__cwd=`pwd` \ && $(am__cd) $(distdir)/_build \ - && ../configure --srcdir=.. --prefix="$$dc_install_base" \ + && ../configure \ $(AM_DISTCHECK_CONFIGURE_FLAGS) \ $(DISTCHECK_CONFIGURE_FLAGS) \ + --srcdir=.. --prefix="$$dc_install_base" \ && $(MAKE) $(AM_MAKEFLAGS) \ && $(MAKE) $(AM_MAKEFLAGS) dvi \ && $(MAKE) $(AM_MAKEFLAGS) check \ @@ -1166,7 +1193,7 @@ clean: clean-recursive clean-am: clean-binPROGRAMS clean-generic clean-libLTLIBRARIES \ - clean-libtool mostlyclean-am + clean-libtool clean-noinstLTLIBRARIES mostlyclean-am distclean: distclean-recursive -rm -f $(am__CONFIG_DISTCLEAN_FILES) @@ -1247,19 +1274,20 @@ .PHONY: $(am__recursive_targets) CTAGS GTAGS TAGS all all-am \ am--refresh check check-am clean clean-binPROGRAMS \ clean-cscope clean-generic clean-libLTLIBRARIES clean-libtool \ - cscope cscopelist-am ctags ctags-am dist dist-all dist-bzip2 \ - dist-gzip dist-lzip dist-shar dist-tarZ dist-xz dist-zip \ - distcheck distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distcleancheck distdir \ - distuninstallcheck dvi dvi-am html html-am info info-am \ - install install-am install-binPROGRAMS install-data \ - install-data-am install-dist_udevrulesDATA install-dvi \ - install-dvi-am install-exec install-exec-am install-html \ - install-html-am install-info install-info-am \ - install-libLTLIBRARIES install-man install-man1 install-pdf \ - install-pdf-am install-pkgconfigDATA install-ps install-ps-am \ - install-strip install-ykpers_includeHEADERS installcheck \ - installcheck-am installdirs installdirs-am maintainer-clean \ + clean-noinstLTLIBRARIES cscope cscopelist-am ctags ctags-am \ + dist dist-all dist-bzip2 dist-gzip dist-lzip dist-shar \ + dist-tarZ dist-xz dist-zip distcheck distclean \ + distclean-compile distclean-generic distclean-libtool \ + distclean-tags distcleancheck distdir distuninstallcheck dvi \ + dvi-am html html-am info info-am install install-am \ + install-binPROGRAMS install-data install-data-am \ + install-dist_udevrulesDATA install-dvi install-dvi-am \ + install-exec install-exec-am install-html install-html-am \ + install-info install-info-am install-libLTLIBRARIES \ + install-man install-man1 install-pdf install-pdf-am \ + install-pkgconfigDATA install-ps install-ps-am install-strip \ + install-ykpers_includeHEADERS installcheck installcheck-am \ + installdirs installdirs-am maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ tags tags-am uninstall uninstall-am uninstall-binPROGRAMS \ @@ -1289,9 +1317,9 @@ fi @head -3 $(srcdir)/NEWS | grep -q "Version $(VERSION) .released `date -I`" || \ (echo 'error: You need to update date/version in $(srcdir)/NEWS, see doc/MakeRelease.wiki.'; exit 1) - @if test ! -d "$(YUBICO_GITHUB_REPO)"; then \ - echo "yubico.github.com repo not found!"; \ - echo "Make sure that YUBICO_GITHUB_REPO is set"; \ + @if test ! -d "$(YUBICO_WWW_REPO)"; then \ + echo "yubico www repo not found!"; \ + echo "Make sure that YUBICO_WWW_REPO is set"; \ exit 1; \ fi rm -f $(srcdir)/ChangeLog @@ -1301,7 +1329,7 @@ cd $(srcdir) && git push cd $(srcdir) && git tag -u $(KEYID) -m $(VERSION) v$(VERSION) cd $(srcdir) && git push --tags - $(YUBICO_GITHUB_REPO)/publish $(PROJECT) $(VERSION) $(PACKAGE)-$(VERSION).tar.gz* + $(YUBICO_WWW_REPO)/publish $(PROJECT) $(VERSION) $(PACKAGE)-$(VERSION).tar.gz* # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. diff -Nru yubikey-personalization-1.15.1/NEWS yubikey-personalization-1.16.0/NEWS --- yubikey-personalization-1.15.1/NEWS 2014-03-12 07:12:48.000000000 +0000 +++ yubikey-personalization-1.16.0/NEWS 2014-09-26 07:43:45.000000000 +0000 @@ -1,14 +1,39 @@ Yubikey-personalize NEWS -- History of user-visible changes. -*- outline -*- +* Version 1.16.0 (released 2014-09-26) + +** Add yk_get_key_vid_pid() to get the vendor and product id of a key. + +** Add flags for ykinfo to print vendor and product id. + +** Fix a bug in the osx backend where it would return an error opening +a composite device with two hid interfaces. + +* Version 1.15.3 (released 2014-09-04) + +** Fix URLs for opensource.y.com -> developers.y.com move. + +** Whitelist firmware version 3.3 and detect new PIDs. + +* Version 1.15.2 (released 2014-07-30) + +** Whitelist firmware version 2.5 + +** Read key when importing configuration. + +** Fix formatting error in information about what is written to key. + +** Check return codes when doinf NDEF writes. + * Version 1.15.1 (released 2014-03-12) -* Add -6 and -8 flags to ykchalresp to output the response as a truncated +** Add -6 and -8 flags to ykchalresp to output the response as a truncated OATH code. Thanks to joernchen of Phenoelit -* Add -t to ykchalresp to use current time / 30 as challenge in TOTP +** Add -t to ykchalresp to use current time / 30 as challenge in TOTP fashion. Thanks to joernchen of Phenoelit -* Fix for a crash in the libusb-0.1 backend. +** Fix for a crash in the libusb-0.1 backend. Thanks to Antti Keränen * Version 1.15.0 (released 2014-01-10) diff -Nru yubikey-personalization-1.15.1/README yubikey-personalization-1.16.0/README --- yubikey-personalization-1.15.1/README 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/README 2014-09-23 11:28:18.000000000 +0000 @@ -22,7 +22,7 @@ dependencies on other systems, let us know. Debian hints should apply to Debian derivatives as well, including Ubuntu. -Yubico-c is needed, see: http://opensource.yubico.com/yubico-c/ +Yubico-c is needed, see: https://developers.yubico.com/yubico-c/ Debian: apt-get install libyubikey-dev diff -Nru yubikey-personalization-1.15.1/tests/Makefile.am yubikey-personalization-1.16.0/tests/Makefile.am --- yubikey-personalization-1.15.1/tests/Makefile.am 2014-01-09 08:05:32.000000000 +0000 +++ yubikey-personalization-1.16.0/tests/Makefile.am 2014-06-24 10:38:28.000000000 +0000 @@ -40,7 +40,6 @@ check_PROGRAMS = $(ctests) TESTS = $(ctests) -test_args_to_config_SOURCES = test_args_to_config.c \ - ykpers-args.h ykpers-args.c +test_args_to_config_LDADD = ../libykpers_args.la TESTS_ENVIRONMENT = $(VALGRIND) diff -Nru yubikey-personalization-1.15.1/tests/Makefile.in yubikey-personalization-1.16.0/tests/Makefile.in --- yubikey-personalization-1.15.1/tests/Makefile.in 2014-03-07 12:18:20.000000000 +0000 +++ yubikey-personalization-1.16.0/tests/Makefile.in 2014-09-23 11:52:39.000000000 +0000 @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. +# Makefile.in generated by automake 1.14.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2013 Free Software Foundation, Inc. @@ -142,12 +142,9 @@ am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) am__v_lt_0 = --silent am__v_lt_1 = -am_test_args_to_config_OBJECTS = test_args_to_config.$(OBJEXT) \ - ykpers-args.$(OBJEXT) -test_args_to_config_OBJECTS = $(am_test_args_to_config_OBJECTS) -test_args_to_config_LDADD = $(LDADD) -test_args_to_config_DEPENDENCIES = ../libykpers-1.la \ - $(am__DEPENDENCIES_1) +test_args_to_config_SOURCES = test_args_to_config.c +test_args_to_config_OBJECTS = test_args_to_config.$(OBJEXT) +test_args_to_config_DEPENDENCIES = ../libykpers_args.la test_json_SOURCES = test_json.c test_json_OBJECTS = test_json.$(OBJEXT) test_json_LDADD = $(LDADD) @@ -210,10 +207,10 @@ am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) am__v_CCLD_0 = @echo " CCLD " $@; am__v_CCLD_1 = -SOURCES = selftest.c $(test_args_to_config_SOURCES) test_json.c \ +SOURCES = selftest.c test_args_to_config.c test_json.c \ test_key_generation.c test_ndef_construction.c \ test_threaded_calls.c test_yk_utilities.c test_ykpbkdf2.c -DIST_SOURCES = selftest.c $(test_args_to_config_SOURCES) test_json.c \ +DIST_SOURCES = selftest.c test_args_to_config.c test_json.c \ test_key_generation.c test_ndef_construction.c \ test_threaded_calls.c test_yk_utilities.c test_ykpbkdf2.c am__can_run_installinfo = \ @@ -596,9 +593,7 @@ ctests = selftest test_args_to_config test_key_generation \ test_ndef_construction test_threaded_calls test_ykpbkdf2 \ test_yk_utilities $(am__append_1) -test_args_to_config_SOURCES = test_args_to_config.c \ - ykpers-args.h ykpers-args.c - +test_args_to_config_LDADD = ../libykpers_args.la TESTS_ENVIRONMENT = $(VALGRIND) all: all-am @@ -690,21 +685,20 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_threaded_calls.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_yk_utilities.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/test_ykpbkdf2.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ykpers-args.Po@am__quote@ .c.o: @am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c $< +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< .c.obj: @am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` .c.lo: @am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< diff -Nru yubikey-personalization-1.15.1/tests/test_args_to_config.c yubikey-personalization-1.16.0/tests/test_args_to_config.c --- yubikey-personalization-1.15.1/tests/test_args_to_config.c 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/tests/test_args_to_config.c 2014-07-30 07:53:15.000000000 +0000 @@ -100,7 +100,7 @@ assert(config_matches_expected == true); } -static int _test_config (YKP_CONFIG *cfg, YK_STATUS *st, int argc, const char **argv) +static int _test_config (YKP_CONFIG *cfg, YK_STATUS *st, int argc, char **argv) { const char *infname = NULL; const char *outfname = NULL; @@ -171,7 +171,7 @@ * Utility function to parse arguments and just return the result code. * The calling function does the assert() to get function name in assert output. */ -static int _parse_args_rc(int argc, const char *argv[]) +static int _parse_args_rc(int argc, char *argv[]) { YKP_CONFIG *cfg = ykp_alloc(); YK_STATUS *st = _test_init_st(2, 2, 0); @@ -202,7 +202,7 @@ 0x00, 0x46, 0xc0 }; - const char *argv[] = { + char *argv[] = { "unittest", "-1", NULL }; @@ -232,7 +232,7 @@ 0x00, 0xe9, 0xf5 }; - const char *argv[] = { + char *argv[] = { "unittest", "-2", "-a303132333435363738393a3b3c3d3e3f", NULL }; @@ -251,7 +251,7 @@ YK_STATUS *st = _test_init_st(1, 3, 0); int rc = 0; - const char *argv[] = { + char *argv[] = { "unittest", "-oshort-ticket", NULL }; @@ -271,7 +271,7 @@ YK_STATUS *st = _test_init_st(2, 2, 0); int rc = 0; - const char *argv[] = { + char *argv[] = { "unittest", "-oticket-first", NULL }; @@ -315,7 +315,7 @@ unsigned char scan_map[sizeof(SCAN_MAP)]; - const char *argv[] = { + char *argv[] = { "unittest", "-1", "-sout", "-iin", "-c313233343536", "-y", "-v", NULL }; @@ -371,7 +371,7 @@ 0x00, 0x6a, 0xb9 }; - const char *argv[] = { + char *argv[] = { "unittest", "-1", "-a303132333435363738393a3b3c3d3e3f40414243", "-ooath-hotp", "-o-append-cr", NULL }; @@ -404,7 +404,7 @@ 0x00, 0x03, 0x95, 0x56, 0x00, 0x00, 0x00, }; - const char *argv[] = { + char *argv[] = { "unittest", "-2", "-a303132333435363738393a3b3c3d3e3f40414243", "-ochal-resp", "-ochal-hmac", "-ohmac-lt64", "-oserial-api-visible", NULL @@ -421,7 +421,7 @@ static void _test_two_slots1(void) { /* Test that it is not possible to choose slot more than once */ - const char *argv[] = { + char *argv[] = { "unittest", "-1", "-1", NULL }; @@ -432,7 +432,7 @@ static void _test_two_slots2(void) { /* Test that it is not possible to choose slot more than once */ - const char *argv[] = { + char *argv[] = { "unittest", "-2", "-1", NULL }; @@ -443,7 +443,7 @@ static void _test_two_modes_at_once1(void) { /* Test that it is not possible to choose mode (OATH-HOTP/CHAL-RESP) more than once */ - const char *argv[] = { + char *argv[] = { "unittest", "-ochal-resp", "-ooath-hotp", NULL }; @@ -454,7 +454,7 @@ static void _test_two_modes_at_once2(void) { /* Test that it is not possible to choose mode (OATH-HOTP/CHAL-RESP) more than once */ - const char *argv[] = { + char *argv[] = { "unittest", "-ochal-resp", "-ochal-resp", NULL }; @@ -465,7 +465,7 @@ static void _test_mode_after_other_option(void) { /* Test that it is not possible to set mode after other options */ - const char *argv[] = { + char *argv[] = { "unittest", "-ohmac-lt64", "-ochal-resp", NULL }; @@ -478,7 +478,7 @@ /* Make sure key with mixed case is rejected (parsing function yubikey_hex_decode * only handles lower case hex) */ - const char *argv[] = { + char *argv[] = { "unittest", "-1", "-a0000000000000000000000000000000E", NULL }; @@ -489,7 +489,7 @@ static void _test_uid_for_oath(void) { /* Test that it is not possible to specify UID with OATH */ - const char *argv[] = { + char *argv[] = { "unittest", "-ooath-hotp", "-ouid=h:010203040506", NULL }; @@ -500,7 +500,7 @@ static void _test_uid_for_chal_resp(void) { /* Test that it is not possible to specify UID with Challenge Response */ - const char *argv[] = { + char *argv[] = { "unittest", "-ochal-resp", "-ouid=h:010203040506", NULL }; @@ -511,7 +511,7 @@ static void _test_swap_with_slot(void) { /* Test that you can not both swap and set slot */ - const char *argv[] = { + char *argv[] = { "unittest", "-x", "-1", NULL }; @@ -522,7 +522,7 @@ static void _test_slot_with_update(void) { /* Test the update must be before slot */ - const char *argv[] = { + char *argv[] = { "unittest", "-1", "-u", NULL }; @@ -533,7 +533,7 @@ static void _test_swap_with_update(void) { /* Test the update must be before slot */ - const char *argv[] = { + char *argv[] = { "unittest", "-u", "-x", NULL }; @@ -546,7 +546,7 @@ YKP_CONFIG *cfg = ykp_alloc(); YK_STATUS *st = _test_init_st(2, 1, 7); - const char *argv[] = { + char *argv[] = { "unittest", "-nhttps://my.yubico.com/neo/", NULL }; @@ -565,7 +565,7 @@ YKP_CONFIG *cfg = ykp_alloc(); YK_STATUS *st = _test_init_st(2, 2, 4); - const char *argv[] = { + char *argv[] = { "unittest", "-nhttps://my.yubico.com/neo/", NULL }; @@ -583,7 +583,7 @@ YKP_CONFIG *cfg = ykp_alloc(); YK_STATUS *st = _test_init_st(2, 1, 7); - const const char *argv[] = { + char *argv[] = { "unittest", "-2", NULL }; int argc = 2; @@ -599,7 +599,7 @@ YKP_CONFIG *cfg = ykp_alloc(); YK_STATUS *st = _test_init_st(2, 1, 7); - const const char *argv[] = { + char *argv[] = { "unittest", "-2", "-nhttps://my.yubico.com/neo/", NULL }; @@ -616,7 +616,7 @@ YKP_CONFIG *cfg = ykp_alloc(); YK_STATUS *st = _test_init_st(3, 0, 0); - const const char *argv[] = { + char *argv[] = { "unittest", "-2", "-nhttps://my.yubico.com/neo/", NULL }; diff -Nru yubikey-personalization-1.15.1/tests/test_yk_utilities.c yubikey-personalization-1.16.0/tests/test_yk_utilities.c --- yubikey-personalization-1.15.1/tests/test_yk_utilities.c 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/tests/test_yk_utilities.c 2014-09-23 11:28:18.000000000 +0000 @@ -53,10 +53,12 @@ {2,2,3,true}, {2,3,0,true}, {2,4,5,true}, - {2,5,2,false}, + {2,5,2,true}, + {2,6,0,false}, {3,0,1,true}, {3,2,8,true}, - {3,3,0,false}, + {3,3,0,true}, + {3,4,0,false}, {4,0,0,false}, }; diff -Nru yubikey-personalization-1.15.1/tests/ykpers-args.c yubikey-personalization-1.16.0/tests/ykpers-args.c --- yubikey-personalization-1.15.1/tests/ykpers-args.c 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/tests/ykpers-args.c 1970-01-01 00:00:00.000000000 +0000 @@ -1,849 +0,0 @@ -/* -*- mode:C; c-file-style: "bsd" -*- */ -/* - * Copyright (c) 2008-2014 Yubico AB - * Copyright (c) 2010 Tollef Fog Heen - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are - * met: - * - * * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT - * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT - * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - - -#include -#include -#include -#include -#include -#include - -#include -#include /* To get yubikey_modhex_encode and yubikey_hex_encode */ -#include -#include -#include "ykpers-args.h" - -#define YUBICO_OATH_VENDOR_ID_HEX 0xe1 /* UB as hex */ -#define YUBICO_HOTP_EVENT_TOKEN_TYPE 0x63 /* HE as hex */ - -const char *usage = -"Usage: ykpersonalize [options]\n" -"-u update configuration without overwriting. This is only available\n" -" in YubiKey 2.3 and later. EXTFLAG_ALLOW_UPDATE will be set by\n" -" default\n" -"-1 change the first configuration. This is the default and\n" -" is normally used for true OTP generation.\n" -" In this configuration, TKTFLAG_APPEND_CR is set by default.\n" -"-2 change the second configuration. This is for Yubikey II only\n" -" and is then normally used for static key generation.\n" -" In this configuration, TKTFLAG_APPEND_CR, CFGFLAG_STATIC_TICKET,\n" -" CFGFLAG_STRONG_PW1, CFGFLAG_STRONG_PW2 and CFGFLAG_MAN_UPDATE\n" -" are set by default.\n" -"-x swap the configuration in slot 1 and 2. This is for YubiKey 2.3\n" -" and newer only\n" -"-z delete the configuration in slot 1 or 2.\n" -"-sFILE save configuration to FILE instead of key.\n" -" (if FILE is -, send to stdout)\n" -"-iFILE read configuration from FILE.\n" -" (if FILE is -, read from stdin)\n" -"-fformat set the data format for -s and -i valid values are ycfg or legacy.\n" -"-a[XXX..] The AES secret key as a 32 (or 40 for OATH-HOTP/HMAC CHAL-RESP)\n" -" char hex value (not modhex) (none to prompt for key on stdin)\n" -" If -a is not used a random key will be generated.\n" -"-cXXX.. A 12 char hex value (not modhex) to use as access code for programming\n" -" (this does NOT SET the access code, that's done with -oaccess=)\n" -"-nXXX.. Write NDEF URI to YubiKey NEO, must be used with -1 or -2\n" -"-tXXX.. Write NDEF text to YubiKey NEO, must be used with -1 or -2\n" -"-mMODE Set the USB device configuration of the YubiKey NEO.\n" -" See the manpage for details\n" -"-S0605.. Set the scanmap to use with the YubiKey NEO. Must be 45 unique bytes,\n" -" in hex. Use with no argument to reset to the default.\n" -"-oOPTION change configuration option. Possible OPTION arguments are:\n" -" fixed=xxxxxxxxxxx The public identity of key, in MODHEX.\n" -" This is 0-16 characters long.\n" -" uid=xxxxxx The uid part of the generated ticket, in HEX.\n" -" MUST be 12 characters long.\n" -" access=xxxxxxxxxxx New access code to set, in HEX.\n" -" MUST be 12 characters long.\n" -" oath-imf=IMF OATH Initial Moving Factor to use.\n" -" oath-id[=h:OOTT...] OATH Token Identifier (none for serial-based)\n" -"\n" -" Ticket flags for all firmware versions:\n" -" [-]tab-first set/clear TAB_FIRST\n" -" [-]append-tab1 set/clear APPEND_TAB1\n" -" [-]append-tab2 set/clear APPEND_TAB2\n" -" [-]append-delay1 set/clear APPEND_DELAY1\n" -" [-]append-delay2 set/clear APPEND_DELAY2\n" -" [-]append-cr set/clear APPEND_CR\n" -"\n" -" Ticket flags for firmware version 2.0 and above:\n" -" [-]protect-cfg2 set/clear PROTECT_CFG2\n" -"\n" -" Ticket flags for firmware version 2.1 and above:\n" -" [-]oath-hotp set/clear OATH_HOTP\n" -"\n" -" Ticket flags for firmware version 2.2 and above:\n" -" [-]chal-resp set/clear CHAL_RESP\n" -"\n" -" Configuration flags for all firmware versions:\n" -" [-]send-ref set/clear SEND_REF\n" -" [-]pacing-10ms set/clear PACING_10MS\n" -" [-]pacing-20ms set/clear PACING_20MS\n" -" [-]static-ticket set/clear STATIC_TICKET\n" -"\n" -" Configuration flags for firmware version 1.x only:\n" -" [-]ticket-first set/clear TICKET_FIRST\n" -" [-]allow-hidtrig set/clear ALLOW_HIDTRIG\n" -"\n" -" Configuration flags for firmware version 2.0 and above:\n" -" [-]short-ticket set/clear SHORT_TICKET\n" -" [-]strong-pw1 set/clear STRONG_PW1\n" -" [-]strong-pw2 set/clear STRONG_PW2\n" -" [-]man-update set/clear MAN_UPDATE\n" -"\n" -" Configuration flags for firmware version 2.1 and above:\n" -" [-]oath-hotp8 set/clear OATH_HOTP8\n" -" [-]oath-fixed-modhex1 set/clear OATH_FIXED_MODHEX1\n" -" [-]oath-fixed-modhex2 set/clear OATH_FIXED_MODHEX2\n" -" [-]oath-fixed-modhex set/clear OATH_MODHEX\n" -"\n" -" Configuration flags for firmware version 2.2 and above:\n" -" [-]chal-yubico set/clear CHAL_YUBICO\n" -" [-]chal-hmac set/clear CHAL_HMAC\n" -" [-]hmac-lt64 set/clear HMAC_LT64\n" -" [-]chal-btn-trig set/clear CHAL_BTN_TRIG\n" -"\n" -" Extended flags for firmware version 2.2 and above:\n" -" [-]serial-btn-visible set/clear SERIAL_BTN_VISIBLE\n" -" [-]serial-usb-visible set/clear SERIAL_USB_VISIBLE\n" -" [-]serial-api-visible set/clear SERIAL_API_VISIBLE\n" -"\n" -" Extended flags for firmware version 2.3 and above:\n" -" [-]use-numeric-keypad set/clear USE_NUMERIC_KEYPAD\n" -" [-]fast-trig set/clear FAST_TRIG\n" -" [-]allow-update set/clear ALLOW_UPDATE\n" -" [-]dormant set/clear DORMANT\n" -"\n" -" Extended flags for firmware version 2.4/3.1 and above:\n" -" [-]led-inv set/clear LED_INV\n" -"\n" -"-y always commit (do not prompt)\n" -"\n" -"-d dry-run (don't write anything to key)\n" -"\n" -"-v verbose\n" -"-V tool version\n" -"-h help (this text)\n" -; -const char *optstring = "u12xza::c:n:t:hi:o:s:f:dvym:S::V"; - -static int _set_fixed(char *opt, YKP_CONFIG *cfg); -static int _format_decimal_as_hex(uint8_t *dst, size_t dst_len, uint8_t *src); -static int _format_oath_id(uint8_t *dst, size_t dst_len, uint8_t vendor, uint8_t type, uint32_t mui); -static int _set_oath_id(char *opt, YKP_CONFIG *cfg, YK_KEY *yk, YK_STATUS *st); - -static int hex_modhex_decode(unsigned char *result, size_t *resultlen, - const char *str, size_t strl, - size_t minsize, size_t maxsize, - bool primarily_modhex) -{ - if (strl >= 2) { - if (strncmp(str, "m:", 2) == 0 - || strncmp(str, "M:", 2) == 0) { - str += 2; - strl -= 2; - primarily_modhex = true; - } else if (strncmp(str, "h:", 2) == 0 - || strncmp(str, "H:", 2) == 0) { - str += 2; - strl -= 2; - primarily_modhex = false; - } - } - - if ((strl % 2 != 0) || (strl < minsize) || (strl > maxsize)) { - return -1; - } - - *resultlen = strl / 2; - if (primarily_modhex) { - if (yubikey_modhex_p(str)) { - yubikey_modhex_decode((char *)result, str, strl); - return 1; - } - } else { - if (yubikey_hex_p(str)) { - yubikey_hex_decode((char *)result, str, strl); - return 1; - } - } - - return 0; -} - -void report_yk_error(void) -{ - if (ykp_errno) - fprintf(stderr, "Yubikey personalization error: %s\n", - ykp_strerror(ykp_errno)); - if (yk_errno) { - if (yk_errno == YK_EUSBERR) { - fprintf(stderr, "USB error: %s\n", - yk_usb_strerror()); - } else { - fprintf(stderr, "Yubikey core error: %s\n", - yk_strerror(yk_errno)); - } - } -} - -/* - * Parse all arguments supplied to this program and turn it into mainly - * a YKP_CONFIG (but return some other parameters as well, like - * access_code, verbose etc.). - * - * Done in this way to be testable (see tests/test_args_to_config.c). - */ -int args_to_config(int argc, char **argv, YKP_CONFIG *cfg, YK_KEY *yk, - const char **infname, const char **outfname, - int *data_format, bool *autocommit, - YK_STATUS *st, bool *verbose, bool *dry_run, - unsigned char *access_code, bool *use_access_code, - char *keylocation, char *ndef_type, char *ndef, - unsigned char *usb_mode, bool *zap, - unsigned char *scan_bin, unsigned char *cr_timeout, - unsigned char *autoeject_timeout, int *num_modes_seen, - int *exit_code) -{ - int c; - const char *aeshash = NULL; - bool new_access_code = false; - bool slot_chosen = false; - bool mode_chosen = false; - bool option_seen = false; - bool swap_seen = false; - bool update_seen = false; - bool ndef_seen = false; - bool usb_mode_seen = false; - bool scan_map_seen = false; - - ykp_configure_version(cfg, st); - - while((c = getopt(argc, argv, optstring)) != -1) { - if (c == 'o') { - if (strcmp(optarg, "oath-hotp") == 0 || - strcmp(optarg, "chal-resp") == 0) { - if (mode_chosen) { - fprintf(stderr, "You may only choose mode (-ooath-hotp / " - "-ochal-resp) once.\n"); - *exit_code = 1; - return 0; - } - - if (option_seen) { - fprintf(stderr, "Mode choosing flags (oath-hotp / chal-resp) " - "must be set prior to any other options (-o).\n"); - *exit_code = 1; - return 0; - } - - /* The default flags (particularly for slot 2) does not apply to - * these new modes of operation found in Yubikey >= 2.1. Therefor, - * we reset them here and, as a consequence of that, require the - * mode choosing options to be specified before any other. - */ - ykp_clear_config(cfg); - - mode_chosen = 1; - } - - option_seen = true; - } - - switch (c) { - case 'u': - if (slot_chosen) { - fprintf(stderr, "You must use update before slot (-1 / -2).\n"); - *exit_code = 1; - return 0; - } - if (swap_seen) { - fprintf(stderr, "Update (-u) and swap (-x) can't be combined.\n"); - *exit_code = 1; - return 0; - } - if (ndef_seen) { - fprintf(stderr, "Update (-u) can not be combined with ndef (-n).\n"); - *exit_code = 1; - return 0; - } - update_seen = true; - break; - case '1': - case '2': { - int command; - if (slot_chosen) { - fprintf(stderr, "You may only choose slot (-1 / -2) once.\n"); - *exit_code = 1; - return 0; - } - if (option_seen) { - fprintf(stderr, "You must choose slot before any options (-o).\n"); - *exit_code = 1; - return 0; - } - if (swap_seen) { - fprintf(stderr, "You can not combine slot swap (-x) with configuring a slot.\n"); - *exit_code = 1; - return 0; - } - ykp_set_tktflag_APPEND_CR(cfg, true); - if (update_seen) { - ykp_set_extflag_ALLOW_UPDATE(cfg, true); - if(c == '1') { - command = SLOT_UPDATE1; - } else if(c == '2') { - command = SLOT_UPDATE2; - } - } else if (c == '1') { - command = SLOT_CONFIG; - } else if (c == '2') { - command = SLOT_CONFIG2; - ykp_set_cfgflag_STATIC_TICKET(cfg, true); - ykp_set_cfgflag_STRONG_PW1(cfg, true); - ykp_set_cfgflag_STRONG_PW2(cfg, true); - ykp_set_cfgflag_MAN_UPDATE(cfg, true); - - } - if (!ykp_configure_command(cfg, command)) - return 0; - slot_chosen = true; - break; - } - case 'x': - if (slot_chosen || option_seen || update_seen || ndef_seen || *zap || usb_mode_seen || scan_map_seen) { - fprintf(stderr, "Slot swap (-x) can not be used with other options.\n"); - *exit_code = 1; - return 0; - } - - if (!ykp_configure_command(cfg, SLOT_SWAP)) { - return 0; - } - swap_seen = true; - break; - case 'z': - if (swap_seen || update_seen || ndef_seen || usb_mode_seen || scan_map_seen) { - fprintf(stderr, "Zap (-z) can only be used with a slot (-1 / -2).\n"); - *exit_code = 1; - return 0; - } - *zap = true; - break; - case 'i': - *infname = optarg; - break; - case 's': - *outfname = optarg; - break; - case 'f': - if(strcmp(optarg, "ycfg") == 0) { - *data_format = YKP_FORMAT_YCFG; - } else if(strcmp(optarg, "legacy") == 0) { - *data_format = YKP_FORMAT_LEGACY; - } else { - fprintf(stderr, "The only valid formats to -f is ycfg and legacy.\n"); - *exit_code = 1; - return 0; - } - break; - case 'a': - if(optarg) { - aeshash = optarg; - *keylocation = 1; - } else { - *keylocation = 2; - } - break; - case 'c': { - size_t access_code_len = 0; - int rc = hex_modhex_decode(access_code, &access_code_len, - optarg, strlen(optarg), - 12, 12, false); - if (rc <= 0) { - fprintf(stderr, - "Invalid access code string: %s\n", - optarg); - *exit_code = 1; - return 0; - } - if (!new_access_code) - ykp_set_access_code(cfg, - access_code, - access_code_len); - *use_access_code = true; - break; - } - case 't': - *ndef_type = 'T'; - case 'n': { - int command; - if(!*ndef_type) { - *ndef_type = 'U'; - } - if (swap_seen || update_seen || option_seen || *zap || usb_mode_seen || scan_map_seen) { - fprintf(stderr, "Ndef (-n/-t) can only be used with a slot (-1/-2).\n"); - *exit_code = 1; - return 0; - } - if(ykp_command(cfg) == SLOT_CONFIG) { - command = SLOT_NDEF; - } else if(ykp_command(cfg) == SLOT_CONFIG2) { - command = SLOT_NDEF2; - } else { - command = SLOT_NDEF; - } - if (!ykp_configure_command(cfg, command)) { - return 0; - } - memcpy(ndef, optarg, strlen(optarg)); - ndef_seen = true; - break; - } - case 'm': - if(slot_chosen || swap_seen || update_seen || option_seen || ndef_seen || *zap || scan_map_seen) { - fprintf(stderr, "USB mode (-m) can not be combined with other options.\n"); - *exit_code = 1; - return 0; - } - unsigned char mode, crtime, autotime; - int matched = sscanf(optarg, "%hhx:%hhd:%hhd", &mode, &crtime, &autotime); - if(matched > 0) { - *usb_mode = mode; - if(matched > 1) { - *cr_timeout = crtime; - if(matched > 2) { - *autoeject_timeout = autotime; - } - } - usb_mode_seen = true; - *num_modes_seen = matched; - } else { - fprintf(stderr, "Invalid USB operation mode.\n"); - *exit_code = 1; - return 0; - } - if (!ykp_configure_command(cfg, SLOT_DEVICE_CONFIG)) - return 0; - - break; - case 'S': - { - size_t scanlength = strlen(SCAN_MAP); - if(slot_chosen || swap_seen || update_seen || option_seen || ndef_seen || *zap || usb_mode_seen) { - fprintf(stderr, "Scanmap (-S) can not be combined with other options.\n"); - *exit_code = 1; - return 0; - } - if(optarg) { - size_t scanbinlen; - size_t scanlen = strlen (optarg); - int rc = hex_modhex_decode(scan_bin, &scanbinlen, - optarg, scanlen, - scanlength * 2, scanlength * 2, - false); - - if (rc <= 0) { - fprintf(stderr, - "Invalid scanmap string %s\n", - optarg); - *exit_code = 1; - return 0; - } - } else { - memset(scan_bin, 0, scanlength); - } - scan_map_seen = true; - } - if (!ykp_configure_command(cfg, SLOT_SCAN_MAP)) - return 0; - break; - case 'o': - if (*zap) { - fprintf(stderr, "No options can be given with zap (-z).\n"); - *exit_code = 1; - return 0; - } - if (strncmp(optarg, "fixed=", 6) == 0) { - if (_set_fixed(optarg + 6, cfg) != 1) { - fprintf(stderr, - "Invalid fixed string: %s\n", - optarg + 6); - *exit_code = 1; - return 0; - } - } - else if (strncmp(optarg, "uid=", 4) == 0) { - const char *uid = optarg+4; - size_t uidlen = strlen (uid); - unsigned char uidbin[256]; - size_t uidbinlen = 0; - int rc = hex_modhex_decode(uidbin, &uidbinlen, - uid, uidlen, - 12, 12, false); - if (rc <= 0) { - fprintf(stderr, - "Invalid uid string: %s\n", - uid); - *exit_code = 1; - return 0; - } - /* for OATH-HOTP and CHAL-RESP, uid is not applicable */ - if (ykp_get_tktflag_OATH_HOTP(cfg) || ykp_get_tktflag_CHAL_RESP(cfg)) { - fprintf(stderr, - "Option uid= not valid with -ooath-hotp or -ochal-resp.\n" - ); - *exit_code = 1; - return 0; - } - ykp_set_uid(cfg, uidbin, uidbinlen); - } - else if (strncmp(optarg, "access=", 7) == 0) { - const char *acc = optarg+7; - size_t acclen = strlen (acc); - unsigned char accbin[256]; - size_t accbinlen = 0; - int rc = hex_modhex_decode (accbin, &accbinlen, - acc, acclen, - 12, 12, false); - if (rc <= 0) { - fprintf(stderr, - "Invalid access code string: %s\n", - acc); - *exit_code = 1; - return 0; - } - ykp_set_access_code(cfg, accbin, accbinlen); - new_access_code = true; - } -#define TKTFLAG(o, f) \ - else if (strcmp(optarg, o) == 0) { \ - if (!ykp_set_tktflag_##f(cfg, true)) { \ - *exit_code = 1; \ - return 0; \ - } \ - } else if (strcmp(optarg, "-" o) == 0) { \ - if (! ykp_set_tktflag_##f(cfg, false)) { \ - *exit_code = 1; \ - return 0; \ - } \ - } - TKTFLAG("tab-first", TAB_FIRST) - TKTFLAG("append-tab1", APPEND_TAB1) - TKTFLAG("append-tab2", APPEND_TAB2) - TKTFLAG("append-delay1", APPEND_DELAY1) - TKTFLAG("append-delay2", APPEND_DELAY2) - TKTFLAG("append-cr", APPEND_CR) - TKTFLAG("protect-cfg2", PROTECT_CFG2) - TKTFLAG("oath-hotp", OATH_HOTP) - TKTFLAG("chal-resp", CHAL_RESP) -#undef TKTFLAG - -#define CFGFLAG(o, f) \ - else if (strcmp(optarg, o) == 0) { \ - if (! ykp_set_cfgflag_##f(cfg, true)) { \ - *exit_code = 1; \ - return 0; \ - } \ - } else if (strcmp(optarg, "-" o) == 0) { \ - if (! ykp_set_cfgflag_##f(cfg, false)) { \ - *exit_code = 1; \ - return 0; \ - } \ - } - CFGFLAG("send-ref", SEND_REF) - CFGFLAG("ticket-first", TICKET_FIRST) - CFGFLAG("pacing-10ms", PACING_10MS) - CFGFLAG("pacing-20ms", PACING_20MS) - CFGFLAG("allow-hidtrig", ALLOW_HIDTRIG) - CFGFLAG("static-ticket", STATIC_TICKET) - CFGFLAG("short-ticket", SHORT_TICKET) - CFGFLAG("strong-pw1", STRONG_PW1) - CFGFLAG("strong-pw2", STRONG_PW2) - CFGFLAG("man-update", MAN_UPDATE) - CFGFLAG("oath-hotp8", OATH_HOTP8) - CFGFLAG("oath-fixed-modhex1", OATH_FIXED_MODHEX1) - CFGFLAG("oath-fixed-modhex2", OATH_FIXED_MODHEX2) - CFGFLAG("oath-fixed-modhex", OATH_FIXED_MODHEX) - CFGFLAG("chal-yubico", CHAL_YUBICO) - CFGFLAG("chal-hmac", CHAL_HMAC) - CFGFLAG("hmac-lt64", HMAC_LT64) - CFGFLAG("chal-btn-trig", CHAL_BTN_TRIG) -#undef CFGFLAG - else if (strncmp(optarg, "oath-imf=", 9) == 0) { - unsigned long imf; - - if (!ykp_get_tktflag_OATH_HOTP(cfg)) { - fprintf(stderr, - "Option oath-imf= only valid with -ooath-hotp or -ooath-hotp8.\n" - ); - *exit_code = 1; - return 0; - } - - if (sscanf(optarg+9, "%lu", &imf) != 1 || - /* yubikey limitations */ - imf > 65535*16 || imf % 16 != 0) { - fprintf(stderr, - "Invalid value %s for oath-imf=.\n", optarg+9 - ); - *exit_code = 1; - return 0; - } - if (! ykp_set_oath_imf(cfg, imf)) { - *exit_code = 1; - return 0; - } - } - else if (strncmp(optarg, "oath-id=", 8) == 0 || strcmp(optarg, "oath-id") == 0) { - if (_set_oath_id(optarg, cfg, yk, st) != 1) { - *exit_code = 1; - return 0; - } - } - -#define EXTFLAG(o, f) \ - else if (strcmp(optarg, o) == 0) { \ - if (! ykp_set_extflag_##f(cfg, true)) { \ - *exit_code = 1; \ - return 0; \ - } \ - } else if (strcmp(optarg, "-" o) == 0) { \ - if (! ykp_set_extflag_##f(cfg, false)) { \ - *exit_code = 1; \ - return 0; \ - } \ - } - EXTFLAG("serial-btn-visible", SERIAL_BTN_VISIBLE) - EXTFLAG("serial-usb-visible", SERIAL_USB_VISIBLE) - EXTFLAG("serial-api-visible", SERIAL_API_VISIBLE) - EXTFLAG("use-numeric-keypad", USE_NUMERIC_KEYPAD) - EXTFLAG("fast-trig", FAST_TRIG) - EXTFLAG("allow-update", ALLOW_UPDATE) - EXTFLAG("dormant", DORMANT) - EXTFLAG("led-inv", LED_INV) -#undef EXTFLAG - else { - fprintf(stderr, "Unknown option '%s'\n", - optarg); - fputs(usage, stderr); - *exit_code = 1; - return 0; - } - break; - case 'd': - *dry_run = true; - break; - case 'v': - *verbose = true; - break; - case 'y': - *autocommit = true; - break; - case 'V': - fputs(YKPERS_VERSION_STRING "\n", stderr); - *exit_code = 0; - return 0; - case 'h': - default: - fputs(usage, stderr); - *exit_code = 0; - return 0; - } - } - - if (!slot_chosen && !ndef_seen && !swap_seen && !usb_mode_seen && !scan_map_seen) { - fprintf(stderr, "A slot must be chosen with -1 or -2.\n"); - *exit_code = 1; - return 0; - } - - if (update_seen) { - struct config_st *core_config = (struct config_st *) ykp_core_config(cfg); - if ((core_config->tktFlags & TKTFLAG_UPDATE_MASK) != core_config->tktFlags) { - fprintf(stderr, "Unallowed ticket flags with update.\n"); - *exit_code = 1; - return 0; - } - if ((core_config->cfgFlags & CFGFLAG_UPDATE_MASK) != core_config->cfgFlags) { - fprintf(stderr, "Unallowed cfg flags with update.\n"); - *exit_code = 1; - return 0; - } - if ((core_config->extFlags & EXTFLAG_UPDATE_MASK) != core_config->extFlags) { - fprintf(stderr, "Unallowed ext flags with update.\n"); - *exit_code = 1; - return 0; - } - } - - if (*keylocation == 1) { - bool long_key_valid = ykp_get_supported_key_length(cfg) == 20 ? true : false; - int res = 0; - - if (long_key_valid && strlen(aeshash) == 40) { - res = ykp_HMAC_key_from_hex(cfg, aeshash); - } else { - res = ykp_AES_key_from_hex(cfg, aeshash); - } - - if (res) { - fprintf(stderr, "Bad %s key: %s\n", long_key_valid ? "HMAC":"AES", aeshash); - fflush(stderr); - return 0; - } - } - - return 1; -} - -static int _set_fixed(char *opt, YKP_CONFIG *cfg) { - const char *fixed = opt; - size_t fixedlen = strlen (fixed); - unsigned char fixedbin[256]; - size_t fixedbinlen = 0; - int rc = hex_modhex_decode(fixedbin, &fixedbinlen, - fixed, fixedlen, - 0, 32, true); - if (rc <= 0) - return 0; - - ykp_set_fixed(cfg, fixedbin, fixedbinlen); - return 1; -} - - -/* re-format decimal 12345678 into 'hex' 0x12 0x34 0x56 0x78 */ -static int _format_decimal_as_hex(uint8_t *dst, size_t dst_len, uint8_t *src) -{ - uint8_t *end; - - end = dst + dst_len; - while (src[0] && src[1]) { - if (dst >= end) - return 0; - *dst = ((src[0] - '0') * 0x10) + src[1] - '0'; - dst++; - src += 2; - } - - return 1; -} - -/* For details, see YubiKey Manual 2010-09-16 section 5.3.4 - OATH-HOTP Token Identifier */ -static int _format_oath_id(uint8_t *dst, size_t dst_len, uint8_t vendor, uint8_t type, uint32_t mui) -{ - uint8_t buf[8 + 1]; - - if (mui > 99999999) - return 0; - - /* two bytes vendor and token type, and eight bytes MUI */ - if (dst_len < 2 + 8) - return 0; - - /* Make the YubiKey output the MUI number in decimal */ - snprintf(buf, sizeof(buf), "%08i", mui); - - dst[0] = vendor; - dst[1] = type; - - if (_format_decimal_as_hex(dst + 2, dst_len - 2, buf) != 1) - return 0; - - return 1; -} - -static int _set_oath_id(char *opt, YKP_CONFIG *cfg, YK_KEY *yk, YK_STATUS *st) { - /* For details, see YubiKey Manual 2010-09-16 section 5.3.4 - OATH-HOTP Token Identifier */ - if (!ykp_get_tktflag_OATH_HOTP(cfg)) { - fprintf(stderr, - "Option oath-id= only valid with -ooath-hotp or -ooath-hotp8.\n" - ); - return 0; - } - if (! ykp_set_cfgflag_OATH_FIXED_MODHEX2(cfg, true)) - return 0; - if (! ykp_set_extflag_SERIAL_API_VISIBLE(cfg, true)) - return 0; - - if (strlen(opt) > 7) { - if (_set_fixed(opt + 8, cfg) != 1) { - fprintf(stderr, - "Invalid OATH token identifier %s supplied with oath-id=.\n", opt + 8 - ); - return 0; - } - } else { - /* No Token Id supplied, try to create one automatically based on - * the serial number of the YubiKey. - */ - unsigned int serial; - uint8_t oath_id[12] = {0}; - if (ykds_version_major(st) > 2 || - (ykds_version_major(st) == 2 && - ykds_version_minor(st) >= 2)) { - if (! yk_get_serial(yk, 0, 0, &serial)) { - fprintf(stderr, - "YubiKey refuses reading serial number. " - "Can't use -ooath-id.\n" - ); - return 0; - } - } else { - fprintf(stderr, - "YubiKey %d.%d.%d does not support reading serial number. " - "Can't use -ooath-id.\n", - ykds_version_major(st), - ykds_version_minor(st), - ykds_version_build(st) - ); - return 0; - } - - if (_format_oath_id(oath_id, sizeof(oath_id), YUBICO_OATH_VENDOR_ID_HEX, - YUBICO_HOTP_EVENT_TOKEN_TYPE, serial) != 1) { - fprintf(stderr, "Failed formatting OATH token identifier.\n"); - return 0; - } - - if (ykp_set_fixed(cfg, oath_id, 6) != 1) { - fprintf(stderr, - "Failed setting OATH token identifier.\n" - ); - return 0; - } - } - - return 1; -} diff -Nru yubikey-personalization-1.15.1/tests/ykpers-args.h yubikey-personalization-1.16.0/tests/ykpers-args.h --- yubikey-personalization-1.15.1/tests/ykpers-args.h 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/tests/ykpers-args.h 1970-01-01 00:00:00.000000000 +0000 @@ -1,47 +0,0 @@ -/* -*- mode:C; c-file-style: "bsd" -*- */ -/* - * Copyright (c) 2008-2014 Yubico AB - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are - * met: - * - * * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT - * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT - * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifndef YKPERS_ARGS_H -#define YKPERS_ARGS_H - -const char *usage; - -int args_to_config(int argc, char **argv, YKP_CONFIG *cfg, YK_KEY *yk, - const char **infname, const char **outfname, - int *data_format, bool *autocommit, - YK_STATUS *st, bool *verbose, bool *dry_run, - unsigned char *access_code, bool *use_access_code, - char *keylocation, char *ndef_type, char *ndef, unsigned char *usb_mode, - bool *zap, unsigned char *scan_bin, unsigned char *cr_timeout, - unsigned char *autoeject_timeout, int *num_modes_seen, int *exit_code); - -void report_yk_error(void); - -#endif diff -Nru yubikey-personalization-1.15.1/ykchalresp.1 yubikey-personalization-1.16.0/ykchalresp.1 --- yubikey-personalization-1.15.1/ykchalresp.1 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/ykchalresp.1 2014-09-23 11:28:18.000000000 +0000 @@ -105,7 +105,7 @@ .URL "https://github.com/Yubico/yubikey-personalization/issues" "the issue tracker" .SH "SEE ALSO" The -.URL "http://opensource.yubico.com/yubikey-personalization/" "ykpersonalize home page" +.URL "https://developers.yubico.com/yubikey-personalization/" "ykpersonalize home page" .PP YubiKeys can be obtained from .URL "http://www.yubico.com/" "Yubico" "." diff -Nru yubikey-personalization-1.15.1/ykchalresp.c yubikey-personalization-1.16.0/ykchalresp.c --- yubikey-personalization-1.15.1/ykchalresp.c 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/ykchalresp.c 2014-03-17 09:26:10.000000000 +0000 @@ -218,7 +218,7 @@ unsigned char *challenge, unsigned int len, bool hmac, bool may_block, bool verbose, bool totp, int digits ) { - unsigned char response[64]; + unsigned char response[SHA1_MAX_BLOCK_SIZE]; unsigned char output_buf[(SHA1_MAX_BLOCK_SIZE * 2) + 1]; int yk_cmd; unsigned int expect_bytes = 0; diff -Nru yubikey-personalization-1.15.1/ykcore/Makefile.in yubikey-personalization-1.16.0/ykcore/Makefile.in --- yubikey-personalization-1.15.1/ykcore/Makefile.in 2014-03-07 12:18:20.000000000 +0000 +++ yubikey-personalization-1.16.0/ykcore/Makefile.in 2014-09-23 11:52:39.000000000 +0000 @@ -1,4 +1,4 @@ -# Makefile.in generated by automake 1.13.3 from Makefile.am. +# Makefile.in generated by automake 1.14.1 from Makefile.am. # @configure_input@ # Copyright (C) 1994-2013 Free Software Foundation, Inc. @@ -427,14 +427,14 @@ @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c $< +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< .c.obj: @am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` .c.lo: @am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< diff -Nru yubikey-personalization-1.15.1/ykcore/ykcore_backend.h yubikey-personalization-1.16.0/ykcore/ykcore_backend.h --- yubikey-personalization-1.15.1/ykcore/ykcore_backend.h 2013-11-18 13:21:00.000000000 +0000 +++ yubikey-personalization-1.16.0/ykcore/ykcore_backend.h 2014-09-23 11:28:23.000000000 +0000 @@ -1,7 +1,7 @@ /* -*- mode:C; c-file-style: "bsd" -*- */ /* * Written by Richard Levitte - * Copyright (c) 2008-2013 Yubico AB + * Copyright (c) 2008-2014 Yubico AB * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -47,6 +47,8 @@ int _ykusb_write(void *dev, int report_type, int report_number, char *buffer, int buffer_size); +int _ykusb_get_vid_pid(void *dev, int *vid, int *pid); + const char *_ykusb_strerror(void); #endif /* __YKCORE_BACKEND_H_INCLUDED__ */ diff -Nru yubikey-personalization-1.15.1/ykcore/ykcore.c yubikey-personalization-1.16.0/ykcore/ykcore.c --- yubikey-personalization-1.15.1/ykcore/ykcore.c 2014-03-07 12:29:12.000000000 +0000 +++ yubikey-personalization-1.16.0/ykcore/ykcore.c 2014-09-23 11:52:31.000000000 +0000 @@ -67,7 +67,8 @@ YK_KEY *yk_open_first_key(void) { - int pids[] = {YUBIKEY_PID, NEO_OTP_PID, NEO_OTP_CCID_PID}; + int pids[] = {YUBIKEY_PID, NEO_OTP_PID, NEO_OTP_CCID_PID, + NEO_OTP_U2F_PID, NEO_OTP_U2F_CCID_PID}; YK_KEY *yk = _ykusb_open_device(YUBICO_VID, pids, sizeof(pids)); int rc = yk_errno; @@ -116,11 +117,13 @@ st->versionMinor == 1 || st->versionMinor == 2 || st->versionMinor == 3 || - st->versionMinor == 4)) || + st->versionMinor == 4 || + st->versionMinor == 5)) || (st->versionMajor == 3 && (st->versionMinor == 0 || st->versionMinor == 1 || - st->versionMinor == 2)))) { + st->versionMinor == 2 || + st->versionMinor == 3)))) { yk_errno = YK_EFIRMWARE; return 0; } @@ -484,6 +487,9 @@ memset(data, 0, sizeof(data)); if (!_ykusb_read(yk, REPORT_TYPE_FEATURE, slot, (char *) &data, FEATURE_RPT_SIZE)) return 0; +#ifdef YK_DEBUG + _yk_hexdump(data, FEATURE_RPT_SIZE); +#endif if (last_data != NULL) memcpy(last_data, data, sizeof(data)); @@ -700,6 +706,10 @@ return 1; } +int yk_get_key_vid_pid(YK_KEY *yk, int *vid, int *pid) { + return _ykusb_get_vid_pid(yk, vid, pid); +} + uint16_t yk_endian_swap_16(uint16_t x) { static int testflag = -1; diff -Nru yubikey-personalization-1.15.1/ykcore/ykcore.h yubikey-personalization-1.16.0/ykcore/ykcore.h --- yubikey-personalization-1.15.1/ykcore/ykcore.h 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/ykcore/ykcore.h 2014-09-23 11:52:31.000000000 +0000 @@ -133,6 +133,8 @@ unsigned int response_len, unsigned char *response); extern int yk_force_key_update(YK_KEY *yk); +/* Get the VID and PID of an opened device. */ +extern int yk_get_key_vid_pid(YK_KEY *yk, int *vid, int *pid); /************************************************************************* * diff -Nru yubikey-personalization-1.15.1/ykcore/ykcore_libusb-1.0.c yubikey-personalization-1.16.0/ykcore/ykcore_libusb-1.0.c --- yubikey-personalization-1.15.1/ykcore/ykcore_libusb-1.0.c 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/ykcore/ykcore_libusb-1.0.c 2014-09-23 11:52:31.000000000 +0000 @@ -218,6 +218,21 @@ return 1; } +int _ykusb_get_vid_pid(void *yk, int *vid, int *pid) +{ + struct libusb_device_descriptor desc; + libusb_device *dev = libusb_get_device(yk); + int rc = libusb_get_device_descriptor(dev, &desc); + + if (rc == 0) { + *vid = desc.idVendor; + *pid = desc.idProduct; + return 1; + } + yk_errno = YK_EUSBERR; + return 0; +} + const char *_ykusb_strerror(void) { static const char *buf; @@ -262,6 +277,7 @@ buf = "Operation not supported or unimplemented on this platform"; break; case LIBUSB_ERROR_OTHER: + default: buf = "Other/unknown error"; break; } diff -Nru yubikey-personalization-1.15.1/ykcore/ykcore_libusb.c yubikey-personalization-1.16.0/ykcore/ykcore_libusb.c --- yubikey-personalization-1.15.1/ykcore/ykcore_libusb.c 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/ykcore/ykcore_libusb.c 2014-09-23 12:44:14.000000000 +0000 @@ -205,6 +205,14 @@ return 0; } +int _ykusb_get_vid_pid(void *yk, int *vid, int *pid) { + struct usb_dev_handle *h = yk; + struct usb_device *dev = usb_device(h); + *vid = dev->descriptor.idVendor; + *pid = dev->descriptor.idProduct; + return 1; +} + const char *_ykusb_strerror(void) { return usb_strerror(); diff -Nru yubikey-personalization-1.15.1/ykcore/ykcore_osx.c yubikey-personalization-1.16.0/ykcore/ykcore_osx.c --- yubikey-personalization-1.15.1/ykcore/ykcore_osx.c 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/ykcore/ykcore_osx.c 2014-09-24 08:40:37.000000000 +0000 @@ -102,8 +102,11 @@ for(i = 0; i < cnt; i++) { IOHIDDeviceRef dev = (IOHIDDeviceRef)CFArrayGetValueAtIndex( array, i ); + long usagePage = _ykosx_getIntProperty( dev, CFSTR( kIOHIDPrimaryUsagePageKey )); + long usage = _ykosx_getIntProperty( dev, CFSTR( kIOHIDPrimaryUsageKey )); long devVendorId = _ykosx_getIntProperty( dev, CFSTR( kIOHIDVendorIDKey )); - if(devVendorId == vendor_id) { + /* usagePage 1 is generic desktop and usage 6 is keyboard */ + if(usagePage == 1 && usage == 6 && devVendorId == vendor_id) { long devProductId = _ykosx_getIntProperty( dev, CFSTR( kIOHIDProductIDKey )); size_t j; for(j = 0; j < pids_len; j++) { @@ -211,6 +214,13 @@ return 1; } +int _ykusb_get_vid_pid(void *yk, int *vid, int *pid) { + IOHIDDeviceRef dev = (IOHIDDeviceRef)yk; + *vid = _ykosx_getIntProperty( dev, CFSTR( kIOHIDVendorIDKey )); + *pid = _ykosx_getIntProperty( dev, CFSTR( kIOHIDProductIDKey )); + return 1; +} + const char *_ykusb_strerror() { switch (_ykusb_IOReturn) { diff -Nru yubikey-personalization-1.15.1/ykcore/ykcore_stub.c yubikey-personalization-1.16.0/ykcore/ykcore_stub.c --- yubikey-personalization-1.15.1/ykcore/ykcore_stub.c 2013-11-18 13:21:00.000000000 +0000 +++ yubikey-personalization-1.16.0/ykcore/ykcore_stub.c 2014-09-23 11:28:23.000000000 +0000 @@ -1,6 +1,6 @@ /* -*- mode:C; c-file-style: "bsd" -*- */ /* - * Copyright (c) 2008-2012 Yubico AB + * Copyright (c) 2008-2014 Yubico AB * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -70,6 +70,12 @@ { yk_errno = YK_ENOTYETIMPL; return 0; +} + +int _ykusb_get_vid_pid(void *dev, int *vid, int *pid) +{ + yk_errno = YK_ENOTYETIMPL; + return 0; } const char *_ykusb_strerror(void) diff -Nru yubikey-personalization-1.15.1/ykcore/ykcore_windows.c yubikey-personalization-1.16.0/ykcore/ykcore_windows.c --- yubikey-personalization-1.15.1/ykcore/ykcore_windows.c 2014-01-09 14:10:11.000000000 +0000 +++ yubikey-personalization-1.16.0/ykcore/ykcore_windows.c 2014-09-23 11:52:31.000000000 +0000 @@ -1,6 +1,6 @@ /* -*- mode:C; c-file-style: "bsd" -*- */ /* - * Copyright (c) 2008-2013 Yubico AB + * Copyright (c) 2008-2014 Yubico AB * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -185,6 +185,18 @@ return 1; } +int _ykusb_get_vid_pid(void *yk, int *vid, int *pid) { + HIDD_ATTRIBUTES devInfo; + int rc = HidD_GetAttributes(yk, &devInfo); + if (rc) { + *vid = devInfo.VendorID; + *pid = devInfo.ProductID; + return 1; + } + yk_errno = YK_EUSBERR; + return 0; +} + const char *_ykusb_strerror(void) { static char buf[1024]; diff -Nru yubikey-personalization-1.15.1/ykcore/ykdef.h yubikey-personalization-1.16.0/ykcore/ykdef.h --- yubikey-personalization-1.15.1/ykcore/ykdef.h 2013-11-18 13:21:00.000000000 +0000 +++ yubikey-personalization-1.16.0/ykcore/ykdef.h 2014-09-26 07:43:43.000000000 +0000 @@ -12,7 +12,10 @@ ** 10-05-01 / 2.2.0 / J E / Added support for 2.2 ext. + frame ** ** 11-04-15 / 2.3.0 / J E / Added support for 2.3 extensions ** ** 11-12-05 / 2.4.0 / J E / Added support for NFC and NDEF ** -** 12-10-28 / 3.0.0 / J E / NEO changes ** +** 12-10-28 / 3.0.0 / J E / NEO changes ** +** 13-03-05 / 3.1.0 / J E / Added EXTFLAG_LED_INV flag ** +** 13-03-06 / 3.1.0 / J E / Added NEO startup busy flag ** +** 14-06-13 / 3.3.0 / J E / Added U2F mode modifiers ** ** ** *****************************************************************************************/ @@ -226,7 +229,11 @@ #define MODE_OTP 0x00 /* OTP only */ #define MODE_CCID 0x01 /* CCID only, no eject */ #define MODE_OTP_CCID 0x02 /* OTP + CCID composite */ -#define MODE_MASK 0x03 /* Mask for mode bits */ +#define MODE_U2F 0x03 /* U2F mode */ +#define MODE_OTP_U2F 0x04 /* OTP + U2F composite */ +#define MODE_U2F_CCID 0x05 /* U2F + CCID composite */ +#define MODE_OTP_U2F_CCID 0x06 /* OTP + U2F + CCID composite */ +#define MODE_MASK 0x07 /* Mask for mode bits */ #define MODE_FLAG_EJECT 0x80 /* CCID device supports eject (mode 1 only) */ @@ -260,11 +267,15 @@ /* USB vendor ID (VID) and product ID (PID) mapping */ -#define YUBICO_VID 0x1050 /* Global vendor ID */ -#define YUBIKEY_PID 0x0010 /* Yubikey (version 1 and 2) */ -#define NEO_OTP_PID 0x0110 /* Yubikey NEO - OTP only */ -#define NEO_OTP_CCID_PID 0x0111 // Yubikey NEO - OTP and CCID -#define NEO_CCID_PID 0x0112 // Yubikey NEO - CCID only +#define YUBICO_VID 0x1050 /* Global vendor ID */ +#define YUBIKEY_PID 0x0010 /* Yubikey (version 1 and 2) */ +#define NEO_OTP_PID 0x0110 /* Yubikey NEO - OTP only */ +#define NEO_OTP_CCID_PID 0x0111 /* Yubikey NEO - OTP and CCID */ +#define NEO_CCID_PID 0x0112 /* Yubikey NEO - CCID only */ +#define NEO_U2F_PID 0x0113 /* Yubikey NEO - U2F only */ +#define NEO_OTP_U2F_PID 0x0114 /* Yubikey NEO - OTP and U2F */ +#define NEO_U2F_CCID_PID 0x0115 /* Yubikey NEO - U2F and CCID */ +#define NEO_OTP_U2F_CCID_PID 0x0116 /* Yubikey NEO - OTP, U2F and CCID */ #if defined(_WIN32) || defined(__GNUC__) #pragma pack(pop) diff -Nru yubikey-personalization-1.15.1/ykinfo.1 yubikey-personalization-1.16.0/ykinfo.1 --- yubikey-personalization-1.15.1/ykinfo.1 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/ykinfo.1 2014-09-23 11:28:18.000000000 +0000 @@ -1,4 +1,4 @@ -.\" Copyright (c) 2011-2013 Yubico AB +.\" Copyright (c) 2011-2014 Yubico AB .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without @@ -96,7 +96,7 @@ .URL "https://github.com/Yubico/yubikey-personalization/issues" "the issue tracker" .SH "SEE ALSO" The -.URL "http://opensource.yubico.com/yubikey-personalization/" "ykpersonalize home page" +.URL "https://developers.yubico.com/yubikey-personalization/" "ykpersonalize home page" .PP YubiKeys can be obtained from .URL "http://www.yubico.com/" "Yubico" "." diff -Nru yubikey-personalization-1.15.1/ykinfo.c yubikey-personalization-1.16.0/ykinfo.c --- yubikey-personalization-1.15.1/ykinfo.c 2013-11-18 13:21:00.000000000 +0000 +++ yubikey-personalization-1.16.0/ykinfo.c 2014-09-23 11:52:31.000000000 +0000 @@ -53,6 +53,8 @@ "\t-1 Check if slot 1 is programmed\n" "\t-2 Check if slot 2 is programmed\n" "\t-p Get programming sequence from YubiKey\n" + "\t-i Get vendor id of YubiKey\n" + "\t-I Get product id of YubiKey\n" "\t-a Get all information above\n" "\n" "\t-q Only output information from YubiKey\n" @@ -62,7 +64,7 @@ "\n" "\n" ; -const char *optstring = "asmHvtpqhV12"; +const char *optstring = "asmHvtpqhV12iI"; static void report_yk_error(void) { @@ -80,7 +82,7 @@ static int parse_args(int argc, char **argv, bool *serial_dec, bool *serial_modhex, bool *serial_hex, bool *version, bool *touch_level, bool *pgm_seq, bool *quiet, - bool *slot1, bool *slot2, + bool *slot1, bool *slot2, bool *vid, bool *pid, int *exit_code) { int c; @@ -96,6 +98,8 @@ *pgm_seq = true; *slot1 = true; *slot2 = true; + *vid = true; + *pid = true; break; case 's': *serial_dec = true; @@ -124,6 +128,12 @@ case '2': *slot2 = true; break; + case 'i': + *vid = true; + break; + case 'I': + *pid = true; + break; case 'V': fputs(YKPERS_VERSION_STRING "\n", stderr); *exit_code = 0; @@ -137,7 +147,8 @@ } if (!*serial_dec && !*serial_modhex && !*serial_hex && - !*version && !*touch_level && !*pgm_seq && !*slot1 && !*slot2) { + !*version && !*touch_level && !*pgm_seq && !*slot1 && !*slot2 && + !*vid && !*pid) { /* no options at all */ fputs("You must give at least one option.\n", stderr); fputs(usage, stderr); @@ -163,6 +174,8 @@ bool pgm_seq = false; bool slot1 = false; bool slot2 = false; + bool vid = false; + bool pid = false; bool quiet = false; @@ -171,7 +184,7 @@ if (! parse_args(argc, argv, &serial_dec, &serial_modhex, &serial_hex, &version, &touch_level, &pgm_seq, &quiet, - &slot1, &slot2, + &slot1, &slot2, &vid, &pid, &exit_code)) exit(exit_code); @@ -250,6 +263,23 @@ } ykds_free(st); } + if(vid || pid) { + int vendor_id, product_id; + if(!yk_get_key_vid_pid(yk, &vendor_id, &product_id)) { + exit_code = 1; + goto err; + } + if(vid) { + if(!quiet) + printf("vendor_id: "); + printf("%x\n", vendor_id); + } + if(pid) { + if(!quiet) + printf("product_id: "); + printf("%x\n", product_id); + } + } exit_code = 0; error = false; diff -Nru yubikey-personalization-1.15.1/ykpers4mac.mk yubikey-personalization-1.16.0/ykpers4mac.mk --- yubikey-personalization-1.15.1/ykpers4mac.mk 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/ykpers4mac.mk 2014-09-23 11:28:18.000000000 +0000 @@ -1,4 +1,4 @@ -# Copyright (c) 2013 Yubico AB +# Copyright (c) 2013-2014 Yubico AB # All rights reserved. # # Base copied from ykpers4win.mk @@ -63,7 +63,7 @@ cp COPYING $(PWD)/tmp/root/licenses/json-c.txt && \ cd .. && \ cp ../libyubikey-$(LIBYUBIKEYVERSION).tar.gz . \ - || wget http://yubico.github.io/yubico-c/releases/libyubikey-$(LIBYUBIKEYVERSION).tar.gz && \ + || wget https://developers.yubico.com/yubico-c/releases/libyubikey-$(LIBYUBIKEYVERSION).tar.gz && \ tar xfz libyubikey-$(LIBYUBIKEYVERSION).tar.gz && \ cd libyubikey-$(LIBYUBIKEYVERSION) && \ CFLAGS=$(CFLAGS) ./configure --prefix=$(PWD)/tmp/root && \ @@ -73,7 +73,7 @@ cp COPYING $(PWD)/tmp/root/licenses/libyubikey.txt && \ cd .. && \ cp ../ykpers-$(VERSION).tar.gz . \ - || wget http://yubico.github.io/yubikey-personalization/releases/ykpers-$(VERSION).tar.gz && \ + || wget https://developers.yubico.com/yubikey-personalization/releases/ykpers-$(VERSION).tar.gz && \ tar xfz ykpers-$(VERSION).tar.gz && \ cd ykpers-$(VERSION)/ && \ CFLAGS=$(CFLAGS) PKG_CONFIG_PATH=$(PWD)/tmp/root/lib/pkgconfig ./configure --prefix=$(PWD)/tmp/root --with-libyubikey-prefix=$(PWD)/tmp/root && \ diff -Nru yubikey-personalization-1.15.1/ykpers4win.mk yubikey-personalization-1.16.0/ykpers4win.mk --- yubikey-personalization-1.15.1/ykpers4win.mk 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/ykpers4win.mk 2014-09-23 11:28:18.000000000 +0000 @@ -1,5 +1,5 @@ # Written by Simon Josefsson . -# Copyright (c) 2010-2013 Yubico AB +# Copyright (c) 2010-2014 Yubico AB # All rights reserved. # # Redistribution and use in source and binary forms, with or without @@ -55,7 +55,7 @@ cp COPYING $(PWD)/tmp/root/licenses/json-c.txt && \ cd .. && \ cp ../libyubikey-$(LIBYUBIKEYVERSION).tar.gz . \ - || wget http://yubico.github.io/yubico-c/releases/libyubikey-$(LIBYUBIKEYVERSION).tar.gz && \ + || wget https://developers.yubico.com/yubico-c/releases/libyubikey-$(LIBYUBIKEYVERSION).tar.gz && \ tar xfa libyubikey-$(LIBYUBIKEYVERSION).tar.gz && \ cd libyubikey-$(LIBYUBIKEYVERSION) && \ ./configure --host=$(HOST) --build=x86_64-unknown-linux-gnu --prefix=$(PWD)/tmp/root && \ @@ -63,7 +63,7 @@ cp COPYING $(PWD)/tmp/root/licenses/libyubikey.txt && \ cd .. && \ cp ../ykpers-$(VERSION).tar.gz . \ - || wget http://yubico.github.io/yubikey-personalization/releases/ykpers-$(VERSION).tar.gz && \ + || wget https://developers.yubico.com/yubikey-personalization/releases/ykpers-$(VERSION).tar.gz && \ tar xfa ykpers-$(VERSION).tar.gz && \ cd ykpers-$(VERSION)/ && \ PKG_CONFIG_PATH=$(PWD)/tmp/root/lib/pkgconfig lt_cv_deplibs_check_method=pass_all ./configure --host=$(HOST) --build=x86_64-unknown-linux-gnu --prefix=$(PWD)/tmp/root LDFLAGS=-L$(PWD)/tmp/root/lib CPPFLAGS=-I$(PWD)/tmp/root/include && \ @@ -80,15 +80,15 @@ $(MAKE) -f ykpers4win.mk ykpers4win ARCH=64 HOST=x86_64-w64-mingw32 CHECK=check upload-ykpers4win: - @if test ! -d "$(YUBICO_GITHUB_REPO)"; then \ - echo "yubico.github.com repo not found!"; \ - echo "Make sure that YUBICO_GITHUB_REPO is set"; \ + @if test ! -d "$(YUBICO_WWW_REPO)"; then \ + echo "yubico www repo not found!"; \ + echo "Make sure that YUBICO_WWW_REPO is set"; \ exit 1; \ fi gpg --detach-sign --default-key $(PGPKEYID) \ $(PACKAGE)-$(VERSION)-win$(BITS).zip gpg --verify $(PACKAGE)-$(VERSION)-win$(BITS).zip.sig - $(YUBICO_GITHUB_REPO)/publish $(PROJECT) $(VERSION) $(PACKAGE)-$(VERSION)-win${BITS}.zip* + $(YUBICO_WWW_REPO)/publish $(PROJECT) $(VERSION) $(PACKAGE)-$(VERSION)-win${BITS}.zip* upload-ykpers4win32: $(MAKE) -f ykpers4win.mk upload-ykpers4win BITS=32 diff -Nru yubikey-personalization-1.15.1/ykpers.c yubikey-personalization-1.16.0/ykpers.c --- yubikey-personalization-1.15.1/ykpers.c 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/ykpers.c 2014-06-19 06:12:51.000000000 +0000 @@ -975,7 +975,7 @@ /* uid: */ if (key_bits_in_uid) { - strncpy(buffer, "n/a", 3); + strncpy(buffer, "n/a", 4); } else { yubikey_hex_encode(buffer, (const char *)ycfg.uid, UID_SIZE); } diff -Nru yubikey-personalization-1.15.1/ykpers-json.c yubikey-personalization-1.16.0/ykpers-json.c --- yubikey-personalization-1.15.1/ykpers-json.c 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/ykpers-json.c 2014-04-28 09:53:38.000000000 +0000 @@ -36,6 +36,29 @@ #include #include +#ifdef HAVE_JSON_OBJECT_OBJECT_GET_EX +#define yk_json_object_object_get(obj, key, value) json_object_object_get_ex(obj, key, &value) +#else +typedef int json_bool; +#define yk_json_object_object_get(obj, key, value) (value = json_object_object_get(obj, key)) == NULL ? (json_bool)FALSE : (json_bool)TRUE +#endif + +static void set_json_value(struct map_st *p, int mode, json_object *options, YKP_CONFIG *cfg) { + if(!p->json_text) { + return; + } + if(p->mode && (mode & p->mode) == mode) { + json_object *joption; + json_bool ret = yk_json_object_object_get(options, p->json_text, joption); + if(ret == TRUE && json_object_get_type(joption) == json_type_boolean) { + int value = json_object_get_boolean(joption); + if(value == 1) { + p->setter(cfg, true); + } + } + } +} + int _ykp_json_export_cfg(const YKP_CONFIG *cfg, char *json, size_t len) { json_object *jobj = json_object_new_object(); json_object *yprod_json = json_object_new_object(); @@ -196,21 +219,28 @@ int ret_code = 0; if(cfg) { json_object *jobj = json_tokener_parse(json); - json_object *yprod_json = json_object_object_get(jobj, "yubiProdConfig"); - json_object *jmode = json_object_object_get(yprod_json, "mode"); - json_object *options = json_object_object_get(yprod_json, "options"); - json_object *jtarget; + json_object *yprod_json, *jmode, *options, *jtarget; const char *raw_mode; int mode = MODE_OTP_YUBICO; struct map_st *p; - - if(!jobj || !yprod_json || !jmode || !options) { + if(!jobj) { + ykp_errno = YKP_EINVAL; + goto out; + } + if(yk_json_object_object_get(jobj, "yubiProdConfig", yprod_json) == FALSE) { + ykp_errno = YKP_EINVAL; + goto out; + } + if(yk_json_object_object_get(yprod_json, "mode", jmode) == FALSE) { + ykp_errno = YKP_EINVAL; + goto out; + } + if(yk_json_object_object_get(yprod_json, "options", options) == FALSE) { ykp_errno = YKP_EINVAL; goto out; } - jtarget = json_object_object_get(yprod_json, "targetConfig"); - if(jtarget) { + if(yk_json_object_object_get(yprod_json, "targetConfig", jtarget) == TRUE) { int target_config = json_object_get_int(jtarget); int command; if(target_config == 1) { @@ -240,24 +270,22 @@ if(mode == MODE_OATH_HOTP) { - json_object *jdigits = json_object_object_get(options, "oathDigits"); - json_object *jrandom = json_object_object_get(options, "randomSeed"); - + json_object *jdigits, *jrandom; ykp_set_tktflag_OATH_HOTP(cfg, true); - if(jdigits) { + if(yk_json_object_object_get(options, "oathDigits", jdigits) == TRUE) { int digits = json_object_get_int(jdigits); if(digits == 8) { ykp_set_cfgflag_OATH_HOTP8(cfg, true); } } - if(jrandom) { + if(yk_json_object_object_get(options, "randomSeed", jrandom) == TRUE) { int random = json_object_get_boolean(jrandom); int seed = 0; if(random == 1) { /* XXX: add random seed.. */ } else { - json_object *jseed = json_object_object_get(options, "fixedSeedvalue"); - if(jseed) { + json_object *jseed; + if(yk_json_object_object_get(options, "fixedSeedvalue", jseed) == TRUE) { seed = json_object_get_int(jseed); } } @@ -274,48 +302,15 @@ } for(p = _ticket_flags_map; p->flag; p++) { - if(!p->json_text) { - continue; - } - if(p->mode && (mode & p->mode) == mode) { - json_object *joption = json_object_object_get(options, p->json_text); - if(joption && json_object_get_type(joption) == json_type_boolean) { - int value = json_object_get_boolean(joption); - if(value == 1) { - p->setter(cfg, true); - } - } - } + set_json_value(p, mode, options, cfg); } for(p = _config_flags_map; p->flag; p++) { - if(!p->json_text) { - continue; - } - if(p->mode && (mode & p->mode) == mode) { - json_object *joption = json_object_object_get(options, p->json_text); - if(joption && json_object_get_type(joption) == json_type_boolean) { - int value = json_object_get_boolean(joption); - if(value == 1) { - p->setter(cfg, true); - } - } - } + set_json_value(p, mode, options, cfg); } for(p = _extended_flags_map; p->flag; p++) { - if(!p->json_text) { - continue; - } - if(p->mode && (mode & p->mode) == mode) { - json_object *joption = json_object_object_get(options, p->json_text); - if(joption && json_object_get_type(joption) == json_type_boolean) { - int value = json_object_get_boolean(joption); - if(value == 1) { - p->setter(cfg, true); - } - } - } + set_json_value(p, mode, options, cfg); } ret_code = 1; diff -Nru yubikey-personalization-1.15.1/ykpersonalize.1 yubikey-personalization-1.16.0/ykpersonalize.1 --- yubikey-personalization-1.15.1/ykpersonalize.1 2014-03-07 09:00:06.000000000 +0000 +++ yubikey-personalization-1.16.0/ykpersonalize.1 2014-09-23 11:28:18.000000000 +0000 @@ -142,11 +142,19 @@ .br where mode is: .br -0 HID device only. +0 OTP device only. .br 1 CCID device only. .br -2 HID/CCID composite device. +2 OTP/CCID composite device. +.br +3 U2F device only. +.br +4 OTP/U2F composite device. +.br +5 U2F/CCID composite device. +.br +6 OTP/U2F/CCID composite device. .br Add 80 to set MODE_FLAG_EJECT, for example: 81 .br @@ -410,7 +418,7 @@ .URL "https://github.com/Yubico/yubikey-personalization/issues" "the issue tracker" .SH "SEE ALSO" The -.URL "http://opensource.yubico.com/yubikey-personalization/" "ykpersonalize home page" +.URL "https://developers.yubico.com/yubikey-personalization/" "ykpersonalize home page" .PP YubiKeys can be obtained from .URL "http://www.yubico.com/" "Yubico" "." diff -Nru yubikey-personalization-1.15.1/ykpersonalize.c yubikey-personalization-1.16.0/ykpersonalize.c --- yubikey-personalization-1.15.1/ykpersonalize.c 2014-03-07 12:28:53.000000000 +0000 +++ yubikey-personalization-1.16.0/ykpersonalize.c 2014-09-23 11:28:18.000000000 +0000 @@ -67,15 +67,13 @@ int num_modes_seen = 0; bool zap = false; - bool error = false; + /* Assume the worst */ + bool error = true; int exit_code = 0; ykp_errno = 0; yk_errno = 0; - /* Assume the worst */ - error = true; - if (!yk_init()) { exit_code = 1; goto err; @@ -112,7 +110,7 @@ printf("Unsupported firmware revision - some " "features may not be available\n" "Please see \n" - "http://opensource.yubico.com/yubikey-personalization/doc/Compatibility.html\n" + "https://developers.yubico.com/yubikey-personalization/doc/Compatibility.html\n" "for more information.\n"); } else { goto err; @@ -184,7 +182,8 @@ goto err; if (!ykp_import_config(cfg, data, strlen(data), data_format)) goto err; - } else if (! zap && (ykp_command(cfg) == SLOT_CONFIG || ykp_command(cfg) == SLOT_CONFIG2)) { + } + if (! zap && (ykp_command(cfg) == SLOT_CONFIG || ykp_command(cfg) == SLOT_CONFIG2)) { int key_bytes = ykp_get_supported_key_length(cfg); char keybuf[42]; size_t keylen; @@ -316,20 +315,32 @@ else if(ykp_command(cfg) == SLOT_NDEF || ykp_command(cfg) == SLOT_NDEF2) { YK_NDEF *ndef = ykp_alloc_ndef(); int confnum = 1; + int res; if(ndef_type == 'U') { - ykp_construct_ndef_uri(ndef, ndef_string); + res = ykp_construct_ndef_uri(ndef, ndef_string); } else if(ndef_type == 'T') { - ykp_construct_ndef_text(ndef, ndef_string, "en", false); + res = ykp_construct_ndef_text(ndef, ndef_string, "en", false); + } + if(!res) { + if(verbose) { + printf(" failure to construct ndef\n"); + } + goto err; } if(use_access_code) { - ykp_set_ndef_access_code(ndef, access_code); + if(!ykp_set_ndef_access_code(ndef, access_code)) { + if(verbose) { + printf(" failure to set ndef accesscode\n"); + } + goto err; + } } if(ykp_command(cfg) == SLOT_NDEF2) { confnum = 2; } if (!yk_write_ndef2(yk, ndef, confnum)) { if (verbose) - printf(" failure\n"); + printf(" failure to write ndef\n"); goto err; } ykp_free_ndef(ndef); diff -Nru yubikey-personalization-1.15.1/ykpers-version.h yubikey-personalization-1.16.0/ykpers-version.h --- yubikey-personalization-1.15.1/ykpers-version.h 2014-03-07 12:18:29.000000000 +0000 +++ yubikey-personalization-1.16.0/ykpers-version.h 2014-09-23 12:41:34.000000000 +0000 @@ -42,7 +42,7 @@ * version number. Used together with ykpers_check_version() to verify * header file and run-time library consistency. */ -#define YKPERS_VERSION_STRING "1.15.1" +#define YKPERS_VERSION_STRING "1.16.0" /** * YKPERS_VERSION_NUMBER @@ -52,7 +52,7 @@ * this symbol will have the value 0x01020300. The last two digits * are only used between public releases, and will otherwise be 00. */ -#define YKPERS_VERSION_NUMBER 0x010f01 +#define YKPERS_VERSION_NUMBER 0x011000 /** * YKPERS_VERSION_MAJOR @@ -70,7 +70,7 @@ * level of the header file version number. For example, when the * header version is 1.2.3 this symbol will be 2. */ -#define YKPERS_VERSION_MINOR 15 +#define YKPERS_VERSION_MINOR 16 /** * YKPERS_VERSION_PATCH @@ -79,7 +79,7 @@ * level of the header file version number. For example, when the * header version is 1.2.3 this symbol will be 3. */ -#define YKPERS_VERSION_PATCH 1 +#define YKPERS_VERSION_PATCH 0 const char *ykpers_check_version (const char *req_version);