Fix AArch64 build by disabling yubico

2025-06-12 21:27:37 +02:00 · 2019-01-10 23:54:01 +01:00
parent 08c55f636a
commit 1d034749f7
4 changed files with 75 additions and 50 deletions
--- a/src/api/core/two_factor.rs
+++ b/src/api/core/two_factor.rs
@ -15,8 +15,18 @@ use crate::auth::Headers;

 use rocket::Route;

+#[cfg(feature = "enable_yubikey")]
+fn yubi_routes() -> Vec<Route> {
+    routes![generate_yubikey, activate_yubikey, activate_yubikey_put]
+}
+
+#[cfg(not(feature = "enable_yubikey"))]
+fn yubi_routes() -> Vec<Route> {
+    Vec::new()
+}
+
 pub fn routes() -> Vec<Route> {
-    routes![
+    let mut routes = routes![
        get_twofactor,
        get_recover,
        recover,
@ -29,10 +39,11 @@ pub fn routes() -> Vec<Route> {
        generate_u2f_challenge,
        activate_u2f,
        activate_u2f_put,
-        generate_yubikey,
-        activate_yubikey,
-        activate_yubikey_put,
-    ]
+    ];
+
+    routes.append(&mut yubi_routes());
+
+    routes
 }

 #[get("/two-factor")]
@ -294,7 +305,7 @@ struct RegisterResponseCopy {
    pub registration_data: String,
    pub version: String,
    pub client_data: String,
-    
+
    pub error_code: Option<NumberOrString>,
 }

@ -485,8 +496,8 @@ pub struct YubikeyMetadata {
    pub Nfc: bool,
 }

-use yubico::config::Config;
-use yubico::Yubico;
+#[cfg(feature = "enable_yubikey")]
+use yubico::{config::Config, Yubico};

 fn parse_yubikeys(data: &EnableYubikeyData) -> Vec<String> {
    let mut yubikeys: Vec<String> = Vec::new();
@ -524,6 +535,7 @@ fn jsonify_yubikeys(yubikeys: Vec<String>) -> serde_json::Value {
    result
 }

+#[cfg(feature = "enable_yubikey")]
 fn verify_yubikey_otp(otp: String) -> JsonResult {
    if !CONFIG.yubico_cred_set {
        err!("`YUBICO_CLIENT_ID` or `YUBICO_SECRET_KEY` environment variable is not set. Yubikey OTP Disabled")
@ -545,6 +557,7 @@ fn verify_yubikey_otp(otp: String) -> JsonResult {
    }
 }

+#[cfg(feature = "enable_yubikey")]
 #[post("/two-factor/get-yubikey", data = "<data>")]
 fn generate_yubikey(data: JsonUpcase<PasswordData>, headers: Headers, conn: DbConn) -> JsonResult {
    if !CONFIG.yubico_cred_set {
@ -580,6 +593,7 @@ fn generate_yubikey(data: JsonUpcase<PasswordData>, headers: Headers, conn: DbCo
    }
 }

+#[cfg(feature = "enable_yubikey")]
 #[post("/two-factor/yubikey", data = "<data>")]
 fn activate_yubikey(data: JsonUpcase<EnableYubikeyData>, headers: Headers, conn: DbConn) -> JsonResult {
    let data: EnableYubikeyData = data.into_inner().data;
@ -641,11 +655,18 @@ fn activate_yubikey(data: JsonUpcase<EnableYubikeyData>, headers: Headers, conn:
    Ok(Json(result))
 }

+#[cfg(feature = "enable_yubikey")]
 #[put("/two-factor/yubikey", data = "<data>")]
 fn activate_yubikey_put(data: JsonUpcase<EnableYubikeyData>, headers: Headers, conn: DbConn) -> JsonResult {
    activate_yubikey(data, headers, conn)
 }

+#[cfg(not(feature = "enable_yubikey"))]
+pub fn validate_yubikey_login(_: &str, _: &str, _: &DbConn) -> EmptyResult {
+    err!("Yubikey functionality is disabled. If you are using AArch64, check #262")
+}
+
+#[cfg(feature = "enable_yubikey")]
 pub fn validate_yubikey_login(user_uuid: &str, response: &str, conn: &DbConn) -> EmptyResult {
    if response.len() != 44 {
        err!("Invalid Yubikey OTP length");