From 8f214355c6da8f28d7e742253bbe5ff56742d439 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@microsoft.com>
Date: Wed, 21 Apr 2021 23:01:47 +0100
Subject: [PATCH] FIDO2: if defined, check for FIDO_ERR_UV_BLOCKED

Newer libfido versions added this error, so check for it since it
can help the user with a more specific message
---
 src/shared/libfido2-util.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/shared/libfido2-util.c b/src/shared/libfido2-util.c
index ec69793f7cf..24c9b76b7ad 100644
--- a/src/shared/libfido2-util.c
+++ b/src/shared/libfido2-util.c
@@ -349,6 +349,11 @@ static int fido2_use_hmac_hash_specific_token(
         case FIDO_ERR_PIN_AUTH_BLOCKED:
                 return log_error_errno(SYNTHETIC_ERRNO(EOWNERDEAD),
                                        "PIN of security token is blocked, please remove/reinsert token.");
+#ifdef FIDO_ERR_UV_BLOCKED
+        case FIDO_ERR_UV_BLOCKED:
+                return log_error_errno(SYNTHETIC_ERRNO(EOWNERDEAD),
+                                       "Verification of security token is blocked, please remove/reinsert token.");
+#endif
         case FIDO_ERR_PIN_INVALID:
                 return log_error_errno(SYNTHETIC_ERRNO(ENOLCK),
                                        "PIN of security token incorrect.");
@@ -633,6 +638,11 @@ int fido2_generate_hmac_hash(
         if (r == FIDO_ERR_PIN_AUTH_BLOCKED)
                 return log_notice_errno(SYNTHETIC_ERRNO(EPERM),
                                         "Token PIN is currently blocked, please remove and reinsert token.");
+#ifdef FIDO_ERR_UV_BLOCKED
+        if (r == FIDO_ERR_UV_BLOCKED)
+                return log_notice_errno(SYNTHETIC_ERRNO(EPERM),
+                                        "Token verification is currently blocked, please remove and reinsert token.");
+#endif
         if (r == FIDO_ERR_ACTION_TIMEOUT)
                 return log_error_errno(SYNTHETIC_ERRNO(ENOSTR),
                                        "Token action timeout. (User didn't interact with token quickly enough.)");
-- 
2.47.3