diff --git a/Cargo.toml b/Cargo.toml
index bcf3416ad9a37633d102372d2f722ead042258cc..bf59085cb523d61f9c4e0e2ddaeabe09e0ef4c8e 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -11,9 +11,7 @@ publish = false
build = "build.rs"
[features]
-default = ["enable_yubikey"]
enable_syslog = ["syslog", "fern/syslog-4"]
-enable_yubikey = ["yubico"]
[dependencies]
# Web framework for nightly with a focus on ease-of-use, expressibility, and speed.
@@ -74,7 +72,7 @@ jsonwebtoken = "5.0.1"
u2f = "0.1.4"
# Yubico Library
-yubico = { version = "0.5.0", features = ["online"], default-features = false, optional = true }
+yubico = { version = "0.5.0", features = ["online"], default-features = false }
# A `dotenv` implementation for Rust
dotenv = { version = "0.13.0", default-features = false }
diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64
index 19b867662010816dde71da5a0fc53618ddbdd5c5..5beb2daae72e8363453dba6b6157b7aa6333e2a8 100644
--- a/Dockerfile.aarch64
+++ b/Dockerfile.aarch64
@@ -55,8 +55,7 @@ COPY . .
# Build
RUN rustup target add aarch64-unknown-linux-gnu
-# TODO: Enable yubico when #262 is fixed
-RUN cargo build --release --target=aarch64-unknown-linux-gnu -v --no-default-features
+RUN cargo build --release --target=aarch64-unknown-linux-gnu -v
######################## RUNTIME IMAGE ########################
# Create a new stage with a minimal image
diff --git a/src/api/core/two_factor.rs b/src/api/core/two_factor.rs
index 56968254eb125a2de3ee5e3c1ad89f54daefc1da..5aeb1b16c8dc27f29d52865e329c29c5ca7477ef 100644
--- a/src/api/core/two_factor.rs
+++ b/src/api/core/two_factor.rs
@@ -15,18 +15,8 @@ use crate::auth::Headers;
use rocket::Route;
-#[cfg(feature = "enable_yubikey")]
-fn yubi_routes() -> Vec<Route> {
- routes![generate_yubikey, activate_yubikey, activate_yubikey_put]
-}
-
-#[cfg(not(feature = "enable_yubikey"))]
-fn yubi_routes() -> Vec<Route> {
- Vec::new()
-}
-
pub fn routes() -> Vec<Route> {
- let mut routes = routes![
+ routes![
get_twofactor,
get_recover,
recover,
@@ -39,11 +29,10 @@ pub fn routes() -> Vec<Route> {
generate_u2f_challenge,
activate_u2f,
activate_u2f_put,
- ];
-
- routes.append(&mut yubi_routes());
-
- routes
+ generate_yubikey,
+ activate_yubikey,
+ activate_yubikey_put,
+ ]
}
#[get("/two-factor")]
@@ -496,8 +485,8 @@ pub struct YubikeyMetadata {
pub Nfc: bool,
}
-#[cfg(feature = "enable_yubikey")]
-use yubico::{config::Config, Yubico};
+use yubico::config::Config;
+use yubico::Yubico;
fn parse_yubikeys(data: &EnableYubikeyData) -> Vec<String> {
let mut yubikeys: Vec<String> = Vec::new();
@@ -535,7 +524,6 @@ fn jsonify_yubikeys(yubikeys: Vec<String>) -> serde_json::Value {
result
}
-#[cfg(feature = "enable_yubikey")]
fn verify_yubikey_otp(otp: String) -> JsonResult {
if !CONFIG.yubico_cred_set {
err!("`YUBICO_CLIENT_ID` or `YUBICO_SECRET_KEY` environment variable is not set. Yubikey OTP Disabled")
@@ -557,7 +545,6 @@ fn verify_yubikey_otp(otp: String) -> JsonResult {
}
}
-#[cfg(feature = "enable_yubikey")]
#[post("/two-factor/get-yubikey", data = "<data>")]
fn generate_yubikey(data: JsonUpcase<PasswordData>, headers: Headers, conn: DbConn) -> JsonResult {
if !CONFIG.yubico_cred_set {
@@ -593,7 +580,6 @@ fn generate_yubikey(data: JsonUpcase<PasswordData>, headers: Headers, conn: DbCo
}
}
-#[cfg(feature = "enable_yubikey")]
#[post("/two-factor/yubikey", data = "<data>")]
fn activate_yubikey(data: JsonUpcase<EnableYubikeyData>, headers: Headers, conn: DbConn) -> JsonResult {
let data: EnableYubikeyData = data.into_inner().data;
@@ -655,18 +641,11 @@ fn activate_yubikey(data: JsonUpcase<EnableYubikeyData>, headers: Headers, conn:
Ok(Json(result))
}
-#[cfg(feature = "enable_yubikey")]
#[put("/two-factor/yubikey", data = "<data>")]
fn activate_yubikey_put(data: JsonUpcase<EnableYubikeyData>, headers: Headers, conn: DbConn) -> JsonResult {
activate_yubikey(data, headers, conn)
}
-#[cfg(not(feature = "enable_yubikey"))]
-pub fn validate_yubikey_login(_: &str, _: &str, _: &DbConn) -> EmptyResult {
- err!("Yubikey functionality is disabled. If you are using AArch64, check #262")
-}
-
-#[cfg(feature = "enable_yubikey")]
pub fn validate_yubikey_login(user_uuid: &str, response: &str, conn: &DbConn) -> EmptyResult {
if response.len() != 44 {
err!("Invalid Yubikey OTP length");