Add FreeBSD Support

[valpackett]

This PR adds support for FreeBSD (and makes it easier to add support for other BSDs in the future, especially DragonFly since it also uses devd).

• BSD uhid is pretty similar to Linux hidraw, except for skipping the report id in write (and ioctls are different, of course). So the non-Linux-specific parts have been extracted into src/hidproto.rs.
• my crate devd-rs is used for getting hotplug notifications.
• rust-crypto to sha2: I think rust-crypto failed the build for me. The monolithic rust-crypto crate is deprecated anyway.
• env_logger update: prompted by mach vendor rust in Firefox.
• rustfmt for CI

The test example binary is not fully reliable for me (sometimes it hangs), but Firefox Nightly with this library seems more reliable: I've been able to complete WebAuthn and Yubico tests and authenticate on gitlab.com multiple times in the same session without any issues.

BTW, it would be nice to retry Device::new multiple times, because the notification might appear before devd rules give the user permission to access the token. (Does udev on Linux not have that problem?)

cc @jbeich

[jbeich]

• Firefox 61 (Nightly) Try build
• Firefox 60 (Beta) Try build

[jcjones]

This looks fine to me, but I would like @ttaubert to look closer at the dependency change to the sha2 crate, and the hidproto.rs refactor.

[ttaubert]

Thanks Greg!

env_logger update: prompted by mach vendor rust in Firefox.

We forgot to uplift a change from Firefox to the repository here. This should be fixed now.

rust-crypto to sha2: I think rust-crypto failed the build for me. The monolithic rust-crypto crate is deprecated anyway
rustfmt for CI

Those are good changes. I pulled them out so we can fix our Travis CI bustage and concentrate on the FreeBSD support code here.

https://phabricator.services.mozilla.com/D1115
https://phabricator.services.mozilla.com/D1116

BTW, it would be nice to retry Device::new multiple times, because the notification might appear before devd rules give the user permission to access the token. (Does udev on Linux not have that problem?)

AFAICT, this doesn't seem to a problem with udev. It definitely wouldn't hurt to sleep for a few hundred ms and try again though.

The test example binary is not fully reliable for me (sometimes it hangs), but Firefox Nightly with this library seems more reliable: I've been able to complete WebAuthn and Yubico tests and authenticate on gitlab.com multiple times in the same session without any issues.

That seems worrisome. Did you try to find out where exactly the statemachine is hanging? It would be good to have solid support on FreeBSD, if we claim to :)

[valpackett]

Did you try to find out where exactly the statemachine is hanging?

Looks like in the read() syscall on the device.

I think Firefox is more reliable than the example because Firefox doesn't do operations one after another without delay. But it's weird that a delay would be required. A similar patch for Chromium does not do any additional delays and it works fine...

[jcjones]

Since we pulled parts of this in already, this patch now needs conflicts resolved. I'm downloading a FreeBSD image currently, but I don't know when I'll get around to testing it. I'll try to do so soon.

[valpackett]

Rebased. (Kinda weird that you're pulling them through mozilla first and not the other way around, and git author info is lost...)

So, if you want to test (without running as root):

• devd hotplug rules are in the u2f-devd package, pkg install u2f-devd
• service devd restart after installing them to pick them up
• pw groupmod u2f -m $USER to add yourself to the u2f group that the rules give permission to
• of course log out & log in to get the group to apply to you
• (all of the above commands need root/sudo/doas)

[jcjones]

I am sorry about that, @myfreeweb. Tim and I decided during development to make mozilla-central the authoritative repository until we fix the vendoring issues and can import this as a crate [Bug 1395293]. I should have some breathing room finally to try again at doing that. And to move this repo to mozilla/u2f-hid-rs or similar.

[jcjones]

Just a note for myself in the future: We pulled a lot of #[derive(Debug)]s out to shrink the compiled library, but I think that was unneeded since we moved to more recent versions of rust.

[jcjones]

Opened https://bugzilla.mozilla.org/show_bug.cgi?id=1468349.

[jcjones]

Thank you, @myfreeweb and @jbeich so much! Landing this in Firefox...