Changeset 693 in openpam for trunk/lib


Ignore:
Timestamp:
Aug 15, 2013, 3:21:31 PM (7 years ago)
Author:
Dag-Erling Smørgrav
Message:

Record the last successful use of a TOTP key. Also add commented-out
logic to prevent reuse of the same code or an earlier code within the
window, and make some minor type adjustments.

Location:
trunk/lib/liboath
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/lib/liboath/oath_hotp.c

    r679 r693  
    9393 * Computes the current code for the given key and advances the counter.
    9494 */
    95 int
     95unsigned int
    9696oath_hotp_current(struct oath_key *k)
    9797{
     
    112112 * Compares the code provided by the user with expected values within a
    113113 * given window.  Returns 1 if there was a match, 0 if not, and -1 if an
    114  * error occurred.
     114 * error occurred.  Also advances the counter if there was a match.
    115115 */
    116116int
  • trunk/lib/liboath/oath_totp.c

    r679 r693  
    6868}
    6969
     70/*
     71 * Compares the code provided by the user with expected values within a
     72 * given window.  Returns 1 if there was a match, 0 if not, and -1 if an
     73 * error occurred.
     74 */
    7075int
    71 oath_totp_match(const struct oath_key *k, unsigned int response, int window)
     76oath_totp_match(struct oath_key *k, unsigned int response, int window)
    7277{
    7378        unsigned int code;
     
    8691        dummy = (strcmp(k->label, OATH_DUMMY_LABEL) == 0);
    8792        for (int i = -window; i <= window; ++i) {
     93#if OATH_TOTP_PREVENT_REUSE
     94                /* XXX disabled for now, should be a key parameter? */
     95                if (seq + i <= k->lastuse)
     96                        continue;
     97#endif
    8898                code = oath_hotp(k->key, k->keylen, seq + i, k->digits);
    89                 if (code == response && !dummy)
     99                if (code == response && !dummy) {
     100                        k->lastuse = seq;
    90101                        return (1);
     102                }
    91103        }
    92104        return (0);
Note: See TracChangeset for help on using the changeset viewer.