rooty/yubico-pam
1
0
Fork 0
mirror of https://github.com/Yubico/yubico-pam.git synced 2025-02-27 06:54:15 +01:00
Code Issues Projects Releases Wiki Activity

Ensure that the debug log always outputs a valid OTP and not an accidental password

Browse Source 
Fixes issue #184
This commit is contained in:
Gabriel Kihlman 2019-02-04 10:25:31 +01:00
parent 456c2a125d
commit 5f7d7964de
No known key found for this signature in database
GPG Key ID: C59A56181B3BF1F7
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pam_yubico.c
View File

@ -1183,8 +1183,6 @@ pam_sm_authenticate (pam_handle_t * pamh,
/* Copy only public ID into otp_id. Destination buffer is zeroed. */ /* Copy only public ID into otp_id. Destination buffer is zeroed. */
strncpy (otp_id, password + skip_bytes, cfg->token_id_length); strncpy (otp_id, password + skip_bytes, cfg->token_id_length);
DBG ("OTP: %s ID: %s ", otp, otp_id);
/* user entered their system password followed by generated OTP? */ /* user entered their system password followed by generated OTP? */
if (password_len > TOKEN_OTP_LEN + cfg->token_id_length) if (password_len > TOKEN_OTP_LEN + cfg->token_id_length)
{ {
@ -1219,6 +1217,7 @@ pam_sm_authenticate (pam_handle_t * pamh,
switch(valid_token) switch(valid_token)
{ {
case AUTH_FOUND: case AUTH_FOUND:
DBG ("OTP: %s ID: %s ", otp, otp_id);
DBG ("Token is associated to the user. Validating the OTP..."); DBG ("Token is associated to the user. Validating the OTP...");
rc = ykclient_request (ykc, otp); rc = ykclient_request (ykc, otp);
DBG ("ykclient return value (%d): %s", rc, ykclient_strerror (rc)); DBG ("ykclient return value (%d): %s", rc, ykclient_strerror (rc));