1
0
mirror of https://github.com/Yubico/yubico-pam.git synced 2024-12-01 15:24:12 +01:00

Don't generate new challenge on bad response.

This commit is contained in:
Fredrik Thulin 2011-03-14 12:44:57 +01:00
parent 68cdb39132
commit 71d68484f9

View File

@ -503,10 +503,15 @@ do_challenge_response(struct cfg *cfg, const char *username)
&response_len))
goto out;
yubikey_hex_encode(response_hex, (char *)response, response_len > 20 ? 20 : response_len);
if (strcmp(response_hex, expected_response) == 0)
if (strcmp(response_hex, expected_response) == 0) {
ret = PAM_SUCCESS;
} else {
D(("Unexpected C/R response : %s", response_hex));
ret = PAM_AUTH_ERR;
goto out;
}
/* Ok, got a good validation. Generate a new challenge */
D(("Got the expected response, generating new challenge."));
if (generate_challenge(challenge_hex, 64) < 0)
goto out;