1
0
mirror of https://github.com/Yubico/yubico-pam.git synced 2024-12-11 09:24:10 +01:00

Don't generate new challenge on bad response.

This commit is contained in:
Fredrik Thulin 2011-03-14 12:44:57 +01:00 committed by Tollef Fog Heen
parent 7360223a14
commit ee2e8b42da

View File

@ -503,10 +503,15 @@ do_challenge_response(struct cfg *cfg, const char *username)
&response_len)) &response_len))
goto out; goto out;
yubikey_hex_encode(response_hex, (char *)response, response_len > 20 ? 20 : response_len); yubikey_hex_encode(response_hex, (char *)response, response_len > 20 ? 20 : response_len);
if (strcmp(response_hex, expected_response) == 0) if (strcmp(response_hex, expected_response) == 0) {
ret = PAM_SUCCESS; ret = PAM_SUCCESS;
} else {
D(("Unexpected C/R response : %s", response_hex));
ret = PAM_AUTH_ERR;
goto out;
}
/* Ok, got a good validation. Generate a new challenge */ D(("Got the expected response, generating new challenge."));
if (generate_challenge(challenge_hex, 64) < 0) if (generate_challenge(challenge_hex, 64) < 0)
goto out; goto out;