mirror of
https://github.com/Yubico/yubico-pam.git
synced 2024-12-11 09:24:10 +01:00
Don't generate new challenge on bad response.
This commit is contained in:
parent
7360223a14
commit
ee2e8b42da
@ -503,10 +503,15 @@ do_challenge_response(struct cfg *cfg, const char *username)
|
|||||||
&response_len))
|
&response_len))
|
||||||
goto out;
|
goto out;
|
||||||
yubikey_hex_encode(response_hex, (char *)response, response_len > 20 ? 20 : response_len);
|
yubikey_hex_encode(response_hex, (char *)response, response_len > 20 ? 20 : response_len);
|
||||||
if (strcmp(response_hex, expected_response) == 0)
|
if (strcmp(response_hex, expected_response) == 0) {
|
||||||
ret = PAM_SUCCESS;
|
ret = PAM_SUCCESS;
|
||||||
|
} else {
|
||||||
|
D(("Unexpected C/R response : %s", response_hex));
|
||||||
|
ret = PAM_AUTH_ERR;
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
|
||||||
/* Ok, got a good validation. Generate a new challenge */
|
D(("Got the expected response, generating new challenge."));
|
||||||
|
|
||||||
if (generate_challenge(challenge_hex, 64) < 0)
|
if (generate_challenge(challenge_hex, 64) < 0)
|
||||||
goto out;
|
goto out;
|
||||||
|
Loading…
Reference in New Issue
Block a user