rooty/yubico-pam
1
0
Fork 0
mirror of https://github.com/Yubico/yubico-pam.git synced 2025-02-22 00:54:30 +01:00
Code Issues Projects Releases Wiki Activity

drop check for OTP length, should trigger error later anyways.

Browse Source 
relates #97
This commit is contained in:
Klas Lindfors 2016-06-13 10:12:55 +02:00
parent a21a20cb65
commit fee0bcc231
1 changed files with 4 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
pam_yubico.c
View File

@ -988,16 +988,13 @@ pam_sm_authenticate (pam_handle_t * pamh,
} }
password_len = strlen (password); password_len = strlen (password);
if (password_len < (cfg->token_id_length + TOKEN_OTP_LEN))
{
DBG (("OTP too short to be considered : %zu < %u", password_len, (cfg->token_id_length + TOKEN_OTP_LEN)));
retval = PAM_AUTH_ERR;
goto done;
}
/* In case the input was systempassword+YubiKeyOTP, we want to skip over /* In case the input was systempassword+YubiKeyOTP, we want to skip over
"systempassword" when copying the token_id and OTP to separate buffers */ "systempassword" when copying the token_id and OTP to separate buffers */
skip_bytes = password_len - (cfg->token_id_length + TOKEN_OTP_LEN); if(password_len > cfg->token_id_length + TOKEN_OTP_LEN)
{
skip_bytes = password_len - (cfg->token_id_length + TOKEN_OTP_LEN);
}
DBG (("Skipping first %i bytes. Length is %zu, token_id set to %u and token OTP always %u.", DBG (("Skipping first %i bytes. Length is %zu, token_id set to %u and token OTP always %u.",
skip_bytes, password_len, cfg->token_id_length, TOKEN_OTP_LEN)); skip_bytes, password_len, cfg->token_id_length, TOKEN_OTP_LEN));