mirror of
https://github.com/Yubico/yubikey-val.git
synced 2025-03-04 12:29:19 +01:00
Cosmetic changes.
This commit is contained in:
Jean Paul Galea
parent
c5b6b3c567
commit
13530c532f
@ -435,104 +435,110 @@ class SyncLib
|
|||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function sync($ans_req, $timeout=1)
|
public function sync($ans_req, $timeout=1)
|
||||||
{
|
{
|
||||||
/*
|
/*
|
||||||
Construct URLs
|
Construct URLs
|
||||||
*/
|
*/
|
||||||
$urls=array();
|
$urls=array();
|
||||||
$res=$this->db->findByMultiple('queue', array("modified"=>$this->otpParams['modified'], "server_nonce"=>$this->server_nonce));
|
$res=$this->db->findByMultiple('queue', array("modified"=>$this->otpParams['modified'], "server_nonce"=>$this->server_nonce));
|
||||||
foreach($res as $row) {
|
foreach($res as $row) {
|
||||||
$urls[]=$row['server'] .
|
$urls[]=$row['server'] .
|
||||||
"?otp=" . $row['otp'] .
|
"?otp=" . $row['otp'] .
|
||||||
"&modified=" . $row['modified'] .
|
"&modified=" . $row['modified'] .
|
||||||
"&" . $this->otpPartFromInfoString($row['info']);
|
"&" . $this->otpPartFromInfoString($row['info']);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
Send out requests
|
Send out requests
|
||||||
*/
|
*/
|
||||||
$ans_arr = retrieveURLasync('YK-VAL sync', $urls, $this->myLog, $ans_req, $match='status=OK', $returl=True, $timeout, $this->curlopts);
|
$ans_arr = retrieveURLasync('YK-VAL sync', $urls, $this->myLog, $ans_req, $match='status=OK', $returl=True, $timeout, $this->curlopts);
|
||||||
|
|
||||||
if ($ans_arr === FALSE) {
|
if ($ans_arr === FALSE) {
|
||||||
$this->log(LOG_WARNING, 'No responses from validation server pool');
|
$this->log(LOG_WARNING, 'No responses from validation server pool');
|
||||||
$ans_arr = array();
|
$ans_arr = array();
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
Parse responses
|
Parse responses
|
||||||
*/
|
*/
|
||||||
$localParams = $this->localParams;
|
$localParams = $this->localParams;
|
||||||
|
|
||||||
$this->answers = count($ans_arr);
|
$this->answers = count($ans_arr);
|
||||||
$this->valid_answers = 0;
|
$this->valid_answers = 0;
|
||||||
foreach ($ans_arr as $answer){
|
|
||||||
/* Parse out parameters from each response */
|
|
||||||
$resParams=$this->parseParamsFromMultiLineString($answer);
|
|
||||||
$this->log(LOG_DEBUG, "local db contains ", $localParams);
|
|
||||||
$this->log(LOG_DEBUG, "response contains ", $resParams);
|
|
||||||
$this->log(LOG_DEBUG, "OTP contains " , $this->otpParams);
|
|
||||||
|
|
||||||
/* Update internal DB (conditional) */
|
foreach ($ans_arr as $answer)
|
||||||
$this->updateDbCounters($resParams);
|
{
|
||||||
|
/* Parse out parameters from each response */
|
||||||
|
$resParams=$this->parseParamsFromMultiLineString($answer);
|
||||||
|
$this->log(LOG_DEBUG, "local db contains ", $localParams);
|
||||||
|
$this->log(LOG_DEBUG, "response contains ", $resParams);
|
||||||
|
$this->log(LOG_DEBUG, "OTP contains " , $this->otpParams);
|
||||||
|
|
||||||
/* Check for warnings
|
/* Update internal DB (conditional) */
|
||||||
|
$this->updateDbCounters($resParams);
|
||||||
|
|
||||||
See https://developers.yubico.com/yubikey-val/doc/ServerReplicationProtocol.html
|
/* Check for warnings
|
||||||
|
|
||||||
NOTE: We use localParams for validationParams comparison since they are actually the
|
See https://developers.yubico.com/yubikey-val/doc/ServerReplicationProtocol.html
|
||||||
same in this situation and we have them at hand.
|
|
||||||
*/
|
|
||||||
|
|
||||||
if ($this->countersHigherThan($localParams, $resParams)) {
|
NOTE: We use localParams for validationParams comparison since they are actually the
|
||||||
$this->log(LOG_NOTICE, "Remote server out of sync");
|
same in this situation and we have them at hand.
|
||||||
}
|
*/
|
||||||
|
|
||||||
if ($this->countersHigherThan($resParams, $localParams)) {
|
if ($this->countersHigherThan($localParams, $resParams))
|
||||||
$this->log(LOG_NOTICE, "Local server out of sync");
|
{
|
||||||
}
|
$this->log(LOG_NOTICE, "Remote server out of sync");
|
||||||
|
}
|
||||||
|
|
||||||
if ($this->countersEqual($resParams, $localParams) &&
|
if ($this->countersHigherThan($resParams, $localParams))
|
||||||
$resParams['nonce']!=$localParams['nonce']) {
|
{
|
||||||
$this->log(LOG_NOTICE, "Servers out of sync. Nonce differs. ");
|
$this->log(LOG_NOTICE, "Local server out of sync");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($this->countersEqual($resParams, $localParams) && $resParams['nonce']!=$localParams['nonce'])
|
||||||
|
{
|
||||||
|
$this->log(LOG_NOTICE, "Servers out of sync. Nonce differs. ");
|
||||||
|
}
|
||||||
|
|
||||||
if ($this->countersEqual($resParams, $localParams) &&
|
if ($this->countersEqual($resParams, $localParams) && $resParams['modified']!=$localParams['modified'])
|
||||||
$resParams['modified']!=$localParams['modified']) {
|
{
|
||||||
$this->log(LOG_NOTICE, "Servers out of sync. Modified differs. ");
|
$this->log(LOG_NOTICE, "Servers out of sync. Modified differs. ");
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($this->countersHigherThan($resParams, $this->otpParams)){
|
if ($this->countersHigherThan($resParams, $this->otpParams))
|
||||||
$this->log(LOG_WARNING, 'OTP is replayed. Sync response counters higher than OTP counters.');
|
{
|
||||||
}
|
$this->log(LOG_WARNING, 'OTP is replayed. Sync response counters higher than OTP counters.');
|
||||||
elseif ($this->countersEqual($resParams, $this->otpParams) &&
|
}
|
||||||
$resParams['nonce']!=$this->otpParams['nonce']) {
|
elseif ($this->countersEqual($resParams, $this->otpParams) && $resParams['nonce']!=$this->otpParams['nonce'])
|
||||||
$this->log(LOG_WARNING, 'OTP is replayed. Sync response counters equal to OTP counters and nonce differs.');
|
{
|
||||||
} else {
|
$this->log(LOG_WARNING, 'OTP is replayed. Sync response counters equal to OTP counters and nonce differs.');
|
||||||
/* The answer is ok since a REPLAY was not indicated */
|
}
|
||||||
$this->valid_answers++;
|
else
|
||||||
}
|
{
|
||||||
|
/* The answer is ok since a REPLAY was not indicated */
|
||||||
|
$this->valid_answers++;
|
||||||
|
}
|
||||||
|
|
||||||
/* Delete entry from table */
|
/* Delete entry from table */
|
||||||
$this->deleteQueueEntry($answer);
|
$this->deleteQueueEntry($answer);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
NULL queued_time for remaining entries in queue, to allow
|
NULL queued_time for remaining entries in queue, to allow
|
||||||
daemon to take care of them as soon as possible. */
|
daemon to take care of them as soon as possible. */
|
||||||
|
|
||||||
$this->db->updateBy('queue', 'server_nonce', $this->server_nonce, array('queued'=>NULL));
|
$this->db->updateBy('queue', 'server_nonce', $this->server_nonce, array('queued'=>NULL));
|
||||||
|
|
||||||
/* Return true if valid answers equals required answers.
|
/* Return true if valid answers equals required answers.
|
||||||
Since we only obtain the required amount of answers from
|
Since we only obtain the required amount of answers from
|
||||||
retrieveAsync this indicates that all answers were actually valid.
|
retrieveAsync this indicates that all answers were actually valid.
|
||||||
Otherwise, return false. */
|
Otherwise, return false. */
|
||||||
if ($this->valid_answers==$ans_req)
|
if ($this->valid_answers==$ans_req)
|
||||||
return True;
|
return True;
|
||||||
|
|
||||||
return False;
|
return False;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getNumberOfValidAnswers()
|
public function getNumberOfValidAnswers()
|
||||||
{
|
{
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user