rooty/yubikey-val
1
0
Fork 0
mirror of https://github.com/Yubico/yubikey-val.git synced 2025-02-08 03:54:20 +01:00
Code Issues Projects Releases Wiki Activity

check yubikey owner when told to

Browse Source
This commit is contained in:
Paul Chen 2008-10-07 08:24:28 +00:00
parent 211e370195
commit 2ebaaaeb1f
1 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
verifyOTP.php
View File

@ -34,15 +34,14 @@ if ($ad == null) {
debug($ad); debug($ad);
} }
//// Check the client ID //// Check the client ID - does the client own the Yubikey?
// //
// TODO - This may be too strict. Since our database doesn't keep track of that
//if ($ad['client_id'] != $client) { if ($ad['chk_owner'] && $ad['client_id'] != $client) {
// debug('Client-'.$client.' is not the owner of the Yubikey! The key will be suspended with excessive failed attempts.'); debug('Client-'.$client.' is not the owner of the Yubikey!');
// sendResp(S_BAD_CLIENT, 'Not owner of the Yubikey'); sendResp(S_BAD_CLIENT, 'Not owner of the Yubikey');
// exit; exit;
//} }
$k = b64ToModhex($ad['secret']); $k = b64ToModhex($ad['secret']);
//debug('aes key in modhex = '.$k); //debug('aes key in modhex = '.$k);