rooty/yubikey-val
1
0
Fork 0
mirror of https://github.com/Yubico/yubikey-val.git synced 2025-02-01 10:52:18 +01:00
Code Issues Projects Releases Wiki Activity

check yubikey owner when told to

Browse Source
This commit is contained in:
Paul Chen 2008-10-07 08:24:28 +00:00
parent 211e370195
commit 2ebaaaeb1f
1 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
verifyOTP.php
View File

@ -34,15 +34,14 @@ if ($ad == null) {
debug($ad);
}
//// Check the client ID
//// Check the client ID - does the client own the Yubikey?
//
// TODO - This may be too strict. Since our database doesn't keep track of that
//if ($ad['client_id'] != $client) {
// debug('Client-'.$client.' is not the owner of the Yubikey! The key will be suspended with excessive failed attempts.');
// sendResp(S_BAD_CLIENT, 'Not owner of the Yubikey');
// exit;
//}
if ($ad['chk_owner'] && $ad['client_id'] != $client) {
debug('Client-'.$client.' is not the owner of the Yubikey!');
sendResp(S_BAD_CLIENT, 'Not owner of the Yubikey');
exit;
}
$k = b64ToModhex($ad['secret']);
//debug('aes key in modhex = '.$k);