From 55aeffc0667dda046821fa8c93ef8a380bede2e7 Mon Sep 17 00:00:00 2001
From: Olov Danielson <olov.danielson@gmail.com>
Date: Fri, 4 Dec 2009 11:57:49 +0000
Subject: [PATCH] Storing local param info at the time when verify request
 arrived. Used to give correct warnings of wether local/remote is out of sync
 or not

---
 tests/syncLibTest.php | 120 ++++++++++++++++++++++++++++++------------
 ykval-common.php      |   2 +-
 ykval-db.sql          |   1 +
 ykval-synclib.php     |  33 ++++++------
 ykval-verify.php      |  31 ++++++++---
 5 files changed, 127 insertions(+), 60 deletions(-)

diff --git a/tests/syncLibTest.php b/tests/syncLibTest.php
index fb8ea49..8516860 100644
--- a/tests/syncLibTest.php
+++ b/tests/syncLibTest.php
@@ -38,13 +38,22 @@ class SyncLibTest extends PHPUnit_Framework_TestCase
     $queue_length = $sl->getQueueLength();
 
 
-    $sl->queue(1259585588, 
-	       "ccccccccccccfrhiutjgfnvgdurgliidceuilikvfhui", 
-	       "cccccccccccc", 
-	       10,
-	       20,
-	       100,
-	       1000);
+    $sl->queue(array('modified'=>1259585588,
+		     'otp'=>"ccccccccccccfrhiutjgfnvgdurgliidceuilikvfhui",
+		     'yk_identity'=>"cccccccccccc",
+		     'yk_counter'=>10,
+		     'yk_use'=>20,
+		     'yk_high'=>100,
+		     'yk_low'=>1000),
+	       array('modified'=>1259585588,
+		     'otp'=>"ccccccccccccfrhiutjgfnvgdurgliidceuilikvfhui",
+		     'yk_identity'=>"cccccccccccc",
+		     'yk_counter'=>10,
+		     'yk_use'=>18,
+		     'yk_high'=>100,
+		     'yk_low'=>1000)
+	       );
+
     
     $this->assertEquals($nr_servers + $queue_length, $sl->getQueueLength());
     $lastSync=$sl->getLast();
@@ -102,26 +111,47 @@ class SyncLibTest extends PHPUnit_Framework_TestCase
 			     "http://localhost/wsapi/syncvalid3");
     
     $start_length=$sl->getQueueLength();
-    $this->assertTrue($sl->queue(1259671571+1000,
-				 "ccccccccccccculnnjikvhjduicubtkcvgvkcdcvdjhk",
-				 "cccccccccccc", 
-				 9,
-				 3,
-				 55,
-				 18000));
+    $this->assertTrue(
+		      $sl->queue(array('modified'=>1259585588+1000,
+				       'otp'=>"ccccccccccccfrhiutjgfnvgdurgliidceuilikvfhui",
+				       'yk_identity'=>"cccccccccccc",
+				       'yk_counter'=>9,
+				       'yk_use'=>3,
+				       'yk_high'=>100,
+				       'yk_low'=>1000),
+				 array('modified'=>1259585588,
+				       'otp'=>"ccccccccccccfrhiutjgfnvgdurgliidceuilikvfhui",
+				       'yk_identity'=>"cccccccccccc",
+				       'yk_counter'=>10,
+				       'yk_use'=>18,
+				       'yk_high'=>100,
+				       'yk_low'=>1000)
+				 ));
+
+
     
     $res=$sl->sync(3);
     $this->assertEquals(3, $sl->getNumberOfValidAnswers());
     $this->assertTrue($res, "all sync servers should be configured to return ok values");
     $this->assertEquals($start_length, $sl->getQueueLength());
 
-    $this->assertTrue($sl->queue(1259671571+1000,
-				 "ccccccccccccculnnjikvhjduicubtkcvgvkcdcvdjhk",
-				 "cccccccccccc", 
-				 9,
-				 3,
-				 55,
-				 18000));
+    $this->assertTrue(
+		      $sl->queue(array('modified'=>1259585588+1000,
+				       'otp'=>"ccccccccccccfrhiutjgfnvgdurgliidceuilikvfhui",
+				       'yk_identity'=>"cccccccccccc",
+				       'yk_counter'=>9,
+				       'yk_use'=>3,
+				       'yk_high'=>100,
+				       'yk_low'=>1000),
+				 array('modified'=>1259585588,
+				       'otp'=>"ccccccccccccfrhiutjgfnvgdurgliidceuilikvfhui",
+				       'yk_identity'=>"cccccccccccc",
+				       'yk_counter'=>10,
+				       'yk_use'=>18,
+				       'yk_high'=>100,
+				       'yk_low'=>1000)
+				 ));
+
     
     $res=$sl->sync(2);
     $this->assertEquals(2, $sl->getNumberOfValidAnswers());
@@ -139,13 +169,23 @@ class SyncLibTest extends PHPUnit_Framework_TestCase
 			     "http://localhost/wsapi/syncinvalid3");
     
     $start_length=$sl->getQueueLength();
-    $this->assertTrue($sl->queue(1259671571+1000,
-				 "ccccccccccccculnnjikvhjduicubtkcvgvkcdcvdjhk",
-				 "cccccccccccc", 
-				 9,
-				 3,
-				 55,
-				 18000));
+    $this->assertTrue(
+		      $sl->queue(array('modified'=>1259585588+1000,
+				       'otp'=>"ccccccccccccfrhiutjgfnvgdurgliidceuilikvfhui",
+				       'yk_identity'=>"cccccccccccc",
+				       'yk_counter'=>9,
+				       'yk_use'=>3,
+				       'yk_high'=>100,
+				       'yk_low'=>1000),
+				 array('modified'=>1259585588,
+				       'otp'=>"ccccccccccccfrhiutjgfnvgdurgliidceuilikvfhui",
+				       'yk_identity'=>"cccccccccccc",
+				       'yk_counter'=>10,
+				       'yk_use'=>18,
+				       'yk_high'=>100,
+				       'yk_low'=>1000)
+				 ));
+
     
     $res=$sl->sync(3);
     $this->assertEquals(0, $sl->getNumberOfValidAnswers());
@@ -163,13 +203,23 @@ class SyncLibTest extends PHPUnit_Framework_TestCase
 			     "http://localhost/wsapi/syncvalid3");
     
     $start_length=$sl->getQueueLength();
-    $this->assertTrue($sl->queue(1259671571+1000,
-				 "ccccccccccccculnnjikvhjduicubtkcvgvkcdcvdjhk",
-				 "cccccccccccc", 
-				 9,
-				 3,
-				 55,
-				 18000));
+    $this->assertTrue(
+		      $sl->queue(array('modified'=>1259585588+1000,
+				       'otp'=>"ccccccccccccfrhiutjgfnvgdurgliidceuilikvfhui",
+				       'yk_identity'=>"cccccccccccc",
+				       'yk_counter'=>9,
+				       'yk_use'=>3,
+				       'yk_high'=>100,
+				       'yk_low'=>1000),
+				 array('modified'=>1259585588,
+				       'otp'=>"ccccccccccccfrhiutjgfnvgdurgliidceuilikvfhui",
+				       'yk_identity'=>"cccccccccccc",
+				       'yk_counter'=>10,
+				       'yk_use'=>18,
+				       'yk_high'=>100,
+				       'yk_low'=>1000)
+				 ));
+
     
     $res=$sl->sync(1);
     $this->assertEquals(1, $sl->getNumberOfValidAnswers());
diff --git a/ykval-common.php b/ykval-common.php
index 86ba26b..23b76f3 100644
--- a/ykval-common.php
+++ b/ykval-common.php
@@ -136,7 +136,7 @@ function retrieveURLasync ($urls, $ans_req=1, $match="^OK", $returl=False) {
   $ch = array();
   foreach ($urls as $id => $url) {
     $handle = curl_init();
-
+    debug("url is: " . $url);
     curl_setopt($handle, CURLOPT_URL, $url);
     curl_setopt($handle, CURLOPT_USERAGENT, "YK-VAL");
     curl_setopt($handle, CURLOPT_RETURNTRANSFER, 1);
diff --git a/ykval-db.sql b/ykval-db.sql
index d81db49..064032d 100644
--- a/ykval-db.sql
+++ b/ykval-db.sql
@@ -32,6 +32,7 @@ CREATE TABLE queue (
   id INT NOT NULL UNIQUE AUTO_INCREMENT,
   queued_time TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
   modified_time TIMESTAMP,
+  random_key INT,
   otp VARCHAR(100) NOT NULL,
   server VARCHAR(100) NOT NULL,
   info VARCHAR(100) NOT NULL,
diff --git a/ykval-synclib.php b/ykval-synclib.php
index bc5bb97..9345013 100644
--- a/ykval-synclib.php
+++ b/ykval-synclib.php
@@ -53,27 +53,25 @@ class SyncLib
   {
     return count($this->db->last('queue', NULL));
   }
-  public function queue($modified, $otp, $identity, $counter, $use, $high, $low)
+  public function queue($otpParams, $localParams)
   {
-    $info='yk_identity=' . $identity .
-      '&yk_counter=' . $counter .
-      '&yk_use=' . $use .
-      '&yk_high=' . $high .
-      '&yk_low=' . $low;
     
-    $this->otpParams['modified']=$modified;
-    $this->otpParams['otp']=$otp;
-    $this->otpParams['yk_identity']=$identity;
-    $this->otpParams['yk_counter']=$counter;
-    $this->otpParams['yk_use']=$use;
-    $this->otpParams['yk_high']=$high;
-    $this->otpParams['yk_low']=$low;
+    
+    $info='yk_identity=' . $otpParams['yk_identity'] .
+      '&yk_counter=' . $otpParams['yk_counter'] .
+      '&yk_use=' . $otpParams['yk_use'] .
+      '&yk_high=' . $otpParams['yk_high'] .
+      '&yk_low=' . $otpParams['yk_low'];
+    
+    $this->otpParams = $otpParams;
+    $this->localParams = $localParams;
+    
     
     $res=True;
     foreach ($this->syncServers as $server) {
       
-      if(! $this->db->save('queue', array('modified_time'=>$this->UnixToDbTime($modified), 
-					  'otp'=>$otp, 
+      if(! $this->db->save('queue', array('modified_time'=>$this->UnixToDbTime($otpParams['modified']), 
+					  'otp'=>$otpParams['otp'], 
 					  'server'=>$server,
 					  'random_key'=>$this->random_key,
 					  'info'=>$info))) $res=False;
@@ -201,7 +199,8 @@ class SyncLib
     /*
      Parse responses
     */
-    $localParams=$this->getLocalParams($this->otpParams['yk_identity']);
+    $lastLocalParams=$this->getLocalParams($this->otpParams['yk_identity']);
+    $localParams = $this->localParams;
 
     $this->answers = count($ans_arr);
     $this->valid_answers = 0;
@@ -212,7 +211,7 @@ class SyncLib
       $this->log("notice", "response contains ", $resParams);
       
       /* Check if internal DB should be updated */
-      if ($this->countersHigherThan($resParams, $localParams)) {
+      if ($this->countersHigherThan($resParams, $lastLocalParams)) {
 	$this->updateDbCounters($resParams);
       }
       
diff --git a/ykval-verify.php b/ykval-verify.php
index 1c5d98e..b329ec3 100644
--- a/ykval-verify.php
+++ b/ykval-verify.php
@@ -165,13 +165,30 @@ $sl = new SyncLib();
 // We need the modifed value from the DB
 $stmp = 'SELECT accessed FROM yubikeys WHERE id=' . $ad['id'];
 query($conn, $stmt);
-$sl->queue($modified, 
-	   $otp, 
-	   $devId, 
-	   $otpinfo['session_counter'], 
-	   $otpinfo['session_use'], 
-	   $otpinfo['high'], 
-	   $otpinfo['low']);
+
+$otpParams=array('modified'=>$modified, 
+		 'otp'=>$otp, 
+		 'yk_identity'=>$devId, 
+		 'yk_counter'=>$otpinfo['session_counter'], 
+		 'yk_use'=>$otpinfo['session_use'], 
+		 'yk_high'=>$otpinfo['high'], 
+		 'yk_low'=>$otpinfo['low']);
+
+$localParams=array('modified'=>DbTimeToUnix($ad['accessed']), 
+		   'otp'=>'', 
+		   'yk_identity'=>$devId, 
+		   'yk_counter'=>$ad['counter'], 
+		   'yk_use'=>$ad['sessionUse'], 
+		   'yk_high'=>$ad['high'], 
+		   'yk_low'=>$ad['low']);
+
+
+if (!$sl->queue($otpParams, $localParams)) {
+  debug("ykval-verify:critical:failed to queue sync requests");
+  sendResp(S_BACKEND_ERROR, $apiKey);
+  exit;
+ }
+
 $required_answers=$sl->getNumberOfServers();
 $syncres=$sl->sync($required_answers);
 $answers=$sl->getNumberOfAnswers();