mirror of
https://github.com/Yubico/yubikey-val.git
synced 2024-11-29 09:24:12 +01:00
More cleanups.
This commit is contained in:
Simon Josefsson
parent
cebd74ec71
commit
6ea1355f9b
27
common.php
27
common.php
@ -31,16 +31,13 @@ function getHttpVal($key, $defaultVal) {
|
||||
return $v;
|
||||
}
|
||||
|
||||
function query($q) {
|
||||
global $conn;
|
||||
debug('Query: '.$q);
|
||||
$result = mysql_query($q, $conn);
|
||||
if (!$result) {
|
||||
$err = "Invalid query -- $q -- ";
|
||||
writeLog($err);
|
||||
die($err . mysql_error());
|
||||
}
|
||||
return $result;
|
||||
function query($conn, $q) {
|
||||
debug('Query: '.$q);
|
||||
$result = mysql_query($q, $conn);
|
||||
if (!$result) {
|
||||
die("Query error: " . mysql_error());
|
||||
}
|
||||
return $result;
|
||||
}
|
||||
|
||||
function mysql_quote($value) {
|
||||
@ -69,7 +66,7 @@ function getUTCTimeStamp() {
|
||||
|
||||
// Sign a http query string in the array of key-value pairs
|
||||
// return b64 encoded hmac hash
|
||||
function sign($a, $apiKey, $debug=false) {
|
||||
function sign($a, $apiKey) {
|
||||
ksort($a);
|
||||
$qs = '';
|
||||
$n = count($a);
|
||||
@ -122,12 +119,12 @@ function decryptOTP($otp, $base_url) {
|
||||
} // End decryptOTP
|
||||
|
||||
// $devId: The first 12 chars from the OTP
|
||||
function getAuthData($devId) {
|
||||
function getAuthData($conn, $devId) {
|
||||
$tokenId = modhex2b64($devId);
|
||||
$stmt = 'SELECT id, client_id, active, counter, '.
|
||||
'sessionUse, low, high, accessed FROM yubikeys WHERE active '.
|
||||
'AND tokenId='.mysql_quote($tokenId);
|
||||
$r = query($stmt);
|
||||
$r = query($conn, $stmt);
|
||||
if (mysql_num_rows($r) > 0) {
|
||||
$row = mysql_fetch_assoc($r);
|
||||
mysql_free_result($r);
|
||||
@ -137,10 +134,10 @@ function getAuthData($devId) {
|
||||
} // End getAuthData
|
||||
|
||||
// $clientId: The decimal client identity
|
||||
function getClientData($clientId) {
|
||||
function getClientData($conn, $clientId) {
|
||||
$stmt = 'SELECT id, secret, chk_sig, chk_owner, chk_time'.
|
||||
' FROM clients WHERE active AND id='.mysql_quote($clientId);
|
||||
$r = query($stmt);
|
||||
$r = query($conn, $stmt);
|
||||
if (mysql_num_rows($r) > 0) {
|
||||
$row = mysql_fetch_assoc($r);
|
||||
mysql_free_result($r);
|
||||
|
||||
@ -32,7 +32,7 @@ $otp = strtolower($otp);
|
||||
|
||||
//// Get Client info from DB
|
||||
//
|
||||
$cd = getClientData($client);
|
||||
$cd = getClientData($conn, $client);
|
||||
if ($cd == null) {
|
||||
debug('Invalid client id ' . $client);
|
||||
sendResp(S_NO_SUCH_CLIENT);
|
||||
@ -67,7 +67,7 @@ if ($cd['chk_sig'] && $h == '') {
|
||||
//// Get Yubikey from DB
|
||||
//
|
||||
$devId = substr($otp, 0, DEVICE_ID_LEN);
|
||||
$ad = getAuthData($devId);
|
||||
$ad = getAuthData($conn, $devId);
|
||||
|
||||
if ($ad == null) {
|
||||
debug('Invalid Yubikey ' . $devId);
|
||||
@ -116,7 +116,7 @@ $stmt = 'UPDATE yubikeys SET accessed=NOW()' .
|
||||
', low=' . $otpinfo['low'] .
|
||||
', high=' . $otpinfo['high'] .
|
||||
' WHERE id=' . $ad['id'];
|
||||
query($stmt);
|
||||
query($conn, $stmt);
|
||||
|
||||
//// Check the time stamp
|
||||
//
|
||||
|
||||
Loading…
Reference in New Issue
Block a user