rooty/yubikey-val
1
0
Fork 0
mirror of https://github.com/Yubico/yubikey-val.git synced 2025-02-27 06:54:16 +01:00
Code Issues Projects Releases Wiki Activity

More cleanups.

Browse Source
This commit is contained in:
Simon Josefsson 2009-03-11 02:06:02 +00:00
parent cebd74ec71
commit 6ea1355f9b
2 changed files with 15 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
common.php
View File

@ -31,16 +31,13 @@ function getHttpVal($key, $defaultVal) {
return $v; return $v;
} }
function query($q) { function query($conn, $q) {
global $conn; debug('Query: '.$q);
debug('Query: '.$q); $result = mysql_query($q, $conn);
$result = mysql_query($q, $conn); if (!$result) {
if (!$result) { die("Query error: " . mysql_error());
$err = "Invalid query -- $q -- "; }
writeLog($err); return $result;
die($err . mysql_error());
}
return $result;
} }
function mysql_quote($value) { function mysql_quote($value) {
@ -69,7 +66,7 @@ function getUTCTimeStamp() {
// Sign a http query string in the array of key-value pairs // Sign a http query string in the array of key-value pairs
// return b64 encoded hmac hash // return b64 encoded hmac hash
function sign($a, $apiKey, $debug=false) { function sign($a, $apiKey) {
ksort($a); ksort($a);
$qs = ''; $qs = '';
$n = count($a); $n = count($a);
@ -122,12 +119,12 @@ function decryptOTP($otp, $base_url) {
} // End decryptOTP } // End decryptOTP
// $devId: The first 12 chars from the OTP // $devId: The first 12 chars from the OTP
function getAuthData($devId) { function getAuthData($conn, $devId) {
$tokenId = modhex2b64($devId); $tokenId = modhex2b64($devId);
$stmt = 'SELECT id, client_id, active, counter, '. $stmt = 'SELECT id, client_id, active, counter, '.
'sessionUse, low, high, accessed FROM yubikeys WHERE active '. 'sessionUse, low, high, accessed FROM yubikeys WHERE active '.
'AND tokenId='.mysql_quote($tokenId); 'AND tokenId='.mysql_quote($tokenId);
$r = query($stmt); $r = query($conn, $stmt);
if (mysql_num_rows($r) > 0) { if (mysql_num_rows($r) > 0) {
$row = mysql_fetch_assoc($r); $row = mysql_fetch_assoc($r);
mysql_free_result($r); mysql_free_result($r);
@ -137,10 +134,10 @@ function getAuthData($devId) {
} // End getAuthData } // End getAuthData
// $clientId: The decimal client identity // $clientId: The decimal client identity
function getClientData($clientId) { function getClientData($conn, $clientId) {
$stmt = 'SELECT id, secret, chk_sig, chk_owner, chk_time'. $stmt = 'SELECT id, secret, chk_sig, chk_owner, chk_time'.
' FROM clients WHERE active AND id='.mysql_quote($clientId); ' FROM clients WHERE active AND id='.mysql_quote($clientId);
$r = query($stmt); $r = query($conn, $stmt);
if (mysql_num_rows($r) > 0) { if (mysql_num_rows($r) > 0) {
$row = mysql_fetch_assoc($r); $row = mysql_fetch_assoc($r);
mysql_free_result($r); mysql_free_result($r);

6
verify.php
View File

@ -32,7 +32,7 @@ $otp = strtolower($otp);
//// Get Client info from DB //// Get Client info from DB
// //
$cd = getClientData($client); $cd = getClientData($conn, $client);
if ($cd == null) { if ($cd == null) {
debug('Invalid client id ' . $client); debug('Invalid client id ' . $client);
sendResp(S_NO_SUCH_CLIENT); sendResp(S_NO_SUCH_CLIENT);
@ -67,7 +67,7 @@ if ($cd['chk_sig'] && $h == '') {
//// Get Yubikey from DB //// Get Yubikey from DB
// //
$devId = substr($otp, 0, DEVICE_ID_LEN); $devId = substr($otp, 0, DEVICE_ID_LEN);
$ad = getAuthData($devId); $ad = getAuthData($conn, $devId);
if ($ad == null) { if ($ad == null) {
debug('Invalid Yubikey ' . $devId); debug('Invalid Yubikey ' . $devId);
@ -116,7 +116,7 @@ $stmt = 'UPDATE yubikeys SET accessed=NOW()' .
', low=' . $otpinfo['low'] . ', low=' . $otpinfo['low'] .
', high=' . $otpinfo['high'] . ', high=' . $otpinfo['high'] .
' WHERE id=' . $ad['id']; ' WHERE id=' . $ad['id'];
query($stmt); query($conn, $stmt);
//// Check the time stamp //// Check the time stamp
// //