rooty/yubikey-val
1
0
Fork 0
mirror of https://github.com/Yubico/yubikey-val.git synced 2025-02-01 01:52:18 +01:00
Code Issues Projects Releases Wiki Activity

Don't refuse sync for disabled YubiKeys.

Browse Source 
It is better to consume any OTPs produced by a YubiKey, so if -
for some reason - another validation server has accepted an OTP
we'd better bump our counter values accordingly.
This commit is contained in:
Fredrik Thulin 2012-06-14 12:56:05 +02:00
parent 2a7a6e3503
commit a852e860db
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ykval-sync.php
View File

@ -117,10 +117,12 @@ if (!$localParams) {
}
if ($localParams['active'] != 1) {
$myLog->log(LOG_NOTICE, 'De-activated Yubikey ' . $yk_publicname);
sendResp(S_BAD_OTP, $apiKey);
exit;
}
/* The remote server has accepted an OTP from a YubiKey which we would not. We update our
* counters
*/
$myLog->log(LOG_WARNING, 'Received sync-request for de-activated Yubikey ' . $yk_publicname .
' - check database synchronization!!!');
}
/* Conditional update local database */