rooty/yubikey-val
1
0
Fork 0
mirror of https://github.com/Yubico/yubikey-val.git synced 2025-02-27 06:54:16 +01:00
Code Issues Projects Releases Wiki Activity

Cosmetic changes.

Browse Source
This commit is contained in:
Jean Paul Galea 2015-07-17 21:30:30 +02:00
parent d9194c854d
commit ac3b4978b8
1 changed files with 68 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
ykval-verify.php
View File

@ -38,13 +38,17 @@ header("content-type: text/plain");
$myLog = new Log('ykval-verify'); $myLog = new Log('ykval-verify');
$myLog->addField('ip', $_SERVER['REMOTE_ADDR']); $myLog->addField('ip', $_SERVER['REMOTE_ADDR']);
$query_string = ''; $query_string = '';
if ($_POST) { if ($_POST)
{
$kv = array(); $kv = array();
foreach ($_POST as $key => $value) { foreach ($_POST as $key => $value)
{
$kv[] = "$key=$value"; $kv[] = "$key=$value";
} }
$query_string = "POST: " . join("&", $kv); $query_string = "POST: " . join("&", $kv);
} else { }
else
{
$query_string = "Request: " . $_SERVER['QUERY_STRING']; $query_string = "Request: " . $_SERVER['QUERY_STRING'];
} }
@ -120,57 +124,70 @@ if ($protocol_version >= 2.0)
*/ */
/* Change default protocol "strings" to numeric values */ /* Change default protocol "strings" to numeric values */
if (isset($sl) && strcasecmp($sl, 'fast')==0) { if (isset($sl) && strcasecmp($sl, 'fast') == 0)
{
$sl = $baseParams['__YKVAL_SYNC_FAST_LEVEL__']; $sl = $baseParams['__YKVAL_SYNC_FAST_LEVEL__'];
} }
if (isset($sl) && strcasecmp($sl, 'secure')==0) { if (isset($sl) && strcasecmp($sl, 'secure') == 0)
{
$sl = $baseParams['__YKVAL_SYNC_SECURE_LEVEL__']; $sl = $baseParams['__YKVAL_SYNC_SECURE_LEVEL__'];
} }
if (!isset($sl) || $sl == '') { if (!isset($sl) || $sl == '')
{
$sl = $baseParams['__YKVAL_SYNC_DEFAULT_LEVEL__']; $sl = $baseParams['__YKVAL_SYNC_DEFAULT_LEVEL__'];
} }
if (!isset($timeout) || $timeout == '') { if (!isset($timeout) || $timeout == '')
{
$timeout = $baseParams['__YKVAL_SYNC_DEFAULT_TIMEOUT__']; $timeout = $baseParams['__YKVAL_SYNC_DEFAULT_TIMEOUT__'];
} }
if ($otp == '') { if ($otp == '')
{
$myLog->log(LOG_NOTICE, 'OTP is missing'); $myLog->log(LOG_NOTICE, 'OTP is missing');
sendResp(S_MISSING_PARAMETER, $myLog); sendResp(S_MISSING_PARAMETER, $myLog);
} }
if (strlen($otp) < TOKEN_LEN || strlen ($otp) > OTP_MAX_LEN) { if (strlen($otp) < TOKEN_LEN || strlen ($otp) > OTP_MAX_LEN)
{
$myLog->log(LOG_NOTICE, 'Incorrect OTP length: ' . $otp); $myLog->log(LOG_NOTICE, 'Incorrect OTP length: ' . $otp);
sendResp(S_BAD_OTP, $myLog); sendResp(S_BAD_OTP, $myLog);
} }
if (preg_match("/^[cbdefghijklnrtuv]+$/", $otp)==0) { if (preg_match("/^[cbdefghijklnrtuv]+$/", $otp) == 0)
{
$myLog->log(LOG_NOTICE, 'Invalid OTP: ' . $otp); $myLog->log(LOG_NOTICE, 'Invalid OTP: ' . $otp);
sendResp(S_BAD_OTP, $myLog); sendResp(S_BAD_OTP, $myLog);
} }
if (preg_match("/^[0-9]+$/", $client)==0){ if (preg_match("/^[0-9]+$/", $client) == 0)
{
$myLog->log(LOG_NOTICE, 'id provided in request must be an integer'); $myLog->log(LOG_NOTICE, 'id provided in request must be an integer');
sendResp(S_MISSING_PARAMETER, $myLog); sendResp(S_MISSING_PARAMETER, $myLog);
} }
if ($client <= 0) { if ($client <= 0)
{
$myLog->log(LOG_NOTICE, 'Client ID is missing'); $myLog->log(LOG_NOTICE, 'Client ID is missing');
sendResp(S_MISSING_PARAMETER, $myLog); sendResp(S_MISSING_PARAMETER, $myLog);
} }
if ($timeout && preg_match("/^[0-9]+$/", $timeout)==0) { if ($timeout && preg_match("/^[0-9]+$/", $timeout) == 0)
{
$myLog->log(LOG_NOTICE, 'timeout is provided but not correct'); $myLog->log(LOG_NOTICE, 'timeout is provided but not correct');
sendResp(S_MISSING_PARAMETER, $myLog); sendResp(S_MISSING_PARAMETER, $myLog);
} }
if (isset($nonce) && preg_match("/^[A-Za-z0-9]+$/", $nonce)==0) { if (isset($nonce) && preg_match("/^[A-Za-z0-9]+$/", $nonce) == 0)
{
$myLog->log(LOG_NOTICE, 'NONCE is provided but not correct'); $myLog->log(LOG_NOTICE, 'NONCE is provided but not correct');
sendResp(S_MISSING_PARAMETER, $myLog); sendResp(S_MISSING_PARAMETER, $myLog);
} }
if (isset($nonce) && (strlen($nonce) < 16 || strlen($nonce) > 40)) { if (isset($nonce) && (strlen($nonce) < 16 || strlen($nonce) > 40))
{
$myLog->log(LOG_NOTICE, 'Nonce too short or too long'); $myLog->log(LOG_NOTICE, 'Nonce too short or too long');
sendResp(S_MISSING_PARAMETER, $myLog); sendResp(S_MISSING_PARAMETER, $myLog);
} }
if ($sl && (preg_match("/^[0-9]+$/", $sl)==0 || ($sl<0 || $sl>100))) { if ($sl && (preg_match("/^[0-9]+$/", $sl)==0 || ($sl<0 || $sl>100)))
{
$myLog->log(LOG_NOTICE, 'SL is provided but not correct'); $myLog->log(LOG_NOTICE, 'SL is provided but not correct');
sendResp(S_MISSING_PARAMETER, $myLog); sendResp(S_MISSING_PARAMETER, $myLog);
} }