rooty/yubikey-val
1
0
Fork 0
mirror of https://github.com/Yubico/yubikey-val.git synced 2025-02-26 21:54:16 +01:00
Code Issues Projects Releases Wiki Activity

Cosmetic changes.

Browse Source
This commit is contained in:
Jean Paul Galea 2015-07-17 21:30:30 +02:00
parent d9194c854d
commit ac3b4978b8
1 changed files with 68 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
ykval-verify.php
View File

@ -38,13 +38,17 @@ header("content-type: text/plain");
$myLog = new Log('ykval-verify');
$myLog->addField('ip', $_SERVER['REMOTE_ADDR']);
$query_string = '';
if ($_POST) {
if ($_POST)
{
$kv = array();
foreach ($_POST as $key => $value) {
foreach ($_POST as $key => $value)
{
$kv[] = "$key=$value";
}
$query_string = "POST: " . join("&", $kv);
} else {
}
else
{
$query_string = "Request: " . $_SERVER['QUERY_STRING'];
}
@ -120,57 +124,70 @@ if ($protocol_version >= 2.0)
*/
/* Change default protocol "strings" to numeric values */
if (isset($sl) && strcasecmp($sl, 'fast')==0) {
if (isset($sl) && strcasecmp($sl, 'fast') == 0)
{
$sl = $baseParams['__YKVAL_SYNC_FAST_LEVEL__'];
}
if (isset($sl) && strcasecmp($sl, 'secure')==0) {
if (isset($sl) && strcasecmp($sl, 'secure') == 0)
{
$sl = $baseParams['__YKVAL_SYNC_SECURE_LEVEL__'];
}
if (!isset($sl) || $sl == '') {
if (!isset($sl) || $sl == '')
{
$sl = $baseParams['__YKVAL_SYNC_DEFAULT_LEVEL__'];
}
if (!isset($timeout) || $timeout == '') {
if (!isset($timeout) || $timeout == '')
{
$timeout = $baseParams['__YKVAL_SYNC_DEFAULT_TIMEOUT__'];
}
if ($otp == '') {
if ($otp == '')
{
$myLog->log(LOG_NOTICE, 'OTP is missing');
sendResp(S_MISSING_PARAMETER, $myLog);
}
if (strlen($otp) < TOKEN_LEN || strlen ($otp) > OTP_MAX_LEN) {
if (strlen($otp) < TOKEN_LEN || strlen ($otp) > OTP_MAX_LEN)
{
$myLog->log(LOG_NOTICE, 'Incorrect OTP length: ' . $otp);
sendResp(S_BAD_OTP, $myLog);
}
if (preg_match("/^[cbdefghijklnrtuv]+$/", $otp)==0) {
if (preg_match("/^[cbdefghijklnrtuv]+$/", $otp) == 0)
{
$myLog->log(LOG_NOTICE, 'Invalid OTP: ' . $otp);
sendResp(S_BAD_OTP, $myLog);
}
if (preg_match("/^[0-9]+$/", $client)==0){
if (preg_match("/^[0-9]+$/", $client) == 0)
{
$myLog->log(LOG_NOTICE, 'id provided in request must be an integer');
sendResp(S_MISSING_PARAMETER, $myLog);
}
if ($client <= 0) {
if ($client <= 0)
{
$myLog->log(LOG_NOTICE, 'Client ID is missing');
sendResp(S_MISSING_PARAMETER, $myLog);
}
if ($timeout && preg_match("/^[0-9]+$/", $timeout)==0) {
if ($timeout && preg_match("/^[0-9]+$/", $timeout) == 0)
{
$myLog->log(LOG_NOTICE, 'timeout is provided but not correct');
sendResp(S_MISSING_PARAMETER, $myLog);
}
if (isset($nonce) && preg_match("/^[A-Za-z0-9]+$/", $nonce)==0) {
if (isset($nonce) && preg_match("/^[A-Za-z0-9]+$/", $nonce) == 0)
{
$myLog->log(LOG_NOTICE, 'NONCE is provided but not correct');
sendResp(S_MISSING_PARAMETER, $myLog);
}
if (isset($nonce) && (strlen($nonce) < 16 || strlen($nonce) > 40)) {
if (isset($nonce) && (strlen($nonce) < 16 || strlen($nonce) > 40))
{
$myLog->log(LOG_NOTICE, 'Nonce too short or too long');
sendResp(S_MISSING_PARAMETER, $myLog);
}
if ($sl && (preg_match("/^[0-9]+$/", $sl)==0 || ($sl<0 || $sl>100))) {
if ($sl && (preg_match("/^[0-9]+$/", $sl)==0 || ($sl<0 || $sl>100)))
{
$myLog->log(LOG_NOTICE, 'SL is provided but not correct');
sendResp(S_MISSING_PARAMETER, $myLog);
}