rooty/yubikey-val
1
0
Fork 0
mirror of https://github.com/Yubico/yubikey-val.git synced 2024-12-01 15:24:16 +01:00
Code Issues Projects Releases Wiki Activity

rest of oracle patches from Remi Mollon <Remi.Mollon@cern.ch>

Browse Source
This commit is contained in:
Klas Lindfors 2012-06-12 10:35:49 +02:00
parent dd9f567e22
commit cf49385bf3
6 changed files with 64 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
ykval-checksum-clients.php
View File

@ -41,16 +41,18 @@ $everything = "";
$result=$db->customQuery("SELECT id, active, secret ". $result=$db->customQuery("SELECT id, active, secret ".
"FROM clients ". "FROM clients ".
"ORDER BY id"); "ORDER BY id");
while($row = $result->fetch(PDO::FETCH_ASSOC)) { while($row = $this->db->fetchArray($result)) {
if ($row['active'] == "") { $active = $this->db->getRowValue($row, 'active');
if ($active == "") {
# For some reason PostgreSQL returns empty strings for false values?! # For some reason PostgreSQL returns empty strings for false values?!
$row['active'] = "0"; $active = "0";
} }
$everything = $everything . $everything = $everything .
$row['id'] . "\t" . $row['active'] . "\t" . $row['secret'] . $this->db->getRowValue($row, 'id') . "\t" . $active . "\t" .
"\n"; $this->db->getRowValue($row, 'secret') . "\n";
} }
$this->db->closeCursor($result);
$hash = sha1 ($everything); $hash = sha1 ($everything);
if ($verbose) { if ($verbose) {

2
ykval-config.php
View File

@ -2,7 +2,7 @@
# For the validation interface. # For the validation interface.
$baseParams = array (); $baseParams = array ();
$baseParams['__YKVAL_DB_DSN__'] = "mysql:dbname=ykval;host=127.0.0.1"; $baseParams['__YKVAL_DB_DSN__'] = "mysql:dbname=ykval;host=127.0.0.1"; # "oci:oracledb" for Oracle DB (with OCI library)
$baseParams['__YKVAL_DB_USER__'] = 'ykval_verifier'; $baseParams['__YKVAL_DB_USER__'] = 'ykval_verifier';
$baseParams['__YKVAL_DB_PW__'] = 'lab'; $baseParams['__YKVAL_DB_PW__'] = 'lab';
$baseParams['__YKVAL_DB_OPTIONS__'] = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION); $baseParams['__YKVAL_DB_OPTIONS__'] = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION);

24
ykval-export.php
View File

@ -22,20 +22,22 @@ if (!$db->connect()) {
} }
$result=$db->customQuery("SELECT active, created, modified, yk_publicname, yk_counter, yk_use, yk_low, yk_high, nonce, notes FROM yubikeys ORDER BY yk_publicname"); $result=$db->customQuery("SELECT active, created, modified, yk_publicname, yk_counter, yk_use, yk_low, yk_high, nonce, notes FROM yubikeys ORDER BY yk_publicname");
while($row = $result->fetch(PDO::FETCH_ASSOC)){ while($row = $db->fetchArray($result)){
echo $row['active'] . echo $db->getRowValue($row, 'active') .
"\t" . $row['created'] . "\t" . $db->getRowValue($row, 'created') .
"\t" . $row['modified'] . "\t" . $db->getRowValue($row, 'modified') .
"\t" . $row['yk_publicname'] . "\t" . $db->getRowValue($row, 'yk_publicname') .
"\t" . $row['yk_counter'] . "\t" . $db->getRowValue($row, 'yk_counter') .
"\t" . $row['yk_use'] . "\t" . $db->getRowValue($row, 'yk_use') .
"\t" . $row['yk_low'] . "\t" . $db->getRowValue($row, 'yk_low') .
"\t" . $row['yk_high'] . "\t" . $db->getRowValue($row, 'yk_high') .
"\t" . $row['nonce'] . "\t" . $db->getRowValue($row, 'nonce') .
"\t" . $row['notes'] . "\t" . $db->getRowValue($row, 'notes') .
"\n"; "\n";
} }
$db->closeCursor($result);
$db->disconnect();
$result=null; $result=null;
$db=null; $db=null;

2
ykval-import.php
View File

@ -38,7 +38,7 @@ while ($res=fgetcsv(STDIN, 0, "\t")) {
$query="SELECT * FROM yubikeys WHERE yk_publicname='" . $params['yk_publicname'] . "'"; $query="SELECT * FROM yubikeys WHERE yk_publicname='" . $params['yk_publicname'] . "'";
$result=$db->customQuery($query); $result=$db->customQuery($query);
if($result->fetch(PDO::FETCH_ASSOC)) { if($db->rowCount($result)) {
$query="UPDATE yubikeys SET " . $query="UPDATE yubikeys SET " .
"active='" . $params["active"] . "' " . "active='" . $params["active"] . "' " .
",created='" . $params["created"] . "' " . ",created='" . $params["created"] . "' " .

74
ykval-synclib.php
View File

@ -56,9 +56,9 @@ class SyncLib
function getClientData($client) function getClientData($client)
{ {
$res=$this->db->customQuery("SELECT id, secret FROM clients WHERE active AND id='" . $client . "'"); $res = $this->db->customQuery("SELECT id, secret FROM clients WHERE active='1' AND id='" . $client . "'");
$r = $res->fetch(PDO::FETCH_ASSOC); $r = $this->db->fetchArray($res);
$res->closeCursor(); $this->db->closeCursor($res);
if ($r) return $r; if ($r) return $r;
else return false; else return false;
} }
@ -160,14 +160,14 @@ class SyncLib
$res=$this->db->findBy('yubikeys', 'yk_publicname', $yk_publicname,1); $res=$this->db->findBy('yubikeys', 'yk_publicname', $yk_publicname,1);
} }
if ($res) { if ($res) {
$localParams=array('modified'=>$res['modified'], $localParams=array('modified' => $this->db->getRowValue($res, 'modified'),
'nonce'=>$res['nonce'], 'nonce' => $this->db->getRowValue($res, 'nonce'),
'active'=>$res['active'], 'active' => $this->db->getRowValue($res, 'active'),
'yk_publicname' => $yk_publicname, 'yk_publicname' => $yk_publicname,
'yk_counter'=>$res['yk_counter'], 'yk_counter' => $this->db->getRowValue($res, 'yk_counter'),
'yk_use'=>$res['yk_use'], 'yk_use' => $this->db->getRowValue($res, 'yk_use'),
'yk_high'=>$res['yk_high'], 'yk_high' => $this->db->getRowValue($res, 'yk_high'),
'yk_low'=>$res['yk_low']); 'yk_low' => $this->db->getRowValue($res, 'yk_low'));
$this->log(LOG_INFO, "yubikey found in db ", $localParams); $this->log(LOG_INFO, "yubikey found in db ", $localParams);
return $localParams; return $localParams;
@ -289,20 +289,19 @@ class SyncLib
$this->log(LOG_INFO, 'starting resync'); $this->log(LOG_INFO, 'starting resync');
/* Loop over all unique servers in queue */ /* Loop over all unique servers in queue */
$queued_limit=time()-$older_than; $queued_limit=time()-$older_than;
$res=$this->db->customQuery("select distinct server from queue WHERE queued < " . $queued_limit . " or queued is null"); $server_res=$this->db->customQuery("select distinct server from queue WHERE queued < " . $queued_limit . " or queued is null");
foreach ($res as $my_server) {
$this->log(LOG_INFO, "Sending queue request to server on server " . $my_server['server']); while ($my_server=$this->db->fetchArray($server_res)) {
$res=$this->db->customQuery("select * from queue WHERE (queued < " . $queued_limit . " or queued is null) and server='" . $my_server['server'] . "'"); $this->log(LOG_INFO, "Sending queue request to server on server " . $this->db->getRowValue($my_server, 'server'));
$res=$this->db->customQuery("select * from queue WHERE (queued < " . $queued_limit . " or queued is null) and server='" . $this->db->getRowValue($my_server, 'server') . "'");
$ch = curl_init(); $ch = curl_init();
while ($entry=$this->db->fetchArray($res)) {
while ($entry=$res->fetch(PDO::FETCH_ASSOC)) { $this->log(LOG_INFO, "server=" . $this->db->getRowValue($entry, 'server') . " , info=" . $this->db->getRowValue($entry, 'info'));
$this->log(LOG_INFO, "server=" . $entry['server'] . " , info=" . $entry['info']); $url=$this->db->getRowValue($entry, 'server') .
$url=$entry['server'] . "?otp=" . $this->db->getRowValue($entry, 'otp') .
"?otp=" . $entry['otp'] . "&modified=" . $this->db->getRowValue($entry, 'modified') .
"&modified=" . $entry['modified'] . "&" . $this->otpPartFromInfoString($this->db->getRowValue($entry, 'info'));
"&" . $this->otpPartFromInfoString($entry['info']);
/* Send out sync request */ /* Send out sync request */
$this->log(LOG_DEBUG, 'url is ' . $url); $this->log(LOG_DEBUG, 'url is ' . $url);
@ -315,7 +314,7 @@ class SyncLib
$response = curl_exec($ch); $response = curl_exec($ch);
if ($response==False) { if ($response==False) {
$this->log(LOG_NOTICE, 'Timeout. Stopping queue resync for server ' . $my_server['server']); $this->log(LOG_NOTICE, 'Timeout. Stopping queue resync for server ' . $this->db->getRowValue($entry, 'server'));
break; break;
} }
@ -328,8 +327,8 @@ class SyncLib
/* Retrieve info from entry info string */ /* Retrieve info from entry info string */
$validationParams=$this->localParamsFromInfoString($entry['info']); $validationParams=$this->localParamsFromInfoString($this->db->getRowValue($entry, 'info'));
$otpParams=$this->otpParamsFromInfoString($entry['info']); $otpParams=$this->otpParamsFromInfoString($this->db->getRowValue($entry, 'info'));
$localParams=$this->getLocalParams($otpParams['yk_publicname']); $localParams=$this->getLocalParams($otpParams['yk_publicname']);
$this->log(LOG_DEBUG, "validation params: ", $validationParams); $this->log(LOG_DEBUG, "validation params: ", $validationParams);
@ -362,21 +361,22 @@ class SyncLib
} }
/* Deletion */ /* Deletion */
$this->log(LOG_INFO, 'deleting queue entry with modified=' . $entry['modified'] . $this->log(LOG_INFO, 'deleting queue entry with modified=' . $this->db->getRowValue($entry, 'modified') .
' server_nonce=' . $entry['server_nonce'] . ' server_nonce=' . $this->db->getRowValue($entry, 'server_nonce') .
' server=' . $entry['server']); ' server=' . $this->db->getRowValue($entry, 'server'));
$this->db->deleteByMultiple('queue', $this->db->deleteByMultiple('queue',
array("modified"=>$entry['modified'], array("modified"=>$this->db->getRowValue($entry, 'modified'),
"server_nonce"=>$entry['server_nonce'], "server_nonce"=>$this->db->getRowValue($entry, 'server_nonce'),
'server'=>$entry['server'])); 'server'=>$this->db->getRowValue($entry, 'server')));
} else { } else {
$this->log(LOG_ERR, "Remote server refused our sync request. Check remote server logs."); $this->log(LOG_ERR, "Remote server refused our sync request. Check remote server logs.");
} }
} /* End of loop over each queue entry for a server */ } /* End of loop over each queue entry for a server */
curl_close($ch); curl_close($ch);
$res->closeCursor(); $this->db->closeCursor($res);
} /* End of loop over each distinct server in queue */ } /* End of loop over each distinct server in queue */
$this->db->closeCursor($server_res);
return true; return true;
} }
@ -388,11 +388,11 @@ class SyncLib
$urls=array(); $urls=array();
$res=$this->db->findByMultiple('queue', array("modified"=>$this->otpParams['modified'], "server_nonce"=>$this->server_nonce)); $res=$this->db->findByMultiple('queue', array("modified"=>$this->otpParams['modified'], "server_nonce"=>$this->server_nonce));
foreach ($res as $row) { while ($row = $this->db->fetchArray($res)) {
$urls[]=$row['server'] . $urls[]=$this->db->getRowValue($row, 'server') .
"?otp=" . $row['otp'] . "?otp=" . $this->db->getRowValue($row, 'otp') .
"&modified=" . $row['modified'] . "&modified=" . $this->db->getRowValue($row, 'modified') .
"&" . $this->otpPartFromInfoString($row['info']); "&" . $this->otpPartFromInfoString($this->db->getRowValue($row, 'info'));
} }
/* /*

2
ykval-verify.php
View File

@ -11,7 +11,7 @@ $myLog = new Log('ykval-verify');
$myLog->addField('ip', $_SERVER['REMOTE_ADDR']); $myLog->addField('ip', $_SERVER['REMOTE_ADDR']);
$myLog->log(LOG_INFO, "Request: " . $_SERVER['QUERY_STRING'] . $myLog->log(LOG_INFO, "Request: " . $_SERVER['QUERY_STRING'] .
" (at " . date("c") . " " . microtime() . ") " . " (at " . date("c") . " " . microtime() . ") " .
(isset($_SERVER["HTTPS"]) == TRUE ? ($_SERVER["HTTPS"] == "on" ? "HTTPS" : "HTTP") : "HTTP")); (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on" ? "HTTPS" : "HTTP"));
/* Detect protocol version */ /* Detect protocol version */
if (preg_match("/\/wsapi\/([0-9]+)\.([0-9]+)\//", $_SERVER['REQUEST_URI'], $out)) { if (preg_match("/\/wsapi\/([0-9]+)\.([0-9]+)\//", $_SERVER['REQUEST_URI'], $out)) {