rooty/yubikey-val
1
0
Fork 0
mirror of https://github.com/Yubico/yubikey-val.git synced 2025-04-09 20:53:50 +02:00
Code Issues Projects Releases Wiki Activity

Cosmetic changes.

Browse Source
This commit is contained in:
Jean Paul Galea 2015-07-17 21:25:15 +02:00
parent a66322754d
commit d9194c854d
1 changed files with 40 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
ykval-verify.php
View File

@ -374,41 +374,48 @@ $ad['high'] = $localParams['yk_high'];
$ad['low'] = $localParams['yk_low']; $ad['low'] = $localParams['yk_low'];
$ad['accessed'] = date('Y-m-d H:i:s', $localParams['modified']); $ad['accessed'] = date('Y-m-d H:i:s', $localParams['modified']);
//// Check the time stamp // check the time stamp
// if ($sessionCounter == $seenSessionCounter && $sessionUse > $seenSessionUse)
if ($sessionCounter == $seenSessionCounter && $sessionUse > $seenSessionUse) { {
$ts = ($otpinfo['high'] << 16) + $otpinfo['low']; $ts = ($otpinfo['high'] << 16) + $otpinfo['low'];
$seenTs = ($ad['high'] << 16) + $ad['low']; $seenTs = ($ad['high'] << 16) + $ad['low'];
$tsDiff = $ts - $seenTs; $tsDiff = $ts - $seenTs;
$tsDelta = $tsDiff * TS_SEC; $tsDelta = $tsDiff * TS_SEC;
//// Check the real time // check the real time
// $lastTime = strtotime($ad['accessed']);
$lastTime = strtotime($ad['accessed']); $now = time();
$now = time(); $elapsed = $now - $lastTime;
$elapsed = $now - $lastTime; $deviation = abs($elapsed - $tsDelta);
$deviation = abs($elapsed - $tsDelta);
// Time delta server might verify multiple OTPS in a row. In such case validation server doesn't // Time delta server might verify multiple OTPS in a row. In such case validation server doesn't
// have time to tick a whole second and we need to avoid division by zero. // have time to tick a whole second and we need to avoid division by zero.
if ($elapsed != 0) { if ($elapsed != 0)
$percent = $deviation/$elapsed; {
} else { $percent = $deviation/$elapsed;
$percent = 1; }
} else
$myLog->log(LOG_INFO, "Timestamp seen=" . $seenTs . " this=" . $ts . {
" delta=" . $tsDiff . ' secs=' . $tsDelta . $percent = 1;
' accessed=' . $lastTime .' (' . $ad['accessed'] . ') now=' }
. $now . ' (' . strftime("%Y-%m-%d %H:%M:%S", $now)
. ') elapsed=' . $elapsed . $myLog->log(LOG_INFO, "Timestamp seen=" . $seenTs . " this=" . $ts .
' deviation=' . $deviation . ' secs or '. " delta=" . $tsDiff . ' secs=' . $tsDelta .
round(100*$percent) . '%'); ' accessed=' . $lastTime .' (' . $ad['accessed'] . ') now='
if ($deviation > TS_ABS_TOLERANCE && $percent > TS_REL_TOLERANCE) { . $now . ' (' . strftime("%Y-%m-%d %H:%M:%S", $now)
$myLog->log(LOG_NOTICE, "OTP failed phishing test"); . ') elapsed=' . $elapsed .
if (0) { ' deviation=' . $deviation . ' secs or '.
sendResp(S_DELAYED_OTP, $myLog, $apiKey, $extra); round(100*$percent) . '%');
}
} if ($deviation > TS_ABS_TOLERANCE && $percent > TS_REL_TOLERANCE)
{
$myLog->log(LOG_NOTICE, "OTP failed phishing test");
if (0)
{
sendResp(S_DELAYED_OTP, $myLog, $apiKey, $extra);
}
}
} }
/* Fill up with more respone parameters */ /* Fill up with more respone parameters */