rooty/yubikey-val
1
0
Fork 0
mirror of https://github.com/Yubico/yubikey-val.git synced 2025-01-20 10:52:15 +01:00
Code Issues Projects Releases Wiki Activity

loosen the client checking, will make it optional

Browse Source
This commit is contained in:
Paul Chen 2008-09-24 01:52:08 +00:00
parent 796b83c972
commit e87bf491f7
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
verifyOTP.php
View File

@ -45,11 +45,13 @@ if ($ad == null) {
//// Check the client ID
//
if ($ad['client_id'] != $client) {
debug('Client-'.$client.' is not the owner of the Yubikey! The key will be suspended with excessive failed attempts.');
sendResp(S_BAD_CLIENT, 'Not owner of the Yubikey');
exit;
}
// TODO - This may be too strict. Since our database doesn't keep track of that
//if ($ad['client_id'] != $client) {
// debug('Client-'.$client.' is not the owner of the Yubikey! The key will be suspended with excessive failed attempts.');
// sendResp(S_BAD_CLIENT, 'Not owner of the Yubikey');
// exit;
//}
$k = b64ToModhex($ad['secret']);
//debug('aes key in modhex = '.$k);