rooty/yubikey-val
1
0
Fork 0
mirror of https://github.com/Yubico/yubikey-val.git synced 2024-11-29 09:24:12 +01:00
Code Issues Projects Releases Wiki Activity
651 Commits 7 Branches 44 Tags 1.1 MiB
8991c2c0c4
Commit Graph

71 Commits

Author SHA1 Message Date
Jean Paul Galea
8991c2c0c4 Cosmetic changes. 2015-07-17 23:01:36 +02:00
Jean Paul Galea
1e2568da3c Refactor. 
- KSMDecryptOTP returns array or bool false on failure.
 2015-07-17 22:55:23 +02:00
Jean Paul Galea
8edf9ba465 Cosmetic changes. 2015-07-17 21:32:09 +02:00
Jean Paul Galea
ac3b4978b8 Cosmetic changes. 2015-07-17 21:30:30 +02:00
Jean Paul Galea
d9194c854d Cosmetic changes. 2015-07-17 21:25:15 +02:00
Jean Paul Galea
a66322754d Cosmetic changes. 2015-07-17 21:23:00 +02:00
Jean Paul Galea
2170247166 Cosmetic changes. 2015-07-17 21:20:14 +02:00
Jean Paul Galea
38c048b833 Cosmetic changes. 2015-07-17 21:17:29 +02:00
Jean Paul Galea
be27f62236 Cosmetic changes. 2015-07-17 21:16:40 +02:00
Jean Paul Galea
291bd32bae Refactor. 
- after each sendResp() we had an exit;

- move exit; inside sendResp() function instead.
 2015-07-16 22:47:16 +02:00
Jean Paul Galea
bc5319327b Unwrap function. 2015-07-16 22:35:34 +02:00
Jean Paul Galea
6e4b89048e Refactor. 
- better grouping for validation.
 2015-07-16 15:39:42 +02:00
Jean Paul Galea
e76c5002f2 Drop php closing tags. 2015-07-15 15:14:25 +02:00
Jean Paul Galea
8df329aa0e Allowed certain cURL options to be configurable. 
- When calling either URLs in the sync pool or the KSMs,
    the following curl options are configurable;

    CURLOPT_PROTOCOLS
    CURLOPT_IPRESOLVE
    CURLOPT_SSLVERSION
    CURLOPT_SSL_VERIFYPEER
    CURLOPT_SSL_VERIFYHOST
    CURLOPT_CAINFO
    CURLOPT_CAPATH
 2015-04-13 17:42:13 +02:00
Dain Nilsson
1b2dfd136c Use constant time string comparisson for validating HMAC signature 
(fixes #26).
 2014-09-27 15:47:57 +02:00
Simon Josefsson
276616d871 Use LF as EOL consistently. 2013-04-17 17:24:50 +02:00
Simon Josefsson
ae217ceb10 Log query for POST requests too. 2013-03-12 11:23:25 +01:00
Dain Nilsson
ee1f040b00 Updated copyright headers. 2013-02-04 17:39:36 +01:00
Klas Lindfors
34706698a4 Merge branch 'master' into feature/oracle_support 
Conflicts:
	ykval-db.php
	ykval-export.php
	ykval-synclib.php
 2012-06-29 10:33:41 +02:00
Fredrik Thulin
499377fd2f Change protocol version logging to 'debug'. 2012-06-14 15:54:51 +02:00
Fredrik Thulin
6c80f76102 Get rid of debug() - use log_format() for the formatting part. 2012-06-14 15:23:53 +02:00
Fredrik Thulin
765620f17b Merge branch 'master' of github.com:Yubico/yubikey-val-server-php into devel/refactor_retrieveURLasync 2012-06-14 15:19:19 +02:00
Fredrik Thulin
c8e9eb828f Pass logger object to retrieveURLasync() 2012-06-14 15:19:04 +02:00
Klas Lindfors
6c9edb0db2 instead of passing context to sendResp, give it a logger. 2012-06-14 15:15:47 +02:00
Klas Lindfors
01969a279e let sendResp take one more parameter $context 
use for logging if it's a response to sync or verify.
 2012-06-14 14:55:50 +02:00
Klas Lindfors
cf49385bf3 rest of oracle patches from Remi Mollon <Remi.Mollon@cern.ch> 2012-06-12 10:35:49 +02:00
Fredrik Thulin
b5976ad3c9 delete-trailing-whitespace 2012-05-29 11:07:19 +02:00
Klas Lindfors
6a94b396dc check if $sl or $timeout is empty, if they are insert default 2012-05-24 14:37:01 +02:00
Simon Josefsson
f2b05822ef Silence PHP warnings. 2012-05-21 09:12:33 +02:00
Klas Lindfors
2e0dbfa2c3 build up the array to sign by taking $_GET or $_POST and remove the h key 2012-05-16 13:45:08 +02:00
Klas Lindfors
854a6527d6 update comment about nonce to reflect what the code actually does enforce 2012-05-08 13:43:21 +02:00
Klas Lindfors
da24a3fe30 fix fast or secure strings as sl 
move transformation of strings for sync and default values for sync and
timeout to before sanity checking.
 2012-02-22 14:27:24 +01:00
Simon Josefsson
a68539e884 Tiny fixes to silence PHP warnings from Hiroki Nose <Hiroki_Nose@totec.co.jp>. 
1. PHP Notice:  Use of undefined constant CURL_OK - assumed 'CURL_OK' in /usr/share/ykval/ykval-common.php on line 156 
 2. PHP Notice:  Undefined index: HTTPS in /usr/share/ykval/ykval-verify.php on line 14 
 3. PHP Notice:  Undefined variable: query in /usr/share/ykval/ykval-db.php on line 186
 2011-10-25 08:08:31 +00:00
Simon Josefsson
fb506d0238 Don't echo (unsanitized) OTP/NONCE values back to client when 
sending error codes.  Reported by Paul van Empelen.
 2011-08-18 12:19:15 +00:00
Simon Josefsson
016313a1e3 Support YubiKey OTPs filtered through a US Dvorak keyboard layout. 2010-09-21 08:13:36 +00:00
Simon Josefsson
dd9f472e77 Fix typo. 2010-09-12 10:42:32 +00:00
Simon Josefsson
8ea97ab0fb Sanity check OTP variable before trusting it. 
Reported by Ricky Zhou <ricky@fedoraproject.org>.
 2010-09-12 10:39:23 +00:00
Simon Josefsson
c9f58a83c7 Log HTTPS status. 2010-08-22 14:38:26 +00:00
Simon Josefsson
069092fd6b Timestamp requests. 2010-08-22 13:27:46 +00:00
Simon Josefsson
7b18b50ee7 When number of sync servers equals zero, set sync result to success. 
Patch from arte42.ripe in issue #7.
 2010-05-17 13:06:06 +00:00
Simon Josefsson
2f099df58c Don't reject on nonce error for v1.x requests. 2010-04-23 21:44:25 +00:00
Simon Josefsson
522c301dae Permit somewhat longer nonces (think SHA1 hex). 2010-04-23 20:33:45 +00:00
Simon Josefsson
4ac054f9cd Improve error checking of nonce. 2010-04-23 20:32:39 +00:00
Olov Danielson
93652d54f6 Corrected spelling error for replayed_request 2010-01-20 14:06:57 +00:00
Olov Danielson
1809e7fb90 Added otp, nonce in all responses for protocol >= 2.0. 2010-01-20 10:37:21 +00:00
Olov Danielson
6ab59bb850 . 2010-01-19 12:53:29 +00:00
Olov Danielson
9bc6b90e45 In protocol versions less than 2.0, nonce needs to added by server. This must be done after signature is computed. 2010-01-19 12:45:31 +00:00
Simon Josefsson
9cf8bce177 Fix last commit. 2010-01-14 14:19:20 +00:00
Simon Josefsson
005b6af0fc Review fixes. 2010-01-14 14:15:17 +00:00
Olov Danielson
12bd456dca . 2010-01-14 11:58:19 +00:00