View | Details | Raw Unified | Return to bug 194723 | Differences between
and this patch

Collapse All | Expand All

(-)files/patch-pam_google_authenticator.c (+67 lines)
Added Link Here
1
--- pam_google_authenticator.c.orig	2014-01-30 15:17:38.000000000 +0000
2
+++ pam_google_authenticator.c	2014-11-03 20:49:34.748324056 +0000
3
@@ -503,10 +503,6 @@
4
 }
5
 #endif
6
 
7
-static int get_timestamp(void) {
8
-  return get_time()/30;
9
-}
10
-
11
 static int comparator(const void *a, const void *b) {
12
   return *(unsigned int *)a - *(unsigned int *)b;
13
 }
14
@@ -538,6 +534,41 @@
15
   return NULL;
16
 }
17
 
18
+#if !defined(STEPSIZE)
19
+static int get_timestamp(void) {
20
+  return get_time()/30;
21
+}
22
+#else
23
+static int get_timestamp(pam_handle_t *pamh, const char *secret_filename,
24
+                       const char *buf) {
25
+  const char *value = get_cfg_value(pamh, "STEP_SIZE", buf);
26
+  if (!value) {
27
+    // Default step size is 30.
28
+    free((void *)value);
29
+    return 30;
30
+  } else if (value == &oom) {
31
+    // Out of memory. This is a fatal error.
32
+    return 0;
33
+  }
34
+
35
+  char *endptr;
36
+  errno = 0;
37
+  int step = (int)strtoul(value, &endptr, 10);
38
+  if (errno || !*value || value == endptr ||
39
+      (*endptr && *endptr != ' ' && *endptr != '\t' &&
40
+       *endptr != '\n' && *endptr != '\r') ||
41
+      step < 1 || step > 60) {
42
+    free((void *)value);
43
+    log_message(LOG_ERR, pamh, "Invalid STEP_SIZE option in \"%s\"",
44
+                secret_filename);
45
+    return 0;
46
+  }
47
+  free((void *)value);
48
+
49
+  return get_time()/step;
50
+}
51
+#endif
52
+
53
 static int set_cfg_value(pam_handle_t *pamh, const char *key, const char *val,
54
                          char **buf) {
55
   size_t key_len = strlen(key);
56
@@ -1162,7 +1193,11 @@
57
   }
58
 
59
   // Compute verification codes and compare them with user input
60
+#if !defined(STEPSIZE)
61
   const int tm = get_timestamp();
62
+#else
63
+  const int tm = get_timestamp(pamh, secret_filename, *buf);
64
+#endif
65
   const char *skew_str = get_cfg_value(pamh, "TIME_SKEW", *buf);
66
   if (skew_str == &oom) {
67
     // Out of memory. This is a fatal error

Return to bug 194723