FreeBSD Bugzilla – Attachment 148844 Details for
Bug 194723
[patch] update for variable time windows when using security/pam_google_authenticator for totp authn
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Unified diff for security/pam_google_authenticator/files/patch-pam_google_authenticator.c
patch-pam_google_authenticator.c.diff (text/plain), 2.32 KB, created by
paul
on 2014-11-01 01:18:50 UTC
(
hide
)
Description:
Unified diff for security/pam_google_authenticator/files/patch-pam_google_authenticator.c
Filename:
MIME Type:
Creator:
paul
Created:
2014-11-01 01:18:50 UTC
Size:
2.32 KB
patch
obsolete
>--- /dev/null 2014-11-01 00:45:58.000000000 +0000 >+++ ./files/patch-pam_google_authenticator.c 2014-10-31 19:42:46.000000000 +0000 >@@ -0,0 +1,76 @@ >+*** pam_google_authenticator.c.orig Thu Jan 30 15:17:38 2014 >+--- pam_google_authenticator.c Fri Oct 31 19:42:43 2014 >+*************** >+*** 503,512 **** >+ } >+ #endif >+ >+- static int get_timestamp(void) { >+- return get_time()/30; >+- } >+- >+ static int comparator(const void *a, const void *b) { >+ return *(unsigned int *)a - *(unsigned int *)b; >+ } >+--- 503,508 ---- >+*************** >+*** 538,543 **** >+--- 534,574 ---- >+ return NULL; >+ } >+ >++ #if !defined(STEPSIZE) >++ static int get_timestamp(void) { >++ return get_time()/30; >++ } >++ #else >++ static int get_timestamp(pam_handle_t *pamh, const char *secret_filename, >++ const char *buf) { >++ const char *value = get_cfg_value(pamh, "STEP_SIZE", buf); >++ if (!value) { >++ // Default step size is 30. >++ free((void *)value); >++ return 30; >++ } else if (value == &oom) { >++ // Out of memory. This is a fatal error. >++ return 0; >++ } >++ >++ char *endptr; >++ errno = 0; >++ int step = (int)strtoul(value, &endptr, 10); >++ if (errno || !*value || value == endptr || >++ (*endptr && *endptr != ' ' && *endptr != '\t' && >++ *endptr != '\n' && *endptr != '\r') || >++ step < 1 || step > 60) { >++ free((void *)value); >++ log_message(LOG_ERR, pamh, "Invalid STEP_SIZE option in \"%s\"", >++ secret_filename); >++ return 0; >++ } >++ free((void *)value); >++ >++ return get_time()/step; >++ } >++ #endif >++ >+ static int set_cfg_value(pam_handle_t *pamh, const char *key, const char *val, >+ char **buf) { >+ size_t key_len = strlen(key); >+*************** >+*** 1162,1168 **** >+ } >+ >+ // Compute verification codes and compare them with user input >+! const int tm = get_timestamp(); >+ const char *skew_str = get_cfg_value(pamh, "TIME_SKEW", *buf); >+ if (skew_str == &oom) { >+ // Out of memory. This is a fatal error >+--- 1193,1199 ---- >+ } >+ >+ // Compute verification codes and compare them with user input >+! const int tm = get_timestamp(pamh, secret_filename, *buf); >+ const char *skew_str = get_cfg_value(pamh, "TIME_SKEW", *buf); >+ if (skew_str == &oom) { >+ // Out of memory. This is a fatal error
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=148844">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 194723
:
148843
|
148844
|
149004
|
149005
|
149035
|
149036
|
149563