FreeBSD Bugzilla – Attachment 149005 Details for
Bug 194723
[patch] update for variable time windows when using security/pam_google_authenticator for totp authn
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
(UPDATE, again) Unified diff for security/pam_google_authenticator/files/patch-pam_google_authenticator.c
files_patch-pam_google_authenticator.c.diff (text/plain), 2.02 KB, created by
paul
on 2014-11-03 21:29:32 UTC
(
hide
)
Description:
(UPDATE, again) Unified diff for security/pam_google_authenticator/files/patch-pam_google_authenticator.c
Filename:
MIME Type:
Creator:
paul
Created:
2014-11-03 21:29:32 UTC
Size:
2.02 KB
patch
obsolete
>--- /dev/null 2014-11-03 21:23:01.000000000 +0000 >+++ files/patch-pam_google_authenticator.c 2014-11-03 21:24:19.481328151 +0000 >@@ -0,0 +1,67 @@ >+--- pam_google_authenticator.c.orig 2014-01-30 15:17:38.000000000 +0000 >++++ pam_google_authenticator.c 2014-11-03 20:49:34.748324056 +0000 >+@@ -503,10 +503,6 @@ >+ } >+ #endif >+ >+-static int get_timestamp(void) { >+- return get_time()/30; >+-} >+- >+ static int comparator(const void *a, const void *b) { >+ return *(unsigned int *)a - *(unsigned int *)b; >+ } >+@@ -538,6 +534,41 @@ >+ return NULL; >+ } >+ >++#if !defined(STEPSIZE) >++static int get_timestamp(void) { >++ return get_time()/30; >++} >++#else >++static int get_timestamp(pam_handle_t *pamh, const char *secret_filename, >++ const char *buf) { >++ const char *value = get_cfg_value(pamh, "STEP_SIZE", buf); >++ if (!value) { >++ // Default step size is 30. >++ free((void *)value); >++ return 30; >++ } else if (value == &oom) { >++ // Out of memory. This is a fatal error. >++ return 0; >++ } >++ >++ char *endptr; >++ errno = 0; >++ int step = (int)strtoul(value, &endptr, 10); >++ if (errno || !*value || value == endptr || >++ (*endptr && *endptr != ' ' && *endptr != '\t' && >++ *endptr != '\n' && *endptr != '\r') || >++ step < 1 || step > 60) { >++ free((void *)value); >++ log_message(LOG_ERR, pamh, "Invalid STEP_SIZE option in \"%s\"", >++ secret_filename); >++ return 0; >++ } >++ free((void *)value); >++ >++ return get_time()/step; >++} >++#endif >++ >+ static int set_cfg_value(pam_handle_t *pamh, const char *key, const char *val, >+ char **buf) { >+ size_t key_len = strlen(key); >+@@ -1162,7 +1193,11 @@ >+ } >+ >+ // Compute verification codes and compare them with user input >++#if !defined(STEPSIZE) >+ const int tm = get_timestamp(); >++#else >++ const int tm = get_timestamp(pamh, secret_filename, *buf); >++#endif >+ const char *skew_str = get_cfg_value(pamh, "TIME_SKEW", *buf); >+ if (skew_str == &oom) { >+ // Out of memory. This is a fatal error
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=149005">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 194723
:
148843
|
148844
|
149004
|
149005
|
149035
|
149036
|
149563