コード例 #1
0
}
if (!$allowed) {
    $myLog->log(LOG_NOTICE, 'Operation not allowed from IP ' . $_SERVER['REMOTE_ADDR']);
    sendResp(S_OPERATION_NOT_ALLOWED, $apiKey);
    exit;
}
#
# Define requirements on protocoll
#
$syncParams = array('modified' => Null, 'otp' => Null, 'nonce' => Null, 'yk_publicname' => Null, 'yk_counter' => Null, 'yk_use' => Null, 'yk_high' => Null, 'yk_low' => Null);
#
# Extract values from HTTP request
#
$tmp_log = "Received ";
foreach ($syncParams as $param => $value) {
    $value = getHttpVal($param, Null);
    if ($value == Null) {
        $myLog->log(LOG_NOTICE, "Recevied request with parameter[s] missing");
        sendResp(S_MISSING_PARAMETER, '');
        exit;
    }
    $syncParams[$param] = $value;
    $tmp_log .= "{$param}={$value} ";
}
$myLog->log(LOG_INFO, $tmp_log);
#
# At this point we should have to otp so let's add it to the logging module
#
$myLog->addField('otp', $syncParams['otp']);
$sync->addField('otp', $syncParams['otp']);
#
コード例 #2
0
ファイル: ykval-verify.php プロジェクト: ahojjati/yubikey-val
}
/**
 * Construct response parameters
 */
$extra = array();
if ($protocol_version >= 2.0) {
    $extra['otp'] = $otp;
}
/**
 * We have the OTP now, so let's add it to the logging
 */
$myLog->addField('otp', $otp);
if ($protocol_version >= 2.0) {
    $sl = getHttpVal('sl', '');
    $timeout = getHttpVal('timeout', '');
    $nonce = getHttpVal('nonce', '');
    /* Nonce is required from protocol 2.0 */
    if (!$nonce) {
        $myLog->log(LOG_NOTICE, 'Nonce is missing and protocol version >= 2.0');
        sendResp(S_MISSING_PARAMETER, $myLog);
    }
    /* Add nonce to response parameters */
    $extra['nonce'] = $nonce;
}
/**
 * Sanity check HTTP parameters
 *
 * otp: one-time password
 * id: client id
 * timeout: timeout in seconds to wait for external answers, optional: if absent the server decides
 * nonce: random alphanumeric string, 16 to 40 characters long. Must be non-predictable and changing for each request, but need not be cryptographically strong
コード例 #3
0
ファイル: ykval-sync.php プロジェクト: paulmenzel/yubikey-val
$myLog->log(LOG_DEBUG, "Received request from {$ipaddr}");
if (empty($_SERVER['QUERY_STRING'])) {
    sendResp(S_MISSING_PARAMETER, $myLog);
}
// verify request sent by whitelisted address
if (in_array($ipaddr, $allowed, TRUE) === FALSE) {
    $myLog->log(LOG_NOTICE, "Operation not allowed from IP {$ipaddr}");
    $myLog->log(LOG_DEBUG, "Remote IP {$ipaddr} not listed in allowed sync pool : " . implode(', ', $allowed));
    sendResp(S_OPERATION_NOT_ALLOWED, $myLog);
}
// define requirements on protocol
$syncParams = array('modified' => NULL, 'otp' => NULL, 'nonce' => NULL, 'yk_publicname' => NULL, 'yk_counter' => NULL, 'yk_use' => NULL, 'yk_high' => NULL, 'yk_low' => NULL);
// extract values from HTTP request
$tmp_log = 'Received ';
foreach ($syncParams as $param => $value) {
    $value = getHttpVal($param, NULL);
    if ($value == NULL) {
        $myLog->log(LOG_NOTICE, "Received request with parameter[s] ({$param}) missing value");
        sendResp(S_MISSING_PARAMETER, $myLog);
    }
    $syncParams[$param] = $value;
    $tmp_log .= "{$param}={$value} ";
}
$myLog->log(LOG_INFO, $tmp_log);
$sync = new SyncLib('ykval-sync:synclib');
$sync->addField('ip', $ipaddr);
if (!$sync->isConnected()) {
    sendResp(S_BACKEND_ERROR, $myLog);
}
// at this point we should have the otp so let's add it to the logging module
$myLog->addField('otp', $syncParams['otp']);