3 function yms_add_yubikey($key, $otp, $client_id = false, $enabled = true, $any_client = false, $notes = false) |
3 function yms_add_yubikey($key, $otp, $client_id = false, $enabled = true, $any_client = false, $notes = false) |
4 { |
4 { |
5 global $db, $session, $paths, $template, $plugins; // Common objects |
5 global $db, $session, $paths, $template, $plugins; // Common objects |
6 |
6 |
7 if ( $client_id === false ) |
7 if ( $client_id === false ) |
8 $client_id = $session->user_id; |
8 $client_id = $GLOBALS['yms_client_id']; |
9 |
9 |
10 $key = yms_tobinary($key); |
10 $key = yms_tobinary($key); |
11 $otp = yms_tobinary($otp); |
11 $otp = yms_tobinary($otp); |
12 |
12 |
13 if ( strlen($key) != 16 ) |
13 if ( strlen($key) != 16 ) |
64 function yms_chown_yubikey($otp, $client_id = false, $enabled = true, $any_client = false, $notes = false) |
64 function yms_chown_yubikey($otp, $client_id = false, $enabled = true, $any_client = false, $notes = false) |
65 { |
65 { |
66 global $db, $session, $paths, $template, $plugins; // Common objects |
66 global $db, $session, $paths, $template, $plugins; // Common objects |
67 |
67 |
68 if ( $client_id === false ) |
68 if ( $client_id === false ) |
69 $client_id = $session->user_id; |
69 $client_id = $GLOBALS['yms_client_id']; |
70 |
70 |
71 $otp = yms_tobinary($otp); |
71 $otp = yms_tobinary($otp); |
72 |
72 |
73 if ( strlen($otp) != 22 ) |
73 if ( strlen($otp) != 22 ) |
74 { |
74 { |
112 function yms_delete_key($id, $client_id = false) |
112 function yms_delete_key($id, $client_id = false) |
113 { |
113 { |
114 global $db, $session, $paths, $template, $plugins; // Common objects |
114 global $db, $session, $paths, $template, $plugins; // Common objects |
115 |
115 |
116 if ( $client_id === false ) |
116 if ( $client_id === false ) |
117 $client_id = $session->user_id; |
117 $client_id = $GLOBALS['yms_client_id']; |
118 |
118 |
119 $q = $db->sql_query('SELECT 1 FROM ' . table_prefix . "yms_yubikeys WHERE id = $id AND client_id = $client_id;"); |
119 $q = $db->sql_query('SELECT 1 FROM ' . table_prefix . "yms_yubikeys WHERE id = $id AND client_id = $client_id;"); |
120 if ( !$q ) |
120 if ( !$q ) |
121 $db->_die(); |
121 $db->_die(); |
122 |
122 |
174 |
174 |
175 // authentication is ok |
175 // authentication is ok |
176 return true; |
176 return true; |
177 } |
177 } |
178 |
178 |
|
179 function yms_update_counters($id, $scount, $tcount, $client_id = false, $any_client = null) |
|
180 { |
|
181 global $db, $session, $paths, $template, $plugins; // Common objects |
|
182 |
|
183 if ( !$client_id ) |
|
184 $client_id = intval($GLOBALS['yms_client_id']); |
|
185 |
|
186 foreach ( array($id, $scount, $tcount, $client_id) as $var ) |
|
187 if ( (!is_int($var) && !is_string($var)) || (is_string($var) && !ctype_digit($var)) ) |
|
188 return "yms_err_expected_int"; |
|
189 |
|
190 $any_client_sql = ''; |
|
191 if ( is_bool($any_client) ) |
|
192 { |
|
193 $operand = $any_client ? "|" : "& ~"; |
|
194 $any_client_sql = ", flags = flags " . $operand . YMS_ANY_CLIENT; |
|
195 } |
|
196 |
|
197 $q = $db->sql_query('UPDATE ' . table_prefix . "yms_yubikeys SET session_count = {$scount}, token_count = {$tcount}{$any_client_sql} WHERE id = $id AND client_id = $client_id"); |
|
198 if ( !$q ) |
|
199 $db->_die(); |
|
200 |
|
201 return true; |
|
202 } |
|
203 |
179 function yms_get_url($url) |
204 function yms_get_url($url) |
180 { |
205 { |
181 require_once(ENANO_ROOT . '/includes/http.php'); |
206 require_once(ENANO_ROOT . '/includes/http.php'); |
182 |
207 |
183 $url = preg_replace('#^https?://#i', '', $url); |
208 $url = preg_replace('#^https?://#i', '', $url); |
289 { |
314 { |
290 if ( !($flags & YMS_ANY_CLIENT) ) |
315 if ( !($flags & YMS_ANY_CLIENT) ) |
291 { |
316 { |
292 return 'NO_SUCH_KEY'; |
317 return 'NO_SUCH_KEY'; |
293 } |
318 } |
294 if ( !($flags & YMS_ENABLED) ) |
319 } |
295 { |
320 if ( !($flags & YMS_ENABLED) ) |
296 return 'NO_SUCH_KEY'; |
321 { |
297 } |
322 return 'NO_SUCH_KEY'; |
298 } |
323 } |
299 |
324 |
300 // decode the OTP |
325 // decode the OTP |
301 $otp = yms_decode_otp($otp, $aes_secret); |
326 $otp = yms_decode_otp($otp, $aes_secret); |
302 |
327 |