# HG changeset patch # User Dan # Date 1241122273 14400 # Node ID 3163b9f58ae88bf7c9381e731cbdd2f77d9c638b # Parent c479ca761d29d5ece1dba6c978f99be94795cb95 Added error for HTTP connection failure. diff -r c479ca761d29 -r 3163b9f58ae8 plugins/Yubikey.php --- a/plugins/Yubikey.php Thu Mar 19 09:27:52 2009 -0400 +++ b/plugins/Yubikey.php Thu Apr 30 16:11:13 2009 -0400 @@ -115,6 +115,7 @@ err_must_have_password: 'Please enter your password in addition to your username and Yubikey.', err_key_not_authorized: 'This Yubikey is not authorized on this site.', err_otp_invalid_chars: '%this.yubiauth_err_invalid_otp%', + err_http_failed: 'Your OTP could not be validated because the authentication server could not be contacted. Technical error message: %http_error%', err_missing_api_key: 'Your OTP could not be validated because no Yubico API key is registered on this site.', err_http_response_error: 'Your OTP could not be validated because the Yubico authentication server reported an error.', err_malformed_response: 'Your OTP could not be validated because the Yubico authentication server returned an unexpected response.', diff -r c479ca761d29 -r 3163b9f58ae8 plugins/yubikey/corelib.php --- a/plugins/yubikey/corelib.php Thu Mar 19 09:27:52 2009 -0400 +++ b/plugins/yubikey/corelib.php Thu Apr 30 16:11:13 2009 -0400 @@ -61,7 +61,7 @@ require_once( ENANO_ROOT . '/includes/http.php' ); $auth_url = getConfig('yubikey_auth_server', YK_DEFAULT_VERIFY_URL); $auth_url = preg_replace('#^https?://#i', '', $auth_url); - if ( !preg_match('#^(\[?[a-z0-9-:]+(?:\.[a-z0-9-:]+\]?)*)(/.*)$#', $auth_url, $match) ) + if ( !preg_match('#^(\[?[a-z0-9-:]+(?:\.[a-z0-9-:]+\]?)*)(?::([0-9]+))?(/.*)$#U', $auth_url, $match) ) { return array( 'success' => false, @@ -69,13 +69,25 @@ ); } $auth_server =& $match[1]; - $auth_uri =& $match[2]; - $req = new Request_HTTP($auth_server, $auth_uri); - $req->add_get('id', strval($api_id)); - $req->add_get('otp', $otp); - $req->add_get('h', yubikey_sign($req->parms_get)); + $auth_port = ( !empty($match[2]) ) ? intval($match[2]) : 80; + $auth_uri =& $match[3]; + try + { + $req = new Request_HTTP($auth_server, $auth_uri, 'GET', $auth_port); + $req->add_get('id', strval($api_id)); + $req->add_get('otp', $otp); + $req->add_get('h', yubikey_sign($req->parms_get)); - $response = $req->get_response_body(); + $response = $req->get_response_body(); + } + catch ( Exception $e ) + { + return array( + 'success' => false, + 'error' => 'http_failed', + 'http_error' => $e->getMessage() + ); + } if ( $req->response_code != HTTP_OK ) { @@ -189,7 +201,8 @@ $tolerance = intval(getConfig('yubikey_api_ts_tolerance', 150)); $now = time(); - $timestamp_seconds = strtotime(substr($timestamp, 0, -4)); + $timestamp = preg_replace('/Z[0-9]{3}$/', '', $timestamp); + $timestamp_seconds = strtotime($timestamp); if ( !$timestamp || !$now ) {