* Copyright 2005,2006 TRI-D Systems, Inc.
*/
-static const char rcsid[] = "$Id$";
+#include <freeradius-devel/ident.h>
+RCSID("$Id$")
-#include <freeradius-devel/autoconf.h>
#include <freeradius-devel/radiusd.h>
#include <freeradius-devel/modules.h>
#include "extern.h"
#include "otp.h"
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/types.h>
-#include <time.h>
-#include <netinet/in.h> /* htonl(), ntohl() */
-
/* Global data */
static unsigned char hmac_key[16]; /* to protect State attribute */
static int ninstance = 0; /* #instances, for global init */
if (otp_gen_state(state, NULL, challenge, inst->challenge_len, 0,
now, hmac_key) != 0) {
- (void) radlog(L_ERR, "rlm_otp: %s: failed to generate state", __func__);
+ (void) radlog(L_ERR, "rlm_otp: %s: failed to generate radstate",__func__);
return RLM_MODULE_FAIL;
}
pairadd(&request->reply->vps, pairmake("State", state, T_OP_EQ));
e_length = inst->challenge_len * 2 + 8 + 8 + 32; /* see otp_gen_state() */
if (vp->length != e_length) {
- (void) radlog(L_AUTH, "rlm_otp: %s: bad state for [%s]: length",
+ (void) radlog(L_AUTH, "rlm_otp: %s: bad radstate for [%s]: length",
__func__, username);
return RLM_MODULE_INVALID;
}
(void) memcpy(rad_state, vp->vp_strvalue, vp->length);
rad_state[e_length] = '\0';
if (otp_a2x(rad_state, raw_state) == -1) {
- (void) radlog(L_AUTH, "rlm_otp: %s: bad state for [%s]: not hex",
+ (void) radlog(L_AUTH, "rlm_otp: %s: bad radstate for [%s]: not hex",
__func__, username);
return RLM_MODULE_INVALID;
}
/* generate new state from returned input data */
if (otp_gen_state(NULL, state, challenge, inst->challenge_len, 0,
then, hmac_key) != 0) {
- (void) radlog(L_ERR, "rlm_otp: %s: failed to generate state",
+ (void) radlog(L_ERR, "rlm_otp: %s: failed to generate radstate",
__func__);
return RLM_MODULE_FAIL;
}
/* compare generated state against returned state to verify hmac */
if (memcmp(state, vp->vp_strvalue, vp->length)) {
- (void) radlog(L_AUTH, "rlm_otp: %s: bad state for [%s]: hmac",
+ (void) radlog(L_AUTH, "rlm_otp: %s: bad radstate for [%s]: hmac",
__func__, username);
return RLM_MODULE_REJECT;
}
/* State is valid, but check expiry. */
then = ntohl(then);
if (time(NULL) - then > inst->challenge_delay) {
- (void) radlog(L_AUTH, "rlm_otp: %s: bad state for [%s]: expired",
+ (void) radlog(L_AUTH, "rlm_otp: %s: bad radstate for [%s]: expired",
__func__, username);
return RLM_MODULE_REJECT;
}
{
otp_option_t *inst = (otp_option_t *) instance;
- free(inst->otpd_rp);
- free(inst->chal_prompt);
free(instance);
/*
* Only the main thread instantiates and detaches instances,