For TOTP keys, we record when the key was last used. For HOTP keys,

however, we want to record the *next* allowed counter value. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@794 185d5e19-27fe-0310-9dcf-9bff6b9f3609
2014-04-11 10:35:18 +00:00 · 2014-04-11 10:35:18 +00:00 · 1efe822057
parent b61b6f9c74
commit 1efe822057
1 changed files with 1 additions and 1 deletions
--- a/lib/liboath/oath_hotp.c
+++ b/lib/liboath/oath_hotp.c
@ -129,7 +129,7 @@ oath_hotp_match(struct oath_key *k, unsigned int response, int window)
 	for (int i = 0; i < window; ++i) {
 		code = oath_hotp(k->key, k->keylen, k->counter + i, k->digits);
 		if (code == response && !k->dummy) {
-			k->counter = k->counter + i;
+			k->counter = k->counter + i + 1;
 			return (1);
 		}
 	}