From 4a9cae719ea5333ef83e8d4d7714a74adc21f860 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= Date: Fri, 23 Oct 2015 09:41:16 +0000 Subject: [PATCH] Let the optional argument to the calc command be the total number of codes to print, not the number of codes in addition to the current code. Add a -n option which causes the calc command to print the counter or timestamp in addition to the code. Document the fact that the calc command does not work correctly for TOTP keys with count > 1. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@868 185d5e19-27fe-0310-9dcf-9bff6b9f3609 --- bin/oathkey/oathkey.1 | 16 ++++++++++++---- bin/oathkey/oathkey.c | 19 ++++++++++++++----- 2 files changed, 26 insertions(+), 9 deletions(-) diff --git a/bin/oathkey/oathkey.1 b/bin/oathkey/oathkey.1 index 25c05d3..981b3f3 100644 --- a/bin/oathkey/oathkey.1 +++ b/bin/oathkey/oathkey.1 @@ -28,7 +28,7 @@ .\" .\" $Id$ .\" -.Dd December 15, 2014 +.Dd October 23, 2015 .Dt OATHKEY 1 .Os .Sh NAME @@ -36,7 +36,7 @@ .Nd OATH key management tool .Sh SYNOPSIS .Nm -.Op Fl hrvw +.Op Fl hnrvw .Op Fl u Ar user .Op Fl k Ar keyfile .Ar command @@ -55,6 +55,10 @@ Print a usage message and exit. Specify the location of the keyfile on which to operate. The default is .Pa /var/oath/ Ns Ar user Ns Pa .otpauth . +.It Fl n +When printing codes with the +.Cm calc +command, print the counter or timestamp along with each code. .It Fl r Disable writeback mode. .It Fl u Ar user @@ -74,7 +78,7 @@ The commands are: Compute and display the current code for the given key. If a count is specified, compute and display .Ar count -additional codes. +codes in total, starting with the current code. If writeback mode is enabled, the user's keyfile is updated to prevent reuse. .It Cm genkey Ar hotp | totp @@ -128,4 +132,8 @@ utility and this manual page were written by .An Dag-Erling Sm\(/orgrav Aq des@des.no for the University of Oslo. .Sh BUGS -Many. +For TOTP keys, the +.Cm calc Ar count +command will only work correctly for a +.Ar count +of 1. diff --git a/bin/oathkey/oathkey.c b/bin/oathkey/oathkey.c index 4dcc38b..b90c3f2 100644 --- a/bin/oathkey/oathkey.c +++ b/bin/oathkey/oathkey.c @@ -60,6 +60,7 @@ static char *user; static char *keyfile; static int verbose; static int readonly; +static int numbered; static int isroot; /* running as root */ static int issameuser; /* real user same as target user */ @@ -288,6 +289,7 @@ oathkey_calc(int argc, char *argv[]) struct oath_key *key; unsigned int current; unsigned long i, n; + uintmax_t count; char *end; int ret; @@ -295,20 +297,22 @@ oathkey_calc(int argc, char *argv[]) return (RET_USAGE); if (argc > 0) { n = strtoul(argv[0], &end, 10); - if (end == argv[0] || *end != '\0') + if (end == argv[0] || *end != '\0' || n < 1) return (RET_USAGE); } else { - n = 0; + n = 1; } if ((ret = oathkey_load(&key)) != RET_SUCCESS) return (ret); - for (i = 0; i <= n; ++i) { + for (i = 0; i < n; ++i) { switch (key->mode) { case om_hotp: current = oath_hotp_current(key); + count = key->counter; break; case om_totp: current = oath_totp_current(key); + count = key->lastused * key->timestep; break; default: current = UINT_MAX; @@ -318,6 +322,8 @@ oathkey_calc(int argc, char *argv[]) ret = RET_ERROR; break; } + if (numbered) + printf("%6ju ", count); printf("%.*d\n", (int)key->digits, current); } if (ret == RET_SUCCESS && !readonly) @@ -387,7 +393,7 @@ static void usage(void) { fprintf(stderr, - "usage: oathkey [-hrvw] [-u user] [-k keyfile] command\n" + "usage: oathkey [-hnrvw] [-u user] [-k keyfile] command\n" "\n" "Commands:\n" " calc [count]\n" @@ -414,11 +420,14 @@ main(int argc, char *argv[]) /* * Parse command-line options */ - while ((opt = getopt(argc, argv, "hk:ru:vw")) != -1) + while ((opt = getopt(argc, argv, "hk:nru:vw")) != -1) switch (opt) { case 'k': keyfile = optarg; break; + case 'n': + numbered = 1; + break; case 'r': readonly = 1; break;