Let the optional argument to the calc command be the total number of codes
to print, not the number of codes in addition to the current code. Add a -n option which causes the calc command to print the counter or timestamp in addition to the code. Document the fact that the calc command does not work correctly for TOTP keys with count > 1. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@868 185d5e19-27fe-0310-9dcf-9bff6b9f3609
This commit is contained in:
parent
75781c2e7c
commit
4a9cae719e
|
@ -28,7 +28,7 @@
|
||||||
.\"
|
.\"
|
||||||
.\" $Id$
|
.\" $Id$
|
||||||
.\"
|
.\"
|
||||||
.Dd December 15, 2014
|
.Dd October 23, 2015
|
||||||
.Dt OATHKEY 1
|
.Dt OATHKEY 1
|
||||||
.Os
|
.Os
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
|
@ -36,7 +36,7 @@
|
||||||
.Nd OATH key management tool
|
.Nd OATH key management tool
|
||||||
.Sh SYNOPSIS
|
.Sh SYNOPSIS
|
||||||
.Nm
|
.Nm
|
||||||
.Op Fl hrvw
|
.Op Fl hnrvw
|
||||||
.Op Fl u Ar user
|
.Op Fl u Ar user
|
||||||
.Op Fl k Ar keyfile
|
.Op Fl k Ar keyfile
|
||||||
.Ar command
|
.Ar command
|
||||||
|
@ -55,6 +55,10 @@ Print a usage message and exit.
|
||||||
Specify the location of the keyfile on which to operate.
|
Specify the location of the keyfile on which to operate.
|
||||||
The default is
|
The default is
|
||||||
.Pa /var/oath/ Ns Ar user Ns Pa .otpauth .
|
.Pa /var/oath/ Ns Ar user Ns Pa .otpauth .
|
||||||
|
.It Fl n
|
||||||
|
When printing codes with the
|
||||||
|
.Cm calc
|
||||||
|
command, print the counter or timestamp along with each code.
|
||||||
.It Fl r
|
.It Fl r
|
||||||
Disable writeback mode.
|
Disable writeback mode.
|
||||||
.It Fl u Ar user
|
.It Fl u Ar user
|
||||||
|
@ -74,7 +78,7 @@ The commands are:
|
||||||
Compute and display the current code for the given key.
|
Compute and display the current code for the given key.
|
||||||
If a count is specified, compute and display
|
If a count is specified, compute and display
|
||||||
.Ar count
|
.Ar count
|
||||||
additional codes.
|
codes in total, starting with the current code.
|
||||||
If writeback mode is enabled, the user's keyfile is updated to prevent
|
If writeback mode is enabled, the user's keyfile is updated to prevent
|
||||||
reuse.
|
reuse.
|
||||||
.It Cm genkey Ar hotp | totp
|
.It Cm genkey Ar hotp | totp
|
||||||
|
@ -128,4 +132,8 @@ utility and this manual page were written by
|
||||||
.An Dag-Erling Sm\(/orgrav Aq des@des.no
|
.An Dag-Erling Sm\(/orgrav Aq des@des.no
|
||||||
for the University of Oslo.
|
for the University of Oslo.
|
||||||
.Sh BUGS
|
.Sh BUGS
|
||||||
Many.
|
For TOTP keys, the
|
||||||
|
.Cm calc Ar count
|
||||||
|
command will only work correctly for a
|
||||||
|
.Ar count
|
||||||
|
of 1.
|
||||||
|
|
|
@ -60,6 +60,7 @@ static char *user;
|
||||||
static char *keyfile;
|
static char *keyfile;
|
||||||
static int verbose;
|
static int verbose;
|
||||||
static int readonly;
|
static int readonly;
|
||||||
|
static int numbered;
|
||||||
|
|
||||||
static int isroot; /* running as root */
|
static int isroot; /* running as root */
|
||||||
static int issameuser; /* real user same as target user */
|
static int issameuser; /* real user same as target user */
|
||||||
|
@ -288,6 +289,7 @@ oathkey_calc(int argc, char *argv[])
|
||||||
struct oath_key *key;
|
struct oath_key *key;
|
||||||
unsigned int current;
|
unsigned int current;
|
||||||
unsigned long i, n;
|
unsigned long i, n;
|
||||||
|
uintmax_t count;
|
||||||
char *end;
|
char *end;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
|
@ -295,20 +297,22 @@ oathkey_calc(int argc, char *argv[])
|
||||||
return (RET_USAGE);
|
return (RET_USAGE);
|
||||||
if (argc > 0) {
|
if (argc > 0) {
|
||||||
n = strtoul(argv[0], &end, 10);
|
n = strtoul(argv[0], &end, 10);
|
||||||
if (end == argv[0] || *end != '\0')
|
if (end == argv[0] || *end != '\0' || n < 1)
|
||||||
return (RET_USAGE);
|
return (RET_USAGE);
|
||||||
} else {
|
} else {
|
||||||
n = 0;
|
n = 1;
|
||||||
}
|
}
|
||||||
if ((ret = oathkey_load(&key)) != RET_SUCCESS)
|
if ((ret = oathkey_load(&key)) != RET_SUCCESS)
|
||||||
return (ret);
|
return (ret);
|
||||||
for (i = 0; i <= n; ++i) {
|
for (i = 0; i < n; ++i) {
|
||||||
switch (key->mode) {
|
switch (key->mode) {
|
||||||
case om_hotp:
|
case om_hotp:
|
||||||
current = oath_hotp_current(key);
|
current = oath_hotp_current(key);
|
||||||
|
count = key->counter;
|
||||||
break;
|
break;
|
||||||
case om_totp:
|
case om_totp:
|
||||||
current = oath_totp_current(key);
|
current = oath_totp_current(key);
|
||||||
|
count = key->lastused * key->timestep;
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
current = UINT_MAX;
|
current = UINT_MAX;
|
||||||
|
@ -318,6 +322,8 @@ oathkey_calc(int argc, char *argv[])
|
||||||
ret = RET_ERROR;
|
ret = RET_ERROR;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
if (numbered)
|
||||||
|
printf("%6ju ", count);
|
||||||
printf("%.*d\n", (int)key->digits, current);
|
printf("%.*d\n", (int)key->digits, current);
|
||||||
}
|
}
|
||||||
if (ret == RET_SUCCESS && !readonly)
|
if (ret == RET_SUCCESS && !readonly)
|
||||||
|
@ -387,7 +393,7 @@ static void
|
||||||
usage(void)
|
usage(void)
|
||||||
{
|
{
|
||||||
fprintf(stderr,
|
fprintf(stderr,
|
||||||
"usage: oathkey [-hrvw] [-u user] [-k keyfile] command\n"
|
"usage: oathkey [-hnrvw] [-u user] [-k keyfile] command\n"
|
||||||
"\n"
|
"\n"
|
||||||
"Commands:\n"
|
"Commands:\n"
|
||||||
" calc [count]\n"
|
" calc [count]\n"
|
||||||
|
@ -414,11 +420,14 @@ main(int argc, char *argv[])
|
||||||
/*
|
/*
|
||||||
* Parse command-line options
|
* Parse command-line options
|
||||||
*/
|
*/
|
||||||
while ((opt = getopt(argc, argv, "hk:ru:vw")) != -1)
|
while ((opt = getopt(argc, argv, "hk:nru:vw")) != -1)
|
||||||
switch (opt) {
|
switch (opt) {
|
||||||
case 'k':
|
case 'k':
|
||||||
keyfile = optarg;
|
keyfile = optarg;
|
||||||
break;
|
break;
|
||||||
|
case 'n':
|
||||||
|
numbered = 1;
|
||||||
|
break;
|
||||||
case 'r':
|
case 'r':
|
||||||
readonly = 1;
|
readonly = 1;
|
||||||
break;
|
break;
|
||||||
|
|
Loading…
Reference in New Issue