Add a calc command that prints the current code.
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@827 185d5e19-27fe-0310-9dcf-9bff6b9f3609
This commit is contained in:
parent
e5b05552fc
commit
9c55e81bbb
|
@ -28,7 +28,7 @@
|
||||||
.\"
|
.\"
|
||||||
.\" $Id$
|
.\" $Id$
|
||||||
.\"
|
.\"
|
||||||
.Dd October 8, 2014
|
.Dd October 22, 2014
|
||||||
.Dt OATHKEY 1
|
.Dt OATHKEY 1
|
||||||
.Os
|
.Os
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
|
@ -67,6 +67,10 @@ Enable writeback mode (see below).
|
||||||
.Pp
|
.Pp
|
||||||
The commands are:
|
The commands are:
|
||||||
.Bl -tag -width 6n
|
.Bl -tag -width 6n
|
||||||
|
.It Cm calc
|
||||||
|
Compute and display the current code for the given key.
|
||||||
|
If writeback mode is enabled, the user's keyfile is updated to prevent
|
||||||
|
reuse.
|
||||||
.It Cm genkey
|
.It Cm genkey
|
||||||
Generate a new key.
|
Generate a new key.
|
||||||
If writeback mode is enabled, the user's key is set; otherwise, it is
|
If writeback mode is enabled, the user's key is set; otherwise, it is
|
||||||
|
@ -77,14 +81,14 @@ Print the user's key.
|
||||||
Print the user's key in otpauth URI form.
|
Print the user's key in otpauth URI form.
|
||||||
.It Cm setkey Ar uri
|
.It Cm setkey Ar uri
|
||||||
Set the user's key to the given otpauth URI.
|
Set the user's key to the given otpauth URI.
|
||||||
|
.It Cm uri
|
||||||
|
Deprecated synonym for
|
||||||
|
.Cm geturi .
|
||||||
.It Cm verify Ar code
|
.It Cm verify Ar code
|
||||||
Verify that the given code is the correct current response for the
|
Verify that the given code is the correct current response for the
|
||||||
user's key.
|
user's key.
|
||||||
If writeback mode is enabled and the response matched, the user's
|
If writeback mode is enabled and the response matched, the user's
|
||||||
keyfile is updated to prevent reuse.
|
keyfile is updated to prevent reuse.
|
||||||
.It Cm uri
|
|
||||||
Deprecated synonym for
|
|
||||||
.Cm geturi .
|
|
||||||
.El
|
.El
|
||||||
.Sh SEE ALSO
|
.Sh SEE ALSO
|
||||||
.Xr oath_hotp 3 ,
|
.Xr oath_hotp 3 ,
|
||||||
|
|
|
@ -91,6 +91,24 @@ oathkey_print_uri(struct oath_key *key)
|
||||||
return (RET_SUCCESS);
|
return (RET_SUCCESS);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Load key from file
|
||||||
|
*/
|
||||||
|
static int
|
||||||
|
oathkey_load(struct oath_key **key)
|
||||||
|
{
|
||||||
|
|
||||||
|
if (verbose)
|
||||||
|
warnx("loading key from %s", keyfile);
|
||||||
|
if ((*key = oath_key_from_file(keyfile)) == NULL) {
|
||||||
|
warn("%s", keyfile);
|
||||||
|
if (errno == EACCES || errno == EPERM)
|
||||||
|
return (RET_UNAUTH);
|
||||||
|
return (RET_ERROR);
|
||||||
|
}
|
||||||
|
return (RET_SUCCESS);
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Save key to file
|
* Save key to file
|
||||||
* XXX liboath should take care of this for us
|
* XXX liboath should take care of this for us
|
||||||
|
@ -183,10 +201,8 @@ oathkey_getkey(int argc, char *argv[])
|
||||||
(void)argv;
|
(void)argv;
|
||||||
if (!isroot && !issameuser)
|
if (!isroot && !issameuser)
|
||||||
return (RET_UNAUTH);
|
return (RET_UNAUTH);
|
||||||
if (verbose)
|
if ((ret = oathkey_load(&key)) != RET_SUCCESS)
|
||||||
warnx("loading key from %s", keyfile);
|
return (ret);
|
||||||
if ((key = oath_key_from_file(keyfile)) == NULL)
|
|
||||||
return (RET_ERROR);
|
|
||||||
ret = oathkey_print_hex(key);
|
ret = oathkey_print_hex(key);
|
||||||
oath_key_free(key);
|
oath_key_free(key);
|
||||||
return (ret);
|
return (ret);
|
||||||
|
@ -206,10 +222,8 @@ oathkey_geturi(int argc, char *argv[])
|
||||||
(void)argv;
|
(void)argv;
|
||||||
if (!isroot && !issameuser)
|
if (!isroot && !issameuser)
|
||||||
return (RET_UNAUTH);
|
return (RET_UNAUTH);
|
||||||
if (verbose)
|
if ((ret = oathkey_load(&key)) != RET_SUCCESS)
|
||||||
warnx("loading key from %s", keyfile);
|
return (ret);
|
||||||
if ((key = oath_key_from_file(keyfile)) == NULL)
|
|
||||||
return (RET_ERROR);
|
|
||||||
ret = oathkey_print_uri(key);
|
ret = oathkey_print_uri(key);
|
||||||
oath_key_free(key);
|
oath_key_free(key);
|
||||||
return (ret);
|
return (ret);
|
||||||
|
@ -228,10 +242,8 @@ oathkey_verify(int argc, char *argv[])
|
||||||
|
|
||||||
if (argc < 1)
|
if (argc < 1)
|
||||||
return (RET_USAGE);
|
return (RET_USAGE);
|
||||||
if (verbose)
|
if ((ret = oathkey_load(&key)) != RET_SUCCESS)
|
||||||
warnx("loading key from %s", keyfile);
|
return (ret);
|
||||||
if ((key = oath_key_from_file(keyfile)) == NULL)
|
|
||||||
return (RET_ERROR);
|
|
||||||
response = strtoul(*argv, &end, 10);
|
response = strtoul(*argv, &end, 10);
|
||||||
if (end == *argv || *end != '\0')
|
if (end == *argv || *end != '\0')
|
||||||
response = ULONG_MAX; /* never valid */
|
response = ULONG_MAX; /* never valid */
|
||||||
|
@ -256,6 +268,40 @@ oathkey_verify(int argc, char *argv[])
|
||||||
return (ret);
|
return (ret);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Compute the current code
|
||||||
|
*/
|
||||||
|
static int
|
||||||
|
oathkey_calc(int argc, char *argv[])
|
||||||
|
{
|
||||||
|
struct oath_key *key;
|
||||||
|
unsigned int current;
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
if (argc != 0)
|
||||||
|
return (RET_USAGE);
|
||||||
|
(void)argv;
|
||||||
|
if ((ret = oathkey_load(&key)) != RET_SUCCESS)
|
||||||
|
return (ret);
|
||||||
|
if (key->mode == om_totp)
|
||||||
|
current = oath_totp_current(key);
|
||||||
|
else if (key->mode == om_hotp)
|
||||||
|
current = oath_hotp_current(key);
|
||||||
|
else
|
||||||
|
current = -1;
|
||||||
|
if (current == (unsigned int)-1) {
|
||||||
|
warnx("OATH error");
|
||||||
|
ret = RET_ERROR;
|
||||||
|
} else {
|
||||||
|
printf("%.*d\n", (int)key->digits, current);
|
||||||
|
ret = RET_SUCCESS;
|
||||||
|
if (writeback)
|
||||||
|
ret = oathkey_save(key);
|
||||||
|
}
|
||||||
|
oath_key_free(key);
|
||||||
|
return (ret);
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Print usage string and exit.
|
* Print usage string and exit.
|
||||||
*/
|
*/
|
||||||
|
@ -266,6 +312,7 @@ usage(void)
|
||||||
"usage: oathkey [-hvw] [-u user] [-k keyfile] <command>\n"
|
"usage: oathkey [-hvw] [-u user] [-k keyfile] <command>\n"
|
||||||
"\n"
|
"\n"
|
||||||
"Commands:\n"
|
"Commands:\n"
|
||||||
|
" calc Print the current code\n"
|
||||||
" genkey Generate a new key\n"
|
" genkey Generate a new key\n"
|
||||||
" getkey Print the key in hexadecimal form\n"
|
" getkey Print the key in hexadecimal form\n"
|
||||||
" geturi Print the key in otpauth URI form\n"
|
" geturi Print the key in otpauth URI form\n"
|
||||||
|
@ -354,10 +401,12 @@ main(int argc, char *argv[])
|
||||||
*/
|
*/
|
||||||
if (strcmp(cmd, "help") == 0)
|
if (strcmp(cmd, "help") == 0)
|
||||||
ret = RET_USAGE;
|
ret = RET_USAGE;
|
||||||
|
else if (strcmp(cmd, "calc") == 0)
|
||||||
|
ret = oathkey_calc(argc, argv);
|
||||||
else if (strcmp(cmd, "genkey") == 0)
|
else if (strcmp(cmd, "genkey") == 0)
|
||||||
ret = oathkey_genkey(argc, argv);
|
ret = oathkey_genkey(argc, argv);
|
||||||
else if (strcmp(cmd, "getkey") == 0)
|
else if (strcmp(cmd, "getkey") == 0)
|
||||||
ret = oathkey_getkey(argc, argv);
|
ret = oathkey_getkey(argc, argv);
|
||||||
else if (strcmp(cmd, "geturi") == 0 || strcmp(cmd, "uri") == 0)
|
else if (strcmp(cmd, "geturi") == 0 || strcmp(cmd, "uri") == 0)
|
||||||
ret = oathkey_geturi(argc, argv);
|
ret = oathkey_geturi(argc, argv);
|
||||||
else if (strcmp(cmd, "setkey") == 0)
|
else if (strcmp(cmd, "setkey") == 0)
|
||||||
|
|
Loading…
Reference in New Issue