OpenPAM/OpenPAM
OpenPAM
/
OpenPAM
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Turn writeback mode on by default in oathkey(1). 

git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@841 185d5e19-27fe-0310-9dcf-9bff6b9f3609
This commit is contained in:
Dag-Erling Smørgrav 2014-11-12 16:21:15 +00:00
parent fc5eeb8fd9
commit d130c0ec09
2 changed files with 13 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
bin/oathkey/oathkey.1
View File

@ -28,7 +28,7 @@
.\" .\"
.\" $Id$ .\" $Id$
.\" .\"
.Dd October 22, 2014 .Dd November 11, 2014
.Dt OATHKEY 1 .Dt OATHKEY 1
.Os .Os
.Sh NAME .Sh NAME
@ -36,7 +36,7 @@
.Nd OATH key management tool .Nd OATH key management tool
.Sh SYNOPSIS .Sh SYNOPSIS
.Nm .Nm
.Op Fl hvw .Op Fl hrvw
.Op Fl u Ar user .Op Fl u Ar user
.Op Fl k Ar keyfile .Op Fl k Ar keyfile
.Ar command .Ar command
@ -55,6 +55,8 @@ Print a usage message and exit.
Specify the location of the keyfile on which to operate. Specify the location of the keyfile on which to operate.
The default is The default is
.Pa /var/oath/ Ns Ar user Ns Pa .otpauth . .Pa /var/oath/ Ns Ar user Ns Pa .otpauth .
.It Fl r
Disable writeback mode.
.It Fl u Ar user .It Fl u Ar user
Specify the user on which to operate. Specify the user on which to operate.
The default is the current user. The default is the current user.
@ -63,6 +65,7 @@ Only root may operate on other users.
Enable verbose mode. Enable verbose mode.
.It Fl w .It Fl w
Enable writeback mode (see below). Enable writeback mode (see below).
This is the default.
.El .El
.Pp .Pp
The commands are: The commands are:

17
bin/oathkey/oathkey.c
View File

@ -55,7 +55,7 @@ enum { RET_SUCCESS, RET_FAILURE, RET_ERROR, RET_USAGE, RET_UNAUTH };
static char *user; static char *user;
static char *keyfile; static char *keyfile;
static int verbose; static int verbose;
static int writeback; static int readonly;
static int isroot; /* running as root */ static int isroot; /* running as root */
static int issameuser; /* real user same as target user */ static int issameuser; /* real user same as target user */
@ -160,7 +160,7 @@ oathkey_genkey(int argc, char *argv[])
return (RET_UNAUTH); return (RET_UNAUTH);
if ((key = oath_key_create(user, om_totp, oh_undef, NULL, 0)) == NULL) if ((key = oath_key_create(user, om_totp, oh_undef, NULL, 0)) == NULL)
return (RET_ERROR); return (RET_ERROR);
ret = writeback ? oathkey_save(key) : oathkey_print_uri(key); ret = readonly ? oathkey_print_uri(key) : oathkey_save(key);
oath_key_free(key); oath_key_free(key);
return (ret); return (ret);
} }
@ -261,9 +261,7 @@ oathkey_verify(int argc, char *argv[])
if (verbose) if (verbose)
warnx("response: %lu %s", response, warnx("response: %lu %s", response,
match ? "matched" : "did not match"); match ? "matched" : "did not match");
ret = match ? RET_SUCCESS : RET_FAILURE; ret = match ? readonly ? RET_SUCCESS : oathkey_save(key) : RET_FAILURE;
if (match && writeback)
ret = oathkey_save(key);
oath_key_free(key); oath_key_free(key);
return (ret); return (ret);
} }
@ -294,9 +292,7 @@ oathkey_calc(int argc, char *argv[])
ret = RET_ERROR; ret = RET_ERROR;
} else { } else {
printf("%.*d\n", (int)key->digits, current); printf("%.*d\n", (int)key->digits, current);
ret = RET_SUCCESS; ret = readonly ? RET_SUCCESS : oathkey_save(key);
if (writeback)
ret = oathkey_save(key);
} }
oath_key_free(key); oath_key_free(key);
return (ret); return (ret);
@ -337,6 +333,9 @@ main(int argc, char *argv[])
case 'k': case 'k':
keyfile = optarg; keyfile = optarg;
break; break;
case 'r':
readonly = 1;
break;
case 'u': case 'u':
user = optarg; user = optarg;
break; break;
@ -344,7 +343,7 @@ main(int argc, char *argv[])
++verbose; ++verbose;
break; break;
case 'w': case 'w':
++writeback; readonly = 0;
break; break;
case 'h': case 'h':
default: default: