[Freeipa-devel] [PATCH] 0087 Fix an integer underflow bug in libotp
Tomas Babej
tbabej at redhat.com
Tue Sep 29 11:57:07 UTC 2015
On 09/25/2015 06:38 PM, Nathaniel McCallum wrote:
> On Fri, 2015-09-25 at 12:18 -0400, Nathaniel McCallum wrote:
>> Temporarily storing the offset time in an unsigned integer causes the
>> value of the offset to underflow when a (valid) negative offset value
>> is generated. Using a signed variable avoids this problem.
>
> This new version makes the patch smaller.
>
>
>
ACK, this fixes the issue, I was able to synchronize with negative
offset after applying the patch.
ipa otptoken-find --all
-------------------
1 OTP token matched
-------------------
dn:
ipatokenuniqueid=1e7a8029-8872-46f5-8254-9d03a62d2417,cn=otp,dc=ipa,dc=test
Unique ID: 1e7a8029-8872-46f5-8254-9d03a62d2417
Type: TOTP
Owner: test
Key: eu/S8oUunB188tRc5HE8CkxMmyI=
Algorithm: sha1
Digits: 6
Clock offset: 4294963816
Clock interval: 30
ipatokentotpwatermark: 48117551
objectclass: top, ipatokentotp, ipatoken
----------------------------
Number of entries returned 1
----------------------------
[master]$ ipa otptoken-sync
User ID: test
Password:
First Code:
Second Code:
Token synchronized.
[master]$ ipa otptoken-find --all
-------------------
1 OTP token matched
-------------------
dn:
ipatokenuniqueid=1e7a8029-8872-46f5-8254-9d03a62d2417,cn=otp,dc=ipa,dc=test
Unique ID: 1e7a8029-8872-46f5-8254-9d03a62d2417
Type: TOTP
Owner: test
Key: eu/S8oUunB188tRc5HE8CkxMmyI=
Algorithm: sha1
Digits: 6
Clock offset: -3450
Clock interval: 30
ipatokentotpwatermark: 48117590
objectclass: top, ipatokentotp, ipatoken
----------------------------
Number of entries returned 1
----------------------------
More information about the Freeipa-devel
mailing list