(RADIATOR) Digipass support under Solaris

Roy Badami roy.badami at globalgraphics.com
Wed Feb 16 09:50:31 CST 2005 

[Sorry, didn't mean to take this off-list; replied to the wrong message]

>>>>> "Roy" == Roy Badami <roy.badami at globalgraphics.com> writes:

    Roy> Hmm, I spoke too soon.  It worked for the first token I
    Roy> tried, but not for another (from a different batch) I just
    Roy> get 'Validation Failed'.  Any suggestions as to how to debug
    Roy> this...?

Ok, mystery resolved, by extracting the token data from the old server
using some judicious cutting and pasting of the transaction logs in a
text editor... :-)

The token in question is a Digipass 300 that is a little over two
years old, but it seems to be suffering from excessive clock skew.
Clock skew is being reported by 'digipass.pl info' as 042906 -- is
that seconds?

I'm not sure I'd want to run with SyncWindow set that high in
RADIATOR, so instead I patched digipass.pl to allow SyncWindow to be
specified in digipass.pl, hence I can reset a highly skewed token
with:

digipass.pl reset <serial_no>
digipass.pl -syncwindow 48 verify <serial_no> <tokencode>

	    -roy

--------------------


--- digipass.pl Wed Feb 16 15:38:53 2005
+++ digipass2.pl        Wed Feb 16 15:40:04 2005
@@ -29,6 +29,7 @@
      'importkey=s',         # Key for importing tokens from a file
      'app=s',               # The name of the Digipass application to use. Spaces are important
      'f',                   # Force updates
+     'syncwindow=s',
      );
 
 &NGetOpt(@options) || &usage;
@@ -40,6 +41,7 @@
 my $dbauth     = $main::opt_dbauth     || 'fred';
 my $importkey  = $main::opt_importkey  || '11111111111111111111111111111111'; # For importing
 my $app        = $main::opt_app        || 'APPL 1      ';
+my $syncwindow = $main::opt_syncwindow || 6;
 
 # First make sure we can connect to the database
 # Open the database
@@ -50,7 +52,7 @@
     || die "Could not connect to $dbsource: $DBI::errstr";
 
 # Intialise the kernel paramters that Authen::Digipass requires for most calls.
-$kparms = Authen::Digipass::KernelParms->new();
+$kparms = Authen::Digipass::KernelParms->new(SyncWindow => $syncwindow);
 
 # Now find out the command they want to do
 my $command = shift @ARGV;

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list