[RADIATOR] OTP Authentication failed logging
Hartmaier Alexander
alexander.hartmaier at t-systems.at
Thu Jun 16 09:55:12 CDT 2016
Hi,
I've encountered some 'OTP Authentication failed: ()' logs and digged
deeper where there coming from.
In Radius/AuthOTP sub check_plain_password line 117 (4.16 with patches
1.1863):
<code>
else
{
my $result = $self->otp_verify($user, $submitted_pw, $p, $context);
return ($main::REJECT, "OTP Authentication failed. Is OTP set
up properly?")
unless defined $result;
if ($result)
{
$p->{Handler}->logPassword($user, $submitted_pw, 'OTP', 1,
$p) if $p->{Handler};
return ($main::ACCEPT);
}:
else
{
# Caution: this can happen if you are not running
# as root.
$p->{Handler}->logPassword($user, $submitted_pw, 'OTP', 0,
$p) if $p->{Handler};
return ($main::REJECT, "OTP Authentication failed: ($result)");
}
}
</code>
Line 104 returns if $result is undefined, line 107 if it's a true value
so the else tree is only hit if $reason is false in which case its value
is logged.
Is that's how you intended it?
Cheers, Alex
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien
Handelsgericht Wien, FN 79340b
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
Notice: This e-mail contains information that is confidential and may be privileged.
If you are not the intended recipient, please notify the sender and then
delete this e-mail immediately.
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
More information about the radiator
mailing list