From: Nick Porter <nick@portercomputing.co.uk>
Date: Tue, 9 Jan 2024 10:55:04 +0000 (+0000)
Subject: Correct calculation of Yubikey-Counter
X-Git-Tag: release_3_2_4~96
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=96ce95ce2f05045d89759a79e16741c1245b543e;p=thirdparty%2Ffreeradius-server.git

Correct calculation of Yubikey-Counter

token.use is only 8 bit
---

diff --git a/src/modules/rlm_yubikey/decrypt.c b/src/modules/rlm_yubikey/decrypt.c
index 20b6df8e2ef..2bf454354ae 100644
--- a/src/modules/rlm_yubikey/decrypt.c
+++ b/src/modules/rlm_yubikey/decrypt.c
@@ -106,7 +106,7 @@ rlm_rcode_t rlm_yubikey_decrypt(rlm_yubikey_t *inst, REQUEST *request, char cons
 	 *	Combine the two counter fields together so we can do
 	 *	replay attack checks.
 	 */
-	counter = (yubikey_counter(token.ctr) << 16) | token.use;
+	counter = (yubikey_counter(token.ctr) << 8) | token.use;
 
 	vp = fr_pair_make(request->packet, &request->packet->vps, "Yubikey-Counter", NULL, T_OP_SET);
 	if (!vp) {