From: Nick Porter Date: Mon, 29 Apr 2024 08:15:20 +0000 (+0100) Subject: Use correct interval for previous TOTP time slots X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e240faad590cdf7c1f9225690230e04e69606a00;p=thirdparty%2Ffreeradius-server.git Use correct interval for previous TOTP time slots --- diff --git a/src/modules/rlm_totp/totp.c b/src/modules/rlm_totp/totp.c index 3a01f48074e..4594f2ad964 100644 --- a/src/modules/rlm_totp/totp.c +++ b/src/modules/rlm_totp/totp.c @@ -98,12 +98,12 @@ int fr_totp_cmp(fr_totp_t const *cfg, request_t *request, time_t now, uint8_t co /* * First try to authenticate against the current OTP, then step - * back in increments of BACK_STEP_SECS, up to BACK_STEPS times, + * back in increments of `lookback_interval`, up to `lookback_steps` times, * to authenticate properly in cases of long transit delay, as * described in RFC 6238, section 5.2. */ - for (i = 0, then = now; i <= cfg->lookback_steps; i++, then -= cfg->lookback_steps) { + for (i = 0, then = now; i <= cfg->lookback_steps; i++, then -= cfg->lookback_interval) { padded = ((uint64_t) now) / cfg->time_step; data[0] = padded >> 56; data[1] = padded >> 48;