Viewing all changes in revision 1681.
- Committer: Ubuntu One Auto Copilot
- Date: 2019-03-06 15:50:33 UTC
- mfrom: (1680.1.3 dont-rewind-totps)
- Revision ID: otto-copilot@canonical.com-20190306155033-cv8i3c6fneep3l22
Do not store/use an OATH TOTP client's calculated "absolute drift".
Per LP bug #1817075, the "stored absolute drift" functionality of python-oath
is broken and allows a client to reuse a token that is just expired (due to
allowing relative drift of +/-30 seconds), and keep reusing it just past the
end of the previously-calculated absolute drift to keep it "alive"
indefinitely.
A side-effect of this is that we will require OATH TOTP devices to have
*accurate* clocks, which is deemed acceptable since the vast majority of clients
are either phones or computers. "Accurate" is quite lenient though, because
a device can be +/- 45 seconds off and still generate valid codes.
Merged from https://code.launchpad.net/~roadmr/canonical-identity-provider/non-drifting-totp/+merge/363558
Per LP bug #1817075, the "stored absolute drift" functionality of python-oath
is broken and allows a client to reuse a token that is just expired (due to
allowing relative drift of +/-30 seconds), and keep reusing it just past the
end of the previously-calculated absolute drift to keep it "alive"
indefinitely.
A side-effect of this is that we will require OATH TOTP devices to have
*accurate* clocks, which is deemed acceptable since the vast majority of clients
are either phones or computers. "Accurate" is quite lenient though, because
a device can be +/- 45 seconds off and still generate valid codes.
Merged from https://code.launchpad.net/~roadmr/canonical-identity-provider/non-drifting-totp/+merge/363558
expand all
collapse all
added
removed
