From 9395a96ce86a53ee75ce8b8ed7feea20ee603764 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Fri, 6 May 2022 18:31:48 +0200 Subject: ocserv: T4231: XML OTP support must not be added globally - only for openconnect --- .../include/auth-local-users.xml.i | 68 ------------------- interface-definitions/vpn_openconnect.xml.in | 76 ++++++++++++++++++++++ 2 files changed, 76 insertions(+), 68 deletions(-) (limited to 'interface-definitions') diff --git a/interface-definitions/include/auth-local-users.xml.i b/interface-definitions/include/auth-local-users.xml.i index cb456eecf..9fb507474 100644 --- a/interface-definitions/include/auth-local-users.xml.i +++ b/interface-definitions/include/auth-local-users.xml.i @@ -19,74 +19,6 @@ Password used for authentication - - - 2FA OTP authentication parameters - - - - - Token Key Secret key for the token algorithm (see RFC 4226) - - txt - OTP key in hex-encoded format - - - [a-fA-F0-9]{20,10000} - - Key name must only include hex characters and be at least 20 characters long - - - - - Number of digits in OTP code - - u32:6-8 - Number of digits in OTP code - - - - - Number of digits in OTP code must be between 6 and 8 - - 6 - - - - Time tokens interval in seconds - - u32:5-86400 - Time tokens interval in seconds. - - - - - Time token interval must be between 5 and 86400 seconds - - 30 - - - - Token type - - hotp-time - Time-based OTP algorithm - - - hotp-event - Event-based OTP algorithm - - - (hotp-time|hotp-event) - - - hotp-time hotp-event - - - hotp-time - - - diff --git a/interface-definitions/vpn_openconnect.xml.in b/interface-definitions/vpn_openconnect.xml.in index 7981c3fa2..21b47125d 100644 --- a/interface-definitions/vpn_openconnect.xml.in +++ b/interface-definitions/vpn_openconnect.xml.in @@ -51,6 +51,82 @@ #include + + + + + + + 2FA OTP authentication parameters + + + + + Token Key Secret key for the token algorithm (see RFC 4226) + + txt + OTP key in hex-encoded format + + + [a-fA-F0-9]{20,10000} + + Key name must only include hex characters and be at least 20 characters long + + + + + Number of digits in OTP code + + u32:6-8 + Number of digits in OTP code + + + + + Number of digits in OTP code must be between 6 and 8 + + 6 + + + + Time tokens interval in seconds + + u32:5-86400 + Time tokens interval in seconds. + + + + + Time token interval must be between 5 and 86400 seconds + + 30 + + + + Token type + + hotp-time + Time-based OTP algorithm + + + hotp-event + Event-based OTP algorithm + + + (hotp-time|hotp-event) + + + hotp-time hotp-event + + + hotp-time + + + + + + + #include -- cgit v1.2.3