From 9fde3a7508e099e0ae445c51916b7ead127bfd85 Mon Sep 17 00:00:00 2001
From: Jorge Pereira <jpereira@freeradius.org>
Date: Wed, 6 Sep 2023 17:40:09 -0300
Subject: [PATCH 01/12] rlm_totp: Backport changes from v3.2.x

---
 raddb/mods-available/totp       |  23 ++++
 src/modules/rlm_totp/rlm_totp.c | 189 ++++++++++++++++++++++++--------
 2 files changed, 169 insertions(+), 43 deletions(-)

diff --git a/raddb/mods-available/totp b/raddb/mods-available/totp
index b354122b64ec..43d2f57afa42 100644
--- a/raddb/mods-available/totp
+++ b/raddb/mods-available/totp
@@ -43,4 +43,27 @@
 #  The module takes no configuration items.
 #
 totp {
+	#
+	#  Default time step between time changes
+	#
+	time_step = 30
+
+	#
+	#  Length of the one-time password.
+	#
+	#  Must be 6 or 8
+	#
+	otp_length = 8
+
+	#
+	#  How many steps backward in time we look for a matching OTP
+	#
+	lookback_steps = 1
+
+	#
+	#  Time delta between steps.
+	#
+	#  Cannot be larger than time_step
+	#
+	lookback_interval = 30
 }
diff --git a/src/modules/rlm_totp/rlm_totp.c b/src/modules/rlm_totp/rlm_totp.c
index 8c283272defb..9e876bbb5f05 100644
--- a/src/modules/rlm_totp/rlm_totp.c
+++ b/src/modules/rlm_totp/rlm_totp.c
@@ -53,7 +53,35 @@ static const call_method_env_t method_env = {
 	.env = call_env
 };
 
-#define TIME_STEP (30)
+/* Define a structure for the configuration variables */
+typedef struct rlm_totp_t {
+	char const	*name;			//!< name of this instance */
+	uint32_t	time_step;		//!< seconds
+	uint32_t	otp_length;		//!< forced to 6 or 8
+	uint32_t	lookback_steps;		//!< number of steps to look back
+	uint32_t	lookback_interval;	//!< interval in seconds between steps
+} rlm_totp_t;
+
+#ifndef TESTING
+/* Map configuration file names to internal variables */
+static const CONF_PARSER module_config[] = {
+	{ FR_CONF_OFFSET("time_step", FR_TYPE_UINT32, rlm_totp_t, time_step), .dflt = "30" },
+	{ FR_CONF_OFFSET("otp_length", FR_TYPE_UINT32, rlm_totp_t, otp_length), .dflt = "6" },
+	{ FR_CONF_OFFSET("lookback_steps", FR_TYPE_UINT32, rlm_totp_t, lookback_steps), .dflt = "1" },
+	{ FR_CONF_OFFSET("lookback_interval", FR_TYPE_UINT32, rlm_totp_t, lookback_interval), .dflt = "30" },
+	CONF_PARSER_TERMINATOR
+};
+
+#define TIME_STEP      (inst->time_step)
+#define OTP_LEN        (inst->otp_length)
+#define BACK_STEPS     (inst->lookback_steps)
+#define BACK_STEP_SECS (inst->lookback_interval)
+#else
+#define TIME_STEP	(30)
+#define OTP_LEN		(8)
+#define BACK_STEPS	(1)
+#define BACK_STEP_SECS	(30)
+#endif
 
 /*
  *	RFC 4648 base32 decoding.
@@ -168,13 +196,62 @@ static ssize_t base32_decode(uint8_t *out, size_t outlen, char const *in)
 }
 
 #ifndef TESTING
-#define LEN 6
-#define PRINT "%06u"
-#define DIV 1000000
-#else
-#define LEN 8
-#define PRINT "%08u"
-#define DIV 100000000
+# define TESTING_UNUSED
+# define LEN 6
+# define PRINT "%06u"
+# define DIV 1000000
+#else /* TESTING */
+# define LEN 8
+# define PRINT "%08u"
+# define DIV 100000000
+# undef RDEBUG3
+# define RDEBUG3(fmt, ...)	printf(fmt "\n", ## __VA_ARGS__)
+# define TESTING_UNUSED UNUSED
+#endif
+
+#ifndef TESTING
+static int mod_bootstrap(module_inst_ctx_t const *mctx)
+{
+	rlm_totp_t   *inst = talloc_get_type_abort(mctx->inst->data, rlm_totp_t);
+	CONF_SECTION *conf = mctx->inst->conf;
+
+	inst->name = cf_section_name2(conf);
+		if (!inst->name) {
+		inst->name = cf_section_name1(conf);
+	}
+
+	return 0;
+}
+
+/*
+ *	Do any per-module initialization that is separate to each
+ *	configured instance of the module.  e.g. set up connections
+ *	to external databases, read configuration files, set up
+ *	dictionary entries, etc.
+ *
+ *	If configuration information is given in the config section
+ *	that must be referenced in later calls, store a handle to it
+ *	in *instance otherwise put a null pointer there.
+ */
+static int mod_instantiate(module_inst_ctx_t const *mctx)
+{
+	rlm_totp_t *inst = talloc_get_type_abort(mctx->inst->data, rlm_totp_t);
+
+	FR_INTEGER_BOUND_CHECK("time_step", inst->time_step, >=, 5);
+	FR_INTEGER_BOUND_CHECK("time_step", inst->time_step, <=, 120);
+
+	FR_INTEGER_BOUND_CHECK("lookback_steps", inst->lookback_steps, >=, 1);
+	FR_INTEGER_BOUND_CHECK("lookback_steps", inst->lookback_steps, <=, 10);
+
+	FR_INTEGER_BOUND_CHECK("lookback_interval", inst->lookback_interval, <=, inst->time_step);
+
+	FR_INTEGER_BOUND_CHECK("otp_length", inst->otp_length, >=, 6);
+	FR_INTEGER_BOUND_CHECK("otp_length", inst->otp_length, <=, 8);
+
+	if (inst->otp_length == 7) inst->otp_length = 8;
+
+	return 0;
+}
 #endif
 
 /*
@@ -184,8 +261,10 @@ static ssize_t base32_decode(uint8_t *out, size_t outlen, char const *in)
  *	for 8-character challenges, and not for 6 character
  *	challenges!
  */
-static int totp_cmp(time_t now, uint8_t const *key, size_t keylen, char const *totp)
+static int totp_cmp(TESTING_UNUSED request_t *request, time_t now, uint8_t const *key, size_t keylen, char const *totp, TESTING_UNUSED rlm_totp_t const *inst)
 {
+	time_t then;
+	unsigned int i;
 	uint8_t offset;
 	uint32_t challenge;
 	uint64_t padded;
@@ -193,40 +272,56 @@ static int totp_cmp(time_t now, uint8_t const *key, size_t keylen, char const *t
 	uint8_t data[8];
 	uint8_t digest[SHA1_DIGEST_LENGTH];
 
-	padded = ((uint64_t) now) / TIME_STEP;
-	data[0] = padded >> 56;
-	data[1] = padded >> 48;
-	data[2] = padded >> 40;
-	data[3] = padded >> 32;
-	data[4] = padded >> 24;
-	data[5] = padded >> 16;
-	data[6] = padded >> 8;
-	data[7] = padded & 0xff;
-
 	/*
-	 *	Encrypt the network order time with the key.
+	 *	First try to authenticate against the current OTP, then step
+	 *	back in increments of BACK_STEP_SECS, up to BACK_STEPS times,
+	 *	to authenticate properly in cases of long transit delay, as
+	 *	described in RFC 6238, secion 5.2.
 	 */
-	fr_hmac_sha1(digest, data, 8, key, keylen);
 
-	/*
-	 *	Take the least significant 4 bits.
-	 */
-	offset = digest[SHA1_DIGEST_LENGTH - 1] & 0x0f;
+	for (i = 0, then = now; i <= BACK_STEPS; i++, then -= BACK_STEP_SECS) {
+		padded = ((uint64_t) now) / TIME_STEP;
+		data[0] = padded >> 56;
+		data[1] = padded >> 48;
+		data[2] = padded >> 40;
+		data[3] = padded >> 32;
+		data[4] = padded >> 24;
+		data[5] = padded >> 16;
+		data[6] = padded >> 8;
+		data[7] = padded & 0xff;
 
-	/*
-	 *	Grab the 32bits at "offset", and drop the high bit.
-	 */
-	challenge = (digest[offset] & 0x7f) << 24;
-	challenge |= digest[offset + 1] << 16;
-	challenge |= digest[offset + 2] << 8;
-	challenge |= digest[offset + 3];
+		/*
+		 *	Encrypt the network order time with the key.
+		 */
+		fr_hmac_sha1(digest, data, 8, key, keylen);
 
-	/*
-	 *	The token is the last 6 digits in the number.
-	 */
-	snprintf(buffer, sizeof(buffer), PRINT, challenge % DIV);
+		/*
+		 *	Take the least significant 4 bits.
+		 */
+		offset = digest[SHA1_DIGEST_LENGTH - 1] & 0x0f;
+
+		/*
+		 *	Grab the 32bits at "offset", and drop the high bit.
+		 */
+		challenge = (digest[offset] & 0x7f) << 24;
+		challenge |= digest[offset + 1] << 16;
+		challenge |= digest[offset + 2] << 8;
+		challenge |= digest[offset + 3];
 
-	return fr_digest_cmp((uint8_t const *) buffer, (uint8_t const *) totp, LEN);
+		/*
+		 *	The token is the last 6 digits in the number (or 8 for testing)..
+		 */
+		snprintf(buffer, sizeof(buffer), ((OTP_LEN == 6) ? "%06u" : "%08u"),
+				 challenge % ((OTP_LEN == 6) ? 1000000 : 100000000));
+
+		RDEBUG3("Now: %zu, Then: %zu", (size_t) now, (size_t) then);
+		RDEBUG3("Expected %s", buffer);
+		RDEBUG3("Received %s", totp);
+
+		if (fr_digest_cmp((uint8_t const *) buffer, (uint8_t const *) totp, LEN) == 0) return 0;
+	}
+
+	return 1;
 }
 
 #ifndef TESTING
@@ -237,6 +332,7 @@ static int totp_cmp(time_t now, uint8_t const *key, size_t keylen, char const *t
 static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request)
 {
 	rlm_totp_call_env_t	*env_data = talloc_get_type_abort(mctx->env_data, rlm_totp_call_env_t);
+	rlm_totp_t const	*instance = talloc_get_type_abort_const(mctx->inst->data, rlm_totp_t);
 	fr_value_box_t		*user_password = &env_data->user_password;
 	fr_value_box_t		*secret = &env_data->secret;
 	fr_value_box_t		*key = &env_data->key;
@@ -247,8 +343,13 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result,
 
 	if (fr_type_is_null(user_password->type)) RETURN_MODULE_NOOP;
 
-	if (user_password->vb_length != 6) {
-		RDEBUG("TOTP-Password has incorrect length.  Expected 6, got %zu", user_password->vb_length);
+	if (user_password->vb_length == 0) {
+		RDEBUG("TOTP.From-User is empty");
+		RETURN_MODULE_FAIL;
+	}
+
+	if ((user_password->vb_length != 6) && (user_password->vb_length != 8)) {
+		RDEBUG("TOTP.From-User has incorrect length. Expected 6 or 8, got %zu", user_password->vb_length);
 		RETURN_MODULE_FAIL;
 	}
 
@@ -274,12 +375,11 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result,
 		our_keylen = len;
 	}
 
-	if (totp_cmp(fr_time_to_sec(request->packet->timestamp), our_key, our_keylen, secret->vb_strvalue) != 0) RETURN_MODULE_FAIL;
+	if (totp_cmp(request, fr_time_to_sec(request->packet->timestamp), our_key, our_keylen, secret->vb_strvalue, instance) != 0) RETURN_MODULE_FAIL;
 
 	RETURN_MODULE_OK;
 }
 
-
 /*
  *	The module name should be the only globally exported symbol.
  *	That is, everything else should be 'static'.
@@ -294,7 +394,10 @@ module_rlm_t rlm_totp = {
 	.common = {
 		.magic		= MODULE_MAGIC_INIT,
 		.name		= "totp",
-		.type		= MODULE_TYPE_THREAD_SAFE
+		.type		= MODULE_TYPE_THREAD_SAFE,
+		.config		= module_config,
+		.bootstrap	= mod_bootstrap,
+		.instantiate	= mod_instantiate
 	},
 	.method_names = (module_method_name_t[]){
 		{ .name1 = "authenticate",	.name2 = CF_IDENT_ANY,		.method = mod_authenticate,	.method_env = &method_env },
@@ -335,7 +438,7 @@ int main(int argc, char **argv)
 
 		(void) sscanf(argv[2], "%llu", &now);
 
-		if (totp_cmp((time_t) now, (uint8_t const *) argv[3], strlen(argv[3]), argv[4]) == 0) {
+		if (totp_cmp(NULL, (time_t) now, (uint8_t const *) argv[3], strlen(argv[3]), argv[4], NULL) == 0) {
 			return 0;
 		}
 		printf("Fail\n");

From 5a8d4f2cb07b2c42a52091e2f44ac7e8e568ff5f Mon Sep 17 00:00:00 2001
From: Jorge Pereira <jpereira@freeradius.org>
Date: Thu, 14 Sep 2023 18:51:08 -0300
Subject: [PATCH 02/12] rlm_totp: Move 'call_env' to the usual
 'attr_dict_autoload'

---
 src/modules/rlm_totp/rlm_totp.c | 94 +++++++++++++++++++--------------
 1 file changed, 54 insertions(+), 40 deletions(-)

diff --git a/src/modules/rlm_totp/rlm_totp.c b/src/modules/rlm_totp/rlm_totp.c
index 9e876bbb5f05..fe206311ba86 100644
--- a/src/modules/rlm_totp/rlm_totp.c
+++ b/src/modules/rlm_totp/rlm_totp.c
@@ -34,23 +34,33 @@ typedef struct {
 	fr_value_box_t		user_password;
 } rlm_totp_call_env_t;
 
-static const call_env_t call_env[] = {
-	{ FR_CALL_ENV_OFFSET("secret", FR_TYPE_STRING, rlm_totp_call_env_t, secret,
-			     "&control.TOTP.Secret", T_BARE_WORD, false, false, false) },
-
-	{ FR_CALL_ENV_OFFSET("key", FR_TYPE_STRING, rlm_totp_call_env_t, key,
-			     "&control.TOTP.key", T_BARE_WORD, false, false, false) },
+/* Define a structure for the configuration variables */
+typedef struct rlm_totp_t {
+	char const	*name;	//!< name of this instance
+	fr_totp_t   totp;	//!< Parameter sets for fr_totp_cmp()
+} rlm_totp_t;
 
-	{ FR_CALL_ENV_OFFSET("user_password", FR_TYPE_STRING, rlm_totp_call_env_t, user_password,
-			     "&request.TOTP.From-User", T_BARE_WORD, false, false, false) },
+static fr_dict_t const *dict_freeradius;
 
-	CALL_ENV_TERMINATOR
+extern fr_dict_autoload_t rlm_totp_dict[];
+fr_dict_autoload_t rlm_totp_dict[] = {
+	{ .out = &dict_freeradius, .proto = "freeradius" },
+	{ NULL }
 };
 
-static const call_method_env_t method_env = {
-	.inst_size = sizeof(rlm_totp_call_env_t),
-	.inst_type = "rlm_totp_call_env_t",
-	.env = call_env
+static fr_dict_attr_t const *attr_totp;
+static fr_dict_attr_t const *attr_totp_secret;
+static fr_dict_attr_t const *attr_totp_key;
+static fr_dict_attr_t const *attr_totp_from_user;
+
+extern fr_dict_attr_autoload_t rlm_totp_dict_attr[];
+fr_dict_attr_autoload_t rlm_totp_dict_attr[] = {
+	{ .out = &attr_totp, .name = "TOTP", .type = FR_TYPE_TLV, .dict = &dict_freeradius },
+	{ .out = &attr_totp_secret, .name = "TOTP.Secret", .type = FR_TYPE_STRING, .dict = &dict_freeradius },
+	{ .out = &attr_totp_key, .name = "TOTP.Key", .type = FR_TYPE_OCTETS, .dict = &dict_freeradius },
+	{ .out = &attr_totp_from_user, .name = "TOTP.From-User", .type = FR_TYPE_STRING, .dict = &dict_freeradius },
+
+	{ NULL }
 };
 
 /* Define a structure for the configuration variables */
@@ -331,43 +341,46 @@ static int totp_cmp(TESTING_UNUSED request_t *request, time_t now, uint8_t const
  */
 static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request)
 {
-	rlm_totp_call_env_t	*env_data = talloc_get_type_abort(mctx->env_data, rlm_totp_call_env_t);
-	rlm_totp_t const	*instance = talloc_get_type_abort_const(mctx->inst->data, rlm_totp_t);
-	fr_value_box_t		*user_password = &env_data->user_password;
-	fr_value_box_t		*secret = &env_data->secret;
-	fr_value_box_t		*key = &env_data->key;
-
-	uint8_t const		*our_key;
-	size_t			our_keylen;
-	uint8_t			buffer[80];	/* multiple of 5*8 characters */
-
-	if (fr_type_is_null(user_password->type)) RETURN_MODULE_NOOP;
-
-	if (user_password->vb_length == 0) {
-		RDEBUG("TOTP.From-User is empty");
-		RETURN_MODULE_FAIL;
+	rlm_totp_t const *inst = talloc_get_type_abort_const(mctx->inst->data, rlm_totp_t);
+	fr_pair_t        *secret, *from_user, *key;
+	uint8_t const    *our_key;
+	size_t            our_keylen;
+	uint8_t           buffer[80];	/* multiple of 5*8 characters */
+	fr_dbuff_t        out;
+
+	fr_dbuff_init(&out, (uint8_t *)buffer, sizeof(buffer));
+
+	from_user = fr_pair_find_by_da(&request->request_pairs, NULL, attr_totp_from_user);
+	if (!from_user) {
+		REDEBUG("&request.TOTP.From-User is needed");
+		RETURN_MODULE_INVALID;
 	}
 
-	if ((user_password->vb_length != 6) && (user_password->vb_length != 8)) {
-		RDEBUG("TOTP.From-User has incorrect length. Expected 6 or 8, got %zu", user_password->vb_length);
+	if ((from_user->vp_length != 6) && (from_user->vp_length != 8)) {
+		RDEBUG("&request.TOTP.From-User has incorrect length. Expected 6 or 8, got %zu", from_user->vp_length);
 		RETURN_MODULE_FAIL;
 	}
 
 	/*
-	 *	Look for the raw key first.
+	 *	Look for the raw key first in &request.TOTP.Key
 	 */
-	if (!fr_type_is_null(key->type)) {
-		our_key = key->vb_octets;
-		our_keylen = key->vb_length;
-
+	key = fr_pair_find_by_da(&request->control_pairs, NULL, attr_totp_key);
+	if (key) {
+		our_key = key->vp_octets;
+		our_keylen = key->vp_length;
 	} else {
 		ssize_t len;
 
-		if (!fr_type_is_null(secret->type)) RETURN_MODULE_NOOP;
+		/* then let's see &control.TOTP.Secret */
+		secret = fr_pair_find_by_da(&request->control_pairs, NULL, attr_totp_secret);
+		if (!secret) {
+			REDEBUG("&control.TOTP.Secret is needed");
+			RETURN_MODULE_INVALID;
+		}
 
-		len = base32_decode(buffer, sizeof(buffer), secret->vb_strvalue);
+		len = fr_base32_decode(&out, &FR_SBUFF_IN(secret->vp_strvalue, secret->vp_length), true, true);
 		if (len < 0) {
-			RDEBUG("TOTP-Secret cannot be decoded");
+			RDEBUG("&control.TOTP.Secret cannot be decoded");
 			RETURN_MODULE_FAIL;
 		}
 
@@ -375,7 +388,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result,
 		our_keylen = len;
 	}
 
-	if (totp_cmp(request, fr_time_to_sec(request->packet->timestamp), our_key, our_keylen, secret->vb_strvalue, instance) != 0) RETURN_MODULE_FAIL;
+	if (fr_totp_cmp(&inst->totp, fr_time_to_sec(request->packet->timestamp), our_key, our_keylen, from_user->vp_strvalue) != 0) RETURN_MODULE_FAIL;
 
 	RETURN_MODULE_OK;
 }
@@ -400,7 +413,8 @@ module_rlm_t rlm_totp = {
 		.instantiate	= mod_instantiate
 	},
 	.method_names = (module_method_name_t[]){
-		{ .name1 = "authenticate",	.name2 = CF_IDENT_ANY,		.method = mod_authenticate,	.method_env = &method_env },
+		{ .name1 = "authenticate",	.name2 = CF_IDENT_ANY,	.method = mod_authenticate },
+		{ .name1 = CF_IDENT_ANY,	.name2 = CF_IDENT_ANY,	.method = mod_authenticate },
 		MODULE_NAME_TERMINATOR
 	}
 };

From f5c2f5b4fefc04450728cbc689e6fdb135f687ba Mon Sep 17 00:00:00 2001
From: Jorge Pereira <jpereira@freeradius.org>
Date: Thu, 14 Sep 2023 22:50:45 -0300
Subject: [PATCH 03/12] totp: improve the test sample

---
 .../rlm_totp => tests/totp/bin}/.gitignore    |   0
 .../rlm_totp => tests/totp/bin}/Makefile      |  13 +-
 .../rlm_totp => tests/totp/bin}/sha1.txt      |   0
 src/tests/totp/bin/totp.c                     | 124 ++++++++++++++++++
 4 files changed, 132 insertions(+), 5 deletions(-)
 rename src/{modules/rlm_totp => tests/totp/bin}/.gitignore (100%)
 rename src/{modules/rlm_totp => tests/totp/bin}/Makefile (59%)
 rename src/{modules/rlm_totp => tests/totp/bin}/sha1.txt (100%)
 create mode 100644 src/tests/totp/bin/totp.c

diff --git a/src/modules/rlm_totp/.gitignore b/src/tests/totp/bin/.gitignore
similarity index 100%
rename from src/modules/rlm_totp/.gitignore
rename to src/tests/totp/bin/.gitignore
diff --git a/src/modules/rlm_totp/Makefile b/src/tests/totp/bin/Makefile
similarity index 59%
rename from src/modules/rlm_totp/Makefile
rename to src/tests/totp/bin/Makefile
index fbe24303db7b..7f489a4c4b52 100644
--- a/src/modules/rlm_totp/Makefile
+++ b/src/tests/totp/bin/Makefile
@@ -3,26 +3,29 @@
 #
 all: totp
 
-include ../../../Make.inc
+include ../../../../Make.inc
 
 #
 #  Hack up stuff so we can build in a subdirectory.
 #
 .PHONY: src
 src:
-	@ln -sf ../../../src
+	@ln -sf ../../../../src
 
 .PHONY: freeradius-devel
 freeradius-devel:
-	@ln -sf ../../../src/include freeradius-devel
+	@ln -sf ../../../../src/include freeradius-devel
 
 #
 #  ./totp decode <base32>
 #
 #  ./totp totp <time> <sha1key> <8-character-challenge>
 #
-totp: rlm_totp.c | src freeradius-devel
-	@$(CC) -DTESTING $(CFLAGS) $(OPENSSL_CPPFLAGS) -o $@ $(LDFLAGS) $(LIBS) ../../../build/lib/.libs/libfreeradius-util.a rlm_totp.c
+totp: totp.c | src freeradius-devel
+	$(Q)$(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(LDFLAGS) $(LIBS) \
+			../../../../build/lib/.libs/libfreeradius-util.a \
+			../../../../build/lib/.libs/libfreeradius-totp.a \
+			totp.c
 
 #
 #  Test vectors from RFC 6238, Appendix B
diff --git a/src/modules/rlm_totp/sha1.txt b/src/tests/totp/bin/sha1.txt
similarity index 100%
rename from src/modules/rlm_totp/sha1.txt
rename to src/tests/totp/bin/sha1.txt
diff --git a/src/tests/totp/bin/totp.c b/src/tests/totp/bin/totp.c
new file mode 100644
index 000000000000..d57969a0e6dd
--- /dev/null
+++ b/src/tests/totp/bin/totp.c
@@ -0,0 +1,124 @@
+/*
+ *   This program is is free software; you can redistribute it and/or modify
+ *   it under the terms of the GNU General Public License as published by
+ *   the Free Software Foundation; either version 2 of the License, or (at
+ *   your option) any later version.
+ *
+ *   This program is distributed in the hope that it will be useful,
+ *   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *   GNU General Public License for more details.
+ *
+ *   You should have received a copy of the GNU General Public License
+ *   along with this program; if not, write to the Free Software
+ *   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/**
+ * $Id$
+ * @file totp.c
+ * @brief Sample test for libfreeradius-totp interface.
+ *
+ * @copyright 2023  Network RADIUS SAS (legal@networkradius.com)
+ */
+RCSID("$Id$")
+
+#include <freeradius-devel/totp/base.h>
+#include <freeradius-devel/util/base32.h>
+#include <freeradius-devel/util/sbuff.h>
+
+#define TIME_STEP	(30)
+#define OTP_LEN		(8)
+#define BACK_STEPS	(1)
+#define BACK_STEP_SECS	(30)
+
+typedef struct fr_test_cmd_s {
+	char const *cmd;
+	int (*func)(int argc, char *argv[]);
+} fr_test_cmd_t;
+
+/*
+ *  decode <base32>
+ */
+static int fr_test_cmd_decode(int argc, char *argv[]) {
+	size_t len;
+	uint8_t *key;
+	uint8_t	buffer[80];	/* multiple of 5*8 characters */
+	fr_dbuff_t out;
+
+	if (argc < 3) {
+		printf("Usage: %s decode <base32>", argv[0]);
+		return 0;
+	}
+
+	fr_dbuff_init(&out, (uint8_t *)buffer, sizeof(buffer));
+
+	len = fr_base32_decode(&out, &FR_SBUFF_IN(argv[2], strlen(argv[2])), true, true);
+	key = fr_dbuff_start(&out);
+
+	DEBUG("Decoded len=%ld out=\"%s\"", len, key);
+
+	return 0;
+}
+
+/*
+ *	TOTP <time> <key> <8-character-expected-token>
+ */
+static int fr_test_cmd_totp(int argc, char *argv[]) {
+	uint64_t now;
+	fr_totp_t cfg = {
+		.time_step         = TIME_STEP,		//!< seconds
+		.otp_length        = OTP_LEN,		//!< forced to 6 or 8
+		.lookback_steps    = BACK_STEPS,	//!< number of steps to look back
+		.lookback_interval = BACK_STEP_SECS	//!< interval in seconds between steps
+	};
+
+	if (argc < 5) {
+		printf("Usage: %s totp <time> <sha1key> <8-character-challenge>\n", argv[0]);
+		return 0;
+	}
+
+	DEBUG("TOTP INPUT now=%s secret-sha1key=%s character-challenge=%s\n", argv[2], argv[3], argv[4]);
+
+	sscanf(argv[2], "%llu", &now);
+
+	if (fr_totp_cmp(&cfg, (time_t) now, (uint8_t const *) argv[3], strlen(argv[3]), argv[4]) == 0) {
+		DEBUG("OK");
+		return 0;
+	}
+
+	DEBUG("FAIL");
+
+	return 1;
+}
+
+static fr_test_cmd_t test_cmds[] = {
+	{ "decode", fr_test_cmd_decode },
+	{ "totp", fr_test_cmd_totp },
+	{ NULL, NULL }
+};
+
+int main(int argc, char **argv)
+{
+	fr_test_cmd_t *p;
+	fr_debug_lvl = 5;
+
+	if (argc < 2) {
+		printf("Usage: %s <command> <args> <args...>\n", argv[0]);
+		printf("\n");
+		printf("  %s decode <base32>\n", argv[0]);
+		printf("  %s totp <time> <secret-sha1key> <8-character-challenge>\n", argv[0]);
+		printf("\n");
+		return 0;
+	}
+
+	for (p = test_cmds; p->func; p++) {
+		if (!strcmp(argv[1], p->cmd)) {
+			return p->func(argc, argv);
+		}
+	}
+
+	ERROR("Unknown command %s", argv[1]);
+
+	return 1;
+}

From fad9a64f9e80c855d09d0780631a485a5186f96a Mon Sep 17 00:00:00 2001
From: Jorge Pereira <jpereira@freeradius.org>
Date: Wed, 13 Sep 2023 21:58:24 -0300
Subject: [PATCH 04/12] totp: Move attributes to the top

* And use separated file dictionary/freeradius/dictionary.freeradius.internal.totp
---
 share/dictionary/freeradius/dictionary        |  3 +++
 .../dictionary.freeradius.internal.password   |  9 --------
 .../dictionary.freeradius.internal.totp       | 21 +++++++++++++++++++
 3 files changed, 24 insertions(+), 9 deletions(-)
 create mode 100644 share/dictionary/freeradius/dictionary.freeradius.internal.totp

diff --git a/share/dictionary/freeradius/dictionary b/share/dictionary/freeradius/dictionary
index f842dd358857..49233c3be92d 100644
--- a/share/dictionary/freeradius/dictionary
+++ b/share/dictionary/freeradius/dictionary
@@ -22,6 +22,9 @@ $INCLUDE dictionary.freeradius.internal.ippool
 # 5200-5299 SIM management attributes
 $INCLUDE dictionary.freeradius.internal.sim
 
+# 5300-5399 TOTP related attributes
+$INCLUDE dictionary.freeradius.internal.totp
+
 #
 #  Include module-specific dictionaries.
 #
diff --git a/share/dictionary/freeradius/dictionary.freeradius.internal.password b/share/dictionary/freeradius/dictionary.freeradius.internal.password
index 92c907a585bf..be20463ded35 100644
--- a/share/dictionary/freeradius/dictionary.freeradius.internal.password
+++ b/share/dictionary/freeradius/dictionary.freeradius.internal.password
@@ -64,13 +64,4 @@ ATTRIBUTE	SSHA3-256				28	octets
 ATTRIBUTE	SSHA3-384				29	octets
 ATTRIBUTE	SSHA3-512				30	octets
 
-#  TOTP passwords and secrets
-ATTRIBUTE	TOTP					31	tlv
-
-BEGIN-TLV	TOTP
-ATTRIBUTE	Secret					1	string	secret
-ATTRIBUTE	Key					2	octets	secret
-ATTRIBUTE	From-User				3	string
-END-TLV		TOTP
-
 END-TLV		Password
diff --git a/share/dictionary/freeradius/dictionary.freeradius.internal.totp b/share/dictionary/freeradius/dictionary.freeradius.internal.totp
new file mode 100644
index 000000000000..2ecfd6a0696a
--- /dev/null
+++ b/share/dictionary/freeradius/dictionary.freeradius.internal.totp
@@ -0,0 +1,21 @@
+# -*- text -*-
+# Copyright (C) 2023 The FreeRADIUS Server project and contributors
+# This work is licensed under CC-BY version 4.0 https://creativecommons.org/licenses/by/4.0
+# Version $Id$
+#
+#	Non Protocol Attributes used by FreeRADIUS
+#
+#	$Id$
+#
+
+#
+#  TOTP token and secrets
+#
+
+ATTRIBUTE	TOTP					5300	tlv
+
+BEGIN-TLV	TOTP
+ATTRIBUTE	Secret					1	string	secret
+ATTRIBUTE	Key					2	octets	secret
+ATTRIBUTE	From-User				3	string
+END-TLV		TOTP

From ba147e99aee62424e7e89439a6e29d0a43a81f56 Mon Sep 17 00:00:00 2001
From: Jorge Pereira <jpereira@freeradius.org>
Date: Wed, 13 Sep 2023 22:03:18 -0300
Subject: [PATCH 05/12] totp: Update raddb/mods-available/totp

* Update mods-available/totp to new asciidoc markup
* Fix the attributes
---
 raddb/mods-available/totp | 40 ++++++++++++++++++++++-----------------
 1 file changed, 23 insertions(+), 17 deletions(-)

diff --git a/raddb/mods-available/totp b/raddb/mods-available/totp
index 43d2f57afa42..87acd56aebe9 100644
--- a/raddb/mods-available/totp
+++ b/raddb/mods-available/totp
@@ -2,35 +2,38 @@
 #
 #  $Id$
 
+########################################################################
 #
-#  Time-based One-Time Passwords (TOTP)
+#  = Time-based One-Time Passwords (TOTP)
 #
-#  Defined in RFC 6238, and used in Google Authenticator.
+#  Defined in `rfc6238`, and used in Google Authenticator.
 #
 #  This module can only be used in the "authenticate" section.
 #
 #  The Base32-encoded secret should be placed into:
 #
-#	&control:TOTP-Secret
+#	`&control.TOTP.Secret`
 #
 #  Any "bare" key should be placed into:
 #
-#	&control:TOTP-Key
+#	`&control.TOTP.Key`
 #
-#  If TOTP-Key exists, then it will be used instead of TOTP-Secret.
+#  If `TOTP.Key` exists, then it will be used instead of `TOTP.Secret`.
 #
 #  The TOTP password entered by the user should be placed into:
 #
-#	&request:TOTP-Password
+#	`&request.TOTP.From-User`
 #
-#  The module will return "ok" if the passwords match, and "fail"
+#  The module will return `ok` if the passwords match, and `fail`
 #  if the passwords do not match.
 #
-#  Note that this module will NOT interact with Google.  The module is
+#  NOTE: The crypto algorithms are HmacSHA1, HmacSHA256 and HmacSHA512.
+#
+#  NOTE: This module will *NOT* interact with Google. The module is
 #  intended to be used where the local administrator knows the TOTP
 #  secret key, and user has an authenticator app on their phone.
 #
-#  Note also that while you can use the Google "chart" APIs to
+#  NOTE: Also that while you can use the Google "chart" APIs to
 #  generate a QR code, doing this will give the secret to Google!
 #
 #  Administrators should instead install a tool such as "qrcode"
@@ -38,32 +41,35 @@
 #	https://linux.die.net/man/1/qrencode
 #
 #  and then run that locally to get an image.
-#  
 #
-#  The module takes no configuration items.
+
+#
+#  ## Configuration Settings
+#
+#  totp { ... }::
 #
 totp {
 	#
-	#  Default time step between time changes
+	#  time_step:: Default time step between time changes.
 	#
 	time_step = 30
 
 	#
-	#  Length of the one-time password.
+	#  otp_length:: Length of the one-time password.
 	#
 	#  Must be 6 or 8
 	#
-	otp_length = 8
+	otp_length = 6
 
 	#
-	#  How many steps backward in time we look for a matching OTP
+	#  lookback_steps:: How many steps backward in time we look for a matching OTP.
 	#
 	lookback_steps = 1
 
 	#
-	#  Time delta between steps.
+	#  lookback_interval:: Time delta between steps.
 	#
-	#  Cannot be larger than time_step
+	#  Cannot be larger than `time_step`
 	#
 	lookback_interval = 30
 }

From f56e0c559f2de6a6e40071da1e77d9acb514b512 Mon Sep 17 00:00:00 2001
From: Jorge Pereira <jpereira@freeradius.org>
Date: Wed, 13 Sep 2023 22:06:56 -0300
Subject: [PATCH 06/12] totp: Add Antora reference

---
 doc/antora/modules/raddb/nav.adoc             |  1 +
 .../raddb/pages/mods-available/totp.adoc      | 50 ++++++++++++++++---
 raddb/mods-available/totp                     |  2 +-
 3 files changed, 44 insertions(+), 9 deletions(-)

diff --git a/doc/antora/modules/raddb/nav.adoc b/doc/antora/modules/raddb/nav.adoc
index 1e7cea641670..91c9b5b09547 100644
--- a/doc/antora/modules/raddb/nav.adoc
+++ b/doc/antora/modules/raddb/nav.adoc
@@ -67,6 +67,7 @@
 *** xref:mods-available/sqlippool.adoc[SQL-IP-Pool Module]
 *** xref:mods-available/sradutmp.adoc[sRadutmp Module]
 *** xref:mods-available/stats.adoc[Stats Module]
+*** xref:mods-available/totp.adoc[TOTP Module]
 *** xref:mods-available/unbound.adoc[Unbound Module]
 *** xref:mods-available/unix.adoc[Unix Module]
 *** xref:mods-available/unpack.adoc[Unpack Module]
diff --git a/doc/antora/modules/raddb/pages/mods-available/totp.adoc b/doc/antora/modules/raddb/pages/mods-available/totp.adoc
index cbb91248810a..075733bdfbcf 100644
--- a/doc/antora/modules/raddb/pages/mods-available/totp.adoc
+++ b/doc/antora/modules/raddb/pages/mods-available/totp.adoc
@@ -1,26 +1,33 @@
 
 
 
-Time-based One-Time Passwords (TOTP)
+= Time-based One-Time Passwords (TOTP)
 
-Defined in https://tools.ietf.org/html/rfc6238[RFC 6238], and used in Google Authenticator.
+Defined in `rfc6238`, and used in Google Authenticator.
 
 This module can only be used in the "authenticate" section.
 
 The Base32-encoded secret should be placed into:
 
 
+Any "bare" key should be placed into:
+
+
+If `TOTP.Key` exists, then it will be used instead of `TOTP.Secret`.
+
 The TOTP password entered by the user should be placed into:
 
 
-The module will return "ok" if the passwords match, and "fail"
+The module will return `ok` if the passwords match, and `fail`
 if the passwords do not match.
 
-Note that this module will NOT interact with Google.  The module is
+NOTE: The crypto algorithms are HmacSHA1, HmacSHA256 and HmacSHA512.
+
+NOTE: This module will *NOT* interact with Google. The module is
 intended to be used where the local administrator knows the TOTP
 secret key, and user has an authenticator app on their phone.
 
-Note also that while you can use the Google "chart" APIs to
+NOTE: Also that while you can use the Google "chart" APIs to
 generate a QR code, doing this will give the secret to Google!
 
 Administrators should instead install a tool such as "qrcode"
@@ -29,15 +36,42 @@ Administrators should instead install a tool such as "qrcode"
 and then run that locally to get an image.
 
 
-The module takes no configuration items.
+
+## Configuration Settings
+
+totp { ... }::
+
+
+time_step:: Default time step between time changes.
+
+
+
+otp_length:: Length of the one-time password.
+
+Must be 6 or 8
+
+
+
+lookback_steps:: How many steps backward in time we look for a matching OTP.
+
+
+
+lookback_interval:: Time delta between steps.
+
+Cannot be larger than `time_step`
 
 
 == Default Configuration
 
 ```
-#	&control.TOTP.Secret
-#	&request.TOTP.From-User
+#	`&control.TOTP.Secret`
+#	`&control.TOTP.Key`
+#	`&request.TOTP.From-User`
 #	https://linux.die.net/man/1/qrencode
 totp {
+	time_step = 30
+	otp_length = 6
+	lookback_steps = 1
+	lookback_interval = 30
 }
 ```
diff --git a/raddb/mods-available/totp b/raddb/mods-available/totp
index 87acd56aebe9..22eabe8dc370 100644
--- a/raddb/mods-available/totp
+++ b/raddb/mods-available/totp
@@ -1,4 +1,4 @@
-# -*- text -*-
+#  -*- text -*-
 #
 #  $Id$
 

From d4de79f32770871939cffcf8aeddc6526f514aa5 Mon Sep 17 00:00:00 2001
From: Jorge Pereira <jpereira@freeradius.org>
Date: Wed, 13 Sep 2023 22:09:02 -0300
Subject: [PATCH 07/12] totp: Move all functionality to libfreeradius-totp.a

---
 src/lib/totp/all.mk |   6 ++
 src/lib/totp/base.h |  44 +++++++++++++++
 src/lib/totp/totp.c | 135 ++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 185 insertions(+)
 create mode 100644 src/lib/totp/all.mk
 create mode 100644 src/lib/totp/base.h
 create mode 100644 src/lib/totp/totp.c

diff --git a/src/lib/totp/all.mk b/src/lib/totp/all.mk
new file mode 100644
index 000000000000..fdfe4a04d673
--- /dev/null
+++ b/src/lib/totp/all.mk
@@ -0,0 +1,6 @@
+TARGETNAME  := libfreeradius-totp
+TARGET      := $(TARGETNAME)$(L)
+
+SOURCES	    := totp.c
+
+src/freeradius-devel: | src/lib/totp/base.h
diff --git a/src/lib/totp/base.h b/src/lib/totp/base.h
new file mode 100644
index 000000000000..7343bdb86677
--- /dev/null
+++ b/src/lib/totp/base.h
@@ -0,0 +1,44 @@
+#pragma once
+/*
+ *   This program is free software; you can redistribute it and/or modify
+ *   it under the terms of the GNU General Public License as published by
+ *   the Free Software Foundation; either version 2 of the License, or (at
+ *   your option) any later version.
+ *
+ *   This program is distributed in the hope that it will be useful,
+ *   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *   GNU General Public License for more details.
+ *
+ *   You should have received a copy of the GNU General Public License
+ *   along with this program; if not, write to the Free Software
+ *   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/**
+ * $Id$
+ * @file lib/totp/base.h
+ * @brief Common functions for TOTP library
+ *
+ * @copyright 2023 The FreeRADIUS server project
+ */
+RCSIDH(totp_h, "$Id$")
+
+#include <freeradius-devel/server/request.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct {
+	uint32_t time_step;		//!< seconds
+	uint32_t otp_length;		//!< forced to 6 or 8
+	uint32_t lookback_steps;	//!< number of steps to look back
+	uint32_t lookback_interval;	//!< interval in seconds between steps
+} fr_totp_t;
+
+int fr_totp_cmp(fr_totp_t const *cfg, time_t now, uint8_t const *key, size_t keylen, char const *totp);
+
+#ifdef __cplusplus
+}
+#endif
diff --git a/src/lib/totp/totp.c b/src/lib/totp/totp.c
new file mode 100644
index 000000000000..375cc816bbc1
--- /dev/null
+++ b/src/lib/totp/totp.c
@@ -0,0 +1,135 @@
+/*
+ *   This program is is free software; you can redistribute it and/or modify
+ *   it under the terms of the GNU General Public License as published by
+ *   the Free Software Foundation; either version 2 of the License, or (at
+ *   your option) any later version.
+ *
+ *   This program is distributed in the hope that it will be useful,
+ *   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *   GNU General Public License for more details.
+ *
+ *   You should have received a copy of the GNU General Public License
+ *   along with this program; if not, write to the Free Software
+ *   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+/**
+ * $Id$
+ * @file totp.c
+ * @brief Common function for TOTP validation.
+ *
+ * @copyright 2023 The FreeRADIUS server project
+ */
+#include <freeradius-devel/totp/base.h>
+#include <freeradius-devel/util/sha1.h>
+#include <freeradius-devel/util/debug.h>
+
+/** Implement RFC 6238 TOTP algorithm (HMAC-SHA1).
+ *
+ *	Appendix B has test vectors.  Note that the test vectors are
+ *	for 8-character challenges, and not for 6 character
+ *	challenges!
+ *
+ * @param[in] cfg      Instance of fr_totp_t
+ * @param[in] key      Key to decrypt.
+ * @param[in] keylen   Length of key field.
+ * @param[in] totp     TOTP password entered by the user.
+ * @return
+ *	-  0  On Success
+ *	- -1  On Failure
+ */
+int fr_totp_cmp(fr_totp_t const *cfg, time_t now, uint8_t const *key, size_t keylen, char const *totp)
+{
+	time_t then;
+	unsigned int i;
+	uint8_t offset;
+	uint32_t challenge;
+	uint64_t padded;
+	uint8_t data[8];
+	uint8_t digest[SHA1_DIGEST_LENGTH];
+	char buffer[9];
+	char buf_now[32], buf_then[32];
+
+	fr_assert(cfg != NULL);
+	fr_assert(cfg->otp_length == 6 || cfg->otp_length == 8);
+	fr_assert(key != NULL);
+	fr_assert(totp != NULL);
+
+	if (!cfg) {
+		fr_strerror_const("Invalid 'cfg' parameter value.");
+		return -1;
+	}
+
+	if (cfg->otp_length != 6 && cfg->otp_length != 8) {
+		fr_strerror_const("The 'cfg->opt_length' has incorrect length. Expected 6 or 8.");
+		return -1;
+	}
+
+	if (keylen < 1) {
+		fr_strerror_const("Invalid 'keylen' parameter value.");
+		return -1;
+	}
+
+	if (!totp || strlen(totp) < 1) {
+		fr_strerror_const("Invalid 'totp' parameter value.");
+		return -1;
+	}
+
+	/*
+	 *	First try to authenticate against the current OTP, then step
+	 *	back in increments of BACK_STEP_SECS, up to BACK_STEPS times,
+	 *	to authenticate properly in cases of long transit delay, as
+	 *	described in RFC 6238, secion 5.2.
+	 */
+
+	for (i = 0, then = now; i <= cfg->lookback_steps; i++, then -= cfg->lookback_steps) {
+		fr_sbuff_t snow = FR_SBUFF_IN(buf_now, sizeof(buf_now));
+		fr_sbuff_t sthen = FR_SBUFF_IN(buf_then, sizeof(buf_then));
+
+		padded = ((uint64_t) now) / cfg->time_step;
+		data[0] = padded >> 56;
+		data[1] = padded >> 48;
+		data[2] = padded >> 40;
+		data[3] = padded >> 32;
+		data[4] = padded >> 24;
+		data[5] = padded >> 16;
+		data[6] = padded >> 8;
+		data[7] = padded & 0xff;
+
+		/*
+		 *	Encrypt the network order time with the key.
+		 */
+		fr_hmac_sha1(digest, data, 8, key, keylen);
+
+		/*
+		 *	Take the least significant 4 bits.
+		 */
+		offset = digest[SHA1_DIGEST_LENGTH - 1] & 0x0f;
+
+		/*
+		 *	Grab the 32bits at "offset", and drop the high bit.
+		 */
+		challenge = (digest[offset] & 0x7f) << 24;
+		challenge |= digest[offset + 1] << 16;
+		challenge |= digest[offset + 2] << 8;
+		challenge |= digest[offset + 3];
+
+		/*
+		 *	The token is the last 6 digits in the number (or 8 for testing)..
+		 */
+		snprintf(buffer, sizeof(buffer), ((cfg->otp_length == 6) ? "%06u" : "%08u"),
+				 challenge % ((cfg->otp_length == 6) ? 1000000 : 100000000));
+
+		fr_time_strftime_local(&snow, fr_time_wrap(now), "%a %b %d %H:%M:%S %Y");
+		fr_time_strftime_local(&sthen, fr_time_wrap(then), "%a %b %d %H:%M:%S %Y");
+
+		DEBUG3("Now: %zu (%s), Then: %zu (%s)", (size_t) now, fr_sbuff_start(&snow), (size_t) then, fr_sbuff_start(&sthen));
+		DEBUG3("Expected %s", buffer);
+		DEBUG3("Received %s", totp);
+
+		if (fr_digest_cmp((uint8_t const *) buffer, (uint8_t const *) totp, cfg->otp_length) == 0) return 0;
+	}
+
+	return -1;
+}
\ No newline at end of file

From 8fcd08fbd2b0e64ce2e37e68b923a340bdbf67d6 Mon Sep 17 00:00:00 2001
From: Jorge Pereira <jpereira@freeradius.org>
Date: Wed, 13 Sep 2023 22:10:17 -0300
Subject: [PATCH 08/12] totp: Update rlm_totp to use libfreeradius-totp

---
 src/modules/rlm_totp/all.mk     |  10 +-
 src/modules/rlm_totp/rlm_totp.c | 313 +++-----------------------------
 src/tests/totp/bin/Makefile     |  23 ++-
 3 files changed, 48 insertions(+), 298 deletions(-)

diff --git a/src/modules/rlm_totp/all.mk b/src/modules/rlm_totp/all.mk
index 660d816c7d03..225a0f4c304a 100644
--- a/src/modules/rlm_totp/all.mk
+++ b/src/modules/rlm_totp/all.mk
@@ -1,6 +1,8 @@
-TARGETNAME	:= rlm_totp
+TARGETNAME  := rlm_totp
 
-TARGET		:= $(TARGETNAME)$(L)
-SOURCES		:= $(TARGETNAME).c
+TARGET      := $(TARGETNAME)$(L)
+SOURCES     := $(TARGETNAME).c
 
-LOG_ID_LIB	= 53
+TGT_PREREQS	:= libfreeradius-util$(L) libfreeradius-totp$(L)
+
+LOG_ID_LIB  = 53
diff --git a/src/modules/rlm_totp/rlm_totp.c b/src/modules/rlm_totp/rlm_totp.c
index fe206311ba86..34aae7f1d5ba 100644
--- a/src/modules/rlm_totp/rlm_totp.c
+++ b/src/modules/rlm_totp/rlm_totp.c
@@ -24,14 +24,18 @@
  */
 RCSID("$Id$")
 
+#include <freeradius-devel/totp/base.h>
+
+#include <freeradius-devel/util/base32.h>
+
 #include <freeradius-devel/server/base.h>
 #include <freeradius-devel/server/module_rlm.h>
 #include <freeradius-devel/unlang/interpret.h>
 
 typedef struct {
-	fr_value_box_t		secret;
-	fr_value_box_t		key;
-	fr_value_box_t		user_password;
+	fr_value_box_t secret;
+	fr_value_box_t key;
+	fr_value_box_t user_password;
 } rlm_totp_call_env_t;
 
 /* Define a structure for the configuration variables */
@@ -63,172 +67,22 @@ fr_dict_attr_autoload_t rlm_totp_dict_attr[] = {
 	{ NULL }
 };
 
-/* Define a structure for the configuration variables */
-typedef struct rlm_totp_t {
-	char const	*name;			//!< name of this instance */
-	uint32_t	time_step;		//!< seconds
-	uint32_t	otp_length;		//!< forced to 6 or 8
-	uint32_t	lookback_steps;		//!< number of steps to look back
-	uint32_t	lookback_interval;	//!< interval in seconds between steps
-} rlm_totp_t;
-
-#ifndef TESTING
 /* Map configuration file names to internal variables */
 static const CONF_PARSER module_config[] = {
-	{ FR_CONF_OFFSET("time_step", FR_TYPE_UINT32, rlm_totp_t, time_step), .dflt = "30" },
-	{ FR_CONF_OFFSET("otp_length", FR_TYPE_UINT32, rlm_totp_t, otp_length), .dflt = "6" },
-	{ FR_CONF_OFFSET("lookback_steps", FR_TYPE_UINT32, rlm_totp_t, lookback_steps), .dflt = "1" },
-	{ FR_CONF_OFFSET("lookback_interval", FR_TYPE_UINT32, rlm_totp_t, lookback_interval), .dflt = "30" },
+	{ FR_CONF_OFFSET("time_step", FR_TYPE_UINT32, rlm_totp_t, totp.time_step), .dflt = "30" },
+	{ FR_CONF_OFFSET("otp_length", FR_TYPE_UINT32, rlm_totp_t, totp.otp_length), .dflt = "6" },
+	{ FR_CONF_OFFSET("lookback_steps", FR_TYPE_UINT32, rlm_totp_t, totp.lookback_steps), .dflt = "1" },
+	{ FR_CONF_OFFSET("lookback_interval", FR_TYPE_UINT32, rlm_totp_t, totp.lookback_interval), .dflt = "30" },
 	CONF_PARSER_TERMINATOR
 };
 
-#define TIME_STEP      (inst->time_step)
-#define OTP_LEN        (inst->otp_length)
-#define BACK_STEPS     (inst->lookback_steps)
-#define BACK_STEP_SECS (inst->lookback_interval)
-#else
-#define TIME_STEP	(30)
-#define OTP_LEN		(8)
-#define BACK_STEPS	(1)
-#define BACK_STEP_SECS	(30)
-#endif
-
-/*
- *	RFC 4648 base32 decoding.
- */
-static const uint8_t alphabet[UINT8_MAX] = {
-	['A'] = 1,
-	['B'] = 2,
-	['C'] = 3,
-	['D'] = 4,
-	['E'] = 5,
-	['F'] = 6,
-	['G'] = 7,
-	['H'] = 8,
-	['I'] = 9,
-	['J'] = 10,
-	['K'] = 11,
-	['L'] = 12,
-	['M'] = 13,
-	['N'] = 14,
-	['O'] = 15,
-	['P'] = 16,
-	['Q'] = 17,
-	['R'] = 18,
-	['S'] = 19,
-	['T'] = 20,
-	['U'] = 21,
-	['V'] = 22,
-	['W'] = 23,
-	['X'] = 24,
-	['Y'] = 25,
-	['Z'] = 26,
-	['2'] = 27,
-	['3'] = 28,
-	['4'] = 29,
-	['5'] = 30,
-	['6'] = 31,
-	['7'] = 32,
-};
-
-static ssize_t base32_decode(uint8_t *out, size_t outlen, char const *in)
-{
-	uint8_t *p, *end, *b;
-	char const *q;
-
-	p = out;
-	end = p + outlen;
-
-	memset(out, 0, outlen);
-
-	/*
-	 *	Convert ASCII to binary.
-	 */
-	for (q = in; *q != '\0'; q++) {
-		/*
-		 *	Padding at the end, stop.
-		 */
-		if (*q == '=') {
-			break;
-		}
-
-		if (!alphabet[*((uint8_t const *) q)]) return -1;
-
-		*(p++) = alphabet[*((uint8_t const *) q)] - 1;
-
-		if (p == end) return -1; /* too much data */
-	}
-
-	/*
-	 *	Reset to the end of the actual data we have
-	 */
-	end = p;
-
-	/*
-	 *	Convert input 5-bit groups into output 8-bit groups.
-	 *	We do this in 8-byte blocks.
-	 *
-	 *	00011111 00022222 00033333 00044444 00055555 00066666 00077777 00088888
-	 *
-	 *	Will get converted to
-	 *
-	 *	11111222 22333334 44445555 56666677 77788888
-	 */
-	for (p = b = out; p < end; p += 8) {
-		b[0] = p[0] << 3;
-		b[0] |= p[1] >> 2;
-
-		b[1] = p[1] << 6;
-		b[1] |= p[2] << 1;
-		b[1] |= p[3] >> 4;
-
-		b[2] = p[3] << 4;
-		b[2] |= p[4] >> 1;
-
-		b[3] = p[4] << 7;
-		b[3] |= p[5] << 2;
-		b[3] |= p[6] >> 3;
-
-		b[4] = p[6] << 5;
-		b[4] |= p[7];
-
-		b += 5;
-
-		/*
-		 *	Clear out the remaining 3 octets of this block.
-		 */
-		b[0] = 0;
-		b[1] = 0;
-		b[2] = 0;
-	}
-
-	return b - out;
-}
-
-#ifndef TESTING
-# define TESTING_UNUSED
-# define LEN 6
-# define PRINT "%06u"
-# define DIV 1000000
-#else /* TESTING */
-# define LEN 8
-# define PRINT "%08u"
-# define DIV 100000000
-# undef RDEBUG3
-# define RDEBUG3(fmt, ...)	printf(fmt "\n", ## __VA_ARGS__)
-# define TESTING_UNUSED UNUSED
-#endif
-
-#ifndef TESTING
 static int mod_bootstrap(module_inst_ctx_t const *mctx)
 {
 	rlm_totp_t   *inst = talloc_get_type_abort(mctx->inst->data, rlm_totp_t);
 	CONF_SECTION *conf = mctx->inst->conf;
 
 	inst->name = cf_section_name2(conf);
-		if (!inst->name) {
-		inst->name = cf_section_name1(conf);
-	}
+	if (!inst->name) inst->name = cf_section_name1(conf);
 
 	return 0;
 }
@@ -247,94 +101,21 @@ static int mod_instantiate(module_inst_ctx_t const *mctx)
 {
 	rlm_totp_t *inst = talloc_get_type_abort(mctx->inst->data, rlm_totp_t);
 
-	FR_INTEGER_BOUND_CHECK("time_step", inst->time_step, >=, 5);
-	FR_INTEGER_BOUND_CHECK("time_step", inst->time_step, <=, 120);
+	FR_INTEGER_BOUND_CHECK("time_step", inst->totp.time_step, >=, 5);
+	FR_INTEGER_BOUND_CHECK("time_step", inst->totp.time_step, <=, 120);
 
-	FR_INTEGER_BOUND_CHECK("lookback_steps", inst->lookback_steps, >=, 1);
-	FR_INTEGER_BOUND_CHECK("lookback_steps", inst->lookback_steps, <=, 10);
+	FR_INTEGER_BOUND_CHECK("lookback_steps", inst->totp.lookback_steps, >=, 1);
+	FR_INTEGER_BOUND_CHECK("lookback_steps", inst->totp.lookback_steps, <=, 10);
 
-	FR_INTEGER_BOUND_CHECK("lookback_interval", inst->lookback_interval, <=, inst->time_step);
+	FR_INTEGER_BOUND_CHECK("lookback_interval", inst->totp.lookback_interval, <=, inst->totp.time_step);
 
-	FR_INTEGER_BOUND_CHECK("otp_length", inst->otp_length, >=, 6);
-	FR_INTEGER_BOUND_CHECK("otp_length", inst->otp_length, <=, 8);
+	FR_INTEGER_BOUND_CHECK("otp_length", inst->totp.otp_length, >=, 6);
+	FR_INTEGER_BOUND_CHECK("otp_length", inst->totp.otp_length, <=, 8);
 
-	if (inst->otp_length == 7) inst->otp_length = 8;
+	if (inst->totp.otp_length == 7) inst->totp.otp_length = 8;
 
 	return 0;
 }
-#endif
-
-/*
- *	Implement RFC 6238 TOTP algorithm.
- *
- *	Appendix B has test vectors.  Note that the test vectors are
- *	for 8-character challenges, and not for 6 character
- *	challenges!
- */
-static int totp_cmp(TESTING_UNUSED request_t *request, time_t now, uint8_t const *key, size_t keylen, char const *totp, TESTING_UNUSED rlm_totp_t const *inst)
-{
-	time_t then;
-	unsigned int i;
-	uint8_t offset;
-	uint32_t challenge;
-	uint64_t padded;
-	char buffer[9];
-	uint8_t data[8];
-	uint8_t digest[SHA1_DIGEST_LENGTH];
-
-	/*
-	 *	First try to authenticate against the current OTP, then step
-	 *	back in increments of BACK_STEP_SECS, up to BACK_STEPS times,
-	 *	to authenticate properly in cases of long transit delay, as
-	 *	described in RFC 6238, secion 5.2.
-	 */
-
-	for (i = 0, then = now; i <= BACK_STEPS; i++, then -= BACK_STEP_SECS) {
-		padded = ((uint64_t) now) / TIME_STEP;
-		data[0] = padded >> 56;
-		data[1] = padded >> 48;
-		data[2] = padded >> 40;
-		data[3] = padded >> 32;
-		data[4] = padded >> 24;
-		data[5] = padded >> 16;
-		data[6] = padded >> 8;
-		data[7] = padded & 0xff;
-
-		/*
-		 *	Encrypt the network order time with the key.
-		 */
-		fr_hmac_sha1(digest, data, 8, key, keylen);
-
-		/*
-		 *	Take the least significant 4 bits.
-		 */
-		offset = digest[SHA1_DIGEST_LENGTH - 1] & 0x0f;
-
-		/*
-		 *	Grab the 32bits at "offset", and drop the high bit.
-		 */
-		challenge = (digest[offset] & 0x7f) << 24;
-		challenge |= digest[offset + 1] << 16;
-		challenge |= digest[offset + 2] << 8;
-		challenge |= digest[offset + 3];
-
-		/*
-		 *	The token is the last 6 digits in the number (or 8 for testing)..
-		 */
-		snprintf(buffer, sizeof(buffer), ((OTP_LEN == 6) ? "%06u" : "%08u"),
-				 challenge % ((OTP_LEN == 6) ? 1000000 : 100000000));
-
-		RDEBUG3("Now: %zu, Then: %zu", (size_t) now, (size_t) then);
-		RDEBUG3("Expected %s", buffer);
-		RDEBUG3("Received %s", totp);
-
-		if (fr_digest_cmp((uint8_t const *) buffer, (uint8_t const *) totp, LEN) == 0) return 0;
-	}
-
-	return 1;
-}
-
-#ifndef TESTING
 
 /*
  *  Do the authentication
@@ -350,7 +131,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result,
 
 	fr_dbuff_init(&out, (uint8_t *)buffer, sizeof(buffer));
 
-	from_user = fr_pair_find_by_da(&request->request_pairs, NULL, attr_totp_from_user);
+	from_user = fr_pair_find_by_da_nested(&request->request_pairs, NULL, attr_totp_from_user);
 	if (!from_user) {
 		REDEBUG("&request.TOTP.From-User is needed");
 		RETURN_MODULE_INVALID;
@@ -364,7 +145,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result,
 	/*
 	 *	Look for the raw key first in &request.TOTP.Key
 	 */
-	key = fr_pair_find_by_da(&request->control_pairs, NULL, attr_totp_key);
+	key = fr_pair_find_by_da_nested(&request->control_pairs, NULL, attr_totp_key);
 	if (key) {
 		our_key = key->vp_octets;
 		our_keylen = key->vp_length;
@@ -372,7 +153,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result,
 		ssize_t len;
 
 		/* then let's see &control.TOTP.Secret */
-		secret = fr_pair_find_by_da(&request->control_pairs, NULL, attr_totp_secret);
+		secret = fr_pair_find_by_da_nested(&request->control_pairs, NULL, attr_totp_secret);
 		if (!secret) {
 			REDEBUG("&control.TOTP.Secret is needed");
 			RETURN_MODULE_INVALID;
@@ -384,7 +165,7 @@ static unlang_action_t CC_HINT(nonnull) mod_authenticate(rlm_rcode_t *p_result,
 			RETURN_MODULE_FAIL;
 		}
 
-		our_key = buffer;
+		our_key = fr_dbuff_start(&out);
 		our_keylen = len;
 	}
 
@@ -408,6 +189,7 @@ module_rlm_t rlm_totp = {
 		.magic		= MODULE_MAGIC_INIT,
 		.name		= "totp",
 		.type		= MODULE_TYPE_THREAD_SAFE,
+		.inst_size	= sizeof(rlm_totp_t),
 		.config		= module_config,
 		.bootstrap	= mod_bootstrap,
 		.instantiate	= mod_instantiate
@@ -418,48 +200,3 @@ module_rlm_t rlm_totp = {
 		MODULE_NAME_TERMINATOR
 	}
 };
-
-#else /* TESTING */
-int main(int argc, char **argv)
-{
-	size_t len;
-	uint8_t *p;
-	uint8_t key[80];
-
-	if (argc < 2) return 0;
-
-	if (strcmp(argv[1], "decode") == 0) {
-		if (argc < 3) return 0;
-
-		len = base32_decode(key, sizeof(key), argv[2]);
-		printf("Decoded %ld %s\n", len, key);
-
-		for (p = key; p < (key + len); p++) {
-			printf("%02x ", *p);
-		}
-		printf("\n");
-
-		return 0;
-	}
-
-	/*
-	 *	TOTP <time> <key> <8-character-expected-token>
-	 */
-	if (strcmp(argv[1], "totp") == 0) {
-		uint64_t now;
-
-		if (argc < 5) return 0;
-
-		(void) sscanf(argv[2], "%llu", &now);
-
-		if (totp_cmp(NULL, (time_t) now, (uint8_t const *) argv[3], strlen(argv[3]), argv[4], NULL) == 0) {
-			return 0;
-		}
-		printf("Fail\n");
-		return 1;
-	}
-
-	fprintf(stderr, "Unknown command %s\n", argv[1]);
-	return 1;
-}
-#endif
diff --git a/src/tests/totp/bin/Makefile b/src/tests/totp/bin/Makefile
index 7f489a4c4b52..c83ecdb91169 100644
--- a/src/tests/totp/bin/Makefile
+++ b/src/tests/totp/bin/Makefile
@@ -5,16 +5,27 @@ all: totp
 
 include ../../../../Make.inc
 
+#
+#  You can watch what it's doing by:
+#
+#	$ VERBOSE=1 make ... args ...
+#
+ifeq "${VERBOSE}" ""
+    Q=@
+else
+    Q=
+endif
+
 #
 #  Hack up stuff so we can build in a subdirectory.
 #
 .PHONY: src
 src:
-	@ln -sf ../../../../src
+	$(Q)ln -sf $(top_srcdir)/src
 
 .PHONY: freeradius-devel
 freeradius-devel:
-	@ln -sf ../../../../src/include freeradius-devel
+	$(Q)ln -sf $(top_srcdir)/src/include freeradius-devel
 
 #
 #  ./totp decode <base32>
@@ -23,18 +34,18 @@ freeradius-devel:
 #
 totp: totp.c | src freeradius-devel
 	$(Q)$(CC) $(CFLAGS) $(CPPFLAGS) -o $@ $(LDFLAGS) $(LIBS) \
-			../../../../build/lib/.libs/libfreeradius-util.a \
-			../../../../build/lib/.libs/libfreeradius-totp.a \
+			$(top_srcdir)/build/lib/.libs/libfreeradius-util.a \
+			$(top_srcdir)/build/lib/.libs/libfreeradius-totp.a \
 			totp.c
 
 #
 #  Test vectors from RFC 6238, Appendix B
 #
 test: totp
-	@while IFS= read -r line; do \
+	$(Q)while IFS= read -r line; do \
 		./totp totp $$line || exit 1; \
 	done < sha1.txt
 
 .PHONY: clean
 clean:
-	@rm -f *~ totp src freeradius-devel
+	$(Q)rm -f *~ totp src freeradius-devel

From 88b88c7b41c803574a23dbea6b6c8712aab54390 Mon Sep 17 00:00:00 2001
From: Jorge Pereira <jpereira@freeradius.org>
Date: Thu, 14 Sep 2023 00:19:28 -0300
Subject: [PATCH 09/12] totp: Add scripts/totp/totp-gen.py sample

It's helpful to validate rlm_totp in realtime.
---
 scripts/totp/totp-gen.py | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100755 scripts/totp/totp-gen.py

diff --git a/scripts/totp/totp-gen.py b/scripts/totp/totp-gen.py
new file mode 100755
index 000000000000..bd3b65b8faed
--- /dev/null
+++ b/scripts/totp/totp-gen.py
@@ -0,0 +1,39 @@
+#!/usr/bin/env python3
+# Author: Jorge Pereira <jpereira@freeradius.org>
+# Simple TOTP generator.
+
+import argparse
+import base64
+import hmac
+import struct
+import sys
+import time
+
+def hotp(key, counter, digits=6, digest='sha1'):
+    key = key.encode('ascii')
+    counter = struct.pack('>Q', counter)
+    mac = hmac.new(key, counter, digest).digest()
+    offset = mac[-1] & 0x0f
+    binary = struct.unpack('>L', mac[offset:offset+4])[0] & 0x7fffffff
+    return str(binary)[-digits:].zfill(digits)
+
+def totp(key, time_step=30, digits=6, digest='sha1'):
+    return hotp(key, int(time.time() / time_step), digits, digest)
+
+def main():
+    parser = argparse.ArgumentParser(description = "Simple TOTP token generator.")
+    parser.add_argument("-k", dest = "key", help = "Key in raw format.", required = True)
+    parser.add_argument("-t", dest = "time_step", help = "time step between time changes.", default = 30, type = int)
+    parser.add_argument("-d", dest = "digits", help = "Length of the one-time password.", default = 6, type = int)
+    parser.add_argument("-e", dest = "encode_base32", help = "Encode the output token in base32.", action='store_true')
+    parser.add_argument("-D", dest = "digest", help = "HMAC algorithm as described by RFC 2104. default: sha1, options: sha1, sha256, sha512", required = False, default = "sha1")
+    args = parser.parse_args()
+    token = totp(args.key, args.time_step, args.digits, args.digest)
+
+    if args.encode_base32:
+        token = base64.b32encode(bytearray(token, 'ascii')).decode('ascii')
+
+    print(token)
+
+if __name__ == '__main__':
+    main()

From 08f71cc7ccc4a408a98ecd81cc08b2e08f8664db Mon Sep 17 00:00:00 2001
From: Jorge Pereira <jpereira@freeradius.org>
Date: Thu, 14 Sep 2023 01:00:05 -0300
Subject: [PATCH 10/12] totp: Add tests validating rlm_totp

* That script get a real token using scripts/totp/totp-gen.py
* It's validate using 'radclient' sending a valid packet.
---
 src/tests/all.mk                        |   1 +
 src/tests/totp/.gitignore               |   4 +
 src/tests/totp/all.mk                   | 107 +++++++++++++++++
 src/tests/totp/config/radiusd.conf      | 148 ++++++++++++++++++++++++
 src/tests/totp/now_token_6digits.out.in |   5 +
 src/tests/totp/now_token_6digits.txt.in |   4 +
 src/tests/totp/now_token_8digits.out.in |   5 +
 src/tests/totp/now_token_8digits.txt.in |   4 +
 8 files changed, 278 insertions(+)
 create mode 100644 src/tests/totp/.gitignore
 create mode 100644 src/tests/totp/all.mk
 create mode 100644 src/tests/totp/config/radiusd.conf
 create mode 100644 src/tests/totp/now_token_6digits.out.in
 create mode 100644 src/tests/totp/now_token_6digits.txt.in
 create mode 100644 src/tests/totp/now_token_8digits.out.in
 create mode 100644 src/tests/totp/now_token_8digits.txt.in

diff --git a/src/tests/all.mk b/src/tests/all.mk
index 5f1dd13fd47d..f4d62fb0fdbf 100644
--- a/src/tests/all.mk
+++ b/src/tests/all.mk
@@ -64,6 +64,7 @@ test: \
 		test.tacacs	\
 		test.vmps	\
 		test.ldap_sync	\
+		test.totp	\
 		| build.raddb
 
 clean: clean.test
diff --git a/src/tests/totp/.gitignore b/src/tests/totp/.gitignore
new file mode 100644
index 000000000000..6c03d5cf1242
--- /dev/null
+++ b/src/tests/totp/.gitignore
@@ -0,0 +1,4 @@
+# We use foo.txt.in to generate foo.txt
+*.txt
+# We use foo.out.in to generate foo.out
+*.out
diff --git a/src/tests/totp/all.mk b/src/tests/totp/all.mk
new file mode 100644
index 000000000000..24997996fd00
--- /dev/null
+++ b/src/tests/totp/all.mk
@@ -0,0 +1,107 @@
+#
+#	Unit tests for totp+radclient against the radiusd/rlm_totp.
+#
+
+#
+#	Test name
+#
+TEST  := test.totp
+FILES := $(subst $(DIR)/,,$(wildcard $(DIR)/*.txt.in))
+
+$(eval $(call TEST_BOOTSTRAP))
+
+#
+#  Ensure that the digest tests are run if the server or rlm_digest module changes
+#
+$(FILES.$(TEST)): $(BUILD_DIR)/lib/rlm_totp.la $(BUILD_DIR)/bin/radiusd$(E) $(BUILD_DIR)/bin/radclient$(E)
+
+#
+#	Config settings
+#
+TOTP_BUILD_DIR  := $(BUILD_DIR)/tests/totp
+TOTP_RADIUS_LOG := $(RADCLIENT_BUILD_DIR)/radiusd.log
+TOTP_GDB_LOG    := $(RADCLIENT_BUILD_DIR)/gdb.log
+
+#
+#	Client port
+#
+RADCLIENT_CLIENT_PORT := 1234
+
+#
+#	Get the TOTP token
+#
+TOTP_KEY := 12345678901234567890
+export TOTP_KEY
+
+#
+#  Generic rules to start / stop the radius service.
+#
+CLIENT := radclient
+include src/tests/radiusd.mk
+$(eval $(call RADIUSD_SERVICE,radiusd,$(OUTPUT)))
+
+#
+#	Run the radclient commands against the radiusd.
+#
+$(OUTPUT)/%: $(DIR)/% | $(TEST).radiusd_kill $(TEST).radiusd_start
+	$(eval TARGET_IN     := $(patsubst %.txt.in,%.txt,$<))
+	$(eval TARGET        := $(notdir $(TARGET_IN))$(E))
+	$(eval EXPECTED      := $(patsubst %.txt.in,%.out,$<))
+	$(eval FOUND         := $(patsubst %.txt.in,%.out,$@))
+	$(eval TOTP_GEN_ARGV := $(shell grep "#.*ARGV:" $< | cut -f2 -d ':'))
+	$(eval TOTP_TOKEN    := $(shell $(top_srcdir)/scripts/totp/totp-gen.py -k $(TOTP_KEY) $(TOTP_GEN_ARGV)))
+
+	${Q}echo "TOTP-TEST INPUT=$(TARGET) TOKEN=$(TOTP_TOKEN) TOTP_GEN_ARGV=\"$(TOTP_GEN_ARGV)\""
+	${Q}[ -f $(dir $@)/radiusd.pid ] || exit 1
+#
+#	Create the 'expected' with generated otp token
+#
+
+	${Q}sed "s/@TOTP_TOKEN@/$(TOTP_TOKEN)/g" $< > $(TARGET_IN)
+	${Q}sed "s/@TOTP_TOKEN@/$(TOTP_TOKEN)/g" $(EXPECTED).in > $(EXPECTED)
+	${Q}if ! $(TEST_BIN)/radclient -f $(TARGET_IN) -xF -d src/tests/totp/config -D share/dictionary 127.0.0.1:$(totp_port) auth $(SECRET) 1> $(FOUND) 2>&1; then \
+		echo "FAILED";                                              \
+		cat $(FOUND);                                               \
+		rm -f $(BUILD_DIR)/tests/test.totp;		                    \
+		$(MAKE) --no-print-directory test.totp.radiusd_kill;        \
+		echo "RADIUSD:   $(RADIUSD_RUN)";                           \
+		echo "RADCLIENT: $(TEST_BIN)/radclient -f $(TARGET_IN) -xF -d src/tests/totp/config -D share/dictionary 127.0.0.1:$(totp_port) auth $(SECRET)"; \
+		exit 1;                                                     \
+	fi
+#
+#	Lets normalize the loopback interface on OSX and FreeBSD
+#
+	${Q}if [ "$$(uname -s)" = "Darwin" ]; then sed -i.bak 's/via lo0/via lo/g' $(FOUND); fi
+	${Q}if [ "$$(uname -s)" = "FreeBSD" ]; then sed -i.bak 's/via (null)/via lo/g' $(FOUND); fi
+#
+#	Remove all entries with "^_EXIT.*CALLED .*/"
+#	It is necessary to match all builds with/without -DNDEBUG
+#
+	${Q}sed -i.bak '/^_EXIT.*CALLED .*/d' $(FOUND)
+#
+#	Ignore spurious output from jlibtool when VERBOSE=1
+#
+	${Q}sed -i.bak '$${/Executing: /d;}' $(FOUND)
+#
+#	Checking.
+#
+#	diff between src/test/totp/$test.out & build/test/totp/$test.out
+#
+	${Q}if ! diff -I 'Sent' -I 'Received' $(EXPECTED) $(FOUND); then  \
+		echo "RADCLIENT FAILED $@";                                 \
+		echo "RADIUSD:   $(RADIUSD_RUN)";                           \
+		echo "RADCLIENT: $(TEST_BIN)/radclient -f $(TARGET_IN) -xF -d src/tests/totp/config -D share/dictionary 127.0.0.1:$(totp_port) auth $(SECRET)"; \
+		echo "ERROR: File $(FOUND) is not the same as $(EXPECTED)"; \
+		echo "If you did some update on the radclient code, please be sure to update the unit tests."; \
+		echo "e.g: $(EXPECTED)";                                    \
+		diff -I 'Sent' -I 'Received' $(EXPECTED) $(FOUND);                                  \
+		rm -f $(BUILD_DIR)/tests/test.totp;		    \
+		$(MAKE) --no-print-directory test.totp.radiusd_kill;   \
+		exit 1;                                                     \
+	fi
+	${Q}touch $@
+
+.NO_PARALLEL: $(TEST)
+$(TEST):
+	${Q}$(MAKE) --no-print-directory $@.radiusd_stop
+	@touch $(BUILD_DIR)/tests/$@
diff --git a/src/tests/totp/config/radiusd.conf b/src/tests/totp/config/radiusd.conf
new file mode 100644
index 000000000000..89f43a1f186a
--- /dev/null
+++ b/src/tests/totp/config/radiusd.conf
@@ -0,0 +1,148 @@
+#  -*- text -*-
+#
+#  test configuration file.  Do not install.
+#
+#  $Id$
+#
+
+#
+#  Minimal radiusd.conf for testing
+#
+
+testdir      = $ENV{TESTDIR}
+output       = $ENV{OUTPUT}
+run_dir      = ${output}
+raddb        = raddb
+pidfile      = ${run_dir}/radiusd.pid
+panic_action = "gdb -batch -x src/tests/panic.gdb %e %p > ${run_dir}/gdb.log 2>&1; cat ${run_dir}/gdb.log"
+
+maindir      = ${raddb}
+radacctdir   = ${run_dir}/radacct
+modconfdir   = ${maindir}/mods-config
+certdir      = ${maindir}/certs
+cadir        = ${maindir}/certs
+test_port    = $ENV{TEST_PORT}
+
+#  Only for testing!
+#  Setting this on a production system is a BAD IDEA.
+security {
+	allow_vulnerable_openssl = yes
+}
+
+policy {
+	files.authorize {
+		if (&User-Name == "bob") {
+			&control.Password.Cleartext := "bob"
+		}
+	}
+	$INCLUDE ${maindir}/policy.d/
+}
+
+client localhost {
+	ipaddr = 127.0.0.1
+	secret = testing123
+}
+
+modules {
+	always reject {
+		rcode = reject
+	}
+	always fail {
+		rcode = fail
+	}
+	always ok {
+		rcode = ok
+	}
+	always handled {
+		rcode = handled
+	}
+	always invalid {
+		rcode = invalid
+	}
+	always disallow {
+		rcode = disallow
+	}
+	always notfound {
+		rcode = notfound
+	}
+	always noop {
+		rcode = noop
+	}
+	always updated {
+		rcode = updated
+	}
+
+	totp totp_6digit {
+		time_step = 30
+		otp_length = 6
+		lookback_steps = 1
+		lookback_interval = 30
+	}
+
+	totp totp_8digit {
+		time_step = 30
+		otp_length = 8
+		lookback_steps = 1
+		lookback_interval = 30
+	}
+}
+
+#
+#  This virtual server is chosen for processing requests when using:
+#
+#	radiusd -Xd src/tests/ -i 127.0.0.1 -p 12340 -n test
+#
+server test {
+	namespace = radius
+
+	listen {
+		type = Access-Request
+		type = Accounting-Request
+		transport = udp
+
+		udp {
+			ipaddr = 127.0.0.1
+			port = ${test_port}
+		}
+	}
+
+	recv Access-Request {
+		# Key...
+		&control.TOTP.key = "$ENV{TOTP_KEY}"
+#		&control.TOTP.Secret = $ENV{TOTP_KEY}
+
+		# Then, let's get the token
+		if (&request.User-Name =~ /^([a-zA-Z0-9]+)\+([0-9]+)$/) {
+			&request.User-Name := %{1}
+			&request.TOTP.From-User := %{2}
+
+			if (%(length:%{request.TOTP.From-User}) == 6) {
+				totp_6digit
+			} elsif (%(length:%{request.TOTP.From-User}) == 8) {
+				totp_8digit
+			} else {
+				&reply.Reply-Message := "FAILED! Token has incorrect length. Expected 6 or 8"
+				reject
+			}
+
+			if (ok) {
+				&reply.Reply-Message := "TOTP@%{request.TOTP.From-User} OK"
+				accept
+			} else {
+				&reply.Reply-Message := "TOTP@%{request.TOTP.From-User} FAILED"
+				reject
+			}
+		} else {
+			&reply.Reply-Message := "FAILED! Excepted format: username+token"
+			reject
+		}
+	}
+
+	authenticate totp_6digit {
+		totp_6digit
+	}
+
+	authenticate totp_8digit {
+		totp_8digit
+	}
+}
diff --git a/src/tests/totp/now_token_6digits.out.in b/src/tests/totp/now_token_6digits.out.in
new file mode 100644
index 000000000000..0e93e40418b7
--- /dev/null
+++ b/src/tests/totp/now_token_6digits.out.in
@@ -0,0 +1,5 @@
+Sent Access-Request Id 0 from 0.0.0.0:1235 to 127.0.0.1:12354 length 32 
+        User-Name = "bob+@TOTP_TOKEN@"
+Received Access-Accept Id 0 from 127.0.0.1:12354 to 0.0.0.0:1235 via lo length 29 
+        Reply-Message = "TOTP@@TOTP_TOKEN@ OK"
+(0) src/tests/totp/now_token_6digits.txt response code 2
diff --git a/src/tests/totp/now_token_6digits.txt.in b/src/tests/totp/now_token_6digits.txt.in
new file mode 100644
index 000000000000..63b32bd976f0
--- /dev/null
+++ b/src/tests/totp/now_token_6digits.txt.in
@@ -0,0 +1,4 @@
+#
+#	ARGV: -d 6 -D sha1
+#
+User-Name = "bob+@TOTP_TOKEN@"
diff --git a/src/tests/totp/now_token_8digits.out.in b/src/tests/totp/now_token_8digits.out.in
new file mode 100644
index 000000000000..b615c0d570d4
--- /dev/null
+++ b/src/tests/totp/now_token_8digits.out.in
@@ -0,0 +1,5 @@
+Sent Access-Request Id 0 from 0.0.0.0:1235 to 127.0.0.1:12354 length 32 
+        User-Name = "bob+@TOTP_TOKEN@"
+Received Access-Accept Id 0 from 127.0.0.1:12354 to 0.0.0.0:1235 via lo length 29 
+        Reply-Message = "TOTP@@TOTP_TOKEN@ OK"
+(0) src/tests/totp/now_token_8digits.txt response code 2
diff --git a/src/tests/totp/now_token_8digits.txt.in b/src/tests/totp/now_token_8digits.txt.in
new file mode 100644
index 000000000000..16337ea74c5d
--- /dev/null
+++ b/src/tests/totp/now_token_8digits.txt.in
@@ -0,0 +1,4 @@
+#
+#	ARGV: -d 8 -D sha1
+#
+User-Name = "bob+@TOTP_TOKEN@"

From 3964e7695904ae83e32af323db07b691e1a37f3a Mon Sep 17 00:00:00 2001
From: Jorge Pereira <jpereira@freeradius.org>
Date: Tue, 19 Sep 2023 12:17:38 -0300
Subject: [PATCH 11/12] Update Redhat Package reference for totp

---
 redhat/freeradius.spec | 1 +
 1 file changed, 1 insertion(+)

diff --git a/redhat/freeradius.spec b/redhat/freeradius.spec
index 05ff79eb4183..a783fe7717f6 100644
--- a/redhat/freeradius.spec
+++ b/redhat/freeradius.spec
@@ -946,6 +946,7 @@ fi
 %{_libdir}/freeradius/libfreeradius-tacacs.so
 %{_libdir}/freeradius/libfreeradius-tftp.so
 %{_libdir}/freeradius/libfreeradius-tls.so
+%{_libdir}/freeradius/libfreeradius-totp.so
 %{_libdir}/freeradius/libfreeradius-unlang.so
 %{_libdir}/freeradius/libfreeradius-vmps.so
 

From b8aeddc94f961f219c967dfc8a6faf4002b7b336 Mon Sep 17 00:00:00 2001
From: Jorge Pereira <jpereira@freeradius.org>
Date: Tue, 19 Sep 2023 12:17:44 -0300
Subject: [PATCH 12/12] Update Debian Package reference for totp

---
 debian/libfreeradius4.install | 1 +
 1 file changed, 1 insertion(+)

diff --git a/debian/libfreeradius4.install b/debian/libfreeradius4.install
index 44754cb059c1..9d2aa78d1bc4 100644
--- a/debian/libfreeradius4.install
+++ b/debian/libfreeradius4.install
@@ -14,6 +14,7 @@ usr/lib/freeradius/libfreeradius-sim.so
 usr/lib/freeradius/libfreeradius-tacacs.so
 usr/lib/freeradius/libfreeradius-tftp.so
 usr/lib/freeradius/libfreeradius-tls.so
+usr/lib/freeradius/libfreeradius-totp.so
 usr/lib/freeradius/libfreeradius-unlang.so
 usr/lib/freeradius/libfreeradius-util.so
 usr/lib/freeradius/libfreeradius-vmps.so