./security/oath-toolkit, OATH (Open AuTHentication) Toolkit

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.4.1nb1, Package name: oath-toolkit-2.4.1nb1, Maintainer: pettai

The OATH Toolkit contains a shared library, command line tool and a PAM module
that makes it possible to build one-time password authentication systems.
Supported technologies include the event-based HOTP algorithm and the
time-based TOTP algorithm.
OATH is the Open AuTHentication organization which specify the algorithms.


Required to run:
[textproc/libxml2] [security/xmlsec1]

Required to build:
[devel/automake]

Master sites:

SHA1: b0ca4c5f89c12c550f7227123c2f21f45b2bf969
RMD160: d902ebef5b0468f383bcb15a9e8b0582011eb4ca
Filesize: 4039.696 KB

Version history: (Expand)


CVS history: (Expand)


   2014-09-23 21:39:50 by Joerg Sonnenberger | Files touched by this commit (2)
Log message:
Sync PLIST with reality adding various man pages. Bump revision.
   2014-03-10 01:58:51 by Fredrik Pettai | Files touched by this commit (2) | Package updated
Log message:
Version 2.4.1 (released 2014-02-12)

* liboath: Fix usersfile bug that caused it to update the wrong line.
When an usersfile contain multiple lines for the same user but with an
unparseable token type (e.g., HOTP vs TOTP), the code would update the
wrong line of the file.  Since the then updated line could be a
commented out line, this can lead to the same OTP being accepted
multiple times which is a security vulnerability. CVE-2013-7322
CVs: ----------------------------------------------------------------------
   2014-02-13 00:18:57 by Matthias Scheler | Files touched by this commit (1568)
Log message:
Recursive PKGREVISION bump for OpenSSL API version bump.
   2014-01-05 22:41:37 by Thomas Klausner | Files touched by this commit (1) | Package updated
Log message:
Run autoreconf to avoid issues with automake version number mismatches.
Fixes build after automake-1.14.1 update.

Make automake a build dependency. Bump PKGREVISION.
   2014-01-01 12:52:43 by Thomas Klausner | Files touched by this commit (776)
Log message:
Recursive PKGREVISION bump for libgcrypt-1.6.0 shlib major bump.
   2013-09-14 09:46:33 by Fredrik Pettai | Files touched by this commit (3)
Log message:
Version 2.4.0 (released 2013-07-21)

* liboath: Add new API methods for validating TOTP OTPs
  The new methods (oath_totp_validate3 and oath_totp_validate3_callback)
  introduce a new parameter *otp_counter, which is set to the actual
  counter used to calculate the OTP (unless it is a NULL pointer). This
  allows for easier OTP replay detection in applications using liboath.
  Patch from Fabian Gr├╝nbichler <fabian.gruenbichler@tuwien.ac.at>.

Version 2.2.0 (released 2013-07-07)

* libpskc: Add functions for setting PSKC data.
  The new functions are pskc_add_keypackage and all pskc_set_* functions
  (see libpskc/include/pskc/keypackage.h).  This allow you to write
  programs that generate new PSKC structures.
* liboath: Permit different passwords for different tokens for the same user.
  Thanks to Christian Hesse <list@eworm.de>.
* build: Improve building from git with most recent automake and gengetopt.
  Thanks to Christian Hesse <list@eworm.de>.
* build: Valgrind is not enabled by default.
  It causes too much false positives.  For developers who want, use
  --enable-valgrind-tests.  It is still enabled by default when building
  from the version controlled sources (see cfg.mk).  Thanks to Christian
  Hesse <list@eworm.de>.
* liboath: Make header file usable from C++ (extern "C" guard).
  Reported by Alan Markus <alan.markus@gmail.com>.
   2013-03-16 21:52:38 by Fredrik Pettai | Files touched by this commit (4)
Log message:
Version 2.0.2 (released 2013-01-08)

* oathtool: Base32 decoding of keys are now more liberal in what accepts.
  It can now accept keys on the "gr6d 5br7 25s6 vnck v4vl hlao re"
  format, i.e., base32 data delimited using SPC and without padding.
  The old proper base32 format is still supported.
* liboath: oath_base32_decode now ignores SPC and adds pad characters.
* liboath: If password in usersfile is + then ignore supplied password.
  This enables the pam_oath module to be used with external password
  verification.  Based on patch from Ilkka Virta <itvirta@iki.fi>.
* tests: Fixed expiry date of some certificates used in the test suite.
  The last release would only complete 'make check' during a 30 day window.
* API and ABI is backwards compatible with the previous version.

Version 2.0.1 (released 2012-10-24)

* libpskc, pskctool: Support sign and verify of PSKC data using XML DigSig.
* libpskc: XML Schema validation modified.
  The entire PSKC schema is now supported (before the XML Digital
  Signatures and Encryption parts were removed).  The code now assumes
  that the schema is available in the local XML catalog.  Thanks to Liam
  Quin for hints about XML catalogs.
* pskctool: the --check (-c) parameter was renamed to --info (-i).
* API and ABI is backwards compatible with the previous version.

Version 2.0.0 (released 2012-10-10)

* libpskc, pskctool: New components.
  The OATH Toolkit now supports the Portable Symmetric Key Container
  (PSKC) data format specified in RFC 6030 for dealing with key
  provisioning.  There is a new low-level library libpskc for managing
  PSKC data for application developers and a new command line tool
  pskctool for interacting with PSKC data for users.  The PSKC
  functionality depends on Libxml2 <http://xmlsoft.org/>.  It can be
  disabled unconditionally using the ./configure-parameter
  --disable-pskc.
* liboath: Add manpages for library API.
* API and ABI is backwards compatible with the previous version.
   2012-11-18 03:25:38 by Aleksej Saushev | Files touched by this commit (6)
Log message:
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.