/oath-toolkit, OATH (Open AuTHentication) Toolkit
2.4.1nb2, Package name:
oath-toolkit-2.4.1nb2, Maintainer: pettai
The OATH Toolkit contains a shared library, command line tool and a PAM module
that makes it possible to build one-time password authentication systems.
Supported technologies include the event-based HOTP algorithm and the
time-based TOTP algorithm.
OATH is the Open AuTHentication organization which specify the algorithms.
Required to run:
] Required to build:
Master sites: SHA1:
Version history: (Expand)
- (2016-03-05) Updated to version: oath-toolkit-2.4.1nb2
- (2014-09-24) Updated to version: oath-toolkit-2.4.1nb1
- (2014-03-11) Updated to version: oath-toolkit-2.4.1
- (2014-02-12) Updated to version: oath-toolkit-2.4.0nb3
- (2014-01-06) Updated to version: oath-toolkit-2.4.0nb2
- (2014-01-01) Updated to version: oath-toolkit-2.4.0nb1
CVS history: (Expand)
| 2016-03-05 12:29:49 by Jonathan Perkin | Files touched by this commit (1813) | |
Bump PKGREVISION for security/openssl ABI bump.
| 2015-11-04 02:18:12 by Alistair G. Crooks | Files touched by this commit (434) |
Add SHA512 digests for distfiles for security category
Problems found locating distfiles:
Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
Package libidea: missing distfile libidea-0.8.2b.tar.gz
Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
Package uvscan: missing distfile vlp4510e.tar.Z
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
| 2014-09-23 21:39:50 by Joerg Sonnenberger | Files touched by this commit (2) |
Sync PLIST with reality adding various man pages. Bump revision.
| 2014-03-10 01:58:51 by Fredrik Pettai | Files touched by this commit (2) | |
Version 2.4.1 (released 2014-02-12)
* liboath: Fix usersfile bug that caused it to update the wrong line.
When an usersfile contain multiple lines for the same user but with an
unparseable token type (e.g., HOTP vs TOTP), the code would update the
wrong line of the file. Since the then updated line could be a
commented out line, this can lead to the same OTP being accepted
multiple times which is a security vulnerability. CVE-2013-7322
| 2014-02-13 00:18:57 by Matthias Scheler | Files touched by this commit (1568) |
Recursive PKGREVISION bump for OpenSSL API version bump.
| 2014-01-05 22:41:37 by Thomas Klausner | Files touched by this commit (1) | |
Run autoreconf to avoid issues with automake version number mismatches.
Fixes build after automake-1.14.1 update.
Make automake a build dependency. Bump PKGREVISION.
| 2014-01-01 12:52:43 by Thomas Klausner | Files touched by this commit (776) |
Recursive PKGREVISION bump for libgcrypt-1.6.0 shlib major bump.
| 2013-09-14 09:46:33 by Fredrik Pettai | Files touched by this commit (3) |
Version 2.4.0 (released 2013-07-21)
* liboath: Add new API methods for validating TOTP OTPs
The new methods (oath_totp_validate3 and oath_totp_validate3_callback)
introduce a new parameter *otp_counter, which is set to the actual
counter used to calculate the OTP (unless it is a NULL pointer). This
allows for easier OTP replay detection in applications using liboath.
Patch from Fabian Grünbichler <email@example.com>.
Version 2.2.0 (released 2013-07-07)
* libpskc: Add functions for setting PSKC data.
The new functions are pskc_add_keypackage and all pskc_set_* functions
(see libpskc/include/pskc/keypackage.h). This allow you to write
programs that generate new PSKC structures.
* liboath: Permit different passwords for different tokens for the same user.
Thanks to Christian Hesse <firstname.lastname@example.org>.
* build: Improve building from git with most recent automake and gengetopt.
Thanks to Christian Hesse <email@example.com>.
* build: Valgrind is not enabled by default.
It causes too much false positives. For developers who want, use
--enable-valgrind-tests. It is still enabled by default when building
from the version controlled sources (see cfg.mk). Thanks to Christian
* liboath: Make header file usable from C++ (extern "C" guard).
Reported by Alan Markus <firstname.lastname@example.org>.