Path to this page:
Next | Query returned 5 messages, browsing 1 to 10 | previous
CVS Commit History:
2012-03-13 17:13:52 by Fredrik Pettai | Files touched by this commit (22) | |
Log message:
Imported the yubico yubikey suite into pkgsrc-base
|
2012-03-09 00:16:57 by Fredrik Pettai | Files touched by this commit (1) | |
Log message:
Comment update
|
2012-03-09 00:02:21 by Fredrik Pettai | Files touched by this commit (3) |
Log message:
Version 2.11 (released 2012-02-10)
* Fix crash-bug with challenge-response mode when button press is required,
but button is never pressed.
* Fix a memset() with wrong size as reported by clang, as well as some
other problems/warnings when building on Mac OS X
* Add prefix-matching of LDAP fetched values, so you can store the
token-to-user mapping in a multi-value attribute with values like
"yubikey:publicid", "other-token:something" etc.
Version 2.10 (released 2011-12-14)
* Drop permissions (to the user that is trying to authenticate) before
accessing files in the users home directory.
* Restore challenge-response support - version 2.7 was supposed to make
the dependency on libykpers optional, but in reality accidentally
disabled challenge-response for all configurations. As before, use
--without-cr to compile pam_yubico without the ykpers dependency.
Version 2.9 (released 2011-11-17)
* Security: Explicitly request ykclient to verify server signature.
ykclient <= 2.5 strangely enough defaults to signing requests, but not
verifying signatures in responses when it is supplied with a client key.
Version 2.8 (released 2011-08-26)
* Fix big security hole: Authentication succeeded when no password
was given, unless use_first_pass was being used.
This is fatal if pam_yubico is considered 'sufficient' in the PAM
configuration.
Version 2.7 (released 2011-06-07)
* Make dependency on libykpers optional.
Use --without-cr to force it.
Version 2.6 (released 2011-04-11)
* This release includes lots of patches by members of our open
source community. Thank you all!
* Add Challenge-Response mode for offline validation (requires
YubiKey 2.2). Patch by Tollef Fog Heen.
* Eliminate all problems with pam_get_data by simply getting rid
of that code completely. This seems to have caused problems for a lot
of people.
* Numerous LDAP bug fixes and improvements, including community
patches by judas.iscariote and maxsanna81@gmail.com. Change to
LDAPv3, since v2 has been declared historic for a looong time.
* Support passing capath parameter to Yubico validation client.
* Support public id's longer/shorter than 6 bytes.
* Convert documentation to Asciidoc format used in Github wiki.
* Try to never log passwords in debug logs.
Version 2.5 (released 2010-09-10)
* Wiki articles are now inclded in the archive. Same license as code.
Version 2.4 (released 2010-09-10)
* New keyword "verbose_otp" to allow displaying OTP characters.
* Build with -DPAM_DEBUG so that debug file writing works.
* Make deprecated "ldapserver" work again.
* Fix segmentation fault on 64-bit systems.
* Don't crash on ^D at su prompt, or generally, on a NULL password value.
Version 2.3 (released 2010-04-14)
* New keyword "ldap_uri" added.
This keyword is preferred over the old "ldapserver" keyword, and
allows you to specify a complete LDAP URI instead of only the hostname
of your LDAP server.
* Improved README.
Version 2.2 (released 2009-05-11)
* Added new PAM configuration variable "key" for base64 client key.
|
2011-11-07 20:56:43 by Guillaume Lasmayous | Files touched by this commit (1) |
Log message:
Mention CVE-2011-4120. Consider this security issue when updating the
package, thanks.
|
2010-04-06 08:06:14 by Martti Kuparinen | Files touched by this commit (4) | |
Log message:
Import pam-yubico-2.1 as wip/pam-yubico.
The Yubico PAM module provides an easy way to integrate the Yubikey
into your existing user authentication infrastructure.
|
Next | Query returned 5 messages, browsing 1 to 10 | previous