./security/oath-toolkit, OATH (Open AuTHentication) Toolkit

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.6.9nb6, Package name: oath-toolkit-2.6.9nb6, Maintainer: sborrill

The OATH Toolkit contains a shared library, command line tool and a PAM module
that makes it possible to build one-time password authentication systems.
Supported technologies include the event-based HOTP algorithm and the
time-based TOTP algorithm.
OATH is the Open AuTHentication organization which specify the algorithms.


Required to run:
[textproc/libxml2] [security/xmlsec1]

Required to build:
[devel/automake] [pkgtools/cwrappers]

Package options: pam

Master sites:

Filesize: 4583.52 KB

Version history: (Expand)


CVS history: (Expand)


   2023-11-08 14:21:43 by Thomas Klausner | Files touched by this commit (2377)
Log message:
*: recursive bump for icu 74.1
   2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298)
Log message:
*: bump for openssl 3
   2023-07-25 15:59:57 by Stephen Borrill | Files touched by this commit (8) | Package removed
Log message:
oath-toolkit: update to 2.6.9

Changes since 2.6.7:

Version 2.6.9 (released 2023-07-09)
    Improve compatibility with recent libxmlsec.
    Update gnulib files, dropping gnulib self-tests.

Version 2.6.8 (released 2023-07-09)
    libpskc: Fixes for recent libxmlsec releases.
    pam_oath: Provide fallback pam_modutil_getpwnam implementation. Fixes \ 
https://gitlab.com/oath-toolkit/oath-toolkit/-/issues/26 on Mac OS.
    pam_oath: Don't fail authentication when pam_modutil_getpwnam doesn't
    Regression introduced in previous release.
    pam_oath: Self-test improvements.
    liboath: Builds on Windows. The oath_authenticate_usersfile function is just \ 
a stub that returns an error. This allows for use of the rest of the library on \ 
Windows.
    Disable PAM self-tests on Mac. Fix --enable-root-tests logic.
    Don't ship gtk-doc PDFs in tarball.
    Use gitlog-to-changelog instead of git2cl.
    Codespell typo fixes.
   2023-06-06 14:42:56 by Taylor R Campbell | Files touched by this commit (1319)
Log message:
Mass-change BUILD_DEPENDS to TOOL_DEPENDS outside mk/.

Almost all uses, if not all of them, are wrong, according to the
semantics of BUILD_DEPENDS (packages built for target available for
use _by_ tools at build-time) and TOOL_DEPEPNDS (packages built for
host available for use _as_ tools at build-time).

No change to BUILD_DEPENDS as used correctly inside buildlink3.

As proposed on tech-pkg:
https://mail-index.netbsd.org/tech-pkg/2023/06/03/msg027632.html
   2023-04-19 10:12:01 by Adam Ciarcinski | Files touched by this commit (2359) | Package updated
Log message:
revbump after textproc/icu update
   2022-11-23 17:21:30 by Adam Ciarcinski | Files touched by this commit (1878) | Package updated
Log message:
massive revision bump after textproc/icu update
   2022-11-12 10:10:25 by Nikita | Files touched by this commit (25)
Log message:
archivers/fastjar, archivers/lzip, audio/tcd, cross/avrdude, devel/guile-lib,
devel/libjit, devel/m17n-lib, devel/quilt, devel/treecc, emulators/simulavr,
fonts/jomolhari-ttf, graphics/dvipng, graphics/freetype2, graphics/libotf,
ham/xlog, misc/color-theme, misc/m17n-db, multimedia/flvstreamer,
net/mimms, print/chktex, security/oath-toolkit, sysutils/attr,
sysutils/pidof, sysutils/renameutils, textproc/lout:

change MASTER_SITES from http://download.savannah.gnu.org to \ 
https://download.savannah.gnu.org
   2022-08-22 09:42:52 by Stephen Borrill | Files touched by this commit (11) | Package updated
Log message:
oath-toolkit: update to 2.6.7

Changes since 2.4.1:

Version 2.6.7 (released 2021-05-01)

    pam_oath: Support variables in usersfile string parameter.  the
usersfile string in the pam_oath configuration file.  The placeholder values
allow the user credentials file to be stored in a file path that is relative
to the user, and mimics similar behavior found in
google-authenticator-libpam.

The motivation for these changes is to allow for non-privileged processes to
use pam_oath (e.g., for 2FA with xscreensaver).  Non-privileged and non-suid
programs are unable to use pam_oath.  These changes are a proposed
alternative to a suid helper binary as well.

Thanks to Jason Graham for the patch.  See
https://gitlab.com/oath-toolkit/oath-toolkit/-/merge_requests/12.

    doc: Fix project URL in man pages.  Thanks to Jason Graham
for the patch.  Fixes
https://gitlab.com/oath-toolkit/oath-toolkit/-/issues/19.

    build: Drop use of libxml's AM_PATH_XML2 in favor of pkg-config.

    build: Modernize autotools usage.  Most importantly, no longer use
-Werror with AM_INIT_AUTOMAKE to make rebuilding from source more safe with
future automake versions.

    Updated gnulib files.

Version 2.6.6 (released 2021-01-20)

    oathtool: Handle HOTP --counter values larger than 0x7FFFFFFFFFFFFFFF.
Thanks to Jason Lai for report.

    doc: GTK-DOC manual improvements.

    Updated gnulib files.  Fixes test-parse-datetime self-check.  Fixes
https://gitlab.com/oath-toolkit/oath-toolkit/-/issues/20.

Version 2.6.5 (released 2020-12-29)

    oathtool: Support for reading KEY and OTP from standard input or
filename.  KEY and OTP may now be given as - to mean stdin, or @FILE to read
from a particular file.  This is recommended on multi-user systems, since
secrets as command line parameters leak.  Based on a patch from Ian Jackson.
Fixes #6.

    pam_oath: Fix unlikely logic fail on out of memory conditions.  Patch
from Matthias Gerstner.

    Doc fixes.

Version 2.6.4 (released 2020-11-11)

    libpskc: New --with-xmlsec-crypto-engine to hard-code crypto engine.
Fixes https://gitlab.com/oath-toolkit/oath-toolkit/-/issues/16.  Use it like
--with-xmlsec-crypto-engine=gnutls or --with-xmlsec-crypto-engine=openssl if
the default dynamic loading fails because of runtime linker search path
issues.

    oathtool --totp --verbose now prints TOTP hash mode.  Fixes
https://gitlab.com/oath-toolkit/oath-toolkit/-/issues/4.

    oathtool: Hash names (e.g., SHA256) for --totp are now upper case.
Fixes https://gitlab.com/oath-toolkit/oath-toolkit/-/issues/3.  Lower/mixed
case hash names are supported for compatibility.

    pam_oath: Fail gracefully for missing users.  Fixes
https://savannah.nongnu.org/support/index.php?109111.  This allows you to
incrementally add support for OATH authentication instead of forcing it on
all users.  See updated pam_oath/README on the [user_unknown=ignore
success=ok] parameter that can now be supplied to PAM configuration.  Patch
by Antoine Beaupra

    Fix libpskc memory corruption bug.  Fixes
https://savannah.nongnu.org/support/?108736.  Thanks to David Woodhouse and
Jaroslav A karvada for report, self check and patch.

    Fix man pages.  Fixes https://savannah.nongnu.org/support/?108312.
Thanks to Jaroslav A karvada for the patch.

    Build fixes.

Version 2.6.3 (released 2020-11-07)

    pam_oath: Fix self-tests.

    build: Update gnulib. Fix compiler warnings.

    Doc fixes.

Version 2.6.2 (released 2016-08-27)

    doc: Version controlled source code repository moved to GitLab.

Version 2.6.1 (released 2015-07-31)

    liboath: Fix make check on 32-bit systems.  Report and patch by
Christian Hesse.

Version 2.6.0 (released 2015-05-19)

    liboath: Support TOTP with HMAC-SHA256 and HMAC-SHA512.  This adds new
APIs oath_totp_generate2, oath_totp_validate4 and
oath_totp_validate4_callback.

    oathtool: The --totp parameter now take an optional argument to specify
MAC.  For example use --totp=sha256 to use HMAC-SHA256.  When --totp is used
the default HMAC-SHA1 is used, as before.

    pam_oath: Mention in README that you shouldn???t use insecure keys.
Suggested by Robin.

    pam_oath: Check return value from strdup.  Patch by Eero Hakkinen.

    The files gdoc and expect.oath are now included in the tarball.
Suggested by Jaroslav A karvada.