[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Hotp-toolkit-help] Possible bug in HOTP / support for TOTP, OCRA?
From: |
Rick van Rein |
Subject: |
[Hotp-toolkit-help] Possible bug in HOTP / support for TOTP, OCRA? |
Date: |
Thu, 16 Dec 2010 10:39:54 +0000 |
User-agent: |
Mutt/1.5.11 |
Hello Simon/others,
Thanks for a well-done HOTP toolkit package and its proper documentation.
I had trouble getting it started, and the reason appears to be the "-" in the
proposed initial /etc/users.hotp file. To get the PAM module working, I had to
uncomment these lines from usersfile.c:
if (strcmp (p, "-") == 0 && *p != '\0')
return HOTP_BAD_PASSWORD;
if (strcmp (p, passwd) != 0)
return HOTP_BAD_PASSWORD;
Without it, I always got the HOTP_BAD_PASSWORD return. Looking at the code, I
was confused why the test *p != '\0' is done after strcmp (p, "0") == 0 as it
does not add anything? Possibly this code is mistaken?
I am uncertain about the purpose of this code, and am I the only one who cannot
get the PAM module going with the proposed initial /etc/users.hotp file? I used
the README-proposed contents:
HOTP root - 00
Also, I'd be interested to know if plans exist to support TOTP and OCRA.
Thanks again,
Rick van Rein
OpenFortress
- [Hotp-toolkit-help] Possible bug in HOTP / support for TOTP, OCRA?,
Rick van Rein <=