|
From: | Maxime de Roucy |
Subject: | [OATH-Toolkit-help] oath-toolkit patchs related to usersfile parsing & writing |
Date: | Sun, 25 Jan 2015 15:26:13 +0100 |
Hello, I would like to submit some patchs I made for oath-toolkit. I am not good in english so there may(/must) be some spelling in my comments. If you have any question on those patchs don't hesitate to ask. 0001-usersfile-rewrite ====================== I rewrite liboath/usersfile.c to lock and modify usersfile inplace instead of creating lock and temporary file. This patch is related to the problems already described in previous mails and bugs : * pam-oath, private usersfiles (feature request) * issue (bug?) in update_usersfile * RFE: Configurable lock file location (for SELinux compatiblity) : https://savannah.nongnu.org/support/?108723 I first did those patchs because I want to use pam_oath with postgres (which doesn't run as root). So I need the usersfile to have 660 permission, owner "root" and group "oath" (postgres is a member of oath). I take advantage of the code hacking to make some other changes (patchs 0002 & 0003). 0002-different-usersfile-field-5-if-HOTP-TOTP ============================================= As it is mansion in the userfile google specification, field 5 is different if the line is related to HOTP or TOTP. https://code.google.com/p/mod-authn-otp/wiki/UsersFile Currently that's not the case. This patch correct this issue and use the 5th field value to improve the TOTP replay verification. 0003-usersfile-fields-5-present-6-and-7-mandatory ================================================= This patch make the userfile 6th and 7th fields mandatory if the 5th field is present. That's simplified the code and make things more understandable (from my point of view :) ). -- Regards Maxime de Roucy
0001-usersfile-rewrite.patch
Description: Text Data
0002-different-usersfile-field-5-if-HOTP-TOTP.patch
Description: Text Data
0003-usersfile-fields-5-present-6-and-7-mandatory.patch
Description: Text Data
signature.asc
Description: This is a digitally signed message part
[Prev in Thread] | Current Thread | [Next in Thread] |