This module allows you to use the Yubikey device to authenticate to the PAM system
This module allows you to use the Yubikey device to authenticate to the PAM system
- Sources inherited from project openSUSE:Leap:15.1
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Leap:15.1:ARM:Staging/pam_yubico && cd $_ - Create Badge
Refresh
Refresh
Source Files
| Filename | Size | Changed |
|---|---|---|
| baselib.conf | 0000000067 67 Bytes | |
| cloexec.patch | 0000003838 3.75 KB | |
| compiler-warnings-format-strings.patch | 0000002839 2.77 KB | |
| compiler-warnings-pointer.patch | 0000001377 1.34 KB | |
| leaking-file-descriptor.patch | 0000000592 592 Bytes | |
| pam_yubico-2.25.tar.gz | 0000422192 412 KB | |
| pam_yubico-2.25.tar.gz.sig | 0000000287 287 Bytes | |
| pam_yubico.changes | 0000009087 8.87 KB | |
| pam_yubico.spec | 0000002188 2.14 KB | |
| util_test-mkdtemp.patch | 0000001351 1.32 KB |
Revision 18 (latest revision is 25)
Ludwig Nussel (lnussel_factory)
accepted
request 597757
from
Karol Babioch (kbabioch)
(revision 18)
- Added patches:
- cloexec.patch: Harden file descriptor handling (boo#1089517)
- compiler-warnings-pointer.patch: Fix compiler warnings due to wrong pointer
casts (boo#1089518)
- compiler-warnings-format-strings.patch: Fix compiler warnings due to wrong
format string specifiers (boo#1089519)
- util_test-mkdtemp.patch: Use mkdtemp() instead of tempnam() (boo#1089520)
- leaking-file-descriptor.patch: Close the authfile before returning
to make sure no file descriptors are leaked (bsc#1088027).
- Version 2.25 (released 2018-03-27):
- Security: Storage of challenges in path with restricted permissions
- Perform OTP validation only if token is authorized
- Return early if the user has no authorized tokens
- Compare OTP IDs against `yubi_attr` only
- Add nullok support to challenge-response mode
- Several improvements to the documentation
- Improved debugging output and test cases
Comments 0