[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#9055) contrib/slapd-modules/passwd/totp improvements

To: openldap-its@OpenLDAP.org
Subject: (ITS#9055) contrib/slapd-modules/passwd/totp improvements
From: gv@members.scinet.supercomputing.org
Date: Thu, 18 Jul 2019 18:37:50 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Greg Veldman
Version: HEAD
OS: CentOS 7
URL: https://scinet.supercomputing.org/~gv/slapd-totp.txt
Submission from: (NULL) (128.210.189.74)


Improve the contrib/slapd-modules/passwd/totp module in the following ways:

- Add support for two-factor (password+OTP) authentication, where password can
be defined via any currently-supported scheme.
- Allow the OTP from the previous time window to be accepted, provided there has
been no successful bind in or after that time window.  This avoids false
authentication failures if for example the time window rolls over as the OTP is
being entered or transmitted.

The attached patch file is derived from OpenLDAP Software. All of the
modifications to OpenLDAP Software represented in the following patch(es) were
developed by Greg Veldman <gv@members.scinet.supercomputing.org>. I have not
assigned rights and/or interest in this work to any party.

I, Greg Veldman, hereby place the following modifications to OpenLDAP Software
(and only these modifications) into the public domain. Hence, these
modifications may be freely used and/or redistributed for any purpose with or
without attribution and/or other notice.

Prev by Date: Re: (ITS#8875) [Patch] Performance problems in back-mdb with large DITs and many aliases
Next by Date: Re: (ITS#9055) contrib/slapd-modules/passwd/totp improvements
Index(es):
- Chronological
- Thread