Hi! This release contains a bunch of smaller fixes. ** libpskc: New --with-xmlsec-crypto-engine to hard-code crypto engine. Fixes <https://gitlab.com/oath-toolkit/oath-toolkit/-/issues/16>. Use it like --with-xmlsec-crypto-engine=gnutls or --with-xmlsec-crypto-engine=openssl if the default dynamic loading fails because of runtime linker search path issues.
** oathtool --totp --verbose now prints TOTP hash mode. Fixes <https://gitlab.com/oath-toolkit/oath-toolkit/-/issues/4>. ** oathtool: Hash names (e.g., SHA256) for --totp are now upper case. Fixes <https://gitlab.com/oath-toolkit/oath-toolkit/-/issues/3>. Lower/mixed case hash names are supported for compatibility. ** pam_oath: Fail gracefully for missing users. Fixes <https://savannah.nongnu.org/support/index.php?109111>. This allows you to incrementally add support for OATH authentication instead of forcing it on all users. See updated pam_oath/README on the '[user_unknown=ignore success=ok]' parameter that can now be supplied to PAM configuration. Patch by Antoine Beaupré <[email protected]>. ** Fix libpskc memory corruption bug. Fixes <https://savannah.nongnu.org/support/?108736>. Thanks to David Woodhouse and Jaroslav Škarvada for report, self check and patch. ** Fix man pages. Fixes <https://savannah.nongnu.org/support/?108312>. Thanks to Jaroslav Škarvada for the patch. ** Build fixes. Happy hacking, Simon The OATH Toolkit makes it easy to build one-time password authentication systems. It contains shared libraries, command line tools and a PAM module. Supported technologies include the event-based HOTP algorithm (RFC4226) and the time-based TOTP algorithm (RFC6238). OATH stands for Open AuTHentication, which is the organization that specify the algorithms. For managing secret key files, the Portable Symmetric Key Container (PSKC) format described in RFC6030 is supported. The components included in the package is: * liboath: A shared and static C library for OATH handling. * oathtool: A command line tool for generating and validating OTPs. * pam_oath: A PAM module for pluggable login authentication for OATH. * libpskc: A shared and static C library for PSKC handling. * pskctool: A command line tool for manipulating PSKC data. The project's web page is available at: https://www.nongnu.org/oath-toolkit/ Documentation for the command line tools oathtool and pskctool: https://www.nongnu.org/oath-toolkit/oathtool.1.html https://www.nongnu.org/oath-toolkit/pskctool.1.html https://www.nongnu.org/oath-toolkit/libpskc-api/pskc-tutorial-pskctool.html Manual for PAM module: https://www.nongnu.org/oath-toolkit/pam_oath.html Liboath Manual: https://www.nongnu.org/oath-toolkit/liboath-api/liboath-oath.html Libpskc Manual https://www.nongnu.org/oath-toolkit/libpskc-api/pskc-reference.html If you need help to use the OATH Toolkit, or want to help others, you are invited to join our oath-toolkit-help mailing list, see: https://lists.nongnu.org/mailman/listinfo/oath-toolkit-help Here are the compressed sources of the entire package: https://download.savannah.nongnu.org/releases/oath-toolkit/oath-toolkit-2.6.4.tar.gz https://download.savannah.nongnu.org/releases/oath-toolkit/oath-toolkit-2.6.4.tar.gz.sig The software is cryptographically signed by the author using an OpenPGP key identified by the following information: pub ed25519 2019-03-20 [SC] [expires: 2021-01-24] B1D2 BD13 75BE CB78 4CF4 F8C4 D73C F638 C53C 06BE uid [ultimate] Simon Josefsson <[email protected]> The key is available from: https://josefsson.org/key-20190320.txt I have changed key since older releases, see my transition statement: https://blog.josefsson.org/2019/03/21/openpgp-2019-key-transition-statement/ https://blog.josefsson.org/2014/06/23/openpgp-key-transition-statement/ Here are the SHA-1 and SHA-224 checksums: bb3784c8e32cd3be2b2b95d1ed53607fbbe23200 oath-toolkit-2.6.4.tar.gz 316f359eb8616b23a48593f281d5b1d88874d307dd513b61c7eceda1 oath-toolkit-2.6.4.tar.gz General information on contributing: https://www.nongnu.org/oath-toolkit/contrib.html OATH Toolkit GitLab project page: https://gitlab.com/oath-toolkit/oath-toolkit OATH Toolkit Savannah project page: https://savannah.nongnu.org/projects/oath-toolkit/ Code coverage charts: https://oath-toolkit.gitlab.io/oath-toolkit/coverage/ Clang code analysis: https://oath-toolkit.gitlab.io/oath-toolkit/clang-analyzer/
signature.asc
Description: PGP signature
