g...@members.scinet.supercomputing.org wrote: > Full_Name: Greg Veldman > Version: HEAD > OS: CentOS 7 > URL: https://scinet.supercomputing.org/~gv/slapd-totp.txt > Submission from: (NULL) (128.210.189.74) > > > Improve the contrib/slapd-modules/passwd/totp module in the following ways: > > - Add support for two-factor (password+OTP) authentication, where password can > be defined via any currently-supported scheme.
Your implementation of this feature is problematic, as it doesn't support setting the password using the PasswordModify exop. That seems to imply that users are required to generate their passwords using some other tool, and set them using a normal Modify op, but doing so is deprecated. Password changes should only be done using the PasswordModify exop. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
