547794d58e
git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@804 185d5e19-27fe-0310-9dcf-9bff6b9f3609
30 lines
1 KiB
Text
30 lines
1 KiB
Text
Before the next release:
|
|
|
|
- Add oath_alloc_secure() which allocates memory using mmap() +
|
|
mlock() and oath_free_secure() which wipes and frees it.
|
|
|
|
- Move key management (locate keyfile, load various key formats,
|
|
write back after use) into liboath.
|
|
|
|
- Implement support for PSKC (RFC 6030) keyfiles.
|
|
|
|
- Implement OATH OCRA (RFC 6287) authentication.
|
|
|
|
- Determine and document level of compliance with the OATH HOTP /
|
|
TOTP / OCRA validation server profiles.
|
|
|
|
- Rewrite openpam_ttyconv(3).
|
|
- mostly done, needs review.
|
|
|
|
- Fix try_first_pass / use_first_pass (pam_get_authtok() code &
|
|
documentation are slightly incorrect, OpenPAM's pam_unix(8) is
|
|
incorrect, all FreeBSD modules are broken)
|
|
|
|
- Finish pam_oath(8) and oathkey(1).
|
|
|
|
- Add loop detection to openpam_load_chain().
|
|
|
|
- Look into the possibility of implementing a version of (or a
|
|
wrapper for) openpam_log() which respects the PAM_SILENT flag and
|
|
the no_warn module option. This would eliminate the need for
|
|
FreeBSD's _pam_verbose_error().
|