Activity
From 12 January 2015 to 10 February 2015
08 February 2015
- 17:22 Fehler #40 (Erledigt): disable clients does not work
- 16:04 Fehler #40 (Erledigt): disable clients does not work
- all 0.1 beta an -rc releases misses this feature. will be fixed soon.
- 16:14 Feature #41 (In Bearbeitung): Add daemon mode to OTPme
- we need this for many features including cluster support.
06 February 2015
03 February 2015
- 21:43 Feature #22 (Erledigt): add option to force CTP usage
- 19:24 Feature #39 (Neu): add cluster support to OTPme
- it should be possible to cluster OTPme (failover and load balancing). using a concept similar to ganeti would be grea...
- 19:08 Feature #38 (Erledigt): add support for push-token (e.g. sms)
- there should be a token type, with a static password, that will generate an OTP for the user and send it via SMS.
* ...
02 February 2015
- 21:34 Feature #37 (Neu): implement support for different hash types for CTP generation in roundcube plugin
- the roundcube plugin should support different hash types for CTP generation which was added to OTPme (see parent ticket)
- 21:01 Feature #19 (Erledigt): following logout requests should not be counted as failed login
- 18:37 Feature #18 (Erledigt): add user authorization script
- added documentation to the wiki
- 18:37 Feature #17 (Erledigt): add token type that will call an external script for user authentication
- added documentation to the wiki
- 17:59 Feature #30 (Erledigt): add option to configure hash type for CTP and SLP generation
- 17:58 Feature #30 (Gelöst): add option to configure hash type for CTP and SLP generation
- 17:58 Feature #30: add option to configure hash type for CTP and SLP generation
- implemented for CTPs now. SLP is less important but may follow later...
01 February 2015
- 21:38 OTPme 0.1-rc2 release candiate available for download
- This version comes with a fix for the new feature "timeout pass on" introduced in the last -rc1 release (#35) and som...
- 20:54 Fehler #36 (Erledigt): setting group max_fail should disable locking
- 20:43 Fehler #36 (Erledigt): setting group max_fail should disable locking
- current behavior: when max_fail is set to 0 users are always locked for this group
desired behavior: when max_fail i... - 20:40 Fehler #35 (Erledigt): session timeout pass on is not done recursive
- 20:22 Fehler #35: session timeout pass on is not done recursive
- setting timeout to "0" should result in using default timeout values from main config
- 20:20 Fehler #35 (Erledigt): session timeout pass on is not done recursive
- session timeouts are only passed on to direct child sessions and not recursive.
- 00:50 Feature #32 (Erledigt): add sample config for openldap
31 January 2015
- 22:15 Fehler #34 (Erledigt): setting user description does not work
- 22:14 Fehler #34 (Erledigt): setting user description does not work
- otpme-user description admin "admin"
NameError: name 'get_val' is not defined
30 January 2015
28 January 2015
- 20:45 Feature #33 (In Bearbeitung): implement module to be used with freeradius rlm_python
- 18:52 Feature #33 (Erledigt): implement module to be used with freeradius rlm_python
- 19:01 Feature #9: add -f option to disable any user question for cli tools
- The 2nd wrote:
> cli tools should have a force (-f) option to disable user confirmation (needed for scripts)
this...
25 January 2015
- 20:38 Feature #33: implement module to be used with freeradius rlm_python
- this is now implemented for clear-text requests. ntlm/mschap request handling will follow until i got an answer from ...
- 19:18 Feature #33 (Erledigt): implement module to be used with freeradius rlm_python
- using a python module should perform better than calling otpme as a script via "exec" modul.
there are examples av... - 01:07 Feature #32 (Erledigt): add sample config for openldap
- slapd can authenticate users via saslauthd.
* user password needs to be set to "{SASL}username" (e.g. {SASL}joe)
... - 00:53 Feature #18: add user authorization script
- need documentation
24 January 2015
- 20:18 Feature #31 (Erledigt): child sessions should be identifiable via "otpme-session show"
- * indent child session names
* mark parent session ids with a tailing asterisk - 19:26 OTPme 0.1-rc1 release candiate available for download
- This version comes with some bugfixes and a new feature called "timeout pass on". You can enable this feature per acc...
- first release candidate for version 0.1
- 19:02 Feature #5 (Erledigt): child sessions should not inherit timeout values
- 15:56 Feature #30 (Erledigt): add option to configure hash type for CTP and SLP generation
- this should improve protection against dictionary attacks if someone was able to keylogg/sniff both, the OTP and the ...
- 14:51 Feature #10 (Erledigt): implement otpme-token show
- 14:49 Feature #29 (Neu): add support for mod_auth_pubtkt
see https://neon1.net/mod_auth_pubtkt/ for infos
* generate login page with python?
** add support for CTP and ...- 14:46 Feature #28 (Neu): add phpmyadmin sample config
- https://wiki.phpmyadmin.net/pma/Auth_types
* auth_type signon looks promising
** use e.g. mod_auth_radius for aut... - 14:35 Feature #27 (Neu): add sample config for mysql using pam_radius
- http://dev.mysql.com/doc/refman/5.5/en/pam-authentication-plugin.html
- 14:32 Feature #26 (Neu): add sample config for openvpn authentication
- - use radius to pass credentials to OTPme?
- openvpn plugin exists but unmaintained?
- writing a auth script should... - 00:20 Feature #24 (Erledigt): add bash completion for OTPme commands
23 January 2015
- 23:28 Feature #25 (In Bearbeitung): add "force token type" to groups
- we should be able to force specific token types per group to prevent an admin from adding a token with the wrong type...
- 18:33 Feature #24 (Erledigt): add bash completion for OTPme commands
- command completion is a must for cool projects ;)
- 00:01 Feature #18: add user authorization script
- need to implement per user authorization script....
22 January 2015
- 22:12 Feature #23 (Erledigt): modify log_passwords feature for logging of all auth infos (e.g. challenge/response)
- 19:59 Feature #23 (Erledigt): modify log_passwords feature for logging of all auth infos (e.g. challenge/response)
- valid auth info variables:
- password
- otp
- trust password
- otp that was used to generate the trust password
... - 19:39 Feature #17: add token type that will call an external script for user authentication
- implemented but needs testing and docu...
21 January 2015
- 23:58 Feature #22 (Erledigt): add option to force CTP usage
- - per client
- and per group?
19 January 2015
- 21:34 Fehler #21 (Erledigt): under some circumstances not all child sessions get created
- 21:33 Fehler #21 (Erledigt): under some circumstances not all child sessions get created
- there is a wrong use of "break loop" instead of "continue" in Session().create_child_sessions()
18 January 2015
- 13:38 Feature #20 (Erledigt): add --version
- 02:10 Feature #20 (Erledigt): add --version
- OTPme should know it's own version ;)
- 01:53 Feature #19 (Erledigt): following logout requests should not be counted as failed login
- logout requests should not count up failcount!
but we cannot detect them for requests if there exists no session (be... - 01:49 Fehler #16 (Erledigt): OTPme should handle missing config file parameters
- 01:27 Feature #18 (Erledigt): add user authorization script
- * pass variables to script
** request type
** username
** password, challenge/response and/or password hash? make ... - 01:22 Feature #17 (Erledigt): add token type that will call an external script for user authentication
- * pass variables to script
** request type? or should we add two scripts (clear-text and ntlm)?
** username
** pas... - 00:34 Fehler #8 (Erledigt): make sure there is only one session master in parent > child tree
- 00:31 Feature #11 (Erledigt): add min_len, max_len and default_len for static password tokens
17 January 2015
- 14:47 Fehler #16 (Erledigt): OTPme should handle missing config file parameters
- - missing mandatory options should raise an exception
- missing non-mandatory options should lead to using a default...
16 January 2015
- 15:02 Feature #12 (Erledigt): add sort feature to show_sessions()
- 01:11 Feature #13 (Erledigt): sessions should be grouped by parent/child relation in show_sessions()
- 00:03 Fehler #15 (Erledigt): find_free_uuid() does not check session uuids
- 00:00 Fehler #15 (Erledigt): find_free_uuid() does not check session uuids
- find_free_uuid() does not verify if the new generated uuid is used by a session which may lead to duplicate uuids
15 January 2015
- 21:52 Fehler #14 (Erledigt): adding child group or session does not work if child group name is a part of parent group name
- 20:30 Fehler #14 (Gelöst): adding child group or session does not work if child group name is a part of parent group name
- 20:25 Fehler #14 (Erledigt): adding child group or session does not work if child group name is a part of parent group name
example:
# otpme-group add_child webmail mail
Cannot add a group as child group of itself.
Cannot add a group as...
14 January 2015
- 18:26 Feature #2: add auto-disable option for users
- disabling user, token etc. should also be possible after being unused for a give time, just like with sessions.
- 18:16 Feature #5: child sessions should not inherit timeout values
- maybe we should also add an per access group option to "push" timeout values to child sessions?
- 18:14 Feature #13 (Erledigt): sessions should be grouped by parent/child relation in show_sessions()
- - parent session on top
- child sessions sorted by sort feature (see parent task) - 18:12 Feature #12 (Erledigt): add sort feature to show_sessions()
- by default newest sessions should be on top of list
- 18:09 Feature #11 (Erledigt): add min_len, max_len and default_len for static password tokens
min_len -> password shorter than min_len cannot be set and will be rejected before checking (for clear-text request...- 18:04 Feature #10 (Erledigt): implement otpme-token show
- otpme-token should be able to list all tokens or by user or by group!?
- 18:01 Feature #9 (In Bearbeitung): add -f option to disable any user question for cli tools
- cli tools should have a force (-f) option to disable user confirmation (needed for scripts)
- 17:59 Fehler #8 (Erledigt): make sure there is only one session master in parent > child tree
- modification needed in:
- add_child_session()
- enable_session_master()
- 17:57 Feature #7 (Abgewiesen): add ability to move a token from one user to another
- - remove token UUID from current user token list
- change owner of token
- add token UUID to new user token list - 17:34 Feature #6 (Erledigt): add max_sessions feature to access groups
- 17:34 Feature #6 (Erledigt): add max_sessions feature to access groups
- it should be possible to configure max concurrent OTP-Sessions per access group. this could be used for e.g. roundcub...
13 January 2015
- 22:23 Feature #3 (Erledigt): add optional powered-by logo to roundcube plugin
- added logo with link to http://www.otpme.org/
Also available in: Atom