18 Jul
2019
18 Jul
'19
12:32 p.m.
gv@members.scinet.supercomputing.org wrote:
Full_Name: Greg Veldman Version: HEAD OS: CentOS 7 URL: https://scinet.supercomputing.org/~gv/slapd-totp.txt Submission from: (NULL) (128.210.189.74)
Improve the contrib/slapd-modules/passwd/totp module in the following ways:
- Add support for two-factor (password+OTP) authentication, where password can
be defined via any currently-supported scheme.
Your implementation of this feature is problematic, as it doesn't support setting the password using the PasswordModify exop. That seems to imply that users are required to generate their passwords using some other tool, and set them using a normal Modify op, but doing so is deprecated. Password changes should only be done using the PasswordModify exop.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/