Full_Name: Peter Marschall Version: 2.4.42 OS: Linux URL: https://github.com/marschap/openldap/tree/contrib-totp Submission from: (NULL) (92.211.7.6) Hi, I have written some bugfixes & flexibilizations for the TOTP contrib module. You can find them in the github branch: https://github.com/marschap/openldap/tree/contrib-totp It differs from today's master by these commits: * https://github.com/marschap/openldap/commit/d67bffc4a361cecfce69fb4d14edb... contrib/passwd/totp: flexibilize decoding key In function totp_b32_pton() - allow lowercase characters in encoded string too - allow padding to be omitted (totally, not only parts) In function chk_totp() determine the space required to hold the decoded key by calling totp_b32_pton() with a NULL argument for the target. * https://github.com/marschap/openldap/commit/435976d4f2468946bd0c5081ce7e2... contrib/passwd/totp: fix the big-endian case For the big-endian case, 'msg' wasn't set from 'tval' in generate(). * https://github.com/marschap/openldap/commit/04c15b7b1e44d4d3167577702a8b7... contrib/passwd/totp: fix decoding when padding is used In totp_b32_pton(), correctly count the number of '=' padding chars at the end of the base-32 encoded string. Note: '*str++' evaluates *str first and increases str later! * https://github.com/marschap/openldap/commit/04c15b7b1e44d4d3167577702a8b7... contrib/passwd/totp: support compiling using nettle that change the file contrib/slapd-modules/passwd/totp/slapd-totp.c | 67 ++++++++++++++++++B%B++++++++++++++++++++++++++++++++++++------------ I'd appreciate if you include them into OpenLDAP. The referenced patch files are derived from OpenLDAP Software. All of the modifications to OpenLDAP Software represented in the following patch(es) were developedy y Peter Marschall <peter(a)adpm.de&gt;. I have not assigned rights and/or interest in this work to any party. The referenced modifications to OpenLDAP Software are subject to the following notice: Copyright 2015 Peter Marschall Redistribution and use in source and binary forms, with or without modification, are permitted only as authorized by the OpenLDAP Public License. Thanks in advance Peter