-
Notifications
You must be signed in to change notification settings - Fork 10
/
Copy pathChangeLog
84 lines (68 loc) · 3.74 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
2012-04-13 - YubiPAM 1.1.0
[*] Improvements
* ykpasswd. Fixed the delete function. Added option u for user and
made it mandatory. Removed the pointless update function.
* yk_chkpwd. Detect if a second factor passcode is needed.
* ykvalidate. Removed c option because it will detect if a second
factor passcode is needed.
* PAM. Removed option two_factor because it will detect if a second
factor passcode is needed and ask for it. Added option passcode_only
which will put the passcode in PAM AUTHTOK instead of the OTP and
passcode
* Made valgrind happy. Fixed some memory leaks
* Added PAM option debug and removed configure debug option
* Fixed getopt options and using getopt short only
* Moved some global variables to local
* Moved a lot of duplicated functions to yubikey_util.c
* Using syslog instead of pam_syslog for better portability
* Wrote own getline() function for better portability
* Using normal syslog for debugging
* Fixed a lot of typecast issues
* Added CFLAGS for -Wall option
* Let CHKPWD_HELPER use sbindir as path
* Cleaned up code and compiles clean
* Cleaned up autotools configuration
2008-09-26 - YubiPAM 1.0.4
[*] Improvements
* PAM. A small bug crept in with the introduction of yk_chkpwd. Use of
the pam_syslog function is apparently privvy to more recent systems.
The appropriate checks are now in place. - thanks Brian Gorka
2008-09-24 - YubiPAM 1.0.3
[*] Improvements
* yk_chkpwd. A new binary has been added to ensure complete usability
for all users. It was discovered that certain applications, such as
gnome-screensaver, with restricted privileges could not access the
Yubikey database. The new helper, akin to that of pam_unix, ensures
that the Yubikey database is readily accessible to these processes for
authentication. - thanks Geoff Hoff
* ykvalidate. Updates to the calling and using the new helper binary
allows for more intuitive usage of this binary.
* PAM. The default settings for echoing of the Yubikey OTP is now set to
silent, with verbose OTPs requiring the "verbose_otp" flag set int the
configuration file. Given that it is a "One Time" pad which will not be
used again, it merely follows the best practices of other non-OTP
configurations.
2008-09-08 - YubiPAM 1.0.2
[*] Improvements
* PAM. Fixed an issue when stacking YubiPAM with other modules. When
YubiPAM was stacked after another module it would retrieve the
authentication token from the preceding module and assume that as the
OTP when clearly it wasn't. - thanks Brian Gorka
* Documentation. Added clearer documentation on building and debugging
the YubiPAM code.
2008-09-03 - YubiPAM 1.0.1
[*] Improvements
* ykpasswd. Added additional flags to ease administration of inserting
to the database. The minimal flags now require adding a valid OTP and
it's corresponding AES key.
2008-08-03 - YubiPAM 1.0
[*] Initial Release
* Manual add/delete from database. Using the ykpasswd tool you can add
delete yubikey entries from the database (default: /etc/yubikey).
* Per user accounting. Supports indiviudal user account authorisation.
This is currently limited to one Yubikey dongle per user account.
* Single factor sign in. Currently only single factor (ie. Yubikey OTP)
is currently supported. There will be an additional second factor
password option added in the near future.
* Static heuristic support. Heuristic support for OTP data deltas is hard
coded. This will be changable in the next minor release.