Bug#1023855: TOTP module not enabled in slapd-contrib
Kees Meijs
post at keesmeijs.nl
Sat Nov 26 18:34:57 GMT 2022
Hello Ryan,
No worries. I'm glad you're helping out (with the backport as well) anyway.
My goal is support for RFC 6238 and the manual page you're referring to
states this is supported.
So yes: the built-in module should work fine and therefore the contrib
module is not needed in my use case.
Thanks again!
Cheers,
Kees
On 26-11-2022 03:06, Ryan Tandy wrote:
> Hi Kees,
>
> On Tue, Nov 22, 2022 at 11:14:43AM +0100, Kees Meijs wrote:
>> Unfortunately I didn't have time earlier, but I just managed to
>> install a new virtual machine using bookworm. After installing both
>> the slapd and slapd-contrib packages, I do not see the TOTP module.
>>
>> So no, it seems not to be included.
>
> Sorry if I wasn't clear. I agree the contrib totp module is not built.
>
> The slapd-otp(5) module, however, is:
>
> # dpkg-query -W slapd
> slapd 2.5.13+dfsg-2+b1
> # dpkg-query -L slapd | grep otp
> /usr/lib/ldap/otp-2.5.so.0.1.8
> /usr/lib/ldap/otp.la
> /usr/share/man/man5/slapo-otp.5.gz
> /usr/lib/ldap/otp-2.5.so.0
> /usr/lib/ldap/otp.so
>
> My understanding is that slapd-otp(5) supersedes and obsoletes the
> contrib module, providing a superset of its features (the man page
> mentions both TOTP and HMAC). That's why I asked if it meets your
> needs, or if you specifically need the contrib totp module. I'm not
> keen on shipping both unless there's a convincing reason.
>
> thanks, and sorry for the back-and-forth,
> Ryan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-openldap-devel/attachments/20221126/f7149ca7/attachment.htm>
More information about the Pkg-openldap-devel
mailing list