Red Hat Bugzilla – Full Text Bug Listing
|Summary:||Review Request: opie -- One-time Passwords In Everything|
|Product:||[Fedora] Fedora||Reporter:||David Woodhouse <dwmw2>|
|Component:||Package Review||Assignee:||Nobody's working on this, feel free to take it <nobody>|
|Status:||CLOSED NOTABUG||QA Contact:||Fedora Extras Quality Assurance <extras-qa>|
|Version:||rawhide||CC:||davidf, degts, fedora-package-review, felix, gauret, notting, opensource, sundaram|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2009-08-20 17:57:14 EDT||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Bug Depends On:|
Description David Woodhouse 2007-07-12 18:17:46 EDT
Spec URL: http://david.woodhou.se/opie.spec SRPM URL: http://david.woodhou.se/opie-2.4-1.fc8.src.rpm Description: OPIE is an implementation of the One-Time Password (OTP) System that is being considered for the Internet standards-track. OPIE provides a one-time password system. The system should be secure against the passive attacks now commonplace on the Internet (see RFC 1704 for more details). The system is vulnerable to active dictionary attacks, though these are not widespread at present and can be detected through proper use of system audit software.
Comment 1 David Woodhouse 2007-07-12 18:30:07 EDT
What should I put in the 'License' tag? http://dehs.alioth.debian.org/wwiz_detail.php?id=8454741&type=watch
Comment 2 Jason Tibbitts 2007-07-28 02:08:30 EDT
I took a quick look at this. Frankly I have no idea what should be used for the License: tag. spot has been doing much work in this area so perhaps you could ping him about it. There's no %check section but I guess the package runs a test suite at make time. It fails pretty badly for me: opietest: completed 13 tests. 5 tests passed, 2 tests skipped, 6 tests failed. opietest: please correct the following failures before attempting to use OPIE: opieatob8 opieetob opiegenerator opiehash(MD4) opiehash(MD5) opiekeycrunch The build does continue after that but it's still troubling. This is a mock build on x86_64 rawhide; perhaps there are 64 bit issues?
Comment 3 Till Maas 2007-09-06 08:38:33 EDT
In an i386 Fedora 7 mock buld I get: opietest: completed 13 tests. 11 tests passed, 2 tests skipped, 0 tests failed.
Comment 4 Till Maas 2007-09-06 08:56:38 EDT
On http://fedoraproject.org/wiki/Licensing the NRL License is listed and the license tag should be "BSD with advertising". The TIN License looks pretty similiar in vimdiff, so just ask spot to add the TIN License to the Licensing page. Btw. where does the opiessh.c come from? There are some compiler warnings because of a missing #include <unistd.h> and no return statement for main. I guess "return execv(argv,argv);" would be good enough.
Comment 6 Rahul Sundaram 2008-08-11 20:27:05 EDT
Hey, are you still interested in this package?
Comment 7 David Woodhouse 2008-08-12 03:48:10 EDT
Not particularly. I have no need for dealing with the idiocy that is SSH+S/Key any more. I have different idiocy to deal with... I don't mind maintaining the package though -- it should be fairly simple. I wrote opiessh.c, but I can't test it any more. You could, though :)
Comment 8 Jason Tibbitts 2009-07-14 18:17:02 EDT
This is very old, and I'm not sure what should happen with it. It seems at this point, with the test failures and license issue unresolved, that it would be better to just close this. If you do want to continue, however, could you address those issues and provide an updated package.
Comment 9 Felix Kaechele 2009-08-04 10:20:50 EDT
Upstream seems dead as well since their website doesn't work anymore.
Comment 10 Jason Tibbitts 2009-08-20 17:57:14 EDT
After another month, I'm going ahead and closing this.