Hello Ryan,
No worries. I'm glad you're helping out (with the backport as well) anyway.
My goal is support for RFC 6238 and the manual page you're referring to
states this is supported.
So yes: the built-in module should work fine and therefore the contrib
module is not needed in my use case.
Thanks again!
Cheers,
Kees
On 26-11-2022 03:06, Ryan Tandy wrote:
Hi Kees,
On Tue, Nov 22, 2022 at 11:14:43AM +0100, Kees Meijs wrote:
Unfortunately I didn't have time earlier, but I just managed to
install a new virtual machine using bookworm. After installing both
the slapd and slapd-contrib packages, I do not see the TOTP module.
So no, it seems not to be included.
Sorry if I wasn't clear. I agree the contrib totp module is not built.
The slapd-otp(5) module, however, is:
# dpkg-query -W slapd
slapd 2.5.13+dfsg-2+b1
# dpkg-query -L slapd | grep otp
/usr/lib/ldap/otp-2.5.so.0.1.8
/usr/lib/ldap/otp.la
/usr/share/man/man5/slapo-otp.5.gz
/usr/lib/ldap/otp-2.5.so.0
/usr/lib/ldap/otp.so
My understanding is that slapd-otp(5) supersedes and obsoletes the
contrib module, providing a superset of its features (the man page
mentions both TOTP and HMAC). That's why I asked if it meets your
needs, or if you specifically need the contrib totp module. I'm not
keen on shipping both unless there's a convincing reason.
thanks, and sorry for the back-and-forth,
Ryan
