[Freeipa-devel] [PATCH 0062] Use delete/add for OTP counter/watermark updates
Nathaniel McCallum
npmccallum at redhat.com
Mon Sep 15 19:08:14 UTC 2014
On Thu, 2014-08-28 at 22:54 -0400, Nathaniel McCallum wrote:
> This prevents any local attempt at rapid token code replay. If two
> token codes hit the system at roughly the same moment, only the
> first write will succeed. All subsequent authentications will fail.
>
> This obviates the need for an OTP authentication lock.
>
> https://fedorahosted.org/freeipa/ticket/4493
I still need a review of this. This is targeted for 4.1.
Nathaniel
More information about the Freeipa-devel
mailing list