Skip to content

Releases: paolostivanin/OTPClient

v1.1.0

02 Feb 17:08
457122e
Compare
Choose a tag to compare

This release was mostly oriented around hardening the application.

Changelog:

  • port from json-glib to jansson. This brings a huge security improvement, because now all json operations are executed in Gcrypt's secure memory
  • master password can now be changed
  • window size is saved when the app is closed
  • force password to be at least 6 chars
  • when a wrong password is given, the app won't exit anymore. Instead, the user is asked for the password again
  • add a new menu button on the right that contains import, export and change password options

Full diff betwen v1.0.6 and v1.1.0

sha256: cf93aa21db03e821bd987e4471e1f35fae5c846cc8482249c589ba51969cdc30

v1.0.6

08 Jan 21:00
a64d470
Compare
Choose a tag to compare
  • add a label on first start that explains why a password must be chosen
  • add more padding between the last entry and the buttons
  • add "How To Use" section into the README

sha256: 1f213de12d09c512944a2d13550e9e2439cbe638302b7eb54c75f93bb3451e07

v1.0.5

06 Jan 10:29
b051609
Compare
Choose a tag to compare
  • remove filesystem=home permission from flatpak manifest, so the app has only access to its folder. This means that the database location for flatpak users is fixed to /home/USER/.var/app/com.github.paolostivanin.OTPClient/data
  • prevent duplicates to be added on import
  • add copy feature. To copy an otp value, just double click on a ticked row. Please note that if you double click on a row that is not ticked, no value will be copied.
  • small fixes

sha256: e2cbea52b4c5574ad7cb06100b32a5b12947f6061dbee43177f5ac7802c8f226

v1.0.4

26 Dec 17:25
5f2d520
Compare
Choose a tag to compare
  • ask where to save the database on first start
  • update flatpak manifest and appdata.xml
  • add config file saved under $HOME/.config/otpclient.cfg

v1.0.3

26 Dec 14:51
93c0263
Compare
Choose a tag to compare
  • add max length to label (128 chars), issuer (128 chars) and secret (64 chars)
  • use current OS memlock limit to set max_file_size:
    When using Gcrypt's secure memory, the amount of needed memory must be
    greater than the current memlock OS limit (ulimit -l). On some systems,
    this value is very low (64 KB), thus causing the software to not even
    start. A few possibilities were evaluated:
    • use setcap on installation phase: easy, but not achievable with flatpak, appimage, and Co.
    • force the user to play with ulimit: cumbersome and absolutely not user-friendly
    • set the max available secure memory to the current system memlock value. This solution has been implemented. This has a small drawback though because if a user needs to store more than ~130 tokens (I'm talking about the worst case, so using max_length for label, account and issuer), then the user won't be able to do that, unless the user does something with either setcap (cap_ipc_lock+ep) or ulimit.
  • use glib to build the file path
  • update readme

v1.0.2

23 Dec 11:16
dca76e8
Compare
Choose a tag to compare
  • decrease secure memory pool to 256 KiB
  • clean up flatpak json
  • check mlockall return code
  • add "known issues" section to the readme
  • improve flatpak support

v1.0.1

22 Dec 09:29
cef4868
Compare
Choose a tag to compare

Small fixes related to flatpak:

  • add appdata file
  • change app id
  • add missing 'socket' parameter to flatpak json

v1.0.0

21 Dec 14:18
23190d6
Compare
Choose a tag to compare

First release of OTPClient, a GTK+ v3 software for securely managing TOTP and HOTP tokens.

Have a look at the README for more informations about this software.