[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Otpasswd-talk] Re: Otpasswd tasks
|
From: |
Tomasz bla Fortuna |
|
Subject: |
Re: [Otpasswd-talk] Re: Otpasswd tasks |
|
Date: |
Sun, 27 Dec 2009 22:57:22 +0100 |
Dnia Sun, 27 Dec 2009 22:27:58 +0100
Tomasz bla Fortuna <address@hidden> napisał(a):
> Dnia Sun, 27 Dec 2009 14:11:13 -0600
> Hannes Beinert <address@hidden> napisał(a):
>
> > Hello Tomasz,
> >
> > I've been watching otpasswd develop before my eyes, and I was
> > wondering if there is anything I can do to help? The code has been
> > changing so quickly, that I really can't say I've been keeping up,
> > however I could perhaps see what I could do about test cases, or
> > writing/editing documentation, or whatever.
> >
> > One other thing I could offer some help with is perhaps packaging.
> > I'm no expert, but I've done some. Also, I have a Mac that I could
> > use to develop an OSX package with. Alternatively, I could give you
> > access to the Mac, too.
> >
> > Hannes.
> Hi,
>
> Thanks for this proposition. There're some things which can be done
> independently of the code, sure:
>
> 1) Testing. Needed ;-) But it would be better to wait until this
> global db works and I implement parts of policy... I'll create some
> tag briefly.
>
> And normal testing (using it) is fine, and you can thing about some
> testcases which can also be used (code coverage might help). e.g. OOB
> is not tested at all currently...
Thought about some things which needs tests though. This things can be
tested even now using some kind of recent commit (not necessary HEAD).
I'll type them down not to omit them:
1) Utility error messages. If they are clean and do not double (for
example some debugging ERROR first and then user "printf")
2) If it works ok if user manages to run out of available passcodes.
There's a special error state for this and messages but it's not well
tested. Also I'd check if -k won't ask to leave current state when user
has no further passcodes.
(In case of running out of passcodes user should be able to regenerate
key using the static password! I guess. And then send himself the next
key using OOB).
3) Reactions for incorrect state file (I've checked those but... there
might be still some error). For example contact field too long, null
characters inside contact field, too big counter value (>128bits),
illegal characters in contact/label fields, negative key, counter, etc.
4) I wonder now what will happen if printing "next" 6 passcards (-l
next) when at the end of available passcards. I'm not sure if it will
fail gracefully or rather overlap counter or end with some other error.
--
Tomasz bla Fortuna
jid: bla(at)af.gliwice.pl
pgp: 0x90746E79 @ pgp.mit.edu
www: http://bla.thera.be
signature.asc
Description: PGP signature