Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

otpclient-4.4.1-1.2 RPM for x86_64

From OpenSuSE Tumbleweed for x86_64

Name: otpclient Distribution: openSUSE Tumbleweed
Version: 4.4.1 Vendor: openSUSE
Release: 1.2 Build date: Wed Mar 4 08:41:15 2026
Group: Productivity/Security Build host: reproducible
Size: 525804 Source RPM: otpclient-4.4.1-1.2.src.rpm
Packager: https://bugs.opensuse.org
Url: https://github.com/paolostivanin/otpclient
Summary: Simple GTK+ client for managing TOTP and HOTP
 
Highly secure and easy to use GTK+ software for two-factor authentication
that supports both Time-based One-time Passwords (TOTP) and
HMAC-Based One-Time Passwords (HOTP).

Provides

Requires

License

GPL-3.0-or-later

Changelog

* Wed Mar 04 2026 Paolo Stivanin <info@paolostivanin.com>
  - Update to 4.4.1:
    New Features
    * Add cross-desktop search provider for GNOME Shell and KDE Plasma 6 (KRunner). OTP codes are displayed directly in search results and copied via system notification on activation. Can be toggled in settings.
    * Add --password-file CLI option to read the password from an external file instead of stdin (thanks @kouta-kun)
    Security
    * Harden CLI password input: use read() with gcry_calloc_secure instead of fgets() to prevent password remnants in libc internal buffers. Disable all terminal echo modes and restore state via TCSAFLUSH.
    * Fix under-allocation of secure password buffer for multibyte UTF-8 passwords (g_utf8_strlen returns character count, not byte count)
    Bug Fixes
    * Fix copy-paste bug in Authenticator Pro export: "issuer" key was read instead of "label" when building the Username field
    * Fix secure-memory leak in get_otpauth_data: g_file_get_contents overwrote a gcrypt secure-buffer pointer with non-secure memory
    * Fix g_utf8_strdown() memory leak in URI parsing
    * Fix silent guint8 truncation of period/digits values; now validated with range checks
    * Add missing g_set_error() on five error paths in Aegis encrypted backup import
    * Fix salt and key_nonce leak on kdf_derive failure in Aegis export
    * NULL-guard json_string_value() results across URI parsing, Authenticator Pro, and Aegis modules
    * Unify hash type to guint32 in database layer (was mixing guint/guint32, potential issue on ILP64 platforms)
    * Remove duplicate json_object_set() for "secret" key in build_json_obj
    * Replace VLA stack buffers (salt, iv, tag) with heap allocations in get_data_from_encrypted_backup
    * Fix search provider: add missing gcrypt initialization, fix memory leaks, eliminate redundant Argon2id+AES256-GCM cycle in result activation
    * Improve --password-file error handling and terminal detection
    * Fixed Ctrl+F search not working due to premature key controller destruction.
    * Fixed GTK-CRITICAL assertions on close caused by accessing the tree view after widget destruction.
    Refactoring
    * Modernise application and window layer to GTK idioms: G_DECLARE_FINAL_TYPE, GtkEventControllerKey, configure-event for window-size tracking, proper dispose() for builder ownership
    * Split monolithic activate() into resolve_db_path(), load_db_with_password(), setup_ui_and_timers()
    * Extract config-misc.c/h utility module from window code
* Wed Feb 18 2026 Paolo Stivanin <info@paolostivanin.com>
  - Update to 4.3.1:
    * Made countdown colors configurable.
    * Added support for selecting the countdown display type (numeric value or cake-style).
    * Wired the validity countdown switch to disable color pickers when “show countdown as seconds” is enabled, and stored those widgets in the settings state for reuse in callbacks.
    * Added a dedicated handler to update color picker sensitivity whenever the display mode switch changes (including on dialog initialization).
    * Added persistence for tree view column widths by loading saved widths on startup and saving current widths to the configuration on shutdown.
    * Renamed the “OTP Value” column header to “OTP” and tagged columns with IDs to support width tracking.
    * Added polished empty-state screens with direct call-to-action buttons.
    * Improved consistency and clarity across menus, headers, and dialogs.
    * Enhanced OTP list readability with resizable columns, ellipsized labels, and monospace formatting.
    * Replaced the validity text column with a progress bar showing remaining TOTP time.
    * Switched visual indicators from bar-based to filled pie charts for clearer status at a glance.
    * Improved CLI usability and feedback.
    * Refactored the codebase to follow proper GTK coding patterns and lifecycle management.
    * Removed obsolete option-migration logic.
    * Added an explicit shutdown event.
    * Hardened shutdown cleanup to safely handle partially initialized components, avoiding GTK critical warnings while still persisting window state when possible.
* Sat Dec 27 2025 Paolo Stivanin <info@paolostivanin.com>
  - Update to 4.2.0:
    * ADDED: interactive search (ctrl-f)
    * IMPROVED: search now matches query against type, account label, and issuer uniformly
    * IMPROVED: Streamlined treeview model population to read JSON directly with safe defaults
    * IMPROVED: Simplified OTP update flow and tightened reorder/delete safety and cleanup
    * IMPROVED: Centralized app/db default initialization and early cleanup paths in app.c
    * IMPROVED: Tightened error handling by clearing config migration errors and freeing the config path
    * IMPROVED: Made early-exit cleanup safer by avoiding double-freeing the database key
    * IMPROVED: Added a helper to clear password entries and reset visibility on successful submit
    * IMPROVED: Cleared old/new password fields before the dialog closes to avoid brief exposure
    * IMPROVED: Initialized settings defaults when the config load fails and persisted them to otpclient.cfg
    * IMPROVED: Added warning dialog only when saving fallback defaults fails
    * IMPROVED: cli: improve robustness and correctness in string and file handling
    * FIXED: duplicate windows and tray icons on re-activation (#409)
* Fri May 09 2025 Paolo Stivanin <info@paolostivanin.com>
  - Update to 4.1.0:
    * ADDED: minimize to tray with ayatana-appindicator3 (#386 thanks a lot @len-foss)
    * IMPROVED: only show memlock warning dialog when secure memory is unavailable (#397)
    * IMPROVED: allow creating a database via CLI (#392)
    * FIX: allow using different databases in flatpak (#372)
    * CHANGED: dropped andOTP support
* Wed Aug 07 2024 Paolo Stivanin <info@paolostivanin.com>
  - Update to 4.0.2:
    * FIX: importing data on a first run (#376)
    * FIX: better error handling
    * IMPROVED: handling of memlock when too low
* Wed Jul 31 2024 Paolo Stivanin <info@paolostivanin.com>
  - Update to 4.0.1:
    * CHANGE: switch from PBKDF2 to Argon2id (#358).
      This change is completely transparent to the end user, therefore no action is required.
    * NEW: make Argon2id parameters configurable (#358)
    * NEW: add support for importing plain Aegis txt
    * FIX: various issues related to importing Aegis backups (#371)
    * FIX: improving handling of json files (#369)
    * FIX: parsing QR codes (#374)
    * FIX: show db parameters dynamically
    * FIX: add missing ui file to CMakeLists.txt
* Fri Jun 28 2024 Paolo Stivanin <info@paolostivanin.com>
  - Update to 3.7.0:
    * CHANGE: deleting a row, editing a row and showing the qr code
      is now done via right click on the target row (#359).
    * FIX: multiple fixes to QR handling (#364).
    * FIX: exporting to FreeOTP+ format (#367).
    * FIX: updated otpclient and otpclient-cli man pages (thanks @fvcr).
    * FIX: code more readable thanks to macros.
* Thu Mar 14 2024 Paolo Stivanin <info@paolostivanin.com>
  - Update to 3.6.0:
    * NEW: add possibility to import plain/encrypted backups
      using the CLI.
    * FIX: make GUI and CLI independent, so that CLI only can be built
      and installed without GTK being present.
    * FIX: check file size against memlock before importing a backup.
    * FIX: code cleanup and internal refactoring.
* Fri Mar 08 2024 Paolo Stivanin <info@paolostivanin.com>
  - Update to 3.5.2:
    * NEW: add possibility to export plain/encrypted
      Authenticator Pro/2FAS backups using the CLI.
    * FIX: improve popover layout.
    * FIX: exporting plaing Aegis via CLI.
    * FIX: cleanup code.
* Tue Mar 05 2024 Paolo Stivanin <info@paolostivanin.com>
  - Update to 3.5.1:
    * NEW: add back buttons to the various popover menus
    * FIX: split popovers into their own UI files
    * FIX: remove upgrade message when upgrading from a version older than 2.6.0
* Fri Mar 01 2024 Paolo Stivanin <info@paolostivanin.com>
  - Update to 3.5.0:
    * NEW: add support for importing and exporting plain/encrypted 2FAS backups (#322)
    * NEW: add support for importing and exporting plain/encrypted AuthenticatorPro backups (#322)
    * CHANGE: show warning when exporting a plain backup
    * CHANGE: remove support for older Glib and GCrypt
    * FIX: add 2fa keyword to the desktop file (#349)
    * FIX: remove custom keywords from metadata file (#348)
    * FIX: returning to a dialog won't crash the widget
* Mon Feb 12 2024 Paolo Stivanin <info@paolostivanin.com>
  - Update to 3.4.1:
    * FIX: FreeOTP+ export (thanks @hubnut)
* Sat Feb 10 2024 Paolo Stivanin <info@paolostivanin.com>
  - Update to 3.4.0:
    * NEW: CLI was completely refactored, and the options have changed.
      Be sure to check the new options using the help command (-h)
    * NEW: you can now specify a database when calling the CLI (#340)
    * FIX: handling errors when path and/or password is incorrect (#336)
    * FIX: prompt for file again, if needed (#335)
    * FIX: prevent about dialog from hiding
    * FIX: use system RNG as source of entropy
* Wed Feb 07 2024 Pablo Herranz Ramírez <pablo.herranz@suse.com>
  - Update to 3.3.0:
    * Set brackground to red when delete mode is entered
    * Fix base32 encoding/decoding
    * Requires libcotp >= 3.0
* Fri Nov 03 2023 Paolo Stivanin <info@paolostivanin.com>
  - Update to 3.2.1:
    * FIX: increase secure memory pool to 64 MB, if possible
    * FIX: parsing of big aegis encrypted json (#309)
    * FIX: better memory management
* Wed Oct 25 2023 Paolo Stivanin <info@paolostivanin.com>
  - Update to 3.2.0:
    * NEW: add file chooser dialog on export (#305).
    * FIX: overwrite exported file instead of appending it (#305).
    * FIX: exported file will be accessible only by the current user (#305).
    * FIX: multiple issues related to failed first launch (#303).
    * FIX: couple of issues with secret-service.
* Mon Jul 03 2023 Paolo Stivanin <info@paolostivanin.com>
  - Update to 3.1.9:
    * Fix db corruption when symbols are used (#301).
    * Fix crash when user changes db multiple times.
* Wed Jun 14 2023 Paolo Stivanin <info@paolostivanin.com>
  - Update to 3.1.8:
    * Fix importing Aegis plain text json (#296).
* Fri May 26 2023 Paolo Stivanin <info@paolostivanin.com>
  - Update to 3.1.7:
    * Add new Database info dialog (Hamburger menu -> Database info)
    * Fix crash when no row is selected (#295)
    * Fix UI when creating/changing a database
    * Multiple fixes when creating a new database
    * Use current db folder when creating/changing database
    * Fix memory leak in case of error when opening the settings dialog
* Wed Mar 22 2023 Paolo Stivanin <info@paolostivanin.com>
  - Update to 3.1.6:
    * Correctly quit the password dialog on export. This avoid dumping
      the database in plaintext format if the user presses either the
      cancel or close button.
* Wed Mar 15 2023 Paolo Stivanin <info@paolostivanin.com>
  - Update to 3.1.5:
    * allow db to be a symlink (fix #289)
* Fri Feb 10 2023 Paolo Stivanin <info@paolostivanin.com>
  - Update to 3.1.4:
    * make auto-lock and secret service mutually exclusive (#279)
    * fix importing plain AEGIS (#281)
    * fix importing encrypted AEGIS on some distros (#281)
    * rename disable_secret_service setting to use_secret_service
* Fri Jan 13 2023 Paolo Stivanin <info@paolostivanin.com>
  - Update to 3.1.3:
    * Fix Aegis import/export when using long pwds.
    * Fix secret service cleanup
    * Show the correct error message when import fails
    * Use g_utf8_strlen instead of strlen
    * Add libcotp >= 2.0 compatibility

Files

/usr/bin/otpclient
/usr/bin/otpclient-cli
/usr/bin/otpclient-search-provider
/usr/share/applications/com.github.paolostivanin.OTPClient.desktop
/usr/share/dbus-1/services/com.github.paolostivanin.OTPClient.KRunner.service
/usr/share/dbus-1/services/com.github.paolostivanin.OTPClient.SearchProvider.service
/usr/share/gnome-shell
/usr/share/gnome-shell/search-providers
/usr/share/gnome-shell/search-providers/com.github.paolostivanin.OTPClient.SearchProvider.ini
/usr/share/icons/hicolor/scalable/apps/com.github.paolostivanin.OTPClient-symbolic.svg
/usr/share/icons/hicolor/scalable/apps/com.github.paolostivanin.OTPClient.svg
/usr/share/krunner
/usr/share/krunner/dbusplugins
/usr/share/krunner/dbusplugins/com.github.paolostivanin.OTPClient.KRunner.desktop
/usr/share/man/man1/otpclient-cli.1.gz
/usr/share/man/man1/otpclient.1.gz
/usr/share/metainfo/com.github.paolostivanin.OTPClient.appdata.xml
/usr/share/otpclient
/usr/share/otpclient/add_popover.ui
/usr/share/otpclient/otpclient.ui
/usr/share/otpclient/security_settings.ui
/usr/share/otpclient/settings_popover.ui
/usr/share/otpclient/shortcuts.ui

Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Apr 21 22:32:08 2026