diff options
author | Colin Watson <cjwatson@debian.org> | 2013-07-10 11:58:34 +0200 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2013-07-10 11:58:34 +0200 |
commit | f3705e92245a63de21301b6a9a2a4d7a6981cfdf (patch) | |
tree | 5d9e44016efff3db3d0241e50d2a86764ef7c82f /debian | |
parent | f9195fb953def110f074fef9d8ee400d073763ba (diff) | |
parent | 9357ecb0f81d7fba234989e0a9babc0ca8929fd6 (diff) |
libapache2-mod-authn-yubikey (1.0-1.1) unstable; urgency=low
* Non-maintainer upload.
* Port to Apache 2.4 (closes: #666806).
[dgit import unpatched libapache2-mod-authn-yubikey 1.0-1.1]
Diffstat (limited to 'debian')
-rw-r--r-- | debian/README.Debian | 82 | ||||
-rw-r--r-- | debian/authn_yubikey.load | 1 | ||||
-rw-r--r-- | debian/changelog | 12 | ||||
-rw-r--r-- | debian/clean | 2 | ||||
-rw-r--r-- | debian/compat | 1 | ||||
-rw-r--r-- | debian/control | 19 | ||||
-rw-r--r-- | debian/copyright | 60 | ||||
-rw-r--r-- | debian/libapache2-mod-authn-yubikey.apache2 | 2 | ||||
-rw-r--r-- | debian/patches/apr-md5-include.patch | 17 | ||||
-rw-r--r-- | debian/patches/series | 1 | ||||
-rwxr-xr-x | debian/rules | 13 | ||||
-rw-r--r-- | debian/source/format | 1 | ||||
-rw-r--r-- | debian/watch | 1 |
13 files changed, 212 insertions, 0 deletions
diff --git a/debian/README.Debian b/debian/README.Debian new file mode 100644 index 0000000..519d67b --- /dev/null +++ b/debian/README.Debian @@ -0,0 +1,82 @@ +libapache2-mod-authn-yubikey for Debian +--------------------------------------- + + +################################ +# Typical apache configuration # +################################ + +<Directory /var/www/foobar/> + AuthType Basic + AuthBasicProvider yubikey + AuthName "Please Log In using your YubiKey" + AuthYubiKeyTimeout 30 + AuthYubiKeyTmpFile /etc/apache2/yubiDbTmp + AuthYubiKeyUserFile /etc/apache2/yubiDb + AuthYubiKeyExternalErrorPage Off + Require valid-user +</Directory> + + + +############################## +# Add a user to the database # +############################## +$ htpasswd -csb /etc/apache2/yubiDb token_id user:passwd + + + +##################################################################### +# mod_authn_yubikey provides the following configuration directives # +##################################################################### + +AuthYubiKeyTimeout (Default 43200 seconds [12h]) +AuthYubiKeyTmpFile (Default conf/ykTmpDb) +AuthYubiKeyUserFile (Default conf/ykUserDb) +AuthYubiKeyRequireSecure (Default On) +AuthYubiKeyExternalErrorPage (Default Off) + + +* AuthYubiKeyTimeout +The AuthYubiKeyTimeout directive specifies an absolute timeout since the user +last logged in. This means, that if the timeout is set to 120 seconds, the user +has to log in again after 120 seconds of using the page. This is a hard timeout +which is not renewed as the user is working with the page. The default value is +43200 seconds (12h) + + +* AuthYubiKeyTmpFile +The AuthYubiKeyTmpFile directive specifies the temporary file which is used to +store authenticated users. If a user successfully authenticates, the +authentication time is stored within this file. It is used to determine when the +user logged in last. + The default value is $SERVER_ROOT/conf/ykTmpDb +Remember, if you specify the location of the file, mention that if you configure +it to /tmp on UNIX systems, that possibly everyone can view that file. + + +* AuthYubiKeyUserFile +The AuthYubiKeyUserFile directive is the file which is responsible for the +tokenid/username mapping. Additionally it is required for users to be present +with their Yubikey id within this file to access the site protected by +mod_authn_yubikey. + The default value is $SERVER_ROOT/conf/ykUserDb + + +* AuthYubiKeyRequireSecure +The AuthYubiKeyRequireSecure directive takes care of users using https with your +selected target. This is especially useful if you are authenticating users with +two factors (password AND yubikey), since the password and the token itself are +just Base64 encoded when they are sent back to the server authenticating the +user. + The default value is On (secure connection required) + + +* AuthYubiKeyExternalErrorPage +The AuthYubiKeyExternalErrorPage directive let’s you specify an error page +different from the built in error page, so that you are able to design your own. +By using the ErrorDocument directive within your configuration you can even +redirect the user to a site not residing on you machine. + The default value is Off (built in error page used) + + -- Alexandre De Dommelin <adedommelin@tuxz.net> Thu, 10 Feb 2011 20:10:21 +0000 diff --git a/debian/authn_yubikey.load b/debian/authn_yubikey.load new file mode 100644 index 0000000..bab8f7b --- /dev/null +++ b/debian/authn_yubikey.load @@ -0,0 +1 @@ +LoadModule authn_yubikey_module /usr/lib/apache2/modules/mod_authn_yubikey.so diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..794c612 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,12 @@ +libapache2-mod-authn-yubikey (1.0-1.1) unstable; urgency=low + + * Non-maintainer upload. + * Port to Apache 2.4 (closes: #666806). + + -- Colin Watson <cjwatson@debian.org> Wed, 10 Jul 2013 10:58:34 +0100 + +libapache2-mod-authn-yubikey (1.0-1) unstable; urgency=low + + * Initial release (Closes: #612810) + + -- Alexandre De Dommelin <adedommelin@tuxz.net> Thu, 10 Feb 2011 20:10:21 +0000 diff --git a/debian/clean b/debian/clean new file mode 100644 index 0000000..8ac4bf0 --- /dev/null +++ b/debian/clean @@ -0,0 +1,2 @@ +*.la +*.lo diff --git a/debian/compat b/debian/compat new file mode 100644 index 0000000..7f8f011 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +7 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..8d31e3c --- /dev/null +++ b/debian/control @@ -0,0 +1,19 @@ +Source: libapache2-mod-authn-yubikey +Section: web +Priority: extra +Maintainer: Alexandre De Dommelin <adedommelin@tuxz.net> +Build-Depends: debhelper (>= 7.0.50~), dh-apache2, apache2-dev, libcurl4-openssl-dev +Standards-Version: 3.9.1 +Homepage: http://www.coffeecrew.org/software/yubikey-apache-plugin/ + +Package: libapache2-mod-authn-yubikey +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends}, libcurl3 +Description: Yubikey authentication provider for Apache + The mod_authn_yubikey module is an authentication provider + for the Apache platform. It leverages the YubiKey which is + a small token that acts as an authentication device. + . + The mod_authn_yubikey module provides one and two factor + authentication for your website and is completely independent + from the technlogy that implements your website (like CGI, JSP or PHP). diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..bdee06a --- /dev/null +++ b/debian/copyright @@ -0,0 +1,60 @@ +Format: http://dep.debian.net/deps/dep5 +Upstream-Name: libapache2-mod-authn-yubikey +Source: http://www.coffeecrew.org/software/yubikey-apache-plugin/ + +Files: * +Copyright: 2008, Jens Frey +License: Apache-2.0 + Licensed under the Apache License, Version 2.0 (the "License"); you + may not use this file except in compliance with the License. + . + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied. See the License for the specific language governing + permissions and limitations under the License. + . + On Debian systems, the complete text of the Apache License version 2 + can be found in "/usr/share/common-licenses/Apache-2.0". + + +Files libykclient* +Copyright: 2006, 2007, 2008, 2009 Yubico AB +License: + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above + copyright notice, this list of conditions and the following + disclaimer in the documentation and/or other materials provided + with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND + CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS + BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR + TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + SUCH DAMAGE. + + +Files: debian/* +Copyright: 2011 Alexandre De Dommelin <adedommelin@tuxz.net> +License: GPL-2+ + This package is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + . + On Debian systems, the complete text of the GNU General + Public License version 2 can be found in "/usr/share/common-licenses/GPL-2". diff --git a/debian/libapache2-mod-authn-yubikey.apache2 b/debian/libapache2-mod-authn-yubikey.apache2 new file mode 100644 index 0000000..9f3aca1 --- /dev/null +++ b/debian/libapache2-mod-authn-yubikey.apache2 @@ -0,0 +1,2 @@ +mod .libs/mod_authn_yubikey.so +mod debian/authn_yubikey.load diff --git a/debian/patches/apr-md5-include.patch b/debian/patches/apr-md5-include.patch new file mode 100644 index 0000000..34a26fd --- /dev/null +++ b/debian/patches/apr-md5-include.patch @@ -0,0 +1,17 @@ +Description: Include "apr_md5.h" for apr_password_validate +Author: Colin Watson <cjwatson@debian.org> +Forwarded: no +Last-Update: 2013-07-09 + +Index: b/mod_authn_yubikey.c +=================================================================== +--- a/mod_authn_yubikey.c ++++ b/mod_authn_yubikey.c +@@ -30,6 +30,7 @@ + #include "apr_strings.h" + #include "apr_dbm.h" + #include "apr_time.h" ++#include "apr_md5.h" + #include "http_core.h" + #include "http_request.h" + diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..eaa70d4 --- /dev/null +++ b/debian/patches/series @@ -0,0 +1 @@ +apr-md5-include.patch diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..22a3a1d --- /dev/null +++ b/debian/rules @@ -0,0 +1,13 @@ +#!/usr/bin/make -f +%: + dh $@ --with apache2 + +override_dh_clean: + dh_clean + [ ! -d .libs ] || rm -rf .libs/ + +override_dh_auto_build: + apxs2 -DYK_PACKAGE=\\\"libapache2_mod_authn_yubikey\\\" \ + -DYK_PACKAGE_VERSION=\\\"0.1\\\" -I. -Wc -c -lcurl \ + mod_authn_yubikey.c libykclient.c libykclient.slo mod_authn_yubikey.slo + diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debian/watch b/debian/watch new file mode 100644 index 0000000..7c417d9 --- /dev/null +++ b/debian/watch @@ -0,0 +1 @@ +# Empty file as upstream doesn't release a versionned tarball at the moment. |