debian/0000755000000000000000000000000012167230114007163 5ustar debian/watch0000644000000000000000000000011511527030163010212 0ustar # Empty file as upstream doesn't release a versionned tarball at the moment. debian/clean0000644000000000000000000000001211527021064010162 0ustar *.la *.lo debian/authn_yubikey.load0000644000000000000000000000011611525045200012677 0ustar LoadModule authn_yubikey_module /usr/lib/apache2/modules/mod_authn_yubikey.so debian/rules0000755000000000000000000000050112167031705010244 0ustar #!/usr/bin/make -f %: dh $@ --with apache2 override_dh_clean: dh_clean [ ! -d .libs ] || rm -rf .libs/ override_dh_auto_build: apxs2 -DYK_PACKAGE=\\\"libapache2_mod_authn_yubikey\\\" \ -DYK_PACKAGE_VERSION=\\\"0.1\\\" -I. -Wc -c -lcurl \ mod_authn_yubikey.c libykclient.c libykclient.slo mod_authn_yubikey.slo debian/README.Debian0000644000000000000000000000607211527020222011225 0ustar libapache2-mod-authn-yubikey for Debian --------------------------------------- ################################ # Typical apache configuration # ################################ AuthType Basic AuthBasicProvider yubikey AuthName "Please Log In using your YubiKey" AuthYubiKeyTimeout 30 AuthYubiKeyTmpFile /etc/apache2/yubiDbTmp AuthYubiKeyUserFile /etc/apache2/yubiDb AuthYubiKeyExternalErrorPage Off Require valid-user ############################## # Add a user to the database # ############################## $ htpasswd -csb /etc/apache2/yubiDb token_id user:passwd ##################################################################### # mod_authn_yubikey provides the following configuration directives # ##################################################################### AuthYubiKeyTimeout (Default 43200 seconds [12h]) AuthYubiKeyTmpFile (Default conf/ykTmpDb) AuthYubiKeyUserFile (Default conf/ykUserDb) AuthYubiKeyRequireSecure (Default On) AuthYubiKeyExternalErrorPage (Default Off) * AuthYubiKeyTimeout The AuthYubiKeyTimeout directive specifies an absolute timeout since the user last logged in. This means, that if the timeout is set to 120 seconds, the user has to log in again after 120 seconds of using the page. This is a hard timeout which is not renewed as the user is working with the page. The default value is 43200 seconds (12h) * AuthYubiKeyTmpFile The AuthYubiKeyTmpFile directive specifies the temporary file which is used to store authenticated users. If a user successfully authenticates, the authentication time is stored within this file. It is used to determine when the user logged in last. The default value is $SERVER_ROOT/conf/ykTmpDb Remember, if you specify the location of the file, mention that if you configure it to /tmp on UNIX systems, that possibly everyone can view that file. * AuthYubiKeyUserFile The AuthYubiKeyUserFile directive is the file which is responsible for the tokenid/username mapping. Additionally it is required for users to be present with their Yubikey id within this file to access the site protected by mod_authn_yubikey. The default value is $SERVER_ROOT/conf/ykUserDb * AuthYubiKeyRequireSecure The AuthYubiKeyRequireSecure directive takes care of users using https with your selected target. This is especially useful if you are authenticating users with two factors (password AND yubikey), since the password and the token itself are just Base64 encoded when they are sent back to the server authenticating the user. The default value is On (secure connection required) * AuthYubiKeyExternalErrorPage The AuthYubiKeyExternalErrorPage directive let’s you specify an error page different from the built in error page, so that you are able to design your own. By using the ErrorDocument directive within your configuration you can even redirect the user to a site not residing on you machine. The default value is Off (built in error page used) -- Alexandre De Dommelin Thu, 10 Feb 2011 20:10:21 +0000 debian/copyright0000644000000000000000000000553511527030523011127 0ustar Format: http://dep.debian.net/deps/dep5 Upstream-Name: libapache2-mod-authn-yubikey Source: http://www.coffeecrew.org/software/yubikey-apache-plugin/ Files: * Copyright: 2008, Jens Frey License: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. . Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. . On Debian systems, the complete text of the Apache License version 2 can be found in "/usr/share/common-licenses/Apache-2.0". Files libykclient* Copyright: 2006, 2007, 2008, 2009 Yubico AB License: Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Files: debian/* Copyright: 2011 Alexandre De Dommelin License: GPL-2+ This package is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. . On Debian systems, the complete text of the GNU General Public License version 2 can be found in "/usr/share/common-licenses/GPL-2". debian/libapache2-mod-authn-yubikey.apache20000644000000000000000000000007512167031723015762 0ustar mod .libs/mod_authn_yubikey.so mod debian/authn_yubikey.load debian/source/0000755000000000000000000000000012167031400010460 5ustar debian/source/format0000644000000000000000000000001411525043062011672 0ustar 3.0 (quilt) debian/patches/0000755000000000000000000000000012167031651010617 5ustar debian/patches/apr-md5-include.patch0000644000000000000000000000070612167031650014530 0ustar Description: Include "apr_md5.h" for apr_password_validate Author: Colin Watson Forwarded: no Last-Update: 2013-07-09 Index: b/mod_authn_yubikey.c =================================================================== --- a/mod_authn_yubikey.c +++ b/mod_authn_yubikey.c @@ -30,6 +30,7 @@ #include "apr_strings.h" #include "apr_dbm.h" #include "apr_time.h" +#include "apr_md5.h" #include "http_core.h" #include "http_request.h" debian/patches/series0000644000000000000000000000002612167031412012025 0ustar apr-md5-include.patch debian/compat0000644000000000000000000000000211525043062010362 0ustar 7 debian/control0000644000000000000000000000151512167031673010601 0ustar Source: libapache2-mod-authn-yubikey Section: web Priority: extra Maintainer: Alexandre De Dommelin Build-Depends: debhelper (>= 7.0.50~), dh-apache2, apache2-dev, libcurl4-openssl-dev Standards-Version: 3.9.1 Homepage: http://www.coffeecrew.org/software/yubikey-apache-plugin/ Package: libapache2-mod-authn-yubikey Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, libcurl3 Description: Yubikey authentication provider for Apache The mod_authn_yubikey module is an authentication provider for the Apache platform. It leverages the YubiKey which is a small token that acts as an authentication device. . The mod_authn_yubikey module provides one and two factor authentication for your website and is completely independent from the technlogy that implements your website (like CGI, JSP or PHP). debian/changelog0000644000000000000000000000060212167230114011033 0ustar libapache2-mod-authn-yubikey (1.0-1.1) unstable; urgency=low * Non-maintainer upload. * Port to Apache 2.4 (closes: #666806). -- Colin Watson Wed, 10 Jul 2013 10:58:34 +0100 libapache2-mod-authn-yubikey (1.0-1) unstable; urgency=low * Initial release (Closes: #612810) -- Alexandre De Dommelin Thu, 10 Feb 2011 20:10:21 +0000