diff --git a/Readme.md b/Readme.md index 2845a2c64..8a9b3f5c2 100644 --- a/Readme.md +++ b/Readme.md @@ -25,4 +25,4 @@ There are two modules. Usually, you only need the files inside "lam". LAM is published under the GNU General Public License. The complete list of licenses can be found in the copyright file. -Copyright (C) 2003 - 2018 Roland Gruber \ No newline at end of file +Copyright (C) 2003 - 2019 Roland Gruber \ No newline at end of file diff --git a/lam-packaging/debian/copyright b/lam-packaging/debian/copyright index 5546d938a..e48bc7bc0 100644 --- a/lam-packaging/debian/copyright +++ b/lam-packaging/debian/copyright @@ -1,4 +1,4 @@ -This software is copyright (c) 2003 - 2018 by Roland Gruber +This software is copyright (c) 2003 - 2019 by Roland Gruber If you purchased a copy of LDAP Account Manager Pro then the following files are licensed under the conditions which you accepted at purchase @@ -199,6 +199,29 @@ B: OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +C: + + Redistribution and use in source and binary forms, with or without modification, + are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, this list + of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright notice, this + list of conditions and the following disclaimer in the documentation and/or other + materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE + OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + OF THE POSSIBILITY OF SUCH DAMAGE. + Programs and licenses with other licenses and/or authors than the main license and authors: @@ -206,6 +229,7 @@ main license and authors: lib/3rdParty/tcpdf/fonts/DejaVu*.ttf A Public Domain, Bitstream, Inc., Tavmjong Bah lib/3rdParty/tcpdf/fonts/DejaVu*.z A Public Domain, Bitstream, Inc., Tavmjong Bah lib/3rdParty/phpseclib B Jim Wigginton +lib/3rdParty/yubico/Yubico.php C 2015 Yubico AB templates/lib/*jquery*.js B 2018 jQuery Foundation and other contributors style/120_jquery-ui*.css B 2016 jQuery Foundation and other contributors templates/lib/*jquery-dropmenu-*.js B 2010 Fred Heusschen @@ -221,4 +245,3 @@ style/610_magnific-popup.css B 2016 Dmitry Semenov style/responsive/105_normalize.css B Nicolas Gallagher and Jonathan Neal style/responsive/110_grid.css B - diff --git a/lam/HISTORY b/lam/HISTORY index 7993f2e5c..e9ab58e56 100644 --- a/lam/HISTORY +++ b/lam/HISTORY @@ -1,3 +1,6 @@ +March 2019 + - Added YubiKey as 2-factor authentication provider + 28.12.2018 6.6 - New import/export in tools menu - YubiKey support diff --git a/lam/README b/lam/README index d2b3fcb26..d00576e27 100644 --- a/lam/README +++ b/lam/README @@ -15,7 +15,7 @@ LAM - Readme https://www.ldap-account-manager.org/ - Copyright (C) 2003 - 2018 Roland Gruber + Copyright (C) 2003 - 2019 Roland Gruber Installation and documentation: Please see the LAM manual in docs/manual/index.html. diff --git a/lam/copyright b/lam/copyright index 997cc63ed..f5b8159b7 100644 --- a/lam/copyright +++ b/lam/copyright @@ -1,4 +1,4 @@ -This software is copyright (c) 2003 - 2018 by Roland Gruber +This software is copyright (c) 2003 - 2019 by Roland Gruber If you purchased a copy of LDAP Account Manager Pro then the following files are licensed under the conditions which you accepted at purchase @@ -198,6 +198,29 @@ B: OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +C: + + Redistribution and use in source and binary forms, with or without modification, + are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, this list + of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright notice, this + list of conditions and the following disclaimer in the documentation and/or other + materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE + OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + OF THE POSSIBILITY OF SUCH DAMAGE. + Programs and licenses with other licenses and/or authors than the main license and authors: @@ -205,6 +228,7 @@ main license and authors: lib/3rdParty/tcpdf/fonts/DejaVu*.ttf A Public Domain, Bitstream, Inc., Tavmjong Bah lib/3rdParty/tcpdf/fonts/DejaVu*.z A Public Domain, Bitstream, Inc., Tavmjong Bah lib/3rdParty/phpseclib B Jim Wigginton +lib/3rdParty/yubico/Yubico.php C 2015 Yubico AB templates/lib/*jquery*.js B 2018 jQuery Foundation and other contributors style/120_jquery-ui*.css B 2016 jQuery Foundation and other contributors templates/lib/*jquery-dropmenu-*.js B 2010 Fred Heusschen diff --git a/lam/docs/manual-sources/chapter-configuration.xml b/lam/docs/manual-sources/chapter-configuration.xml index 28daadfb8..3f8271035 100644 --- a/lam/docs/manual-sources/chapter-configuration.xml +++ b/lam/docs/manual-sources/chapter-configuration.xml @@ -596,11 +596,53 @@ privacyIdea + + + YubiKey + - By default LAM will enforce to use a token and reject users that - did not setup one. You can set this check to optional. But if a user - has setup a token then this will always be required. + Configuration options: + + privacyIDEA: + + + + Base URL: please enter the URL of your privacyIDEA + instance + + + + YubiKey: + + + + Base URL: please enter the URL of your YubiKey verfication + server. For YubiKey cloud this is + "https://api.yubico.com/wsapi/2.0/verify". If you run a custom + verification API such as yubiserver then enter its URL (e.g. + http://www.example.com:8000/wsapi/2.0/verify). The URL needs to + end with "/wsapi/2.0/verify". + + + + Client id: this is only required for YubiKey cloud. You can + register here: https://upgrade.yubico.com/getapikey/ + + + + Secret key: this is only required for YubiKey cloud. You can + register here: https://upgrade.yubico.com/getapikey/ + + + + Optional: By default LAM will enforce to use a token and reject + users that did not setup one. You can set this check to optional. But + if a user has setup a token then this will always be required. + + Disable certificate check: This should be used on development + instances only. It skips the certificate check when connecting to + verification server. diff --git a/lam/docs/manual-sources/chapter-selfService.xml b/lam/docs/manual-sources/chapter-selfService.xml index ad73d464d..dba51c2b1 100644 --- a/lam/docs/manual-sources/chapter-selfService.xml +++ b/lam/docs/manual-sources/chapter-selfService.xml @@ -279,11 +279,51 @@ privacyIdea + + + YubiKey + - By default LAM will enforce to use a token and reject users that - did not setup one. You can set this check to optional. But if a user - has setup a token then this will always be required. + privacyIDEA: + + + + Base URL: please enter the URL of your privacyIDEA + instance + + + + YubiKey: + + + + Base URL: please enter the URL of your YubiKey verfication + server. For YubiKey cloud this is + "https://api.yubico.com/wsapi/2.0/verify". If you run a custom + verification API such as yubiserver then enter its URL (e.g. + http://www.example.com:8000/wsapi/2.0/verify). The URL needs to + end with "/wsapi/2.0/verify". + + + + Client id: this is only required for YubiKey cloud. You can + register here: https://upgrade.yubico.com/getapikey/ + + + + Secret key: this is only required for YubiKey cloud. You can + register here: https://upgrade.yubico.com/getapikey/ + + + + Optional: By default LAM will enforce to use a token and reject + users that did not setup one. You can set this check to optional. But + if a user has setup a token then this will always be required. + + Disable certificate check: This should be used on development + instances only. It skips the certificate check when connecting to + verification server. diff --git a/lam/docs/manual-sources/overview.xml b/lam/docs/manual-sources/overview.xml index 0fcedc6a0..fb88a1237 100644 --- a/lam/docs/manual-sources/overview.xml +++ b/lam/docs/manual-sources/overview.xml @@ -16,7 +16,7 @@ https://www.ldap-account-manager.org/ - Copyright (C) 2003 - 2018 Roland Gruber + Copyright (C) 2003 - 2019 Roland Gruber <post@rolandgruber.de> Key features: