yubikey-val
yubikey-val copied to clipboard
Yubico
YubiKey OTP validation server in PHP
https://github.com/Yubico/yubikey-val/blob/master/ykval-synclib.php#L94 Is this not a SQL injection vulnerability? `$res = $this->db->customQuery("SELECT id, secret FROM clients WHERE active='1' AND id='" . $client . "'");`
I ran [`psalm`](https://github.com/vimeo/psalm) against the repo, and it returns a few undefined constants, which give warnings in newer versions of PHP. This codebase relies on the old-PHP behavior of converting...
Hi, I've changed a PHP keyword to comply with [this standard](https://www.php-fig.org/psr/psr-2/#25-keywords-and-truefalsenull) in PSR2. It's admittedly a small fix but I hope it helps!
Hi, I'm trying to configure a local KSM and Val server, so that we can authenticate by SSH even if outgoing trafic is busted (routing issues or otherwise). Now, the...
According to https://secure.php.net/manual/en/function.curl-multi-info-read.php, "The data the returned resource points to will not survive calling curl_multi_remove_handle()." Therefore, it is better to call curl_multi_remove_handle() after we're finished with the handle's related info...
It seems some columns are missing from the GRANT statement in the documentation. This change adds active, created, yk_publicname and notes for SELECT and INSERT privileges. Otherwise, you'll get errors...
I have a cluster of validation servers and I would like to enabled/disable individual yubikeys cluster-wide. I found the [/revoke](https://developers.yubico.com/yubikey-val/Revocation_Service.html) endpoint, but that appears to only change the ``active`` flag...
Hi, I find the logging to /var/log/ykval.log (for the Validation server) and /var/log/auth.log (KSM, per the current out-of-the-box config) extremely verbose, and this might expose more info than desired in...
The documentation for yubikey-val and yubikey-ksm suggests to create a Logrotate file that contains this postrotate command: `invoke-rc.d rsyslog reload > /dev/null` Debian Wheezy no longer supports 'reload' here. The...