From b9aaee97ab29d28d7670a044f35f61e85f70437f Mon Sep 17 00:00:00 2001 From: Karol Babioch Date: Fri, 4 May 2018 10:45:52 +0200 Subject: [PATCH] Remove double space after periods --- NEWS | 8 ++++---- README | 14 +++++++------- build-aux/config.rpath | 2 +- doc/Authentication_Using_Challenge-Response.adoc | 12 ++++++------ doc/Two_Factor_PAM_Configuration.adoc | 8 ++++---- doc/Ubuntu_FreeRadius_YubiKey.adoc | 2 +- doc/YubiKey_and_Radius_via_PAM.adoc | 6 +++--- doc/YubiKey_and_SSH_via_PAM.adoc | 6 +++--- m4/lib-ld.m4 | 2 +- m4/manywarnings.m4 | 2 +- m4/warnings.m4 | 2 +- pam_yubico.8.txt | 2 +- pam_yubico.c | 2 +- 13 files changed, 34 insertions(+), 34 deletions(-) diff --git a/NEWS b/NEWS index 0af2e84..18779cc 100644 --- a/NEWS +++ b/NEWS @@ -170,7 +170,7 @@ Reported and patched by Nanakos Chrysostomos . * Version 2.7 (released 2011-06-07) ** Make dependency on libykpers optional. -Use --without-cr to force it. Reported by Jussi Sallinen . +Use --without-cr to force it. Reported by Jussi Sallinen . * Version 2.6 (released 2011-04-11) @@ -200,7 +200,7 @@ fraser.scott@gmail.com. * Version 2.5 (released 2010-09-10) -** Wiki articles are now inclded in the archive. Same license as code. +** Wiki articles are now inclded in the archive. Same license as code. Reported by dmitrij.ledkov in Issue #30: . @@ -229,7 +229,7 @@ Reported by multiple people in Issue #11: ** New keyword "ldap_uri" added. This keyword is preferred over the old "ldapserver" keyword, and allows you to specify a complete LDAP URI instead of only the hostname -of your LDAP server. Contributed by Zubrick. +of your LDAP server. Contributed by Zubrick. ** Improved README. Contributed by Erinn Looney-Triggs . @@ -259,7 +259,7 @@ See . Earlier string handling may have been incorrect for short strings. ** Don't pass integers via pam_set_data/pam_get_data. -May solve problems on 64-bit platforms. Based on patch from +May solve problems on 64-bit platforms. Based on patch from forum.yubico.com. * Version 1.12 (released 2009-03-24) diff --git a/README b/README index 6b91c64..94b6026 100644 --- a/README +++ b/README @@ -2,7 +2,7 @@ image:https://travis-ci.org/Yubico/yubico-pam.svg?branch=master["Build Status", link="https://travis-ci.org/Yubico/yubico-pam"] The Yubico PAM module provides an easy way to integrate the YubiKey -into your existing user authentication infrastructure. PAM is used by +into your existing user authentication infrastructure. PAM is used by GNU/Linux, Solaris and Mac OS X for user authentication, and by other specialized applications such as NCSA MyProxy. @@ -23,8 +23,8 @@ this dependency. The development community is co-ordinated via https://github.com/Yubico/yubico-pam[the GitHub project page]. -The project is licensed under a BSD license. See the file COPYING for -exact wording. For any copyright year range specified as YYYY-ZZZZ in +The project is licensed under a BSD license. See the file COPYING for +exact wording. For any copyright year range specified as YYYY-ZZZZ in this package note that the range specifies every single year in that closed interval. @@ -213,13 +213,13 @@ verbose_otp:: authentication because that will display your password on the screen. This requires the service using the PAM module to - display custom fields. This option can not be used with OpenSSH. + display custom fields. This option can not be used with OpenSSH. ldap_uri:: specify the LDAP server URI (e.g. ldap://localhost). ldapserver:: specify the LDAP server host (default LDAP port is used). -_Deprecated. Use "ldap_uri" instead._ +_Deprecated. Use "ldap_uri" instead._ ldapdn:: specify the dn where the users are stored @@ -316,9 +316,9 @@ This is much the same concept as the SSH authorized_keys file. Obtaining the YubiKey token ID (a.k.a. public ID) ------------------------------------------------- -You can obtain the YubiKey token ID in several ways. One is by +You can obtain the YubiKey token ID in several ways. One is by removing the last 32 characters of any OTP (One Time Password) -generated with your YubiKey. Another is by using the +generated with your YubiKey. Another is by using the http://demo.yubico.com/php-yubico/Modhex_Calculator.php[modhex calculator]. Enter your YubiKey OTP and convert it, your YubiKey token ID is 12 diff --git a/build-aux/config.rpath b/build-aux/config.rpath index 85c2f20..9506a57 100755 --- a/build-aux/config.rpath +++ b/build-aux/config.rpath @@ -176,7 +176,7 @@ if test "$with_gnu_ld" = yes; then # Samuel A. Falvo II reports # that the semantics of dynamic libraries on AmigaOS, at least up # to version 4, is to share data among multiple programs linked - # with the same dynamic library. Since this doesn't match the + # with the same dynamic library. Since this doesn't match the # behavior of shared libraries on other platforms, we cannot use # them. ld_shlibs=no diff --git a/doc/Authentication_Using_Challenge-Response.adoc b/doc/Authentication_Using_Challenge-Response.adoc index 487de5f..389dc2e 100644 --- a/doc/Authentication_Using_Challenge-Response.adoc +++ b/doc/Authentication_Using_Challenge-Response.adoc @@ -14,7 +14,7 @@ for a YubiKey with serial number API readout enabled, and The PAM module supports a system-wide directory for these state files (in case the user's home directories are encrypted), but in a system-wide directory, the 'challenge' part should be replaced with the -username. Example: `/var/yubico/alice-123456`. +username. Example: `/var/yubico/alice-123456`. To use the system-wide mode, you currently have to move the generated state files manually and configure the PAM module accordingly. @@ -27,14 +27,14 @@ First install the package: $ sudo apt-get install libpam-yubico ------ -You will get a question about the PAM configuration line. Enter this +You will get a question about the PAM configuration line. Enter this line: ------ mode=challenge-response ------ -The next question will be about which PAM modules to enable. Don't +The next question will be about which PAM modules to enable. Don't enable anything just yet, because you need to program your YubiKey first. @@ -45,9 +45,9 @@ you may use this command: $ sudo dpkg-reconfigure libpam-yubico ------ -The next step is to add a challenge-response slot to your YubiKey. If +The next step is to add a challenge-response slot to your YubiKey. If you have a normal YubiKey with OTP functionality on the first slot, -you could add Challenge-Response on the second slot. You could have +you could add Challenge-Response on the second slot. You could have CR on the first slot, if you want. First, program a YubiKey for challenge response on Slot 2: @@ -126,7 +126,7 @@ and then create a log file: # chmod go+w /var/run/pam-debug.log ---- -and then tail the file. For successful logins it should print +and then tail the file. For successful logins it should print something like this: ---- diff --git a/doc/Two_Factor_PAM_Configuration.adoc b/doc/Two_Factor_PAM_Configuration.adoc index c0a14cf..e21a6ec 100644 --- a/doc/Two_Factor_PAM_Configuration.adoc +++ b/doc/Two_Factor_PAM_Configuration.adoc @@ -1,5 +1,5 @@ PAM configuration is somewhat complex, but a typical use-case is to -require both a password and YubiKey to allow access. This can be +require both a password and YubiKey to allow access. This can be achieved by a PAM configuration like this: ---- @@ -7,7 +7,7 @@ auth requisite pam_yubico.so id=42 auth required pam_unix.so use_first_pass ---- -The first line makes pam_yubico check the OTP. Use either a per-user +The first line makes pam_yubico check the OTP. Use either a per-user file called `~/.yubico/authorized_yubikeys`, or a system-wide file called `/etc/yubikey_mappings` to specify which YubiKeys that can be used to log in as specific users. See https://developers.yubico.com/yubico-pam[the README] @@ -18,12 +18,12 @@ module should check should be received from the earlier PAM modules and that the module should not query for passwords. Of course, if you use username/password verification from a SQL -database or LDAP, you need to change the second line above. But the +database or LDAP, you need to change the second line above. But the module you use needs to support 'use_first_pass' for this to work. Most modules support this. Be sure to comment out any other 'auth' lines in your PAM configuration, -unless you want those. For example, Debian contains a +unless you want those. For example, Debian contains a '@include common-auth' which would confuse the configuration. To log in, you now need to enter both your Unix password and enter an diff --git a/doc/Ubuntu_FreeRadius_YubiKey.adoc b/doc/Ubuntu_FreeRadius_YubiKey.adoc index 419eb04..ade47a6 100644 --- a/doc/Ubuntu_FreeRadius_YubiKey.adoc +++ b/doc/Ubuntu_FreeRadius_YubiKey.adoc @@ -57,7 +57,7 @@ Install FreeRadius: /etc/init.d/freeradius stop ------ -Next we configure FreeRadius. First add this to /etc/freeradius/users: +Next we configure FreeRadius. First add this to /etc/freeradius/users: ------ DEFAULT Auth-Type = pam diff --git a/doc/YubiKey_and_Radius_via_PAM.adoc b/doc/YubiKey_and_Radius_via_PAM.adoc index 33c313c..bcc6ac3 100644 --- a/doc/YubiKey_and_Radius_via_PAM.adoc +++ b/doc/YubiKey_and_Radius_via_PAM.adoc @@ -6,7 +6,7 @@ The purpose of this page is to collect all information needed to set up a Radius Details ------- -We currently use FreeRadius. The paths below may be specific to Debian's packages, please update this if you have paths for other systems. +We currently use FreeRadius. The paths below may be specific to Debian's packages, please update this if you have paths for other systems. Build pam_yubico and install FreeRadius --------------------------------------- @@ -39,7 +39,7 @@ In /etc/freeradius/radiusd.conf, check that 'pam' is uncommented in the 'authent Configure PAM for the Radius server ----------------------------------- -The PAM service is 'radiusd', and the configuration file is stored in /etc/pam.d/radiusd. Add something like: +The PAM service is 'radiusd', and the configuration file is stored in /etc/pam.d/radiusd. Add something like: auth sufficient pam_yubico.so id=16 debug @@ -55,4 +55,4 @@ Then invoke a test client as follows: $ radtest yubico vlrlcingbbkrctguicnijbegfjhrdhccefdthcuifkgr 127.0.0.1 0 pencil -If you get errors about non-existing user, you may need to create a Unix user 'yubico'. Whether this should be needed or not depends on PAM configuration. +If you get errors about non-existing user, you may need to create a Unix user 'yubico'. Whether this should be needed or not depends on PAM configuration. diff --git a/doc/YubiKey_and_SSH_via_PAM.adoc b/doc/YubiKey_and_SSH_via_PAM.adoc index dc49a82..b58a30d 100644 --- a/doc/YubiKey_and_SSH_via_PAM.adoc +++ b/doc/YubiKey_and_SSH_via_PAM.adoc @@ -94,11 +94,11 @@ Make sure you set `id=16` to the correct API-id for the yubico validation server After the above configuration changes, whenever a user connects to the server using any ssh client, the PAM authentication interface will pass the control to Yubico PAM module. The Yubico PAM module first checks the presence of authfile -argument in PAM configuration. If authfile argument is present, it parses the +argument in PAM configuration. If authfile argument is present, it parses the corresponding mapping file and verifies the username with corresponding YubiKey token id as configured in the mapping file. If valid, the Yubico PAM module extracts the OTP string and sends it to the Yubico authentication server -or else it reports failure. If authfile argument is present but the mapping +or else it reports failure. If authfile argument is present but the mapping file is not present at the provided path PAM module reports failure. After successful verification of OTP Yubico PAM module from the Yubico authentication server, a success code is returned. @@ -223,7 +223,7 @@ configuration. We assume that you have 'root' and 'test' user configured to access SSH on your test environment with password 'secret' and 'pencil' respectively. -Use any standard SSH client for testing (We used SSH command line utility). +Use any standard SSH client for testing (We used SSH command line utility). Try to login to server with SSH client as configured user: diff --git a/m4/lib-ld.m4 b/m4/lib-ld.m4 index e4863f2..008d6be 100644 --- a/m4/lib-ld.m4 +++ b/m4/lib-ld.m4 @@ -84,7 +84,7 @@ AC_CACHE_VAL([acl_cv_path_LD], test -z "$ac_dir" && ac_dir=. if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then acl_cv_path_LD="$ac_dir/$ac_prog" - # Check to see if the program is GNU ld. I'd rather use --version, + # Check to see if the program is GNU ld. I'd rather use --version, # but apparently some GNU ld's only accept -v. # Break only if it was the GNU/non-GNU ld that we prefer. case `"$acl_cv_path_LD" -v 2>&1 < /dev/null` in diff --git a/m4/manywarnings.m4 b/m4/manywarnings.m4 index 864fc85..391a683 100644 --- a/m4/manywarnings.m4 +++ b/m4/manywarnings.m4 @@ -9,7 +9,7 @@ dnl From Simon Josefsson # gl_MANYWARN_COMPLEMENT(OUTVAR, LISTVAR, REMOVEVAR) # -------------------------------------------------- # Copy LISTVAR to OUTVAR except for the entries in REMOVEVAR. -# Elements separated by whitespace. In set logic terms, the function +# Elements separated by whitespace. In set logic terms, the function # does OUTVAR = LISTVAR \ REMOVEVAR. AC_DEFUN([gl_MANYWARN_COMPLEMENT], [ diff --git a/m4/warnings.m4 b/m4/warnings.m4 index 28b8294..af6ec23 100644 --- a/m4/warnings.m4 +++ b/m4/warnings.m4 @@ -43,7 +43,7 @@ AS_VAR_POPDEF([gl_Warn])dnl # [PROGRAM = AC_LANG_PROGRAM()]) # --------------------------------------------- # Adds parameter to WARN_CFLAGS if the compiler supports it when -# compiling PROGRAM. For example, gl_WARN_ADD([-Wparentheses]). +# compiling PROGRAM. For example, gl_WARN_ADD([-Wparentheses]). # # If VARIABLE is a variable name, AC_SUBST it. AC_DEFUN([gl_WARN_ADD], diff --git a/pam_yubico.8.txt b/pam_yubico.8.txt index 62950da..013bcef 100644 --- a/pam_yubico.8.txt +++ b/pam_yubico.8.txt @@ -69,7 +69,7 @@ Show the One-Time Password when it is entered, i.e. to enable terminal echo of e The LDAP server URI (e.g. ldap://localhost). *ldap_server*=_server_:: -The LDAP server host (default LDAP port is used). *Deprecated. Use 'ldap_uri' instead.* +The LDAP server host (default LDAP port is used). *Deprecated. Use 'ldap_uri' instead.* *ldapdn*=_dn_:: The distinguished name (DN) where the users are stored (eg: ou=users,dc=domain,dc=com). If 'ldap_filter' is used this is the base from which the subtree search will be performed. diff --git a/pam_yubico.c b/pam_yubico.c index 2162560..8972dda 100644 --- a/pam_yubico.c +++ b/pam_yubico.c @@ -284,7 +284,7 @@ authorize_user_token_ldap (struct cfg *cfg, ldap_set_option (ld, LDAP_OPT_PROTOCOL_VERSION, &protocol); if (cfg->ldap_uri && cfg->ldap_cacertfile) { - /* Set CA CERTFILE. This makes ldaps work when using ldap_uri */ + /* Set CA CERTFILE. This makes ldaps work when using ldap_uri */ ldap_set_option (0, LDAP_OPT_X_TLS_CACERTFILE, cfg->ldap_cacertfile); } /* Bind anonymously to the LDAP server. */