From 087b38496b28295f9837e2a515326b7f508a5a48 Mon Sep 17 00:00:00 2001 From: Jean Paul Galea Date: Wed, 15 Jul 2015 15:05:04 +0200 Subject: [PATCH] Cosmetic changes. --- ykval-config.php | 62 ++++++++++++++++++++++++++---------------------- 1 file changed, 34 insertions(+), 28 deletions(-) diff --git a/ykval-config.php b/ykval-config.php index ab20fc3..de45a34 100644 --- a/ykval-config.php +++ b/ykval-config.php @@ -27,11 +27,13 @@ # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -//ykval will use the configuration stored in /etc/yubico/val/config-db.php, if that file exists. If it does not exist, the below values will be used. - -if(file_exists('/etc/yubico/val/config-db.php')) { +// ykval will use the configuration stored in /etc/yubico/val/config-db.php, if that file exists. If it does not exist, the below values will be used. +if (file_exists('/etc/yubico/val/config-db.php')) +{ include '/etc/yubico/val/config-db.php'; -} else { +} +else +{ $dbuser='ykval_verifier'; $dbpass='yourpassword'; $basepath=''; @@ -41,22 +43,27 @@ if(file_exists('/etc/yubico/val/config-db.php')) { $dbtype='mysql'; } -# For the validation interface. +# for the validation interface. $baseParams = array (); $baseParams['__YKVAL_DB_DSN__'] = "$dbtype:dbname=$dbname;host=127.0.0.1"; # "oci:oracledb" for Oracle DB (with OCI library) $baseParams['__YKVAL_DB_USER__'] = $dbuser; $baseParams['__YKVAL_DB_PW__'] = $dbpass; $baseParams['__YKVAL_DB_OPTIONS__'] = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION); -# For the validation server sync -$baseParams['__YKVAL_SYNC_POOL__'] = array(/*"http://api2.example.com/wsapi/2.0/sync",*/ - /*"http://api3.example.com/wsapi/2.0/sync",*/ - /* "http://api4.example.com/wsapi/2.0/sync"*/); +# for the validation server sync +$baseParams['__YKVAL_SYNC_POOL__'] = array( + // "http://api2.example.com/wsapi/2.0/sync", + // "http://api3.example.com/wsapi/2.0/sync", + // "http://api4.example.com/wsapi/2.0/sync", +); + # An array of IP addresses allowed to issue sync requests # NOTE: You must use IP addresses here. -$baseParams['__YKVAL_ALLOWED_SYNC_POOL__'] = array(/*"1.2.3.4",*/ - /*"2.3.4.5",*/ - /*"3.4.5.6"*/); +$baseParams['__YKVAL_ALLOWED_SYNC_POOL__'] = array( + // "1.2.3.4", + // "2.3.4.5", + // "3.4.5.6", +); # An array of IP addresses allowed to issue YubiKey activation/deactivation # requests through ykval-revoke.php. NOTE: You must use IP addresses here. @@ -83,30 +90,29 @@ $baseParams['__YKVAL_SYNC_DEFAULT_TIMEOUT__'] = 1; # A key -> value array with curl options to set # when calling URLs defined in __YKVAL_SYNC_POOL__ $baseParams['__YKVAL_SYNC_CURL_OPTS__'] = array( - //CURLOPT_PROTOCOLS => CURLPROTO_HTTP, + //CURLOPT_PROTOCOLS => CURLPROTO_HTTP, ); # A key -> value array with curl options to set # when calling URLs returned by otp2ksmurls() $baseParams['__YKVAL_KSM_CURL_OPTS__'] = array( - //CURLOPT_PROTOCOLS => CURLPROTO_HTTP, + //CURLOPT_PROTOCOLS => CURLPROTO_HTTP, ); -// otp2ksmurls: Return array of YK-KSM URLs for decrypting OTP for -// CLIENT. The URLs must be fully qualified, i.e., contain the OTP -// itself. +// Returns an array of YK-KSM URLs for decrypting $otp for $client. +// The URLs must be fully qualified, i.e., containing the OTP itself. function otp2ksmurls ($otp, $client) { - //if ($client == 42) { - // return array("http://another-ykkms.example.com/wsapi/decrypt?otp=$otp"); - //} + //if ($client == 42) { + // return array("http://another-ykkms.example.com/wsapi/decrypt?otp=$otp"); + //} - //if (preg_match ("/^dteffujehknh/", $otp)) { - // return array("http://different-ykkms.example.com/wsapi/decrypt?otp=$otp"); - //} + //if (preg_match ("/^dteffujehknh/", $otp)) { + // return array("http://different-ykkms.example.com/wsapi/decrypt?otp=$otp"); + //} - return array( - //"http://ykkms1.example.com/wsapi/decrypt?otp=$otp", - //"http://ykkms2.example.com/wsapi/decrypt?otp=$otp", - "http://127.0.0.1/wsapi/decrypt?otp=$otp" - ); + return array( + // "http://ykkms1.example.com/wsapi/decrypt?otp=$otp", + // "http://ykkms2.example.com/wsapi/decrypt?otp=$otp", + "http://127.0.0.1/wsapi/decrypt?otp=$otp", + ); }