debian/0000755000000000000000000000000012253670606007175 5ustar debian/clean0000664000000000000000000000011711630240454010173 0ustar tests/bson/codec.pyc tests/bson/__init__.pyc tests/paths.pyc tests/pexpect.pyc debian/login-duo.postrm0000644000000000000000000000237011551144565012342 0ustar #!/bin/sh # postrm script for #PACKAGE# # # see: dh_installdeb(1) set -e # summary of how this script can be called: # * `remove' # * `purge' # * `upgrade' # * `failed-upgrade' # * `abort-install' # * `abort-install' # * `abort-upgrade' # * `disappear' # # for details, see http://www.debian.org/doc/debian-policy/ or # the debian-policy package case "$1" in remove) if dpkg-statoverride --list /usr/sbin/login_duo >/dev/null 2>&1; then dpkg-statoverride --remove /usr/sbin/login_duo fi ;; purge) if dpkg-statoverride --list /etc/security/login_duo.conf >/dev/null 2>&1; then dpkg-statoverride --remove /etc/security/login_duo.conf fi ;; upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) ;; *) echo "postrm called with unknown argument \`$1'" >&2 exit 1 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 debian/libpam-duo.prerm0000644000000000000000000000147211551140546012274 0ustar #!/bin/sh # prerm script for #PACKAGE# # # see: dh_installdeb(1) set -e # summary of how this script can be called: # * `remove' # * `upgrade' # * `failed-upgrade' # * `remove' `in-favour' # * `deconfigure' `in-favour' # `removing' # # for details, see http://www.debian.org/doc/debian-policy/ or # the debian-policy package case "$1" in remove) pam-auth-update --package --remove duo-unix ;; upgrade|deconfigure|failed-upgrade) ;; *) echo "prerm called with unknown argument \`$1'" >&2 exit 1 ;; esac #DEBHELPER# exit 0 debian/copyright0000644000000000000000000002464411663247736011152 0ustar Format: http://dep.debian.net/deps/dep5 Upstream-Name: duo_unix Source: https://github.com/duosecurity/duo_unix/downloads Files: * Copyright: 2010 Duo Security License: GPL-2+ with OpenSSL exception Files: autotools/stack-protector.m4 Copyright: 2007 Google Inc. License: Apache-2 Files: compat/bson.[ch] Copyright: 2009-2010 10gen Inc. License: Apache-2 Files: compat/asprintf.c Copyright: 2004 Darren Tucker 1997 Todd C. Miller License: ISC Files: compat/strlcpy.c Copyright: 1998 Todd C. Miller License: BSD-3-clause Files: compat/getgrouplist.c Copyright: 1991,1993 The Regents of the University of California License: BSD-3-clause Files: lib/urlenc.[ch] Copyright: 2010 Duo Security 1996-2010 Daniel Stenberg, License: ISC Files: lib/ini.[ch] Copyright: 2009 Brush Technology License: BSD-3-clause Files: pam_duo/pam_extra.c Copyright: 2005 Thorsten Kukuk License: BSDorGPL Files: pam_duo/testpam.c Copyright: 2004 Darren Tucker 2002 Networks Associates Technology, Inc. License: combined Files: debian/* Copyright: 2011 Kees Cook License: GPL-2+ License: GPL-2+ with OpenSSL exception Compiling, linking, and/or using OpenSSL is allowed. . Linking this library statically or dynamically with other modules is making a combined work based on this library. Thus, the terms and conditions of the GNU General Public License cover the whole combination. . As a special exception, the copyright holders of this library give you permission to link this library with independent modules to produce an executable, regardless of the license terms of these independent modules, and to copy and distribute the resulting executable under terms of your choice, provided that you also meet, for each linked independent module, the terms and conditions of the license of that module. An independent module is a module which is not derived from or based on this library. If you modify this library, you may extend this exception to your version of the library, but you are not obliged to do so. If you do not wish to do so, delete this exception statement from your version. . This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. . This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. License: GPL-2+ This package is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. . This package is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. . You should have received a copy of the GNU General Public License along with this program. If not, see . On Debian systems, the complete text of the GNU General Public License version 2 can be found in "/usr/share/common-licenses/GPL-2". License: ISC Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. . THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. . Except as contained in this notice, the name of a copyright holder shall not be used in advertising or otherwise to promote the sale, use or other dealings in this Software without prior written authorization of the copyright holder. License: BSD-3-clause Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: . * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of Brush Technology nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. . THIS SOFTWARE IS PROVIDED BY BRUSH TECHNOLOGY ''AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BRUSH TECHNOLOGY BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. License: Apache-2 Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at . http://www.apache.org/licenses/LICENSE-2.0 . Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. License: combined Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. . THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. . . Based in part on OpenSSH's auth-pam.c which is under the following copyright: . Copyright (c) 2002 Networks Associates Technology, Inc. All rights reserved. . This software was developed for the FreeBSD Project by ThinkSec AS and NAI Labs, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research program. . Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. . THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. License: BSDorGPL Adapted from Linux-PAM . Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, and the entire permission notice in its entirety, including the disclaimer of warranties. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The name of the author may not be used to endorse or promote products derived from this software without specific prior written permission. . ALTERNATIVELY, this product may be distributed under the terms of the GNU General Public License, in which case the provisions of the GPL are required INSTEAD OF the above restrictions. (This clause is necessary due to a potential bad interaction between the GPL and the restrictions contained in a BSD-style copyright.) . THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. debian/compat0000644000000000000000000000000211630235256010367 0ustar 9 debian/libpam-duo.manpages0000644000000000000000000000005011551117530012726 0ustar debian/tmp/usr/share/man/man8/pam_duo.8 debian/libduo3.manpages0000644000000000000000000000004411551117527012247 0ustar debian/tmp/usr/share/man/man3/duo.3 debian/source/0000755000000000000000000000000011551107344010467 5ustar debian/source/format0000644000000000000000000000001411551107344011675 0ustar 3.0 (quilt) debian/pam_duo.conf0000644000000000000000000000015511767144244011474 0ustar [duo] ; Duo API host host = api-eval.duosecurity.com ; Duo integration key ikey = ; Duo secret key skey = debian/README.Debian0000644000000000000000000000124211630262007011223 0ustar Once you have installed libpam-duo or login-duo, you will need to configure the /etc/security/pam_duo.conf or /etc/security/login_duo.conf files respectively with the Duo Security keys. To test the login_duo configuration, run as a regular user: $ login_duo echo YOU ROCK If this is successful, make sure the pam_duo configuration setting are valid, then you can enable the PAM module by updating the pam auth stack, and selecting it as the root user: # pam-auth-update To not skip this PAM module when using SSH, either enable "ChallengeResponseAuthentication=yes" in /etc/ssh/sshd_config or see "man duo", "man pam_duo", and "man login_duo" for more details. debian/libpam-duo.postinst0000644000000000000000000000155211551140446013030 0ustar #!/bin/sh # postinst script for #PACKAGE# # # see: dh_installdeb(1) set -e # summary of how this script can be called: # * `configure' # * `abort-upgrade' # * `abort-remove' `in-favour' # # * `abort-remove' # * `abort-deconfigure' `in-favour' # `removing' # # for details, see http://www.debian.org/doc/debian-policy/ or # the debian-policy package case "$1" in configure|abort-upgrade|abort-remove|abort-deconfigure) pam-auth-update --package ;; *) echo "postinst called with unknown argument \`$1'" >&2 exit 1 ;; esac #DEBHELPER# exit 0 debian/login-duo.docs0000644000000000000000000000003411630262373011735 0ustar README debian/README.Debian debian/control0000644000000000000000000000340512253665234010603 0ustar Source: duo-unix Priority: extra Maintainer: Kees Cook Build-Depends: debhelper (>= 9), dh-autoreconf, libcurl4-openssl-dev, libpam-dev, python Standards-Version: 3.9.5 Section: libs Homepage: https://github.com/duosecurity/duo_unix Package: libpam-duo Architecture: any Multi-Arch: same Pre-Depends: ${misc:Pre-Depends} Depends: ${shlibs:Depends}, ${misc:Depends}, libduo3 (= ${binary:Version}), libpam-runtime (>= 1.1.1-3~) Description: PAM module for Duo Security two-factor authentication This provides the PAM module needed to interact with the Duo Security API for handling out-of-band two-factor authentication. Also includes manpage. Package: login-duo Section: admin Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, libduo3 (= ${binary:Version}), openssh-server Description: login wrapper for Duo Security two-factor authentication This provides the login wrapper needed to interact with the Duo Security API for handling out-of-band two-factor authentication, mostly designed to be used along with global OpenSSH server configurations. Also includes manpage and configuration. Package: libduo3 Architecture: any Multi-Arch: same Pre-Depends: ${misc:Pre-Depends} Depends: ${shlibs:Depends}, ${misc:Depends} Description: Duo Security library This package provides the shared library used for making use of the Duo Security two-factor authentication functionality. Also includes manpage. Package: libduo-dev Section: libdevel Architecture: any Depends: libduo3 (= ${binary:Version}), ${misc:Depends} Description: Duo Security development libraries and header files This package provides the develpment libraries and header files needed to link against the Due Security library functions. Also includes the manpages for library functions. debian/pam-configs/0000755000000000000000000000000011551143652011374 5ustar debian/pam-configs/duo-unix0000644000000000000000000000021111551143106013053 0ustar Name: Duo Security two-factor authentication Default: no Priority: 100 Auth-Type: Additional Auth: [success=ok default=bad] pam_duo.so debian/patches/0000755000000000000000000000000012253664071010623 5ustar debian/patches/fix-configure-privsep-user.patch0000664000000000000000000000210712253663725017062 0ustar Description: it's possible that the "sshd" user will not exist in the build environment, so do not require it be present. Author: Kees Cook Index: duo-unix-1.9.6/configure.ac =================================================================== --- duo-unix-1.9.6.orig/configure.ac 2013-12-16 12:51:27.927520462 -0800 +++ duo-unix-1.9.6/configure.ac 2013-12-16 12:51:27.923520406 -0800 @@ -143,12 +143,13 @@ fi ] ) -if id "$DUO_PRIVSEP_USER" >/dev/null 2>&1; then - AC_MSG_NOTICE([Found privilege separation user "$DUO_PRIVSEP_USER"]) -else - DUO_PRIVSEP_USER="nobody" - AC_MSG_NOTICE([Using privilege separation user "nobody"]) -fi +#if id "$DUO_PRIVSEP_USER" >/dev/null 2>&1; then +# AC_MSG_NOTICE([Found privilege separation user "$DUO_PRIVSEP_USER"]) +#else +# DUO_PRIVSEP_USER="nobody" +# AC_MSG_NOTICE([Using privilege separation user "nobody"]) +#fi +AC_MSG_NOTICE([Using privilege separation user "$DUO_PRIVSEP_USER"]) AC_DEFINE_UNQUOTED(DUO_PRIVSEP_USER, "$DUO_PRIVSEP_USER", [Dedicated user for privilege separation]) AC_SUBST(DUO_PRIVSEP_USER) debian/patches/fix-test-preload.patch0000664000000000000000000000245512253663731015045 0ustar Description: Fully initialize testsuite's fake passwd entries, or else /bin/sh loses its mind. Author: Kees Cook Index: duo-unix-1.9.6/tests/groups_preload.c =================================================================== --- duo-unix-1.9.6.orig/tests/groups_preload.c 2013-12-16 12:51:27.903520119 -0800 +++ duo-unix-1.9.6/tests/groups_preload.c 2013-12-16 12:51:27.899520062 -0800 @@ -12,11 +12,11 @@ #include static struct passwd _passwd[5] = { - { "user1", NULL, 1000, 1000, .pw_shell = "/bin/sh" }, - { "user2", NULL, 1001, 100, .pw_shell = "/bin/sh" }, - { "admin1", NULL, 1002, 10, .pw_shell = "/bin/sh" }, - { "admin2", NULL, 1003, 1003, .pw_shell = "/bin/sh" }, - { "weirdo", NULL, 1004, 1004, .pw_shell = "/bin/sh" }, + { "user1", "*", 1000, 1000, .pw_gecos = "gecos", .pw_dir = "/", .pw_shell = "/bin/sh" }, + { "user2", "*", 1001, 100, .pw_gecos = "gecos", .pw_dir = "/", .pw_shell = "/bin/sh" }, + { "admin1", "*", 1002, 10, .pw_gecos = "gecos", .pw_dir = "/", .pw_shell = "/bin/sh" }, + { "admin2", "*", 1003, 1003, .pw_gecos = "gecos", .pw_dir = "/", .pw_shell = "/bin/sh" }, + { "weirdo", "*", 1004, 1004, .pw_gecos = "gecos", .pw_dir = "/", .pw_shell = "/bin/sh" }, }; /* Supplemental groups */ debian/patches/fix-manpage-dashes.patch0000664000000000000000000000167512253663735015326 0ustar Description: Fix manpage unescaped dashes. Author: Kees Cook Index: duo-unix-1.9.6/login_duo/login_duo.8 =================================================================== --- duo-unix-1.9.6.orig/login_duo/login_duo.8 2013-12-16 12:51:27.855519429 -0800 +++ duo-unix-1.9.6/login_duo/login_duo.8 2013-12-16 12:51:27.851519375 -0800 @@ -43,7 +43,7 @@ or .Ev SSH_ORIGINAL_COMMAND environment variable is specified, it will be executed via the user's -shell with a -c option. +shell with a \-c option. .Sh CONFIGURATION The INI-format configuration file must have a .Dq Li duo @@ -152,9 +152,9 @@ .Pa ~root/.ssh/authorized_keys : .Pp .Bd -literal -offset 8n -command="/usr/local/sbin/login_duo -f alice" +command="/usr/local/sbin/login_duo \-f alice" ssh-rsa AAAAB2...19Q== alice@example.net -command="/usr/local/sbin/login_duo -f bob" +command="/usr/local/sbin/login_duo \-f bob" ssh-dss AAAAC3...51R== bob@example.net .Ed .Pp debian/patches/series0000644000000000000000000000012112253664064012034 0ustar fix-manpage-dashes.patch fix-test-preload.patch fix-configure-privsep-user.patch debian/libpam-duo.install0000644000000000000000000000015011630235256012606 0ustar lib/*/security/pam_duo.so debian/pam-configs/* usr/share/pam-configs/ debian/pam_duo.conf etc/security/ debian/libpam-duo.lintian-overrides0000664000000000000000000000023111630235606014577 0ustar # expected; this file contains a secret key used to authenticate the challenge libpam-duo: non-standard-file-perm etc/security/pam_duo.conf 0600 != 0644 debian/rules0000755000000000000000000000076012253656235010262 0ustar #!/usr/bin/make -f # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) %: dh $@ --with autoreconf override_dh_auto_configure: dh_auto_configure -- --with-pam=/lib/$(DEB_HOST_MULTIARCH)/security \ --sysconfdir=/etc/security # Disable testsuite completely -- it is very broken on buildds override_dh_auto_test: override_dh_fixperms: dh_fixperms chmod 0600 debian/libpam-duo/etc/security/pam_duo.conf debian/libduo-dev.install0000644000000000000000000000007011630235256012610 0ustar usr/lib/*/libduo.so usr/lib/*/pkgconfig/* usr/include/* debian/libpam-duo.docs0000644000000000000000000000003411630261617012071 0ustar README debian/README.Debian debian/login-duo.postinst0000644000000000000000000000251311551144542012673 0ustar #!/bin/sh # postinst script for #PACKAGE# # # see: dh_installdeb(1) set -e # summary of how this script can be called: # * `configure' # * `abort-upgrade' # * `abort-remove' `in-favour' # # * `abort-remove' # * `abort-deconfigure' `in-favour' # `removing' # # for details, see http://www.debian.org/doc/debian-policy/ or # the debian-policy package case "$1" in configure) # Make sure the login_duo.conf file is only readable by the priv-sep # user and give priv-sep powers to the login_duo binary. if ! dpkg-statoverride --list /etc/security/login_duo.conf >/dev/null 2>&1; then dpkg-statoverride --update --add sshd root 0600 /etc/security/login_duo.conf fi if ! dpkg-statoverride --list /usr/sbin/login_duo >/dev/null 2>&1; then dpkg-statoverride --update --add root root 4755 /usr/sbin/login_duo fi ;; abort-upgrade|abort-remove|abort-deconfigure) ;; *) echo "postinst called with unknown argument \`$1'" >&2 exit 1 ;; esac #DEBHELPER# exit 0 debian/libduo3.install0000644000000000000000000000002711630261426012117 0ustar usr/lib/*/libduo.so.3* debian/changelog0000644000000000000000000000375012253670566011061 0ustar duo-unix (1.9.6-1) unstable; urgency=low * New upstream release. * watch: updated for new upstream location. * control, rules: enable autoreconf (Closes: 727363). * control: bump standards version, no changes needed. -- Kees Cook Mon, 16 Dec 2013 12:03:08 -0800 duo-unix (1.8-1) unstable; urgency=low * New upstream release. * debian/watch: fix uupdate typo. * debian/pam_duo.conf: remove minuid (Closes: 670302). * debian/control: bump standards version to 3.9.3, no changes needed. -- Kees Cook Sat, 16 Jun 2012 10:55:55 -0700 duo-unix (1.7-3) unstable; urgency=low * debian/copyright: fix lintian-detected format problems. * debian/patches/fix-configure-privsep-user.patch: do not require that privsep user exist in the build environment (Closes: 642421). -- Kees Cook Wed, 23 Nov 2011 11:11:09 -0800 duo-unix (1.7-2) unstable; urgency=low * debian/rules: disable testsuite; currently very broken on buildds (Closes: 640740). -- Kees Cook Wed, 07 Sep 2011 09:26:34 -0700 duo-unix (1.7-1) unstable; urgency=low * New upstream release. - drop fix-pam-destdir.patch, taken upstream. - drop openssl-license-exception.patch, taken upstream. * debian/watch: fix up new expected download location, add uupdate option. * Build for multi-arch. * debian/libpam-duo.lintian-overrides: explicitly allow mode 0600 config. * debian/control: add python as build-dep for tests. * debian/clean: remove .pyc files during clean-up. * debian/patches/fix-test-preload.patch: fix testsuite to not scare /bin/sh. -- Kees Cook Fri, 02 Sep 2011 13:17:20 -0700 duo-unix (1.5-2) unstable; urgency=low * debian/copyright: add missed entries, thanks to Charles Plessy. -- Kees Cook Fri, 15 Apr 2011 13:16:33 -0700 duo-unix (1.5-1) unstable; urgency=low * Initial release (Closes: 622404). -- Kees Cook Tue, 12 Apr 2011 16:13:44 -0700 debian/watch0000644000000000000000000000020012253656227010221 0ustar version=3 https://www.duosecurity.com/docs/checksums \ https://dl.duosecurity.com/duo_unix-(.*).tar.gz \ debian uupdate debian/login-duo.manpages0000644000000000000000000000005211551117535012601 0ustar debian/tmp/usr/share/man/man8/login_duo.8 debian/libduo3.symbols0000644000000000000000000000064212253663227012153 0ustar libduo.so.3 libduo3 #MINVER# duo_check_groups@Base 1.9.6 duo_close@Base 1.5 duo_common_ini_handler@Base 1.9.6 duo_config_default@Base 1.9.6 duo_debug@Base 1.9.6 duo_geterr@Base 1.5 duo_local_ip@Base 1.9.6 duo_log@Base 1.9.6 duo_login@Base 1.5 duo_open@Base 1.5 duo_parse_config@Base 1.5 duo_reset_conv_funcs@Base 1.9.6 duo_set_boolean_option@Base 1.9.6 duo_set_conv_funcs@Base 1.5 duo_syslog@Base 1.9.6 debian/README.source0000644000000000000000000000012711551110531011336 0ustar This package uses quilt to manage patches; see: /usr/share/doc/quilt/README.source debian/login-duo.install0000644000000000000000000000005711551153066012460 0ustar usr/sbin/login_duo etc/security/login_duo.conf