add support for pam_u2f to nixos pam module

This adds support for authenticating using a U2F device such as a yubikey neo.
author: Philip Potter <philip.g.potter@gmail.com> 2015-05-03 15:29:42 +0100
committer: Philip Potter <philip.g.potter@gmail.com> 2015-05-03 19:22:00 +0100
commit: 22167289794c080c50f092274de808543c7978c4 (patch)
tree: 990249295189b7e6ef0a2b215fbd0e2b4c15ae61 /pkgs
parent: 0f8203d120dc0bd88b205b5f6ed5409d6b1e06ac (diff)
download: nixpkgs-22167289794c080c50f092274de808543c7978c4.tar
nixpkgs-22167289794c080c50f092274de808543c7978c4.tar.gz
nixpkgs-22167289794c080c50f092274de808543c7978c4.tar.bz2
nixpkgs-22167289794c080c50f092274de808543c7978c4.tar.lz
nixpkgs-22167289794c080c50f092274de808543c7978c4.tar.xz
nixpkgs-22167289794c080c50f092274de808543c7978c4.tar.zst
nixpkgs-22167289794c080c50f092274de808543c7978c4.zip
4 files changed, 47 insertions, 1 deletions
diff --git a/pkgs/development/libraries/libu2f-host/default.nix b/pkgs/development/libraries/libu2f-host/default.nix
index f996216826a..cda18e4e9bd 100644
--- a/pkgs/development/libraries/libu2f-host/default.nix
+++ b/pkgs/development/libraries/libu2f-host/default.nix
@@ -12,7 +12,7 @@ stdenv.mkDerivation rec {
 
   meta = with stdenv.lib; {
     homepage = https://developers.yubico.com/libu2f-host;
-    description = "a C library and command-line tool thati mplements the host-side of the U2F protocol";
+    description = "A C library and command-line tool thati mplements the host-side of the U2F protocol";
     license = licenses.bsd2;
     platforms = platforms.unix;
     maintainers = with maintainers; [ wkennington ];
diff --git a/pkgs/development/libraries/libu2f-server/default.nix b/pkgs/development/libraries/libu2f-server/default.nix
new file mode 100644
index 00000000000..6ac4eb29d13
--- /dev/null
+++ b/pkgs/development/libraries/libu2f-server/default.nix
@@ -0,0 +1,20 @@
+{ stdenv, fetchurl, pkgconfig, json_c, hidapi, openssl, check }:
+
+stdenv.mkDerivation rec {
+  name = "libu2f-server-0.0.0";
+
+  src = fetchurl {
+    url = "https://developers.yubico.com/libu2f-server/Releases/libu2f-server-0.0.0.tar.xz";
+    sha256 = "1vdl3qavzfpi6p6h48zw17md9wykfzpay5c4l1c08id46m560wp0";
+  };
+
+  buildInputs = [ pkgconfig json_c hidapi openssl check ];
+
+  meta = with stdenv.lib; {
+    homepage = https://developers.yubico.com/libu2f-server/;
+    description = "A C library that implements the server-side of the U2F protocol";
+    license = licenses.bsd2;
+    platforms = platforms.unix;
+    maintainers = with maintainers; [ philandstuff ];
+  };
+}
diff --git a/pkgs/os-specific/linux/pam_u2f/default.nix b/pkgs/os-specific/linux/pam_u2f/default.nix
new file mode 100644
index 00000000000..458d171ec68
--- /dev/null
+++ b/pkgs/os-specific/linux/pam_u2f/default.nix
@@ -0,0 +1,22 @@
+{ pkgs, fetchurl, stdenv }:
+stdenv.mkDerivation rec {
+  name    = "pam_u2f-${version}";
+  version = "0.0.1";
+  src     = fetchurl {
+    url = "https://developers.yubico.com/pam-u2f/Releases/${name}.tar.gz";
+    sha256 = "0p1wia4nfw5h0pmy1lcgwsbrlm7z39v1n37692lgqfzyg1kmpv7l";
+  };
+  buildInputs = with pkgs; [ asciidoc autoconf automake docbook_xml_dtd_45 libtool libu2f-host libu2f-server libxml2 libxslt pkgconfig pam ];
+
+  installFlags = [
+    "PAMDIR=$(out)/lib/security"
+  ];
+
+  meta = with stdenv.lib; {
+    homepage = https://developers.yubico.com/pam-u2f/;
+    description = "A PAM module for allowing authentication with a U2F device";
+    license = licenses.bsd2;
+    platforms = platforms.unix;
+    maintainers = with maintainers; [ philandstuff ];
+  };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 920bbc00621..0eab47c68d4 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -6920,6 +6920,8 @@ let
 
   libu2f-host = callPackage ../development/libraries/libu2f-host { };
 
+  libu2f-server = callPackage ../development/libraries/libu2f-server { };
+
   libunistring = callPackage ../development/libraries/libunistring { };
 
   libupnp = callPackage ../development/libraries/pupnp { };
@@ -9573,6 +9575,8 @@ let
 
   pam_ssh_agent_auth = callPackage ../os-specific/linux/pam_ssh_agent_auth { };
 
+  pam_u2f = callPackage ../os-specific/linux/pam_u2f { };
+
   pam_usb = callPackage ../os-specific/linux/pam_usb { };
 
   paxctl = callPackage ../os-specific/linux/paxctl { };
author	Philip Potter <philip.g.potter@gmail.com>	2015-05-03 15:29:42 +0100
committer	Philip Potter <philip.g.potter@gmail.com>	2015-05-03 19:22:00 +0100
commit	22167289794c080c50f092274de808543c7978c4 (patch)
tree	990249295189b7e6ef0a2b215fbd0e2b4c15ae61 /pkgs
parent	0f8203d120dc0bd88b205b5f6ed5409d6b1e06ac (diff)
download	nixpkgs-22167289794c080c50f092274de808543c7978c4.tar nixpkgs-22167289794c080c50f092274de808543c7978c4.tar.gz nixpkgs-22167289794c080c50f092274de808543c7978c4.tar.bz2 nixpkgs-22167289794c080c50f092274de808543c7978c4.tar.lz nixpkgs-22167289794c080c50f092274de808543c7978c4.tar.xz nixpkgs-22167289794c080c50f092274de808543c7978c4.tar.zst nixpkgs-22167289794c080c50f092274de808543c7978c4.zip