I'm running my own validation server (privacyidea) and tried to use it with
[root@kolab-35 ~]# rpm -q roundcubemail-plugins-kolab roundcubemail-plugins-kolab-3.3-40.2.el7.kolab_wf.noarch
I couldn't save the yubico token, because the verification always failed.
Looking into the logs of my validation server showed that it wasn't even
connected. So I started to trace through kolab_2fa's code.
I have the following configuration in /etc/roundcubemail/kolab_2fa.inc.php:
$config['kolab_2fa_drivers'] = array('totp','yubikey'); $config['kolab_2fa_yubikey'] = array( 'clientid' => '23453', 'apikey' => '[redacted]=', 'hosts' => array('athene.jochen.org'), );
Bute kolab_2fa always used what was defined in Yubico.php:
class Yubikey extends Base { public $method = 'yubikey'; protected $config = array( 'clientid' => '42', 'apikey' => 'FOOBAR=', 'hosts' => null, );
The following patch fixes it for me:
--- plugins/kolab_2fa/lib/Kolab2FA/Driver/Yubikey.php.orig 2016-10-24 20:35:28.059469605 +0200 +++ plugins/kolab_2fa/lib/Kolab2FA/Driver/Yubikey.php 2016-10-24 20:42:08.281474612 +0200 @@ -27,11 +27,7 @@ { public $method = 'yubikey'; - protected $config = array( - 'clientid' => '42', - 'apikey' => 'FOOBAR=', - 'hosts' => null, - ); + protected $config = array(); protected $backend; @@ -42,6 +38,9 @@ {
Comments are welcome.