Yubico Forum
https://forum.yubico.com/

Hosting my own validation server - issues
https://forum.yubico.com/viewtopic.php?f=5&t=423		 Page 1 of 1
Author:  erpico [ Tue Oct 20, 2009 3:03 pm ]
Post subject:  Hosting my own validation server - issues
Hi.

First of all I would like to clarify my vision:

I want to host my own validation server. I have MSSQL 05 Db, and php 5.2.x
. I have downloaded and successfully implemented ksm. And now I am trying to run my validation server and I am failing all the time. The most recent issue is that in function
Code:
getAuthData($conn, $devId) {
   $publicName = modhex2b64($devId);
   $stmt =
     'SELECT id, active, counter, sessionUse, low, high, accessed '.
     'FROM ksm_yubikeys '.
     'WHERE publicName='.mssql_quote($publicName);
   $r = query($conn, $stmt);
   if (mssql_num_rows($r) > 0) {
      $row = mssql_fetch_array($r);
      mssql_free_result($r);
      return $row;
   }
   return null;
}

I get errors about invalid columns names 'counter' 'sessionUse' 'low' 'high' 'accessed'. And I know it is true, because my ksm_yubikeys table looks like this: [id] ,[serialNr] ,[publicName] ,[created] ,[internalName],[aesKey] ,[lockCode] ,[creator] ,[active] ,[hardware]. I though about creating a new table, but in this forum thread viewtopic.php?f=5&t=393 there is nothing about any additional data tables.
Thanks for any clues.
Author:  network-marvels [ Fri Oct 23, 2009 10:31 am ]
Post subject:  Re: Hosting my own validation server - issues
It seems that you have modified the code. The actual code of the getAuthData function is as follows:

Code:
function getAuthData($conn, $devId) {
        $publicName = modhex2b64($devId);
        $stmt =
          'SELECT id, active, counter, sessionUse, low, high, accessed '.
          'FROM yubikeys '.
          'WHERE publicName='.mysql_quote($publicName);
        $r = query($conn, $stmt);
        if (mysql_num_rows($r) > 0) {
                $row = mysql_fetch_assoc($r);
                mysql_free_result($r);
                return $row;
        }
        return null;
} // End getAuthData


Here the "yubikeys" table used must be from the table from the YK_VAL database and not from the YK_KSM database.

We would appreciate if you can check the database settings in the "ykval-config.php". If they are pointing to YK_KSM database, please change them to point to YK_VAL database and update the code of "getAuthData" function to use the "yubikeys" table of the YK_VAL database.

We hope this helps!
Author:  erpico [ Fri Oct 23, 2009 2:14 pm ]
Post subject:  Re: Hosting my own validation server - issues
Well yes I did modify the code, while I am trying to run validation server on mssql05. Ok. So as I understand I need two dbs, one for validation server with - like ykval-db.sql, and the other for ksm - like ykksm-db.sql, don't I? And if I want YMS I need to have another one, right? I am asking, because I am a little bit confused. Now I have a working validation. If you would like to check it I can send you an address and a sample yubikey settings.

And while I am here, I would like to ask you about this part of getAuthData:

$publicName = modhex2b64($devId);

is it normal that $devId has a value of plain public part of otp retrieved from db? I mean it looks like vvsthsthsth?
and than after modhex2b64() it is send to db as a decrypted text?

Because firstly I get client data from ksm_clients table in ksm-db, and than I am saving used otp into yubikeys table of ykval-db. I hope you understand what I am trying to say. If not I will write a longer post.

Thanks for reply.
Author:  network-marvels [ Fri Oct 23, 2009 3:14 pm ]
Post subject:  Re: Hosting my own validation server - issues
We can use a combine database for both YMS and YK_VAL. Please use the step by step YMS server installation guide available at the following link:

viewtopic.php?f=5&t=315&p=1418#p1418
Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/