mod_auth_openpgp 0.2.1

mod_auth_openpgp is an Apache module that implements access authorization to servers, vhosts, etc.
mod_auth_openpgp is an Apache module that implements access authorization to servers, vhosts, or directories when incoming requests' HTTP OpenPGP signatures are valid and known by the local keyring

Quick-Building instructions:

Edit build.sh to suit your needs/desires.
Run it: ./build.sh
Modify your Apache's configuration as needed (see below)

Requirements:

· I'm using gpgme 1.1.2 and libgpg-error 1.0. It also benefits from mod_access, although the X-Auth-OpenPGP header that gets added to signed requests can be checked using PHP, CGI, etc.

Configuration:

Turn it on for specific virtual hosts (or server globally) using the "OpenPGPEngine on" command and with mod_access directives, for example:

< VirtualHost *:80 >
ServerName localhost
ServerAdmin root@localhost
DocumentRoot "/var/www/localhost/htdocs"
Options FollowSymlinks

< ifmodule mpm_peruser_module >
ServerEnvironment apache apache
< /ifmodule >

# Turn on the OpenPGP Engine for this VirtualHost
OpenPGPEngine on

# if the X-Auth-OpenPGP header has the "true" value,
# then set the valid_signature env var to be used as
# decisive factor in the Allow sentence of mod_access.
# X-Auth-OpenPGP cannot be spoofed, as it gets resetted
# if the module has been enabled for the vhost.
# In the future, valid signed requests will also
# have a header which tells mod_access the keyid, eMail address
# and fingerprint of each user [TODO for 0.2.0]

SetEnvIf X-Auth-OpenPGP ^true valid_signature

Order Deny,Allow
Deny from all
Allow from env=valid_signature
< /directory >

< /virtualhost >

And that's it. Go grab Enigform and try it out. Of course, the 'apache' user needs a valid gpg configuration and keyring, or mod_auth_openpgp won't be able to verify signed requests.

What's New in This Release:

· A new OpenPGP Discovery method that HTTP+OpenPGP aware clients (like Firefox+Enigform) can use to test if a host supports/announces mod_auth_openpgp was added.

last updated on:
June 19th, 2007, 20:35 GMT
price:
FREE!
homepage:
linux-consulting.buanzo.com.ar
license type:
The Apache License 2.0 
developed by:
Arturo Busleiman
category:
ROOT \ Internet \ HTTP (WWW)
mod_auth_openpgp
Download Button

In a hurry? Add it to your Download Basket!

user rating

UNRATED
0.0/5
 

0/5

Rate it!

Add your review!

SUBMIT