Subversion Repositories Applications.papyrus

Rev

Rev 320 | Rev 1713 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
1173 jp_milcent 1
<?php
2
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */
3
 
4
/**
5
 * Storage driver for use against RADIUS servers
6
 *
7
 * PHP versions 4 and 5
8
 *
9
 * LICENSE: This source file is subject to version 3.01 of the PHP license
10
 * that is available through the world-wide-web at the following URI:
11
 * http://www.php.net/license/3_01.txt.  If you did not receive a copy of
12
 * the PHP License and are unable to obtain it through the web, please
13
 * send a note to license@php.net so we can mail you a copy immediately.
14
 *
15
 * @category   Authentication
16
 * @package    Auth
17
 * @author     Michael Bretterklieber <michael@bretterklieber.com>
18
 * @author     Adam Ashley <aashley@php.net>
19
 * @copyright  2001-2006 The PHP Group
20
 * @license    http://www.php.net/license/3_01.txt  PHP License 3.01
21
 * @version    CVS: $Id: RADIUS.php,v 1.2 2006-12-14 15:04:28 jp_milcent Exp $
22
 * @link       http://pear.php.net/package/Auth
23
 * @since      File available since Release 1.2.0
24
 */
25
 
26
/**
27
 * Include Auth_Container base class
28
 */
29
require_once "Auth/Container.php";
30
/**
31
 * Include PEAR Auth_RADIUS package
32
 */
33
require_once "Auth/RADIUS.php";
34
 
35
/**
36
 * Storage driver for authenticating users against RADIUS servers.
37
 *
38
 * @category   Authentication
39
 * @package    Auth
40
 * @author     Michael Bretterklieber <michael@bretterklieber.com>
41
 * @author     Adam Ashley <aashley@php.net>
42
 * @copyright  2001-2006 The PHP Group
43
 * @license    http://www.php.net/license/3_01.txt  PHP License 3.01
44
 * @version    Release: 1.4.3  File: $Revision: 1.2 $
45
 * @link       http://pear.php.net/package/Auth
46
 * @since      Class available since Release 1.2.0
47
 */
48
class Auth_Container_RADIUS extends Auth_Container
49
{
50
 
51
    // {{{ properties
52
 
53
    /**
54
     * Contains a RADIUS object
55
     * @var object
56
     */
57
    var $radius;
58
 
59
    /**
60
     * Contains the authentication type
61
     * @var string
62
     */
63
    var $authtype;
64
 
65
    // }}}
66
    // {{{ Auth_Container_RADIUS() [constructor]
67
 
68
    /**
69
     * Constructor of the container class.
70
     *
71
     * $options can have these keys:
72
     * 'servers'    an array containing an array: servername, port,
73
     *              sharedsecret, timeout, maxtries
74
     * 'configfile' The filename of the configuration file
75
     * 'authtype'   The type of authentication, one of: PAP, CHAP_MD5,
76
     *              MSCHAPv1, MSCHAPv2, default is PAP
77
     *
78
     * @param  $options associative array
79
     * @return object Returns an error object if something went wrong
80
     */
81
    function Auth_Container_RADIUS($options)
82
    {
83
        $this->authtype = 'PAP';
84
        if (isset($options['authtype'])) {
85
            $this->authtype = $options['authtype'];
86
        }
87
        $classname = 'Auth_RADIUS_' . $this->authtype;
88
        if (!class_exists($classname)) {
89
            PEAR::raiseError("Unknown Authtype, please use one of: "
90
                    ."PAP, CHAP_MD5, MSCHAPv1, MSCHAPv2!", 41, PEAR_ERROR_DIE);
91
        }
92
 
93
        $this->radius = new $classname;
94
 
95
        if (isset($options['configfile'])) {
96
            $this->radius->setConfigfile($options['configfile']);
97
        }
98
 
99
        $servers = $options['servers'];
100
        if (is_array($servers)) {
101
            foreach ($servers as $server) {
102
                $servername     = $server[0];
103
                $port           = isset($server[1]) ? $server[1] : 0;
104
                $sharedsecret   = isset($server[2]) ? $server[2] : 'testing123';
105
                $timeout        = isset($server[3]) ? $server[3] : 3;
106
                $maxtries       = isset($server[4]) ? $server[4] : 3;
107
                $this->radius->addServer($servername, $port, $sharedsecret, $timeout, $maxtries);
108
            }
109
        }
110
 
111
        if (!$this->radius->start()) {
112
            PEAR::raiseError($this->radius->getError(), 41, PEAR_ERROR_DIE);
113
        }
114
    }
115
 
116
    // }}}
117
    // {{{ fetchData()
118
 
119
    /**
120
     * Authenticate
121
     *
122
     * @param  string Username
123
     * @param  string Password
124
     * @return bool   true on success, false on reject
125
     */
126
    function fetchData($username, $password, $challenge = null)
127
    {
128
        switch($this->authtype) {
129
        case 'CHAP_MD5':
130
        case 'MSCHAPv1':
131
            if (isset($challenge)) {
132
                $this->radius->challenge = $challenge;
133
                $this->radius->chapid    = 1;
134
                $this->radius->response  = pack('H*', $password);
135
            } else {
136
                require_once 'Crypt/CHAP.php';
137
                $classname = 'Crypt_' . $this->authtype;
138
                $crpt = new $classname;
139
                $crpt->password = $password;
140
                $this->radius->challenge = $crpt->challenge;
141
                $this->radius->chapid    = $crpt->chapid;
142
                $this->radius->response  = $crpt->challengeResponse();
143
                break;
144
            }
145
 
146
        case 'MSCHAPv2':
147
            require_once 'Crypt/CHAP.php';
148
            $crpt = new Crypt_MSCHAPv2;
149
            $crpt->username = $username;
150
            $crpt->password = $password;
151
            $this->radius->challenge     = $crpt->authChallenge;
152
            $this->radius->peerChallenge = $crpt->peerChallenge;
153
            $this->radius->chapid        = $crpt->chapid;
154
            $this->radius->response      = $crpt->challengeResponse();
155
            break;
156
 
157
        default:
158
            $this->radius->password = $password;
159
            break;
160
        }
161
 
162
        $this->radius->username = $username;
163
 
164
        $this->radius->putAuthAttributes();
165
        $result = $this->radius->send();
166
        if (PEAR::isError($result)) {
167
            return false;
168
        }
169
 
170
        $this->radius->getAttributes();
171
//      just for debugging
172
//      $this->radius->dumpAttributes();
173
 
174
        return $result;
175
    }
176
 
177
    // }}}
178
 
179
}
180
?>