Subversion Repositories Applications.papyrus

Rev

Rev 1173 | Go to most recent revision | Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
320 jpm 1
<?php
2
//
3
// +----------------------------------------------------------------------+
4
// | PHP Version 4                                                        |
5
// +----------------------------------------------------------------------+
6
// | Copyright (c) 1997-2003 The PHP Group                                |
7
// +----------------------------------------------------------------------+
8
// | This source file is subject to version 2.02 of the PHP license,      |
9
// | that is bundled with this package in the file LICENSE, and is        |
10
// | available at through the world-wide-web at                           |
11
// | http://www.php.net/license/2_02.txt.                                 |
12
// | If you did not receive a copy of the PHP license and are unable to   |
13
// | obtain it through the world-wide-web, please send a note to          |
14
// | license@php.net so we can mail you a copy immediately.               |
15
// +----------------------------------------------------------------------+
16
// | Authors: Michael Bretterklieber <michael@bretterklieber.com>         |
17
// +----------------------------------------------------------------------+
18
//
19
// $Id: RADIUS.php,v 1.1 2005-03-30 08:50:33 jpm Exp $
20
//
21
 
22
require_once "Auth/Container.php";
23
require_once "Auth/RADIUS.php";
24
 
25
/**
26
 * Storage driver for authenticating users against RADIUS servers.
27
 *
28
 * @author  Michael Bretterklieber <michael@bretterklieber.com>
29
 * @access  public
30
 * @version $Revision: 1.1 $
31
 */
32
class Auth_Container_RADIUS extends Auth_Container
33
{
34
 
35
    /**
36
     * Contains a RADIUS object
37
     * @var object
38
     */
39
    var $radius;
40
 
41
    /**
42
     * Contains the authentication type
43
     * @var string
44
     */
45
    var $authtype;
46
 
47
    /**
48
     * Constructor of the container class.
49
     *
50
     * $options can have these keys:
51
     * 'servers'    an array containing an array: servername, port,
52
     *              sharedsecret, timeout, maxtries
53
     * 'configfile' The filename of the configuration file
54
     * 'authtype'   The type of authentication, one of: PAP, CHAP_MD5,
55
     *              MSCHAPv1, MSCHAPv2, default is PAP
56
     *
57
     * @param  $options associative array
58
     * @return object Returns an error object if something went wrong
59
     */
60
    function Auth_Container_RADIUS($options)
61
    {
62
        $this->authtype = 'PAP';
63
        if (isset($options['authtype'])) {
64
            $this->authtype = $options['authtype'];
65
        }
66
        $classname = 'Auth_RADIUS_' . $this->authtype;
67
        if (!class_exists($classname)) {
68
            PEAR::raiseError("Unknown Authtype, please use on of: PAP, CHAP_MD5, MSCHAPv1, MSCHAPv2!",
69
                                    41, PEAR_ERROR_DIE);
70
        }
71
 
72
        $this->radius = new $classname;
73
 
74
        if (isset($options['configfile'])) {
75
            $this->radius->setConfigfile($options['configfile']);
76
        }
77
 
78
        $servers = $options['servers'];
79
        if (is_array($servers)) {
80
            foreach ($servers as $server) {
81
                $servername     = $server[0];
82
                $port           = isset($server[1]) ? $server[1] : 0;
83
                $sharedsecret   = isset($server[2]) ? $server[2] : 'testing123';
84
                $timeout        = isset($server[3]) ? $server[3] : 3;
85
                $maxtries       = isset($server[4]) ? $server[4] : 3;
86
                $this->radius->addServer($servername, $port, $sharedsecret, $timeout, $maxtries);
87
            }
88
        }
89
 
90
        if (!$this->radius->start()) {
91
            PEAR::raiseError($this->radius->getError(), 41, PEAR_ERROR_DIE);
92
        }
93
    }
94
 
95
    /**
96
     * Authenticate
97
     *
98
     * @param  string Username
99
     * @param  string Password
100
     * @return bool   true on success, false on reject
101
     */
102
    function fetchData($username, $password, $challenge = null)
103
    {
104
        switch($this->authtype) {
105
        case 'CHAP_MD5':
106
        case 'MSCHAPv1':
107
            if (isset($challenge)) {
108
                echo $password;
109
                $this->radius->challenge = $challenge;
110
                $this->radius->chapid    = 1;
111
                $this->radius->response  = pack('H*', $password);
112
            } else {
113
                require_once 'Crypt_CHAP/CHAP.php';
114
                $classname = 'Crypt_' . $this->authtype;
115
                $crpt = new $classname;
116
                $crpt->password = $password;
117
                $this->radius->challenge = $crpt->challenge;
118
                $this->radius->chapid    = $crpt->chapid;
119
                $this->radius->response  = $crpt->challengeResponse();
120
                break;
121
            }
122
 
123
        case 'MSCHAPv2':
124
            require_once 'Crypt_CHAP/CHAP.php';
125
            $crpt = new Crypt_MSCHAPv2;
126
            $crpt->username = $username;
127
            $crpt->password = $password;
128
            $this->radius->challenge     = $crpt->authChallenge;
129
            $this->radius->peerChallenge = $crpt->peerChallenge;
130
            $this->radius->chapid        = $crpt->chapid;
131
            $this->radius->response      = $crpt->challengeResponse();
132
            break;
133
 
134
        default:
135
            $this->radius->password = $password;
136
            break;
137
        }
138
 
139
        $this->radius->username = $username;
140
 
141
        $this->radius->putAuthAttributes();
142
        $result = $this->radius->send();
143
        if (PEAR::isError($result)) {
144
            return false;
145
        }
146
 
147
        $this->radius->getAttributes();
148
//      just for debugging
149
//      $this->radius->dumpAttributes();
150
 
151
        return $result;
152
    }
153
}
154
?>