Subversion Repositories Applications.papyrus

Rev

Rev 1173 | Go to most recent revision | Only display areas with differences | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed

Rev 1173 Rev 1713
1 
<?php
 1 
<?php
2 
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */
 2 
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4 foldmethod=marker: */
3 
 
 3 
 
4 
/**
 4 
/**
5 
 * Storage driver for use against RADIUS servers
 5 
 * Storage driver for use against RADIUS servers
6 
 *
 6 
 *
7 
 * PHP versions 4 and 5
 7 
 * PHP versions 4 and 5
8 
 *
 8 
 *
9 
 * LICENSE: This source file is subject to version 3.01 of the PHP license
 9 
 * LICENSE: This source file is subject to version 3.01 of the PHP license
10 
 * that is available through the world-wide-web at the following URI:
 10 
 * that is available through the world-wide-web at the following URI:
11 
 * http://www.php.net/license/3_01.txt.  If you did not receive a copy of
 11 
 * http://www.php.net/license/3_01.txt.  If you did not receive a copy of
12 
 * the PHP License and are unable to obtain it through the web, please
 12 
 * the PHP License and are unable to obtain it through the web, please
13 
 * send a note to license@php.net so we can mail you a copy immediately.
 13 
 * send a note to license@php.net so we can mail you a copy immediately.
14 
 *
 14 
 *
15 
 * @category   Authentication
 15 
 * @category   Authentication
16 
 * @package    Auth
 16 
 * @package    Auth
17 
 * @author     Michael Bretterklieber <michael@bretterklieber.com>
17 
 * @author     Michael Bretterklieber <michael@bretterklieber.com>
18 
 * @author     Adam Ashley <aashley@php.net>
 18 
 * @author     Adam Ashley <aashley@php.net>
19 
 * @copyright  2001-2006 The PHP Group
 19 
 * @copyright  2001-2006 The PHP Group
20 
 * @license    http://www.php.net/license/3_01.txt  PHP License 3.01
 20 
 * @license    http://www.php.net/license/3_01.txt  PHP License 3.01
21 
 * @version    CVS: $Id: RADIUS.php,v 1.2 2006-12-14 15:04:28 jp_milcent Exp $
 21 
 * @version    CVS: $Id: RADIUS.php,v 1.3 2007-11-19 15:11:00 jp_milcent Exp $
22 
 * @link       http://pear.php.net/package/Auth
 22 
 * @link       http://pear.php.net/package/Auth
23 
 * @since      File available since Release 1.2.0
 23 
 * @since      File available since Release 1.2.0
24 
 */
 24 
 */
25 
 
 25 
 
26 
/**
 26 
/**
27 
 * Include Auth_Container base class
 27 
 * Include Auth_Container base class
28 
 */
 28 
 */
29 
require_once "Auth/Container.php";
 29 
require_once "Auth/Container.php";
30 
/**
 30 
/**
31 
 * Include PEAR Auth_RADIUS package
 31 
 * Include PEAR Auth_RADIUS package
32 
 */
 32 
 */
33 
require_once "Auth/RADIUS.php";
 33 
require_once "Auth/RADIUS.php";
34 
 
 34 
 
35 
/**
 35 
/**
36 
 * Storage driver for authenticating users against RADIUS servers.
 36 
 * Storage driver for authenticating users against RADIUS servers.
37 
 *
 37 
 *
38 
 * @category   Authentication
 38 
 * @category   Authentication
39 
 * @package    Auth
 39 
 * @package    Auth
40 
 * @author     Michael Bretterklieber <michael@bretterklieber.com>
 40 
 * @author     Michael Bretterklieber <michael@bretterklieber.com>
41 
 * @author     Adam Ashley <aashley@php.net>
 41 
 * @author     Adam Ashley <aashley@php.net>
42 
 * @copyright  2001-2006 The PHP Group
 42 
 * @copyright  2001-2006 The PHP Group
43 
 * @license    http://www.php.net/license/3_01.txt  PHP License 3.01
 43 
 * @license    http://www.php.net/license/3_01.txt  PHP License 3.01
44 
 * @version    Release: 1.4.3  File: $Revision: 1.2 $
 44 
 * @version    Release: 1.5.4  File: $Revision: 1.3 $
45 
 * @link       http://pear.php.net/package/Auth
 45 
 * @link       http://pear.php.net/package/Auth
46 
 * @since      Class available since Release 1.2.0
 46 
 * @since      Class available since Release 1.2.0
47 
 */
 47 
 */
48 
class Auth_Container_RADIUS extends Auth_Container
 48 
class Auth_Container_RADIUS extends Auth_Container
49 
{
 49 
{
50 
 
 50 
 
51 
    // {{{ properties
 51 
    // {{{ properties
52 
 
 52 
 
53 
    /**
 53 
    /**
54 
     * Contains a RADIUS object
 54 
     * Contains a RADIUS object
55 
     * @var object
 55 
     * @var object
56 
     */
 56 
     */
57 
    var $radius;
 57 
    var $radius;
58
58 
 
59 
    /**
 59 
    /**
60 
     * Contains the authentication type
 60 
     * Contains the authentication type
61 
     * @var string
 61 
     * @var string
62 
     */
 62 
     */
63 
    var $authtype;
63 
    var $authtype;
64 
 
 64 
 
65 
    // }}}
 65 
    // }}}
66 
    // {{{ Auth_Container_RADIUS() [constructor]
 66 
    // {{{ Auth_Container_RADIUS() [constructor]
67 
 
 67 
 
68 
    /**
 68 
    /**
69 
     * Constructor of the container class.
 69 
     * Constructor of the container class.
70 
     *
 70 
     *
71 
     * $options can have these keys:
 71 
     * $options can have these keys:
72 
     * 'servers'    an array containing an array: servername, port,
 72 
     * 'servers'    an array containing an array: servername, port,
73 
     *              sharedsecret, timeout, maxtries
 73 
     *              sharedsecret, timeout, maxtries
74 
     * 'configfile' The filename of the configuration file
 74 
     * 'configfile' The filename of the configuration file
75 
     * 'authtype'   The type of authentication, one of: PAP, CHAP_MD5,
 75 
     * 'authtype'   The type of authentication, one of: PAP, CHAP_MD5,
76 
     *              MSCHAPv1, MSCHAPv2, default is PAP
 76 
     *              MSCHAPv1, MSCHAPv2, default is PAP
77 
     *
 77 
     *
78 
     * @param  $options associative array
 78 
     * @param  $options associative array
79 
     * @return object Returns an error object if something went wrong
 79 
     * @return object Returns an error object if something went wrong
80 
     */
 80 
     */
81 
    function Auth_Container_RADIUS($options)
 81 
    function Auth_Container_RADIUS($options)
82 
    {
 82 
    {
83 
        $this->authtype = 'PAP';
 83 
        $this->authtype = 'PAP';
84 
        if (isset($options['authtype'])) {
 84 
        if (isset($options['authtype'])) {
85 
            $this->authtype = $options['authtype'];
 85 
            $this->authtype = $options['authtype'];
86 
        }
 86 
        }
87 
        $classname = 'Auth_RADIUS_' . $this->authtype;
 87 
        $classname = 'Auth_RADIUS_' . $this->authtype;
88 
        if (!class_exists($classname)) {
 88 
        if (!class_exists($classname)) {
89 
            PEAR::raiseError("Unknown Authtype, please use one of: "
 89 
            PEAR::raiseError("Unknown Authtype, please use one of: "
90 
                    ."PAP, CHAP_MD5, MSCHAPv1, MSCHAPv2!", 41, PEAR_ERROR_DIE);
 90 
                    ."PAP, CHAP_MD5, MSCHAPv1, MSCHAPv2!", 41, PEAR_ERROR_DIE);
91 
        }
 91 
        }
92
92 
 
93 
        $this->radius = new $classname;
 93 
        $this->radius = new $classname;
94 
 
 94 
 
95 
        if (isset($options['configfile'])) {
 95 
        if (isset($options['configfile'])) {
96 
            $this->radius->setConfigfile($options['configfile']);
 96 
            $this->radius->setConfigfile($options['configfile']);
97 
        }
 97 
        }
98 
 
 98 
 
99 
        $servers = $options['servers'];
 99 
        $servers = $options['servers'];
100 
        if (is_array($servers)) {
 100 
        if (is_array($servers)) {
101 
            foreach ($servers as $server) {
 101 
            foreach ($servers as $server) {
102 
                $servername     = $server[0];
 102 
                $servername     = $server[0];
103 
                $port           = isset($server[1]) ? $server[1] : 0;
 103 
                $port           = isset($server[1]) ? $server[1] : 0;
104 
                $sharedsecret   = isset($server[2]) ? $server[2] : 'testing123';
 104 
                $sharedsecret   = isset($server[2]) ? $server[2] : 'testing123';
105 
                $timeout        = isset($server[3]) ? $server[3] : 3;
 105 
                $timeout        = isset($server[3]) ? $server[3] : 3;
106 
                $maxtries       = isset($server[4]) ? $server[4] : 3;
 106 
                $maxtries       = isset($server[4]) ? $server[4] : 3;
107 
                $this->radius->addServer($servername, $port, $sharedsecret, $timeout, $maxtries);
 107 
                $this->radius->addServer($servername, $port, $sharedsecret, $timeout, $maxtries);
108 
            }
 108 
            }
109 
        }
 109 
        }
110
110 
 
111 
        if (!$this->radius->start()) {
 111 
        if (!$this->radius->start()) {
112 
            PEAR::raiseError($this->radius->getError(), 41, PEAR_ERROR_DIE);
 112 
            PEAR::raiseError($this->radius->getError(), 41, PEAR_ERROR_DIE);
113 
        }
 113 
        }
114 
    }
 114 
    }
115 
 
 115 
 
116 
    // }}}
 116 
    // }}}
117 
    // {{{ fetchData()
 117 
    // {{{ fetchData()
118 
 
 118 
 
119 
    /**
 119 
    /**
120 
     * Authenticate
 120 
     * Authenticate
121 
     *
 121 
     *
122 
     * @param  string Username
 122 
     * @param  string Username
123 
     * @param  string Password
 123 
     * @param  string Password
124 
     * @return bool   true on success, false on reject
 124 
     * @return bool   true on success, false on reject
125 
     */
 125 
     */
126 
    function fetchData($username, $password, $challenge = null)
 126 
    function fetchData($username, $password, $challenge = null)
127 
    {
 127 
    {
- 
 
 128 
        $this->log('Auth_Container_RADIUS::fetchData() called.', AUTH_LOG_DEBUG);
- 
 
 129 
 
128 
        switch($this->authtype) {
 130 
        switch($this->authtype) {
129 
        case 'CHAP_MD5':
 131 
            case 'CHAP_MD5':
130 
        case 'MSCHAPv1':
 132 
            case 'MSCHAPv1':
131 
            if (isset($challenge)) {
 133 
                if (isset($challenge)) {
132 
                $this->radius->challenge = $challenge;
 134 
                    $this->radius->challenge = $challenge;
133 
                $this->radius->chapid    = 1;
 135 
                    $this->radius->chapid    = 1;
134 
                $this->radius->response  = pack('H*', $password);
 136 
                    $this->radius->response  = pack('H*', $password);
135 
            } else {
 137 
                } else {
- 
 
 138 
                    require_once 'Crypt/CHAP.php';
- 
 
 139 
                    $classname = 'Crypt_' . $this->authtype;
- 
 
 140 
                    $crpt = new $classname;
- 
 
 141 
                    $crpt->password = $password;
- 
 
 142 
                    $this->radius->challenge = $crpt->challenge;
- 
 
 143 
                    $this->radius->chapid    = $crpt->chapid;
- 
 
 144 
                    $this->radius->response  = $crpt->challengeResponse();
- 
 
 145 
                }
- 
 
 146 
                break;
- 
 
 147 
 
- 
 
 148 
            case 'MSCHAPv2':
136 
                require_once 'Crypt/CHAP.php';
 149 
                require_once 'Crypt/CHAP.php';
137 
                $classname = 'Crypt_' . $this->authtype;
 150 
                $crpt = new Crypt_MSCHAPv2;
138 
                $crpt = new $classname;
 151 
                $crpt->username = $username;
139 
                $crpt->password = $password;
 152 
                $crpt->password = $password;
140 
                $this->radius->challenge = $crpt->challenge;
 153 
                $this->radius->challenge     = $crpt->authChallenge;
- 
 
 154 
                $this->radius->peerChallenge = $crpt->peerChallenge;
141 
                $this->radius->chapid    = $crpt->chapid;
 155 
                $this->radius->chapid        = $crpt->chapid;
142 
                $this->radius->response  = $crpt->challengeResponse();
 156 
                $this->radius->response      = $crpt->challengeResponse();
143 
                break;
 157 
                break;
144 
            }
 - 
 
145 
 
 - 
 
146 
        case 'MSCHAPv2':
 - 
 
147 
            require_once 'Crypt/CHAP.php';
 - 
 
148 
            $crpt = new Crypt_MSCHAPv2;
 - 
 
149 
            $crpt->username = $username;
 - 
 
150 
            $crpt->password = $password;
 - 
 
151 
            $this->radius->challenge     = $crpt->authChallenge;
 - 
 
152 
            $this->radius->peerChallenge = $crpt->peerChallenge;
 - 
 
153 
            $this->radius->chapid        = $crpt->chapid;
 - 
 
154 
            $this->radius->response      = $crpt->challengeResponse();
 - 
 
155 
            break;
 - 
 
156 
 
 158 
 
157 
        default:
 159 
            default:
158 
            $this->radius->password = $password;
 160 
                $this->radius->password = $password;
159 
            break;
 161 
                break;
160 
        }
 162 
        }
161 
 
 163 
 
162 
        $this->radius->username = $username;
 164 
        $this->radius->username = $username;
163 
 
 165 
 
164 
        $this->radius->putAuthAttributes();
 166 
        $this->radius->putAuthAttributes();
165 
        $result = $this->radius->send();
 167 
        $result = $this->radius->send();
166 
        if (PEAR::isError($result)) {
 168 
        if (PEAR::isError($result)) {
167 
            return false;
 169 
            return false;
168 
        }
 170 
        }
169 
 
 171 
 
170 
        $this->radius->getAttributes();
 172 
        $this->radius->getAttributes();
171 
//      just for debugging
 173 
//      just for debugging
172 
//      $this->radius->dumpAttributes();
 174 
//      $this->radius->dumpAttributes();
173 
 
 175 
 
174 
        return $result;
 176 
        return $result;
175 
    }
 177 
    }
176 
 
 178 
 
177 
    // }}}
 179 
    // }}}
178 
 
 180 
 
179 
}
 181 
}
180 
?>
 182 
?>