Revision 89b7a21d
Added by Renato Botelho over 9 years ago
| src/etc/inc/basic_sasl_client.inc | ||
|---|---|---|
| 21 | 21 |
|
| 22 | 22 |
Function Start(&$client, &$message, &$interactions) |
| 23 | 23 |
{
|
| 24 |
if ($this->state!=SASL_BASIC_STATE_START)
|
|
| 24 |
if($this->state!=SASL_BASIC_STATE_START) |
|
| 25 | 25 |
{
|
| 26 | 26 |
$client->error="Basic authentication state is not at the start"; |
| 27 | 27 |
return(SASL_FAIL); |
| ... | ... | |
| 33 | 33 |
$defaults=array( |
| 34 | 34 |
); |
| 35 | 35 |
$status=$client->GetCredentials($this->credentials,$defaults,$interactions); |
| 36 |
if ($status==SASL_CONTINUE)
|
|
| 36 |
if($status==SASL_CONTINUE) |
|
| 37 | 37 |
{
|
| 38 | 38 |
$message=$this->credentials["user"].":".$this->credentials["password"]; |
| 39 | 39 |
$this->state=SASL_BASIC_STATE_DONE; |
| 40 | 40 |
} |
| 41 | 41 |
else |
| 42 |
{
|
|
| 43 | 42 |
Unset($message); |
| 44 |
} |
|
| 45 | 43 |
return($status); |
| 46 | 44 |
} |
| 47 | 45 |
|
| 48 | 46 |
Function Step(&$client, $response, &$message, &$interactions) |
| 49 | 47 |
{
|
| 50 |
switch ($this->state)
|
|
| 48 |
switch($this->state) |
|
| 51 | 49 |
{
|
| 52 | 50 |
case SASL_BASIC_STATE_DONE: |
| 53 | 51 |
$client->error="Basic authentication was finished without success"; |
| src/etc/inc/login_sasl_client.inc | ||
|---|---|---|
| 23 | 23 |
|
| 24 | 24 |
Function Start(&$client, &$message, &$interactions) |
| 25 | 25 |
{
|
| 26 |
if ($this->state!=SASL_LOGIN_STATE_START)
|
|
| 26 |
if($this->state!=SASL_LOGIN_STATE_START) |
|
| 27 | 27 |
{
|
| 28 | 28 |
$client->error="LOGIN authentication state is not at the start"; |
| 29 | 29 |
return(SASL_FAIL); |
| ... | ... | |
| 37 | 37 |
"realm"=>"" |
| 38 | 38 |
); |
| 39 | 39 |
$status=$client->GetCredentials($this->credentials,$defaults,$interactions); |
| 40 |
if ($status==SASL_CONTINUE)
|
|
| 40 |
if($status==SASL_CONTINUE) |
|
| 41 | 41 |
$this->state=SASL_LOGIN_STATE_IDENTIFY_USER; |
| 42 | 42 |
Unset($message); |
| 43 | 43 |
return($status); |
| ... | ... | |
| 45 | 45 |
|
| 46 | 46 |
Function Step(&$client, $response, &$message, &$interactions) |
| 47 | 47 |
{
|
| 48 |
switch ($this->state)
|
|
| 48 |
switch($this->state) |
|
| 49 | 49 |
{
|
| 50 | 50 |
case SASL_LOGIN_STATE_IDENTIFY_USER: |
| 51 | 51 |
$message=$this->credentials["user"].(strlen($this->credentials["realm"]) ? "@".$this->credentials["realm"] : ""); |
| src/etc/inc/ntlm_sasl_client.inc | ||
|---|---|---|
| 18 | 18 |
|
| 19 | 19 |
Function Initialize(&$client) |
| 20 | 20 |
{
|
| 21 |
if (!function_exists($function="mcrypt_encrypt") ||
|
|
| 22 |
!function_exists($function="hash"))
|
|
| 21 |
if(!function_exists($function="mcrypt_encrypt")
|
|
| 22 |
|| !function_exists($function="mhash"))
|
|
| 23 | 23 |
{
|
| 24 | 24 |
$extensions=array( |
| 25 | 25 |
"mcrypt_encrypt"=>"mcrypt", |
| 26 |
"hash"=>"hash"
|
|
| 26 |
"mhash"=>"mhash"
|
|
| 27 | 27 |
); |
| 28 | 28 |
$client->error="the extension ".$extensions[$function]." required by the NTLM SASL client class is not available in this PHP configuration"; |
| 29 | 29 |
return(0); |
| ... | ... | |
| 33 | 33 |
|
| 34 | 34 |
Function ASCIIToUnicode($ascii) |
| 35 | 35 |
{
|
| 36 |
for ($unicode="",$a=0;$a<strlen($ascii);$a++)
|
|
| 36 |
for($unicode="",$a=0;$a<strlen($ascii);$a++) |
|
| 37 | 37 |
$unicode.=substr($ascii,$a,1).chr(0); |
| 38 | 38 |
return($unicode); |
| 39 | 39 |
} |
| ... | ... | |
| 62 | 62 |
Function NTLMResponse($challenge,$password) |
| 63 | 63 |
{
|
| 64 | 64 |
$unicode=$this->ASCIIToUnicode($password); |
| 65 |
$md4=hash("md4", $unicode);
|
|
| 65 |
$md4=mhash(MHASH_MD4,$unicode);
|
|
| 66 | 66 |
$padded=$md4.str_repeat(chr(0),21-strlen($md4)); |
| 67 | 67 |
$iv_size=mcrypt_get_iv_size(MCRYPT_DES,MCRYPT_MODE_ECB); |
| 68 | 68 |
$iv=mcrypt_create_iv($iv_size,MCRYPT_RAND); |
| 69 |
for ($response="",$third=0;$third<21;$third+=7)
|
|
| 69 |
for($response="",$third=0;$third<21;$third+=7) |
|
| 70 | 70 |
{
|
| 71 |
for ($packed="",$p=$third;$p<$third+7;$p++)
|
|
| 72 |
$packed.=str_pad(decbin(ord(substr($padded,$p,1))),8,"0",STR_PAD_LEFT);
|
|
| 73 |
for ($key="",$p=0;$p<strlen($packed);$p+=7)
|
|
| 71 |
for($packed="",$p=$third;$p<$third+7;$p++) |
|
| 72 |
$packed.=str_pad(decbin(ord(substr($padded,$p,1))),8,"0",STR_PAD_LEFT);
|
|
| 73 |
for($key="",$p=0;$p<strlen($packed);$p+=7) |
|
| 74 | 74 |
{
|
| 75 | 75 |
$s=substr($packed,$p,7); |
| 76 | 76 |
$b=$s.((substr_count($s,"1") % 2) ? "0" : "1"); |
| ... | ... | |
| 134 | 134 |
|
| 135 | 135 |
Function Start(&$client, &$message, &$interactions) |
| 136 | 136 |
{
|
| 137 |
if ($this->state!=SASL_NTLM_STATE_START)
|
|
| 137 |
if($this->state!=SASL_NTLM_STATE_START) |
|
| 138 | 138 |
{
|
| 139 | 139 |
$client->error="NTLM authentication state is not at the start"; |
| 140 | 140 |
return(SASL_FAIL); |
| ... | ... | |
| 147 | 147 |
); |
| 148 | 148 |
$defaults=array(); |
| 149 | 149 |
$status=$client->GetCredentials($this->credentials,$defaults,$interactions); |
| 150 |
if ($status==SASL_CONTINUE)
|
|
| 150 |
if($status==SASL_CONTINUE) |
|
| 151 | 151 |
$this->state=SASL_NTLM_STATE_IDENTIFY_DOMAIN; |
| 152 | 152 |
Unset($message); |
| 153 | 153 |
return($status); |
| ... | ... | |
| 155 | 155 |
|
| 156 | 156 |
Function Step(&$client, $response, &$message, &$interactions) |
| 157 | 157 |
{
|
| 158 |
switch ($this->state)
|
|
| 158 |
switch($this->state) |
|
| 159 | 159 |
{
|
| 160 | 160 |
case SASL_NTLM_STATE_IDENTIFY_DOMAIN: |
| 161 | 161 |
$message=$this->TypeMsg1($this->credentials["realm"],$this->credentials["workstation"]); |
| ... | ... | |
| 177 | 177 |
} |
| 178 | 178 |
}; |
| 179 | 179 |
|
| 180 |
?> |
|
| 180 |
?> |
|
| src/etc/inc/plain_sasl_client.inc | ||
|---|---|---|
| 26 | 26 |
|
| 27 | 27 |
Function Start(&$client, &$message, &$interactions) |
| 28 | 28 |
{
|
| 29 |
if ($this->state!=SASL_PLAIN_STATE_START)
|
|
| 29 |
if($this->state!=SASL_PLAIN_STATE_START) |
|
| 30 | 30 |
{
|
| 31 | 31 |
$client->error="PLAIN authentication state is not at the start"; |
| 32 | 32 |
return(SASL_FAIL); |
| ... | ... | |
| 42 | 42 |
"mode"=>"" |
| 43 | 43 |
); |
| 44 | 44 |
$status=$client->GetCredentials($this->credentials,$defaults,$interactions); |
| 45 |
if ($status==SASL_CONTINUE)
|
|
| 45 |
if($status==SASL_CONTINUE) |
|
| 46 | 46 |
{
|
| 47 |
switch ($this->credentials["mode"])
|
|
| 47 |
switch($this->credentials["mode"]) |
|
| 48 | 48 |
{
|
| 49 | 49 |
case SASL_PLAIN_EXIM_MODE: |
| 50 | 50 |
$message=$this->credentials["user"]."\0".$this->credentials["password"]."\0"; |
| ... | ... | |
| 65 | 65 |
|
| 66 | 66 |
Function Step(&$client, $response, &$message, &$interactions) |
| 67 | 67 |
{
|
| 68 |
switch ($this->state)
|
|
| 68 |
switch($this->state) |
|
| 69 | 69 |
{
|
| 70 | 70 |
/* |
| 71 | 71 |
case SASL_PLAIN_STATE_IDENTIFY: |
| 72 |
switch ($this->credentials["mode"])
|
|
| 72 |
switch($this->credentials["mode"]) |
|
| 73 | 73 |
{
|
| 74 | 74 |
case SASL_PLAIN_EXIM_MODE: |
| 75 | 75 |
$message=$this->credentials["user"]."\0".$this->credentials["password"]."\0"; |
| src/etc/inc/sasl.inc | ||
|---|---|---|
| 178 | 178 |
<purpose>Retrieve the values of one or more credentials to be used by |
| 179 | 179 |
the authentication mechanism classes.</purpose> |
| 180 | 180 |
<usage>This is meant to be used by authentication mechanism driver |
| 181 |
classes to retrieve the credentials that may be needed.</usage>
|
|
| 181 |
classes to retrieve the credentials that may be neede.</usage> |
|
| 182 | 182 |
<returnvalue>The function may return <tt>SASL_CONTINUE</tt> if it |
| 183 | 183 |
succeeded, or <tt>SASL_NOMECH</tt> if it was not possible to |
| 184 | 184 |
retrieve one of the requested credentials.</returnvalue> |
| ... | ... | |
| 359 | 359 |
<type>INTEGER</type> |
| 360 | 360 |
<documentation> |
| 361 | 361 |
<purpose>Process the authentication steps after the initial step, |
| 362 |
until the authentication iteration dialog is complete.</purpose>
|
|
| 362 |
until the authetication iteration dialog is complete.</purpose> |
|
| 363 | 363 |
<usage>Call this function iteratively after a successful initial |
| 364 | 364 |
step calling the <functionlink>Start</functionlink> function.</usage> |
| 365 | 365 |
<returnvalue>The function returns <tt>SASL_CONTINUE</tt> if step was |
Also available in: Unified diff
Update sasl classes to last version and remove all style customizations - http://www.phpclasses.org/package/1888-PHP-Single-API-for-standard-authentication-mechanisms.html