Revision 89b7a21d
Added by Renato Botelho over 9 years ago
| src/etc/inc/ntlm_sasl_client.inc | ||
|---|---|---|
| 18 | 18 |
|
| 19 | 19 |
Function Initialize(&$client) |
| 20 | 20 |
{
|
| 21 |
if (!function_exists($function="mcrypt_encrypt") ||
|
|
| 22 |
!function_exists($function="hash"))
|
|
| 21 |
if(!function_exists($function="mcrypt_encrypt")
|
|
| 22 |
|| !function_exists($function="mhash"))
|
|
| 23 | 23 |
{
|
| 24 | 24 |
$extensions=array( |
| 25 | 25 |
"mcrypt_encrypt"=>"mcrypt", |
| 26 |
"hash"=>"hash"
|
|
| 26 |
"mhash"=>"mhash"
|
|
| 27 | 27 |
); |
| 28 | 28 |
$client->error="the extension ".$extensions[$function]." required by the NTLM SASL client class is not available in this PHP configuration"; |
| 29 | 29 |
return(0); |
| ... | ... | |
| 33 | 33 |
|
| 34 | 34 |
Function ASCIIToUnicode($ascii) |
| 35 | 35 |
{
|
| 36 |
for ($unicode="",$a=0;$a<strlen($ascii);$a++)
|
|
| 36 |
for($unicode="",$a=0;$a<strlen($ascii);$a++) |
|
| 37 | 37 |
$unicode.=substr($ascii,$a,1).chr(0); |
| 38 | 38 |
return($unicode); |
| 39 | 39 |
} |
| ... | ... | |
| 62 | 62 |
Function NTLMResponse($challenge,$password) |
| 63 | 63 |
{
|
| 64 | 64 |
$unicode=$this->ASCIIToUnicode($password); |
| 65 |
$md4=hash("md4", $unicode);
|
|
| 65 |
$md4=mhash(MHASH_MD4,$unicode);
|
|
| 66 | 66 |
$padded=$md4.str_repeat(chr(0),21-strlen($md4)); |
| 67 | 67 |
$iv_size=mcrypt_get_iv_size(MCRYPT_DES,MCRYPT_MODE_ECB); |
| 68 | 68 |
$iv=mcrypt_create_iv($iv_size,MCRYPT_RAND); |
| 69 |
for ($response="",$third=0;$third<21;$third+=7)
|
|
| 69 |
for($response="",$third=0;$third<21;$third+=7) |
|
| 70 | 70 |
{
|
| 71 |
for ($packed="",$p=$third;$p<$third+7;$p++)
|
|
| 72 |
$packed.=str_pad(decbin(ord(substr($padded,$p,1))),8,"0",STR_PAD_LEFT);
|
|
| 73 |
for ($key="",$p=0;$p<strlen($packed);$p+=7)
|
|
| 71 |
for($packed="",$p=$third;$p<$third+7;$p++) |
|
| 72 |
$packed.=str_pad(decbin(ord(substr($padded,$p,1))),8,"0",STR_PAD_LEFT);
|
|
| 73 |
for($key="",$p=0;$p<strlen($packed);$p+=7) |
|
| 74 | 74 |
{
|
| 75 | 75 |
$s=substr($packed,$p,7); |
| 76 | 76 |
$b=$s.((substr_count($s,"1") % 2) ? "0" : "1"); |
| ... | ... | |
| 134 | 134 |
|
| 135 | 135 |
Function Start(&$client, &$message, &$interactions) |
| 136 | 136 |
{
|
| 137 |
if ($this->state!=SASL_NTLM_STATE_START)
|
|
| 137 |
if($this->state!=SASL_NTLM_STATE_START) |
|
| 138 | 138 |
{
|
| 139 | 139 |
$client->error="NTLM authentication state is not at the start"; |
| 140 | 140 |
return(SASL_FAIL); |
| ... | ... | |
| 147 | 147 |
); |
| 148 | 148 |
$defaults=array(); |
| 149 | 149 |
$status=$client->GetCredentials($this->credentials,$defaults,$interactions); |
| 150 |
if ($status==SASL_CONTINUE)
|
|
| 150 |
if($status==SASL_CONTINUE) |
|
| 151 | 151 |
$this->state=SASL_NTLM_STATE_IDENTIFY_DOMAIN; |
| 152 | 152 |
Unset($message); |
| 153 | 153 |
return($status); |
| ... | ... | |
| 155 | 155 |
|
| 156 | 156 |
Function Step(&$client, $response, &$message, &$interactions) |
| 157 | 157 |
{
|
| 158 |
switch ($this->state)
|
|
| 158 |
switch($this->state) |
|
| 159 | 159 |
{
|
| 160 | 160 |
case SASL_NTLM_STATE_IDENTIFY_DOMAIN: |
| 161 | 161 |
$message=$this->TypeMsg1($this->credentials["realm"],$this->credentials["workstation"]); |
| ... | ... | |
| 177 | 177 |
} |
| 178 | 178 |
}; |
| 179 | 179 |
|
| 180 |
?> |
|
| 180 |
?> |
|
Also available in: Unified diff
Update sasl classes to last version and remove all style customizations - http://www.phpclasses.org/package/1888-PHP-Single-API-for-standard-authentication-mechanisms.html