author | Dan Fuhry <dan@enanocms.org> |
Mon, 13 Dec 2010 20:48:25 -0500 | |
changeset 3 | 99b46c7d3ee0 |
parent 0 | 5a5a654fae1a |
permissions | -rw-r--r-- |
0
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
1 |
<?php |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
2 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
3 |
class KerberosError extends Exception |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
4 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
5 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
6 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
7 |
/** |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
8 |
* Parse an INI file, specifically one in krb5.conf format. |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
9 |
* @param string File to read |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
10 |
* @return array |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
11 |
*/ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
12 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
13 |
function krb5_read_ini_file($file) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
14 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
15 |
$fp = @fopen($file, 'r'); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
16 |
if ( !$fp ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
17 |
return array(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
18 |
$section = ''; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
19 |
$data = array(); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
20 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
21 |
while ( !feof($fp) ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
22 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
23 |
// read in line |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
24 |
$line = @fgets($fp, 8192); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
25 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
26 |
// trim and skip comments |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
27 |
$line = trim(preg_replace('/;.*$/', '', $line)); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
28 |
if ( empty($line) ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
29 |
continue; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
30 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
31 |
if ( preg_match('/^\[(.+?)\]$/', $line, $match) ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
32 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
33 |
// new section |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
34 |
$section = $match[1]; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
35 |
continue; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
36 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
37 |
if ( count($parts = explode('=', $line)) == 2 ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
38 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
39 |
list($name, $value) = $parts; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
40 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
41 |
else |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
42 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
43 |
$name = $line; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
44 |
$value = true; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
45 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
46 |
$name = trim($name); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
47 |
// ltrim to honor trailing spaces/tabs |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
48 |
$value = ltrim($value); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
49 |
if ( $value === '{' ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
50 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
51 |
$section .= ".$name"; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
52 |
$subsection = $name; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
53 |
continue; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
54 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
55 |
else if ( $name === '}' && isset($subsection) ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
56 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
57 |
$section = substr($section, 0, strlen($section) - 1 - strlen($subsection));; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
58 |
continue; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
59 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
60 |
if ( !empty($section) ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
61 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
62 |
$name = "$section.$name"; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
63 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
64 |
if ( $value === 'true' ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
65 |
$value = true; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
66 |
else if ( $value === 'false' ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
67 |
$value = false; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
68 |
else if ( ctype_digit($value) ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
69 |
$value = intval($value); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
70 |
$data[$name] = $value; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
71 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
72 |
fclose($fp); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
73 |
return $data; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
74 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
75 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
76 |
function krb5_get_config() |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
77 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
78 |
static $config = false; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
79 |
if ( @file_exists('/etc/krb5.conf') && @is_readable('/etc/krb5.conf') ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
80 |
return $config = krb5_read_ini_file('/etc/krb5.conf'); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
81 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
82 |
return false; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
83 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
84 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
85 |
function krb5_get_realm() |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
86 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
87 |
if ( $config = krb5_get_config() ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
88 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
89 |
if ( isset($config['libdefaults.default_realm']) ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
90 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
91 |
return $config['libdefaults.default_realm']; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
92 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
93 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
94 |
return false; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
95 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
96 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
97 |
function krb5_detect_admin_server($realm = '__default__') |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
98 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
99 |
if ( $config = krb5_get_config() ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
100 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
101 |
if ( isset($config['libdefaults.default_realm']) ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
102 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
103 |
$realm = ($realm == '__default__') ? $config['libdefaults.default_realm'] : $realm; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
104 |
// we have the default realm; determine what the admin server is |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
105 |
if ( isset($config["realms.$realm.admin_server"]) ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
106 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
107 |
return $config["realms.$realm.admin_server"]; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
108 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
109 |
// failing ini parsing, honor dns_lookup_kdc (this isn't strictly looking up KDCs, more the master, but this allows for configurability) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
110 |
if ( isset($config['libdefaults.dns_lookup_kdc']) && $config['libdefaults.dns_lookup_kdc'] && function_exists('dns_get_record') ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
111 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
112 |
// look it up |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
113 |
$dns_result = dns_get_record('_kerberos-master._udp.' . strtolower($realm), DNS_SRV); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
114 |
// find result with lowest priority |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
115 |
$host = ''; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
116 |
$pri = 0x7FFFFFFF; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
117 |
if ( $dns_result ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
118 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
119 |
foreach ( $dns_result as $entry ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
120 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
121 |
if ( $entry['pri'] < $pri ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
122 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
123 |
$host = $entry['target']; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
124 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
125 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
126 |
if ( !empty($host) ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
127 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
128 |
return $host; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
129 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
130 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
131 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
132 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
133 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
134 |
return false; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
135 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
136 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
137 |
function krb5_verify_creds($username, $password) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
138 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
139 |
$realm = getConfig('kerb_realm', krb5_get_realm()); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
140 |
$server = getConfig('kerb_admin_server', krb5_detect_admin_server($realm)); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
141 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
142 |
if ( empty($realm) || empty($server) ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
143 |
throw new KerberosError("Empty realm or server"); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
144 |
|
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
145 |
$result = kadm5_init_with_password($server, $realm, $username, $password); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
146 |
if ( $result === FALSE ) |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
147 |
{ |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
148 |
return FALSE; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
149 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
150 |
@kadm5_destroy($result); |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
151 |
return TRUE; |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
152 |
} |
5a5a654fae1a
First commit. Based on the RADIUS plugin. It works.
Dan Fuhry <dan@enanocms.org>
parents:
diff
changeset
|
153 |