# HG changeset patch
# User Dan Fuhry <dan@enanocms.org>
# Date 1292287634 18000
# Node ID 8b637ff5e9777e2c55aadcc2d4aaffcf1e76f40c
# Parent  5a5a654fae1aa89650ac560ca17a4d4e93595c71
Added a safeguard against missing krb5 extension

diff -r 5a5a654fae1a -r 8b637ff5e977 KerberosAuthentication.php
--- a/KerberosAuthentication.php	Mon Dec 13 19:30:41 2010 -0500
+++ b/KerberosAuthentication.php	Mon Dec 13 19:47:14 2010 -0500
@@ -159,7 +159,7 @@
 }
 
 // Registration blocking hook
-if ( getConfig('kerb_disable_local_auth', 0) == 1 )
+if ( getConfig('kerb_disable_local_auth', 0) == 1 && getConfig('kerb_enable', 0) == 1 )
 {
   $plugins->attachHook('ucp_register_validate', 'kerb_auth_reg_block($error);');
 }
@@ -175,7 +175,7 @@
 
 $plugins->attachHook('session_started', 'kerb_session_hook();');
 
-if ( getConfig('kerb_disable_local_auth', 0) == 1 )
+if ( getConfig('kerb_disable_local_auth', 0) == 1 && getConfig('kerb_enable', 0) == 1 )
 {
   $plugins->attachHook('common_post', 'kerb_tou_hook();');
 }
@@ -188,7 +188,7 @@
   $paths->addAdminNode('adm_cat_security', 'Kerberos Authentication', 'KerberosConfig');
   
   // Disable password change
-  if ( getConfig('kerb_disable_local_auth', 0) == 1 && $session->user_level < USER_LEVEL_ADMIN )
+  if ( getConfig('kerb_disable_local_auth', 0) == 1 && getConfig('kerb_enable', 0) == 1 && $session->user_level < USER_LEVEL_ADMIN )
   {
     $link_text = getConfig('kerb_password_text', false);
     if ( empty($link_text) )
@@ -276,9 +276,11 @@
 
   require_once(ENANO_ROOT . '/plugins/kerbauth/libkrb5.php');
   
+  $can_enable = function_exists('kadm5_init_with_password');
+  
   if ( isset($_POST['submit']) )
   {
-    setConfig('kerb_enable', isset($_POST['kerb_enable']) ? '1' : '0');
+    setConfig('kerb_enable', isset($_POST['kerb_enable']) && $can_enable ? '1' : '0');
     setConfig('kerb_realm', $_POST['kerb_realm']);
     setConfig('kerb_admin_server', $_POST['kerb_admin_server']);
     setConfig('kerb_disable_local_auth', isset($_POST['kerb_disable_local_auth']) ? '1' : '0');
@@ -304,10 +306,14 @@
       <tr>
         <td class="row2" style="width: 50%;">
           Enable Kerberos authentication:
+          <?php
+          if ( !$can_enable )
+          	  echo '<br /><small>Please install the kadm5 PHP extension to enable Kerberos authentication.</small>';
+          ?>
         </td>
         <td class="row1" style="width: 50%;">
           <label>
-            <input type="checkbox" name="kerb_enable" <?php if ( getConfig('kerb_enable', 0) ) echo 'checked="checked" '; ?>/>
+            <input type="checkbox" name="kerb_enable" <?php if ( getConfig('kerb_enable', 0) && $can_enable ) echo 'checked="checked" '; if ( !$can_enable ) echo 'disabled="disabled" '; ?>/>
             Enabled
           </label>
         </td>