Overview

Packages

  • awl
    • caldav-client-v2
    • RRule
  • davical
    • authentication
      • drivers
    • caldav
    • DAViCalSession
    • DAVTicket
    • external-bind
    • feed
    • HTTPAuthSession
    • iSchedule
    • iSchedule-POST
    • logging
    • metrics
    • Principal
    • propfind
    • PublicSession
    • Request
    • Resource
    • tzservice
  • None
  • PHP

Classes

  • imapPamDriver
  • ldapDriver
  • pwauthPamDriver
  • rimapPamDriver
  • squidPamDriver

Functions

  • array_values_mapping
  • fix_unique_member
  • getStaticLdap
  • IMAP_PAM_check
  • LDAP_check
  • PWAUTH_PAM_check
  • RIMAP_check
  • SQUID_PAM_check
  • sync_LDAP
  • sync_LDAP_groups
  • sync_user_from_LDAP
  • Overview
  • Package
  • Function
  • Tree
  • Deprecated
  • Todo
  1: <?php
  2: /**
  3: * Authentication against IMAP using the imap_open function
  4: *
  5: * @package   davical
  6: * @category  Technical
  7: * @subpackage authentication/drivers
  8: * @author    Oliver Schulze <oliver@samera.com.py>,
  9: *            Andrew McMillan <andrew@mcmillan.net.nz>
 10: * @copyright Based on Eric Seigne script drivers_squid_pam.php
 11: * @license   http://gnu.org/copyleft/gpl.html GNU GPL v2 or later
 12: */
 13: 
 14: // The PHP interpreter will die quietly unless satisfied. This provides user feedback instead.
 15: if (!function_exists('imap_open')) {
 16:   die("drivers_rimap: php-imap required.");
 17: }
 18: 
 19: require_once("auth-functions.php");
 20: 
 21: /**
 22:  * Plugin to authenticate against IMAP
 23:  */
 24: class rimapPamDriver
 25: {
 26:   /**#@+
 27:   * @access private
 28:   */
 29: 
 30:   /**#@-*/
 31: 
 32: 
 33:   /**
 34:   * The constructor
 35:   *
 36:   * @param string $imap_url formated for imap_open()
 37:   */
 38:   function __construct($imap_url)
 39:   {
 40:       global $c;
 41:       if (empty($imap_url)){
 42:           $c->messages[] = sprintf(i18n('drivers_rimap : imap_url parameter not configured in /etc/davical/*-conf.php'));
 43:           $this->valid=false;
 44:           return ;
 45:       }
 46:   }
 47: }
 48: 
 49: 
 50: /**
 51: * Check the username / password against the IMAP server, provision from username and email_base
 52: */
 53: function RIMAP_check($username, $password ){
 54:   global $c;
 55: 
 56:   $imap_username = $username;
 57:   if ( function_exists('mb_convert_encoding') ) {
 58:     $imap_username = mb_convert_encoding($imap_username, "UTF7-IMAP",mb_detect_encoding($imap_username));
 59:   }
 60:   else {
 61:     $imap_username = imap_utf7_encode($imap_username);
 62:   }
 63: 
 64:   //$imap_url = '{localhost:143/imap/notls}';
 65:   //$imap_url = '{localhost:993/imap/ssl/novalidate-cert}';
 66:   $imap_url = $c->authenticate_hook['config']['imap_url'];
 67:   $auth_result = "ERR";
 68: 
 69:   $imap_stream = @imap_open($imap_url, $imap_username, $password, OP_HALFOPEN);
 70:   //print_r(imap_errors());
 71:   if ( $imap_stream ) {
 72:     // disconnect
 73:     imap_close($imap_stream);
 74:     // login ok
 75:     $auth_result = "OK";
 76:   }
 77: 
 78:   if ( $auth_result == "OK") {
 79:     $principal = new Principal('username',$username);
 80:     if ( ! $principal->Exists() ) {
 81:       dbg_error_log( "PAM", "Principal '%s' doesn't exist in local DB, we need to create it",$username );
 82:       if ( strstr($username, '@') ) {
 83:         $name_arr = explode('@', $username);
 84:         $fullname = ucfirst(strtolower($name_arr[0]));
 85:         $email = $username;
 86:       }
 87:       else {
 88:         $fullname = ucfirst(strtolower($username));
 89:         $email = $username . "@" . $c->authenticate_hook['config']['email_base'];
 90:       }
 91: 
 92:       $principal->Create( array(
 93:                       'username' => $username,
 94:                       'user_active' => true,
 95:                       'email' => $email,
 96:                       'fullname' => ucfirst($fullname)
 97:               ));
 98:       if ( ! $principal->Exists() ) {
 99:         dbg_error_log( "PAM", "Unable to create local principal for '%s'", $username );
100:         return false;
101:       }
102:       CreateHomeCollections($username, $c->default_timezone);
103:       CreateDefaultRelationships($username);
104:     }
105:     return $principal;
106:   }
107:   else {
108:     dbg_error_log( "PAM", "User %s is not a valid username (or password was wrong)", $username );
109:     return false;
110:   }
111: 
112: }
113: 
DAViCal API documentation generated by ApiGen 2.8.0