1: <?php
2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12:
13:
14: require_once("auth-functions.php");
15:
16: 17: 18:
19: class squidPamDriver
20: {
21: 22: 23:
24:
25:
26:
27:
28: 29: 30: 31: 32:
33: function __construct($config) {
34: global $c;
35: if (! file_exists($config)){
36: $c->messages[] = sprintf(i18n( 'drivers_squid_pam : Unable to find %s file'), $config );
37: $this->valid=false;
38: return ;
39: }
40: }
41: }
42:
43:
44: 45: 46:
47: function SQUID_PAM_check($username, $password ){
48: global $c;
49:
50: $script = $c->authenticate_hook['config']['script'];
51: if ( empty($script) ) $script = $c->authenticate_hook['config']['path'];
52: $cmd = sprintf( 'echo %s %s | %s -n common-auth', escapeshellarg($username), escapeshellarg($password),
53: $script);
54: $auth_result = exec($cmd);
55: if ( $auth_result == "OK") {
56: dbg_error_log('PAM', 'User %s successfully authenticated', $username);
57: $principal = new Principal('username',$username);
58: if ( !$principal->Exists() ) {
59: dbg_error_log('PAM', 'User %s does not exist in local db, creating', $username);
60: $pwent = posix_getpwnam($username);
61: $gecos = explode(',',$pwent['gecos']);
62: $fullname = $gecos[0];
63: $principal->Create( array(
64: 'username' => $username,
65: 'user_active' => 't',
66: 'email' => sprintf('%s@%s', $username, $email_base),
67: 'fullname' => $fullname
68: ));
69: if ( ! $principal->Exists() ) {
70: dbg_error_log( "PAM", "Unable to create local principal for '%s'", $username );
71: return false;
72: }
73: CreateHomeCollections($username, $c->default_timezone);
74: CreateDefaultRelationships($username);
75: }
76: return $principal;
77: }
78: else {
79: dbg_error_log( "PAM", "User %s is not a valid username (or password was wrong)", $username );
80: return false;
81: }
82:
83: }
84: