From e7c9af97eaf93d74284e1fb5cbfba79171138acd Mon Sep 17 00:00:00 2001 From: Pierre POMES Date: Mon, 3 Jan 2011 17:47:08 -0500 Subject: Ticket #1141. Add missing sasl.inc --- etc/inc/sasl.inc | 422 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 422 insertions(+) create mode 100644 etc/inc/sasl.inc diff --git a/etc/inc/sasl.inc b/etc/inc/sasl.inc new file mode 100644 index 0000000..d64442e --- /dev/null +++ b/etc/inc/sasl.inc @@ -0,0 +1,422 @@ + + + + net.manuellemos.sasl + + @(#) $Id: sasl.php,v 1.11 2005/10/31 18:43:27 mlemos Exp $ + Copyright © (C) Manuel Lemos 2004 + Simple Authentication and Security Layer client + Manuel Lemos + mlemos-at-acm.org + + + en + Provide a common interface to plug-in driver classes that + implement different mechanisms for authentication used by clients of + standard protocols like SMTP, POP3, IMAP, HTTP, etc.. Currently the + supported authentication mechanisms are: PLAIN, + LOGIN, CRAM-MD5, Digest and NTML + (Windows or Samba). + . + + +{/metadocument} +*/ + +class sasl_client_class +{ + /* Public variables */ + +/* +{metadocument} + + error + STRING + + + Store the message that is returned when an error + occurs. + Check this variable to understand what happened when a call to + any of the class functions has failed. + This class uses cumulative error handling. This means that if one + class functions that may fail is called and this variable was + already set to an error message due to a failure in a previous call + to the same or other function, the function will also fail and does + not do anything. + This allows programs using this class to safely call several + functions that may fail and only check the failure condition after + the last function call. + Just set this variable to an empty string to clear the error + condition. + + +{/metadocument} +*/ + var $error=''; + +/* +{metadocument} + + mechanism + STRING + + + Store the name of the mechanism that was selected during the + call to the Start function. + You can access this variable but do not change it. + + +{/metadocument} +*/ + var $mechanism=''; + +/* +{metadocument} + + encode_response + BOOLEAN + 1 + + Let the drivers inform the applications whether responses + need to be encoded. + Applications should check this variable before sending + authentication responses to the server to determine if the + responses need to be encoded, eventually with base64 algorithm. + + +{/metadocument} +*/ + var $encode_response=1; + + /* Private variables */ + + var $driver; + var $drivers=array( + "Digest" => array("digest_sasl_client_class", "digest_sasl_client.inc" ), + "CRAM-MD5" => array("cram_md5_sasl_client_class", "cram_md5_sasl_client.inc" ), + "LOGIN" => array("login_sasl_client_class", "login_sasl_client.inc" ), + "NTLM" => array("ntlm_sasl_client_class", "ntlm_sasl_client.inc" ), + "PLAIN" => array("plain_sasl_client_class", "plain_sasl_client.inc" ), + "Basic" => array("basic_sasl_client_class", "basic_sasl_client.inc" ) + ); + var $credentials=array(); + + /* Public functions */ + +/* +{metadocument} + + SetCredential + VOID + + Store the value of a credential that may be used by any of + the supported mechanisms to process the authentication messages and + responses. + Call this function before starting the authentication dialog + to pass all the credential values that be needed to use the type + of authentication that the applications may need. + . + + + key + STRING + + Specify the name of the credential key. + + + + value + STRING + + Specify the value for the credential. + + + +{/metadocument} +*/ + Function SetCredential($key,$value) + { + $this->credentials[$key]=$value; + } +/* +{metadocument} + + +{/metadocument} +*/ + +/* +{metadocument} + + GetCredentials + INTEGER + + Retrieve the values of one or more credentials to be used by + the authentication mechanism classes. + This is meant to be used by authentication mechanism driver + classes to retrieve the credentials that may be neede. + The function may return SASL_CONTINUE if it + succeeded, or SASL_NOMECH if it was not possible to + retrieve one of the requested credentials. + + + credentials + HASH + + Reference to an associative array variable with all the + credentials that are being requested. The function initializes + this associative array values. + + + + defaults + HASH + + Associative arrays with default values for credentials + that may have not been defined. + + + + interactions + ARRAY + + Not yet in use. It is meant to provide context + information to retrieve credentials that may be obtained + interacting with the user. + + + +{/metadocument} +*/ + Function GetCredentials(&$credentials,$defaults,&$interactions) + { + Reset($credentials); + $end=(GetType($key=Key($credentials))!="string"); + for(;!$end;) + { + if(!IsSet($this->credentials[$key])) + { + if(IsSet($defaults[$key])) + $credentials[$key]=$defaults[$key]; + else + { + $this->error="the requested credential ".$key." is not defined"; + return(SASL_NOMECH); + } + } + else + $credentials[$key]=$this->credentials[$key]; + Next($credentials); + $end=(GetType($key=Key($credentials))!="string"); + } + return(SASL_CONTINUE); + } +/* +{metadocument} + + +{/metadocument} +*/ + +/* +{metadocument} + + Start + INTEGER + + Process the initial authentication step initializing the + driver class that implements the first of the list of requested + mechanisms that is supported by this SASL client library + implementation. + Call this function specifying a list of mechanisms that the + server supports. If the + message + Start + argument returns a string, it should be sent to + the server as initial message. Check the + encode_response variable to determine + whether the initial message needs to be encoded, eventually with + base64 algorithm, before it is sent to the server. + The function may return SASL_CONTINUE if it + could start one of the requested authentication mechanisms. It + may return SASL_NOMECH if it was not possible to start + any of the requested mechanisms. It returns SASL_FAIL or + other value in case of error. + + + mechanisms + ARRAY + + + Define the list of names of authentication mechanisms + supported by the that should be tried. + + + + message + STRING + + + Return the initial message that should be sent to the + server to start the authentication dialog. If this value is + undefined, no message should be sent to the server. + + + + interactions + ARRAY + + Not yet in use. It is meant to provide context + information to interact with the end user. + + + +{/metadocument} +*/ + Function Start($mechanisms, &$message, &$interactions) + { + if(strlen($this->error)) + return(SASL_FAIL); + if(IsSet($this->driver)) + return($this->driver->Start($this,$message,$interactions)); + $no_mechanism_error=""; + for($m=0;$mdrivers[$mechanism])) + { + if(!class_exists($this->drivers[$mechanism][0])) + require(dirname(__FILE__)."/".$this->drivers[$mechanism][1]); + $this->driver=new $this->drivers[$mechanism][0]; + if($this->driver->Initialize($this)) + { + $this->encode_response=1; + $status=$this->driver->Start($this,$message,$interactions); + switch($status) + { + case SASL_NOMECH: + Unset($this->driver); + if(strlen($no_mechanism_error)==0) + $no_mechanism_error=$this->error; + $this->error=""; + break; + case SASL_CONTINUE: + $this->mechanism=$mechanism; + return($status); + default: + Unset($this->driver); + $this->error=""; + return($status); + } + } + else + { + Unset($this->driver); + if(strlen($no_mechanism_error)==0) + $no_mechanism_error=$this->error; + $this->error=""; + } + } + } + $this->error=(strlen($no_mechanism_error) ? $no_mechanism_error : "it was not requested any of the authentication mechanisms that are supported"); + return(SASL_NOMECH); + } +/* +{metadocument} + + +{/metadocument} +*/ + +/* +{metadocument} + + Step + INTEGER + + Process the authentication steps after the initial step, + until the authetication iteration dialog is complete. + Call this function iteratively after a successful initial + step calling the Start function. + The function returns SASL_CONTINUE if step was + processed successfully, or returns SASL_FAIL in case of + error. + + + response + STRING + + + Pass the response returned by the server to the previous + step. + + + + message + STRING + + + Return the message that should be sent to the server to + continue the authentication dialog. If this value is undefined, + no message should be sent to the server. + + + + interactions + ARRAY + + Not yet in use. It is meant to provide context + information to interact with the end user. + + + +{/metadocument} +*/ + Function Step($response, &$message, &$interactions) + { + if(strlen($this->error)) + return(SASL_FAIL); + return($this->driver->Step($this,$response,$message,$interactions)); + } +/* +{metadocument} + + +{/metadocument} +*/ + +}; + +/* + +{metadocument} + +{/metadocument} + +*/ + +?> -- cgit v1.1