eric/hesk-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source 
Signed-off-by: Luke Tainton <luke@tainton.uk>
This commit is contained in:
Luke Tainton
2020-02-26 12:23:50 +00:00
commit 39782c53ef
500 changed files with 141257 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
hesk/inc/mail/sasl/basic_sasl_client.php Normal file
View File

@@ -0,0 +1,61 @@
<?php
/*
* basic_sasl_client.php
*
* @(#) $Id: basic_sasl_client.php,v 1.1 2004/11/17 08:01:23 mlemos Exp $
*
*/
define("SASL_BASIC_STATE_START", 0);
define("SASL_BASIC_STATE_DONE", 1);
class basic_sasl_client_class
{
var $credentials=array();
var $state=SASL_BASIC_STATE_START;
Function Initialize(&$client)
{
return(1);
}
Function Start(&$client, &$message, &$interactions)
{
if($this->state!=SASL_BASIC_STATE_START)
{
$client->error="Basic authentication state is not at the start";
return(SASL_FAIL);
}
$this->credentials=array(
"user"=>"",
"password"=>""
);
$defaults=array(
);
$status=$client->GetCredentials($this->credentials,$defaults,$interactions);
if($status==SASL_CONTINUE)
{
$message=$this->credentials["user"].":".$this->credentials["password"];
$this->state=SASL_BASIC_STATE_DONE;
}
else
Unset($message);
return($status);
}
Function Step(&$client, $response, &$message, &$interactions)
{
switch($this->state)
{
case SASL_BASIC_STATE_DONE:
$client->error="Basic authentication was finished without success";
return(SASL_FAIL);
default:
$client->error="invalid Basic authentication step state";
return(SASL_FAIL);
}
return(SASL_CONTINUE);
}
};
?>

67
hesk/inc/mail/sasl/cram_md5_sasl_client.php Normal file
View File

@@ -0,0 +1,67 @@
<?php
/*
* cram_md5_sasl_client.php
*
* @(#) $Id: cram_md5_sasl_client.php,v 1.3 2004/11/17 08:00:37 mlemos Exp $
*
*/
define("SASL_CRAM_MD5_STATE_START", 0);
define("SASL_CRAM_MD5_STATE_RESPOND_CHALLENGE", 1);
define("SASL_CRAM_MD5_STATE_DONE", 2);
class cram_md5_sasl_client_class
{
var $credentials=array();
var $state=SASL_CRAM_MD5_STATE_START;
Function Initialize(&$client)
{
return(1);
}
Function HMACMD5($key,$text)
{
$key=(strlen($key)<64 ? str_pad($key,64,"\0") : substr($key,0,64));
return(md5((str_repeat("\x5c", 64)^$key).pack("H32", md5((str_repeat("\x36", 64)^$key).$text))));
}
Function Start(&$client, &$message, &$interactions)
{
if($this->state!=SASL_CRAM_MD5_STATE_START)
{
$client->error="CRAM-MD5 authentication state is not at the start";
return(SASL_FAIL);
}
$this->credentials=array(
"user"=>"",
"password"=>""
);
$defaults=array();
$status=$client->GetCredentials($this->credentials,$defaults,$interactions);
if($status==SASL_CONTINUE)
$this->state=SASL_CRAM_MD5_STATE_RESPOND_CHALLENGE;
Unset($message);
return($status);
}
Function Step(&$client, $response, &$message, &$interactions)
{
switch($this->state)
{
case SASL_CRAM_MD5_STATE_RESPOND_CHALLENGE:
$message=$this->credentials["user"]." ".$this->HMACMD5($this->credentials["password"], $response);
$this->state=SASL_CRAM_MD5_STATE_DONE;
break;
case SASL_CRAM_MD5_STATE_DONE:
$client->error="CRAM-MD5 authentication was finished without success";
return(SASL_FAIL);
default:
$client->error="invalid CRAM-MD5 authentication step state";
return(SASL_FAIL);
}
return(SASL_CONTINUE);
}
};
?>

135
hesk/inc/mail/sasl/digest_sasl_client.php Normal file
View File

@@ -0,0 +1,135 @@
<?php
/*
* digest_sasl_client.php
*
* @(#) $Id: digest_sasl_client.php,v 1.1 2005/10/27 05:24:15 mlemos Exp $
*
*/
define('SASL_DIGEST_STATE_START', 0);
define('SASL_DIGEST_STATE_RESPOND_CHALLENGE', 1);
define('SASL_DIGEST_STATE_DONE', 2);
class digest_sasl_client_class
{
var $credentials=array();
var $state=SASL_DIGEST_STATE_START;
Function unq($string)
{
return(($string[0]=='"' && $string[strlen($string)-1]=='"') ? substr($string, 1, strlen($string)-2) : $string);
}
Function H($data)
{
return md5($data);
}
Function KD($secret, $data)
{
return $this->H($secret.':'.$data);
}
Function Initialize(&$client)
{
return(1);
}
Function Start(&$client, &$message, &$interactions)
{
if($this->state!=SASL_DIGEST_STATE_START)
{
$client->error='Digest authentication state is not at the start';
return(SASL_FAIL);
}
$this->credentials=array(
'user'=>'',
'password'=>'',
'uri'=>'',
'method'=>'',
'session'=>''
);
$defaults=array();
$status=$client->GetCredentials($this->credentials,$defaults,$interactions);
if($status==SASL_CONTINUE)
$this->state=SASL_DIGEST_STATE_RESPOND_CHALLENGE;
Unset($message);
return($status);
}
Function Step(&$client, $response, &$message, &$interactions)
{
switch($this->state)
{
case SASL_DIGEST_STATE_RESPOND_CHALLENGE:
$values=explode(',',$response);
$parameters=array();
for($v=0; $v<count($values); $v++)
$parameters[strtok(trim($values[$v]), '=')]=strtok('');
$message='username="'.$this->credentials['user'].'"';
if(!IsSet($parameters[$p='realm'])
&& !IsSet($parameters[$p='nonce']))
{
$client->error='Digest authentication parameter '.$p.' is missing from the server response';
return(SASL_FAIL);
}
$message.=', realm='.$parameters['realm'];
$message.=', nonce='.$parameters['nonce'];
$message.=', uri="'.$this->credentials['uri'].'"';
if(IsSet($parameters['algorithm']))
{
$algorithm=$this->unq($parameters['algorithm']);
$message.=', algorithm='.$parameters['algorithm'];
}
else
$algorithm='';
$realm=$this->unq($parameters['realm']);
$nonce=$this->unq($parameters['nonce']);
if(IsSet($parameters['qop']))
{
switch($qop=$this->unq($parameters['qop']))
{
case "auth":
$cnonce=$this->credentials['session'];
break;
default:
$client->error='Digest authentication quality of protection '.$qop.' is not yet supported';
return(SASL_FAIL);
}
}
$nc_value='00000001';
if(IsSet($parameters['qop'])
&& !strcmp($algorithm, 'MD5-sess'))
$A1=$this->H($this->credentials['user'].':'. $realm.':'. $this->credentials['password']).':'.$nonce.':'.$cnonce;
else
$A1=$this->credentials['user'].':'. $realm.':'. $this->credentials['password'];
$A2=$this->credentials['method'].':'.$this->credentials['uri'];
if(IsSet($parameters['qop']))
$response=$this->KD($this->H($A1), $nonce.':'. $nc_value.':'. $cnonce.':'. $qop.':'. $this->H($A2));
else
$response=$this->KD($this->H($A1), $nonce.':'. $this->H($A2));
$message.=', response="'.$response.'"';
if(IsSet($parameters['opaque']))
$message.=', opaque='.$parameters['opaque'];
if(IsSet($parameters['qop']))
$message.=', qop="'.$qop.'"';
$message.=', nc='.$nc_value;
if(IsSet($parameters['qop']))
$message.=', cnonce="'.$cnonce.'"';
$client->encode_response=0;
$this->state=SASL_DIGEST_STATE_DONE;
break;
case SASL_DIGEST_STATE_DONE:
$client->error='Digest authentication was finished without success';
return(SASL_FAIL);
default:
$client->error='invalid Digest authentication step state';
return(SASL_FAIL);
}
return(SASL_CONTINUE);
}
};
?>

8
hesk/inc/mail/sasl/index.htm Normal file
View File

@@ -0,0 +1,8 @@
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>403 Forbidden</TITLE>
</HEAD><BODY>
<H1>Forbidden</H1>
You don't have permission to access this folder.<P>
<hr />
</BODY></HTML>

69
hesk/inc/mail/sasl/login_sasl_client.php Normal file
View File

@@ -0,0 +1,69 @@
<?php
/*
* login_sasl_client.php
*
* @(#) $Id: login_sasl_client.php,v 1.2 2004/11/17 08:00:37 mlemos Exp $
*
*/
define("SASL_LOGIN_STATE_START", 0);
define("SASL_LOGIN_STATE_IDENTIFY_USER", 1);
define("SASL_LOGIN_STATE_IDENTIFY_PASSWORD", 2);
define("SASL_LOGIN_STATE_DONE", 3);
class login_sasl_client_class
{
var $credentials=array();
var $state=SASL_LOGIN_STATE_START;
Function Initialize(&$client)
{
return(1);
}
Function Start(&$client, &$message, &$interactions)
{
if($this->state!=SASL_LOGIN_STATE_START)
{
$client->error="LOGIN authentication state is not at the start";
return(SASL_FAIL);
}
$this->credentials=array(
"user"=>"",
"password"=>"",
"realm"=>""
);
$defaults=array(
"realm"=>""
);
$status=$client->GetCredentials($this->credentials,$defaults,$interactions);
if($status==SASL_CONTINUE)
$this->state=SASL_LOGIN_STATE_IDENTIFY_USER;
Unset($message);
return($status);
}
Function Step(&$client, $response, &$message, &$interactions)
{
switch($this->state)
{
case SASL_LOGIN_STATE_IDENTIFY_USER:
$message=$this->credentials["user"].(strlen($this->credentials["realm"]) ? "@".$this->credentials["realm"] : "");
$this->state=SASL_LOGIN_STATE_IDENTIFY_PASSWORD;
break;
case SASL_LOGIN_STATE_IDENTIFY_PASSWORD:
$message=$this->credentials["password"];
$this->state=SASL_LOGIN_STATE_DONE;
break;
case SASL_LOGIN_STATE_DONE:
$client->error="LOGIN authentication was finished without success";
break;
default:
$client->error="invalid LOGIN authentication step state";
return(SASL_FAIL);
}
return(SASL_CONTINUE);
}
};
?>

180
hesk/inc/mail/sasl/ntlm_sasl_client.php Normal file
View File

@@ -0,0 +1,180 @@
<?php
/*
* ntlm_sasl_client.php
*
* @(#) $Id: ntlm_sasl_client.php,v 1.3 2004/11/17 08:00:37 mlemos Exp $
*
*/
define("SASL_NTLM_STATE_START", 0);
define("SASL_NTLM_STATE_IDENTIFY_DOMAIN", 1);
define("SASL_NTLM_STATE_RESPOND_CHALLENGE", 2);
define("SASL_NTLM_STATE_DONE", 3);
class ntlm_sasl_client_class
{
var $credentials=array();
var $state=SASL_NTLM_STATE_START;
Function Initialize(&$client)
{
if(!function_exists($function="mcrypt_encrypt")
|| !function_exists($function="mhash"))
{
$extensions=array(
"mcrypt_encrypt"=>"mcrypt",
"mhash"=>"mhash"
);
$client->error="the extension ".$extensions[$function]." required by the NTLM SASL client class is not available in this PHP configuration";
return(0);
}
return(1);
}
Function ASCIIToUnicode($ascii)
{
for($unicode="",$a=0;$a<strlen($ascii);$a++)
$unicode.=substr($ascii,$a,1).chr(0);
return($unicode);
}
Function TypeMsg1($domain,$workstation)
{
$domain_length=strlen($domain);
$workstation_length=strlen($workstation);
$workstation_offset=32;
$domain_offset=$workstation_offset+$workstation_length;
return(
"NTLMSSP\0".
"\x01\x00\x00\x00".
"\x07\x32\x00\x00".
pack("v",$domain_length).
pack("v",$domain_length).
pack("V",$domain_offset).
pack("v",$workstation_length).
pack("v",$workstation_length).
pack("V",$workstation_offset).
$workstation.
$domain
);
}
Function NTLMResponse($challenge,$password)
{
$unicode=$this->ASCIIToUnicode($password);
$md4=mhash(MHASH_MD4,$unicode);
$padded=$md4.str_repeat(chr(0),21-strlen($md4));
$iv_size=mcrypt_get_iv_size(MCRYPT_DES,MCRYPT_MODE_ECB);
$iv=mcrypt_create_iv($iv_size,MCRYPT_RAND);
for($response="",$third=0;$third<21;$third+=7)
{
for($packed="",$p=$third;$p<$third+7;$p++)
$packed.=str_pad(decbin(ord(substr($padded,$p,1))),8,"0",STR_PAD_LEFT);
for($key="",$p=0;$p<strlen($packed);$p+=7)
{
$s=substr($packed,$p,7);
$b=$s.((substr_count($s,"1") % 2) ? "0" : "1");
$key.=chr(bindec($b));
}
$ciphertext=mcrypt_encrypt(MCRYPT_DES,$key,$challenge,MCRYPT_MODE_ECB,$iv);
$response.=$ciphertext;
}
return $response;
}
Function TypeMsg3($ntlm_response,$user,$domain,$workstation)
{
$domain_unicode=$this->ASCIIToUnicode($domain);
$domain_length=strlen($domain_unicode);
$domain_offset=64;
$user_unicode=$this->ASCIIToUnicode($user);
$user_length=strlen($user_unicode);
$user_offset=$domain_offset+$domain_length;
$workstation_unicode=$this->ASCIIToUnicode($workstation);
$workstation_length=strlen($workstation_unicode);
$workstation_offset=$user_offset+$user_length;
$lm="";
$lm_length=strlen($lm);
$lm_offset=$workstation_offset+$workstation_length;
$ntlm=$ntlm_response;
$ntlm_length=strlen($ntlm);
$ntlm_offset=$lm_offset+$lm_length;
$session="";
$session_length=strlen($session);
$session_offset=$ntlm_offset+$ntlm_length;
return(
"NTLMSSP\0".
"\x03\x00\x00\x00".
pack("v",$lm_length).
pack("v",$lm_length).
pack("V",$lm_offset).
pack("v",$ntlm_length).
pack("v",$ntlm_length).
pack("V",$ntlm_offset).
pack("v",$domain_length).
pack("v",$domain_length).
pack("V",$domain_offset).
pack("v",$user_length).
pack("v",$user_length).
pack("V",$user_offset).
pack("v",$workstation_length).
pack("v",$workstation_length).
pack("V",$workstation_offset).
pack("v",$session_length).
pack("v",$session_length).
pack("V",$session_offset).
"\x01\x02\x00\x00".
$domain_unicode.
$user_unicode.
$workstation_unicode.
$lm.
$ntlm
);
}
Function Start(&$client, &$message, &$interactions)
{
if($this->state!=SASL_NTLM_STATE_START)
{
$client->error="NTLM authentication state is not at the start";
return(SASL_FAIL);
}
$this->credentials=array(
"user"=>"",
"password"=>"",
"realm"=>"",
"workstation"=>""
);
$defaults=array();
$status=$client->GetCredentials($this->credentials,$defaults,$interactions);
if($status==SASL_CONTINUE)
$this->state=SASL_NTLM_STATE_IDENTIFY_DOMAIN;
Unset($message);
return($status);
}
Function Step(&$client, $response, &$message, &$interactions)
{
switch($this->state)
{
case SASL_NTLM_STATE_IDENTIFY_DOMAIN:
$message=$this->TypeMsg1($this->credentials["realm"],$this->credentials["workstation"]);
$this->state=SASL_NTLM_STATE_RESPOND_CHALLENGE;
break;
case SASL_NTLM_STATE_RESPOND_CHALLENGE:
$ntlm_response=$this->NTLMResponse(substr($response,24,8),$this->credentials["password"]);
$message=$this->TypeMsg3($ntlm_response,$this->credentials["user"],$this->credentials["realm"],$this->credentials["workstation"]);
$this->state=SASL_NTLM_STATE_DONE;
break;
case SASL_NTLM_STATE_DONE:
$client->error="NTLM authentication was finished without success";
return(SASL_FAIL);
default:
$client->error="invalid NTLM authentication step state";
return(SASL_FAIL);
}
return(SASL_CONTINUE);
}
};
?>

99
hesk/inc/mail/sasl/plain_sasl_client.php Normal file
View File

@@ -0,0 +1,99 @@
<?php
/*
* plain_sasl_client.php
*
* @(#) $Id: plain_sasl_client.php,v 1.2 2004/11/17 08:00:37 mlemos Exp $
*
*/
define("SASL_PLAIN_STATE_START", 0);
define("SASL_PLAIN_STATE_IDENTIFY", 1);
define("SASL_PLAIN_STATE_DONE", 2);
define("SASL_PLAIN_DEFAULT_MODE", 0);
define("SASL_PLAIN_EXIM_MODE", 1);
define("SASL_PLAIN_EXIM_DOCUMENTATION_MODE", 2);
class plain_sasl_client_class
{
var $credentials=array();
var $state=SASL_PLAIN_STATE_START;
Function Initialize(&$client)
{
return(1);
}
Function Start(&$client, &$message, &$interactions)
{
if($this->state!=SASL_PLAIN_STATE_START)
{
$client->error="PLAIN authentication state is not at the start";
return(SASL_FAIL);
}
$this->credentials=array(
"user"=>"",
"password"=>"",
"realm"=>"",
"mode"=>""
);
$defaults=array(
"realm"=>"",
"mode"=>""
);
$status=$client->GetCredentials($this->credentials,$defaults,$interactions);
if($status==SASL_CONTINUE)
{
switch($this->credentials["mode"])
{
case SASL_PLAIN_EXIM_MODE:
$message=$this->credentials["user"]."\0".$this->credentials["password"]."\0";
break;
case SASL_PLAIN_EXIM_DOCUMENTATION_MODE:
$message="\0".$this->credentials["user"]."\0".$this->credentials["password"];
break;
default:
$message=$this->credentials["user"]."\0".$this->credentials["user"].(strlen($this->credentials["realm"]) ? "@".$this->credentials["realm"] : "")."\0".$this->credentials["password"];
break;
}
$this->state=SASL_PLAIN_STATE_DONE;
}
else
Unset($message);
return($status);
}
Function Step(&$client, $response, &$message, &$interactions)
{
switch($this->state)
{
/*
case SASL_PLAIN_STATE_IDENTIFY:
switch($this->credentials["mode"])
{
case SASL_PLAIN_EXIM_MODE:
$message=$this->credentials["user"]."\0".$this->credentials["password"]."\0";
break;
case SASL_PLAIN_EXIM_DOCUMENTATION_MODE:
$message="\0".$this->credentials["user"]."\0".$this->credentials["password"];
break;
default:
$message=$this->credentials["user"]."\0".$this->credentials["user"].(strlen($this->credentials["realm"]) ? "@".$this->credentials["realm"] : "")."\0".$this->credentials["password"];
break;
}
var_dump($message);
$this->state=SASL_PLAIN_STATE_DONE;
break;
*/
case SASL_PLAIN_STATE_DONE:
$client->error="PLAIN authentication was finished without success";
return(SASL_FAIL);
default:
$client->error="invalid PLAIN authentication step state";
return(SASL_FAIL);
}
return(SASL_CONTINUE);
}
};
?>

422
hesk/inc/mail/sasl/sasl.php Normal file
View File

@@ -0,0 +1,422 @@
<?php
/*
* sasl.php
*
* @(#) $Id: sasl.php,v 1.11 2005/10/31 18:43:27 mlemos Exp $
*
*/
define("SASL_INTERACT", 2);
define("SASL_CONTINUE", 1);
define("SASL_OK", 0);
define("SASL_FAIL", -1);
define("SASL_NOMECH", -4);
class sasl_interact_class
{
var $id;
var $challenge;
var $prompt;
var $default_result;
var $result;
};
/*
{metadocument}<?xml version="1.0" encoding="ISO-8859-1" ?>
<class>
<package>net.manuellemos.sasl</package>
<version>@(#) $Id: sasl.php,v 1.11 2005/10/31 18:43:27 mlemos Exp $</version>
<copyright>Copyright <20> (C) Manuel Lemos 2004</copyright>
<title>Simple Authentication and Security Layer client</title>
<author>Manuel Lemos</author>
<authoraddress>mlemos-at-acm.org</authoraddress>
<documentation>
<idiom>en</idiom>
<purpose>Provide a common interface to plug-in driver classes that
implement different mechanisms for authentication used by clients of
standard protocols like SMTP, POP3, IMAP, HTTP, etc.. Currently the
supported authentication mechanisms are: <tt>PLAIN</tt>,
<tt>LOGIN</tt>, <tt>CRAM-MD5</tt>, <tt>Digest</tt> and <tt>NTML</tt>
(Windows or Samba).</purpose>
<usage>.</usage>
</documentation>
{/metadocument}
*/
class sasl_client_class
{
/* Public variables */
/*
{metadocument}
<variable>
<name>error</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Store the message that is returned when an error
occurs.</purpose>
<usage>Check this variable to understand what happened when a call to
any of the class functions has failed.<paragraphbreak />
This class uses cumulative error handling. This means that if one
class functions that may fail is called and this variable was
already set to an error message due to a failure in a previous call
to the same or other function, the function will also fail and does
not do anything.<paragraphbreak />
This allows programs using this class to safely call several
functions that may fail and only check the failure condition after
the last function call.<paragraphbreak />
Just set this variable to an empty string to clear the error
condition.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $error='';
/*
{metadocument}
<variable>
<name>mechanism</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Store the name of the mechanism that was selected during the
call to the <functionlink>Start</functionlink> function.</purpose>
<usage>You can access this variable but do not change it.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $mechanism='';
/*
{metadocument}
<variable>
<name>encode_response</name>
<type>BOOLEAN</type>
<value>1</value>
<documentation>
<purpose>Let the drivers inform the applications whether responses
need to be encoded.</purpose>
<usage>Applications should check this variable before sending
authentication responses to the server to determine if the
responses need to be encoded, eventually with base64 algorithm.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $encode_response=1;
/* Private variables */
var $driver;
var $drivers=array(
"Digest" => array("digest_sasl_client_class", "digest_sasl_client.php" ),
"CRAM-MD5" => array("cram_md5_sasl_client_class", "cram_md5_sasl_client.php" ),
"LOGIN" => array("login_sasl_client_class", "login_sasl_client.php" ),
"NTLM" => array("ntlm_sasl_client_class", "ntlm_sasl_client.php" ),
"PLAIN" => array("plain_sasl_client_class", "plain_sasl_client.php" ),
"Basic" => array("basic_sasl_client_class", "basic_sasl_client.php" )
);
var $credentials=array();
/* Public functions */
/*
{metadocument}
<function>
<name>SetCredential</name>
<type>VOID</type>
<documentation>
<purpose>Store the value of a credential that may be used by any of
the supported mechanisms to process the authentication messages and
responses.</purpose>
<usage>Call this function before starting the authentication dialog
to pass all the credential values that be needed to use the type
of authentication that the applications may need.</usage>
<returnvalue>.</returnvalue>
</documentation>
<argument>
<name>key</name>
<type>STRING</type>
<documentation>
<purpose>Specify the name of the credential key.</purpose>
</documentation>
</argument>
<argument>
<name>value</name>
<type>STRING</type>
<documentation>
<purpose>Specify the value for the credential.</purpose>
</documentation>
</argument>
<do>
{/metadocument}
*/
Function SetCredential($key,$value)
{
$this->credentials[$key]=$value;
}
/*
{metadocument}
</do>
</function>
{/metadocument}
*/
/*
{metadocument}
<function>
<name>GetCredentials</name>
<type>INTEGER</type>
<documentation>
<purpose>Retrieve the values of one or more credentials to be used by
the authentication mechanism classes.</purpose>
<usage>This is meant to be used by authentication mechanism driver
classes to retrieve the credentials that may be neede.</usage>
<returnvalue>The function may return <tt>SASL_CONTINUE</tt> if it
succeeded, or <tt>SASL_NOMECH</tt> if it was not possible to
retrieve one of the requested credentials.</returnvalue>
</documentation>
<argument>
<name>credentials</name>
<type>HASH</type>
<documentation>
<purpose>Reference to an associative array variable with all the
credentials that are being requested. The function initializes
this associative array values.</purpose>
</documentation>
</argument>
<argument>
<name>defaults</name>
<type>HASH</type>
<documentation>
<purpose>Associative arrays with default values for credentials
that may have not been defined.</purpose>
</documentation>
</argument>
<argument>
<name>interactions</name>
<type>ARRAY</type>
<documentation>
<purpose>Not yet in use. It is meant to provide context
information to retrieve credentials that may be obtained
interacting with the user.</purpose>
</documentation>
</argument>
<do>
{/metadocument}
*/
Function GetCredentials(&$credentials,$defaults,&$interactions)
{
Reset($credentials);
$end=(GetType($key=Key($credentials))!="string");
for(;!$end;)
{
if(!IsSet($this->credentials[$key]))
{
if(IsSet($defaults[$key]))
$credentials[$key]=$defaults[$key];
else
{
$this->error="the requested credential ".$key." is not defined";
return(SASL_NOMECH);
}
}
else
$credentials[$key]=$this->credentials[$key];
Next($credentials);
$end=(GetType($key=Key($credentials))!="string");
}
return(SASL_CONTINUE);
}
/*
{metadocument}
</do>
</function>
{/metadocument}
*/
/*
{metadocument}
<function>
<name>Start</name>
<type>INTEGER</type>
<documentation>
<purpose>Process the initial authentication step initializing the
driver class that implements the first of the list of requested
mechanisms that is supported by this SASL client library
implementation.</purpose>
<usage>Call this function specifying a list of mechanisms that the
server supports. If the <argumentlink>
<argument>message</argument>
<function>Start</function>
</argumentlink> argument returns a string, it should be sent to
the server as initial message. Check the
<variablelink>encode_response</variablelink> variable to determine
whether the initial message needs to be encoded, eventually with
base64 algorithm, before it is sent to the server.</usage>
<returnvalue>The function may return <tt>SASL_CONTINUE</tt> if it
could start one of the requested authentication mechanisms. It
may return <tt>SASL_NOMECH</tt> if it was not possible to start
any of the requested mechanisms. It returns <tt>SASL_FAIL</tt> or
other value in case of error.</returnvalue>
</documentation>
<argument>
<name>mechanisms</name>
<type>ARRAY</type>
<inout />
<documentation>
<purpose>Define the list of names of authentication mechanisms
supported by the that should be tried.</purpose>
</documentation>
</argument>
<argument>
<name>message</name>
<type>STRING</type>
<out />
<documentation>
<purpose>Return the initial message that should be sent to the
server to start the authentication dialog. If this value is
undefined, no message should be sent to the server.</purpose>
</documentation>
</argument>
<argument>
<name>interactions</name>
<type>ARRAY</type>
<documentation>
<purpose>Not yet in use. It is meant to provide context
information to interact with the end user.</purpose>
</documentation>
</argument>
<do>
{/metadocument}
*/
Function Start($mechanisms, &$message, &$interactions)
{
if(strlen($this->error))
return(SASL_FAIL);
if(IsSet($this->driver))
return($this->driver->Start($this,$message,$interactions));
$no_mechanism_error="";
for($m=0;$m<count($mechanisms);$m++)
{
$mechanism=$mechanisms[$m];
if(IsSet($this->drivers[$mechanism]))
{
if(!class_exists($this->drivers[$mechanism][0]))
require(dirname(__FILE__)."/".$this->drivers[$mechanism][1]);
$this->driver=new $this->drivers[$mechanism][0];
if($this->driver->Initialize($this))
{
$this->encode_response=1;
$status=$this->driver->Start($this,$message,$interactions);
switch($status)
{
case SASL_NOMECH:
Unset($this->driver);
if(strlen($no_mechanism_error)==0)
$no_mechanism_error=$this->error;
$this->error="";
break;
case SASL_CONTINUE:
$this->mechanism=$mechanism;
return($status);
default:
Unset($this->driver);
$this->error="";
return($status);
}
}
else
{
Unset($this->driver);
if(strlen($no_mechanism_error)==0)
$no_mechanism_error=$this->error;
$this->error="";
}
}
}
$this->error=(strlen($no_mechanism_error) ? $no_mechanism_error : "it was not requested any of the authentication mechanisms that are supported");
return(SASL_NOMECH);
}
/*
{metadocument}
</do>
</function>
{/metadocument}
*/
/*
{metadocument}
<function>
<name>Step</name>
<type>INTEGER</type>
<documentation>
<purpose>Process the authentication steps after the initial step,
until the authetication iteration dialog is complete.</purpose>
<usage>Call this function iteratively after a successful initial
step calling the <functionlink>Start</functionlink> function.</usage>
<returnvalue>The function returns <tt>SASL_CONTINUE</tt> if step was
processed successfully, or returns <tt>SASL_FAIL</tt> in case of
error.</returnvalue>
</documentation>
<argument>
<name>response</name>
<type>STRING</type>
<in />
<documentation>
<purpose>Pass the response returned by the server to the previous
step.</purpose>
</documentation>
</argument>
<argument>
<name>message</name>
<type>STRING</type>
<out />
<documentation>
<purpose>Return the message that should be sent to the server to
continue the authentication dialog. If this value is undefined,
no message should be sent to the server.</purpose>
</documentation>
</argument>
<argument>
<name>interactions</name>
<type>ARRAY</type>
<documentation>
<purpose>Not yet in use. It is meant to provide context
information to interact with the end user.</purpose>
</documentation>
</argument>
<do>
{/metadocument}
*/
Function Step($response, &$message, &$interactions)
{
if(strlen($this->error))
return(SASL_FAIL);
return($this->driver->Step($this,$response,$message,$interactions));
}
/*
{metadocument}
</do>
</function>
{/metadocument}
*/
};
/*
{metadocument}
</class>
{/metadocument}
*/
?>