FusionDirectory
class_passwordMethodSasl.inc
Go to the documentation of this file.
1 <?php
2 /*
3  This code is part of FusionDirectory (http://www.fusiondirectory.org/)
4 
5  Copyright (C) 2011-2019 FusionDirectory
6 
7  This program is free software; you can redistribute it and/or modify
8  it under the terms of the GNU General Public License as published by
9  the Free Software Foundation; either version 2 of the License, or
10  (at your option) any later version.
11 
12  This program is distributed in the hope that it will be useful,
13  but WITHOUT ANY WARRANTY; without even the implied warranty of
14  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15  GNU General Public License for more details.
16 
17  You should have received a copy of the GNU General Public License
18  along with this program; if not, write to the Free Software
19  Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
20 */
21 
31 class passwordMethodSasl extends passwordMethod
32 {
33  // uid, or exop specified field value
34  var $uid = '';
35  var $realm = '';
36  var $exop = '';
37 
44  function __construct ($dn = '', $userTab = NULL)
45  {
46  global $config;
47  $this->realm = trim($config->get_cfg_value('saslRealm', ''));
48  $this->exop = trim($config->get_cfg_value('saslExop', ''));
49 
50  if ($dn == '' || $dn == 'new') {
51  return;
52  }
53 
54  $attr = (empty($this->exop) ? 'uid' : $this->exop);
55 
56  if (($userTab !== NULL) && isset($userTab->$attr)) {
57  $this->uid = $userTab->$attr;
58  } else {
59  $ldap = $config->get_ldap_link();
60  $ldap->cd($config->current['BASE']);
61  $ldap->cat($dn, [$attr]);
62  if ($ldap->count() == 1) {
63  $attrs = $ldap->fetch();
64  $this->uid = $attrs[$attr][0];
65  } else {
66  $error = new FusionDirectoryError(htmlescape(sprintf(_('Cannot change password, unknown user "%s"'), $dn)));
67  $error->display();
68  }
69  }
70  }
71 
77  public function is_available (): bool
78  {
79  if (empty($this->realm) && empty($this->exop)) {
80  return FALSE;
81  }
82  return TRUE;
83  }
84 
93  public function generate_hash (string $pwd, bool $locked = FALSE): string
94  {
95  if (empty($this->exop)) {
96  if (empty($this->realm)) {
97  $error = new FusionDirectoryError(htmlescape(_('You need to fill saslRealm or saslExop in the configuration screen in order to use SASL')));
98  $error->display();
99  }
100  return '{SASL}'.($locked ? '!' : '').$this->uid.'@'.$this->realm;
101  } else {
102  // may not be the uid, see saslExop option
103  return '{SASL}'.($locked ? '!' : '').$this->uid;
104  }
105  }
106 
107  function checkPassword ($pwd, $hash): bool
108  {
109  // We do not store passwords, can’t know if they’re the same
110  return FALSE;
111  }
112 
116  static function get_hash_name ()
117  {
118  return 'sasl';
119  }
120 
126  function need_password (): bool
127  {
128  global $config;
129  return ($config->get_cfg_value('forceSaslPasswordAsk', 'FALSE') == 'TRUE');
130  }
131 }
passwordMethodSasl\need_password
need_password()
Password needed.
Definition: class_passwordMethodSasl.inc:126
htmlescape
htmlescape(string $str)
Escape string for HTML output.
Definition: php_setup.inc:32
passwordMethodSasl\get_hash_name
static get_hash_name()
Get the hash name.
Definition: class_passwordMethodSasl.inc:116
passwordMethod
This class contains all the basic function for password methods.
Definition: class_passwordMethod.inc:31
FusionDirectoryError
Parent class for all errors in FusionDirectory.
Definition: class_FusionDirectoryError.inc:24
passwordMethodSasl
This class contains all the functions for sasl password method.
Definition: class_passwordMethodSasl.inc:31
passwordMethodSasl\generate_hash
generate_hash(string $pwd, bool $locked=FALSE)
Generate template hash.
Definition: class_passwordMethodSasl.inc:93
passwordMethodSasl\__construct
__construct($dn='', $userTab=NULL)
passwordMethodSasl Constructor
Definition: class_passwordMethodSasl.inc:44
Generated on Mon Feb 24 2025 17:39:36 for FusionDirectory by   doxygen 1.8.13