From 74f02a79cc94a22ad12d212c70d0970cf61e50f9 Mon Sep 17 00:00:00 2001 From: Ermal Date: Tue, 18 Feb 2014 21:02:25 +0000 Subject: Remove this package from the repo to not confuse new comers --- config/authng/pkg/authng_backends.inc | 234 ---------------------------------- 1 file changed, 234 deletions(-) delete mode 100644 config/authng/pkg/authng_backends.inc (limited to 'config/authng/pkg/authng_backends.inc') diff --git a/config/authng/pkg/authng_backends.inc b/config/authng/pkg/authng_backends.inc deleted file mode 100644 index 1b58e6c1..00000000 --- a/config/authng/pkg/authng_backends.inc +++ /dev/null @@ -1,234 +0,0 @@ - - All rights reserved. - - Based on m0n0wall (http://m0n0.ch/wall) - Copyright (C) 2003-2006 Manuel Kasper . - All rights reserved. - */ -/* ========================================================================== */ -/* - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. - */ -/* ========================================================================== */ - -class AbstractBackend { - function authenticate($username, $passwd) { - trigger_error('AbstractBackend::authenticate() needs to be overridden in a subclass.', E_USER_ERROR); - } -} - -class HtpasswdBackend extends AbstractBackend { - function HtpasswdBackend() { - } - - function authenticate($username, $passd) { - $authfile = file("/var/run/htpasswd"); - - /* sanity check to ensure that /usr/local/www/.htpasswd doesn't exist */ - unlink_if_exists("/usr/local/www/.htpasswd"); - - $matches=""; - if(!($line = array_shift(preg_grep("/^$username:.*$/", $authfile)))) - return false; - - /* Get crypted password */ - preg_match("/^$username:((\\$1\\$[.\d\w_\/]{8}\\$)[.\d\w_\/]{22})$/", $line, $matches); - $pass = $matches[1]; - $salt = $matches[2]; - - /* Encrypt entered password with salt - * And finally validate password - */ - if ($pass == crypt($passwd, $salt)) - return true; - else - return false; - } -} - -class PasswdBackend extends AbstractBackend { - function PasswdBackend() { - } - - function authenticate($username, $passd) { - $authfile = file("/etc/master.passwd"); - - $matches=""; - - /* Check to see if user even exists */ - if(!($line = array_shift(preg_grep("/^$username:.*$/", $authfile)))) - return false; - - /* Get crypted password */ - preg_match("/^$username:((\\$1\\$[.\d\w_\/]{8}\\$)[.\d\w_\/]{22})$/", $line, $matches); - $pass = $matches[1]; - $salt = $matches[2]; - - /* Encrypt entered password with salt - * And finally validate password - */ - if ($pass == crypt($passwd, $salt)) - return true; - else - return false; - } -} - -class PamBackend extends AbstractBackend { - function PamBackend() { - } - - function authenticate($username, $passd) { - /* we do not support blank pwds, don't we? */ - if ($username == "" || passwd == "") { return false; } - - if(! extension_loaded( 'pam_auth' )) { - if(! @dl( 'pam_auth.so' )) { - return false; - } else { - /* no php file no auth, sorry */ - if (! file_exists("/etc/pam.d/php")) { - if (! file_exists("/etc/pam.d")) { mkdir("/etc/pam.d"); } - - $pam_php = <<addServer($radsrv['ipaddr'], $radsrv['port'], $radsrv['sharedsecret']); - } - - if (!$rauth->start()) { - $retvalue['auth_val'] = 1; - $retvalue['error'] = $rauth->getError(); - if ($debug) - printf("Radius start: %s", $retvalue['error']); - } - - // XXX - billm - somewhere in here we need to handle securid challenge/response - - // Send request - $result = $rauth->send(); - - if (PEAR::isError($result)) { - $retvalue['auth_val'] = 1; - $retvalue['error'] = $result->getMessage(); - if ($debug) - printf("Radius send failed: %s", $retvalue['error']); - } else if ($result === true) { - $retvalue['auth_val'] = 2; - if ($debug) - printf (gettext("Radius Auth succeeded")); - $ret = true; - } else { - $retvalue['auth_val'] = 3; - if ($debug) - printf (gettext("Radius Auth rejected")); - } - // close OO RADIUS_AUTHENTICATION - $rauth->close(); - - return $ret; - } // end function -} - -class LdapBackend extends AbstractBackend { - function LdapBackend() { - } - - function authenticate($username, $passwd) { - $ldapserver = $config['system']['ldap']['server']; - $ldapport = isset($config['system']['ldap']['port']) ? $config['system']['ldap']['server'] : 389; - $retval = false; - - $connection = ldap_connect($ldapserver, $ldapport) - or die("Could not connect to $ldaphost"); - - if ($connection) { - $bind = ldap_bind($connection); - - if ($bind) { - $basedn = $config['system']['ldap']['basedn']; - $result = ldap_search($connection, $basedn, "uid={$username}"); - $info = ldap_get_entries($connection, $result); - $userPassword = $info[0]['userPassword']; - - if ($userPassword == $passwd) { - $retval = true; - } else { - $retval = false; - } - } // end if - } // end if - - return $retval; - } -} -?> \ No newline at end of file -- cgit v1.2.3