|
0
|
1 <?php
|
|
|
2 // +-----------------------------------------------------------------------+
|
|
|
3 // | Copyright (c) 2002-2003 Richard Heyes |
|
|
|
4 // | All rights reserved. |
|
|
|
5 // | |
|
|
|
6 // | Redistribution and use in source and binary forms, with or without |
|
|
|
7 // | modification, are permitted provided that the following conditions |
|
|
|
8 // | are met: |
|
|
|
9 // | |
|
|
|
10 // | o Redistributions of source code must retain the above copyright |
|
|
|
11 // | notice, this list of conditions and the following disclaimer. |
|
|
|
12 // | o Redistributions in binary form must reproduce the above copyright |
|
|
|
13 // | notice, this list of conditions and the following disclaimer in the |
|
|
|
14 // | documentation and/or other materials provided with the distribution.|
|
|
|
15 // | o The names of the authors may not be used to endorse or promote |
|
|
|
16 // | products derived from this software without specific prior written |
|
|
|
17 // | permission. |
|
|
|
18 // | |
|
|
|
19 // | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
|
|
|
20 // | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
|
|
|
21 // | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
|
|
|
22 // | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
|
|
|
23 // | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
|
|
24 // | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
|
|
|
25 // | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
|
|
|
26 // | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
|
|
|
27 // | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
|
|
|
28 // | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
|
|
|
29 // | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
|
|
|
30 // | |
|
|
|
31 // +-----------------------------------------------------------------------+
|
|
|
32 // | Author: Richard Heyes <richard@php.net> |
|
|
|
33 // +-----------------------------------------------------------------------+
|
|
|
34 //
|
|
|
35 // $Id$
|
|
|
36
|
|
|
37 /**
|
|
|
38 * Client implementation of various SASL mechanisms
|
|
|
39 *
|
|
|
40 * @author Richard Heyes <richard@php.net>
|
|
|
41 * @access public
|
|
|
42 * @version 1.0
|
|
|
43 * @package Auth_SASL
|
|
|
44 */
|
|
|
45
|
|
|
46 require_once('PEAR.php');
|
|
|
47
|
|
|
48 class Auth_SASL
|
|
|
49 {
|
|
|
50 /**
|
|
|
51 * Factory class. Returns an object of the request
|
|
|
52 * type.
|
|
|
53 *
|
|
|
54 * @param string $type One of: Anonymous
|
|
|
55 * Plain
|
|
|
56 * CramMD5
|
|
|
57 * DigestMD5
|
|
|
58 * SCRAM-* (any mechanism of the SCRAM family)
|
|
|
59 * Types are not case sensitive
|
|
|
60 */
|
|
|
61 public static function factory($type)
|
|
|
62 {
|
|
|
63 switch (strtolower($type)) {
|
|
|
64 case 'anonymous':
|
|
|
65 $filename = 'Auth/SASL/Anonymous.php';
|
|
|
66 $classname = 'Auth_SASL_Anonymous';
|
|
|
67 break;
|
|
|
68
|
|
|
69 case 'login':
|
|
|
70 $filename = 'Auth/SASL/Login.php';
|
|
|
71 $classname = 'Auth_SASL_Login';
|
|
|
72 break;
|
|
|
73
|
|
|
74 case 'plain':
|
|
|
75 $filename = 'Auth/SASL/Plain.php';
|
|
|
76 $classname = 'Auth_SASL_Plain';
|
|
|
77 break;
|
|
|
78
|
|
|
79 case 'external':
|
|
|
80 $filename = 'Auth/SASL/External.php';
|
|
|
81 $classname = 'Auth_SASL_External';
|
|
|
82 break;
|
|
|
83
|
|
|
84 case 'crammd5':
|
|
|
85 // $msg = 'Deprecated mechanism name. Use IANA-registered name: CRAM-MD5.';
|
|
|
86 // trigger_error($msg, E_USER_DEPRECATED);
|
|
|
87 case 'cram-md5':
|
|
|
88 $filename = 'Auth/SASL/CramMD5.php';
|
|
|
89 $classname = 'Auth_SASL_CramMD5';
|
|
|
90 break;
|
|
|
91
|
|
|
92 case 'digestmd5':
|
|
|
93 // $msg = 'Deprecated mechanism name. Use IANA-registered name: DIGEST-MD5.';
|
|
|
94 // trigger_error($msg, E_USER_DEPRECATED);
|
|
|
95 case 'digest-md5':
|
|
|
96 // $msg = 'DIGEST-MD5 is a deprecated SASL mechanism as per RFC-6331. Using it could be a security risk.';
|
|
|
97 // trigger_error($msg, E_USER_NOTICE);
|
|
|
98 $filename = 'Auth/SASL/DigestMD5.php';
|
|
|
99 $classname = 'Auth_SASL_DigestMD5';
|
|
|
100 break;
|
|
|
101
|
|
|
102 default:
|
|
|
103 $scram = '/^SCRAM-(.{1,9})$/i';
|
|
|
104 if (preg_match($scram, $type, $matches))
|
|
|
105 {
|
|
|
106 $hash = $matches[1];
|
|
|
107 $filename = dirname(__FILE__) .'/SASL/SCRAM.php';
|
|
|
108 $classname = 'Auth_SASL_SCRAM';
|
|
|
109 $parameter = $hash;
|
|
|
110 break;
|
|
|
111 }
|
|
|
112 return PEAR::raiseError('Invalid SASL mechanism type');
|
|
|
113 break;
|
|
|
114 }
|
|
|
115
|
|
|
116 require_once($filename);
|
|
|
117 if (isset($parameter))
|
|
|
118 $obj = new $classname($parameter);
|
|
|
119 else
|
|
|
120 $obj = new $classname();
|
|
|
121 return $obj;
|
|
|
122 }
|
|
|
123 }
|
|
|
124
|
|
|
125 ?>
|
