/**
* If PROXY AUTH is configured, then start it
*/
private function startProxy($resource, $method)
{
if (DEBUG_ENABLED && (($fargs = func_get_args()) || ($fargs = 'NOARGS'))) {
debug_log('Entered (%%)', 17, 0, __FILE__, __LINE__, __METHOD__, $fargs);
}
$rootdse = $this->getRootDSE();
if (!(isset($rootdse['supportedcontrol']) && in_array('2.16.840.1.113730.3.4.18', $rootdse['supportedcontrol']))) {
system_message(array('title' => sprintf('%s %s', _('Unable to start proxy connection'), $this->getName()), 'body' => sprintf('<b>%s</b>: %s', _('Error'), _('Your LDAP server doesnt seem to support this control')), 'type' => 'error'));
return false;
}
$filter = '(&';
$dn = '';
$missing = false;
foreach ($this->getValue('proxy', 'attr') as $attr => $var) {
if (!isset($_SERVER[$var])) {
system_message(array('title' => sprintf('%s %s', _('Unable to start proxy connection'), $this->getName()), 'body' => sprintf('<b>%s</b>: %s (%s)', _('Error'), _('Attribute doesnt exist'), $var), 'type' => 'error'));
$missing = true;
} else {
if ($attr == 'dn') {
$dn = $var;
break;
} else {
$filter .= sprintf('(%s=%s)', $attr, $_SERVER[$var]);
}
}
}
if ($missing) {
return false;
}
$filter .= ')';
if (!$dn) {
$query['filter'] = $filter;
foreach ($this->getBaseDN() as $base) {
$query['base'] = $base;
if ($search = $this->query($query, $method)) {
break;
}
}
if (count($search) != 1) {
system_message(array('title' => sprintf('%s %s', _('Unable to start proxy connection'), $this->getName()), 'body' => sprintf('<b>%s</b>: %s (%s)', _('Error'), _('Search for DN returned the incorrect number of results'), count($search)), 'type' => 'error'));
return false;
}
$search = array_pop($search);
$dn = $search['dn'];
}
$ctrl = array('oid' => '2.16.840.1.113730.3.4.18', 'value' => sprintf('dn:%s', $dn), 'iscritical' => true);
if (!ldap_set_option($resource, LDAP_OPT_SERVER_CONTROLS, array($ctrl))) {
system_message(array('title' => sprintf('%s %s', _('Unable to start proxy connection'), $this->getName()), 'body' => sprintf('<b>%s</b>: %s (%s) for <b>%s</b>', _('Error'), $this->getErrorMessage($method), $this->getErrorNum($method), $method), 'type' => 'error'));
return false;
}
$_SESSION['USER'][$this->index][$method]['proxy'] = blowfish_encrypt($dn);
return true;
}
/**
* Set the login details of the user logged into this datastore's connection method
*/
protected function setLogin($user, $pass, $method = null)
{
if (DEBUG_ENABLED && (($fargs = func_get_args()) || ($fargs = 'NOARGS'))) {
debug_log('Entered (%%)', 17, 0, __FILE__, __LINE__, __METHOD__, $fargs);
}
$method = $this->getMethod($method);
switch ($this->getAuthType()) {
case 'config':
return true;
case 'proxy':
if (isset($_SESSION['USER'][$this->index][$method]['proxy'])) {
unset($_SESSION['USER'][$this->index][$method]['proxy']);
}
case 'http':
case 'session':
$_SESSION['USER'][$this->index][$method]['name'] = blowfish_encrypt($user);
$_SESSION['USER'][$this->index][$method]['pass'] = blowfish_encrypt($pass);
return true;
default:
die(sprintf('Error: %s hasnt been configured for auth_type %s', __METHOD__, $this->getAuthType()));
}
}
