function loginUser($u, $p)
{
global $_SESSION;
if (!file_exists($this->passwd_filename)) {
$this->signed_username = Null;
unset($_SESSION['username']);
return FALSE;
} else {
FMWK_include_once("pear/pear.inc.php");
include_once "File/Passwd.php";
$passwd =& File_Passwd::factory('Cvs');
$passwd->setFile($this->passwd_filename);
$passwd->load();
$res = $passwd->verifyPasswd($u, $p);
if (!is_object($res) & $res) {
$_SESSION['username'] = $u;
$this->signed_username = $u;
return TRUE;
} else {
$this->signed_username = Null;
unset($_SESSION['username']);
return FALSE;
}
}
}
/**
* Load and initialize the File_Passwd object
*
* @return object File_Passwd_Cvs|PEAR_Error
*/
function &_load()
{
static $pw_obj;
if (!isset($pw_obj)) {
$pw_obj = File_Passwd::factory('Cvs');
if (PEAR::isError($pw_obj)) {
return $pw_obj;
}
$pw_obj->setFile($this->pwfile);
$res = $pw_obj->load();
if (PEAR::isError($res)) {
return $res;
}
}
return $pw_obj;
}
/**
* APR compatible MD5 encryption
*
* @access public
* @return mixed
* @param string $plain plaintext to crypt
* @param string $salt the salt to use for encryption
*/
function crypt_apr_md5($plain, $salt = null)
{
if (is_null($salt)) {
$salt = File_Passwd::salt(8);
} elseif (preg_match('/^\\$apr1\\$/', $salt)) {
$salt = preg_replace('/^\\$apr1\\$([^$]+)\\$.*/', '\\1', $salt);
} else {
$salt = substr($salt, 0, 8);
}
$length = strlen($plain);
$context = $plain . '$apr1$' . $salt;
if (PEAR_ZE2) {
$binary = md5($plain . $salt . $plain, true);
} else {
$binary = pack('H32', md5($plain . $salt . $plain));
}
for ($i = $length; $i > 0; $i -= 16) {
$context .= substr($binary, 0, min(16, $i));
}
for ($i = $length; $i > 0; $i >>= 1) {
$context .= $i & 1 ? chr(0) : $plain[0];
}
if (PEAR_ZE2) {
$binary = md5($plain . $salt . $plain, true);
} else {
$binary = pack('H32', md5($plain . $salt . $plain));
}
for ($i = 0; $i < 1000; $i++) {
$new = $i & 1 ? $plain : $binary;
if ($i % 3) {
$new .= $salt;
}
if ($i % 7) {
$new .= $plain;
}
$new .= $i & 1 ? $binary : $plain;
$binary = PEAR_ZE2 ? md5($new, true) : pack('H32', md5($new));
}
$p = array();
for ($i = 0; $i < 5; $i++) {
$k = $i + 6;
$j = $i + 12;
if ($j == 16) {
$j = 5;
}
$p[] = File_Passwd::_64(ord($binary[$i]) << 16 | ord($binary[$k]) << 8 | ord($binary[$j]), 5);
}
return '$apr1$' . $salt . '$' . implode($p) . File_Passwd::_64(ord($binary[11]), 3);
}
/**
* Regression test for File_Passwd.staticAuth method
* @access public
*/
function teststaticAuth()
{
foreach ($GLOBALS['_EXT_'] as $ext) {
$pwfile = 'passwd.' . strToLower($ext) . '.txt';
$option = $ext == 'Authdigest' ? 'realm1' : ($ext == 'Smb' ? 'nt' : 'des');
$error = File_Passwd::staticAuth($ext, $pwfile, 'mike', 123, $option);
$this->assertTrue($error);
if (PEAR::isError($error)) {
echo "File_Passwd_{$ext}::staticAuth() " . $error->getMessage() . "\n";
}
}
}
/**
* Load and initialize the File_Passwd object
*
* @return object File_Passwd_Cvs|PEAR_Error
*/
function &_load()
{
static $pw_obj;
if (!isset($pw_obj)) {
$this->log('Instanciating File_Password object of type ' . $this->options['type'], AUTH_LOG_DEBUG);
$pw_obj = File_Passwd::factory($this->options['type']);
if (PEAR::isError($pw_obj)) {
return $pw_obj;
}
$pw_obj->setFile($this->pwfile);
$res = $pw_obj->load();
if (PEAR::isError($res)) {
return $res;
}
}
return $pw_obj;
}
/**
* Generate crypted password
*
* @static
* @access public
* @return string the crypted password
* @param string $pass new plaintext password
* @param string $salt new crypted password from which to gain the salt
*/
function generatePasswd($pass, $salt = null)
{
return File_Passwd::crypt_des($pass, $salt);
}
/**
* Generate password with htpasswd executable
*
* @access private
* @return string the crypted password
* @param string $pass the plaintext password
* @param string $salt the salt to use
* @param string $mode encyption mode, usually determined from
* <var>$this->_mode</var>
*/
function _genPass($pass, $salt = null, $mode = null)
{
$mode = is_null($mode) ? utf8_strtolower($this->_mode) : utf8_strtolower($mode);
if ($mode == 'md5') {
return File_Passwd::crypt_apr_md5($pass, $salt);
} elseif ($mode == 'des') {
return File_Passwd::crypt_des($pass, $salt);
} elseif ($mode == 'sha') {
return File_Passwd::crypt_sha($pass, $salt);
}
return PEAR::raiseError(sprintf(FILE_PASSWD_E_INVALID_ENC_MODE_STR, $mode), FILE_PASSWD_E_INVALID_ENC_MODE);
}
function teststaticAuth()
{
$this->assertTrue(true === File_Passwd::staticAuth('authbasic', 'passwd.authbasic.txt', 'mike', 123, 'des'));
$this->assertTrue(false === File_Passwd::staticAuth('authbasic', 'passwd.authbasic.txt', 'mike', 'abc', 'des'));
$this->assertFalse(File_Passwd::staticAuth('authbasic', 'passwd.authbasic.txt', 'nonexist', 'asd', 'des'));
}
function teststaticAuth()
{
$this->assertTrue(true === File_Passwd::staticAuth('authdigest', 'passwd.authdigest.txt', 'mike', 123, 'realm1'));
$this->assertTrue(false === File_Passwd::staticAuth('authdigest', 'passwd.authdigest.txt', 'mike', 'abc', 'realm1'));
$this->assertFalse(File_Passwd::staticAuth('authdigest', 'passwd.authdigest.txt', 'nonexist', 'asd', 'norealm'));
}
function teststaticAuth()
{
$this->assertTrue(true === File_Passwd::staticAuth('Custom', 'passwd.custom.txt', 'mike', 'mikespass', array(array('File_Passwd', 'crypt_plain'), '|')));
$this->assertTrue(false === File_Passwd::staticAuth('Custom', 'passwd.custom.txt', 'mike', 'abc', array(array('File_Passwd', 'crypt_plain'), '|')));
$this->assertTrue(PEAR::isError(File_Passwd::staticAuth('Custom', 'passwd.custom.txt', 'mike', 'mikespass')));
}
function teststaticAuth()
{
$this->assertTrue(true === File_Passwd::staticAuth('cvs', 'passwd.cvs.txt', 'mike', 123));
$this->assertTrue(false === File_Passwd::staticAuth('cvs', 'passwd.cvs.txt', 'mike', 'abc'));
$this->assertFalse(File_Passwd::staticAuth('cvs', 'passwd.cvs.txt', 'nonexist', 'asd'));
}
