Merge pull request #38 from LDAPAccountManager/release-6.2

Release 6.2
This commit is contained in:
gruberroland 2017-09-23 09:59:07 +02:00 committed by GitHub
commit cc0002e833
63 changed files with 33816 additions and 34310 deletions

1
.gitignore vendored
View File

@ -1,3 +1,4 @@
/.settings/ /.settings/
/.buildpath /.buildpath
/.project /.project
/.Readme.md.html

View File

@ -3,9 +3,16 @@ LDAP Account Manager
LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. LAM was designed to make LDAP management as easy as possible for the user. It abstracts from the technical details of LDAP and allows persons without technical background to manage LDAP entries. If needed, power users may still directly edit LDAP entries via the integrated LDAP browser. LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. LAM was designed to make LDAP management as easy as possible for the user. It abstracts from the technical details of LDAP and allows persons without technical background to manage LDAP entries. If needed, power users may still directly edit LDAP entries via the integrated LDAP browser.
![LAM](https://www.ldap-account-manager.org/lamcms/sites/default/files/styles/slideshow/public/userList.png)
![LAM](https://www.ldap-account-manager.org/lamcms/sites/default/files/styles/slideshow/public/user_0.png)
# Download # Download
You can get the newest version at https://www.ldap-account-manager.org/. You can get the newest version at https://www.ldap-account-manager.org/.
# Documentation
Please see the [documentation area](https://www.ldap-account-manager.org/lamcms/documentation).
# Source code # Source code
There are two modules. Usually, you only need the files inside "lam". There are two modules. Usually, you only need the files inside "lam".

View File

@ -1,3 +1,7 @@
December 2017
- PHP 5.6 and Internet Explorer 11 or later required
19.09.2017 6.1 19.09.2017 6.1
- Automatically trim input fields to avoid trailing/leading spaces - Automatically trim input fields to avoid trailing/leading spaces
- LAM Pro: - LAM Pro:
@ -8,11 +12,13 @@
-> Password modify page reports error on password change when posixAccount is present for users -> Password modify page reports error on password change when posixAccount is present for users
-> Nginx configuration files did not include "fastcgi_param SCRIPT_FILENAME $request_filename;" (193) -> Nginx configuration files did not include "fastcgi_param SCRIPT_FILENAME $request_filename;" (193)
20.07.2017 6.0.1 20.07.2017 6.0.1
- Fixed bugs: - Fixed bugs:
-> Configuration file fills up with empty values -> Configuration file fills up with empty values
-> Tool visibility settings -> Tool visibility settings
26.06.2017 6.0 26.06.2017 6.0
- Support multiple configurations for same account type - Support multiple configurations for same account type
- PHP 7.1 compatibility - PHP 7.1 compatibility

View File

@ -15,7 +15,7 @@ LAM - Readme
https://www.ldap-account-manager.org/ https://www.ldap-account-manager.org/
Copyright (C) 2003 - 2016 Roland Gruber <post@rolandgruber.de> Copyright (C) 2003 - 2017 Roland Gruber <post@rolandgruber.de>
Installation and documentation: Installation and documentation:
Please see the LAM manual in docs/manual/index.html. Please see the LAM manual in docs/manual/index.html.

View File

@ -1,4 +1,4 @@
This software is copyright (c) 2003 - 2016 by Roland Gruber This software is copyright (c) 2003 - 2017 by Roland Gruber
If you purchased a copy of LDAP Account Manager Pro then the following If you purchased a copy of LDAP Account Manager Pro then the following
files are licensed under the conditions which you accepted at purchase files are licensed under the conditions which you accepted at purchase

View File

@ -15,7 +15,7 @@
<itemizedlist> <itemizedlist>
<listitem> <listitem>
<para>Apache/Nginx webserver (SSL recommended) with PHP module (PHP <para>Apache/Nginx webserver (SSL recommended) with PHP module (PHP
(&gt;= 5.4.0) with ldap, gettext, xml, openssl and optional (&gt;= 5.6.0) with ldap, gettext, xml, openssl and optional
OpenSSL)</para> OpenSSL)</para>
</listitem> </listitem>
@ -44,7 +44,7 @@
</listitem> </listitem>
<listitem> <listitem>
<para>Internet Explorer 9 <emphasis role="bold">(compatibility <para>Internet Explorer 11 <emphasis role="bold">(compatibility
mode turned off)</emphasis></para> mode turned off)</emphasis></para>
</listitem> </listitem>

View File

@ -63,7 +63,7 @@
<itemizedlist> <itemizedlist>
<listitem> <listitem>
<para>PHP (&gt;= 5.4.0)</para> <para>PHP (&gt;= 5.6.0)</para>
</listitem> </listitem>
<listitem> <listitem>
@ -85,7 +85,7 @@
</listitem> </listitem>
<listitem> <listitem>
<para>Internet Explorer 9<emphasis role="bold"> (compatibility mode <para>Internet Explorer 11<emphasis role="bold"> (compatibility mode
turned off)</emphasis></para> turned off)</emphasis></para>
</listitem> </listitem>

View File

@ -1,197 +1,126 @@
<?php <?php
/** /**
* Pure-PHP implementation of AES. * Pure-PHP implementation of AES.
* *
* Uses mcrypt, if available/possible, and an internal implementation, otherwise. * Uses mcrypt, if available/possible, and an internal implementation, otherwise.
* *
* PHP versions 4 and 5 * PHP version 5
* *
* NOTE: Since AES.php is (for compatibility and phpseclib-historical reasons) virtually * NOTE: Since AES.php is (for compatibility and phpseclib-historical reasons) virtually
* just a wrapper to Rijndael.php you may consider using Rijndael.php instead of * just a wrapper to Rijndael.php you may consider using Rijndael.php instead of
* to save one include_once(). * to save one include_once().
* *
* If {@link self::setKeyLength() setKeyLength()} isn't called, it'll be calculated from * If {@link self::setKeyLength() setKeyLength()} isn't called, it'll be calculated from
* {@link self::setKey() setKey()}. ie. if the key is 128-bits, the key length will be 128-bits. If it's 136-bits * {@link self::setKey() setKey()}. ie. if the key is 128-bits, the key length will be 128-bits. If it's 136-bits
* it'll be null-padded to 192-bits and 192 bits will be the key length until {@link self::setKey() setKey()} * it'll be null-padded to 192-bits and 192 bits will be the key length until {@link self::setKey() setKey()}
* is called, again, at which point, it'll be recalculated. * is called, again, at which point, it'll be recalculated.
* *
* Since Crypt_AES extends Crypt_Rijndael, some functions are available to be called that, in the context of AES, don't * Since \phpseclib\Crypt\AES extends \phpseclib\Crypt\Rijndael, some functions are available to be called that, in the context of AES, don't
* make a whole lot of sense. {@link self::setBlockLength() setBlockLength()}, for instance. Calling that function, * make a whole lot of sense. {@link self::setBlockLength() setBlockLength()}, for instance. Calling that function,
* however possible, won't do anything (AES has a fixed block length whereas Rijndael has a variable one). * however possible, won't do anything (AES has a fixed block length whereas Rijndael has a variable one).
* *
* Here's a short example of how to use this library: * Here's a short example of how to use this library:
* <code> * <code>
* <?php * <?php
* include 'Crypt/AES.php'; * include 'vendor/autoload.php';
* *
* $aes = new Crypt_AES(); * $aes = new \phpseclib\Crypt\AES();
* *
* $aes->setKey('abcdefghijklmnop'); * $aes->setKey('abcdefghijklmnop');
* *
* $size = 10 * 1024; * $size = 10 * 1024;
* $plaintext = ''; * $plaintext = '';
* for ($i = 0; $i < $size; $i++) { * for ($i = 0; $i < $size; $i++) {
* $plaintext.= 'a'; * $plaintext.= 'a';
* } * }
* *
* echo $aes->decrypt($aes->encrypt($plaintext)); * echo $aes->decrypt($aes->encrypt($plaintext));
* ?> * ?>
* </code> * </code>
* *
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * @category Crypt
* of this software and associated documentation files (the "Software"), to deal * @package AES
* in the Software without restriction, including without limitation the rights * @author Jim Wigginton <terrafrost@php.net>
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * @copyright 2008 Jim Wigginton
* copies of the Software, and to permit persons to whom the Software is * @license http://www.opensource.org/licenses/mit-license.html MIT License
* furnished to do so, subject to the following conditions: * @link http://phpseclib.sourceforge.net
* */
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software. namespace phpseclib\Crypt;
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR /**
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * Pure-PHP implementation of AES.
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE *
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * @package AES
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * @author Jim Wigginton <terrafrost@php.net>
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * @access public
* THE SOFTWARE. */
* class AES extends Rijndael
* @category Crypt {
* @package Crypt_AES /**
* @author Jim Wigginton <terrafrost@php.net> * Dummy function
* @copyright 2008 Jim Wigginton *
* @license http://www.opensource.org/licenses/mit-license.html MIT License * Since \phpseclib\Crypt\AES extends \phpseclib\Crypt\Rijndael, this function is, technically, available, but it doesn't do anything.
* @link http://phpseclib.sourceforge.net *
*/ * @see \phpseclib\Crypt\Rijndael::setBlockLength()
* @access public
/** * @param int $length
* Include Crypt_Rijndael */
*/ function setBlockLength($length)
if (!class_exists('Crypt_Rijndael')) { {
include_once 'Rijndael.php'; return;
} }
/**#@+ /**
* @access public * Sets the key length
* @see self::encrypt() *
* @see self::decrypt() * Valid key lengths are 128, 192, and 256. If the length is less than 128, it will be rounded up to
*/ * 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount.
/** *
* Encrypt / decrypt using the Counter mode. * @see \phpseclib\Crypt\Rijndael:setKeyLength()
* * @access public
* Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. * @param int $length
* */
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 function setKeyLength($length)
*/ {
define('CRYPT_AES_MODE_CTR', CRYPT_MODE_CTR); switch ($length) {
/** case 160:
* Encrypt / decrypt using the Electronic Code Book mode. $length = 192;
* break;
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 case 224:
*/ $length = 256;
define('CRYPT_AES_MODE_ECB', CRYPT_MODE_ECB); }
/** parent::setKeyLength($length);
* Encrypt / decrypt using the Code Book Chaining mode. }
*
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 /**
*/ * Sets the key.
define('CRYPT_AES_MODE_CBC', CRYPT_MODE_CBC); *
/** * Rijndael supports five different key lengths, AES only supports three.
* Encrypt / decrypt using the Cipher Feedback mode. *
* * @see \phpseclib\Crypt\Rijndael:setKey()
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 * @see setKeyLength()
*/ * @access public
define('CRYPT_AES_MODE_CFB', CRYPT_MODE_CFB); * @param string $key
/** */
* Encrypt / decrypt using the Cipher Feedback mode. function setKey($key)
* {
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 parent::setKey($key);
*/
define('CRYPT_AES_MODE_OFB', CRYPT_MODE_OFB); if (!$this->explicit_key_length) {
/**#@-*/ $length = strlen($key);
switch (true) {
/** case $length <= 16:
* Pure-PHP implementation of AES. $this->key_length = 16;
* break;
* @package Crypt_AES case $length <= 24:
* @author Jim Wigginton <terrafrost@php.net> $this->key_length = 24;
* @access public break;
*/ default:
class Crypt_AES extends Crypt_Rijndael $this->key_length = 32;
{ }
/** $this->_setEngine();
* The namespace used by the cipher for its constants. }
* }
* @see Crypt_Base::const_namespace }
* @var string
* @access private
*/
var $const_namespace = 'AES';
/**
* Dummy function
*
* Since Crypt_AES extends Crypt_Rijndael, this function is, technically, available, but it doesn't do anything.
*
* @see Crypt_Rijndael::setBlockLength()
* @access public
* @param int $length
*/
function setBlockLength($length)
{
return;
}
/**
* Sets the key length
*
* Valid key lengths are 128, 192, and 256. If the length is less than 128, it will be rounded up to
* 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount.
*
* @see Crypt_Rijndael:setKeyLength()
* @access public
* @param int $length
*/
function setKeyLength($length)
{
switch ($length) {
case 160:
$length = 192;
break;
case 224:
$length = 256;
}
parent::setKeyLength($length);
}
/**
* Sets the key.
*
* Rijndael supports five different key lengths, AES only supports three.
*
* @see Crypt_Rijndael:setKey()
* @see setKeyLength()
* @access public
* @param string $key
*/
function setKey($key)
{
parent::setKey($key);
if (!$this->explicit_key_length) {
$length = strlen($key);
switch (true) {
case $length <= 16:
$this->key_length = 16;
break;
case $length <= 24:
$this->key_length = 24;
break;
default:
$this->key_length = 32;
}
$this->_setEngine();
}
}
}

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -1,352 +1,342 @@
<?php <?php
/** /**
* Pure-PHP implementation of RC4. * Pure-PHP implementation of RC4.
* *
* Uses mcrypt, if available, and an internal implementation, otherwise. * Uses mcrypt, if available, and an internal implementation, otherwise.
* *
* PHP versions 4 and 5 * PHP version 5
* *
* Useful resources are as follows: * Useful resources are as follows:
* *
* - {@link http://www.mozilla.org/projects/security/pki/nss/draft-kaukonen-cipher-arcfour-03.txt ARCFOUR Algorithm} * - {@link http://www.mozilla.org/projects/security/pki/nss/draft-kaukonen-cipher-arcfour-03.txt ARCFOUR Algorithm}
* - {@link http://en.wikipedia.org/wiki/RC4 - Wikipedia: RC4} * - {@link http://en.wikipedia.org/wiki/RC4 - Wikipedia: RC4}
* *
* RC4 is also known as ARCFOUR or ARC4. The reason is elaborated upon at Wikipedia. This class is named RC4 and not * RC4 is also known as ARCFOUR or ARC4. The reason is elaborated upon at Wikipedia. This class is named RC4 and not
* ARCFOUR or ARC4 because RC4 is how it is referred to in the SSH1 specification. * ARCFOUR or ARC4 because RC4 is how it is referred to in the SSH1 specification.
* *
* Here's a short example of how to use this library: * Here's a short example of how to use this library:
* <code> * <code>
* <?php * <?php
* include 'Crypt/RC4.php'; * include 'vendor/autoload.php';
* *
* $rc4 = new Crypt_RC4(); * $rc4 = new \phpseclib\Crypt\RC4();
* *
* $rc4->setKey('abcdefgh'); * $rc4->setKey('abcdefgh');
* *
* $size = 10 * 1024; * $size = 10 * 1024;
* $plaintext = ''; * $plaintext = '';
* for ($i = 0; $i < $size; $i++) { * for ($i = 0; $i < $size; $i++) {
* $plaintext.= 'a'; * $plaintext.= 'a';
* } * }
* *
* echo $rc4->decrypt($rc4->encrypt($plaintext)); * echo $rc4->decrypt($rc4->encrypt($plaintext));
* ?> * ?>
* </code> * </code>
* *
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * @category Crypt
* of this software and associated documentation files (the "Software"), to deal * @package RC4
* in the Software without restriction, including without limitation the rights * @author Jim Wigginton <terrafrost@php.net>
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * @copyright 2007 Jim Wigginton
* copies of the Software, and to permit persons to whom the Software is * @license http://www.opensource.org/licenses/mit-license.html MIT License
* furnished to do so, subject to the following conditions: * @link http://phpseclib.sourceforge.net
* */
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software. namespace phpseclib\Crypt;
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR /**
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * Pure-PHP implementation of RC4.
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE *
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * @package RC4
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * @author Jim Wigginton <terrafrost@php.net>
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * @access public
* THE SOFTWARE. */
* class RC4 extends Base
* @category Crypt {
* @package Crypt_RC4 /**#@+
* @author Jim Wigginton <terrafrost@php.net> * @access private
* @copyright 2007 Jim Wigginton * @see \phpseclib\Crypt\RC4::_crypt()
* @license http://www.opensource.org/licenses/mit-license.html MIT License */
* @link http://phpseclib.sourceforge.net const ENCRYPT = 0;
*/ const DECRYPT = 1;
/**#@-*/
/**
* Include Crypt_Base /**
* * Block Length of the cipher
* Base cipher class *
*/ * RC4 is a stream cipher
if (!class_exists('Crypt_Base')) { * so we the block_size to 0
include_once 'Base.php'; *
} * @see \phpseclib\Crypt\Base::block_size
* @var int
/**#@+ * @access private
* @access private */
* @see self::_crypt() var $block_size = 0;
*/
define('CRYPT_RC4_ENCRYPT', 0); /**
define('CRYPT_RC4_DECRYPT', 1); * Key Length (in bytes)
/**#@-*/ *
* @see \phpseclib\Crypt\RC4::setKeyLength()
/** * @var int
* Pure-PHP implementation of RC4. * @access private
* */
* @package Crypt_RC4 var $key_length = 128; // = 1024 bits
* @author Jim Wigginton <terrafrost@php.net>
* @access public /**
*/ * The mcrypt specific name of the cipher
class Crypt_RC4 extends Crypt_Base *
{ * @see \phpseclib\Crypt\Base::cipher_name_mcrypt
/** * @var string
* Block Length of the cipher * @access private
* */
* RC4 is a stream cipher var $cipher_name_mcrypt = 'arcfour';
* so we the block_size to 0
* /**
* @see Crypt_Base::block_size * Holds whether performance-optimized $inline_crypt() can/should be used.
* @var int *
* @access private * @see \phpseclib\Crypt\Base::inline_crypt
*/ * @var mixed
var $block_size = 0; * @access private
*/
/** var $use_inline_crypt = false; // currently not available
* Key Length (in bytes)
* /**
* @see Crypt_RC4::setKeyLength() * The Key
* @var int *
* @access private * @see self::setKey()
*/ * @var string
var $key_length = 128; // = 1024 bits * @access private
*/
/** var $key = "\0";
* The namespace used by the cipher for its constants.
* /**
* @see Crypt_Base::const_namespace * The Key Stream for decryption and encryption
* @var string *
* @access private * @see self::setKey()
*/ * @var array
var $const_namespace = 'RC4'; * @access private
*/
/** var $stream;
* The mcrypt specific name of the cipher
* /**
* @see Crypt_Base::cipher_name_mcrypt * Default Constructor.
* @var string *
* @access private * Determines whether or not the mcrypt extension should be used.
*/ *
var $cipher_name_mcrypt = 'arcfour'; * @see \phpseclib\Crypt\Base::__construct()
* @return \phpseclib\Crypt\RC4
/** * @access public
* Holds whether performance-optimized $inline_crypt() can/should be used. */
* function __construct()
* @see Crypt_Base::inline_crypt {
* @var mixed parent::__construct(Base::MODE_STREAM);
* @access private }
*/
var $use_inline_crypt = false; // currently not available /**
* Test for engine validity
/** *
* The Key * This is mainly just a wrapper to set things up for \phpseclib\Crypt\Base::isValidEngine()
* *
* @see self::setKey() * @see \phpseclib\Crypt\Base::__construct()
* @var string * @param int $engine
* @access private * @access public
*/ * @return bool
var $key = "\0"; */
function isValidEngine($engine)
/** {
* The Key Stream for decryption and encryption if ($engine == Base::ENGINE_OPENSSL) {
* if (version_compare(PHP_VERSION, '5.3.7') >= 0) {
* @see self::setKey() $this->cipher_name_openssl = 'rc4-40';
* @var array } else {
* @access private switch (strlen($this->key)) {
*/ case 5:
var $stream; $this->cipher_name_openssl = 'rc4-40';
break;
/** case 8:
* Default Constructor. $this->cipher_name_openssl = 'rc4-64';
* break;
* Determines whether or not the mcrypt extension should be used. case 16:
* $this->cipher_name_openssl = 'rc4';
* @see Crypt_Base::Crypt_Base() break;
* @return Crypt_RC4 default:
* @access public return false;
*/ }
function Crypt_RC4() }
{ }
parent::Crypt_Base(CRYPT_MODE_STREAM);
} return parent::isValidEngine($engine);
}
/**
* Test for engine validity /**
* * Dummy function.
* This is mainly just a wrapper to set things up for Crypt_Base::isValidEngine() *
* * Some protocols, such as WEP, prepend an "initialization vector" to the key, effectively creating a new key [1].
* @see Crypt_Base::Crypt_Base() * If you need to use an initialization vector in this manner, feel free to prepend it to the key, yourself, before
* @param int $engine * calling setKey().
* @access public *
* @return bool * [1] WEP's initialization vectors (IV's) are used in a somewhat insecure way. Since, in that protocol,
*/ * the IV's are relatively easy to predict, an attack described by
function isValidEngine($engine) * {@link http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf Scott Fluhrer, Itsik Mantin, and Adi Shamir}
{ * can be used to quickly guess at the rest of the key. The following links elaborate:
switch ($engine) { *
case CRYPT_ENGINE_OPENSSL: * {@link http://www.rsa.com/rsalabs/node.asp?id=2009 http://www.rsa.com/rsalabs/node.asp?id=2009}
switch (strlen($this->key)) { * {@link http://en.wikipedia.org/wiki/Related_key_attack http://en.wikipedia.org/wiki/Related_key_attack}
case 5: *
$this->cipher_name_openssl = 'rc4-40'; * @param string $iv
break; * @see self::setKey()
case 8: * @access public
$this->cipher_name_openssl = 'rc4-64'; */
break; function setIV($iv)
case 16: {
$this->cipher_name_openssl = 'rc4'; }
break;
default: /**
return false; * Sets the key length
} *
} * Keys can be between 1 and 256 bytes long.
*
return parent::isValidEngine($engine); * @access public
} * @param int $length
*/
/** function setKeyLength($length)
* Dummy function. {
* if ($length < 8) {
* Some protocols, such as WEP, prepend an "initialization vector" to the key, effectively creating a new key [1]. $this->key_length = 1;
* If you need to use an initialization vector in this manner, feel free to prepend it to the key, yourself, before } elseif ($length > 2048) {
* calling setKey(). $this->key_length = 256;
* } else {
* [1] WEP's initialization vectors (IV's) are used in a somewhat insecure way. Since, in that protocol, $this->key_length = $length >> 3;
* the IV's are relatively easy to predict, an attack described by }
* {@link http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf Scott Fluhrer, Itsik Mantin, and Adi Shamir}
* can be used to quickly guess at the rest of the key. The following links elaborate: parent::setKeyLength($length);
* }
* {@link http://www.rsa.com/rsalabs/node.asp?id=2009 http://www.rsa.com/rsalabs/node.asp?id=2009}
* {@link http://en.wikipedia.org/wiki/Related_key_attack http://en.wikipedia.org/wiki/Related_key_attack} /**
* * Encrypts a message.
* @param string $iv *
* @see self::setKey() * @see \phpseclib\Crypt\Base::decrypt()
* @access public * @see self::_crypt()
*/ * @access public
function setIV($iv) * @param string $plaintext
{ * @return string $ciphertext
} */
function encrypt($plaintext)
/** {
* Sets the key length if ($this->engine != Base::ENGINE_INTERNAL) {
* return parent::encrypt($plaintext);
* Keys can be between 1 and 256 bytes long. }
* return $this->_crypt($plaintext, self::ENCRYPT);
* @access public }
* @param int $length
*/ /**
function setKeyLength($length) * Decrypts a message.
{ *
if ($length < 8) { * $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)).
$this->key_length = 1; * At least if the continuous buffer is disabled.
} elseif ($length > 2048) { *
$this->key_length = 256; * @see \phpseclib\Crypt\Base::encrypt()
} else { * @see self::_crypt()
$this->key_length = $length >> 3; * @access public
} * @param string $ciphertext
* @return string $plaintext
parent::setKeyLength($length); */
} function decrypt($ciphertext)
{
/** if ($this->engine != Base::ENGINE_INTERNAL) {
* Encrypts a message. return parent::decrypt($ciphertext);
* }
* @see Crypt_Base::decrypt() return $this->_crypt($ciphertext, self::DECRYPT);
* @see self::_crypt() }
* @access public
* @param string $plaintext /**
* @return string $ciphertext * Encrypts a block
*/ *
function encrypt($plaintext) * @access private
{ * @param string $in
if ($this->engine != CRYPT_ENGINE_INTERNAL) { */
return parent::encrypt($plaintext); function _encryptBlock($in)
} {
return $this->_crypt($plaintext, CRYPT_RC4_ENCRYPT); // RC4 does not utilize this method
} }
/** /**
* Decrypts a message. * Decrypts a block
* *
* $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)). * @access private
* At least if the continuous buffer is disabled. * @param string $in
* */
* @see Crypt_Base::encrypt() function _decryptBlock($in)
* @see self::_crypt() {
* @access public // RC4 does not utilize this method
* @param string $ciphertext }
* @return string $plaintext
*/ /**
function decrypt($ciphertext) * Setup the key (expansion)
{ *
if ($this->engine != CRYPT_ENGINE_INTERNAL) { * @see \phpseclib\Crypt\Base::_setupKey()
return parent::decrypt($ciphertext); * @access private
} */
return $this->_crypt($ciphertext, CRYPT_RC4_DECRYPT); function _setupKey()
} {
$key = $this->key;
$keyLength = strlen($key);
/** $keyStream = range(0, 255);
* Setup the key (expansion) $j = 0;
* for ($i = 0; $i < 256; $i++) {
* @see Crypt_Base::_setupKey() $j = ($j + $keyStream[$i] + ord($key[$i % $keyLength])) & 255;
* @access private $temp = $keyStream[$i];
*/ $keyStream[$i] = $keyStream[$j];
function _setupKey() $keyStream[$j] = $temp;
{ }
$key = $this->key;
$keyLength = strlen($key); $this->stream = array();
$keyStream = range(0, 255); $this->stream[self::DECRYPT] = $this->stream[self::ENCRYPT] = array(
$j = 0; 0, // index $i
for ($i = 0; $i < 256; $i++) { 0, // index $j
$j = ($j + $keyStream[$i] + ord($key[$i % $keyLength])) & 255; $keyStream
$temp = $keyStream[$i]; );
$keyStream[$i] = $keyStream[$j]; }
$keyStream[$j] = $temp;
} /**
* Encrypts or decrypts a message.
$this->stream = array(); *
$this->stream[CRYPT_RC4_DECRYPT] = $this->stream[CRYPT_RC4_ENCRYPT] = array( * @see self::encrypt()
0, // index $i * @see self::decrypt()
0, // index $j * @access private
$keyStream * @param string $text
); * @param int $mode
} * @return string $text
*/
/** function _crypt($text, $mode)
* Encrypts or decrypts a message. {
* if ($this->changed) {
* @see self::encrypt() $this->_setup();
* @see self::decrypt() $this->changed = false;
* @access private }
* @param string $text
* @param int $mode $stream = &$this->stream[$mode];
* @return string $text if ($this->continuousBuffer) {
*/ $i = &$stream[0];
function _crypt($text, $mode) $j = &$stream[1];
{ $keyStream = &$stream[2];
if ($this->changed) { } else {
$this->_setup(); $i = $stream[0];
$this->changed = false; $j = $stream[1];
} $keyStream = $stream[2];
}
$stream = &$this->stream[$mode];
if ($this->continuousBuffer) { $len = strlen($text);
$i = &$stream[0]; for ($k = 0; $k < $len; ++$k) {
$j = &$stream[1]; $i = ($i + 1) & 255;
$keyStream = &$stream[2]; $ksi = $keyStream[$i];
} else { $j = ($j + $ksi) & 255;
$i = $stream[0]; $ksj = $keyStream[$j];
$j = $stream[1];
$keyStream = $stream[2]; $keyStream[$i] = $ksj;
} $keyStream[$j] = $ksi;
$text[$k] = $text[$k] ^ chr($keyStream[($ksj + $ksi) & 255]);
$len = strlen($text); }
for ($k = 0; $k < $len; ++$k) {
$i = ($i + 1) & 255; return $text;
$ksi = $keyStream[$i]; }
$j = ($j + $ksi) & 255; }
$ksj = $keyStream[$j];
$keyStream[$i] = $ksj;
$keyStream[$j] = $ksi;
$text[$k] = $text[$k] ^ chr($keyStream[($ksj + $ksi) & 255]);
}
return $text;
}
}

File diff suppressed because it is too large Load Diff

View File

@ -1,334 +1,270 @@
<?php <?php
/** /**
* Random Number Generator * Random Number Generator
* *
* The idea behind this function is that it can be easily replaced with your own crypt_random_string() * PHP version 5
* function. eg. maybe you have a better source of entropy for creating the initial states or whatever. *
* * Here's a short example of how to use this library:
* PHP versions 4 and 5 * <code>
* * <?php
* Here's a short example of how to use this library: * include 'vendor/autoload.php';
* <code> *
* <?php * echo bin2hex(\phpseclib\Crypt\Random::string(8));
* include 'Crypt/Random.php'; * ?>
* * </code>
* echo bin2hex(crypt_random_string(8)); *
* ?> * @category Crypt
* </code> * @package Random
* * @author Jim Wigginton <terrafrost@php.net>
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * @copyright 2007 Jim Wigginton
* of this software and associated documentation files (the "Software"), to deal * @license http://www.opensource.org/licenses/mit-license.html MIT License
* in the Software without restriction, including without limitation the rights * @link http://phpseclib.sourceforge.net
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell */
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions: namespace phpseclib\Crypt;
*
* The above copyright notice and this permission notice shall be included in /**
* all copies or substantial portions of the Software. * Pure-PHP Random Number Generator
* *
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * @package Random
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * @author Jim Wigginton <terrafrost@php.net>
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * @access public
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER */
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, class Random
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN {
* THE SOFTWARE. /**
* * Generate a random string.
* @category Crypt *
* @package Crypt_Random * Although microoptimizations are generally discouraged as they impair readability this function is ripe with
* @author Jim Wigginton <terrafrost@php.net> * microoptimizations because this function has the potential of being called a huge number of times.
* @copyright 2007 Jim Wigginton * eg. for RSA key generation.
* @license http://www.opensource.org/licenses/mit-license.html MIT License *
* @link http://phpseclib.sourceforge.net * @param int $length
*/ * @return string
*/
// laravel is a PHP framework that utilizes phpseclib. laravel workbenches may, independently, static function string($length)
// have phpseclib as a requirement as well. if you're developing such a program you may encounter {
// a "Cannot redeclare crypt_random_string()" error. if (version_compare(PHP_VERSION, '7.0.0', '>=')) {
if (!function_exists('crypt_random_string')) { try {
/** return \random_bytes($length);
* "Is Windows" test } catch (\Throwable $e) {
* // If a sufficient source of randomness is unavailable, random_bytes() will throw an
* @access private // object that implements the Throwable interface (Exception, TypeError, Error).
*/ // We don't actually need to do anything here. The string() method should just continue
define('CRYPT_RANDOM_IS_WINDOWS', strtoupper(substr(PHP_OS, 0, 3)) === 'WIN'); // as normal. Note, however, that if we don't have a sufficient source of randomness for
// random_bytes(), most of the other calls here will fail too, so we'll end up using
/** // the PHP implementation.
* Generate a random string. }
* }
* Although microoptimizations are generally discouraged as they impair readability this function is ripe with
* microoptimizations because this function has the potential of being called a huge number of times. if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
* eg. for RSA key generation. // method 1. prior to PHP 5.3 this would call rand() on windows hence the function_exists('class_alias') call.
* // ie. class_alias is a function that was introduced in PHP 5.3
* @param int $length if (extension_loaded('mcrypt') && function_exists('class_alias')) {
* @return string return @mcrypt_create_iv($length);
* @access public }
*/ // method 2. openssl_random_pseudo_bytes was introduced in PHP 5.3.0 but prior to PHP 5.3.4 there was,
function crypt_random_string($length) // to quote <http://php.net/ChangeLog-5.php#5.3.4>, "possible blocking behavior". as of 5.3.4
{ // openssl_random_pseudo_bytes and mcrypt_create_iv do the exact same thing on Windows. ie. they both
if (CRYPT_RANDOM_IS_WINDOWS) { // call php_win32_get_random_bytes():
// method 1. prior to PHP 5.3, mcrypt_create_iv() would call rand() on windows //
if (extension_loaded('mcrypt') && version_compare(PHP_VERSION, '5.3.0', '>=')) { // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/openssl/openssl.c#L5008
return mcrypt_create_iv($length); // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1392
} //
// method 2. openssl_random_pseudo_bytes was introduced in PHP 5.3.0 but prior to PHP 5.3.4 there was, // php_win32_get_random_bytes() is defined thusly:
// to quote <http://php.net/ChangeLog-5.php#5.3.4>, "possible blocking behavior". as of 5.3.4 //
// openssl_random_pseudo_bytes and mcrypt_create_iv do the exact same thing on Windows. ie. they both // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/win32/winutil.c#L80
// call php_win32_get_random_bytes(): //
// // we're calling it, all the same, in the off chance that the mcrypt extension is not available
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/openssl/openssl.c#L5008 if (extension_loaded('openssl') && version_compare(PHP_VERSION, '5.3.4', '>=')) {
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1392 return openssl_random_pseudo_bytes($length);
// }
// php_win32_get_random_bytes() is defined thusly: } else {
// // method 1. the fastest
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/win32/winutil.c#L80 if (extension_loaded('openssl')) {
// return openssl_random_pseudo_bytes($length);
// we're calling it, all the same, in the off chance that the mcrypt extension is not available }
if (extension_loaded('openssl') && version_compare(PHP_VERSION, '5.3.4', '>=')) { // method 2
return openssl_random_pseudo_bytes($length); static $fp = true;
} if ($fp === true) {
} else { // warning's will be output unles the error suppression operator is used. errors such as
// method 1. the fastest // "open_basedir restriction in effect", "Permission denied", "No such file or directory", etc.
if (extension_loaded('openssl') && version_compare(PHP_VERSION, '5.3.0', '>=')) { $fp = @fopen('/dev/urandom', 'rb');
return openssl_random_pseudo_bytes($length); }
} if ($fp !== true && $fp !== false) { // surprisingly faster than !is_bool() or is_resource()
// method 2 return fread($fp, $length);
static $fp = true; }
if ($fp === true) { // method 3. pretty much does the same thing as method 2 per the following url:
// warning's will be output unles the error suppression operator is used. errors such as // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1391
// "open_basedir restriction in effect", "Permission denied", "No such file or directory", etc. // surprisingly slower than method 2. maybe that's because mcrypt_create_iv does a bunch of error checking that we're
$fp = @fopen('/dev/urandom', 'rb'); // not doing. regardless, this'll only be called if this PHP script couldn't open /dev/urandom due to open_basedir
} // restrictions or some such
if ($fp !== true && $fp !== false) { // surprisingly faster than !is_bool() or is_resource() if (extension_loaded('mcrypt')) {
return fread($fp, $length); return @mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
} }
// method 3. pretty much does the same thing as method 2 per the following url: }
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1391 // at this point we have no choice but to use a pure-PHP CSPRNG
// surprisingly slower than method 2. maybe that's because mcrypt_create_iv does a bunch of error checking that we're
// not doing. regardless, this'll only be called if this PHP script couldn't open /dev/urandom due to open_basedir // cascade entropy across multiple PHP instances by fixing the session and collecting all
// restrictions or some such // environmental variables, including the previous session data and the current session
if (extension_loaded('mcrypt')) { // data.
return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM); //
} // mt_rand seeds itself by looking at the PID and the time, both of which are (relatively)
} // easy to guess at. linux uses mouse clicks, keyboard timings, etc, as entropy sources, but
// at this point we have no choice but to use a pure-PHP CSPRNG // PHP isn't low level to be able to use those as sources and on a web server there's not likely
// going to be a ton of keyboard or mouse action. web servers do have one thing that we can use
// cascade entropy across multiple PHP instances by fixing the session and collecting all // however, a ton of people visiting the website. obviously you don't want to base your seeding
// environmental variables, including the previous session data and the current session // soley on parameters a potential attacker sends but (1) not everything in $_SERVER is controlled
// data. // by the user and (2) this isn't just looking at the data sent by the current user - it's based
// // on the data sent by all users. one user requests the page and a hash of their info is saved.
// mt_rand seeds itself by looking at the PID and the time, both of which are (relatively) // another user visits the page and the serialization of their data is utilized along with the
// easy to guess at. linux uses mouse clicks, keyboard timings, etc, as entropy sources, but // server envirnment stuff and a hash of the previous http request data (which itself utilizes
// PHP isn't low level to be able to use those as sources and on a web server there's not likely // a hash of the session data before that). certainly an attacker should be assumed to have
// going to be a ton of keyboard or mouse action. web servers do have one thing that we can use // full control over his own http requests. he, however, is not going to have control over
// however, a ton of people visiting the website. obviously you don't want to base your seeding // everyone's http requests.
// soley on parameters a potential attacker sends but (1) not everything in $_SERVER is controlled static $crypto = false, $v;
// by the user and (2) this isn't just looking at the data sent by the current user - it's based if ($crypto === false) {
// on the data sent by all users. one user requests the page and a hash of their info is saved. // save old session data
// another user visits the page and the serialization of their data is utilized along with the $old_session_id = session_id();
// server envirnment stuff and a hash of the previous http request data (which itself utilizes $old_use_cookies = ini_get('session.use_cookies');
// a hash of the session data before that). certainly an attacker should be assumed to have $old_session_cache_limiter = session_cache_limiter();
// full control over his own http requests. he, however, is not going to have control over $_OLD_SESSION = isset($_SESSION) ? $_SESSION : false;
// everyone's http requests. if ($old_session_id != '') {
static $crypto = false, $v; session_write_close();
if ($crypto === false) { }
// save old session data
$old_session_id = session_id(); session_id(1);
$old_use_cookies = ini_get('session.use_cookies'); ini_set('session.use_cookies', 0);
$old_session_cache_limiter = session_cache_limiter(); session_cache_limiter('');
$_OLD_SESSION = isset($_SESSION) ? $_SESSION : false; session_start();
if ($old_session_id != '') {
session_write_close(); $v = $seed = $_SESSION['seed'] = pack('H*', sha1(
} (isset($_SERVER) ? phpseclib_safe_serialize($_SERVER) : '') .
(isset($_POST) ? phpseclib_safe_serialize($_POST) : '') .
session_id(1); (isset($_GET) ? phpseclib_safe_serialize($_GET) : '') .
ini_set('session.use_cookies', 0); (isset($_COOKIE) ? phpseclib_safe_serialize($_COOKIE) : '') .
session_cache_limiter(''); phpseclib_safe_serialize($GLOBALS) .
session_start(); phpseclib_safe_serialize($_SESSION) .
phpseclib_safe_serialize($_OLD_SESSION)
$v = $seed = $_SESSION['seed'] = pack('H*', sha1( ));
(isset($_SERVER) ? phpseclib_safe_serialize($_SERVER) : '') . if (!isset($_SESSION['count'])) {
(isset($_POST) ? phpseclib_safe_serialize($_POST) : '') . $_SESSION['count'] = 0;
(isset($_GET) ? phpseclib_safe_serialize($_GET) : '') . }
(isset($_COOKIE) ? phpseclib_safe_serialize($_COOKIE) : '') . $_SESSION['count']++;
phpseclib_safe_serialize($GLOBALS) .
phpseclib_safe_serialize($_SESSION) . session_write_close();
phpseclib_safe_serialize($_OLD_SESSION)
)); // restore old session data
if (!isset($_SESSION['count'])) { if ($old_session_id != '') {
$_SESSION['count'] = 0; session_id($old_session_id);
} session_start();
$_SESSION['count']++; ini_set('session.use_cookies', $old_use_cookies);
session_cache_limiter($old_session_cache_limiter);
session_write_close(); } else {
if ($_OLD_SESSION !== false) {
// restore old session data $_SESSION = $_OLD_SESSION;
if ($old_session_id != '') { unset($_OLD_SESSION);
session_id($old_session_id); } else {
session_start(); unset($_SESSION);
ini_set('session.use_cookies', $old_use_cookies); }
session_cache_limiter($old_session_cache_limiter); }
} else {
if ($_OLD_SESSION !== false) { // in SSH2 a shared secret and an exchange hash are generated through the key exchange process.
$_SESSION = $_OLD_SESSION; // the IV client to server is the hash of that "nonce" with the letter A and for the encryption key it's the letter C.
unset($_OLD_SESSION); // if the hash doesn't produce enough a key or an IV that's long enough concat successive hashes of the
} else { // original hash and the current hash. we'll be emulating that. for more info see the following URL:
unset($_SESSION); //
} // http://tools.ietf.org/html/rfc4253#section-7.2
} //
// see the is_string($crypto) part for an example of how to expand the keys
// in SSH2 a shared secret and an exchange hash are generated through the key exchange process. $key = pack('H*', sha1($seed . 'A'));
// the IV client to server is the hash of that "nonce" with the letter A and for the encryption key it's the letter C. $iv = pack('H*', sha1($seed . 'C'));
// if the hash doesn't produce enough a key or an IV that's long enough concat successive hashes of the
// original hash and the current hash. we'll be emulating that. for more info see the following URL: // ciphers are used as per the nist.gov link below. also, see this link:
// //
// http://tools.ietf.org/html/rfc4253#section-7.2 // http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator#Designs_based_on_cryptographic_primitives
// switch (true) {
// see the is_string($crypto) part for an example of how to expand the keys case class_exists('\phpseclib\Crypt\AES'):
$key = pack('H*', sha1($seed . 'A')); $crypto = new AES(Base::MODE_CTR);
$iv = pack('H*', sha1($seed . 'C')); break;
case class_exists('\phpseclib\Crypt\Twofish'):
// ciphers are used as per the nist.gov link below. also, see this link: $crypto = new Twofish(Base::MODE_CTR);
// break;
// http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator#Designs_based_on_cryptographic_primitives case class_exists('\phpseclib\Crypt\Blowfish'):
switch (true) { $crypto = new Blowfish(Base::MODE_CTR);
case phpseclib_resolve_include_path('Crypt/AES.php'): break;
if (!class_exists('Crypt_AES')) { case class_exists('\phpseclib\Crypt\TripleDES'):
include_once 'AES.php'; $crypto = new TripleDES(Base::MODE_CTR);
} break;
$crypto = new Crypt_AES(CRYPT_AES_MODE_CTR); case class_exists('\phpseclib\Crypt\DES'):
break; $crypto = new DES(Base::MODE_CTR);
case phpseclib_resolve_include_path('Crypt/Twofish.php'): break;
if (!class_exists('Crypt_Twofish')) { case class_exists('\phpseclib\Crypt\RC4'):
include_once 'Twofish.php'; $crypto = new RC4();
} break;
$crypto = new Crypt_Twofish(CRYPT_TWOFISH_MODE_CTR); default:
break; user_error(__CLASS__ . ' requires at least one symmetric cipher be loaded');
case phpseclib_resolve_include_path('Crypt/Blowfish.php'): return false;
if (!class_exists('Crypt_Blowfish')) { }
include_once 'Blowfish.php';
} $crypto->setKey($key);
$crypto = new Crypt_Blowfish(CRYPT_BLOWFISH_MODE_CTR); $crypto->setIV($iv);
break; $crypto->enableContinuousBuffer();
case phpseclib_resolve_include_path('Crypt/TripleDES.php'): }
if (!class_exists('Crypt_TripleDES')) {
include_once 'TripleDES.php'; //return $crypto->encrypt(str_repeat("\0", $length));
}
$crypto = new Crypt_TripleDES(CRYPT_DES_MODE_CTR); // the following is based off of ANSI X9.31:
break; //
case phpseclib_resolve_include_path('Crypt/DES.php'): // http://csrc.nist.gov/groups/STM/cavp/documents/rng/931rngext.pdf
if (!class_exists('Crypt_DES')) { //
include_once 'DES.php'; // OpenSSL uses that same standard for it's random numbers:
} //
$crypto = new Crypt_DES(CRYPT_DES_MODE_CTR); // http://www.opensource.apple.com/source/OpenSSL/OpenSSL-38/openssl/fips-1.0/rand/fips_rand.c
break; // (do a search for "ANS X9.31 A.2.4")
case phpseclib_resolve_include_path('Crypt/RC4.php'): $result = '';
if (!class_exists('Crypt_RC4')) { while (strlen($result) < $length) {
include_once 'RC4.php'; $i = $crypto->encrypt(microtime()); // strlen(microtime()) == 21
} $r = $crypto->encrypt($i ^ $v); // strlen($v) == 20
$crypto = new Crypt_RC4(); $v = $crypto->encrypt($r ^ $i); // strlen($r) == 20
break; $result.= $r;
default: }
user_error('crypt_random_string requires at least one symmetric cipher be loaded'); return substr($result, 0, $length);
return false; }
} }
$crypto->setKey($key); if (!function_exists('phpseclib_safe_serialize')) {
$crypto->setIV($iv); /**
$crypto->enableContinuousBuffer(); * Safely serialize variables
} *
* If a class has a private __sleep() method it'll give a fatal error on PHP 5.2 and earlier.
//return $crypto->encrypt(str_repeat("\0", $length)); * PHP 5.3 will emit a warning.
*
// the following is based off of ANSI X9.31: * @param mixed $arr
// * @access public
// http://csrc.nist.gov/groups/STM/cavp/documents/rng/931rngext.pdf */
// function phpseclib_safe_serialize(&$arr)
// OpenSSL uses that same standard for it's random numbers: {
// if (is_object($arr)) {
// http://www.opensource.apple.com/source/OpenSSL/OpenSSL-38/openssl/fips-1.0/rand/fips_rand.c return '';
// (do a search for "ANS X9.31 A.2.4") }
$result = ''; if (!is_array($arr)) {
while (strlen($result) < $length) { return serialize($arr);
$i = $crypto->encrypt(microtime()); // strlen(microtime()) == 21 }
$r = $crypto->encrypt($i ^ $v); // strlen($v) == 20 // prevent circular array recursion
$v = $crypto->encrypt($r ^ $i); // strlen($r) == 20 if (isset($arr['__phpseclib_marker'])) {
$result.= $r; return '';
} }
return substr($result, 0, $length); $safearr = array();
} $arr['__phpseclib_marker'] = true;
} foreach (array_keys($arr) as $key) {
// do not recurse on the '__phpseclib_marker' key itself, for smaller memory usage
if (!function_exists('phpseclib_safe_serialize')) { if ($key !== '__phpseclib_marker') {
/** $safearr[$key] = phpseclib_safe_serialize($arr[$key]);
* Safely serialize variables }
* }
* If a class has a private __sleep() method it'll give a fatal error on PHP 5.2 and earlier. unset($arr['__phpseclib_marker']);
* PHP 5.3 will emit a warning. return serialize($safearr);
* }
* @param mixed $arr }
* @access public
*/
function phpseclib_safe_serialize(&$arr)
{
if (is_object($arr)) {
return '';
}
if (!is_array($arr)) {
return serialize($arr);
}
// prevent circular array recursion
if (isset($arr['__phpseclib_marker'])) {
return '';
}
$safearr = array();
$arr['__phpseclib_marker'] = true;
foreach (array_keys($arr) as $key) {
// do not recurse on the '__phpseclib_marker' key itself, for smaller memory usage
if ($key !== '__phpseclib_marker') {
$safearr[$key] = phpseclib_safe_serialize($arr[$key]);
}
}
unset($arr['__phpseclib_marker']);
return serialize($safearr);
}
}
if (!function_exists('phpseclib_resolve_include_path')) {
/**
* Resolve filename against the include path.
*
* Wrapper around stream_resolve_include_path() (which was introduced in
* PHP 5.3.2) with fallback implementation for earlier PHP versions.
*
* @param string $filename
* @return string|false
* @access public
*/
function phpseclib_resolve_include_path($filename)
{
if (function_exists('stream_resolve_include_path')) {
return stream_resolve_include_path($filename);
}
// handle non-relative paths
if (file_exists($filename)) {
return realpath($filename);
}
$paths = PATH_SEPARATOR == ':' ?
preg_split('#(?<!phar):#', get_include_path()) :
explode(PATH_SEPARATOR, get_include_path());
foreach ($paths as $prefix) {
// path's specified in include_path don't always end in /
$ds = substr($prefix, -1) == DIRECTORY_SEPARATOR ? '' : DIRECTORY_SEPARATOR;
$file = $prefix . $ds . $filename;
if (file_exists($file)) {
return realpath($file);
}
}
return false;
}
}

File diff suppressed because it is too large Load Diff

View File

@ -1,505 +1,460 @@
<?php <?php
/** /**
* Pure-PHP implementation of Triple DES. * Pure-PHP implementation of Triple DES.
* *
* Uses mcrypt, if available, and an internal implementation, otherwise. Operates in the EDE3 mode (encrypt-decrypt-encrypt). * Uses mcrypt, if available, and an internal implementation, otherwise. Operates in the EDE3 mode (encrypt-decrypt-encrypt).
* *
* PHP versions 4 and 5 * PHP version 5
* *
* Here's a short example of how to use this library: * Here's a short example of how to use this library:
* <code> * <code>
* <?php * <?php
* include 'Crypt/TripleDES.php'; * include 'vendor/autoload.php';
* *
* $des = new Crypt_TripleDES(); * $des = new \phpseclib\Crypt\TripleDES();
* *
* $des->setKey('abcdefghijklmnopqrstuvwx'); * $des->setKey('abcdefghijklmnopqrstuvwx');
* *
* $size = 10 * 1024; * $size = 10 * 1024;
* $plaintext = ''; * $plaintext = '';
* for ($i = 0; $i < $size; $i++) { * for ($i = 0; $i < $size; $i++) {
* $plaintext.= 'a'; * $plaintext.= 'a';
* } * }
* *
* echo $des->decrypt($des->encrypt($plaintext)); * echo $des->decrypt($des->encrypt($plaintext));
* ?> * ?>
* </code> * </code>
* *
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * @category Crypt
* of this software and associated documentation files (the "Software"), to deal * @package TripleDES
* in the Software without restriction, including without limitation the rights * @author Jim Wigginton <terrafrost@php.net>
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * @copyright 2007 Jim Wigginton
* copies of the Software, and to permit persons to whom the Software is * @license http://www.opensource.org/licenses/mit-license.html MIT License
* furnished to do so, subject to the following conditions: * @link http://phpseclib.sourceforge.net
* */
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software. namespace phpseclib\Crypt;
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR /**
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * Pure-PHP implementation of Triple DES.
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE *
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * @package TripleDES
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * @author Jim Wigginton <terrafrost@php.net>
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * @access public
* THE SOFTWARE. */
* class TripleDES extends DES
* @category Crypt {
* @package Crypt_TripleDES /**
* @author Jim Wigginton <terrafrost@php.net> * Encrypt / decrypt using inner chaining
* @copyright 2007 Jim Wigginton *
* @license http://www.opensource.org/licenses/mit-license.html MIT License * Inner chaining is used by SSH-1 and is generally considered to be less secure then outer chaining (self::MODE_CBC3).
* @link http://phpseclib.sourceforge.net */
*/ const MODE_3CBC = -2;
/** /**
* Include Crypt_DES * Encrypt / decrypt using outer chaining
*/ *
if (!class_exists('Crypt_DES')) { * Outer chaining is used by SSH-2 and when the mode is set to \phpseclib\Crypt\Base::MODE_CBC.
include_once 'DES.php'; */
} const MODE_CBC3 = Base::MODE_CBC;
/**#@+ /**
* @access public * Key Length (in bytes)
* @see self::Crypt_TripleDES() *
*/ * @see \phpseclib\Crypt\TripleDES::setKeyLength()
/** * @var int
* Encrypt / decrypt using inner chaining * @access private
* */
* Inner chaining is used by SSH-1 and is generally considered to be less secure then outer chaining (CRYPT_DES_MODE_CBC3). var $key_length = 24;
*/
define('CRYPT_MODE_3CBC', -2); /**
/** * The default salt used by setPassword()
* BC version of the above. *
*/ * @see \phpseclib\Crypt\Base::password_default_salt
define('CRYPT_DES_MODE_3CBC', -2); * @see \phpseclib\Crypt\Base::setPassword()
/** * @var string
* Encrypt / decrypt using outer chaining * @access private
* */
* Outer chaining is used by SSH-2 and when the mode is set to CRYPT_DES_MODE_CBC. var $password_default_salt = 'phpseclib';
*/
define('CRYPT_MODE_CBC3', CRYPT_MODE_CBC); /**
/** * The mcrypt specific name of the cipher
* BC version of the above. *
*/ * @see \phpseclib\Crypt\DES::cipher_name_mcrypt
define('CRYPT_DES_MODE_CBC3', CRYPT_MODE_CBC3); * @see \phpseclib\Crypt\Base::cipher_name_mcrypt
/**#@-*/ * @var string
* @access private
/** */
* Pure-PHP implementation of Triple DES. var $cipher_name_mcrypt = 'tripledes';
*
* @package Crypt_TripleDES /**
* @author Jim Wigginton <terrafrost@php.net> * Optimizing value while CFB-encrypting
* @access public *
*/ * @see \phpseclib\Crypt\Base::cfb_init_len
class Crypt_TripleDES extends Crypt_DES * @var int
{ * @access private
/** */
* Key Length (in bytes) var $cfb_init_len = 750;
*
* @see Crypt_TripleDES::setKeyLength() /**
* @var int * max possible size of $key
* @access private *
*/ * @see self::setKey()
var $key_length = 24; * @see \phpseclib\Crypt\DES::setKey()
* @var string
/** * @access private
* The default salt used by setPassword() */
* var $key_length_max = 24;
* @see Crypt_Base::password_default_salt
* @see Crypt_Base::setPassword() /**
* @var string * Internal flag whether using self::MODE_3CBC or not
* @access private *
*/ * @var bool
var $password_default_salt = 'phpseclib'; * @access private
*/
/** var $mode_3cbc;
* The namespace used by the cipher for its constants.
* /**
* @see Crypt_DES::const_namespace * The \phpseclib\Crypt\DES objects
* @see Crypt_Base::const_namespace *
* @var string * Used only if $mode_3cbc === true
* @access private *
*/ * @var array
var $const_namespace = 'DES'; * @access private
*/
/** var $des;
* The mcrypt specific name of the cipher
* /**
* @see Crypt_DES::cipher_name_mcrypt * Default Constructor.
* @see Crypt_Base::cipher_name_mcrypt *
* @var string * Determines whether or not the mcrypt extension should be used.
* @access private *
*/ * $mode could be:
var $cipher_name_mcrypt = 'tripledes'; *
* - \phpseclib\Crypt\Base::MODE_ECB
/** *
* Optimizing value while CFB-encrypting * - \phpseclib\Crypt\Base::MODE_CBC
* *
* @see Crypt_Base::cfb_init_len * - \phpseclib\Crypt\Base::MODE_CTR
* @var int *
* @access private * - \phpseclib\Crypt\Base::MODE_CFB
*/ *
var $cfb_init_len = 750; * - \phpseclib\Crypt\Base::MODE_OFB
*
/** * - \phpseclib\Crypt\TripleDES::MODE_3CBC
* max possible size of $key *
* * If not explicitly set, \phpseclib\Crypt\Base::MODE_CBC will be used.
* @see self::setKey() *
* @see Crypt_DES::setKey() * @see \phpseclib\Crypt\DES::__construct()
* @var string * @see \phpseclib\Crypt\Base::__construct()
* @access private * @param int $mode
*/ * @access public
var $key_length_max = 24; */
function __construct($mode = Base::MODE_CBC)
/** {
* Internal flag whether using CRYPT_DES_MODE_3CBC or not switch ($mode) {
* // In case of self::MODE_3CBC, we init as CRYPT_DES_MODE_CBC
* @var bool // and additional flag us internally as 3CBC
* @access private case self::MODE_3CBC:
*/ parent::__construct(Base::MODE_CBC);
var $mode_3cbc; $this->mode_3cbc = true;
/** // This three $des'es will do the 3CBC work (if $key > 64bits)
* The Crypt_DES objects $this->des = array(
* new DES(Base::MODE_CBC),
* Used only if $mode_3cbc === true new DES(Base::MODE_CBC),
* new DES(Base::MODE_CBC),
* @var array );
* @access private
*/ // we're going to be doing the padding, ourselves, so disable it in the \phpseclib\Crypt\DES objects
var $des; $this->des[0]->disablePadding();
$this->des[1]->disablePadding();
/** $this->des[2]->disablePadding();
* Default Constructor. break;
* // If not 3CBC, we init as usual
* Determines whether or not the mcrypt extension should be used. default:
* parent::__construct($mode);
* $mode could be: }
* }
* - CRYPT_DES_MODE_ECB
* /**
* - CRYPT_DES_MODE_CBC * Test for engine validity
* *
* - CRYPT_DES_MODE_CTR * This is mainly just a wrapper to set things up for \phpseclib\Crypt\Base::isValidEngine()
* *
* - CRYPT_DES_MODE_CFB * @see \phpseclib\Crypt\Base::__construct()
* * @param int $engine
* - CRYPT_DES_MODE_OFB * @access public
* * @return bool
* - CRYPT_DES_MODE_3CBC */
* function isValidEngine($engine)
* If not explicitly set, CRYPT_DES_MODE_CBC will be used. {
* if ($engine == self::ENGINE_OPENSSL) {
* @see Crypt_DES::Crypt_DES() $this->cipher_name_openssl_ecb = 'des-ede3';
* @see Crypt_Base::Crypt_Base() $mode = $this->_openssl_translate_mode();
* @param int $mode $this->cipher_name_openssl = $mode == 'ecb' ? 'des-ede3' : 'des-ede3-' . $mode;
* @access public }
*/
function Crypt_TripleDES($mode = CRYPT_MODE_CBC) return parent::isValidEngine($engine);
{ }
switch ($mode) {
// In case of CRYPT_DES_MODE_3CBC, we init as CRYPT_DES_MODE_CBC /**
// and additional flag us internally as 3CBC * Sets the initialization vector. (optional)
case CRYPT_DES_MODE_3CBC: *
parent::Crypt_Base(CRYPT_MODE_CBC); * SetIV is not required when \phpseclib\Crypt\Base::MODE_ECB is being used. If not explicitly set, it'll be assumed
$this->mode_3cbc = true; * to be all zero's.
*
// This three $des'es will do the 3CBC work (if $key > 64bits) * @see \phpseclib\Crypt\Base::setIV()
$this->des = array( * @access public
new Crypt_DES(CRYPT_MODE_CBC), * @param string $iv
new Crypt_DES(CRYPT_MODE_CBC), */
new Crypt_DES(CRYPT_MODE_CBC), function setIV($iv)
); {
parent::setIV($iv);
// we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects if ($this->mode_3cbc) {
$this->des[0]->disablePadding(); $this->des[0]->setIV($iv);
$this->des[1]->disablePadding(); $this->des[1]->setIV($iv);
$this->des[2]->disablePadding(); $this->des[2]->setIV($iv);
break; }
// If not 3CBC, we init as usual }
default:
parent::Crypt_Base($mode); /**
} * Sets the key length.
} *
* Valid key lengths are 64, 128 and 192
/** *
* Test for engine validity * @see \phpseclib\Crypt\Base:setKeyLength()
* * @access public
* This is mainly just a wrapper to set things up for Crypt_Base::isValidEngine() * @param int $length
* */
* @see Crypt_Base::Crypt_Base() function setKeyLength($length)
* @param int $engine {
* @access public $length >>= 3;
* @return bool switch (true) {
*/ case $length <= 8:
function isValidEngine($engine) $this->key_length = 8;
{ break;
if ($engine == CRYPT_ENGINE_OPENSSL) { case $length <= 16:
$this->cipher_name_openssl_ecb = 'des-ede3'; $this->key_length = 16;
$mode = $this->_openssl_translate_mode(); break;
$this->cipher_name_openssl = $mode == 'ecb' ? 'des-ede3' : 'des-ede3-' . $mode; default:
} $this->key_length = 24;
}
return parent::isValidEngine($engine);
} parent::setKeyLength($length);
}
/**
* Sets the initialization vector. (optional) /**
* * Sets the key.
* SetIV is not required when CRYPT_DES_MODE_ECB is being used. If not explicitly set, it'll be assumed *
* to be all zero's. * Keys can be of any length. Triple DES, itself, can use 128-bit (eg. strlen($key) == 16) or
* * 192-bit (eg. strlen($key) == 24) keys. This function pads and truncates $key as appropriate.
* @see Crypt_Base::setIV() *
* @access public * DES also requires that every eighth bit be a parity bit, however, we'll ignore that.
* @param string $iv *
*/ * If the key is not explicitly set, it'll be assumed to be all null bytes.
function setIV($iv) *
{ * @access public
parent::setIV($iv); * @see \phpseclib\Crypt\DES::setKey()
if ($this->mode_3cbc) { * @see \phpseclib\Crypt\Base::setKey()
$this->des[0]->setIV($iv); * @param string $key
$this->des[1]->setIV($iv); */
$this->des[2]->setIV($iv); function setKey($key)
} {
} $length = $this->explicit_key_length ? $this->key_length : strlen($key);
if ($length > 8) {
/** $key = str_pad(substr($key, 0, 24), 24, chr(0));
* Sets the key length. // if $key is between 64 and 128-bits, use the first 64-bits as the last, per this:
* // http://php.net/function.mcrypt-encrypt#47973
* Valid key lengths are 64, 128 and 192 $key = $length <= 16 ? substr_replace($key, substr($key, 0, 8), 16) : substr($key, 0, 24);
* } else {
* @see Crypt_Base:setKeyLength() $key = str_pad($key, 8, chr(0));
* @access public }
* @param int $length parent::setKey($key);
*/
function setKeyLength($length) // And in case of self::MODE_3CBC:
{ // if key <= 64bits we not need the 3 $des to work,
$length >>= 3; // because we will then act as regular DES-CBC with just a <= 64bit key.
switch (true) { // So only if the key > 64bits (> 8 bytes) we will call setKey() for the 3 $des.
case $length <= 8: if ($this->mode_3cbc && $length > 8) {
$this->key_length = 8; $this->des[0]->setKey(substr($key, 0, 8));
break; $this->des[1]->setKey(substr($key, 8, 8));
case $length <= 16: $this->des[2]->setKey(substr($key, 16, 8));
$this->key_length = 16; }
break; }
default:
$this->key_length = 24; /**
} * Encrypts a message.
*
parent::setKeyLength($length); * @see \phpseclib\Crypt\Base::encrypt()
} * @access public
* @param string $plaintext
/** * @return string $cipertext
* Sets the key. */
* function encrypt($plaintext)
* Keys can be of any length. Triple DES, itself, can use 128-bit (eg. strlen($key) == 16) or {
* 192-bit (eg. strlen($key) == 24) keys. This function pads and truncates $key as appropriate. // parent::en/decrypt() is able to do all the work for all modes and keylengths,
* // except for: self::MODE_3CBC (inner chaining CBC) with a key > 64bits
* DES also requires that every eighth bit be a parity bit, however, we'll ignore that.
* // if the key is smaller then 8, do what we'd normally do
* If the key is not explicitly set, it'll be assumed to be all null bytes. if ($this->mode_3cbc && strlen($this->key) > 8) {
* return $this->des[2]->encrypt(
* @access public $this->des[1]->decrypt(
* @see Crypt_DES::setKey() $this->des[0]->encrypt(
* @see Crypt_Base::setKey() $this->_pad($plaintext)
* @param string $key )
*/ )
function setKey($key) );
{ }
$length = $this->explicit_key_length ? $this->key_length : strlen($key);
if ($length > 8) { return parent::encrypt($plaintext);
$key = str_pad(substr($key, 0, 24), 24, chr(0)); }
// if $key is between 64 and 128-bits, use the first 64-bits as the last, per this:
// http://php.net/function.mcrypt-encrypt#47973 /**
$key = $length <= 16 ? substr_replace($key, substr($key, 0, 8), 16) : substr($key, 0, 24); * Decrypts a message.
} else { *
$key = str_pad($key, 8, chr(0)); * @see \phpseclib\Crypt\Base::decrypt()
} * @access public
parent::setKey($key); * @param string $ciphertext
* @return string $plaintext
// And in case of CRYPT_DES_MODE_3CBC: */
// if key <= 64bits we not need the 3 $des to work, function decrypt($ciphertext)
// because we will then act as regular DES-CBC with just a <= 64bit key. {
// So only if the key > 64bits (> 8 bytes) we will call setKey() for the 3 $des. if ($this->mode_3cbc && strlen($this->key) > 8) {
if ($this->mode_3cbc && $length > 8) { return $this->_unpad(
$this->des[0]->setKey(substr($key, 0, 8)); $this->des[0]->decrypt(
$this->des[1]->setKey(substr($key, 8, 8)); $this->des[1]->encrypt(
$this->des[2]->setKey(substr($key, 16, 8)); $this->des[2]->decrypt(
} str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, "\0")
} )
)
/** )
* Encrypts a message. );
* }
* @see Crypt_Base::encrypt()
* @access public return parent::decrypt($ciphertext);
* @param string $plaintext }
* @return string $cipertext
*/ /**
function encrypt($plaintext) * Treat consecutive "packets" as if they are a continuous buffer.
{ *
// parent::en/decrypt() is able to do all the work for all modes and keylengths, * Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets
// except for: CRYPT_MODE_3CBC (inner chaining CBC) with a key > 64bits * will yield different outputs:
*
// if the key is smaller then 8, do what we'd normally do * <code>
if ($this->mode_3cbc && strlen($this->key) > 8) { * echo $des->encrypt(substr($plaintext, 0, 8));
return $this->des[2]->encrypt( * echo $des->encrypt(substr($plaintext, 8, 8));
$this->des[1]->decrypt( * </code>
$this->des[0]->encrypt( * <code>
$this->_pad($plaintext) * echo $des->encrypt($plaintext);
) * </code>
) *
); * The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
} * another, as demonstrated with the following:
*
return parent::encrypt($plaintext); * <code>
} * $des->encrypt(substr($plaintext, 0, 8));
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
/** * </code>
* Decrypts a message. * <code>
* * echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
* @see Crypt_Base::decrypt() * </code>
* @access public *
* @param string $ciphertext * With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
* @return string $plaintext * outputs. The reason is due to the fact that the initialization vector's change after every encryption /
*/ * decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
function decrypt($ciphertext) *
{ * Put another way, when the continuous buffer is enabled, the state of the \phpseclib\Crypt\DES() object changes after each
if ($this->mode_3cbc && strlen($this->key) > 8) { * encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
return $this->_unpad( * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
$this->des[0]->decrypt( * however, they are also less intuitive and more likely to cause you problems.
$this->des[1]->encrypt( *
$this->des[2]->decrypt( * @see \phpseclib\Crypt\Base::enableContinuousBuffer()
str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, "\0") * @see self::disableContinuousBuffer()
) * @access public
) */
) function enableContinuousBuffer()
); {
} parent::enableContinuousBuffer();
if ($this->mode_3cbc) {
return parent::decrypt($ciphertext); $this->des[0]->enableContinuousBuffer();
} $this->des[1]->enableContinuousBuffer();
$this->des[2]->enableContinuousBuffer();
/** }
* Treat consecutive "packets" as if they are a continuous buffer. }
*
* Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets /**
* will yield different outputs: * Treat consecutive packets as if they are a discontinuous buffer.
* *
* <code> * The default behavior.
* echo $des->encrypt(substr($plaintext, 0, 8)); *
* echo $des->encrypt(substr($plaintext, 8, 8)); * @see \phpseclib\Crypt\Base::disableContinuousBuffer()
* </code> * @see self::enableContinuousBuffer()
* <code> * @access public
* echo $des->encrypt($plaintext); */
* </code> function disableContinuousBuffer()
* {
* The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates parent::disableContinuousBuffer();
* another, as demonstrated with the following: if ($this->mode_3cbc) {
* $this->des[0]->disableContinuousBuffer();
* <code> $this->des[1]->disableContinuousBuffer();
* $des->encrypt(substr($plaintext, 0, 8)); $this->des[2]->disableContinuousBuffer();
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8))); }
* </code> }
* <code>
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8))); /**
* </code> * Creates the key schedule
* *
* With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different * @see \phpseclib\Crypt\DES::_setupKey()
* outputs. The reason is due to the fact that the initialization vector's change after every encryption / * @see \phpseclib\Crypt\Base::_setupKey()
* decryption round when the continuous buffer is enabled. When it's disabled, they remain constant. * @access private
* */
* Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each function _setupKey()
* encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that {
* continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them), switch (true) {
* however, they are also less intuitive and more likely to cause you problems. // if $key <= 64bits we configure our internal pure-php cipher engine
* // to act as regular [1]DES, not as 3DES. mcrypt.so::tripledes does the same.
* @see Crypt_Base::enableContinuousBuffer() case strlen($this->key) <= 8:
* @see self::disableContinuousBuffer() $this->des_rounds = 1;
* @access public break;
*/
function enableContinuousBuffer() // otherwise, if $key > 64bits, we configure our engine to work as 3DES.
{ default:
parent::enableContinuousBuffer(); $this->des_rounds = 3;
if ($this->mode_3cbc) {
$this->des[0]->enableContinuousBuffer(); // (only) if 3CBC is used we have, of course, to setup the $des[0-2] keys also separately.
$this->des[1]->enableContinuousBuffer(); if ($this->mode_3cbc) {
$this->des[2]->enableContinuousBuffer(); $this->des[0]->_setupKey();
} $this->des[1]->_setupKey();
} $this->des[2]->_setupKey();
/** // because $des[0-2] will, now, do all the work we can return here
* Treat consecutive packets as if they are a discontinuous buffer. // not need unnecessary stress parent::_setupKey() with our, now unused, $key.
* return;
* The default behavior. }
* }
* @see Crypt_Base::disableContinuousBuffer() // setup our key
* @see self::enableContinuousBuffer() parent::_setupKey();
* @access public }
*/
function disableContinuousBuffer() /**
{ * Sets the internal crypt engine
parent::disableContinuousBuffer(); *
if ($this->mode_3cbc) { * @see \phpseclib\Crypt\Base::__construct()
$this->des[0]->disableContinuousBuffer(); * @see \phpseclib\Crypt\Base::setPreferredEngine()
$this->des[1]->disableContinuousBuffer(); * @param int $engine
$this->des[2]->disableContinuousBuffer(); * @access public
} * @return int
} */
function setPreferredEngine($engine)
/** {
* Creates the key schedule if ($this->mode_3cbc) {
* $this->des[0]->setPreferredEngine($engine);
* @see Crypt_DES::_setupKey() $this->des[1]->setPreferredEngine($engine);
* @see Crypt_Base::_setupKey() $this->des[2]->setPreferredEngine($engine);
* @access private }
*/
function _setupKey() return parent::setPreferredEngine($engine);
{ }
switch (true) { }
// if $key <= 64bits we configure our internal pure-php cipher engine
// to act as regular [1]DES, not as 3DES. mcrypt.so::tripledes does the same.
case strlen($this->key) <= 8:
$this->des_rounds = 1;
break;
// otherwise, if $key > 64bits, we configure our engine to work as 3DES.
default:
$this->des_rounds = 3;
// (only) if 3CBC is used we have, of course, to setup the $des[0-2] keys also separately.
if ($this->mode_3cbc) {
$this->des[0]->_setupKey();
$this->des[1]->_setupKey();
$this->des[2]->_setupKey();
// because $des[0-2] will, now, do all the work we can return here
// not need unnecessary stress parent::_setupKey() with our, now unused, $key.
return;
}
}
// setup our key
parent::_setupKey();
}
/**
* Sets the internal crypt engine
*
* @see Crypt_Base::Crypt_Base()
* @see Crypt_Base::setPreferredEngine()
* @param int $engine
* @access public
* @return int
*/
function setPreferredEngine($engine)
{
if ($this->mode_3cbc) {
$this->des[0]->setPreferredEngine($engine);
$this->des[1]->setPreferredEngine($engine);
$this->des[2]->setPreferredEngine($engine);
}
return parent::setPreferredEngine($engine);
}
}

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,47 @@
<?php
/**
* Pure-PHP ASN.1 Parser
*
* PHP version 5
*
* @category File
* @package ASN1
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2012 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\File\ASN1;
/**
* ASN.1 Element
*
* Bypass normal encoding rules in phpseclib\File\ASN1::encodeDER()
*
* @package ASN1
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
class Element
{
/**
* Raw element value
*
* @var string
* @access private
*/
var $element;
/**
* Constructor
*
* @param string $encoded
* @return \phpseclib\File\ASN1\Element
* @access public
*/
function __construct($encoded)
{
$this->element = $encoded;
}
}

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -1,360 +1,337 @@
<?php <?php
/** /**
* Pure-PHP implementation of SCP. * Pure-PHP implementation of SCP.
* *
* PHP versions 4 and 5 * PHP version 5
* *
* The API for this library is modeled after the API from PHP's {@link http://php.net/book.ftp FTP extension}. * The API for this library is modeled after the API from PHP's {@link http://php.net/book.ftp FTP extension}.
* *
* Here's a short example of how to use this library: * Here's a short example of how to use this library:
* <code> * <code>
* <?php * <?php
* include 'Net/SCP.php'; * include 'vendor/autoload.php';
* include 'Net/SSH2.php'; *
* * $ssh = new \phpseclib\Net\SSH2('www.domain.tld');
* $ssh = new Net_SSH2('www.domain.tld'); * if (!$ssh->login('username', 'password')) {
* if (!$ssh->login('username', 'password')) { * exit('bad login');
* exit('bad login'); * }
* } * $scp = new \phpseclib\Net\SCP($ssh);
* *
* $scp = new Net_SCP($ssh); * $scp->put('abcd', str_repeat('x', 1024*1024));
* $scp->put('abcd', str_repeat('x', 1024*1024)); * ?>
* ?> * </code>
* </code> *
* * @category Net
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * @package SCP
* of this software and associated documentation files (the "Software"), to deal * @author Jim Wigginton <terrafrost@php.net>
* in the Software without restriction, including without limitation the rights * @copyright 2010 Jim Wigginton
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * @license http://www.opensource.org/licenses/mit-license.html MIT License
* copies of the Software, and to permit persons to whom the Software is * @link http://phpseclib.sourceforge.net
* furnished to do so, subject to the following conditions: */
*
* The above copyright notice and this permission notice shall be included in namespace phpseclib\Net;
* all copies or substantial portions of the Software.
* /**
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * Pure-PHP implementations of SCP.
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, *
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * @package SCP
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * @author Jim Wigginton <terrafrost@php.net>
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * @access public
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN */
* THE SOFTWARE. class SCP
* {
* @category Net /**#@+
* @package Net_SCP * @access public
* @author Jim Wigginton <terrafrost@php.net> * @see \phpseclib\Net\SCP::put()
* @copyright 2010 Jim Wigginton */
* @license http://www.opensource.org/licenses/mit-license.html MIT License /**
* @link http://phpseclib.sourceforge.net * Reads data from a local file.
*/ */
const SOURCE_LOCAL_FILE = 1;
/**#@+ /**
* @access public * Reads data from a string.
* @see self::put() */
*/ const SOURCE_STRING = 2;
/** /**#@-*/
* Reads data from a local file.
*/ /**#@+
define('NET_SCP_LOCAL_FILE', 1); * @access private
/** * @see \phpseclib\Net\SCP::_send()
* Reads data from a string. * @see \phpseclib\Net\SCP::_receive()
*/ */
define('NET_SCP_STRING', 2); /**
/**#@-*/ * SSH1 is being used.
*/
/**#@+ const MODE_SSH1 = 1;
* @access private /**
* @see self::_send() * SSH2 is being used.
* @see self::_receive() */
*/ const MODE_SSH2 = 2;
/** /**#@-*/
* SSH1 is being used.
*/ /**
define('NET_SCP_SSH1', 1); * SSH Object
/** *
* SSH2 is being used. * @var object
*/ * @access private
define('NET_SCP_SSH2', 2); */
/**#@-*/ var $ssh;
/** /**
* Pure-PHP implementations of SCP. * Packet Size
* *
* @package Net_SCP * @var int
* @author Jim Wigginton <terrafrost@php.net> * @access private
* @access public */
*/ var $packet_size;
class Net_SCP
{ /**
/** * Mode
* SSH Object *
* * @var int
* @var object * @access private
* @access private */
*/ var $mode;
var $ssh;
/**
/** * Default Constructor.
* Packet Size *
* * Connects to an SSH server
* @var int *
* @access private * @param \phpseclib\Net\SSH1|\phpseclib\Net\SSH2 $ssh
*/ * @return \phpseclib\Net\SCP
var $packet_size; * @access public
*/
/** function __construct($ssh)
* Mode {
* if ($ssh instanceof SSH2) {
* @var int $this->mode = self::MODE_SSH2;
* @access private } elseif ($ssh instanceof SSH1) {
*/ $this->packet_size = 50000;
var $mode; $this->mode = self::MODE_SSH1;
} else {
/** return;
* Default Constructor. }
*
* Connects to an SSH server $this->ssh = $ssh;
* }
* @param string $host
* @param int $port /**
* @param int $timeout * Uploads a file to the SCP server.
* @return Net_SCP *
* @access public * By default, \phpseclib\Net\SCP::put() does not read from the local filesystem. $data is dumped directly into $remote_file.
*/ * So, for example, if you set $data to 'filename.ext' and then do \phpseclib\Net\SCP::get(), you will get a file, twelve bytes
function Net_SCP($ssh) * long, containing 'filename.ext' as its contents.
{ *
if (!is_object($ssh)) { * Setting $mode to self::SOURCE_LOCAL_FILE will change the above behavior. With self::SOURCE_LOCAL_FILE, $remote_file will
return; * contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how
} * large $remote_file will be, as well.
*
switch (strtolower(get_class($ssh))) { * Currently, only binary mode is supported. As such, if the line endings need to be adjusted, you will need to take
case 'net_ssh2': * care of that, yourself.
$this->mode = NET_SCP_SSH2; *
break; * @param string $remote_file
case 'net_ssh1': * @param string $data
$this->packet_size = 50000; * @param int $mode
$this->mode = NET_SCP_SSH1; * @param callable $callback
break; * @return bool
default: * @access public
return; */
} function put($remote_file, $data, $mode = self::SOURCE_STRING, $callback = null)
{
$this->ssh = $ssh; if (!isset($this->ssh)) {
} return false;
}
/**
* Uploads a file to the SCP server. if (!$this->ssh->exec('scp -t ' . escapeshellarg($remote_file), false)) { // -t = to
* return false;
* By default, Net_SCP::put() does not read from the local filesystem. $data is dumped directly into $remote_file. }
* So, for example, if you set $data to 'filename.ext' and then do Net_SCP::get(), you will get a file, twelve bytes
* long, containing 'filename.ext' as its contents. $temp = $this->_receive();
* if ($temp !== chr(0)) {
* Setting $mode to NET_SCP_LOCAL_FILE will change the above behavior. With NET_SCP_LOCAL_FILE, $remote_file will return false;
* contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how }
* large $remote_file will be, as well.
* if ($this->mode == self::MODE_SSH2) {
* Currently, only binary mode is supported. As such, if the line endings need to be adjusted, you will need to take $this->packet_size = $this->ssh->packet_size_client_to_server[SSH2::CHANNEL_EXEC] - 4;
* care of that, yourself. }
*
* @param string $remote_file $remote_file = basename($remote_file);
* @param string $data
* @param int $mode if ($mode == self::SOURCE_STRING) {
* @param callable $callback $size = strlen($data);
* @return bool } else {
* @access public if (!is_file($data)) {
*/ user_error("$data is not a valid file", E_USER_NOTICE);
function put($remote_file, $data, $mode = NET_SCP_STRING, $callback = null) return false;
{ }
if (!isset($this->ssh)) {
return false; $fp = @fopen($data, 'rb');
} if (!$fp) {
return false;
if (!$this->ssh->exec('scp -t ' . escapeshellarg($remote_file), false)) { // -t = to }
return false; $size = filesize($data);
} }
$temp = $this->_receive(); $this->_send('C0644 ' . $size . ' ' . $remote_file . "\n");
if ($temp !== chr(0)) {
return false; $temp = $this->_receive();
} if ($temp !== chr(0)) {
return false;
if ($this->mode == NET_SCP_SSH2) { }
$this->packet_size = $this->ssh->packet_size_client_to_server[NET_SSH2_CHANNEL_EXEC] - 4;
} $sent = 0;
while ($sent < $size) {
$remote_file = basename($remote_file); $temp = $mode & self::SOURCE_STRING ? substr($data, $sent, $this->packet_size) : fread($fp, $this->packet_size);
$this->_send($temp);
if ($mode == NET_SCP_STRING) { $sent+= strlen($temp);
$size = strlen($data);
} else { if (is_callable($callback)) {
if (!is_file($data)) { call_user_func($callback, $sent);
user_error("$data is not a valid file", E_USER_NOTICE); }
return false; }
} $this->_close();
$fp = @fopen($data, 'rb'); if ($mode != self::SOURCE_STRING) {
if (!$fp) { fclose($fp);
return false; }
}
$size = filesize($data); return true;
} }
$this->_send('C0644 ' . $size . ' ' . $remote_file . "\n"); /**
* Downloads a file from the SCP server.
$temp = $this->_receive(); *
if ($temp !== chr(0)) { * Returns a string containing the contents of $remote_file if $local_file is left undefined or a boolean false if
return false; * the operation was unsuccessful. If $local_file is defined, returns true or false depending on the success of the
} * operation
*
$sent = 0; * @param string $remote_file
while ($sent < $size) { * @param string $local_file
$temp = $mode & NET_SCP_STRING ? substr($data, $sent, $this->packet_size) : fread($fp, $this->packet_size); * @return mixed
$this->_send($temp); * @access public
$sent+= strlen($temp); */
function get($remote_file, $local_file = false)
if (is_callable($callback)) { {
call_user_func($callback, $sent); if (!isset($this->ssh)) {
} return false;
} }
$this->_close();
if (!$this->ssh->exec('scp -f ' . escapeshellarg($remote_file), false)) { // -f = from
if ($mode != NET_SCP_STRING) { return false;
fclose($fp); }
}
$this->_send("\0");
return true;
} if (!preg_match('#(?<perms>[^ ]+) (?<size>\d+) (?<name>.+)#', rtrim($this->_receive()), $info)) {
return false;
/** }
* Downloads a file from the SCP server.
* $this->_send("\0");
* Returns a string containing the contents of $remote_file if $local_file is left undefined or a boolean false if
* the operation was unsuccessful. If $local_file is defined, returns true or false depending on the success of the $size = 0;
* operation
* if ($local_file !== false) {
* @param string $remote_file $fp = @fopen($local_file, 'wb');
* @param string $local_file if (!$fp) {
* @return mixed return false;
* @access public }
*/ }
function get($remote_file, $local_file = false)
{ $content = '';
if (!isset($this->ssh)) { while ($size < $info['size']) {
return false; $data = $this->_receive();
} // SCP usually seems to split stuff out into 16k chunks
$size+= strlen($data);
if (!$this->ssh->exec('scp -f ' . escapeshellarg($remote_file), false)) { // -f = from
return false; if ($local_file === false) {
} $content.= $data;
} else {
$this->_send("\0"); fputs($fp, $data);
}
if (!preg_match('#(?<perms>[^ ]+) (?<size>\d+) (?<name>.+)#', rtrim($this->_receive()), $info)) { }
return false;
} $this->_close();
$this->_send("\0"); if ($local_file !== false) {
fclose($fp);
$size = 0; return true;
}
if ($local_file !== false) {
$fp = @fopen($local_file, 'wb'); return $content;
if (!$fp) { }
return false;
} /**
} * Sends a packet to an SSH server
*
$content = ''; * @param string $data
while ($size < $info['size']) { * @access private
$data = $this->_receive(); */
// SCP usually seems to split stuff out into 16k chunks function _send($data)
$size+= strlen($data); {
switch ($this->mode) {
if ($local_file === false) { case self::MODE_SSH2:
$content.= $data; $this->ssh->_send_channel_packet(SSH2::CHANNEL_EXEC, $data);
} else { break;
fputs($fp, $data); case self::MODE_SSH1:
} $data = pack('CNa*', NET_SSH1_CMSG_STDIN_DATA, strlen($data), $data);
} $this->ssh->_send_binary_packet($data);
}
$this->_close(); }
if ($local_file !== false) { /**
fclose($fp); * Receives a packet from an SSH server
return true; *
} * @return string
* @access private
return $content; */
} function _receive()
{
/** switch ($this->mode) {
* Sends a packet to an SSH server case self::MODE_SSH2:
* return $this->ssh->_get_channel_packet(SSH2::CHANNEL_EXEC, true);
* @param string $data case self::MODE_SSH1:
* @access private if (!$this->ssh->bitmap) {
*/ return false;
function _send($data) }
{ while (true) {
switch ($this->mode) { $response = $this->ssh->_get_binary_packet();
case NET_SCP_SSH2: switch ($response[SSH1::RESPONSE_TYPE]) {
$this->ssh->_send_channel_packet(NET_SSH2_CHANNEL_EXEC, $data); case NET_SSH1_SMSG_STDOUT_DATA:
break; if (strlen($response[SSH1::RESPONSE_DATA]) < 4) {
case NET_SCP_SSH1: return false;
$data = pack('CNa*', NET_SSH1_CMSG_STDIN_DATA, strlen($data), $data); }
$this->ssh->_send_binary_packet($data); extract(unpack('Nlength', $response[SSH1::RESPONSE_DATA]));
} return $this->ssh->_string_shift($response[SSH1::RESPONSE_DATA], $length);
} case NET_SSH1_SMSG_STDERR_DATA:
break;
/** case NET_SSH1_SMSG_EXITSTATUS:
* Receives a packet from an SSH server $this->ssh->_send_binary_packet(chr(NET_SSH1_CMSG_EXIT_CONFIRMATION));
* fclose($this->ssh->fsock);
* @return string $this->ssh->bitmap = 0;
* @access private return false;
*/ default:
function _receive() user_error('Unknown packet received', E_USER_NOTICE);
{ return false;
switch ($this->mode) { }
case NET_SCP_SSH2: }
return $this->ssh->_get_channel_packet(NET_SSH2_CHANNEL_EXEC, true); }
case NET_SCP_SSH1: }
if (!$this->ssh->bitmap) {
return false; /**
} * Closes the connection to an SSH server
while (true) { *
$response = $this->ssh->_get_binary_packet(); * @access private
switch ($response[NET_SSH1_RESPONSE_TYPE]) { */
case NET_SSH1_SMSG_STDOUT_DATA: function _close()
extract(unpack('Nlength', $response[NET_SSH1_RESPONSE_DATA])); {
return $this->ssh->_string_shift($response[NET_SSH1_RESPONSE_DATA], $length); switch ($this->mode) {
case NET_SSH1_SMSG_STDERR_DATA: case self::MODE_SSH2:
break; $this->ssh->_close_channel(SSH2::CHANNEL_EXEC, true);
case NET_SSH1_SMSG_EXITSTATUS: break;
$this->ssh->_send_binary_packet(chr(NET_SSH1_CMSG_EXIT_CONFIRMATION)); case self::MODE_SSH1:
fclose($this->ssh->fsock); $this->ssh->disconnect();
$this->ssh->bitmap = 0; }
return false; }
default: }
user_error('Unknown packet received', E_USER_NOTICE);
return false;
}
}
}
}
/**
* Closes the connection to an SSH server
*
* @access private
*/
function _close()
{
switch ($this->mode) {
case NET_SCP_SSH2:
$this->ssh->_close_channel(NET_SSH2_CHANNEL_EXEC, true);
break;
case NET_SCP_SSH1:
$this->ssh->disconnect();
}
}
}

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -1,463 +1,308 @@
<?php <?php
/** /**
* Pure-PHP ssh-agent client. * Pure-PHP ssh-agent client.
* *
* PHP versions 4 and 5 * PHP version 5
* *
* Here are some examples of how to use this library: * Here are some examples of how to use this library:
* <code> * <code>
* <?php * <?php
* include 'System/SSH/Agent.php'; * include 'vendor/autoload.php';
* include 'Net/SSH2.php'; *
* * $agent = new \phpseclib\System\SSH\Agent();
* $agent = new System_SSH_Agent(); *
* * $ssh = new \phpseclib\Net\SSH2('www.domain.tld');
* $ssh = new Net_SSH2('www.domain.tld'); * if (!$ssh->login('username', $agent)) {
* if (!$ssh->login('username', $agent)) { * exit('Login Failed');
* exit('Login Failed'); * }
* } *
* * echo $ssh->exec('pwd');
* echo $ssh->exec('pwd'); * echo $ssh->exec('ls -la');
* echo $ssh->exec('ls -la'); * ?>
* ?> * </code>
* </code> *
* * @category System
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * @package SSH\Agent
* of this software and associated documentation files (the "Software"), to deal * @author Jim Wigginton <terrafrost@php.net>
* in the Software without restriction, including without limitation the rights * @copyright 2014 Jim Wigginton
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * @license http://www.opensource.org/licenses/mit-license.html MIT License
* copies of the Software, and to permit persons to whom the Software is * @link http://phpseclib.sourceforge.net
* furnished to do so, subject to the following conditions: * @internal See http://api.libssh.org/rfc/PROTOCOL.agent
* */
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software. namespace phpseclib\System\SSH;
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR use phpseclib\Crypt\RSA;
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, use phpseclib\System\SSH\Agent\Identity;
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER /**
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * Pure-PHP ssh-agent client identity factory
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN *
* THE SOFTWARE. * requestIdentities() method pumps out \phpseclib\System\SSH\Agent\Identity objects
* *
* @category System * @package SSH\Agent
* @package System_SSH_Agent * @author Jim Wigginton <terrafrost@php.net>
* @author Jim Wigginton <terrafrost@php.net> * @access internal
* @copyright 2014 Jim Wigginton */
* @license http://www.opensource.org/licenses/mit-license.html MIT License class Agent
* @link http://phpseclib.sourceforge.net {
* @internal See http://api.libssh.org/rfc/PROTOCOL.agent /**#@+
*/ * Message numbers
*
/**#@+ * @access private
* Message numbers */
* // to request SSH1 keys you have to use SSH_AGENTC_REQUEST_RSA_IDENTITIES (1)
* @access private const SSH_AGENTC_REQUEST_IDENTITIES = 11;
*/ // this is the SSH2 response; the SSH1 response is SSH_AGENT_RSA_IDENTITIES_ANSWER (2).
// to request SSH1 keys you have to use SSH_AGENTC_REQUEST_RSA_IDENTITIES (1) const SSH_AGENT_IDENTITIES_ANSWER = 12;
define('SYSTEM_SSH_AGENTC_REQUEST_IDENTITIES', 11); // the SSH1 request is SSH_AGENTC_RSA_CHALLENGE (3)
// this is the SSH2 response; the SSH1 response is SSH_AGENT_RSA_IDENTITIES_ANSWER (2). const SSH_AGENTC_SIGN_REQUEST = 13;
define('SYSTEM_SSH_AGENT_IDENTITIES_ANSWER', 12); // the SSH1 response is SSH_AGENT_RSA_RESPONSE (4)
define('SYSTEM_SSH_AGENT_FAILURE', 5); const SSH_AGENT_SIGN_RESPONSE = 14;
// the SSH1 request is SSH_AGENTC_RSA_CHALLENGE (3) /**#@-*/
define('SYSTEM_SSH_AGENTC_SIGN_REQUEST', 13);
// the SSH1 response is SSH_AGENT_RSA_RESPONSE (4) /**@+
define('SYSTEM_SSH_AGENT_SIGN_RESPONSE', 14); * Agent forwarding status
*
* @access private
/**@+ */
* Agent forwarding status // no forwarding requested and not active
* const FORWARD_NONE = 0;
* @access private // request agent forwarding when opportune
*/ const FORWARD_REQUEST = 1;
// no forwarding requested and not active // forwarding has been request and is active
define('SYSTEM_SSH_AGENT_FORWARD_NONE', 0); const FORWARD_ACTIVE = 2;
// request agent forwarding when opportune /**#@-*/
define('SYSTEM_SSH_AGENT_FORWARD_REQUEST', 1);
// forwarding has been request and is active /**
define('SYSTEM_SSH_AGENT_FORWARD_ACTIVE', 2); * Unused
*/
/**#@-*/ const SSH_AGENT_FAILURE = 5;
/** /**
* Pure-PHP ssh-agent client identity object * Socket Resource
* *
* Instantiation should only be performed by System_SSH_Agent class. * @var resource
* This could be thought of as implementing an interface that Crypt_RSA * @access private
* implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something. */
* The methods in this interface would be getPublicKey, setSignatureMode var $fsock;
* and sign since those are the methods phpseclib looks for to perform
* public key authentication. /**
* * Agent forwarding status
* @package System_SSH_Agent *
* @author Jim Wigginton <terrafrost@php.net> * @access private
* @access internal */
*/ var $forward_status = self::FORWARD_NONE;
class System_SSH_Agent_Identity
{ /**
/** * Buffer for accumulating forwarded authentication
* Key Object * agent data arriving on SSH data channel destined
* * for agent unix socket
* @var Crypt_RSA *
* @access private * @access private
* @see self::getPublicKey() */
*/ var $socket_buffer = '';
var $key;
/**
/** * Tracking the number of bytes we are expecting
* Key Blob * to arrive for the agent socket on the SSH data
* * channel
* @var string */
* @access private var $expected_bytes = 0;
* @see self::sign()
*/ /**
var $key_blob; * Default Constructor
*
/** * @return \phpseclib\System\SSH\Agent
* Socket Resource * @access public
* */
* @var resource function __construct()
* @access private {
* @see self::sign() switch (true) {
*/ case isset($_SERVER['SSH_AUTH_SOCK']):
var $fsock; $address = $_SERVER['SSH_AUTH_SOCK'];
break;
/** case isset($_ENV['SSH_AUTH_SOCK']):
* Default Constructor. $address = $_ENV['SSH_AUTH_SOCK'];
* break;
* @param resource $fsock default:
* @return System_SSH_Agent_Identity user_error('SSH_AUTH_SOCK not found');
* @access private return false;
*/ }
function System_SSH_Agent_Identity($fsock)
{ $this->fsock = fsockopen('unix://' . $address, 0, $errno, $errstr);
$this->fsock = $fsock; if (!$this->fsock) {
} user_error("Unable to connect to ssh-agent (Error $errno: $errstr)");
}
/** }
* Set Public Key
* /**
* Called by System_SSH_Agent::requestIdentities() * Request Identities
* *
* @param Crypt_RSA $key * See "2.5.2 Requesting a list of protocol 2 keys"
* @access private * Returns an array containing zero or more \phpseclib\System\SSH\Agent\Identity objects
*/ *
function setPublicKey($key) * @return array
{ * @access public
$this->key = $key; */
$this->key->setPublicKey(); function requestIdentities()
} {
if (!$this->fsock) {
/** return array();
* Set Public Key }
*
* Called by System_SSH_Agent::requestIdentities(). The key blob could be extracted from $this->key $packet = pack('NC', 1, self::SSH_AGENTC_REQUEST_IDENTITIES);
* but this saves a small amount of computation. if (strlen($packet) != fputs($this->fsock, $packet)) {
* user_error('Connection closed while requesting identities');
* @param string $key_blob }
* @access private
*/ $length = current(unpack('N', fread($this->fsock, 4)));
function setPublicKeyBlob($key_blob) $type = ord(fread($this->fsock, 1));
{ if ($type != self::SSH_AGENT_IDENTITIES_ANSWER) {
$this->key_blob = $key_blob; user_error('Unable to request identities');
} }
/** $identities = array();
* Get Public Key $keyCount = current(unpack('N', fread($this->fsock, 4)));
* for ($i = 0; $i < $keyCount; $i++) {
* Wrapper for $this->key->getPublicKey() $length = current(unpack('N', fread($this->fsock, 4)));
* $key_blob = fread($this->fsock, $length);
* @param int $format optional $key_str = 'ssh-rsa ' . base64_encode($key_blob);
* @return mixed $length = current(unpack('N', fread($this->fsock, 4)));
* @access public if ($length) {
*/ $key_str.= ' ' . fread($this->fsock, $length);
function getPublicKey($format = null) }
{ $length = current(unpack('N', substr($key_blob, 0, 4)));
return !isset($format) ? $this->key->getPublicKey() : $this->key->getPublicKey($format); $key_type = substr($key_blob, 4, $length);
} switch ($key_type) {
case 'ssh-rsa':
/** $key = new RSA();
* Set Signature Mode $key->loadKey($key_str);
* break;
* Doesn't do anything as ssh-agent doesn't let you pick and choose the signature mode. ie. case 'ssh-dss':
* ssh-agent's only supported mode is CRYPT_RSA_SIGNATURE_PKCS1 // not currently supported
* break;
* @param int $mode }
* @access public // resources are passed by reference by default
*/ if (isset($key)) {
function setSignatureMode($mode) $identity = new Identity($this->fsock);
{ $identity->setPublicKey($key);
} $identity->setPublicKeyBlob($key_blob);
$identities[] = $identity;
/** unset($key);
* Create a signature }
* }
* See "2.6.2 Protocol 2 private key signature request"
* return $identities;
* @param string $message }
* @return string
* @access public /**
*/ * Signal that agent forwarding should
function sign($message) * be requested when a channel is opened
{ *
// the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE * @param Net_SSH2 $ssh
$packet = pack('CNa*Na*N', SYSTEM_SSH_AGENTC_SIGN_REQUEST, strlen($this->key_blob), $this->key_blob, strlen($message), $message, 0); * @return bool
$packet = pack('Na*', strlen($packet), $packet); * @access public
if (strlen($packet) != fputs($this->fsock, $packet)) { */
user_error('Connection closed during signing'); function startSSHForwarding($ssh)
} {
if ($this->forward_status == self::FORWARD_NONE) {
$length = current(unpack('N', fread($this->fsock, 4))); $this->forward_status = self::FORWARD_REQUEST;
$type = ord(fread($this->fsock, 1)); }
if ($type != SYSTEM_SSH_AGENT_SIGN_RESPONSE) { }
user_error('Unable to retreive signature');
} /**
* Request agent forwarding of remote server
$signature_blob = fread($this->fsock, $length - 1); *
// the only other signature format defined - ssh-dss - is the same length as ssh-rsa * @param Net_SSH2 $ssh
// the + 12 is for the other various SSH added length fields * @return bool
return substr($signature_blob, strlen('ssh-rsa') + 12); * @access private
} */
} function _request_forwarding($ssh)
{
/** $request_channel = $ssh->_get_open_channel();
* Pure-PHP ssh-agent client identity factory if ($request_channel === false) {
* return false;
* requestIdentities() method pumps out System_SSH_Agent_Identity objects }
*
* @package System_SSH_Agent $packet = pack(
* @author Jim Wigginton <terrafrost@php.net> 'CNNa*C',
* @access internal NET_SSH2_MSG_CHANNEL_REQUEST,
*/ $ssh->server_channels[$request_channel],
class System_SSH_Agent strlen('auth-agent-req@openssh.com'),
{ 'auth-agent-req@openssh.com',
/** 1
* Socket Resource );
*
* @var resource $ssh->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_REQUEST;
* @access private
*/ if (!$ssh->_send_binary_packet($packet)) {
var $fsock; return false;
}
/**
* Agent forwarding status $response = $ssh->_get_channel_packet($request_channel);
* if ($response === false) {
* @access private return false;
*/ }
var $forward_status = SYSTEM_SSH_AGENT_FORWARD_NONE;
$ssh->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_OPEN;
/** $this->forward_status = self::FORWARD_ACTIVE;
* Buffer for accumulating forwarded authentication
* agent data arriving on SSH data channel destined return true;
* for agent unix socket }
*
* @access private /**
*/ * On successful channel open
var $socket_buffer = ''; *
* This method is called upon successful channel
/** * open to give the SSH Agent an opportunity
* Tracking the number of bytes we are expecting * to take further action. i.e. request agent forwarding
* to arrive for the agent socket on the SSH data *
* channel * @param Net_SSH2 $ssh
*/ * @access private
var $expected_bytes = 0; */
function _on_channel_open($ssh)
/** {
* Default Constructor if ($this->forward_status == self::FORWARD_REQUEST) {
* $this->_request_forwarding($ssh);
* @return System_SSH_Agent }
* @access public }
*/
function System_SSH_Agent() /**
{ * Forward data to SSH Agent and return data reply
switch (true) { *
case isset($_SERVER['SSH_AUTH_SOCK']): * @param string $data
$address = $_SERVER['SSH_AUTH_SOCK']; * @return data from SSH Agent
break; * @access private
case isset($_ENV['SSH_AUTH_SOCK']): */
$address = $_ENV['SSH_AUTH_SOCK']; function _forward_data($data)
break; {
default: if ($this->expected_bytes > 0) {
user_error('SSH_AUTH_SOCK not found'); $this->socket_buffer.= $data;
return false; $this->expected_bytes -= strlen($data);
} } else {
$agent_data_bytes = current(unpack('N', $data));
$this->fsock = fsockopen('unix://' . $address, 0, $errno, $errstr); $current_data_bytes = strlen($data);
if (!$this->fsock) { $this->socket_buffer = $data;
user_error("Unable to connect to ssh-agent (Error $errno: $errstr)"); if ($current_data_bytes != $agent_data_bytes + 4) {
} $this->expected_bytes = ($agent_data_bytes + 4) - $current_data_bytes;
} return false;
}
/** }
* Request Identities
* if (strlen($this->socket_buffer) != fwrite($this->fsock, $this->socket_buffer)) {
* See "2.5.2 Requesting a list of protocol 2 keys" user_error('Connection closed attempting to forward data to SSH agent');
* Returns an array containing zero or more System_SSH_Agent_Identity objects }
*
* @return array $this->socket_buffer = '';
* @access public $this->expected_bytes = 0;
*/
function requestIdentities() $agent_reply_bytes = current(unpack('N', fread($this->fsock, 4)));
{
if (!$this->fsock) { $agent_reply_data = fread($this->fsock, $agent_reply_bytes);
return array(); $agent_reply_data = current(unpack('a*', $agent_reply_data));
}
return pack('Na*', $agent_reply_bytes, $agent_reply_data);
$packet = pack('NC', 1, SYSTEM_SSH_AGENTC_REQUEST_IDENTITIES); }
if (strlen($packet) != fputs($this->fsock, $packet)) { }
user_error('Connection closed while requesting identities');
}
$length = current(unpack('N', fread($this->fsock, 4)));
$type = ord(fread($this->fsock, 1));
if ($type != SYSTEM_SSH_AGENT_IDENTITIES_ANSWER) {
user_error('Unable to request identities');
}
$identities = array();
$keyCount = current(unpack('N', fread($this->fsock, 4)));
for ($i = 0; $i < $keyCount; $i++) {
$length = current(unpack('N', fread($this->fsock, 4)));
$key_blob = fread($this->fsock, $length);
$key_str = 'ssh-rsa ' . base64_encode($key_blob);
$length = current(unpack('N', fread($this->fsock, 4)));
if ($length) {
$key_str.= ' ' . fread($this->fsock, $length);
}
$length = current(unpack('N', substr($key_blob, 0, 4)));
$key_type = substr($key_blob, 4, $length);
switch ($key_type) {
case 'ssh-rsa':
if (!class_exists('Crypt_RSA')) {
include_once 'Crypt/RSA.php';
}
$key = new Crypt_RSA();
$key->loadKey($key_str);
break;
case 'ssh-dss':
// not currently supported
break;
}
// resources are passed by reference by default
if (isset($key)) {
$identity = new System_SSH_Agent_Identity($this->fsock);
$identity->setPublicKey($key);
$identity->setPublicKeyBlob($key_blob);
$identities[] = $identity;
unset($key);
}
}
return $identities;
}
/**
* Signal that agent forwarding should
* be requested when a channel is opened
*
* @param Net_SSH2 $ssh
* @return bool
* @access public
*/
function startSSHForwarding($ssh)
{
if ($this->forward_status == SYSTEM_SSH_AGENT_FORWARD_NONE) {
$this->forward_status = SYSTEM_SSH_AGENT_FORWARD_REQUEST;
}
}
/**
* Request agent forwarding of remote server
*
* @param Net_SSH2 $ssh
* @return bool
* @access private
*/
function _request_forwarding($ssh)
{
$request_channel = $ssh->_get_open_channel();
if ($request_channel === false) {
return false;
}
$packet = pack(
'CNNa*C',
NET_SSH2_MSG_CHANNEL_REQUEST,
$ssh->server_channels[$request_channel],
strlen('auth-agent-req@openssh.com'),
'auth-agent-req@openssh.com',
1
);
$ssh->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_REQUEST;
if (!$ssh->_send_binary_packet($packet)) {
return false;
}
$response = $ssh->_get_channel_packet($request_channel);
if ($response === false) {
return false;
}
$ssh->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_OPEN;
$this->forward_status = SYSTEM_SSH_AGENT_FORWARD_ACTIVE;
return true;
}
/**
* On successful channel open
*
* This method is called upon successful channel
* open to give the SSH Agent an opportunity
* to take further action. i.e. request agent forwarding
*
* @param Net_SSH2 $ssh
* @access private
*/
function _on_channel_open($ssh)
{
if ($this->forward_status == SYSTEM_SSH_AGENT_FORWARD_REQUEST) {
$this->_request_forwarding($ssh);
}
}
/**
* Forward data to SSH Agent and return data reply
*
* @param string $data
* @return data from SSH Agent
* @access private
*/
function _forward_data($data)
{
if ($this->expected_bytes > 0) {
$this->socket_buffer.= $data;
$this->expected_bytes -= strlen($data);
} else {
$agent_data_bytes = current(unpack('N', $data));
$current_data_bytes = strlen($data);
$this->socket_buffer = $data;
if ($current_data_bytes != $agent_data_bytes + 4) {
$this->expected_bytes = ($agent_data_bytes + 4) - $current_data_bytes;
return false;
}
}
if (strlen($this->socket_buffer) != fwrite($this->fsock, $this->socket_buffer)) {
user_error('Connection closed attempting to forward data to SSH agent');
}
$this->socket_buffer = '';
$this->expected_bytes = 0;
$agent_reply_bytes = current(unpack('N', fread($this->fsock, 4)));
$agent_reply_data = fread($this->fsock, $agent_reply_bytes);
$agent_reply_data = current(unpack('a*', $agent_reply_data));
return pack('Na*', $agent_reply_bytes, $agent_reply_data);
}
}

View File

@ -0,0 +1,158 @@
<?php
/**
* Pure-PHP ssh-agent client.
*
* PHP version 5
*
* @category System
* @package SSH\Agent
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2009 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
* @internal See http://api.libssh.org/rfc/PROTOCOL.agent
*/
namespace phpseclib\System\SSH\Agent;
use phpseclib\System\SSH\Agent;
/**
* Pure-PHP ssh-agent client identity object
*
* Instantiation should only be performed by \phpseclib\System\SSH\Agent class.
* This could be thought of as implementing an interface that phpseclib\Crypt\RSA
* implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something.
* The methods in this interface would be getPublicKey and sign since those are the
* methods phpseclib looks for to perform public key authentication.
*
* @package SSH\Agent
* @author Jim Wigginton <terrafrost@php.net>
* @access internal
*/
class Identity
{
/**
* Key Object
*
* @var \phpseclib\Crypt\RSA
* @access private
* @see self::getPublicKey()
*/
var $key;
/**
* Key Blob
*
* @var string
* @access private
* @see self::sign()
*/
var $key_blob;
/**
* Socket Resource
*
* @var resource
* @access private
* @see self::sign()
*/
var $fsock;
/**
* Default Constructor.
*
* @param resource $fsock
* @return \phpseclib\System\SSH\Agent\Identity
* @access private
*/
function __construct($fsock)
{
$this->fsock = $fsock;
}
/**
* Set Public Key
*
* Called by \phpseclib\System\SSH\Agent::requestIdentities()
*
* @param \phpseclib\Crypt\RSA $key
* @access private
*/
function setPublicKey($key)
{
$this->key = $key;
$this->key->setPublicKey();
}
/**
* Set Public Key
*
* Called by \phpseclib\System\SSH\Agent::requestIdentities(). The key blob could be extracted from $this->key
* but this saves a small amount of computation.
*
* @param string $key_blob
* @access private
*/
function setPublicKeyBlob($key_blob)
{
$this->key_blob = $key_blob;
}
/**
* Get Public Key
*
* Wrapper for $this->key->getPublicKey()
*
* @param int $format optional
* @return mixed
* @access public
*/
function getPublicKey($format = null)
{
return !isset($format) ? $this->key->getPublicKey() : $this->key->getPublicKey($format);
}
/**
* Set Signature Mode
*
* Doesn't do anything as ssh-agent doesn't let you pick and choose the signature mode. ie.
* ssh-agent's only supported mode is \phpseclib\Crypt\RSA::SIGNATURE_PKCS1
*
* @param int $mode
* @access public
*/
function setSignatureMode($mode)
{
}
/**
* Create a signature
*
* See "2.6.2 Protocol 2 private key signature request"
*
* @param string $message
* @return string
* @access public
*/
function sign($message)
{
// the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE
$packet = pack('CNa*Na*N', Agent::SSH_AGENTC_SIGN_REQUEST, strlen($this->key_blob), $this->key_blob, strlen($message), $message, 0);
$packet = pack('Na*', strlen($packet), $packet);
if (strlen($packet) != fputs($this->fsock, $packet)) {
user_error('Connection closed during signing');
}
$length = current(unpack('N', fread($this->fsock, 4)));
$type = ord(fread($this->fsock, 1));
if ($type != Agent::SSH_AGENT_SIGN_RESPONSE) {
user_error('Unable to retrieve signature');
}
$signature_blob = fread($this->fsock, $length - 1);
// the only other signature format defined - ssh-dss - is the same length as ssh-rsa
// the + 12 is for the other various SSH added length fields
return substr($signature_blob, strlen('ssh-rsa') + 12);
}
}

View File

@ -1,39 +0,0 @@
<?php
/**
* Pure-PHP ssh-agent client wrapper
*
* PHP versions 4 and 5
*
* Originally System_SSH_Agent was accessed as System/SSH_Agent.php instead of
* System/SSH/Agent.php. The problem with this is that PSR0 compatible autoloaders
* don't support that kind of directory layout hence the package being moved and
* this "alias" being created to maintain backwards compatibility.
*
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*
* @category System
* @package System_SSH_Agent
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2014 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
* @internal See http://api.libssh.org/rfc/PROTOCOL.agent
*/
require_once 'SSH/Agent.php';

View File

@ -1,6 +1,6 @@
# minimalist openssl.cnf file for use with phpseclib # minimalist openssl.cnf file for use with phpseclib
HOME = . HOME = .
RANDFILE = $ENV::HOME/.rnd RANDFILE = $ENV::HOME/.rnd
[ v3_ca ] [ v3_ca ]

View File

@ -460,10 +460,6 @@ function get_preg($argument, $regexp) {
$language = $_SESSION['language']; $language = $_SESSION['language'];
$language2 = explode ('.', $language); $language2 = explode ('.', $language);
setlocale(LC_ALL, $language2[0]); setlocale(LC_ALL, $language2[0]);
// workaround for buggy PHP with Turkish
if (($language == 'tr_TR.utf8') && (version_compare(phpversion(), '5.5') < 0)) {
setlocale(LC_CTYPE, 'en_GB');
}
// First we check "positive" cases // First we check "positive" cases
$pregexpr = ''; $pregexpr = '';
switch ($regexp) { switch ($regexp) {
@ -592,10 +588,6 @@ function get_preg($argument, $regexp) {
if (preg_match($pregexpr, $argument)) { if (preg_match($pregexpr, $argument)) {
/* Bug in php preg_match doesn't work correct with utf8 */ /* Bug in php preg_match doesn't work correct with utf8 */
setlocale(LC_ALL, $language); setlocale(LC_ALL, $language);
// workaround for buggy PHP with Turkish
if (($language == 'tr_TR.utf8') && (version_compare(phpversion(), '5.5') < 0)) {
setlocale(LC_CTYPE, 'en_GB');
}
return true; return true;
} }
// Now we check "negative" cases, characters which are not allowed // Now we check "negative" cases, characters which are not allowed
@ -615,18 +607,10 @@ function get_preg($argument, $regexp) {
if (!preg_match($pregexpr, $argument)) { if (!preg_match($pregexpr, $argument)) {
/* Bug in php preg_match doesn't work correct with utf8 */ /* Bug in php preg_match doesn't work correct with utf8 */
setlocale(LC_ALL, $language); setlocale(LC_ALL, $language);
// workaround for buggy PHP with Turkish
if (($language == 'tr_TR.utf8') && (version_compare(phpversion(), '5.5') < 0)) {
setlocale(LC_CTYPE, 'en_GB');
}
return true; return true;
} }
/* Bug in php preg_match doesn't work correct with utf8 */ /* Bug in php preg_match doesn't work correct with utf8 */
setlocale(LC_ALL, $language); setlocale(LC_ALL, $language);
// workaround for buggy PHP with Turkish
if (($language == 'tr_TR.utf8') && (version_compare(phpversion(), '5.5') < 0)) {
setlocale(LC_CTYPE, 'en_GB');
}
return false; return false;
} }

View File

@ -36,8 +36,8 @@ include_once("../lib/status.inc");
/** config */ /** config */
include_once("../lib/config.inc"); include_once("../lib/config.inc");
// check if PHP >= 5.4.0 // check if PHP >= 5.6.0
if (version_compare(phpversion(), '5.4.0') < 0) { if (version_compare(phpversion(), '5.6.0') < 0) {
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\n\n"; echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\n\n";
echo "<html>\n<head>\n"; echo "<html>\n<head>\n";
echo "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">\n"; echo "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">\n";
@ -47,7 +47,7 @@ if (version_compare(phpversion(), '5.4.0') < 0) {
echo "<link rel=\"icon\" href=\"../graphics/logo136.png\">\n"; echo "<link rel=\"icon\" href=\"../graphics/logo136.png\">\n";
echo "<title>LDAP Account Manager</title>\n"; echo "<title>LDAP Account Manager</title>\n";
echo "</head><body>\n"; echo "</head><body>\n";
StatusMessage("ERROR", "LAM needs a PHP 5 version which is greater or equal than 5.4.0.", "Please upgrade your PHP installation. The found version is " . phpversion()); StatusMessage("ERROR", "LAM needs a PHP 5 version which is greater or equal than 5.6.0.", "Please upgrade your PHP installation. The found version is " . phpversion());
echo "<br><br>"; echo "<br><br>";
echo "</body></html>"; echo "</body></html>";
exit(); exit();

View File

@ -73,10 +73,6 @@ function setlanguage() {
} }
putenv("LANG=" . $code); // e.g. LANG=de_DE putenv("LANG=" . $code); // e.g. LANG=de_DE
setlocale(LC_ALL, $code); // set LC_ALL setlocale(LC_ALL, $code); // set LC_ALL
// workaround for buggy PHP with Turkish
if (($code == 'tr_TR.utf8') && (version_compare(phpversion(), '5.5') < 0)) {
setlocale(LC_CTYPE, 'en_GB');
}
$locdir = substr(__FILE__, 0, strlen(__FILE__) - 15) . "/locale"; // set path to translations $locdir = substr(__FILE__, 0, strlen(__FILE__) - 15) . "/locale"; // set path to translations
bindtextdomain("messages", $locdir); bindtextdomain("messages", $locdir);
bind_textdomain_codeset("messages", $encoding); bind_textdomain_codeset("messages", $encoding);

View File

@ -1,129 +0,0 @@
<?php
/*
$Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2004 - 2016 Roland Gruber
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/**
* This file includes functions to control lamdaemon.
*
* @author Tilo Lutz
* @author Roland Gruber
* @author Thomas Manninger
*
* @package modules
*/
/**
* Sends commands to lamdaemon script.
*
* @param array $command command to execute
* @param string $server remote server
* @return array Output of lamdaemon
*
*/
function lamdaemon($command, $server) {
if ($server == '') {
return array();
}
// add phpseclib to include path
set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/3rdParty/phpseclib');
include_once('Net/SSH2.php');
try {
$handle = lamConnectSSH($server);
}
catch (Exception $e) {
return array("ERROR," . $e->getMessage() . "," . $server);
}
$output = $handle->exec("sudo " . $_SESSION['config']->get_scriptPath() . ' ' . escapeshellarg($command));
return array($output);
}
/**
* Connects to the given SSH server.
*
* @param String $server server name (e.g. localhost or localhost,1234)
* @return object handle
*/
function lamConnectSSH($server) {
// add phpseclib to include path
set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/3rdParty/phpseclib');
include_once('Net/SSH2.php');
include_once('Crypt/RSA.php');
$serverNameParts = explode(",", $server);
$handle = false;
if (sizeof($serverNameParts) > 1) {
$handle = @new Net_SSH2($serverNameParts[0], $serverNameParts[1]);
}
else {
$handle = @new Net_SSH2($server);
}
if (!$handle) {
throw new Exception(_("Unable to connect to remote server!"));
}
lamLoginSSH($handle);
return $handle;
}
/**
* Performs a login to the provided SSH handle.
*
* @param handle $handle SSH handle
* @throws Exception login failed
*/
function lamLoginSSH($handle) {
$username = $_SESSION['config']->getScriptUserName();
$credentials = $_SESSION['ldap']->decrypt_login();
if (empty($username)) {
// get user name from current LAM user
$sr = @ldap_read($_SESSION['ldap']->server(), $credentials[0], "objectClass=posixAccount", array('uid'), 0, 0, 0, LDAP_DEREF_NEVER);
if ($sr) {
$entry = @ldap_get_entries($_SESSION['ldap']->server(), $sr);
$username = $entry[0]['uid'][0];
}
if (empty($username)) {
throw new Exception(sprintf(_("Your LAM admin user (%s) must be a valid Unix account to work with lamdaemon!"), getAbstractDN($credentials[0])));
}
}
$password = $credentials[1];
$keyPath = $_SESSION['config']->getScriptSSHKey();
if (!empty($keyPath)) {
// use key authentication
if (!file_exists($keyPath) || !is_readable($keyPath)) {
throw new Exception(sprintf(_("Unable to read %s."), htmlspecialchars($keyPath)));
}
$key = file_get_contents($keyPath);
$rsa = new Crypt_RSA();
$keyPassword = $_SESSION['config']->getScriptSSHKeyPassword();
if (!empty($keyPassword)) {
$rsa->setPassword($keyPassword);
}
if (!$rsa->loadKey($key)) {
throw new Exception(sprintf(_("Unable to load key %s."), htmlspecialchars($keyPath)));
}
$password = $rsa;
}
$login = @$handle->login($username, $password);
if (!$login) {
throw new Exception(_("Unable to login to remote server!"));
}
}
?>

View File

@ -45,8 +45,8 @@ include_once("account.inc");
include_once("baseModule.inc"); include_once("baseModule.inc");
/** access to LDAP server */ /** access to LDAP server */
include_once("ldap.inc"); include_once("ldap.inc");
/** lamdaemon functions */ /** remote functions */
include_once("lamdaemon.inc"); include_once("remote.inc");
/** security functions */ /** security functions */
include_once("security.inc"); include_once("security.inc");
/** meta HTML classes */ /** meta HTML classes */
@ -532,10 +532,12 @@ function buildUploadAccounts($type, $data, $ids, $selectedModules) {
} }
} }
if (sizeof($errors) > 0) { if (sizeof($errors) > 0) {
for ($i = 0; (($i < sizeof($errors)) || ($i > 49)); $i++) call_user_func_array("StatusMessage", $errors[$i]); for ($i = 0; (($i < sizeof($errors)) || ($i > 49)); $i++) {
call_user_func_array("StatusMessage", $errors[$i]);
}
return false; return false;
} }
else return $partialAccounts; return $partialAccounts;
} }
/** /**

View File

@ -475,7 +475,7 @@ class courierMailAccount extends baseModule {
'description' => _('Home directory'), 'description' => _('Home directory'),
'help' => 'homeDirectory', 'help' => 'homeDirectory',
'example' => _('/home/smiller'), 'example' => _('/home/smiller'),
'required' => 'true' 'required' => true
); );
} }
return $return; return $return;

View File

@ -248,7 +248,7 @@ By default, the nodes are configured as H-Nodes which fits for small networks. I
'help' => 'subnet', 'help' => 'subnet',
'example' => '192.168.10.0', 'example' => '192.168.10.0',
'required' => true, 'required' => true,
'unique' => 'true' 'unique' => true
), ),
array( array(
'name' => 'dhcp_settings_domainName', 'name' => 'dhcp_settings_domainName',

View File

@ -161,7 +161,7 @@ class eduPerson extends baseModule {
'description' => _('Principal name'), 'description' => _('Principal name'),
'help' => 'eduPersonPrincipalName', 'help' => 'eduPersonPrincipalName',
'example' => _('user@company.com'), 'example' => _('user@company.com'),
'unique' => 'true' 'unique' => true
), ),
array( array(
'name' => 'eduPerson_primaryAffiliation', 'name' => 'eduPerson_primaryAffiliation',

View File

@ -32,7 +32,7 @@ $Id$
* *
* @package modules * @package modules
*/ */
class kolabSharedFolder extends baseModule { // TODO folder type class kolabSharedFolder extends baseModule {
/** cache for mailHost values */ /** cache for mailHost values */
private $mailHostCache = null; private $mailHostCache = null;
@ -49,7 +49,6 @@ class kolabSharedFolder extends baseModule { // TODO folder type
// call parent constructor // call parent constructor
parent::__construct($scope); parent::__construct($scope);
$this->folderTypes = array( $this->folderTypes = array(
// TODO reactivate types when stable 3.1 is released
/*_('Shared address book') => 'addressbook', /*_('Shared address book') => 'addressbook',
_('Shared calendar') => 'calendar', _('Shared calendar') => 'calendar',
_('Shared journal') => 'journal', _('Shared journal') => 'journal',

View File

@ -186,10 +186,8 @@ class posixAccount extends baseModule implements passwordService {
$loginShellsHelp = new htmlHelpLink('loginShells', get_class($this)); $loginShellsHelp = new htmlHelpLink('loginShells', get_class($this));
$loginShellsHelp->alignment = htmlElement::ALIGN_TOP; $loginShellsHelp->alignment = htmlElement::ALIGN_TOP;
$selfServiceContainer->addElement($loginShellsHelp, true); $selfServiceContainer->addElement($loginShellsHelp, true);
if (version_compare(phpversion(), '5.4.26') >= 0) { $selfServiceContainer->addElement(new htmlTableExtendedInputCheckbox('posixAccount_useOldPwd', false, _('Password change with old password')));
$selfServiceContainer->addElement(new htmlTableExtendedInputCheckbox('posixAccount_useOldPwd', false, _('Password change with old password'))); $selfServiceContainer->addElement(new htmlHelpLink('useOldPwd', get_class($this)), true);
$selfServiceContainer->addElement(new htmlHelpLink('useOldPwd', get_class($this)), true);
}
$return['selfServiceSettings'] = $selfServiceContainer; $return['selfServiceSettings'] = $selfServiceContainer;
} }
// profile checks // profile checks
@ -734,7 +732,9 @@ class posixAccount extends baseModule implements passwordService {
elseif (!in_array($temp[0], $this->lamdaemonServers)) { elseif (!in_array($temp[0], $this->lamdaemonServers)) {
continue; continue;
} }
$result = lamdaemon( $remote = new \LAM\REMOTE\Remote();
$remote->connect($server);
$result = $remote->execute(
implode( implode(
self::$SPLIT_DELIMITER, self::$SPLIT_DELIMITER,
array( array(
@ -745,11 +745,11 @@ class posixAccount extends baseModule implements passwordService {
"0".$_SESSION['config']->get_scriptRights(), "0".$_SESSION['config']->get_scriptRights(),
$this->attributes['uidNumber'][0], $this->attributes['uidNumber'][0],
$this->attributes['gidNumber'][0]) $this->attributes['gidNumber'][0])
), ));
$server); $remote->disconnect();
// lamdaemon results // lamdaemon results
if (is_array($result)) { if (!empty($result)) {
$singleresult = explode(",", $result[0]); $singleresult = explode(",", $result);
if (($singleresult[0] == 'ERROR') || ($singleresult[0] == 'INFO') || ($singleresult[0] == 'WARN')) { if (($singleresult[0] == 'ERROR') || ($singleresult[0] == 'INFO') || ($singleresult[0] == 'WARN')) {
$messages[] = $singleresult; $messages[] = $singleresult;
} }
@ -769,7 +769,9 @@ class posixAccount extends baseModule implements passwordService {
} }
$temp = explode(":", $lamdaemonServers[$i]); $temp = explode(":", $lamdaemonServers[$i]);
$server = $temp[0]; $server = $temp[0];
$result = lamdaemon( $remote = new \LAM\REMOTE\Remote();
$remote->connect($server);
$result = $remote->execute(
implode( implode(
self::$SPLIT_DELIMITER, self::$SPLIT_DELIMITER,
array( array(
@ -779,11 +781,11 @@ class posixAccount extends baseModule implements passwordService {
$this->orig[$homeDirAttr][0], $this->orig[$homeDirAttr][0],
$this->attributes['uidNumber'][0], $this->attributes['uidNumber'][0],
$this->attributes[$homeDirAttr][0]) $this->attributes[$homeDirAttr][0])
), ));
$server); $remote->disconnect();
// lamdaemon results // lamdaemon results
if (is_array($result)) { if (!empty($result)) {
$singleresult = explode(",", $result[0]); $singleresult = explode(",", $result);
if (($singleresult[0] == 'ERROR') || ($singleresult[0] == 'INFO') || ($singleresult[0] == 'WARN')) { if (($singleresult[0] == 'ERROR') || ($singleresult[0] == 'INFO') || ($singleresult[0] == 'WARN')) {
$messages[] = $singleresult; $messages[] = $singleresult;
} }
@ -800,7 +802,9 @@ class posixAccount extends baseModule implements passwordService {
} }
$temp = explode(":", $lamdaemonServers[$i]); $temp = explode(":", $lamdaemonServers[$i]);
$server = $temp[0]; $server = $temp[0];
$result = lamdaemon( $remote = new \LAM\REMOTE\Remote();
$remote->connect($server);
$result = $remote->execute(
implode( implode(
self::$SPLIT_DELIMITER, self::$SPLIT_DELIMITER,
array( array(
@ -810,11 +814,11 @@ class posixAccount extends baseModule implements passwordService {
$this->orig[$homeDirAttr][0], $this->orig[$homeDirAttr][0],
$this->attributes['uidNumber'][0], $this->attributes['uidNumber'][0],
$this->attributes['gidNumber'][0]) $this->attributes['gidNumber'][0])
), ));
$server); $remote->disconnect();
// lamdaemon results // lamdaemon results
if (is_array($result)) { if (!empty($result)) {
$singleresult = explode(",", $result[0]); $singleresult = explode(",", $result);
if (($singleresult[0] == 'ERROR') || ($singleresult[0] == 'INFO') || ($singleresult[0] == 'WARN')) { if (($singleresult[0] == 'ERROR') || ($singleresult[0] == 'INFO') || ($singleresult[0] == 'WARN')) {
$messages[] = $singleresult; $messages[] = $singleresult;
} }
@ -937,7 +941,9 @@ class posixAccount extends baseModule implements passwordService {
} }
// try to delete directory on all servers // try to delete directory on all servers
for ($i = 0; $i < sizeof($lamdaemonServers); $i++) { for ($i = 0; $i < sizeof($lamdaemonServers); $i++) {
$result = lamdaemon( $remote = new \LAM\REMOTE\Remote();
$remote->connect($lamdaemonServers[$i]);
$result = $remote->execute(
implode( implode(
self::$SPLIT_DELIMITER, self::$SPLIT_DELIMITER,
array( array(
@ -947,16 +953,14 @@ class posixAccount extends baseModule implements passwordService {
$this->attributes[$homeDirAttr][0], $this->attributes[$homeDirAttr][0],
$this->attributes['uidNumber'][0] $this->attributes['uidNumber'][0]
) )
), ));
$lamdaemonServers[$i]); $remote->disconnect();
// lamdaemon results // lamdaemon results
if (is_array($result)) { if (!empty($result)) {
foreach ($result as $singleresult) { $singleresult = explode(",", $result);
$singleresult = explode(",", $singleresult); if (is_array($singleresult)) {
if (is_array($singleresult)) { if (($singleresult[0] == 'ERROR') || ($singleresult[0] == 'WARN') || ($singleresult[0] == 'INFO')) {
if (($singleresult[0] == 'ERROR') || ($singleresult[0] == 'WARN') || ($singleresult[0] == 'INFO')) { $return[] = $singleresult;
$return[] = $singleresult;
}
} }
} }
} }
@ -1272,7 +1276,9 @@ class posixAccount extends baseModule implements passwordService {
$temp = explode(":", $lamdaemonServers[$i]); $temp = explode(":", $lamdaemonServers[$i]);
$server = $temp[0]; $server = $temp[0];
if (isset($_POST['form_subpage_' . get_class($this) . '_homedir_create_' . $i])) { if (isset($_POST['form_subpage_' . get_class($this) . '_homedir_create_' . $i])) {
$result = lamdaemon( $remote = new \LAM\REMOTE\Remote();
$remote->connect($server);
$result = $remote->execute(
implode( implode(
self::$SPLIT_DELIMITER, self::$SPLIT_DELIMITER,
array( array(
@ -1283,22 +1289,22 @@ class posixAccount extends baseModule implements passwordService {
"0".$_SESSION['config']->get_scriptRights(), "0".$_SESSION['config']->get_scriptRights(),
$this->attributes['uidNumber'][0], $this->attributes['uidNumber'][0],
$this->attributes['gidNumber'][0]) $this->attributes['gidNumber'][0])
), ));
$server); $remote->disconnect();
// lamdaemon results // lamdaemon results
if (is_array($result)) { if (!empty($result)) {
foreach ($result as $singleresult) { $singleresult = explode(",", $result);
$singleresult = explode(",", $singleresult); if (is_array($singleresult)) {
if (is_array($singleresult)) { if (($singleresult[0] == 'ERROR') || ($singleresult[0] == 'WARN') || ($singleresult[0] == 'INFO')) {
if (($singleresult[0] == 'ERROR') || ($singleresult[0] == 'WARN') || ($singleresult[0] == 'INFO')) { $return[] = $singleresult;
$return[] = $singleresult;
}
} }
} }
} }
} }
elseif (isset($_POST['form_subpage_' . get_class($this) . '_homedir_delete_' . $i])) { elseif (isset($_POST['form_subpage_' . get_class($this) . '_homedir_delete_' . $i])) {
$result = lamdaemon( $remote = new \LAM\REMOTE\Remote();
$remote->connect($server);
$result = $remote->execute(
implode( implode(
self::$SPLIT_DELIMITER, self::$SPLIT_DELIMITER,
array( array(
@ -1308,16 +1314,14 @@ class posixAccount extends baseModule implements passwordService {
$this->attributes[$homeDirAttr][0], $this->attributes[$homeDirAttr][0],
$this->attributes['uidNumber'][0] $this->attributes['uidNumber'][0]
) )
), ));
$server); $remote->disconnect();
// lamdaemon results // lamdaemon results
if (is_array($result)) { if (!empty($result)) {
foreach ($result as $singleresult) { $singleresult = explode(",", $result);
$singleresult = explode(",", $singleresult); if (is_array($singleresult)) {
if (is_array($singleresult)) { if (($singleresult[0] == 'ERROR') || ($singleresult[0] == 'WARN') || ($singleresult[0] == 'INFO')) {
if (($singleresult[0] == 'ERROR') || ($singleresult[0] == 'WARN') || ($singleresult[0] == 'INFO')) { $return[] = $singleresult;
$return[] = $singleresult;
}
} }
} }
} }
@ -1662,7 +1666,9 @@ class posixAccount extends baseModule implements passwordService {
if (isset($temp[1])) { if (isset($temp[1])) {
$label = $temp[1]; $label = $temp[1];
} }
$result = lamdaemon( $remote = new \LAM\REMOTE\Remote();
$remote->connect($server);
$result = $remote->execute(
implode( implode(
self::$SPLIT_DELIMITER, self::$SPLIT_DELIMITER,
array( array(
@ -1670,11 +1676,11 @@ class posixAccount extends baseModule implements passwordService {
"home", "home",
"check", "check",
$this->attributes[$homeDirAttr][0]) $this->attributes[$homeDirAttr][0])
), ));
$server); $remote->disconnect();
// lamdaemon results // lamdaemon results
if (is_array($result)) { if (!empty($result)) {
$returnValue = trim($result[0]); $returnValue = trim($result);
if ($returnValue == 'ok') { if ($returnValue == 'ok') {
$homeServerContainer->addElement(new htmlOutputText($label)); $homeServerContainer->addElement(new htmlOutputText($label));
$homeServerContainer->addElement(new htmlSpacer('5px', null)); $homeServerContainer->addElement(new htmlSpacer('5px', null));
@ -2533,7 +2539,9 @@ class posixAccount extends baseModule implements passwordService {
// create home directories // create home directories
elseif ($temp['counter'] < (sizeof($temp['groups']) + sizeof($temp['createHomes']))) { elseif ($temp['counter'] < (sizeof($temp['groups']) + sizeof($temp['createHomes']))) {
$pos = $temp['createHomes'][$temp['counter'] - sizeof($temp['groups'])]; $pos = $temp['createHomes'][$temp['counter'] - sizeof($temp['groups'])];
$result = lamdaemon( $remote = new \LAM\REMOTE\Remote();
$remote->connect($data[$pos][$ids['posixAccount_createHomeDir']]);
$result = $remote->execute(
implode( implode(
self::$SPLIT_DELIMITER, self::$SPLIT_DELIMITER,
array( array(
@ -2545,11 +2553,11 @@ class posixAccount extends baseModule implements passwordService {
$accounts[$pos]['uidNumber'], $accounts[$pos]['uidNumber'],
$accounts[$pos]['gidNumber'], $accounts[$pos]['gidNumber'],
) )
), ));
$data[$pos][$ids['posixAccount_createHomeDir']]); $remote->disconnect();
$errors = array(); $errors = array();
if (($result != false) && (sizeof($result) == 1)) { if (!empty($result)) {
$parts = explode(",", $result[0]); $parts = explode(",", $result);
if (in_array($parts[0], array('ERROR', 'WARN'))) { if (in_array($parts[0], array('ERROR', 'WARN'))) {
$errors[] = $parts; $errors[] = $parts;
} }

View File

@ -186,11 +186,14 @@ class quota extends baseModule {
$temp = explode(":", $lamdaemonServers[$s]); $temp = explode(":", $lamdaemonServers[$s]);
$server = $temp[0]; $server = $temp[0];
// get quotas // get quotas
$quotas = lamdaemon(implode(quota::$SPLIT_DELIMITER, array($userName, "quota", "get", $this->get_scope())), $server); $remote = new \LAM\REMOTE\Remote();
$remote->connect($server);
$quotas = $remote->execute(implode(quota::$SPLIT_DELIMITER, array($userName, "quota", "get", $this->get_scope())));
$remote->disconnect();
if (sizeof($quotas) == 0) { if (sizeof($quotas) == 0) {
continue; continue;
} }
$allQuotas = explode(":", $quotas[0]); $allQuotas = explode(":", $quotas);
array_pop($allQuotas); // remove empty element at the end array_pop($allQuotas); // remove empty element at the end
for ($i = 0; $i < sizeof($allQuotas); $i++) { for ($i = 0; $i < sizeof($allQuotas); $i++) {
if (strpos($allQuotas[$i], quota::$QUOTA_PREFIX) !== 0) continue; if (strpos($allQuotas[$i], quota::$QUOTA_PREFIX) !== 0) continue;
@ -280,7 +283,10 @@ class quota extends baseModule {
$quotastring = $quotastring . $this->quota[$server][$i][0] . ',' . $this->quota[$server][$i][2] . ',' . $this->quota[$server][$i][3] $quotastring = $quotastring . $this->quota[$server][$i][0] . ',' . $this->quota[$server][$i][2] . ',' . $this->quota[$server][$i][3]
. ',' . $this->quota[$server][$i][6] . ',' . $this->quota[$server][$i][7] . ':'; . ',' . $this->quota[$server][$i][6] . ',' . $this->quota[$server][$i][7] . ':';
} }
lamdaemon(implode(quota::$SPLIT_DELIMITER, array($id, "quota", "set", $this->get_scope(), "$quotastring\n")), $server); $remote = new \LAM\REMOTE\Remote();
$remote->connect($server);
$remote->execute(implode(quota::$SPLIT_DELIMITER, array($id, "quota", "set", $this->get_scope(), "$quotastring\n")));
$remote->disconnect();
} }
return $messages; return $messages;
} }
@ -319,7 +325,10 @@ class quota extends baseModule {
$quotastring = $quotastring . $this->quota[$server][$i][0] . ',0,0,0,0:'; $quotastring = $quotastring . $this->quota[$server][$i][0] . ',0,0,0,0:';
$i++; $i++;
} }
lamdaemon(implode(quota::$SPLIT_DELIMITER, array($id, "quota", "set", $this->get_scope(), "$quotastring\n")), $server); $remote = new \LAM\REMOTE\Remote();
$remote->connect($server);
$remote->execute(implode(quota::$SPLIT_DELIMITER, array($id, "quota", "set", $this->get_scope(), "$quotastring\n")));
$remote->disconnect();
} }
return array(); return array();
} }
@ -483,11 +492,14 @@ class quota extends baseModule {
$description = $temp[1] . ' (' . $temp[0] . ')'; $description = $temp[1] . ' (' . $temp[0] . ')';
} }
// Get quotas // Get quotas
$quotas = lamdaemon(implode(quota::$SPLIT_DELIMITER, array("+", "quota", "get", $this->get_scope())), $server); $remote = new \LAM\REMOTE\Remote();
if (sizeof($quotas) == 0) { $remote->connect($server);
$quotas = $remote->execute(implode(quota::$SPLIT_DELIMITER, array("+", "quota", "get", $this->get_scope())));
$remote->disconnect();
if (empty($quotas)) {
continue; continue;
} }
$dirs = explode(":", $quotas[0]); $dirs = explode(":", $quotas);
array_pop($dirs); // remove empty element at the end array_pop($dirs); // remove empty element at the end
for ($i = 0; $i < sizeof($dirs); $i++) { for ($i = 0; $i < sizeof($dirs); $i++) {
if (strpos($dirs[$i], quota::$QUOTA_PREFIX) !== 0) { if (strpos($dirs[$i], quota::$QUOTA_PREFIX) !== 0) {
@ -556,8 +568,11 @@ class quota extends baseModule {
$server = $temp[0]; $server = $temp[0];
$id = $this->replaceSpecialChars($server); $id = $this->replaceSpecialChars($server);
// Get quotas // Get quotas
$quotas = lamdaemon(implode(quota::$SPLIT_DELIMITER, array("+", "quota", "get", $this->get_scope())), $server); $remote = new \LAM\REMOTE\Remote();
$dirs = explode(":", $quotas[0]); $remote->connect($server);
$quotas = $remote->execute(implode(quota::$SPLIT_DELIMITER, array("+", "quota", "get", $this->get_scope())));
$remote->disconnect();
$dirs = explode(":", $quotas);
array_pop($dirs); // remove empty element at the end array_pop($dirs); // remove empty element at the end
for ($i = 0; $i < sizeof($dirs); $i++) { for ($i = 0; $i < sizeof($dirs); $i++) {
if (strpos($dirs[$i], quota::$QUOTA_PREFIX) !== 0) { if (strpos($dirs[$i], quota::$QUOTA_PREFIX) !== 0) {
@ -669,8 +684,11 @@ class quota extends baseModule {
$temp = explode(":", $lamdaemonServers[$s]); $temp = explode(":", $lamdaemonServers[$s]);
$server = $temp[0]; $server = $temp[0];
// Get quotas // Get quotas
$quotas = lamdaemon(implode(quota::$SPLIT_DELIMITER, array("+", "quota", "get", $this->get_scope())), $server); $remote = new \LAM\REMOTE\Remote();
$dirs = explode(":", $quotas[0]); $remote->connect($server);
$quotas = $remote->execute(implode(quota::$SPLIT_DELIMITER, array("+", "quota", "get", $this->get_scope())));
$remote->disconnect();
$dirs = explode(":", $quotas);
array_pop($dirs); // remove empty element at the end array_pop($dirs); // remove empty element at the end
for ($i = 0; $i < sizeof($dirs); $i++) { for ($i = 0; $i < sizeof($dirs); $i++) {
if (strpos($dirs[$i], quota::$QUOTA_PREFIX) !== 0) { if (strpos($dirs[$i], quota::$QUOTA_PREFIX) !== 0) {
@ -786,13 +804,14 @@ class quota extends baseModule {
$dir = $mpParts[1]; $dir = $mpParts[1];
$quotaString = implode(quota::$SPLIT_DELIMITER, array($name, "quota", "set", $this->get_scope(), $dir . ',' . $quotaString = implode(quota::$SPLIT_DELIMITER, array($name, "quota", "set", $this->get_scope(), $dir . ',' .
implode(',', $temp['accounts'][$name][$mountPoints[$m]]) . "\n")); implode(',', $temp['accounts'][$name][$mountPoints[$m]]) . "\n"));
$result = lamdaemon($quotaString, $server); $remote = new \LAM\REMOTE\Remote();
if (is_array($result)) { $remote->connect($server);
for ($i = 0; $i < sizeof($result); $i++) { $result = $remote->execute($quotaString);
$parts = explode(",", $result); $remote->disconnect();
if ($parts[0] == 'ERROR') { if (!empty($result)) {
$errors[] = array('ERROR', $parts[1], $parts[2]); $parts = explode(",", $result);
} if ($parts[0] == 'ERROR') {
$errors[] = array('ERROR', $parts[1], $parts[2]);
} }
} }
} }

View File

@ -1,4 +1,5 @@
<?php <?php
/* /*
$Id$ $Id$
@ -64,7 +65,7 @@ class sambaSamAccount extends baseModule implements passwordService {
private $cachedGroupSIDList = null; private $cachedGroupSIDList = null;
/** cache for domain list */ /** cache for domain list */
private $cachedDomainList = null; private $cachedDomainList = null;
/** delimiter for lamdaemon commands */ /** delimiter for remote commands */
private static $SPLIT_DELIMITER = "###x##y##x###"; private static $SPLIT_DELIMITER = "###x##y##x###";
@ -1541,16 +1542,18 @@ class sambaSamAccount extends baseModule implements passwordService {
$return->addElement(new htmlSpacer(null, '10px'), true); $return->addElement(new htmlSpacer(null, '10px'), true);
$homeServerContainer = new htmlTable(); $homeServerContainer = new htmlTable();
$homeServerContainer->colspan = 5; $homeServerContainer->colspan = 5;
// get list of lamdaemon servers // get list of remote servers
$lamdaemonServers = explode(";", $_SESSION['config']->get_scriptServers()); $remoteServers = explode(";", $_SESSION['config']->get_scriptServers());
for ($i = 0; $i < sizeof($lamdaemonServers); $i++) { for ($i = 0; $i < sizeof($remoteServers); $i++) {
$temp = explode(":", $lamdaemonServers[$i]); $temp = explode(":", $remoteServers[$i]);
$server = $temp[0]; $server = $temp[0];
$label = $temp[0]; $label = $temp[0];
if (isset($temp[1])) { if (isset($temp[1])) {
$label = $temp[1]; $label = $temp[1];
} }
$result = lamdaemon( $remote = new \LAM\REMOTE\Remote();
$remote->connect($server);
$result = $remote->execute(
implode( implode(
self::$SPLIT_DELIMITER, self::$SPLIT_DELIMITER,
array( array(
@ -1558,11 +1561,11 @@ class sambaSamAccount extends baseModule implements passwordService {
"home", "home",
"check", "check",
$this->attributes['sambaProfilePath'][0]) $this->attributes['sambaProfilePath'][0])
), ));
$server); $remote->disconnect();
// lamdaemon results // remote command results
if (is_array($result)) { if (!empty($result)) {
$returnValue = trim($result[0]); $returnValue = trim($result);
if ($returnValue == 'ok') { if ($returnValue == 'ok') {
$homeServerContainer->addElement(new htmlOutputText($label)); $homeServerContainer->addElement(new htmlOutputText($label));
$homeServerContainer->addElement(new htmlSpacer('5px', null)); $homeServerContainer->addElement(new htmlSpacer('5px', null));
@ -1614,13 +1617,15 @@ class sambaSamAccount extends baseModule implements passwordService {
if (empty($uidNumber) || empty($gidNumber)) { if (empty($uidNumber) || empty($gidNumber)) {
return; return;
} }
// get list of lamdaemon servers // get list of remote servers
$lamdaemonServers = explode(";", $_SESSION['config']->get_scriptServers()); $remoteServers = explode(";", $_SESSION['config']->get_scriptServers());
for ($i = 0; $i < sizeof($lamdaemonServers); $i++) { for ($i = 0; $i < sizeof($remoteServers); $i++) {
$temp = explode(":", $lamdaemonServers[$i]); $temp = explode(":", $remoteServers[$i]);
$server = $temp[0]; $server = $temp[0];
if (isset($_POST['form_subpage_' . get_class($this) . '_homedir_create_' . $i])) { if (isset($_POST['form_subpage_' . get_class($this) . '_homedir_create_' . $i])) {
$result = lamdaemon( $remote = new \LAM\REMOTE\Remote();
$remote->connect($server);
$result = $remote->execute(
implode( implode(
self::$SPLIT_DELIMITER, self::$SPLIT_DELIMITER,
array( array(
@ -1631,22 +1636,22 @@ class sambaSamAccount extends baseModule implements passwordService {
"0".$_SESSION['config']->get_scriptRights(), "0".$_SESSION['config']->get_scriptRights(),
$uidNumber, $uidNumber,
$gidNumber) $gidNumber)
), ));
$server); $remote->disconnect();
// lamdaemon results // remote command results
if (is_array($result)) { if (!empty($result)) {
foreach ($result as $singleresult) { $singleresult = explode(",", $result);
$singleresult = explode(",", $singleresult); if (is_array($singleresult)) {
if (is_array($singleresult)) { if (($singleresult[0] == 'ERROR') || ($singleresult[0] == 'WARN') || ($singleresult[0] == 'INFO')) {
if (($singleresult[0] == 'ERROR') || ($singleresult[0] == 'WARN') || ($singleresult[0] == 'INFO')) { $return[] = $singleresult;
$return[] = $singleresult;
}
} }
} }
} }
} }
elseif (isset($_POST['form_subpage_' . get_class($this) . '_homedir_delete_' . $i])) { elseif (isset($_POST['form_subpage_' . get_class($this) . '_homedir_delete_' . $i])) {
$result = lamdaemon( $remote = new \LAM\REMOTE\Remote();
$remote->connect($server);
$result = $remote->execute(
implode( implode(
self::$SPLIT_DELIMITER, self::$SPLIT_DELIMITER,
array( array(
@ -1656,16 +1661,14 @@ class sambaSamAccount extends baseModule implements passwordService {
$this->attributes['sambaProfilePath'][0], $this->attributes['sambaProfilePath'][0],
$uidNumber $uidNumber
) )
), ));
$server); $remote->disconnect();
// lamdaemon results // remote command results
if (is_array($result)) { if (!empty($result)) {
foreach ($result as $singleresult) { $singleresult = explode(",", $result);
$singleresult = explode(",", $singleresult); if (is_array($singleresult)) {
if (is_array($singleresult)) { if (($singleresult[0] == 'ERROR') || ($singleresult[0] == 'WARN') || ($singleresult[0] == 'INFO')) {
if (($singleresult[0] == 'ERROR') || ($singleresult[0] == 'WARN') || ($singleresult[0] == 'INFO')) { $return[] = $singleresult;
$return[] = $singleresult;
}
} }
} }
} }

164
lam/lib/remote.inc Normal file
View File

@ -0,0 +1,164 @@
<?php
namespace LAM\REMOTE;
use \Exception;
use \phpseclib\Net\SSH2;
use \phpseclib\Crypt\RSA;
/*
$Id$
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
Copyright (C) 2017 Roland Gruber
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/**
* This file includes functions to control LAM remote executions.
*
* @author Roland Gruber
*
* @package modules
*/
/**
* Runs remote commands.
*
* @author Roland Gruber
*/
class Remote {
/** SSH2 server handle */
private $server = null;
/**
* Constructor, include SSH library.
*/
public function __construct() {
$this->includeSshLibrary();
}
/**
* Sends commands to remote script.
*
* @param string $command command to execute
* @return string output of remote script
*/
public function execute($command) {
if ($this->server == null) {
return array();
}
return $this->server->exec("sudo " . $_SESSION['config']->get_scriptPath() . ' ' . escapeshellarg($command));
}
/**
* Connects to the given SSH server.
*
* @param String $server server name (e.g. localhost or localhost,1234)
*/
public function connect($server) {
$serverNameParts = explode(",", $server);
$handle = false;
if (sizeof($serverNameParts) > 1) {
$handle = @new SSH2($serverNameParts[0], $serverNameParts[1]);
}
else {
$handle = @new SSH2($server);
}
if (!$handle) {
throw new Exception(_("Unable to connect to remote server!"));
}
$this->loginSSH($handle);
$this->server = $handle;
}
/**
* Closes the connection.
*/
public function disconnect() {
if ($this->server == null) {
return;
}
$this->server->disconnect();
}
/**
* Performs a login to the provided SSH handle.
*
* @param SSH2 $handle SSH handle
* @throws Exception login failed
*/
private function loginSSH($handle) {
$username = $_SESSION['config']->getScriptUserName();
$credentials = $_SESSION['ldap']->decrypt_login();
if (empty($username)) {
// get user name from current LAM user
$sr = @ldap_read($_SESSION['ldap']->server(), $credentials[0], "objectClass=posixAccount", array('uid'), 0, 0, 0, LDAP_DEREF_NEVER);
if ($sr) {
$entry = @ldap_get_entries($_SESSION['ldap']->server(), $sr);
$username = $entry[0]['uid'][0];
}
if (empty($username)) {
throw new Exception(sprintf(_("Your LAM admin user (%s) must be a valid Unix account to work with lamdaemon!"), getAbstractDN($credentials[0])));
}
}
$password = $credentials[1];
$keyPath = $_SESSION['config']->getScriptSSHKey();
if (!empty($keyPath)) {
// use key authentication
if (!file_exists($keyPath) || !is_readable($keyPath)) {
throw new Exception(sprintf(_("Unable to read %s."), htmlspecialchars($keyPath)));
}
$key = file_get_contents($keyPath);
$rsa = new RSA();
$keyPassword = $_SESSION['config']->getScriptSSHKeyPassword();
if (!empty($keyPassword)) {
$rsa->setPassword($keyPassword);
}
if (!$rsa->loadKey($key)) {
throw new Exception(sprintf(_("Unable to load key %s."), htmlspecialchars($keyPath)));
}
$password = $rsa;
}
$login = @$handle->login($username, $password);
if (!$login) {
throw new Exception(_("Unable to login to remote server!"));
}
}
/**
* Include the SSH files.
*/
private function includeSshLibrary() {
$prefix = dirname(__FILE__) . '/3rdParty/phpseclib/';
require_once($prefix . 'Crypt/Base.php');
require_once($prefix . 'Crypt/Blowfish.php');
require_once($prefix . 'Crypt/Hash.php');
require_once($prefix . 'Crypt/Random.php');
require_once($prefix . 'Crypt/RC4.php');
require_once($prefix . 'Crypt/Rijndael.php');
require_once($prefix . 'Crypt/AES.php');
require_once($prefix . 'Crypt/RSA.php');
require_once($prefix . 'Crypt/DES.php');
require_once($prefix . 'Crypt/TripleDES.php');
require_once($prefix . 'Crypt/Twofish.php');
require_once($prefix . 'Math/BigInteger.php');
require_once($prefix . 'System/SSH/Agent.php');
require_once($prefix . 'Net/SSH2.php');
}
}
?>

2
lam/po/.gitignore vendored
View File

@ -1,2 +1,2 @@
*.po *.po
*.tar.gz *.tar.gz

View File

@ -85,8 +85,8 @@ if (isset($_GET['DN'])) {
$result = $_SESSION['account']->load_account($DN); $result = $_SESSION['account']->load_account($DN);
if (sizeof($result) > 0) { if (sizeof($result) > 0) {
include '../main_header.php'; include '../main_header.php';
for ($i=0; $i<sizeof($result); $i++) { foreach ($result as $message) {
call_user_func_array("StatusMessage", $result[$i]); call_user_func_array("StatusMessage", $message);
} }
include '../main_footer.php'; include '../main_footer.php';
die(); die();
@ -107,14 +107,6 @@ else if (count($_POST)==0) {
$_SESSION['account']->new_account(); $_SESSION['account']->new_account();
} }
// remove double slashes if magic quotes are on
if (get_magic_quotes_gpc() == 1) {
$postKeys = array_keys($_POST);
for ($i = 0; $i < sizeof($postKeys); $i++) {
if (is_string($_POST[$postKeys[$i]])) $_POST[$postKeys[$i]] = stripslashes($_POST[$postKeys[$i]]);
}
}
// show account page // show account page
$_SESSION['account']->continue_main(); $_SESSION['account']->continue_main();

View File

@ -625,13 +625,6 @@ function checkInput() {
$conf = &$_SESSION['conf_config']; $conf = &$_SESSION['conf_config'];
$types = $conf->get_ActiveTypes(); $types = $conf->get_ActiveTypes();
// remove double slashes if magic quotes are on
if (get_magic_quotes_gpc() == 1) {
$postKeys = array_keys($_POST);
for ($i = 0; $i < sizeof($postKeys); $i++) {
if (is_string($_POST[$postKeys[$i]])) $_POST[$postKeys[$i]] = stripslashes($_POST[$postKeys[$i]]);
}
}
// check new preferences // check new preferences
$errors = array(); $errors = array();
if (!$conf->set_ServerURL($_POST['serverurl'])) { if (!$conf->set_ServerURL($_POST['serverurl'])) {

View File

@ -90,13 +90,6 @@ $errors = array();
$messages = array(); $messages = array();
// check if submit button was pressed // check if submit button was pressed
if (isset($_POST['submitFormData'])) { if (isset($_POST['submitFormData'])) {
// remove double slashes if magic quotes are on
if (get_magic_quotes_gpc() == 1) {
$postKeys = array_keys($_POST);
for ($i = 0; $i < sizeof($postKeys); $i++) {
if (is_string($_POST[$postKeys[$i]])) $_POST[$postKeys[$i]] = stripslashes($_POST[$postKeys[$i]]);
}
}
// set master password // set master password
if (isset($_POST['masterpassword']) && ($_POST['masterpassword'] != "")) { if (isset($_POST['masterpassword']) && ($_POST['masterpassword'] != "")) {
if ($_POST['masterpassword'] && $_POST['masterpassword2'] && ($_POST['masterpassword'] == $_POST['masterpassword2'])) { if ($_POST['masterpassword'] && $_POST['masterpassword2'] && ($_POST['masterpassword'] == $_POST['masterpassword2'])) {

View File

@ -42,8 +42,8 @@ include_once('../lib/config.inc');
include_once('../lib/status.inc'); include_once('../lib/status.inc');
/** LDAP connection */ /** LDAP connection */
include_once('../lib/ldap.inc'); include_once('../lib/ldap.inc');
/** lamdaemon interface */ /** remote interface */
include_once('../lib/lamdaemon.inc'); include_once('../lib/remote.inc');
/** module interface */ /** module interface */
include_once('../lib/modules.inc'); include_once('../lib/modules.inc');
@ -105,7 +105,8 @@ if (isset($_GET['type']) && isset($_SESSION['delete_dn'])) {
echo "<b>" . _("Do you really want to remove the following accounts?") . "</b>"; echo "<b>" . _("Do you really want to remove the following accounts?") . "</b>";
echo "<br><br>\n"; echo "<br><br>\n";
echo "<table border=0>\n"; echo "<table border=0>\n";
for ($i=0; $i<count($users); $i++) { $userCount = sizeof($users);
for ($i = 0; $i < $userCount; $i++) {
echo "<tr>\n"; echo "<tr>\n";
echo "<td><b>" . _("Account name:") . "</b> " . htmlspecialchars($users[$i]) . "</td>\n"; echo "<td><b>" . _("Account name:") . "</b> " . htmlspecialchars($users[$i]) . "</td>\n";
echo "<td>&nbsp;&nbsp;<b>" . _('DN') . ":</b> " . htmlspecialchars($_SESSION['delete_dn'][$i]) . "</td>\n"; echo "<td>&nbsp;&nbsp;<b>" . _('DN') . ":</b> " . htmlspecialchars($_SESSION['delete_dn'][$i]) . "</td>\n";
@ -173,11 +174,11 @@ if (isset($_POST['delete'])) {
// Delete dns // Delete dns
$allOk = true; $allOk = true;
$allErrors = array(); $allErrors = array();
for ($m=0; $m<count($_SESSION['delete_dn']); $m++) { foreach ($_SESSION['delete_dn'] as $deleteDN) {
// Set to true if an real error has happened // Set to true if an real error has happened
$stopprocessing = false; $stopprocessing = false;
// First load DN. // First load DN.
$_SESSION['account']->load_account($_SESSION['delete_dn'][$m]); $_SESSION['account']->load_account($deleteDN);
// get commands and changes of each attribute // get commands and changes of each attribute
$moduleNames = array_keys($_SESSION['account']->getAccountModules()); $moduleNames = array_keys($_SESSION['account']->getAccountModules());
$modules = $_SESSION['account']->getAccountModules(); $modules = $_SESSION['account']->getAccountModules();
@ -188,13 +189,13 @@ if (isset($_POST['delete'])) {
foreach ($moduleNames as $singlemodule) { foreach ($moduleNames as $singlemodule) {
$success = true; $success = true;
$messages = $modules[$singlemodule]->preDeleteActions(); $messages = $modules[$singlemodule]->preDeleteActions();
for ($i = 0; $i < sizeof($messages); $i++) { foreach ($messages as $message) {
$errors[] = $messages[$i]; $errors[] = $message;
if ($messages[$i][0] == 'ERROR') { if ($message[0] == 'ERROR') {
$success = false; $success = false;
$allOk = false; $allOk = false;
} }
elseif ($messages[$i][0] == 'WARN') { elseif ($message[0] == 'WARN') {
$allOk = false; $allOk = false;
} }
} }
@ -213,20 +214,21 @@ if (isset($_POST['delete'])) {
// merge changes // merge changes
$DNs = array_keys($temp); $DNs = array_keys($temp);
$attributes = array_merge_recursive($temp, $attributes); $attributes = array_merge_recursive($temp, $attributes);
for ($i=0; $i<count($DNs); $i++) { foreach ($DNs as $dn) {
$ops = array_keys($temp[$DNs[$i]]); $ops = array_keys($temp[$dn]);
for ($j=0; $j<count($ops); $j++) { foreach ($ops as $op) {
$attrs = array_keys($temp[$DNs[$i]][$ops[$j]]); $attrs = array_keys($temp[$dn][$op]);
for ($k=0; $k<count($attrs); $k++) foreach ($attrs as $attribute) {
$attributes[$DNs[$i]][$ops[$j]][$attrs[$k]] = array_unique($attributes[$DNs[$i]][$ops[$j]][$attrs[$k]]); $attributes[$dn][$op][$attribute] = array_unique($attributes[$dn][$op][$attribute]);
}
} }
} }
} }
} }
$DNs = array_keys($attributes); $DNs = array_keys($attributes);
for ($i=0; $i<count($DNs); $i++) { foreach ($DNs as $dn) {
if (isset($attributes[$DNs[$i]]['errors'])) { if (isset($attributes[$dn]['errors'])) {
foreach ($attributes[$DNs[$i]]['errors'] as $singleerror) { foreach ($attributes[$dn]['errors'] as $singleerror) {
$errors[] = $singleerror; $errors[] = $singleerror;
if ($singleerror[0] == 'ERROR') { if ($singleerror[0] == 'ERROR') {
$stopprocessing = true; $stopprocessing = true;
@ -236,28 +238,28 @@ if (isset($_POST['delete'])) {
} }
if (!$stopprocessing) { if (!$stopprocessing) {
// modify attributes // modify attributes
if (isset($attributes[$DNs[$i]]['modify']) && !$stopprocessing) { if (isset($attributes[$dn]['modify']) && !$stopprocessing) {
$success = @ldap_mod_replace($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['modify']); $success = @ldap_mod_replace($_SESSION['ldap']->server(), $dn, $attributes[$dn]['modify']);
if (!$success) { if (!$success) {
$errors[] = array ('ERROR', sprintf(_('Was unable to modify attributes from DN: %s.'), $DNs[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server())); $errors[] = array ('ERROR', sprintf(_('Was unable to modify attributes from DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
$stopprocessing = true; $stopprocessing = true;
$allOk = false; $allOk = false;
} }
} }
// add attributes // add attributes
if (isset($attributes[$DNs[$i]]['add']) && !$stopprocessing) { if (isset($attributes[$dn]['add']) && !$stopprocessing) {
$success = @ldap_mod_add($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['add']); $success = @ldap_mod_add($_SESSION['ldap']->server(), $dn, $attributes[$dn]['add']);
if (!$success) { if (!$success) {
$errors[] = array ('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $DNs[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server())); $errors[] = array ('ERROR', sprintf(_('Was unable to add attributes to DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
$stopprocessing = true; $stopprocessing = true;
$allOk = false; $allOk = false;
} }
} }
// remove attributes // remove attributes
if (isset($attributes[$DNs[$i]]['remove']) && !$stopprocessing) { if (isset($attributes[$dn]['remove']) && !$stopprocessing) {
$success = @ldap_mod_del($_SESSION['ldap']->server(), $DNs[$i], $attributes[$DNs[$i]]['remove']); $success = @ldap_mod_del($_SESSION['ldap']->server(), $dn, $attributes[$dn]['remove']);
if (!$success) { if (!$success) {
$errors[] = array ('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $DNs[$i]), getDefaultLDAPErrorString($_SESSION['ldap']->server())); $errors[] = array ('ERROR', sprintf(_('Was unable to remove attributes from DN: %s.'), $dn), getDefaultLDAPErrorString($_SESSION['ldap']->server()));
$stopprocessing = true; $stopprocessing = true;
$allOk = false; $allOk = false;
} }
@ -267,7 +269,7 @@ if (isset($_POST['delete'])) {
} }
if (!$stopprocessing) { if (!$stopprocessing) {
$recursive = !$_SESSION['account']->hasOnlyVirtualChildren(); $recursive = !$_SESSION['account']->hasOnlyVirtualChildren();
$messages = deleteDN($_SESSION['delete_dn'][$m], $recursive); $messages = deleteDN($deleteDN, $recursive);
$errors = array_merge($errors, $messages); $errors = array_merge($errors, $messages);
if (sizeof($errors) > 0) { if (sizeof($errors) > 0) {
$stopprocessing = true; $stopprocessing = true;
@ -278,16 +280,16 @@ if (isset($_POST['delete'])) {
if (!$stopprocessing) { if (!$stopprocessing) {
foreach ($moduleNames as $singlemodule) { foreach ($moduleNames as $singlemodule) {
$messages = $modules[$singlemodule]->postDeleteActions(); $messages = $modules[$singlemodule]->postDeleteActions();
for ($i = 0; $i < sizeof($messages); $i++) { foreach ($messages as $message) {
$errors[] = $messages[$i]; $errors[] = $message;
if (($messages[$i][0] == 'ERROR') || ($messages[$i][0] == 'WARN')) { if (($message[0] == 'ERROR') || ($message[0] == 'WARN')) {
$allOk = false; $allOk = false;
} }
} }
} }
} }
if (!$stopprocessing) { if (!$stopprocessing) {
echo sprintf(_('Deleted DN: %s'), $_SESSION['delete_dn'][$m]) . "<br>\n"; echo sprintf(_('Deleted DN: %s'), $deleteDN) . "<br>\n";
foreach ($errors as $error) { foreach ($errors as $error) {
call_user_func_array('StatusMessage', $error); call_user_func_array('StatusMessage', $error);
} }
@ -295,7 +297,7 @@ if (isset($_POST['delete'])) {
flush(); flush();
} }
else { else {
echo sprintf(_('Error while deleting DN: %s'), $_SESSION['delete_dn'][$m]) . "<br>\n"; echo sprintf(_('Error while deleting DN: %s'), $deleteDN) . "<br>\n";
foreach ($errors as $error) { foreach ($errors as $error) {
call_user_func_array('StatusMessage', $error); call_user_func_array('StatusMessage', $error);
} }

View File

@ -54,19 +54,19 @@ if (!empty($_POST)) {
// check if user already pressed button // check if user already pressed button
if (isset($_POST['add_suff']) || isset($_POST['cancel'])) { if (isset($_POST['add_suff']) || isset($_POST['cancel'])) {
if (isset($_POST['add_suff'])) { if (isset($_POST['add_suff'])) {
$fail = array(); $failedDNs = array();
$errors = array(); $error = array();
$new_suff = $_POST['new_suff']; $newSuffixes = $_POST['new_suff'];
$new_suff = str_replace("\\", "", $new_suff); $newSuffixes = str_replace("\\", "", $newSuffixes);
$new_suff = str_replace("'", "", $new_suff); $newSuffixes = str_replace("'", "", $newSuffixes);
$new_suff = explode(";", $new_suff); $newSuffixes = explode(";", $newSuffixes);
// add entries // add entries
for ($i = 0; $i < sizeof($new_suff); $i++) { foreach ($newSuffixes as $newSuffix) {
// check if entry is already present // check if entry is already present
$info = @ldap_read($_SESSION['ldap']->server(), escapeDN($new_suff[$i]), "objectclass=*", array('dn'), 0, 0, 0, LDAP_DEREF_NEVER); $info = @ldap_read($_SESSION['ldap']->server(), escapeDN($newSuffix), "objectclass=*", array('dn'), 0, 0, 0, LDAP_DEREF_NEVER);
$res = @ldap_get_entries($_SESSION['ldap']->server(), $info); $res = @ldap_get_entries($_SESSION['ldap']->server(), $info);
if ($res) continue; if ($res) continue;
$suff = $new_suff[$i]; $suff = $newSuffix;
// generate DN and attributes // generate DN and attributes
$tmp = explode(",", $suff); $tmp = explode(",", $suff);
$name = explode("=", $tmp[0]); $name = explode("=", $tmp[0]);
@ -78,7 +78,7 @@ if (isset($_POST['add_suff']) || isset($_POST['cancel'])) {
$attr['objectClass'] = 'organization'; $attr['objectClass'] = 'organization';
$dn = $suff; $dn = $suff;
if (!@ldap_add($_SESSION['ldap']->server(), $dn, $attr)) { if (!@ldap_add($_SESSION['ldap']->server(), $dn, $attr)) {
$fail[] = $suff; $failedDNs[] = $suff;
$error[] = ldap_error($_SESSION['ldap']->server()); $error[] = ldap_error($_SESSION['ldap']->server());
continue; continue;
} }
@ -117,7 +117,7 @@ if (isset($_POST['add_suff']) || isset($_POST['cancel'])) {
$attr['ou'] = $headarray[1]; $attr['ou'] = $headarray[1];
$dn = $subsuffs[$k]; $dn = $subsuffs[$k];
if (!@ldap_add($_SESSION['ldap']->server(), $dn, $attr)) { if (!@ldap_add($_SESSION['ldap']->server(), $dn, $attr)) {
$fail[] = $suff; $failedDNs[] = $suff;
$error[] = ldap_error($_SESSION['ldap']->server()); $error[] = ldap_error($_SESSION['ldap']->server());
break; break;
} }
@ -132,7 +132,7 @@ if (isset($_POST['add_suff']) || isset($_POST['cancel'])) {
} }
$dn = $subsuffs[$k]; $dn = $subsuffs[$k];
if (!@ldap_add($_SESSION['ldap']->server(), $dn, $attr)) { if (!@ldap_add($_SESSION['ldap']->server(), $dn, $attr)) {
$fail[] = $suff; $failedDNs[] = $suff;
$error[] = ldap_error($_SESSION['ldap']->server()); $error[] = ldap_error($_SESSION['ldap']->server());
break; break;
} }
@ -141,7 +141,7 @@ if (isset($_POST['add_suff']) || isset($_POST['cancel'])) {
} }
} }
else { else {
$fail[] = $suff; $failedDNs[] = $suff;
$error[] = ldap_error($_SESSION['ldap']->server()); $error[] = ldap_error($_SESSION['ldap']->server());
} }
} }
@ -151,10 +151,10 @@ if (isset($_POST['add_suff']) || isset($_POST['cancel'])) {
include 'main_header.php'; include 'main_header.php';
// print error/success messages // print error/success messages
if (isset($_POST['add_suff'])) { if (isset($_POST['add_suff'])) {
if (sizeof($fail) > 0) { if (sizeof($failedDNs) > 0) {
// print error messages // print error messages
for ($i = 0; $i < sizeof($fail); $i++) { for ($i = 0; $i < sizeof($failedDNs); $i++) {
StatusMessage("ERROR", _("Failed to create entry!") . "<br>" . htmlspecialchars($error[$i]), htmlspecialchars($fail[$i])); StatusMessage("ERROR", _("Failed to create entry!") . "<br>" . htmlspecialchars($error[$i]), htmlspecialchars($failedDNs[$i]));
} }
include 'main_footer.php'; include 'main_footer.php';
} }
@ -173,10 +173,10 @@ if (isset($_POST['add_suff']) || isset($_POST['cancel'])) {
} }
// first show of page // first show of page
$new_suff = $_GET['suffs']; $newSuffixes = $_GET['suffs'];
$new_suff = str_replace("\\", "", $new_suff); $newSuffixes = str_replace("\\", "", $newSuffixes);
$new_suff = str_replace("'", "", $new_suff); $newSuffixes = str_replace("'", "", $newSuffixes);
$new_suff = explode(";", $new_suff); $newSuffixes = explode(";", $newSuffixes);
include 'main_header.php'; include 'main_header.php';
echo '<div class="user-bright smallPaddingContent">'; echo '<div class="user-bright smallPaddingContent">';
@ -186,15 +186,15 @@ include 'main_header.php';
$container->addElement(new htmlOutputText(_("You can setup the LDAP suffixes for all account types in your LAM server profile on tab \"Account types\".")), true); $container->addElement(new htmlOutputText(_("You can setup the LDAP suffixes for all account types in your LAM server profile on tab \"Account types\".")), true);
$container->addElement(new htmlSpacer(null, '10px'), true); $container->addElement(new htmlSpacer(null, '10px'), true);
// print missing suffixes // print missing suffixes
for ($i = 0; $i < sizeof($new_suff); $i++) { foreach ($newSuffixes as $newSuffix) {
$container->addElement(new htmlOutputText($new_suff[$i]), true); $container->addElement(new htmlOutputText($newSuffix), true);
} }
$container->addElement(new htmlSpacer(null, '10px'), true); $container->addElement(new htmlSpacer(null, '10px'), true);
$buttonContainer = new htmlTable(); $buttonContainer = new htmlTable();
$buttonContainer->addElement(new htmlButton('add_suff', _("Create"))); $buttonContainer->addElement(new htmlButton('add_suff', _("Create")));
$buttonContainer->addElement(new htmlButton('cancel', _("Cancel"))); $buttonContainer->addElement(new htmlButton('cancel', _("Cancel")));
$buttonContainer->addElement(new htmlHiddenInput('new_suff', implode(";", $new_suff))); $buttonContainer->addElement(new htmlHiddenInput('new_suff', implode(";", $newSuffixes)));
$container->addElement($buttonContainer); $container->addElement($buttonContainer);
addSecurityTokenToMetaHTML($container); addSecurityTokenToMetaHTML($container);

View File

@ -61,4 +61,4 @@ if (!isset($_SESSION['list_' . $type->getId()])) {
// show page // show page
$_SESSION['list_' . $type->getId()]->showPage(); $_SESSION['list_' . $type->getId()]->showPage();
?> ?>

View File

@ -177,7 +177,7 @@ $_SESSION['header'] .= "<meta http-equiv=\"pragma\" content=\"no-cache\">\n <me
* @param \LAM\ENV\LAMLicenseValidator $licenseValidator license validator * @param \LAM\ENV\LAMLicenseValidator $licenseValidator license validator
* @param string $error_message error message to display * @param string $error_message error message to display
*/ */
function display_LoginPage($config_object, $cfgMain, $licenseValidator, $error_message) { function display_LoginPage(LAMConfig $config_object, LAMCfgMain $cfgMain, $licenseValidator, $error_message) {
logNewMessage(LOG_DEBUG, "Display login page"); logNewMessage(LOG_DEBUG, "Display login page");
// generate 256 bit key and initialization vector for user/passwd-encryption // generate 256 bit key and initialization vector for user/passwd-encryption
if(function_exists('openssl_random_pseudo_bytes') && ($cfgMain->encryptSession == 'true')) { if(function_exists('openssl_random_pseudo_bytes') && ($cfgMain->encryptSession == 'true')) {
@ -582,9 +582,6 @@ if(!empty($_POST['checklogin'])) {
display_LoginPage($_SESSION['config'], $_SESSION["cfgMain"], $licenseValidator, $error_message); // Empty password submitted. Return to login page. display_LoginPage($_SESSION['config'], $_SESSION["cfgMain"], $licenseValidator, $error_message); // Empty password submitted. Return to login page.
exit(); exit();
} }
if (get_magic_quotes_gpc() == 1) {
$_POST['passwd'] = stripslashes($_POST['passwd']);
}
$username = $_POST['username']; $username = $_POST['username'];
$password = $_POST['passwd']; $password = $_POST['passwd'];
} }
@ -594,7 +591,7 @@ if(!empty($_POST['checklogin'])) {
$searchFilter = str_replace('%USER%', $username ,$searchFilter); $searchFilter = str_replace('%USER%', $username ,$searchFilter);
$searchDN = ''; $searchDN = '';
$searchPassword = ''; $searchPassword = '';
if (($_SESSION['config']->getLoginSearchDN() != null) && ($_SESSION['config']->getLoginSearchDN() != '')) { if (!empty($_SESSION['config']->getLoginSearchDN())) {
$searchDN = $_SESSION['config']->getLoginSearchDN(); $searchDN = $_SESSION['config']->getLoginSearchDN();
$searchPassword = $_SESSION['config']->getLoginSearchPassword(); $searchPassword = $_SESSION['config']->getLoginSearchPassword();
} }

View File

@ -1,4 +1,5 @@
<?php <?php
namespace LAM\AJAX;
/* /*
$Id$ $Id$
@ -47,18 +48,19 @@ if (startSecureSession(false, true) === false) {
setlanguage(); setlanguage();
lamAjax::handleRequest(); $ajax = new Ajax();
$ajax->handleRequest();
/** /**
* Manages all AJAX requests. * Manages all AJAX requests.
*/ */
class lamAjax { class Ajax {
/** /**
* Manages an AJAX request. * Manages an AJAX request.
*/ */
public static function handleRequest() { public function handleRequest() {
lamAjax::setHeader(); $this->setHeader();
// check token // check token
validateSecurityToken(false); validateSecurityToken(false);
@ -84,16 +86,16 @@ class lamAjax {
$jsonInput = $_POST['jsonInput']; $jsonInput = $_POST['jsonInput'];
if ($function == 'passwordStrengthCheck') { if ($function == 'passwordStrengthCheck') {
lamAjax::checkPasswordStrength($jsonInput); $this->checkPasswordStrength($jsonInput);
} }
enforceUserIsLoggedIn(); enforceUserIsLoggedIn();
if ($function == 'passwordChange') { if ($function == 'passwordChange') {
lamAjax::managePasswordChange($jsonInput); $this->managePasswordChange($jsonInput);
} }
elseif ($function == 'upload') { elseif ($function == 'upload') {
include_once('../../lib/upload.inc'); include_once('../../lib/upload.inc');
$typeManager = new \LAM\TYPES\TypeManager(); $typeManager = new \LAM\TYPES\TypeManager();
$uploader = new LAM\UPLOAD\Uploader($typeManager->getConfiguredType($_GET['typeId'])); $uploader = new \LAM\UPLOAD\Uploader($typeManager->getConfiguredType($_GET['typeId']));
ob_start(); ob_start();
$jsonOut = $uploader->doUpload(); $jsonOut = $uploader->doUpload();
ob_end_clean(); ob_end_clean();
@ -115,7 +117,7 @@ class lamAjax {
* *
* @param array $input input parameters * @param array $input input parameters
*/ */
public static function managePasswordChange($input) { private static function managePasswordChange($input) {
$return = $_SESSION['account']->setNewPassword($input); $return = $_SESSION['account']->setNewPassword($input);
echo json_encode($return); echo json_encode($return);
} }
@ -125,7 +127,7 @@ class lamAjax {
* *
* @param array $input input parameters * @param array $input input parameters
*/ */
public static function checkPasswordStrength($input) { private function checkPasswordStrength($input) {
$password = $input['password']; $password = $input['password'];
$result = checkPasswordStrength($password, null, null); $result = checkPasswordStrength($password, null, null);
echo json_encode(array("result" => $result)); echo json_encode(array("result" => $result));

View File

@ -81,7 +81,7 @@ if (isset($_POST['createOU']) || isset($_POST['deleteOU'])) {
// check if ou already exists // check if ou already exists
$new_dn = "ou=" . $_POST['newOU'] . "," . $_POST['parentOU']; $new_dn = "ou=" . $_POST['newOU'] . "," . $_POST['parentOU'];
$found = ldapGetDN($new_dn); $found = ldapGetDN($new_dn);
if ($found == null) { if ($found === null) {
// add new ou // add new ou
$ou = array(); $ou = array();
$ou['objectClass'] = "organizationalunit"; $ou['objectClass'] = "organizationalunit";

View File

@ -15,6 +15,7 @@ use \htmlInputFileUpload;
use \htmlHelpLink; use \htmlHelpLink;
use \htmlInputField; use \htmlInputField;
use \htmlHiddenInput; use \htmlHiddenInput;
use \LAM\TYPES\TypeManager;
/* /*
$Id$ $Id$
@ -89,7 +90,7 @@ if(isset($_POST['createNewTemplate'])) {
exit(); exit();
} }
$typeManager = new \LAM\TYPES\TypeManager(); $typeManager = new TypeManager();
$types = $typeManager->getConfiguredTypes(); $types = $typeManager->getConfiguredTypes();
$sortedTypes = array(); $sortedTypes = array();
foreach ($types as $type) { foreach ($types as $type) {
@ -141,7 +142,7 @@ if (!empty($_POST['import'])) {
} }
$errMessage = importStructures($_POST['typeId'], $options, $serverProfiles, $typeManager); $errMessage = importStructures($_POST['typeId'], $options, $serverProfiles, $typeManager);
} }
if ($errMessage != null) { if ($errMessage !== null) {
$errMessage->colspan = 10; $errMessage->colspan = 10;
$container->addElement($errMessage, true); $container->addElement($errMessage, true);
} }
@ -166,7 +167,7 @@ if (!empty($_POST['export'])) {
$name = $_POST['name_' . $typeId]; $name = $_POST['name_' . $typeId];
$errMessage = exportStructures($typeId, $name, $options, $serverProfiles, $typeManager); $errMessage = exportStructures($typeId, $name, $options, $serverProfiles, $typeManager);
} }
if ($errMessage != null) { if ($errMessage !== null) {
$errMessage->colspan = 10; $errMessage->colspan = 10;
$container->addElement($errMessage, true); $container->addElement($errMessage, true);
} }
@ -195,23 +196,18 @@ foreach ($sortedTypes as $typeId => $title) {
'scope' => $type->getScope(), 'scope' => $type->getScope(),
'title' => $title, 'title' => $title,
'icon' => $type->getIcon(), 'icon' => $type->getIcon(),
'templates' => ""); 'templates' => \LAM\PDF\getPDFStructures($type->getId()));
$availableTypes[$title] = $type->getId(); $availableTypes[$title] = $type->getId();
} }
// get list of templates for each account type
for ($i = 0; $i < sizeof($templateClasses); $i++) {
$templateClasses[$i]['templates'] = \LAM\PDF\getPDFStructures($templateClasses[$i]['typeId']);
}
// check if a template should be edited // check if a template should be edited
for ($i = 0; $i < sizeof($templateClasses); $i++) { foreach ($templateClasses as $templateClass) {
if (isset($_POST['editTemplate_' . $templateClasses[$i]['typeId']]) || isset($_POST['editTemplate_' . $templateClasses[$i]['typeId'] . '_x'])) { if (isset($_POST['editTemplate_' . $templateClass['typeId']]) || isset($_POST['editTemplate_' . $templateClass['typeId'] . '_x'])) {
metaRefresh('pdfpage.php?type=' . htmlspecialchars($templateClasses[$i]['typeId']) . '&edit=' . htmlspecialchars($_POST['template_' . $templateClasses[$i]['typeId']])); metaRefresh('pdfpage.php?type=' . htmlspecialchars($templateClass['typeId']) . '&edit=' . htmlspecialchars($_POST['template_' . $templateClass['typeId']]));
exit; exit;
} }
} }
include '../main_header.php'; include '../main_header.php';
?> ?>
<div class="user-bright smallPaddingContent"> <div class="user-bright smallPaddingContent">
<form enctype="multipart/form-data" action="pdfmain.php" method="post" name="pdfmainForm" > <form enctype="multipart/form-data" action="pdfmain.php" method="post" name="pdfmainForm" >
@ -246,38 +242,38 @@ include '../main_header.php';
// existing templates // existing templates
$container->addElement(new htmlSubTitle(_("Manage existing PDF structures")), true); $container->addElement(new htmlSubTitle(_("Manage existing PDF structures")), true);
$existingContainer = new htmlTable(); $existingContainer = new htmlTable();
for ($i = 0; $i < sizeof($templateClasses); $i++) { foreach ($templateClasses as $templateClass) {
if ($i > 0) { if ($i > 0) {
$existingContainer->addElement(new htmlSpacer(null, '10px'), true); $existingContainer->addElement(new htmlSpacer(null, '10px'), true);
} }
$existingContainer->addElement(new htmlImage('../../graphics/' . $templateClasses[$i]['icon'])); $existingContainer->addElement(new htmlImage('../../graphics/' . $templateClass['icon']));
$existingContainer->addElement(new htmlSpacer('3px', null)); $existingContainer->addElement(new htmlSpacer('3px', null));
$existingContainer->addElement(new htmlOutputText($templateClasses[$i]['title'])); $existingContainer->addElement(new htmlOutputText($templateClass['title']));
$existingContainer->addElement(new htmlSpacer('3px', null)); $existingContainer->addElement(new htmlSpacer('3px', null));
$select = new htmlSelect('template_' . $templateClasses[$i]['typeId'], $templateClasses[$i]['templates']); $select = new htmlSelect('template_' . $templateClass['typeId'], $templateClass['templates']);
$select->setWidth('15em'); $select->setWidth('15em');
$existingContainer->addElement($select); $existingContainer->addElement($select);
$existingContainer->addElement(new htmlSpacer('3px', null)); $existingContainer->addElement(new htmlSpacer('3px', null));
$exEditButton = new htmlButton('editTemplate_' . $templateClasses[$i]['typeId'], 'edit.png', true); $exEditButton = new htmlButton('editTemplate_' . $templateClass['typeId'], 'edit.png', true);
$exEditButton->setTitle(_('Edit')); $exEditButton->setTitle(_('Edit'));
$existingContainer->addElement($exEditButton); $existingContainer->addElement($exEditButton);
$deleteLink = new htmlLink(null, '#', '../../graphics/delete.png'); $deleteLink = new htmlLink(null, '#', '../../graphics/delete.png');
$deleteLink->setTitle(_('Delete')); $deleteLink->setTitle(_('Delete'));
$deleteLink->setOnClick("profileShowDeleteDialog('" . _('Delete') . "', '" . _('Ok') . "', '" . _('Cancel') . "', '" . $templateClasses[$i]['typeId'] . "', '" . 'template_' . $templateClasses[$i]['typeId'] . "');"); $deleteLink->setOnClick("profileShowDeleteDialog('" . _('Delete') . "', '" . _('Ok') . "', '" . _('Cancel') . "', '" . $templateClass['typeId'] . "', '" . 'template_' . $templateClass['typeId'] . "');");
$existingContainer->addElement($deleteLink); $existingContainer->addElement($deleteLink);
if (count($configProfiles) > 1) { if (count($configProfiles) > 1) {
$importLink = new htmlLink(null, '#', '../../graphics/import.png'); $importLink = new htmlLink(null, '#', '../../graphics/import.png');
$importLink->setTitle(_('Import PDF structures')); $importLink->setTitle(_('Import PDF structures'));
$importLink->setOnClick("showDistributionDialog('" . _("Import PDF structures") . "', '" . $importLink->setOnClick("showDistributionDialog('" . _("Import PDF structures") . "', '" .
_('Ok') . "', '" . _('Cancel') . "', '" . $templateClasses[$i]['typeId'] . "', 'import');"); _('Ok') . "', '" . _('Cancel') . "', '" . $templateClass['typeId'] . "', 'import');");
$existingContainer->addElement($importLink); $existingContainer->addElement($importLink);
} }
$exportLink = new htmlLink(null, '#', '../../graphics/export.png'); $exportLink = new htmlLink(null, '#', '../../graphics/export.png');
$exportLink->setTitle(_('Export PDF structure')); $exportLink->setTitle(_('Export PDF structure'));
$exportLink->setOnClick("showDistributionDialog('" . _("Export PDF structure") . "', '" . $exportLink->setOnClick("showDistributionDialog('" . _("Export PDF structure") . "', '" .
_('Ok') . "', '" . _('Cancel') . "', '" . $templateClasses[$i]['typeId'] . "', 'export', '" . 'template_' . $templateClasses[$i]['typeId'] . "', '" . $_SESSION['config']->getName() . "');"); _('Ok') . "', '" . _('Cancel') . "', '" . $templateClass['typeId'] . "', 'export', '" . 'template_' . $templateClass['typeId'] . "', '" . $_SESSION['config']->getName() . "');");
$existingContainer->addElement($exportLink); $existingContainer->addElement($exportLink);
$existingContainer->addNewLine(); $existingContainer->addNewLine();
} }
@ -314,12 +310,12 @@ include '../main_header.php';
echo "</form>\n"; echo "</form>\n";
echo "</div>\n"; echo "</div>\n";
for ($i = 0; $i < sizeof($templateClasses); $i++) { foreach ($templateClasses as $templateClass) {
$typeId = $templateClasses[$i]['typeId']; $typeId = $templateClass['typeId'];
$scope = $templateClasses[$i]['scope']; $scope = $templateClass['scope'];
$importOptions = array(); $importOptions = array();
foreach ($configProfiles as $profile) { foreach ($configProfiles as $profile) {
$typeManagerImport = new \LAM\TYPES\TypeManager($serverProfiles[$profile]); $typeManagerImport = new TypeManager($serverProfiles[$profile]);
$typesImport = $typeManagerImport->getConfiguredTypesForScope($scope); $typesImport = $typeManagerImport->getConfiguredTypesForScope($scope);
foreach ($typesImport as $typeImport) { foreach ($typesImport as $typeImport) {
if (($profile != $_SESSION['config']->getName()) || ($typeImport->getId() != $typeId)) { if (($profile != $_SESSION['config']->getName()) || ($typeImport->getId() != $typeId)) {
@ -374,7 +370,7 @@ include '../main_header.php';
$container->addElement(new htmlOutputText(_("Target server profile")), true); $container->addElement(new htmlOutputText(_("Target server profile")), true);
$exportOptions = array(); $exportOptions = array();
foreach ($configProfiles as $profile) { foreach ($configProfiles as $profile) {
$typeManagerExport = new \LAM\TYPES\TypeManager($serverProfiles[$profile]); $typeManagerExport = new TypeManager($serverProfiles[$profile]);
$typesExport = $typeManagerExport->getConfiguredTypesForScope($scope); $typesExport = $typeManagerExport->getConfiguredTypesForScope($scope);
foreach ($typesExport as $typeExport) { foreach ($typesExport as $typeExport) {
if (($profile != $_SESSION['config']->getName()) || ($typeExport->getId() != $typeId)) { if (($profile != $_SESSION['config']->getName()) || ($typeExport->getId() != $typeId)) {
@ -430,18 +426,18 @@ include '../main_footer.php';
* @param string $typeId type id * @param string $typeId type id
* @param array $options options * @param array $options options
* @param \LAMConfig[] $serverProfiles server profiles (name => profile object) * @param \LAMConfig[] $serverProfiles server profiles (name => profile object)
* @param \LAM\TYPES\TypeManager $typeManager type manager * @param TypeManager $typeManager type manager
* @return \htmlStatusMessage message or null * @return \htmlStatusMessage message or null
*/ */
function importStructures($typeId, $options, &$serverProfiles, &$typeManager) { function importStructures($typeId, $options, &$serverProfiles, TypeManager &$typeManager) {
foreach ($options as $option) { foreach ($options as $option) {
$sourceConfName = $option['conf']; $sourceConfName = $option['conf'];
$sourceTypeId = $option['typeId']; $sourceTypeId = $option['typeId'];
$sourceName = $option['name']; $sourceName = $option['name'];
$sourceTypeManager = new \LAM\TYPES\TypeManager($serverProfiles[$sourceConfName]); $sourceTypeManager = new TypeManager($serverProfiles[$sourceConfName]);
$sourceType = $sourceTypeManager->getConfiguredType($sourceTypeId); $sourceType = $sourceTypeManager->getConfiguredType($sourceTypeId);
$targetType = $typeManager->getConfiguredType($typeId); $targetType = $typeManager->getConfiguredType($typeId);
if (($sourceType != null) && ($targetType != null)) { if (($sourceType !== null) && ($targetType !== null)) {
try { try {
\LAM\PDF\copyStructure($sourceType, $sourceName, $targetType); \LAM\PDF\copyStructure($sourceType, $sourceName, $targetType);
} }
@ -460,12 +456,12 @@ function importStructures($typeId, $options, &$serverProfiles, &$typeManager) {
* @param string $name profile name * @param string $name profile name
* @param array $options options * @param array $options options
* @param \LAMConfig[] $serverProfiles server profiles (name => profile object) * @param \LAMConfig[] $serverProfiles server profiles (name => profile object)
* @param \LAM\TYPES\TypeManager $typeManager type manager * @param TypeManager $typeManager type manager
* @return \htmlStatusMessage message or null * @return \htmlStatusMessage message or null
*/ */
function exportStructures($typeId, $name, $options, &$serverProfiles, &$typeManager) { function exportStructures($typeId, $name, $options, &$serverProfiles, TypeManager &$typeManager) {
$sourceType = $typeManager->getConfiguredType($typeId); $sourceType = $typeManager->getConfiguredType($typeId);
if ($sourceType == null) { if ($sourceType === null) {
return null; return null;
} }
foreach ($options as $option) { foreach ($options as $option) {
@ -480,9 +476,9 @@ function exportStructures($typeId, $name, $options, &$serverProfiles, &$typeMana
} }
else { else {
$targetTypeId = $option['typeId']; $targetTypeId = $option['typeId'];
$targetTypeManager = new \LAM\TYPES\TypeManager($serverProfiles[$targetConfName]); $targetTypeManager = new TypeManager($serverProfiles[$targetConfName]);
$targetType = $targetTypeManager->getConfiguredType($targetTypeId); $targetType = $targetTypeManager->getConfiguredType($targetTypeId);
if ($targetType != null) { if ($targetType !== null) {
try { try {
\LAM\PDF\copyStructure($sourceType, $name, $targetType); \LAM\PDF\copyStructure($sourceType, $name, $targetType);
} }

View File

@ -496,7 +496,7 @@ function translateFieldIDToName($id, $scope, $availablePDFFields) {
* *
* @param PDFStructure $structure * @param PDFStructure $structure
*/ */
function updateBasicSettings(&$structure) { function updateBasicSettings(PDFStructure &$structure) {
// set headline // set headline
if (isset($_POST['headline'])) { if (isset($_POST['headline'])) {
$structure->setTitle(str_replace('<', '', str_replace('>', '', $_POST['headline']))); $structure->setTitle(str_replace('<', '', str_replace('>', '', $_POST['headline'])));
@ -516,7 +516,7 @@ function updateBasicSettings(&$structure) {
* *
* @param PDFStructure $structure * @param PDFStructure $structure
*/ */
function updateSectionTitles(&$structure) { function updateSectionTitles(PDFStructure &$structure) {
$sections = $structure->getSections(); $sections = $structure->getSections();
foreach ($_POST as $key => $value) { foreach ($_POST as $key => $value) {
if (strpos($key, 'section_') === 0) { if (strpos($key, 'section_') === 0) {
@ -531,7 +531,7 @@ function updateSectionTitles(&$structure) {
* *
* @param PDFStructure $structure * @param PDFStructure $structure
*/ */
function addSection(&$structure) { function addSection(PDFStructure &$structure) {
$sections = $structure->getSections(); $sections = $structure->getSections();
// add a new text field // add a new text field
if(isset($_POST['add_text'])) { if(isset($_POST['add_text'])) {
@ -570,7 +570,7 @@ function addSection(&$structure) {
* *
* @param PDFStructure $structure * @param PDFStructure $structure
*/ */
function addSectionEntry(&$structure) { function addSectionEntry(PDFStructure &$structure) {
if(isset($_POST['add_new_field'])) { if(isset($_POST['add_new_field'])) {
$field = new PDFSectionEntry($_POST['new_field']); $field = new PDFSectionEntry($_POST['new_field']);
$sections = $structure->getSections(); $sections = $structure->getSections();
@ -587,7 +587,7 @@ function addSectionEntry(&$structure) {
* *
* @param PDFStructure $structure * @param PDFStructure $structure
*/ */
function removeItem(&$structure) { function removeItem(PDFStructure &$structure) {
$sections = $structure->getSections(); $sections = $structure->getSections();
foreach ($_POST as $key => $value) { foreach ($_POST as $key => $value) {
// remove section // remove section
@ -617,7 +617,7 @@ function removeItem(&$structure) {
* *
* @param PDFStructure $structure * @param PDFStructure $structure
*/ */
function moveUp(&$structure) { function moveUp(PDFStructure &$structure) {
$sections = $structure->getSections(); $sections = $structure->getSections();
foreach ($_POST as $key => $value) { foreach ($_POST as $key => $value) {
// move section // move section
@ -649,7 +649,7 @@ function moveUp(&$structure) {
* *
* @param PDFStructure $structure * @param PDFStructure $structure
*/ */
function moveDown(&$structure) { function moveDown(PDFStructure &$structure) {
$sections = $structure->getSections(); $sections = $structure->getSections();
foreach ($_POST as $key => $value) { foreach ($_POST as $key => $value) {
// move section // move section

View File

@ -14,6 +14,7 @@ use \htmlOutputText;
use \htmlHelpLink; use \htmlHelpLink;
use \htmlHiddenInput; use \htmlHiddenInput;
use \htmlInputField; use \htmlInputField;
use \LAM\TYPES\TypeManager;
/* /*
$Id$ $Id$
@ -67,7 +68,7 @@ if (!empty($_POST)) {
validateSecurityToken(); validateSecurityToken();
} }
$typeManager = new \LAM\TYPES\TypeManager(); $typeManager = new TypeManager();
$types = $typeManager->getConfiguredTypes(); $types = $typeManager->getConfiguredTypes();
$profileClasses = array(); $profileClasses = array();
$profileClassesTemp = array(); $profileClassesTemp = array();
@ -158,7 +159,7 @@ if (!empty($_POST['import'])) {
} }
$errMessage = importProfiles($_POST['typeId'], $options, $serverProfiles, $typeManager); $errMessage = importProfiles($_POST['typeId'], $options, $serverProfiles, $typeManager);
} }
if ($errMessage != null) { if ($errMessage !== null) {
$errMessage->colspan = 10; $errMessage->colspan = 10;
$container->addElement($errMessage, true); $container->addElement($errMessage, true);
} }
@ -181,7 +182,7 @@ if (!empty($_POST['export'])) {
$name = $_POST['name_' . $typeId]; $name = $_POST['name_' . $typeId];
$errMessage = exportProfiles($typeId, $name, $options, $serverProfiles, $typeManager); $errMessage = exportProfiles($typeId, $name, $options, $serverProfiles, $typeManager);
} }
if ($errMessage != null) { if ($errMessage !== null) {
$errMessage->colspan = 10; $errMessage->colspan = 10;
$container->addElement($errMessage, true); $container->addElement($errMessage, true);
} }
@ -274,7 +275,7 @@ for ($i = 0; $i < sizeof($profileClasses); $i++) {
$scope = $profileClasses[$i]['scope']; $scope = $profileClasses[$i]['scope'];
$importOptions = array(); $importOptions = array();
foreach ($configProfiles as $profile) { foreach ($configProfiles as $profile) {
$typeManagerImport = new \LAM\TYPES\TypeManager($serverProfiles[$profile]); $typeManagerImport = new TypeManager($serverProfiles[$profile]);
$typesImport = $typeManagerImport->getConfiguredTypesForScope($scope); $typesImport = $typeManagerImport->getConfiguredTypesForScope($scope);
foreach ($typesImport as $typeImport) { foreach ($typesImport as $typeImport) {
if (($profile != $_SESSION['config']->getName()) || ($typeImport->getId() != $typeId)) { if (($profile != $_SESSION['config']->getName()) || ($typeImport->getId() != $typeId)) {
@ -329,7 +330,7 @@ for ($i = 0; $i < sizeof($profileClasses); $i++) {
$container->addElement(new htmlOutputText(_("Target server profile")), true); $container->addElement(new htmlOutputText(_("Target server profile")), true);
$exportOptions = array(); $exportOptions = array();
foreach ($configProfiles as $profile) { foreach ($configProfiles as $profile) {
$typeManagerExport = new \LAM\TYPES\TypeManager($serverProfiles[$profile]); $typeManagerExport = new TypeManager($serverProfiles[$profile]);
$typesExport = $typeManagerExport->getConfiguredTypesForScope($scope); $typesExport = $typeManagerExport->getConfiguredTypesForScope($scope);
foreach ($typesExport as $typeExport) { foreach ($typesExport as $typeExport) {
if (($profile != $_SESSION['config']->getName()) || ($typeExport->getId() != $typeId)) { if (($profile != $_SESSION['config']->getName()) || ($typeExport->getId() != $typeId)) {
@ -385,18 +386,18 @@ include '../main_footer.php';
* @param string $typeId type id * @param string $typeId type id
* @param array $options options * @param array $options options
* @param \LAMConfig[] $serverProfiles server profiles (name => profile object) * @param \LAMConfig[] $serverProfiles server profiles (name => profile object)
* @param \LAM\TYPES\TypeManager $typeManager type manager * @param TypeManager $typeManager type manager
* @return \htmlStatusMessage message or null * @return \htmlStatusMessage message or null
*/ */
function importProfiles($typeId, $options, &$serverProfiles, &$typeManager) { function importProfiles($typeId, $options, &$serverProfiles, TypeManager &$typeManager) {
foreach ($options as $option) { foreach ($options as $option) {
$sourceConfName = $option['conf']; $sourceConfName = $option['conf'];
$sourceTypeId = $option['typeId']; $sourceTypeId = $option['typeId'];
$sourceName = $option['name']; $sourceName = $option['name'];
$sourceTypeManager = new \LAM\TYPES\TypeManager($serverProfiles[$sourceConfName]); $sourceTypeManager = new TypeManager($serverProfiles[$sourceConfName]);
$sourceType = $sourceTypeManager->getConfiguredType($sourceTypeId); $sourceType = $sourceTypeManager->getConfiguredType($sourceTypeId);
$targetType = $typeManager->getConfiguredType($typeId); $targetType = $typeManager->getConfiguredType($typeId);
if (($sourceType != null) && ($targetType != null)) { if (($sourceType !== null) && ($targetType !== null)) {
try { try {
\LAM\PROFILES\copyAccountProfile($sourceType, $sourceName, $targetType); \LAM\PROFILES\copyAccountProfile($sourceType, $sourceName, $targetType);
} }
@ -415,12 +416,12 @@ function importProfiles($typeId, $options, &$serverProfiles, &$typeManager) {
* @param string $name profile name * @param string $name profile name
* @param array $options options * @param array $options options
* @param \LAMConfig[] $serverProfiles server profiles (name => profile object) * @param \LAMConfig[] $serverProfiles server profiles (name => profile object)
* @param \LAM\TYPES\TypeManager $typeManager type manager * @param TypeManager $typeManager type manager
* @return \htmlStatusMessage message or null * @return \htmlStatusMessage message or null
*/ */
function exportProfiles($typeId, $name, $options, &$serverProfiles, &$typeManager) { function exportProfiles($typeId, $name, $options, &$serverProfiles, TypeManager &$typeManager) {
$sourceType = $typeManager->getConfiguredType($typeId); $sourceType = $typeManager->getConfiguredType($typeId);
if ($sourceType == null) { if ($sourceType === null) {
return null; return null;
} }
foreach ($options as $option) { foreach ($options as $option) {
@ -435,9 +436,9 @@ function exportProfiles($typeId, $name, $options, &$serverProfiles, &$typeManage
} }
else { else {
$targetTypeId = $option['typeId']; $targetTypeId = $option['typeId'];
$targetTypeManager = new \LAM\TYPES\TypeManager($serverProfiles[$targetConfName]); $targetTypeManager = new TypeManager($serverProfiles[$targetConfName]);
$targetType = $targetTypeManager->getConfiguredType($targetTypeId); $targetType = $targetTypeManager->getConfiguredType($targetTypeId);
if ($targetType != null) { if ($targetType !== null) {
try { try {
\LAM\PROFILES\copyAccountProfile($sourceType, $name, $targetType); \LAM\PROFILES\copyAccountProfile($sourceType, $name, $targetType);
} }

View File

@ -125,13 +125,6 @@ if (isset($_POST['save'])) {
} }
} }
// remove double slashes if magic quotes are on
if (get_magic_quotes_gpc() == 1) {
foreach ($opt_keys as $element) {
if (isset($options[$element][0]) && is_string($options[$element][0])) $options[$element][0] = stripslashes($options[$element][0]);
}
}
// check options // check options
$errors = checkProfileOptions($_POST['accounttype'], $options); $errors = checkProfileOptions($_POST['accounttype'], $options);
if (sizeof($errors) == 0) { // input data is valid, save profile if (sizeof($errors) == 0) { // input data is valid, save profile
@ -169,12 +162,7 @@ if (isset($_POST['save'])) {
$postKeys = array_keys($_POST); $postKeys = array_keys($_POST);
for ($i = 0; $i < sizeof($postKeys); $i++) { for ($i = 0; $i < sizeof($postKeys); $i++) {
if (!is_array($_POST[$postKeys[$i]])) { if (!is_array($_POST[$postKeys[$i]])) {
if (get_magic_quotes_gpc() == 1) { $old_options[$postKeys[$i]] = array($_POST[$postKeys[$i]]);
$old_options[$postKeys[$i]] = array(stripslashes($_POST[$postKeys[$i]]));
}
else {
$old_options[$postKeys[$i]] = array($_POST[$postKeys[$i]]);
}
} }
else { else {
$old_options[$postKeys[$i]] = $_POST[$postKeys[$i]]; $old_options[$postKeys[$i]] = $_POST[$postKeys[$i]];
@ -241,7 +229,7 @@ for ($m = 0; $m < sizeof($modules); $m++) {
if (sizeof($options[$modules[$m]]) < 1) continue; if (sizeof($options[$modules[$m]]) < 1) continue;
$module = new $modules[$m]($type->getScope()); $module = new $modules[$m]($type->getScope());
$icon = $module->getIcon(); $icon = $module->getIcon();
if (($icon != null) && !(strpos($icon, 'http') === 0) && !(strpos($icon, '/') === 0)) { if (!empty($icon) && !(strpos($icon, 'http') === 0) && !(strpos($icon, '/') === 0)) {
$icon = '../../graphics/' . $icon; $icon = '../../graphics/' . $icon;
} }
$container = new htmlTable(); $container = new htmlTable();

View File

@ -1,4 +1,18 @@
<?php <?php
namespace LAM\TOOLS\TESTS;
use \LAM\REMOTE\Remote;
use \htmlTable;
use \htmlTitle;
use \htmlOutputText;
use \htmlSelect;
use \htmlInputCheckbox;
use \htmlSpacer;
use \htmlButton;
use \htmlStatusMessage;
use \htmlImage;
use \htmlSubTitle;
use \Exception;
/* /*
$Id$ $Id$
@ -22,7 +36,7 @@ $Id$
*/ */
/** /**
* Tests the lamdaemon script. * Tests the remote script.
* *
* @author Roland Gruber * @author Roland Gruber
* @author Thomas Manninger * @author Thomas Manninger
@ -67,7 +81,7 @@ for ($i = 0; $i < sizeof($servers); $i++) {
} }
if (isset($_POST['runTest'])) { if (isset($_POST['runTest'])) {
lamRunLamdaemonTestSuite($_POST['server'], $serverTitles[$_POST['server']] , isset($_POST['checkQuotas']), $container); lamRunTestSuite($_POST['server'], $serverTitles[$_POST['server']] , isset($_POST['checkQuotas']), $container);
} }
else if ((sizeof($servers) > 0) && isset($servers[0]) && ($servers[0] != '')) { else if ((sizeof($servers) > 0) && isset($servers[0]) && ($servers[0] != '')) {
$container->addElement(new htmlOutputText(_("Server"))); $container->addElement(new htmlOutputText(_("Server")));
@ -111,22 +125,22 @@ include '../main_footer.php';
* *
* @param string $command test command * @param string $command test command
* @param boolean $stopTest specifies if test should be run * @param boolean $stopTest specifies if test should be run
* @param connection $handle SSH connection * @param Remote $remote SSH connection
* @param string $testText describing text * @param string $testText describing text
* @param htmlTable $container container for HTML output * @param htmlTable $container container for HTML output
* @return boolean true, if errors occured * @return boolean true, if errors occured
*/ */
function lamTestLamdaemon($command, $stopTest, $handle, $testText, $container) { function testRemoteCommand($command, $stopTest, $remote, $testText, $container) {
$okImage = "../../graphics/pass.png"; $okImage = "../../graphics/pass.png";
$failImage = "../../graphics/fail.png"; $failImage = "../../graphics/fail.png";
$spacer = new htmlSpacer('10px', null); $spacer = new htmlSpacer('10px', null);
// run lamdaemon and get user quotas // run remote command
if (!$stopTest) { if (!$stopTest) {
$container->addElement(new htmlOutputText($testText)); $container->addElement(new htmlOutputText($testText));
$container->addElement($spacer); $container->addElement($spacer);
flush(); flush();
$lamdaemonOk = false; $lamdaemonOk = false;
$output = $handle->exec("sudo " . $_SESSION['config']->get_scriptPath() . ' ' . escapeshellarg($command)); $output = $remote->execute($command);
if ((stripos(strtolower($output), "error") === false) && ((strpos($output, 'INFO,') === 0) || (strpos($output, 'QUOTA_ENTRY') === 0))) { if ((stripos(strtolower($output), "error") === false) && ((strpos($output, 'INFO,') === 0) || (strpos($output, 'QUOTA_ENTRY') === 0))) {
$lamdaemonOk = true; $lamdaemonOk = true;
} }
@ -170,7 +184,7 @@ function lamTestLamdaemon($command, $stopTest, $handle, $testText, $container) {
* @param boolean $testQuota true, if Quotas should be checked * @param boolean $testQuota true, if Quotas should be checked
* @param htmlTable $container container for HTML output * @param htmlTable $container container for HTML output
*/ */
function lamRunLamdaemonTestSuite($serverName, $serverTitle, $testQuota, $container) { function lamRunTestSuite($serverName, $serverTitle, $testQuota, $container) {
$SPLIT_DELIMITER = "###x##y##x###"; $SPLIT_DELIMITER = "###x##y##x###";
$LAMDAEMON_PROTOCOL_VERSION = '5'; $LAMDAEMON_PROTOCOL_VERSION = '5';
$okImage = "../../graphics/pass.png"; $okImage = "../../graphics/pass.png";
@ -246,13 +260,14 @@ function lamRunLamdaemonTestSuite($serverName, $serverTitle, $testQuota, $contai
flush(); flush();
// check SSH login // check SSH login
$remote = new Remote();
if (!$stopTest) { if (!$stopTest) {
$container->addElement(new htmlOutputText(_("SSH connection"))); $container->addElement(new htmlOutputText(_("SSH connection")));
$container->addElement($spacer); $container->addElement($spacer);
flush(); flush();
$sshOk = false; $sshOk = false;
try { try {
$handle = lamConnectSSH($serverName); $remote->connect($serverName);
$container->addElement(new htmlImage($okImage)); $container->addElement(new htmlImage($okImage));
$container->addElement($spacer); $container->addElement($spacer);
$container->addElement(new htmlOutputText(_("SSH connection established.")), true); $container->addElement(new htmlOutputText(_("SSH connection established.")), true);
@ -268,23 +283,21 @@ function lamRunLamdaemonTestSuite($serverName, $serverTitle, $testQuota, $contai
flush(); flush();
if (!$stopTest) { if (!$stopTest) {
$stopTest = lamTestLamdaemon("+" . $SPLIT_DELIMITER . "test" . $SPLIT_DELIMITER . "basic", $stopTest, $handle, _("Execute lamdaemon"), $container); $stopTest = testRemoteCommand("+" . $SPLIT_DELIMITER . "test" . $SPLIT_DELIMITER . "basic", $stopTest, $remote, _("Execute lamdaemon"), $container);
} }
if (!$stopTest) { if (!$stopTest) {
$stopTest = lamTestLamdaemon("+" . $SPLIT_DELIMITER . "test" . $SPLIT_DELIMITER . "version" . $SPLIT_DELIMITER . $LAMDAEMON_PROTOCOL_VERSION, $stopTest, $handle, _("Lamdaemon version"), $container); $stopTest = testRemoteCommand("+" . $SPLIT_DELIMITER . "test" . $SPLIT_DELIMITER . "version" . $SPLIT_DELIMITER . $LAMDAEMON_PROTOCOL_VERSION, $stopTest, $remote, _("Lamdaemon version"), $container);
} }
if (!$stopTest) { if (!$stopTest) {
$handle = lamConnectSSH($serverName); $stopTest = testRemoteCommand("+" . $SPLIT_DELIMITER . "test" . $SPLIT_DELIMITER . "nss" . $SPLIT_DELIMITER . "$userName", $stopTest, $remote, _("Lamdaemon: check NSS LDAP"), $container);
$stopTest = lamTestLamdaemon("+" . $SPLIT_DELIMITER . "test" . $SPLIT_DELIMITER . "nss" . $SPLIT_DELIMITER . "$userName", $stopTest, $handle, _("Lamdaemon: check NSS LDAP"), $container);
if (!$stopTest && $testQuota) { if (!$stopTest && $testQuota) {
$handle = lamConnectSSH($serverName); $stopTest = testRemoteCommand("+" . $SPLIT_DELIMITER . "test" . $SPLIT_DELIMITER . "quota", $stopTest, $remote, _("Lamdaemon: Quota module installed"), $container);
$stopTest = lamTestLamdaemon("+" . $SPLIT_DELIMITER . "test" . $SPLIT_DELIMITER . "quota", $stopTest, $handle, _("Lamdaemon: Quota module installed"), $container); $stopTest = testRemoteCommand("+" . $SPLIT_DELIMITER . "quota" . $SPLIT_DELIMITER . "get" . $SPLIT_DELIMITER . "user", $stopTest, $remote, _("Lamdaemon: read quotas"), $container);
$handle = lamConnectSSH($serverName);
$stopTest = lamTestLamdaemon("+" . $SPLIT_DELIMITER . "quota" . $SPLIT_DELIMITER . "get" . $SPLIT_DELIMITER . "user", $stopTest, $handle, _("Lamdaemon: read quotas"), $container);
} }
} }
$remote->disconnect();
$container->addElement(new htmlSpacer(null, '10px'), true); $container->addElement(new htmlSpacer(null, '10px'), true);
$endMessage = new htmlOutputText(_("Lamdaemon test finished.")); $endMessage = new htmlOutputText(_("Lamdaemon test finished."));

View File

@ -140,7 +140,7 @@ if ($_FILES['inputfile'] && ($_FILES['inputfile']['size'] > 0)) {
$checkcolumns = array(); $checkcolumns = array();
$columns = call_user_func_array('array_merge', $columns); $columns = call_user_func_array('array_merge', $columns);
for ($i = 0; $i < sizeof($columns); $i++) { for ($i = 0; $i < sizeof($columns); $i++) {
if (isset($columns[$i]['required']) && ($columns[$i]['required'] == true)) { if (isset($columns[$i]['required']) && ($columns[$i]['required'] === true)) {
if (isset($ids[$columns[$i]['name']])) $checkcolumns[] = $ids[$columns[$i]['name']]; if (isset($ids[$columns[$i]['name']])) $checkcolumns[] = $ids[$columns[$i]['name']];
else $errors[] = array(_("A required column is missing in your CSV file."), $columns[$i]['name']); else $errors[] = array(_("A required column is missing in your CSV file."), $columns[$i]['name']);
} }
@ -201,7 +201,7 @@ if ($_FILES['inputfile'] && ($_FILES['inputfile']['size'] > 0)) {
// let modules build accounts // let modules build accounts
else { else {
$accounts = buildUploadAccounts($type, $data, $ids, $selectedModules); $accounts = buildUploadAccounts($type, $data, $ids, $selectedModules);
if ($accounts != false) { if ($accounts !== false) {
$rdnList = getRDNAttributes($type->getId(), $selectedModules); $rdnList = getRDNAttributes($type->getId(), $selectedModules);
$suffix = $type->getSuffix(); $suffix = $type->getSuffix();
// set DN // set DN
@ -282,7 +282,7 @@ include '../main_footer.php';
* @param array $selectedModules selected modules for upload * @param array $selectedModules selected modules for upload
* @param htmlTable $container table container * @param htmlTable $container table container
*/ */
function massPrintBackButton($typeId, $selectedModules, &$container) { function massPrintBackButton($typeId, $selectedModules, htmlTable &$container) {
$backButton = new htmlButton('submit', _('Back')); $backButton = new htmlButton('submit', _('Back'));
$backButton->setIconClass('backButton'); $backButton->setIconClass('backButton');
$container->addElement($backButton); $container->addElement($backButton);
@ -298,4 +298,4 @@ function massPrintBackButton($typeId, $selectedModules, &$container) {
} }
} }
?> ?>

View File

@ -256,7 +256,7 @@ include '../main_footer.php';
* @param \LAM\TYPES\ConfiguredType $type account type * @param \LAM\TYPES\ConfiguredType $type account type
* @param array $selectedModules list of selected account modules * @param array $selectedModules list of selected account modules
*/ */
function showMainPage($type, $selectedModules) { function showMainPage(\LAM\TYPES\ConfiguredType $type, $selectedModules) {
$scope = $type->getScope(); $scope = $type->getScope();
echo '<div class="' . $scope . '-bright smallPaddingContent">'; echo '<div class="' . $scope . '-bright smallPaddingContent">';
// get input fields from modules // get input fields from modules
@ -382,7 +382,7 @@ function showMainPage($type, $selectedModules) {
$columnContainer->addElement(new htmlSpacer(null, '10px'), true); $columnContainer->addElement(new htmlSpacer(null, '10px'), true);
$module = moduleCache::getModule($modules[$m], $scope); $module = moduleCache::getModule($modules[$m], $scope);
$icon = $module->getIcon(); $icon = $module->getIcon();
if (($icon != null) && !(strpos($icon, 'http') === 0) && !(strpos($icon, '/') === 0)) { if (!empty($icon) && !(strpos($icon, 'http') === 0) && !(strpos($icon, '/') === 0)) {
$icon = '../../graphics/' . $icon; $icon = '../../graphics/' . $icon;
} }
$moduleTitle = new htmlSubTitle(getModuleAlias($modules[$m], $scope), $icon); $moduleTitle = new htmlSubTitle(getModuleAlias($modules[$m], $scope), $icon);
@ -413,7 +413,7 @@ function showMainPage($type, $selectedModules) {
$odd = true; $odd = true;
for ($i = 0; $i < sizeof($columns[$modules[$m]]); $i++) { for ($i = 0; $i < sizeof($columns[$modules[$m]]); $i++) {
$required = false; $required = false;
if (isset($columns[$modules[$m]][$i]['required']) && ($columns[$modules[$m]][$i]['required'] == true)) { if (isset($columns[$modules[$m]][$i]['required']) && ($columns[$modules[$m]][$i]['required'] === true)) {
$required = true; $required = true;
} }
$rowCells = array(); $rowCells = array();