Browse Source

Move ExAuth class to src

- Move executed code to separate readStdin function
tags/3.6
Hypolite Petovan 1 year ago
parent
commit
93924ceac4
2 changed files with 326 additions and 270 deletions
  1. 22
    270
      scripts/auth_ejabberd.php
  2. 304
    0
      src/Util/ExAuth.php

+ 22
- 270
scripts/auth_ejabberd.php View File

@@ -1,4 +1,4 @@
1
-#!/usr/bin/php
1
+#!/usr/bin/env php
2 2
 <?php
3 3
 /*
4 4
  * ejabberd extauth script for the integration with friendica
@@ -12,39 +12,40 @@
12 12
  *
13 13
  * Installation:
14 14
  *
15
- *	- Change it's owner to whichever user is running the server, ie. ejabberd
16
- *	  $ chown ejabberd:ejabberd /path/to/friendica/scripts/auth_ejabberd.php
15
+ * 	- Change it's owner to whichever user is running the server, ie. ejabberd
16
+ * 	  $ chown ejabberd:ejabberd /path/to/friendica/scripts/auth_ejabberd.php
17 17
  *
18 18
  * 	- Change the access mode so it is readable only to the user ejabberd and has exec
19
- *	  $ chmod 700 /path/to/friendica/scripts/auth_ejabberd.php
19
+ * 	  $ chmod 700 /path/to/friendica/scripts/auth_ejabberd.php
20 20
  *
21
- *	- Edit your ejabberd.cfg file, comment out your auth_method and add:
22
- *	  {auth_method, external}.
23
- *	  {extauth_program, "/path/to/friendica/script/auth_ejabberd.php"}.
21
+ * 	- Edit your ejabberd.cfg file, comment out your auth_method and add:
22
+ * 	  {auth_method, external}.
23
+ * 	  {extauth_program, "/path/to/friendica/script/auth_ejabberd.php"}.
24 24
  *
25
- *	- Restart your ejabberd service, you should be able to login with your friendica auth info
25
+ * 	- Restart your ejabberd service, you should be able to login with your friendica auth info
26 26
  *
27 27
  * Other hints:
28
- *	- if your users have a space or a @ in their nickname, they'll run into trouble
29
- *	  registering with any client so they should be instructed to replace these chars
30
- *	  " " (space) is replaced with "%20"
31
- *	  "@" is replaced with "(a)"
28
+ * 	- if your users have a space or a @ in their nickname, they'll run into trouble
29
+ * 	  registering with any client so they should be instructed to replace these chars
30
+ * 	  " " (space) is replaced with "%20"
31
+ * 	  "@" is replaced with "(a)"
32 32
  *
33 33
  */
34 34
 
35 35
 use Friendica\App;
36
-use Friendica\Core\Config;
37
-use Friendica\Database\DBM;
36
+use Friendica\Util\ExAuth;
38 37
 
39
-if (sizeof($_SERVER["argv"]) == 0)
38
+if (sizeof($_SERVER["argv"]) == 0) {
40 39
 	die();
40
+}
41 41
 
42 42
 $directory = dirname($_SERVER["argv"][0]);
43 43
 
44
-if (substr($directory, 0, 1) != "/")
45
-	$directory = $_SERVER["PWD"]."/".$directory;
44
+if (substr($directory, 0, 1) != DIRECTORY_SEPARATOR) {
45
+	$directory = $_SERVER["PWD"] . DIRECTORY_SEPARATOR . $directory;
46
+}
46 47
 
47
-$directory = realpath($directory."/..");
48
+$directory = realpath($directory . DIRECTORY_SEPARATOR . "..");
48 49
 
49 50
 chdir($directory);
50 51
 
@@ -53,259 +54,10 @@ require_once "include/dba.php";
53 54
 
54 55
 $a = new App(dirname(__DIR__));
55 56
 
56
-@include(".htconfig.php");
57
+@include ".htconfig.php";
57 58
 dba::connect($db_host, $db_user, $db_pass, $db_data);
58 59
 unset($db_host, $db_user, $db_pass, $db_data);
59 60
 
60
-$oAuth = new exAuth();
61
-
62
-class exAuth {
63
-	private $bDebug;
64
-
65
-	/**
66
-	 * @brief Create the class and do the authentification studd
67
-	 *
68
-	 * @param boolean $bDebug Debug mode
69
-	 */
70
-	public function __construct() {
71
-		// setter
72
-		$this->bDebug = (int)Config::get('jabber', 'debug');
73
-
74
-
75
-		openlog('auth_ejabberd', LOG_PID, LOG_USER);
76
-
77
-		$this->writeLog(LOG_NOTICE, "start");
78
-
79
-		// We are connected to the SQL server.
80
-		while (!feof(STDIN)) {
81
-			// Quit if the database connection went down
82
-			if (!dba::connected()) {
83
-				$this->writeLog(LOG_ERR, "the database connection went down");
84
-				return;
85
-			}
86
-
87
-			$iHeader = fgets(STDIN, 3);
88
-			$aLength = unpack("n", $iHeader);
89
-			$iLength = $aLength["1"];
90
-
91
-			// No data? Then quit
92
-			if ($iLength == 0) {
93
-				$this->writeLog(LOG_ERR, "we got no data, quitting");
94
-				return;
95
-			}
96
-
97
-			// Fetching the data
98
-			$sData = fgets(STDIN, $iLength + 1);
99
-			$this->writeLog(LOG_DEBUG, "received data: ". $sData);
100
-			$aCommand = explode(":", $sData);
101
-			if (is_array($aCommand)) {
102
-				switch ($aCommand[0]) {
103
-					case "isuser":
104
-						// Check the existance of a given username
105
-						$this->isuser($aCommand);
106
-						break;
107
-					case "auth":
108
-						// Check if the givven password is correct
109
-						$this->auth($aCommand);
110
-						break;
111
-					case "setpass":
112
-						// We don't accept the setting of passwords here
113
-						$this->writeLog(LOG_NOTICE, "setpass command disabled");
114
-						fwrite(STDOUT, pack("nn", 2, 0));
115
-						break;
116
-					default:
117
-						// We don't know the given command
118
-						$this->writeLog(LOG_NOTICE, "unknown command ". $aCommand[0]);
119
-						fwrite(STDOUT, pack("nn", 2, 0));
120
-						break;
121
-				}
122
-			} else {
123
-				$this->writeLog(LOG_NOTICE, "invalid command string ".$sData);
124
-				fwrite(STDOUT, pack("nn", 2, 0));
125
-			}
126
-		}
127
-	}
128
-
129
-	/**
130
-	 * @brief Check if the given username exists
131
-	 *
132
-	 * @param array $aCommand The command array
133
-	 */
134
-	private function isuser($aCommand) {
135
-		$a = get_app();
136
-
137
-		// Check if there is a username
138
-		if (!isset($aCommand[1])) {
139
-			$this->writeLog(LOG_NOTICE, "invalid isuser command, no username given");
140
-			fwrite(STDOUT, pack("nn", 2, 0));
141
-			return;
142
-		}
143
-
144
-		// Now we check if the given user is valid
145
-		$sUser = str_replace(array("%20", "(a)"), array(" ", "@"), $aCommand[1]);
146
-
147
-		// Does the hostname match? So we try directly
148
-		if ($a->get_hostname() == $aCommand[2]) {
149
-			$this->writeLog(LOG_INFO, "internal user check for ". $sUser."@".$aCommand[2]);
150
-			$sQuery = "SELECT `uid` FROM `user` WHERE `nickname`='".dbesc($sUser)."'";
151
-			$this->writeLog(LOG_DEBUG, "using query ". $sQuery);
152
-			$r = q($sQuery);
153
-			$found = DBM::is_result($r);
154
-		} else {
155
-			$found = false;
156
-		}
157
-
158
-		// If the hostnames doesn't match or there is some failure, we try to check remotely
159
-		if (!$found) {
160
-			$found = $this->check_user($aCommand[2], $aCommand[1], true);
161
-		}
162
-
163
-		if ($found) {
164
-			// The user is okay
165
-			$this->writeLog(LOG_NOTICE, "valid user: ". $sUser);
166
-			fwrite(STDOUT, pack("nn", 2, 1));
167
-		} else {
168
-			// The user isn't okay
169
-			$this->writeLog(LOG_WARNING, "invalid user: ". $sUser);
170
-			fwrite(STDOUT, pack("nn", 2, 0));
171
-		}
172
-	}
173
-
174
-	/**
175
-	 * @brief Check remote user existance via HTTP(S)
176
-	 *
177
-	 * @param string $host The hostname
178
-	 * @param string $user Username
179
-	 * @param boolean $ssl Should the check be done via SSL?
180
-	 *
181
-	 * @return boolean Was the user found?
182
-	 */
183
-	private function check_user($host, $user, $ssl) {
184
-
185
-		$this->writeLog(LOG_INFO, "external user check for ".$user."@".$host);
186
-
187
-		$url = ($ssl ? "https":"http")."://".$host."/noscrape/".$user;
61
+$oAuth = new ExAuth();
188 62
 
189
-		$data = z_fetch_url($url);
190
-
191
-		if (!is_array($data))
192
-			return(false);
193
-
194
-		if ($data["return_code"] != "200")
195
-			return(false);
196
-
197
-		$json = @json_decode($data["body"]);
198
-		if (!is_object($json))
199
-			return(false);
200
-
201
-		return($json->nick == $user);
202
-	}
203
-
204
-	/**
205
-	 * @brief Authenticate the givven user and password
206
-	 *
207
-	 * @param array $aCommand The command array
208
-	 */
209
-	private function auth($aCommand) {
210
-		$a = get_app();
211
-
212
-		// check user authentication
213
-		if (sizeof($aCommand) != 4) {
214
-			$this->writeLog(LOG_NOTICE, "invalid auth command, data missing");
215
-			fwrite(STDOUT, pack("nn", 2, 0));
216
-			return;
217
-		}
218
-
219
-		// We now check if the password match
220
-		$sUser = str_replace(array("%20", "(a)"), array(" ", "@"), $aCommand[1]);
221
-
222
-		// Does the hostname match? So we try directly
223
-		if ($a->get_hostname() == $aCommand[2]) {
224
-			$this->writeLog(LOG_INFO, "internal auth for ".$sUser."@".$aCommand[2]);
225
-
226
-			$sQuery = "SELECT `uid`, `password` FROM `user` WHERE `nickname`='".dbesc($sUser)."'";
227
-			$this->writeLog(LOG_DEBUG, "using query ". $sQuery);
228
-			if ($oResult = q($sQuery)) {
229
-				$uid = $oResult[0]["uid"];
230
-				$Error = ($oResult[0]["password"] != hash('whirlpool',$aCommand[3]));
231
-			} else {
232
-				$this->writeLog(LOG_WARNING, "invalid query: ". $sQuery);
233
-				$Error = true;
234
-				$uid = -1;
235
-			}
236
-			if ($Error) {
237
-				$oConfig = q("SELECT `v` FROM `pconfig` WHERE `uid` = %d AND `cat` = 'xmpp' AND `k`='password' LIMIT 1;", intval($uid));
238
-				$this->writeLog(LOG_INFO, "check against alternate password for ".$sUser."@".$aCommand[2]);
239
-				$Error = ($aCommand[3] != $oConfig[0]["v"]);
240
-			}
241
-		} else {
242
-			$Error = true;
243
-		}
244
-
245
-		// If the hostnames doesn't match or there is some failure, we try to check remotely
246
-		if ($Error) {
247
-			$Error = !$this->check_credentials($aCommand[2], $aCommand[1], $aCommand[3], true);
248
-		}
249
-
250
-		if ($Error) {
251
-			$this->writeLog(LOG_WARNING, "authentification failed for user ".$sUser."@". $aCommand[2]);
252
-			fwrite(STDOUT, pack("nn", 2, 0));
253
-		} else {
254
-			$this->writeLog(LOG_NOTICE, "authentificated user ".$sUser."@".$aCommand[2]);
255
-			fwrite(STDOUT, pack("nn", 2, 1));
256
-		}
257
-	}
258
-
259
-	/**
260
-	 * @brief Check remote credentials via HTTP(S)
261
-	 *
262
-	 * @param string $host The hostname
263
-	 * @param string $user Username
264
-	 * @param string $password Password
265
-	 * @param boolean $ssl Should the check be done via SSL?
266
-	 *
267
-	 * @return boolean Are the credentials okay?
268
-	 */
269
-	private function check_credentials($host, $user, $password, $ssl) {
270
-		$url = ($ssl ? "https":"http")."://".$host."/api/account/verify_credentials.json";
271
-
272
-		$ch = curl_init();
273
-		curl_setopt($ch, CURLOPT_URL, $url);
274
-		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
275
-		curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
276
-		curl_setopt($ch, CURLOPT_HEADER, true);
277
-		curl_setopt($ch, CURLOPT_NOBODY, true);
278
-		curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
279
-		curl_setopt($ch, CURLOPT_USERPWD, $user.':'.$password);
280
-
281
-		$header = curl_exec($ch);
282
-		$curl_info = @curl_getinfo($ch);
283
-		$http_code = $curl_info["http_code"];
284
-		curl_close($ch);
285
-
286
-		$this->writeLog(LOG_INFO, "external auth for ".$user."@".$host." returned ".$http_code);
287
-
288
-		return ($http_code == 200);
289
-	}
290
-
291
-	/**
292
-	 * @brief write data to the syslog
293
-	 *
294
-	 * @param integer $loglevel The syslog loglevel
295
-	 * @param string $sMessage The syslog message
296
-	 */
297
-	private function writeLog($loglevel, $sMessage) {
298
-		if (!$this->bDebug && ($loglevel >= LOG_DEBUG)) {
299
-			return;
300
-		}
301
-		syslog($loglevel, $sMessage);
302
-	}
303
-
304
-	/**
305
-	 * @brief destroy the class, close the syslog connection.
306
-	 */
307
-	public function __destruct() {
308
-		$this->writeLog(LOG_NOTICE, "stop");
309
-		closelog();
310
-	}
311
-}
63
+$oAuth->readStdin();

+ 304
- 0
src/Util/ExAuth.php View File

@@ -0,0 +1,304 @@
1
+<?php
2
+
3
+/*
4
+ * ejabberd extauth script for the integration with friendica
5
+ *
6
+ * Originally written for joomla by Dalibor Karlovic <dado@krizevci.info>
7
+ * modified for Friendica by Michael Vogel <icarus@dabo.de>
8
+ * published under GPL
9
+ *
10
+ * Latest version of the original script for joomla is available at:
11
+ * http://87.230.15.86/~dado/ejabberd/joomla-login
12
+ *
13
+ * Installation:
14
+ *
15
+ * 	- Change it's owner to whichever user is running the server, ie. ejabberd
16
+ * 	  $ chown ejabberd:ejabberd /path/to/friendica/scripts/auth_ejabberd.php
17
+ *
18
+ * 	- Change the access mode so it is readable only to the user ejabberd and has exec
19
+ * 	  $ chmod 700 /path/to/friendica/scripts/auth_ejabberd.php
20
+ *
21
+ * 	- Edit your ejabberd.cfg file, comment out your auth_method and add:
22
+ * 	  {auth_method, external}.
23
+ * 	  {extauth_program, "/path/to/friendica/script/auth_ejabberd.php"}.
24
+ *
25
+ * 	- Restart your ejabberd service, you should be able to login with your friendica auth info
26
+ *
27
+ * Other hints:
28
+ * 	- if your users have a space or a @ in their nickname, they'll run into trouble
29
+ * 	  registering with any client so they should be instructed to replace these chars
30
+ * 	  " " (space) is replaced with "%20"
31
+ * 	  "@" is replaced with "(a)"
32
+ *
33
+ */
34
+
35
+namespace Friendica\Util;
36
+
37
+use Friendica\Core\Config;
38
+use Friendica\Core\PConfig;
39
+use Friendica\Database\DBM;
40
+
41
+require_once 'include/dba.php';
42
+
43
+class ExAuth
44
+{
45
+	private $bDebug;
46
+
47
+	/**
48
+	 * @brief Create the class
49
+	 *
50
+	 * @param boolean $bDebug Debug mode
51
+	 */
52
+	public function __construct()
53
+	{
54
+		$this->bDebug = (int) Config::get('jabber', 'debug');
55
+
56
+		openlog('auth_ejabberd', LOG_PID, LOG_USER);
57
+
58
+		$this->writeLog(LOG_NOTICE, 'start');
59
+	}
60
+
61
+	/**
62
+	 * @brief Standard input reading function, executes the auth with the provided
63
+	 * parameters
64
+	 *
65
+	 * @return null
66
+	 */
67
+	public function readStdin()
68
+	{
69
+		while (!feof(STDIN)) {
70
+			// Quit if the database connection went down
71
+			if (!dba::connected()) {
72
+				$this->writeLog(LOG_ERR, 'the database connection went down');
73
+				return;
74
+			}
75
+
76
+			$iHeader = fgets(STDIN, 3);
77
+			$aLength = unpack('n', $iHeader);
78
+			$iLength = $aLength['1'];
79
+
80
+			// No data? Then quit
81
+			if ($iLength == 0) {
82
+				$this->writeLog(LOG_ERR, 'we got no data, quitting');
83
+				return;
84
+			}
85
+
86
+			// Fetching the data
87
+			$sData = fgets(STDIN, $iLength + 1);
88
+			$this->writeLog(LOG_DEBUG, 'received data: ' . $sData);
89
+			$aCommand = explode(':', $sData);
90
+			if (is_array($aCommand)) {
91
+				switch ($aCommand[0]) {
92
+					case 'isuser':
93
+						// Check the existance of a given username
94
+						$this->isUser($aCommand);
95
+						break;
96
+					case 'auth':
97
+						// Check if the givven password is correct
98
+						$this->auth($aCommand);
99
+						break;
100
+					case 'setpass':
101
+						// We don't accept the setting of passwords here
102
+						$this->writeLog(LOG_NOTICE, 'setpass command disabled');
103
+						fwrite(STDOUT, pack('nn', 2, 0));
104
+						break;
105
+					default:
106
+						// We don't know the given command
107
+						$this->writeLog(LOG_NOTICE, 'unknown command ' . $aCommand[0]);
108
+						fwrite(STDOUT, pack('nn', 2, 0));
109
+						break;
110
+				}
111
+			} else {
112
+				$this->writeLog(LOG_NOTICE, 'invalid command string ' . $sData);
113
+				fwrite(STDOUT, pack('nn', 2, 0));
114
+			}
115
+		}
116
+	}
117
+
118
+	/**
119
+	 * @brief Check if the given username exists
120
+	 *
121
+	 * @param array $aCommand The command array
122
+	 */
123
+	private function isUser(array $aCommand)
124
+	{
125
+		$a = get_app();
126
+
127
+		// Check if there is a username
128
+		if (!isset($aCommand[1])) {
129
+			$this->writeLog(LOG_NOTICE, 'invalid isuser command, no username given');
130
+			fwrite(STDOUT, pack('nn', 2, 0));
131
+			return;
132
+		}
133
+
134
+		// Now we check if the given user is valid
135
+		$sUser = str_replace(array('%20', '(a)'), array(' ', '@'), $aCommand[1]);
136
+
137
+		// Does the hostname match? So we try directly
138
+		if ($a->get_hostname() == $aCommand[2]) {
139
+			$this->writeLog(LOG_INFO, 'internal user check for ' . $sUser . '@' . $aCommand[2]);
140
+			$found = dba::exists('user', ['nickname' => $sUser]);
141
+		} else {
142
+			$found = false;
143
+		}
144
+
145
+		// If the hostnames doesn't match or there is some failure, we try to check remotely
146
+		if (!$found) {
147
+			$found = $this->checkUser($aCommand[2], $aCommand[1], true);
148
+		}
149
+
150
+		if ($found) {
151
+			// The user is okay
152
+			$this->writeLog(LOG_NOTICE, 'valid user: ' . $sUser);
153
+			fwrite(STDOUT, pack('nn', 2, 1));
154
+		} else {
155
+			// The user isn't okay
156
+			$this->writeLog(LOG_WARNING, 'invalid user: ' . $sUser);
157
+			fwrite(STDOUT, pack('nn', 2, 0));
158
+		}
159
+	}
160
+
161
+	/**
162
+	 * @brief Check remote user existance via HTTP(S)
163
+	 *
164
+	 * @param string $host The hostname
165
+	 * @param string $user Username
166
+	 * @param boolean $ssl Should the check be done via SSL?
167
+	 *
168
+	 * @return boolean Was the user found?
169
+	 */
170
+	private function checkUser($host, $user, $ssl)
171
+	{
172
+		$this->writeLog(LOG_INFO, 'external user check for ' . $user . '@' . $host);
173
+
174
+		$url = ($ssl ? 'https' : 'http') . '://' . $host . '/noscrape/' . $user;
175
+
176
+		$data = z_fetch_url($url);
177
+
178
+		if (!is_array($data)) {
179
+			return false;
180
+		}
181
+
182
+		if ($data['return_code'] != '200') {
183
+			return false;
184
+		}
185
+
186
+		$json = @json_decode($data['body']);
187
+		if (!is_object($json)) {
188
+			return false;
189
+		}
190
+
191
+		return $json->nick == $user;
192
+	}
193
+
194
+	/**
195
+	 * @brief Authenticate the given user and password
196
+	 *
197
+	 * @param array $aCommand The command array
198
+	 */
199
+	private function auth(array $aCommand)
200
+	{
201
+		$a = get_app();
202
+
203
+		// check user authentication
204
+		if (sizeof($aCommand) != 4) {
205
+			$this->writeLog(LOG_NOTICE, 'invalid auth command, data missing');
206
+			fwrite(STDOUT, pack('nn', 2, 0));
207
+			return;
208
+		}
209
+
210
+		// We now check if the password match
211
+		$sUser = str_replace(array('%20', '(a)'), array(' ', '@'), $aCommand[1]);
212
+
213
+		// Does the hostname match? So we try directly
214
+		if ($a->get_hostname() == $aCommand[2]) {
215
+			$this->writeLog(LOG_INFO, 'internal auth for ' . $sUser . '@' . $aCommand[2]);
216
+
217
+			$aUser = dba::select('user', ['uid', 'password'], ['nickname' => $sUser], ['limit' => 1]);
218
+			if (DBM::is_result($aUser)) {
219
+				$uid = $aUser['uid'];
220
+				$Error = $aUser['password'] != hash('whirlpool', $aCommand[3]);
221
+			} else {
222
+				$this->writeLog(LOG_WARNING, 'user not found: ' . $sUser);
223
+				$Error = true;
224
+				$uid = -1;
225
+			}
226
+			if ($Error) {
227
+				$this->writeLog(LOG_INFO, 'check against alternate password for ' . $sUser . '@' . $aCommand[2]);
228
+				$sPassword = PConfig::get($uid, 'xmpp', 'password');
229
+				$Error = ($aCommand[3] != $sPassword);
230
+			}
231
+		} else {
232
+			$Error = true;
233
+		}
234
+
235
+		// If the hostnames doesn't match or there is some failure, we try to check remotely
236
+		if ($Error) {
237
+			$Error = !$this->checkCredentials($aCommand[2], $aCommand[1], $aCommand[3], true);
238
+		}
239
+
240
+		if ($Error) {
241
+			$this->writeLog(LOG_WARNING, 'authentification failed for user ' . $sUser . '@' . $aCommand[2]);
242
+			fwrite(STDOUT, pack('nn', 2, 0));
243
+		} else {
244
+			$this->writeLog(LOG_NOTICE, 'authentificated user ' . $sUser . '@' . $aCommand[2]);
245
+			fwrite(STDOUT, pack('nn', 2, 1));
246
+		}
247
+	}
248
+
249
+	/**
250
+	 * @brief Check remote credentials via HTTP(S)
251
+	 *
252
+	 * @param string $host The hostname
253
+	 * @param string $user Username
254
+	 * @param string $password Password
255
+	 * @param boolean $ssl Should the check be done via SSL?
256
+	 *
257
+	 * @return boolean Are the credentials okay?
258
+	 */
259
+	private function checkCredentials($host, $user, $password, $ssl)
260
+	{
261
+		$url = ($ssl ? 'https' : 'http') . '://' . $host . '/api/account/verify_credentials.json';
262
+
263
+		$ch = curl_init();
264
+		curl_setopt($ch, CURLOPT_URL, $url);
265
+		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
266
+		curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
267
+		curl_setopt($ch, CURLOPT_HEADER, true);
268
+		curl_setopt($ch, CURLOPT_NOBODY, true);
269
+		curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
270
+		curl_setopt($ch, CURLOPT_USERPWD, $user . ':' . $password);
271
+
272
+		curl_exec($ch);
273
+		$curl_info = @curl_getinfo($ch);
274
+		$http_code = $curl_info['http_code'];
275
+		curl_close($ch);
276
+
277
+		$this->writeLog(LOG_INFO, 'external auth for ' . $user . '@' . $host . ' returned ' . $http_code);
278
+
279
+		return $http_code == 200;
280
+	}
281
+
282
+	/**
283
+	 * @brief write data to the syslog
284
+	 *
285
+	 * @param integer $loglevel The syslog loglevel
286
+	 * @param string $sMessage The syslog message
287
+	 */
288
+	private function writeLog($loglevel, $sMessage)
289
+	{
290
+		if (!$this->bDebug && ($loglevel >= LOG_DEBUG)) {
291
+			return;
292
+		}
293
+		syslog($loglevel, $sMessage);
294
+	}
295
+
296
+	/**
297
+	 * @brief destroy the class, close the syslog connection.
298
+	 */
299
+	public function __destruct()
300
+	{
301
+		$this->writeLog(LOG_NOTICE, 'stop');
302
+		closelog();
303
+	}
304
+}

Loading…
Cancel
Save