ILIAS  Release_5_0_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
Auth_RADIUS Class Reference
+ Inheritance diagram for Auth_RADIUS:
+ Collaboration diagram for Auth_RADIUS:

Public Member Functions

 Auth_RADIUS ()
 Constructor.
 addServer ($servername= 'localhost', $port=0, $sharedSecret= 'testing123', $timeout=3, $maxtries=3)
 Adds a RADIUS server to the list of servers for requests.
 getError ()
 Returns an error message, if an error occurred.
 setConfigfile ($file)
 Sets the configuration-file.
 putAttribute ($attrib, $value, $type=null)
 Puts an attribute.
 putVendorAttribute ($vendor, $attrib, $value, $type=null)
 Puts a vendor-specific attribute.
 dumpAttributes ()
 Prints known attributes received from the server.
 open ()
 Overwrite this.
 createRequest ()
 Overwrite this.
 putStandardAttributes ()
 Puts standard attributes.
 putAuthAttributes ()
 Puts custom attributes.
 putServer ($servername, $port=0, $sharedsecret= 'testing123', $timeout=3, $maxtries=3)
 Configures the radius library.
 putConfigfile ($file)
 Configures the radius library via external configurationfile.
 start ()
 Initiates a RADIUS request.
 send ()
 Sends a prepared RADIUS request and waits for a response.
 getAttributes ()
 Reads all received attributes after sending the request.
 close ()
 Frees resources.
- Public Member Functions inherited from PEAR
 PEAR ($error_class=null)
 Constructor.
 _PEAR ()
 Destructor (the emulated type of...).
getStaticProperty ($class, $var)
 If you have a class that's mostly/entirely static, and you need static properties, you can use this method to simulate them.
 registerShutdownFunc ($func, $args=array())
 Use this function to register a shutdown method for static classes.
 isError ($data, $code=null)
 Tell whether a value is a PEAR error.
 setErrorHandling ($mode=null, $options=null)
 Sets how errors generated by this object should be handled.
 expectError ($code= '*')
 This method is used to tell which errors you expect to get.
 popExpect ()
 This method pops one element off the expected error codes stack.
 _checkDelExpect ($error_code)
 This method checks unsets an error code if available.
 delExpect ($error_code)
 This method deletes all occurences of the specified element from the expected error codes stack.
raiseError ($message=null, $code=null, $mode=null, $options=null, $userinfo=null, $error_class=null, $skipmsg=false)
 This method is a wrapper that returns an instance of the configured error class with this object's default error handling applied.
throwError ($message=null, $code=null, $userinfo=null)
 Simpler form of raiseError with fewer options.
 staticPushErrorHandling ($mode, $options=null)
 staticPopErrorHandling ()
 pushErrorHandling ($mode, $options=null)
 Push a new error handler on top of the error handler options stack.
 popErrorHandling ()
 Pop the last error handler used.
 loadExtension ($ext)
 OS independant PHP extension load.

Data Fields

 $_servers = array()
 $_configfile = null
 $res = null
 $username = null
 $password = null
 $attributes = array()
 $rawAttributes = array()
 $rawVendorAttributes = array()
 $useStandardAttributes = true
- Data Fields inherited from PEAR
 $_debug = false
 $_default_error_mode = null
 $_default_error_options = null
 $_default_error_handler = ''
 $_error_class = 'PEAR_Error'
 $_expected_errors = array()

Detailed Description

Definition at line 58 of file RADIUS.php.

Member Function Documentation

Auth_RADIUS::addServer (   $servername = 'localhost',
  $port = 0,
  $sharedSecret = 'testing123',
  $timeout = 3,
  $maxtries = 3 
)

Adds a RADIUS server to the list of servers for requests.

At most 10 servers may be specified. When multiple servers are given, they are tried in round-robin fashion until a valid response is received

public

Parameters
string$servernameServername or IP-Address
integer$portPortnumber
string$sharedSecretShared secret
integer$timeoutTimeout for each request
integer$maxtriesMax. retries for each request
Returns
void

Definition at line 148 of file RADIUS.php.

{
$this->_servers[] = array($servername, $port, $sharedSecret, $timeout, $maxtries);
}
Auth_RADIUS::Auth_RADIUS ( )

Constructor.

Loads the RADIUS PECL/extension

Returns
void

Definition at line 128 of file RADIUS.php.

References PEAR\PEAR().

Referenced by Auth_RADIUS_Acct\Auth_RADIUS_Acct(), and Auth_RADIUS_PAP\Auth_RADIUS_PAP().

{
$this->PEAR();
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

Auth_RADIUS::close ( )

Frees resources.

Calling this method is always a good idea, because all security relevant attributes are filled with Nullbytes to leave nothing in the mem.

public

Reimplemented in Auth_RADIUS_MSCHAPv2, and Auth_RADIUS_CHAP_MD5.

Definition at line 549 of file RADIUS.php.

{
if ($this->res != null) {
radius_close($this->res);
$this->res = null;
}
$this->username = str_repeat("\0", strlen($this->username));
$this->password = str_repeat("\0", strlen($this->password));
}
Auth_RADIUS::createRequest ( )

Overwrite this.

public

Reimplemented in Auth_RADIUS_Acct, and Auth_RADIUS_PAP.

Definition at line 264 of file RADIUS.php.

Referenced by start().

{
}

+ Here is the caller graph for this function:

Auth_RADIUS::dumpAttributes ( )

Prints known attributes received from the server.

public

Definition at line 243 of file RADIUS.php.

{
foreach ($this->attributes as $name => $data) {
echo "$name:$data<br>\n";
}
}
Auth_RADIUS::getAttributes ( )

Reads all received attributes after sending the request.

This methods stores known attributes in the property attributes, all attributes (including known attibutes) are stored in rawAttributes or rawVendorAttributes. NOTE: call this function also even if the request was rejected, because the Server returns usualy an errormessage

public

Returns
bool true on success, false on error

Definition at line 416 of file RADIUS.php.

References $attrib.

{
while ($attrib = radius_get_attr($this->res)) {
if (!is_array($attrib)) {
return false;
}
$attr = $attrib['attr'];
$data = $attrib['data'];
$this->rawAttributes[$attr] = $data;
switch ($attr) {
case RADIUS_FRAMED_IP_ADDRESS:
$this->attributes['framed_ip'] = radius_cvt_addr($data);
break;
case RADIUS_FRAMED_IP_NETMASK:
$this->attributes['framed_mask'] = radius_cvt_addr($data);
break;
case RADIUS_FRAMED_MTU:
$this->attributes['framed_mtu'] = radius_cvt_int($data);
break;
case RADIUS_FRAMED_COMPRESSION:
$this->attributes['framed_compression'] = radius_cvt_int($data);
break;
case RADIUS_SESSION_TIMEOUT:
$this->attributes['session_timeout'] = radius_cvt_int($data);
break;
case RADIUS_IDLE_TIMEOUT:
$this->attributes['idle_timeout'] = radius_cvt_int($data);
break;
case RADIUS_SERVICE_TYPE:
$this->attributes['service_type'] = radius_cvt_int($data);
break;
case RADIUS_CLASS:
$this->attributes['class'] = radius_cvt_string($data);
break;
case RADIUS_FRAMED_PROTOCOL:
$this->attributes['framed_protocol'] = radius_cvt_int($data);
break;
case RADIUS_FRAMED_ROUTING:
$this->attributes['framed_routing'] = radius_cvt_int($data);
break;
case RADIUS_FILTER_ID:
$this->attributes['filter_id'] = radius_cvt_string($data);
break;
case RADIUS_REPLY_MESSAGE:
$this->attributes['reply_message'] = radius_cvt_string($data);
break;
case RADIUS_VENDOR_SPECIFIC:
$attribv = radius_get_vendor_attr($data);
if (!is_array($attribv)) {
return false;
}
$vendor = $attribv['vendor'];
$attrv = $attribv['attr'];
$datav = $attribv['data'];
$this->rawVendorAttributes[$vendor][$attrv] = $datav;
if ($vendor == RADIUS_VENDOR_MICROSOFT) {
switch ($attrv) {
case RADIUS_MICROSOFT_MS_CHAP2_SUCCESS:
$this->attributes['ms_chap2_success'] = radius_cvt_string($datav);
break;
case RADIUS_MICROSOFT_MS_CHAP_ERROR:
$this->attributes['ms_chap_error'] = radius_cvt_string(substr($datav,1));
break;
case RADIUS_MICROSOFT_MS_CHAP_DOMAIN:
$this->attributes['ms_chap_domain'] = radius_cvt_string($datav);
break;
case RADIUS_MICROSOFT_MS_MPPE_ENCRYPTION_POLICY:
$this->attributes['ms_mppe_encryption_policy'] = radius_cvt_int($datav);
break;
case RADIUS_MICROSOFT_MS_MPPE_ENCRYPTION_TYPES:
$this->attributes['ms_mppe_encryption_types'] = radius_cvt_int($datav);
break;
case RADIUS_MICROSOFT_MS_CHAP_MPPE_KEYS:
$demangled = radius_demangle($this->res, $datav);
$this->attributes['ms_chap_mppe_lm_key'] = substr($demangled, 0, 8);
$this->attributes['ms_chap_mppe_nt_key'] = substr($demangled, 8, RADIUS_MPPE_KEY_LEN);
break;
case RADIUS_MICROSOFT_MS_MPPE_SEND_KEY:
$this->attributes['ms_chap_mppe_send_key'] = radius_demangle_mppe_key($this->res, $datav);
break;
case RADIUS_MICROSOFT_MS_MPPE_RECV_KEY:
$this->attributes['ms_chap_mppe_recv_key'] = radius_demangle_mppe_key($this->res, $datav);
break;
case RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER:
$this->attributes['ms_primary_dns_server'] = radius_cvt_string($datav);
break;
}
}
break;
}
}
return true;
}
Auth_RADIUS::getError ( )

Returns an error message, if an error occurred.

public

Returns
string

Definition at line 159 of file RADIUS.php.

Referenced by send().

{
return radius_strerror($this->res);
}

+ Here is the caller graph for this function:

Auth_RADIUS::open ( )

Overwrite this.

public

Reimplemented in Auth_RADIUS_Acct, and Auth_RADIUS_PAP.

Definition at line 255 of file RADIUS.php.

Referenced by start().

{
}

+ Here is the caller graph for this function:

Auth_RADIUS::putAttribute (   $attrib,
  $value,
  $type = null 
)

Puts an attribute.

public

Parameters
integer$attribAttribute-number
mixed$portAttribute-value
type$typeAttribute-type
Returns
bool true on success, false on error

Definition at line 185 of file RADIUS.php.

References $attrib.

Referenced by putAuthAttributes(), Auth_RADIUS_PAP\putAuthAttributes(), Auth_RADIUS_CHAP_MD5\putAuthAttributes(), Auth_RADIUS_MSCHAPv1\putAuthAttributes(), Auth_RADIUS_MSCHAPv2\putAuthAttributes(), Auth_RADIUS_Acct\putAuthAttributes(), and putStandardAttributes().

{
if ($type == null) {
$type = gettype($value);
}
switch ($type) {
case 'integer':
case 'double':
return radius_put_int($this->res, $attrib, $value);
case 'addr':
return radius_put_addr($this->res, $attrib, $value);
case 'string':
default:
return radius_put_attr($this->res, $attrib, $value);
}
}

+ Here is the caller graph for this function:

Auth_RADIUS::putAuthAttributes ( )

Puts custom attributes.

public

Reimplemented in Auth_RADIUS_Acct, Auth_RADIUS_MSCHAPv2, Auth_RADIUS_MSCHAPv1, Auth_RADIUS_CHAP_MD5, and Auth_RADIUS_PAP.

Definition at line 296 of file RADIUS.php.

References putAttribute().

Referenced by start().

{
if (isset($this->username)) {
$this->putAttribute(RADIUS_USER_NAME, $this->username);
}
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

Auth_RADIUS::putConfigfile (   $file)

Configures the radius library via external configurationfile.

public

Parameters
string$servernameServername or IP-Address
Returns
bool true on success, false on error

Definition at line 330 of file RADIUS.php.

References $file.

Referenced by start().

{
if (!radius_config($this->res, $file)) {
return false;
}
return true;
}

+ Here is the caller graph for this function:

Auth_RADIUS::putServer (   $servername,
  $port = 0,
  $sharedsecret = 'testing123',
  $timeout = 3,
  $maxtries = 3 
)

Configures the radius library.

public

Parameters
string$servernameServername or IP-Address
integer$portPortnumber
string$sharedSecretShared secret
integer$timeoutTimeout for each request
integer$maxtriesMax. retries for each request
Returns
bool true on success, false on error
See Also
addServer()

Definition at line 315 of file RADIUS.php.

Referenced by start().

{
if (!radius_add_server($this->res, $servername, $port, $sharedsecret, $timeout, $maxtries)) {
return false;
}
return true;
}

+ Here is the caller graph for this function:

Auth_RADIUS::putStandardAttributes ( )

Puts standard attributes.

public

Definition at line 273 of file RADIUS.php.

References $GLOBALS, and putAttribute().

Referenced by start().

{
if (!$this->useStandardAttributes)
return;
if (isset($_SERVER)) {
$var = &$_SERVER;
} else {
$var = &$GLOBALS['HTTP_SERVER_VARS'];
}
$this->putAttribute(RADIUS_NAS_IDENTIFIER, isset($var['HTTP_HOST']) ? $var['HTTP_HOST'] : 'localhost');
$this->putAttribute(RADIUS_NAS_PORT_TYPE, RADIUS_VIRTUAL);
$this->putAttribute(RADIUS_SERVICE_TYPE, RADIUS_FRAMED);
$this->putAttribute(RADIUS_FRAMED_PROTOCOL, RADIUS_PPP);
$this->putAttribute(RADIUS_CALLING_STATION_ID, isset($var['REMOTE_HOST']) ? $var['REMOTE_HOST'] : '127.0.0.1');
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

Auth_RADIUS::putVendorAttribute (   $vendor,
  $attrib,
  $value,
  $type = null 
)

Puts a vendor-specific attribute.

public

Parameters
integer$vendorVendor (MSoft, Cisco, ...)
integer$attribAttribute-number
mixed$portAttribute-value
type$typeAttribute-type
Returns
bool true on success, false on error

Definition at line 216 of file RADIUS.php.

References $attrib.

Referenced by Auth_RADIUS_MSCHAPv1\putAuthAttributes(), and Auth_RADIUS_MSCHAPv2\putAuthAttributes().

{
if ($type == null) {
$type = gettype($value);
}
switch ($type) {
case 'integer':
case 'double':
return radius_put_vendor_int($this->res, $vendor, $attrib, $value);
case 'addr':
return radius_put_vendor_addr($this->res, $vendor,$attrib, $value);
case 'string':
default:
return radius_put_vendor_attr($this->res, $vendor, $attrib, $value);
}
}

+ Here is the caller graph for this function:

Auth_RADIUS::send ( )

Sends a prepared RADIUS request and waits for a response.

public

Returns
mixed true on success, false on reject, PEAR_Error on error

Definition at line 375 of file RADIUS.php.

References getError(), and PEAR\raiseError().

{
$req = radius_send_request($this->res);
if (!$req) {
return $this->raiseError('Error sending request: ' . $this->getError());
}
switch($req) {
case RADIUS_ACCESS_ACCEPT:
if (is_subclass_of($this, 'auth_radius_acct')) {
return $this->raiseError('RADIUS_ACCESS_ACCEPT is unexpected for accounting');
}
return true;
case RADIUS_ACCESS_REJECT:
return false;
case RADIUS_ACCOUNTING_RESPONSE:
if (is_subclass_of($this, 'auth_radius_pap')) {
return $this->raiseError('RADIUS_ACCOUNTING_RESPONSE is unexpected for authentication');
}
return true;
default:
return $this->raiseError("Unexpected return value: $req");
}
}

+ Here is the call graph for this function:

Auth_RADIUS::setConfigfile (   $file)

Sets the configuration-file.

public

Parameters
string$filePath to the configuration file
Returns
void

Definition at line 171 of file RADIUS.php.

References $file.

{
$this->_configfile = $file;
}
Auth_RADIUS::start ( )

Initiates a RADIUS request.

public

Returns
bool true on success, false on errors

Definition at line 344 of file RADIUS.php.

References createRequest(), open(), putAuthAttributes(), putConfigfile(), putServer(), and putStandardAttributes().

{
if (!$this->open()) {
return false;
}
foreach ($this->_servers as $s) {
// Servername, port, sharedsecret, timeout, retries
if (!$this->putServer($s[0], $s[1], $s[2], $s[3], $s[4])) {
return false;
}
}
if (!empty($this->_configfile)) {
if (!$this->putConfigfile($this->_configfile)) {
return false;
}
}
$this->createRequest();
return true;
}

+ Here is the call graph for this function:

Field Documentation

Auth_RADIUS::$_configfile = null

Definition at line 72 of file RADIUS.php.

Auth_RADIUS::$_servers = array()

Definition at line 65 of file RADIUS.php.

Auth_RADIUS::$attributes = array()

Definition at line 98 of file RADIUS.php.

Auth_RADIUS::$password = null

Definition at line 91 of file RADIUS.php.

Referenced by Auth_RADIUS_PAP\Auth_RADIUS_PAP().

Auth_RADIUS::$rawAttributes = array()

Definition at line 105 of file RADIUS.php.

Auth_RADIUS::$rawVendorAttributes = array()

Definition at line 112 of file RADIUS.php.

Auth_RADIUS::$res = null

Definition at line 79 of file RADIUS.php.

Auth_RADIUS::$username = null
Auth_RADIUS::$useStandardAttributes = true

Definition at line 119 of file RADIUS.php.


The documentation for this class was generated from the following file: