36 require_once
'PEAR.php';
148 function addServer($servername =
'localhost', $port = 0, $sharedSecret =
'testing123', $timeout = 3, $maxtries = 3)
150 $this->_servers[] = array($servername, $port, $sharedSecret, $timeout, $maxtries);
161 return radius_strerror($this->res);
173 $this->_configfile =
$file;
188 $type = gettype($value);
194 return radius_put_int($this->res,
$attrib, $value);
197 return radius_put_addr($this->res,
$attrib, $value);
201 return radius_put_attr($this->res,
$attrib, $value);
220 $type = gettype($value);
226 return radius_put_vendor_int($this->res, $vendor,
$attrib, $value);
229 return radius_put_vendor_addr($this->res, $vendor,
$attrib, $value);
233 return radius_put_vendor_attr($this->res, $vendor,
$attrib, $value);
245 foreach ($this->attributes as $name =>
$data) {
246 echo
"$name:$data<br>\n";
275 if (!$this->useStandardAttributes)
278 if (isset($_SERVER)) {
281 $var = &
$GLOBALS[
'HTTP_SERVER_VARS'];
284 $this->
putAttribute(RADIUS_NAS_IDENTIFIER, isset($var[
'HTTP_HOST']) ? $var[
'HTTP_HOST'] :
'localhost');
285 $this->
putAttribute(RADIUS_NAS_PORT_TYPE, RADIUS_VIRTUAL);
286 $this->
putAttribute(RADIUS_SERVICE_TYPE, RADIUS_FRAMED);
287 $this->
putAttribute(RADIUS_FRAMED_PROTOCOL, RADIUS_PPP);
288 $this->
putAttribute(RADIUS_CALLING_STATION_ID, isset($var[
'REMOTE_HOST']) ? $var[
'REMOTE_HOST'] :
'127.0.0.1');
298 if (isset($this->username)) {
315 function putServer($servername, $port = 0, $sharedsecret =
'testing123', $timeout = 3, $maxtries = 3)
317 if (!radius_add_server($this->res, $servername, $port, $sharedsecret, $timeout, $maxtries)) {
332 if (!radius_config($this->res,
$file)) {
346 if (!$this->
open()) {
350 foreach ($this->_servers as $s) {
352 if (!$this->
putServer($s[0], $s[1], $s[2], $s[3], $s[4])) {
357 if (!empty($this->_configfile)) {
377 $req = radius_send_request($this->res);
383 case RADIUS_ACCESS_ACCEPT:
384 if (is_subclass_of($this,
'auth_radius_acct')) {
385 return $this->
raiseError(
'RADIUS_ACCESS_ACCEPT is unexpected for accounting');
389 case RADIUS_ACCESS_REJECT:
392 case RADIUS_ACCOUNTING_RESPONSE:
393 if (is_subclass_of($this,
'auth_radius_pap')) {
394 return $this->
raiseError(
'RADIUS_ACCOUNTING_RESPONSE is unexpected for authentication');
399 return $this->
raiseError(
"Unexpected return value: $req");
419 while (
$attrib = radius_get_attr($this->res)) {
428 $this->rawAttributes[$attr] =
$data;
431 case RADIUS_FRAMED_IP_ADDRESS:
432 $this->attributes[
'framed_ip'] = radius_cvt_addr(
$data);
435 case RADIUS_FRAMED_IP_NETMASK:
436 $this->attributes[
'framed_mask'] = radius_cvt_addr(
$data);
439 case RADIUS_FRAMED_MTU:
440 $this->attributes[
'framed_mtu'] = radius_cvt_int(
$data);
443 case RADIUS_FRAMED_COMPRESSION:
444 $this->attributes[
'framed_compression'] = radius_cvt_int(
$data);
447 case RADIUS_SESSION_TIMEOUT:
448 $this->attributes[
'session_timeout'] = radius_cvt_int(
$data);
451 case RADIUS_IDLE_TIMEOUT:
452 $this->attributes[
'idle_timeout'] = radius_cvt_int(
$data);
455 case RADIUS_SERVICE_TYPE:
456 $this->attributes[
'service_type'] = radius_cvt_int(
$data);
460 $this->attributes[
'class'] = radius_cvt_string(
$data);
463 case RADIUS_FRAMED_PROTOCOL:
464 $this->attributes[
'framed_protocol'] = radius_cvt_int(
$data);
467 case RADIUS_FRAMED_ROUTING:
468 $this->attributes[
'framed_routing'] = radius_cvt_int(
$data);
471 case RADIUS_FILTER_ID:
472 $this->attributes[
'filter_id'] = radius_cvt_string(
$data);
475 case RADIUS_REPLY_MESSAGE:
476 $this->attributes[
'reply_message'] = radius_cvt_string(
$data);
479 case RADIUS_VENDOR_SPECIFIC:
480 $attribv = radius_get_vendor_attr(
$data);
481 if (!is_array($attribv)) {
485 $vendor = $attribv[
'vendor'];
486 $attrv = $attribv[
'attr'];
487 $datav = $attribv[
'data'];
489 $this->rawVendorAttributes[$vendor][$attrv] = $datav;
491 if ($vendor == RADIUS_VENDOR_MICROSOFT) {
494 case RADIUS_MICROSOFT_MS_CHAP2_SUCCESS:
495 $this->attributes[
'ms_chap2_success'] = radius_cvt_string($datav);
498 case RADIUS_MICROSOFT_MS_CHAP_ERROR:
499 $this->attributes[
'ms_chap_error'] = radius_cvt_string(substr($datav,1));
502 case RADIUS_MICROSOFT_MS_CHAP_DOMAIN:
503 $this->attributes[
'ms_chap_domain'] = radius_cvt_string($datav);
506 case RADIUS_MICROSOFT_MS_MPPE_ENCRYPTION_POLICY:
507 $this->attributes[
'ms_mppe_encryption_policy'] = radius_cvt_int($datav);
510 case RADIUS_MICROSOFT_MS_MPPE_ENCRYPTION_TYPES:
511 $this->attributes[
'ms_mppe_encryption_types'] = radius_cvt_int($datav);
514 case RADIUS_MICROSOFT_MS_CHAP_MPPE_KEYS:
515 $demangled = radius_demangle($this->res, $datav);
516 $this->attributes[
'ms_chap_mppe_lm_key'] = substr($demangled, 0, 8);
517 $this->attributes[
'ms_chap_mppe_nt_key'] = substr($demangled, 8, RADIUS_MPPE_KEY_LEN);
520 case RADIUS_MICROSOFT_MS_MPPE_SEND_KEY:
521 $this->attributes[
'ms_chap_mppe_send_key'] = radius_demangle_mppe_key($this->res, $datav);
524 case RADIUS_MICROSOFT_MS_MPPE_RECV_KEY:
525 $this->attributes[
'ms_chap_mppe_recv_key'] = radius_demangle_mppe_key($this->res, $datav);
528 case RADIUS_MICROSOFT_MS_PRIMARY_DNS_SERVER:
529 $this->attributes[
'ms_primary_dns_server'] = radius_cvt_string($datav);
551 if ($this->res != null) {
552 radius_close($this->res);
555 $this->username = str_repeat(
"\0", strlen($this->username));
556 $this->password = str_repeat(
"\0", strlen($this->password));
595 $this->res = radius_auth_open();
612 if (!radius_create_request($this->res, RADIUS_ACCESS_REQUEST)) {
625 if (isset($this->username)) {
628 if (isset($this->password)) {
629 $this->
putAttribute(RADIUS_USER_PASSWORD, $this->password);
690 if (isset($this->username)) {
693 if (isset($this->response)) {
697 if (isset($this->challenge)) {
698 $this->
putAttribute(RADIUS_CHAP_CHALLENGE, $this->challenge);
713 $this->challenge = str_repeat(
"\0", strlen($this->challenge));
714 $this->response = str_repeat(
"\0", strlen($this->response));
757 if (isset($this->username)) {
760 if (isset($this->response) || isset($this->lmResponse)) {
761 $lmResp = isset($this->lmResponse) ? $this->lmResponse : str_repeat (
"\0", 24);
762 $ntResp = isset($this->response) ? $this->response : str_repeat (
"\0", 24);
763 $resp = pack(
'CC', $this->chapid, $this->flags) . $lmResp . $ntResp;
764 $this->
putVendorAttribute(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_CHAP_RESPONSE, $resp);
766 if (isset($this->challenge)) {
767 $this->
putVendorAttribute(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_CHAP_CHALLENGE, $this->challenge);
810 if (isset($this->username)) {
813 if (isset($this->response) && isset($this->peerChallenge)) {
815 $resp = pack(
'CCa16a8a24',$this->chapid , 1, $this->peerChallenge, str_repeat(
"\0", 8), $this->response);
816 $this->
putVendorAttribute(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_CHAP2_RESPONSE, $resp);
818 if (isset($this->challenge)) {
819 $this->
putVendorAttribute(RADIUS_VENDOR_MICROSOFT, RADIUS_MICROSOFT_MS_CHAP_CHALLENGE, $this->challenge);
834 $this->peerChallenge = str_repeat(
"\0", strlen($this->peerChallenge));
883 if (isset($_SERVER)) {
886 $var = &
$GLOBALS[
'HTTP_SERVER_VARS'];
889 $this->session_id = sprintf(
"%s:%d-%s", isset($var[
'REMOTE_ADDR']) ? $var[
'REMOTE_ADDR'] :
'127.0.0.1' , getmypid(), get_current_user());
902 $this->res = radius_acct_open();
919 if (!radius_create_request($this->res, RADIUS_ACCOUNTING_REQUEST)) {
934 $this->
putAttribute(RADIUS_ACCT_SESSION_ID, $this->session_id);
935 $this->
putAttribute(RADIUS_ACCT_STATUS_TYPE, $this->status_type);
936 if (isset($this->session_time) && $this->status_type == RADIUS_STOP) {
937 $this->
putAttribute(RADIUS_ACCT_SESSION_TIME, $this->session_time);
939 if (isset($this->authentic)) {
940 $this->
putAttribute(RADIUS_ACCT_AUTHENTIC, $this->authentic);
981 if (!defined(
'RADIUS_UPDATE'))
982 define(
'RADIUS_UPDATE', 3);