76        assert(
'is_array($info)');
 
   77        assert(
'is_array($config)');
 
   84            'Authentication source ' . var_export($this->authId, 
true));
 
   86        $this->servers = 
$config->getArray(
'servers', array());
 
   88        if (empty($this->servers)) {
 
   89            $this->hostname = 
$config->getString(
'hostname');
 
   90            $this->port = 
$config->getIntegerRange(
'port', 1, 65535, 1812);
 
   91            $this->secret = 
$config->getString(
'secret');
 
   92            $this->servers[] = array(
'hostname' => $this->hostname,
 
   93                                     'port' => $this->port,
 
   94                                     'secret' => $this->secret);
 
   96        $this->timeout = 
$config->getInteger(
'timeout', 5);
 
   97        $this->retries = 
$config->getInteger(
'retries', 3);
 
   98        $this->realm = 
$config->getString(
'realm', 
null);
 
   99        $this->usernameAttribute = 
$config->getString(
'username_attribute', 
null);
 
  100        $this->nasIdentifier = 
$config->getString(
'nas_identifier',
 
  103        $this->vendor = 
$config->getInteger(
'attribute_vendor', 
null);
 
  104        if ($this->vendor !== 
null) {
 
  105            $this->vendorType = 
$config->getInteger(
'attribute_vendor_type');
 
  119        assert(
'is_string($username)');
 
  120        assert(
'is_string($password)');
 
  122        $radius = radius_auth_open();
 
  126        foreach ($this->servers as 
$server) {
 
  130            if (!radius_add_server($radius,
 
  132                $this->timeout, $this->retries)) {
 
  134                    radius_strerror($radius));
 
  140            throw new Exception(
'Error adding radius servers, no servers available');
 
  143        if (!radius_create_request($radius, RADIUS_ACCESS_REQUEST)) {
 
  144            throw new Exception(
'Error creating radius request: ' .
 
  145                radius_strerror($radius));
 
  148        if ($this->realm === 
null) {
 
  149            radius_put_attr($radius, RADIUS_USER_NAME, $username);
 
  151            radius_put_attr($radius, RADIUS_USER_NAME, $username . 
'@' . $this->realm);
 
  153        radius_put_attr($radius, RADIUS_USER_PASSWORD, 
$password);
 
  155        if ($this->nasIdentifier !== 
null) {
 
  156            radius_put_attr($radius, RADIUS_NAS_IDENTIFIER, $this->nasIdentifier);
 
  159        $res = radius_send_request($radius);
 
  160        if (
$res != RADIUS_ACCESS_ACCEPT) {
 
  162            case RADIUS_ACCESS_REJECT:
 
  165            case RADIUS_ACCESS_CHALLENGE:
 
  166                throw new Exception(
'Radius authentication error: Challenge requested, but not supported.');
 
  168                throw new Exception(
'Error during radius authentication: ' .
 
  169                    radius_strerror($radius));
 
  177        if ($this->usernameAttribute !== 
null) {
 
  181        if ($this->vendor === 
null) {
 
  190        while ($resa = radius_get_attr($radius)) {
 
  192            if (!is_array($resa)) {
 
  193                throw new Exception(
'Error getting radius attributes: ' .
 
  194                    radius_strerror($radius));
 
  198            if ($resa[
'attr'] == RADIUS_USER_NAME) {
 
  203            if ($resa[
'attr'] !== RADIUS_VENDOR_SPECIFIC) {
 
  207            $resv = radius_get_vendor_attr($resa[
'data']);
 
  208            if (!is_array($resv)) {
 
  209                throw new Exception(
'Error getting vendor specific attribute: ' .
 
  210                    radius_strerror($radius));
 
  214            $attrv = $resv[
'attr'];
 
  215            $datav = $resv[
'data'];
 
  217            if (
$vendor != $this->vendor || $attrv != $this->vendorType) {
 
  221            $attrib_name = strtok($datav,
'=');
 
  222            $attrib_value = strtok(
'=');
 
An exception for terminatinating execution or to throw for unit testing.
static loadFromArray($config, $location='[ARRAY]', $instance=null)
Loads a configuration from the given array.
$secret
The secret used when communicating with the radius server.
login($username, $password)
Attempt to log in using the given username and password.
$servers
The list of radius servers to use.
__construct($info, $config)
Constructor for this authentication source.
$port
The port of the radius server.
$nasIdentifier
The NAS-Identifier that should be set in Access-Request packets.
$usernameAttribute
The attribute name where the username should be stored.
$timeout
The timeout for contacting the radius server.
$retries
The number of retries which should be attempted.
$hostname
The hostname of the radius server.
$vendorType
The vendor-specific attribute for the RADIUS attributes we are interrested in.
$vendor
The vendor for the RADIUS attributes we are interrested in.
$realm
The realm to be added to the entered username.
Attribute-related utility methods.
foreach($_POST as $key=> $value) $res