1<?php 2/** 3 * Copyright 1999-2017 Horde LLC (http://www.horde.org/) 4 * 5 * See the enclosed file COPYING for license information (LGPL). If you did 6 * not receive this file, see http://www.horde.org/licenses/lgpl21. 7 * 8 * @author Jon Parise <jon@horde.org> 9 * @author Marcus I. Ryan <marcus@riboflavin.net> 10 * @category Horde 11 * @license http://www.horde.org/licenses/lgpl21 LGPL-2.1 12 * @package Auth 13 * @todo Add driver for smbclient extension https://github.com/eduardok/libsmbclient-php 14 */ 15 16/** 17 * The Horde_Auth_Smbclient class provides an smbclient implementation of 18 * the Horde authentication system. 19 * 20 * @author Jon Parise <jon@horde.org> 21 * @author Marcus I. Ryan <marcus@riboflavin.net> 22 * @category Horde 23 * @copyright 1999-2017 Horde LLC 24 * @license http://www.horde.org/licenses/lgpl21 LGPL-2.1 25 * @package Auth 26 */ 27class Horde_Auth_Smbclient extends Horde_Auth_Base 28{ 29 /** 30 * Constructor. 31 * 32 * @param array $params Parameters: 33 * <pre> 34 * 'domain' - (string) [REQUIRED] The domain name to authenticate with. 35 * 'group' - Group name that the user must be a member of. 36 * DEFAULT: none 37 * 'hostspec' - (string) [REQUIRED] IP, DNS Name, or NetBios name of the 38 * SMB server to authenticate with. 39 * 'smbclient_path' - (string) [REQUIRED] The location of the smbclient 40 * utility. 41 * </pre> 42 * 43 * @throws InvalidArgumentException 44 */ 45 public function __construct(array $params = array()) 46 { 47 foreach (array('hostspec', 'domain', 'smbclient_path') as $val) { 48 if (empty($params[$val])) { 49 throw new InvalidArgumentException('Missing ' . $val . ' parameter.'); 50 } 51 } 52 53 parent::__construct($params); 54 } 55 56 /** 57 * Find out if the given set of login credentials are valid. 58 * 59 * @param string $userId The userId to check. 60 * @param array $credentials An array of login credentials. 61 * 62 * @throws Horde_Auth_Exception 63 */ 64 protected function _authenticate($userId, $credentials) 65 { 66 if (empty($credentials['password'])) { 67 throw new Horde_Auth_Exception('', Horde_Auth::REASON_BADLOGIN); 68 } 69 70 /* Authenticate. */ 71 $cmdline = implode(' ', array( 72 $this->_params['smbclient_path'], 73 '-L', 74 $this->_params['hostspec'], 75 '-W', 76 $this->_params['domain'], 77 '-U', 78 $userId 79 )); 80 81 $sc = popen($cmdline, 'w'); 82 if ($sc === false) { 83 throw new Horde_Auth_Exception('Unable to execute smbclient.'); 84 } 85 86 fwrite($sc, $credentials['password']); 87 $rc = pclose($sc); 88 89 if (intval($rc & 0xff) != 0) { 90 throw new Horde_Auth_Exception('', Horde_Auth::REASON_BADLOGIN); 91 } 92 } 93 94} 95