Roundcubemail devel
view | history | commit | commitdiff
Aleksander Machniak
2012-07-23 114cf1281b1546f1efb8f78f92b179dd6afcaaa9
commit | author | age
627330 1 <?php
114cf1 2 // +-----------------------------------------------------------------------+
AM 3 // | Copyright (c) 2002-2003 Richard Heyes                                 |
4 // | All rights reserved.                                                  |
5 // |                                                                       |
6 // | Redistribution and use in source and binary forms, with or without    |
7 // | modification, are permitted provided that the following conditions    |
8 // | are met:                                                              |
9 // |                                                                       |
10 // | o Redistributions of source code must retain the above copyright      |
11 // |   notice, this list of conditions and the following disclaimer.       |
12 // | o Redistributions in binary form must reproduce the above copyright   |
13 // |   notice, this list of conditions and the following disclaimer in the |
14 // |   documentation and/or other materials provided with the distribution.|
15 // | o The names of the authors may not be used to endorse or promote      |
16 // |   products derived from this software without specific prior written  |
17 // |   permission.                                                         |
18 // |                                                                       |
19 // | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS   |
20 // | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT     |
21 // | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
22 // | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT  |
23 // | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
24 // | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT      |
25 // | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
26 // | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
27 // | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT   |
28 // | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
29 // | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.  |
30 // |                                                                       |
31 // +-----------------------------------------------------------------------+
32 // | Author: Richard Heyes <richard@php.net>                               |
33 // +-----------------------------------------------------------------------+
34 //
627330 35 // $Id$
T 36
37 /**
114cf1 38 * Client implementation of various SASL mechanisms
627330 39 *
T 40 * @author  Richard Heyes <richard@php.net>
41 * @access  public
42 * @version 1.0
43 * @package Auth_SASL
44 */
45
46 require_once('PEAR.php');
47
48 class Auth_SASL
49 {
50     /**
51     * Factory class. Returns an object of the request
52     * type.
53     *
54     * @param string $type One of: Anonymous
55     *                             Plain
56     *                             CramMD5
57     *                             DigestMD5
114cf1 58     *                             SCRAM-* (any mechanism of the SCRAM family)
627330 59     *                     Types are not case sensitive
T 60     */
61     function &factory($type)
62     {
63         switch (strtolower($type)) {
64             case 'anonymous':
65                 $filename  = 'Auth/SASL/Anonymous.php';
66                 $classname = 'Auth_SASL_Anonymous';
67                 break;
68
69             case 'login':
70                 $filename  = 'Auth/SASL/Login.php';
71                 $classname = 'Auth_SASL_Login';
72                 break;
73
74             case 'plain':
75                 $filename  = 'Auth/SASL/Plain.php';
76                 $classname = 'Auth_SASL_Plain';
77                 break;
78
00e57d 79             case 'external':
A 80                 $filename  = 'Auth/SASL/External.php';
81                 $classname = 'Auth_SASL_External';
82                 break;
83
627330 84             case 'crammd5':
114cf1 85                 // $msg = 'Deprecated mechanism name. Use IANA-registered name: CRAM-MD5.';
AM 86                 // trigger_error($msg, E_USER_DEPRECATED);
87             case 'cram-md5':
627330 88                 $filename  = 'Auth/SASL/CramMD5.php';
T 89                 $classname = 'Auth_SASL_CramMD5';
90                 break;
91
92             case 'digestmd5':
114cf1 93                 // $msg = 'Deprecated mechanism name. Use IANA-registered name: DIGEST-MD5.';
AM 94                 // trigger_error($msg, E_USER_DEPRECATED);
95             case 'digest-md5':
96                 // $msg = 'DIGEST-MD5 is a deprecated SASL mechanism as per RFC-6331. Using it could be a security risk.';
97                 // trigger_error($msg, E_USER_NOTICE);
627330 98                 $filename  = 'Auth/SASL/DigestMD5.php';
T 99                 $classname = 'Auth_SASL_DigestMD5';
100                 break;
101
102             default:
114cf1 103                 $scram = '/^SCRAM-(.{1,9})$/i';
AM 104                 if (preg_match($scram, $type, $matches))
105                 {
106                     $hash = $matches[1];
107                     $filename = dirname(__FILE__) .'/SASL/SCRAM.php';
108                     $classname = 'Auth_SASL_SCRAM';
109                     $parameter = $hash;
110                     break;
111                 }
627330 112                 return PEAR::raiseError('Invalid SASL mechanism type');
T 113                 break;
114         }
115
116         require_once($filename);
114cf1 117         if (isset($parameter))
AM 118             $obj = new $classname($parameter);
119         else
120             $obj = new $classname();
157881 121         return $obj;
627330 122     }
T 123 }
124
00e57d 125 ?>