3 * Manages PAM repository connection with local imap server help
8 * @author Oliver Schulze <oliver@samera.com.py>,
9 * Andrew McMillan <andrew@mcmillan.net.nz>
10 * @copyright Based on Eric Seigne script drivers_squid_pam.php
11 * @license http://gnu.org/copyleft/gpl.html GNU GPL v2 or later
14 // The PHP interpreter will die quietly unless satisfied. This provides user feedback instead.
15 if (!function_exists('imap_open')) {
16 die("drivers_imap_pam: php5-imap required.");
19 require_once("auth-functions.php");
32 * @param string $imap_url formated for imap_open()
34 function imapPamDrivers($imap_url){
35 $this->__construct($imap_url);
42 * @param string $imap_url formated for imap_open()
44 function __construct($imap_url)
47 if (empty($imap_url)){
48 $c->messages
[] = sprintf(i18n('drivers_imap_pam : imap_url parameter not configured in /etc/davical/*-conf.php'));
57 * Check the username / password against the PAM system
59 function IMAP_PAM_check($username, $password ){
62 $imap_username = $username;
63 if ( function_exists('mb_convert_encoding') ) {
64 $imap_username = mb_convert_encoding($imap_username, "UTF7-IMAP",mb_detect_encoding($imap_username));
67 $imap_username = imap_utf7_encode($imap_username);
70 //$imap_url = '{localhost:143/imap/notls}';
71 //$imap_url = '{localhost:993/imap/ssl/novalidate-cert}';
72 $imap_url = $c->authenticate_hook
['config']['imap_url'];
75 $imap_stream = @imap_open
($imap_url, $imap_username, $password, OP_HALFOPEN
);
76 //print_r(imap_errors());
79 imap_close($imap_stream);
84 if ( $auth_result == "OK") {
85 $principal = new Principal('username',$username);
86 if ( ! $principal->Exists() ) {
87 dbg_error_log( "PAM", "Principal '%s' doesn't exist in local DB, we need to create it",$username );
88 $cmd = "getent passwd '$username'";
89 $getent_res = exec($cmd);
90 $getent_arr = explode(":", $getent_res);
91 $fullname = $getent_arr[4];
92 if(empty($fullname)) {
93 $fullname = $username;
96 $principal->Create( array(
97 'username' => $username,
98 'user_active' => true,
99 'email' => $username . "@" . $c->authenticate_hook
['config']['email_base'],
100 'modified' => date('c'),
101 'fullname' => $fullname
103 if ( ! $principal->Exists() ) {
104 dbg_error_log( "PAM", "Unable to create local principal for '%s'", $username );
107 CreateHomeCalendar($username);
112 dbg_error_log( "PAM", "User %s is not a valid username (or password was wrong)", $username );