X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=functions%2Fauth.php;h=0765e7e2b92a2b89fcbedf2034b5467acf874c77;hb=72520f77e8cd4d3416f07e0c0e9c1476eb99a713;hp=6f7a872b357da00b3026f1ea206dae793113547a;hpb=d6c32258c05219670ab3b4ae2d460d844ea9a247;p=squirrelmail.git

diff --git a/functions/auth.php b/functions/auth.php
index 6f7a872b..0765e7e2 100644
--- a/functions/auth.php
+++ b/functions/auth.php
@@ -3,7 +3,7 @@
 /**
  * auth.php
  *
- * Copyright (c) 1999-2003 The SquirrelMail Project Team
+ * Copyright (c) 1999-2004 The SquirrelMail Project Team
  * Licensed under the GNU GPL. For full terms see the file COPYING.
  *
  * Contains functions used to do authentication.
@@ -30,6 +30,13 @@ if (! isset($use_smtp_tls)) {
   $use_smtp_tls = false;
 }
 
+/**
+ * Check if user has previously logged in to the Squirrelmail session.  If user
+ * has not logged in, execution will stop inside this function.
+ *
+ * @return int A positive value is returned if user has previously logged in
+ * successfully.
+ */
 function is_logged_in() {
 
     if ( sqsession_is_registered('user_is_logged_in') ) {
@@ -56,20 +63,39 @@ function is_logged_in() {
     }
 }
 
+/**
+ * Given the challenge from the server, supply the response using cram-md5 (See
+ * RFC 2195 for details)
+ *
+ * @param string $username User ID
+ * @param string $password User password supplied by User
+ * @param string $challenge The challenge supplied by the server
+ * @return string The response to be sent to the IMAP server
+ *
+ */
 function cram_md5_response ($username,$password,$challenge) {
-
-/* Given the challenge from the server, supply the response using
-   cram-md5 (See RFC 2195 for details)
-*/
-$challenge=base64_decode($challenge);
-$hash=bin2hex(hmac_md5($challenge,$password));
-$response=base64_encode($username . " " . $hash) . "\r\n";
-return $response;
+    $challenge=base64_decode($challenge);
+    $hash=bin2hex(hmac_md5($challenge,$password));
+    $response=base64_encode($username . " " . $hash) . "\r\n";
+    return $response;
 }
 
+/**
+ * Return Digest-MD5 response.
+ * Given the challenge from the server, calculate and return the
+ * response-string for digest-md5 authentication.  (See RFC 2831 for more
+ * details)
+ *
+ * @param string $username User ID
+ * @param string $password User password supplied by User
+ * @param string $challenge The challenge supplied by the server
+ * @param string $service The service name, usually 'imap'; it is used to
+ *   define the digest-uri.
+ * @param string $host The host name, usually the server's FQDN; it is used to
+ *   define the digest-uri.
+ * @return string The response to be sent to the IMAP server
+ */
 function digest_md5_response ($username,$password,$challenge,$service,$host) {
-/* Given the challenge from the server, calculate and return the response-string
-   for digest-md5 authentication.  (See RFC 2831 for more details) */
   $result=digest_md5_parse_challenge($challenge);
   
 // verify server supports qop=auth
@@ -115,10 +141,15 @@ function digest_md5_response ($username,$password,$challenge,$service,$host) {
  
 }
 
+/**
+ * Parse Digest-MD5 challenge.
+ * This function parses the challenge sent during DIGEST-MD5 authentication and
+ * returns an array. See the RFC for details on what's in the challenge string.
+ *
+ * @param string $challenge Digest-MD5 Challenge
+ * @return array Digest-MD5 challenge decoded data
+ */
 function digest_md5_parse_challenge($challenge) {
-/* This function parses the challenge sent during DIGEST-MD5 authentication and
-   returns an array. See the RFC for details on what's in the challenge string.
-*/
   $challenge=base64_decode($challenge);
   while (isset($challenge)) {
     if ($challenge{0} == ',') { // First char is a comma, must not be 1st time through loop
@@ -154,10 +185,17 @@ function digest_md5_parse_challenge($challenge) {
   return $parsed;
 }
 
+/**
+ * Creates a HMAC digest that can be used for auth purposes
+ * See RFCs 2104, 2617, 2831
+ * Uses mhash() extension if available
+ *
+ * @param string $data Data to apply hash function to.
+ * @param string $key Optional key, which, if supplied, will be used to
+ * calculate data's HMAC.
+ * @return string HMAC Digest string
+ */
 function hmac_md5($data, $key='') {
-    // Creates a HMAC digest that can be used for auth purposes
-    // See RFCs 2104, 2617, 2831
-    // Uses mhash() extension if available
     if (extension_loaded('mhash')) {
       if ($key== '') {
         $mhash=mhash(MHASH_MD5,$data);
@@ -180,4 +218,28 @@ function hmac_md5($data, $key='') {
     return $hmac;
 }
 
+/** 
+ * Fillin user and password based on SMTP auth settings.
+ *
+ * @global
+ * @param string $user Reference to SMTP username
+ * @param string $pass Reference to SMTP password (unencrypted)
+ */
+function get_smtp_user(&$user, &$pass) {
+    global $username, $smtp_auth_mech, 
+           $smtp_sitewide_user, $smtp_sitewide_pass;
+
+    if ($smtp_auth_mech == 'none') {
+        $user = '';
+        $pass = '';
+    } elseif ( isset($smtp_sitewide_user) && isset($smtp_sitewide_pass) ) {
+        $user = $smtp_sitewide_user;
+        $pass = $smtp_sitewide_pass;
+    } else {
+        global $key, $onetimepad;
+        $user = $username;
+        $pass = OneTimePadDecrypt($key, $onetimepad);
+    }
+}
+
 ?>