Initial checkin

9 files changed, 252 insertions, 0 deletions

diff --git a/classes/JabberAuth.php b/classes/JabberAuth.php
new file mode 100644
index 0000000..f649889
--- /dev/null
+++ b/classes/JabberAuth.php
@@ -0,0 +1,90 @@
+<?php
+// Arancaytar, October 2012
+// This is a general PHP implementation of the ejabberd auth protocol.
+
+abstract class JabberAuth {
+  var $running;
+
+  abstract function isuser($username, $server);
+  abstract function auth($username, $server, $password);
+  abstract function setpass($username, $server, $password);
+  abstract function tryregister($username, $server, $password);
+  abstract function removeuser($username, $server);
+
+  function init() {
+    $this->stdin = fopen('php://stdin', 'r');
+    $this->stdout = fopen('php://stdout', 'w');
+    $this->logfile = fopen($this->logpath . 'activity-' . date('Y-m-d') . '.log', 'a');
+    $this->running = TRUE;
+  }
+
+  function stop() {
+    $this->log("Stopping...");
+    $this->running = FALSE;
+  }
+
+  function run() {
+    while ($this->running) {
+      $data = $this->read();
+      if ($data) {
+        $result = $this->execute($data);
+        $this->write((int)$result);
+      }
+    }
+    $this->log("Stopped");
+  }
+
+  function read() {
+    $input = fread($this->stdin, 2);
+    if (!$input) {
+      return $this->stop();
+    }
+
+    $input = unpack('n', $input);
+    $length = $input[1];
+    if($length > 0) {
+      $this->log("Reading $length bytes...");
+      $data = fread($this->stdin, $length);
+      return $data;
+    }
+  }
+
+  function write($data) {
+    $this->log("OUT: $data");
+    fwrite($this->stdout, pack("nn", 2, $data));
+  }
+
+  function log($data) {
+    fwrite($this->logfile, sprintf("%s [%d] - %s\n", date('Y-m-d H:i:s'), getmypid(), $data));
+  }
+
+  function execute($data) {
+    $args = explode(':', $data);
+    $command = array_shift($args);
+    // Only log the username for security.
+    $this->log("Executing $command on {$args[0]}");
+
+    switch ($command) {
+      case 'isuser':
+        list($username, $server) = $args;
+        return $this->isuser($username, $server);
+      case 'auth':
+        list($username, $server, $password) = $args;
+        return $this->auth($username, $server, $password);
+      case 'setpass':
+        list($username, $server, $password) = $args;
+        return $this->setpass($username, $server, $password);
+      case 'tryregister':
+        list($username, $server, $password) = $args;
+        return $this->tryregister($username, $server, $password);
+      case 'removeuser':
+        list($username, $server) = $args;
+        return $this->removeuser($username, $server);
+      case 'removeuser3':
+        list($username, $server, $password) = $args;
+        return $this->auth($username, $server, $password) && $this->removeuser($username, $password);
+      default:
+        $this->stop();
+    }
+  }
+}
diff --git a/classes/JabberAuthPhpBB.php b/classes/JabberAuthPhpBB.php
new file mode 100644
index 0000000..e60cbae
--- /dev/null
+++ b/classes/JabberAuthPhpBB.php
@@ -0,0 +1,38 @@
+<?php
+
+class JabberAuthPhpBB extends JabberAuth {
+  var $auth;
+  var $db;
+  
+  function __construct($auth, $db, $logpath) {
+    $this->logpath = $logpath;
+    parent::init();
+    $this->auth = $auth;
+    $this->db = $db;
+  }
+
+  function isuser($username, $server) {
+    $username_clean = utf8_clean_string($username);
+    $row = $this->db->sql_fetchrow($this->db->sql_query('SELECT username FROM ' . USERS_TABLE . ' WHERE username_clean = ' . "'" . $this->db->sql_escape($username_clean) . "'" . ';'));
+    return !empty($row);
+  }
+
+  function auth($username, $server, $password) {
+    $result = $this->auth->login($username, $password);
+    return $result['status'] == LOGIN_SUCCESS;
+  }
+  
+  // The following functions are disabled. This script will not change the phpBB user database.
+  
+  function setpass($username, $server, $password) {
+    return FALSE;
+  }
+
+  function tryregister($username, $server, $password) {
+    return FALSE;
+  }
+
+  function removeuser($username, $server) {
+    return FALSE;
+  }
+}
diff --git a/config.php b/config.php
new file mode 100644
index 0000000..dd5f8f1
--- /dev/null
+++ b/config.php
@@ -0,0 +1,4 @@
+<?php
+
+$phpbb_root_path = '/home/arancaytar/development/phpbb3/phpBB/';
+$log_path = __DIR__ . '/logs/';
\ No newline at end of file
diff --git a/main.php b/main.php
new file mode 100644
index 0000000..fee0f33
--- /dev/null
+++ b/main.php
@@ -0,0 +1,16 @@
+#!/usr/bin/php
+<?php
+// by Aran, October 2012
+
+// Bootstrap the phpBB system.
+define('ROOT', __DIR__);
+require_once __DIR__ . '/config.php';
+require_once __DIR__ . '/phpbb-bridge/phpbb_bootstrap.php';
+
+// Load the classes.
+require_once __DIR__ . '/classes/JabberAuth.php';
+require_once __DIR__ . '/classes/JabberAuthPhpBB.php';
+
+// Launch the script.
+$main = new JabberAuthPhpBB($auth, $db, $log_path);
+$main->run();
diff --git a/phpbb-bridge/noweb_user.php b/phpbb-bridge/noweb_user.php
new file mode 100644
index 0000000..3291222
--- /dev/null
+++ b/phpbb-bridge/noweb_user.php
@@ -0,0 +1,17 @@
+<?php
+
+class noweb_user {
+  var $session_id = '';
+  var $browser = 'N/A';
+  var $forwarded_for = '127.0.0.1';
+  var $ip = '127.0.0.1';
+
+  function session_create() {
+    // do absolutely nothing. however, unless we tell the auth module the session
+    // was successfully created, it won't pass back a success.
+    return TRUE;
+  }
+  
+  function setup() {
+  }
+}
diff --git a/phpbb-bridge/phpbb_bootstrap.php b/phpbb-bridge/phpbb_bootstrap.php
new file mode 100644
index 0000000..3f7dee5
--- /dev/null
+++ b/phpbb-bridge/phpbb_bootstrap.php
@@ -0,0 +1,51 @@
+<?php
+define('IN_PHPBB', TRUE);
+$phpEx = 'php';
+
+use Symfony\Component\Config\FileLocator;
+use Symfony\Component\DependencyInjection\ContainerBuilder;
+use Symfony\Component\DependencyInjection\Loader\YamlFileLoader;
+
+require($phpbb_root_path . 'includes/startup.' . $phpEx);
+require_once __DIR__ . '/noweb_user.php';
+
+if (file_exists($phpbb_root_path . 'config.' . $phpEx))
+{
+	require($phpbb_root_path . 'config.' . $phpEx);
+}
+
+// Include files
+require($phpbb_root_path . 'includes/class_loader.' . $phpEx);
+require($phpbb_root_path . 'includes/di/processor/interface.' . $phpEx);
+require($phpbb_root_path . 'includes/di/processor/config.' . $phpEx);
+
+require($phpbb_root_path . 'includes/functions.' . $phpEx);
+require($phpbb_root_path . 'includes/functions_content.' . $phpEx);
+
+require($phpbb_root_path . 'includes/constants.' . $phpEx);
+require($phpbb_root_path . 'includes/db/' . ltrim($dbms, 'dbal_') . '.' . $phpEx);
+require($phpbb_root_path . 'includes/utf/utf_tools.' . $phpEx);
+
+// Set PHP error handler to ours
+set_error_handler(defined('PHPBB_MSG_HANDLER') ? PHPBB_MSG_HANDLER : 'msg_handler');
+
+$phpbb_container = new ContainerBuilder();
+$loader = new YamlFileLoader($phpbb_container, new FileLocator($phpbb_root_path.'/config'));
+$loader->load('services.yml');
+
+$processor = new phpbb_di_processor_config($phpbb_root_path . 'config.' . $phpEx, $phpbb_root_path, $phpEx);
+$processor->process($phpbb_container);
+
+// Setup class loader first
+$phpbb_class_loader = $phpbb_container->get('class_loader');
+$phpbb_class_loader_ext = $phpbb_container->get('class_loader.ext');
+
+// Instantiate some basic classes
+$user = new noweb_user;
+$auth		= $phpbb_container->get('auth');
+$db			= $phpbb_container->get('dbal.conn');
+
+// Grab global variables, re-cache if necessary
+$config = $phpbb_container->get('config');
+set_config(null, null, null, $config);
+set_config_count(null, null, null, $config);
diff --git a/tests/test b/tests/test
new file mode 100755
index 0000000..4d68705
--- /dev/null
+++ b/tests/test
@@ -0,0 +1,10 @@
+php test.php > test.in
+php ../main.php <test.in>test.out
+if [ -z "$(diff test.out test.successful)" ]
+then
+  echo "Test successful."
+else
+  echo "Test unsuccessful. Check activity logs."
+fi
+
+rm test.in test.out
\ No newline at end of file
diff --git a/tests/test.php b/tests/test.php
new file mode 100644
index 0000000..a6d6c16
--- /dev/null
+++ b/tests/test.php
@@ -0,0 +1,26 @@
+<?php
+$stderr = fopen('php://stderr', 'w'); 
+$in = fopen('php://stdin', 'r');
+fwrite($stderr, "Enter a valid username: ");
+$user = trim(fgets($in));
+fwrite($stderr, "Enter the password: ");
+$password = trim(fgets($in));
+
+$str = array(
+  array('isuser', $user),
+  array('isuser', '123456789'),
+  array('auth', $user, 'localhost', $password),
+  array('auth', $user, 'localhost', '123456789'),
+  
+  // These should all fail cleanly.
+  array('setpass', '123456789', 'localhost', '123456789'),
+  array('tryregister', '123456789', 'localhost', '123456789'),
+  array('removeuser', '123456789', 'localhost', '123456789'),
+  array('removeuser3', '123456789', 'localhost', '123456789'),
+);
+
+foreach ($str as $command) {
+  $command = implode(':', $command);
+  print pack('n', strlen($command));
+  print $command;
+}
diff --git a/tests/test.successful b/tests/test.successful
new file mode 100644
index 0000000..128aea6
--- /dev/null
+++ b/tests/test.successful