diff options
-rw-r--r-- | classes/JabberAuth.php | 90 | ||||
-rw-r--r-- | classes/JabberAuthPhpBB.php | 38 | ||||
-rw-r--r-- | config.php | 4 | ||||
-rw-r--r-- | main.php | 16 | ||||
-rw-r--r-- | phpbb-bridge/noweb_user.php | 17 | ||||
-rw-r--r-- | phpbb-bridge/phpbb_bootstrap.php | 51 | ||||
-rwxr-xr-x | tests/test | 10 | ||||
-rw-r--r-- | tests/test.php | 26 | ||||
-rw-r--r-- | tests/test.successful | bin | 0 -> 32 bytes |
9 files changed, 252 insertions, 0 deletions
diff --git a/classes/JabberAuth.php b/classes/JabberAuth.php new file mode 100644 index 0000000..f649889 --- /dev/null +++ b/classes/JabberAuth.php @@ -0,0 +1,90 @@ +<?php +// Arancaytar, October 2012 +// This is a general PHP implementation of the ejabberd auth protocol. + +abstract class JabberAuth { + var $running; + + abstract function isuser($username, $server); + abstract function auth($username, $server, $password); + abstract function setpass($username, $server, $password); + abstract function tryregister($username, $server, $password); + abstract function removeuser($username, $server); + + function init() { + $this->stdin = fopen('php://stdin', 'r'); + $this->stdout = fopen('php://stdout', 'w'); + $this->logfile = fopen($this->logpath . 'activity-' . date('Y-m-d') . '.log', 'a'); + $this->running = TRUE; + } + + function stop() { + $this->log("Stopping..."); + $this->running = FALSE; + } + + function run() { + while ($this->running) { + $data = $this->read(); + if ($data) { + $result = $this->execute($data); + $this->write((int)$result); + } + } + $this->log("Stopped"); + } + + function read() { + $input = fread($this->stdin, 2); + if (!$input) { + return $this->stop(); + } + + $input = unpack('n', $input); + $length = $input[1]; + if($length > 0) { + $this->log("Reading $length bytes..."); + $data = fread($this->stdin, $length); + return $data; + } + } + + function write($data) { + $this->log("OUT: $data"); + fwrite($this->stdout, pack("nn", 2, $data)); + } + + function log($data) { + fwrite($this->logfile, sprintf("%s [%d] - %s\n", date('Y-m-d H:i:s'), getmypid(), $data)); + } + + function execute($data) { + $args = explode(':', $data); + $command = array_shift($args); + // Only log the username for security. + $this->log("Executing $command on {$args[0]}"); + + switch ($command) { + case 'isuser': + list($username, $server) = $args; + return $this->isuser($username, $server); + case 'auth': + list($username, $server, $password) = $args; + return $this->auth($username, $server, $password); + case 'setpass': + list($username, $server, $password) = $args; + return $this->setpass($username, $server, $password); + case 'tryregister': + list($username, $server, $password) = $args; + return $this->tryregister($username, $server, $password); + case 'removeuser': + list($username, $server) = $args; + return $this->removeuser($username, $server); + case 'removeuser3': + list($username, $server, $password) = $args; + return $this->auth($username, $server, $password) && $this->removeuser($username, $password); + default: + $this->stop(); + } + } +} diff --git a/classes/JabberAuthPhpBB.php b/classes/JabberAuthPhpBB.php new file mode 100644 index 0000000..e60cbae --- /dev/null +++ b/classes/JabberAuthPhpBB.php @@ -0,0 +1,38 @@ +<?php + +class JabberAuthPhpBB extends JabberAuth { + var $auth; + var $db; + + function __construct($auth, $db, $logpath) { + $this->logpath = $logpath; + parent::init(); + $this->auth = $auth; + $this->db = $db; + } + + function isuser($username, $server) { + $username_clean = utf8_clean_string($username); + $row = $this->db->sql_fetchrow($this->db->sql_query('SELECT username FROM ' . USERS_TABLE . ' WHERE username_clean = ' . "'" . $this->db->sql_escape($username_clean) . "'" . ';')); + return !empty($row); + } + + function auth($username, $server, $password) { + $result = $this->auth->login($username, $password); + return $result['status'] == LOGIN_SUCCESS; + } + + // The following functions are disabled. This script will not change the phpBB user database. + + function setpass($username, $server, $password) { + return FALSE; + } + + function tryregister($username, $server, $password) { + return FALSE; + } + + function removeuser($username, $server) { + return FALSE; + } +} diff --git a/config.php b/config.php new file mode 100644 index 0000000..dd5f8f1 --- /dev/null +++ b/config.php @@ -0,0 +1,4 @@ +<?php + +$phpbb_root_path = '/home/arancaytar/development/phpbb3/phpBB/'; +$log_path = __DIR__ . '/logs/';
\ No newline at end of file diff --git a/main.php b/main.php new file mode 100644 index 0000000..fee0f33 --- /dev/null +++ b/main.php @@ -0,0 +1,16 @@ +#!/usr/bin/php +<?php +// by Aran, October 2012 + +// Bootstrap the phpBB system. +define('ROOT', __DIR__); +require_once __DIR__ . '/config.php'; +require_once __DIR__ . '/phpbb-bridge/phpbb_bootstrap.php'; + +// Load the classes. +require_once __DIR__ . '/classes/JabberAuth.php'; +require_once __DIR__ . '/classes/JabberAuthPhpBB.php'; + +// Launch the script. +$main = new JabberAuthPhpBB($auth, $db, $log_path); +$main->run(); diff --git a/phpbb-bridge/noweb_user.php b/phpbb-bridge/noweb_user.php new file mode 100644 index 0000000..3291222 --- /dev/null +++ b/phpbb-bridge/noweb_user.php @@ -0,0 +1,17 @@ +<?php + +class noweb_user { + var $session_id = ''; + var $browser = 'N/A'; + var $forwarded_for = '127.0.0.1'; + var $ip = '127.0.0.1'; + + function session_create() { + // do absolutely nothing. however, unless we tell the auth module the session + // was successfully created, it won't pass back a success. + return TRUE; + } + + function setup() { + } +} diff --git a/phpbb-bridge/phpbb_bootstrap.php b/phpbb-bridge/phpbb_bootstrap.php new file mode 100644 index 0000000..3f7dee5 --- /dev/null +++ b/phpbb-bridge/phpbb_bootstrap.php @@ -0,0 +1,51 @@ +<?php +define('IN_PHPBB', TRUE); +$phpEx = 'php'; + +use Symfony\Component\Config\FileLocator; +use Symfony\Component\DependencyInjection\ContainerBuilder; +use Symfony\Component\DependencyInjection\Loader\YamlFileLoader; + +require($phpbb_root_path . 'includes/startup.' . $phpEx); +require_once __DIR__ . '/noweb_user.php'; + +if (file_exists($phpbb_root_path . 'config.' . $phpEx)) +{ + require($phpbb_root_path . 'config.' . $phpEx); +} + +// Include files +require($phpbb_root_path . 'includes/class_loader.' . $phpEx); +require($phpbb_root_path . 'includes/di/processor/interface.' . $phpEx); +require($phpbb_root_path . 'includes/di/processor/config.' . $phpEx); + +require($phpbb_root_path . 'includes/functions.' . $phpEx); +require($phpbb_root_path . 'includes/functions_content.' . $phpEx); + +require($phpbb_root_path . 'includes/constants.' . $phpEx); +require($phpbb_root_path . 'includes/db/' . ltrim($dbms, 'dbal_') . '.' . $phpEx); +require($phpbb_root_path . 'includes/utf/utf_tools.' . $phpEx); + +// Set PHP error handler to ours +set_error_handler(defined('PHPBB_MSG_HANDLER') ? PHPBB_MSG_HANDLER : 'msg_handler'); + +$phpbb_container = new ContainerBuilder(); +$loader = new YamlFileLoader($phpbb_container, new FileLocator($phpbb_root_path.'/config')); +$loader->load('services.yml'); + +$processor = new phpbb_di_processor_config($phpbb_root_path . 'config.' . $phpEx, $phpbb_root_path, $phpEx); +$processor->process($phpbb_container); + +// Setup class loader first +$phpbb_class_loader = $phpbb_container->get('class_loader'); +$phpbb_class_loader_ext = $phpbb_container->get('class_loader.ext'); + +// Instantiate some basic classes +$user = new noweb_user; +$auth = $phpbb_container->get('auth'); +$db = $phpbb_container->get('dbal.conn'); + +// Grab global variables, re-cache if necessary +$config = $phpbb_container->get('config'); +set_config(null, null, null, $config); +set_config_count(null, null, null, $config); diff --git a/tests/test b/tests/test new file mode 100755 index 0000000..4d68705 --- /dev/null +++ b/tests/test @@ -0,0 +1,10 @@ +php test.php > test.in +php ../main.php <test.in>test.out +if [ -z "$(diff test.out test.successful)" ] +then + echo "Test successful." +else + echo "Test unsuccessful. Check activity logs." +fi + +rm test.in test.out
\ No newline at end of file diff --git a/tests/test.php b/tests/test.php new file mode 100644 index 0000000..a6d6c16 --- /dev/null +++ b/tests/test.php @@ -0,0 +1,26 @@ +<?php +$stderr = fopen('php://stderr', 'w'); +$in = fopen('php://stdin', 'r'); +fwrite($stderr, "Enter a valid username: "); +$user = trim(fgets($in)); +fwrite($stderr, "Enter the password: "); +$password = trim(fgets($in)); + +$str = array( + array('isuser', $user), + array('isuser', '123456789'), + array('auth', $user, 'localhost', $password), + array('auth', $user, 'localhost', '123456789'), + + // These should all fail cleanly. + array('setpass', '123456789', 'localhost', '123456789'), + array('tryregister', '123456789', 'localhost', '123456789'), + array('removeuser', '123456789', 'localhost', '123456789'), + array('removeuser3', '123456789', 'localhost', '123456789'), +); + +foreach ($str as $command) { + $command = implode(':', $command); + print pack('n', strlen($command)); + print $command; +} diff --git a/tests/test.successful b/tests/test.successful Binary files differnew file mode 100644 index 0000000..128aea6 --- /dev/null +++ b/tests/test.successful |