diff options
Diffstat (limited to 'engine/lib/pam.php')
-rw-r--r-- | engine/lib/pam.php | 28 |
1 files changed, 22 insertions, 6 deletions
diff --git a/engine/lib/pam.php b/engine/lib/pam.php index 6bbfce79d..1faa0014e 100644 --- a/engine/lib/pam.php +++ b/engine/lib/pam.php @@ -21,14 +21,19 @@ * * @param string $handler The handler function in the format * pam_handler($credentials = NULL); + * @param string $importance The importance - "sufficient" or "required" */ - function register_pam_handler($handler) + function register_pam_handler($handler, $importance = "sufficient") { global $_PAM_HANDLERS; if (is_callable($handler)) { - $_PAM_HANDLERS[$handler] = $handler; + $_PAM_HANDLERS[$handler] = new stdClass; + + $_PAM_HANDLERS[$handler]->handler = $handler; + $_PAM_HANDLERS[$handler]->importance = strtolower($importance); + return true; } @@ -49,27 +54,38 @@ { global $_PAM_HANDLERS, $_PAM_HANDLERS_MSG; + $authenticated = false; + foreach ($_PAM_HANDLERS as $k => $v) { + $handler = $v->handler; + $importance = $v->importance; + try { // Execute the handler - if ($v($credentials)) + if ($handler($credentials)) { // Explicitly returned true $_PAM_HANDLERS_MSG[$k] = "Authenticated!"; - return true; + $authenticated = true; } else + { $_PAM_HANDLERS_MSG[$k] = "Not Authenticated."; + + // If this is required then abort. + if ($importance == 'required') + return false; + } } catch (Exception $e) { $_PAM_HANDLERS_MSG[$k] = "$e"; } } - - return false; + + return $authenticated; } ?>
\ No newline at end of file |