mirror of
https://codeberg.org/icewind/SMB.git
synced 2026-06-03 17:24:07 +02:00
64 lines
1.6 KiB
PHP
64 lines
1.6 KiB
PHP
<?php
|
|
/**
|
|
* SPDX-FileCopyrightText: 2018 Robin Appelman <robin@icewind.nl>
|
|
* SPDX-License-Identifier: AGPL-3.0-or-later
|
|
*/
|
|
|
|
namespace Icewind\SMB;
|
|
|
|
use Icewind\SMB\Exception\Exception;
|
|
|
|
/**
|
|
* Use existing kerberos ticket to authenticate
|
|
*/
|
|
class KerberosAuth implements IAuth {
|
|
/** @var ?KerberosTicket */
|
|
protected $ticket = null;
|
|
|
|
public function getTicket(): ?KerberosTicket {
|
|
return $this->ticket;
|
|
}
|
|
|
|
public function setTicket(?KerberosTicket $ticket): void {
|
|
$this->ticket = $ticket;
|
|
}
|
|
|
|
public function getUsername(): ?string {
|
|
return 'dummy';
|
|
}
|
|
|
|
public function getWorkgroup(): ?string {
|
|
return 'dummy';
|
|
}
|
|
|
|
public function getPassword(): ?string {
|
|
return null;
|
|
}
|
|
|
|
private function setEnv():void {
|
|
$ticket = $this->getTicket();
|
|
if ($ticket) {
|
|
$ticket->validate();
|
|
|
|
// note that even if the ticket name is the value we got from `getenv("KRB5CCNAME")` we still need to set the env variable ourselves
|
|
// this is because `getenv` also reads the variables passed from the SAPI (apache-php) and we need to set the variable in the OS's env
|
|
putenv("KRB5CCNAME=" . $ticket->getCacheName());
|
|
}
|
|
}
|
|
|
|
public function getExtraCommandLineArguments(): string {
|
|
$this->setEnv();
|
|
return '-k';
|
|
}
|
|
|
|
public function setExtraSmbClientOptions($smbClientState): void {
|
|
$this->setEnv();
|
|
|
|
$success = (bool)smbclient_option_set($smbClientState, SMBCLIENT_OPT_USE_KERBEROS, true);
|
|
$success = $success && smbclient_option_set($smbClientState, SMBCLIENT_OPT_FALLBACK_AFTER_KERBEROS, false);
|
|
|
|
if (!$success) {
|
|
throw new Exception("Failed to set smbclient options for kerberos auth");
|
|
}
|
|
}
|
|
}
|