1 | <?php |
---|
2 | $GLOBALS['phpgw_info']['flags'] = array( |
---|
3 | 'disable_Template_class' => True, |
---|
4 | 'login' => True, |
---|
5 | 'currentapp' => 'login', |
---|
6 | 'noheader' => True |
---|
7 | ); |
---|
8 | if(file_exists('../header.inc.php')) |
---|
9 | { |
---|
10 | include('../header.inc.php'); |
---|
11 | } |
---|
12 | else |
---|
13 | { |
---|
14 | echo '1'.chr(0x0D).chr(0x0A).lang('Error. header.inc.php not found'); |
---|
15 | exit(); |
---|
16 | } |
---|
17 | if(!$_POST['certificado']) |
---|
18 | { |
---|
19 | echo '2'.chr(0x0D).chr(0x0A).lang('Fail to get certificate'); |
---|
20 | exit(); |
---|
21 | } |
---|
22 | require_once('classes/CertificadoB.php'); |
---|
23 | require_once('classes/Verifica_Certificado.php'); |
---|
24 | include('classes/Verifica_Certificado_conf.php'); |
---|
25 | $cert =str_replace(chr(0x0A).chr(0x0A),chr(0x0A),$_POST['certificado']); |
---|
26 | $cert = troca_espaco_por_mais($cert); |
---|
27 | $c = new certificadoB(); |
---|
28 | $c->certificado($cert); |
---|
29 | if (!$c->apresentado) |
---|
30 | { |
---|
31 | echo '3'.chr(0x0D).chr(0x0A).lang('Fail to get certificate'); |
---|
32 | exit(); |
---|
33 | } |
---|
34 | $b = new Verifica_Certificado($c->dados,$cert); |
---|
35 | if(!$b->status) |
---|
36 | { |
---|
37 | $msg = '4'.chr(0x0D).chr(0x0A).$b->msgerro; |
---|
38 | foreach($b->erros_ssl as $linha) |
---|
39 | { |
---|
40 | $msg .= "\n" . $linha; |
---|
41 | } |
---|
42 | echo $msg; |
---|
43 | exit(); |
---|
44 | } |
---|
45 | if ( (!empty($GLOBALS['phpgw_info']['server']['ldap_master_host'])) && |
---|
46 | (!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_dn'])) && |
---|
47 | (!empty($GLOBALS['phpgw_info']['server']['ldap_master_root_pw'])) ) |
---|
48 | { |
---|
49 | $ds = $GLOBALS['phpgw']->common->ldapConnect($GLOBALS['phpgw_info']['server']['ldap_master_host'], |
---|
50 | $GLOBALS['phpgw_info']['server']['ldap_master_root_dn'], |
---|
51 | $GLOBALS['phpgw_info']['server']['ldap_master_root_pw']); |
---|
52 | } |
---|
53 | else |
---|
54 | { |
---|
55 | $ds = $GLOBALS['phpgw']->common->ldapConnect(); |
---|
56 | } |
---|
57 | if (!$ds) |
---|
58 | { |
---|
59 | echo '5'.chr(0x0D).chr(0x0A).lang('Failure when get user data to login'); |
---|
60 | exit(); |
---|
61 | } |
---|
62 | $cert_atrib_cpf = isset($GLOBALS['phpgw_info']['server']['certificado_atributo_cpf'])&&$GLOBALS['phpgw_info']['server']['certificado_atributo_cpf']!=''?$GLOBALS['phpgw_info']['server']['certificado_atributo_cpf']:"uid"; |
---|
63 | $filtro = $cert_atrib_cpf .'='. $c->dados['2.16.76.1.3.1']['CPF']; |
---|
64 | $atributos = array(); |
---|
65 | $atributos[] = "usercertificate"; |
---|
66 | $atributos[] = "phpgwaccountstatus"; |
---|
67 | $atributos[] = "cryptpassword"; |
---|
68 | $atributos[] = "uid"; |
---|
69 | $sr=ldap_search($ds, $GLOBALS['phpgw_info']['server']['ldap_context'],$filtro,$atributos); |
---|
70 | $info = ldap_get_entries($ds, $sr); |
---|
71 | if($info["count"]!=1) |
---|
72 | { |
---|
73 | echo '6'.chr(0x0D).chr(0x0A).lang('Invalid data from users directory'); |
---|
74 | ldap_close($ds); |
---|
75 | exit(); |
---|
76 | } |
---|
77 | if($info[0]['phpgwaccountstatus'][0]!='A') |
---|
78 | { |
---|
79 | echo '7'.chr(0x0D).chr(0x0A).lang('User account is inactive in Expresso'); |
---|
80 | ldap_close($ds); |
---|
81 | exit(); |
---|
82 | } |
---|
83 | if($info[0]["cryptpassword"][0] && $info[0]["usercertificate"][0] && $cert == $info[0]["usercertificate"][0] ) |
---|
84 | { |
---|
85 | echo '0'.chr(0x0D).chr(0x0A).$info[0]["uid"][0].chr(0x0D).chr(0x0A).$info[0]["cryptpassword"][0]; |
---|
86 | } |
---|
87 | else |
---|
88 | { |
---|
89 | echo '8'.chr(0x0D).chr(0x0A).lang('The current certificate not registered to login'); |
---|
90 | } |
---|
91 | ldap_close($ds); |
---|
92 | ?> |
---|