X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=include%2Fclass_password-methods-kerberos.inc;h=24240bad576c6a6c266e78362fa9a96f2163df27;hb=28ae00a52f184c2e0818500fafc38280e44f9efb;hp=e66ebbba969bcaac9b6357ce52622b901ead0a53;hpb=38e112e6bdb6281beace80e8e29f2a3d2b0ca490;p=gosa.git

diff --git a/include/class_password-methods-kerberos.inc b/include/class_password-methods-kerberos.inc
index e66ebbba9..24240bad5 100644
--- a/include/class_password-methods-kerberos.inc
+++ b/include/class_password-methods-kerberos.inc
@@ -23,7 +23,7 @@ class passwordMethodkerberos extends passwordMethod
 
 	function passwordMethodkerberos($config)  
 	{
-    $this->config=$config;
+    $this->config= &$config;
 	}
 
   function is_available()
@@ -53,7 +53,7 @@ class passwordMethodkerberos extends passwordMethod
 				print_red (_("Kerberos database communication failed!"));
 			}
 
-			$ret= kadm5_chpass_principal($handle, $this->attrs['uid'][0]."@".$cfg['REALM'],$password);
+			$ret= kadm5_chpass_principal($handle, $this->attrs['uid'][0]."@".$cfg['REALM'],$pwd);
 
 			if ($ret === FALSE)
 			{
@@ -62,11 +62,63 @@ class passwordMethodkerberos extends passwordMethod
 
 			kadm5_destroy($handle);
 
-			$newpass= "{kerberos}".$this->attrs['uid'][0]."@".$cfg['REALM'];
+      $mode= "kerberos";
+      if (isset($this->config->current['KRBSASL']) && preg_match('/^true$/i', $this->config->current['KRBSASL'])){
+        $mode= "sasl";
+      }
+			$newpass= "{".$mode."}".$this->attrs['uid'][0]."@".$cfg['REALM'];
 
 			return $newpass;       
 		}
 	}
+
+
+  function remove_from_parent()
+  {
+    /* Kerberos server defined? */
+    if (isset($this->config->data['SERVERS']['KERBEROS'])){
+      $cfg= $this->config->data['SERVERS']['KERBEROS'];
+    }
+    if (isset($cfg['SERVER']) && function_exists('kadm5_init_with_password')){
+
+      /* Connect to the admin interface */
+      $handle = kadm5_init_with_password($cfg['SERVER'], $cfg['REALM'],
+          $cfg['ADMIN'], $cfg['PASSWORD']);
+
+      /* Errors? */
+      if ($handle === FALSE){
+        print_red (_("Kerberos database communication failed"));
+        return (2);
+      }
+
+      /* Build user principal, get list of existsing principals */
+      $principal= $this->uid."@".$cfg['REALM'];
+      $principals = kadm5_get_principals($handle);
+
+      /* User exists in database? */
+      if (in_array($principal, $principals)){
+
+        /* Ok. User exists. Remove him/her */
+          $ret= kadm5_delete_principal ( $handle, $principal);
+          if ($ret === FALSE){
+            print_red (_("Can't remove user from kerberos database."));
+          }
+      }
+
+      /* Free kerberos admin handle */
+      kadm5_destroy($handle);
+    }
+  }
+
+  function get_hash_name()
+  {
+    $mode= "kerberos";
+    if (isset($this->config->current['KRBSASL']) && preg_match('/^true$/i', $this->config->current['KRBSASL'])){
+      $mode= "sasl";
+    }
+    return "$mode";
+  }
+
 }
 
 // vim:tabstop=2:expandtab:shiftwidth=2:filetype=php:syntax:ruler: