From c1ce4fbb2ff1786846d9d0b3850b395ca94cf563 Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Thu, 4 Nov 2021 15:16:24 +0100 Subject: [PATCH] only intialize kerberos apache auth when used this allows checking if there is a valid ticket without throwing exceptions --- src/KerberosApacheAuth.php | 36 ++++++++++++++++++++++++++++++++++-- 1 file changed, 34 insertions(+), 2 deletions(-) diff --git a/src/KerberosApacheAuth.php b/src/KerberosApacheAuth.php index b47f062..03551aa 100644 --- a/src/KerberosApacheAuth.php +++ b/src/KerberosApacheAuth.php @@ -35,15 +35,38 @@ class KerberosApacheAuth extends KerberosAuth implements IAuth { /** @var bool */ private $saveTicketInMemory = false; + /** @var bool */ + private $init = false; + /** * @param bool $saveTicketInMemory */ public function __construct(bool $saveTicketInMemory = false) { $this->saveTicketInMemory = $saveTicketInMemory; - $this->registerApacheKerberosTicket(); } - private function registerApacheKerberosTicket(): void { + /** + * Check if a valid kerberos ticket is present + * + * @return bool + */ + public function checkTicket(): bool { + //read apache kerberos ticket cache + $cacheFile = getenv("KRB5CCNAME"); + if (!$cacheFile) { + return false; + } + + $krb5 = new \KRB5CCache(); + $krb5->open($cacheFile); + return (bool)$krb5->isValid(); + } + + private function init(): void { + if ($this->init) { + return; + } + $this->init = true; // inspired by https://git.typo3.org/TYPO3CMS/Extensions/fal_cifs.git if (!extension_loaded("krb5")) { @@ -76,6 +99,15 @@ private function registerApacheKerberosTicket(): void { } } + public function getExtraCommandLineArguments(): string { + $this->init(); + return parent::getExtraCommandLineArguments(); + } + + public function setExtraSmbClientOptions($smbClientState): void { + $this->init(); + parent::setExtraSmbClientOptions($smbClientState); + } public function __destruct() { if (!empty($this->ticketPath) && file_exists($this->ticketPath) && is_file($this->ticketPath)) {