mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-18 22:08:20 +01:00
Code Issues Projects Releases Wiki Activity

Merge branch 'MDL-59475-master-cas' of git://github.com/lameze/moodle

Browse Source
This commit is contained in:
Dan Poltawski 2017-07-17 14:18:21 +01:00
commit efc1d2bb6b
11 changed files with 309 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

96
auth/cas/CAS/CAS.php
View File

@ -40,10 +40,8 @@
// hack by Vangelis Haniotakis to handle the absence of $_SERVER['REQUEST_URI']
// in IIS
//
if (php_sapi_name() != 'cli') {
if (!isset($_SERVER['REQUEST_URI'])) {
$_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['QUERY_STRING'];
}
if (!isset($_SERVER['REQUEST_URI']) && isset($_SERVER['SCRIPT_NAME']) && isset($_SERVER['QUERY_STRING'])) {
$_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['QUERY_STRING'];
}
// Add a E_USER_DEPRECATED for php versions <= 5.2
@ -63,7 +61,7 @@ if (!defined('E_USER_DEPRECATED')) {
/**
* phpCAS version. accessible for the user by phpCAS::getVersion().
*/
define('PHPCAS_VERSION', '1.3.4');
define('PHPCAS_VERSION', '1.3.5+');
/**
* @addtogroup public
@ -138,9 +136,9 @@ define("SAML_SOAP_ENV_CLOSE", '</SOAP-ENV:Envelope>');
*/
define("SAML_ATTRIBUTES", 'SAMLATTRIBS');
/**
* SAML Attributes
*/
/**
* SAML Attributes
*/
define("DEFAULT_ERROR", 'Internal script failure');
/** @} */
@ -221,6 +219,7 @@ define("PHPCAS_LANG_GERMAN", 'CAS_Languages_German');
define("PHPCAS_LANG_JAPANESE", 'CAS_Languages_Japanese');
define("PHPCAS_LANG_SPANISH", 'CAS_Languages_Spanish');
define("PHPCAS_LANG_CATALAN", 'CAS_Languages_Catalan');
define("PHPCAS_LANG_CHINESE_SIMPLIFIED", 'CAS_Languages_ChineseSimplified');
/** @} */
@ -302,13 +301,13 @@ class phpCAS
*/
private static $_PHPCAS_DEBUG;
/**
/**
* This variable is used to enable verbose mode
* This pevents debug info to be show to the user. Since it's a security
* feature the default is false
*
* @hideinitializer
*/
*
* @hideinitializer
*/
private static $_PHPCAS_VERBOSE = false;
@ -470,19 +469,19 @@ class phpCAS
}
}
/**
/**
* Enable verbose errors messages in the website output
* This is a security relevant since internal status info may leak an may
* help an attacker. Default is therefore false
*
* @param bool $verbose enable verbose output
*
* @return void
*/
* help an attacker. Default is therefore false
*
* @param bool $verbose enable verbose output
*
* @return void
*/
public static function setVerbose($verbose)
{
if ($verbose === true) {
self::$_PHPCAS_VERBOSE = true;
if ($verbose === true) {
self::$_PHPCAS_VERBOSE = true;
} else {
self::$_PHPCAS_VERBOSE = false;
}
@ -490,13 +489,13 @@ class phpCAS
/**
* Show is verbose mode is on
*
* @return boot verbose
*/
public static function getVerbose()
{
return self::$_PHPCAS_VERBOSE;
* Show is verbose mode is on
*
* @return boot verbose
*/
public static function getVerbose()
{
return self::$_PHPCAS_VERBOSE;
}
/**
@ -995,6 +994,25 @@ class phpCAS
}
}
/**
* Set a callback function to be run when receiving CAS attributes
*
* The callback function will be passed an $success_elements
* payload of the response (\DOMElement) as its first parameter.
*
* @param string $function Callback function
* @param array $additionalArgs optional array of arguments
*
* @return void
*/
public static function setCasAttributeParserCallback($function, array $additionalArgs = array())
{
phpCAS::_validateClientExists();
self::$_PHPCAS_CLIENT->setCasAttributeParserCallback($function, $additionalArgs);
}
/**
* Set a callback function to be run when a user authenticates.
*
@ -1295,7 +1313,11 @@ class phpCAS
/**
* Set the serviceValidate URL of the CAS server.
* Used only in CAS 1.0 validations
* Used for all CAS versions of URL validations.
* Examples:
* CAS 1.0 http://www.exemple.com/validate
* CAS 2.0 http://www.exemple.com/validateURL
* CAS 3.0 http://www.exemple.com/p3/serviceValidate
*
* @param string $url the serviceValidate URL
*
@ -1317,7 +1339,11 @@ class phpCAS
/**
* Set the proxyValidate URL of the CAS server.
* Used for all CAS 2.0 validations
* Used for all CAS versions of proxy URL validations
* Examples:
* CAS 1.0 http://www.exemple.com/
* CAS 2.0 http://www.exemple.com/proxyValidate
* CAS 3.0 http://www.exemple.com/p3/proxyValidate
*
* @param string $url the proxyValidate URL
*
@ -1801,6 +1827,16 @@ class phpCAS
throw new CAS_OutOfSequenceBeforeProxyException();
}
}
/**
* For testing purposes, use this method to set the client to a test double
*
* @return void
*/
public static function setCasClient(\CAS_Client $client)
{
self::$_PHPCAS_CLIENT = $client;
}
}
// ########################################################################
// DOCUMENTATION

19
auth/cas/CAS/CAS/AuthenticationException.php
View File

@ -68,6 +68,7 @@ implements CAS_Exception
public function __construct($client,$failure,$cas_url,$no_response,
$bad_response='',$cas_response='',$err_code='',$err_msg=''
) {
$messages = array();
phpCAS::traceBegin();
$lang = $client->getLangObj();
$client->printHTMLHeader($lang->getAuthenticationFailed());
@ -76,32 +77,34 @@ implements CAS_Exception
htmlentities($client->getURL()),
isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN']:''
);
phpCAS::trace('CAS URL: '.$cas_url);
phpCAS::trace('Authentication failure: '.$failure);
phpCAS::trace($messages[] = 'CAS URL: '.$cas_url);
phpCAS::trace($messages[] = 'Authentication failure: '.$failure);
if ( $no_response ) {
phpCAS::trace('Reason: no response from the CAS server');
phpCAS::trace($messages[] = 'Reason: no response from the CAS server');
} else {
if ( $bad_response ) {
phpCAS::trace('Reason: bad response from the CAS server');
phpCAS::trace($messages[] = 'Reason: bad response from the CAS server');
} else {
switch ($client->getServerVersion()) {
case CAS_VERSION_1_0:
phpCAS::trace('Reason: CAS error');
phpCAS::trace($messages[] = 'Reason: CAS error');
break;
case CAS_VERSION_2_0:
case CAS_VERSION_3_0:
if ( empty($err_code) ) {
phpCAS::trace('Reason: no CAS error');
phpCAS::trace($messages[] = 'Reason: no CAS error');
} else {
phpCAS::trace('Reason: ['.$err_code.'] CAS error: '.$err_msg);
phpCAS::trace($messages[] = 'Reason: ['.$err_code.'] CAS error: '.$err_msg);
}
break;
}
}
phpCAS::trace('CAS response: '.$cas_response);
phpCAS::trace($messages[] = 'CAS response: '.$cas_response);
}
$client->printHTMLFooter();
phpCAS::traceExit();
parent::__construct(implode("\n", $messages));
}
}

116
auth/cas/CAS/CAS/Client.php
View File

@ -641,7 +641,33 @@ class CAS_Client
}
/**
* @var callback $_postAuthenticateCallbackFunction;
* @var callback $_attributeParserCallbackFunction;
*/
private $_casAttributeParserCallbackFunction = null;
/**
* @var array $_attributeParserCallbackArgs;
*/
private $_casAttributeParserCallbackArgs = array();
/**
* Set a callback function to be run when parsing CAS attributes
*
* The callback function will be passed a XMLNode as its first parameter,
* followed by any $additionalArgs you pass.
*
* @param string $function callback function to call
* @param array $additionalArgs optional array of arguments
*
* @return void
*/
public function setCasAttributeParserCallback($function, array $additionalArgs = array())
{
$this->_casAttributeParserCallbackFunction = $function;
$this->_casAttributeParserCallbackArgs = $additionalArgs;
}
/** @var callback $_postAuthenticateCallbackFunction;
*/
private $_postAuthenticateCallbackFunction = null;
@ -905,7 +931,12 @@ class CAS_Client
session_start();
phpCAS :: trace("Starting a new session " . session_id());
}
// Only for debug purposes
if ($this->isSessionAuthenticated()){
phpCAS :: trace("Session is authenticated as: " . $_SESSION['phpCAS']['user']);
} else {
phpCAS :: trace("Session is not authenticated");
}
// are we in proxy mode ?
$this->_proxy = $proxy;
@ -1229,7 +1260,7 @@ class CAS_Client
$res = true;
} else {
$this->redirectToCas(false, true);
// never reached
// never reached
$res = false;
}
phpCAS::traceEnd();
@ -1664,8 +1695,15 @@ class CAS_Client
header('Location: '.$cas_url);
phpCAS::trace("Prepare redirect to : ".$cas_url);
phpCAS::trace("Destroying session : ".session_id());
session_unset();
session_destroy();
if (session_status() === PHP_SESSION_NONE) {
phpCAS::trace("Session terminated");
} else {
phpCAS::error("Session was not terminated");
phpCAS::trace("Session was not terminated");
}
$lang = $this->getLangObj();
$this->printHTMLHeader($lang->getLogout());
printf('<p>'.$lang->getShouldHaveBeenRedirected(). '</p>', $cas_url);
@ -1905,12 +1943,16 @@ class CAS_Client
*/
public function setCasServerCACert($cert, $validate_cn)
{
// Argument validation
if (gettype($cert) != 'string')
throw new CAS_TypeMismatchException($cert, '$cert', 'string');
if (gettype($validate_cn) != 'boolean')
throw new CAS_TypeMismatchException($validate_cn, '$validate_cn', 'boolean');
// Argument validation
if (gettype($cert) != 'string') {
throw new CAS_TypeMismatchException($cert, '$cert', 'string');
}
if (gettype($validate_cn) != 'boolean') {
throw new CAS_TypeMismatchException($validate_cn, '$validate_cn', 'boolean');
}
if ( !file_exists($cert) && $this->_requestImplementation !== 'CAS_TestHarness_DummyRequest'){
throw new CAS_InvalidArgumentException("Certificate file does not exist " . $this->_requestImplementation);
}
$this->_cas_server_ca_cert = $cert;
$this->_cas_server_cn_validate = $validate_cn;
}
@ -1948,9 +1990,9 @@ class CAS_Client
$validate_url = $this->getServerServiceValidateURL()
.'&ticket='.urlencode($this->getTicket());
if ( $renew ) {
// pass the renew
$validate_url .= '&renew=true';
if ( $renew ) {
// pass the renew
$validate_url .= '&renew=true';
}
// open and read the URL
@ -2027,9 +2069,9 @@ class CAS_Client
// build the URL to validate the ticket
$validate_url = $this->getServerSamlValidateURL();
if ( $renew ) {
// pass the renew
$validate_url .= '&renew=true';
if ( $renew ) {
// pass the renew
$validate_url .= '&renew=true';
}
// open and read the URL
@ -3140,9 +3182,9 @@ class CAS_Client
$validate_url .= '&pgtUrl='.urlencode($this->_getCallbackURL());
}
if ( $renew ) {
// pass the renew
$validate_url .= '&renew=true';
if ( $renew ) {
// pass the renew
$validate_url .= '&renew=true';
}
// open and read the URL
@ -3187,7 +3229,7 @@ class CAS_Client
false/*$no_response*/, true/*$bad_response*/, $text_response
);
$result = false;
} else if ( $tree_response->getElementsByTagName("authenticationFailure")->length != 0) {
} else if ( $tree_response->getElementsByTagName("authenticationFailure")->length != 0) {
// authentication failed, extract the error code and message and throw exception
$auth_fail_list = $tree_response
->getElementsByTagName("authenticationFailure");
@ -3288,7 +3330,16 @@ class CAS_Client
// </cas:authenticationSuccess>
// </cas:serviceResponse>
//
if ( $success_elements->item(0)->getElementsByTagName("attributes")->length != 0) {
if ($this->_casAttributeParserCallbackFunction !== null
&& is_callable($this->_casAttributeParserCallbackFunction)
) {
array_unshift($this->_casAttributeParserCallbackArgs, $success_elements->item(0));
phpCas :: trace("Calling attritubeParser callback");
$extra_attributes = call_user_func_array(
$this->_casAttributeParserCallbackFunction,
$this->_casAttributeParserCallbackArgs
);
} elseif ( $success_elements->item(0)->getElementsByTagName("attributes")->length != 0) {
$attr_nodes = $success_elements->item(0)
->getElementsByTagName("attributes");
phpCas :: trace("Found nested jasig style attributes");
@ -3501,6 +3552,22 @@ class CAS_Client
return $this->_url;
}
/**
* This method sets the base URL of the CAS server.
*
* @param string $url the base URL
*
* @return string base url
*/
public function setBaseURL($url)
{
// Argument Validation
if (gettype($url) != 'string')
throw new CAS_TypeMismatchException($url, '$url', 'string');
return $this->_server['base_url'] = $url;
}
/**
* Try to figure out the phpCas client URL with possible Proxys / Ports etc.
@ -3551,15 +3618,16 @@ class CAS_Client
{
if (!empty($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
return ($_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https');
}
if ( isset($_SERVER['HTTPS'])
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_PROTOCOL'])) {
return ($_SERVER['HTTP_X_FORWARDED_PROTOCOL'] === 'https');
} elseif ( isset($_SERVER['HTTPS'])
&& !empty($_SERVER['HTTPS'])
&& strcasecmp($_SERVER['HTTPS'], 'off') !== 0
) {
return true;
} else {
return false;
}
return false;
}
/**

114
auth/cas/CAS/CAS/Languages/ChineseSimplified.php Normal file
View File

@ -0,0 +1,114 @@
<?php
/**
* Licensed to Jasig under one or more contributor license
* agreements. See the NOTICE file distributed with this work for
* additional information regarding copyright ownership.
*
* Jasig licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except in
* compliance with the License. You may obtain a copy of the License at:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* PHP Version 5
*
* @file CAS/Language/ChineseSimplified.php
* @category Authentication
* @package PhpCAS
* @author Pascal Aubry <pascal.aubry@univ-rennes1.fr>, Phy25 <caslang@phy25.com>
* @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
* @link https://wiki.jasig.org/display/CASC/phpCAS
*/
/**
* Chinese Simplified language class
*
* @class CAS_Languages_ChineseSimplified
* @category Authentication
* @package PhpCAS
* @author Pascal Aubry <pascal.aubry@univ-rennes1.fr>, Phy25 <caslang@phy25.com>
* @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
* @link https://wiki.jasig.org/display/CASC/phpCAS
*
* @sa @link internalLang Internationalization @endlink
* @ingroup internalLang
*/
class CAS_Languages_ChineseSimplified implements CAS_Languages_LanguageInterface
{
/**
* Get the using server string
*
* @return string using server
*/
public function getUsingServer()
{
return '连接的服务器';
}
/**
* Get authentication wanted string
*
* @return string authentication wanted
*/
public function getAuthenticationWanted()
{
return '请进行 CAS 认证!';
}
/**
* Get logout string
*
* @return string logout
*/
public function getLogout()
{
return '请进行 CAS 登出!';
}
/**
* Get the should have been redirected string
*
* @return string should habe been redirected
*/
public function getShouldHaveBeenRedirected()
{
return '你正被重定向到 CAS 服务器。<a href="%s">点击这里</a>继续。';
}
/**
* Get authentication failed string
*
* @return string authentication failed
*/
public function getAuthenticationFailed()
{
return 'CAS 认证失败!';
}
/**
* Get the your were not authenticated string
*
* @return string not authenticated
*/
public function getYouWereNotAuthenticated()
{
return '<p>你没有成功登录。</p><p>你可以<a href="%s">点击这里重新登录</a>。</p><p>如果问题依然存在,请<a href="mailto:%s">联系本站管理员</a>。</p>';
}
/**
* Get the service unavailable string
*
* @return string service unavailable
*/
public function getServiceUnavailable()
{
return '服务器 <b>%s</b> 不可用(<b>%s</b>)。';
}
}

16
auth/cas/CAS/CAS/Languages/Greek.php
View File

@ -49,7 +49,7 @@ class CAS_Languages_Greek implements CAS_Languages_LanguageInterface
*/
public function getUsingServer()
{
return '÷ñçóéìïðïéåßôáé ï åîõðçñåôçôÞò';
return 'χρησιμοποιείται ο εξυπηρετητής';
}
/**
@ -59,7 +59,7 @@ class CAS_Languages_Greek implements CAS_Languages_LanguageInterface
*/
public function getAuthenticationWanted()
{
return 'Áðáéôåßôáé ç ôáõôïðïßçóç CAS!';
return 'Απαιτείται η ταυτοποίηση CAS!';
}
/**
@ -69,7 +69,7 @@ class CAS_Languages_Greek implements CAS_Languages_LanguageInterface
*/
public function getLogout()
{
return 'Áðáéôåßôáé ç áðïóýíäåóç áðü CAS!';
return 'Απαιτείται η αποσύνδεση από CAS!';
}
/**
@ -79,7 +79,7 @@ class CAS_Languages_Greek implements CAS_Languages_LanguageInterface
*/
public function getShouldHaveBeenRedirected()
{
return 'Èá Ýðñåðå íá åß÷áôå áíáêáôåõèõíèåß óôïí åîõðçñåôçôÞ CAS. ÊÜíôå êëßê <a href="%s">åäþ</a> ãéá íá óõíå÷ßóåôå.';
return 'Θα έπρεπε να είχατε ανακατευθυνθεί στον εξυπηρετητή CAS. Κάντε κλίκ <a href="%s">εδώ</a> για να συνεχίσετε.';
}
/**
@ -89,7 +89,7 @@ class CAS_Languages_Greek implements CAS_Languages_LanguageInterface
*/
public function getAuthenticationFailed()
{
return 'Ç ôáõôïðïßçóç CAS áðÝôõ÷å!';
return 'Η ταυτοποίηση CAS απέτυχε!';
}
/**
@ -99,7 +99,7 @@ class CAS_Languages_Greek implements CAS_Languages_LanguageInterface
*/
public function getYouWereNotAuthenticated()
{
return '<p>Äåí ôáõôïðïéçèÞêáôå.</p><p>Ìðïñåßôå íá îáíáðñïóðáèÞóåôå, êÜíïíôáò êëßê <a href="%s">åäþ</a>.</p><p>Åáí ôï ðñüâëçìá åðéìåßíåé, åëÜôå óå åðáöÞ ìå ôïí <a href="mailto:%s">äéá÷åéñéóôÞ</a>.</p>';
return '<p>Δεν ταυτοποιηθήκατε.</p><p>Μπορείτε να ξαναπροσπαθήσετε, κάνοντας κλίκ <a href="%s">εδώ</a>.</p><p>Εαν το πρόβλημα επιμείνει, ελάτε σε επαφή με τον <a href="mailto:%s">διαχειριστή</a>.</p>';
}
/**
@ -109,7 +109,7 @@ class CAS_Languages_Greek implements CAS_Languages_LanguageInterface
*/
public function getServiceUnavailable()
{
return 'Ç õðçñåóßá `<b>%s</b>\' äåí åßíáé äéáèÝóéìç (<b>%s</b>).';
return 'Η υπηρεσία `<b>%s</b>\' δεν είναι διαθέσιμη (<b>%s</b>).';
}
}
?>
?>

18
auth/cas/CAS/CAS/Languages/Japanese.php
View File

@ -28,7 +28,7 @@
*/
/**
* Japanese language class. Now Encoding is EUC-JP and LF
* Japanese language class. Now Encoding is UTF-8.
*
* @class CAS_Languages_Japanese
* @category Authentication
@ -47,7 +47,7 @@ class CAS_Languages_Japanese implements CAS_Languages_LanguageInterface
*/
public function getUsingServer()
{
return 'using server';
return 'サーバーを使っています。';
}
/**
@ -57,7 +57,7 @@ class CAS_Languages_Japanese implements CAS_Languages_LanguageInterface
*/
public function getAuthenticationWanted()
{
return 'CAS<EFBFBD>ˤ<EFBFBD><EFBFBD>ǧ<EFBFBD>ڤ<EFBFBD>Ԥ<EFBFBD><EFBFBD>ޤ<EFBFBD>';
return 'CASによる認証を行います。';
}
/**
@ -67,7 +67,7 @@ class CAS_Languages_Japanese implements CAS_Languages_LanguageInterface
*/
public function getLogout()
{
return 'CAS<EFBFBD><EFBFBD><EFBFBD><EFBFBD>?<3F><><EFBFBD><EFBFBD><EFBFBD>Ȥ<EFBFBD><C8A4>ޤ<EFBFBD>!';
return 'CASからログアウトします!';
}
/**
@ -77,7 +77,7 @@ class CAS_Languages_Japanese implements CAS_Languages_LanguageInterface
*/
public function getShouldHaveBeenRedirected()
{
return 'CAS<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ф˹Ԥ<EFBFBD>ɬ<EFBFBD>פ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ޤ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ưŪ<EFBFBD><EFBFBD>ž<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ʤ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <a href="%s"><3E><><EFBFBD><EFBFBD><EFBFBD><EFBFBD></a> <20>򥯥<EFBFBD>å<EFBFBD><C3A5><EFBFBD><EFBFBD><EFBFBD>³<EFBFBD>Ԥ<EFBFBD><D4A4>ޤ<EFBFBD><DEA4>';
return 'CASサーバに行く必要があります。自動的に転送されない場合は <a href="%s">こちら</a> をクリックして続行します。';
}
/**
@ -87,7 +87,7 @@ class CAS_Languages_Japanese implements CAS_Languages_LanguageInterface
*/
public function getAuthenticationFailed()
{
return 'CAS<EFBFBD>ˤ<EFBFBD><EFBFBD>ǧ<EFBFBD>ڤ˼<EFBFBD><EFBFBD>Ԥ<EFBFBD><EFBFBD>ޤ<EFBFBD><EFBFBD><EFBFBD>';
return 'CASによる認証に失敗しました。';
}
/**
@ -97,7 +97,7 @@ class CAS_Languages_Japanese implements CAS_Languages_LanguageInterface
*/
public function getYouWereNotAuthenticated()
{
return '<p>ǧ<EFBFBD>ڤǤ<EFBFBD><EFBFBD>ޤ<EFBFBD><EFBFBD><EFBFBD>Ǥ<EFBFBD><EFBFBD><EFBFBD>.</p><p><3E><EFBFBD><E2A4A6><EFBFBD>٥<D9A5><EAA5AF><EFBFBD><EFBFBD><EFBFBD>Ȥ<EFBFBD><C8A4><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><a href="%s"><3E><><EFBFBD><EFBFBD><EFBFBD><EFBFBD></a><3E>򥯥<EFBFBD>å<EFBFBD>.</p><p><3E><><EFBFBD><EFBFBD><EAA4AC><EFBFBD>ʤ<EFBFBD><CAA4><EFBFBD><EFBFBD><EFBFBD> <a href="mailto:%s"><3E><><EFBFBD>Υ<EFBFBD><CEA5><EFBFBD><EFBFBD>Ȥδ<C8A4><CEB4><EFBFBD><EFBFBD></a><3E><><EFBFBD><EFBFBD><E4A4A4><EFBFBD>Ƥ<EFBFBD><C6A4><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>.</p>';
return '<p>認証できませんでした。</p><p>もう一度リクエストを送信する場合は<a href="%s">こちら</a>をクリック。</p><p>問題が解決しない場合は <a href="mailto:%s">このサイトの管理者</a>に問い合わせてください。</p>';
}
/**
@ -107,7 +107,7 @@ class CAS_Languages_Japanese implements CAS_Languages_LanguageInterface
*/
public function getServiceUnavailable()
{
return '<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ӥ<EFBFBD> `<b>%s</b>\' <20><><EFBFBD><EFBFBD><EFBFBD>ѤǤ<D1A4><C7A4>ޤ<EFBFBD><DEA4><EFBFBD> (<b>%s</b>).';
return 'サービス `<b>%s</b>\' は利用できません (<b>%s</b>)。';
}
}
?>
?>

6
auth/cas/CAS/CAS/PGTStorage/File.php
View File

@ -180,8 +180,10 @@ class CAS_PGTStorage_File extends CAS_PGTStorage_AbstractStorage
function getPGTIouFilename($pgt_iou)
{
phpCAS::traceBegin();
$filename = $this->getPath().$pgt_iou.'.plain';
phpCAS::traceEnd($filename);
$filename = $this->getPath()."phpcas-".hash("sha256", $pgt_iou);
// $filename = $this->getPath().$pgt_iou.'.plain';
phpCAS::trace("Sha256 filename:" . $filename);
phpCAS::traceEnd();
return $filename;
}

2
auth/cas/CAS/CAS/Request/CurlMultiRequest.php
View File

@ -122,7 +122,7 @@ implements CAS_Request_MultiRequestInterface
$handles = array();
$multiHandle = curl_multi_init();
foreach ($this->_requests as $i => $request) {
$handle = $request->_initAndConfigure();
$handle = $request->initAndConfigure();
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
$handles[$i] = $handle;
curl_multi_add_handle($multiHandle, $handle);

4
auth/cas/CAS/CAS/Request/CurlRequest.php
View File

@ -67,7 +67,7 @@ implements CAS_Request_RequestInterface
/*********************************************************
* initialize the CURL session
*********************************************************/
$ch = $this->_initAndConfigure();
$ch = $this->initAndConfigure();
/*********************************************************
* Perform the query
@ -99,7 +99,7 @@ implements CAS_Request_RequestInterface
*
* @return resource The cURL handle on success, false on failure
*/
private function _initAndConfigure()
public function initAndConfigure()
{
/*********************************************************
* initialize the CURL session

4
auth/cas/CAS/moodle_readme.txt
View File

@ -1,5 +1,3 @@
Description of phpCAS 1.3.4 library import
Description of phpCAS 1.3.5 library import
* downloaded from http://downloads.jasig.org/cas-clients/php/current/
* MDL-59456 phpCAS library has been patched because of an authentication bypass security vulnerability.

2
auth/cas/thirdpartylibs.xml
View File

@ -4,7 +4,7 @@
<location>CAS</location>
<name>CAS</name>
<license>Apache</license>
<version>1.3.4</version>
<version>1.3.5</version>
<licenseversion>2.0</licenseversion>
</library>
</libraries>