From 2aea3a4e85b751bdf329eaaa69a8bee09d70cd49 Mon Sep 17 00:00:00 2001
From: Zbigniew Szmyd <zbigniew.szmyd@linseco.pl>
Date: Wed, 12 Oct 2016 10:20:58 +0200
Subject: [PATCH] Removing ppolicy plugin from my repository.

---
 plugins/ppolicy_checker/config.inc.php.dist |  27 ---
 plugins/ppolicy_checker/ppolicy_checker.php | 190 --------------------
 2 files changed, 217 deletions(-)
 delete mode 100644 plugins/ppolicy_checker/config.inc.php.dist
 delete mode 100644 plugins/ppolicy_checker/ppolicy_checker.php

diff --git a/plugins/ppolicy_checker/config.inc.php.dist b/plugins/ppolicy_checker/config.inc.php.dist
deleted file mode 100644
index da3c2d7bb..000000000
--- a/plugins/ppolicy_checker/config.inc.php.dist
+++ /dev/null
@@ -1,27 +0,0 @@
-<?php
-
-// enable debug mode
-$config['ppolicy_checker_debug'] = false;
-
-// LDAP URI to connect to LDAP servers
-$config['ppolicy_checker_uri'] = 'ldaps://ldap2.example.com/ ldap://ldap.example.com';
-
-// LDAP base DN
-$config['ppolicy_checker_basedn'] = 'dc=example,dc=com';
-
-// LDAP bind user DN
-$config['ppolicy_checker_binddn'] = 'cn=binduser,dc=example,dc=com';
-
-// LDAP bind user password
-$config['ppolicy_checker_bindpw'] = 'somepassword';
-
-// CA certificate file if SSL connection to LDAP server is used
-$config['ppolicy_checker_cafile'] = '/usr/local/share/ca-certificates/example.cacert.crt';
-
-// DN of the policies container 
-$config['ppolicy_checker_policies_basedn'] = 'ou=policies,dc=example,dc=com';
-
-// DN of the default policy
-$config['ppolicy_checker_default_policy'] = 'cn=default,ou=policies,dc=example,dc=com';
-
-?>
diff --git a/plugins/ppolicy_checker/ppolicy_checker.php b/plugins/ppolicy_checker/ppolicy_checker.php
deleted file mode 100644
index 2e1708abb..000000000
--- a/plugins/ppolicy_checker/ppolicy_checker.php
+++ /dev/null
@@ -1,190 +0,0 @@
-<?php
-
-/**
- * LDAP Passwor Policy Expiration Checker
- *
- * Roundcube plugin to check the LDAP password policy for password expiration.
- * If the user's password is in the warning period or has expired it redirects
- * user to change password immediately after login and show the proper message.
- *
- * @version @package_version@
- * @license GNU GPLv3+
- * @author Zbigniew Szmyd (zbigniew.szmyd@linseco.pl)
- * @website http://roundcube.net
- */
-class ppolicy_checker extends rcube_plugin {
-	public $task = 'login';
-	private $rc;
-	private $ldap;
-	private $ldap_config = array ();
-	private $policies    = array ();
-	private $ldap_connected = FALSE;
-	private $binddn;
-	private $policies_basedn;
-	private $default_policy;
-	private $log_file;
-	private $debug      = TRUE;
-	private $login_attr = 'uid';
-	private $end_date;
-	private $expired    = FALSE;
-	private $uri;
-	function init() {
-		require_once 'Net/LDAP2.php';
-		
-		$this->rc = rcmail::get_instance ();
-		$this->load_config ();
-		$this->log_file = 'ppolicy_checker_log.txt';
-		$this->debug    = $this->rc->config->get ( 'ppolicy_checker_debug' );
-		
-		$this->uri = $this->rc->config->get ( 'ppolicy_checker_uri' );
-		
-		$this->basedn = $this->rc->config->get ( 'ppolicy_checker_basedn' );
-		$this->ppolicy_policies_basedn = $this->rc->config->get ( 'ppolicy_checker_policies_base_dn' );
-		$this->default_policy = $this->rc->config->get ( 'ppolicy_checker_default_policy' );
-		
-		$this->ldap_config = array (
-				'binddn'  => $this->rc->config->get ( 'ppolicy_checker_binddn' ),
-				'bindpw'  => $this->rc->config->get ( 'ppolicy_checker_bindpw' ),
-				'basedn'  => $this->basedn,
-				'version' => 3 
-		);
-		
-		$this->add_hook ( 'login_after', array (
-				$this,
-				'check_expired' 
-		) );
-	}
-	function check_expired($args) {
-		$username = $this->rc->user->get_username ();
-		
-		if ($this->connect_ldap_server ( $this->uri )) {
-			
-			$this->load_policies ();
-			if ($this->get_user_info ( $username )) {
-				if ($this->expired) {
-					$args ['_passwdexpired']    = TRUE;
-				} else {
-					$args ['_passwdexpwarning'] = TRUE;
-				}
-								
-				$args ['_passwdexpdate'] = $this->end_date;
-				$args ['_task']        = 'settings';
-				$args ['action']       = 'plugin.password';
-			}
-		}
-		
-		return $args;
-	}
-	function connect_ldap_server($uri) {
-		$ldaps = preg_split ( "/[\s,]+/", $uri );
-		$found = FALSE;
-		while ( ($ldap = array_shift ( $ldaps )) && ! $found ) {
-			$port = 389;
-			$host = 'localhost';
-			$tls  = FALSE;
-			
-			preg_match ( '@^(ldap(s?)://)([^/:]+)(:(\d+))?@i', $ldap, $matches );
-			$host = $matches [3];
-			if ($matches [5]) {
-				$port = $matches [5];
-			}
-			if ($matches [2]) {
-				$tls = TRUE;
-			}
-			
-			// The configuration array:
-			$this->ldap_config ['host']     = $host;
-			$this->ldap_config ['port']     = $port;
-			$this->ldap_config ['starttls'] = $tls;
-			
-			$this->_debug ( "LDAP: \n\thost: $host \n\tport: $port \n\ttls: $tls\n" );
-			// Connecting using the configuration:
-			$this->ldap = Net_LDAP2::connect ( $this->ldap_config );
-			
-			// Testing for connection error
-			if (PEAR::isError ( $this->ldap )) {
-				$this->_debug ( 'ldap connection error: ' . $this->ldap->getMessage () );
-			} else {
-				$this->_debug ( 'ldap bind OK' );
-				$found = TRUE;
-			}
-		}
-		return $found;
-	}
-	function load_policies() {
-		$filter  = '(objectclass=pwdPolicy)';
-		$options = array (
-				'scope'      => 'sub',
-				'attributes' => array (
-						'cn',
-						'pwdMaxAge',
-						'pwdExpireWarning',
-						'pwdGraceAuthnLimit' 
-				) 
-		);
-		
-		$result = $this->ldap->search ( $this->policies_basedn, $filter, $options );
-		if (is_a ( $result, 'PEAR_Error' ) || ($result->count () == 0)) {
-			$this->_debug ( 'policy not found: ' . $result->getMessage () );
-			return 0;
-		} else {
-			while ( $entry = $result->shiftEntry () ) {
-				$dn = $entry->dn ();
-				$this->policies [$dn] ['pwdMaxAge'] = ($entry->getValue ( 'pwdMaxAge', 'single' )) ? $entry->getValue ( 'pwdMaxAge', 'single' ) : 0;
-				$this->policies [$dn] ['pwdExpireWarning'] = ($entry->getValue ( 'pwdExpireWarning', 'single' )) ? $entry->getValue ( 'pwdExpireWarning', 'single' ) : 0;
-				$this->policies [$dn] ['pwdGraceAuthnLimit'] = ($entry->getValue ( 'pwdGraceAuthnLimit', 'single' )) ? $entry->getValue ( 'pwdGraceAuthnLimit', 'single' ) : 0;
-			}
-		}
-	}
-	function get_user_info($login) {
-		$filter  = '(' . $this->login_attr . '=' . $login . ')';
-		$options = array (
-				'scope'      => 'sub',
-				'attributes' => array (
-						'pwdChangedTime',
-						'pwdGraceUseTime',
-						'pwdPolicySubEntry' 
-				) 
-		);
-		
-		$result = $this->ldap->search ( $this->basedn, $filter, $options );
-		
-		if (is_a ( $result, 'PEAR_Error' ) || ($result->count () != 1)) {
-			$this->_debug ( 'user not found, or found more than one: ' . $result->getMessage () );
-			return FALSE;
-		} else {
-			$expiring = FALSE;
-			$entry    = $result->shiftEntry ();
-			$dn       = $entry->dn ();
-			$pwd_ct   = $entry->getValue ( 'pwdChangedTime', 'single' );
-			
-			if (preg_match ( '/(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})(\w+)/', $pwd_ct, $match )) {
-				$now = new DateTime ( 'NOW' );
-				$dct = new DateTime ( $match [1] . '-' . $match [2] . '-' . $match [3] . ' ' . $match [4] . ':' . $match [5] . ':' . $match [6] );
-				
-				$this->_debug ( 'DN: ' . $dn );
-				$policy = ($entry->getValue ( 'pwdPolicySubEntry', 'single' )) ? $entry->getValue ( 'pwdPolicySubEntry', 'single' ) : $this->default_policy;
-				$this->_debug ( 'policy: ' . $policy );
-				
-				if ($this->policies [$policy] ['pwdMaxAge'] > 0) {
-					$end = $dct->add ( new DateInterval ( 'PT' . $this->policies [$policy] ['pwdMaxAge'] . 'S' ) );
-					$this->end_date = $end->format ( 'Y-m-d h:m:s' );
-					
-					$this->_debug ( 'END: ' . $end_date . ' (' . $end->getTimestamp () . '), teraz: ' . $now->getTimestamp () . ", warning: " . $this->policies [$policy] ['pwdExpireWarning'] );
-					if ($now > $end) {
-						$this->expired = true;
-					} elseif ($this->policies [$policy] ['pwdExpireWarning'] > $end->getTimestamp () - $now->getTimestamp ()) {
-						$expiring = true;
-					}
-				}
-			}
-			
-			return $expiring || $this->expired;
-		}
-	}
-	private function _debug($str) {
-		if ($this->debug) {
-			rcube::write_log ( $this->log_file, $str );
-		}
-	}
-}