View GitHub Repository CAT

Schedule Inspection
Subscribe
Passed
Push — release_2_1 ( 0ffdbf...a82df5 )
by Maja
10:16 queued 13s
created
Status
Category
Toggle Patches
web/diag/findRealm.php 1 patch
Spacing   +2 added lines, -2 removed lines patch added patch discarded remove patch 
@@ -134,7 +134,7 @@  discard block
 
 block discarded – undo
134 134 
             $expectedName = $addr['hostname'];
135 135 
             $protocols = [];
136 136 
             if (isset($addr['protocols'])) {
137 
-                foreach($addr['protocols'] as $protocol) {
137 
+                foreach ($addr['protocols'] as $protocol) {
138 138 
                     if ($protocol['enabled']) {
139 139 
                         $protocols[] = $protocol['type'];
140 140 
                     }
 
@@ -215,7 +215,7 @@  discard block
 
 block discarded – undo
215 215 
 $json_data = json_encode($returnArray);
216 216
217 217 
 if ($token) {
218 
-    $loggerInstance->debug(4, 'JSON data written to ' .$jsonDir.'/'.$token);
218 
+    $loggerInstance->debug(4, 'JSON data written to '.$jsonDir.'/'.$token);
219 219 
     file_put_contents($jsonDir.'/'.$token.'/realm', $json_data);
220 220 
 }
221 221 
 header("Content-type: application/json; utf-8");
Please login to merge, or discard this patch.
core/diag/RFC6614Tests.php 1 patch
Spacing   +13 added lines, -13 removed lines patch added patch discarded remove patch 
@@ -168,27 +168,27 @@  discard block
 
 block discarded – undo
168 168 
     {
169 169 
         // it could match CN or sAN:DNS, we don't care which
170 170 
         if (isset($this->TLS_CA_checks_result[$host]['certdata']['subject'])) {
171 
-            $this->loggerInstance->debug(4, "Checking expected server name " . $this->expectedName .
172 
-                    " against Subject: " . $this->TLS_CA_checks_result[$host]['certdata']['subject']);
171 
+            $this->loggerInstance->debug(4, "Checking expected server name ".$this->expectedName.
172 
+                    " against Subject: ".$this->TLS_CA_checks_result[$host]['certdata']['subject']);
173 173 
             // we are checking against accidental misconfig, not attacks, so loosely checking against end of string is appropriate
174 
-            if (preg_match("/CN=" . $this->expectedName . "/", $this->TLS_CA_checks_result[$host]['certdata']['subject']) === 1) {
174 
+            if (preg_match("/CN=".$this->expectedName."/", $this->TLS_CA_checks_result[$host]['certdata']['subject']) === 1) {
175 175 
                 return TRUE;
176 176 
             }
177 177 
         }
178 178 
         if (isset($this->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname'])) {
179 
-            $this->loggerInstance->debug(4, "Checking expected server name " . $this->expectedName . " against sANs: ");
179 
+            $this->loggerInstance->debug(4, "Checking expected server name ".$this->expectedName." against sANs: ");
180 180 
             $this->loggerInstance->debug(4, $this->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname']);
181 181 
             $testNames = $this->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname'];
182 182 
             if (!is_array($testNames)) {
183 183 
                 $testNames = [$testNames];
184 184 
             }
185 185 
             foreach ($testNames as $oneName) {
186 
-                if (preg_match("/" . $this->expectedName . "/", $oneName) === 1) {
186 
+                if (preg_match("/".$this->expectedName."/", $oneName) === 1) {
187 187 
                     return TRUE;
188 188 
                 }
189 189 
             }
190 190 
         }
191 
-        $this->loggerInstance->debug(3, "Tried to check expected server name " . $this->expectedName . " but neither CN nor sANs matched.");
191 
+        $this->loggerInstance->debug(3, "Tried to check expected server name ".$this->expectedName." but neither CN nor sANs matched.");
192 192
193 193 
         $this->TLS_CA_checks_result[$host]['cert_oddity'] = RADIUSTests::CERTPROB_DYN_SERVER_NAME_MISMATCH;
194 194 
         return FALSE;
 
@@ -218,9 +218,9 @@  discard block
 
 block discarded – undo
218 218 
                 $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['status'] = $cert['status'];
219 219 
                 $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['message'] = $this->TLS_certkeys[$cert['status']];
220 220 
                 $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['expected'] = $cert['expected'];
221 
-                $add = ' -cert ' . ROOT . '/config/cli-certs/' . $cert['public'] . ' -key ' . ROOT . '/config/cli-certs/' . $cert['private'];
222 
-                if (!file_exists(ROOT . '/config/cli-certs/' . $cert['public']) ||!file_exists(ROOT .
223 
-                        '/config/cli-certs/' . $cert['private'])) {
221 
+                $add = ' -cert '.ROOT.'/config/cli-certs/'.$cert['public'].' -key '.ROOT.'/config/cli-certs/'.$cert['private'];
222 
+                if (!file_exists(ROOT.'/config/cli-certs/'.$cert['public']) || !file_exists(ROOT.
223 
+                        '/config/cli-certs/'.$cert['private'])) {
224 224 
                     $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['finalerror'] = 2;
225 225 
                     continue;
226 226 
                 }
 
@@ -231,7 +231,7 @@  discard block
 
 block discarded – undo
231 231 
                 //if (in_array("TLS1.3", $protocols) && count($protocols) > 1) {
232 232 
                 $prot .= ' -no_tls1_3';
233 233 
                 //}
234 
-                $add .= ' ' . $prot;
234 
+                $add .= ' '.$prot;
235 235 
                 $opensslbabble = $this->execOpensslClient($host, $add, $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]);
236 236 
                 $res = $this->opensslClientsResult($host, $opensslbabble, $this->TLS_clients_checks_result, $type, $k);
237 237 
                 if ($cert['expected'] == 'PASS') {
 
@@ -273,11 +273,11 @@  discard block
 
 block discarded – undo
273 273 
 // but code analysers want this more explicit, so here is this extra
274 274 
 // call to escapeshellarg()
275 275 
         $escapedHost = escapeshellarg($host);
276 
-        $this->loggerInstance->debug(4, \config\Master::PATHS['openssl'] . " s_client -connect " . $escapedHost . " -CApath " . ROOT . "/config/ca-certs/$this->consortium/ $arg 2>&1\n");
276 
+        $this->loggerInstance->debug(4, \config\Master::PATHS['openssl']." s_client -connect ".$escapedHost." -CApath ".ROOT."/config/ca-certs/$this->consortium/ $arg 2>&1\n");
277 277 
         $time_start = microtime(true);
278 278 
         $opensslbabble = [];
279 279 
         $result = 999; // likely to become zero by openssl; don't want to initialise to zero, could cover up exec failures
280 
-        exec(\config\Master::PATHS['openssl'] . " s_client -connect " . $escapedHost . " -CApath " . ROOT . "/config/ca-certs/$this->consortium/ $arg 2>&1", $opensslbabble, $result);
280 
+        exec(\config\Master::PATHS['openssl']." s_client -connect ".$escapedHost." -CApath ".ROOT."/config/ca-certs/$this->consortium/ $arg 2>&1", $opensslbabble, $result);
281 281 
         $time_stop = microtime(true);
282 282 
         $testresults['time_millisec'] = floor(($time_stop - $time_start) * 1000);
283 283 
         $testresults['returncode'] = $result;
 
@@ -399,7 +399,7 @@  discard block
 
 block discarded – undo
399 399 
     private function propertyCheckPolicy($cert)
400 400 
     {
401 401 
         $oids = [];
402 
-        if (isset($cert['extensions']['certificatePolicies']) &&  $cert['extensions']['certificatePolicies']) {
402 
+        if (isset($cert['extensions']['certificatePolicies']) && $cert['extensions']['certificatePolicies']) {
403 403 
             foreach (\config\Diagnostics::RADIUSTESTS['TLS-acceptableOIDs'] as $key => $oid) {
404 404 
                 if (preg_match("/Policy: $oid/", $cert['extensions']['certificatePolicies'])) {
405 405 
                     $oids[$key] = $oid;
Please login to merge, or discard this patch.