GEANT /
CAT
@@ -31,10 +31,11 @@ discard block |
||
| 31 | 31 | $idpoptions = $my_inst->getAttributes(); |
| 32 | 32 | $inst_name = $my_inst->name; |
| 33 | 33 | |
| 34 | -if ($wizard_style) |
|
| 34 | +if ($wizard_style) { |
|
| 35 | 35 | $cat = defaultPagePrelude(sprintf(_("%s: IdP enrollment wizard (step 2)"), Config::$APPEARANCE['productname'])); |
| 36 | -else |
|
| 36 | +} else { |
|
| 37 | 37 | $cat = defaultPagePrelude(sprintf(_("%s: Editing IdP '%s'"), Config::$APPEARANCE['productname'], $inst_name)); |
| 38 | +} |
|
| 38 | 39 | // let's check if the inst handle actually exists in the DB and user is authorised |
| 39 | 40 | ?> |
| 40 | 41 | <script src="js/option_expand.js" type="text/javascript"></script> |
@@ -43,9 +44,10 @@ discard block |
||
| 43 | 44 | |
| 44 | 45 | <?php |
| 45 | 46 | $additional = FALSE; |
| 46 | -foreach ($idpoptions as $optionname => $optionvalue) |
|
| 47 | +foreach ($idpoptions as $optionname => $optionvalue) { |
|
| 47 | 48 | if ($optionvalue['name'] == "general:geo_coordinates") |
| 48 | 49 | $additional = TRUE; |
| 50 | +} |
|
| 49 | 51 | geo_widget_head($my_inst->federation, $inst_name) |
| 50 | 52 | ?> |
| 51 | 53 | <script> |
@@ -74,10 +76,11 @@ discard block |
||
| 74 | 76 | |
| 75 | 77 | <h1> |
| 76 | 78 | <?php |
| 77 | -if ($wizard_style) |
|
| 79 | +if ($wizard_style) { |
|
| 78 | 80 | echo _("Step 2: General Information about your IdP"); |
| 79 | -else |
|
| 81 | +} else { |
|
| 80 | 82 | printf(_("Editing IdP information for '%s'"), $inst_name); |
| 83 | +} |
|
| 81 | 84 | ?> |
| 82 | 85 | </h1> |
| 83 | 86 | <div class='infobox'> |
@@ -98,9 +101,10 @@ discard block |
||
| 98 | 101 | echo "<form enctype='multipart/form-data' action='edit_idp_result.php?inst_id=$my_inst->identifier" . ($wizard_style ? "&wizard=true" : "") . "' method='post' accept-charset='UTF-8'> |
| 99 | 102 | <input type='hidden' name='MAX_FILE_SIZE' value='" . Config::$MAX_UPLOAD_SIZE . "'>"; |
| 100 | 103 | |
| 101 | -if ($wizard_style) |
|
| 104 | +if ($wizard_style) { |
|
| 102 | 105 | echo "<p>" . |
| 103 | 106 | _("Hello, newcomer. Your institution is new to us. This wizard will ask you several questions about your IdP, so that we can generate beautiful profiles for you in the end. All of the information below is optional, but it is important to fill out as many fields as possible for the benefit of your end users.") . "</p>"; |
| 107 | +} |
|
| 104 | 108 | ?> |
| 105 | 109 | <fieldset class="option_container"> |
| 106 | 110 | <legend><strong><?php echo _("General Information"); ?></strong></legend> |
@@ -143,12 +147,14 @@ discard block |
||
| 143 | 147 | echo "<strong>" . ( count(Config::$CONSORTIUM['ssid']) > 0 ? _("Additional SSIDs:") : _("SSIDs:")) . " </strong>"; |
| 144 | 148 | if (count(Config::$CONSORTIUM['ssid']) > 0) { |
| 145 | 149 | $ssidlist = ""; |
| 146 | - foreach (Config::$CONSORTIUM['ssid'] as $ssid) |
|
| 147 | - $ssidlist .= ", '<strong>" . $ssid . "</strong>'"; |
|
| 150 | + foreach (Config::$CONSORTIUM['ssid'] as $ssid) { |
|
| 151 | + $ssidlist .= ", '<strong>" . $ssid . "</strong>'"; |
|
| 152 | + } |
|
| 148 | 153 | $ssidlist = substr($ssidlist, 2); |
| 149 | 154 | echo sprintf(ngettext("We will always configure this SSID for WPA2/AES: %s.", "We will always configure these SSIDs for WPA2/AES: %s.", count(Config::$CONSORTIUM['ssid'])), $ssidlist); |
| 150 | - if (Config::$CONSORTIUM['tkipsupport']) |
|
| 151 | - echo " " . _("They will also be configured for WPA/TKIP if the device supports multiple encryption types."); |
|
| 155 | + if (Config::$CONSORTIUM['tkipsupport']) { |
|
| 156 | + echo " " . _("They will also be configured for WPA/TKIP if the device supports multiple encryption types."); |
|
| 157 | + } |
|
| 152 | 158 | echo "<br/>" . sprintf(_("It is also possible to define custom additional SSIDs with the options '%s' and '%s' below."), display_name("media:SSID"), display_name("media:SSID_with_legacy")); |
| 153 | 159 | } else { |
| 154 | 160 | echo _("Please configure which SSIDs should be configured in the installers."); |
@@ -160,8 +166,9 @@ discard block |
||
| 160 | 166 | echo "<strong>" . ( count(Config::$CONSORTIUM['ssid']) > 0 ? _("Additional Hotspot 2.0 / Passpoint Consortia:") : _("Hotspot 2.0 / Passpoint Consortia:")) . " </strong>"; |
| 161 | 167 | if (count(Config::$CONSORTIUM['interworking-consortium-oi']) > 0) { |
| 162 | 168 | $consortiumlist = ""; |
| 163 | - foreach (Config::$CONSORTIUM['interworking-consortium-oi'] as $oi) |
|
| 164 | - $consortiumlist .= ", '<strong>" . $oi . "</strong>'"; |
|
| 169 | + foreach (Config::$CONSORTIUM['interworking-consortium-oi'] as $oi) { |
|
| 170 | + $consortiumlist .= ", '<strong>" . $oi . "</strong>'"; |
|
| 171 | + } |
|
| 165 | 172 | $consortiumlist = substr($consortiumlist, 2); |
| 166 | 173 | echo sprintf(ngettext("We will always configure this Consortium OI: %s.", "We will always configure these Consortium OIs: %s.", count(Config::$CONSORTIUM['interworking-consortium-oi'])), $consortiumlist); |
| 167 | 174 | |
@@ -190,11 +197,12 @@ discard block |
||
| 190 | 197 | <fieldset class="option_container"> |
| 191 | 198 | <legend><strong><?php echo _("Helpdesk Details for all users"); ?></strong></legend> |
| 192 | 199 | <?php |
| 193 | -if ($wizard_style) |
|
| 200 | +if ($wizard_style) { |
|
| 194 | 201 | echo "<p>" . |
| 195 | 202 | _("If your IdP provides a helpdesk for its users, it would be nice if you would tell us the pointers to this helpdesk. Some site installers might be able to signal this information to the user if he gets stuck.") . "</p> |
| 196 | 203 | <p>" . |
| 197 | 204 | _("If you enter a value here, it will be added to the site installers for all your users, and will be displayed on the download page. If you operate separate helpdesks for different user groups (we call this 'profiles'), or operate no help desk at all (shame on you!), you can also leave any of these fields empty and optionally specify per-profile helpdesk information later in this wizard.") . "</p>"; |
| 205 | +} |
|
| 198 | 206 | ?> |
| 199 | 207 | |
| 200 | 208 | <table id="expandable_support_options"> |
@@ -206,9 +214,10 @@ discard block |
||
| 206 | 214 | <!-- <fieldset class="option_container"> |
| 207 | 215 | <legend><strong><?php echo _("EAP details for all users"); ?></strong></legend> |
| 208 | 216 | <?php |
| 209 | -if ($wizard_style) |
|
| 217 | +if ($wizard_style) { |
|
| 210 | 218 | echo "<p>" . _("Most EAP methods need server-side authentication details, like the CA certificate and/or server name(s) of your authentication servers. If all the EAP methods you support work with the same CA and or Common Names of servers, you can enter them here and they will be added as trust anchors in all profiles. If the details differ per profile or per EAP-type, you can also enter them in the individual profiles later.") . "</p> |
| 211 | 219 | <p>" . sprintf(_("<strong>Note well: </strong>The server-side validation is a cornerstone of %s; without it, users are subject to man-in-the-middle attacks! We will not generate site installers without Trusted CA anchors and server names."), Config::$CONSORTIUM['name']) . "</p>"; |
| 220 | +} |
|
| 212 | 221 | ?> |
| 213 | 222 | <table id="expandable_eapserver_options"> |
| 214 | 223 | <?php |
@@ -18,10 +18,11 @@ |
||
| 18 | 18 | if ($ls['Code'] === 'urn:oasis:names:tc:SAML:2.0:status:Success' && !isset($ls['SubCode'])) { |
| 19 | 19 | /* Successful logout. */ |
| 20 | 20 | $url = htmlspecialchars($_SERVER['HTTP_HOST']) . substr($_SERVER['PHP_SELF'], 0, strrpos($_SERVER['PHP_SELF'], "/admin/logout_check.php")); |
| 21 | - if ($_SERVER['HTTPS'] == "on") |
|
| 22 | - $url = "https://" . $url; |
|
| 23 | - else |
|
| 24 | - $url = "http://" . $url; |
|
| 21 | + if ($_SERVER['HTTPS'] == "on") { |
|
| 22 | + $url = "https://" . $url; |
|
| 23 | + } else { |
|
| 24 | + $url = "http://" . $url; |
|
| 25 | + } |
|
| 25 | 26 | |
| 26 | 27 | header("Location: $url"); |
| 27 | 28 | } else { |
@@ -31,10 +31,11 @@ |
||
| 31 | 31 | <?php |
| 32 | 32 | $remaining_attribs = $user->beginflushAttributes(); |
| 33 | 33 | |
| 34 | -if (isset($_POST['option'])) |
|
| 34 | +if (isset($_POST['option'])) { |
|
| 35 | 35 | foreach ($_POST['option'] as $opt_id => $optname) |
| 36 | 36 | if ($optname == "user:fedadmin") { |
| 37 | 37 | echo "Security violation: user tried to make himself federation administrator!"; |
| 38 | +} |
|
| 38 | 39 | exit(1); |
| 39 | 40 | } |
| 40 | 41 | ?> |
@@ -128,19 +128,21 @@ discard block |
||
| 128 | 128 | if (isset($_GET['invitation'])) { |
| 129 | 129 | echo "<div class='ca-summary' style='position:relative;'><table>"; |
| 130 | 130 | |
| 131 | - if ($_GET['invitation'] == "SUCCESS") |
|
| 132 | - echo UI_remark(_("The invitation email was sent successfully."), _("The invitation email was sent.")); |
|
| 133 | - else if ($_GET['invitation'] == "FAILURE") |
|
| 134 | - echo UI_error(_("The invitation email could not be sent!"), _("The invitation email could not be sent!")); |
|
| 135 | - else |
|
| 136 | - echo UI_error(_("Error: unknown result code of invitation!?!"), _("Unknown result!")); |
|
| 131 | + if ($_GET['invitation'] == "SUCCESS") { |
|
| 132 | + echo UI_remark(_("The invitation email was sent successfully."), _("The invitation email was sent.")); |
|
| 133 | + } else if ($_GET['invitation'] == "FAILURE") { |
|
| 134 | + echo UI_error(_("The invitation email could not be sent!"), _("The invitation email could not be sent!")); |
|
| 135 | + } else { |
|
| 136 | + echo UI_error(_("Error: unknown result code of invitation!?!"), _("Unknown result!")); |
|
| 137 | + } |
|
| 137 | 138 | |
| 138 | 139 | echo "</table></div>"; |
| 139 | 140 | } |
| 140 | - if (Config::$CONSORTIUM['name'] == 'eduroam') |
|
| 141 | - $helptext = "<h3>" . sprintf(_("Need help? Refer to the <a href='%s'>Federation Operator manual</a>"),"https://wiki.geant.org/x/KQB_AQ")."</h3>"; |
|
| 142 | - else |
|
| 143 | - $helptext = ""; |
|
| 141 | + if (Config::$CONSORTIUM['name'] == 'eduroam') { |
|
| 142 | + $helptext = "<h3>" . sprintf(_("Need help? Refer to the <a href='%s'>Federation Operator manual</a>"),"https://wiki.geant.org/x/KQB_AQ")."</h3>"; |
|
| 143 | + } else { |
|
| 144 | + $helptext = ""; |
|
| 145 | + } |
|
| 144 | 146 | echo $helptext; |
| 145 | 147 | |
| 146 | 148 | ?> |
@@ -153,8 +155,9 @@ discard block |
||
| 153 | 155 | $feds = $user->getAttributes("user:fedadmin"); |
| 154 | 156 | $pending_invites = $mgmt->listPendingInvitations(); |
| 155 | 157 | |
| 156 | - if (Config::$DB['enforce-external-sync']) |
|
| 157 | - echo "<th>" . sprintf(_("%s Database Sync Status"), Config::$CONSORTIUM['name']) . "</th>"; |
|
| 158 | + if (Config::$DB['enforce-external-sync']) { |
|
| 159 | + echo "<th>" . sprintf(_("%s Database Sync Status"), Config::$CONSORTIUM['name']) . "</th>"; |
|
| 160 | + } |
|
| 158 | 161 | ?> |
| 159 | 162 | <th><?php echo _("Administrator Management"); ?></th> |
| 160 | 163 | </tr> |
@@ -165,10 +168,11 @@ discard block |
||
| 165 | 168 | |
| 166 | 169 | // extract only pending invitations for *this* fed |
| 167 | 170 | $display_pendings = FALSE; |
| 168 | - foreach ($pending_invites as $oneinvite) |
|
| 169 | - if (strtoupper($oneinvite['country']) == strtoupper($thefed->identifier)) { |
|
| 171 | + foreach ($pending_invites as $oneinvite) { |
|
| 172 | + if (strtoupper($oneinvite['country']) == strtoupper($thefed->identifier)) { |
|
| 170 | 173 | // echo "PENDINGS!"; |
| 171 | 174 | $display_pendings = TRUE; |
| 175 | + } |
|
| 172 | 176 | } |
| 173 | 177 | |
| 174 | 178 | $idps = $thefed->listIdentityProviders(); |
@@ -253,8 +257,8 @@ discard block |
||
| 253 | 257 | </strong> |
| 254 | 258 | </td> |
| 255 | 259 | </tr>"; |
| 256 | - foreach ($pending_invites as $oneinvite) |
|
| 257 | - if (strtoupper($oneinvite['country']) == strtoupper($thefed->identifier)) { |
|
| 260 | + foreach ($pending_invites as $oneinvite) { |
|
| 261 | + if (strtoupper($oneinvite['country']) == strtoupper($thefed->identifier)) { |
|
| 258 | 262 | echo "<tr> |
| 259 | 263 | <td>" . |
| 260 | 264 | $oneinvite['name'] . " |
@@ -263,6 +267,7 @@ discard block |
||
| 263 | 267 | $oneinvite['mail'] . " |
| 264 | 268 | </td> |
| 265 | 269 | <td colspan=2>"; |
| 270 | + } |
|
| 266 | 271 | echo "<form method='post' action='overview_federation.php' accept-charset='UTF-8'> |
| 267 | 272 | <input type='hidden' name='invitation_id' value='" . $oneinvite['token'] . "'/> |
| 268 | 273 | <button class='delete' type='submit' name='submitbutton' value='" . BUTTON_DELETE . "'>" . _("Revoke Invitation") . "</button> |
@@ -36,13 +36,15 @@ discard block |
||
| 36 | 36 | foreach (array_reverse($dn) as $k => $v) { |
| 37 | 37 | if(is_array ($v)) { |
| 38 | 38 | foreach ($v as $V) { |
| 39 | - if($out) |
|
| 40 | - $out .= ','; |
|
| 39 | + if($out) { |
|
| 40 | + $out .= ','; |
|
| 41 | + } |
|
| 41 | 42 | $out .= "$k=$V"; |
| 42 | 43 | } |
| 43 | 44 | } else { |
| 44 | - if($out) |
|
| 45 | - $out .= ','; |
|
| 45 | + if($out) { |
|
| 46 | + $out .= ','; |
|
| 47 | + } |
|
| 46 | 48 | $out .= "$k=$v"; |
| 47 | 49 | } |
| 48 | 50 | } |
@@ -61,8 +63,9 @@ discard block |
||
| 61 | 63 | $udp_result = $testsuite->UDP_reachability_result[$host]; |
| 62 | 64 | if(isset($udp_result['certdata']) && count($udp_result['certdata'])) { |
| 63 | 65 | foreach ($udp_result['certdata'] as $certdata) { |
| 64 | - if($certdata['type'] != 'server' && $certdata['type'] != 'totally_selfsigned' ) |
|
| 65 | - continue; |
|
| 66 | + if($certdata['type'] != 'server' && $certdata['type'] != 'totally_selfsigned' ) { |
|
| 67 | + continue; |
|
| 68 | + } |
|
| 66 | 69 | $server_cert = [ |
| 67 | 70 | 'subject' => printDN($certdata['subject']), |
| 68 | 71 | 'issuer' => printDN($certdata['issuer']), |
@@ -77,9 +80,9 @@ discard block |
||
| 77 | 80 | $ret['server_cert'] = $server_cert; |
| 78 | 81 | if(isset($udp_result['incoming_server_names'][0]) ) { |
| 79 | 82 | $ret['server'] = sprintf(_("Connected to %s."), $udp_result['incoming_server_names'][0]); |
| 83 | + } else { |
|
| 84 | + $ret['server'] = 0; |
|
| 80 | 85 | } |
| 81 | - else |
|
| 82 | - $ret['server'] = 0; |
|
| 83 | 86 | $ret['level'] = L_OK; |
| 84 | 87 | $ret['time_millisec'] = sprintf("%d", $udp_result['time_millisec']); |
| 85 | 88 | if (isset($udp_result['cert_oddities']) && count($udp_result['cert_oddities']) > 0) { |
@@ -100,8 +103,9 @@ discard block |
||
| 100 | 103 | return $ret; |
| 101 | 104 | } |
| 102 | 105 | |
| 103 | -if (!isset($_REQUEST['test_type']) || !$_REQUEST['test_type']) |
|
| 106 | +if (!isset($_REQUEST['test_type']) || !$_REQUEST['test_type']) { |
|
| 104 | 107 | exit; |
| 108 | +} |
|
| 105 | 109 | |
| 106 | 110 | $test_type = $_REQUEST['test_type']; |
| 107 | 111 | $check_realm = valid_Realm($_REQUEST['realm']); |
@@ -119,8 +123,9 @@ discard block |
||
| 119 | 123 | exit; |
| 120 | 124 | */ |
| 121 | 125 | $hostindex = $_REQUEST['hostindex']; |
| 122 | -if(!is_numeric($hostindex)) |
|
| 126 | +if(!is_numeric($hostindex)) { |
|
| 123 | 127 | exit; |
| 128 | +} |
|
| 124 | 129 | |
| 125 | 130 | |
| 126 | 131 | $returnarray = []; |
@@ -235,10 +240,11 @@ discard block |
||
| 235 | 240 | switch ($testresult) { |
| 236 | 241 | case RETVAL_CONVERSATION_REJECT: |
| 237 | 242 | $level = $returnarray['result'][$i]['level']; |
| 238 | - if($level > L_OK) |
|
| 239 | - $message = _("<strong>Test partially successful</strong>: a bidirectional RADIUS conversation with multiple round-trips was carried out, and ended in an Access-Reject as planned.") . ' ' . $additional_message[$level]; |
|
| 240 | - else |
|
| 241 | - $message = _("<strong>Test successful</strong>: a bidirectional RADIUS conversation with multiple round-trips was carried out, and ended in an Access-Reject as planned."); |
|
| 243 | + if($level > L_OK) { |
|
| 244 | + $message = _("<strong>Test partially successful</strong>: a bidirectional RADIUS conversation with multiple round-trips was carried out, and ended in an Access-Reject as planned.") . ' ' . $additional_message[$level]; |
|
| 245 | + } else { |
|
| 246 | + $message = _("<strong>Test successful</strong>: a bidirectional RADIUS conversation with multiple round-trips was carried out, and ended in an Access-Reject as planned."); |
|
| 247 | + } |
|
| 242 | 248 | break; |
| 243 | 249 | case RETVAL_IMMEDIATE_REJECT: |
| 244 | 250 | $message = _("<strong>Test FAILED</strong>: the request was rejected immediately, without EAP conversation. This is not necessarily an error: if the RADIUS server enforces that outer identities correspond to an existing username, then this result is expected (Note: you could configure a valid outer identity in your profile settings to get past this hurdle). In all other cases, the server appears misconfigured or it is unreachable."); |
@@ -276,23 +282,28 @@ discard block |
||
| 276 | 282 | } else { |
| 277 | 283 | $returnarray['message'] = $testsuite->return_codes[$testsuite->TLS_CA_checks_result[$host]['status']]["message"]; |
| 278 | 284 | $returnarray['level'] = L_OK; |
| 279 | - if ($testsuite->TLS_CA_checks_result[$host]['status'] != RETVAL_CONNECTION_REFUSED) |
|
| 280 | - $returnarray['message'] .= ' (' . sprintf(_("elapsed time: %d"), $testsuite->TLS_CA_checks_result[$host]['time_millisec']) . ' ms)'; |
|
| 281 | - else |
|
| 282 | - $returnarray['level'] = L_ERROR; |
|
| 285 | + if ($testsuite->TLS_CA_checks_result[$host]['status'] != RETVAL_CONNECTION_REFUSED) { |
|
| 286 | + $returnarray['message'] .= ' (' . sprintf(_("elapsed time: %d"), $testsuite->TLS_CA_checks_result[$host]['time_millisec']) . ' ms)'; |
|
| 287 | + } else { |
|
| 288 | + $returnarray['level'] = L_ERROR; |
|
| 289 | + } |
|
| 283 | 290 | if ($testsuite->TLS_CA_checks_result[$host]['status'] == RETVAL_OK) { |
| 284 | 291 | $returnarray['certdata'] = []; |
| 285 | 292 | $returnarray['certdata']['subject'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['subject']; |
| 286 | 293 | $returnarray['certdata']['issuer'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['issuer']; |
| 287 | 294 | $returnarray['certdata']['extensions'] = []; |
| 288 | - if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname'])) |
|
| 289 | - $returnarray['certdata']['extensions']['subjectaltname'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname']; |
|
| 290 | - if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['policyoid'])) |
|
| 291 | - $returnarray['certdata']['extensions']['policies'] = join(' ', $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['policyoid']); |
|
| 292 | - if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['crlDistributionPoint'])) |
|
| 293 | - $returnarray['certdata']['extensions']['crldistributionpoints'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['crlDistributionPoint']; |
|
| 294 | - if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['authorityInfoAccess'])) |
|
| 295 | - $returnarray['certdata']['extensions']['authorityinfoaccess'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['authorityInfoAccess']; |
|
| 295 | + if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname'])) { |
|
| 296 | + $returnarray['certdata']['extensions']['subjectaltname'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname']; |
|
| 297 | + } |
|
| 298 | + if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['policyoid'])) { |
|
| 299 | + $returnarray['certdata']['extensions']['policies'] = join(' ', $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['policyoid']); |
|
| 300 | + } |
|
| 301 | + if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['crlDistributionPoint'])) { |
|
| 302 | + $returnarray['certdata']['extensions']['crldistributionpoints'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['crlDistributionPoint']; |
|
| 303 | + } |
|
| 304 | + if (isset($testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['authorityInfoAccess'])) { |
|
| 305 | + $returnarray['certdata']['extensions']['authorityinfoaccess'] = $testsuite->TLS_CA_checks_result[$host]['certdata']['extensions']['authorityInfoAccess']; |
|
| 306 | + } |
|
| 296 | 307 | } |
| 297 | 308 | $returnarray['cert_oddities'] = []; |
| 298 | 309 | } |
@@ -306,10 +317,11 @@ discard block |
||
| 306 | 317 | $k = 0; |
| 307 | 318 | // the host member of the array may not exist if RETVAL_SKIPPED came out |
| 308 | 319 | // (e.g. no client cert to test with). Be prepared for that |
| 309 | - if (isset($testsuite->TLS_clients_checks_result[$host])) |
|
| 310 | - foreach ($testsuite->TLS_clients_checks_result[$host]['ca'] as $type => $cli) { |
|
| 320 | + if (isset($testsuite->TLS_clients_checks_result[$host])) { |
|
| 321 | + foreach ($testsuite->TLS_clients_checks_result[$host]['ca'] as $type => $cli) { |
|
| 311 | 322 | foreach ($cli as $key => $val) { |
| 312 | 323 | $returnarray['ca'][$k][$key] = $val; |
| 324 | + } |
|
| 313 | 325 | } |
| 314 | 326 | $k++; |
| 315 | 327 | } |
@@ -347,8 +359,9 @@ discard block |
||
| 347 | 359 | $oids = check_policy($data); |
| 348 | 360 | if (!empty($oids)) { |
| 349 | 361 | $printedres .= '<li>' . _("Certificate policies") . ':'; |
| 350 | - foreach ($oids as $k => $o) |
|
| 351 | - $printedres .= " $o ($k)"; |
|
| 362 | + foreach ($oids as $k => $o) { |
|
| 363 | + $printedres .= " $o ($k)"; |
|
| 364 | + } |
|
| 352 | 365 | } |
| 353 | 366 | if (($crl = certificate_get_field($data, 'crlDistributionPoints'))) { |
| 354 | 367 | $printedres .= '<li>' . _("crlDistributionPoints") . ': ' . $crl; |
@@ -28,8 +28,9 @@ discard block |
||
| 28 | 28 | |
| 29 | 29 | // delete stored realm |
| 30 | 30 | |
| 31 | -if (isset($_SESSION['check_realm'])) |
|
| 31 | +if (isset($_SESSION['check_realm'])) { |
|
| 32 | 32 | unset($_SESSION['check_realm']); |
| 33 | +} |
|
| 33 | 34 | |
| 34 | 35 | |
| 35 | 36 | geo_widget_head($my_inst->federation, $my_inst->name); |
@@ -95,15 +96,17 @@ discard block |
||
| 95 | 96 | </div> |
| 96 | 97 | <?php |
| 97 | 98 | $loadmap = FALSE; |
| 98 | - foreach ($idpoptions as $optionname => $optionvalue) |
|
| 99 | - if ($optionvalue['name'] == "general:geo_coordinates") |
|
| 99 | + foreach ($idpoptions as $optionname => $optionvalue) { |
|
| 100 | + if ($optionvalue['name'] == "general:geo_coordinates") |
|
| 100 | 101 | $loadmap = TRUE; |
| 101 | - if ($loadmap) |
|
| 102 | - echo ' |
|
| 102 | + } |
|
| 103 | + if ($loadmap) { |
|
| 104 | + echo ' |
|
| 103 | 105 | <div class="infobox" style="width:270px;"> |
| 104 | 106 | <div id="map" style="width:100%; height:150px"></div> |
| 105 | 107 | </div> |
| 106 | 108 | '; |
| 109 | + } |
|
| 107 | 110 | ?> |
| 108 | 111 | </div> |
| 109 | 112 | <table> |
@@ -131,8 +134,8 @@ discard block |
||
| 131 | 134 | <h2><?php _("Available Support actions"); ?></h2> |
| 132 | 135 | <table> |
| 133 | 136 | <?php |
| 134 | - if (count(Config::$RADIUSTESTS['UDP-hosts']) > 0 || Config::$RADIUSTESTS['TLS-discoverytag'] != "") |
|
| 135 | - echo "<tr> |
|
| 137 | + if (count(Config::$RADIUSTESTS['UDP-hosts']) > 0 || Config::$RADIUSTESTS['TLS-discoverytag'] != "") { |
|
| 138 | + echo "<tr> |
|
| 136 | 139 | <td>" . _("Check another realm's reachability") . "</td> |
| 137 | 140 | <td><form method='post' action='action_realmcheck.php?inst_id=$my_inst->identifier' accept-charset='UTF-8'> |
| 138 | 141 | <input type='text' name='realm' id='realm'> |
@@ -140,7 +143,9 @@ discard block |
||
| 140 | 143 | </form> |
| 141 | 144 | </td> |
| 142 | 145 | </tr>"; |
| 143 | - if (Config::$CONSORTIUM['name'] == "eduroam") // SW: APPROVED |
|
| 146 | + } |
|
| 147 | + if (Config::$CONSORTIUM['name'] == "eduroam") { |
|
| 148 | + // SW: APPROVED |
|
| 144 | 149 | echo "<tr> |
| 145 | 150 | <td>" . _("Check server status of European federations") . "</td> |
| 146 | 151 | <td> |
@@ -149,14 +154,17 @@ discard block |
||
| 149 | 154 | </form> |
| 150 | 155 | </td> |
| 151 | 156 | </tr>"; |
| 157 | + } |
|
| 152 | 158 | ?> |
| 153 | 159 | </table> |
| 154 | 160 | <hr/> |
| 155 | 161 | <h2><?php echo _("Profiles for this institution"); ?></h2> |
| 156 | 162 | <?php |
| 157 | 163 | $profiles_for_this_idp = $my_inst->listProfiles(); |
| 158 | - if (count($profiles_for_this_idp) == 0) // no profiles yet. |
|
| 164 | + if (count($profiles_for_this_idp) == 0) { |
|
| 165 | + // no profiles yet. |
|
| 159 | 166 | echo _("There are not yet any profiles for your institution."); |
| 167 | + } |
|
| 160 | 168 | |
| 161 | 169 | foreach ($profiles_for_this_idp as $profile_list) { |
| 162 | 170 | echo "<div style='display: table-row; margin-bottom: 20px;'>"; |
@@ -170,9 +178,10 @@ discard block |
||
| 170 | 178 | // readiness - but want to display it before! |
| 171 | 179 | |
| 172 | 180 | $has_overrides = FALSE; |
| 173 | - foreach ($attribs as $attrib) |
|
| 174 | - if ($attrib['level'] == "Profile" && !preg_match("/^(internal:|profile:name|profile:description)/", $attrib['name'])) |
|
| 181 | + foreach ($attribs as $attrib) { |
|
| 182 | + if ($attrib['level'] == "Profile" && !preg_match("/^(internal:|profile:name|profile:description)/", $attrib['name'])) |
|
| 175 | 183 | $has_overrides = TRUE; |
| 184 | + } |
|
| 176 | 185 | |
| 177 | 186 | $buffer_eaptypediv = "<div style='margin-bottom:40px; float:left;'>" . _("<strong>EAP Types</strong> (in order of preference):") . "<br/>"; |
| 178 | 187 | $typelist = $profile_list->getEapMethodsinOrderOfPreference(); |
@@ -196,9 +205,10 @@ discard block |
||
| 196 | 205 | $allcomplete = FALSE; |
| 197 | 206 | }; |
| 198 | 207 | $eapattribs = $profile_list->getAttributes(0, $eaptype); |
| 199 | - foreach ($attribs as $attrib) |
|
| 200 | - if ($attrib['level'] == "Method" && !preg_match("/^internal:/", $attrib['name'])) |
|
| 208 | + foreach ($attribs as $attrib) { |
|
| 209 | + if ($attrib['level'] == "Method" && !preg_match("/^internal:/", $attrib['name'])) |
|
| 201 | 210 | $buffer_eaptypediv .= "<img src='../resources/images/icons/Letter-E-blue-icon.png' alt='" . _("Option override on EAP Method level is in effect.") . "'>"; |
| 211 | + } |
|
| 202 | 212 | $buffer_eaptypediv .= "<br/>"; |
| 203 | 213 | } |
| 204 | 214 | $buffer_headline = "<h2 style='overflow:auto;'>"; |
@@ -206,23 +216,27 @@ discard block |
||
| 206 | 216 | $buffer_headline .= "<div style='float:right;'>"; |
| 207 | 217 | $sufficient_config = $profile_list->getSufficientConfig(); |
| 208 | 218 | $showtime = $profile_list->getShowtime(); |
| 209 | - if ($has_overrides) |
|
| 210 | - $buffer_headline .= UI_remark("", _("Option override on profile level is in effect."), TRUE); |
|
| 211 | - if (!$allcomplete) |
|
| 212 | - $buffer_headline .= UI_error("", _("The information in this profile is incomplete."), TRUE); |
|
| 213 | - if ($showtime) |
|
| 214 | - $buffer_headline .= UI_okay("", _("This profile is shown on the user download interface."), TRUE); |
|
| 215 | - else if ($sufficient_config) |
|
| 216 | - $buffer_headline .= UI_warning("", sprintf(_("This profile is NOT shown on the user download interface, even though we have enough information to show. To enable the profile, add the attribute \"%s\" and tick the corresponding box."), display_name("profile:production")), TRUE); |
|
| 219 | + if ($has_overrides) { |
|
| 220 | + $buffer_headline .= UI_remark("", _("Option override on profile level is in effect."), TRUE); |
|
| 221 | + } |
|
| 222 | + if (!$allcomplete) { |
|
| 223 | + $buffer_headline .= UI_error("", _("The information in this profile is incomplete."), TRUE); |
|
| 224 | + } |
|
| 225 | + if ($showtime) { |
|
| 226 | + $buffer_headline .= UI_okay("", _("This profile is shown on the user download interface."), TRUE); |
|
| 227 | + } else if ($sufficient_config) { |
|
| 228 | + $buffer_headline .= UI_warning("", sprintf(_("This profile is NOT shown on the user download interface, even though we have enough information to show. To enable the profile, add the attribute \"%s\" and tick the corresponding box."), display_name("profile:production")), TRUE); |
|
| 229 | + } |
|
| 217 | 230 | $buffer_headline .= "</div>"; |
| 218 | 231 | |
| 219 | 232 | $buffer_headline .= sprintf(_("Profile: %s"), $profile_name) . "</h2>"; |
| 220 | 233 | |
| 221 | 234 | echo $buffer_headline; |
| 222 | 235 | |
| 223 | - if (array_search(EAP::$TTLS_PAP, $typelist) !== FALSE && array_search(EAP::$TTLS_GTC, $typelist) === FALSE && array_search(EAP::$PEAP_MSCHAP2, $typelist) === FALSE && array_search(EAP::$TTLS_MSCHAP2, $typelist) === FALSE) |
|
| 224 | - /// Hmmm... IdP Supports TTLS-PAP, but not TTLS-GTC nor anything based on MSCHAPv2. That locks out Symbian users; and is easy to circumvent. Tell the admin... |
|
| 236 | + if (array_search(EAP::$TTLS_PAP, $typelist) !== FALSE && array_search(EAP::$TTLS_GTC, $typelist) === FALSE && array_search(EAP::$PEAP_MSCHAP2, $typelist) === FALSE && array_search(EAP::$TTLS_MSCHAP2, $typelist) === FALSE) { |
|
| 237 | + /// Hmmm... IdP Supports TTLS-PAP, but not TTLS-GTC nor anything based on MSCHAPv2. That locks out Symbian users; and is easy to circumvent. Tell the admin... |
|
| 225 | 238 | $buffer_eaptypediv .= "<p>" . sprintf(_("Read this <a href='%s'>tip</a>."), "https://confluence.terena.org/display/H2eduroam/eap-types#eap-types-choices") . "</p>"; |
| 239 | + } |
|
| 226 | 240 | |
| 227 | 241 | $buffer_eaptypediv .= "</div>"; |
| 228 | 242 | echo $buffer_eaptypediv; |
@@ -230,12 +244,13 @@ discard block |
||
| 230 | 244 | $has_realm = $profile_list->getAttributes("internal:realm"); |
| 231 | 245 | $has_realm = $has_realm[0]['value']; |
| 232 | 246 | echo "<div class='profilemodulebuttons' style='float:right;'>"; |
| 233 | - if (count(Config::$RADIUSTESTS['UDP-hosts']) > 0 || ( count(Config::$RADIUSTESTS['TLS-clientcerts']) > 0 && Config::$RADIUSTESTS['TLS-discoverytag'] != "")) |
|
| 234 | - echo "<form action='action_realmcheck.php?inst_id=$my_inst->identifier&profile_id=$profile_list->identifier' method='post' accept-charset='UTF-8'> |
|
| 247 | + if (count(Config::$RADIUSTESTS['UDP-hosts']) > 0 || ( count(Config::$RADIUSTESTS['TLS-clientcerts']) > 0 && Config::$RADIUSTESTS['TLS-discoverytag'] != "")) { |
|
| 248 | + echo "<form action='action_realmcheck.php?inst_id=$my_inst->identifier&profile_id=$profile_list->identifier' method='post' accept-charset='UTF-8'> |
|
| 235 | 249 | <button type='submit' name='profile_action' value='check' " . ($has_realm ? "" : "disabled='disabled' title='" . _("The realm can only be checked if you configure the realm!") . "'") . "> |
| 236 | 250 | " . _("Check realm reachability") . " |
| 237 | 251 | </button> |
| 238 | 252 | </form>"; |
| 253 | + } |
|
| 239 | 254 | echo "<form action='overview_installers.php?inst_id=$my_inst->identifier&profile_id=$profile_list->identifier' method='post' accept-charset='UTF-8'> |
| 240 | 255 | <button type='submit' name='profile_action' value='check' " . ($has_eaptypes ? "" : "disabled='disabled' title='" . _("You have not fully configured any supported EAP types!") . "'") . "> |
| 241 | 256 | " . _("Installer Fine-Tuning and Download") . " |
@@ -261,10 +276,11 @@ discard block |
||
| 261 | 276 | if ($profile_list->getShowtime()) { |
| 262 | 277 | echo "<div style='display: table-cell; text-align:center;'><p><strong>" . _("User Download Link") . "</strong></p>"; |
| 263 | 278 | $URL = $profile_list->getCollapsedAttributes(); |
| 264 | - if (isset($URL['device-specific:redirect'])) |
|
| 265 | - $displayurl = $URL['device-specific:redirect'][0]; |
|
| 266 | - else |
|
| 267 | - $displayurl = ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://' ) . $_SERVER['SERVER_NAME'] . dirname(dirname($_SERVER['SCRIPT_NAME'])) . "?idp=" . $my_inst->identifier . "&profile=" . $profile_list->identifier; |
|
| 279 | + if (isset($URL['device-specific:redirect'])) { |
|
| 280 | + $displayurl = $URL['device-specific:redirect'][0]; |
|
| 281 | + } else { |
|
| 282 | + $displayurl = ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://' ) . $_SERVER['SERVER_NAME'] . dirname(dirname($_SERVER['SCRIPT_NAME'])) . "?idp=" . $my_inst->identifier . "&profile=" . $profile_list->identifier; |
|
| 283 | + } |
|
| 268 | 284 | echo "<a href='$displayurl' style='white-space: nowrap; text-align: center;'>"; |
| 269 | 285 | $uri = "data:image/png;base64," . base64_encode(png_inject_consortium_logo(QRcode::png($displayurl, FALSE, QR_ECLEVEL_Q, 12))); |
| 270 | 286 | $size = getimagesize($uri); |
@@ -277,8 +293,9 @@ discard block |
||
| 277 | 293 | echo "<div style='width:20px;'></div>"; |
| 278 | 294 | echo "<div style='display: table-cell; min-width:200px;'><p><strong>" . _("User Downloads") . "</strong></p><table>"; |
| 279 | 295 | $stats = $profile_list->getUserDownloadStats(); |
| 280 | - foreach ($stats as $dev => $count) |
|
| 281 | - echo "<tr><td><strong>$dev</strong></td><td>$count</td></tr>"; |
|
| 296 | + foreach ($stats as $dev => $count) { |
|
| 297 | + echo "<tr><td><strong>$dev</strong></td><td>$count</td></tr>"; |
|
| 298 | + } |
|
| 282 | 299 | echo "</table></div>"; |
| 283 | 300 | } |
| 284 | 301 | echo "</div>"; |
@@ -23,10 +23,11 @@ discard block |
||
| 23 | 23 | $error_message =''; |
| 24 | 24 | $my_inst = valid_IdP($_REQUEST['inst_id'], $_SESSION['user']); |
| 25 | 25 | |
| 26 | -if (isset($_GET['profile_id'])) |
|
| 26 | +if (isset($_GET['profile_id'])) { |
|
| 27 | 27 | $my_profile = valid_Profile($_GET['profile_id'], $my_inst->identifier); |
| 28 | -else |
|
| 28 | +} else { |
|
| 29 | 29 | $my_profile = NULL; |
| 30 | +} |
|
| 30 | 31 | if ($my_profile != NULL) { |
| 31 | 32 | $cr = $my_profile->getAttributes("internal:realm"); |
| 32 | 33 | if ($cr) { |
@@ -43,16 +44,18 @@ discard block |
||
| 43 | 44 | $_SESSION['check_realm'] = $check_realm; |
| 44 | 45 | } |
| 45 | 46 | } else { |
| 46 | - if(!empty($_SESSION['check_realm'])) |
|
| 47 | - $check_realm = $_SESSION['check_realm']; |
|
| 48 | - else |
|
| 49 | - $check_realm = FALSE; |
|
| 47 | + if(!empty($_SESSION['check_realm'])) { |
|
| 48 | + $check_realm = $_SESSION['check_realm']; |
|
| 49 | + } else { |
|
| 50 | + $check_realm = FALSE; |
|
| 51 | + } |
|
| 52 | + } |
|
| 53 | + if($check_realm) { |
|
| 54 | + $testsuite = new RADIUSTests($check_realm); |
|
| 55 | + } else { |
|
| 56 | + $error_message = _("No valid realm name given, cannot execute any checks!"); |
|
| 57 | + } |
|
| 50 | 58 | } |
| 51 | - if($check_realm) |
|
| 52 | - $testsuite = new RADIUSTests($check_realm); |
|
| 53 | - else |
|
| 54 | - $error_message = _("No valid realm name given, cannot execute any checks!"); |
|
| 55 | -} |
|
| 56 | 59 | |
| 57 | 60 | $translate = _("STATIC"); |
| 58 | 61 | $translate = _("DYNAMIC"); |
@@ -433,10 +436,11 @@ discard block |
||
| 433 | 436 | $(".server_cert").hide(); |
| 434 | 437 | <?php |
| 435 | 438 | foreach (Config::$RADIUSTESTS['UDP-hosts'] as $hostindex => $host) { |
| 436 | - if ($check_thorough) |
|
| 437 | - $extraarg = "profile_id: ".$my_profile->identifier.", "; |
|
| 438 | - else |
|
| 439 | - $extraarg = ""; |
|
| 439 | + if ($check_thorough) { |
|
| 440 | + $extraarg = "profile_id: ".$my_profile->identifier.", "; |
|
| 441 | + } else { |
|
| 442 | + $extraarg = ""; |
|
| 443 | + } |
|
| 440 | 444 | |
| 441 | 445 | print " |
| 442 | 446 | $(\"#src".$hostindex."_img\").attr('src',icon_loading); |
@@ -556,8 +560,9 @@ discard block |
||
| 556 | 560 | } else { |
| 557 | 561 | echo UI_message(L_ERROR,sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC"))) . _("but there were DNS errors! Check them!") . " " . _("You should re-run the tests after fixing the errors; more errors might be uncovered at that point. The exact error causes are listed below.")); |
| 558 | 562 | echo "</table><div class='notacceptable'><table>"; |
| 559 | - foreach ($testsuite->listerrors() as $details) |
|
| 560 | - echo "<tr><td>" . $details['TYPE'] . "</td><td>" . $details['TARGET'] . "</td></tr>"; |
|
| 563 | + foreach ($testsuite->listerrors() as $details) { |
|
| 564 | + echo "<tr><td>" . $details['TYPE'] . "</td><td>" . $details['TARGET'] . "</td></tr>"; |
|
| 565 | + } |
|
| 561 | 566 | echo "</table></div>"; |
| 562 | 567 | } |
| 563 | 568 | echo '</div>'; |
@@ -573,9 +578,13 @@ discard block |
||
| 573 | 578 | '; |
| 574 | 579 | foreach ($testsuite->NAPTR_hostname_records as $hostindex => $addr) { |
| 575 | 580 | $host = ''; |
| 576 | - if ($addr['family'] == "IPv6") $host .= '['; |
|
| 581 | + if ($addr['family'] == "IPv6") { |
|
| 582 | + $host .= '['; |
|
| 583 | + } |
|
| 577 | 584 | $host .= $addr['IP']; |
| 578 | - if ($addr['family'] == "IPv6") $host .= ']'; |
|
| 585 | + if ($addr['family'] == "IPv6") { |
|
| 586 | + $host .= ']'; |
|
| 587 | + } |
|
| 579 | 588 | $host .= ':' . $addr['port']; |
| 580 | 589 | /*if($addr['family'] == "IPv6") |
| 581 | 590 | continue;*/ |
@@ -728,11 +737,12 @@ discard block |
||
| 728 | 737 | echo "<tr><td>" . _("Password:") . "</td><td><input type='text' id='password' class='mandatory' name='password'/></td></tr>"; |
| 729 | 738 | } |
| 730 | 739 | // ask for cert + privkey if TLS-based method is active |
| 731 | - if (in_array(EAP::$TLS, $prof_compl)) |
|
| 732 | - echo "<tr><td colspan='2'><strong>" . _("Certificate-based EAP types") . "</strong></td></tr> |
|
| 740 | + if (in_array(EAP::$TLS, $prof_compl)) { |
|
| 741 | + echo "<tr><td colspan='2'><strong>" . _("Certificate-based EAP types") . "</strong></td></tr> |
|
| 733 | 742 | <tr><td>" . _("Certificate file (.p12 or .pfx):") . "</td><td><input type='file' id='cert' accept='application/x-pkcs12' name='cert'/></td></tr> |
| 734 | 743 | <tr><td>" . _("Certificate password, if any:") . "</td><td><input type='text' id='privkey' name='privkey_pass'/></td></tr> |
| 735 | 744 | <tr><td>" . _("Username, if different from certificate Subject:") . "</td><td><input type='text' id='tls_username' name='tls_username'/></td></tr>"; |
| 745 | + } |
|
| 736 | 746 | echo "<tr><td colspan='2'><button id='submit_credentials'>" . _("Submit credentials") . "</button></td></tr></table></form>"; |
| 737 | 747 | echo "<div id='live_login_results' style='display:none'>"; |
| 738 | 748 | foreach (Config::$RADIUSTESTS['UDP-hosts'] as $hostindex => $host) { |
@@ -762,13 +772,15 @@ discard block |
||
| 762 | 772 | var realm = '<?php echo $check_realm; ?>'; |
| 763 | 773 | run_udp(); |
| 764 | 774 | <?php |
| 765 | - if ($naptr > 0) |
|
| 766 | - echo "run_dynamic();"; |
|
| 767 | - else |
|
| 768 | - echo '$("#tabs-d-li").hide();'; |
|
| 769 | - if (!$check_thorough) |
|
| 770 | - echo '$("#tabs-through").hide();'; |
|
| 771 | -?> |
|
| 775 | + if ($naptr > 0) { |
|
| 776 | + echo "run_dynamic();"; |
|
| 777 | + } else { |
|
| 778 | + echo '$("#tabs-d-li").hide();'; |
|
| 779 | + } |
|
| 780 | + if (!$check_thorough) { |
|
| 781 | + echo '$("#tabs-through").hide();'; |
|
| 782 | + } |
|
| 783 | + ?> |
|
| 772 | 784 | </script> |
| 773 | 785 | <?php footer() ?> |
| 774 | 786 | |
@@ -44,10 +44,11 @@ discard block |
||
| 44 | 44 | // NAPTR existence check |
| 45 | 45 | $tabletext .= "<td>"; |
| 46 | 46 | $naptr = $testsuite->NAPTR(); |
| 47 | - if ($naptr != RETVAL_NOTCONFIGURED) |
|
| 48 | - switch ($naptr) { |
|
| 47 | + if ($naptr != RETVAL_NOTCONFIGURED) { |
|
| 48 | + switch ($naptr) { |
|
| 49 | 49 | case RETVAL_NONAPTR: |
| 50 | 50 | $tabletext .= _("No NAPTR records"); |
| 51 | + } |
|
| 51 | 52 | break; |
| 52 | 53 | case RETVAL_ONLYUNRELATEDNAPTR: |
| 53 | 54 | $tabletext .= sprintf(_("No associated NAPTR records")); |
@@ -62,23 +63,26 @@ discard block |
||
| 62 | 63 | |
| 63 | 64 | if ($naptr > 0) { |
| 64 | 65 | $naptr_valid = $testsuite->NAPTR_compliance(); |
| 65 | - if ($naptr_valid == RETVAL_INVALID) |
|
| 66 | - $NAPTR_issues = true; |
|
| 66 | + if ($naptr_valid == RETVAL_INVALID) { |
|
| 67 | + $NAPTR_issues = true; |
|
| 68 | + } |
|
| 67 | 69 | } |
| 68 | 70 | |
| 69 | 71 | // SRV resolution |
| 70 | 72 | |
| 71 | 73 | if ($naptr > 0 && $naptr_valid == RETVAL_OK) { |
| 72 | 74 | $srv = $testsuite->NAPTR_SRV(); |
| 73 | - if ($srv == RETVAL_INVALID) |
|
| 74 | - $NAPTR_issues = true; |
|
| 75 | + if ($srv == RETVAL_INVALID) { |
|
| 76 | + $NAPTR_issues = true; |
|
| 77 | + } |
|
| 75 | 78 | } |
| 76 | 79 | |
| 77 | 80 | // IP addresses for the hosts |
| 78 | 81 | if ($naptr > 0 && $naptr_valid == RETVAL_OK && $srv > 0) { |
| 79 | 82 | $hosts = $testsuite->NAPTR_hostnames(); |
| 80 | - if ($hosts == RETVAL_INVALID) |
|
| 81 | - $NAPTR_issues = true; |
|
| 83 | + if ($hosts == RETVAL_INVALID) { |
|
| 84 | + $NAPTR_issues = true; |
|
| 85 | + } |
|
| 82 | 86 | } |
| 83 | 87 | |
| 84 | 88 | if ($NAPTR_issues) { |
@@ -94,14 +98,17 @@ discard block |
||
| 94 | 98 | $testsuite->UDP_reachability($hostindex, true, true); |
| 95 | 99 | $results = $testsuite->UDP_reachability_result[$hostindex]; |
| 96 | 100 | //echo "<pre>".print_r($results,true)."</pre>"; |
| 97 | - if ($results['packetflow_sane'] != TRUE) |
|
| 98 | - $UDP_errors = true; |
|
| 99 | - if (empty($results['packetflow'][11])) |
|
| 100 | - $UDP_errors = true; |
|
| 101 | + if ($results['packetflow_sane'] != TRUE) { |
|
| 102 | + $UDP_errors = true; |
|
| 103 | + } |
|
| 104 | + if (empty($results['packetflow'][11])) { |
|
| 105 | + $UDP_errors = true; |
|
| 106 | + } |
|
| 101 | 107 | if (count($results['cert_oddities']) > 0) { |
| 102 | - foreach ($results['cert_oddities'] as $oddity) |
|
| 103 | - if ($oddity['level'] > $cert_biggest_oddity) |
|
| 108 | + foreach ($results['cert_oddities'] as $oddity) { |
|
| 109 | + if ($oddity['level'] > $cert_biggest_oddity) |
|
| 104 | 110 | $cert_biggest_oddity = $oddity['level']; |
| 111 | + } |
|
| 105 | 112 | } |
| 106 | 113 | } |
| 107 | 114 | |
@@ -122,8 +129,9 @@ discard block |
||
| 122 | 129 | if ($naptr > 0 && count($testsuite->NAPTR_hostname_records) > 0) { |
| 123 | 130 | foreach ($testsuite->NAPTR_hostname_records as $hostindex => $addr) { |
| 124 | 131 | $retval = $testsuite->TLS_clients_side_check($addr); |
| 125 | - if ($retval != RETVAL_OK && $retval != RETVAL_SKIPPED) |
|
| 126 | - $dynamic_errors = true; |
|
| 132 | + if ($retval != RETVAL_OK && $retval != RETVAL_SKIPPED) { |
|
| 133 | + $dynamic_errors = true; |
|
| 134 | + } |
|
| 127 | 135 | } |
| 128 | 136 | } |
| 129 | 137 | if (!$dynamic_errors) { |
@@ -165,10 +173,11 @@ discard block |
||
| 165 | 173 | $profiles_showtime = []; |
| 166 | 174 | $profiles_readyconf = []; |
| 167 | 175 | |
| 168 | -foreach ($allIDPs as $index => $oneidp) |
|
| 176 | +foreach ($allIDPs as $index => $oneidp) { |
|
| 169 | 177 | foreach ($oneidp['instance']->listProfiles() as $profile) |
| 170 | 178 | if ($profile->getShowtime()) { |
| 171 | 179 | $profiles_showtime[] = ['idp' => $oneidp['instance'], 'profile' => $profile]; |
| 180 | +} |
|
| 172 | 181 | } else if ($profile->readyForShowtime()) { |
| 173 | 182 | $profiles_confready[] = ['idp' => $oneidp['instance'], 'profile' => $profile]; |
| 174 | 183 | } |
@@ -176,16 +185,18 @@ discard block |
||
| 176 | 185 | if (count($profiles_showtime) > 0) { |
| 177 | 186 | echo "<h2>" . _("Profiles marked as visible (V)") . "</h2>" . "<table>"; |
| 178 | 187 | echo rowdescription(); |
| 179 | - foreach ($profiles_showtime as $oneprofile) |
|
| 180 | - echo profilechecks($oneprofile['idp'],$oneprofile['profile']); |
|
| 188 | + foreach ($profiles_showtime as $oneprofile) { |
|
| 189 | + echo profilechecks($oneprofile['idp'],$oneprofile['profile']); |
|
| 190 | + } |
|
| 181 | 191 | echo "</table>"; |
| 182 | 192 | } |
| 183 | 193 | |
| 184 | 194 | if (count($profiles_confready) > 0) { |
| 185 | 195 | echo "<h2>" . _("Profiles with sufficient configuration, not marked as visible (C)") . "</h2>" . "<table>"; |
| 186 | 196 | echo rowdescription(); |
| 187 | - foreach ($profiles_confready as $oneprofile) |
|
| 188 | - echo profilechecks($oneprofile['idp'],$oneprofile['profile']); |
|
| 197 | + foreach ($profiles_confready as $oneprofile) { |
|
| 198 | + echo profilechecks($oneprofile['idp'],$oneprofile['profile']); |
|
| 199 | + } |
|
| 189 | 200 | echo "</table>"; |
| 190 | 201 | } |
| 191 | 202 | ?> |
@@ -74,8 +74,9 @@ discard block |
||
| 74 | 74 | $my_inst->commitFlushAttributes($killlist); |
| 75 | 75 | // delete cached logo, if present |
| 76 | 76 | $logofile = dirname(dirname(__FILE__)) . "/downloads/logos/" . $my_inst->identifier . ".png"; |
| 77 | -if (is_file($logofile)) |
|
| 77 | +if (is_file($logofile)) { |
|
| 78 | 78 | unlink($logofile); |
| 79 | +} |
|
| 79 | 80 | |
| 80 | 81 | CAT::writeAudit($_SESSION['user'], "MOD", "IdP " . $my_inst->identifier . " - attributes changed"); |
| 81 | 82 | |
@@ -87,27 +88,31 @@ discard block |
||
| 87 | 88 | |
| 88 | 89 | $ssids = []; |
| 89 | 90 | |
| 90 | -if (isset(Config::$CONSORTIUM['ssid']) && count(Config::$CONSORTIUM['ssid']) > 0) |
|
| 91 | +if (isset(Config::$CONSORTIUM['ssid']) && count(Config::$CONSORTIUM['ssid']) > 0) { |
|
| 91 | 92 | foreach (Config::$CONSORTIUM['ssid'] as $ssidname) |
| 92 | 93 | $ssids[] = $ssidname . " " . (isset(Config::$CONSORTIUM['tkipsupport']) && Config::$CONSORTIUM['tkipsupport'] === TRUE ? _("(WPA2/AES and WPA/TKIP)") : _("(WPA2/AES)") ); |
| 94 | +} |
|
| 93 | 95 | |
| 94 | 96 | $custom_ssids_wpa2 = $my_inst->getAttributes("media:SSID"); |
| 95 | 97 | $custom_ssids_wpa = $my_inst->getAttributes("media:SSID_with_legacy"); |
| 96 | 98 | $wired_support = $my_inst->getAttributes("media:wired"); |
| 97 | 99 | |
| 98 | -if (count($custom_ssids_wpa) > 0) |
|
| 100 | +if (count($custom_ssids_wpa) > 0) { |
|
| 99 | 101 | foreach ($custom_ssids_wpa as $ssidname) |
| 100 | 102 | $ssids[] = $ssidname['value'] . " " . _("(WPA2/AES and WPA/TKIP)"); |
| 103 | +} |
|
| 101 | 104 | |
| 102 | -if (count($custom_ssids_wpa2) > 0) |
|
| 105 | +if (count($custom_ssids_wpa2) > 0) { |
|
| 103 | 106 | foreach ($custom_ssids_wpa2 as $ssidname) |
| 104 | 107 | $ssids[] = $ssidname['value'] . " " . _("(WPA2/AES)"); |
| 108 | +} |
|
| 105 | 109 | |
| 106 | 110 | echo "<table>"; |
| 107 | 111 | if (count($ssids) > 0) { |
| 108 | 112 | $printedlist = ""; |
| 109 | - foreach ($ssids as $names) |
|
| 110 | - $printedlist = $printedlist . "$names "; |
|
| 113 | + foreach ($ssids as $names) { |
|
| 114 | + $printedlist = $printedlist . "$names "; |
|
| 115 | + } |
|
| 111 | 116 | echo UI_okay(sprintf(_("Your installers will configure the following SSIDs: <strong>%s</strong>"), $printedlist), _("SSIDs configured")); |
| 112 | 117 | }; |
| 113 | 118 | if (count($wired_support) > 0) { |
