View GitHub Repository CAT

Schedule Inspection
Subscribe
Passed
Push — release_2_1 ( 6fc909...4878ef )
by Tomasz
10:28
created
Status
Category
Toggle Patches
core/diag/RFC6614Tests.php 1 patch
Spacing   +13 added lines, -13 removed lines patch added patch discarded remove patch 
@@ -168,27 +168,27 @@  discard block
 
 block discarded – undo
168 168 
     {
169 169 
         // it could match CN or sAN:DNS, we don't care which
170 170 
         if (isset($this->TLS_CA_checks_result[$host]['certdata']['subject'])) {
171 
-            $this->loggerInstance->debug(4, "Checking expected server name " . $this->expectedName .
172 
-                    " against Subject: " . $this->TLS_CA_checks_result[$host]['certdata']['subject']);
171 
+            $this->loggerInstance->debug(4, "Checking expected server name ".$this->expectedName.
172 
+                    " against Subject: ".$this->TLS_CA_checks_result[$host]['certdata']['subject']);
173 173 
             // we are checking against accidental misconfig, not attacks, so loosely checking against end of string is appropriate
174 
-            if (preg_match("/CN=" . $this->expectedName . "/", $this->TLS_CA_checks_result[$host]['certdata']['subject']) === 1) {
174 
+            if (preg_match("/CN=".$this->expectedName."/", $this->TLS_CA_checks_result[$host]['certdata']['subject']) === 1) {
175 175 
                 return TRUE;
176 176 
             }
177 177 
         }
178 178 
         if (isset($this->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname'])) {
179 
-            $this->loggerInstance->debug(4, "Checking expected server name " . $this->expectedName . " against sANs: ");
179 
+            $this->loggerInstance->debug(4, "Checking expected server name ".$this->expectedName." against sANs: ");
180 180 
             $this->loggerInstance->debug(4, $this->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname']);
181 181 
             $testNames = $this->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname'];
182 182 
             if (!is_array($testNames)) {
183 183 
                 $testNames = [$testNames];
184 184 
             }
185 185 
             foreach ($testNames as $oneName) {
186 
-                if (preg_match("/" . $this->expectedName . "/", $oneName) === 1) {
186 
+                if (preg_match("/".$this->expectedName."/", $oneName) === 1) {
187 187 
                     return TRUE;
188 188 
                 }
189 189 
             }
190 190 
         }
191 
-        $this->loggerInstance->debug(3, "Tried to check expected server name " . $this->expectedName . " but neither CN nor sANs matched.");
191 
+        $this->loggerInstance->debug(3, "Tried to check expected server name ".$this->expectedName." but neither CN nor sANs matched.");
192 192
193 193 
         $this->TLS_CA_checks_result[$host]['cert_oddity'] = RADIUSTests::CERTPROB_DYN_SERVER_NAME_MISMATCH;
194 194 
         return FALSE;
 
@@ -218,9 +218,9 @@  discard block
 
 block discarded – undo
218 218 
                 $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['status'] = $cert['status'];
219 219 
                 $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['message'] = $this->TLS_certkeys[$cert['status']];
220 220 
                 $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['expected'] = $cert['expected'];
221 
-                $add = ' -cert ' . ROOT . '/config/cli-certs/' . $cert['public'] . ' -key ' . ROOT . '/config/cli-certs/' . $cert['private'];
222 
-                if (!file_exists(ROOT . '/config/cli-certs/' . $cert['public']) ||!file_exists(ROOT .
223 
-                        '/config/cli-certs/' . $cert['private'])) {
221 
+                $add = ' -cert '.ROOT.'/config/cli-certs/'.$cert['public'].' -key '.ROOT.'/config/cli-certs/'.$cert['private'];
222 
+                if (!file_exists(ROOT.'/config/cli-certs/'.$cert['public']) || !file_exists(ROOT.
223 
+                        '/config/cli-certs/'.$cert['private'])) {
224 224 
                     $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['finalerror'] = 2;
225 225 
                     continue;
226 226 
                 }
 
@@ -231,7 +231,7 @@  discard block
 
 block discarded – undo
231 231 
                 if (in_array("TLS1.3", $protocols) && count($protocols) > 1) {
232 232 
                     $prot .= ' -no_tls1_3';
233 233 
                 }
234 
-                $add .= ' ' . $prot;
234 
+                $add .= ' '.$prot;
235 235 
                 $opensslbabble = $this->execOpensslClient($host, $add, $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]);
236 236 
                 $res = $this->opensslClientsResult($host, $opensslbabble, $this->TLS_clients_checks_result, $type, $k);
237 237 
                 if ($cert['expected'] == 'PASS') {
 
@@ -273,11 +273,11 @@  discard block
 
 block discarded – undo
273 273 
 // but code analysers want this more explicit, so here is this extra
274 274 
 // call to escapeshellarg()
275 275 
         $escapedHost = escapeshellarg($host);
276 
-        $this->loggerInstance->debug(4, \config\Master::PATHS['openssl'] . " s_client -connect " . $escapedHost . " -CApath " . ROOT . "/config/ca-certs/$this->consortium/ $arg 2>&1\n");
276 
+        $this->loggerInstance->debug(4, \config\Master::PATHS['openssl']." s_client -connect ".$escapedHost." -CApath ".ROOT."/config/ca-certs/$this->consortium/ $arg 2>&1\n");
277 277 
         $time_start = microtime(true);
278 278 
         $opensslbabble = [];
279 279 
         $result = 999; // likely to become zero by openssl; don't want to initialise to zero, could cover up exec failures
280 
-        exec(\config\Master::PATHS['openssl'] . " s_client -connect " . $escapedHost . " -CApath " . ROOT . "/config/ca-certs/$this->consortium/ $arg 2>&1", $opensslbabble, $result);
280 
+        exec(\config\Master::PATHS['openssl']." s_client -connect ".$escapedHost." -CApath ".ROOT."/config/ca-certs/$this->consortium/ $arg 2>&1", $opensslbabble, $result);
281 281 
         $time_stop = microtime(true);
282 282 
         $testresults['time_millisec'] = floor(($time_stop - $time_start) * 1000);
283 283 
         $testresults['returncode'] = $result;
 
@@ -399,7 +399,7 @@  discard block
 
 block discarded – undo
399 399 
     private function propertyCheckPolicy($cert)
400 400 
     {
401 401 
         $oids = [];
402 
-        if (isset($cert['extensions']['certificatePolicies']) &&  $cert['extensions']['certificatePolicies']) {
402 
+        if (isset($cert['extensions']['certificatePolicies']) && $cert['extensions']['certificatePolicies']) {
403 403 
             foreach (\config\Diagnostics::RADIUSTESTS['TLS-acceptableOIDs'] as $key => $oid) {
404 404 
                 if (preg_match("/Policy: $oid/", $cert['extensions']['certificatePolicies'])) {
405 405 
                     $oids[$key] = $oid;
Please login to merge, or discard this patch.
utils/test_openroaming.php 1 patch
Spacing   +2 added lines, -2 removed lines patch added patch discarded remove patch 
@@ -8,7 +8,7 @@  discard block
 
 block discarded – undo
8 8 
  * License: see the web/copyright.php file in the file structure
9 9 
  * ******************************************************************************
10 10 
  */
11 
-require_once dirname(dirname(__FILE__)) . "/config/_config.php";
11 
+require_once dirname(dirname(__FILE__))."/config/_config.php";
12 12
13 13 
 /**
14 14 
  * The sctipt will be called from crontab
 
@@ -28,7 +28,7 @@  discard block
 
 block discarded – undo
28 28 
 }
29 29
30 30
31 
-while ( $row = mysqli_fetch_object(/** @scrutinizer ignore-type */ $allOpenRoamingProfiles)) {
31 
+while ($row = mysqli_fetch_object(/** @scrutinizer ignore-type */ $allOpenRoamingProfiles)) {
32 32 
     $profileId = $row->profile_id;
33 33 
     $profile = \core\ProfileFactory::instantiate($profileId);
34 34 
     $res = $profile->openroamingRedinessTest();
Please login to merge, or discard this patch.