GEANT /
CAT
@@ -156,8 +156,8 @@ |
||
| 156 | 156 | // replace namespace separators with directory separators |
| 157 | 157 | // in the relative class name, append with .php |
| 158 | 158 | $file = $base_dir |
| 159 | - . str_replace('\\', '/', $relative_class) |
|
| 160 | - . '.php'; |
|
| 159 | + . str_replace('\\', '/', $relative_class) |
|
| 160 | + . '.php'; |
|
| 161 | 161 | |
| 162 | 162 | // if the mapped file exists, require it |
| 163 | 163 | if ($this->requireFile($file)) { |
@@ -246,11 +246,11 @@ discard block |
||
| 246 | 246 | } |
| 247 | 247 | |
| 248 | 248 | /** |
| 249 | - * This function parses a X.509 cert and returns all certificatePolicies OIDs |
|
| 250 | - * |
|
| 251 | - * @param array $cert (returned from openssl_x509_parse) |
|
| 252 | - * @return array of OIDs |
|
| 253 | - */ |
|
| 249 | + * This function parses a X.509 cert and returns all certificatePolicies OIDs |
|
| 250 | + * |
|
| 251 | + * @param array $cert (returned from openssl_x509_parse) |
|
| 252 | + * @return array of OIDs |
|
| 253 | + */ |
|
| 254 | 254 | private function propertyCheckPolicy($cert) { |
| 255 | 255 | $oids = []; |
| 256 | 256 | if ($cert['extensions']['certificatePolicies']) { |
@@ -263,11 +263,11 @@ discard block |
||
| 263 | 263 | return $oids; |
| 264 | 264 | } |
| 265 | 265 | /** |
| 266 | - * This function parses a X.509 cert and returns the value of $field |
|
| 267 | - * |
|
| 268 | - * @param array $cert (returned from openssl_x509_parse) |
|
| 269 | - * @return string value of the issuer field or '' |
|
| 270 | - */ |
|
| 266 | + * This function parses a X.509 cert and returns the value of $field |
|
| 267 | + * |
|
| 268 | + * @param array $cert (returned from openssl_x509_parse) |
|
| 269 | + * @return string value of the issuer field or '' |
|
| 270 | + */ |
|
| 271 | 271 | private function getCertificateIssuer($cert) { |
| 272 | 272 | $issuer = ''; |
| 273 | 273 | foreach ($cert['issuer'] as $key => $val) { |
@@ -88,7 +88,7 @@ |
||
| 88 | 88 | 'server_suffix' => '.hosted.eduroam.org', |
| 89 | 89 | 'gracetime' => 90, |
| 90 | 90 | 'CA' => ["type" => "embedded"], # OCSP URL needs to be configured in openssl.cnf |
| 91 | - # 'CA' => ["type" => "DFN", "SOAP_API_ENDPOINT" => "http://no.idea.where/"], |
|
| 91 | + # 'CA' => ["type" => "DFN", "SOAP_API_ENDPOINT" => "http://no.idea.where/"], |
|
| 92 | 92 | |
| 93 | 93 | ], |
| 94 | 94 | /** |
@@ -1019,12 +1019,12 @@ |
||
| 1019 | 1019 | $certUsernameLabel = WindowsCommon::sprint_nsi(_("Username:")); |
| 1020 | 1020 | $certUsernameLength = strlen($certUsernameLabel); |
| 1021 | 1021 | $labelLength = max($certPasswordLength,$certUsernameLength); |
| 1022 | - ?> |
|
| 1022 | + ?> |
|
| 1023 | 1023 | ${NSD_CreateLabel} 0 0 100% 32u "<?php WindowsCommon::echo_nsi(_("Selected file: \$Cert_file"))?>" |
| 1024 | 1024 | !else |
| 1025 | 1025 | <?php $certPasswordLabel = WindowsCommon::sprint_nsi(_("import password:")); |
| 1026 | 1026 | $certPasswordLength = strlen($certPasswordLabel); |
| 1027 | - ?> |
|
| 1027 | + ?> |
|
| 1028 | 1028 | !insertmacro debug_cat 4 "Unpacking SB_cert.p12" |
| 1029 | 1029 | File "SB_cert.p12" |
| 1030 | 1030 | nsArray::Set Delete_files "SB_cert.p12" |
@@ -185,7 +185,6 @@ |
||
| 185 | 185 | * - RETVAL_NOTCONFIGURED; needs CONFIG_DIAGNOSTICS['RADIUSTESTS']['TLS-discoverytag'] |
| 186 | 186 | * - RETVAL_INVALID (at least one format error) |
| 187 | 187 | * - RETVAL_OK (all fine) |
| 188 | - |
|
| 189 | 188 | * @return int one of two RETVALs above |
| 190 | 189 | */ |
| 191 | 190 | public function relevantNAPTRcompliance() { |
@@ -59,12 +59,12 @@ discard block |
||
| 59 | 59 | */ |
| 60 | 60 | |
| 61 | 61 | /** |
| 62 | - * Various paths. |
|
| 63 | - * eapol_test: absolute path to the eapol_test executable. If you just fill in "eapol_test" the one from the system $PATH will be taken. |
|
| 64 | - * c_rehash: absolute path to the c_rehash executable. If you just fill in "c_rehash" the one from the system $PATH will be taken. |
|
| 65 | - * See also NSIS_VERSION further down |
|
| 66 | - * @var array |
|
| 67 | - */ |
|
| 62 | + * Various paths. |
|
| 63 | + * eapol_test: absolute path to the eapol_test executable. If you just fill in "eapol_test" the one from the system $PATH will be taken. |
|
| 64 | + * c_rehash: absolute path to the c_rehash executable. If you just fill in "c_rehash" the one from the system $PATH will be taken. |
|
| 65 | + * See also NSIS_VERSION further down |
|
| 66 | + * @var array |
|
| 67 | + */ |
|
| 68 | 68 | 'PATHS' => [ |
| 69 | 69 | 'c_rehash' => 'c_rehash', |
| 70 | 70 | 'eapol_test' => 'eapol_test', |
@@ -101,45 +101,45 @@ discard block |
||
| 101 | 101 | ], |
| 102 | 102 | |
| 103 | 103 | 'TLS-clientcerts' => [ |
| 104 | - 'CA1' => [ |
|
| 104 | + 'CA1' => [ |
|
| 105 | 105 | 'status' => 'ACCREDITED', |
| 106 | 106 | 'issuerCA' => '/DC=org/DC=pki1/CN=PKI 1', |
| 107 | 107 | 'certificates' => [ |
| 108 | - [ |
|
| 108 | + [ |
|
| 109 | 109 | 'status' => 'CORRECT', |
| 110 | 110 | 'public' => 'ca1-client-cert.pem', |
| 111 | 111 | 'private' => 'ca1-client-key.pem', |
| 112 | 112 | 'expected' => 'PASS'], |
| 113 | - [ |
|
| 113 | + [ |
|
| 114 | 114 | 'status' => 'WRONGPOLICY', |
| 115 | 115 | 'public' => 'ca1-nopolicy-cert.pem', |
| 116 | 116 | 'private' => 'ca1-nopolicy-key.key', |
| 117 | 117 | 'expected' => 'FAIL'], |
| 118 | - [ |
|
| 118 | + [ |
|
| 119 | 119 | 'status' => 'EXPIRED', |
| 120 | 120 | 'public' => 'ca1-exp.pem', |
| 121 | 121 | 'private' => 'ca1-exp.key', |
| 122 | 122 | 'expected' => 'FAIL'], |
| 123 | - [ |
|
| 123 | + [ |
|
| 124 | 124 | 'status' => 'REVOKED', |
| 125 | 125 | 'public' => 'ca1-revoked.pem', |
| 126 | 126 | 'private' => 'ca1-revoked.key', |
| 127 | 127 | 'expected' => 'FAIL'], |
| 128 | 128 | ] |
| 129 | - ], |
|
| 130 | - 'CA-N' => [ |
|
| 129 | + ], |
|
| 130 | + 'CA-N' => [ |
|
| 131 | 131 | 'status' => 'NONACCREDITED', |
| 132 | 132 | 'issuerCA' => '/DC=org/DC=pkiN/CN=PKI N', |
| 133 | 133 | 'certificates' => [ |
| 134 | - [ |
|
| 134 | + [ |
|
| 135 | 135 | 'status' => 'CORRECT', |
| 136 | 136 | 'public' => 'caN-client-cert.pem', |
| 137 | 137 | 'private' => 'caN-client-cert.key', |
| 138 | 138 | 'expected' => 'FAIL'], |
| 139 | - ] |
|
| 140 | - ] |
|
| 141 | - ], |
|
| 142 | - 'accreditedCAsURL' => '', |
|
| 139 | + ] |
|
| 140 | + ] |
|
| 141 | + ], |
|
| 142 | + 'accreditedCAsURL' => '', |
|
| 143 | 143 | ], |
| 144 | 144 | 'eduGainResolver' => [ |
| 145 | 145 | 'url' => 'https://technical.edugain.org/api.php', |
@@ -370,9 +370,9 @@ |
||
| 370 | 370 | // inspired by https://stackoverflow.com/questions/2390604/how-to-pass-variables-as-stdin-into-command-line-from-php |
| 371 | 371 | $proc = CONFIG['PATHS']['openssl']." crl -inform der"; |
| 372 | 372 | $descriptorspec = [ |
| 373 | - 0 => ["pipe", "r"], |
|
| 374 | - 1 => ["pipe", "w"], |
|
| 375 | - 2 => ["pipe", "w"], |
|
| 373 | + 0 => ["pipe", "r"], |
|
| 374 | + 1 => ["pipe", "w"], |
|
| 375 | + 2 => ["pipe", "w"], |
|
| 376 | 376 | ]; |
| 377 | 377 | $process = proc_open($proc, $descriptorspec, $pipes); |
| 378 | 378 | if (!is_resource($process)) { |
@@ -397,7 +397,6 @@ |
||
| 397 | 397 | * |
| 398 | 398 | * @param string $format only "der" and "pem" are currently allowed |
| 399 | 399 | * @return array an array of arrays or empty array on error |
| 400 | - |
|
| 401 | 400 | */ |
| 402 | 401 | final protected function saveCertificateFiles($format) { |
| 403 | 402 | switch ($format) { |
@@ -42,7 +42,7 @@ |
||
| 42 | 42 | $certObject->triggerNewOCSPStatement(); |
| 43 | 43 | } |
| 44 | 44 | |
| 45 | - /* |
|
| 45 | + /* |
|
| 46 | 46 | * and then writes all recently updated statements to a temporary directory. The |
| 47 | 47 | * calling script ocsp_update.sh should then scp all the files to their |
| 48 | 48 | * destination. |
