GEANT /
CAT
@@ -372,20 +372,20 @@ discard block |
||
| 372 | 372 | ); |
| 373 | 373 | // Generate a new private (and public) key pair |
| 374 | 374 | $privkey = openssl_pkey_new(array( |
| 375 | - "private_key_bits" => 4096, |
|
| 376 | - "private_key_type" => OPENSSL_KEYTYPE_RSA)); |
|
| 375 | + "private_key_bits" => 4096, |
|
| 376 | + "private_key_type" => OPENSSL_KEYTYPE_RSA)); |
|
| 377 | 377 | // export private key to $clientprivateKey (as string) |
| 378 | 378 | openssl_pkey_export($privkey, $this->radsec_priv); |
| 379 | 379 | // Generate a certificate signing request |
| 380 | 380 | $csr = openssl_csr_new($dn, $privkey, |
| 381 | - array('digest_alg' => 'sha256', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf")); |
|
| 381 | + array('digest_alg' => 'sha256', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf")); |
|
| 382 | 382 | // get CA certificate and private key |
| 383 | 383 | $caprivkey = array(file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.key"), |
| 384 | 384 | \config\Master::MANAGEDSP['capass']); |
| 385 | 385 | $cacert = file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.pem"); |
| 386 | 386 | $this->setTLSSerialNumber(); |
| 387 | 387 | $clientcert = openssl_csr_sign($csr, $cacert, $caprivkey, \config\Master::MANAGEDSP['daystoexpiry'], |
| 388 | - array('digest_alg'=>'sha512', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf"), $this->radsec_cert_serial_no); |
|
| 388 | + array('digest_alg'=>'sha512', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf"), $this->radsec_cert_serial_no); |
|
| 389 | 389 | openssl_x509_export($clientcert, $this->radsec_cert); |
| 390 | 390 | } |
| 391 | 391 | /** |
@@ -506,9 +506,9 @@ discard block |
||
| 506 | 506 | */ |
| 507 | 507 | public function renewtls() |
| 508 | 508 | { |
| 509 | - $id = $this->identifier; |
|
| 510 | - $futureTlsClient = $this->createTLScredentials(); |
|
| 511 | - $this->databaseHandle->exec("UPDATE deployment SET radsec_priv = ?, radsec_cert = ?, radsec_cert_serial_number = ? WHERE deployment_id = ?", "ssii", $this->radsec_priv, $this->radsec_cert, $this->radsec_cert_serial_no, $id); |
|
| 509 | + $id = $this->identifier; |
|
| 510 | + $futureTlsClient = $this->createTLScredentials(); |
|
| 511 | + $this->databaseHandle->exec("UPDATE deployment SET radsec_priv = ?, radsec_cert = ?, radsec_cert_serial_number = ? WHERE deployment_id = ?", "ssii", $this->radsec_priv, $this->radsec_cert, $this->radsec_cert_serial_no, $id); |
|
| 512 | 512 | } |
| 513 | 513 | |
| 514 | 514 | /** |
@@ -518,38 +518,38 @@ discard block |
||
| 518 | 518 | */ |
| 519 | 519 | public function tlsfromcsr($csr) |
| 520 | 520 | { |
| 521 | - $id = $this->identifier; |
|
| 522 | - $dn = array(); |
|
| 523 | - $dn['rdnSequence'] = array(); |
|
| 524 | - $dn['rdnSequence'][0] = array(); |
|
| 525 | - $dn['rdnSequence'][0][] = array('type' => 'id-at-organizationName', 'value' => array()); |
|
| 526 | - $dn['rdnSequence'][0][0]['value']['utf8String'] = 'eduroam'; |
|
| 527 | - $dn['rdnSequence'][1] = array(); |
|
| 528 | - $dn['rdnSequence'][1][] = array('type' => 'id-at-organizationalUnitName', 'value' => array()); |
|
| 529 | - $dn['rdnSequence'][1][0]['value']['utf8String'] = 'eduroam Managed SP'; |
|
| 530 | - $dn['rdnSequence'][2] = array(); |
|
| 531 | - $dn['rdnSequence'][2][] = array('type' => 'id-at-commonName', 'value' => array()); |
|
| 532 | - $dn['rdnSequence'][2][0]['value']['utf8String'] = 'SP' . $this->identifier . "-" . $this->institution; |
|
| 533 | - $csr->setDN($dn); |
|
| 534 | - $pemcakey = file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.key"); |
|
| 535 | - $cakey = \phpseclib3\Crypt\PublicKeyLoader::loadPrivateKey($pemcakey, \config\Master::MANAGEDSP['capass'] ); |
|
| 536 | - $pemca = file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.pem"); |
|
| 537 | - $ca = new \phpseclib3\File\X509(); |
|
| 538 | - $ca->loadX509($pemca); |
|
| 539 | - $ca->setPrivateKey($cakey); |
|
| 540 | - // Sign the updated request, producing the certificate. |
|
| 541 | - $x509 = new \phpseclib3\File\X509(); |
|
| 542 | - $csr->setExtension('id-ce-keyUsage', ['digitalSignature', 'nonRepudiation', 'keyEncipherment']); |
|
| 543 | - $csr->setExtension('id-ce-extKeyUsage', ['id-kp-clientAuth']); |
|
| 544 | - $csr->setExtension('id-ce-basicConstraints', ['cA' => false], false); |
|
| 545 | - $x509->setEndDate('+' . \config\Master::MANAGEDSP['daystoexpiry'] . ' days'); |
|
| 546 | - $this->setTLSSerialNumber(999999999999999999); |
|
| 547 | - $x509->setSerialNumber($this->radsec_cert_serial_no, 10); |
|
| 548 | - $cert = $x509->loadX509($x509->saveX509($x509->sign($ca, $csr))); |
|
| 549 | - $this->radsec_cert = $x509->saveX509($cert); |
|
| 550 | - $this->radsec_priv = NULL; |
|
| 551 | - //$futureTlsClient = $this->createTLScredentials(); |
|
| 552 | - $this->databaseHandle->exec("UPDATE deployment SET radsec_priv = NULL, radsec_cert = ?, radsec_cert_serial_number = ? WHERE deployment_id = ?", "sii", $this->radsec_cert, $this->radsec_cert_serial_no, $id); |
|
| 521 | + $id = $this->identifier; |
|
| 522 | + $dn = array(); |
|
| 523 | + $dn['rdnSequence'] = array(); |
|
| 524 | + $dn['rdnSequence'][0] = array(); |
|
| 525 | + $dn['rdnSequence'][0][] = array('type' => 'id-at-organizationName', 'value' => array()); |
|
| 526 | + $dn['rdnSequence'][0][0]['value']['utf8String'] = 'eduroam'; |
|
| 527 | + $dn['rdnSequence'][1] = array(); |
|
| 528 | + $dn['rdnSequence'][1][] = array('type' => 'id-at-organizationalUnitName', 'value' => array()); |
|
| 529 | + $dn['rdnSequence'][1][0]['value']['utf8String'] = 'eduroam Managed SP'; |
|
| 530 | + $dn['rdnSequence'][2] = array(); |
|
| 531 | + $dn['rdnSequence'][2][] = array('type' => 'id-at-commonName', 'value' => array()); |
|
| 532 | + $dn['rdnSequence'][2][0]['value']['utf8String'] = 'SP' . $this->identifier . "-" . $this->institution; |
|
| 533 | + $csr->setDN($dn); |
|
| 534 | + $pemcakey = file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.key"); |
|
| 535 | + $cakey = \phpseclib3\Crypt\PublicKeyLoader::loadPrivateKey($pemcakey, \config\Master::MANAGEDSP['capass'] ); |
|
| 536 | + $pemca = file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.pem"); |
|
| 537 | + $ca = new \phpseclib3\File\X509(); |
|
| 538 | + $ca->loadX509($pemca); |
|
| 539 | + $ca->setPrivateKey($cakey); |
|
| 540 | + // Sign the updated request, producing the certificate. |
|
| 541 | + $x509 = new \phpseclib3\File\X509(); |
|
| 542 | + $csr->setExtension('id-ce-keyUsage', ['digitalSignature', 'nonRepudiation', 'keyEncipherment']); |
|
| 543 | + $csr->setExtension('id-ce-extKeyUsage', ['id-kp-clientAuth']); |
|
| 544 | + $csr->setExtension('id-ce-basicConstraints', ['cA' => false], false); |
|
| 545 | + $x509->setEndDate('+' . \config\Master::MANAGEDSP['daystoexpiry'] . ' days'); |
|
| 546 | + $this->setTLSSerialNumber(999999999999999999); |
|
| 547 | + $x509->setSerialNumber($this->radsec_cert_serial_no, 10); |
|
| 548 | + $cert = $x509->loadX509($x509->saveX509($x509->sign($ca, $csr))); |
|
| 549 | + $this->radsec_cert = $x509->saveX509($cert); |
|
| 550 | + $this->radsec_priv = NULL; |
|
| 551 | + //$futureTlsClient = $this->createTLScredentials(); |
|
| 552 | + $this->databaseHandle->exec("UPDATE deployment SET radsec_priv = NULL, radsec_cert = ?, radsec_cert_serial_number = ? WHERE deployment_id = ?", "sii", $this->radsec_cert, $this->radsec_cert_serial_no, $id); |
|
| 553 | 553 | } |
| 554 | 554 | /** |
| 555 | 555 | * marks the deployment as deactivated |
@@ -883,11 +883,11 @@ discard block |
||
| 883 | 883 | unlink("$zipdir/$key/detail.zip"); |
| 884 | 884 | $files = scandir("$zipdir/$key/"); |
| 885 | 885 | foreach($files as $file) { |
| 886 | - if ($file == '.' || $file == '..') continue; |
|
| 887 | - $data = file_get_contents("$zipdir/$key/$file"); |
|
| 888 | - $zipt->addFromString("radius-$key/$file", $data); |
|
| 889 | - $cnt += 1; |
|
| 890 | - unlink("$zipdir/$key/$file"); |
|
| 886 | + if ($file == '.' || $file == '..') continue; |
|
| 887 | + $data = file_get_contents("$zipdir/$key/$file"); |
|
| 888 | + $zipt->addFromString("radius-$key/$file", $data); |
|
| 889 | + $cnt += 1; |
|
| 890 | + unlink("$zipdir/$key/$file"); |
|
| 891 | 891 | } |
| 892 | 892 | if (file_exists("$zipdir/$key")) { |
| 893 | 893 | rmdir("$zipdir/$key"); |
@@ -322,7 +322,7 @@ discard block |
||
| 322 | 322 | $serverCandidates[IdPlist::geoDistance($adminLocation, ['lat' => $iterator->location_lat, 'lon' => $iterator->location_lon])] = $iterator->server_id; |
| 323 | 323 | } |
| 324 | 324 | if ($clients > $maxSupportedClients * 0.9) { |
| 325 | - $this->loggerInstance->debug(1, "A RADIUS server for Managed SP (" . $iterator->server_id . ") is serving at more than 90% capacity!"); |
|
| 325 | + $this->loggerInstance->debug(1, "A RADIUS server for Managed SP (".$iterator->server_id.") is serving at more than 90% capacity!"); |
|
| 326 | 326 | } |
| 327 | 327 | } |
| 328 | 328 | if (count($serverCandidates) == 0 && $federation != "DEFAULT") { |
@@ -344,7 +344,7 @@ discard block |
||
| 344 | 344 | * |
| 345 | 345 | * @throws Exception |
| 346 | 346 | */ |
| 347 | - private function setTLSSerialNumber($max=PHP_INT_MAX) { |
|
| 347 | + private function setTLSSerialNumber($max = PHP_INT_MAX) { |
|
| 348 | 348 | $nonDupSerialFound = FALSE; |
| 349 | 349 | do { |
| 350 | 350 | $serial = random_int(1000000000, $max); |
@@ -364,7 +364,7 @@ discard block |
||
| 364 | 364 | */ |
| 365 | 365 | private function createTLScredentials() |
| 366 | 366 | { |
| 367 | - $clientName = 'SP' . $this->identifier . '-' . $this->institution; |
|
| 367 | + $clientName = 'SP'.$this->identifier.'-'.$this->institution; |
|
| 368 | 368 | $dn = array( |
| 369 | 369 | "organizationName" => "eduroam", |
| 370 | 370 | "organizationalUnitName" => "eduroam Managed SP", |
@@ -378,14 +378,14 @@ discard block |
||
| 378 | 378 | openssl_pkey_export($privkey, $this->radsec_priv); |
| 379 | 379 | // Generate a certificate signing request |
| 380 | 380 | $csr = openssl_csr_new($dn, $privkey, |
| 381 | - array('digest_alg' => 'sha256', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf")); |
|
| 381 | + array('digest_alg' => 'sha256', 'config' => ROOT."/config/ManagedSPCerts/openssl.cnf")); |
|
| 382 | 382 | // get CA certificate and private key |
| 383 | - $caprivkey = array(file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.key"), |
|
| 383 | + $caprivkey = array(file_get_contents(ROOT."/config/ManagedSPCerts/eduroamSP-CA.key"), |
|
| 384 | 384 | \config\Master::MANAGEDSP['capass']); |
| 385 | - $cacert = file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.pem"); |
|
| 385 | + $cacert = file_get_contents(ROOT."/config/ManagedSPCerts/eduroamSP-CA.pem"); |
|
| 386 | 386 | $this->setTLSSerialNumber(); |
| 387 | 387 | $clientcert = openssl_csr_sign($csr, $cacert, $caprivkey, \config\Master::MANAGEDSP['daystoexpiry'], |
| 388 | - array('digest_alg'=>'sha512', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf"), $this->radsec_cert_serial_no); |
|
| 388 | + array('digest_alg'=>'sha512', 'config' => ROOT."/config/ManagedSPCerts/openssl.cnf"), $this->radsec_cert_serial_no); |
|
| 389 | 389 | openssl_x509_export($clientcert, $this->radsec_cert); |
| 390 | 390 | } |
| 391 | 391 | /** |
@@ -410,8 +410,8 @@ discard block |
||
| 410 | 410 | $conditional1 = "AND activity_time > DATE_SUB(NOW(), INTERVAL $backlog SECOND )"; |
| 411 | 411 | $conditional2 = "DESC"; |
| 412 | 412 | } |
| 413 | - $client = 'SP' . $this->identifier . '-' . $this->institution; |
|
| 414 | - $stats = $this->databaseHandle->exec("SELECT activity_time, realm, mac, cui, result, ap_id, prot, outer_user FROM activity WHERE owner = ? $conditional1 ORDER BY activity_time $conditional2", "s", $client ); |
|
| 413 | + $client = 'SP'.$this->identifier.'-'.$this->institution; |
|
| 414 | + $stats = $this->databaseHandle->exec("SELECT activity_time, realm, mac, cui, result, ap_id, prot, outer_user FROM activity WHERE owner = ? $conditional1 ORDER BY activity_time $conditional2", "s", $client); |
|
| 415 | 415 | |
| 416 | 416 | return mysqli_fetch_all($stats, \MYSQLI_ASSOC); |
| 417 | 417 | } |
@@ -529,11 +529,11 @@ discard block |
||
| 529 | 529 | $dn['rdnSequence'][1][0]['value']['utf8String'] = 'eduroam Managed SP'; |
| 530 | 530 | $dn['rdnSequence'][2] = array(); |
| 531 | 531 | $dn['rdnSequence'][2][] = array('type' => 'id-at-commonName', 'value' => array()); |
| 532 | - $dn['rdnSequence'][2][0]['value']['utf8String'] = 'SP' . $this->identifier . "-" . $this->institution; |
|
| 532 | + $dn['rdnSequence'][2][0]['value']['utf8String'] = 'SP'.$this->identifier."-".$this->institution; |
|
| 533 | 533 | $csr->setDN($dn); |
| 534 | - $pemcakey = file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.key"); |
|
| 535 | - $cakey = \phpseclib3\Crypt\PublicKeyLoader::loadPrivateKey($pemcakey, \config\Master::MANAGEDSP['capass'] ); |
|
| 536 | - $pemca = file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.pem"); |
|
| 534 | + $pemcakey = file_get_contents(ROOT."/config/ManagedSPCerts/eduroamSP-CA.key"); |
|
| 535 | + $cakey = \phpseclib3\Crypt\PublicKeyLoader::loadPrivateKey($pemcakey, \config\Master::MANAGEDSP['capass']); |
|
| 536 | + $pemca = file_get_contents(ROOT."/config/ManagedSPCerts/eduroamSP-CA.pem"); |
|
| 537 | 537 | $ca = new \phpseclib3\File\X509(); |
| 538 | 538 | $ca->loadX509($pemca); |
| 539 | 539 | $ca->setPrivateKey($cakey); |
@@ -542,7 +542,7 @@ discard block |
||
| 542 | 542 | $csr->setExtension('id-ce-keyUsage', ['digitalSignature', 'nonRepudiation', 'keyEncipherment']); |
| 543 | 543 | $csr->setExtension('id-ce-extKeyUsage', ['id-kp-clientAuth']); |
| 544 | 544 | $csr->setExtension('id-ce-basicConstraints', ['cA' => false], false); |
| 545 | - $x509->setEndDate('+' . \config\Master::MANAGEDSP['daystoexpiry'] . ' days'); |
|
| 545 | + $x509->setEndDate('+'.\config\Master::MANAGEDSP['daystoexpiry'].' days'); |
|
| 546 | 546 | $this->setTLSSerialNumber(999999999999999999); |
| 547 | 547 | $x509->setSerialNumber($this->radsec_cert_serial_no, 10); |
| 548 | 548 | $cert = $x509->loadX509($x509->saveX509($x509->sign($ca, $csr))); |
@@ -584,7 +584,7 @@ discard block |
||
| 584 | 584 | { |
| 585 | 585 | $customAttrib = $this->getAttributes("managedsp:operatorname"); |
| 586 | 586 | if (count($customAttrib) == 0) { |
| 587 | - return "1sp." . $this->identifier . "-" . $this->institution . \config\ConfAssistant::SILVERBULLET['realm_suffix']; |
|
| 587 | + return "1sp.".$this->identifier."-".$this->institution.\config\ConfAssistant::SILVERBULLET['realm_suffix']; |
|
| 588 | 588 | } |
| 589 | 589 | return $customAttrib[0]["value"]; |
| 590 | 590 | } |
@@ -599,14 +599,14 @@ discard block |
||
| 599 | 599 | private function sendToRADIUS(int $idx, $post) |
| 600 | 600 | { |
| 601 | 601 | $hostname = "radius_hostname_$idx"; |
| 602 | - $ch = curl_init("http://" . $this->$hostname . ':' . \config\Master::MANAGEDSP['radiusconfigport']); |
|
| 602 | + $ch = curl_init("http://".$this->$hostname.':'.\config\Master::MANAGEDSP['radiusconfigport']); |
|
| 603 | 603 | if ($ch === FALSE) { |
| 604 | 604 | $res = 'FAILURE'; |
| 605 | 605 | } else { |
| 606 | 606 | curl_setopt($ch, CURLOPT_USERAGENT, "CAT-ManagedSP"); |
| 607 | 607 | curl_setopt($ch, CURLOPT_POST, 1); |
| 608 | 608 | curl_setopt($ch, CURLOPT_POSTFIELDS, $post); |
| 609 | - $this->loggerInstance->debug(1, "Posting to http://" . $this->$hostname . ':' . \config\Master::MANAGEDSP['radiusconfigport'] . "/$post\n"); |
|
| 609 | + $this->loggerInstance->debug(1, "Posting to http://".$this->$hostname.':'.\config\Master::MANAGEDSP['radiusconfigport']."/$post\n"); |
|
| 610 | 610 | curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); |
| 611 | 611 | curl_setopt($ch, CURLOPT_HEADER, 0); |
| 612 | 612 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); |
@@ -647,19 +647,19 @@ discard block |
||
| 647 | 647 | } else { |
| 648 | 648 | $txt = $remove ? _('Profile deactivation failed') : _('Profile activation/modification failed'); |
| 649 | 649 | } |
| 650 | - $txt = $txt . ' '; |
|
| 650 | + $txt = $txt.' '; |
|
| 651 | 651 | if (array_count_values($response)[$status] == 2) { |
| 652 | - $txt = $txt . _('on both RADIUS servers: primary and backup') . '.'; |
|
| 652 | + $txt = $txt._('on both RADIUS servers: primary and backup').'.'; |
|
| 653 | 653 | } else { |
| 654 | 654 | if ($response['res[1]'] == $status) { |
| 655 | - $txt = $txt . _('on primary RADIUS server') . '.'; |
|
| 655 | + $txt = $txt._('on primary RADIUS server').'.'; |
|
| 656 | 656 | } else { |
| 657 | - $txt = $txt . _('on backup RADIUS server') . '.'; |
|
| 657 | + $txt = $txt._('on backup RADIUS server').'.'; |
|
| 658 | 658 | } |
| 659 | 659 | } |
| 660 | 660 | $mail = \core\common\OutsideComm::mailHandle(); |
| 661 | 661 | $email = $this->getAttributes("support:email")[0]['value']; |
| 662 | - $mail->FromName = \config\Master::APPEARANCE['productname'] . " Notification System"; |
|
| 662 | + $mail->FromName = \config\Master::APPEARANCE['productname']." Notification System"; |
|
| 663 | 663 | $mail->addAddress($email); |
| 664 | 664 | if ($status == 'OK') { |
| 665 | 665 | $mail->Subject = _('RADIUS profile update problem fixed'); |
@@ -693,7 +693,7 @@ discard block |
||
| 693 | 693 | return NULL; |
| 694 | 694 | } |
| 695 | 695 | $timeout = 10; |
| 696 | - curl_setopt($ch, CURLOPT_URL, 'http://' . $host); |
|
| 696 | + curl_setopt($ch, CURLOPT_URL, 'http://'.$host); |
|
| 697 | 697 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); |
| 698 | 698 | curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); |
| 699 | 699 | curl_exec($ch); |
@@ -785,52 +785,52 @@ discard block |
||
| 785 | 785 | { |
| 786 | 786 | $toPost = ($onlyone ? array($onlyone => '') : array(1 => '', 2 => '')); |
| 787 | 787 | if ($torevoke != '') { |
| 788 | - $toPostTemplate = 'instid=' . $this->institution . '&deploymentid=' . $this->identifier . |
|
| 788 | + $toPostTemplate = 'instid='.$this->institution.'&deploymentid='.$this->identifier. |
|
| 789 | 789 | "&torevoke=$torevoke"; |
| 790 | 790 | foreach (array_keys($toPost) as $key) { |
| 791 | 791 | $toPost[$key] = $toPostTemplate; |
| 792 | 792 | } |
| 793 | 793 | } else { |
| 794 | 794 | $remove = ($this->status == \core\AbstractDeployment::INACTIVE) ? 0 : 1; |
| 795 | - $toPostTemplate = 'instid=' . $this->institution . '&deploymentid=' . $this->identifier . |
|
| 796 | - '&secret=' . $this->secret . |
|
| 797 | - '&country=' . $this->getAttributes("internal:country")[0]['value'] . |
|
| 798 | - '&pskkey=' . $this->pskkey . '&'; |
|
| 795 | + $toPostTemplate = 'instid='.$this->institution.'&deploymentid='.$this->identifier. |
|
| 796 | + '&secret='.$this->secret. |
|
| 797 | + '&country='.$this->getAttributes("internal:country")[0]['value']. |
|
| 798 | + '&pskkey='.$this->pskkey.'&'; |
|
| 799 | 799 | if ($remove) { |
| 800 | - $toPostTemplate = $toPostTemplate . 'remove=1&'; |
|
| 800 | + $toPostTemplate = $toPostTemplate.'remove=1&'; |
|
| 801 | 801 | } else { |
| 802 | - $toPostTemplate = $toPostTemplate . 'operatorname=' . $this->getOperatorName() . '&'; |
|
| 802 | + $toPostTemplate = $toPostTemplate.'operatorname='.$this->getOperatorName().'&'; |
|
| 803 | 803 | if ($this->getAttributes("managedsp:vlan")[0]['value'] ?? NULL) { |
| 804 | 804 | $allRealms = $this->getAllRealms(); |
| 805 | 805 | if (!empty($allRealms)) { |
| 806 | - $toPostTemplate = $toPostTemplate . 'vlan=' . $this->getAttributes("managedsp:vlan")[0]['value'] . '&'; |
|
| 807 | - $toPostTemplate = $toPostTemplate . 'realmforvlan[]=' . implode('&realmforvlan[]=', $allRealms) . '&'; |
|
| 806 | + $toPostTemplate = $toPostTemplate.'vlan='.$this->getAttributes("managedsp:vlan")[0]['value'].'&'; |
|
| 807 | + $toPostTemplate = $toPostTemplate.'realmforvlan[]='.implode('&realmforvlan[]=', $allRealms).'&'; |
|
| 808 | 808 | } |
| 809 | 809 | } |
| 810 | 810 | if ($this->getAttributes("managedsp:guest_vlan")[0]['value'] ?? NULL) { |
| 811 | - $toPostTemplate = $toPostTemplate . 'guest_vlan=' . $this->getAttributes("managedsp:guest_vlan")[0]['value'] . '&'; |
|
| 811 | + $toPostTemplate = $toPostTemplate.'guest_vlan='.$this->getAttributes("managedsp:guest_vlan")[0]['value'].'&'; |
|
| 812 | 812 | } |
| 813 | 813 | } |
| 814 | 814 | foreach (array_keys($toPost) as $key) { |
| 815 | - $elem = 'port' . $key; |
|
| 816 | - $toPost[$key] = $toPostTemplate . 'port=' . $this->$elem; |
|
| 815 | + $elem = 'port'.$key; |
|
| 816 | + $toPost[$key] = $toPostTemplate.'port='.$this->$elem; |
|
| 817 | 817 | } |
| 818 | 818 | } |
| 819 | 819 | $response = array(); |
| 820 | 820 | foreach ($toPost as $key => $value) { |
| 821 | - $this->loggerInstance->debug(1, 'toPost ' . $toPost[$key] . "\n"); |
|
| 821 | + $this->loggerInstance->debug(1, 'toPost '.$toPost[$key]."\n"); |
|
| 822 | 822 | // temporarly one server $response['res[' . $key . ']'] = $this->sendToRADIUS($key, $toPost[$key]); |
| 823 | 823 | //if ($key == 2) { |
| 824 | 824 | // $response['res[2]'] = 'OK'; |
| 825 | 825 | //} else { |
| 826 | - $response['res[' . $key . ']'] = $this->sendToRADIUS($key, $toPost[$key]); |
|
| 826 | + $response['res['.$key.']'] = $this->sendToRADIUS($key, $toPost[$key]); |
|
| 827 | 827 | //} |
| 828 | 828 | } |
| 829 | 829 | if ($onlyone) { |
| 830 | - $response['res[' . ($onlyone == 1) ? 2 : 1 . ']'] = \core\AbstractDeployment::RADIUS_OK; |
|
| 830 | + $response['res['.($onlyone == 1) ? 2 : 1.']'] = \core\AbstractDeployment::RADIUS_OK; |
|
| 831 | 831 | } |
| 832 | 832 | foreach (array('OK', 'FAILURE') as $status) { |
| 833 | - if ( ( ($status == 'OK' && $notify) || ($status == 'FAILURE') ) && ( in_array($status, $response) ) ) { |
|
| 833 | + if ((($status == 'OK' && $notify) || ($status == 'FAILURE')) && (in_array($status, $response))) { |
|
| 834 | 834 | $this->sendMailtoAdmin($remove, $response, $status); |
| 835 | 835 | } |
| 836 | 836 | } |
@@ -847,7 +847,7 @@ discard block |
||
| 847 | 847 | { |
| 848 | 848 | $toPost = ($onlyone ? array($onlyone => '') : array(1 => '', 2 => '')); |
| 849 | 849 | if ($logs) { |
| 850 | - $toPostTemplate = 'logid=DEBUG-' . $this->identifier . '-' .$this->institution . "&backlog=$logs"; |
|
| 850 | + $toPostTemplate = 'logid=DEBUG-'.$this->identifier.'-'.$this->institution."&backlog=$logs"; |
|
| 851 | 851 | foreach (array_keys($toPost) as $key) { |
| 852 | 852 | $toPost[$key] = $toPostTemplate; |
| 853 | 853 | } |
@@ -856,13 +856,13 @@ discard block |
||
| 856 | 856 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 857 | 857 | $zipdir = $tempdir['dir']; |
| 858 | 858 | foreach ($toPost as $key => $value) { |
| 859 | - $this->loggerInstance->debug(1, 'toPost ' . $toPost[$key] . "\n"); |
|
| 860 | - $response['res[' . $key . ']'] = $this->sendToRADIUS($key, $toPost[$key]); |
|
| 859 | + $this->loggerInstance->debug(1, 'toPost '.$toPost[$key]."\n"); |
|
| 860 | + $response['res['.$key.']'] = $this->sendToRADIUS($key, $toPost[$key]); |
|
| 861 | 861 | $paths = []; |
| 862 | - if (substr($response['res[' . $key . ']'], 0, 8) == 'ZIPDATA:') { |
|
| 863 | - $data = substr($response['res[' . $key . ']'], 8); |
|
| 862 | + if (substr($response['res['.$key.']'], 0, 8) == 'ZIPDATA:') { |
|
| 863 | + $data = substr($response['res['.$key.']'], 8); |
|
| 864 | 864 | if (!file_exists("$zipdir/$key")) { |
| 865 | - mkdir("$zipdir/$key", 0755, true ); |
|
| 865 | + mkdir("$zipdir/$key", 0755, true); |
|
| 866 | 866 | } |
| 867 | 867 | $fileHandle = fopen("$zipdir/$key/detail.zip", "wb"); |
| 868 | 868 | fwrite($fileHandle, $data); |
@@ -870,7 +870,7 @@ discard block |
||
| 870 | 870 | } |
| 871 | 871 | } |
| 872 | 872 | $zipt = new \ZipArchive; |
| 873 | - $zipt->open("$zipdir/detail-" . $this->identifier . '-' .$this->institution . '.zip', \ZipArchive::CREATE); |
|
| 873 | + $zipt->open("$zipdir/detail-".$this->identifier.'-'.$this->institution.'.zip', \ZipArchive::CREATE); |
|
| 874 | 874 | $cnt = 0; |
| 875 | 875 | foreach ($toPost as $key => $value) { |
| 876 | 876 | if (file_exists("$zipdir/$key/detail.zip")) { |
@@ -882,7 +882,7 @@ discard block |
||
| 882 | 882 | $zipf->close(); |
| 883 | 883 | unlink("$zipdir/$key/detail.zip"); |
| 884 | 884 | $files = scandir("$zipdir/$key/"); |
| 885 | - foreach($files as $file) { |
|
| 885 | + foreach ($files as $file) { |
|
| 886 | 886 | if ($file == '.' || $file == '..') continue; |
| 887 | 887 | $data = file_get_contents("$zipdir/$key/$file"); |
| 888 | 888 | $zipt->addFromString("radius-$key/$file", $data); |
@@ -898,14 +898,14 @@ discard block |
||
| 898 | 898 | $zipt->addEmptyDir('.'); |
| 899 | 899 | } |
| 900 | 900 | $zipt->close(); |
| 901 | - if (file_exists("$zipdir/detail-" . $this->identifier . '-' .$this->institution . '.zip')) { |
|
| 902 | - $data = file_get_contents("$zipdir/detail-" . $this->identifier . '-' .$this->institution . '.zip'); |
|
| 903 | - unlink("$zipdir/detail-" . $this->identifier . '-' .$this->institution . '.zip'); |
|
| 901 | + if (file_exists("$zipdir/detail-".$this->identifier.'-'.$this->institution.'.zip')) { |
|
| 902 | + $data = file_get_contents("$zipdir/detail-".$this->identifier.'-'.$this->institution.'.zip'); |
|
| 903 | + unlink("$zipdir/detail-".$this->identifier.'-'.$this->institution.'.zip'); |
|
| 904 | 904 | rmdir($zipdir); |
| 905 | 905 | } |
| 906 | 906 | if ($data !== FALSE) { |
| 907 | 907 | header('Content-Type: application/zip'); |
| 908 | - header("Content-Disposition: attachment; filename=\"detail-".$this->identifier . '-' .$this->institution.".zip\""); |
|
| 908 | + header("Content-Disposition: attachment; filename=\"detail-".$this->identifier.'-'.$this->institution.".zip\""); |
|
| 909 | 909 | header("Content-Transfer-Encoding: binary"); |
| 910 | 910 | echo $data; |
| 911 | 911 | } |
@@ -883,7 +883,9 @@ |
||
| 883 | 883 | unlink("$zipdir/$key/detail.zip"); |
| 884 | 884 | $files = scandir("$zipdir/$key/"); |
| 885 | 885 | foreach($files as $file) { |
| 886 | - if ($file == '.' || $file == '..') continue; |
|
| 886 | + if ($file == '.' || $file == '..') { |
|
| 887 | + continue; |
|
| 888 | + } |
|
| 887 | 889 | $data = file_get_contents("$zipdir/$key/$file"); |
| 888 | 890 | $zipt->addFromString("radius-$key/$file", $data); |
| 889 | 891 | $cnt += 1; |
@@ -7,23 +7,23 @@ discard block |
||
| 7 | 7 | error_log(serialize($_REQUEST)); |
| 8 | 8 | # when a request contains logid and backlog ";s:11:"DEBUG-11-52";s:7:"backlog";s:1:"7";} |
| 9 | 9 | if ( isset($_REQUEST['logid']) && isset($_REQUEST['backlog']) ) { |
| 10 | - if (substr($_REQUEST['logid'], 0, 5) == 'DEBUG') { |
|
| 11 | - $logid = substr($_REQUEST['logid'], 6); |
|
| 10 | + if (substr($_REQUEST['logid'], 0, 5) == 'DEBUG') { |
|
| 11 | + $logid = substr($_REQUEST['logid'], 6); |
|
| 12 | 12 | } |
| 13 | - $res = cat_socket(implode(':', array($logid, $_REQUEST['backlog']))); |
|
| 14 | - error_log('GOT '.$res); |
|
| 15 | - if (substr($res, 0, strlen(ZIPDIR)) == ZIPDIR) { |
|
| 13 | + $res = cat_socket(implode(':', array($logid, $_REQUEST['backlog']))); |
|
| 14 | + error_log('GOT '.$res); |
|
| 15 | + if (substr($res, 0, strlen(ZIPDIR)) == ZIPDIR) { |
|
| 16 | 16 | error_log('GOT filename '.$res); |
| 17 | 17 | $za = new ZipArchive(); |
| 18 | 18 | $za->open($res); |
| 19 | - header('Content-Type: application/zip'); |
|
| 19 | + header('Content-Type: application/zip'); |
|
| 20 | 20 | header("Content-Disposition: attachment; filename=\"detail_".$logid.".zip\""); |
| 21 | 21 | header("Content-Transfer-Encoding: binary"); |
| 22 | - echo 'ZIPDATA:'.file_get_contents($res); |
|
| 23 | - error_log('Sent data in response'); |
|
| 24 | - } |
|
| 22 | + echo 'ZIPDATA:'.file_get_contents($res); |
|
| 23 | + error_log('Sent data in response'); |
|
| 24 | + } |
|
| 25 | 25 | error_log('with '.$za->numFiles . ' files'); |
| 26 | - exit; |
|
| 26 | + exit; |
|
| 27 | 27 | } |
| 28 | 28 | # MUST provide: deployment_id, inst_id |
| 29 | 29 | # and port, secret, pskkey, country or torevoke |
@@ -32,33 +32,33 @@ discard block |
||
| 32 | 32 | isset($_REQUEST['instid']) && isset($_REQUEST['deploymentid']) && |
| 33 | 33 | (isset($_REQUEST['port']) && isset($_REQUEST['secret']) && isset($_REQUEST['pskkey']) && isset($_REQUEST['country']) || |
| 34 | 34 | isset($_REQUEST['torevoke']))) { |
| 35 | - if (isset($_REQUEST['remove'])) { |
|
| 35 | + if (isset($_REQUEST['remove'])) { |
|
| 36 | 36 | $remove = 1; |
| 37 | - } else { |
|
| 37 | + } else { |
|
| 38 | 38 | if (isset($_REQUEST['operatorname'])) { |
| 39 | - $opn = trim($_REQUEST['operatorname']); |
|
| 39 | + $opn = trim($_REQUEST['operatorname']); |
|
| 40 | 40 | } |
| 41 | 41 | if (isset($_REQUEST['vlan']) && isset($_REQUEST['realmforvlan']) && |
| 42 | 42 | is_array($_REQUEST['realmforvlan'])) { |
| 43 | - $vlans = $_REQUEST['vlan'] . '#' . implode('#', $_REQUEST['realmforvlan']); |
|
| 43 | + $vlans = $_REQUEST['vlan'] . '#' . implode('#', $_REQUEST['realmforvlan']); |
|
| 44 | 44 | } |
| 45 | 45 | if (isset($_REQUEST['guest_vlan'])) { |
| 46 | - $guest_vlan = $_REQUEST['guest_vlan']; |
|
| 46 | + $guest_vlan = $_REQUEST['guest_vlan']; |
|
| 47 | + } |
|
| 48 | + } |
|
| 49 | + if (isset($_REQUEST['torevoke'])) { |
|
| 50 | + $el = explode('#', $_REQUEST['torevoke']); |
|
| 51 | + $res = cat_socket(implode(':', array($_REQUEST['instid'], $_REQUEST['deploymentid'], $el[0], $el[1]))); |
|
| 52 | + } else { |
|
| 53 | + # arguments 5-7 are Base64 encoded |
|
| 54 | + $res = cat_socket(implode(':', array($_REQUEST['country'], |
|
| 55 | + $_REQUEST['instid'], $_REQUEST['deploymentid'], |
|
| 56 | + $_REQUEST['port'], |
|
| 57 | + base64_encode($_REQUEST['secret']), |
|
| 58 | + base64_encode($opn), |
|
| 59 | + base64_encode($vlans), base64_encode($_REQUEST['pskkey']), $guest_vlan, $remove))); |
|
| 47 | 60 | } |
| 48 | - } |
|
| 49 | - if (isset($_REQUEST['torevoke'])) { |
|
| 50 | - $el = explode('#', $_REQUEST['torevoke']); |
|
| 51 | - $res = cat_socket(implode(':', array($_REQUEST['instid'], $_REQUEST['deploymentid'], $el[0], $el[1]))); |
|
| 52 | - } else { |
|
| 53 | - # arguments 5-7 are Base64 encoded |
|
| 54 | - $res = cat_socket(implode(':', array($_REQUEST['country'], |
|
| 55 | - $_REQUEST['instid'], $_REQUEST['deploymentid'], |
|
| 56 | - $_REQUEST['port'], |
|
| 57 | - base64_encode($_REQUEST['secret']), |
|
| 58 | - base64_encode($opn), |
|
| 59 | - base64_encode($vlans), base64_encode($_REQUEST['pskkey']), $guest_vlan, $remove))); |
|
| 60 | - } |
|
| 61 | - echo $res; |
|
| 61 | + echo $res; |
|
| 62 | 62 | } else { |
| 63 | - echo "FAILURE"; |
|
| 63 | + echo "FAILURE"; |
|
| 64 | 64 | } |
@@ -6,7 +6,7 @@ discard block |
||
| 6 | 6 | $guest_vlan = 0; |
| 7 | 7 | error_log(serialize($_REQUEST)); |
| 8 | 8 | # when a request contains logid and backlog ";s:11:"DEBUG-11-52";s:7:"backlog";s:1:"7";} |
| 9 | -if ( isset($_REQUEST['logid']) && isset($_REQUEST['backlog']) ) { |
|
| 9 | +if (isset($_REQUEST['logid']) && isset($_REQUEST['backlog'])) { |
|
| 10 | 10 | if (substr($_REQUEST['logid'], 0, 5) == 'DEBUG') { |
| 11 | 11 | $logid = substr($_REQUEST['logid'], 6); |
| 12 | 12 | } |
@@ -22,7 +22,7 @@ discard block |
||
| 22 | 22 | echo 'ZIPDATA:'.file_get_contents($res); |
| 23 | 23 | error_log('Sent data in response'); |
| 24 | 24 | } |
| 25 | - error_log('with '.$za->numFiles . ' files'); |
|
| 25 | + error_log('with '.$za->numFiles.' files'); |
|
| 26 | 26 | exit; |
| 27 | 27 | } |
| 28 | 28 | # MUST provide: deployment_id, inst_id |
@@ -40,7 +40,7 @@ discard block |
||
| 40 | 40 | } |
| 41 | 41 | if (isset($_REQUEST['vlan']) && isset($_REQUEST['realmforvlan']) && |
| 42 | 42 | is_array($_REQUEST['realmforvlan'])) { |
| 43 | - $vlans = $_REQUEST['vlan'] . '#' . implode('#', $_REQUEST['realmforvlan']); |
|
| 43 | + $vlans = $_REQUEST['vlan'].'#'.implode('#', $_REQUEST['realmforvlan']); |
|
| 44 | 44 | } |
| 45 | 45 | if (isset($_REQUEST['guest_vlan'])) { |
| 46 | 46 | $guest_vlan = $_REQUEST['guest_vlan']; |
