GEANT /
CAT
@@ -91,7 +91,7 @@ discard block |
||
| 91 | 91 | /* Messages */ |
| 92 | 92 | $messages = [ |
| 93 | 93 | 'WRONG_SUBJECT' => _('Submitted Certificate Signing Request contains subject field that does not start with') . ' ' . |
| 94 | - $subject_prefix . '<br>' . _("See CSR generation rules below."), |
|
| 94 | + $subject_prefix . '<br>' . _("See CSR generation rules below."), |
|
| 95 | 95 | 'WRONG_CSR' => _('Submitted Certificate Signing Request is broken - unable to extract the public key from CSR') |
| 96 | 96 | ]; |
| 97 | 97 | $settings = array(); |
@@ -126,9 +126,9 @@ discard block |
||
| 126 | 126 | $dc[] = 'DC=' . $v; |
| 127 | 127 | } |
| 128 | 128 | if ($DN !== array_reverse($dc)) { |
| 129 | - $dc = array(); |
|
| 130 | - $_SESSION['CSR_ERRORS'] = 'WRONG_SUBJECT'; |
|
| 131 | - $_SESSION['FORM_SETTINGS'] = $settings; |
|
| 129 | + $dc = array(); |
|
| 130 | + $_SESSION['CSR_ERRORS'] = 'WRONG_SUBJECT'; |
|
| 131 | + $_SESSION['FORM_SETTINGS'] = $settings; |
|
| 132 | 132 | } |
| 133 | 133 | } else { |
| 134 | 134 | $_SESSION['CSR_ERRORS'] = 'WRONG_SUBJECT'; |
@@ -175,16 +175,16 @@ discard block |
||
| 175 | 175 | } else { |
| 176 | 176 | $ou = $serverInfo["names"][$langInstance->getLang()]; |
| 177 | 177 | } |
| 178 | - $modou = 0; |
|
| 179 | - if (str_contains($ou, ',')) { |
|
| 180 | - $modou = 1; |
|
| 181 | - $ou = str_replace(",", "/,", $ou); |
|
| 182 | - } |
|
| 183 | - $ou = preg_replace('/\s+/', ' ', $ou); |
|
| 184 | - if (strlen($ou) >= 64) { |
|
| 185 | - $ou = substr($ou, 0, 64); |
|
| 186 | - $modou += 2; |
|
| 187 | - } |
|
| 178 | + $modou = 0; |
|
| 179 | + if (str_contains($ou, ',')) { |
|
| 180 | + $modou = 1; |
|
| 181 | + $ou = str_replace(",", "/,", $ou); |
|
| 182 | + } |
|
| 183 | + $ou = preg_replace('/\s+/', ' ', $ou); |
|
| 184 | + if (strlen($ou) >= 64) { |
|
| 185 | + $ou = substr($ou, 0, 64); |
|
| 186 | + $modou += 2; |
|
| 187 | + } |
|
| 188 | 188 | $DN[] = "O=".iconv('UTF-8', 'ASCII//TRANSLIT', $ou); |
| 189 | 189 | $serverList = explode(",", $serverInfo["servers"]); |
| 190 | 190 | $DN[] = "CN=" . $serverList[0]; |
@@ -209,20 +209,20 @@ discard block |
||
| 209 | 209 | echo "<p style='font-size: large'>" . _("Requesting a certificate with the following properties"); |
| 210 | 210 | echo "<ul>"; |
| 211 | 211 | echo "<li>" . _("Policy OIDs: ") . implode(", ", $policies) . "</li>"; |
| 212 | - echo "<li>" . _("Distinguished Name: ") . implode(", ", $DN); |
|
| 213 | - if ($modou > 0) { |
|
| 214 | - echo " ("; |
|
| 212 | + echo "<li>" . _("Distinguished Name: ") . implode(", ", $DN); |
|
| 213 | + if ($modou > 0) { |
|
| 214 | + echo " ("; |
|
| 215 | 215 | echo _("Organization field adjusted"). ': '; |
| 216 | - $desc = array(); |
|
| 217 | - if ($modou >= 2) { |
|
| 218 | - $desc[] = _("truncated to 64 chars"); |
|
| 219 | - } |
|
| 220 | - if ($modou == 1 || $modou == 3) { |
|
| 221 | - $desc[] = _("commas escaped"); |
|
| 216 | + $desc = array(); |
|
| 217 | + if ($modou >= 2) { |
|
| 218 | + $desc[] = _("truncated to 64 chars"); |
|
| 219 | + } |
|
| 220 | + if ($modou == 1 || $modou == 3) { |
|
| 221 | + $desc[] = _("commas escaped"); |
|
| 222 | 222 | } |
| 223 | - echo implode(', ', $desc); |
|
| 224 | - echo ")"; |
|
| 225 | - } |
|
| 223 | + echo implode(', ', $desc); |
|
| 224 | + echo ")"; |
|
| 225 | + } |
|
| 226 | 226 | echo "</li>"; |
| 227 | 227 | echo "<li>" . _("subjectAltName:DNS : ") . implode(", ", $serverList) . "</li>"; |
| 228 | 228 | echo "<li>" . _("Requester Contact Details: ") . $firstName . " <" . $firstMail . ">" . "</li>"; |
@@ -377,7 +377,7 @@ discard block |
||
| 377 | 377 | <?php if (empty($policies)) {?> |
| 378 | 378 | eduroam IdP/SP |
| 379 | 379 | <?php } else { |
| 380 | - echo implode(', ', $policies); |
|
| 380 | + echo implode(', ', $policies); |
|
| 381 | 381 | }?> |
| 382 | 382 | </span> |
| 383 | 383 | </h3> |
@@ -27,7 +27,7 @@ discard block |
||
| 27 | 27 | */ |
| 28 | 28 | ?> |
| 29 | 29 | <?php |
| 30 | -require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
| 30 | +require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php"; |
|
| 31 | 31 | $auth = new \web\lib\admin\Authentication(); |
| 32 | 32 | $deco = new \web\lib\admin\PageDecoration(); |
| 33 | 33 | $validator = new \web\lib\common\InputValidation(); |
@@ -90,23 +90,23 @@ discard block |
||
| 90 | 90 | $subject_prefix = implode(', ', array_reverse($DN)); |
| 91 | 91 | /* Messages */ |
| 92 | 92 | $messages = [ |
| 93 | - 'WRONG_SUBJECT' => _('Submitted Certificate Signing Request contains subject field that does not start with') . ' ' . |
|
| 94 | - $subject_prefix . '<br>' . _("See CSR generation rules below."), |
|
| 93 | + 'WRONG_SUBJECT' => _('Submitted Certificate Signing Request contains subject field that does not start with').' '. |
|
| 94 | + $subject_prefix.'<br>'._("See CSR generation rules below."), |
|
| 95 | 95 | 'WRONG_CSR' => _('Submitted Certificate Signing Request is broken - unable to extract the public key from CSR') |
| 96 | 96 | ]; |
| 97 | 97 | $settings = array(); |
| 98 | - if (isset($_SESSION['CSR_ERRORS']) && $_SESSION['CSR_ERRORS'] != '') { |
|
| 99 | - print '<h3 id="errorbox"><font color="red">'. $messages[$_SESSION['CSR_ERRORS']].'</font></h3>'; |
|
| 98 | + if (isset($_SESSION['CSR_ERRORS']) && $_SESSION['CSR_ERRORS'] != '') { |
|
| 99 | + print '<h3 id="errorbox"><font color="red">'.$messages[$_SESSION['CSR_ERRORS']].'</font></h3>'; |
|
| 100 | 100 | unset($_SESSION['CSR_ERRORS']); |
| 101 | 101 | } |
| 102 | - if (isset($_SESSION['FORM_SETTINGS']) && $_SESSION['FORM_SETTINGS'] != '') { |
|
| 102 | + if (isset($_SESSION['FORM_SETTINGS']) && $_SESSION['FORM_SETTINGS'] != '') { |
|
| 103 | 103 | $settings = $_SESSION['FORM_SETTINGS']; |
| 104 | 104 | unset($_SESSION['FORM_SETTINGS']); |
| 105 | 105 | } |
| 106 | 106 | if (empty($settings) && isset($_POST['LEVEL'])) { |
| 107 | 107 | $settings = array('LEVEL' => $_POST['LEVEL'], 'NRO-list' => $_POST['NRO-list'], 'INST-list' => $_POST['INST-list']); |
| 108 | 108 | } |
| 109 | - if ( isset($_POST['requestcert']) && $_POST['requestcert'] == \web\lib\common\FormElements::BUTTON_SAVE) { |
|
| 109 | + if (isset($_POST['requestcert']) && $_POST['requestcert'] == \web\lib\common\FormElements::BUTTON_SAVE) { |
|
| 110 | 110 | // basic sanity checks before we hand this over to openssl |
| 111 | 111 | $sanitisedCsr = $validator->string($_POST['CSR'] ?? "", TRUE); |
| 112 | 112 | |
@@ -123,7 +123,7 @@ discard block |
||
| 123 | 123 | if (!empty($subject_keys)) { |
| 124 | 124 | if ($subject_keys[0] == 'DC' && $subject['DC']) { |
| 125 | 125 | foreach ($subject['DC'] as $v) { |
| 126 | - $dc[] = 'DC=' . $v; |
|
| 126 | + $dc[] = 'DC='.$v; |
|
| 127 | 127 | } |
| 128 | 128 | if ($DN !== array_reverse($dc)) { |
| 129 | 129 | $dc = array(); |
@@ -147,12 +147,12 @@ discard block |
||
| 147 | 147 | } |
| 148 | 148 | $fed = $validator->existingFederation($_POST['NRO-list']); |
| 149 | 149 | $country = strtoupper($fed->tld); |
| 150 | - $code = isset($cat->knownFederations[$country]['code']) ? $cat->knownFederations[$country]['code'] : $country ; |
|
| 150 | + $code = isset($cat->knownFederations[$country]['code']) ? $cat->knownFederations[$country]['code'] : $country; |
|
| 151 | 151 | $DN[] = "C=$code"; |
| 152 | - $DN[] = "O=NRO of " . iconv('UTF-8', 'ASCII//TRANSLIT', $cat->knownFederations[$country]['name']); |
|
| 152 | + $DN[] = "O=NRO of ".iconv('UTF-8', 'ASCII//TRANSLIT', $cat->knownFederations[$country]['name']); |
|
| 153 | 153 | $serverInfo = $externalDb->listExternalTlsServersFederation($fed->tld); |
| 154 | 154 | $serverList = explode(",", array_key_first($serverInfo)); |
| 155 | - $DN[] = "CN=" . $serverList[0]; |
|
| 155 | + $DN[] = "CN=".$serverList[0]; |
|
| 156 | 156 | $policies[] = "eduroam IdP"; |
| 157 | 157 | $policies[] = "eduroam SP"; |
| 158 | 158 | $firstName = $serverInfo[array_key_first($serverInfo)][0]["name"]; |
@@ -167,7 +167,7 @@ discard block |
||
| 167 | 167 | throw new Exception(sprintf("Sorry: you are not %s admin for the %s requested in the form.", $uiElements->nomenclatureFed, $uiElements->nomenclatureFed)); |
| 168 | 168 | } |
| 169 | 169 | $country = strtoupper($matches[1]); |
| 170 | - $code = isset($cat->knownFederations[$country]['code']) ? $cat->knownFederations[$country]['code'] : $country ; |
|
| 170 | + $code = isset($cat->knownFederations[$country]['code']) ? $cat->knownFederations[$country]['code'] : $country; |
|
| 171 | 171 | $DN[] = "C=$code"; |
| 172 | 172 | $serverInfo = $extInsts[$_POST['INST-list']]; |
| 173 | 173 | if (isset($serverInfo["names"]["en"])) { |
@@ -180,14 +180,14 @@ discard block |
||
| 180 | 180 | $modou = 1; |
| 181 | 181 | $ou = str_replace(",", "/,", $ou); |
| 182 | 182 | } |
| 183 | - $ou = preg_replace('/\s+/', ' ', $ou); |
|
| 183 | + $ou = preg_replace('/\s+/', ' ', $ou); |
|
| 184 | 184 | if (strlen($ou) >= 64) { |
| 185 | 185 | $ou = substr($ou, 0, 64); |
| 186 | 186 | $modou += 2; |
| 187 | 187 | } |
| 188 | 188 | $DN[] = "O=".iconv('UTF-8', 'ASCII//TRANSLIT', $ou); |
| 189 | 189 | $serverList = explode(",", $serverInfo["servers"]); |
| 190 | - $DN[] = "CN=" . $serverList[0]; |
|
| 190 | + $DN[] = "CN=".$serverList[0]; |
|
| 191 | 191 | switch ($serverInfo["type"]) { |
| 192 | 192 | case core\IdP::TYPE_IDPSP: |
| 193 | 193 | $policies[] = "eduroam IdP"; |
@@ -206,13 +206,13 @@ discard block |
||
| 206 | 206 | default: |
| 207 | 207 | throw new Exception("Sorry: Unknown level of issuance requested."); |
| 208 | 208 | } |
| 209 | - echo "<p style='font-size: large'>" . _("Requesting a certificate with the following properties"); |
|
| 209 | + echo "<p style='font-size: large'>"._("Requesting a certificate with the following properties"); |
|
| 210 | 210 | echo "<ul>"; |
| 211 | - echo "<li>" . _("Policy OIDs: ") . implode(", ", $policies) . "</li>"; |
|
| 212 | - echo "<li>" . _("Distinguished Name: ") . implode(", ", $DN); |
|
| 211 | + echo "<li>"._("Policy OIDs: ").implode(", ", $policies)."</li>"; |
|
| 212 | + echo "<li>"._("Distinguished Name: ").implode(", ", $DN); |
|
| 213 | 213 | if ($modou > 0) { |
| 214 | 214 | echo " ("; |
| 215 | - echo _("Organization field adjusted"). ': '; |
|
| 215 | + echo _("Organization field adjusted").': '; |
|
| 216 | 216 | $desc = array(); |
| 217 | 217 | if ($modou >= 2) { |
| 218 | 218 | $desc[] = _("truncated to 64 chars"); |
@@ -224,8 +224,8 @@ discard block |
||
| 224 | 224 | echo ")"; |
| 225 | 225 | } |
| 226 | 226 | echo "</li>"; |
| 227 | - echo "<li>" . _("subjectAltName:DNS : ") . implode(", ", $serverList) . "</li>"; |
|
| 228 | - echo "<li>" . _("Requester Contact Details: ") . $firstName . " <" . $firstMail . ">" . "</li>"; |
|
| 227 | + echo "<li>"._("subjectAltName:DNS : ").implode(", ", $serverList)."</li>"; |
|
| 228 | + echo "<li>"._("Requester Contact Details: ").$firstName." <".$firstMail.">"."</li>"; |
|
| 229 | 229 | echo "</ul></p>"; |
| 230 | 230 | |
| 231 | 231 | $vettedCsr = $validator->string($_POST['CSR'], true); |
@@ -241,7 +241,7 @@ discard block |
||
| 241 | 241 | $loggerInstance->debug(2, $DN, "CERT DN: ", "\n"); |
| 242 | 242 | // our certs can be good for max 5 years |
| 243 | 243 | $fed->requestCertificate($user->identifier, $newCsrWithMeta, $expiryDays); |
| 244 | - echo "<p>" . _("The certificate was requested.") . "</p>"; |
|
| 244 | + echo "<p>"._("The certificate was requested.")."</p>"; |
|
| 245 | 245 | ?> |
| 246 | 246 | <form action="overview_certificates.php" method="GET"> |
| 247 | 247 | <button type="submit"><?php echo _("Back to Certificate Overview"); ?></button> |
@@ -259,7 +259,7 @@ discard block |
||
| 259 | 259 | switch (count($feds)) { |
| 260 | 260 | case 0: |
| 261 | 261 | echo "<div>"; |
| 262 | - echo $uiElements->boxRemark("<strong>" . sprintf(_("None of your %s servers has complete information in the database."),$uiElements->nomenclatureFed)."</strong>" . _("At least the DNS names of TLS servers and a role-based contact mail address are required.")); |
|
| 262 | + echo $uiElements->boxRemark("<strong>".sprintf(_("None of your %s servers has complete information in the database."), $uiElements->nomenclatureFed)."</strong>"._("At least the DNS names of TLS servers and a role-based contact mail address are required.")); |
|
| 263 | 263 | echo "</div>"; |
| 264 | 264 | break; |
| 265 | 265 | case 1: |
@@ -267,22 +267,22 @@ discard block |
||
| 267 | 267 | if (empty($settings) || (isset($settings['LEVEL']) && $settings['LEVEL'] == 'NRO')) { |
| 268 | 268 | echo ' checked'; |
| 269 | 269 | } |
| 270 | - echo '>' . sprintf(_("Certificate for %s") ." ", $uiElements->nomenclatureFed) . '</input>'; |
|
| 271 | - echo " <strong>" . $cat->knownFederations[$feds[0]->tld]['name'] . "</strong>"; |
|
| 272 | - echo '<input type="hidden" name="NRO-list" id="NRO-list" value="' . $feds[0]->tld . '"/>'; |
|
| 270 | + echo '>'.sprintf(_("Certificate for %s")." ", $uiElements->nomenclatureFed).'</input>'; |
|
| 271 | + echo " <strong>".$cat->knownFederations[$feds[0]->tld]['name']."</strong>"; |
|
| 272 | + echo '<input type="hidden" name="NRO-list" id="NRO-list" value="'.$feds[0]->tld.'"/>'; |
|
| 273 | 273 | break; |
| 274 | 274 | default: |
| 275 | 275 | echo '<input type="radio" name="LEVEL" id="NRO" value="NRO"'; |
| 276 | 276 | if (empty($settings) || isset($settings['LEVEL']) && $settings['LEVEL'] == 'NRO') { |
| 277 | 277 | echo ' checked'; |
| 278 | 278 | } |
| 279 | - echo '>' . sprintf(_("Certificate for %s") ." ", $uiElements->nomenclatureFed) . '</input>'; |
|
| 279 | + echo '>'.sprintf(_("Certificate for %s")." ", $uiElements->nomenclatureFed).'</input>'; |
|
| 280 | 280 | ?> |
| 281 | 281 | <select name="NRO-list" id="NRO-list"> |
| 282 | 282 | <option value="notset"><?php echo _("---PLEASE CHOOSE---"); ?></option> |
| 283 | 283 | <?php |
| 284 | 284 | foreach ($feds as $oneFed) { |
| 285 | - echo '<option value="' . strtoupper($oneFed->tld) . '">' . $cat->knownFederations[$oneFed->tld]['name'] . "</option>"; |
|
| 285 | + echo '<option value="'.strtoupper($oneFed->tld).'">'.$cat->knownFederations[$oneFed->tld]['name']."</option>"; |
|
| 286 | 286 | #echo '<option value="AAA' . strtoupper($oneFed->tld) . '">' . $oneIdP["names"][$langObject->getLang()] . "</option>"; |
| 287 | 287 | |
| 288 | 288 | } |
@@ -295,18 +295,18 @@ discard block |
||
| 295 | 295 | <script> |
| 296 | 296 | var instservers = []; |
| 297 | 297 | var instpolicies = []; |
| 298 | - var nroservers = '<?php echo str_replace(",", ", ", array_key_first($serverInfo));?>'; |
|
| 298 | + var nroservers = '<?php echo str_replace(",", ", ", array_key_first($serverInfo)); ?>'; |
|
| 299 | 299 | <?php |
| 300 | 300 | $allIdPs = []; |
| 301 | 301 | foreach ($allAuthorizedFeds as $oneFed) { |
| 302 | 302 | foreach ($externalDb->listExternalTlsServersInstitution($oneFed['value']) as $id => $oneIdP) { |
| 303 | - $allIdPs[$id] = '[' . substr($id, 0, 2) . '] ' . $oneIdP["name"]; |
|
| 304 | - echo "instservers['" . $id . "']='" . str_replace(",", ", ", $oneIdP["servers"]) . "';\n"; |
|
| 305 | - echo "instpolicies['" . $id . "']='"; |
|
| 303 | + $allIdPs[$id] = '['.substr($id, 0, 2).'] '.$oneIdP["name"]; |
|
| 304 | + echo "instservers['".$id."']='".str_replace(",", ", ", $oneIdP["servers"])."';\n"; |
|
| 305 | + echo "instpolicies['".$id."']='"; |
|
| 306 | 306 | if ($oneIdP["type"] == 'IdPSP') { |
| 307 | 307 | echo "eduroam IdP/SP"; |
| 308 | 308 | } else { |
| 309 | - echo "eduroam " . $oneIdP["type"]; |
|
| 309 | + echo "eduroam ".$oneIdP["type"]; |
|
| 310 | 310 | } |
| 311 | 311 | echo "';\n"; |
| 312 | 312 | } |
@@ -352,9 +352,9 @@ discard block |
||
| 352 | 352 | <option value="notset"><?php echo _("---PLEASE CHOOSE---"); ?></option> |
| 353 | 353 | <?php |
| 354 | 354 | foreach ($allIdPs as $id => $name) { |
| 355 | - echo '<option value="' . $id . '"'; |
|
| 355 | + echo '<option value="'.$id.'"'; |
|
| 356 | 356 | if (isset($settings['INST-list']) && $settings['INST-list'] == $id) { echo ' selected'; } |
| 357 | - echo '>' . $name . "</option>"; |
|
| 357 | + echo '>'.$name."</option>"; |
|
| 358 | 358 | } |
| 359 | 359 | ?> |
| 360 | 360 | </select> |
@@ -368,7 +368,7 @@ discard block |
||
| 368 | 368 | <?php |
| 369 | 369 | echo _('According to the above settings you will receive') |
| 370 | 370 | ?> |
| 371 | - <span id='certlevel'><?php echo _('NRO level certificate');?></span> |
|
| 371 | + <span id='certlevel'><?php echo _('NRO level certificate'); ?></span> |
|
| 372 | 372 | |
| 373 | 373 | for server names: |
| 374 | 374 | <span id='serversinfo'><?php echo str_replace(",", ", ", array_key_first($serverInfo)); ?></span> |
@@ -384,12 +384,12 @@ discard block |
||
| 384 | 384 | <?php |
| 385 | 385 | } else { |
| 386 | 386 | echo "<div>"; |
| 387 | - echo $uiElements->boxRemark(sprintf(_("<strong>No organisation inside your %s has complete information in the database</strong>."." "._("At least the DNS names of TLS servers and a role-based contact mail address are required.")),$uiElements->nomenclatureFed), "No TLS capable org!", true); |
|
| 387 | + echo $uiElements->boxRemark(sprintf(_("<strong>No organisation inside your %s has complete information in the database</strong>."." "._("At least the DNS names of TLS servers and a role-based contact mail address are required.")), $uiElements->nomenclatureFed), "No TLS capable org!", true); |
|
| 388 | 388 | echo "</div>"; |
| 389 | 389 | } |
| 390 | 390 | ?> |
| 391 | 391 | <?php |
| 392 | - echo '<div id="ondb"><h4 style="margin: 0">' . _("Can't you find an institution on the select list above?") . '</h4>'; |
|
| 392 | + echo '<div id="ondb"><h4 style="margin: 0">'._("Can't you find an institution on the select list above?").'</h4>'; |
|
| 393 | 393 | echo _("Most likely we do not have required data on this institution in the eduroam database."); |
| 394 | 394 | echo '<br/>'; |
| 395 | 395 | ?> |
@@ -397,16 +397,16 @@ discard block |
||
| 397 | 397 | <?php |
| 398 | 398 | echo _('On this page'); |
| 399 | 399 | echo '</a> '; |
| 400 | - echo _('you can check what information is in the datatabase') . '.'; |
|
| 400 | + echo _('you can check what information is in the datatabase').'.'; |
|
| 401 | 401 | echo '</div>'; |
| 402 | 402 | if (count($feds) > 0 || count($allIdPs) > 0) {?> |
| 403 | 403 | <h2><?php echo _("2. CSR generation"); ?></h2> |
| 404 | 404 | <p> |
| 405 | 405 | <?php |
| 406 | - echo _("The CSR subject field has to start with ") .'<b>' . $subject_prefix . '</b><br>'; |
|
| 406 | + echo _("The CSR subject field has to start with ").'<b>'.$subject_prefix.'</b><br>'; |
|
| 407 | 407 | echo _("One way to generate an acceptable certificate request is via this openssl one-liner:"); ?></p> |
| 408 | 408 | <?php |
| 409 | - echo "<b>openssl req -new -newkey rsa:4096 -out test.csr -keyout test.key -subj /". implode('/', array_reverse($DN)) ."/C=XY/O=WillBeReplaced/CN=will.be.replaced</b>"; |
|
| 409 | + echo "<b>openssl req -new -newkey rsa:4096 -out test.csr -keyout test.key -subj /".implode('/', array_reverse($DN))."/C=XY/O=WillBeReplaced/CN=will.be.replaced</b>"; |
|
| 410 | 410 | ?> |
| 411 | 411 | <h2><?php echo _("3. Submission"); ?></h2> |
| 412 | 412 | <?php echo _("Please paste your CSR here:"); ?><br/><textarea name="CSR" id="CSR" rows="20" cols="85"/></textarea><br/> |
@@ -348,19 +348,19 @@ discard block |
||
| 348 | 348 | ); |
| 349 | 349 | // Generate a new private (and public) key pair |
| 350 | 350 | $privkey = openssl_pkey_new(array( |
| 351 | - "private_key_bits" => 4096, |
|
| 352 | - "private_key_type" => OPENSSL_KEYTYPE_RSA)); |
|
| 351 | + "private_key_bits" => 4096, |
|
| 352 | + "private_key_type" => OPENSSL_KEYTYPE_RSA)); |
|
| 353 | 353 | // export private key to $clientprivateKey (as string) |
| 354 | 354 | openssl_pkey_export($privkey, $this->radsec_priv); |
| 355 | 355 | // Generate a certificate signing request |
| 356 | 356 | $csr = openssl_csr_new($dn, $privkey, |
| 357 | - array('digest_alg' => 'sha256', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf")); |
|
| 357 | + array('digest_alg' => 'sha256', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf")); |
|
| 358 | 358 | // get CA certificate and private key |
| 359 | 359 | $caprivkey = array(file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.key"), |
| 360 | 360 | \config\Master::MANAGEDSP['capass']); |
| 361 | 361 | $cacert = file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.pem"); |
| 362 | 362 | $clientcert = openssl_csr_sign($csr, $cacert, $caprivkey, \config\Master::MANAGEDSP['daystoexpiry'], |
| 363 | - array('digest_alg'=>'sha256', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf"), rand()); |
|
| 363 | + array('digest_alg'=>'sha256', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf"), rand()); |
|
| 364 | 364 | openssl_x509_export($clientcert, $this->radsec_cert); |
| 365 | 365 | } |
| 366 | 366 | /** |
@@ -479,9 +479,9 @@ discard block |
||
| 479 | 479 | */ |
| 480 | 480 | public function renewtls() |
| 481 | 481 | { |
| 482 | - $id = $this->identifier; |
|
| 483 | - $futureTlsClient = $this->createTLScredentials(); |
|
| 484 | - $this->databaseHandle->exec("UPDATE deployment SET radsec_priv = ?, radsec_cert = ? WHERE deployment_id = ?", "ssi", $this->radsec_priv, $this->radsec_cert, $id); |
|
| 482 | + $id = $this->identifier; |
|
| 483 | + $futureTlsClient = $this->createTLScredentials(); |
|
| 484 | + $this->databaseHandle->exec("UPDATE deployment SET radsec_priv = ?, radsec_cert = ? WHERE deployment_id = ?", "ssi", $this->radsec_priv, $this->radsec_cert, $id); |
|
| 485 | 485 | } |
| 486 | 486 | /** |
| 487 | 487 | * marks the deployment as deactivated |
@@ -316,7 +316,7 @@ discard block |
||
| 316 | 316 | $serverCandidates[IdPlist::geoDistance($adminLocation, ['lat' => $iterator->location_lat, 'lon' => $iterator->location_lon])] = $iterator->server_id; |
| 317 | 317 | } |
| 318 | 318 | if ($clients > $maxSupportedClients * 0.9) { |
| 319 | - $this->loggerInstance->debug(1, "A RADIUS server for Managed SP (" . $iterator->server_id . ") is serving at more than 90% capacity!"); |
|
| 319 | + $this->loggerInstance->debug(1, "A RADIUS server for Managed SP (".$iterator->server_id.") is serving at more than 90% capacity!"); |
|
| 320 | 320 | } |
| 321 | 321 | } |
| 322 | 322 | if (count($serverCandidates) == 0 && $federation != "DEFAULT") { |
@@ -340,7 +340,7 @@ discard block |
||
| 340 | 340 | */ |
| 341 | 341 | private function createTLScredentials() |
| 342 | 342 | { |
| 343 | - $clientName = "SP_" . $this->identifier . '-' . $this->institution; |
|
| 343 | + $clientName = "SP_".$this->identifier.'-'.$this->institution; |
|
| 344 | 344 | $dn = array( |
| 345 | 345 | "organizationName" => "eduroam", |
| 346 | 346 | "organizationalUnitName" => "eduroam Managed SP", |
@@ -354,13 +354,13 @@ discard block |
||
| 354 | 354 | openssl_pkey_export($privkey, $this->radsec_priv); |
| 355 | 355 | // Generate a certificate signing request |
| 356 | 356 | $csr = openssl_csr_new($dn, $privkey, |
| 357 | - array('digest_alg' => 'sha256', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf")); |
|
| 357 | + array('digest_alg' => 'sha256', 'config' => ROOT."/config/ManagedSPCerts/openssl.cnf")); |
|
| 358 | 358 | // get CA certificate and private key |
| 359 | - $caprivkey = array(file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.key"), |
|
| 359 | + $caprivkey = array(file_get_contents(ROOT."/config/ManagedSPCerts/eduroamSP-CA.key"), |
|
| 360 | 360 | \config\Master::MANAGEDSP['capass']); |
| 361 | - $cacert = file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.pem"); |
|
| 361 | + $cacert = file_get_contents(ROOT."/config/ManagedSPCerts/eduroamSP-CA.pem"); |
|
| 362 | 362 | $clientcert = openssl_csr_sign($csr, $cacert, $caprivkey, \config\Master::MANAGEDSP['daystoexpiry'], |
| 363 | - array('digest_alg'=>'sha256', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf"), rand()); |
|
| 363 | + array('digest_alg'=>'sha256', 'config' => ROOT."/config/ManagedSPCerts/openssl.cnf"), rand()); |
|
| 364 | 364 | openssl_x509_export($clientcert, $this->radsec_cert); |
| 365 | 365 | } |
| 366 | 366 | /** |
@@ -385,7 +385,7 @@ discard block |
||
| 385 | 385 | $conditional1 = "AND activity_time > DATE_SUB(NOW(), INTERVAL $backlog SECOND)"; |
| 386 | 386 | $conditional2 = ""; |
| 387 | 387 | } |
| 388 | - $stats = $this->databaseHandle->exec("SELECT activity_time, realm, mac, cui, result, ap_id FROM activity WHERE operatorname = ? $conditional1 ORDER BY activity_time $conditional2", "s", $opName ); |
|
| 388 | + $stats = $this->databaseHandle->exec("SELECT activity_time, realm, mac, cui, result, ap_id FROM activity WHERE operatorname = ? $conditional1 ORDER BY activity_time $conditional2", "s", $opName); |
|
| 389 | 389 | return mysqli_fetch_all($stats, \MYSQLI_ASSOC); |
| 390 | 390 | } |
| 391 | 391 | |
@@ -516,7 +516,7 @@ discard block |
||
| 516 | 516 | { |
| 517 | 517 | $customAttrib = $this->getAttributes("managedsp:operatorname"); |
| 518 | 518 | if (count($customAttrib) == 0) { |
| 519 | - return "1sp." . $this->identifier . "-" . $this->institution . \config\ConfAssistant::SILVERBULLET['realm_suffix']; |
|
| 519 | + return "1sp.".$this->identifier."-".$this->institution.\config\ConfAssistant::SILVERBULLET['realm_suffix']; |
|
| 520 | 520 | } |
| 521 | 521 | return $customAttrib[0]["value"]; |
| 522 | 522 | } |
@@ -531,14 +531,14 @@ discard block |
||
| 531 | 531 | private function sendToRADIUS(int $idx, $post) |
| 532 | 532 | { |
| 533 | 533 | $hostname = "radius_hostname_$idx"; |
| 534 | - $ch = curl_init("http://" . $this->$hostname . ':' . \config\Master::MANAGEDSP['radiusconfigport']); |
|
| 534 | + $ch = curl_init("http://".$this->$hostname.':'.\config\Master::MANAGEDSP['radiusconfigport']); |
|
| 535 | 535 | if ($ch === FALSE) { |
| 536 | 536 | $res = 'FAILURE'; |
| 537 | 537 | } else { |
| 538 | 538 | curl_setopt($ch, CURLOPT_USERAGENT, "CAT-ManagedSP"); |
| 539 | 539 | curl_setopt($ch, CURLOPT_POST, 1); |
| 540 | 540 | curl_setopt($ch, CURLOPT_POSTFIELDS, $post); |
| 541 | - $this->loggerInstance->debug(1, "Posting to http://" . $this->$hostname . ':' . \config\Master::MANAGEDSP['radiusconfigport'] . "/$post\n"); |
|
| 541 | + $this->loggerInstance->debug(1, "Posting to http://".$this->$hostname.':'.\config\Master::MANAGEDSP['radiusconfigport']."/$post\n"); |
|
| 542 | 542 | curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); |
| 543 | 543 | curl_setopt($ch, CURLOPT_HEADER, 0); |
| 544 | 544 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); |
@@ -577,19 +577,19 @@ discard block |
||
| 577 | 577 | } else { |
| 578 | 578 | $txt = $remove ? _('Profile deactivation failed') : _('Profile activation/modification failed'); |
| 579 | 579 | } |
| 580 | - $txt = $txt . ' '; |
|
| 580 | + $txt = $txt.' '; |
|
| 581 | 581 | if (array_count_values($response)[$status] == 2) { |
| 582 | - $txt = $txt . _('on both RADIUS servers: primary and backup') . '.'; |
|
| 582 | + $txt = $txt._('on both RADIUS servers: primary and backup').'.'; |
|
| 583 | 583 | } else { |
| 584 | 584 | if ($response['res[1]'] == $status) { |
| 585 | - $txt = $txt . _('on primary RADIUS server') . '.'; |
|
| 585 | + $txt = $txt._('on primary RADIUS server').'.'; |
|
| 586 | 586 | } else { |
| 587 | - $txt = $txt . _('on backup RADIUS server') . '.'; |
|
| 587 | + $txt = $txt._('on backup RADIUS server').'.'; |
|
| 588 | 588 | } |
| 589 | 589 | } |
| 590 | 590 | $mail = \core\common\OutsideComm::mailHandle(); |
| 591 | 591 | $email = $this->getAttributes("support:email")[0]['value']; |
| 592 | - $mail->FromName = \config\Master::APPEARANCE['productname'] . " Notification System"; |
|
| 592 | + $mail->FromName = \config\Master::APPEARANCE['productname']." Notification System"; |
|
| 593 | 593 | $mail->addAddress($email); |
| 594 | 594 | if ($status == 'OK') { |
| 595 | 595 | $mail->Subject = _('RADIUS profile update problem fixed'); |
@@ -623,7 +623,7 @@ discard block |
||
| 623 | 623 | return NULL; |
| 624 | 624 | } |
| 625 | 625 | $timeout = 10; |
| 626 | - curl_setopt($ch, CURLOPT_URL, 'http://' . $host); |
|
| 626 | + curl_setopt($ch, CURLOPT_URL, 'http://'.$host); |
|
| 627 | 627 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); |
| 628 | 628 | curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); |
| 629 | 629 | curl_exec($ch); |
@@ -715,41 +715,41 @@ discard block |
||
| 715 | 715 | { |
| 716 | 716 | $remove = ($this->status == \core\AbstractDeployment::INACTIVE) ? 0 : 1; |
| 717 | 717 | $toPost = ($onlyone ? array($onlyone => '') : array(1 => '', 2 => '')); |
| 718 | - $toPostTemplate = 'instid=' . $this->institution . '&deploymentid=' . $this->identifier . |
|
| 719 | - '&secret=' . $this->secret . |
|
| 720 | - '&country=' . $this->getAttributes("internal:country")[0]['value'] . |
|
| 721 | - '&pskkey=' . $this->pskkey . '&'; |
|
| 718 | + $toPostTemplate = 'instid='.$this->institution.'&deploymentid='.$this->identifier. |
|
| 719 | + '&secret='.$this->secret. |
|
| 720 | + '&country='.$this->getAttributes("internal:country")[0]['value']. |
|
| 721 | + '&pskkey='.$this->pskkey.'&'; |
|
| 722 | 722 | if ($remove) { |
| 723 | - $toPostTemplate = $toPostTemplate . 'remove=1&'; |
|
| 723 | + $toPostTemplate = $toPostTemplate.'remove=1&'; |
|
| 724 | 724 | } else { |
| 725 | - $toPostTemplate = $toPostTemplate . 'operatorname=' . $this->getOperatorName() . '&'; |
|
| 725 | + $toPostTemplate = $toPostTemplate.'operatorname='.$this->getOperatorName().'&'; |
|
| 726 | 726 | if ($this->getAttributes("managedsp:vlan")[0]['value'] ?? NULL) { |
| 727 | 727 | $allRealms = $this->getAllRealms(); |
| 728 | 728 | if (!empty($allRealms)) { |
| 729 | - $toPostTemplate = $toPostTemplate . 'vlan=' . $this->getAttributes("managedsp:vlan")[0]['value'] . '&'; |
|
| 730 | - $toPostTemplate = $toPostTemplate . 'realmforvlan[]=' . implode('&realmforvlan[]=', $allRealms) . '&'; |
|
| 729 | + $toPostTemplate = $toPostTemplate.'vlan='.$this->getAttributes("managedsp:vlan")[0]['value'].'&'; |
|
| 730 | + $toPostTemplate = $toPostTemplate.'realmforvlan[]='.implode('&realmforvlan[]=', $allRealms).'&'; |
|
| 731 | 731 | } |
| 732 | 732 | } |
| 733 | 733 | } |
| 734 | 734 | foreach (array_keys($toPost) as $key) { |
| 735 | - $elem = 'port' . $key; |
|
| 736 | - $toPost[$key] = $toPostTemplate . 'port=' . $this->$elem; |
|
| 735 | + $elem = 'port'.$key; |
|
| 736 | + $toPost[$key] = $toPostTemplate.'port='.$this->$elem; |
|
| 737 | 737 | } |
| 738 | 738 | $response = array(); |
| 739 | 739 | foreach ($toPost as $key => $value) { |
| 740 | - $this->loggerInstance->debug(1, 'toPost ' . $toPost[$key] . "\n"); |
|
| 740 | + $this->loggerInstance->debug(1, 'toPost '.$toPost[$key]."\n"); |
|
| 741 | 741 | // temporarly one server $response['res[' . $key . ']'] = $this->sendToRADIUS($key, $toPost[$key]); |
| 742 | 742 | //if ($key == 2) { |
| 743 | 743 | // $response['res[2]'] = 'OK'; |
| 744 | 744 | //} else { |
| 745 | - $response['res[' . $key . ']'] = $this->sendToRADIUS($key, $toPost[$key]); |
|
| 745 | + $response['res['.$key.']'] = $this->sendToRADIUS($key, $toPost[$key]); |
|
| 746 | 746 | //} |
| 747 | 747 | } |
| 748 | 748 | if ($onlyone) { |
| 749 | - $response['res[' . ($onlyone == 1) ? 2 : 1 . ']'] = \core\AbstractDeployment::RADIUS_OK; |
|
| 749 | + $response['res['.($onlyone == 1) ? 2 : 1.']'] = \core\AbstractDeployment::RADIUS_OK; |
|
| 750 | 750 | } |
| 751 | 751 | foreach (array('OK', 'FAILURE') as $status) { |
| 752 | - if ( ( ($status == 'OK' && $notify) || ($status == 'FAILURE') ) && ( in_array($status, $response) ) ) { |
|
| 752 | + if ((($status == 'OK' && $notify) || ($status == 'FAILURE')) && (in_array($status, $response))) { |
|
| 753 | 753 | $this->sendMailtoAdmin($remove, $response, $status); |
| 754 | 754 | } |
| 755 | 755 | } |
