GEANT /
CAT
@@ -160,7 +160,7 @@ discard block |
||
| 160 | 160 | } else { |
| 161 | 161 | $this->databaseHandle->exec("INSERT INTO ownership (user_id, institution_id, blesslevel, orig_mail) VALUES(?, ?, ?, ?)", "siss", $owner, $catId, $level, $destMail); |
| 162 | 162 | } |
| 163 | - common\Logging::writeAudit_s((string) $owner, "OWN", "IdP " . $invitationDetails['cat_institution_id'] . " - added user as owner"); |
|
| 163 | + common\Logging::writeAudit_s((string) $owner, "OWN", "IdP ".$invitationDetails['cat_institution_id']." - added user as owner"); |
|
| 164 | 164 | common\Entity::outOfThePotatoes(); |
| 165 | 165 | return new IdP($invitationDetails['cat_institution_id']); |
| 166 | 166 | } |
@@ -174,7 +174,7 @@ discard block |
||
| 174 | 174 | $idp = new IdP($fed->newIdP('TOKEN', $invitationDetails['invite_fortype'], $owner, $invitationDetails['invite_issuer_level'], $invitationDetails['invite_dest_mail'], $bestnameguess)); |
| 175 | 175 | $idp->addAttribute("general:instname", 'C', $bestnameguess); |
| 176 | 176 | } |
| 177 | - common\Logging::writeAudit_s($owner, "NEW", "IdP " . $idp->identifier . " - created from invitation"); |
|
| 177 | + common\Logging::writeAudit_s($owner, "NEW", "IdP ".$idp->identifier." - created from invitation"); |
|
| 178 | 178 | |
| 179 | 179 | // in case we have more admins in the queue which were invited to |
| 180 | 180 | // administer the same inst but haven't redeemed their invitations |
@@ -188,7 +188,7 @@ discard block |
||
| 188 | 188 | WHERE invite_created >= TIMESTAMPADD(DAY, -1, NOW()) AND used = 0 AND name = ? AND country = ? AND ( cat_institution_id IS NULL OR external_db_uniquehandle IS NULL ) ", "ss", $invitationDetails['name'], $invitationDetails['country']); |
| 189 | 189 | // SELECT -> resource, no boolean |
| 190 | 190 | while ($pendingDetail = mysqli_fetch_object(/** @scrutinizer ignore-type */ $otherPending)) { |
| 191 | - $this->databaseHandle->exec("UPDATE invitations SET cat_institution_id = " . $idp->identifier . " WHERE id = " . $pendingDetail->id); |
|
| 191 | + $this->databaseHandle->exec("UPDATE invitations SET cat_institution_id = ".$idp->identifier." WHERE id = ".$pendingDetail->id); |
|
| 192 | 192 | } |
| 193 | 193 | common\Entity::outOfThePotatoes(); |
| 194 | 194 | return $idp; |
@@ -213,7 +213,7 @@ discard block |
||
| 213 | 213 | 'invite_dest_mail' => $_SESSION['auth_email'], |
| 214 | 214 | ]; |
| 215 | 215 | $idp = $this->newIdPFromExternal($extId, $fed, $invitationDetails, $owner, $externalinfo); |
| 216 | - common\Logging::writeAudit_s($owner, "NEW", "IdP " . $idp->identifier . " - created from auto-registration of $extId"); |
|
| 216 | + common\Logging::writeAudit_s($owner, "NEW", "IdP ".$idp->identifier." - created from auto-registration of $extId"); |
|
| 217 | 217 | return $idp; |
| 218 | 218 | } |
| 219 | 219 | |
@@ -335,9 +335,9 @@ discard block |
||
| 335 | 335 | $retval = []; |
| 336 | 336 | $invitations = $this->databaseHandle->exec("SELECT cat_institution_id, country, name, invite_issuer_level, invite_dest_mail, invite_token , TIMESTAMPADD(DAY, 1, invite_created) as expiry |
| 337 | 337 | FROM invitations |
| 338 | - WHERE cat_institution_id " . ( $idpIdentifier != 0 ? "= $idpIdentifier" : "IS NULL") . " AND invite_created >= TIMESTAMPADD(DAY, -1, NOW()) AND used = 0"); |
|
| 338 | + WHERE cat_institution_id " . ($idpIdentifier != 0 ? "= $idpIdentifier" : "IS NULL")." AND invite_created >= TIMESTAMPADD(DAY, -1, NOW()) AND used = 0"); |
|
| 339 | 339 | // SELECT -> resource, not boolean |
| 340 | - common\Logging::debug_s(4, "Retrieving pending invitations for " . ($idpIdentifier != 0 ? "IdP $idpIdentifier" : "IdPs awaiting initial creation" ) . ".\n"); |
|
| 340 | + common\Logging::debug_s(4, "Retrieving pending invitations for ".($idpIdentifier != 0 ? "IdP $idpIdentifier" : "IdPs awaiting initial creation").".\n"); |
|
| 341 | 341 | while ($invitationQuery = mysqli_fetch_object(/** @scrutinizer ignore-type */ $invitations)) { |
| 342 | 342 | $retval[] = ["country" => $invitationQuery->country, "name" => $invitationQuery->name, "mail" => $invitationQuery->invite_dest_mail, "token" => $invitationQuery->invite_token, "expiry" => $invitationQuery->expiry]; |
| 343 | 343 | } |
@@ -409,7 +409,7 @@ discard block |
||
| 409 | 409 | // these require no further checking |
| 410 | 410 | foreach ($extInstListTmp as $country => $extInstCountryList) { |
| 411 | 411 | $len = count($extInstCountryList); |
| 412 | - for($i = 0; $i < $len; ++$i) { |
|
| 412 | + for ($i = 0; $i < $len; ++$i) { |
|
| 413 | 413 | $extInst = $extInstCountryList[$i]; |
| 414 | 414 | if ($extInst['inst_id'] != NULL && in_array($extInst['inst_id'], $this->currentInstitutions['existing'])) { |
| 415 | 415 | unset($extInstList[$country][$i]); |
@@ -500,7 +500,7 @@ discard block |
||
| 500 | 500 | $names = $disectedNames['joint']; |
| 501 | 501 | $realms = ExternalEduroamDBData::dissectCollapsedInstitutionRealms($extInst['realm']); |
| 502 | 502 | $foundMatch = $this->checkForSimilarInstitutions($names, $realms); |
| 503 | - common\Logging::debug_s(4, $foundMatch, "checkForSimilarInstitutions returned: ","\n"); |
|
| 503 | + common\Logging::debug_s(4, $foundMatch, "checkForSimilarInstitutions returned: ", "\n"); |
|
| 504 | 504 | if ($foundMatch == 0) { |
| 505 | 505 | $this->currentInstitutions['new'][] = [$extInst['external_db_id'], $disectedNames['perlang'], $country]; |
| 506 | 506 | } |
@@ -49,7 +49,7 @@ discard block |
||
| 49 | 49 | */ |
| 50 | 50 | private function writeToFile($filename, $message) |
| 51 | 51 | { |
| 52 | - file_put_contents(\config\Master::PATHS['logdir'] . "/$filename", sprintf("%-015s", microtime(TRUE)) . $message, FILE_APPEND); |
|
| 52 | + file_put_contents(\config\Master::PATHS['logdir']."/$filename", sprintf("%-015s", microtime(TRUE)).$message, FILE_APPEND); |
|
| 53 | 53 | } |
| 54 | 54 | |
| 55 | 55 | /** |
@@ -61,7 +61,7 @@ discard block |
||
| 61 | 61 | */ |
| 62 | 62 | private static function writeToFile_s($filename, $message) |
| 63 | 63 | { |
| 64 | - file_put_contents(\config\Master::PATHS['logdir'] . "/$filename", sprintf("%-015s", microtime(TRUE)) . $message, FILE_APPEND); |
|
| 64 | + file_put_contents(\config\Master::PATHS['logdir']."/$filename", sprintf("%-015s", microtime(TRUE)).$message, FILE_APPEND); |
|
| 65 | 65 | } |
| 66 | 66 | |
| 67 | 67 | /** |
@@ -89,9 +89,9 @@ discard block |
||
| 89 | 89 | $output .= " [$file / $function / $line] "; |
| 90 | 90 | } |
| 91 | 91 | if (is_string($stuff)) { |
| 92 | - $output .= $prefix . $stuff . $suffix; |
|
| 92 | + $output .= $prefix.$stuff.$suffix; |
|
| 93 | 93 | } else { |
| 94 | - $output .= $prefix . var_export($stuff, TRUE) . $suffix; |
|
| 94 | + $output .= $prefix.var_export($stuff, TRUE).$suffix; |
|
| 95 | 95 | } |
| 96 | 96 | $this->writeToFile("debug.log", $output); |
| 97 | 97 | |
@@ -123,9 +123,9 @@ discard block |
||
| 123 | 123 | $output .= " [$file / $function / $line] "; |
| 124 | 124 | } |
| 125 | 125 | if (is_string($stuff)) { |
| 126 | - $output .= $prefix . $stuff . $suffix; |
|
| 126 | + $output .= $prefix.$stuff.$suffix; |
|
| 127 | 127 | } else { |
| 128 | - $output .= $prefix . var_export($stuff, TRUE) . $suffix; |
|
| 128 | + $output .= $prefix.var_export($stuff, TRUE).$suffix; |
|
| 129 | 129 | } |
| 130 | 130 | self::writeToFile_s("debug.log", $output); |
| 131 | 131 | return; |
@@ -201,7 +201,7 @@ discard block |
||
| 201 | 201 | $logTextStep1 = preg_replace("/[\n\r]/", "", $query); |
| 202 | 202 | $logTextStep2 = preg_replace("/ +/", " ", $logTextStep1); |
| 203 | 203 | $logTextStep3 = iconv("UTF-8", "UTF-8//IGNORE", $logTextStep2); |
| 204 | - $this->writeToFile("audit-SQL.log", " " . $logTextStep3 . "\n"); |
|
| 204 | + $this->writeToFile("audit-SQL.log", " ".$logTextStep3."\n"); |
|
| 205 | 205 | } |
| 206 | 206 | |
| 207 | 207 | |
@@ -219,6 +219,6 @@ discard block |
||
| 219 | 219 | $logTextStep1 = preg_replace("/[\n\r]/", "", $query); |
| 220 | 220 | $logTextStep2 = preg_replace("/ +/", " ", $logTextStep1); |
| 221 | 221 | $logTextStep3 = iconv("UTF-8", "UTF-8//IGNORE", $logTextStep2); |
| 222 | - self::writeToFile_s("audit-SQL.log", " " . $logTextStep3 . "\n"); |
|
| 222 | + self::writeToFile_s("audit-SQL.log", " ".$logTextStep3."\n"); |
|
| 223 | 223 | } |
| 224 | 224 | } |
| 225 | 225 | \ No newline at end of file |
@@ -173,8 +173,8 @@ discard block |
||
| 173 | 173 | return false; |
| 174 | 174 | } |
| 175 | 175 | $entityId = $matches[1]; |
| 176 | - $url = \config\Diagnostics::EDUGAINRESOLVER['url'] . "?action=get_entity_name&type=idp&opt=2&e_id=$entityId"; |
|
| 177 | - \core\common\Logging::debug_s(4, $url, "URL: ","\n"); |
|
| 176 | + $url = \config\Diagnostics::EDUGAINRESOLVER['url']."?action=get_entity_name&type=idp&opt=2&e_id=$entityId"; |
|
| 177 | + \core\common\Logging::debug_s(4, $url, "URL: ", "\n"); |
|
| 178 | 178 | $ch = curl_init($url); |
| 179 | 179 | if ($ch === false) { |
| 180 | 180 | $loggerInstance->debug(2, "Unable ask eduGAIN about IdP - CURL init failed!"); |
@@ -200,10 +200,10 @@ discard block |
||
| 200 | 200 | return false; |
| 201 | 201 | } |
| 202 | 202 | if ($responseDetails['name'] === null) { |
| 203 | - \core\common\Logging::debug_s(4,"User not in eduGAIN\n"); |
|
| 203 | + \core\common\Logging::debug_s(4, "User not in eduGAIN\n"); |
|
| 204 | 204 | return false; |
| 205 | 205 | } |
| 206 | - \core\common\Logging::debug_s(4,"User in eduGAIN\n"); |
|
| 206 | + \core\common\Logging::debug_s(4, "User in eduGAIN\n"); |
|
| 207 | 207 | $_SESSION['eduGAIN'] = $responseDetails['regauth']; |
| 208 | 208 | return true; |
| 209 | 209 | } |
@@ -243,7 +243,7 @@ discard block |
||
| 243 | 243 | * @return boolean did it work? |
| 244 | 244 | */ |
| 245 | 245 | public static function sendMailToCATadmins($subject, $content) { |
| 246 | - if (!isset(\config\Master::APPEARANCE['cat-admin-mail']) || \config\Master::APPEARANCE['cat-admin-mail'] === []) { |
|
| 246 | + if (!isset(\config\Master::APPEARANCE['cat-admin-mail']) || \config\Master::APPEARANCE['cat-admin-mail'] === []) { |
|
| 247 | 247 | return; |
| 248 | 248 | } |
| 249 | 249 | foreach (\config\Master::APPEARANCE['cat-admin-mail'] as $mailaddr) { |
@@ -266,8 +266,8 @@ discard block |
||
| 266 | 266 | common\Entity::intoThePotatoes(); |
| 267 | 267 | $mail = \core\common\OutsideComm::mailHandle(); |
| 268 | 268 | // who to whom? |
| 269 | - $mail->FromName = \config\Master::APPEARANCE['productname'] . " Notification System"; |
|
| 270 | - $mail->addReplyTo(\config\Master::APPEARANCE['support-contact']['developer-mail'], \config\Master::APPEARANCE['productname'] . " " . _("Feedback")); |
|
| 269 | + $mail->FromName = \config\Master::APPEARANCE['productname']." Notification System"; |
|
| 270 | + $mail->addReplyTo(\config\Master::APPEARANCE['support-contact']['developer-mail'], \config\Master::APPEARANCE['productname']." "._("Feedback")); |
|
| 271 | 271 | $mail->addAddress($mailaddr); |
| 272 | 272 | // what do we want to say? |
| 273 | 273 | $mail->Subject = $subject; |
@@ -333,7 +333,7 @@ discard block |
||
| 333 | 333 | } |
| 334 | 334 | $lookFor .= "$name"; |
| 335 | 335 | } |
| 336 | - $finding = preg_match("/^(" . $lookFor . "):(.*)/", $oneRow->user_id, $matches); |
|
| 336 | + $finding = preg_match("/^(".$lookFor."):(.*)/", $oneRow->user_id, $matches); |
|
| 337 | 337 | if ($finding === 0 || $finding === false) { |
| 338 | 338 | return false; |
| 339 | 339 | } |
@@ -352,7 +352,7 @@ discard block |
||
| 352 | 352 | $matchedProviders[] = $idp; |
| 353 | 353 | $name = $idp; |
| 354 | 354 | if ($skipCurl == 0) { |
| 355 | - $url = \config\Diagnostics::EDUGAINRESOLVER['url'] . "?action=get_entity_name&type=idp&e_id=$idp&lang=$lang"; |
|
| 355 | + $url = \config\Diagnostics::EDUGAINRESOLVER['url']."?action=get_entity_name&type=idp&e_id=$idp&lang=$lang"; |
|
| 356 | 356 | $ch = curl_init($url); |
| 357 | 357 | if ($ch === false) { |
| 358 | 358 | $loggerInstance->debug(2, "Unable ask eduGAIN about IdP - CURL init failed!"); |
@@ -377,7 +377,7 @@ discard block |
||
| 377 | 377 | } |
| 378 | 378 | curl_close($ch); |
| 379 | 379 | } |
| 380 | - $listOfProviders[] = User::PROVIDER_STRINGS[$providerStrings[0]] . " - IdP: " . $name; |
|
| 380 | + $listOfProviders[] = User::PROVIDER_STRINGS[$providerStrings[0]]." - IdP: ".$name; |
|
| 381 | 381 | } |
| 382 | 382 | break; |
| 383 | 383 | case $providerStrings[2]: |
@@ -393,7 +393,7 @@ discard block |
||
| 393 | 393 | return false; |
| 394 | 394 | } |
| 395 | 395 | } |
| 396 | - \core\common\Logging::debug_s(4,$listOfProviders, "PROVIDERS:\n", "\n"); |
|
| 396 | + \core\common\Logging::debug_s(4, $listOfProviders, "PROVIDERS:\n", "\n"); |
|
| 397 | 397 | return $listOfProviders; |
| 398 | 398 | } |
| 399 | 399 | } |
| 400 | 400 | \ No newline at end of file |
@@ -17,9 +17,9 @@ discard block |
||
| 17 | 17 | class CertificationAuthorityEduPki extends EntityWithDBProperties implements CertificationAuthorityInterface |
| 18 | 18 | { |
| 19 | 19 | |
| 20 | - private const LOCATION_RA_CERT = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 21 | - private const LOCATION_RA_KEY = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 22 | - private const LOCATION_WEBROOT = ROOT . "/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 20 | + private const LOCATION_RA_CERT = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 21 | + private const LOCATION_RA_KEY = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 22 | + private const LOCATION_WEBROOT = ROOT."/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 23 | 23 | private const EDUPKI_RA_ID = 700; |
| 24 | 24 | private const EDUPKI_CERT_PROFILE = "User SOAP"; |
| 25 | 25 | private const EDUPKI_RA_PKEY_PASSPHRASE = "..."; |
@@ -35,13 +35,13 @@ discard block |
||
| 35 | 35 | parent::__construct(); |
| 36 | 36 | |
| 37 | 37 | if (stat(CertificationAuthorityEduPki::LOCATION_RA_CERT) === FALSE) { |
| 38 | - throw new Exception("RA operator PEM file not found: " . CertificationAuthorityEduPki::LOCATION_RA_CERT); |
|
| 38 | + throw new Exception("RA operator PEM file not found: ".CertificationAuthorityEduPki::LOCATION_RA_CERT); |
|
| 39 | 39 | } |
| 40 | 40 | if (stat(CertificationAuthorityEduPki::LOCATION_RA_KEY) === FALSE) { |
| 41 | - throw new Exception("RA operator private key file not found: " . CertificationAuthorityEduPki::LOCATION_RA_KEY); |
|
| 41 | + throw new Exception("RA operator private key file not found: ".CertificationAuthorityEduPki::LOCATION_RA_KEY); |
|
| 42 | 42 | } |
| 43 | 43 | if (stat(CertificationAuthorityEduPki::LOCATION_WEBROOT) === FALSE) { |
| 44 | - throw new Exception("CA website root CA file not found: " . CertificationAuthorityEduPki::LOCATION_WEBROOT); |
|
| 44 | + throw new Exception("CA website root CA file not found: ".CertificationAuthorityEduPki::LOCATION_WEBROOT); |
|
| 45 | 45 | } |
| 46 | 46 | } |
| 47 | 47 | |
@@ -75,19 +75,19 @@ discard block |
||
| 75 | 75 | // initialise connection to eduPKI CA / eduroam RA and send the request to them |
| 76 | 76 | try { |
| 77 | 77 | $altArray = [# Array mit den Subject Alternative Names |
| 78 | - "email:" . $csr["USERNAME"] |
|
| 78 | + "email:".$csr["USERNAME"] |
|
| 79 | 79 | ]; |
| 80 | 80 | $soapPub = $this->initEduPKISoapSession("PUBLIC"); |
| 81 | 81 | $this->loggerInstance->debug(5, "FIRST ACTUAL SOAP REQUEST (Public, newRequest)!\n"); |
| 82 | - $this->loggerInstance->debug(5, "PARAM_1: " . CertificationAuthorityEduPki::EDUPKI_RA_ID . "\n"); |
|
| 83 | - $this->loggerInstance->debug(5, "PARAM_2: " . $csr["CSR_STRING"] . "\n"); |
|
| 82 | + $this->loggerInstance->debug(5, "PARAM_1: ".CertificationAuthorityEduPki::EDUPKI_RA_ID."\n"); |
|
| 83 | + $this->loggerInstance->debug(5, "PARAM_2: ".$csr["CSR_STRING"]."\n"); |
|
| 84 | 84 | $this->loggerInstance->debug(5, "PARAM_3: "); |
| 85 | 85 | $this->loggerInstance->debug(5, $altArray); |
| 86 | - $this->loggerInstance->debug(5, "PARAM_4: " . CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE . "\n"); |
|
| 87 | - $this->loggerInstance->debug(5, "PARAM_5: " . sha1("notused") . "\n"); |
|
| 88 | - $this->loggerInstance->debug(5, "PARAM_6: " . $csr["USERNAME"] . "\n"); |
|
| 89 | - $this->loggerInstance->debug(5, "PARAM_7: " . $csr["USERNAME"] . "\n"); |
|
| 90 | - $this->loggerInstance->debug(5, "PARAM_8: " . \config\ConfAssistant::SILVERBULLET['product_name'] . "\n"); |
|
| 86 | + $this->loggerInstance->debug(5, "PARAM_4: ".CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE."\n"); |
|
| 87 | + $this->loggerInstance->debug(5, "PARAM_5: ".sha1("notused")."\n"); |
|
| 88 | + $this->loggerInstance->debug(5, "PARAM_6: ".$csr["USERNAME"]."\n"); |
|
| 89 | + $this->loggerInstance->debug(5, "PARAM_7: ".$csr["USERNAME"]."\n"); |
|
| 90 | + $this->loggerInstance->debug(5, "PARAM_8: ".\config\ConfAssistant::SILVERBULLET['product_name']."\n"); |
|
| 91 | 91 | $this->loggerInstance->debug(5, "PARAM_9: false\n"); |
| 92 | 92 | $soapNewRequest = $soapPub->newRequest( |
| 93 | 93 | CertificationAuthorityEduPki::EDUPKI_RA_ID, # RA-ID |
@@ -109,11 +109,11 @@ discard block |
||
| 109 | 109 | } catch (Exception $e) { |
| 110 | 110 | // PHP 7.1 can do this much better |
| 111 | 111 | if (is_soap_fault($e)) { |
| 112 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: { |
|
| 112 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: { |
|
| 113 | 113 | $e->faultstring |
| 114 | 114 | }\n"); |
| 115 | 115 | } |
| 116 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 116 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 117 | 117 | } |
| 118 | 118 | try { |
| 119 | 119 | $soap = $this->initEduPKISoapSession("RA"); |
@@ -125,8 +125,8 @@ discard block |
||
| 125 | 125 | $soapReqnum, [ |
| 126 | 126 | "RaID" => CertificationAuthorityEduPki::EDUPKI_RA_ID, |
| 127 | 127 | "Role" => CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE, |
| 128 | - "Subject" => "DC=eduroam,DC=test,DC=test,C=" . $csr["FED"] . ",O=" . \config\ConfAssistant::CONSORTIUM['name'] . ",OU=" . $csr["FED"] . ",CN=" . $csr['USERNAME'] . ",emailAddress=" . $csr['USERNAME'], |
|
| 129 | - "SubjectAltNames" => ["email:" . $csr["USERNAME"]], |
|
| 128 | + "Subject" => "DC=eduroam,DC=test,DC=test,C=".$csr["FED"].",O=".\config\ConfAssistant::CONSORTIUM['name'].",OU=".$csr["FED"].",CN=".$csr['USERNAME'].",emailAddress=".$csr['USERNAME'], |
|
| 129 | + "SubjectAltNames" => ["email:".$csr["USERNAME"]], |
|
| 130 | 130 | "NotBefore" => (new \DateTime())->format('c'), |
| 131 | 131 | "NotAfter" => $expiry->format('c'), |
| 132 | 132 | ] |
@@ -145,7 +145,7 @@ discard block |
||
| 145 | 145 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 146 | 146 | // rather than just using the string. Grr. |
| 147 | 147 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 148 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapCleartext); |
|
| 148 | + file_put_contents($tempdir['dir']."/content.txt", $soapCleartext); |
|
| 149 | 149 | // retrieve our RA cert from filesystem |
| 150 | 150 | // the RA certificates are not needed right now because we |
| 151 | 151 | // have resorted to S/MIME signatures with openssl command-line |
@@ -157,7 +157,7 @@ discard block |
||
| 157 | 157 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 158 | 158 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 159 | 159 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n $soapCleartext\n"); |
| 160 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 160 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 161 | 161 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 162 | 162 | $output = []; |
| 163 | 163 | $return = 999; |
@@ -166,14 +166,14 @@ discard block |
||
| 166 | 166 | throw new Exception("Non-zero return value from openssl smime!"); |
| 167 | 167 | } |
| 168 | 168 | // and get the signature blob back from the filesystem |
| 169 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 169 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 170 | 170 | $this->loggerInstance->debug(5, "Request for server approveRequest has parameters:\n"); |
| 171 | - $this->loggerInstance->debug(5, $soapReqnum . "\n"); |
|
| 172 | - $this->loggerInstance->debug(5, $soapCleartext . "\n"); // PHP magically encodes this as base64 while sending! |
|
| 173 | - $this->loggerInstance->debug(5, $detachedSig . "\n"); |
|
| 171 | + $this->loggerInstance->debug(5, $soapReqnum."\n"); |
|
| 172 | + $this->loggerInstance->debug(5, $soapCleartext."\n"); // PHP magically encodes this as base64 while sending! |
|
| 173 | + $this->loggerInstance->debug(5, $detachedSig."\n"); |
|
| 174 | 174 | $soapIssueCert = $soap->approveRequest($soapReqnum, $soapCleartext, $detachedSig); |
| 175 | - $this->loggerInstance->debug(5, "approveRequest Request was: \n" . $soap->__getLastRequest()); |
|
| 176 | - $this->loggerInstance->debug(5, "approveRequest Response was: \n" . $soap->__getLastResponse()); |
|
| 175 | + $this->loggerInstance->debug(5, "approveRequest Request was: \n".$soap->__getLastRequest()); |
|
| 176 | + $this->loggerInstance->debug(5, "approveRequest Response was: \n".$soap->__getLastResponse()); |
|
| 177 | 177 | if ($soapIssueCert === FALSE) { |
| 178 | 178 | throw new Exception("The locally approved request was NOT processed by the CA."); |
| 179 | 179 | } |
@@ -210,9 +210,9 @@ discard block |
||
| 210 | 210 | throw new Exception("CAInfo has no root certificate for us!"); |
| 211 | 211 | } |
| 212 | 212 | } catch (SoapFault $e) { |
| 213 | - throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 213 | + throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 214 | 214 | } catch (Exception $e) { |
| 215 | - throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage()); |
|
| 215 | + throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage()); |
|
| 216 | 216 | } |
| 217 | 217 | return [ |
| 218 | 218 | "CERT" => openssl_x509_read($parsedCert['pem']), |
@@ -245,12 +245,12 @@ discard block |
||
| 245 | 245 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 246 | 246 | // rather than just using the string. Grr. |
| 247 | 247 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 248 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapRawRevRequest); |
|
| 248 | + file_put_contents($tempdir['dir']."/content.txt", $soapRawRevRequest); |
|
| 249 | 249 | // retrieve our RA cert from filesystem |
| 250 | 250 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 251 | 251 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 252 | 252 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n$soapRawRevRequest\n"); |
| 253 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . CertificationAuthorityEduPki::LOCATION_RA_KEY . " -signer " . CertificationAuthorityEduPki::LOCATION_RA_CERT; |
|
| 253 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".CertificationAuthorityEduPki::LOCATION_RA_KEY." -signer ".CertificationAuthorityEduPki::LOCATION_RA_CERT; |
|
| 254 | 254 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 255 | 255 | $output = []; |
| 256 | 256 | $return = 999; |
@@ -259,7 +259,7 @@ discard block |
||
| 259 | 259 | throw new Exception("Non-zero return value from openssl smime!"); |
| 260 | 260 | } |
| 261 | 261 | // and get the signature blob back from the filesystem |
| 262 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 262 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 263 | 263 | $soapIssueRev = $soap->approveRevocationRequest($soapRevocationSerial, $soapRawRevRequest, $detachedSig); |
| 264 | 264 | if ($soapIssueRev === FALSE) { |
| 265 | 265 | throw new Exception("The locally approved revocation request was NOT processed by the CA."); |
@@ -267,9 +267,9 @@ discard block |
||
| 267 | 267 | } catch (Exception $e) { |
| 268 | 268 | // PHP 7.1 can do this much better |
| 269 | 269 | if (is_soap_fault($e)) { |
| 270 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: {$e->faultstring}\n"); |
|
| 270 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: {$e->faultstring}\n"); |
|
| 271 | 271 | } |
| 272 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 272 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 273 | 273 | } |
| 274 | 274 | } |
| 275 | 275 | |
@@ -289,7 +289,7 @@ discard block |
||
| 289 | 289 | 'http' => [ |
| 290 | 290 | 'timeout' => 60, |
| 291 | 291 | 'user_agent' => 'Stefan', |
| 292 | - 'header'=> array( "Accept-language: en" ), |
|
| 292 | + 'header'=> array("Accept-language: en"), |
|
| 293 | 293 | 'protocol_version' => 1.1 |
| 294 | 294 | ], |
| 295 | 295 | 'ssl' => [ |
@@ -370,9 +370,9 @@ discard block |
||
| 370 | 370 | */ |
| 371 | 371 | public function soapToXmlInteger($x) |
| 372 | 372 | { |
| 373 | - return '<' . $x[0] . '>' |
|
| 373 | + return '<'.$x[0].'>' |
|
| 374 | 374 | . htmlentities($x[1], ENT_NOQUOTES | ENT_XML1) |
| 375 | - . '</' . $x[0] . '>'; |
|
| 375 | + . '</'.$x[0].'>'; |
|
| 376 | 376 | } |
| 377 | 377 | |
| 378 | 378 | /** |
@@ -391,9 +391,9 @@ discard block |
||
| 391 | 391 | // dump private key into directory |
| 392 | 392 | $outstring = ""; |
| 393 | 393 | openssl_pkey_export($privateKey, $outstring); |
| 394 | - file_put_contents($tempdir . "/pkey.pem", $outstring); |
|
| 394 | + file_put_contents($tempdir."/pkey.pem", $outstring); |
|
| 395 | 395 | // PHP can only do one DC in the Subject. But we need three. |
| 396 | - $execCmd = \config\Master::PATHS['openssl'] . " req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 396 | + $execCmd = \config\Master::PATHS['openssl']." req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 397 | 397 | $this->loggerInstance->debug(2, "Calling openssl req with following cmdline: $execCmd\n"); |
| 398 | 398 | $output = []; |
| 399 | 399 | $return = 999; |
@@ -27,7 +27,7 @@ discard block |
||
| 27 | 27 | */ |
| 28 | 28 | ?> |
| 29 | 29 | <?php |
| 30 | -require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
| 30 | +require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php"; |
|
| 31 | 31 | |
| 32 | 32 | |
| 33 | 33 | $deco = new \web\lib\admin\PageDecoration(); |
@@ -41,10 +41,10 @@ discard block |
||
| 41 | 41 | ( $_POST['consortium'] == "OpenRoaming" && count($myfed->getAttributes("fed:openroaming")) > 0 ) |
| 42 | 42 | ) |
| 43 | 43 | ) {*/ |
| 44 | - if (isset($_POST['consortium']) && $_POST['consortium'] == "eduroam") |
|
| 44 | + if (isset($_POST['consortium']) && $_POST['consortium'] == "eduroam") |
|
| 45 | 45 | { |
| 46 | 46 | $deployment = $my_inst->newDeployment(\core\AbstractDeployment::DEPLOYMENTTYPE_MANAGED, $_POST['consortium']); |
| 47 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '#profilebox_' . $deployment->identifier); |
|
| 47 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'#profilebox_'.$deployment->identifier); |
|
| 48 | 48 | exit(0); |
| 49 | 49 | } else { |
| 50 | 50 | throw new Exception("Desired consortium for Managed SP needs to be specified, and allowed!"); |
@@ -101,19 +101,19 @@ discard block |
||
| 101 | 101 | if (isset($_POST['agreement']) && $_POST['agreement'] == "true") { |
| 102 | 102 | $deployment->addAttribute("hiddenmanagedsp:tou_accepted", NULL, 1); |
| 103 | 103 | } |
| 104 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '#profilebox_' . $deployment->identifier); |
|
| 104 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'#profilebox_'.$deployment->identifier); |
|
| 105 | 105 | exit(0); |
| 106 | 106 | case web\lib\common\FormElements::BUTTON_DELETE: |
| 107 | 107 | $response = $deployment->setRADIUSconfig(); |
| 108 | 108 | if (in_array('OK', $response)) { |
| 109 | 109 | $deployment->deactivate(); |
| 110 | 110 | } |
| 111 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '&' . urldecode(http_build_query($response)) . '#profilebox_' . |
|
| 111 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'&'.urldecode(http_build_query($response)).'#profilebox_'. |
|
| 112 | 112 | $deployment->identifier); |
| 113 | 113 | exit(0); |
| 114 | 114 | case web\lib\common\FormElements::BUTTON_REMOVESP: |
| 115 | 115 | $deployment->remove(); |
| 116 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier); |
|
| 116 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier); |
|
| 117 | 117 | exit(0); |
| 118 | 118 | case web\lib\common\FormElements::BUTTON_RENEWTLS: |
| 119 | 119 | $data = openssl_x509_parse($deployment->radsec_cert); |
@@ -124,14 +124,14 @@ discard block |
||
| 124 | 124 | $torevoke = implode('#', $certdata); |
| 125 | 125 | $response = $deployment->setRADIUSconfig(0, 0, $torevoke); |
| 126 | 126 | $deployment->renewtls(); |
| 127 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '#profilebox_' . $deployment->identifier); |
|
| 127 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'#profilebox_'.$deployment->identifier); |
|
| 128 | 128 | exit(0); |
| 129 | 129 | case web\lib\common\FormElements::BUTTON_USECSR: |
| 130 | 130 | if (isset($_FILES['upload']) && $_FILES['upload']['size'] > 0) { |
| 131 | 131 | $csrpem = file_get_contents($_FILES['upload']['tmp_name']); |
| 132 | 132 | if ($csrpem === FALSE) { |
| 133 | 133 | // seems we can't work with this file for some reason. Ignore. |
| 134 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '&errormsg=NOCSR_' . $deployment->identifier . '#profilebox_' . $deployment->identifier); |
|
| 134 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'&errormsg=NOCSR_'.$deployment->identifier.'#profilebox_'.$deployment->identifier); |
|
| 135 | 135 | exit(0); |
| 136 | 136 | } |
| 137 | 137 | $csr = new \phpseclib3\File\X509(); |
@@ -146,10 +146,10 @@ discard block |
||
| 146 | 146 | $torevoke = implode('#', $certdata); |
| 147 | 147 | $response = $deployment->setRADIUSconfig(0, 0, $torevoke); |
| 148 | 148 | $deployment->tlsfromcsr($csr); |
| 149 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '#profilebox_' . $deployment->identifier); |
|
| 149 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'#profilebox_'.$deployment->identifier); |
|
| 150 | 150 | exit(0); |
| 151 | 151 | } else { |
| 152 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '&errormsg=WRONGCSR_' . $deployment->identifier . '#profilebox_' . $deployment->identifier); |
|
| 152 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'&errormsg=WRONGCSR_'.$deployment->identifier.'#profilebox_'.$deployment->identifier); |
|
| 153 | 153 | exit(0); |
| 154 | 154 | } |
| 155 | 155 | } |
@@ -159,7 +159,7 @@ discard block |
||
| 159 | 159 | if (in_array('OK', $response)) { |
| 160 | 160 | $deployment->activate(); |
| 161 | 161 | } |
| 162 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '&' . urldecode(http_build_query($response)) . '#profilebox_' . $deployment->identifier); |
|
| 162 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'&'.urldecode(http_build_query($response)).'#profilebox_'.$deployment->identifier); |
|
| 163 | 163 | exit(0); |
| 164 | 164 | } else { |
| 165 | 165 | throw new Exception("Activate button pushed without acknowledged ToUs!"); |
@@ -192,7 +192,7 @@ discard block |
||
| 192 | 192 | } else { |
| 193 | 193 | $response = ['NOOP', 'NOOP']; |
| 194 | 194 | } |
| 195 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '&' . urldecode(http_build_query($response)) . '#profilebox_' . $deployment->identifier); |
|
| 195 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'&'.urldecode(http_build_query($response)).'#profilebox_'.$deployment->identifier); |
|
| 196 | 196 | exit(0); |
| 197 | 197 | default: |
| 198 | 198 | throw new Exception("Unknown button action requested!"); |
@@ -201,10 +201,10 @@ discard block |
||
| 201 | 201 | if (isset($_POST['command'])) { |
| 202 | 202 | switch ($_POST['command']) { |
| 203 | 203 | case web\lib\common\FormElements::BUTTON_CLOSE: |
| 204 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier) . '#profilebox_' . $deployment->identifier; |
|
| 204 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier).'#profilebox_'.$deployment->identifier; |
|
| 205 | 205 | exit(0); |
| 206 | 206 | default: |
| 207 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '#profilebox_' . $deployment->identifier); |
|
| 207 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'#profilebox_'.$deployment->identifier); |
|
| 208 | 208 | exit(0); |
| 209 | 209 | } |
| 210 | 210 | } |
@@ -230,7 +230,7 @@ discard block |
||
| 230 | 230 | echo $uiElements->instLevelInfoBoxes($my_inst); |
| 231 | 231 | $deploymentOptions = $deployment->getAttributes(); |
| 232 | 232 | echo "<form enctype='multipart/form-data' action='edit_hotspot.php?inst_id=$my_inst->identifier&deployment_id=$deployment->identifier' method='post' accept-charset='UTF-8'> |
| 233 | - <input type='hidden' name='MAX_FILE_SIZE' value='" . \config\Master::MAX_UPLOAD_SIZE . "'>"; |
|
| 233 | + <input type='hidden' name='MAX_FILE_SIZE' value='".\config\Master::MAX_UPLOAD_SIZE."'>"; |
|
| 234 | 234 | $optionDisplay = new \web\lib\admin\OptionDisplay($deploymentOptions, \core\Options::LEVEL_PROFILE); |
| 235 | 235 | ?> |
| 236 | 236 | <fieldset class='option_container' id='managedsp_override'> |
@@ -264,7 +264,7 @@ discard block |
||
| 264 | 264 | <!-- input for VLAN identifier for guests--> |
| 265 | 265 | <td> |
| 266 | 266 | <span id='guest_vlan_label'> |
| 267 | - <?php echo sprintf(_("VLAN tag for guests:"), ($guest_vlan === NULL ? "" : " " . _("(unset with '0')"))); ?> |
|
| 267 | + <?php echo sprintf(_("VLAN tag for guests:"), ($guest_vlan === NULL ? "" : " "._("(unset with '0')"))); ?> |
|
| 268 | 268 | </span> |
| 269 | 269 | </td> |
| 270 | 270 | <td> |
@@ -280,7 +280,7 @@ discard block |
||
| 280 | 280 | <!-- input for VLAN identifier for home users--> |
| 281 | 281 | <td> |
| 282 | 282 | <span id='vlan_label'> |
| 283 | - <?php echo sprintf(_("VLAN tag for own users%s:"), ($vlan === NULL ? "" : " " . _("(unset with '0')"))); ?> |
|
| 283 | + <?php echo sprintf(_("VLAN tag for own users%s:"), ($vlan === NULL ? "" : " "._("(unset with '0')"))); ?> |
|
| 284 | 284 | </span> |
| 285 | 285 | </td> |
| 286 | 286 | <td> |
@@ -300,7 +300,7 @@ discard block |
||
| 300 | 300 | </fieldset> |
| 301 | 301 | |
| 302 | 302 | <?php |
| 303 | - echo "<p><button type='submit' name='submitbutton' class='deploymentopts' value='" . web\lib\common\FormElements::BUTTON_SAVE . "'>" . _("Save data") . "</button><button type='button' class='delete' name='abortbutton' value='abort' onclick='javascript:window.location = \"overview_org.php?inst_id=$my_inst->identifier\"'>" . _("Discard changes") . "</button></p></form>"; |
|
| 303 | + echo "<p><button type='submit' name='submitbutton' class='deploymentopts' value='".web\lib\common\FormElements::BUTTON_SAVE."'>"._("Save data")."</button><button type='button' class='delete' name='abortbutton' value='abort' onclick='javascript:window.location = \"overview_org.php?inst_id=$my_inst->identifier\"'>"._("Discard changes")."</button></p></form>"; |
|
| 304 | 304 | echo $deco->footer(); |
| 305 | 305 | ?> |
| 306 | 306 | <script> |
@@ -19,7 +19,7 @@ |
||
| 19 | 19 | } |
| 20 | 20 | if (isset($_REQUEST['vlan']) && isset($_REQUEST['realmforvlan']) && |
| 21 | 21 | is_array($_REQUEST['realmforvlan'])) { |
| 22 | - $vlans = $_REQUEST['vlan'] . '#' . implode('#', $_REQUEST['realmforvlan']); |
|
| 22 | + $vlans = $_REQUEST['vlan'].'#'.implode('#', $_REQUEST['realmforvlan']); |
|
| 23 | 23 | } |
| 24 | 24 | if (isset($_REQUEST['guest_vlan'])) { |
| 25 | 25 | $guest_vlan = $_REQUEST['guest_vlan']; |
@@ -322,7 +322,7 @@ discard block |
||
| 322 | 322 | $serverCandidates[IdPlist::geoDistance($adminLocation, ['lat' => $iterator->location_lat, 'lon' => $iterator->location_lon])] = $iterator->server_id; |
| 323 | 323 | } |
| 324 | 324 | if ($clients > $maxSupportedClients * 0.9) { |
| 325 | - $this->loggerInstance->debug(1, "A RADIUS server for Managed SP (" . $iterator->server_id . ") is serving at more than 90% capacity!"); |
|
| 325 | + $this->loggerInstance->debug(1, "A RADIUS server for Managed SP (".$iterator->server_id.") is serving at more than 90% capacity!"); |
|
| 326 | 326 | } |
| 327 | 327 | } |
| 328 | 328 | if (count($serverCandidates) == 0 && $federation != "DEFAULT") { |
@@ -344,7 +344,7 @@ discard block |
||
| 344 | 344 | * |
| 345 | 345 | * @throws Exception |
| 346 | 346 | */ |
| 347 | - private function setTLSSerialNumber($max=PHP_INT_MAX) { |
|
| 347 | + private function setTLSSerialNumber($max = PHP_INT_MAX) { |
|
| 348 | 348 | $nonDupSerialFound = FALSE; |
| 349 | 349 | do { |
| 350 | 350 | $serial = random_int(1000000000, $max); |
@@ -364,7 +364,7 @@ discard block |
||
| 364 | 364 | */ |
| 365 | 365 | private function createTLScredentials() |
| 366 | 366 | { |
| 367 | - $clientName = 'SP' . $this->identifier . '-' . $this->institution; |
|
| 367 | + $clientName = 'SP'.$this->identifier.'-'.$this->institution; |
|
| 368 | 368 | $dn = array( |
| 369 | 369 | "organizationName" => "eduroam", |
| 370 | 370 | "organizationalUnitName" => "eduroam Managed SP", |
@@ -378,14 +378,14 @@ discard block |
||
| 378 | 378 | openssl_pkey_export($privkey, $this->radsec_priv); |
| 379 | 379 | // Generate a certificate signing request |
| 380 | 380 | $csr = openssl_csr_new($dn, $privkey, |
| 381 | - array('digest_alg' => 'sha256', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf")); |
|
| 381 | + array('digest_alg' => 'sha256', 'config' => ROOT."/config/ManagedSPCerts/openssl.cnf")); |
|
| 382 | 382 | // get CA certificate and private key |
| 383 | - $caprivkey = array(file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.key"), |
|
| 383 | + $caprivkey = array(file_get_contents(ROOT."/config/ManagedSPCerts/eduroamSP-CA.key"), |
|
| 384 | 384 | \config\Master::MANAGEDSP['capass']); |
| 385 | - $cacert = file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.pem"); |
|
| 385 | + $cacert = file_get_contents(ROOT."/config/ManagedSPCerts/eduroamSP-CA.pem"); |
|
| 386 | 386 | $this->setTLSSerialNumber(); |
| 387 | 387 | $clientcert = openssl_csr_sign($csr, $cacert, $caprivkey, \config\Master::MANAGEDSP['daystoexpiry'], |
| 388 | - array('digest_alg'=>'sha512', 'config' => ROOT . "/config/ManagedSPCerts/openssl.cnf"), $this->radsec_cert_serial_no); |
|
| 388 | + array('digest_alg'=>'sha512', 'config' => ROOT."/config/ManagedSPCerts/openssl.cnf"), $this->radsec_cert_serial_no); |
|
| 389 | 389 | openssl_x509_export($clientcert, $this->radsec_cert); |
| 390 | 390 | } |
| 391 | 391 | /** |
@@ -410,8 +410,8 @@ discard block |
||
| 410 | 410 | $conditional1 = "AND activity_time > DATE_SUB(NOW(), INTERVAL $backlog SECOND )"; |
| 411 | 411 | $conditional2 = "DESC"; |
| 412 | 412 | } |
| 413 | - $client = 'SP' . $this->identifier . '-' . $this->institution; |
|
| 414 | - $stats = $this->databaseHandle->exec("SELECT activity_time, realm, mac, cui, result, ap_id, prot, outer_user FROM activity WHERE owner = ? $conditional1 ORDER BY activity_time $conditional2", "s", $client ); |
|
| 413 | + $client = 'SP'.$this->identifier.'-'.$this->institution; |
|
| 414 | + $stats = $this->databaseHandle->exec("SELECT activity_time, realm, mac, cui, result, ap_id, prot, outer_user FROM activity WHERE owner = ? $conditional1 ORDER BY activity_time $conditional2", "s", $client); |
|
| 415 | 415 | |
| 416 | 416 | return mysqli_fetch_all($stats, \MYSQLI_ASSOC); |
| 417 | 417 | } |
@@ -529,11 +529,11 @@ discard block |
||
| 529 | 529 | $dn['rdnSequence'][1][0]['value']['utf8String'] = 'eduroam Managed SP'; |
| 530 | 530 | $dn['rdnSequence'][2] = array(); |
| 531 | 531 | $dn['rdnSequence'][2][] = array('type' => 'id-at-commonName', 'value' => array()); |
| 532 | - $dn['rdnSequence'][2][0]['value']['utf8String'] = 'SP' . $this->identifier . "-" . $this->institution; |
|
| 532 | + $dn['rdnSequence'][2][0]['value']['utf8String'] = 'SP'.$this->identifier."-".$this->institution; |
|
| 533 | 533 | $csr->setDN($dn); |
| 534 | - $pemcakey = file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.key"); |
|
| 535 | - $cakey = \phpseclib3\Crypt\PublicKeyLoader::loadPrivateKey($pemcakey, \config\Master::MANAGEDSP['capass'] ); |
|
| 536 | - $pemca = file_get_contents(ROOT . "/config/ManagedSPCerts/eduroamSP-CA.pem"); |
|
| 534 | + $pemcakey = file_get_contents(ROOT."/config/ManagedSPCerts/eduroamSP-CA.key"); |
|
| 535 | + $cakey = \phpseclib3\Crypt\PublicKeyLoader::loadPrivateKey($pemcakey, \config\Master::MANAGEDSP['capass']); |
|
| 536 | + $pemca = file_get_contents(ROOT."/config/ManagedSPCerts/eduroamSP-CA.pem"); |
|
| 537 | 537 | $ca = new \phpseclib3\File\X509(); |
| 538 | 538 | $ca->loadX509($pemca); |
| 539 | 539 | $ca->setPrivateKey($cakey); |
@@ -542,7 +542,7 @@ discard block |
||
| 542 | 542 | $csr->setExtension('id-ce-keyUsage', ['digitalSignature', 'nonRepudiation', 'keyEncipherment']); |
| 543 | 543 | $csr->setExtension('id-ce-extKeyUsage', ['id-kp-clientAuth']); |
| 544 | 544 | $csr->setExtension('id-ce-basicConstraints', ['cA' => false], false); |
| 545 | - $x509->setEndDate('+' . \config\Master::MANAGEDSP['daystoexpiry'] . ' days'); |
|
| 545 | + $x509->setEndDate('+'.\config\Master::MANAGEDSP['daystoexpiry'].' days'); |
|
| 546 | 546 | $this->setTLSSerialNumber(999999999999999999); |
| 547 | 547 | $x509->setSerialNumber($this->radsec_cert_serial_no, 10); |
| 548 | 548 | $cert = $x509->loadX509($x509->saveX509($x509->sign($ca, $csr))); |
@@ -584,7 +584,7 @@ discard block |
||
| 584 | 584 | { |
| 585 | 585 | $customAttrib = $this->getAttributes("managedsp:operatorname"); |
| 586 | 586 | if (count($customAttrib) == 0) { |
| 587 | - return "1sp." . $this->identifier . "-" . $this->institution . \config\ConfAssistant::SILVERBULLET['realm_suffix']; |
|
| 587 | + return "1sp.".$this->identifier."-".$this->institution.\config\ConfAssistant::SILVERBULLET['realm_suffix']; |
|
| 588 | 588 | } |
| 589 | 589 | return $customAttrib[0]["value"]; |
| 590 | 590 | } |
@@ -599,14 +599,14 @@ discard block |
||
| 599 | 599 | private function sendToRADIUS(int $idx, $post) |
| 600 | 600 | { |
| 601 | 601 | $hostname = "radius_hostname_$idx"; |
| 602 | - $ch = curl_init("http://" . $this->$hostname . ':' . \config\Master::MANAGEDSP['radiusconfigport']); |
|
| 602 | + $ch = curl_init("http://".$this->$hostname.':'.\config\Master::MANAGEDSP['radiusconfigport']); |
|
| 603 | 603 | if ($ch === FALSE) { |
| 604 | 604 | $res = 'FAILURE'; |
| 605 | 605 | } else { |
| 606 | 606 | curl_setopt($ch, CURLOPT_USERAGENT, "CAT-ManagedSP"); |
| 607 | 607 | curl_setopt($ch, CURLOPT_POST, 1); |
| 608 | 608 | curl_setopt($ch, CURLOPT_POSTFIELDS, $post); |
| 609 | - $this->loggerInstance->debug(1, "Posting to http://" . $this->$hostname . ':' . \config\Master::MANAGEDSP['radiusconfigport'] . "/$post\n"); |
|
| 609 | + $this->loggerInstance->debug(1, "Posting to http://".$this->$hostname.':'.\config\Master::MANAGEDSP['radiusconfigport']."/$post\n"); |
|
| 610 | 610 | curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); |
| 611 | 611 | curl_setopt($ch, CURLOPT_HEADER, 0); |
| 612 | 612 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); |
@@ -645,19 +645,19 @@ discard block |
||
| 645 | 645 | } else { |
| 646 | 646 | $txt = $remove ? _('Profile deactivation failed') : _('Profile activation/modification failed'); |
| 647 | 647 | } |
| 648 | - $txt = $txt . ' '; |
|
| 648 | + $txt = $txt.' '; |
|
| 649 | 649 | if (array_count_values($response)[$status] == 2) { |
| 650 | - $txt = $txt . _('on both RADIUS servers: primary and backup') . '.'; |
|
| 650 | + $txt = $txt._('on both RADIUS servers: primary and backup').'.'; |
|
| 651 | 651 | } else { |
| 652 | 652 | if ($response['res[1]'] == $status) { |
| 653 | - $txt = $txt . _('on primary RADIUS server') . '.'; |
|
| 653 | + $txt = $txt._('on primary RADIUS server').'.'; |
|
| 654 | 654 | } else { |
| 655 | - $txt = $txt . _('on backup RADIUS server') . '.'; |
|
| 655 | + $txt = $txt._('on backup RADIUS server').'.'; |
|
| 656 | 656 | } |
| 657 | 657 | } |
| 658 | 658 | $mail = \core\common\OutsideComm::mailHandle(); |
| 659 | 659 | $email = $this->getAttributes("support:email")[0]['value']; |
| 660 | - $mail->FromName = \config\Master::APPEARANCE['productname'] . " Notification System"; |
|
| 660 | + $mail->FromName = \config\Master::APPEARANCE['productname']." Notification System"; |
|
| 661 | 661 | $mail->addAddress($email); |
| 662 | 662 | if ($status == 'OK') { |
| 663 | 663 | $mail->Subject = _('RADIUS profile update problem fixed'); |
@@ -691,7 +691,7 @@ discard block |
||
| 691 | 691 | return NULL; |
| 692 | 692 | } |
| 693 | 693 | $timeout = 10; |
| 694 | - curl_setopt($ch, CURLOPT_URL, 'http://' . $host); |
|
| 694 | + curl_setopt($ch, CURLOPT_URL, 'http://'.$host); |
|
| 695 | 695 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); |
| 696 | 696 | curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); |
| 697 | 697 | curl_exec($ch); |
@@ -783,52 +783,52 @@ discard block |
||
| 783 | 783 | { |
| 784 | 784 | $toPost = ($onlyone ? array($onlyone => '') : array(1 => '', 2 => '')); |
| 785 | 785 | if ($torevoke != '') { |
| 786 | - $toPostTemplate = 'instid=' . $this->institution . '&deploymentid=' . $this->identifier . |
|
| 786 | + $toPostTemplate = 'instid='.$this->institution.'&deploymentid='.$this->identifier. |
|
| 787 | 787 | "&torevoke=$torevoke"; |
| 788 | 788 | foreach (array_keys($toPost) as $key) { |
| 789 | 789 | $toPost[$key] = $toPostTemplate; |
| 790 | 790 | } |
| 791 | 791 | } else { |
| 792 | 792 | $remove = ($this->status == \core\AbstractDeployment::INACTIVE) ? 0 : 1; |
| 793 | - $toPostTemplate = 'instid=' . $this->institution . '&deploymentid=' . $this->identifier . |
|
| 794 | - '&secret=' . $this->secret . |
|
| 795 | - '&country=' . $this->getAttributes("internal:country")[0]['value'] . |
|
| 796 | - '&pskkey=' . $this->pskkey . '&'; |
|
| 793 | + $toPostTemplate = 'instid='.$this->institution.'&deploymentid='.$this->identifier. |
|
| 794 | + '&secret='.$this->secret. |
|
| 795 | + '&country='.$this->getAttributes("internal:country")[0]['value']. |
|
| 796 | + '&pskkey='.$this->pskkey.'&'; |
|
| 797 | 797 | if ($remove) { |
| 798 | - $toPostTemplate = $toPostTemplate . 'remove=1&'; |
|
| 798 | + $toPostTemplate = $toPostTemplate.'remove=1&'; |
|
| 799 | 799 | } else { |
| 800 | - $toPostTemplate = $toPostTemplate . 'operatorname=' . $this->getOperatorName() . '&'; |
|
| 800 | + $toPostTemplate = $toPostTemplate.'operatorname='.$this->getOperatorName().'&'; |
|
| 801 | 801 | if ($this->getAttributes("managedsp:vlan")[0]['value'] ?? NULL) { |
| 802 | 802 | $allRealms = $this->getAllRealms(); |
| 803 | 803 | if (!empty($allRealms)) { |
| 804 | - $toPostTemplate = $toPostTemplate . 'vlan=' . $this->getAttributes("managedsp:vlan")[0]['value'] . '&'; |
|
| 805 | - $toPostTemplate = $toPostTemplate . 'realmforvlan[]=' . implode('&realmforvlan[]=', $allRealms) . '&'; |
|
| 804 | + $toPostTemplate = $toPostTemplate.'vlan='.$this->getAttributes("managedsp:vlan")[0]['value'].'&'; |
|
| 805 | + $toPostTemplate = $toPostTemplate.'realmforvlan[]='.implode('&realmforvlan[]=', $allRealms).'&'; |
|
| 806 | 806 | } |
| 807 | 807 | } |
| 808 | 808 | if ($this->getAttributes("managedsp:guest_vlan")[0]['value'] ?? NULL) { |
| 809 | - $toPostTemplate = $toPostTemplate . 'guest_vlan=' . $this->getAttributes("managedsp:guest_vlan")[0]['value'] . '&'; |
|
| 809 | + $toPostTemplate = $toPostTemplate.'guest_vlan='.$this->getAttributes("managedsp:guest_vlan")[0]['value'].'&'; |
|
| 810 | 810 | } |
| 811 | 811 | } |
| 812 | 812 | foreach (array_keys($toPost) as $key) { |
| 813 | - $elem = 'port' . $key; |
|
| 814 | - $toPost[$key] = $toPostTemplate . 'port=' . $this->$elem; |
|
| 813 | + $elem = 'port'.$key; |
|
| 814 | + $toPost[$key] = $toPostTemplate.'port='.$this->$elem; |
|
| 815 | 815 | } |
| 816 | 816 | } |
| 817 | 817 | $response = array(); |
| 818 | 818 | foreach ($toPost as $key => $value) { |
| 819 | - $this->loggerInstance->debug(1, 'toPost ' . $toPost[$key] . "\n"); |
|
| 819 | + $this->loggerInstance->debug(1, 'toPost '.$toPost[$key]."\n"); |
|
| 820 | 820 | // temporarly one server $response['res[' . $key . ']'] = $this->sendToRADIUS($key, $toPost[$key]); |
| 821 | 821 | //if ($key == 2) { |
| 822 | 822 | // $response['res[2]'] = 'OK'; |
| 823 | 823 | //} else { |
| 824 | - $response['res[' . $key . ']'] = $this->sendToRADIUS($key, $toPost[$key]); |
|
| 824 | + $response['res['.$key.']'] = $this->sendToRADIUS($key, $toPost[$key]); |
|
| 825 | 825 | //} |
| 826 | 826 | } |
| 827 | 827 | if ($onlyone) { |
| 828 | - $response['res[' . ($onlyone == 1) ? 2 : 1 . ']'] = \core\AbstractDeployment::RADIUS_OK; |
|
| 828 | + $response['res['.($onlyone == 1) ? 2 : 1.']'] = \core\AbstractDeployment::RADIUS_OK; |
|
| 829 | 829 | } |
| 830 | 830 | foreach (array('OK', 'FAILURE') as $status) { |
| 831 | - if ( ( ($status == 'OK' && $notify) || ($status == 'FAILURE') ) && ( in_array($status, $response) ) ) { |
|
| 831 | + if ((($status == 'OK' && $notify) || ($status == 'FAILURE')) && (in_array($status, $response))) { |
|
| 832 | 832 | $this->sendMailtoAdmin($remove, $response, $status); |
| 833 | 833 | } |
| 834 | 834 | } |
