GEANT /
CAT
@@ -24,7 +24,7 @@ discard block |
||
| 24 | 24 | * update the local copy |
| 25 | 25 | */ |
| 26 | 26 | namespace utils; |
| 27 | -require_once dirname(dirname(__FILE__)) . "/config/_config.php"; |
|
| 27 | +require_once dirname(dirname(__FILE__))."/config/_config.php"; |
|
| 28 | 28 | |
| 29 | 29 | setlocale(LC_CTYPE, "en_US.UTF-8"); |
| 30 | 30 | |
@@ -98,7 +98,7 @@ discard block |
||
| 98 | 98 | $this->db_ext->query("SET NAMES 'utf8'"); |
| 99 | 99 | $this->db_local->query("SET NAMES 'utf8mb4'"); |
| 100 | 100 | $result = $this->db_ext->query("SELECT * FROM $table"); |
| 101 | - $queryFields = implode(',', array_column($this->fields[$db][$table_name],0)); |
|
| 101 | + $queryFields = implode(',', array_column($this->fields[$db][$table_name], 0)); |
|
| 102 | 102 | while ($row = $result->fetch_assoc()) { |
| 103 | 103 | $v = []; |
| 104 | 104 | foreach ($this->fields[$db][$table_name] as $field) { |
@@ -116,7 +116,7 @@ discard block |
||
| 116 | 116 | } |
| 117 | 117 | } |
| 118 | 118 | } |
| 119 | - $queryValues = implode(',',$v); |
|
| 119 | + $queryValues = implode(',', $v); |
|
| 120 | 120 | $query = "INSERT INTO $tmpTable (".$queryFields.") VALUES (".$queryValues.")"; |
| 121 | 121 | $this->db_local->query($query); |
| 122 | 122 | } |
@@ -134,9 +134,9 @@ discard block |
||
| 134 | 134 | $realms = explode(',', $row[1]); |
| 135 | 135 | foreach ($contacts as $contact) { |
| 136 | 136 | foreach ($realms as $realm) { |
| 137 | - $email = empty($contact['mail']) ? 'NULL' :'"'.$contact['mail'].'"'; |
|
| 138 | - $name = empty($contact['name']) ? 'NULL' :'"'.$contact['name'].'"'; |
|
| 139 | - $phone = empty($contact['phone']) ? 'NULL' :'"'.$contact['phone'].'"'; |
|
| 137 | + $email = empty($contact['mail']) ? 'NULL' : '"'.$contact['mail'].'"'; |
|
| 138 | + $name = empty($contact['name']) ? 'NULL' : '"'.$contact['name'].'"'; |
|
| 139 | + $phone = empty($contact['phone']) ? 'NULL' : '"'.$contact['phone'].'"'; |
|
| 140 | 140 | $id = '"'.$row[2].'"'; |
| 141 | 141 | $ROid = '"'.$row[3].'"'; |
| 142 | 142 | $query = "INSERT INTO tmp_institution_admins (name, email, phone, inst_realm, instid, ROid)" |
@@ -161,9 +161,9 @@ discard block |
||
| 161 | 161 | } |
| 162 | 162 | |
| 163 | 163 | private function escape($inp) { |
| 164 | - $out=str_replace('\\','\\\\',$inp); |
|
| 165 | - $out=str_replace('"','\"',$out); |
|
| 166 | - $out=str_replace('?','\?',$out); |
|
| 164 | + $out = str_replace('\\', '\\\\', $inp); |
|
| 165 | + $out = str_replace('"', '\"', $out); |
|
| 166 | + $out = str_replace('?', '\?', $out); |
|
| 167 | 167 | $out = 'convert(cast(convert("'.$out.'" using latin1) as binary) using utf8)'; |
| 168 | 168 | return($out); |
| 169 | 169 | } |
@@ -19,7 +19,7 @@ discard block |
||
| 19 | 19 | * <base_url>/copyright.php after deploying the software |
| 20 | 20 | */ |
| 21 | 21 | |
| 22 | -require_once __DIR__ . "/../core/Psr4Autoloader.php"; |
|
| 22 | +require_once __DIR__."/../core/Psr4Autoloader.php"; |
|
| 23 | 23 | use core\autoloader\Psr4Autoloader; |
| 24 | 24 | |
| 25 | 25 | // instantiate the loader |
@@ -30,12 +30,12 @@ discard block |
||
| 30 | 30 | |
| 31 | 31 | // register the base directories for the namespace prefix |
| 32 | 32 | // include configuration |
| 33 | -$loader->addNamespace('config', __DIR__ ); |
|
| 33 | +$loader->addNamespace('config', __DIR__); |
|
| 34 | 34 | // include CAT/core library |
| 35 | -$loader->addNamespace('core', __DIR__ . "/../core"); |
|
| 35 | +$loader->addNamespace('core', __DIR__."/../core"); |
|
| 36 | 36 | // include CAT/devices library |
| 37 | -$loader->addNamespace('devices', __DIR__ . "/../devices"); |
|
| 37 | +$loader->addNamespace('devices', __DIR__."/../devices"); |
|
| 38 | 38 | // include CAT/web library |
| 39 | -$loader->addNamespace('web', __DIR__ . "/../web"); |
|
| 39 | +$loader->addNamespace('web', __DIR__."/../web"); |
|
| 40 | 40 | // include CAT/utils |
| 41 | -$loader->addNamespace('utils', __DIR__ . "/../utils"); |
|
| 41 | +$loader->addNamespace('utils', __DIR__."/../utils"); |
|
@@ -6,9 +6,9 @@ |
||
| 6 | 6 | function cat_socket($obj) { |
| 7 | 7 | $sock = socket_create(AF_UNIX, SOCK_STREAM, 0); |
| 8 | 8 | $conn = socket_connect($sock, SOCKET); |
| 9 | - if ( $conn ) { |
|
| 10 | - socket_write ($sock, $obj, strlen($obj)); |
|
| 11 | - $out = socket_read ($sock, 2048); |
|
| 9 | + if ($conn) { |
|
| 10 | + socket_write($sock, $obj, strlen($obj)); |
|
| 11 | + $out = socket_read($sock, 2048); |
|
| 12 | 12 | return $out; |
| 13 | 13 | } |
| 14 | 14 | return 'FAILURE'; |
@@ -35,10 +35,10 @@ discard block |
||
| 35 | 35 | public function __construct() |
| 36 | 36 | { |
| 37 | 37 | |
| 38 | - if ( \config\ConfAssistant::eduPKI['testing'] === true ) { |
|
| 39 | - $this->locationRaCert = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 40 | - $this->locationRaKey = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 41 | - $this->locationWebRoot = ROOT . "/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 38 | + if (\config\ConfAssistant::eduPKI['testing'] === true) { |
|
| 39 | + $this->locationRaCert = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 40 | + $this->locationRaKey = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 41 | + $this->locationWebRoot = ROOT."/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 42 | 42 | $this->eduPkiRaId = 700; |
| 43 | 43 | $this->eduPkiCertProfileBoth = "Radius Server SOAP"; |
| 44 | 44 | $this->eduPkiCertProfileIdp = "Radius Server SOAP"; |
@@ -47,9 +47,9 @@ discard block |
||
| 47 | 47 | $this->eduPkiEndpointPublic = "https://pki.edupki.org/edupki-test-ca/cgi-bin/pub/soap?wsdl=1"; |
| 48 | 48 | $this->eduPkiEndpointRa = "https://ra.edupki.org/edupki-test-ca/cgi-bin/ra/soap?wsdl=1"; |
| 49 | 49 | } else { |
| 50 | - $this->locationRaCert = ROOT . "/config/SilverbulletClientCerts/edupki-prod-ra.pem"; |
|
| 51 | - $this->locationRaKey = ROOT . "/config/SilverbulletClientCerts/edupki-prod-ra.clearkey"; |
|
| 52 | - $this->locationWebRoot = ROOT . "/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 50 | + $this->locationRaCert = ROOT."/config/SilverbulletClientCerts/edupki-prod-ra.pem"; |
|
| 51 | + $this->locationRaKey = ROOT."/config/SilverbulletClientCerts/edupki-prod-ra.clearkey"; |
|
| 52 | + $this->locationWebRoot = ROOT."/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 53 | 53 | $this->eduPkiRaId = 100; |
| 54 | 54 | $this->eduPkiCertProfileBoth = "eduroam IdP and SP"; |
| 55 | 55 | $this->eduPkiCertProfileIdp = "eduroam IdP"; |
@@ -63,13 +63,13 @@ discard block |
||
| 63 | 63 | parent::__construct(); |
| 64 | 64 | |
| 65 | 65 | if (stat($this->locationRaCert) === FALSE) { |
| 66 | - throw new Exception("RA operator PEM file not found: " . $this->locationRaCert); |
|
| 66 | + throw new Exception("RA operator PEM file not found: ".$this->locationRaCert); |
|
| 67 | 67 | } |
| 68 | 68 | if (stat($this->locationRaKey) === FALSE) { |
| 69 | - throw new Exception("RA operator private key file not found: " . $this->locationRaKey); |
|
| 69 | + throw new Exception("RA operator private key file not found: ".$this->locationRaKey); |
|
| 70 | 70 | } |
| 71 | 71 | if (stat($this->locationWebRoot) === FALSE) { |
| 72 | - throw new Exception("CA website root CA file not found: " . $this->locationWebRoot); |
|
| 72 | + throw new Exception("CA website root CA file not found: ".$this->locationWebRoot); |
|
| 73 | 73 | } |
| 74 | 74 | } |
| 75 | 75 | |
@@ -136,26 +136,26 @@ discard block |
||
| 136 | 136 | throw new Exception("Unexpected policies requested."); |
| 137 | 137 | } |
| 138 | 138 | $altArray = [# Array mit den Subject Alternative Names |
| 139 | - "email:" . $csr["USERMAIL"] |
|
| 139 | + "email:".$csr["USERMAIL"] |
|
| 140 | 140 | ]; |
| 141 | 141 | foreach ($csr["ALTNAMES"] as $oneAltName) { |
| 142 | 142 | if (!empty($oneAltName) && preg_match('/(?=^.{1,254}$)(^(?:(?!\d|-)[a-z0-9\-]{1,63}(?<!-)\.)+(?:[a-z]{2,})$)/i', $oneAltName) > 0) { |
| 143 | - $altArray[] = "DNS:" . $oneAltName; |
|
| 143 | + $altArray[] = "DNS:".$oneAltName; |
|
| 144 | 144 | } else { |
| 145 | - $altArray[] = "IP:" . $oneAltName; |
|
| 145 | + $altArray[] = "IP:".$oneAltName; |
|
| 146 | 146 | } |
| 147 | 147 | } |
| 148 | 148 | $soapPub = $this->initEduPKISoapSession("PUBLIC"); |
| 149 | 149 | $this->loggerInstance->debug(5, "FIRST ACTUAL SOAP REQUEST (Public, newRequest)!\n"); |
| 150 | - $this->loggerInstance->debug(5, "PARAM_1: " . $this->eduPkiRaId . "\n"); |
|
| 151 | - $this->loggerInstance->debug(5, "PARAM_2: " . $csr["CSR_STRING"] . "\n"); |
|
| 150 | + $this->loggerInstance->debug(5, "PARAM_1: ".$this->eduPkiRaId."\n"); |
|
| 151 | + $this->loggerInstance->debug(5, "PARAM_2: ".$csr["CSR_STRING"]."\n"); |
|
| 152 | 152 | $this->loggerInstance->debug(5, "PARAM_3: "); |
| 153 | 153 | $this->loggerInstance->debug(5, $altArray); |
| 154 | - $this->loggerInstance->debug(5, "PARAM_4: " . $profile . "\n"); |
|
| 155 | - $this->loggerInstance->debug(5, "PARAM_5: " . sha1("notused") . "\n"); |
|
| 156 | - $this->loggerInstance->debug(5, "PARAM_6: " . $csr["USERNAME"] . "\n"); |
|
| 157 | - $this->loggerInstance->debug(5, "PARAM_7: " . $csr["USERMAIL"] . "\n"); |
|
| 158 | - $this->loggerInstance->debug(5, "PARAM_8: " . ProfileSilverbullet::PRODUCTNAME . "\n"); |
|
| 154 | + $this->loggerInstance->debug(5, "PARAM_4: ".$profile."\n"); |
|
| 155 | + $this->loggerInstance->debug(5, "PARAM_5: ".sha1("notused")."\n"); |
|
| 156 | + $this->loggerInstance->debug(5, "PARAM_6: ".$csr["USERNAME"]."\n"); |
|
| 157 | + $this->loggerInstance->debug(5, "PARAM_7: ".$csr["USERMAIL"]."\n"); |
|
| 158 | + $this->loggerInstance->debug(5, "PARAM_8: ".ProfileSilverbullet::PRODUCTNAME."\n"); |
|
| 159 | 159 | $this->loggerInstance->debug(5, "PARAM_9: false\n"); |
| 160 | 160 | |
| 161 | 161 | $soapNewRequest = $soapPub->newRequest( |
@@ -185,7 +185,7 @@ discard block |
||
| 185 | 185 | #}\n"); |
| 186 | 186 | return 0; |
| 187 | 187 | } |
| 188 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 188 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 189 | 189 | } |
| 190 | 190 | try { |
| 191 | 191 | $soap = $this->initEduPKISoapSession("RA"); |
@@ -217,7 +217,7 @@ discard block |
||
| 217 | 217 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 218 | 218 | // rather than just using the string. Grr. |
| 219 | 219 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 220 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapCleartext); |
|
| 220 | + file_put_contents($tempdir['dir']."/content.txt", $soapCleartext); |
|
| 221 | 221 | // retrieve our RA cert from filesystem |
| 222 | 222 | // the RA certificates are not needed right now because we |
| 223 | 223 | // have resorted to S/MIME signatures with openssl command-line |
@@ -229,7 +229,7 @@ discard block |
||
| 229 | 229 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 230 | 230 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 231 | 231 | $this->loggerInstance->debug(2, "Actual content to be signed is this:\n $soapCleartext\n"); |
| 232 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . $this->locationRaKey . " -signer " . $this->locationRaCert; |
|
| 232 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".$this->locationRaKey." -signer ".$this->locationRaCert; |
|
| 233 | 233 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 234 | 234 | $output = []; |
| 235 | 235 | $return = 999; |
@@ -238,21 +238,21 @@ discard block |
||
| 238 | 238 | throw new Exception("Non-zero return value from openssl smime!"); |
| 239 | 239 | } |
| 240 | 240 | // and get the signature blob back from the filesystem |
| 241 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 241 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 242 | 242 | $this->loggerInstance->debug(5, "Request for server approveRequest has parameters:\n"); |
| 243 | - $this->loggerInstance->debug(5, $soapReqnum . "\n"); |
|
| 244 | - $this->loggerInstance->debug(5, $soapCleartext . "\n"); // PHP magically encodes this as base64 while sending! |
|
| 245 | - $this->loggerInstance->debug(5, $detachedSig . "\n"); |
|
| 243 | + $this->loggerInstance->debug(5, $soapReqnum."\n"); |
|
| 244 | + $this->loggerInstance->debug(5, $soapCleartext."\n"); // PHP magically encodes this as base64 while sending! |
|
| 245 | + $this->loggerInstance->debug(5, $detachedSig."\n"); |
|
| 246 | 246 | $soapIssueCert = $soap->approveRequest($soapReqnum, $soapCleartext, $detachedSig); |
| 247 | - $this->loggerInstance->debug(5, "approveRequest Request was: \n" . $soap->__getLastRequest()); |
|
| 248 | - $this->loggerInstance->debug(5, "approveRequest Response was: \n" . $soap->__getLastResponse()); |
|
| 247 | + $this->loggerInstance->debug(5, "approveRequest Request was: \n".$soap->__getLastRequest()); |
|
| 248 | + $this->loggerInstance->debug(5, "approveRequest Response was: \n".$soap->__getLastResponse()); |
|
| 249 | 249 | if ($soapIssueCert === FALSE) { |
| 250 | 250 | throw new Exception("The locally approved request was NOT processed by the CA."); |
| 251 | 251 | } |
| 252 | 252 | } catch (SoapFault $e) { |
| 253 | - throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 253 | + throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 254 | 254 | } catch (Exception $e) { |
| 255 | - throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage()); |
|
| 255 | + throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage()); |
|
| 256 | 256 | } |
| 257 | 257 | return $soapReqnum; |
| 258 | 258 | } |
@@ -304,9 +304,9 @@ discard block |
||
| 304 | 304 | throw new Exception("CAInfo has no root certificate for us!"); |
| 305 | 305 | } |
| 306 | 306 | } catch (SoapFault $e) { |
| 307 | - throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 307 | + throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 308 | 308 | } catch (Exception $e) { |
| 309 | - throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage()); |
|
| 309 | + throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage()); |
|
| 310 | 310 | } |
| 311 | 311 | return [ |
| 312 | 312 | "CERT" => openssl_x509_read($parsedCert['pem']), |
@@ -339,12 +339,12 @@ discard block |
||
| 339 | 339 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 340 | 340 | // rather than just using the string. Grr. |
| 341 | 341 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 342 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapRawRevRequest); |
|
| 342 | + file_put_contents($tempdir['dir']."/content.txt", $soapRawRevRequest); |
|
| 343 | 343 | // retrieve our RA cert from filesystem |
| 344 | 344 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 345 | 345 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 346 | 346 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n$soapRawRevRequest\n"); |
| 347 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . $this->locationRaKey . " -signer " . $this->locationRaCert; |
|
| 347 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".$this->locationRaKey." -signer ".$this->locationRaCert; |
|
| 348 | 348 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 349 | 349 | $output = []; |
| 350 | 350 | $return = 999; |
@@ -353,7 +353,7 @@ discard block |
||
| 353 | 353 | throw new Exception("Non-zero return value from openssl smime!"); |
| 354 | 354 | } |
| 355 | 355 | // and get the signature blob back from the filesystem |
| 356 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 356 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 357 | 357 | $soapIssueRev = $soap->approveRevocationRequest($soapRevocationSerial, $soapRawRevRequest, $detachedSig); |
| 358 | 358 | if ($soapIssueRev === FALSE) { |
| 359 | 359 | throw new Exception("The locally approved revocation request was NOT processed by the CA."); |
@@ -361,9 +361,9 @@ discard block |
||
| 361 | 361 | } catch (Exception $e) { |
| 362 | 362 | // PHP 7.1 can do this much better |
| 363 | 363 | if (is_soap_fault($e)) { |
| 364 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: {$e->faultstring}\n"); |
|
| 364 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: {$e->faultstring}\n"); |
|
| 365 | 365 | } |
| 366 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 366 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 367 | 367 | } |
| 368 | 368 | } |
| 369 | 369 | |
@@ -465,9 +465,9 @@ discard block |
||
| 465 | 465 | */ |
| 466 | 466 | public function soapToXmlInteger($x) |
| 467 | 467 | { |
| 468 | - return '<' . $x[0] . '>' |
|
| 468 | + return '<'.$x[0].'>' |
|
| 469 | 469 | . htmlentities($x[1], ENT_NOQUOTES | ENT_XML1) |
| 470 | - . '</' . $x[0] . '>'; |
|
| 470 | + . '</'.$x[0].'>'; |
|
| 471 | 471 | } |
| 472 | 472 | |
| 473 | 473 | /** |
@@ -486,9 +486,9 @@ discard block |
||
| 486 | 486 | // dump private key into directory |
| 487 | 487 | $outstring = ""; |
| 488 | 488 | openssl_pkey_export($privateKey, $outstring); |
| 489 | - file_put_contents($tempdir . "/pkey.pem", $outstring); |
|
| 489 | + file_put_contents($tempdir."/pkey.pem", $outstring); |
|
| 490 | 490 | // PHP can only do one DC in the Subject. But we need three. |
| 491 | - $execCmd = \config\Master::PATHS['openssl'] . " req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 491 | + $execCmd = \config\Master::PATHS['openssl']." req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 492 | 492 | $this->loggerInstance->debug(2, "Calling openssl req with following cmdline: $execCmd\n"); |
| 493 | 493 | $output = []; |
| 494 | 494 | $return = 999; |
@@ -142,7 +142,7 @@ discard block |
||
| 142 | 142 | return $this->counter; |
| 143 | 143 | } |
| 144 | 144 | |
| 145 | - $cachedNumber = @file_get_contents(ROOT . "/var/tmp/cachedSPNumber.serialised"); |
|
| 145 | + $cachedNumber = @file_get_contents(ROOT."/var/tmp/cachedSPNumber.serialised"); |
|
| 146 | 146 | if ($cachedNumber !== FALSE) { |
| 147 | 147 | $numberData = unserialize($cachedNumber); |
| 148 | 148 | $now = new \DateTime(); |
@@ -155,7 +155,7 @@ discard block |
||
| 155 | 155 | } else { // data in cache is too old or doesn't exist. We really need to ask the database |
| 156 | 156 | $list = $this->listAllServiceProviders(); |
| 157 | 157 | $this->counter = count($list); |
| 158 | - file_put_contents(ROOT . "/var/tmp/cachedSPNumber.serialised", serialize(["number" => $this->counter, "timestamp" => new \DateTime()])); |
|
| 158 | + file_put_contents(ROOT."/var/tmp/cachedSPNumber.serialised", serialize(["number" => $this->counter, "timestamp" => new \DateTime()])); |
|
| 159 | 159 | return $this->counter; |
| 160 | 160 | } |
| 161 | 161 | } |
@@ -246,7 +246,7 @@ discard block |
||
| 246 | 246 | $returnarray = []; |
| 247 | 247 | $query = "SELECT instid AS id, country, inst_realm as realmlist, name AS collapsed_name, contact AS collapsed_contact, type FROM view_active_institution WHERE country = ?"; |
| 248 | 248 | if ($eduroamDbType !== NULL) { |
| 249 | - $query .= " AND ( type = '" . ExternalEduroamDBData::TYPE_IDPSP . "' OR type = '" . $eduroamDbType . "')"; |
|
| 249 | + $query .= " AND ( type = '".ExternalEduroamDBData::TYPE_IDPSP."' OR type = '".$eduroamDbType."')"; |
|
| 250 | 250 | } |
| 251 | 251 | $externals = $this->db->exec($query, "s", $tld); |
| 252 | 252 | // was a SELECT query, so a resource and not a boolean |
@@ -305,7 +305,7 @@ discard block |
||
| 305 | 305 | * @return array |
| 306 | 306 | */ |
| 307 | 307 | |
| 308 | - public function listExternalEntitiesByUserEmail($userEmail){ |
|
| 308 | + public function listExternalEntitiesByUserEmail($userEmail) { |
|
| 309 | 309 | $out = []; |
| 310 | 310 | $cat = $this->localDb->dbName; |
| 311 | 311 | $query = "SELECT DISTINCT view_institution_admins.instid, $cat.institution.inst_id, |
@@ -320,10 +320,10 @@ discard block |
||
| 320 | 320 | WHERE view_active_institution.type != 2 AND view_institution_admins.email= ?"; |
| 321 | 321 | $externals = $this->db->exec($query, 's', $userEmail); |
| 322 | 322 | while ($row = $externals->fetch_array()) { |
| 323 | - $external_db_id = $row[0]; // identifier in eduroam DB |
|
| 323 | + $external_db_id = $row[0]; // identifier in eduroam DB |
|
| 324 | 324 | $inst_id = $row[1]; // identifier in CAT - possibly NULL |
| 325 | 325 | $country = $row[2]; // country |
| 326 | - $name = $row[3]; // institution name from eduroam DB |
|
| 326 | + $name = $row[3]; // institution name from eduroam DB |
|
| 327 | 327 | $realm = $row[4]; // realms from eduroam DB |
| 328 | 328 | $type = $row[5]; // institution type from eduroam DB |
| 329 | 329 | if (!isset($out[$country])) { |
@@ -404,19 +404,19 @@ discard block |
||
| 404 | 404 | * |
| 405 | 405 | * @return array |
| 406 | 406 | */ |
| 407 | - public function listExternalTlsServersInstitution($tld, $include_not_ready=FALSE) { |
|
| 407 | + public function listExternalTlsServersInstitution($tld, $include_not_ready = FALSE) { |
|
| 408 | 408 | $retval = []; |
| 409 | 409 | // this includes servers of type "staging", which is fine |
| 410 | 410 | $query = "SELECT ROid, instid, type, inst_name, servers, contacts, ts FROM view_tls_inst WHERE country = ?"; |
| 411 | 411 | if (!$include_not_ready) { |
| 412 | - $query = $query . " AND servers IS NOT NULL AND contacts IS NOT NULL"; |
|
| 412 | + $query = $query." AND servers IS NOT NULL AND contacts IS NOT NULL"; |
|
| 413 | 413 | } |
| 414 | 414 | $instServerTransaction = $this->db->exec($query, "s", $tld); |
| 415 | 415 | while ($instServerResponses = mysqli_fetch_object(/** @scrutinizer ignore-type */ $instServerTransaction)) { |
| 416 | 416 | $contactList = $this::dissectCollapsedContacts($instServerResponses->contacts); |
| 417 | 417 | $names = $this->splitNames($instServerResponses->inst_name); |
| 418 | 418 | $thelanguage = $names[$this->languageInstance->getLang()] ?? $names["en"] ?? array_shift($names); |
| 419 | - $retval[$instServerResponses->ROid . "-". $instServerResponses->instid] = [ |
|
| 419 | + $retval[$instServerResponses->ROid."-".$instServerResponses->instid] = [ |
|
| 420 | 420 | "names" => $names, |
| 421 | 421 | "name" => $thelanguage, |
| 422 | 422 | "type" => array_search($instServerResponses->type, self::TYPE_MAPPING), |
@@ -49,7 +49,7 @@ discard block |
||
| 49 | 49 | */ |
| 50 | 50 | private function writeToFile($filename, $message) |
| 51 | 51 | { |
| 52 | - file_put_contents(\config\Master::PATHS['logdir'] . "/$filename", sprintf("%-015s", microtime(TRUE)) . $message, FILE_APPEND); |
|
| 52 | + file_put_contents(\config\Master::PATHS['logdir']."/$filename", sprintf("%-015s", microtime(TRUE)).$message, FILE_APPEND); |
|
| 53 | 53 | } |
| 54 | 54 | |
| 55 | 55 | /** |
@@ -61,7 +61,7 @@ discard block |
||
| 61 | 61 | */ |
| 62 | 62 | private static function writeToFile_s($filename, $message) |
| 63 | 63 | { |
| 64 | - file_put_contents(\config\Master::PATHS['logdir'] . "/$filename", sprintf("%-015s", microtime(TRUE)) . $message, FILE_APPEND); |
|
| 64 | + file_put_contents(\config\Master::PATHS['logdir']."/$filename", sprintf("%-015s", microtime(TRUE)).$message, FILE_APPEND); |
|
| 65 | 65 | } |
| 66 | 66 | |
| 67 | 67 | /** |
@@ -89,9 +89,9 @@ discard block |
||
| 89 | 89 | $output .= " [$file / $function / $line] "; |
| 90 | 90 | } |
| 91 | 91 | if (is_string($stuff)) { |
| 92 | - $output .= $prefix . $stuff . $suffix; |
|
| 92 | + $output .= $prefix.$stuff.$suffix; |
|
| 93 | 93 | } else { |
| 94 | - $output .= $prefix . var_export($stuff, TRUE) . $suffix; |
|
| 94 | + $output .= $prefix.var_export($stuff, TRUE).$suffix; |
|
| 95 | 95 | } |
| 96 | 96 | $this->writeToFile("debug.log", $output); |
| 97 | 97 | |
@@ -123,9 +123,9 @@ discard block |
||
| 123 | 123 | $output .= " [$file / $function / $line] "; |
| 124 | 124 | } |
| 125 | 125 | if (is_string($stuff)) { |
| 126 | - $output .= $prefix . $stuff . $suffix; |
|
| 126 | + $output .= $prefix.$stuff.$suffix; |
|
| 127 | 127 | } else { |
| 128 | - $output .= $prefix . var_export($stuff, TRUE) . $suffix; |
|
| 128 | + $output .= $prefix.var_export($stuff, TRUE).$suffix; |
|
| 129 | 129 | } |
| 130 | 130 | self::writeToFile_s("debug.log", $output); |
| 131 | 131 | return; |
@@ -201,7 +201,7 @@ discard block |
||
| 201 | 201 | $logTextStep1 = preg_replace("/[\n\r]/", "", $query); |
| 202 | 202 | $logTextStep2 = preg_replace("/ +/", " ", $logTextStep1); |
| 203 | 203 | $logTextStep3 = iconv("UTF-8", "UTF-8//IGNORE", $logTextStep2); |
| 204 | - $this->writeToFile("audit-SQL.log", " " . $logTextStep3 . "\n"); |
|
| 204 | + $this->writeToFile("audit-SQL.log", " ".$logTextStep3."\n"); |
|
| 205 | 205 | } |
| 206 | 206 | |
| 207 | 207 | |
@@ -219,6 +219,6 @@ discard block |
||
| 219 | 219 | $logTextStep1 = preg_replace("/[\n\r]/", "", $query); |
| 220 | 220 | $logTextStep2 = preg_replace("/ +/", " ", $logTextStep1); |
| 221 | 221 | $logTextStep3 = iconv("UTF-8", "UTF-8//IGNORE", $logTextStep2); |
| 222 | - self::writeToFile_s("audit-SQL.log", " " . $logTextStep3 . "\n"); |
|
| 222 | + self::writeToFile_s("audit-SQL.log", " ".$logTextStep3."\n"); |
|
| 223 | 223 | } |
| 224 | 224 | } |
| 225 | 225 | \ No newline at end of file |
@@ -17,9 +17,9 @@ discard block |
||
| 17 | 17 | class CertificationAuthorityEduPki extends EntityWithDBProperties implements CertificationAuthorityInterface |
| 18 | 18 | { |
| 19 | 19 | |
| 20 | - private const LOCATION_RA_CERT = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 21 | - private const LOCATION_RA_KEY = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 22 | - private const LOCATION_WEBROOT = ROOT . "/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 20 | + private const LOCATION_RA_CERT = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 21 | + private const LOCATION_RA_KEY = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 22 | + private const LOCATION_WEBROOT = ROOT."/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 23 | 23 | private const EDUPKI_RA_ID = 700; |
| 24 | 24 | private const EDUPKI_CERT_PROFILE = "User SOAP"; |
| 25 | 25 | private const EDUPKI_RA_PKEY_PASSPHRASE = "..."; |
@@ -35,13 +35,13 @@ discard block |
||
| 35 | 35 | parent::__construct(); |
| 36 | 36 | |
| 37 | 37 | if (stat(CertificationAuthorityEduPki::LOCATION_RA_CERT) === FALSE) { |
| 38 | - throw new Exception("RA operator PEM file not found: " . CertificationAuthorityEduPki::LOCATION_RA_CERT); |
|
| 38 | + throw new Exception("RA operator PEM file not found: ".CertificationAuthorityEduPki::LOCATION_RA_CERT); |
|
| 39 | 39 | } |
| 40 | 40 | if (stat(CertificationAuthorityEduPki::LOCATION_RA_KEY) === FALSE) { |
| 41 | - throw new Exception("RA operator private key file not found: " . CertificationAuthorityEduPki::LOCATION_RA_KEY); |
|
| 41 | + throw new Exception("RA operator private key file not found: ".CertificationAuthorityEduPki::LOCATION_RA_KEY); |
|
| 42 | 42 | } |
| 43 | 43 | if (stat(CertificationAuthorityEduPki::LOCATION_WEBROOT) === FALSE) { |
| 44 | - throw new Exception("CA website root CA file not found: " . CertificationAuthorityEduPki::LOCATION_WEBROOT); |
|
| 44 | + throw new Exception("CA website root CA file not found: ".CertificationAuthorityEduPki::LOCATION_WEBROOT); |
|
| 45 | 45 | } |
| 46 | 46 | } |
| 47 | 47 | |
@@ -75,19 +75,19 @@ discard block |
||
| 75 | 75 | // initialise connection to eduPKI CA / eduroam RA and send the request to them |
| 76 | 76 | try { |
| 77 | 77 | $altArray = [# Array mit den Subject Alternative Names |
| 78 | - "email:" . $csr["USERNAME"] |
|
| 78 | + "email:".$csr["USERNAME"] |
|
| 79 | 79 | ]; |
| 80 | 80 | $soapPub = $this->initEduPKISoapSession("PUBLIC"); |
| 81 | 81 | $this->loggerInstance->debug(5, "FIRST ACTUAL SOAP REQUEST (Public, newRequest)!\n"); |
| 82 | - $this->loggerInstance->debug(5, "PARAM_1: " . CertificationAuthorityEduPki::EDUPKI_RA_ID . "\n"); |
|
| 83 | - $this->loggerInstance->debug(5, "PARAM_2: " . $csr["CSR_STRING"] . "\n"); |
|
| 82 | + $this->loggerInstance->debug(5, "PARAM_1: ".CertificationAuthorityEduPki::EDUPKI_RA_ID."\n"); |
|
| 83 | + $this->loggerInstance->debug(5, "PARAM_2: ".$csr["CSR_STRING"]."\n"); |
|
| 84 | 84 | $this->loggerInstance->debug(5, "PARAM_3: "); |
| 85 | 85 | $this->loggerInstance->debug(5, $altArray); |
| 86 | - $this->loggerInstance->debug(5, "PARAM_4: " . CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE . "\n"); |
|
| 87 | - $this->loggerInstance->debug(5, "PARAM_5: " . sha1("notused") . "\n"); |
|
| 88 | - $this->loggerInstance->debug(5, "PARAM_6: " . $csr["USERNAME"] . "\n"); |
|
| 89 | - $this->loggerInstance->debug(5, "PARAM_7: " . $csr["USERNAME"] . "\n"); |
|
| 90 | - $this->loggerInstance->debug(5, "PARAM_8: " . \config\ConfAssistant::SILVERBULLET['product_name'] . "\n"); |
|
| 86 | + $this->loggerInstance->debug(5, "PARAM_4: ".CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE."\n"); |
|
| 87 | + $this->loggerInstance->debug(5, "PARAM_5: ".sha1("notused")."\n"); |
|
| 88 | + $this->loggerInstance->debug(5, "PARAM_6: ".$csr["USERNAME"]."\n"); |
|
| 89 | + $this->loggerInstance->debug(5, "PARAM_7: ".$csr["USERNAME"]."\n"); |
|
| 90 | + $this->loggerInstance->debug(5, "PARAM_8: ".\config\ConfAssistant::SILVERBULLET['product_name']."\n"); |
|
| 91 | 91 | $this->loggerInstance->debug(5, "PARAM_9: false\n"); |
| 92 | 92 | $soapNewRequest = $soapPub->newRequest( |
| 93 | 93 | CertificationAuthorityEduPki::EDUPKI_RA_ID, # RA-ID |
@@ -109,11 +109,11 @@ discard block |
||
| 109 | 109 | } catch (Exception $e) { |
| 110 | 110 | // PHP 7.1 can do this much better |
| 111 | 111 | if (is_soap_fault($e)) { |
| 112 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: { |
|
| 112 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: { |
|
| 113 | 113 | $e->faultstring |
| 114 | 114 | }\n"); |
| 115 | 115 | } |
| 116 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 116 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 117 | 117 | } |
| 118 | 118 | try { |
| 119 | 119 | $soap = $this->initEduPKISoapSession("RA"); |
@@ -125,8 +125,8 @@ discard block |
||
| 125 | 125 | $soapReqnum, [ |
| 126 | 126 | "RaID" => CertificationAuthorityEduPki::EDUPKI_RA_ID, |
| 127 | 127 | "Role" => CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE, |
| 128 | - "Subject" => "DC=eduroam,DC=test,DC=test,C=" . $csr["FED"] . ",O=" . \config\ConfAssistant::CONSORTIUM['name'] . ",OU=" . $csr["FED"] . ",CN=" . $csr['USERNAME'] . ",emailAddress=" . $csr['USERNAME'], |
|
| 129 | - "SubjectAltNames" => ["email:" . $csr["USERNAME"]], |
|
| 128 | + "Subject" => "DC=eduroam,DC=test,DC=test,C=".$csr["FED"].",O=".\config\ConfAssistant::CONSORTIUM['name'].",OU=".$csr["FED"].",CN=".$csr['USERNAME'].",emailAddress=".$csr['USERNAME'], |
|
| 129 | + "SubjectAltNames" => ["email:".$csr["USERNAME"]], |
|
| 130 | 130 | "NotBefore" => (new \DateTime())->format('c'), |
| 131 | 131 | "NotAfter" => $expiry->format('c'), |
| 132 | 132 | ] |
@@ -145,7 +145,7 @@ discard block |
||
| 145 | 145 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 146 | 146 | // rather than just using the string. Grr. |
| 147 | 147 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 148 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapCleartext); |
|
| 148 | + file_put_contents($tempdir['dir']."/content.txt", $soapCleartext); |
|
| 149 | 149 | // retrieve our RA cert from filesystem |
| 150 | 150 | // the RA certificates are not needed right now because we |
| 151 | 151 | // have resorted to S/MIME signatures with openssl command-line |
@@ -157,7 +157,7 @@ discard block |
||
| 157 | 157 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 158 | 158 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 159 | 159 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n $soapCleartext\n"); |
| 160 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 160 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 161 | 161 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 162 | 162 | $output = []; |
| 163 | 163 | $return = 999; |
@@ -166,14 +166,14 @@ discard block |
||
| 166 | 166 | throw new Exception("Non-zero return value from openssl smime!"); |
| 167 | 167 | } |
| 168 | 168 | // and get the signature blob back from the filesystem |
| 169 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 169 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 170 | 170 | $this->loggerInstance->debug(5, "Request for server approveRequest has parameters:\n"); |
| 171 | - $this->loggerInstance->debug(5, $soapReqnum . "\n"); |
|
| 172 | - $this->loggerInstance->debug(5, $soapCleartext . "\n"); // PHP magically encodes this as base64 while sending! |
|
| 173 | - $this->loggerInstance->debug(5, $detachedSig . "\n"); |
|
| 171 | + $this->loggerInstance->debug(5, $soapReqnum."\n"); |
|
| 172 | + $this->loggerInstance->debug(5, $soapCleartext."\n"); // PHP magically encodes this as base64 while sending! |
|
| 173 | + $this->loggerInstance->debug(5, $detachedSig."\n"); |
|
| 174 | 174 | $soapIssueCert = $soap->approveRequest($soapReqnum, $soapCleartext, $detachedSig); |
| 175 | - $this->loggerInstance->debug(5, "approveRequest Request was: \n" . $soap->__getLastRequest()); |
|
| 176 | - $this->loggerInstance->debug(5, "approveRequest Response was: \n" . $soap->__getLastResponse()); |
|
| 175 | + $this->loggerInstance->debug(5, "approveRequest Request was: \n".$soap->__getLastRequest()); |
|
| 176 | + $this->loggerInstance->debug(5, "approveRequest Response was: \n".$soap->__getLastResponse()); |
|
| 177 | 177 | if ($soapIssueCert === FALSE) { |
| 178 | 178 | throw new Exception("The locally approved request was NOT processed by the CA."); |
| 179 | 179 | } |
@@ -210,9 +210,9 @@ discard block |
||
| 210 | 210 | throw new Exception("CAInfo has no root certificate for us!"); |
| 211 | 211 | } |
| 212 | 212 | } catch (SoapFault $e) { |
| 213 | - throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 213 | + throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 214 | 214 | } catch (Exception $e) { |
| 215 | - throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage()); |
|
| 215 | + throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage()); |
|
| 216 | 216 | } |
| 217 | 217 | return [ |
| 218 | 218 | "CERT" => openssl_x509_read($parsedCert['pem']), |
@@ -245,12 +245,12 @@ discard block |
||
| 245 | 245 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 246 | 246 | // rather than just using the string. Grr. |
| 247 | 247 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 248 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapRawRevRequest); |
|
| 248 | + file_put_contents($tempdir['dir']."/content.txt", $soapRawRevRequest); |
|
| 249 | 249 | // retrieve our RA cert from filesystem |
| 250 | 250 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 251 | 251 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 252 | 252 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n$soapRawRevRequest\n"); |
| 253 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . CertificationAuthorityEduPki::LOCATION_RA_KEY . " -signer " . CertificationAuthorityEduPki::LOCATION_RA_CERT; |
|
| 253 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".CertificationAuthorityEduPki::LOCATION_RA_KEY." -signer ".CertificationAuthorityEduPki::LOCATION_RA_CERT; |
|
| 254 | 254 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 255 | 255 | $output = []; |
| 256 | 256 | $return = 999; |
@@ -259,7 +259,7 @@ discard block |
||
| 259 | 259 | throw new Exception("Non-zero return value from openssl smime!"); |
| 260 | 260 | } |
| 261 | 261 | // and get the signature blob back from the filesystem |
| 262 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 262 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 263 | 263 | $soapIssueRev = $soap->approveRevocationRequest($soapRevocationSerial, $soapRawRevRequest, $detachedSig); |
| 264 | 264 | if ($soapIssueRev === FALSE) { |
| 265 | 265 | throw new Exception("The locally approved revocation request was NOT processed by the CA."); |
@@ -267,9 +267,9 @@ discard block |
||
| 267 | 267 | } catch (Exception $e) { |
| 268 | 268 | // PHP 7.1 can do this much better |
| 269 | 269 | if (is_soap_fault($e)) { |
| 270 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: {$e->faultstring}\n"); |
|
| 270 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: {$e->faultstring}\n"); |
|
| 271 | 271 | } |
| 272 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 272 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 273 | 273 | } |
| 274 | 274 | } |
| 275 | 275 | |
@@ -289,7 +289,7 @@ discard block |
||
| 289 | 289 | 'http' => [ |
| 290 | 290 | 'timeout' => 60, |
| 291 | 291 | 'user_agent' => 'Stefan', |
| 292 | - 'header'=> array( "Accept-language: en" ), |
|
| 292 | + 'header'=> array("Accept-language: en"), |
|
| 293 | 293 | 'protocol_version' => 1.1 |
| 294 | 294 | ], |
| 295 | 295 | 'ssl' => [ |
@@ -370,9 +370,9 @@ discard block |
||
| 370 | 370 | */ |
| 371 | 371 | public function soapToXmlInteger($x) |
| 372 | 372 | { |
| 373 | - return '<' . $x[0] . '>' |
|
| 373 | + return '<'.$x[0].'>' |
|
| 374 | 374 | . htmlentities($x[1], ENT_NOQUOTES | ENT_XML1) |
| 375 | - . '</' . $x[0] . '>'; |
|
| 375 | + . '</'.$x[0].'>'; |
|
| 376 | 376 | } |
| 377 | 377 | |
| 378 | 378 | /** |
@@ -391,9 +391,9 @@ discard block |
||
| 391 | 391 | // dump private key into directory |
| 392 | 392 | $outstring = ""; |
| 393 | 393 | openssl_pkey_export($privateKey, $outstring); |
| 394 | - file_put_contents($tempdir . "/pkey.pem", $outstring); |
|
| 394 | + file_put_contents($tempdir."/pkey.pem", $outstring); |
|
| 395 | 395 | // PHP can only do one DC in the Subject. But we need three. |
| 396 | - $execCmd = \config\Master::PATHS['openssl'] . " req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 396 | + $execCmd = \config\Master::PATHS['openssl']." req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 397 | 397 | $this->loggerInstance->debug(2, "Calling openssl req with following cmdline: $execCmd\n"); |
| 398 | 398 | $output = []; |
| 399 | 399 | $return = 999; |
@@ -27,7 +27,7 @@ discard block |
||
| 27 | 27 | */ |
| 28 | 28 | ?> |
| 29 | 29 | <?php |
| 30 | -require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
| 30 | +require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php"; |
|
| 31 | 31 | |
| 32 | 32 | |
| 33 | 33 | $deco = new \web\lib\admin\PageDecoration(); |
@@ -41,10 +41,10 @@ discard block |
||
| 41 | 41 | ( $_POST['consortium'] == "OpenRoaming" && count($myfed->getAttributes("fed:openroaming")) > 0 ) |
| 42 | 42 | ) |
| 43 | 43 | ) {*/ |
| 44 | - if (isset($_POST['consortium']) && $_POST['consortium'] == "eduroam") |
|
| 44 | + if (isset($_POST['consortium']) && $_POST['consortium'] == "eduroam") |
|
| 45 | 45 | { |
| 46 | 46 | $deployment = $my_inst->newDeployment(\core\AbstractDeployment::DEPLOYMENTTYPE_MANAGED, $_POST['consortium']); |
| 47 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '#profilebox_' . $deployment->identifier); |
|
| 47 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'#profilebox_'.$deployment->identifier); |
|
| 48 | 48 | exit(0); |
| 49 | 49 | } else { |
| 50 | 50 | throw new Exception("Desired consortium for Managed SP needs to be specified, and allowed!"); |
@@ -101,19 +101,19 @@ discard block |
||
| 101 | 101 | if (isset($_POST['agreement']) && $_POST['agreement'] == "true") { |
| 102 | 102 | $deployment->addAttribute("hiddenmanagedsp:tou_accepted", NULL, 1); |
| 103 | 103 | } |
| 104 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '#profilebox_' . $deployment->identifier); |
|
| 104 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'#profilebox_'.$deployment->identifier); |
|
| 105 | 105 | exit(0); |
| 106 | 106 | case web\lib\common\FormElements::BUTTON_DELETE: |
| 107 | 107 | $response = $deployment->setRADIUSconfig(); |
| 108 | 108 | if (in_array('OK', $response)) { |
| 109 | 109 | $deployment->deactivate(); |
| 110 | 110 | } |
| 111 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '&' . urldecode(http_build_query($response)) . '#profilebox_' . |
|
| 111 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'&'.urldecode(http_build_query($response)).'#profilebox_'. |
|
| 112 | 112 | $deployment->identifier); |
| 113 | 113 | exit(0); |
| 114 | 114 | case web\lib\common\FormElements::BUTTON_REMOVESP: |
| 115 | 115 | $deployment->remove(); |
| 116 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier); |
|
| 116 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier); |
|
| 117 | 117 | exit(0); |
| 118 | 118 | case web\lib\common\FormElements::BUTTON_RENEWTLS: |
| 119 | 119 | $data = openssl_x509_parse($deployment->radsec_cert); |
@@ -124,14 +124,14 @@ discard block |
||
| 124 | 124 | $torevoke = implode('#', $certdata); |
| 125 | 125 | $response = $deployment->setRADIUSconfig(0, 0, $torevoke); |
| 126 | 126 | $deployment->renewtls(); |
| 127 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '#profilebox_' . $deployment->identifier); |
|
| 127 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'#profilebox_'.$deployment->identifier); |
|
| 128 | 128 | exit(0); |
| 129 | 129 | case web\lib\common\FormElements::BUTTON_USECSR: |
| 130 | 130 | if (isset($_FILES['upload']) && $_FILES['upload']['size'] > 0) { |
| 131 | 131 | $csrpem = file_get_contents($_FILES['upload']['tmp_name']); |
| 132 | 132 | if ($csrpem === FALSE) { |
| 133 | 133 | // seems we can't work with this file for some reason. Ignore. |
| 134 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '&errormsg=NOCSR_' . $deployment->identifier . '#profilebox_' . $deployment->identifier); |
|
| 134 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'&errormsg=NOCSR_'.$deployment->identifier.'#profilebox_'.$deployment->identifier); |
|
| 135 | 135 | exit(0); |
| 136 | 136 | } |
| 137 | 137 | $csr = new \phpseclib3\File\X509(); |
@@ -146,10 +146,10 @@ discard block |
||
| 146 | 146 | $torevoke = implode('#', $certdata); |
| 147 | 147 | $response = $deployment->setRADIUSconfig(0, 0, $torevoke); |
| 148 | 148 | $deployment->tlsfromcsr($csr); |
| 149 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '#profilebox_' . $deployment->identifier); |
|
| 149 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'#profilebox_'.$deployment->identifier); |
|
| 150 | 150 | exit(0); |
| 151 | 151 | } else { |
| 152 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '&errormsg=WRONGCSR_' . $deployment->identifier . '#profilebox_' . $deployment->identifier); |
|
| 152 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'&errormsg=WRONGCSR_'.$deployment->identifier.'#profilebox_'.$deployment->identifier); |
|
| 153 | 153 | exit(0); |
| 154 | 154 | } |
| 155 | 155 | } |
@@ -159,7 +159,7 @@ discard block |
||
| 159 | 159 | if (in_array('OK', $response)) { |
| 160 | 160 | $deployment->activate(); |
| 161 | 161 | } |
| 162 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '&' . urldecode(http_build_query($response)) . '#profilebox_' . $deployment->identifier); |
|
| 162 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'&'.urldecode(http_build_query($response)).'#profilebox_'.$deployment->identifier); |
|
| 163 | 163 | exit(0); |
| 164 | 164 | } else { |
| 165 | 165 | throw new Exception("Activate button pushed without acknowledged ToUs!"); |
@@ -192,7 +192,7 @@ discard block |
||
| 192 | 192 | } else { |
| 193 | 193 | $response = ['NOOP', 'NOOP']; |
| 194 | 194 | } |
| 195 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '&' . urldecode(http_build_query($response)) . '#profilebox_' . $deployment->identifier); |
|
| 195 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'&'.urldecode(http_build_query($response)).'#profilebox_'.$deployment->identifier); |
|
| 196 | 196 | exit(0); |
| 197 | 197 | default: |
| 198 | 198 | throw new Exception("Unknown button action requested!"); |
@@ -201,10 +201,10 @@ discard block |
||
| 201 | 201 | if (isset($_POST['command'])) { |
| 202 | 202 | switch ($_POST['command']) { |
| 203 | 203 | case web\lib\common\FormElements::BUTTON_CLOSE: |
| 204 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier) . '#profilebox_' . $deployment->identifier; |
|
| 204 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier).'#profilebox_'.$deployment->identifier; |
|
| 205 | 205 | exit(0); |
| 206 | 206 | default: |
| 207 | - header("Location: overview_org.php?inst_id=" . $my_inst->identifier . '#profilebox_' . $deployment->identifier); |
|
| 207 | + header("Location: overview_org.php?inst_id=".$my_inst->identifier.'#profilebox_'.$deployment->identifier); |
|
| 208 | 208 | exit(0); |
| 209 | 209 | } |
| 210 | 210 | } |
@@ -230,7 +230,7 @@ discard block |
||
| 230 | 230 | echo $uiElements->instLevelInfoBoxes($my_inst); |
| 231 | 231 | $deploymentOptions = $deployment->getAttributes(); |
| 232 | 232 | echo "<form enctype='multipart/form-data' action='edit_hotspot.php?inst_id=$my_inst->identifier&deployment_id=$deployment->identifier' method='post' accept-charset='UTF-8'> |
| 233 | - <input type='hidden' name='MAX_FILE_SIZE' value='" . \config\Master::MAX_UPLOAD_SIZE . "'>"; |
|
| 233 | + <input type='hidden' name='MAX_FILE_SIZE' value='".\config\Master::MAX_UPLOAD_SIZE."'>"; |
|
| 234 | 234 | $optionDisplay = new \web\lib\admin\OptionDisplay($deploymentOptions, \core\Options::LEVEL_PROFILE); |
| 235 | 235 | ?> |
| 236 | 236 | <fieldset class='option_container' id='managedsp_override'> |
@@ -264,7 +264,7 @@ discard block |
||
| 264 | 264 | <!-- input for VLAN identifier for guests--> |
| 265 | 265 | <td> |
| 266 | 266 | <span id='guest_vlan_label'> |
| 267 | - <?php echo sprintf(_("VLAN tag for guests:"), ($guest_vlan === NULL ? "" : " " . _("(unset with '0')"))); ?> |
|
| 267 | + <?php echo sprintf(_("VLAN tag for guests:"), ($guest_vlan === NULL ? "" : " "._("(unset with '0')"))); ?> |
|
| 268 | 268 | </span> |
| 269 | 269 | </td> |
| 270 | 270 | <td> |
@@ -280,7 +280,7 @@ discard block |
||
| 280 | 280 | <!-- input for VLAN identifier for home users--> |
| 281 | 281 | <td> |
| 282 | 282 | <span id='vlan_label'> |
| 283 | - <?php echo sprintf(_("VLAN tag for own users%s:"), ($vlan === NULL ? "" : " " . _("(unset with '0')"))); ?> |
|
| 283 | + <?php echo sprintf(_("VLAN tag for own users%s:"), ($vlan === NULL ? "" : " "._("(unset with '0')"))); ?> |
|
| 284 | 284 | </span> |
| 285 | 285 | </td> |
| 286 | 286 | <td> |
@@ -300,7 +300,7 @@ discard block |
||
| 300 | 300 | </fieldset> |
| 301 | 301 | |
| 302 | 302 | <?php |
| 303 | - echo "<p><button type='submit' name='submitbutton' class='deploymentopts' value='" . web\lib\common\FormElements::BUTTON_SAVE . "'>" . _("Save data") . "</button><button type='button' class='delete' name='abortbutton' value='abort' onclick='javascript:window.location = \"overview_org.php?inst_id=$my_inst->identifier\"'>" . _("Discard changes") . "</button></p></form>"; |
|
| 303 | + echo "<p><button type='submit' name='submitbutton' class='deploymentopts' value='".web\lib\common\FormElements::BUTTON_SAVE."'>"._("Save data")."</button><button type='button' class='delete' name='abortbutton' value='abort' onclick='javascript:window.location = \"overview_org.php?inst_id=$my_inst->identifier\"'>"._("Discard changes")."</button></p></form>"; |
|
| 304 | 304 | echo $deco->footer(); |
| 305 | 305 | ?> |
| 306 | 306 | <script> |
@@ -8,7 +8,7 @@ discard block |
||
| 8 | 8 | * License: see the web/copyright.php file in the file structure |
| 9 | 9 | * ****************************************************************************** |
| 10 | 10 | */ |
| 11 | -require_once dirname(dirname(__FILE__)) . "/config/_config.php"; |
|
| 11 | +require_once dirname(dirname(__FILE__))."/config/_config.php"; |
|
| 12 | 12 | |
| 13 | 13 | /** |
| 14 | 14 | * The sctipt will be called from crontab |
@@ -28,7 +28,7 @@ discard block |
||
| 28 | 28 | } |
| 29 | 29 | |
| 30 | 30 | |
| 31 | -while ( $row = mysqli_fetch_object(/** @scrutinizer ignore-type */ $allOpenRoamingProfiles)) { |
|
| 31 | +while ($row = mysqli_fetch_object(/** @scrutinizer ignore-type */ $allOpenRoamingProfiles)) { |
|
| 32 | 32 | $profileId = $row->profile_id; |
| 33 | 33 | $profile = \core\ProfileFactory::instantiate($profileId); |
| 34 | 34 | $res = $profile->openroamingReadinessTest(); |
