GEANT / CAT

web/admin/inc/userStats.inc.php

Spacing +14 added lines, -14 removed lines

@@ -9,7 +9,7 @@ 
  * ******************************************************************************
  */
 
-require_once dirname(dirname(dirname(dirname(__FILE__)))) . "/config/_config.php";
+require_once dirname(dirname(dirname(dirname(__FILE__))))."/config/_config.php";
 
 $auth = new \web\lib\admin\Authentication();
 $auth->authenticate();
@@ -29,31 +29,31 @@ 
 ?>
 
 <h1><?php $tablecaption = _("User Authentication Records"); echo $tablecaption; ?></h1>
-<p><?php echo _("Note that:");?></p>
+<p><?php echo _("Note that:"); ?></p>
 <ul>
-    <li><?php echo _("Authentication records are deleted after six months retention time");?></li>
-    <li><?php echo _("Operator Domain is based on the RADIUS attribute 'Operator-Name' and not sent by all hotspots");?></li>
-    <li><?php echo _("Different MAC addresses per credential may be due to MAC Address randomisation in recent operating systems");?></li>
+    <li><?php echo _("Authentication records are deleted after six months retention time"); ?></li>
+    <li><?php echo _("Operator Domain is based on the RADIUS attribute 'Operator-Name' and not sent by all hotspots"); ?></li>
+    <li><?php echo _("Different MAC addresses per credential may be due to MAC Address randomisation in recent operating systems"); ?></li>
 </ul>
 <table class='authrecord'>
-    <caption><?php echo $tablecaption;?></caption>
+    <caption><?php echo $tablecaption; ?></caption>
     <tr>
-        <th scope="col"><strong><?php echo _("Timestamp");?></strong></th>
-        <th scope="col"><strong><?php echo _("Credential");?></strong></th>
-        <th scope="col"><strong><?php echo _("MAC Address");?></strong></th>
-        <th scope="col"><strong><?php echo _("Result");?></strong></th>
-        <th scope="col"><strong><?php echo _("Operator Domain");?></strong></th>
+        <th scope="col"><strong><?php echo _("Timestamp"); ?></strong></th>
+        <th scope="col"><strong><?php echo _("Credential"); ?></strong></th>
+        <th scope="col"><strong><?php echo _("MAC Address"); ?></strong></th>
+        <th scope="col"><strong><?php echo _("Result"); ?></strong></th>
+        <th scope="col"><strong><?php echo _("Operator Domain"); ?></strong></th>
     </tr>
     <?php
     $userAuthData = $profile->getUserAuthRecords($userInt);
     foreach ($userAuthData as $oneRecord) {
-        echo "<tr class='".($oneRecord['RESULT'] == "Access-Accept" ? "auth-success" : "auth-fail" )."'>"
+        echo "<tr class='".($oneRecord['RESULT'] == "Access-Accept" ? "auth-success" : "auth-fail")."'>"
                 . "<td>".$oneRecord['TIMESTAMP']."</td>"
                 // $oneRecord['CN'] is a simple string, not an array, so disable Scrutinizer type check here
-                . "<td>"./** @scrutinizer ignore-type */ substr_replace($oneRecord['CN'], "@…", strpos($oneRecord['CN'],"@"))."</td>"
+                . "<td>"./** @scrutinizer ignore-type */ substr_replace($oneRecord['CN'], "@…", strpos($oneRecord['CN'], "@"))."</td>"
                 . "<td>".$oneRecord['MAC']."</td>"
                 . "<td>".($oneRecord['RESULT'] == "Access-Accept" ? _("Success") : _("Failure"))."</td>"
-                . "<td>".substr($oneRecord['OPERATOR'] ?? "1(unknown)",1)."</td>"
+                . "<td>".substr($oneRecord['OPERATOR'] ?? "1(unknown)", 1)."</td>"
                 . "</tr>";
     }
     ?>

core/CertificationAuthorityEmbeddedECDSA.php

Spacing +21 added lines, -21 removed lines

@@ -16,10 +16,10 @@ 
 class CertificationAuthorityEmbeddedECDSA extends EntityWithDBProperties implements CertificationAuthorityInterface
 {
 
-    private const LOCATION_ROOT_CA = ROOT . "/config/SilverbulletClientCerts/rootca-ECDSA.pem";
-    private const LOCATION_ISSUING_CA = ROOT . "/config/SilverbulletClientCerts/real-ECDSA.pem";
-    private const LOCATION_ISSUING_KEY = ROOT . "/config/SilverbulletClientCerts/real-ECDSA.key";
-    private const LOCATION_CONFIG = ROOT . "/config/SilverbulletClientCerts/openssl-ECDSA.cnf";
+    private const LOCATION_ROOT_CA = ROOT."/config/SilverbulletClientCerts/rootca-ECDSA.pem";
+    private const LOCATION_ISSUING_CA = ROOT."/config/SilverbulletClientCerts/real-ECDSA.pem";
+    private const LOCATION_ISSUING_KEY = ROOT."/config/SilverbulletClientCerts/real-ECDSA.key";
+    private const LOCATION_CONFIG = ROOT."/config/SilverbulletClientCerts/openssl-ECDSA.cnf";
 
     /**
      * string with the PEM variant of the root CA
@@ -66,29 +66,29 @@ 
         parent::__construct();
         $this->rootPem = file_get_contents(CertificationAuthorityEmbeddedECDSA::LOCATION_ROOT_CA);
         if ($this->rootPem === FALSE) {
-            throw new Exception("Root CA PEM file not found: " . CertificationAuthorityEmbeddedECDSA::LOCATION_ROOT_CA);
+            throw new Exception("Root CA PEM file not found: ".CertificationAuthorityEmbeddedECDSA::LOCATION_ROOT_CA);
         }
         $this->issuingCertRaw = file_get_contents(CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA);
         if ($this->issuingCertRaw === FALSE) {
-            throw new Exception("Issuing CA PEM file not found: " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA);
+            throw new Exception("Issuing CA PEM file not found: ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA);
         }
         $rootParsed = openssl_x509_read($this->rootPem);
         $issuingCertCandidate = openssl_x509_read($this->issuingCertRaw);
-        if ($issuingCertCandidate === FALSE || is_resource($issuingCertCandidate)|| $rootParsed === FALSE) {
+        if ($issuingCertCandidate === FALSE || is_resource($issuingCertCandidate) || $rootParsed === FALSE) {
             throw new Exception("At least one CA PEM file did not parse correctly (or not a PHP8 resource)!");
         }
         $this->issuingCert = $issuingCertCandidate;
         
         if (stat(CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY) === FALSE) {
-            throw new Exception("Private key not found: " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY);
+            throw new Exception("Private key not found: ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY);
         }
-        $issuingKeyTemp = openssl_pkey_get_private("file://" . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY);
+        $issuingKeyTemp = openssl_pkey_get_private("file://".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY);
         if ($issuingKeyTemp === FALSE || is_resource($issuingKeyTemp)) {
             throw new Exception("The private key did not parse correctly (or not a PHP8 resource)!");
         }
         $this->issuingKey = $issuingKeyTemp;
         if (stat(CertificationAuthorityEmbeddedECDSA::LOCATION_CONFIG) === FALSE) {
-            throw new Exception("openssl configuration not found: " . CertificationAuthorityEmbeddedECDSA::LOCATION_CONFIG);
+            throw new Exception("openssl configuration not found: ".CertificationAuthorityEmbeddedECDSA::LOCATION_CONFIG);
         }
         $this->conffile = CertificationAuthorityEmbeddedECDSA::LOCATION_CONFIG;
     }
@@ -131,27 +131,27 @@ 
         // generate stub index.txt file
         $tempdirArray = \core\common\Entity::createTemporaryDirectory("test");
         $tempdir = $tempdirArray['dir'];
-        $nowIndexTxt = (new \DateTime())->format("ymdHis") . "Z";
-        $expiryIndexTxt = $originalExpiry->format("ymdHis") . "Z";
+        $nowIndexTxt = (new \DateTime())->format("ymdHis")."Z";
+        $expiryIndexTxt = $originalExpiry->format("ymdHis")."Z";
         // serials for our CA are always integers
         $serialHex = strtoupper(dechex((int) $cert->serial));
         if (strlen($serialHex) % 2 == 1) {
-            $serialHex = "0" . $serialHex;
+            $serialHex = "0".$serialHex;
         }
 
-        $indexStatement = "$certstatus\t$expiryIndexTxt\t" . ($certstatus == "R" ? "$nowIndexTxt,unspecified" : "") . "\t$serialHex\tunknown\t/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$federation/CN=$cert->username\n";
+        $indexStatement = "$certstatus\t$expiryIndexTxt\t".($certstatus == "R" ? "$nowIndexTxt,unspecified" : "")."\t$serialHex\tunknown\t/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$federation/CN=$cert->username\n";
         $this->loggerInstance->debug(4, "index.txt contents-to-be: $indexStatement");
-        if (!file_put_contents($tempdir . "/index.txt", $indexStatement)) {
+        if (!file_put_contents($tempdir."/index.txt", $indexStatement)) {
             $this->loggerInstance->debug(1, "Unable to write openssl index.txt file for revocation handling!");
         }
         // index.txt.attr is dull but needs to exist
-        file_put_contents($tempdir . "/index.txt.attr", "unique_subject = yes\n");
+        file_put_contents($tempdir."/index.txt.attr", "unique_subject = yes\n");
         // call "openssl ocsp" to manufacture our own OCSP statement
         // adding "-rmd sha1" to the following command-line makes the
         // choice of signature algorithm for the response explicit
         // but it's only available from openssl-1.1.0 (which we do not
         // want to require just for that one thing).
-        $execCmd = \config\Master::PATHS['openssl'] . " ocsp -issuer " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA . " -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA . " -rsigner " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA . " -rkey " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY . " -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der";
+        $execCmd = \config\Master::PATHS['openssl']." ocsp -issuer ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA." -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA." -rsigner ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA." -rkey ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY." -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der";
         $this->loggerInstance->debug(2, "Calling openssl ocsp with following cmdline: $execCmd\n");
         $output = [];
         $return = 999;
@@ -159,11 +159,11 @@ 
         if ($return !== 0) {
             throw new Exception("Non-zero return value from openssl ocsp!");
         }
-        $ocsp = file_get_contents($tempdir . "/$serialHex.response.der");
+        $ocsp = file_get_contents($tempdir."/$serialHex.response.der");
         // remove the temp dir!
-        unlink($tempdir . "/$serialHex.response.der");
-        unlink($tempdir . "/index.txt.attr");
-        unlink($tempdir . "/index.txt");
+        unlink($tempdir."/$serialHex.response.der");
+        unlink($tempdir."/index.txt.attr");
+        unlink($tempdir."/index.txt");
         rmdir($tempdir);
         $this->databaseHandle->exec("UPDATE silverbullet_certificate SET OCSP = ?, OCSP_timestamp = NOW() WHERE serial_number = ?", "si", $ocsp, $cert->serial);
         return $ocsp;

web/diag/adminQuery.php

Spacing +44 added lines, -44 removed lines

@@ -19,7 +19,7 @@ 
  * License: see the web/copyright.inc.php file in the file structure or
  *          <base_url>/copyright.php after deploying the software
  */
-require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php";
+require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php";
 $languageInstance = new \core\common\Language();
 $languageInstance->setTextDomain("diagnostics");
 $loggerInstance = new \core\common\Logging();
@@ -61,43 +61,43 @@ 
     $select = "<div id='sp_abuse_problem'>
 <select style='margin-left: 0px;' id='select_sp_problem'>";
     foreach ($sp_problem as $pname => $pdesc) {
-        $select = $select . "<option value='$pname'>$pdesc</option>\n";
+        $select = $select."<option value='$pname'>$pdesc</option>\n";
     }
-    $select = $select . "</select></div>";
+    $select = $select."</select></div>";
     $res = "
 <input type='hidden' name='token' id='token' value=''>
 <input type='hidden' name='tests_result' id='tests_result' value=''>
 <table id='sp_questions'>
     <tr id='sp_problem_selector'>
-        <td>" . _("Select your problem") . "</td>
+        <td>" . _("Select your problem")."</td>
         <td>$select</td>
     </tr>
     <tr>
-        <td>" . _("What is the realm of the IdP in question?") . "</td>
+        <td>"._("What is the realm of the IdP in question?")."</td>
         <td>
                 <input type='text' name='admin_realm' id='admin_realm' value='$realmFromURL'>
-                <button class='diag_button' id='realm_in_db_admin' style='display: none;' accesskey='R' type='button'>" .
-                _("Check this realm") .
+                <button class='diag_button' id='realm_in_db_admin' style='display: none;' accesskey='R' type='button'>".
+                _("Check this realm").
                 "</button>
                 <div id='tests_info_area'></div>
         </td>
     </tr>
     <tr class='hidden_row'>
-        <td>" . _("What is the authentication timestamp of the user session in question?") . "</td>
+        <td>" . _("What is the authentication timestamp of the user session in question?")."</td>
         <td><input type='text' id='timestamp' name='timestamp'>
             <div id='datepicker'></div>
         </td>
     </tr>
     <tr class='hidden_row'>
-        <td>" . _("What is the MAC address of the user session in question?") . "</td>
+        <td>" . _("What is the MAC address of the user session in question?")."</td>
         <td><input type='text' id='mac' name='mac'></td>
     </tr>
     <tr class='hidden_row'>
-        <td>" . _("Additional comments") . "</td>
+        <td>" . _("Additional comments")."</td>
         <td><textarea id='freetext' name='freetext' cols='60' rows='5'></textarea></td>
     </tr>
     <tr class='hidden_row'>
-        <td>" . _("Please specify an email address on which the IdP can contact you") . "</td>
+        <td>" . _("Please specify an email address on which the IdP can contact you")."</td>
         <td><input type='text' id='email' name='email'></td>
     </tr>
     <tr>
@@ -105,82 +105,82 @@ 
         <td></td>
     </tr>
     <tr class='hidden_row' id='send_query_to_idp'>
-        <td>" . _("Now you can send your query") . "</td>
-        <td><button type='submit' class='diag_button' id='submit_idp_query' name='go'>" . _("Send") . "</button></td>
+        <td>" . _("Now you can send your query")."</td>
+        <td><button type='submit' class='diag_button' id='submit_idp_query' name='go'>" . _("Send")."</button></td>
     </tr>
  </table>";
-    $res = $res . $javascript;
+    $res = $res.$javascript;
 }
 if ($queryType == 'idp') {
     $select = "<div id='idp_reported_problem' style='display:;'>
 <select style='margin-left:0px;' id='select_idp_problem'>";
     foreach ($idp_problem as $pname => $pdesc) {
-        $select = $select . "<option value='$pname'>$pdesc</option>\n";
+        $select = $select."<option value='$pname'>$pdesc</option>\n";
     }
-    $select = $select . "</select></div>";
+    $select = $select."</select></div>";
     $res = "
 <table id='idp_questions'>
     <tr>
-        <td>" . _("Select your problem") . "</td>
+        <td>" . _("Select your problem")."</td>
         <td>$select</td>
     </tr>
     <tr>
-        <td>" . _("Identify the SP by one of following means") . "</td>
+        <td>"._("Identify the SP by one of following means")."</td>
         <td></td>
     </tr>
     <tr id='by_opname'>
-        <td>" . _("SP Operator-Name attribute") . "</td>
+        <td>" . _("SP Operator-Name attribute")."</td>
         <td><input type='text' id='opname' name='opname' value=''></td>
     </tr>
     <tr id='spmanually'>
-        <td>" . _("Select the SP manually:") . "</td>
+        <td>" . _("Select the SP manually:")."</td>
         <td>
             <div id='select_asp_country'><a href='' id='asp_countries_list'>
-            <span id='opnameselect'>" . _("click to select country and organisation") . "</a></span>
+            <span id='opnameselect'>" . _("click to select country and organisation")."</a></span>
             </div>
             <div id='select_asp_area'></div>
         </td>
     </tr>
     <tr id='asp_desc' style='display: none;'>
-        <td>" . _("or") . ' ' . _("at least describe the SP location") . "</td>
+        <td>" . _("or").' '._("at least describe the SP location")."</td>
         <td><input type='text' id='asp_location' name='asp_location' value=''></td>
     </tr>
     <tr>
-        <td>" . _("What is the outer ID of the user session in question?") . "</td>
+        <td>" . _("What is the outer ID of the user session in question?")."</td>
         <td><input type='text' id='outer_id' name='outer_id' value=''></td>
     </tr>
     <tr>
-        <td>" . _("What is the authentication timestamp of the user session in question?") . "</td>
+        <td>" . _("What is the authentication timestamp of the user session in question?")."</td>
         <td>
             <input type='text' id='timestamp' name='timestamp'>
             <div id='datepicker'></div>
         </td>
     </tr>
     <tr>
-        <td>" . _("What is the MAC address of the user session in question?") . "</td>
+        <td>" . _("What is the MAC address of the user session in question?")."</td>
         <td><input type='text' id='mac' name='mac'></td>
     </tr>
     <tr>
-        <td>" . _("Additional comments about the problem") . "</td>
+        <td>" . _("Additional comments about the problem")."</td>
         <td><textarea id='freetext' name='freetext' cols='60' rows='5'></textarea></td>
     </tr>
     <tr>
-        <td>" . _("Do you have any contact details by which the user wishes to be contacted by the SP?") . "</td>
+        <td>" . _("Do you have any contact details by which the user wishes to be contacted by the SP?")."</td>
         <td><textarea id='c_details' name='c_details' cols='60' rows='5'></textarea></td>
     </tr>
     <tr>
-        <td>" . _("Please specify an email address on which the SP can contact you") . "</td>
+        <td>" . _("Please specify an email address on which the SP can contact you")."</td>
         <td><input type='text' id='email' name='email'></td>
     </tr>
     <tr class='hidden_row' id='send_query_to_sp'>
-        <td>" . _("Now you can send your query") . "</td>
-        <td><button type='submit' class='diag_button' id='submit_sp_query' name='go'>" . _("Send") . "</button></td>
+        <td>" . _("Now you can send your query")."</td>
+        <td><button type='submit' class='diag_button' id='submit_sp_query' name='go'>" . _("Send")."</button></td>
     </tr>
 </table>";
-    $res = $res . $javascript;
+    $res = $res.$javascript;
 }
 if ($queryType == 'idp_send' || $queryType == 'sp_send') {
-    include_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php";
+    include_once dirname(dirname(dirname(__FILE__)))."/config/_config.php";
     $cat = new \core\CAT();
     $returnArray = array();
     if (count((array) $o) > 0) {
@@ -189,8 +189,8 @@ 
             switch ($key) {
                 case 'realm':
                     $pos = strpos($value, '@');
-                    if ($pos !== FALSE ) {
-                        $value = substr($value, $pos+1);
+                    if ($pos !== FALSE) {
+                        $value = substr($value, $pos + 1);
                     }
                 case 'email':
                     $returnArray[$key] = filter_var($value, FILTER_VALIDATE_EMAIL);
@@ -231,7 +231,7 @@ 
         $mail = \core\common\OutsideComm::mailHandle();
         $emails = ['mgw@umk.pl'];
         //$emails = explode(',', $returnArray['idpcontact']);
-        $mail->FromName = \config\Master::APPEARANCE['productname'] . " Notification System";
+        $mail->FromName = \config\Master::APPEARANCE['productname']." Notification System";
         foreach ($emails as $email) {
             $mail->addAddress($email);
         }
@@ -241,11 +241,11 @@ 
         } else {
             $link = 'http://';
         }
-        $link .= $_SERVER['SERVER_NAME'] . \core\CAT::getRootUrlPath() . '/diag/show_realmcheck.php?token=' . $returnArray['token'];
+        $link .= $_SERVER['SERVER_NAME'].\core\CAT::getRootUrlPath().'/diag/show_realmcheck.php?token='.$returnArray['token'];
         $returnArray['testurl'] = $link;
         $mail->Subject = _('Suspected a technical problem with the IdP');
-        $txt = _("We suspect a technical problem with the IdP handling the realm") . ' ' . 
-                $returnArray['realm'] . ".\n";
+        $txt = _("We suspect a technical problem with the IdP handling the realm").' '. 
+                $returnArray['realm'].".\n";
         $txt .= _("The CAT diagnostic test was run for this realm during reporting.\n");
         $txt .= _("The overall result was ");
         if ($returnArray['tests_result'] == 0) {
@@ -253,15 +253,15 @@ 
         } else {
             $txt .= _("failure");
         }
-        $txt .= ".\n" . _("To see details go to ");
+        $txt .= ".\n"._("To see details go to ");
         $txt .= "$link\n\n";
-        $txt .= _("The reported problem details are as follows") . "\n";
-        $txt .= _("timestamp") . ": " . $returnArray['timestamp'] . "\n";
-        $txt .= _("client MAC address") . ": " . $returnArray['mac'] . "\n";
+        $txt .= _("The reported problem details are as follows")."\n";
+        $txt .= _("timestamp").": ".$returnArray['timestamp']."\n";
+        $txt .= _("client MAC address").": ".$returnArray['mac']."\n";
         if ($returnArray['freetext']) {
-            $txt .= _("additional comments") . ': ' . $returnArray['freetext'] . "\n";
+            $txt .= _("additional comments").': '.$returnArray['freetext']."\n";
         }
-        $txt .= "\n" . _("You can contact the incident reporter at") . ' ' . $returnArray['email'];
+        $txt .= "\n"._("You can contact the incident reporter at").' '.$returnArray['email'];
         
         $mail->Body = $txt;
         $sent = $mail->send();

utils/SP_consistency_check.php

Spacing +8 added lines, -8 removed lines

@@ -1,22 +1,22 @@ 
 <?php
-require_once dirname(dirname(__FILE__)) . "/config/_config.php";
+require_once dirname(dirname(__FILE__))."/config/_config.php";
 /**
     * check if URL responds with 200
     *
     * @param string $srv server name
     * @return integer or NULL
 */
-function checkConfigRADIUSDaemon ($srv) {
+function checkConfigRADIUSDaemon($srv) {
     $ch = curl_init();
     if ($ch === FALSE) {
         return NULL;
     }
     $timeout = 10;
-    curl_setopt ( $ch, CURLOPT_URL, $srv );
-    curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, 1 );
-    curl_setopt ( $ch, CURLOPT_TIMEOUT, $timeout );
+    curl_setopt($ch, CURLOPT_URL, $srv);
+    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+    curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
     curl_exec($ch);
-    $http_code = curl_getinfo( $ch, CURLINFO_HTTP_CODE );
+    $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
     curl_close($ch);
     if ($http_code == 200) {
         return 1;
@@ -53,8 +53,8 @@ 
 }
 $siteStatus = array();
 foreach (array_keys($brokenDeployments) as $server_id) {
-    print "check $server_id " . $radiusSite[$server_id] . "\n";
-    $siteStatus[$server_id]  = checkConfigRADIUSDaemon('http://' . $radiusSite[$server_id]);
+    print "check $server_id ".$radiusSite[$server_id]."\n";
+    $siteStatus[$server_id] = checkConfigRADIUSDaemon('http://'.$radiusSite[$server_id]);
     if ($siteStatus[$server_id]) {
         echo "\ncheck radius\n";
         echo \config\Diagnostics::RADIUSSPTEST['port']."\n";

core/diag/RADIUSTests.php

Spacing +58 added lines, -59 removed lines

@@ -165,7 +165,7 @@ 
             }
         }
 
-        $this->loggerInstance->debug(4, "RADIUSTests is in opMode " . $this->opMode . ", parameters were: $realm, $outerUsernameForChecks, " . /** @scrutinizer ignore-type */ print_r($supportedEapTypes, true));
+        $this->loggerInstance->debug(4, "RADIUSTests is in opMode ".$this->opMode.", parameters were: $realm, $outerUsernameForChecks, "./** @scrutinizer ignore-type */ print_r($supportedEapTypes, true));
         $this->loggerInstance->debug(4, /** @scrutinizer ignore-type */ print_r($expectedServerNames, true));
         $this->loggerInstance->debug(4, /** @scrutinizer ignore-type */ print_r($expectedCABundle, true));
 
@@ -252,7 +252,7 @@ 
                 $returnarray[] = RADIUSTests::CERTPROB_WILDCARD_IN_NAME;
                 continue; // otherwise we'd ALSO complain that it's not a real hostname
             }
-            if ($onename != "" && filter_var("foo@" . idn_to_ascii($onename), FILTER_VALIDATE_EMAIL) === FALSE) {
+            if ($onename != "" && filter_var("foo@".idn_to_ascii($onename), FILTER_VALIDATE_EMAIL) === FALSE) {
                 $returnarray[] = RADIUSTests::CERTPROB_NOT_A_HOSTNAME;
             }
         }
@@ -278,7 +278,7 @@ 
             $probValue = RADIUSTests::CERTPROB_SHA1_SIGNATURE;
             $returnarray[] = $probValue;
         }
-        $this->loggerInstance->debug(4, "CERT IS: " . /** @scrutinizer ignore-type */ print_r($intermediateCa, TRUE));
+        $this->loggerInstance->debug(4, "CERT IS: "./** @scrutinizer ignore-type */ print_r($intermediateCa, TRUE));
         if ($intermediateCa['basicconstraints_set'] == 0) {
             $returnarray[] = RADIUSTests::CERTPROB_NO_BASICCONSTRAINTS;
         }
@@ -326,7 +326,7 @@ 
     public function udpReachability($probeindex, $opnameCheck = TRUE, $frag = TRUE) {
         // for EAP-TLS to be a viable option, we need to pass a random client cert to make eapol_test happy
         // the following PEM data is one of the SENSE EAPLab client certs (not secret at all)
-        $clientcert = file_get_contents(dirname(__FILE__) . "/clientcert.p12");
+        $clientcert = file_get_contents(dirname(__FILE__)."/clientcert.p12");
         if ($clientcert === FALSE) {
             throw new Exception("A dummy client cert is part of the source distribution, but could not be loaded!");
         }
@@ -335,7 +335,7 @@ 
         if ($this->opMode == self::RADIUS_TEST_OPERATION_MODE_THOROUGH) {
             return $this->udpLogin($probeindex, $this->supportedEapTypes[0]->getArrayRep(), $this->outerUsernameForChecks, 'eaplab', $opnameCheck, $frag, $clientcert);
         }
-        return $this->udpLogin($probeindex, \core\common\EAP::EAPTYPE_ANY, "cat-connectivity-test@" . $this->realm, 'eaplab', $opnameCheck, $frag, $clientcert);
+        return $this->udpLogin($probeindex, \core\common\EAP::EAPTYPE_ANY, "cat-connectivity-test@".$this->realm, 'eaplab', $opnameCheck, $frag, $clientcert);
     }
 
     /**
@@ -356,7 +356,7 @@ 
             return RADIUSTests::CERTPROB_NO_CDP_HTTP;
         }
         // first and second sub-match is the full URL... check it
-        $crlcontent = \core\common\OutsideComm::downloadFile(trim($crlUrl[1] . $crlUrl[2]));
+        $crlcontent = \core\common\OutsideComm::downloadFile(trim($crlUrl[1].$crlUrl[2]));
         if ($crlcontent === FALSE) {
             return RADIUSTests::CERTPROB_NO_CRL_AT_CDP_URL;
         }
@@ -371,7 +371,7 @@ 
         // $pem = chunk_split(base64_encode($crlcontent), 64, "\n");
         // inspired by https://stackoverflow.com/questions/2390604/how-to-pass-variables-as-stdin-into-command-line-from-php
 
-        $proc = \config\Master::PATHS['openssl'] . " crl -inform der";
+        $proc = \config\Master::PATHS['openssl']." crl -inform der";
         $descriptorspec = [
             0 => ["pipe", "r"],
             1 => ["pipe", "w"],
@@ -409,7 +409,7 @@ 
         $origLength = strlen($hex);
         for ($i = 1; $i < $origLength; $i++) {
             if ($i % 2 == 1 && $i != strlen($hex)) {
-                $spaced .= $hex[$i] . " ";
+                $spaced .= $hex[$i]." ";
             } else {
                 $spaced .= $hex[$i];
             }
@@ -534,19 +534,19 @@ 
         $eapText = \core\common\EAP::eapDisplayName($eaptype);
         $config = '
 network={
-  ssid="' . \config\Master::APPEARANCE['productname'] . ' testing"
+  ssid="' . \config\Master::APPEARANCE['productname'].' testing"
   key_mgmt=WPA-EAP
   proto=WPA2
   pairwise=CCMP
   group=CCMP
   ';
 // phase 1
-        $config .= 'eap=' . $eapText['OUTER'] . "\n";
+        $config .= 'eap='.$eapText['OUTER']."\n";
         $logConfig = $config;
 // phase 2 if applicable; all inner methods have passwords
         if (isset($eapText['INNER']) && $eapText['INNER'] != "") {
-            $config .= '  phase2="auth=' . $eapText['INNER'] . "\"\n";
-            $logConfig .= '  phase2="auth=' . $eapText['INNER'] . "\"\n";
+            $config .= '  phase2="auth='.$eapText['INNER']."\"\n";
+            $logConfig .= '  phase2="auth='.$eapText['INNER']."\"\n";
         }
 // all methods set a password, except EAP-TLS
         if ($eaptype != \core\common\EAP::EAPTYPE_TLS) {
@@ -562,11 +562,11 @@ 
         }
 
 // inner identity
-        $config .= '  identity="' . $inner . "\"\n";
-        $logConfig .= '  identity="' . $inner . "\"\n";
+        $config .= '  identity="'.$inner."\"\n";
+        $logConfig .= '  identity="'.$inner."\"\n";
 // outer identity, may be equal
-        $config .= '  anonymous_identity="' . $outer . "\"\n";
-        $logConfig .= '  anonymous_identity="' . $outer . "\"\n";
+        $config .= '  anonymous_identity="'.$outer."\"\n";
+        $logConfig .= '  anonymous_identity="'.$outer."\"\n";
 // done
         $config .= "}";
         $logConfig .= "}";
@@ -627,13 +627,13 @@ 
      * @return string the command-line for eapol_test
      */
     private function eapolTestConfig($probeindex, $opName, $frag) {
-        $cmdline = \config\Diagnostics::PATHS['eapol_test'] .
-                " -a " . \config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['ip'] .
-                " -s " . \config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['secret'] .
-                " -o serverchain.pem" .
-                " -c ./udp_login_test.conf" .
-                " -M 22:44:66:CA:20:" . sprintf("%02d", $probeindex) . " " .
-                " -t " . \config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['timeout'] . " ";
+        $cmdline = \config\Diagnostics::PATHS['eapol_test'].
+                " -a ".\config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['ip'].
+                " -s ".\config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['secret'].
+                " -o serverchain.pem".
+                " -c ./udp_login_test.conf".
+                " -M 22:44:66:CA:20:".sprintf("%02d", $probeindex)." ".
+                " -t ".\config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['timeout']." ";
         if ($opName) {
             $cmdline .= '-N126:s:"1cat.eduroam.org" ';
         }
@@ -662,10 +662,10 @@ 
      * @throws Exception
      */
     private function createCArepository($tmpDir, &$intermOdditiesCAT, $servercert, $eapIntermediates, $eapIntermediateCRLs) {
-        if (!mkdir($tmpDir . "/root-ca-allcerts/", 0700, true)) {
+        if (!mkdir($tmpDir."/root-ca-allcerts/", 0700, true)) {
             throw new Exception("unable to create root CA directory (RADIUS Tests): $tmpDir/root-ca-allcerts/\n");
         }
-        if (!mkdir($tmpDir . "/root-ca-eaponly/", 0700, true)) {
+        if (!mkdir($tmpDir."/root-ca-eaponly/", 0700, true)) {
             throw new Exception("unable to create root CA directory (RADIUS Tests): $tmpDir/root-ca-eaponly/\n");
         }
 // make a copy of the EAP-received chain and add the configured intermediates, if any
@@ -679,15 +679,15 @@ 
             }
             if ($decoded['ca'] == 1) {
                 if ($decoded['root'] == 1) { // save CAT roots to the root directory
-                    file_put_contents($tmpDir . "/root-ca-eaponly/configuredroot" . count($catRoots) . ".pem", $decoded['pem']);
-                    file_put_contents($tmpDir . "/root-ca-allcerts/configuredroot" . count($catRoots) . ".pem", $decoded['pem']);
+                    file_put_contents($tmpDir."/root-ca-eaponly/configuredroot".count($catRoots).".pem", $decoded['pem']);
+                    file_put_contents($tmpDir."/root-ca-allcerts/configuredroot".count($catRoots).".pem", $decoded['pem']);
                     $catRoots[] = $decoded['pem'];
                 } else { // save the intermediates to allcerts directory
-                    file_put_contents($tmpDir . "/root-ca-allcerts/cat-intermediate" . count($catIntermediates) . ".pem", $decoded['pem']);
+                    file_put_contents($tmpDir."/root-ca-allcerts/cat-intermediate".count($catIntermediates).".pem", $decoded['pem']);
                     $intermOdditiesCAT = array_merge($intermOdditiesCAT, $this->propertyCheckIntermediate($decoded));
                     if (isset($decoded['CRL']) && isset($decoded['CRL'][0])) {
                         $this->loggerInstance->debug(4, "got an intermediate CRL; adding them to the chain checks. (Remember: checking end-entity cert only, not the whole chain");
-                        file_put_contents($tmpDir . "/root-ca-allcerts/crl_cat" . count($catIntermediates) . ".pem", $decoded['CRL'][0]);
+                        file_put_contents($tmpDir."/root-ca-allcerts/crl_cat".count($catIntermediates).".pem", $decoded['CRL'][0]);
                     }
                     $catIntermediates[] = $decoded['pem'];
                 }
@@ -696,26 +696,26 @@ 
         // save all intermediate certificates and CRLs to separate files in 
         // both root-ca directories
         foreach ($eapIntermediates as $index => $onePem) {
-            file_put_contents($tmpDir . "/root-ca-eaponly/intermediate$index.pem", $onePem);
-            file_put_contents($tmpDir . "/root-ca-allcerts/intermediate$index.pem", $onePem);
+            file_put_contents($tmpDir."/root-ca-eaponly/intermediate$index.pem", $onePem);
+            file_put_contents($tmpDir."/root-ca-allcerts/intermediate$index.pem", $onePem);
         }
         foreach ($eapIntermediateCRLs as $index => $onePem) {
-            file_put_contents($tmpDir . "/root-ca-eaponly/intermediateCRL$index.pem", $onePem);
-            file_put_contents($tmpDir . "/root-ca-allcerts/intermediateCRL$index.pem", $onePem);
+            file_put_contents($tmpDir."/root-ca-eaponly/intermediateCRL$index.pem", $onePem);
+            file_put_contents($tmpDir."/root-ca-allcerts/intermediateCRL$index.pem", $onePem);
         }
 
         $checkstring = "";
         if (isset($servercert['CRL']) && isset($servercert['CRL'][0])) {
             $this->loggerInstance->debug(4, "got a server CRL; adding them to the chain checks. (Remember: checking end-entity cert only, not the whole chain");
             $checkstring = "-crl_check_all";
-            file_put_contents($tmpDir . "/root-ca-eaponly/crl-server.pem", $servercert['CRL'][0]);
-            file_put_contents($tmpDir . "/root-ca-allcerts/crl-server.pem", $servercert['CRL'][0]);
+            file_put_contents($tmpDir."/root-ca-eaponly/crl-server.pem", $servercert['CRL'][0]);
+            file_put_contents($tmpDir."/root-ca-allcerts/crl-server.pem", $servercert['CRL'][0]);
         }
 
 
 // now c_rehash the root CA directory ...
-        system(\config\Diagnostics::PATHS['c_rehash'] . " $tmpDir/root-ca-eaponly/ > /dev/null");
-        system(\config\Diagnostics::PATHS['c_rehash'] . " $tmpDir/root-ca-allcerts/ > /dev/null");
+        system(\config\Diagnostics::PATHS['c_rehash']." $tmpDir/root-ca-eaponly/ > /dev/null");
+        system(\config\Diagnostics::PATHS['c_rehash']." $tmpDir/root-ca-allcerts/ > /dev/null");
         return $checkstring;
     }
 
@@ -747,12 +747,12 @@ 
 // so test if there's something PEMy in the file at all
 // serverchain.pem is the output from eapol_test; incomingserver.pem is written by extractIncomingCertsfromEAP() if there was at least one server cert.
         if (filesize("$tmpDir/serverchain.pem") > 10 && filesize("$tmpDir/incomingserver.pem") > 10) {
-            exec(\config\Master::PATHS['openssl'] . " verify $crlCheckString -CApath $tmpDir/root-ca-eaponly/ -purpose any $tmpDir/incomingserver.pem", $verifyResultEaponly);
-            $this->loggerInstance->debug(4, \config\Master::PATHS['openssl'] . " verify $crlCheckString -CApath $tmpDir/root-ca-eaponly/ -purpose any $tmpDir/serverchain.pem\n");
-            $this->loggerInstance->debug(4, "Chain verify pass 1: " . /** @scrutinizer ignore-type */ print_r($verifyResultEaponly, TRUE) . "\n");
-            exec(\config\Master::PATHS['openssl'] . " verify $crlCheckString -CApath $tmpDir/root-ca-allcerts/ -purpose any $tmpDir/incomingserver.pem", $verifyResultAllcerts);
-            $this->loggerInstance->debug(4, \config\Master::PATHS['openssl'] . " verify $crlCheckString -CApath $tmpDir/root-ca-allcerts/ -purpose any $tmpDir/serverchain.pem\n");
-            $this->loggerInstance->debug(4, "Chain verify pass 2: " . /** @scrutinizer ignore-type */ print_r($verifyResultAllcerts, TRUE) . "\n");
+            exec(\config\Master::PATHS['openssl']." verify $crlCheckString -CApath $tmpDir/root-ca-eaponly/ -purpose any $tmpDir/incomingserver.pem", $verifyResultEaponly);
+            $this->loggerInstance->debug(4, \config\Master::PATHS['openssl']." verify $crlCheckString -CApath $tmpDir/root-ca-eaponly/ -purpose any $tmpDir/serverchain.pem\n");
+            $this->loggerInstance->debug(4, "Chain verify pass 1: "./** @scrutinizer ignore-type */ print_r($verifyResultEaponly, TRUE)."\n");
+            exec(\config\Master::PATHS['openssl']." verify $crlCheckString -CApath $tmpDir/root-ca-allcerts/ -purpose any $tmpDir/incomingserver.pem", $verifyResultAllcerts);
+            $this->loggerInstance->debug(4, \config\Master::PATHS['openssl']." verify $crlCheckString -CApath $tmpDir/root-ca-allcerts/ -purpose any $tmpDir/serverchain.pem\n");
+            $this->loggerInstance->debug(4, "Chain verify pass 2: "./** @scrutinizer ignore-type */ print_r($verifyResultAllcerts, TRUE)."\n");
         }
 
 // now we do certificate verification against the collected parents
@@ -817,7 +817,7 @@ 
         // we are UNHAPPY if no names match!
         $happiness = "UNHAPPY";
         foreach ($this->expectedServerNames as $expectedName) {
-            $this->loggerInstance->debug(4, "Managing expectations for $expectedName: " . /** @scrutinizer ignore-type */ print_r($servercert['CN'], TRUE) . /** @scrutinizer ignore-type */ print_r($servercert['sAN_DNS'], TRUE));
+            $this->loggerInstance->debug(4, "Managing expectations for $expectedName: "./** @scrutinizer ignore-type */ print_r($servercert['CN'], TRUE)./** @scrutinizer ignore-type */ print_r($servercert['sAN_DNS'], TRUE));
             if (array_search($expectedName, $servercert['CN']) !== FALSE && array_search($expectedName, $servercert['sAN_DNS']) !== FALSE) {
                 $this->loggerInstance->debug(4, "Totally happy!");
                 $happiness = "TOTALLY";
@@ -861,11 +861,11 @@ 
         $theconfigs = $this->wpaSupplicantConfig($eaptype, $finalInner, $finalOuter, $password);
         // the config intentionally does not include CA checking. We do this
         // ourselves after getting the chain with -o.
-        file_put_contents($tmpDir . "/udp_login_test.conf", $theconfigs[0]);
+        file_put_contents($tmpDir."/udp_login_test.conf", $theconfigs[0]);
 
         $cmdline = $this->eapolTestConfig($probeindex, $opnameCheck, $frag);
         $this->loggerInstance->debug(4, "Shallow reachability check cmdline: $cmdline\n");
-        $this->loggerInstance->debug(4, "Shallow reachability check config: $tmpDir\n" . $theconfigs[1] . "\n");
+        $this->loggerInstance->debug(4, "Shallow reachability check config: $tmpDir\n".$theconfigs[1]."\n");
         $time_start = microtime(true);
         $pflow = [];
         exec($cmdline, $pflow);
@@ -874,7 +874,7 @@ 
         }
         $time_stop = microtime(true);
         $output = print_r($this->redact($password, $pflow), TRUE);
-        file_put_contents($tmpDir . "/eapol_test_output_redacted_$probeindex.txt", $output);
+        file_put_contents($tmpDir."/eapol_test_output_redacted_$probeindex.txt", $output);
         $this->loggerInstance->debug(5, "eapol_test output saved to eapol_test_output_redacted_$probeindex.txt\n");
         return [
             "time" => ($time_stop - $time_start) * 1000,
@@ -910,7 +910,7 @@ 
         if ($packetflow[count($packetflow) - 1] == 3 && $this->checkLineparse($packetflow_orig, self::LINEPARSE_CHECK_REJECTIGNORE)) {
             array_pop($packetflow);
         }
-        $this->loggerInstance->debug(5, "Packetflow: " . /** @scrutinizer ignore-type */ print_r($packetflow, TRUE));
+        $this->loggerInstance->debug(5, "Packetflow: "./** @scrutinizer ignore-type */ print_r($packetflow, TRUE));
         $packetcount = array_count_values($packetflow);
         $testresults['packetcount'] = $packetcount;
         $testresults['packetflow'] = $packetflow;
@@ -950,7 +950,7 @@ 
      */
     private function wasModernTlsNegotiated(&$testresults, $packetflow_orig) {
         $negotiatedTlsVersion = $this->checkLineparse($packetflow_orig, self::LINEPARSE_TLSVERSION);
-        $this->loggerInstance->debug(4, "TLS version found is: $negotiatedTlsVersion" . "\n");
+        $this->loggerInstance->debug(4, "TLS version found is: $negotiatedTlsVersion"."\n");
         if ($negotiatedTlsVersion === FALSE) {
             $testresults['cert_oddities'][] = RADIUSTests::TLSPROB_UNKNOWN_TLS_VERSION;
         } elseif ($negotiatedTlsVersion != self::TLS_VERSION_1_2 && $negotiatedTlsVersion != self::TLS_VERSION_1_3) {
@@ -1008,7 +1008,7 @@ 
 
         $x509 = new \core\common\X509();
 // $eap_certarray holds all certs received in EAP conversation
-        $incomingData = file_get_contents($tmpDir . "/serverchain.pem");
+        $incomingData = file_get_contents($tmpDir."/serverchain.pem");
         if ($incomingData !== FALSE && strlen($incomingData) > 0) {
             $eapCertArray = $x509->splitCertificate($incomingData);
         } else {
@@ -1039,10 +1039,10 @@ 
                 case RADIUSTests::SERVER_CA_SELFSIGNED:
                     $servercert[] = $cert;
                     if (count($servercert) == 1) {
-                        if (file_put_contents($tmpDir . "/incomingserver.pem", $cert['pem'] . "\n") === FALSE) {
+                        if (file_put_contents($tmpDir."/incomingserver.pem", $cert['pem']."\n") === FALSE) {
                             $this->loggerInstance->debug(4, "The (first) server certificate could not be written to $tmpDir/incomingserver.pem!\n");
                         }
-                        $this->loggerInstance->debug(4, "This is the (first) server certificate, with CRL content if applicable: " . /** @scrutinizer ignore-type */ print_r($servercert[0], true));
+                        $this->loggerInstance->debug(4, "This is the (first) server certificate, with CRL content if applicable: "./** @scrutinizer ignore-type */ print_r($servercert[0], true));
                     } elseif (!in_array(RADIUSTests::CERTPROB_TOO_MANY_SERVER_CERTS, $testresults['cert_oddities'])) {
                         $testresults['cert_oddities'][] = RADIUSTests::CERTPROB_TOO_MANY_SERVER_CERTS;
                     }
@@ -1112,7 +1112,7 @@ 
     public function autodetectCAWithProbe($outerId) {
         // for EAP-TLS to be a viable option, we need to pass a random client cert to make eapol_test happy
         // the following PEM data is one of the SENSE EAPLab client certs (not secret at all)
-        $clientcert = file_get_contents(dirname(__FILE__) . "/clientcert.p12");
+        $clientcert = file_get_contents(dirname(__FILE__)."/clientcert.p12");
         if ($clientcert === FALSE) {
             throw new Exception("A dummy client cert is part of the source distribution, but could not be loaded!");
         }
@@ -1127,7 +1127,7 @@ 
         $tmpDir = $temporary['dir'];
         chdir($tmpDir);
         $this->loggerInstance->debug(4, "temp dir: $tmpDir\n");
-        file_put_contents($tmpDir . "/client.p12", $clientcert);
+        file_put_contents($tmpDir."/client.p12", $clientcert);
         $testresults = ['cert_oddities' => []];
         $runtime_results = $this->executeEapolTest($tmpDir, $probeindex, \core\common\EAP::EAPTYPE_ANY, $outerId, $outerId, "eaplab", FALSE, FALSE);
         $packetflow_orig = $runtime_results['output'];
@@ -1143,8 +1143,7 @@ 
         // that's not the case if we do EAP-pwd or could not negotiate an EAP method at
         // all
         // in that case: no server CA guess possible
-        if (!
-                ($radiusResult == RADIUSTests::RETVAL_CONVERSATION_REJECT && $negotiatedEapType) || $radiusResult == RADIUSTests::RETVAL_OK
+        if (!($radiusResult == RADIUSTests::RETVAL_CONVERSATION_REJECT && $negotiatedEapType) || $radiusResult == RADIUSTests::RETVAL_OK
         ) {
             return RADIUSTests::RETVAL_INVALID;
         }
@@ -1183,7 +1182,7 @@ 
         // trust, and custom ones we may have configured
         $ourRoots = file_get_contents(\config\ConfAssistant::PATHS['trust-store-custom']);
         $mozillaRoots = file_get_contents(\config\ConfAssistant::PATHS['trust-store-mozilla']);
-        $allRoots = $x509->splitCertificate($ourRoots . "\n" . $mozillaRoots);
+        $allRoots = $x509->splitCertificate($ourRoots."\n".$mozillaRoots);
         foreach ($allRoots as $oneRoot) {
             $processedRoot = $x509->processCertificate($oneRoot);
             if ($processedRoot['full_details']['subject'] == $currentHighestKnownIssuer) {
@@ -1225,7 +1224,7 @@ 
         chdir($tmpDir);
         $this->loggerInstance->debug(4, "temp dir: $tmpDir\n");
         if ($clientcertdata !== NULL) {
-            file_put_contents($tmpDir . "/client.p12", $clientcertdata);
+            file_put_contents($tmpDir."/client.p12", $clientcertdata);
         }
         $testresults = [];
         // initialise the sub-array for cleaner parsing
@@ -1330,7 +1329,7 @@ 
                     'issuer' => $this->printDN($certdata['issuer']),
                     'validFrom' => $this->printTm($certdata['validFrom_time_t']),
                     'validTo' => $this->printTm($certdata['validTo_time_t']),
-                    'serialNumber' => $certdata['serialNumber'] . sprintf(" (0x%X)", $certdata['serialNumber']),
+                    'serialNumber' => $certdata['serialNumber'].sprintf(" (0x%X)", $certdata['serialNumber']),
                     'sha1' => $certdata['sha1'],
                     'extensions' => $certdata['extensions']
                 ];

web/skins/modern/Divs.php

Spacing +3 added lines, -3 removed lines

@@ -124,7 +124,7 @@ 
     public function divSilverbullet() {
         $retval = "
 <div id='silverbullet'>"
-               .$this->Gui->textTemplates->templates[user\SB_GO_AWAY] .
+               .$this->Gui->textTemplates->templates[user\SB_GO_AWAY].
                 "</div>
     ";
         return $retval;
@@ -222,7 +222,7 @@ 
 <div id='profiles'> <!-- this is the profile selection filled during run time -->
     <div id='profiles_h' class='sub_h'>".$this->Gui->textTemplates->templates[user\PROFILE_SELECTION]."
     </div>" .
-                "<select id='profile_list'></select><div id='profile_desc' class='profile_desc'></div>" .
+                "<select id='profile_list'></select><div id='profile_desc' class='profile_desc'></div>".
                 "</div>";
     }
 
@@ -250,7 +250,7 @@ 
     public function divInstitution($selectButton = TRUE) {
         $retval = "<div id='institution_name'>
     <span id='inst_name_span'></span> <div id='inst_extra_text'></div><!-- this will be filled with the IdP name -->" .
-                ($selectButton ? "<a  id='select_another' class='signin' href=\"\">".$this->Gui->textTemplates->templates[user\INSTITUTION_SELECTION]."</a>" : "") .
+                ($selectButton ? "<a  id='select_another' class='signin' href=\"\">".$this->Gui->textTemplates->templates[user\INSTITUTION_SELECTION]."</a>" : "").
                 "</div>";
         $retval .= $this->emptyImage('idp_logo', 'IdP Logo');
         return $retval;

devices/chromebook/DeviceChromebook.php

Spacing +10 added lines, -10 removed lines

@@ -121,7 +121,7 @@ 
         $cryptoJson = openssl_encrypt($clearJson, 'AES-256-CBC', $encryptionKey, OPENSSL_RAW_DATA, $initVector);
         $hmac = hash_hmac("sha1", $cryptoJson, $encryptionKey, TRUE);
 
-        $this->loggerInstance->debug(4, "Clear = $clearJson\nSalt = $salt\nPW = " . $password . "\nb(IV) = " . base64_encode($initVector) . "\nb(Cipher) = " . base64_encode($cryptoJson) . "\nb(HMAC) = " . base64_encode($hmac));
+        $this->loggerInstance->debug(4, "Clear = $clearJson\nSalt = $salt\nPW = ".$password."\nb(IV) = ".base64_encode($initVector)."\nb(Cipher) = ".base64_encode($cryptoJson)."\nb(HMAC) = ".base64_encode($hmac));
 
         // now, generate the container that holds all the crypto data
         $finalArray = [
@@ -195,7 +195,7 @@ 
     private function wiredBlock($eapdetails)
     {
         return [
-            "GUID" => \core\common\Entity::uuid('', "wired-dot1x-ethernet") . "}",
+            "GUID" => \core\common\Entity::uuid('', "wired-dot1x-ethernet")."}",
             "Name" => "eduroam configuration (wired network)",
             "Remove" => false,
             "Type" => "Ethernet",
@@ -236,7 +236,7 @@ 
         // if silverbullet, we deliver the client cert inline
 
         if ($selectedEap == \core\common\EAP::EAPTYPE_SILVERBULLET) {
-            $eaparray['ClientCertRef'] = "[" . $this->clientCert['GUID'] . "]";
+            $eaparray['ClientCertRef'] = "[".$this->clientCert['GUID']."]";
             $eaparray['ClientCertType'] = "Ref";
         }
 
@@ -271,7 +271,7 @@ 
         $jsonArray = ["Type" => "UnencryptedConfiguration"];
 
         foreach ($this->attributes['internal:CAs'][0] as $ca) {
-            $caRefs[] = "{" . $ca['uuid'] . "}";
+            $caRefs[] = "{".$ca['uuid']."}";
         }
         // define CA certificates
         foreach ($this->attributes['internal:CAs'][0] as $ca) {
@@ -281,15 +281,15 @@ 
             if ($caSanitized1 === FALSE) {
                 throw new Exception("Error cropping PEM data at its BEGIN marker.");
             }
-            $this->loggerInstance->debug(4, $caSanitized1 . "\n");
+            $this->loggerInstance->debug(4, $caSanitized1."\n");
             // remove \n
             $caSanitized = str_replace("\n", "", $caSanitized1);
-            $jsonArray["Certificates"][] = ["GUID" => "{" . $ca['uuid'] . "}", "Remove" => false, "Type" => "Authority", "X509" => $caSanitized];
-            $this->loggerInstance->debug(3, $caSanitized . "\n");
+            $jsonArray["Certificates"][] = ["GUID" => "{".$ca['uuid']."}", "Remove" => false, "Type" => "Authority", "X509" => $caSanitized];
+            $this->loggerInstance->debug(3, $caSanitized."\n");
         }
         // if we are doing silverbullet, include the unencrypted(!) P12 as a client certificate
         if ($this->selectedEap == \core\common\EAP::EAPTYPE_SILVERBULLET) {
-            $jsonArray["Certificates"][] = ["GUID" => "[" . $this->clientCert['GUID'] . "]", "PKCS12" => base64_encode($this->clientCert['certdataclear']), "Remove" => false, "Type" => "Client"];
+            $jsonArray["Certificates"][] = ["GUID" => "[".$this->clientCert['GUID']."]", "PKCS12" => base64_encode($this->clientCert['certdataclear']), "Remove" => false, "Type" => "Client"];
         }
         $eaparray = $this->eapBlock($caRefs);
         // define Wi-Fi networks
@@ -312,7 +312,7 @@ 
 
         file_put_contents('installer_profile', $finalJson);
 
-        $fileName = $this->installerBasename . '.onc';
+        $fileName = $this->installerBasename.'.onc';
 
         if (!$this->sign) {
             rename("installer_profile", $fileName);
@@ -323,7 +323,7 @@ 
         // have the notion of signing
         // but if they ever change their mind, we are prepared
 
-        $outputFromSigning = system($this->sign . " installer_profile '$fileName' > /dev/null");
+        $outputFromSigning = system($this->sign." installer_profile '$fileName' > /dev/null");
         if ($outputFromSigning === FALSE) {
             $this->loggerInstance->debug(2, "Signing the ONC installer $fileName FAILED!\n");
         }

core/DeviceConfig.php

Spacing +3 added lines, -3 removed lines

@@ -86,7 +86,7 @@ 
     protected function setSupportedEapMethods($eapArray)
     {
         $this->supportedEapMethods = $eapArray;
-        $this->loggerInstance->debug(4, "This device (" . __CLASS__ . ") supports the following EAP methods: ");
+        $this->loggerInstance->debug(4, "This device (".__CLASS__.") supports the following EAP methods: ");
         $this->loggerInstance->debug(4, $this->supportedEapMethods);
     }
 
@@ -460,7 +460,7 @@ 
                 return $baseName.$inst.'-'.$prof;
             }
         }
-        return $baseName . $inst;
+        return $baseName.$inst;
     }
 
     /**
@@ -590,7 +590,7 @@ 
             // only add network blocks if their respective condition is met in this profile
             if ($netDetails['condition'] === TRUE || (isset($this->attributes[$netDetails['condition']]) && $this->attributes[$netDetails['condition']] === TRUE)) { 
                 $networks[$netName] = $netDetails;
-                $this->loggerInstance->debug(5,$netName, "\nAdding network: ");
+                $this->loggerInstance->debug(5, $netName, "\nAdding network: ");
             }
         }
         // add locally defined SSIDs

core/CertificationAuthorityEduPki.php

Spacing +37 added lines, -37 removed lines

@@ -17,9 +17,9 @@ 
 class CertificationAuthorityEduPki extends EntityWithDBProperties implements CertificationAuthorityInterface
 {
 
-    private const LOCATION_RA_CERT = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem";
-    private const LOCATION_RA_KEY = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey";
-    private const LOCATION_WEBROOT = ROOT . "/config/SilverbulletClientCerts/eduPKI-webserver-root.pem";
+    private const LOCATION_RA_CERT = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem";
+    private const LOCATION_RA_KEY = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey";
+    private const LOCATION_WEBROOT = ROOT."/config/SilverbulletClientCerts/eduPKI-webserver-root.pem";
     private const EDUPKI_RA_ID = 700;
     private const EDUPKI_CERT_PROFILE = "User SOAP";
     private const EDUPKI_RA_PKEY_PASSPHRASE = "...";
@@ -35,13 +35,13 @@ 
         parent::__construct();
 
         if (stat(CertificationAuthorityEduPki::LOCATION_RA_CERT) === FALSE) {
-            throw new Exception("RA operator PEM file not found: " . CertificationAuthorityEduPki::LOCATION_RA_CERT);
+            throw new Exception("RA operator PEM file not found: ".CertificationAuthorityEduPki::LOCATION_RA_CERT);
         }
         if (stat(CertificationAuthorityEduPki::LOCATION_RA_KEY) === FALSE) {
-            throw new Exception("RA operator private key file not found: " . CertificationAuthorityEduPki::LOCATION_RA_KEY);
+            throw new Exception("RA operator private key file not found: ".CertificationAuthorityEduPki::LOCATION_RA_KEY);
         }
         if (stat(CertificationAuthorityEduPki::LOCATION_WEBROOT) === FALSE) {
-            throw new Exception("CA website root CA file not found: " . CertificationAuthorityEduPki::LOCATION_WEBROOT);
+            throw new Exception("CA website root CA file not found: ".CertificationAuthorityEduPki::LOCATION_WEBROOT);
         }
     }
 
@@ -75,19 +75,19 @@ 
         // initialise connection to eduPKI CA / eduroam RA and send the request to them
         try {
             $altArray = [# Array mit den Subject Alternative Names
-                "email:" . $csr["USERNAME"]
+                "email:".$csr["USERNAME"]
             ];
             $soapPub = $this->initEduPKISoapSession("PUBLIC");
             $this->loggerInstance->debug(5, "FIRST ACTUAL SOAP REQUEST (Public, newRequest)!\n");
-            $this->loggerInstance->debug(5, "PARAM_1: " . CertificationAuthorityEduPki::EDUPKI_RA_ID . "\n");
-            $this->loggerInstance->debug(5, "PARAM_2: " . $csr["CSR_STRING"] . "\n");
+            $this->loggerInstance->debug(5, "PARAM_1: ".CertificationAuthorityEduPki::EDUPKI_RA_ID."\n");
+            $this->loggerInstance->debug(5, "PARAM_2: ".$csr["CSR_STRING"]."\n");
             $this->loggerInstance->debug(5, "PARAM_3: ");
             $this->loggerInstance->debug(5, $altArray);
-            $this->loggerInstance->debug(5, "PARAM_4: " . CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE . "\n");
-            $this->loggerInstance->debug(5, "PARAM_5: " . sha1("notused") . "\n");
-            $this->loggerInstance->debug(5, "PARAM_6: " . $csr["USERNAME"] . "\n");
-            $this->loggerInstance->debug(5, "PARAM_7: " . $csr["USERNAME"] . "\n");
-            $this->loggerInstance->debug(5, "PARAM_8: " . \config\ConfAssistant::SILVERBULLET['product_name'] . "\n");
+            $this->loggerInstance->debug(5, "PARAM_4: ".CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE."\n");
+            $this->loggerInstance->debug(5, "PARAM_5: ".sha1("notused")."\n");
+            $this->loggerInstance->debug(5, "PARAM_6: ".$csr["USERNAME"]."\n");
+            $this->loggerInstance->debug(5, "PARAM_7: ".$csr["USERNAME"]."\n");
+            $this->loggerInstance->debug(5, "PARAM_8: ".\config\ConfAssistant::SILVERBULLET['product_name']."\n");
             $this->loggerInstance->debug(5, "PARAM_9: false\n");
             $soapNewRequest = $soapPub->newRequest(
                     CertificationAuthorityEduPki::EDUPKI_RA_ID, # RA-ID
@@ -109,11 +109,11 @@ 
         } catch (Exception $e) {
             // PHP 7.1 can do this much better
             if (is_soap_fault($e)) {
-                throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}:  {
+                throw new Exception("Error when sending SOAP request: "."{$e->faultcode}:  {
                     $e->faultstring
                 }\n");
             }
-            throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage());
+            throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage());
         }
         try {
             $soap = $this->initEduPKISoapSession("RA");
@@ -125,8 +125,8 @@ 
                     $soapReqnum, [
                 "RaID" => CertificationAuthorityEduPki::EDUPKI_RA_ID,
                 "Role" => CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE,
-                "Subject" => "DC=eduroam,DC=test,DC=test,C=" . $csr["FED"] . ",O=" . \config\ConfAssistant::CONSORTIUM['name'] . ",OU=" . $csr["FED"] . ",CN=" . $csr['USERNAME'] . ",emailAddress=" . $csr['USERNAME'],
-                "SubjectAltNames" => ["email:" . $csr["USERNAME"]],
+                "Subject" => "DC=eduroam,DC=test,DC=test,C=".$csr["FED"].",O=".\config\ConfAssistant::CONSORTIUM['name'].",OU=".$csr["FED"].",CN=".$csr['USERNAME'].",emailAddress=".$csr['USERNAME'],
+                "SubjectAltNames" => ["email:".$csr["USERNAME"]],
                 "NotBefore" => (new \DateTime())->format('c'),
                 "NotAfter" => $expiry->format('c'),
                     ]
@@ -145,7 +145,7 @@ 
             // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file
             // rather than just using the string. Grr.
             $tempdir = \core\common\Entity::createTemporaryDirectory("test");
-            file_put_contents($tempdir['dir'] . "/content.txt", $soapCleartext);
+            file_put_contents($tempdir['dir']."/content.txt", $soapCleartext);
             // retrieve our RA cert from filesystem                    
             // the RA certificates are not needed right now because we
             // have resorted to S/MIME signatures with openssl command-line
@@ -157,7 +157,7 @@ 
             // sign the data, using cmdline because openssl_pkcs7_sign produces strange results
             // -binary didn't help, nor switch -md to sha1 sha256 or sha512
             $this->loggerInstance->debug(5, "Actual content to be signed is this:\n  $soapCleartext\n");
-            $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem";
+            $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem";
             $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline:   $execCmd\n");
             $output = [];
             $return = 999;
@@ -166,14 +166,14 @@ 
                 throw new Exception("Non-zero return value from openssl smime!");
             }
             // and get the signature blob back from the filesystem
-            $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt"));
+            $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt"));
             $this->loggerInstance->debug(5, "Request for server approveRequest has parameters:\n");
-            $this->loggerInstance->debug(5, $soapReqnum . "\n");
-            $this->loggerInstance->debug(5, $soapCleartext . "\n"); // PHP magically encodes this as base64 while sending!
-            $this->loggerInstance->debug(5, $detachedSig . "\n");
+            $this->loggerInstance->debug(5, $soapReqnum."\n");
+            $this->loggerInstance->debug(5, $soapCleartext."\n"); // PHP magically encodes this as base64 while sending!
+            $this->loggerInstance->debug(5, $detachedSig."\n");
             $soapIssueCert = $soap->approveRequest($soapReqnum, $soapCleartext, $detachedSig);
-            $this->loggerInstance->debug(5, "approveRequest Request was: \n" . $soap->__getLastRequest());
-            $this->loggerInstance->debug(5, "approveRequest Response was: \n" . $soap->__getLastResponse());
+            $this->loggerInstance->debug(5, "approveRequest Request was: \n".$soap->__getLastRequest());
+            $this->loggerInstance->debug(5, "approveRequest Response was: \n".$soap->__getLastResponse());
             if ($soapIssueCert === FALSE) {
                 throw new Exception("The locally approved request was NOT processed by the CA.");
             }
@@ -210,9 +210,9 @@ 
                 throw new Exception("CAInfo has no root certificate for us!");
             }
         } catch (SoapFault $e) {
-            throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n");
+            throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n");
         } catch (Exception $e) {
-            throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage());
+            throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage());
         }
         return [
             "CERT" => openssl_x509_read($parsedCert['pem']),
@@ -245,12 +245,12 @@ 
             // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file
             // rather than just using the string. Grr.
             $tempdir = \core\common\Entity::createTemporaryDirectory("test");
-            file_put_contents($tempdir['dir'] . "/content.txt", $soapRawRevRequest);
+            file_put_contents($tempdir['dir']."/content.txt", $soapRawRevRequest);
             // retrieve our RA cert from filesystem
             // sign the data, using cmdline because openssl_pkcs7_sign produces strange results
             // -binary didn't help, nor switch -md to sha1 sha256 or sha512
             $this->loggerInstance->debug(5, "Actual content to be signed is this:\n$soapRawRevRequest\n");
-            $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . CertificationAuthorityEduPki::LOCATION_RA_KEY . " -signer " . CertificationAuthorityEduPki::LOCATION_RA_CERT;
+            $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".CertificationAuthorityEduPki::LOCATION_RA_KEY." -signer ".CertificationAuthorityEduPki::LOCATION_RA_CERT;
             $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n");
             $output = [];
             $return = 999;
@@ -259,7 +259,7 @@ 
                 throw new Exception("Non-zero return value from openssl smime!");
             }
             // and get the signature blob back from the filesystem
-            $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt"));
+            $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt"));
             $soapIssueRev = $soap->approveRevocationRequest($soapRevocationSerial, $soapRawRevRequest, $detachedSig);
             if ($soapIssueRev === FALSE) {
                 throw new Exception("The locally approved revocation request was NOT processed by the CA.");
@@ -267,9 +267,9 @@ 
         } catch (Exception $e) {
             // PHP 7.1 can do this much better
             if (is_soap_fault($e)) {
-                throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: {$e->faultstring}\n");
+                throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: {$e->faultstring}\n");
             }
-            throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage());
+            throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage());
         }
     }
 
@@ -369,9 +369,9 @@ 
      */
     public function soapToXmlInteger($x)
     {
-        return '<' . $x[0] . '>'
+        return '<'.$x[0].'>'
                 . htmlentities($x[1], ENT_NOQUOTES | ENT_XML1)
-                . '</' . $x[0] . '>';
+                . '</'.$x[0].'>';
     }
 
     /**
@@ -390,9 +390,9 @@ 
         // dump private key into directory
         $outstring = "";
         openssl_pkey_export($privateKey, $outstring);
-        file_put_contents($tempdir . "/pkey.pem", $outstring);
+        file_put_contents($tempdir."/pkey.pem", $outstring);
         // PHP can only do one DC in the Subject. But we need three.
-        $execCmd = \config\Master::PATHS['openssl'] . " req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$fed/CN=$username/emailAddress=$username";
+        $execCmd = \config\Master::PATHS['openssl']." req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$fed/CN=$username/emailAddress=$username";
         $this->loggerInstance->debug(2, "Calling openssl req with following cmdline: $execCmd\n");
         $output = [];
         $return = 999;