GEANT /
CAT
@@ -27,9 +27,9 @@ discard block |
||
| 27 | 27 | #private const EDUPKI_ENDPOINT_PUBLIC = "https://pki.edupki.org/edupki-ca/cgi-bin/pub/soap?wsdl=1"; |
| 28 | 28 | #private const EDUPKI_ENDPOINT_RA = "https://ra.edupki.org/edupki-ca/cgi-bin/ra/soap?wsdl=1"; |
| 29 | 29 | |
| 30 | - private const LOCATION_RA_CERT = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 31 | - private const LOCATION_RA_KEY = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 32 | - private const LOCATION_WEBROOT = ROOT . "/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 30 | + private const LOCATION_RA_CERT = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 31 | + private const LOCATION_RA_KEY = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 32 | + private const LOCATION_WEBROOT = ROOT."/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 33 | 33 | private const EDUPKI_RA_ID = 700; |
| 34 | 34 | private const EDUPKI_CERT_PROFILE_BOTH = "Radius Server SOAP"; |
| 35 | 35 | private const EDUPKI_CERT_PROFILE_IDP = "Radius Server SOAP"; |
@@ -49,13 +49,13 @@ discard block |
||
| 49 | 49 | parent::__construct(); |
| 50 | 50 | |
| 51 | 51 | if (stat(CertificationAuthorityEduPkiServer::LOCATION_RA_CERT) === FALSE) { |
| 52 | - throw new Exception("RA operator PEM file not found: " . CertificationAuthorityEduPkiServer::LOCATION_RA_CERT); |
|
| 52 | + throw new Exception("RA operator PEM file not found: ".CertificationAuthorityEduPkiServer::LOCATION_RA_CERT); |
|
| 53 | 53 | } |
| 54 | 54 | if (stat(CertificationAuthorityEduPkiServer::LOCATION_RA_KEY) === FALSE) { |
| 55 | - throw new Exception("RA operator private key file not found: " . CertificationAuthorityEduPkiServer::LOCATION_RA_KEY); |
|
| 55 | + throw new Exception("RA operator private key file not found: ".CertificationAuthorityEduPkiServer::LOCATION_RA_KEY); |
|
| 56 | 56 | } |
| 57 | 57 | if (stat(CertificationAuthorityEduPkiServer::LOCATION_WEBROOT) === FALSE) { |
| 58 | - throw new Exception("CA website root CA file not found: " . CertificationAuthorityEduPkiServer::LOCATION_WEBROOT); |
|
| 58 | + throw new Exception("CA website root CA file not found: ".CertificationAuthorityEduPkiServer::LOCATION_WEBROOT); |
|
| 59 | 59 | } |
| 60 | 60 | } |
| 61 | 61 | |
@@ -122,22 +122,22 @@ discard block |
||
| 122 | 122 | throw new Exception("Unexpected policies requested."); |
| 123 | 123 | } |
| 124 | 124 | $altArray = [# Array mit den Subject Alternative Names |
| 125 | - "email:" . $csr["USERMAIL"] |
|
| 125 | + "email:".$csr["USERMAIL"] |
|
| 126 | 126 | ]; |
| 127 | 127 | foreach ($csr["ALTNAMES"] as $oneAltName) { |
| 128 | - $altArray[] = "DNS:" . $oneAltName; |
|
| 128 | + $altArray[] = "DNS:".$oneAltName; |
|
| 129 | 129 | } |
| 130 | 130 | $soapPub = $this->initEduPKISoapSession("PUBLIC"); |
| 131 | 131 | $this->loggerInstance->debug(5, "FIRST ACTUAL SOAP REQUEST (Public, newRequest)!\n"); |
| 132 | - $this->loggerInstance->debug(5, "PARAM_1: " . CertificationAuthorityEduPkiServer::EDUPKI_RA_ID . "\n"); |
|
| 133 | - $this->loggerInstance->debug(5, "PARAM_2: " . $csr["CSR_STRING"] . "\n"); |
|
| 132 | + $this->loggerInstance->debug(5, "PARAM_1: ".CertificationAuthorityEduPkiServer::EDUPKI_RA_ID."\n"); |
|
| 133 | + $this->loggerInstance->debug(5, "PARAM_2: ".$csr["CSR_STRING"]."\n"); |
|
| 134 | 134 | $this->loggerInstance->debug(5, "PARAM_3: "); |
| 135 | 135 | $this->loggerInstance->debug(5, $altArray); |
| 136 | - $this->loggerInstance->debug(5, "PARAM_4: " . $profile . "\n"); |
|
| 137 | - $this->loggerInstance->debug(5, "PARAM_5: " . sha1("notused") . "\n"); |
|
| 138 | - $this->loggerInstance->debug(5, "PARAM_6: " . $csr["USERNAME"] . "\n"); |
|
| 139 | - $this->loggerInstance->debug(5, "PARAM_7: " . $csr["USERMAIL"] . "\n"); |
|
| 140 | - $this->loggerInstance->debug(5, "PARAM_8: " . ProfileSilverbullet::PRODUCTNAME . "\n"); |
|
| 136 | + $this->loggerInstance->debug(5, "PARAM_4: ".$profile."\n"); |
|
| 137 | + $this->loggerInstance->debug(5, "PARAM_5: ".sha1("notused")."\n"); |
|
| 138 | + $this->loggerInstance->debug(5, "PARAM_6: ".$csr["USERNAME"]."\n"); |
|
| 139 | + $this->loggerInstance->debug(5, "PARAM_7: ".$csr["USERMAIL"]."\n"); |
|
| 140 | + $this->loggerInstance->debug(5, "PARAM_8: ".ProfileSilverbullet::PRODUCTNAME."\n"); |
|
| 141 | 141 | $this->loggerInstance->debug(5, "PARAM_9: false\n"); |
| 142 | 142 | $soapNewRequest = $soapPub->newRequest( |
| 143 | 143 | CertificationAuthorityEduPkiServer::EDUPKI_RA_ID, # RA-ID |
@@ -159,11 +159,11 @@ discard block |
||
| 159 | 159 | } catch (Exception $e) { |
| 160 | 160 | // PHP 7.1 can do this much better |
| 161 | 161 | if (is_soap_fault($e)) { |
| 162 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: { |
|
| 162 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: { |
|
| 163 | 163 | $e->faultstring |
| 164 | 164 | }\n"); |
| 165 | 165 | } |
| 166 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 166 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 167 | 167 | } |
| 168 | 168 | try { |
| 169 | 169 | $soap = $this->initEduPKISoapSession("RA"); |
@@ -195,7 +195,7 @@ discard block |
||
| 195 | 195 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 196 | 196 | // rather than just using the string. Grr. |
| 197 | 197 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 198 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapCleartext); |
|
| 198 | + file_put_contents($tempdir['dir']."/content.txt", $soapCleartext); |
|
| 199 | 199 | // retrieve our RA cert from filesystem |
| 200 | 200 | // the RA certificates are not needed right now because we |
| 201 | 201 | // have resorted to S/MIME signatures with openssl command-line |
@@ -207,7 +207,7 @@ discard block |
||
| 207 | 207 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 208 | 208 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 209 | 209 | $this->loggerInstance->debug(2, "Actual content to be signed is this:\n $soapCleartext\n"); |
| 210 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . CertificationAuthorityEduPkiServer::LOCATION_RA_KEY . " -signer " . CertificationAuthorityEduPkiServer::LOCATION_RA_CERT; |
|
| 210 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".CertificationAuthorityEduPkiServer::LOCATION_RA_KEY." -signer ".CertificationAuthorityEduPkiServer::LOCATION_RA_CERT; |
|
| 211 | 211 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 212 | 212 | $output = []; |
| 213 | 213 | $return = 999; |
@@ -216,21 +216,21 @@ discard block |
||
| 216 | 216 | throw new Exception("Non-zero return value from openssl smime!"); |
| 217 | 217 | } |
| 218 | 218 | // and get the signature blob back from the filesystem |
| 219 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 219 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 220 | 220 | $this->loggerInstance->debug(5, "Request for server approveRequest has parameters:\n"); |
| 221 | - $this->loggerInstance->debug(5, $soapReqnum . "\n"); |
|
| 222 | - $this->loggerInstance->debug(5, $soapCleartext . "\n"); // PHP magically encodes this as base64 while sending! |
|
| 223 | - $this->loggerInstance->debug(5, $detachedSig . "\n"); |
|
| 221 | + $this->loggerInstance->debug(5, $soapReqnum."\n"); |
|
| 222 | + $this->loggerInstance->debug(5, $soapCleartext."\n"); // PHP magically encodes this as base64 while sending! |
|
| 223 | + $this->loggerInstance->debug(5, $detachedSig."\n"); |
|
| 224 | 224 | $soapIssueCert = $soap->approveRequest($soapReqnum, $soapCleartext, $detachedSig); |
| 225 | - $this->loggerInstance->debug(5, "approveRequest Request was: \n" . $soap->__getLastRequest()); |
|
| 226 | - $this->loggerInstance->debug(5, "approveRequest Response was: \n" . $soap->__getLastResponse()); |
|
| 225 | + $this->loggerInstance->debug(5, "approveRequest Request was: \n".$soap->__getLastRequest()); |
|
| 226 | + $this->loggerInstance->debug(5, "approveRequest Response was: \n".$soap->__getLastResponse()); |
|
| 227 | 227 | if ($soapIssueCert === FALSE) { |
| 228 | 228 | throw new Exception("The locally approved request was NOT processed by the CA."); |
| 229 | 229 | } |
| 230 | 230 | } catch (SoapFault $e) { |
| 231 | - throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 231 | + throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 232 | 232 | } catch (Exception $e) { |
| 233 | - throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage()); |
|
| 233 | + throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage()); |
|
| 234 | 234 | } |
| 235 | 235 | return $soapReqnum; |
| 236 | 236 | } |
@@ -282,9 +282,9 @@ discard block |
||
| 282 | 282 | throw new Exception("CAInfo has no root certificate for us!"); |
| 283 | 283 | } |
| 284 | 284 | } catch (SoapFault $e) { |
| 285 | - throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 285 | + throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 286 | 286 | } catch (Exception $e) { |
| 287 | - throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage()); |
|
| 287 | + throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage()); |
|
| 288 | 288 | } |
| 289 | 289 | return [ |
| 290 | 290 | "CERT" => openssl_x509_read($parsedCert['pem']), |
@@ -317,12 +317,12 @@ discard block |
||
| 317 | 317 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 318 | 318 | // rather than just using the string. Grr. |
| 319 | 319 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 320 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapRawRevRequest); |
|
| 320 | + file_put_contents($tempdir['dir']."/content.txt", $soapRawRevRequest); |
|
| 321 | 321 | // retrieve our RA cert from filesystem |
| 322 | 322 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 323 | 323 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 324 | 324 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n$soapRawRevRequest\n"); |
| 325 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . CertificationAuthorityEduPkiServer::LOCATION_RA_KEY . " -signer " . CertificationAuthorityEduPkiServer::LOCATION_RA_CERT; |
|
| 325 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".CertificationAuthorityEduPkiServer::LOCATION_RA_KEY." -signer ".CertificationAuthorityEduPkiServer::LOCATION_RA_CERT; |
|
| 326 | 326 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 327 | 327 | $output = []; |
| 328 | 328 | $return = 999; |
@@ -331,7 +331,7 @@ discard block |
||
| 331 | 331 | throw new Exception("Non-zero return value from openssl smime!"); |
| 332 | 332 | } |
| 333 | 333 | // and get the signature blob back from the filesystem |
| 334 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 334 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 335 | 335 | $soapIssueRev = $soap->approveRevocationRequest($soapRevocationSerial, $soapRawRevRequest, $detachedSig); |
| 336 | 336 | if ($soapIssueRev === FALSE) { |
| 337 | 337 | throw new Exception("The locally approved revocation request was NOT processed by the CA."); |
@@ -339,9 +339,9 @@ discard block |
||
| 339 | 339 | } catch (Exception $e) { |
| 340 | 340 | // PHP 7.1 can do this much better |
| 341 | 341 | if (is_soap_fault($e)) { |
| 342 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: {$e->faultstring}\n"); |
|
| 342 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: {$e->faultstring}\n"); |
|
| 343 | 343 | } |
| 344 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 344 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 345 | 345 | } |
| 346 | 346 | } |
| 347 | 347 | |
@@ -441,9 +441,9 @@ discard block |
||
| 441 | 441 | */ |
| 442 | 442 | public function soapToXmlInteger($x) |
| 443 | 443 | { |
| 444 | - return '<' . $x[0] . '>' |
|
| 444 | + return '<'.$x[0].'>' |
|
| 445 | 445 | . htmlentities($x[1], ENT_NOQUOTES | ENT_XML1) |
| 446 | - . '</' . $x[0] . '>'; |
|
| 446 | + . '</'.$x[0].'>'; |
|
| 447 | 447 | } |
| 448 | 448 | |
| 449 | 449 | /** |
@@ -462,9 +462,9 @@ discard block |
||
| 462 | 462 | // dump private key into directory |
| 463 | 463 | $outstring = ""; |
| 464 | 464 | openssl_pkey_export($privateKey, $outstring); |
| 465 | - file_put_contents($tempdir . "/pkey.pem", $outstring); |
|
| 465 | + file_put_contents($tempdir."/pkey.pem", $outstring); |
|
| 466 | 466 | // PHP can only do one DC in the Subject. But we need three. |
| 467 | - $execCmd = \config\Master::PATHS['openssl'] . " req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 467 | + $execCmd = \config\Master::PATHS['openssl']." req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 468 | 468 | $this->loggerInstance->debug(2, "Calling openssl req with following cmdline: $execCmd\n"); |
| 469 | 469 | $output = []; |
| 470 | 470 | $return = 999; |
@@ -110,7 +110,7 @@ discard block |
||
| 110 | 110 | public function __construct() |
| 111 | 111 | { |
| 112 | 112 | $this->loggerInstance = new Logging(); |
| 113 | - $this->loggerInstance->debug(4, "--- BEGIN constructing class " . get_class($this) . " .\n"); |
|
| 113 | + $this->loggerInstance->debug(4, "--- BEGIN constructing class ".get_class($this)." .\n"); |
|
| 114 | 114 | $this->languageInstance = new Language(); |
| 115 | 115 | Entity::intoThePotatoes("core"); |
| 116 | 116 | // some config elements are displayable. We need some dummies to |
@@ -129,13 +129,13 @@ discard block |
||
| 129 | 129 | $dummy_organisation2a = _("organization"); |
| 130 | 130 | $dummy_organisation3 = _("entity"); |
| 131 | 131 | // and do something useless with the strings so that there's no "unused" complaint |
| 132 | - if (strlen($dummy_NRO . $dummy_idp1 . $dummy_idp2 . $dummy_idp3 . $dummy_hotspot1 . $dummy_hotspot2 . $dummy_hotspot3 . $dummy_organisation1 . $dummy_organisation2 . $dummy_organisation2a . $dummy_organisation3) < 0) { |
|
| 132 | + if (strlen($dummy_NRO.$dummy_idp1.$dummy_idp2.$dummy_idp3.$dummy_hotspot1.$dummy_hotspot2.$dummy_hotspot3.$dummy_organisation1.$dummy_organisation2.$dummy_organisation2a.$dummy_organisation3) < 0) { |
|
| 133 | 133 | throw new Exception("Strings are usually not shorter than 0 characters. We've encountered a string blackhole."); |
| 134 | 134 | } |
| 135 | - $xyzVariableFed = \config\ConfAssistant::CONSORTIUM['nomenclature_federation'] . ""; |
|
| 136 | - $xyzVariableIdP = \config\ConfAssistant::CONSORTIUM['nomenclature_idp'] . ""; |
|
| 137 | - $xyzVariableHotspot = \config\ConfAssistant::CONSORTIUM['nomenclature_hotspot'] . ""; |
|
| 138 | - $xyzVariableParticipant = \config\ConfAssistant::CONSORTIUM['nomenclature_participant'] . ""; |
|
| 135 | + $xyzVariableFed = \config\ConfAssistant::CONSORTIUM['nomenclature_federation'].""; |
|
| 136 | + $xyzVariableIdP = \config\ConfAssistant::CONSORTIUM['nomenclature_idp'].""; |
|
| 137 | + $xyzVariableHotspot = \config\ConfAssistant::CONSORTIUM['nomenclature_hotspot'].""; |
|
| 138 | + $xyzVariableParticipant = \config\ConfAssistant::CONSORTIUM['nomenclature_participant'].""; |
|
| 139 | 139 | Entity::$nomenclature_fed = _($xyzVariableFed); |
| 140 | 140 | Entity::$nomenclature_idp = _($xyzVariableIdP); |
| 141 | 141 | Entity::$nomenclature_hotspot = _($xyzVariableHotspot); |
@@ -151,7 +151,7 @@ discard block |
||
| 151 | 151 | */ |
| 152 | 152 | public function __destruct() |
| 153 | 153 | { |
| 154 | - (new Logging())->debug(5, "--- KILL Destructing class " . get_class($this) . " .\n"); |
|
| 154 | + (new Logging())->debug(5, "--- KILL Destructing class ".get_class($this)." .\n"); |
|
| 155 | 155 | } |
| 156 | 156 | |
| 157 | 157 | /** |
@@ -184,7 +184,7 @@ discard block |
||
| 184 | 184 | public static function createTemporaryDirectory($purpose = 'installer', $failIsFatal = 1) |
| 185 | 185 | { |
| 186 | 186 | $loggerInstance = new Logging(); |
| 187 | - $name = md5(time() . rand()); |
|
| 187 | + $name = md5(time().rand()); |
|
| 188 | 188 | $path = ROOT; |
| 189 | 189 | switch ($purpose) { |
| 190 | 190 | case 'silverbullet': |
@@ -202,7 +202,7 @@ discard block |
||
| 202 | 202 | default: |
| 203 | 203 | throw new Exception("unable to create temporary directory due to unknown purpose: $purpose\n"); |
| 204 | 204 | } |
| 205 | - $tmpDir = $path . '/' . $name; |
|
| 205 | + $tmpDir = $path.'/'.$name; |
|
| 206 | 206 | $loggerInstance->debug(4, "temp dir: $purpose : $tmpDir\n"); |
| 207 | 207 | if (!mkdir($tmpDir, 0700, true)) { |
| 208 | 208 | if ($failIsFatal) { |
@@ -223,7 +223,7 @@ discard block |
||
| 223 | 223 | */ |
| 224 | 224 | public static function rrmdir($dir) |
| 225 | 225 | { |
| 226 | - foreach (glob($dir . '/*') as $file) { |
|
| 226 | + foreach (glob($dir.'/*') as $file) { |
|
| 227 | 227 | if (is_dir($file)) { |
| 228 | 228 | Entity::rrmdir($file); |
| 229 | 229 | } else { |
@@ -249,12 +249,12 @@ discard block |
||
| 249 | 249 | } |
| 250 | 250 | // these substr() are guaranteed to yield actual string data, as the |
| 251 | 251 | // base string is an MD5 hash - has sufficient length |
| 252 | - $uuid = /** @scrutinizer ignore-type */ substr($chars, 0, 8) . '-'; |
|
| 253 | - $uuid .= /** @scrutinizer ignore-type */ substr($chars, 8, 4) . '-'; |
|
| 254 | - $uuid .= /** @scrutinizer ignore-type */ substr($chars, 12, 4) . '-'; |
|
| 255 | - $uuid .= /** @scrutinizer ignore-type */ substr($chars, 16, 4) . '-'; |
|
| 252 | + $uuid = /** @scrutinizer ignore-type */ substr($chars, 0, 8).'-'; |
|
| 253 | + $uuid .= /** @scrutinizer ignore-type */ substr($chars, 8, 4).'-'; |
|
| 254 | + $uuid .= /** @scrutinizer ignore-type */ substr($chars, 12, 4).'-'; |
|
| 255 | + $uuid .= /** @scrutinizer ignore-type */ substr($chars, 16, 4).'-'; |
|
| 256 | 256 | $uuid .= /** @scrutinizer ignore-type */ substr($chars, 20, 12); |
| 257 | - return $prefix . $uuid; |
|
| 257 | + return $prefix.$uuid; |
|
| 258 | 258 | } |
| 259 | 259 | |
| 260 | 260 | /** |
@@ -295,7 +295,7 @@ discard block |
||
| 295 | 295 | for ($i = count($trace); $i--; $i > 0) { |
| 296 | 296 | if (isset($trace[$i - 1]['class']) && preg_match('/Entity/', $trace[$i - 1]['class'])) { |
| 297 | 297 | if ($showTrace) { |
| 298 | - echo "FOUND caller: " . /** @scrutinizer ignore-type */ print_r($trace[$i], true) . " - class is " . $trace[$i]['class']; |
|
| 298 | + echo "FOUND caller: "./** @scrutinizer ignore-type */ print_r($trace[$i], true)." - class is ".$trace[$i]['class']; |
|
| 299 | 299 | } |
| 300 | 300 | $caller = $trace[$i]; |
| 301 | 301 | break; |
@@ -305,8 +305,8 @@ discard block |
||
| 305 | 305 | // otherwise, on the filename relative to ROOT |
| 306 | 306 | $myName = $caller['class'] ?? substr($caller['file'], strlen(ROOT)); |
| 307 | 307 | if ($showTrace === TRUE) { |
| 308 | - echo "<pre>" . /** @scrutinizer ignore-type */ print_r($trace, true) . "</pre>"; |
|
| 309 | - echo "CLASS = " . $myName . "<br/>"; |
|
| 308 | + echo "<pre>"./** @scrutinizer ignore-type */ print_r($trace, true)."</pre>"; |
|
| 309 | + echo "CLASS = ".$myName."<br/>"; |
|
| 310 | 310 | } |
| 311 | 311 | if (preg_match("/diag/", $myName) == 1) { |
| 312 | 312 | $ret = "diagnostics"; |
@@ -340,11 +340,11 @@ discard block |
||
| 340 | 340 | if ($catalogue === NULL) { |
| 341 | 341 | $theCatalogue = Entity::determineOwnCatalogue($trace); |
| 342 | 342 | textdomain($theCatalogue); |
| 343 | - bindtextdomain($theCatalogue, ROOT . "/translation/"); |
|
| 343 | + bindtextdomain($theCatalogue, ROOT."/translation/"); |
|
| 344 | 344 | bind_textdomain_codeset($theCatalogue, "UTF-8"); |
| 345 | 345 | } else { |
| 346 | 346 | textdomain($catalogue); |
| 347 | - bindtextdomain($catalogue, ROOT . "/translation/"); |
|
| 347 | + bindtextdomain($catalogue, ROOT."/translation/"); |
|
| 348 | 348 | bind_textdomain_codeset($catalogue, "UTF-8"); |
| 349 | 349 | } |
| 350 | 350 | } |
@@ -105,9 +105,9 @@ discard block |
||
| 105 | 105 | |
| 106 | 106 | $attributesLowLevel = array_merge($this->deviceLevelAttributes, $this->eapLevelAttributes); |
| 107 | 107 | |
| 108 | - $this->loggerInstance->debug(5, "Device-Level Attributes: " . /** @scrutinizer ignore-type */ print_r($this->deviceLevelAttributes, true)); |
|
| 109 | - $this->loggerInstance->debug(5, "EAP-Level Attributes: " . /** @scrutinizer ignore-type */ print_r($this->eapLevelAttributes, true)); |
|
| 110 | - $this->loggerInstance->debug(5, "All low-Level Attributes: " . /** @scrutinizer ignore-type */ print_r($attributesLowLevel, true)); |
|
| 108 | + $this->loggerInstance->debug(5, "Device-Level Attributes: "./** @scrutinizer ignore-type */ print_r($this->deviceLevelAttributes, true)); |
|
| 109 | + $this->loggerInstance->debug(5, "EAP-Level Attributes: "./** @scrutinizer ignore-type */ print_r($this->eapLevelAttributes, true)); |
|
| 110 | + $this->loggerInstance->debug(5, "All low-Level Attributes: "./** @scrutinizer ignore-type */ print_r($attributesLowLevel, true)); |
|
| 111 | 111 | |
| 112 | 112 | // now fetch and merge profile-level attributes if not already set on deeper level |
| 113 | 113 | |
@@ -137,7 +137,7 @@ discard block |
||
| 137 | 137 | } |
| 138 | 138 | } |
| 139 | 139 | |
| 140 | - $this->loggerInstance->debug(5, "Merged Attributes: " . /** @scrutinizer ignore-type */ print_r($attributesLowLevel, true)); |
|
| 140 | + $this->loggerInstance->debug(5, "Merged Attributes: "./** @scrutinizer ignore-type */ print_r($attributesLowLevel, true)); |
|
| 141 | 141 | |
| 142 | 142 | // now, fetch and merge IdP-wide attributes |
| 143 | 143 | |
@@ -152,7 +152,7 @@ discard block |
||
| 152 | 152 | // add the internal attribute to that effect |
| 153 | 153 | |
| 154 | 154 | if (isset($this->attributes['media:openroaming_always'])) { |
| 155 | - $this->attributes = array_merge($this->attributes, $this->addInternalAttributes([ "internal:openroaming" => TRUE ] )); |
|
| 155 | + $this->attributes = array_merge($this->attributes, $this->addInternalAttributes(["internal:openroaming" => TRUE])); |
|
| 156 | 156 | } |
| 157 | 157 | |
| 158 | 158 | $this->loggerInstance->debug(4, "--- END Constructing new Profile object ... ---\n"); |
@@ -200,7 +200,7 @@ discard block |
||
| 200 | 200 | "row_id" => $attributeQuery->row_id, |
| 201 | 201 | "flag" => $optinfo['flag'], |
| 202 | 202 | "device" => ($devicesOrEAPMethods == "DEVICES" ? $attributeQuery->deviceormethod : NULL), |
| 203 | - "eapmethod" => ($devicesOrEAPMethods == "DEVICES" ? 0 : (new \core\common\EAP($attributeQuery->deviceormethod))->getArrayRep() )]; |
|
| 203 | + "eapmethod" => ($devicesOrEAPMethods == "DEVICES" ? 0 : (new \core\common\EAP($attributeQuery->deviceormethod))->getArrayRep())]; |
|
| 204 | 204 | } |
| 205 | 205 | return $temparray; |
| 206 | 206 | } |
@@ -309,7 +309,7 @@ discard block |
||
| 309 | 309 | */ |
| 310 | 310 | public function setAnonymousIDSupport($shallwe) |
| 311 | 311 | { |
| 312 | - $this->databaseHandle->exec("UPDATE profile SET use_anon_outer = " . ($shallwe === true ? "1" : "0") . " WHERE profile_id = $this->identifier"); |
|
| 312 | + $this->databaseHandle->exec("UPDATE profile SET use_anon_outer = ".($shallwe === true ? "1" : "0")." WHERE profile_id = $this->identifier"); |
|
| 313 | 313 | } |
| 314 | 314 | |
| 315 | 315 | /** Toggle special username for realm checks |
@@ -319,7 +319,7 @@ discard block |
||
| 319 | 319 | * @return void |
| 320 | 320 | */ |
| 321 | 321 | public function setRealmCheckUser($shallwe, $localpart = NULL) { |
| 322 | - $this->databaseHandle->exec("UPDATE profile SET checkuser_outer = " . ($shallwe === true ? "1" : "0") . " WHERE profile_id = $this->identifier"); |
|
| 322 | + $this->databaseHandle->exec("UPDATE profile SET checkuser_outer = ".($shallwe === true ? "1" : "0")." WHERE profile_id = $this->identifier"); |
|
| 323 | 323 | if ($localpart !== NULL) { |
| 324 | 324 | $this->databaseHandle->exec("UPDATE profile SET checkuser_value = ? WHERE profile_id = $this->identifier", "s", $localpart); |
| 325 | 325 | } |
@@ -334,8 +334,8 @@ discard block |
||
| 334 | 334 | */ |
| 335 | 335 | public function setInputVerificationPreference($verify, $hint) |
| 336 | 336 | { |
| 337 | - $this->databaseHandle->exec("UPDATE profile SET verify_userinput_suffix = " . ($verify === true ? "1" : "0") . |
|
| 338 | - ", hint_userinput_suffix = " . ($hint === true ? "1" : "0") . |
|
| 337 | + $this->databaseHandle->exec("UPDATE profile SET verify_userinput_suffix = ".($verify === true ? "1" : "0"). |
|
| 338 | + ", hint_userinput_suffix = ".($hint === true ? "1" : "0"). |
|
| 339 | 339 | " WHERE profile_id = $this->identifier"); |
| 340 | 340 | } |
| 341 | 341 | |
@@ -42,24 +42,24 @@ |
||
| 42 | 42 | \config\ConfAssistant::CONSORTIUM['display_name'], |
| 43 | 43 | \config\Master::APPEARANCE['productname'], |
| 44 | 44 | \config\Master::APPEARANCE['productname']); |
| 45 | -$out .= "<p>" . sprintf(_("<span class='edu_cat'>%s</span> currently supports the following devices and EAP type combinations:"), \config\Master::APPEARANCE['productname']) . "</p>"; |
|
| 46 | -$out .= "<table><tr><th>" . _("Device Group") . "</th><th>" . _("Device") . "</th>"; |
|
| 45 | +$out .= "<p>".sprintf(_("<span class='edu_cat'>%s</span> currently supports the following devices and EAP type combinations:"), \config\Master::APPEARANCE['productname'])."</p>"; |
|
| 46 | +$out .= "<table><tr><th>"._("Device Group")."</th><th>"._("Device")."</th>"; |
|
| 47 | 47 | foreach (\core\common\EAP::listKnownEAPTypes() as $oneeap) { |
| 48 | - $out .= "<th style='min-width: 80px;'>" . $oneeap->getPrintableRep() . "</th>"; |
|
| 48 | + $out .= "<th style='min-width: 80px;'>".$oneeap->getPrintableRep()."</th>"; |
|
| 49 | 49 | } |
| 50 | 50 | $out .= "</tr>"; |
| 51 | 51 | foreach (\devices\Devices::listDevices() as $index => $onedevice) { |
| 52 | 52 | if (isset($onedevice['options'])) { |
| 53 | - if ((isset($onedevice['options']['hidden']) && ( $onedevice['options']['hidden'] == 1 || $onedevice['options']['hidden'] == 2 ))|| (isset($onedevice['options']['redirect']) && ($onedevice['options']['redirect'] == 1))) { |
|
| 53 | + if ((isset($onedevice['options']['hidden']) && ($onedevice['options']['hidden'] == 1 || $onedevice['options']['hidden'] == 2)) || (isset($onedevice['options']['redirect']) && ($onedevice['options']['redirect'] == 1))) { |
|
| 54 | 54 | continue; |
| 55 | 55 | } |
| 56 | 56 | } |
| 57 | - $vendor = (new \web\lib\user\Skinjob())->findResourceUrl("IMAGES", "vendorlogo/" . $onedevice['group'] . ".png"); |
|
| 57 | + $vendor = (new \web\lib\user\Skinjob())->findResourceUrl("IMAGES", "vendorlogo/".$onedevice['group'].".png"); |
|
| 58 | 58 | $vendorImg = ""; |
| 59 | 59 | if ($vendor !== FALSE) { |
| 60 | 60 | $vendorImg = "<img src='$vendor' alt='logo'>"; |
| 61 | 61 | } |
| 62 | - $out .= "<tr><td class='vendor'>$vendorImg</td><td>" . $onedevice['display'] . "</td>"; |
|
| 62 | + $out .= "<tr><td class='vendor'>$vendorImg</td><td>".$onedevice['display']."</td>"; |
|
| 63 | 63 | $device_instance = new \core\DeviceFactory($index); |
| 64 | 64 | foreach (\core\common\EAP::listKnownEAPTypes() as $oneeap) { |
| 65 | 65 | $out .= "<td>"; |
@@ -304,7 +304,7 @@ discard block |
||
| 304 | 304 | // for now (no OpenRoaming client certs available) only run server-side tests |
| 305 | 305 | foreach ($listOfIPs as $oneIP) { |
| 306 | 306 | $connectionResult = $connectionTests->cApathCheck($oneIP); |
| 307 | - if ($connectionResult != \core\diag\AbstractTest::RETVAL_OK || ( isset($connectionTests->TLS_CA_checks_result['cert_oddity']) && count($connectionTests->TLS_CA_checks_result['cert_oddity']) > 0)) { |
|
| 307 | + if ($connectionResult != \core\diag\AbstractTest::RETVAL_OK || (isset($connectionTests->TLS_CA_checks_result['cert_oddity']) && count($connectionTests->TLS_CA_checks_result['cert_oddity']) > 0)) { |
|
| 308 | 308 | $allHostsOkay = FALSE; |
| 309 | 309 | } else { |
| 310 | 310 | $oneHostOkay = TRUE; |
@@ -913,7 +913,7 @@ discard block |
||
| 913 | 913 | $profileStatus = self::CERT_STATUS_OK; |
| 914 | 914 | foreach ($rows as $row) { |
| 915 | 915 | $encodedCert = $row[0]; |
| 916 | - $tm = $x509->processCertificate(base64_decode($encodedCert))['full_details']['validTo_time_t']- time(); |
|
| 916 | + $tm = $x509->processCertificate(base64_decode($encodedCert))['full_details']['validTo_time_t'] - time(); |
|
| 917 | 917 | if ($tm < \config\ConfAssistant::CERT_WARNINGS['expiry_critical']) { |
| 918 | 918 | $certStatus = self::CERT_STATUS_ERROR; |
| 919 | 919 | } elseif ($tm < \config\ConfAssistant::CERT_WARNINGS['expiry_warning']) { |
@@ -374,7 +374,7 @@ |
||
| 374 | 374 | throw new Exception("Unknown test requested: default case reached!"); |
| 375 | 375 | } |
| 376 | 376 | $returnarray['datetime'] = date("Y-m-d H:i:s"); |
| 377 | -if ($token!= '' && is_dir($jsonDir.'/'.$token)) { |
|
| 377 | +if ($token != '' && is_dir($jsonDir.'/'.$token)) { |
|
| 378 | 378 | @mkdir($jsonDir.'/'.$token, 0777, true); |
| 379 | 379 | } |
| 380 | 380 | $json_data = json_encode($returnarray); |
@@ -132,7 +132,7 @@ discard block |
||
| 132 | 132 | $expectedName = $addr['hostname']; |
| 133 | 133 | $protocols = []; |
| 134 | 134 | if (isset($addr['protocols'])) { |
| 135 | - foreach($addr['protocols'] as $protocol) { |
|
| 135 | + foreach ($addr['protocols'] as $protocol) { |
|
| 136 | 136 | if ($protocol['enabled']) { |
| 137 | 137 | $protocols[] = $protocol['type']; |
| 138 | 138 | } |
@@ -213,7 +213,7 @@ discard block |
||
| 213 | 213 | $json_data = json_encode($returnArray); |
| 214 | 214 | |
| 215 | 215 | if ($token) { |
| 216 | - $loggerInstance->debug(4, 'JSON data written to ' .$jsonDir.'/'.$token); |
|
| 216 | + $loggerInstance->debug(4, 'JSON data written to '.$jsonDir.'/'.$token); |
|
| 217 | 217 | file_put_contents($jsonDir.'/'.$token.'/realm', $json_data); |
| 218 | 218 | } |
| 219 | 219 | echo($json_data); |
@@ -292,7 +292,7 @@ discard block |
||
| 292 | 292 | <table><tr> |
| 293 | 293 | <td class='icon_td'>"; |
| 294 | 294 | $out[] = "<img src='".$this->stateIcons[$this->globalLevelStatic]."' id='main_static_ico' class='icon'></td><td id='main_static_result'>". |
| 295 | - $this->globalInfo[$this->globalLevelStatic].' '. _("See the appropriate tab for details.").'</td> |
|
| 295 | + $this->globalInfo[$this->globalLevelStatic].' '._("See the appropriate tab for details.").'</td> |
|
| 296 | 296 | </tr></table>'; |
| 297 | 297 | if ($this->naptr > 0) { |
| 298 | 298 | $out[] = "<hr><strong>"._("Dynamic connectivity tests")."</strong> |
@@ -323,7 +323,7 @@ discard block |
||
| 323 | 323 | <td class='icon_td'><img src='".$this->stateIcons[$result->level]."' id='src".$hostindex."_img'></td> |
| 324 | 324 | <td id='src$hostindex' colspan=2> |
| 325 | 325 | "; |
| 326 | - $out[] = '<strong>'.($result->server ? $result->server : _("Connected to undetermined server")).'</strong><br/>'.sprintf (_("elapsed time: %sms."), $result->time_millisec).'<p>'.$result->message.'</p>'; |
|
| 326 | + $out[] = '<strong>'.($result->server ? $result->server : _("Connected to undetermined server")).'</strong><br/>'.sprintf(_("elapsed time: %sms."), $result->time_millisec).'<p>'.$result->message.'</p>'; |
|
| 327 | 327 | |
| 328 | 328 | if ($result->level > \core\common\Entity::L_OK && property_exists($result, 'cert_oddities')) { |
| 329 | 329 | foreach ($result->cert_oddities as $oddities) { |
@@ -373,10 +373,10 @@ discard block |
||
| 373 | 373 | if (isset($this->protocolsMap[$capath->IP]) && $this->protocolsMap[$capath->IP] != '') { |
| 374 | 374 | $prots = explode(';', $this->protocolsMap[$capath->IP]); |
| 375 | 375 | if (!empty($prots)) { |
| 376 | - $capathtest[] = ' ' . _("supported TLS protocols: "); |
|
| 376 | + $capathtest[] = ' '._("supported TLS protocols: "); |
|
| 377 | 377 | $capathtest[] = implode(', ', $prots); |
| 378 | 378 | if (!in_array("TLS1.3", $prots)) { |
| 379 | - $capathtest[] = ' ' . '<font color="red">' . _("not supported: ") . 'TLS1.3</font>'; |
|
| 379 | + $capathtest[] = ' '.'<font color="red">'._("not supported: ").'TLS1.3</font>'; |
|
| 380 | 380 | } |
| 381 | 381 | } |
| 382 | 382 | } |
@@ -399,7 +399,7 @@ discard block |
||
| 399 | 399 | if ($capath->certdata->validTo) { |
| 400 | 400 | $certdesc .= '<li>'.$this->certFields['validTo'].' '. |
| 401 | 401 | date_create_from_format('ymdGis', |
| 402 | - substr($capath->certdata->validTo, 0, -1))->format('Y-m-d H:i:s'). ' UTC'; |
|
| 402 | + substr($capath->certdata->validTo, 0, -1))->format('Y-m-d H:i:s').' UTC'; |
|
| 403 | 403 | } |
| 404 | 404 | if ($capath->certdata->extensions) { |
| 405 | 405 | if ($capath->certdata->extensions->subjectaltname) { |
@@ -422,7 +422,7 @@ discard block |
||
| 422 | 422 | } else { |
| 423 | 423 | $certdesc = '<br>'; |
| 424 | 424 | } |
| 425 | - $capathtest[] = '<div>'.($capath->message!='' ? $capath->message : _('Test failed')).'</div>'.$more; |
|
| 425 | + $capathtest[] = '<div>'.($capath->message != '' ? $capath->message : _('Test failed')).'</div>'.$more; |
|
| 426 | 426 | $capathtest[] = '</td> |
| 427 | 427 | </tr> |
| 428 | 428 | </table>'; |
@@ -449,7 +449,7 @@ discard block |
||
| 449 | 449 | $srefused = 0; |
| 450 | 450 | $cliinfo = ''; |
| 451 | 451 | $cliinfo .= '<li>'._('Client certificate').' <b>'.$ca->clientcertinfo->from. |
| 452 | - '</b>'.', '.$ca->clientcertinfo->message . |
|
| 452 | + '</b>'.', '.$ca->clientcertinfo->message. |
|
| 453 | 453 | '<br> (CA: '.$ca->clientcertinfo->issuer.')<ul>'; |
| 454 | 454 | foreach ($ca->certificate as $certificate) { |
| 455 | 455 | if ($certificate->returncode == \core\diag\RADIUSTests::RETVAL_CONNECTION_REFUSED) { |
@@ -515,7 +515,7 @@ discard block |
||
| 515 | 515 | } else { |
| 516 | 516 | $cliinfo = _('Test failed'); |
| 517 | 517 | $clientstest[] = "<table><tr><td class='icon_td' id='srcclient".$hostindex."_img'><img src='". |
| 518 | - $this->stateIcons[\core\common\Entity::L_WARN]."'></td>" . |
|
| 518 | + $this->stateIcons[\core\common\Entity::L_WARN]."'></td>". |
|
| 519 | 519 | "<td id='srcclient$hostindex'>$cliinfo</td></tr></table>"; |
| 520 | 520 | } |
| 521 | 521 | } else { |
@@ -438,7 +438,7 @@ discard block |
||
| 438 | 438 | $this->relevantNAPTRhostnameResolution(); |
| 439 | 439 | } |
| 440 | 440 | foreach ($this->NAPTR_hostname_records as $hostindex => $addr) { |
| 441 | - $host = ($addr['family'] == "IPv6" ? "[" : "") . $addr['IP'] . ($addr['family'] == "IPv6" ? "]" : "") . ":" . $addr['port']; |
|
| 441 | + $host = ($addr['family'] == "IPv6" ? "[" : "").$addr['IP'].($addr['family'] == "IPv6" ? "]" : "").":".$addr['port']; |
|
| 442 | 442 | $this->NAPTR_hostname_records[$hostindex]['protocols'] = $this->execSslscan($hostindex, $host); |
| 443 | 443 | foreach ($this->NAPTR_hostname_records[$hostindex]['protocols'] as $protocol) { |
| 444 | 444 | if ($protocol['type'] == 'TLS1.3' && $protocol['enabled'] == 1) { |
@@ -458,13 +458,13 @@ discard block |
||
| 458 | 458 | */ |
| 459 | 459 | private function execSslscan($hostindex, $host) |
| 460 | 460 | { |
| 461 | - $this->loggerInstance->debug(4, \config\Master::PATHS['sslscan'] . " --no-heartbleed --no-fallback --connect-timeout=5 --no-ciphersuites --xml=- " . $host . "\n"); |
|
| 461 | + $this->loggerInstance->debug(4, \config\Master::PATHS['sslscan']." --no-heartbleed --no-fallback --connect-timeout=5 --no-ciphersuites --xml=- ".$host."\n"); |
|
| 462 | 462 | $sslscanbabble = []; |
| 463 | 463 | $result = 999; // likely to become zero by openssl; don't want to initialise to zero, could cover up exec failures |
| 464 | - exec(\config\Master::PATHS['sslscan'] . " --no-heartbleed --no-fallback --connect-timeout=5 --no-ciphersuites --xml=- " . $host ." 2>&1", $sslscanbabble, $result); |
|
| 464 | + exec(\config\Master::PATHS['sslscan']." --no-heartbleed --no-fallback --connect-timeout=5 --no-ciphersuites --xml=- ".$host." 2>&1", $sslscanbabble, $result); |
|
| 465 | 465 | $this->loggerInstance->debug(4, 'sslscan result '.implode($sslscanbabble)); |
| 466 | 466 | $xml = simplexml_load_string(implode($sslscanbabble)); |
| 467 | - $resarray = json_decode(json_encode((array)$xml),true); |
|
| 467 | + $resarray = json_decode(json_encode((array) $xml), true); |
|
| 468 | 468 | $prots = []; |
| 469 | 469 | if (!isset($resarray['ssltest'])) { |
| 470 | 470 | $this->NAPTR_hostname_records[$hostindex]['unavailable'] = 1; |
