GEANT /
CAT
| Total Complexity | 57 |
| Total Lines | 643 |
| Duplicated Lines | 0 % |
| Changes | 3 | ||
| Bugs | 0 | Features | 1 |
Complex classes like MobileconfigSuperclass often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes.
Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.
While breaking up the class, it is a good idea to analyze how other classes use MobileconfigSuperclass, and based on these observations, apply Extract Interface, too.
| 1 | <?php |
||
| 43 | abstract class MobileconfigSuperclass extends \core\DeviceConfig { |
||
| 44 | |||
| 45 | private $instName; |
||
|
Coding Style
Documentation
introduced
by
|
|||
| 46 | private $profileName; |
||
| 47 | private $massagedInst; |
||
| 48 | private $massagedProfile; |
||
| 49 | private $massagedCountry; |
||
| 50 | private $massagedConsortium; |
||
| 51 | private $lang; |
||
| 52 | static private $iPhonePayloadPrefix = "org.1x-config"; |
||
| 53 | private $clientCertUUID; |
||
| 54 | |||
| 55 | /** |
||
| 56 | * construct with the standard set of EAP methods we support, and preload |
||
| 57 | * specialities |
||
| 58 | */ |
||
| 59 | public function __construct() { |
||
| 60 | parent::__construct(); |
||
| 61 | \core\common\Entity::intoThePotatoes(); |
||
| 62 | // that's what all variants support. Sub-classes can change it. |
||
| 63 | $this->setSupportedEapMethods([\core\common\EAP::EAPTYPE_PEAP_MSCHAP2, \core\common\EAP::EAPTYPE_TTLS_PAP, \core\common\EAP::EAPTYPE_TTLS_MSCHAP2, \core\common\EAP::EAPTYPE_SILVERBULLET]); |
||
| 64 | $this->specialities['internal:verify_userinput_suffix'] = _("It is not possible to actively verify the user input for suffix match; but if there is no 'Terms of Use' configured, the installer will display a corresponding hint to the user instead."); |
||
| 65 | \core\common\Entity::outOfThePotatoes(); |
||
| 66 | } |
||
| 67 | |||
| 68 | /** |
||
| 69 | * massage a name so that it becomes acceptable inside the plist XML |
||
| 70 | * |
||
| 71 | * @param string $input the literal name |
||
| 72 | * @return string |
||
| 73 | */ |
||
| 74 | private function massageName($input) { |
||
| 75 | return htmlspecialchars(strtolower(iconv("UTF-8", "US-ASCII//TRANSLIT", preg_replace(['/ /', '/\//'], '_', $input))), ENT_XML1, 'UTF-8'); |
||
| 76 | } |
||
| 77 | |||
| 78 | /** |
||
| 79 | * the general part of a mobileconfig file in plist format |
||
| 80 | * @return string |
||
| 81 | */ |
||
| 82 | private function generalPayload() { |
||
| 109 | } |
||
| 110 | |||
| 111 | const FILE_START = "<?xml version=\"1.0\" encoding=\"utf-8\"?> |
||
| 112 | <!DOCTYPE plist PUBLIC \"-//Apple Computer//DTD PLIST 1.0//EN\" |
||
| 113 | \"http://www.apple.com/DTDs/PropertyList-1.0.dtd\"> |
||
| 114 | <plist version=\"1.0\"> |
||
| 115 | <dict>"; |
||
| 116 | const FILE_END = "</dict></plist>"; |
||
| 117 | const BUFFER_CONSENT_PRE = " |
||
| 118 | <key>ConsentText</key> |
||
| 119 | <dict> |
||
| 120 | <key>default</key> |
||
| 121 | <string>"; |
||
| 122 | const BUFFER_CONSENT_POST = "</string> |
||
| 123 | </dict> |
||
| 124 | "; |
||
| 125 | |||
| 126 | /** |
||
| 127 | * creates a ConsentText block if either Terms of Use are specified or the |
||
| 128 | * user input hints should be displayed. Otherwise, produces nothing. |
||
| 129 | * |
||
| 130 | * @return string |
||
| 131 | */ |
||
| 132 | protected function consentBlock() { |
||
| 149 | } |
||
| 150 | |||
| 151 | /** |
||
| 152 | * create the actual installer XML file |
||
| 153 | * |
||
| 154 | * @return string filename of the generated installer |
||
| 155 | * |
||
| 156 | */ |
||
| 157 | public function writeInstaller() { |
||
| 158 | \core\common\Entity::intoThePotatoes(); |
||
| 159 | |||
| 160 | $this->loggerInstance->debug(4, "mobileconfig Module Installer start\n"); |
||
| 161 | |||
| 162 | // remove spaces and slashes (filename!), make sure it's simple ASCII only, then lowercase it |
||
| 163 | // also escape htmlspecialchars |
||
| 164 | // not all names and profiles have a name, so be prepared |
||
| 165 | |||
| 166 | $this->loggerInstance->debug(5, "List of available attributes: " . var_export($this->attributes, TRUE)); |
||
| 167 | |||
| 168 | $this->instName = $this->attributes['general:instname'][0] ?? _("Unnamed Organisation"); |
||
| 169 | $this->profileName = $this->attributes['profile:name'][0] ?? _("Unnamed Profile"); |
||
| 170 | |||
| 171 | $this->massagedInst = $this->massageName($this->instName); |
||
| 172 | $this->massagedProfile = $this->massageName($this->profileName); |
||
| 173 | $this->massagedCountry = $this->massageName($this->attributes['internal:country'][0]); |
||
| 174 | $this->massagedConsortium = $this->massageName(CONFIG_CONFASSISTANT['CONSORTIUM']['name']); |
||
| 175 | $this->lang = preg_replace('/\..+/', '', setlocale(LC_ALL, "0")); |
||
| 176 | |||
| 177 | $eapType = $this->selectedEap; |
||
| 178 | |||
| 179 | $outputXml = self::FILE_START; |
||
| 180 | $outputXml .= "<key>PayloadContent</key> |
||
| 181 | <array>"; |
||
| 182 | |||
| 183 | // if we are in silverbullet, we will need a whole own block for the client credential |
||
| 184 | // and also for the profile expiry |
||
| 185 | |||
| 186 | $this->clientCertUUID = NULL; |
||
| 187 | if ($eapType['INNER'] == \core\common\EAP::NE_SILVERBULLET) { |
||
| 188 | $blockinfo = $this->clientP12Block(); |
||
| 189 | $outputXml .= $blockinfo['block']; |
||
| 190 | $this->clientCertUUID = $blockinfo['UUID']; |
||
| 191 | } |
||
| 192 | |||
| 193 | $outputXml .= $this->allCA(); |
||
| 194 | |||
| 195 | $outputXml .= $this->allNetworkBlocks(); |
||
| 196 | |||
| 197 | $outputXml .= "</array>"; |
||
| 198 | $outputXml .= $this->generalPayload(); |
||
| 199 | $outputXml .= $this->consentBlock(); |
||
| 200 | |||
| 201 | if ($eapType['INNER'] == \core\common\EAP::NE_SILVERBULLET) { |
||
| 202 | $outputXml .= $this->expiryBlock(); |
||
| 203 | } |
||
| 204 | $outputXml .= self::FILE_END; |
||
| 205 | |||
| 206 | file_put_contents('installer_profile', $outputXml); |
||
| 207 | |||
| 208 | $fileName = $this->installerBasename . '.mobileconfig'; |
||
| 209 | |||
| 210 | if (!$this->sign) { |
||
| 211 | rename("installer_profile", $fileName); |
||
| 212 | \core\common\Entity::outOfThePotatoes(); |
||
| 213 | return $fileName; |
||
| 214 | } |
||
| 215 | // still here? Then we are signing. |
||
| 216 | $signing = system($this->sign . " installer_profile '$fileName' > /dev/null"); |
||
| 217 | if ($signing === FALSE) { |
||
| 218 | $this->loggerInstance->debug(2, "Signing the mobileconfig installer $fileName FAILED!\n"); |
||
| 219 | } |
||
| 220 | \core\common\Entity::outOfThePotatoes(); |
||
| 221 | return $fileName; |
||
| 222 | } |
||
| 223 | |||
| 224 | /** |
||
| 225 | * produces the HTML text to be displayed when clicking on the "help" button |
||
| 226 | * besides the download button. |
||
| 227 | * |
||
| 228 | * @return string |
||
| 229 | */ |
||
| 230 | public function writeDeviceInfo() { |
||
| 231 | \core\common\Entity::intoThePotatoes(); |
||
| 232 | $ssidCount = count($this->attributes['internal:SSID']); |
||
| 233 | $certCount = count($this->attributes['internal:CAs'][0]); |
||
| 234 | $out = "<p>" . _("For best results, please use the built-in browser (Safari) to open the configuration file.") . "</p>"; |
||
| 235 | $out .= "<p>"; |
||
| 236 | $out .= _("The profile will install itself after you click (or tap) the button. You will be asked for confirmation/input at several points:"); |
||
| 237 | $out .= "<ul>"; |
||
| 238 | $out .= "<li>" . _("to install the profile") . "</li>"; |
||
| 239 | $out .= "<li>" . ngettext("to accept the server certificate authority", "to accept the server certificate authorities", $certCount); |
||
| 240 | if ($certCount > 1) { |
||
| 241 | $out .= " " . sprintf(_("(%d times)"), $certCount); |
||
| 242 | } |
||
| 243 | $out .= "</li>"; |
||
| 244 | $out .= "<li>" . _("to enter the username and password you have been given by your organisation"); |
||
| 245 | if ($ssidCount > 1) { |
||
| 246 | $out .= " " . sprintf(_("(%d times each, because %s is installed for %d SSIDs)"), $ssidCount, CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], $ssidCount); |
||
| 247 | } |
||
| 248 | $out .= "</li>"; |
||
| 249 | $out .= "</ul>"; |
||
| 250 | $out .= "</p>"; |
||
| 251 | \core\common\Entity::outOfThePotatoes(); |
||
| 252 | return $out; |
||
| 253 | } |
||
| 254 | |||
| 255 | /** |
||
| 256 | * collates a list of the UUIDs of all the CAs which are to be included in |
||
| 257 | * the mobileconfig file |
||
| 258 | * |
||
| 259 | * @return array |
||
| 260 | */ |
||
| 261 | private function listCAUuids() { |
||
| 262 | $retval = []; |
||
| 263 | foreach ($this->attributes['internal:CAs'][0] as $ca) { |
||
| 264 | $retval[] = $ca['uuid']; |
||
| 265 | } |
||
| 266 | return $retval; |
||
| 267 | } |
||
| 268 | |||
| 269 | /** |
||
| 270 | * This is the XML structure subtree of a Network block which contains the |
||
| 271 | * settings specific to Passpoint |
||
| 272 | * |
||
| 273 | * @param array $consortiumOi list of consortiumOi to put into structure |
||
| 274 | * @return string |
||
| 275 | */ |
||
| 276 | private function passPointBlock($consortiumOi) { |
||
| 277 | $retval = " |
||
| 278 | <key>IsHotspot</key> |
||
| 279 | <true/> |
||
| 280 | <key>ServiceProviderRoamingEnabled</key> |
||
| 281 | <true/> |
||
| 282 | <key>DisplayedOperatorName</key> |
||
| 283 | <string>" . CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'] . " via Passpoint</string>"; |
||
| 284 | // if we don't know the realm, omit the entire DomainName key |
||
| 285 | if (isset($this->attributes['internal:realm'])) { |
||
| 286 | $retval .= "<key>DomainName</key> |
||
| 287 | <string>"; |
||
| 288 | $retval .= $this->attributes['internal:realm'][0]; |
||
| 289 | $retval .= "</string> |
||
| 290 | "; |
||
| 291 | } |
||
| 292 | $retval .= " <key>RoamingConsortiumOIs</key> |
||
| 293 | <array>"; |
||
| 294 | foreach ($consortiumOi as $oiValue) { |
||
| 295 | $retval .= "<string>".strtoupper($oiValue)."</string>"; |
||
| 296 | } |
||
| 297 | $retval .= "</array>"; |
||
| 298 | // this is an undocumented value found on the net. Does it do something useful? |
||
| 299 | $retval .= "<key>_UsingHotspot20</key> |
||
| 300 | <true/> |
||
| 301 | "; |
||
| 302 | // do we need to set NAIRealmName ? In Rel 1, probably yes, in Rel 2, |
||
| 303 | // no because ConsortiumOI is enough. |
||
| 304 | // but which release is OS X doing? And what should we fill in, given |
||
| 305 | // that we have thousands of realms? Try just eduroam.org |
||
| 306 | // |
||
| 307 | // tests from Hideaki suggest it's better not to set it; if Roaming |
||
| 308 | // consortium OI and NAIRealmNames are both set, connecting to a hotspot |
||
| 309 | // with just RCOI does not work |
||
| 310 | /* if (CONFIG_CONFASSISTANT['CONSORTIUM']['name'] == "eduroam") { |
||
| 311 | $retval .= "<key>NAIRealmNames</key> |
||
| 312 | <array> |
||
| 313 | <string>eduroam.org</string> |
||
| 314 | </array>"; |
||
| 315 | }*/ |
||
| 316 | return $retval; |
||
| 317 | } |
||
| 318 | |||
| 319 | private $serial; |
||
| 320 | private $removeSerial; |
||
| 321 | private $caSerial; |
||
| 322 | |||
| 323 | /** |
||
| 324 | * produces the EAP sub-block of a Network block |
||
| 325 | * |
||
| 326 | * @param array $eapType EAP type in array notation |
||
| 327 | * @return string |
||
| 328 | */ |
||
| 329 | private function eapBlock($eapType) { |
||
| 330 | $realm = $this->determineOuterIdString(); |
||
| 331 | $retval = "<key>EAPClientConfiguration</key> |
||
| 332 | <dict> |
||
| 333 | <key>AcceptEAPTypes</key> |
||
| 334 | <array> |
||
| 335 | <integer>" . $eapType['OUTER'] . "</integer> |
||
| 336 | </array> |
||
| 337 | <key>EAPFASTProvisionPAC</key> |
||
| 338 | <true /> |
||
| 339 | <key>EAPFASTUsePAC</key> |
||
| 340 | <true /> |
||
| 341 | <key>EAPFastProvisionPACAnonymously</key> |
||
| 342 | <false /> |
||
| 343 | <key>OneTimeUserPassword</key> |
||
| 344 | <false /> |
||
| 345 | "; |
||
| 346 | if ($realm !== NULL) { |
||
| 347 | $retval .= "<key>OuterIdentity</key> |
||
| 348 | <string>" . htmlspecialchars($realm, ENT_XML1, 'UTF-8') . "</string> |
||
| 349 | "; |
||
| 350 | } |
||
| 351 | $retval .= "<key>PayloadCertificateAnchorUUID</key> |
||
| 352 | <array>"; |
||
| 353 | foreach ($this->listCAUuids() as $uuid) { |
||
| 354 | if (in_array($uuid, $this->CAsAccountedFor)) { |
||
| 355 | $retval .= " |
||
| 356 | <string>$uuid</string>"; |
||
| 357 | } |
||
| 358 | } |
||
| 359 | $retval .= " |
||
| 360 | </array> |
||
| 361 | <key>TLSAllowTrustExceptions</key> |
||
| 362 | <false /> |
||
| 363 | <key>TLSTrustedServerNames</key> |
||
| 364 | <array>"; |
||
| 365 | foreach ($this->attributes['eap:server_name'] as $commonName) { |
||
| 366 | $retval .= " |
||
| 367 | <string>$commonName</string>"; |
||
| 368 | } |
||
| 369 | $retval .= " |
||
| 370 | </array>"; |
||
| 371 | if ($eapType['INNER'] == \core\common\EAP::NE_SILVERBULLET) { |
||
| 372 | $retval .= "<key>UserName</key><string>" . $this->clientCert["certObject"]->username . "</string>"; |
||
| 373 | } |
||
| 374 | $retval .= " |
||
| 375 | <key>TTLSInnerAuthentication</key> |
||
| 376 | <string>" . ($eapType['INNER'] == \core\common\EAP::NONE ? "PAP" : "MSCHAPv2") . "</string> |
||
| 377 | </dict>"; |
||
| 378 | return $retval; |
||
| 379 | } |
||
| 380 | |||
| 381 | /** |
||
| 382 | * produces the Proxy sub-block of a Network block |
||
| 383 | * |
||
| 384 | * @return string |
||
| 385 | */ |
||
| 386 | protected function proxySettings() { |
||
| 406 | } |
||
| 407 | |||
| 408 | /** |
||
| 409 | * produces an entire Network block |
||
| 410 | * |
||
| 411 | * @param int $blocktype which type of network block is this? |
||
| 412 | * @param string|array|boolean $toBeConfigured variable part of the config. Single SSID or list of ConsortiumOi |
||
| 413 | * @return string |
||
| 414 | * @throws Exception |
||
| 415 | */ |
||
| 416 | private function networkBlock($blocktype, $toBeConfigured) { |
||
| 417 | \core\common\Entity::intoThePotatoes(); |
||
| 418 | $eapType = $this->selectedEap; |
||
| 419 | switch ($blocktype) { |
||
| 420 | case MobileconfigSuperclass::NETWORK_BLOCK_TYPE_SSID: |
||
| 421 | if (!is_string($toBeConfigured)) { |
||
| 422 | throw new Exception("SSID must be a string!"); |
||
| 423 | } |
||
| 424 | $escapedSSID = htmlspecialchars($toBeConfigured, ENT_XML1, 'UTF-8'); |
||
| 425 | $payloadIdentifier = "wifi." . $this->serial; |
||
| 426 | $payloadShortName = sprintf(_("SSID %s"), $escapedSSID); |
||
| 427 | $payloadName = sprintf(_("%s configuration for network name %s"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], $escapedSSID); |
||
| 428 | $encryptionTypeString = "WPA"; |
||
| 429 | $setupModesString = ""; |
||
| 430 | $wifiNetworkIdentification = "<key>SSID_STR</key> |
||
| 431 | <string>$escapedSSID</string>"; |
||
| 432 | break; |
||
| 433 | case MobileconfigSuperclass::NETWORK_BLOCK_TYPE_WIRED: |
||
| 434 | if (!is_bool($toBeConfigured)) { |
||
| 435 | throw new Exception("We expected a TRUE here!"); |
||
| 436 | } |
||
| 437 | $payloadIdentifier = "firstactiveethernet"; |
||
| 438 | $payloadShortName = _("Wired Network"); |
||
| 439 | $payloadName = sprintf(_("%s configuration for wired network"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']); |
||
| 440 | $encryptionTypeString = "any"; |
||
| 441 | $setupModesString = " |
||
| 442 | <key>SetupModes</key> |
||
| 443 | <array> |
||
| 444 | <string>System</string> |
||
| 445 | </array>"; |
||
| 446 | $wifiNetworkIdentification = ""; |
||
| 447 | break; |
||
| 448 | case MobileconfigSuperclass::NETWORK_BLOCK_TYPE_CONSORTIUMOIS: |
||
| 449 | if (!is_array($toBeConfigured)) { |
||
| 450 | throw new Exception("ConsortiumOI list must be an array!"); |
||
| 451 | } |
||
| 452 | $payloadIdentifier = "hs20"; |
||
| 453 | $payloadShortName = _("Hotspot 2.0 Settings"); |
||
| 454 | $payloadName = sprintf(_("%s Hotspot 2.0 configuration"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']); |
||
| 455 | $encryptionTypeString = "WPA"; |
||
| 456 | $setupModesString = ""; |
||
| 457 | $wifiNetworkIdentification = $this->passPointBlock($toBeConfigured); |
||
| 458 | break; |
||
| 459 | default: |
||
| 460 | throw new Exception("This type of network block is unknown!"); |
||
| 461 | } |
||
| 462 | $retval = "<dict>"; |
||
| 463 | $retval .= $this->eapBlock($eapType); |
||
| 464 | $retval .= "<key>EncryptionType</key> |
||
| 465 | <string>$encryptionTypeString</string> |
||
| 466 | <key>HIDDEN_NETWORK</key> |
||
| 467 | <true /> |
||
| 468 | <key>PayloadDescription</key> |
||
| 469 | <string>$payloadName</string> |
||
| 470 | <key>PayloadDisplayName</key> |
||
| 471 | <string>$payloadShortName</string> |
||
| 472 | <key>PayloadIdentifier</key> |
||
| 473 | <string>" . self::$iPhonePayloadPrefix . ".$this->massagedConsortium.$this->massagedCountry.$this->massagedInst.$this->massagedProfile.$this->lang.$payloadIdentifier</string> |
||
| 474 | <key>PayloadOrganization</key> |
||
| 475 | <string>" . $this->massagedConsortium . ".1x-config.org</string> |
||
| 476 | <key>PayloadType</key> |
||
| 477 | <string>com.apple." . ($blocktype == MobileconfigSuperclass::NETWORK_BLOCK_TYPE_WIRED ? "firstactiveethernet" : "wifi") . ".managed</string>"; |
||
| 478 | $retval .= $this->proxySettings(); |
||
| 479 | $retval .= $setupModesString; |
||
| 480 | if ($eapType['INNER'] == \core\common\EAP::NE_SILVERBULLET) { |
||
| 481 | if ($this->clientCertUUID === NULL) { |
||
| 482 | throw new Exception("Silverbullet REQUIRES a client certificate and we need to know the UUID!"); |
||
| 483 | } |
||
| 484 | $retval .= "<key>PayloadCertificateUUID</key> |
||
| 485 | <string>$this->clientCertUUID</string>"; |
||
| 486 | } |
||
| 487 | $retval .= " |
||
| 488 | <key>PayloadUUID</key> |
||
| 489 | <string>" . \core\common\Entity::uuid() . "</string> |
||
| 490 | <key>PayloadVersion</key> |
||
| 491 | <integer>1</integer> |
||
| 492 | $wifiNetworkIdentification</dict>"; |
||
| 493 | $this->serial = $this->serial + 1; |
||
| 494 | \core\common\Entity::outOfThePotatoes(); |
||
| 495 | return $retval; |
||
| 496 | } |
||
| 497 | |||
| 498 | /** |
||
| 499 | * Produces a Network block which sets a network to manual join (we don't |
||
| 500 | * get any closer to removing a network in mobileconfig) |
||
| 501 | * |
||
| 502 | * @param string $ssid the SSID to set to manual join only |
||
| 503 | * @return string |
||
| 504 | */ |
||
| 505 | private function removenetworkBlock($ssid) { |
||
| 506 | \core\common\Entity::intoThePotatoes(); |
||
| 507 | $retval = " |
||
| 508 | <dict> |
||
| 509 | <key>AutoJoin</key> |
||
| 510 | <false/> |
||
| 511 | <key>EncryptionType</key> |
||
| 512 | <string>None</string> |
||
| 513 | <key>HIDDEN_NETWORK</key> |
||
| 514 | <false/> |
||
| 515 | <key>IsHotspot</key> |
||
| 516 | <false/> |
||
| 517 | <key>PayloadDescription</key> |
||
| 518 | <string>" . sprintf(_("This SSID should not be used after bootstrapping %s"), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name']) . "</string> |
||
| 519 | <key>PayloadDisplayName</key> |
||
| 520 | <string>" . _("Disabled WiFi network") . "</string> |
||
| 521 | <key>PayloadIdentifier</key> |
||
| 522 | <string>" . self::$iPhonePayloadPrefix . ".$this->massagedConsortium.$this->massagedCountry.$this->massagedInst.$this->massagedProfile.$this->lang.wifi.disabled.$this->removeSerial</string> |
||
| 523 | <key>PayloadType</key> |
||
| 524 | <string>com.apple.wifi.managed</string> |
||
| 525 | <key>PayloadUUID</key> |
||
| 526 | <string>" . \core\common\Entity::uuid() . "</string> |
||
| 527 | <key>PayloadVersion</key> |
||
| 528 | <real>1</real>"; |
||
| 529 | $retval .= $this->proxySettings(); |
||
| 530 | $retval .= "<key>SSID_STR</key> |
||
| 531 | <string>$ssid</string> |
||
| 532 | </dict> |
||
| 533 | "; |
||
| 534 | \core\common\Entity::outOfThePotatoes(); |
||
| 535 | return $retval; |
||
| 536 | } |
||
| 537 | |||
| 538 | const NETWORK_BLOCK_TYPE_SSID = 100; |
||
| 539 | const NETWORK_BLOCK_TYPE_CONSORTIUMOIS = 101; |
||
| 540 | const NETWORK_BLOCK_TYPE_WIRED = 102; |
||
| 541 | |||
| 542 | /** |
||
| 543 | * produces the entire series of Network blocks; all for SSID-based, |
||
| 544 | * Passpoint-based, wired, and manual-select only SSIDs |
||
| 545 | * |
||
| 546 | * @return string |
||
| 547 | */ |
||
| 548 | private function allNetworkBlocks() { |
||
| 549 | $retval = ""; |
||
| 550 | $this->serial = 0; |
||
| 551 | |||
| 552 | foreach (array_keys($this->attributes['internal:SSID']) as $ssid) { |
||
| 553 | $retval .= $this->networkBlock(MobileconfigSuperclass::NETWORK_BLOCK_TYPE_SSID, $ssid); |
||
| 554 | } |
||
| 555 | if (isset($this->attributes['media:wired']) && get_class($this) == "devices\apple_mobileconfig\Device_mobileconfig_os_x") { |
||
| 556 | $retval .= $this->networkBlock(MobileconfigSuperclass::NETWORK_BLOCK_TYPE_WIRED, TRUE); |
||
| 557 | } |
||
| 558 | if (count($this->attributes['internal:consortia']) > 0) { |
||
| 559 | $retval .= $this->networkBlock(MobileconfigSuperclass::NETWORK_BLOCK_TYPE_CONSORTIUMOIS, $this->attributes['internal:consortia']); |
||
| 560 | } |
||
| 561 | if (isset($this->attributes['media:remove_SSID'])) { |
||
| 562 | $this->removeSerial = 0; |
||
| 563 | foreach ($this->attributes['media:remove_SSID'] as $removeSSID) { |
||
| 564 | $retval .= $this->removenetworkBlock($removeSSID); |
||
| 565 | $this->removeSerial = $this->removeSerial + 1; |
||
| 566 | } |
||
| 567 | } |
||
| 568 | return $retval; |
||
| 569 | } |
||
| 570 | |||
| 571 | /** |
||
| 572 | * collates a block with all CAs that are to be included in the mobileconfig |
||
| 573 | * |
||
| 574 | * @return string |
||
| 575 | */ |
||
| 576 | private function allCA() { |
||
| 577 | $retval = ""; |
||
| 578 | $this->caSerial = 0; |
||
| 579 | foreach ($this->attributes['internal:CAs'][0] as $ca) { |
||
| 580 | $retval .= $this->caBlob($ca); |
||
| 581 | $this->caSerial = $this->caSerial + 1; |
||
| 582 | } |
||
| 583 | return $retval; |
||
| 584 | } |
||
| 585 | |||
| 586 | /** |
||
| 587 | * creates a Cert block containing a client certificate (used in SB only) |
||
| 588 | * @return array the block itself, and the UUID of the certificate |
||
| 589 | * @throws Exception |
||
| 590 | */ |
||
| 591 | private function clientP12Block() { |
||
| 626 | } |
||
| 627 | |||
| 628 | /** |
||
| 629 | * creates an Expiry block. This is only done in SB; the profile expires |
||
| 630 | * when the client cert expires. |
||
| 631 | * |
||
| 632 | * @return string |
||
| 633 | * @throws Exception |
||
| 634 | */ |
||
| 635 | private function expiryBlock() { |
||
| 642 | } |
||
| 643 | |||
| 644 | private $CAsAccountedFor = []; |
||
| 645 | |||
| 646 | /** |
||
| 647 | * creates a block for one single CA |
||
| 648 | * |
||
| 649 | * @param array $ca the CA for which to generate the XML block |
||
| 650 | * @return string |
||
| 651 | */ |
||
| 652 | private function caBlob($ca) { |
||
| 686 | } |
||
| 687 | |||
| 688 | } |
||
| 689 |
Loading history...