GEANT /
CAT
@@ -16,9 +16,9 @@ discard block |
||
| 16 | 16 | |
| 17 | 17 | class CertificationAuthorityEduPki extends EntityWithDBProperties implements CertificationAuthorityInterface { |
| 18 | 18 | |
| 19 | - private const LOCATION_RA_CERT = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 20 | - private const LOCATION_RA_KEY = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 21 | - private const LOCATION_WEBROOT = ROOT . "/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 19 | + private const LOCATION_RA_CERT = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 20 | + private const LOCATION_RA_KEY = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 21 | + private const LOCATION_WEBROOT = ROOT."/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 22 | 22 | private const EDUPKI_RA_ID = 700; |
| 23 | 23 | private const EDUPKI_CERT_PROFILE = "User SOAP"; |
| 24 | 24 | private const EDUPKI_RA_PKEY_PASSPHRASE = "..."; |
@@ -33,13 +33,13 @@ discard block |
||
| 33 | 33 | parent::__construct(); |
| 34 | 34 | |
| 35 | 35 | if (stat(CertificationAuthorityEduPki::LOCATION_RA_CERT) === FALSE) { |
| 36 | - throw new Exception("RA operator PEM file not found: " . CertificationAuthorityEduPki::LOCATION_RA_CERT); |
|
| 36 | + throw new Exception("RA operator PEM file not found: ".CertificationAuthorityEduPki::LOCATION_RA_CERT); |
|
| 37 | 37 | } |
| 38 | 38 | if (stat(CertificationAuthorityEduPki::LOCATION_RA_KEY) === FALSE) { |
| 39 | - throw new Exception("RA operator private key file not found: " . CertificationAuthorityEduPki::LOCATION_RA_KEY); |
|
| 39 | + throw new Exception("RA operator private key file not found: ".CertificationAuthorityEduPki::LOCATION_RA_KEY); |
|
| 40 | 40 | } |
| 41 | 41 | if (stat(CertificationAuthorityEduPki::LOCATION_WEBROOT) === FALSE) { |
| 42 | - throw new Exception("CA website root CA file not found: " . CertificationAuthorityEduPki::LOCATION_WEBROOT); |
|
| 42 | + throw new Exception("CA website root CA file not found: ".CertificationAuthorityEduPki::LOCATION_WEBROOT); |
|
| 43 | 43 | } |
| 44 | 44 | } |
| 45 | 45 | |
@@ -68,19 +68,19 @@ discard block |
||
| 68 | 68 | // initialise connection to eduPKI CA / eduroam RA and send the request to them |
| 69 | 69 | try { |
| 70 | 70 | $altArray = [# Array mit den Subject Alternative Names |
| 71 | - "email:" . $csr["USERNAME"] |
|
| 71 | + "email:".$csr["USERNAME"] |
|
| 72 | 72 | ]; |
| 73 | 73 | $soapPub = $this->initEduPKISoapSession("PUBLIC"); |
| 74 | 74 | $this->loggerInstance->debug(5, "FIRST ACTUAL SOAP REQUEST (Public, newRequest)!\n"); |
| 75 | - $this->loggerInstance->debug(5, "PARAM_1: " . CertificationAuthorityEduPki::EDUPKI_RA_ID . "\n"); |
|
| 76 | - $this->loggerInstance->debug(5, "PARAM_2: " . $csr["CSR"] . "\n"); |
|
| 75 | + $this->loggerInstance->debug(5, "PARAM_1: ".CertificationAuthorityEduPki::EDUPKI_RA_ID."\n"); |
|
| 76 | + $this->loggerInstance->debug(5, "PARAM_2: ".$csr["CSR"]."\n"); |
|
| 77 | 77 | $this->loggerInstance->debug(5, "PARAM_3: "); |
| 78 | 78 | $this->loggerInstance->debug(5, $altArray); |
| 79 | - $this->loggerInstance->debug(5, "PARAM_4: " . CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE . "\n"); |
|
| 80 | - $this->loggerInstance->debug(5, "PARAM_5: " . sha1("notused") . "\n"); |
|
| 81 | - $this->loggerInstance->debug(5, "PARAM_6: " . $csr["USERNAME"] . "\n"); |
|
| 82 | - $this->loggerInstance->debug(5, "PARAM_7: " . $csr["USERNAME"] . "\n"); |
|
| 83 | - $this->loggerInstance->debug(5, "PARAM_8: " . ProfileSilverbullet::PRODUCTNAME . "\n"); |
|
| 79 | + $this->loggerInstance->debug(5, "PARAM_4: ".CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE."\n"); |
|
| 80 | + $this->loggerInstance->debug(5, "PARAM_5: ".sha1("notused")."\n"); |
|
| 81 | + $this->loggerInstance->debug(5, "PARAM_6: ".$csr["USERNAME"]."\n"); |
|
| 82 | + $this->loggerInstance->debug(5, "PARAM_7: ".$csr["USERNAME"]."\n"); |
|
| 83 | + $this->loggerInstance->debug(5, "PARAM_8: ".ProfileSilverbullet::PRODUCTNAME."\n"); |
|
| 84 | 84 | $this->loggerInstance->debug(5, "PARAM_9: false\n"); |
| 85 | 85 | $soapNewRequest = $soapPub->newRequest( |
| 86 | 86 | CertificationAuthorityEduPki::EDUPKI_RA_ID, # RA-ID |
@@ -102,11 +102,11 @@ discard block |
||
| 102 | 102 | } catch (Exception $e) { |
| 103 | 103 | // PHP 7.1 can do this much better |
| 104 | 104 | if (is_soap_fault($e)) { |
| 105 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: { |
|
| 105 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: { |
|
| 106 | 106 | $e->faultstring |
| 107 | 107 | }\n"); |
| 108 | 108 | } |
| 109 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 109 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 110 | 110 | } |
| 111 | 111 | try { |
| 112 | 112 | $soap = $this->initEduPKISoapSession("RA"); |
@@ -118,8 +118,8 @@ discard block |
||
| 118 | 118 | $soapReqnum, [ |
| 119 | 119 | "RaID" => CertificationAuthorityEduPki::EDUPKI_RA_ID, |
| 120 | 120 | "Role" => CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE, |
| 121 | - "Subject" => "DC=eduroam,DC=test,DC=test,C=" . $csr["FED"] . ",O=" . \config\ConfAssistant::CONSORTIUM['name'] . ",OU=" . $csr["FED"] . ",CN=" . $csr['USERNAME'] . ",emailAddress=" . $csr['USERNAME'], |
|
| 122 | - "SubjectAltNames" => ["email:" . $csr["USERNAME"]], |
|
| 121 | + "Subject" => "DC=eduroam,DC=test,DC=test,C=".$csr["FED"].",O=".\config\ConfAssistant::CONSORTIUM['name'].",OU=".$csr["FED"].",CN=".$csr['USERNAME'].",emailAddress=".$csr['USERNAME'], |
|
| 122 | + "SubjectAltNames" => ["email:".$csr["USERNAME"]], |
|
| 123 | 123 | "NotBefore" => (new \DateTime())->format('c'), |
| 124 | 124 | "NotAfter" => $expiry->format('c'), |
| 125 | 125 | ] |
@@ -138,7 +138,7 @@ discard block |
||
| 138 | 138 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 139 | 139 | // rather than just using the string. Grr. |
| 140 | 140 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 141 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapCleartext); |
|
| 141 | + file_put_contents($tempdir['dir']."/content.txt", $soapCleartext); |
|
| 142 | 142 | // retrieve our RA cert from filesystem |
| 143 | 143 | // the RA certificates are not needed right now because we |
| 144 | 144 | // have resorted to S/MIME signatures with openssl command-line |
@@ -150,7 +150,7 @@ discard block |
||
| 150 | 150 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 151 | 151 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 152 | 152 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n $soapCleartext\n"); |
| 153 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 153 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 154 | 154 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 155 | 155 | $output = []; |
| 156 | 156 | $return = 999; |
@@ -159,14 +159,14 @@ discard block |
||
| 159 | 159 | throw new Exception("Non-zero return value from openssl smime!"); |
| 160 | 160 | } |
| 161 | 161 | // and get the signature blob back from the filesystem |
| 162 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 162 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 163 | 163 | $this->loggerInstance->debug(5, "Request for server approveRequest has parameters:\n"); |
| 164 | - $this->loggerInstance->debug(5, $soapReqnum . "\n"); |
|
| 165 | - $this->loggerInstance->debug(5, $soapCleartext . "\n"); // PHP magically encodes this as base64 while sending! |
|
| 166 | - $this->loggerInstance->debug(5, $detachedSig . "\n"); |
|
| 164 | + $this->loggerInstance->debug(5, $soapReqnum."\n"); |
|
| 165 | + $this->loggerInstance->debug(5, $soapCleartext."\n"); // PHP magically encodes this as base64 while sending! |
|
| 166 | + $this->loggerInstance->debug(5, $detachedSig."\n"); |
|
| 167 | 167 | $soapIssueCert = $soap->approveRequest($soapReqnum, $soapCleartext, $detachedSig); |
| 168 | - $this->loggerInstance->debug(5, "approveRequest Request was: \n" . $soap->__getLastRequest()); |
|
| 169 | - $this->loggerInstance->debug(5, "approveRequest Response was: \n" . $soap->__getLastResponse()); |
|
| 168 | + $this->loggerInstance->debug(5, "approveRequest Request was: \n".$soap->__getLastRequest()); |
|
| 169 | + $this->loggerInstance->debug(5, "approveRequest Response was: \n".$soap->__getLastResponse()); |
|
| 170 | 170 | if ($soapIssueCert === FALSE) { |
| 171 | 171 | throw new Exception("The locally approved request was NOT processed by the CA."); |
| 172 | 172 | } |
@@ -203,9 +203,9 @@ discard block |
||
| 203 | 203 | throw new Exception("CAInfo has no root certificate for us!"); |
| 204 | 204 | } |
| 205 | 205 | } catch (SoapFault $e) { |
| 206 | - throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 206 | + throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 207 | 207 | } catch (Exception $e) { |
| 208 | - throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage()); |
|
| 208 | + throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage()); |
|
| 209 | 209 | } |
| 210 | 210 | return [ |
| 211 | 211 | "CERT" => openssl_x509_read($parsedCert['pem']), |
@@ -237,12 +237,12 @@ discard block |
||
| 237 | 237 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 238 | 238 | // rather than just using the string. Grr. |
| 239 | 239 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 240 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapRawRevRequest); |
|
| 240 | + file_put_contents($tempdir['dir']."/content.txt", $soapRawRevRequest); |
|
| 241 | 241 | // retrieve our RA cert from filesystem |
| 242 | 242 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 243 | 243 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 244 | 244 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n$soapRawRevRequest\n"); |
| 245 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . CertificationAuthorityEduPki::LOCATION_RA_KEY . " -signer " . CertificationAuthorityEduPki::LOCATION_RA_CERT; |
|
| 245 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".CertificationAuthorityEduPki::LOCATION_RA_KEY." -signer ".CertificationAuthorityEduPki::LOCATION_RA_CERT; |
|
| 246 | 246 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 247 | 247 | $output = []; |
| 248 | 248 | $return = 999; |
@@ -251,7 +251,7 @@ discard block |
||
| 251 | 251 | throw new Exception("Non-zero return value from openssl smime!"); |
| 252 | 252 | } |
| 253 | 253 | // and get the signature blob back from the filesystem |
| 254 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 254 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 255 | 255 | $soapIssueRev = $soap->approveRevocationRequest($soapRevocationSerial, $soapRawRevRequest, $detachedSig); |
| 256 | 256 | if ($soapIssueRev === FALSE) { |
| 257 | 257 | throw new Exception("The locally approved revocation request was NOT processed by the CA."); |
@@ -259,9 +259,9 @@ discard block |
||
| 259 | 259 | } catch (Exception $e) { |
| 260 | 260 | // PHP 7.1 can do this much better |
| 261 | 261 | if (is_soap_fault($e)) { |
| 262 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: {$e->faultstring}\n"); |
|
| 262 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: {$e->faultstring}\n"); |
|
| 263 | 263 | } |
| 264 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 264 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 265 | 265 | } |
| 266 | 266 | } |
| 267 | 267 | |
@@ -358,9 +358,9 @@ discard block |
||
| 358 | 358 | * @return string the integer as string in an XML fragment |
| 359 | 359 | */ |
| 360 | 360 | public function soapToXmlInteger($x) { |
| 361 | - return '<' . $x[0] . '>' |
|
| 361 | + return '<'.$x[0].'>' |
|
| 362 | 362 | . htmlentities($x[1], ENT_NOQUOTES | ENT_XML1) |
| 363 | - . '</' . $x[0] . '>'; |
|
| 363 | + . '</'.$x[0].'>'; |
|
| 364 | 364 | } |
| 365 | 365 | |
| 366 | 366 | /** |
@@ -378,9 +378,9 @@ discard block |
||
| 378 | 378 | // dump private key into directory |
| 379 | 379 | $outstring = ""; |
| 380 | 380 | openssl_pkey_export($privateKey, $outstring); |
| 381 | - file_put_contents($tempdir . "/pkey.pem", $outstring); |
|
| 381 | + file_put_contents($tempdir."/pkey.pem", $outstring); |
|
| 382 | 382 | // PHP can only do one DC in the Subject. But we need three. |
| 383 | - $execCmd = \config\Master::PATHS['openssl'] . " req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 383 | + $execCmd = \config\Master::PATHS['openssl']." req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 384 | 384 | $this->loggerInstance->debug(2, "Calling openssl req with following cmdline: $execCmd\n"); |
| 385 | 385 | $output = []; |
| 386 | 386 | $return = 999; |
@@ -15,10 +15,10 @@ discard block |
||
| 15 | 15 | |
| 16 | 16 | class CertificationAuthorityEmbeddedRSA extends EntityWithDBProperties implements CertificationAuthorityInterface { |
| 17 | 17 | |
| 18 | - private const LOCATION_ROOT_CA = ROOT . "/config/SilverbulletClientCerts/rootca-RSA.pem"; |
|
| 19 | - private const LOCATION_ISSUING_CA = ROOT . "/config/SilverbulletClientCerts/real-RSA.pem"; |
|
| 20 | - private const LOCATION_ISSUING_KEY = ROOT . "/config/SilverbulletClientCerts/real-RSA.key"; |
|
| 21 | - private const LOCATION_CONFIG = ROOT . "/config/SilverbulletClientCerts/openssl-RSA.cnf"; |
|
| 18 | + private const LOCATION_ROOT_CA = ROOT."/config/SilverbulletClientCerts/rootca-RSA.pem"; |
|
| 19 | + private const LOCATION_ISSUING_CA = ROOT."/config/SilverbulletClientCerts/real-RSA.pem"; |
|
| 20 | + private const LOCATION_ISSUING_KEY = ROOT."/config/SilverbulletClientCerts/real-RSA.key"; |
|
| 21 | + private const LOCATION_CONFIG = ROOT."/config/SilverbulletClientCerts/openssl-RSA.cnf"; |
|
| 22 | 22 | |
| 23 | 23 | /** |
| 24 | 24 | * string with the PEM variant of the root CA |
@@ -64,11 +64,11 @@ discard block |
||
| 64 | 64 | parent::__construct(); |
| 65 | 65 | $this->rootPem = file_get_contents(CertificationAuthorityEmbeddedRSA::LOCATION_ROOT_CA); |
| 66 | 66 | if ($this->rootPem === FALSE) { |
| 67 | - throw new Exception("Root CA PEM file not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_ROOT_CA); |
|
| 67 | + throw new Exception("Root CA PEM file not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_ROOT_CA); |
|
| 68 | 68 | } |
| 69 | 69 | $this->issuingCertRaw = file_get_contents(CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA); |
| 70 | 70 | if ($this->issuingCertRaw === FALSE) { |
| 71 | - throw new Exception("Issuing CA PEM file not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA); |
|
| 71 | + throw new Exception("Issuing CA PEM file not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA); |
|
| 72 | 72 | } |
| 73 | 73 | $rootParsed = openssl_x509_read($this->rootPem); |
| 74 | 74 | $this->issuingCert = openssl_x509_read($this->issuingCertRaw); |
@@ -76,15 +76,15 @@ discard block |
||
| 76 | 76 | throw new Exception("At least one CA PEM file did not parse correctly!"); |
| 77 | 77 | } |
| 78 | 78 | if (stat(CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY) === FALSE) { |
| 79 | - throw new Exception("Private key not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY); |
|
| 79 | + throw new Exception("Private key not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY); |
|
| 80 | 80 | } |
| 81 | - $issuingKeyTemp = openssl_pkey_get_private("file://" . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY); |
|
| 81 | + $issuingKeyTemp = openssl_pkey_get_private("file://".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY); |
|
| 82 | 82 | if ($issuingKeyTemp === FALSE) { |
| 83 | 83 | throw new Exception("The private key did not parse correctly!"); |
| 84 | 84 | } |
| 85 | 85 | $this->issuingKey = $issuingKeyTemp; |
| 86 | 86 | if (stat(CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG) === FALSE) { |
| 87 | - throw new Exception("openssl configuration not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG); |
|
| 87 | + throw new Exception("openssl configuration not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG); |
|
| 88 | 88 | } |
| 89 | 89 | $this->conffile = CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG; |
| 90 | 90 | } |
@@ -126,27 +126,27 @@ discard block |
||
| 126 | 126 | // generate stub index.txt file |
| 127 | 127 | $tempdirArray = \core\common\Entity::createTemporaryDirectory("test"); |
| 128 | 128 | $tempdir = $tempdirArray['dir']; |
| 129 | - $nowIndexTxt = (new \DateTime())->format("ymdHis") . "Z"; |
|
| 130 | - $expiryIndexTxt = $originalExpiry->format("ymdHis") . "Z"; |
|
| 129 | + $nowIndexTxt = (new \DateTime())->format("ymdHis")."Z"; |
|
| 130 | + $expiryIndexTxt = $originalExpiry->format("ymdHis")."Z"; |
|
| 131 | 131 | // serials for our CA are always integers |
| 132 | - $serialHex = strtoupper(dechex((int)$cert->serial)); |
|
| 132 | + $serialHex = strtoupper(dechex((int) $cert->serial)); |
|
| 133 | 133 | if (strlen($serialHex) % 2 == 1) { |
| 134 | - $serialHex = "0" . $serialHex; |
|
| 134 | + $serialHex = "0".$serialHex; |
|
| 135 | 135 | } |
| 136 | 136 | |
| 137 | - $indexStatement = "$certstatus\t$expiryIndexTxt\t" . ($certstatus == "R" ? "$nowIndexTxt,unspecified" : "") . "\t$serialHex\tunknown\t/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$federation/CN=$cert->username\n"; |
|
| 137 | + $indexStatement = "$certstatus\t$expiryIndexTxt\t".($certstatus == "R" ? "$nowIndexTxt,unspecified" : "")."\t$serialHex\tunknown\t/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$federation/CN=$cert->username\n"; |
|
| 138 | 138 | $this->loggerInstance->debug(4, "index.txt contents-to-be: $indexStatement"); |
| 139 | - if (!file_put_contents($tempdir . "/index.txt", $indexStatement)) { |
|
| 139 | + if (!file_put_contents($tempdir."/index.txt", $indexStatement)) { |
|
| 140 | 140 | $this->loggerInstance->debug(1, "Unable to write openssl index.txt file for revocation handling!"); |
| 141 | 141 | } |
| 142 | 142 | // index.txt.attr is dull but needs to exist |
| 143 | - file_put_contents($tempdir . "/index.txt.attr", "unique_subject = yes\n"); |
|
| 143 | + file_put_contents($tempdir."/index.txt.attr", "unique_subject = yes\n"); |
|
| 144 | 144 | // call "openssl ocsp" to manufacture our own OCSP statement |
| 145 | 145 | // adding "-rmd sha1" to the following command-line makes the |
| 146 | 146 | // choice of signature algorithm for the response explicit |
| 147 | 147 | // but it's only available from openssl-1.1.0 (which we do not |
| 148 | 148 | // want to require just for that one thing). |
| 149 | - $execCmd = \config\Master::PATHS['openssl'] . " ocsp -issuer " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA . " -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA . " -rsigner " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA . " -rkey " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY . " -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der"; |
|
| 149 | + $execCmd = \config\Master::PATHS['openssl']." ocsp -issuer ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA." -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA." -rsigner ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA." -rkey ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY." -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der"; |
|
| 150 | 150 | $this->loggerInstance->debug(2, "Calling openssl ocsp with following cmdline: $execCmd\n"); |
| 151 | 151 | $output = []; |
| 152 | 152 | $return = 999; |
@@ -154,11 +154,11 @@ discard block |
||
| 154 | 154 | if ($return !== 0) { |
| 155 | 155 | throw new Exception("Non-zero return value from openssl ocsp!"); |
| 156 | 156 | } |
| 157 | - $ocsp = file_get_contents($tempdir . "/$serialHex.response.der"); |
|
| 157 | + $ocsp = file_get_contents($tempdir."/$serialHex.response.der"); |
|
| 158 | 158 | // remove the temp dir! |
| 159 | - unlink($tempdir . "/$serialHex.response.der"); |
|
| 160 | - unlink($tempdir . "/index.txt.attr"); |
|
| 161 | - unlink($tempdir . "/index.txt"); |
|
| 159 | + unlink($tempdir."/$serialHex.response.der"); |
|
| 160 | + unlink($tempdir."/index.txt.attr"); |
|
| 161 | + unlink($tempdir."/index.txt"); |
|
| 162 | 162 | rmdir($tempdir); |
| 163 | 163 | $this->databaseHandle->exec("UPDATE silverbullet_certificate SET OCSP = ?, OCSP_timestamp = NOW() WHERE serial_number = ?", "si", $ocsp, $cert->serial); |
| 164 | 164 | return $ocsp; |
@@ -83,7 +83,7 @@ discard block |
||
| 83 | 83 | $this->installerPath = $cache['path']; |
| 84 | 84 | if ($this->installerPath !== NULL && $token === NULL && $password === NULL) { |
| 85 | 85 | $this->loggerInstance->debug(4, "Using cached installer for: $device\n"); |
| 86 | - $installerProperties['link'] = "API.php?action=downloadInstaller&lang=" . $this->languageInstance->getLang() . "&profile=$profileId&device=$device&generatedfor=$generatedFor"; |
|
| 86 | + $installerProperties['link'] = "API.php?action=downloadInstaller&lang=".$this->languageInstance->getLang()."&profile=$profileId&device=$device&generatedfor=$generatedFor"; |
|
| 87 | 87 | $installerProperties['mime'] = $cache['mime']; |
| 88 | 88 | } else { |
| 89 | 89 | $myInstaller = $this->generateNewInstaller($device, $profile, $generatedFor, $token, $password); |
@@ -171,7 +171,7 @@ discard block |
||
| 171 | 171 | $this->loggerInstance->debug(5, "generateNewInstaller() - Device setup done"); |
| 172 | 172 | $installer = $dev->writeInstaller(); |
| 173 | 173 | $this->loggerInstance->debug(5, "generateNewInstaller() - writeInstaller complete"); |
| 174 | - $iPath = $dev->FPATH . '/tmp/' . $installer; |
|
| 174 | + $iPath = $dev->FPATH.'/tmp/'.$installer; |
|
| 175 | 175 | if ($iPath && is_file($iPath)) { |
| 176 | 176 | if (isset($dev->options['mime'])) { |
| 177 | 177 | $out['mime'] = $dev->options['mime']; |
@@ -179,17 +179,17 @@ discard block |
||
| 179 | 179 | $info = new \finfo(); |
| 180 | 180 | $out['mime'] = $info->file($iPath, FILEINFO_MIME_TYPE); |
| 181 | 181 | } |
| 182 | - $this->installerPath = $dev->FPATH . '/' . $installer; |
|
| 182 | + $this->installerPath = $dev->FPATH.'/'.$installer; |
|
| 183 | 183 | rename($iPath, $this->installerPath); |
| 184 | 184 | $integerEap = (new \core\common\EAP($dev->selectedEap))->getIntegerRep(); |
| 185 | 185 | $profile->updateCache($device, $this->installerPath, $out['mime'], $integerEap); |
| 186 | 186 | if (\config\Master::DEBUG_LEVEL < 4) { |
| 187 | - \core\common\Entity::rrmdir($dev->FPATH . '/tmp'); |
|
| 187 | + \core\common\Entity::rrmdir($dev->FPATH.'/tmp'); |
|
| 188 | 188 | } |
| 189 | - $this->loggerInstance->debug(4, "Generated installer: " . $this->installerPath . ": for: $device, EAP:" . $integerEap . "\n"); |
|
| 190 | - $out['link'] = "API.php?action=downloadInstaller&lang=" . $this->languageInstance->getLang() . "&profile=" . $profile->identifier . "&device=$device&generatedfor=$generatedFor"; |
|
| 189 | + $this->loggerInstance->debug(4, "Generated installer: ".$this->installerPath.": for: $device, EAP:".$integerEap."\n"); |
|
| 190 | + $out['link'] = "API.php?action=downloadInstaller&lang=".$this->languageInstance->getLang()."&profile=".$profile->identifier."&device=$device&generatedfor=$generatedFor"; |
|
| 191 | 191 | } else { |
| 192 | - $this->loggerInstance->debug(2, "Installer generation failed for: " . $profile->identifier . ":$device:" . $this->languageInstance->getLang() . "\n"); |
|
| 192 | + $this->loggerInstance->debug(2, "Installer generation failed for: ".$profile->identifier.":$device:".$this->languageInstance->getLang()."\n"); |
|
| 193 | 193 | $out['link'] = 0; |
| 194 | 194 | } |
| 195 | 195 | } |
@@ -302,13 +302,13 @@ discard block |
||
| 302 | 302 | $file = $this->installerPath; |
| 303 | 303 | $filetype = $output['mime']; |
| 304 | 304 | $this->loggerInstance->debug(4, "installer MIME type:$filetype\n"); |
| 305 | - header("Content-type: " . $filetype); |
|
| 305 | + header("Content-type: ".$filetype); |
|
| 306 | 306 | if ($filetype !== "application/x-wifi-config") { // for those installers to work on Android, Content-Disposition MUST NOT be set |
| 307 | - header('Content-Disposition: inline; filename="' . basename($file) . '"'); |
|
| 307 | + header('Content-Disposition: inline; filename="'.basename($file).'"'); |
|
| 308 | 308 | } else { |
| 309 | 309 | header('Content-Transfer-Encoding: base64'); |
| 310 | 310 | } |
| 311 | - header('Content-Length: ' . filesize($file)); |
|
| 311 | + header('Content-Length: '.filesize($file)); |
|
| 312 | 312 | ob_clean(); |
| 313 | 313 | flush(); |
| 314 | 314 | readfile($file); |
@@ -329,7 +329,7 @@ discard block |
||
| 329 | 329 | $filetype = $info->buffer($inputImage, FILEINFO_MIME_TYPE); |
| 330 | 330 | $offset = 60 * 60 * 24 * 30; |
| 331 | 331 | // gmdate cannot fail here - time() is its default argument (and integer), and we are adding an integer to it |
| 332 | - $expiresString = "Expires: " . /** @scrutinizer ignore-type */ gmdate("D, d M Y H:i:s", time() + $offset) . " GMT"; |
|
| 332 | + $expiresString = "Expires: "./** @scrutinizer ignore-type */ gmdate("D, d M Y H:i:s", time() + $offset)." GMT"; |
|
| 333 | 333 | $blob = $inputImage; |
| 334 | 334 | |
| 335 | 335 | if ($resize === TRUE) { |
@@ -384,7 +384,7 @@ discard block |
||
| 384 | 384 | $filetype = 'image/png'; // default, only one code path where it can become different |
| 385 | 385 | list($width, $height, $resize) = $this->testForResize($widthIn, $heightIn); |
| 386 | 386 | if ($resize) { |
| 387 | - $logoFile = ROOT . '/web/downloads/logos/' . $identifier . '_' . $width . '_' . $height . '.png'; |
|
| 387 | + $logoFile = ROOT.'/web/downloads/logos/'.$identifier.'_'.$width.'_'.$height.'.png'; |
|
| 388 | 388 | } |
| 389 | 389 | if (is_file($logoFile)) { // $logoFile could be an empty string but then we will get a FALSE |
| 390 | 390 | $this->loggerInstance->debug(4, "Using cached logo $logoFile for: $identifier\n"); |
@@ -477,7 +477,7 @@ discard block |
||
| 477 | 477 | if (!isset($device['match'])) { |
| 478 | 478 | continue; |
| 479 | 479 | } |
| 480 | - if (preg_match('/' . $device['match'] . '/', $browser)) { |
|
| 480 | + if (preg_match('/'.$device['match'].'/', $browser)) { |
|
| 481 | 481 | return $this->returnDevice($devId, $device); |
| 482 | 482 | } |
| 483 | 483 | } |
@@ -20,7 +20,7 @@ discard block |
||
| 20 | 20 | */ |
| 21 | 21 | ?> |
| 22 | 22 | <?php |
| 23 | -require_once dirname(dirname(dirname(dirname(__FILE__)))) . "/config/_config.php"; |
|
| 23 | +require_once dirname(dirname(dirname(dirname(__FILE__))))."/config/_config.php"; |
|
| 24 | 24 | |
| 25 | 25 | $auth = new \web\lib\admin\Authentication(); |
| 26 | 26 | $languageInstance = new \core\common\Language(); |
@@ -38,7 +38,7 @@ discard block |
||
| 38 | 38 | $invitationObject = new core\SilverbulletInvitation($validator->token(filter_input(INPUT_POST, 'token'))); |
| 39 | 39 | header("Content-Type:text/html;charset=utf-8"); |
| 40 | 40 | ?> |
| 41 | -<h1 style='text-align:center;'><?php echo _("Invitation Token QR Code");?></h1> |
|
| 41 | +<h1 style='text-align:center;'><?php echo _("Invitation Token QR Code"); ?></h1> |
|
| 42 | 42 | <img style='float:none' src='data:image/png;base64,<?php |
| 43 | 43 | $size = 10; |
| 44 | 44 | $qrCode = new \chillerlan\QRCode\QRCode(new \chillerlan\QRCode\QROptions([ |
@@ -51,5 +51,5 @@ discard block |
||
| 51 | 51 | if (empty($rawQr)) { |
| 52 | 52 | throw new Exception("Something went seriously wrong during QR code generation!"); |
| 53 | 53 | } |
| 54 | -echo base64_encode($uiElements->pngInjectConsortiumLogo($rawQr, $size));?>'/> |
|
| 55 | -<p>(<a href='<?php echo $invitationObject->link();?>'><?php echo $invitationObject->link();?>)</a></p> |
|
| 54 | +echo base64_encode($uiElements->pngInjectConsortiumLogo($rawQr, $size)); ?>'/> |
|
| 55 | +<p>(<a href='<?php echo $invitationObject->link(); ?>'><?php echo $invitationObject->link(); ?>)</a></p> |
|
@@ -26,7 +26,7 @@ discard block |
||
| 26 | 26 | */ |
| 27 | 27 | ?> |
| 28 | 28 | <?php |
| 29 | -require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
| 29 | +require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php"; |
|
| 30 | 30 | |
| 31 | 31 | $deco = new \web\lib\admin\PageDecoration(); |
| 32 | 32 | $validator = new \web\lib\common\InputValidation(); |
@@ -38,7 +38,7 @@ discard block |
||
| 38 | 38 | } else { |
| 39 | 39 | $link = 'http://'; |
| 40 | 40 | } |
| 41 | -$link .= $_SERVER['SERVER_NAME'] . $_SERVER['SCRIPT_NAME']; |
|
| 41 | +$link .= $_SERVER['SERVER_NAME'].$_SERVER['SCRIPT_NAME']; |
|
| 42 | 42 | $link = htmlspecialchars($link); |
| 43 | 43 | |
| 44 | 44 | echo $deco->defaultPagePrelude(sprintf(_("%s: %s Dashboard"), \config\Master::APPEARANCE['productname'], $uiElements->nomenclatureInst)); |
@@ -84,10 +84,10 @@ discard block |
||
| 84 | 84 | $readonly = \config\Master::DB['INST']['readonly']; |
| 85 | 85 | $profiles_for_this_idp = $my_inst->listProfiles(); |
| 86 | 86 | if (count($profiles_for_this_idp) == 0) { // no profiles yet. |
| 87 | - echo "<h2>" . sprintf(_("There are not yet any profiles for your %s."), $uiElements->nomenclatureInst) . "</h2>"; |
|
| 87 | + echo "<h2>".sprintf(_("There are not yet any profiles for your %s."), $uiElements->nomenclatureInst)."</h2>"; |
|
| 88 | 88 | } |
| 89 | 89 | if (count($profiles_for_this_idp) > 0) { // no profiles yet. |
| 90 | - echo "<h2>" . sprintf(_("Profiles for this %s"), $uiElements->nomenclatureInst) . "</h2>"; |
|
| 90 | + echo "<h2>".sprintf(_("Profiles for this %s"), $uiElements->nomenclatureInst)."</h2>"; |
|
| 91 | 91 | } |
| 92 | 92 | // if there is one profile and it is of type Silver Bullet, display a very |
| 93 | 93 | // simple widget with just a "Manage" button |
@@ -113,7 +113,7 @@ discard block |
||
| 113 | 113 | echo _("Information needed!"); |
| 114 | 114 | echo "<ul style='margin:1px'>"; |
| 115 | 115 | foreach ($completeness as $missing_attrib) { |
| 116 | - echo "<li>" . $uiElements->displayName($missing_attrib) . "</li>"; |
|
| 116 | + echo "<li>".$uiElements->displayName($missing_attrib)."</li>"; |
|
| 117 | 117 | } |
| 118 | 118 | echo "</ul>"; |
| 119 | 119 | echo "</div>"; |
@@ -127,7 +127,7 @@ discard block |
||
| 127 | 127 | if ($readonly === FALSE) { |
| 128 | 128 | ?> |
| 129 | 129 | <form action='edit_silverbullet.php?inst_id=<?php echo $my_inst->identifier; ?>&profile_id=<?php echo $profile_list->identifier; ?>' method='POST'> |
| 130 | - <button <?php echo ( is_array($completeness) ? "disabled" : "" ); ?> type='submit' name='sb_action' value='sb_edit'><?php echo _("Manage User Base"); ?></button> |
|
| 130 | + <button <?php echo (is_array($completeness) ? "disabled" : ""); ?> type='submit' name='sb_action' value='sb_edit'><?php echo _("Manage User Base"); ?></button> |
|
| 131 | 131 | </form> |
| 132 | 132 | <?php |
| 133 | 133 | } |
@@ -159,21 +159,21 @@ discard block |
||
| 159 | 159 | $has_overrides = TRUE; |
| 160 | 160 | } |
| 161 | 161 | } |
| 162 | - $buffer_eaptypediv = "<div style='margin-bottom:40px; float:left;'>" . _("<strong>EAP Types</strong> (in order of preference):") . "<br/>"; |
|
| 162 | + $buffer_eaptypediv = "<div style='margin-bottom:40px; float:left;'>"._("<strong>EAP Types</strong> (in order of preference):")."<br/>"; |
|
| 163 | 163 | $typelist = $profile_list->getEapMethodsinOrderOfPreference(); |
| 164 | 164 | $allcomplete = TRUE; |
| 165 | 165 | foreach ($typelist as $eaptype) { |
| 166 | 166 | $buffer_eaptypediv .= $eaptype->getPrintableRep(); |
| 167 | 167 | $completeness = $profile_list->isEapTypeDefinitionComplete($eaptype); |
| 168 | 168 | if ($completeness === true) { |
| 169 | - $buffer_eaptypediv .= " <div class='acceptable'>" . _("OK") . "</div>"; |
|
| 169 | + $buffer_eaptypediv .= " <div class='acceptable'>"._("OK")."</div>"; |
|
| 170 | 170 | } else { |
| 171 | 171 | $buffer_eaptypediv .= " <div class='notacceptable'>"; |
| 172 | 172 | $buffer_eaptypediv .= _("Information needed!"); |
| 173 | 173 | if (is_array($completeness)) { |
| 174 | 174 | $buffer_eaptypediv .= "<ul style='margin:1px'>"; |
| 175 | 175 | foreach ($completeness as $missing_attrib) { |
| 176 | - $buffer_eaptypediv .= "<li>" . $uiElements->displayName($missing_attrib) . "</li>"; |
|
| 176 | + $buffer_eaptypediv .= "<li>".$uiElements->displayName($missing_attrib)."</li>"; |
|
| 177 | 177 | } |
| 178 | 178 | $buffer_eaptypediv .= "</ul>"; |
| 179 | 179 | } |
@@ -185,12 +185,12 @@ discard block |
||
| 185 | 185 | foreach ($attribs as $attrib) { |
| 186 | 186 | if ($attrib['level'] == "Method" && !preg_match("/^internal:/", $attrib['name']) && !$justOnce) { |
| 187 | 187 | $justOnce = TRUE; |
| 188 | - $buffer_eaptypediv .= "<img src='../resources/images/icons/Letter-E-blue-icon.png' alt='" . _("Options on EAP Method/Device level are in effect.") . "'>"; |
|
| 188 | + $buffer_eaptypediv .= "<img src='../resources/images/icons/Letter-E-blue-icon.png' alt='"._("Options on EAP Method/Device level are in effect.")."'>"; |
|
| 189 | 189 | } |
| 190 | 190 | } |
| 191 | 191 | $buffer_eaptypediv .= "<br/>"; |
| 192 | 192 | } |
| 193 | - $buffer_headline = "<div style='padding-bottom:20px;'><h2 style='overflow:auto; display:inline; padding-bottom: 10px;'>" . sprintf(_("Profile: %s"), $profile_name) . "</h2>"; |
|
| 193 | + $buffer_headline = "<div style='padding-bottom:20px;'><h2 style='overflow:auto; display:inline; padding-bottom: 10px;'>".sprintf(_("Profile: %s"), $profile_name)."</h2>"; |
|
| 194 | 194 | |
| 195 | 195 | $buffer_headline .= "<span style='float:right;'>"; |
| 196 | 196 | $readiness = $profile_list->readinessLevel(); |
@@ -222,18 +222,18 @@ discard block |
||
| 222 | 222 | if (\config\Master::FUNCTIONALITY_LOCATIONS['DIAGNOSTICS'] == "LOCAL") { |
| 223 | 223 | $diagUrl = "../diag/"; |
| 224 | 224 | } else { |
| 225 | - $diagUrl = \config\Master::FUNCTIONALITY_LOCATIONS['DIAGNOSTICS'] . "/diag/"; |
|
| 225 | + $diagUrl = \config\Master::FUNCTIONALITY_LOCATIONS['DIAGNOSTICS']."/diag/"; |
|
| 226 | 226 | } |
| 227 | - echo "<form action='" . $diagUrl . "action_realmcheck.php?inst_id=$my_inst->identifier&profile_id=$profile_list->identifier' method='post' accept-charset='UTF-8'> |
|
| 227 | + echo "<form action='".$diagUrl."action_realmcheck.php?inst_id=$my_inst->identifier&profile_id=$profile_list->identifier' method='post' accept-charset='UTF-8'> |
|
| 228 | 228 | <input type='hidden' name='comefrom' id='comefrom-$profilecount' value='$link'/> |
| 229 | - <button type='submit' name='profile_action' value='check' " . ($has_realm ? "" : "disabled='disabled' title='" . _("The realm can only be checked if you configure the realm!") . "'") . "> |
|
| 230 | - " . _("Check realm reachability") . " |
|
| 229 | + <button type='submit' name='profile_action' value='check' ".($has_realm ? "" : "disabled='disabled' title='"._("The realm can only be checked if you configure the realm!")."'")."> |
|
| 230 | + " . _("Check realm reachability")." |
|
| 231 | 231 | </button> |
| 232 | 232 | </form>"; |
| 233 | 233 | } |
| 234 | 234 | echo "<form action='overview_installers.php?inst_id=$my_inst->identifier&profile_id=$profile_list->identifier' method='post' accept-charset='UTF-8'> |
| 235 | - <button type='submit' name='profile_action' value='check' " . ($has_eaptypes ? "" : "disabled='disabled' title='" . _("You have not fully configured any supported EAP types!") . "'") . "> |
|
| 236 | - " . _("Installer Fine-Tuning and Download") . " |
|
| 235 | + <button type='submit' name='profile_action' value='check' ".($has_eaptypes ? "" : "disabled='disabled' title='"._("You have not fully configured any supported EAP types!")."'")."> |
|
| 236 | + " . _("Installer Fine-Tuning and Download")." |
|
| 237 | 237 | </button> |
| 238 | 238 | </form> |
| 239 | 239 | </div>"; |
@@ -242,11 +242,11 @@ discard block |
||
| 242 | 242 | echo " <div class='buttongroupprofilebox' style='clear:both;'> |
| 243 | 243 | <form action='edit_profile.php?inst_id=$my_inst->identifier&profile_id=$profile_list->identifier' method='post' accept-charset='UTF-8'> |
| 244 | 244 | <hr/> |
| 245 | - <button type='submit' name='profile_action' value='edit'>" . _("Edit") . "</button> |
|
| 245 | + <button type='submit' name='profile_action' value='edit'>"._("Edit")."</button> |
|
| 246 | 246 | </form> |
| 247 | 247 | <form action='edit_profile_result.php?inst_id=$my_inst->identifier&profile_id=$profile_list->identifier' method='post' accept-charset='UTF-8'> |
| 248 | - <button class='delete' type='submit' name='submitbutton' value='" . web\lib\common\FormElements::BUTTON_DELETE . "' onclick=\"return confirm('" . sprintf(_("Do you really want to delete the profile %s?"), $profile_name) . "')\"> |
|
| 249 | - " . _("Delete") . " |
|
| 248 | + <button class='delete' type='submit' name='submitbutton' value='".web\lib\common\FormElements::BUTTON_DELETE."' onclick=\"return confirm('".sprintf(_("Do you really want to delete the profile %s?"), $profile_name)."')\"> |
|
| 249 | + " . _("Delete")." |
|
| 250 | 250 | </button> |
| 251 | 251 | </form> |
| 252 | 252 | </div>"; |
@@ -255,10 +255,10 @@ discard block |
||
| 255 | 255 | // dummy width to keep a little distance |
| 256 | 256 | echo "<div style='width:20px;'></div>"; |
| 257 | 257 | if ($readiness == core\AbstractProfile::READINESS_LEVEL_SHOWTIME) { |
| 258 | - $idpLevelUrl = ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://') . $_SERVER['SERVER_NAME'] . dirname(dirname($_SERVER['SCRIPT_NAME'])) . "?idp=" . $my_inst->identifier; |
|
| 259 | - echo "<div style='display: table-cell; text-align:center;'><p><strong>" . _("User Download Link") . "</strong></p>"; |
|
| 260 | - $displayurl = $idpLevelUrl . "&profile=" . $profile_list->identifier; |
|
| 261 | - $QRurl = $idpLevelUrl . "&profile=" . $profile_list->identifier; |
|
| 258 | + $idpLevelUrl = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://').$_SERVER['SERVER_NAME'].dirname(dirname($_SERVER['SCRIPT_NAME']))."?idp=".$my_inst->identifier; |
|
| 259 | + echo "<div style='display: table-cell; text-align:center;'><p><strong>"._("User Download Link")."</strong></p>"; |
|
| 260 | + $displayurl = $idpLevelUrl."&profile=".$profile_list->identifier; |
|
| 261 | + $QRurl = $idpLevelUrl."&profile=".$profile_list->identifier; |
|
| 262 | 262 | $qrCode = new \chillerlan\QRCode\QRCode(new \chillerlan\QRCode\QROptions([ |
| 263 | 263 | 'outputType' => \chillerlan\QRCode\QRCode::OUTPUT_IMAGE_PNG, |
| 264 | 264 | 'eccLevel' => \chillerlan\QRCode\QRCode::ECC_H, |
@@ -270,16 +270,16 @@ discard block |
||
| 270 | 270 | if (empty($rawQr)) { |
| 271 | 271 | throw new Exception("Something went seriously wrong during QR code generation!"); |
| 272 | 272 | } |
| 273 | - $uri = "data:image/png;base64," . base64_encode($uiElements->pngInjectConsortiumLogo($rawQr, web\lib\admin\UIElements::QRCODE_PIXELS_PER_SYMBOL)); |
|
| 273 | + $uri = "data:image/png;base64,".base64_encode($uiElements->pngInjectConsortiumLogo($rawQr, web\lib\admin\UIElements::QRCODE_PIXELS_PER_SYMBOL)); |
|
| 274 | 274 | $size = getimagesize($uri); |
| 275 | - echo "<img width='" . ($size[0] / 4) . "' height='" . ($size[1] / 4) . "' src='$uri' alt='QR-code'/>"; |
|
| 275 | + echo "<img width='".($size[0] / 4)."' height='".($size[1] / 4)."' src='$uri' alt='QR-code'/>"; |
|
| 276 | 276 | |
| 277 | 277 | //echo "<nobr>$displayurl</nobr></a>"; |
| 278 | 278 | echo "<p>$displayurl</p></a>"; |
| 279 | 279 | echo "</div>"; |
| 280 | 280 | // dummy width to keep a little distance |
| 281 | 281 | echo "<div style='width:20px;'></div>"; |
| 282 | - echo "<div style='display: table-cell; min-width:200px;'><p><strong>" . _("User Downloads") . "</strong></p><table>"; |
|
| 282 | + echo "<div style='display: table-cell; min-width:200px;'><p><strong>"._("User Downloads")."</strong></p><table>"; |
|
| 283 | 283 | $stats = $profile_list->getUserDownloadStats(); |
| 284 | 284 | foreach ($stats as $dev => $count) { |
| 285 | 285 | echo "<tr><td><strong>$dev</strong></td><td>$count</td></tr>"; |
@@ -92,10 +92,10 @@ discard block |
||
| 92 | 92 | <NodeName>AAAServerTrustRoot</NodeName>'; |
| 93 | 93 | foreach ($this->attributes['internal:CAs'][0] as $oneCert) { |
| 94 | 94 | $retval .= '<Node> |
| 95 | - <NodeName>' . $oneCert['uuid'] . '</NodeName> |
|
| 95 | + <NodeName>' . $oneCert['uuid'].'</NodeName> |
|
| 96 | 96 | <Node> |
| 97 | 97 | <NodeName>CertSHA256Fingerprint</NodeName> |
| 98 | - <Value>' . $oneCert['sha256'] . '</Value> |
|
| 98 | + <Value>' . $oneCert['sha256'].'</Value> |
|
| 99 | 99 | </Node> |
| 100 | 100 | </Node> |
| 101 | 101 | '; |
@@ -114,7 +114,7 @@ discard block |
||
| 114 | 114 | $now = new \DateTime(); |
| 115 | 115 | return '<Node> |
| 116 | 116 | <NodeName>CreationDate</NodeName> |
| 117 | - <Value>' . $now->format("Y-m-d") . "T" . $now->format("H:i:s") . "Z" . '</Value> |
|
| 117 | + <Value>' . $now->format("Y-m-d")."T".$now->format("H:i:s")."Z".'</Value> |
|
| 118 | 118 | </Node>'; |
| 119 | 119 | } |
| 120 | 120 | |
@@ -128,11 +128,11 @@ discard block |
||
| 128 | 128 | <NodeName>HomeSP</NodeName> |
| 129 | 129 | <Node> |
| 130 | 130 | <NodeName>FriendlyName</NodeName> |
| 131 | - <Value>' . sprintf(_("%s via Passpoint"), \config\ConfAssistant::CONSORTIUM['display_name']) . '</Value> |
|
| 131 | + <Value>' . sprintf(_("%s via Passpoint"), \config\ConfAssistant::CONSORTIUM['display_name']).'</Value> |
|
| 132 | 132 | </Node> |
| 133 | 133 | <Node> |
| 134 | 134 | <NodeName>FQDN</NodeName> |
| 135 | - <Value>' . $this->attributes['eap:server_name'][0] /* what, only one FQDN allowed? */ . '</Value> |
|
| 135 | + <Value>' . $this->attributes['eap:server_name'][0] /* what, only one FQDN allowed? */.'</Value> |
|
| 136 | 136 | </Node> |
| 137 | 137 | <Node> |
| 138 | 138 | <NodeName>RoamingConsortiumOI</NodeName> |
@@ -148,7 +148,7 @@ discard block |
||
| 148 | 148 | $oiList .= ","; |
| 149 | 149 | } |
| 150 | 150 | } |
| 151 | - $retval .= $oiList . '</Value> |
|
| 151 | + $retval .= $oiList.'</Value> |
|
| 152 | 152 | </Node> |
| 153 | 153 | </Node> |
| 154 | 154 | '; |
@@ -165,7 +165,7 @@ discard block |
||
| 165 | 165 | <NodeName>Credential</NodeName> |
| 166 | 166 | <Node> |
| 167 | 167 | <NodeName>Realm</NodeName> |
| 168 | - <Value>' . $this->attributes['internal:realm'][0] . '</Value> |
|
| 168 | + <Value>' . $this->attributes['internal:realm'][0].'</Value> |
|
| 169 | 169 | </Node>'; |
| 170 | 170 | /* the example file I got did not include CreationDate, so omit it |
| 171 | 171 | * |
@@ -180,7 +180,7 @@ discard block |
||
| 180 | 180 | </Node> |
| 181 | 181 | <Node> |
| 182 | 182 | <NodeName>CertSHA256Fingerprint</NodeName> |
| 183 | - <Value>' . strtoupper($this->clientCert["sha256"]) /* the actual cert has to go... where? */ . '</Value> |
|
| 183 | + <Value>' . strtoupper($this->clientCert["sha256"]) /* the actual cert has to go... where? */.'</Value> |
|
| 184 | 184 | </Node> |
| 185 | 185 | </Node> |
| 186 | 186 | </Node> |
@@ -298,7 +298,7 @@ discard block |
||
| 298 | 298 | // foresee signing. |
| 299 | 299 | // but if they ever change their mind, we are prepared |
| 300 | 300 | |
| 301 | - $outputFromSigning = system($this->sign . " installer_profile '$fileName' > /dev/null"); |
|
| 301 | + $outputFromSigning = system($this->sign." installer_profile '$fileName' > /dev/null"); |
|
| 302 | 302 | if ($outputFromSigning === FALSE) { |
| 303 | 303 | $this->loggerInstance->debug(2, "Signing the ONC installer $fileName FAILED!\n"); |
| 304 | 304 | } |
@@ -201,7 +201,7 @@ |
||
| 201 | 201 | } |
| 202 | 202 | |
| 203 | 203 | if (!empty($this->attributes['internal:realm'][0])) { |
| 204 | - $config['USER_REALM'] = $this->attributes['internal:realm'][0]; |
|
| 204 | + $config['USER_REALM'] = $this->attributes['internal:realm'][0]; |
|
| 205 | 205 | } |
| 206 | 206 | |
| 207 | 207 | if(!empty($this->attributes['internal:hint_userinput_suffix'][0]) && $this->attributes['internal:hint_userinput_suffix'][0] == 1) { |
@@ -45,7 +45,7 @@ discard block |
||
| 45 | 45 | * |
| 46 | 46 | */ |
| 47 | 47 | public function writeInstaller() { |
| 48 | - $installerPath = $this->installerBasename . ".py"; |
|
| 48 | + $installerPath = $this->installerBasename.".py"; |
|
| 49 | 49 | $this->copyFile("eduroam_linux_main.sh", $installerPath); |
| 50 | 50 | $installer = fopen($installerPath, "a"); |
| 51 | 51 | if ($installer === FALSE) { |
@@ -77,9 +77,9 @@ discard block |
||
| 77 | 77 | $out .= "<p>"; |
| 78 | 78 | if ($ssidCount > 1) { |
| 79 | 79 | if ($ssidCount > 2) { |
| 80 | - $out .= sprintf(_("In addition to <strong>%s</strong> the installer will also configure access to the following networks:"), implode(', ', \config\ConfAssistant::CONSORTIUM['ssid'])) . " "; |
|
| 80 | + $out .= sprintf(_("In addition to <strong>%s</strong> the installer will also configure access to the following networks:"), implode(', ', \config\ConfAssistant::CONSORTIUM['ssid']))." "; |
|
| 81 | 81 | } else { |
| 82 | - $out .= sprintf(_("In addition to <strong>%s</strong> the installer will also configure access to:"), implode(', ', \config\ConfAssistant::CONSORTIUM['ssid'])) . " "; |
|
| 82 | + $out .= sprintf(_("In addition to <strong>%s</strong> the installer will also configure access to:"), implode(', ', \config\ConfAssistant::CONSORTIUM['ssid']))." "; |
|
| 83 | 83 | } |
| 84 | 84 | $iterator = 0; |
| 85 | 85 | foreach ($this->attributes['internal:SSID'] as $ssid => $v) { |
@@ -116,7 +116,7 @@ discard block |
||
| 116 | 116 | * @return void |
| 117 | 117 | */ |
| 118 | 118 | private function writeConfigLine($file, $name, $text) { |
| 119 | - $out = $name . '="' . $text . '"\n'; |
|
| 119 | + $out = $name.'="'.$text.'"\n'; |
|
| 120 | 120 | fwrite($file, wordwrap($out, 70, "\n"); |
| 121 | 121 | } |
| 122 | 122 | |
@@ -197,18 +197,18 @@ discard block |
||
| 197 | 197 | } |
| 198 | 198 | |
| 199 | 199 | if ($outerId !== NULL) { |
| 200 | - $configRaw['ANONYMOUS_IDENTITY'] = '"' . $outerId . '"'; |
|
| 200 | + $configRaw['ANONYMOUS_IDENTITY'] = '"'.$outerId.'"'; |
|
| 201 | 201 | } |
| 202 | 202 | |
| 203 | 203 | if (!empty($this->attributes['internal:realm'][0])) { |
| 204 | 204 | $config['USER_REALM'] = $this->attributes['internal:realm'][0]; |
| 205 | 205 | } |
| 206 | 206 | |
| 207 | - if(!empty($this->attributes['internal:hint_userinput_suffix'][0]) && $this->attributes['internal:hint_userinput_suffix'][0] == 1) { |
|
| 207 | + if (!empty($this->attributes['internal:hint_userinput_suffix'][0]) && $this->attributes['internal:hint_userinput_suffix'][0] == 1) { |
|
| 208 | 208 | $configRaw['HINT_USER_INPUT'] = "True"; |
| 209 | 209 | } |
| 210 | 210 | |
| 211 | - if(!empty($this->attributes['internal:verify_userinput_suffix'][0]) && $this->attributes['internal:verify_userinput_suffix'][0] == 1) { |
|
| 211 | + if (!empty($this->attributes['internal:verify_userinput_suffix'][0]) && $this->attributes['internal:verify_userinput_suffix'][0] == 1) { |
|
| 212 | 212 | $configRaw['VERIFY_USER_REALM_INPUT'] = "True"; |
| 213 | 213 | } |
| 214 | 214 | |
@@ -223,13 +223,13 @@ discard block |
||
| 223 | 223 | if ($tou === '') { |
| 224 | 224 | fwrite($file, "TOU=\"\"\n"); |
| 225 | 225 | } else { |
| 226 | - fwrite($file, "TOU=\"" . $tou . "\"\n"); |
|
| 226 | + fwrite($file, "TOU=\"".$tou."\"\n"); |
|
| 227 | 227 | } |
| 228 | 228 | |
| 229 | - fwrite($file, "CA=\"" . $this->mkCAfile() . "\"\n"); |
|
| 229 | + fwrite($file, "CA=\"".$this->mkCAfile()."\"\n"); |
|
| 230 | 230 | $sbUserFile = $this->mkSbUserFile(); |
| 231 | 231 | if ($sbUserFile !== '') { |
| 232 | - fwrite($file, "SB_USER_FILE=\"" . $sbUserFile . "\"\n"); |
|
| 232 | + fwrite($file, "SB_USER_FILE=\"".$sbUserFile."\"\n"); |
|
| 233 | 233 | } |
| 234 | 234 | } |
| 235 | 235 | |
@@ -281,7 +281,7 @@ discard block |
||
| 281 | 281 | } |
| 282 | 282 | $out .= "'DNS:$oneServer'"; |
| 283 | 283 | } |
| 284 | - return "[" . $out. "]"; |
|
| 284 | + return "[".$out."]"; |
|
| 285 | 285 | } |
| 286 | 286 | |
| 287 | 287 | /** |
@@ -295,7 +295,7 @@ discard block |
||
| 295 | 295 | foreach ($ssids as $ssid => $cipher) { |
| 296 | 296 | $outArray[] = "'$ssid'"; |
| 297 | 297 | } |
| 298 | - return '[' . implode(', ', $outArray) . ']'; |
|
| 298 | + return '['.implode(', ', $outArray).']'; |
|
| 299 | 299 | } |
| 300 | 300 | |
| 301 | 301 | /** |
@@ -311,7 +311,7 @@ discard block |
||
| 311 | 311 | $outArray[] = "'$ssid'"; |
| 312 | 312 | } |
| 313 | 313 | } |
| 314 | - return '[' . implode(', ', $outArray) . ']'; |
|
| 314 | + return '['.implode(', ', $outArray).']'; |
|
| 315 | 315 | } |
| 316 | 316 | |
| 317 | 317 | /** |
@@ -319,7 +319,7 @@ discard block |
||
| 319 | 319 | * |
| 320 | 320 | * @return string |
| 321 | 321 | */ |
| 322 | - private function mkCAfile(){ |
|
| 322 | + private function mkCAfile() { |
|
| 323 | 323 | $out = ''; |
| 324 | 324 | $cAlist = $this->attributes['internal:CAs'][0]; |
| 325 | 325 | foreach ($cAlist as $oneCa) { |
@@ -335,7 +335,7 @@ discard block |
||
| 335 | 335 | */ |
| 336 | 336 | private function mkIntro() { |
| 337 | 337 | \core\common\Entity::intoThePotatoes(); |
| 338 | - $out = _("This installer has been prepared for {0}") . '\n\n' . _("More information and comments:") . '\n\nE-Mail: {1}\nWWW: {2}\n\n' . |
|
| 338 | + $out = _("This installer has been prepared for {0}").'\n\n'._("More information and comments:").'\n\nE-Mail: {1}\nWWW: {2}\n\n'. |
|
| 339 | 339 | _("Installer created with software from the GEANT project."); |
| 340 | 340 | \core\common\Entity::outOfThePotatoes(); |
| 341 | 341 | return $out; |
@@ -191,8 +191,7 @@ |
||
| 191 | 191 | |
| 192 | 192 | if ($this->selectedEap == \core\common\EAP::EAPTYPE_TLS && isset($this->attributes['eap-specific:tls_use_other_id']) && $this->attributes['eap-specific:tls_use_other_id'][0] == 'on') { |
| 193 | 193 | $configRaw['USE_OTHER_TLS_ID'] = "True"; |
| 194 | - } |
|
| 195 | - else { |
|
| 194 | + } else { |
|
| 196 | 195 | $configRaw['USE_OTHER_TLS_ID'] = "False"; |
| 197 | 196 | } |
| 198 | 197 | |
