GEANT /
CAT
@@ -165,7 +165,7 @@ discard block |
||
| 165 | 165 | } |
| 166 | 166 | } |
| 167 | 167 | |
| 168 | - $this->loggerInstance->debug(4, "RADIUSTests is in opMode " . $this->opMode . ", parameters were: $realm, $outerUsernameForChecks, " . /** @scrutinizer ignore-type */ print_r($supportedEapTypes, true)); |
|
| 168 | + $this->loggerInstance->debug(4, "RADIUSTests is in opMode ".$this->opMode.", parameters were: $realm, $outerUsernameForChecks, "./** @scrutinizer ignore-type */ print_r($supportedEapTypes, true)); |
|
| 169 | 169 | $this->loggerInstance->debug(4, /** @scrutinizer ignore-type */ print_r($expectedServerNames, true)); |
| 170 | 170 | $this->loggerInstance->debug(4, /** @scrutinizer ignore-type */ print_r($expectedCABundle, true)); |
| 171 | 171 | |
@@ -252,7 +252,7 @@ discard block |
||
| 252 | 252 | $returnarray[] = RADIUSTests::CERTPROB_WILDCARD_IN_NAME; |
| 253 | 253 | continue; // otherwise we'd ALSO complain that it's not a real hostname |
| 254 | 254 | } |
| 255 | - if ($onename != "" && filter_var("foo@" . idn_to_ascii($onename), FILTER_VALIDATE_EMAIL) === FALSE) { |
|
| 255 | + if ($onename != "" && filter_var("foo@".idn_to_ascii($onename), FILTER_VALIDATE_EMAIL) === FALSE) { |
|
| 256 | 256 | $returnarray[] = RADIUSTests::CERTPROB_NOT_A_HOSTNAME; |
| 257 | 257 | } |
| 258 | 258 | } |
@@ -278,7 +278,7 @@ discard block |
||
| 278 | 278 | $probValue = RADIUSTests::CERTPROB_SHA1_SIGNATURE; |
| 279 | 279 | $returnarray[] = $probValue; |
| 280 | 280 | } |
| 281 | - $this->loggerInstance->debug(4, "CERT IS: " . /** @scrutinizer ignore-type */ print_r($intermediateCa, TRUE)); |
|
| 281 | + $this->loggerInstance->debug(4, "CERT IS: "./** @scrutinizer ignore-type */ print_r($intermediateCa, TRUE)); |
|
| 282 | 282 | if ($intermediateCa['basicconstraints_set'] == 0) { |
| 283 | 283 | $returnarray[] = RADIUSTests::CERTPROB_NO_BASICCONSTRAINTS; |
| 284 | 284 | } |
@@ -326,7 +326,7 @@ discard block |
||
| 326 | 326 | public function udpReachability($probeindex, $opnameCheck = TRUE, $frag = TRUE) { |
| 327 | 327 | // for EAP-TLS to be a viable option, we need to pass a random client cert to make eapol_test happy |
| 328 | 328 | // the following PEM data is one of the SENSE EAPLab client certs (not secret at all) |
| 329 | - $clientcert = file_get_contents(dirname(__FILE__) . "/clientcert.p12"); |
|
| 329 | + $clientcert = file_get_contents(dirname(__FILE__)."/clientcert.p12"); |
|
| 330 | 330 | if ($clientcert === FALSE) { |
| 331 | 331 | throw new Exception("A dummy client cert is part of the source distribution, but could not be loaded!"); |
| 332 | 332 | } |
@@ -335,7 +335,7 @@ discard block |
||
| 335 | 335 | if ($this->opMode == self::RADIUS_TEST_OPERATION_MODE_THOROUGH) { |
| 336 | 336 | return $this->udpLogin($probeindex, $this->supportedEapTypes[0]->getArrayRep(), $this->outerUsernameForChecks, 'eaplab', $opnameCheck, $frag, $clientcert); |
| 337 | 337 | } |
| 338 | - return $this->udpLogin($probeindex, \core\common\EAP::EAPTYPE_ANY, "cat-connectivity-test@" . $this->realm, 'eaplab', $opnameCheck, $frag, $clientcert); |
|
| 338 | + return $this->udpLogin($probeindex, \core\common\EAP::EAPTYPE_ANY, "cat-connectivity-test@".$this->realm, 'eaplab', $opnameCheck, $frag, $clientcert); |
|
| 339 | 339 | } |
| 340 | 340 | |
| 341 | 341 | /** |
@@ -356,7 +356,7 @@ discard block |
||
| 356 | 356 | return RADIUSTests::CERTPROB_NO_CDP_HTTP; |
| 357 | 357 | } |
| 358 | 358 | // first and second sub-match is the full URL... check it |
| 359 | - $crlcontent = \core\common\OutsideComm::downloadFile(trim($crlUrl[1] . $crlUrl[2])); |
|
| 359 | + $crlcontent = \core\common\OutsideComm::downloadFile(trim($crlUrl[1].$crlUrl[2])); |
|
| 360 | 360 | if ($crlcontent === FALSE) { |
| 361 | 361 | return RADIUSTests::CERTPROB_NO_CRL_AT_CDP_URL; |
| 362 | 362 | } |
@@ -371,7 +371,7 @@ discard block |
||
| 371 | 371 | // $pem = chunk_split(base64_encode($crlcontent), 64, "\n"); |
| 372 | 372 | // inspired by https://stackoverflow.com/questions/2390604/how-to-pass-variables-as-stdin-into-command-line-from-php |
| 373 | 373 | |
| 374 | - $proc = \config\Master::PATHS['openssl'] . " crl -inform der"; |
|
| 374 | + $proc = \config\Master::PATHS['openssl']." crl -inform der"; |
|
| 375 | 375 | $descriptorspec = [ |
| 376 | 376 | 0 => ["pipe", "r"], |
| 377 | 377 | 1 => ["pipe", "w"], |
@@ -409,7 +409,7 @@ discard block |
||
| 409 | 409 | $origLength = strlen($hex); |
| 410 | 410 | for ($i = 1; $i < $origLength; $i++) { |
| 411 | 411 | if ($i % 2 == 1 && $i != strlen($hex)) { |
| 412 | - $spaced .= $hex[$i] . " "; |
|
| 412 | + $spaced .= $hex[$i]." "; |
|
| 413 | 413 | } else { |
| 414 | 414 | $spaced .= $hex[$i]; |
| 415 | 415 | } |
@@ -534,19 +534,19 @@ discard block |
||
| 534 | 534 | $eapText = \core\common\EAP::eapDisplayName($eaptype); |
| 535 | 535 | $config = ' |
| 536 | 536 | network={ |
| 537 | - ssid="' . \config\Master::APPEARANCE['productname'] . ' testing" |
|
| 537 | + ssid="' . \config\Master::APPEARANCE['productname'].' testing" |
|
| 538 | 538 | key_mgmt=WPA-EAP |
| 539 | 539 | proto=WPA2 |
| 540 | 540 | pairwise=CCMP |
| 541 | 541 | group=CCMP |
| 542 | 542 | '; |
| 543 | 543 | // phase 1 |
| 544 | - $config .= 'eap=' . $eapText['OUTER'] . "\n"; |
|
| 544 | + $config .= 'eap='.$eapText['OUTER']."\n"; |
|
| 545 | 545 | $logConfig = $config; |
| 546 | 546 | // phase 2 if applicable; all inner methods have passwords |
| 547 | 547 | if (isset($eapText['INNER']) && $eapText['INNER'] != "") { |
| 548 | - $config .= ' phase2="auth=' . $eapText['INNER'] . "\"\n"; |
|
| 549 | - $logConfig .= ' phase2="auth=' . $eapText['INNER'] . "\"\n"; |
|
| 548 | + $config .= ' phase2="auth='.$eapText['INNER']."\"\n"; |
|
| 549 | + $logConfig .= ' phase2="auth='.$eapText['INNER']."\"\n"; |
|
| 550 | 550 | } |
| 551 | 551 | // all methods set a password, except EAP-TLS |
| 552 | 552 | if ($eaptype != \core\common\EAP::EAPTYPE_TLS) { |
@@ -562,11 +562,11 @@ discard block |
||
| 562 | 562 | } |
| 563 | 563 | |
| 564 | 564 | // inner identity |
| 565 | - $config .= ' identity="' . $inner . "\"\n"; |
|
| 566 | - $logConfig .= ' identity="' . $inner . "\"\n"; |
|
| 565 | + $config .= ' identity="'.$inner."\"\n"; |
|
| 566 | + $logConfig .= ' identity="'.$inner."\"\n"; |
|
| 567 | 567 | // outer identity, may be equal |
| 568 | - $config .= ' anonymous_identity="' . $outer . "\"\n"; |
|
| 569 | - $logConfig .= ' anonymous_identity="' . $outer . "\"\n"; |
|
| 568 | + $config .= ' anonymous_identity="'.$outer."\"\n"; |
|
| 569 | + $logConfig .= ' anonymous_identity="'.$outer."\"\n"; |
|
| 570 | 570 | // done |
| 571 | 571 | $config .= "}"; |
| 572 | 572 | $logConfig .= "}"; |
@@ -627,13 +627,13 @@ discard block |
||
| 627 | 627 | * @return string the command-line for eapol_test |
| 628 | 628 | */ |
| 629 | 629 | private function eapolTestConfig($probeindex, $opName, $frag) { |
| 630 | - $cmdline = \config\Diagnostics::PATHS['eapol_test'] . |
|
| 631 | - " -a " . \config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['ip'] . |
|
| 632 | - " -s " . \config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['secret'] . |
|
| 633 | - " -o serverchain.pem" . |
|
| 634 | - " -c ./udp_login_test.conf" . |
|
| 635 | - " -M 22:44:66:CA:20:" . sprintf("%02d", $probeindex) . " " . |
|
| 636 | - " -t " . \config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['timeout'] . " "; |
|
| 630 | + $cmdline = \config\Diagnostics::PATHS['eapol_test']. |
|
| 631 | + " -a ".\config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['ip']. |
|
| 632 | + " -s ".\config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['secret']. |
|
| 633 | + " -o serverchain.pem". |
|
| 634 | + " -c ./udp_login_test.conf". |
|
| 635 | + " -M 22:44:66:CA:20:".sprintf("%02d", $probeindex)." ". |
|
| 636 | + " -t ".\config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['timeout']." "; |
|
| 637 | 637 | if ($opName) { |
| 638 | 638 | $cmdline .= '-N126:s:"1cat.eduroam.org" '; |
| 639 | 639 | } |
@@ -662,10 +662,10 @@ discard block |
||
| 662 | 662 | * @throws Exception |
| 663 | 663 | */ |
| 664 | 664 | private function createCArepository($tmpDir, &$intermOdditiesCAT, $servercert, $eapIntermediates, $eapIntermediateCRLs) { |
| 665 | - if (!mkdir($tmpDir . "/root-ca-allcerts/", 0700, true)) { |
|
| 665 | + if (!mkdir($tmpDir."/root-ca-allcerts/", 0700, true)) { |
|
| 666 | 666 | throw new Exception("unable to create root CA directory (RADIUS Tests): $tmpDir/root-ca-allcerts/\n"); |
| 667 | 667 | } |
| 668 | - if (!mkdir($tmpDir . "/root-ca-eaponly/", 0700, true)) { |
|
| 668 | + if (!mkdir($tmpDir."/root-ca-eaponly/", 0700, true)) { |
|
| 669 | 669 | throw new Exception("unable to create root CA directory (RADIUS Tests): $tmpDir/root-ca-eaponly/\n"); |
| 670 | 670 | } |
| 671 | 671 | // make a copy of the EAP-received chain and add the configured intermediates, if any |
@@ -679,15 +679,15 @@ discard block |
||
| 679 | 679 | } |
| 680 | 680 | if ($decoded['ca'] == 1) { |
| 681 | 681 | if ($decoded['root'] == 1) { // save CAT roots to the root directory |
| 682 | - file_put_contents($tmpDir . "/root-ca-eaponly/configuredroot" . count($catRoots) . ".pem", $decoded['pem']); |
|
| 683 | - file_put_contents($tmpDir . "/root-ca-allcerts/configuredroot" . count($catRoots) . ".pem", $decoded['pem']); |
|
| 682 | + file_put_contents($tmpDir."/root-ca-eaponly/configuredroot".count($catRoots).".pem", $decoded['pem']); |
|
| 683 | + file_put_contents($tmpDir."/root-ca-allcerts/configuredroot".count($catRoots).".pem", $decoded['pem']); |
|
| 684 | 684 | $catRoots[] = $decoded['pem']; |
| 685 | 685 | } else { // save the intermediates to allcerts directory |
| 686 | - file_put_contents($tmpDir . "/root-ca-allcerts/cat-intermediate" . count($catIntermediates) . ".pem", $decoded['pem']); |
|
| 686 | + file_put_contents($tmpDir."/root-ca-allcerts/cat-intermediate".count($catIntermediates).".pem", $decoded['pem']); |
|
| 687 | 687 | $intermOdditiesCAT = array_merge($intermOdditiesCAT, $this->propertyCheckIntermediate($decoded)); |
| 688 | 688 | if (isset($decoded['CRL']) && isset($decoded['CRL'][0])) { |
| 689 | 689 | $this->loggerInstance->debug(4, "got an intermediate CRL; adding them to the chain checks. (Remember: checking end-entity cert only, not the whole chain"); |
| 690 | - file_put_contents($tmpDir . "/root-ca-allcerts/crl_cat" . count($catIntermediates) . ".pem", $decoded['CRL'][0]); |
|
| 690 | + file_put_contents($tmpDir."/root-ca-allcerts/crl_cat".count($catIntermediates).".pem", $decoded['CRL'][0]); |
|
| 691 | 691 | } |
| 692 | 692 | $catIntermediates[] = $decoded['pem']; |
| 693 | 693 | } |
@@ -696,26 +696,26 @@ discard block |
||
| 696 | 696 | // save all intermediate certificates and CRLs to separate files in |
| 697 | 697 | // both root-ca directories |
| 698 | 698 | foreach ($eapIntermediates as $index => $onePem) { |
| 699 | - file_put_contents($tmpDir . "/root-ca-eaponly/intermediate$index.pem", $onePem); |
|
| 700 | - file_put_contents($tmpDir . "/root-ca-allcerts/intermediate$index.pem", $onePem); |
|
| 699 | + file_put_contents($tmpDir."/root-ca-eaponly/intermediate$index.pem", $onePem); |
|
| 700 | + file_put_contents($tmpDir."/root-ca-allcerts/intermediate$index.pem", $onePem); |
|
| 701 | 701 | } |
| 702 | 702 | foreach ($eapIntermediateCRLs as $index => $onePem) { |
| 703 | - file_put_contents($tmpDir . "/root-ca-eaponly/intermediateCRL$index.pem", $onePem); |
|
| 704 | - file_put_contents($tmpDir . "/root-ca-allcerts/intermediateCRL$index.pem", $onePem); |
|
| 703 | + file_put_contents($tmpDir."/root-ca-eaponly/intermediateCRL$index.pem", $onePem); |
|
| 704 | + file_put_contents($tmpDir."/root-ca-allcerts/intermediateCRL$index.pem", $onePem); |
|
| 705 | 705 | } |
| 706 | 706 | |
| 707 | 707 | $checkstring = ""; |
| 708 | 708 | if (isset($servercert['CRL']) && isset($servercert['CRL'][0])) { |
| 709 | 709 | $this->loggerInstance->debug(4, "got a server CRL; adding them to the chain checks. (Remember: checking end-entity cert only, not the whole chain"); |
| 710 | 710 | $checkstring = "-crl_check_all"; |
| 711 | - file_put_contents($tmpDir . "/root-ca-eaponly/crl-server.pem", $servercert['CRL'][0]); |
|
| 712 | - file_put_contents($tmpDir . "/root-ca-allcerts/crl-server.pem", $servercert['CRL'][0]); |
|
| 711 | + file_put_contents($tmpDir."/root-ca-eaponly/crl-server.pem", $servercert['CRL'][0]); |
|
| 712 | + file_put_contents($tmpDir."/root-ca-allcerts/crl-server.pem", $servercert['CRL'][0]); |
|
| 713 | 713 | } |
| 714 | 714 | |
| 715 | 715 | |
| 716 | 716 | // now c_rehash the root CA directory ... |
| 717 | - system(\config\Diagnostics::PATHS['c_rehash'] . " $tmpDir/root-ca-eaponly/ > /dev/null"); |
|
| 718 | - system(\config\Diagnostics::PATHS['c_rehash'] . " $tmpDir/root-ca-allcerts/ > /dev/null"); |
|
| 717 | + system(\config\Diagnostics::PATHS['c_rehash']." $tmpDir/root-ca-eaponly/ > /dev/null"); |
|
| 718 | + system(\config\Diagnostics::PATHS['c_rehash']." $tmpDir/root-ca-allcerts/ > /dev/null"); |
|
| 719 | 719 | return $checkstring; |
| 720 | 720 | } |
| 721 | 721 | |
@@ -747,12 +747,12 @@ discard block |
||
| 747 | 747 | // so test if there's something PEMy in the file at all |
| 748 | 748 | // serverchain.pem is the output from eapol_test; incomingserver.pem is written by extractIncomingCertsfromEAP() if there was at least one server cert. |
| 749 | 749 | if (filesize("$tmpDir/serverchain.pem") > 10 && filesize("$tmpDir/incomingserver.pem") > 10) { |
| 750 | - exec(\config\Master::PATHS['openssl'] . " verify $crlCheckString -CApath $tmpDir/root-ca-eaponly/ -purpose any $tmpDir/incomingserver.pem", $verifyResultEaponly); |
|
| 751 | - $this->loggerInstance->debug(4, \config\Master::PATHS['openssl'] . " verify $crlCheckString -CApath $tmpDir/root-ca-eaponly/ -purpose any $tmpDir/serverchain.pem\n"); |
|
| 752 | - $this->loggerInstance->debug(4, "Chain verify pass 1: " . /** @scrutinizer ignore-type */ print_r($verifyResultEaponly, TRUE) . "\n"); |
|
| 753 | - exec(\config\Master::PATHS['openssl'] . " verify $crlCheckString -CApath $tmpDir/root-ca-allcerts/ -purpose any $tmpDir/incomingserver.pem", $verifyResultAllcerts); |
|
| 754 | - $this->loggerInstance->debug(4, \config\Master::PATHS['openssl'] . " verify $crlCheckString -CApath $tmpDir/root-ca-allcerts/ -purpose any $tmpDir/serverchain.pem\n"); |
|
| 755 | - $this->loggerInstance->debug(4, "Chain verify pass 2: " . /** @scrutinizer ignore-type */ print_r($verifyResultAllcerts, TRUE) . "\n"); |
|
| 750 | + exec(\config\Master::PATHS['openssl']." verify $crlCheckString -CApath $tmpDir/root-ca-eaponly/ -purpose any $tmpDir/incomingserver.pem", $verifyResultEaponly); |
|
| 751 | + $this->loggerInstance->debug(4, \config\Master::PATHS['openssl']." verify $crlCheckString -CApath $tmpDir/root-ca-eaponly/ -purpose any $tmpDir/serverchain.pem\n"); |
|
| 752 | + $this->loggerInstance->debug(4, "Chain verify pass 1: "./** @scrutinizer ignore-type */ print_r($verifyResultEaponly, TRUE)."\n"); |
|
| 753 | + exec(\config\Master::PATHS['openssl']." verify $crlCheckString -CApath $tmpDir/root-ca-allcerts/ -purpose any $tmpDir/incomingserver.pem", $verifyResultAllcerts); |
|
| 754 | + $this->loggerInstance->debug(4, \config\Master::PATHS['openssl']." verify $crlCheckString -CApath $tmpDir/root-ca-allcerts/ -purpose any $tmpDir/serverchain.pem\n"); |
|
| 755 | + $this->loggerInstance->debug(4, "Chain verify pass 2: "./** @scrutinizer ignore-type */ print_r($verifyResultAllcerts, TRUE)."\n"); |
|
| 756 | 756 | } |
| 757 | 757 | |
| 758 | 758 | // now we do certificate verification against the collected parents |
@@ -817,7 +817,7 @@ discard block |
||
| 817 | 817 | // we are UNHAPPY if no names match! |
| 818 | 818 | $happiness = "UNHAPPY"; |
| 819 | 819 | foreach ($this->expectedServerNames as $expectedName) { |
| 820 | - $this->loggerInstance->debug(4, "Managing expectations for $expectedName: " . /** @scrutinizer ignore-type */ print_r($servercert['CN'], TRUE) . /** @scrutinizer ignore-type */ print_r($servercert['sAN_DNS'], TRUE)); |
|
| 820 | + $this->loggerInstance->debug(4, "Managing expectations for $expectedName: "./** @scrutinizer ignore-type */ print_r($servercert['CN'], TRUE)./** @scrutinizer ignore-type */ print_r($servercert['sAN_DNS'], TRUE)); |
|
| 821 | 821 | if (array_search($expectedName, $servercert['CN']) !== FALSE && array_search($expectedName, $servercert['sAN_DNS']) !== FALSE) { |
| 822 | 822 | $this->loggerInstance->debug(4, "Totally happy!"); |
| 823 | 823 | $happiness = "TOTALLY"; |
@@ -861,11 +861,11 @@ discard block |
||
| 861 | 861 | $theconfigs = $this->wpaSupplicantConfig($eaptype, $finalInner, $finalOuter, $password); |
| 862 | 862 | // the config intentionally does not include CA checking. We do this |
| 863 | 863 | // ourselves after getting the chain with -o. |
| 864 | - file_put_contents($tmpDir . "/udp_login_test.conf", $theconfigs[0]); |
|
| 864 | + file_put_contents($tmpDir."/udp_login_test.conf", $theconfigs[0]); |
|
| 865 | 865 | |
| 866 | 866 | $cmdline = $this->eapolTestConfig($probeindex, $opnameCheck, $frag); |
| 867 | 867 | $this->loggerInstance->debug(4, "Shallow reachability check cmdline: $cmdline\n"); |
| 868 | - $this->loggerInstance->debug(4, "Shallow reachability check config: $tmpDir\n" . $theconfigs[1] . "\n"); |
|
| 868 | + $this->loggerInstance->debug(4, "Shallow reachability check config: $tmpDir\n".$theconfigs[1]."\n"); |
|
| 869 | 869 | $time_start = microtime(true); |
| 870 | 870 | $pflow = []; |
| 871 | 871 | exec($cmdline, $pflow); |
@@ -874,7 +874,7 @@ discard block |
||
| 874 | 874 | } |
| 875 | 875 | $time_stop = microtime(true); |
| 876 | 876 | $output = print_r($this->redact($password, $pflow), TRUE); |
| 877 | - file_put_contents($tmpDir . "/eapol_test_output_redacted_$probeindex.txt", $output); |
|
| 877 | + file_put_contents($tmpDir."/eapol_test_output_redacted_$probeindex.txt", $output); |
|
| 878 | 878 | $this->loggerInstance->debug(5, "eapol_test output saved to eapol_test_output_redacted_$probeindex.txt\n"); |
| 879 | 879 | return [ |
| 880 | 880 | "time" => ($time_stop - $time_start) * 1000, |
@@ -910,7 +910,7 @@ discard block |
||
| 910 | 910 | if ($packetflow[count($packetflow) - 1] == 3 && $this->checkLineparse($packetflow_orig, self::LINEPARSE_CHECK_REJECTIGNORE)) { |
| 911 | 911 | array_pop($packetflow); |
| 912 | 912 | } |
| 913 | - $this->loggerInstance->debug(5, "Packetflow: " . /** @scrutinizer ignore-type */ print_r($packetflow, TRUE)); |
|
| 913 | + $this->loggerInstance->debug(5, "Packetflow: "./** @scrutinizer ignore-type */ print_r($packetflow, TRUE)); |
|
| 914 | 914 | $packetcount = array_count_values($packetflow); |
| 915 | 915 | $testresults['packetcount'] = $packetcount; |
| 916 | 916 | $testresults['packetflow'] = $packetflow; |
@@ -950,7 +950,7 @@ discard block |
||
| 950 | 950 | */ |
| 951 | 951 | private function wasModernTlsNegotiated(&$testresults, $packetflow_orig) { |
| 952 | 952 | $negotiatedTlsVersion = $this->checkLineparse($packetflow_orig, self::LINEPARSE_TLSVERSION); |
| 953 | - $this->loggerInstance->debug(4, "TLS version found is: $negotiatedTlsVersion" . "\n"); |
|
| 953 | + $this->loggerInstance->debug(4, "TLS version found is: $negotiatedTlsVersion"."\n"); |
|
| 954 | 954 | if ($negotiatedTlsVersion === FALSE) { |
| 955 | 955 | $testresults['cert_oddities'][] = RADIUSTests::TLSPROB_UNKNOWN_TLS_VERSION; |
| 956 | 956 | } elseif ($negotiatedTlsVersion != self::TLS_VERSION_1_2 && $negotiatedTlsVersion != self::TLS_VERSION_1_3) { |
@@ -1008,7 +1008,7 @@ discard block |
||
| 1008 | 1008 | |
| 1009 | 1009 | $x509 = new \core\common\X509(); |
| 1010 | 1010 | // $eap_certarray holds all certs received in EAP conversation |
| 1011 | - $incomingData = file_get_contents($tmpDir . "/serverchain.pem"); |
|
| 1011 | + $incomingData = file_get_contents($tmpDir."/serverchain.pem"); |
|
| 1012 | 1012 | if ($incomingData !== FALSE && strlen($incomingData) > 0) { |
| 1013 | 1013 | $eapCertArray = $x509->splitCertificate($incomingData); |
| 1014 | 1014 | } else { |
@@ -1039,10 +1039,10 @@ discard block |
||
| 1039 | 1039 | case RADIUSTests::SERVER_CA_SELFSIGNED: |
| 1040 | 1040 | $servercert[] = $cert; |
| 1041 | 1041 | if (count($servercert) == 1) { |
| 1042 | - if (file_put_contents($tmpDir . "/incomingserver.pem", $cert['pem'] . "\n") === FALSE) { |
|
| 1042 | + if (file_put_contents($tmpDir."/incomingserver.pem", $cert['pem']."\n") === FALSE) { |
|
| 1043 | 1043 | $this->loggerInstance->debug(4, "The (first) server certificate could not be written to $tmpDir/incomingserver.pem!\n"); |
| 1044 | 1044 | } |
| 1045 | - $this->loggerInstance->debug(4, "This is the (first) server certificate, with CRL content if applicable: " . /** @scrutinizer ignore-type */ print_r($servercert[0], true)); |
|
| 1045 | + $this->loggerInstance->debug(4, "This is the (first) server certificate, with CRL content if applicable: "./** @scrutinizer ignore-type */ print_r($servercert[0], true)); |
|
| 1046 | 1046 | } elseif (!in_array(RADIUSTests::CERTPROB_TOO_MANY_SERVER_CERTS, $testresults['cert_oddities'])) { |
| 1047 | 1047 | $testresults['cert_oddities'][] = RADIUSTests::CERTPROB_TOO_MANY_SERVER_CERTS; |
| 1048 | 1048 | } |
@@ -1112,7 +1112,7 @@ discard block |
||
| 1112 | 1112 | public function autodetectCAWithProbe($outerId) { |
| 1113 | 1113 | // for EAP-TLS to be a viable option, we need to pass a random client cert to make eapol_test happy |
| 1114 | 1114 | // the following PEM data is one of the SENSE EAPLab client certs (not secret at all) |
| 1115 | - $clientcert = file_get_contents(dirname(__FILE__) . "/clientcert.p12"); |
|
| 1115 | + $clientcert = file_get_contents(dirname(__FILE__)."/clientcert.p12"); |
|
| 1116 | 1116 | if ($clientcert === FALSE) { |
| 1117 | 1117 | throw new Exception("A dummy client cert is part of the source distribution, but could not be loaded!"); |
| 1118 | 1118 | } |
@@ -1127,7 +1127,7 @@ discard block |
||
| 1127 | 1127 | $tmpDir = $temporary['dir']; |
| 1128 | 1128 | chdir($tmpDir); |
| 1129 | 1129 | $this->loggerInstance->debug(4, "temp dir: $tmpDir\n"); |
| 1130 | - file_put_contents($tmpDir . "/client.p12", $clientcert); |
|
| 1130 | + file_put_contents($tmpDir."/client.p12", $clientcert); |
|
| 1131 | 1131 | $testresults = ['cert_oddities' => []]; |
| 1132 | 1132 | $runtime_results = $this->executeEapolTest($tmpDir, $probeindex, \core\common\EAP::EAPTYPE_ANY, $outerId, $outerId, "eaplab", FALSE, FALSE); |
| 1133 | 1133 | $packetflow_orig = $runtime_results['output']; |
@@ -1143,8 +1143,7 @@ discard block |
||
| 1143 | 1143 | // that's not the case if we do EAP-pwd or could not negotiate an EAP method at |
| 1144 | 1144 | // all |
| 1145 | 1145 | // in that case: no server CA guess possible |
| 1146 | - if (! |
|
| 1147 | - ($radiusResult == RADIUSTests::RETVAL_CONVERSATION_REJECT && $negotiatedEapType) || $radiusResult == RADIUSTests::RETVAL_OK |
|
| 1146 | + if (!($radiusResult == RADIUSTests::RETVAL_CONVERSATION_REJECT && $negotiatedEapType) || $radiusResult == RADIUSTests::RETVAL_OK |
|
| 1148 | 1147 | ) { |
| 1149 | 1148 | return RADIUSTests::RETVAL_INVALID; |
| 1150 | 1149 | } |
@@ -1183,7 +1182,7 @@ discard block |
||
| 1183 | 1182 | // trust, and custom ones we may have configured |
| 1184 | 1183 | $ourRoots = file_get_contents(\config\ConfAssistant::PATHS['trust-store-custom']); |
| 1185 | 1184 | $mozillaRoots = file_get_contents(\config\ConfAssistant::PATHS['trust-store-mozilla']); |
| 1186 | - $allRoots = $x509->splitCertificate($ourRoots . "\n" . $mozillaRoots); |
|
| 1185 | + $allRoots = $x509->splitCertificate($ourRoots."\n".$mozillaRoots); |
|
| 1187 | 1186 | foreach ($allRoots as $oneRoot) { |
| 1188 | 1187 | $processedRoot = $x509->processCertificate($oneRoot); |
| 1189 | 1188 | if ($processedRoot['full_details']['subject'] == $currentHighestKnownIssuer) { |
@@ -1225,7 +1224,7 @@ discard block |
||
| 1225 | 1224 | chdir($tmpDir); |
| 1226 | 1225 | $this->loggerInstance->debug(4, "temp dir: $tmpDir\n"); |
| 1227 | 1226 | if ($clientcertdata !== NULL) { |
| 1228 | - file_put_contents($tmpDir . "/client.p12", $clientcertdata); |
|
| 1227 | + file_put_contents($tmpDir."/client.p12", $clientcertdata); |
|
| 1229 | 1228 | } |
| 1230 | 1229 | $testresults = []; |
| 1231 | 1230 | // initialise the sub-array for cleaner parsing |
@@ -1330,7 +1329,7 @@ discard block |
||
| 1330 | 1329 | 'issuer' => $this->printDN($certdata['issuer']), |
| 1331 | 1330 | 'validFrom' => $this->printTm($certdata['validFrom_time_t']), |
| 1332 | 1331 | 'validTo' => $this->printTm($certdata['validTo_time_t']), |
| 1333 | - 'serialNumber' => $certdata['serialNumber'] . sprintf(" (0x%X)", $certdata['serialNumber']), |
|
| 1332 | + 'serialNumber' => $certdata['serialNumber'].sprintf(" (0x%X)", $certdata['serialNumber']), |
|
| 1334 | 1333 | 'sha1' => $certdata['sha1'], |
| 1335 | 1334 | 'extensions' => $certdata['extensions'] |
| 1336 | 1335 | ]; |
@@ -124,7 +124,7 @@ discard block |
||
| 124 | 124 | public function divSilverbullet() { |
| 125 | 125 | $retval = " |
| 126 | 126 | <div id='silverbullet'>" |
| 127 | - .$this->Gui->textTemplates->templates[user\SB_GO_AWAY] . |
|
| 127 | + .$this->Gui->textTemplates->templates[user\SB_GO_AWAY]. |
|
| 128 | 128 | "</div> |
| 129 | 129 | "; |
| 130 | 130 | return $retval; |
@@ -222,7 +222,7 @@ discard block |
||
| 222 | 222 | <div id='profiles'> <!-- this is the profile selection filled during run time --> |
| 223 | 223 | <div id='profiles_h' class='sub_h'>".$this->Gui->textTemplates->templates[user\PROFILE_SELECTION]." |
| 224 | 224 | </div>" . |
| 225 | - "<select id='profile_list'></select><div id='profile_desc' class='profile_desc'></div>" . |
|
| 225 | + "<select id='profile_list'></select><div id='profile_desc' class='profile_desc'></div>". |
|
| 226 | 226 | "</div>"; |
| 227 | 227 | } |
| 228 | 228 | |
@@ -250,7 +250,7 @@ discard block |
||
| 250 | 250 | public function divInstitution($selectButton = TRUE) { |
| 251 | 251 | $retval = "<div id='institution_name'> |
| 252 | 252 | <span id='inst_name_span'></span> <div id='inst_extra_text'></div><!-- this will be filled with the IdP name -->" . |
| 253 | - ($selectButton ? "<a id='select_another' class='signin' href=\"\">".$this->Gui->textTemplates->templates[user\INSTITUTION_SELECTION]."</a>" : "") . |
|
| 253 | + ($selectButton ? "<a id='select_another' class='signin' href=\"\">".$this->Gui->textTemplates->templates[user\INSTITUTION_SELECTION]."</a>" : ""). |
|
| 254 | 254 | "</div>"; |
| 255 | 255 | $retval .= $this->emptyImage('idp_logo', 'IdP Logo'); |
| 256 | 256 | return $retval; |
@@ -124,7 +124,7 @@ discard block |
||
| 124 | 124 | public function divSilverbullet() { |
| 125 | 125 | $retval = " |
| 126 | 126 | <div id='silverbullet'>" |
| 127 | - .$this->Gui->textTemplates->templates[user\SB_GO_AWAY] . |
|
| 127 | + .$this->Gui->textTemplates->templates[user\SB_GO_AWAY] . |
|
| 128 | 128 | "</div> |
| 129 | 129 | "; |
| 130 | 130 | return $retval; |
@@ -293,8 +293,8 @@ discard block |
||
| 293 | 293 | } |
| 294 | 294 | |
| 295 | 295 | $retval .= "<td><button name='$d' class='other_os' id='$d'>".$D['display']."</button>" |
| 296 | - ."</td>" |
|
| 297 | - ."<td><button name='$d' class='more_info_b' id='info_b_$d'>i</button></td></tr>\n"; |
|
| 296 | + ."</td>" |
|
| 297 | + ."<td><button name='$d' class='more_info_b' id='info_b_$d'>i</button></td></tr>\n"; |
|
| 298 | 298 | $deviceIndex++; |
| 299 | 299 | } |
| 300 | 300 | $retval .= "</tbody>"; |
@@ -341,11 +341,11 @@ discard block |
||
| 341 | 341 | <tr> |
| 342 | 342 | <td>" . |
| 343 | 343 | $this->Gui->catVersion |
| 344 | - ." |
|
| 344 | + ." |
|
| 345 | 345 | </td>"; |
| 346 | 346 | |
| 347 | 347 | if (!empty(\config\Master::APPEARANCE['privacy_notice_url'])) { |
| 348 | - $retval .= "<td>".$this->Gui->catCopyrifhtAndLicense."<br><span id='privacy_notice_cons'>".\config\ConfAssistant::CONSORTIUM['display_name']."</span> <a href='".\config\Master::APPEARANCE['privacy_notice_url']."'>".sprintf(_("%s Privacy Notice"), '')."</a></td>"; |
|
| 348 | + $retval .= "<td>".$this->Gui->catCopyrifhtAndLicense."<br><span id='privacy_notice_cons'>".\config\ConfAssistant::CONSORTIUM['display_name']."</span> <a href='".\config\Master::APPEARANCE['privacy_notice_url']."'>".sprintf(_("%s Privacy Notice"), '')."</a></td>"; |
|
| 349 | 349 | } |
| 350 | 350 | $retval .= "<td>"; |
| 351 | 351 | if (\config\ConfAssistant::CONSORTIUM['name'] == "eduroam" && isset(\config\ConfAssistant::CONSORTIUM['deployment-voodoo']) && \config\ConfAssistant::CONSORTIUM['deployment-voodoo'] == "Operations Team") { |
@@ -121,7 +121,7 @@ discard block |
||
| 121 | 121 | $cryptoJson = openssl_encrypt($clearJson, 'AES-256-CBC', $encryptionKey, OPENSSL_RAW_DATA, $initVector); |
| 122 | 122 | $hmac = hash_hmac("sha1", $cryptoJson, $encryptionKey, TRUE); |
| 123 | 123 | |
| 124 | - $this->loggerInstance->debug(4, "Clear = $clearJson\nSalt = $salt\nPW = " . $password . "\nb(IV) = " . base64_encode($initVector) . "\nb(Cipher) = " . base64_encode($cryptoJson) . "\nb(HMAC) = " . base64_encode($hmac)); |
|
| 124 | + $this->loggerInstance->debug(4, "Clear = $clearJson\nSalt = $salt\nPW = ".$password."\nb(IV) = ".base64_encode($initVector)."\nb(Cipher) = ".base64_encode($cryptoJson)."\nb(HMAC) = ".base64_encode($hmac)); |
|
| 125 | 125 | |
| 126 | 126 | // now, generate the container that holds all the crypto data |
| 127 | 127 | $finalArray = [ |
@@ -195,7 +195,7 @@ discard block |
||
| 195 | 195 | private function wiredBlock($eapdetails) |
| 196 | 196 | { |
| 197 | 197 | return [ |
| 198 | - "GUID" => \core\common\Entity::uuid('', "wired-dot1x-ethernet") . "}", |
|
| 198 | + "GUID" => \core\common\Entity::uuid('', "wired-dot1x-ethernet")."}", |
|
| 199 | 199 | "Name" => "eduroam configuration (wired network)", |
| 200 | 200 | "Remove" => false, |
| 201 | 201 | "Type" => "Ethernet", |
@@ -236,7 +236,7 @@ discard block |
||
| 236 | 236 | // if silverbullet, we deliver the client cert inline |
| 237 | 237 | |
| 238 | 238 | if ($selectedEap == \core\common\EAP::EAPTYPE_SILVERBULLET) { |
| 239 | - $eaparray['ClientCertRef'] = "[" . $this->clientCert['GUID'] . "]"; |
|
| 239 | + $eaparray['ClientCertRef'] = "[".$this->clientCert['GUID']."]"; |
|
| 240 | 240 | $eaparray['ClientCertType'] = "Ref"; |
| 241 | 241 | } |
| 242 | 242 | |
@@ -271,7 +271,7 @@ discard block |
||
| 271 | 271 | $jsonArray = ["Type" => "UnencryptedConfiguration"]; |
| 272 | 272 | |
| 273 | 273 | foreach ($this->attributes['internal:CAs'][0] as $ca) { |
| 274 | - $caRefs[] = "{" . $ca['uuid'] . "}"; |
|
| 274 | + $caRefs[] = "{".$ca['uuid']."}"; |
|
| 275 | 275 | } |
| 276 | 276 | // define CA certificates |
| 277 | 277 | foreach ($this->attributes['internal:CAs'][0] as $ca) { |
@@ -281,15 +281,15 @@ discard block |
||
| 281 | 281 | if ($caSanitized1 === FALSE) { |
| 282 | 282 | throw new Exception("Error cropping PEM data at its BEGIN marker."); |
| 283 | 283 | } |
| 284 | - $this->loggerInstance->debug(4, $caSanitized1 . "\n"); |
|
| 284 | + $this->loggerInstance->debug(4, $caSanitized1."\n"); |
|
| 285 | 285 | // remove \n |
| 286 | 286 | $caSanitized = str_replace("\n", "", $caSanitized1); |
| 287 | - $jsonArray["Certificates"][] = ["GUID" => "{" . $ca['uuid'] . "}", "Remove" => false, "Type" => "Authority", "X509" => $caSanitized]; |
|
| 288 | - $this->loggerInstance->debug(3, $caSanitized . "\n"); |
|
| 287 | + $jsonArray["Certificates"][] = ["GUID" => "{".$ca['uuid']."}", "Remove" => false, "Type" => "Authority", "X509" => $caSanitized]; |
|
| 288 | + $this->loggerInstance->debug(3, $caSanitized."\n"); |
|
| 289 | 289 | } |
| 290 | 290 | // if we are doing silverbullet, include the unencrypted(!) P12 as a client certificate |
| 291 | 291 | if ($this->selectedEap == \core\common\EAP::EAPTYPE_SILVERBULLET) { |
| 292 | - $jsonArray["Certificates"][] = ["GUID" => "[" . $this->clientCert['GUID'] . "]", "PKCS12" => base64_encode($this->clientCert['certdataclear']), "Remove" => false, "Type" => "Client"]; |
|
| 292 | + $jsonArray["Certificates"][] = ["GUID" => "[".$this->clientCert['GUID']."]", "PKCS12" => base64_encode($this->clientCert['certdataclear']), "Remove" => false, "Type" => "Client"]; |
|
| 293 | 293 | } |
| 294 | 294 | $eaparray = $this->eapBlock($caRefs); |
| 295 | 295 | // define Wi-Fi networks |
@@ -312,7 +312,7 @@ discard block |
||
| 312 | 312 | |
| 313 | 313 | file_put_contents('installer_profile', $finalJson); |
| 314 | 314 | |
| 315 | - $fileName = $this->installerBasename . '.onc'; |
|
| 315 | + $fileName = $this->installerBasename.'.onc'; |
|
| 316 | 316 | |
| 317 | 317 | if (!$this->sign) { |
| 318 | 318 | rename("installer_profile", $fileName); |
@@ -323,7 +323,7 @@ discard block |
||
| 323 | 323 | // have the notion of signing |
| 324 | 324 | // but if they ever change their mind, we are prepared |
| 325 | 325 | |
| 326 | - $outputFromSigning = system($this->sign . " installer_profile '$fileName' > /dev/null"); |
|
| 326 | + $outputFromSigning = system($this->sign." installer_profile '$fileName' > /dev/null"); |
|
| 327 | 327 | if ($outputFromSigning === FALSE) { |
| 328 | 328 | $this->loggerInstance->debug(2, "Signing the ONC installer $fileName FAILED!\n"); |
| 329 | 329 | } |
@@ -755,7 +755,22 @@ |
||
| 755 | 755 | } |
| 756 | 756 | ?> |
| 757 | 757 | <div id="tabs-<?php echo $i;?>"> |
| 758 | - <button id="run_<?php if ($i==3) echo 'd'; else echo 'o';?>_tests"; onclick="run_<?php if ($i==3) echo 'dynamic'; else echo 'openroaming';?>()"><?php if ($i==3) echo _("Repeat dynamic connectivity tests"); else echo _("Repeat OpenRoaming connectivity tests");?></button> |
|
| 758 | + <button id="run_<?php if ($i==3) { |
|
| 759 | + echo 'd'; |
|
| 760 | +} else { |
|
| 761 | + echo 'o'; |
|
| 762 | +} |
|
| 763 | +?>_tests"; onclick="run_<?php if ($i==3) { |
|
| 764 | + echo 'dynamic'; |
|
| 765 | +} else { |
|
| 766 | + echo 'openroaming'; |
|
| 767 | +} |
|
| 768 | +?>()"><?php if ($i==3) { |
|
| 769 | + echo _("Repeat dynamic connectivity tests"); |
|
| 770 | +} else { |
|
| 771 | + echo _("Repeat OpenRoaming connectivity tests"); |
|
| 772 | +} |
|
| 773 | +?></button> |
|
| 759 | 774 | |
| 760 | 775 | <?php |
| 761 | 776 | echo "<div id='"; |
@@ -578,9 +578,9 @@ discard block |
||
| 578 | 578 | $naptr = $rfc7585suite->relevantNAPTR(); |
| 579 | 579 | if ($naptr == \core\diag\RADIUSTests::RETVAL_NOTCONFIGURED) { |
| 580 | 580 | if ($dynType == "") { |
| 581 | - echo "<tr><td>" . _("Dynamic discovery test is not configured") . "</td><td>"; |
|
| 581 | + echo "<tr><td>" . _("Dynamic discovery test is not configured") . "</td><td>"; |
|
| 582 | 582 | } else { |
| 583 | - echo "<tr><td>" . _("OpenRoaming connectivity test is not configured") . "</td><td>"; |
|
| 583 | + echo "<tr><td>" . _("OpenRoaming connectivity test is not configured") . "</td><td>"; |
|
| 584 | 584 | } |
| 585 | 585 | } else { |
| 586 | 586 | echo "<table>"; |
@@ -698,7 +698,7 @@ discard block |
||
| 698 | 698 | echo "} |
| 699 | 699 | </script>"; |
| 700 | 700 | } else { |
| 701 | - echo ' |
|
| 701 | + echo ' |
|
| 702 | 702 | function run_openroaming() { |
| 703 | 703 | running_ajax_openroaming = 0; |
| 704 | 704 | $("#main_openroaming_ico").attr("src",icon_loading); |
@@ -720,10 +720,10 @@ discard block |
||
| 720 | 720 | } |
| 721 | 721 | } |
| 722 | 722 | if ($dynType == '') { |
| 723 | - $naptrs[0] = $naptr; |
|
| 724 | - } else { |
|
| 725 | - $naptrs[1] = $naptr; |
|
| 726 | - } |
|
| 723 | + $naptrs[0] = $naptr; |
|
| 724 | + } else { |
|
| 725 | + $naptrs[1] = $naptr; |
|
| 726 | + } |
|
| 727 | 727 | } |
| 728 | 728 | echo "<strong>" . _("Static connectivity tests") . "</strong> |
| 729 | 729 | <table><tr> |
@@ -736,7 +736,7 @@ discard block |
||
| 736 | 736 | </tr></table>"; |
| 737 | 737 | } |
| 738 | 738 | if (isset($orrealm) && count($orrealm) && ($naptrs[1] > 0)) { |
| 739 | - echo "<hr><strong>" . _("OpenRoaming connectivity tests") . "</strong> |
|
| 739 | + echo "<hr><strong>" . _("OpenRoaming connectivity tests") . "</strong> |
|
| 740 | 740 | <table><tr> |
| 741 | 741 | <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='main_openroaming_ico' class='icon'></td><td id='main_openroaming_result' style='display:none'> </td> |
| 742 | 742 | </tr></table>"; |
@@ -774,12 +774,12 @@ discard block |
||
| 774 | 774 | <?php |
| 775 | 775 | for ($i=3; $i<5; $i++) { |
| 776 | 776 | if ($i == 3 && $naptrs[0] <= 0) { |
| 777 | - continue; |
|
| 777 | + continue; |
|
| 778 | 778 | } |
| 779 | 779 | if ($i == 4) { |
| 780 | - if ((count($orrealm) == 0) || ($naptrs[1] <= 0)) { |
|
| 781 | - continue; |
|
| 782 | - } |
|
| 780 | + if ((count($orrealm) == 0) || ($naptrs[1] <= 0)) { |
|
| 781 | + continue; |
|
| 782 | + } |
|
| 783 | 783 | } |
| 784 | 784 | if ($i == 3) { |
| 785 | 785 | $rfc7585suite = $dnsChecks; |
@@ -796,16 +796,16 @@ discard block |
||
| 796 | 796 | echo "_tests'><fieldset class='option_container'> |
| 797 | 797 | <legend><strong>"; |
| 798 | 798 | if ($i==3) { |
| 799 | - echo _("DYNAMIC connectivity tests"); |
|
| 799 | + echo _("DYNAMIC connectivity tests"); |
|
| 800 | 800 | } else { |
| 801 | - echo _("OpenRoaming connectivity tests"); |
|
| 801 | + echo _("OpenRoaming connectivity tests"); |
|
| 802 | 802 | } |
| 803 | 803 | echo "</strong></legend>"; |
| 804 | 804 | $prefix1 = 'dynamic'; |
| 805 | 805 | $prefix2 = ''; |
| 806 | 806 | if ($i == 4) { |
| 807 | - $prefix1 = 'openroaming'; |
|
| 808 | - $prefix2 = $prefix1; |
|
| 807 | + $prefix1 = 'openroaming'; |
|
| 808 | + $prefix2 = $prefix1; |
|
| 809 | 809 | } |
| 810 | 810 | $resultstoprint = []; |
| 811 | 811 | if (count($rfc7585suite->NAPTR_hostname_records) > 0) { |
@@ -19,7 +19,7 @@ discard block |
||
| 19 | 19 | * <base_url>/copyright.php after deploying the software |
| 20 | 20 | */ |
| 21 | 21 | |
| 22 | -require_once dirname(dirname(__DIR__)) . "/config/_config.php"; |
|
| 22 | +require_once dirname(dirname(__DIR__))."/config/_config.php"; |
|
| 23 | 23 | |
| 24 | 24 | $loggerInstance = new \core\common\Logging(); |
| 25 | 25 | |
@@ -69,13 +69,13 @@ discard block |
||
| 69 | 69 | $dnsChecksOR = new \core\diag\RFC7585Tests($check_realm, "aaa+auth:radius.tls.tcp"); |
| 70 | 70 | } |
| 71 | 71 | } else { |
| 72 | - $error_message = _("You asked for a realm check, but we don't know the realm for this profile!") . "</p>"; |
|
| 72 | + $error_message = _("You asked for a realm check, but we don't know the realm for this profile!")."</p>"; |
|
| 73 | 73 | } |
| 74 | 74 | } else { // someone else's realm, and we don't know anything about it... only shallow checks |
| 75 | 75 | $check_realm = $validator->realm($realm ?? $_SESSION['check_realm'] ?? ""); |
| 76 | 76 | if ($check_realm !== FALSE) { |
| 77 | 77 | $_SESSION['check_realm'] = $check_realm; |
| 78 | - $testsuite = new \core\diag\RADIUSTests($check_realm, "@" . $check_realm); |
|
| 78 | + $testsuite = new \core\diag\RADIUSTests($check_realm, "@".$check_realm); |
|
| 79 | 79 | $dnsChecks = new \core\diag\RFC7585Tests($check_realm); |
| 80 | 80 | } else { |
| 81 | 81 | $error_message = _("No valid realm name given, cannot execute any checks!"); |
@@ -126,7 +126,7 @@ discard block |
||
| 126 | 126 | var listofcas = "<?php echo _("You should update your list of accredited CAs") ?>"; |
| 127 | 127 | var getitfrom = "<?php echo _("Get it from here.") ?>"; |
| 128 | 128 | var listsource = "<?php echo \config\Diagnostics::RADIUSTESTS['accreditedCAsURL'] ?>"; |
| 129 | - var moretext = "<?php echo _("more") . "»" ?>"; |
|
| 129 | + var moretext = "<?php echo _("more")."»" ?>"; |
|
| 130 | 130 | var lesstext = "<?php echo "«" ?>"; |
| 131 | 131 | var morealltext = "<?php echo _("Show detailed information for all tests") ?>"; |
| 132 | 132 | var unknownca_code = "<?php echo \core\diag\RADIUSTests::CERTPROB_UNKNOWN_CA ?>"; |
@@ -271,7 +271,7 @@ discard block |
||
| 271 | 271 | } |
| 272 | 272 | } |
| 273 | 273 | cliinfo = cliinfo + '<li><table><tbody><tr><td class="icon_td"><img class="icon" src="' + icons[level] + '" style="width: 24px;"></td><td>' + state; |
| 274 | - cliinfo = cliinfo + ' <?php echo "(" . sprintf(_("elapsed time: %sms."), "'+data.ca[key].certificate[c].time_millisec+' ") . ")"; ?>' + add + '</td></tr>'; |
|
| 274 | + cliinfo = cliinfo + ' <?php echo "(".sprintf(_("elapsed time: %sms."), "'+data.ca[key].certificate[c].time_millisec+' ").")"; ?>' + add + '</td></tr>'; |
|
| 275 | 275 | cliinfo = cliinfo + '</tbody></table></ul></li>'; |
| 276 | 276 | if (data.ca[key].certificate[c].finalerror === 1) { |
| 277 | 277 | cliinfo = cliinfo + '<li>' + restskipped + '</li>'; |
@@ -468,7 +468,7 @@ discard block |
||
| 468 | 468 | }); |
| 469 | 469 | } |
| 470 | 470 | o = o + cert_data + '</table>'; |
| 471 | - $("#eap_test" + data.hostindex).append('<strong><img style="position: relative; top: 2px;" src="' + icons[v.level] + '"><span style="position: relative; top: -5px; <?php echo $start;?>: 1em">' + v.eap + ' – <?php printf(_("elapsed time: %sms."), "'+v.time_millisec+' ") ?></span></strong><div class="more" style="padding-<?php echo $start;?>: 40px"><div class="morecontent"><div style="display:none; background: #eee;">' + o + '</div><a href="" class="morelink">' + moretext + '</a></div></div>'); |
|
| 471 | + $("#eap_test" + data.hostindex).append('<strong><img style="position: relative; top: 2px;" src="' + icons[v.level] + '"><span style="position: relative; top: -5px; <?php echo $start; ?>: 1em">' + v.eap + ' – <?php printf(_("elapsed time: %sms."), "'+v.time_millisec+' ") ?></span></strong><div class="more" style="padding-<?php echo $start; ?>: 40px"><div class="morecontent"><div style="display:none; background: #eee;">' + o + '</div><a href="" class="morelink">' + moretext + '</a></div></div>'); |
|
| 472 | 472 | }); |
| 473 | 473 | } |
| 474 | 474 | |
@@ -479,8 +479,8 @@ discard block |
||
| 479 | 479 | <?php |
| 480 | 480 | foreach (\config\Diagnostics::RADIUSTESTS['UDP-hosts'] as $hostindex => $host) { |
| 481 | 481 | print " |
| 482 | -$(\"#live_src" . $hostindex . "_img\").attr('src',icon_loading); |
|
| 483 | -$(\"#live_src" . $hostindex . "_img\").show(); |
|
| 482 | +$(\"#live_src" . $hostindex."_img\").attr('src',icon_loading); |
|
| 483 | +$(\"#live_src" . $hostindex."_img\").show(); |
|
| 484 | 484 | $.ajax({ |
| 485 | 485 | url: 'radius_tests.php?src=0&hostindex=$hostindex&realm='+realm, |
| 486 | 486 | type: 'POST', |
@@ -510,15 +510,15 @@ discard block |
||
| 510 | 510 | <?php |
| 511 | 511 | foreach (\config\Diagnostics::RADIUSTESTS['UDP-hosts'] as $hostindex => $host) { |
| 512 | 512 | if ($testedProfile !== NULL) { |
| 513 | - $extraarg = "profile_id: " . $testedProfile->identifier . ", "; |
|
| 513 | + $extraarg = "profile_id: ".$testedProfile->identifier.", "; |
|
| 514 | 514 | } else { |
| 515 | 515 | $extraarg = ""; |
| 516 | 516 | } |
| 517 | 517 | print " |
| 518 | -$(\"#src" . $hostindex . "_img\").attr('src',icon_loading); |
|
| 518 | +$(\"#src" . $hostindex."_img\").attr('src',icon_loading); |
|
| 519 | 519 | $(\"#src$hostindex\").html(''); |
| 520 | 520 | running_ajax_stat++; |
| 521 | -$.get('radius_tests.php', {test_type: 'udp', $extraarg realm: realm, src: $hostindex, lang: '" . $gui->languageInstance->getLang() . "', hostindex: '$hostindex' }, udp, 'json'); |
|
| 521 | +$.get('radius_tests.php', {test_type: 'udp', $extraarg realm: realm, src: $hostindex, lang: '".$gui->languageInstance->getLang()."', hostindex: '$hostindex' }, udp, 'json'); |
|
| 522 | 522 | |
| 523 | 523 | "; |
| 524 | 524 | } |
@@ -545,7 +545,7 @@ discard block |
||
| 545 | 545 | if ($check_realm === FALSE) { |
| 546 | 546 | print "<p>$error_message</p>"; |
| 547 | 547 | } else { |
| 548 | - print "<h1>" . sprintf(_("Realm testing for: %s"), $check_realm) . "</h1>\n"; |
|
| 548 | + print "<h1>".sprintf(_("Realm testing for: %s"), $check_realm)."</h1>\n"; |
|
| 549 | 549 | ?> |
| 550 | 550 | <div id="debug_out" style="display: none"></div> |
| 551 | 551 | <div id="tabs" style="min-width: 600px; max-width:1000px"> |
@@ -567,25 +567,25 @@ discard block |
||
| 567 | 567 | // NAPTR existence check |
| 568 | 568 | if ($dynType == "") { |
| 569 | 569 | $rfc7585suite = $dnsChecks; |
| 570 | - echo "<strong>" . _("DNS checks") . "</strong><div>"; |
|
| 570 | + echo "<strong>"._("DNS checks")."</strong><div>"; |
|
| 571 | 571 | } else { |
| 572 | 572 | if (count($orrealm) == 0) { |
| 573 | 573 | continue; |
| 574 | 574 | } |
| 575 | 575 | $rfc7585suite = $dnsChecksOR; |
| 576 | - echo "<strong>" . _("OpenRoaming DNS checks") . "</strong><div>"; |
|
| 576 | + echo "<strong>"._("OpenRoaming DNS checks")."</strong><div>"; |
|
| 577 | 577 | } |
| 578 | 578 | $naptr = $rfc7585suite->relevantNAPTR(); |
| 579 | 579 | if ($naptr == \core\diag\RADIUSTests::RETVAL_NOTCONFIGURED) { |
| 580 | 580 | if ($dynType == "") { |
| 581 | - echo "<tr><td>" . _("Dynamic discovery test is not configured") . "</td><td>"; |
|
| 581 | + echo "<tr><td>"._("Dynamic discovery test is not configured")."</td><td>"; |
|
| 582 | 582 | } else { |
| 583 | - echo "<tr><td>" . _("OpenRoaming connectivity test is not configured") . "</td><td>"; |
|
| 583 | + echo "<tr><td>"._("OpenRoaming connectivity test is not configured")."</td><td>"; |
|
| 584 | 584 | } |
| 585 | 585 | } else { |
| 586 | 586 | echo "<table>"; |
| 587 | 587 | // output in friendly words |
| 588 | - echo "<tr><td>" . _("Checking NAPTR existence:") . "</td><td>"; |
|
| 588 | + echo "<tr><td>"._("Checking NAPTR existence:")."</td><td>"; |
|
| 589 | 589 | switch ($naptr) { |
| 590 | 590 | case \core\diag\RFC7585Tests::RETVAL_NONAPTR: |
| 591 | 591 | echo _("This realm has no NAPTR records."); |
@@ -600,7 +600,7 @@ discard block |
||
| 600 | 600 | |
| 601 | 601 | // compliance checks for NAPTRs |
| 602 | 602 | if ($naptr > 0) { |
| 603 | - echo "<tr><td>" . _("Checking NAPTR compliance (flag = S and regex = {empty}):") . "</td><td>"; |
|
| 603 | + echo "<tr><td>"._("Checking NAPTR compliance (flag = S and regex = {empty}):")."</td><td>"; |
|
| 604 | 604 | $naptr_valid = $rfc7585suite->relevantNAPTRcompliance(); |
| 605 | 605 | switch ($naptr_valid) { |
| 606 | 606 | case \core\diag\RADIUSTests::RETVAL_OK: |
@@ -615,7 +615,7 @@ discard block |
||
| 615 | 615 | // SRV resolution |
| 616 | 616 | if ($naptr > 0 && $naptr_valid == \core\diag\RADIUSTests::RETVAL_OK) { |
| 617 | 617 | $srv = $rfc7585suite->relevantNAPTRsrvResolution(); |
| 618 | - echo "<tr><td>" . _("Checking SRVs:") . "</td><td>"; |
|
| 618 | + echo "<tr><td>"._("Checking SRVs:")."</td><td>"; |
|
| 619 | 619 | switch ($srv) { |
| 620 | 620 | case \core\diag\RADIUSTests::RETVAL_SKIPPED: |
| 621 | 621 | echo _("This check was skipped."); |
@@ -631,7 +631,7 @@ discard block |
||
| 631 | 631 | // IP addresses for the hosts |
| 632 | 632 | if ($naptr > 0 && $naptr_valid == \core\diag\RADIUSTests::RETVAL_OK && $srv > 0) { |
| 633 | 633 | $hosts = $rfc7585suite->relevantNAPTRhostnameResolution(); |
| 634 | - echo "<tr><td>" . _("Checking IP address resolution:") . "</td><td>"; |
|
| 634 | + echo "<tr><td>"._("Checking IP address resolution:")."</td><td>"; |
|
| 635 | 635 | switch ($srv) { |
| 636 | 636 | case \core\diag\RADIUSTests::RETVAL_SKIPPED: |
| 637 | 637 | echo _("This check was skipped."); |
@@ -648,12 +648,12 @@ discard block |
||
| 648 | 648 | echo "</table><br/>"; |
| 649 | 649 | if ($dynType == "") { |
| 650 | 650 | if (count($testsuite->listerrors()) == 0) { |
| 651 | - echo sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC"))) . _("with no DNS errors encountered. Congratulations!"); |
|
| 651 | + echo sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC")))._("with no DNS errors encountered. Congratulations!"); |
|
| 652 | 652 | } else { |
| 653 | - echo sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC"))) . _("but there were DNS errors! Check them!") . " " . _("You should re-run the tests after fixing the errors; more errors might be uncovered at that point. The exact error causes are listed below."); |
|
| 653 | + echo sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC")))._("but there were DNS errors! Check them!")." "._("You should re-run the tests after fixing the errors; more errors might be uncovered at that point. The exact error causes are listed below."); |
|
| 654 | 654 | echo "<div class='notacceptable'><table>"; |
| 655 | 655 | foreach ($testsuite->listerrors() as $details) { |
| 656 | - echo "<tr><td>" . $details['TYPE'] . "</td><td>" . $details['TARGET'] . "</td></tr>"; |
|
| 656 | + echo "<tr><td>".$details['TYPE']."</td><td>".$details['TARGET']."</td></tr>"; |
|
| 657 | 657 | } |
| 658 | 658 | echo "</table></div>"; |
| 659 | 659 | } |
@@ -672,7 +672,7 @@ discard block |
||
| 672 | 672 | $("#dynamic_tests").show(); |
| 673 | 673 | '; |
| 674 | 674 | foreach ($rfc7585suite->NAPTR_hostname_records as $hostindex => $addr) { |
| 675 | - $host = ($addr['family'] == "IPv6" ? "[" : "") . $addr['IP'] . ($addr['family'] == "IPv6" ? "]" : "") . ":" . $addr['port']; |
|
| 675 | + $host = ($addr['family'] == "IPv6" ? "[" : "").$addr['IP'].($addr['family'] == "IPv6" ? "]" : "").":".$addr['port']; |
|
| 676 | 676 | $expectedName = $addr['hostname']; |
| 677 | 677 | $ssltest = 1; |
| 678 | 678 | if (isset($addr['unavailable']) && $addr['unavailable']) { |
@@ -690,9 +690,9 @@ discard block |
||
| 690 | 690 | $protstr = implode(';', $protocols); |
| 691 | 691 | print " |
| 692 | 692 | running_ajax_dyn++; |
| 693 | - $.ajax({url:'radius_tests.php', data:{test_type: 'capath', realm: realm, src: '$host', lang: '" . $gui->languageInstance->getLang() . "', hostindex: '$hostindex', expectedname: '$expectedName', ssltest: $ssltest, protocols: '$protstr'}, error: eee, success: capath, dataType: 'json'}); |
|
| 693 | + $.ajax({url:'radius_tests.php', data:{test_type: 'capath', realm: realm, src: '$host', lang: '".$gui->languageInstance->getLang()."', hostindex: '$hostindex', expectedname: '$expectedName', ssltest: $ssltest, protocols: '$protstr'}, error: eee, success: capath, dataType: 'json'}); |
|
| 694 | 694 | running_ajax_dyn++; |
| 695 | - $.ajax({url:'radius_tests.php', data:{test_type: 'clients', realm: realm, src: '$host', lang: '" . $gui->languageInstance->getLang() . "', hostindex: '$hostindex', ssltest: $ssltest, protocols: '$protstr' }, error: eee, success: clients, dataType: 'json'}); |
|
| 695 | + $.ajax({url:'radius_tests.php', data:{test_type: 'clients', realm: realm, src: '$host', lang: '".$gui->languageInstance->getLang()."', hostindex: '$hostindex', ssltest: $ssltest, protocols: '$protstr' }, error: eee, success: clients, dataType: 'json'}); |
|
| 696 | 696 | "; |
| 697 | 697 | } |
| 698 | 698 | echo "} |
@@ -708,11 +708,11 @@ discard block |
||
| 708 | 708 | $("#openroaming_tests").show(); |
| 709 | 709 | '; |
| 710 | 710 | foreach ($rfc7585suite->NAPTR_hostname_records as $hostindex => $addr) { |
| 711 | - $host = ($addr['family'] == "IPv6" ? "[" : "") . $addr['IP'] . ($addr['family'] == "IPv6" ? "]" : "") . ":" . $addr['port']; |
|
| 711 | + $host = ($addr['family'] == "IPv6" ? "[" : "").$addr['IP'].($addr['family'] == "IPv6" ? "]" : "").":".$addr['port']; |
|
| 712 | 712 | $expectedName = $addr['hostname']; |
| 713 | 713 | print " |
| 714 | 714 | running_ajax_openroaming++; |
| 715 | - $.ajax({url:'radius_tests.php', data:{test_type: 'openroamingcapath', realm: realm, src: '$host', lang: '" . $gui->languageInstance->getLang() . "', hostindex: '$hostindex', expectedname: '$expectedName' }, error: eee, success: capath, dataType: 'json'}); |
|
| 715 | + $.ajax({url:'radius_tests.php', data:{test_type: 'openroamingcapath', realm: realm, src: '$host', lang: '".$gui->languageInstance->getLang()."', hostindex: '$hostindex', expectedname: '$expectedName' }, error: eee, success: capath, dataType: 'json'}); |
|
| 716 | 716 | "; |
| 717 | 717 | } |
| 718 | 718 | echo "} |
@@ -725,18 +725,18 @@ discard block |
||
| 725 | 725 | $naptrs[1] = $naptr; |
| 726 | 726 | } |
| 727 | 727 | } |
| 728 | - echo "<strong>" . _("Static connectivity tests") . "</strong> |
|
| 728 | + echo "<strong>"._("Static connectivity tests")."</strong> |
|
| 729 | 729 | <table><tr> |
| 730 | 730 | <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='main_static_ico' class='icon'></td><td id='main_static_result' style='display:none'> </td> |
| 731 | 731 | </tr></table>"; |
| 732 | 732 | if ($naptrs[0] > 0) { |
| 733 | - echo "<hr><strong>" . _("Dynamic connectivity tests") . "</strong> |
|
| 733 | + echo "<hr><strong>"._("Dynamic connectivity tests")."</strong> |
|
| 734 | 734 | <table><tr> |
| 735 | 735 | <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='main_dynamic_ico' class='icon'></td><td id='main_dynamic_result' style='display:none'> </td> |
| 736 | 736 | </tr></table>"; |
| 737 | 737 | } |
| 738 | 738 | if (isset($orrealm) && count($orrealm) && ($naptrs[1] > 0)) { |
| 739 | - echo "<hr><strong>" . _("OpenRoaming connectivity tests") . "</strong> |
|
| 739 | + echo "<hr><strong>"._("OpenRoaming connectivity tests")."</strong> |
|
| 740 | 740 | <table><tr> |
| 741 | 741 | <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='main_openroaming_ico' class='icon'></td><td id='main_openroaming_result' style='display:none'> </td> |
| 742 | 742 | </tr></table>"; |
@@ -756,12 +756,12 @@ discard block |
||
| 756 | 756 | print "<p>"; |
| 757 | 757 | foreach (\config\Diagnostics::RADIUSTESTS['UDP-hosts'] as $hostindex => $host) { |
| 758 | 758 | print "<hr>"; |
| 759 | - printf(_("Testing from: %s"), "<strong>" . \config\Diagnostics::RADIUSTESTS['UDP-hosts'][$hostindex]['display_name'] . "</strong>"); |
|
| 759 | + printf(_("Testing from: %s"), "<strong>".\config\Diagnostics::RADIUSTESTS['UDP-hosts'][$hostindex]['display_name']."</strong>"); |
|
| 760 | 760 | print "<table id='results$hostindex' style='width:100%' class='udp_results'> |
| 761 | 761 | <tr> |
| 762 | -<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='src" . $hostindex . "_img'></td> |
|
| 762 | +<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='src".$hostindex."_img'></td> |
|
| 763 | 763 | <td id='src$hostindex' colspan=2> |
| 764 | -" . _("testing...") . " |
|
| 764 | +"._("testing...")." |
|
| 765 | 765 | </td> |
| 766 | 766 | </tr> |
| 767 | 767 | </table>"; |
@@ -772,7 +772,7 @@ discard block |
||
| 772 | 772 | |
| 773 | 773 | </div> |
| 774 | 774 | <?php |
| 775 | - for ($i=3; $i<5; $i++) { |
|
| 775 | + for ($i = 3; $i < 5; $i++) { |
|
| 776 | 776 | if ($i == 3 && $naptrs[0] <= 0) { |
| 777 | 777 | continue; |
| 778 | 778 | } |
@@ -787,15 +787,15 @@ discard block |
||
| 787 | 787 | $rfc7585suite = $dnsChecksOR; |
| 788 | 788 | } |
| 789 | 789 | ?> |
| 790 | - <div id="tabs-<?php echo $i;?>"> |
|
| 791 | - <button id="run_<?php if ($i==3) echo 'd'; else echo 'o';?>_tests"; onclick="run_<?php if ($i==3) echo 'dynamic'; else echo 'openroaming';?>()"><?php if ($i==3) echo _("Repeat dynamic connectivity tests"); else echo _("Repeat OpenRoaming connectivity tests");?></button> |
|
| 790 | + <div id="tabs-<?php echo $i; ?>"> |
|
| 791 | + <button id="run_<?php if ($i == 3) echo 'd'; else echo 'o'; ?>_tests"; onclick="run_<?php if ($i == 3) echo 'dynamic'; else echo 'openroaming'; ?>()"><?php if ($i == 3) echo _("Repeat dynamic connectivity tests"); else echo _("Repeat OpenRoaming connectivity tests"); ?></button> |
|
| 792 | 792 | |
| 793 | 793 | <?php |
| 794 | 794 | echo "<div id='"; |
| 795 | - if ($i==3) { echo 'dynamic'; } else { echo 'openroaming'; } |
|
| 795 | + if ($i == 3) { echo 'dynamic'; } else { echo 'openroaming'; } |
|
| 796 | 796 | echo "_tests'><fieldset class='option_container'> |
| 797 | 797 | <legend><strong>"; |
| 798 | - if ($i==3) { |
|
| 798 | + if ($i == 3) { |
|
| 799 | 799 | echo _("DYNAMIC connectivity tests"); |
| 800 | 800 | } else { |
| 801 | 801 | echo _("OpenRoaming connectivity tests"); |
@@ -809,11 +809,11 @@ discard block |
||
| 809 | 809 | } |
| 810 | 810 | $resultstoprint = []; |
| 811 | 811 | if (count($rfc7585suite->NAPTR_hostname_records) > 0) { |
| 812 | - $resultstoprint[] = '<div style="align:'.$end.'; display: none;" id="' . $prefix1 . '_result_fail">' . _("Some errors were found during the tests, see below") . '</div><div style="align:'.$end.'; display: none;" id="' . $prefix1 . '_result_pass">' . _("All tests passed, congratulations!") . '</div>'; |
|
| 813 | - $resultstoprint[] = '<div style="align:'.$end.';"><a href="" class="moreall">' . _('Show detailed information for all tests') . '</a></div>' . '<p><strong>' . _("Checking server handshake...") . "</strong><p>"; |
|
| 812 | + $resultstoprint[] = '<div style="align:'.$end.'; display: none;" id="'.$prefix1.'_result_fail">'._("Some errors were found during the tests, see below").'</div><div style="align:'.$end.'; display: none;" id="'.$prefix1.'_result_pass">'._("All tests passed, congratulations!").'</div>'; |
|
| 813 | + $resultstoprint[] = '<div style="align:'.$end.';"><a href="" class="moreall">'._('Show detailed information for all tests').'</a></div>'.'<p><strong>'._("Checking server handshake...")."</strong><p>"; |
|
| 814 | 814 | foreach ($rfc7585suite->NAPTR_hostname_records as $hostindex => $addr) { |
| 815 | - $bracketaddr = ($addr["family"] == "IPv6" ? "[" . $addr["IP"] . "]" : $addr["IP"]); |
|
| 816 | - $resultstoprint[] = '<p><strong>' . $bracketaddr . ' TCP/' . $addr['port'] . '</strong> (' . $addr['hostname'] . ')'; |
|
| 815 | + $bracketaddr = ($addr["family"] == "IPv6" ? "[".$addr["IP"]."]" : $addr["IP"]); |
|
| 816 | + $resultstoprint[] = '<p><strong>'.$bracketaddr.' TCP/'.$addr['port'].'</strong> ('.$addr['hostname'].')'; |
|
| 817 | 817 | $prots = []; |
| 818 | 818 | if (isset($addr['protocols'])) { |
| 819 | 819 | foreach ($addr['protocols'] as $protocol) { |
@@ -823,18 +823,18 @@ discard block |
||
| 823 | 823 | } |
| 824 | 824 | } |
| 825 | 825 | if (!empty($prots)) { |
| 826 | - $resultstoprint[] = ' ' . _("supported TLS protocols: "); |
|
| 826 | + $resultstoprint[] = ' '._("supported TLS protocols: "); |
|
| 827 | 827 | $resultstoprint[] = implode(', ', $prots); |
| 828 | 828 | if (!isset($addr['istls13']) || !$addr['istls13']) { |
| 829 | - $resultstoprint[] = ' ' . '<font color="red">' . _("not supported: ") . 'TLS1.3</font>'; |
|
| 829 | + $resultstoprint[] = ' '.'<font color="red">'._("not supported: ").'TLS1.3</font>'; |
|
| 830 | 830 | } |
| 831 | 831 | } |
| 832 | 832 | $resultstoprint[] = '<ul style="list-style-type: none;" class="caresult"><li>'; |
| 833 | - $resultstoprint[] = "<table id='" . $prefix2 . "caresults$hostindex' style='width:100%'> |
|
| 833 | + $resultstoprint[] = "<table id='".$prefix2."caresults$hostindex' style='width:100%'> |
|
| 834 | 834 | <tr> |
| 835 | -<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='" . $prefix2 . "srcca$hostindex" . "_img'></td> |
|
| 836 | -<td id='" . $prefix2 . "srcca$hostindex'> |
|
| 837 | -" . _("testing...") . " |
|
| 835 | +<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='".$prefix2."srcca$hostindex"."_img'></td> |
|
| 836 | +<td id='" . $prefix2."srcca$hostindex'> |
|
| 837 | +"._("testing...")." |
|
| 838 | 838 | </td> |
| 839 | 839 | </tr> |
| 840 | 840 | </table>"; |
@@ -842,26 +842,26 @@ discard block |
||
| 842 | 842 | } |
| 843 | 843 | $clientstest = []; |
| 844 | 844 | foreach ($rfc7585suite->NAPTR_hostname_records as $hostindex => $addr) { |
| 845 | - $clientstest[] = '<p><strong>' . $addr['IP'] . ' TCP/' . $addr['port'] . '</strong></p><ol>'; |
|
| 846 | - $clientstest[] = "<span id='" . $prefix2 . "clientresults$hostindex'><table style='width:100%'> |
|
| 845 | + $clientstest[] = '<p><strong>'.$addr['IP'].' TCP/'.$addr['port'].'</strong></p><ol>'; |
|
| 846 | + $clientstest[] = "<span id='".$prefix2."clientresults$hostindex'><table style='width:100%'> |
|
| 847 | 847 | <tr> |
| 848 | 848 | <td class='icon_td'>"; |
| 849 | - if ($i == 4 ) { |
|
| 849 | + if ($i == 4) { |
|
| 850 | 850 | $clientstest[] = "<!--"; |
| 851 | 851 | } |
| 852 | - $clientstest[] = "<img src='../resources/images/icons/loading51.gif' id='" . $prefix2 . "srcclient$hostindex" . "_img'></td> |
|
| 853 | -<td id='" . $prefix2 . "srcclient$hostindex'> |
|
| 854 | -" . _("testing..."); |
|
| 852 | + $clientstest[] = "<img src='../resources/images/icons/loading51.gif' id='".$prefix2."srcclient$hostindex"."_img'></td> |
|
| 853 | +<td id='" . $prefix2."srcclient$hostindex'> |
|
| 854 | +"._("testing..."); |
|
| 855 | 855 | |
| 856 | - if ($i == 4 ) { |
|
| 857 | - $clientstest[] = "-->" . _("not implemented yet"); |
|
| 856 | + if ($i == 4) { |
|
| 857 | + $clientstest[] = "-->"._("not implemented yet"); |
|
| 858 | 858 | } |
| 859 | 859 | $clientstest[] = "</td></tr></table></span>"; |
| 860 | 860 | $clientstest[] = '</ol>'; |
| 861 | 861 | } |
| 862 | 862 | echo '<div style="align:'.$end.';">'; |
| 863 | 863 | echo join('', $resultstoprint); |
| 864 | - echo '<span id="' . $prefix2 . 'clientstest" style="display: none;"><p><hr><b>' . _('Checking if certificates from CAs are accepted...') . '</b><p>' . _('A few client certificates will be tested to check if servers are resistant to some certificate problems.') . '<p>'; |
|
| 864 | + echo '<span id="'.$prefix2.'clientstest" style="display: none;"><p><hr><b>'._('Checking if certificates from CAs are accepted...').'</b><p>'._('A few client certificates will be tested to check if servers are resistant to some certificate problems.').'<p>'; |
|
| 865 | 865 | print join('', $clientstest); |
| 866 | 866 | echo '</span>'; |
| 867 | 867 | echo '</div>'; |
@@ -875,7 +875,7 @@ discard block |
||
| 875 | 875 | // check if truncates/dies on Operator-Name |
| 876 | 876 | if ($my_profile !== NULL) { |
| 877 | 877 | echo "<div id='tabs-n'><fieldset class='option_container'> |
| 878 | - <legend><strong>" . _("Live login test") . "</strong></legend>"; |
|
| 878 | + <legend><strong>" . _("Live login test")."</strong></legend>"; |
|
| 879 | 879 | $prof_compl = $my_profile->getEapMethodsinOrderOfPreference(1); |
| 880 | 880 | if (count($prof_compl) > 0) { |
| 881 | 881 | $passwordReqired = FALSE; |
@@ -888,34 +888,34 @@ discard block |
||
| 888 | 888 | $clientCertRequired = TRUE; |
| 889 | 889 | } |
| 890 | 890 | } |
| 891 | - echo "<div id='disposable_credential_container'><p>" . _("If you enter an existing login credential here, you can test the actual authentication from various checkpoints all over the world.") . "</p> |
|
| 892 | - <p>" . _("The test will use all EAP types you have set in your profile information to check whether the right CAs and server names are used, and of course whether the login with these credentials and the given EAP type actually worked. If you have set anonymous outer ID, the test will use that.") . "</p> |
|
| 893 | - <p>" . _("Note: the tool purposefully does not offer you to save these credentials, and they will never be saved in any way on the server side. Please use only <strong>temporary test accounts</strong> here; permanently valid test accounts in the wild are considered harmful!") . "</p></div> |
|
| 891 | + echo "<div id='disposable_credential_container'><p>"._("If you enter an existing login credential here, you can test the actual authentication from various checkpoints all over the world.")."</p> |
|
| 892 | + <p>" . _("The test will use all EAP types you have set in your profile information to check whether the right CAs and server names are used, and of course whether the login with these credentials and the given EAP type actually worked. If you have set anonymous outer ID, the test will use that.")."</p> |
|
| 893 | + <p>" . _("Note: the tool purposefully does not offer you to save these credentials, and they will never be saved in any way on the server side. Please use only <strong>temporary test accounts</strong> here; permanently valid test accounts in the wild are considered harmful!")."</p></div> |
|
| 894 | 894 | <form enctype='multipart/form-data' id='live_form' accept-charset='UTF-8'> |
| 895 | 895 | <input type='hidden' name='test_type' value='udp_login'> |
| 896 | - <input type='hidden' name='lang' value='" . $gui->languageInstance->getLang() . "'> |
|
| 897 | - <input type='hidden' name='profile_id' value='" . $my_profile->identifier . "'> |
|
| 896 | + <input type='hidden' name='lang' value='" . $gui->languageInstance->getLang()."'> |
|
| 897 | + <input type='hidden' name='profile_id' value='" . $my_profile->identifier."'> |
|
| 898 | 898 | <table id='live_tests'>"; |
| 899 | 899 | // if any password based EAP methods are available enable this section |
| 900 | 900 | if ($passwordReqired) { |
| 901 | - echo "<tr><td colspan='2'><strong>" . _("Password-based EAP types") . "</strong></td></tr> |
|
| 902 | - <tr><td>" . _("Real (inner) username:") . "</td><td><input type='text' id='username' class='mandatory' name='username'/></td></tr>"; |
|
| 903 | - echo "<tr><td>" . _("Anonymous outer ID (optional):") . "</td><td><input type='text' id='outer_username' name='outer_username'/></td></tr>"; |
|
| 904 | - echo "<tr><td>" . _("Password:") . "</td><td><input type='text' id='password' class='mandatory' name='password'/></td></tr>"; |
|
| 901 | + echo "<tr><td colspan='2'><strong>"._("Password-based EAP types")."</strong></td></tr> |
|
| 902 | + <tr><td>" . _("Real (inner) username:")."</td><td><input type='text' id='username' class='mandatory' name='username'/></td></tr>"; |
|
| 903 | + echo "<tr><td>"._("Anonymous outer ID (optional):")."</td><td><input type='text' id='outer_username' name='outer_username'/></td></tr>"; |
|
| 904 | + echo "<tr><td>"._("Password:")."</td><td><input type='text' id='password' class='mandatory' name='password'/></td></tr>"; |
|
| 905 | 905 | } |
| 906 | 906 | // ask for cert + privkey if TLS-based method is active |
| 907 | 907 | if ($clientCertRequired) { |
| 908 | - echo "<tr><td colspan='2'><strong>" . _("Certificate-based EAP types") . "</strong></td></tr> |
|
| 909 | - <tr><td>" . _("Certificate file (.p12 or .pfx):") . "</td><td><input type='file' id='cert' accept='application/x-pkcs12' name='cert'/></td></tr> |
|
| 910 | - <tr><td>" . _("Certificate password, if any:") . "</td><td><input type='text' id='privkey' name='privkey_pass'/></td></tr> |
|
| 911 | - <tr><td>" . _("Username, if different from certificate Subject:") . "</td><td><input type='text' id='tls_username' name='tls_username'/></td></tr>"; |
|
| 908 | + echo "<tr><td colspan='2'><strong>"._("Certificate-based EAP types")."</strong></td></tr> |
|
| 909 | + <tr><td>" . _("Certificate file (.p12 or .pfx):")."</td><td><input type='file' id='cert' accept='application/x-pkcs12' name='cert'/></td></tr> |
|
| 910 | + <tr><td>" . _("Certificate password, if any:")."</td><td><input type='text' id='privkey' name='privkey_pass'/></td></tr> |
|
| 911 | + <tr><td>" . _("Username, if different from certificate Subject:")."</td><td><input type='text' id='tls_username' name='tls_username'/></td></tr>"; |
|
| 912 | 912 | } |
| 913 | - echo "<tr><td colspan='2'><button id='submit_credentials'>" . _("Submit credentials") . "</button></td></tr></table></form>"; |
|
| 913 | + echo "<tr><td colspan='2'><button id='submit_credentials'>"._("Submit credentials")."</button></td></tr></table></form>"; |
|
| 914 | 914 | echo "<div id='live_login_results' style='display:none'>"; |
| 915 | 915 | foreach (\config\Diagnostics::RADIUSTESTS['UDP-hosts'] as $hostindex => $host) { |
| 916 | 916 | print "<hr>"; |
| 917 | - printf(_("Testing from: %s"), "<strong>" . \config\Diagnostics::RADIUSTESTS['UDP-hosts'][$hostindex]['display_name'] . "</strong>"); |
|
| 918 | - print "<span style='position:relative'><img src='../resources/images/icons/loading51.gif' id='live_src" . $hostindex . "_img' style='width:24px; position: absolute; $start: 20px; bottom: 0px; '></span>"; |
|
| 917 | + printf(_("Testing from: %s"), "<strong>".\config\Diagnostics::RADIUSTESTS['UDP-hosts'][$hostindex]['display_name']."</strong>"); |
|
| 918 | + print "<span style='position:relative'><img src='../resources/images/icons/loading51.gif' id='live_src".$hostindex."_img' style='width:24px; position: absolute; $start: 20px; bottom: 0px; '></span>"; |
|
| 919 | 919 | print "<div id='eap_test$hostindex' class='eap_test_results'></div>"; |
| 920 | 920 | } |
| 921 | 921 | echo "</div>"; |
@@ -930,9 +930,9 @@ discard block |
||
| 930 | 930 | } |
| 931 | 931 | |
| 932 | 932 | if (isset($_POST['comefrom'])) { |
| 933 | - $return = htmlspecialchars_decode($_POST['comefrom']) . ( $inst_id ? "?inst_id=" . $inst_id : "" ); |
|
| 933 | + $return = htmlspecialchars_decode($_POST['comefrom']).($inst_id ? "?inst_id=".$inst_id : ""); |
|
| 934 | 934 | echo "<form method='post' action='$return' accept-charset='UTF-8'> |
| 935 | - <button type='submit' name='submitbutton' value='" . web\lib\common\FormElements::BUTTON_CLOSE . "'>" . sprintf(_("Return to %s administrator area"), core\common\Entity::$nomenclature_idp) . "</button>" |
|
| 935 | + <button type='submit' name='submitbutton' value='".web\lib\common\FormElements::BUTTON_CLOSE."'>".sprintf(_("Return to %s administrator area"), core\common\Entity::$nomenclature_idp)."</button>" |
|
| 936 | 936 | . "</form>"; |
| 937 | 937 | } |
| 938 | 938 | if ($check_realm !== FALSE) { |
@@ -17,9 +17,9 @@ discard block |
||
| 17 | 17 | class CertificationAuthorityEduPki extends EntityWithDBProperties implements CertificationAuthorityInterface |
| 18 | 18 | { |
| 19 | 19 | |
| 20 | - private const LOCATION_RA_CERT = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 21 | - private const LOCATION_RA_KEY = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 22 | - private const LOCATION_WEBROOT = ROOT . "/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 20 | + private const LOCATION_RA_CERT = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 21 | + private const LOCATION_RA_KEY = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 22 | + private const LOCATION_WEBROOT = ROOT."/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 23 | 23 | private const EDUPKI_RA_ID = 700; |
| 24 | 24 | private const EDUPKI_CERT_PROFILE = "User SOAP"; |
| 25 | 25 | private const EDUPKI_RA_PKEY_PASSPHRASE = "..."; |
@@ -35,13 +35,13 @@ discard block |
||
| 35 | 35 | parent::__construct(); |
| 36 | 36 | |
| 37 | 37 | if (stat(CertificationAuthorityEduPki::LOCATION_RA_CERT) === FALSE) { |
| 38 | - throw new Exception("RA operator PEM file not found: " . CertificationAuthorityEduPki::LOCATION_RA_CERT); |
|
| 38 | + throw new Exception("RA operator PEM file not found: ".CertificationAuthorityEduPki::LOCATION_RA_CERT); |
|
| 39 | 39 | } |
| 40 | 40 | if (stat(CertificationAuthorityEduPki::LOCATION_RA_KEY) === FALSE) { |
| 41 | - throw new Exception("RA operator private key file not found: " . CertificationAuthorityEduPki::LOCATION_RA_KEY); |
|
| 41 | + throw new Exception("RA operator private key file not found: ".CertificationAuthorityEduPki::LOCATION_RA_KEY); |
|
| 42 | 42 | } |
| 43 | 43 | if (stat(CertificationAuthorityEduPki::LOCATION_WEBROOT) === FALSE) { |
| 44 | - throw new Exception("CA website root CA file not found: " . CertificationAuthorityEduPki::LOCATION_WEBROOT); |
|
| 44 | + throw new Exception("CA website root CA file not found: ".CertificationAuthorityEduPki::LOCATION_WEBROOT); |
|
| 45 | 45 | } |
| 46 | 46 | } |
| 47 | 47 | |
@@ -75,19 +75,19 @@ discard block |
||
| 75 | 75 | // initialise connection to eduPKI CA / eduroam RA and send the request to them |
| 76 | 76 | try { |
| 77 | 77 | $altArray = [# Array mit den Subject Alternative Names |
| 78 | - "email:" . $csr["USERNAME"] |
|
| 78 | + "email:".$csr["USERNAME"] |
|
| 79 | 79 | ]; |
| 80 | 80 | $soapPub = $this->initEduPKISoapSession("PUBLIC"); |
| 81 | 81 | $this->loggerInstance->debug(5, "FIRST ACTUAL SOAP REQUEST (Public, newRequest)!\n"); |
| 82 | - $this->loggerInstance->debug(5, "PARAM_1: " . CertificationAuthorityEduPki::EDUPKI_RA_ID . "\n"); |
|
| 83 | - $this->loggerInstance->debug(5, "PARAM_2: " . $csr["CSR_STRING"] . "\n"); |
|
| 82 | + $this->loggerInstance->debug(5, "PARAM_1: ".CertificationAuthorityEduPki::EDUPKI_RA_ID."\n"); |
|
| 83 | + $this->loggerInstance->debug(5, "PARAM_2: ".$csr["CSR_STRING"]."\n"); |
|
| 84 | 84 | $this->loggerInstance->debug(5, "PARAM_3: "); |
| 85 | 85 | $this->loggerInstance->debug(5, $altArray); |
| 86 | - $this->loggerInstance->debug(5, "PARAM_4: " . CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE . "\n"); |
|
| 87 | - $this->loggerInstance->debug(5, "PARAM_5: " . sha1("notused") . "\n"); |
|
| 88 | - $this->loggerInstance->debug(5, "PARAM_6: " . $csr["USERNAME"] . "\n"); |
|
| 89 | - $this->loggerInstance->debug(5, "PARAM_7: " . $csr["USERNAME"] . "\n"); |
|
| 90 | - $this->loggerInstance->debug(5, "PARAM_8: " . \config\ConfAssistant::SILVERBULLET['product_name'] . "\n"); |
|
| 86 | + $this->loggerInstance->debug(5, "PARAM_4: ".CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE."\n"); |
|
| 87 | + $this->loggerInstance->debug(5, "PARAM_5: ".sha1("notused")."\n"); |
|
| 88 | + $this->loggerInstance->debug(5, "PARAM_6: ".$csr["USERNAME"]."\n"); |
|
| 89 | + $this->loggerInstance->debug(5, "PARAM_7: ".$csr["USERNAME"]."\n"); |
|
| 90 | + $this->loggerInstance->debug(5, "PARAM_8: ".\config\ConfAssistant::SILVERBULLET['product_name']."\n"); |
|
| 91 | 91 | $this->loggerInstance->debug(5, "PARAM_9: false\n"); |
| 92 | 92 | $soapNewRequest = $soapPub->newRequest( |
| 93 | 93 | CertificationAuthorityEduPki::EDUPKI_RA_ID, # RA-ID |
@@ -109,11 +109,11 @@ discard block |
||
| 109 | 109 | } catch (Exception $e) { |
| 110 | 110 | // PHP 7.1 can do this much better |
| 111 | 111 | if (is_soap_fault($e)) { |
| 112 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: { |
|
| 112 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: { |
|
| 113 | 113 | $e->faultstring |
| 114 | 114 | }\n"); |
| 115 | 115 | } |
| 116 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 116 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 117 | 117 | } |
| 118 | 118 | try { |
| 119 | 119 | $soap = $this->initEduPKISoapSession("RA"); |
@@ -125,8 +125,8 @@ discard block |
||
| 125 | 125 | $soapReqnum, [ |
| 126 | 126 | "RaID" => CertificationAuthorityEduPki::EDUPKI_RA_ID, |
| 127 | 127 | "Role" => CertificationAuthorityEduPki::EDUPKI_CERT_PROFILE, |
| 128 | - "Subject" => "DC=eduroam,DC=test,DC=test,C=" . $csr["FED"] . ",O=" . \config\ConfAssistant::CONSORTIUM['name'] . ",OU=" . $csr["FED"] . ",CN=" . $csr['USERNAME'] . ",emailAddress=" . $csr['USERNAME'], |
|
| 129 | - "SubjectAltNames" => ["email:" . $csr["USERNAME"]], |
|
| 128 | + "Subject" => "DC=eduroam,DC=test,DC=test,C=".$csr["FED"].",O=".\config\ConfAssistant::CONSORTIUM['name'].",OU=".$csr["FED"].",CN=".$csr['USERNAME'].",emailAddress=".$csr['USERNAME'], |
|
| 129 | + "SubjectAltNames" => ["email:".$csr["USERNAME"]], |
|
| 130 | 130 | "NotBefore" => (new \DateTime())->format('c'), |
| 131 | 131 | "NotAfter" => $expiry->format('c'), |
| 132 | 132 | ] |
@@ -145,7 +145,7 @@ discard block |
||
| 145 | 145 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 146 | 146 | // rather than just using the string. Grr. |
| 147 | 147 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 148 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapCleartext); |
|
| 148 | + file_put_contents($tempdir['dir']."/content.txt", $soapCleartext); |
|
| 149 | 149 | // retrieve our RA cert from filesystem |
| 150 | 150 | // the RA certificates are not needed right now because we |
| 151 | 151 | // have resorted to S/MIME signatures with openssl command-line |
@@ -157,7 +157,7 @@ discard block |
||
| 157 | 157 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 158 | 158 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 159 | 159 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n $soapCleartext\n"); |
| 160 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 160 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 161 | 161 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 162 | 162 | $output = []; |
| 163 | 163 | $return = 999; |
@@ -166,14 +166,14 @@ discard block |
||
| 166 | 166 | throw new Exception("Non-zero return value from openssl smime!"); |
| 167 | 167 | } |
| 168 | 168 | // and get the signature blob back from the filesystem |
| 169 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 169 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 170 | 170 | $this->loggerInstance->debug(5, "Request for server approveRequest has parameters:\n"); |
| 171 | - $this->loggerInstance->debug(5, $soapReqnum . "\n"); |
|
| 172 | - $this->loggerInstance->debug(5, $soapCleartext . "\n"); // PHP magically encodes this as base64 while sending! |
|
| 173 | - $this->loggerInstance->debug(5, $detachedSig . "\n"); |
|
| 171 | + $this->loggerInstance->debug(5, $soapReqnum."\n"); |
|
| 172 | + $this->loggerInstance->debug(5, $soapCleartext."\n"); // PHP magically encodes this as base64 while sending! |
|
| 173 | + $this->loggerInstance->debug(5, $detachedSig."\n"); |
|
| 174 | 174 | $soapIssueCert = $soap->approveRequest($soapReqnum, $soapCleartext, $detachedSig); |
| 175 | - $this->loggerInstance->debug(5, "approveRequest Request was: \n" . $soap->__getLastRequest()); |
|
| 176 | - $this->loggerInstance->debug(5, "approveRequest Response was: \n" . $soap->__getLastResponse()); |
|
| 175 | + $this->loggerInstance->debug(5, "approveRequest Request was: \n".$soap->__getLastRequest()); |
|
| 176 | + $this->loggerInstance->debug(5, "approveRequest Response was: \n".$soap->__getLastResponse()); |
|
| 177 | 177 | if ($soapIssueCert === FALSE) { |
| 178 | 178 | throw new Exception("The locally approved request was NOT processed by the CA."); |
| 179 | 179 | } |
@@ -210,9 +210,9 @@ discard block |
||
| 210 | 210 | throw new Exception("CAInfo has no root certificate for us!"); |
| 211 | 211 | } |
| 212 | 212 | } catch (SoapFault $e) { |
| 213 | - throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 213 | + throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 214 | 214 | } catch (Exception $e) { |
| 215 | - throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage()); |
|
| 215 | + throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage()); |
|
| 216 | 216 | } |
| 217 | 217 | return [ |
| 218 | 218 | "CERT" => openssl_x509_read($parsedCert['pem']), |
@@ -245,12 +245,12 @@ discard block |
||
| 245 | 245 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 246 | 246 | // rather than just using the string. Grr. |
| 247 | 247 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 248 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapRawRevRequest); |
|
| 248 | + file_put_contents($tempdir['dir']."/content.txt", $soapRawRevRequest); |
|
| 249 | 249 | // retrieve our RA cert from filesystem |
| 250 | 250 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 251 | 251 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 252 | 252 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n$soapRawRevRequest\n"); |
| 253 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . CertificationAuthorityEduPki::LOCATION_RA_KEY . " -signer " . CertificationAuthorityEduPki::LOCATION_RA_CERT; |
|
| 253 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".CertificationAuthorityEduPki::LOCATION_RA_KEY." -signer ".CertificationAuthorityEduPki::LOCATION_RA_CERT; |
|
| 254 | 254 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 255 | 255 | $output = []; |
| 256 | 256 | $return = 999; |
@@ -259,7 +259,7 @@ discard block |
||
| 259 | 259 | throw new Exception("Non-zero return value from openssl smime!"); |
| 260 | 260 | } |
| 261 | 261 | // and get the signature blob back from the filesystem |
| 262 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 262 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 263 | 263 | $soapIssueRev = $soap->approveRevocationRequest($soapRevocationSerial, $soapRawRevRequest, $detachedSig); |
| 264 | 264 | if ($soapIssueRev === FALSE) { |
| 265 | 265 | throw new Exception("The locally approved revocation request was NOT processed by the CA."); |
@@ -267,9 +267,9 @@ discard block |
||
| 267 | 267 | } catch (Exception $e) { |
| 268 | 268 | // PHP 7.1 can do this much better |
| 269 | 269 | if (is_soap_fault($e)) { |
| 270 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: {$e->faultstring}\n"); |
|
| 270 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: {$e->faultstring}\n"); |
|
| 271 | 271 | } |
| 272 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 272 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 273 | 273 | } |
| 274 | 274 | } |
| 275 | 275 | |
@@ -369,9 +369,9 @@ discard block |
||
| 369 | 369 | */ |
| 370 | 370 | public function soapToXmlInteger($x) |
| 371 | 371 | { |
| 372 | - return '<' . $x[0] . '>' |
|
| 372 | + return '<'.$x[0].'>' |
|
| 373 | 373 | . htmlentities($x[1], ENT_NOQUOTES | ENT_XML1) |
| 374 | - . '</' . $x[0] . '>'; |
|
| 374 | + . '</'.$x[0].'>'; |
|
| 375 | 375 | } |
| 376 | 376 | |
| 377 | 377 | /** |
@@ -390,9 +390,9 @@ discard block |
||
| 390 | 390 | // dump private key into directory |
| 391 | 391 | $outstring = ""; |
| 392 | 392 | openssl_pkey_export($privateKey, $outstring); |
| 393 | - file_put_contents($tempdir . "/pkey.pem", $outstring); |
|
| 393 | + file_put_contents($tempdir."/pkey.pem", $outstring); |
|
| 394 | 394 | // PHP can only do one DC in the Subject. But we need three. |
| 395 | - $execCmd = \config\Master::PATHS['openssl'] . " req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 395 | + $execCmd = \config\Master::PATHS['openssl']." req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 396 | 396 | $this->loggerInstance->debug(2, "Calling openssl req with following cmdline: $execCmd\n"); |
| 397 | 397 | $output = []; |
| 398 | 398 | $return = 999; |
@@ -62,7 +62,7 @@ |
||
| 62 | 62 | they are from the same user group. You are not allowed to share them to an unlimited |
| 63 | 63 | audience (e.g. on a publicly accessible web server).</li> |
| 64 | 64 | <li>If You are an eduroam Identity Provider administrator, you are allowed to download and pass on the Installers to |
| 65 | -your own <?php echo \config\ConfAssistant::CONSORTIUM['nomenclature_idp'];?> end users, e.g. on the support web pages of your <?php echo \config\ConfAssistant::CONSORTIUM['nomenclature_idp'];?>, on Welcome Package CDs or USB sticks, etc.</li> |
|
| 65 | +your own <?php echo \config\ConfAssistant::CONSORTIUM['nomenclature_idp']; ?> end users, e.g. on the support web pages of your <?php echo \config\ConfAssistant::CONSORTIUM['nomenclature_idp']; ?>, on Welcome Package CDs or USB sticks, etc.</li> |
|
| 66 | 66 | <li>If You are a third-party not affiliated with eduroam, you are only allowed to download and pass on |
| 67 | 67 | the Metadata and/or the Installers after having received written permission by the eduroam Operations team.</li> |
| 68 | 68 | </ul> |
@@ -98,98 +98,98 @@ |
||
| 98 | 98 | } |
| 99 | 99 | |
| 100 | 100 | switch ($operationMode) { |
| 101 | - case OPERATION_MODE_EDIT: |
|
| 102 | - $idp = $validator->existingIdP($_GET['inst_id']); |
|
| 103 | - // editing IdPs is done from within the popup. When we're done, send the |
|
| 104 | - // user back to the popup (append the result of the operation later) |
|
| 105 | - $redirectDestination = "manageAdmins.inc.php?inst_id=" . $idp->identifier . "&"; |
|
| 106 | - if (count($validAddresses) == 0) { |
|
| 107 | - header("Location: $redirectDestination" . "invitation=INVALIDSYNTAX"); |
|
| 108 | - exit(1); |
|
| 109 | - } |
|
| 110 | - // is the user primary admin of this IdP? |
|
| 111 | - $is_owner = $idp->isPrimaryOwner($_SESSION['user']); |
|
| 112 | - // check if he is (also) federation admin for the federation this IdP is in. His invitations have more blessing then. |
|
| 113 | - $fedadmin = $userObject->isFederationAdmin($idp->federation); |
|
| 114 | - // check if he is either one, if not, complain |
|
| 115 | - if (!$is_owner && !$fedadmin) { |
|
| 116 | - echo "<p>" . sprintf(_("Something's wrong... you are a %s admin, but not for the %s the requested %s belongs to!"), $uiElements->nomenclatureFed, $uiElements->nomenclatureFed, $uiElements->nomenclatureParticipant) . "</p>"; |
|
| 117 | - exit(1); |
|
| 118 | - } |
|
| 101 | + case OPERATION_MODE_EDIT: |
|
| 102 | + $idp = $validator->existingIdP($_GET['inst_id']); |
|
| 103 | + // editing IdPs is done from within the popup. When we're done, send the |
|
| 104 | + // user back to the popup (append the result of the operation later) |
|
| 105 | + $redirectDestination = "manageAdmins.inc.php?inst_id=" . $idp->identifier . "&"; |
|
| 106 | + if (count($validAddresses) == 0) { |
|
| 107 | + header("Location: $redirectDestination" . "invitation=INVALIDSYNTAX"); |
|
| 108 | + exit(1); |
|
| 109 | + } |
|
| 110 | + // is the user primary admin of this IdP? |
|
| 111 | + $is_owner = $idp->isPrimaryOwner($_SESSION['user']); |
|
| 112 | + // check if he is (also) federation admin for the federation this IdP is in. His invitations have more blessing then. |
|
| 113 | + $fedadmin = $userObject->isFederationAdmin($idp->federation); |
|
| 114 | + // check if he is either one, if not, complain |
|
| 115 | + if (!$is_owner && !$fedadmin) { |
|
| 116 | + echo "<p>" . sprintf(_("Something's wrong... you are a %s admin, but not for the %s the requested %s belongs to!"), $uiElements->nomenclatureFed, $uiElements->nomenclatureFed, $uiElements->nomenclatureParticipant) . "</p>"; |
|
| 117 | + exit(1); |
|
| 118 | + } |
|
| 119 | 119 | |
| 120 | - $prettyprintname = $idp->name; |
|
| 121 | - $newtokens = $mgmt->createTokens($fedadmin, $validAddresses, $idp); |
|
| 122 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP " . $idp->identifier . " - Token created for " . implode(",", $validAddresses)); |
|
| 123 | - $introtext = "CO-ADMIN"; |
|
| 124 | - $participant_type = $idp->type; |
|
| 125 | - break; |
|
| 126 | - case OPERATION_MODE_NEWUNLINKED: |
|
| 127 | - $redirectDestination = "../overview_federation.php?"; |
|
| 128 | - if (count($validAddresses) == 0) { |
|
| 129 | - header("Location: $redirectDestination"."invitation=INVALIDSYNTAX"); |
|
| 130 | - exit(1); |
|
| 131 | - } |
|
| 132 | - // run an input check and conversion of the raw inputs... just in case |
|
| 133 | - $newinstname = $validator->string($_POST['name']); |
|
| 134 | - $newcountry = $validator->string($_POST['country']); |
|
| 135 | - $participant_type = $validator->partType($_POST['participant_type']); |
|
| 136 | - $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($newcountry); |
|
| 137 | - if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 138 | - throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureParticipant . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!"); |
|
| 139 | - } |
|
| 140 | - $federation = $validator->existingFederation($newcountry); |
|
| 141 | - $prettyprintname = $newinstname; |
|
| 142 | - $introtext = "NEW-FED"; |
|
| 143 | - // send the user back to his federation overview page, append the result of the operation later |
|
| 144 | - // do the token creation magic |
|
| 145 | - $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $newinstname, 0, $newcountry, $participant_type); |
|
| 146 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "ORG FUTURE - Token created for $participant_type " . implode(",", $validAddresses)); |
|
| 147 | - break; |
|
| 148 | - case OPERATION_MODE_NEWFROMDB: |
|
| 149 | - $redirectDestination = "../overview_federation.php?"; |
|
| 150 | - if (count($validAddresses) == 0) { |
|
| 151 | - header("Location: $redirectDestination"."invitation=INVALIDSYNTAX"); |
|
| 152 | - exit(1); |
|
| 153 | - } |
|
| 154 | - // a real external DB entry was submitted and all the required parameters are there |
|
| 155 | - $newexternalid = $validator->string($_POST['externals']); |
|
| 156 | - $extinfo = $catInstance->getExternalDBEntityDetails($newexternalid); |
|
| 157 | - $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($extinfo['country']); |
|
| 158 | - if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 159 | - throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureParticipant . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!"); |
|
| 160 | - } |
|
| 161 | - $federation = $validator->existingFederation($extinfo['country']); |
|
| 162 | - $newcountry = $extinfo['country']; |
|
| 163 | - // see if the inst name is defined in the currently set language; if not, pick its English name; if N/A, pick the last in the list |
|
| 164 | - $prettyprintname = ""; |
|
| 165 | - foreach ($extinfo['names'] as $lang => $name) { |
|
| 166 | - if ($lang == $languageInstance->getLang()) { |
|
| 167 | - $prettyprintname = $name; |
|
| 120 | + $prettyprintname = $idp->name; |
|
| 121 | + $newtokens = $mgmt->createTokens($fedadmin, $validAddresses, $idp); |
|
| 122 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP " . $idp->identifier . " - Token created for " . implode(",", $validAddresses)); |
|
| 123 | + $introtext = "CO-ADMIN"; |
|
| 124 | + $participant_type = $idp->type; |
|
| 125 | + break; |
|
| 126 | + case OPERATION_MODE_NEWUNLINKED: |
|
| 127 | + $redirectDestination = "../overview_federation.php?"; |
|
| 128 | + if (count($validAddresses) == 0) { |
|
| 129 | + header("Location: $redirectDestination"."invitation=INVALIDSYNTAX"); |
|
| 130 | + exit(1); |
|
| 168 | 131 | } |
| 169 | - } |
|
| 170 | - if ($prettyprintname == "" && isset($extinfo['names']['en'])) { |
|
| 171 | - $prettyprintname = $extinfo['names']['en']; |
|
| 172 | - } |
|
| 173 | - if ($prettyprintname == "") { |
|
| 174 | - foreach ($extinfo['names'] as $name) { |
|
| 175 | - $prettyprintname = $name; |
|
| 132 | + // run an input check and conversion of the raw inputs... just in case |
|
| 133 | + $newinstname = $validator->string($_POST['name']); |
|
| 134 | + $newcountry = $validator->string($_POST['country']); |
|
| 135 | + $participant_type = $validator->partType($_POST['participant_type']); |
|
| 136 | + $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($newcountry); |
|
| 137 | + if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 138 | + throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureParticipant . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!"); |
|
| 176 | 139 | } |
| 177 | - } |
|
| 178 | - $participant_type = $extinfo['type']; |
|
| 179 | - // fill the rest of the text |
|
| 180 | - $introtext = "EXISTING-FED"; |
|
| 181 | - // do the token creation magic |
|
| 182 | - $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $prettyprintname, $newexternalid); |
|
| 183 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE - Token created for " . implode(",", $validAddresses)); |
|
| 184 | - break; |
|
| 185 | - default: // includes OPERATION_MODE_INVALID |
|
| 186 | - // second param is TRUE, so the variable *will* contain a string |
|
| 187 | - // i.e. ignore Scrutinizer type warning later |
|
| 188 | - $wrongcontent = print_r($_POST, TRUE); |
|
| 189 | - echo "<pre>Wrong parameters in POST: |
|
| 140 | + $federation = $validator->existingFederation($newcountry); |
|
| 141 | + $prettyprintname = $newinstname; |
|
| 142 | + $introtext = "NEW-FED"; |
|
| 143 | + // send the user back to his federation overview page, append the result of the operation later |
|
| 144 | + // do the token creation magic |
|
| 145 | + $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $newinstname, 0, $newcountry, $participant_type); |
|
| 146 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "ORG FUTURE - Token created for $participant_type " . implode(",", $validAddresses)); |
|
| 147 | + break; |
|
| 148 | + case OPERATION_MODE_NEWFROMDB: |
|
| 149 | + $redirectDestination = "../overview_federation.php?"; |
|
| 150 | + if (count($validAddresses) == 0) { |
|
| 151 | + header("Location: $redirectDestination"."invitation=INVALIDSYNTAX"); |
|
| 152 | + exit(1); |
|
| 153 | + } |
|
| 154 | + // a real external DB entry was submitted and all the required parameters are there |
|
| 155 | + $newexternalid = $validator->string($_POST['externals']); |
|
| 156 | + $extinfo = $catInstance->getExternalDBEntityDetails($newexternalid); |
|
| 157 | + $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($extinfo['country']); |
|
| 158 | + if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 159 | + throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureParticipant . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!"); |
|
| 160 | + } |
|
| 161 | + $federation = $validator->existingFederation($extinfo['country']); |
|
| 162 | + $newcountry = $extinfo['country']; |
|
| 163 | + // see if the inst name is defined in the currently set language; if not, pick its English name; if N/A, pick the last in the list |
|
| 164 | + $prettyprintname = ""; |
|
| 165 | + foreach ($extinfo['names'] as $lang => $name) { |
|
| 166 | + if ($lang == $languageInstance->getLang()) { |
|
| 167 | + $prettyprintname = $name; |
|
| 168 | + } |
|
| 169 | + } |
|
| 170 | + if ($prettyprintname == "" && isset($extinfo['names']['en'])) { |
|
| 171 | + $prettyprintname = $extinfo['names']['en']; |
|
| 172 | + } |
|
| 173 | + if ($prettyprintname == "") { |
|
| 174 | + foreach ($extinfo['names'] as $name) { |
|
| 175 | + $prettyprintname = $name; |
|
| 176 | + } |
|
| 177 | + } |
|
| 178 | + $participant_type = $extinfo['type']; |
|
| 179 | + // fill the rest of the text |
|
| 180 | + $introtext = "EXISTING-FED"; |
|
| 181 | + // do the token creation magic |
|
| 182 | + $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $prettyprintname, $newexternalid); |
|
| 183 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE - Token created for " . implode(",", $validAddresses)); |
|
| 184 | + break; |
|
| 185 | + default: // includes OPERATION_MODE_INVALID |
|
| 186 | + // second param is TRUE, so the variable *will* contain a string |
|
| 187 | + // i.e. ignore Scrutinizer type warning later |
|
| 188 | + $wrongcontent = print_r($_POST, TRUE); |
|
| 189 | + echo "<pre>Wrong parameters in POST: |
|
| 190 | 190 | " . htmlspecialchars(/** @scrutinizer ignore-type */ $wrongcontent) . " |
| 191 | 191 | </pre>"; |
| 192 | - exit(1); |
|
| 192 | + exit(1); |
|
| 193 | 193 | } |
| 194 | 194 | |
| 195 | 195 | // send, and invalidate the token immediately if the mail could not be sent! |
@@ -20,7 +20,7 @@ discard block |
||
| 20 | 20 | * <base_url>/copyright.php after deploying the software |
| 21 | 21 | */ |
| 22 | 22 | |
| 23 | -require_once dirname(dirname(dirname(__DIR__))) . "/config/_config.php"; |
|
| 23 | +require_once dirname(dirname(dirname(__DIR__)))."/config/_config.php"; |
|
| 24 | 24 | |
| 25 | 25 | $auth = new \web\lib\admin\Authentication(); |
| 26 | 26 | $auth->authenticate(); |
@@ -102,9 +102,9 @@ discard block |
||
| 102 | 102 | $idp = $validator->existingIdP($_GET['inst_id']); |
| 103 | 103 | // editing IdPs is done from within the popup. When we're done, send the |
| 104 | 104 | // user back to the popup (append the result of the operation later) |
| 105 | - $redirectDestination = "manageAdmins.inc.php?inst_id=" . $idp->identifier . "&"; |
|
| 105 | + $redirectDestination = "manageAdmins.inc.php?inst_id=".$idp->identifier."&"; |
|
| 106 | 106 | if (count($validAddresses) == 0) { |
| 107 | - header("Location: $redirectDestination" . "invitation=INVALIDSYNTAX"); |
|
| 107 | + header("Location: $redirectDestination"."invitation=INVALIDSYNTAX"); |
|
| 108 | 108 | exit(1); |
| 109 | 109 | } |
| 110 | 110 | // is the user primary admin of this IdP? |
@@ -113,13 +113,13 @@ discard block |
||
| 113 | 113 | $fedadmin = $userObject->isFederationAdmin($idp->federation); |
| 114 | 114 | // check if he is either one, if not, complain |
| 115 | 115 | if (!$is_owner && !$fedadmin) { |
| 116 | - echo "<p>" . sprintf(_("Something's wrong... you are a %s admin, but not for the %s the requested %s belongs to!"), $uiElements->nomenclatureFed, $uiElements->nomenclatureFed, $uiElements->nomenclatureParticipant) . "</p>"; |
|
| 116 | + echo "<p>".sprintf(_("Something's wrong... you are a %s admin, but not for the %s the requested %s belongs to!"), $uiElements->nomenclatureFed, $uiElements->nomenclatureFed, $uiElements->nomenclatureParticipant)."</p>"; |
|
| 117 | 117 | exit(1); |
| 118 | 118 | } |
| 119 | 119 | |
| 120 | 120 | $prettyprintname = $idp->name; |
| 121 | 121 | $newtokens = $mgmt->createTokens($fedadmin, $validAddresses, $idp); |
| 122 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP " . $idp->identifier . " - Token created for " . implode(",", $validAddresses)); |
|
| 122 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP ".$idp->identifier." - Token created for ".implode(",", $validAddresses)); |
|
| 123 | 123 | $introtext = "CO-ADMIN"; |
| 124 | 124 | $participant_type = $idp->type; |
| 125 | 125 | break; |
@@ -135,7 +135,7 @@ discard block |
||
| 135 | 135 | $participant_type = $validator->partType($_POST['participant_type']); |
| 136 | 136 | $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($newcountry); |
| 137 | 137 | if ($new_idp_authorized_fedadmin !== TRUE) { |
| 138 | - throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureParticipant . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!"); |
|
| 138 | + throw new Exception("Something's wrong... you want to create a new ".$uiElements->nomenclatureParticipant.", but are not a ".$uiElements->nomenclatureFed." admin for the ".$uiElements->nomenclatureFed." it should be in!"); |
|
| 139 | 139 | } |
| 140 | 140 | $federation = $validator->existingFederation($newcountry); |
| 141 | 141 | $prettyprintname = $newinstname; |
@@ -143,7 +143,7 @@ discard block |
||
| 143 | 143 | // send the user back to his federation overview page, append the result of the operation later |
| 144 | 144 | // do the token creation magic |
| 145 | 145 | $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $newinstname, 0, $newcountry, $participant_type); |
| 146 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "ORG FUTURE - Token created for $participant_type " . implode(",", $validAddresses)); |
|
| 146 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "ORG FUTURE - Token created for $participant_type ".implode(",", $validAddresses)); |
|
| 147 | 147 | break; |
| 148 | 148 | case OPERATION_MODE_NEWFROMDB: |
| 149 | 149 | $redirectDestination = "../overview_federation.php?"; |
@@ -156,7 +156,7 @@ discard block |
||
| 156 | 156 | $extinfo = $catInstance->getExternalDBEntityDetails($newexternalid); |
| 157 | 157 | $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($extinfo['country']); |
| 158 | 158 | if ($new_idp_authorized_fedadmin !== TRUE) { |
| 159 | - throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureParticipant . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!"); |
|
| 159 | + throw new Exception("Something's wrong... you want to create a new ".$uiElements->nomenclatureParticipant.", but are not a ".$uiElements->nomenclatureFed." admin for the ".$uiElements->nomenclatureFed." it should be in!"); |
|
| 160 | 160 | } |
| 161 | 161 | $federation = $validator->existingFederation($extinfo['country']); |
| 162 | 162 | $newcountry = $extinfo['country']; |
@@ -180,14 +180,14 @@ discard block |
||
| 180 | 180 | $introtext = "EXISTING-FED"; |
| 181 | 181 | // do the token creation magic |
| 182 | 182 | $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $prettyprintname, $newexternalid); |
| 183 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE - Token created for " . implode(",", $validAddresses)); |
|
| 183 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE - Token created for ".implode(",", $validAddresses)); |
|
| 184 | 184 | break; |
| 185 | 185 | default: // includes OPERATION_MODE_INVALID |
| 186 | 186 | // second param is TRUE, so the variable *will* contain a string |
| 187 | 187 | // i.e. ignore Scrutinizer type warning later |
| 188 | 188 | $wrongcontent = print_r($_POST, TRUE); |
| 189 | 189 | echo "<pre>Wrong parameters in POST: |
| 190 | -" . htmlspecialchars(/** @scrutinizer ignore-type */ $wrongcontent) . " |
|
| 190 | +" . htmlspecialchars(/** @scrutinizer ignore-type */ $wrongcontent)." |
|
| 191 | 191 | </pre>"; |
| 192 | 192 | exit(1); |
| 193 | 193 | } |
@@ -212,14 +212,14 @@ discard block |
||
| 212 | 212 | } |
| 213 | 213 | |
| 214 | 214 | if (count($status) == 0) { |
| 215 | - header("Location: $redirectDestination" . "invitation=FAILURE"); |
|
| 215 | + header("Location: $redirectDestination"."invitation=FAILURE"); |
|
| 216 | 216 | exit; |
| 217 | 217 | } |
| 218 | 218 | $finalDestParams = "invitation=SUCCESS"; |
| 219 | 219 | if (count($status) < count($totalSegments)) { // only a subset of mails was sent, update status |
| 220 | 220 | $finalDestParams = "invitation=PARTIAL"; |
| 221 | 221 | } |
| 222 | -$finalDestParams .= "&successcount=" . count($status); |
|
| 222 | +$finalDestParams .= "&successcount=".count($status); |
|
| 223 | 223 | if ($allEncrypted === TRUE) { |
| 224 | 224 | $finalDestParams .= "&transportsecurity=ENCRYPTED"; |
| 225 | 225 | } elseif ($allClear === TRUE) { |
@@ -228,4 +228,4 @@ discard block |
||
| 228 | 228 | $finalDestParams .= "&transportsecurity=PARTIAL"; |
| 229 | 229 | } |
| 230 | 230 | |
| 231 | -header("Location: $redirectDestination" . $finalDestParams); |
|
| 231 | +header("Location: $redirectDestination".$finalDestParams); |
|
@@ -20,7 +20,7 @@ discard block |
||
| 20 | 20 | */ |
| 21 | 21 | ?> |
| 22 | 22 | <?php |
| 23 | -require_once dirname(dirname(dirname(dirname(__FILE__)))) . "/config/_config.php"; |
|
| 23 | +require_once dirname(dirname(dirname(dirname(__FILE__))))."/config/_config.php"; |
|
| 24 | 24 | |
| 25 | 25 | $auth = new \web\lib\admin\Authentication(); |
| 26 | 26 | $auth->authenticate(); |
@@ -35,7 +35,7 @@ discard block |
||
| 35 | 35 | |
| 36 | 36 | // if we have a pushed close button, submit attributes and send user back to the overview page |
| 37 | 37 | // if external DB sync is disabled globally, the user never gets to this page. If he came here *anyway* -> send him back immediately. |
| 38 | -if ((isset($_POST['submitbutton']) && $_POST['submitbutton'] == web\lib\common\FormElements::BUTTON_CLOSE ) || \config\Master::DB['enforce-external-sync'] == FALSE) { |
|
| 38 | +if ((isset($_POST['submitbutton']) && $_POST['submitbutton'] == web\lib\common\FormElements::BUTTON_CLOSE) || \config\Master::DB['enforce-external-sync'] == FALSE) { |
|
| 39 | 39 | header("Location: ../overview_federation.php"); |
| 40 | 40 | exit; |
| 41 | 41 | } |
@@ -92,9 +92,9 @@ discard block |
||
| 92 | 92 | $cat = new \core\CAT(); |
| 93 | 93 | switch ($my_inst->getExternalDBSyncState()) { |
| 94 | 94 | case \core\IdP::EXTERNAL_DB_SYNCSTATE_SYNCED: |
| 95 | - printf(_("This %s is linked to the %s database."), $uiElements->nomenclatureParticipant, \config\ConfAssistant::CONSORTIUM['display_name']) . "</p>"; |
|
| 96 | - echo "<p>" . sprintf(_("The following information about the IdP is stored in the %s DB and %s DB:"), \config\Master::APPEARANCE['productname'], \config\ConfAssistant::CONSORTIUM['display_name']) . "</p>"; |
|
| 97 | - echo "<table><tr><td>" . sprintf(_("Information in <strong>%s Database</strong>"), \config\Master::APPEARANCE['productname']) . "</td><td>" . sprintf(_("Information in <strong>%s Database</strong>"), \config\ConfAssistant::CONSORTIUM['display_name']) . "</td></tr>"; |
|
| 95 | + printf(_("This %s is linked to the %s database."), $uiElements->nomenclatureParticipant, \config\ConfAssistant::CONSORTIUM['display_name'])."</p>"; |
|
| 96 | + echo "<p>".sprintf(_("The following information about the IdP is stored in the %s DB and %s DB:"), \config\Master::APPEARANCE['productname'], \config\ConfAssistant::CONSORTIUM['display_name'])."</p>"; |
|
| 97 | + echo "<table><tr><td>".sprintf(_("Information in <strong>%s Database</strong>"), \config\Master::APPEARANCE['productname'])."</td><td>".sprintf(_("Information in <strong>%s Database</strong>"), \config\ConfAssistant::CONSORTIUM['display_name'])."</td></tr>"; |
|
| 98 | 98 | echo "<tr><td>"; |
| 99 | 99 | // left-hand side: CAT DB |
| 100 | 100 | echo "<table>"; |
@@ -106,7 +106,7 @@ discard block |
||
| 106 | 106 | } else { |
| 107 | 107 | $language = \config\Master::LANGUAGES[$name['lang']]['display'] ?? "(unsupported language)"; |
| 108 | 108 | } |
| 109 | - echo "<tr><td>" . sprintf(_("%s Name (%s)"), $uiElements->nomenclatureParticipant, $language) . "</td><td>" . $name['value'] . "</td></tr>"; |
|
| 109 | + echo "<tr><td>".sprintf(_("%s Name (%s)"), $uiElements->nomenclatureParticipant, $language)."</td><td>".$name['value']."</td></tr>"; |
|
| 110 | 110 | } |
| 111 | 111 | |
| 112 | 112 | $admins = $my_inst->listOwners(); |
@@ -117,7 +117,7 @@ discard block |
||
| 117 | 117 | if (count($username) == 0) { |
| 118 | 118 | $username[0]['value'] = _("Unnamed User"); |
| 119 | 119 | } |
| 120 | - echo "<tr><td>" . _("Administrator [invited as]") . "</td><td>" . $username[0]['value'] . " [" . $admin['MAIL'] . "]</td></tr>"; |
|
| 120 | + echo "<tr><td>"._("Administrator [invited as]")."</td><td>".$username[0]['value']." [".$admin['MAIL']."]</td></tr>"; |
|
| 121 | 121 | } |
| 122 | 122 | echo "</table>"; |
| 123 | 123 | // end of left-hand side |
@@ -125,38 +125,38 @@ discard block |
||
| 125 | 125 | // right-hand side: external DB |
| 126 | 126 | $externalid = $my_inst->getExternalDBId(); |
| 127 | 127 | if (is_bool($externalid)) { // we are in SYNCED state so this cannot happen |
| 128 | - throw new Exception("We are in SYNCSTATE_SYNCED but still there is no external DB Id available for the " . $uiElements->nomenclatureParticipant . "!"); |
|
| 128 | + throw new Exception("We are in SYNCSTATE_SYNCED but still there is no external DB Id available for the ".$uiElements->nomenclatureParticipant."!"); |
|
| 129 | 129 | } |
| 130 | 130 | |
| 131 | 131 | $extinfo = $cat->getExternalDBEntityDetails($externalid); |
| 132 | 132 | |
| 133 | 133 | echo "<table>"; |
| 134 | 134 | foreach ($extinfo['names'] as $lang => $name) { |
| 135 | - echo "<tr><td>" . sprintf(_("%s Name (%s)"), $uiElements->nomenclatureParticipant, $lang) . "</td><td>$name</td>"; |
|
| 135 | + echo "<tr><td>".sprintf(_("%s Name (%s)"), $uiElements->nomenclatureParticipant, $lang)."</td><td>$name</td>"; |
|
| 136 | 136 | } |
| 137 | 137 | foreach ($extinfo['admins'] as $number => $admin_details) { |
| 138 | - echo "<tr><td>" . _("Administrator email") . "</td><td>" . $admin_details['email'] . "</td></tr>"; |
|
| 138 | + echo "<tr><td>"._("Administrator email")."</td><td>".$admin_details['email']."</td></tr>"; |
|
| 139 | 139 | } |
| 140 | 140 | echo "</table>"; |
| 141 | 141 | // end of right-hand side |
| 142 | 142 | echo "</td></tr></table>"; |
| 143 | - echo "<p>" . _("If this mapping is not correct any more, you can remove the link:") . " "; |
|
| 143 | + echo "<p>"._("If this mapping is not correct any more, you can remove the link:")." "; |
|
| 144 | 144 | echo "<form name='form-unlink-inst' action='inc/manageDBLink.inc.php?inst_id=$my_inst->identifier' method='post' accept-charset='UTF-8'>"; |
| 145 | - echo "<button type='submit' class='delete' name='submitbutton' id='submit' value='" . web\lib\common\FormElements::BUTTON_DELETE . "'>" . _("Unlink") . "</button></form>"; |
|
| 145 | + echo "<button type='submit' class='delete' name='submitbutton' id='submit' value='".web\lib\common\FormElements::BUTTON_DELETE."'>"._("Unlink")."</button></form>"; |
|
| 146 | 146 | break; |
| 147 | 147 | case \core\IdP::EXTERNAL_DB_SYNCSTATE_NOT_SYNCED: |
| 148 | 148 | $temparray = []; |
| 149 | - printf(_("This %s is not yet linked to the %s database."), $uiElements->nomenclatureParticipant, \config\ConfAssistant::CONSORTIUM['display_name']) . " "; |
|
| 150 | - echo "<strong>" . _("This means that its profiles are not made available on the user download page.") . "</strong> "; |
|
| 149 | + printf(_("This %s is not yet linked to the %s database."), $uiElements->nomenclatureParticipant, \config\ConfAssistant::CONSORTIUM['display_name'])." "; |
|
| 150 | + echo "<strong>"._("This means that its profiles are not made available on the user download page.")."</strong> "; |
|
| 151 | 151 | printf(_("You can link it to the %s database below."), \config\ConfAssistant::CONSORTIUM['display_name']); |
| 152 | 152 | $candidates = $my_inst->getExternalDBSyncCandidates($my_inst->type); |
| 153 | 153 | echo "<br/><form name='form-link-inst' action='inc/manageDBLink.inc.php?inst_id=$my_inst->identifier' method='post' accept-charset='UTF-8'>"; |
| 154 | - printf(_("Please select an entity from the %s DB which corresponds to this CAT %s."), \config\ConfAssistant::CONSORTIUM['display_name'], $uiElements->nomenclatureParticipant) . " "; |
|
| 154 | + printf(_("Please select an entity from the %s DB which corresponds to this CAT %s."), \config\ConfAssistant::CONSORTIUM['display_name'], $uiElements->nomenclatureParticipant)." "; |
|
| 155 | 155 | if (count($candidates) > 0) { |
| 156 | 156 | printf(_("Particularly promising entries (names in CAT and %s DB are a 100%% match) are on top of the list."), \config\ConfAssistant::CONSORTIUM['display_name']); |
| 157 | 157 | } |
| 158 | 158 | echo "<table>"; |
| 159 | - echo "<tr><th>" . _("Link to this entity?") . "</th><th>" . sprintf(_("%s Name"), $uiElements->nomenclatureParticipant) . "</th><th>" . _("Administrators") . "</th></tr>"; |
|
| 159 | + echo "<tr><th>"._("Link to this entity?")."</th><th>".sprintf(_("%s Name"), $uiElements->nomenclatureParticipant)."</th><th>"._("Administrators")."</th></tr>"; |
|
| 160 | 160 | |
| 161 | 161 | foreach ($candidates as $candidate) { |
| 162 | 162 | $info = $cat->getExternalDBEntityDetails($candidate); |
@@ -166,7 +166,7 @@ discard block |
||
| 166 | 166 | } |
| 167 | 167 | echo "</td><td>"; |
| 168 | 168 | foreach ($info['admins'] as $number => $admin_details) { |
| 169 | - echo "[E-Mail] " . $admin_details['email'] . "<br/>"; |
|
| 169 | + echo "[E-Mail] ".$admin_details['email']."<br/>"; |
|
| 170 | 170 | } |
| 171 | 171 | echo "</td></tr>"; |
| 172 | 172 | $temparray[] = $candidate; |
@@ -178,7 +178,7 @@ discard block |
||
| 178 | 178 | $buffer = ""; |
| 179 | 179 | |
| 180 | 180 | foreach ($unmappedentities as $v) { |
| 181 | - $buffer .= "<option value='" . $v['ID'] . "'>[ID " . $v['ID'] . "] " . $v['name'] . "</option>"; |
|
| 181 | + $buffer .= "<option value='".$v['ID']."'>[ID ".$v['ID']."] ".$v['name']."</option>"; |
|
| 182 | 182 | } |
| 183 | 183 | |
| 184 | 184 | if ($buffer != "") { |
@@ -189,9 +189,9 @@ discard block |
||
| 189 | 189 | } |
| 190 | 190 | // issue a big red warning if there are no link candidates at all in the federation |
| 191 | 191 | if (empty($buffer) && empty($candidates)) { |
| 192 | - echo "<tr><td style='color:#ff0000' colspan='2'>" . sprintf(_('There is no single unmapped %s in the external database for this %s!'), $uiElements->nomenclatureParticipant, $uiElements->nomenclatureFed) . "</td></tr>"; |
|
| 192 | + echo "<tr><td style='color:#ff0000' colspan='2'>".sprintf(_('There is no single unmapped %s in the external database for this %s!'), $uiElements->nomenclatureParticipant, $uiElements->nomenclatureFed)."</td></tr>"; |
|
| 193 | 193 | } |
| 194 | - echo "</table><button type='submit' name='submitbutton' id='submit' value='" . web\lib\common\FormElements::BUTTON_SAVE . "' disabled >" . _("Create Link") . "</button></form>"; |
|
| 194 | + echo "</table><button type='submit' name='submitbutton' id='submit' value='".web\lib\common\FormElements::BUTTON_SAVE."' disabled >"._("Create Link")."</button></form>"; |
|
| 195 | 195 | break; |
| 196 | 196 | default: |
| 197 | 197 | } |
@@ -20,7 +20,7 @@ discard block |
||
| 20 | 20 | */ |
| 21 | 21 | ?> |
| 22 | 22 | <?php |
| 23 | -require_once dirname(dirname(dirname(dirname(__FILE__)))) . "/config/_config.php"; |
|
| 23 | +require_once dirname(dirname(dirname(dirname(__FILE__))))."/config/_config.php"; |
|
| 24 | 24 | |
| 25 | 25 | $auth = new \web\lib\admin\Authentication(); |
| 26 | 26 | $uiElements = new \web\lib\admin\UIElements(); |
@@ -57,30 +57,30 @@ discard block |
||
| 57 | 57 | <?php |
| 58 | 58 | echo sprintf(_("On this page, you can add a new %s to your %s. Please fill out the form below to send out an email invitation to the new %s administrator."), $uiElements->nomenclatureParticipant, $uiElements->nomenclatureFed, $uiElements->nomenclatureParticipant); |
| 59 | 59 | if (\config\Master::DB['enforce-external-sync']) { |
| 60 | - echo "<p>" . sprintf(_("You can either register a known %s (as defined in the %s database) or create a totally new %s."), $uiElements->nomenclatureParticipant, \config\ConfAssistant::CONSORTIUM['display_name'], $uiElements->nomenclatureParticipant) . "</p>"; |
|
| 61 | - echo "<p>" . sprintf(_("The latter one is typically for an %s which is yet in a testing phase and therefore doesn't appear in the %s database yet."), $uiElements->nomenclatureParticipant, \config\ConfAssistant::CONSORTIUM['display_name']) . "</p>"; |
|
| 60 | + echo "<p>".sprintf(_("You can either register a known %s (as defined in the %s database) or create a totally new %s."), $uiElements->nomenclatureParticipant, \config\ConfAssistant::CONSORTIUM['display_name'], $uiElements->nomenclatureParticipant)."</p>"; |
|
| 61 | + echo "<p>".sprintf(_("The latter one is typically for an %s which is yet in a testing phase and therefore doesn't appear in the %s database yet."), $uiElements->nomenclatureParticipant, \config\ConfAssistant::CONSORTIUM['display_name'])."</p>"; |
|
| 62 | 62 | } |
| 63 | 63 | ?> |
| 64 | 64 | <hr/> |
| 65 | 65 | <img alt='Loading ...' src='../resources/images/icons/loading51.gif' id='spin' style='position:absolute;left: 50%; top: 50%; transform: translate(-100px, -50px); display:none;'> |
| 66 | 66 | <form name='sendinvite' action='inc/sendinvite.inc.php' method='post' accept-charset='UTF-8'> |
| 67 | 67 | <table> |
| 68 | - <caption><?php echo _("Invitation Details");?></caption> |
|
| 68 | + <caption><?php echo _("Invitation Details"); ?></caption> |
|
| 69 | 69 | <tr> |
| 70 | - <th class="wai-invisible" scope="col"><?php echo _("From database or ad-hoc?");?></th> |
|
| 71 | - <th class="wai-invisible" scope="col"><?php echo _("Name");?></th> |
|
| 72 | - <th class="wai-invisible" scope="col"><?php echo _("Type");?></th> |
|
| 73 | - <th class="wai-invisible" scope="col"><?php echo _("Country");?></th> |
|
| 70 | + <th class="wai-invisible" scope="col"><?php echo _("From database or ad-hoc?"); ?></th> |
|
| 71 | + <th class="wai-invisible" scope="col"><?php echo _("Name"); ?></th> |
|
| 72 | + <th class="wai-invisible" scope="col"><?php echo _("Type"); ?></th> |
|
| 73 | + <th class="wai-invisible" scope="col"><?php echo _("Country"); ?></th> |
|
| 74 | 74 | </tr> |
| 75 | 75 | <?php |
| 76 | 76 | if (\config\Master::DB['enforce-external-sync']) { |
| 77 | 77 | echo "<tr><td> |
| 78 | - <input type='radio' name='creation' value='existing'>" . sprintf(_("Existing %s:"), $uiElements->nomenclatureParticipant) . "</input> |
|
| 78 | + <input type='radio' name='creation' value='existing'>" . sprintf(_("Existing %s:"), $uiElements->nomenclatureParticipant)."</input> |
|
| 79 | 79 | </td>"; |
| 80 | 80 | |
| 81 | 81 | echo "<td colspan='3'> |
| 82 | 82 | <select id='externals' name='externals' onchange='document.sendinvite.creation[0].checked=true; document.sendinvite.mailaddr.value=this.options[this.selectedIndex].id;'> |
| 83 | - <option value='FREETEXT'>" . sprintf(_("--- select %s here ---"),$uiElements->nomenclatureParticipant) . "</option>"; |
|
| 83 | + <option value='FREETEXT'>" . sprintf(_("--- select %s here ---"), $uiElements->nomenclatureParticipant)."</option>"; |
|
| 84 | 84 | |
| 85 | 85 | foreach ($feds as $fed_value) { |
| 86 | 86 | $thefed = new \core\Federation(strtoupper($fed_value['value'])); |
@@ -89,7 +89,7 @@ discard block |
||
| 89 | 89 | $entities = $thefed->listExternalEntities(TRUE, NULL); |
| 90 | 90 | |
| 91 | 91 | foreach ($entities as $v) { |
| 92 | - echo "<option id='" . $v['contactlist'] . "' value='" . $v['ID'] . "'>[" . $fed_value['value'] . "] " . $v['name'] . "</option>"; |
|
| 92 | + echo "<option id='".$v['contactlist']."' value='".$v['ID']."'>[".$fed_value['value']."] ".$v['name']."</option>"; |
|
| 93 | 93 | } |
| 94 | 94 | } |
| 95 | 95 | |
@@ -98,16 +98,16 @@ discard block |
||
| 98 | 98 | ?> |
| 99 | 99 | <tr> |
| 100 | 100 | <td> |
| 101 | - <input type='radio' name='creation' value='new'><?php echo sprintf(_("New %s"),$uiElements->nomenclatureParticipant); ?></input> |
|
| 101 | + <input type='radio' name='creation' value='new'><?php echo sprintf(_("New %s"), $uiElements->nomenclatureParticipant); ?></input> |
|
| 102 | 102 | </td> |
| 103 | 103 | <td> |
| 104 | 104 | <?php echo _("Name"); ?><input type='text' size='30' id='name' name='name' onchange='document.sendinvite.creation[1].checked = true'/> |
| 105 | 105 | </td> |
| 106 | 106 | <td> |
| 107 | 107 | <select name="participant_type"> |
| 108 | - <option value="IdPSP" selected><?php printf(_("%s and %s"),$uiElements->nomenclatureIdP, $uiElements->nomenclatureHotspot)?></option> |
|
| 109 | - <option value="IdP"><?php printf(_("%s"),$uiElements->nomenclatureIdP)?></option> |
|
| 110 | - <option value="SP"><?php printf(_("%s"),$uiElements->nomenclatureHotspot)?></option> |
|
| 108 | + <option value="IdPSP" selected><?php printf(_("%s and %s"), $uiElements->nomenclatureIdP, $uiElements->nomenclatureHotspot)?></option> |
|
| 109 | + <option value="IdP"><?php printf(_("%s"), $uiElements->nomenclatureIdP)?></option> |
|
| 110 | + <option value="SP"><?php printf(_("%s"), $uiElements->nomenclatureHotspot)?></option> |
|
| 111 | 111 | </select> |
| 112 | 112 | </td> |
| 113 | 113 | <td><?php echo $uiElements->nomenclatureFed; ?> |
