GEANT /
CAT
@@ -44,7 +44,7 @@ discard block |
||
| 44 | 44 | $admins = $this_fed->listFederationAdmins(); |
| 45 | 45 | $mailtext = "Hello, |
| 46 | 46 | |
| 47 | -invitation tokens for the following new ". CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'] ." have recently expired: |
|
| 47 | +invitation tokens for the following new ". CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'] . " have recently expired: |
|
| 48 | 48 | |
| 49 | 49 | "; |
| 50 | 50 | foreach ($listofinstnames as $instname) { |
@@ -54,7 +54,7 @@ discard block |
||
| 54 | 54 | if ($numberofexistingidps > 0) { |
| 55 | 55 | $mailtext .= " |
| 56 | 56 | |
| 57 | -Additionally, $numberofexistingidps invitations for an existing ". CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution']." have expired. |
|
| 57 | +Additionally, $numberofexistingidps invitations for an existing " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_institution'] . " have expired. |
|
| 58 | 58 | "; |
| 59 | 59 | } |
| 60 | 60 | $mailtext .= " |
@@ -128,7 +128,6 @@ |
||
| 128 | 128 | * - RETVAL_NOTCONFIGURED; needs CONFIG_DIAGNOSTICS['RADIUSTESTS']['TLS-discoverytag'] |
| 129 | 129 | * - RETVAL_INVALID (at least one format error) |
| 130 | 130 | * - RETVAL_OK (all fine) |
| 131 | - |
|
| 132 | 131 | * @return int one of two RETVALs above |
| 133 | 132 | */ |
| 134 | 133 | public function NAPTR_compliance() { |
@@ -63,7 +63,7 @@ |
||
| 63 | 63 | $this->entityOptionTable = "institution_option"; |
| 64 | 64 | $this->entityIdColumn = "institution_id"; |
| 65 | 65 | if (!is_numeric($instId)) { |
| 66 | - throw new Exception("An ".CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_inst']." is identified by an integer index!"); |
|
| 66 | + throw new Exception("An " . CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_inst'] . " is identified by an integer index!"); |
|
| 67 | 67 | } |
| 68 | 68 | $this->identifier = (int) $instId; |
| 69 | 69 | |
@@ -169,8 +169,7 @@ |
||
| 169 | 169 | _("and enter the invitation token") . " |
| 170 | 170 | $newtoken |
| 171 | 171 | " . ( /* $new_idp_authorized_fedadmin */ FALSE ? |
| 172 | - wordwrap(sprintf(_("manually. If you reply to this mail, you will reach your %s administrators."), $uiElements->nomenclature_fed), 72) : |
|
| 173 | - wordwrap(_("manually. Please do not reply to this mail; this is a send-only address.")) ) . " |
|
| 172 | + wordwrap(sprintf(_("manually. If you reply to this mail, you will reach your %s administrators."), $uiElements->nomenclature_fed), 72) : wordwrap(_("manually. Please do not reply to this mail; this is a send-only address.")) ) . " |
|
| 174 | 173 | |
| 175 | 174 | " . wordwrap(_("Do NOT forward the mail before the token has expired - or the recipients may be able to consume the token on your behalf!"), 72) . " |
| 176 | 175 | |
@@ -77,90 +77,90 @@ |
||
| 77 | 77 | } |
| 78 | 78 | |
| 79 | 79 | switch ($operationMode) { |
| 80 | - case OPERATION_MODE_EDIT: |
|
| 81 | - $idp = $validator->IdP($_GET['inst_id']); |
|
| 82 | - // editing IdPs is done from within the popup. When we're done, send the |
|
| 83 | - // user back to the popup (append the result of the operation later) |
|
| 84 | - $redirect_destination = "manageAdmins.inc.php?inst_id=" . $idp->identifier . "&"; |
|
| 85 | - $mailaddress = abortOnBogusMail($newmailaddress, $redirect_destination); |
|
| 86 | - // is the user admin of this IdP? |
|
| 87 | - $is_owner = FALSE; |
|
| 88 | - $owners = $idp->owner(); |
|
| 89 | - foreach ($owners as $oneowner) { |
|
| 90 | - if ($oneowner['ID'] == $_SESSION['user'] && $oneowner['LEVEL'] == "FED") { |
|
| 91 | - $is_owner = TRUE; |
|
| 80 | + case OPERATION_MODE_EDIT: |
|
| 81 | + $idp = $validator->IdP($_GET['inst_id']); |
|
| 82 | + // editing IdPs is done from within the popup. When we're done, send the |
|
| 83 | + // user back to the popup (append the result of the operation later) |
|
| 84 | + $redirect_destination = "manageAdmins.inc.php?inst_id=" . $idp->identifier . "&"; |
|
| 85 | + $mailaddress = abortOnBogusMail($newmailaddress, $redirect_destination); |
|
| 86 | + // is the user admin of this IdP? |
|
| 87 | + $is_owner = FALSE; |
|
| 88 | + $owners = $idp->owner(); |
|
| 89 | + foreach ($owners as $oneowner) { |
|
| 90 | + if ($oneowner['ID'] == $_SESSION['user'] && $oneowner['LEVEL'] == "FED") { |
|
| 91 | + $is_owner = TRUE; |
|
| 92 | + } |
|
| 93 | + } |
|
| 94 | + // check if he is (also) federation admin for the federation this IdP is in. His invitations have more blessing then. |
|
| 95 | + $fedadmin = $userObject->isFederationAdmin($idp->federation); |
|
| 96 | + // check if he is either one, if not, complain |
|
| 97 | + if (!$is_owner && !$fedadmin) { |
|
| 98 | + echo "<p>" . sprintf(_("Something's wrong... you are a %s admin, but not for the %s the requested %s belongs to!"), $uiElements->nomenclature_fed, $uiElements->nomenclature_fed, $uiElements->nomenclature_inst) . "</p>"; |
|
| 99 | + exit(1); |
|
| 92 | 100 | } |
| 93 | - } |
|
| 94 | - // check if he is (also) federation admin for the federation this IdP is in. His invitations have more blessing then. |
|
| 95 | - $fedadmin = $userObject->isFederationAdmin($idp->federation); |
|
| 96 | - // check if he is either one, if not, complain |
|
| 97 | - if (!$is_owner && !$fedadmin) { |
|
| 98 | - echo "<p>" . sprintf(_("Something's wrong... you are a %s admin, but not for the %s the requested %s belongs to!"), $uiElements->nomenclature_fed, $uiElements->nomenclature_fed, $uiElements->nomenclature_inst) . "</p>"; |
|
| 99 | - exit(1); |
|
| 100 | - } |
|
| 101 | 101 | |
| 102 | - $prettyprintname = $idp->name; |
|
| 103 | - $newtoken = $mgmt->createToken($fedadmin, $mailaddress, $idp); |
|
| 104 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP " . $idp->identifier . " - Token created for " . $mailaddress); |
|
| 105 | - $introtext = sprintf(_("a %s of the %s %s \"%s\" has invited you to manage the %s together with him."), $uiElements->nomenclature_fed, CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], $uiElements->nomenclature_inst, $prettyprintname, $uiElements->nomenclature_inst) . " " . sprintf(_("This invitation is valid for 24 hours from now, i.e. until %s."), strftime("%x %X", time() + 86400)); |
|
| 106 | - break; |
|
| 107 | - case OPERATION_MODE_NEWUNLINKED: |
|
| 108 | - $redirect_destination = "../overview_federation.php?"; |
|
| 109 | - $mailaddress = abortOnBogusMail($newmailaddress, $redirect_destination); |
|
| 110 | - // run an input check and conversion of the raw inputs... just in case |
|
| 111 | - $newinstname = $validator->string($_POST['name']); |
|
| 112 | - $newcountry = $validator->string($_POST['country']); |
|
| 113 | - $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($newcountry); |
|
| 114 | - if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 115 | - throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclature_inst . ", but are not a " . $uiElements->nomenclature_fed . " admin for the " . $uiElements->nomenclature_fed . " it should be in!"); |
|
| 116 | - } |
|
| 117 | - $federation = $validator->Federation($newcountry); |
|
| 118 | - $prettyprintname = $newinstname; |
|
| 119 | - $introtext = sprintf(_("a %s %s has invited you to manage the future %s \"%s\" (%s)."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], $uiElements->nomenclature_fed, $uiElements->nomenclature_inst, $prettyprintname, $newcountry) . " " . sprintf(_("This invitation is valid for 24 hours from now, i.e. until %s."), strftime("%x %X", time() + 86400)); |
|
| 120 | - // send the user back to his federation overview page, append the result of the operation later |
|
| 121 | - // do the token creation magic |
|
| 122 | - $newtoken = $mgmt->createToken(TRUE, $mailaddress, $newinstname, 0, $newcountry); |
|
| 123 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE - Token created for " . $mailaddress); |
|
| 124 | - break; |
|
| 125 | - case OPERATION_MODE_NEWFROMDB: |
|
| 126 | - $redirect_destination = "../overview_federation.php?"; |
|
| 127 | - $mailaddress = abortOnBogusMail($newmailaddress, $redirect_destination); |
|
| 128 | - // a real external DB entry was submitted and all the required parameters are there |
|
| 129 | - $newexternalid = $validator->string($_POST['externals']); |
|
| 130 | - $extinfo = $catInstance->getExternalDBEntityDetails($newexternalid); |
|
| 131 | - $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($extinfo['country']); |
|
| 132 | - if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 133 | - throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclature_inst . ", but are not a " . $uiElements->nomenclature_fed . " admin for the " . $uiElements->nomenclature_fed . " it should be in!"); |
|
| 134 | - } |
|
| 135 | - $federation = $validator->Federation($extinfo['country']); |
|
| 136 | - $newcountry = $extinfo['country']; |
|
| 137 | - // see if the inst name is defined in the currently set language; if not, pick its English name; if N/A, pick the last in the list |
|
| 138 | - $prettyprintname = ""; |
|
| 139 | - foreach ($extinfo['names'] as $lang => $name) { |
|
| 140 | - if ($lang == $languageInstance->getLang()) { |
|
| 141 | - $prettyprintname = $name; |
|
| 102 | + $prettyprintname = $idp->name; |
|
| 103 | + $newtoken = $mgmt->createToken($fedadmin, $mailaddress, $idp); |
|
| 104 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP " . $idp->identifier . " - Token created for " . $mailaddress); |
|
| 105 | + $introtext = sprintf(_("a %s of the %s %s \"%s\" has invited you to manage the %s together with him."), $uiElements->nomenclature_fed, CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], $uiElements->nomenclature_inst, $prettyprintname, $uiElements->nomenclature_inst) . " " . sprintf(_("This invitation is valid for 24 hours from now, i.e. until %s."), strftime("%x %X", time() + 86400)); |
|
| 106 | + break; |
|
| 107 | + case OPERATION_MODE_NEWUNLINKED: |
|
| 108 | + $redirect_destination = "../overview_federation.php?"; |
|
| 109 | + $mailaddress = abortOnBogusMail($newmailaddress, $redirect_destination); |
|
| 110 | + // run an input check and conversion of the raw inputs... just in case |
|
| 111 | + $newinstname = $validator->string($_POST['name']); |
|
| 112 | + $newcountry = $validator->string($_POST['country']); |
|
| 113 | + $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($newcountry); |
|
| 114 | + if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 115 | + throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclature_inst . ", but are not a " . $uiElements->nomenclature_fed . " admin for the " . $uiElements->nomenclature_fed . " it should be in!"); |
|
| 142 | 116 | } |
| 143 | - } |
|
| 144 | - if ($prettyprintname == "" && isset($extinfo['names']['en'])) { |
|
| 145 | - $prettyprintname = $extinfo['names']['en']; |
|
| 146 | - } |
|
| 147 | - if ($prettyprintname == "") { |
|
| 148 | - foreach ($extinfo['names'] as $name) { |
|
| 149 | - $prettyprintname = $name; |
|
| 117 | + $federation = $validator->Federation($newcountry); |
|
| 118 | + $prettyprintname = $newinstname; |
|
| 119 | + $introtext = sprintf(_("a %s %s has invited you to manage the future %s \"%s\" (%s)."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], $uiElements->nomenclature_fed, $uiElements->nomenclature_inst, $prettyprintname, $newcountry) . " " . sprintf(_("This invitation is valid for 24 hours from now, i.e. until %s."), strftime("%x %X", time() + 86400)); |
|
| 120 | + // send the user back to his federation overview page, append the result of the operation later |
|
| 121 | + // do the token creation magic |
|
| 122 | + $newtoken = $mgmt->createToken(TRUE, $mailaddress, $newinstname, 0, $newcountry); |
|
| 123 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE - Token created for " . $mailaddress); |
|
| 124 | + break; |
|
| 125 | + case OPERATION_MODE_NEWFROMDB: |
|
| 126 | + $redirect_destination = "../overview_federation.php?"; |
|
| 127 | + $mailaddress = abortOnBogusMail($newmailaddress, $redirect_destination); |
|
| 128 | + // a real external DB entry was submitted and all the required parameters are there |
|
| 129 | + $newexternalid = $validator->string($_POST['externals']); |
|
| 130 | + $extinfo = $catInstance->getExternalDBEntityDetails($newexternalid); |
|
| 131 | + $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($extinfo['country']); |
|
| 132 | + if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 133 | + throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclature_inst . ", but are not a " . $uiElements->nomenclature_fed . " admin for the " . $uiElements->nomenclature_fed . " it should be in!"); |
|
| 150 | 134 | } |
| 151 | - } |
|
| 152 | - // fill the rest of the text |
|
| 153 | - $introtext = sprintf(_("a %s %s has invited you to manage the %s \"%s\"."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], $uiElements->nomenclature_fed, $uiElements->nomenclature_inst, $prettyprintname) . " " . sprintf(_("This invitation is valid for 24 hours from now, i.e. until %s."), strftime("%x %X", time() + 86400)); |
|
| 154 | - // do the token creation magic |
|
| 155 | - $newtoken = $mgmt->createToken(TRUE, $mailaddress, $prettyprintname, $newexternalid); |
|
| 156 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE - Token created for " . $mailaddress); |
|
| 157 | - break; |
|
| 158 | - default: // includes OPERATION_MODE_INVALID |
|
| 159 | - $wrongcontent = print_r($_POST, TRUE); |
|
| 160 | - echo "<pre>Wrong parameters in POST: |
|
| 135 | + $federation = $validator->Federation($extinfo['country']); |
|
| 136 | + $newcountry = $extinfo['country']; |
|
| 137 | + // see if the inst name is defined in the currently set language; if not, pick its English name; if N/A, pick the last in the list |
|
| 138 | + $prettyprintname = ""; |
|
| 139 | + foreach ($extinfo['names'] as $lang => $name) { |
|
| 140 | + if ($lang == $languageInstance->getLang()) { |
|
| 141 | + $prettyprintname = $name; |
|
| 142 | + } |
|
| 143 | + } |
|
| 144 | + if ($prettyprintname == "" && isset($extinfo['names']['en'])) { |
|
| 145 | + $prettyprintname = $extinfo['names']['en']; |
|
| 146 | + } |
|
| 147 | + if ($prettyprintname == "") { |
|
| 148 | + foreach ($extinfo['names'] as $name) { |
|
| 149 | + $prettyprintname = $name; |
|
| 150 | + } |
|
| 151 | + } |
|
| 152 | + // fill the rest of the text |
|
| 153 | + $introtext = sprintf(_("a %s %s has invited you to manage the %s \"%s\"."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], $uiElements->nomenclature_fed, $uiElements->nomenclature_inst, $prettyprintname) . " " . sprintf(_("This invitation is valid for 24 hours from now, i.e. until %s."), strftime("%x %X", time() + 86400)); |
|
| 154 | + // do the token creation magic |
|
| 155 | + $newtoken = $mgmt->createToken(TRUE, $mailaddress, $prettyprintname, $newexternalid); |
|
| 156 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE - Token created for " . $mailaddress); |
|
| 157 | + break; |
|
| 158 | + default: // includes OPERATION_MODE_INVALID |
|
| 159 | + $wrongcontent = print_r($_POST, TRUE); |
|
| 160 | + echo "<pre>Wrong parameters in POST: |
|
| 161 | 161 | " . htmlspecialchars($wrongcontent) . " |
| 162 | 162 | </pre>"; |
| 163 | - exit(1); |
|
| 163 | + exit(1); |
|
| 164 | 164 | } |
| 165 | 165 | // are we on https? |
| 166 | 166 | $proto = "http://"; |
@@ -27,7 +27,7 @@ discard block |
||
| 27 | 27 | |
| 28 | 28 | function disp_name($eap) { |
| 29 | 29 | $displayName = EAP::eapDisplayName($eap); |
| 30 | - return $displayName['OUTER'] . ( $displayName['INNER'] != '' ? '-' . $displayName['INNER'] : ''); |
|
| 30 | + return $displayName['OUTER'] . ($displayName['INNER'] != '' ? '-' . $displayName['INNER'] : ''); |
|
| 31 | 31 | } |
| 32 | 32 | |
| 33 | 33 | if (!isset($_REQUEST['test_type']) || !$_REQUEST['test_type']) { |
@@ -50,7 +50,7 @@ discard block |
||
| 50 | 50 | $testsuite = new \core\diag\RADIUSTests($check_realm, $my_profile->getRealmCheckOuterUsername(), \core\common\EAP::multiConversion($my_profile->getEapMethodsinOrderOfPreference(1)), $my_profile->getCollapsedAttributes()['eap:server_name'], $my_profile->getCollapsedAttributes()['eap:ca_file']); |
| 51 | 51 | } else { |
| 52 | 52 | $my_profile = NULL; |
| 53 | - $testsuite = new \core\diag\RADIUSTests($check_realm, "@".$check_realm); |
|
| 53 | + $testsuite = new \core\diag\RADIUSTests($check_realm, "@" . $check_realm); |
|
| 54 | 54 | } |
| 55 | 55 | |
| 56 | 56 | |
@@ -293,12 +293,12 @@ discard block |
||
| 293 | 293 | $returnarray['time_millisec'] = sprintf("%d", $testsuite->UDP_reachability_result[$host]['time_millisec']); |
| 294 | 294 | |
| 295 | 295 | if (preg_match('/verify error:num=19/', implode($opensslbabble))) { |
| 296 | - $printedres .= "<tr><td>"._("<strong>ERROR</strong>: the server presented a certificate which is from an unknown authority!") . $measure ."</td></tr>"; |
|
| 296 | + $printedres .= "<tr><td>" . _("<strong>ERROR</strong>: the server presented a certificate which is from an unknown authority!") . $measure . "</td></tr>"; |
|
| 297 | 297 | $my_ip_addrs[$key]["status"] = "FAILED"; |
| 298 | 298 | $goterror = 1; |
| 299 | 299 | } |
| 300 | 300 | if (preg_match('/verify return:1/', implode($opensslbabble))) { |
| 301 | - $printedres .= "<tr><td>"._("Completed.") . $measure . "</td></tr>"; |
|
| 301 | + $printedres .= "<tr><td>" . _("Completed.") . $measure . "</td></tr>"; |
|
| 302 | 302 | $printedres .= "<tr><td></td><td><div class=\"more\">"; |
| 303 | 303 | $my_ip_addrs[$key]["status"] = "OK"; |
| 304 | 304 | $servercertRaw = implode("\n", $opensslbabble); |
@@ -59,12 +59,12 @@ discard block |
||
| 59 | 59 | */ |
| 60 | 60 | |
| 61 | 61 | /** |
| 62 | - * Various paths. |
|
| 63 | - * eapol_test: absolute path to the eapol_test executable. If you just fill in "eapol_test" the one from the system $PATH will be taken. |
|
| 64 | - * c_rehash: absolute path to the c_rehash executable. If you just fill in "c_rehash" the one from the system $PATH will be taken. |
|
| 65 | - * See also NSIS_VERSION further down |
|
| 66 | - * @var array |
|
| 67 | - */ |
|
| 62 | + * Various paths. |
|
| 63 | + * eapol_test: absolute path to the eapol_test executable. If you just fill in "eapol_test" the one from the system $PATH will be taken. |
|
| 64 | + * c_rehash: absolute path to the c_rehash executable. If you just fill in "c_rehash" the one from the system $PATH will be taken. |
|
| 65 | + * See also NSIS_VERSION further down |
|
| 66 | + * @var array |
|
| 67 | + */ |
|
| 68 | 68 | 'PATHS' => [ |
| 69 | 69 | 'c_rehash' => 'c_rehash', |
| 70 | 70 | 'eapol_test' => 'eapol_test', |
@@ -101,44 +101,44 @@ discard block |
||
| 101 | 101 | ], |
| 102 | 102 | |
| 103 | 103 | 'TLS-clientcerts' => [ |
| 104 | - 'CA1' => [ |
|
| 104 | + 'CA1' => [ |
|
| 105 | 105 | 'status' => 'ACCREDITED', |
| 106 | 106 | 'issuerCA' => '/DC=org/DC=pki1/CN=PKI 1', |
| 107 | 107 | 'certificates' => [ |
| 108 | - [ |
|
| 108 | + [ |
|
| 109 | 109 | 'status' => 'CORRECT', |
| 110 | 110 | 'public' => 'ca1-client-cert.pem', |
| 111 | 111 | 'private' => 'ca1-client-key.pem', |
| 112 | 112 | 'expected' => 'PASS'], |
| 113 | - [ |
|
| 113 | + [ |
|
| 114 | 114 | 'status' => 'WRONGPOLICY', |
| 115 | 115 | 'public' => 'ca1-nopolicy-cert.pem', |
| 116 | 116 | 'private' => 'ca1-nopolicy-key.key', |
| 117 | 117 | 'expected' => 'FAIL'], |
| 118 | - [ |
|
| 118 | + [ |
|
| 119 | 119 | 'status' => 'EXPIRED', |
| 120 | 120 | 'public' => 'ca1-exp.pem', |
| 121 | 121 | 'private' => 'ca1-exp.key', |
| 122 | 122 | 'expected' => 'FAIL'], |
| 123 | - [ |
|
| 123 | + [ |
|
| 124 | 124 | 'status' => 'REVOKED', |
| 125 | 125 | 'public' => 'ca1-revoked.pem', |
| 126 | 126 | 'private' => 'ca1-revoked.key', |
| 127 | 127 | 'expected' => 'FAIL'], |
| 128 | 128 | ] |
| 129 | - ], |
|
| 130 | - 'CA-N' => [ |
|
| 129 | + ], |
|
| 130 | + 'CA-N' => [ |
|
| 131 | 131 | 'status' => 'NONACCREDITED', |
| 132 | 132 | 'issuerCA' => '/DC=org/DC=pkiN/CN=PKI N', |
| 133 | 133 | 'certificates' => [ |
| 134 | - [ |
|
| 134 | + [ |
|
| 135 | 135 | 'status' => 'CORRECT', |
| 136 | 136 | 'public' => 'caN-client-cert.pem', |
| 137 | 137 | 'private' => 'caN-client-cert.key', |
| 138 | 138 | 'expected' => 'FAIL'], |
| 139 | - ] |
|
| 140 | - ] |
|
| 141 | - ], |
|
| 142 | - 'accreditedCAsURL' => '', |
|
| 139 | + ] |
|
| 140 | + ] |
|
| 141 | + ], |
|
| 142 | + 'accreditedCAsURL' => '', |
|
| 143 | 143 | ], |
| 144 | 144 | ]; |
@@ -84,7 +84,7 @@ discard block |
||
| 84 | 84 | <div class='infobox' style='text-align:center;'> |
| 85 | 85 | <h2><?php echo sprintf(_("QR Code for %s download area"), $uiElements->nomenclature_inst); ?></h2> |
| 86 | 86 | <?php |
| 87 | - $displayurl = ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://') . $_SERVER['SERVER_NAME'] . dirname(dirname($_SERVER['SCRIPT_NAME'])) . "?idp=" . $my_inst->identifier; |
|
| 87 | + $displayurl = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://') . $_SERVER['SERVER_NAME'] . dirname(dirname($_SERVER['SCRIPT_NAME'])) . "?idp=" . $my_inst->identifier; |
|
| 88 | 88 | $uri = "data:image/png;base64," . base64_encode(png_inject_consortium_logo(QRcode::png($displayurl, FALSE, QR_ECLEVEL_Q, 12))); |
| 89 | 89 | $size = getimagesize($uri); |
| 90 | 90 | echo "<img width='" . ($size[0] / 4) . "' height='" . ($size[1] / 4) . "' src='$uri' alt='QR-code'/>"; |
@@ -117,7 +117,7 @@ discard block |
||
| 117 | 117 | </td> |
| 118 | 118 | <td> |
| 119 | 119 | <form action='edit_idp_result.php?inst_id=<?php echo $my_inst->identifier; ?>' method='post' accept-charset='UTF-8'> |
| 120 | - <button class='delete' type='submit' name='submitbutton' value='<?php echo web\lib\admin\FormElements::BUTTON_DELETE; ?>' onclick="return confirm('<?php echo ( CONFIG_CONFASSISTANT['CONSORTIUM']['selfservice_registration'] === NULL ? sprintf(_("After deleting the IdP, you can not recreate it yourself - you need a new invitation token from the %s administrator!"), $uiElements->nomenclature_fed) . " " : "" ) . sprintf(_("Do you really want to delete your %s %s?"), $uiElements->nomenclature_inst, $my_inst->name); ?>')"><?php echo sprintf(_("Delete %s"), $uiElements->nomenclature_inst); ?></button> |
|
| 120 | + <button class='delete' type='submit' name='submitbutton' value='<?php echo web\lib\admin\FormElements::BUTTON_DELETE; ?>' onclick="return confirm('<?php echo (CONFIG_CONFASSISTANT['CONSORTIUM']['selfservice_registration'] === NULL ? sprintf(_("After deleting the IdP, you can not recreate it yourself - you need a new invitation token from the %s administrator!"), $uiElements->nomenclature_fed) . " " : "") . sprintf(_("Do you really want to delete your %s %s?"), $uiElements->nomenclature_inst, $my_inst->name); ?>')"><?php echo sprintf(_("Delete %s"), $uiElements->nomenclature_inst); ?></button> |
|
| 121 | 121 | </form> |
| 122 | 122 | |
| 123 | 123 | </td> |
@@ -326,7 +326,7 @@ discard block |
||
| 326 | 326 | if (isset($URL['device-specific:redirect'])) { |
| 327 | 327 | $displayurl = $URL['device-specific:redirect'][0]; |
| 328 | 328 | } else { |
| 329 | - $displayurl = ( isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://') . $_SERVER['SERVER_NAME'] . dirname(dirname($_SERVER['SCRIPT_NAME'])) . "?idp=" . $my_inst->identifier . "&profile=" . $profile_list->identifier; |
|
| 329 | + $displayurl = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on" ? 'https://' : 'http://') . $_SERVER['SERVER_NAME'] . dirname(dirname($_SERVER['SCRIPT_NAME'])) . "?idp=" . $my_inst->identifier . "&profile=" . $profile_list->identifier; |
|
| 330 | 330 | } |
| 331 | 331 | echo "<a href='$displayurl' style='white-space: nowrap; text-align: center;'>"; |
| 332 | 332 | $uri = "data:image/png;base64," . base64_encode(png_inject_consortium_logo(QRcode::png($displayurl, FALSE, QR_ECLEVEL_Q, 12))); |
@@ -88,7 +88,7 @@ |
||
| 88 | 88 | 'server_suffix' => '.hosted.eduroam.org', |
| 89 | 89 | 'gracetime' => 90, |
| 90 | 90 | 'CA' => ["type" => "embedded"], # OCSP URL needs to be configured in openssl.cnf |
| 91 | - # 'CA' => ["type" => "DFN", "SOAP_API_ENDPOINT" => "http://no.idea.where/"], |
|
| 91 | + # 'CA' => ["type" => "DFN", "SOAP_API_ENDPOINT" => "http://no.idea.where/"], |
|
| 92 | 92 | |
| 93 | 93 | ], |
| 94 | 94 | /** |
@@ -103,13 +103,13 @@ discard block |
||
| 103 | 103 | ], |
| 104 | 104 | |
| 105 | 105 | /** |
| 106 | - * Configuration for GeoIP2 |
|
| 107 | - * Beware, the legacy version does not really work with IPv6 addresses |
|
| 108 | - * version: set to 2 if you wish to use GeoIP2, to 1 for the legacy version or set to 0 to turn off geolocation service |
|
| 109 | - * geoip2-path-to-autoloader: points to the GeoIP2 autoloader |
|
| 110 | - * geoip2-path-to-db: points to the GeoIP2 city database |
|
| 111 | - * @var array |
|
| 112 | - */ |
|
| 106 | + * Configuration for GeoIP2 |
|
| 107 | + * Beware, the legacy version does not really work with IPv6 addresses |
|
| 108 | + * version: set to 2 if you wish to use GeoIP2, to 1 for the legacy version or set to 0 to turn off geolocation service |
|
| 109 | + * geoip2-path-to-autoloader: points to the GeoIP2 autoloader |
|
| 110 | + * geoip2-path-to-db: points to the GeoIP2 city database |
|
| 111 | + * @var array |
|
| 112 | + */ |
|
| 113 | 113 | |
| 114 | 114 | 'GEOIP' => [ |
| 115 | 115 | 'version' => 0, |
@@ -127,7 +127,6 @@ discard block |
||
| 127 | 127 | * mails, just configure the signing cert with these parameters. All must |
| 128 | 128 | * be non-NULL for signing to happen. If you don't need a keypass, make |
| 129 | 129 | * it an empty string instead. |
| 130 | - |
|
| 131 | 130 | * @var array |
| 132 | 131 | */ |
| 133 | 132 | 'MAILSETTINGS' => [ // we always use Submission |
@@ -146,25 +145,25 @@ discard block |
||
| 146 | 145 | * @var array |
| 147 | 146 | */ |
| 148 | 147 | 'LANGUAGES' => [ |
| 149 | - 'bg' => ['display' => 'Български', 'locale' => 'bg_BG.utf8', 'latin_based' => FALSE], |
|
| 150 | - 'ca' => ['display' => 'Català', 'locale' => 'ca_ES.utf8', 'latin_based' => TRUE], |
|
| 151 | - 'cs' => ['display' => 'Čeština', 'locale' => 'cs_CZ.utf8', 'latin_based' => TRUE], |
|
| 152 | - 'de' => ['display' => 'Deutsch', 'locale' => 'de_DE.utf8', 'latin_based' => TRUE], |
|
| 153 | - 'el' => ['display' => 'Ελληνικά', 'locale' => 'el_GR.utf8', 'latin_based' => FALSE], |
|
| 154 | - 'en' => ['display' => 'English(GB)', 'locale' => 'en_GB.utf8', 'latin_based' => TRUE], |
|
| 155 | - 'es' => ['display' => 'Español', 'locale' => 'es_ES.utf8', 'latin_based' => TRUE], |
|
| 156 | - 'fr' => ['display' => 'Français', 'locale' => 'fr_FR.utf8', 'latin_based' => TRUE], |
|
| 157 | - 'gl' => ['display' => 'Galego', 'locale' => 'gl_ES.utf8', 'latin_based' => TRUE], |
|
| 158 | - 'hr' => ['display' => 'Hrvatski', 'locale' => 'hr_HR.utf8', 'latin_based' => TRUE], |
|
| 159 | - 'it' => ['display' => 'Italiano', 'locale' => 'it_IT.utf8', 'latin_based' => TRUE], |
|
| 160 | - 'lt' => ['display' => 'lietuvių', 'locale' => 'lt_LT.utf8', 'latin_based' => TRUE], |
|
| 161 | - 'nb' => ['display' => 'Norsk', 'locale' => 'nb_NO.utf8', 'latin_based' => TRUE], |
|
| 162 | - 'pl' => ['display' => 'Polski', 'locale' => 'pl_PL.utf8', 'latin_based' => TRUE], |
|
| 163 | - 'sl' => ['display' => 'Slovenščina', 'locale' => 'sl_SI.utf8', 'latin_based' => TRUE], |
|
| 164 | - 'sr' => ['display' => 'Srpski', 'locale' => 'sr_RS@latin', 'latin_based' => TRUE], |
|
| 165 | - 'fi' => ['display' => 'Suomi', 'locale' => 'fi_FI.utf8', 'latin_based' => TRUE], |
|
| 166 | - 'hu' => ['display' => 'Magyar', 'locale' => 'hu_HU.utf8', 'latin_based' => TRUE], |
|
| 167 | - 'pt' => ['display' => 'Português', 'locale' => 'pt_PT.utf8', 'latin_based' => TRUE], |
|
| 148 | + 'bg' => ['display' => 'Български', 'locale' => 'bg_BG.utf8', 'latin_based' => FALSE], |
|
| 149 | + 'ca' => ['display' => 'Català', 'locale' => 'ca_ES.utf8', 'latin_based' => TRUE], |
|
| 150 | + 'cs' => ['display' => 'Čeština', 'locale' => 'cs_CZ.utf8', 'latin_based' => TRUE], |
|
| 151 | + 'de' => ['display' => 'Deutsch', 'locale' => 'de_DE.utf8', 'latin_based' => TRUE], |
|
| 152 | + 'el' => ['display' => 'Ελληνικά', 'locale' => 'el_GR.utf8', 'latin_based' => FALSE], |
|
| 153 | + 'en' => ['display' => 'English(GB)', 'locale' => 'en_GB.utf8', 'latin_based' => TRUE], |
|
| 154 | + 'es' => ['display' => 'Español', 'locale' => 'es_ES.utf8', 'latin_based' => TRUE], |
|
| 155 | + 'fr' => ['display' => 'Français', 'locale' => 'fr_FR.utf8', 'latin_based' => TRUE], |
|
| 156 | + 'gl' => ['display' => 'Galego', 'locale' => 'gl_ES.utf8', 'latin_based' => TRUE], |
|
| 157 | + 'hr' => ['display' => 'Hrvatski', 'locale' => 'hr_HR.utf8', 'latin_based' => TRUE], |
|
| 158 | + 'it' => ['display' => 'Italiano', 'locale' => 'it_IT.utf8', 'latin_based' => TRUE], |
|
| 159 | + 'lt' => ['display' => 'lietuvių', 'locale' => 'lt_LT.utf8', 'latin_based' => TRUE], |
|
| 160 | + 'nb' => ['display' => 'Norsk', 'locale' => 'nb_NO.utf8', 'latin_based' => TRUE], |
|
| 161 | + 'pl' => ['display' => 'Polski', 'locale' => 'pl_PL.utf8', 'latin_based' => TRUE], |
|
| 162 | + 'sl' => ['display' => 'Slovenščina', 'locale' => 'sl_SI.utf8', 'latin_based' => TRUE], |
|
| 163 | + 'sr' => ['display' => 'Srpski', 'locale' => 'sr_RS@latin', 'latin_based' => TRUE], |
|
| 164 | + 'fi' => ['display' => 'Suomi', 'locale' => 'fi_FI.utf8', 'latin_based' => TRUE], |
|
| 165 | + 'hu' => ['display' => 'Magyar', 'locale' => 'hu_HU.utf8', 'latin_based' => TRUE], |
|
| 166 | + 'pt' => ['display' => 'Português', 'locale' => 'pt_PT.utf8', 'latin_based' => TRUE], |
|
| 168 | 167 | |
| 169 | 168 | // For the following languages, partial translations exist in Transifex, but |
| 170 | 169 | // they are not complete enough for display. Their Transifex content is not |
@@ -217,11 +216,11 @@ discard block |
||
| 217 | 216 | 'db' => 'customer_db', |
| 218 | 217 | 'user' => 'customerservice', |
| 219 | 218 | 'pass' => '2lame4u'], |
| 220 | - 'enforce-external-sync' => TRUE, |
|
| 221 | - /* if you feed your user database from a third-party source and do not want CAT to update it on its own, you can |
|
| 219 | + 'enforce-external-sync' => TRUE, |
|
| 220 | + /* if you feed your user database from a third-party source and do not want CAT to update it on its own, you can |
|
| 222 | 221 | * make it read-only |
| 223 | 222 | */ |
| 224 | - 'userdb-readonly' => FALSE, |
|
| 223 | + 'userdb-readonly' => FALSE, |
|
| 225 | 224 | ], |
| 226 | 225 | |
| 227 | 226 | /** |
@@ -130,7 +130,7 @@ discard block |
||
| 130 | 130 | |
| 131 | 131 | * @var array |
| 132 | 132 | */ |
| 133 | - 'MAILSETTINGS' => [ // we always use Submission |
|
| 133 | + 'MAILSETTINGS' => [// we always use Submission |
|
| 134 | 134 | 'host' => 'submission.capable.mta', |
| 135 | 135 | 'user'=> 'mailuser', |
| 136 | 136 | 'pass' => 'mailpass', |
@@ -146,25 +146,25 @@ discard block |
||
| 146 | 146 | * @var array |
| 147 | 147 | */ |
| 148 | 148 | 'LANGUAGES' => [ |
| 149 | - 'bg' => ['display' => 'Български', 'locale' => 'bg_BG.utf8', 'latin_based' => FALSE], |
|
| 150 | - 'ca' => ['display' => 'Català', 'locale' => 'ca_ES.utf8', 'latin_based' => TRUE], |
|
| 151 | - 'cs' => ['display' => 'Čeština', 'locale' => 'cs_CZ.utf8', 'latin_based' => TRUE], |
|
| 152 | - 'de' => ['display' => 'Deutsch', 'locale' => 'de_DE.utf8', 'latin_based' => TRUE], |
|
| 153 | - 'el' => ['display' => 'Ελληνικά', 'locale' => 'el_GR.utf8', 'latin_based' => FALSE], |
|
| 154 | - 'en' => ['display' => 'English(GB)', 'locale' => 'en_GB.utf8', 'latin_based' => TRUE], |
|
| 155 | - 'es' => ['display' => 'Español', 'locale' => 'es_ES.utf8', 'latin_based' => TRUE], |
|
| 156 | - 'fr' => ['display' => 'Français', 'locale' => 'fr_FR.utf8', 'latin_based' => TRUE], |
|
| 157 | - 'gl' => ['display' => 'Galego', 'locale' => 'gl_ES.utf8', 'latin_based' => TRUE], |
|
| 158 | - 'hr' => ['display' => 'Hrvatski', 'locale' => 'hr_HR.utf8', 'latin_based' => TRUE], |
|
| 159 | - 'it' => ['display' => 'Italiano', 'locale' => 'it_IT.utf8', 'latin_based' => TRUE], |
|
| 160 | - 'lt' => ['display' => 'lietuvių', 'locale' => 'lt_LT.utf8', 'latin_based' => TRUE], |
|
| 161 | - 'nb' => ['display' => 'Norsk', 'locale' => 'nb_NO.utf8', 'latin_based' => TRUE], |
|
| 162 | - 'pl' => ['display' => 'Polski', 'locale' => 'pl_PL.utf8', 'latin_based' => TRUE], |
|
| 163 | - 'sl' => ['display' => 'Slovenščina', 'locale' => 'sl_SI.utf8', 'latin_based' => TRUE], |
|
| 164 | - 'sr' => ['display' => 'Srpski', 'locale' => 'sr_RS@latin', 'latin_based' => TRUE], |
|
| 165 | - 'fi' => ['display' => 'Suomi', 'locale' => 'fi_FI.utf8', 'latin_based' => TRUE], |
|
| 166 | - 'hu' => ['display' => 'Magyar', 'locale' => 'hu_HU.utf8', 'latin_based' => TRUE], |
|
| 167 | - 'pt' => ['display' => 'Português', 'locale' => 'pt_PT.utf8', 'latin_based' => TRUE], |
|
| 149 | + 'bg' => ['display' => 'Български', 'locale' => 'bg_BG.utf8', 'latin_based' => FALSE], |
|
| 150 | + 'ca' => ['display' => 'Català', 'locale' => 'ca_ES.utf8', 'latin_based' => TRUE], |
|
| 151 | + 'cs' => ['display' => 'Čeština', 'locale' => 'cs_CZ.utf8', 'latin_based' => TRUE], |
|
| 152 | + 'de' => ['display' => 'Deutsch', 'locale' => 'de_DE.utf8', 'latin_based' => TRUE], |
|
| 153 | + 'el' => ['display' => 'Ελληνικά', 'locale' => 'el_GR.utf8', 'latin_based' => FALSE], |
|
| 154 | + 'en' => ['display' => 'English(GB)', 'locale' => 'en_GB.utf8', 'latin_based' => TRUE], |
|
| 155 | + 'es' => ['display' => 'Español', 'locale' => 'es_ES.utf8', 'latin_based' => TRUE], |
|
| 156 | + 'fr' => ['display' => 'Français', 'locale' => 'fr_FR.utf8', 'latin_based' => TRUE], |
|
| 157 | + 'gl' => ['display' => 'Galego', 'locale' => 'gl_ES.utf8', 'latin_based' => TRUE], |
|
| 158 | + 'hr' => ['display' => 'Hrvatski', 'locale' => 'hr_HR.utf8', 'latin_based' => TRUE], |
|
| 159 | + 'it' => ['display' => 'Italiano', 'locale' => 'it_IT.utf8', 'latin_based' => TRUE], |
|
| 160 | + 'lt' => ['display' => 'lietuvių', 'locale' => 'lt_LT.utf8', 'latin_based' => TRUE], |
|
| 161 | + 'nb' => ['display' => 'Norsk', 'locale' => 'nb_NO.utf8', 'latin_based' => TRUE], |
|
| 162 | + 'pl' => ['display' => 'Polski', 'locale' => 'pl_PL.utf8', 'latin_based' => TRUE], |
|
| 163 | + 'sl' => ['display' => 'Slovenščina', 'locale' => 'sl_SI.utf8', 'latin_based' => TRUE], |
|
| 164 | + 'sr' => ['display' => 'Srpski', 'locale' => 'sr_RS@latin', 'latin_based' => TRUE], |
|
| 165 | + 'fi' => ['display' => 'Suomi', 'locale' => 'fi_FI.utf8', 'latin_based' => TRUE], |
|
| 166 | + 'hu' => ['display' => 'Magyar', 'locale' => 'hu_HU.utf8', 'latin_based' => TRUE], |
|
| 167 | + 'pt' => ['display' => 'Português', 'locale' => 'pt_PT.utf8', 'latin_based' => TRUE], |
|
| 168 | 168 | |
| 169 | 169 | // For the following languages, partial translations exist in Transifex, but |
| 170 | 170 | // they are not complete enough for display. Their Transifex content is not |
