GEANT /
CAT
@@ -16,10 +16,10 @@ discard block |
||
| 16 | 16 | class CertificationAuthorityEmbeddedRSA extends EntityWithDBProperties implements CertificationAuthorityInterface |
| 17 | 17 | { |
| 18 | 18 | |
| 19 | - private const LOCATION_ROOT_CA = ROOT . "/config/SilverbulletClientCerts/rootca-RSA.pem"; |
|
| 20 | - private const LOCATION_ISSUING_CA = ROOT . "/config/SilverbulletClientCerts/real-RSA.pem"; |
|
| 21 | - private const LOCATION_ISSUING_KEY = ROOT . "/config/SilverbulletClientCerts/real-RSA.key"; |
|
| 22 | - private const LOCATION_CONFIG = ROOT . "/config/SilverbulletClientCerts/openssl-RSA.cnf"; |
|
| 19 | + private const LOCATION_ROOT_CA = ROOT."/config/SilverbulletClientCerts/rootca-RSA.pem"; |
|
| 20 | + private const LOCATION_ISSUING_CA = ROOT."/config/SilverbulletClientCerts/real-RSA.pem"; |
|
| 21 | + private const LOCATION_ISSUING_KEY = ROOT."/config/SilverbulletClientCerts/real-RSA.key"; |
|
| 22 | + private const LOCATION_CONFIG = ROOT."/config/SilverbulletClientCerts/openssl-RSA.cnf"; |
|
| 23 | 23 | |
| 24 | 24 | /** |
| 25 | 25 | * string with the PEM variant of the root CA |
@@ -66,11 +66,11 @@ discard block |
||
| 66 | 66 | parent::__construct(); |
| 67 | 67 | $this->rootPem = file_get_contents(CertificationAuthorityEmbeddedRSA::LOCATION_ROOT_CA); |
| 68 | 68 | if ($this->rootPem === FALSE) { |
| 69 | - throw new Exception("Root CA PEM file not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_ROOT_CA); |
|
| 69 | + throw new Exception("Root CA PEM file not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_ROOT_CA); |
|
| 70 | 70 | } |
| 71 | 71 | $this->issuingCertRaw = file_get_contents(CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA); |
| 72 | 72 | if ($this->issuingCertRaw === FALSE) { |
| 73 | - throw new Exception("Issuing CA PEM file not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA); |
|
| 73 | + throw new Exception("Issuing CA PEM file not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA); |
|
| 74 | 74 | } |
| 75 | 75 | $rootParsed = openssl_x509_read($this->rootPem); |
| 76 | 76 | $issuingCertCandidate = openssl_x509_read($this->issuingCertRaw); |
@@ -80,15 +80,15 @@ discard block |
||
| 80 | 80 | } |
| 81 | 81 | $this->issuingCert = $issuingCertCandidate; |
| 82 | 82 | if (stat(CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY) === FALSE) { |
| 83 | - throw new Exception("Private key not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY); |
|
| 83 | + throw new Exception("Private key not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY); |
|
| 84 | 84 | } |
| 85 | - $issuingKeyTemp = openssl_pkey_get_private("file://" . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY); |
|
| 85 | + $issuingKeyTemp = openssl_pkey_get_private("file://".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY); |
|
| 86 | 86 | if ($issuingKeyTemp === FALSE || is_resource($issuingKeyTemp)) { |
| 87 | 87 | throw new Exception("The private key did not parse correctly (or is not a PHP8 object)!"); |
| 88 | 88 | } |
| 89 | 89 | $this->issuingKey = $issuingKeyTemp; |
| 90 | 90 | if (stat(CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG) === FALSE) { |
| 91 | - throw new Exception("openssl configuration not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG); |
|
| 91 | + throw new Exception("openssl configuration not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG); |
|
| 92 | 92 | } |
| 93 | 93 | $this->conffile = CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG; |
| 94 | 94 | } |
@@ -131,27 +131,27 @@ discard block |
||
| 131 | 131 | // generate stub index.txt file |
| 132 | 132 | $tempdirArray = \core\common\Entity::createTemporaryDirectory("test"); |
| 133 | 133 | $tempdir = $tempdirArray['dir']; |
| 134 | - $nowIndexTxt = (new \DateTime())->format("ymdHis") . "Z"; |
|
| 135 | - $expiryIndexTxt = $originalExpiry->format("ymdHis") . "Z"; |
|
| 134 | + $nowIndexTxt = (new \DateTime())->format("ymdHis")."Z"; |
|
| 135 | + $expiryIndexTxt = $originalExpiry->format("ymdHis")."Z"; |
|
| 136 | 136 | // serials for our CA are always integers |
| 137 | 137 | $serialHex = strtoupper(dechex((int) $cert->serial)); |
| 138 | 138 | if (strlen($serialHex) % 2 == 1) { |
| 139 | - $serialHex = "0" . $serialHex; |
|
| 139 | + $serialHex = "0".$serialHex; |
|
| 140 | 140 | } |
| 141 | 141 | |
| 142 | - $indexStatement = "$certstatus\t$expiryIndexTxt\t" . ($certstatus == "R" ? "$nowIndexTxt,unspecified" : "") . "\t$serialHex\tunknown\t/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$federation/CN=$cert->username\n"; |
|
| 142 | + $indexStatement = "$certstatus\t$expiryIndexTxt\t".($certstatus == "R" ? "$nowIndexTxt,unspecified" : "")."\t$serialHex\tunknown\t/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$federation/CN=$cert->username\n"; |
|
| 143 | 143 | $this->loggerInstance->debug(4, "index.txt contents-to-be: $indexStatement"); |
| 144 | - if (!file_put_contents($tempdir . "/index.txt", $indexStatement)) { |
|
| 144 | + if (!file_put_contents($tempdir."/index.txt", $indexStatement)) { |
|
| 145 | 145 | $this->loggerInstance->debug(1, "Unable to write openssl index.txt file for revocation handling!"); |
| 146 | 146 | } |
| 147 | 147 | // index.txt.attr is dull but needs to exist |
| 148 | - file_put_contents($tempdir . "/index.txt.attr", "unique_subject = yes\n"); |
|
| 148 | + file_put_contents($tempdir."/index.txt.attr", "unique_subject = yes\n"); |
|
| 149 | 149 | // call "openssl ocsp" to manufacture our own OCSP statement |
| 150 | 150 | // adding "-rmd sha1" to the following command-line makes the |
| 151 | 151 | // choice of signature algorithm for the response explicit |
| 152 | 152 | // but it's only available from openssl-1.1.0 (which we do not |
| 153 | 153 | // want to require just for that one thing). |
| 154 | - $execCmd = \config\Master::PATHS['openssl'] . " ocsp -issuer " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA . " -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA . " -rsigner " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA . " -rkey " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY . " -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der"; |
|
| 154 | + $execCmd = \config\Master::PATHS['openssl']." ocsp -issuer ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA." -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA." -rsigner ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA." -rkey ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY." -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der"; |
|
| 155 | 155 | $this->loggerInstance->debug(2, "Calling openssl ocsp with following cmdline: $execCmd\n"); |
| 156 | 156 | $output = []; |
| 157 | 157 | $return = 999; |
@@ -159,11 +159,11 @@ discard block |
||
| 159 | 159 | if ($return !== 0) { |
| 160 | 160 | throw new Exception("Non-zero return value from openssl ocsp!"); |
| 161 | 161 | } |
| 162 | - $ocsp = file_get_contents($tempdir . "/$serialHex.response.der"); |
|
| 162 | + $ocsp = file_get_contents($tempdir."/$serialHex.response.der"); |
|
| 163 | 163 | // remove the temp dir! |
| 164 | - unlink($tempdir . "/$serialHex.response.der"); |
|
| 165 | - unlink($tempdir . "/index.txt.attr"); |
|
| 166 | - unlink($tempdir . "/index.txt"); |
|
| 164 | + unlink($tempdir."/$serialHex.response.der"); |
|
| 165 | + unlink($tempdir."/index.txt.attr"); |
|
| 166 | + unlink($tempdir."/index.txt"); |
|
| 167 | 167 | rmdir($tempdir); |
| 168 | 168 | $this->databaseHandle->exec("UPDATE silverbullet_certificate SET OCSP = ?, OCSP_timestamp = NOW() WHERE serial_number = ?", "si", $ocsp, $cert->serial); |
| 169 | 169 | return $ocsp; |
@@ -22,7 +22,7 @@ discard block |
||
| 22 | 22 | ?> |
| 23 | 23 | <?php |
| 24 | 24 | |
| 25 | -require_once dirname(dirname(dirname(dirname(__FILE__)))) . "/config/_config.php"; |
|
| 25 | +require_once dirname(dirname(dirname(dirname(__FILE__))))."/config/_config.php"; |
|
| 26 | 26 | |
| 27 | 27 | $validator = new \web\lib\common\InputValidation(); |
| 28 | 28 | $idRaw = $_GET["id"] ?? ""; |
@@ -37,7 +37,7 @@ discard block |
||
| 37 | 37 | // Set data type and caching for 30 days |
| 38 | 38 | $info = new finfo(); |
| 39 | 39 | $filetype = $info->buffer($finalBlob, FILEINFO_MIME_TYPE); |
| 40 | - header("Content-type: " . $filetype); |
|
| 40 | + header("Content-type: ".$filetype); |
|
| 41 | 41 | |
| 42 | 42 | switch ($filetype) { |
| 43 | 43 | case "text/rtf": // fall-through, same treatment |
@@ -54,7 +54,7 @@ discard block |
||
| 54 | 54 | header("Cache-Control: must-revalidate"); |
| 55 | 55 | $offset = 60 * 60 * 24 * 30; |
| 56 | 56 | // gmdate can't possibly fail, because it operates on time() and an integer offset |
| 57 | - $ExpStr = "Expires: " . /** @scrutinizer ignore-type */ gmdate("D, d M Y H:i:s", time() + $offset) . " GMT"; |
|
| 57 | + $ExpStr = "Expires: "./** @scrutinizer ignore-type */ gmdate("D, d M Y H:i:s", time() + $offset)." GMT"; |
|
| 58 | 58 | header($ExpStr); |
| 59 | 59 | // Print out the image |
| 60 | 60 | echo $finalBlob; |
@@ -9,7 +9,7 @@ discard block |
||
| 9 | 9 | * ****************************************************************************** |
| 10 | 10 | */ |
| 11 | 11 | |
| 12 | -require_once dirname(dirname(dirname(dirname(__FILE__)))) . "/config/_config.php"; |
|
| 12 | +require_once dirname(dirname(dirname(dirname(__FILE__))))."/config/_config.php"; |
|
| 13 | 13 | |
| 14 | 14 | $auth = new \web\lib\admin\Authentication(); |
| 15 | 15 | $auth->authenticate(); |
@@ -29,31 +29,31 @@ discard block |
||
| 29 | 29 | ?> |
| 30 | 30 | |
| 31 | 31 | <h1><?php $tablecaption = _("User Authentication Records"); echo $tablecaption; ?></h1> |
| 32 | -<p><?php echo _("Note that:");?></p> |
|
| 32 | +<p><?php echo _("Note that:"); ?></p> |
|
| 33 | 33 | <ul> |
| 34 | - <li><?php echo _("Authentication records are deleted after six months retention time");?></li> |
|
| 35 | - <li><?php echo _("Operator Domain is based on the RADIUS attribute 'Operator-Name' and not sent by all hotspots");?></li> |
|
| 36 | - <li><?php echo _("Different MAC addresses per credential may be due to MAC Address randomisation in recent operating systems");?></li> |
|
| 34 | + <li><?php echo _("Authentication records are deleted after six months retention time"); ?></li> |
|
| 35 | + <li><?php echo _("Operator Domain is based on the RADIUS attribute 'Operator-Name' and not sent by all hotspots"); ?></li> |
|
| 36 | + <li><?php echo _("Different MAC addresses per credential may be due to MAC Address randomisation in recent operating systems"); ?></li> |
|
| 37 | 37 | </ul> |
| 38 | 38 | <table class='authrecord'> |
| 39 | - <caption><?php echo $tablecaption;?></caption> |
|
| 39 | + <caption><?php echo $tablecaption; ?></caption> |
|
| 40 | 40 | <tr> |
| 41 | - <th scope="col"><strong><?php echo _("Timestamp");?></strong></th> |
|
| 42 | - <th scope="col"><strong><?php echo _("Credential");?></strong></th> |
|
| 43 | - <th scope="col"><strong><?php echo _("MAC Address");?></strong></th> |
|
| 44 | - <th scope="col"><strong><?php echo _("Result");?></strong></th> |
|
| 45 | - <th scope="col"><strong><?php echo _("Operator Domain");?></strong></th> |
|
| 41 | + <th scope="col"><strong><?php echo _("Timestamp"); ?></strong></th> |
|
| 42 | + <th scope="col"><strong><?php echo _("Credential"); ?></strong></th> |
|
| 43 | + <th scope="col"><strong><?php echo _("MAC Address"); ?></strong></th> |
|
| 44 | + <th scope="col"><strong><?php echo _("Result"); ?></strong></th> |
|
| 45 | + <th scope="col"><strong><?php echo _("Operator Domain"); ?></strong></th> |
|
| 46 | 46 | </tr> |
| 47 | 47 | <?php |
| 48 | 48 | $userAuthData = $profile->getUserAuthRecords($userInt); |
| 49 | 49 | foreach ($userAuthData as $oneRecord) { |
| 50 | - echo "<tr class='".($oneRecord['RESULT'] == "Access-Accept" ? "auth-success" : "auth-fail" )."'>" |
|
| 50 | + echo "<tr class='".($oneRecord['RESULT'] == "Access-Accept" ? "auth-success" : "auth-fail")."'>" |
|
| 51 | 51 | . "<td>".$oneRecord['TIMESTAMP']."</td>" |
| 52 | 52 | // $oneRecord['CN'] is a simple string, not an array, so disable Scrutinizer type check here |
| 53 | - . "<td>"./** @scrutinizer ignore-type */ substr_replace($oneRecord['CN'], "@…", strpos($oneRecord['CN'],"@"))."</td>" |
|
| 53 | + . "<td>"./** @scrutinizer ignore-type */ substr_replace($oneRecord['CN'], "@…", strpos($oneRecord['CN'], "@"))."</td>" |
|
| 54 | 54 | . "<td>".$oneRecord['MAC']."</td>" |
| 55 | 55 | . "<td>".($oneRecord['RESULT'] == "Access-Accept" ? _("Success") : _("Failure"))."</td>" |
| 56 | - . "<td>".substr($oneRecord['OPERATOR'] ?? "1(unknown)",1)."</td>" |
|
| 56 | + . "<td>".substr($oneRecord['OPERATOR'] ?? "1(unknown)", 1)."</td>" |
|
| 57 | 57 | . "</tr>"; |
| 58 | 58 | } |
| 59 | 59 | ?> |
@@ -16,10 +16,10 @@ discard block |
||
| 16 | 16 | class CertificationAuthorityEmbeddedECDSA extends EntityWithDBProperties implements CertificationAuthorityInterface |
| 17 | 17 | { |
| 18 | 18 | |
| 19 | - private const LOCATION_ROOT_CA = ROOT . "/config/SilverbulletClientCerts/rootca-ECDSA.pem"; |
|
| 20 | - private const LOCATION_ISSUING_CA = ROOT . "/config/SilverbulletClientCerts/real-ECDSA.pem"; |
|
| 21 | - private const LOCATION_ISSUING_KEY = ROOT . "/config/SilverbulletClientCerts/real-ECDSA.key"; |
|
| 22 | - private const LOCATION_CONFIG = ROOT . "/config/SilverbulletClientCerts/openssl-ECDSA.cnf"; |
|
| 19 | + private const LOCATION_ROOT_CA = ROOT."/config/SilverbulletClientCerts/rootca-ECDSA.pem"; |
|
| 20 | + private const LOCATION_ISSUING_CA = ROOT."/config/SilverbulletClientCerts/real-ECDSA.pem"; |
|
| 21 | + private const LOCATION_ISSUING_KEY = ROOT."/config/SilverbulletClientCerts/real-ECDSA.key"; |
|
| 22 | + private const LOCATION_CONFIG = ROOT."/config/SilverbulletClientCerts/openssl-ECDSA.cnf"; |
|
| 23 | 23 | |
| 24 | 24 | /** |
| 25 | 25 | * string with the PEM variant of the root CA |
@@ -66,29 +66,29 @@ discard block |
||
| 66 | 66 | parent::__construct(); |
| 67 | 67 | $this->rootPem = file_get_contents(CertificationAuthorityEmbeddedECDSA::LOCATION_ROOT_CA); |
| 68 | 68 | if ($this->rootPem === FALSE) { |
| 69 | - throw new Exception("Root CA PEM file not found: " . CertificationAuthorityEmbeddedECDSA::LOCATION_ROOT_CA); |
|
| 69 | + throw new Exception("Root CA PEM file not found: ".CertificationAuthorityEmbeddedECDSA::LOCATION_ROOT_CA); |
|
| 70 | 70 | } |
| 71 | 71 | $this->issuingCertRaw = file_get_contents(CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA); |
| 72 | 72 | if ($this->issuingCertRaw === FALSE) { |
| 73 | - throw new Exception("Issuing CA PEM file not found: " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA); |
|
| 73 | + throw new Exception("Issuing CA PEM file not found: ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA); |
|
| 74 | 74 | } |
| 75 | 75 | $rootParsed = openssl_x509_read($this->rootPem); |
| 76 | 76 | $issuingCertCandidate = openssl_x509_read($this->issuingCertRaw); |
| 77 | - if ($issuingCertCandidate === FALSE || is_resource($issuingCertCandidate)|| $rootParsed === FALSE) { |
|
| 77 | + if ($issuingCertCandidate === FALSE || is_resource($issuingCertCandidate) || $rootParsed === FALSE) { |
|
| 78 | 78 | throw new Exception("At least one CA PEM file did not parse correctly (or not a PHP8 resource)!"); |
| 79 | 79 | } |
| 80 | 80 | $this->issuingCert = $issuingCertCandidate; |
| 81 | 81 | |
| 82 | 82 | if (stat(CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY) === FALSE) { |
| 83 | - throw new Exception("Private key not found: " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY); |
|
| 83 | + throw new Exception("Private key not found: ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY); |
|
| 84 | 84 | } |
| 85 | - $issuingKeyTemp = openssl_pkey_get_private("file://" . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY); |
|
| 85 | + $issuingKeyTemp = openssl_pkey_get_private("file://".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY); |
|
| 86 | 86 | if ($issuingKeyTemp === FALSE || is_resource($issuingKeyTemp)) { |
| 87 | 87 | throw new Exception("The private key did not parse correctly (or not a PHP8 resource)!"); |
| 88 | 88 | } |
| 89 | 89 | $this->issuingKey = $issuingKeyTemp; |
| 90 | 90 | if (stat(CertificationAuthorityEmbeddedECDSA::LOCATION_CONFIG) === FALSE) { |
| 91 | - throw new Exception("openssl configuration not found: " . CertificationAuthorityEmbeddedECDSA::LOCATION_CONFIG); |
|
| 91 | + throw new Exception("openssl configuration not found: ".CertificationAuthorityEmbeddedECDSA::LOCATION_CONFIG); |
|
| 92 | 92 | } |
| 93 | 93 | $this->conffile = CertificationAuthorityEmbeddedECDSA::LOCATION_CONFIG; |
| 94 | 94 | } |
@@ -131,27 +131,27 @@ discard block |
||
| 131 | 131 | // generate stub index.txt file |
| 132 | 132 | $tempdirArray = \core\common\Entity::createTemporaryDirectory("test"); |
| 133 | 133 | $tempdir = $tempdirArray['dir']; |
| 134 | - $nowIndexTxt = (new \DateTime())->format("ymdHis") . "Z"; |
|
| 135 | - $expiryIndexTxt = $originalExpiry->format("ymdHis") . "Z"; |
|
| 134 | + $nowIndexTxt = (new \DateTime())->format("ymdHis")."Z"; |
|
| 135 | + $expiryIndexTxt = $originalExpiry->format("ymdHis")."Z"; |
|
| 136 | 136 | // serials for our CA are always integers |
| 137 | 137 | $serialHex = strtoupper(dechex((int) $cert->serial)); |
| 138 | 138 | if (strlen($serialHex) % 2 == 1) { |
| 139 | - $serialHex = "0" . $serialHex; |
|
| 139 | + $serialHex = "0".$serialHex; |
|
| 140 | 140 | } |
| 141 | 141 | |
| 142 | - $indexStatement = "$certstatus\t$expiryIndexTxt\t" . ($certstatus == "R" ? "$nowIndexTxt,unspecified" : "") . "\t$serialHex\tunknown\t/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$federation/CN=$cert->username\n"; |
|
| 142 | + $indexStatement = "$certstatus\t$expiryIndexTxt\t".($certstatus == "R" ? "$nowIndexTxt,unspecified" : "")."\t$serialHex\tunknown\t/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$federation/CN=$cert->username\n"; |
|
| 143 | 143 | $this->loggerInstance->debug(4, "index.txt contents-to-be: $indexStatement"); |
| 144 | - if (!file_put_contents($tempdir . "/index.txt", $indexStatement)) { |
|
| 144 | + if (!file_put_contents($tempdir."/index.txt", $indexStatement)) { |
|
| 145 | 145 | $this->loggerInstance->debug(1, "Unable to write openssl index.txt file for revocation handling!"); |
| 146 | 146 | } |
| 147 | 147 | // index.txt.attr is dull but needs to exist |
| 148 | - file_put_contents($tempdir . "/index.txt.attr", "unique_subject = yes\n"); |
|
| 148 | + file_put_contents($tempdir."/index.txt.attr", "unique_subject = yes\n"); |
|
| 149 | 149 | // call "openssl ocsp" to manufacture our own OCSP statement |
| 150 | 150 | // adding "-rmd sha1" to the following command-line makes the |
| 151 | 151 | // choice of signature algorithm for the response explicit |
| 152 | 152 | // but it's only available from openssl-1.1.0 (which we do not |
| 153 | 153 | // want to require just for that one thing). |
| 154 | - $execCmd = \config\Master::PATHS['openssl'] . " ocsp -issuer " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA . " -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA . " -rsigner " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA . " -rkey " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY . " -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der"; |
|
| 154 | + $execCmd = \config\Master::PATHS['openssl']." ocsp -issuer ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA." -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA." -rsigner ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA." -rkey ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY." -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der"; |
|
| 155 | 155 | $this->loggerInstance->debug(2, "Calling openssl ocsp with following cmdline: $execCmd\n"); |
| 156 | 156 | $output = []; |
| 157 | 157 | $return = 999; |
@@ -159,11 +159,11 @@ discard block |
||
| 159 | 159 | if ($return !== 0) { |
| 160 | 160 | throw new Exception("Non-zero return value from openssl ocsp!"); |
| 161 | 161 | } |
| 162 | - $ocsp = file_get_contents($tempdir . "/$serialHex.response.der"); |
|
| 162 | + $ocsp = file_get_contents($tempdir."/$serialHex.response.der"); |
|
| 163 | 163 | // remove the temp dir! |
| 164 | - unlink($tempdir . "/$serialHex.response.der"); |
|
| 165 | - unlink($tempdir . "/index.txt.attr"); |
|
| 166 | - unlink($tempdir . "/index.txt"); |
|
| 164 | + unlink($tempdir."/$serialHex.response.der"); |
|
| 165 | + unlink($tempdir."/index.txt.attr"); |
|
| 166 | + unlink($tempdir."/index.txt"); |
|
| 167 | 167 | rmdir($tempdir); |
| 168 | 168 | $this->databaseHandle->exec("UPDATE silverbullet_certificate SET OCSP = ?, OCSP_timestamp = NOW() WHERE serial_number = ?", "si", $ocsp, $cert->serial); |
| 169 | 169 | return $ocsp; |
@@ -124,7 +124,7 @@ discard block |
||
| 124 | 124 | public function divSilverbullet() { |
| 125 | 125 | $retval = " |
| 126 | 126 | <div id='silverbullet'>" |
| 127 | - .$this->Gui->textTemplates->templates[user\SB_GO_AWAY] . |
|
| 127 | + .$this->Gui->textTemplates->templates[user\SB_GO_AWAY]. |
|
| 128 | 128 | "</div> |
| 129 | 129 | "; |
| 130 | 130 | return $retval; |
@@ -222,7 +222,7 @@ discard block |
||
| 222 | 222 | <div id='profiles'> <!-- this is the profile selection filled during run time --> |
| 223 | 223 | <div id='profiles_h' class='sub_h'>".$this->Gui->textTemplates->templates[user\PROFILE_SELECTION]." |
| 224 | 224 | </div>" . |
| 225 | - "<select id='profile_list'></select><div id='profile_desc' class='profile_desc'></div>" . |
|
| 225 | + "<select id='profile_list'></select><div id='profile_desc' class='profile_desc'></div>". |
|
| 226 | 226 | "</div>"; |
| 227 | 227 | } |
| 228 | 228 | |
@@ -250,7 +250,7 @@ discard block |
||
| 250 | 250 | public function divInstitution($selectButton = TRUE) { |
| 251 | 251 | $retval = "<div id='institution_name'> |
| 252 | 252 | <span id='inst_name_span'></span> <div id='inst_extra_text'></div><!-- this will be filled with the IdP name -->" . |
| 253 | - ($selectButton ? "<a id='select_another' class='signin' href=\"\">".$this->Gui->textTemplates->templates[user\INSTITUTION_SELECTION]."</a>" : "") . |
|
| 253 | + ($selectButton ? "<a id='select_another' class='signin' href=\"\">".$this->Gui->textTemplates->templates[user\INSTITUTION_SELECTION]."</a>" : ""). |
|
| 254 | 254 | "</div>"; |
| 255 | 255 | $retval .= $this->emptyImage('idp_logo', 'IdP Logo'); |
| 256 | 256 | return $retval; |
@@ -124,7 +124,7 @@ discard block |
||
| 124 | 124 | public function divSilverbullet() { |
| 125 | 125 | $retval = " |
| 126 | 126 | <div id='silverbullet'>" |
| 127 | - .$this->Gui->textTemplates->templates[user\SB_GO_AWAY] . |
|
| 127 | + .$this->Gui->textTemplates->templates[user\SB_GO_AWAY] . |
|
| 128 | 128 | "</div> |
| 129 | 129 | "; |
| 130 | 130 | return $retval; |
@@ -293,8 +293,8 @@ discard block |
||
| 293 | 293 | } |
| 294 | 294 | |
| 295 | 295 | $retval .= "<td><button name='$d' class='other_os' id='$d'>".$D['display']."</button>" |
| 296 | - ."</td>" |
|
| 297 | - ."<td><button name='$d' class='more_info_b' id='info_b_$d'>i</button></td></tr>\n"; |
|
| 296 | + ."</td>" |
|
| 297 | + ."<td><button name='$d' class='more_info_b' id='info_b_$d'>i</button></td></tr>\n"; |
|
| 298 | 298 | $deviceIndex++; |
| 299 | 299 | } |
| 300 | 300 | $retval .= "</tbody>"; |
@@ -341,11 +341,11 @@ discard block |
||
| 341 | 341 | <tr> |
| 342 | 342 | <td>" . |
| 343 | 343 | $this->Gui->catVersion |
| 344 | - ." |
|
| 344 | + ." |
|
| 345 | 345 | </td>"; |
| 346 | 346 | |
| 347 | 347 | if (!empty(\config\Master::APPEARANCE['privacy_notice_url'])) { |
| 348 | - $retval .= "<td>".$this->Gui->catCopyrifhtAndLicense."<br><span id='privacy_notice_cons'>".\config\ConfAssistant::CONSORTIUM['display_name']."</span> <a href='".\config\Master::APPEARANCE['privacy_notice_url']."'>".sprintf(_("%s Privacy Notice"), '')."</a></td>"; |
|
| 348 | + $retval .= "<td>".$this->Gui->catCopyrifhtAndLicense."<br><span id='privacy_notice_cons'>".\config\ConfAssistant::CONSORTIUM['display_name']."</span> <a href='".\config\Master::APPEARANCE['privacy_notice_url']."'>".sprintf(_("%s Privacy Notice"), '')."</a></td>"; |
|
| 349 | 349 | } |
| 350 | 350 | $retval .= "<td>"; |
| 351 | 351 | if (\config\ConfAssistant::CONSORTIUM['name'] == "eduroam" && isset(\config\ConfAssistant::CONSORTIUM['deployment-voodoo']) && \config\ConfAssistant::CONSORTIUM['deployment-voodoo'] == "Operations Team") { |
@@ -121,7 +121,7 @@ discard block |
||
| 121 | 121 | $cryptoJson = openssl_encrypt($clearJson, 'AES-256-CBC', $encryptionKey, OPENSSL_RAW_DATA, $initVector); |
| 122 | 122 | $hmac = hash_hmac("sha1", $cryptoJson, $encryptionKey, TRUE); |
| 123 | 123 | |
| 124 | - $this->loggerInstance->debug(4, "Clear = $clearJson\nSalt = $salt\nPW = " . $password . "\nb(IV) = " . base64_encode($initVector) . "\nb(Cipher) = " . base64_encode($cryptoJson) . "\nb(HMAC) = " . base64_encode($hmac)); |
|
| 124 | + $this->loggerInstance->debug(4, "Clear = $clearJson\nSalt = $salt\nPW = ".$password."\nb(IV) = ".base64_encode($initVector)."\nb(Cipher) = ".base64_encode($cryptoJson)."\nb(HMAC) = ".base64_encode($hmac)); |
|
| 125 | 125 | |
| 126 | 126 | // now, generate the container that holds all the crypto data |
| 127 | 127 | $finalArray = [ |
@@ -195,7 +195,7 @@ discard block |
||
| 195 | 195 | private function wiredBlock($eapdetails) |
| 196 | 196 | { |
| 197 | 197 | return [ |
| 198 | - "GUID" => \core\common\Entity::uuid('', "wired-dot1x-ethernet") . "}", |
|
| 198 | + "GUID" => \core\common\Entity::uuid('', "wired-dot1x-ethernet")."}", |
|
| 199 | 199 | "Name" => "eduroam configuration (wired network)", |
| 200 | 200 | "Remove" => false, |
| 201 | 201 | "Type" => "Ethernet", |
@@ -236,7 +236,7 @@ discard block |
||
| 236 | 236 | // if silverbullet, we deliver the client cert inline |
| 237 | 237 | |
| 238 | 238 | if ($selectedEap == \core\common\EAP::EAPTYPE_SILVERBULLET) { |
| 239 | - $eaparray['ClientCertRef'] = "[" . $this->clientCert['GUID'] . "]"; |
|
| 239 | + $eaparray['ClientCertRef'] = "[".$this->clientCert['GUID']."]"; |
|
| 240 | 240 | $eaparray['ClientCertType'] = "Ref"; |
| 241 | 241 | } |
| 242 | 242 | |
@@ -271,7 +271,7 @@ discard block |
||
| 271 | 271 | $jsonArray = ["Type" => "UnencryptedConfiguration"]; |
| 272 | 272 | |
| 273 | 273 | foreach ($this->attributes['internal:CAs'][0] as $ca) { |
| 274 | - $caRefs[] = "{" . $ca['uuid'] . "}"; |
|
| 274 | + $caRefs[] = "{".$ca['uuid']."}"; |
|
| 275 | 275 | } |
| 276 | 276 | // define CA certificates |
| 277 | 277 | foreach ($this->attributes['internal:CAs'][0] as $ca) { |
@@ -281,15 +281,15 @@ discard block |
||
| 281 | 281 | if ($caSanitized1 === FALSE) { |
| 282 | 282 | throw new Exception("Error cropping PEM data at its BEGIN marker."); |
| 283 | 283 | } |
| 284 | - $this->loggerInstance->debug(4, $caSanitized1 . "\n"); |
|
| 284 | + $this->loggerInstance->debug(4, $caSanitized1."\n"); |
|
| 285 | 285 | // remove \n |
| 286 | 286 | $caSanitized = str_replace("\n", "", $caSanitized1); |
| 287 | - $jsonArray["Certificates"][] = ["GUID" => "{" . $ca['uuid'] . "}", "Remove" => false, "Type" => "Authority", "X509" => $caSanitized]; |
|
| 288 | - $this->loggerInstance->debug(3, $caSanitized . "\n"); |
|
| 287 | + $jsonArray["Certificates"][] = ["GUID" => "{".$ca['uuid']."}", "Remove" => false, "Type" => "Authority", "X509" => $caSanitized]; |
|
| 288 | + $this->loggerInstance->debug(3, $caSanitized."\n"); |
|
| 289 | 289 | } |
| 290 | 290 | // if we are doing silverbullet, include the unencrypted(!) P12 as a client certificate |
| 291 | 291 | if ($this->selectedEap == \core\common\EAP::EAPTYPE_SILVERBULLET) { |
| 292 | - $jsonArray["Certificates"][] = ["GUID" => "[" . $this->clientCert['GUID'] . "]", "PKCS12" => base64_encode($this->clientCert['certdataclear']), "Remove" => false, "Type" => "Client"]; |
|
| 292 | + $jsonArray["Certificates"][] = ["GUID" => "[".$this->clientCert['GUID']."]", "PKCS12" => base64_encode($this->clientCert['certdataclear']), "Remove" => false, "Type" => "Client"]; |
|
| 293 | 293 | } |
| 294 | 294 | $eaparray = $this->eapBlock($caRefs); |
| 295 | 295 | // define Wi-Fi networks |
@@ -312,7 +312,7 @@ discard block |
||
| 312 | 312 | |
| 313 | 313 | file_put_contents('installer_profile', $finalJson); |
| 314 | 314 | |
| 315 | - $fileName = $this->installerBasename . '.onc'; |
|
| 315 | + $fileName = $this->installerBasename.'.onc'; |
|
| 316 | 316 | |
| 317 | 317 | if (!$this->sign) { |
| 318 | 318 | rename("installer_profile", $fileName); |
@@ -323,7 +323,7 @@ discard block |
||
| 323 | 323 | // have the notion of signing |
| 324 | 324 | // but if they ever change their mind, we are prepared |
| 325 | 325 | |
| 326 | - $outputFromSigning = system($this->sign . " installer_profile '$fileName' > /dev/null"); |
|
| 326 | + $outputFromSigning = system($this->sign." installer_profile '$fileName' > /dev/null"); |
|
| 327 | 327 | if ($outputFromSigning === FALSE) { |
| 328 | 328 | $this->loggerInstance->debug(2, "Signing the ONC installer $fileName FAILED!\n"); |
| 329 | 329 | } |
@@ -755,7 +755,22 @@ |
||
| 755 | 755 | } |
| 756 | 756 | ?> |
| 757 | 757 | <div id="tabs-<?php echo $i;?>"> |
| 758 | - <button id="run_<?php if ($i==3) echo 'd'; else echo 'o';?>_tests"; onclick="run_<?php if ($i==3) echo 'dynamic'; else echo 'openroaming';?>()"><?php if ($i==3) echo _("Repeat dynamic connectivity tests"); else echo _("Repeat OpenRoaming connectivity tests");?></button> |
|
| 758 | + <button id="run_<?php if ($i==3) { |
|
| 759 | + echo 'd'; |
|
| 760 | +} else { |
|
| 761 | + echo 'o'; |
|
| 762 | +} |
|
| 763 | +?>_tests"; onclick="run_<?php if ($i==3) { |
|
| 764 | + echo 'dynamic'; |
|
| 765 | +} else { |
|
| 766 | + echo 'openroaming'; |
|
| 767 | +} |
|
| 768 | +?>()"><?php if ($i==3) { |
|
| 769 | + echo _("Repeat dynamic connectivity tests"); |
|
| 770 | +} else { |
|
| 771 | + echo _("Repeat OpenRoaming connectivity tests"); |
|
| 772 | +} |
|
| 773 | +?></button> |
|
| 759 | 774 | |
| 760 | 775 | <?php |
| 761 | 776 | echo "<div id='"; |
@@ -578,9 +578,9 @@ discard block |
||
| 578 | 578 | $naptr = $rfc7585suite->relevantNAPTR(); |
| 579 | 579 | if ($naptr == \core\diag\RADIUSTests::RETVAL_NOTCONFIGURED) { |
| 580 | 580 | if ($dynType == "") { |
| 581 | - echo "<tr><td>" . _("Dynamic discovery test is not configured") . "</td><td>"; |
|
| 581 | + echo "<tr><td>" . _("Dynamic discovery test is not configured") . "</td><td>"; |
|
| 582 | 582 | } else { |
| 583 | - echo "<tr><td>" . _("OpenRoaming connectivity test is not configured") . "</td><td>"; |
|
| 583 | + echo "<tr><td>" . _("OpenRoaming connectivity test is not configured") . "</td><td>"; |
|
| 584 | 584 | } |
| 585 | 585 | } else { |
| 586 | 586 | echo "<table>"; |
@@ -698,7 +698,7 @@ discard block |
||
| 698 | 698 | echo "} |
| 699 | 699 | </script>"; |
| 700 | 700 | } else { |
| 701 | - echo ' |
|
| 701 | + echo ' |
|
| 702 | 702 | function run_openroaming() { |
| 703 | 703 | running_ajax_openroaming = 0; |
| 704 | 704 | $("#main_openroaming_ico").attr("src",icon_loading); |
@@ -720,10 +720,10 @@ discard block |
||
| 720 | 720 | } |
| 721 | 721 | } |
| 722 | 722 | if ($dynType == '') { |
| 723 | - $naptrs[0] = $naptr; |
|
| 724 | - } else { |
|
| 725 | - $naptrs[1] = $naptr; |
|
| 726 | - } |
|
| 723 | + $naptrs[0] = $naptr; |
|
| 724 | + } else { |
|
| 725 | + $naptrs[1] = $naptr; |
|
| 726 | + } |
|
| 727 | 727 | } |
| 728 | 728 | echo "<strong>" . _("Static connectivity tests") . "</strong> |
| 729 | 729 | <table><tr> |
@@ -736,7 +736,7 @@ discard block |
||
| 736 | 736 | </tr></table>"; |
| 737 | 737 | } |
| 738 | 738 | if (isset($orrealm) && count($orrealm) && ($naptrs[1] > 0)) { |
| 739 | - echo "<hr><strong>" . _("OpenRoaming connectivity tests") . "</strong> |
|
| 739 | + echo "<hr><strong>" . _("OpenRoaming connectivity tests") . "</strong> |
|
| 740 | 740 | <table><tr> |
| 741 | 741 | <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='main_openroaming_ico' class='icon'></td><td id='main_openroaming_result' style='display:none'> </td> |
| 742 | 742 | </tr></table>"; |
@@ -774,12 +774,12 @@ discard block |
||
| 774 | 774 | <?php |
| 775 | 775 | for ($i=3; $i<5; $i++) { |
| 776 | 776 | if ($i == 3 && $naptrs[0] <= 0) { |
| 777 | - continue; |
|
| 777 | + continue; |
|
| 778 | 778 | } |
| 779 | 779 | if ($i == 4) { |
| 780 | - if ((count($orrealm) == 0) || ($naptrs[1] <= 0)) { |
|
| 781 | - continue; |
|
| 782 | - } |
|
| 780 | + if ((count($orrealm) == 0) || ($naptrs[1] <= 0)) { |
|
| 781 | + continue; |
|
| 782 | + } |
|
| 783 | 783 | } |
| 784 | 784 | if ($i == 3) { |
| 785 | 785 | $rfc7585suite = $dnsChecks; |
@@ -796,16 +796,16 @@ discard block |
||
| 796 | 796 | echo "_tests'><fieldset class='option_container'> |
| 797 | 797 | <legend><strong>"; |
| 798 | 798 | if ($i==3) { |
| 799 | - echo _("DYNAMIC connectivity tests"); |
|
| 799 | + echo _("DYNAMIC connectivity tests"); |
|
| 800 | 800 | } else { |
| 801 | - echo _("OpenRoaming connectivity tests"); |
|
| 801 | + echo _("OpenRoaming connectivity tests"); |
|
| 802 | 802 | } |
| 803 | 803 | echo "</strong></legend>"; |
| 804 | 804 | $prefix1 = 'dynamic'; |
| 805 | 805 | $prefix2 = ''; |
| 806 | 806 | if ($i == 4) { |
| 807 | - $prefix1 = 'openroaming'; |
|
| 808 | - $prefix2 = $prefix1; |
|
| 807 | + $prefix1 = 'openroaming'; |
|
| 808 | + $prefix2 = $prefix1; |
|
| 809 | 809 | } |
| 810 | 810 | $resultstoprint = []; |
| 811 | 811 | if (count($rfc7585suite->NAPTR_hostname_records) > 0) { |
@@ -19,7 +19,7 @@ discard block |
||
| 19 | 19 | * <base_url>/copyright.php after deploying the software |
| 20 | 20 | */ |
| 21 | 21 | |
| 22 | -require_once dirname(dirname(__DIR__)) . "/config/_config.php"; |
|
| 22 | +require_once dirname(dirname(__DIR__))."/config/_config.php"; |
|
| 23 | 23 | |
| 24 | 24 | $loggerInstance = new \core\common\Logging(); |
| 25 | 25 | |
@@ -69,13 +69,13 @@ discard block |
||
| 69 | 69 | $dnsChecksOR = new \core\diag\RFC7585Tests($check_realm, "aaa+auth:radius.tls.tcp"); |
| 70 | 70 | } |
| 71 | 71 | } else { |
| 72 | - $error_message = _("You asked for a realm check, but we don't know the realm for this profile!") . "</p>"; |
|
| 72 | + $error_message = _("You asked for a realm check, but we don't know the realm for this profile!")."</p>"; |
|
| 73 | 73 | } |
| 74 | 74 | } else { // someone else's realm, and we don't know anything about it... only shallow checks |
| 75 | 75 | $check_realm = $validator->realm($realm ?? $_SESSION['check_realm'] ?? ""); |
| 76 | 76 | if ($check_realm !== FALSE) { |
| 77 | 77 | $_SESSION['check_realm'] = $check_realm; |
| 78 | - $testsuite = new \core\diag\RADIUSTests($check_realm, "@" . $check_realm); |
|
| 78 | + $testsuite = new \core\diag\RADIUSTests($check_realm, "@".$check_realm); |
|
| 79 | 79 | $dnsChecks = new \core\diag\RFC7585Tests($check_realm); |
| 80 | 80 | } else { |
| 81 | 81 | $error_message = _("No valid realm name given, cannot execute any checks!"); |
@@ -122,7 +122,7 @@ discard block |
||
| 122 | 122 | var listofcas = "<?php echo _("You should update your list of accredited CAs") ?>"; |
| 123 | 123 | var getitfrom = "<?php echo _("Get it from here.") ?>"; |
| 124 | 124 | var listsource = "<?php echo \config\Diagnostics::RADIUSTESTS['accreditedCAsURL'] ?>"; |
| 125 | - var moretext = "<?php echo _("more") . "»" ?>"; |
|
| 125 | + var moretext = "<?php echo _("more")."»" ?>"; |
|
| 126 | 126 | var lesstext = "<?php echo "«" ?>"; |
| 127 | 127 | var morealltext = "<?php echo _("Show detailed information for all tests") ?>"; |
| 128 | 128 | var eof_error = "<?php echo \core\diag\RADIUSTests::CERTPROB_UNEXPECTED_EOF ?>"; |
@@ -273,10 +273,10 @@ discard block |
||
| 273 | 273 | |
| 274 | 274 | cliinfo = cliinfo + '<li>'; |
| 275 | 275 | if (data.ca[key].certificate[c].finalerror && data.ca[key].certificate[c].finalerror==2) { |
| 276 | - cliinfo = cliinfo + ' <?php echo _("this test was skipped - no appropriate client certificate");?>' + '</ul></li>'; |
|
| 276 | + cliinfo = cliinfo + ' <?php echo _("this test was skipped - no appropriate client certificate"); ?>' + '</ul></li>'; |
|
| 277 | 277 | } else { |
| 278 | 278 | cliinfo = cliinfo + '<table><tbody><tr><td class="icon_td"><img class="icon" src="' + icons[level] + '" style="width: 24px;"></td><td>' + state; |
| 279 | - cliinfo = cliinfo + ' <?php echo "(" . sprintf(_("elapsed time: %sms."), "'+data.ca[key].certificate[c].time_millisec+' ") . ")"; ?>' + add + '</td></tr>'; |
|
| 279 | + cliinfo = cliinfo + ' <?php echo "(".sprintf(_("elapsed time: %sms."), "'+data.ca[key].certificate[c].time_millisec+' ").")"; ?>' + add + '</td></tr>'; |
|
| 280 | 280 | cliinfo = cliinfo + '</tbody></table></ul></li>'; |
| 281 | 281 | } |
| 282 | 282 | |
@@ -475,7 +475,7 @@ discard block |
||
| 475 | 475 | }); |
| 476 | 476 | } |
| 477 | 477 | o = o + cert_data + '</table>'; |
| 478 | - $("#eap_test" + data.hostindex).append('<strong><img style="position: relative; top: 2px;" src="' + icons[v.level] + '"><span style="position: relative; top: -5px; <?php echo $start;?>: 1em">' + v.eap + ' – <?php printf(_("elapsed time: %sms."), "'+v.time_millisec+' ") ?></span></strong><div class="more" style="padding-<?php echo $start;?>: 40px"><div class="morecontent"><div style="display:none; background: #eee;">' + o + '</div><a href="" class="morelink">' + moretext + '</a></div></div>'); |
|
| 478 | + $("#eap_test" + data.hostindex).append('<strong><img style="position: relative; top: 2px;" src="' + icons[v.level] + '"><span style="position: relative; top: -5px; <?php echo $start; ?>: 1em">' + v.eap + ' – <?php printf(_("elapsed time: %sms."), "'+v.time_millisec+' ") ?></span></strong><div class="more" style="padding-<?php echo $start; ?>: 40px"><div class="morecontent"><div style="display:none; background: #eee;">' + o + '</div><a href="" class="morelink">' + moretext + '</a></div></div>'); |
|
| 479 | 479 | }); |
| 480 | 480 | } |
| 481 | 481 | |
@@ -486,8 +486,8 @@ discard block |
||
| 486 | 486 | <?php |
| 487 | 487 | foreach (\config\Diagnostics::RADIUSTESTS['UDP-hosts'] as $hostindex => $host) { |
| 488 | 488 | print " |
| 489 | -$(\"#live_src" . $hostindex . "_img\").attr('src',icon_loading); |
|
| 490 | -$(\"#live_src" . $hostindex . "_img\").show(); |
|
| 489 | +$(\"#live_src" . $hostindex."_img\").attr('src',icon_loading); |
|
| 490 | +$(\"#live_src" . $hostindex."_img\").show(); |
|
| 491 | 491 | $.ajax({ |
| 492 | 492 | url: 'radius_tests.php?src=0&hostindex=$hostindex&realm='+realm, |
| 493 | 493 | type: 'POST', |
@@ -520,15 +520,15 @@ discard block |
||
| 520 | 520 | <?php |
| 521 | 521 | foreach (\config\Diagnostics::RADIUSTESTS['UDP-hosts'] as $hostindex => $host) { |
| 522 | 522 | if ($testedProfile !== NULL) { |
| 523 | - $extraarg = "profile_id: " . $testedProfile->identifier . ", "; |
|
| 523 | + $extraarg = "profile_id: ".$testedProfile->identifier.", "; |
|
| 524 | 524 | } else { |
| 525 | 525 | $extraarg = ""; |
| 526 | 526 | } |
| 527 | 527 | print " |
| 528 | -$(\"#src" . $hostindex . "_img\").attr('src',icon_loading); |
|
| 528 | +$(\"#src" . $hostindex."_img\").attr('src',icon_loading); |
|
| 529 | 529 | $(\"#src$hostindex\").html(''); |
| 530 | 530 | running_ajax_stat++; |
| 531 | -$.ajax({url:'radius_tests.php', timeout: ajax_timeout, data:{test_type: 'udp', $extraarg realm: realm, src: $hostindex, lang: '" . $gui->languageInstance->getLang() . "', hostindex: '$hostindex'}, hostindex: '$hostindex', error: error_handler, success: udp, dataType: 'json'}); |
|
| 531 | +$.ajax({url:'radius_tests.php', timeout: ajax_timeout, data:{test_type: 'udp', $extraarg realm: realm, src: $hostindex, lang: '".$gui->languageInstance->getLang()."', hostindex: '$hostindex'}, hostindex: '$hostindex', error: error_handler, success: udp, dataType: 'json'}); |
|
| 532 | 532 | "; |
| 533 | 533 | } |
| 534 | 534 | |
@@ -586,7 +586,7 @@ discard block |
||
| 586 | 586 | if ($check_realm === FALSE) { |
| 587 | 587 | print "<p>$error_message</p>"; |
| 588 | 588 | } else { |
| 589 | - print "<h1>" . sprintf(_("Realm testing for: %s"), $check_realm) . "</h1>\n"; |
|
| 589 | + print "<h1>".sprintf(_("Realm testing for: %s"), $check_realm)."</h1>\n"; |
|
| 590 | 590 | ?> |
| 591 | 591 | <div id="debug_out" style="display: none"></div> |
| 592 | 592 | <div id="tabs" style="min-width: 600px; max-width:1000px"> |
@@ -608,25 +608,25 @@ discard block |
||
| 608 | 608 | // NAPTR existence check |
| 609 | 609 | if ($dynType == "") { |
| 610 | 610 | $rfc7585suite = $dnsChecks; |
| 611 | - echo "<strong>" . _("DNS checks") . "</strong><div>"; |
|
| 611 | + echo "<strong>"._("DNS checks")."</strong><div>"; |
|
| 612 | 612 | } else { |
| 613 | 613 | if (count($orrealm) == 0) { |
| 614 | 614 | continue; |
| 615 | 615 | } |
| 616 | 616 | $rfc7585suite = $dnsChecksOR; |
| 617 | - echo "<strong>" . _("OpenRoaming DNS checks") . "</strong><div>"; |
|
| 617 | + echo "<strong>"._("OpenRoaming DNS checks")."</strong><div>"; |
|
| 618 | 618 | } |
| 619 | 619 | $naptr = $rfc7585suite->relevantNAPTR(); |
| 620 | 620 | if ($naptr == \core\diag\RADIUSTests::RETVAL_NOTCONFIGURED) { |
| 621 | 621 | if ($dynType == "") { |
| 622 | - echo "<tr><td>" . _("Dynamic discovery test is not configured") . "</td><td>"; |
|
| 622 | + echo "<tr><td>"._("Dynamic discovery test is not configured")."</td><td>"; |
|
| 623 | 623 | } else { |
| 624 | - echo "<tr><td>" . _("OpenRoaming connectivity test is not configured") . "</td><td>"; |
|
| 624 | + echo "<tr><td>"._("OpenRoaming connectivity test is not configured")."</td><td>"; |
|
| 625 | 625 | } |
| 626 | 626 | } else { |
| 627 | 627 | echo "<table>"; |
| 628 | 628 | // output in friendly words |
| 629 | - echo "<tr><td>" . _("Checking NAPTR existence:") . "</td><td>"; |
|
| 629 | + echo "<tr><td>"._("Checking NAPTR existence:")."</td><td>"; |
|
| 630 | 630 | switch ($naptr) { |
| 631 | 631 | case \core\diag\RFC7585Tests::RETVAL_NONAPTR: |
| 632 | 632 | echo _("This realm has no NAPTR records."); |
@@ -641,7 +641,7 @@ discard block |
||
| 641 | 641 | |
| 642 | 642 | // compliance checks for NAPTRs |
| 643 | 643 | if ($naptr > 0) { |
| 644 | - echo "<tr><td>" . _("Checking NAPTR compliance (flag = S and regex = {empty}):") . "</td><td>"; |
|
| 644 | + echo "<tr><td>"._("Checking NAPTR compliance (flag = S and regex = {empty}):")."</td><td>"; |
|
| 645 | 645 | $naptr_valid = $rfc7585suite->relevantNAPTRcompliance(); |
| 646 | 646 | switch ($naptr_valid) { |
| 647 | 647 | case \core\diag\RADIUSTests::RETVAL_OK: |
@@ -656,7 +656,7 @@ discard block |
||
| 656 | 656 | // SRV resolution |
| 657 | 657 | if ($naptr > 0 && $naptr_valid == \core\diag\RADIUSTests::RETVAL_OK) { |
| 658 | 658 | $srv = $rfc7585suite->relevantNAPTRsrvResolution(); |
| 659 | - echo "<tr><td>" . _("Checking SRVs:") . "</td><td>"; |
|
| 659 | + echo "<tr><td>"._("Checking SRVs:")."</td><td>"; |
|
| 660 | 660 | switch ($srv) { |
| 661 | 661 | case \core\diag\RADIUSTests::RETVAL_SKIPPED: |
| 662 | 662 | echo _("This check was skipped."); |
@@ -672,7 +672,7 @@ discard block |
||
| 672 | 672 | // IP addresses for the hosts |
| 673 | 673 | if ($naptr > 0 && $naptr_valid == \core\diag\RADIUSTests::RETVAL_OK && $srv > 0) { |
| 674 | 674 | $hosts = $rfc7585suite->relevantNAPTRhostnameResolution(); |
| 675 | - echo "<tr><td>" . _("Checking IP address resolution:") . "</td><td>"; |
|
| 675 | + echo "<tr><td>"._("Checking IP address resolution:")."</td><td>"; |
|
| 676 | 676 | switch ($srv) { |
| 677 | 677 | case \core\diag\RADIUSTests::RETVAL_SKIPPED: |
| 678 | 678 | echo _("This check was skipped."); |
@@ -689,12 +689,12 @@ discard block |
||
| 689 | 689 | echo "</table><br/>"; |
| 690 | 690 | if ($dynType == "") { |
| 691 | 691 | if (count($testsuite->listerrors()) == 0) { |
| 692 | - echo sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC"))) . _("with no DNS errors encountered. Congratulations!"); |
|
| 692 | + echo sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC")))._("with no DNS errors encountered. Congratulations!"); |
|
| 693 | 693 | } else { |
| 694 | - echo sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC"))) . _("but there were DNS errors! Check them!") . " " . _("You should re-run the tests after fixing the errors; more errors might be uncovered at that point. The exact error causes are listed below."); |
|
| 694 | + echo sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC")))._("but there were DNS errors! Check them!")." "._("You should re-run the tests after fixing the errors; more errors might be uncovered at that point. The exact error causes are listed below."); |
|
| 695 | 695 | echo "<div class='notacceptable'><table>"; |
| 696 | 696 | foreach ($testsuite->listerrors() as $details) { |
| 697 | - echo "<tr><td>" . $details['TYPE'] . "</td><td>" . $details['TARGET'] . "</td></tr>"; |
|
| 697 | + echo "<tr><td>".$details['TYPE']."</td><td>".$details['TARGET']."</td></tr>"; |
|
| 698 | 698 | } |
| 699 | 699 | echo "</table></div>"; |
| 700 | 700 | } |
@@ -713,7 +713,7 @@ discard block |
||
| 713 | 713 | $("#dynamic_tests").show(); |
| 714 | 714 | '; |
| 715 | 715 | foreach ($rfc7585suite->NAPTR_hostname_records as $hostindex => $addr) { |
| 716 | - $host = ($addr['family'] == "IPv6" ? "[" : "") . $addr['IP'] . ($addr['family'] == "IPv6" ? "]" : "") . ":" . $addr['port']; |
|
| 716 | + $host = ($addr['family'] == "IPv6" ? "[" : "").$addr['IP'].($addr['family'] == "IPv6" ? "]" : "").":".$addr['port']; |
|
| 717 | 717 | $expectedName = $addr['hostname']; |
| 718 | 718 | $ssltest = 1; |
| 719 | 719 | if (isset($addr['unavailable']) && $addr['unavailable']) { |
@@ -722,9 +722,9 @@ discard block |
||
| 722 | 722 | //$rfc6614suite = new \core\diag\RFC6614Tests([$host], $expectedName, $consortiumName); |
| 723 | 723 | print " |
| 724 | 724 | running_ajax_dyn++; |
| 725 | - $.ajax({url:'radius_tests.php', timeout: ajax_timeout, data:{test_type: 'capath', realm: realm, src: '$host', lang: '" . $gui->languageInstance->getLang() . "', hostindex: '$hostindex', expectedname: '$expectedName', ssltest: $ssltest }, hostindex: '$hostindex', error: error_handler, success: capath, dataType: 'json'}); |
|
| 725 | + $.ajax({url:'radius_tests.php', timeout: ajax_timeout, data:{test_type: 'capath', realm: realm, src: '$host', lang: '".$gui->languageInstance->getLang()."', hostindex: '$hostindex', expectedname: '$expectedName', ssltest: $ssltest }, hostindex: '$hostindex', error: error_handler, success: capath, dataType: 'json'}); |
|
| 726 | 726 | running_ajax_dyn++; |
| 727 | - $.ajax({url:'radius_tests.php', timeout: ajax_timeout, data:{test_type: 'clients', realm: realm, src: '$host', lang: '" . $gui->languageInstance->getLang() . "', hostindex: '$hostindex', ssltest: $ssltest }, hostindex: '$hostindex', error: error_handler, success: clients, dataType: 'json'}); |
|
| 727 | + $.ajax({url:'radius_tests.php', timeout: ajax_timeout, data:{test_type: 'clients', realm: realm, src: '$host', lang: '".$gui->languageInstance->getLang()."', hostindex: '$hostindex', ssltest: $ssltest }, hostindex: '$hostindex', error: error_handler, success: clients, dataType: 'json'}); |
|
| 728 | 728 | "; |
| 729 | 729 | } |
| 730 | 730 | echo "} |
@@ -740,11 +740,11 @@ discard block |
||
| 740 | 740 | $("#openroaming_tests").show(); |
| 741 | 741 | '; |
| 742 | 742 | foreach ($rfc7585suite->NAPTR_hostname_records as $hostindex => $addr) { |
| 743 | - $host = ($addr['family'] == "IPv6" ? "[" : "") . $addr['IP'] . ($addr['family'] == "IPv6" ? "]" : "") . ":" . $addr['port']; |
|
| 743 | + $host = ($addr['family'] == "IPv6" ? "[" : "").$addr['IP'].($addr['family'] == "IPv6" ? "]" : "").":".$addr['port']; |
|
| 744 | 744 | $expectedName = $addr['hostname']; |
| 745 | 745 | print " |
| 746 | 746 | running_ajax_openroaming++; |
| 747 | - $.ajax({url:'radius_tests.php', timeout: ajax_timeout, data:{test_type: 'openroamingcapath', realm: realm, src: '$host', lang: '" . $gui->languageInstance->getLang() . "', hostindex: '$hostindex', expectedname: '$expectedName', ssltest: $ssltest, protocols: '$protstr' }, hostindex: '$hostindex', openroaming: true, error: error_handler, success: capath, dataType: 'json'}); |
|
| 747 | + $.ajax({url:'radius_tests.php', timeout: ajax_timeout, data:{test_type: 'openroamingcapath', realm: realm, src: '$host', lang: '".$gui->languageInstance->getLang()."', hostindex: '$hostindex', expectedname: '$expectedName', ssltest: $ssltest, protocols: '$protstr' }, hostindex: '$hostindex', openroaming: true, error: error_handler, success: capath, dataType: 'json'}); |
|
| 748 | 748 | "; |
| 749 | 749 | } |
| 750 | 750 | echo "} |
@@ -757,18 +757,18 @@ discard block |
||
| 757 | 757 | $naptrs[1] = $naptr; |
| 758 | 758 | } |
| 759 | 759 | } |
| 760 | - echo "<strong>" . _("Static connectivity tests") . "</strong> |
|
| 760 | + echo "<strong>"._("Static connectivity tests")."</strong> |
|
| 761 | 761 | <table><tr> |
| 762 | 762 | <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='main_static_ico' class='icon'></td><td id='main_static_result' style='display:none'> </td> |
| 763 | 763 | </tr></table>"; |
| 764 | 764 | if ($naptrs[0] > 0) { |
| 765 | - echo "<hr><strong>" . _("Dynamic connectivity tests") . "</strong> |
|
| 765 | + echo "<hr><strong>"._("Dynamic connectivity tests")."</strong> |
|
| 766 | 766 | <table><tr> |
| 767 | 767 | <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='main_dynamic_ico' class='icon'></td><td id='main_dynamic_result' style='display:none'> </td> |
| 768 | 768 | </tr></table>"; |
| 769 | 769 | } |
| 770 | 770 | if (isset($orrealm) && count($orrealm) && ($naptrs[1] > 0)) { |
| 771 | - echo "<hr><strong>" . _("OpenRoaming connectivity tests") . "</strong> |
|
| 771 | + echo "<hr><strong>"._("OpenRoaming connectivity tests")."</strong> |
|
| 772 | 772 | <table><tr> |
| 773 | 773 | <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='main_openroaming_ico' class='icon'></td><td id='main_openroaming_result' style='display:none'> </td> |
| 774 | 774 | </tr></table>"; |
@@ -788,12 +788,12 @@ discard block |
||
| 788 | 788 | print "<p>"; |
| 789 | 789 | foreach (\config\Diagnostics::RADIUSTESTS['UDP-hosts'] as $hostindex => $host) { |
| 790 | 790 | print "<hr>"; |
| 791 | - printf(_("Testing from: %s"), "<strong>" . \config\Diagnostics::RADIUSTESTS['UDP-hosts'][$hostindex]['display_name'] . "</strong>"); |
|
| 791 | + printf(_("Testing from: %s"), "<strong>".\config\Diagnostics::RADIUSTESTS['UDP-hosts'][$hostindex]['display_name']."</strong>"); |
|
| 792 | 792 | print "<table id='results$hostindex' style='width:100%' class='udp_results'> |
| 793 | 793 | <tr> |
| 794 | -<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='src" . $hostindex . "_img'></td> |
|
| 794 | +<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='src".$hostindex."_img'></td> |
|
| 795 | 795 | <td id='src$hostindex' colspan=2> |
| 796 | -" . _("testing...") . " |
|
| 796 | +"._("testing...")." |
|
| 797 | 797 | </td> |
| 798 | 798 | </tr> |
| 799 | 799 | </table>"; |
@@ -804,7 +804,7 @@ discard block |
||
| 804 | 804 | |
| 805 | 805 | </div> |
| 806 | 806 | <?php |
| 807 | - for ($i=3; $i<5; $i++) { |
|
| 807 | + for ($i = 3; $i < 5; $i++) { |
|
| 808 | 808 | if ($i == 3 && $naptrs[0] <= 0) { |
| 809 | 809 | continue; |
| 810 | 810 | } |
@@ -819,15 +819,15 @@ discard block |
||
| 819 | 819 | $rfc7585suite = $dnsChecksOR; |
| 820 | 820 | } |
| 821 | 821 | ?> |
| 822 | - <div id="tabs-<?php echo $i;?>"> |
|
| 823 | - <button id="run_<?php if ($i==3) echo 'd'; else echo 'o';?>_tests"; onclick="run_<?php if ($i==3) echo 'dynamic'; else echo 'openroaming';?>()"><?php if ($i==3) echo _("Repeat dynamic connectivity tests"); else echo _("Repeat OpenRoaming connectivity tests");?></button> |
|
| 822 | + <div id="tabs-<?php echo $i; ?>"> |
|
| 823 | + <button id="run_<?php if ($i == 3) echo 'd'; else echo 'o'; ?>_tests"; onclick="run_<?php if ($i == 3) echo 'dynamic'; else echo 'openroaming'; ?>()"><?php if ($i == 3) echo _("Repeat dynamic connectivity tests"); else echo _("Repeat OpenRoaming connectivity tests"); ?></button> |
|
| 824 | 824 | |
| 825 | 825 | <?php |
| 826 | 826 | echo "<div id='"; |
| 827 | - if ($i==3) { echo 'dynamic'; } else { echo 'openroaming'; } |
|
| 827 | + if ($i == 3) { echo 'dynamic'; } else { echo 'openroaming'; } |
|
| 828 | 828 | echo "_tests'><fieldset class='option_container'> |
| 829 | 829 | <legend><strong>"; |
| 830 | - if ($i==3) { |
|
| 830 | + if ($i == 3) { |
|
| 831 | 831 | echo _("DYNAMIC connectivity tests"); |
| 832 | 832 | } else { |
| 833 | 833 | echo _("OpenRoaming connectivity tests"); |
@@ -841,11 +841,11 @@ discard block |
||
| 841 | 841 | } |
| 842 | 842 | $resultstoprint = []; |
| 843 | 843 | if (count($rfc7585suite->NAPTR_hostname_records) > 0) { |
| 844 | - $resultstoprint[] = '<div style="align:'.$end.'; display: none;" id="' . $prefix1 . '_result_fail">' . _("Some errors were found during the tests, see below") . '</div><div style="align:'.$end.'; display: none;" id="' . $prefix1 . '_result_pass">' . _("All tests passed, congratulations!") . '</div>'; |
|
| 845 | - $resultstoprint[] = '<div style="align:'.$end.';"><a href="" class="moreall">' . _('Show detailed information for all tests') . '</a></div>' . '<p><strong>' . _("Checking server handshake...") . "</strong><p>"; |
|
| 844 | + $resultstoprint[] = '<div style="align:'.$end.'; display: none;" id="'.$prefix1.'_result_fail">'._("Some errors were found during the tests, see below").'</div><div style="align:'.$end.'; display: none;" id="'.$prefix1.'_result_pass">'._("All tests passed, congratulations!").'</div>'; |
|
| 845 | + $resultstoprint[] = '<div style="align:'.$end.';"><a href="" class="moreall">'._('Show detailed information for all tests').'</a></div>'.'<p><strong>'._("Checking server handshake...")."</strong><p>"; |
|
| 846 | 846 | foreach ($rfc7585suite->NAPTR_hostname_records as $hostindex => $addr) { |
| 847 | - $bracketaddr = ($addr["family"] == "IPv6" ? "[" . $addr["IP"] . "]" : $addr["IP"]); |
|
| 848 | - $resultstoprint[] = '<p><strong>' . $bracketaddr . ' TCP/' . $addr['port'] . '</strong> (' . $addr['hostname'] . ')'; |
|
| 847 | + $bracketaddr = ($addr["family"] == "IPv6" ? "[".$addr["IP"]."]" : $addr["IP"]); |
|
| 848 | + $resultstoprint[] = '<p><strong>'.$bracketaddr.' TCP/'.$addr['port'].'</strong> ('.$addr['hostname'].')'; |
|
| 849 | 849 | $prots = []; |
| 850 | 850 | if (isset($addr['protocols'])) { |
| 851 | 851 | foreach ($addr['protocols'] as $protocol) { |
@@ -855,18 +855,18 @@ discard block |
||
| 855 | 855 | } |
| 856 | 856 | } |
| 857 | 857 | if (!empty($prots)) { |
| 858 | - $resultstoprint[] = ' ' . _("supported TLS protocols: "); |
|
| 858 | + $resultstoprint[] = ' '._("supported TLS protocols: "); |
|
| 859 | 859 | $resultstoprint[] = implode(', ', $prots); |
| 860 | 860 | if (!isset($addr['istls13']) || !$addr['istls13']) { |
| 861 | - $resultstoprint[] = ' ' . '<font color="red">' . _("not supported: ") . 'TLS1.3</font>'; |
|
| 861 | + $resultstoprint[] = ' '.'<font color="red">'._("not supported: ").'TLS1.3</font>'; |
|
| 862 | 862 | } |
| 863 | 863 | } |
| 864 | 864 | $resultstoprint[] = '<ul style="list-style-type: none;" class="caresult"><li>'; |
| 865 | - $resultstoprint[] = "<table id='" . $prefix2 . "caresults$hostindex' style='width:100%'> |
|
| 865 | + $resultstoprint[] = "<table id='".$prefix2."caresults$hostindex' style='width:100%'> |
|
| 866 | 866 | <tr> |
| 867 | -<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='" . $prefix2 . "srcca$hostindex" . "_img'></td> |
|
| 868 | -<td id='" . $prefix2 . "srcca$hostindex'> |
|
| 869 | -" . _("testing...") . " |
|
| 867 | +<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='".$prefix2."srcca$hostindex"."_img'></td> |
|
| 868 | +<td id='" . $prefix2."srcca$hostindex'> |
|
| 869 | +"._("testing...")." |
|
| 870 | 870 | </td> |
| 871 | 871 | </tr> |
| 872 | 872 | </table>"; |
@@ -874,26 +874,26 @@ discard block |
||
| 874 | 874 | } |
| 875 | 875 | $clientstest = []; |
| 876 | 876 | foreach ($rfc7585suite->NAPTR_hostname_records as $hostindex => $addr) { |
| 877 | - $clientstest[] = '<p><strong>' . $addr['IP'] . ' TCP/' . $addr['port'] . '</strong></p><ol>'; |
|
| 878 | - $clientstest[] = "<span id='" . $prefix2 . "clientresults$hostindex'><table style='width:100%'> |
|
| 877 | + $clientstest[] = '<p><strong>'.$addr['IP'].' TCP/'.$addr['port'].'</strong></p><ol>'; |
|
| 878 | + $clientstest[] = "<span id='".$prefix2."clientresults$hostindex'><table style='width:100%'> |
|
| 879 | 879 | <tr> |
| 880 | 880 | <td class='icon_td'>"; |
| 881 | - if ($i == 4 ) { |
|
| 881 | + if ($i == 4) { |
|
| 882 | 882 | $clientstest[] = "<!--"; |
| 883 | 883 | } |
| 884 | - $clientstest[] = "<img src='../resources/images/icons/loading51.gif' id='" . $prefix2 . "srcclient$hostindex" . "_img'></td> |
|
| 885 | -<td id='" . $prefix2 . "srcclient$hostindex'> |
|
| 886 | -" . _("testing..."); |
|
| 884 | + $clientstest[] = "<img src='../resources/images/icons/loading51.gif' id='".$prefix2."srcclient$hostindex"."_img'></td> |
|
| 885 | +<td id='" . $prefix2."srcclient$hostindex'> |
|
| 886 | +"._("testing..."); |
|
| 887 | 887 | |
| 888 | - if ($i == 4 ) { |
|
| 889 | - $clientstest[] = "-->" . _("not implemented yet"); |
|
| 888 | + if ($i == 4) { |
|
| 889 | + $clientstest[] = "-->"._("not implemented yet"); |
|
| 890 | 890 | } |
| 891 | 891 | $clientstest[] = "</td></tr></table></span>"; |
| 892 | 892 | $clientstest[] = '</ol>'; |
| 893 | 893 | } |
| 894 | 894 | echo '<div style="align:'.$end.';">'; |
| 895 | 895 | echo join('', $resultstoprint); |
| 896 | - echo '<span id="' . $prefix2 . 'clientstest" style="display: none;"><p><hr><b>' . _('Checking if certificates from CAs are accepted...') . '</b><p>' . _('A few client certificates will be tested to check if servers are resistant to some certificate problems.') . '<p>'; |
|
| 896 | + echo '<span id="'.$prefix2.'clientstest" style="display: none;"><p><hr><b>'._('Checking if certificates from CAs are accepted...').'</b><p>'._('A few client certificates will be tested to check if servers are resistant to some certificate problems.').'<p>'; |
|
| 897 | 897 | print join('', $clientstest); |
| 898 | 898 | echo '</span>'; |
| 899 | 899 | echo '</div>'; |
@@ -907,7 +907,7 @@ discard block |
||
| 907 | 907 | // check if truncates/dies on Operator-Name |
| 908 | 908 | if ($my_profile !== NULL) { |
| 909 | 909 | echo "<div id='tabs-n'><fieldset class='option_container'> |
| 910 | - <legend><strong>" . _("Live login test") . "</strong></legend>"; |
|
| 910 | + <legend><strong>" . _("Live login test")."</strong></legend>"; |
|
| 911 | 911 | $prof_compl = $my_profile->getEapMethodsinOrderOfPreference(1); |
| 912 | 912 | if (count($prof_compl) > 0) { |
| 913 | 913 | $passwordReqired = FALSE; |
@@ -920,34 +920,34 @@ discard block |
||
| 920 | 920 | $clientCertRequired = TRUE; |
| 921 | 921 | } |
| 922 | 922 | } |
| 923 | - echo "<div id='disposable_credential_container'><p>" . _("If you enter an existing login credential here, you can test the actual authentication from various checkpoints all over the world.") . "</p> |
|
| 924 | - <p>" . _("The test will use all EAP types you have set in your profile information to check whether the right CAs and server names are used, and of course whether the login with these credentials and the given EAP type actually worked. If you have set anonymous outer ID, the test will use that.") . "</p> |
|
| 925 | - <p>" . _("Note: the tool purposefully does not offer you to save these credentials, and they will never be saved in any way on the server side. Please use only <strong>temporary test accounts</strong> here; permanently valid test accounts in the wild are considered harmful!") . "</p></div> |
|
| 923 | + echo "<div id='disposable_credential_container'><p>"._("If you enter an existing login credential here, you can test the actual authentication from various checkpoints all over the world.")."</p> |
|
| 924 | + <p>" . _("The test will use all EAP types you have set in your profile information to check whether the right CAs and server names are used, and of course whether the login with these credentials and the given EAP type actually worked. If you have set anonymous outer ID, the test will use that.")."</p> |
|
| 925 | + <p>" . _("Note: the tool purposefully does not offer you to save these credentials, and they will never be saved in any way on the server side. Please use only <strong>temporary test accounts</strong> here; permanently valid test accounts in the wild are considered harmful!")."</p></div> |
|
| 926 | 926 | <form enctype='multipart/form-data' id='live_form' accept-charset='UTF-8'> |
| 927 | 927 | <input type='hidden' name='test_type' value='udp_login'> |
| 928 | - <input type='hidden' name='lang' value='" . $gui->languageInstance->getLang() . "'> |
|
| 929 | - <input type='hidden' name='profile_id' value='" . $my_profile->identifier . "'> |
|
| 928 | + <input type='hidden' name='lang' value='" . $gui->languageInstance->getLang()."'> |
|
| 929 | + <input type='hidden' name='profile_id' value='" . $my_profile->identifier."'> |
|
| 930 | 930 | <table id='live_tests'>"; |
| 931 | 931 | // if any password based EAP methods are available enable this section |
| 932 | 932 | if ($passwordReqired) { |
| 933 | - echo "<tr><td colspan='2'><strong>" . _("Password-based EAP types") . "</strong></td></tr> |
|
| 934 | - <tr><td>" . _("Real (inner) username:") . "</td><td><input type='text' id='username' class='mandatory' name='username'/></td></tr>"; |
|
| 935 | - echo "<tr><td>" . _("Anonymous outer ID (optional):") . "</td><td><input type='text' id='outer_username' name='outer_username'/></td></tr>"; |
|
| 936 | - echo "<tr><td>" . _("Password:") . "</td><td><input type='text' id='password' class='mandatory' name='password'/></td></tr>"; |
|
| 933 | + echo "<tr><td colspan='2'><strong>"._("Password-based EAP types")."</strong></td></tr> |
|
| 934 | + <tr><td>" . _("Real (inner) username:")."</td><td><input type='text' id='username' class='mandatory' name='username'/></td></tr>"; |
|
| 935 | + echo "<tr><td>"._("Anonymous outer ID (optional):")."</td><td><input type='text' id='outer_username' name='outer_username'/></td></tr>"; |
|
| 936 | + echo "<tr><td>"._("Password:")."</td><td><input type='text' id='password' class='mandatory' name='password'/></td></tr>"; |
|
| 937 | 937 | } |
| 938 | 938 | // ask for cert + privkey if TLS-based method is active |
| 939 | 939 | if ($clientCertRequired) { |
| 940 | - echo "<tr><td colspan='2'><strong>" . _("Certificate-based EAP types") . "</strong></td></tr> |
|
| 941 | - <tr><td>" . _("Certificate file (.p12 or .pfx):") . "</td><td><input type='file' id='cert' accept='application/x-pkcs12' name='cert'/></td></tr> |
|
| 942 | - <tr><td>" . _("Certificate password, if any:") . "</td><td><input type='text' id='privkey' name='privkey_pass'/></td></tr> |
|
| 943 | - <tr><td>" . _("Username, if different from certificate Subject:") . "</td><td><input type='text' id='tls_username' name='tls_username'/></td></tr>"; |
|
| 940 | + echo "<tr><td colspan='2'><strong>"._("Certificate-based EAP types")."</strong></td></tr> |
|
| 941 | + <tr><td>" . _("Certificate file (.p12 or .pfx):")."</td><td><input type='file' id='cert' accept='application/x-pkcs12' name='cert'/></td></tr> |
|
| 942 | + <tr><td>" . _("Certificate password, if any:")."</td><td><input type='text' id='privkey' name='privkey_pass'/></td></tr> |
|
| 943 | + <tr><td>" . _("Username, if different from certificate Subject:")."</td><td><input type='text' id='tls_username' name='tls_username'/></td></tr>"; |
|
| 944 | 944 | } |
| 945 | - echo "<tr><td colspan='2'><button id='submit_credentials'>" . _("Submit credentials") . "</button></td></tr></table></form>"; |
|
| 945 | + echo "<tr><td colspan='2'><button id='submit_credentials'>"._("Submit credentials")."</button></td></tr></table></form>"; |
|
| 946 | 946 | echo "<div id='live_login_results' style='display:none'>"; |
| 947 | 947 | foreach (\config\Diagnostics::RADIUSTESTS['UDP-hosts'] as $hostindex => $host) { |
| 948 | 948 | print "<hr>"; |
| 949 | - printf(_("Testing from: %s"), "<strong>" . \config\Diagnostics::RADIUSTESTS['UDP-hosts'][$hostindex]['display_name'] . "</strong>"); |
|
| 950 | - print "<span style='position:relative'><img src='../resources/images/icons/loading51.gif' id='live_src" . $hostindex . "_img' style='width:24px; position: absolute; $start: 20px; bottom: 0px; '></span>"; |
|
| 949 | + printf(_("Testing from: %s"), "<strong>".\config\Diagnostics::RADIUSTESTS['UDP-hosts'][$hostindex]['display_name']."</strong>"); |
|
| 950 | + print "<span style='position:relative'><img src='../resources/images/icons/loading51.gif' id='live_src".$hostindex."_img' style='width:24px; position: absolute; $start: 20px; bottom: 0px; '></span>"; |
|
| 951 | 951 | print "<div id='eap_test$hostindex' class='eap_test_results'></div>"; |
| 952 | 952 | } |
| 953 | 953 | echo "</div>"; |
@@ -962,9 +962,9 @@ discard block |
||
| 962 | 962 | } |
| 963 | 963 | |
| 964 | 964 | if (isset($_POST['comefrom'])) { |
| 965 | - $return = htmlspecialchars_decode($_POST['comefrom']) . ( $inst_id ? "?inst_id=" . $inst_id : "" ); |
|
| 965 | + $return = htmlspecialchars_decode($_POST['comefrom']).($inst_id ? "?inst_id=".$inst_id : ""); |
|
| 966 | 966 | echo "<form method='post' action='$return' accept-charset='UTF-8'> |
| 967 | - <button type='submit' name='submitbutton' value='" . web\lib\common\FormElements::BUTTON_CLOSE . "'>" . sprintf(_("Return to %s administrator area"), core\common\Entity::$nomenclature_idp) . "</button>" |
|
| 967 | + <button type='submit' name='submitbutton' value='".web\lib\common\FormElements::BUTTON_CLOSE."'>".sprintf(_("Return to %s administrator area"), core\common\Entity::$nomenclature_idp)."</button>" |
|
| 968 | 968 | . "</form>"; |
| 969 | 969 | } |
| 970 | 970 | if ($check_realm !== FALSE) { |
@@ -62,7 +62,7 @@ |
||
| 62 | 62 | they are from the same user group. You are not allowed to share them to an unlimited |
| 63 | 63 | audience (e.g. on a publicly accessible web server).</li> |
| 64 | 64 | <li>If You are an eduroam Identity Provider administrator, you are allowed to download and pass on the Installers to |
| 65 | -your own <?php echo \config\ConfAssistant::CONSORTIUM['nomenclature_idp'];?> end users, e.g. on the support web pages of your <?php echo \config\ConfAssistant::CONSORTIUM['nomenclature_idp'];?>, on Welcome Package CDs or USB sticks, etc.</li> |
|
| 65 | +your own <?php echo \config\ConfAssistant::CONSORTIUM['nomenclature_idp']; ?> end users, e.g. on the support web pages of your <?php echo \config\ConfAssistant::CONSORTIUM['nomenclature_idp']; ?>, on Welcome Package CDs or USB sticks, etc.</li> |
|
| 66 | 66 | <li>If You are a third-party not affiliated with eduroam, you are only allowed to download and pass on |
| 67 | 67 | the Metadata and/or the Installers after having received written permission by the eduroam Operations team.</li> |
| 68 | 68 | </ul> |
@@ -522,7 +522,7 @@ discard block |
||
| 522 | 522 | if ( |
| 523 | 523 | get_class($this) == "devices\apple_mobileconfig\DeviceMobileconfigIos12plus" || |
| 524 | 524 | get_class($this) == "devices\apple_mobileconfig\DeviceMobileconfigOsX" |
| 525 | - ) { |
|
| 525 | + ) { |
|
| 526 | 526 | return "WPA2"; |
| 527 | 527 | } else { |
| 528 | 528 | return "WPA"; |
@@ -809,7 +809,7 @@ discard block |
||
| 809 | 809 | \core\common\Entity::$nomenclature_idp, |
| 810 | 810 | count($this->CAsAccountedFor)+1, |
| 811 | 811 | ($ca['root'] ? _("Root") : _("Intermediate"))) . |
| 812 | - "</string> |
|
| 812 | + "</string> |
|
| 813 | 813 | <key>PayloadIdentifier</key> |
| 814 | 814 | <string>" . self::IPHONE_PAYLOAD_PREFIX . ".$this->massagedConsortium.$this->massagedCountry.$this->massagedInst.$this->massagedProfile.credential.$this->caSerial</string> |
| 815 | 815 | <key>PayloadOrganization</key> |
@@ -145,7 +145,7 @@ discard block |
||
| 145 | 145 | \core\common\Entity::intoThePotatoes(); |
| 146 | 146 | // that's what all variants support. Sub-classes can change it. |
| 147 | 147 | $this->setSupportedEapMethods([\core\common\EAP::EAPTYPE_PEAP_MSCHAP2, \core\common\EAP::EAPTYPE_TTLS_PAP, \core\common\EAP::EAPTYPE_TTLS_MSCHAP2, \core\common\EAP::EAPTYPE_SILVERBULLET]); |
| 148 | - foreach(\core\common\EAP::listKnownEAPTypes() as $eapType) { |
|
| 148 | + foreach (\core\common\EAP::listKnownEAPTypes() as $eapType) { |
|
| 149 | 149 | if ($eapType->isPasswordRequired() || $eapType->isPasswordOptional()) { |
| 150 | 150 | $this->specialities['internal:verify_userinput_suffix'][serialize($eapType->getArrayRep())] = _("It is not possible to actively verify the user input for suffix match; but if there is no 'Terms of Use' configured, the installer will display a corresponding hint to the user instead."); |
| 151 | 151 | $this->specialities['media:consortium_OI'][serialize($eapType->getArrayRep())] = _("Passpoint networks are not provisioned due to severe UI limitations during install time."); |
@@ -184,15 +184,15 @@ discard block |
||
| 184 | 184 | <key>PayloadDescription</key> |
| 185 | 185 | <string>$tagline</string> |
| 186 | 186 | <key>PayloadDisplayName</key> |
| 187 | - <string>" . \config\ConfAssistant::CONSORTIUM['display_name'] . "</string> |
|
| 187 | + <string>".\config\ConfAssistant::CONSORTIUM['display_name']."</string> |
|
| 188 | 188 | <key>PayloadIdentifier</key> |
| 189 | - <string>" . self::IPHONE_PAYLOAD_PREFIX . ".$this->massagedConsortium.$this->massagedCountry.$this->massagedInst.$this->massagedProfile.$this->lang</string> |
|
| 189 | + <string>" . self::IPHONE_PAYLOAD_PREFIX.".$this->massagedConsortium.$this->massagedCountry.$this->massagedInst.$this->massagedProfile.$this->lang</string> |
|
| 190 | 190 | <key>PayloadOrganization</key> |
| 191 | - <string>" . htmlspecialchars(iconv("UTF-8", "UTF-8//IGNORE", $this->attributes['general:instname'][0]), ENT_XML1, 'UTF-8') . ( $this->attributes['internal:profile_count'][0] > 1 ? " (" . htmlspecialchars(iconv("UTF-8", "UTF-8//IGNORE", $this->attributes['profile:name'][0]), ENT_XML1, 'UTF-8') . ")" : "") . "</string> |
|
| 191 | + <string>".htmlspecialchars(iconv("UTF-8", "UTF-8//IGNORE", $this->attributes['general:instname'][0]), ENT_XML1, 'UTF-8').($this->attributes['internal:profile_count'][0] > 1 ? " (".htmlspecialchars(iconv("UTF-8", "UTF-8//IGNORE", $this->attributes['profile:name'][0]), ENT_XML1, 'UTF-8').")" : "")."</string> |
|
| 192 | 192 | <key>PayloadType</key> |
| 193 | 193 | <string>Configuration</string> |
| 194 | 194 | <key>PayloadUUID</key> |
| 195 | - <string>" . \core\common\Entity::uuid('', self::IPHONE_PAYLOAD_PREFIX . $this->massagedConsortium . $this->massagedCountry . $this->massagedInst . $this->massagedProfile) . "</string> |
|
| 195 | + <string>" . \core\common\Entity::uuid('', self::IPHONE_PAYLOAD_PREFIX.$this->massagedConsortium.$this->massagedCountry.$this->massagedInst.$this->massagedProfile)."</string> |
|
| 196 | 196 | <key>PayloadVersion</key> |
| 197 | 197 | <integer>1</integer>"; |
| 198 | 198 | \core\common\Entity::outOfThePotatoes(); |
@@ -224,21 +224,21 @@ discard block |
||
| 224 | 224 | { |
| 225 | 225 | \core\common\Entity::intoThePotatoes(); |
| 226 | 226 | if (isset($this->attributes['support:info_file'])) { |
| 227 | - return MobileconfigSuperclass::BUFFER_CONSENT_PRE . htmlspecialchars(iconv("UTF-8", "UTF-8//TRANSLIT", $this->attributes['support:info_file'][0]), ENT_XML1, 'UTF-8') . MobileconfigSuperclass::BUFFER_CONSENT_POST; |
|
| 227 | + return MobileconfigSuperclass::BUFFER_CONSENT_PRE.htmlspecialchars(iconv("UTF-8", "UTF-8//TRANSLIT", $this->attributes['support:info_file'][0]), ENT_XML1, 'UTF-8').MobileconfigSuperclass::BUFFER_CONSENT_POST; |
|
| 228 | 228 | } |
| 229 | 229 | if ($this->attributes['internal:verify_userinput_suffix'][0] != 0) { |
| 230 | 230 | if ($this->attributes['internal:hint_userinput_suffix'][0] != 0) { |
| 231 | - $retval = MobileconfigSuperclass::BUFFER_CONSENT_PRE . sprintf(_("Important Notice: your username MUST end exactly with '...@%s' !"), $this->attributes['internal:realm'][0]) . MobileconfigSuperclass::BUFFER_CONSENT_POST; |
|
| 231 | + $retval = MobileconfigSuperclass::BUFFER_CONSENT_PRE.sprintf(_("Important Notice: your username MUST end exactly with '...@%s' !"), $this->attributes['internal:realm'][0]).MobileconfigSuperclass::BUFFER_CONSENT_POST; |
|
| 232 | 232 | \core\common\Entity::outOfThePotatoes(); |
| 233 | 233 | return $retval; |
| 234 | 234 | } else { |
| 235 | 235 | if (strlen($this->attributes['internal:realm'][0]) > 0) { |
| 236 | 236 | /// note space between variable and exclamation mark - makes sure users don't mistakenly think the exclamation mark is part of the required username! |
| 237 | - $retval = MobileconfigSuperclass::BUFFER_CONSENT_PRE . sprintf(_("Important Notice: your username MUST contain an '@' and end with ...%s !"), $this->attributes['internal:realm'][0]) . MobileconfigSuperclass::BUFFER_CONSENT_POST; |
|
| 237 | + $retval = MobileconfigSuperclass::BUFFER_CONSENT_PRE.sprintf(_("Important Notice: your username MUST contain an '@' and end with ...%s !"), $this->attributes['internal:realm'][0]).MobileconfigSuperclass::BUFFER_CONSENT_POST; |
|
| 238 | 238 | \core\common\Entity::outOfThePotatoes(); |
| 239 | 239 | return $retval; |
| 240 | 240 | } |
| 241 | - $retval = MobileconfigSuperclass::BUFFER_CONSENT_PRE . _("Important Notice: your username MUST be in the form of xxx@yyy where the yyy is a common suffix identifying your Identity Provider. Please find out what to use there and enter the username in the correct format.") . MobileconfigSuperclass::BUFFER_CONSENT_POST; |
|
| 241 | + $retval = MobileconfigSuperclass::BUFFER_CONSENT_PRE._("Important Notice: your username MUST be in the form of xxx@yyy where the yyy is a common suffix identifying your Identity Provider. Please find out what to use there and enter the username in the correct format.").MobileconfigSuperclass::BUFFER_CONSENT_POST; |
|
| 242 | 242 | \core\common\Entity::outOfThePotatoes(); |
| 243 | 243 | return $retval; |
| 244 | 244 | } |
@@ -262,7 +262,7 @@ discard block |
||
| 262 | 262 | // also escape htmlspecialchars |
| 263 | 263 | // not all names and profiles have a name, so be prepared |
| 264 | 264 | |
| 265 | - $this->loggerInstance->debug(5, "List of available attributes: " . var_export($this->attributes, TRUE)); |
|
| 265 | + $this->loggerInstance->debug(5, "List of available attributes: ".var_export($this->attributes, TRUE)); |
|
| 266 | 266 | |
| 267 | 267 | $this->instName = $this->attributes['general:instname'][0] ?? _("Unnamed Organisation"); |
| 268 | 268 | $this->profileName = $this->attributes['profile:name'][0] ?? _("Unnamed Profile"); |
@@ -304,7 +304,7 @@ discard block |
||
| 304 | 304 | |
| 305 | 305 | file_put_contents('installer_profile', $outputXml); |
| 306 | 306 | |
| 307 | - $fileName = $this->installerBasename . '.mobileconfig'; |
|
| 307 | + $fileName = $this->installerBasename.'.mobileconfig'; |
|
| 308 | 308 | |
| 309 | 309 | if (!$this->sign) { |
| 310 | 310 | rename("installer_profile", $fileName); |
@@ -313,7 +313,7 @@ discard block |
||
| 313 | 313 | } |
| 314 | 314 | // still here? Then we are signing. |
| 315 | 315 | $retval = 0; |
| 316 | - $signing = system($this->sign . " installer_profile '$fileName' > /dev/null", $retval); |
|
| 316 | + $signing = system($this->sign." installer_profile '$fileName' > /dev/null", $retval); |
|
| 317 | 317 | if ($retval !== 0 || $signing === FALSE) { |
| 318 | 318 | $this->loggerInstance->debug(2, "Signing the mobileconfig installer $fileName FAILED!\n"); |
| 319 | 319 | // we are passing a name that will be then used as a path - this will not exist, hence an error will |
@@ -340,19 +340,19 @@ discard block |
||
| 340 | 340 | $oiCount = $oiCount + count($netDetail['oi']); |
| 341 | 341 | } |
| 342 | 342 | $certCount = count($this->attributes['internal:CAs'][0]); |
| 343 | - $out = "<p>" . _("For best results, please use the built-in browser (Safari) to open the configuration file.") . "</p>"; |
|
| 343 | + $out = "<p>"._("For best results, please use the built-in browser (Safari) to open the configuration file.")."</p>"; |
|
| 344 | 344 | $out .= "<p>"; |
| 345 | 345 | $out .= _("The profile will install itself after you click (or tap) the button. You will be asked for confirmation/input at several points:"); |
| 346 | 346 | $out .= "<ul>"; |
| 347 | - $out .= "<li>" . _("to install the profile") . "</li>"; |
|
| 348 | - $out .= "<li>" . ngettext("to accept the server certificate authority", "to accept the server certificate authorities", $certCount); |
|
| 347 | + $out .= "<li>"._("to install the profile")."</li>"; |
|
| 348 | + $out .= "<li>".ngettext("to accept the server certificate authority", "to accept the server certificate authorities", $certCount); |
|
| 349 | 349 | if ($certCount > 1) { |
| 350 | - $out .= " " . sprintf(_("(%d times)"), $certCount); |
|
| 350 | + $out .= " ".sprintf(_("(%d times)"), $certCount); |
|
| 351 | 351 | } |
| 352 | 352 | $out .= "</li>"; |
| 353 | - $out .= "<li>" . _("to enter the username and password you have been given by your organisation"); |
|
| 353 | + $out .= "<li>"._("to enter the username and password you have been given by your organisation"); |
|
| 354 | 354 | if ($ssidCount > 1) { |
| 355 | - $out .= " " . sprintf(_("(%d times each, because %d SSIDs and %d Passpoint networks are installed)"), $ssidCount+$oiCount, $ssidCount, $oiCount); |
|
| 355 | + $out .= " ".sprintf(_("(%d times each, because %d SSIDs and %d Passpoint networks are installed)"), $ssidCount + $oiCount, $ssidCount, $oiCount); |
|
| 356 | 356 | } |
| 357 | 357 | $out .= "</li>"; |
| 358 | 358 | $out .= "</ul>"; |
@@ -392,7 +392,7 @@ discard block |
||
| 392 | 392 | <key>ServiceProviderRoamingEnabled</key> |
| 393 | 393 | <true/> |
| 394 | 394 | <key>DisplayedOperatorName</key> |
| 395 | - <string>" . $oiName . "</string>"; |
|
| 395 | + <string>" . $oiName."</string>"; |
|
| 396 | 396 | // if we don't know the realm, omit the entire DomainName key |
| 397 | 397 | if (isset($this->attributes['internal:realm'])) { |
| 398 | 398 | $retval .= "<key>DomainName</key> |
@@ -405,7 +405,7 @@ discard block |
||
| 405 | 405 | <array>"; |
| 406 | 406 | |
| 407 | 407 | foreach ($consortiumOi as $oneCons) { |
| 408 | - $retval .= "<string>" . strtoupper($oneCons) . "</string>"; |
|
| 408 | + $retval .= "<string>".strtoupper($oneCons)."</string>"; |
|
| 409 | 409 | } |
| 410 | 410 | |
| 411 | 411 | $retval .= "</array>"; |
@@ -443,7 +443,7 @@ discard block |
||
| 443 | 443 | <dict> |
| 444 | 444 | <key>AcceptEAPTypes</key> |
| 445 | 445 | <array> |
| 446 | - <integer>" . $eapType['OUTER'] . "</integer> |
|
| 446 | + <integer>" . $eapType['OUTER']."</integer> |
|
| 447 | 447 | </array> |
| 448 | 448 | <key>EAPFASTProvisionPAC</key> |
| 449 | 449 | <true /> |
@@ -456,7 +456,7 @@ discard block |
||
| 456 | 456 | "; |
| 457 | 457 | if ($realm !== NULL) { |
| 458 | 458 | $retval .= "<key>OuterIdentity</key> |
| 459 | - <string>" . htmlspecialchars($realm, ENT_XML1, 'UTF-8') . "</string> |
|
| 459 | + <string>" . htmlspecialchars($realm, ENT_XML1, 'UTF-8')."</string> |
|
| 460 | 460 | "; |
| 461 | 461 | } |
| 462 | 462 | $retval .= "<key>PayloadCertificateAnchorUUID</key> |
@@ -480,11 +480,11 @@ discard block |
||
| 480 | 480 | $retval .= " |
| 481 | 481 | </array>"; |
| 482 | 482 | if ($eapType['INNER'] == \core\common\EAP::NE_SILVERBULLET) { |
| 483 | - $retval .= "<key>UserName</key><string>" . $this->clientCert["certObject"]->username . "</string>"; |
|
| 483 | + $retval .= "<key>UserName</key><string>".$this->clientCert["certObject"]->username."</string>"; |
|
| 484 | 484 | } |
| 485 | 485 | $retval .= " |
| 486 | 486 | <key>TTLSInnerAuthentication</key> |
| 487 | - <string>" . ($eapType['INNER'] == \core\common\EAP::NE_PAP ? "PAP" : "MSCHAPv2") . "</string> |
|
| 487 | + <string>" . ($eapType['INNER'] == \core\common\EAP::NE_PAP ? "PAP" : "MSCHAPv2")."</string> |
|
| 488 | 488 | </dict>"; |
| 489 | 489 | return $retval; |
| 490 | 490 | } |
@@ -504,9 +504,9 @@ discard block |
||
| 504 | 504 | // characters are still reversed, invert on use! |
| 505 | 505 | $buffer .= "<string>Manual</string> |
| 506 | 506 | <key>ProxyServer</key> |
| 507 | - <string>" . strrev($serverAndPort[1]) . "</string> |
|
| 507 | + <string>" . strrev($serverAndPort[1])."</string> |
|
| 508 | 508 | <key>ProxyServerPort</key> |
| 509 | - <integer>" . strrev($serverAndPort[0]) . "</integer> |
|
| 509 | + <integer>" . strrev($serverAndPort[0])."</integer> |
|
| 510 | 510 | <key>ProxyPACFallbackAllowed</key> |
| 511 | 511 | <false/>"; |
| 512 | 512 | } else { |
@@ -556,7 +556,7 @@ discard block |
||
| 556 | 556 | throw new Exception("SSID must be a string!"); |
| 557 | 557 | } |
| 558 | 558 | $escapedSSID = htmlspecialchars($toBeConfigured, ENT_XML1, 'UTF-8'); |
| 559 | - $payloadIdentifier = "wifi." . $this->serial; |
|
| 559 | + $payloadIdentifier = "wifi.".$this->serial; |
|
| 560 | 560 | $payloadShortName = sprintf(_("%s - SSID %s"), $prettyName, $escapedSSID); |
| 561 | 561 | $payloadName = sprintf(_("%s configuration for network name %s"), $prettyName, $escapedSSID); |
| 562 | 562 | $encryptionTypeString = $this->encryptionString(); |
@@ -586,9 +586,9 @@ discard block |
||
| 586 | 586 | if (count($toBeConfigured) == 0) { |
| 587 | 587 | return ""; |
| 588 | 588 | } |
| 589 | - $payloadIdentifier = "hs20.".implode('-',$toBeConfigured); |
|
| 589 | + $payloadIdentifier = "hs20.".implode('-', $toBeConfigured); |
|
| 590 | 590 | $payloadShortName = sprintf(_("%s - RCOI"), $prettyName); |
| 591 | - $payloadName = sprintf(_("%s configuration (Passpoint RCOI)"),$prettyName); |
|
| 591 | + $payloadName = sprintf(_("%s configuration (Passpoint RCOI)"), $prettyName); |
|
| 592 | 592 | $encryptionTypeString = $this->encryptionString(); |
| 593 | 593 | $setupModesString = ""; |
| 594 | 594 | $wifiNetworkIdentification = $this->passPointBlock($toBeConfigured, $prettyName); |
@@ -607,11 +607,11 @@ discard block |
||
| 607 | 607 | <key>PayloadDisplayName</key> |
| 608 | 608 | <string>$payloadShortName</string> |
| 609 | 609 | <key>PayloadIdentifier</key> |
| 610 | - <string>" . self::IPHONE_PAYLOAD_PREFIX . ".$this->massagedConsortium.$this->massagedCountry.$this->massagedInst.$this->massagedProfile.$this->lang.$payloadIdentifier</string> |
|
| 610 | + <string>".self::IPHONE_PAYLOAD_PREFIX.".$this->massagedConsortium.$this->massagedCountry.$this->massagedInst.$this->massagedProfile.$this->lang.$payloadIdentifier</string> |
|
| 611 | 611 | <key>PayloadOrganization</key> |
| 612 | - <string>" . $this->massagedConsortium . ".1x-config.org</string> |
|
| 612 | + <string>".$this->massagedConsortium.".1x-config.org</string> |
|
| 613 | 613 | <key>PayloadType</key> |
| 614 | - <string>com.apple." . ($blocktype == MobileconfigSuperclass::NETWORK_BLOCK_TYPE_WIRED ? "firstactiveethernet" : "wifi") . ".managed</string>"; |
|
| 614 | + <string>com.apple." . ($blocktype == MobileconfigSuperclass::NETWORK_BLOCK_TYPE_WIRED ? "firstactiveethernet" : "wifi").".managed</string>"; |
|
| 615 | 615 | $retval .= $this->proxySettings(); |
| 616 | 616 | $retval .= $setupModesString; |
| 617 | 617 | if ($eapType['INNER'] == \core\common\EAP::NE_SILVERBULLET) { |
@@ -623,7 +623,7 @@ discard block |
||
| 623 | 623 | } |
| 624 | 624 | $retval .= " |
| 625 | 625 | <key>PayloadUUID</key> |
| 626 | - <string>" . \core\common\Entity::uuid() . "</string> |
|
| 626 | + <string>" . \core\common\Entity::uuid()."</string> |
|
| 627 | 627 | <key>PayloadVersion</key> |
| 628 | 628 | <integer>1</integer> |
| 629 | 629 | $wifiNetworkIdentification</dict>"; |
@@ -653,15 +653,15 @@ discard block |
||
| 653 | 653 | <key>IsHotspot</key> |
| 654 | 654 | <false/> |
| 655 | 655 | <key>PayloadDescription</key> |
| 656 | - <string>" . sprintf(_("This SSID should not be used after bootstrapping %s"), \config\ConfAssistant::CONSORTIUM['display_name']) . "</string> |
|
| 656 | + <string>" . sprintf(_("This SSID should not be used after bootstrapping %s"), \config\ConfAssistant::CONSORTIUM['display_name'])."</string> |
|
| 657 | 657 | <key>PayloadDisplayName</key> |
| 658 | - <string>" . _("Disabled WiFi network") . "</string> |
|
| 658 | + <string>" . _("Disabled WiFi network")."</string> |
|
| 659 | 659 | <key>PayloadIdentifier</key> |
| 660 | - <string>" . self::IPHONE_PAYLOAD_PREFIX . ".$this->massagedConsortium.$this->massagedCountry.$this->massagedInst.$this->massagedProfile.$this->lang.wifi.disabled.$this->removeSerial</string> |
|
| 660 | + <string>" . self::IPHONE_PAYLOAD_PREFIX.".$this->massagedConsortium.$this->massagedCountry.$this->massagedInst.$this->massagedProfile.$this->lang.wifi.disabled.$this->removeSerial</string> |
|
| 661 | 661 | <key>PayloadType</key> |
| 662 | 662 | <string>com.apple.wifi.managed</string> |
| 663 | 663 | <key>PayloadUUID</key> |
| 664 | - <string>" . \core\common\Entity::uuid() . "</string> |
|
| 664 | + <string>".\core\common\Entity::uuid()."</string> |
|
| 665 | 665 | <key>PayloadVersion</key> |
| 666 | 666 | <real>1</real>"; |
| 667 | 667 | $retval .= $this->proxySettings(); |
@@ -741,12 +741,12 @@ discard block |
||
| 741 | 741 | $mimeBlob = base64_encode($binaryBlob); |
| 742 | 742 | $mimeFormatted = chunk_split($mimeBlob, 52, "\r\n"); |
| 743 | 743 | $payloadUUID = \core\common\Entity::uuid('', $mimeBlob); |
| 744 | - $retArray = ["block" => "<dict>" . |
|
| 744 | + $retArray = ["block" => "<dict>". |
|
| 745 | 745 | // we don't include the import password. It's displayed on screen, and should be input by the user. |
| 746 | 746 | // <key>Password</key> |
| 747 | 747 | // <string>" . $this->clientCert['password'] . "</string> |
| 748 | 748 | "<key>PayloadCertificateFileName</key> |
| 749 | - <string>" . $this->massagedConsortium . ".pfx</string> |
|
| 749 | + <string>" . $this->massagedConsortium.".pfx</string> |
|
| 750 | 750 | <key>PayloadContent</key> |
| 751 | 751 | <data> |
| 752 | 752 | $mimeFormatted |
@@ -754,7 +754,7 @@ discard block |
||
| 754 | 754 | <key>PayloadDescription</key> |
| 755 | 755 | <string>MIME Base-64 encoded PKCS#12 Client Certificate</string> |
| 756 | 756 | <key>PayloadDisplayName</key> |
| 757 | - <string>" . _("User certificate") . "</string> |
|
| 757 | + <string>"._("User certificate")."</string> |
|
| 758 | 758 | <key>PayloadIdentifier</key> |
| 759 | 759 | <string>com.apple.security.pkcs12.$payloadUUID</string> |
| 760 | 760 | <key>PayloadType</key> |
@@ -764,7 +764,7 @@ discard block |
||
| 764 | 764 | <key>PayloadVersion</key> |
| 765 | 765 | <integer>1</integer> |
| 766 | 766 | </dict>", |
| 767 | - "UUID" => $payloadUUID,]; |
|
| 767 | + "UUID" => $payloadUUID, ]; |
|
| 768 | 768 | \core\common\Entity::outOfThePotatoes(); |
| 769 | 769 | return $retArray; |
| 770 | 770 | } |
@@ -782,7 +782,7 @@ discard block |
||
| 782 | 782 | } |
| 783 | 783 | $expiryTime = new \DateTime($this->clientCert['certObject']->expiry); |
| 784 | 784 | return "<key>RemovalDate</key> |
| 785 | - <date>" . $expiryTime->format("Y-m-d") . "T" . $expiryTime->format("H:i:s") . "Z</date>"; |
|
| 785 | + <date>" . $expiryTime->format("Y-m-d")."T".$expiryTime->format("H:i:s")."Z</date>"; |
|
| 786 | 786 | } |
| 787 | 787 | |
| 788 | 788 | /** |
@@ -804,27 +804,27 @@ discard block |
||
| 804 | 804 | $stream = " |
| 805 | 805 | <dict> |
| 806 | 806 | <key>PayloadCertificateFileName</key> |
| 807 | - <string>" . $ca['uuid'] . ".der</string> |
|
| 807 | + <string>" . $ca['uuid'].".der</string> |
|
| 808 | 808 | <key>PayloadContent</key> |
| 809 | 809 | <data> |
| 810 | -" . $trimmedPem . "</data> |
|
| 810 | +" . $trimmedPem."</data> |
|
| 811 | 811 | <key>PayloadDescription</key> |
| 812 | - <string>" . sprintf(_("The %s Certification Authority"), \core\common\Entity::$nomenclature_idp) . "</string> |
|
| 812 | + <string>" . sprintf(_("The %s Certification Authority"), \core\common\Entity::$nomenclature_idp)."</string> |
|
| 813 | 813 | <key>PayloadDisplayName</key> |
| 814 | 814 | <string>" . |
| 815 | 815 | /// example: "Identity Provider CA #1 (Root)" |
| 816 | - sprintf(_("%s CA #%d (%s)" ), |
|
| 816 | + sprintf(_("%s CA #%d (%s)"), |
|
| 817 | 817 | \core\common\Entity::$nomenclature_idp, |
| 818 | - count($this->CAsAccountedFor)+1, |
|
| 819 | - ($ca['root'] ? _("Root") : _("Intermediate"))) . |
|
| 818 | + count($this->CAsAccountedFor) + 1, |
|
| 819 | + ($ca['root'] ? _("Root") : _("Intermediate"))). |
|
| 820 | 820 | "</string> |
| 821 | 821 | <key>PayloadIdentifier</key> |
| 822 | - <string>" . self::IPHONE_PAYLOAD_PREFIX . ".$this->massagedConsortium.$this->massagedCountry.$this->massagedInst.$this->massagedProfile.credential.$this->caSerial</string> |
|
| 822 | + <string>" . self::IPHONE_PAYLOAD_PREFIX.".$this->massagedConsortium.$this->massagedCountry.$this->massagedInst.$this->massagedProfile.credential.$this->caSerial</string> |
|
| 823 | 823 | <key>PayloadOrganization</key> |
| 824 | - <string>" . $this->massagedConsortium . ".1x-config.org</string> |
|
| 824 | + <string>".$this->massagedConsortium.".1x-config.org</string> |
|
| 825 | 825 | <key>PayloadType</key> |
| 826 | 826 | <string>com.apple.security.root</string> |
| 827 | - <key>PayloadUUID</key><string>" . $ca['uuid'] . "</string> |
|
| 827 | + <key>PayloadUUID</key><string>" . $ca['uuid']."</string> |
|
| 828 | 828 | <key>PayloadVersion</key> |
| 829 | 829 | <integer>1</integer> |
| 830 | 830 | </dict>"; |
