@@ -189,8 +189,7 @@ |
||
189 | 189 | foreach ($allIdPs as $id => $name) { |
190 | 190 | echo '<option value="' . $id . '">' . $name . "</option>"; |
191 | 191 | } |
192 | - |
|
193 | - **/ |
|
192 | + **/ |
|
194 | 193 | ?> |
195 | 194 | </select> |
196 | 195 | <br/> |
@@ -26,7 +26,7 @@ discard block |
||
26 | 26 | */ |
27 | 27 | ?> |
28 | 28 | <?php |
29 | -require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
29 | +require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php"; |
|
30 | 30 | |
31 | 31 | $auth = new \web\lib\admin\Authentication(); |
32 | 32 | $deco = new \web\lib\admin\PageDecoration(); |
@@ -72,7 +72,7 @@ discard block |
||
72 | 72 | // also send user back to the overview page |
73 | 73 | if (isset($_POST['requestcert']) && $_POST['requestcert'] == \web\lib\common\FormElements::BUTTON_SAVE) { |
74 | 74 | // basic sanity checks before we hand this over to openssl |
75 | - $sanitisedCsr = $validator->string($_POST['CSR'] ?? "" , TRUE); |
|
75 | + $sanitisedCsr = $validator->string($_POST['CSR'] ?? "", TRUE); |
|
76 | 76 | if (openssl_csr_get_public_key($sanitisedCsr) === FALSE) { |
77 | 77 | throw new Exception("Sorry: Unable to parse the submitted public key - no public key inside?"); |
78 | 78 | } |
@@ -86,7 +86,7 @@ discard block |
||
86 | 86 | $fed = $validator->existingFederation($_POST['NRO-list']); |
87 | 87 | $country = strtoupper($fed->tld); |
88 | 88 | $DN[] = "C=$country"; |
89 | - $DN[] = "O=NRO of " . $cat->knownFederations[strtoupper($fed->tld)]; |
|
89 | + $DN[] = "O=NRO of ".$cat->knownFederations[strtoupper($fed->tld)]; |
|
90 | 90 | $externalDb = new \core\ExternalEduroamDBData(); |
91 | 91 | $serverInfo = $externalDb->listExternalTlsServersFederation($fed->tld); |
92 | 92 | $serverList = explode(",", array_key_first($serverInfo)); |
@@ -109,14 +109,14 @@ discard block |
||
109 | 109 | default: |
110 | 110 | throw new Exception("Sorry: Unknown level of issuance requested."); |
111 | 111 | } |
112 | - echo "<p style='font-size: large'>" . _("Requesting a certificate with the following properties"); |
|
112 | + echo "<p style='font-size: large'>"._("Requesting a certificate with the following properties"); |
|
113 | 113 | echo "<ul>"; |
114 | - echo "<li>" . _("Policy OIDs: ") . implode(", ", $policies) . "</li>"; |
|
115 | - echo "<li>" . _("Distinguished Name: ") . implode(", ", $DN) . "</li>"; |
|
116 | - echo "<li>" . _("subjectAltName:DNS : ") . implode(", ", $serverList) . "</li>"; |
|
114 | + echo "<li>"._("Policy OIDs: ").implode(", ", $policies)."</li>"; |
|
115 | + echo "<li>"._("Distinguished Name: ").implode(", ", $DN)."</li>"; |
|
116 | + echo "<li>"._("subjectAltName:DNS : ").implode(", ", $serverList)."</li>"; |
|
117 | 117 | $firstName = $serverInfo[array_key_first($serverInfo)][0]["name"]; |
118 | 118 | $firstMail = $serverInfo[array_key_first($serverInfo)][0]["mail"]; |
119 | - echo "<li>" . _("Requester Contact Details: ") . $firstName . " <" . $firstMail . ">" . "</li>"; |
|
119 | + echo "<li>"._("Requester Contact Details: ").$firstName." <".$firstMail.">"."</li>"; |
|
120 | 120 | echo "</ul></p>"; |
121 | 121 | /* $ossl = proc_open("openssl req -subj '/".implode("/", $DN)."'", [ 0 => ["pipe", "r"], 1 => ["pipe", "w"], 2 => [ "file", "/tmp/voodoo-error", "a"] ], $pipes); |
122 | 122 | if (is_resource($ossl)) { |
@@ -134,7 +134,7 @@ discard block |
||
134 | 134 | "CSR_STRING" => /* $newCsr */ $vettedCsr, |
135 | 135 | "USERNAME" => $firstName, |
136 | 136 | "USERMAIL" => $firstMail, |
137 | - "SUBJECT" => implode(",", $DN) , |
|
137 | + "SUBJECT" => implode(",", $DN), |
|
138 | 138 | "ALTNAMES" => $serverList, |
139 | 139 | "FED" => $country]; |
140 | 140 | // our certs can be good for max 5 years |
@@ -142,7 +142,7 @@ discard block |
||
142 | 142 | echo "<p>"._("The certificate was requested.")."</p>"; |
143 | 143 | ?> |
144 | 144 | <form action="overview_certificates.php" method="GET"> |
145 | - <button type="submit"><?php echo _("Back to Certificate Overview");?></button> |
|
145 | + <button type="submit"><?php echo _("Back to Certificate Overview"); ?></button> |
|
146 | 146 | </form> |
147 | 147 | <?php |
148 | 148 | echo $deco->footer(); |
@@ -151,14 +151,14 @@ discard block |
||
151 | 151 | |
152 | 152 | // if we did not get a SAVE button, display UI for a fresh request instead |
153 | 153 | ?> |
154 | - <h2><?php echo _("1. Certificate Holder Details");?></h2> |
|
154 | + <h2><?php echo _("1. Certificate Holder Details"); ?></h2> |
|
155 | 155 | <form action="action_req_certificate.php" method="POST"> |
156 | 156 | <input type="radio" name="LEVEL" id="NRO" value="NRO" checked><?php printf(_("Certificate for %s role"), $uiElements->nomenclatureFed); ?></input> |
157 | 157 | <?php |
158 | 158 | if (count($feds) == 1) { |
159 | 159 | $fedObject = new \core\Federation($feds[0]['value']); |
160 | - echo " <strong>" . $cat->knownFederations[$fedObject->tld] . "</strong>"; |
|
161 | - echo '<input type="hidden" name="NRO-list" id="NRO-list" value="' . $fedObject->tld . '"/>'; |
|
160 | + echo " <strong>".$cat->knownFederations[$fedObject->tld]."</strong>"; |
|
161 | + echo '<input type="hidden" name="NRO-list" id="NRO-list" value="'.$fedObject->tld.'"/>'; |
|
162 | 162 | } else { |
163 | 163 | ?> |
164 | 164 | <select name="NRO-list" id="NRO-list"> |
@@ -166,7 +166,7 @@ discard block |
||
166 | 166 | <?php |
167 | 167 | foreach ($feds as $oneFed) { |
168 | 168 | $fedObject = new \core\Federation($oneFed['value']); |
169 | - echo '<option value="' . strtoupper($fedObject->tld) . '">' . $cat->knownFederations[$fedObject->tld] . "</option>"; |
|
169 | + echo '<option value="'.strtoupper($fedObject->tld).'">'.$cat->knownFederations[$fedObject->tld]."</option>"; |
|
170 | 170 | } |
171 | 171 | ?> |
172 | 172 | </select> |
@@ -194,10 +194,10 @@ discard block |
||
194 | 194 | ?> |
195 | 195 | </select> |
196 | 196 | <br/> |
197 | - <h2><?php echo _("2. CSR generation");?></h2> |
|
198 | - <p><?php echo _("One way to generate an acceptable certificate request is via this openssl one-liner:");?></p> |
|
197 | + <h2><?php echo _("2. CSR generation"); ?></h2> |
|
198 | + <p><?php echo _("One way to generate an acceptable certificate request is via this openssl one-liner:"); ?></p> |
|
199 | 199 | <p>openssl req -new -newkey rsa:4096 -out test.csr -keyout test.key -subj /DC=test/DC=test/DC=eduroam/C=XY/O=WillBeReplaced/CN=will.be.replaced</p> |
200 | - <h2><?php echo _("3. Submission");?></h2> |
|
200 | + <h2><?php echo _("3. Submission"); ?></h2> |
|
201 | 201 | <?php echo _("Please paste your CSR here:"); ?><br/><textarea name="CSR" id="CSR" rows="20" cols="85"/></textarea><br/> |
202 | 202 | <button type="submit" name="requestcert" id="requestcert" value="<?php echo \web\lib\common\FormElements::BUTTON_SAVE ?>"><?php echo _("Send request"); ?></button> |
203 | 203 | </form> |
@@ -26,7 +26,7 @@ discard block |
||
26 | 26 | */ |
27 | 27 | ?> |
28 | 28 | <?php |
29 | -require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
29 | +require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php"; |
|
30 | 30 | |
31 | 31 | $auth = new \web\lib\admin\Authentication(); |
32 | 32 | $deco = new \web\lib\admin\PageDecoration(); |
@@ -70,7 +70,7 @@ discard block |
||
70 | 70 | $feds = $user->getAttributes("user:fedadmin"); |
71 | 71 | foreach ($feds as $oneFed) { |
72 | 72 | $theFed = new \core\Federation($oneFed['value']); |
73 | - printf("<p>" . _("Certificate Information for %s %s"), $uiElements->nomenclatureFed, $theFed->name) . "</p>"; |
|
73 | + printf("<p>"._("Certificate Information for %s %s"), $uiElements->nomenclatureFed, $theFed->name)."</p>"; |
|
74 | 74 | foreach ($theFed->listTlsCertificates() as $oneCert) { |
75 | 75 | if ($oneCert['STATUS'] == "REQUESTED") { |
76 | 76 | $theFed->updateCertificateStatus($oneCert['REQSERIAL']); |
@@ -81,12 +81,12 @@ discard block |
||
81 | 81 | foreach ($theFed->listTlsCertificates() as $oneCert) { // fetch list a second time, in case we got a cert |
82 | 82 | $status = $oneCert['STATUS']; |
83 | 83 | echo "<tr>"; |
84 | - echo "<td>" . $oneCert['REQSERIAL'] . "</td><td>" . $oneCert['DN'] . "</td><td>" . $status . "</td><td>" . $oneCert['EXPIRY'] . "</td>"; |
|
84 | + echo "<td>".$oneCert['REQSERIAL']."</td><td>".$oneCert['DN']."</td><td>".$status."</td><td>".$oneCert['EXPIRY']."</td>"; |
|
85 | 85 | if ($status == "ISSUED") { |
86 | 86 | ?> |
87 | 87 | <td> |
88 | 88 | <form action='inc/showCert.inc.php' onsubmit='popupRedirectWindow(this); return false;' accept-charset='UTF-8' method="POST"> |
89 | - <input type="hidden" name="certdata" value="<?php echo $oneCert['CERT'];?>"/> |
|
89 | + <input type="hidden" name="certdata" value="<?php echo $oneCert['CERT']; ?>"/> |
|
90 | 90 | <button type="submit">Display</button> |
91 | 91 | </form> |
92 | 92 | <td> |
@@ -20,7 +20,7 @@ |
||
20 | 20 | */ |
21 | 21 | ?> |
22 | 22 | <?php |
23 | -require_once dirname(dirname(dirname(dirname(__FILE__)))) . "/config/_config.php"; |
|
23 | +require_once dirname(dirname(dirname(dirname(__FILE__))))."/config/_config.php"; |
|
24 | 24 | |
25 | 25 | $auth = new \web\lib\admin\Authentication(); |
26 | 26 | $languageInstance = new \core\common\Language(); |
@@ -17,9 +17,9 @@ discard block |
||
17 | 17 | class CertificationAuthorityEduPkiServer extends EntityWithDBProperties implements CertificationAuthorityInterface |
18 | 18 | { |
19 | 19 | |
20 | - private const LOCATION_RA_CERT = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
21 | - private const LOCATION_RA_KEY = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
22 | - private const LOCATION_WEBROOT = ROOT . "/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
20 | + private const LOCATION_RA_CERT = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
21 | + private const LOCATION_RA_KEY = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
22 | + private const LOCATION_WEBROOT = ROOT."/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
23 | 23 | private const EDUPKI_RA_ID = 700; |
24 | 24 | private const EDUPKI_CERT_PROFILE = "Radius Server SOAP"; |
25 | 25 | private const EDUPKI_RA_PKEY_PASSPHRASE = "..."; |
@@ -35,13 +35,13 @@ discard block |
||
35 | 35 | parent::__construct(); |
36 | 36 | |
37 | 37 | if (stat(CertificationAuthorityEduPkiServer::LOCATION_RA_CERT) === FALSE) { |
38 | - throw new Exception("RA operator PEM file not found: " . CertificationAuthorityEduPkiServer::LOCATION_RA_CERT); |
|
38 | + throw new Exception("RA operator PEM file not found: ".CertificationAuthorityEduPkiServer::LOCATION_RA_CERT); |
|
39 | 39 | } |
40 | 40 | if (stat(CertificationAuthorityEduPkiServer::LOCATION_RA_KEY) === FALSE) { |
41 | - throw new Exception("RA operator private key file not found: " . CertificationAuthorityEduPkiServer::LOCATION_RA_KEY); |
|
41 | + throw new Exception("RA operator private key file not found: ".CertificationAuthorityEduPkiServer::LOCATION_RA_KEY); |
|
42 | 42 | } |
43 | 43 | if (stat(CertificationAuthorityEduPkiServer::LOCATION_WEBROOT) === FALSE) { |
44 | - throw new Exception("CA website root CA file not found: " . CertificationAuthorityEduPkiServer::LOCATION_WEBROOT); |
|
44 | + throw new Exception("CA website root CA file not found: ".CertificationAuthorityEduPkiServer::LOCATION_WEBROOT); |
|
45 | 45 | } |
46 | 46 | } |
47 | 47 | |
@@ -99,22 +99,22 @@ discard block |
||
99 | 99 | // initialise connection to eduPKI CA / eduroam RA and send the request to them |
100 | 100 | try { |
101 | 101 | $altArray = [# Array mit den Subject Alternative Names |
102 | - "email:" . $csr["USERMAIL"] |
|
102 | + "email:".$csr["USERMAIL"] |
|
103 | 103 | ]; |
104 | 104 | foreach ($csr["ALTNAMES"] as $oneAltName) { |
105 | - $altArray[] = "DNS:" . $oneAltName; |
|
105 | + $altArray[] = "DNS:".$oneAltName; |
|
106 | 106 | } |
107 | 107 | $soapPub = $this->initEduPKISoapSession("PUBLIC"); |
108 | 108 | $this->loggerInstance->debug(5, "FIRST ACTUAL SOAP REQUEST (Public, newRequest)!\n"); |
109 | - $this->loggerInstance->debug(5, "PARAM_1: " . CertificationAuthorityEduPkiServer::EDUPKI_RA_ID . "\n"); |
|
110 | - $this->loggerInstance->debug(5, "PARAM_2: " . $csr["CSR_STRING"] . "\n"); |
|
109 | + $this->loggerInstance->debug(5, "PARAM_1: ".CertificationAuthorityEduPkiServer::EDUPKI_RA_ID."\n"); |
|
110 | + $this->loggerInstance->debug(5, "PARAM_2: ".$csr["CSR_STRING"]."\n"); |
|
111 | 111 | $this->loggerInstance->debug(5, "PARAM_3: "); |
112 | 112 | $this->loggerInstance->debug(5, $altArray); |
113 | - $this->loggerInstance->debug(5, "PARAM_4: " . CertificationAuthorityEduPkiServer::EDUPKI_CERT_PROFILE . "\n"); |
|
114 | - $this->loggerInstance->debug(5, "PARAM_5: " . sha1("notused") . "\n"); |
|
115 | - $this->loggerInstance->debug(5, "PARAM_6: " . $csr["USERNAME"] . "\n"); |
|
116 | - $this->loggerInstance->debug(5, "PARAM_7: " . $csr["USERMAIL"] . "\n"); |
|
117 | - $this->loggerInstance->debug(5, "PARAM_8: " . ProfileSilverbullet::PRODUCTNAME . "\n"); |
|
113 | + $this->loggerInstance->debug(5, "PARAM_4: ".CertificationAuthorityEduPkiServer::EDUPKI_CERT_PROFILE."\n"); |
|
114 | + $this->loggerInstance->debug(5, "PARAM_5: ".sha1("notused")."\n"); |
|
115 | + $this->loggerInstance->debug(5, "PARAM_6: ".$csr["USERNAME"]."\n"); |
|
116 | + $this->loggerInstance->debug(5, "PARAM_7: ".$csr["USERMAIL"]."\n"); |
|
117 | + $this->loggerInstance->debug(5, "PARAM_8: ".ProfileSilverbullet::PRODUCTNAME."\n"); |
|
118 | 118 | $this->loggerInstance->debug(5, "PARAM_9: false\n"); |
119 | 119 | $soapNewRequest = $soapPub->newRequest( |
120 | 120 | CertificationAuthorityEduPkiServer::EDUPKI_RA_ID, # RA-ID |
@@ -136,11 +136,11 @@ discard block |
||
136 | 136 | } catch (Exception $e) { |
137 | 137 | // PHP 7.1 can do this much better |
138 | 138 | if (is_soap_fault($e)) { |
139 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: { |
|
139 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: { |
|
140 | 140 | $e->faultstring |
141 | 141 | }\n"); |
142 | 142 | } |
143 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
143 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
144 | 144 | } |
145 | 145 | try { |
146 | 146 | $soap = $this->initEduPKISoapSession("RA"); |
@@ -174,7 +174,7 @@ discard block |
||
174 | 174 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
175 | 175 | // rather than just using the string. Grr. |
176 | 176 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
177 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapCleartext); |
|
177 | + file_put_contents($tempdir['dir']."/content.txt", $soapCleartext); |
|
178 | 178 | // retrieve our RA cert from filesystem |
179 | 179 | // the RA certificates are not needed right now because we |
180 | 180 | // have resorted to S/MIME signatures with openssl command-line |
@@ -186,7 +186,7 @@ discard block |
||
186 | 186 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
187 | 187 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
188 | 188 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n $soapCleartext\n"); |
189 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
189 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
190 | 190 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
191 | 191 | $output = []; |
192 | 192 | $return = 999; |
@@ -195,21 +195,21 @@ discard block |
||
195 | 195 | throw new Exception("Non-zero return value from openssl smime!"); |
196 | 196 | } |
197 | 197 | // and get the signature blob back from the filesystem |
198 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
198 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
199 | 199 | $this->loggerInstance->debug(5, "Request for server approveRequest has parameters:\n"); |
200 | - $this->loggerInstance->debug(5, $soapReqnum . "\n"); |
|
201 | - $this->loggerInstance->debug(5, $soapCleartext . "\n"); // PHP magically encodes this as base64 while sending! |
|
202 | - $this->loggerInstance->debug(5, $detachedSig . "\n"); |
|
200 | + $this->loggerInstance->debug(5, $soapReqnum."\n"); |
|
201 | + $this->loggerInstance->debug(5, $soapCleartext."\n"); // PHP magically encodes this as base64 while sending! |
|
202 | + $this->loggerInstance->debug(5, $detachedSig."\n"); |
|
203 | 203 | $soapIssueCert = $soap->approveRequest($soapReqnum, $soapCleartext, $detachedSig); |
204 | - $this->loggerInstance->debug(5, "approveRequest Request was: \n" . $soap->__getLastRequest()); |
|
205 | - $this->loggerInstance->debug(5, "approveRequest Response was: \n" . $soap->__getLastResponse()); |
|
204 | + $this->loggerInstance->debug(5, "approveRequest Request was: \n".$soap->__getLastRequest()); |
|
205 | + $this->loggerInstance->debug(5, "approveRequest Response was: \n".$soap->__getLastResponse()); |
|
206 | 206 | if ($soapIssueCert === FALSE) { |
207 | 207 | throw new Exception("The locally approved request was NOT processed by the CA."); |
208 | 208 | } |
209 | 209 | } catch (SoapFault $e) { |
210 | - throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
210 | + throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
211 | 211 | } catch (Exception $e) { |
212 | - throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage()); |
|
212 | + throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage()); |
|
213 | 213 | } |
214 | 214 | return $soapReqnum; |
215 | 215 | } |
@@ -261,9 +261,9 @@ discard block |
||
261 | 261 | throw new Exception("CAInfo has no root certificate for us!"); |
262 | 262 | } |
263 | 263 | } catch (SoapFault $e) { |
264 | - throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
264 | + throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
265 | 265 | } catch (Exception $e) { |
266 | - throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage()); |
|
266 | + throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage()); |
|
267 | 267 | } |
268 | 268 | return [ |
269 | 269 | "CERT" => openssl_x509_read($parsedCert['pem']), |
@@ -296,12 +296,12 @@ discard block |
||
296 | 296 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
297 | 297 | // rather than just using the string. Grr. |
298 | 298 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
299 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapRawRevRequest); |
|
299 | + file_put_contents($tempdir['dir']."/content.txt", $soapRawRevRequest); |
|
300 | 300 | // retrieve our RA cert from filesystem |
301 | 301 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
302 | 302 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
303 | 303 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n$soapRawRevRequest\n"); |
304 | - $execCmd = \config\Master::PATHS['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . CertificationAuthorityEduPkiServer::LOCATION_RA_KEY . " -signer " . CertificationAuthorityEduPkiServer::LOCATION_RA_CERT; |
|
304 | + $execCmd = \config\Master::PATHS['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".CertificationAuthorityEduPkiServer::LOCATION_RA_KEY." -signer ".CertificationAuthorityEduPkiServer::LOCATION_RA_CERT; |
|
305 | 305 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
306 | 306 | $output = []; |
307 | 307 | $return = 999; |
@@ -310,7 +310,7 @@ discard block |
||
310 | 310 | throw new Exception("Non-zero return value from openssl smime!"); |
311 | 311 | } |
312 | 312 | // and get the signature blob back from the filesystem |
313 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
313 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
314 | 314 | $soapIssueRev = $soap->approveRevocationRequest($soapRevocationSerial, $soapRawRevRequest, $detachedSig); |
315 | 315 | if ($soapIssueRev === FALSE) { |
316 | 316 | throw new Exception("The locally approved revocation request was NOT processed by the CA."); |
@@ -318,9 +318,9 @@ discard block |
||
318 | 318 | } catch (Exception $e) { |
319 | 319 | // PHP 7.1 can do this much better |
320 | 320 | if (is_soap_fault($e)) { |
321 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: {$e->faultstring}\n"); |
|
321 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: {$e->faultstring}\n"); |
|
322 | 322 | } |
323 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
323 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
324 | 324 | } |
325 | 325 | } |
326 | 326 | |
@@ -420,9 +420,9 @@ discard block |
||
420 | 420 | */ |
421 | 421 | public function soapToXmlInteger($x) |
422 | 422 | { |
423 | - return '<' . $x[0] . '>' |
|
423 | + return '<'.$x[0].'>' |
|
424 | 424 | . htmlentities($x[1], ENT_NOQUOTES | ENT_XML1) |
425 | - . '</' . $x[0] . '>'; |
|
425 | + . '</'.$x[0].'>'; |
|
426 | 426 | } |
427 | 427 | |
428 | 428 | /** |
@@ -441,9 +441,9 @@ discard block |
||
441 | 441 | // dump private key into directory |
442 | 442 | $outstring = ""; |
443 | 443 | openssl_pkey_export($privateKey, $outstring); |
444 | - file_put_contents($tempdir . "/pkey.pem", $outstring); |
|
444 | + file_put_contents($tempdir."/pkey.pem", $outstring); |
|
445 | 445 | // PHP can only do one DC in the Subject. But we need three. |
446 | - $execCmd = \config\Master::PATHS['openssl'] . " req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$fed/CN=$username/emailAddress=$username"; |
|
446 | + $execCmd = \config\Master::PATHS['openssl']." req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$fed/CN=$username/emailAddress=$username"; |
|
447 | 447 | $this->loggerInstance->debug(2, "Calling openssl req with following cmdline: $execCmd\n"); |
448 | 448 | $output = []; |
449 | 449 | $return = 999; |
@@ -126,7 +126,7 @@ discard block |
||
126 | 126 | return $this->counter; |
127 | 127 | } |
128 | 128 | |
129 | - $cachedNumber = @file_get_contents(ROOT . "/var/tmp/cachedSPNumber.serialised"); |
|
129 | + $cachedNumber = @file_get_contents(ROOT."/var/tmp/cachedSPNumber.serialised"); |
|
130 | 130 | if ($cachedNumber !== FALSE) { |
131 | 131 | $numberData = unserialize($cachedNumber); |
132 | 132 | $now = new \DateTime(); |
@@ -139,7 +139,7 @@ discard block |
||
139 | 139 | } else { // data in cache is too old or doesn't exist. We really need to ask the database |
140 | 140 | $list = $this->listAllServiceProviders(); |
141 | 141 | $this->counter = count($list); |
142 | - file_put_contents(ROOT . "/var/tmp/cachedSPNumber.serialised", serialize(["number" => $this->counter, "timestamp" => new \DateTime()])); |
|
142 | + file_put_contents(ROOT."/var/tmp/cachedSPNumber.serialised", serialize(["number" => $this->counter, "timestamp" => new \DateTime()])); |
|
143 | 143 | return $this->counter; |
144 | 144 | } |
145 | 145 | } |
@@ -188,7 +188,7 @@ discard block |
||
188 | 188 | $returnarray = []; |
189 | 189 | $query = "SELECT id_institution AS id, country, inst_realm as realmlist, name AS collapsed_name, contact AS collapsed_contact, type FROM view_active_institution WHERE country = ?"; |
190 | 190 | if ($eduroamDbType !== NULL) { |
191 | - $query .= " AND ( type = '" . ExternalEduroamDBData::TYPE_IDPSP . "' OR type = '" . $eduroamDbType . "')"; |
|
191 | + $query .= " AND ( type = '".ExternalEduroamDBData::TYPE_IDPSP."' OR type = '".$eduroamDbType."')"; |
|
192 | 192 | } |
193 | 193 | $externals = $this->db->exec($query, "s", $tld); |
194 | 194 | // was a SELECT query, so a resource and not a boolean |
@@ -291,7 +291,7 @@ discard block |
||
291 | 291 | $instServerTransaction = $this->db->exec($query, "s", $tld); |
292 | 292 | while ($instServerResponses = mysqli_fetch_object(/** @scrutinizer ignore-type */ $instServerTransaction)) { |
293 | 293 | $contactList = $this->dissectCollapsedContacts($instServerResponses->contacts); |
294 | - $retval[$instServerResponses->ROid . $instServerResponses->instid] = [ |
|
294 | + $retval[$instServerResponses->ROid.$instServerResponses->instid] = [ |
|
295 | 295 | "names" => splitNames($instServerResponses->inst_name), |
296 | 296 | "type" => $instServerResponses->type, |
297 | 297 | "servers" => $instServerResponses->servers, |