@@ -23,7 +23,7 @@ discard block |
||
23 | 23 | |
24 | 24 | use \Exception; |
25 | 25 | |
26 | -require_once dirname(dirname(__DIR__)) . "/config/_config.php"; |
|
26 | +require_once dirname(dirname(__DIR__))."/config/_config.php"; |
|
27 | 27 | |
28 | 28 | /** |
29 | 29 | * Test suite to verify that a given NAI realm has NAPTR records according to |
@@ -144,7 +144,7 @@ discard block |
||
144 | 144 | private function checkServerName($host) { |
145 | 145 | // it could match CN or sAN:DNS, we don't care which |
146 | 146 | if (isset($this->TLS_CA_checks_result[$host]['certdata']['subject'])) { |
147 | - $this->loggerInstance->debug(4,"Checking expected server name ".$this->expectedName." against Subject: "); |
|
147 | + $this->loggerInstance->debug(4, "Checking expected server name ".$this->expectedName." against Subject: "); |
|
148 | 148 | $this->loggerInstance->debug(4, $this->TLS_CA_checks_result[$host]['certdata']['subject']); |
149 | 149 | // we are checking against accidental misconfig, not attacks, so loosely checking against end of string is appropriate |
150 | 150 | if (preg_match("/CN=".$this->expectedName."/", $this->TLS_CA_checks_result[$host]['certdata']['subject']) === 1) { |
@@ -152,7 +152,7 @@ discard block |
||
152 | 152 | } |
153 | 153 | } |
154 | 154 | if (isset($this->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname'])) { |
155 | - $this->loggerInstance->debug(4,"Checking expected server name ".$this->expectedName." against sANs: "); |
|
155 | + $this->loggerInstance->debug(4, "Checking expected server name ".$this->expectedName." against sANs: "); |
|
156 | 156 | $this->loggerInstance->debug(4, $this->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname']); |
157 | 157 | $testNames = $this->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname']; |
158 | 158 | if (!is_array($testNames)) { |
@@ -164,7 +164,7 @@ discard block |
||
164 | 164 | } |
165 | 165 | } |
166 | 166 | } |
167 | - $this->loggerInstance->debug(3,"Tried to check expected server name ".$this->expectedName." but neither CN nor sANs matched."); |
|
167 | + $this->loggerInstance->debug(3, "Tried to check expected server name ".$this->expectedName." but neither CN nor sANs matched."); |
|
168 | 168 | |
169 | 169 | $this->TLS_CA_checks_result[$host]['cert_oddity'] = RADIUSTests::CERTPROB_DYN_SERVER_NAME_MISMATCH; |
170 | 170 | return FALSE; |
@@ -194,7 +194,7 @@ discard block |
||
194 | 194 | $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['status'] = $cert['status']; |
195 | 195 | $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['message'] = $this->TLS_certkeys[$cert['status']]; |
196 | 196 | $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['expected'] = $cert['expected']; |
197 | - $add = ' -cert ' . ROOT . '/config/cli-certs/' . $cert['public'] . ' -key ' . ROOT . '/config/cli-certs/' . $cert['private']; |
|
197 | + $add = ' -cert '.ROOT.'/config/cli-certs/'.$cert['public'].' -key '.ROOT.'/config/cli-certs/'.$cert['private']; |
|
198 | 198 | if (!isset($this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k])) { |
199 | 199 | $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k] = []; |
200 | 200 | } |
@@ -238,11 +238,11 @@ discard block |
||
238 | 238 | // but code analysers want this more explicit, so here is this extra |
239 | 239 | // call to escapeshellarg() |
240 | 240 | $escapedHost = escapeshellarg($host); |
241 | - $this->loggerInstance->debug(4, CONFIG['PATHS']['openssl'] . " s_client -connect " . $escapedHost . " -tls1 -CApath " . ROOT . "/config/ca-certs/ $arg 2>&1\n"); |
|
241 | + $this->loggerInstance->debug(4, CONFIG['PATHS']['openssl']." s_client -connect ".$escapedHost." -tls1 -CApath ".ROOT."/config/ca-certs/ $arg 2>&1\n"); |
|
242 | 242 | $time_start = microtime(true); |
243 | 243 | $opensslbabble = []; |
244 | 244 | $result = 999; // likely to become zero by openssl; don't want to initialise to zero, could cover up exec failures |
245 | - exec(CONFIG['PATHS']['openssl'] . " s_client -connect " . $escapedHost . " -no_ssl3 -CApath " . ROOT . "/config/ca-certs/ $arg 2>&1", $opensslbabble, $result); |
|
245 | + exec(CONFIG['PATHS']['openssl']." s_client -connect ".$escapedHost." -no_ssl3 -CApath ".ROOT."/config/ca-certs/ $arg 2>&1", $opensslbabble, $result); |
|
246 | 246 | $time_stop = microtime(true); |
247 | 247 | $testresults['time_millisec'] = floor(($time_stop - $time_start) * 1000); |
248 | 248 | $testresults['returncode'] = $result; |