GEANT /
CAT
@@ -1,10 +1,10 @@ |
||
| 1 | 1 | <?php |
| 2 | 2 | require_once dirname(dirname(__FILE__)) . "/config/_config.php"; |
| 3 | 3 | /** |
| 4 | - * check if URL responds with 200 |
|
| 5 | - * |
|
| 6 | - * @param string $srv server name |
|
| 7 | - * @return integer or NULL |
|
| 4 | + * check if URL responds with 200 |
|
| 5 | + * |
|
| 6 | + * @param string $srv server name |
|
| 7 | + * @return integer or NULL |
|
| 8 | 8 | */ |
| 9 | 9 | function checkConfigRADIUSDaemon ($srv) { |
| 10 | 10 | $ch = curl_init(); |
@@ -1,22 +1,22 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | -require_once dirname(dirname(__FILE__)) . "/config/_config.php"; |
|
| 2 | +require_once dirname(dirname(__FILE__))."/config/_config.php"; |
|
| 3 | 3 | /** |
| 4 | 4 | * check if URL responds with 200 |
| 5 | 5 | * |
| 6 | 6 | * @param string $srv server name |
| 7 | 7 | * @return integer or NULL |
| 8 | 8 | */ |
| 9 | -function checkConfigRADIUSDaemon ($srv) { |
|
| 9 | +function checkConfigRADIUSDaemon($srv) { |
|
| 10 | 10 | $ch = curl_init(); |
| 11 | 11 | if ($ch === FALSE) { |
| 12 | 12 | return NULL; |
| 13 | 13 | } |
| 14 | 14 | $timeout = 10; |
| 15 | - curl_setopt ( $ch, CURLOPT_URL, $srv ); |
|
| 16 | - curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, 1 ); |
|
| 17 | - curl_setopt ( $ch, CURLOPT_TIMEOUT, $timeout ); |
|
| 15 | + curl_setopt($ch, CURLOPT_URL, $srv); |
|
| 16 | + curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); |
|
| 17 | + curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); |
|
| 18 | 18 | curl_exec($ch); |
| 19 | - $http_code = curl_getinfo( $ch, CURLINFO_HTTP_CODE ); |
|
| 19 | + $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); |
|
| 20 | 20 | if ($http_code == 200) { |
| 21 | 21 | return 1; |
| 22 | 22 | } |
@@ -52,8 +52,8 @@ discard block |
||
| 52 | 52 | } |
| 53 | 53 | $siteStatus = array(); |
| 54 | 54 | foreach (array_keys($brokenDeployments) as $server_id) { |
| 55 | - print "check $server_id " . $radiusSite[$server_id] . "\n"; |
|
| 56 | - $siteStatus[$server_id] = checkConfigRADIUSDaemon('http://' . $radiusSite[$server_id]); |
|
| 55 | + print "check $server_id ".$radiusSite[$server_id]."\n"; |
|
| 56 | + $siteStatus[$server_id] = checkConfigRADIUSDaemon('http://'.$radiusSite[$server_id]); |
|
| 57 | 57 | if ($siteStatus[$server_id]) { |
| 58 | 58 | echo "\ncheck radius\n"; |
| 59 | 59 | echo \config\Diagnostics::RADIUSSPTEST['port']."\n"; |
@@ -80,7 +80,7 @@ discard block |
||
| 80 | 80 | } |
| 81 | 81 | echo "\nfix $deployment_id of $inst_id on server $server_id index $idx\n"; |
| 82 | 82 | /** @scrutinizer ignore-call */ |
| 83 | - $response = $deployment->setRADIUSconfig(($deployment->status == \core\AbstractDeployment::INACTIVE)? 1 : 0, $idx, 1); |
|
| 83 | + $response = $deployment->setRADIUSconfig(($deployment->status == \core\AbstractDeployment::INACTIVE) ? 1 : 0, $idx, 1); |
|
| 84 | 84 | if (isset($response["res[$idx]"]) && $response["res[$idx]"] = 'OK') { |
| 85 | 85 | echo "FIXED\n"; |
| 86 | 86 | } |
@@ -250,7 +250,7 @@ discard block |
||
| 250 | 250 | $serverCandidates[IdPlist::geoDistance($adminLocation, ['lat' => $iterator->location_lat, 'lon' => $iterator->location_lon])] = $iterator->server_id; |
| 251 | 251 | } |
| 252 | 252 | if ($clients > $maxSupportedClients * 0.9) { |
| 253 | - $this->loggerInstance->debug(1, "A RADIUS server for Managed SP (" . $iterator->server_id . ") is serving at more than 90% capacity!"); |
|
| 253 | + $this->loggerInstance->debug(1, "A RADIUS server for Managed SP (".$iterator->server_id.") is serving at more than 90% capacity!"); |
|
| 254 | 254 | } |
| 255 | 255 | } |
| 256 | 256 | if (count($serverCandidates) == 0 && $federation != "DEFAULT") { |
@@ -281,28 +281,28 @@ discard block |
||
| 281 | 281 | $ourLocation = ['lon' => $geoip['geo']['lon'], 'lat' => $geoip['geo']['lat']]; |
| 282 | 282 | } |
| 283 | 283 | $inst = new IdP($this->institution); |
| 284 | - $ourserver = $this->findGoodServerLocation($ourLocation, $inst->federation , []); |
|
| 284 | + $ourserver = $this->findGoodServerLocation($ourLocation, $inst->federation, []); |
|
| 285 | 285 | // now, find an unused port in the preferred server |
| 286 | 286 | $foundFreePort1 = 0; |
| 287 | 287 | while ($foundFreePort1 == 0) { |
| 288 | 288 | $portCandidate = random_int(1200, 65535); |
| 289 | - $check = $this->databaseHandle->exec("SELECT port_instance_1 FROM deployment WHERE radius_instance_1 = '" . $ourserver . "' AND port_instance_1 = $portCandidate"); |
|
| 289 | + $check = $this->databaseHandle->exec("SELECT port_instance_1 FROM deployment WHERE radius_instance_1 = '".$ourserver."' AND port_instance_1 = $portCandidate"); |
|
| 290 | 290 | if (mysqli_num_rows(/** @scrutinizer ignore-type */ $check) == 0) { |
| 291 | 291 | $foundFreePort1 = $portCandidate; |
| 292 | 292 | } |
| 293 | 293 | } |
| 294 | - $ourSecondServer = $this->findGoodServerLocation($ourLocation, $inst->federation , [$ourserver]); |
|
| 294 | + $ourSecondServer = $this->findGoodServerLocation($ourLocation, $inst->federation, [$ourserver]); |
|
| 295 | 295 | $foundFreePort2 = 0; |
| 296 | 296 | while ($foundFreePort2 == 0) { |
| 297 | 297 | $portCandidate = random_int(1200, 65535); |
| 298 | - $check = $this->databaseHandle->exec("SELECT port_instance_2 FROM deployment WHERE radius_instance_2 = '" . $ourSecondServer . "' AND port_instance_2 = $portCandidate"); |
|
| 298 | + $check = $this->databaseHandle->exec("SELECT port_instance_2 FROM deployment WHERE radius_instance_2 = '".$ourSecondServer."' AND port_instance_2 = $portCandidate"); |
|
| 299 | 299 | if (mysqli_num_rows(/** @scrutinizer ignore-type */ $check) == 0) { |
| 300 | 300 | $foundFreePort2 = $portCandidate; |
| 301 | 301 | } |
| 302 | 302 | } |
| 303 | 303 | // and make up a shared secret that is halfways readable |
| 304 | 304 | $futureSecret = $this->randomString(16, "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"); |
| 305 | - $this->databaseHandle->exec("UPDATE deployment SET radius_instance_1 = '" . $ourserver . "', radius_instance_2 = '" . $ourSecondServer . "', port_instance_1 = $foundFreePort1, port_instance_2 = $foundFreePort2, secret = '$futureSecret' WHERE deployment_id = $this->identifier"); |
|
| 305 | + $this->databaseHandle->exec("UPDATE deployment SET radius_instance_1 = '".$ourserver."', radius_instance_2 = '".$ourSecondServer."', port_instance_1 = $foundFreePort1, port_instance_2 = $foundFreePort2, secret = '$futureSecret' WHERE deployment_id = $this->identifier"); |
|
| 306 | 306 | return ["port_instance_1" => $foundFreePort1, "port_instance_2" => $foundFreePort2, "secret" => $futureSecret, "radius_instance_1" => $ourserver, "radius_instance_2" => $ourserver]; |
| 307 | 307 | } |
| 308 | 308 | |
@@ -345,7 +345,7 @@ discard block |
||
| 345 | 345 | * @return void |
| 346 | 346 | */ |
| 347 | 347 | public function deactivate() { |
| 348 | - $this->databaseHandle->exec("UPDATE deployment SET status = " . DeploymentManaged::INACTIVE . " WHERE deployment_id = $this->identifier"); |
|
| 348 | + $this->databaseHandle->exec("UPDATE deployment SET status = ".DeploymentManaged::INACTIVE." WHERE deployment_id = $this->identifier"); |
|
| 349 | 349 | } |
| 350 | 350 | |
| 351 | 351 | /** |
@@ -355,7 +355,7 @@ discard block |
||
| 355 | 355 | * @return void |
| 356 | 356 | */ |
| 357 | 357 | public function activate() { |
| 358 | - $this->databaseHandle->exec("UPDATE deployment SET status = " . DeploymentManaged::ACTIVE . " WHERE deployment_id = $this->identifier"); |
|
| 358 | + $this->databaseHandle->exec("UPDATE deployment SET status = ".DeploymentManaged::ACTIVE." WHERE deployment_id = $this->identifier"); |
|
| 359 | 359 | } |
| 360 | 360 | |
| 361 | 361 | /** |
@@ -381,17 +381,17 @@ discard block |
||
| 381 | 381 | private function sendToRADIUS($idx, $post) { |
| 382 | 382 | |
| 383 | 383 | $hostname = "radius_hostname_$idx"; |
| 384 | - $ch = curl_init( "http://" . $this->$hostname ); |
|
| 384 | + $ch = curl_init("http://".$this->$hostname); |
|
| 385 | 385 | if ($ch === FALSE) { |
| 386 | 386 | $res = 'FAILURE'; |
| 387 | 387 | } else { |
| 388 | - curl_setopt( $ch, CURLOPT_POST, 1); |
|
| 389 | - curl_setopt( $ch, CURLOPT_POSTFIELDS, $post); |
|
| 390 | - $this->loggerInstance->debug(1, "Posting to http://" . $this->$hostname . ": $post\n"); |
|
| 391 | - curl_setopt( $ch, CURLOPT_FOLLOWLOCATION, 1); |
|
| 392 | - curl_setopt( $ch, CURLOPT_HEADER, 0); |
|
| 393 | - curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1); |
|
| 394 | - $exec = curl_exec( $ch ); |
|
| 388 | + curl_setopt($ch, CURLOPT_POST, 1); |
|
| 389 | + curl_setopt($ch, CURLOPT_POSTFIELDS, $post); |
|
| 390 | + $this->loggerInstance->debug(1, "Posting to http://".$this->$hostname.": $post\n"); |
|
| 391 | + curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); |
|
| 392 | + curl_setopt($ch, CURLOPT_HEADER, 0); |
|
| 393 | + curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); |
|
| 394 | + $exec = curl_exec($ch); |
|
| 395 | 395 | if ($exec === FALSE) { |
| 396 | 396 | $this->loggerInstance->debug(1, "curl_exec failure"); |
| 397 | 397 | $res = 'FAILURE'; |
@@ -402,7 +402,7 @@ discard block |
||
| 402 | 402 | $this->loggerInstance->debug(1, $this); |
| 403 | 403 | } |
| 404 | 404 | $this->loggerInstance->debug(1, "Database update"); |
| 405 | - $this->databaseHandle->exec("UPDATE deployment SET radius_status_$idx = " . ($res == 'OK'? \core\AbstractDeployment::RADIUS_OK : \core\AbstractDeployment::RADIUS_FAILURE) . " WHERE deployment_id = $this->identifier"); |
|
| 405 | + $this->databaseHandle->exec("UPDATE deployment SET radius_status_$idx = ".($res == 'OK' ? \core\AbstractDeployment::RADIUS_OK : \core\AbstractDeployment::RADIUS_FAILURE)." WHERE deployment_id = $this->identifier"); |
|
| 406 | 406 | return $res; |
| 407 | 407 | } |
| 408 | 408 | /** |
@@ -417,23 +417,23 @@ discard block |
||
| 417 | 417 | private function sendMailtoAdmin($remove, $response, $status) { |
| 418 | 418 | $txt = ''; |
| 419 | 419 | if ($status == 'OK') { |
| 420 | - $txt = $remove? _('Profile dectivation succeeded') : _('Profile activation/modification succeeded'); |
|
| 420 | + $txt = $remove ? _('Profile dectivation succeeded') : _('Profile activation/modification succeeded'); |
|
| 421 | 421 | } else { |
| 422 | - $txt = $remove? _('Profile dectivation failed') : _('Profile activation/modification failed'); |
|
| 422 | + $txt = $remove ? _('Profile dectivation failed') : _('Profile activation/modification failed'); |
|
| 423 | 423 | } |
| 424 | - $txt = $txt . ' '; |
|
| 424 | + $txt = $txt.' '; |
|
| 425 | 425 | if (array_count_values($response)[$status] == 2) { |
| 426 | - $txt = $txt . _('on both RADIUS servers: primary and backup') . '.'; |
|
| 426 | + $txt = $txt._('on both RADIUS servers: primary and backup').'.'; |
|
| 427 | 427 | } else { |
| 428 | 428 | if ($response['res[1]'] == $status) { |
| 429 | - $txt = $txt . _('on primary RADIUS server') . '.'; |
|
| 429 | + $txt = $txt._('on primary RADIUS server').'.'; |
|
| 430 | 430 | } else { |
| 431 | - $txt = $txt . _('on backup RADIUS server') . '.'; |
|
| 431 | + $txt = $txt._('on backup RADIUS server').'.'; |
|
| 432 | 432 | } |
| 433 | 433 | } |
| 434 | 434 | $mail = \core\common\OutsideComm::mailHandle(); |
| 435 | 435 | $email = $this->getAttributes("support:email")[0]['value']; |
| 436 | - $mail->FromName = \config\Master::APPEARANCE['productname'] . " Notification System"; |
|
| 436 | + $mail->FromName = \config\Master::APPEARANCE['productname']." Notification System"; |
|
| 437 | 437 | $mail->addAddress($email); |
| 438 | 438 | if ($status == 'OK') { |
| 439 | 439 | $mail->Subject = _('RADIUS profile update problem fixed'); |
@@ -442,7 +442,7 @@ discard block |
||
| 442 | 442 | } |
| 443 | 443 | $mail->Body = $txt; |
| 444 | 444 | $sent = $mail->send(); |
| 445 | - if ( $sent === FALSE) { |
|
| 445 | + if ($sent === FALSE) { |
|
| 446 | 446 | $this->loggerInstance->debug(1, 'Mailing on RADIUS problem failed'); |
| 447 | 447 | } |
| 448 | 448 | } |
@@ -452,7 +452,7 @@ discard block |
||
| 452 | 452 | * @param integer $idx server index 1 (primary) or 2 (backup) |
| 453 | 453 | * @return integer or NULL |
| 454 | 454 | */ |
| 455 | - private function checkURL ($idx) { |
|
| 455 | + private function checkURL($idx) { |
|
| 456 | 456 | $ch = curl_init(); |
| 457 | 457 | if ($ch === FALSE) { |
| 458 | 458 | return NULL; |
@@ -465,11 +465,11 @@ discard block |
||
| 465 | 465 | return NULL; |
| 466 | 466 | } |
| 467 | 467 | $timeout = 10; |
| 468 | - curl_setopt ( $ch, CURLOPT_URL, 'http://'.$host ); |
|
| 469 | - curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, 1 ); |
|
| 470 | - curl_setopt ( $ch, CURLOPT_TIMEOUT, $timeout ); |
|
| 468 | + curl_setopt($ch, CURLOPT_URL, 'http://'.$host); |
|
| 469 | + curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); |
|
| 470 | + curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); |
|
| 471 | 471 | curl_exec($ch); |
| 472 | - $http_code = curl_getinfo( $ch, CURLINFO_HTTP_CODE ); |
|
| 472 | + $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); |
|
| 473 | 473 | if ($http_code == 200) { |
| 474 | 474 | return 1; |
| 475 | 475 | } |
@@ -548,35 +548,35 @@ discard block |
||
| 548 | 548 | */ |
| 549 | 549 | public function setRADIUSconfig($remove = 0, $onlyone = 0, $notify = 0) { |
| 550 | 550 | $toPost = ($onlyone ? array($onlyone => '') : array(1 => '', 2 => '')); |
| 551 | - $toPostTemplate = 'instid=' . $this->institution . '&deploymentid=' . $this->identifier . '&secret=' . $this->secret . '&country=' . $this->getAttributes("internal:country")[0]['value'] . '&'; |
|
| 551 | + $toPostTemplate = 'instid='.$this->institution.'&deploymentid='.$this->identifier.'&secret='.$this->secret.'&country='.$this->getAttributes("internal:country")[0]['value'].'&'; |
|
| 552 | 552 | if ($remove) { |
| 553 | - $toPostTemplate = $toPostTemplate . 'remove=1&'; |
|
| 553 | + $toPostTemplate = $toPostTemplate.'remove=1&'; |
|
| 554 | 554 | } else { |
| 555 | 555 | if ($this->getAttributes("managedsp:operatorname")[0]['value'] ?? NULL) { |
| 556 | - $toPostTemplate = $toPostTemplate . 'operatorname=' . $this->getAttributes("managedsp:operatorname")[0]['value'] . '&'; |
|
| 556 | + $toPostTemplate = $toPostTemplate.'operatorname='.$this->getAttributes("managedsp:operatorname")[0]['value'].'&'; |
|
| 557 | 557 | } |
| 558 | 558 | if ($this->getAttributes("managedsp:vlan")[0]['value'] ?? NULL) { |
| 559 | 559 | $allRealms = $this->getAllRealms(); |
| 560 | 560 | if (!empty($allRealms)) { |
| 561 | - $toPostTemplate = $toPostTemplate . 'vlan=' . $this->getAttributes("managedsp:vlan")[0]['value'] . '&'; |
|
| 562 | - $toPostTemplate = $toPostTemplate . 'realmforvlan[]=' . implode('&realmforvlan[]=', $allRealms) . '&'; |
|
| 561 | + $toPostTemplate = $toPostTemplate.'vlan='.$this->getAttributes("managedsp:vlan")[0]['value'].'&'; |
|
| 562 | + $toPostTemplate = $toPostTemplate.'realmforvlan[]='.implode('&realmforvlan[]=', $allRealms).'&'; |
|
| 563 | 563 | } |
| 564 | 564 | } |
| 565 | 565 | } |
| 566 | 566 | foreach (array_keys($toPost) as $key) { |
| 567 | - $elem = 'port' . $key; |
|
| 568 | - $toPost[$key] = $toPostTemplate . 'port=' . $elem; |
|
| 567 | + $elem = 'port'.$key; |
|
| 568 | + $toPost[$key] = $toPostTemplate.'port='.$elem; |
|
| 569 | 569 | } |
| 570 | 570 | $response = array(); |
| 571 | 571 | foreach ($toPost as $key => $value) { |
| 572 | - $this->loggerInstance->debug(1, 'toPost ' . $toPost[$key] ."\n"); |
|
| 572 | + $this->loggerInstance->debug(1, 'toPost '.$toPost[$key]."\n"); |
|
| 573 | 573 | $response['res['.$key.']'] = $this->sendToRADIUS($key, $toPost[$key]); |
| 574 | 574 | } |
| 575 | 575 | if ($onlyone) { |
| 576 | - $response['res['.($onlyone==1)? 2 : 1 . ']'] = \core\AbstractDeployment::RADIUS_OK; |
|
| 576 | + $response['res['.($onlyone == 1) ? 2 : 1.']'] = \core\AbstractDeployment::RADIUS_OK; |
|
| 577 | 577 | } |
| 578 | 578 | foreach (array('OK', 'FAILURE') as $status) { |
| 579 | - if ((($status == 'OK' && $notify) || $status == 'FAILURE') && in_array($status, $response)) { |
|
| 579 | + if ((($status == 'OK' && $notify) || $status == 'FAILURE') && in_array($status, $response)) { |
|
| 580 | 580 | $this->sendMailtoAdmin($remove, $response, $status); |
| 581 | 581 | } |
| 582 | 582 | } |
