GEANT /
CAT
@@ -94,7 +94,7 @@ discard block |
||
| 94 | 94 | */ |
| 95 | 95 | public function __construct() { |
| 96 | 96 | $this->loggerInstance = new Logging(); |
| 97 | - $this->loggerInstance->debug(3, "--- BEGIN constructing class " . get_class($this) . " .\n"); |
|
| 97 | + $this->loggerInstance->debug(3, "--- BEGIN constructing class ".get_class($this)." .\n"); |
|
| 98 | 98 | $this->languageInstance = new Language(); |
| 99 | 99 | Entity::intoThePotatoes("core"); |
| 100 | 100 | // some config elements are displayable. We need some dummies to |
@@ -106,7 +106,7 @@ discard block |
||
| 106 | 106 | $dummy_inst2 = _("organisation"); |
| 107 | 107 | $dummy_inst3 = _("Identity Provider"); |
| 108 | 108 | // and do something useless with the strings so that there's no "unused" complaint |
| 109 | - if (strlen($dummy_NRO . $dummy_inst1 . $dummy_inst2 . $dummy_inst3) < 0) { |
|
| 109 | + if (strlen($dummy_NRO.$dummy_inst1.$dummy_inst2.$dummy_inst3) < 0) { |
|
| 110 | 110 | throw new \Exception("Strings are usually not shorter than 0 characters. We've encountered a string blackhole."); |
| 111 | 111 | } |
| 112 | 112 | Entity::$nomenclature_fed = _(CONFIG_CONFASSISTANT['CONSORTIUM']['nomenclature_federation']); |
@@ -121,7 +121,7 @@ discard block |
||
| 121 | 121 | * Logs the end of lifetime of the entity to the debug log on level 5. |
| 122 | 122 | */ |
| 123 | 123 | public function __destruct() { |
| 124 | - (new Logging())->debug(5, "--- KILL Destructing class " . get_class($this) . " .\n"); |
|
| 124 | + (new Logging())->debug(5, "--- KILL Destructing class ".get_class($this)." .\n"); |
|
| 125 | 125 | } |
| 126 | 126 | |
| 127 | 127 | /** |
@@ -151,7 +151,7 @@ discard block |
||
| 151 | 151 | */ |
| 152 | 152 | public function createTemporaryDirectory($purpose = 'installer', $failIsFatal = 1) { |
| 153 | 153 | $loggerInstance = new Logging(); |
| 154 | - $name = md5(time() . rand()); |
|
| 154 | + $name = md5(time().rand()); |
|
| 155 | 155 | $path = ROOT; |
| 156 | 156 | switch ($purpose) { |
| 157 | 157 | case 'silverbullet': |
@@ -169,7 +169,7 @@ discard block |
||
| 169 | 169 | default: |
| 170 | 170 | throw new Exception("unable to create temporary directory due to unknown purpose: $purpose\n"); |
| 171 | 171 | } |
| 172 | - $tmpDir = $path . '/' . $name; |
|
| 172 | + $tmpDir = $path.'/'.$name; |
|
| 173 | 173 | $loggerInstance->debug(4, "temp dir: $purpose : $tmpDir\n"); |
| 174 | 174 | if (!mkdir($tmpDir, 0700, true)) { |
| 175 | 175 | if ($failIsFatal) { |
@@ -189,7 +189,7 @@ discard block |
||
| 189 | 189 | * @return void |
| 190 | 190 | */ |
| 191 | 191 | public static function rrmdir($dir) { |
| 192 | - foreach (glob($dir . '/*') as $file) { |
|
| 192 | + foreach (glob($dir.'/*') as $file) { |
|
| 193 | 193 | if (is_dir($file)) { |
| 194 | 194 | Entity::rrmdir($file); |
| 195 | 195 | } else { |
@@ -214,12 +214,12 @@ discard block |
||
| 214 | 214 | } |
| 215 | 215 | // these substr() are guaranteed to yield actual string data, as the |
| 216 | 216 | // base string is an MD5 hash - has sufficient length |
| 217 | - $uuid = /** @scrutinizer ignore-type */ substr($chars, 0, 8) . '-'; |
|
| 218 | - $uuid .= /** @scrutinizer ignore-type */ substr($chars, 8, 4) . '-'; |
|
| 219 | - $uuid .= /** @scrutinizer ignore-type */ substr($chars, 12, 4) . '-'; |
|
| 220 | - $uuid .= /** @scrutinizer ignore-type */ substr($chars, 16, 4) . '-'; |
|
| 217 | + $uuid = /** @scrutinizer ignore-type */ substr($chars, 0, 8).'-'; |
|
| 218 | + $uuid .= /** @scrutinizer ignore-type */ substr($chars, 8, 4).'-'; |
|
| 219 | + $uuid .= /** @scrutinizer ignore-type */ substr($chars, 12, 4).'-'; |
|
| 220 | + $uuid .= /** @scrutinizer ignore-type */ substr($chars, 16, 4).'-'; |
|
| 221 | 221 | $uuid .= /** @scrutinizer ignore-type */ substr($chars, 20, 12); |
| 222 | - return $prefix . $uuid; |
|
| 222 | + return $prefix.$uuid; |
|
| 223 | 223 | } |
| 224 | 224 | |
| 225 | 225 | /** |
@@ -258,7 +258,7 @@ discard block |
||
| 258 | 258 | for ($i = count($trace); $i--; $i > 0) { |
| 259 | 259 | if (isset($trace[$i - 1]['class']) && preg_match('/Entity/', $trace[$i - 1]['class'])) { |
| 260 | 260 | if ($showTrace) { |
| 261 | - echo "FOUND caller: ".print_r($trace[$i],true). " - class is ".$trace[$i]['class']; |
|
| 261 | + echo "FOUND caller: ".print_r($trace[$i], true)." - class is ".$trace[$i]['class']; |
|
| 262 | 262 | } |
| 263 | 263 | $caller = $trace[$i]; |
| 264 | 264 | break; |
@@ -269,7 +269,7 @@ discard block |
||
| 269 | 269 | $myName = $caller['class'] ?? substr($caller['file'], strlen(ROOT)); |
| 270 | 270 | if ($showTrace === TRUE) { |
| 271 | 271 | echo "<pre>".print_r($trace, true)."</pre>"; |
| 272 | - echo "CLASS = " . $myName ."<br/>"; |
|
| 272 | + echo "CLASS = ".$myName."<br/>"; |
|
| 273 | 273 | } |
| 274 | 274 | if (preg_match("/diag/", $myName) == 1) { |
| 275 | 275 | $ret = "diagnostics"; |
@@ -302,10 +302,10 @@ discard block |
||
| 302 | 302 | if ($catalogue === NULL) { |
| 303 | 303 | $theCatalogue = Entity::determineOwnCatalogue($trace); |
| 304 | 304 | textdomain($theCatalogue); |
| 305 | - bindtextdomain($theCatalogue, ROOT . "/translation/"); |
|
| 305 | + bindtextdomain($theCatalogue, ROOT."/translation/"); |
|
| 306 | 306 | } else { |
| 307 | 307 | textdomain($catalogue); |
| 308 | - bindtextdomain($catalogue, ROOT . "/translation/"); |
|
| 308 | + bindtextdomain($catalogue, ROOT."/translation/"); |
|
| 309 | 309 | } |
| 310 | 310 | } |
| 311 | 311 | |
@@ -17,9 +17,9 @@ discard block |
||
| 17 | 17 | class CertificationAuthorityEduPkiServer extends EntityWithDBProperties implements CertificationAuthorityInterface |
| 18 | 18 | { |
| 19 | 19 | |
| 20 | - private const LOCATION_RA_CERT = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 21 | - private const LOCATION_RA_KEY = ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 22 | - private const LOCATION_WEBROOT = ROOT . "/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 20 | + private const LOCATION_RA_CERT = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 21 | + private const LOCATION_RA_KEY = ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey"; |
|
| 22 | + private const LOCATION_WEBROOT = ROOT."/config/SilverbulletClientCerts/eduPKI-webserver-root.pem"; |
|
| 23 | 23 | private const EDUPKI_RA_ID = 700; |
| 24 | 24 | private const EDUPKI_CERT_PROFILE = "Radius Server SOAP"; |
| 25 | 25 | private const EDUPKI_RA_PKEY_PASSPHRASE = "..."; |
@@ -35,13 +35,13 @@ discard block |
||
| 35 | 35 | parent::__construct(); |
| 36 | 36 | |
| 37 | 37 | if (stat(CertificationAuthorityEduPkiServer::LOCATION_RA_CERT) === FALSE) { |
| 38 | - throw new Exception("RA operator PEM file not found: " . CertificationAuthorityEduPkiServer::LOCATION_RA_CERT); |
|
| 38 | + throw new Exception("RA operator PEM file not found: ".CertificationAuthorityEduPkiServer::LOCATION_RA_CERT); |
|
| 39 | 39 | } |
| 40 | 40 | if (stat(CertificationAuthorityEduPkiServer::LOCATION_RA_KEY) === FALSE) { |
| 41 | - throw new Exception("RA operator private key file not found: " . CertificationAuthorityEduPkiServer::LOCATION_RA_KEY); |
|
| 41 | + throw new Exception("RA operator private key file not found: ".CertificationAuthorityEduPkiServer::LOCATION_RA_KEY); |
|
| 42 | 42 | } |
| 43 | 43 | if (stat(CertificationAuthorityEduPkiServer::LOCATION_WEBROOT) === FALSE) { |
| 44 | - throw new Exception("CA website root CA file not found: " . CertificationAuthorityEduPkiServer::LOCATION_WEBROOT); |
|
| 44 | + throw new Exception("CA website root CA file not found: ".CertificationAuthorityEduPkiServer::LOCATION_WEBROOT); |
|
| 45 | 45 | } |
| 46 | 46 | } |
| 47 | 47 | |
@@ -91,19 +91,19 @@ discard block |
||
| 91 | 91 | // initialise connection to eduPKI CA / eduroam RA and send the request to them |
| 92 | 92 | try { |
| 93 | 93 | $altArray = [# Array mit den Subject Alternative Names |
| 94 | - "email:" . $csr["USERMAIL"] |
|
| 94 | + "email:".$csr["USERMAIL"] |
|
| 95 | 95 | ]; |
| 96 | 96 | $soapPub = $this->initEduPKISoapSession("PUBLIC"); |
| 97 | 97 | $this->loggerInstance->debug(5, "FIRST ACTUAL SOAP REQUEST (Public, newRequest)!\n"); |
| 98 | - $this->loggerInstance->debug(5, "PARAM_1: " . CertificationAuthorityEduPkiServer::EDUPKI_RA_ID . "\n"); |
|
| 99 | - $this->loggerInstance->debug(5, "PARAM_2: " . $csr["CSR"] . "\n"); |
|
| 98 | + $this->loggerInstance->debug(5, "PARAM_1: ".CertificationAuthorityEduPkiServer::EDUPKI_RA_ID."\n"); |
|
| 99 | + $this->loggerInstance->debug(5, "PARAM_2: ".$csr["CSR"]."\n"); |
|
| 100 | 100 | $this->loggerInstance->debug(5, "PARAM_3: "); |
| 101 | 101 | $this->loggerInstance->debug(5, $altArray); |
| 102 | - $this->loggerInstance->debug(5, "PARAM_4: " . CertificationAuthorityEduPkiServer::EDUPKI_CERT_PROFILE . "\n"); |
|
| 103 | - $this->loggerInstance->debug(5, "PARAM_5: " . sha1("notused") . "\n"); |
|
| 104 | - $this->loggerInstance->debug(5, "PARAM_6: " . $csr["USERNAME"] . "\n"); |
|
| 105 | - $this->loggerInstance->debug(5, "PARAM_7: " . $csr["USERMAIL"] . "\n"); |
|
| 106 | - $this->loggerInstance->debug(5, "PARAM_8: " . ProfileSilverbullet::PRODUCTNAME . "\n"); |
|
| 102 | + $this->loggerInstance->debug(5, "PARAM_4: ".CertificationAuthorityEduPkiServer::EDUPKI_CERT_PROFILE."\n"); |
|
| 103 | + $this->loggerInstance->debug(5, "PARAM_5: ".sha1("notused")."\n"); |
|
| 104 | + $this->loggerInstance->debug(5, "PARAM_6: ".$csr["USERNAME"]."\n"); |
|
| 105 | + $this->loggerInstance->debug(5, "PARAM_7: ".$csr["USERMAIL"]."\n"); |
|
| 106 | + $this->loggerInstance->debug(5, "PARAM_8: ".ProfileSilverbullet::PRODUCTNAME."\n"); |
|
| 107 | 107 | $this->loggerInstance->debug(5, "PARAM_9: false\n"); |
| 108 | 108 | $soapNewRequest = $soapPub->newRequest( |
| 109 | 109 | CertificationAuthorityEduPkiServer::EDUPKI_RA_ID, # RA-ID |
@@ -125,11 +125,11 @@ discard block |
||
| 125 | 125 | } catch (Exception $e) { |
| 126 | 126 | // PHP 7.1 can do this much better |
| 127 | 127 | if (is_soap_fault($e)) { |
| 128 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: { |
|
| 128 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: { |
|
| 129 | 129 | $e->faultstring |
| 130 | 130 | }\n"); |
| 131 | 131 | } |
| 132 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 132 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 133 | 133 | } |
| 134 | 134 | try { |
| 135 | 135 | $soap = $this->initEduPKISoapSession("RA"); |
@@ -163,7 +163,7 @@ discard block |
||
| 163 | 163 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 164 | 164 | // rather than just using the string. Grr. |
| 165 | 165 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 166 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapCleartext); |
|
| 166 | + file_put_contents($tempdir['dir']."/content.txt", $soapCleartext); |
|
| 167 | 167 | // retrieve our RA cert from filesystem |
| 168 | 168 | // the RA certificates are not needed right now because we |
| 169 | 169 | // have resorted to S/MIME signatures with openssl command-line |
@@ -175,7 +175,7 @@ discard block |
||
| 175 | 175 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 176 | 176 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 177 | 177 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n $soapCleartext\n"); |
| 178 | - $execCmd = CONFIG['PATHS']['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer " . ROOT . "/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 178 | + $execCmd = CONFIG['PATHS']['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.clearkey -signer ".ROOT."/config/SilverbulletClientCerts/edupki-test-ra.pem"; |
|
| 179 | 179 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 180 | 180 | $output = []; |
| 181 | 181 | $return = 999; |
@@ -184,21 +184,21 @@ discard block |
||
| 184 | 184 | throw new Exception("Non-zero return value from openssl smime!"); |
| 185 | 185 | } |
| 186 | 186 | // and get the signature blob back from the filesystem |
| 187 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 187 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 188 | 188 | $this->loggerInstance->debug(5, "Request for server approveRequest has parameters:\n"); |
| 189 | - $this->loggerInstance->debug(5, $soapReqnum . "\n"); |
|
| 190 | - $this->loggerInstance->debug(5, $soapCleartext . "\n"); // PHP magically encodes this as base64 while sending! |
|
| 191 | - $this->loggerInstance->debug(5, $detachedSig . "\n"); |
|
| 189 | + $this->loggerInstance->debug(5, $soapReqnum."\n"); |
|
| 190 | + $this->loggerInstance->debug(5, $soapCleartext."\n"); // PHP magically encodes this as base64 while sending! |
|
| 191 | + $this->loggerInstance->debug(5, $detachedSig."\n"); |
|
| 192 | 192 | $soapIssueCert = $soap->approveRequest($soapReqnum, $soapCleartext, $detachedSig); |
| 193 | - $this->loggerInstance->debug(5, "approveRequest Request was: \n" . $soap->__getLastRequest()); |
|
| 194 | - $this->loggerInstance->debug(5, "approveRequest Response was: \n" . $soap->__getLastResponse()); |
|
| 193 | + $this->loggerInstance->debug(5, "approveRequest Request was: \n".$soap->__getLastRequest()); |
|
| 194 | + $this->loggerInstance->debug(5, "approveRequest Response was: \n".$soap->__getLastResponse()); |
|
| 195 | 195 | if ($soapIssueCert === FALSE) { |
| 196 | 196 | throw new Exception("The locally approved request was NOT processed by the CA."); |
| 197 | 197 | } |
| 198 | 198 | } catch (SoapFault $e) { |
| 199 | - throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 199 | + throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 200 | 200 | } catch (Exception $e) { |
| 201 | - throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage()); |
|
| 201 | + throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage()); |
|
| 202 | 202 | } |
| 203 | 203 | return $soapReqnum; |
| 204 | 204 | } |
@@ -248,9 +248,9 @@ discard block |
||
| 248 | 248 | throw new Exception("CAInfo has no root certificate for us!"); |
| 249 | 249 | } |
| 250 | 250 | } catch (SoapFault $e) { |
| 251 | - throw new Exception("SoapFault: Error when sending or receiving SOAP message: " . "{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 251 | + throw new Exception("SoapFault: Error when sending or receiving SOAP message: "."{$e->faultcode}: {$e->faultname}: {$e->faultstring}: {$e->faultactor}: {$e->detail}: {$e->headerfault}\n"); |
|
| 252 | 252 | } catch (Exception $e) { |
| 253 | - throw new Exception("Exception: Something odd happened between the SOAP requests:" . $e->getMessage()); |
|
| 253 | + throw new Exception("Exception: Something odd happened between the SOAP requests:".$e->getMessage()); |
|
| 254 | 254 | } |
| 255 | 255 | return [ |
| 256 | 256 | "CERT" => openssl_x509_read($parsedCert['pem']), |
@@ -283,12 +283,12 @@ discard block |
||
| 283 | 283 | // for obnoxious reasons, we have to dump the request into a file and let pkcs7_sign read from the file |
| 284 | 284 | // rather than just using the string. Grr. |
| 285 | 285 | $tempdir = \core\common\Entity::createTemporaryDirectory("test"); |
| 286 | - file_put_contents($tempdir['dir'] . "/content.txt", $soapRawRevRequest); |
|
| 286 | + file_put_contents($tempdir['dir']."/content.txt", $soapRawRevRequest); |
|
| 287 | 287 | // retrieve our RA cert from filesystem |
| 288 | 288 | // sign the data, using cmdline because openssl_pkcs7_sign produces strange results |
| 289 | 289 | // -binary didn't help, nor switch -md to sha1 sha256 or sha512 |
| 290 | 290 | $this->loggerInstance->debug(5, "Actual content to be signed is this:\n$soapRawRevRequest\n"); |
| 291 | - $execCmd = CONFIG['PATHS']['openssl'] . " smime -sign -binary -in " . $tempdir['dir'] . "/content.txt -out " . $tempdir['dir'] . "/signature.txt -outform pem -inkey " . CertificationAuthorityEduPkiServer::LOCATION_RA_KEY . " -signer " . CertificationAuthorityEduPkiServer::LOCATION_RA_CERT; |
|
| 291 | + $execCmd = CONFIG['PATHS']['openssl']." smime -sign -binary -in ".$tempdir['dir']."/content.txt -out ".$tempdir['dir']."/signature.txt -outform pem -inkey ".CertificationAuthorityEduPkiServer::LOCATION_RA_KEY." -signer ".CertificationAuthorityEduPkiServer::LOCATION_RA_CERT; |
|
| 292 | 292 | $this->loggerInstance->debug(2, "Calling openssl smime with following cmdline: $execCmd\n"); |
| 293 | 293 | $output = []; |
| 294 | 294 | $return = 999; |
@@ -297,7 +297,7 @@ discard block |
||
| 297 | 297 | throw new Exception("Non-zero return value from openssl smime!"); |
| 298 | 298 | } |
| 299 | 299 | // and get the signature blob back from the filesystem |
| 300 | - $detachedSig = trim(file_get_contents($tempdir['dir'] . "/signature.txt")); |
|
| 300 | + $detachedSig = trim(file_get_contents($tempdir['dir']."/signature.txt")); |
|
| 301 | 301 | $soapIssueRev = $soap->approveRevocationRequest($soapRevocationSerial, $soapRawRevRequest, $detachedSig); |
| 302 | 302 | if ($soapIssueRev === FALSE) { |
| 303 | 303 | throw new Exception("The locally approved revocation request was NOT processed by the CA."); |
@@ -305,9 +305,9 @@ discard block |
||
| 305 | 305 | } catch (Exception $e) { |
| 306 | 306 | // PHP 7.1 can do this much better |
| 307 | 307 | if (is_soap_fault($e)) { |
| 308 | - throw new Exception("Error when sending SOAP request: " . "{$e->faultcode}: {$e->faultstring}\n"); |
|
| 308 | + throw new Exception("Error when sending SOAP request: "."{$e->faultcode}: {$e->faultstring}\n"); |
|
| 309 | 309 | } |
| 310 | - throw new Exception("Something odd happened while doing the SOAP request:" . $e->getMessage()); |
|
| 310 | + throw new Exception("Something odd happened while doing the SOAP request:".$e->getMessage()); |
|
| 311 | 311 | } |
| 312 | 312 | } |
| 313 | 313 | |
@@ -407,9 +407,9 @@ discard block |
||
| 407 | 407 | */ |
| 408 | 408 | public function soapToXmlInteger($x) |
| 409 | 409 | { |
| 410 | - return '<' . $x[0] . '>' |
|
| 410 | + return '<'.$x[0].'>' |
|
| 411 | 411 | . htmlentities($x[1], ENT_NOQUOTES | ENT_XML1) |
| 412 | - . '</' . $x[0] . '>'; |
|
| 412 | + . '</'.$x[0].'>'; |
|
| 413 | 413 | } |
| 414 | 414 | |
| 415 | 415 | /** |
@@ -428,9 +428,9 @@ discard block |
||
| 428 | 428 | // dump private key into directory |
| 429 | 429 | $outstring = ""; |
| 430 | 430 | openssl_pkey_export($privateKey, $outstring); |
| 431 | - file_put_contents($tempdir . "/pkey.pem", $outstring); |
|
| 431 | + file_put_contents($tempdir."/pkey.pem", $outstring); |
|
| 432 | 432 | // PHP can only do one DC in the Subject. But we need three. |
| 433 | - $execCmd = CONFIG['PATHS']['openssl'] . " req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 433 | + $execCmd = CONFIG['PATHS']['openssl']." req -new -sha256 -key $tempdir/pkey.pem -out $tempdir/request.csr -subj /DC=test/DC=test/DC=eduroam/C=$fed/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$fed/CN=$username/emailAddress=$username"; |
|
| 434 | 434 | $this->loggerInstance->debug(2, "Calling openssl req with following cmdline: $execCmd\n"); |
| 435 | 435 | $output = []; |
| 436 | 436 | $return = 999; |
@@ -26,7 +26,7 @@ discard block |
||
| 26 | 26 | */ |
| 27 | 27 | ?> |
| 28 | 28 | <?php |
| 29 | -require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
| 29 | +require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php"; |
|
| 30 | 30 | |
| 31 | 31 | $auth = new \web\lib\admin\Authentication(); |
| 32 | 32 | $deco = new \web\lib\admin\PageDecoration(); |
@@ -81,7 +81,7 @@ discard block |
||
| 81 | 81 | foreach ($theFed->listTlsCertificates() as $oneCert) { // fetch list a second time, in case we got a cert |
| 82 | 82 | $status = $oneCert['STATUS']; |
| 83 | 83 | if ($status == "ISSUED") { |
| 84 | - $status = "<span onclick='alert(\"".str_replace("\n","\\n",$oneCert['CERT'])."\");'>$status</span>"; |
|
| 84 | + $status = "<span onclick='alert(\"".str_replace("\n", "\\n", $oneCert['CERT'])."\");'>$status</span>"; |
|
| 85 | 85 | } |
| 86 | 86 | echo "<tr><td>".$oneCert['REQSERIAL']."</td><td>".$oneCert['DN']."</td><td>".$status."</td><td>".$oneCert['EXPIRY']."</td></tr>"; |
| 87 | 87 | } |
@@ -26,7 +26,7 @@ discard block |
||
| 26 | 26 | */ |
| 27 | 27 | ?> |
| 28 | 28 | <?php |
| 29 | -require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
| 29 | +require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php"; |
|
| 30 | 30 | |
| 31 | 31 | $auth = new \web\lib\admin\Authentication(); |
| 32 | 32 | $deco = new \web\lib\admin\PageDecoration(); |
@@ -72,7 +72,7 @@ discard block |
||
| 72 | 72 | // also send user back to the overview page |
| 73 | 73 | if (isset($_POST['requestcert']) && $_POST['requestcert'] == \web\lib\common\FormElements::BUTTON_SAVE) { |
| 74 | 74 | // basic sanity checks before we hand this over to openssl |
| 75 | - $sanitisedCsr = $validator->string($_POST['CSR'] ?? "" , TRUE); |
|
| 75 | + $sanitisedCsr = $validator->string($_POST['CSR'] ?? "", TRUE); |
|
| 76 | 76 | if (openssl_csr_get_public_key($sanitisedCsr) === FALSE) { |
| 77 | 77 | throw new Exception("Sorry: Unable to parse the submitted public key - no public key inside?"); |
| 78 | 78 | } |
@@ -86,7 +86,7 @@ discard block |
||
| 86 | 86 | $fed = $validator->Federation($_POST['NRO-list']); |
| 87 | 87 | $country = strtoupper($fed->tld); |
| 88 | 88 | $DN[] = "C=$country"; |
| 89 | - $DN[] = "O=NRO of " . $cat->knownFederations[strtoupper($fed->tld)]; |
|
| 89 | + $DN[] = "O=NRO of ".$cat->knownFederations[strtoupper($fed->tld)]; |
|
| 90 | 90 | $DN[] = "CN=comes.from.eduroam.db"; |
| 91 | 91 | $policies[] = "eduroam IdP"; |
| 92 | 92 | $policies[] = "eduroam SP"; |
@@ -104,11 +104,11 @@ discard block |
||
| 104 | 104 | default: |
| 105 | 105 | throw new Exception("Sorry: Unknown level of issuance requested."); |
| 106 | 106 | } |
| 107 | - echo "<p>" . _("Requesting a certificate with the following properties"); |
|
| 107 | + echo "<p>"._("Requesting a certificate with the following properties"); |
|
| 108 | 108 | echo "<ul>"; |
| 109 | - echo "<li>" . _("Policy OIDs: ") . implode(", ", $policies) . "</li>"; |
|
| 110 | - echo "<li>" . _("Distinguished Name: ") . implode(", ", $DN) . "</li>"; |
|
| 111 | - echo "<li>" . _("Requester Contact Details: will come from eduroam DB (using stub 'Someone, <[email protected]>').") . "</li>"; |
|
| 109 | + echo "<li>"._("Policy OIDs: ").implode(", ", $policies)."</li>"; |
|
| 110 | + echo "<li>"._("Distinguished Name: ").implode(", ", $DN)."</li>"; |
|
| 111 | + echo "<li>"._("Requester Contact Details: will come from eduroam DB (using stub 'Someone, <[email protected]>').")."</li>"; |
|
| 112 | 112 | echo "</ul></p>"; |
| 113 | 113 | /* $ossl = proc_open("openssl req -subj '/".implode("/", $DN)."'", [ 0 => ["pipe", "r"], 1 => ["pipe", "w"], 2 => [ "file", "/tmp/voodoo-error", "a"] ], $pipes); |
| 114 | 114 | if (is_resource($ossl)) { |
@@ -121,13 +121,13 @@ discard block |
||
| 121 | 121 | throw new Exception("Calling openssl in a fancy way did not work."); |
| 122 | 122 | } |
| 123 | 123 | echo "<p>"._("This is the new CSR (return code was $retval)")."<pre>$newCsr</pre></p>"; */ |
| 124 | - $newCsrWithMeta = ["CSR" => /* $newCsr */ $_POST['CSR'], "USERNAME" => "Someone", "USERMAIL" => "[email protected]", "SUBJECT" => implode(",", $DN) ,"FED" => $country]; |
|
| 124 | + $newCsrWithMeta = ["CSR" => /* $newCsr */ $_POST['CSR'], "USERNAME" => "Someone", "USERMAIL" => "[email protected]", "SUBJECT" => implode(",", $DN), "FED" => $country]; |
|
| 125 | 125 | // our certs can be good for max 5 years |
| 126 | 126 | $fed->requestCertificate($newCsrWithMeta, 1825); |
| 127 | 127 | echo "<p>"._("The certificate was requested.")."</p>"; |
| 128 | 128 | ?> |
| 129 | 129 | <form action="overview_certificates.php" method="GET"> |
| 130 | - <button type="submit"><?php echo _("Back to Certificate Overview");?></button> |
|
| 130 | + <button type="submit"><?php echo _("Back to Certificate Overview"); ?></button> |
|
| 131 | 131 | </form> |
| 132 | 132 | <?php |
| 133 | 133 | echo $deco->footer(); |
@@ -136,14 +136,14 @@ discard block |
||
| 136 | 136 | |
| 137 | 137 | // if we did not get a SAVE button, display UI for a fresh request instead |
| 138 | 138 | ?> |
| 139 | - <h2><?php echo _("1. Certificate Holder Details");?></h2> |
|
| 139 | + <h2><?php echo _("1. Certificate Holder Details"); ?></h2> |
|
| 140 | 140 | <form action="action_req_certificate.php" method="POST"> |
| 141 | 141 | <input type="radio" name="LEVEL" id="NRO" value="NRO" checked><?php printf(_("Certificate for %s role"), $uiElements->nomenclatureFed); ?></input> |
| 142 | 142 | <?php |
| 143 | 143 | if (count($feds) == 1) { |
| 144 | 144 | $fedObject = new \core\Federation($feds[0]['value']); |
| 145 | - echo " <strong>" . $cat->knownFederations[$fedObject->tld] . "</strong>"; |
|
| 146 | - echo '<input type="hidden" name="NRO-list" id="NRO-list" value="' . $fedObject->tld . '"/>'; |
|
| 145 | + echo " <strong>".$cat->knownFederations[$fedObject->tld]."</strong>"; |
|
| 146 | + echo '<input type="hidden" name="NRO-list" id="NRO-list" value="'.$fedObject->tld.'"/>'; |
|
| 147 | 147 | } else { |
| 148 | 148 | ?> |
| 149 | 149 | <select name="NRO-list" id="NRO-list"> |
@@ -151,7 +151,7 @@ discard block |
||
| 151 | 151 | <?php |
| 152 | 152 | foreach ($feds as $oneFed) { |
| 153 | 153 | $fedObject = new \core\Federation($oneFed['value']); |
| 154 | - echo '<option value="' . strtoupper($fedObject->tld) . '">' . $cat->knownFederations[$fedObject->tld] . "</option>"; |
|
| 154 | + echo '<option value="'.strtoupper($fedObject->tld).'">'.$cat->knownFederations[$fedObject->tld]."</option>"; |
|
| 155 | 155 | } |
| 156 | 156 | ?> |
| 157 | 157 | </select> |
@@ -171,15 +171,15 @@ discard block |
||
| 171 | 171 | } |
| 172 | 172 | } |
| 173 | 173 | foreach ($allIdPs as $id => $name) { |
| 174 | - echo '<option value="' . $id . '">' . $name . "</option>"; |
|
| 174 | + echo '<option value="'.$id.'">'.$name."</option>"; |
|
| 175 | 175 | } |
| 176 | 176 | ?> |
| 177 | 177 | </select> |
| 178 | 178 | <br/> |
| 179 | - <h2><?php echo _("2. CSR generation");?></h2> |
|
| 180 | - <p><?php echo _("One way to generate an acceptable certificate request is via this openssl one-liner:");?></p> |
|
| 179 | + <h2><?php echo _("2. CSR generation"); ?></h2> |
|
| 180 | + <p><?php echo _("One way to generate an acceptable certificate request is via this openssl one-liner:"); ?></p> |
|
| 181 | 181 | <p>openssl req -new -newkey rsa:4096 -out test.csr -keyout test.key -subj /DC=test/DC=test/DC=eduroam/C=XY/O=WillBeReplaced/CN=will.be.replaced</p> |
| 182 | - <h2><?php echo _("3. Submission");?></h2> |
|
| 182 | + <h2><?php echo _("3. Submission"); ?></h2> |
|
| 183 | 183 | <?php echo _("Please paste your CSR here:"); ?><br/><textarea name="CSR" id="CSR" rows="20" cols="85"/></textarea><br/> |
| 184 | 184 | <button type="submit" name="requestcert" id="requestcert" value="<?php echo \web\lib\common\FormElements::BUTTON_SAVE ?>"><?php echo _("Send request"); ?></button> |
| 185 | 185 | </form> |
@@ -114,7 +114,7 @@ discard block |
||
| 114 | 114 | */ |
| 115 | 115 | public function listProfiles(bool $activeOnly = FALSE) |
| 116 | 116 | { |
| 117 | - $query = "SELECT profile_id FROM profile WHERE inst_id = $this->identifier" . ($activeOnly ? " AND showtime = 1" : ""); |
|
| 117 | + $query = "SELECT profile_id FROM profile WHERE inst_id = $this->identifier".($activeOnly ? " AND showtime = 1" : ""); |
|
| 118 | 118 | $allProfiles = $this->databaseHandle->exec($query); |
| 119 | 119 | $returnarray = []; |
| 120 | 120 | // SELECT -> resource, not boolean |
@@ -124,7 +124,7 @@ discard block |
||
| 124 | 124 | $returnarray[] = $oneProfile; |
| 125 | 125 | } |
| 126 | 126 | |
| 127 | - $this->loggerInstance->debug(4, "listProfiles: " . print_r($returnarray, true)); |
|
| 127 | + $this->loggerInstance->debug(4, "listProfiles: ".print_r($returnarray, true)); |
|
| 128 | 128 | return $returnarray; |
| 129 | 129 | } |
| 130 | 130 | |
@@ -229,7 +229,7 @@ discard block |
||
| 229 | 229 | case AbstractProfile::PROFILETYPE_SILVERBULLET: |
| 230 | 230 | $theProfile = new ProfileSilverbullet($identifier, $this); |
| 231 | 231 | $theProfile->addSupportedEapMethod(new \core\common\EAP(\core\common\EAP::EAPTYPE_SILVERBULLET), 1); |
| 232 | - $theProfile->setRealm($this->identifier . "-" . $theProfile->identifier . "." . strtolower($this->federation) . strtolower(CONFIG_CONFASSISTANT['SILVERBULLET']['realm_suffix'])); |
|
| 232 | + $theProfile->setRealm($this->identifier."-".$theProfile->identifier.".".strtolower($this->federation).strtolower(CONFIG_CONFASSISTANT['SILVERBULLET']['realm_suffix'])); |
|
| 233 | 233 | return $theProfile; |
| 234 | 234 | default: |
| 235 | 235 | throw new Exception("This type of profile is unknown and can not be added."); |
@@ -350,7 +350,7 @@ discard block |
||
| 350 | 350 | public function getExternalDBId() |
| 351 | 351 | { |
| 352 | 352 | if (CONFIG_CONFASSISTANT['CONSORTIUM']['name'] == "eduroam" && isset(CONFIG_CONFASSISTANT['CONSORTIUM']['deployment-voodoo']) && CONFIG_CONFASSISTANT['CONSORTIUM']['deployment-voodoo'] == "Operations Team") { // SW: APPROVED |
| 353 | - $idQuery = $this->databaseHandle->exec("SELECT external_db_id FROM institution WHERE inst_id = $this->identifier AND external_db_syncstate = " . self::EXTERNAL_DB_SYNCSTATE_SYNCED); |
|
| 353 | + $idQuery = $this->databaseHandle->exec("SELECT external_db_id FROM institution WHERE inst_id = $this->identifier AND external_db_syncstate = ".self::EXTERNAL_DB_SYNCSTATE_SYNCED); |
|
| 354 | 354 | // SELECT -> it's a resource, not a boolean |
| 355 | 355 | if (mysqli_num_rows(/** @scrutinizer ignore-type */ $idQuery) == 0) { |
| 356 | 356 | return FALSE; |
@@ -20,7 +20,7 @@ discard block |
||
| 20 | 20 | * <base_url>/copyright.php after deploying the software |
| 21 | 21 | */ |
| 22 | 22 | |
| 23 | -require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
| 23 | +require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php"; |
|
| 24 | 24 | |
| 25 | 25 | $auth = new \web\lib\admin\Authentication(); |
| 26 | 26 | $loggerInstance = new \core\common\Logging(); |
@@ -38,15 +38,15 @@ discard block |
||
| 38 | 38 | $myInstOriginal = $validator->IdP($_GET['inst_id'], $_SESSION['user']); |
| 39 | 39 | $instId = $myInstOriginal->identifier; |
| 40 | 40 | |
| 41 | -$hello = _("To whom it may concern,") . "\n\n"; |
|
| 42 | -$bye = _("This mail is merely a cross-check because these changes can be security-relevant. If the change was expected, you do not need to take any action.") . "\n\n" . |
|
| 43 | - _("Greetings, ") . "\n\n" . |
|
| 41 | +$hello = _("To whom it may concern,")."\n\n"; |
|
| 42 | +$bye = _("This mail is merely a cross-check because these changes can be security-relevant. If the change was expected, you do not need to take any action.")."\n\n". |
|
| 43 | + _("Greetings, ")."\n\n". |
|
| 44 | 44 | CONFIG['APPEARANCE']['productname_long']; |
| 45 | 45 | |
| 46 | 46 | switch ($_POST['submitbutton']) { |
| 47 | 47 | case web\lib\common\FormElements::BUTTON_DELETE: |
| 48 | 48 | $myInstOriginal->destroy(); |
| 49 | - $loggerInstance->writeAudit($_SESSION['user'], "DEL", "IdP " . $instId); |
|
| 49 | + $loggerInstance->writeAudit($_SESSION['user'], "DEL", "IdP ".$instId); |
|
| 50 | 50 | header("Location: overview_user.php"); |
| 51 | 51 | exit; |
| 52 | 52 | case web\lib\common\FormElements::BUTTON_FLUSH_AND_RESTART: |
@@ -56,9 +56,9 @@ discard block |
||
| 56 | 56 | } |
| 57 | 57 | // flush all IdP attributes and send user to creation wizard |
| 58 | 58 | $myInstOriginal->flushAttributes(); |
| 59 | - $loggerInstance->writeAudit($_SESSION['user'], "DEL", "IdP starting over" . $instId); |
|
| 60 | - $text = $hello . |
|
| 61 | - sprintf(_("the %s %s / %s / (previously known as) '%s' has deleted all properties and is starting over freshly. This means that its not recognisable by its name any more, and it may assume a different name in the future. You will get another mail if and when the name change happens."), $ui->nomenclatureInst, strtoupper($myInstOriginal->federation), $myInstOriginal->identifier, $myInstOriginal->name) . "\n\n" . |
|
| 59 | + $loggerInstance->writeAudit($_SESSION['user'], "DEL", "IdP starting over".$instId); |
|
| 60 | + $text = $hello. |
|
| 61 | + sprintf(_("the %s %s / %s / (previously known as) '%s' has deleted all properties and is starting over freshly. This means that its not recognisable by its name any more, and it may assume a different name in the future. You will get another mail if and when the name change happens."), $ui->nomenclatureInst, strtoupper($myInstOriginal->federation), $myInstOriginal->identifier, $myInstOriginal->name)."\n\n". |
|
| 62 | 62 | $bye; |
| 63 | 63 | $fed = new core\Federation($myInstOriginal->federation); |
| 64 | 64 | foreach ($fed->listFederationAdmins() as $id) { |
@@ -77,19 +77,19 @@ discard block |
||
| 77 | 77 | exit(0); |
| 78 | 78 | } |
| 79 | 79 | $inst_name = $myInstOriginal->name; |
| 80 | - echo "<h1>" . sprintf(_("Submitted attributes for IdP '%s'"), $inst_name) . "</h1>"; |
|
| 80 | + echo "<h1>".sprintf(_("Submitted attributes for IdP '%s'"), $inst_name)."</h1>"; |
|
| 81 | 81 | echo "<table>"; |
| 82 | 82 | echo $optionParser->processSubmittedFields($myInstOriginal, $_POST, $_FILES); |
| 83 | 83 | echo "</table>"; |
| 84 | 84 | // delete cached logo, if present |
| 85 | - $dir = ROOT . '/web/downloads/logos/'; |
|
| 86 | - $globResult = glob($dir . $myInstOriginal->identifier . "_*.png"); |
|
| 85 | + $dir = ROOT.'/web/downloads/logos/'; |
|
| 86 | + $globResult = glob($dir.$myInstOriginal->identifier."_*.png"); |
|
| 87 | 87 | if ($globResult === FALSE) { // we should catch the improbable error condition |
| 88 | 88 | $globResult = []; |
| 89 | 89 | } |
| 90 | 90 | array_map('unlink', $globResult); |
| 91 | 91 | $loggerInstance->debug(4, "UNLINK from $dir\n"); |
| 92 | - $loggerInstance->writeAudit($_SESSION['user'], "MOD", "IdP " . $myInstOriginal->identifier . " - attributes changed"); |
|
| 92 | + $loggerInstance->writeAudit($_SESSION['user'], "MOD", "IdP ".$myInstOriginal->identifier." - attributes changed"); |
|
| 93 | 93 | |
| 94 | 94 | // re-instantiate ourselves... profiles need fresh data |
| 95 | 95 | $myInstReinstantiated = $validator->IdP($_GET['inst_id'], $_SESSION['user']); |
@@ -98,10 +98,10 @@ discard block |
||
| 98 | 98 | if (count($significantChanges) > 0) { |
| 99 | 99 | // send a notification/alert mail to someone we know is in charge |
| 100 | 100 | /// were made to the *Identity Provider* *LU* / integer number of IdP / (previously known as) Name |
| 101 | - $text = $hello . sprintf(_("significant changes were made to the %s %s / %s / (previously known as) '%s'."), $ui->nomenclatureInst, strtoupper($myInstOriginal->federation), $myInstOriginal->identifier, $myInstOriginal->name) . "\n\n"; |
|
| 101 | + $text = $hello.sprintf(_("significant changes were made to the %s %s / %s / (previously known as) '%s'."), $ui->nomenclatureInst, strtoupper($myInstOriginal->federation), $myInstOriginal->identifier, $myInstOriginal->name)."\n\n"; |
|
| 102 | 102 | if (isset($significantChanges[\core\IdP::INSTNAME_CHANGED])) { |
| 103 | - $text .= sprintf(_("The %s has changed its name. The details are below:"), $ui->nomenclatureInst) . "\n\n"; |
|
| 104 | - $text .= $significantChanges[\core\IdP::INSTNAME_CHANGED] . "\n\n"; |
|
| 103 | + $text .= sprintf(_("The %s has changed its name. The details are below:"), $ui->nomenclatureInst)."\n\n"; |
|
| 104 | + $text .= $significantChanges[\core\IdP::INSTNAME_CHANGED]."\n\n"; |
|
| 105 | 105 | } |
| 106 | 106 | $text .= $bye; |
| 107 | 107 | // (currently, send hard-wired to NRO - future: for linked insts, check eduroam DBv2 and send to registered admins directly) |
@@ -117,15 +117,15 @@ discard block |
||
| 117 | 117 | |
| 118 | 118 | if (isset(CONFIG_CONFASSISTANT['CONSORTIUM']['ssid']) && count(CONFIG_CONFASSISTANT['CONSORTIUM']['ssid']) > 0) { |
| 119 | 119 | foreach (CONFIG_CONFASSISTANT['CONSORTIUM']['ssid'] as $ssidname) { |
| 120 | - $ssids[] = $ssidname . " " . (isset(CONFIG_CONFASSISTANT['CONSORTIUM']['tkipsupport']) && CONFIG_CONFASSISTANT['CONSORTIUM']['tkipsupport'] === TRUE ? _("(WPA2/AES and WPA/TKIP)") : _("(WPA2/AES)") ); |
|
| 120 | + $ssids[] = $ssidname." ".(isset(CONFIG_CONFASSISTANT['CONSORTIUM']['tkipsupport']) && CONFIG_CONFASSISTANT['CONSORTIUM']['tkipsupport'] === TRUE ? _("(WPA2/AES and WPA/TKIP)") : _("(WPA2/AES)")); |
|
| 121 | 121 | } |
| 122 | 122 | } |
| 123 | 123 | |
| 124 | 124 | foreach ($myInstReinstantiated->getAttributes("media:SSID_with_legacy") as $ssidname) { |
| 125 | - $ssids[] = $ssidname['value'] . " " . _("(WPA2/AES and WPA/TKIP)"); |
|
| 125 | + $ssids[] = $ssidname['value']." "._("(WPA2/AES and WPA/TKIP)"); |
|
| 126 | 126 | } |
| 127 | 127 | foreach ($myInstReinstantiated->getAttributes("media:SSID") as $ssidname) { |
| 128 | - $ssids[] = $ssidname['value'] . " " . _("(WPA2/AES)"); |
|
| 128 | + $ssids[] = $ssidname['value']." "._("(WPA2/AES)"); |
|
| 129 | 129 | } |
| 130 | 130 | |
| 131 | 131 | echo "<table>"; |
@@ -133,7 +133,7 @@ discard block |
||
| 133 | 133 | if (count($ssids) > 0) { |
| 134 | 134 | $printedlist = ""; |
| 135 | 135 | foreach ($ssids as $names) { |
| 136 | - $printedlist = $printedlist . "$names "; |
|
| 136 | + $printedlist = $printedlist."$names "; |
|
| 137 | 137 | } |
| 138 | 138 | echo $uiElements->boxOkay(sprintf(_("Your installers will configure the following SSIDs: <strong>%s</strong>"), $printedlist), _("SSIDs configured")); |
| 139 | 139 | } |
@@ -161,7 +161,7 @@ discard block |
||
| 161 | 161 | // did we get an email address? then, show the silverbullet jumpstart button |
| 162 | 162 | // otherwise, issue a smartass comment |
| 163 | 163 | if (count($myInstReinstantiated->getAttributes("support:email")) > 0) { |
| 164 | - echo "<form method='post' action='edit_silverbullet.php?inst_id=$myInstReinstantiated->identifier' accept-charset='UTF-8'><button type='submit'>" . sprintf(_("Continue to %s properties"), \core\ProfileSilverbullet::PRODUCTNAME) . "</button></form>"; |
|
| 164 | + echo "<form method='post' action='edit_silverbullet.php?inst_id=$myInstReinstantiated->identifier' accept-charset='UTF-8'><button type='submit'>".sprintf(_("Continue to %s properties"), \core\ProfileSilverbullet::PRODUCTNAME)."</button></form>"; |
|
| 165 | 165 | } else { |
| 166 | 166 | echo "<table>"; |
| 167 | 167 | echo $uiElements->boxError(sprintf(_("You did not submit an e-mail address. This is required for %s. Please go to the %s dashboard and edit your helpdesk settings to include a helpdesk e-mail address."), core\ProfileSilverbullet::PRODUCTNAME, $ui->nomenclatureInst), _("No support e-mail!")); |
@@ -169,10 +169,10 @@ discard block |
||
| 169 | 169 | } |
| 170 | 170 | } |
| 171 | 171 | if (CONFIG['FUNCTIONALITY_LOCATIONS']['CONFASSISTANT_RADIUS'] == "LOCAL") { |
| 172 | - echo "<br/><form method='post' action='edit_profile.php?inst_id=$myInstReinstantiated->identifier' accept-charset='UTF-8'><button type='submit'>" . _("Continue to RADIUS/EAP profile definition") . "</button></form>"; |
|
| 172 | + echo "<br/><form method='post' action='edit_profile.php?inst_id=$myInstReinstantiated->identifier' accept-charset='UTF-8'><button type='submit'>"._("Continue to RADIUS/EAP profile definition")."</button></form>"; |
|
| 173 | 173 | } |
| 174 | 174 | } |
| 175 | - echo "<br/><form method='post' action='overview_idp.php?inst_id=$myInstReinstantiated->identifier' accept-charset='UTF-8'><button type='submit'>" . _("Continue to dashboard") . "</button></form>"; |
|
| 175 | + echo "<br/><form method='post' action='overview_idp.php?inst_id=$myInstReinstantiated->identifier' accept-charset='UTF-8'><button type='submit'>"._("Continue to dashboard")."</button></form>"; |
|
| 176 | 176 | echo $deco->footer(); |
| 177 | 177 | break; |
| 178 | 178 | default: |
@@ -20,7 +20,7 @@ discard block |
||
| 20 | 20 | * <base_url>/copyright.php after deploying the software |
| 21 | 21 | */ |
| 22 | 22 | |
| 23 | -require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
| 23 | +require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php"; |
|
| 24 | 24 | |
| 25 | 25 | $loggerInstance = new \core\common\Logging(); |
| 26 | 26 | $validator = new \web\lib\common\InputValidation(); |
@@ -45,7 +45,7 @@ discard block |
||
| 45 | 45 | function disp_name($eap) |
| 46 | 46 | { |
| 47 | 47 | $displayName = \core\common\EAP::eapDisplayName($eap); |
| 48 | - return $displayName['OUTER'] . ( $displayName['INNER'] != '' ? '-' . $displayName['INNER'] : ''); |
|
| 48 | + return $displayName['OUTER'].($displayName['INNER'] != '' ? '-'.$displayName['INNER'] : ''); |
|
| 49 | 49 | } |
| 50 | 50 | |
| 51 | 51 | if (!isset($_REQUEST['test_type']) || !$_REQUEST['test_type']) { |
@@ -68,7 +68,7 @@ discard block |
||
| 68 | 68 | $testsuite = new \core\diag\RADIUSTests($check_realm, $my_profile->getRealmCheckOuterUsername(), $my_profile->getEapMethodsinOrderOfPreference(1), $my_profile->getCollapsedAttributes()['eap:server_name'], $my_profile->getCollapsedAttributes()['eap:ca_file']); |
| 69 | 69 | } else { |
| 70 | 70 | $my_profile = NULL; |
| 71 | - $testsuite = new \core\diag\RADIUSTests($check_realm, "@" . $check_realm); |
|
| 71 | + $testsuite = new \core\diag\RADIUSTests($check_realm, "@".$check_realm); |
|
| 72 | 72 | } |
| 73 | 73 | |
| 74 | 74 | |
@@ -158,10 +158,10 @@ discard block |
||
| 158 | 158 | break; |
| 159 | 159 | case \core\common\Entity::L_REMARK: |
| 160 | 160 | case \core\common\Entity::L_WARN: |
| 161 | - $message = _("<strong>Test partially successful</strong>: authentication succeded.") . ' ' . $additional_message[$level]; |
|
| 161 | + $message = _("<strong>Test partially successful</strong>: authentication succeded.").' '.$additional_message[$level]; |
|
| 162 | 162 | break; |
| 163 | 163 | case \core\common\Entity::L_ERROR: |
| 164 | - $message = _("<strong>Test FAILED</strong>: authentication succeded.") . ' ' . $additional_message[$level]; |
|
| 164 | + $message = _("<strong>Test FAILED</strong>: authentication succeded.").' '.$additional_message[$level]; |
|
| 165 | 165 | break; |
| 166 | 166 | } |
| 167 | 167 | break; |
@@ -212,7 +212,7 @@ discard block |
||
| 212 | 212 | case \core\diag\RADIUSTests::RETVAL_CONVERSATION_REJECT: |
| 213 | 213 | $level = $returnarray['result'][$i]['level']; |
| 214 | 214 | if ($level > \core\common\Entity::L_OK) { |
| 215 | - $message = _("<strong>Test partially successful</strong>: a bidirectional RADIUS conversation with multiple round-trips was carried out, and ended in an Access-Reject as planned.") . ' ' . $additional_message[$level]; |
|
| 215 | + $message = _("<strong>Test partially successful</strong>: a bidirectional RADIUS conversation with multiple round-trips was carried out, and ended in an Access-Reject as planned.").' '.$additional_message[$level]; |
|
| 216 | 216 | } else { |
| 217 | 217 | $message = _("<strong>Test successful</strong>: a bidirectional RADIUS conversation with multiple round-trips was carried out, and ended in an Access-Reject as planned."); |
| 218 | 218 | } |
@@ -235,7 +235,7 @@ discard block |
||
| 235 | 235 | $level = \core\common\Entity::L_ERROR; |
| 236 | 236 | break; |
| 237 | 237 | } |
| 238 | - $loggerInstance->debug(4, "SERVER=" . $returnarray['result'][$i]['server'] . "\n"); |
|
| 238 | + $loggerInstance->debug(4, "SERVER=".$returnarray['result'][$i]['server']."\n"); |
|
| 239 | 239 | $returnarray['result'][$i]['level'] = $level; |
| 240 | 240 | $returnarray['result'][$i]['message'] = $message; |
| 241 | 241 | break; |
@@ -252,9 +252,9 @@ discard block |
||
| 252 | 252 | } |
| 253 | 253 | // we tried to contact someone, and know how long that took |
| 254 | 254 | $returnarray['time_millisec'] = sprintf("%d", $rfc6614suite->TLS_CA_checks_result[$host]['time_millisec']); |
| 255 | - $timeDisplay = ' (' . sprintf(_("elapsed time: %d"), $rfc6614suite->TLS_CA_checks_result[$host]['time_millisec']) . ' ms)'; |
|
| 255 | + $timeDisplay = ' ('.sprintf(_("elapsed time: %d"), $rfc6614suite->TLS_CA_checks_result[$host]['time_millisec']).' ms)'; |
|
| 256 | 256 | if (isset($rfc6614suite->TLS_CA_checks_result[$host]['cert_oddity']) && ($rfc6614suite->TLS_CA_checks_result[$host]['cert_oddity'] == \core\diag\RADIUSTests::CERTPROB_UNKNOWN_CA)) { |
| 257 | - $returnarray['message'] = _("<strong>ERROR</strong>: the server presented a certificate which is from an unknown authority!") . $timeDisplay; |
|
| 257 | + $returnarray['message'] = _("<strong>ERROR</strong>: the server presented a certificate which is from an unknown authority!").$timeDisplay; |
|
| 258 | 258 | $returnarray['level'] = \core\common\Entity::L_ERROR; |
| 259 | 259 | $returnarray['result'] = $testresult; |
| 260 | 260 | break; |
@@ -264,7 +264,7 @@ discard block |
||
| 264 | 264 | $returnarray['level'] = \core\common\Entity::L_OK; |
| 265 | 265 | // override if the connection was with a mismatching server name |
| 266 | 266 | if (isset($rfc6614suite->TLS_CA_checks_result[$host]['cert_oddity']) && ($rfc6614suite->TLS_CA_checks_result[$host]['cert_oddity'] == \core\diag\RADIUSTests::CERTPROB_DYN_SERVER_NAME_MISMATCH)) { |
| 267 | - $returnarray['message'] = _("<strong>WARNING</strong>: the server name as discovered in the SRV record does not match any name in the server certificate!") . $timeDisplay; |
|
| 267 | + $returnarray['message'] = _("<strong>WARNING</strong>: the server name as discovered in the SRV record does not match any name in the server certificate!").$timeDisplay; |
|
| 268 | 268 | $returnarray['level'] = \core\common\Entity::L_WARN; |
| 269 | 269 | } |
| 270 | 270 | switch ($rfc6614suite->TLS_CA_checks_result[$host]['status']) { |
@@ -23,7 +23,7 @@ discard block |
||
| 23 | 23 | |
| 24 | 24 | use \Exception; |
| 25 | 25 | |
| 26 | -require_once dirname(dirname(__DIR__)) . "/config/_config.php"; |
|
| 26 | +require_once dirname(dirname(__DIR__))."/config/_config.php"; |
|
| 27 | 27 | |
| 28 | 28 | /** |
| 29 | 29 | * Test suite to verify that a given NAI realm has NAPTR records according to |
@@ -144,7 +144,7 @@ discard block |
||
| 144 | 144 | private function checkServerName($host) { |
| 145 | 145 | // it could match CN or sAN:DNS, we don't care which |
| 146 | 146 | if (isset($this->TLS_CA_checks_result[$host]['certdata']['subject'])) { |
| 147 | - $this->loggerInstance->debug(4,"Checking expected server name ".$this->expectedName." against Subject: "); |
|
| 147 | + $this->loggerInstance->debug(4, "Checking expected server name ".$this->expectedName." against Subject: "); |
|
| 148 | 148 | $this->loggerInstance->debug(4, $this->TLS_CA_checks_result[$host]['certdata']['subject']); |
| 149 | 149 | // we are checking against accidental misconfig, not attacks, so loosely checking against end of string is appropriate |
| 150 | 150 | if (preg_match("/CN=".$this->expectedName."/", $this->TLS_CA_checks_result[$host]['certdata']['subject']) === 1) { |
@@ -152,7 +152,7 @@ discard block |
||
| 152 | 152 | } |
| 153 | 153 | } |
| 154 | 154 | if (isset($this->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname'])) { |
| 155 | - $this->loggerInstance->debug(4,"Checking expected server name ".$this->expectedName." against sANs: "); |
|
| 155 | + $this->loggerInstance->debug(4, "Checking expected server name ".$this->expectedName." against sANs: "); |
|
| 156 | 156 | $this->loggerInstance->debug(4, $this->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname']); |
| 157 | 157 | $testNames = $this->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname']; |
| 158 | 158 | if (!is_array($testNames)) { |
@@ -164,7 +164,7 @@ discard block |
||
| 164 | 164 | } |
| 165 | 165 | } |
| 166 | 166 | } |
| 167 | - $this->loggerInstance->debug(3,"Tried to check expected server name ".$this->expectedName." but neither CN nor sANs matched."); |
|
| 167 | + $this->loggerInstance->debug(3, "Tried to check expected server name ".$this->expectedName." but neither CN nor sANs matched."); |
|
| 168 | 168 | |
| 169 | 169 | $this->TLS_CA_checks_result[$host]['cert_oddity'] = RADIUSTests::CERTPROB_DYN_SERVER_NAME_MISMATCH; |
| 170 | 170 | return FALSE; |
@@ -194,7 +194,7 @@ discard block |
||
| 194 | 194 | $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['status'] = $cert['status']; |
| 195 | 195 | $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['message'] = $this->TLS_certkeys[$cert['status']]; |
| 196 | 196 | $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['expected'] = $cert['expected']; |
| 197 | - $add = ' -cert ' . ROOT . '/config/cli-certs/' . $cert['public'] . ' -key ' . ROOT . '/config/cli-certs/' . $cert['private']; |
|
| 197 | + $add = ' -cert '.ROOT.'/config/cli-certs/'.$cert['public'].' -key '.ROOT.'/config/cli-certs/'.$cert['private']; |
|
| 198 | 198 | if (!isset($this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k])) { |
| 199 | 199 | $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k] = []; |
| 200 | 200 | } |
@@ -238,11 +238,11 @@ discard block |
||
| 238 | 238 | // but code analysers want this more explicit, so here is this extra |
| 239 | 239 | // call to escapeshellarg() |
| 240 | 240 | $escapedHost = escapeshellarg($host); |
| 241 | - $this->loggerInstance->debug(4, CONFIG['PATHS']['openssl'] . " s_client -connect " . $escapedHost . " -tls1 -CApath " . ROOT . "/config/ca-certs/ $arg 2>&1\n"); |
|
| 241 | + $this->loggerInstance->debug(4, CONFIG['PATHS']['openssl']." s_client -connect ".$escapedHost." -tls1 -CApath ".ROOT."/config/ca-certs/ $arg 2>&1\n"); |
|
| 242 | 242 | $time_start = microtime(true); |
| 243 | 243 | $opensslbabble = []; |
| 244 | 244 | $result = 999; // likely to become zero by openssl; don't want to initialise to zero, could cover up exec failures |
| 245 | - exec(CONFIG['PATHS']['openssl'] . " s_client -connect " . $escapedHost . " -no_ssl3 -CApath " . ROOT . "/config/ca-certs/ $arg 2>&1", $opensslbabble, $result); |
|
| 245 | + exec(CONFIG['PATHS']['openssl']." s_client -connect ".$escapedHost." -no_ssl3 -CApath ".ROOT."/config/ca-certs/ $arg 2>&1", $opensslbabble, $result); |
|
| 246 | 246 | $time_stop = microtime(true); |
| 247 | 247 | $testresults['time_millisec'] = floor(($time_stop - $time_start) * 1000); |
| 248 | 248 | $testresults['returncode'] = $result; |
@@ -19,7 +19,7 @@ discard block |
||
| 19 | 19 | * <base_url>/copyright.php after deploying the software |
| 20 | 20 | */ |
| 21 | 21 | |
| 22 | -require_once dirname(dirname(__DIR__)) . "/config/_config.php"; |
|
| 22 | +require_once dirname(dirname(__DIR__))."/config/_config.php"; |
|
| 23 | 23 | |
| 24 | 24 | $loggerInstance = new \core\common\Logging(); |
| 25 | 25 | |
@@ -65,13 +65,13 @@ discard block |
||
| 65 | 65 | $testsuite = new \core\diag\RADIUSTests($check_realm, $testedProfile->getRealmCheckOuterUsername(), $testedProfile->getEapMethodsinOrderOfPreference(1), $testedProfile->getCollapsedAttributes()['eap:server_name'], $testedProfile->getCollapsedAttributes()["eap:ca_file"]); |
| 66 | 66 | $rfc7585suite = new \core\diag\RFC7585Tests($check_realm); |
| 67 | 67 | } else { |
| 68 | - $error_message = _("You asked for a realm check, but we don't know the realm for this profile!") . "</p>"; |
|
| 68 | + $error_message = _("You asked for a realm check, but we don't know the realm for this profile!")."</p>"; |
|
| 69 | 69 | } |
| 70 | 70 | } else { // someone else's realm, and we don't know anything about it... only shallow checks |
| 71 | 71 | $check_realm = $validator->realm($realm ?? $_SESSION['check_realm'] ?? ""); |
| 72 | 72 | if ($check_realm !== FALSE) { |
| 73 | 73 | $_SESSION['check_realm'] = $check_realm; |
| 74 | - $testsuite = new \core\diag\RADIUSTests($check_realm, "@" . $check_realm); |
|
| 74 | + $testsuite = new \core\diag\RADIUSTests($check_realm, "@".$check_realm); |
|
| 75 | 75 | $rfc7585suite = new \core\diag\RFC7585Tests($check_realm); |
| 76 | 76 | } else { |
| 77 | 77 | $error_message = _("No valid realm name given, cannot execute any checks!"); |
@@ -119,7 +119,7 @@ discard block |
||
| 119 | 119 | var listofcas = "<?php echo _("You should update your list of accredited CAs") ?>"; |
| 120 | 120 | var getitfrom = "<?php echo _("Get it from here.") ?>"; |
| 121 | 121 | var listsource = "<?php echo CONFIG_DIAGNOSTICS['RADIUSTESTS']['accreditedCAsURL'] ?>"; |
| 122 | - var moretext = "<?php echo _("more") . "»" ?>"; |
|
| 122 | + var moretext = "<?php echo _("more")."»" ?>"; |
|
| 123 | 123 | var lesstext = "<?php echo "«" ?>"; |
| 124 | 124 | var morealltext = "<?php echo _("Show detailed information for all tests") ?>"; |
| 125 | 125 | var unknownca_code = "<?php echo \core\diag\RADIUSTests::CERTPROB_UNKNOWN_CA ?>"; |
@@ -256,7 +256,7 @@ discard block |
||
| 256 | 256 | } |
| 257 | 257 | } |
| 258 | 258 | cliinfo = cliinfo + '<li><table><tbody><tr><td class="icon_td"><img class="icon" src="' + icons[level] + '" style="width: 24px;"></td><td>' + state; |
| 259 | - cliinfo = cliinfo + ' <?php echo "(" . sprintf(_("elapsed time: %sms."), "'+data.ca[key].certificate[c].time_millisec+' ") . ")"; ?>' + add + '</td></tr>'; |
|
| 259 | + cliinfo = cliinfo + ' <?php echo "(".sprintf(_("elapsed time: %sms."), "'+data.ca[key].certificate[c].time_millisec+' ").")"; ?>' + add + '</td></tr>'; |
|
| 260 | 260 | cliinfo = cliinfo + '</tbody></table></ul></li>'; |
| 261 | 261 | if (data.ca[key].certificate[c].finalerror === 1) { |
| 262 | 262 | cliinfo = cliinfo + '<li>' + restskipped + '</li>'; |
@@ -426,8 +426,8 @@ discard block |
||
| 426 | 426 | <?php |
| 427 | 427 | foreach (CONFIG_DIAGNOSTICS['RADIUSTESTS']['UDP-hosts'] as $hostindex => $host) { |
| 428 | 428 | print " |
| 429 | -$(\"#live_src" . $hostindex . "_img\").attr('src',icon_loading); |
|
| 430 | -$(\"#live_src" . $hostindex . "_img\").show(); |
|
| 429 | +$(\"#live_src" . $hostindex."_img\").attr('src',icon_loading); |
|
| 430 | +$(\"#live_src" . $hostindex."_img\").show(); |
|
| 431 | 431 | $.ajax({ |
| 432 | 432 | url: 'radius_tests.php?src=0&hostindex=$hostindex&realm='+realm, |
| 433 | 433 | type: 'POST', |
@@ -457,15 +457,15 @@ discard block |
||
| 457 | 457 | <?php |
| 458 | 458 | foreach (CONFIG_DIAGNOSTICS['RADIUSTESTS']['UDP-hosts'] as $hostindex => $host) { |
| 459 | 459 | if ($testedProfile !== NULL) { |
| 460 | - $extraarg = "profile_id: " . $testedProfile->identifier . ", "; |
|
| 460 | + $extraarg = "profile_id: ".$testedProfile->identifier.", "; |
|
| 461 | 461 | } else { |
| 462 | 462 | $extraarg = ""; |
| 463 | 463 | } |
| 464 | 464 | print " |
| 465 | -$(\"#src" . $hostindex . "_img\").attr('src',icon_loading); |
|
| 465 | +$(\"#src" . $hostindex."_img\").attr('src',icon_loading); |
|
| 466 | 466 | $(\"#src$hostindex\").html(''); |
| 467 | 467 | running_ajax_stat++; |
| 468 | -$.get('radius_tests.php',{test_type: 'udp', $extraarg realm: realm, src: $hostindex, lang: '" . $gui->langObject->getLang() . "', hostindex: '$hostindex' }, udp, 'json'); |
|
| 468 | +$.get('radius_tests.php',{test_type: 'udp', $extraarg realm: realm, src: $hostindex, lang: '".$gui->langObject->getLang()."', hostindex: '$hostindex' }, udp, 'json'); |
|
| 469 | 469 | |
| 470 | 470 | "; |
| 471 | 471 | } |
@@ -492,7 +492,7 @@ discard block |
||
| 492 | 492 | if ($check_realm === FALSE) { |
| 493 | 493 | print "<p>$error_message</p>"; |
| 494 | 494 | } else { |
| 495 | - print "<h1>" . sprintf(_("Realm testing for: %s"), $check_realm) . "</h1>\n"; |
|
| 495 | + print "<h1>".sprintf(_("Realm testing for: %s"), $check_realm)."</h1>\n"; |
|
| 496 | 496 | ?> |
| 497 | 497 | <div id="debug_out" style="display: none"></div> |
| 498 | 498 | <div id="tabs" style="min-width: 600px; max-width:800px"> |
@@ -509,12 +509,12 @@ discard block |
||
| 509 | 509 | </legend> |
| 510 | 510 | <?php |
| 511 | 511 | // NAPTR existence check |
| 512 | - echo "<strong>" . _("DNS chekcs") . "</strong><div>"; |
|
| 512 | + echo "<strong>"._("DNS chekcs")."</strong><div>"; |
|
| 513 | 513 | $naptr = $rfc7585suite->relevantNAPTR(); |
| 514 | 514 | if ($naptr != \core\diag\RADIUSTests::RETVAL_NOTCONFIGURED) { |
| 515 | 515 | echo "<table>"; |
| 516 | 516 | // output in friendly words |
| 517 | - echo "<tr><td>" . _("Checking NAPTR existence:") . "</td><td>"; |
|
| 517 | + echo "<tr><td>"._("Checking NAPTR existence:")."</td><td>"; |
|
| 518 | 518 | switch ($naptr) { |
| 519 | 519 | case \core\diag\RFC7585Tests::RETVAL_NONAPTR: |
| 520 | 520 | echo _("This realm has no NAPTR records."); |
@@ -529,7 +529,7 @@ discard block |
||
| 529 | 529 | |
| 530 | 530 | // compliance checks for NAPTRs |
| 531 | 531 | if ($naptr > 0) { |
| 532 | - echo "<tr><td>" . _("Checking NAPTR compliance (flag = S and regex = {empty}):") . "</td><td>"; |
|
| 532 | + echo "<tr><td>"._("Checking NAPTR compliance (flag = S and regex = {empty}):")."</td><td>"; |
|
| 533 | 533 | $naptr_valid = $rfc7585suite->relevantNAPTRcompliance(); |
| 534 | 534 | switch ($naptr_valid) { |
| 535 | 535 | case \core\diag\RADIUSTests::RETVAL_OK: |
@@ -546,7 +546,7 @@ discard block |
||
| 546 | 546 | |
| 547 | 547 | if ($naptr > 0 && $naptr_valid == \core\diag\RADIUSTests::RETVAL_OK) { |
| 548 | 548 | $srv = $rfc7585suite->relevantNAPTRsrvResolution(); |
| 549 | - echo "<tr><td>" . _("Checking SRVs:") . "</td><td>"; |
|
| 549 | + echo "<tr><td>"._("Checking SRVs:")."</td><td>"; |
|
| 550 | 550 | switch ($srv) { |
| 551 | 551 | case \core\diag\RADIUSTests::RETVAL_SKIPPED: |
| 552 | 552 | echo _("This check was skipped."); |
@@ -562,7 +562,7 @@ discard block |
||
| 562 | 562 | // IP addresses for the hosts |
| 563 | 563 | if ($naptr > 0 && $naptr_valid == \core\diag\RADIUSTests::RETVAL_OK && $srv > 0) { |
| 564 | 564 | $hosts = $rfc7585suite->relevantNAPTRhostnameResolution(); |
| 565 | - echo "<tr><td>" . _("Checking IP address resolution:") . "</td><td>"; |
|
| 565 | + echo "<tr><td>"._("Checking IP address resolution:")."</td><td>"; |
|
| 566 | 566 | switch ($srv) { |
| 567 | 567 | case \core\diag\RADIUSTests::RETVAL_SKIPPED: |
| 568 | 568 | echo _("This check was skipped."); |
@@ -578,12 +578,12 @@ discard block |
||
| 578 | 578 | |
| 579 | 579 | echo "</table><br/><br/>"; |
| 580 | 580 | if (count($testsuite->listerrors()) == 0) { |
| 581 | - echo sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC"))) . _("with no DNS errors encountered. Congratulations!"); |
|
| 581 | + echo sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC")))._("with no DNS errors encountered. Congratulations!"); |
|
| 582 | 582 | } else { |
| 583 | - echo sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC"))) . _("but there were DNS errors! Check them!") . " " . _("You should re-run the tests after fixing the errors; more errors might be uncovered at that point. The exact error causes are listed below."); |
|
| 583 | + echo sprintf(_("Realm is <strong>%s</strong> "), _(($naptr > 0 ? "DYNAMIC" : "STATIC")))._("but there were DNS errors! Check them!")." "._("You should re-run the tests after fixing the errors; more errors might be uncovered at that point. The exact error causes are listed below."); |
|
| 584 | 584 | echo "<div class='notacceptable'><table>"; |
| 585 | 585 | foreach ($testsuite->listerrors() as $details) { |
| 586 | - echo "<tr><td>" . $details['TYPE'] . "</td><td>" . $details['TARGET'] . "</td></tr>"; |
|
| 586 | + echo "<tr><td>".$details['TYPE']."</td><td>".$details['TARGET']."</td></tr>"; |
|
| 587 | 587 | } |
| 588 | 588 | echo "</table></div>"; |
| 589 | 589 | } |
@@ -599,26 +599,26 @@ discard block |
||
| 599 | 599 | $("#dynamic_tests").show(); |
| 600 | 600 | '; |
| 601 | 601 | foreach ($rfc7585suite->NAPTR_hostname_records as $hostindex => $addr) { |
| 602 | - $host = ($addr['family'] == "IPv6" ? "[" : "") . $addr['IP'] . ($addr['family'] == "IPv6" ? "]" : "") . ":" . $addr['port']; |
|
| 602 | + $host = ($addr['family'] == "IPv6" ? "[" : "").$addr['IP'].($addr['family'] == "IPv6" ? "]" : "").":".$addr['port']; |
|
| 603 | 603 | $expectedName = $addr['hostname']; |
| 604 | 604 | print " |
| 605 | 605 | running_ajax_dyn++; |
| 606 | - $.ajax({url:'radius_tests.php', data:{test_type: 'capath', realm: realm, src: '$host', lang: '" . $gui->langObject->getLang() . "', hostindex: '$hostindex', expectedname: '$expectedName' }, error: eee, success: capath, dataType: 'json'}); |
|
| 606 | + $.ajax({url:'radius_tests.php', data:{test_type: 'capath', realm: realm, src: '$host', lang: '".$gui->langObject->getLang()."', hostindex: '$hostindex', expectedname: '$expectedName' }, error: eee, success: capath, dataType: 'json'}); |
|
| 607 | 607 | running_ajax_dyn++; |
| 608 | - $.ajax({url:'radius_tests.php', data:{test_type: 'clients', realm: realm, src: '$host', lang: '" . $gui->langObject->getLang() . "', hostindex: '$hostindex' }, error: eee, success: clients, dataType: 'json'}); |
|
| 608 | + $.ajax({url:'radius_tests.php', data:{test_type: 'clients', realm: realm, src: '$host', lang: '".$gui->langObject->getLang()."', hostindex: '$hostindex' }, error: eee, success: clients, dataType: 'json'}); |
|
| 609 | 609 | "; |
| 610 | 610 | } |
| 611 | 611 | echo "} |
| 612 | 612 | </script><hr>"; |
| 613 | 613 | } else { |
| 614 | - echo "<tr><td>" . _("Dynamic discovery test is not configured") . "</td><td>"; |
|
| 614 | + echo "<tr><td>"._("Dynamic discovery test is not configured")."</td><td>"; |
|
| 615 | 615 | } |
| 616 | - echo "<strong>" . _("Static connectivity tests") . "</strong> |
|
| 616 | + echo "<strong>"._("Static connectivity tests")."</strong> |
|
| 617 | 617 | <table><tr> |
| 618 | 618 | <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='main_static_ico' class='icon'></td><td id='main_static_result' style='display:none'> </td> |
| 619 | 619 | </tr></table>"; |
| 620 | 620 | if ($naptr > 0) { |
| 621 | - echo "<hr><strong>" . _("Dynamic connectivity tests") . "</strong> |
|
| 621 | + echo "<hr><strong>"._("Dynamic connectivity tests")."</strong> |
|
| 622 | 622 | <table><tr> |
| 623 | 623 | <td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='main_dynamic_ico' class='icon'></td><td id='main_dynamic_result' style='display:none'> </td> |
| 624 | 624 | </tr></table>"; |
@@ -638,12 +638,12 @@ discard block |
||
| 638 | 638 | print "<p>"; |
| 639 | 639 | foreach (CONFIG_DIAGNOSTICS['RADIUSTESTS']['UDP-hosts'] as $hostindex => $host) { |
| 640 | 640 | print "<hr>"; |
| 641 | - printf(_("Testing from: %s"), "<strong>" . CONFIG_DIAGNOSTICS['RADIUSTESTS']['UDP-hosts'][$hostindex]['display_name'] . "</strong>"); |
|
| 641 | + printf(_("Testing from: %s"), "<strong>".CONFIG_DIAGNOSTICS['RADIUSTESTS']['UDP-hosts'][$hostindex]['display_name']."</strong>"); |
|
| 642 | 642 | print "<table id='results$hostindex' style='width:100%' class='udp_results'> |
| 643 | 643 | <tr> |
| 644 | -<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='src" . $hostindex . "_img'></td> |
|
| 644 | +<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='src".$hostindex."_img'></td> |
|
| 645 | 645 | <td id='src$hostindex' colspan=2> |
| 646 | -" . _("testing...") . " |
|
| 646 | +"._("testing...")." |
|
| 647 | 647 | </td> |
| 648 | 648 | </tr> |
| 649 | 649 | </table>"; |
@@ -662,21 +662,21 @@ discard block |
||
| 662 | 662 | |
| 663 | 663 | <?php |
| 664 | 664 | echo "<div id='dynamic_tests'><fieldset class='option_container'> |
| 665 | - <legend><strong>" . _("DYNAMIC connectivity tests") . "</strong></legend>"; |
|
| 665 | + <legend><strong>" . _("DYNAMIC connectivity tests")."</strong></legend>"; |
|
| 666 | 666 | |
| 667 | 667 | $resultstoprint = []; |
| 668 | 668 | if (count($rfc7585suite->NAPTR_hostname_records) > 0) { |
| 669 | - $resultstoprint[] = '<div style="align:right; display: none;" id="dynamic_result_fail">' . _("Some errors were found during the tests, see below") . '</div><div style="align:right; display: none;" id="dynamic_result_pass">' . _("All tests passed, congratulations!") . '</div>'; |
|
| 670 | - $resultstoprint[] = '<div style="align:right;"><a href="" class="moreall">' . _('Show detailed information for all tests') . '</a></div>' . '<p><strong>' . _("Checking server handshake...") . "</strong><p>"; |
|
| 669 | + $resultstoprint[] = '<div style="align:right; display: none;" id="dynamic_result_fail">'._("Some errors were found during the tests, see below").'</div><div style="align:right; display: none;" id="dynamic_result_pass">'._("All tests passed, congratulations!").'</div>'; |
|
| 670 | + $resultstoprint[] = '<div style="align:right;"><a href="" class="moreall">'._('Show detailed information for all tests').'</a></div>'.'<p><strong>'._("Checking server handshake...")."</strong><p>"; |
|
| 671 | 671 | foreach ($rfc7585suite->NAPTR_hostname_records as $hostindex => $addr) { |
| 672 | - $bracketaddr = ($addr["family"] == "IPv6" ? "[" . $addr["IP"] . "]" : $addr["IP"]); |
|
| 673 | - $resultstoprint[] = '<p><strong>' . $bracketaddr . ' TCP/' . $addr['port'] . '</strong>'; |
|
| 672 | + $bracketaddr = ($addr["family"] == "IPv6" ? "[".$addr["IP"]."]" : $addr["IP"]); |
|
| 673 | + $resultstoprint[] = '<p><strong>'.$bracketaddr.' TCP/'.$addr['port'].'</strong>'; |
|
| 674 | 674 | $resultstoprint[] = '<ul style="list-style-type: none;" class="caresult"><li>'; |
| 675 | 675 | $resultstoprint[] = "<table id='caresults$hostindex' style='width:100%'> |
| 676 | 676 | <tr> |
| 677 | -<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='srcca" . $hostindex . "_img'></td> |
|
| 677 | +<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='srcca".$hostindex."_img'></td> |
|
| 678 | 678 | <td id='srcca$hostindex'> |
| 679 | -" . _("testing...") . " |
|
| 679 | +"._("testing...")." |
|
| 680 | 680 | </td> |
| 681 | 681 | </tr> |
| 682 | 682 | </table>"; |
@@ -684,12 +684,12 @@ discard block |
||
| 684 | 684 | } |
| 685 | 685 | $clientstest = []; |
| 686 | 686 | foreach ($rfc7585suite->NAPTR_hostname_records as $hostindex => $addr) { |
| 687 | - $clientstest[] = '<p><strong>' . $addr['IP'] . ' TCP/' . $addr['port'] . '</strong></p><ol>'; |
|
| 687 | + $clientstest[] = '<p><strong>'.$addr['IP'].' TCP/'.$addr['port'].'</strong></p><ol>'; |
|
| 688 | 688 | $clientstest[] = "<span id='clientresults$hostindex$clinx'><table style='width:100%'> |
| 689 | 689 | <tr> |
| 690 | -<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='srcclient" . $hostindex . "_img'></td> |
|
| 690 | +<td class='icon_td'><img src='../resources/images/icons/loading51.gif' id='srcclient".$hostindex."_img'></td> |
|
| 691 | 691 | <td id='srcclient$hostindex'> |
| 692 | -" . _("testing...") . " |
|
| 692 | +"._("testing...")." |
|
| 693 | 693 | </td> |
| 694 | 694 | </tr> |
| 695 | 695 | </table></span>"; |
@@ -697,7 +697,7 @@ discard block |
||
| 697 | 697 | } |
| 698 | 698 | echo '<div style="align:right;">'; |
| 699 | 699 | echo join('', $resultstoprint); |
| 700 | - echo '<span id="clientstest" style="display: none;"><p><hr><b>' . _('Checking if certificates from CAs are accepted...') . '</b><p>' . _('A few client certificates will be tested to check if servers are resistant to some certificate problems.') . '<p>'; |
|
| 700 | + echo '<span id="clientstest" style="display: none;"><p><hr><b>'._('Checking if certificates from CAs are accepted...').'</b><p>'._('A few client certificates will be tested to check if servers are resistant to some certificate problems.').'<p>'; |
|
| 701 | 701 | print join('', $clientstest); |
| 702 | 702 | echo '</span>'; |
| 703 | 703 | echo '</div>'; |
@@ -711,7 +711,7 @@ discard block |
||
| 711 | 711 | // check if truncates/dies on Operator-Name |
| 712 | 712 | if ($my_profile !== NULL) { |
| 713 | 713 | echo "<div id='tabs-4'><fieldset class='option_container'> |
| 714 | - <legend><strong>" . _("Live login test") . "</strong></legend>"; |
|
| 714 | + <legend><strong>" . _("Live login test")."</strong></legend>"; |
|
| 715 | 715 | $prof_compl = $my_profile->getEapMethodsinOrderOfPreference(1); |
| 716 | 716 | if (count($prof_compl) > 0) { |
| 717 | 717 | $passwordReqired = FALSE; |
@@ -724,34 +724,34 @@ discard block |
||
| 724 | 724 | $clientCertRequired = TRUE; |
| 725 | 725 | } |
| 726 | 726 | } |
| 727 | - echo "<div id='disposable_credential_container'><p>" . _("If you enter an existing login credential here, you can test the actual authentication from various checkpoints all over the world.") . "</p> |
|
| 728 | - <p>" . _("The test will use all EAP types you have set in your profile information to check whether the right CAs and server names are used, and of course whether the login with these credentials and the given EAP type actually worked. If you have set anonymous outer ID, the test will use that.") . "</p> |
|
| 729 | - <p>" . _("Note: the tool purposefully does not offer you to save these credentials, and they will never be saved in any way on the server side. Please use only <strong>temporary test accounts</strong> here; permanently valid test accounts in the wild are considered harmful!") . "</p></div> |
|
| 727 | + echo "<div id='disposable_credential_container'><p>"._("If you enter an existing login credential here, you can test the actual authentication from various checkpoints all over the world.")."</p> |
|
| 728 | + <p>" . _("The test will use all EAP types you have set in your profile information to check whether the right CAs and server names are used, and of course whether the login with these credentials and the given EAP type actually worked. If you have set anonymous outer ID, the test will use that.")."</p> |
|
| 729 | + <p>" . _("Note: the tool purposefully does not offer you to save these credentials, and they will never be saved in any way on the server side. Please use only <strong>temporary test accounts</strong> here; permanently valid test accounts in the wild are considered harmful!")."</p></div> |
|
| 730 | 730 | <form enctype='multipart/form-data' id='live_form' accept-charset='UTF-8'> |
| 731 | 731 | <input type='hidden' name='test_type' value='udp_login'> |
| 732 | - <input type='hidden' name='lang' value='" . $gui->langObject->getLang() . "'> |
|
| 733 | - <input type='hidden' name='profile_id' value='" . $my_profile->identifier . "'> |
|
| 732 | + <input type='hidden' name='lang' value='" . $gui->langObject->getLang()."'> |
|
| 733 | + <input type='hidden' name='profile_id' value='" . $my_profile->identifier."'> |
|
| 734 | 734 | <table id='live_tests'>"; |
| 735 | 735 | // if any password based EAP methods are available enable this section |
| 736 | 736 | if ($passwordReqired) { |
| 737 | - echo "<tr><td colspan='2'><strong>" . _("Password-based EAP types") . "</strong></td></tr> |
|
| 738 | - <tr><td>" . _("Real (inner) username:") . "</td><td><input type='text' id='username' class='mandatory' name='username'/></td></tr>"; |
|
| 739 | - echo "<tr><td>" . _("Anonymous outer ID (optional):") . "</td><td><input type='text' id='outer_username' name='outer_username'/></td></tr>"; |
|
| 740 | - echo "<tr><td>" . _("Password:") . "</td><td><input type='text' id='password' class='mandatory' name='password'/></td></tr>"; |
|
| 737 | + echo "<tr><td colspan='2'><strong>"._("Password-based EAP types")."</strong></td></tr> |
|
| 738 | + <tr><td>" . _("Real (inner) username:")."</td><td><input type='text' id='username' class='mandatory' name='username'/></td></tr>"; |
|
| 739 | + echo "<tr><td>"._("Anonymous outer ID (optional):")."</td><td><input type='text' id='outer_username' name='outer_username'/></td></tr>"; |
|
| 740 | + echo "<tr><td>"._("Password:")."</td><td><input type='text' id='password' class='mandatory' name='password'/></td></tr>"; |
|
| 741 | 741 | } |
| 742 | 742 | // ask for cert + privkey if TLS-based method is active |
| 743 | 743 | if ($clientCertRequired) { |
| 744 | - echo "<tr><td colspan='2'><strong>" . _("Certificate-based EAP types") . "</strong></td></tr> |
|
| 745 | - <tr><td>" . _("Certificate file (.p12 or .pfx):") . "</td><td><input type='file' id='cert' accept='application/x-pkcs12' name='cert'/></td></tr> |
|
| 746 | - <tr><td>" . _("Certificate password, if any:") . "</td><td><input type='text' id='privkey' name='privkey_pass'/></td></tr> |
|
| 747 | - <tr><td>" . _("Username, if different from certificate Subject:") . "</td><td><input type='text' id='tls_username' name='tls_username'/></td></tr>"; |
|
| 744 | + echo "<tr><td colspan='2'><strong>"._("Certificate-based EAP types")."</strong></td></tr> |
|
| 745 | + <tr><td>" . _("Certificate file (.p12 or .pfx):")."</td><td><input type='file' id='cert' accept='application/x-pkcs12' name='cert'/></td></tr> |
|
| 746 | + <tr><td>" . _("Certificate password, if any:")."</td><td><input type='text' id='privkey' name='privkey_pass'/></td></tr> |
|
| 747 | + <tr><td>" . _("Username, if different from certificate Subject:")."</td><td><input type='text' id='tls_username' name='tls_username'/></td></tr>"; |
|
| 748 | 748 | } |
| 749 | - echo "<tr><td colspan='2'><button id='submit_credentials'>" . _("Submit credentials") . "</button></td></tr></table></form>"; |
|
| 749 | + echo "<tr><td colspan='2'><button id='submit_credentials'>"._("Submit credentials")."</button></td></tr></table></form>"; |
|
| 750 | 750 | echo "<div id='live_login_results' style='display:none'>"; |
| 751 | 751 | foreach (CONFIG_DIAGNOSTICS['RADIUSTESTS']['UDP-hosts'] as $hostindex => $host) { |
| 752 | 752 | print "<hr>"; |
| 753 | - printf(_("Testing from: %s"), "<strong>" . CONFIG_DIAGNOSTICS['RADIUSTESTS']['UDP-hosts'][$hostindex]['display_name'] . "</strong>"); |
|
| 754 | - print "<span style='position:relative'><img src='../resources/images/icons/loading51.gif' id='live_src" . $hostindex . "_img' style='width:24px; position: absolute; left: 20px; bottom: 0px; '></span>"; |
|
| 753 | + printf(_("Testing from: %s"), "<strong>".CONFIG_DIAGNOSTICS['RADIUSTESTS']['UDP-hosts'][$hostindex]['display_name']."</strong>"); |
|
| 754 | + print "<span style='position:relative'><img src='../resources/images/icons/loading51.gif' id='live_src".$hostindex."_img' style='width:24px; position: absolute; left: 20px; bottom: 0px; '></span>"; |
|
| 755 | 755 | print "<div id='eap_test$hostindex' class='eap_test_results'></div>"; |
| 756 | 756 | } |
| 757 | 757 | echo "</div>"; |
@@ -766,9 +766,9 @@ discard block |
||
| 766 | 766 | } |
| 767 | 767 | |
| 768 | 768 | if (isset($_POST['comefrom'])) { |
| 769 | - $return = htmlspecialchars_decode($_POST['comefrom']) . "?inst_id=" . $my_inst->identifier; |
|
| 769 | + $return = htmlspecialchars_decode($_POST['comefrom'])."?inst_id=".$my_inst->identifier; |
|
| 770 | 770 | echo "<form method='post' action='$return' accept-charset='UTF-8'> |
| 771 | - <button type='submit' name='submitbutton' value='" . web\lib\common\FormElements::BUTTON_CLOSE . "'>" . sprintf(_("Return to %s administrator area"), core\common\Entity::$nomenclature_inst) . "</button>" |
|
| 771 | + <button type='submit' name='submitbutton' value='".web\lib\common\FormElements::BUTTON_CLOSE."'>".sprintf(_("Return to %s administrator area"), core\common\Entity::$nomenclature_inst)."</button>" |
|
| 772 | 772 | . "</form>"; |
| 773 | 773 | } |
| 774 | 774 | if ($check_realm !== FALSE) { |
