GEANT / CAT

core/CertificationAuthorityEmbeddedECDSA.php

Spacing +21 added lines, -21 removed lines

@@ -16,10 +16,10 @@ 
 class CertificationAuthorityEmbeddedECDSA extends EntityWithDBProperties implements CertificationAuthorityInterface
 {
 
-    private const LOCATION_ROOT_CA = ROOT . "/config/SilverbulletClientCerts/rootca-ECDSA.pem";
-    private const LOCATION_ISSUING_CA = ROOT . "/config/SilverbulletClientCerts/real-ECDSA.pem";
-    private const LOCATION_ISSUING_KEY = ROOT . "/config/SilverbulletClientCerts/real-ECDSA.key";
-    private const LOCATION_CONFIG = ROOT . "/config/SilverbulletClientCerts/openssl-ECDSA.cnf";
+    private const LOCATION_ROOT_CA = ROOT."/config/SilverbulletClientCerts/rootca-ECDSA.pem";
+    private const LOCATION_ISSUING_CA = ROOT."/config/SilverbulletClientCerts/real-ECDSA.pem";
+    private const LOCATION_ISSUING_KEY = ROOT."/config/SilverbulletClientCerts/real-ECDSA.key";
+    private const LOCATION_CONFIG = ROOT."/config/SilverbulletClientCerts/openssl-ECDSA.cnf";
 
     /**
      * string with the PEM variant of the root CA
@@ -66,29 +66,29 @@ 
         parent::__construct();
         $this->rootPem = file_get_contents(CertificationAuthorityEmbeddedECDSA::LOCATION_ROOT_CA);
         if ($this->rootPem === FALSE) {
-            throw new Exception("Root CA PEM file not found: " . CertificationAuthorityEmbeddedECDSA::LOCATION_ROOT_CA);
+            throw new Exception("Root CA PEM file not found: ".CertificationAuthorityEmbeddedECDSA::LOCATION_ROOT_CA);
         }
         $this->issuingCertRaw = file_get_contents(CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA);
         if ($this->issuingCertRaw === FALSE) {
-            throw new Exception("Issuing CA PEM file not found: " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA);
+            throw new Exception("Issuing CA PEM file not found: ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA);
         }
         $rootParsed = openssl_x509_read($this->rootPem);
         $issuingCertCandidate = openssl_x509_read($this->issuingCertRaw);
-        if ($issuingCertCandidate === FALSE || is_resource($issuingCertCandidate)|| $rootParsed === FALSE) {
+        if ($issuingCertCandidate === FALSE || is_resource($issuingCertCandidate) || $rootParsed === FALSE) {
             throw new Exception("At least one CA PEM file did not parse correctly (or not a PHP8 resource)!");
         }
         $this->issuingCert = $issuingCertCandidate;
         
         if (stat(CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY) === FALSE) {
-            throw new Exception("Private key not found: " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY);
+            throw new Exception("Private key not found: ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY);
         }
-        $issuingKeyTemp = openssl_pkey_get_private("file://" . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY);
+        $issuingKeyTemp = openssl_pkey_get_private("file://".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY);
         if ($issuingKeyTemp === FALSE || is_resource($issuingKeyTemp)) {
             throw new Exception("The private key did not parse correctly (or not a PHP8 resource)!");
         }
         $this->issuingKey = $issuingKeyTemp;
         if (stat(CertificationAuthorityEmbeddedECDSA::LOCATION_CONFIG) === FALSE) {
-            throw new Exception("openssl configuration not found: " . CertificationAuthorityEmbeddedECDSA::LOCATION_CONFIG);
+            throw new Exception("openssl configuration not found: ".CertificationAuthorityEmbeddedECDSA::LOCATION_CONFIG);
         }
         $this->conffile = CertificationAuthorityEmbeddedECDSA::LOCATION_CONFIG;
     }
@@ -131,27 +131,27 @@ 
         // generate stub index.txt file
         $tempdirArray = \core\common\Entity::createTemporaryDirectory("test");
         $tempdir = $tempdirArray['dir'];
-        $nowIndexTxt = (new \DateTime())->format("ymdHis") . "Z";
-        $expiryIndexTxt = $originalExpiry->format("ymdHis") . "Z";
+        $nowIndexTxt = (new \DateTime())->format("ymdHis")."Z";
+        $expiryIndexTxt = $originalExpiry->format("ymdHis")."Z";
         // serials for our CA are always integers
         $serialHex = strtoupper(dechex((int) $cert->serial));
         if (strlen($serialHex) % 2 == 1) {
-            $serialHex = "0" . $serialHex;
+            $serialHex = "0".$serialHex;
         }
 
-        $indexStatement = "$certstatus\t$expiryIndexTxt\t" . ($certstatus == "R" ? "$nowIndexTxt,unspecified" : "") . "\t$serialHex\tunknown\t/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$federation/CN=$cert->username\n";
+        $indexStatement = "$certstatus\t$expiryIndexTxt\t".($certstatus == "R" ? "$nowIndexTxt,unspecified" : "")."\t$serialHex\tunknown\t/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$federation/CN=$cert->username\n";
         $this->loggerInstance->debug(4, "index.txt contents-to-be: $indexStatement");
-        if (!file_put_contents($tempdir . "/index.txt", $indexStatement)) {
+        if (!file_put_contents($tempdir."/index.txt", $indexStatement)) {
             $this->loggerInstance->debug(1, "Unable to write openssl index.txt file for revocation handling!");
         }
         // index.txt.attr is dull but needs to exist
-        file_put_contents($tempdir . "/index.txt.attr", "unique_subject = yes\n");
+        file_put_contents($tempdir."/index.txt.attr", "unique_subject = yes\n");
         // call "openssl ocsp" to manufacture our own OCSP statement
         // adding "-rmd sha1" to the following command-line makes the
         // choice of signature algorithm for the response explicit
         // but it's only available from openssl-1.1.0 (which we do not
         // want to require just for that one thing).
-        $execCmd = \config\Master::PATHS['openssl'] . " ocsp -issuer " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA . " -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA . " -rsigner " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA . " -rkey " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY . " -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der";
+        $execCmd = \config\Master::PATHS['openssl']." ocsp -issuer ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA." -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA." -rsigner ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA." -rkey ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY." -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der";
         $this->loggerInstance->debug(2, "Calling openssl ocsp with following cmdline: $execCmd\n");
         $output = [];
         $return = 999;
@@ -159,11 +159,11 @@ 
         if ($return !== 0) {
             throw new Exception("Non-zero return value from openssl ocsp!");
         }
-        $ocsp = file_get_contents($tempdir . "/$serialHex.response.der");
+        $ocsp = file_get_contents($tempdir."/$serialHex.response.der");
         // remove the temp dir!
-        unlink($tempdir . "/$serialHex.response.der");
-        unlink($tempdir . "/index.txt.attr");
-        unlink($tempdir . "/index.txt");
+        unlink($tempdir."/$serialHex.response.der");
+        unlink($tempdir."/index.txt.attr");
+        unlink($tempdir."/index.txt");
         rmdir($tempdir);
         $this->databaseHandle->exec("UPDATE silverbullet_certificate SET OCSP = ?, OCSP_timestamp = NOW() WHERE serial_number = ?", "si", $ocsp, $cert->serial);
         return $ocsp;

core/diag/Logopath.php

Spacing +14 added lines, -14 removed lines

@@ -117,11 +117,11 @@ 
         $this->possibleFailureReasons = $_SESSION["SUSPECTS"] ?? []; // if we know nothing, don't talk to anyone
         $this->additionalFindings = $_SESSION["EVIDENCE"] ?? [];
 
-        $this->subjectPrefix = _("[eduroam Diagnostics]") . " ";
+        $this->subjectPrefix = _("[eduroam Diagnostics]")." ";
         $this->finalGreeting = "\n"
                 . _("(This service is in an early stage. We apologise if this is a false alert. If this is the case, please send an email report to cat-devel@lists.geant.org, forwarding the entire message (including the 'SUSPECTS' and 'EVIDENCE' data at the end), and explain why this is a false positive.)")
                 . "\n"
-                . _("Yours sincerely,") . "\n"
+                . _("Yours sincerely,")."\n"
                 . "\n"
                 . _("Ed U. Roam, the eduroam diagnostics algorithm");
 
@@ -132,13 +132,13 @@ 
                 "bcc" => [],
                 "reply-to" => [Logopath::TARGET_EDUROAM_OT],
                 "subject" => _("[POLICYVIOLATION NATIONAL] IdP with no entry in eduroam database"),
-                "body" => _("Dear NRO administrator,") . "\n"
+                "body" => _("Dear NRO administrator,")."\n"
                 . "\n"
-                . wordwrap(sprintf(_("an end-user requested diagnostics for realm %s. Real-time connectivity checks determined that the realm exists, but we were unable to find an IdP with that realm in the eduroam database."), $this->additionalFindings['REALM'])) . "\n"
+                . wordwrap(sprintf(_("an end-user requested diagnostics for realm %s. Real-time connectivity checks determined that the realm exists, but we were unable to find an IdP with that realm in the eduroam database."), $this->additionalFindings['REALM']))."\n"
                 . "\n"
-                . _("By not listing IdPs in the eduroam database, you are violating the eduroam policy.") . "\n"
+                . _("By not listing IdPs in the eduroam database, you are violating the eduroam policy.")."\n"
                 . "\n"
-                . _("Additionally, this creates operational issues. In particular, we are unable to direct end users to their IdP for further diagnosis/instructions because there are no contact points for that IdP in the database.") . "\n"
+                . _("Additionally, this creates operational issues. In particular, we are unable to direct end users to their IdP for further diagnosis/instructions because there are no contact points for that IdP in the database.")."\n"
                 . "\n"
                 . _("Please stop the policy violation ASAP by listing the IdP which is associated to this realm.")
                 . "\n",
@@ -149,11 +149,11 @@ 
                 "bcc" => [],
                 "reply-to" => [Logopath::TARGET_ENDUSER],
                 "subject" => _("[TECHNICAL PROBLEM] Administrator suspects technical problem with your IdP"),
-                "body" => _("Dear IdP administrator,") . "\n"
+                "body" => _("Dear IdP administrator,")."\n"
                 . "\n"
                 . sprintf(_("an organisation administrator requested diagnostics for realm %s. "), $this->additionalFindings['REALM'])
                 . "\n"
-                . _("Real-time connectivity checks determined that the realm appears to be working in acceptable parameters, but the administrator insisted to contact you with the supplemental information below.") . "\n"
+                . _("Real-time connectivity checks determined that the realm appears to be working in acceptable parameters, but the administrator insisted to contact you with the supplemental information below.")."\n"
                 . "\n",
             ],
             Logopath::IDP_SUSPECTED_PROBLEM_INTERACTIVE_EVIDENCED => [
@@ -162,11 +162,11 @@ 
                 "bcc" => [],
                 "reply-to" => [Logopath::TARGET_ENDUSER],
                 "subject" => _("[TECHNICAL PROBLEM] Administrator suspects technical problem with your IdP"),
-                "body" => _("Dear IdP administrator,") . "\n"
+                "body" => _("Dear IdP administrator,")."\n"
                 . "\n"
                 . sprintf(_("an organisation administrator requested diagnostics for realm %s. "), $this->additionalFindings['REALM'])
                 . "\n"
-                . _("Real-time connectivity checks determined that the realm indeed has an operational problem at this point in time. Please see the supplemental information below.") . "\n"
+                . _("Real-time connectivity checks determined that the realm indeed has an operational problem at this point in time. Please see the supplemental information below.")."\n"
                 . "\n",
             ],
         ];
@@ -174,13 +174,13 @@ 
         // add exalted human-readable information to main mail body
         foreach ($this->mailStack as $oneEntry) {
             if (isset($this->additionalFindings['INTERACTIVE_ENDUSER_AUTH_TIMESTAMP'])) {
-                $oneEntry["body"] .= _("Authentication/Attempt Timestamp of user session:") . " " . $this->additionalFindings['INTERACTIVE_ENDUSER_AUTH_TIMESTAMP'] . "\n";
+                $oneEntry["body"] .= _("Authentication/Attempt Timestamp of user session:")." ".$this->additionalFindings['INTERACTIVE_ENDUSER_AUTH_TIMESTAMP']."\n";
             }
             if (isset($this->additionalFindings['INTERACTIVE_ENDUSER_MAC'])) {
-                $oneEntry["body"] .= _("MAC address of end user in question:") . " " . $this->additionalFindings['INTERACTIVE_ENDUSER_MAC'] . "\n";
+                $oneEntry["body"] .= _("MAC address of end user in question:")." ".$this->additionalFindings['INTERACTIVE_ENDUSER_MAC']."\n";
             }
             if (isset($this->additionalFindings['INTERACTIVE_ADDITIONAL_COMMENTS'])) {
-                $oneEntry["body"] .= _("Additional Comments:") . " " . $this->additionalFindings['INTERACTIVE_ADDITIONAL_COMMENTS'] . "\n";
+                $oneEntry["body"] .= _("Additional Comments:")." ".$this->additionalFindings['INTERACTIVE_ADDITIONAL_COMMENTS']."\n";
             }
         }
 
@@ -340,7 +340,7 @@ 
 
             $handle = \core\common\OutsideComm::mailHandle();
             // let's identify outselves
-            $handle->FromName = \config\Master::APPEARANCE['productname'] . " Real-Time Diagnostics System";
+            $handle->FromName = \config\Master::APPEARANCE['productname']." Real-Time Diagnostics System";
             // add recipients
             foreach (Logopath::CATEGORYBINDING as $arrayName => $functionName) {
                 foreach ($theMail[$arrayName] as $onePrincipal) {

web/diag/adminQuery.php

Spacing +44 added lines, -44 removed lines

@@ -19,7 +19,7 @@ 
  * License: see the web/copyright.inc.php file in the file structure or
  *          <base_url>/copyright.php after deploying the software
  */
-require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php";
+require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php";
 $languageInstance = new \core\common\Language();
 $languageInstance->setTextDomain("diagnostics");
 $loggerInstance = new \core\common\Logging();
@@ -61,43 +61,43 @@ 
     $select = "<div id='sp_abuse_problem'>
 <select style='margin-left: 0px;' id='select_sp_problem'>";
     foreach ($sp_problem as $pname => $pdesc) {
-        $select = $select . "<option value='$pname'>$pdesc</option>\n";
+        $select = $select."<option value='$pname'>$pdesc</option>\n";
     }
-    $select = $select . "</select></div>";
+    $select = $select."</select></div>";
     $res = "
 <input type='hidden' name='token' id='token' value=''>
 <input type='hidden' name='tests_result' id='tests_result' value=''>
 <table id='sp_questions'>
     <tr id='sp_problem_selector'>
-        <td>" . _("Select your problem") . "</td>
+        <td>" . _("Select your problem")."</td>
         <td>$select</td>
     </tr>
     <tr>
-        <td>" . _("What is the realm of the IdP in question?") . "</td>
+        <td>"._("What is the realm of the IdP in question?")."</td>
         <td>
                 <input type='text' name='admin_realm' id='admin_realm' value='$realmFromURL'>
-                <button class='diag_button' id='realm_in_db_admin' style='display: none;' accesskey='R' type='button'>" .
-                _("Check this realm") .
+                <button class='diag_button' id='realm_in_db_admin' style='display: none;' accesskey='R' type='button'>".
+                _("Check this realm").
                 "</button>
                 <div id='tests_info_area'></div>
         </td>
     </tr>
     <tr class='hidden_row'>
-        <td>" . _("What is the authentication timestamp of the user session in question?") . "</td>
+        <td>" . _("What is the authentication timestamp of the user session in question?")."</td>
         <td><input type='text' id='timestamp' name='timestamp'>
             <div id='datepicker'></div>
         </td>
     </tr>
     <tr class='hidden_row'>
-        <td>" . _("What is the MAC address of the user session in question?") . "</td>
+        <td>" . _("What is the MAC address of the user session in question?")."</td>
         <td><input type='text' id='mac' name='mac'></td>
     </tr>
     <tr class='hidden_row'>
-        <td>" . _("Additional comments") . "</td>
+        <td>" . _("Additional comments")."</td>
         <td><textarea id='freetext' name='freetext' cols='60' rows='5'></textarea></td>
     </tr>
     <tr class='hidden_row'>
-        <td>" . _("Please specify an email address on which the IdP can contact you") . "</td>
+        <td>" . _("Please specify an email address on which the IdP can contact you")."</td>
         <td><input type='text' id='email' name='email'></td>
     </tr>
     <tr>
@@ -105,82 +105,82 @@ 
         <td></td>
     </tr>
     <tr class='hidden_row' id='send_query_to_idp'>
-        <td>" . _("Now you can send your query") . "</td>
-        <td><button type='submit' class='diag_button' id='submit_idp_query' name='go'>" . _("Send") . "</button></td>
+        <td>" . _("Now you can send your query")."</td>
+        <td><button type='submit' class='diag_button' id='submit_idp_query' name='go'>" . _("Send")."</button></td>
     </tr>
  </table>";
-    $res = $res . $javascript;
+    $res = $res.$javascript;
 }
 if ($queryType == 'idp') {
     $select = "<div id='idp_reported_problem' style='display:;'>
 <select style='margin-left:0px;' id='select_idp_problem'>";
     foreach ($idp_problem as $pname => $pdesc) {
-        $select = $select . "<option value='$pname'>$pdesc</option>\n";
+        $select = $select."<option value='$pname'>$pdesc</option>\n";
     }
-    $select = $select . "</select></div>";
+    $select = $select."</select></div>";
     $res = "
 <table id='idp_questions'>
     <tr>
-        <td>" . _("Select your problem") . "</td>
+        <td>" . _("Select your problem")."</td>
         <td>$select</td>
     </tr>
     <tr>
-        <td>" . _("Identify the SP by one of following means") . "</td>
+        <td>"._("Identify the SP by one of following means")."</td>
         <td></td>
     </tr>
     <tr id='by_opname'>
-        <td>" . _("SP Operator-Name attribute") . "</td>
+        <td>" . _("SP Operator-Name attribute")."</td>
         <td><input type='text' id='opname' name='opname' value=''></td>
     </tr>
     <tr id='spmanually'>
-        <td>" . _("Select the SP manually:") . "</td>
+        <td>" . _("Select the SP manually:")."</td>
         <td>
             <div id='select_asp_country'><a href='' id='asp_countries_list'>
-            <span id='opnameselect'>" . _("click to select country and organisation") . "</a></span>
+            <span id='opnameselect'>" . _("click to select country and organisation")."</a></span>
             </div>
             <div id='select_asp_area'></div>
         </td>
     </tr>
     <tr id='asp_desc' style='display: none;'>
-        <td>" . _("or") . ' ' . _("at least describe the SP location") . "</td>
+        <td>" . _("or").' '._("at least describe the SP location")."</td>
         <td><input type='text' id='asp_location' name='asp_location' value=''></td>
     </tr>
     <tr>
-        <td>" . _("What is the outer ID of the user session in question?") . "</td>
+        <td>" . _("What is the outer ID of the user session in question?")."</td>
         <td><input type='text' id='outer_id' name='outer_id' value=''></td>
     </tr>
     <tr>
-        <td>" . _("What is the authentication timestamp of the user session in question?") . "</td>
+        <td>" . _("What is the authentication timestamp of the user session in question?")."</td>
         <td>
             <input type='text' id='timestamp' name='timestamp'>
             <div id='datepicker'></div>
         </td>
     </tr>
     <tr>
-        <td>" . _("What is the MAC address of the user session in question?") . "</td>
+        <td>" . _("What is the MAC address of the user session in question?")."</td>
         <td><input type='text' id='mac' name='mac'></td>
     </tr>
     <tr>
-        <td>" . _("Additional comments about the problem") . "</td>
+        <td>" . _("Additional comments about the problem")."</td>
         <td><textarea id='freetext' name='freetext' cols='60' rows='5'></textarea></td>
     </tr>
     <tr>
-        <td>" . _("Do you have any contact details by which the user wishes to be contacted by the SP?") . "</td>
+        <td>" . _("Do you have any contact details by which the user wishes to be contacted by the SP?")."</td>
         <td><textarea id='c_details' name='c_details' cols='60' rows='5'></textarea></td>
     </tr>
     <tr>
-        <td>" . _("Please specify an email address on which the SP can contact you") . "</td>
+        <td>" . _("Please specify an email address on which the SP can contact you")."</td>
         <td><input type='text' id='email' name='email'></td>
     </tr>
     <tr class='hidden_row' id='send_query_to_sp'>
-        <td>" . _("Now you can send your query") . "</td>
-        <td><button type='submit' class='diag_button' id='submit_sp_query' name='go'>" . _("Send") . "</button></td>
+        <td>" . _("Now you can send your query")."</td>
+        <td><button type='submit' class='diag_button' id='submit_sp_query' name='go'>" . _("Send")."</button></td>
     </tr>
 </table>";
-    $res = $res . $javascript;
+    $res = $res.$javascript;
 }
 if ($queryType == 'idp_send' || $queryType == 'sp_send') {
-    include_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php";
+    include_once dirname(dirname(dirname(__FILE__)))."/config/_config.php";
     $cat = new \core\CAT();
     $returnArray = array();
     if (count((array) $o) > 0) {
@@ -189,8 +189,8 @@ 
             switch ($key) {
                 case 'realm':
                     $pos = strpos($value, '@');
-                    if ($pos !== FALSE ) {
-                        $value = substr($value, $pos+1);
+                    if ($pos !== FALSE) {
+                        $value = substr($value, $pos + 1);
                     }
                 case 'email':
                     $returnArray[$key] = filter_var($value, FILTER_VALIDATE_EMAIL);
@@ -231,7 +231,7 @@ 
         $mail = \core\common\OutsideComm::mailHandle();
         $emails = ['mgw@umk.pl'];
         //$emails = explode(',', $returnArray['idpcontact']);
-        $mail->FromName = \config\Master::APPEARANCE['productname'] . " Notification System";
+        $mail->FromName = \config\Master::APPEARANCE['productname']." Notification System";
         foreach ($emails as $email) {
             $mail->addAddress($email);
         }
@@ -241,11 +241,11 @@ 
         } else {
             $link = 'http://';
         }
-        $link .= $_SERVER['SERVER_NAME'] . \core\CAT::getRootUrlPath() . '/diag/show_realmcheck.php?token=' . $returnArray['token'];
+        $link .= $_SERVER['SERVER_NAME'].\core\CAT::getRootUrlPath().'/diag/show_realmcheck.php?token='.$returnArray['token'];
         $returnArray['testurl'] = $link;
         $mail->Subject = _('Suspected a technical problem with the IdP');
-        $txt = _("We suspect a technical problem with the IdP handling the realm") . ' ' . 
-                $returnArray['realm'] . ".\n";
+        $txt = _("We suspect a technical problem with the IdP handling the realm").' '. 
+                $returnArray['realm'].".\n";
         $txt .= _("The CAT diagnostic test was run for this realm during reporting.\n");
         $txt .= _("The overall result was ");
         if ($returnArray['tests_result'] == 0) {
@@ -253,15 +253,15 @@ 
         } else {
             $txt .= _("failure");
         }
-        $txt .= ".\n" . _("To see details go to ");
+        $txt .= ".\n"._("To see details go to ");
         $txt .= "$link\n\n";
-        $txt .= _("The reported problem details are as follows") . "\n";
-        $txt .= _("timestamp") . ": " . $returnArray['timestamp'] . "\n";
-        $txt .= _("client MAC address") . ": " . $returnArray['mac'] . "\n";
+        $txt .= _("The reported problem details are as follows")."\n";
+        $txt .= _("timestamp").": ".$returnArray['timestamp']."\n";
+        $txt .= _("client MAC address").": ".$returnArray['mac']."\n";
         if ($returnArray['freetext']) {
-            $txt .= _("additional comments") . ': ' . $returnArray['freetext'] . "\n";
+            $txt .= _("additional comments").': '.$returnArray['freetext']."\n";
         }
-        $txt .= "\n" . _("You can contact the incident reporter at") . ' ' . $returnArray['email'];
+        $txt .= "\n"._("You can contact the incident reporter at").' '.$returnArray['email'];
         
         $mail->Body = $txt;
         $sent = $mail->send();

web/admin/edit_federation.php

Spacing +10 added lines, -10 removed lines

@@ -26,7 +26,7 @@ 
  */
 ?>
 <?php
-require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php";
+require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php";
 
 $auth = new \web\lib\admin\Authentication();
 $deco = new \web\lib\admin\PageDecoration();
@@ -61,13 +61,13 @@ 
         ?>
     </h1>
     <div class='infobox'>
-        <h2><?php $tablecaption = sprintf(_("%s Properties"),$uiElements->nomenclatureFed); echo $tablecaption?></h2>
+        <h2><?php $tablecaption = sprintf(_("%s Properties"), $uiElements->nomenclatureFed); echo $tablecaption?></h2>
         <table>
-            <caption><?php echo $tablecaption;?></caption>
+            <caption><?php echo $tablecaption; ?></caption>
             <tr>
-                <th class="wai-invisible" scope="col"><?php echo _("Property Type");?></th>
-                <th class="wai-invisible" scope="col"><?php echo _("Language if applicable");?></th>
-                <th class="wai-invisible" scope="col"><?php echo _("Property Value");?></th>
+                <th class="wai-invisible" scope="col"><?php echo _("Property Type"); ?></th>
+                <th class="wai-invisible" scope="col"><?php echo _("Language if applicable"); ?></th>
+                <th class="wai-invisible" scope="col"><?php echo _("Property Value"); ?></th>
             </tr>
             <tr>
                 <td><?php echo _("Country:"); ?></td>
@@ -78,11 +78,11 @@ 
         </table>
     </div>
     <?php
-    echo "<form enctype='multipart/form-data' action='edit_federation_result.php?fed_id=$my_fed->tld" . "' method='post' accept-charset='UTF-8'>
-              <input type='hidden' name='MAX_FILE_SIZE' value='" . \config\Master::MAX_UPLOAD_SIZE . "'>";
+    echo "<form enctype='multipart/form-data' action='edit_federation_result.php?fed_id=$my_fed->tld"."' method='post' accept-charset='UTF-8'>
+              <input type='hidden' name='MAX_FILE_SIZE' value='" . \config\Master::MAX_UPLOAD_SIZE."'>";
     ?>
     <fieldset class="option_container">
-        <legend><strong><?php echo sprintf(_("%s Properties"),$uiElements->nomenclatureFed); ?></strong></legend>
+        <legend><strong><?php echo sprintf(_("%s Properties"), $uiElements->nomenclatureFed); ?></strong></legend>
         <?php
         $optionDisplay = new \web\lib\admin\OptionDisplay($fed_options, \core\Options::LEVEL_FED);
         echo $optionDisplay->prefilledOptionTable("fed", $my_fed->tld);
@@ -90,5 +90,5 @@ 
         <button type='button' class='newoption' onclick='getXML("fed", "<?php echo $my_fed->tld ?>")'><?php echo _("Add new option"); ?></button>
     </fieldset>
     <?php
-    echo "<div><button type='submit' name='submitbutton' value='" . web\lib\common\FormElements::BUTTON_SAVE . "'>" . _("Save data") . "</button> <button type='button' class='delete' name='abortbutton' value='abort' onclick='javascript:window.location = \"overview_federation.php\"'>" . _("Discard changes") . "</button></div></form>";
+    echo "<div><button type='submit' name='submitbutton' value='".web\lib\common\FormElements::BUTTON_SAVE."'>"._("Save data")."</button> <button type='button' class='delete' name='abortbutton' value='abort' onclick='javascript:window.location = \"overview_federation.php\"'>"._("Discard changes")."</button></div></form>";
     echo $deco->footer();

web/admin/edit_participant.php

Spacing +35 added lines, -35 removed lines

@@ -19,7 +19,7 @@ 
  *          <base_url>/copyright.php after deploying the software
  */
 
-require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php";
+require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php";
 
 $auth = new \web\lib\admin\Authentication();
 $deco = new \web\lib\admin\PageDecoration();
@@ -39,7 +39,7 @@ 
 $inst_name = $my_inst->name;
 
 if ($wizardStyle) {
-    echo $deco->defaultPagePrelude(sprintf(_("%s: %s enrollment wizard (step 2)"), \config\Master::APPEARANCE['productname'],  $uiElements->nomenclatureParticipant));
+    echo $deco->defaultPagePrelude(sprintf(_("%s: %s enrollment wizard (step 2)"), \config\Master::APPEARANCE['productname'], $uiElements->nomenclatureParticipant));
 } else {
     echo $deco->defaultPagePrelude(sprintf(_("%s: Editing %s '%s'"), \config\Master::APPEARANCE['productname'], $uiElements->nomenclatureParticipant, $inst_name));
 }
@@ -80,13 +80,13 @@ 
         ?>
     </h1>
     <div class='infobox'>
-        <h2><?php $tablecaption = sprintf(_("%s general properties"), $uiElements->nomenclatureParticipant); echo $tablecaption;?></h2>
+        <h2><?php $tablecaption = sprintf(_("%s general properties"), $uiElements->nomenclatureParticipant); echo $tablecaption; ?></h2>
         <table>
-            <caption><?php echo $tablecaption;?></caption>
+            <caption><?php echo $tablecaption; ?></caption>
             <tr>
-                <th class="wai-invisible" scope="col"><?php echo _("Property Type");?></th>
-                <th class="wai-invisible" scope="col"><?php echo _("Language if applicable");?></th>
-                <th class="wai-invisible" scope="col"><?php echo _("Property Value");?></th>
+                <th class="wai-invisible" scope="col"><?php echo _("Property Type"); ?></th>
+                <th class="wai-invisible" scope="col"><?php echo _("Language if applicable"); ?></th>
+                <th class="wai-invisible" scope="col"><?php echo _("Property Value"); ?></th>
             </tr>
 
             <tr>
@@ -101,12 +101,12 @@ 
         </table>
     </div>
     <?php
-    echo "<form enctype='multipart/form-data' action='edit_participant_result.php?inst_id=$my_inst->identifier" . ($wizardStyle ? "&wizard=true" : "") . "' method='post' accept-charset='UTF-8'>
-              <input type='hidden' name='MAX_FILE_SIZE' value='" . \config\Master::MAX_UPLOAD_SIZE . "'>";
+    echo "<form enctype='multipart/form-data' action='edit_participant_result.php?inst_id=$my_inst->identifier".($wizardStyle ? "&wizard=true" : "")."' method='post' accept-charset='UTF-8'>
+              <input type='hidden' name='MAX_FILE_SIZE' value='" . \config\Master::MAX_UPLOAD_SIZE."'>";
 
     if ($wizardStyle) {
-        echo "<p>" .
-        sprintf(_("Hello, newcomer. The %s is new to us. This wizard will ask you several questions about it, so that we can generate beautiful profiles for you in the end. All of the information below is optional, but it is important to fill out as many fields as possible for the benefit of your end users."), $uiElements->nomenclatureParticipant) . "</p>";
+        echo "<p>".
+        sprintf(_("Hello, newcomer. The %s is new to us. This wizard will ask you several questions about it, so that we can generate beautiful profiles for you in the end. All of the information below is optional, but it is important to fill out as many fields as possible for the benefit of your end users."), $uiElements->nomenclatureParticipant)."</p>";
     }
     $optionDisplay = new web\lib\admin\OptionDisplay($idpoptions, \core\Options::LEVEL_IDP);
     ?>
@@ -114,11 +114,11 @@ 
         <legend><strong><?php echo _("General Information"); ?></strong></legend>
         <?php
         if ($wizardStyle) {
-            echo "<p>" .
-            _("Some properties are valid across all deployment profiles. This is the place where you can describe those properties in a fine-grained way. The solicited information is used as follows:") . "</p>
+            echo "<p>".
+            _("Some properties are valid across all deployment profiles. This is the place where you can describe those properties in a fine-grained way. The solicited information is used as follows:")."</p>
                       <ul>
-                         <li>" . _("<strong>Logo</strong>: When you submit a logo, we will embed this logo into all installers where a custom logo is possible. We accept any image format, but for best results, we suggest SVG. If you don't upload a logo, we will use the generic logo instead (see top-right corner of this page).") . "</li>
-                         <li>" . sprintf(_("<strong>Name</strong>: The %s may have names in multiple languages. It is recommended to always populate at least the 'default/other' language, as it is used as a fallback if the system does not have a name in the exact language the user requests a download in."),$uiElements->nomenclatureParticipant) . "</li>";
+                         <li>" . _("<strong>Logo</strong>: When you submit a logo, we will embed this logo into all installers where a custom logo is possible. We accept any image format, but for best results, we suggest SVG. If you don't upload a logo, we will use the generic logo instead (see top-right corner of this page).")."</li>
+                         <li>" . sprintf(_("<strong>Name</strong>: The %s may have names in multiple languages. It is recommended to always populate at least the 'default/other' language, as it is used as a fallback if the system does not have a name in the exact language the user requests a download in."), $uiElements->nomenclatureParticipant)."</li>";
             echo "</ul>";
         }
         echo $optionDisplay->prefilledOptionTable("general", $my_inst->federation);
@@ -132,44 +132,44 @@ 
         <legend><strong><?php echo _("Media Properties"); ?></strong></legend>
         <?php
         if ($wizardStyle) {
-            echo "<p>" .
-            sprintf(_("In this section, you define on which media %s should be configured on user devices."), \config\ConfAssistant::CONSORTIUM['display_name']) . "</p>
+            echo "<p>".
+            sprintf(_("In this section, you define on which media %s should be configured on user devices."), \config\ConfAssistant::CONSORTIUM['display_name'])."</p>
           <ul>";
             echo "<li>";
-            echo "<strong>" . ( count(\config\ConfAssistant::CONSORTIUM['ssid']) > 0 ? _("Additional SSIDs:") : _("SSIDs:")) . " </strong>";
+            echo "<strong>".(count(\config\ConfAssistant::CONSORTIUM['ssid']) > 0 ? _("Additional SSIDs:") : _("SSIDs:"))." </strong>";
             if (count(\config\ConfAssistant::CONSORTIUM['ssid']) > 0) {
                 $ssidlist = "";
                 foreach (\config\ConfAssistant::CONSORTIUM['ssid'] as $ssid) {
-                    $ssidlist .= ", '<strong>" . $ssid . "</strong>'";
+                    $ssidlist .= ", '<strong>".$ssid."</strong>'";
                 }
                 $ssidlist = substr($ssidlist, 2);
                 echo sprintf(ngettext("We will always configure this SSID for WPA2/AES: %s.", "We will always configure these SSIDs for WPA2/AES: %s.", count(\config\ConfAssistant::CONSORTIUM['ssid'])), $ssidlist);
-                echo "<br/>" . sprintf(_("It is also possible to define custom additional SSIDs with the option '%s' below."), $uiElements->displayName("media:SSID"));
+                echo "<br/>".sprintf(_("It is also possible to define custom additional SSIDs with the option '%s' below."), $uiElements->displayName("media:SSID"));
             } else {
                 echo _("Please configure which SSIDs should be configured in the installers.");
             }
-            echo " " . _("By default, we will only configure the SSIDs with WPA2/AES encryption. By using the '(with WPA/TKIP)' option you can specify that we should include legacy support for WPA/TKIP where possible.");
+            echo " "._("By default, we will only configure the SSIDs with WPA2/AES encryption. By using the '(with WPA/TKIP)' option you can specify that we should include legacy support for WPA/TKIP where possible.");
             echo "</li>";
 
             echo "<li>";
-            echo "<strong>" . ( count(\config\ConfAssistant::CONSORTIUM['ssid']) > 0 ? _("Additional Hotspot 2.0 / Passpoint Consortia:") : _("Hotspot 2.0 / Passpoint Consortia:")) . " </strong>";
+            echo "<strong>".(count(\config\ConfAssistant::CONSORTIUM['ssid']) > 0 ? _("Additional Hotspot 2.0 / Passpoint Consortia:") : _("Hotspot 2.0 / Passpoint Consortia:"))." </strong>";
             if (count(\config\ConfAssistant::CONSORTIUM['interworking-consortium-oi']) > 0) {
                 $consortiumlist = "";
                 foreach (\config\ConfAssistant::CONSORTIUM['interworking-consortium-oi'] as $oi) {
-                    $consortiumlist .= ", '<strong>" . $oi . "</strong>'";
+                    $consortiumlist .= ", '<strong>".$oi."</strong>'";
                 }
                 $consortiumlist = substr($consortiumlist, 2);
                 echo sprintf(ngettext("We will always configure this Consortium OI: %s.", "We will always configure these Consortium OIs: %s.", count(\config\ConfAssistant::CONSORTIUM['interworking-consortium-oi'])), $consortiumlist);
 
-                echo "<br/>" . sprintf(_("It is also possible to define custom additional OIs with the option '%s' below."), $uiElements->displayName("media:consortium_OI"));
+                echo "<br/>".sprintf(_("It is also possible to define custom additional OIs with the option '%s' below."), $uiElements->displayName("media:consortium_OI"));
             } else {
                 echo _("Please configure which Consortium OIs should be configured in the installers.");
             }
             echo "</li>";
-            echo "<li><strong>" . _("Support for wired IEEE 802.1X:") . " </strong>"
-            . _("If you want to configure your users' devices with IEEE 802.1X support for wired ethernet, please check the corresponding box. Note that this makes the installation process a bit more difficult on some platforms (Windows: needs administrator privileges; Apple: attempting to install a profile with wired support on a device without an active wired ethernet card will fail).") .
+            echo "<li><strong>"._("Support for wired IEEE 802.1X:")." </strong>"
+            . _("If you want to configure your users' devices with IEEE 802.1X support for wired ethernet, please check the corresponding box. Note that this makes the installation process a bit more difficult on some platforms (Windows: needs administrator privileges; Apple: attempting to install a profile with wired support on a device without an active wired ethernet card will fail).").
             "</li>";
-            echo "<li><strong>" . _("Removal of bootstrap/onboarding SSIDs:") . " </strong>"
+            echo "<li><strong>"._("Removal of bootstrap/onboarding SSIDs:")." </strong>"
             . _("If you use a captive portal to distribute configurations, you may want to unconfigure/disable that SSID after the bootstrap process. With this option, the SSID will either be removed, or be defined as 'Only connect manually'.")
             . "</li>";
             echo "</ul>";
@@ -185,16 +185,16 @@ 
             echo "<p>"._("This section can be used to upload specific Terms of Use for your users and to display details of how your users can reach your local helpdesk.")."</p>";
             
             if (\config\Master::FUNCTIONALITY_LOCATIONS['CONFASSISTANT_RADIUS'] == "LOCAL") {
-                echo "<p>" .
+                echo "<p>".
                         
-                sprintf(_("Do you provide helpdesk services for your users? If so, it would be nice if you would tell us the pointers to this helpdesk."),$uiElements->nomenclatureParticipant)  . "</p>" .
-                "<p>" .
-                _("If you enter a value here, it will be added to the installers for all your users, and will be displayed on the download page. If you operate separate helpdesks for different user groups (we call this 'profiles') specify per-profile helpdesk information later in this wizard. If you operate no help desk at all, just leave these fields empty.") . "</p>";
+                sprintf(_("Do you provide helpdesk services for your users? If so, it would be nice if you would tell us the pointers to this helpdesk."), $uiElements->nomenclatureParticipant)."</p>".
+                "<p>".
+                _("If you enter a value here, it will be added to the installers for all your users, and will be displayed on the download page. If you operate separate helpdesks for different user groups (we call this 'profiles') specify per-profile helpdesk information later in this wizard. If you operate no help desk at all, just leave these fields empty.")."</p>";
                 if (\config\Master::FUNCTIONALITY_LOCATIONS['CONFASSISTANT_SILVERBULLET'] == "LOCAL") {
-                echo "<p>" . sprintf(_("For %s deployments, providing at least a local e-mail contact is required."), core\ProfileSilverbullet::PRODUCTNAME) ." " . _("This is the contact point for your end users' level 1 support.") . "</p>";
+                echo "<p>".sprintf(_("For %s deployments, providing at least a local e-mail contact is required."), core\ProfileSilverbullet::PRODUCTNAME)." "._("This is the contact point for your end users' level 1 support.")."</p>";
                 }
             } elseif (\config\Master::FUNCTIONALITY_LOCATIONS['CONFASSISTANT_SILVERBULLET'] == "LOCAL") {
-                echo "<p>". _("Providing at least a local support e-mail contact is required.")." "._("This is the contact point for your end users' level 1 support.")."</p>";
+                echo "<p>"._("Providing at least a local support e-mail contact is required.")." "._("This is the contact point for your end users' level 1 support.")."</p>";
             }
             
         }
@@ -204,8 +204,8 @@ 
         <button type='button' class='newoption' onclick='getXML("support", "<?php echo $my_inst->federation ?>")'><?php echo _("Add new option"); ?></button></fieldset>
     <?php
     if ($wizardStyle) {
-        echo "<p>" . sprintf(_("When you are sure that everything is correct, please click on %sContinue ...%s"), "<button type='submit' name='submitbutton' value='" . web\lib\common\FormElements::BUTTON_CONTINUE . "'>", "</button>") . "</p></form>";
+        echo "<p>".sprintf(_("When you are sure that everything is correct, please click on %sContinue ...%s"), "<button type='submit' name='submitbutton' value='".web\lib\common\FormElements::BUTTON_CONTINUE."'>", "</button>")."</p></form>";
     } else {
-        echo "<div><button type='submit' name='submitbutton' value='" . web\lib\common\FormElements::BUTTON_SAVE . "'>" . _("Save data") . "</button> <button type='button' class='delete' name='abortbutton' value='abort' onclick='javascript:window.location = \"overview_user.php\"'>" . _("Discard changes") . "</button></div></form>";
+        echo "<div><button type='submit' name='submitbutton' value='".web\lib\common\FormElements::BUTTON_SAVE."'>"._("Save data")."</button> <button type='button' class='delete' name='abortbutton' value='abort' onclick='javascript:window.location = \"overview_user.php\"'>"._("Discard changes")."</button></div></form>";
     }
     echo $deco->footer();

web/admin/inc/option_xhr.inc.php

Spacing +2 added lines, -2 removed lines

@@ -19,11 +19,11 @@
  *          <base_url>/copyright.php after deploying the software
  */
 
-require_once dirname(dirname(dirname(dirname(__FILE__)))) . "/config/_config.php";
+require_once dirname(dirname(dirname(dirname(__FILE__))))."/config/_config.php";
 
 \core\CAT::sessionStart();
 
-if (!isset($_GET["class"] )) {
+if (!isset($_GET["class"])) {
     throw new Exception("Unknown type of option!");
 }
 

web/admin/inc/toggleRedirect.inc.php

Spacing +7 added lines, -7 removed lines

@@ -19,7 +19,7 @@ 
  *          <base_url>/copyright.php after deploying the software
  */
 
-require_once dirname(dirname(dirname(dirname(__FILE__)))) . "/config/_config.php";
+require_once dirname(dirname(dirname(dirname(__FILE__))))."/config/_config.php";
 
 $auth = new \web\lib\admin\Authentication();
 $loggerInstance = new \core\common\Logging();
@@ -85,7 +85,7 @@ 
         $remaining_attribs = $my_profile->beginFlushMethodLevelAttributes($eaptype->getIntegerRep(), NULL);
         $optionParser->processSubmittedFields($my_profile, $_POST, $_FILES, $eaptype->getIntegerRep(), NULL);
     }
-    $loggerInstance->writeAudit($_SESSION['user'], "MOD", "Profile " . $my_profile->identifier . " - device/EAP-Type settings changed");
+    $loggerInstance->writeAudit($_SESSION['user'], "MOD", "Profile ".$my_profile->identifier." - device/EAP-Type settings changed");
     header("Location: ../overview_installers.php?inst_id=$my_inst->identifier&profile_id=$my_profile->identifier");
     exit;
 }
@@ -99,7 +99,7 @@ 
     }
     $captiontext = sprintf(_("device <strong>%s</strong>"), $device['display']);
     $keyword = "device-specific";
-    $extrainput = "<input type='hidden' name='device' value='" . $device_key . "'/>";
+    $extrainput = "<input type='hidden' name='device' value='".$device_key."'/>";
 } elseif ($eaptype !== NULL) {
     foreach ($my_profile->getAttributes() as $attrib) {
         if (isset($attrib['eapmethod']) && $attrib['eapmethod'] == $eaptype->getArrayRep()) {
@@ -109,12 +109,12 @@ 
 
     $captiontext = sprintf(_("EAP-Type <strong>%s</strong>"), $eaptype->getPrintableRep());
     $keyword = "eap-specific";
-    $extrainput = "<input type='hidden' name='eaptype' value='" . $eaptype->getIntegerRep() . "'>";
+    $extrainput = "<input type='hidden' name='eaptype' value='".$eaptype->getIntegerRep()."'>";
 } else {
     throw new Exception("previous type checks make it impossible to reach this code path.");
 }
 ?>
-<p><?php echo _("Fine-tuning options for ") . $captiontext; ?></p>
+<p><?php echo _("Fine-tuning options for ").$captiontext; ?></p>
 <hr/>
 
 <form action='inc/toggleRedirect.inc.php?inst_id=<?php echo $my_inst->identifier; ?>&amp;profile_id=<?php echo $my_profile->identifier; ?>' method='post' accept-charset='UTF-8'><?php echo $extrainput; ?>
@@ -123,7 +123,7 @@ 
     $interesting_attribs = [];
 
     foreach ($attribs as $attrib) {
-        if ($attrib['level'] == \core\Options::LEVEL_METHOD && preg_match('/^' . $keyword . ':/', $attrib['name'])) {
+        if ($attrib['level'] == \core\Options::LEVEL_METHOD && preg_match('/^'.$keyword.':/', $attrib['name'])) {
             $interesting_attribs[] = $attrib;
         }
     }
@@ -131,7 +131,7 @@ 
     echo $optionDisplay->prefilledOptionTable($keyword, $my_inst->federation);
     if (\config\Master::DB['INST']['readonly'] === FALSE) {
         ?>
-        <button type='button' class='newoption' onclick='getXML("<?php echo $keyword;?>", "<?php echo $my_inst->federation;?>")'><?php echo _("Add new option"); ?></button>
+        <button type='button' class='newoption' onclick='getXML("<?php echo $keyword; ?>", "<?php echo $my_inst->federation; ?>")'><?php echo _("Add new option"); ?></button>
         <br/>
         <hr/>
         <button type='submit' name='submitbutton' id='submitbutton' value='<?php echo web\lib\common\FormElements::BUTTON_SAVE; ?>'><?php echo _("Save data"); ?></button>

config/ConfAssistant-template.php

Spacing +4 added lines, -4 removed lines

@@ -90,7 +90,7 @@ 
                     ], 
                 'condition' => TRUE],
             'OpenRoaming®' => [
-                'ssid' => [],     /* OpenRoaming has left SSIDs behind */
+                'ssid' => [], /* OpenRoaming has left SSIDs behind */
                 'oi' => [
                     '5A03BA0000', /* OpenRoaming/AllIdentities/SettlementFree/NoPersonalData/BaselineQoS */
                     '5A03BA0800', /* OpenRoaming/EduIdentities/SettlementFree/NoPersonalData/BaselineQoS */
@@ -150,7 +150,7 @@ 
     const PATHS = [
         'makensis' => 'makensis',
         'trust-store-mozilla' => '/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem',
-        'trust-store-custom' => __DIR__ . "/known-roots.pem",
+        'trust-store-custom' => __DIR__."/known-roots.pem",
     ];
 
     /**
@@ -188,13 +188,13 @@ 
             'db' => 'radacct',
             'user' => 'someuser',
             'pass' => 'somepass',
-            'readonly' => TRUE,],
+            'readonly' => TRUE, ],
         'RADIUS_2' => [
             'host' => 'auth-2.hosted.eduroam.org',
             'db' => 'radacct',
             'user' => 'someuser',
             'pass' => 'somepass',
-            'readonly' => TRUE,],
+            'readonly' => TRUE, ],
     ];
 
     /**

core/diag/RADIUSTests.php

Spacing +58 added lines, -59 removed lines

@@ -165,7 +165,7 @@ 
             }
         }
 
-        $this->loggerInstance->debug(4, "RADIUSTests is in opMode " . $this->opMode . ", parameters were: $realm, $outerUsernameForChecks, " . /** @scrutinizer ignore-type */ print_r($supportedEapTypes, true));
+        $this->loggerInstance->debug(4, "RADIUSTests is in opMode ".$this->opMode.", parameters were: $realm, $outerUsernameForChecks, "./** @scrutinizer ignore-type */ print_r($supportedEapTypes, true));
         $this->loggerInstance->debug(4, /** @scrutinizer ignore-type */ print_r($expectedServerNames, true));
         $this->loggerInstance->debug(4, /** @scrutinizer ignore-type */ print_r($expectedCABundle, true));
 
@@ -252,7 +252,7 @@ 
                 $returnarray[] = RADIUSTests::CERTPROB_WILDCARD_IN_NAME;
                 continue; // otherwise we'd ALSO complain that it's not a real hostname
             }
-            if ($onename != "" && filter_var("foo@" . idn_to_ascii($onename), FILTER_VALIDATE_EMAIL) === FALSE) {
+            if ($onename != "" && filter_var("foo@".idn_to_ascii($onename), FILTER_VALIDATE_EMAIL) === FALSE) {
                 $returnarray[] = RADIUSTests::CERTPROB_NOT_A_HOSTNAME;
             }
         }
@@ -278,7 +278,7 @@ 
             $probValue = RADIUSTests::CERTPROB_SHA1_SIGNATURE;
             $returnarray[] = $probValue;
         }
-        $this->loggerInstance->debug(4, "CERT IS: " . /** @scrutinizer ignore-type */ print_r($intermediateCa, TRUE));
+        $this->loggerInstance->debug(4, "CERT IS: "./** @scrutinizer ignore-type */ print_r($intermediateCa, TRUE));
         if ($intermediateCa['basicconstraints_set'] == 0) {
             $returnarray[] = RADIUSTests::CERTPROB_NO_BASICCONSTRAINTS;
         }
@@ -326,7 +326,7 @@ 
     public function udpReachability($probeindex, $opnameCheck = TRUE, $frag = TRUE) {
         // for EAP-TLS to be a viable option, we need to pass a random client cert to make eapol_test happy
         // the following PEM data is one of the SENSE EAPLab client certs (not secret at all)
-        $clientcert = file_get_contents(dirname(__FILE__) . "/clientcert.p12");
+        $clientcert = file_get_contents(dirname(__FILE__)."/clientcert.p12");
         if ($clientcert === FALSE) {
             throw new Exception("A dummy client cert is part of the source distribution, but could not be loaded!");
         }
@@ -335,7 +335,7 @@ 
         if ($this->opMode == self::RADIUS_TEST_OPERATION_MODE_THOROUGH) {
             return $this->udpLogin($probeindex, $this->supportedEapTypes[0]->getArrayRep(), $this->outerUsernameForChecks, 'eaplab', $opnameCheck, $frag, $clientcert);
         }
-        return $this->udpLogin($probeindex, \core\common\EAP::EAPTYPE_ANY, "cat-connectivity-test@" . $this->realm, 'eaplab', $opnameCheck, $frag, $clientcert);
+        return $this->udpLogin($probeindex, \core\common\EAP::EAPTYPE_ANY, "cat-connectivity-test@".$this->realm, 'eaplab', $opnameCheck, $frag, $clientcert);
     }
 
     /**
@@ -356,7 +356,7 @@ 
             return RADIUSTests::CERTPROB_NO_CDP_HTTP;
         }
         // first and second sub-match is the full URL... check it
-        $crlcontent = \core\common\OutsideComm::downloadFile(trim($crlUrl[1] . $crlUrl[2]));
+        $crlcontent = \core\common\OutsideComm::downloadFile(trim($crlUrl[1].$crlUrl[2]));
         if ($crlcontent === FALSE) {
             return RADIUSTests::CERTPROB_NO_CRL_AT_CDP_URL;
         }
@@ -371,7 +371,7 @@ 
         // $pem = chunk_split(base64_encode($crlcontent), 64, "\n");
         // inspired by https://stackoverflow.com/questions/2390604/how-to-pass-variables-as-stdin-into-command-line-from-php
 
-        $proc = \config\Master::PATHS['openssl'] . " crl -inform der";
+        $proc = \config\Master::PATHS['openssl']." crl -inform der";
         $descriptorspec = [
             0 => ["pipe", "r"],
             1 => ["pipe", "w"],
@@ -409,7 +409,7 @@ 
         $origLength = strlen($hex);
         for ($i = 1; $i < $origLength; $i++) {
             if ($i % 2 == 1 && $i != strlen($hex)) {
-                $spaced .= $hex[$i] . " ";
+                $spaced .= $hex[$i]." ";
             } else {
                 $spaced .= $hex[$i];
             }
@@ -534,19 +534,19 @@ 
         $eapText = \core\common\EAP::eapDisplayName($eaptype);
         $config = '
 network={
-  ssid="' . \config\Master::APPEARANCE['productname'] . ' testing"
+  ssid="' . \config\Master::APPEARANCE['productname'].' testing"
   key_mgmt=WPA-EAP
   proto=WPA2
   pairwise=CCMP
   group=CCMP
   ';
 // phase 1
-        $config .= 'eap=' . $eapText['OUTER'] . "\n";
+        $config .= 'eap='.$eapText['OUTER']."\n";
         $logConfig = $config;
 // phase 2 if applicable; all inner methods have passwords
         if (isset($eapText['INNER']) && $eapText['INNER'] != "") {
-            $config .= '  phase2="auth=' . $eapText['INNER'] . "\"\n";
-            $logConfig .= '  phase2="auth=' . $eapText['INNER'] . "\"\n";
+            $config .= '  phase2="auth='.$eapText['INNER']."\"\n";
+            $logConfig .= '  phase2="auth='.$eapText['INNER']."\"\n";
         }
 // all methods set a password, except EAP-TLS
         if ($eaptype != \core\common\EAP::EAPTYPE_TLS) {
@@ -562,11 +562,11 @@ 
         }
 
 // inner identity
-        $config .= '  identity="' . $inner . "\"\n";
-        $logConfig .= '  identity="' . $inner . "\"\n";
+        $config .= '  identity="'.$inner."\"\n";
+        $logConfig .= '  identity="'.$inner."\"\n";
 // outer identity, may be equal
-        $config .= '  anonymous_identity="' . $outer . "\"\n";
-        $logConfig .= '  anonymous_identity="' . $outer . "\"\n";
+        $config .= '  anonymous_identity="'.$outer."\"\n";
+        $logConfig .= '  anonymous_identity="'.$outer."\"\n";
 // done
         $config .= "}";
         $logConfig .= "}";
@@ -627,13 +627,13 @@ 
      * @return string the command-line for eapol_test
      */
     private function eapolTestConfig($probeindex, $opName, $frag) {
-        $cmdline = \config\Diagnostics::PATHS['eapol_test'] .
-                " -a " . \config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['ip'] .
-                " -s " . \config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['secret'] .
-                " -o serverchain.pem" .
-                " -c ./udp_login_test.conf" .
-                " -M 22:44:66:CA:20:" . sprintf("%02d", $probeindex) . " " .
-                " -t " . \config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['timeout'] . " ";
+        $cmdline = \config\Diagnostics::PATHS['eapol_test'].
+                " -a ".\config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['ip'].
+                " -s ".\config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['secret'].
+                " -o serverchain.pem".
+                " -c ./udp_login_test.conf".
+                " -M 22:44:66:CA:20:".sprintf("%02d", $probeindex)." ".
+                " -t ".\config\Diagnostics::RADIUSTESTS['UDP-hosts'][$probeindex]['timeout']." ";
         if ($opName) {
             $cmdline .= '-N126:s:"1cat.eduroam.org" ';
         }
@@ -662,10 +662,10 @@ 
      * @throws Exception
      */
     private function createCArepository($tmpDir, &$intermOdditiesCAT, $servercert, $eapIntermediates, $eapIntermediateCRLs) {
-        if (!mkdir($tmpDir . "/root-ca-allcerts/", 0700, true)) {
+        if (!mkdir($tmpDir."/root-ca-allcerts/", 0700, true)) {
             throw new Exception("unable to create root CA directory (RADIUS Tests): $tmpDir/root-ca-allcerts/\n");
         }
-        if (!mkdir($tmpDir . "/root-ca-eaponly/", 0700, true)) {
+        if (!mkdir($tmpDir."/root-ca-eaponly/", 0700, true)) {
             throw new Exception("unable to create root CA directory (RADIUS Tests): $tmpDir/root-ca-eaponly/\n");
         }
 // make a copy of the EAP-received chain and add the configured intermediates, if any
@@ -679,15 +679,15 @@ 
             }
             if ($decoded['ca'] == 1) {
                 if ($decoded['root'] == 1) { // save CAT roots to the root directory
-                    file_put_contents($tmpDir . "/root-ca-eaponly/configuredroot" . count($catRoots) . ".pem", $decoded['pem']);
-                    file_put_contents($tmpDir . "/root-ca-allcerts/configuredroot" . count($catRoots) . ".pem", $decoded['pem']);
+                    file_put_contents($tmpDir."/root-ca-eaponly/configuredroot".count($catRoots).".pem", $decoded['pem']);
+                    file_put_contents($tmpDir."/root-ca-allcerts/configuredroot".count($catRoots).".pem", $decoded['pem']);
                     $catRoots[] = $decoded['pem'];
                 } else { // save the intermediates to allcerts directory
-                    file_put_contents($tmpDir . "/root-ca-allcerts/cat-intermediate" . count($catIntermediates) . ".pem", $decoded['pem']);
+                    file_put_contents($tmpDir."/root-ca-allcerts/cat-intermediate".count($catIntermediates).".pem", $decoded['pem']);
                     $intermOdditiesCAT = array_merge($intermOdditiesCAT, $this->propertyCheckIntermediate($decoded));
                     if (isset($decoded['CRL']) && isset($decoded['CRL'][0])) {
                         $this->loggerInstance->debug(4, "got an intermediate CRL; adding them to the chain checks. (Remember: checking end-entity cert only, not the whole chain");
-                        file_put_contents($tmpDir . "/root-ca-allcerts/crl_cat" . count($catIntermediates) . ".pem", $decoded['CRL'][0]);
+                        file_put_contents($tmpDir."/root-ca-allcerts/crl_cat".count($catIntermediates).".pem", $decoded['CRL'][0]);
                     }
                     $catIntermediates[] = $decoded['pem'];
                 }
@@ -696,26 +696,26 @@ 
         // save all intermediate certificates and CRLs to separate files in 
         // both root-ca directories
         foreach ($eapIntermediates as $index => $onePem) {
-            file_put_contents($tmpDir . "/root-ca-eaponly/intermediate$index.pem", $onePem);
-            file_put_contents($tmpDir . "/root-ca-allcerts/intermediate$index.pem", $onePem);
+            file_put_contents($tmpDir."/root-ca-eaponly/intermediate$index.pem", $onePem);
+            file_put_contents($tmpDir."/root-ca-allcerts/intermediate$index.pem", $onePem);
         }
         foreach ($eapIntermediateCRLs as $index => $onePem) {
-            file_put_contents($tmpDir . "/root-ca-eaponly/intermediateCRL$index.pem", $onePem);
-            file_put_contents($tmpDir . "/root-ca-allcerts/intermediateCRL$index.pem", $onePem);
+            file_put_contents($tmpDir."/root-ca-eaponly/intermediateCRL$index.pem", $onePem);
+            file_put_contents($tmpDir."/root-ca-allcerts/intermediateCRL$index.pem", $onePem);
         }
 
         $checkstring = "";
         if (isset($servercert['CRL']) && isset($servercert['CRL'][0])) {
             $this->loggerInstance->debug(4, "got a server CRL; adding them to the chain checks. (Remember: checking end-entity cert only, not the whole chain");
             $checkstring = "-crl_check_all";
-            file_put_contents($tmpDir . "/root-ca-eaponly/crl-server.pem", $servercert['CRL'][0]);
-            file_put_contents($tmpDir . "/root-ca-allcerts/crl-server.pem", $servercert['CRL'][0]);
+            file_put_contents($tmpDir."/root-ca-eaponly/crl-server.pem", $servercert['CRL'][0]);
+            file_put_contents($tmpDir."/root-ca-allcerts/crl-server.pem", $servercert['CRL'][0]);
         }
 
 
 // now c_rehash the root CA directory ...
-        system(\config\Diagnostics::PATHS['c_rehash'] . " $tmpDir/root-ca-eaponly/ > /dev/null");
-        system(\config\Diagnostics::PATHS['c_rehash'] . " $tmpDir/root-ca-allcerts/ > /dev/null");
+        system(\config\Diagnostics::PATHS['c_rehash']." $tmpDir/root-ca-eaponly/ > /dev/null");
+        system(\config\Diagnostics::PATHS['c_rehash']." $tmpDir/root-ca-allcerts/ > /dev/null");
         return $checkstring;
     }
 
@@ -747,12 +747,12 @@ 
 // so test if there's something PEMy in the file at all
 // serverchain.pem is the output from eapol_test; incomingserver.pem is written by extractIncomingCertsfromEAP() if there was at least one server cert.
         if (filesize("$tmpDir/serverchain.pem") > 10 && filesize("$tmpDir/incomingserver.pem") > 10) {
-            exec(\config\Master::PATHS['openssl'] . " verify $crlCheckString -CApath $tmpDir/root-ca-eaponly/ -purpose any $tmpDir/incomingserver.pem", $verifyResultEaponly);
-            $this->loggerInstance->debug(4, \config\Master::PATHS['openssl'] . " verify $crlCheckString -CApath $tmpDir/root-ca-eaponly/ -purpose any $tmpDir/serverchain.pem\n");
-            $this->loggerInstance->debug(4, "Chain verify pass 1: " . /** @scrutinizer ignore-type */ print_r($verifyResultEaponly, TRUE) . "\n");
-            exec(\config\Master::PATHS['openssl'] . " verify $crlCheckString -CApath $tmpDir/root-ca-allcerts/ -purpose any $tmpDir/incomingserver.pem", $verifyResultAllcerts);
-            $this->loggerInstance->debug(4, \config\Master::PATHS['openssl'] . " verify $crlCheckString -CApath $tmpDir/root-ca-allcerts/ -purpose any $tmpDir/serverchain.pem\n");
-            $this->loggerInstance->debug(4, "Chain verify pass 2: " . /** @scrutinizer ignore-type */ print_r($verifyResultAllcerts, TRUE) . "\n");
+            exec(\config\Master::PATHS['openssl']." verify $crlCheckString -CApath $tmpDir/root-ca-eaponly/ -purpose any $tmpDir/incomingserver.pem", $verifyResultEaponly);
+            $this->loggerInstance->debug(4, \config\Master::PATHS['openssl']." verify $crlCheckString -CApath $tmpDir/root-ca-eaponly/ -purpose any $tmpDir/serverchain.pem\n");
+            $this->loggerInstance->debug(4, "Chain verify pass 1: "./** @scrutinizer ignore-type */ print_r($verifyResultEaponly, TRUE)."\n");
+            exec(\config\Master::PATHS['openssl']." verify $crlCheckString -CApath $tmpDir/root-ca-allcerts/ -purpose any $tmpDir/incomingserver.pem", $verifyResultAllcerts);
+            $this->loggerInstance->debug(4, \config\Master::PATHS['openssl']." verify $crlCheckString -CApath $tmpDir/root-ca-allcerts/ -purpose any $tmpDir/serverchain.pem\n");
+            $this->loggerInstance->debug(4, "Chain verify pass 2: "./** @scrutinizer ignore-type */ print_r($verifyResultAllcerts, TRUE)."\n");
         }
 
 // now we do certificate verification against the collected parents
@@ -817,7 +817,7 @@ 
         // we are UNHAPPY if no names match!
         $happiness = "UNHAPPY";
         foreach ($this->expectedServerNames as $expectedName) {
-            $this->loggerInstance->debug(4, "Managing expectations for $expectedName: " . /** @scrutinizer ignore-type */ print_r($servercert['CN'], TRUE) . /** @scrutinizer ignore-type */ print_r($servercert['sAN_DNS'], TRUE));
+            $this->loggerInstance->debug(4, "Managing expectations for $expectedName: "./** @scrutinizer ignore-type */ print_r($servercert['CN'], TRUE)./** @scrutinizer ignore-type */ print_r($servercert['sAN_DNS'], TRUE));
             if (array_search($expectedName, $servercert['CN']) !== FALSE && array_search($expectedName, $servercert['sAN_DNS']) !== FALSE) {
                 $this->loggerInstance->debug(4, "Totally happy!");
                 $happiness = "TOTALLY";
@@ -861,11 +861,11 @@ 
         $theconfigs = $this->wpaSupplicantConfig($eaptype, $finalInner, $finalOuter, $password);
         // the config intentionally does not include CA checking. We do this
         // ourselves after getting the chain with -o.
-        file_put_contents($tmpDir . "/udp_login_test.conf", $theconfigs[0]);
+        file_put_contents($tmpDir."/udp_login_test.conf", $theconfigs[0]);
 
         $cmdline = $this->eapolTestConfig($probeindex, $opnameCheck, $frag);
         $this->loggerInstance->debug(4, "Shallow reachability check cmdline: $cmdline\n");
-        $this->loggerInstance->debug(4, "Shallow reachability check config: $tmpDir\n" . $theconfigs[1] . "\n");
+        $this->loggerInstance->debug(4, "Shallow reachability check config: $tmpDir\n".$theconfigs[1]."\n");
         $time_start = microtime(true);
         $pflow = [];
         exec($cmdline, $pflow);
@@ -874,7 +874,7 @@ 
         }
         $time_stop = microtime(true);
         $output = print_r($this->redact($password, $pflow), TRUE);
-        file_put_contents($tmpDir . "/eapol_test_output_redacted_$probeindex.txt", $output);
+        file_put_contents($tmpDir."/eapol_test_output_redacted_$probeindex.txt", $output);
         $this->loggerInstance->debug(5, "eapol_test output saved to eapol_test_output_redacted_$probeindex.txt\n");
         return [
             "time" => ($time_stop - $time_start) * 1000,
@@ -910,7 +910,7 @@ 
         if ($packetflow[count($packetflow) - 1] == 3 && $this->checkLineparse($packetflow_orig, self::LINEPARSE_CHECK_REJECTIGNORE)) {
             array_pop($packetflow);
         }
-        $this->loggerInstance->debug(5, "Packetflow: " . /** @scrutinizer ignore-type */ print_r($packetflow, TRUE));
+        $this->loggerInstance->debug(5, "Packetflow: "./** @scrutinizer ignore-type */ print_r($packetflow, TRUE));
         $packetcount = array_count_values($packetflow);
         $testresults['packetcount'] = $packetcount;
         $testresults['packetflow'] = $packetflow;
@@ -950,7 +950,7 @@ 
      */
     private function wasModernTlsNegotiated(&$testresults, $packetflow_orig) {
         $negotiatedTlsVersion = $this->checkLineparse($packetflow_orig, self::LINEPARSE_TLSVERSION);
-        $this->loggerInstance->debug(4, "TLS version found is: $negotiatedTlsVersion" . "\n");
+        $this->loggerInstance->debug(4, "TLS version found is: $negotiatedTlsVersion"."\n");
         if ($negotiatedTlsVersion === FALSE) {
             $testresults['cert_oddities'][] = RADIUSTests::TLSPROB_UNKNOWN_TLS_VERSION;
         } elseif ($negotiatedTlsVersion != self::TLS_VERSION_1_2 && $negotiatedTlsVersion != self::TLS_VERSION_1_3) {
@@ -1008,7 +1008,7 @@ 
 
         $x509 = new \core\common\X509();
 // $eap_certarray holds all certs received in EAP conversation
-        $incomingData = file_get_contents($tmpDir . "/serverchain.pem");
+        $incomingData = file_get_contents($tmpDir."/serverchain.pem");
         if ($incomingData !== FALSE && strlen($incomingData) > 0) {
             $eapCertArray = $x509->splitCertificate($incomingData);
         } else {
@@ -1039,10 +1039,10 @@ 
                 case RADIUSTests::SERVER_CA_SELFSIGNED:
                     $servercert[] = $cert;
                     if (count($servercert) == 1) {
-                        if (file_put_contents($tmpDir . "/incomingserver.pem", $cert['pem'] . "\n") === FALSE) {
+                        if (file_put_contents($tmpDir."/incomingserver.pem", $cert['pem']."\n") === FALSE) {
                             $this->loggerInstance->debug(4, "The (first) server certificate could not be written to $tmpDir/incomingserver.pem!\n");
                         }
-                        $this->loggerInstance->debug(4, "This is the (first) server certificate, with CRL content if applicable: " . /** @scrutinizer ignore-type */ print_r($servercert[0], true));
+                        $this->loggerInstance->debug(4, "This is the (first) server certificate, with CRL content if applicable: "./** @scrutinizer ignore-type */ print_r($servercert[0], true));
                     } elseif (!in_array(RADIUSTests::CERTPROB_TOO_MANY_SERVER_CERTS, $testresults['cert_oddities'])) {
                         $testresults['cert_oddities'][] = RADIUSTests::CERTPROB_TOO_MANY_SERVER_CERTS;
                     }
@@ -1112,7 +1112,7 @@ 
     public function autodetectCAWithProbe($outerId) {
         // for EAP-TLS to be a viable option, we need to pass a random client cert to make eapol_test happy
         // the following PEM data is one of the SENSE EAPLab client certs (not secret at all)
-        $clientcert = file_get_contents(dirname(__FILE__) . "/clientcert.p12");
+        $clientcert = file_get_contents(dirname(__FILE__)."/clientcert.p12");
         if ($clientcert === FALSE) {
             throw new Exception("A dummy client cert is part of the source distribution, but could not be loaded!");
         }
@@ -1127,7 +1127,7 @@ 
         $tmpDir = $temporary['dir'];
         chdir($tmpDir);
         $this->loggerInstance->debug(4, "temp dir: $tmpDir\n");
-        file_put_contents($tmpDir . "/client.p12", $clientcert);
+        file_put_contents($tmpDir."/client.p12", $clientcert);
         $testresults = ['cert_oddities' => []];
         $runtime_results = $this->executeEapolTest($tmpDir, $probeindex, \core\common\EAP::EAPTYPE_ANY, $outerId, $outerId, "eaplab", FALSE, FALSE);
         $packetflow_orig = $runtime_results['output'];
@@ -1143,8 +1143,7 @@ 
         // that's not the case if we do EAP-pwd or could not negotiate an EAP method at
         // all
         // in that case: no server CA guess possible
-        if (!
-                ($radiusResult == RADIUSTests::RETVAL_CONVERSATION_REJECT && $negotiatedEapType) || $radiusResult == RADIUSTests::RETVAL_OK
+        if (!($radiusResult == RADIUSTests::RETVAL_CONVERSATION_REJECT && $negotiatedEapType) || $radiusResult == RADIUSTests::RETVAL_OK
         ) {
             return RADIUSTests::RETVAL_INVALID;
         }
@@ -1183,7 +1182,7 @@ 
         // trust, and custom ones we may have configured
         $ourRoots = file_get_contents(\config\ConfAssistant::PATHS['trust-store-custom']);
         $mozillaRoots = file_get_contents(\config\ConfAssistant::PATHS['trust-store-mozilla']);
-        $allRoots = $x509->splitCertificate($ourRoots . "\n" . $mozillaRoots);
+        $allRoots = $x509->splitCertificate($ourRoots."\n".$mozillaRoots);
         foreach ($allRoots as $oneRoot) {
             $processedRoot = $x509->processCertificate($oneRoot);
             if ($processedRoot['full_details']['subject'] == $currentHighestKnownIssuer) {
@@ -1225,7 +1224,7 @@ 
         chdir($tmpDir);
         $this->loggerInstance->debug(4, "temp dir: $tmpDir\n");
         if ($clientcertdata !== NULL) {
-            file_put_contents($tmpDir . "/client.p12", $clientcertdata);
+            file_put_contents($tmpDir."/client.p12", $clientcertdata);
         }
         $testresults = [];
         // initialise the sub-array for cleaner parsing
@@ -1330,7 +1329,7 @@ 
                     'issuer' => $this->printDN($certdata['issuer']),
                     'validFrom' => $this->printTm($certdata['validFrom_time_t']),
                     'validTo' => $this->printTm($certdata['validTo_time_t']),
-                    'serialNumber' => $certdata['serialNumber'] . sprintf(" (0x%X)", $certdata['serialNumber']),
+                    'serialNumber' => $certdata['serialNumber'].sprintf(" (0x%X)", $certdata['serialNumber']),
                     'sha1' => $certdata['sha1'],
                     'extensions' => $certdata['extensions']
                 ];