GEANT /
CAT
@@ -104,11 +104,11 @@ discard block |
||
| 104 | 104 | $this->possibleFailureReasons = $_SESSION["SUSPECTS"] ?? []; // if we know nothing, don't talk to anyone |
| 105 | 105 | $this->additionalFindings = $_SESSION["EVIDENCE"] ?? []; |
| 106 | 106 | |
| 107 | - $this->subjectPrefix = _("[eduroam Diagnostics]") . " "; |
|
| 107 | + $this->subjectPrefix = _("[eduroam Diagnostics]")." "; |
|
| 108 | 108 | $this->finalGreeting = "\n" |
| 109 | 109 | . _("(This service is in an early stage. We apologise if this is a false alert. If this is the case, please send an email report to [email protected], forwarding the entire message (including the 'SUSPECTS' and 'EVIDENCE' data at the end), and explain why this is a false positive.)") |
| 110 | 110 | . "\n" |
| 111 | - . _("Yours sincerely,") . "\n" |
|
| 111 | + . _("Yours sincerely,")."\n" |
|
| 112 | 112 | . "\n" |
| 113 | 113 | . _("Ed U. Roam, the eduroam diagnostics algorithm"); |
| 114 | 114 | |
@@ -119,13 +119,13 @@ discard block |
||
| 119 | 119 | "bcc" => [], |
| 120 | 120 | "reply-to" => [Logopath::EDUROAM_OT], |
| 121 | 121 | "subject" => _("[POLICYVIOLATION NATIONAL] IdP with no entry in eduroam database"), |
| 122 | - "body" => _("Dear NRO administrator,") . "\n" |
|
| 122 | + "body" => _("Dear NRO administrator,")."\n" |
|
| 123 | 123 | . "\n" |
| 124 | - . wordwrap(sprintf(_("an end-user requested diagnostics for realm %s. Real-time connectivity checks determined that the realm exists, but we were unable to find an IdP with that realm in the eduroam database."), "foo.bar")) . "\n" |
|
| 124 | + . wordwrap(sprintf(_("an end-user requested diagnostics for realm %s. Real-time connectivity checks determined that the realm exists, but we were unable to find an IdP with that realm in the eduroam database."), "foo.bar"))."\n" |
|
| 125 | 125 | . "\n" |
| 126 | - . _("By not listing IdPs in the eduroam database, you are violating the eduroam policy.") . "\n" |
|
| 126 | + . _("By not listing IdPs in the eduroam database, you are violating the eduroam policy.")."\n" |
|
| 127 | 127 | . "\n" |
| 128 | - . _("Additionally, this creates operational issues. In particular, we are unable to direct end users to their IdP for further diagnosis/instructions because there are no contact points for that IdP in the database.") . "\n" |
|
| 128 | + . _("Additionally, this creates operational issues. In particular, we are unable to direct end users to their IdP for further diagnosis/instructions because there are no contact points for that IdP in the database.")."\n" |
|
| 129 | 129 | . "\n" |
| 130 | 130 | . "Please stop the policy violation ASAP by listing the IdP which is associated to this realm.", |
| 131 | 131 | ], |
@@ -279,7 +279,7 @@ discard block |
||
| 279 | 279 | |
| 280 | 280 | $handle = \core\common\OutsideComm::mailHandle(); |
| 281 | 281 | // let's identify outselves |
| 282 | - $handle->FromName = \config\Master::APPEARANCE['productname'] . " Real-Time Diagnostics System"; |
|
| 282 | + $handle->FromName = \config\Master::APPEARANCE['productname']." Real-Time Diagnostics System"; |
|
| 283 | 283 | // add recipients |
| 284 | 284 | foreach (Logopath::CATEGORYBINDING as $arrayName => $functionName) { |
| 285 | 285 | foreach ($theMail[$arrayName] as $onePrincipal) { |
@@ -120,7 +120,7 @@ discard block |
||
| 120 | 120 | $this->test_result = []; |
| 121 | 121 | $this->test_result['global'] = 0; |
| 122 | 122 | // parse the schema file to find out the number of expected rows... |
| 123 | - $schema = file(dirname(dirname(__FILE__)) . "/schema/schema.sql"); |
|
| 123 | + $schema = file(dirname(dirname(__FILE__))."/schema/schema.sql"); |
|
| 124 | 124 | $this->profileOptionCount = 0; |
| 125 | 125 | $passedTheWindmill = FALSE; |
| 126 | 126 | foreach ($schema as $schemaLine) { |
@@ -146,7 +146,7 @@ discard block |
||
| 146 | 146 | public function runTest($test) { |
| 147 | 147 | $this->out[$test] = []; |
| 148 | 148 | $this->name = $test; |
| 149 | - $m_name = 'test' . $test; |
|
| 149 | + $m_name = 'test'.$test; |
|
| 150 | 150 | $this->test_result[$test] = 0; |
| 151 | 151 | if (!method_exists($this, $m_name)) { |
| 152 | 152 | $this->storeTestResult(\core\common\Entity::L_ERROR, "Configuration error, no test configured for <strong>$test</strong>."); |
@@ -234,7 +234,7 @@ discard block |
||
| 234 | 234 | $matchArray = []; |
| 235 | 235 | preg_match('/([^ ]+) ?/', $config[$pathToCheck], $matchArray); |
| 236 | 236 | $exe = $matchArray[1]; |
| 237 | - $the_path = exec("which " . $config[$pathToCheck]); |
|
| 237 | + $the_path = exec("which ".$config[$pathToCheck]); |
|
| 238 | 238 | if ($the_path == $exe) { |
| 239 | 239 | $exec_is = "EXPLICIT"; |
| 240 | 240 | } else { |
@@ -253,9 +253,9 @@ discard block |
||
| 253 | 253 | */ |
| 254 | 254 | private function testPhp() { |
| 255 | 255 | if (version_compare(phpversion(), $this->needversionPHP, '>=')) { |
| 256 | - $this->storeTestResult(\core\common\Entity::L_OK, "<strong>PHP</strong> is sufficiently recent. You are running " . phpversion() . "."); |
|
| 256 | + $this->storeTestResult(\core\common\Entity::L_OK, "<strong>PHP</strong> is sufficiently recent. You are running ".phpversion()."."); |
|
| 257 | 257 | } else { |
| 258 | - $this->storeTestResult(\core\common\Entity::L_ERROR, "<strong>PHP</strong> is too old. We need at least $this->needversionPHP, but you only have " . phpversion() . "."); |
|
| 258 | + $this->storeTestResult(\core\common\Entity::L_ERROR, "<strong>PHP</strong> is too old. We need at least $this->needversionPHP, but you only have ".phpversion()."."); |
|
| 259 | 259 | } |
| 260 | 260 | } |
| 261 | 261 | |
@@ -271,7 +271,7 @@ discard block |
||
| 271 | 271 | $this->storeTestResult(\core\common\Entity::L_OK, "<strong>cat_base_url</strong> set correctly"); |
| 272 | 272 | } else { |
| 273 | 273 | $rootFromScript = $m[1] === '' ? '/' : $m[1]; |
| 274 | - $this->storeTestResult(\core\common\Entity::L_ERROR, "<strong>cat_base_url</strong> is set to <strong>" . \config\Master::PATHS['cat_base_url'] . "</strong> and should be <strong>$rootFromScript</strong>"); |
|
| 274 | + $this->storeTestResult(\core\common\Entity::L_ERROR, "<strong>cat_base_url</strong> is set to <strong>".\config\Master::PATHS['cat_base_url']."</strong> and should be <strong>$rootFromScript</strong>"); |
|
| 275 | 275 | } |
| 276 | 276 | } |
| 277 | 277 | |
@@ -291,7 +291,7 @@ discard block |
||
| 291 | 291 | if (count($probeReturns) == 0) { |
| 292 | 292 | $this->storeTestResult(common\Entity::L_OK, "All configured RADIUS/UDP probes are reachable."); |
| 293 | 293 | } else { |
| 294 | - $this->storeTestResult(common\Entity::L_ERROR, "The following RADIUS probes are NOT reachable: ".implode(', ',$probeReturns)); |
|
| 294 | + $this->storeTestResult(common\Entity::L_ERROR, "The following RADIUS probes are NOT reachable: ".implode(', ', $probeReturns)); |
|
| 295 | 295 | } |
| 296 | 296 | } |
| 297 | 297 | |
@@ -308,9 +308,9 @@ discard block |
||
| 308 | 308 | $SSPconfig = \SimpleSAML\Configuration::getInstance(); |
| 309 | 309 | $sspVersion = explode('.', $SSPconfig->getVersion()); |
| 310 | 310 | if ((int) $sspVersion[0] >= $this->needversionSSP['major'] && (int) $sspVersion[1] >= $this->needversionSSP['minor']) { |
| 311 | - $this->storeTestResult(\core\common\Entity::L_OK, "<strong>simpleSAMLphp</strong> is sufficently recent. You are running " . implode('.', $sspVersion)); |
|
| 311 | + $this->storeTestResult(\core\common\Entity::L_OK, "<strong>simpleSAMLphp</strong> is sufficently recent. You are running ".implode('.', $sspVersion)); |
|
| 312 | 312 | } else { |
| 313 | - $this->storeTestResult(\core\common\Entity::L_ERROR, "<strong>simpleSAMLphp</strong> is too old. We need at least " . implode('.', $this->needversionSSP)); |
|
| 313 | + $this->storeTestResult(\core\common\Entity::L_ERROR, "<strong>simpleSAMLphp</strong> is too old. We need at least ".implode('.', $this->needversionSSP)); |
|
| 314 | 314 | } |
| 315 | 315 | } |
| 316 | 316 | } |
@@ -364,8 +364,8 @@ discard block |
||
| 364 | 364 | * @return void |
| 365 | 365 | */ |
| 366 | 366 | private function testLogdir() { |
| 367 | - if (fopen(\config\Master::PATHS['logdir'] . "/debug.log", "a") == FALSE) { |
|
| 368 | - $this->storeTestResult(\core\common\Entity::L_WARN, "Log files in <strong>" . \config\Master::PATHS['logdir'] . "</strong> are not writable!"); |
|
| 367 | + if (fopen(\config\Master::PATHS['logdir']."/debug.log", "a") == FALSE) { |
|
| 368 | + $this->storeTestResult(\core\common\Entity::L_WARN, "Log files in <strong>".\config\Master::PATHS['logdir']."</strong> are not writable!"); |
|
| 369 | 369 | } else { |
| 370 | 370 | $this->storeTestResult(\core\common\Entity::L_OK, "Log directory is writable."); |
| 371 | 371 | } |
@@ -489,7 +489,7 @@ discard block |
||
| 489 | 489 | private function testOpenssl() { |
| 490 | 490 | $A = $this->getExecPath('openssl'); |
| 491 | 491 | if ($A['exec'] != "") { |
| 492 | - $t = exec($A['exec'] . ' version'); |
|
| 492 | + $t = exec($A['exec'].' version'); |
|
| 493 | 493 | if ($A['exec_is'] == "EXPLICIT") { |
| 494 | 494 | $this->storeTestResult(\core\common\Entity::L_OK, "<strong>$t</strong> was found and is configured explicitly in your config."); |
| 495 | 495 | } else { |
@@ -516,14 +516,14 @@ discard block |
||
| 516 | 516 | } |
| 517 | 517 | $A = $this->getExecPath('makensis'); |
| 518 | 518 | if ($A['exec'] != "") { |
| 519 | - $t = exec($A['exec'] . ' -VERSION'); |
|
| 519 | + $t = exec($A['exec'].' -VERSION'); |
|
| 520 | 520 | if ($A['exec_is'] == "EXPLICIT") { |
| 521 | 521 | $this->storeTestResult(\core\common\Entity::L_OK, "<strong>makensis $t</strong> was found and is configured explicitly in your config."); |
| 522 | 522 | } else { |
| 523 | 523 | $this->storeTestResult(\core\common\Entity::L_WARN, "<strong>makensis $t</strong> was found, but is not configured with an absolute path in your config."); |
| 524 | 524 | } |
| 525 | 525 | $outputArray = []; |
| 526 | - exec($A['exec'] . ' -HELP', $outputArray); |
|
| 526 | + exec($A['exec'].' -HELP', $outputArray); |
|
| 527 | 527 | $t1 = count(preg_grep('/INPUTCHARSET/', $outputArray)); |
| 528 | 528 | if ($t1 == 1 && \config\ConfAssistant::NSIS_VERSION == 2) { |
| 529 | 529 | $this->storeTestResult(\core\common\Entity::L_ERROR, "Declared NSIS_VERSION does not seem to match the file pointed to by PATHS['makensis']!"); |
@@ -552,7 +552,7 @@ discard block |
||
| 552 | 552 | $NSIS_Module_status = []; |
| 553 | 553 | foreach ($this->NSISModules as $module) { |
| 554 | 554 | unset($out); |
| 555 | - exec(\config\ConfAssistant::PATHS['makensis'] . " -V1 '-X!include $module' '-XOutFile $exe' '-XSection X' '-XSectionEnd'", $out, $retval); |
|
| 555 | + exec(\config\ConfAssistant::PATHS['makensis']." -V1 '-X!include $module' '-XOutFile $exe' '-XSection X' '-XSectionEnd'", $out, $retval); |
|
| 556 | 556 | if ($retval > 0) { |
| 557 | 557 | $NSIS_Module_status[$module] = 0; |
| 558 | 558 | } else { |
@@ -615,8 +615,8 @@ discard block |
||
| 615 | 615 | $locales = shell_exec("locale -a"); |
| 616 | 616 | $allthere = ""; |
| 617 | 617 | foreach (\config\Master::LANGUAGES as $onelanguage) { |
| 618 | - if (preg_match("/" . $onelanguage['locale'] . "/", $locales) == 0) { |
|
| 619 | - $allthere .= $onelanguage['locale'] . " "; |
|
| 618 | + if (preg_match("/".$onelanguage['locale']."/", $locales) == 0) { |
|
| 619 | + $allthere .= $onelanguage['locale']." "; |
|
| 620 | 620 | } |
| 621 | 621 | } |
| 622 | 622 | if ($allthere == "") { |
@@ -630,47 +630,47 @@ discard block |
||
| 630 | 630 | ["SETTING" => \config\Master::APPEARANCE['from-mail'], |
| 631 | 631 | "DEFVALUE" => "[email protected]", |
| 632 | 632 | "COMPLAINTSTRING" => "APPEARANCE/from-mail ", |
| 633 | - "REQUIRED" => FALSE,], |
|
| 633 | + "REQUIRED" => FALSE, ], |
|
| 634 | 634 | ["SETTING" => \config\Master::APPEARANCE['support-contact']['url'], |
| 635 | 635 | "DEFVALUE" => "[email protected]?body=Only%20English%20language%20please!", |
| 636 | 636 | "COMPLAINTSTRING" => "APPEARANCE/support-contact/url ", |
| 637 | - "REQUIRED" => FALSE,], |
|
| 637 | + "REQUIRED" => FALSE, ], |
|
| 638 | 638 | ["SETTING" => \config\Master::APPEARANCE['support-contact']['display'], |
| 639 | 639 | "DEFVALUE" => "[email protected]", |
| 640 | 640 | "COMPLAINTSTRING" => "APPEARANCE/support-contact/display ", |
| 641 | - "REQUIRED" => FALSE,], |
|
| 641 | + "REQUIRED" => FALSE, ], |
|
| 642 | 642 | ["SETTING" => \config\Master::APPEARANCE['support-contact']['developer-mail'], |
| 643 | 643 | "DEFVALUE" => "[email protected]", |
| 644 | 644 | "COMPLAINTSTRING" => "APPEARANCE/support-contact/mail ", |
| 645 | - "REQUIRED" => FALSE,], |
|
| 645 | + "REQUIRED" => FALSE, ], |
|
| 646 | 646 | ["SETTING" => \config\Master::APPEARANCE['abuse-mail'], |
| 647 | 647 | "DEFVALUE" => "[email protected]", |
| 648 | 648 | "COMPLAINTSTRING" => "APPEARANCE/abuse-mail ", |
| 649 | - "REQUIRED" => FALSE,], |
|
| 649 | + "REQUIRED" => FALSE, ], |
|
| 650 | 650 | ["SETTING" => \config\Master::APPEARANCE['MOTD'], |
| 651 | 651 | "DEFVALUE" => "Release Candidate. All bugs to be shot on sight!", |
| 652 | 652 | "COMPLAINTSTRING" => "APPEARANCE/MOTD ", |
| 653 | - "REQUIRED" => FALSE,], |
|
| 653 | + "REQUIRED" => FALSE, ], |
|
| 654 | 654 | ["SETTING" => \config\Master::APPEARANCE['webcert_CRLDP'], |
| 655 | 655 | "DEFVALUE" => ['list', 'of', 'CRL', 'pointers'], |
| 656 | 656 | "COMPLAINTSTRING" => "APPEARANCE/webcert_CRLDP ", |
| 657 | - "REQUIRED" => TRUE,], |
|
| 657 | + "REQUIRED" => TRUE, ], |
|
| 658 | 658 | ["SETTING" => \config\Master::APPEARANCE['webcert_OCSP'], |
| 659 | 659 | "DEFVALUE" => ['list', 'of', 'OCSP', 'pointers'], |
| 660 | 660 | "COMPLAINTSTRING" => "APPEARANCE/webcert_OCSP ", |
| 661 | - "REQUIRED" => TRUE,], |
|
| 661 | + "REQUIRED" => TRUE, ], |
|
| 662 | 662 | ["SETTING" => \config\Master::DB['INST']['host'], |
| 663 | 663 | "DEFVALUE" => "db.host.example", |
| 664 | 664 | "COMPLAINTSTRING" => "DB/INST ", |
| 665 | - "REQUIRED" => TRUE,], |
|
| 665 | + "REQUIRED" => TRUE, ], |
|
| 666 | 666 | ["SETTING" => \config\Master::DB['INST']['host'], |
| 667 | 667 | "DEFVALUE" => "db.host.example", |
| 668 | 668 | "COMPLAINTSTRING" => "DB/USER ", |
| 669 | - "REQUIRED" => TRUE,], |
|
| 669 | + "REQUIRED" => TRUE, ], |
|
| 670 | 670 | ["SETTING" => \config\Master::DB['EXTERNAL']['host'], |
| 671 | 671 | "DEFVALUE" => "customerdb.otherhost.example", |
| 672 | 672 | "COMPLAINTSTRING" => "DB/EXTERNAL ", |
| 673 | - "REQUIRED" => FALSE,], |
|
| 673 | + "REQUIRED" => FALSE, ], |
|
| 674 | 674 | ]; |
| 675 | 675 | |
| 676 | 676 | /** |
@@ -696,11 +696,11 @@ discard block |
||
| 696 | 696 | |
| 697 | 697 | foreach (\config\Diagnostics::RADIUSTESTS['TLS-clientcerts'] as $cadata) { |
| 698 | 698 | foreach ($cadata['certificates'] as $cert_files) { |
| 699 | - if (file_get_contents(ROOT . "/config/cli-certs/" . $cert_files['public']) === FALSE) { |
|
| 700 | - $defaultvalues .= "CERTIFICATE/" . $cert_files['public'] . " "; |
|
| 699 | + if (file_get_contents(ROOT."/config/cli-certs/".$cert_files['public']) === FALSE) { |
|
| 700 | + $defaultvalues .= "CERTIFICATE/".$cert_files['public']." "; |
|
| 701 | 701 | } |
| 702 | - if (file_get_contents(ROOT . "/config/cli-certs/" . $cert_files['private']) === FALSE) { |
|
| 703 | - $defaultvalues .= "CERTIFICATE/" . $cert_files['private'] . " "; |
|
| 702 | + if (file_get_contents(ROOT."/config/cli-certs/".$cert_files['private']) === FALSE) { |
|
| 703 | + $defaultvalues .= "CERTIFICATE/".$cert_files['private']." "; |
|
| 704 | 704 | } |
| 705 | 705 | } |
| 706 | 706 | } |
@@ -790,14 +790,14 @@ discard block |
||
| 790 | 790 | if ($global_no_cache) { |
| 791 | 791 | foreach ($Devs as $dev => $D) { |
| 792 | 792 | if (empty($D['options']['no_cache']) || $D['options']['no_cache'] != 0) { |
| 793 | - $no_cache_dev .= $dev . " "; |
|
| 793 | + $no_cache_dev .= $dev." "; |
|
| 794 | 794 | $no_cache_dev_count++; |
| 795 | 795 | } |
| 796 | 796 | } |
| 797 | 797 | } else { |
| 798 | 798 | foreach ($Devs as $dev => $D) { |
| 799 | 799 | if (!empty($D['options']['no_cache']) && $D['options']['no_cache'] != 0) { |
| 800 | - $no_cache_dev .= $dev . " "; |
|
| 800 | + $no_cache_dev .= $dev." "; |
|
| 801 | 801 | $no_cache_dev_count++; |
| 802 | 802 | } |
| 803 | 803 | } |
@@ -835,13 +835,13 @@ discard block |
||
| 835 | 835 | $mail->isHTML(FALSE); |
| 836 | 836 | $mail->CharSet = 'UTF-8'; |
| 837 | 837 | $mail->From = \config\Master::APPEARANCE['from-mail']; |
| 838 | - $mail->FromName = \config\Master::APPEARANCE['productname'] . " Invitation System"; |
|
| 838 | + $mail->FromName = \config\Master::APPEARANCE['productname']." Invitation System"; |
|
| 839 | 839 | $mail->addAddress(\config\Master::APPEARANCE['abuse-mail']); |
| 840 | 840 | $mail->Subject = "testing CAT configuration mail"; |
| 841 | 841 | $mail->Body = "Testing CAT mailing\n"; |
| 842 | 842 | $sent = $mail->send(); |
| 843 | 843 | if ($sent) { |
| 844 | - $this->storeTestResult(\core\common\Entity::L_OK, "mailer settings appear to be working, check " . \config\Master::APPEARANCE['abuse-mail'] . " mailbox if the message was receiced."); |
|
| 844 | + $this->storeTestResult(\core\common\Entity::L_OK, "mailer settings appear to be working, check ".\config\Master::APPEARANCE['abuse-mail']." mailbox if the message was receiced."); |
|
| 845 | 845 | } else { |
| 846 | 846 | $this->storeTestResult(\core\common\Entity::L_ERROR, "mailer settings failed, check the Config::MAILSETTINGS"); |
| 847 | 847 | } |
@@ -45,7 +45,7 @@ discard block |
||
| 45 | 45 | * @return void |
| 46 | 46 | */ |
| 47 | 47 | private function writeToFile($filename, $message) { |
| 48 | - file_put_contents(\config\Master::PATHS['logdir'] . "/$filename", sprintf("%-015s", microtime(TRUE)) . $message, FILE_APPEND); |
|
| 48 | + file_put_contents(\config\Master::PATHS['logdir']."/$filename", sprintf("%-015s", microtime(TRUE)).$message, FILE_APPEND); |
|
| 49 | 49 | } |
| 50 | 50 | |
| 51 | 51 | /** |
@@ -76,7 +76,7 @@ discard block |
||
| 76 | 76 | } else { |
| 77 | 77 | $output .= var_export($stuff, TRUE); |
| 78 | 78 | } |
| 79 | - $output = $prefix . $output . $suffix; |
|
| 79 | + $output = $prefix.$output.$suffix; |
|
| 80 | 80 | $this->writeToFile("debug.log", $output); |
| 81 | 81 | |
| 82 | 82 | return; |
@@ -122,7 +122,7 @@ discard block |
||
| 122 | 122 | $logTextStep1 = preg_replace("/[\n\r]/", "", $query); |
| 123 | 123 | $logTextStep2 = preg_replace("/ +/", " ", $logTextStep1); |
| 124 | 124 | $logTextStep3 = iconv("UTF-8", "UTF-8//IGNORE", $logTextStep2); |
| 125 | - $this->writeToFile("audit-SQL.log", " " . $logTextStep3 . "\n"); |
|
| 125 | + $this->writeToFile("audit-SQL.log", " ".$logTextStep3."\n"); |
|
| 126 | 126 | } |
| 127 | 127 | |
| 128 | 128 | } |
@@ -70,9 +70,9 @@ discard block |
||
| 70 | 70 | $loggerInstance = new \core\common\Logging(); |
| 71 | 71 | $olddomain = textdomain(NULL); |
| 72 | 72 | $loggerInstance->debug(4, "set_locale($domain)\n"); |
| 73 | - $loggerInstance->debug(4, ROOT . "\n"); |
|
| 73 | + $loggerInstance->debug(4, ROOT."\n"); |
|
| 74 | 74 | textdomain($domain); |
| 75 | - bindtextdomain($domain, ROOT . "/translation/"); |
|
| 75 | + bindtextdomain($domain, ROOT."/translation/"); |
|
| 76 | 76 | return $olddomain; |
| 77 | 77 | } |
| 78 | 78 | |
@@ -94,7 +94,7 @@ discard block |
||
| 94 | 94 | $langConverted[] = $hardSetLang; |
| 95 | 95 | } |
| 96 | 96 | if (!empty($_REQUEST['lang'])) { |
| 97 | - $recoverLang = filter_input(INPUT_GET,'lang', FILTER_SANITIZE_STRING) ?? filter_input(INPUT_POST, 'lang', FILTER_SANITIZE_STRING); |
|
| 97 | + $recoverLang = filter_input(INPUT_GET, 'lang', FILTER_SANITIZE_STRING) ?? filter_input(INPUT_POST, 'lang', FILTER_SANITIZE_STRING); |
|
| 98 | 98 | $langConverted[] = $recoverLang; |
| 99 | 99 | } |
| 100 | 100 | \core\CAT::sessionStart(); |
@@ -102,7 +102,7 @@ discard block |
||
| 102 | 102 | $langConverted[] = $_SESSION['language']; |
| 103 | 103 | } |
| 104 | 104 | if (!empty($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { |
| 105 | - $langs = explode(",", filter_input(INPUT_SERVER,"HTTP_ACCEPT_LANGUAGE", FILTER_SANITIZE_STRING)); |
|
| 105 | + $langs = explode(",", filter_input(INPUT_SERVER, "HTTP_ACCEPT_LANGUAGE", FILTER_SANITIZE_STRING)); |
|
| 106 | 106 | foreach ($langs as $lang) { |
| 107 | 107 | $result = []; |
| 108 | 108 | preg_match("/(.*);+.*/", $lang, $result); |
@@ -122,7 +122,7 @@ discard block |
||
| 122 | 122 | |
| 123 | 123 | // check if this language is supported by the CAT config |
| 124 | 124 | foreach (\config\Master::LANGUAGES as $language => $value) { |
| 125 | - if (preg_match("/^" . $language . ".*/", $tryLang)) { |
|
| 125 | + if (preg_match("/^".$language.".*/", $tryLang)) { |
|
| 126 | 126 | $localeTmp = $value['locale']; |
| 127 | 127 | $langIndex = $language; // ??? |
| 128 | 128 | break; |
@@ -137,7 +137,7 @@ discard block |
||
| 137 | 137 | } |
| 138 | 138 | } |
| 139 | 139 | } |
| 140 | - putenv("LC_ALL=" . $theLocale); |
|
| 140 | + putenv("LC_ALL=".$theLocale); |
|
| 141 | 141 | $_SESSION['language'] = $langIndex; |
| 142 | 142 | $loggerInstance = new \core\common\Logging(); |
| 143 | 143 | $loggerInstance->debug(4, "selected lang:$langIndex:$theLocale\n"); |
@@ -82,7 +82,7 @@ discard block |
||
| 82 | 82 | */ |
| 83 | 83 | protected function setSupportedEapMethods($eapArray) { |
| 84 | 84 | $this->supportedEapMethods = $eapArray; |
| 85 | - $this->loggerInstance->debug(4, "This device (" . __CLASS__ . ") supports the following EAP methods: "); |
|
| 85 | + $this->loggerInstance->debug(4, "This device (".__CLASS__.") supports the following EAP methods: "); |
|
| 86 | 86 | $this->loggerInstance->debug(4, $this->supportedEapMethods); |
| 87 | 87 | } |
| 88 | 88 | |
@@ -127,7 +127,7 @@ discard block |
||
| 127 | 127 | throw new Exception("No EAP type available."); |
| 128 | 128 | } |
| 129 | 129 | $this->attributes = $this->getProfileAttributes($profile); |
| 130 | - $this->deviceUUID = common\Entity::uuid('', 'CAT' . $profile->institution . "-" . $profile->identifier . "-" . $this->device_id); |
|
| 130 | + $this->deviceUUID = common\Entity::uuid('', 'CAT'.$profile->institution."-".$profile->identifier."-".$this->device_id); |
|
| 131 | 131 | |
| 132 | 132 | |
| 133 | 133 | // if we are instantiating a Silverbullet profile AND have been given |
@@ -151,8 +151,8 @@ discard block |
||
| 151 | 151 | // create temporary directory, its full path will be saved in $this->FPATH; |
| 152 | 152 | $tempDir = \core\common\Entity::createTemporaryDirectory($purpose); |
| 153 | 153 | $this->FPATH = $tempDir['dir']; |
| 154 | - mkdir($tempDir['dir'] . '/tmp'); |
|
| 155 | - chdir($tempDir['dir'] . '/tmp'); |
|
| 154 | + mkdir($tempDir['dir'].'/tmp'); |
|
| 155 | + chdir($tempDir['dir'].'/tmp'); |
|
| 156 | 156 | $caList = []; |
| 157 | 157 | $x509 = new \core\common\X509(); |
| 158 | 158 | if (isset($this->attributes['eap:ca_file'])) { |
@@ -172,7 +172,7 @@ discard block |
||
| 172 | 172 | } |
| 173 | 173 | if (isset($this->attributes['general:logo_file'])) { |
| 174 | 174 | $this->loggerInstance->debug(5, "saving IDP logo\n"); |
| 175 | - $this->attributes['internal:logo_file'] = $this->saveLogoFile($this->attributes['general:logo_file'],'idp'); |
|
| 175 | + $this->attributes['internal:logo_file'] = $this->saveLogoFile($this->attributes['general:logo_file'], 'idp'); |
|
| 176 | 176 | } |
| 177 | 177 | if (isset($this->attributes['fed:logo_file'])) { |
| 178 | 178 | $this->loggerInstance->debug(5, "saving FED logo\n"); |
@@ -188,7 +188,7 @@ discard block |
||
| 188 | 188 | $this->support_url_substitute = sprintf(_("your local %s support page"), \config\ConfAssistant::CONSORTIUM['display_name']); |
| 189 | 189 | |
| 190 | 190 | if ($this->signer && $this->options['sign']) { |
| 191 | - $this->sign = ROOT . '/signer/' . $this->signer; |
|
| 191 | + $this->sign = ROOT.'/signer/'.$this->signer; |
|
| 192 | 192 | } |
| 193 | 193 | $this->installerBasename = $this->getInstallerBasename(); |
| 194 | 194 | common\Entity::outOfThePotatoes(); |
@@ -244,10 +244,10 @@ discard block |
||
| 244 | 244 | * @return string|boolean the filename as found, with path, or FALSE if it does not exist |
| 245 | 245 | */ |
| 246 | 246 | private function findSourceFile($file) { |
| 247 | - if (is_file($this->module_path . '/Files/' . $this->device_id . '/' . $file)) { |
|
| 248 | - return $this->module_path . '/Files/' . $this->device_id . '/' . $file; |
|
| 249 | - } elseif (is_file($this->module_path . '/Files/' . $file)) { |
|
| 250 | - return $this->module_path . '/Files/' . $file; |
|
| 247 | + if (is_file($this->module_path.'/Files/'.$this->device_id.'/'.$file)) { |
|
| 248 | + return $this->module_path.'/Files/'.$this->device_id.'/'.$file; |
|
| 249 | + } elseif (is_file($this->module_path.'/Files/'.$file)) { |
|
| 250 | + return $this->module_path.'/Files/'.$file; |
|
| 251 | 251 | } else { |
| 252 | 252 | $this->loggerInstance->debug(2, "requested file $file does not exist\n"); |
| 253 | 253 | return FALSE; |
@@ -320,7 +320,7 @@ discard block |
||
| 320 | 320 | |
| 321 | 321 | $this->loggerInstance->debug(5, "translateFile($source_name, $output_name, $encoding)\n"); |
| 322 | 322 | ob_start(); |
| 323 | - $this->loggerInstance->debug(5, $this->module_path . '/Files/' . $this->device_id . '/' . $source_name . "\n"); |
|
| 323 | + $this->loggerInstance->debug(5, $this->module_path.'/Files/'.$this->device_id.'/'.$source_name."\n"); |
|
| 324 | 324 | $source = $this->findSourceFile($source_name); |
| 325 | 325 | |
| 326 | 326 | if ($source !== FALSE) { // if there is no file found, don't attempt to include an uninitialised variable |
@@ -328,7 +328,7 @@ discard block |
||
| 328 | 328 | } |
| 329 | 329 | $output = ob_get_clean(); |
| 330 | 330 | if ($encoding !== 0) { |
| 331 | - $outputClean = iconv('UTF-8', $encoding . '//TRANSLIT', $output); |
|
| 331 | + $outputClean = iconv('UTF-8', $encoding.'//TRANSLIT', $output); |
|
| 332 | 332 | if ($outputClean) { |
| 333 | 333 | $output = $outputClean; |
| 334 | 334 | } |
@@ -368,7 +368,7 @@ discard block |
||
| 368 | 368 | return $sourceString; |
| 369 | 369 | } |
| 370 | 370 | if (\config\ConfAssistant::NSIS_VERSION < 3) { |
| 371 | - $output_c = iconv('UTF-8', $encoding . '//TRANSLIT', $sourceString); |
|
| 371 | + $output_c = iconv('UTF-8', $encoding.'//TRANSLIT', $sourceString); |
|
| 372 | 372 | } else { |
| 373 | 373 | $output_c = $sourceString; |
| 374 | 374 | } |
@@ -462,17 +462,17 @@ discard block |
||
| 462 | 462 | */ |
| 463 | 463 | private function getInstallerBasename() { |
| 464 | 464 | |
| 465 | - $baseName = $this->customTranslit(\config\ConfAssistant::CONSORTIUM['name']) . "-" . $this->getDeviceId(); |
|
| 465 | + $baseName = $this->customTranslit(\config\ConfAssistant::CONSORTIUM['name'])."-".$this->getDeviceId(); |
|
| 466 | 466 | if (isset($this->attributes['profile:customsuffix'][1])) { |
| 467 | 467 | // this string will end up as a filename on a filesystem, so always |
| 468 | 468 | // take a latin-based language variant if available |
| 469 | 469 | // and then scrub non-ASCII just in case |
| 470 | - return $baseName . $this->customTranslit($this->attributes['profile:customsuffix'][1]); |
|
| 470 | + return $baseName.$this->customTranslit($this->attributes['profile:customsuffix'][1]); |
|
| 471 | 471 | } |
| 472 | 472 | // Okay, no custom suffix. |
| 473 | 473 | // Use the configured inst name and apply shortening heuristics |
| 474 | 474 | $lang_pointer = \config\Master::LANGUAGES[$this->languageInstance->getLang()]['latin_based'] == TRUE ? 0 : 1; |
| 475 | - $this->loggerInstance->debug(5, "getInstallerBasename1:" . $this->attributes['general:instname'][$lang_pointer] . "\n"); |
|
| 475 | + $this->loggerInstance->debug(5, "getInstallerBasename1:".$this->attributes['general:instname'][$lang_pointer]."\n"); |
|
| 476 | 476 | $inst = $this->customTranslit($this->attributes['general:instname'][$lang_pointer]); |
| 477 | 477 | $this->loggerInstance->debug(4, "getInstallerBasename2:$inst\n"); |
| 478 | 478 | $Inst_a = explode('_', $inst); |
@@ -487,10 +487,10 @@ discard block |
||
| 487 | 487 | if (!empty($this->attributes['profile:name']) && !empty($this->attributes['profile:name'][$lang_pointer])) { |
| 488 | 488 | $profTemp = $this->customTranslit($this->attributes['profile:name'][$lang_pointer]); |
| 489 | 489 | $prof = preg_replace('/_+$/', '', $profTemp); |
| 490 | - return $baseName . $inst . '-' . $prof; |
|
| 490 | + return $baseName.$inst.'-'.$prof; |
|
| 491 | 491 | } |
| 492 | 492 | } |
| 493 | - return $baseName . $inst; |
|
| 493 | + return $baseName.$inst; |
|
| 494 | 494 | } |
| 495 | 495 | |
| 496 | 496 | /** |
@@ -558,13 +558,13 @@ discard block |
||
| 558 | 558 | * @return array |
| 559 | 559 | */ |
| 560 | 560 | private function getConsortia() { |
| 561 | - if(!isset(\config\ConfAssistant::CONSORTIUM['interworking-consortium-oi'])) { |
|
| 561 | + if (!isset(\config\ConfAssistant::CONSORTIUM['interworking-consortium-oi'])) { |
|
| 562 | 562 | return ([]); |
| 563 | 563 | } |
| 564 | 564 | $consortia = \config\ConfAssistant::CONSORTIUM['interworking-consortium-oi']; |
| 565 | 565 | if (isset($this->attributes['media:consortium_OI'])) { |
| 566 | 566 | foreach ($this->attributes['media:consortium_OI'] as $new_oi) { |
| 567 | - if(!in_array($new_oi, $consortia)) { |
|
| 567 | + if (!in_array($new_oi, $consortia)) { |
|
| 568 | 568 | $consortia[] = $new_oi; |
| 569 | 569 | } |
| 570 | 570 | } |
@@ -590,7 +590,7 @@ discard block |
||
| 590 | 590 | * @return array list of filenames and the mime types |
| 591 | 591 | * @throws Exception |
| 592 | 592 | */ |
| 593 | - private function saveLogoFile($logos,$type) { |
|
| 593 | + private function saveLogoFile($logos, $type) { |
|
| 594 | 594 | $iterator = 0; |
| 595 | 595 | $returnarray = []; |
| 596 | 596 | foreach ($logos as $blob) { |
@@ -603,7 +603,7 @@ discard block |
||
| 603 | 603 | $ext = 'unsupported'; |
| 604 | 604 | } |
| 605 | 605 | $this->loggerInstance->debug(5, "saveLogoFile: $mime : $ext\n"); |
| 606 | - $fileName = 'logo-' . $type . $iterator . '.' . $ext; |
|
| 606 | + $fileName = 'logo-'.$type.$iterator.'.'.$ext; |
|
| 607 | 607 | $fileHandle = fopen($fileName, "w"); |
| 608 | 608 | if (!$fileHandle) { |
| 609 | 609 | $this->loggerInstance->debug(2, "saveLogoFile failed for: $fileName\n"); |
@@ -629,13 +629,13 @@ discard block |
||
| 629 | 629 | $mime = $finfo->buffer($blob); |
| 630 | 630 | $ext = isset($this->mime_extensions[$mime]) ? $this->mime_extensions[$mime] : 'usupported'; |
| 631 | 631 | $this->loggerInstance->debug(5, "saveInfoFile: $mime : $ext\n"); |
| 632 | - $fileHandle = fopen('local-info.' . $ext, "w"); |
|
| 632 | + $fileHandle = fopen('local-info.'.$ext, "w"); |
|
| 633 | 633 | if ($fileHandle === FALSE) { |
| 634 | 634 | throw new Exception("problem opening the file"); |
| 635 | 635 | } |
| 636 | 636 | fwrite($fileHandle, $blob); |
| 637 | 637 | fclose($fileHandle); |
| 638 | - return(['name' => 'local-info.' . $ext, 'mime' => $ext]); |
|
| 638 | + return(['name' => 'local-info.'.$ext, 'mime' => $ext]); |
|
| 639 | 639 | } |
| 640 | 640 | |
| 641 | 641 | /** |
@@ -686,9 +686,9 @@ discard block |
||
| 686 | 686 | protected function determineOuterIdString() { |
| 687 | 687 | $outerId = NULL; |
| 688 | 688 | if (isset($this->attributes['internal:use_anon_outer']) && $this->attributes['internal:use_anon_outer'][0] == "1" && isset($this->attributes['internal:realm'])) { |
| 689 | - $outerId = "@" . $this->attributes['internal:realm'][0]; |
|
| 689 | + $outerId = "@".$this->attributes['internal:realm'][0]; |
|
| 690 | 690 | if (isset($this->attributes['internal:anon_local_value'])) { |
| 691 | - $outerId = $this->attributes['internal:anon_local_value'][0] . $outerId; |
|
| 691 | + $outerId = $this->attributes['internal:anon_local_value'][0].$outerId; |
|
| 692 | 692 | } |
| 693 | 693 | } |
| 694 | 694 | return $outerId; |
@@ -15,10 +15,10 @@ discard block |
||
| 15 | 15 | |
| 16 | 16 | class CertificationAuthorityEmbeddedRSA extends EntityWithDBProperties implements CertificationAuthorityInterface { |
| 17 | 17 | |
| 18 | - private const LOCATION_ROOT_CA = ROOT . "/config/SilverbulletClientCerts/rootca-RSA.pem"; |
|
| 19 | - private const LOCATION_ISSUING_CA = ROOT . "/config/SilverbulletClientCerts/real-RSA.pem"; |
|
| 20 | - private const LOCATION_ISSUING_KEY = ROOT . "/config/SilverbulletClientCerts/real-RSA.key"; |
|
| 21 | - private const LOCATION_CONFIG = ROOT . "/config/SilverbulletClientCerts/openssl-RSA.cnf"; |
|
| 18 | + private const LOCATION_ROOT_CA = ROOT."/config/SilverbulletClientCerts/rootca-RSA.pem"; |
|
| 19 | + private const LOCATION_ISSUING_CA = ROOT."/config/SilverbulletClientCerts/real-RSA.pem"; |
|
| 20 | + private const LOCATION_ISSUING_KEY = ROOT."/config/SilverbulletClientCerts/real-RSA.key"; |
|
| 21 | + private const LOCATION_CONFIG = ROOT."/config/SilverbulletClientCerts/openssl-RSA.cnf"; |
|
| 22 | 22 | |
| 23 | 23 | /** |
| 24 | 24 | * string with the PEM variant of the root CA |
@@ -64,11 +64,11 @@ discard block |
||
| 64 | 64 | parent::__construct(); |
| 65 | 65 | $this->rootPem = file_get_contents(CertificationAuthorityEmbeddedRSA::LOCATION_ROOT_CA); |
| 66 | 66 | if ($this->rootPem === FALSE) { |
| 67 | - throw new Exception("Root CA PEM file not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_ROOT_CA); |
|
| 67 | + throw new Exception("Root CA PEM file not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_ROOT_CA); |
|
| 68 | 68 | } |
| 69 | 69 | $this->issuingCertRaw = file_get_contents(CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA); |
| 70 | 70 | if ($this->issuingCertRaw === FALSE) { |
| 71 | - throw new Exception("Issuing CA PEM file not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA); |
|
| 71 | + throw new Exception("Issuing CA PEM file not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA); |
|
| 72 | 72 | } |
| 73 | 73 | $rootParsed = openssl_x509_read($this->rootPem); |
| 74 | 74 | $this->issuingCert = openssl_x509_read($this->issuingCertRaw); |
@@ -76,15 +76,15 @@ discard block |
||
| 76 | 76 | throw new Exception("At least one CA PEM file did not parse correctly!"); |
| 77 | 77 | } |
| 78 | 78 | if (stat(CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY) === FALSE) { |
| 79 | - throw new Exception("Private key not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY); |
|
| 79 | + throw new Exception("Private key not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY); |
|
| 80 | 80 | } |
| 81 | - $issuingKeyTemp = openssl_pkey_get_private("file://" . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY); |
|
| 81 | + $issuingKeyTemp = openssl_pkey_get_private("file://".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY); |
|
| 82 | 82 | if ($issuingKeyTemp === FALSE) { |
| 83 | 83 | throw new Exception("The private key did not parse correctly!"); |
| 84 | 84 | } |
| 85 | 85 | $this->issuingKey = $issuingKeyTemp; |
| 86 | 86 | if (stat(CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG) === FALSE) { |
| 87 | - throw new Exception("openssl configuration not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG); |
|
| 87 | + throw new Exception("openssl configuration not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG); |
|
| 88 | 88 | } |
| 89 | 89 | $this->conffile = CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG; |
| 90 | 90 | } |
@@ -126,27 +126,27 @@ discard block |
||
| 126 | 126 | // generate stub index.txt file |
| 127 | 127 | $tempdirArray = \core\common\Entity::createTemporaryDirectory("test"); |
| 128 | 128 | $tempdir = $tempdirArray['dir']; |
| 129 | - $nowIndexTxt = (new \DateTime())->format("ymdHis") . "Z"; |
|
| 130 | - $expiryIndexTxt = $originalExpiry->format("ymdHis") . "Z"; |
|
| 129 | + $nowIndexTxt = (new \DateTime())->format("ymdHis")."Z"; |
|
| 130 | + $expiryIndexTxt = $originalExpiry->format("ymdHis")."Z"; |
|
| 131 | 131 | // serials for our CA are always integers |
| 132 | - $serialHex = strtoupper(dechex((int)$cert->serial)); |
|
| 132 | + $serialHex = strtoupper(dechex((int) $cert->serial)); |
|
| 133 | 133 | if (strlen($serialHex) % 2 == 1) { |
| 134 | - $serialHex = "0" . $serialHex; |
|
| 134 | + $serialHex = "0".$serialHex; |
|
| 135 | 135 | } |
| 136 | 136 | |
| 137 | - $indexStatement = "$certstatus\t$expiryIndexTxt\t" . ($certstatus == "R" ? "$nowIndexTxt,unspecified" : "") . "\t$serialHex\tunknown\t/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$federation/CN=$cert->username\n"; |
|
| 137 | + $indexStatement = "$certstatus\t$expiryIndexTxt\t".($certstatus == "R" ? "$nowIndexTxt,unspecified" : "")."\t$serialHex\tunknown\t/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$federation/CN=$cert->username\n"; |
|
| 138 | 138 | $this->loggerInstance->debug(4, "index.txt contents-to-be: $indexStatement"); |
| 139 | - if (!file_put_contents($tempdir . "/index.txt", $indexStatement)) { |
|
| 139 | + if (!file_put_contents($tempdir."/index.txt", $indexStatement)) { |
|
| 140 | 140 | $this->loggerInstance->debug(1, "Unable to write openssl index.txt file for revocation handling!"); |
| 141 | 141 | } |
| 142 | 142 | // index.txt.attr is dull but needs to exist |
| 143 | - file_put_contents($tempdir . "/index.txt.attr", "unique_subject = yes\n"); |
|
| 143 | + file_put_contents($tempdir."/index.txt.attr", "unique_subject = yes\n"); |
|
| 144 | 144 | // call "openssl ocsp" to manufacture our own OCSP statement |
| 145 | 145 | // adding "-rmd sha1" to the following command-line makes the |
| 146 | 146 | // choice of signature algorithm for the response explicit |
| 147 | 147 | // but it's only available from openssl-1.1.0 (which we do not |
| 148 | 148 | // want to require just for that one thing). |
| 149 | - $execCmd = \config\Master::PATHS['openssl'] . " ocsp -issuer " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA . " -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA . " -rsigner " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA . " -rkey " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY . " -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der"; |
|
| 149 | + $execCmd = \config\Master::PATHS['openssl']." ocsp -issuer ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA." -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA." -rsigner ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA." -rkey ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY." -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der"; |
|
| 150 | 150 | $this->loggerInstance->debug(2, "Calling openssl ocsp with following cmdline: $execCmd\n"); |
| 151 | 151 | $output = []; |
| 152 | 152 | $return = 999; |
@@ -154,11 +154,11 @@ discard block |
||
| 154 | 154 | if ($return !== 0) { |
| 155 | 155 | throw new Exception("Non-zero return value from openssl ocsp!"); |
| 156 | 156 | } |
| 157 | - $ocsp = file_get_contents($tempdir . "/$serialHex.response.der"); |
|
| 157 | + $ocsp = file_get_contents($tempdir."/$serialHex.response.der"); |
|
| 158 | 158 | // remove the temp dir! |
| 159 | - unlink($tempdir . "/$serialHex.response.der"); |
|
| 160 | - unlink($tempdir . "/index.txt.attr"); |
|
| 161 | - unlink($tempdir . "/index.txt"); |
|
| 159 | + unlink($tempdir."/$serialHex.response.der"); |
|
| 160 | + unlink($tempdir."/index.txt.attr"); |
|
| 161 | + unlink($tempdir."/index.txt"); |
|
| 162 | 162 | rmdir($tempdir); |
| 163 | 163 | $this->databaseHandle->exec("UPDATE silverbullet_certificate SET OCSP = ?, OCSP_timestamp = NOW() WHERE serial_number = ?", "si", $ocsp, $cert->serial); |
| 164 | 164 | return $ocsp; |
@@ -15,10 +15,10 @@ discard block |
||
| 15 | 15 | |
| 16 | 16 | class CertificationAuthorityEmbeddedECDSA extends EntityWithDBProperties implements CertificationAuthorityInterface { |
| 17 | 17 | |
| 18 | - private const LOCATION_ROOT_CA = ROOT . "/config/SilverbulletClientCerts/rootca-ECDSA.pem"; |
|
| 19 | - private const LOCATION_ISSUING_CA = ROOT . "/config/SilverbulletClientCerts/real-ECDSA.pem"; |
|
| 20 | - private const LOCATION_ISSUING_KEY = ROOT . "/config/SilverbulletClientCerts/real-ECDSA.key"; |
|
| 21 | - private const LOCATION_CONFIG = ROOT . "/config/SilverbulletClientCerts/openssl-ECDSA.cnf"; |
|
| 18 | + private const LOCATION_ROOT_CA = ROOT."/config/SilverbulletClientCerts/rootca-ECDSA.pem"; |
|
| 19 | + private const LOCATION_ISSUING_CA = ROOT."/config/SilverbulletClientCerts/real-ECDSA.pem"; |
|
| 20 | + private const LOCATION_ISSUING_KEY = ROOT."/config/SilverbulletClientCerts/real-ECDSA.key"; |
|
| 21 | + private const LOCATION_CONFIG = ROOT."/config/SilverbulletClientCerts/openssl-ECDSA.cnf"; |
|
| 22 | 22 | |
| 23 | 23 | /** |
| 24 | 24 | * string with the PEM variant of the root CA |
@@ -64,11 +64,11 @@ discard block |
||
| 64 | 64 | parent::__construct(); |
| 65 | 65 | $this->rootPem = file_get_contents(CertificationAuthorityEmbeddedECDSA::LOCATION_ROOT_CA); |
| 66 | 66 | if ($this->rootPem === FALSE) { |
| 67 | - throw new Exception("Root CA PEM file not found: " . CertificationAuthorityEmbeddedECDSA::LOCATION_ROOT_CA); |
|
| 67 | + throw new Exception("Root CA PEM file not found: ".CertificationAuthorityEmbeddedECDSA::LOCATION_ROOT_CA); |
|
| 68 | 68 | } |
| 69 | 69 | $this->issuingCertRaw = file_get_contents(CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA); |
| 70 | 70 | if ($this->issuingCertRaw === FALSE) { |
| 71 | - throw new Exception("Issuing CA PEM file not found: " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA); |
|
| 71 | + throw new Exception("Issuing CA PEM file not found: ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA); |
|
| 72 | 72 | } |
| 73 | 73 | $rootParsed = openssl_x509_read($this->rootPem); |
| 74 | 74 | $this->issuingCert = openssl_x509_read($this->issuingCertRaw); |
@@ -76,15 +76,15 @@ discard block |
||
| 76 | 76 | throw new Exception("At least one CA PEM file did not parse correctly!"); |
| 77 | 77 | } |
| 78 | 78 | if (stat(CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY) === FALSE) { |
| 79 | - throw new Exception("Private key not found: " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY); |
|
| 79 | + throw new Exception("Private key not found: ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY); |
|
| 80 | 80 | } |
| 81 | - $issuingKeyTemp = openssl_pkey_get_private("file://" . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY); |
|
| 81 | + $issuingKeyTemp = openssl_pkey_get_private("file://".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY); |
|
| 82 | 82 | if ($issuingKeyTemp === FALSE) { |
| 83 | 83 | throw new Exception("The private key did not parse correctly!"); |
| 84 | 84 | } |
| 85 | 85 | $this->issuingKey = $issuingKeyTemp; |
| 86 | 86 | if (stat(CertificationAuthorityEmbeddedECDSA::LOCATION_CONFIG) === FALSE) { |
| 87 | - throw new Exception("openssl configuration not found: " . CertificationAuthorityEmbeddedECDSA::LOCATION_CONFIG); |
|
| 87 | + throw new Exception("openssl configuration not found: ".CertificationAuthorityEmbeddedECDSA::LOCATION_CONFIG); |
|
| 88 | 88 | } |
| 89 | 89 | $this->conffile = CertificationAuthorityEmbeddedECDSA::LOCATION_CONFIG; |
| 90 | 90 | } |
@@ -126,27 +126,27 @@ discard block |
||
| 126 | 126 | // generate stub index.txt file |
| 127 | 127 | $tempdirArray = \core\common\Entity::createTemporaryDirectory("test"); |
| 128 | 128 | $tempdir = $tempdirArray['dir']; |
| 129 | - $nowIndexTxt = (new \DateTime())->format("ymdHis") . "Z"; |
|
| 130 | - $expiryIndexTxt = $originalExpiry->format("ymdHis") . "Z"; |
|
| 129 | + $nowIndexTxt = (new \DateTime())->format("ymdHis")."Z"; |
|
| 130 | + $expiryIndexTxt = $originalExpiry->format("ymdHis")."Z"; |
|
| 131 | 131 | // serials for our CA are always integers |
| 132 | - $serialHex = strtoupper(dechex((int)$cert->serial)); |
|
| 132 | + $serialHex = strtoupper(dechex((int) $cert->serial)); |
|
| 133 | 133 | if (strlen($serialHex) % 2 == 1) { |
| 134 | - $serialHex = "0" . $serialHex; |
|
| 134 | + $serialHex = "0".$serialHex; |
|
| 135 | 135 | } |
| 136 | 136 | |
| 137 | - $indexStatement = "$certstatus\t$expiryIndexTxt\t" . ($certstatus == "R" ? "$nowIndexTxt,unspecified" : "") . "\t$serialHex\tunknown\t/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$federation/CN=$cert->username\n"; |
|
| 137 | + $indexStatement = "$certstatus\t$expiryIndexTxt\t".($certstatus == "R" ? "$nowIndexTxt,unspecified" : "")."\t$serialHex\tunknown\t/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$federation/CN=$cert->username\n"; |
|
| 138 | 138 | $this->loggerInstance->debug(4, "index.txt contents-to-be: $indexStatement"); |
| 139 | - if (!file_put_contents($tempdir . "/index.txt", $indexStatement)) { |
|
| 139 | + if (!file_put_contents($tempdir."/index.txt", $indexStatement)) { |
|
| 140 | 140 | $this->loggerInstance->debug(1, "Unable to write openssl index.txt file for revocation handling!"); |
| 141 | 141 | } |
| 142 | 142 | // index.txt.attr is dull but needs to exist |
| 143 | - file_put_contents($tempdir . "/index.txt.attr", "unique_subject = yes\n"); |
|
| 143 | + file_put_contents($tempdir."/index.txt.attr", "unique_subject = yes\n"); |
|
| 144 | 144 | // call "openssl ocsp" to manufacture our own OCSP statement |
| 145 | 145 | // adding "-rmd sha1" to the following command-line makes the |
| 146 | 146 | // choice of signature algorithm for the response explicit |
| 147 | 147 | // but it's only available from openssl-1.1.0 (which we do not |
| 148 | 148 | // want to require just for that one thing). |
| 149 | - $execCmd = \config\Master::PATHS['openssl'] . " ocsp -issuer " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA . " -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA . " -rsigner " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA . " -rkey " . CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY . " -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der"; |
|
| 149 | + $execCmd = \config\Master::PATHS['openssl']." ocsp -issuer ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA." -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA." -rsigner ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_CA." -rkey ".CertificationAuthorityEmbeddedECDSA::LOCATION_ISSUING_KEY." -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der"; |
|
| 150 | 150 | $this->loggerInstance->debug(2, "Calling openssl ocsp with following cmdline: $execCmd\n"); |
| 151 | 151 | $output = []; |
| 152 | 152 | $return = 999; |
@@ -154,11 +154,11 @@ discard block |
||
| 154 | 154 | if ($return !== 0) { |
| 155 | 155 | throw new Exception("Non-zero return value from openssl ocsp!"); |
| 156 | 156 | } |
| 157 | - $ocsp = file_get_contents($tempdir . "/$serialHex.response.der"); |
|
| 157 | + $ocsp = file_get_contents($tempdir."/$serialHex.response.der"); |
|
| 158 | 158 | // remove the temp dir! |
| 159 | - unlink($tempdir . "/$serialHex.response.der"); |
|
| 160 | - unlink($tempdir . "/index.txt.attr"); |
|
| 161 | - unlink($tempdir . "/index.txt"); |
|
| 159 | + unlink($tempdir."/$serialHex.response.der"); |
|
| 160 | + unlink($tempdir."/index.txt.attr"); |
|
| 161 | + unlink($tempdir."/index.txt"); |
|
| 162 | 162 | rmdir($tempdir); |
| 163 | 163 | $this->databaseHandle->exec("UPDATE silverbullet_certificate SET OCSP = ?, OCSP_timestamp = NOW() WHERE serial_number = ?", "si", $ocsp, $cert->serial); |
| 164 | 164 | return $ocsp; |
@@ -50,19 +50,19 @@ discard block |
||
| 50 | 50 | |
| 51 | 51 | array_push($FAQ, [ |
| 52 | 52 | 'title' => sprintf(_("Is it safe to use %s installers?"), \config\Master::APPEARANCE['productname']), |
| 53 | - 'text' => sprintf(_("%s installers configure security settings on your device, therefore you should be sure that you are using genuine ones."), \config\Master::APPEARANCE['productname']) . ' ' . ( isset(\config\ConfAssistant::CONSORTIUM['signer_name']) && \config\ConfAssistant::CONSORTIUM['signer_name'] != "" ? sprintf(_("This is why %s installers are digitally signed by %s. Watch out for a system message confirming this."), \config\Master::APPEARANCE['productname'], \config\ConfAssistant::CONSORTIUM['signer_name']) : ""), |
|
| 53 | + 'text' => sprintf(_("%s installers configure security settings on your device, therefore you should be sure that you are using genuine ones."), \config\Master::APPEARANCE['productname']).' '.(isset(\config\ConfAssistant::CONSORTIUM['signer_name']) && \config\ConfAssistant::CONSORTIUM['signer_name'] != "" ? sprintf(_("This is why %s installers are digitally signed by %s. Watch out for a system message confirming this."), \config\Master::APPEARANCE['productname'], \config\ConfAssistant::CONSORTIUM['signer_name']) : ""), |
|
| 54 | 54 | ]); |
| 55 | 55 | |
| 56 | 56 | array_push($FAQ, [ |
| 57 | 57 | 'title' => _("Windows 'SmartScreen' or 'Internet Explorer' tell me that the file is not commonly downloaded and possibly harmful. Should I be concerned?"), |
| 58 | - 'text' => _("Contrary to what the name suggests, 'SmartScreen' isn't actually very smart. The warning merely means that the file has not yet been downloaded by enough users to make Microsoft consider it popular (which would strangely enough make it be considered 'safe'). This message alone is not a security problem.") . " " . (isset(\config\ConfAssistant::CONSORTIUM['signer_name']) && \config\ConfAssistant::CONSORTIUM['signer_name'] != "" ? sprintf(_("So long as the file is carrying a valid signature from %s, the download is safe."), \config\ConfAssistant::CONSORTIUM['signer_name']) . " " : "") . sprintf(_("Please see also Microsoft's FAQ regarding SmartScreen at %s."), "<a href='http://windows.microsoft.com/en-US/windows7/SmartScreen-Filter-frequently-asked-questions-IE9?SignedIn=1'>Microsoft FAQ</a>") |
|
| 58 | + 'text' => _("Contrary to what the name suggests, 'SmartScreen' isn't actually very smart. The warning merely means that the file has not yet been downloaded by enough users to make Microsoft consider it popular (which would strangely enough make it be considered 'safe'). This message alone is not a security problem.")." ".(isset(\config\ConfAssistant::CONSORTIUM['signer_name']) && \config\ConfAssistant::CONSORTIUM['signer_name'] != "" ? sprintf(_("So long as the file is carrying a valid signature from %s, the download is safe."), \config\ConfAssistant::CONSORTIUM['signer_name'])." " : "").sprintf(_("Please see also Microsoft's FAQ regarding SmartScreen at %s."), "<a href='http://windows.microsoft.com/en-US/windows7/SmartScreen-Filter-frequently-asked-questions-IE9?SignedIn=1'>Microsoft FAQ</a>") |
|
| 59 | 59 | ]); |
| 60 | 60 | |
| 61 | 61 | if (\config\Master::FUNCTIONALITY_LOCATIONS['DIAGNOSTICS'] == NULL) { |
| 62 | 62 | $text = sprintf(_("There can be a number of different reasons. The network you see may not be a genuine %s one and your device silently drops the connection attempt; there may be something wrong with the configuration of the network; your account may have expired; there may be a connection problem with your home authentication server; you may have broken the regulations of the network you are using and have been refused access as a consequence. You should contact your organisation and report the problem, the administrators should be able to trace your connections."), \config\ConfAssistant::CONSORTIUM['display_name']); |
| 63 | 63 | } else { |
| 64 | 64 | if (\config\Master::FUNCTIONALITY_LOCATIONS['DIAGNOSTICS'] == 'LOCAL') { |
| 65 | - $diagUrl = \config\Master::PATHS['cat_base_url'] . "diag/"; |
|
| 65 | + $diagUrl = \config\Master::PATHS['cat_base_url']."diag/"; |
|
| 66 | 66 | } else { |
| 67 | 67 | $diagUrl = \config\Master::FUNCTIONALITY_LOCATIONS['DIAGNOSTICS']; |
| 68 | 68 | } |
@@ -99,8 +99,8 @@ discard block |
||
| 99 | 99 | $tocText = ""; |
| 100 | 100 | $fullText = ""; |
| 101 | 101 | foreach ($FAQ as $faq) { |
| 102 | - $tocText .= '<a href="#toc' . $counter . '">' . $faq['title'] . "</a><br>\n"; |
|
| 103 | - $fullText .= "<dt><a name=toc$counter>" . $faq['title'] . "</a></dt>\n<dd>" . $faq['text'] . "</dd>\n"; |
|
| 102 | + $tocText .= '<a href="#toc'.$counter.'">'.$faq['title']."</a><br>\n"; |
|
| 103 | + $fullText .= "<dt><a name=toc$counter>".$faq['title']."</a></dt>\n<dd>".$faq['text']."</dd>\n"; |
|
| 104 | 104 | $counter++; |
| 105 | 105 | } |
| 106 | 106 | ?> |
@@ -26,7 +26,7 @@ discard block |
||
| 26 | 26 | */ |
| 27 | 27 | ?> |
| 28 | 28 | <?php |
| 29 | -require_once dirname(dirname(dirname(__FILE__))) . "/config/_config.php"; |
|
| 29 | +require_once dirname(dirname(dirname(__FILE__)))."/config/_config.php"; |
|
| 30 | 30 | |
| 31 | 31 | $auth = new \web\lib\admin\Authentication(); |
| 32 | 32 | $deco = new \web\lib\admin\PageDecoration(); |
@@ -61,7 +61,7 @@ discard block |
||
| 61 | 61 | ?> |
| 62 | 62 | </h1> |
| 63 | 63 | <div class='infobox'> |
| 64 | - <h2><?php echo sprintf(_("%s Properties"),$uiElements->nomenclatureFed); ?></h2> |
|
| 64 | + <h2><?php echo sprintf(_("%s Properties"), $uiElements->nomenclatureFed); ?></h2> |
|
| 65 | 65 | <table> |
| 66 | 66 | <tr> |
| 67 | 67 | <td><?php echo _("Country:"); ?></td> |
@@ -72,11 +72,11 @@ discard block |
||
| 72 | 72 | </table> |
| 73 | 73 | </div> |
| 74 | 74 | <?php |
| 75 | - echo "<form enctype='multipart/form-data' action='edit_federation_result.php?fed_id=$my_fed->tld" . "' method='post' accept-charset='UTF-8'> |
|
| 76 | - <input type='hidden' name='MAX_FILE_SIZE' value='" . \config\Master::MAX_UPLOAD_SIZE . "'>"; |
|
| 75 | + echo "<form enctype='multipart/form-data' action='edit_federation_result.php?fed_id=$my_fed->tld"."' method='post' accept-charset='UTF-8'> |
|
| 76 | + <input type='hidden' name='MAX_FILE_SIZE' value='" . \config\Master::MAX_UPLOAD_SIZE."'>"; |
|
| 77 | 77 | ?> |
| 78 | 78 | <fieldset class="option_container"> |
| 79 | - <legend><strong><?php echo sprintf(_("%s Properties"),$uiElements->nomenclatureFed); ?></strong></legend> |
|
| 79 | + <legend><strong><?php echo sprintf(_("%s Properties"), $uiElements->nomenclatureFed); ?></strong></legend> |
|
| 80 | 80 | <?php |
| 81 | 81 | $optionDisplay = new \web\lib\admin\OptionDisplay($fed_options, "FED"); |
| 82 | 82 | echo $optionDisplay->prefilledOptionTable("fed"); |
@@ -84,5 +84,5 @@ discard block |
||
| 84 | 84 | <button type='button' class='newoption' onclick='getXML("fed")'><?php echo _("Add new option"); ?></button> |
| 85 | 85 | </fieldset> |
| 86 | 86 | <?php |
| 87 | - echo "<div><button type='submit' name='submitbutton' value='" . web\lib\common\FormElements::BUTTON_SAVE . "'>" . _("Save data") . "</button> <button type='button' class='delete' name='abortbutton' value='abort' onclick='javascript:window.location = \"overview_federation.php\"'>" . _("Discard changes") . "</button></div></form>"; |
|
| 87 | + echo "<div><button type='submit' name='submitbutton' value='".web\lib\common\FormElements::BUTTON_SAVE."'>"._("Save data")."</button> <button type='button' class='delete' name='abortbutton' value='abort' onclick='javascript:window.location = \"overview_federation.php\"'>"._("Discard changes")."</button></div></form>"; |
|
| 88 | 88 | echo $deco->footer(); |
