GEANT /
CAT
@@ -75,9 +75,9 @@ discard block |
||
| 75 | 75 | $loggerInstance = new \core\common\Logging(); |
| 76 | 76 | $olddomain = textdomain(NULL); |
| 77 | 77 | $loggerInstance->debug(4, "set_locale($domain)\n"); |
| 78 | - $loggerInstance->debug(4, ROOT . "\n"); |
|
| 78 | + $loggerInstance->debug(4, ROOT."\n"); |
|
| 79 | 79 | textdomain($domain); |
| 80 | - bindtextdomain($domain, ROOT . "/translation/"); |
|
| 80 | + bindtextdomain($domain, ROOT."/translation/"); |
|
| 81 | 81 | return $olddomain; |
| 82 | 82 | } |
| 83 | 83 | |
@@ -128,7 +128,7 @@ discard block |
||
| 128 | 128 | |
| 129 | 129 | // check if this language is supported by the CAT config |
| 130 | 130 | foreach (\config\Master::LANGUAGES as $language => $value) { |
| 131 | - if (preg_match("/^" . $language . ".*/", $tryLang)) { |
|
| 131 | + if (preg_match("/^".$language.".*/", $tryLang)) { |
|
| 132 | 132 | $localeTmp = $value['locale']; |
| 133 | 133 | $langIndex = $language; // ??? |
| 134 | 134 | break; |
@@ -143,7 +143,7 @@ discard block |
||
| 143 | 143 | } |
| 144 | 144 | } |
| 145 | 145 | } |
| 146 | - putenv("LC_ALL=" . $theLocale); |
|
| 146 | + putenv("LC_ALL=".$theLocale); |
|
| 147 | 147 | $_SESSION['language'] = $langIndex; |
| 148 | 148 | $loggerInstance = new \core\common\Logging(); |
| 149 | 149 | $loggerInstance->debug(4, "selected lang:$langIndex:$theLocale\n"); |
@@ -88,7 +88,7 @@ |
||
| 88 | 88 | public function der2pem($derData) |
| 89 | 89 | { |
| 90 | 90 | $pem = chunk_split(base64_encode($derData), 64, "\n"); |
| 91 | - $pem = "-----BEGIN CERTIFICATE-----\n" . $pem . "-----END CERTIFICATE-----\n"; |
|
| 91 | + $pem = "-----BEGIN CERTIFICATE-----\n".$pem."-----END CERTIFICATE-----\n"; |
|
| 92 | 92 | return $pem; |
| 93 | 93 | } |
| 94 | 94 | |
@@ -49,7 +49,7 @@ discard block |
||
| 49 | 49 | */ |
| 50 | 50 | private function writeToFile($filename, $message) |
| 51 | 51 | { |
| 52 | - file_put_contents(\config\Master::PATHS['logdir'] . "/$filename", sprintf("%-015s", microtime(TRUE)) . $message, FILE_APPEND); |
|
| 52 | + file_put_contents(\config\Master::PATHS['logdir']."/$filename", sprintf("%-015s", microtime(TRUE)).$message, FILE_APPEND); |
|
| 53 | 53 | } |
| 54 | 54 | |
| 55 | 55 | /** |
@@ -81,7 +81,7 @@ discard block |
||
| 81 | 81 | } else { |
| 82 | 82 | $output .= var_export($stuff, TRUE); |
| 83 | 83 | } |
| 84 | - $output = $prefix . $output . $suffix; |
|
| 84 | + $output = $prefix.$output.$suffix; |
|
| 85 | 85 | $this->writeToFile("debug.log", $output); |
| 86 | 86 | |
| 87 | 87 | return; |
@@ -129,6 +129,6 @@ discard block |
||
| 129 | 129 | $logTextStep1 = preg_replace("/[\n\r]/", "", $query); |
| 130 | 130 | $logTextStep2 = preg_replace("/ +/", " ", $logTextStep1); |
| 131 | 131 | $logTextStep3 = iconv("UTF-8", "UTF-8//IGNORE", $logTextStep2); |
| 132 | - $this->writeToFile("audit-SQL.log", " " . $logTextStep3 . "\n"); |
|
| 132 | + $this->writeToFile("audit-SQL.log", " ".$logTextStep3."\n"); |
|
| 133 | 133 | } |
| 134 | 134 | } |
| 135 | 135 | \ No newline at end of file |
@@ -69,7 +69,7 @@ discard block |
||
| 69 | 69 | $returnArray = []; |
| 70 | 70 | $returnArray['status'] = $status; |
| 71 | 71 | $returnArray['data'] = $data; |
| 72 | - $returnArray['tou'] = "Please consult Terms of Use at: //" . $host . \core\CAT::getRootUrlPath() . "/tou.php"; |
|
| 72 | + $returnArray['tou'] = "Please consult Terms of Use at: //".$host.\core\CAT::getRootUrlPath()."/tou.php"; |
|
| 73 | 73 | if (!empty($otherData)) { |
| 74 | 74 | $returnArray['otherdata'] = $otherData; |
| 75 | 75 | } |
@@ -311,8 +311,8 @@ discard block |
||
| 311 | 311 | public function sendLogo($identifier, $type, $width, $height) |
| 312 | 312 | { |
| 313 | 313 | $logo = $this->getLogo($identifier, $type, $width, $height); |
| 314 | - $blob = $logo === NULL ? file_get_contents(ROOT . '/web/resources/images/empty.png') : $logo['blob']; |
|
| 315 | - header("Content-type: " . $logo['filetype']); |
|
| 314 | + $blob = $logo === NULL ? file_get_contents(ROOT.'/web/resources/images/empty.png') : $logo['blob']; |
|
| 315 | + header("Content-type: ".$logo['filetype']); |
|
| 316 | 316 | header("Cache-Control:max-age=36000, must-revalidate"); |
| 317 | 317 | header($logo['expires']); |
| 318 | 318 | echo $blob; |
@@ -65,8 +65,8 @@ discard block |
||
| 65 | 65 | parent::__construct(); |
| 66 | 66 | $Dev = \devices\Devices::listDevices(); |
| 67 | 67 | if (isset($Dev[$blueprint])) { |
| 68 | - $this->loggerInstance->debug(4, "loaded: devices/" . $Dev[$blueprint]['directory'] . "/" . $Dev[$blueprint]['module'] . ".php\n"); |
|
| 69 | - $class_name = "\devices\\" . $Dev[$blueprint]['directory'] . "\Device" . $Dev[$blueprint]['module']; |
|
| 68 | + $this->loggerInstance->debug(4, "loaded: devices/".$Dev[$blueprint]['directory']."/".$Dev[$blueprint]['module'].".php\n"); |
|
| 69 | + $class_name = "\devices\\".$Dev[$blueprint]['directory']."\Device".$Dev[$blueprint]['module']; |
|
| 70 | 70 | $this->device = new $class_name(); |
| 71 | 71 | if (!$this->device) { |
| 72 | 72 | $this->loggerInstance->debug(2, "module loading failed"); |
@@ -75,7 +75,7 @@ discard block |
||
| 75 | 75 | } else { |
| 76 | 76 | echo("unknown devicename:$blueprint\n"); |
| 77 | 77 | } |
| 78 | - $this->device->module_path = ROOT . '/devices/' . $Dev[$blueprint]['directory']; |
|
| 78 | + $this->device->module_path = ROOT.'/devices/'.$Dev[$blueprint]['directory']; |
|
| 79 | 79 | $this->device->signer = isset($Dev[$blueprint]['signer']) ? $Dev[$blueprint]['signer'] : 0; |
| 80 | 80 | $this->device->device_id = $blueprint; |
| 81 | 81 | $options = \devices\Devices::$Options; |
@@ -16,10 +16,10 @@ discard block |
||
| 16 | 16 | class CertificationAuthorityEmbeddedRSA extends EntityWithDBProperties implements CertificationAuthorityInterface |
| 17 | 17 | { |
| 18 | 18 | |
| 19 | - private const LOCATION_ROOT_CA = ROOT . "/config/SilverbulletClientCerts/rootca-RSA.pem"; |
|
| 20 | - private const LOCATION_ISSUING_CA = ROOT . "/config/SilverbulletClientCerts/real-RSA.pem"; |
|
| 21 | - private const LOCATION_ISSUING_KEY = ROOT . "/config/SilverbulletClientCerts/real-RSA.key"; |
|
| 22 | - private const LOCATION_CONFIG = ROOT . "/config/SilverbulletClientCerts/openssl-RSA.cnf"; |
|
| 19 | + private const LOCATION_ROOT_CA = ROOT."/config/SilverbulletClientCerts/rootca-RSA.pem"; |
|
| 20 | + private const LOCATION_ISSUING_CA = ROOT."/config/SilverbulletClientCerts/real-RSA.pem"; |
|
| 21 | + private const LOCATION_ISSUING_KEY = ROOT."/config/SilverbulletClientCerts/real-RSA.key"; |
|
| 22 | + private const LOCATION_CONFIG = ROOT."/config/SilverbulletClientCerts/openssl-RSA.cnf"; |
|
| 23 | 23 | |
| 24 | 24 | /** |
| 25 | 25 | * string with the PEM variant of the root CA |
@@ -66,11 +66,11 @@ discard block |
||
| 66 | 66 | parent::__construct(); |
| 67 | 67 | $this->rootPem = file_get_contents(CertificationAuthorityEmbeddedRSA::LOCATION_ROOT_CA); |
| 68 | 68 | if ($this->rootPem === FALSE) { |
| 69 | - throw new Exception("Root CA PEM file not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_ROOT_CA); |
|
| 69 | + throw new Exception("Root CA PEM file not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_ROOT_CA); |
|
| 70 | 70 | } |
| 71 | 71 | $this->issuingCertRaw = file_get_contents(CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA); |
| 72 | 72 | if ($this->issuingCertRaw === FALSE) { |
| 73 | - throw new Exception("Issuing CA PEM file not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA); |
|
| 73 | + throw new Exception("Issuing CA PEM file not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA); |
|
| 74 | 74 | } |
| 75 | 75 | $rootParsed = openssl_x509_read($this->rootPem); |
| 76 | 76 | $this->issuingCert = openssl_x509_read($this->issuingCertRaw); |
@@ -78,15 +78,15 @@ discard block |
||
| 78 | 78 | throw new Exception("At least one CA PEM file did not parse correctly!"); |
| 79 | 79 | } |
| 80 | 80 | if (stat(CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY) === FALSE) { |
| 81 | - throw new Exception("Private key not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY); |
|
| 81 | + throw new Exception("Private key not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY); |
|
| 82 | 82 | } |
| 83 | - $issuingKeyTemp = openssl_pkey_get_private("file://" . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY); |
|
| 83 | + $issuingKeyTemp = openssl_pkey_get_private("file://".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY); |
|
| 84 | 84 | if ($issuingKeyTemp === FALSE) { |
| 85 | 85 | throw new Exception("The private key did not parse correctly!"); |
| 86 | 86 | } |
| 87 | 87 | $this->issuingKey = $issuingKeyTemp; |
| 88 | 88 | if (stat(CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG) === FALSE) { |
| 89 | - throw new Exception("openssl configuration not found: " . CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG); |
|
| 89 | + throw new Exception("openssl configuration not found: ".CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG); |
|
| 90 | 90 | } |
| 91 | 91 | $this->conffile = CertificationAuthorityEmbeddedRSA::LOCATION_CONFIG; |
| 92 | 92 | } |
@@ -129,27 +129,27 @@ discard block |
||
| 129 | 129 | // generate stub index.txt file |
| 130 | 130 | $tempdirArray = \core\common\Entity::createTemporaryDirectory("test"); |
| 131 | 131 | $tempdir = $tempdirArray['dir']; |
| 132 | - $nowIndexTxt = (new \DateTime())->format("ymdHis") . "Z"; |
|
| 133 | - $expiryIndexTxt = $originalExpiry->format("ymdHis") . "Z"; |
|
| 132 | + $nowIndexTxt = (new \DateTime())->format("ymdHis")."Z"; |
|
| 133 | + $expiryIndexTxt = $originalExpiry->format("ymdHis")."Z"; |
|
| 134 | 134 | // serials for our CA are always integers |
| 135 | 135 | $serialHex = strtoupper(dechex((int) $cert->serial)); |
| 136 | 136 | if (strlen($serialHex) % 2 == 1) { |
| 137 | - $serialHex = "0" . $serialHex; |
|
| 137 | + $serialHex = "0".$serialHex; |
|
| 138 | 138 | } |
| 139 | 139 | |
| 140 | - $indexStatement = "$certstatus\t$expiryIndexTxt\t" . ($certstatus == "R" ? "$nowIndexTxt,unspecified" : "") . "\t$serialHex\tunknown\t/O=" . \config\ConfAssistant::CONSORTIUM['name'] . "/OU=$federation/CN=$cert->username\n"; |
|
| 140 | + $indexStatement = "$certstatus\t$expiryIndexTxt\t".($certstatus == "R" ? "$nowIndexTxt,unspecified" : "")."\t$serialHex\tunknown\t/O=".\config\ConfAssistant::CONSORTIUM['name']."/OU=$federation/CN=$cert->username\n"; |
|
| 141 | 141 | $this->loggerInstance->debug(4, "index.txt contents-to-be: $indexStatement"); |
| 142 | - if (!file_put_contents($tempdir . "/index.txt", $indexStatement)) { |
|
| 142 | + if (!file_put_contents($tempdir."/index.txt", $indexStatement)) { |
|
| 143 | 143 | $this->loggerInstance->debug(1, "Unable to write openssl index.txt file for revocation handling!"); |
| 144 | 144 | } |
| 145 | 145 | // index.txt.attr is dull but needs to exist |
| 146 | - file_put_contents($tempdir . "/index.txt.attr", "unique_subject = yes\n"); |
|
| 146 | + file_put_contents($tempdir."/index.txt.attr", "unique_subject = yes\n"); |
|
| 147 | 147 | // call "openssl ocsp" to manufacture our own OCSP statement |
| 148 | 148 | // adding "-rmd sha1" to the following command-line makes the |
| 149 | 149 | // choice of signature algorithm for the response explicit |
| 150 | 150 | // but it's only available from openssl-1.1.0 (which we do not |
| 151 | 151 | // want to require just for that one thing). |
| 152 | - $execCmd = \config\Master::PATHS['openssl'] . " ocsp -issuer " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA . " -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA . " -rsigner " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA . " -rkey " . CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY . " -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der"; |
|
| 152 | + $execCmd = \config\Master::PATHS['openssl']." ocsp -issuer ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA." -sha1 -ndays 10 -no_nonce -serial 0x$serialHex -CA ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA." -rsigner ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_CA." -rkey ".CertificationAuthorityEmbeddedRSA::LOCATION_ISSUING_KEY." -index $tempdir/index.txt -no_cert_verify -respout $tempdir/$serialHex.response.der"; |
|
| 153 | 153 | $this->loggerInstance->debug(2, "Calling openssl ocsp with following cmdline: $execCmd\n"); |
| 154 | 154 | $output = []; |
| 155 | 155 | $return = 999; |
@@ -157,11 +157,11 @@ discard block |
||
| 157 | 157 | if ($return !== 0) { |
| 158 | 158 | throw new Exception("Non-zero return value from openssl ocsp!"); |
| 159 | 159 | } |
| 160 | - $ocsp = file_get_contents($tempdir . "/$serialHex.response.der"); |
|
| 160 | + $ocsp = file_get_contents($tempdir."/$serialHex.response.der"); |
|
| 161 | 161 | // remove the temp dir! |
| 162 | - unlink($tempdir . "/$serialHex.response.der"); |
|
| 163 | - unlink($tempdir . "/index.txt.attr"); |
|
| 164 | - unlink($tempdir . "/index.txt"); |
|
| 162 | + unlink($tempdir."/$serialHex.response.der"); |
|
| 163 | + unlink($tempdir."/index.txt.attr"); |
|
| 164 | + unlink($tempdir."/index.txt"); |
|
| 165 | 165 | rmdir($tempdir); |
| 166 | 166 | $this->databaseHandle->exec("UPDATE silverbullet_certificate SET OCSP = ?, OCSP_timestamp = NOW() WHERE serial_number = ?", "si", $ocsp, $cert->serial); |
| 167 | 167 | return $ocsp; |
@@ -108,7 +108,7 @@ discard block |
||
| 108 | 108 | "TXT" => _("If you use more than one device: do your other devices still work?"), |
| 109 | 109 | "FACTOR_YES" => 0.33, // seems that all is okay with the account as such |
| 110 | 110 | "FACTOR_NO" => 3, // now that is suspicious indeed |
| 111 | - "VERDICTLECTURE" => _("If all devices stopped working simultaneously, there may be a problem with your account as such. Maybe your account expired, or you were forced to change the password? These questions are best answered by your Identity Provider [MGW: display contact info]"),], |
|
| 111 | + "VERDICTLECTURE" => _("If all devices stopped working simultaneously, there may be a problem with your account as such. Maybe your account expired, or you were forced to change the password? These questions are best answered by your Identity Provider [MGW: display contact info]"), ], |
|
| 112 | 112 | 6 => ["AREA" => AbstractTest::INFRA_SP_80211, |
| 113 | 113 | "TXT" => _("Is the place you are currently at heavily crowded, or is a network-intensive workload going on?"), |
| 114 | 114 | "FACTOR_YES" => 3, |
@@ -144,11 +144,11 @@ discard block |
||
| 144 | 144 | $questionDetails = $this->qaArray[$questionNumber]; |
| 145 | 145 | if ($answer === TRUE) { |
| 146 | 146 | $this->possibleFailureReasons[$questionDetails['AREA']] = $this->possibleFailureReasons[$questionDetails['AREA']] * $questionDetails["FACTOR_YES"]; |
| 147 | - $this->loggerInstance->debug(3, "Adjusting " . $questionDetails['AREA'] . " by " . $questionDetails["FACTOR_YES"] . "\n"); |
|
| 147 | + $this->loggerInstance->debug(3, "Adjusting ".$questionDetails['AREA']." by ".$questionDetails["FACTOR_YES"]."\n"); |
|
| 148 | 148 | $factor = $questionDetails["FACTOR_YES"]; |
| 149 | 149 | } elseif ($answer === FALSE) { |
| 150 | 150 | $this->possibleFailureReasons[$questionDetails['AREA']] = $this->possibleFailureReasons[$questionDetails['AREA']] * $questionDetails["FACTOR_NO"]; |
| 151 | - $this->loggerInstance->debug(3, "Adjusting " . $questionDetails['AREA'] . " by " . $questionDetails["FACTOR_NO"] . "\n"); |
|
| 151 | + $this->loggerInstance->debug(3, "Adjusting ".$questionDetails['AREA']." by ".$questionDetails["FACTOR_NO"]."\n"); |
|
| 152 | 152 | $factor = $questionDetails["FACTOR_NO"]; |
| 153 | 153 | } else { |
| 154 | 154 | $factor = 1; |
@@ -183,7 +183,7 @@ discard block |
||
| 183 | 183 | // if both are identical, take any of the questions in the pool of both |
| 184 | 184 | foreach ($this->qaArray as $questionNumber => $questionDetails) { |
| 185 | 185 | // if we find a question we didn't ask before AND it is related to our currently high-scoring problem area, ask it |
| 186 | - if (!array_key_exists($questionNumber, $this->previousQuestions) && ( $questionDetails["AREA"] == $highestCategory || $questionDetails["AREA"] == $nextCategory)) { |
|
| 186 | + if (!array_key_exists($questionNumber, $this->previousQuestions) && ($questionDetails["AREA"] == $highestCategory || $questionDetails["AREA"] == $nextCategory)) { |
|
| 187 | 187 | return json_encode(["NEXTEXISTS" => TRUE, "NUMBER" => $questionNumber, "TEXT" => $questionDetails["TXT"]]); |
| 188 | 188 | } |
| 189 | 189 | } |
@@ -211,7 +211,7 @@ discard block |
||
| 211 | 211 | $text = $this->genericVerdictTexts[$area]; |
| 212 | 212 | foreach ($this->previousQuestions as $number => $factor) { |
| 213 | 213 | if ($this->qaArray[$number]["AREA"] == $area && $factor > 1) { |
| 214 | - $text .= "\n\n" . $this->qaArray[$number]["VERDICTLECTURE"]; |
|
| 214 | + $text .= "\n\n".$this->qaArray[$number]["VERDICTLECTURE"]; |
|
| 215 | 215 | } |
| 216 | 216 | } |
| 217 | 217 | return $text; |
@@ -113,7 +113,7 @@ discard block |
||
| 113 | 113 | if ($this->idPFederation === NULL && preg_match("/\.(..)$/", $realm, $matches)) { |
| 114 | 114 | $this->idPFederation = strtoupper($matches[1]); |
| 115 | 115 | } |
| 116 | - $this->loggerInstance->debug(4, "XYZ: IdP-side NRO is " . $this->idPFederation . "\n"); |
|
| 116 | + $this->loggerInstance->debug(4, "XYZ: IdP-side NRO is ".$this->idPFederation."\n"); |
|
| 117 | 117 | } |
| 118 | 118 | /* The eduroam OT monitoring has the following return codes: |
| 119 | 119 | * |
@@ -443,12 +443,12 @@ discard block |
||
| 443 | 443 | break; |
| 444 | 444 | case \core\AbstractProfile::READINESS_LEVEL_NOTREADY: |
| 445 | 445 | $this->additionalFindings[AbstractTest::INFRA_IDP_RADIUS][] = ["Profile" => "UNCONCLUSIVE"]; |
| 446 | - $this->testsuite = new RADIUSTests($this->realm, "anonymous@" . $this->realm); |
|
| 446 | + $this->testsuite = new RADIUSTests($this->realm, "anonymous@".$this->realm); |
|
| 447 | 447 | break; |
| 448 | 448 | default: |
| 449 | 449 | } |
| 450 | 450 | } else { |
| 451 | - $this->testsuite = new RADIUSTests($this->realm, "anonymous@" . $this->realm); |
|
| 451 | + $this->testsuite = new RADIUSTests($this->realm, "anonymous@".$this->realm); |
|
| 452 | 452 | } |
| 453 | 453 | } |
| 454 | 454 | |
@@ -148,27 +148,27 @@ discard block |
||
| 148 | 148 | { |
| 149 | 149 | // it could match CN or sAN:DNS, we don't care which |
| 150 | 150 | if (isset($this->TLS_CA_checks_result[$host]['certdata']['subject'])) { |
| 151 | - $this->loggerInstance->debug(4, "Checking expected server name " . $this->expectedName . " against Subject: "); |
|
| 151 | + $this->loggerInstance->debug(4, "Checking expected server name ".$this->expectedName." against Subject: "); |
|
| 152 | 152 | $this->loggerInstance->debug(4, $this->TLS_CA_checks_result[$host]['certdata']['subject']); |
| 153 | 153 | // we are checking against accidental misconfig, not attacks, so loosely checking against end of string is appropriate |
| 154 | - if (preg_match("/CN=" . $this->expectedName . "/", $this->TLS_CA_checks_result[$host]['certdata']['subject']) === 1) { |
|
| 154 | + if (preg_match("/CN=".$this->expectedName."/", $this->TLS_CA_checks_result[$host]['certdata']['subject']) === 1) { |
|
| 155 | 155 | return TRUE; |
| 156 | 156 | } |
| 157 | 157 | } |
| 158 | 158 | if (isset($this->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname'])) { |
| 159 | - $this->loggerInstance->debug(4, "Checking expected server name " . $this->expectedName . " against sANs: "); |
|
| 159 | + $this->loggerInstance->debug(4, "Checking expected server name ".$this->expectedName." against sANs: "); |
|
| 160 | 160 | $this->loggerInstance->debug(4, $this->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname']); |
| 161 | 161 | $testNames = $this->TLS_CA_checks_result[$host]['certdata']['extensions']['subjectaltname']; |
| 162 | 162 | if (!is_array($testNames)) { |
| 163 | 163 | $testNames = [$testNames]; |
| 164 | 164 | } |
| 165 | 165 | foreach ($testNames as $oneName) { |
| 166 | - if (preg_match("/" . $this->expectedName . "/", $oneName) === 1) { |
|
| 166 | + if (preg_match("/".$this->expectedName."/", $oneName) === 1) { |
|
| 167 | 167 | return TRUE; |
| 168 | 168 | } |
| 169 | 169 | } |
| 170 | 170 | } |
| 171 | - $this->loggerInstance->debug(3, "Tried to check expected server name " . $this->expectedName . " but neither CN nor sANs matched."); |
|
| 171 | + $this->loggerInstance->debug(3, "Tried to check expected server name ".$this->expectedName." but neither CN nor sANs matched."); |
|
| 172 | 172 | |
| 173 | 173 | $this->TLS_CA_checks_result[$host]['cert_oddity'] = RADIUSTests::CERTPROB_DYN_SERVER_NAME_MISMATCH; |
| 174 | 174 | return FALSE; |
@@ -198,7 +198,7 @@ discard block |
||
| 198 | 198 | $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['status'] = $cert['status']; |
| 199 | 199 | $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['message'] = $this->TLS_certkeys[$cert['status']]; |
| 200 | 200 | $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k]['expected'] = $cert['expected']; |
| 201 | - $add = ' -cert ' . ROOT . '/config/cli-certs/' . $cert['public'] . ' -key ' . ROOT . '/config/cli-certs/' . $cert['private']; |
|
| 201 | + $add = ' -cert '.ROOT.'/config/cli-certs/'.$cert['public'].' -key '.ROOT.'/config/cli-certs/'.$cert['private']; |
|
| 202 | 202 | if (!isset($this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k])) { |
| 203 | 203 | $this->TLS_clients_checks_result[$host]['ca'][$type]['certificate'][$k] = []; |
| 204 | 204 | } |
@@ -243,11 +243,11 @@ discard block |
||
| 243 | 243 | // but code analysers want this more explicit, so here is this extra |
| 244 | 244 | // call to escapeshellarg() |
| 245 | 245 | $escapedHost = escapeshellarg($host); |
| 246 | - $this->loggerInstance->debug(4, \config\Master::PATHS['openssl'] . " s_client -connect " . $escapedHost . " -tls1 -CApath " . ROOT . "/config/ca-certs/ $arg 2>&1\n"); |
|
| 246 | + $this->loggerInstance->debug(4, \config\Master::PATHS['openssl']." s_client -connect ".$escapedHost." -tls1 -CApath ".ROOT."/config/ca-certs/ $arg 2>&1\n"); |
|
| 247 | 247 | $time_start = microtime(true); |
| 248 | 248 | $opensslbabble = []; |
| 249 | 249 | $result = 999; // likely to become zero by openssl; don't want to initialise to zero, could cover up exec failures |
| 250 | - exec(\config\Master::PATHS['openssl'] . " s_client -connect " . $escapedHost . " -no_ssl3 -CApath " . ROOT . "/config/ca-certs/ $arg 2>&1", $opensslbabble, $result); |
|
| 250 | + exec(\config\Master::PATHS['openssl']." s_client -connect ".$escapedHost." -no_ssl3 -CApath ".ROOT."/config/ca-certs/ $arg 2>&1", $opensslbabble, $result); |
|
| 251 | 251 | $time_stop = microtime(true); |
| 252 | 252 | $testresults['time_millisec'] = floor(($time_stop - $time_start) * 1000); |
| 253 | 253 | $testresults['returncode'] = $result; |
