GEANT /
CAT
@@ -31,15 +31,15 @@ discard block |
||
| 31 | 31 | use Exception; |
| 32 | 32 | class DeviceLinuxSh extends \core\DeviceConfig { |
| 33 | 33 | |
| 34 | - final public function __construct() { |
|
| 35 | - parent::__construct(); |
|
| 36 | - $this->setSupportedEapMethods([\core\common\EAP::EAPTYPE_PEAP_MSCHAP2, \core\common\EAP::EAPTYPE_TTLS_PAP, \core\common\EAP::EAPTYPE_TTLS_MSCHAP2, \core\common\EAP::EAPTYPE_TLS, \core\common\EAP::EAPTYPE_SILVERBULLET]); |
|
| 37 | - $this->local_dir = '.cat_installer'; |
|
| 38 | - $this->conf_file = '$HOME/'.$this->local_dir.'/cat_installer.conf'; |
|
| 34 | + final public function __construct() { |
|
| 35 | + parent::__construct(); |
|
| 36 | + $this->setSupportedEapMethods([\core\common\EAP::EAPTYPE_PEAP_MSCHAP2, \core\common\EAP::EAPTYPE_TTLS_PAP, \core\common\EAP::EAPTYPE_TTLS_MSCHAP2, \core\common\EAP::EAPTYPE_TLS, \core\common\EAP::EAPTYPE_SILVERBULLET]); |
|
| 37 | + $this->local_dir = '.cat_installer'; |
|
| 38 | + $this->conf_file = '$HOME/'.$this->local_dir.'/cat_installer.conf'; |
|
| 39 | 39 | } |
| 40 | 40 | |
| 41 | - public function writeInstaller() { |
|
| 42 | - $out_string = '#!/usr/bin/env bash |
|
| 41 | + public function writeInstaller() { |
|
| 42 | + $out_string = '#!/usr/bin/env bash |
|
| 43 | 43 | if [ -z "$BASH" ] ; then |
| 44 | 44 | bash $0 |
| 45 | 45 | exit |
@@ -47,42 +47,42 @@ discard block |
||
| 47 | 47 | |
| 48 | 48 | |
| 49 | 49 | '; |
| 50 | - $out_string .= $this->printFunctions(); |
|
| 51 | - $out_string .= $this->printStart(); |
|
| 52 | - $out_string .= $this->printProfileConfirmation(); |
|
| 53 | - $out_string .= $this->printUserConsent(); |
|
| 54 | - $out_string .= $this->printCheckDirectory(); |
|
| 55 | - $CAs = $this->attributes['internal:CAs'][0]; |
|
| 56 | - $this->server_name = $this->glueServerNames($this->attributes['eap:server_name']); |
|
| 57 | - $this->server_alt_subject_name_list = $this->mkSubjectAltNameList($this->attributes['eap:server_name']); |
|
| 58 | - $out_string .= "# save certificates\n"; |
|
| 59 | - $out_string .= 'echo "'; |
|
| 60 | - foreach ($CAs as $ca) { |
|
| 50 | + $out_string .= $this->printFunctions(); |
|
| 51 | + $out_string .= $this->printStart(); |
|
| 52 | + $out_string .= $this->printProfileConfirmation(); |
|
| 53 | + $out_string .= $this->printUserConsent(); |
|
| 54 | + $out_string .= $this->printCheckDirectory(); |
|
| 55 | + $CAs = $this->attributes['internal:CAs'][0]; |
|
| 56 | + $this->server_name = $this->glueServerNames($this->attributes['eap:server_name']); |
|
| 57 | + $this->server_alt_subject_name_list = $this->mkSubjectAltNameList($this->attributes['eap:server_name']); |
|
| 58 | + $out_string .= "# save certificates\n"; |
|
| 59 | + $out_string .= 'echo "'; |
|
| 60 | + foreach ($CAs as $ca) { |
|
| 61 | 61 | $out_string .= $ca['pem']."\n"; |
| 62 | - } |
|
| 63 | - $out_string .= '"'." > \$HOME/$this->local_dir/ca.pem\n"; |
|
| 62 | + } |
|
| 63 | + $out_string .= '"'." > \$HOME/$this->local_dir/ca.pem\n"; |
|
| 64 | 64 | |
| 65 | - $SSIDs = $this->attributes['internal:SSID']; |
|
| 66 | - $delSSIDs = $this->attributes['internal:remove_SSID']; |
|
| 65 | + $SSIDs = $this->attributes['internal:SSID']; |
|
| 66 | + $delSSIDs = $this->attributes['internal:remove_SSID']; |
|
| 67 | 67 | |
| 68 | - $out_string .= $this->printNMScript($SSIDs,$delSSIDs); |
|
| 69 | - $out_string .= $this->writeWpaConf($SSIDs); |
|
| 70 | - if($this->selectedEap == \core\common\EAP::EAPTYPE_TLS) |
|
| 71 | - $out_string .= $this->printP12Dialog(); |
|
| 72 | - else |
|
| 73 | - $out_string .= $this->printPasswordDialog(); |
|
| 74 | - $out_string .= $this->checkNMResultAndCont(); |
|
| 75 | - $installer_path = $this->installerBasename.'.sh'; |
|
| 76 | - file_put_contents($installer_path, $out_string); |
|
| 77 | - return($installer_path); |
|
| 78 | - } |
|
| 68 | + $out_string .= $this->printNMScript($SSIDs,$delSSIDs); |
|
| 69 | + $out_string .= $this->writeWpaConf($SSIDs); |
|
| 70 | + if($this->selectedEap == \core\common\EAP::EAPTYPE_TLS) |
|
| 71 | + $out_string .= $this->printP12Dialog(); |
|
| 72 | + else |
|
| 73 | + $out_string .= $this->printPasswordDialog(); |
|
| 74 | + $out_string .= $this->checkNMResultAndCont(); |
|
| 75 | + $installer_path = $this->installerBasename.'.sh'; |
|
| 76 | + file_put_contents($installer_path, $out_string); |
|
| 77 | + return($installer_path); |
|
| 78 | + } |
|
| 79 | 79 | |
| 80 | 80 | public function writeDeviceInfo() { |
| 81 | 81 | $ssid_ct=count($this->attributes['internal:SSID']); |
| 82 | 82 | $out = ''; |
| 83 | 83 | |
| 84 | - $out .= _("The installer is in the form of a bash script. It will try to configure eduroam under Network Manager and if this is either not appropriate for your system or your version of Network Manager is too old, a wpa_supplicant config file will be created instead."); |
|
| 85 | - $out .= "<p>"; |
|
| 84 | + $out .= _("The installer is in the form of a bash script. It will try to configure eduroam under Network Manager and if this is either not appropriate for your system or your version of Network Manager is too old, a wpa_supplicant config file will be created instead."); |
|
| 85 | + $out .= "<p>"; |
|
| 86 | 86 | if($ssid_ct > 1) { |
| 87 | 87 | if($ssid_ct > 2) { |
| 88 | 88 | $out .= sprintf(_("In addition to <strong>%s</strong> the installer will also configure access to the following networks:"),implode(', ',\config\ConfAssistant::CONSORTIUM['ssid']))." "; |
@@ -90,39 +90,39 @@ discard block |
||
| 90 | 90 | $out .= sprintf(_("In addition to <strong>%s</strong> the installer will also configure access to:"),implode(', ',\config\ConfAssistant::CONSORTIUM['ssid']))." "; |
| 91 | 91 | $i = 0; |
| 92 | 92 | foreach ($this->attributes['internal:SSID'] as $ssid=>$v) { |
| 93 | - if(! in_array($ssid, \config\ConfAssistant::CONSORTIUM['ssid'])) { |
|
| 94 | - if($i > 0) |
|
| 95 | - $out .= ", "; |
|
| 96 | - $i++; |
|
| 97 | - $out .= "<strong>$ssid</strong>"; |
|
| 98 | - } |
|
| 93 | + if(! in_array($ssid, \config\ConfAssistant::CONSORTIUM['ssid'])) { |
|
| 94 | + if($i > 0) |
|
| 95 | + $out .= ", "; |
|
| 96 | + $i++; |
|
| 97 | + $out .= "<strong>$ssid</strong>"; |
|
| 98 | + } |
|
| 99 | 99 | } |
| 100 | 100 | $out .= "<p>"; |
| 101 | 101 | } |
| 102 | - $out .= _("The installer will create .cat_installer sub-directory in your home directory and will copy your server certificates there."); |
|
| 102 | + $out .= _("The installer will create .cat_installer sub-directory in your home directory and will copy your server certificates there."); |
|
| 103 | 103 | if($this->selectedEap == \core\common\EAP::EAPTYPE_TLS) |
| 104 | - $out .= _("In order to connect to the network you will need a personal certificate in the form of a p12 file. You should obtain this certificate from your home institution. Consult the support page to find out how this certificate can be obtained. Such certificate files are password protected. You should have both the file and the password available during the installation process. Your p12 file will also be copied to the .cat_installer directory."); |
|
| 104 | + $out .= _("In order to connect to the network you will need a personal certificate in the form of a p12 file. You should obtain this certificate from your home institution. Consult the support page to find out how this certificate can be obtained. Such certificate files are password protected. You should have both the file and the password available during the installation process. Your p12 file will also be copied to the .cat_installer directory."); |
|
| 105 | 105 | else { |
| 106 | - $out .= _("In order to connect to the network you will need an account from your home institution. You should consult the support page to find out how this account can be obtained. It is very likely that your account is already activated."); |
|
| 107 | - $out .= "<p>"; |
|
| 108 | - $out .= _("You will be requested to enter your account credentials during the installation. This information will be saved so that you will reconnect to the network automatically each time you are in the range."); |
|
| 106 | + $out .= _("In order to connect to the network you will need an account from your home institution. You should consult the support page to find out how this account can be obtained. It is very likely that your account is already activated."); |
|
| 107 | + $out .= "<p>"; |
|
| 108 | + $out .= _("You will be requested to enter your account credentials during the installation. This information will be saved so that you will reconnect to the network automatically each time you are in the range."); |
|
| 109 | 109 | } |
| 110 | 110 | $out .= "<p>"; |
| 111 | 111 | return $out; |
| 112 | - } |
|
| 112 | + } |
|
| 113 | 113 | |
| 114 | 114 | |
| 115 | - private function printCheckDirectory() { |
|
| 115 | + private function printCheckDirectory() { |
|
| 116 | 116 | $out = 'if [ -d $HOME/'.$this->local_dir.' ] ; then |
| 117 | 117 | if ! ask "'.sprintf(_("Directory %s exists; some of its files may be overwritten."),'$HOME/'.$this->local_dir).'" "'._("Continue").'" 1 ; then exit; fi |
| 118 | 118 | else |
| 119 | 119 | mkdir $HOME/'.$this->local_dir.' |
| 120 | 120 | fi |
| 121 | 121 | '; |
| 122 | - return $out; |
|
| 123 | - } |
|
| 122 | + return $out; |
|
| 123 | + } |
|
| 124 | 124 | |
| 125 | - private function checkNMResultAndCont() { |
|
| 125 | + private function checkNMResultAndCont() { |
|
| 126 | 126 | $out = 'if run_python_script ; then |
| 127 | 127 | show_info "'._("Installation successful").'" |
| 128 | 128 | else |
@@ -137,50 +137,50 @@ discard block |
||
| 137 | 137 | show_info "'.sprintf(_("Output written to %s"),$this->conf_file).'" |
| 138 | 138 | fi |
| 139 | 139 | '; |
| 140 | - return $out; |
|
| 141 | - } |
|
| 140 | + return $out; |
|
| 141 | + } |
|
| 142 | 142 | |
| 143 | 143 | private function printStart() { |
| 144 | - $out = "setup_environment\n"; |
|
| 145 | - $out .= 'show_info "'._("This installer has been prepared for \${ORGANISATION}").'\n\n'._("More information and comments:").'\n\nEMAIL: ${SUPPORT}\nWWW: ${URL}\n\n'. |
|
| 144 | + $out = "setup_environment\n"; |
|
| 145 | + $out .= 'show_info "'._("This installer has been prepared for \${ORGANISATION}").'\n\n'._("More information and comments:").'\n\nEMAIL: ${SUPPORT}\nWWW: ${URL}\n\n'. |
|
| 146 | 146 | _("Installer created with software from the GEANT project.").'" |
| 147 | 147 | '; |
| 148 | - return $out; |
|
| 148 | + return $out; |
|
| 149 | 149 | } |
| 150 | 150 | |
| 151 | 151 | |
| 152 | 152 | private function printProfileConfirmation() { |
| 153 | - if($this->attributes['internal:profile_count'][0] > 1) |
|
| 154 | - $out = 'if ! ask "'.sprintf(_("This installer will only work properly if you are a member of %s and the user group: %s."),'${bf}'.$this->attributes['general:instname'][0].'${n}','${bf}'.$this->attributes['profile:name'][0]).'${n}"'; |
|
| 153 | + if($this->attributes['internal:profile_count'][0] > 1) |
|
| 154 | + $out = 'if ! ask "'.sprintf(_("This installer will only work properly if you are a member of %s and the user group: %s."),'${bf}'.$this->attributes['general:instname'][0].'${n}','${bf}'.$this->attributes['profile:name'][0]).'${n}"'; |
|
| 155 | 155 | else |
| 156 | - $out = 'if ! ask "'.sprintf(_("This installer will only work properly if you are a member of %s."),'${bf}'.$this->attributes['general:instname'][0]).'${n}"'; |
|
| 156 | + $out = 'if ! ask "'.sprintf(_("This installer will only work properly if you are a member of %s."),'${bf}'.$this->attributes['general:instname'][0]).'${n}"'; |
|
| 157 | 157 | $out .= ' "'._("Continue").'" 1 ; then exit; fi |
| 158 | 158 | '; |
| 159 | - return $out; |
|
| 159 | + return $out; |
|
| 160 | 160 | |
| 161 | 161 | } |
| 162 | 162 | |
| 163 | 163 | |
| 164 | - private function printUserConsent() { |
|
| 164 | + private function printUserConsent() { |
|
| 165 | 165 | $out = ''; |
| 166 | 166 | if(isset($this->attributes['support:info_file'])) { |
| 167 | - if( $this->attributes['internal:info_file'][0]['mime'] == 'txt') { |
|
| 168 | - $handle = fopen($this->attributes['internal:info_file'][0]['name'],"r"); |
|
| 169 | - $consent = ''; |
|
| 170 | - while (($buffer = fgets($handle, 4096)) !== false) { |
|
| 171 | - $consent .= rtrim($buffer) . '\n'; |
|
| 172 | - } |
|
| 173 | - $out = 'if ! ask "'.$consent.'${n}" "'._("Continue").'" 1 ; then exit; fi |
|
| 167 | + if( $this->attributes['internal:info_file'][0]['mime'] == 'txt') { |
|
| 168 | + $handle = fopen($this->attributes['internal:info_file'][0]['name'],"r"); |
|
| 169 | + $consent = ''; |
|
| 170 | + while (($buffer = fgets($handle, 4096)) !== false) { |
|
| 171 | + $consent .= rtrim($buffer) . '\n'; |
|
| 172 | + } |
|
| 173 | + $out = 'if ! ask "'.$consent.'${n}" "'._("Continue").'" 1 ; then exit; fi |
|
| 174 | 174 | '; |
| 175 | - } |
|
| 175 | + } |
|
| 176 | 176 | } |
| 177 | 177 | return $out; |
| 178 | - } |
|
| 178 | + } |
|
| 179 | 179 | # ask user for confirmation |
| 180 | 180 | # the first argument is the user prompt |
| 181 | 181 | # if the second argument is 0 then the first element of yes_no array |
| 182 | 182 | # will be the default value prompted to the user |
| 183 | - private function printFunctions() { |
|
| 183 | + private function printFunctions() { |
|
| 184 | 184 | $url = (isset($this->attributes['support:url'][0]) && $this->attributes['support:url'][0] ) ? $this->attributes['support:url'][0] : $this->support_url_substitute; |
| 185 | 185 | $support=(isset($this->attributes['support:email'][0]) && $this->attributes['support:email'][0] ) ? $this->attributes['support:email'][0] : $this->support_email_substitute; |
| 186 | 186 | $out =' |
@@ -390,11 +390,11 @@ discard block |
||
| 390 | 390 | } |
| 391 | 391 | |
| 392 | 392 | |
| 393 | - private function writeWpaConf($SSIDs) { |
|
| 394 | - $e = \core\common\EAP::eapDisplayName($this->selectedEap); |
|
| 393 | + private function writeWpaConf($SSIDs) { |
|
| 394 | + $e = \core\common\EAP::eapDisplayName($this->selectedEap); |
|
| 395 | 395 | $out = 'function create_wpa_conf { |
| 396 | 396 | cat << EOFW >> '.$this->conf_file."\n"; |
| 397 | - foreach (array_keys($SSIDs) as $ssid) { |
|
| 397 | + foreach (array_keys($SSIDs) as $ssid) { |
|
| 398 | 398 | $out .= ' |
| 399 | 399 | network={ |
| 400 | 400 | ssid="'.$ssid.'" |
@@ -404,42 +404,42 @@ discard block |
||
| 404 | 404 | eap='.$e['OUTER'].' |
| 405 | 405 | ca_cert="${HOME}/'.$this->local_dir.'/ca.pem" |
| 406 | 406 | identity="${USER_NAME}"'; |
| 407 | - if($this->server_name) |
|
| 407 | + if($this->server_name) |
|
| 408 | 408 | $out .= ' |
| 409 | 409 | domain_suffix_match="'.$this->server_name.'"'; |
| 410 | - if($this->selectedEap == \core\common\EAP::EAPTYPE_TLS) { |
|
| 410 | + if($this->selectedEap == \core\common\EAP::EAPTYPE_TLS) { |
|
| 411 | 411 | $out .= ' |
| 412 | 412 | private_key="${HOME}/'.$this->local_dir.'/user.p12" |
| 413 | 413 | private_key_passwd="${PASSWORD}"'; |
| 414 | - } else { |
|
| 414 | + } else { |
|
| 415 | 415 | $out .= ' |
| 416 | 416 | phase2="auth='.$e['INNER'].'" |
| 417 | 417 | password="${PASSWORD}"'; |
| 418 | - if($this->attributes['internal:use_anon_outer'][0] == 1) |
|
| 418 | + if($this->attributes['internal:use_anon_outer'][0] == 1) |
|
| 419 | 419 | $out .= ' |
| 420 | 420 | anonymous_identity="'.$this->attributes['internal:anon_local_value'][0].'@'.$this->attributes['internal:realm'][0].'"'; |
| 421 | - } |
|
| 421 | + } |
|
| 422 | 422 | $out .= ' |
| 423 | 423 | }'; |
| 424 | 424 | } |
| 425 | - $out .= ' |
|
| 425 | + $out .= ' |
|
| 426 | 426 | EOFW |
| 427 | 427 | chmod 600 '.$this->conf_file.' |
| 428 | 428 | } |
| 429 | 429 | '; |
| 430 | - return $out; |
|
| 430 | + return $out; |
|
| 431 | 431 | } |
| 432 | 432 | |
| 433 | 433 | |
| 434 | 434 | |
| 435 | - private function printPasswordDialog() { |
|
| 436 | - $out = '#prompt user for credentials |
|
| 435 | + private function printPasswordDialog() { |
|
| 436 | + $out = '#prompt user for credentials |
|
| 437 | 437 | user_cred |
| 438 | 438 | '; |
| 439 | - return $out; |
|
| 439 | + return $out; |
|
| 440 | 440 | } |
| 441 | - private function printP12Dialog() { |
|
| 442 | - $out ='function p12dialog { |
|
| 441 | + private function printP12Dialog() { |
|
| 442 | + $out ='function p12dialog { |
|
| 443 | 443 | if [ ! -z $ZENITY ] ; then |
| 444 | 444 | if ! cert=`$ZENITY --file-selection --file-filter="'._("personal certificate file (p12 or pfx)").' | *.p12 *.P12 *.pfx *.PFX" --file-filter="All files | *" --title="'._("personal certificate file (p12 or pfx)").'" 2>/dev/null` ; then |
| 445 | 445 | exit |
@@ -494,7 +494,7 @@ discard block |
||
| 494 | 494 | done |
| 495 | 495 | '; |
| 496 | 496 | if (isset($this->attributes['eap-specific:tls_use_other_id']) && $this->attributes['eap-specific:tls_use_other_id'][0] == 'on') { |
| 497 | - $out .= ' if ! USERNAME=`prompt_nonempty_string 1 "'._("enter your userid").'" "$USER_NAME"` ; then |
|
| 497 | + $out .= ' if ! USERNAME=`prompt_nonempty_string 1 "'._("enter your userid").'" "$USER_NAME"` ; then |
|
| 498 | 498 | exit 1 |
| 499 | 499 | fi |
| 500 | 500 | '; |
@@ -510,37 +510,37 @@ discard block |
||
| 510 | 510 | } |
| 511 | 511 | p12dialog |
| 512 | 512 | '; |
| 513 | - return $out; |
|
| 513 | + return $out; |
|
| 514 | 514 | } |
| 515 | 515 | |
| 516 | 516 | |
| 517 | 517 | private function glueServerNames($server_list) { |
| 518 | - if(! $server_list) |
|
| 518 | + if(! $server_list) |
|
| 519 | 519 | return ''; |
| 520 | - $A0 = array_reverse(explode('.',array_shift($server_list))); |
|
| 521 | - $B = $A0; |
|
| 522 | - foreach($server_list as $a) { |
|
| 523 | - $A= array_reverse(explode('.',$a)); |
|
| 524 | - $B = array_intersect_assoc($A0,$A); |
|
| 525 | - $A0 = $B; |
|
| 526 | - } |
|
| 527 | - return(implode('.',array_reverse($B))); |
|
| 520 | + $A0 = array_reverse(explode('.',array_shift($server_list))); |
|
| 521 | + $B = $A0; |
|
| 522 | + foreach($server_list as $a) { |
|
| 523 | + $A= array_reverse(explode('.',$a)); |
|
| 524 | + $B = array_intersect_assoc($A0,$A); |
|
| 525 | + $A0 = $B; |
|
| 526 | + } |
|
| 527 | + return(implode('.',array_reverse($B))); |
|
| 528 | 528 | } |
| 529 | 529 | |
| 530 | 530 | private function mkSubjectAltNameList($server_list) { |
| 531 | - if(! $server_list) |
|
| 531 | + if(! $server_list) |
|
| 532 | 532 | return ''; |
| 533 | - $out = ''; |
|
| 534 | - foreach($server_list as $a) { |
|
| 535 | - if($out) |
|
| 536 | - $out .= ','; |
|
| 537 | - $out .= "'DNS:$a'"; |
|
| 538 | - } |
|
| 539 | - return $out; |
|
| 533 | + $out = ''; |
|
| 534 | + foreach($server_list as $a) { |
|
| 535 | + if($out) |
|
| 536 | + $out .= ','; |
|
| 537 | + $out .= "'DNS:$a'"; |
|
| 538 | + } |
|
| 539 | + return $out; |
|
| 540 | 540 | } |
| 541 | 541 | |
| 542 | 542 | private function printNMScript($SSIDs,$delSSIDs) { |
| 543 | - $e = \core\common\EAP::eapDisplayName($this->selectedEap); |
|
| 543 | + $e = \core\common\EAP::eapDisplayName($this->selectedEap); |
|
| 544 | 544 | $out = 'function run_python_script { |
| 545 | 545 | PASSWORD=$( echo "$PASSWORD" | sed "s/\'/\\\\\\\'/g" ) |
| 546 | 546 | if python << EEE1 > /dev/null 2>&1 |
@@ -679,20 +679,20 @@ discard block |
||
| 679 | 679 | \'identity\': \'$USER_NAME\', |
| 680 | 680 | \'ca-cert\': dbus.ByteArray("file://{0}\0".format(self.cacert_file).encode(\'utf8\')),'; |
| 681 | 681 | if($this->server_name) { |
| 682 | - $out .= ' |
|
| 682 | + $out .= ' |
|
| 683 | 683 | match_key: match_value,'; |
| 684 | 684 | } |
| 685 | 685 | if($this->selectedEap == \core\common\EAP::EAPTYPE_TLS) { |
| 686 | - $out .= ' |
|
| 686 | + $out .= ' |
|
| 687 | 687 | \'client-cert\': dbus.ByteArray("file://{0}\0".format(self.pfx_file).encode(\'utf8\')), |
| 688 | 688 | \'private-key\': dbus.ByteArray("file://{0}\0".format(self.pfx_file).encode(\'utf8\')), |
| 689 | 689 | \'private-key-password\': \'$PASSWORD\','; |
| 690 | 690 | } else { |
| 691 | - $out .= ' |
|
| 691 | + $out .= ' |
|
| 692 | 692 | \'password\': \'$PASSWORD\', |
| 693 | 693 | \'phase2-auth\': \''.strtolower($e['INNER']).'\','; |
| 694 | - if($this->attributes['internal:use_anon_outer'][0] == 1) |
|
| 695 | - $out .= ' |
|
| 694 | + if($this->attributes['internal:use_anon_outer'][0] == 1) |
|
| 695 | + $out .= ' |
|
| 696 | 696 | \'anonymous-identity\': \''.$this->attributes['internal:anon_local_value'][0].'@'.$this->attributes['internal:realm'][0].'\','; |
| 697 | 697 | } |
| 698 | 698 | $out .= ' |
@@ -712,17 +712,17 @@ discard block |
||
| 712 | 712 | def main(self): |
| 713 | 713 | self.check_opts() |
| 714 | 714 | ver = self.connect_to_NM()'; |
| 715 | - foreach (array_keys($SSIDs) as $ssid) { |
|
| 716 | - $out .=' |
|
| 715 | + foreach (array_keys($SSIDs) as $ssid) { |
|
| 716 | + $out .=' |
|
| 717 | 717 | self.delete_existing_connections(\''.$ssid.'\') |
| 718 | 718 | self.add_connection(\''.$ssid.'\')'; |
| 719 | - } |
|
| 719 | + } |
|
| 720 | 720 | // create a list of profiles to be deleted after installation |
| 721 | - foreach ($delSSIDs as $ssid => $cipher) { |
|
| 722 | - if($cipher == 'DEL') |
|
| 721 | + foreach ($delSSIDs as $ssid => $cipher) { |
|
| 722 | + if($cipher == 'DEL') |
|
| 723 | 723 | $out .=' |
| 724 | 724 | self.delete_existing_connections(\''.$ssid.'\')'; |
| 725 | - } |
|
| 725 | + } |
|
| 726 | 726 | |
| 727 | 727 | $out .=' |
| 728 | 728 | |
@@ -65,9 +65,9 @@ discard block |
||
| 65 | 65 | $SSIDs = $this->attributes['internal:SSID']; |
| 66 | 66 | $delSSIDs = $this->attributes['internal:remove_SSID']; |
| 67 | 67 | |
| 68 | - $out_string .= $this->printNMScript($SSIDs,$delSSIDs); |
|
| 68 | + $out_string .= $this->printNMScript($SSIDs, $delSSIDs); |
|
| 69 | 69 | $out_string .= $this->writeWpaConf($SSIDs); |
| 70 | - if($this->selectedEap == \core\common\EAP::EAPTYPE_TLS) |
|
| 70 | + if ($this->selectedEap == \core\common\EAP::EAPTYPE_TLS) |
|
| 71 | 71 | $out_string .= $this->printP12Dialog(); |
| 72 | 72 | else |
| 73 | 73 | $out_string .= $this->printPasswordDialog(); |
@@ -78,20 +78,20 @@ discard block |
||
| 78 | 78 | } |
| 79 | 79 | |
| 80 | 80 | public function writeDeviceInfo() { |
| 81 | - $ssid_ct=count($this->attributes['internal:SSID']); |
|
| 81 | + $ssid_ct = count($this->attributes['internal:SSID']); |
|
| 82 | 82 | $out = ''; |
| 83 | 83 | |
| 84 | 84 | $out .= _("The installer is in the form of a bash script. It will try to configure eduroam under Network Manager and if this is either not appropriate for your system or your version of Network Manager is too old, a wpa_supplicant config file will be created instead."); |
| 85 | 85 | $out .= "<p>"; |
| 86 | - if($ssid_ct > 1) { |
|
| 87 | - if($ssid_ct > 2) { |
|
| 88 | - $out .= sprintf(_("In addition to <strong>%s</strong> the installer will also configure access to the following networks:"),implode(', ',\config\ConfAssistant::CONSORTIUM['ssid']))." "; |
|
| 86 | + if ($ssid_ct > 1) { |
|
| 87 | + if ($ssid_ct > 2) { |
|
| 88 | + $out .= sprintf(_("In addition to <strong>%s</strong> the installer will also configure access to the following networks:"), implode(', ', \config\ConfAssistant::CONSORTIUM['ssid']))." "; |
|
| 89 | 89 | } else |
| 90 | - $out .= sprintf(_("In addition to <strong>%s</strong> the installer will also configure access to:"),implode(', ',\config\ConfAssistant::CONSORTIUM['ssid']))." "; |
|
| 90 | + $out .= sprintf(_("In addition to <strong>%s</strong> the installer will also configure access to:"), implode(', ', \config\ConfAssistant::CONSORTIUM['ssid']))." "; |
|
| 91 | 91 | $i = 0; |
| 92 | 92 | foreach ($this->attributes['internal:SSID'] as $ssid=>$v) { |
| 93 | - if(! in_array($ssid, \config\ConfAssistant::CONSORTIUM['ssid'])) { |
|
| 94 | - if($i > 0) |
|
| 93 | + if (!in_array($ssid, \config\ConfAssistant::CONSORTIUM['ssid'])) { |
|
| 94 | + if ($i > 0) |
|
| 95 | 95 | $out .= ", "; |
| 96 | 96 | $i++; |
| 97 | 97 | $out .= "<strong>$ssid</strong>"; |
@@ -100,7 +100,7 @@ discard block |
||
| 100 | 100 | $out .= "<p>"; |
| 101 | 101 | } |
| 102 | 102 | $out .= _("The installer will create .cat_installer sub-directory in your home directory and will copy your server certificates there."); |
| 103 | -if($this->selectedEap == \core\common\EAP::EAPTYPE_TLS) |
|
| 103 | +if ($this->selectedEap == \core\common\EAP::EAPTYPE_TLS) |
|
| 104 | 104 | $out .= _("In order to connect to the network you will need a personal certificate in the form of a p12 file. You should obtain this certificate from your home institution. Consult the support page to find out how this certificate can be obtained. Such certificate files are password protected. You should have both the file and the password available during the installation process. Your p12 file will also be copied to the .cat_installer directory."); |
| 105 | 105 | else { |
| 106 | 106 | $out .= _("In order to connect to the network you will need an account from your home institution. You should consult the support page to find out how this account can be obtained. It is very likely that your account is already activated."); |
@@ -114,7 +114,7 @@ discard block |
||
| 114 | 114 | |
| 115 | 115 | private function printCheckDirectory() { |
| 116 | 116 | $out = 'if [ -d $HOME/'.$this->local_dir.' ] ; then |
| 117 | - if ! ask "'.sprintf(_("Directory %s exists; some of its files may be overwritten."),'$HOME/'.$this->local_dir).'" "'._("Continue").'" 1 ; then exit; fi |
|
| 117 | + if ! ask "'.sprintf(_("Directory %s exists; some of its files may be overwritten."), '$HOME/'.$this->local_dir).'" "'._("Continue").'" 1 ; then exit; fi |
|
| 118 | 118 | else |
| 119 | 119 | mkdir $HOME/'.$this->local_dir.' |
| 120 | 120 | fi |
@@ -130,11 +130,11 @@ discard block |
||
| 130 | 130 | if ! ask "'.("Network Manager configuration failed, but we may generate a wpa_supplicant configuration file if you wish. Be warned that your connection password will be saved in this file as clear text.").'" "'._("Write the file").'" 1 ; then exit ; fi |
| 131 | 131 | |
| 132 | 132 | if [ -f '.$this->conf_file.' ] ; then |
| 133 | - if ! ask "'.sprintf(_("File %s exists; it will be overwritten."),$this->conf_file).'" "'._("Continue").'" 1 ; then confirm_exit; fi |
|
| 133 | + if ! ask "'.sprintf(_("File %s exists; it will be overwritten."), $this->conf_file).'" "'._("Continue").'" 1 ; then confirm_exit; fi |
|
| 134 | 134 | rm '.$this->conf_file.' |
| 135 | 135 | fi |
| 136 | 136 | create_wpa_conf |
| 137 | - show_info "'.sprintf(_("Output written to %s"),$this->conf_file).'" |
|
| 137 | + show_info "'.sprintf(_("Output written to %s"), $this->conf_file).'" |
|
| 138 | 138 | fi |
| 139 | 139 | '; |
| 140 | 140 | return $out; |
@@ -150,10 +150,10 @@ discard block |
||
| 150 | 150 | |
| 151 | 151 | |
| 152 | 152 | private function printProfileConfirmation() { |
| 153 | - if($this->attributes['internal:profile_count'][0] > 1) |
|
| 154 | - $out = 'if ! ask "'.sprintf(_("This installer will only work properly if you are a member of %s and the user group: %s."),'${bf}'.$this->attributes['general:instname'][0].'${n}','${bf}'.$this->attributes['profile:name'][0]).'${n}"'; |
|
| 153 | + if ($this->attributes['internal:profile_count'][0] > 1) |
|
| 154 | + $out = 'if ! ask "'.sprintf(_("This installer will only work properly if you are a member of %s and the user group: %s."), '${bf}'.$this->attributes['general:instname'][0].'${n}', '${bf}'.$this->attributes['profile:name'][0]).'${n}"'; |
|
| 155 | 155 | else |
| 156 | - $out = 'if ! ask "'.sprintf(_("This installer will only work properly if you are a member of %s."),'${bf}'.$this->attributes['general:instname'][0]).'${n}"'; |
|
| 156 | + $out = 'if ! ask "'.sprintf(_("This installer will only work properly if you are a member of %s."), '${bf}'.$this->attributes['general:instname'][0]).'${n}"'; |
|
| 157 | 157 | $out .= ' "'._("Continue").'" 1 ; then exit; fi |
| 158 | 158 | '; |
| 159 | 159 | return $out; |
@@ -163,12 +163,12 @@ discard block |
||
| 163 | 163 | |
| 164 | 164 | private function printUserConsent() { |
| 165 | 165 | $out = ''; |
| 166 | - if(isset($this->attributes['support:info_file'])) { |
|
| 167 | - if( $this->attributes['internal:info_file'][0]['mime'] == 'txt') { |
|
| 168 | - $handle = fopen($this->attributes['internal:info_file'][0]['name'],"r"); |
|
| 166 | + if (isset($this->attributes['support:info_file'])) { |
|
| 167 | + if ($this->attributes['internal:info_file'][0]['mime'] == 'txt') { |
|
| 168 | + $handle = fopen($this->attributes['internal:info_file'][0]['name'], "r"); |
|
| 169 | 169 | $consent = ''; |
| 170 | 170 | while (($buffer = fgets($handle, 4096)) !== false) { |
| 171 | - $consent .= rtrim($buffer) . '\n'; |
|
| 171 | + $consent .= rtrim($buffer).'\n'; |
|
| 172 | 172 | } |
| 173 | 173 | $out = 'if ! ask "'.$consent.'${n}" "'._("Continue").'" 1 ; then exit; fi |
| 174 | 174 | '; |
@@ -181,9 +181,9 @@ discard block |
||
| 181 | 181 | # if the second argument is 0 then the first element of yes_no array |
| 182 | 182 | # will be the default value prompted to the user |
| 183 | 183 | private function printFunctions() { |
| 184 | -$url = (isset($this->attributes['support:url'][0]) && $this->attributes['support:url'][0] ) ? $this->attributes['support:url'][0] : $this->support_url_substitute; |
|
| 185 | -$support=(isset($this->attributes['support:email'][0]) && $this->attributes['support:email'][0] ) ? $this->attributes['support:email'][0] : $this->support_email_substitute; |
|
| 186 | -$out =' |
|
| 184 | +$url = (isset($this->attributes['support:url'][0]) && $this->attributes['support:url'][0]) ? $this->attributes['support:url'][0] : $this->support_url_substitute; |
|
| 185 | +$support = (isset($this->attributes['support:email'][0]) && $this->attributes['support:email'][0]) ? $this->attributes['support:email'][0] : $this->support_email_substitute; |
|
| 186 | +$out = ' |
|
| 187 | 187 | my_name=$0 |
| 188 | 188 | |
| 189 | 189 | |
@@ -404,10 +404,10 @@ discard block |
||
| 404 | 404 | eap='.$e['OUTER'].' |
| 405 | 405 | ca_cert="${HOME}/'.$this->local_dir.'/ca.pem" |
| 406 | 406 | identity="${USER_NAME}"'; |
| 407 | - if($this->server_name) |
|
| 407 | + if ($this->server_name) |
|
| 408 | 408 | $out .= ' |
| 409 | 409 | domain_suffix_match="'.$this->server_name.'"'; |
| 410 | - if($this->selectedEap == \core\common\EAP::EAPTYPE_TLS) { |
|
| 410 | + if ($this->selectedEap == \core\common\EAP::EAPTYPE_TLS) { |
|
| 411 | 411 | $out .= ' |
| 412 | 412 | private_key="${HOME}/'.$this->local_dir.'/user.p12" |
| 413 | 413 | private_key_passwd="${PASSWORD}"'; |
@@ -415,7 +415,7 @@ discard block |
||
| 415 | 415 | $out .= ' |
| 416 | 416 | phase2="auth='.$e['INNER'].'" |
| 417 | 417 | password="${PASSWORD}"'; |
| 418 | - if($this->attributes['internal:use_anon_outer'][0] == 1) |
|
| 418 | + if ($this->attributes['internal:use_anon_outer'][0] == 1) |
|
| 419 | 419 | $out .= ' |
| 420 | 420 | anonymous_identity="'.$this->attributes['internal:anon_local_value'][0].'@'.$this->attributes['internal:realm'][0].'"'; |
| 421 | 421 | } |
@@ -439,7 +439,7 @@ discard block |
||
| 439 | 439 | return $out; |
| 440 | 440 | } |
| 441 | 441 | private function printP12Dialog() { |
| 442 | - $out ='function p12dialog { |
|
| 442 | + $out = 'function p12dialog { |
|
| 443 | 443 | if [ ! -z $ZENITY ] ; then |
| 444 | 444 | if ! cert=`$ZENITY --file-selection --file-filter="'._("personal certificate file (p12 or pfx)").' | *.p12 *.P12 *.pfx *.PFX" --file-filter="All files | *" --title="'._("personal certificate file (p12 or pfx)").'" 2>/dev/null` ; then |
| 445 | 445 | exit |
@@ -500,7 +500,7 @@ discard block |
||
| 500 | 500 | '; |
| 501 | 501 | } else { |
| 502 | 502 | $out .= ' if [ -z "$USER_NAME" ] ; then |
| 503 | - if ! USER_NAME=`prompt_nonempty_string 1 "' . _("enter your userid") . '" ""` ; then |
|
| 503 | + if ! USER_NAME=`prompt_nonempty_string 1 "' . _("enter your userid").'" ""` ; then |
|
| 504 | 504 | exit 1 |
| 505 | 505 | fi |
| 506 | 506 | fi |
@@ -515,31 +515,31 @@ discard block |
||
| 515 | 515 | |
| 516 | 516 | |
| 517 | 517 | private function glueServerNames($server_list) { |
| 518 | - if(! $server_list) |
|
| 518 | + if (!$server_list) |
|
| 519 | 519 | return ''; |
| 520 | - $A0 = array_reverse(explode('.',array_shift($server_list))); |
|
| 520 | + $A0 = array_reverse(explode('.', array_shift($server_list))); |
|
| 521 | 521 | $B = $A0; |
| 522 | - foreach($server_list as $a) { |
|
| 523 | - $A= array_reverse(explode('.',$a)); |
|
| 524 | - $B = array_intersect_assoc($A0,$A); |
|
| 522 | + foreach ($server_list as $a) { |
|
| 523 | + $A = array_reverse(explode('.', $a)); |
|
| 524 | + $B = array_intersect_assoc($A0, $A); |
|
| 525 | 525 | $A0 = $B; |
| 526 | 526 | } |
| 527 | - return(implode('.',array_reverse($B))); |
|
| 527 | + return(implode('.', array_reverse($B))); |
|
| 528 | 528 | } |
| 529 | 529 | |
| 530 | 530 | private function mkSubjectAltNameList($server_list) { |
| 531 | - if(! $server_list) |
|
| 531 | + if (!$server_list) |
|
| 532 | 532 | return ''; |
| 533 | 533 | $out = ''; |
| 534 | - foreach($server_list as $a) { |
|
| 535 | - if($out) |
|
| 534 | + foreach ($server_list as $a) { |
|
| 535 | + if ($out) |
|
| 536 | 536 | $out .= ','; |
| 537 | 537 | $out .= "'DNS:$a'"; |
| 538 | 538 | } |
| 539 | 539 | return $out; |
| 540 | 540 | } |
| 541 | 541 | |
| 542 | -private function printNMScript($SSIDs,$delSSIDs) { |
|
| 542 | +private function printNMScript($SSIDs, $delSSIDs) { |
|
| 543 | 543 | $e = \core\common\EAP::eapDisplayName($this->selectedEap); |
| 544 | 544 | $out = 'function run_python_script { |
| 545 | 545 | PASSWORD=$( echo "$PASSWORD" | sed "s/\'/\\\\\\\'/g" ) |
@@ -678,11 +678,11 @@ discard block |
||
| 678 | 678 | \'eap\': [\''.strtolower($e['OUTER']).'\'], |
| 679 | 679 | \'identity\': \'$USER_NAME\', |
| 680 | 680 | \'ca-cert\': dbus.ByteArray("file://{0}\0".format(self.cacert_file).encode(\'utf8\')),'; |
| 681 | - if($this->server_name) { |
|
| 681 | + if ($this->server_name) { |
|
| 682 | 682 | $out .= ' |
| 683 | 683 | match_key: match_value,'; |
| 684 | 684 | } |
| 685 | - if($this->selectedEap == \core\common\EAP::EAPTYPE_TLS) { |
|
| 685 | + if ($this->selectedEap == \core\common\EAP::EAPTYPE_TLS) { |
|
| 686 | 686 | $out .= ' |
| 687 | 687 | \'client-cert\': dbus.ByteArray("file://{0}\0".format(self.pfx_file).encode(\'utf8\')), |
| 688 | 688 | \'private-key\': dbus.ByteArray("file://{0}\0".format(self.pfx_file).encode(\'utf8\')), |
@@ -691,7 +691,7 @@ discard block |
||
| 691 | 691 | $out .= ' |
| 692 | 692 | \'password\': \'$PASSWORD\', |
| 693 | 693 | \'phase2-auth\': \''.strtolower($e['INNER']).'\','; |
| 694 | - if($this->attributes['internal:use_anon_outer'][0] == 1) |
|
| 694 | + if ($this->attributes['internal:use_anon_outer'][0] == 1) |
|
| 695 | 695 | $out .= ' |
| 696 | 696 | \'anonymous-identity\': \''.$this->attributes['internal:anon_local_value'][0].'@'.$this->attributes['internal:realm'][0].'\','; |
| 697 | 697 | } |
@@ -713,18 +713,18 @@ discard block |
||
| 713 | 713 | self.check_opts() |
| 714 | 714 | ver = self.connect_to_NM()'; |
| 715 | 715 | foreach (array_keys($SSIDs) as $ssid) { |
| 716 | - $out .=' |
|
| 716 | + $out .= ' |
|
| 717 | 717 | self.delete_existing_connections(\''.$ssid.'\') |
| 718 | 718 | self.add_connection(\''.$ssid.'\')'; |
| 719 | 719 | } |
| 720 | 720 | // create a list of profiles to be deleted after installation |
| 721 | 721 | foreach ($delSSIDs as $ssid => $cipher) { |
| 722 | - if($cipher == 'DEL') |
|
| 723 | - $out .=' |
|
| 722 | + if ($cipher == 'DEL') |
|
| 723 | + $out .= ' |
|
| 724 | 724 | self.delete_existing_connections(\''.$ssid.'\')'; |
| 725 | 725 | } |
| 726 | 726 | |
| 727 | -$out .=' |
|
| 727 | +$out .= ' |
|
| 728 | 728 | |
| 729 | 729 | if __name__ == "__main__": |
| 730 | 730 | ENMCT = EduroamNMConfigTool() |
@@ -67,10 +67,11 @@ discard block |
||
| 67 | 67 | |
| 68 | 68 | $out_string .= $this->printNMScript($SSIDs,$delSSIDs); |
| 69 | 69 | $out_string .= $this->writeWpaConf($SSIDs); |
| 70 | - if($this->selectedEap == \core\common\EAP::EAPTYPE_TLS) |
|
| 71 | - $out_string .= $this->printP12Dialog(); |
|
| 72 | - else |
|
| 73 | - $out_string .= $this->printPasswordDialog(); |
|
| 70 | + if($this->selectedEap == \core\common\EAP::EAPTYPE_TLS) { |
|
| 71 | + $out_string .= $this->printP12Dialog(); |
|
| 72 | + } else { |
|
| 73 | + $out_string .= $this->printPasswordDialog(); |
|
| 74 | + } |
|
| 74 | 75 | $out_string .= $this->checkNMResultAndCont(); |
| 75 | 76 | $installer_path = $this->installerBasename.'.sh'; |
| 76 | 77 | file_put_contents($installer_path, $out_string); |
@@ -86,13 +87,15 @@ discard block |
||
| 86 | 87 | if($ssid_ct > 1) { |
| 87 | 88 | if($ssid_ct > 2) { |
| 88 | 89 | $out .= sprintf(_("In addition to <strong>%s</strong> the installer will also configure access to the following networks:"),implode(', ',\config\ConfAssistant::CONSORTIUM['ssid']))." "; |
| 89 | - } else |
|
| 90 | - $out .= sprintf(_("In addition to <strong>%s</strong> the installer will also configure access to:"),implode(', ',\config\ConfAssistant::CONSORTIUM['ssid']))." "; |
|
| 90 | + } else { |
|
| 91 | + $out .= sprintf(_("In addition to <strong>%s</strong> the installer will also configure access to:"),implode(', ',\config\ConfAssistant::CONSORTIUM['ssid']))." "; |
|
| 92 | + } |
|
| 91 | 93 | $i = 0; |
| 92 | 94 | foreach ($this->attributes['internal:SSID'] as $ssid=>$v) { |
| 93 | 95 | if(! in_array($ssid, \config\ConfAssistant::CONSORTIUM['ssid'])) { |
| 94 | - if($i > 0) |
|
| 95 | - $out .= ", "; |
|
| 96 | + if($i > 0) { |
|
| 97 | + $out .= ", "; |
|
| 98 | + } |
|
| 96 | 99 | $i++; |
| 97 | 100 | $out .= "<strong>$ssid</strong>"; |
| 98 | 101 | } |
@@ -100,9 +103,9 @@ discard block |
||
| 100 | 103 | $out .= "<p>"; |
| 101 | 104 | } |
| 102 | 105 | $out .= _("The installer will create .cat_installer sub-directory in your home directory and will copy your server certificates there."); |
| 103 | -if($this->selectedEap == \core\common\EAP::EAPTYPE_TLS) |
|
| 106 | +if($this->selectedEap == \core\common\EAP::EAPTYPE_TLS) { |
|
| 104 | 107 | $out .= _("In order to connect to the network you will need a personal certificate in the form of a p12 file. You should obtain this certificate from your home institution. Consult the support page to find out how this certificate can be obtained. Such certificate files are password protected. You should have both the file and the password available during the installation process. Your p12 file will also be copied to the .cat_installer directory."); |
| 105 | -else { |
|
| 108 | +} else { |
|
| 106 | 109 | $out .= _("In order to connect to the network you will need an account from your home institution. You should consult the support page to find out how this account can be obtained. It is very likely that your account is already activated."); |
| 107 | 110 | $out .= "<p>"; |
| 108 | 111 | $out .= _("You will be requested to enter your account credentials during the installation. This information will be saved so that you will reconnect to the network automatically each time you are in the range."); |
@@ -150,10 +153,11 @@ discard block |
||
| 150 | 153 | |
| 151 | 154 | |
| 152 | 155 | private function printProfileConfirmation() { |
| 153 | - if($this->attributes['internal:profile_count'][0] > 1) |
|
| 154 | - $out = 'if ! ask "'.sprintf(_("This installer will only work properly if you are a member of %s and the user group: %s."),'${bf}'.$this->attributes['general:instname'][0].'${n}','${bf}'.$this->attributes['profile:name'][0]).'${n}"'; |
|
| 155 | - else |
|
| 156 | - $out = 'if ! ask "'.sprintf(_("This installer will only work properly if you are a member of %s."),'${bf}'.$this->attributes['general:instname'][0]).'${n}"'; |
|
| 156 | + if($this->attributes['internal:profile_count'][0] > 1) { |
|
| 157 | + $out = 'if ! ask "'.sprintf(_("This installer will only work properly if you are a member of %s and the user group: %s."),'${bf}'.$this->attributes['general:instname'][0].'${n}','${bf}'.$this->attributes['profile:name'][0]).'${n}"'; |
|
| 158 | + } else { |
|
| 159 | + $out = 'if ! ask "'.sprintf(_("This installer will only work properly if you are a member of %s."),'${bf}'.$this->attributes['general:instname'][0]).'${n}"'; |
|
| 160 | + } |
|
| 157 | 161 | $out .= ' "'._("Continue").'" 1 ; then exit; fi |
| 158 | 162 | '; |
| 159 | 163 | return $out; |
@@ -404,9 +408,10 @@ discard block |
||
| 404 | 408 | eap='.$e['OUTER'].' |
| 405 | 409 | ca_cert="${HOME}/'.$this->local_dir.'/ca.pem" |
| 406 | 410 | identity="${USER_NAME}"'; |
| 407 | - if($this->server_name) |
|
| 408 | - $out .= ' |
|
| 411 | + if($this->server_name) { |
|
| 412 | + $out .= ' |
|
| 409 | 413 | domain_suffix_match="'.$this->server_name.'"'; |
| 414 | + } |
|
| 410 | 415 | if($this->selectedEap == \core\common\EAP::EAPTYPE_TLS) { |
| 411 | 416 | $out .= ' |
| 412 | 417 | private_key="${HOME}/'.$this->local_dir.'/user.p12" |
@@ -415,10 +420,11 @@ discard block |
||
| 415 | 420 | $out .= ' |
| 416 | 421 | phase2="auth='.$e['INNER'].'" |
| 417 | 422 | password="${PASSWORD}"'; |
| 418 | - if($this->attributes['internal:use_anon_outer'][0] == 1) |
|
| 419 | - $out .= ' |
|
| 423 | + if($this->attributes['internal:use_anon_outer'][0] == 1) { |
|
| 424 | + $out .= ' |
|
| 420 | 425 | anonymous_identity="'.$this->attributes['internal:anon_local_value'][0].'@'.$this->attributes['internal:realm'][0].'"'; |
| 421 | 426 | } |
| 427 | + } |
|
| 422 | 428 | $out .= ' |
| 423 | 429 | }'; |
| 424 | 430 | } |
@@ -515,8 +521,9 @@ discard block |
||
| 515 | 521 | |
| 516 | 522 | |
| 517 | 523 | private function glueServerNames($server_list) { |
| 518 | - if(! $server_list) |
|
| 519 | - return ''; |
|
| 524 | + if(! $server_list) { |
|
| 525 | + return ''; |
|
| 526 | + } |
|
| 520 | 527 | $A0 = array_reverse(explode('.',array_shift($server_list))); |
| 521 | 528 | $B = $A0; |
| 522 | 529 | foreach($server_list as $a) { |
@@ -528,12 +535,14 @@ discard block |
||
| 528 | 535 | } |
| 529 | 536 | |
| 530 | 537 | private function mkSubjectAltNameList($server_list) { |
| 531 | - if(! $server_list) |
|
| 532 | - return ''; |
|
| 538 | + if(! $server_list) { |
|
| 539 | + return ''; |
|
| 540 | + } |
|
| 533 | 541 | $out = ''; |
| 534 | 542 | foreach($server_list as $a) { |
| 535 | - if($out) |
|
| 536 | - $out .= ','; |
|
| 543 | + if($out) { |
|
| 544 | + $out .= ','; |
|
| 545 | + } |
|
| 537 | 546 | $out .= "'DNS:$a'"; |
| 538 | 547 | } |
| 539 | 548 | return $out; |
@@ -691,9 +700,10 @@ discard block |
||
| 691 | 700 | $out .= ' |
| 692 | 701 | \'password\': \'$PASSWORD\', |
| 693 | 702 | \'phase2-auth\': \''.strtolower($e['INNER']).'\','; |
| 694 | - if($this->attributes['internal:use_anon_outer'][0] == 1) |
|
| 695 | - $out .= ' |
|
| 703 | + if($this->attributes['internal:use_anon_outer'][0] == 1) { |
|
| 704 | + $out .= ' |
|
| 696 | 705 | \'anonymous-identity\': \''.$this->attributes['internal:anon_local_value'][0].'@'.$this->attributes['internal:realm'][0].'\','; |
| 706 | + } |
|
| 697 | 707 | } |
| 698 | 708 | $out .= ' |
| 699 | 709 | }) |
@@ -719,9 +729,10 @@ discard block |
||
| 719 | 729 | } |
| 720 | 730 | // create a list of profiles to be deleted after installation |
| 721 | 731 | foreach ($delSSIDs as $ssid => $cipher) { |
| 722 | - if($cipher == 'DEL') |
|
| 723 | - $out .=' |
|
| 732 | + if($cipher == 'DEL') { |
|
| 733 | + $out .=' |
|
| 724 | 734 | self.delete_existing_connections(\''.$ssid.'\')'; |
| 735 | + } |
|
| 725 | 736 | } |
| 726 | 737 | |
| 727 | 738 | $out .=' |
