eduVPN /
vpn-server-api
| Conditions | 9 |
| Paths | 16 |
| Total Lines | 80 |
| Code Lines | 54 |
| Lines | 0 |
| Ratio | 0 % |
| Changes | 0 | ||
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
| 1 | <?php |
||
| 89 | private function writeProcess(PoolConfig $poolConfig) |
||
| 90 | { |
||
| 91 | $tlsDir = sprintf('/etc/openvpn/tls/%s', $poolConfig->v('instanceId')); |
||
| 92 | |||
| 93 | $rangeIp = new IP($poolConfig->v('range')); |
||
| 94 | $range6Ip = new IP($poolConfig->v('range6')); |
||
| 95 | |||
| 96 | // static options |
||
| 97 | $serverConfig = [ |
||
| 98 | '# OpenVPN Server Configuration', |
||
| 99 | 'verb 3', |
||
| 100 | 'dev-type tun', |
||
| 101 | 'user openvpn', |
||
| 102 | 'group openvpn', |
||
| 103 | 'topology subnet', |
||
| 104 | 'persist-key', |
||
| 105 | 'persist-tun', |
||
| 106 | 'keepalive 10 60', |
||
| 107 | 'comp-lzo no', |
||
| 108 | 'remote-cert-tls client', |
||
| 109 | 'tls-version-min 1.2', |
||
| 110 | 'tls-cipher TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA', |
||
| 111 | 'auth SHA256', |
||
| 112 | 'cipher AES-256-CBC', |
||
| 113 | 'client-connect /usr/bin/vpn-server-api-client-connect', |
||
| 114 | 'client-disconnect /usr/bin/vpn-server-api-client-disconnect', |
||
| 115 | 'push "comp-lzo no"', |
||
| 116 | 'push "explicit-exit-notify 3"', |
||
| 117 | sprintf('ca %s/ca.crt', $tlsDir), |
||
| 118 | sprintf('cert %s/server.crt', $tlsDir), |
||
| 119 | sprintf('key %s/server.key', $tlsDir), |
||
| 120 | sprintf('dh %s/dh.pem', $tlsDir), |
||
| 121 | sprintf('tls-auth %s/ta.key 0', $tlsDir), |
||
| 122 | sprintf('server %s %s', $rangeIp->getNetwork(), $rangeIp->getNetmask()), |
||
| 123 | sprintf('server-ipv6 %s', $range6Ip->getAddressPrefix()), |
||
| 124 | sprintf('max-clients %d', $rangeIp->getNumberOfHosts() - 1), |
||
| 125 | sprintf('script-security %d', $poolConfig->v('twoFactor', false) ? 3 : 2), |
||
| 126 | sprintf('dev %s', $poolConfig->v('dev')), |
||
| 127 | sprintf('port %d', $poolConfig->v('port')), |
||
| 128 | sprintf('management %s %d', $poolConfig->v('managementIp'), $poolConfig->v('managementPort')), |
||
| 129 | sprintf('setenv INSTANCE_ID %s', $poolConfig->v('instanceId')), |
||
| 130 | sprintf('setenv POOL_ID %s', $poolConfig->v('poolId')), |
||
| 131 | sprintf('proto %s', 'tcp' === $poolConfig->v('proto') ? 'tcp-server' : 'udp'), |
||
| 132 | sprintf('local %s', 'tcp' === $poolConfig->v('proto') ? $poolConfig->v('managementIp') : $poolConfig->v('listen', '0.0.0.0')), |
||
| 133 | |||
| 134 | // increase the renegotiation time to 8h from the default of 1h when |
||
| 135 | // using 2FA, otherwise the user would be asked for the 2FA key every |
||
| 136 | // hour |
||
| 137 | sprintf('reneg-sec %d', $poolConfig->v('twoFactor', false) ? 28800 : 3600), |
||
| 138 | ]; |
||
| 139 | |||
| 140 | if ($poolConfig->v('enableLog', false)) { |
||
| 141 | $serverConfig[] = 'log /dev/null'; |
||
| 142 | } |
||
| 143 | |||
| 144 | if ('tcp' === $poolConfig->v('proto')) { |
||
| 145 | $serverConfig[] = 'tcp-nodelay'; |
||
| 146 | } |
||
| 147 | |||
| 148 | if ($poolConfig->v('twoFactor', false)) { |
||
| 149 | $serverConfig[] = 'auth-user-pass-verify /usr/bin/vpn-server-api-verify-otp via-env'; |
||
| 150 | } |
||
| 151 | |||
| 152 | // Routes |
||
| 153 | $serverConfig = array_merge($serverConfig, self::getRoutes($poolConfig)); |
||
| 154 | |||
| 155 | // DNS |
||
| 156 | $serverConfig = array_merge($serverConfig, self::getDns($poolConfig)); |
||
| 157 | |||
| 158 | // Client-to-client |
||
| 159 | $serverConfig = array_merge($serverConfig, self::getClientToClient($poolConfig)); |
||
| 160 | |||
| 161 | sort($serverConfig, SORT_STRING); |
||
| 162 | |||
| 163 | $configFile = sprintf('%s/%s', $this->vpnConfigDir, $poolConfig->v('configName')); |
||
| 164 | |||
| 165 | if (false === @file_put_contents($configFile, implode(PHP_EOL, $serverConfig))) { |
||
| 166 | throw new RuntimeException(sprintf('unable to write configuration file "%s"', $configFile)); |
||
| 167 | } |
||
| 168 | } |
||
| 169 | |||
| 242 |
Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it.
The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production.
This check looks for comments that seem to be mostly valid code and reports them.