plugins: PSR12 for "s" and "w"

This commit is contained in:
Franco Fichtner 2019-10-07 21:40:59 +02:00
parent e2fff6bade
commit 8f2805ef58
57 changed files with 308 additions and 186 deletions

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2017 Frank Wall
* Copyright (C) 2015 Deciso B.V.

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2017 Frank Wall
* Copyright (C) 2015 Deciso B.V.

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2017-2019 Frank Wall
* Copyright (C) 2015 Deciso B.V.

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2017-2019 Frank Wall
* Copyright (C) 2015 Deciso B.V.
@ -89,10 +90,12 @@ class ActionsController extends ApiMutableModelControllerBase
public function sftpTestConnectionAction()
{
if ($response = $this->callBackend(
["test-sftp-connection"],
["sftp_host", "sftp_host_key", "sftp_port", "sftp_user", "sftp_identity_type", "sftp_remote_path", "sftp_chmod", "sftp_chgrp"])) {
if (
$response = $this->callBackend(
["test-sftp-connection"],
["sftp_host", "sftp_host_key", "sftp_port", "sftp_user", "sftp_identity_type", "sftp_remote_path", "sftp_chmod", "sftp_chgrp"]
)
) {
return $response;
}
@ -116,7 +119,9 @@ class ActionsController extends ApiMutableModelControllerBase
if (preg_match('/^\[.+\]$/ms', $result) || preg_match('/^\{.+\}$/ms', $result)) {
try {
$result = json_decode($result, true, 64, JSON_THROW_ON_ERROR);
} catch (\Exception $ignored) {/*pass as is when json parsing fails*/}
} catch (\Exception $ignored) {
/*pass as is when json parsing fails*/
}
}
return $result;
}

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2017-2019 Frank Wall
* Copyright (C) 2015 Deciso B.V.
@ -92,7 +93,7 @@ class CertificatesController extends ApiMutableModelControllerBase
*/
public function signAction($uuid)
{
$result = array("result"=>"failed");
$result = array("result" => "failed");
if ($this->request->isPost()) {
$mdlAcme = new AcmeClient();
@ -116,7 +117,7 @@ class CertificatesController extends ApiMutableModelControllerBase
*/
public function removekeyAction($uuid)
{
$result = array("result"=>"failed");
$result = array("result" => "failed");
$mdlAcme = new AcmeClient();
if ($uuid != null) {
$node = $mdlAcme->getNodeByReference('certificates.certificate.' . $uuid);
@ -136,7 +137,7 @@ class CertificatesController extends ApiMutableModelControllerBase
*/
public function revokeAction($uuid)
{
$result = array("result"=>"failed");
$result = array("result" => "failed");
if ($this->request->isPost()) {
$mdlAcme = new AcmeClient();

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2017 Frank Wall
* Copyright (C) 2015 Deciso B.V.
@ -136,8 +137,11 @@ class ServiceController extends ApiControllerBase
$runStatus = $this->statusAction();
// stop acmeclient when disabled
if ($runStatus['status'] == "running" &&
($mdlAcme->settings->enabled->__toString() == 0 || $force_restart)) {
if (
$runStatus['status'] == "running" &&
($mdlAcme->settings->enabled->__toString() == 0 ||
$force_restart)
) {
$this->stopAction();
}

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2017 Frank Wall
* Copyright (C) 2015 Deciso B.V.
@ -58,9 +59,11 @@ class SettingsController extends ApiMutableModelControllerBase
$backend = new Backend();
// Setup cronjob if AcmeClient and AutoRenewal is enabled.
if ((string)$mdlAcme->settings->UpdateCron == "" and
if (
(string)$mdlAcme->settings->UpdateCron == "" and
(string)$mdlAcme->settings->autoRenewal == "1" and
(string)$mdlAcme->settings->enabled == "1") {
(string)$mdlAcme->settings->enabled == "1"
) {
$mdlCron = new Cron();
// NOTE: Only configd actions are valid commands for cronjobs
// and they *must* provide a description that is not empty.
@ -88,9 +91,11 @@ class SettingsController extends ApiMutableModelControllerBase
$result['result'] = "unable to add cron";
}
// Delete cronjob if AcmeClient or AutoRenewal is disabled.
} elseif ((string)$mdlAcme->settings->UpdateCron != "" and
} elseif (
(string)$mdlAcme->settings->UpdateCron != "" and
((string)$mdlAcme->settings->autoRenewal == "0" or
(string)$mdlAcme->settings->enabled == "0")) {
(string)$mdlAcme->settings->enabled == "0")
) {
// Get UUID, clean existin entry
$cron_uuid = (string)$mdlAcme->settings->UpdateCron;
$mdlAcme->settings->UpdateCron = null;
@ -133,8 +138,10 @@ class SettingsController extends ApiMutableModelControllerBase
// Setup only if AcmeClient and HAProxy integration is enabled.
// NOTE: We provide HAProxy integration no matter if the HAProxy plugin
// is actually enabled or not. This should avoid confusion.
if ((string)$mdlAcme->settings->haproxyIntegration == "1" and
(string)$mdlAcme->settings->enabled == "1") {
if (
(string)$mdlAcme->settings->haproxyIntegration == "1" and
(string)$mdlAcme->settings->enabled == "1"
) {
$mdlHAProxy = new \OPNsense\HAProxy\HAProxy();
$backend = new Backend();
@ -311,9 +318,11 @@ class SettingsController extends ApiMutableModelControllerBase
// Ensure HAProxy frontend additions have been applied.
foreach ($mdlAcme->getNodeByReference('validations.validation')->iterateItems() as $validation) {
// Find all (enabled) validation methods with HAProxy integration.
if ((string)$validation->enabled == "1" and
if (
(string)$validation->enabled == "1" and
(string)$validation->method == "http01" and
(string)$validation->http_service == "haproxy") {
(string)$validation->http_service == "haproxy"
) {
// Check if HAProxy frontends were specified.
if (empty((string)$validation->http_haproxyFrontends)) {
// Skip item, no HAProxy frontends were specified.

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2017-2019 Frank Wall
* Copyright (C) 2015 Deciso B.V.

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2017 Frank Wall
* Copyright (C) 2015 Deciso B.V.

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2017 Frank Wall
* Copyright (C) 2015 Deciso B.V.

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2017 Frank Wall
* Copyright (C) 2015 Deciso B.V.

View File

@ -1,4 +1,5 @@
<?php
/*
* Copyright (C) 2019 Juergen Kellerer
* All rights reserved.
@ -27,7 +28,6 @@
namespace OPNsense\AcmeClient;
/**
* Utility class to execute shell processes and handle their IO.
* @package OPNsense\AcmeClient
@ -74,8 +74,9 @@ class Process
if ($process_handle) {
if ($release) {
if (in_array($process_handle, $open_processes))
if (in_array($process_handle, $open_processes)) {
$open_processes = array_diff($open_processes, [$process_handle]);
}
} else {
$open_processes[] = $process_handle;
}
@ -95,8 +96,9 @@ class Process
$this->outputs = $pipes;
$this->inputs = [array_shift($this->outputs)];
foreach ($this->outputs as $stream)
foreach ($this->outputs as $stream) {
stream_set_blocking($stream, false);
}
self::manageOpenedProcess($this->handle);
} else {
@ -108,8 +110,9 @@ class Process
{
$this->close();
if ($this->isRunning())
if ($this->isRunning()) {
$this->close(true);
}
}
public function get($timeout = 5, $max_length = 8192, $ending = PHP_EOL)
@ -133,14 +136,17 @@ class Process
{
if ($this->isRunning() && is_resource($stdin = $this->inputs[0]) && !feof($stdin)) {
fwrite($stdin, $data);
if ($append)
if ($append) {
fwrite($stdin, $append);
}
}
}
public function closeInput()
{
if (!feof($stdin = $this->inputs[0])) fclose($stdin);
if (!feof($stdin = $this->inputs[0])) {
fclose($stdin);
}
}
public function close($force = false)
@ -170,8 +176,9 @@ class Process
: false;
if (is_array($status)) {
if (!$this->exitCode && $this->exitCode !== 0 && !$status["running"])
if (!$this->exitCode && $this->exitCode !== 0 && !$status["running"]) {
$this->exitCode = $status["exitcode"];
}
return $status["running"];
}

View File

@ -1,4 +1,5 @@
<?php
/*
* Copyright (C) 2019 Juergen Kellerer
* All rights reserved.
@ -70,8 +71,10 @@ class SSHKeys
if (!is_dir($config_path)) {
$dir_created = mkdir($config_path, self::CONFIG_PATH_CREATE_MODE, true);
Utils::requireThat($dir_created,
"Failed creating directory '$config_path' with permission " . self::CONFIG_PATH_CREATE_MODE);
Utils::requireThat(
$dir_created,
"Failed creating directory '$config_path' with permission " . self::CONFIG_PATH_CREATE_MODE
);
}
$this->config_path = realpath($config_path);
@ -85,8 +88,10 @@ class SSHKeys
touch($this->known_hosts_file)
&& chmod($this->known_hosts_file, self::KNOWN_HOSTS_FILE_CREATE_MODE);
Utils::requireThat($file_created,
"Failed creating file '{$this->known_hosts_file}' with permission " . self::KNOWN_HOSTS_FILE_CREATE_MODE);
Utils::requireThat(
$file_created,
"Failed creating file '{$this->known_hosts_file}' with permission " . self::KNOWN_HOSTS_FILE_CREATE_MODE
);
}
return $this->known_hosts_file;
@ -110,8 +115,9 @@ class SSHKeys
$host_key = false;
} else {
$host_key = self::getHostKeyInfo($host_key);
if ($host_key === false)
if ($host_key === false) {
return ["ok" => false, "error" => "Invalid host_key specified."];
}
}
@ -157,8 +163,7 @@ class SSHKeys
$is_key_known = false;
if ($known_by_host && $host_key && $host_key === $known_by_host["key_info"]) {
$is_key_known = true;
} else if ($known_by_key) {
} elseif ($known_by_key) {
if (strcasecmp(trim($host), trim($known_by_key["host"])) != 0) {
Utils::log()->info("Host key is in known_hosts but hostname differs. Changing '$host' to '{$known_by_key["host"]}'.");
$host = $known_by_key["host"];
@ -169,18 +174,18 @@ class SSHKeys
// Check if we don't have a matching known_hosts entry and add or update it as required.
if (!$is_key_known && !$no_modification_allowed) {
// Query the key.
$key_type = $host_key ? $host_key["key_type"] : self::DEFAULT_KEY_TYPE;
$remote_host_keys = $addKeyInfo($this->queryHostKey($host, $key_type, $port, $query_error));
// Retry with ALTERNATE_DEFAULT_KEY_TYPE when DEFAULT_KEY_TYPE was applied in the first place.
if (empty($remote_host_keys)
if (
empty($remote_host_keys)
&& $query_error
&& $query_error["connection_refused"]
&& !$host_key
&& self::ALTERNATE_DEFAULT_KEY_TYPE != self::DEFAULT_KEY_TYPE) {
&& self::ALTERNATE_DEFAULT_KEY_TYPE != self::DEFAULT_KEY_TYPE
) {
$key_type = self::ALTERNATE_DEFAULT_KEY_TYPE;
$remote_host_keys = $addKeyInfo($this->queryHostKey($host, $key_type, $port, $query_error));
}
@ -198,18 +203,20 @@ class SSHKeys
foreach ($matching_remote_host_keys as $key) {
Utils::log()->info("Adding known_hosts entry: " . json_encode($key["key_info"], JSON_UNESCAPED_SLASHES));
$ok = file_put_contents($this->knownHostsFile(), $key["host_key"] . PHP_EOL, FILE_APPEND);
if (!$ok)
if (!$ok) {
Utils::log()->error("Failed adding known_hosts entry {$key["host_key"]}");
}
}
// Verify that known_hosts contains the correct keys after adding them (using recursion).
return $this->trustHost($host, $matching_remote_host_keys[0]["host_key"], $port, true);
} else {
if (empty($remote_host_keys)) {
$msg = "No connection to '$host'; Failed querying host key from server.";
} else {
$remote_infos = array_map(function ($key) { return $key["key_info"]; }, $remote_host_keys);
$remote_infos = array_map(function ($key) {
return $key["key_info"];
}, $remote_host_keys);
$msg = "Key mismatch for '$host'; "
. "The expected key (" . json_encode($host_key) . ") was not found in (" . json_encode($remote_infos) . ")";
}
@ -241,8 +248,9 @@ class SSHKeys
$has_ip = ($ip = gethostbyname($host))
&& ($ip !== $host || preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $ip));
if ($has_ip)
if ($has_ip) {
$search_list[] = strtolower($ip);
}
// Add FQDN to search list if reverse lookup provides a valid one.
$has_fqdn = $has_ip
@ -250,8 +258,9 @@ class SSHKeys
&& $reverse_fqdn !== $ip
&& gethostbyname($reverse_fqdn) === $ip;
if ($has_fqdn && isset($reverse_fqdn))
if ($has_fqdn && isset($reverse_fqdn)) {
$search_list[] = strtolower($reverse_fqdn);
}
// Build unique search list (dedup list)
$search_list = array_filter($search_list, function ($value, $index) use (&$search_list) {
@ -295,16 +304,18 @@ class SSHKeys
$lines = [];
while (($line = $p->get(60)) !== false) {
$line = trim($line);
if (empty($line) || $line[0] == "#")
if (empty($line) || $line[0] == "#") {
continue;
}
if (!$failed) {
foreach ($expected_errors as $err)
foreach ($expected_errors as $err) {
if (preg_match($err[1], $line)) {
$error = [$err[0] => true];
$failed = true;
break;
}
}
}
$lines[] = $line;
@ -327,8 +338,9 @@ class SSHKeys
if (empty($keys)) {
Utils::log()->info("Couldn't fetch public host key ($key_type) from {$host}:{$port}");
if (!is_array($error) || empty($error))
if (!is_array($error) || empty($error)) {
$error = ["connection_refused" => true];
}
}
return $keys;
@ -349,8 +361,9 @@ class SSHKeys
$lines = [];
while (($line = $p->get()) !== false) {
$line = trim($line);
if (empty($line) || $line[0] == "#")
if (empty($line) || $line[0] == "#") {
continue;
}
$lines[] = $line;
}
@ -366,8 +379,7 @@ class SSHKeys
"host_key" => $lines[0],
"host_query" => $name_or_ip,
];
} else if ($p->exitCode != 1 /* 1 == NOT_FOUND */) {
} elseif ($p->exitCode != 1 /* 1 == NOT_FOUND */) {
$output = empty($lines)
? ""
: PHP_EOL . join(PHP_EOL, $lines);
@ -377,8 +389,9 @@ class SSHKeys
}
}
if (empty($keys))
if (empty($keys)) {
Utils::log()->info("Didn't find $host in known_hosts");
}
return $keys;
}
@ -394,8 +407,9 @@ class SSHKeys
if ($p = Process::open(["ssh-keygen", "-R", $host, "-f", $this->knownHostsFile()])) {
$ok = $p->close() === 0;
if (!$ok)
if (!$ok) {
Utils::log()->error("Failed removing known hosts for $host. Return code was: {$p->exitCode}");
}
}
return $ok;
@ -438,8 +452,9 @@ class SSHKeys
Utils::requireThat(in_array($identity_type, self::IDENTITY_TYPES), "Identity type '$identity_type' unknown.");
list($key_type, $key_size) = explode('_', $identity_type, 2);
if (!$key_size && self::DEFAULT_IDENTITY_KEY_BITS[$key_type] > 0)
if (!$key_size && self::DEFAULT_IDENTITY_KEY_BITS[$key_type] > 0) {
$key_size = self::DEFAULT_IDENTITY_KEY_BITS[$key_type];
}
$identity_path = "{$this->config_path}/id.{$identity_type}";
@ -451,17 +466,20 @@ class SSHKeys
"-N", "",
];
if (intval($key_size) > 0)
if (intval($key_size) > 0) {
array_push($generate_key, "-b", $key_size);
}
if ($p = Process::open($generate_key)) {
while (($line = $p->get(10)) !== false) {
Utils::log()->info("SSH keygen: $line");
}
Utils::requireThat($p->close() == 0,
Utils::requireThat(
$p->close() == 0,
"Failed generating identity $identity_path: Error code: {$p->exitCode}" . PHP_EOL
. "Command: " . join(" ", $generate_key));
. "Command: " . join(" ", $generate_key)
);
}
}
@ -479,15 +497,17 @@ class SSHKeys
{
$restrictions = ['restrict'];
if ($command)
if ($command) {
$restrictions[] = 'command="' . $command . '"';
}
$restrict_ip = empty(trim($outgoing_ip))
? (empty(trim($host)) ? false : self::getOutgoingIpFor($host))
: $outgoing_ip;
if ($restrict_ip)
if ($restrict_ip) {
$restrictions[] = 'from="' . $restrict_ip . '"';
}
return count($restrictions) > 1
@ -506,17 +526,19 @@ class SSHKeys
$interface = null;
if ($p = Process::open(["route", "-n", "get", $ip])) {
while (($line = $p->get(10)) !== false)
while (($line = $p->get(10)) !== false) {
if (preg_match('/\s*interface:\s*([^\s]+).*$/', $line, $matches)) {
$interface = $matches[1];
}
}
}
if ($interface && $p = Process::open(["ifconfig", $interface, "inet"])) {
while (($line = $p->get(10)) !== false)
while (($line = $p->get(10)) !== false) {
if (preg_match('/\s*inet\s+([^\s]+)\s+netmask.*/', $line, $matches)) {
return $matches[1];
}
}
}
return false;

View File

@ -1,4 +1,5 @@
<?php
/*
* Copyright (C) 2019 Juergen Kellerer
* All rights reserved.
@ -27,7 +28,6 @@
namespace OPNsense\AcmeClient;
/**
* Wrapper around the 'sftp' commandline client.
* @package OPNsense\AcmeClient
@ -96,9 +96,12 @@ class SftpClient
// Handle client side identity
$identity = $this->ssh_keys->getIdentity($this->identity_type, true);
if (is_file($identity) && is_readable($identity)) {
array_push($cmd,
"-i", $identity,
"-oPreferredAuthentications=publickey");
array_push(
$cmd,
"-i",
$identity,
"-oPreferredAuthentications=publickey"
);
} else {
Utils::log()->error("Failed adding client identity ($identity). Connect will likely fail.");
}
@ -119,7 +122,7 @@ class SftpClient
return false;
}
private function processAvailableInput(float $timeout = 0, $expected_lines = 0, Callable $lines_consumer = null, $remaining_timeout = 0)
private function processAvailableInput(float $timeout = 0, $expected_lines = 0, callable $lines_consumer = null, $remaining_timeout = 0)
{
Utils::requireThat($this->process !== null, "SFTP: process not connected");
@ -139,18 +142,22 @@ class SftpClient
while (($line = $this->process->get($timeout)) !== false) {
foreach ($expected_errors as $ee) {
if (preg_match($ee[1], $line)) {
if (!$this->failed_status || $ee[0] !== "connection_closed")
if (!$this->failed_status || $ee[0] !== "connection_closed") {
$this->failed_status = [$ee[0] => true, "error" => trim($line)];
}
break;
}
}
$consumed = ($lines_consumer && $lines_consumer($line) === true);
if (!$consumed)
if (!$consumed) {
Utils::log()->info("SFTP: " . rtrim($line));
}
if (!$lines_consumer || $consumed) {
if (--$expected_lines <= 0) $timeout = $remaining_timeout;
if (--$expected_lines <= 0) {
$timeout = $remaining_timeout;
}
}
}
}
@ -166,15 +173,17 @@ class SftpClient
$this->process = null;
if ($this->failed_status && $this->failed_status["connection_closed"])
if ($this->failed_status && $this->failed_status["connection_closed"]) {
$this->clearError();
}
}
}
public function lastError($timeout = 0.5)
{
if ($this->failed_status === false)
if ($this->failed_status === false) {
$this->processAvailableInput($timeout);
}
return $this->failed_status;
}

View File

@ -1,4 +1,5 @@
<?php
/*
* Copyright (C) 2019 Juergen Kellerer
* All rights reserved.
@ -27,7 +28,6 @@
namespace OPNsense\AcmeClient;
/**
* Handles file uploads via SFTP.
* @package OPNsense\AcmeClient
@ -103,12 +103,14 @@ class SftpUploader
$content_written = file_put_contents($local_file, $content);
Utils::requireThat($content_written > 0, "Failed writing content of '$remote_file' to '$local_file', disk full?");
if (($time = intval($content_last_modified)) && $time > 0)
if (($time = intval($content_last_modified)) && $time > 0) {
touch($local_file, $time);
}
$remote_file = trim($remote_file);
if (empty($remote_file))
if (empty($remote_file)) {
$remote_file = basename($local_file);
}
$local_file = $this->addFile($local_file, $remote_file, $chmod, $chgrp);
$this->pending_files[$local_file]["delete_source"] = true;
@ -171,7 +173,6 @@ class SftpUploader
// Uploading the files
foreach ($files_to_upload as $file) {
// Managing pending files.
$local_file = $this->current_file = $file["source"];
@ -187,11 +188,11 @@ class SftpUploader
// Changing remote directory if required.
if (($target_dir = dirname($file["target"])) !== $remote_path) {
$absolute_target_dir = $this->sftp->resolve($target_dir, $remote_base_path);
Utils::requireThat(
$absolute_target_dir && strpos($absolute_target_dir, $remote_base_path) === 0,
"Illegal target directory '$absolute_target_dir' is not below '$remote_base_path'");
"Illegal target directory '$absolute_target_dir' is not below '$remote_base_path'"
);
$dir_names = preg_split('-/+-', substr($absolute_target_dir, strlen($remote_base_path)), 0, PREG_SPLIT_NO_EMPTY);
if (count($dir_names) == 1) {
@ -263,8 +264,9 @@ class SftpUploader
if ($error = $this->sftp->put($local_file, $remote_filename, $preserve_times_and_mod)->lastError()) {
Utils::log()->error("Failed uploading file '{$local_file}' to '{$file["target"]}'", $error);
if ($error["permission_denied"] !== true)
if ($error["permission_denied"] !== true) {
$retry_with_permission_change = false;
}
if ($retry_with_permission_change) {
Utils::log()->info("Retrying file '{$local_file}' to '{$file["target"]}' with adjusted permissions");
@ -279,15 +281,13 @@ class SftpUploader
// Second attempt when initial failed or was skipped due to write protection (only possible if we have chmod defined to reset permissions later)
if ($retry_with_permission_change) {
$this->sftp->chmod($remote_filename, '0600');
if ($error = $this->sftp->put($local_file, $remote_filename)->lastError()) {
Utils::log()->error("Failed uploading file '{$local_file}' to '{$file["target"]}'", $error);
return self::UPLOAD_ERROR_NO_PERMISSION;
}
} else if ($remote_is_readonly) {
} elseif ($remote_is_readonly) {
Utils::log()->error("Failed uploading file '{$local_file}' to '{$file["target"]}'. Existing file is write protected.");
return self::UPLOAD_ERROR_NO_PERMISSION;
}
@ -316,18 +316,20 @@ class SftpUploader
$this->current_file = null;
if (empty($this->pending_files))
if (empty($this->pending_files)) {
$this->temporaryFile(true);
}
return self::UPLOAD_SUCCESS;
}
private function deleteSourceIfRequested($file)
{
if (isset($this->pending_files[$file])
if (
isset($this->pending_files[$file])
&& is_array($existing = $this->pending_files[$file])
&& $existing["delete_source"] === true) {
&& $existing["delete_source"] === true
) {
unlink($existing["source"]);
}
}
@ -344,8 +346,9 @@ class SftpUploader
register_shutdown_function(function () use (&$shared_temporary_files) {
$count = 0;
foreach ($shared_temporary_files as $temporary_files) {
if (!is_iterable($temporary_files))
if (!is_iterable($temporary_files)) {
continue;
}
foreach ($temporary_files as $file) {
if (is_file($file)) {
unlink($file);
@ -354,8 +357,9 @@ class SftpUploader
}
}
if ($count > 0)
if ($count > 0) {
Utils::log()->info("Removed $count files in shutdown hook instead of object destruction.");
}
$shared_temporary_files = [];
});
@ -373,11 +377,12 @@ class SftpUploader
// Dealing with temp file creation or cleanup
if ($delete_all) {
foreach ($temporary_files as $file) {
if (is_file($file)) unlink($file);
if (is_file($file)) {
unlink($file);
}
}
unset($shared_temporary_files[$index]);
} else {
if ($file = tempnam(sys_get_temp_dir(), "sftp-upload-")) {
$file = realpath($file);

View File

@ -1,4 +1,5 @@
<?php
/*
* Copyright (C) 2019 Juergen Kellerer
* All rights reserved.
@ -73,7 +74,6 @@ class Utils
);
}
};
} else {
$logger = new class implements ILogger
{
@ -117,9 +117,9 @@ class Utils
$combined_path = $file;
if (empty($file) || $file[0] != DIRECTORY_SEPARATOR) {
if (empty($base) || $base[0] != DIRECTORY_SEPARATOR)
if (empty($base) || $base[0] != DIRECTORY_SEPARATOR) {
$base = realpath(($base ?: "."));
}
$combined_path = $base . DIRECTORY_SEPARATOR . $file;
}
@ -127,15 +127,17 @@ class Utils
$path = [];
foreach (explode(DIRECTORY_SEPARATOR, $combined_path) as $part) {
if (empty($part) || $part === '.')
if (empty($part) || $part === '.') {
continue;
}
if ($part !== '..')
if ($part !== '..') {
array_push($path, $part);
else if (!empty($path))
} elseif (!empty($path)) {
array_pop($path);
else
} else {
return false;
}
}
return DIRECTORY_SEPARATOR . join(DIRECTORY_SEPARATOR, $path);

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2017 Frank Wall
* Copyright (C) 2015 Deciso B.V.

View File

@ -78,23 +78,23 @@ if (isset($options["C"])) {
switch ($options["a"]) {
case 'sign':
$result = cert_action_validator($options["c"]);
echo json_encode(array('status'=>$result));
echo json_encode(array('status' => $result));
break;
case 'renew':
$result = cert_action_validator($options["c"]);
echo json_encode(array('status'=>$result));
echo json_encode(array('status' => $result));
break;
case 'remove':
$result = cert_action_validator($options["c"]);
echo json_encode(array('status'=>$result));
echo json_encode(array('status' => $result));
break;
case 'removekey':
$result = cert_action_validator($options["c"]);
echo json_encode(array('status'=>$result));
echo json_encode(array('status' => $result));
break;
case 'revoke':
$result = cert_action_validator($options["c"]);
echo json_encode(array('status'=>$result));
echo json_encode(array('status' => $result));
break;
default:
echo "ERROR: invalid argument specified\n";
@ -112,7 +112,7 @@ function cert_action_validator($opt_cert_id)
{
global $options;
$modelObj = new OPNsense\AcmeClient\AcmeClient;
$modelObj = new OPNsense\AcmeClient\AcmeClient();
// Store certs here after successful issue/renewal. Required for automations.
$restart_certs = array();
@ -459,7 +459,7 @@ function run_acme_validation($certObj, $valObj, $acctObj)
// Required to run pre-defined commands.
$backend = new Backend();
$modelObj = new OPNsense\AcmeClient\AcmeClient;
$modelObj = new OPNsense\AcmeClient\AcmeClient();
// Collect account information
$account_conf_dir = "/var/etc/acme-client/accounts/" . $acctObj->id;
@ -511,7 +511,7 @@ function run_acme_validation($certObj, $valObj, $acctObj)
$last_update_time = new \DateTime();
$last_update_time->setTimestamp($last_update);
$renew_interval = (string)$certObj->renewInterval;
$next_update = $last_update_time->add(new \DateInterval('P'.$renew_interval.'D'));
$next_update = $last_update_time->add(new \DateInterval('P' . $renew_interval . 'D'));
// Check if it's time to renew the cert.
if (isset($options["F"]) or ($current_time >= $next_update)) {
@ -899,7 +899,7 @@ function run_acme_validation($certObj, $valObj, $acctObj)
switch ((string)$certObj->aliasmode) {
case 'automatic':
$name = "_acme-challenge." . ltrim((string)$certObj->name, '*.');
if ($dst = dns_get_record($name, DNS_CNAME )) {
if ($dst = dns_get_record($name, DNS_CNAME)) {
$altnames .= "--domain-alias " . $dst[0]['target'] . " ";
}
break;
@ -923,7 +923,7 @@ function run_acme_validation($certObj, $valObj, $acctObj)
switch ((string)$certObj->aliasmode) {
case 'automatic':
$name = "_acme-challenge." . ltrim($altname, '*.');
if ($dst = dns_get_record($name, DNS_CNAME )) {
if ($dst = dns_get_record($name, DNS_CNAME)) {
$altnames .= "--domain-alias " . $dst[0]['target'] . " ";
}
break;
@ -935,7 +935,6 @@ function run_acme_validation($certObj, $valObj, $acctObj)
break;
}
}
}
}
@ -1409,12 +1408,12 @@ function dump_postponed_updates()
500 => 'internal error',
];
$modelObj = new OPNsense\AcmeClient\AcmeClient;
$modelObj = new OPNsense\AcmeClient\AcmeClient();
foreach ($postponed_updates as $pupdate) {
$_statusCode = $pupdate['statusCode'];
$_uuid = $pupdate['uuid'];
$node = $modelObj->getNodeByReference('certificates.certificate.'.$_uuid);
$node = $modelObj->getNodeByReference('certificates.certificate.' . $_uuid);
if ($node != null) {
log_error("AcmeClient: storing status '" . $status_descr[$_statusCode] . "' for cert " . (string)$node->name);
$node->statusCode = $_statusCode;
@ -1492,7 +1491,7 @@ function local_cert_get_cn($crt, $decode = true)
}
// taken from system_camanager.php
function local_ca_import(& $ca, $str, $key = "", $serial = 0)
function local_ca_import(&$ca, $str, $key = "", $serial = 0)
{
global $config;
@ -1518,7 +1517,7 @@ function local_ca_import(& $ca, $str, $key = "", $serial = 0)
if (is_array($config['ca'])) {
foreach ($config['ca'] as & $oca) {
$issuer = cert_get_issuer($oca['crt']);
if ($ca['refid']<>$oca['refid'] && $issuer==$subject) {
if ($ca['refid'] <> $oca['refid'] && $issuer == $subject) {
$oca['caref'] = $ca['refid'];
}
}
@ -1526,7 +1525,7 @@ function local_ca_import(& $ca, $str, $key = "", $serial = 0)
if (is_array($config['cert'])) {
foreach ($config['cert'] as & $cert) {
$issuer = cert_get_issuer($cert['crt']);
if ($issuer==$subject) {
if ($issuer == $subject) {
$cert['caref'] = $ca['refid'];
}
}

View File

@ -41,7 +41,7 @@ $HIGHWINDS_API_URL = 'https://striketracker.highwinds.com/api/v1/accounts';
function find_certificate($acme_cert_id)
{
$modelObj = new OPNsense\AcmeClient\AcmeClient;
$modelObj = new OPNsense\AcmeClient\AcmeClient();
$configObj = Config::getInstance()->object();
if (isset($configObj->OPNsense->AcmeClient->certificates) && $configObj->OPNsense->AcmeClient->certificates->count() > 0) {
foreach ($configObj->OPNsense->AcmeClient->certificates->children() as $certObj) {
@ -93,7 +93,7 @@ function export_certificate($cert_refid)
function upload_certificate($cert_name, $cert_refid, $acme_cert_id, $acme_automation_id)
{
$modelObj = new OPNsense\AcmeClient\AcmeClient;
$modelObj = new OPNsense\AcmeClient\AcmeClient();
$configObj = Config::getInstance()->object();
if (isset($configObj->OPNsense->AcmeClient->actions) && $configObj->OPNsense->AcmeClient->actions->count() > 0) {
foreach ($configObj->OPNsense->AcmeClient->actions->children() as $automObj) {

View File

@ -154,15 +154,15 @@ function commandShowIdentity(array &$options): int
$keys = new SSHKeys(configPath());
if (($id_file = $keys->getIdentity($identity_type)) && is_readable($id_file)) {
if (!isset($options["unrestricted"])
&& ($restrictions = SSHKeys::getIdentityRestrictions($host, $source_ip))) {
if (
!isset($options["unrestricted"])
&& ($restrictions = SSHKeys::getIdentityRestrictions($host, $source_ip))
) {
echo "$restrictions ";
}
echo file_get_contents($id_file);
return EXITCODE_SUCCESS;
} else {
Utils::log()->error("Failed getting identity. See log output for details.");
}
@ -197,14 +197,14 @@ function commandTestConnection(array &$options): int
if ($result["success"]) {
$result["actions"][] = "upload-tested";
} else {
if ($error = $sftp->lastError(3))
if ($error = $sftp->lastError(3)) {
$result = array_merge($result, $error);
}
if ($upload_result === SftpUploader::UPLOAD_ERROR_CHGRP_FAILED) {
$result["chgrp_failed"] = true;
} else if ($upload_result === SftpUploader::UPLOAD_ERROR_CHMOD_FAILED) {
} elseif ($upload_result === SftpUploader::UPLOAD_ERROR_CHMOD_FAILED) {
$result["chmod_failed"] = true;
}
}
@ -215,8 +215,9 @@ function commandTestConnection(array &$options): int
SftpUploader::UPLOAD_ERROR_CHMOD_FAILED]);
if ($remove_file) {
if ($error = $sftp->clearError()->rm($filename)->lastError(3))
if ($error = $sftp->clearError()->rm($filename)->lastError(3)) {
Utils::log()->error("Failed removing upload test file '$filename'", $error);
}
}
$sftp->close();
@ -233,15 +234,15 @@ function commandUpload(array &$options): int
// Includes host, upload all certs to the same host.
if (isset($options["host"])) {
return uploadCertificatesToHost($options);
} else {
// Find the actions associated with the given certs.
$tasks = [];
$cert_ids = preg_split('/[,;\s]+/', $options["certificates"] ?: "", 0, PREG_SPLIT_NO_EMPTY);
foreach (findCertificates($cert_ids, false) as $id => $cert) {
foreach ($cert["automations"] as $action_id) {
if (!isset($tasks[$action_id]))
if (!isset($tasks[$action_id])) {
$tasks[$action_id] = [];
}
$tasks[$action_id][] = $id;
}
}
@ -251,17 +252,16 @@ function commandUpload(array &$options): int
if (!empty($cert_list) && ($task_options = getOptionsById($action_id, true))) {
$task_options = array_merge($options, $task_options, ["certificates" => join(",", $cert_list)]);
$result = uploadCertificatesToHost($task_options);
if ($result != EXITCODE_SUCCESS)
if ($result != EXITCODE_SUCCESS) {
break;
}
}
}
return $result;
}
} else if (isset($options["host"])) {
} elseif (isset($options["host"])) {
return uploadCertificatesToHost($options);
} else {
Utils::log()->error("No work to do, neither --host nor --certificates is present.");
return EXITCODE_ERROR_NOTHING_TO_UPLOAD;
@ -283,11 +283,11 @@ function uploadCertificatesToHost(array $options): int
addFilesToUpload($options, $uploader);
if (empty($uploader->pending()))
if (empty($uploader->pending())) {
return EXITCODE_ERROR_NOTHING_TO_UPLOAD;
}
for ($max_restarts = 5; !empty($uploader->pending()) && $max_restarts > 0; $max_restarts--) {
$result = $uploader->upload();
if ($result != SftpUploader::UPLOAD_SUCCESS) {
@ -370,10 +370,12 @@ function getCommand()
$command = null;
$parsed_args = getopt("", ["command::"]);
foreach (COMMANDS as $name => $cmd) {
if (in_array($name, $GLOBALS["argv"]) || $parsed_args["command"] === $name)
if (in_array($name, $GLOBALS["argv"]) || $parsed_args["command"] === $name) {
$command = $cmd;
if ($cmd["default"] === true)
}
if ($cmd["default"] === true) {
$default = $cmd;
}
}
return $command ?: $default;
@ -385,9 +387,12 @@ function getActionById($automation_id)
$client = $config->OPNsense->AcmeClient;
foreach ($client->actions->children() as $action) {
if ($automation_id === (string)$action->attributes()["uuid"]
|| $automation_id === (string)$action->id)
if (
$automation_id === (string)$action->attributes()["uuid"]
|| $automation_id === (string)$action->id
) {
return $action;
}
}
return null;
@ -395,7 +400,9 @@ function getActionById($automation_id)
function getOptionsById($automation_id, $silent = false)
{
if (!$silent) Utils::log()->info("Reading options from automation: $automation_id");
if (!$silent) {
Utils::log()->info("Reading options from automation: $automation_id");
}
if (is_object($action = getActionById($automation_id))) {
if ($action->enabled && "upload_sftp" === (string)$action->type) {
@ -414,7 +421,7 @@ function getOptionsById($automation_id, $silent = false)
"ca-name" => trim((string)$action->sftp_filename_ca),
"certificates" => "", // defaults to all (= empty), may be overridden via CLI
];
} else if (!$silent) {
} elseif (!$silent) {
Utils::log()->error("Ignoring disabled or invalid automation '$automation_id'");
}
} else {
@ -434,14 +441,12 @@ function addFilesToUpload(array $options, SftpUploader &$uploader)
$cert_ids = preg_split('/[,;\s]+/', $options["certificates"] ?: "", 0, PREG_SPLIT_NO_EMPTY);
foreach (findCertificates($cert_ids) as $cert) {
if (!isset($cert["content"])) {
Utils::log()->error("Ignoring upload for cert '{$cert["name"]}', since it is not available in trust storage.");
continue;
}
foreach ($cert["content"] as $name => $content) {
if (empty($content)) {
Utils::log()->error("Content for '{$name}.pem' in cert '{$cert["name"]}' is empty, skipping it.");
continue;
@ -463,44 +468,46 @@ function addFilesToUpload(array $options, SftpUploader &$uploader)
? stripcslashes($cert[$index])
: "__unknown-template-param__{$index}__";
},
$path_part);
$path_part
);
// Sanitize user input. Allow unicode chars, numbers and some special characters [_-@.].
// Also replace all ".." with "." to avoid upwards tree traversal.
return preg_replace(['/\.+/', '/[^\w\d_\-@.]+/uim'], ['.', '-'], trim($path_part));
},
preg_split('-[/\\\\]+-', $target_path, 0, PREG_SPLIT_NO_EMPTY)));
preg_split('-[/\\\\]+-', $target_path, 0, PREG_SPLIT_NO_EMPTY)
));
// Add the file to upload (if valid)
if (!empty($target_path)
if (
!empty($target_path)
&& preg_match('-^(?!/).+?(?<!/)$-', $target_path) /* must neither begin nor end with '/' */
&& !preg_match('-^[/.]+$-', $target_path) /* must not only consist of '/' and '.' */) {
&& !preg_match('-^[/.]+$-', $target_path) /* must not only consist of '/' and '.' */
) {
$mod = $name === "key"
? $chmod_key
: $chmod;
$uploader->addContent($content, $target_path, $cert["updated"], $mod, $chgrp);
} else {
Utils::log()->error("Cannot add '{$name}.pem' since the upload path '$target_path' is invalid.");
}
}
}
if (empty($uploader->pending()))
if (empty($uploader->pending())) {
Utils::log()->error("Didn't find any certificates to upload (cert-ids: " . (empty($cert_ids) ? "*all*" : join(", ", $cert_ids)) . ").");
} else if (isset($options["files"])) {
}
} elseif (isset($options["files"])) {
$files = preg_split('/[,;\s]+/', $options["files"] ?: "", 0, PREG_SPLIT_NO_EMPTY);
foreach ($files as $file) {
$uploader->addFile($file, "", $chmod, $chgrp);
};
if (empty($uploader->pending()))
if (empty($uploader->pending())) {
Utils::log()->error("Didn't files to upload (files: " . join(", ", $files) . ").");
}
} else {
Utils::log()->error("Neither '--certificates' nor '--files' was specified. Have nothing to upload.");
}
@ -508,7 +515,9 @@ function addFilesToUpload(array $options, SftpUploader &$uploader)
function findCertificates(array $certificate_ids_or_names, $load_content = true): array
{
if (!class_exists("OPNsense\\Core\\Config")) return [];
if (!class_exists("OPNsense\\Core\\Config")) {
return [];
}
$config = OPNsense\Core\Config::getInstance()->object();
$client = $config->OPNsense->AcmeClient;
@ -521,13 +530,15 @@ function findCertificates(array $certificate_ids_or_names, $load_content = true)
$id = (string)$cert->id;
$name = (string)$cert->name;
if (empty($certificate_ids_or_names)
if (
empty($certificate_ids_or_names)
|| in_array($id, $certificate_ids_or_names)
|| in_array($name, $certificate_ids_or_names)) {
|| in_array($name, $certificate_ids_or_names)
) {
if ($cert->enabled == 0) {
if (!empty($certificate_ids_or_names))
if (!empty($certificate_ids_or_names)) {
Utils::log()->error("Certificate '{$name}' (id: $id) is disabled, skipping it.");
}
continue;
}
@ -547,8 +558,9 @@ function findCertificates(array $certificate_ids_or_names, $load_content = true)
if ($load_content && ($certificates = exportCertificates($refids))) {
foreach ($result as &$cert_info) {
$id = $cert_info["content_id"];
if (isset($certificates[$id]))
if (isset($certificates[$id])) {
$cert_info["content"] = $certificates[$id];
}
}
}
@ -584,7 +596,9 @@ function configPath(): string
__DIR__
];
foreach ($paths as $path) {
if (is_dir($path)) return $path . DIRECTORY_SEPARATOR . 'sftp-config';
if (is_dir($path)) {
return $path . DIRECTORY_SEPARATOR . 'sftp-config';
}
}
die("Failed detecting config path");
}
@ -607,16 +621,18 @@ function main()
if (isset($options["h"]) || isset($options["help"])) {
help();
} else {
if (isset($options["log"]))
if (isset($options["log"])) {
Utils::log(true)->info("Logging to stdout enabled");
}
$options = array_filter($options, function ($value) {
return !is_string($value)
|| (!empty($value = trim($value)) && $value !== "__default_value");
});
if (isset($options["automation-id"]))
if (isset($options["automation-id"])) {
$options = array_merge(getOptionsById($options["automation-id"]), $options);
}
if (is_callable($runner = $command["implementation"])) {
$code = $runner($options);

View File

@ -32,8 +32,10 @@ function clamav_services()
$services = array();
if (isset($config['OPNsense']['clamav']['general']['enabled']) &&
$config['OPNsense']['clamav']['general']['enabled'] == 1) {
if (
isset($config['OPNsense']['clamav']['general']['enabled']) &&
$config['OPNsense']['clamav']['general']['enabled'] == 1
) {
$services[] = array(
'description' => gettext('ClamAV Daemon'),
'configd' => array(
@ -46,8 +48,10 @@ function clamav_services()
);
}
if (isset($config['OPNsense']['clamav']['general']['fc_enabled']) &&
$config['OPNsense']['clamav']['general']['fc_enabled'] == 1) {
if (
isset($config['OPNsense']['clamav']['general']['fc_enabled']) &&
$config['OPNsense']['clamav']['general']['fc_enabled'] == 1
) {
$services[] = array(
'description' => gettext('freshclam daemon'),
'configd' => array(

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2019 Michael Muenz <m.muenz@gmail.com>
*

View File

@ -51,7 +51,7 @@ function tinc_syslog()
foreach ($mdl->networks->network->iterateItems() as $network) {
if ($network->enabled == '1') {
$logfacilities['tinc']['facility'][] = 'tinc.'.$network->name;
$logfacilities['tinc']['facility'][] = 'tinc.' . $network->name;
}
}

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2016 Deciso B.V.
*

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2016 Deciso B.V.
*
@ -53,7 +54,7 @@ class SettingsController extends ApiMutableModelControllerBase
$node = $this->getModel()->networks->network->Add();
return array("network" => $node->getNodes());
} else {
$node = $this->getModel()->getNodeByReference('networks.network.'.$uuid);
$node = $this->getModel()->getNodeByReference('networks.network.' . $uuid);
if ($node != null) {
// return node
return array("network" => $node->getNodes());
@ -71,7 +72,7 @@ class SettingsController extends ApiMutableModelControllerBase
{
if ($this->request->isPost() && $this->request->hasPost("network")) {
if ($uuid != null) {
$node = $this->getModel()->getNodeByReference('networks.network.'.$uuid);
$node = $this->getModel()->getNodeByReference('networks.network.' . $uuid);
} else {
$node = $this->getModel()->networks->network->Add();
}
@ -85,7 +86,7 @@ class SettingsController extends ApiMutableModelControllerBase
}
return $this->validateAndSave($node, 'network');
}
return array("result"=>"failed");
return array("result" => "failed");
}
@ -160,7 +161,7 @@ class SettingsController extends ApiMutableModelControllerBase
$node = $this->getModel()->hosts->host->Add();
return array("host" => $node->getNodes());
} else {
$node = $this->getModel()->getNodeByReference('hosts.host.'.$uuid);
$node = $this->getModel()->getNodeByReference('hosts.host.' . $uuid);
if ($node != null) {
// return node
return array("host" => $node->getNodes());
@ -178,14 +179,14 @@ class SettingsController extends ApiMutableModelControllerBase
{
if ($this->request->isPost() && $this->request->hasPost("host")) {
if ($uuid != null) {
$node = $this->getModel()->getNodeByReference('hosts.host.'.$uuid);
$node = $this->getModel()->getNodeByReference('hosts.host.' . $uuid);
} else {
$node = $this->getModel()->hosts->host->Add();
}
$node->setNodes($this->request->getPost("host"));
return $this->validateAndSave($node, 'host');
}
return array("result"=>"failed");
return array("result" => "failed");
}

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2016 Deciso B.V.
*

View File

@ -44,7 +44,7 @@ class GeneralController extends ApiMutableModelControllerBase
/* override default set action */
public function setAction()
{
$result = array('result'=>'failed');
$result = array('result' => 'failed');
if ($this->request->isPost()) {
$mdl = new General();
$mdl->setNodes($this->request->getPost('general'));
@ -55,7 +55,7 @@ class GeneralController extends ApiMutableModelControllerBase
if (!array_key_exists('validations', $result)) {
$result['validations'] = array();
}
$result['validations']['general.'.$msg->getField()] = $msg->getMessage();
$result['validations']['general.' . $msg->getField()] = $msg->getMessage();
}
if ($valMsgs->count() == 0) {

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2017 Fabian Franz
*

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2015 - 2017 Deciso B.V.
* Copyright (C) 2017 Fabian Franz

View File

@ -1,4 +1,5 @@
<?php
/*
Copyright (C) 2017 Fabian Franz
All rights reserved.

View File

@ -1,4 +1,5 @@
<?php
namespace OPNsense\Tor;
use OPNsense\Base\BaseModel;

View File

@ -1,4 +1,5 @@
<?php
namespace OPNsense\Tor;
use OPNsense\Base\BaseModel;

View File

@ -1,4 +1,5 @@
<?php
namespace OPNsense\Tor;
use OPNsense\Base\BaseModel;

View File

@ -1,4 +1,5 @@
<?php
namespace OPNsense\Tor;
use OPNsense\Base\BaseModel;

View File

@ -1,4 +1,5 @@
<?php
namespace OPNsense\Tor;
use OPNsense\Base\BaseModel;

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2018 David Harrigan
* Copyright (C) 2017 Deciso B.V.

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2017 Fabian Franz
*

View File

@ -1,4 +1,5 @@
<?php
/**
* Copyright (C) 2018 Michael Muenz <m.muenz@gmail.com>
*

View File

@ -1,4 +1,5 @@
<?php
/*
Copyright (C) 2017 Michael Muenz <m.muenz@gmail.com>

View File

@ -1,4 +1,5 @@
<?php
/*
Copyright (C) 2017 Michael Muenz <m.muenz@gmail.com>
All rights reserved.

View File

@ -70,7 +70,7 @@ class ServiceController extends ApiControllerBase
$backend = new Backend();
$output = $backend->configdpRun("smart", array("info", $type, "/dev/".$device));
$output = $backend->configdpRun("smart", array("info", $type, "/dev/" . $device));
return array("output" => $output);
}
@ -96,7 +96,7 @@ class ServiceController extends ApiControllerBase
$backend = new Backend();
$output = $backend->configdpRun("smart", array("log", $type, "/dev/".$device));
$output = $backend->configdpRun("smart", array("log", $type, "/dev/" . $device));
return array("output" => $output);
}
@ -122,7 +122,7 @@ class ServiceController extends ApiControllerBase
$backend = new Backend();
$output = $backend->configdpRun("smart", array("test", $type, "/dev/".$device));
$output = $backend->configdpRun("smart", array("test", $type, "/dev/" . $device));
return array("output" => $output);
}
@ -141,7 +141,7 @@ class ServiceController extends ApiControllerBase
$backend = new Backend();
$output = $backend->configdpRun("smart", array("abort", "/dev/".$device));
$output = $backend->configdpRun("smart", array("abort", "/dev/" . $device));
return array("output" => $output);
}

View File

@ -32,8 +32,10 @@ function cicap_services()
$services = array();
if (isset($config['OPNsense']['cicap']['general']['enabled']) &&
$config['OPNsense']['cicap']['general']['enabled'] == 1) {
if (
isset($config['OPNsense']['cicap']['general']['enabled']) &&
$config['OPNsense']['cicap']['general']['enabled'] == 1
) {
$services[] = array(
'description' => gettext('C-ICAP server'),
'configd' => array(

View File

@ -1,4 +1,5 @@
<?php
/*
Copyright (C) 2018 Fabian Franz

View File

@ -1,4 +1,5 @@
<?php
/*
Copyright (C) 2018 Fabian Franz
@ -180,7 +181,7 @@ class LogsController extends ApiControllerBase
*/
private function vhost_exists($uuid)
{
$data = $this->nginx->getNodeByReference('http_server.'. $uuid);
$data = $this->nginx->getNodeByReference('http_server.' . $uuid);
return isset($data);
}
@ -190,7 +191,7 @@ class LogsController extends ApiControllerBase
*/
private function stream_exists($uuid)
{
$data = $this->nginx->getNodeByReference('stream_server.'. $uuid);
$data = $this->nginx->getNodeByReference('stream_server.' . $uuid);
return isset($data);
}

View File

@ -1,4 +1,5 @@
<?php
/*
Copyright (C) 2018 Fabian Franz

View File

@ -1,4 +1,5 @@
<?php
/*
Copyright (C) 2018 Fabian Franz

View File

@ -1,4 +1,5 @@
<?php
/*
Copyright (C) 2018 Fabian Franz

View File

@ -1,4 +1,5 @@
<?php
/*
Copyright (C) 2018 Fabian Franz

View File

@ -1,4 +1,5 @@
<?php
/*
Copyright (C) 2018 Fabian Franz

View File

@ -1,4 +1,5 @@
<?php
/*
Copyright (C) 2018 Fabian Franz

View File

@ -1,4 +1,5 @@
<?php
/*
Copyright (C) 2018 Fabian Franz

View File

@ -1,4 +1,5 @@
<?php
/*
Copyright (C) 2017 Fabian Franz
All rights reserved.

View File

@ -1,5 +1,6 @@
#!/usr/local/bin/php
<?php
/**
* Copyright (C) 2018 Fabian Franz
*
@ -28,7 +29,6 @@
*
*/
require_once('config.inc');
use OPNsense\Core\Config;
use OPNsense\Nginx\Nginx;

View File

@ -38,7 +38,7 @@ $server_uuid = $_SERVER['SERVER-UUID'];
function password_auth_test($username, $password, $auth_server)
{
$authFactory = new OPNsense\Auth\AuthenticationFactory;
$authFactory = new OPNsense\Auth\AuthenticationFactory();
$authenticator = $authFactory->get($auth_server);
return $authenticator->authenticate($username, $password);
}

View File

@ -58,7 +58,7 @@ if ($server == 'global') {
switch ($mode) {
case 'error':
case 'access':
if ($data = $nginx->getNodeByReference('http_server.'. $server)) {
if ($data = $nginx->getNodeByReference('http_server.' . $server)) {
$server_names = (string)$data->servername;
if (empty($server_names)) {
die('{"error": "The server entry has no server name"}');
@ -91,7 +91,7 @@ switch ($mode) {
break;
case 'streamerror':
case 'streamaccess':
if ($data = $nginx->getNodeByReference('stream_server.'. $server)) {
if ($data = $nginx->getNodeByReference('stream_server.' . $server)) {
$lines = [];
$mode = str_replace('stream', '', $mode);
$log_file_name = $log_prefix . 'stream_' . $server . '.' . $mode . $log_suffix;

View File

@ -92,7 +92,7 @@ class ServiceController extends \OPNsense\Proxy\Api\ServiceController
if ($this->request->isPost()) {
$backend = new Backend();
$cnf = Config::getInstance()->object();
$fqdn = $cnf->system->hostname .'.'.$cnf->system->domain;
$fqdn = $cnf->system->hostname . '.' . $cnf->system->domain;
$username = escapeshellarg($this->request->getPost("login"));
$pass = escapeshellarg($this->request->getPost("password"));
@ -111,7 +111,7 @@ class ServiceController extends \OPNsense\Proxy\Api\ServiceController
{
$backend = new Backend();
$cnf = Config::getInstance()->object();
$hostname = $cnf->system->hostname .'.'.$cnf->system->domain;
$hostname = $cnf->system->hostname . '.' . $cnf->system->domain;
// LDAP
$methods = explode(',', $cnf->OPNsense->proxy->forward->authentication->method);

View File

@ -306,11 +306,13 @@ class SettingsController extends ApiMutableModelControllerBase
$ldapBindURL .= strpos($server['host'], "::") !== false ? "[{$server['host']}]" : $server['host'];
$ldapBindURL .= !empty($server['ldap_port']) ? ":{$server['ldap_port']}" : "";
$ldap_auth_server = $authFactory->get($server["name"]);
if ($ldap_auth_server->connect(
$ldapBindURL,
$server["ldap_binddn"],
$server["ldap_bindpw"]
) == false) {
if (
$ldap_auth_server->connect(
$ldapBindURL,
$server["ldap_binddn"],
$server["ldap_bindpw"]
) == false
) {
return gettext("Error connecting to LDAP server");
}