(legacy) spaces and curly braces ipsec.auth-user.php

(cherry picked from commit 47cd7b9a)

(legacy) spaces and curly braces ipsec.auth-user.php
(cherry picked from commit 47cd7b9a)
eccfa60f · Ad Schellevis · Franco Fichtner · e8ca3eaa · eccfa60f
Commit eccfa60f authored Mar 22, 2016 by Ad Schellevis Committed by Franco Fichtner Apr 01, 2016
Show whitespace changes
Inline Side-by-side

Showing with 228 additions and 212 deletions

ipsec.auth-user.php src/etc/inc/ipsec.auth-user.php +228 -212

No files found.
--- a/src/etc/inc/ipsec.auth-user.php
+++ b/src/etc/inc/ipsec.auth-user.php
@@ -39,9 +39,12 @@ require_once("auth.inc");
 require_once("interfaces.inc");
 require_once("util.inc");

-function cisco_to_cidr($addr) {
-	if (!is_ipaddr($addr))
+function cisco_to_cidr($addr)
+{
+    if (!is_ipaddr($addr)) {
        return 0;
+    }
+
    $mask = decbin(~ip2long($addr));
    $mask = substr($mask, -32);
    $k = 0;
@@ -51,20 +54,23 @@ function cisco_to_cidr($addr) {
    return $k;
 }

-function cisco_extract_index($prule) {
-
+function cisco_extract_index($prule)
+{
    $index = explode("#", $prule);
-	if (is_numeric($index[1]))
+    if (is_numeric($index[1])) {
        return intval($index[1]);
-	else
+    } else {
        syslog(LOG_WARNING, "Error parsing rule {$prule}: Could not extract index");
+    }
    return -1;;
 }

-function parse_cisco_acl($attribs) {
+function parse_cisco_acl($attribs)
+{
    global $attributes;
-	if (!is_array($attribs))
+    if (!is_array($attribs)) {
        return "";
+    }

    $devname = "enc0";
    $finalrules = "";
@@ -76,29 +82,31 @@ function parse_cisco_acl($attribs) {
            $dir = "";
            if (strstr($rule[0], "inacl")) {
                $dir = "in";
-			} else if (strstr($rule[0], "outacl"))
+            } elseif (strstr($rule[0], "outacl")) {
                $dir = "out";
-			else if (strstr($rule[0], "dns-servers")) {
+            } elseif (strstr($rule[0], "dns-servers")) {
                $attributes['dns-servers'] = explode(" ", $rule[1]);
                continue;
            } else if (strstr($rule[0], "route")) {
-				if (!is_array($attributes['routes']))
+                if (!is_array($attributes['routes'])) {
                    $attributes['routes'] = array();
+                }
                $attributes['routes'][] = $rule[1];
                continue;
            }
            $rindex = cisco_extract_index($rule[0]);
-			if ($rindex < 0)
+            if ($rindex < 0) {
                continue;
+            }

            $rule = $rule[1];
            $rule = explode(" ", $rule);
            $tmprule = "";
            $index = 0;
            $isblock = false;
-			if ($rule[$index] == "permit")
+            if ($rule[$index] == "permit") {
                $tmprule = "pass {$dir} quick on {$devname} ";
-			else if ($rule[$index] == "deny") {
+            } elseif ($rule[$index] == "deny") {
                //continue;
                $isblock = true;
                $tmprule = "block {$dir} quick on {$devname} ";
@@ -113,7 +121,6 @@ function parse_cisco_acl($attribs) {
                case "udp":
                    $tmprule .= "proto {$rule[$index]} ";
                    break;
-
            }

            $index++;
@@ -122,8 +129,9 @@ function parse_cisco_acl($attribs) {
                $index++;
                $tmprule .= "from {$rule[$index]} ";
                $index++;
-				if ($isblock == true)
+                if ($isblock == true) {
                    $isblock = false;
+                }
            } else if (trim($rule[$index]) == "any") {
                $tmprule .= "from any";
                $index++;
@@ -133,16 +141,18 @@ function parse_cisco_acl($attribs) {
                $netmask = cisco_to_cidr($rule[$index]);
                $tmprule .= "/{$netmask} ";
                $index++;
-				if ($isblock == true)
+                if ($isblock == true) {
                    $isblock = false;
                }
+            }
            /* Destination */
            if (trim($rule[$index]) == "host") {
                $index++;
                $tmprule .= "to {$rule[$index]} ";
                $index++;
-				if ($isblock == true)
+                if ($isblock == true) {
                    $isblock = false;
+                }
            } else if (trim($rule[$index]) == "any") {
                $index++;
                $tmprule .= "to any";
@@ -152,32 +162,37 @@ function parse_cisco_acl($attribs) {
                $netmask = cisco_to_cidr($rule[$index]);
                $tmprule .= "/{$netmask} ";
                $index++;
-				if ($isblock == true)
+                if ($isblock == true) {
                    $isblock = false;
                }
+            }

-			if ($isblock == true)
+            if ($isblock == true) {
                continue;
+            }

-			if ($dir == "in")
+            if ($dir == "in") {
                $inrules[$rindex] = $tmprule;
-			else if ($dir == "out")
+            } elseif ($dir == "out") {
                $outrules[$rindex] = $tmprule;
            }
-
+        }

        $state = "";
-		if (!empty($outrules))
+        if (!empty($outrules)) {
            $state = "no state";
+        }
        ksort($inrules, SORT_NUMERIC);
-		foreach ($inrules as $inrule)
+        foreach ($inrules as $inrule) {
            $finalrules .= "{$inrule} {$state}\n";
+        }
        if (!empty($outrules)) {
            ksort($outrules, SORT_NUMERIC);
-			foreach ($outrules as $outrule)
+            foreach ($outrules as $outrule) {
                $finalrules .= "{$outrule} {$state}\n";
            }
        }
+    }
    return $finalrules;
 }

@@ -191,9 +206,8 @@ if (!function_exists("getNasID")) {
    function getNasID()
    {
        global $g;
-
        $nasId = gethostname();
-        if(empty($nasId)) {
+        if (empty($nasId)) {
            $nasId = $g['product_name'];
        }
        return $nasId;
@@ -238,8 +252,9 @@ if (($strictusercn === true) && ($common_name != $username)) {
 $attributes = array();
 foreach ($authmodes as $authmode) {
    $authcfg = auth_get_authserver($authmode);
-	if (!$authcfg && $authmode != "local")
+    if (!$authcfg && $authmode != "local") {
        continue;
+    }

    $authenticated = authenticate_user($username, $password, $authcfg);
    if ($authenticated == true) {
@@ -269,8 +284,9 @@ if ($authenticated == false) {

 if (empty($common_name)) {
    $common_name = getenv("common_name");
-	if (empty($common_name))
+    if (empty($common_name)) {
        $common_name = getenv("username");
+    }
 }