diff options
66 files changed, 2428 insertions, 2435 deletions
diff --git a/CommModule/.gitignore b/CommModule/.gitignore new file mode 100644 index 0000000..40a9309 --- /dev/null +++ b/CommModule/.gitignore @@ -0,0 +1,19 @@ +# Ignore autogenerated serial conf file +/serial.conf +/serialserver.conf + +# Ignore *-active files +/client.pl-active +/server.pl-active + +# Ignore log files +/logfile20??-??-??.txt +/nohup.out +/oldlogs/ + +# Ignore working files generated by the signer +/currentcrls/ +/delta?.diff +/revoke-root?.crl +/timesync.sh +/work/ diff --git a/CommModule/client.pl b/CommModule/client.pl index bf92b27..002b661 100755 --- a/CommModule/client.pl +++ b/CommModule/client.pl @@ -40,8 +40,8 @@ my $paranoid=1; my $debug=0; -#my $serialport="/dev/ttyS0"; -my $serialport="/dev/ttyUSB0"; +my $serialport="/dev/ttyS1"; +#my $serialport="/dev/ttyUSB0"; my $gpgbin="/usr/bin/gpg"; @@ -444,9 +444,9 @@ sub calculateDays($) my @sum = $dbh->selectrow_array("select sum(`points`) as `total` from `notary` where `to`='".$_[0]."' group by `to`"); SysLog("Summe: $sum[0]\n") if($debug); - return ($sum[0]>=50)?730:180; + return ($sum[0]>=50)?30:3; } - return 180; + return 3; } sub X509extractSAN($) @@ -832,7 +832,7 @@ sub HandleCerts($$) SysLog "SAN: --$SAN--\n" if($debug); SysLog "memid: $row{'memid'}\n" if($debug); - my $days=$org?($server?(365*2):365):calculateDays($row{"memid"}); + my $days=$org?($server?(30):7):calculateDays($row{"memid"}); $crt=Request($ver,1,1,$row{'rootcert'}-1,$profile,$row{'md'}eq"sha1"?2:0,$days,$row{'keytype'}eq"NS"?1:0,$content,$SAN,$subject); diff --git a/CommModule/serial.conf b/CommModule/serial.conf deleted file mode 100755 index bd9980c..0000000 --- a/CommModule/serial.conf +++ /dev/null @@ -1,32 +0,0 @@ -Device::SerialPort_Configuration_File -- DO NOT EDIT -- -/dev/ttyUSB0 - -C_CFLAG,7346 -C_IFLAG,0 -C_ISPEED,4098 -C_LFLAG,2608 -C_OFLAG,4 -C_OSPEED,4098 -C_VERASE,127 -C_VQUIT,28 -C_VSUSP,26 -C_VINTR,3 -C_VSTOP,19 -C_VSTART,17 -C_VKILL,21 -C_VMIN,0 -C_VEOF,4 -C_VEOL,0 -C_VTIME,0 -CFG_1,none -RCONST,0 -CFG_2,none -HNAME,localhost -ALIAS,/dev/ttyUSB0 -CFG_3,none -U_MSG,0 -DATYPE,raw -E_MSG,0 -HADDR,0 -RTOT,0 -DVTYPE,none @@ -0,0 +1 @@ +# This directory has to be writeable by the web server @@ -0,0 +1 @@ +# This directory has to be writeable by the web server diff --git a/includes/account.php b/includes/account.php index 4faa0e5..20b9ec7 100644 --- a/includes/account.php +++ b/includes/account.php @@ -17,10 +17,48 @@ */ require_once("../includes/loggedin.php"); require_once("../includes/lib/l10n.php"); - require_once('lib/check_weak_key.php'); loadem("account"); +function appendUnique($str, $suffix) { + if (!strstr($str, "$suffix/") && + substr($str, -strlen($suffix)) != $suffix) { + $str .= $suffix; + } + return $str; +} + +function appendSubjectAltName($subject, $name) { + $subject = appendUnique($subject, "/subjectAltName=DNS:$name"); + $subject = appendUnique($subject, "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$name"); + + return $subject; +} + +function buildSubject() { + $subject = ""; + $count = 0; + + if(is_array($_SESSION['_config']['rows'])) + foreach($_SESSION['_config']['rows'] as $row) + { + $count++; + if($count <= 1) + $subject .= "/CN=$row"; + $subject = appendSubjectAltName($subject, $row); + } + if(is_array($_SESSION['_config']['altrows'])) + foreach($_SESSION['_config']['altrows'] as $row) + { + if(substr($row, 0, 4) == "DNS:") + { + $row = substr($row, 4); + $subject = appendSubjectAltName($subject, $row); + } + } + return $subject; +} + $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']); $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']); $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process']; @@ -124,9 +162,9 @@ exit; } $row = mysql_fetch_assoc($res); - $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n"; - $body .= _("You are receiving this email because you or someone else ". - "has changed the default email on your account.")."\n\n"; + $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n"; + $body .= _("You are receiving this email because you or someone else")."\n"; + $body .= _("has changed the default email on your account.")."\n\n"; $body .= _("Best regards")."\n"._("CAcert.org Support!"); @@ -144,6 +182,46 @@ if($process != "" && $oldid == 2) { + +/* sample code from id=29 + if($oldid == 29 && $process != "") + { + $domain = mysql_real_escape_string(stripslashes(trim($domainname))); + + $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($_SESSION['_config']['domid'])."'"); + $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0"); + if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0) + { + $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain)); + $id = $oldid; + $oldid=0; + // reset domid into its original state + $domid = $_SESSION['_config']['domid']; + $_REQUEST['domid'] = $domid; + } + } + */ + // $_REQUEST['delid'] exist + $id = 2; + csrf_check("chgdef"); + $id = 60; + if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid'])) + { + // $_SESSION['profile']['id'] + // $_SESSION['profile']['email'] + $oldid=0; + } + else + { + showheader(_("My CAcert.org Account!")); + $delcount = 0; + echo _("You did not select any email accounts for removal."); + echo _("You failed to select any email addresses to be removed, or you attempted to remove the default email address. No action was taken."); + showfooter(); + exit; + } + +/* $id = 2; csrf_check("chgdef"); showheader(_("My CAcert.org Account!")); @@ -188,6 +266,8 @@ showfooter(); exit; + */ + } if($process != "" && $oldid == 3) @@ -240,6 +320,11 @@ $_REQUEST['keytype'] = "MS"; $csr = clean_csr($_REQUEST['optionalCSR']); } + if(trim($_REQUEST['description']) == ""){ + $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description']))); + }else{ + $_SESSION['_config']['description']= ""; + } } if($oldid == 4) @@ -323,7 +408,8 @@ `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()), `codesign`='".intval($_SESSION['_config']['codesign'])."', `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."', - `rootcert`='".intval($_SESSION['_config']['rootcert'])."'"; + `rootcert`='".intval($_SESSION['_config']['rootcert'])."', + `description`='".intval($_SESSION['_config']['description'])."'"; mysql_query($query); $emailid = mysql_insert_id(); if(is_array($addys)) @@ -422,7 +508,9 @@ `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()), `subject`='".mysql_real_escape_string($csrsubject)."', `codesign`='".$_SESSION['_config']['codesign']."', - `rootcert`='".$_SESSION['_config']['rootcert']."'"; + `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."', + `rootcert`='".$_SESSION['_config']['rootcert']."', + `description`='".intval($_SESSION['_config']['description'])."'"; mysql_query($query); $emailid = mysql_insert_id(); if(is_array($addys)) @@ -621,30 +709,10 @@ { $row = mysql_fetch_assoc($res); echo $row['domain']."<br>\n"; - - $dres = mysql_query( - "select distinct `domaincerts`.`id` - from `domaincerts`, `domlink` - where `domaincerts`.`domid` = '$id' - or ( - `domaincerts`.`id` = `domlink`.`certid` - and `domlink`.`domid` = '$id' - )"); + mysql_query("update `domains` set `deleted`=NOW() where `id`='$id'"); + $dres = mysql_query("select * from `domlink` where `domid`='$id'"); while($drow = mysql_fetch_assoc($dres)) - { - mysql_query( - "update `domaincerts` - set `revoked`='1970-01-01 10:00:01' - where `id` = '".$drow['id']."' - and `revoked` = 0 - and UNIX_TIMESTAMP(`expire`) - - UNIX_TIMESTAMP() > 0"); - } - - mysql_query( - "update `domains` - set `deleted`=NOW() - where `id` = '$id'"); + mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['certid']."' and `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0"); } } } @@ -674,6 +742,12 @@ exit; } + if(trim($_REQUEST['description']) == ""){ + $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description']))); + }else{ + $_SESSION['_config']['description']= ""; + } + $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR"); $fp = fopen($_SESSION['_config']['tmpfname'], "w"); fputs($fp, $CSR); @@ -737,35 +811,8 @@ exit; } - $subject = ""; - $count = 0; - $supressSAN=0; - if($_SESSION["profile"]["id"] == 104074) $supressSAN=1; - - if(is_array($_SESSION['_config']['rows'])) - foreach($_SESSION['_config']['rows'] as $row) - { - $count++; - if($count <= 1) - { - $subject .= "/CN=$row"; - if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row"; - if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row"; - } else { - if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row"; - if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row"; - } - } - if(is_array($_SESSION['_config']['altrows'])) - foreach($_SESSION['_config']['altrows'] as $row) - { - if(substr($row, 0, 4) == "DNS:") - { - $row = substr($row, 4); - if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row"; - if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row"; - } - } + $subject = buildSubject(); + if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2) $_SESSION['_config']['rootcert'] = 1; @@ -775,13 +822,15 @@ `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."', `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."', `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."', - `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'"; + `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."', + `description`='".intval($_SESSION['_config']['description'])."'"; } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) { $query = "insert into `domaincerts` set `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."', `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."', `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."', - `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."'"; + `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."', + `description`='".intval($_SESSION['_config']['description'])."'"; } else { showheader(_("My CAcert.org Account!")); echo _("Domain not verified."); @@ -863,7 +912,8 @@ `modified`=NOW(), `rootcert`='".$row['rootcert']."', `type`='".$row['type']."', - `pkhash`='".$row['pkhash']."'"; + `pkhash`='".$row['pkhash']."', + `description`='".$row['description']."'"; mysql_query($query); $newid = mysql_insert_id(); $newfile=generatecertpath("csr","server",$newid); @@ -885,29 +935,7 @@ continue; } - $subject = ""; - $count = 0; - if(is_array($_SESSION['_config']['rows'])) - foreach($_SESSION['_config']['rows'] as $row) - { - $count++; - if($count <= 1) - { - $subject .= "/CN=$row"; - if(!strstr($subject, "=$row/") && - substr($subject, -strlen("=$row")) != "=$row") - $subject .= "/subjectAltName=$row"; - } else { - if(!strstr($subject, "=$row/") && - substr($subject, -strlen("=$row")) != "=$row") - $subject .= "/subjectAltName=$row"; - } - } - if(is_array($_SESSION['_config']['altrows'])) - foreach($_SESSION['_config']['altrows'] as $row) - if(!strstr($subject, "=$row/") && - substr($subject, -strlen("=$row")) != "=$row") - $subject .= "/subjectAltName=$row"; + $subject = buildSubject(); $subject = mysql_real_escape_string($subject); mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'"); @@ -1039,7 +1067,8 @@ `modified`=NOW(), `disablelogin`='".$row['disablelogin']."', `codesign`='".$row['codesign']."', - `rootcert`='".$row['rootcert']."'"; + `rootcert`='".$row['rootcert']."', + `description`='".$row['description']."'"; mysql_query($query); $newid = mysql_insert_id(); $newfile=generatecertpath("csr","client",$newid); @@ -1226,7 +1255,9 @@ $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`"; $ddres = mysql_query($ddquery); $ddrow = mysql_fetch_assoc($ddres); - $_SESSION['profile']['points'] = $ddrow['total']; + $_SESSION['profile']['xpoints'] = $ddrow['total']; + $_SESSION['profile']['points'] = received_points($_SESSION['profile']['id']); +echo "points1 (".$_SESSION['profile']['xpoints']."/".$_SESSION['profile']['points'].")"; if($_SESSION['profile']['points'] == 0) { @@ -1296,7 +1327,9 @@ $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`"; $ddres = mysql_query($ddquery); $ddrow = mysql_fetch_assoc($ddres); - $_SESSION['profile']['points'] = $ddrow['total']; + $_SESSION['profile']['xpoints'] = $ddrow['total']; + $_SESSION['profile']['points'] = received_points($_SESSION['profile']['id']); +echo "points2 (".$_SESSION['profile']['xpoints']."/".$_SESSION['profile']['points'].")"; $id = 13; @@ -1352,9 +1385,9 @@ where `id`='".$_SESSION['profile']['id']."'"); echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n"; echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change."); - $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n"; - $body .= _("You are receiving this email because you or someone else ". - "has changed the password on your account.")."\n\n"; + $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n"; + $body .= _("You are receiving this email because you or someone else")."\n"; + $body .= _("has changed the password on your account.")."\n"; $body .= _("Best regards")."\n"._("CAcert.org Support!"); @@ -1392,6 +1425,13 @@ } $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name']))); $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU']))); + + + if(trim($_REQUEST['description']) == ""){ + $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description']))); + }else{ + $_SESSION['_config']['description']= ""; + } } if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0) @@ -1421,6 +1461,12 @@ if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2) $_SESSION['_config']['rootcert'] = 1; + if(trim($_REQUEST['description']) == ""){ + $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description']))); + }else{ + $_SESSION['_config']['description']= ""; + } + if(@count($_SESSION['_config']['emails']) > 0) $id = 17; } @@ -1466,7 +1512,8 @@ $emails .= "countryName = ".$org['C']."\n"; if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2) $_SESSION['_config']['rootcert'] = 1; - + + $emails .= "SPKAC = $spkac"; if (($weakKey = checkWeakKeySPKAC($emails)) !== "") { @@ -1483,7 +1530,8 @@ `orgid`='".$org['orgid']."', `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()), `codesign`='".$_SESSION['_config']['codesign']."', - `rootcert`='".$_SESSION['_config']['rootcert']."'"; + `rootcert`='".$_SESSION['_config']['rootcert']."', + `description`='".intval($_SESSION['_config']['description'])."'"; mysql_query($query); $emailid = mysql_insert_id(); @@ -1573,7 +1621,8 @@ `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()), `subject`='$csrsubject', `codesign`='".$_SESSION['_config']['codesign']."', - `rootcert`='".$_SESSION['_config']['rootcert']."'"; + `rootcert`='".$_SESSION['_config']['rootcert']."', + `description`='".intval($_SESSION['_config']['description'])."'"; mysql_query($query); $emailid = mysql_insert_id(); @@ -1648,7 +1697,8 @@ `created`='".$row['created']."', `modified`=NOW(), `codesign`='".$row['codesign']."', - `rootcert`='".$row['rootcert']."'"; + `rootcert`='".$row['rootcert']."', + `description`='".$row['description']."'"; mysql_query($query); $newid = mysql_insert_id(); $newfile=generatecertpath("csr","orgclient",$newid); @@ -1753,6 +1803,12 @@ exit; } + if(trim($_REQUEST['description']) == ""){ + $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description']))); + }else{ + $_SESSION['_config']['description']= ""; + } + $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR"); $fp = fopen($_SESSION['_config']['tmpfname'], "w"); fputs($fp, $CSR); @@ -1856,20 +1912,7 @@ //if($org['contact']) // $csrsubject .= "/emailAddress=".trim($org['contact']); - if(is_array($_SESSION['_config']['rows'])) - foreach($_SESSION['_config']['rows'] as $row) - $csrsubject .= "/commonName=$row"; - $SAN=""; - if(is_array($_SESSION['_config']['altrows'])) - foreach($_SESSION['_config']['altrows'] as $subalt) - { - if($SAN != "") - $SAN .= ","; - $SAN .= "$subalt"; - } - - if($SAN != "") - $csrsubject .= "/subjectAltName=".$SAN; + $csrsubject .= buildSubject(); $type=""; if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8"; @@ -1892,7 +1935,8 @@ `created`=NOW(), `subject`='$csrsubject', `rootcert`='".$_SESSION['_config']['rootcert']."', - `type`='$type'"; + `type`='$type', + `description`='".intval($_SESSION['_config']['description'])."'"; } mysql_query($query); $CSRid = mysql_insert_id(); @@ -1968,7 +2012,8 @@ `modified`=NOW(), `subject`='".$row['subject']."', `type`='".$row['type']."', - `rootcert`='".$row['rootcert']."'"; + `rootcert`='".$row['rootcert']."', + `description`='".$row['description']."'"; mysql_query($query); $newid = mysql_insert_id(); //echo "NewID: $newid<br/>\n"; @@ -2324,8 +2369,8 @@ $row = mysql_fetch_assoc($res); if ( !is_assurer(intval($row['id'])) ) { - $id = $oldid;
- $oldid=0;
+ $id = $oldid; + $oldid=0; $_SESSION['_config']['errmsg'] = _("The user is not an Assurer yet"); } else { @@ -2613,9 +2658,9 @@ printf(_("The password for %s has been updated successfully in the system."), sanitizeHTML($row['email'])); - $body = sprintf(_("Hi %s,"),$row['fname'])."\n\n"; - $body .= _("You are receiving this email because a CAcert administrator ". - "has changed the password on your account.")."\n\n"; + $body = sprintf(_("Hi %s,"),$row['fname'])."\n"; + $body .= _("You are receiving this email because a CAcert administrator")."\n"; + $body .= _("has changed the password on your account.")."\n"; $body .= _("Best regards")."\n"._("CAcert.org Support!"); @@ -2892,121 +2937,60 @@ mysql_query($query); } } - - if(($id == 51 || $id == 52 || $oldid == 52) && $_SESSION['profile']['tverify'] <= 0) + + if($process != "" && $oldid == 60) { + // delete user account email confirmed + $id = 60; + csrf_check("chgdefcnfd"); showheader(_("My CAcert.org Account!")); - echo _("You don't have access to this area."); - showfooter(); - exit; - } - - if($oldid == 52) - { - $uid = intval($_REQUEST['uid']); - $query = "select * from `tverify` where `id`='$uid' and `modified`=0"; - $rc = mysql_num_rows(mysql_query($query)); - if($rc <= 0) - { - showheader(_("My CAcert.org Account!")); - echo _("Unable to find a valid tverify request for this ID."); - showfooter(); - exit; - } - } - - if($oldid == 52) - { - $query = "select * from `tverify-vote` where `tverify`='$uid' and `memid`='".$_SESSION['profile']['id']."'"; - $rc = mysql_num_rows(mysql_query($query)); - if($rc > 0) - { - showheader(_("My CAcert.org Account!")); - echo _("You have already voted on this request."); - showfooter(); - exit; - } - } - - if($oldid == 52 && ($_REQUEST['agree'] != "" || $_REQUEST['disagree'] != "")) - { - $vote = -1; - if($_REQUEST['agree'] != "") - $vote = 1; - - $query = "insert into `tverify-vote` set - `tverify`='$uid', - `memid`='".$_SESSION['profile']['id']."', - `when`=NOW(), `vote`='$vote', - `comment`='".mysql_real_escape_string($_REQUEST['comment'])."'"; - mysql_query($query); - - $rc = mysql_num_rows(mysql_query("select * from `tverify-vote` where `tverify`='$uid' and `vote`='1'")); - if($rc >= 8) + $delcount = 0; + if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid'])) { - mysql_query("update `tverify` set `modified`=NOW() where `id`='$uid'"); - $tverify = mysql_fetch_assoc(mysql_query("select * from `tverify` where `id`='$uid'")); - $memid = $tverify['memid']; - $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$memid'")); - $tmp = mysql_fetch_assoc(mysql_query("select sum(`points`) as `points` from `notary` where `to`='$memid'")); - - $points = 0; - if($tverify['URL'] != "" && $tverify['photoid'] != "") - $points = 150 - intval($tmp['points']); - if($tverify['URL'] != "" && $tverify['photoid'] == "") - $points = 90 - intval($tmp['points']); - if($tverify['URL'] == "" && $tverify['photoid'] == "") - $points = 50 - intval($tmp['points']); - - if($points < 0) - $points = 0; - - if($points > 0) + echo _("The following email addresses and associated client certificates have been removed:")."<br><br>\n"; + foreach($_REQUEST['delid'] as $id) { - mysql_query("insert into `notary` set `from`='0', `to`='$memid', `points`='$points', - `method`='Thawte Points Transfer', `when`=NOW()"); - fix_assurer_flag($memid); + $id = intval($id); + $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and + `email`!='".$_SESSION['profile']['email']."'"; + $res = mysql_query($query); + if(mysql_num_rows($res) > 0) + { + $row = mysql_fetch_assoc($res); + echo $row['email']."<br>\n"; + $query = "select `emailcerts`.`id` + from `emaillink`,`emailcerts` where + `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and + `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0 + group by `emailcerts`.`id`"; + $dres = mysql_query($query); + while($drow = mysql_fetch_assoc($dres)) + mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'"); + + $query = "update `email` set `deleted`=NOW() where `id`='$id'"; + mysql_query($query); + $delcount++; + } } - $totalpoints = intval($tmp['points']) + $points; - - $body = _("Your request to have points transfered was successful. You were issued $points points as a result, and you now have $totalpoints in total")."\n\n"._("The following comments were made by reviewers")."\n\n"; - $res = mysql_query("select * from `tverify-vote` where `tverify`='$uid' and `vote`='1'"); - while($row = mysql_fetch_assoc($res)) - $body .= $row['comment']."\n"; - $body .= "\n"; - - $body .= _("Best regards")."\n"; - $body .= _("CAcert Support Team"); - sendmail($user['email'], "[CAcert.org] Thawte Notary Points Transfer", $body, "website-form@cacert.org", "support@cacert.org", "", "CAcert Tverify"); } - - $rc = mysql_num_rows(mysql_query("select * from `tverify-vote` where `tverify`='$uid' and `vote`='-1'")); - if($rc >= 4) + else { - mysql_query("update `tverify` set `modified`=NOW() where `id`='$uid'"); - $tverify = mysql_fetch_assoc(mysql_query("select * from `tverify` where `id`='$uid'")); - $memid = $tverify['memid']; - $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$memid'")); - - $body = _("Unfortunately your request for a points increase has been denied, below is the comments from people that reviewed your request as to why they rejected your application.")."\n\n"; - $res = mysql_query("select * from `tverify-vote` where `tverify`='$uid' and `vote`='-1'"); - while($row = mysql_fetch_assoc($res)) - $body .= $row['comment']."\n"; - $body .= "\n"; - - $body .= _("You are welcome to try submitting another request at any time in the future, please make sure you take the reviewer comments into consideration or you risk having your application rejected again.")."\n\n"; - - $body .= _("Best regards")."\n"; - $body .= _("CAcert Support Team"); - sendmail($user['email'], "[CAcert.org] Thawte Notary Points Transfer", $body, "website-form@cacert.org", "support@cacert.org", "", "CAcert Tverify"); + echo _("You did not select any email address for removal."); + } + if($delcount > 0) + { + echo "<br>\n"; + printf(_("%s email address(es) and associated client certificates have been removed."), intval($delcount)); + echo "<br>\n"; + } else { + echo _("You failed to select any email addresses to be removed, or you attempted to remove the default email address. No action was taken."); } - showheader(_("My CAcert.org Account!")); - echo _("Your vote has been accepted."); showfooter(); exit; } - + + if(intval($cert) > 0) $_SESSION['_config']['cert'] = intval($cert); if(intval($orgid) > 0) diff --git a/includes/account_stuff.php b/includes/account_stuff.php index 148a0ac..de38e6c 100644 --- a/includes/account_stuff.php +++ b/includes/account_stuff.php @@ -228,7 +228,7 @@ function hideall() { $extra .= "&dob=".urlencode($_SESSION['profile']['dob']); $extra .= "&email=".urlencode($_SESSION['profile']['email']); - $extra2 = "?assurer=".urlencode($name)."&date=now&maxpoints=".maxpoints(); + $extra2 = "?assurer=".urlencode($name)."&date=now&maxpoints=".max_points($_SESSION['profile']['id']); ?> <ul class="menu" id="WoTForms"> <li><a href="/cap.php<?=$extra?>">A4 - <?=_("WoT Form")?></a></li> diff --git a/includes/general.php b/includes/general.php index 3478dd4..9c0402a 100644 --- a/includes/general.php +++ b/includes/general.php @@ -15,6 +15,8 @@ along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ + include_once($_SESSION['_config']['filepath']."notary.inc.php"); + session_name("cacert"); session_start(); @@ -82,7 +84,9 @@ $query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`"; $res = mysql_query($query); $row = mysql_fetch_assoc($res); - $_SESSION['profile']['points'] = $row['total']; + $_SESSION['profile']['xpoints'] = $row['total']; + $_SESSION['profile']['points'] = received_points($_SESSION['profile']['id']); +echo "points3 (".$_SESSION['profile']['xpoints']."/".$_SESSION['profile']['points'].")"; } else { $_SESSION['profile'] = ""; unset($_SESSION['profile']); @@ -469,40 +473,6 @@ return(false); } - function maxpoints($id = 0) - { - if($id <= 0) - $id = $_SESSION['profile']['id']; - - $query = "select sum(`points`) as `points` from `notary` where `to`='$id' group by `to`"; - $row = mysql_fetch_assoc(mysql_query($query)); - $points = $row['points']; - - $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-18)); - $query = "select * from `users` where `id`='".$_SESSION['profile']['id']."' and `dob` < '$dob'"; - if(mysql_num_rows(mysql_query($query)) < 1) - { - if($points >= 100) - return(10); - else - return(0); - } - - if($points >= 150) - return(35); - if($points >= 140) - return(30); - if($points >= 130) - return(25); - if($points >= 120) - return(20); - if($points >= 110) - return(15); - if($points >= 100) - return(10); - return(0); - } - function hex2bin($data) { while(strstr($data, "\\x")) @@ -734,16 +704,15 @@ function get_assurer_status($userID) { $Result = 0; - $query = mysql_query('SELECT * FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` '. - ' WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = \''.(int)intval($userID).'\''); - if(mysql_num_rows($query) < 1) + $cats_test_passed = get_cats_state ($userID); + if ($cats_test_passed == 0) { $Result |= 5; } - $query = mysql_query('SELECT SUM(`points`) AS `points` FROM `notary` AS `n` WHERE `n`.`to` = \''.(int)intval($userID).'\' AND `n`.`expire` < now()'); - $row = mysql_fetch_assoc($query); - if ($row['points'] < 100) { + $maxpoints = max_points($userID); + if ($maxpoints == 0 ) + { $Result |= 3; } diff --git a/includes/keygen.php b/includes/keygen.php new file mode 100644 index 0000000..bf8bc5a --- /dev/null +++ b/includes/keygen.php @@ -0,0 +1,134 @@ +<? /* + LibreSSL - CAcert web application + Copyright (C) 2004-2011 CAcert Inc. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA +*/ + +if (array_key_exists('HTTP_USER_AGENT',$_SERVER) && + strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?> + + <noscript> + <p><?=_('You have to enable JavaScript to generate certificates in '. + 'the browser.')?></p> + <p><?=_('If you don\'t want to do that for any reason, you can use '. + 'manually created certificate requests instead.')?></p> + </noscript> + + <div id="noActiveX" style="color:red"> + <p><?=_('Could not initialize ActiveX object required for certificate '. + 'generation.')?></p> + <p><?=_('You have to enable ActiveX for this to work. On Windows '. + 'Vista, Windows 7 and later versions you have to add this '. + 'website to the list of trusted sites in the internet '. + 'settings.')?></p> + <p><?php + printf(_('Go to "Extras -> Internet Options -> Security -> Trusted '. + 'Websites", click on "Custom Level", set "ActiveX control '. + 'elements that are not marked as safe initialized on start in '. + 'scripts" to "Confirm" and click "OK". Now click "Sites", add '. + '"%s" and "%s" to your list of trusted sites and make the '. + 'changes come into effect by clicking "Close" and "OK".'), + 'https://'.$_SESSION['_config']['normalhostname'], + 'https://'.$_SESSION['_config']['securehostname'])?> + </p> + </div> + + <form method="post" style="display:none" action="account.php" + id="CertReqForm"> + <input type="hidden" name="oldid" value="<?=$id?>" /> + <input type="hidden" id="CSR" name="CSR" /> + <input type="hidden" name="keytype" value="MS" /> + + <p><?=_('Security level')?>: + <select id="SecurityLevel"> + <option value="high" selected="selected"><?=_('High')?></option> + <option value="medium"><?=_('Medium')?></option> + <option value="custom"><?=_('Custom')?>…</option> + </select> + </p> + + <fieldset id="customSettings" style="display:none"> + <legend><?=_('Custom Parameters')?></legend> + + <p><?=_('Cryptography Provider')?>: + <select id="CspProvider"></select> + </p> + <p><?=_('Algorithm')?>: <select id="algorithm"></select></p> + <p><?=_('Keysize')?>: + <input id="keySize" type="number" /> + <?=_('Minimum Size')?>: <span id="keySizeMin"></span>, + <?=_('Maximum Size')?>: <span id="keySizeMax"></span>, + <?php + // TRANSLATORS: this specifies the step between two valid key + // sizes. E.g. if the step is 512 and the minimum is 1024 and + // the maximum is 2048, then only 1024, 1536 and 2048 bits may + // be specified as key size. + echo _('Step')?>: <span id="keySizeStep"></span></p> + <p style="color:red"><?php + printf(_('Please note that RSA key sizes smaller than %d bit '. + 'will not be accepted by CAcert.'), + 1024)?> + </p> + </fieldset> + + <p><input type="submit" id="GenReq" name="GenReq" + value="<?=_('Create Certificate')?>" /></p> + <p id="generatingKeyNotice" style="display:none"> + <?=_('Generating your key. Please wait')?>…</p> + </form> + + + <!-- Error messages used in the JavaScript. Defined here so they can be + translated without passing the JavaScript code through PHP --> + <p id="createRequestErrorChooseAlgorithm" style="display:none"> + <?=_('Could not generate certificate request. Probably you need to '. + 'choose a different algorithm.')?> + </p> + <p id="createRequestErrorConfirmDialogue" style="display:none"> + <?=_('Could not generate certificate request. Please confirm the '. + 'dialogue if you are asked if you want to generate the key.')?> + </p> + <p id="createRequestErrorConnectDevice" style="display:none"> + <?=_('Could not generate certificate request. Please make sure the '. + 'cryptography device (e.g. the smartcard) is connected.')?> + </p> + <p id="createRequestError" style="display:none"> + <?=_('Could not generate certificate request.')?> + </p> + <p id="invalidKeySizeError" style="display:none"> + <?=_('You have specified an invalid key size')?> + </p> + <p id="unsupportedPlatformError" style="display:none"> + <?=_('Could not initialize the cryptographic module for your '. + 'platform. Currently we support Microsoft Windows XP, Vista '. + 'and 7. If you\'re using one of these platforms and see this '. + 'error message anyway you might have to enable ActiveX as '. + 'described in the red explanation text and accept loading of '. + 'the module.')?> + </p> + + <script type="text/javascript" src="keygenIE.js"></script> + +<? } else { ?> + <p> + <form method="post" action="account.php"> + <input type="hidden" name="keytype" value="NS"> + <?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>"> + + <input type="submit" name="submit" value="<?=_("Create Certificate Request")?>"> + <input type="hidden" name="oldid" value="<?=$id?>"> + </form> + </p> +<? } diff --git a/includes/loggedin.php b/includes/loggedin.php index 5734fad..9160753 100644 --- a/includes/loggedin.php +++ b/includes/loggedin.php @@ -107,7 +107,9 @@ $query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`"; $res = mysql_query($query); $row = mysql_fetch_assoc($res); - $_SESSION['profile']['points'] = $row['total']; + $_SESSION['profile']['xpoints'] = $row['total']; + $_SESSION['profile']['points'] = received_points($_SESSION['profile']['id']); +echo "points4 (".$_SESSION['profile']['xpoints']."/".$_SESSION['profile']['points'].")"; if($_SESSION['profile']['language'] == "") { diff --git a/includes/notary.inc.php b/includes/notary.inc.php index cc0e0eb..f04565a 100644 --- a/includes/notary.inc.php +++ b/includes/notary.inc.php @@ -254,7 +254,18 @@ { ?> <tr> - <td class="DataTD" colspan="5"><strong><?=$points_txt?>:</strong></td> +<? + if ($support == "1") + { +?> + <td class="DataTD" colspan="5"> +<? + } else { +?> + <td class="DataTD" colspan="3"> +<? } +?> + <strong><?=$points_txt?>:</strong></td> <td class="DataTD"><?=$points?></td> <td class="DataTD"> </td> <td class="DataTD"><strong><?=$experience_txt?>:</strong></td> @@ -316,7 +327,7 @@ if ($revoked == true) { ?> - <td class="DataTD" <?=$tdstyle?>> </td> + <td class="DataTD" <?=$tdstyle?>><?=_("Revoked")?></td> <? } else { ?> <td class="DataTD" <?=$tdstyle?>><?=$emopen?><a href="account.php?id=43&userid=<?=intval($userid)?>&assurance=<?=intval($assuranceid)?>&csrf=<?=make_csrf('admdelassurance')?>" onclick="return confirm('<?=_("Are you sure you want to revoke this assurance?")?>');"><?=_("Revoke")?></a><?=$emclose?></td> @@ -374,10 +385,10 @@ $res = get_given_assurances(intval($userid)); while($row = mysql_fetch_assoc($res)) { - $fromuser = get_user (intval($row['to'])); + $touser = get_user (intval($row['to'])); $apoints = calc_experience ($row,$points,$experience,$sum_experience,$revoked); - $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to'])); - $email = show_email_link ($fromuser['email'],intval($row['to'])); + $name = show_user_link ($touser['fname']." ".$touser['lname'],intval($row['to'])); + $email = show_email_link ($touser['email'],intval($row['to'])); output_assurances_row (intval($row['id']),$row['date'],$row['when'],$email,$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience,$userid,$support,$revoked); } } @@ -441,6 +452,24 @@ return $points; } + function received_points($userid) + { + $max_points = 100; + $sum_points = 0; + $points = 0; + $res = get_received_assurances_summary($userid); + while($row = mysql_fetch_assoc($res)) + { + $points = calc_points($row); + if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed) + { + $points = $max_points; + } + $sum_points += $points*intval($row['number']); + } + return $sum_points; + } + function max_points($userid) { return output_summary_content ($userid,0); @@ -602,4 +631,96 @@ <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p> <? } + +// functions for 6.php (assure somebody) + +function AssureHead($confirmation,$checkname) +{ +?> +<form method="post" action="wot.php"> + <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600"> + <tr> + <td colspan="2" class="title"><?=$confirmation?></td> + </tr> + <tr> + <td class="DataTD" colspan="2" align="left"><?=$checkname?></td> + </tr> +<? + } + +function AssureTextLine($field1,$field2) +{ +?> + <tr> + <td class="DataTD"><?=$field1?>:</td> + <td class="DataTD"><?=$field2?></td> + </tr> +<? +} + +function AssureCCABoxLine($type,$text) +{ + return; + AssureBoxLine($type,$text); +} + +function AssureBoxLine($type, $text, $checked = false) +{ +?> + <tr> + <td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1" + <?=$checked?'checked="checked"':''?>></td> + <td class="DataTD"><?=$text?></td> + </tr> +<? +} + +function AssureMethodLine($text,$methods,$remark) +{ + if (count($methods) != 1) + { ?> + <tr> + <td class="DataTD"><?=$text?></td> + <td class="DataTD"> + <select name="method"> <? + foreach($methods as $val) { ?> + <option value="<?=$val?>" <? + if(array_key_exists('method',$_POST) && + $val == $_POST['method']) { + echo 'selected="selected"'; + } + ?>><?=$val?></option> <? + } ?> + </select> + <br/> + <?=$remark?> + </td> + </tr> <? + } else { ?> + <input type="hidden" name="<?=$val?>" value="<?=$methods[0]?>"> <? + } +} + +function AssureInboxLine($type,$field,$value,$description) +{ +?> + <tr> + <td class="DataTD"><?=$field?>:</td> + <td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td> + </tr> +<? +} + +function AssureFoot($oldid,$confirm) +{?> + <tr> + <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=$confirm?>"> <input type="submit" name="cancel" value="<?=_("Cancel")?>"></td> + </tr> + </table> + <input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>"> + <input type="hidden" name="oldid" value="<?=$oldid?>"> +</form> +<? +} + ?> diff --git a/includes/wot.inc.php b/includes/wot.inc.php deleted file mode 100644 index edc442a..0000000 --- a/includes/wot.inc.php +++ /dev/null @@ -1,629 +0,0 @@ -<? /* - LibreSSL - CAcert web application - Copyright (C) 2004-2011 CAcert Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ - - function query_init ($query) - { - return mysql_query($query); - } - - function query_getnextrow ($res) - { - $row1 = mysql_fetch_assoc($res); - return $row1; - } - - function query_get_number_of_rows ($resultset) - { - return intval(mysql_num_rows($resultset)); - } - - function get_number_of_assurances ($userid) - { - $res = query_init ("SELECT count(*) AS `list` FROM `notary` - WHERE `method` = 'Face to Face Meeting' AND `from`='".intval($userid)."' "); - $row = query_getnextrow($res); - - return intval($row['list']); - } - - function get_number_of_assurees ($userid) - { - $res = query_init ("SELECT count(*) AS `list` FROM `notary` - WHERE `method` = 'Face to Face Meeting' AND `to`='".intval($userid)."' "); - $row = query_getnextrow($res); - - return intval($row['list']); - } - - function get_top_assurer_position ($no_of_assurances) - { - $res = query_init ("SELECT count(*) AS `list` FROM `notary` - WHERE `method` = 'Face to Face Meeting' - GROUP BY `from` HAVING count(*) > '".intval($no_of_assurances)."'"); - return intval(query_get_number_of_rows($res)+1); - } - - function get_top_assuree_position ($no_of_assurees) - { - $res = query_init ("SELECT count(*) AS `list` FROM `notary` - WHERE `method` = 'Face to Face Meeting' - GROUP BY `to` HAVING count(*) > '".intval($no_of_assurees)."'"); - return intval(query_get_number_of_rows($res)+1); - } - - function get_given_assurances ($userid) - { - $res = query_init ("select * from `notary` where `from`='".intval($userid)."' and `from` != `to` order by `id` asc"); - return $res; - } - - function get_received_assurances ($userid) - { - $res = query_init ("select * from `notary` where `to`='".intval($userid)."' and `from` != `to` order by `id` asc "); - return $res; - } - - function get_given_assurances_summary ($userid) - { - $res = query_init ("select count(*) as number,points,awarded,method from notary where `from`='".intval($userid)."' group by points,awarded,method"); - return $res; - } - - function get_received_assurances_summary ($userid) - { - $res = query_init ("select count(*) as number,points,awarded,method from notary where `to`='".intval($userid)."' group by points,awarded,method"); - return $res; - } - - function get_user ($userid) - { - $res = query_init ("select * from `users` where `id`='".intval($userid)."'"); - return mysql_fetch_assoc($res); - } - - function get_cats_state ($userid) - { - - $res = query_init ("select * from `cats_passed` inner join `cats_variant` on `cats_passed`.`variant_id` = `cats_variant`.`id` and `cats_variant`.`type_id` = 1 - WHERE `cats_passed`.`user_id` = '".intval($userid)."'"); - return mysql_num_rows($res); - } - - function calc_experience ($row,&$points,&$experience,&$sum_experience) - { - $apoints = max($row['points'], $row['awarded']); - - $points += $apoints; - - $experience = " "; - if ($row['method'] == "Face to Face Meeting") - { - $sum_experience = $sum_experience +2; - $experience = "2"; - } - return $apoints; - } - - function calc_assurances ($row,&$points,&$experience,&$sumexperience,&$awarded) - { - $awarded = calc_points($row); - - if ($awarded > 100) - { - $experience = $awarded - 100; // needs to be fixed in the future (limit 50 pts and/or no experience if pts > 100) - $awarded = 100; - } - else - $experience = 0; - - switch ($row['method']) - { - case 'Thawte Points Transfer': - case 'CT Magazine - Germany': - case 'Temporary Increase': // Current usage of 'Temporary Increase' may break audit aspects, needs to be reimplemented - $awarded=sprintf("<strong style='color: red'>%s</strong>",_("Revoked")); - $experience=0; - break; - default: - $points += $awarded; - } - $sumexperience = $sumexperience + $experience; - } - - - function show_user_link ($name,$userid) - { - $name = trim($name); - if($name == "") - { - if ($userid == 0) - $name = _("System"); - else - $name = _("Deleted account"); - } - else - $name = "<a href='wot.php?id=9&userid=".intval($userid)."'>$name</a>"; - return $name; - } - - function get_assurer_ranking($userid,&$num_of_assurances,&$rank_of_assurer) - { - $num_of_assurances = get_number_of_assurances (intval($userid)); - $rank_of_assurer = get_top_assurer_position($num_of_assurances); - } - - function get_assuree_ranking($userid,&$num_of_assurees,&$rank_of_assuree) - { - $num_of_assurees = get_number_of_assurees (intval($userid)); - $rank_of_assuree = get_top_assuree_position($num_of_assurees); - } - - -// ************* html table definitions ****************** - - function output_ranking($userid) - { - get_assurer_ranking($userid,$num_of_assurances,$rank_of_assurer); - get_assuree_ranking($userid,$num_of_assurees,$rank_of_assuree); - -?> -<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> - <td class="title"><?=_("Assurer Ranking")?></td> - </tr> - <tr> - <td class="DataTD"><?=sprintf(_("You have made %s assurances which ranks you as the #%s top assurer."), intval($num_of_assurances), intval($rank_of_assurer) )?></td> - </tr> - <tr> - <td class="DataTD"><?=sprintf(_("You have received %s assurances which ranks you as the #%s top assuree."), intval($num_of_assurees), intval($rank_of_assuree) )?></td> - </tr> -</table> -<br/> -<? - } - - function output_assurances_header($title) - { -?> -<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> - <td colspan="7" class="title"><?=$title?></td> - </tr> - <tr> - <td class="DataTD"><strong><?=_("ID")?></strong></td> - <td class="DataTD"><strong><?=_("Date")?></strong></td> - <td class="DataTD"><strong><?=_("Who")?></strong></td> - <td class="DataTD"><strong><?=_("Points")?></strong></td> - <td class="DataTD"><strong><?=_("Location")?></strong></td> - <td class="DataTD"><strong><?=_("Method")?></strong></td> - <td class="DataTD"><strong><?=_("Experience Points")?></strong></td> - </tr> -<? - } - - function output_assurances_footer($points_txt,$points,$experience_txt,$sumexperience) - { -?> - <tr> - <td class="DataTD" colspan="3"><strong><?=$points_txt?>:</strong></td> - <td class="DataTD"><?=$points?></td> - <td class="DataTD"> </td> - <td class="DataTD"><strong><?=$experience_txt?>:</strong></td> - <td class="DataTD"><?=$sumexperience?></td> - </tr> -</table> -<br/> -<? - } - - function output_assurances_row($assuranceid,$date,$when,$name,$awarded,$points,$location,$method,$experience) - { - - $tdstyle=""; - $emopen=""; - $emclose=""; - - if ($awarded == $points) - { - if ($awarded == "0") - { - if ($when < "2006-09-01") - { - $tdstyle="style='background-color: #ffff80'"; - $emopen="<em>"; - $emclose="</em>"; - } - } - } - -?> - <tr> - <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$assuranceid?><?=$emclose?></td> - <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$date?><?=$emclose?></td> - <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$name?><?=$emclose?></td> - <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$awarded?><?=$emclose?></td> - <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$location?><?=$emclose?></td> - <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$method?><?=$emclose?></td> - <td class="DataTD" <?=$tdstyle?>><?=$emopen?><?=$experience?><?=$emclose?></td> - </tr> -<? - } - - function output_summary_header() - { -?> -<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> - <td colspan="4" class="title"><?=_("Summary of your Points")?></td> - </tr> - <tr> - <td class="DataTD"><strong><?=_("Description")?></strong></td> - <td class="DataTD"><strong><?=_("Points")?></strong></td> - <td class="DataTD"><strong><?=_("Countable Points")?></strong></td> - <td class="DataTD"><strong><?=_("Remark")?></strong></td> - </tr> -<? - } - - function output_summary_footer() - { -?> -</table> -<br/> -<? - } - - function output_summary_row($title,$points,$points_countable,$remark) - { -?> - <tr> - <td class="DataTD"><strong><?=$title?></strong></td> - <td class="DataTD"><?=$points?></td> - <td class="DataTD"><?=$points_countable?></td> - <td class="DataTD"><?=$remark?></td> - </tr> -<? - } - - -// ************* output given assurances ****************** - - function output_given_assurances_content($userid,&$points,&$sum_experience) - { - $points = 0; - $sumexperience = 0; - $res = get_given_assurances(intval($userid)); - while($row = mysql_fetch_assoc($res)) - { - $fromuser = get_user (intval($row['to'])); - $apoints = calc_experience ($row,$points,$experience,$sum_experience); - $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['to'])); - output_assurances_row (intval($row['id']),$row['date'],$row['when'],$name,$apoints,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience); - } - } - -// ************* output received assurances ****************** - - function output_received_assurances_content($userid,&$points,&$sum_experience) - { - $points = 0; - $sumexperience = 0; - $res = get_received_assurances(intval($userid)); - while($row = mysql_fetch_assoc($res)) - { - $fromuser = get_user (intval($row['from'])); - calc_assurances ($row,$points,$experience,$sum_experience,$awarded); - $name = show_user_link ($fromuser['fname']." ".$fromuser['lname'],intval($row['from'])); - output_assurances_row (intval($row['id']),$row['date'],$row['when'],$name,$awarded,intval($row['points']),$row['location'],$row['method']==""?"":_(sprintf("%s", $row['method'])),$experience); - } - } - -// ************* output summary table ****************** - - function check_date_limit ($userid,$age) - { - $dob = date("Y-m-d", mktime(0,0,0,date("m"),date("d"),date("Y")-$age)); - $res = query_init ("select id from `users` where `id`='".$userid."' and `dob` < '$dob'"); - return intval(query_get_number_of_rows($res)); - } - - function calc_points($row) - { - $awarded = intval($row['awarded']); - if ($awarded == "") - $awarded = 0; - if (intval($row['points']) < $awarded) - $points = $awarded; // if 'sum of added points' > 100, awarded shows correct value - else - $points = intval($row['points']); // on very old assurances, awarded is '0' instead of correct value - switch ($row['method']) - { - case 'Thawte Points Transfer': // revoke all Thawte-points (as per arbitration) - case 'CT Magazine - Germany': // revoke c't (only one test-entry) - case 'Temporary Increase': // revoke 'temporary increase' (Current usage breaks audit aspects, needs to be reimplemented) - $points = 0; - break; - case 'Administrative Increase': // ignore AI with 2 points or less (historical for experiance points, now other calculation) - if ($points <= 2) // maybe limit to 35/50 pts in the future? - $points = 0; - break; - case 'Unknown': // to be revoked in the future? limit to max 50 pts? - case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts? - case '': // to be revoked in the future? limit to max 50 pts? - case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future? - break; - default: // should never happen ... ;-) - $points = 0; - } - if ($points < 0) // ignore negative points (bug needs to be fixed) - $points = 0; - return $points; - } - - function max_points($userid) - { - return output_summary_content ($userid,0); - } - - function output_summary_content($userid,$display_output) - { - $sum_points = 0; - $sum_experience = 0; - $sum_experience_other = 0; - $max_points = 100; - $max_experience = 50; - - $experience_limit_reached_txt = _("Limit reached"); - - if (check_date_limit($userid,18) != 1) - { - $max_experience = 10; - $experience_limit_reached_txt = _("Limit given by PoJAM reached"); - } - if (check_date_limit($userid,14) != 1) - { - $max_experience = 0; - $experience_limit_reached_txt = _("Limit given by PoJAM reached"); - } - - $res = get_received_assurances_summary($userid); - while($row = mysql_fetch_assoc($res)) - { - $points = calc_points ($row); - - if ($points > $max_points) // limit to 100 points, above is experience (needs to be fixed) - { - $sum_experience_other = $sum_experience_other+($points-$max_points)*intval($row['number']); - $points = $max_points; - } - $sum_points += $points*intval($row['number']); - } - - $res = get_given_assurances_summary($userid); - while($row = mysql_fetch_assoc($res)) - { - switch ($row['method']) - { - case 'Face to Face Meeting': // count Face to Face only - $sum_experience += 2*intval($row['number']); - break; - } - - } - - if ($sum_points > $max_points) - { - $sum_points_countable = $max_points; - $remark_points = _("Limit reached"); - } - else - { - $sum_points_countable = $sum_points; - $remark_points = " "; - } - if ($sum_experience > $max_experience) - { - $sum_experience_countable = $max_experience; - $remark_experience = $experience_limit_reached_txt; - } - else - { - $sum_experience_countable = $sum_experience; - $remark_experience = " "; - } - - if ($sum_experience_countable + $sum_experience_other > $max_experience) - { - $sum_experience_other_countable = $max_experience-$sum_experience_countable; - $remark_experience_other = $experience_limit_reached_txt; - } - else - { - $sum_experience_other_countable = $sum_experience_other; - $remark_experience_other = " "; - } - - if ($sum_points_countable < $max_points) - { - if ($sum_experience_countable != 0) - $remark_experience = _("Points on hold due to less assurance points"); - $sum_experience_countable = 0; - if ($sum_experience_other_countable != 0) - $remark_experience_other = _("Points on hold due to less assurance points"); - $sum_experience_other_countable = 0; - } - - $issue_points = 0; - $cats_test_passed = get_cats_state ($userid); - if ($cats_test_passed == 0) - { - $issue_points_txt = "<strong style='color: red'>"._("You have to pass the CAcert Assurer Challenge (CATS-Test) to be an Assurer")."</strong>"; - if ($sum_points_countable < $max_points) - { - $issue_points_txt = "<strong style='color: red'>"; - $issue_points_txt .= sprintf(_("You need %s assurance points and the passed CATS-Test to be an Assurer"), intval($max_points)); - $issue_points_txt .= "</strong>"; - } - } - else - { - $experience_total = $sum_experience_countable+$sum_experience_other_countable; - $issue_points_txt = ""; - if ($sum_points_countable == $max_points) - $issue_points = 10; - if ($experience_total >= 10) - $issue_points = 15; - if ($experience_total >= 20) - $issue_points = 20; - if ($experience_total >= 30) - $issue_points = 25; - if ($experience_total >= 40) - $issue_points = 30; - if ($experience_total >= 50) - $issue_points = 35; - if ($issue_points != 0) - $issue_points_txt = sprintf(_("You may issue up to %s points"),$issue_points); - } - if ($display_output) - { - output_summary_row (_("Assurance Points you received"),$sum_points,$sum_points_countable,$remark_points); - output_summary_row (_("Total Experience Points by Assurance"),$sum_experience,$sum_experience_countable,$remark_experience); - output_summary_row (_("Total Experience Points (other ways)"),$sum_experience_other,$sum_experience_other_countable,$remark_experience_other); - output_summary_row (_("Total Points")," ",$sum_points_countable + $sum_experience_countable + $sum_experience_other_countable,$issue_points_txt); - } - return $issue_points; - } - - function output_given_assurances($userid) - { - output_assurances_header(_("Assurance Points You Issued")); - output_given_assurances_content($userid,$points,$sum_experience); - output_assurances_footer(_("Total Points Issued"),$points,_("Total Experience Points"),$sum_experience); - } - - function output_received_assurances($userid) - { - output_assurances_header(_("Your Assurance Points")); - output_received_assurances_content($userid,$points,$sum_experience); - output_assurances_footer(_("Total Assurance Points"),$points,_("Total Experience Points"),$sum_experience); - } - - function output_summary($userid) - { - output_summary_header(); - output_summary_content($userid,1); - output_summary_footer(); - } - - function output_end_of_page() - { -?> - <p>[ <a href='javascript:history.go(-1)'><?=_("Go Back")?></a> ]</p> -<? - } - -// functions for 6.php (assure somebody) - -function AssureHead($confirmation,$checkname) -{ -?> -<form method="post" action="wot.php"> - <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="600"> - <tr> - <td colspan="2" class="title"><?=$confirmation?></td> - </tr> - <tr> - <td class="DataTD" colspan="2" align="left"><?=$checkname?></td> - </tr> -<? - } - -function AssureTextLine($field1,$field2) -{ -?> - <tr> - <td class="DataTD"><?=$field1?>:</td> - <td class="DataTD"><?=$field2?></td> - </tr> -<? -} - -function AssureCCABoxLine($type,$text) -{ - return; - AssureBoxLine($type,$text); -} - -function AssureBoxLine($type,$text,$checked) -{ -?> - <tr> - <td class="DataTD"><input type="checkbox" name="<?=$type?>" value="1" <?=$checked?"checked":""?>></td> - <td class="DataTD"><?=$text?></td> - </tr> -<? -} - -function AssureMethodLine($text,$methods,$remark) -{ - if (count($methods) != 1) - { -?> - <tr> - <td class="DataTD"><?=$text?></td> - <td class="DataTD"> - <select name="method"> -<? - foreach($methods as $val) { ?> - <option value="<?=$val?>"> <?=$val?></option> - -<? } ?> - </select> - </br><?=$remark?> - </td> - </tr> -<? - } else { -?> - <input type="hidden" name="<?=$val?>" value="<?=$methods[0]?>"> -<? - } -} - -function AssureInboxLine($type,$field,$value,$description) -{ -?> - <tr> - <td class="DataTD"><?=$field?>:</td> - <td class="DataTD"><input type="text" name="<?=$type?>" value="<?=$value?>"><?=$description?></td> - </tr> -<? -} - -function AssureFoot($oldid,$confirm) -{?> - <tr> - <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=$confirm?>"> <input type="submit" name="cancel" value="<?=_("Cancel")?>"></td> - </tr> - </table> - <input type="hidden" name="pagehash" value="<?=$_SESSION['_config']['wothash']?>"> - <input type="hidden" name="oldid" value="<?=$oldid?>"> -</form> -<? -} - diff --git a/locale/Makefile b/locale/Makefile index 1517066..4215a4f 100644 --- a/locale/Makefile +++ b/locale/Makefile @@ -176,7 +176,8 @@ upload.clean: template.clean messages.pot: $(GETTEXT_FILES) xgettext --output - --sort-by-file --copyright-holder "CAcert Inc." \ --package-name "CAcert" --package-version "$(VERSION)" \ - --msgid-bugs-address "translations-admin@cacert.org" $^ | \ + --msgid-bugs-address "translations-admin@cacert.org" \ + --add-comments=TRANSLATORS $^ | \ # replace place holders in the lines before the first msgid\ sed '1,/^msgid/ { s/SOME DESCRIPTIVE TITLE/$(DESCRITPION)/; s/YEAR/$(COPYRIGHT_YEAR)/; s/PACKAGE/$(PACKAGE)/ }' \ > $@ diff --git a/locale/escape_special_chars.php b/locale/escape_special_chars.php index 32de390..0f494f1 100644 --- a/locale/escape_special_chars.php +++ b/locale/escape_special_chars.php @@ -41,6 +41,9 @@ function is_msgid($line) { return substr_compare($line, MSGID, 0, MSGID_LEN) === 0; } + +////////////// Main ////////////// + // Skip the metadata (first msgid/msgstr pair) while (!feof(STDIN)) { $line = fgets(STDIN); @@ -65,7 +68,13 @@ while (!feof(STDIN)) { } if ($msgstr) { + // Escape everything that has a special HTML entity such as + // > or ä except quote characters $line = htmlentities($line, ENT_NOQUOTES, "UTF-8"); + + // Escape everything else -> all characters that don't have a special + // HTML entity but are outside the ASCII range + $line = mb_convert_encoding($line, "HTML-ENTITIES", "UTF-8"); } echo $line; } diff --git a/pages/account/10.php b/pages/account/10.php index 704a05c..f5527ab 100644 --- a/pages/account/10.php +++ b/pages/account/10.php @@ -34,6 +34,8 @@ <input type="radio" name="rootcert" value="2" checked> <?=_("Sign by class 3 root certificate")?><br> <p><?=_("Please note: The class 3 root certificate needs to be setup in your webserver as a chained certificate, while slightly more complicated to setup, this root certificate is more likely to be trusted by more people.")?></p> <? } ?> +<p> <?=_("Optional comment, only used in the certifictate overview")?><br> + <input type="text" name="description" maxlength="80" size=80></p> <p><?=_("Paste your CSR(Certificate Signing Request) below...")?></p> <textarea name="CSR" cols="80" rows="15"></textarea><br> <input type="submit" name="process" value="<?=_("Submit")?>"> diff --git a/pages/account/12.php b/pages/account/12.php index 44926ca..35ae6c2 100644 --- a/pages/account/12.php +++ b/pages/account/12.php @@ -25,7 +25,8 @@ <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td> <td class="DataTD"><?=_("Status")?></td> <td class="DataTD"><?=_("CommonName")?></td> - <td class="DataTD"><?=_("SerialNumber")?></td> + <td class="DataTD"><?=_("SerialNumber")?></td> + <td class="DataTD"><?=_("Comment")?></td> <td class="DataTD"><?=_("Revoked")?></td> <td class="DataTD"><?=_("Expires")?></td> </tr> @@ -34,7 +35,8 @@ UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`, UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired`, `domaincerts`.`expire` as `expires`, `revoked` as `revoke`, - UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `domaincerts`.`serial`, `domaincerts`.`id` as `id` + UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `domaincerts`.`serial`, `domaincerts`.`id` as `id`, + `domaincerts`.`description` from `domaincerts`,`domains` where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0 and `domaincerts`.`domid`=`domains`.`id` "; if($viewall != 1) @@ -75,7 +77,8 @@ <? } ?> <td class="DataTD"><?=$verified?></td> <td class="DataTD"><a href="account.php?id=15&cert=<?=$row['id']?>"><?=$row['CN']?></a></td> - <td class="DataTD"><?=$row['serial']?></td> + <td class="DataTD"><?=$row['serial']?></td> + <td class="DataTD"><?=$row['description']?></td> <td class="DataTD"><?=$row['revoke']?></td> <td class="DataTD"><?=$row['expires']?></td> </tr> diff --git a/pages/account/16.php b/pages/account/16.php index 514ecfd..338878d 100644 --- a/pages/account/16.php +++ b/pages/account/16.php @@ -56,6 +56,12 @@ <td class="DataTD" colspan="2" align="left"><input type="checkbox" name="codesign" value="1" /><?=_("Code Signing")?></td> </tr> <? } ?> + <tr> + <td class="DataTD" colspan="2" align="left"> + <?=_("Optional comment, only used in the certifictate overview")?><br> + <input type="text" name="description" maxlength="80" size=80> + </td> + </tr> <tr> <td class="DataTD" colspan="2"><input type="submit" name="add_email" value="<?=_("Another Email")?>"> <input type="submit" name="process" value="<?=_("Next")?>"></td> diff --git a/pages/account/17.php b/pages/account/17.php index 2ba5390..8ac8b65 100644 --- a/pages/account/17.php +++ b/pages/account/17.php @@ -14,124 +14,6 @@ You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ ?> -<? if(array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?> -<object classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="/xenroll.cab#Version=5,131,3659,0" id="cec"> -<?=_("You must enable ActiveX for this to work.")?> -</object> -<form method="post" action="account.php" name="CertReqForm"><p> -<input type="hidden" name="session" value="UsedXenroll"> -<?=_("Key Strength:")?> <select name="CspProvider"></select> -<input type="hidden" name="oldid" value="<?=$id?>"> -<INPUT TYPE=HIDDEN NAME="CSR"> -<input type="hidden" name="keytype" value="MS"> -<?=_("'Enhanced Provider' is generally the best option, which has a key size of 1024bit. If you need a bigger key size you will need to use a different browser.")?> -<input type="submit" name="GenReq" value="Create Certificate"><br> -</p></form> -<script type="text/vbscript" language="vbscript"> -<!-- -Function GetProviderList() - Dim CspList, cspIndex, ProviderName - On Error Resume Next +*/ - count = 0 - base = 0 - enhanced = 0 - CspList = "" - ProviderName = "" - - For ProvType = 0 to 13 - cspIndex = 0 - cec.ProviderType = ProvType - ProviderName = cec.enumProviders(cspIndex,0) - - while ProviderName <> "" - Set oOption = document.createElement("OPTION") - oOption.text = ProviderName - oOption.value = ProvType - Document.CertReqForm.CspProvider.add(oOption) - if ProviderName = "Microsoft Base Cryptographic Provider v1.0" Then - base = count - end if - if ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0" Then - enhanced = count - end if - cspIndex = cspIndex +1 - ProviderName = "" - ProviderName = cec.enumProviders(cspIndex,0) - count = count + 1 - wend - Next - Document.CertReqForm.CspProvider.selectedIndex = base - if enhanced then - Document.CertReqForm.CspProvider.selectedIndex = enhanced - end if -End Function - -Function CSR(keyflags) - CSR = "" - szName = "" - cec.HashAlgorithm = "MD5" - err.clear - On Error Resume Next - set options = document.all.CspProvider.options - index = options.selectedIndex - cec.providerName = options(index).text - tmpProviderType = options(index).value - cec.providerType = tmpProviderType - cec.KeySpec = 2 - if tmpProviderType < 2 Then - cec.KeySpec = 1 - end if - cec.GenKeyFlags = &h04000001 OR keyflags - CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2") - if len(CSR)<>0 then Exit Function - cec.GenKeyFlags = &h04000000 OR keyflags - CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2") - if len(CSR)<>0 then Exit Function - if cec.providerName = "Microsoft Enhanced Cryptographic Provider v1.0" Then - if MsgBox("<?=_("The 1024-bit key generation failed. Would you like to try 512 instead?")?>", vbOkCancel)=vbOk Then - cec.providerName = "Microsoft Base Cryptographic Provider v1.0" - else - Exit Function - end if - end if - cec.GenKeyFlags = 1 OR keyflags - CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2") - if len(CSR)<>0 then Exit Function - cec.GenKeyFlags = keyflags - CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2") - if len(CSR)<>0 then Exit Function - cec.GenKeyFlags = 0 - CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2") -End Function - -Sub GenReq_OnClick - Dim TheForm - Set TheForm = Document.CertReqForm - err.clear - result = CSR(2) - if len(result)=0 Then - result = MsgBox("Unable to generate PKCS#10.", 0, "Alert") - Exit Sub - end if - TheForm.CSR.Value = result - TheForm.Submit - Exit Sub -End Sub - -GetProviderList() ---> -</script> -<? } else { ?> -<p> -<form method="post" action="account.php"> -<input type="hidden" name="keytype" value="NS"> -<?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>"> - - -<input type="submit" name="submit" value="<?=_("Create Certificate Request")?>"> -<input type="hidden" name="oldid" value="<?=$id?>"> -</form> -</p> -<? } ?> +require_once($_SESSION['_config']['filepath'].'/includes/keygen.php'); diff --git a/pages/account/18.php b/pages/account/18.php index 13dcc30..45e3be9 100644 --- a/pages/account/18.php +++ b/pages/account/18.php @@ -25,7 +25,8 @@ <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td> <td class="DataTD"><?=_("Status")?></td> <td class="DataTD"><?=_("CommonName")?></td> - <td class="DataTD"><?=_("SerialNumber")?></td> + <td class="DataTD"><?=_("SerialNumber")?></td> + <td class="DataTD"><?=_("Comment")?></td> <td class="DataTD"><?=_("Revoked")?></td> <td class="DataTD"><?=_("Expires")?></td> @@ -35,7 +36,8 @@ UNIX_TIMESTAMP(`oemail`.`expire`) as `expired`, `oemail`.`expire` as `expires`, `oemail`.`revoked` as `revoke`, UNIX_TIMESTAMP(`oemail`.`revoked`) as `revoked`, - `oemail`.`CN`, `oemail`.`serial`, `oemail`.`id` + `oemail`.`CN`, `oemail`.`serial`, `oemail`.`id`, + `oemail`.`description` from `orgemailcerts` as `oemail`, `org` where `org`.`memid`='".intval($_SESSION['profile']['id'])."' and `org`.`orgid`=`oemail`.`orgid` "; @@ -80,7 +82,8 @@ <td class="DataTD"><?=$verified?></td> <td class="DataTD"><a href="account.php?id=19&cert=<?=$row['id']?>"><?=$row['CN']?></a></td> <? } ?> - <td class="DataTD"><?=$row['serial']?></td> + <td class="DataTD"><?=$row['serial']?></td> + <td class="DataTD"><?=$row['description']?></td> <td class="DataTD"><?=$row['revoke']?></td> <td class="DataTD"><?=$row['expires']?></td> </tr> diff --git a/pages/account/20.php b/pages/account/20.php index 510b708..5e91e77 100644 --- a/pages/account/20.php +++ b/pages/account/20.php @@ -29,9 +29,11 @@ <form method="post" action="account.php"> <input type="radio" name="rootcert" value="1"> <?=_("Sign by class 1 root certificate")?><br> <input type="radio" name="rootcert" value="2" checked> <?=_("Sign by class 3 root certificate")?><br> +<p> <?=_("Optional comment, only used in the certifictate overview")?><br> + <input type="text" name="description" maxlength="80" size=80></p> <p><?=_("Please note: The class 3 root certificate needs to be setup in your webserver as a chained certificate, while slightly more complicated to setup, this root certificate is more likely to be trusted by more people.")?></p> <p><?=_("Paste your CSR below...")?></p> -<textarea name="CSR" cols="80" rows="15"></textarea><br> +<textarea name="CSR" cols="80" rows="15"></textarea><br> <input type="submit" name="process" value="<?=_("Submit")?>"> <input type="hidden" name="oldid" value="<?=$id?>"> </form> diff --git a/pages/account/22.php b/pages/account/22.php index 9df8200..ac7a645 100644 --- a/pages/account/22.php +++ b/pages/account/22.php @@ -25,7 +25,8 @@ <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td> <td class="DataTD"><?=_("Status")?></td> <td class="DataTD"><?=_("CommonName")?></td> - <td class="DataTD"><?=_("SerialNumber")?></td> + <td class="DataTD"><?=_("SerialNumber")?></td> + <td class="DataTD"><?=_("Comment")?></td> <td class="DataTD"><?=_("Revoked")?></td> <td class="DataTD"><?=_("Expires")?></td> @@ -36,7 +37,8 @@ `orgdomaincerts`.`expire` as `expires`, `revoked` as `revoke`, UNIX_TIMESTAMP(`revoked`) as `revoked`, `CN`, `orgdomaincerts`.`serial`, - `orgdomaincerts`.`id` as `id` + `orgdomaincerts`.`id` as `id`, + `orgdomaincerts`.`description` from `orgdomaincerts`,`org` where `org`.`memid`='".intval($_SESSION['profile']['id'])."' and `orgdomaincerts`.`orgid`=`org`.`orgid` "; if($viewall != 1) @@ -77,7 +79,8 @@ <? } ?> <td class="DataTD"><?=$verified?></td> <td class="DataTD"><a href="account.php?id=23&cert=<?=$row['id']?>"><?=$row['CN']?></a></td> - <td class="DataTD"><?=$row['serial']?></td> + <td class="DataTD"><?=$row['serial']?></td> + <td class="DataTD"><?=$row['description']?></td> <td class="DataTD"><?=$row['revoke']?></td> <td class="DataTD"><?=$row['expires']?></td> </tr> diff --git a/pages/account/3.php b/pages/account/3.php index 5590488..b2e3184 100644 --- a/pages/account/3.php +++ b/pages/account/3.php @@ -53,6 +53,12 @@ if($_SESSION['profile']['points'] >= 50) $suffix = $_SESSION['profile']['suffix']; ?> <tr> + <td class="DataTD" colspan="2" align="left"> + <?=_("Optional comment, only used in the certifictate overview")?><br> + <input type="text" name="description" maxlength="80" size=80> + </td> + </tr> + <tr> <td class="DataTD" colspan="2" align="left"> <input type="radio" name="rootcert" value="1" checked> <?=_("Sign by class 1 root certificate")?><br> <input type="radio" name="rootcert" value="2"> <?=_("Sign by class 3 root certificate")?><br> diff --git a/pages/account/4.php b/pages/account/4.php index a4d6597..8ac8b65 100644 --- a/pages/account/4.php +++ b/pages/account/4.php @@ -14,177 +14,6 @@ You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ ?> -<? if(array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?> -<object classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="/xenroll.cab#Version=5,131,3659,0" id="cec"> -<?=_("You must enable ActiveX for this to work. On Vista you have to add this website to the list of trusted sites in the internet-settings.")?><?=_("Go to Extras->Internet Options->Security->Trusted Websites, click on Custom Level, check ActiveX control elements that are not marked as safe initialized on start in scripts")?> -</object> -<form method="post" action="account.php" name="CertReqForm"><p> -<input type="hidden" name="session" value="UsedXenroll"> -<?=_("Key Strength:")?> <select name="CspProvider"></select> -<input type="hidden" name="oldid" value="<?=$id?>"> -<INPUT TYPE=HIDDEN NAME="CSR"> -<input type="hidden" name="keytype" value="MS"> -<input type="submit" name="GenReq" value="Create Certificate"><br> -</p></form> -<script type="text/vbscript" language="vbscript"> -<!-- -Function GetProviderList() - Dim CspList, cspIndex, ProviderName - On Error Resume Next +*/ - count = 0 - base = 0 - enhanced = 0 - CspList = "" - ProviderName = "" - - // Vista: - Set csps = CreateObject("X509Enrollment.CCspInformations") - If IsObject(csps) Then - csps.AddAvailableCsps() - Document.CertReqForm.keytype.value="VI" - For j = 0 to csps.Count-1 - Set oOption = document.createElement("OPTION") - oOption.text = csps.ItemByIndex(j).Name - oOption.value = j - Document.CertReqForm.CspProvider.add(oOption) - Next - - Else - - // 2000,XP: - - For ProvType = 0 to 13 - cspIndex = 0 - cec.ProviderType = ProvType - ProviderName = cec.enumProviders(cspIndex,0) - - while ProviderName <> "" - Set oOption = document.createElement("OPTION") - oOption.text = ProviderName - oOption.value = ProvType - Document.CertReqForm.CspProvider.add(oOption) - if ProviderName = "Microsoft Base Cryptographic Provider v1.0" Then - base = count - end if - if ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0" Then - enhanced = count - end if - cspIndex = cspIndex +1 - ProviderName = "" - ProviderName = cec.enumProviders(cspIndex,0) - count = count + 1 - wend - Next - Document.CertReqForm.CspProvider.selectedIndex = base - if enhanced then - Document.CertReqForm.CspProvider.selectedIndex = enhanced - end if - End If -End Function - -Function CSR(keyflags) - CSR = "" - szName = "" - - - // Vista - if Document.CertReqForm.keytype.value="VI" Then - - Dim g_objClassFactory - Dim obj - Dim objPrivateKey - Dim g_objRequest - Dim g_objRequestCMC - - Set g_objClassFactory=CreateObject("X509Enrollment.CX509EnrollmentWebClassFactory") - Set obj=g_objClassFactory.CreateObject("X509Enrollment.CX509Enrollment") - Set objPrivateKey=g_objClassFactory.CreateObject("X509Enrollment.CX509PrivateKey") - Set objRequest=g_objClassFactory.CreateObject("X509Enrollment.CX509CertificateRequestPkcs10") - //Msgbox exit function - objPrivateKey.ProviderName = Document.CertReqForm.CspProvider(Document.CertReqForm.CspProvider.selectedIndex).text - // "Microsoft Enhanced RSA and AES Cryptographic Provider" - objPrivateKey.ProviderType = "24" - objPrivateKey.KeySpec = "1" - objPrivateKey.ExportPolicy = 1 - objRequest.InitializeFromPrivateKey 1, objPrivateKey, "" - Set objDN = g_objClassFactory.CreateObject("X509Enrollment.CX500DistinguishedName") - objDN.Encode("CN=CAcertRequest") - objRequest.Subject = objDN - - // obj.Initialize(1) - obj.InitializeFromRequest(objRequest) - obj.CertificateDescription="Description" - obj.CertificateFriendlyName="FriendlyName" - CSR=obj.CreateRequest(1) - If len(CSR)<>0 Then Exit Function - Msgbox "<?=_("Error while generating the certificate-request. Please make sure that you have added this website to the list of trusted sites in the Internet-Options menu!")?>" - - else - // XP - - cec.HashAlgorithm = "MD5" - err.clear - On Error Resume Next - set options = document.all.CspProvider.options - index = options.selectedIndex - cec.providerName = options(index).text - tmpProviderType = options(index).value - cec.providerType = tmpProviderType - cec.KeySpec = 2 - if tmpProviderType < 2 Then - cec.KeySpec = 1 - end if - cec.GenKeyFlags = &h04000001 OR keyflags - CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2") - if len(CSR)<>0 then Exit Function - cec.GenKeyFlags = &h04000000 OR keyflags - CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2") - if len(CSR)<>0 then Exit Function - if cec.providerName = "Microsoft Enhanced Cryptographic Provider v1.0" Then - if MsgBox("<?=_("The 1024-bit key generation failed. Would you like to try 512 instead?")?>", vbOkCancel)=vbOk Then - cec.providerName = "Microsoft Base Cryptographic Provider v1.0" - else - Exit Function - end if - end if - cec.GenKeyFlags = 1 OR keyflags - CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2") - if len(CSR)<>0 then Exit Function - cec.GenKeyFlags = keyflags - CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2") - if len(CSR)<>0 then Exit Function - cec.GenKeyFlags = 0 - CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2") - End if -End Function - -Sub GenReq_OnClick - Dim TheForm - Set TheForm = Document.CertReqForm - err.clear - result = CSR(2) - if len(result)=0 Then - result = MsgBox("Unable to generate PKCS#10.", 0, "Alert") - Exit Sub - end if - TheForm.CSR.Value = result - TheForm.Submit - Exit Sub -End Sub - -GetProviderList() ---> -</script> -<? } else { ?> -<p> -<form method="post" action="account.php"> -<input type="hidden" name="keytype" value="NS"> -<?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>"> - -<input type="submit" name="submit" value="<?=_("Create Certificate Request")?>"> -<input type="hidden" name="oldid" value="<?=$id?>"> -</form> -</p> -<? } ?> +require_once($_SESSION['_config']['filepath'].'/includes/keygen.php'); diff --git a/pages/account/40.php b/pages/account/40.php index b1a7fdb..4877d79 100644 --- a/pages/account/40.php +++ b/pages/account/40.php @@ -65,21 +65,14 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s </form> <p><b><?=_("Security Issues")?></b></p> -<p><? sprintf(_("Please use any of the following ways to report security ". +<p><?=sprintf(_("Please use any of the following ways to report security ". "issues: You can use the above contact form for sensitive information. ". "You can email us to %s. You can file a bugreport on %s and mark it as ". "private."), "<a href='mailto:support@cacert.org'>support@cacert.org</a>", "<a href='https://bugs.cacert.org/'>bugs.cacert.org</a>")?></p> -<p><b><?=_("Snail Mail")?></b></p> -<p><?=_("Alternatively you can get in contact with us via the following methods:")?></p> -<p><?=_("Postal Address:")?><br> -CAcert Inc.<br> -P.O. Box 4107<br> -Denistone East NSW 2112<br> -Australia</p> <script type="text/javascript"> <!-- diff --git a/pages/account/43.php b/pages/account/43.php index 7bf6d04..c482cab 100644 --- a/pages/account/43.php +++ b/pages/account/43.php @@ -331,7 +331,66 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php"); <? } ?> </table> <br> -<? } ?> +<? } + +// +// Display account creation/activity information +// +$showactivity = isset($_REQUEST['showactivity']); +$activity_url = "/account.php?id=43&userid=$row[id]"; +if (!$showactivity) { + $activity_url .= "&showactivity"; +} + +?> +<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> + <tr> + <td colspan="2" class="title"> + <a href="<?= $activity_url ?>"><?=_("Account Activity")?></a> + </td> + </tr> + +<?php +if ($showactivity) { + $query = "select `created`, `modified` from `users` + where `id` = '".intval($row['id'])."' "; + $dres = mysql_query($query); + $drow = mysql_fetch_assoc($dres); + $created = $drow['created']; + + $modified = getdate(strtotime($drow['modified'])); + $now = getdate(); + // only a rough approximation + $days = ($now['year'] - $modified['year']) * 360; + $days += ($now['mon'] - $modified['mon']) * 30; + $days += $now['mday'] - $modified['mday']; + ?> + <tr> + <td class="DataTD"><?=_("Account created")?>:</td> + <td class="DataTD"><? echo $created ?></td> + </tr> + + <tr> + <td class="DataTD"><?=_("Last activity")?>:</td> + <td class="DataTD"><? + if ($days >= 2 * 360) { + echo _("before 2 years"); + } elseif ($days >= 360) { + echo _("before 1 year"); + } elseif ($days >= 6 * 30) { + echo _("within last 12 months"); + } elseif ($days >= 30) { + echo _("within last 6 months"); + } else { + echo _("within the last month"); + } ?></td> + </tr> <?php +} ?> + +</table> +<br> + + <? // Begin - Debug infos ?> <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <tr> @@ -485,6 +544,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php"); // End - Debug infos ?> + <table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> <tr> <td colspan="6" class="title"><?=_("Certificates")?></td> @@ -783,6 +843,7 @@ include_once($_SESSION['_config']['filepath']."/includes/notary.inc.php"); </table> <br> + <a href="account.php?id=43&userid=<?=$row['id']?>&shownotary=assuredto"><?=_("Show Assurances the user got")?></a> (<a href="account.php?id=43&userid=<?=$row['id']?>&shownotary=assuredto15"><?=_("New calculation")?></a>) <br /> diff --git a/pages/account/5.php b/pages/account/5.php index 5c131ba..539f237 100644 --- a/pages/account/5.php +++ b/pages/account/5.php @@ -25,7 +25,8 @@ <td class="DataTD"><?=_("Renew/Revoke/Delete")?></td> <td class="DataTD"><?=_("Status")?></td> <td class="DataTD"><?=_("Email Address")?></td> - <td class="DataTD"><?=_("SerialNumber")?></td> + <td class="DataTD"><?=_("SerialNumber")?></td> + <td class="DataTD"><?=_("Comment")?></td> <td class="DataTD"><?=_("Revoked")?></td> <td class="DataTD"><?=_("Expires")?></td> <td class="DataTD"><?=_("Login")?></td> @@ -40,8 +41,9 @@ `emailcerts`.`id`, `emailcerts`.`CN`, `emailcerts`.`serial`, - emailcerts.disablelogin as `disablelogin` - from `emailcerts` + emailcerts.disablelogin as `disablelogin`, + `emailcerts`.`description` + from `emailcerts` where `emailcerts`.`memid`='".$_SESSION['profile']['id']."' "; if($viewall != 1) @@ -86,7 +88,8 @@ <td class="DataTD"><?=$verified?></td> <td class="DataTD"><?=(trim($row['CN'])=="" ? _("empty") : $row['CN'])?></td> <? } ?> - <td class="DataTD"><?=$row['serial']?></td> + <td class="DataTD"><?=$row['serial']?></td> + <td class="DataTD"><?=$row['description']?></td> <td class="DataTD"><?=$row['revoke']?></td> <td class="DataTD"><?=$row['expires']?></td> <td class="DataTD"> diff --git a/pages/account/51.php b/pages/account/51.php deleted file mode 100644 index 7273840..0000000 --- a/pages/account/51.php +++ /dev/null @@ -1,34 +0,0 @@ -<? /* - LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ ?> -<? if($_SESSION['profile']['tverify'] <= 0) { echo _("You don't have access to this area."); } else { ?> -<? - $uid = intval($_GET['photoid']); - $query = "select * from `tverify` where `id`='$uid' and `modified`=0"; - $res = mysql_query($query); - if(mysql_num_rows($res) > 0) { ?> -<img src="account.php?id=51&photoid=<?=$uid ?>&img=show" border="0" width="800"> -<? } else { - $query = "select * from `tverify` where `id`='$uid' and `modified`=1"; - $res = mysql_query($query); - if(mysql_num_rows($res) > 0) - { - echo _("This UID has already been voted on."); - } else { - echo _("Unable to locate a valid request for that UID."); - } - } } ?> diff --git a/pages/account/52.php b/pages/account/52.php deleted file mode 100644 index 77a3bae..0000000 --- a/pages/account/52.php +++ /dev/null @@ -1,102 +0,0 @@ -<? /* - LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ ?> -<? if($_SESSION['profile']['tverify'] <= 0) { echo _("You don't have access to this area."); } else { ?> -<? - $uid = intval($_GET['uid']); - $query = "select * from `tverify` where `id`='$uid' and `modified`=0"; - $res = mysql_query($query); - if(mysql_num_rows($res) > 0) - { - $row = mysql_fetch_assoc($res); - $memid = intval($row['memid']); - - $query2 = "select * from `tverify-vote` where `tverify`='$uid' and `memid`='".intval($_SESSION['profile']['id'])."'"; - $rc2 = mysql_num_rows(mysql_query($query2)); - if($rc2 > 0) - { - showheader(_("My CAcert.org Account!")); - echo _("You have already voted on this request."); - showfooter(); - exit; - } - - $query = "select sum(`points`) as `points` from `notary` where `to`='$memid'"; - $notary = mysql_fetch_assoc(mysql_query($query)); - $query = "select * from `users` where `id`='$memid'"; - $user = mysql_fetch_assoc(mysql_query($query)); - $tobe = 50 - $notary['points']; - if($row['URL'] != '' && $row['photoid'] != '') - $tobe = 150 - $notary['points']; - else if($row['URL'] != '') - $tobe = 90 - $notary['points']; - if(intval($tobe) <= 0) - $tobe = 0; -?> -<?=_("Request Details")?>:<br> -<?=_("Name on file")?>: <?=$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']?><br> -<?=_("Primary email address")?>: <?=$user['email']." (".$user['id'].")"?><br> -<?=_("Certificate Subject")?>: <?=$row['CN']?><br> -<? if($row['URL'] != '') { ?><?=_("Notary URL")?>: <a href="<?=$row['URL']?>"><?=$row['URL']?></a><br><? } ?> -<? if($row['photoid'] != '') { ?><?=_("Photo ID URL")?>: <a href="/account.php?id=51&photoid=<?=intval($row['id'])?>"><?=_("Here")?></a><br><? } ?> -<?=_("Current Points")?>: <?=intval($notary['points'])?><br> -<?=_("Potential Points")?>: <?=intval($tobe)?><br> -<?=_("Date of Birth")?>: <?=$user['dob']?> (YYYY-MM-DD)<br> - -<br> -<form method="post" action="account.php"> -<?=_("Comment")?>: <input type="text" name="comment"><br> -<input type="submit" name="agree" value="<?=_("I agree with this Application")?>"> -<input type="submit" name="disagree" value="<?=_("I don't agree with this Application")?>"> -<input type="hidden" name="oldid" value="<?=intval($_GET['id'])?>"> -<input type="hidden" name="uid" value="<?=$uid?>"> -</form> -<? } else { - $query = "select * from `tverify` where `id`='$uid' and `modified`=1"; - $res = mysql_query($query); - if(mysql_num_rows($res) > 0) - { - echo _("This UID has already been voted on.")."<br/>"; - } else { - if($uid) echo _("Unable to locate a valid request for that UID.")."<br/>"; - } - - // Search for open requests: - $query = "select * from `tverify` where `modified`=0"; - $res = mysql_query($query); - if(mysql_num_rows($res) > 0) - { - echo "<br/>"._("The following requests are still open:")."<br/><ul>"; - while($row = mysql_fetch_assoc($res)) - { - $uid=intval($row['id']); - $query3 = "select * from `tverify-vote` where `tverify`='$uid' and `memid`='".intval($_SESSION['profile']['id'])."'"; - $rc3 = mysql_num_rows(mysql_query($query3)); - if($rc3 <= 0) - { - echo "<li><a href='account.php?id=52&uid=".intval($row['id'])."'>".intval($row['id'])."</a></li>\n"; - } - } - echo "</ul>\n<br>\n"; - } - else - { - echo "<br/>"._("There are no pending requests where you haven't voted yet."); - } - - - } } ?> diff --git a/pages/account/6.php b/pages/account/6.php index 38af8e8..90affac 100644 --- a/pages/account/6.php +++ b/pages/account/6.php @@ -14,46 +14,95 @@ You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ ?> -<? - $certid = 0; if(array_key_exists('cert',$_REQUEST)) $certid=intval($_REQUEST['cert']); - - $query = "select * from `emailcerts` where `id`='$certid' and `memid`='".intval($_SESSION['profile']['id'])."'"; - $res = mysql_query($query); - if(mysql_num_rows($res) <= 0) - { - showheader(_("My CAcert.org Account!")); - echo _("No such certificate attached to your account."); - showfooter(); +*/ + +// Get certificate information +$certid = 0; +if(array_key_exists('cert',$_REQUEST)) { + $certid = intval($_REQUEST['cert']); +} + +$query = "select * from `emailcerts` + where `id`='$certid' + and `memid`='".intval($_SESSION['profile']['id'])."'"; +$res = mysql_query($query); +if(mysql_num_rows($res) <= 0) { + showheader(_("My CAcert.org Account!")); + echo _("No such certificate attached to your account."); + showfooter(); + exit; +} +$row = mysql_fetch_assoc($res); + + +if (array_key_exists('format', $_REQUEST)) { + // Which output format? + if ($_REQUEST['format'] === 'der') { + $outform = '-outform DER'; + $extension = 'cer'; + } else { + $outform = '-outform PEM'; + $extension = 'crt'; + } + + $crtname=escapeshellarg($row['crt_name']); + $cert = `/usr/bin/openssl x509 -in $crtname $outform`; + + header("Content-Type: application/pkix-cert"); + header("Content-Length: ".strlen($cert)); + + $fname = sanitizeFilename($row['CN']); + if ($fname=="") $fname="certificate"; + header("Content-Disposition: attachment; filename=\"${fname}.${extension}\""); + + echo $cert; + exit; + +} elseif (array_key_exists('install', $_REQUEST)) { + if (array_key_exists('HTTP_USER_AGENT',$_SERVER) && + strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { + + // Handle IE + + //TODO + + } else { + // All other browsers + $crtname=escapeshellarg($row['crt_name']); + $cert = `/usr/bin/openssl x509 -in $crtname -outform DER`; + + header("Content-Type: application/x-x509-user-cert"); + header("Content-Length: ".strlen($cert)); + + $fname = sanitizeFilename($row['CN']); + if ($fname=="") $fname="certificate"; + header("Content-Disposition: inline; filename=\"${fname}.cer\""); + + echo $cert; exit; } - $row = mysql_fetch_assoc($res); +} else { + + showheader(_("My CAcert.org Account!")); + echo "<h3>"._("Install your certificate")."</h3>\n"; + + echo "<p><a href='account.php?id=6&cert=$certid&install'>". + _("Install the certificate into your browser"). + "</a></p>\n"; + + echo "<p><a href='account.php?id=6&cert=$certid&format=pem'>". + _("Download the certificate in PEM format")."</a></p>\n"; + + echo "<p><a href='account.php?id=6&cert=$certid&format=der'>". + _("Download the certificate in DER format")."</a></p>\n"; + + showfooter(); + exit; +} - $crtname=escapeshellarg($row['crt_name']); - $cert = `/usr/bin/openssl x509 -in $crtname`; - if($row['keytype'] == "NS") - { - if(array_key_exists('install',$_REQUEST) && $_REQUEST['install'] == 1) - { - header("Content-Type: application/x-x509-user-cert"); - header("Content-Length: ".strlen($cert)); - $fname=sanitizeFilename($row['CN']); - if($fname=="") $fname="certificate"; - header('Content-Disposition: inline; filename="'.$fname.'.crt"'); - echo $cert; - exit; - } else { - showheader(_("My CAcert.org Account!")); - echo "<h3>"._("Installing your certificate")."</h3>\n"; - echo "<p>"._("You are about to install a certificate, if you are using mozilla/netscape based browsers you will not be informed that the certificate was installed successfully, you can go into the options dialog box, security and manage certificates to view if it was installed correctly however.")."</p>\n"; - echo "<p><a href='account.php?id=6&cert=$certid&install=1'>"._("Click here")."</a> "._("to install your certificate.")."</p>\n"; - showfooter(); - exit; - } - } else { - showheader(_("My CAcert.org Account!")); ?> +<!-- to be converted to JavaScript --> <h3><?=_("Installing your certificate")?></h3> <p><?=_("Hit the 'Install your Certificate' button below to install the certificate into MS IE 5.x and above.")?> @@ -125,12 +174,3 @@ End Sub </SCRIPT> -<p><?=_("Your certificate:")?></p> -<pre><?=$cert?></pre> -<? - - showfooter(); - exit; - } -?> - diff --git a/pages/account/60.php b/pages/account/60.php new file mode 100644 index 0000000..3c2cb79 --- /dev/null +++ b/pages/account/60.php @@ -0,0 +1,142 @@ +<? /* + LibreSSL - CAcert web application + Copyright (C) 2004-2008 CAcert Inc. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA +*/ ?> +<? +/* + $query = "select * from `orgdomains` where `id`='".intval($_REQUEST['orgid'])."'"; + $row = mysql_fetch_assoc(mysql_query($query)); + $query = "select * from `orginfo` where `id`='".intval($_REQUEST['orgid'])."'"; + $org = mysql_fetch_assoc(mysql_query($query)); + $query = "select * from `users` where `id`='".intval($_REQUEST['memid'])."'"; + $user = mysql_fetch_assoc(mysql_query($query)); + + $_SESSION['_config']['domain'] = $row['domain']; + */ + + + $delcount = 0; + if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid'])) + { + + +/* + foreach($_REQUEST['delid'] as $id) + { + $id = intval($id); + $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and + `email`!='".$_SESSION['profile']['email']."'"; + $res = mysql_query($query); + if(mysql_num_rows($res) > 0) + { + $row = mysql_fetch_assoc($res); + echo $row['email']."<br>\n"; + */ +/* + $query = "select `emailcerts`.`id` + from `emaillink`,`emailcerts` where + `emailid`='$id' and `emaillink`.`emailcertsid`=`emailcerts`.`id` and + `revoked`=0 and UNIX_TIMESTAMP(`expire`)-UNIX_TIMESTAMP() > 0 + group by `emailcerts`.`id`"; + $dres = mysql_query($query); + while($drow = mysql_fetch_assoc($dres)) + mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$drow['id']."'"); + + $query = "update `email` set `deleted`=NOW() where `id`='$id'"; + mysql_query($query); + */ +/* $delcount++; + } + } */ + +?> + +<form method="post" action="account.php"> +<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> + <tr> + <td colspan="4" class="title"><?=_("Delete User Account Email(s)")?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Default")?></td> + <td class="DataTD"><?=_("Status")?></td> + <td class="DataTD"><?=_("Delete")?></td> + <td class="DataTD"><?=_("Address")?></td> + </tr> +<? +// $query = "select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0"; +// $res = mysql_query($query); +// while($row = mysql_fetch_assoc($res)) + foreach($_REQUEST['delid'] as $did) + { + $did = intval($did); + $query = "select * from `email` where `id`='$did' and `memid`='".intval($_SESSION['profile']['id'])."' and + `email`!='".$_SESSION['profile']['email']."'"; + $res = mysql_query($query); + if(mysql_num_rows($res) > 0) + { + $row = mysql_fetch_assoc($res); +// echo $row['email']."<br>\n"; + + { + if($row['hash'] == "") + $verified = _("Verified"); + else + $verified = _("Unverified"); +?> + <tr> + <td class="DataTD"> </td> + <td class="DataTD"><?=$verified?></td> + <td class="DataTD"><input type="hidden" name="delid[]" value="<?=$row['id']?>"><b>X</b></td> + <td class="DataTD"><?=sanitizeHTML($row['email'])?></td> + </tr> +<? } + } + } + ?> + <!-- tr> + <td class="DataTD" colspan="2"><input type="submit" name="makedefault" value="<?=_("Make Default")?>"></td> + <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Delete")?>"></td> + </tr --> + <tr> + <td class="DataTD" colspan="4"><span style="color:red;"><? printf(_("Are you really sure you want to remove above listed emails from your account?")); ?></span></td> + </tr> + <tr> + <td class="DataTD" colspan="4"><span style="color:red;"><? printf(_("This revokes also all client certificates for above listed email addresses.")); ?></span></td> + </tr> + + <tr> + <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Cancel")?>"></td> + <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Delete")?>"></td> + </tr> + +</table> +<input type="hidden" name="oldid" value="<?=$id?>"> +<input type="hidden" name="csrf" value="<?=make_csrf('chgdefcnfd')?>" /> +</form> +<p> +<?=_("Please Note: You can not set an unverified email as a default email, and you can not remove a default email. To remove the default email you must set another verified email as the default.")?> +</p> +<? + } else { + echo _("You did not select any email accounts for removal."); + echo _("You failed to select any email addresses to be removed, or you attempted to remove the default email address. No action was taken."); + $oldid = 0; + $id = 0; + showfooter(); + exit; + + } +?> diff --git a/pages/gpg/0.php b/pages/gpg/0.php index ce3b72a..319c2f9 100644 --- a/pages/gpg/0.php +++ b/pages/gpg/0.php @@ -19,6 +19,8 @@ ?> <p><?=_("Paste your own public OpenPGP key below. It should not contain a picture. CAcert will sign your key after submission.")?></p> <form method="post" action="gpg.php"> +<p> <?=_("Optional comment, only used in the certifictate overview")?><br> + <input type="text" name="description" maxlength="80" size=80></p> <textarea name="CSR" cols="80" rows="15"><?=array_key_exists('CSR',$_POST)?strip_tags($_POST['CSR']):""?></textarea><br> <input type="submit" name="process" value="<?=_("Submit")?>"> <input type="hidden" name="oldid" value="<?=$id?>"> diff --git a/pages/gpg/2.php b/pages/gpg/2.php index e10935e..fd26367 100644 --- a/pages/gpg/2.php +++ b/pages/gpg/2.php @@ -24,13 +24,13 @@ <td class="DataTD"><?=_("Email Address")?></td> <td class="DataTD"><?=_("Expires")?></td> <td class="DataTD"><?=_("Key ID")?></td> - + <td class="DataTD"><?=_("Comment")?></td> <? $query = "select UNIX_TIMESTAMP(`issued`) as `issued`, UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() as `timeleft`, UNIX_TIMESTAMP(`expire`) as `expired`, `expire` as `expires`, `id`, `level`, - `email`,`keyid` from `gpg` where `memid`='".intval($_SESSION['profile']['id'])."' + `email`,`keyid`,`description` from `gpg` where `memid`='".intval($_SESSION['profile']['id'])."' ORDER BY `issued` desc"; $res = mysql_query($query); if(mysql_num_rows($res) <= 0) @@ -62,7 +62,7 @@ <? } ?> <td class="DataTD"><?=$row['expires']?></td> <td class="DataTD"><a href="gpg.php?id=3&cert=<?=$row['id']?>"><?=$row['keyid']?></a></td> - + <td class="DataTD"><?=$row['description']?></td> </tr> <? } ?> <? } ?> diff --git a/pages/index/11.php b/pages/index/11.php index 60c8941..01eca3a 100644 --- a/pages/index/11.php +++ b/pages/index/11.php @@ -65,16 +65,7 @@ if(!array_key_exists('secrethash',$_SESSION['_config'])) $_SESSION['_config']['s </form> <p><b><?=_("Security Issues")?></b></p> -<p><?=_("Please use any of the following ways to report security issues: You can use the above contact form for sensitive information. You can email us to support@cacert.org. You can file a bugreport on <a href='https://bugs.cacert.org/'>bugs.cacert.org</a> and mark it as private.")?></p> - -<p><b><?=_("Snail Mail")?></b></p> -<p><?=_("Alternatively you can get in contact with us via the following methods:")?></p> - -<p><?=_("Postal Address:")?><br> -CAcert Inc.<br> -P.O. Box 4107<br> -Denistone East NSW 2112<br> -Australia</p> +<p><?=sprintf(_("Please use any of the following ways to report security issues: You can use the above contact form for sensitive information. You can email us to support@cacert.org. You can file a bugreport on %s and mark it as private."),"<a href='https://bugs.cacert.org/'>bugs.cacert.org</a>")?></p> <script type="text/javascript"> <!-- diff --git a/pages/index/feed.rss b/pages/index/feed.rss new file mode 100644 index 0000000..eb62c13 --- /dev/null +++ b/pages/index/feed.rss @@ -0,0 +1,69 @@ +<?xml version="1.0" encoding="UTF-8"?><!-- generator="WordPress/2.5.1" --> +<rss version="0.92"> +<channel> + <title>CAcert NEWS Blog</title> + <link>http://blog.cacert.org</link> + <description>CAcert NEWS and up coming events.</description> + <lastBuildDate>Fri, 20 Aug 2010 11:54:30 +0000</lastBuildDate> + <docs>http://backend.userland.com/rss092</docs> + <language>en</language> + + <item> + <title>Looking for confirmation email on creating account?</title> + <description>Please go to https://ca-mgr1.it-sls.de/login login with your just created account and password. +Under MAIL you'll find your individual confirmation email.</description> + <link>https://ca-mgr1.it-sls.de/testsystemdoc.html</link> + </item> + <item> + <title>You are interested in helping Testing ?</title> + <description>Create your test account on the Testserver. Beware of the confirmation email (see above) Entry page for Testers: https://wiki.cacert.org/Software/CurrentTest. Please contact Ulrich becoming a Testteam member.</description> + <link>https://wiki.cacert.org/Software/CurrentTest</link> + </item> + <item> + <title>Dear Testers</title> + <description>We had one work with no activity on the testserver +caused by inactivity by the Software-Assessment +team, caused by router problems at the hosting +site of the testserver. +Probably latter has been fixed. + +The reported bugs can be categorized into +1. Testserver-Mgmt-System related +2. Production Server recovery process to Testserver + and +3. general software errors + +Group 1+2 are essential for our current test phase, +as they covers the problems in building the +base testserver environment that is needed for +testing. + +So language and country selection support is +an essential feature we've worked on the +last week. + +One problem couldn't be solved till today: +secondary language selection +all other country and language related bugs +should be fixed in the meantime. + +Also the Show my Points details now +has the correct script (after some +confusion in the Software-Assessment team +and one developer), comparable to the +script on the production website. + +On the main entry page for testers +https://wiki.cacert.org/Software/CurrentTest +the updates on the bugs are marked with (i) +so here comes the 2nd test round ... + +Please report your found bugs and also success +reports to the listed bug numbers + +Thanks for your assistance .... ;) +</description> + <link>https://cacert1.it-sls.de/</link> + </item> +</channel> +</rss> diff --git a/pages/wot/1.php b/pages/wot/1.php index a45b5df..fa391a0 100644 --- a/pages/wot/1.php +++ b/pages/wot/1.php @@ -109,7 +109,7 @@ <? while($row = mysql_fetch_assoc($list)) { ?> <tr> <td class="DataTD" width="100"><nobr><?=$row['fname']?> <?=substr($row['lname'], 0, 1)?></nobr></td> - <td class="DataTD"><?=maxpoints($row['id'])?></td> + <td class="DataTD"><?=max_points($row['id'])?></td> <td class="DataTD"><?=$row['contactinfo']?></td> <td class="DataTD"><a href="wot.php?id=9&userid=<?=intval($row['id'])?>"><?=_("Email Me")?></a></td> <td class="DataTD"><?=$row['assurer']?_("Yes"):("<font color=\"#ff0000\">"._("Not yet!")."</font>")?></td> diff --git a/pages/wot/12.php b/pages/wot/12.php index a0bbf50..85d986b 100644 --- a/pages/wot/12.php +++ b/pages/wot/12.php @@ -119,9 +119,7 @@ document.f.location.focus(); </tr> <? while($row = mysql_fetch_assoc($res)) { - $points = maxpoints($row['uid']); - if($points > 35) - $points = 35; + $points = max_points($row['uid']); ?> <tr> <td class="DataTD" width="100"><nobr><?=$row['name']?></nobr></td> diff --git a/pages/wot/15.php b/pages/wot/15.php index 8579588..0ad7fa2 100644 --- a/pages/wot/15.php +++ b/pages/wot/15.php @@ -16,8 +16,6 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ - include_once($_SESSION['_config']['filepath']."/includes/wot.inc.php"); - $userid = intval($_SESSION['profile']['id']); output_ranking($userid); diff --git a/pages/wot/6.php b/pages/wot/6.php index 28c1875..a27fccd 100644 --- a/pages/wot/6.php +++ b/pages/wot/6.php @@ -40,19 +40,17 @@ $name = $fname." ".$mname." ".$lname." ".$suffix; $_SESSION['_config']['wothash'] = md5($name."-".$dob); - include_once($_SESSION['_config']['filepath']."/includes/wot.inc.php"); - AssureHead(_("Assurance Confirmation"),sprintf(_("Please check the following details match against what you witnessed when you met %s in person. You MUST NOT proceed unless you are sure the details are correct. You may be held responsible by the CAcert Arbitrator for any issues with this Assurance."), $fname)); AssureTextLine(_("Name"),$name); AssureTextLine(_("Date of Birth"),$dob." ("._("YYYY-MM-DD").")"); AssureBoxLine("certify",sprintf(_("I certify that %s %s %s has appeared in person"), $fname, $mname, $lname),array_key_exists('certify',$_POST) && $_POST['certify'] == 1); AssureInboxLine("location",_("Location"),array_key_exists('location',$_SESSION['_config'])?$_SESSION['_config']['location']:"",""); AssureInboxLine("date",_("Date"),array_key_exists('date',$_SESSION['_config'])?$_SESSION['_config']['date']:date("Y-m-d"),"<br/>"._("Please adjust the date if you assured the person on a different day")); - AssureMethodLine(_("Method"),$methods,_("Only tick the next box if the Assurance was face to face.")); + AssureMethodLine(_("Method"),$methods,""); AssureBoxLine("assertion",_("I believe that the assertion of identity I am making is correct, complete and verifiable. I have seen original documentation attesting to this identity. I accept that the CAcert Arbitrator may call upon me to provide evidence in any dispute, and I may be held responsible."),array_key_exists('assertion',$_POST) && $_POST['assertion'] == 1); AssureBoxLine("rules",_("I have read and understood the Assurance Policy and the Assurance Handbook and am making this Assurance subject to and in compliance with the policy and handbook."),array_key_exists('rules',$_POST) && $_POST['rules'] == 1); AssureTextLine(_("Policy"),"<a href=\"/policy/AssurancePolicy.php\" target=\"_blank\">"._("Assurance Policy")."</a> - <a href=\"http://wiki.cacert.org/AssuranceHandbook2\" target=\"_blank\">"._("Assurance Handbook")."</a>"); - AssureInboxLine("points",_("Points"),"","<br />(Max. ".maxpoints().")"); + AssureInboxLine("points",_("Points"),"","<br />(Max. ".max_points($_SESSION['profile']['id']).")"); AssureCCABoxLine("CCAAgreed",sprintf(_("Check this box only if %s agreed to the <a href=\"/policy/CAcertCommunityAgreement.php\">CAcert Community Agreement</a>"),$fname)); AssureCCABoxLine("CCAAgree",_("Check this box only if YOU agree to the <a href=\"/policy/CAcertCommunityAgreement.php\">CAcert Community Agreement</a>")); AssureFoot($id,_("I confirm this Assurance")); diff --git a/scripts/cron/refresh_stats.php b/scripts/cron/refresh_stats.php new file mode 100755 index 0000000..2a3d2b5 --- /dev/null +++ b/scripts/cron/refresh_stats.php @@ -0,0 +1,307 @@ +#!/usr/bin/php -q +<?php +/* +LibreSSL - CAcert web application +Copyright (C) 2004-2012 CAcert Inc. + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; version 2 of the License. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA +*/ + +require_once(dirname(__FILE__).'/../../includes/mysql.php'); + +/** + * Wrapper around mysql_query() to provide some error handling. Prints an error + * message and dies if query fails + * + * @param string $sql + * the SQL statement to execute + * @return resource|boolean + * the MySQL result set + */ +function sql_query($sql) { + $res = mysql_query($sql); + if (!$res) { + fwrite(STDERR, "MySQL query failed:\n\"$sql\"\n".mysql_error()); + die(1); + } + + return $res; +} + +function tc($sql) { + $row = mysql_fetch_assoc(sql_query($sql)); + return(intval($row['count'])); +} + +/** +* writes new data to cache, create cache or update existing cache, set current +* time stamp +* @return boolean +*/ +function updateCache($stats) { + $timestamp = time(); + $sql = "insert into `statscache` (`timestamp`, `cache`) values + ('$timestamp', '".mysql_real_escape_string(serialize($stats))."')"; + sql_query($sql); + + // Make sure the new statistic was inserted successfully + $res = sql_query( + "select 1 from `statscache` where `timestamp` = '$timestamp'"); + if (mysql_num_rows($res) !== 1) { + fwrite(STDERR, "Error on inserting the new statistic"); + return false; + } + + sql_query("delete from `statscache` where `timestamp` != '$timestamp'"); + return true; +} + +/** +* get statistics data from live tables, takes a long time so please try to use the +* cache +* @return array +*/ +function getDataFromLive() { + echo "Calculating current statistics\n"; + + $stats = array(); + $stats['verified_users'] = number_format(tc( + "select count(*) as `count` from `users` + where `verified` = 1 + and `deleted` = 0 + and `locked` = 0")); + + $stats['verified_emails'] = number_format(tc( + "select count(*) as `count` from `email` + where `hash` = '' and `deleted` = 0")); + + $stats['verified_domains'] = number_format(tc( + "select count(*) as `count` from `domains` + where `hash` = '' and `deleted` = 0")); + + $certs = tc("select count(*) as `count` from `domaincerts` + where `expire` != 0"); + $certs += tc("select count(*) as `count` from `emailcerts` + where `expire` != 0"); + $certs += tc("select count(*) as `count` from `gpg` + where `expire` != 0"); + $certs += tc("select count(*) as `count` from `orgdomaincerts` + where `expire` != 0"); + $certs += tc("select count(*) as `count` from `orgemailcerts` + where `expire` != 0"); + $stats['verified_certificates'] = number_format($certs); + + $certs = tc("select count(*) as `count` from `domaincerts` + where `revoked` = 0 and `expire` > NOW()"); + $certs += tc("select count(*) as `count` from `emailcerts` + where `revoked` = 0 and `expire` > NOW()"); + $certs += tc("select count(*) as `count` from `gpg` + where `expire` > NOW()"); + $certs += tc("select count(*) as `count` from `orgdomaincerts` + where `revoked` = 0 and `expire` > NOW()"); + $certs += tc("select count(*) as `count` from `orgemailcerts` + where `revoked` = 0 and `expire` > NOW()"); + $stats['valid_certificates'] = number_format($certs); + + $stats['assurances_made'] = number_format(tc( + "select count(*) as `count` from `notary` + where `method` = '' or `method` = 'Face to Face Meeting'")); + + $stats['users_1to49'] = number_format(tc( + "select count(*) as `count` from ( + select 1 from `notary` + where `deleted` = 0 + group by `to` + having sum(`points`) > 0 and sum(`points`) < 50 + ) as `low_points`")); + + $stats['users_50to99'] = number_format(tc( + "select count(*) as `count` from ( + select 1 from `notary` + where `deleted` = 0 + group by `to` + having sum(`points`) >= 50 and sum(`points`) < 100 + ) as `high_points`")); + + $stats['assurer_candidates'] = number_format(tc( + "select count(*) as `count` from `users` + where ( + select sum(`points`) from `notary` + where `to`=`users`.`id` + and `deleted` = 0 + ) >= 100 + and not exists( + select 1 from `cats_passed` as `cp`, `cats_variant` as `cv` + where `cp`.`user_id`=`users`.`id` + and `cp`.`variant_id`=`cv`.`id` + and `cv`.`type_id`=1 + )" + )); + + $stats['aussurers_with_test'] = number_format(tc( + "select count(*) as `count` from `users` + where ( + select sum(`points`) from `notary` + where `to`=`users`.`id` + and `deleted` = 0 + ) >= 100 + and exists( + select 1 from `cats_passed` as `cp`, `cats_variant` as `cv` + where `cp`.`user_id`=`users`.`id` + and `cp`.`variant_id`=`cv`.`id` + and `cv`.`type_id`=1 + )" + )); + + $stats['points_issued'] = number_format(tc( + "select sum(greatest(`points`, `awarded`)) as `count` from `notary` + where `deleted` = 0 + and `method` = 'Face to Face Meeting'")); + + $totalusers=0; + $totassurers=0; + $totalcerts=0; + for($i = 0; $i < 12; $i++) { + $first_ts = mktime(0, 0, 0, date("m") - $i, 1, date("Y")); + $next_month_ts = mktime(0, 0, 0, date("m") - $i + 1, 1, date("Y")); + $first = date("Y-m-d", $first_ts); + $next_month = date("Y-m-d", $next_month_ts); + + echo "Calculating statistics for month $first\n"; + + $totalusers += $users = tc( + "select count(*) as `count` from `users` + where `created` >= '$first' and `created` < '$next_month' + and `verified` = 1 + and `deleted` = 0 + and `locked` = 0"); + + $totassurers += $assurers = tc( + "select count(*) as `count` from ( + select 1 from `notary` + where `when` >= '$first' and `when` < '$next_month' + and `method`!='Administrative Increase' + and `deleted` = 0 + group by `to` having sum(`points`) >= 100 + ) as `assurer_candidates`"); + + $certs = tc( + "select count(*) as `count` from `domaincerts` + where `created` >= '$first' and `created` < '$next_month' + and `expire` != 0"); + $certs += tc( + "select count(*) as `count` from `emailcerts` + where `created` >= '$first' and `created` < '$next_month' + and `expire` != 0"); + $certs += tc( + "select count(*) as `count` from `gpg` + where `issued` >= '$first' and `issued` < '$next_month' + and `expire` != 0"); + $certs += tc( + "select count(*) as `count` from `orgdomaincerts` + where `created` >= '$first' and `created` < '$next_month' + and `expire` != 0"); + $certs += tc( + "select count(*) as `count` from `orgemailcerts` + where `created` >= '$first' and `created` < '$next_month' + and `expire` != 0"); + $totalcerts += $certs; + + $tmp_arr = array(); + $tmp_arr['date'] = date("Y-m", $first_ts); + $tmp_arr['new_users'] = number_format($users); + $tmp_arr['new_assurers'] = number_format($assurers); + $tmp_arr['new_certificates'] = number_format($certs); + + $stats['growth_last_12m'][] = $tmp_arr; + } + $stats['growth_last_12m_total'] = array( + 'new_users' => number_format($totalusers), + 'new_assurers' => number_format($totassurers), + 'new_certificates' => number_format($totalcerts), + ); + + $totalcerts = 0; + $totalusers = 0; + $totassurers = 0; + for($i = date("Y"); $i >= 2002; $i--) { + $first_ts = mktime(0, 0, 0, 1, 1, $i); + $next_year_ts = mktime(0, 0, 0, 1, 1, $i + 1); + $first = date("Y-m-d", $first_ts); + $next_year = date("Y-m-d", $next_year_ts); + + echo "Calculating statistics for year $i\n"; + + $totalusers += $users = tc( + "select count(*) as `count` from `users` + where `created` >= '$first' and `created` < '$next_year' + and `verified` = 1 + and `deleted` = 0 + and `locked` = 0"); + + $totassurers += $assurers = tc( + "select count(*) as `count` from ( + select 1 from `notary` + where `when` >= '$first' and `when` < '$next_year' + and `method`!='Administrative Increase' + and `deleted` = 0 + group by `to` having sum(`points`) >= 100 + ) as `assurer_candidates`"); + + $certs = tc( + "select count(*) as `count` from `domaincerts` + where `created` >= '$first' and `created` < '$next_year' + and `expire` != 0"); + $certs += tc( + "select count(*) as `count` from `emailcerts` + where `created` >= '$first' and `created` < '$next_year' + and `expire` != 0"); + $certs += tc( + "select count(*) as `count` from `gpg` + where `issued` >= '$first' and `issued` < '$next_year' + and `expire` != 0"); + $certs += tc( + "select count(*) as `count` from `orgdomaincerts` + where `created` >= '$first' and `created` < '$next_year' + and `expire` != 0"); + $certs += tc( + "select count(*) as `count` from `orgemailcerts` + where `created` >= '$first' and `created` < '$next_year' + and `expire` != 0"); + $totalcerts += $certs; + + $tmp_arr = array(); + $tmp_arr['date'] = $i; + $tmp_arr['new_users'] = number_format($users); + $tmp_arr['new_assurers'] = number_format($assurers); + $tmp_arr['new_certificates'] = number_format($certs); + + $stats['growth_last_years'][] = $tmp_arr; + } + $stats['growth_last_years_total'] = array( + 'new_users' => number_format($totalusers), + 'new_assurers' => number_format($totassurers), + 'new_certificates' => number_format($totalcerts), + ); + + return $stats; +} + + +$stats = getDataFromLive(); +if (! updateCache($stats) ) { + fwrite(STDERR, + "An error occured. The statistics were not successfully updated!"); + die(1); +} diff --git a/tverify/.htaccess b/tverify/.htaccess deleted file mode 100644 index bb5fe0e..0000000 --- a/tverify/.htaccess +++ /dev/null @@ -1,5 +0,0 @@ -php_value auto_prepend_file /www/includes/general.php -php_value output_buffering 1 -errordocument 404 /error404.php -errordocument 403 /error403.php -errordocument 401 /error401.php diff --git a/tverify/favicon.ico b/tverify/favicon.ico Binary files differdeleted file mode 100644 index 3c9c9c2..0000000 --- a/tverify/favicon.ico +++ /dev/null diff --git a/tverify/index.php b/tverify/index.php deleted file mode 100644 index 8976341..0000000 --- a/tverify/index.php +++ /dev/null @@ -1,163 +0,0 @@ -<? /* - LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ ?> -<? -// phpinfo(); exit; - include_once("../includes/general.php"); - loadem("tverify"); - - $id = intval($_GET['id']); - if(intval($_REQUEST['id']) > 0) - $id = intval($_REQUEST['id']); - - if($id == 1) - { - $nofile = 1; - $filename = ""; - $photoid = $_FILES['photoid']; - if($photoid['error'] == 0 && $_REQUEST["notaryURL"] != "") - { - $filename = $photoid['tmp_name']; - $do = trim(`file -b -i $filename`); - $type = strtolower($do); - switch($type) - { - case 'image/gif': $ext = "gif"; $nofile = 0; break; - case 'image/jpeg': $ext = "jpg"; $nofile = 0; break; - case 'image/jpg': $ext = "jpg"; $nofile = 0; break; - case 'image/png': $ext = "png"; $nofile = 0; break; - default: - $id = 0; - $_SESSION['_config']['errmsg'] = _("Only jpg, gif and png file types are acceptable, your browser sent a file of type: ").$type; - } - } - } - - if($id == 1) - { - $email = mysql_escape_string(trim($_REQUEST["email"])); - $password = mysql_escape_string(stripslashes(trim($_REQUEST["pword"]))); - $URL = mysql_escape_string(trim($_REQUEST["notaryURL"])); - $CN = mysql_escape_string($_SESSION['_config']['CN']); - $memid = intval($_SESSION['_config']['uid']); - $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$memid'")); - $tmp = mysql_fetch_assoc(mysql_query("select sum(`points`) as `points` from `notary` where `to`='$memid'")); - - if($URL != "" && $nofile == 0) - $max = 150; - else if($URL != "") - $max = 90; - else - $max = 50; - - if($URL != "") - if(!preg_match("/^https:\/\/www\.thawte\.com\/cgi\/personal\/wot\/directory\.exe\?(.*?&)?node=\d+(&.*)?$/",$URL)) - { - showheader(_("Thawte Points Transfer")); - echo _("You failed to enter a valid Thawte Notary URL."); - showfooter(); - exit; - } - - if($tmp['points'] >= $max) - { - showheader(_("Thawte Points Transfer")); - echo _("Your request would not gain you any more points and will not be taken any further."). - sprintf(_("You have %s points already and you would have been issued up to %s points."), $tmp['points'], $max); - showfooter(); - exit; - } - - } - - if($id == 1) - { - $query = "select * from `users`,`email` where `email`.`memid`='$memid' and `email`.`email`='$email' and `users`.`id`=`email`.`memid` and - (`password`=old_password('$password') or `password`=sha1('$password') or `password`=password('$password'))"; - if(mysql_num_rows(mysql_query($query)) <= 0) - { - $_SESSION['_config']['errmsg'] = _("I'm sorry, I couldn't match your login details (password) to your certificate to an account on this system."); - $id = 0; - } else { - $query = "insert into `tverify` set `memid`='$memid', `URL`='$URL', `CN`='$CN', `created`=NOW()"; - mysql_query($query); - $tverify = mysql_insert_id(); - if($nofile == 0) - { - $filename = $photoid['tmp_name']; - $newfile = mysql_escape_string('/www/photoid/'.$tverify.".".$ext); - move_uploaded_file($filename, $newfile); - $query = "update `tverify` set `photoid`='$newfile' where `id`='$tverify'"; - mysql_query($query); - } - } - } - - if($id == 1) - { - $points = 0; - if($URL != "" && $newfile != "") - $points = 150 - intval($tmp['points']); - else if($URL != "") - $points = 90 - intval($tmp['points']); - else - $points = 50 - intval($tmp['points']); - - if($points < 0) - $points = 0; - } - - if($id == 1 && $max == 50) - { - if($points > 0) - { - mysql_query("insert into `notary` set `from`='0', `to`='$memid', `points`='$points', - `method`='Thawte Points Transfer', `when`=NOW()"); - fix_assurer_flag($memid); - } - $totalpoints = intval($tmp['points']) + $points; - mysql_query("update `tverify` set `modified`=NOW() where `id`='$tverify'"); - - $body = _("Your request to have points transfered was sucessful. You were issued $points points as a result, and you now have $totalpoints in total")."\n\n"; - - $body .= _("Best regards")."\n"; - $body .= _("CAcert Support Team"); - sendmail($user['email'], "[CAcert.org] Thawte Notary Points Transfer", $body, "website-form@cacert.org", "returns@cacert.org", "", "CAcert Tverify"); - } else if($id == 1) { - $body = "There is a new valid request for thawte points tranfer, details as follows:\n\n"; - $body .= "To vote on this application, go to: https://www.cacert.org/account.php?id=52&uid=$tverify\n\n"; - $body .= "Or use the certificate login: https://secure.cacert.org/account.php?id=52&uid=$tverify\n\n"; - - $body .= "We know that by signing into https://tverify.cacert.org that\n"; - $body .= "1. they have possession of a cert issued from Thawte\n"; - $body .= "2. the person named in the cert has been verified by Thawte's Web of Trust\n"; - $body .= "3. at least 1 of the emails listed as valid in that cert belongs to a\n"; - $body .= "CAcert.org user\n\n"; - $body .= "It's up to us as voting members to verify the details that can't be\n"; - $body .= "programatically handled, that means checking the ID, and signing into\n"; - $body .= "the Thawte site and validating their name is listed as a notary.\n\n"; - - $body .= "Best regards"."\n"; - $body .= "CAcert Support Team"; - - sendmail("cacert-tverify@lists.cacert.org", "[CAcert.org] Thawte Notary Points Transfer", $body, "website-form@cacert.org", "returns@cacert.org", "", "CAcert Tverify"); - } - - showheader(_("Thawte Points Transfer")); - includeit($id, "tverify"); - showfooter(); -?> diff --git a/tverify/index/0.php b/tverify/index/0.php deleted file mode 100644 index 2264bab..0000000 --- a/tverify/index/0.php +++ /dev/null @@ -1,149 +0,0 @@ -<? /* - LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ - $continue = 1; - //Checking for Thawte Freemail members, who aren´t notaries - if($_SERVER['SSL_CLIENT_S_DN_CN'] == 'Thawte Freemail Member') - { - $continue = 0; - echo _("I wasn't able to locate your name on your certificate, as such you can't continue with this process."); - } - - //Extracting the Email address from the certificate that is presented, looking up the email in the database to find the user that has registered it. - if($continue == 1) - { - $addy = array(); - $emails = explode("/", trim($_SERVER['SSL_CLIENT_S_DN'])); - foreach($emails as $email) - { - $bits = explode("=", $email); - if($bits['0'] == "emailAddress") - { - $query = "select * from `email` where `email`='".$bits['1']."' and `deleted`=0 and hash=''"; - $account = mysql_query($query); - if(mysql_num_rows($account)) - $addy[] = $bits['1']; - } - } - } - - //Verifying that we found a record with that email address - if(count($addy) <= 0 && $continue == 1) - { - $continue = 0; - echo _("I wasn't able to match any email accounts on your certificate to any accounts in our database, as such I can't continue with this process."); - } - - //If we found one, we extract the member-id from the sql result of the query we did above, and fetch the name of that user - if($continue == 1) - { - $row = mysql_fetch_assoc($account); - $memid = $row['memid']; - - - //Fetching the name of the user we have in the database: - $query = "select `fname`, `mname`, `lname`, `suffix` from `users` where `id`='$memid' and `deleted`=0"; - $res = mysql_query($query); - $row = mysql_fetch_assoc($res); - - //Building the user´s name, and ignoring punctuation - $cacert_name=$row['fname']." ".$row['mname']." ".$row['lname']." ".$row['suffix']; - $cacert_name=strtr($cacert_name,",.",""); - $cacert_name=trim(str_replace(" ", " ", $cacert_name)); - - //Generate a short name form without the middle name - $cacert_short_name=$row['fname']." ".$row['lname']." ".$row['suffix']; - $cacert_short_name=strtr($cacert_short_name,",.",""); - $cacert_short_name=trim(str_replace(" ", " ", $cacert_short_name)); - - - $tverifybits = explode(" ", trim($_SERVER['SSL_CLIENT_S_DN_G']), 2); - $firstname = trim($tverifybits['0']); - $givenname = trim($_SERVER['SSL_CLIENT_S_DN_G']); - $lastname = trim($_SERVER['SSL_CLIENT_S_DN_S']); - $tverify_name=strtr("$givenname $lastname",",.",""); - $tverify_short_name=strtr("$firstname $lastname",",.",""); - - if(($cacert_name != $tverify_name) and ($cacert_short_name == $tverify_name)) - { - $continue = 0; - printf(_("Your CAcert account contains a middle name (%s), but we cannot verify this middle name with the certificate."),$row['mname']); - - } - - if($continue and ($cacert_name != $tverify_name) and ($cacert_name == $tverify_short_name)) - { - printf(_("Your certificate containes a middle name (%s) which isn´t listed in your CAcert account. In case you might want to get certificates with your middle name included in the future, you should add the middle name to your CAcert account before continueing.")); - } - - if($continue and ($cacert_name != $tverify_name) and ($cacert_name != $tverify_short_name) and ($cacert_short_name == $tverify_short_name)) - { - printf(_("There is a problem with your middle name. You could remove the middle name in your CAcert account, which should help to continue with the TVerify process, but then you can´t use it in your certificates.")); - } - - if($continue and ($cacert_name != $tverify_name) and ($cacert_name != $tverify_short_name)) - { - $continue = 0; - printf(_("The name and email address on your certificate (%s) could not be exactly matched to any stored in our database (%s), as such I'm not able to continue with this process."),$tverify_name,$cacert_name); - } - } - - if($_SERVER['SSL_CLIENT_VERIFY'] == "SUCCESS" && $continue == 1) - { - $_SESSION['_config']['uid'] = $memid; - $_SESSION['_config']['CN'] = trim($_SERVER['SSL_CLIENT_S_DN']); -?> -<p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;"> -<?=_("By just submitting your Thawte certificate you can be issued 50 points automatically to any matching account in the system that you operate.")?><br> -<?=_("To receive an additional 40 points you must also include a valid link to your notary listing on the Thawte website.")?><br> -<?=_("If you meet the above criteria you are also elligible to receive an additional 60 points by submitting a legible government issued copy of your photo ID. If details on your photo ID aren't legible you may be excluded from receiving these points.")?></p> -<? if($_SESSION['_config']['errmsg'] != "") { ?><p> </p><p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;"><? - echo $_SESSION['_config']['errmsg']."</p>"; - unset($_SESSION['_config']['errmsg']); -} ?> -<form method="post" action="index.php" enctype="multipart/form-data"> -<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper"> - <tr> - <td colspan="2" class="title"><?=_("Points Transfer and Verification")?></td> - </tr> - <tr> - <td class="DataTD" width="125"><?=_("Email Address")?>: </td> - <td class="DataTD" width="125"><input type="text" name="email" value="<?=$row['email']?>"></td> - </tr> - <tr> - <td class="DataTD" width="125"><?=_("Notary URL")?>: </td> - <td class="DataTD" width="125"><input type="text" name="notaryURL" value="<?=htmlentities($_POST['notaryURL'])?>"></td> - </tr> - <tr> - <td class="DataTD" width="125"><?=_("Photo ID")?>: </td> - <td class="DataTD" width="125"><input type="file" name="photoid"></td> - </tr> - <tr> - <td class="DataTD"><?=_("Pass Phrase")?>: </td> - <td class="DataTD"><input type="password" name="pword"></td> - </tr> - <tr> - <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Submit Application for Points Transfer")?>"></td> - </tr> - -</table> -<input type="hidden" name="id" value="1"> -</form> -<? } else if($continue == 1) { - echo _("1I'm sorry, I couldn't verify your certificate"); - } -?> diff --git a/tverify/index/1.php b/tverify/index/1.php deleted file mode 100644 index ad9875a..0000000 --- a/tverify/index/1.php +++ /dev/null @@ -1 +0,0 @@ -<p><?=_("Your request is now queued for processing, you will be notified by an automated email when your request has been verified by the points transfer team.");?></p> diff --git a/www/.gitignore b/www/.gitignore new file mode 100644 index 0000000..faca589 --- /dev/null +++ b/www/.gitignore @@ -0,0 +1,5 @@ +# Ignore CRLs autogenerated by the CommModule +/class3-revoke.crl +/class3-revoke.crl.patch +/revoke.crl +/revoke.crl.patch diff --git a/www/account.php b/www/account.php index 0b32c2c..a1f23df 100644 --- a/www/account.php +++ b/www/account.php @@ -53,17 +53,6 @@ echo _("Your message has been sent to the general support list."); showfooter(); exit; - } else if($id == 51 && $_GET['img'] == "show") { - $query = "select * from `tverify` where `id`='".intval($_GET['photoid'])."' and `modified`=0"; - $res = mysql_query($query); - if(mysql_num_rows($res)) - { - $row = mysql_fetch_assoc($res); - readfile($row['photoid']); - } else { - die("No such file."); - } - exit; } else if ($id == 37) { $protocol = $_SERVER['HTTPS'] ? 'https' : 'http'; $newUrl = $protocol . '://wiki.cacert.org/FAQ/AboutUs'; diff --git a/www/cap.php b/www/cap.php index 73380e1..dc283fb 100644 --- a/www/cap.php +++ b/www/cap.php @@ -48,7 +48,7 @@ $this->SetFont('Arial','I',8); if($_SESSION['_config']['language'] == "ja") $this->SetFont('SJIS','I',8); - $this->Cell(0,0,'CAcert Inc. - P.O. Box 4107 - Denistone East NSW 2112 - Australia - http://www.CAcert.org',0,0,'C'); + $this->Cell(0,0,'CAcert Inc. - PO Box 66 - Oatley NSW 2223 - Australia - http://www.CAcert.org',0,0,'C'); $this->Ln(3); $this->SetFont('Arial','',6); if($_SESSION['_config']['language'] == "ja") diff --git a/www/cats/cats_import.php b/www/cats/cats_import.php index feb92d4..e4e83c5 100644 --- a/www/cats/cats_import.php +++ b/www/cats/cats_import.php @@ -31,7 +31,9 @@ function sanitize_string($buffer) { } define ('UNDEFINED', 'nd'); -define ('ALLOWED_IP', '213.154.225.243'); +// Specific for testserver: Accept Test-CATS-Server +define ('ALLOWED_IP', '10.38.6.88'); +//define ('ALLOWED_IP', '213.154.225.243'); define ('ALLOWED_IP2', '172.16.2.27'); define ('CONFIG_FILEPATH', '/www/'); diff --git a/www/certs/cacert.asc b/www/certs/cacert.asc index 120f516..e526392 100644 --- a/www/certs/cacert.asc +++ b/www/certs/cacert.asc @@ -1,30 +1,31 @@ -----BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v1.2.2 (GNU/Linux) +Version: GnuPG v1.4.9 (GNU/Linux) -mQGiBD8OdRwRBACEr0/NPA88qp8f6KyIMMveLQ1FOuLi0aDQDPybG7u1nrBoi3VI -tSRyfYcdExVxWQjTGd9qbShzXBw2DsxjA6YjiGzWKpVcqtj9uUDpSlylBaoadUzu -Sf3r3IkOHR2QJeC+9v2il30xy5XLMxDRbQYaSmf4uwTlIOUWNn118KpdawCgoNny -p4DR9EvRgCmY5z6IKHA2WscD/AhAKDVHCIAoZHzSB/puNOuVUSKRbIWNAqUAYosz -GRzYWb8O/3Ja4fNb3IMQ1gIsEcnUJFHnzID3pTjqWyiCId/NSX3fLuQxZHZE9n8P -PqlZIvqMrOfCT0RJQa0zTFcrgepnmnHLj7qmtXQZm+YkTvlihOZNtVA4JNzrxDrQ -egkqA/4hr0LezNJfkUhWnbW604p7AmmKK7Hi/ZixAfnxN0adgnV7oC3Q4VM8aB2i -gReSuifluHiaJmf/WsA3KH4bdyLRbagz6dOPkXY8bQKy9yRxQz9oYwudlluYoZXe -gSQI2Jle9U2ENefa9ouvVlsB0he1qzF6VzHXAXpLsANt5smDh7Q0Q0EgQ2VydCBT -aWduaW5nIEF1dGhvcml0eSAoUm9vdCBDQSkgPGdwZ0BjYWNlcnQub3JnPohfBBMR -AgAfBQI/DnUcBQk4ZAkABAsHAwIDFQIDAxYCAQIeAQIXgAAKCRDSuw0BZdD9WEFX -AJ9C6WBcYfTYw1uvZ+N85TPGG5PMKQCcCM1tyULC5J6pfwevywS6cEwfagW5Ag0E -Pw51MBAIANUbl1u0j+mnVJk1fKbJ+Ul6SAYpNtordfgrgrmlnOhMCFcROrCzsaaI -1ehohxMbTnIj0RP0g/KotahAurqB98qzHIxXZMEJSzBE2OCNvlIXqUyT1jwhAUN6 -e71s084Lml84gD4cIr7+2YtwIu+6zrE+YdjfMT1NibM3vmiXaknrk4aADb02ZS5U -iDeRstUO5PG7qVg4umR0HZJ1Ck2U7Kdjaekzzlm0q/vYMZKTYX37NkZRUU0QFLsM -tACEaZnwKf9hMAWJwG1OFyJeLVH8xvzCkI4I+fpAvAQj6LVAh41SHl7EivH6SiTp -/+61idoz/CGqeLBxuex6Z+Y53U54FmcAAwUH/2chzBs1YWFX5LuLGEW3R3UW/wDb -RnYpsSR+pnMBVh18WS0nF08R/SXtb12RsqN5H+GtELOZng6IWL5hhgNaYvF1F4sW -Ezm2nyVmTsu7/DtHLmXtzz1oNLQ9pzJkoqP2pGtPYQKvmiuoNbt+l1prwjt5zn1D -slLn8w0+9/PP1YdKpuZ/189yQP6iYsLHxBxg/50MbSzoFwiT22aJCdF+OJ7zRwDy -GhjnfV7HVwdEDV5rvb7aRolRmZZF2UADSPu52BWT4PI0nVnewAgivyELqVU3Zc3P -aWqmH5BAh22MjbsbXrWZXK/WOfZCNlPVdfHxwFGxnlwsHgmyrkPAs3szJGiITAQY -EQIADAUCPw51MAUJOGQJAAAKCRDSuw0BZdD9WMw8AJwIVUzB2WQJGAbf/aXzCABn -QWdKwACdEWUSf69RZiJgp4oMfXMx0fDEh2I= -=OaPO +mQGiBE3TAtQRBACuFhUNT3BOIXflZx8ENFN2hf0KHDgReWMW5+hcx8M2C9mueAST +89x0QxtdWUbsrMFSr3UvDIKjoPFVzV+WT/dez5aADSrnR4OxYPfzcNIWPjm8su/9 +HrH6+ivaH+iOoBOuhYrHthun+1fsqLedhTMNqb+tt6OfzqIuyFkmpm+FqwCg5ECF +s53E7j6BJuKYLeWqFDqFOH0D/1pnXyBF78YurXcwwA7eSQWoc3f1g5lwyqOWwcLv +ynI/dcPV5BosEUcqEjaNEyBR0LFRZC7tnw2VLPzr65aLA6SrFqEJ2bEdWkO9vM5g +8InhmcqTz7Yg/QGnyGT0iNBMG8zg4Ajz20Ty6GE887HMao6qpYKXSbujMRWVjVLn +VjpgA/9i1gsBjpGwr5rJ67dyDLVkJ5XMEP2ivgAhzKQ/inyLk2N3Nbm0YKWgrZRE ++pEcZVsLn2jHqd5yu1zVr3Cm44HHaB/A4ew+hRio9vbhJy7cfanfZpAL8Rg8wZbQ +t4x6zvrs0fXXNuD1BiSucOK4qGZ2vWukggmhAlHu5x5hws5qtbRLQ0FjZXJ0IFRl +c3QgU2VydmVyIFNpZ25pbmcgQXV0aG9yaXR5IChmb3IgdGVzdGluZyBvbmx5ISEh +KSA8Z3BnQGNhY2VydC5vcmc+iGYEExECACYFAk3TAtQCGwMFCSWYBgAGCwkIBwMC +BBUCCAMEFgIDAQIeAQIXgAAKCRBL5zSBd/dRrLxrAJ9kaSLRAlcy9e57yuAAxoZy +weX20ACg44B1AA26G0OePf9o3YBdUTjPsES5Ag0ETdMC1BAIAI9UEZ2NKbJfVWc+ +CBb5kKhO6qazLDnRsRkMY5WE1PTBP09ieAaQ7cv424e6fKdZxSO5vUQ27tLmcQXo +ICoREsDuSyESvEPbyBOro5LIY+z52TihqEHLPUN7OxlbPLX81AIKOCgEIUtpcYoX +MiwXPVO50Swo3PCCQiOQ7ewvkd32ZbSPl50B+/59JiDsQsnx1o+Ls7WkALzQ6w7T +UxLIVYWuFd9Hg/VOXBH67e81p/O7SDy6pMkDQaA9F22rA5Vv5TBJ2BAKWYfYK47i +HxtUhw2/WBUzhcw2AGqCnCy9nrYELLAqljnlCdWLyvhuWyUAG87D/1/5qD0+9idh +jcFWH/MAAwUH/2R7AWSZzbomxTcO5Q7/WxzTDtgUEy7eRbjqFMAusiQlTYDdeHz8 +PfWok6mGhUapJaGnA05hy6aYBIzl4idmQgz39xD47O0qeDWve6YwrDuLYju6JIwv +YfNiNAOjrZcRW4PCYeJfIK0WHV3+3kkneOX4Mql9QNKWs5W2LReMnHyq6POWasuf +EgDu0TfqaJTeK3IXKrEJI8G4R4xdHXmZ16Is5T49w09mvMan+TTGczzjWn0aWD3D +DOlTKK7h+82MSNCTiCi7aNoEyMTfeadSsrbqiaqtF0P/fyBDpGWFj3/A4foAcgtx +KVt0UHf1Va1g8M+czG3pCOne6dyafZGAe7qITwQYEQIADwUCTdMC1AIbDAUJJZgG +AAAKCRBL5zSBd/dRrAC5AKDdxp26zp4Km3jItBdeMD/gv8qxMgCgmmH1kizLe5Rk +yYchS2oleEWXIqM= +=9tD2 -----END PGP PUBLIC KEY BLOCK----- diff --git a/www/certs/class3.crt b/www/certs/class3.crt index 087ca0e..1899afb 100644 --- a/www/certs/class3.crt +++ b/www/certs/class3.crt @@ -1,42 +1,43 @@ -----BEGIN CERTIFICATE----- -MIIHWTCCBUGgAwIBAgIDCkGKMA0GCSqGSIb3DQEBCwUAMHkxEDAOBgNVBAoTB1Jv -b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ -Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y -dEBjYWNlcnQub3JnMB4XDTExMDUyMzE3NDgwMloXDTIxMDUyMDE3NDgwMlowVDEU -MBIGA1UEChMLQ0FjZXJ0IEluYy4xHjAcBgNVBAsTFWh0dHA6Ly93d3cuQ0FjZXJ0 -Lm9yZzEcMBoGA1UEAxMTQ0FjZXJ0IENsYXNzIDMgUm9vdDCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBAKtJNRFIfNImflOUz0Op3SjXQiqL84d4GVh8D57a -iX3h++tykA10oZZkq5+gJJlz2uJVdscXe/UErEa4w75/ZI0QbCTzYZzA8pD6Ueb1 -aQFjww9W4kpCz+JEjCUoqMV5CX1GuYrz6fM0KQhF5Byfy5QEHIGoFLOYZcRD7E6C -jQnRvapbjZLQ7N6QxX8KwuPr5jFaXnQ+lzNZ6MMDPWAzv/fRb0fEze5ig1JuLgia -pNkVGJGmhZJHsK5I6223IeyFGmhyNav/8BBdwPSUp2rVO5J+TJAFfpPBLIukjmJ0 -FXFuC3ED6q8VOJrU0gVyb4z5K+taciX5OUbjchs+BMNkJyIQKopPWKcDrb60LhPt -XapI19V91Cp7XPpGBFDkzA5CW4zt2/LP/JaT4NsRNlRiNDiPDGCbO5dWOK3z0luL -oFvqTpa4fNfVoIZwQNORKbeiPK31jLvPGpKK5DR7wNhsX+kKwsOnIJpa3yxdUly6 -R9Wb7yQocDggL9V/KcCyQQNokszgnMyXS0XvOhAKq3A6mJVwrTWx6oUrpByAITGp -rmB6gCZIALgBwJNjVSKRPFbnr9s6JfOPMVTqJouBWfmh0VMRxXudA/Z0EeBtsSw/ -LIaRmXGapneLNGDRFLQsrJ2vjBDTn8Rq+G8T/HNZ92ZCdB6K4/jc0m+YnMtHmJVA -BfvpAgMBAAGjggINMIICCTAdBgNVHQ4EFgQUdahxYEyIE/B42Yl3tW3Fid+8sXow -gaMGA1UdIwSBmzCBmIAUFrUyG9TH8+DmjvO90rA67rI5GNGhfaR7MHkxEDAOBgNV -BAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAG -A1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYS -c3VwcG9ydEBjYWNlcnQub3JnggEAMA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUH -AQEEUTBPMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggr -BgEFBQcwAoYcaHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBB -MD8GCCsGAQQBgZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9y -Zy9pbmRleC5waHA/aWQ9MTAwNAYJYIZIAYb4QgEIBCcWJWh0dHA6Ly93d3cuQ0Fj -ZXJ0Lm9yZy9pbmRleC5waHA/aWQ9MTAwUAYJYIZIAYb4QgENBEMWQVRvIGdldCB5 -b3VyIG93biBjZXJ0aWZpY2F0ZSBmb3IgRlJFRSwgZ28gdG8gaHR0cDovL3d3dy5D -QWNlcnQub3JnMA0GCSqGSIb3DQEBCwUAA4ICAQApKIWuRKm5r6R5E/CooyuXYPNc -7uMvwfbiZqARrjY3OnYVBFPqQvX56sAV2KaC2eRhrnILKVyQQ+hBsuF32wITRHhH -Va9Y/MyY9kW50SD42CEH/m2qc9SzxgfpCYXMO/K2viwcJdVxjDm1Luq+GIG6sJO4 -D+Pm1yaMMVpyA4RS5qb1MyJFCsgLDYq4Nm+QCaGrvdfVTi5xotSu+qdUK+s1jVq3 -VIgv7nSf7UgWyg1I0JTTrKSi9iTfkuO960NAkW4cGI5WtIIS86mTn9S8nK2cde5a -lxuV53QtHA+wLJef+6kzOXrnAzqSjiL2jA3k2X4Ndhj3AfnvlpaiVXPAPHG0HRpW -Q7fDCo1y/OIQCQtBzoyUoPkD/XFzS4pXM+WOdH4VAQDmzEoc53+VGS3FpQyLu7Xt -hbNc09+4ufLKxw0BFKxwWMWMjTPUnWajGlCVI/xI4AZDEtnNp4Y5LzZyo4AQ5OHz -0ctbGsDkgJp8E3MGT9ujayQKurMcvEp4u+XjdTilSKeiHq921F73OIZWWonO1sOn -ebJSoMbxhbQljPI/lrMQ2Y1sVzufb4Y6GIIiNsiwkTjbKqGTqoQ/9SdlrnPVyNXT -d+pLncdBu8fA46A/5H2kjXPmEkvfoXNzczqA6NXLji/L6hOn1kGLrPo8idck9U60 -4GGSt/M3mMS+lqO3ig== +MIIHgjCCBWqgAwIBAgICEBswDQYJKoZIhvcNAQELBQAwgYcxCzAJBgNVBAYTAkFV +MRgwFgYDVQQIEw9OZXcgU291dGggV2FsZXMxGjAYBgNVBAoTEUNBY2VydCBUZXN0 +c2VydmVyMSEwHwYDVQQLExhodHRwOi8vY2FjZXJ0MS5pdC1zbHMuZGUxHzAdBgNV +BAMTFkNBY2VydCBUZXN0c2VydmVyIFJvb3QwHhcNMTEwNTAxMTgyNTA5WhcNMjEw +NDI4MTgyNTA5WjBiMRkwFwYDVQQKExBDQWNlcnQgVGVzdHNldmVyMSEwHwYDVQQL +ExhodHRwOi8vY2FjZXJ0MS5pdC1zbHMuZGUxIjAgBgNVBAMTGUNBY2VydCBUZXN0 +c2VydmVyIENsYXNzIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDI +576JQukwI58zuNidaS0HUYVCBmy4mpV7VhydDtW07hDu5lYGmbcuBW+SfjPCjMMR +QVEiNrWv3tLclBKah/ubOmgP1HenQxRfGiJkuPk7dwlM7qqPfRn/H1Pm1w1bj/e1 +yZkeNc0UzMPdRbD9InR3/hwHQ1hfLHKGbbYc6uTb+0UOgGAsMwb/WVb+8mSrgERZ +9pFhw8uK5+BFgJwSdsTsN68h5ZDL4VIf9Zq8z8jNGcXK0DSoZ0vT0y6EyVdXiXNS +PF/zAPTbBBQcBGmhKBlcTLwcPHLeHIEfwRGf72wqBYNNrT0J37yTci31x+xC0/iQ +wjPD4rRhYFxm/UW9sFtEJVtIf9o/oj2Mh2FGRa0DDk0oX+jewZEnTy+MUd0k4LFy +Md6Ucn4lJsb3uHnjZ8ayz5DEMDQ/3Mzjf6CjhOc4oXm5UXuE2gsZyno93fLtTXAc +4w0KzMcZ2diAp5Tdpq0w3pMJUAFoehFScBRK7Kb9xuXVPxoSvGCVPNXXUsEioIlf +T2StKvDVBPBTtWRnE0BLYTJaWQAnWp64QgWiVn+JmdGkIm4sHpB1FweN4msdkgic +6JAlYJRp71tSjuEnJwVtgqLqpUtLPTpJ64/0lDlazCJ5NaduTpAA+MSqXlHSA/Rb +Q1VSaKdRadqLYOUoqGFwHdldeyZpAwp0ibM62GmVrQIDAQABo4ICGjCCAhYwHQYD +VR0OBBYEFISE4B0WSV6xxeXnzy2oVnRL6JKUMIG0BgNVHSMEgawwgamAFIXXBQrW +j/IELV7ry/32aYsfTgb+oYGNpIGKMIGHMQswCQYDVQQGEwJBVTEYMBYGA1UECBMP +TmV3IFNvdXRoIFdhbGVzMRowGAYDVQQKExFDQWNlcnQgVGVzdHNlcnZlcjEhMB8G +A1UECxMYaHR0cDovL2NhY2VydDEuaXQtc2xzLmRlMR8wHQYDVQQDExZDQWNlcnQg +VGVzdHNlcnZlciBSb290ggEAMA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUHAQEE +UTBPMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggrBgEF +BQcwAoYcaHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBGBgNVHSAEPzA9MDsG +BCsGAQUwMzAxBggrBgEFBQcCARYlaHR0cDovL3d3dy5DQWNlcnQub3JnL2luZGV4 +LnBocD9pZD0xMDA0BglghkgBhvhCAQgEJxYlaHR0cDovL3d3dy5DQWNlcnQub3Jn +L2luZGV4LnBocD9pZD0xMDBQBglghkgBhvhCAQ0EQxZBVG8gZ2V0IHlvdXIgb3du +IGNlcnRpZmljYXRlIGZvciBGUkVFLCBnbyB0byBodHRwOi8vd3d3LkNBY2VydC5v +cmcwDQYJKoZIhvcNAQELBQADggIBAFWedxYAhAD+hiOxIqMoynyAdMaBbmCg7zJc +Eq6pgbP7cHL+4zzIP4Zc/tPsmbL7il3cILb0+ETwmXRnC6c9E2xWke6jv9qzQ0Aj +QI7FQdD/0cJgKagMTn+aBgyiGG6U0zTKU7cK3Ae3zSjtdaibEJyQoQlLuEzZzDYO +LBXJXDEInhrZ+gqWRnWDOJwdr/19alqgF8nvxKQ136vV8Lqmsrzcs0O+6v53YeVj +9AYyeCLK2XPCyhGpia2t7uPIN1zolCgJLXQcJEg3dGRqsmAeuB7PylOz9xuxXjYR +Sq6fcOP31CxhSeHwTqTxzkuz/u+l4RBq/0LkMS/QBBmnjaqPy3TbEwner/xMWxyL +i9DPLPrXnJXrxczV5ScUt+0cMYWDY+A+pnxwd0s/TzfDIChidSTKSbY9kPcbxCVO +W+Pz6muoYWrPuj02rZDIN29rIQAe73vh3C++zvAB6SfbfTTMij97K86fc9Rs6amK +CwdhKWKFibL6z0FhxAvjpxo3Fugm4q9sDAzx3GHUJ1vzq3ZJAbY1CiPglUb9rAi+ +cpFkrnSP9paa/w5iYrSTOBduGdBp8kcrHXB9RuSLndL+J41xexIBb+tSTQ8H8pzk +iRTOfmYoGiizERHM1OUl9BPW/2+UZ9o4KUl7sPakniMkpm1dBKhvXj9rcA8+SUpp +Raog64+T -----END CERTIFICATE----- diff --git a/www/certs/class3.der b/www/certs/class3.der Binary files differindex 56f8c88..e13d2b9 100644 --- a/www/certs/class3.der +++ b/www/certs/class3.der diff --git a/www/certs/class3.txt b/www/certs/class3.txt index a77aa14..68533d8 100644 --- a/www/certs/class3.txt +++ b/www/certs/class3.txt @@ -1,59 +1,59 @@ Certificate: Data: Version: 3 (0x2) - Serial Number: 672138 (0xa418a) + Serial Number: 4123 (0x101b) Signature Algorithm: sha256WithRSAEncryption - Issuer: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=support@cacert.org + Issuer: C=AU, ST=New South Wales, O=CAcert Testserver, OU=http://cacert1.it-sls.de, CN=CAcert Testserver Root Validity - Not Before: May 23 17:48:02 2011 GMT - Not After : May 20 17:48:02 2021 GMT - Subject: O=CAcert Inc., OU=http://www.CAcert.org, CN=CAcert Class 3 Root + Not Before: May 1 18:25:09 2011 GMT + Not After : Apr 28 18:25:09 2021 GMT + Subject: O=CAcert Testsever, OU=http://cacert1.it-sls.de, CN=CAcert Testserver Class 3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (4096 bit) Modulus (4096 bit): - 00:ab:49:35:11:48:7c:d2:26:7e:53:94:cf:43:a9: - dd:28:d7:42:2a:8b:f3:87:78:19:58:7c:0f:9e:da: - 89:7d:e1:fb:eb:72:90:0d:74:a1:96:64:ab:9f:a0: - 24:99:73:da:e2:55:76:c7:17:7b:f5:04:ac:46:b8: - c3:be:7f:64:8d:10:6c:24:f3:61:9c:c0:f2:90:fa: - 51:e6:f5:69:01:63:c3:0f:56:e2:4a:42:cf:e2:44: - 8c:25:28:a8:c5:79:09:7d:46:b9:8a:f3:e9:f3:34: - 29:08:45:e4:1c:9f:cb:94:04:1c:81:a8:14:b3:98: - 65:c4:43:ec:4e:82:8d:09:d1:bd:aa:5b:8d:92:d0: - ec:de:90:c5:7f:0a:c2:e3:eb:e6:31:5a:5e:74:3e: - 97:33:59:e8:c3:03:3d:60:33:bf:f7:d1:6f:47:c4: - cd:ee:62:83:52:6e:2e:08:9a:a4:d9:15:18:91:a6: - 85:92:47:b0:ae:48:eb:6d:b7:21:ec:85:1a:68:72: - 35:ab:ff:f0:10:5d:c0:f4:94:a7:6a:d5:3b:92:7e: - 4c:90:05:7e:93:c1:2c:8b:a4:8e:62:74:15:71:6e: - 0b:71:03:ea:af:15:38:9a:d4:d2:05:72:6f:8c:f9: - 2b:eb:5a:72:25:f9:39:46:e3:72:1b:3e:04:c3:64: - 27:22:10:2a:8a:4f:58:a7:03:ad:be:b4:2e:13:ed: - 5d:aa:48:d7:d5:7d:d4:2a:7b:5c:fa:46:04:50:e4: - cc:0e:42:5b:8c:ed:db:f2:cf:fc:96:93:e0:db:11: - 36:54:62:34:38:8f:0c:60:9b:3b:97:56:38:ad:f3: - d2:5b:8b:a0:5b:ea:4e:96:b8:7c:d7:d5:a0:86:70: - 40:d3:91:29:b7:a2:3c:ad:f5:8c:bb:cf:1a:92:8a: - e4:34:7b:c0:d8:6c:5f:e9:0a:c2:c3:a7:20:9a:5a: - df:2c:5d:52:5c:ba:47:d5:9b:ef:24:28:70:38:20: - 2f:d5:7f:29:c0:b2:41:03:68:92:cc:e0:9c:cc:97: - 4b:45:ef:3a:10:0a:ab:70:3a:98:95:70:ad:35:b1: - ea:85:2b:a4:1c:80:21:31:a9:ae:60:7a:80:26:48: - 00:b8:01:c0:93:63:55:22:91:3c:56:e7:af:db:3a: - 25:f3:8f:31:54:ea:26:8b:81:59:f9:a1:d1:53:11: - c5:7b:9d:03:f6:74:11:e0:6d:b1:2c:3f:2c:86:91: - 99:71:9a:a6:77:8b:34:60:d1:14:b4:2c:ac:9d:af: - 8c:10:d3:9f:c4:6a:f8:6f:13:fc:73:59:f7:66:42: - 74:1e:8a:e3:f8:dc:d2:6f:98:9c:cb:47:98:95:40: - 05:fb:e9 + 00:c8:e7:be:89:42:e9:30:23:9f:33:b8:d8:9d:69: + 2d:07:51:85:42:06:6c:b8:9a:95:7b:56:1c:9d:0e: + d5:b4:ee:10:ee:e6:56:06:99:b7:2e:05:6f:92:7e: + 33:c2:8c:c3:11:41:51:22:36:b5:af:de:d2:dc:94: + 12:9a:87:fb:9b:3a:68:0f:d4:77:a7:43:14:5f:1a: + 22:64:b8:f9:3b:77:09:4c:ee:aa:8f:7d:19:ff:1f: + 53:e6:d7:0d:5b:8f:f7:b5:c9:99:1e:35:cd:14:cc: + c3:dd:45:b0:fd:22:74:77:fe:1c:07:43:58:5f:2c: + 72:86:6d:b6:1c:ea:e4:db:fb:45:0e:80:60:2c:33: + 06:ff:59:56:fe:f2:64:ab:80:44:59:f6:91:61:c3: + cb:8a:e7:e0:45:80:9c:12:76:c4:ec:37:af:21:e5: + 90:cb:e1:52:1f:f5:9a:bc:cf:c8:cd:19:c5:ca:d0: + 34:a8:67:4b:d3:d3:2e:84:c9:57:57:89:73:52:3c: + 5f:f3:00:f4:db:04:14:1c:04:69:a1:28:19:5c:4c: + bc:1c:3c:72:de:1c:81:1f:c1:11:9f:ef:6c:2a:05: + 83:4d:ad:3d:09:df:bc:93:72:2d:f5:c7:ec:42:d3: + f8:90:c2:33:c3:e2:b4:61:60:5c:66:fd:45:bd:b0: + 5b:44:25:5b:48:7f:da:3f:a2:3d:8c:87:61:46:45: + ad:03:0e:4d:28:5f:e8:de:c1:91:27:4f:2f:8c:51: + dd:24:e0:b1:72:31:de:94:72:7e:25:26:c6:f7:b8: + 79:e3:67:c6:b2:cf:90:c4:30:34:3f:dc:cc:e3:7f: + a0:a3:84:e7:38:a1:79:b9:51:7b:84:da:0b:19:ca: + 7a:3d:dd:f2:ed:4d:70:1c:e3:0d:0a:cc:c7:19:d9: + d8:80:a7:94:dd:a6:ad:30:de:93:09:50:01:68:7a: + 11:52:70:14:4a:ec:a6:fd:c6:e5:d5:3f:1a:12:bc: + 60:95:3c:d5:d7:52:c1:22:a0:89:5f:4f:64:ad:2a: + f0:d5:04:f0:53:b5:64:67:13:40:4b:61:32:5a:59: + 00:27:5a:9e:b8:42:05:a2:56:7f:89:99:d1:a4:22: + 6e:2c:1e:90:75:17:07:8d:e2:6b:1d:92:08:9c:e8: + 90:25:60:94:69:ef:5b:52:8e:e1:27:27:05:6d:82: + a2:ea:a5:4b:4b:3d:3a:49:eb:8f:f4:94:39:5a:cc: + 22:79:35:a7:6e:4e:90:00:f8:c4:aa:5e:51:d2:03: + f4:5b:43:55:52:68:a7:51:69:da:8b:60:e5:28:a8: + 61:70:1d:d9:5d:7b:26:69:03:0a:74:89:b3:3a:d8: + 69:95:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: - 75:A8:71:60:4C:88:13:F0:78:D9:89:77:B5:6D:C5:89:DF:BC:B1:7A + 84:84:E0:1D:16:49:5E:B1:C5:E5:E7:CF:2D:A8:56:74:4B:E8:92:94 X509v3 Authority Key Identifier: - keyid:16:B5:32:1B:D4:C7:F3:E0:E6:8E:F3:BD:D2:B0:3A:EE:B2:39:18:D1 - DirName:/O=Root CA/OU=http://www.cacert.org/CN=CA Cert Signing Authority/emailAddress=support@cacert.org + keyid:85:D7:05:0A:D6:8F:F2:04:2D:5E:EB:CB:FD:F6:69:8B:1F:4E:06:FE + DirName:/C=AU/ST=New South Wales/O=CAcert Testserver/OU=http://cacert1.it-sls.de/CN=CAcert Testserver Root serial:00 X509v3 Basic Constraints: critical @@ -63,7 +63,7 @@ Certificate: CA Issuers - URI:http://www.CAcert.org/ca.crt X509v3 Certificate Policies: - Policy: 1.3.6.1.4.1.18506 + Policy: Security CPS: http://www.CAcert.org/index.php?id=10 Netscape CA Policy Url: @@ -71,74 +71,75 @@ Certificate: Netscape Comment: To get your own certificate for FREE, go to http://www.CAcert.org Signature Algorithm: sha256WithRSAEncryption - 29:28:85:ae:44:a9:b9:af:a4:79:13:f0:a8:a3:2b:97:60:f3: - 5c:ee:e3:2f:c1:f6:e2:66:a0:11:ae:36:37:3a:76:15:04:53: - ea:42:f5:f9:ea:c0:15:d8:a6:82:d9:e4:61:ae:72:0b:29:5c: - 90:43:e8:41:b2:e1:77:db:02:13:44:78:47:55:af:58:fc:cc: - 98:f6:45:b9:d1:20:f8:d8:21:07:fe:6d:aa:73:d4:b3:c6:07: - e9:09:85:cc:3b:f2:b6:be:2c:1c:25:d5:71:8c:39:b5:2e:ea: - be:18:81:ba:b0:93:b8:0f:e3:e6:d7:26:8c:31:5a:72:03:84: - 52:e6:a6:f5:33:22:45:0a:c8:0b:0d:8a:b8:36:6f:90:09:a1: - ab:bd:d7:d5:4e:2e:71:a2:d4:ae:fa:a7:54:2b:eb:35:8d:5a: - b7:54:88:2f:ee:74:9f:ed:48:16:ca:0d:48:d0:94:d3:ac:a4: - a2:f6:24:df:92:e3:bd:eb:43:40:91:6e:1c:18:8e:56:b4:82: - 12:f3:a9:93:9f:d4:bc:9c:ad:9c:75:ee:5a:97:1b:95:e7:74: - 2d:1c:0f:b0:2c:97:9f:fb:a9:33:39:7a:e7:03:3a:92:8e:22: - f6:8c:0d:e4:d9:7e:0d:76:18:f7:01:f9:ef:96:96:a2:55:73: - c0:3c:71:b4:1d:1a:56:43:b7:c3:0a:8d:72:fc:e2:10:09:0b: - 41:ce:8c:94:a0:f9:03:fd:71:73:4b:8a:57:33:e5:8e:74:7e: - 15:01:00:e6:cc:4a:1c:e7:7f:95:19:2d:c5:a5:0c:8b:bb:b5: - ed:85:b3:5c:d3:df:b8:b9:f2:ca:c7:0d:01:14:ac:70:58:c5: - 8c:8d:33:d4:9d:66:a3:1a:50:95:23:fc:48:e0:06:43:12:d9: - cd:a7:86:39:2f:36:72:a3:80:10:e4:e1:f3:d1:cb:5b:1a:c0: - e4:80:9a:7c:13:73:06:4f:db:a3:6b:24:0a:ba:b3:1c:bc:4a: - 78:bb:e5:e3:75:38:a5:48:a7:a2:1e:af:76:d4:5e:f7:38:86: - 56:5a:89:ce:d6:c3:a7:79:b2:52:a0:c6:f1:85:b4:25:8c:f2: - 3f:96:b3:10:d9:8d:6c:57:3b:9f:6f:86:3a:18:82:22:36:c8: - b0:91:38:db:2a:a1:93:aa:84:3f:f5:27:65:ae:73:d5:c8:d5: - d3:77:ea:4b:9d:c7:41:bb:c7:c0:e3:a0:3f:e4:7d:a4:8d:73: - e6:12:4b:df:a1:73:73:73:3a:80:e8:d5:cb:8e:2f:cb:ea:13: - a7:d6:41:8b:ac:fa:3c:89:d7:24:f5:4e:b4:e0:61:92:b7:f3: - 37:98:c4:be:96:a3:b7:8a + 55:9e:77:16:00:84:00:fe:86:23:b1:22:a3:28:ca:7c:80:74: + c6:81:6e:60:a0:ef:32:5c:12:ae:a9:81:b3:fb:70:72:fe:e3: + 3c:c8:3f:86:5c:fe:d3:ec:99:b2:fb:8a:5d:dc:20:b6:f4:f8: + 44:f0:99:74:67:0b:a7:3d:13:6c:56:91:ee:a3:bf:da:b3:43: + 40:23:40:8e:c5:41:d0:ff:d1:c2:60:29:a8:0c:4e:7f:9a:06: + 0c:a2:18:6e:94:d3:34:ca:53:b7:0a:dc:07:b7:cd:28:ed:75: + a8:9b:10:9c:90:a1:09:4b:b8:4c:d9:cc:36:0e:2c:15:c9:5c: + 31:08:9e:1a:d9:fa:0a:96:46:75:83:38:9c:1d:af:fd:7d:6a: + 5a:a0:17:c9:ef:c4:a4:35:df:ab:d5:f0:ba:a6:b2:bc:dc:b3: + 43:be:ea:fe:77:61:e5:63:f4:06:32:78:22:ca:d9:73:c2:ca: + 11:a9:89:ad:ad:ee:e3:c8:37:5c:e8:94:28:09:2d:74:1c:24: + 48:37:74:64:6a:b2:60:1e:b8:1e:cf:ca:53:b3:f7:1b:b1:5e: + 36:11:4a:ae:9f:70:e3:f7:d4:2c:61:49:e1:f0:4e:a4:f1:ce: + 4b:b3:fe:ef:a5:e1:10:6a:ff:42:e4:31:2f:d0:04:19:a7:8d: + aa:8f:cb:74:db:13:09:de:af:fc:4c:5b:1c:8b:8b:d0:cf:2c: + fa:d7:9c:95:eb:c5:cc:d5:e5:27:14:b7:ed:1c:31:85:83:63: + e0:3e:a6:7c:70:77:4b:3f:4f:37:c3:20:28:62:75:24:ca:49: + b6:3d:90:f7:1b:c4:25:4e:5b:e3:f3:ea:6b:a8:61:6a:cf:ba: + 3d:36:ad:90:c8:37:6f:6b:21:00:1e:ef:7b:e1:dc:2f:be:ce: + f0:01:e9:27:db:7d:34:cc:8a:3f:7b:2b:ce:9f:73:d4:6c:e9: + a9:8a:0b:07:61:29:62:85:89:b2:fa:cf:41:61:c4:0b:e3:a7: + 1a:37:16:e8:26:e2:af:6c:0c:0c:f1:dc:61:d4:27:5b:f3:ab: + 76:49:01:b6:35:0a:23:e0:95:46:fd:ac:08:be:72:91:64:ae: + 74:8f:f6:96:9a:ff:0e:62:62:b4:93:38:17:6e:19:d0:69:f2: + 47:2b:1d:70:7d:46:e4:8b:9d:d2:fe:27:8d:71:7b:12:01:6f: + eb:52:4d:0f:07:f2:9c:e4:89:14:ce:7e:66:28:1a:28:b3:11: + 11:cc:d4:e5:25:f4:13:d6:ff:6f:94:67:da:38:29:49:7b:b0: + f6:a4:9e:23:24:a6:6d:5d:04:a8:6f:5e:3f:6b:70:0f:3e:49: + 4a:69:45:aa:20:eb:8f:93 -----BEGIN CERTIFICATE----- -MIIHWTCCBUGgAwIBAgIDCkGKMA0GCSqGSIb3DQEBCwUAMHkxEDAOBgNVBAoTB1Jv -b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ -Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y -dEBjYWNlcnQub3JnMB4XDTExMDUyMzE3NDgwMloXDTIxMDUyMDE3NDgwMlowVDEU -MBIGA1UEChMLQ0FjZXJ0IEluYy4xHjAcBgNVBAsTFWh0dHA6Ly93d3cuQ0FjZXJ0 -Lm9yZzEcMBoGA1UEAxMTQ0FjZXJ0IENsYXNzIDMgUm9vdDCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBAKtJNRFIfNImflOUz0Op3SjXQiqL84d4GVh8D57a -iX3h++tykA10oZZkq5+gJJlz2uJVdscXe/UErEa4w75/ZI0QbCTzYZzA8pD6Ueb1 -aQFjww9W4kpCz+JEjCUoqMV5CX1GuYrz6fM0KQhF5Byfy5QEHIGoFLOYZcRD7E6C -jQnRvapbjZLQ7N6QxX8KwuPr5jFaXnQ+lzNZ6MMDPWAzv/fRb0fEze5ig1JuLgia -pNkVGJGmhZJHsK5I6223IeyFGmhyNav/8BBdwPSUp2rVO5J+TJAFfpPBLIukjmJ0 -FXFuC3ED6q8VOJrU0gVyb4z5K+taciX5OUbjchs+BMNkJyIQKopPWKcDrb60LhPt -XapI19V91Cp7XPpGBFDkzA5CW4zt2/LP/JaT4NsRNlRiNDiPDGCbO5dWOK3z0luL -oFvqTpa4fNfVoIZwQNORKbeiPK31jLvPGpKK5DR7wNhsX+kKwsOnIJpa3yxdUly6 -R9Wb7yQocDggL9V/KcCyQQNokszgnMyXS0XvOhAKq3A6mJVwrTWx6oUrpByAITGp -rmB6gCZIALgBwJNjVSKRPFbnr9s6JfOPMVTqJouBWfmh0VMRxXudA/Z0EeBtsSw/ -LIaRmXGapneLNGDRFLQsrJ2vjBDTn8Rq+G8T/HNZ92ZCdB6K4/jc0m+YnMtHmJVA -BfvpAgMBAAGjggINMIICCTAdBgNVHQ4EFgQUdahxYEyIE/B42Yl3tW3Fid+8sXow -gaMGA1UdIwSBmzCBmIAUFrUyG9TH8+DmjvO90rA67rI5GNGhfaR7MHkxEDAOBgNV -BAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAG -A1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYS -c3VwcG9ydEBjYWNlcnQub3JnggEAMA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUH -AQEEUTBPMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggr -BgEFBQcwAoYcaHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBKBgNVHSAEQzBB -MD8GCCsGAQQBgZBKMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9y -Zy9pbmRleC5waHA/aWQ9MTAwNAYJYIZIAYb4QgEIBCcWJWh0dHA6Ly93d3cuQ0Fj -ZXJ0Lm9yZy9pbmRleC5waHA/aWQ9MTAwUAYJYIZIAYb4QgENBEMWQVRvIGdldCB5 -b3VyIG93biBjZXJ0aWZpY2F0ZSBmb3IgRlJFRSwgZ28gdG8gaHR0cDovL3d3dy5D -QWNlcnQub3JnMA0GCSqGSIb3DQEBCwUAA4ICAQApKIWuRKm5r6R5E/CooyuXYPNc -7uMvwfbiZqARrjY3OnYVBFPqQvX56sAV2KaC2eRhrnILKVyQQ+hBsuF32wITRHhH -Va9Y/MyY9kW50SD42CEH/m2qc9SzxgfpCYXMO/K2viwcJdVxjDm1Luq+GIG6sJO4 -D+Pm1yaMMVpyA4RS5qb1MyJFCsgLDYq4Nm+QCaGrvdfVTi5xotSu+qdUK+s1jVq3 -VIgv7nSf7UgWyg1I0JTTrKSi9iTfkuO960NAkW4cGI5WtIIS86mTn9S8nK2cde5a -lxuV53QtHA+wLJef+6kzOXrnAzqSjiL2jA3k2X4Ndhj3AfnvlpaiVXPAPHG0HRpW -Q7fDCo1y/OIQCQtBzoyUoPkD/XFzS4pXM+WOdH4VAQDmzEoc53+VGS3FpQyLu7Xt -hbNc09+4ufLKxw0BFKxwWMWMjTPUnWajGlCVI/xI4AZDEtnNp4Y5LzZyo4AQ5OHz -0ctbGsDkgJp8E3MGT9ujayQKurMcvEp4u+XjdTilSKeiHq921F73OIZWWonO1sOn -ebJSoMbxhbQljPI/lrMQ2Y1sVzufb4Y6GIIiNsiwkTjbKqGTqoQ/9SdlrnPVyNXT -d+pLncdBu8fA46A/5H2kjXPmEkvfoXNzczqA6NXLji/L6hOn1kGLrPo8idck9U60 -4GGSt/M3mMS+lqO3ig== +MIIHgjCCBWqgAwIBAgICEBswDQYJKoZIhvcNAQELBQAwgYcxCzAJBgNVBAYTAkFV +MRgwFgYDVQQIEw9OZXcgU291dGggV2FsZXMxGjAYBgNVBAoTEUNBY2VydCBUZXN0 +c2VydmVyMSEwHwYDVQQLExhodHRwOi8vY2FjZXJ0MS5pdC1zbHMuZGUxHzAdBgNV +BAMTFkNBY2VydCBUZXN0c2VydmVyIFJvb3QwHhcNMTEwNTAxMTgyNTA5WhcNMjEw +NDI4MTgyNTA5WjBiMRkwFwYDVQQKExBDQWNlcnQgVGVzdHNldmVyMSEwHwYDVQQL +ExhodHRwOi8vY2FjZXJ0MS5pdC1zbHMuZGUxIjAgBgNVBAMTGUNBY2VydCBUZXN0 +c2VydmVyIENsYXNzIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDI +576JQukwI58zuNidaS0HUYVCBmy4mpV7VhydDtW07hDu5lYGmbcuBW+SfjPCjMMR +QVEiNrWv3tLclBKah/ubOmgP1HenQxRfGiJkuPk7dwlM7qqPfRn/H1Pm1w1bj/e1 +yZkeNc0UzMPdRbD9InR3/hwHQ1hfLHKGbbYc6uTb+0UOgGAsMwb/WVb+8mSrgERZ +9pFhw8uK5+BFgJwSdsTsN68h5ZDL4VIf9Zq8z8jNGcXK0DSoZ0vT0y6EyVdXiXNS +PF/zAPTbBBQcBGmhKBlcTLwcPHLeHIEfwRGf72wqBYNNrT0J37yTci31x+xC0/iQ +wjPD4rRhYFxm/UW9sFtEJVtIf9o/oj2Mh2FGRa0DDk0oX+jewZEnTy+MUd0k4LFy +Md6Ucn4lJsb3uHnjZ8ayz5DEMDQ/3Mzjf6CjhOc4oXm5UXuE2gsZyno93fLtTXAc +4w0KzMcZ2diAp5Tdpq0w3pMJUAFoehFScBRK7Kb9xuXVPxoSvGCVPNXXUsEioIlf +T2StKvDVBPBTtWRnE0BLYTJaWQAnWp64QgWiVn+JmdGkIm4sHpB1FweN4msdkgic +6JAlYJRp71tSjuEnJwVtgqLqpUtLPTpJ64/0lDlazCJ5NaduTpAA+MSqXlHSA/Rb +Q1VSaKdRadqLYOUoqGFwHdldeyZpAwp0ibM62GmVrQIDAQABo4ICGjCCAhYwHQYD +VR0OBBYEFISE4B0WSV6xxeXnzy2oVnRL6JKUMIG0BgNVHSMEgawwgamAFIXXBQrW +j/IELV7ry/32aYsfTgb+oYGNpIGKMIGHMQswCQYDVQQGEwJBVTEYMBYGA1UECBMP +TmV3IFNvdXRoIFdhbGVzMRowGAYDVQQKExFDQWNlcnQgVGVzdHNlcnZlcjEhMB8G +A1UECxMYaHR0cDovL2NhY2VydDEuaXQtc2xzLmRlMR8wHQYDVQQDExZDQWNlcnQg +VGVzdHNlcnZlciBSb290ggEAMA8GA1UdEwEB/wQFMAMBAf8wXQYIKwYBBQUHAQEE +UTBPMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5DQWNlcnQub3JnLzAoBggrBgEF +BQcwAoYcaHR0cDovL3d3dy5DQWNlcnQub3JnL2NhLmNydDBGBgNVHSAEPzA9MDsG +BCsGAQUwMzAxBggrBgEFBQcCARYlaHR0cDovL3d3dy5DQWNlcnQub3JnL2luZGV4 +LnBocD9pZD0xMDA0BglghkgBhvhCAQgEJxYlaHR0cDovL3d3dy5DQWNlcnQub3Jn +L2luZGV4LnBocD9pZD0xMDBQBglghkgBhvhCAQ0EQxZBVG8gZ2V0IHlvdXIgb3du +IGNlcnRpZmljYXRlIGZvciBGUkVFLCBnbyB0byBodHRwOi8vd3d3LkNBY2VydC5v +cmcwDQYJKoZIhvcNAQELBQADggIBAFWedxYAhAD+hiOxIqMoynyAdMaBbmCg7zJc +Eq6pgbP7cHL+4zzIP4Zc/tPsmbL7il3cILb0+ETwmXRnC6c9E2xWke6jv9qzQ0Aj +QI7FQdD/0cJgKagMTn+aBgyiGG6U0zTKU7cK3Ae3zSjtdaibEJyQoQlLuEzZzDYO +LBXJXDEInhrZ+gqWRnWDOJwdr/19alqgF8nvxKQ136vV8Lqmsrzcs0O+6v53YeVj +9AYyeCLK2XPCyhGpia2t7uPIN1zolCgJLXQcJEg3dGRqsmAeuB7PylOz9xuxXjYR +Sq6fcOP31CxhSeHwTqTxzkuz/u+l4RBq/0LkMS/QBBmnjaqPy3TbEwner/xMWxyL +i9DPLPrXnJXrxczV5ScUt+0cMYWDY+A+pnxwd0s/TzfDIChidSTKSbY9kPcbxCVO +W+Pz6muoYWrPuj02rZDIN29rIQAe73vh3C++zvAB6SfbfTTMij97K86fc9Rs6amK +CwdhKWKFibL6z0FhxAvjpxo3Fugm4q9sDAzx3GHUJ1vzq3ZJAbY1CiPglUb9rAi+ +cpFkrnSP9paa/w5iYrSTOBduGdBp8kcrHXB9RuSLndL+J41xexIBb+tSTQ8H8pzk +iRTOfmYoGiizERHM1OUl9BPW/2+UZ9o4KUl7sPakniMkpm1dBKhvXj9rcA8+SUpp +Raog64+T -----END CERTIFICATE----- diff --git a/www/certs/root.crt b/www/certs/root.crt index e7dfc82..fa9d766 100644 --- a/www/certs/root.crt +++ b/www/certs/root.crt @@ -1,41 +1,43 @@ -----BEGIN CERTIFICATE----- -MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290 -IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB -IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA -Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO -BgNVBAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEi -MCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJ -ARYSc3VwcG9ydEBjYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAziLA4kZ97DYoB1CW8qAzQIxL8TtmPzHlawI229Z89vGIj053NgVBlfkJ -8BLPRoZzYLdufujAWGSuzbCtRRcMY/pnCujW0r8+55jE8Ez64AO7NV1sId6eINm6 -zWYyN3L69wj1x81YyY7nDl7qPv4coRQKFWyGhFtkZip6qUtTefWIonvuLwphK42y -fk1WpRPs6tqSnqxEQR5YYGUFZvjARL3LlPdCfgv3ZWiYUQXw8wWRBB0bF4LsyFe7 -w2t6iPGwcswlWyCR7BYCEo8y6RcYSNDHBS4CMEK4JZwFaz+qOqfrU0j36NK2B5jc -G8Y0f3/JHIJ6BVgrCFvzOKKrF11myZjXnhCLotLddJr3cQxyYN/Nb5gznZY0dj4k -epKwDpUeb+agRThHqtdB7Uq3EvbXG4OKDy7YCbZZ16oE/9KTfWgu3YtLq1i6L43q -laegw1SJpfvbi1EinbLDvhG+LJGGi5Z4rSDTii8aP8bQUWWHIbEZAWV/RRyH9XzQ -QUxPKZgh/TMfdQwEUfoZd9vUFBzugcMd9Zi3aQaRIt0AUMyBMawSB3s42mhb5ivU -fslfrejrckzzAeVLIL+aplfKkQABi6F1ITe1Yw1nPkZPcCBnzsXWWdsC4PDSy826 -YreQQejdIOQpvGQpQsgi3Hia/0PsmBsJUUtaWsJx8cTLc6nloQsCAwEAAaOCAc4w -ggHKMB0GA1UdDgQWBBQWtTIb1Mfz4OaO873SsDrusjkY0TCBowYDVR0jBIGbMIGY -gBQWtTIb1Mfz4OaO873SsDrusjkY0aF9pHsweTEQMA4GA1UEChMHUm9vdCBDQTEe -MBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0 -IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2Vy -dC5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zAyBgNVHR8EKzApMCegJaAjhiFodHRw -czovL3d3dy5jYWNlcnQub3JnL3Jldm9rZS5jcmwwMAYJYIZIAYb4QgEEBCMWIWh0 -dHBzOi8vd3d3LmNhY2VydC5vcmcvcmV2b2tlLmNybDA0BglghkgBhvhCAQgEJxYl -aHR0cDovL3d3dy5jYWNlcnQub3JnL2luZGV4LnBocD9pZD0xMDBWBglghkgBhvhC -AQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRlIGZvciBGUkVFIGhlYWQg -b3ZlciB0byBodHRwOi8vd3d3LmNhY2VydC5vcmcwDQYJKoZIhvcNAQEEBQADggIB -ACjH7pyCArpcgBLKNQodgW+JapnM8mgPf6fhjViVPr3yBsOQWqy1YPaZQwGjiHCc -nWKdpIevZ1gNMDY75q1I08t0AoZxPuIrA2jxNGJARjtT6ij0rPtmlVOKTV39O9lg -18p5aTuxZZKmxoGCXJzN600BiqXfEVWqFcofN8CCmHBh22p8lqOOLlQ+TyGpkO/c -gr/c6EWtTZBzCDyUZbAEmXZ/4rzCahWqlwQ3JNgelE5tDlG+1sSPypZt90Pf6DBl -Jzt7u0NDY8RD97LsaMzhGY4i+5jhe1o+ATc7iwiwovOVThrLm82asduycPAtStvY -sONvRUgzEv/+PDIqVPfE94rwiCPCR/5kenHA0R6mY7AHfqQv0wGP3J8rtsYIqQ+T -SCX8Ev2fQtzzxD72V7DX3WnRBnc0CkvSyqD/HMaMyRa+xMwyN2hzXwj7UfdJUzYF -CpUCTPJ5GhD22Dp1nPMd8aINcGeGG7MW9S/lpOt5hvk9C8JzC6WZrG/8Z7jlLwum -GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk -zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW -omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD +MIIHpzCCBY+gAwIBAgIBADANBgkqhkiG9w0BAQUFADCBhzELMAkGA1UEBhMCQVUx +GDAWBgNVBAgTD05ldyBTb3V0aCBXYWxlczEaMBgGA1UEChMRQ0FjZXJ0IFRlc3Rz +ZXJ2ZXIxITAfBgNVBAsTGGh0dHA6Ly9jYWNlcnQxLml0LXNscy5kZTEfMB0GA1UE +AxMWQ0FjZXJ0IFRlc3RzZXJ2ZXIgUm9vdDAeFw0xMTAzMjkyMDQ1MjBaFw0yMTAz +MjYyMDQ1MjBaMIGHMQswCQYDVQQGEwJBVTEYMBYGA1UECBMPTmV3IFNvdXRoIFdh +bGVzMRowGAYDVQQKExFDQWNlcnQgVGVzdHNlcnZlcjEhMB8GA1UECxMYaHR0cDov +L2NhY2VydDEuaXQtc2xzLmRlMR8wHQYDVQQDExZDQWNlcnQgVGVzdHNlcnZlciBS +b290MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5fvQIrtzGpSbyWam +2kHfXMCXgRuTHSuQwbvkqdLAqtiI4ZQkF4jTy+7D6LVnDd3kw/hC1EAhcV79WuTn +PrrpjM1JdliOOOvb5sh9SQrdT4w1IO2JBmHrykcHCcvh7tLcm8iKA3iIIxO76SXZ +Pd7buDEQQrP8z6AXBgCRIdtS9uA5WxAmmbj2ToL8UaViijB062zVO9euOuMdN5Qk +pCVOj9tfzotJDHw3sNvP65G/C63ZJ0ysUhohncXe+e6UIPHVS+V54nBENz+4HY/d +zchFFHhnhuCSyhPfSz975IlnBSgMqhVPEYuFpAkDUSUpc8kXoe+cVVSjPBw0exUJ +X4OUjEUf3HgdPyaoeeAPbkQ2pd118vMHzTzAX7t/GzVxROkYSzFvuSljI7ivFx9Y +lPRsMW5L9TRIjxCPBLoqTNKgQQOfZiib+T4PY/ii+qU17lMZK9L9hnAMjW8L2dzx +Z6/qrhM58vKqt6Rd9bsUt109WWflKY39YenlGaCJU+0qgsUcbl2qHjgbkz8rvJJM +10BkVROvVvqnPjkSc8ZPD+1Si9pP0pztAl7vXsDM30jtL6Jv/DyTFKUljpb0tqA9 +22SyOxUu0kkKBYXY1HrqL6Ahvjeorv5aDzrUqAYTYB6Z82ykx0bG5FsAK4ShoTv1 +3ir9ejhln4JPGiyQTdMXgRaHX/kCAwEAAaOCAhowggIWMB0GA1UdDgQWBBSF1wUK +1o/yBC1e68v99mmLH04G/jCBtAYDVR0jBIGsMIGpgBSF1wUK1o/yBC1e68v99mmL +H04G/qGBjaSBijCBhzELMAkGA1UEBhMCQVUxGDAWBgNVBAgTD05ldyBTb3V0aCBX +YWxlczEaMBgGA1UEChMRQ0FjZXJ0IFRlc3RzZXJ2ZXIxITAfBgNVBAsTGGh0dHA6 +Ly9jYWNlcnQxLml0LXNscy5kZTEfMB0GA1UEAxMWQ0FjZXJ0IFRlc3RzZXJ2ZXIg +Um9vdIIBADAPBgNVHRMBAf8EBTADAQH/MF0GCCsGAQUFBwEBBFEwTzAjBggrBgEF +BQcwAYYXaHR0cDovL29jc3AuQ0FjZXJ0Lm9yZy8wKAYIKwYBBQUHMAKGHGh0dHA6 +Ly93d3cuQ0FjZXJ0Lm9yZy9jYS5jcnQwRgYDVR0gBD8wPTA7BgQrBgEFMDMwMQYI +KwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZy9pbmRleC5waHA/aWQ9MTAw +NAYJYIZIAYb4QgEIBCcWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZy9pbmRleC5waHA/ +aWQ9MTAwUAYJYIZIAYb4QgENBEMWQVRvIGdldCB5b3VyIG93biBjZXJ0aWZpY2F0 +ZSBmb3IgRlJFRSwgZ28gdG8gaHR0cDovL3d3dy5DQWNlcnQub3JnMA0GCSqGSIb3 +DQEBBQUAA4ICAQDQjXJDogH/NiU53JEUaw7jEF7qgp8vLjO2AXkwwpdKOWKS6lm9 +BQXiKs6HUdVYwsdST30kSvF1dD9Y9gCgFVyN662Tk2LwaPyKRq9cxlUXwqKEczfE +4yFPhYXS1giIGL8aSUx0lok6KWRXNgspgBIZ+0tFV+9GLNTP5y+ofU2ME1xw6+zM +tN/rgN2Xt6oVO24tJlKWVvodIgfq8QPscxZHwFqyHWh8hsL8q4mSDZZ0B7wHy51F +gliDzcq+WG8tk29WV++7uHRnN2rqJSoGc91IAHN2YmBW/mCeiqPH0Ms1x7Oo1DuZ +C5pc1GGyxGun252NxRM9jEz7UsWqHRCCyyA6Tyo2E6b3gdiatmohW1JIUTk+WONZ +41+Htgz+vhGFzTOnAWUQLapPllNeYjs/b1Ub8vpycx2O0FU3ZPtC+41GriPHQ2rJ +/ToQVI4ZAHUp7O6n4+r7Onhf5qylVeux+Qzy+IV2Db7rj0KXBoHjW3S0hIfIJE0x +1T5Ldj+YBFvCLvd6RrcNgoS/HaKAV/42AENy1V1eBBP6TJ8kmXWVbyRpzRFgZmmB +z6jLle2M0/kaPER2s5QFvxu+Y6mwrQ237im9oPHzY4kGv8eeF+AMUOmSC+M5jb3m ++IafDexcFnjchflKWV/RRHSj28kJ3ops1lgpkx4+TJo3M62Udepphw0ItA== -----END CERTIFICATE----- diff --git a/www/certs/root.der b/www/certs/root.der Binary files differindex 719b0ff..9166696 100644 --- a/www/certs/root.der +++ b/www/certs/root.der diff --git a/www/certs/root.txt b/www/certs/root.txt index 96bb2cd..26c1593 100644 --- a/www/certs/root.txt +++ b/www/certs/root.txt @@ -2,139 +2,144 @@ Certificate: Data: Version: 3 (0x2) Serial Number: 0 (0x0) - Signature Algorithm: md5WithRSAEncryption - Issuer: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=support@cacert.org + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=AU, ST=New South Wales, O=CAcert Testserver, OU=http://cacert1.it-sls.de, CN=CAcert Testserver Root Validity - Not Before: Mar 30 12:29:49 2003 GMT - Not After : Mar 29 12:29:49 2033 GMT - Subject: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=support@cacert.org + Not Before: Mar 29 20:45:20 2011 GMT + Not After : Mar 26 20:45:20 2021 GMT + Subject: C=AU, ST=New South Wales, O=CAcert Testserver, OU=http://cacert1.it-sls.de, CN=CAcert Testserver Root Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (4096 bit) Modulus (4096 bit): - 00:ce:22:c0:e2:46:7d:ec:36:28:07:50:96:f2:a0: - 33:40:8c:4b:f1:3b:66:3f:31:e5:6b:02:36:db:d6: - 7c:f6:f1:88:8f:4e:77:36:05:41:95:f9:09:f0:12: - cf:46:86:73:60:b7:6e:7e:e8:c0:58:64:ae:cd:b0: - ad:45:17:0c:63:fa:67:0a:e8:d6:d2:bf:3e:e7:98: - c4:f0:4c:fa:e0:03:bb:35:5d:6c:21:de:9e:20:d9: - ba:cd:66:32:37:72:fa:f7:08:f5:c7:cd:58:c9:8e: - e7:0e:5e:ea:3e:fe:1c:a1:14:0a:15:6c:86:84:5b: - 64:66:2a:7a:a9:4b:53:79:f5:88:a2:7b:ee:2f:0a: - 61:2b:8d:b2:7e:4d:56:a5:13:ec:ea:da:92:9e:ac: - 44:41:1e:58:60:65:05:66:f8:c0:44:bd:cb:94:f7: - 42:7e:0b:f7:65:68:98:51:05:f0:f3:05:91:04:1d: - 1b:17:82:ec:c8:57:bb:c3:6b:7a:88:f1:b0:72:cc: - 25:5b:20:91:ec:16:02:12:8f:32:e9:17:18:48:d0: - c7:05:2e:02:30:42:b8:25:9c:05:6b:3f:aa:3a:a7: - eb:53:48:f7:e8:d2:b6:07:98:dc:1b:c6:34:7f:7f: - c9:1c:82:7a:05:58:2b:08:5b:f3:38:a2:ab:17:5d: - 66:c9:98:d7:9e:10:8b:a2:d2:dd:74:9a:f7:71:0c: - 72:60:df:cd:6f:98:33:9d:96:34:76:3e:24:7a:92: - b0:0e:95:1e:6f:e6:a0:45:38:47:aa:d7:41:ed:4a: - b7:12:f6:d7:1b:83:8a:0f:2e:d8:09:b6:59:d7:aa: - 04:ff:d2:93:7d:68:2e:dd:8b:4b:ab:58:ba:2f:8d: - ea:95:a7:a0:c3:54:89:a5:fb:db:8b:51:22:9d:b2: - c3:be:11:be:2c:91:86:8b:96:78:ad:20:d3:8a:2f: - 1a:3f:c6:d0:51:65:87:21:b1:19:01:65:7f:45:1c: - 87:f5:7c:d0:41:4c:4f:29:98:21:fd:33:1f:75:0c: - 04:51:fa:19:77:db:d4:14:1c:ee:81:c3:1d:f5:98: - b7:69:06:91:22:dd:00:50:cc:81:31:ac:12:07:7b: - 38:da:68:5b:e6:2b:d4:7e:c9:5f:ad:e8:eb:72:4c: - f3:01:e5:4b:20:bf:9a:a6:57:ca:91:00:01:8b:a1: - 75:21:37:b5:63:0d:67:3e:46:4f:70:20:67:ce:c5: - d6:59:db:02:e0:f0:d2:cb:cd:ba:62:b7:90:41:e8: - dd:20:e4:29:bc:64:29:42:c8:22:dc:78:9a:ff:43: - ec:98:1b:09:51:4b:5a:5a:c2:71:f1:c4:cb:73:a9: - e5:a1:0b + 00:e5:fb:d0:22:bb:73:1a:94:9b:c9:66:a6:da:41: + df:5c:c0:97:81:1b:93:1d:2b:90:c1:bb:e4:a9:d2: + c0:aa:d8:88:e1:94:24:17:88:d3:cb:ee:c3:e8:b5: + 67:0d:dd:e4:c3:f8:42:d4:40:21:71:5e:fd:5a:e4: + e7:3e:ba:e9:8c:cd:49:76:58:8e:38:eb:db:e6:c8: + 7d:49:0a:dd:4f:8c:35:20:ed:89:06:61:eb:ca:47: + 07:09:cb:e1:ee:d2:dc:9b:c8:8a:03:78:88:23:13: + bb:e9:25:d9:3d:de:db:b8:31:10:42:b3:fc:cf:a0: + 17:06:00:91:21:db:52:f6:e0:39:5b:10:26:99:b8: + f6:4e:82:fc:51:a5:62:8a:30:74:eb:6c:d5:3b:d7: + ae:3a:e3:1d:37:94:24:a4:25:4e:8f:db:5f:ce:8b: + 49:0c:7c:37:b0:db:cf:eb:91:bf:0b:ad:d9:27:4c: + ac:52:1a:21:9d:c5:de:f9:ee:94:20:f1:d5:4b:e5: + 79:e2:70:44:37:3f:b8:1d:8f:dd:cd:c8:45:14:78: + 67:86:e0:92:ca:13:df:4b:3f:7b:e4:89:67:05:28: + 0c:aa:15:4f:11:8b:85:a4:09:03:51:25:29:73:c9: + 17:a1:ef:9c:55:54:a3:3c:1c:34:7b:15:09:5f:83: + 94:8c:45:1f:dc:78:1d:3f:26:a8:79:e0:0f:6e:44: + 36:a5:dd:75:f2:f3:07:cd:3c:c0:5f:bb:7f:1b:35: + 71:44:e9:18:4b:31:6f:b9:29:63:23:b8:af:17:1f: + 58:94:f4:6c:31:6e:4b:f5:34:48:8f:10:8f:04:ba: + 2a:4c:d2:a0:41:03:9f:66:28:9b:f9:3e:0f:63:f8: + a2:fa:a5:35:ee:53:19:2b:d2:fd:86:70:0c:8d:6f: + 0b:d9:dc:f1:67:af:ea:ae:13:39:f2:f2:aa:b7:a4: + 5d:f5:bb:14:b7:5d:3d:59:67:e5:29:8d:fd:61:e9: + e5:19:a0:89:53:ed:2a:82:c5:1c:6e:5d:aa:1e:38: + 1b:93:3f:2b:bc:92:4c:d7:40:64:55:13:af:56:fa: + a7:3e:39:12:73:c6:4f:0f:ed:52:8b:da:4f:d2:9c: + ed:02:5e:ef:5e:c0:cc:df:48:ed:2f:a2:6f:fc:3c: + 93:14:a5:25:8e:96:f4:b6:a0:3d:db:64:b2:3b:15: + 2e:d2:49:0a:05:85:d8:d4:7a:ea:2f:a0:21:be:37: + a8:ae:fe:5a:0f:3a:d4:a8:06:13:60:1e:99:f3:6c: + a4:c7:46:c6:e4:5b:00:2b:84:a1:a1:3b:f5:de:2a: + fd:7a:38:65:9f:82:4f:1a:2c:90:4d:d3:17:81:16: + 87:5f:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: - 16:B5:32:1B:D4:C7:F3:E0:E6:8E:F3:BD:D2:B0:3A:EE:B2:39:18:D1 + 85:D7:05:0A:D6:8F:F2:04:2D:5E:EB:CB:FD:F6:69:8B:1F:4E:06:FE X509v3 Authority Key Identifier: - keyid:16:B5:32:1B:D4:C7:F3:E0:E6:8E:F3:BD:D2:B0:3A:EE:B2:39:18:D1 - DirName:/O=Root CA/OU=http://www.cacert.org/CN=CA Cert Signing Authority/emailAddress=support@cacert.org + keyid:85:D7:05:0A:D6:8F:F2:04:2D:5E:EB:CB:FD:F6:69:8B:1F:4E:06:FE + DirName:/C=AU/ST=New South Wales/O=CAcert Testserver/OU=http://cacert1.it-sls.de/CN=CAcert Testserver Root serial:00 X509v3 Basic Constraints: critical CA:TRUE - X509v3 CRL Distribution Points: - URI:https://www.cacert.org/revoke.crl + Authority Information Access: + OCSP - URI:http://ocsp.CAcert.org/ + CA Issuers - URI:http://www.CAcert.org/ca.crt + + X509v3 Certificate Policies: + Policy: Security + CPS: http://www.CAcert.org/index.php?id=10 - Netscape CA Revocation Url: - https://www.cacert.org/revoke.crl Netscape CA Policy Url: - http://www.cacert.org/index.php?id=10 + http://www.CAcert.org/index.php?id=10 Netscape Comment: - To get your own certificate for FREE head over to http://www.cacert.org - Signature Algorithm: md5WithRSAEncryption - 28:c7:ee:9c:82:02:ba:5c:80:12:ca:35:0a:1d:81:6f:89:6a: - 99:cc:f2:68:0f:7f:a7:e1:8d:58:95:3e:bd:f2:06:c3:90:5a: - ac:b5:60:f6:99:43:01:a3:88:70:9c:9d:62:9d:a4:87:af:67: - 58:0d:30:36:3b:e6:ad:48:d3:cb:74:02:86:71:3e:e2:2b:03: - 68:f1:34:62:40:46:3b:53:ea:28:f4:ac:fb:66:95:53:8a:4d: - 5d:fd:3b:d9:60:d7:ca:79:69:3b:b1:65:92:a6:c6:81:82:5c: - 9c:cd:eb:4d:01:8a:a5:df:11:55:aa:15:ca:1f:37:c0:82:98: - 70:61:db:6a:7c:96:a3:8e:2e:54:3e:4f:21:a9:90:ef:dc:82: - bf:dc:e8:45:ad:4d:90:73:08:3c:94:65:b0:04:99:76:7f:e2: - bc:c2:6a:15:aa:97:04:37:24:d8:1e:94:4e:6d:0e:51:be:d6: - c4:8f:ca:96:6d:f7:43:df:e8:30:65:27:3b:7b:bb:43:43:63: - c4:43:f7:b2:ec:68:cc:e1:19:8e:22:fb:98:e1:7b:5a:3e:01: - 37:3b:8b:08:b0:a2:f3:95:4e:1a:cb:9b:cd:9a:b1:db:b2:70: - f0:2d:4a:db:d8:b0:e3:6f:45:48:33:12:ff:fe:3c:32:2a:54: - f7:c4:f7:8a:f0:88:23:c2:47:fe:64:7a:71:c0:d1:1e:a6:63: - b0:07:7e:a4:2f:d3:01:8f:dc:9f:2b:b6:c6:08:a9:0f:93:48: - 25:fc:12:fd:9f:42:dc:f3:c4:3e:f6:57:b0:d7:dd:69:d1:06: - 77:34:0a:4b:d2:ca:a0:ff:1c:c6:8c:c9:16:be:c4:cc:32:37: - 68:73:5f:08:fb:51:f7:49:53:36:05:0a:95:02:4c:f2:79:1a: - 10:f6:d8:3a:75:9c:f3:1d:f1:a2:0d:70:67:86:1b:b3:16:f5: - 2f:e5:a4:eb:79:86:f9:3d:0b:c2:73:0b:a5:99:ac:6f:fc:67: - b8:e5:2f:0b:a6:18:24:8d:7b:d1:48:35:29:18:40:ac:93:60: - e1:96:86:50:b4:7a:59:d8:8f:21:0b:9f:cf:82:91:c6:3b:bf: - 6b:dc:07:91:b9:97:56:23:aa:b6:6c:94:c6:48:06:3c:e4:ce: - 4e:aa:e4:f6:2f:09:dc:53:6f:2e:fc:74:eb:3a:63:99:c2:a6: - ac:89:bc:a7:b2:44:a0:0d:8a:10:e3:6c:f2:24:cb:fa:9b:9f: - 70:47:2e:de:14:8b:d4:b2:20:09:96:a2:64:f1:24:1c:dc:a1: - 35:9c:15:b2:d4:bc:55:2e:7d:06:f5:9c:0e:55:f4:5a:d6:93: - da:76:ad:25:73:4c:c5:43 + To get your own certificate for FREE, go to http://www.CAcert.org + Signature Algorithm: sha1WithRSAEncryption + d0:8d:72:43:a2:01:ff:36:25:39:dc:91:14:6b:0e:e3:10:5e: + ea:82:9f:2f:2e:33:b6:01:79:30:c2:97:4a:39:62:92:ea:59: + bd:05:05:e2:2a:ce:87:51:d5:58:c2:c7:52:4f:7d:24:4a:f1: + 75:74:3f:58:f6:00:a0:15:5c:8d:eb:ad:93:93:62:f0:68:fc: + 8a:46:af:5c:c6:55:17:c2:a2:84:73:37:c4:e3:21:4f:85:85: + d2:d6:08:88:18:bf:1a:49:4c:74:96:89:3a:29:64:57:36:0b: + 29:80:12:19:fb:4b:45:57:ef:46:2c:d4:cf:e7:2f:a8:7d:4d: + 8c:13:5c:70:eb:ec:cc:b4:df:eb:80:dd:97:b7:aa:15:3b:6e: + 2d:26:52:96:56:fa:1d:22:07:ea:f1:03:ec:73:16:47:c0:5a: + b2:1d:68:7c:86:c2:fc:ab:89:92:0d:96:74:07:bc:07:cb:9d: + 45:82:58:83:cd:ca:be:58:6f:2d:93:6f:56:57:ef:bb:b8:74: + 67:37:6a:ea:25:2a:06:73:dd:48:00:73:76:62:60:56:fe:60: + 9e:8a:a3:c7:d0:cb:35:c7:b3:a8:d4:3b:99:0b:9a:5c:d4:61: + b2:c4:6b:a7:db:9d:8d:c5:13:3d:8c:4c:fb:52:c5:aa:1d:10: + 82:cb:20:3a:4f:2a:36:13:a6:f7:81:d8:9a:b6:6a:21:5b:52: + 48:51:39:3e:58:e3:59:e3:5f:87:b6:0c:fe:be:11:85:cd:33: + a7:01:65:10:2d:aa:4f:96:53:5e:62:3b:3f:6f:55:1b:f2:fa: + 72:73:1d:8e:d0:55:37:64:fb:42:fb:8d:46:ae:23:c7:43:6a: + c9:fd:3a:10:54:8e:19:00:75:29:ec:ee:a7:e3:ea:fb:3a:78: + 5f:e6:ac:a5:55:eb:b1:f9:0c:f2:f8:85:76:0d:be:eb:8f:42: + 97:06:81:e3:5b:74:b4:84:87:c8:24:4d:31:d5:3e:4b:76:3f: + 98:04:5b:c2:2e:f7:7a:46:b7:0d:82:84:bf:1d:a2:80:57:fe: + 36:00:43:72:d5:5d:5e:04:13:fa:4c:9f:24:99:75:95:6f:24: + 69:cd:11:60:66:69:81:cf:a8:cb:95:ed:8c:d3:f9:1a:3c:44: + 76:b3:94:05:bf:1b:be:63:a9:b0:ad:0d:b7:ee:29:bd:a0:f1: + f3:63:89:06:bf:c7:9e:17:e0:0c:50:e9:92:0b:e3:39:8d:bd: + e6:f8:86:9f:0d:ec:5c:16:78:dc:85:f9:4a:59:5f:d1:44:74: + a3:db:c9:09:de:8a:6c:d6:58:29:93:1e:3e:4c:9a:37:33:ad: + 94:75:ea:69:87:0d:08:b4 -----BEGIN CERTIFICATE----- -MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290 -IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB -IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA -Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO -BgNVBAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEi -MCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJ -ARYSc3VwcG9ydEBjYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAziLA4kZ97DYoB1CW8qAzQIxL8TtmPzHlawI229Z89vGIj053NgVBlfkJ -8BLPRoZzYLdufujAWGSuzbCtRRcMY/pnCujW0r8+55jE8Ez64AO7NV1sId6eINm6 -zWYyN3L69wj1x81YyY7nDl7qPv4coRQKFWyGhFtkZip6qUtTefWIonvuLwphK42y -fk1WpRPs6tqSnqxEQR5YYGUFZvjARL3LlPdCfgv3ZWiYUQXw8wWRBB0bF4LsyFe7 -w2t6iPGwcswlWyCR7BYCEo8y6RcYSNDHBS4CMEK4JZwFaz+qOqfrU0j36NK2B5jc -G8Y0f3/JHIJ6BVgrCFvzOKKrF11myZjXnhCLotLddJr3cQxyYN/Nb5gznZY0dj4k -epKwDpUeb+agRThHqtdB7Uq3EvbXG4OKDy7YCbZZ16oE/9KTfWgu3YtLq1i6L43q -laegw1SJpfvbi1EinbLDvhG+LJGGi5Z4rSDTii8aP8bQUWWHIbEZAWV/RRyH9XzQ -QUxPKZgh/TMfdQwEUfoZd9vUFBzugcMd9Zi3aQaRIt0AUMyBMawSB3s42mhb5ivU -fslfrejrckzzAeVLIL+aplfKkQABi6F1ITe1Yw1nPkZPcCBnzsXWWdsC4PDSy826 -YreQQejdIOQpvGQpQsgi3Hia/0PsmBsJUUtaWsJx8cTLc6nloQsCAwEAAaOCAc4w -ggHKMB0GA1UdDgQWBBQWtTIb1Mfz4OaO873SsDrusjkY0TCBowYDVR0jBIGbMIGY -gBQWtTIb1Mfz4OaO873SsDrusjkY0aF9pHsweTEQMA4GA1UEChMHUm9vdCBDQTEe -MBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0 -IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2Vy -dC5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zAyBgNVHR8EKzApMCegJaAjhiFodHRw -czovL3d3dy5jYWNlcnQub3JnL3Jldm9rZS5jcmwwMAYJYIZIAYb4QgEEBCMWIWh0 -dHBzOi8vd3d3LmNhY2VydC5vcmcvcmV2b2tlLmNybDA0BglghkgBhvhCAQgEJxYl -aHR0cDovL3d3dy5jYWNlcnQub3JnL2luZGV4LnBocD9pZD0xMDBWBglghkgBhvhC -AQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRlIGZvciBGUkVFIGhlYWQg -b3ZlciB0byBodHRwOi8vd3d3LmNhY2VydC5vcmcwDQYJKoZIhvcNAQEEBQADggIB -ACjH7pyCArpcgBLKNQodgW+JapnM8mgPf6fhjViVPr3yBsOQWqy1YPaZQwGjiHCc -nWKdpIevZ1gNMDY75q1I08t0AoZxPuIrA2jxNGJARjtT6ij0rPtmlVOKTV39O9lg -18p5aTuxZZKmxoGCXJzN600BiqXfEVWqFcofN8CCmHBh22p8lqOOLlQ+TyGpkO/c -gr/c6EWtTZBzCDyUZbAEmXZ/4rzCahWqlwQ3JNgelE5tDlG+1sSPypZt90Pf6DBl -Jzt7u0NDY8RD97LsaMzhGY4i+5jhe1o+ATc7iwiwovOVThrLm82asduycPAtStvY -sONvRUgzEv/+PDIqVPfE94rwiCPCR/5kenHA0R6mY7AHfqQv0wGP3J8rtsYIqQ+T -SCX8Ev2fQtzzxD72V7DX3WnRBnc0CkvSyqD/HMaMyRa+xMwyN2hzXwj7UfdJUzYF -CpUCTPJ5GhD22Dp1nPMd8aINcGeGG7MW9S/lpOt5hvk9C8JzC6WZrG/8Z7jlLwum -GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk -zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW -omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD +MIIHpzCCBY+gAwIBAgIBADANBgkqhkiG9w0BAQUFADCBhzELMAkGA1UEBhMCQVUx +GDAWBgNVBAgTD05ldyBTb3V0aCBXYWxlczEaMBgGA1UEChMRQ0FjZXJ0IFRlc3Rz +ZXJ2ZXIxITAfBgNVBAsTGGh0dHA6Ly9jYWNlcnQxLml0LXNscy5kZTEfMB0GA1UE +AxMWQ0FjZXJ0IFRlc3RzZXJ2ZXIgUm9vdDAeFw0xMTAzMjkyMDQ1MjBaFw0yMTAz +MjYyMDQ1MjBaMIGHMQswCQYDVQQGEwJBVTEYMBYGA1UECBMPTmV3IFNvdXRoIFdh +bGVzMRowGAYDVQQKExFDQWNlcnQgVGVzdHNlcnZlcjEhMB8GA1UECxMYaHR0cDov +L2NhY2VydDEuaXQtc2xzLmRlMR8wHQYDVQQDExZDQWNlcnQgVGVzdHNlcnZlciBS +b290MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5fvQIrtzGpSbyWam +2kHfXMCXgRuTHSuQwbvkqdLAqtiI4ZQkF4jTy+7D6LVnDd3kw/hC1EAhcV79WuTn +PrrpjM1JdliOOOvb5sh9SQrdT4w1IO2JBmHrykcHCcvh7tLcm8iKA3iIIxO76SXZ +Pd7buDEQQrP8z6AXBgCRIdtS9uA5WxAmmbj2ToL8UaViijB062zVO9euOuMdN5Qk +pCVOj9tfzotJDHw3sNvP65G/C63ZJ0ysUhohncXe+e6UIPHVS+V54nBENz+4HY/d +zchFFHhnhuCSyhPfSz975IlnBSgMqhVPEYuFpAkDUSUpc8kXoe+cVVSjPBw0exUJ +X4OUjEUf3HgdPyaoeeAPbkQ2pd118vMHzTzAX7t/GzVxROkYSzFvuSljI7ivFx9Y +lPRsMW5L9TRIjxCPBLoqTNKgQQOfZiib+T4PY/ii+qU17lMZK9L9hnAMjW8L2dzx +Z6/qrhM58vKqt6Rd9bsUt109WWflKY39YenlGaCJU+0qgsUcbl2qHjgbkz8rvJJM +10BkVROvVvqnPjkSc8ZPD+1Si9pP0pztAl7vXsDM30jtL6Jv/DyTFKUljpb0tqA9 +22SyOxUu0kkKBYXY1HrqL6Ahvjeorv5aDzrUqAYTYB6Z82ykx0bG5FsAK4ShoTv1 +3ir9ejhln4JPGiyQTdMXgRaHX/kCAwEAAaOCAhowggIWMB0GA1UdDgQWBBSF1wUK +1o/yBC1e68v99mmLH04G/jCBtAYDVR0jBIGsMIGpgBSF1wUK1o/yBC1e68v99mmL +H04G/qGBjaSBijCBhzELMAkGA1UEBhMCQVUxGDAWBgNVBAgTD05ldyBTb3V0aCBX +YWxlczEaMBgGA1UEChMRQ0FjZXJ0IFRlc3RzZXJ2ZXIxITAfBgNVBAsTGGh0dHA6 +Ly9jYWNlcnQxLml0LXNscy5kZTEfMB0GA1UEAxMWQ0FjZXJ0IFRlc3RzZXJ2ZXIg +Um9vdIIBADAPBgNVHRMBAf8EBTADAQH/MF0GCCsGAQUFBwEBBFEwTzAjBggrBgEF +BQcwAYYXaHR0cDovL29jc3AuQ0FjZXJ0Lm9yZy8wKAYIKwYBBQUHMAKGHGh0dHA6 +Ly93d3cuQ0FjZXJ0Lm9yZy9jYS5jcnQwRgYDVR0gBD8wPTA7BgQrBgEFMDMwMQYI +KwYBBQUHAgEWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZy9pbmRleC5waHA/aWQ9MTAw +NAYJYIZIAYb4QgEIBCcWJWh0dHA6Ly93d3cuQ0FjZXJ0Lm9yZy9pbmRleC5waHA/ +aWQ9MTAwUAYJYIZIAYb4QgENBEMWQVRvIGdldCB5b3VyIG93biBjZXJ0aWZpY2F0 +ZSBmb3IgRlJFRSwgZ28gdG8gaHR0cDovL3d3dy5DQWNlcnQub3JnMA0GCSqGSIb3 +DQEBBQUAA4ICAQDQjXJDogH/NiU53JEUaw7jEF7qgp8vLjO2AXkwwpdKOWKS6lm9 +BQXiKs6HUdVYwsdST30kSvF1dD9Y9gCgFVyN662Tk2LwaPyKRq9cxlUXwqKEczfE +4yFPhYXS1giIGL8aSUx0lok6KWRXNgspgBIZ+0tFV+9GLNTP5y+ofU2ME1xw6+zM +tN/rgN2Xt6oVO24tJlKWVvodIgfq8QPscxZHwFqyHWh8hsL8q4mSDZZ0B7wHy51F +gliDzcq+WG8tk29WV++7uHRnN2rqJSoGc91IAHN2YmBW/mCeiqPH0Ms1x7Oo1DuZ +C5pc1GGyxGun252NxRM9jEz7UsWqHRCCyyA6Tyo2E6b3gdiatmohW1JIUTk+WONZ +41+Htgz+vhGFzTOnAWUQLapPllNeYjs/b1Ub8vpycx2O0FU3ZPtC+41GriPHQ2rJ +/ToQVI4ZAHUp7O6n4+r7Onhf5qylVeux+Qzy+IV2Db7rj0KXBoHjW3S0hIfIJE0x +1T5Ldj+YBFvCLvd6RrcNgoS/HaKAV/42AENy1V1eBBP6TJ8kmXWVbyRpzRFgZmmB +z6jLle2M0/kaPER2s5QFvxu+Y6mwrQ237im9oPHzY4kGv8eeF+AMUOmSC+M5jb3m ++IafDexcFnjchflKWV/RRHSj28kJ3ops1lgpkx4+TJo3M62Udepphw0ItA== -----END CERTIFICATE----- diff --git a/www/disputes.php b/www/disputes.php index 5b78c1e..e86a0fa 100644 --- a/www/disputes.php +++ b/www/disputes.php @@ -72,11 +72,11 @@ mysql_query($query); } mysql_query("update `disputeemail` set hash='',action='accept' where `id`='$emailid'"); - $rc = mysql_num_rows(mysql_query("select * from `domains` where `memid`='$oldmemid' and `deleted`=0")); - $rc = mysql_num_rows(mysql_query("select * from `email` where `memid`='$oldmemid' and `deleted`=0 and `id`!='$emailid'")); - $res = mysql_query("select * from `users` where `id`='$oldmemid'"); - $user = mysql_fetch_assoc($res); - if($rc == 0 && $rc2 == 0 && $_SESSION['_config']['email'] == $user['email']) + $domaincount = mysql_num_rows(mysql_query("select * from `domains` where `memid`='$oldmemid' and `deleted`=0")); + $emailcount = mysql_num_rows(mysql_query("select * from `email` where `memid`='$oldmemid' and `deleted`=0 and `id`!='$emailid'")); + $res = mysql_query("select * from `users` where `id`='$oldmemid'"); + $user = mysql_fetch_assoc($res); + if($domaincount === 0 && $emailcount === 0 && $_SESSION['_config']['email'] === $user['email']) { mysql_query("update `users` set `deleted`=NOW() where `id`='$oldmemid'"); echo _("This was the primary email on the account, and no emails or domains were left linked so the account has also been removed from the system."); diff --git a/www/gpg.php b/www/gpg.php index 345b559..fcc0742 100644 --- a/www/gpg.php +++ b/www/gpg.php @@ -248,6 +248,12 @@ function verifyEmail($email) $resulttable.="</tr>\n"; if($emailok) $multiple++; + + if(trim($_REQUEST['description']) == ""){ + $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description']))); + }else{ + $description= ""; + } } $resulttable.="</table>"; @@ -280,7 +286,8 @@ function verifyEmail($email) `level`='1', `expires`='".mysql_real_escape_string($expires)."', `multiple`='".mysql_real_escape_string($multiple)."', - `keyid`='".mysql_real_escape_string($keyid)."'"; + `keyid`='".mysql_real_escape_string($keyid)."', + `description`='".mysql_real_escape_string($description)."'"; mysql_query($query); $id = mysql_insert_id(); diff --git a/www/images/cacert4.png b/www/images/cacert4.png Binary files differindex e4650a0..9da24c2 100644 --- a/www/images/cacert4.png +++ b/www/images/cacert4.png diff --git a/www/index.php b/www/index.php index 41b6d7a..7151511 100644 --- a/www/index.php +++ b/www/index.php @@ -427,10 +427,10 @@ require_once('../includes/lib/l10n.php'); $id = 1; $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>\n"; } - if($_SESSION['signup']['fname'] == "" || $_SESSION['signup']['lname'] == "") + if($_SESSION['signup']['lname'] == "") { $id = 1; - $_SESSION['_config']['errmsg'] .= _("First and/or last names were blank.")."<br>\n"; + $_SESSION['_config']['errmsg'] .= _("Last name is blank. If your name consists only of a single part please use the last name field.")."<br>\n"; } if($_SESSION['signup']['year'] < 1900 || $_SESSION['signup']['month'] < 1 || $_SESSION['signup']['month'] > 12 || $_SESSION['signup']['day'] < 1 || $_SESSION['signup']['day'] > 31 || diff --git a/www/keygenIE.js b/www/keygenIE.js new file mode 100644 index 0000000..dad84bb --- /dev/null +++ b/www/keygenIE.js @@ -0,0 +1,648 @@ +/* +LibreSSL - CAcert web application +Copyright (C) 2004-2012 CAcert Inc. + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; version 2 of the License. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA +*/ + +var CAcert_keygen_IE = function () { + + /// Makes a new DOM text node + var textnode = function (text) { + return document.createTextNode(text); + } + + + /// makes a new <p> element + var paragraph = function (text) { + var paragraph = document.createElement("p"); + paragraph.appendChild(textnode(text)); + return paragraph; + } + + + /// makes a new <pre> elemtent + var pre = function (text) { + var pre = document.createElement("pre"); + pre.appendChild(textnode(text)); + return pre; + } + + + /// makes a new <option> element + var option = function (text, value) { + var option = document.createElement("option"); + if (value !== undefined) { + option.setAttribute("value", value); + } + option.appendChild(textnode(text)); + return option; + } + + + /// Removes all child nodes from the element + var removeChildren = function (element) { + element.innerHTML = ""; + } + + + /// Show error message to user from exception + var showError = function (message, exception) { + window.alert(message + + "\n\nError: " + exception.message + + " (0x" + (0xFFFFFFFF + exception.number +1).toString(16) + + " / " + exception.number + ")"); + } + + + + // Get important elements from the DOM + var form = document.getElementById("CertReqForm"); + var securityLevel = document.getElementById("SecurityLevel"); + var customSettings = document.getElementById("customSettings"); + var provider = document.getElementById("CspProvider"); + var algorithm = document.getElementById("algorithm"); + var algorithmParagraph = document.getElementById("algorithmParagraph"); + var keySize = document.getElementById("keySize"); + var keySizeMin = document.getElementById("keySizeMin"); + var keySizeMax = document.getElementById("keySizeMax"); + var keySizeStep = document.getElementById("keySizeStep"); + var genReq = document.getElementById("GenReq"); + var csr = document.getElementById("CSR"); + var noActiveX = document.getElementById("noActiveX"); + var generatingKeyNotice = document.getElementById("generatingKeyNotice"); + var createRequestErrorChooseAlgorithm = document.getElementById("createRequestErrorChooseAlgorithm"); + var createRequestErrorConfirmDialogue = document.getElementById("createRequestErrorConfirmDialogue"); + var createRequestErrorConnectDevice = document.getElementById("createRequestErrorConnectDevice"); + var createRequestError = document.getElementById("createRequestError"); + var invalidKeySizeError = document.getElementById("invalidKeySizeError"); + var unsupportedPlatformError = document.getElementById("unsupportedPlatformError"); + + + /// Initialise the CertEnroll code (Vista and higher) + /// returns false if initialisation fails + var initCertEnroll = function () { + var factory = null; + var providerList = null; + var cspStats = null; + + // Try to initialise the ActiveX element. Requires permissions by the user + try { + factory = new ActiveXObject( + "X509Enrollment.CX509EnrollmentWebClassFactory"); + if (!factory) { + throw { + name: "NoObjectError", + message: "Got null at object creation" + }; + } + + // also try to create a useless object here so the library gets + // initialised and we don't need to check everytime later + factory.CreateObject("X509Enrollment.CObjectId"); + + form.style.display = ""; + noActiveX.style.display = "none"; + } catch (e) { + return false; + } + + + /// Get the selected provider + var getProvider = function () { + var providerIndex = provider.options[provider.selectedIndex].value; + return providerList.ItemByIndex(providerIndex); + } + + + /// Get the selected algorithm + var getAlgorithm = function () { + var algorithmIndex = algorithm.options[algorithm.selectedIndex].value; + return alg = cspStats.ItemByIndex(algorithmIndex).CspAlgorithm; + } + + + /// Get the selected key size + var getKeySize = function () { + var alg = getAlgorithm(); + + var bits = parseInt(keySize.value, 10); + if ( bits < alg.MinLength || bits > alg.MaxLength || + (alg.IncrementLength && + (bits - alg.MinLength) % alg.IncrementLength !== 0) + ) + { + return false; + } + + return bits; + } + + + /// Fill the key size list + var getKeySizeList = function () { + if (!cspStats) { + return false; + } + + var alg = getAlgorithm(); + + // HTML5 attributes + keySize.setAttribute("min", alg.MinLength); + keySize.setAttribute("max", alg.MaxLength); + keySize.setAttribute("step", alg.IncrementLength); + keySize.setAttribute("value", alg.DefaultLength); + keySize.value = ""+alg.DefaultLength; + + // ugly, but buggy otherwise if done with text nodes + keySizeMin.innerHTML = alg.MinLength; + keySizeMax.innerHTML = alg.MaxLength; + keySizeStep.innerHTML = alg.IncrementLength; + + return true; + } + + + /// Fill the algorithm list + var getAlgorithmList = function () { + var i; + + if (!providerList) { + return false; + } + + var csp = getProvider(); + + cspStats = providerList.GetCspStatusesFromOperations( + 0x1c, //XCN_NCRYPT_ANY_ASYMMETRIC_OPERATION + //0x10, //XCN_NCRYPT_SIGNATURE_OPERATION + //0x8, //XCN_NCRYPT_SECRET_AGREEMENT_OPERATION + //0x4, //XCN_NCRYPT_ASYMMETRIC_ENCRYPTION_OPERATION + csp + ); + + removeChildren(algorithm); + for (i = 0; i < cspStats.Count; i++) { + var alg = cspStats.ItemByIndex(i).CspAlgorithm; + algorithm.appendChild(option(alg.Name, i)); + } + + return getKeySizeList(); + } + + + /// Fill the crypto provider list + var getProviderList = function () { + var i; + + var csps = factory.CreateObject("X509Enrollment.CCspInformations"); + + // Get provider information + csps.AddAvailableCsps(); + + removeChildren(provider); + + for (i = 0; i < csps.Count; i++) { + var csp = csps.ItemByIndex(i); + provider.appendChild(option(csp.Name, i)); + } + + providerList = csps; + + return getAlgorithmList(); + } + + + /// Generate a key and create and submit the actual CSR + var createCSR = function () { + var providerName, algorithmOid, bits; + + var level = securityLevel.options[securityLevel.selectedIndex]; + if (level.value === "custom") { + providerName = getProvider().Name; + var alg = getAlgorithm(); + algorithmOid = alg.GetAlgorithmOid(0, 0) + bits = getKeySize(); + if (!bits) { + window.alert(invalidKeySizeError.innerHTML); + return false; + } + + } else { + + providerName = "Microsoft Software Key Storage Provider"; + + algorithmOid = factory.CreateObject("X509Enrollment.CObjectId"); + algorithmOid.InitializeFromValue("1.2.840.113549.1.1.1"); // RSA + //"1.2.840.10040.4.1" == DSA + //"1.2.840.10046.2.1" == DH + + if (level.value === "high") { + bits = 4096; + } else { // medium + bits = 2048; + } + } + + + var privateKey = factory.CreateObject("X509Enrollment.CX509PrivateKey"); + privateKey.ProviderName = providerName; + privateKey.Algorithm = algorithmOid; + privateKey.Length = bits; + privateKey.KeyUsage = 0xffffff; // XCN_NCRYPT_ALLOW_ALL_USAGES + + var request = factory.CreateObject( + "X509Enrollment.CX509CertificateRequestPkcs10"); + request.InitializeFromPrivateKey( + 1, // ContextUser + privateKey, + "" // don't use a template + ); + + var enroll = factory.CreateObject("X509Enrollment.CX509Enrollment"); + enroll.InitializeFromRequest(request); + + generatingKeyNotice.style.display = ""; + + + // The request needs to be created after we return so the "please wait" + // message gets rendered + var createCSRHandler = function () { + try { + csr.value = enroll.CreateRequest(0x1); //XCN_CRYPT_STRING_BASE64 + form.submit(); + } catch (e) { + showError(createRequestErrorChooseAlgorithm.innerHTML, e); + } + + generatingKeyNotice.style.display = "none"; + } + + window.setTimeout(createCSRHandler, 0); + + // Always return false, form is submitted by deferred method + return false; + } + + + /// Call if securityLevel has changed + var refreshSecurityLevel = function () { + var level = securityLevel.options[securityLevel.selectedIndex]; + if (level.value === "custom") { + getProviderList(); + customSettings.style.display = ""; + } else { + customSettings.style.display = "none"; + } + } + + securityLevel.onchange = refreshSecurityLevel; + provider.onchange = getAlgorithmList; + algorithm.onchange = getKeySizeList; + genReq.onclick = createCSR; + + return true; + } // end of initCertEnroll() + + + /// Initialise Xenroll code (XP and lower) + /// returns false if initialisation fails + var initXEnroll = function () { + cenroll = null; + + providerTypes = Array( + 1, //PROV_RSA_FULL + 2, //PROV_RSA_SIG + 3, //PROV_DSS + 4, //PROV_FORTEZZA + 5, //PROV_MS_EXCHANGE + 6, //PROV_SSL + 12, //PROV_RSA_SCHANNEL + 13, //PROV_DSS_DH + 14, //PROV_EC_ECDSA_SIG + 15, //PROV_EC_ECNRA_SIG + 16, //PROV_EC_ECDSA_FULL + 17, //PROV_EC_ECNRA_FULL + 18, //PROV_DH_SCHANNEL + 20, //PROV_SPYRUS_LYNKS + 21, //PROV_RNG + 22, //PROV_INTEL_SEC + 23, //PROV_REPLACE_OWF + 24 //PROV_RSA_AES + ); + + algClasses = Array( + 1 << 13, //ALG_CLASS_SIGNATURE + //2 << 13, //ALG_CLASS_MSG_ENCRYPT + //3 << 13, //ALG_CLASS_DATA_ENCRYPT + //4 << 13, //ALG_CLASS_HASH + 5 << 13 //ALG_CLASS_KEY_EXCHANGE + ); + + // Try to initialise the ActiveX element. + try { + cenroll = new ActiveXObject("CEnroll.CEnroll"); + + if (!cenroll) { + throw { + name: "NoObjectError", + message: "Got null at object creation" + }; + } + + form.style.display = ""; + algorithm.disabled = true; + noActiveX.style.display = "none"; + } catch (e) { + return false; + } + + + /// Get the name of the selected provider + var getProviderName = function () { + return provider.options[provider.selectedIndex].text; + } + + + /// Get the type of the selected provider + var getProviderType = function () { + return parseInt(provider.options[provider.selectedIndex].value, 10); + } + + + var refreshProvider = function () { + cenroll.ProviderName = getProviderName(); + cenroll.ProviderType = getProviderType(); + } + + + /// Get the ID of the selected algorithm + var getAlgorithmId = function () { + return parseInt( + algorithm.options[algorithm.selectedIndex].value, 10); + } + + + /// Minimum bit length for exchange keys + var getMinExKeyLength = function () { + refreshProvider(); + + try { + return cenroll.GetKeyLen(true, true); + } catch (e) { + return false; + } + } + + + /// Maximum bit length for exchange keys + var getMaxExKeyLength = function () { + refreshProvider(); + + try { + return cenroll.GetKeyLen(false, true); + } catch (e) { + return false; + } + } + + + /// Step size for exchange keys + /// This might not be available on older platforms + var getStepExKeyLength = function () { + refreshProvider(); + + try { + return cenroll.GetKeyLenEx(3, 1); + } catch (e) { + return false; + } + } + + + /// Minimum bit length for signature keys + var getMinSigKeyLength = function () { + refreshProvider(); + + try { + return cenroll.GetKeyLen(true, false); + } catch (e) { + return false; + } + } + + + /// Maximum bit length for signature keys + var getMaxSigKeyLength = function () { + refreshProvider(); + + try { + return cenroll.GetKeyLen(false, false); + } catch (e) { + return false; + } + } + + + /// Step size for signature keys + /// This might not be available on older platforms + var getStepSigKeyLength = function () { + refreshProvider(); + + try { + return cenroll.GetKeyLenEx(3, 2); + } catch (e) { + return false; + } + } + + + /// Get the selected key size + var getKeySize = function () { + var bits = parseInt(keySize.value, 10); + if ( bits < getMinSigKeyLength() || bits > getMaxSigKeyLength() || + (getStepSigKeyLength() && + (bits - getMinSigKeyLength()) % + getStepSigKeyLength() !== 0) + ) + { + return false; + } + + return bits; + } + + + var getKeySizeLimits = function () { + // HTML5 attributes + keySize.setAttribute("min", getMinSigKeyLength()); + keySize.setAttribute("max", getMaxSigKeyLength()); + if (getStepSigKeyLength()) { + keySize.setAttribute("step", getStepSigKeyLength()); + } + + // ugly, but buggy otherwise if done with text nodes + keySizeMin.innerHTML = getMinSigKeyLength(); + keySizeMax.innerHTML = getMaxSigKeyLength(); + keySizeStep.innerHTML = getStepSigKeyLength(); + + if (getMinSigKeyLength() === getMaxSigKeyLength()) { + keySize.value = getMaxSigKeyLength(); + } + + return true; + } + + + /// Fill the algorithm selection box + var getAlgorithmList = function () { + var i, j; + + refreshProvider(); + + removeChildren(algorithm); + + for (i = 0; i < algClasses.length; ++i) { + for (j = 0; true; ++j) { + try { + var algId = cenroll.EnumAlgs(j, algClasses[i]); + var algName = cenroll.GetAlgName(algId); + algorithm.appendChild(option(algName, algId)); + } catch (e) { + break; + } + } + } + + getKeySizeLimits(); + } + + + /// Fill the provider selection box + var getProviderList = function () { + var i, j; + + removeChildren(provider); + + for (i = 0; i < providerTypes.length; ++i) { + cenroll.providerType = providerTypes[i]; + + var providerName = "invalid"; + for (j = 0; true; ++j) { + try { + providerName = cenroll.enumProviders(j, 0); + provider.appendChild( + option(providerName, providerTypes[i])); + } catch (e) { + break; + } + } + } + + return getAlgorithmList(); + } + + + var createCSR = function () { + var providerName, bits; + + var level = securityLevel.options[securityLevel.selectedIndex]; + if (level.value === "custom") { + + refreshProvider(); + + bits = getKeySize(); + if (bits === false) { + window.alert(invalidKeySizeError.innerHTML); + return false; + } + + } else { + + cenroll.ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0"; + cenroll.ProviderType = 1; //PROV_RSA_FULL + + if (level.value === "high") { + bits = 4096; + } else { // medium + bits = 2048; + } + } + + cenroll.GenKeyFlags = bits << 16; // keysize is encoded in the uper 16 bits + //cenroll.GenKeyFlags = cenroll.GenKeyFlags | 0x1; //CRYPT_EXPORTABLE + + generatingKeyNotice.style.display = ""; + + + // The request needs to be created after we return so the "please wait" + // message gets rendered + var createCSRHandler = function () { + try { + csr.value = cenroll.createPKCS10("", "1.3.6.1.5.5.7.3.2"); + form.submit(); + } catch (e) { + if (e.number === -2147023673) { + // 0x800704c7 => dialogue declined + showError(createRequestErrorConfirmDialogue.innerHTML, e); + } else if (e.number === -2146435043) { + // 0x8010001d => crypto-device not connected + showError(createRequestErrorConnectDevice.innerHTML, e); + } else { + showError(createRequestError.innerHTML, e); + } + } + + generatingKeyNotice.style.display = "none"; + cenroll.Reset(); + } + + window.setTimeout(createCSRHandler, 0); + + // Always return false, form is submitted by deferred method + return false; + } + + + /// Call if securityLevel has changed + var refreshSecurityLevel = function () { + var level = securityLevel.options[securityLevel.selectedIndex]; + if (level.value === "custom") { + getProviderList(); + customSettings.style.display = ""; + } else { + customSettings.style.display = "none"; + } + } + + securityLevel.onchange = refreshSecurityLevel; + provider.onchange = getAlgorithmList; + algorithm.onchange = getKeySizeLimits; + genReq.onclick = createCSR; + + return true; + }; + + + // Run the init functions until one is successful + if (initCertEnroll()) { + form.style.display = ""; + noActiveX.style.display = "none"; + } else if (initXEnroll()) { + form.style.display = ""; + noActiveX.style.display = "none"; + } else { + window.alert(unsupportedPlatformError.innerHTML); + } +} (); diff --git a/www/policy/PrivacyPolicy.html b/www/policy/PrivacyPolicy.html index 6670e92..8aa0837 100644 --- a/www/policy/PrivacyPolicy.html +++ b/www/policy/PrivacyPolicy.html @@ -105,8 +105,8 @@ Governmental warrants and civil supoenas will be processed through the dispute r <p>If you need to contact us in writing, address your mail to:</p> <p> CAcert Inc.<br> -P.O. Box 4107<br> -Denistone East NSW 2112<br> +PO Box 66 <br> +Oatley NSW 2223<br> Australia </p> diff --git a/www/robots.txt b/www/robots.txt new file mode 100644 index 0000000..6ffbc30 --- /dev/null +++ b/www/robots.txt @@ -0,0 +1,3 @@ +User-agent: * +Disallow: / + diff --git a/www/stats.php b/www/stats.php index 93f693e..1599e17 100644 --- a/www/stats.php +++ b/www/stats.php @@ -1,268 +1,160 @@ -<? /*
- LibreSSL - CAcert web application
- Copyright (C) 2004-2008 CAcert Inc.
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; version 2 of the License.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/
- define('MAX_CACHE_TTL', 36000);
-
- loadem("index");
- showheader(_("Welcome to CAcert.org"));
-
- function tc($sql)
- {
- $row = mysql_fetch_assoc($sql);
- return($row['count']);
- }
-
- /**
- * writes new data to cache, create cache or update existing cache, set current
- * time stamp
- * @return boolean
- */
- function updateCache($stats) {
- $sql = 'insert into statscache (timestamp, cache) values ("' . time() . '", ' .
- '"' . mysql_real_escape_string(serialize($stats)) . '")';
- mysql_query($sql);
- }
-
- /**
- * get statistics data from current cache, return result of getDataFromLive if no cache file exists
- * @return array
- */
- function getData() {
- $sql = 'select * from statscache order by timestamp desc limit 1';
- $res = mysql_query($sql);
- if ($res && mysql_numrows($res) > 0) {
- $ar = mysql_fetch_assoc($res);
- $stats = unserialize($ar['cache']);
- $stats['timestamp'] = $ar['timestamp'];
- if ($ar['timestamp'] + MAX_CACHE_TTL < time())
- {
- $stats=getDataFromLive();
- updateCache($stats);
- }
- return $stats;
- }
- $stats=getDataFromLive();
- updateCache($stats);
- return $stats;
- }
-
- /**
- * get statistics data from live tables, takes a long time so please try to use the
- * cache
- * @return array
- */
- function getDataFromLive() {
- $stats = array();
- $stats['verified_users'] = number_format(tc(mysql_query("select count(`id`) as `count` from `users` where `verified`=1")));
- $stats['verified_emails'] = number_format(tc(mysql_query("select count(`id`) as `count` from `email` where `hash`='' and `deleted`=0")));
- $stats['verified_domains'] = number_format(tc(mysql_query("select count(`id`) as `count` from `domains` where `hash`='' and `deleted`=0")));
- $certs = tc(mysql_query("select count(`id`) as `count` from `domaincerts`"));
- $certs += tc(mysql_query("select count(`id`) as `count` from `emailcerts`"));
- $certs += tc(mysql_query("select count(`id`) as `count` from `gpg`"));
- $certs += tc(mysql_query("select count(`id`) as `count` from `orgdomaincerts`"));
- $certs += tc(mysql_query("select count(`id`) as `count` from `orgemailcerts`"));
- $stats['verified_certificates'] = number_format($certs);
- $certs = tc(mysql_query("select count(`id`) as `count` from `domaincerts` where `revoked`=0 and `expire`>NOW()"));
- $certs += tc(mysql_query("select count(`id`) as `count` from `emailcerts` where `revoked`=0 and `expire`>NOW()"));
- $certs += tc(mysql_query("select count(`id`) as `count` from `gpg` where `expire`<=NOW()"));
- $certs += tc(mysql_query("select count(`id`) as `count` from `orgdomaincerts` where `revoked`=0 and `expire`>NOW()"));
- $certs += tc(mysql_query("select count(`id`) as `count` from `orgemailcerts` where `revoked`=0 and `expire`>NOW()"));
- $stats['valid_certificates'] = number_format($certs);
- $stats['assurances_made'] = number_format(tc(mysql_query("select count(`id`) as `count` from `notary`")));
- $stats['users_1to49'] = number_format(mysql_num_rows(mysql_query("select `to` from `notary` group by `to` having sum(`points`) > 0 and sum(`points`) < 50")));
- $stats['users_50to99'] = number_format(mysql_num_rows(mysql_query("select `to` from `notary` group by `to` having sum(`points`) >= 50 and sum(`points`) < 100")));
- $stats['assurer_candidates'] = number_format(tc(mysql_query("select count(*) as `count` from `users` where ".
- "not exists(select 1 from `cats_passed` as `cp`, `cats_variant` as `cv` where `cp`.`user_id`=`users`.`id` and `cp`.`variant_id`=`cv`.`id` and `cv`.`type_id`=1) and ".
- "(select sum(`points`) from `notary` where `to`=`users`.`id`) >= 100")));
- $stats['aussurers_with_test'] = number_format(tc(mysql_query("select count(*) as `count` from `users` where ".
- "exists(select 1 from `cats_passed` as `cp`, `cats_variant` as `cv` where `cp`.`user_id`=`users`.`id` and `cp`.`variant_id`=`cv`.`id` and `cv`.`type_id`=1) and ".
- "(select sum(`points`) from `notary` where `to`=`users`.`id`) >= 100")));
- $stats['points_issued'] = number_format(tc(mysql_query("select sum(`points`) as `count` from `notary`")));
-
- $totalusers=0;
- $totassurers=0;
- $totalcerts=0;
- for($i = 0; $i < 12; $i++) {
- $tmp_arr = array();
- $tmp_arr['date'] = date("Y-m", mktime(0,0,0,date("m") - $i,1,date("Y")));
- $date = date("Y-m", mktime(0,0,0,date("m") - $i,1,date("Y")));
- $totalusers += $users = tc(mysql_query("select count(`id`) as `count` from `users` where `created` like '$date%' and `verified`=1"));
- $totassurers += $assurers = mysql_num_rows(mysql_query("select `to` from `notary` where `when` like '$date%' and `method`!='Administrative Increase' group by `to` having sum(`points`) >= 100"));
- $certs = tc(mysql_query("select count(`id`) as `count` from `domaincerts` where `created` like '$date%'"));
- $certs += tc(mysql_query("select count(`id`) as `count` from `emailcerts` where `created` like '$date%'"));
- $certs += tc(mysql_query("select count(`id`) as `count` from `gpg` where `issued` like '$date%'"));
- $certs += tc(mysql_query("select count(`id`) as `count` from `orgdomaincerts` where `created` like '$date%'"));
- $certs += tc(mysql_query("select count(`id`) as `count` from `orgemailcerts` where `created` like '$date%'"));
- $totalcerts += $certs;
-
- $tmp_arr['new_users'] = number_format($users);
- $tmp_arr['new_assurers'] = number_format($assurers);
- $tmp_arr['new_certificates'] = number_format($certs);
-
- $stats['growth_last_12m'][] = $tmp_arr;
- }
- $stats['growth_last_12m_total'] = array('new_users' => number_format($totalusers),
- 'new_assurers' => number_format($totassurers),
- 'new_certificates' => number_format($totalcerts));
-
- $totalcerts = 0;
- $totalusers = 0;
- $totassurers = 0;
- for($i = date("Y"); $i >= 2002; $i--) {
- $tmp_arr = array();
- $tmp_arr['date'] = $i;
- $totalusers += $users = tc(mysql_query("select count(`id`) as `count` from `users` where `created` like '$i%' and `verified`=1"));
- $totassurers += $assurers = mysql_num_rows(mysql_query("select `to` from `notary` where `when` like '$i%' and `method`!='Administrative Increase' group by `to` having sum(`points`) >= 100"));
- $certs = tc(mysql_query("select count(`id`) as `count` from `domaincerts` where `created` like '$i%'"));
- $certs += tc(mysql_query("select count(`id`) as `count` from `emailcerts` where `created` like '$i%'"));
- $certs += tc(mysql_query("select count(`id`) as `count` from `gpg` where `issued` like '$i%'"));
- $certs += tc(mysql_query("select count(`id`) as `count` from `orgdomaincerts` where `created` like '$i%'"));
- $certs += tc(mysql_query("select count(`id`) as `count` from `orgemailcerts` where `created` like '$i%'"));
- $totalcerts += $certs;
-
- $tmp_arr['new_users'] = number_format($users);
- $tmp_arr['new_assurers'] = number_format($assurers);
- $tmp_arr['new_certificates'] = number_format($certs);
-
- $stats['growth_last_years'][] = $tmp_arr;
- }
- $stats['growth_last_years_total'] = array('new_users' => number_format($totalusers),
- 'new_assurers' => number_format($totassurers),
- 'new_certificates' => number_format($totalcerts));
-
- return $stats;
- }
-
- $stats = getData();
-?>
-<h1>CAcert.org <?=_("Statistics")?></h1>
-
-<table align="center" border="0" cellspacing="0" cellpadding="0" class="wrapper">
- <tr>
- <td colspan="2" class="title">CAcert.org <?=_("Statistics")?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Verified Users")?>:</td>
- <td class="DataTD"><?=$stats['verified_users'];?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Verified Emails")?>:</td>
- <td class="DataTD"><?=$stats['verified_emails'];?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Verified Domains")?>:</td>
- <td class="DataTD"><?=$stats['verified_domains'];?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Certificates Issued")?>:</td>
- <td class="DataTD"><?=$stats['verified_certificates'];?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Valid Certificates")?>:</td>
- <td class="DataTD"><?=$stats['valid_certificates'];?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Assurances Made")?>:</td>
- <td class="DataTD"><?=$stats['assurances_made'];?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Users with 1-49 Points")?>:</td>
- <td class="DataTD"><?=$stats['users_1to49'];?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Users with 50-99 Points")?>:</td>
- <td class="DataTD"><?=$stats['users_50to99'];?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Assurer Candidates")?>:</td>
- <td class="DataTD"><?=$stats['assurer_candidates'];?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Assurers with test")?>:</td>
- <td class="DataTD"><?=$stats['aussurers_with_test'];?></td>
- </tr>
- <tr>
- <td class="DataTD"><?=_("Points Issued")?>:</td>
- <td class="DataTD"><?=$stats['points_issued'];?></td>
- </tr>
-</table>
-<br>
-<table align="center" border="0" cellspacing="0" cellpadding="0" class="wrapper">
- <tr>
- <td colspan="4" class="title">CAcert.org <?=_("Growth in the last 12 months")?></td>
- </tr>
- <tr>
- <td class="DataTD"><b><?=_("Date")?></b>
- <td class="DataTD"><b><?=_("New Users")?></b>
- <td class="DataTD"><b><?=_("New Assurers")?></b>
- <td class="DataTD"><b><?=_("New Certificates")?></b>
- </tr>
-<?
- for($i = 0; $i < 12; $i++) {
-?>
- <tr>
- <td class="DataTD"><?=$stats['growth_last_12m'][$i]['date'];?></td>
- <td class="DataTD"><?=$stats['growth_last_12m'][$i]['new_users'];?></td>
- <td class="DataTD"><?=$stats['growth_last_12m'][$i]['new_assurers'];?></td>
- <td class="DataTD"><?=$stats['growth_last_12m'][$i]['new_certificates'];?></td>
- </tr>
-<? } ?>
- <tr>
- <td class="DataTD">N/A</td>
- <td class="DataTD"><?=$stats['growth_last_12m_total']['new_users'];?></td>
- <td class="DataTD"><?=$stats['growth_last_12m_total']['new_assurers'];?></td>
- <td class="DataTD"><?=$stats['growth_last_12m_total']['new_certificates'];?></td>
- </tr>
-</table>
-<br>
-<table align="center" border="0" cellspacing="0" cellpadding="0" class="wrapper">
- <tr>
- <td colspan="4" class="title">CAcert.org <?=_("Growth by year")?></td>
- </tr>
- <tr>
- <td class="DataTD"><b><?=_("Date")?></b>
- <td class="DataTD"><b><?=_("New Users")?></b>
- <td class="DataTD"><b><?=_("New Assurers")?></b>
- <td class="DataTD"><b><?=_("New Certificates")?></b>
- </tr>
-<?
- for($i = 0; $i < count($stats['growth_last_years']); $i++) {
-?>
- <tr>
- <td class="DataTD"><?=$stats['growth_last_years'][$i]['date'];?></td>
- <td class="DataTD"><?=$stats['growth_last_years'][$i]['new_users'];?></td>
- <td class="DataTD"><?=$stats['growth_last_years'][$i]['new_assurers'];?></td>
- <td class="DataTD"><?=$stats['growth_last_years'][$i]['new_certificates'];?></td>
- </tr>
-<? } ?>
- <tr>
- <td class="DataTD">N/A</td>
- <td class="DataTD"><?=$stats['growth_last_years_total']['new_users'];?></td>
- <td class="DataTD"><?=$stats['growth_last_years_total']['new_assurers'];?></td>
- <td class="DataTD"><?=$stats['growth_last_years_total']['new_certificates'];?></td>
- </tr>
-</table>
-<br>
-<?php
- if (isset($stats['timestamp'])) {
-?>
-<div style="text-align: center;font-size: small;"><?=_("Statistical data from cache, created at ") . date('Y-m-d H:i:s', $stats['timestamp']);?></div>
-<?php
- }
-?>
-<? showfooter(); ?>
-
+<? /* + LibreSSL - CAcert web application + Copyright (C) 2004-2008 CAcert Inc. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA +*/ + + loadem("index"); + showheader(_("Welcome to CAcert.org")); + + /** + * get statistics data from current cache, return result of getDataFromLive if no cache file exists + * @return array + */ + function getData() { + $sql = 'select * from `statscache` order by `timestamp` desc limit 1'; + $res = mysql_query($sql); + if ($res && mysql_numrows($res) > 0) { + $ar = mysql_fetch_assoc($res); + $stats = unserialize($ar['cache']); + $stats['timestamp'] = $ar['timestamp']; + return $stats; + } + + return null; + } + + $stats = getData(); + if ($stats === null) { + echo '<p>', _("Error while retrieving the statistics!"), '</p>'; + showfooter(); + die(); + } +?> +<h1>CAcert.org <?=_("Statistics")?></h1> + +<table align="center" border="0" cellspacing="0" cellpadding="0" class="wrapper"> + <tr> + <td colspan="2" class="title">CAcert.org <?=_("Statistics")?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Verified Users")?>:</td> + <td class="DataTD"><?=$stats['verified_users'];?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Verified Emails")?>:</td> + <td class="DataTD"><?=$stats['verified_emails'];?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Verified Domains")?>:</td> + <td class="DataTD"><?=$stats['verified_domains'];?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Certificates Issued")?>:</td> + <td class="DataTD"><?=$stats['verified_certificates'];?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Valid Certificates")?>:</td> + <td class="DataTD"><?=$stats['valid_certificates'];?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Assurances Made")?>:</td> + <td class="DataTD"><?=$stats['assurances_made'];?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Users with 1-49 Points")?>:</td> + <td class="DataTD"><?=$stats['users_1to49'];?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Users with 50-99 Points")?>:</td> + <td class="DataTD"><?=$stats['users_50to99'];?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Assurer Candidates")?>:</td> + <td class="DataTD"><?=$stats['assurer_candidates'];?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Assurers with test")?>:</td> + <td class="DataTD"><?=$stats['aussurers_with_test'];?></td> + </tr> + <tr> + <td class="DataTD"><?=_("Points Issued")?>:</td> + <td class="DataTD"><?=$stats['points_issued'];?></td> + </tr> +</table> +<br> +<table align="center" border="0" cellspacing="0" cellpadding="0" class="wrapper"> + <tr> + <td colspan="4" class="title">CAcert.org <?=_("Growth in the last 12 months")?></td> + </tr> + <tr> + <td class="DataTD"><b><?=_("Date")?></b> + <td class="DataTD"><b><?=_("New Users")?></b> + <td class="DataTD"><b><?=_("New Assurers")?></b> + <td class="DataTD"><b><?=_("New Certificates")?></b> + </tr> +<? + for($i = 0; $i < 12; $i++) { +?> + <tr> + <td class="DataTD"><?=$stats['growth_last_12m'][$i]['date'];?></td> + <td class="DataTD"><?=$stats['growth_last_12m'][$i]['new_users'];?></td> + <td class="DataTD"><?=$stats['growth_last_12m'][$i]['new_assurers'];?></td> + <td class="DataTD"><?=$stats['growth_last_12m'][$i]['new_certificates'];?></td> + </tr> +<? } ?> + <tr> + <td class="DataTD"><?=_("Total")?></td> + <td class="DataTD"><?=$stats['growth_last_12m_total']['new_users'];?></td> + <td class="DataTD"><?=$stats['growth_last_12m_total']['new_assurers'];?></td> + <td class="DataTD"><?=$stats['growth_last_12m_total']['new_certificates'];?></td> + </tr> +</table> +<br> +<table align="center" border="0" cellspacing="0" cellpadding="0" class="wrapper"> + <tr> + <td colspan="4" class="title">CAcert.org <?=_("Growth by year")?></td> + </tr> + <tr> + <td class="DataTD"><b><?=_("Date")?></b> + <td class="DataTD"><b><?=_("New Users")?></b> + <td class="DataTD"><b><?=_("New Assurers")?></b> + <td class="DataTD"><b><?=_("New Certificates")?></b> + </tr> +<? + for($i = 0; $i < count($stats['growth_last_years']); $i++) { +?> + <tr> + <td class="DataTD"><?=$stats['growth_last_years'][$i]['date'];?></td> + <td class="DataTD"><?=$stats['growth_last_years'][$i]['new_users'];?></td> + <td class="DataTD"><?=$stats['growth_last_years'][$i]['new_assurers'];?></td> + <td class="DataTD"><?=$stats['growth_last_years'][$i]['new_certificates'];?></td> + </tr> +<? } ?> + <tr> + <td class="DataTD"><?=_("Total")?></td> + <td class="DataTD"><?=$stats['growth_last_years_total']['new_users'];?></td> + <td class="DataTD"><?=$stats['growth_last_years_total']['new_assurers'];?></td> + <td class="DataTD"><?=$stats['growth_last_years_total']['new_certificates'];?></td> + </tr> +</table> +<br> + +<div style="text-align: center;font-size: small;"><? + printf(_("Last updated: %s"), date('Y-m-d H:i:s', $stats['timestamp']));?> +</div> + +<? showfooter(); ?> + diff --git a/www/styles/default.css b/www/styles/default.css index 9fdd85c..72d8084 100644 --- a/www/styles/default.css +++ b/www/styles/default.css @@ -19,7 +19,7 @@ body{ /******* hyperlink and anchor tag styles *******/ a:link, a:visited { - color: #005FA9; + color: #a90000; text-decoration: none; } @@ -31,14 +31,14 @@ a:hover { h1{ font: bold 120% Arial,sans-serif; - color: #334d55; + color: #550000; margin: 0px; padding: 0px; } h2{ font: bold 114% Arial,sans-serif; - color: #006699; + color: #990000; margin: 0px; padding: 0px; } @@ -248,7 +248,7 @@ a.glink, a.glink:visited { font-weight: bold; margin: 0px; padding: 2px 5px 4px 5px; - border-right: 1px solid #8FB8BC; + border-right: 1px solid #BC8F8F; } a.glink:hover { @@ -362,7 +362,7 @@ a.glink:hover { } #breadCrumb a:hover { - color: #005FA9; + color: #A90000; text-decoration: underline; } @@ -409,7 +409,7 @@ a.glink:hover { .story a.capsule{ font: bold 1em Arial,sans-serif; - color: #005FA9; + color: #A90000; display:block; padding-bottom: 5px; } @@ -453,12 +453,12 @@ td.storyLeft{ background-image: url("siteimages/bg_nav.jpg"); font-weight: bold; padding: 3px 0px 3px 10px; - color: #21536A; + color: #6A2121; } #sectionLinks a:hover { border-top: 1px solid #cccccc; - background-color: #DDEEFF; + background-color: #FFDDDD; background-image: none; font-weight: bold; text-decoration: none; @@ -586,7 +586,7 @@ td.greytxt { } .ac_highlight { - background-color:#3366cc; + background-color:#cc3333; color:white; cursor:pointer; } diff --git a/www/tverify/seclayer.php b/www/tverify/seclayer.php deleted file mode 100644 index 50c7fb2..0000000 --- a/www/tverify/seclayer.php +++ /dev/null @@ -1,27 +0,0 @@ -<? /* - LibreSSL - CAcert web application - Copyright (C) 2004-2008 CAcert Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -*/ ?> -<html> - <head> - <title>SecurityLayer Result</title> - </head> - <body> - <h1>User: <?=htmlspecialchars($_REQUEST['user'])?></h1> - The following is the result that your signature card has sent to CAcert. At this point, CAcert would have to parse the result and verify the signature, but this hasn't been implemented yet. Our developers might ask you to send them this data. But please be careful, since it contains your personal data! - <pre><?=htmlspecialchars($_REQUEST['XMLResponse'])?></pre> - </body> - </html> diff --git a/www/wot.php b/www/wot.php index c6c0568..6e2099e 100644 --- a/www/wot.php +++ b/www/wot.php @@ -240,7 +240,7 @@ $iecho= "c"; if($oldid == 6) { - $max = maxpoints(); + $max = max_points($_SESSION['profile']['id']); $awarded = $newpoints = intval($_POST['points']); if($newpoints > $max) |
