diff options
Diffstat (limited to 'includes')
-rw-r--r-- | includes/account.php | 1 | ||||
-rw-r--r-- | includes/general.php | 35 | ||||
-rw-r--r-- | includes/keygen.php | 128 | ||||
-rw-r--r-- | includes/lib/general.php | 31 | ||||
-rw-r--r-- | includes/wot.inc.php | 2 |
5 files changed, 166 insertions, 31 deletions
diff --git a/includes/account.php b/includes/account.php index 4faa0e5..052e806 100644 --- a/includes/account.php +++ b/includes/account.php @@ -422,6 +422,7 @@ `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()), `subject`='".mysql_real_escape_string($csrsubject)."', `codesign`='".$_SESSION['_config']['codesign']."', + `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."', `rootcert`='".$_SESSION['_config']['rootcert']."'"; mysql_query($query); $emailid = mysql_insert_id(); diff --git a/includes/general.php b/includes/general.php index 3478dd4..d762586 100644 --- a/includes/general.php +++ b/includes/general.php @@ -15,6 +15,9 @@ along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ + + require_once(dirname(__FILE__)."/lib/general.php"); + session_name("cacert"); session_start(); @@ -725,37 +728,7 @@ return($text); } - // returns 0 if $userID is an Assurer - // Otherwise : - // Bit 0 is always set - // Bit 1 is set if 100 Assurance Points are not reached - // Bit 2 is set if Assurer Test is missing - // Bit 3 is set if the user is not allowed to be an Assurer (assurer_blocked > 0) - function get_assurer_status($userID) - { - $Result = 0; - $query = mysql_query('SELECT * FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` '. - ' WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = \''.(int)intval($userID).'\''); - if(mysql_num_rows($query) < 1) - { - $Result |= 5; - } - - $query = mysql_query('SELECT SUM(`points`) AS `points` FROM `notary` AS `n` WHERE `n`.`to` = \''.(int)intval($userID).'\' AND `n`.`expire` < now()'); - $row = mysql_fetch_assoc($query); - if ($row['points'] < 100) { - $Result |= 3; - } - - $query = mysql_query('SELECT `assurer_blocked` FROM `users` WHERE `id` = \''.(int)intval($userID).'\''); - $row = mysql_fetch_assoc($query); - if ($row['assurer_blocked'] > 0) { - $Result |= 9; - } - - return $Result; - } - + // returns text message to be shown to the user given the result of is_no_assurer function no_assurer_text($Status) { diff --git a/includes/keygen.php b/includes/keygen.php new file mode 100644 index 0000000..09ec7f9 --- /dev/null +++ b/includes/keygen.php @@ -0,0 +1,128 @@ +<? /* + LibreSSL - CAcert web application + Copyright (C) 2004-2011 CAcert Inc. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA +*/ + +if (array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?> + + <noscript> + <p><?=_('You have to enable JavaScript to generate certificates in the browser.')?></p> + <p><?=_('If you don\'t want to do that for any reason, you can use '. + 'manually created certificate requests instead.')?></p> + </noscript> + + <div id="noActiveX" style="color:red"> + <p><?=_('Could not initialize ActiveX object required for certificate generation.')?></p> + <p><?=_('You have to enable ActiveX for this to work. On Windows Vista, Windows 7 and '. + 'later versions you have to add this website to the list of trusted sites '. + 'in the internet settings.')?></p> + <p><?php + printf(_('Go to "Extras -> Internet Options -> Security -> Trusted '. + 'Websites", click on "Custom Level", set "ActiveX control '. + 'elements that are not marked as safe initialized on start in '. + 'scripts" to "Confirm" and click "OK". Now click "Sites", add '. + '"%s" and "%s" to your list of trusted sites and make the '. + 'changes come into effect by clicking "Close" and "OK".'), + 'https://'.$_SESSION['_config']['normalhostname'], + 'https://'.$_SESSION['_config']['securehostname'])?> + </p> + </div> + + <form method="post" style="display:none" action="account.php" + id="CertReqForm"> + <input type="hidden" name="oldid" value="<?=intval($id)?>" /> + <input type="hidden" id="CSR" name="CSR" /> + <input type="hidden" name="keytype" value="MS" /> + + <p><?=_('Security level')?>: + <select id="SecurityLevel"> + <option value="high" selected="selected"><?=_('High')?></option> + <option value="medium"><?=_('Medium')?></option> + <option value="custom"><?=_('Custom')?>…</option> + </select> + </p> + + <fieldset id="customSettings" style="display:none"> + <legend><?=_('Custom Parameters')?></legend> + + <p><?=_('Cryptography Provider')?>: + <select id="CspProvider"></select> + </p> + <p><?=_('Algorithm')?>: <select id="algorithm"></select></p> + <p><?=_('Keysize')?>: + <input id="keySize" type="number" /> + <?=_('Minimum Size')?>: <span id="keySizeMin"></span>, + <?=_('Maximum Size')?>: <span id="keySizeMax"></span>, + <?php + // TRANSLATORS: this specifies the step between two valid key + // sizes. E.g. if the step is 512 and the minimum is 1024 and + // the maximum is 2048, then only 1024, 1536 and 2048 bits may + // be specified as key size. + echo _('Step')?>: <span id="keySizeStep"></span></p> + <p style="color:red"><?php + printf(_('Please note that RSA key sizes smaller than %d bit '. + 'will not be accepted by CAcert.'), + 1024)?> + </p> + </fieldset> + + <p><input type="submit" id="GenReq" name="GenReq" value="<?=_('Create Certificate')?>" /></p> + <p id="generatingKeyNotice" style="display:none"> + <?=_('Generating your key. Please wait')?>…</p> + </form> + + <!-- Error messages used in the JavaScript. Defined here so they can be + translated without passing the JavaScript code through PHP --> + <p id="createRequestErrorChooseAlgorithm" style="display:none"> + <?=_('Could not generate certificate request. Probably you need to '. + 'choose a different algorithm.')?> + </p> + <p id="createRequestErrorConfirmDialogue" style="display:none"> + <?=_('Could not generate certificate request. Please confirm the '. + 'dialogue if you are asked if you want to generate the key.')?> + </p> + <p id="createRequestErrorConnectDevice" style="display:none"> + <?=_('Could not generate certificate request. Please make sure the '. + 'cryptography device (e.g. the smartcard) is connected.')?> + </p> + <p id="createRequestError" style="display:none"> + <?=_('Could not generate certificate request.')?> + </p> + <p id="invalidKeySizeError" style="display:none"> + <?=_('You have specified an invalid key size')?> + </p> + <p id="unsupportedPlatformError" style="display:none"> + <?=_('Could not initialize the cryptographic module for your '. + 'platform. Currently we support Microsoft Windows XP, Vista '. + 'and 7. If you\'re using one of these platforms and see this '. + 'error message anyway you might have to enable ActiveX as '. + 'described in the red explanation text and accept loading of '. + 'the module.')?> + </p> + + <script type="text/javascript" src="keygenIE.js"></script> + +<? } else { ?> + <p> + <form method="post" action="account.php"> + <input type="hidden" name="keytype" value="NS"> + <?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>"> + + <input type="submit" name="submit" value="<?=_("Create Certificate Request")?>"> + <input type="hidden" name="oldid" value="<?=intval($id)?>"> + </form> + </p> +<? } diff --git a/includes/lib/general.php b/includes/lib/general.php index d91b24e..85b132d 100644 --- a/includes/lib/general.php +++ b/includes/lib/general.php @@ -130,3 +130,34 @@ function runCommand($command, $input = "", &$output = null, &$errors = true) { } } + // returns 0 if $userID is an Assurer + // Otherwise : + // Bit 0 is always set + // Bit 1 is set if 100 Assurance Points are not reached + // Bit 2 is set if Assurer Test is missing + // Bit 3 is set if the user is not allowed to be an Assurer (assurer_blocked > 0) + function get_assurer_status($userID) + { + $Result = 0; + $query = mysql_query('SELECT * FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` '. + ' WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = \''.(int)intval($userID).'\''); + if(mysql_num_rows($query) < 1) + { + $Result |= 5; + } + + $query = mysql_query('SELECT SUM(`points`) AS `points` FROM `notary` AS `n` WHERE `n`.`to` = \''.(int)intval($userID).'\' AND `n`.`expire` < now()'); + $row = mysql_fetch_assoc($query); + if ($row['points'] < 100) { + $Result |= 3; + } + + $query = mysql_query('SELECT `assurer_blocked` FROM `users` WHERE `id` = \''.(int)intval($userID).'\''); + $row = mysql_fetch_assoc($query); + if ($row['assurer_blocked'] > 0) { + $Result |= 9; + } + + return $Result; + } +
\ No newline at end of file diff --git a/includes/wot.inc.php b/includes/wot.inc.php index 1c36df0..9471bee 100644 --- a/includes/wot.inc.php +++ b/includes/wot.inc.php @@ -373,6 +373,8 @@ break; case 'Unknown': // to be revoked in the future? limit to max 50 pts? case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts? + case 'TTP-Assisted': // TTP assurances, limit to 35 + case 'TOPUP': // TOPUP to be delevoped in the future, limit to 30 case '': // to be revoked in the future? limit to max 50 pts? case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future? break; |