summaryrefslogtreecommitdiff
path: root/includes
diff options
context:
space:
mode:
Diffstat (limited to 'includes')
-rw-r--r--includes/account.php1
-rw-r--r--includes/general.php35
-rw-r--r--includes/keygen.php128
-rw-r--r--includes/lib/general.php31
-rw-r--r--includes/wot.inc.php2
5 files changed, 166 insertions, 31 deletions
diff --git a/includes/account.php b/includes/account.php
index 4faa0e5..052e806 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -422,6 +422,7 @@
`created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
`subject`='".mysql_real_escape_string($csrsubject)."',
`codesign`='".$_SESSION['_config']['codesign']."',
+ `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
`rootcert`='".$_SESSION['_config']['rootcert']."'";
mysql_query($query);
$emailid = mysql_insert_id();
diff --git a/includes/general.php b/includes/general.php
index 3478dd4..d762586 100644
--- a/includes/general.php
+++ b/includes/general.php
@@ -15,6 +15,9 @@
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
+
+ require_once(dirname(__FILE__)."/lib/general.php");
+
session_name("cacert");
session_start();
@@ -725,37 +728,7 @@
return($text);
}
- // returns 0 if $userID is an Assurer
- // Otherwise :
- // Bit 0 is always set
- // Bit 1 is set if 100 Assurance Points are not reached
- // Bit 2 is set if Assurer Test is missing
- // Bit 3 is set if the user is not allowed to be an Assurer (assurer_blocked > 0)
- function get_assurer_status($userID)
- {
- $Result = 0;
- $query = mysql_query('SELECT * FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` '.
- ' WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = \''.(int)intval($userID).'\'');
- if(mysql_num_rows($query) < 1)
- {
- $Result |= 5;
- }
-
- $query = mysql_query('SELECT SUM(`points`) AS `points` FROM `notary` AS `n` WHERE `n`.`to` = \''.(int)intval($userID).'\' AND `n`.`expire` < now()');
- $row = mysql_fetch_assoc($query);
- if ($row['points'] < 100) {
- $Result |= 3;
- }
-
- $query = mysql_query('SELECT `assurer_blocked` FROM `users` WHERE `id` = \''.(int)intval($userID).'\'');
- $row = mysql_fetch_assoc($query);
- if ($row['assurer_blocked'] > 0) {
- $Result |= 9;
- }
-
- return $Result;
- }
-
+
// returns text message to be shown to the user given the result of is_no_assurer
function no_assurer_text($Status)
{
diff --git a/includes/keygen.php b/includes/keygen.php
new file mode 100644
index 0000000..09ec7f9
--- /dev/null
+++ b/includes/keygen.php
@@ -0,0 +1,128 @@
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2011 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+
+if (array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?>
+
+ <noscript>
+ <p><?=_('You have to enable JavaScript to generate certificates in the browser.')?></p>
+ <p><?=_('If you don\'t want to do that for any reason, you can use '.
+ 'manually created certificate requests instead.')?></p>
+ </noscript>
+
+ <div id="noActiveX" style="color:red">
+ <p><?=_('Could not initialize ActiveX object required for certificate generation.')?></p>
+ <p><?=_('You have to enable ActiveX for this to work. On Windows Vista, Windows 7 and '.
+ 'later versions you have to add this website to the list of trusted sites '.
+ 'in the internet settings.')?></p>
+ <p><?php
+ printf(_('Go to "Extras -> Internet Options -> Security -> Trusted '.
+ 'Websites", click on "Custom Level", set "ActiveX control '.
+ 'elements that are not marked as safe initialized on start in '.
+ 'scripts" to "Confirm" and click "OK". Now click "Sites", add '.
+ '"%s" and "%s" to your list of trusted sites and make the '.
+ 'changes come into effect by clicking "Close" and "OK".'),
+ 'https://'.$_SESSION['_config']['normalhostname'],
+ 'https://'.$_SESSION['_config']['securehostname'])?>
+ </p>
+ </div>
+
+ <form method="post" style="display:none" action="account.php"
+ id="CertReqForm">
+ <input type="hidden" name="oldid" value="<?=intval($id)?>" />
+ <input type="hidden" id="CSR" name="CSR" />
+ <input type="hidden" name="keytype" value="MS" />
+
+ <p><?=_('Security level')?>:
+ <select id="SecurityLevel">
+ <option value="high" selected="selected"><?=_('High')?></option>
+ <option value="medium"><?=_('Medium')?></option>
+ <option value="custom"><?=_('Custom')?>&hellip;</option>
+ </select>
+ </p>
+
+ <fieldset id="customSettings" style="display:none">
+ <legend><?=_('Custom Parameters')?></legend>
+
+ <p><?=_('Cryptography Provider')?>:
+ <select id="CspProvider"></select>
+ </p>
+ <p><?=_('Algorithm')?>: <select id="algorithm"></select></p>
+ <p><?=_('Keysize')?>:
+ <input id="keySize" type="number" />
+ <?=_('Minimum Size')?>: <span id="keySizeMin"></span>,
+ <?=_('Maximum Size')?>: <span id="keySizeMax"></span>,
+ <?php
+ // TRANSLATORS: this specifies the step between two valid key
+ // sizes. E.g. if the step is 512 and the minimum is 1024 and
+ // the maximum is 2048, then only 1024, 1536 and 2048 bits may
+ // be specified as key size.
+ echo _('Step')?>: <span id="keySizeStep"></span></p>
+ <p style="color:red"><?php
+ printf(_('Please note that RSA key sizes smaller than %d bit '.
+ 'will not be accepted by CAcert.'),
+ 1024)?>
+ </p>
+ </fieldset>
+
+ <p><input type="submit" id="GenReq" name="GenReq" value="<?=_('Create Certificate')?>" /></p>
+ <p id="generatingKeyNotice" style="display:none">
+ <?=_('Generating your key. Please wait')?>&hellip;</p>
+ </form>
+
+ <!-- Error messages used in the JavaScript. Defined here so they can be
+ translated without passing the JavaScript code through PHP -->
+ <p id="createRequestErrorChooseAlgorithm" style="display:none">
+ <?=_('Could not generate certificate request. Probably you need to '.
+ 'choose a different algorithm.')?>
+ </p>
+ <p id="createRequestErrorConfirmDialogue" style="display:none">
+ <?=_('Could not generate certificate request. Please confirm the '.
+ 'dialogue if you are asked if you want to generate the key.')?>
+ </p>
+ <p id="createRequestErrorConnectDevice" style="display:none">
+ <?=_('Could not generate certificate request. Please make sure the '.
+ 'cryptography device (e.g. the smartcard) is connected.')?>
+ </p>
+ <p id="createRequestError" style="display:none">
+ <?=_('Could not generate certificate request.')?>
+ </p>
+ <p id="invalidKeySizeError" style="display:none">
+ <?=_('You have specified an invalid key size')?>
+ </p>
+ <p id="unsupportedPlatformError" style="display:none">
+ <?=_('Could not initialize the cryptographic module for your '.
+ 'platform. Currently we support Microsoft Windows XP, Vista '.
+ 'and 7. If you\'re using one of these platforms and see this '.
+ 'error message anyway you might have to enable ActiveX as '.
+ 'described in the red explanation text and accept loading of '.
+ 'the module.')?>
+ </p>
+
+ <script type="text/javascript" src="keygenIE.js"></script>
+
+<? } else { ?>
+ <p>
+ <form method="post" action="account.php">
+ <input type="hidden" name="keytype" value="NS">
+ <?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
+
+ <input type="submit" name="submit" value="<?=_("Create Certificate Request")?>">
+ <input type="hidden" name="oldid" value="<?=intval($id)?>">
+ </form>
+ </p>
+<? }
diff --git a/includes/lib/general.php b/includes/lib/general.php
index d91b24e..85b132d 100644
--- a/includes/lib/general.php
+++ b/includes/lib/general.php
@@ -130,3 +130,34 @@ function runCommand($command, $input = "", &$output = null, &$errors = true) {
}
}
+ // returns 0 if $userID is an Assurer
+ // Otherwise :
+ // Bit 0 is always set
+ // Bit 1 is set if 100 Assurance Points are not reached
+ // Bit 2 is set if Assurer Test is missing
+ // Bit 3 is set if the user is not allowed to be an Assurer (assurer_blocked > 0)
+ function get_assurer_status($userID)
+ {
+ $Result = 0;
+ $query = mysql_query('SELECT * FROM `cats_passed` AS `tp`, `cats_variant` AS `cv` '.
+ ' WHERE `tp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND `tp`.`user_id` = \''.(int)intval($userID).'\'');
+ if(mysql_num_rows($query) < 1)
+ {
+ $Result |= 5;
+ }
+
+ $query = mysql_query('SELECT SUM(`points`) AS `points` FROM `notary` AS `n` WHERE `n`.`to` = \''.(int)intval($userID).'\' AND `n`.`expire` < now()');
+ $row = mysql_fetch_assoc($query);
+ if ($row['points'] < 100) {
+ $Result |= 3;
+ }
+
+ $query = mysql_query('SELECT `assurer_blocked` FROM `users` WHERE `id` = \''.(int)intval($userID).'\'');
+ $row = mysql_fetch_assoc($query);
+ if ($row['assurer_blocked'] > 0) {
+ $Result |= 9;
+ }
+
+ return $Result;
+ }
+ \ No newline at end of file
diff --git a/includes/wot.inc.php b/includes/wot.inc.php
index 1c36df0..9471bee 100644
--- a/includes/wot.inc.php
+++ b/includes/wot.inc.php
@@ -373,6 +373,8 @@
break;
case 'Unknown': // to be revoked in the future? limit to max 50 pts?
case 'Trusted Third Parties': // to be revoked in the future? limit to max 35 pts?
+ case 'TTP-Assisted': // TTP assurances, limit to 35
+ case 'TOPUP': // TOPUP to be delevoped in the future, limit to 30
case '': // to be revoked in the future? limit to max 50 pts?
case 'Face to Face Meeting': // normal assurances, limit to 35/50 pts in the future?
break;