update, gpg changes etc
This commit is contained in:
parent
6f7b3ab1b7
commit
06ba89b6d2
36 changed files with 2814 additions and 2540 deletions
|
@ -19,6 +19,13 @@
|
|||
if($process != "" && $oldid == 1)
|
||||
{
|
||||
$id = 1;
|
||||
if(strstr($newemail, "xn--") && $_SESSION['profile']['codesign'] <= 0)
|
||||
{
|
||||
showheader(_("My CAcert.org Account!"));
|
||||
echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
if(trim(mysql_escape_string(stripslashes($newemail))) == "")
|
||||
{
|
||||
showheader(_("My CAcert.org Account!"));
|
||||
|
@ -289,6 +296,14 @@
|
|||
|
||||
if($oldid == 7)
|
||||
{
|
||||
if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
|
||||
{
|
||||
showheader(_("My CAcert.org Account!"));
|
||||
echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
|
||||
showfooter();
|
||||
exit;
|
||||
}
|
||||
|
||||
$newdom = trim(escapeshellarg($newdomain));
|
||||
$newdomain = mysql_escape_string(trim($newdomain));
|
||||
|
||||
|
@ -837,7 +852,7 @@
|
|||
if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
|
||||
echo _("The Pass Phrase you submitted was too short.");
|
||||
} else if($score < 3) {
|
||||
echo _("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored $score points out of 6.");
|
||||
printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
|
||||
} else if(mysql_num_rows($match) <= 0) {
|
||||
echo _("You failed to correctly enter your current Pass Phrase.");
|
||||
} else {
|
||||
|
|
|
@ -134,7 +134,7 @@ function hideall() {
|
|||
<div id="pagecell1">
|
||||
<div id="pageName"><br>
|
||||
<h2><a href="http://<?=$_SESSION['_config']['normalhostname']?>"><img src="/images/cacert2.png" border="0"></a></h2>
|
||||
<div id="googlead"><h2>¡Vive la Révolution!</h2></div>
|
||||
<div id="googlead"><h2>Free digital certificates!</h2></div>
|
||||
</div>
|
||||
<div id="pageNav">
|
||||
<div class="relatedLinks">
|
||||
|
@ -181,10 +181,12 @@ function hideall() {
|
|||
<h3 onclick="explode('WoT')">+ <?=_("CAcert Web of Trust")?></h3>
|
||||
<ul class="menu" id="WoT"><li><a href="wot.php?id=0"><?=_("About")?></a></li><li><a href="wot.php?id=1"><?=_("Find an Assurer")?></a></li><li><a href="wot.php?id=3"><?=_("Rules")?></a></li><li><? if($_SESSION['profile']['points'] < 100) { ?><a href="wot.php?id=2"><?=_("Becoming an Assurer")?></a><? } else { ?><a href="wot.php?id=5"><?=_("Assure Someone")?></a><? } ?></li><li><a href="wot.php?id=4"><?=_("Trusted Third Parties")?></a></li><li><a href="/docs/CAP.pdf"><?=_("WoT Form")?></a></li><li><a href="/docs/TTP.pdf"><?=_("TTP Form")?></a></li></ul>
|
||||
</div>
|
||||
<? if($_SESSION['profile']['points'] >= 50) { ?>
|
||||
<div class="relatedLinks">
|
||||
<h3 onclick="explode('gpg')">+ <?=_("GPG/PGP Keys")?></h3>
|
||||
<ul class="menu" id="gpg"><li><a href="gpg.php?id=0"><?=_("New")?></a></li><li><a href="gpg.php?id=2"><?=_("View")?></a></li></ul>
|
||||
</div>
|
||||
<? } ?>
|
||||
<? if($_SESSION['profile']['admin'] == 1) { ?>
|
||||
<div class="relatedLinks">
|
||||
<h3 onclick="explode('sysadmin')">+ <?=_("System Admin")?></h3>
|
||||
|
|
|
@ -278,7 +278,7 @@
|
|||
else
|
||||
$dom = $bits[$i];
|
||||
$_SESSION['_config']['row'] = "";
|
||||
$query = "select * from domains where `memid`='".$_SESSION['profile']['id']."' and `domain` like '$dom' and `deleted`=0";
|
||||
$query = "select * from domains where `memid`='".$_SESSION['profile']['id']."' and `domain` like '$dom' and `deleted`=0 and `hash`=''";
|
||||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) > 0)
|
||||
{
|
||||
|
@ -321,7 +321,7 @@
|
|||
else
|
||||
$dom = $bits[$i];
|
||||
$_SESSION['_config']['altrow'] = "";
|
||||
$query = "select * from domains where `memid`='".$_SESSION['profile']['id']."' and `domain` like '$dom' and `deleted`=0";
|
||||
$query = "select * from domains where `memid`='".$_SESSION['profile']['id']."' and `domain` like '$dom' and `deleted`=0 and `hash`=''";
|
||||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) > 0)
|
||||
{
|
||||
|
|
|
@ -45,7 +45,7 @@ google_color_border = "FFFFFF";
|
|||
//-->
|
||||
</script>
|
||||
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script><? } else {
|
||||
?><h2>¡Vive la Révolution!</h2><? } ?></div>
|
||||
?><h2>Free digital certificates!</h2><? } ?></div>
|
||||
</div>
|
||||
<div id="pageNav">
|
||||
<div class="relatedLinks">
|
||||
|
@ -66,6 +66,7 @@ google_color_border = "FFFFFF";
|
|||
<a href="stats.php">CAcert <?=_("Statistics")?></a>
|
||||
<a href="index.php?id=3"><?=_("Root Certificate")?></a>
|
||||
<a href="revoke.crl"><?=_("CRL")?></a>
|
||||
<a href="http://my.rsscache.com/www.cacert.org/rss.php"><?=_("RSS News Feed")?></a>
|
||||
<? if($_SESSION['profile']['admin'] == 1) { ?>
|
||||
<a href="index.php?id=5"><?=_("OCSP Details")?></a>
|
||||
<? } ?>
|
||||
|
@ -107,7 +108,7 @@ if(!function_exists("showfooter"))
|
|||
<!--ONESTAT SCRIPTCODE END--><? } ?>
|
||||
<a href="index.php?id=12"><?=_("About Us")?></a> | <a href="index.php?id=13"><?=_("Donations")?></a> |
|
||||
<a href="index.php?id=10"><?=_("Privacy Policy")?></a> |
|
||||
<a href="index.php?id=51"><?=_("Mission Statment")?></a> | <a href="index.php?id=11"><?=_("Contact Us")?></a> |
|
||||
<a href="index.php?id=51"><?=_("Mission Statement")?></a> | <a href="index.php?id=11"><?=_("Contact Us")?></a> |
|
||||
©2004 by CAcert</div>
|
||||
</div>
|
||||
</body>
|
||||
|
|
2546
locale/de.po
2546
locale/de.po
File diff suppressed because it is too large
Load diff
734
messages.po
734
messages.po
File diff suppressed because it is too large
Load diff
|
@ -28,3 +28,4 @@
|
|||
</table>
|
||||
<input type="hidden" name="oldid" value="<?=$id?>">
|
||||
</form>
|
||||
<p><?=_("Currently we do not issue certificates for Punycode domains as these have big security risks.")?></p>
|
||||
|
|
|
@ -93,7 +93,7 @@
|
|||
<tr>
|
||||
<td class="DataTD"><?=_("Date of Birth")?><br>
|
||||
(<?=_("dd/mm/yyyy")?>)</td>
|
||||
<td class="DataTD"><?=$day?> <?=ucwords(strftime("%B", mktime(0,0,0,$i,1,date("Y"))))?> <?=$year?></td>
|
||||
<td class="DataTD"><?=$day?> <?=ucwords(strftime("%B", mktime(0,0,0,$month,1,1)))?> <?=$year?></td>
|
||||
</tr>
|
||||
<? } ?>
|
||||
<tr>
|
||||
|
|
|
@ -30,4 +30,4 @@
|
|||
<input type="hidden" name="oldid" value="<?=$id?>">
|
||||
</form>
|
||||
<p><?=_("Please Note: You only need to enter the main part of your domain, eg. mydomain.com rather then www.mydomain.com. Once you have verified your domain you are able to enter any sub-domain, such as www.mydomain.com or www.this.is.mydomain.com as the system checks from right to left, rather then specific hostnames when you upload a CSR to the system.")?></p>
|
||||
|
||||
<p><?=_("Currently we do not issue certificates for Punycode domains as these have big security risks.")?></p>
|
||||
|
|
|
@ -12,19 +12,9 @@
|
|||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<?
|
||||
$_POST['level'] = intval($_POST['level']);
|
||||
if($_POST['level'] < 0 || $_POST['level'] > 1)
|
||||
$_POST['level'] = 0;
|
||||
?>
|
||||
<p><?=_("Paste your GPG key below...")?></p>
|
||||
<form method="post" action="gpg.php">
|
||||
<textarea name="CSR" cols="80" rows="15"><?=$_POST['CSR']?></textarea><br>
|
||||
<input type="radio" name="level" value="0"<? if($_POST['level'] == 0) echo " checked"; ?>> Low Trust GPG Key<br>
|
||||
<? if($_SESSION['profile']['points'] >= 100) { ?>
|
||||
<input type="radio" name="level" value="1"<? if($_POST['level'] == 1) echo " checked"; ?>> High Trust GPG Key<br>
|
||||
<? } ?>
|
||||
<input type="submit" name="process" value="<?=_("Submit")?>">
|
||||
<input type="hidden" name="oldid" value="<?=$id?>">
|
||||
</form>
|
||||
<p><?=_("Please Note: To receive a high trust GPG signature you need at least 100 assurance points.")?>
|
||||
|
|
|
@ -18,7 +18,6 @@
|
|||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Status")?></td>
|
||||
<td class="DataTD"><?=_("Trust Level")?></td>
|
||||
<td class="DataTD"><?=_("Email Address")?></td>
|
||||
<td class="DataTD"><?=_("Expires")?></td>
|
||||
|
||||
|
@ -29,7 +28,6 @@
|
|||
`expire` as `expires`, `id`, `level`, `email`
|
||||
`email` from `gpg` where `memid`='".$_SESSION[profile][id]."'
|
||||
ORDER BY `issued` desc";
|
||||
//echo $query."<br>\n";
|
||||
$res = mysql_query($query);
|
||||
if(mysql_num_rows($res) <= 0)
|
||||
{
|
||||
|
@ -46,23 +44,16 @@
|
|||
$verified = _("Expired");
|
||||
if($row['expired'] == 0)
|
||||
$verified = _("Pending");
|
||||
|
||||
$trust = _("High Trust");
|
||||
if($row['level'] != 1)
|
||||
$trust = _("Low Trust");
|
||||
?>
|
||||
<tr>
|
||||
<? if($verified == _("Valid")) { ?>
|
||||
<td class="DataTD"><?=$verified?></td>
|
||||
<td class="DataTD"><?=$trust?></td>
|
||||
<td class="DataTD"><a href="gpg.php?id=3&cert=<?=$row[id]?>"><?=$row['email']?></a></td>
|
||||
<? } else if($verified == _("Pending")) { ?>
|
||||
<td class="DataTD"><?=$verified?></td>
|
||||
<td class="DataTD"><?=$trust?></td>
|
||||
<td class="DataTD"><?=$row[CN]?></td>
|
||||
<? } else { ?>
|
||||
<td class="DataTD"><?=$verified?></td>
|
||||
<td class="DataTD"><?=$trust?></td>
|
||||
<td class="DataTD"><a href="account.php?id=6&cert=<?=$row[id]?>"><?=$row[CN]?></a></td>
|
||||
<? } ?>
|
||||
<td class="DataTD"><?=$row[expires]?></td>
|
||||
|
|
|
@ -1,3 +1,17 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<h3><?=_("Help!")?></h3>
|
||||
<p><?=_("Following are several tips you may find useful.")?></p>
|
||||
|
||||
|
@ -9,5 +23,6 @@
|
|||
<li><a href='logos.php'><?=_("How do I get a secured by CAcert emblem on my site?")?></a></li>
|
||||
<li><a href='help.php?id=6'><?=_("How do I get a Server certificate from CAcert?")?></a></li>
|
||||
<li><a href='help.php?id=7'><?=_("How does CAcert Protect it's root private key?")?></a></li>
|
||||
<li><a href='help.php?id=9'><?=_("How can I do a single sign on similar to CAcert using client certificates?")?></a></li>
|
||||
<li><a href='http://wiki.cacert.org'><?=_("Unofficial FAQ/Wiki")?></a></li>
|
||||
</ul>
|
||||
|
|
|
@ -1,3 +1,17 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<pre> CERTIFICATE RETRIEVAL
|
||||
|
||||
|
||||
|
|
|
@ -1,3 +1,17 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<ul>
|
||||
<li><a href="#whatFor"><?=_("What is it for?")?></a></li>
|
||||
<li><a href="#whyEmails"><?=_("Why digitally sign your own emails?! (weirdo..)")?></a></li>
|
||||
|
@ -50,7 +64,7 @@
|
|||
<p><?=_("So if you don't pass the audit, you don't get to be a Certificate Authority. And to pass the audit, well, you've got to show that you can do a good job issuing certificates. That they're secure, you only give them to the right people, etc. So what happens when you make a mistake and you erroneously issue a certificate that risks the entire Internet browsing population, like Verisign did? Well, er, nothing actually. They already paid for their audit, and damn it, they're so big now, we couldn't possibly revoke their Certificate Authority status. (There's too much money at stake!)")?></p>
|
||||
|
||||
<h3><?=_("So, dammit, what's the point of all this then?")?></h3>
|
||||
<p><?=_("The point is, as the current situation holds, you should be weary of anyone making decisions for you (i.e. pre-installed certificates in your browser), and you should be weary of anyone else's certificates that you install. But at the end of the day, it all boils down to trust. If an independent Certificate Authority seems to be reputable to you, and you can find evidence to support this claim, there's no reason why you shouldn't trust it any less than you implicitly trust the people who have already made mistakes.")?></p>
|
||||
<p><?=_("The point is, as the current situation holds, you should be wary of anyone making decisions for you (i.e. pre-installed certificates in your browser), and you should be weary of anyone else's certificates that you install. But at the end of the day, it all boils down to trust. If an independent Certificate Authority seems to be reputable to you, and you can find evidence to support this claim, there's no reason why you shouldn't trust it any less than you implicitly trust the people who have already made mistakes.")?></p>
|
||||
<h3><a name="refs"></a><?=_("References")?></h3>
|
||||
<p><a href="http://www.schneier.com/paper-pki.pdf"><?=_("Ten Risks of PKI: What You're not Being Told about Public Key Infrastructure")?></a> - http://www.counterpane.com/pki-risks.pdf</p>
|
||||
<p><a href="http://www.webtrust.org/certauth.htm"><?=_("WebTrust for Certification Authorities")?></a> - http://www.webtrust.org/certauth.htm</p>
|
||||
|
|
|
@ -1,3 +1,17 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<h3><?=_("Generating a Key Pair and Certificate Signing Request (CSR) for a Microsoft Internet Information Server (IIS) 5.0.")?></h3>
|
||||
<p><?=_("To generate a public and private key pair and CSR for a Microsoft IIS 5 Server:")?></p>
|
||||
<ol class="tutorial">
|
||||
|
|
|
@ -1,3 +1,17 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<p><?=_("Firstly you will need to run the following command, preferably in secured directory no one else can access, however protecting your private keys is beyond the scope of this document.")?></p>
|
||||
<p># openssl req -nodes -new -keyout private.key -out server.csr</p>
|
||||
<p><?=_("Then the system will try to generate some very random numbers to get a secure key.")?></p>
|
||||
|
|
|
@ -1 +1,15 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<?=_("To be completed")?>
|
||||
|
|
|
@ -1,3 +1,17 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<p><?=_("Firstly you need to join CAcert to do that go:")?> <a href='https://www.cacert.org/index.php?id=1'><?=("here")?></a></p>
|
||||
|
||||
<p><?=_("Then you need to generate a Certificate Signing Request, for more details go:")?> <a href=http://www.cacert.org/help.php><?=_("here")?></a></p>
|
||||
|
|
|
@ -1,3 +1,17 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<p><?=_("In light of a request on the bugzilla list for more information about how our root certificate is protected I've decided to do a write up here and see if there is anything more people suggest could be done, or a better way of handling things altogether.")?></p>
|
||||
<p><?=_("Currently there is 2 main servers, one for webserver, one for root store, with the root store only connected to the webserver via serial cable, with a daemon running as non-root processes on each end of the serial listening/sending requests/info.")?></p>
|
||||
<p><?=_("If the root store detects a bad request it assumes the webserver is compromised and shuts itself down.")?></p>
|
||||
|
|
|
@ -1,3 +1,17 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<p><i><?=_("Question: I'm a software developer for linux and I want to use CAcert/openssl to distribute my packages with detached signatures, is this possible and why would I do this over PGP/GPG detached signatures?")?></i></p>
|
||||
<p><?=_("I'll anwser the why part first, as that's reasonably easy. The short answer is it takes most of the key handling responsibilty away from you and/or your group. If you need to revoke your key for any reason (such as a developer leaving the project) it won't effect your ability to revoke the existing key or keys, and issue new ones.")?></p>
|
||||
|
||||
|
|
63
pages/help/9.php
Normal file
63
pages/help/9.php
Normal file
|
@ -0,0 +1,63 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<?
|
||||
function dotab($num)
|
||||
{
|
||||
for($i = 0; $i < $num; $i++)
|
||||
{
|
||||
for($j = 0; $j < 8; $j++)
|
||||
$string .= " ";
|
||||
}
|
||||
return($string);
|
||||
}
|
||||
?>
|
||||
<h3><?=_("How can I do a single sign on similar to CAcert using client certificates?")?></h3>
|
||||
|
||||
<p><?=_("Firstly you need mod-ssl and apache setup (this is beyond the scope of this FAQ item and you will need to search on google etc for LAMP setup information). I recommend mod-ssl over apache-ssl because it means you need less resources to achieve the same result.")?></p>
|
||||
|
||||
<p><?=_("Once you have everything setup and working you will need to add lines similar to below to your apache.conf")?></p>
|
||||
|
||||
<p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;"><br>
|
||||
<VirtualHost 127.0.0.1:443><br>
|
||||
SSLEngine on<br>
|
||||
SSLVerifyClient require<br>
|
||||
SSLVerifyDepth 2<br>
|
||||
SSLCACertificateFile /etc/ssl/cacert.crt<br>
|
||||
SSLCertificateFile /etc/ssl/certs/cacert.crt<br>
|
||||
SSLCertificateKeyFile /etc/ssl/private/cacert.pem<br>
|
||||
SSLOptions +StdEnvVars<br>
|
||||
<br>
|
||||
ServerName secure.cacert.org<br>
|
||||
DocumentRoot /www<br>
|
||||
</VirtualHost><br><br>
|
||||
</p>
|
||||
|
||||
<p><?=_("Please note, you will need to alter the paths, hostname and IP of the above example, which is just that an example! The SSLCACertificateFile directive is supposed to point to a file with the root certificate you wish to verify your client certificates against, for the CAcert website we obviously only accept certificates issued by our own website and use our root certificate to initially verify this.")?></p>
|
||||
|
||||
<p><?=_("Once you have everything working and you've tested sending a client certificate to your site and you're happy all is well you can start adding code to PHP (or any other language you like that can pull server environment information). At present I only have PHP code available and the example is in PHP")?></p>
|
||||
|
||||
<p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;"><br>
|
||||
<?=dotab(1)?>if($_SERVER['HTTP_HOST'] == "secure.cacert.org")<br>
|
||||
<?=dotab(1)?>{<br>
|
||||
<?=dotab(2)?>$query = "select * from `users` where `email`='$_SERVER[SSL_CLIENT_S_DN_Email]'";<br>
|
||||
<?=dotab(2)?>$res = mysql_query($query);<br>
|
||||
<?=dotab(2)?>if(mysql_num_rows($res) > 0)<br>
|
||||
<?=dotab(2)?>{<br>
|
||||
<?=dotab(3)?>$_SESSION['profile']['loggedin'] = 1;<br>
|
||||
<?=dotab(3)?>header("location: https://secure.cacert.org/account.php");<br>
|
||||
<?=dotab(3)?>exit;<br>
|
||||
<?=dotab(2)?>}<br>
|
||||
<?=dotab(1)?>}<br><br>
|
||||
</p>
|
|
@ -13,6 +13,12 @@
|
|||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<p><?=_("Warning! This site requires cookies to be enabled to ensure your privacy and security. This site uses session cookies to store temporary values to prevent people from copying and pasting the session ID to someone else exposing their account, personal details and identity theft as a result.")?></p>
|
||||
<p style="border:dotted 1px #900;padding:0.3em;background-color:#ffe;">
|
||||
<b><?=_("In light of the number of people having issues with making up a password we have the following suggestions:")?></b><br><br>
|
||||
<?=_("To get a password that will work I suggest the following example: ")?>Fr3d Sm|7h<br><br>
|
||||
<?=_("This wouldn't match your name or email at all, it contains at least 1 lower case letter, 1 upper case letter, a number, white space and a misc symbol. You get additional points for being over 15 characters and a second additional point for having it over 30. The system starts reducing points if you include any section of your name, or password or email address or if it matches a word from the english dictionary...")?>
|
||||
</p>
|
||||
|
||||
<form method="post" action="index.php">
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper" width="400">
|
||||
<tr>
|
||||
|
|
|
@ -14,18 +14,18 @@
|
|||
*/ ?>
|
||||
<p>
|
||||
<?=_("PKI Key")?><br>
|
||||
<a href="index.php?id=17"><?=_("Click here if you want to import the root certificate into Microsoft Internet Exporler")?></a><br>
|
||||
<a href="certs/root.crt"><?=_("Root Certificate (PEM Format)")?></a><br>
|
||||
<a href="certs/root.der"><?=_("Root Certificate (DER Format)")?></a>
|
||||
</p>
|
||||
|
||||
<p>
|
||||
<?=_("GPG Keys")?><br>
|
||||
<a href="certs/cacert.asc"><?=_("High Trust GPG Key")?></a><br>
|
||||
<a href="certs/cacert-low.asc"><?=_("Low Trust GPG Key")?></a>
|
||||
<?=_("GPG Key")?><br>
|
||||
<a href="certs/cacert.asc"><?=_("CAcert's GPG Key")?></a><br>
|
||||
</p>
|
||||
|
||||
<p>
|
||||
<?=_("PKI finger/thumb print signed by the High Trust GPG Key")?><br>
|
||||
<?=_("PKI finger/thumb print signed by the CAcert GPG Key")?><br>
|
||||
<pre>
|
||||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA1
|
||||
|
@ -47,19 +47,15 @@ Mch2LMZhK4h/SBIft5ROzVU=
|
|||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA1
|
||||
|
||||
pub 1024D/65D0FD58 2003-07-11 CA Cert Signing Authority (Root CA) <gpg@cacert.org>
|
||||
pub 1024D/65D0FD58 2003-07-11 CA Cert Signing Authority (Root CA)
|
||||
Key fingerprint = A31D 4F81 EF4E BD07 B456 FA04 D2BB 0D01 65D0 FD58
|
||||
sub 2048g/113ED0F2 2003-07-11 [expires: 2033-07-03]
|
||||
|
||||
pub 1024D/9E2BD1F2 2003-08-05 CA Cert Signing Authority (Low Security Key) <lowgpg@cacert.org>
|
||||
Key fingerprint = 9F94 ACDD D289 67E7 1FB7 1C3A 77AE 7F12 9E2B D1F2
|
||||
sub 2048g/456D7D4B 2003-08-05 [expires: 2033-07-28]
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: GnuPG v1.2.4 (GNU/Linux)
|
||||
Version: GnuPG v1.2.5 (GNU/Linux)
|
||||
|
||||
iD8DBQFB1JbY0rsNAWXQ/VgRAnVYAJ4uK8zjeTn/a3Wc1j66iQiQtgvV+wCfS/Re
|
||||
NSTpDmG+DqGpqTh1Hn1Uf2g=
|
||||
=/mLy
|
||||
iD8DBQFCEDLN0rsNAWXQ/VgRArhhAJ9EY1TJOzsVVuy2lL98CoKL0vnJjQCfbdBk
|
||||
TG1yj+lkktROGGyn0hJ5SbM=
|
||||
=tXoj
|
||||
-----END PGP SIGNATURE-----
|
||||
</pre>
|
||||
</p>
|
||||
|
|
160
pages/index/17.php
Normal file
160
pages/index/17.php
Normal file
|
@ -0,0 +1,160 @@
|
|||
<html>
|
||||
<head>
|
||||
<title>Install CACert Root using CEnroll Active-X component and PKCS-7</title>
|
||||
<link rel="stylesheet" href="styles/default.css" type="text/css">
|
||||
<link href="http://my.rsscache.com/www.cacert.org/rss.php" rel="alternate" type="application/rss+xml" title="rss">
|
||||
</head>
|
||||
|
||||
<SCRIPT LANGUAGE="VBSCRIPT">
|
||||
|
||||
Sub InstallCert
|
||||
|
||||
credentials = "MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290" & _
|
||||
"IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB" & _
|
||||
"IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA" & _
|
||||
"Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO" & _
|
||||
"BgNVBAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEi" & _
|
||||
"MCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJ" & _
|
||||
"ARYSc3VwcG9ydEBjYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC" & _
|
||||
"CgKCAgEAziLA4kZ97DYoB1CW8qAzQIxL8TtmPzHlawI229Z89vGIj053NgVBlfkJ" & _
|
||||
"8BLPRoZzYLdufujAWGSuzbCtRRcMY/pnCujW0r8+55jE8Ez64AO7NV1sId6eINm6" & _
|
||||
"zWYyN3L69wj1x81YyY7nDl7qPv4coRQKFWyGhFtkZip6qUtTefWIonvuLwphK42y" & _
|
||||
"fk1WpRPs6tqSnqxEQR5YYGUFZvjARL3LlPdCfgv3ZWiYUQXw8wWRBB0bF4LsyFe7" & _
|
||||
"w2t6iPGwcswlWyCR7BYCEo8y6RcYSNDHBS4CMEK4JZwFaz+qOqfrU0j36NK2B5jc" & _
|
||||
"G8Y0f3/JHIJ6BVgrCFvzOKKrF11myZjXnhCLotLddJr3cQxyYN/Nb5gznZY0dj4k" & _
|
||||
"epKwDpUeb+agRThHqtdB7Uq3EvbXG4OKDy7YCbZZ16oE/9KTfWgu3YtLq1i6L43q" & _
|
||||
"laegw1SJpfvbi1EinbLDvhG+LJGGi5Z4rSDTii8aP8bQUWWHIbEZAWV/RRyH9XzQ" & _
|
||||
"QUxPKZgh/TMfdQwEUfoZd9vUFBzugcMd9Zi3aQaRIt0AUMyBMawSB3s42mhb5ivU" & _
|
||||
"fslfrejrckzzAeVLIL+aplfKkQABi6F1ITe1Yw1nPkZPcCBnzsXWWdsC4PDSy826" & _
|
||||
"YreQQejdIOQpvGQpQsgi3Hia/0PsmBsJUUtaWsJx8cTLc6nloQsCAwEAAaOCAc4w" & _
|
||||
"ggHKMB0GA1UdDgQWBBQWtTIb1Mfz4OaO873SsDrusjkY0TCBowYDVR0jBIGbMIGY" & _
|
||||
"gBQWtTIb1Mfz4OaO873SsDrusjkY0aF9pHsweTEQMA4GA1UEChMHUm9vdCBDQTEe" & _
|
||||
"MBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0" & _
|
||||
"IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2Vy" & _
|
||||
"dC5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zAyBgNVHR8EKzApMCegJaAjhiFodHRw" & _
|
||||
"czovL3d3dy5jYWNlcnQub3JnL3Jldm9rZS5jcmwwMAYJYIZIAYb4QgEEBCMWIWh0" & _
|
||||
"dHBzOi8vd3d3LmNhY2VydC5vcmcvcmV2b2tlLmNybDA0BglghkgBhvhCAQgEJxYl" & _
|
||||
"aHR0cDovL3d3dy5jYWNlcnQub3JnL2luZGV4LnBocD9pZD0xMDBWBglghkgBhvhC" & _
|
||||
"AQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRlIGZvciBGUkVFIGhlYWQg" & _
|
||||
"b3ZlciB0byBodHRwOi8vd3d3LmNhY2VydC5vcmcwDQYJKoZIhvcNAQEEBQADggIB" & _
|
||||
"ACjH7pyCArpcgBLKNQodgW+JapnM8mgPf6fhjViVPr3yBsOQWqy1YPaZQwGjiHCc" & _
|
||||
"nWKdpIevZ1gNMDY75q1I08t0AoZxPuIrA2jxNGJARjtT6ij0rPtmlVOKTV39O9lg" & _
|
||||
"18p5aTuxZZKmxoGCXJzN600BiqXfEVWqFcofN8CCmHBh22p8lqOOLlQ+TyGpkO/c" & _
|
||||
"gr/c6EWtTZBzCDyUZbAEmXZ/4rzCahWqlwQ3JNgelE5tDlG+1sSPypZt90Pf6DBl" & _
|
||||
"Jzt7u0NDY8RD97LsaMzhGY4i+5jhe1o+ATc7iwiwovOVThrLm82asduycPAtStvY" & _
|
||||
"sONvRUgzEv/+PDIqVPfE94rwiCPCR/5kenHA0R6mY7AHfqQv0wGP3J8rtsYIqQ+T" & _
|
||||
"SCX8Ev2fQtzzxD72V7DX3WnRBnc0CkvSyqD/HMaMyRa+xMwyN2hzXwj7UfdJUzYF" & _
|
||||
"CpUCTPJ5GhD22Dp1nPMd8aINcGeGG7MW9S/lpOt5hvk9C8JzC6WZrG/8Z7jlLwum" & _
|
||||
"GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk" & _
|
||||
"zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW" & _
|
||||
"omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD"
|
||||
|
||||
On Error Resume Next
|
||||
Dim Enroll
|
||||
|
||||
Set Enroll = CreateObject("CEnroll.CEnroll.2")
|
||||
if ( (Err.Number = 438) OR (Err.Number = 429) ) Then
|
||||
Err.Clear
|
||||
Set Enroll = CreateObject("CEnroll.CEnroll.1")
|
||||
End If
|
||||
if Err.Number <> 0 then
|
||||
location = "index.php?id=18&message=Can't%20instantiate%20the%20CEnroll%20control:%20" & Hex(err)
|
||||
Else
|
||||
Call Enroll.InstallPKCS7(credentials)
|
||||
If err.Number <> 0 then
|
||||
location = "index.php?id=18&message=Problems%20were%20detected%20with%20the%20CACert%20root%20certificate%20download%20error:%20" & Hex(err)
|
||||
Else
|
||||
location = "index.php?id=18&message=The%20CACert%20root%20certificate%20was%20successfully%20installed"
|
||||
End if
|
||||
End If
|
||||
|
||||
End sub
|
||||
</SCRIPT>
|
||||
<body LANGUAGE="VBScript" ONLOAD="InstallCert">
|
||||
<div id="pagecell1">
|
||||
<div id="pageName"><br>
|
||||
<h2><a href="http://www.cacert.org"><img src="/images/cacert2.png" border="0" alt="CAcert.org logo"></a></h2>
|
||||
<div id="googlead"><script type="text/javascript">
|
||||
<!--
|
||||
google_ad_client = "pub-0959373285729680";
|
||||
google_alternate_ad_url = "http://text.happysnapper.net/?userid=06f45be90b9c7456f98f304d0cae3405&border=FFFFFF&bg=FFFFFF&nourl=www.cacert.org";
|
||||
google_ad_width = 468;
|
||||
google_ad_height = 60;
|
||||
google_ad_format = "468x60_as";
|
||||
google_color_link = "000000";
|
||||
google_color_url = "000000";
|
||||
google_color_text = "000000";
|
||||
google_color_border = "FFFFFF";
|
||||
//-->
|
||||
</script>
|
||||
|
||||
<script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"></script></div>
|
||||
</div>
|
||||
<div id="pageNav">
|
||||
<div class="relatedLinks">
|
||||
<h3>Join CAcert.org</h3>
|
||||
<a href="https://www.cacert.org/index.php?id=1">Join</a>
|
||||
</div>
|
||||
<div class="relatedLinks">
|
||||
|
||||
<h3>My Account</h3>
|
||||
<a href="https://www.cacert.org/index.php?id=4">Normal Login</a>
|
||||
<a href="https://secure.cacert.org/index.php?id=4">Cert Login</a>
|
||||
<a href="https://www.cacert.org/index.php?id=5">Lost Password</a>
|
||||
</div>
|
||||
<div class="relatedLinks">
|
||||
<h3>Miscellaneous</h3>
|
||||
|
||||
<a href="news.php">CAcert News</a>
|
||||
<a href="help.php">Howto Information</a>
|
||||
<a href="logos.php">CAcert Logos</a>
|
||||
<a href="stats.php">CAcert Statistics</a>
|
||||
<a href="index.php?id=3">Root Certificate</a>
|
||||
<a href="revoke.crl">CRL</a>
|
||||
<a href="http://my.rsscache.com/www.cacert.org/rss.php">RSS News Feed</a>
|
||||
|
||||
<a href="index.php?id=7">Credits</a>
|
||||
<a href="index.php?id=8">CAcert Board</a>
|
||||
</div>
|
||||
<div class="relatedLinks">
|
||||
<h3>Translations</h3>
|
||||
<a href="index.php?id=0&lang=da_DK">Dansk</a>
|
||||
<a href="index.php?id=0&lang=de_DE">Deutsch</a>
|
||||
|
||||
<a href="index.php?id=0&lang=en_AU">English</a>
|
||||
<a href="index.php?id=0&lang=es_ES">Español</a>
|
||||
<a href="index.php?id=0&lang=fr_FR">Français</a>
|
||||
<a href="index.php?id=0&lang=it_IT">Italiano</a>
|
||||
<a href="index.php?id=0&lang=hu_HU">Magyar</a>
|
||||
|
||||
<a href="index.php?id=0&lang=nl_NL">Nederlands</a>
|
||||
<a href="index.php?id=0&lang=pt_PT">Português</a>
|
||||
<a href="index.php?id=0&lang=pt_BR">Português Brasileiro</a>
|
||||
<a href="index.php?id=0&lang=ru_RU">Русский</a>
|
||||
<a href="index.php?id=0&lang=sv_SE">Svenska</a>
|
||||
<a href="index.php?id=0&lang=tr_TR">Türkçe</a>
|
||||
|
||||
<a href="index.php?id=0&lang=zh_CN">中文(简体)</a>
|
||||
</div>
|
||||
</div>
|
||||
<div id="content">
|
||||
<div class="story">
|
||||
<p><?=_("Install a Root Certificate using Internet Explorer and the CEnroll ActiveX control. This avoids the Microsoft Certificate Installation wizard and all of its complexity and extra screens for users. This however will ONLY work for Microsoft Internet Explorer.")?></p>
|
||||
</div>
|
||||
</div>
|
||||
<div id="siteInfo">
|
||||
<!--ONESTAT SCRIPTCODE START-->
|
||||
<script type="text/javascript" src="onestat.js"></script>
|
||||
<noscript>
|
||||
<a href="http://www.onestat.com/asp/login.asp?sid=164863">
|
||||
<img src="http://stat.onestat.com/asp/stat.asp?tagver=1&sid=164863&js=no&" alt="this site tracked by onestat.com" />
|
||||
</a>
|
||||
</noscript>
|
||||
<!--ONESTAT SCRIPTCODE END--> <a href="index.php?id=12">About Us</a> | <a href="index.php?id=13">Donations</a> |
|
||||
<a href="index.php?id=10">Privacy Policy</a> |
|
||||
<a href="index.php?id=51">Mission Statement</a> | <a href="index.php?id=11">Contact Us</a> |
|
||||
©2004 by CAcert</div>
|
||||
|
||||
</div>
|
||||
</BODY>
|
||||
</HTML>
|
17
pages/index/18.php
Normal file
17
pages/index/18.php
Normal file
|
@ -0,0 +1,17 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<p>
|
||||
<?=$_GET['message']?>
|
||||
</p>
|
|
@ -14,18 +14,18 @@
|
|||
*/ ?>
|
||||
<p>
|
||||
<?=_("PKI Key")?><br>
|
||||
<a href="index.php?id=17"><?=_("Click here if you want to import the root certificate into Microsoft Internet Exporler")?></a><br>
|
||||
<a href="certs/root.crt"><?=_("Root Certificate (PEM Format)")?></a><br>
|
||||
<a href="certs/root.der"><?=_("Root Certificate (DER Format)")?></a>
|
||||
</p>
|
||||
|
||||
<p>
|
||||
<?=_("GPG Keys")?><br>
|
||||
<a href="certs/cacert.asc"><?=_("High Trust GPG Key")?></a><br>
|
||||
<a href="certs/cacert-low.asc"><?=_("Low Trust GPG Key")?></a>
|
||||
<?=_("GPG Key")?><br>
|
||||
<a href="certs/cacert.asc"><?=_("CAcert's GPG Key")?></a><br>
|
||||
</p>
|
||||
|
||||
<p>
|
||||
<?=_("PKI finger/thumb print signed by the High Trust GPG Key")?><br>
|
||||
<?=_("PKI finger/thumb print signed by the CAcert GPG Key")?><br>
|
||||
<pre>
|
||||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA1
|
||||
|
@ -47,19 +47,15 @@ Mch2LMZhK4h/SBIft5ROzVU=
|
|||
-----BEGIN PGP SIGNED MESSAGE-----
|
||||
Hash: SHA1
|
||||
|
||||
pub 1024D/65D0FD58 2003-07-11 CA Cert Signing Authority (Root CA) <gpg@cacert.org>
|
||||
pub 1024D/65D0FD58 2003-07-11 CA Cert Signing Authority (Root CA)
|
||||
Key fingerprint = A31D 4F81 EF4E BD07 B456 FA04 D2BB 0D01 65D0 FD58
|
||||
sub 2048g/113ED0F2 2003-07-11 [expires: 2033-07-03]
|
||||
|
||||
pub 1024D/9E2BD1F2 2003-08-05 CA Cert Signing Authority (Low Security Key) <lowgpg@cacert.org>
|
||||
Key fingerprint = 9F94 ACDD D289 67E7 1FB7 1C3A 77AE 7F12 9E2B D1F2
|
||||
sub 2048g/456D7D4B 2003-08-05 [expires: 2033-07-28]
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: GnuPG v1.2.4 (GNU/Linux)
|
||||
Version: GnuPG v1.2.5 (GNU/Linux)
|
||||
|
||||
iD8DBQFB1JbY0rsNAWXQ/VgRAnVYAJ4uK8zjeTn/a3Wc1j66iQiQtgvV+wCfS/Re
|
||||
NSTpDmG+DqGpqTh1Hn1Uf2g=
|
||||
=/mLy
|
||||
iD8DBQFCEDLN0rsNAWXQ/VgRArhhAJ9EY1TJOzsVVuy2lL98CoKL0vnJjQCfbdBk
|
||||
TG1yj+lkktROGGyn0hJ5SbM=
|
||||
=tXoj
|
||||
-----END PGP SIGNATURE-----
|
||||
</pre>
|
||||
</p>
|
||||
|
|
|
@ -27,7 +27,7 @@
|
|||
<tr>
|
||||
<td class="DataTD" colspan="2" align="left"><b><?=_("PLEASE NOTE: You have already assured this person before! If this is unintentional please DO NOT CONTINUE with this assurance.")?></b></td>
|
||||
</tr>
|
||||
<? } if($_SESSION['_config']['pointsalready'] > 65) { ?>
|
||||
<? } if($_SESSION['_config']['pointsalready'] > 0) { ?>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2" align="left"><b><? printf(_("This person already has %s assurance points. Any points you give this person may be rounded down, or they may not even get any points. If you have less then 150 points you will still receive 2 points for assuring them."), $_SESSION['_config']['pointsalready']); ?></b></td>
|
||||
</tr>
|
||||
|
@ -47,7 +47,7 @@
|
|||
<td class="DataTD"><?=_("Date of Birth")?>:</td>
|
||||
<td class="DataTD"><?=$row['dob']?> (<?=_("YYYY-MM-DD")?>)</td>
|
||||
</tr>
|
||||
<? if($_SESSION['profile']['admin'] == 1) { ?>
|
||||
<? if($_SESSION['profile']['board'] == 1) { ?>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Method")?>:</td>
|
||||
<td class="DataTD"><select name="method">
|
||||
|
@ -73,7 +73,7 @@
|
|||
<td class="DataTD"><?=_("Date")?>:</td>
|
||||
<td class="DataTD"><input type="text" name="date" value="<?=$_POST['date']?>"><br><?=_("Only fill this in if you assured the person on a different day")?></td>
|
||||
</tr>
|
||||
<? if($_SESSION['profile']['admin'] == 1 && $_SESSION['_config']['pointsalready'] <= 1500) { ?>
|
||||
<? if($_SESSION['profile']['board'] == 1 && $_SESSION['_config']['pointsalready'] <= 1500) { ?>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2"><?=_("Issuing a temporary increase will automatically boost their points to 200 points for a nomindated amount of days, after which the person will be reduced to 150 points regardless of the amount of points they had previously. Regardless of method chosen above it will be recorded in the system as an Administrative Increase and there is a maximum amount of 45 days that points can be issued for.")?></td>
|
||||
</tr>
|
||||
|
@ -85,7 +85,7 @@
|
|||
<td class="DataTD"><nobr><?=_("Sponsoring Member")?>:</td>
|
||||
<td class="DataTD"><select name="sponsor">
|
||||
<?
|
||||
$query = "select * from `users` where `admin`='1' and `id`!='".$_SESSION['profile']['id']."'";
|
||||
$query = "select * from `users` where `board`='1' and `id`!='".$_SESSION['profile']['id']."'";
|
||||
$res = mysql_query($query);
|
||||
while($row = mysql_fetch_assoc($res))
|
||||
{
|
||||
|
|
|
@ -23,17 +23,13 @@
|
|||
|
||||
$do = `gpg --homedir /root/.gnupg --import $row[csr] 2>&1`;
|
||||
|
||||
$extra = "";
|
||||
if(intval($row['level']) != 1)
|
||||
$extra = " --default-key lowgpg@cacert.org";
|
||||
|
||||
$extras = "";
|
||||
if($row['multiple'] == 1)
|
||||
$extras .= " echo \"y\";";
|
||||
if($row['expires'] == 1)
|
||||
$extras .= " echo \"n\";";
|
||||
|
||||
$do = `( $extras echo "365"; echo "y"; echo "3"; echo "y")|gpg$extra --homedir /root/.gnupg --batch --no-tty --command-fd 0 \
|
||||
$do = `( $extras echo "365"; echo "y"; echo "2"; echo "y")|gpg --default-key gpg@cacert.org --homedir /root/.gnupg --batch --no-tty --command-fd 0 \
|
||||
--status-fd 1 --cert-policy-url http://www.cacert.org/index.php?id=10 \
|
||||
--ask-cert-expire --sign-key $row[email] 2>&1`;
|
||||
$do = `gpg --homedir /root/.gnupg --export --armor $row[email] > $row[crt]`;
|
||||
|
|
32
www/analyse.php
Normal file
32
www/analyse.php
Normal file
|
@ -0,0 +1,32 @@
|
|||
<? /*
|
||||
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
||||
|
||||
This file is part of CAcert.
|
||||
|
||||
CAcert has been released under the CAcert Source License
|
||||
which can be found included with these source files or can
|
||||
be downloaded from the internet from the following address:
|
||||
http://www.cacert.org/src-lic.php
|
||||
|
||||
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
||||
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<?
|
||||
loadem("index");
|
||||
|
||||
showheader(_("Welcome to CAcert.org"));
|
||||
|
||||
if($_POST['csr'] == "")
|
||||
{ ?>
|
||||
<form method="post" action="<?=$PHP_SELF?>">
|
||||
<p>Please paste the PEM encoded certificate signing request you would like to analyze in the text area below:</p>
|
||||
<p><textarea name="csr" cols="64" rows="12"></textarea></p>
|
||||
<p><input type="submit" name="process" value="<?=_("Analyse")?>"></p>
|
||||
</form>
|
||||
<? } else {
|
||||
echo $_POST['csr'];
|
||||
print_r(openssl_x509_parse(openssl_x509_read($_POST['csr'])));
|
||||
}
|
||||
showfooter();
|
||||
?>
|
1433
www/cps.php
Normal file
1433
www/cps.php
Normal file
File diff suppressed because it is too large
Load diff
BIN
www/docs/CAP.pdf
BIN
www/docs/CAP.pdf
Binary file not shown.
Binary file not shown.
23
www/gpg.php
23
www/gpg.php
|
@ -15,11 +15,17 @@
|
|||
<?
|
||||
require_once("../includes/loggedin.php");
|
||||
|
||||
if($_SESSION['profile']['points'] < 50)
|
||||
{
|
||||
header("location: /account.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
loadem("account");
|
||||
|
||||
if($oldid == "0")
|
||||
{
|
||||
if($_POST['process'] != _("Submit") || $_POST['level'] == "" || $_POST['CSR'] == "" || intval($_POST['level']) < 0 || intval($_POST['level']) > 1)
|
||||
if($_POST['process'] != _("Submit") || $_POST['CSR'] == "")
|
||||
{
|
||||
$_SESSION['_config']['errmsg'] = _("You failed to paste a valid GPG/PGP key.");
|
||||
$id = $oldid;
|
||||
|
@ -88,14 +94,6 @@
|
|||
if(count($emailaddies) > 1)
|
||||
$multiple = 1;
|
||||
|
||||
if($_SESSION['profile']['points'] < 50 && $_POST['level'] == 1)
|
||||
{
|
||||
$_SESSION['_config']['errmsg'] = _("You don't have enough assurance points to be issued a high level trust gpg signature.");
|
||||
unset($_POST['process']);
|
||||
$id = $oldid;
|
||||
unset($oldid);
|
||||
}
|
||||
|
||||
if(is_array($names))
|
||||
{
|
||||
foreach($names as $name)
|
||||
|
@ -137,13 +135,9 @@
|
|||
|
||||
if($oldid == "0")
|
||||
{
|
||||
$_POST['level'] = intval($_POST['level']);
|
||||
if($_POST['level'] < 0 || $_POST['level'] > 1)
|
||||
$_POST['level'] = 0;
|
||||
|
||||
$query = "insert into `gpg` set `memid`='".$_SESSION['profile']['id']."',
|
||||
`email`='".$emailaddies['0']."',
|
||||
`level`='".$_POST['level']."',
|
||||
`level`='1',
|
||||
`expires`='$expires',
|
||||
`multiple`='$multiple'";
|
||||
mysql_query($query);
|
||||
|
@ -179,5 +173,4 @@
|
|||
showheader(_("Welcome to CAcert.org"));
|
||||
includeit($id, "gpg");
|
||||
showfooter();
|
||||
|
||||
?>
|
||||
|
|
|
@ -13,11 +13,18 @@
|
|||
PARTICULAR PURPOSE. See the License for more details.
|
||||
*/ ?>
|
||||
<?
|
||||
loadem("index");
|
||||
|
||||
$id = intval($id);
|
||||
$oldid = intval($oldid);
|
||||
|
||||
if($id == 17)
|
||||
{
|
||||
include_once("index/17.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
loadem("index");
|
||||
|
||||
$_SESSION['_config']['hostname'] = $_SERVER['HTTP_HOST'];
|
||||
|
||||
if(($oldid == 6 || $id == 6) && intval($_SESSION['lostpw']['user']['id']) < 1)
|
||||
|
@ -97,7 +104,7 @@
|
|||
$_SESSION['lostpw']['user']['mname'], $_SESSION['lostpw']['user']['lname'], $_SESSION['lostpw']['user']['suffix']);
|
||||
if($score < 3)
|
||||
{
|
||||
$_SESSION['_config']['errmsg'] = _("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored $score points out of 6.");
|
||||
$_SESSION['_config']['errmsg'] = sprintf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
|
||||
} else {
|
||||
$query = "update `users` set `password`=password('".$_SESSION['lostpw']['pw1']."')
|
||||
where `id`='".$_SESSION['lostpw']['user']['id']."'";
|
||||
|
|
26
www/rss.php
Normal file
26
www/rss.php
Normal file
|
@ -0,0 +1,26 @@
|
|||
<? /* <author>$row['who'] <nomail@nospam.sss></author> */ ?>
|
||||
<? header("Content-Type: application/xml");
|
||||
?><<?="?"?>xml version="1.0" encoding="UTF-8" <?="?"?>>
|
||||
<rss version="2.0">
|
||||
<channel>
|
||||
<title>CAcert.org NEWS!</title>
|
||||
<link>http://www.CAcert.org</link>
|
||||
<copyright>Copyright © 2002-present, CAcert Inc.</copyright>
|
||||
<description>News feed for CAcert.org</description>
|
||||
<pubDate><?=date("D, d M Y H:i:s O")?></pubDate>
|
||||
<lastBuildDate><?=date("D, d M Y H:i:s O")?></lastBuildDate>
|
||||
<ttl>3600</ttl><?
|
||||
$query = "select *, UNIX_TIMESTAMP(`when`) as `TS` from news order by `when` desc limit 10";
|
||||
$res = mysql_query($query);
|
||||
while($row = mysql_fetch_assoc($res))
|
||||
{ ?>
|
||||
<item>
|
||||
<title><?=strip_tags($row['short'])?></title>
|
||||
<description><?=strip_tags($row['story'])?></description>
|
||||
<link>http://www.cacert.org/news.php?from=rss&id=<?=$row['id']?></link>
|
||||
<pubDate><?=date("D, d M Y H:i:s O", $row['TS'])?></pubDate>
|
||||
</item>
|
||||
<? } ?>
|
||||
|
||||
</channel>
|
||||
</rss>
|
62
www/wot.php
62
www/wot.php
|
@ -92,7 +92,7 @@
|
|||
$_SESSION['_config']['error'] = _("You failed to check all boxes to validate your adherence to the rules and policies of CAcert");
|
||||
}
|
||||
|
||||
if($_POST['certify'] != 1 && $_SESSION['profile']['admin'] != 1)
|
||||
if($_POST['certify'] != 1 && $_SESSION['profile']['board'] != 1)
|
||||
{
|
||||
$id = $oldid;
|
||||
unset($oldid);
|
||||
|
@ -100,7 +100,7 @@
|
|||
}
|
||||
}
|
||||
|
||||
if($oldid == 6 && $_SESSION['profile']['admin'] != 1)
|
||||
if($oldid == 6 && $_SESSION['profile']['board'] != 1)
|
||||
{
|
||||
if($_POST['location'] == "")
|
||||
{
|
||||
|
@ -113,13 +113,14 @@
|
|||
if($oldid == 6)
|
||||
{
|
||||
$max = maxpoints();
|
||||
if($_POST['points'] > $max)
|
||||
$_POST['points'] = $max;
|
||||
$newpoints = intval($_POST['points']);
|
||||
if($newpoints > $max)
|
||||
$newpoints = $max;
|
||||
$query = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['_config']['notarise']['id']."' group by `to`";
|
||||
$res = mysql_query($query);
|
||||
$drow = mysql_fetch_assoc($res);
|
||||
|
||||
if($_SESSION['profile']['admin'] == 1 && intval($_POST['expire']) > 0 && $drow['total'] > 150)
|
||||
if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0 && $drow['total'] > 150)
|
||||
{
|
||||
showheader(_("My CAcert.org Account!"));
|
||||
echo "<p>"._("You tried to give a temporary points increase to someone that already has more then 150 points. Can't continue.")."</p>";
|
||||
|
@ -127,7 +128,7 @@
|
|||
exit;
|
||||
}
|
||||
|
||||
if($_SESSION['profile']['admin'] == 1 && intval($_POST['expire']) > 0 && intval($_POST['sponsor']) <= 0)
|
||||
if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0 && intval($_POST['sponsor']) <= 0)
|
||||
{
|
||||
showheader(_("My CAcert.org Account!"));
|
||||
echo "<p>"._("You didn't list a valid sponsor for this action.")."</p>";
|
||||
|
@ -135,9 +136,9 @@
|
|||
exit;
|
||||
}
|
||||
|
||||
if($_SESSION['profile']['admin'] == 1 && intval($_POST['expire']) > 0 && intval($_POST['sponsor']) > 0)
|
||||
if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0 && intval($_POST['sponsor']) > 0)
|
||||
{
|
||||
$resc = mysql_query("select * from `users` where `id`='".intval($_POST['sponsor'])."' and `admin`='1'");
|
||||
$resc = mysql_query("select * from `users` where `id`='".intval($_POST['sponsor'])."' and `board`='1'");
|
||||
$rc = mysql_num_rows($resc);
|
||||
$sponsor = mysql_fetch_assoc($resc);
|
||||
if($rc <= 0)
|
||||
|
@ -149,20 +150,22 @@
|
|||
}
|
||||
}
|
||||
|
||||
if($_SESSION['profile']['admin'] == 1 && intval($_POST['expire']) > 0)
|
||||
if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0)
|
||||
{
|
||||
$_POST['method'] == "Administrative Increase";
|
||||
$_POST['points'] = 200 - $drow['total'];
|
||||
$newpoints = 200 - $drow['total'];
|
||||
if(intval($_POST['expire']) > 45)
|
||||
$_POST['expire'] = 45;
|
||||
if(intval($_POST['expire']) <= 7)
|
||||
$_POST['expire'] = 7;
|
||||
} else {
|
||||
$_POST['expire'] = 0;
|
||||
if(($drow['total'] + $_POST['points']) > 100 && $max < 100)
|
||||
$_POST['points'] = 100 - $drow['total'];
|
||||
if(($drow['total'] + $_POST['points']) > $max && $max >= 100)
|
||||
$_POST['points'] = $max - $drow['total'];
|
||||
if($_POST['points'] < 0)
|
||||
$_POST['points'] = 0;
|
||||
if(($drow['total'] + $newpoints) > 100 && $max < 100)
|
||||
$newpoints = 100 - $drow['total'];
|
||||
if(($drow['total'] + $newpoints) > $max && $max >= 100)
|
||||
$newpoints = $max - $drow['total'];
|
||||
if($newpoints < 0)
|
||||
$newpoints = 0;
|
||||
}
|
||||
|
||||
if(mysql_escape_string(stripslashes($_POST['date'])) == "")
|
||||
|
@ -170,16 +173,16 @@
|
|||
|
||||
$query = "insert into `notary` set `from`='".$_SESSION['profile']['id']."',
|
||||
`to`='".$_SESSION['_config']['notarise']['id']."',
|
||||
`points`='".intval($_POST['points'])."',
|
||||
`points`='$newpoints',
|
||||
`location`='".mysql_escape_string(stripslashes($_POST['location']))."',
|
||||
`date`='".mysql_escape_string(stripslashes($_POST['date']))."',
|
||||
`when`=NOW()";
|
||||
if($_SESSION['profile']['admin'] == 1 && intval($_POST['expire']) > 0)
|
||||
if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0)
|
||||
{
|
||||
$query .= ",\n`method`='Temporary Increase'";
|
||||
$query .= ",\n`expire`=DATE_ADD(NOW(), INTERVAL '".intval($_POST['expire'])."' DAY)";
|
||||
$query .= ",\n`sponsor`='".intval($_POST['sponsor'])."'";
|
||||
} else if($_SESSION['profile']['admin'] == 1) {
|
||||
} else if($_SESSION['profile']['board'] == 1) {
|
||||
$query .= ",\n`method`='".mysql_escape_string(stripslashes($_POST['method']))."'";
|
||||
}
|
||||
mysql_query($query);
|
||||
|
@ -204,19 +207,22 @@
|
|||
}
|
||||
|
||||
$body = sprintf(_("You are receiving this email because you have been assured by %s %s (%s)."), $_SESSION['profile']['fname'], $_SESSION['profile']['lname'], $_SESSION['profile']['email'])."\n\n";
|
||||
$body .= sprintf(_("You were issued %s points and you now have %s points in total."), $_POST['points'], ($_POST['points'] + $drow['total']))."\n\n";
|
||||
if($_POST['points'] != $newpoints)
|
||||
$body .= sprintf(_("You were issued %s points however the system has rounded this down to %s and you now have %s points in total."), $_POST['points'], $newpoints, ($newpoints + $drow['total']))."\n\n";
|
||||
else
|
||||
$body .= sprintf(_("You were issued %s points and you now have %s points in total."), $newpoints, ($newpoints + $drow['total']))."\n\n";
|
||||
|
||||
if(($drow['total'] + $_POST['points']) < 100 && ($drow['total'] + $_POST['points']) >= 50)
|
||||
if(($drow['total'] + $newpoints) < 100 && ($drow['total'] + $newpoints) >= 50)
|
||||
{
|
||||
$body .= _("You now have over 50 points, and can now have your name added to client certificates, and issue server certificates for up to 2 years.")."\n\n";
|
||||
}
|
||||
|
||||
if(($drow['total'] + $_POST['points']) >= 100 && $_POST['points'] > 0)
|
||||
if(($drow['total'] + $newpoints) >= 100 && $newpoints > 0)
|
||||
{
|
||||
$body .= _("You now have over 100 points and can start assuring others.")."\n\n";
|
||||
}
|
||||
|
||||
if($_SESSION['profile']['admin'] == 1 && intval($_POST['expire']) > 0)
|
||||
if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0)
|
||||
$body .= sprintf(_("Please Note: this is a temporary increase for %s days only. After that time your points will be reduced to 150 points."), intval($_POST['expire']))."\n\n";
|
||||
|
||||
$body .= _("Best regards")."\n";
|
||||
|
@ -228,15 +234,19 @@
|
|||
setlocale(LC_ALL, $_SESSION['_config']['language']);
|
||||
|
||||
$body = sprintf(_("You are receiving this email because you have assured %s %s (%s)."), $_SESSION['_config']['notarise']['fname'], $_SESSION['_config']['notarise']['lname'], $_SESSION['_config']['notarise']['email'])."\n\n";
|
||||
$body .= sprintf(_("You issued them %s points and they now have %s points in total."), $_POST['points'], ($_POST['points'] + $drow['total']))."\n\n";
|
||||
if($_SESSION['profile']['admin'] == 1 && intval($_POST['expire']) > 0)
|
||||
if($_POST['points'] != $newpoints)
|
||||
$body .= sprintf(_("You issued %s points however the system has rounded this down to %s and they now have %s points in total."), $_POST['points'], $newpoints, ($newpoints + $drow['total']))."\n\n";
|
||||
else
|
||||
$body .= sprintf(_("You issued %s points and they now have %s points in total."), $newpoints, ($newpoints + $drow['total']))."\n\n";
|
||||
|
||||
if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0)
|
||||
$body .= sprintf(_("Please Note: this is a temporary increase for %s days only. After that time their points will be reduced to 150 points."), intval($_POST['expire']))."\n\n";
|
||||
$body .= _("Best regards")."\n";
|
||||
$body .= _("CAcert Support Team");
|
||||
|
||||
sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("You've Assured Another Member."), $body, "support@cacert.org", "returns@cacert.org", "", "CAcert Support");
|
||||
|
||||
if($_SESSION['profile']['admin'] == 1 && intval($_POST['expire']) > 0)
|
||||
if($_SESSION['profile']['board'] == 1 && intval($_POST['expire']) > 0)
|
||||
{
|
||||
$body = sprintf("%s %s (%s) has issued a temporary increase to 200 points for %s %s (%s) for %s days. This action was sponsored by %s %s (%s).", $_SESSION['profile']['fname'], $_SESSION['profile']['lname'], $_SESSION['profile']['email'], $_SESSION['_config']['notarise']['fname'], $_SESSION['_config']['notarise']['lname'], $_SESSION['_config']['notarise']['email'], intval($_POST['expire']), $sponsor['fname'], $sponsor['lname'], $sponsor['email'])."\n\n";
|
||||
|
||||
|
|
Loading…
Reference in a new issue