Merge branch 'main' into fix-email-address-maintenance-bug-1543
This commit is contained in:
commit
66daeb6fcd
10 changed files with 320 additions and 279 deletions
11
.gitignore
vendored
11
.gitignore
vendored
|
@ -5,3 +5,14 @@
|
|||
|
||||
# Ignore file with the account data
|
||||
/password.dat
|
||||
|
||||
/CommModule/*-active
|
||||
/CommModule/logfile*txt
|
||||
/CommModule/nohup.out
|
||||
/CommModule/serialserver.conf
|
||||
/crt/
|
||||
/csr/
|
||||
/locale/cv
|
||||
/pages/index/feed.rss
|
||||
/www/*.crl
|
||||
/www/*.crl.patch
|
||||
|
|
|
@ -12,7 +12,7 @@ use File::CounterFile;
|
|||
use Time::HiRes q(usleep);
|
||||
use IPC::Open3;
|
||||
use File::Copy;
|
||||
use Digest::SHA1 qw(sha1_hex);
|
||||
use Digest::SHA qw(sha1_hex);
|
||||
|
||||
#Protocol version:
|
||||
my $ver=1;
|
||||
|
|
|
@ -120,7 +120,7 @@ class HashAlgorithms {
|
|||
return array(
|
||||
'sha256' => array(
|
||||
'name' => 'SHA-256',
|
||||
'info' => _('Currently recommended, because the other algorithms might break on some older versions of the GnuTLS library (older than 3.x) still shipped in Debian for example.'),
|
||||
'info' => '',
|
||||
),
|
||||
'sha384' => array(
|
||||
'name' => 'SHA-384',
|
||||
|
@ -128,7 +128,7 @@ class HashAlgorithms {
|
|||
),
|
||||
'sha512' => array(
|
||||
'name' => 'SHA-512',
|
||||
'info' => _('Highest protection against hash collision attacks of the algorithms offered here.'),
|
||||
'info' => '',
|
||||
),
|
||||
);
|
||||
}
|
||||
|
|
|
@ -1,8 +1,6 @@
|
|||
<div class="sponsorinfo">
|
||||
<?=_("CAcert operations are sponsored by")?>
|
||||
<a href="http://www.bit.nl/" target="_blank"><img class="sponsorlogo" src="/images/bit.png" alt="[BIT logo]" border="0"></a>
|
||||
<a href="http://www.tunix.nl/" target="_blank"><img class="sponsorlogo" src="/images/tunix.png" alt="[TUNIX logo]" border="0"></a>
|
||||
<a href="http://www.nlnet.nl/" target="_blank"><img class="sponsorlogo" src="/images/nlnet.png" alt="[NLnet logo]" border="0"></a>
|
||||
<a href="http://www.openarchitecturenetwork.org/" target="_blank"><img class="sponsorlogo" src="/images/oan.png" alt="[OAN logo]" border="0"></a>
|
||||
</div>
|
||||
|
||||
|
|
102
locale/cv.c
102
locale/cv.c
|
@ -1,102 +0,0 @@
|
|||
#include <stdio.h>
|
||||
#include <ctype.h>
|
||||
#include <stdlib.h>
|
||||
#include <string.h>
|
||||
typedef unsigned char uchar;
|
||||
typedef struct{char * nm; int v;} vp;
|
||||
vp vpl[] = {
|
||||
{"nbsp", 160}, {"lt",0x3c}, {"amp", 38},
|
||||
{"eacute", 233}, {"egrave", 232}, {"ouml", 246},
|
||||
{"alpha", 0x3b1}, {"beta", 0x3b2}, {"gamma", 0x3b3},
|
||||
{"delta", 0x3b4}, {"Delta", 0x394},
|
||||
{"sigma", 0x3c3}, {"Sigma", 0x3a3},
|
||||
{"epsilon", 0x3b5}, {"zeta", 0x3b6},
|
||||
{"theta", 0x3b8}, {"mu", 0x3bc},
|
||||
{"phi", 0x3c6},
|
||||
{"omega", 0x3c9},
|
||||
{"lambda", 0x3bb}, {"rho", 0x3c1},
|
||||
{"pi", 0x3c0}, {"Pi", 0x3a0},
|
||||
{"ndash", 0x2013}, {"mdash", 0x2014},
|
||||
{"and", 8743}, {"rarr", 8594}, {"forall", 0x2200},
|
||||
{"sum", 8721}};
|
||||
int cc = 0; // count of conversions.
|
||||
static void Utf(int m, uint a){
|
||||
if (a & m) {Utf(m>>1, a>>6); putchar(128 | a & 63);}
|
||||
else putchar((m<<1)&255 | a);}
|
||||
static void utf8(uint a){
|
||||
if(a == '<') printf("%s", "<");
|
||||
else if(a == '&') printf("%s", "&");
|
||||
else if(a & -128) {++cc;
|
||||
Utf(-32, a>>6); putchar(128 | a & 63);} else putchar(a);}
|
||||
char * em[] = {"", "tag", "quoted string", "utf", "character ref"};
|
||||
int lc = 1, cil = 0, tcc=0;
|
||||
char gc(int x){char c = getchar();
|
||||
if(c == EOF && feof(stdin)) {
|
||||
if(x) fprintf(stderr, "file ended in %s\n", em[x]);
|
||||
fprintf(stderr, "Converted %d characters\n", cc);
|
||||
exit(0);}
|
||||
if(c == 10 || c == 13) {tcc += cil; cil = 0; ++lc;}
|
||||
++cil; return c;}
|
||||
void loc(){fprintf(stderr, "Ending at byte %d of line %d,"
|
||||
"(or 0x%x in file):\n", cil, lc, tcc+cil);}
|
||||
char gx(){char c = gc(3); if ((c&0xc0) != 0x80)
|
||||
{loc(); fprintf(stderr, "Bad utf8 extension byte: %02X\n", c);}
|
||||
return c;}
|
||||
int main(int argc, char * * args){
|
||||
int bk = argc == 2;
|
||||
while(1){
|
||||
int vx(int x){if((x & 0xffffffe0) == 0x80){
|
||||
if(x == 150) return 8211;
|
||||
if(x == 151) return 8212;
|
||||
loc(); fprintf(stderr, "Invalid character: 0x%x=%d\n", x, x);}
|
||||
return x;}
|
||||
uchar c = gc(0);
|
||||
if(c == '<'){putchar(c); while(1){char c = gc(1);
|
||||
if(c == '"'){putchar(c); while(1){char c = gc(2);
|
||||
if(c == '"'){putchar(c); break;}
|
||||
else putchar(c);}}
|
||||
else if(c == '>'){putchar(c); break;}
|
||||
else putchar(c);}}
|
||||
else if(bk && c > 127){int v=0, sc=0, C=c;
|
||||
while(C&0x40){C <<=1; v = (v<<6) | gx() & 0x3f; ++sc;}
|
||||
{int uc = vx(v | (0x3f>>sc & (int)c) << 6*sc);
|
||||
{int k = sizeof(vpl)/sizeof(vp);
|
||||
while(k--) if(uc == vpl[k].v)
|
||||
{printf("&%s;", vpl[k].nm); goto end;}}
|
||||
printf("&#x%x;", uc);}
|
||||
end: ++cc;}
|
||||
else if(!bk && c == '&') {char c = gc(4);
|
||||
int gs(char c, int r){
|
||||
int vd(char c){if('0' <= c && c <= '9') return c - '0';
|
||||
{char lc = tolower(c);
|
||||
if(r == 16 && 'a' <= lc && lc <= 'f') return lc - 'a' + 10;
|
||||
loc();
|
||||
fprintf(stderr, "Invalid digit folowing \"&#\" construct.");
|
||||
exit(0);
|
||||
return 0;}}
|
||||
int k = vd(c);
|
||||
while(1){char c = gc(4); if(c == ';') return k;
|
||||
k = r*k + vd(c);}}
|
||||
if(c == '#') {char c = gc(4);
|
||||
utf8(vx(c == 'x' || c == 'X' ? gs('0', 16) : gs(c, 10)));}
|
||||
else {int k = sizeof(vpl)/sizeof(vp);
|
||||
char st[10]; st[0] = c;
|
||||
{int n; for(n=1; n<10; ++n) {char c = gc(4);
|
||||
if(c == ';') goto e1;
|
||||
if(!isalpha(c)) break;
|
||||
st[n] = c;}
|
||||
loc(); fprintf(stderr, "%s reference\n",
|
||||
n>10?"Verbose":"Invalid");
|
||||
continue;
|
||||
e1: st[n] = 0;
|
||||
// loc(); fprintf(stderr, "string is <%s>.\n", st);
|
||||
while(k--) if(!strcmp(st, vpl[k].nm)) {
|
||||
utf8(vpl[k].v); break;}
|
||||
if(k<0) {loc();
|
||||
fprintf(stderr, "Unrecognized reference: &%s;\n", st);}}}}
|
||||
else if(c > 127) {loc(); fprintf(stderr, "Non ASCII char.\n");}
|
||||
else putchar(c);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
|
@ -26,171 +26,147 @@
|
|||
|
||||
<p><?=_("If the Subscriber's name and/or domain name registration change the subscriber will immediately inform CAcert Inc. who shall revoke the digital certificate. When the Digital Certificate expires or is revoked the company will permanently remove the certificate from the server on which it is installed and will not use it for any purpose thereafter. The person responsible for key management and security is fully authorized to install and utilize the certificate to represent this organization's electronic presence.")?></p>
|
||||
|
||||
<h4><?= _("There is a new method for generating a CSR for this page.") ?></h5>
|
||||
<p><?= _("It is completely described in https://wiki.cacert.org/TutorialsHowto/Generate-new-CSR, which you should follow. At the point where it says \"Copy CSR to Clipboard\" do that and come back to this page and paste the result into the textbox at the bottom of this page.") ?></p>
|
||||
<p><a href='https://community.cacert.org/clientcert' target=_blank ><?= _("Here is a link to that procedure. It will open in a new tab.") ?></a></p>
|
||||
|
||||
<form method="post" action="account.php">
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="2" class="title"><?=_("New Client Certificate")?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Add")?></td>
|
||||
<td class="DataTD"><?=_("Address")?></td>
|
||||
</tr>
|
||||
<table align="center" valign="middle" border="0" cellspacing="0" cellpadding="0" class="wrapper">
|
||||
<tr>
|
||||
<td colspan="2" class="title"><?=_("New Client Certificate")?></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD"><?=_("Add")?></td>
|
||||
<td class="DataTD"><?=_("Address")?></td>
|
||||
</tr>
|
||||
|
||||
<?
|
||||
$query = "select * from `email` where `memid`='" . intval($_SESSION[ 'profile' ][ 'id' ] ) . "' and `deleted`=0 and `hash`=''";
|
||||
$res = mysql_query($query );
|
||||
while ($row = mysql_fetch_assoc($res))
|
||||
{ ?>
|
||||
<tr>
|
||||
<td class="DataTD"><input type="checkbox" id="addid<?=intval($row['id']) ?>" name="addid[]" value="<?=intval($row['id']) ?>"></td>
|
||||
<td class="DataTD" align="left"><label for="addid<?=intval($row['id'])?>"><?=sanitizeHTML($row['email'])?></label></td>
|
||||
</tr>
|
||||
<? }
|
||||
if ($_SESSION[ 'profile' ][ 'points' ] >= 50 )
|
||||
{
|
||||
$fname = $_SESSION[ 'profile' ][ 'fname' ];
|
||||
$mname = $_SESSION[ 'profile' ][ 'mname' ];
|
||||
$lname = $_SESSION[ 'profile' ][ 'lname' ];
|
||||
$suffix = $_SESSION[ 'profile' ][ 'suffix' ];
|
||||
?>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2" align="left">
|
||||
<input type="radio" id="incname0" name="incname" value="0" checked="checked"/>
|
||||
<label for="incname0"><?= _("No Name") ?></label><br/>
|
||||
<? if ($fname && $lname ) { ?>
|
||||
<input type="radio" id="incname1" name="incname" value="1"/>
|
||||
<label for="incname1"><?= _("Include") ?> '<?= $fname . " " . $lname ?>'</label><br/>
|
||||
<? } ?>
|
||||
<? if ($fname && $mname && $lname ) { ?>
|
||||
<input type="radio" id="incname2" name="incname" value="2"/>
|
||||
<label for="incname2"><?= _("Include") ?> '<?= $fname . " " . $mname . " " . $lname ?> '</label><br/>
|
||||
<? } ?>
|
||||
<? if ($fname && $lname && $suffix ) { ?>
|
||||
<input type="radio" id="incname3" name="incname" value="3"/>
|
||||
<label for="incname3"><?= _("Include") ?> '<?= $fname . " " . $lname . " " . $suffix ?> '</label><br/>
|
||||
<? } ?>
|
||||
<? if ($fname && $mname && $lname && $suffix ) { ?>
|
||||
<input type="radio" id="incname4" name="incname" value="4"/>
|
||||
<label for="incname4"><?= _("Include") ?> '<?= $fname . " " . $mname . " " . $lname . " " . $suffix ?>'</label><br/>
|
||||
<? } ?>
|
||||
</td>
|
||||
</tr>
|
||||
<? } ?>
|
||||
|
||||
<tr>
|
||||
<td class="DataTD">
|
||||
<input type="checkbox" id="login" name="login" value="1" checked="checked"/>
|
||||
</td>
|
||||
<td class="DataTD" align="left">
|
||||
<label for="login"><?= _("Enable certificate login with this certificate") ?><br/>
|
||||
<?= _("By allowing certificate login, this certificate can be used to login into this account at https://secure.cacert.org/ .") ?></label>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2" align="left">
|
||||
<label for="description"><?= _("Optional comment, only used in the certificate overview") ?></label><br/>
|
||||
<input type="text" id="description" name="description" maxlength="100" size="100"/>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<?
|
||||
$query = "select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `deleted`=0 and `hash`=''";
|
||||
$res = mysql_query($query);
|
||||
while($row = mysql_fetch_assoc($res))
|
||||
{ ?>
|
||||
<tr>
|
||||
<td class="DataTD"><input type="checkbox" id="addid<?=intval($row['id'])?>" name="addid[]" value="<?=intval($row['id'])?>"></td>
|
||||
<td class="DataTD" align="left"><label for="addid<?=intval($row['id'])?>"><?=sanitizeHTML($row['email'])?></label></td>
|
||||
</tr>
|
||||
<? }
|
||||
if($_SESSION['profile']['points'] >= 50)
|
||||
{
|
||||
$fname = $_SESSION['profile']['fname'];
|
||||
$mname = $_SESSION['profile']['mname'];
|
||||
$lname = $_SESSION['profile']['lname'];
|
||||
$suffix = $_SESSION['profile']['suffix'];
|
||||
?>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2" align="left">
|
||||
<input type="radio" id="incname0" name="incname" value="0" checked="checked" />
|
||||
<label for="incname0"><?=_("No Name")?></label><br />
|
||||
<? if($fname && $lname) { ?>
|
||||
<input type="radio" id="incname1" name="incname" value="1" />
|
||||
<label for="incname1"><?=_("Include")?> '<?=$fname." ".$lname?>'</label><br />
|
||||
<? } ?>
|
||||
<? if($fname && $mname && $lname) { ?>
|
||||
<input type="radio" id="incname2" name="incname" value="2" />
|
||||
<label for="incname2"><?=_("Include")?> '<?=$fname." ".$mname." ".$lname?>'</label><br />
|
||||
<? } ?>
|
||||
<? if($fname && $lname && $suffix) { ?>
|
||||
<input type="radio" id="incname3" name="incname" value="3" />
|
||||
<label for="incname3"><?=_("Include")?> '<?=$fname." ".$lname." ".$suffix?>'</label><br />
|
||||
<? } ?>
|
||||
<? if($fname && $mname && $lname && $suffix) { ?>
|
||||
<input type="radio" id="incname4" name="incname" value="4" />
|
||||
<label for="incname4"><?=_("Include")?> '<?=$fname." ".$mname." ".$lname." ".$suffix?>'</label><br />
|
||||
<? } ?>
|
||||
</td>
|
||||
</tr>
|
||||
<? } ?>
|
||||
|
||||
<tr>
|
||||
<td class="DataTD">
|
||||
<input type="checkbox" id="login" name="login" value="1" checked="checked" />
|
||||
</td>
|
||||
<td class="DataTD" align="left">
|
||||
<label for="login"><?=_("Enable certificate login with this certificate")?><br />
|
||||
<?=_("By allowing certificate login, this certificate can be used to login into this account at https://secure.cacert.org/ .")?></label>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2" align="left">
|
||||
<label for="description"><?=_("Optional comment, only used in the certificate overview")?></label><br />
|
||||
<input type="text" id="description" name="description" maxlength="100" size="100" />
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<tr name="expertoff" style="display:none">
|
||||
<td class="DataTD">
|
||||
<input type="checkbox" id="expertbox" name="expertbox" onchange="showExpert(this.checked)" />
|
||||
</td>
|
||||
<td class="DataTD" align="left">
|
||||
<label for="expertbox"><?=_("Show advanced options")?></label>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<?
|
||||
if($_SESSION['profile']['points'] >= 50)
|
||||
{
|
||||
?>
|
||||
<tr name="expert">
|
||||
<td class="DataTD" colspan="2" align="left">
|
||||
<input type="radio" id="root1" name="rootcert" value="1" /> <label for="root1"><?=_("Sign by class 1 root certificate")?></label><br />
|
||||
<input type="radio" id="root2" name="rootcert" value="2" checked="checked" /> <label for="root2"><?=_("Sign by class 3 root certificate")?></label><br />
|
||||
<?=str_replace("\n", "<br />\n", wordwrap(_("Please note: If you use a certificate signed by the class 3 root, the class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain."), 125))?>
|
||||
</td>
|
||||
</tr>
|
||||
<? } ?>
|
||||
|
||||
<tr name="expert">
|
||||
<td class="DataTD" colspan="2" align="left">
|
||||
<?=_("Hash algorithm used when signing the certificate:")?><br />
|
||||
<?
|
||||
foreach (HashAlgorithms::getInfo() as $algorithm => $display_info) {
|
||||
if($_SESSION['profile']['points'] >= 50)
|
||||
{
|
||||
?>
|
||||
<input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?=$algorithm?>" <?=(HashAlgorithms::$default === $algorithm)?'checked="checked"':''?> />
|
||||
<label for="hash_alg_<?=$algorithm?>"><?=$display_info['name']?><?=$display_info['info']?' - '.$display_info['info']:''?></label><br />
|
||||
<?
|
||||
}
|
||||
?>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<? if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0) { ?>
|
||||
<tr name="expert">
|
||||
<td class="DataTD">
|
||||
<input type="checkbox" id="codesign" name="codesign" value="1" />
|
||||
</td>
|
||||
<td class="DataTD" align="left">
|
||||
<label for="codesign"><?=_("Code Signing")?><br />
|
||||
<?=_("Please note: By ticking this box you will automatically have your name included in the certificate.")?></label>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2" align="left">
|
||||
<input type="radio" id="root1" name="rootcert" value="1" /> <label for="root1"><?=_("Sign by class 1 root certificate")?></label><br />
|
||||
<input type="radio" id="root2" name="rootcert" value="2" checked="checked"/> <label for="root2"><?= _("Sign by class 3 root certificate") ?></label><br/>
|
||||
<?= str_replace("\n", "<br />\n", wordwrap(_("Please note: If you use a certificate signed by the class 3 root, the class 3 root certificate needs to be imported into your email program as well as the class 1 root certificate so your email program can build a full trust path chain."), 125 ) ) ?>
|
||||
</td>
|
||||
</tr>
|
||||
<? } ?>
|
||||
|
||||
<tr name="expert">
|
||||
<td class="DataTD">
|
||||
<input type="checkbox" id="SSO" name="SSO" value="1" />
|
||||
</td>
|
||||
<td class="DataTD" align="left">
|
||||
<label for="SSO"><?=_("Add Single Sign On ID Information")?><br />
|
||||
<?=str_replace("\n", "<br>\n", wordwrap(_("By adding Single Sign On (SSO) ID information to your certificates this could be used to track you, you can also issue certificates with no email addresses that are useful only for Authentication. Please see a more detailed description on our WIKI about it."), 125))?>
|
||||
<a href="http://wiki.cacert.org/wiki/SSO"><?=_("SSO WIKI Entry")?></a></label>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2" align="left">
|
||||
<?= _("Hash algorithm used when signing the certificate:") ?><br/>
|
||||
<?
|
||||
foreach (HashAlgorithms::getInfo() as $algorithm => $display_info ) {
|
||||
?>
|
||||
<input type="radio" id="hash_alg_<?=$algorithm?>" name="hash_alg" value="<?= $algorithm ?>" <?= (HashAlgorithms::$default === $algorithm) ? 'checked="checked"' : '' ?> />
|
||||
<label for="hash_alg_<?= $algorithm ?>"><?= $display_info[ 'name' ] ?><?= $display_info[ 'info' ] ? ' - ' . $display_info[ 'info' ] : '' ?></label><br/>
|
||||
<?
|
||||
}
|
||||
?>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<tr name="expert">
|
||||
<td class="DataTD" colspan="2">
|
||||
<label for="optionalCSR"><?=_("Optional Client CSR, no information on the certificate will be used")?></label><br />
|
||||
<textarea id="optionalCSR" name="optionalCSR" cols="80" rows="5"></textarea>
|
||||
</td>
|
||||
</tr>
|
||||
<? if ($_SESSION[ 'profile' ][ 'points' ] >= 100 && $_SESSION[ 'profile' ][ 'codesign' ] > 0 ) { ?>
|
||||
<tr>
|
||||
<td class="DataTD">
|
||||
<input type="checkbox" id="codesign" name="codesign" value="1"/>
|
||||
</td>
|
||||
<td class="DataTD" align="left">
|
||||
<label for="codesign"><?= _("Code Signing") ?><br/>
|
||||
<?= _("Please note: By ticking this box you will automatically have your name included in the certificate.") ?></label>
|
||||
</td>
|
||||
</tr>
|
||||
<? } ?>
|
||||
|
||||
<tr>
|
||||
<td class="DataTD">
|
||||
<input type="checkbox" id="SSO" name="SSO" value="1"/>
|
||||
</td>
|
||||
<td class="DataTD" align="left">
|
||||
<label for="SSO"><?= _("Add Single Sign On ID Information") ?><br/>
|
||||
<?= str_replace("\n", "<br>\n", wordwrap(_("By adding Single Sign On (SSO) ID information to your certificates this could be used to track you, you can also issue certificates with no email addresses that are useful only for Authentication. Please see a more detailed description on our WIKI about it."), 125 ) ) ?>
|
||||
<a href="http://wiki.cacert.org/wiki/SSO"><?= _("SSO WIKI Entry") ?></a></label>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td class="DataTD">
|
||||
<input type="checkbox" id="CCA" name="CCA" />
|
||||
</td>
|
||||
<td class="DataTD" align="left">
|
||||
<label for="CCA"><strong><?=sprintf(_("I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>")?></strong><br />
|
||||
<?=_("Please note: You need to accept the CCA to proceed.")?></label>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>" /></td>
|
||||
</tr>
|
||||
</table>
|
||||
<input type="hidden" name="oldid" value="<?=$id?>" />
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2">
|
||||
<label for="optionalCSR"><?= _("Optional Client CSR, no information on the certificate will be used") ?></label><br/>
|
||||
<textarea id="optionalCSR" name="optionalCSR" cols="80" rows="5"></textarea>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td class="DataTD">
|
||||
<input type="checkbox" id="CCA" name="CCA"/>
|
||||
</td>
|
||||
<td class="DataTD" align="left">
|
||||
<label for="CCA"><strong><?= sprintf(_("I accept the CAcert Community Agreement (%s)."), "<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>") ?></strong><br/>
|
||||
<?= _("Please note: You need to accept the CCA to proceed.") ?></label>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td class="DataTD" colspan="2"><input type="submit" name="process" value="<?= _("Next") ?>"/></td>
|
||||
</tr>
|
||||
</table>
|
||||
<input type="hidden" name="oldid" value="<?= $id ?>"/>
|
||||
</form>
|
||||
|
||||
<script language="javascript">
|
||||
function showExpert(a)
|
||||
{
|
||||
b=document.getElementsByName("expert");
|
||||
for(i=0;b.length>i;i++)
|
||||
{
|
||||
if(!a) {b[i].setAttribute("style","display:none"); }
|
||||
else {b[i].removeAttribute("style");}
|
||||
}
|
||||
b=document.getElementsByName("expertoff");
|
||||
for(i=0;b.length>i;i++)
|
||||
{
|
||||
b[i].removeAttribute("style");
|
||||
}
|
||||
|
||||
}
|
||||
showExpert(false);
|
||||
</script>
|
||||
|
|
37
www/certs/CAcert_Class3Root_x14E228.crt
Normal file
37
www/certs/CAcert_Class3Root_x14E228.crt
Normal file
|
@ -0,0 +1,37 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIGPTCCBCWgAwIBAgIDFOIoMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv
|
||||
b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ
|
||||
Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y
|
||||
dEBjYWNlcnQub3JnMB4XDTIxMDQxOTEyMTgzMFoXDTMxMDQxNzEyMTgzMFowVDEU
|
||||
MBIGA1UEChMLQ0FjZXJ0IEluYy4xHjAcBgNVBAsTFWh0dHA6Ly93d3cuQ0FjZXJ0
|
||||
Lm9yZzEcMBoGA1UEAxMTQ0FjZXJ0IENsYXNzIDMgUm9vdDCCAiIwDQYJKoZIhvcN
|
||||
AQEBBQADggIPADCCAgoCggIBAKtJNRFIfNImflOUz0Op3SjXQiqL84d4GVh8D57a
|
||||
iX3h++tykA10oZZkq5+gJJlz2uJVdscXe/UErEa4w75/ZI0QbCTzYZzA8pD6Ueb1
|
||||
aQFjww9W4kpCz+JEjCUoqMV5CX1GuYrz6fM0KQhF5Byfy5QEHIGoFLOYZcRD7E6C
|
||||
jQnRvapbjZLQ7N6QxX8KwuPr5jFaXnQ+lzNZ6MMDPWAzv/fRb0fEze5ig1JuLgia
|
||||
pNkVGJGmhZJHsK5I6223IeyFGmhyNav/8BBdwPSUp2rVO5J+TJAFfpPBLIukjmJ0
|
||||
FXFuC3ED6q8VOJrU0gVyb4z5K+taciX5OUbjchs+BMNkJyIQKopPWKcDrb60LhPt
|
||||
XapI19V91Cp7XPpGBFDkzA5CW4zt2/LP/JaT4NsRNlRiNDiPDGCbO5dWOK3z0luL
|
||||
oFvqTpa4fNfVoIZwQNORKbeiPK31jLvPGpKK5DR7wNhsX+kKwsOnIJpa3yxdUly6
|
||||
R9Wb7yQocDggL9V/KcCyQQNokszgnMyXS0XvOhAKq3A6mJVwrTWx6oUrpByAITGp
|
||||
rmB6gCZIALgBwJNjVSKRPFbnr9s6JfOPMVTqJouBWfmh0VMRxXudA/Z0EeBtsSw/
|
||||
LIaRmXGapneLNGDRFLQsrJ2vjBDTn8Rq+G8T/HNZ92ZCdB6K4/jc0m+YnMtHmJVA
|
||||
BfvpAgMBAAGjgfIwge8wDwYDVR0TAQH/BAUwAwEB/zBhBggrBgEFBQcBAQRVMFMw
|
||||
IwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLkNBY2VydC5vcmcvMCwGCCsGAQUFBzAC
|
||||
hiBodHRwOi8vd3d3LkNBY2VydC5vcmcvY2xhc3MzLmNydDBFBgNVHSAEPjA8MDoG
|
||||
CysGAQQBgZBKAgMBMCswKQYIKwYBBQUHAgEWHWh0dHA6Ly93d3cuQ0FjZXJ0Lm9y
|
||||
Zy9jcHMucGhwMDIGA1UdHwQrMCkwJ6AloCOGIWh0dHBzOi8vd3d3LmNhY2VydC5v
|
||||
cmcvY2xhc3MzLmNybDANBgkqhkiG9w0BAQ0FAAOCAgEAxh6td1y0KJvRyI1EEsC9
|
||||
dnYEgyEH+BGCf2vBlULAOBG1JXCNiwzB1Wz9HBoDfIv4BjGlnd5BKdSLm4TXPcE3
|
||||
hnGjH1thKR5dd3278K25FRkTFOY1gP+mGbQ3hZRB6IjDX+CyBqS7+ECpHTms7eo/
|
||||
mARN+Yz5R3lzUvXs3zSX+z534NzRg4i6iHNHWqakFcQNcA0PnksTB37vGD75pQGq
|
||||
eSmx51L6UzrIpn+274mhsaFNL85jhX+lKuk71MGjzwoThbuZ15xmkITnZtRQs6Hh
|
||||
LSIqJWjDILIrxLqYHehK71xYwrRNhFb3TrsWaEJskrhveM0Os/vvoLNkh/L3iEQ5
|
||||
/LnmLMCYJNRALF7I7gsduAJNJrgKGMYvHkt1bo8uIXO8wgNV7qoU4JoaB1ML30QU
|
||||
qGcFr0TI06FFdgK2fwy5hulPxm6wuxW0v+iAtXYx/mRkwQpYbcVQtrIDvx1CT1k5
|
||||
0cQxi+jIKjkcFWHw3kBoDnCos0/ukegPT7aQnk2AbL4c7nCkuAcEKw1BAlSETkfq
|
||||
i5btdlhh58MhewZv1LcL5zQyg8w1puclT3wXQvy8VwPGn0J/mGD4gLLZ9rGcHDUE
|
||||
CokxFoWk+u5MCcVqmGbsyG4q5suS3CNslsHURfM8bQK4oLvHR8LCHEBMRcdFBn87
|
||||
cSvOK6eB1kdGKLA8ymXxZp8=
|
||||
-----END CERTIFICATE-----
|
||||
|
BIN
www/certs/CAcert_Class3Root_x14E228.der
Normal file
BIN
www/certs/CAcert_Class3Root_x14E228.der
Normal file
Binary file not shown.
132
www/certs/CAcert_Class3Root_x14E228.txt
Normal file
132
www/certs/CAcert_Class3Root_x14E228.txt
Normal file
|
@ -0,0 +1,132 @@
|
|||
Certificate:
|
||||
Data:
|
||||
Version: 3 (0x2)
|
||||
Serial Number: 1368616 (0x14e228)
|
||||
Signature Algorithm: sha512WithRSAEncryption
|
||||
Issuer: O=Root CA, OU=http://www.cacert.org, CN=CA Cert Signing Authority/emailAddress=support@cacert.org
|
||||
Validity
|
||||
Not Before: Apr 19 12:18:30 2021 GMT
|
||||
Not After : Apr 17 12:18:30 2031 GMT
|
||||
Subject: O=CAcert Inc., OU=http://www.CAcert.org, CN=CAcert Class 3 Root
|
||||
Subject Public Key Info:
|
||||
Public Key Algorithm: rsaEncryption
|
||||
Public-Key: (4096 bit)
|
||||
Modulus:
|
||||
00:ab:49:35:11:48:7c:d2:26:7e:53:94:cf:43:a9:
|
||||
dd:28:d7:42:2a:8b:f3:87:78:19:58:7c:0f:9e:da:
|
||||
89:7d:e1:fb:eb:72:90:0d:74:a1:96:64:ab:9f:a0:
|
||||
24:99:73:da:e2:55:76:c7:17:7b:f5:04:ac:46:b8:
|
||||
c3:be:7f:64:8d:10:6c:24:f3:61:9c:c0:f2:90:fa:
|
||||
51:e6:f5:69:01:63:c3:0f:56:e2:4a:42:cf:e2:44:
|
||||
8c:25:28:a8:c5:79:09:7d:46:b9:8a:f3:e9:f3:34:
|
||||
29:08:45:e4:1c:9f:cb:94:04:1c:81:a8:14:b3:98:
|
||||
65:c4:43:ec:4e:82:8d:09:d1:bd:aa:5b:8d:92:d0:
|
||||
ec:de:90:c5:7f:0a:c2:e3:eb:e6:31:5a:5e:74:3e:
|
||||
97:33:59:e8:c3:03:3d:60:33:bf:f7:d1:6f:47:c4:
|
||||
cd:ee:62:83:52:6e:2e:08:9a:a4:d9:15:18:91:a6:
|
||||
85:92:47:b0:ae:48:eb:6d:b7:21:ec:85:1a:68:72:
|
||||
35:ab:ff:f0:10:5d:c0:f4:94:a7:6a:d5:3b:92:7e:
|
||||
4c:90:05:7e:93:c1:2c:8b:a4:8e:62:74:15:71:6e:
|
||||
0b:71:03:ea:af:15:38:9a:d4:d2:05:72:6f:8c:f9:
|
||||
2b:eb:5a:72:25:f9:39:46:e3:72:1b:3e:04:c3:64:
|
||||
27:22:10:2a:8a:4f:58:a7:03:ad:be:b4:2e:13:ed:
|
||||
5d:aa:48:d7:d5:7d:d4:2a:7b:5c:fa:46:04:50:e4:
|
||||
cc:0e:42:5b:8c:ed:db:f2:cf:fc:96:93:e0:db:11:
|
||||
36:54:62:34:38:8f:0c:60:9b:3b:97:56:38:ad:f3:
|
||||
d2:5b:8b:a0:5b:ea:4e:96:b8:7c:d7:d5:a0:86:70:
|
||||
40:d3:91:29:b7:a2:3c:ad:f5:8c:bb:cf:1a:92:8a:
|
||||
e4:34:7b:c0:d8:6c:5f:e9:0a:c2:c3:a7:20:9a:5a:
|
||||
df:2c:5d:52:5c:ba:47:d5:9b:ef:24:28:70:38:20:
|
||||
2f:d5:7f:29:c0:b2:41:03:68:92:cc:e0:9c:cc:97:
|
||||
4b:45:ef:3a:10:0a:ab:70:3a:98:95:70:ad:35:b1:
|
||||
ea:85:2b:a4:1c:80:21:31:a9:ae:60:7a:80:26:48:
|
||||
00:b8:01:c0:93:63:55:22:91:3c:56:e7:af:db:3a:
|
||||
25:f3:8f:31:54:ea:26:8b:81:59:f9:a1:d1:53:11:
|
||||
c5:7b:9d:03:f6:74:11:e0:6d:b1:2c:3f:2c:86:91:
|
||||
99:71:9a:a6:77:8b:34:60:d1:14:b4:2c:ac:9d:af:
|
||||
8c:10:d3:9f:c4:6a:f8:6f:13:fc:73:59:f7:66:42:
|
||||
74:1e:8a:e3:f8:dc:d2:6f:98:9c:cb:47:98:95:40:
|
||||
05:fb:e9
|
||||
Exponent: 65537 (0x10001)
|
||||
X509v3 extensions:
|
||||
X509v3 Basic Constraints: critical
|
||||
CA:TRUE
|
||||
Authority Information Access:
|
||||
OCSP - URI:http://ocsp.CAcert.org/
|
||||
CA Issuers - URI:http://www.CAcert.org/class3.crt
|
||||
|
||||
X509v3 Certificate Policies:
|
||||
Policy: 1.3.6.1.4.1.18506.2.3.1
|
||||
CPS: http://www.CAcert.org/cps.php
|
||||
|
||||
X509v3 CRL Distribution Points:
|
||||
|
||||
Full Name:
|
||||
URI:https://www.cacert.org/class3.crl
|
||||
|
||||
Signature Algorithm: sha512WithRSAEncryption
|
||||
c6:1e:ad:77:5c:b4:28:9b:d1:c8:8d:44:12:c0:bd:76:76:04:
|
||||
83:21:07:f8:11:82:7f:6b:c1:95:42:c0:38:11:b5:25:70:8d:
|
||||
8b:0c:c1:d5:6c:fd:1c:1a:03:7c:8b:f8:06:31:a5:9d:de:41:
|
||||
29:d4:8b:9b:84:d7:3d:c1:37:86:71:a3:1f:5b:61:29:1e:5d:
|
||||
77:7d:bb:f0:ad:b9:15:19:13:14:e6:35:80:ff:a6:19:b4:37:
|
||||
85:94:41:e8:88:c3:5f:e0:b2:06:a4:bb:f8:40:a9:1d:39:ac:
|
||||
ed:ea:3f:98:04:4d:f9:8c:f9:47:79:73:52:f5:ec:df:34:97:
|
||||
fb:3e:77:e0:dc:d1:83:88:ba:88:73:47:5a:a6:a4:15:c4:0d:
|
||||
70:0d:0f:9e:4b:13:07:7e:ef:18:3e:f9:a5:01:aa:79:29:b1:
|
||||
e7:52:fa:53:3a:c8:a6:7f:b6:ef:89:a1:b1:a1:4d:2f:ce:63:
|
||||
85:7f:a5:2a:e9:3b:d4:c1:a3:cf:0a:13:85:bb:99:d7:9c:66:
|
||||
90:84:e7:66:d4:50:b3:a1:e1:2d:22:2a:25:68:c3:20:b2:2b:
|
||||
c4:ba:98:1d:e8:4a:ef:5c:58:c2:b4:4d:84:56:f7:4e:bb:16:
|
||||
68:42:6c:92:b8:6f:78:cd:0e:b3:fb:ef:a0:b3:64:87:f2:f7:
|
||||
88:44:39:fc:b9:e6:2c:c0:98:24:d4:40:2c:5e:c8:ee:0b:1d:
|
||||
b8:02:4d:26:b8:0a:18:c6:2f:1e:4b:75:6e:8f:2e:21:73:bc:
|
||||
c2:03:55:ee:aa:14:e0:9a:1a:07:53:0b:df:44:14:a8:67:05:
|
||||
af:44:c8:d3:a1:45:76:02:b6:7f:0c:b9:86:e9:4f:c6:6e:b0:
|
||||
bb:15:b4:bf:e8:80:b5:76:31:fe:64:64:c1:0a:58:6d:c5:50:
|
||||
b6:b2:03:bf:1d:42:4f:59:39:d1:c4:31:8b:e8:c8:2a:39:1c:
|
||||
15:61:f0:de:40:68:0e:70:a8:b3:4f:ee:91:e8:0f:4f:b6:90:
|
||||
9e:4d:80:6c:be:1c:ee:70:a4:b8:07:04:2b:0d:41:02:54:84:
|
||||
4e:47:ea:8b:96:ed:76:58:61:e7:c3:21:7b:06:6f:d4:b7:0b:
|
||||
e7:34:32:83:cc:35:a6:e7:25:4f:7c:17:42:fc:bc:57:03:c6:
|
||||
9f:42:7f:98:60:f8:80:b2:d9:f6:b1:9c:1c:35:04:0a:89:31:
|
||||
16:85:a4:fa:ee:4c:09:c5:6a:98:66:ec:c8:6e:2a:e6:cb:92:
|
||||
dc:23:6c:96:c1:d4:45:f3:3c:6d:02:b8:a0:bb:c7:47:c2:c2:
|
||||
1c:40:4c:45:c7:45:06:7f:3b:71:2b:ce:2b:a7:81:d6:47:46:
|
||||
28:b0:3c:ca:65:f1:66:9f
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIGPTCCBCWgAwIBAgIDFOIoMA0GCSqGSIb3DQEBDQUAMHkxEDAOBgNVBAoTB1Jv
|
||||
b3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEiMCAGA1UEAxMZ
|
||||
Q0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJARYSc3VwcG9y
|
||||
dEBjYWNlcnQub3JnMB4XDTIxMDQxOTEyMTgzMFoXDTMxMDQxNzEyMTgzMFowVDEU
|
||||
MBIGA1UEChMLQ0FjZXJ0IEluYy4xHjAcBgNVBAsTFWh0dHA6Ly93d3cuQ0FjZXJ0
|
||||
Lm9yZzEcMBoGA1UEAxMTQ0FjZXJ0IENsYXNzIDMgUm9vdDCCAiIwDQYJKoZIhvcN
|
||||
AQEBBQADggIPADCCAgoCggIBAKtJNRFIfNImflOUz0Op3SjXQiqL84d4GVh8D57a
|
||||
iX3h++tykA10oZZkq5+gJJlz2uJVdscXe/UErEa4w75/ZI0QbCTzYZzA8pD6Ueb1
|
||||
aQFjww9W4kpCz+JEjCUoqMV5CX1GuYrz6fM0KQhF5Byfy5QEHIGoFLOYZcRD7E6C
|
||||
jQnRvapbjZLQ7N6QxX8KwuPr5jFaXnQ+lzNZ6MMDPWAzv/fRb0fEze5ig1JuLgia
|
||||
pNkVGJGmhZJHsK5I6223IeyFGmhyNav/8BBdwPSUp2rVO5J+TJAFfpPBLIukjmJ0
|
||||
FXFuC3ED6q8VOJrU0gVyb4z5K+taciX5OUbjchs+BMNkJyIQKopPWKcDrb60LhPt
|
||||
XapI19V91Cp7XPpGBFDkzA5CW4zt2/LP/JaT4NsRNlRiNDiPDGCbO5dWOK3z0luL
|
||||
oFvqTpa4fNfVoIZwQNORKbeiPK31jLvPGpKK5DR7wNhsX+kKwsOnIJpa3yxdUly6
|
||||
R9Wb7yQocDggL9V/KcCyQQNokszgnMyXS0XvOhAKq3A6mJVwrTWx6oUrpByAITGp
|
||||
rmB6gCZIALgBwJNjVSKRPFbnr9s6JfOPMVTqJouBWfmh0VMRxXudA/Z0EeBtsSw/
|
||||
LIaRmXGapneLNGDRFLQsrJ2vjBDTn8Rq+G8T/HNZ92ZCdB6K4/jc0m+YnMtHmJVA
|
||||
BfvpAgMBAAGjgfIwge8wDwYDVR0TAQH/BAUwAwEB/zBhBggrBgEFBQcBAQRVMFMw
|
||||
IwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLkNBY2VydC5vcmcvMCwGCCsGAQUFBzAC
|
||||
hiBodHRwOi8vd3d3LkNBY2VydC5vcmcvY2xhc3MzLmNydDBFBgNVHSAEPjA8MDoG
|
||||
CysGAQQBgZBKAgMBMCswKQYIKwYBBQUHAgEWHWh0dHA6Ly93d3cuQ0FjZXJ0Lm9y
|
||||
Zy9jcHMucGhwMDIGA1UdHwQrMCkwJ6AloCOGIWh0dHBzOi8vd3d3LmNhY2VydC5v
|
||||
cmcvY2xhc3MzLmNybDANBgkqhkiG9w0BAQ0FAAOCAgEAxh6td1y0KJvRyI1EEsC9
|
||||
dnYEgyEH+BGCf2vBlULAOBG1JXCNiwzB1Wz9HBoDfIv4BjGlnd5BKdSLm4TXPcE3
|
||||
hnGjH1thKR5dd3278K25FRkTFOY1gP+mGbQ3hZRB6IjDX+CyBqS7+ECpHTms7eo/
|
||||
mARN+Yz5R3lzUvXs3zSX+z534NzRg4i6iHNHWqakFcQNcA0PnksTB37vGD75pQGq
|
||||
eSmx51L6UzrIpn+274mhsaFNL85jhX+lKuk71MGjzwoThbuZ15xmkITnZtRQs6Hh
|
||||
LSIqJWjDILIrxLqYHehK71xYwrRNhFb3TrsWaEJskrhveM0Os/vvoLNkh/L3iEQ5
|
||||
/LnmLMCYJNRALF7I7gsduAJNJrgKGMYvHkt1bo8uIXO8wgNV7qoU4JoaB1ML30QU
|
||||
qGcFr0TI06FFdgK2fwy5hulPxm6wuxW0v+iAtXYx/mRkwQpYbcVQtrIDvx1CT1k5
|
||||
0cQxi+jIKjkcFWHw3kBoDnCos0/ukegPT7aQnk2AbL4c7nCkuAcEKw1BAlSETkfq
|
||||
i5btdlhh58MhewZv1LcL5zQyg8w1puclT3wXQvy8VwPGn0J/mGD4gLLZ9rGcHDUE
|
||||
CokxFoWk+u5MCcVqmGbsyG4q5suS3CNslsHURfM8bQK4oLvHR8LCHEBMRcdFBn87
|
||||
cSvOK6eB1kdGKLA8ymXxZp8=
|
||||
-----END CERTIFICATE-----
|
|
@ -1,6 +1,6 @@
|
|||
<? /*
|
||||
LibreSSL - CAcert web application
|
||||
Copyright (C) 2004-2008 CAcert Inc.
|
||||
Copyright (C) 2004-2023 CAcert Inc.
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
|
@ -17,21 +17,10 @@
|
|||
*/
|
||||
if(array_key_exists('iagree',$_REQUEST) && $_REQUEST['iagree'] == "yes")
|
||||
{
|
||||
$output_file = $fname = readlink("../tarballs/current.tar.bz2");
|
||||
|
||||
header('Pragma: public');
|
||||
|
||||
header('Last-Modified: '.gmdate('D, d M Y H:i:s') . ' GMT');
|
||||
header('Cache-Control: no-store, no-cache, must-revalidate'); // HTTP/1.1
|
||||
header('Cache-Control: pre-check=0, post-check=0, max-age=0'); // HTTP/1.1
|
||||
header('Content-Transfer-Encoding: none');
|
||||
header('Content-Type: application/octetstream; name="' . $output_file . '"'); //This should work for IE & Opera
|
||||
header('Content-Type: application/octet-stream; name="' . $output_file . '"'); //This should work for the rest
|
||||
header('Content-Disposition: inline; filename="' . $output_file . '"');
|
||||
header("Content-length: ".intval(filesize($_SESSION['_config']['filepath']."/tarballs/$fname")));
|
||||
readfile($_SESSION['_config']['filepath']."/tarballs/$fname");
|
||||
header('Location: https://code.cacert.org/cacert/cacert-webdb/archive/main.tar.gz', TRUE, 302);
|
||||
exit;
|
||||
}
|
||||
|
||||
loadem("index");
|
||||
showheader(_("CAcert Source License"));
|
||||
?>
|
||||
|
|
Loading…
Reference in a new issue