Add new scripts for mass mailings permitted by CAcert arbitration.

scripts/59de-ate-freiburg-email.txt

@@ -0,0 +1,91 @@
+[Deutsch]
+
+Es hat sich viel getan in den letzten Jahren. Eine ganze Reihe von bisher
+eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen.
+Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B.
+in dem CAcert Community Agreement) wurden beschlossen. Die Assurer
+Training Events wollen versuchen, die ganzen Informationen unter's
+Volk zu bringen:
+
+- Welcher Satz fehlt auf alten CAP Formularen?
+- Warum soll ich mir R/L/O einpraegen?
+- Wie verhaelst du dich,
+    wenn du ein fremdes Ausweisdokument das erste Mal pruefst?
+
+Antworten auf diese und weitere Fragen erhaelst du bei den
+Assurer Training Events (ATEs).
+
+Darueberhinaus wird beim ATE der Vorgang der Identitaetsueberpruefung
+trainiert und auditiert, um die Qualitaet der Assurances in der
+taeglichen Praxis zu erfassen. Dabei gilt es moegliche Fehler und
+Fallstricke zu erkennen und aufzudecken. Die Assurer haben also die
+Moeglichkeit, sich mit den Fehlern auseinanderzusetzen und zu erfahren,
+wie diese vermieden werden koennen.
+
+Wie IanG sagte: The ATE or Assurer Training Event is exceptionally
+recommended for all Assurers, and include parts which contribute
+directly to our audit. Come and find out how you can also contribute.
+
+Die kommende Veranstaltung in deiner Naehe findet statt am:
+
+- Montag, den 2. Februar 2015
+- in der Zeit von: 19:00 - ca. 22:00 Uhr
+- Karma Indian Palace
+- Bertoldstrasse 51-53 (gegenüber Cinemaxx)
+- 79098 Freiburg
+
+
+Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
+Wiki [http://wiki.cacert.org/Events/2015-02-02-ATE-Freiburg]
+Blog [http://blog.cacert.org/2015/01/ate-freiburg-2015-02-02/]
+
+Teilnehmer Registrierung mit Rueckantwort:
+ 'Ich moechte am ATE-Freiburg teilnehmen'
+
+Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
+
+Kontakt: events@cacert.org
+
+
+
+[English]
+
+During the last years many changes took place inside CAcert. Many "oral"
+rules have been put into Policies. New procedures
+(e.g. Assurer Challenge) and obligations
+(e.g. CAcert Community Agreement) have been put into live.
+The Assurer Training Events (ATE) try to spread this information:
+
+- What is missing on the "old" CAP forms?
+- Why should I remember R/L/O?
+- What can you do if an Assuree shows an ID document unknown to you?
+
+These and more questions will be answered during the
+Assurer Training Events (ATEs)
+
+Furthermore, the ATE trains how to do assurances and audits assurances,
+to measure the quality of assurances in the daily routine. Here are some
+possible errors and pitfalls which need to be found. Assurers have the
+opportunity to see those errors and how to avoid them.
+
+As IanG said: The ATE or Assurer Training Event is exceptionally
+recommended for all Assurers and includes parts which contribute
+directly to our audit. Come and find out how you can also contribute.
+
+The next event held in your area will be:
+
+- Monday, February 2nd 2015
+- during: 19:00 - ca. 22:00
+- Karma Indian Palace
+- Bertoldstrasse 51-53 (across to Cinemaxx)
+- 79098 Freiburg
+
+Details to the location can be found:
+Wiki [http://wiki.cacert.org/Events/2015-02-02-ATE-Freiburg]
+Blog [http://blog.cacert.org/2015/01/ate-freiburg-2015-02-02/]
+
+User reply for registration: 'I will attend the ATE-Freiburg'
+
+The event team is looking forward for your attendance:
+
+Contact: events@cacert.org

scripts/59de-ate-freiburg-mail.php.txt

@@ -0,0 +1,138 @@
+#!/usr/bin/php -q
+<? /*
+    LibreSSL - CAcert web application
+    Copyright (C) 2004-2013  CAcert Inc.
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; version 2 of the License.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+*/
+    include_once("../includes/mysql.php");
+
+    $lines = "";
+    $fp = fopen("59de-ate-freiburg-email.txt", "r");
+    while(!feof($fp))
+    {
+        $line = trim(fgets($fp, 4096));
+        $lines .= wordwrap($line, 75, "\n")."\n";
+    }
+    fclose($fp);
+
+
+//  $locid = intval($_REQUEST['location']);
+//  $maxdist = intval($_REQUEST['maxdist']);
+//  maxdist in [Km]
+  $maxdist = 200;
+
+
+// location      location.ID
+//   verified: 29.4.09 u.schroeter
+//   $locid = 7902857;       // Paris
+//   $locid = 238568;        // Bielefeld
+//   $locid = 715191;        // Hamburg
+//   $locid = 1102495;       // London
+//   $locid = 606058;        // Frankfurt
+//   $locid = 1775784;       // Stuttgart
+//   $locid = 228950;        // Berlin
+//   $locid = 606058;        // Frankfurt
+//   $locid = 599389;        // Flensburg
+//   $locid = 61065;        // Amsterdam, Eemnes
+//   $locid = 228950;        // Berlin
+//   $locid = 2138880;      // Baltimore (Baltimore (city)), Maryland, United States
+//   $locid = 1486658;       // Potsdam
+//   $locid = 664715;       // Goteborg, Vastra Gotaland, Sweden
+//   $locid = 2094781;       // Mission Hills (Los Angeles), California, United States
+//   $locid = 423655;       // Copenhagen, Kobenhavn*, Denmark
+//   $locid = 2093625;       // Los Angeles, CA ???
+//   $locid = 2094326       // Los Angeles (Los Angeles), California, United States
+//   $locid = 2257312;       // Sydney, New South Wales, Australia
+//   $locid = 572764;       //  Essen, Nordrhein-Westfalen, Germany
+//   $locid = 78;       //  Aachen, Nordrhein-Westfalen, Germany
+//   $locid = 1260319;       // Muenchen
+//   $locid = 266635;       // Bonn, Nordrhein-Westfalen, Germany
+//   $locid = 873779;       // Karlsruhe, Baden-Wuerttemberg, Germany
+//   $locid = 520340;       // Dusseldorf, Nordrhein-Westfalen, Germany
+//       $locid = 2262656;       // Melbourne, Victoria, Australia
+//   $locid = 2185076;       // Raleigh (Wake), North Carolina, United States
+//   $locid = 2126955;       // Lawrence (Douglas), Kansas, United States
+//   $locid = 919560;       // Kiel, Schleswig-Holstein, Germany
+//       $locid = 228950;        // Berlin
+// $locid = 1117395;       // Lubeck Hansestadt, Schleswig-Holstein, Germany
+//   $locid = 675661;       // Graz, Steiermark, Austria
+//   $locid = 1992733;       // Wien, Wien, Austria
+
+//   $locid = ; 54334      // Amberg, Bayern, Germany
+//   $eventname = "ATE-Amberg";
+//   $city = "06. Januar 2014";
+    
+//   $locid = 1089877;      // Linz, Oberoesterreich, Austria
+//   $eventname = "ATE-Linz";
+//   $city = "16. Mai 2014";
+    
+//   $locid = 1993029;      // Wiesbaden, Hessen, Germany
+//   $eventname = "ATE-Wiesbaden";
+//   $city = "22. Mai 2014";
+
+    
+//   $locid = 1356196;      // Oberwart, Burgenland, Germany
+//   $eventname = "ATE-Oberwart (Korrektur)";
+//   $city = "27. Juni 2014";    
+
+//   $locid = 675661;       // Graz, Steiermark, Austria
+//   $eventname = "ATE-Graz";
+//   $city = "13. November 2014";
+
+//   $locid = 1992733;       // Wien, Wien, Austria
+//   $eventname = "ATE-Wien";
+//   $city = "19. November 2014";
+
+   $locid = 606775;       // Freiburg, Baden-Wuertemberg, Germany
+   $eventname = "ATE-Freiburg";
+   $city = "2. Februar 2015";
+   
+    $query = "select * from `locations` where `id`='$locid'";
+        $loc = mysql_fetch_assoc(mysql_query($query));
+
+    $query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
+            (COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
+             COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
+            FROM `locations`
+                inner join `users`  on `users`.`locid` = `locations`.`id`
+                inner join `alerts` on `users`.`id`=`alerts`.`memid`
+                inner join `notary` on `users`.`id`=`notary`.`to`
+            WHERE   (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
+            GROUP BY `users`.`id`
+            HAVING `distance` <= '$maxdist'
+            ORDER BY `distance` ";
+     echo $query;
+
+    // comment next line when starting to send mail not only to me
+    //  $query = "select * from `users` where `email` like 'cacerttest%'";
+
+    $res = mysql_query($query);
+    $xrows = mysql_num_rows($res);
+
+    while($row = mysql_fetch_assoc($res))
+    {
+    //    uncomment next line to send mails ...
+        sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+    }
+  // 1x cc to events.cacert.org
+    sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+    // 1x mailing report to events.cacert.org
+  sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+
+    // 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
+  sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
+    echo "invitation sent to $xrows recipients.\n";
+
+?>

scripts/oa03-csr_org_client_cert.php.txt

@@ -0,0 +1,98 @@
+#!/usr/bin/php -q
+<? /*
+    LibreSSL - CAcert web application
+    Copyright (C) 2004-2011  CAcert Inc.
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; version 2 of the License.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+*/
+	include_once("../includes/mysql.php");
+
+	$lines = "";
+	$fp = fopen("oa03-csr_org_client_cert.txt", "r");
+	while(!feof($fp))
+	{
+		$line = trim(fgets($fp, 4096));
+		$lines .= wordwrap($line, 75, "\n")."\n";
+	}
+	fclose($fp);
+
+// ---  Variable parameters --- begin
+
+// $country
+//     ""    (empty)  email to _all_ countries
+//     "DE"   2-digit country code, eg. email to Germany Org's only
+
+// $status
+//    Status:  1 mails to org contacts only
+//             2 mails to org admins only
+//             3 mails to org contacts + org admins
+
+// $subject
+//   sample:
+//     with
+//     mailing subject results in
+//     a) $country = ""
+//        "[CAcert.org] Allowance to publish Organisation Assurance on CAcert website"
+//     b) $country = "DE"
+//        "[CAcert.org] Allowance to publish Organisation Assurance on CAcert website (DE)"
+
+
+////OA Allowance
+//$country = "";   //   "DE" or ""
+//$status  = 3;      //   1, 2 or 3   3 = 1+2
+//$subject = "Allowance to publish Organisation Assurance on CAcert website";
+
+
+//OA Org Client Cert Information
+$country = "";   //   "DE" or ""
+$status  = 3;      //   1, 2 or 3   3 = 1+2
+$subject = "New Feature in CAcert Organisation Accounts";
+
+// --- Variable parameters --- end
+
+$query = "SELECT orginfo.contact as email, orginfo.O, 1 as status
+			FROM orginfo
+			WHERE (orginfo.C like '$country%' and (1=$status or 3=$status))
+      UNION
+			Select users.email, orginfo.O, 2 as status
+			FROM users
+				inner join org on users.id = org.memid
+				inner join orginfo on org.orgid=orginfo.id
+      WHERE (orginfo.C like '$country%' and (2=$status or 3=$status))
+      ORDER BY O";
+
+
+	 echo $query;
+
+    // comment next line when starting to send mail not only to me 
+    //	$query = "select * from `users` where `email` like 'cacerttest%'";
+
+	$res = mysql_query($query);
+	$xrows = mysql_num_rows($res);
+
+	while($row = mysql_fetch_assoc($res))
+	{
+    //    uncomment next line to send mails ...
+		sendmail($row['email'], "[CAcert.org] ".$subject.(empty($country)?"":" (".$country.")") , $lines, "support@cacert.org", "", "", "CAcert OA Support", "returns@cacert.org", 1);
+	}
+  // 1x cc to oao.cacert.org
+	sendmail("oao@cacert.org", "[CAcert.org] ".$subject.(empty($country)?"":" (".$country.")"), $lines, "oao@cacert.org", "", "", "CAcert OA Support", "returns@cacert.org", 1);
+	// 1x mailing report to oao.cacert.org
+  sendmail("oao@cacert.org", "[CAcert.org] ".$subject.(empty($country)?"":" (".$country.")")." - Report", "oa-mailing sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert OA Support", "returns@cacert.org", 1);	
+
+	// 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20110608.1
+  sendmail("bernhard@cacert.org", "[CAcert.org] ".$subject.(empty($country)?"":" (".$country.")")." - Report", "oa-mailing sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert OA Support", "returns@cacert.org", 1);	
+
+	echo "oa-mailing sent to $xrows recipients.\n";
+?>

scripts/oa03-csr_org_client_cert.txt

@@ -0,0 +1,58 @@
+[German version below]
+Dear Sir or Madam,
+ Dear CEO or CAcert Organisation Administrator,
+
+We're proud to announce that the software team has implemented a new variant
+to create Organisation Client Certificates!
+
+Until now, client certificates in an Organisation Account could only be created 
+by using the browser feature to create a key pair and signing request in one 
+run.
+
+The new feature is called CSR, Certificate Signing Request. The end user can 
+create a CSR (certificate signing request) on his own computer and give it to 
+the Organisation Administrator. The Organisation Administrator will copy & paste 
+it into the web form and will receive the signed certificate which he will send 
+back to the user. This means that the user generates the private key for the 
+signed certificate.
+
+The key benefit of this approach is that the Organisation Administrator has no access to the end-user's private key.
+
+See also
+https://blog.cacert.org/2014/12/creating-certificates-with-csr-now-possible-for-org-accounts/
+https://wiki.cacert.org/OrganisationAssurance/OA/OrgAdmin/Handbook/EN#clientcert
+
+Best regards
+
+Marcus Maengel
+CAcert Organisation Assurance Officer
+
+[German version]
+Sehr geehrte Damen und Herren,
+  sehr geehrte CEO und Organisationsadministratoren,
+
+Wir freuen uns darüber, Ihnen mitteilen zu können, dass das Software Team einen 
+weitere Methode der Software hinzugefügt hat, mit der man Organisations-Client-
+Zertifikate erstellen kann.
+
+Der bisher einzige Weg war es, die Organisations-Client-Zertifikate im Browser 
+zu erstellen. Dabei werden sowohl der private Schlüssel erzeugt als auch das 
+Signieren in einem Schritt durchgeführt.
+
+Die neue Methode nutzt den CSR (Certificate Signing Request). Ein Anwender kann 
+auf seinem eigenen PC den privaten Schlüssel und den CSR erstellen. Letzterer 
+wird an den Organisationsadminstrator gesendet. Der Organisationsadminstrator 
+kopiert den CSR in das Web-Formular und erhält den signierten öffentlichen 
+Schlüssel, der dann an den Anwender zurück gesendet wird.
+
+Ein Vorteil dieser Methode ist es, dass der Organisationsadministrator keinen 
+Zugriff auf den privaten Schlüssel des Anwenders benötigt.
+
+Weiteres ist hier zu finden
+https://blog.cacert.org/2014/12/creating-certificates-with-csr-now-possible-for-org-accounts/
+https://wiki.cacert.org/OrganisationAssurance/OA/OrgAdmin/Handbook/DE#clientcert
+
+Mit freundlichen Grüßen
+
+Marcus Maengel
+CAcert Organisation Assurance Officer