Add new scripts for mass mailings permitted by CAcert arbitration.

This commit is contained in:
Wytze van der Raay 2015-01-21 11:14:27 +00:00
parent cd4a66bd06
commit 912a5fb6bd
4 changed files with 385 additions and 0 deletions

View file

@ -0,0 +1,91 @@
[Deutsch]
Es hat sich viel getan in den letzten Jahren. Eine ganze Reihe von bisher
eher "muendlich ueberlieferten" Regeln wurden in Policies gegossen.
Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B.
in dem CAcert Community Agreement) wurden beschlossen. Die Assurer
Training Events wollen versuchen, die ganzen Informationen unter's
Volk zu bringen:
- Welcher Satz fehlt auf alten CAP Formularen?
- Warum soll ich mir R/L/O einpraegen?
- Wie verhaelst du dich,
wenn du ein fremdes Ausweisdokument das erste Mal pruefst?
Antworten auf diese und weitere Fragen erhaelst du bei den
Assurer Training Events (ATEs).
Darueberhinaus wird beim ATE der Vorgang der Identitaetsueberpruefung
trainiert und auditiert, um die Qualitaet der Assurances in der
taeglichen Praxis zu erfassen. Dabei gilt es moegliche Fehler und
Fallstricke zu erkennen und aufzudecken. Die Assurer haben also die
Moeglichkeit, sich mit den Fehlern auseinanderzusetzen und zu erfahren,
wie diese vermieden werden koennen.
Wie IanG sagte: The ATE or Assurer Training Event is exceptionally
recommended for all Assurers, and include parts which contribute
directly to our audit. Come and find out how you can also contribute.
Die kommende Veranstaltung in deiner Naehe findet statt am:
- Montag, den 2. Februar 2015
- in der Zeit von: 19:00 - ca. 22:00 Uhr
- Karma Indian Palace
- Bertoldstrasse 51-53 (gegenüber Cinemaxx)
- 79098 Freiburg
Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im
Wiki [http://wiki.cacert.org/Events/2015-02-02-ATE-Freiburg]
Blog [http://blog.cacert.org/2015/01/ate-freiburg-2015-02-02/]
Teilnehmer Registrierung mit Rueckantwort:
'Ich moechte am ATE-Freiburg teilnehmen'
Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.
Kontakt: events@cacert.org
[English]
During the last years many changes took place inside CAcert. Many "oral"
rules have been put into Policies. New procedures
(e.g. Assurer Challenge) and obligations
(e.g. CAcert Community Agreement) have been put into live.
The Assurer Training Events (ATE) try to spread this information:
- What is missing on the "old" CAP forms?
- Why should I remember R/L/O?
- What can you do if an Assuree shows an ID document unknown to you?
These and more questions will be answered during the
Assurer Training Events (ATEs)
Furthermore, the ATE trains how to do assurances and audits assurances,
to measure the quality of assurances in the daily routine. Here are some
possible errors and pitfalls which need to be found. Assurers have the
opportunity to see those errors and how to avoid them.
As IanG said: The ATE or Assurer Training Event is exceptionally
recommended for all Assurers and includes parts which contribute
directly to our audit. Come and find out how you can also contribute.
The next event held in your area will be:
- Monday, February 2nd 2015
- during: 19:00 - ca. 22:00
- Karma Indian Palace
- Bertoldstrasse 51-53 (across to Cinemaxx)
- 79098 Freiburg
Details to the location can be found:
Wiki [http://wiki.cacert.org/Events/2015-02-02-ATE-Freiburg]
Blog [http://blog.cacert.org/2015/01/ate-freiburg-2015-02-02/]
User reply for registration: 'I will attend the ATE-Freiburg'
The event team is looking forward for your attendance:
Contact: events@cacert.org

View file

@ -0,0 +1,138 @@
#!/usr/bin/php -q
<? /*
LibreSSL - CAcert web application
Copyright (C) 2004-2013 CAcert Inc.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
include_once("../includes/mysql.php");
$lines = "";
$fp = fopen("59de-ate-freiburg-email.txt", "r");
while(!feof($fp))
{
$line = trim(fgets($fp, 4096));
$lines .= wordwrap($line, 75, "\n")."\n";
}
fclose($fp);
// $locid = intval($_REQUEST['location']);
// $maxdist = intval($_REQUEST['maxdist']);
// maxdist in [Km]
$maxdist = 200;
// location location.ID
// verified: 29.4.09 u.schroeter
// $locid = 7902857; // Paris
// $locid = 238568; // Bielefeld
// $locid = 715191; // Hamburg
// $locid = 1102495; // London
// $locid = 606058; // Frankfurt
// $locid = 1775784; // Stuttgart
// $locid = 228950; // Berlin
// $locid = 606058; // Frankfurt
// $locid = 599389; // Flensburg
// $locid = 61065; // Amsterdam, Eemnes
// $locid = 228950; // Berlin
// $locid = 2138880; // Baltimore (Baltimore (city)), Maryland, United States
// $locid = 1486658; // Potsdam
// $locid = 664715; // Goteborg, Vastra Gotaland, Sweden
// $locid = 2094781; // Mission Hills (Los Angeles), California, United States
// $locid = 423655; // Copenhagen, Kobenhavn*, Denmark
// $locid = 2093625; // Los Angeles, CA ???
// $locid = 2094326 // Los Angeles (Los Angeles), California, United States
// $locid = 2257312; // Sydney, New South Wales, Australia
// $locid = 572764; // Essen, Nordrhein-Westfalen, Germany
// $locid = 78; // Aachen, Nordrhein-Westfalen, Germany
// $locid = 1260319; // Muenchen
// $locid = 266635; // Bonn, Nordrhein-Westfalen, Germany
// $locid = 873779; // Karlsruhe, Baden-Wuerttemberg, Germany
// $locid = 520340; // Dusseldorf, Nordrhein-Westfalen, Germany
// $locid = 2262656; // Melbourne, Victoria, Australia
// $locid = 2185076; // Raleigh (Wake), North Carolina, United States
// $locid = 2126955; // Lawrence (Douglas), Kansas, United States
// $locid = 919560; // Kiel, Schleswig-Holstein, Germany
// $locid = 228950; // Berlin
// $locid = 1117395; // Lubeck Hansestadt, Schleswig-Holstein, Germany
// $locid = 675661; // Graz, Steiermark, Austria
// $locid = 1992733; // Wien, Wien, Austria
// $locid = ; 54334 // Amberg, Bayern, Germany
// $eventname = "ATE-Amberg";
// $city = "06. Januar 2014";
// $locid = 1089877; // Linz, Oberoesterreich, Austria
// $eventname = "ATE-Linz";
// $city = "16. Mai 2014";
// $locid = 1993029; // Wiesbaden, Hessen, Germany
// $eventname = "ATE-Wiesbaden";
// $city = "22. Mai 2014";
// $locid = 1356196; // Oberwart, Burgenland, Germany
// $eventname = "ATE-Oberwart (Korrektur)";
// $city = "27. Juni 2014";
// $locid = 675661; // Graz, Steiermark, Austria
// $eventname = "ATE-Graz";
// $city = "13. November 2014";
// $locid = 1992733; // Wien, Wien, Austria
// $eventname = "ATE-Wien";
// $city = "19. November 2014";
$locid = 606775; // Freiburg, Baden-Wuertemberg, Germany
$eventname = "ATE-Freiburg";
$city = "2. Februar 2015";
$query = "select * from `locations` where `id`='$locid'";
$loc = mysql_fetch_assoc(mysql_query($query));
$query = "SELECT ROUND(6378.137 * ACOS(0.9999999*((SIN(PI() * $loc[lat] / 180) * SIN(PI() * `locations`.`lat` / 180)) +
(COS(PI() * $loc[lat] / 180 ) * COS(PI() * `locations`.`lat` / 180) *
COS(PI() * `locations`.`long` / 180 - PI() * $loc[long] / 180)))), -1) AS `distance`, sum(`points`) as pts, `users`.*
FROM `locations`
inner join `users` on `users`.`locid` = `locations`.`id`
inner join `alerts` on `users`.`id`=`alerts`.`memid`
inner join `notary` on `users`.`id`=`notary`.`to`
WHERE (`alerts`.`general`=1 OR `alerts`.`country`=1 OR `alerts`.`regional`=1 OR `alerts`.`radius`=1)
GROUP BY `users`.`id`
HAVING `distance` <= '$maxdist'
ORDER BY `distance` ";
echo $query;
// comment next line when starting to send mail not only to me
// $query = "select * from `users` where `email` like 'cacerttest%'";
$res = mysql_query($query);
$xrows = mysql_num_rows($res);
while($row = mysql_fetch_assoc($res))
{
// uncomment next line to send mails ...
sendmail($row['email'], "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
}
// 1x cc to events.cacert.org
sendmail("events@cacert.org", "[CAcert.org] $eventname - $city", $lines, "events@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
// 1x mailing report to events.cacert.org
sendmail("events@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
// 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20090525.1
sendmail("p.dunkel@cacert.org", "[CAcert.org] $eventname - $city Report", "invitation sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert Events Organisation", "returns@cacert.org", 1);
echo "invitation sent to $xrows recipients.\n";
?>

View file

@ -0,0 +1,98 @@
#!/usr/bin/php -q
<? /*
LibreSSL - CAcert web application
Copyright (C) 2004-2011 CAcert Inc.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
include_once("../includes/mysql.php");
$lines = "";
$fp = fopen("oa03-csr_org_client_cert.txt", "r");
while(!feof($fp))
{
$line = trim(fgets($fp, 4096));
$lines .= wordwrap($line, 75, "\n")."\n";
}
fclose($fp);
// --- Variable parameters --- begin
// $country
// "" (empty) email to _all_ countries
// "DE" 2-digit country code, eg. email to Germany Org's only
// $status
// Status: 1 mails to org contacts only
// 2 mails to org admins only
// 3 mails to org contacts + org admins
// $subject
// sample:
// with
// mailing subject results in
// a) $country = ""
// "[CAcert.org] Allowance to publish Organisation Assurance on CAcert website"
// b) $country = "DE"
// "[CAcert.org] Allowance to publish Organisation Assurance on CAcert website (DE)"
////OA Allowance
//$country = ""; // "DE" or ""
//$status = 3; // 1, 2 or 3 3 = 1+2
//$subject = "Allowance to publish Organisation Assurance on CAcert website";
//OA Org Client Cert Information
$country = ""; // "DE" or ""
$status = 3; // 1, 2 or 3 3 = 1+2
$subject = "New Feature in CAcert Organisation Accounts";
// --- Variable parameters --- end
$query = "SELECT orginfo.contact as email, orginfo.O, 1 as status
FROM orginfo
WHERE (orginfo.C like '$country%' and (1=$status or 3=$status))
UNION
Select users.email, orginfo.O, 2 as status
FROM users
inner join org on users.id = org.memid
inner join orginfo on org.orgid=orginfo.id
WHERE (orginfo.C like '$country%' and (2=$status or 3=$status))
ORDER BY O";
echo $query;
// comment next line when starting to send mail not only to me
// $query = "select * from `users` where `email` like 'cacerttest%'";
$res = mysql_query($query);
$xrows = mysql_num_rows($res);
while($row = mysql_fetch_assoc($res))
{
// uncomment next line to send mails ...
sendmail($row['email'], "[CAcert.org] ".$subject.(empty($country)?"":" (".$country.")") , $lines, "support@cacert.org", "", "", "CAcert OA Support", "returns@cacert.org", 1);
}
// 1x cc to oao.cacert.org
sendmail("oao@cacert.org", "[CAcert.org] ".$subject.(empty($country)?"":" (".$country.")"), $lines, "oao@cacert.org", "", "", "CAcert OA Support", "returns@cacert.org", 1);
// 1x mailing report to oao.cacert.org
sendmail("oao@cacert.org", "[CAcert.org] ".$subject.(empty($country)?"":" (".$country.")")." - Report", "oa-mailing sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert OA Support", "returns@cacert.org", 1);
// 1x mailing report to Arbitrator of case http://wiki.cacert.org/wiki/Arbitrations/a20110608.1
sendmail("bernhard@cacert.org", "[CAcert.org] ".$subject.(empty($country)?"":" (".$country.")")." - Report", "oa-mailing sent to $xrows recipients.", "support@cacert.org", "", "", "CAcert OA Support", "returns@cacert.org", 1);
echo "oa-mailing sent to $xrows recipients.\n";
?>

View file

@ -0,0 +1,58 @@
[German version below]
Dear Sir or Madam,
Dear CEO or CAcert Organisation Administrator,
We're proud to announce that the software team has implemented a new variant
to create Organisation Client Certificates!
Until now, client certificates in an Organisation Account could only be created
by using the browser feature to create a key pair and signing request in one
run.
The new feature is called CSR, Certificate Signing Request. The end user can
create a CSR (certificate signing request) on his own computer and give it to
the Organisation Administrator. The Organisation Administrator will copy & paste
it into the web form and will receive the signed certificate which he will send
back to the user. This means that the user generates the private key for the
signed certificate.
The key benefit of this approach is that the Organisation Administrator has no access to the end-user's private key.
See also
https://blog.cacert.org/2014/12/creating-certificates-with-csr-now-possible-for-org-accounts/
https://wiki.cacert.org/OrganisationAssurance/OA/OrgAdmin/Handbook/EN#clientcert
Best regards
Marcus Maengel
CAcert Organisation Assurance Officer
[German version]
Sehr geehrte Damen und Herren,
sehr geehrte CEO und Organisationsadministratoren,
Wir freuen uns darüber, Ihnen mitteilen zu können, dass das Software Team einen
weitere Methode der Software hinzugefügt hat, mit der man Organisations-Client-
Zertifikate erstellen kann.
Der bisher einzige Weg war es, die Organisations-Client-Zertifikate im Browser
zu erstellen. Dabei werden sowohl der private Schlüssel erzeugt als auch das
Signieren in einem Schritt durchgeführt.
Die neue Methode nutzt den CSR (Certificate Signing Request). Ein Anwender kann
auf seinem eigenen PC den privaten Schlüssel und den CSR erstellen. Letzterer
wird an den Organisationsadminstrator gesendet. Der Organisationsadminstrator
kopiert den CSR in das Web-Formular und erhält den signierten öffentlichen
Schlüssel, der dann an den Anwender zurück gesendet wird.
Ein Vorteil dieser Methode ist es, dass der Organisationsadministrator keinen
Zugriff auf den privaten Schlüssel des Anwenders benötigt.
Weiteres ist hier zu finden
https://blog.cacert.org/2014/12/creating-certificates-with-csr-now-possible-for-org-accounts/
https://wiki.cacert.org/OrganisationAssurance/OA/OrgAdmin/Handbook/DE#clientcert
Mit freundlichen Grüßen
Marcus Maengel
CAcert Organisation Assurance Officer