jandd
/
poc-browser-csr-generation
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: jandd:bd54c060b92985cbc2f1fbc66d1a8df7a4ca55c4
Branches Tags
jandd:main
...
compare: jandd:1617f535c0337545144c1f5ca3c0d0b35caed130
Branches Tags
jandd:main

6 Commits
bd54c060b9 ... 1617f535c0

Author SHA1 Message Date
Jan Dittberner 1617f535c0 Add migration for languages 2 years ago
Jan Dittberner 6e3e84c70d Add support for dynamic set of sub CAs 2 years ago
Jan Dittberner b16ca196f1 Tidy dependencies 2 years ago
Jan Dittberner e485abeced Setup more CAB forum compliant CA structure 2 years ago
Jan Dittberner e67dc820cf WIP: migrations 2 years ago
Jan Dittberner b57c01b3c4 WIP: migrations 2 years ago
19 changed files with 1675 additions and 17 deletions
Show Stats

59
ca.cnf
Unescape Escape View File

@ -1,7 +1,7 @@
extensions = v3_ext
[ca]
default_ca = EXAMPLECA
default_ca = sub_ca
[rootca]
dir = ./example_ca/root
@ -25,7 +25,7 @@ default_md = sha256
default_days = 1825
default_crl_days = 30
[EXAMPLECA]
[sub_ca]
dir = ./example_ca/sub
certs = $dir/certs
crl_dir = $dir/crl
@ -44,6 +44,25 @@ default_md = sha256
default_days = 365
default_crl_days = 30
[email_ca]
dir = ./example_ca/email
certs = $dir/certs
crl_dir = $dir/crl
database = $dir/index.txt
serial = $dir/serial
new_certs_dir = $dir/newcerts
crl = $dir/crl.pem
certificate = $dir/ca.crt.pem
private_key = $dir/private/ca.key.pem
RANDFILE = $dir/private/.rand
unique_subject = no
email_in_dn = no
default_md = sha256
default_days = 365
default_crl_days = 30
[policy_any]
countryName = match
stateOrProvinceName = optional
@ -55,12 +74,14 @@ emailAddress = optional
[policy_match]
commonName = supplied
[client_ext]
[email_ext]
basicConstraints = critical,CA:false
keyUsage = keyEncipherment,digitalSignature,nonRepudiation
extendedKeyUsage = clientAuth,emailProtection
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
authorityKeyIdentifier = keyid:always
authorityInfoAccess = 1.3.6.1.5.5.7.48.2;URI:http://example.org/ca/root/ca.crt,OCSP;URI:http://ocsp.example.org/
crlDistributionPoints = URI:http://crl.example.org/email.crl
[req]
default_bits = 3072
@ -86,10 +107,34 @@ commonName_max = 64
[req_attributes]
[root_ca]
basicConstraints = critical,CA:true,pathlen:1
basicConstraints = critical,CA:true
keyUsage = critical,keyCertSign,cRLSign
subjectKeyIdentifier = hash
[sub_ca]
[ext_sub_ca]
basicConstraints = critical,CA:true,pathlen:0
keyUsage = critical,keyCertSign,cRLSign
extendedKeyUsage = serverAuth,clientAuth
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always
authorityInfoAccess = 1.3.6.1.5.5.7.48.2;URI:http://example.org/ca/root/ca.crt,OCSP;URI:http://ocsp.example.org/
crlDistributionPoints = URI:http://crl.example.org/sub.crl
certificatePolicies = @policy_sub_ca
[ext_email_ca]
basicConstraints = critical,CA:true,pathlen:0
keyUsage = critical,keyCertSign,cRLSign
extendedKeyUsage = clientAuth,emailProtection
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always
authorityKeyIdentifier = keyid:always
authorityInfoAccess = 1.3.6.1.5.5.7.48.2;URI:http://example.org/ca/root/ca.crt,OCSP;URI:http://ocsp.example.org/
crlDistributionPoints = URI:http://crl.example.org/email.crl
certificatePolicies = @policy_email_ca
[policy_sub_ca]
policyIdentifier = 1.3.6.1.5.5.7.2.1
CPS = http://example.org/ca/sub/cps.html
[policy_email_ca]
policyIdentifier = 1.3.6.1.5.5.7.2.1
CPS = http://example.org/ca/email/cps.html

8
cmd/goose/main.go
Unescape Escape View File

@ -0,0 +1,8 @@
package main
import (
_ "git.dittberner.info/jan/browser_csr_generation/migrations"
)
func main() {
}

2
go.mod
Unescape Escape View File

@ -4,11 +4,13 @@ go 1.13
require (
github.com/BurntSushi/toml v0.3.1
github.com/go-sql-driver/mysql v1.5.0
github.com/gobwas/httphead v0.1.0 // indirect
github.com/gobwas/pool v0.2.1 // indirect
github.com/gobwas/ws v1.0.4
github.com/gorilla/csrf v1.7.0
github.com/nicksnyder/go-i18n/v2 v2.1.1
github.com/pressly/goose v2.6.0+incompatible
github.com/sirupsen/logrus v1.7.0
golang.org/x/text v0.3.4
gopkg.in/yaml.v2 v2.4.0 // indirect

4
go.sum
Unescape Escape View File

@ -2,6 +2,8 @@ github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/go-sql-driver/mysql v1.5.0 h1:ozyZYNQW3x3HtqT1jira07DN2PArx2v7/mN66gGcHOs=
github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
github.com/gobwas/httphead v0.1.0 h1:exrUm0f4YX0L7EBwZHuCF4GDp8aJfVeBrlLQrs6NqWU=
github.com/gobwas/httphead v0.1.0/go.mod h1:O/RXo79gxV8G+RqlR/otEwx4Q36zl9rqC5u12GKvMCM=
github.com/gobwas/pool v0.2.1 h1:xfeeEhW7pwmX8nuLVlqbzVc7udMDrwetjEv+TZIz1og=
@ -18,6 +20,8 @@ github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/pressly/goose v2.6.0+incompatible h1:3f8zIQ8rfgP9tyI0Hmcs2YNAqUCL1c+diLe3iU8Qd/k=
github.com/pressly/goose v2.6.0+incompatible/go.mod h1:m+QHWCqxR3k8D9l7qfzuC/djtlfzxr34mozWDYEu1z8=
github.com/sirupsen/logrus v1.7.0 h1:ShrD1U9pZB12TX0cVy0DtePoCH97K8EtX+mg7ZARUtM=
github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w=

4
handlers/registry.go
Unescape Escape View File

@ -122,8 +122,8 @@ func (registry *SigningRequestRegistry) sign(request *SigningRequestAttributes)
time.Sleep(5 * time.Second)
opensslCommand := exec.Command(
"openssl", "ca", "-config", "ca.cnf",
"-policy", "policy_match", "-extensions", "client_ext",
"openssl", "ca", "-config", "ca.cnf", "-name", "email_ca",
"-policy", "policy_match", "-extensions", "email_ext",
"-batch", "-subj", subjectDN, "-utf8", "-rand_serial", "-in", csrFile.Name())
var out, cmdErr bytes.Buffer
opensslCommand.Stdout = &out

10
main.go
Unescape Escape View File

@ -11,6 +11,7 @@ import (
"net/http"
"os"
"os/signal"
"path/filepath"
"strings"
"syscall"
"time"
@ -47,7 +48,6 @@ func main() {
CipherSuites: []uint16{
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
},
NextProtos: []string{"h2"},
PreferServerCipherSuites: true,
@ -124,8 +124,12 @@ func generateRandomBytes(count int) []byte {
func loadCACertificates() (caCertificates []*x509.Certificate) {
var err error
caCertificates = make([]*x509.Certificate, 2)
for index, certFile := range []string{"example_ca/sub/ca.crt.pem", "example_ca/root/ca.crt.pem"} {
caFiles, err := filepath.Glob("example_ca/*/ca.crt.pem")
if err != nil {
log.Panic(err)
}
caCertificates = make([]*x509.Certificate, len(caFiles))
for index, certFile := range caFiles {
var certBytes []byte
if certBytes, err = ioutil.ReadFile(certFile); err != nil {
log.Panic(err)

615
migrations/00001_initial_schema.sql
Unescape Escape View File

@ -0,0 +1,615 @@
-- +goose Up
-- LibreSSL - CAcert web application
-- Copyright (C) 2004-2020 CAcert Inc.
--
-- This program is free software; you can redistribute it and/or modify
-- it under the terms of the GNU General Public License as published by
-- the Free Software Foundation; version 2 of the License.
--
-- This program is distributed in the hope that it will be useful,
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-- GNU General Public License for more details.
--
-- You should have received a copy of the GNU General Public License
-- along with this program; if not, write to the Free Software
-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-- Initial database schema
CREATE TABLE `abusereports` (
`id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT,
`when` datetime NOT NULL,
`IP` int(11) DEFAULT NULL,
`url` varchar(255) NOT NULL,
`name` varchar(255) NOT NULL,
`email` varchar(255) NOT NULL,
`comment` varchar(255) NOT NULL,
`reason` varchar(255) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `addlang` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`userid` int(11) NOT NULL,
`lang` varchar(5) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `userid` (`userid`, `lang`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `adminlog` (
`when` datetime NOT NULL,
`uid` int(11) NOT NULL,
`adminid` int(11) NOT NULL,
`actiontypeid` int(11) DEFAULT NULL,
`old-lname` varchar(255),
`old-dob` varchar(255),
`new-lname` varchar(255),
`new-dob` varchar(255)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `advertising` (
`id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT,
`replaceid` int(10) UNSIGNED NOT NULL,
`replaced` tinyint(3) UNSIGNED NOT NULL,
`orderid` tinyint(3) UNSIGNED NOT NULL,
`link` varchar(255) NOT NULL,
`title` varchar(255) NOT NULL,
`months` tinyint(3) UNSIGNED NOT NULL,
`who` int(10) UNSIGNED NOT NULL,
`when` datetime NOT NULL,
`active` tinyint(3) UNSIGNED NOT NULL,
`approvedby` int(10) UNSIGNED NOT NULL,
`expires` datetime NOT NULL,
PRIMARY KEY (`id`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `alerts` (
`memid` int(11) NOT NULL DEFAULT 0,
`general` tinyint(1) NOT NULL DEFAULT 0,
`country` tinyint(1) NOT NULL DEFAULT 0,
`regional` tinyint(1) NOT NULL DEFAULT 0,
`radius` tinyint(1) NOT NULL DEFAULT 0,
PRIMARY KEY (`memid`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `baddomains` (
`domain` varchar(255) NOT NULL DEFAULT ''
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `cats_passed` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`user_id` int(11) NOT NULL,
`variant_id` int(11) NOT NULL,
`pass_date` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP() ON UPDATE CURRENT_TIMESTAMP(),
PRIMARY KEY (`id`),
UNIQUE KEY `test_passed` (`user_id`, `variant_id`, `pass_date`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `cats_type` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`type_text` varchar(255) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `type_text` (`type_text`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `cats_variant` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`type_id` int(11) NOT NULL,
`test_text` varchar(255) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `test_text` (`test_text`, `type_id`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `countries` (
`id` int(3) NOT NULL AUTO_INCREMENT,
`name` varchar(50) NOT NULL DEFAULT '',
`acount` int(11) NOT NULL DEFAULT 0,
PRIMARY KEY (`id`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `disputedomain` (
`id` int(11) NOT NULL DEFAULT 0,
`memid` int(11) NOT NULL DEFAULT 0,
`oldmemid` int(11) NOT NULL DEFAULT 0,
`domain` varchar(255) NOT NULL DEFAULT '',
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`hash` varchar(50) NOT NULL DEFAULT '',
`attempts` int(1) NOT NULL DEFAULT 0,
`action` enum ('accept','reject','failed') NOT NULL DEFAULT 'accept'
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `disputeemail` (
`id` int(11) NOT NULL DEFAULT 0,
`memid` int(11) NOT NULL DEFAULT 0,
`oldmemid` int(11) NOT NULL DEFAULT 0,
`email` varchar(255) NOT NULL DEFAULT '',
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`hash` varchar(50) NOT NULL DEFAULT '',
`attempts` int(1) NOT NULL DEFAULT 0,
`action` enum ('accept','reject','failed') NOT NULL DEFAULT 'accept',
`IP` varchar(20) NOT NULL DEFAULT ''
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `domaincerts` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`domid` int(11) NOT NULL DEFAULT 0,
`serial` varchar(50) NOT NULL DEFAULT '',
`CN` varchar(255) NOT NULL DEFAULT '',
`subject` text NOT NULL,
`csr_name` varchar(255) NOT NULL DEFAULT '',
`crt_name` varchar(255) NOT NULL DEFAULT '',
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`revoked` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`expire` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`warning` tinyint(1) NOT NULL DEFAULT 0,
`renewed` tinyint(1) NOT NULL DEFAULT 0,
`rootcert` int(2) NOT NULL DEFAULT 1,
`md` enum ('md5','sha1','sha256','sha512') NOT NULL DEFAULT 'sha512',
`type` tinyint(4) DEFAULT NULL,
`pkhash` char(40) DEFAULT NULL,
`certhash` char(40) DEFAULT NULL,
`coll_found` tinyint(1) NOT NULL,
PRIMARY KEY (`id`),
KEY `domaincerts_pkhash` (`pkhash`),
KEY `revoked` (`revoked`),
KEY `created` (`created`),
KEY `domid` (`domid`),
KEY `serial` (`serial`),
KEY `stats_domaincerts_expire` (`expire`),
KEY `domaincrt` (`crt_name`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `domains` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`memid` int(11) NOT NULL DEFAULT 0,
`domain` varchar(255) NOT NULL DEFAULT '',
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`deleted` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`hash` varchar(50) NOT NULL DEFAULT '',
`attempts` int(1) NOT NULL DEFAULT 0,
PRIMARY KEY (`id`),
KEY `memid` (`memid`),
KEY `domain` (`domain`),
KEY `memid_2` (`memid`),
KEY `stats_domains_hash` (`hash`),
KEY `stats_domains_deleted` (`deleted`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `domlink` (
`certid` int(11) NOT NULL DEFAULT 0,
`domid` int(11) NOT NULL DEFAULT 0,
UNIQUE KEY `index` (`certid`, `domid`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `email` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`memid` int(11) NOT NULL DEFAULT 0,
`email` varchar(255) NOT NULL DEFAULT '',
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`deleted` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`hash` varchar(50) NOT NULL DEFAULT '',
`attempts` int(1) NOT NULL DEFAULT 0,
PRIMARY KEY (`id`),
KEY `memid` (`memid`),
KEY `stats_email_hash` (`hash`),
KEY `stats_email_deleted` (`deleted`),
KEY `email` (`email`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `emailcerts` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`memid` int(11) NOT NULL DEFAULT 0,
`serial` varchar(50) NOT NULL DEFAULT '',
`CN` varchar(255) NOT NULL DEFAULT '',
`subject` text NOT NULL,
`keytype` char(2) NOT NULL DEFAULT 'NS',
`codesign` tinyint(1) NOT NULL DEFAULT 0,
`csr_name` varchar(255) NOT NULL DEFAULT '',
`crt_name` varchar(255) NOT NULL DEFAULT '',
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`revoked` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`expire` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`warning` tinyint(1) NOT NULL DEFAULT 0,
`renewed` tinyint(1) NOT NULL DEFAULT 0,
`rootcert` int(2) NOT NULL DEFAULT 1,
`md` enum ('md5','sha1','sha256','sha512') NOT NULL DEFAULT 'sha512',
`type` tinyint(4) DEFAULT NULL,
`disablelogin` int(1) NOT NULL DEFAULT 0,
`pkhash` char(40) DEFAULT NULL,
`certhash` char(40) DEFAULT NULL,
`coll_found` tinyint(1) NOT NULL,
PRIMARY KEY (`id`),
KEY `emailcerts_pkhash` (`pkhash`),
KEY `revoked` (`revoked`),
KEY `created` (`created`),
KEY `memid` (`memid`),
KEY `serial` (`serial`),
KEY `stats_emailcerts_expire` (`expire`),
KEY `emailcrt` (`crt_name`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `emaillink` (
`emailcertsid` int(11) NOT NULL DEFAULT 0,
`emailid` int(11) NOT NULL DEFAULT 0,
KEY `index` (`emailcertsid`, `emailid`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `gpg` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`memid` int(11) NOT NULL DEFAULT 0,
`email` varchar(255) NOT NULL DEFAULT '',
`level` int(1) NOT NULL DEFAULT 0,
`multiple` tinyint(1) NOT NULL DEFAULT 0,
`expires` tinyint(1) NOT NULL DEFAULT 0,
`csr` varchar(255) NOT NULL DEFAULT '',
`crt` varchar(255) NOT NULL DEFAULT '',
`issued` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`expire` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`keyid` char(18) DEFAULT NULL,
`warning` tinyint(1) NOT NULL DEFAULT 0,
PRIMARY KEY (`id`),
KEY `stats_gpg_expire` (`expire`),
KEY `stats_gpg_issued` (`issued`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `languages` (
`locale` varchar(5) NOT NULL,
`en_co` varchar(255) NOT NULL,
`en_lang` varchar(255) NOT NULL,
`country` varchar(255) NOT NULL,
`lang` varchar(255) NOT NULL
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `localias` (
`locid` int(11) NOT NULL DEFAULT 0,
`name` varchar(255) NOT NULL DEFAULT '',
KEY `locid` (`locid`),
KEY `name` (`name`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `locations` (
`id` int(7) NOT NULL AUTO_INCREMENT,
`regid` int(4) NOT NULL DEFAULT 0,
`ccid` int(3) NOT NULL DEFAULT 0,
`name` varchar(50) NOT NULL DEFAULT '',
`lat` double(6, 3) NOT NULL DEFAULT 0.000,
`long` double(6, 3) NOT NULL DEFAULT 0.000,
`acount` int(11) NOT NULL DEFAULT 0,
PRIMARY KEY (`id`),
KEY `ccid` (`ccid`),
KEY `regid` (`regid`),
KEY `name` (`name`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `news` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`when` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`who` varchar(255) NOT NULL DEFAULT '',
`short` varchar(255) NOT NULL DEFAULT '',
`story` text NOT NULL,
PRIMARY KEY (`id`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `notary` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`from` int(11) NOT NULL DEFAULT 0,
`to` int(11) NOT NULL DEFAULT 0,
`awarded` int(3) NOT NULL DEFAULT 0,
`points` int(3) NOT NULL DEFAULT 0,
`method` enum ('Face to Face Meeting','Trusted Third Parties','Thawte Points Transfer','Administrative Increase','CT Magazine - Germany','Temporary Increase','Unknown') NOT NULL DEFAULT 'Face to Face Meeting',
`location` varchar(255) NOT NULL DEFAULT '',
`date` varchar(255) NOT NULL DEFAULT '',
`when` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`expire` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`sponsor` int(11) NOT NULL DEFAULT 0,
PRIMARY KEY (`id`),
KEY `from` (`from`),
KEY `to` (`to`),
KEY `from_2` (`from`),
KEY `to_2` (`to`),
KEY `stats_notary_when` (`when`),
KEY `stats_notary_method` (`method`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `org` (
`orgid` int(11) NOT NULL DEFAULT 0,
`memid` int(11) NOT NULL DEFAULT 0,
`OU` varchar(255) NOT NULL DEFAULT '',
`masteracc` int(1) NOT NULL DEFAULT 0,
`comments` text NOT NULL,
UNIQUE KEY `orgid` (`orgid`, `memid`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `orgdomaincerts` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`orgid` int(11) NOT NULL DEFAULT 0,
`subject` text NOT NULL,
`serial` varchar(50) NOT NULL DEFAULT '',
`CN` varchar(255) NOT NULL DEFAULT '',
`csr_name` varchar(255) NOT NULL DEFAULT '',
`crt_name` varchar(255) NOT NULL DEFAULT '',
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`revoked` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`expire` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`renewed` tinyint(1) NOT NULL DEFAULT 0,
`rootcert` int(2) NOT NULL DEFAULT 1,
`md` enum ('md5','sha1','sha256','sha512') NOT NULL DEFAULT 'sha512',
`type` tinyint(4) DEFAULT NULL,
`warning` tinyint(1) NOT NULL DEFAULT 0,
`pkhash` char(40) DEFAULT NULL,
`certhash` char(40) DEFAULT NULL,
`coll_found` tinyint(1) NOT NULL,
PRIMARY KEY (`id`),
KEY `orgdomaincerts_pkhash` (`pkhash`),
KEY `stats_orgdomaincerts_created` (`created`),
KEY `stats_orgdomaincerts_revoked` (`revoked`),
KEY `stats_orgdomaincerts_expire` (`expire`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `orgdomains` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`orgid` int(11) NOT NULL DEFAULT 0,
`domain` varchar(255) NOT NULL DEFAULT '',
PRIMARY KEY (`id`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `orgdomlink` (
`orgcertid` int(11) NOT NULL DEFAULT 0,
`orgdomid` int(11) NOT NULL DEFAULT 0,
UNIQUE KEY `index` (`orgcertid`, `orgdomid`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `orgemailcerts` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`orgid` int(11) NOT NULL DEFAULT 0,
`serial` varchar(50) NOT NULL DEFAULT '',
`CN` varchar(255) NOT NULL DEFAULT '',
`subject` text NOT NULL,
`keytype` char(2) NOT NULL DEFAULT 'NS',
`csr_name` varchar(255) NOT NULL DEFAULT '',
`crt_name` varchar(255) NOT NULL DEFAULT '',
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`revoked` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`expire` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`renewed` tinyint(1) NOT NULL DEFAULT 0,
`rootcert` int(2) NOT NULL DEFAULT 1,
`md` enum ('md5','sha1','sha256','sha512') NOT NULL DEFAULT 'sha512',
`type` tinyint(4) DEFAULT NULL,
`codesign` tinyint(1) NOT NULL DEFAULT 0,
`warning` tinyint(1) NOT NULL DEFAULT 0,
`pkhash` char(40) DEFAULT NULL,
`certhash` char(40) DEFAULT NULL,
`coll_found` tinyint(1) NOT NULL,
PRIMARY KEY (`id`),
KEY `orgemailcerts_pkhash` (`pkhash`),
KEY `stats_orgemailcerts_created` (`created`),
KEY `stats_orgemailcerts_revoked` (`revoked`),
KEY `stats_orgemailcerts_expire` (`expire`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `orgemaillink` (
`emailcertsid` int(11) NOT NULL DEFAULT 0,
`domid` int(11) NOT NULL DEFAULT 0,
KEY `index` (`emailcertsid`, `domid`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `orginfo` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`contact` varchar(255) NOT NULL DEFAULT '',
`O` varchar(255) NOT NULL DEFAULT '',
`L` varchar(255) NOT NULL DEFAULT '',
`ST` varchar(255) NOT NULL DEFAULT '',
`C` char(2) NOT NULL DEFAULT '',
`comments` text NOT NULL,
PRIMARY KEY (`id`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `otphashes` (
`when` datetime NOT NULL,
`username` varchar(255) NOT NULL,
`otp` varchar(255) NOT NULL
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `pinglog` (
`when` datetime NOT NULL,
`uid` int(11) NOT NULL,
`email` varchar(255) NOT NULL,
`result` varchar(255) NOT NULL
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `regions` (
`id` int(5) NOT NULL AUTO_INCREMENT,
`ccid` int(3) NOT NULL DEFAULT 0,
`name` varchar(50) NOT NULL DEFAULT '',
`acount` int(11) NOT NULL DEFAULT 0,
PRIMARY KEY (`id`),
KEY `ccid` (`ccid`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
-- stores names of root certificates (CN from SubjectDN?)
CREATE TABLE `root_certs` (
`id` int(2) NOT NULL,
`cert_text` varchar(255) DEFAULT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `cert_text` (`cert_text`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
-- TODO: replace with goose_db_version table
CREATE TABLE `schema_version` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`version` int(11) NOT NULL,
`when` datetime NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `version` (`version`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `stampcache` (
`id` int(10) UNSIGNED NOT NULL AUTO_INCREMENT,
`certid` int(10) UNSIGNED DEFAULT NULL,
`cacheexpire` bigint(20) UNSIGNED DEFAULT NULL,
`issued` datetime NOT NULL,
`expire` datetime NOT NULL,
`subject` varchar(255) NOT NULL,
`hostname` varchar(255) NOT NULL,
`org` tinyint(1) NOT NULL,
`points` tinyint(3) UNSIGNED NOT NULL,
`O` varchar(255) NOT NULL,
`L` varchar(255) NOT NULL,
`ST` varchar(255) NOT NULL,
`C` varchar(255) NOT NULL,
`valid` tinyint(1) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `hostname` (`hostname`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `statscache` (
`timestamp` bigint(20) NOT NULL,
`cache` text NOT NULL,
PRIMARY KEY (`timestamp`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
-- not mentioned in version5.sh
CREATE TABLE `temp` (
`id` int(11) DEFAULT NULL,
`data` int(11) DEFAULT NULL
) ENGINE = InnoDB
DEFAULT CHARSET = latin1;
CREATE TABLE `tickets` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`timestamp` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP() ON UPDATE CURRENT_TIMESTAMP(),
PRIMARY KEY (`id`),
KEY `timestamp` (`timestamp`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1 COMMENT ='Is used to generate ticket numbers for tracing back problems';
CREATE TABLE `tverify` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`memid` int(11) NOT NULL DEFAULT 0,
`photoid` varchar(255) NOT NULL DEFAULT '',
`URL` text NOT NULL,
`CN` text NOT NULL,
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
PRIMARY KEY (`id`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `tverify-vote` (
`tverify` int(11) NOT NULL DEFAULT 0,
`memid` int(11) NOT NULL DEFAULT 0,
`when` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`vote` tinyint(1) NOT NULL DEFAULT 0,
`comment` varchar(255) NOT NULL DEFAULT ''
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `userlocations` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`memid` int(11) NOT NULL DEFAULT 0,
`ccid` int(11) NOT NULL DEFAULT 0,
`regid` int(11) NOT NULL DEFAULT 0,
`locid` int(11) NOT NULL DEFAULT 0,
PRIMARY KEY (`id`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
CREATE TABLE `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`email` varchar(255) NOT NULL DEFAULT '',
`password` varchar(255) NOT NULL DEFAULT '',
`fname` varchar(255) NOT NULL DEFAULT '',
`mname` varchar(255) NOT NULL DEFAULT '',
`lname` varchar(255) NOT NULL DEFAULT '',
`suffix` varchar(50) NOT NULL DEFAULT '',
`dob` date NOT NULL DEFAULT '0000-00-00',
`verified` int(1) NOT NULL DEFAULT 0,
`ccid` int(3) NOT NULL DEFAULT 0,
`regid` int(5) NOT NULL DEFAULT 0,
`locid` int(7) NOT NULL DEFAULT 0,
`listme` int(1) NOT NULL DEFAULT 0,
`codesign` int(1) NOT NULL DEFAULT 0,
`1024bit` tinyint(1) NOT NULL DEFAULT 0,
`contactinfo` varchar(255) NOT NULL DEFAULT '',
`admin` tinyint(1) NOT NULL DEFAULT 0,
`orgadmin` tinyint(1) NOT NULL,
`ttpadmin` tinyint(1) NOT NULL DEFAULT 0,
`adadmin` tinyint(1) UNSIGNED NOT NULL,
`board` tinyint(1) NOT NULL DEFAULT 0,
`tverify` tinyint(1) NOT NULL DEFAULT 0,
`locadmin` tinyint(1) NOT NULL DEFAULT 0,
`language` varchar(5) NOT NULL DEFAULT '',
`Q1` varchar(255) NOT NULL DEFAULT '',
`Q2` varchar(255) NOT NULL DEFAULT '',
`Q3` varchar(255) NOT NULL DEFAULT '',
`Q4` varchar(255) NOT NULL DEFAULT '',
`Q5` varchar(255) NOT NULL DEFAULT '',
`A1` varchar(255) NOT NULL DEFAULT '',
`A2` varchar(255) NOT NULL DEFAULT '',
`A3` varchar(255) NOT NULL DEFAULT '',
`A4` varchar(255) NOT NULL DEFAULT '',
`A5` varchar(255) NOT NULL DEFAULT '',
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`modified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`deleted` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`locked` tinyint(1) NOT NULL,
`uniqueID` varchar(255) NOT NULL,
`otphash` varchar(16) NOT NULL,
`otppin` smallint(4) UNSIGNED ZEROFILL NOT NULL,
`assurer` int(2) NOT NULL DEFAULT 0,
`assurer_blocked` tinyint(1) NOT NULL DEFAULT 0,
PRIMARY KEY (`id`),
KEY `ccid` (`ccid`),
KEY `regid` (`regid`),
KEY `locid` (`locid`),
KEY `email` (`email`),
KEY `stats_users_created` (`created`),
KEY `stats_users_verified` (`verified`),
KEY `userverified` (`verified`)
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;

113
migrations/00002_version1.sql
Unescape Escape View File

@ -0,0 +1,113 @@
-- +goose Up
-- LibreSSL - CAcert web application
-- Copyright (C) 2004-2020 CAcert Inc.
--
-- This program is free software; you can redistribute it and/or modify
-- it under the terms of the GNU General Public License as published by
-- the Free Software Foundation; version 2 of the License.
--
-- This program is distributed in the hope that it will be useful,
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-- GNU General Public License for more details.
--
-- You should have received a copy of the GNU General Public License
-- along with this program; if not, write to the Free Software
-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-- changes from version1.sh of the original code base
-- CCA agreements and such
CREATE TABLE `user_agreements` (
`id` int(11) PRIMARY KEY AUTO_INCREMENT,
-- the user that agrees
`memid` int(11) NOT NULL,
-- user that is involved in the agreement (e.g. Assurer)
`secmemid` int(11) DEFAULT NULL,
-- what is being agreed to? e.g. CCA
`document` varchar(50) DEFAULT NULL,
-- when did the agreement take place?
`date` datetime DEFAULT NULL,
-- whether the user actively agreed or if the agreement took place via
-- an indirect process (e.g. Assurance)
`active` int(1) NOT NULL,
-- in which process did the agreement take place (e.g. certificate
-- issuance, account creation, assurance)
`method` varchar(100) NOT NULL,
-- user comment
`comment` varchar(100) DEFAULT NULL
) DEFAULT CHARSET = latin1;
-- description for all certs to make identifying a cert easier
ALTER TABLE `domaincerts`
ADD `description` varchar(100) NOT NULL
DEFAULT '';
ALTER TABLE `emailcerts`
ADD `description` varchar(100) NOT NULL
DEFAULT '';
ALTER TABLE `gpg`
ADD `description` varchar(100) NOT NULL
DEFAULT '';
ALTER TABLE `orgdomaincerts`
ADD `description` varchar(100) NOT NULL
DEFAULT '';
ALTER TABLE `orgemailcerts`
ADD `description` varchar(100) NOT NULL
DEFAULT '';
-- Bugs #855, #863, #864, #888
ALTER TABLE `notary`
-- allow for marking as deleted instead of really deleting
ADD `deleted` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
-- add "TOPUP" as method for point transfers (for TTP)
MODIFY `method`
enum (
'Face to Face Meeting',
'Trusted Third Parties',
'Thawte Points Transfer',
'Administrative Increase',
'CT Magazine - Germany',
'Temporary Increase',
'Unknown',
'TOPUP'
) NOT NULL DEFAULT 'Face to Face Meeting';
-- Organisation Assurance
ALTER TABLE `orginfo`
-- which Organisation Assurer entered the organisation?
ADD `creator_id` int(11) NOT NULL DEFAULT '0',
-- when was the organisation entered?
ADD `created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
-- allow for marking as deleted instead of really deleting
ADD `deleted` datetime NOT NULL DEFAULT '0000-00-00 00:00:00';
ALTER TABLE `org`
-- which Organisation Assurer assigned the Organisation Admin?
ADD `creator_id` int(11) NOT NULL DEFAULT '0',
-- when was the Organisation Admin assigned?
ADD `created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
-- allow for marking as deleted instead of really deleting
ADD `deleted` datetime NOT NULL DEFAULT '0000-00-00 00:00:00';
-- Update schema version number
INSERT INTO `schema_version`
(`version`, `when`)
VALUES ('1', NOW());

46
migrations/00003_version2.sql
Unescape Escape View File

@ -0,0 +1,46 @@
-- +goose Up
-- LibreSSL - CAcert web application
-- Copyright (C) 2004-2020 CAcert Inc.
--
-- This program is free software; you can redistribute it and/or modify
-- it under the terms of the GNU General Public License as published by
-- the Free Software Foundation; version 2 of the License.
--
-- This program is distributed in the hope that it will be useful,
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-- GNU General Public License for more details.
--
-- You should have received a copy of the GNU General Public License
-- along with this program; if not, write to the Free Software
-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-- changes from version2.sh of the original code base
-- Organisation Assurance bug #1118
ALTER TABLE `orgemailcerts`
ADD `ou` varchar(50) NOT NULL
DEFAULT '';
-- Bugs #855, #863, #864, #888, #1118
ALTER TABLE `notary`
-- add "TTP-Assisted" as method for point transfers (for TTP)
MODIFY `method`
enum (
'Face to Face Meeting',
'Trusted Third Parties',
'Thawte Points Transfer',
'Administrative Increase',
'CT Magazine - Germany',
'Temporary Increase',
'Unknown',
'TOPUP',
'TTP-Assisted'
) NOT NULL DEFAULT 'Face to Face Meeting';
-- Update schema version number
INSERT INTO `schema_version`
(`version`, `when`)
VALUES ('2', NOW());

52
migrations/00004_version3.sql
Unescape Escape View File

@ -0,0 +1,52 @@
-- +goose Up
-- LibreSSL - CAcert web application
-- Copyright (C) 2004-2020 CAcert Inc.
--
-- This program is free software; you can redistribute it and/or modify
-- it under the terms of the GNU General Public License as published by
-- the Free Software Foundation; version 2 of the License.
--
-- This program is distributed in the hope that it will be useful,
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-- GNU General Public License for more details.
--
-- You should have received a copy of the GNU General Public License
-- along with this program; if not, write to the Free Software
-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-- changes from version3.sh of the original code base
-- alter table Admin log
ALTER TABLE `adminlog`
ADD `type` varchar(50) NOT NULL,
ADD `information` varchar(50) NOT NULL;
-- create new table OrgAdminLog
CREATE TABLE IF NOT EXISTS `orgadminlog` (
`when` datetime NOT NULL,
`oid` int(11) NOT NULL,
`adminid` int(11) NOT NULL,
`type` varchar(50) NOT NULL,
`information` varchar(50) NOT NULL
) ENGINE = MyISAM
DEFAULT CHARSET = latin1;
-- alter table OrgDomainCerts
ALTER TABLE `orgdomaincerts`
ADD orgadminid int(11) NULL,
ADD revokeorgadminid int(11) NULL;
-- alter table OrgEmailCerts
ALTER TABLE `orgemailcerts`
ADD orgadminid int(11) NULL,
ADD revokeorgadminid int(11) NULL;
-- Update schema version number
INSERT INTO `schema_version`
(`version`, `when`)
VALUES ('3', NOW());

38
migrations/00005_version4.sql
Unescape Escape View File

@ -0,0 +1,38 @@
-- +goose Up
-- LibreSSL - CAcert web application
-- Copyright (C) 2004-2020 CAcert Inc.
--
-- This program is free software; you can redistribute it and/or modify
-- it under the terms of the GNU General Public License as published by
-- the Free Software Foundation; version 2 of the License.
--
-- This program is distributed in the hope that it will be useful,
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-- GNU General Public License for more details.
--
-- You should have received a copy of the GNU General Public License
-- along with this program; if not, write to the Free Software
-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-- changes from version4.sh of the original code base
-- update table admin log
UPDATE `adminlog`
SET `type` = 'old name or dob change',
`information` = 'see adminlog_table_backup_1135';
-- alter table admin log
ALTER TABLE `adminlog`
DROP `old-lname`,
DROP `old-dob`,
DROP `new-lname`,
DROP `new-dob`;
-- Update schema version number
INSERT INTO `schema_version`
(`version`, `when`)
VALUES ('4', NOW());

158
migrations/00006_version5.sql
Unescape Escape View File

@ -0,0 +1,158 @@
-- +goose Up
-- LibreSSL - CAcert web application
-- Copyright (C) 2004-2020 CAcert Inc.
--
-- This program is free software; you can redistribute it and/or modify
-- it under the terms of the GNU General Public License as published by
-- the Free Software Foundation; version 2 of the License.
--
-- This program is distributed in the hope that it will be useful,
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-- GNU General Public License for more details.
--
-- You should have received a copy of the GNU General Public License
-- along with this program; if not, write to the Free Software
-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-- changes from version5.sh of the original code base
-- Move myISAM to InnoDB bug #1172
ALTER TABLE `abusereports`
ENGINE =INNODB;
ALTER TABLE `addlang`
ENGINE =INNODB;
ALTER TABLE `adminlog`
ENGINE =INNODB;
ALTER TABLE `advertising`
ENGINE =INNODB;
ALTER TABLE `alerts`
ENGINE =INNODB;
ALTER TABLE `baddomains`
ENGINE =INNODB;
ALTER TABLE `cats_passed`
ENGINE =INNODB;
ALTER TABLE `cats_type`
ENGINE =INNODB;
ALTER TABLE `cats_variant`
ENGINE =INNODB;
ALTER TABLE `countries`
ENGINE =INNODB;
ALTER TABLE `disputedomain`
ENGINE =INNODB;
ALTER TABLE `disputeemail`
ENGINE =INNODB;
ALTER TABLE `domaincerts`
ENGINE =INNODB;
ALTER TABLE `domains`
ENGINE =INNODB;
ALTER TABLE `domlink`
ENGINE =INNODB;
ALTER TABLE `email`
ENGINE =INNODB;
ALTER TABLE `emailcerts`
ENGINE =INNODB;
ALTER TABLE `emaillink`
ENGINE =INNODB;
ALTER TABLE `gpg`
ENGINE =INNODB;
ALTER TABLE `languages`
ENGINE =INNODB;
ALTER TABLE `localias`
ENGINE =INNODB;
ALTER TABLE `locations`
ENGINE =INNODB;
ALTER TABLE `news`
ENGINE =INNODB;
ALTER TABLE `notary`
ENGINE =INNODB;
ALTER TABLE `org`
ENGINE =INNODB;
ALTER TABLE `orgadminlog`
ENGINE =INNODB;
ALTER TABLE `orgdomaincerts`
ENGINE =INNODB;
ALTER TABLE `orgdomains`
ENGINE =INNODB;
ALTER TABLE `orgdomlink`
ENGINE =INNODB;
ALTER TABLE `orgemailcerts`
ENGINE =INNODB;
ALTER TABLE `orgemaillink`
ENGINE =INNODB;
ALTER TABLE `orginfo`
ENGINE =INNODB;
ALTER TABLE `otphashes`
ENGINE =INNODB;
ALTER TABLE `pinglog`
ENGINE =INNODB;
ALTER TABLE `regions`
ENGINE =INNODB;
ALTER TABLE `root_certs`
ENGINE =INNODB;
ALTER TABLE `schema_version`
ENGINE =INNODB;
ALTER TABLE `stampcache`
ENGINE =INNODB;
ALTER TABLE `statscache`
ENGINE =INNODB;
ALTER TABLE `tickets`
ENGINE =INNODB;
ALTER TABLE `tverify`
ENGINE =INNODB;
ALTER TABLE `tverify-vote`
ENGINE =INNODB;
ALTER TABLE `user_agreements`
ENGINE =INNODB;
ALTER TABLE `userlocations`
ENGINE =INNODB;
-- Update schema version number
INSERT INTO `schema_version`
(`version`, `when`)
VALUES ('5', NOW());

26
migrations/00007_version6.sql
Unescape Escape View File

@ -0,0 +1,26 @@
-- +goose Up
-- LibreSSL - CAcert web application
-- Copyright (C) 2004-2011 CAcert Inc.
--
-- This program is free software; you can redistribute it and/or modify
-- it under the terms of the GNU General Public License as published by
-- the Free Software Foundation; version 2 of the License.
--
-- This program is distributed in the hope that it will be useful,
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-- GNU General Public License for more details.
--
-- You should have received a copy of the GNU General Public License
-- along with this program; if not, write to the Free Software
-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-- changes from version6.sh of the original code base
ALTER TABLE `users`
ADD `lastLoginAttempt` datetime NULL;
-- Update schema version number
INSERT INTO `schema_version`
(`version`, `when`)
VALUES ('6', NOW());

60
migrations/00008_initial_data.sql
Unescape Escape View File

@ -0,0 +1,60 @@
-- +goose Up
-- LibreSSL - CAcert web application
-- Copyright (C) 2004-2020 CAcert Inc.
--
-- This program is free software; you can redistribute it and/or modify
-- it under the terms of the GNU General Public License as published by
-- the Free Software Foundation; version 2 of the License.
--
-- This program is distributed in the hope that it will be useful,
-- but WITHOUT ANY WARRANTY; without even the implied warranty of
-- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-- GNU General Public License for more details.
--
-- You should have received a copy of the GNU General Public License
-- along with this program; if not, write to the Free Software
-- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-- initial data set from test database
-- tables for cats (https://cats.cacert.org/)
INSERT INTO cats_type (id, type_text)
VALUES (1, 'Assurer Challenge'),
(2, 'Org Assurer Test'),
(3, 'Triage Challenge'),
(5, 'Data Privacy Quiz');
INSERT INTO cats_variant (id, type_id, test_text)
VALUES (5, 1, 'Assurer\'s challenge (EN)'),
(6, 1, 'CAcert Assurer Prüfung (DE)'),
(4, 1, 'CATS V0.1'),
(12, 5, 'Data Privacy Quiz (Generic)'),
(15, 5, 'Data Privacy Quiz (Infrastructure Admins)'),
(13, 5, 'Data Privacy Quiz (Software)'),
(14, 5, 'Data Privacy Quiz (Triage and Support)'),
(11, 1, 'Výzva zaručovatele (CZ)');
-- country list
-- TODO: fetch from external source like https://github.com/datasets/country-codes
-- TODO: check for completeness / add mapping to ISO country codes?
-- language selection
-- TODO: fetch from external source like https://github.com/datasets/language-codes
-- in combination with http://www.unicode.org/Public/cldr/latest/core.zip
-- TODO: transform to UTF-8, check against current ISO standards
-- region names
-- TODO: take from https://github.com/datasets/fips-10-4
-- locations list is just too big to include here (>110 MiB dump)
-- TODO: take from an external source like https://github.com/datasets/un-locode
;
-- +goose Down
TRUNCATE TABLE cats_variant;
TRUNCATE TABLE cats_type;

4
migrations/00009_intial_root_certs.sql
Unescape Escape View File

@ -0,0 +1,4 @@
-- +goose Up
INSERT INTO root_certs (id, cert_text)
VALUES (1, 'CAcert Testserver Root'),
(2, 'CAcert Testserver Class 3');

310
migrations/00010_go.go
Unescape Escape View File

@ -0,0 +1,310 @@
package migrations
import (
"crypto/md5"
"crypto/rand"
"crypto/sha1"
"database/sql"
"encoding/csv"
"fmt"
"io"
"net/http"
"strings"
"time"
"github.com/pressly/goose"
log "github.com/sirupsen/logrus"
"golang.org/x/text/encoding"
"golang.org/x/text/encoding/charmap"
)
func init() {
goose.AddMigration(Up20201214193523, Down20201214193523)
}
func Up20201214193523(tx *sql.Tx) error {
// This code is executed when the migration is applied.
var (
data int
countryId, regionId, locationId int64
row *sql.Row
result sql.Result
err error
)
row = tx.QueryRow("SELECT COUNT(*) FROM users WHERE admin=1")
if err = row.Scan(&data); err != nil {
return err
}
log.Infof("%d admins found\n", data)
var countryFipsCodeMap map[string]int64
if countryFipsCodeMap, err = updateCountries(tx); err != nil {
return err
}
if err = updateRegions(tx, &countryFipsCodeMap); err != nil {
return err
}
if data == 0 {
location, err := time.LoadLocation("Europe/Berlin")
if err != nil {
return err
}
dob, err := time.ParseInLocation(
"2006-01-02",
"1977-08-08",
location,
)
if err != nil {
return err
}
if countryId, err = getCountryId(tx, "Germany"); err != nil {
return err
}
if regionId, err = getRegionId(tx, "Sachsen", countryId); err != nil {
return err
}
if locationId, err = getLocationId(tx, "Dresden", countryId, regionId); err != nil {
return err
}
random64Bytes := make([]byte, 64)
_, err = rand.Read(random64Bytes)
if err != nil {
return err
}
result, err = tx.Exec(`INSERT INTO users (email, password, fname, mname,
lname, suffix, dob, verified, ccid,
regid, locid, listme, codesign, 1024bit, contactinfo, admin, orgadmin,
ttpadmin, adadmin, board, tverify, locadmin, language,
Q1, Q2, Q3, Q4, Q5,
A1, A2, A3, A4, A5,
created, modified, locked, uniqueID,
otphash, otppin, assurer, assurer_blocked, lastLoginAttempt)
VALUES (?, ?, ?, '', ?, '', ?, 0,
?, ?, ?, 0, 1, 0, ?,
1, 0, 0, 0, 0, 0, 0, ?,
'', '', '', '', '', '', '', '', '', '',
CURRENT_TIMESTAMP, CURRENT_TIMESTAMP, 0,
SHA1(CONCAT(NOW(), ?)),
'', 0, 0, 0, NULL)`,
"jandd@cacert.org",
fmt.Sprintf("%x", sha1.Sum([]byte("abcdefghijklmn"))),
"Jan",
"Dittberner",
dob,
countryId,
regionId,
locationId,
"Somewhere over the rainbow",
"de_DE",
fmt.Sprintf("%x", md5.Sum(random64Bytes)))
if err != nil {
return err
}
lastId, err := result.LastInsertId()
if err != nil {
return err
}
log.Infof("new user id is %d", lastId)
}
return nil
}
func updateRegions(tx *sql.Tx, codeMap *map[string]int64) error {
client := &http.Client{}
var (
err error
request *http.Request
response *http.Response
csvReader *csv.Reader
)
request, err = http.NewRequest("GET", "https://raw.githubusercontent.com/datasets/fips-10-4/master/data/data.csv", nil)
if err != nil {
return err
}
response, err = client.Do(request)
if err != nil {
return err
}
if response.StatusCode != 200 {
return fmt.Errorf("got unexpected HTTP status %d %s", response.StatusCode, response.Status)
}
csvReader = csv.NewReader(response.Body)
headings, err := csvReader.Read()
log.Infof("CSV headings %s", strings.Join(headings, ","))
for {
record, err := csvReader.Read()
if err == io.EOF {
break
}
if err != nil {
return err
}
regionCode := record[0]
regionDivision := record[1]
regionName := record[2]
fipsCode := regionCode[:2]
log.Infof("read %s %s %s", regionCode, regionName, fipsCode)
var countryId int64
var exists bool
if countryId, exists = (*codeMap)[fipsCode]; exists {
log.Infof("country id %d", countryId)
} else if regionDivision == "country" {
countryId, err = getCountryId(tx, regionName)
(*codeMap)[fipsCode] = countryId
} else {
return fmt.Errorf("could not find country for %s %s", fipsCode, regionName)
}
_, err = getRegionId(tx, regionName, countryId)
if err != nil {
return err
}
}
return nil
}
func updateCountries(tx *sql.Tx) (map[string]int64, error) {
client := &http.Client{}
var (
err error
request *http.Request
response *http.Response
csvReader *csv.Reader
)
request, err = http.NewRequest("GET", "https://raw.githubusercontent.com/datasets/country-codes/master/data/country-codes.csv", nil)
if err != nil {
return nil, err
}
response, err = client.Do(request)
if err != nil {
return nil, err
}
if response.StatusCode != 200 {
return nil, fmt.Errorf("got unexpected HTTP status %d %s", response.StatusCode, response.Status)
}
csvReader = csv.NewReader(response.Body)
headings, err := csvReader.Read()
log.Infof("CSV headings %s", strings.Join(headings, ","))
countryFipsMapping := make(map[string]int64, 0)
var count int64 = 0
for {
record, err := csvReader.Read()
if err == io.EOF {
break
}
if err != nil {
return nil, err
}
name := strings.TrimSpace(record[54])
if len(name) > 0 {
countryId, err := getCountryId(tx, name)
if err != nil {
return nil, err
}
countryFipsMapping[record[7]] = countryId
count++
}
}
log.Infof("read %d countries", count)
return countryFipsMapping, nil
}
func getLocationId(tx *sql.Tx, name string, countryId, regionId int64) (int64, error) {
var (
row *sql.Row
result sql.Result
locationId int64
err error
)
row = tx.QueryRow("SELECT id FROM locations WHERE name=? AND ccid=? AND regid=?", name, countryId, regionId)
if err := row.Scan(&locationId); err != nil {
if err != sql.ErrNoRows {
return 0, err
}
} else {
return locationId, nil
}
result, err = tx.Exec("INSERT INTO locations (regid, ccid, name, acount) VALUES (?, ?, ?, ?)", regionId, countryId, name, 0)
if err != nil {
return 0, err
}
locationId, err = result.LastInsertId()
if err != nil {
return 0, err
}
return locationId, nil
}
func getRegionId(tx *sql.Tx, name string, countryId int64) (int64, error) {
var (
row *sql.Row
result sql.Result
regionId int64
err error
)
encoder := charmap.ISO8859_1.NewEncoder()
cutDownName, err := encoding.HTMLEscapeUnsupported(encoder).String(name)
if err != nil {
return 0, err
}
if len(cutDownName) > 50 {
cutDownName = cutDownName[:50]
}
row = tx.QueryRow("SELECT id FROM regions WHERE name=? AND ccid=?", cutDownName, countryId)
if err := row.Scan(&regionId); err != nil {
if err != sql.ErrNoRows {
return 0, err
}
} else {
return regionId, nil
}
result, err = tx.Exec("INSERT INTO regions (ccid, name, acount) VALUES (?, ?, ?)", countryId, cutDownName, 0)
if err != nil {
return 0, err
}
regionId, err = result.LastInsertId()
if err != nil {
return 0, err
}
return regionId, nil
}
func getCountryId(tx *sql.Tx, name string) (int64, error) {
var (
row *sql.Row
result sql.Result
countryId int64
err error
)
row = tx.QueryRow("SELECT id FROM countries WHERE name=?", name)
if err := row.Scan(&countryId); err != nil {
if err != sql.ErrNoRows {
return 0, err
}
} else {
return countryId, nil
}
result, err = tx.Exec("INSERT INTO countries (countries.name, countries.acount) VALUES (?, ?)", name, 0)
if err != nil {
return 0, err
}
countryId, err = result.LastInsertId()
if err != nil {
return 0, err
}
return countryId, nil
}
func Down20201214193523(tx *sql.Tx) error {
// This code is executed when the migration is rolled back.
return nil
}

100
migrations/00011_languages.sql
Unescape Escape View File

@ -0,0 +1,100 @@
INSERT INTO cacert_test.languages (locale, en_co, en_lang, country, lang)
VALUES ('sq_AL', 'Albania', 'Albanian', 'Shqipëria', 'shqipe'),
('ar_DZ', 'Algeria', 'Arabic', 'ﺮﺌﺎﺰﺠﻠﺍ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
('ar_AA', 'Arabic Speaking', 'Arabic', 'ﺔﻴﺐﺮﻌﻠﺍ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
('es_AR', 'Argentina', 'Spanish', 'Argentina', 'Español'),
('en_AU', 'Australia', 'English', 'Australia', 'English'),
('de_AT', 'Austria', 'German', 'Österreich', 'Deutsch'),
('ar_BH', 'Bahrain', 'Arabic', 'ﻦﻴﺮﺤﺐﻠﺍ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
('be_BY', 'Belarus', 'Belarusian', 'Беларусь', 'беларуски'),
('nl_BE', 'Belgium', 'Dutch', 'België', 'Nederlands'),
('fr_BE', 'Belgium', 'French', 'Belgique', 'français'),
('es_BO', 'Bolivia', 'Spanish', 'Bolivia', 'Español'),
('sh_BA', 'Bosnia Herzogovina', 'Serbo-Croatian', 'Bosnia Herzogovina', 'Serbo-Croatian'),
('pt_BR', 'Brazil', 'Portuguese', 'Brasil', 'Português'),
('bg_BG', 'Bulgaria', 'Bulgarian', 'България', 'български'),
('en_CA', 'Canada', 'English', 'Canada', 'English'),
('fr_CA', 'Canada', 'French', 'Canada', 'français'),
('es_CL', 'Chile', 'Spanish', 'Chile', 'Español'),
('es_CO', 'Colombia', 'Spanish', 'Colombia', 'Español'),
('es_CR', 'Costa Rica', 'Spanish', 'Costa Rica', 'Español'),
('hr_HR', 'Croatia', 'Croatian', 'Hrvatska', 'hrvatski'),
('cs_CZ', 'Czech Republic', 'Czech', 'Česká republika', 'čeština'),
('da_DK', 'Denmark', 'Danish', 'Danmark', 'dansk'),
('es_DO', 'Dominican Republic', 'Spanish', 'República Dominicana', 'Español'),
('es_EC', 'Ecuador', 'Spanish', 'Ecuador', 'Español'),
('ar_EG', 'Egypt', 'Arabic', 'ﺮﺼﻣ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
('es_SV', 'El Salvador', 'Spanish', 'El Salvador', 'Español'),
('et_EE', 'Estonia', 'Estonian', 'Eesti', 'eesti'),
('mk_MK', 'FYR Macedonia', 'Macedonian', 'FYR Macedonia', 'Macedonian'),
('fi_FI', 'Finland', 'Finnish', 'Suomi', 'suomi'),
('sv_FI', 'Finland', 'Swedish', 'Finland', 'svenska'),
('fr_FR', 'France', 'French', 'France', 'français'),
('de_DE', 'Germany', 'German', 'Deutschland', 'Deutsch'),
('el_GR', 'Greece', 'Greek', 'Ελλάδα', 'ελληνικά'),
('es_GT', 'Guatemala', 'Spanish', 'Guatemala', 'Español'),
('es_HN', 'Honduras', 'Spanish', 'Honduras', 'Español'),
('zh_HK', 'Hong Kong', 'Chinese', '香港', '中文'),
('hu_HU', 'Hungary', 'Hungarian', 'Magyarország', 'magyar'),
('is_IS', 'Iceland', 'Icelandic', 'Ísland', 'íslenska'),
('in_ID', 'Indonesia', 'Indonesian', 'Indonesia', 'Bahasa Indonesia'),
('fa_IR', 'Iran', 'Farsi', 'Iran', 'ﻰﺴﺮﺎﻓ'),
('en_IE', 'Ireland', 'English', 'Ireland', 'English'),
('he_IL', 'Israel', 'Hebrew', 'לארשי', 'תירבע'),
('iw_IL', 'Israel', 'Hebrew', 'לארשי', 'תירבע'),
('it_IT', 'Italy', 'Italian', 'Italia', 'italiano'),
('ja_JP', 'Japan', 'Japanese', '日本', '日本語'),
('ar_JO', 'Jordan', 'Arabic', 'ﻦﺪﺮﺄﻠﺍ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
('ko_KR', 'Korea', 'Korean', '대한민국', '한국어'),
('ar_KW', 'Kuwait', 'Arabic', 'ﺖﻴﻮﻜﻠﺍ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
('es_LA', 'Latin America', 'Spanish', 'América latina', 'Español'),
('lv_LV', 'Latvia', 'Latvian', 'Latvija', 'latviešu'),
('ar_LB', 'Lebanon', 'Arabic', 'ﻦﺎﻨﺐﻟ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
('de_LI', 'Liechtenstein', 'German', 'Liechtenstein', 'Deutsch'),
('lt_LT', 'Lithuania', 'Lithuanian', 'Lietuva', 'lietuvių'),
('fr_LU', 'Luxembourg', 'French', 'Luxembourg', 'français'),
('de_LU', 'Luxembourg', 'German', 'Luxemburg', 'Deutsch'),
('es_MX', 'Mexico', 'Spanish', 'México', 'Español'),
('ar_MA', 'Morocco', 'Arabic', 'ﺔﻴﺐﺮﻐﻤﻠﺍ ﺔﻜﻠﻤﻤﻠﺍ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
('nl_NL', 'Netherlands', 'Dutch', 'Nederland', 'Nederlands'),
('en_NZ', 'New Zealand', 'English', 'New Zealand', 'English'),
('es_NI', 'Nicaragua', 'Spanish', 'Nicarágua', 'Español'),
('no_NO', 'Norway', 'Norwegian', 'Norge', 'bokmål'),
('ar_OM', 'Oman', 'Arabic', 'ﻦﺎﻤﻋ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
('es_PA', 'Panama', 'Spanish', 'Panamá', 'Español'),
('es_PY', 'Paraguay', 'Spanish', 'Paraguay', 'Español'),
('zh_CN', 'People''s Republic of China', 'Chinese', '中华人民共和国', '中文'),
('es_PE', 'Peru', 'Spanish', 'Perú', 'Español'),
('pl_PL', 'Poland', 'Polish', 'Polska', 'polski'),
('pt_PT', 'Portugal', 'Portuguese', 'Portugal', 'português'),
('ar_QA', 'Qatar', 'Arabic', 'ﺮﻄﻗ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
('ro_RO', 'Romania', 'Romanian', 'România', 'română'),
('ru_RU', 'Russia', 'Russian', 'Россия', 'русский'),
('ar_SA', 'Saudi Arabia', 'Arabic', 'ﺔﻴﺪﻮﻌﺴﻠﺍ ﺔﻴﺐﺮﻌﻠﺍ ﺔﻜﻠﻤﻤﻠﺍ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
('hr_SP', 'Serbia', 'Romanian', 'Srbija', 'română'),
('sr_SP', 'Serbia', 'Serbian (Cyrillic)', 'Југославија', 'српски'),
('zh_SG', 'Singapore', 'Chinese', '新加坡', '中文'),
('sk_SK', 'Slovakia', 'Slovak', 'Slovenská republika', 'slovenčina'),
('sl_SI', 'Slovenia', 'Slovene', 'Slovenija', 'slovenski'),
('en_ZA', 'South Africa', 'English', 'South Africa', 'English'),
('eu_ES', 'Spain', 'Basque', 'Espainia', 'Euskara'),
('ca_ES', 'Spain', 'Catalan', 'Espanya', 'català'),
('es_ES', 'Spain', 'Spanish', 'España', 'Español'),
('sv_SE', 'Sweden', 'Swedish', 'Sverige', 'svenska'),
('fr_CH', 'Switzerland', 'French', 'Suisse', 'français'),
('de_CH', 'Switzerland', 'German', 'Schweiz', 'Deutsch'),
('it_CH', 'Switzerland', 'Italian', 'Svizzera', 'italiano'),
('ar_SY', 'Syria', 'Arabic', 'ﺎﻴﺮﻮﺳ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
('zh_TW', 'Taiwan', 'Chinese', '中華民國', '中文'),
('th_TH', 'Thailand', 'Thai', 'ไทย', 'ไทย'),
('ar_TN', 'Tunisia', 'Arabic', 'ﺲﻨﻮﺗ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
('tr_TR', 'Turkey', 'Turkish', 'Türkiye', 'Türkçe'),
('ar_UA', 'U.A.E.', 'Arabic', 'ﺔﺪﺤﺘﻤﻠﺍ ﺔﻴﺐﺮﻌﻠﺍ ﺖﺎﺮﺎﻤﺈﻠﺍ', 'ﺔﻴﺐﺮﻌﻠﺍ'),
('uk_UA', 'Ukraine', 'Ukrainian', 'Україна', 'україньска'),
('en_GB', 'United Kingdom', 'English', 'United Kingdom', 'English'),
('en_US', 'United States', 'English', 'United States', 'English'),
('es_US', 'United States', 'Spanish', 'Estados Unidos', 'Español'),
('es_UY', 'Uruguay', 'Spanish', 'Uruguay', 'Español'),
('es_VE', 'Venezuela', 'Spanish', 'Venezuela', 'Español'),
('vi_VN', 'Vietnam', 'Vietnamese', 'Việt Nam', 'Tiểng Việt'),
('ar_YE', 'Yemen', 'Arabic', 'ﻦﻤﻴﻠﺍ', 'ﺔﻴﺐﺮﻌﻠﺍ');

57
migrations/main.go
Unescape Escape View File

@ -0,0 +1,57 @@
package migrations
import (
"database/sql"
"flag"
"os"
"github.com/pressly/goose"
log "github.com/sirupsen/logrus"
_ "github.com/go-sql-driver/mysql"
)
var (
flags = flag.NewFlagSet("goose", flag.ExitOnError)
dir = flags.String("dir", ".", "directory with migration files")
)
func init() {
_ = flags.Parse(os.Args[1:])
args := flags.Args()
if len(args) < 1 {
flags.Usage()
return
}
command := args[0]
var dbUrl string
var exists bool
if dbUrl, exists = os.LookupEnv("DB_URL"); !exists {
log.Fatalf("define database URL in environment variable DB_URL")
}
db, err := sql.Open("mysql", dbUrl)
if err != nil {
log.Fatalf("goose: failt to open DB: %v\n", err)
}
if err = goose.SetDialect("mysql"); err != nil {
log.Fatalf("failed to set dialect: %v\n", err)
}
defer func() {
if err := db.Close(); err != nil {
log.Fatalf("goose: failed to close DB: %v\n", err)
}
}()
arguments := make([]string, 0)
if len(args) > 3 {
arguments = append(arguments, args[3:]...)
}
if err := goose.Run(command, db, *dir, arguments...); err != nil {
log.Fatalf("goose %v: %v", command, err)
}
}

26
setup_example_ca.sh
Unescape Escape View File

@ -6,10 +6,10 @@ COUNTRY_CODE=CH
ORGANIZATION="Acme Ltd."
if [ ! -d "example_ca" ]; then
mkdir -p example_ca/root/newcerts example_ca/sub/newcerts
touch example_ca/root/index.txt example_ca/sub/index.txt
mkdir -p example_ca/root/newcerts example_ca/sub/newcerts example_ca/email/newcerts
touch example_ca/root/index.txt example_ca/sub/index.txt example_ca/email/index.txt
umask 077
mkdir example_ca/root/private example_ca/sub/private
mkdir example_ca/root/private example_ca/sub/private example_ca/email/private
openssl req -new -x509 \
-config ca.cnf \
-keyout example_ca/root/private/ca.key.pem \
@ -32,8 +32,24 @@ if [ ! -d "example_ca" ]; then
-config ca.cnf \
-name rootca \
-in example_ca/sub/ca.csr.pem \
-extensions sub_ca \
-extensions ext_sub_ca \
-out example_ca/sub/ca.crt.pem \
-create_serial \
-rand_serial \
-batch
openssl req -new \
-config ca.cnf \
-keyout example_ca/email/private/ca.key.pem \
-newkey rsa:3072 \
-nodes \
-subj "/CN=Example Email CA/C=${COUNTRY_CODE}/O=${ORGANIZATION}" \
-utf8 \
-out example_ca/email/ca.csr.pem
openssl ca \
-config ca.cnf \
-name rootca \
-in example_ca/email/ca.csr.pem \
-extensions ext_email_ca \
-out example_ca/email/ca.crt.pem \
-rand_serial \
-batch
fi
Write Preview
Loading…
Cancel
Save