Initial import

2 files changed, 153 insertions, 0 deletions

diff --git a/web/tls/Makefile.am b/web/tls/Makefile.am
new file mode 100644
index 0000000..72b21e1
--- /dev/null
+++ b/web/tls/Makefile.am
@@ -0,0 +1,35 @@
+SUBDIRS = 
+
+based_in = htdocs
+include $(top_srcdir)/Makefile.common
+
+doc_DATA = index.html
+
+
+addresses: $(ECHOLOT_BASE)/results/mlist2.txt $(ECHOLOT_BASE)/results/rlist2.txt
+	cat $(ECHOLOT_BASE)/results/mlist2.txt $(ECHOLOT_BASE)/results/rlist2.txt > addresses
+
+tls-result: addresses
+	if [ -e $@ ] ; then \
+		mod=`stat -c '%Y' $@`; \
+	else \
+		mod=0; \
+	fi; \
+	now=`date +'%s'`; \
+	if [ $$(( $$now - $$mod )) -gt $(TLS_AGE) ]; then \
+		$(top_srcdir)/bin/tls-check < $< > $@; \
+	fi
+
+index.html: tls-result
+	rm -f cert-*.txt;
+	$(top_srcdir)/bin/tls2html < $< > $@;
+
+clean:
+	rm -f tls-result index.html addresses cert-*.txt addresses
+
+install-data-local: index.html
+	[ -d $(docdir) ] || mkdir $(docdir)
+	cp cert-*.txt $(docdir)
+
+uninstall-local: index.html
+	rm -f $(docdir)/cert-*.txt
diff --git a/web/tls/template.tmpl b/web/tls/template.tmpl
new file mode 100644
index 0000000..99d8cfa
--- /dev/null
+++ b/web/tls/template.tmpl
@@ -0,0 +1,118 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head><title>TLS @ noreply</title></head>
+<body bgcolor="#aaaaaa" text="#000000" LINK="#0000ff" ALINK="#ff0000" VLINK="#ff0000">
+<table cellpadding=0 cellspacing=0 width="100%">
+<tr><td colspan=2 bgcolor="#444444"><font color="#ffffff"><a href="/"><font color="#bbbbff">www.noreply.org</font></a> :: TLS </font></td></tr>
+<tr><td colspan=2 bgcolor="#ffffff">&nbsp;</td></tr>
+<tr><td bgcolor="#ffffff">&nbsp;</td>
+<td bgcolor="#ffffff">
+
+<h1>SMTP - TLS</h1>
+
+<strong>T</strong>ransport
+<strong>L</strong>ayer
+<strong>S</strong>ecurity (similar to SSL)
+brings forward secrecy to Internet Email by encrypting SMTP traffic.
+<p>
+Even though usual remailer mail is already encrypted, TLS adds security
+because the key used in TLS sessions usually is ephemeral - i.e. it only
+exists for seconds and is destroyed immediatly after use.  Whether or
+not short-lived keys are used depends on the cipher suite chosen.
+(The EDH (Ephemeral Diffie-Hellman) ciphers use ephemeral keys.)
+<p>
+Ephemeral keys make it impossible to decrypt data which was eavesdropped at one
+time by compromising a remailer's key later.
+<p>
+Since remailer keys are valid for weeks, sometimes years, this makes
+remailing more secure.
+
+<p>
+The submission column indicates that a mailserver acceps mails on port 587
+(submission).  The smtps column that it accepts SSL connections on port 465
+(smtps) for use with stunnel and similar.  Some hosts also accept normal
+connections on port 2525 - this is indicated in the column 2525.  <!--The same
+holds true for port 25000.-->
+<em>Please note that some hosts may enforce the use of TLS on the submission port.</em>
+
+<p>
+<!--More recent stunnel versions can also do STARTTLS using <code>-starttls smtp</code>.-->
+Stunnel can do STARTTLS using <code>-n smtp</code> or with </code>protocol = smtp</code> in your config file, depending on your version.
+
+<p>
+See the <a href="http://www.bananasplit.info/mailtls.html">Encrypted Email
+- TLS/SSL</a> on <a href="http://www.bananasplit.info/">banasplit</a> for a
+  howto on using stunnel on Windows with Quicksilver and JBN2.
+
+<p>
+<table border=0 cellpadding=2 cellspacing=0>
+<tr> <th>remailer</th><th>mail exchanger</th><th>priority</th><th>TLS</th><th>submission</th><th>smtps</th><th>2525</th><!--<th>25000</th>--><th>error/warning</th> </tr>
+<TMPL_LOOP NAME="remailer">
+	<tr><td colspan="9" bgcolor="#77e7ef"><strong><TMPL_VAR NAME="nick"></strong> &lt;<TMPL_VAR NAME="address">&gt;</td></tr>
+	<TMPL_LOOP NAME="mx">
+		<tr><td>&nbsp;</td>
+		<td class="monowidth"><TMPL_VAR NAME="mx"></td>
+		<td align="right"><TMPL_VAR NAME="pri"></td>
+		<TMPL_IF NAME="result-defined">
+			<TMPL_IF NAME="result">
+				<TMPL_IF NAME="tls">
+					<td align="center" bgcolor="#baffcc"><!--YES -
+					--><a href="<TMPL_VAR NAME="cert_url">">YES</a><TMPL_IF NAME="tls-cipher"><br><small><TMPL_VAR NAME="tls-cipher"></small></TMPL_IF></td>
+				<TMPL_ELSE>
+					<td align="center" bgcolor="#ff7f7f">announced -
+					does not work</td>
+				</TMPL_IF>
+			<TMPL_ELSE>
+				<td align="center" bgcolor="#ffb7b7">no</td>
+			</TMPL_IF>
+		<TMPL_ELSE>
+			<td align="center">N/A</td>
+		</TMPL_IF>
+		<TMPL_IF NAME="submission">
+			<td align="center" bgcolor="#daffec">yes</td>
+		<TMPL_ELSE>
+			<td align="center">no</td>
+		</TMPL_IF>
+		<TMPL_IF NAME="smtps">
+			<td align="center" bgcolor="#daffec"><!--yes -
+			--><a href="<TMPL_VAR NAME="ssl_url">">yes</a><TMPL_IF NAME="ssl-cipher"><br><small><TMPL_VAR NAME="ssl-cipher"></small></TMPL_IF></td>
+		<TMPL_ELSE>
+			<td align="center">no</td>
+		</TMPL_IF>
+		<TMPL_IF NAME="2525">
+			<td align="center" bgcolor="#daffec">yes</td>
+		<TMPL_ELSE>
+			<td align="center">no</td>
+		</TMPL_IF>
+		<!--
+		<TMPL_IF NAME="25000">
+			<td align="center" bgcolor="#daffec">yes</td>
+		<TMPL_ELSE>
+			<td align="center">no</td>
+		</TMPL_IF>
+		-->
+		<TMPL_IF NAME="warning">
+			<td bgcolor="#faff7f"><TMPL_VAR NAME="warning"></td>
+		</TMPL_IF>
+		<TMPL_IF NAME="error">
+			<TMPL_IF NAME="warning">
+				</tr><tr><td colspan="8">&nbsp;</td>
+			</TMPL_IF>
+			<td bgcolor="#ff7f7f"><TMPL_VAR NAME="error"></td>
+		</TMPL_IF>
+		</tr>
+	</TMPL_LOOP>
+	<tr><td colspan="6"></td></tr>
+</TMPL_LOOP>
+</table>
+
+<p>
+Built at <TMPL_VAR NAME="now">.
+
+</td></tr>
+<tr><td colspan=2 bgcolor="#ffffff">&nbsp;</td></tr>
+<tr><td colspan=2 bgcolor="#444444"><font color="#ffffff"><em><a href="mailto:web@palfrader.org"><font color="#bbbbff">web@palfrader.org</font></a></em> -
+      <a href="http://validator.w3.org/check/referer"><font color="#bbbbff">Valid HTML 4.01!</font></a></font></td></tr>
+</table>      
+</body>
+</html>