From 4260dce826cc0572371d5ab0d30ecf5f1ecb072a Mon Sep 17 00:00:00 2001 From: Bart Visscher Date: Thu, 7 Jun 2012 17:28:39 +0200 Subject: Better handling of core.css and core.js Fixes calling remote.php on install. Fixes http://bugs.owncloud.org/thebuggenie/owncloud/issues/oc-933 --- core/templates/layout.guest.php | 4 ++-- core/templates/layout.user.php | 4 ++-- lib/app.php | 5 +++++ lib/base.php | 7 ------- 4 files changed, 9 insertions(+), 11 deletions(-) diff --git a/core/templates/layout.guest.php b/core/templates/layout.guest.php index 7f5a4d50fc6..55cc8008d9a 100644 --- a/core/templates/layout.guest.php +++ b/core/templates/layout.guest.php @@ -4,7 +4,7 @@ ownCloud - + @@ -14,7 +14,7 @@ var oc_webroot = ''; var oc_appswebroot = ''; - + diff --git a/core/templates/layout.user.php b/core/templates/layout.user.php index 8f6c029007f..e04fcabf137 100644 --- a/core/templates/layout.user.php +++ b/core/templates/layout.user.php @@ -4,7 +4,7 @@ <?php echo isset($_['application']) && !empty($_['application'])?$_['application'].' | ':'' ?>ownCloud <?php echo OC_User::getUser()?' ('.OC_User::getUser().') ':'' ?> - + @@ -15,7 +15,7 @@ var oc_appswebroot = ''; var oc_current_user = ''; - + diff --git a/lib/app.php b/lib/app.php index 667633e2647..e8a5a1291d9 100755 --- a/lib/app.php +++ b/lib/app.php @@ -67,6 +67,11 @@ class OC_App{ OC_Util::$scripts = array(); OC_Util::$core_styles = OC_Util::$styles; OC_Util::$styles = array(); + + if (!OC_AppConfig::getValue('core', 'remote_core.css', false)) { + OC_AppConfig::setValue('core', 'remote_core.css', '/core/minimizer.php'); + OC_AppConfig::setValue('core', 'remote_core.js', '/core/minimizer.php'); + } } } // return diff --git a/lib/base.php b/lib/base.php index a65a33b166e..4bd165862bb 100644 --- a/lib/base.php +++ b/lib/base.php @@ -426,13 +426,6 @@ class OC{ //make sure temporary files are cleaned up register_shutdown_function(array('OC_Helper','cleanTmp')); - if (OC_Config::getValue('installed', false)) { - if (!OC_AppConfig::getValue('core', 'remote_core.css', false)) { - OC_AppConfig::setValue('core', 'remote_core.css', '/core/minimizer.php'); - OC_AppConfig::setValue('core', 'remote_core.js', '/core/minimizer.php'); - } - } - //parse the given parameters self::$REQUESTEDAPP = (isset($_GET['app'])?str_replace(array('\0', '/', '\\', '..'), '', strip_tags($_GET['app'])):OC_Config::getValue('defaultapp', 'files')); if(substr_count(self::$REQUESTEDAPP, '?') != 0){ -- cgit v1.2.3 From e867edd1c8ac2cdac6f300908b8de55dded9dc05 Mon Sep 17 00:00:00 2001 From: Bart Visscher Date: Thu, 7 Jun 2012 22:47:18 +0200 Subject: Add help texts to config options in config.sample.php --- config/config.sample.php | 37 +++++++++++++++++++++++++++++++++---- 1 file changed, 33 insertions(+), 4 deletions(-) diff --git a/config/config.sample.php b/config/config.sample.php index 7ab327e2bce..c81e4a34eba 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -3,37 +3,66 @@ define("DEBUG", true); $CONFIG = array( +/* Flag to indicate OwnCloud is successfully installed (true = installed) */ "installed" => false, +/* Type of database, can be sqlite, mysql or pgsql */ "dbtype" => "sqlite", +/* Name of the OwnCloud database */ "dbname" => "owncloud", +/* User to access the OwnCloud database */ "dbuser" => "", +/* Password to access the OwnCloud database */ "dbpassword" => "", +/* Host running the OwnCloud database */ "dbhost" => "", +/* Prefix for the OwnCloud tables in the database */ "dbtableprefix" => "", +/* Force use of HTTPS connection (true = use HTTPS) */ "forcessl" => false, -"enablebackup" => false, +/* Theme to use for OwnCloud */ "theme" => "", +/* Path to the 3rdparty directory */ "3rdpartyroot" => "", +/* URL to the 3rdparty directory, as seen by the browser */ "3rdpartyurl" => "", +/* Default app to load on login */ "defaultapp" => "files", +/* Enable the help menu item in the settings */ "knowledgebaseenabled" => true, -"knowledgebaseurl" => "", +/* URL to use for the help page, server should understand OCS */ +"knowledgebaseurl" => "http://api.apps.owncloud.com/v1", +/* Enable installing apps from the appstore */ "appstoreenabled" => true, -"appstoreurl" => "", +/* URL of the appstore to use, server should understand OCS */ +"appstoreurl" => "http://api.apps.owncloud.com/v1", +/* Mode to use for sending mail, can be sendmail, smtp, qmail or php, see PHPMailer docs */ "mail_smtpmode" => "sendmail", +/* Host to use for sending mail, depends on mail_smtpmode if this is used */ "mail_smtphost" => "127.0.0.1", +/* authentication needed to send mail, depends on mail_smtpmode if this is used + * (false = disable authentication) + */ "mail_smtpauth" => false, +/* Username to use for sendmail mail, depends on mail_smtpauth if this is used */ "mail_smtpname" => "", +/* Password to use for sendmail mail, depends on mail_smtpauth if this is used */ "mail_smtppassword" => "", +/* Check 3rdparty apps for malicious code fragments */ "appcodechecker" => "", -"log_type" => "", +/* Place to log to, can be owncloud and syslog (owncloud is log menu item in admin menu) */ +"log_type" => "owncloud", +/* File for the owncloud logger to log to, (default is ownloud.log in the data dir */ "logfile" => "", +/* Loglevel to start logging at. 0=DEBUG, 1=INFO, 2=WARN, 3=ERROR (default is WARN) */ "loglevel" => "", /* Set this to false to disable the check for writable apps dir. * If the apps dir is not writable, you can't download&install extra apps * in the admin apps menu. */ "writable_appsdir" => true, +/* The directory where the user data is stored, default to data in the owncloud + * directory. The sqlite database is also stored here, when sqlite is used. + */ // "datadirectory" => "" ); ?> -- cgit v1.2.3 From 0575d149b4c0b83383395b931b418612a6e85a3b Mon Sep 17 00:00:00 2001 From: Bart Visscher Date: Thu, 7 Jun 2012 22:49:50 +0200 Subject: Use the default parameter of OC_Config::getValue to set defaults --- lib/ocsclient.php | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/lib/ocsclient.php b/lib/ocsclient.php index 33308553be0..8e976171e93 100644 --- a/lib/ocsclient.php +++ b/lib/ocsclient.php @@ -35,12 +35,7 @@ class OC_OCSClient{ * This function returns the url of the OCS AppStore server. It´s possible to set it in the config file or it will fallback to the default */ private static function getAppStoreURL(){ - $configurl=OC_Config::getValue('appstoreurl', ''); - if($configurl<>'') { - $url=$configurl; - }else{ - $url='http://api.apps.owncloud.com/v1'; - } + $url = OC_Config::getValue('appstoreurl', 'http://api.apps.owncloud.com/v1'); return($url); } @@ -50,12 +45,7 @@ class OC_OCSClient{ * This function returns the url of the OCS knowledge base server. It´s possible to set it in the config file or it will fallback to the default */ private static function getKBURL(){ - $configurl=OC_Config::getValue('knowledgebaseurl', ''); - if($configurl<>'') { - $url=$configurl; - }else{ - $url='http://api.apps.owncloud.com/v1'; - } + $url = OC_Config::getValue('knowledgebaseurl', 'http://api.apps.owncloud.com/v1'); return($url); } -- cgit v1.2.3 From 4afcae8d56e880288124605a7b2a9890081601d5 Mon Sep 17 00:00:00 2001 From: Bart Visscher Date: Thu, 7 Jun 2012 23:38:50 +0200 Subject: Gallery: Fix database creation on update, also only from version less then 0.5 --- apps/gallery/appinfo/update.php | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/apps/gallery/appinfo/update.php b/apps/gallery/appinfo/update.php index dd248e21b3e..a0997ab5e86 100644 --- a/apps/gallery/appinfo/update.php +++ b/apps/gallery/appinfo/update.php @@ -1,9 +1,11 @@ execute(); -$stmt = OCP\DB::prepare('DROP TABLE IF EXISTS *PREFIX*gallery_albums'); -$stmt->execute(); - -\OC_DB::createDbFromStructure('./database.xml'); +$currentVersion=OC_Appconfig::getValue('gallery', 'installed_version'); +if (version_compare($currentVersion, '0.5.0', '<')) { + $stmt = OCP\DB::prepare('DROP TABLE IF EXISTS *PREFIX*gallery_photos'); + $stmt->execute(); + $stmt = OCP\DB::prepare('DROP TABLE IF EXISTS *PREFIX*gallery_albums'); + $stmt->execute(); + \OC_DB::createDbFromStructure(OC::$APPSROOT.'/apps/'.$appid.'/appinfo/database.xml'); +} -- cgit v1.2.3 From 4768510923f6bfa3f3473874395a7a61872f1df0 Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Fri, 8 Jun 2012 01:29:46 +0200 Subject: split share and root config for smb backend, also sanitize config a bit more --- apps/files_external/lib/smb.php | 20 ++++++++++++++++++-- apps/files_external/tests/config.php | 3 ++- apps/files_external/tests/smb.php | 2 +- 3 files changed, 21 insertions(+), 4 deletions(-) diff --git a/apps/files_external/lib/smb.php b/apps/files_external/lib/smb.php index f5e6d78e776..f594fbb880d 100644 --- a/apps/files_external/lib/smb.php +++ b/apps/files_external/lib/smb.php @@ -13,6 +13,7 @@ class OC_FileStorage_SMB extends OC_FileStorage_StreamWrapper{ private $user; private $host; private $root; + private $share; private static $tempFiles=array(); @@ -20,17 +21,32 @@ class OC_FileStorage_SMB extends OC_FileStorage_StreamWrapper{ $this->host=$params['host']; $this->user=$params['user']; $this->password=$params['password']; + $this->share=$params['share']; $this->root=isset($params['root'])?$params['root']:'/'; + if(substr($this->root,-1,1)!='/'){ + $this->root.='/'; + } + if(substr($this->root,0,1)!='/'){ + $this->root='/'.$this->root; + } + if(substr($this->share,0,1)!='/'){ + $this->share='/'.$this->share; + } + if(substr($this->share,-1,1)=='/'){ + $this->share=substr($this->share,0,-1); + } //create the root folder if necesary - $this->mkdir(''); + if(!$this->is_dir('')){ + $this->mkdir(''); + } } public function constructUrl($path){ if(substr($path,-1)=='/'){ $path=substr($path,0,-1); } - return 'smb://'.$this->user.':'.$this->password.'@'.$this->host.$this->root.$path; + return 'smb://'.$this->user.':'.$this->password.'@'.$this->host.$this->share.$this->root.$path; } } diff --git a/apps/files_external/tests/config.php b/apps/files_external/tests/config.php index 970008d642c..e58a87fabdf 100644 --- a/apps/files_external/tests/config.php +++ b/apps/files_external/tests/config.php @@ -34,7 +34,8 @@ return array( 'user'=>'test', 'password'=>'test', 'host'=>'localhost', - 'root'=>'/test', + 'share'=>'/test', + 'root'=>'/test/', ), 'amazons3'=>array( 'run'=>false, diff --git a/apps/files_external/tests/smb.php b/apps/files_external/tests/smb.php index 52e1700b019..e1495b7480d 100644 --- a/apps/files_external/tests/smb.php +++ b/apps/files_external/tests/smb.php @@ -19,7 +19,7 @@ if(!is_array($config) or !isset($config['smb']) or !$config['smb']['run']){ public function setUp(){ $id=uniqid(); $this->config=include('apps/files_external/tests/config.php'); - $this->config['smb']['root'].='/'.$id;//make sure we have an new empty folder to work in + $this->config['smb']['root'].=$id;//make sure we have an new empty folder to work in $this->instance=new OC_Filestorage_SMB($this->config['smb']); } -- cgit v1.2.3 From f91ad08613bf2554f689da7d71a8d79a272bafeb Mon Sep 17 00:00:00 2001 From: Bjoern Schiessle Date: Fri, 8 Jun 2012 11:37:04 +0200 Subject: fixed broken lines in user table --- settings/css/settings.css | 3 ++- settings/templates/users.php | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/settings/css/settings.css b/settings/css/settings.css index b5a3c0f03b7..d4083857977 100644 --- a/settings/css/settings.css +++ b/settings/css/settings.css @@ -34,9 +34,10 @@ li.selected { background-color:#ddd; } #content>table:not(.nostyle) { margin-top:3em; } table:not(.nostyle) { width:100%; } #rightcontent { padding-left: 1em; } -td.quota { position:absolute; } +td.quota { position:relative; } div.quota { float:right; display:block; position:absolute; right:25em; top:0; } select.quota { position:absolute; left:0; top:0; width:10em; } +select.quota-user { position:relative; left:0; top:0; width:10em; } input.quota-other { display:none; position:absolute; left:0.1em; top:0.1em; width:7em; border:none; -webkit-box-shadow: none -mox-box-shadow:none ; box-shadow:none; } div.quota>span { position:absolute; right:0em; white-space:nowrap; top: 0.7em } select.quota.active { background: #fff; } diff --git a/settings/templates/users.php b/settings/templates/users.php index a23a5bafe61..1951f17a0b7 100644 --- a/settings/templates/users.php +++ b/settings/templates/users.php @@ -64,7 +64,7 @@ foreach($_["groups"] as $group) { - -- cgit v1.2.3 From f568b7ccb4a7ee4231aec4569443939878fa204c Mon Sep 17 00:00:00 2001 From: Frank Karlitschek Date: Fri, 8 Jun 2012 11:49:14 +0200 Subject: add spacing lines to our awesome new sample config file. readability++ --- config/config.sample.php | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/config/config.sample.php b/config/config.sample.php index c81e4a34eba..6ea23ee4bcf 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -5,61 +5,87 @@ define("DEBUG", true); $CONFIG = array( /* Flag to indicate OwnCloud is successfully installed (true = installed) */ "installed" => false, + /* Type of database, can be sqlite, mysql or pgsql */ "dbtype" => "sqlite", + /* Name of the OwnCloud database */ "dbname" => "owncloud", + /* User to access the OwnCloud database */ "dbuser" => "", + /* Password to access the OwnCloud database */ "dbpassword" => "", + /* Host running the OwnCloud database */ "dbhost" => "", + /* Prefix for the OwnCloud tables in the database */ "dbtableprefix" => "", + /* Force use of HTTPS connection (true = use HTTPS) */ "forcessl" => false, + /* Theme to use for OwnCloud */ "theme" => "", + /* Path to the 3rdparty directory */ "3rdpartyroot" => "", + /* URL to the 3rdparty directory, as seen by the browser */ "3rdpartyurl" => "", + /* Default app to load on login */ "defaultapp" => "files", + /* Enable the help menu item in the settings */ "knowledgebaseenabled" => true, + /* URL to use for the help page, server should understand OCS */ "knowledgebaseurl" => "http://api.apps.owncloud.com/v1", + /* Enable installing apps from the appstore */ "appstoreenabled" => true, + /* URL of the appstore to use, server should understand OCS */ "appstoreurl" => "http://api.apps.owncloud.com/v1", + /* Mode to use for sending mail, can be sendmail, smtp, qmail or php, see PHPMailer docs */ "mail_smtpmode" => "sendmail", + /* Host to use for sending mail, depends on mail_smtpmode if this is used */ "mail_smtphost" => "127.0.0.1", + /* authentication needed to send mail, depends on mail_smtpmode if this is used * (false = disable authentication) */ "mail_smtpauth" => false, + /* Username to use for sendmail mail, depends on mail_smtpauth if this is used */ "mail_smtpname" => "", + /* Password to use for sendmail mail, depends on mail_smtpauth if this is used */ "mail_smtppassword" => "", + /* Check 3rdparty apps for malicious code fragments */ "appcodechecker" => "", + /* Place to log to, can be owncloud and syslog (owncloud is log menu item in admin menu) */ "log_type" => "owncloud", + /* File for the owncloud logger to log to, (default is ownloud.log in the data dir */ "logfile" => "", + /* Loglevel to start logging at. 0=DEBUG, 1=INFO, 2=WARN, 3=ERROR (default is WARN) */ "loglevel" => "", + /* Set this to false to disable the check for writable apps dir. * If the apps dir is not writable, you can't download&install extra apps * in the admin apps menu. */ "writable_appsdir" => true, + /* The directory where the user data is stored, default to data in the owncloud * directory. The sqlite database is also stored here, when sqlite is used. */ -- cgit v1.2.3 From 4d3b7574f3dcab1c79c27e93122dcc7d1ac103b2 Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Fri, 8 Jun 2012 11:55:16 +0200 Subject: Sharing, fix: connect to hooks from the correct classes --- apps/files_sharing/appinfo/app.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/files_sharing/appinfo/app.php b/apps/files_sharing/appinfo/app.php index ea3a9da6f7a..b59c90b8774 100644 --- a/apps/files_sharing/appinfo/app.php +++ b/apps/files_sharing/appinfo/app.php @@ -8,8 +8,8 @@ OCP\Util::connectHook("OC_Filesystem", "post_delete", "OC_Share", "deleteItem"); OCP\Util::connectHook("OC_Filesystem", "post_rename", "OC_Share", "renameItem"); OCP\Util::connectHook("OC_Filesystem", "post_write", "OC_Share", "updateItem"); OCP\Util::connectHook('OC_User', 'post_deleteUser', 'OC_Share', 'removeUser'); -OCP\Util::connectHook('OC_User', 'post_addToGroup', 'OC_Share', 'addToGroupShare'); -OCP\Util::connectHook('OC_User', 'post_removeFromGroup', 'OC_Share', 'removeFromGroupShare'); +OCP\Util::connectHook('OC_Group', 'post_addToGroup', 'OC_Share', 'addToGroupShare'); +OCP\Util::connectHook('OC_Group', 'post_removeFromGroup', 'OC_Share', 'removeFromGroupShare'); $dir = isset($_GET['dir']) ? $_GET['dir'] : '/'; if ($dir != '/Shared' || OCP\Config::getAppValue('files_sharing', 'resharing', 'yes') == 'yes') { OCP\Util::addscript("files_sharing", "share"); -- cgit v1.2.3 From 6119f05ac015b71d94318bf759b4fcaefe4650af Mon Sep 17 00:00:00 2001 From: Frank Karlitschek Date: Fri, 8 Jun 2012 12:31:37 +0200 Subject: generate a random salt during installation and store it in the config.php. use it to salt the password hashing. --- config/config.sample.php | 3 +++ lib/setup.php | 4 ++++ lib/user/database.php | 6 +++--- 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/config/config.sample.php b/config/config.sample.php index 6ea23ee4bcf..0c0ace521ec 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -24,6 +24,9 @@ $CONFIG = array( /* Prefix for the OwnCloud tables in the database */ "dbtableprefix" => "", +/* Define the salt used to hash the user passwords. All your user passwords are lost if you lose this string. */ +"passwordsalt" => "", + /* Force use of HTTPS connection (true = use HTTPS) */ "forcessl" => false, diff --git a/lib/setup.php b/lib/setup.php index a096fdbb4cf..5f1fb1525ec 100644 --- a/lib/setup.php +++ b/lib/setup.php @@ -73,6 +73,10 @@ class OC_Setup { $dbtype='sqlite3'; } + //generate a random salt that is used to salt the local user passwords + $salt=mt_rand(1000,9000).mt_rand(1000,9000).mt_rand(1000,9000).mt_rand(1000,9000).mt_rand(1000,9000).mt_rand(1000,9000).mt_rand(1000,9000).mt_rand(1000,9000); + OC_Config::setValue('passwordsalt', $salt); + //write the config file OC_Config::setValue('datadirectory', $datadir); OC_Config::setValue('dbtype', $dbtype); diff --git a/lib/user/database.php b/lib/user/database.php index 769ba6a7920..bb077c8364f 100644 --- a/lib/user/database.php +++ b/lib/user/database.php @@ -69,7 +69,7 @@ class OC_User_Database extends OC_User_Backend { return false; }else{ $hasher=$this->getHasher(); - $hash = $hasher->HashPassword($password); + $hash = $hasher->HashPassword($password.OC_Config::getValue('passwordsalt', '')); $query = OC_DB::prepare( "INSERT INTO `*PREFIX*users` ( `uid`, `password` ) VALUES( ?, ? )" ); $result = $query->execute( array( $uid, $hash)); @@ -102,7 +102,7 @@ class OC_User_Database extends OC_User_Backend { public function setPassword( $uid, $password ){ if( $this->userExists($uid) ){ $hasher=$this->getHasher(); - $hash = $hasher->HashPassword($password); + $hash = $hasher->HashPassword($password.OC_Config::getValue('passwordsalt', '')); $query = OC_DB::prepare( "UPDATE *PREFIX*users SET password = ? WHERE uid = ?" ); $result = $query->execute( array( $hash, $uid )); @@ -131,7 +131,7 @@ class OC_User_Database extends OC_User_Backend { $storedHash=$row['password']; if (substr($storedHash,0,1)=='$'){//the new phpass based hashing $hasher=$this->getHasher(); - if($hasher->CheckPassword($password, $storedHash)){ + if($hasher->CheckPassword($password.OC_Config::getValue('passwordsalt', ''), $storedHash)){ return $row['uid']; }else{ return false; -- cgit v1.2.3 From f70615106f3aca819a9e2356d8e6bbff18437188 Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Fri, 8 Jun 2012 14:57:01 +0200 Subject: typo in var --- apps/user_ldap/group_ldap.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php index 62e7c8ca6bc..d2404a80aa5 100644 --- a/apps/user_ldap/group_ldap.php +++ b/apps/user_ldap/group_ldap.php @@ -190,7 +190,7 @@ class OC_GROUP_LDAP extends OC_Group_Backend { $ldap_groups = OC_LDAP::fetchListOfGroups($this->ldapGroupFilter, array(OC_LDAP::conf('ldapGroupDisplayName'), 'dn')); $this->_groups = OC_LDAP::ownCloudGroupNames($ldap_groups); } - return $this->groups; + return $this->_groups; } /** -- cgit v1.2.3 From 4b3ae60558a5d9d18cdd7be0d844d577785f46fb Mon Sep 17 00:00:00 2001 From: Michael Gapczynski Date: Fri, 8 Jun 2012 11:42:00 -0400 Subject: Working UI for external storage mount configuration --- apps/files_external/ajax/addMountPoint.php | 13 ++ apps/files_external/ajax/removeMountPoint.php | 13 ++ apps/files_external/appinfo/app.php | 7 +- apps/files_external/css/settings.css | 9 +- apps/files_external/js/settings.js | 160 +++++++++++++----- apps/files_external/lib/config.php | 231 ++++++++++++++++++++++++++ apps/files_external/personal.php | 34 ++++ apps/files_external/settings.php | 13 +- apps/files_external/templates/settings.php | 94 ++++++----- 9 files changed, 482 insertions(+), 92 deletions(-) create mode 100644 apps/files_external/ajax/addMountPoint.php create mode 100644 apps/files_external/ajax/removeMountPoint.php create mode 100755 apps/files_external/lib/config.php create mode 100755 apps/files_external/personal.php diff --git a/apps/files_external/ajax/addMountPoint.php b/apps/files_external/ajax/addMountPoint.php new file mode 100644 index 00000000000..549cb6a3427 --- /dev/null +++ b/apps/files_external/ajax/addMountPoint.php @@ -0,0 +1,13 @@ + diff --git a/apps/files_external/ajax/removeMountPoint.php b/apps/files_external/ajax/removeMountPoint.php new file mode 100644 index 00000000000..b77b306bcb5 --- /dev/null +++ b/apps/files_external/ajax/removeMountPoint.php @@ -0,0 +1,13 @@ + diff --git a/apps/files_external/appinfo/app.php b/apps/files_external/appinfo/app.php index 9fd87e39346..b7a07b4aacb 100644 --- a/apps/files_external/appinfo/app.php +++ b/apps/files_external/appinfo/app.php @@ -6,11 +6,16 @@ * See the COPYING-README file. */ - OC::$CLASSPATH['OC_FileStorage_StreamWrapper']='apps/files_external/lib/streamwrapper.php'; +OC::$CLASSPATH['OC_FileStorage_StreamWrapper']='apps/files_external/lib/streamwrapper.php'; OC::$CLASSPATH['OC_Filestorage_FTP']='apps/files_external/lib/ftp.php'; OC::$CLASSPATH['OC_Filestorage_DAV']='apps/files_external/lib/webdav.php'; OC::$CLASSPATH['OC_Filestorage_Google']='apps/files_external/lib/google.php'; OC::$CLASSPATH['OC_Filestorage_SWIFT']='apps/files_external/lib/swift.php'; OC::$CLASSPATH['OC_Filestorage_SMB']='apps/files_external/lib/smb.php'; +OC::$CLASSPATH['OC_Filestorage_AmazonS3']='apps/files_external/lib/amazons3.php'; +OC::$CLASSPATH['OC_Mount_Config']='apps/files_external/lib/config.php'; OCP\App::registerAdmin('files_external', 'settings'); +if (OCP\Config::getAppValue('files_external', 'allow_user_mounting', 'yes') == 'yes') { + OCP\App::registerPersonal('files_external', 'personal'); +} diff --git a/apps/files_external/css/settings.css b/apps/files_external/css/settings.css index b11af752ec8..d8575c49e34 100644 --- a/apps/files_external/css/settings.css +++ b/apps/files_external/css/settings.css @@ -1,6 +1,5 @@ .error { color: #FF3B3B; } -td.type { width:8em; } -td.mount, td.options, td.applicable { width:10em; } -#addStorage>td { border:none; } -#addStorage>td:not(.selectStorage) { visibility:hidden; } -#selectStorage { margin-left:-10px; } \ No newline at end of file +td.mountPoint, td.backend { width:10em; } +#addMountPoint>td { border:none; } +#addMountPoint>td.applicable { visibility:hidden; } +#selectBackend { margin-left:-10px; } \ No newline at end of file diff --git a/apps/files_external/js/settings.js b/apps/files_external/js/settings.js index 9a558ad6e43..38291d5f7e2 100644 --- a/apps/files_external/js/settings.js +++ b/apps/files_external/js/settings.js @@ -1,59 +1,143 @@ -$(document).ready(function(){ +$(document).ready(function() { - function applicableChange(applicable) { - if (applicable == 'Global') { - - } - console.log(applicable); - } - - $('#selectStorage').live('change', function() { + $('.chzn-select').chosen(); + + $('#selectBackend').live('change', function() { var tr = $(this).parent().parent(); $('#externalStorage tbody').last().append($(tr).clone()); - var selected = $(this).val(); + var selected = $(this).find('option:selected').text(); + var backendClass = $(this).val(); $(this).parent().text(selected); - var backends = $(this).data('configurations').split(';'); - var configuration = []; - // Find selected backend configuration parameters - $.each(backends, function(index, backend) { - if (backend.split(':')[0] == selected) { - configuration = backend.split(':')[1].split(','); - // break; - } - }); + $(tr).find('.backend').data('class', $(this).val()); + var configurations = $(this).data('configurations'); var td = $(tr).find('td.configuration'); - $.each(configuration, function(index, config) { - if (config.indexOf('*') != -1) { - td.append(''); - } else { - td.append(''); + $.each(configurations, function(backend, parameters) { + if (backend == backendClass) { + $.each(parameters['configuration'], function(parameter, placeholder) { + if (placeholder.indexOf('*') != -1) { + td.append(''); + } else if (placeholder.indexOf('!') != -1) { + td.append(''+placeholder.substring(1)+''); + } else if (placeholder.indexOf('&') != -1) { + td.append(''); + } else { + td.append(''); + } + }); + return false; } }); + $('.chz-select').chosen(); $(tr).find('td').last().attr('class', 'remove'); $(tr).removeAttr('id'); $(this).remove(); }); - $('td.remove>img').live('click', function() { - $(this).parent().parent().remove(); - // TODO remove storage + $('#externalStorage td').live('change', function() { + var tr = $(this).parent(); + var mountPoint = $(tr).find('.mountPoint input').val(); + if (mountPoint == '') { + return false; + } + var backendClass = $(tr).find('.backend').data('class'); + var configuration = $(tr).find('.configuration input'); + var addMountPoint = true; + if (configuration.length < 1) { + return false; + } + var classOptions = {}; + $.each(configuration, function(index, input) { + if ($(input).val() == '' && !$(input).hasClass('optional')) { + addMountPoint = false; + return false; + } + if ($(input).is(':checkbox')) { + if ($(input).is(':checked')) { + classOptions[$(input).data('parameter')] = true; + } else { + classOptions[$(input).data('parameter')] = false; + } + } else { + classOptions[$(input).data('parameter')] = $(input).val(); + } + }); + if (addMountPoint) { + if ($('#externalStorage').data('admin')) { + var isPersonal = false; + var multiselect = $(tr).find('.chzn-select').val(); + var oldGroups = $(tr).find('.applicable').data('applicable-groups'); + var oldUsers = $(tr).find('.applicable').data('applicable-users'); + $.each(multiselect, function(index, value) { + var pos = value.indexOf('(group)'); + if (pos != -1) { + var mountType = 'group'; + var applicable = value.substr(0, pos); + if ($.inArray(applicable, oldGroups) != -1) { + oldGroups.splice($.inArray(applicable, oldGroups), 1); + } + } else { + var mountType = 'user'; + var applicable = value; + if ($.inArray(applicable, oldUsers) != -1) { + oldUsers.splice($.inArray(applicable, oldUsers), 1); + } + } + $.post(OC.filePath('files_external', 'ajax', 'addMountPoint.php'), { mountPoint: mountPoint, class: backendClass, classOptions: classOptions, mountType: mountType, applicable: applicable, isPersonal: isPersonal }); + }); + var mountType = 'group'; + $.each(oldGroups, function(index, applicable) { + $.post(OC.filePath('files_external', 'ajax', 'removeMountPoint.php'), { mountPoint: mountPoint, mountType: mountType, applicable: applicable, isPersonal: isPersonal }); + }); + var mountType = 'user'; + $.each(oldUsers, function(index, applicable) { + $.post(OC.filePath('files_external', 'ajax', 'removeMountPoint.php'), { mountPoint: mountPoint, mountType: mountType, applicable: applicable, isPersonal: isPersonal }); + }); + } else { + var isPersonal = true; + var mountType = 'user'; + var applicable = OC.currentUser; + $.post(OC.filePath('files_external', 'ajax', 'addMountPoint.php'), { mountPoint: mountPoint, class: backendClass, classOptions: classOptions, mountType: mountType, applicable: applicable, isPersonal: isPersonal }); + } + } }); - $('#externalStorage select[multiple]').each(function(index,element){ - applyMultiplySelect($(element)); + $('td.remove>img').live('click', function() { + var tr = $(this).parent().parent(); + var mountPoint = $(tr).find('.mountPoint input').val(); + if (mountPoint == '') { + return false; + } + if ($('#externalStorage').data('admin')) { + var isPersonal = false; + var multiselect = $(tr).find('.chzn-select').val(); + $.each(multiselect, function(index, value) { + var pos = value.indexOf('(group)'); + if (pos != -1) { + var mountType = 'group'; + var applicable = value.substr(0, pos); + } else { + var mountType = 'user'; + var applicable = value; + } + $.post(OC.filePath('files_external', 'ajax', 'removeMountPoint.php'), { mountPoint: mountPoint, mountType: mountType, applicable: applicable, isPersonal: isPersonal }); + }); + } else { + var mountType = 'user'; + var applicable = OC.currentUser; + var isPersonal = true; + } + $.post(OC.filePath('files_external', 'ajax', 'removeMountPoint.php'), { mountPoint: mountPoint, mountType: mountType, applicable: applicable, isPersonal: isPersonal }); + $(tr).remove(); }); - function applyMultiplySelect(element) { - var checkHandeler=false; - element.multiSelect({ - oncheck:applicableChange, - onuncheck:applicableChange, - minWidth: 120, - }); - } + $('#allowUserMounting').bind('change', function() { - // TODO save setting + if (this.checked) { + OC.AppConfig.setValue('files_external', 'allow_user_mounting', 'yes'); + } else { + OC.AppConfig.setValue('files_external', 'allow_user_mounting', 'no'); + } }); }); \ No newline at end of file diff --git a/apps/files_external/lib/config.php b/apps/files_external/lib/config.php new file mode 100755 index 00000000000..a87319d33b2 --- /dev/null +++ b/apps/files_external/lib/config.php @@ -0,0 +1,231 @@ +. +*/ + +/** +* Class to configure the config/mount.php and data/$user/mount.php files +*/ +class OC_Mount_Config { + + const MOUNT_TYPE_GLOBAL = 'global'; + const MOUNT_TYPE_GROUP = 'group'; + const MOUNT_TYPE_USER = 'user'; + + /** + * Get details on each of the external storage backends, used for the mount config UI + * If the configuration parameter should be secret, add a '*' to the beginning of the value + * If the configuration parameter is a boolean, add a '!' to the beginning of the value + * If the configuration parameter is optional, add a '&' to the beginning of the value + * @return array + */ + public static function getBackends() { + return array( + 'OC_Filestorage_Local' => array('backend' => 'Local', 'configuration' => array('datadir' => 'Location')), + 'OC_Filestorage_AmazonS3' => array('backend' => 'Amazon S3', 'configuration' => array('key' => 'Key', 'secret' => '*Secret', 'bucket' => 'Bucket')), + 'OC_Filestorage_FTP' => array('backend' => 'FTP', 'configuration' => array('host' => 'URL', 'user' => 'Username', 'password' => '*Password', 'root' => '&Root', 'secure' => '!Secure ftps://')), + 'OC_Filestorage_SWIFT' => array('backend' => 'OpenStack Swift', 'configuration' => array('host' => 'URL', 'user' => 'Username', 'token' => '*Token', 'root' => '&Root', 'secure' => '!Secure ftps://')), + 'OC_Filestorage_SMB' => array('backend' => 'SMB', 'configuration' => array('host' => 'URL', 'user' => 'Username', 'password' => '*Password', 'root' => '&Root')), + 'OC_Filestorage_DAV' => array('backend' => 'WebDAV', 'configuration' => array('host' => 'URL', 'user' => 'Username', 'password' => '*Password', 'root' => '&Root', 'secure' => '!Secure https://')) + ); + } + + /** + * Get the system mount points + * The returned array is not in the same format as getUserMountPoints() + * @return array + */ + public static function getSystemMountPoints() { + $mountPoints = self::readData(false); + $backends = self::getBackends(); + $system = array(); + if (isset($mountPoints[self::MOUNT_TYPE_GROUP])) { + foreach ($mountPoints[self::MOUNT_TYPE_GROUP] as $group => $mounts) { + foreach ($mounts as $mountPoint => $mount) { + // Remove '/$user/files/' from mount point + $mountPoint = substr($mountPoint, 13); + // Merge the mount point into the current mount points + if (isset($system[$mountPoint]) && $system[$mountPoint]['configuration'] == $mount['options']) { + $system[$mountPoint]['applicable']['groups'] = array_merge($system[$mountPoint]['applicable']['groups'], array($group)); + } else { + $system[$mountPoint] = array('class' => $mount['class'], 'backend' => $backends[$mount['class']]['backend'], 'configuration' => $mount['options'], 'applicable' => array('groups' => array($group), 'users' => array())); + } + } + } + } + if (isset($mountPoints[self::MOUNT_TYPE_USER])) { + foreach ($mountPoints[self::MOUNT_TYPE_USER] as $user => $mounts) { + foreach ($mounts as $mountPoint => $mount) { + // Remove '/$user/files/' from mount point + $mountPoint = substr($mountPoint, 13); + // Merge the mount point into the current mount points + if (isset($system[$mountPoint]) && $system[$mountPoint]['configuration'] == $mount['options']) { + $system[$mountPoint]['applicable']['users'] = array_merge($system[$mountPoint]['applicable']['users'], array($user)); + } else { + $system[$mountPoint] = array('class' => $mount['class'], 'backend' => $backends[$mount['class']]['backend'], 'configuration' => $mount['options'], 'applicable' => array('groups' => array(), 'users' => array($user))); + } + } + } + } + return $system; + } + + /** + * Get the personal mount points of the current user + * The returned array is not in the same format as getUserMountPoints() + * @return array + */ + public static function getPersonalMountPoints() { + $mountPoints = self::readData(true); + $backends = self::getBackends(); + $uid = OCP\User::getUser(); + $personal = array(); + if (isset($mountPoints[self::MOUNT_TYPE_USER][$uid])) { + foreach ($mountPoints[self::MOUNT_TYPE_USER][$uid] as $mountPoint => $mount) { + // Remove '/$user/files/' from mount point + $personal[substr($mountPoint, 13)] = array('class' => $mount['class'], 'backend' => $backends[$mount['class']]['backend'], 'configuration' => $mount['options']); + } + } + return $personal; + } + + + /** + * Add a mount point to the filesystem + * @param string Mount point + * @param string Backend class + * @param array Backend parameters for the class + * @param string MOUNT_TYPE_GROUP | MOUNT_TYPE_USER + * @param string User or group to apply mount to + * @param bool Personal or system mount point i.e. is this being called from the personal or admin page + * @return bool + */ + public static function addMountPoint($mountPoint, $class, $classOptions, $mountType, $applicable, $isPersonal = false) { + if ($isPersonal) { + // Verify that the mount point applies for the current user + // Prevent non-admin users from mounting local storage + if ($applicable != OCP\User::getUser() || $class == 'OC_Filestorage_Local') { + return false; + } + } + $mount = array($applicable => array('/$user/files/'.$mountPoint => array('class' => $class, 'options' => $classOptions))); + $mountPoints = self::readData($isPersonal); + // Merge the new mount point into the current mount points + if (isset($mountPoints[$mountType])) { + if (isset($mountPoints[$mountType][$applicable])) { + $mountPoints[$mountType][$applicable] = array_merge($mountPoints[$mountType][$applicable], $mount[$applicable]); + } else { + $mountPoints[$mountType] = array_merge($mountPoints[$mountType], $mount); + } + } else { + $mountPoints[$mountType] = $mount; + } + self::writeData($isPersonal, $mountPoints); + return true; + } + + /** + * + * @param string Mount point + * @param string MOUNT_TYPE_GROUP | MOUNT_TYPE_USER + * @param string User or group to remove mount from + * @param bool Personal or system mount point + * @return bool + */ + public static function removeMountPoint($mountPoint, $mountType, $applicable, $isPersonal = false) { + // Verify that the mount point applies for the current user + if ($isPersonal && $applicable != OCP\User::getUser()) { + return false; + } + $mountPoints = self::readData($isPersonal); + // Remove mount point + unset($mountPoints[$mountType][$applicable]['/$user/files/'.$mountPoint]); + // Unset parent arrays if empty + if (empty($mountPoints[$mountType][$applicable])) { + unset($mountPoints[$mountType][$applicable]); + if (empty($mountPoints[$mountType])) { + unset($mountPoints[$mountType]); + } + } + self::writeData($isPersonal, $mountPoints); + return true; + } + + /** + * Read the mount points in the config file into an array + * @param bool Personal or system config file + * @return array + */ + private static function readData($isPersonal) { + if ($isPersonal) { + $file = OC::$SERVERROOT.'/data/'.OCP\User::getUser().'/mount.php'; + } else { + $file = OC::$SERVERROOT.'/config/mount.php'; + } + if (is_file($file)) { + $mountPoints = include($file); + if (is_array($mountPoints)) { + return $mountPoints; + } + } + return array(); + } + + /** + * Write the mount points to the config file + * @param bool Personal or system config file + * @param array Mount points + */ + private static function writeData($isPersonal, $data) { + if ($isPersonal) { + $file = OC::$SERVERROOT.'/data/'.OCP\User::getUser().'/mount.php'; + } else { + $file = OC::$SERVERROOT.'/config/mount.php'; + } + $content = " array (\n"; + foreach ($data[self::MOUNT_TYPE_GROUP] as $group => $mounts) { + $content .= "\t\t'".$group."' => array (\n"; + foreach ($mounts as $mountPoint => $mount) { + $content .= "\t\t\t'".$mountPoint."' => ".str_replace("\n", '', var_export($mount, true)).",\n"; + + } + $content .= "\t\t),\n"; + } + $content .= "\t),\n"; + } + if (isset($data[self::MOUNT_TYPE_USER])) { + $content .= "\t'user' => array (\n"; + foreach ($data[self::MOUNT_TYPE_USER] as $user => $mounts) { + $content .= "\t\t'".$user."' => array (\n"; + foreach ($mounts as $mountPoint => $mount) { + $content .= "\t\t\t'".$mountPoint."' => ".str_replace("\n", '', var_export($mount, true)).",\n"; + } + $content .= "\t\t),\n"; + } + $content .= "\t),\n"; + } + $content .= ");\n?>"; + @file_put_contents($file, $content); + } + +} + +?> \ No newline at end of file diff --git a/apps/files_external/personal.php b/apps/files_external/personal.php new file mode 100755 index 00000000000..32e08742442 --- /dev/null +++ b/apps/files_external/personal.php @@ -0,0 +1,34 @@ +. +*/ + +OCP\Util::addScript('files_external', 'settings'); +OCP\Util::addStyle('files_external', 'settings'); +$backends = OC_Mount_Config::getBackends(); +// Remove local storage +unset($backends['OC_Filestorage_Local']); +$tmpl = new OCP\Template('files_external', 'settings'); +$tmpl->assign('isAdminPage', false); +$tmpl->assign('mounts', OC_Mount_Config::getPersonalMountPoints()); +$tmpl->assign('backends', $backends); +return $tmpl->fetchPage(); + +?> \ No newline at end of file diff --git a/apps/files_external/settings.php b/apps/files_external/settings.php index ce1b308d757..983855ecdcc 100644 --- a/apps/files_external/settings.php +++ b/apps/files_external/settings.php @@ -20,16 +20,15 @@ * License along with this library. If not, see . */ -OCP\Util::addscript('files_external', 'settings'); -OCP\Util::addstyle('files_external', 'settings'); +OCP\Util::addScript('files_external', 'settings'); +OCP\Util::addStyle('files_external', 'settings'); $tmpl = new OCP\Template('files_external', 'settings'); -$tmpl->assign('allowUserMounting', 'yes'); $tmpl->assign('isAdminPage', true); -$tmpl->assign('storage', array()); +$tmpl->assign('mounts', OC_Mount_Config::getSystemMountPoints()); +$tmpl->assign('backends', OC_Mount_Config::getBackends()); $tmpl->assign('groups', OC_Group::getGroups()); -$tmpl->assign('backends', array('Amazon S3', 'FTP', 'Google Drive', 'SWIFT', 'WebDAV')); -$tmpl->assign('configurations', ''); -$tmpl->assign('options', array('Encrypt', 'Version control', 'Allow sharing')); +$tmpl->assign('users', OCP\User::getUsers()); +$tmpl->assign('allowUserMounting', OCP\Config::getAppValue('files_external', 'allow_user_mounting', 'yes')); return $tmpl->fetchPage(); ?> \ No newline at end of file diff --git a/apps/files_external/templates/settings.php b/apps/files_external/templates/settings.php index e34c0322390..9f65cfca965 100644 --- a/apps/files_external/templates/settings.php +++ b/apps/files_external/templates/settings.php @@ -1,70 +1,82 @@

t('External Storage'); ?> - - +

- + + - - - '.$l->t('Applicable').''; ?> + + '.$l->t('Applicable').''; ?> - - 'addStorage', 'mount' => ''))); ?> - - data-storage-id=""> - - + array())); ?> + $mount): ?> + > + + + - - - + - - - +

t('Type'); ?>	t('Mount point'); ?>	t('Backend'); ?>	t('Configuration'); ?>	t('Mount Location'); ?>	t('Options'); ?>
-
	+	>	- - $value): ?> - - - - - - +		+ + $value): ?> + + + + + + /> + + + + + + + +		-	' data-applicable-users=''> +	>	>

- - +
/> t('Enable User External Storage'); ?>
-- cgit v1.2.3 From 8fcdccdcdccf6e6fe43995fd08a30731aada9f4e Mon Sep 17 00:00:00 2001 From: Michael Gapczynski Date: Fri, 8 Jun 2012 13:48:38 -0400 Subject: Add Amazon Web Services SDK to 3rdparty for Amazon S3 external storage --- 3rdparty/aws-sdk/README.md | 136 + 3rdparty/aws-sdk/_compatibility_test/README.md | 37 + .../_compatibility_test/sdk_compatibility.inc.php | 75 + .../_compatibility_test/sdk_compatibility_test.php | 789 ++++ .../sdk_compatibility_test_cli.php | 186 + 3rdparty/aws-sdk/_docs/CHANGELOG.md | 1405 +++++++ 3rdparty/aws-sdk/_docs/CONTRIBUTORS.md | 64 + 3rdparty/aws-sdk/_docs/DYNAMODBSESSIONHANDLER.html | 235 ++ 3rdparty/aws-sdk/_docs/KNOWNISSUES.md | 65 + 3rdparty/aws-sdk/_docs/LICENSE.md | 151 + 3rdparty/aws-sdk/_docs/NOTICE.md | 444 +++ 3rdparty/aws-sdk/_docs/STREAMWRAPPER_README.html | 243 ++ .../aws-sdk/_docs/WHERE_IS_THE_API_REFERENCE.md | 2 + .../aws-sdk/authentication/signable.interface.php | 48 + .../authentication/signature_v2query.class.php | 163 + .../authentication/signature_v3json.class.php | 235 ++ .../authentication/signature_v3query.class.php | 192 + .../authentication/signature_v4json.class.php | 353 ++ .../authentication/signature_v4query.class.php | 345 ++ .../aws-sdk/authentication/signer.abstract.php | 68 + 3rdparty/aws-sdk/config-sample.inc.php | 83 + 3rdparty/aws-sdk/lib/dom/ArrayToDOMDocument.php | 181 + 3rdparty/aws-sdk/lib/requestcore/LICENSE | 25 + 3rdparty/aws-sdk/lib/requestcore/README.md | 15 + 3rdparty/aws-sdk/lib/requestcore/cacert.pem | 3390 +++++++++++++++++ .../aws-sdk/lib/requestcore/requestcore.class.php | 1028 +++++ 3rdparty/aws-sdk/lib/yaml/LICENSE | 19 + 3rdparty/aws-sdk/lib/yaml/README.markdown | 15 + 3rdparty/aws-sdk/lib/yaml/lib/sfYaml.php | 135 + 3rdparty/aws-sdk/lib/yaml/lib/sfYamlDumper.php | 60 + 3rdparty/aws-sdk/lib/yaml/lib/sfYamlInline.php | 442 +++ 3rdparty/aws-sdk/lib/yaml/lib/sfYamlParser.php | 612 +++ 3rdparty/aws-sdk/sdk.class.php | 1434 +++++++ 3rdparty/aws-sdk/services/s3.class.php | 3979 ++++++++++++++++++++ 3rdparty/aws-sdk/utilities/array.class.php | 312 ++ 3rdparty/aws-sdk/utilities/batchrequest.class.php | 126 + 3rdparty/aws-sdk/utilities/complextype.class.php | 123 + 3rdparty/aws-sdk/utilities/credential.class.php | 157 + 3rdparty/aws-sdk/utilities/credentials.class.php | 125 + 3rdparty/aws-sdk/utilities/gzipdecode.class.php | 377 ++ 3rdparty/aws-sdk/utilities/hadoopbase.class.php | 67 + .../aws-sdk/utilities/hadoopbootstrap.class.php | 127 + 3rdparty/aws-sdk/utilities/hadoopstep.class.php | 98 + 3rdparty/aws-sdk/utilities/info.class.php | 69 + 3rdparty/aws-sdk/utilities/json.class.php | 89 + 3rdparty/aws-sdk/utilities/manifest.class.php | 54 + 3rdparty/aws-sdk/utilities/mimetypes.class.php | 223 ++ 3rdparty/aws-sdk/utilities/policy.class.php | 134 + 3rdparty/aws-sdk/utilities/request.class.php | 70 + 3rdparty/aws-sdk/utilities/response.class.php | 29 + 3rdparty/aws-sdk/utilities/simplexml.class.php | 248 ++ 3rdparty/aws-sdk/utilities/stacktemplate.class.php | 52 + 3rdparty/aws-sdk/utilities/stepconfig.class.php | 91 + 3rdparty/aws-sdk/utilities/utilities.class.php | 399 ++ apps/files_external/lib/amazons3.php | 2 +- 55 files changed, 19625 insertions(+), 1 deletion(-) create mode 100644 3rdparty/aws-sdk/README.md create mode 100644 3rdparty/aws-sdk/_compatibility_test/README.md create mode 100644 3rdparty/aws-sdk/_compatibility_test/sdk_compatibility.inc.php create mode 100644 3rdparty/aws-sdk/_compatibility_test/sdk_compatibility_test.php create mode 100755 3rdparty/aws-sdk/_compatibility_test/sdk_compatibility_test_cli.php create mode 100644 3rdparty/aws-sdk/_docs/CHANGELOG.md create mode 100644 3rdparty/aws-sdk/_docs/CONTRIBUTORS.md create mode 100644 3rdparty/aws-sdk/_docs/DYNAMODBSESSIONHANDLER.html create mode 100644 3rdparty/aws-sdk/_docs/KNOWNISSUES.md create mode 100644 3rdparty/aws-sdk/_docs/LICENSE.md create mode 100644 3rdparty/aws-sdk/_docs/NOTICE.md create mode 100644 3rdparty/aws-sdk/_docs/STREAMWRAPPER_README.html create mode 100644 3rdparty/aws-sdk/_docs/WHERE_IS_THE_API_REFERENCE.md create mode 100644 3rdparty/aws-sdk/authentication/signable.interface.php create mode 100644 3rdparty/aws-sdk/authentication/signature_v2query.class.php create mode 100644 3rdparty/aws-sdk/authentication/signature_v3json.class.php create mode 100644 3rdparty/aws-sdk/authentication/signature_v3query.class.php create mode 100644 3rdparty/aws-sdk/authentication/signature_v4json.class.php create mode 100644 3rdparty/aws-sdk/authentication/signature_v4query.class.php create mode 100644 3rdparty/aws-sdk/authentication/signer.abstract.php create mode 100755 3rdparty/aws-sdk/config-sample.inc.php create mode 100644 3rdparty/aws-sdk/lib/dom/ArrayToDOMDocument.php create mode 100755 3rdparty/aws-sdk/lib/requestcore/LICENSE create mode 100755 3rdparty/aws-sdk/lib/requestcore/README.md create mode 100755 3rdparty/aws-sdk/lib/requestcore/cacert.pem create mode 100755 3rdparty/aws-sdk/lib/requestcore/requestcore.class.php create mode 100644 3rdparty/aws-sdk/lib/yaml/LICENSE create mode 100644 3rdparty/aws-sdk/lib/yaml/README.markdown create mode 100644 3rdparty/aws-sdk/lib/yaml/lib/sfYaml.php create mode 100644 3rdparty/aws-sdk/lib/yaml/lib/sfYamlDumper.php create mode 100644 3rdparty/aws-sdk/lib/yaml/lib/sfYamlInline.php create mode 100644 3rdparty/aws-sdk/lib/yaml/lib/sfYamlParser.php create mode 100755 3rdparty/aws-sdk/sdk.class.php create mode 100755 3rdparty/aws-sdk/services/s3.class.php create mode 100644 3rdparty/aws-sdk/utilities/array.class.php create mode 100644 3rdparty/aws-sdk/utilities/batchrequest.class.php create mode 100644 3rdparty/aws-sdk/utilities/complextype.class.php create mode 100644 3rdparty/aws-sdk/utilities/credential.class.php create mode 100644 3rdparty/aws-sdk/utilities/credentials.class.php create mode 100644 3rdparty/aws-sdk/utilities/gzipdecode.class.php create mode 100644 3rdparty/aws-sdk/utilities/hadoopbase.class.php create mode 100644 3rdparty/aws-sdk/utilities/hadoopbootstrap.class.php create mode 100644 3rdparty/aws-sdk/utilities/hadoopstep.class.php create mode 100644 3rdparty/aws-sdk/utilities/info.class.php create mode 100644 3rdparty/aws-sdk/utilities/json.class.php create mode 100644 3rdparty/aws-sdk/utilities/manifest.class.php create mode 100644 3rdparty/aws-sdk/utilities/mimetypes.class.php create mode 100644 3rdparty/aws-sdk/utilities/policy.class.php create mode 100644 3rdparty/aws-sdk/utilities/request.class.php create mode 100644 3rdparty/aws-sdk/utilities/response.class.php create mode 100644 3rdparty/aws-sdk/utilities/simplexml.class.php create mode 100644 3rdparty/aws-sdk/utilities/stacktemplate.class.php create mode 100644 3rdparty/aws-sdk/utilities/stepconfig.class.php create mode 100755 3rdparty/aws-sdk/utilities/utilities.class.php diff --git a/3rdparty/aws-sdk/README.md b/3rdparty/aws-sdk/README.md new file mode 100644 index 00000000000..7e55f76b3b2 --- /dev/null +++ b/3rdparty/aws-sdk/README.md @@ -0,0 +1,136 @@ +# AWS SDK for PHP + +The AWS SDK for PHP enables developers to build solutions for Amazon Simple Storage Service (Amazon S3), +Amazon Elastic Compute Cloud (Amazon EC2), Amazon SimpleDB, and more. With the AWS SDK for PHP, developers +can get started in minutes with a single, downloadable package. + +The SDK features: + +* **AWS PHP Libraries:** Build PHP applications on top of APIs that take the complexity out of coding directly + against a web service interface. The toolkit provides APIs that hide much of the lower-level implementation. +* **Code Samples:** Practical examples for how to use the toolkit to build applications. +* **Documentation:** Complete SDK reference documentation with samples demonstrating how to use the SDK. +* **PEAR package:** The ability to install the AWS SDK for PHP as a PEAR package. +* **SDK Compatibility Test:** Includes both an HTML-based and a CLI-based SDK Compatibility Test that you can + run on your server to determine whether or not your PHP environment meets the minimum requirements. + +For more information about the AWS SDK for PHP, including a complete list of supported services, see +[aws.amazon.com/sdkforphp](http://aws.amazon.com/sdkforphp). + + +## Signing up for Amazon Web Services + +Before you can begin, you must sign up for each service you want to use. + +To sign up for a service: + +* Go to the home page for the service. You can find a list of services on + [aws.amazon.com/products](http://aws.amazon.com/products). +* Click the Sign Up button on the top right corner of the page. If you don't already have an AWS account, you + are prompted to create one as part of the sign up process. +* Follow the on-screen instructions. +* AWS sends you a confirmation e-mail after the sign-up process is complete. At any time, you can view your + current account activity and manage your account by going to [aws.amazon.com](http://aws.amazon.com) and + clicking "Your Account". + + +## Source +The source tree for includes the following files and directories: + +* `_compatibility_test` -- Includes both an HTML-based and a CLI-based SDK Compatibility Test that you can + run on your server to determine whether or not your PHP environment meets the minimum requirements. +* `_docs` -- Informational documents, the contents of which should be fairly self-explanatory. +* `_samples` -- Code samples that you can run out of the box. +* `extensions` -- Extra code that can be used to enhance usage of the SDK, but isn't a service class or a + third-party library. +* `lib` -- Contains any third-party libraries that the SDK depends on. The licenses for these projects will + always be Apache 2.0-compatible. +* `services` -- Contains the service-specific classes that communicate with AWS. These classes are always + prefixed with `Amazon`. +* `utilities` -- Contains any utility-type methods that the SDK uses. Includes extensions to built-in PHP + classes, as well as new functionality that is entirely custom. These classes are always prefixed with `CF`. +* `README` -- The document you're reading right now. +* `config-sample.inc.php` -- A sample configuration file that should be filled out and renamed to `config.inc.php`. +* `sdk.class.php` -- The SDK loader that you would include in your projects. Contains the base functionality + that the rest of the SDK depends on. + + +## Minimum Requirements in a nutshell + +* You are at least an intermediate-level PHP developer and have a basic understanding of object-oriented PHP. +* You have a valid AWS account, and you've already signed up for the services you want to use. +* The PHP interpreter, version 5.2 or newer. PHP 5.2.17 or 5.3.x is highly recommended for use with the AWS SDK for PHP. +* The cURL PHP extension (compiled with the [OpenSSL](http://openssl.org) libraries for HTTPS support). +* The ability to read from and write to the file system via [file_get_contents()](http://php.net/file_get_contents) and [file_put_contents()](http://php.net/file_put_contents). + +If you're not sure whether your PHP environment meets these requirements, run the +[SDK Compatibility Test](http://github.com/amazonwebservices/aws-sdk-for-php/tree/master/_compatibility_test/) script +included in the SDK download. + + +## Installation + +### Via GitHub + +[Git](http://git-scm.com) is an extremely fast, efficient, distributed version control system ideal for the +collaborative development of software. [GitHub](http://github.com/amazonwebservices) is the best way to +collaborate with others. Fork, send pull requests and manage all your public and private git repositories. +We believe that GitHub is the ideal service for working collaboratively with the open source PHP community. + +Git is primarily a command-line tool. GitHub provides instructions for installing Git on +[Mac OS X](http://help.github.com/mac-git-installation/), [Windows](http://help.github.com/win-git-installation/), +and [Linux](http://help.github.com/linux-git-installation/). If you're unfamiliar with Git, there are a variety +of resources on the net that will help you learn more: + +* [Git Immersion](http://gitimmersion.com) is a guided tour that walks through the fundamentals of Git, inspired + by the premise that to know a thing is to do it. +* The [PeepCode screencast on Git](https://peepcode.com/products/git) ($12) will teach you how to install and + use Git. You'll learn how to create a repository, use branches, and work with remote repositories. +* [Git Reference](http://gitref.org) is meant to be a quick reference for learning and remembering the most + important and commonly used Git commands. +* [Git Ready](http://gitready.com) provides a collection of Git tips and tricks. +* If you want to dig even further, I've [bookmarked other Git references](http://pinboard.in/u:skyzyx/t:git). + +If you're comfortable working with Git and/or GitHub, you can pull down the source code as follows: + + git clone git://github.com/amazonwebservices/aws-sdk-for-php.git AWSSDKforPHP + cd ./AWSSDKforPHP + +### Via PEAR + +[PEAR](http://pear.php.net) stands for the _PHP Extension and Application Repository_ and is a framework and +distribution system for reusable PHP components. It is the PHP equivalent to package management software such as +[MacPorts](http://macports.org) and [Homebrew](https://github.com/mxcl/homebrew) for Mac OS X, +[Yum](http://fedoraproject.org/wiki/Tools/yum) and [Apt](http://wiki.debian.org/Apt) for GNU/Linux, +[RubyGems](http://rubygems.org) for Ruby, [Easy Install](http://packages.python.org/distribute/easy_install.html) +for Python, [Maven](http://maven.apache.org) for Java, and [NPM](http://npm.mape.me) for Node.js. + +PEAR packages are very easy to install, and are available in your PHP environment path so that they are accessible +to any PHP project. PEAR packages are not specific to your project, but rather to the machine that they're +installed on. + +From the command-line, you can install the SDK with PEAR as follows: + + pear channel-discover pear.amazonwebservices.com + pear install aws/sdk + +You may need to use `sudo` for the above commands. Once the SDK has been installed via PEAR, you can load it into +your project with: + + require_once 'AWSSDKforPHP/sdk.class.php'; + +### Configuration + +1. Copy the contents of [config-sample.inc.php](https://github.com/amazonwebservices/aws-sdk-for-php/raw/master/config-sample.inc.php) + and add your credentials as instructed in the file. +2. Move your file to `~/.aws/sdk/config.inc.php`. +3. Make sure that `getenv('HOME')` points to your user directory. If not you'll need to set + `putenv('HOME=')`. + + +## Additional Information + +* AWS SDK for PHP: +* Documentation: +* License: +* Discuss: diff --git a/3rdparty/aws-sdk/_compatibility_test/README.md b/3rdparty/aws-sdk/_compatibility_test/README.md new file mode 100644 index 00000000000..9e2f2d89409 --- /dev/null +++ b/3rdparty/aws-sdk/_compatibility_test/README.md @@ -0,0 +1,37 @@ +# Compatibility Test + +## Via your web browser + +1. Upload `sdk_compatibility_test.php` to the web-accessible root of your website. +For example, if your website is `www.example.com`, upload it so that you can get +to it at `www.example.com/sdk_compatibility_test.php` + +2. Open your web browser and go to the page you just uploaded. + + +## Via the command line + +### Windows + +1. Upload `sdk_compatibility_test_cli.php` to your server via SFTP. + +2. SSH/RDP into the machine, and find the directory where you uploaded the test. + +3. Run the test, and review the results: + + php .\sdk_compatibility_test_cli.php + + +### Non-Windows (Mac or *nix) + +1. Upload `sdk_compatibility_test_cli.php` to your server via SFTP. + +2. SSH into the machine, and find the directory where you uploaded the test. + +3. Set the executable bit: + + chmod +x ./sdk_compatibility_test_cli.php + +4. Run the test, and review the results: + + ./sdk_compatibility_test_cli.php diff --git a/3rdparty/aws-sdk/_compatibility_test/sdk_compatibility.inc.php b/3rdparty/aws-sdk/_compatibility_test/sdk_compatibility.inc.php new file mode 100644 index 00000000000..c17ec33d72e --- /dev/null +++ b/3rdparty/aws-sdk/_compatibility_test/sdk_compatibility.inc.php @@ -0,0 +1,75 @@ +=')); +$simplexml_ok = extension_loaded('simplexml'); +$dom_ok = extension_loaded('dom'); +$json_ok = (extension_loaded('json') && function_exists('json_encode') && function_exists('json_decode')); +$spl_ok = extension_loaded('spl'); +$pcre_ok = extension_loaded('pcre'); +$curl_ok = false; +if (function_exists('curl_version')) +{ + $curl_version = curl_version(); + $curl_ok = (function_exists('curl_exec') && in_array('https', $curl_version['protocols'], true)); +} +$file_ok = (function_exists('file_get_contents') && function_exists('file_put_contents')); + +// Optional, but recommended +$openssl_ok = (extension_loaded('openssl') && function_exists('openssl_sign')); +$zlib_ok = extension_loaded('zlib'); + +// Optional +$apc_ok = extension_loaded('apc'); +$xcache_ok = extension_loaded('xcache'); +$memcached_ok = extension_loaded('memcached'); +$memcache_ok = extension_loaded('memcache'); +$mc_ok = ($memcache_ok || $memcached_ok); +$pdo_ok = extension_loaded('pdo'); +$pdo_sqlite_ok = extension_loaded('pdo_sqlite'); +$sqlite2_ok = extension_loaded('sqlite'); +$sqlite3_ok = extension_loaded('sqlite3'); +$sqlite_ok = ($pdo_ok && $pdo_sqlite_ok && ($sqlite2_ok || $sqlite3_ok)); + +// Other +$int64_ok = (PHP_INT_MAX === 9223372036854775807); +$ini_memory_limit = get_ini('memory_limit'); +$ini_open_basedir = get_ini('open_basedir'); +$ini_safe_mode = get_ini('safe_mode'); +$ini_zend_enable_gc = get_ini('zend.enable_gc'); + +if ($php_ok && $int64_ok && $curl_ok && $simplexml_ok && $dom_ok && $spl_ok && $json_ok && $pcre_ok && $file_ok && $openssl_ok && $zlib_ok && ($apc_ok || $xcache_ok || $mc_ok || $sqlite_ok)) +{ + $compatiblity = REQUIREMENTS_ALL_MET; +} +elseif ($php_ok && $curl_ok && $simplexml_ok && $dom_ok && $spl_ok && $json_ok && $pcre_ok && $file_ok) +{ + $compatiblity = REQUIREMENTS_MIN_MET; +} +else +{ + $compatiblity = REQUIREMENTS_NOT_MET; +} + +function get_ini($config) +{ + $cfg_value = ini_get($config); + + if ($cfg_value === false || $cfg_value === '' || $cfg_value === 0) + { + return false; + } + elseif ($cfg_value === true || $cfg_value === '1' || $cfg_value === 1) + { + return true; + } +} + +function is_windows() +{ + return strtolower(substr(PHP_OS, 0, 3)) === 'win'; +} diff --git a/3rdparty/aws-sdk/_compatibility_test/sdk_compatibility_test.php b/3rdparty/aws-sdk/_compatibility_test/sdk_compatibility_test.php new file mode 100644 index 00000000000..b36a38ab35e --- /dev/null +++ b/3rdparty/aws-sdk/_compatibility_test/sdk_compatibility_test.php @@ -0,0 +1,789 @@ + + + + +AWS SDK for PHP: Environment Compatibility Test + + + + + + + + + + +

+ +

Minimum Requirements

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Test	Should Be	What You Have
PHP	5.2 or newer
cURL	7.15.0 or newer, with SSL
SimpleXML	Enabled
DOM	Enabled
SPL	Enabled
JSON	Enabled
PCRE	Enabled
File System Read/Write	Enabled

+ +

Optional Extensions

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Test	Would Like To Be	What You Have
OpenSSL	Enabled
Zlib	Enabled
APC	Enabled
XCache	Enabled
Memcache	Enabled
Memcached	Enabled
PDO	Enabled
PDO-SQLite	Enabled
SQLite 2	Enabled
SQLite 3	Enabled

+ +

Settings for php.ini

+ + + + + + + + + + + + + + + + + + + + + + + + + +

Test	Would Like To Be	What You Have
open_basedir	off
safe_mode	off
zend.enable_gc	on

+ +

Other

+ + + + + + + + + + + + + + + +

Test	Would Like To Be	What You Have
Architecture	64-bit	+ (why?) +

+ +
+

+ + +

Bottom Line: Yes, you can!

Your PHP environment is ready to go, and can take advantage of all possible features!

What's Next?

You can download the latest version of the AWS SDK for PHP and install it by following the instructions. Also, check out our library of screencasts and tutorials.

Take the time to read "Getting Started" to make sure you're prepared to use the AWS SDK for PHP. No seriously, read it.

+ +

Bottom Line: Yes, you can!

Your PHP environment is ready to go! There are a couple of minor features that you won't be able to take advantage of, but nothing that's a show-stopper.

What's Next?

You can download the latest version of the AWS SDK for PHP and install it by following the instructions. Also, check out our library of screencasts and tutorials.

Take the time to read "Getting Started" to make sure you're prepared to use the AWS SDK for PHP. No seriously, read it.

+ +

Bottom Line: We're sorry…

Your PHP environment does not support the minimum requirements for the AWS SDK for PHP.

What's Next?

If you're using a shared hosting plan, it may be a good idea to contact your web host and ask them to install a more recent version of PHP and relevant extensions.

If you have control over your PHP environment, we recommended that you upgrade your PHP environment. Check out the "Set Up Your Environment" section of the Getting Started Guide for more information.

+ + + = REQUIREMENTS_MIN_MET): ?> +

Recommended settings for config.inc.php

Based on your particular server configuration, the following settings are recommended.

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + +

Configuration Setting	Recommended Value
`default_cache_config`	`apc`	`xcache`	Any valid, server-writable file system path
`certificate_authority`	`true`

+
+

+ + +

Give me the details!

+ = REQUIREMENTS_MIN_MET): ?> +

Your environment meets the minimum requirements for using the AWS SDK for PHP!
You're still running PHP . The PHP 5.2 family is no longer supported by the PHP team, and future versions of the AWS SDK for PHP will require PHP 5.3 or newer.
The OpenSSL extension is installed. This will allow you to use CloudFront Private URLs and decrypt Microsoft® Windows® instance passwords.
The Zlib extension is installed. The SDK will request gzipped data whenever possible.
You're running on a 32-bit system. This means that PHP does not correctly handle files larger than 2GB (this is a well-known PHP issue). For more information, please see: PHP filesize: Return values.
Note that PHP on Microsoft® Windows® does not support 64-bit integers at all, even if both the hardware and PHP are 64-bit.
You have open_basedir or safe_mode enabled in your php.ini file. Sometimes PHP behaves strangely when these settings are enabled. Disable them if you can.
The PHP garbage collector (available in PHP 5.3+) is not enabled in your php.ini file. Enabling zend.enable_gc will provide better memory management in the PHP core.

Storage types available for response caching:

+ + +

NOTE: You're missing the OpenSSL extension, which means that you won't be able to take advantage of CloudFront Private URLs or decrypt Microsoft® Windows® instance passwords. You're also missing the Zlib extension, which means that the SDK will be unable to request gzipped data from Amazon and you won't be able to take advantage of compression with the response caching feature.

+ +

NOTE: You're missing the Zlib extension, which means that the SDK will be unable to request gzipped data from Amazon and you won't be able to take advantage of compression with the response caching feature.

+ +

NOTE: You're missing the OpenSSL extension, which means that you won't be able to take advantage of CloudFront Private URLs or decrypt Microsoft® Windows® instance passwords.

+ + + +

PHP: You are running an unsupported version of PHP.
cURL: The cURL extension is not available. Without cURL, the SDK cannot connect to — or authenticate with — Amazon's services.
SimpleXML: The SimpleXML extension is not available. Without SimpleXML, the SDK cannot parse the XML responses from Amazon's services.
DOM: The DOM extension is not available. Without DOM, the SDK cannot transliterate JSON responses from Amazon's services into the common SimpleXML-based pattern used throughout the SDK.
SPL: Standard PHP Library support is not available. Without SPL support, the SDK cannot autoload the required PHP classes.
JSON: JSON support is not available. AWS leverages JSON heavily in many of its services.
PCRE: Your PHP installation doesn't support Perl-Compatible Regular Expressions (PCRE). Without PCRE, the SDK cannot do any filtering via regular expressions.
File System Read/Write: The file_get_contents() and/or file_put_contents() functions have been disabled. Without them, the SDK cannot read from, or write to, the file system.

+ +

NOTE: Passing this test does not guarantee that the AWS SDK for PHP will run on your web server — it only ensures that the requirements have been addressed.

+ +

+ + + + + + + diff --git a/3rdparty/aws-sdk/_compatibility_test/sdk_compatibility_test_cli.php b/3rdparty/aws-sdk/_compatibility_test/sdk_compatibility_test_cli.php new file mode 100755 index 00000000000..a6632d89787 --- /dev/null +++ b/3rdparty/aws-sdk/_compatibility_test/sdk_compatibility_test_cli.php @@ -0,0 +1,186 @@ +#! /usr/bin/env php += REQUIREMENTS_MIN_MET) +{ + echo success('Your environment meets the minimum requirements for using the AWS SDK for PHP!') . PHP_EOL . PHP_EOL; + if (version_compare(PHP_VERSION, '5.3.0') < 0) { echo '* You\'re still running PHP ' . PHP_VERSION . '. The PHP 5.2 family is no longer supported' . PHP_EOL . ' by the PHP team, and future versions of the AWS SDK for PHP will *require*' . PHP_EOL . ' PHP 5.3 or newer.' . PHP_EOL . PHP_EOL; } + if ($openssl_ok) { echo '* The OpenSSL extension is installed. This will allow you to use CloudFront' . PHP_EOL . ' Private URLs and decrypt Windows instance passwords.' . PHP_EOL . PHP_EOL; } + if ($zlib_ok) { echo '* The Zlib extension is installed. The SDK will request gzipped data' . PHP_EOL . ' whenever possible.' . PHP_EOL . PHP_EOL; } + if (!$int64_ok) { echo '* You\'re running on a 32-bit system. This means that PHP does not correctly' . PHP_EOL . ' handle files larger than 2GB (this is a well-known PHP issue).' . PHP_EOL . PHP_EOL; } + if (!$int64_ok && is_windows()) { echo '* Note that PHP on Microsoft(R) Windows(R) does not support 64-bit integers' . PHP_EOL . ' at all, even if both the hardware and PHP are 64-bit. http://j.mp/php64win' . PHP_EOL . PHP_EOL; } + + if ($ini_open_basedir || $ini_safe_mode) { echo '* You have open_basedir or safe_mode enabled in your php.ini file. Sometimes' . PHP_EOL . ' PHP behaves strangely when these settings are enabled. Disable them if you can.' . PHP_EOL . PHP_EOL; } + if (!$ini_zend_enable_gc) { echo '* The PHP garbage collector (available in PHP 5.3+) is not enabled in your' . PHP_EOL . ' php.ini file. Enabling zend.enable_gc will provide better memory management' . PHP_EOL . ' in the PHP core.' . PHP_EOL . PHP_EOL; } + + $storage_types = array(); + if ($file_ok) { $storage_types[] = 'The file system'; } + if ($apc_ok) { $storage_types[] = 'APC'; } + if ($xcache_ok) { $storage_types[] = 'XCache'; } + if ($sqlite_ok && $sqlite3_ok) { $storage_types[] = 'SQLite 3'; } + elseif ($sqlite_ok && $sqlite2_ok) { $storage_types[] = 'SQLite 2'; } + if ($memcached_ok) { $storage_types[] = 'Memcached'; } + elseif ($memcache_ok) { $storage_types[] = 'Memcache'; } + echo '* Storage types available for response caching:' . PHP_EOL . ' ' . implode(', ', $storage_types) . PHP_EOL . PHP_EOL; + + if (!$openssl_ok) { echo '* You\'re missing the OpenSSL extension, which means that you won\'t be able' . PHP_EOL . ' to take advantage of CloudFront Private URLs or Windows password decryption.' . PHP_EOL . PHP_EOL; } + if (!$zlib_ok) { echo '* You\'re missing the Zlib extension, which means that the SDK will be unable' . PHP_EOL . ' to request gzipped data from Amazon and you won\'t be able to take advantage' . PHP_EOL . ' of compression with the response caching feature.' . PHP_EOL . PHP_EOL; } +} +else +{ + if (!$php_ok) { echo '* ' . failure('PHP:') . ' You are running an unsupported version of PHP.' . PHP_EOL . PHP_EOL; } + if (!$curl_ok) { echo '* ' . failure('cURL:') . ' The cURL extension is not available. Without cURL, the SDK cannot' . PHP_EOL . ' connect to -- or authenticate with -- Amazon\'s services.' . PHP_EOL . PHP_EOL; } + if (!$simplexml_ok) { echo '* ' . failure('SimpleXML:') . ': The SimpleXML extension is not available. Without SimpleXML,' . PHP_EOL . ' the SDK cannot parse the XML responses from Amazon\'s services.' . PHP_EOL . PHP_EOL; } + if (!$dom_ok) { echo '* ' . failure('DOM:') . ': The DOM extension is not available. Without DOM, the SDK' . PHP_EOL . ' Without DOM, the SDK cannot transliterate JSON responses from Amazon\'s' . PHP_EOL . ' services into the common SimpleXML-based pattern used throughout the SDK.' . PHP_EOL . PHP_EOL; } + if (!$spl_ok) { echo '* ' . failure('SPL:') . ' Standard PHP Library support is not available. Without SPL support,' . PHP_EOL . ' the SDK cannot autoload the required PHP classes.' . PHP_EOL . PHP_EOL; } + if (!$json_ok) { echo '* ' . failure('JSON:') . ' JSON support is not available. AWS leverages JSON heavily in many' . PHP_EOL . ' of its services.' . PHP_EOL . PHP_EOL; } + if (!$pcre_ok) { echo '* ' . failure('PCRE:') . ' Your PHP installation doesn\'t support Perl-Compatible Regular' . PHP_EOL . ' Expressions (PCRE). Without PCRE, the SDK cannot do any filtering via' . PHP_EOL . ' regular expressions.' . PHP_EOL . PHP_EOL; } + if (!$file_ok) { echo '* ' . failure('File System Read/Write:') . ' The file_get_contents() and/or file_put_contents()' . PHP_EOL . ' functions have been disabled. Without them, the SDK cannot read from,' . PHP_EOL . ' or write to, the file system.' . PHP_EOL . PHP_EOL; } +} + +echo '----------------------------------------' . PHP_EOL; +echo PHP_EOL; + +if ($compatiblity === REQUIREMENTS_ALL_MET) +{ + echo success('Bottom Line: Yes, you can!') . PHP_EOL; + echo PHP_EOL; + echo 'Your PHP environment is ready to go, and can take advantage of all possible features!' . PHP_EOL; + + echo PHP_EOL; + echo info('Recommended settings for config.inc.php') . PHP_EOL; + echo PHP_EOL; + + echo "CFCredentials::set(array(" . PHP_EOL; + echo " '@default' => array(" . PHP_EOL; + echo " 'key' => 'aws-key'," . PHP_EOL; + echo " 'secret' => 'aws-secret'," . PHP_EOL; + echo " 'default_cache_config' => "; + if ($apc_ok) echo success('\'apc\''); + elseif ($xcache_ok) echo success('\'xcache\''); + elseif ($file_ok) echo success('\'/path/to/cache/folder\''); + echo "," . PHP_EOL; + echo " 'certificate_authority' => " . success($ssl_result ? 'true' : 'false') . PHP_EOL; + echo " )" . PHP_EOL; + echo "));" . PHP_EOL; +} +elseif ($compatiblity === REQUIREMENTS_MIN_MET) +{ + echo success('Bottom Line: Yes, you can!') . PHP_EOL; + echo PHP_EOL; + echo 'Your PHP environment is ready to go! There are a couple of minor features that' . PHP_EOL . 'you won\'t be able to take advantage of, but nothing that\'s a show-stopper.' . PHP_EOL; + + echo PHP_EOL; + echo info('Recommended settings for config.inc.php') . PHP_EOL; + echo PHP_EOL; + + echo "CFCredentials::set(array(" . PHP_EOL; + echo " '@default' => array(" . PHP_EOL; + echo " 'key' => 'aws-key'," . PHP_EOL; + echo " 'secret' => 'aws-secret'," . PHP_EOL; + echo " 'default_cache_config' => "; + if ($apc_ok) echo success('\'apc\''); + elseif ($xcache_ok) echo success('\'xcache\''); + elseif ($file_ok) echo success('\'/path/to/cache/folder\''); + echo "," . PHP_EOL; + echo " 'certificate_authority' => " . ($ssl_result ? 'false' : 'true') . PHP_EOL; + echo " )" . PHP_EOL; + echo "));" . PHP_EOL; +} +else +{ + echo failure('Bottom Line: We\'re sorry...') . PHP_EOL; + echo 'Your PHP environment does not support the minimum requirements for the ' . PHP_EOL . 'AWS SDK for PHP.' . PHP_EOL; +} + +echo PHP_EOL; diff --git a/3rdparty/aws-sdk/_docs/CHANGELOG.md b/3rdparty/aws-sdk/_docs/CHANGELOG.md new file mode 100644 index 00000000000..52db66f4f6f --- /dev/null +++ b/3rdparty/aws-sdk/_docs/CHANGELOG.md @@ -0,0 +1,1405 @@ +# Changelog: 1.5.6.2 "Gershwin" +Code name for Apple's never-released successor to the never-released Copeland. + +Launched Tuesday, May 29th, 2012. + +## Services +### AmazonDynamoDB +- **Fixed:** STS credentials were not always being cached correctly. + +---- + +# Changelog: 1.5.6.1 "Gershwin" +Code name for Apple's never-released successor to the never-released Copeland. + +Launched Tuesday, May 24th, 2012. + +## Services +### AmazonDynamoDB +- **Fixed:** STS credentials were not always being cached correctly. + +---- + +# Changelog: 1.5.6 "Gershwin" +Code name for Apple's never-released successor to the never-released Copeland. + +Launched Tuesday, May 15th, 2012. + +## Services +### AmazonSES +- **New:** Support for domain verification has been added to the SDK, which enables customers to verify an entire email domain. +- **New:** Requests to this service are now signed with Signature V4. + +---- + +# Changelog: 1.5.5 "Fishhead" +Code name for the Apple II File Mangement Utility. + +Launched Wednesday, May 9, 2012. + +## Services +### AmazonCloudFormation +* **New:** Requests to this service are now signed with Signature V4. + +### AmazonCloudFront +* **New:** Updated the supported API version to `2012-03-15`. + +### AmazonDynamoDB +* **New:** Support for the US West (Northern California), US West (Oregon), Asia Pacific "Southeast" (Signapore) endpoints have been added. + +### AmazonElasticBeanstalk +* **New:** Support for the new Asia Pacific "Northeast" (Japan) endpoint has been added. + +### AmazonStorageGateway +* **New:** Support for the AWS Storage Gateway service has been added to the SDK. + +--- + +# Changelog: 1.5.4 "Enterprise" +Code name for Mac OS X Server 1.0 (Rhapsody CR1). + +Launched Thursday, April 19, 2012. + +## Bug fixes and enhancements +* [PHP SDK Bug - Memory leak](https://forums.aws.amazon.com/thread.jspa?threadID=72310) +* [Does update_object work in 1.5.3?](https://forums.aws.amazon.com/thread.jspa?threadID=89297) +* [The value of CURLOPT_SSL_VERIFYHOST](https://forums.aws.amazon.com/thread.jspa?threadID=86186) +* [PHP SDK BUG: s3.class.php Line 2396 on 1.5.2](https://forums.aws.amazon.com/thread.jspa?threadID=86779) +* [first create_bucket(), then get_bucket_list()](https://forums.aws.amazon.com/thread.jspa?messageID=318885) +* [Issue with AmazonS3::get_object_list() max-keys](https://forums.aws.amazon.com/thread.jspa?threadID=85878) +* [Correct the "Bottom line" minimum requirements check](https://github.com/amazonwebservices/aws-sdk-for-php/pull/23) +* [S3 PHP SDK: copy_object() fails to update the header](http://stackoverflow.com/questions/7677837/s3-php-sdk-copy-object-fails-to-update-the-header) +* [Adds the following utility methods to simplexml.class.php](https://github.com/amazonwebservices/aws-sdk-for-php/pull/22) +* [Adding the ability to name a 'rule' for Object Expiration (suggested tweak)](https://forums.aws.amazon.com/thread.jspa?messageID=328023) + +## Runtime +* **New:** Support for Signature Version 4 has been added to the SDK. Signature Version 4 is now the default authentication method for AWS Identity and Access Management, AWS Security Token Service and Amazon CloudSearch. + +## Services +### AmazonCloudFront +* **New:** Support for a Minimum TTL of zero has been added to the SDK. + +### AmazonCloudSearch +* **New:** Support for Amazon CloudSearch has been added to the SDK. This includes only the Configuration API. + +### AmazonDynamoDB +* **New:** Support for BatchWriteItem API has been added to the SDK. +* **New:** Support for the European (Ireland) endpoint has been added. +* **New:** Support for the Asia Pacific "Northeast" (Tokyo) endpoint has been added. +* **New:** Amazon DynamoDB Session Handler has been added to the SDK. +* **New:** A simplified interface for adding attributes has been added to the SDK. + +### AmazonEC2 +* **New:** The new "m1.medium" instance type is now supported. +* **New:** Amazon EBS support for Volume Status and Volume Attributes have been added to the SDK. +* **New:** Amazon EBS support for Conversion Tasks has been added to the SDK. +* **New:** Amazon EC2 support for the Report Instance Status feature has been added to the SDK. +* **New:** Amazon VPC support for Network Interfaces has been added to the SDK. +* **Fixed:** Various parameter fixes have been applied. + +### AmazonIAM +* **New:** Support for Password Policies and the ability to change passwords has been added to the SDK. + +### AmazonS3 +* **New:** Support for pre-signed URLs using temporary credentials has been added to the SDK. +* **New:** Support for setting a custom name to Lifecycle (i.e., Object Expiration) rules has been added to the SDK. +* **New:** Support for pre-signed URLs with https has been added to the SDK. +* **Fixed:** Resolved an issue where setting a custom XML parsing class was not being respected. +* **Fixed:** Resolved an issue where the `get_object_list()` method would return an incorrect number of entries. +* **Fixed:** Resolved an issue where `update_object()` was attempting to COPY instead of REPLACE. +* **Fixed:** Resolved an issue stemming from using path-style URLs, `create_bucket()` + `list_bucket()` and the EU-West region. +* **Fixed:** Resolved an issue where XML responses were not being parsed consistently. +* **Fixed:** Resolved an issue where Private Streaming URLs contained a double-encoded signature. +* **Fixed:** The `Expect: 100-continue` HTTP header is now only sent during `create_object()` and `upload_part()` requests. + +## Utilities +### CFRuntime +* **Fixed:** Resolved an issue where `CURLOPT_SSL_VERIFYHOST` was not set strictly enough. +* **Fixed:** The `Expect: 100-continue` HTTP header is no longer set on every request. + +### CFSimpleXML +* **New:** Support for `matches()`, `starts_with()` and `ends_with()` methods have been added to the SDK. (Thanks [Wil Moore III](https://github.com/wilmoore)!) + +## Compatibility Test +* **New:** SDK Compatibility Test pages are marked up as to not be indexed by search engines. (Thanks [Eric Caron](http://www.ericcaron.com)!) +* **Fixed:** Duplicate code between the CLI and web versions of the SDK has been refactored. (Thanks [Jimmy Berry](https://github.com/boombatower)!) + +--- + +# Changelog: 1.5.3 "Darwin" +UNIX foundation upon which Mac OS X, Apple TV, and iOS are based. + +Launched Wednesday, Tuesday, February 21, 2012. + +## Bug fixes and enhancements +* [Fixing Issue with set_distribution_config](https://github.com/amazonwebservices/aws-sdk-for-php/pull/20) + +## Services +### AmazonCloudFront +* **Fixed:** Resolved an issue where the `set_distribution_config()` method could fail to satisfy an API constraint when using a custom origin server. (Thanks [zoxa](https://github.com/zoxa)!) + +### AmazonSWF +* **New:** Support for the new Amazon Simple Workflow Service has been added to the SDK. + +---- + +# Changelog: 1.5.2 "Copland" +Code name for Apple's never-released successor to System 7. + +Launched Wednesday, Febraury 1, 2012. + +## Bug fixes and enhancements +* [SSL Cert on PHP SDK 1.5.0.1 ](https://forums.aws.amazon.com/thread.jspa?threadID=84947) +* [Stream Wrapper need a buffer !](https://forums.aws.amazon.com/thread.jspa?threadID=85436) +* [Fixing Issue with set_distribution_config](https://github.com/amazonwebservices/aws-sdk-for-php/pull/20) +* [[Bug] SDK Autoloader Interferes with PHPExcel Autoloader](https://forums.aws.amazon.com/thread.jspa?threadID=85239) +* [get_object query does not always return the same content type](https://forums.aws.amazon.com/thread.jspa?threadID=84148) +* [AWSSDKforPHP/authentication/swift_transport_esmtp_signature_handler.class.p ](https://forums.aws.amazon.com/thread.jspa?threadID=85087) + +## Runtime +* **New:** Updated the CA Root Certificates file to version 1.81. +* **Fixed:** Resolved an issue in the autoloader where the matching logic was too aggressive in certain cases, causing subsequent autoloaders to never trigger. + +## Services +### AmazonAS +* **New:** Support for Auto Scaling Resource Tagging has been added to the SDK. + +### AmazonS3 +* **Fixed:** Resolved an issue where `delete_all_objects()` and `delete_all_object_versions()` was being limited to 1000 items. +* **Fixed:** Resolved an issue where `delete_bucket()` would fail to delete a bucket with the "force" option enabled if the bucket contained more than 1000 items. +* **Fixed:** Resolved an issue where JSON documents stored in Amazon S3 would be parsed into a native PHP object when retrieved. + +## Utilities +### S3StreamWrapper +* **New:** Support for multiple stream wrappers (e.g., one per region) has been added to the SDK. +* **Fixed:** Writes to Amazon S3 are now buffered, resolving issues with pushing more than 8k of data at a time. + +### CFJSON +* **Fixed:** The JSON-to-XML conversion code is now substantially more robust and better handles encoded characters. + +### CacheCore +* **Changed:** Formerly, attempting to cache to a file system location that didn't exist or was not writable by the PHP process would fail silently. This behavior has been changed to throw a `CacheFile_Exception`. + +---- + +# Changelog: 1.5.1 "Blue" +Code name for Macintosh System 7. + +Launched Wednesday, January 18, 2012. + +## Bug fixes and enhancements +* [Documentation patch](https://github.com/amazonwebservices/aws-sdk-for-php/pull/13) +* [Removed duplicate comment line.](https://github.com/amazonwebservices/aws-sdk-for-php/pull/17) +* [CFRuntime credentials handling issue](https://forums.aws.amazon.com/thread.jspa?messageID=310388) +* [PHP 5.2 bug in AWS SDK for PHP 1.5.x](https://forums.aws.amazon.com/thread.jspa?messageID=311543) +* [[Bug] Custom Curl Opts Lost During Retry](https://forums.aws.amazon.com/thread.jspa?threadID=84835) +* [json_last_error doesn't exist before php v 5.3.0](https://github.com/amazonwebservices/aws-sdk-for-php/pull/12) +* [XML still being parsed when use_cache_flow is false](https://github.com/amazonwebservices/aws-sdk-for-php/pull/15) +* [Bug ssl_verification option not respected for AmazonS3 ](https://forums.aws.amazon.com/thread.jspa?threadID=83710) +* [[Bug] Compatibility test for Garbage Collector enabled should use ini_get](https://forums.aws.amazon.com/thread.jspa?threadID=84156) + +## Runtime +* **Fixed:** Corrected an issue where calling `AmazonS3->get_object()` would continue to parse the content if caching was being leveraged. (Thanks [Eric Caron](http://www.ericcaron.com)!) +* **Fixed:** The autoloader now returns `false` for any class it doesn't match, allowing subsequent autoloaders to catch the class name. (Thanks [Eric Caron](http://www.ericcaron.com)!) +* **Fixed:** An issue that caused CloudWatch to fail to decompress gzipped data correctly has been resolved. +* **Fixed:** Resolved an issue with passing explicit credentials without requiring a config file or a `CFCredentials` declaration. +* **Fixed:** Resolved an issue which causes custom cURL options to be unset from the payload when retrying. + +## Services +### AmazonAS +* **New:** Support for Amazon SNS notifications and Tagging have been added to the SDK. + +### AmazonCloudFront +* **Fixed:** Resolved an issue with disabling SSL verification. +* **Fixed:** Resolved an issue where `AmazonCloudFront` were throwing warnings in `E_STRICT` mode. + +### AmazonCloudWatch +* **Fixed:** Resolved an issue with decompressing gzipped data. + +### AmazonDynamoDB +* **New:** Support for Amazon DynamoDB has been added to the SDK. +* **New:** Amazon DynamoDB requires a default cache configuration to be set in the credential set, otherwise it will not function properly. + +### AmazonS3 +* **Fixed:** Resolved an issue with disabling SSL verification. +* **Fixed:** Resolved multiple documentation issues. (Thanks [Aizat Faiz](http://aizatto.com) and [Jason Ardell](http://ardell.posterous.com/)!) +* **Fixed:** Resolved an issue where `AmazonS3` were throwing warnings in `E_STRICT` mode. + +### AmazonSNS +* **New:** Support for Short Messaging Service (SMS) endpoints has been added to the SDK. +* **New:** Support for Subscription Attributes has been added to the SDK. + +## Utilities +### CFJSON +* **Fixed:** Support for the handling of JSON nulls in PHP 5.2 has been improved. (Thanks [David Chan](http://www.chandeeland.org)!) + +## Compatibility Test +* **Fixed:** The SDK compatibility test now uses `ini_get()` instead of `get_cfg_var()` and `get_cfg_ini()` for more accurate test results. + + +---- + +# Changelog: 1.5 "Allegro" +Code name for Mac OS 8.5. + +Launched Wednesday, December 14, 2011 + +## Credentials +* !! BACKWARDS-INCOMPATIBLE CHANGE !! - The function signature of all service constructors has changed. Instead of passing a key and secret as the first and second parameters, the constructor now accepts a hash (associative array) containing `key` and `secret` keys. Please see the API reference documentation + +## Runtime +* !! BACKWARDS-INCOMPATIBLE CHANGE !! - The function signature of all service constructors has changed. Instead of passing a key and secret as the first and second parameters, the constructor now accepts a hash (associative array) containing `key` and `secret` keys. If you are explicitly passing a key and secret to the constructor, you will need to change your code. If you are simply inheriting your default credentials from a config file, you don't need to make any changes beyond upgrading your config file to the new 1.5 format. Please see the API reference documentation for more information. +* !! BACKWARDS-INCOMPATIBLE CHANGE !! - The method by which the `config.inc.php` file maintains its list of credentials has been re-factored and updated to support managing multiple sets of credentials in a single location (e.g., development, staging, production). +* !! BACKWARDS-INCOMPATIBLE CHANGE !! - The `init()` method has been renamed to `factory()` to better reflect what it actually does. +* !! BACKWARDS-INCOMPATIBLE CHANGE !! - The `adjust_offset()` method has been removed. Instead, please ensure that the machine's time is set correctly using an [NTP server](https://secure.wikimedia.org/wikipedia/en/wiki/Network_Time_Protocol). +* !! BACKWARDS-INCOMPATIBLE CHANGE !! - In version 1.4 we enabled a mode where -- for services that supported it -- a set of temporary credentials were fetched and cached before the first request. This functionality has been reverted. The use of short-term credentials must be explicitly enabled by instantiating the `AmazonSTS` class and passing those credentials into the service constructor. +* **New:** Improved the user directory lookup for the config file. +* **Changed:** Made `set_region()` an alias of `set_hostname()`. + +## Services +### AmazonAS +* **New:** Support for the South American (São Paulo) region has been added to the SDK. +* **New:** Plain english aliases have been added to the SDK: `REGION_VIRGINA`, `REGION_CALIFORNIA`, `REGION_OREGON`, `REGION_IRELAND`, `REGION_SINGAPORE`, `REGION_TOKYO`, `REGION_SAO_PAULO` + +### AmazonCloudFormation +* **New:** Support for the South American (São Paulo) region has been added to the SDK. +* **New:** Plain english aliases have been added to the SDK: `REGION_VIRGINA`, `REGION_CALIFORNIA`, `REGION_OREGON`, `REGION_IRELAND`, `REGION_SINGAPORE`, `REGION_TOKYO`, `REGION_SAO_PAULO` +* **New:** Support for cost estimation of CloudFormation templates has been added to the SDK. + +### AmazonCloudWatch +* **New:** Support for the South American (São Paulo) region has been added to the SDK. +* **New:** Plain english aliases have been added to the SDK: `REGION_VIRGINA`, `REGION_CALIFORNIA`, `REGION_OREGON`, `REGION_IRELAND`, `REGION_SINGAPORE`, `REGION_TOKYO`, `REGION_SAO_PAULO` + +### AmazonEC2 +* **New:** Support for the South American (São Paulo) region has been added to the SDK. +* **New:** Plain english aliases have been added to the SDK: `REGION_VIRGINA`, `REGION_CALIFORNIA`, `REGION_OREGON`, `REGION_IRELAND`, `REGION_SINGAPORE`, `REGION_TOKYO`, `REGION_SAO_PAULO` +* **New:** Support for 24x7 Reserved Instances has been added to the SDK. For more information, please see [New Amazon EC2 Reserved Instance Options Now Available](https://aws.amazon.com/about-aws/whats-new/2011/12/01/New-Amazon-EC2-Reserved-Instances-Options-Now-Available/). +* **New:** Support for VPC Spot Instances has been added to the SDK. For more information, please see [Announcing Amazon EC2 Spot Integration with Amazon VPC](https://aws.amazon.com/about-aws/whats-new/2011/10/11/announcing-amazon-ec2-spot-integration-with-amazon-vpc/). +* **New:** Support for VPC Everywhere has been added to the SDK. For more information, please see [Amazon VPC Generally Available in Multiple AZs in All Regions](https://aws.amazon.com/about-aws/whats-new/2011/08/03/Announcing-VPC-GA/). +* **New:** Instance Type-related constants have been added to the SDK: `INSTANCE_MICRO`, `INSTANCE_SMALL`, `INSTANCE_LARGE`, `INSTANCE_XLARGE`, `INSTANCE_HIGH_MEM_XLARGE`, `INSTANCE_HIGH_MEM_2XLARGE`, `INSTANCE_HIGH_MEM_4XLARGE`, `INSTANCE_HIGH_CPU_MEDIUM`, `INSTANCE_HIGH_CPU_XLARGE`, `INSTANCE_CLUSTER_4XLARGE`, `INSTANCE_CLUSTER_8XLARGE`, `INSTANCE_CLUSTER_GPU_XLARGE`. + +### AmazonElastiCache +* **New:** Support for US-West 1 (California), EU-West (Ireland), Asia Pacific Southeast (Singapore), and Asia Pacific Northeast (Tokyo) regions has been added to the SDK. For more information, please see [Amazon ElastiCache is now available in four additional AWS Regions and as a CloudFormation template](https://aws.amazon.com/about-aws/whats-new/2011/12/05/amazon-elasticache-new-regions/). +* **New:** Plain english aliases have been added to the SDK: `REGION_VIRGINA`, `REGION_CALIFORNIA`, `REGION_IRELAND`, `REGION_SINGAPORE`, `REGION_TOKYO` + +### AmazonElasticBeanstalk +* **New:** Plain english aliases have been added to the SDK: `REGION_VIRGINA` + +### AmazonELB +* **New:** Support for the South American (São Paulo) region has been added to the SDK. +* **New:** Plain english aliases have been added to the SDK: `REGION_VIRGINA`, `REGION_CALIFORNIA`, `REGION_OREGON`, `REGION_IRELAND`, `REGION_SINGAPORE`, `REGION_TOKYO`, `REGION_SAO_PAULO` +* **New:** Support for ELBs running in VPC has been added to the SDK. For more information, please see [Announcing Elastic Load Balancing in Amazon VPC](https://aws.amazon.com/about-aws/whats-new/2011/11/21/announcing-elastic-load-balancing-in-amazon-vpc/). + +### AmazonEMR +* **New:** Support for the South American (São Paulo) region has been added to the SDK. +* **New:** Plain english aliases have been added to the SDK: `REGION_VIRGINA`, `REGION_CALIFORNIA`, `REGION_OREGON`, `REGION_IRELAND`, `REGION_SINGAPORE`, `REGION_TOKYO`, `REGION_SAO_PAULO` +* **New:** Support for EMR AMI Versioning, new Hadoop and Pig versions, and EMR running in VPC has been added to the SDK. For more information, please see [Amazon Elastic MapReduce Announces Support for New Hadoop and Pig Versions, AMI Versioning, and Amazon VPC](https://aws.amazon.com/about-aws/whats-new/2011/12/11/amazon-elastic-mapreduce-ami-versioning-vpc/). + +### AmazonIAM +* **New:** Plain english aliases have been added to the SDK: `REGION_VIRGINA` + +### AmazonImportExport +* **New:** Plain english aliases have been added to the SDK: `REGION_VIRGINA` + +### AmazonRDS +* **New:** Support for the South American (São Paulo) region has been added to the SDK. +* **New:** Plain english aliases have been added to the SDK: `REGION_VIRGINA`, `REGION_CALIFORNIA`, `REGION_OREGON`, `REGION_IRELAND`, `REGION_SINGAPORE`, `REGION_TOKYO`, `REGION_SAO_PAULO` + +### AmazonS3 +* **New:** Support for the South American (São Paulo) region has been added to the SDK. +* **New:** Plain english aliases have been added to the SDK: `REGION_VIRGINA`, `REGION_CALIFORNIA`, `REGION_OREGON`, `REGION_IRELAND`, `REGION_SINGAPORE`, `REGION_TOKYO`, `REGION_SAO_PAULO` +* **New:** Support for an S3 Stream Wrapper has been added to the SDK. This enables users to read/write to Amazon S3 as though it were the local file system. +**Fixed:** The `get_object()` method no longer attempts to parse XML/JSON content. +**Fixed:** Simplified S3 region logic. Now uses fully-qualified domain names across the board. + +### AmazonSES +* **New:** Plain english aliases have been added to the SDK: `REGION_VIRGINA` + +### AmazonSDB +* **New:** Support for the South American (São Paulo) region has been added to the SDK. +* **New:** Plain english aliases have been added to the SDK: `REGION_VIRGINA`, `REGION_CALIFORNIA`, `REGION_OREGON`, `REGION_IRELAND`, `REGION_SINGAPORE`, `REGION_TOKYO`, `REGION_SAO_PAULO` + +### AmazonSNS +* **New:** Support for the South American (São Paulo) region has been added to the SDK. +* **New:** Plain english aliases have been added to the SDK: `REGION_VIRGINA`, `REGION_CALIFORNIA`, `REGION_OREGON`, `REGION_IRELAND`, `REGION_SINGAPORE`, `REGION_TOKYO`, `REGION_SAO_PAULO` + +### AmazonSQS +* **New:** Support for the South American (São Paulo) region has been added to the SDK. +* **New:** Plain english aliases have been added to the SDK: `REGION_VIRGINA`, `REGION_CALIFORNIA`, `REGION_OREGON`, `REGION_IRELAND`, `REGION_SINGAPORE`, `REGION_TOKYO`, `REGION_SAO_PAULO` + +### AmazonSTS +* **New:** Plain english aliases have been added to the SDK: `REGION_VIRGINA` + + +---- + +# Changelog: 1.4.8 "Zanarkand" + + +Launched Wednesday, December 7, 2011 + +## Services +### AmazonCloudFront +* **Fixed:** Merged in a pull request contributed by Ben Lumley: + +### AmazonEC2 +* **Fixed:** Resolved an issue where `set_region()` was not setting the correct endpoint for the region. + +### AmazonS3 +* **New:** Support for S3-side multi-object delete has been added to the SDK as the `delete_objects()` method. The implementations of `delete_all_objects()` and `delete_all_object_versions()` have been updated to use this new functionality. +* **Changed:** XML and JSON responses from `get_object()` are no longer parsed. The raw XML and JSON string content is now returned. + + +---- + +# Changelog: 1.4.7 "Yuna" + + +Launched Wednesday, November 9, 2011 + +## Service Classes +### AmazonAS +* **New:** Support for the US-West 2 (Oregon) region has been added to the SDK. + +### AmazonCloudFormation +* **New:** Support for the US-West 2 (Oregon) region has been added to the SDK. + +### AmazonCloudWatch +* **New:** Support for the US-West 2 (Oregon) region has been added to the SDK. +* **New:** Support for the US GovCloud region has been added to the SDK. + +### AmazonEC2 +* **New:** Support for the US-West 2 (Oregon) region has been added to the SDK. +* **New:** Support for the US GovCloud region has been added to the SDK. + +### AmazonELB +* **New:** Support for the US-West 2 (Oregon) region has been added to the SDK. + +### AmazonEMR +* **New:** Support for the US-West 2 (Oregon) region has been added to the SDK. + +### AmazonIAM +* **New:** Support for the US GovCloud region has been added to the SDK. + +### AmazonRDS +* **New:** Support for the US-West 2 (Oregon) region has been added to the SDK. + +### AmazonS3 +* **New:** Support for the US-West 2 (Oregon) region has been added to the SDK. +* **Fixed:** Resolved an issue where certain bits of metadata were not maintained during a copy operation. +* **Fixed:** Resolved an issue where an unsuccessful lookup of an existing content-type would throw a warning. +* **Fixed:** Resolved an issue where an exception would be thrown when a filesize lookup was attempted on an object that didn't exist. + +### AmazonSDB +* **New:** Support for the US-West 2 (Oregon) region has been added to the SDK. + +### AmazonSNS +* **New:** Support for the US-West 2 (Oregon) region has been added to the SDK. + +### AmazonSQS +* **New:** Support for the US-West 2 (Oregon) region has been added to the SDK. + + +---- + +# Changelog: 1.4.6 "Xezat" + + +Launched Thursday, November 3, 2011 + +## Service Classes +### AmazonIAM +* **New:** Support for a virtual MFA device. A virtual MFA device uses a software application that can generate six-digit authentication codes that are Open AuTHentication Time-based One-Time Password (OATHTOTP)-compatible. The software application can run on any mobile hardware device, including a smartphone. + + +---- + +# Changelog: 1.4.5 "Weiss" + + +Launched Friday, October 21, 2011 + +## Service Classes +### AmazonSQS +* **New:** Support for delayed queues and batch operations has been added to the SDK. + + +---- + +# Changelog: 1.4.4 "Vaan" + + +Launched Tuesday, October 12, 2011 + +## Runtime +* **Fixed:** Resolved an issue where a segmentation fault is triggererd when there are multiple autoloaders in the stack and one of them doesn't return a value. + +## Service Classes +### AmazonS3 +* **New:** Support for server-side encryption has been added to the SDK. + + +---- + +# Changelog: 1.4.3 "Ultros" + + +Launched Friday, September 30, 2011 + +## Service Classes +### AmazonCloudFormation +* **New:** Support for new features in CloudFormation have been added to the SDK. + +### AmazonS3 +* **Fixed:** Setting the default cache configuration no longer causes authentication errors in `AmazonS3`. + + +---- + +# Changelog: 1.4.2.1 "Tiamat, Part II" + + +Launched Wednesday, September 7, 2011 + +## Utility Classes +### RequestCore +* **Fixed:** RequestCore has updated the `cacert.pem` file from Mozilla. This update revokes trust from the DigiNotar and Staat der Nederlanden root certificates. + + +---- + +# Changelog: 1.4.2 "Tiamat" + + +Launched Thursday, September 1, 2011 + +## Service Classes +### AmazonEC2 +* **Fixed:** Requests made to Amazon EC2 now use the correct API version (2011-07-15). + +### AmazonELB +* **New:** A pre-defined set of ciphers may now be used for SSL termination at the Elastic Load Balancer. +* **New:** Application servers can now accept secure communication from the corresponding Elastic Load Balancer. +* **New:** In cases where HTTPS is required for all traffic entering the back-end server, Elastic Load Balancing can now perform health checks using HTTPS. +* **New:** White list of public keys can now be associated with back-end servers. Elastic Load Balancing authenticates back-end servers with the public keys in the white list and communicates only with back-end servers that pass this authentication check. + +## Utility Classes +### RequestCore +* **Fixed:** RequestCore has updated the `cacert.pem` file from Mozilla. This update revokes trust from the DigiNotar root certificate. + + +---- + +# Changelog: 1.4.1 "Sephiroth" + + +Launched Tuesday, August 23, 2011 + +## Service Classes +### AmazonElastiCache +* **New:** Support for Amazon ElastiCache has been added to the SDK. + +### AmazonEMR +* **New:** Support for Hadoop Bootstrap Actions has been added to the SDK. +* **New:** Support for Amazon Elastic MapReduce on Spot Instances has been added to the SDK. +* **New:** Support for Termination Protection has been added to the SDK. +* **Changed:** For the add_instance_groups() method, the $instance_groups and $job_flow_id parameters have been reversed. + +## Utility Classes +### CFHadoopBootstrap +* **New:** The `CFHadoopBootstrap` class has been added to the SDK. Simplifies the process of working with Hadoop system and daemon configurations in Amazon EMR. +* **New:** This class extends from the `CFHadoopBase` class. + + +---- + +# Changelog: 1.4 "Rikku" + + +Launched Wednesday, August 3, 2011 + +## Bug fixes and enhancements + +## Service Classes +### AmazonEC2 +* **New:** Support for Session-Based Authentication (SBA) leveraging Amazon Secure Token Service (STS) has been added to the SDK. + +### AmazonS3 +* **New:** Support for Session-Based Authentication (SBA) leveraging Amazon Secure Token Service (STS) has been added to the SDK. + +### AmazonSNS +* **New:** Support for Session-Based Authentication (SBA) leveraging Amazon Secure Token Service (STS) has been added to the SDK. + +### AmazonSQS +* **New:** Support for Session-Based Authentication (SBA) leveraging Amazon Secure Token Service (STS) has been added to the SDK. + +### AmazonSTS +* **New:** Support for the Amazon Secure Token Service (STS) has been added to the SDK. + +## Utility Classes +### CFRuntime +* **New:** The following anonymous datapoints are now collected in aggregate so that we can make more informed decisions about future SDK features: `memory_limit`, `date.timezone`, `open_basedir`, `safe_mode`, `zend.enable_gc`. + +## Compatibility Test +* **New:** Support for verifying the installed SSL certificate has been added to the compatibility test. +* **New:** Support for verifying the status of `open_basedir` and `safe_mode` has been added to the compatibility test. +* **New:** Support for verifying the status of the PHP 5.3 garbage collector has been added to the compatibility test. +* **New:** The compatibility test now recommends optimal values for the `AWS_CERTIFICATE_AUTHORITY` and `AWS_DEFAULT_CACHE_CONFIG` configuration options based on the system's configuration. + + +---- + +# Changelog: 1.3.7 "Quistis" + + +Launched Monday, July 25, 2011 + +## Bug fixes and enhancements +* Addressed minor bug fixes reported via the feedback form in the API Reference. + +## Service Classes +### AmazonAS +* **Changed:** Introduced backwards-incompatible changes to the put_scheduled_update_group_action() method. + + +---- + +# Changelog: 1.3.6 "Penelo" + + +Launched Tuesday, July 12, 2011 + +## Bug fixes and enhancements +* [[Bug Report] rawurlencode error when using SES and curlopts](https://forums.aws.amazon.com/thread.jspa?threadID=68484) + +## Service Classes +### AmazonCloudFormation +* **New:** Support for the `list_stacks()` method has been added to the SDK. + +### AmazonElasticBeanstalk +* **New:** Support for the `swap_environment_cnames()` method has been added to the SDK. + +### AmazonS3 +* **Fixed:** Additional information about maximum open connections has been added to the `create_mpu_object()` method. + +## Compatibility Test +* **New:** Now tests whether the system is 64- or 32-bit. + + +---- + +# Changelog: 1.3.5 "Occuria" + + +Launched Tuesday, June 21, 2011 + +## Service Classes +### AmazonS3 +* **New:** Support for S3 copy part has been added to the SDK. + + +---- + +# Changelog: 1.3.4 "Nero" + + +Launched Tuesday, June 7, 2011 + +## Bug fixes and enhancements +* [Bug in PHP SDK](https://forums.aws.amazon.com/thread.jspa?threadID=67502) +* [cURL error: SSL certificate problem (60) with aws-sdk-for-php 1.3.3](https://forums.aws.amazon.com/thread.jspa?threadID=68349) + + +## Service Classes +### AmazonEC2 +* **New:** Support for Local Availability Zone Pricing has been added to the SDK. + +### AmazonELB +* **New:** Elastic Load Balancing provides a special Amazon EC2 security group that you can use to ensure that a back-end Amazon EC2 instance receives traffic only from its load balancer. + +### AmazonRDS +* **New:** Support for Oracle databases has been added to the SDK. + + +## Utility Classes +### CFArray +* **New:** Added the init() method which simplifies the process of instantiating and chaining a class. +* **New:** Added support for associative arrays to `each()`, `map()` and `filter()`. + +### CFRequest +* **New:** Now supports the `AWS_CERTIFICATE_AUTHORITY` configuration option. + + +---- + +# Changelog: 1.3.3 "Moogle" + + +Launched Tuesday, May 10, 2011 + +## Bug fixes and enhancements +* [Bug in AmazonCloudFront::get_private_object_url](https://forums.aws.amazon.com/thread.jspa?threadID=64004) +* [SDK 1.3.2 - Call to undefined function json_last_error()](https://forums.aws.amazon.com/thread.jspa?threadID=64767) +* [CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir](https://forums.aws.amazon.com/thread.jspa?threadID=61333) + + +## Service Classes +### AmazonCloudFront +* **Fixed:** Resolved an issue where the expires value for `get_private_object_url()` only accepted a string instead of a string or integer. + +### AmazonCloudWatch +* **New:** Support for CloudWatch custom user metrics has been added to the SDK. + + +## Extensions +### S3BrowserUpload +* **New:** Added the `S3BrowserUpload` class to the SDK. This class assists in generating the correct HTML/XHTML markup for uploading files to S3 via an HTML element. + + +## Utility Classes +### CFArray +* **New:** Added the `init()` method which simplifies the process of instantiating and chaining a class. + +### CFHadoopBase +* **New:** The `CFHadoopBase` class has been extracted out of `CFHadoopStep` as a shared library. + +### CFHadoopStep +* **New:** The `CFHadoopBase` class has been extracted out of `CFHadoopStep` as a shared library. +* **New:** This class now extends from the `CFHadoopBase` class. + +### CFJSON +* **Fixed:** Resolved an issue where a PHP 5.3-specific function was being used. + +### CFPolicy +* **New:** Added the init() method which simplifies the process of instantiating and chaining a class. + +### CFSimpleXML +* **New:** Added the init() method which simplifies the process of instantiating and chaining a class. + +### RequestCore +* **Fixed:** Improvements to running in PHP environments with open_basedir enabled. +* **Fixed:** RequestCore now uses an up-to-date `cacert.pem` file from Mozilla instead of the Certificate Authority that libcurl or libopenssl was compiled with, which should resolve certain issues with making SSL connections to AWS services. + + +---- + +# Changelog: 1.3.2 "Luna" + + +Launched Tuesday, April 5, 2011 + +## New Features & Highlights (Summary) +* Support for Dedicated Instances within a Virtual Private Cloud on single-tenant hardware has been added to the SDK. +* Bug fixes and enhancements: + * [AmazonCloudWatch get_metric_statistics returns gzipped body](https://forums.aws.amazon.com/thread.jspa?threadID=62625) + + +## Service Classes +### AmazonCloudWatch +* **Fixed:** Worked around an issue where when CloudWatch sends back `Content-Encoding: gzip`, it really means `deflate`. When CloudWatch sends back `Content-Encoding: deflate`, it really means the data isn't encoded at all. + +### AmazonEC2 +* **New:** Support for Dedicated Instances within a Virtual Private Cloud on single-tenant hardware has been added to the SDK. + + +---- + +# Changelog: 1.3.1 "Kraken" + + +Launched Friday, March 25, 2011 + +## New Features & Highlights (Summary) +* Fixed issues with Signature v3 authentication (SES). +* Added gzip decoding. +* Added support for converting data to more alternate formats. +* Bug fixes and enhancements: + * [Cannot send email](https://forums.aws.amazon.com/thread.jspa?threadID=62833) + * [AmazonCloudWatch get_metric_statistics returns gzipped body](https://forums.aws.amazon.com/thread.jspa?threadID=62625) + + +## Utility Classes +### CFArray +* **New:** The `to_json()` and `to_yaml()` methoda have been added to the class. + +### CFGzipDecode +* **New:** Handles a variety of primary and edge cases around gzip/deflate decoding in PHP. + +### CFRuntime +* **New:** Gzip decoding has been added to the SDK. +* **Fixed:** The previous release contained a regression in the Signature v3 support that affected AmazonSES. This has been resolved. +* **Fixed:** Completed support for Signature v3 over HTTP connections. + +### CFSimpleXML +* **New:** The `to_stdClass()` and `to_yaml()` methoda have been added to the class. + + +---- + +# Changelog: 1.3 "Jecht" + + +Launched Tuesday, March 15, 2011 + +## New Features & Highlights (Summary) +* Support for VPC Internet Access has been added to the SDK. +* Bug fixes and enhancements: + * [AmazonEC2::register_image issue](https://forums.aws.amazon.com/thread.jspa?threadID=52499) + * [Automatic Parseing of XML objects](https://forums.aws.amazon.com/thread.jspa?threadID=61882) + +## Service Classes +### AmazonEC2 +* **New:** Support for VPC Internet Access has been added to the SDK. +* **Fixed:** The `$image_location` parameter in the `register_image()` method is no longer required. This is a backwards-incompatible change. + +### AmazonS3 +* **Fixed:** Resolved an issue in `get_object()` where using the `lastmodified` and `etag` parameters required both to be set before taking effect. They can now be set independently from each other. + + +## Utility classes +### CFArray +* **Changed:** The `reduce()` method has been renamed to `filter()`. `reduce()` is now simply an alias for `filter()`. + +### CFJSON +* **New:** Simplifies the task of normalizing XML and JSON responses as `CFSimpleXML` objects. + +### CFRuntime +* **New:** Preliminary support for Signature v3 over HTTP has been added to the SDK. This is useful for debugging Signature v3 issues over non-HTTPS connections. +* **Changed:** Classes that use the shared authentication method (i.e., NOT `AmazonS3` or `AmazonCloudFront`) will automatically convert JSON service responses into a `CFSimpleXML` object. +* **Changed:** Formerly, the SDK would attempt to sniff the content to determine the type. Now, the SDK will check the HTTP response headers for `text/xml`, `application/xml` or `application/json` to determine whether or not to parse the content. If the HTTP response headers are not available, the SDK will still attempt content sniffing. + +### CFSimpleXML +* **New:** The `to_json()` method has been added to the class. + +### CFUtilities +* **New:** The `is_json()` method has been added to the class. + + +---- + +# Changelog: 1.2.6 "Ifrit" + + +Launched Wednesday, March 2, 2011 + +## New Features & Highlights (Summary) +* **New:** Support for the new Asia Pacific "Northeast" (Japan) endpoint has been added for all relevant services. +* **New:** Support for registering callback functions for read/write streams has been added to the SDK. Includes a runnable sample. +* **Fixed:** Improvements to avoid triggering warnings when PHP is in Safe Mode. + + +## Service Classes +### AmazonAS +* **New:** Added a new _class_ constant: `REGION_APAC_NE1`. + +### AmazonCloudFormation +* **New:** Added a new _class_ constant: `REGION_APAC_NE1`. + +### AmazonCloudWatch +* **New:** Added a new _class_ constant: `REGION_APAC_NE1`. + +### AmazonEC2 +* **New:** Added a new _class_ constant: `REGION_APAC_NE1`. + +### AmazonELB +* **New:** Added a new _class_ constant: `REGION_APAC_NE1`. + +### AmazonRDS +* **New:** Added a new _class_ constant: `REGION_APAC_NE1`. + +### AmazonS3 +* **New:** Added a new _class_ constant: `REGION_APAC_NE1`. +* **New:** Added support for `ap-northeast-1` as a location constraint when creating a new bucket. + +### AmazonSDB +* **New:** Added a new _class_ constant: `REGION_APAC_NE1`. + +### AmazonSNS +* **New:** Added a new _class_ constant: `REGION_APAC_NE1`. + +### AmazonSQS +* **New:** Added a new _class_ constant: `REGION_APAC_NE1`. + +## Utility classes +### CFRuntime +* **New:** Support for registering callback functions for read/write streams has been added to the SDK. +* **New:** Future-proofed for future regional endpoints. + +### RequestCore +* **New:** Support for registering callback functions for read/write streams has been added to the SDK. +* **Fixed:** Improvements to avoid triggering warnings when PHP is in Safe Mode. + +## Samples +* **New:** A sample demonstrating how to add a command-line progress bar for S3 transfers has been added to the SDK. + + +---- + +# Changelog: 1.2.5 "Heidegger" + + +Launched Thursday, February 24, 2011 + +## New Features & Highlights (Summary) +* Support for AWS CloudFormation has been added to the SDK. +* Bug fixes and enhancements: + * [PHP API change_content_type() broken](https://forums.aws.amazon.com/thread.jspa?threadID=59532) + * [Bug setting OriginAccessIdentity for a Cloudfront distribution config](https://forums.aws.amazon.com/thread.jspa?threadID=60989) + +## Service Classes +### AmazonCloudFormation +* **New:** Support for AWS CloudFormation has been added to the SDK. + +### AmazonCloudFront +* **Fixed:** Issues around `update_xml_config()` have been resolved. + +### AmazonS3 +* **Fixed:** Issues around `change_content_type()` have been resolved. + + +---- + +# Changelog: 1.2.4 "Goltanna" + + +Launched Wednesday, February 16, 2011 + +## New Features & Highlights (Summary) +* Support for IAM account aliases and server certificates has been added to the SDK. +* Support for Amazon S3 Website Configuration has been added to the SDK. +* Documentation updates for Amazon RDS and AWS Import/Export. +* Updated all documentation blocks to adhere to the PHPDoc format. This enables a greater number of tools to take advantage of the SDK documentation. +* Rolled out a major update to the SDK API Reference. + +## Service Classes +### AmazonIAM +* **New:** Support for IAM account aliases and server certificates has been added to the SDK. + +### AmazonImportExport +* **New:** Documentation has been updated to note the new US West region support. + +### AmazonRDS +* **New:** Documentation has been updated to note the new support for MySQL 5.5. + +### AmazonS3 +* **New:** Support for Amazon S3 Website Configuration has been added to the SDK. + + +---- + +# Changelog: 1.2.3 "Fayth" + + +Launched Tuesday, January 25, 2010 + +## New Features & Highlights (Summary) +* Support for Amazon Simple Email Service has been added to the SDK. + +## Service Classes +### AmazonSES +* **New:** Support for Amazon Simple Email Service has been added to the SDK. + + +---- + +# Changelog: 1.2.2 "Esper" + + +Launched Tuesday, January 18, 2011 + +## New Features & Highlights (Summary) +* Support for Amazon Elastic Beanstalk has been added to the SDK. +* Bug fixes and enhancements: + * [AWS PHP S3 Library is not working out of the box](https://forums.aws.amazon.com/thread.jspa?threadID=55174) + * [Problem with create_mpu_object() and streaming_read_callback() in S3](https://forums.aws.amazon.com/thread.jspa?threadID=54541) + * [Integrated Uranium235's GitHub contributions](https://github.com/Uranium235/aws-sdk-for-php/compare/Streaming) + +## Service Classes +### AmazonElasticBeanstalk +* **New:** Support for AWS Elastic Beanstalk has been added to the SDK. + +### AmazonS3 +* **Fixed:** Major improvements to transferring data over streams. + +## Utility classes +###RequestCore +* **New:** Upgraded to version 1.4. +* **Fixed:** Major improvements to transferring data over streams. + + +---- + +# Changelog: 1.2.1 "Dio" + + +Launched Friday, January 14, 2011 + + +## New Features & Highlights (Summary) +* Support for S3 Response Headers has been added to the SDK. +* Bug fixes and enhancements: + * [copy_object failed between regions](https://forums.aws.amazon.com/thread.jspa?threadID=56893) + * [Possible S3 bug with multiple buckets?](https://forums.aws.amazon.com/thread.jspa?threadID=56561) + +## Service Classes +### AmazonS3 +* **New:** Support for S3 Response Headers has been added to the SDK. +* **New:** Documentation for Amazon S3 has been updated to include large object support details. +* **New:** The `abort_multipart_uploads_by_date()` method has been added to the SDK, which aborts multipart uploads that were initiated before a specific date. +* **Fixed:** Resolved an issue where the resource prefix wasn't being reset correctly. + +## Utility classes +### CFArray +* **New:** Instantiating the class without passing an array will use an empty array instead. +* **New:** Added the `compress()` method which removes null values from the array. +* **New:** Added the `reindex()` method which reindexes all array elements starting at zero. + +## Compatibility Test +* **New:** The command-line compatibility test now color-codes the responses. + + +---- + +# Changelog: 1.2 "Cloud" + + +Launched Friday, December 3, 2010 + + +## New Features & Highlights (Summary) +* Support for Amazon AutoScaling, Amazon Elastic MapReduce, and Amazon Import/Export Service has been added to the SDK. +* Support for metric alarms has been added to Amazon CloudWatch. +* Support for batch deletion has been added to Amazon SimpleDB. +* Bug fixes and enhancements: + * [EU Region DNS problem](https://forums.aws.amazon.com/thread.jspa?threadID=53028) + * [[SimpleDB] Conditional PUT](https://forums.aws.amazon.com/thread.jspa?threadID=55884) + * [Suggestions for the PHP SDK](https://forums.aws.amazon.com/thread.jspa?threadID=55210) + * [Updating a distribution config](https://forums.aws.amazon.com/thread.jspa?threadID=54888) + * [Problem with curlopt parameter in S3](https://forums.aws.amazon.com/thread.jspa?threadID=54532) + * [AmazonS3::get_object_list() doesn't consider max-keys option](https://forums.aws.amazon.com/thread.jspa?threadID=55169) + +## Base/Runtime class +* **New:** Added support for an alternate approach to instantiating classes which allows for method chaining (PHP 5.3+). +* **Changed:** Moved `CHANGELOG.md`, `CONTRIBUTORS.md`, `LICENSE.md` and `NOTICE.md` into a new `_docs` folder. +* **Changed:** Renamed the `samples` directory to `_samples`. +* **Changed:** Changed the permissions for the SDK files from `0755` to `0644`. +* **Fixed:** Resolved an issue where attempting to merge cURL options would fail. + +## Service Classes +### AmazonAS +* **New:** Support for the Amazon AutoScaling Service has been added to the SDK. + +### AmazonCloudFront +* **Fixed:** Resolved an issue where the incorrect formatting of an XML element prevented the ability to update the list of trusted signers. + +### AmazonCloudWatch +* **New:** Support for the Amazon CloudWatch `2010-08-01` service release expands Amazon's cloud monitoring offerings with custom alarms. +* **Changed:** The changes made to the `get_metric_statistics()` method are backwards-incompatible with the previous release. The `Namespace` and `Period` parameters are now required and the parameter order has changed. + +### AmazonEMR +* **New:** Support for the Amazon Elastic MapReduce Service has been added to the SDK. + +### AmazonImportExport +* **New:** Support for the Amazon Import/Export Service has been added to the SDK. + +### AmazonS3 +* **Fixed:** Resolved an issue in the `create_bucket()` method that caused the regional endpoint to be reset to US-Standard. +* **Fixed:** Resolved an issue in the `get_object_list()` method where the `max-keys` parameter was ignored. + +### AmazonSDB +* **New:** Support for `BatchDeleteAttributes` has been added to the SDK. +* **Fixed:** Resolved an issue where the `Expected` condition was not respected by `put_attributes()` or `delete_attributes()`. + + +## Utility classes +### CFComplexType +* **New:** You can now assign a `member` parameter to prefix all list identifiers. +* **Changed:** The `option_group()` method is now `public` instead of `private`. +* **Changed:** Rewrote the `to_query_string()` method to avoid the use of PHP's `http_build_query()` function because it uses `urlencode()` internally instead of `rawurlencode()`. + +### CFHadoopStep +* **New:** Simplifies the process of working with Hadoop steps in Amazon EMR. + +### CFManifest +* **New:** Simplifies the process of constructing YAML manifest documents for Amazon Import/Export Service. + +### CFStepConfig +* **New:** Simplifies the process of working with step configuration in Amazon EMR. + + +## Third-party Libraries +### CacheCore +* **Changed:** The `generate_timestamp()` method is now `protected` instead of `private`. + + +---- + +# Changelog: 1.1 "Barret" + + +Launched Wednesday, November 10, 2010 + + +## New Features & Highlights (Summary) +* Support for Amazon ELB, Amazon RDS and Amazon VPC has been added to the SDK. +* Support for the Amazon S3 multipart upload feature has been added to the SDK. This feature enables developers upload large objects in a series of requests for improved upload reliability. +* Support for the Amazon CloudFront custom origin (2010-11-01 release) feature has been added to the SDK. This feature enables developers to use custom domains as sources for Amazon CloudFront distributions. +* The `AmazonS3` class now supports reading from and writing to open file resources in addition to the already-supported file system paths. +* You can now seek to a specific byte-position within a file or file resource and begin streaming from that point when uploading or downloading objects. +* The methods `get_bucket_filesize()`, `get_object_list()`, `delete_all_objects()` and `delete_all_object_versions()` are no longer limited to 1000 entries and will work correctly for all entries. +* Requests that have errors at the cURL level now throw exceptions containing the error message and error code returned by cURL. +* Bug fixes and enhancements: + * [Bug in Samples](http://developer.amazonwebservices.com/connect/thread.jspa?threadID=52748) + * [EU Region DNS problem](http://developer.amazonwebservices.com/connect/thread.jspa?threadID=53028) + * [AmazonS3 get_bucket_object_count](http://developer.amazonwebservices.com/connect/thread.jspa?threadID=52976) + * [S3: get_object_list() fatal error](http://developer.amazonwebservices.com/connect/thread.jspa?threadID=53418) + * [S3 get_object_metadata() problems](http://developer.amazonwebservices.com/connect/thread.jspa?threadID=54244) + * [Bug in authenticate in sdk.class.php](http://developer.amazonwebservices.com/connect/thread.jspa?threadID=53117) + * [How to use Prefix with "get_object_list"?](http://developer.amazonwebservices.com/connect/thread.jspa?threadID=52987) + * [SignatureDoesNotMatch with utf-8 in SimpleDB](http://developer.amazonwebservices.com/connect/thread.jspa?threadID=52798) + * [Suggestion for the PHP SDK concerning streaming](http://developer.amazonwebservices.com/connect/thread.jspa?threadID=52787) + * [get_bucket_filesize only returns filesize for first 1000 objects](http://developer.amazonwebservices.com/connect/thread.jspa?threadID=53786) + + +## Base/Runtime class +* **Changed:** Port numbers other than 80 and 443 are now part of the signature. +* **Changed:** When putting UTF-8 characters via HTTP `POST`, a `SignatureDoesNotMatch` error would be returned. This was resolved by specifying the character set in the `Content-Type` header. + + +## Service Classes +### AmazonCloudFront +* **New:** Support for the Amazon CloudFront non-S3 origin feature (2010-11-01 release) has been added to the SDK. This feature enables developers to use non-S3 domains as sources for Amazon CloudFront distributions. + +### AmazonEC2 +* **New:** Support for Amazon Virtual Private Cloud has been added to the SDK. + +### AmazonELB +* **New:** Support for Amazon Elastic Load Balancing Service has been added to the SDK. + +### AmazonIAM +* **Fixed:** Removed `set_region()` as IAM only supports a single endpoint. + +### AmazonRDS +* **New:** Support for Amazon Relational Database Service has been added to the SDK. + +### AmazonS3 +* **New:** Support for the Amazon S3 multipart upload feature has been added to the SDK. This feature enables developers upload large objects in a series of requests for improved upload reliability. +* **New:** The `fileUpload` and `fileDownload` options now support reading from and writing to open file resources in addition to the already-supported file system paths. +* **Fixed:** In Amazon S3, requests directly to the eu-west endpoint must use the path-style URI. The set_region() method now takes this into account. +* **Fixed:** As of version 1.0.1, CFSimpleXML extends SimpleXMLIterator instead of SimpleXMLElement. This prevented the `__call()` magic method from firing when `get_object_list()` was used. +* **Fixed:** The `preauth` option for the `get_object_list()` method has been removed from the documentation as it is not supported. +* **Fixed:** The methods `get_bucket_filesize()`, `get_object_list()`, `delete_all_objects()` and `delete_all_object_versions()` are no longer limited to 1000 entries and will work correctly for all entries. +* **Fixed:** Using `delete_bucket()` to force-delete a bucket now works correctly for buckets with more than 1000 versions. +* **Fixed:** The response from the `get_object_metadata()` method now includes all supported HTTP headers, including metadata stored in `x-amz-meta-` headers. +* **Fixed:** Previously, if the `get_object_metadata()` method was called on a non-existant object, metadata for the alphabetically-next object would be returned. + +### AmazonSQS +* **New:** The `get_queue_arn()` method has been added to the `AmazonSQS` class, which converts a queue URI to a queue ARN. + + +## Utility classes +### CFSimpleXML +* **New:** Added `to_string()` and `to_array()` methods. + + +## Third-party Libraries +### RequestCore +* **New:** Upgraded to version 1.3. +* **New:** Added `set_seek_position()` for seeking to a byte-position in a file or file resource before starting an upload. +* **New:** Added support for reading from and writing to open file resources. +* **Fixed:** Improved the reporting for cURL errors. + + +## Compatibility Test +* **Fixed:** Fixed the links to the Getting Started Guide. + + +---- + +# Changelog: 1.0.1 "Aeris" + + +Launched Tuesday, October 12, 2010 + + +## New Features & Highlights (Summary) +* Improved support for running XPath queries against the service response bodies. +* Added support for request retries and exponential backoff. +* Added support for HTTP request/response header logging. +* Bug fixes and enhancements: + * [Bug in Samples](http://developer.amazonwebservices.com/connect/thread.jspa?threadID=52748) + * [Can't set ACL on object using the SDK](http://developer.amazonwebservices.com/connect/thread.jspa?threadID=52305) + * [Range requests for S3 - status codes 200, 206](http://developer.amazonwebservices.com/connect/thread.jspa?threadID=52738) + * [S3 change_storage_redundancy() function clears public-read ACL](http://developer.amazonwebservices.com/connect/thread.jspa?threadID=52652) + + +## Base/Runtime class +* **New:** Added support for request retries and exponential backoff for all `500` and `503` HTTP status codes. +* **New:** Added the `enable_debug_mode()` method to enable HTTP request/response header logging to `STDERR`. + + +## Service Classes +### AmazonS3 +* **Fixed:** Lots of tweaks to the documentation. +* **Fixed:** The `change_content_type()`, `change_storage_redundancy()`, `set_object_acl()`, and `update_object()` methods now respect the existing content-type, storage redundancy, and ACL settings when updating. +* **New:** Added the `get_object_metadata()` method has been added as a singular interface for obtaining all available metadata for an object. + + +## Utility Classes +### CFArray +* **New:** Added the `each()` method which accepts a callback function to execute for each entry in the array. Works similarly to [jQuery's each()](http://api.jquery.com/each). +* **New:** Added the `map()` method which accepts a callback function to execute for each entry in the array. Works similarly to [jQuery's map()](http://api.jquery.com/map). +* **New:** Added the `reduce()` method which accepts a callback function to execute for each entry in the array. Works similarly to [DomCrawler reduce()](http://github.com/symfony/symfony/blob/master/src/Symfony/Component/DomCrawler/Crawler.php) from the [Symfony 2](http://symfony-reloaded.org) Preview Release. +* **New:** Added the `first()` and `last()` methods to return the first and last nodes in the array, respectively. + +### CFInfo +* **New:** Retrieves information about the current installation of the AWS SDK for PHP. + +### CFSimpleXML +* **New:** Added the `query()` method, which allows for XPath queries while the results are wrapped in a `CFArray` response. +* **New:** Added the `parent()` method, which allows for traversing back up the document tree. +* **New:** Added the `stringify()` method, which typecasts the value as a string. +* **New:** Added the `is()` and `contains()` methods, which allow for testing whether the XML value is or contains a given value, respectively. +* **Changed:** Now extends the `SimpleXMLIterator` class, which in-turn extends the `SimpleXMLElement` class. This adds new iterator methods to the `CFSimpleXML` class. + + +## Third-party Libraries +### CacheCore +* **New:** Upgraded to version 1.2. +* **New:** Added a static `init` method that allows for chainable cache initialization (5.3+). + +### RequestCore +* **New:** Added `206` as a successful status code (i.e., Range GET). + + +## Compatibility Test +* **Fixed:** Some of the links in the compatibility test were missing. These have been fixed. + + +---- + +# Changelog: AWS SDK for PHP 1.0 + +Launched Tuesday, September 28, 2010 + +This is a complete list of changes since we forked from the CloudFusion 2.5.x trunk build. + + +## New Features & Highlights (Summary) +* The new file to include is `sdk.class.php` rather than `cloudfusion.class.php`. +* Because of the increased reliance on [JSON](http://json.org) across AWS services, the minimum supported version is now PHP 5.2 ([Released in November 2006](http://www.php.net/ChangeLog-5.php#5.2.0); Justified by these [WordPress usage statistics](http://wpdevel.wordpress.com/2010/07/09/suggest-topics-for-the-july-15-2010-dev/comment-page-1/#comment-8542) and the fact that [PHP 5.2 has been end-of-life'd](http://www.php.net/archive/2010.php#id2010-07-22-1) in favor of 5.3). +* Up-to-date service support for [EC2](http://aws.amazon.com/ec2), [S3](http://aws.amazon.com/s3), [SQS](http://aws.amazon.com/sqs), [SimpleDB](http://aws.amazon.com/simpledb), [CloudWatch](http://aws.amazon.com/cloudwatch), and [CloudFront](http://aws.amazon.com/cloudfront). +* Added service support for [SNS](http://aws.amazon.com/sns). +* Limited testing for third-party API-compatible services such as [Eucalyptus](http://open.eucalyptus.com), [Walrus](http://open.eucalyptus.com) and [Google Storage](http://sandbox.google.com/storage). +* Improved the consistency of setting complex data types across services. (Required some backwards-incompatible changes.) +* Added new APIs and syntactic sugar for SimpleXML responses, batch requests and response caching. +* Moved away from _global_ constants in favor of _class_ constants. +* Minor, but notable improvements to the monkey patching support. +* Added a complete list of bug fix and patch contributors. Give credit where credit is due. ;) + +**Note: ALL backwards-incompatible changes are noted below. Please review the changes if you are upgrading.** We're making a small number of backwards-incompatible changes in order to improve the consistency across services. We're making these changes _now_ so that we can ensure that future versions will always be backwards-compatible with the next major version change. + + +## File structure +The package file structure has been refined in a few ways: + +* All service-specific classes are inside the `/services/` directory. +* All utility-specific classes are inside the `/utilities/` directory. +* All third-party classes are inside the `/lib/` directory. + + +## Base/Runtime class +* **Fixed:** Resolved issues: [#206](http://code.google.com/p/tarzan-aws/issues/detail?id=206). +* **New:** The following global constants have been added: `CFRUNTIME_NAME`, `CFRUNTIME_VERSION`, `CFRUNTIME_BUILD`, `CFRUNTIME_URL`, and `CFRUNTIME_USERAGENT` +* **New:** Now supports camelCase versions of the snake_case method names. (e.g. `getObjectList()` will get translated to `get_object_list()` behind the scenes.) +* **New:** Added `set_resource_prefix()` and `allow_hostname_override()` (in addition to `set_hostname()`) to support third-party, API-compatible services. +* **New:** Added new caching APIs: `cache()` and `delete_cache()`, which work differently from the methods they replace. See docs for more information. +* **New:** Added new batch request APIs, `batch()` and `CFBatchRequest` which are intended to replace the old `returnCurlHandle` optional parameter. +* **New:** Will look for the `config.inc.php` file first in the same directory (`./config.inc.php`), and then fallback to `~/.aws/sdk/config.inc.php`. +* **Changed:** Renamed the `CloudFusion` base class to `CFRuntime`. +* **Changed:** `CloudFusion_Exception` has been renamed as `CFRuntime_Exception`. +* **Changed:** Renamed the `CloudFusion::$enable_ssl` property to `CFRuntime::$use_ssl`. +* **Changed:** Renamed the `CloudFusion::$set_proxy` property to `CFRuntime::$proxy`. +* **Changed:** `CFRuntime::disable_ssl()` no longer takes any parameters. Once SSL is off, it is always off for that class instance. +* **Changed:** All date-related constants are now class constants of the `CFUtilities` class (e.g. `CFUtilities::DATE_FORMAT_ISO8601`). + * Use `CFUtilities::konst()` if you're extending classes and need to do something such as `$this->util::DATE_FORMAT_ISO8601` but keep getting the `T_PAAMAYIM_NEKUDOTAYIMM` error. +* **Changed:** All `x-cloudfusion-` and `x-tarzan-` HTTP headers are now `x-aws-`. +* **Changed:** `CloudFusion::autoloader()` is now in its own separate class: `CFLoader::autoloader()`. This prevents it from being incorrectly inherited by extending classes. +* **Changed:** `RequestCore`, `ResponseCore` and `SimpleXMLElement` are now extended by `CFRequest`, `CFResponse` and `CFSimpleXML`, respectively. These new classes are now used by default. +* **Changed:** Changes to monkey patching: + * You must now extend `CFRequest` instead of `RequestCore`, and then pass that class name to `set_request_class()`. + * You must now extend `CFResponse` instead of `ResponseCore`, and then pass that class name to `set_response_class()`. + * You can now monkey patch `CFSimpleXML` (extended from `SimpleXMLElement`) with `set_parser_class()`. + * You can now monkey patch `CFBatchRequest` with `set_batch_class()`. + * No changes for monkey patching `CFUtilities` with `set_utilities_class()`. +* **Removed:** Removed ALL existing _global_ constants and replaced them with _class_ constants. +* **Removed:** Removed `cache_response()` and `delete_cache_response()`. + + +## Service classes + +### AmazonCloudFront +* **Fixed:** Resolved issues: [#124](http://code.google.com/p/tarzan-aws/issues/detail?id=124), [#225](http://code.google.com/p/tarzan-aws/issues/detail?id=225), [#229](http://code.google.com/p/tarzan-aws/issues/detail?id=229), [#232](http://code.google.com/p/tarzan-aws/issues/detail?id=232), [#239](http://code.google.com/p/tarzan-aws/issues/detail?id=239). +* **Fixed:** Fixed an issue where `AmazonCloudFront` sent a `RequestCore` user agent in requests. +* **New:** Class is now up-to-date with the [2010-07-15](http://docs.amazonwebservices.com/AmazonCloudFront/2010-07-15/APIReference/) API release. +* **New:** Added _class_ constants for deployment states: `STATE_INPROGRESS` and `STATE_DEPLOYED`. +* **New:** Now supports streaming distributions. +* **New:** Now supports HTTPS (as well as HTTPS-only) access. +* **New:** Now supports Origin Access Identities. Added `create_oai()`, `list_oais()`, `get_oai()`, `delete_oai()`, `generate_oai_xml()` and `update_oai_xml()`. +* **New:** Now supports private (signed) URLs. Added `get_private_object_url()`. +* **New:** Now supports default root objects. +* **New:** Now supports invalidation. +* **New:** Added `get_distribution_list()`, `get_streaming_distribution_list()` and `get_oai_list()` which return simplified arrays of identifiers. +* **Changed:** Replaced all of the remaining `CDN_*` constants with _class_ constants. + +### AmazonCloudWatch +* **New:** Added new _class_ constants: `DEFAULT_URL`, `REGION_US_E1`, `REGION_US_W1`, `REGION_EU_W1`, and `REGION_APAC_SE1`. +* **New:** Now supports the _Northern California_, _European_ and _Asia-Pacific_ regions. +* **New:** The _global_ `CW_DEFAULT_URL` constant has been replaced by `AmazonCloudFront::DEFAULT_URL`. + +### AmazonEC2 +* **Fixed:** Resolved issues: [#124](http://code.google.com/p/tarzan-aws/issues/detail?id=124), [#131](http://code.google.com/p/tarzan-aws/issues/detail?id=131), [#138](http://code.google.com/p/tarzan-aws/issues/detail?id=138), [#139](http://code.google.com/p/tarzan-aws/issues/detail?id=139), [#154](http://code.google.com/p/tarzan-aws/issues/detail?id=154), [#173](http://code.google.com/p/tarzan-aws/issues/detail?id=173), [#200](http://code.google.com/p/tarzan-aws/issues/detail?id=200), [#233](http://code.google.com/p/tarzan-aws/issues/detail?id=233). +* **New:** Class is now up-to-date with the [2010-06-15](http://docs.amazonwebservices.com/AWSEC2/2010-06-15/APIReference/) API release. +* **New:** Now supports [Paid AMIs](http://developer.amazonwebservices.com/connect/entry.jspa?externalID=865&categoryID=87). +* **New:** Now supports [Multiple instance types](http://developer.amazonwebservices.com/connect/entry.jspa?externalID=992&categoryID=87). +* **New:** Now supports [Elastic IPs](http://developer.amazonwebservices.com/connect/entry.jspa?externalID=1344&categoryID=87). +* **New:** Now supports [Availability Zones](http://developer.amazonwebservices.com/connect/entry.jspa?externalID=1344&categoryID=87). +* **New:** Now supports [Elastic Block Store](http://developer.amazonwebservices.com/connect/entry.jspa?externalID=1665&categoryID=87). +* **New:** Now supports [Windows instances](http://developer.amazonwebservices.com/connect/entry.jspa?externalID=1765&categoryID=87). +* **New:** Now supports the [European region](http://developer.amazonwebservices.com/connect/entry.jspa?externalID=1926&categoryID=87). +* **New:** Now supports the _Northern California_ and _Asia-Pacific_ regions. +* **New:** Now supports [Reserved instances](http://developer.amazonwebservices.com/connect/entry.jspa?externalID=2213&categoryID=87). +* **New:** Now supports [Shared snapshots](http://developer.amazonwebservices.com/connect/entry.jspa?externalID=2843&categoryID=87). +* **New:** Now supports [EBS AMIs](http://developer.amazonwebservices.com/connect/entry.jspa?externalID=3105&categoryID=87). +* **New:** Now supports [Spot instances](http://developer.amazonwebservices.com/connect/entry.jspa?externalID=3215&categoryID=87). +* **New:** Now supports [Cluster Compute Instances](http://developer.amazonwebservices.com/connect/entry.jspa?externalID=3965&categoryID=87). +* **New:** Now supports [Placement Groups](http://developer.amazonwebservices.com/connect/entry.jspa?externalID=3965&categoryID=87). +* **New:** Added new _class_ constants for regions: `REGION_US_E1`, `REGION_US_W1`, `REGION_EU_W1`, `REGION_APAC_SE1`. +* **New:** Added new _class_ constants for run-state codes: `STATE_PENDING`, `STATE_RUNNING`, `STATE_SHUTTING_DOWN`, `STATE_TERMINATED`, `STATE_STOPPING`, `STATE_STOPPED`. +* **New:** Added support for decrypting the Administrator password for Microsoft Windows instances. +* **New:** Instead of needing to pass `Parameter.0`, `Parameter.1`, ...`Parameter.n` individually to certain methods, you can now reliably pass a string for a single value or an indexed array for a list of values. +* **New:** Limited tested has been done with the Eucalyptus EC2-clone. +* **Changed:** The `$account_id` parameter has been removed from the constructor. +* **Changed:** The _global_ `EC2_LOCATION_US` and `EC2_LOCATION_EU` constants have been replaced. +* **Changed:** The `set_locale()` method has been renamed to `set_region()`. It accepts any of the region constants. + +### AmazonIAM +* **New:** Up-to-date with the [2010-03-31](http://docs.amazonwebservices.com/sns/2010-03-31/api/) API release. + +### AmazonS3 +* **Fixed:** Resolved issues: [#31](http://code.google.com/p/tarzan-aws/issues/detail?id=31), [#72](http://code.google.com/p/tarzan-aws/issues/detail?id=72), [#123](http://code.google.com/p/tarzan-aws/issues/detail?id=123), [#156](http://code.google.com/p/tarzan-aws/issues/detail?id=156), [#199](http://code.google.com/p/tarzan-aws/issues/detail?id=199), [#201](http://code.google.com/p/tarzan-aws/issues/detail?id=201), [#203](http://code.google.com/p/tarzan-aws/issues/detail?id=203), [#207](http://code.google.com/p/tarzan-aws/issues/detail?id=207), [#208](http://code.google.com/p/tarzan-aws/issues/detail?id=208), [#209](http://code.google.com/p/tarzan-aws/issues/detail?id=209), [#210](http://code.google.com/p/tarzan-aws/issues/detail?id=210), [#212](http://code.google.com/p/tarzan-aws/issues/detail?id=212), [#216](http://code.google.com/p/tarzan-aws/issues/detail?id=216), [#217](http://code.google.com/p/tarzan-aws/issues/detail?id=217), [#226](http://code.google.com/p/tarzan-aws/issues/detail?id=226), [#228](http://code.google.com/p/tarzan-aws/issues/detail?id=228), [#234](http://code.google.com/p/tarzan-aws/issues/detail?id=234), [#235](http://code.google.com/p/tarzan-aws/issues/detail?id=235). +* **Fixed:** Fixed an issue where `AmazonS3` sent a `RequestCore` user agent in requests. +* **New:** Now supports the _Northern California_ and _Asia-Pacific_ regions. +* **New:** Now supports the new _EU (Ireland)_ REST endpoint. +* **New:** Now supports MFA Delete. +* **New:** Now supports Conditional Copy. +* **New:** Now supports Reduced Redundancy Storage (RRS). Added `change_storage_redundancy()`. +* **New:** Now supports Object Versioning. Added `enable_versioning()`, `disable_versioning`, `get_versioning_status()`, and `list_bucket_object_versions()`. +* **New:** Now supports Bucket Policies. Added `set_bucket_policy()`, `get_bucket_policy()`, and `delete_bucket_policy()`. +* **New:** Now supports Bucket Notifications. Added `create_bucket_notification()`, `get_bucket_notifications()`, and `delete_bucket_notification()`. +* **New:** Added _class_ constants for regions: `REGION_US_E1`, `REGION_US_W1`, `REGION_EU_W1`, `REGION_APAC_SE1`. +* **New:** Added _class_ constants for storage types: `STORAGE_STANDARD` and `STORAGE_REDUCED`. +* **New:** Enhanced `create_object()` with the ability to upload a file from the file system. +* **New:** Enhanced `get_object()` with the ability to download a file to the file system. +* **New:** Enhanced `get_bucket_list()` and `get_object_list()` with performance improvements. +* **New:** Enhanced all GET operations with the ability to generate pre-authenticated URLs. This is the same feature as `get_object_url()` has had, applied to all GET operations. +* **New:** Limited testing with Walrus, the Eucalyptus S3-clone. +* **New:** Limited testing with Google Storage. +* **Changed:** Replaced all of the remaining `S3_*` constants with _class_ constants: `self::ACL_*`, `self::GRANT_*`, `self::USERS_*`, and `self::PCRE_ALL`. +* **Changed:** Changed the function signature for `create_object()`. The filename is now passed as the second parameter, while the remaining options are now passed as the third parameter. This behavior now matches all of the other object-related methods. +* **Changed:** Changed the function signature for `head_object()`, `delete_object()`, and `get_object_acl()`. The methods now accept optional parameters as the third parameter instead of simply `returnCurlHandle`. +* **Changed:** Changed the function signature for `get_object_url()` and `get_torrent_url()`. Instead of passing a number of seconds until the URL expires, you now pass a string that `strtotime()` understands (including `60 seconds`). +* **Changed:** Changed the function signature for `get_object_url()`. Instead of passing a boolean value for `$torrent`, the last parameter is now an `$opt` variable which allows you to set `torrent` and `method` parameters. +* **Changed:** Changed how `returnCurlHandle` is used. Instead of passing `true` as the last parameter to most methods, you now need to explicitly set `array('returnCurlHandle' => true)`. This behavior is consistent with the implementation in other classes. +* **Changed:** Optional parameter names changed in `list_objects()`: `maxKeys` is now `max-keys`. +* **Changed:** `get_bucket_locale()` is now called `get_bucket_region()`, and returns the response body as a _string_ for easier comparison with class constants. +* **Changed:** `get_bucket_size()` is now called `get_bucket_object_count()`. Everything else about it is identical. +* **Changed:** `head_bucket()` is now called `get_bucket_headers()`. Everything else about it is identical. +* **Changed:** `head_object()` is now called `get_object_headers()`. Everything else about it is identical. +* **Changed:** `create_bucket()` has two backward-incompatible changes: + * Method now **requires** the region (formerly _locale_) to be set. + * Method takes an `$acl` parameter so that the ACL can be set directly when creating a new bucket. +* **Changed:** Bucket names are now validated. Creating a new bucket now requires the more stringent DNS-valid guidelines, while the process of reading existing buckets follows the looser path-style guidelines. This change also means that the reading of path-style bucket names is now supported, when previously they weren’t. +* **Removed:** Removed `store_remote_file()` because its intended usage repeatedly confused users, and had potential for misuse. If you were using it to upload from the local file system, you should be using `create_object` instead. +* **Removed:** Removed `copy_bucket()`, `replace_bucket()`, `duplicate_object()`, `move_object()`, and `rename_object()` because only a small number of users used them, and they weren't very robust anyway. +* **Removed:** Removed `get_bucket()` because it was just an alias for `list_objects()` anyway. Use the latter from now on -- it's identical. + +### AmazonSDB +* **Fixed:** Resolved issues: [#205](http://code.google.com/p/tarzan-aws/issues/detail?id=205). +* **New:** Class is now up-to-date with the [2009-04-15](http://docs.amazonwebservices.com/AmazonSimpleDB/2009-04-15/DeveloperGuide/) API release. +* **Changed:** Changed the function signatures for `get_attributes()` and `delete_attributes()` to improve consistency. + +### AmazonSNS +* **New:** Up-to-date with the [2010-03-31](http://docs.amazonwebservices.com/sns/2010-03-31/api/) API release. + +### AmazonSQS +* **Fixed:** Resolved issues: [#137](http://code.google.com/p/tarzan-aws/issues/detail?id=137), [#213](http://code.google.com/p/tarzan-aws/issues/detail?id=213), [#219](http://code.google.com/p/tarzan-aws/issues/detail?id=219), [#220](http://code.google.com/p/tarzan-aws/issues/detail?id=220), [#221](http://code.google.com/p/tarzan-aws/issues/detail?id=221), [#222](http://code.google.com/p/tarzan-aws/issues/detail?id=222). +* **Fixed:** In CloudFusion 2.5, neither `add_permission()` nor `remove_permission()` were functional. They are now working. +* **New:** Now supports the _Northern California_ and _Asia-Pacific_ regions. +* **New:** Now supports the new _US-East (N. Virginia)_ endpoint. +* **New:** Now supports the new _EU (Ireland)_ endpoint. +* **New:** Added new _class_ constants for regions: `REGION_US_E1`, `REGION_US_W1`, `REGION_EU_W1`, and `REGION_APAC_SE1`. +* **Changed:** Because we now support multiple region endpoints, queue names alone are no longer sufficient for referencing your queues. As such, you must now use a full-queue URL instead of just the queue name. +* **Changed:** The _global_ `SQS_LOCATION_US` and `SQS_LOCATION_EU` constants have been replaced. +* **Changed:** Renamed `set_locale()` as `set_region()`. It accepts any of the region constants. +* **Changed:** Changed the function signature for `list_queues()`. See the updated API reference. +* **Changed:** Changed the function signature for `set_queue_attributes()`. See the updated API reference. +* **Changed:** Changed how `returnCurlHandle` is used. Instead of passing `true` as the last parameter to most methods, you now need to explicitly set `array('returnCurlHandle' => true)`. This behavior is consistent with the implementation in other classes. +* **Changed:** Function signature changed in `get_queue_attributes()`. The `$attribute_name` parameter is now passed as a value in the `$opt` parameter. + +### AmazonSQSQueue +* **Removed:** `AmazonSQSQueue` was a simple wrapper around the AmazonSDB class. It generally failed as an object-centric approach to working with SQS, and as such, has been eliminated. Use the `AmazonSQS` class instead. + + +## Utility Classes +### CFArray +* **New:** Extends `ArrayObject`. +* **New:** Simplified typecasting of SimpleXML nodes to native types (e.g. integers, strings). + +### CFBatchRequest +* **New:** Provides a higher-level API for executing batch requests. + +### CFComplexType +* **New:** Used internally by several classes to handle various complex data-types (e.g. single or multiple values, `Key.x.Subkey.y.Value` combinations). +* **New:** Introduces a way to convert between JSON, YAML, and the PHP equivalent of Lists and Maps (nested associative arrays). + +### CFRequest +* **New:** Sets some project-specific settings and passes them to the lower-level RequestCore. + +### CFResponse +* **New:** No additional changes from the base `ResponseCore` class. + +### CFPolicy +* **New:** Used for constructing Base64-encoded, JSON policy documents to be passed around to other methods. + +### CFSimpleXML +* **New:** Extends `SimpleXMLElement`. +* **New:** Simplified node retrieval. All SimpleXML-based objects (e.g. `$response->body`) now have magic methods that allow you to quickly retrieve nodes with the same name + * e.g. `$response->body->Name()` will return an array of all SimpleXML nodes that match the `//Name` XPath expression. + +### CFUtilities +* **Fixed:** `to_query_string()` now explicitly passes a `&` character to `http_build_query()` to avoid configuration issues with MAMP/WAMP/XAMP installations. +* **Fixed:** `convert_response_to_array()` has been fixed to correctly return an all-array response under both PHP 5.2 and 5.3. Previously, PHP 5.3 returned a mix of `array`s and `stdClass` objects. +* **New:** Added `konst()` to retrieve the value of a class constant, while avoiding the `T_PAAMAYIM_NEKUDOTAYIM` error. Misspelled because `const` is a reserved word. +* **New:** Added `is_base64()` to determine whether or not a string is Base64-encoded data. +* **New:** Added `decode_uhex()` to decode `\uXXXX` entities back into their unicode equivalents. +* **Changed:** Changed `size_readable()`. Now supports units up to exabytes. +* **Changed:** Moved the `DATE_FORMAT_*` _global_ constants into this class as _class_ constants. +* **Removed:** Removed `json_encode_php51()` now that the minimum required version is PHP 5.2 (which includes the JSON extension by default). +* **Removed:** Removed `hex_to_base64()`. + + +## Third-party Libraries +### CacheCore +* **New:** Upgraded to version 1.1.1. +* **New:** Now supports both the [memcache](http://php.net/memcache) extension, but also the newer, faster [memcached](http://php.net/memcached) extension. Prefers `memcached` if both are installed. +* **Deprecated:** Support for MySQL and PostgreSQL as storage mechanisms has been **deprecated**. Since they're using PDO, they'll continue to function (as we're maintaining SQLite support via PDO), but we recommend migrating to using APC, XCache, Memcache or SQLite if you'd like to continue using response caching. +* New BSD licensed +* + +### RequestCore +* **New:** Upgraded to version 1.2. +* **New:** Now supports streaming up and down. +* **New:** Now supports "rolling" requests for better scalability. +* New BSD licensed +* diff --git a/3rdparty/aws-sdk/_docs/CONTRIBUTORS.md b/3rdparty/aws-sdk/_docs/CONTRIBUTORS.md new file mode 100644 index 00000000000..3523bf6723c --- /dev/null +++ b/3rdparty/aws-sdk/_docs/CONTRIBUTORS.md @@ -0,0 +1,64 @@ +# Contributors + +## AWS SDK for PHP Contributors + +Contributions were provided under the Apache 2.0 License, as appropriate. + +The following people have provided ideas, support and bug fixes: + +* [arech8](http://developer.amazonwebservices.com/connect/profile.jspa?userID=154435) (bug fixes) +* [Aizat Faiz](http://aizatto.com) (bug fixes) +* [Ben Lumley](http://github.com/benlumley) (bug fixes) +* [David Chan](http://www.chandeeland.org) (bug fixes) +* [Eric Caron](http://www.ericcaron.com) (bug fixes) +* [Jason Ardell](http://ardell.posterous.com/) (bug fixes) +* [Jeremy Archuleta](http://code.google.com/u/jeremy.archuleta/) (bug fixes) +* [Jimmy Berry](http://blog.boombatower.com/) (bug fixes, patches) +* [Paul Voegler](mailto:voegler@gmx.de) (bug fixes, bug reports, patches) +* [Peter Bowen](http://github.com/pzb) (feedback, bug reports) +* [zoxa](https://github.com/zoxa) (bug fixes) + + +## CloudFusion/CacheCore/RequestCore Contributors + +Contributions were provided under the New BSD License, as appropriate. + +The following people have provided ideas, support and bug fixes: + +* [Aaron Collegeman](http://blog.aaroncollegeman.com) (bug fixes) +* [Alex Schenkel](http://code.google.com/u/alex.schenkel/) (bug fixes) +* [Andrzej Bednarczyk](http://kreo-consulting.com) (bug fixes) +* [bprater](http://code.google.com/u/bprater/) (bug fixes) +* [castoware](http://code.google.com/u/castoware/) (bug fixes) +* [Chris Chen](http://github.com/chrischen) (bug fixes, patches, support) +* [Chris Mytton](http://hecticjeff.net) (bug fixes) +* [evgen.dm](http://code.google.com/u/evgen.dm/) (bug fixes) +* [gafitescu](http://code.google.com/u/gafitescu/) (bug fixes) +* [Gary Richardson](http://code.google.com/u/gary.richardson/) (bug fixes) +* [Gil Hildebrand](http://squidoo.com) (bug fixes) +* [Guilherme Blanco](http://blog.bisna.com) (bug fixes) +* [hammjazz](http://code.google.com/u/hammjazz/) (bug fixes) +* [HelloBunty](http://code.google.com/u/HelloBunty/) (bug fixes) +* [inputrequired](http://code.google.com/u/inputrequired/) (bug fixes) +* [Ivo Beckers](http://infopractica.nl) (bug fixes) +* [Jason Litka](http://jasonlitka.com) (bug fixes, patches) +* [Jeremy Archuleta](http://code.google.com/u/jeremy.archuleta/) (bug fixes) +* [John Beales](http://johnbeales.com) (bug fixes) +* [John Parker](http://code.google.com/u/john3parker/) (bug fixes) +* [Jon Cianciullo](http://code.google.com/u/jon.cianciullo/) (bug fixes) +* [kris0476](http://code.google.com/u/kris0476/) (bug fixes) +* [Matt Terenzio](http://jour.nali.st/blog) (bug fixes, patches) +* [Mike Jetter](http://mbjetter.com) (bug fixes) +* [Morten Blinksbjerg Nielsen](http://mbn.dk) (bug fixes) +* [nathell](http://code.google.com/u/nathell/) (bug fixes) +* [nickgsuperstar](http://code.google.com/u/nickgsuperstar/) (bug fixes) +* [ofpichon](http://code.google.com/u/ofpichon/) (bug fixes) +* [Otavio Ferreira](http://otaviofff.me) (bug fixes) +* [Paul Voegler](mailto:voegler@gmx.de) (bug fixes, bug reports, patches) +* [Steve Brozosky](http://code.google.com/u/@UBZWSlJVBxhHXAN1/) (bug fixes) +* [Steve Chu](http://stevechu.org) (bug fixes) +* [tommusic](http://code.google.com/u/tommusic/) (bug fixes) +* [Tyler Hall](http://clickontyler.com) (bug fixes) +* [webcentrica.co.uk](http://code.google.com/u/@VhBQQldUBBBEXAF1/) (bug fixes) +* [worden341](http://github.com/worden341) (bug fixes) +* [yakkyjunk](http://code.google.com/u/yakkyjunk/) (bug fixes) diff --git a/3rdparty/aws-sdk/_docs/DYNAMODBSESSIONHANDLER.html b/3rdparty/aws-sdk/_docs/DYNAMODBSESSIONHANDLER.html new file mode 100644 index 00000000000..8b1545db50a --- /dev/null +++ b/3rdparty/aws-sdk/_docs/DYNAMODBSESSIONHANDLER.html @@ -0,0 +1,235 @@ + + + + + README + + + +

DynamoDB Session Handler

The DynamoDB Session Handler is a custom session handler for PHP that allows Amazon DynamoDB to be used as a session store while still using PHP’s native session functions.

+ +

What issues does this address?

The native PHP session handler stores sessions on the local file system. This is unreliable in distributed web applications, because the user may be routed to servers that do not contain the session data. To solve this problem, PHP developers have implemented custom solutions for storing user session data using databases, shared file systems, Memcache servers, tamper-proof cookies, etc., by taking advantage of the interface provided by PHP via the session_set_save_handler() function. Unfortunately, most of these solutions require a lot of configuration or prior knowledge about the storage mechanism in order to setup. Some of them also require the provisioning or management of additional servers.

+ +

Proposed solution

The DynamoDB Session Handler uses Amazon DynamoDB as a session store, which alleviates many of the problems with existing solutions. There are no additional servers to manage, and there is very little configuration required. The Amazon DynamoDB is also fundamentally designed for low latency (the data is even stored on SSDs), so the performance impact is much smaller when compared to other databases. Since the Session Handler is designed to be a drop in replacement for the default PHP session handler, it also implements session locking in a familiar way.

+ +

How do I use it?

The first step is to instantiate the Amazon DynamoDB client and register the session handler.

require_once 'AWSSDKforPHP/sdk.class.php';
+
+// Instantiate the Amazon DynamoDB client.
+// REMEMBER: You need to set 'default_cache_config' in your config.inc.php.
+$dynamodb = new AmazonDynamoDB();
+
+// Register the DynamoDB Session Handler.
+$handler = $dynamodb->register_session_handler(array(
+    'table_name' => 'my-sessions-table'
+));

Before you can use the session handler, you need to create a table to store the sessions in. This can be done through the AWS Console for Amazon DynamoDB, or using the session handler class (which you must configure with the table name like in the example above).

// Create a table for session storage with default settings.
+$handler->create_sessions_table();

If you create the table via the AWS Console, you need to make sure the primary key is a string. By default the DynamoDB Session Handler looks for a key named "id", so if you name the key something else, you will need to specify that when you configure the session handler (see the Configuration section below).

Once the session handler is registered with a valid table, you can write to (and read from) the session using the standard $_SESSION superglobal.

// Start the session. This will acquire a lock if session locking is enabled.
+session_start();
+
+// Alter the session data.
+$_SESSION['username'] = 'jeremy';
+$_SESSION['role'] = 'admin';
+
+// Close and write to the session.
+// REMEMBER: You should close the session ASAP to release the session lock.
+session_write_close();

+ +

Removing expired sessions

The session handler ties into PHP's native session garbage collection functionality, so expired sessions will be deleted periodically and automatically based on how you configure PHP to do the garbage collection. See the PHP manual for the following PHP INI settings: session.gc_probability, session.gc_divisor, and session.gc_maxlifetime. You may also manually call the DynamoDBSessionHandler::garbage_collect() to clean up the expired sessions.

+ +

Configuring the DynamoDB Session Handler

You may configure the behavior of the session handler using a the following settings:

table_name: The name of the DynamoDB table in which to store sessions.
hash_key: The name of the primary hash key in the DynamoDB sessions table.
session_lifetime: The lifetime of an inactive session before it should be garbage collected. If 0 is used, then the actual lifetime value that will be used is ini_get('session.gc_maxlifetime').
consistent_reads: Whether or not the session handler should do consistent reads from DynamoDB.
session_locking: Whether or not the session handler should do session locking (see the Session locking section for more information).
max_lock_wait_time: Maximum time, in seconds, that the session handler should take to acquire a lock before giving up. Only used if session_locking is true.
min_lock_retry_utime: Minimum time, in microseconds, that the session handler should wait to retry acquiring a lock. Only used if session_locking is true.
max_lock_retry_utime: Maximum time, in microseconds, that the session handler should wait to retry acquiring a lock. Only used if session_locking is true.

+ +

To configure the Session Handle, you must pass the configuration data into the constructor. (Note: The values used below are actually the default settings.)

$dynamodb = new AmazonDynamoDB();
+$handler = $dynamodb->register_session_handler(array(
+    'table_name'           => 'sessions',
+    'hash_key'             => 'id',
+    'session_lifetime'     => 0,
+    'consistent_reads'     => true,
+    'session_locking'      => true,
+    'max_lock_wait_time'   => 15,
+    'min_lock_retry_utime' => 5000,
+    'max_lock_retry_utime' => 50000,
+));

+ +

Session locking

The default session handler for PHP locks sessions using a pessimistic locking algorithm. If a request (process) opens a session for reading using the session_start() function, it first acquires a lock. The lock is closed when that request writes back to the session, either when the request is complete, or via the session_write_close() function. Since the DynamoDB Session Handler is meant to be a drop in replacement for the default session handler, it also implements the same locking scheme. However, this can be slow, undesirable, and costly when multiple, simultaneous requests from the same user occur, particularly with ajax requests or HTML iframes. In some cases, you may not want or need the session to be locked. After evaluating whether or not your application actually requires session locking, you may turn off locking when you configure the session handler by setting session_locking to false.

+ +

Pricing

Aside from nominal data storage and data transfer fees, the costs associated with using Amazon DynamoDB are calculated based on provisioned throughput capacity and item size (see the Amazon DynamoDB pricing details). Throughput is measured in units of Read Capacity and Write Capacity. Ultimately, the throughput and costs required for your sessions table is going to be based on your website traffic, but the following is a list of the capacity units required for each session-related operation:

Reading via session_start() +
With locking enabled: 1 unit of Write Capacity + 1 unit of Write Capacity for each time it must retry acquiring the lock
+
With locking disabed: 1 unit of Read Capacity (or 0.5 units of Read Capacity if consistent reads are disabled)
+
Writing via session_write_close() +
1 unit of Write Capacity
+
Deleting via session_destroy() +
1 unit of Write Capacity
+
Garbage Collecting via DyanamoDBSessionHandler::garbage_collect() +
0.5 units of Read Capacity per KB of data in the sessions table + 1 unit of Write Capacity per expired item
+

+ +

More information

For more information on the Amazon DynamoDB service please visit the Amazon DynamoDB homepage.

+ + + diff --git a/3rdparty/aws-sdk/_docs/KNOWNISSUES.md b/3rdparty/aws-sdk/_docs/KNOWNISSUES.md new file mode 100644 index 00000000000..9773c3932b8 --- /dev/null +++ b/3rdparty/aws-sdk/_docs/KNOWNISSUES.md @@ -0,0 +1,65 @@ +# Known Issues + +## 2GB limit for 32-bit stacks; all Windows stacks. + +Because PHP's integer type is signed and many platforms use 32-bit integers, the AWS SDK for PHP does not correctly +handle files larger than 2GB on a 32-bit stack (where "stack" includes CPU, OS, web server, and PHP binary). This is a +[well-known PHP issue]. In the case of Microsoft® Windows®, there are no official builds of PHP that support 64-bit +integers. + +The recommended solution is to use a 64-bit Linux stack, such as the [64-bit Amazon Linux AMI] with the latest version of +PHP installed. + +For more information, please see: [PHP filesize: Return values]. A workaround is suggested in +`AmazonS3::create_mpu_object()` [with files bigger than 2GB]. + + [well-known PHP issue]: http://www.google.com/search?q=php+2gb+32-bit + [64-bit Amazon Linux AMI]: http://aws.amazon.com/amazon-linux-ami/ + [PHP filesize: Return values]: http://docs.php.net/manual/en/function.filesize.php#refsect1-function.filesize-returnvalues + [with files bigger than 2GB]: https://forums.aws.amazon.com/thread.jspa?messageID=215487#215487 + + +## Amazon S3 Buckets containing periods + +Amazon S3's SSL certificate covers domains that match `*.s3.amazonaws.com`. When buckets (e.g., `my-bucket`) are accessed +using DNS-style addressing (e.g., `my-bucket.s3.amazonaws.com`), those SSL/HTTPS connections are covered by the certificate. + +However, when a bucket name contains one or more periods (e.g., `s3.my-domain.com`) and is accessed using DNS-style +addressing (e.g., `s3.my-domain.com.s3.amazonaws.com`), that SSL/HTTPS connection will fail because the certificate +doesn't match. + +The most secure workaround is to change the bucket name to one that does not contain periods. Less secure workarounds +are to use `disable_ssl()` or `disable_ssl_verification()`. Because of the security implications, calling either of +these methods will throw a warning. You can avoid the warning by adjusting your `error_reporting()` settings. + + +## Expiring request signatures + +When leveraging `AmazonS3::create_mpu_object()`, it's possible that later parts of the multipart upload will fail if +the upload takes more than 15 minutes. + + +## Too many open file connections + +When leveraging `AmazonS3::create_mpu_object()`, it's possible that the SDK will attempt to open too many file resources +at once. Because the file connection limit is not available to the PHP environment, the SDK is unable to automatically +adjust the number of connections it attempts to open. + +A workaround is to increase the part size so that fewer file connections are opened. + + +## Exceptionally large batch requests + +When leveraging the batch request feature to execute multiple requests in parallel, it's possible that the SDK will +throw a fatal exception if a particular batch pool is exceptionally large and a service gets overloaded with requests. + +This seems to be most common when attempting to send a large number of emails with the SES service. + + +## Long-running processes using SSL leak memory + +When making requests with the SDK over SSL during long-running processes, there will be a gradual memory leak that can +eventually cause a crash. The leak occurs within the PHP bindings for cURL when attempting to verify the peer during an +SSL handshake. See for details about the bug. + +A workaround is to disable SSL for requests executed in long-running processes. diff --git a/3rdparty/aws-sdk/_docs/LICENSE.md b/3rdparty/aws-sdk/_docs/LICENSE.md new file mode 100644 index 00000000000..853ab3bae8e --- /dev/null +++ b/3rdparty/aws-sdk/_docs/LICENSE.md @@ -0,0 +1,151 @@ +# Apache License +Version 2.0, January 2004 + +TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + +## 1. Definitions. + +"License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 +through 9 of this document. + +"Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the +License. + +"Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled +by, or are under common control with that entity. For the purposes of this definition, "control" means +(i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract +or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial +ownership of such entity. + +"You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. + +"Source" form shall mean the preferred form for making modifications, including but not limited to software +source code, documentation source, and configuration files. + +"Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, +including but not limited to compiled object code, generated documentation, and conversions to other media +types. + +"Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, +as indicated by a copyright notice that is included in or attached to the work (an example is provided in the +Appendix below). + +"Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) +the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, +as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not +include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work +and Derivative Works thereof. + +"Contribution" shall mean any work of authorship, including the original version of the Work and any +modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to +Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to +submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of +electronic, verbal, or written communication sent to the Licensor or its representatives, including but not +limited to communication on electronic mailing lists, source code control systems, and issue tracking systems +that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but +excluding communication that is conspicuously marked or otherwise designated in writing by the copyright +owner as "Not a Contribution." + +"Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been +received by Licensor and subsequently incorporated within the Work. + + +## 2. Grant of Copyright License. + +Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, +worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare +Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such +Derivative Works in Source or Object form. + + +## 3. Grant of Patent License. + +Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, +worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent +license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such +license applies only to those patent claims licensable by such Contributor that are necessarily infringed by +their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such +Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim +or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work +constitutes direct or contributory patent infringement, then any patent licenses granted to You under this +License for that Work shall terminate as of the date such litigation is filed. + + +## 4. Redistribution. + +You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without +modifications, and in Source or Object form, provided that You meet the following conditions: + + 1. You must give any other recipients of the Work or Derivative Works a copy of this License; and + + 2. You must cause any modified files to carry prominent notices stating that You changed the files; and + + 3. You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, + trademark, and attribution notices from the Source form of the Work, excluding those notices that do + not pertain to any part of the Derivative Works; and + + 4. If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that + You distribute must include a readable copy of the attribution notices contained within such NOTICE + file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed as part of the Derivative Works; within + the Source form or documentation, if provided along with the Derivative Works; or, within a display + generated by the Derivative Works, if and wherever such third-party notices normally appear. The + contents of the NOTICE file are for informational purposes only and do not modify the License. You may + add Your own attribution notices within Derivative Works that You distribute, alongside or as an + addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be + construed as modifying the License. + +You may add Your own copyright statement to Your modifications and may provide additional or different license +terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative +Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the +conditions stated in this License. + + +## 5. Submission of Contributions. + +Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by +You to the Licensor shall be under the terms and conditions of this License, without any additional terms or +conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate +license agreement you may have executed with Licensor regarding such Contributions. + + +## 6. Trademarks. + +This License does not grant permission to use the trade names, trademarks, service marks, or product names of +the Licensor, except as required for reasonable and customary use in describing the origin of the Work and +reproducing the content of the NOTICE file. + + +## 7. Disclaimer of Warranty. + +Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor +provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express +or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, +MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the +appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of +permissions under this License. + + +## 8. Limitation of Liability. + +In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless +required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any +Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential +damages of any character arising as a result of this License or out of the use or inability to use the Work +(including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or +any and all other commercial damages or losses), even if such Contributor has been advised of the possibility +of such damages. + + +## 9. Accepting Warranty or Additional Liability. + +While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, +acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this +License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole +responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold +each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason +of your accepting any such warranty or additional liability. + + +END OF TERMS AND CONDITIONS diff --git a/3rdparty/aws-sdk/_docs/NOTICE.md b/3rdparty/aws-sdk/_docs/NOTICE.md new file mode 100644 index 00000000000..780c2e4c9d5 --- /dev/null +++ b/3rdparty/aws-sdk/_docs/NOTICE.md @@ -0,0 +1,444 @@ +# AWS SDK for PHP + +Based on [CloudFusion](http://getcloudfusion.com). Includes other third-party software. + +See below for complete copyright and licensing notices. + + +## AWS SDK for PHP + + + +Copyright 2010-2012 Amazon.com, Inc. or its affiliates. All Rights Reserved. + +Licensed under the Apache License, Version 2.0 (the "License"). +You may not use this file except in compliance with the License. +A copy of the License is located at + + + +or in the "license" file accompanying this file. This file is distributed +on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either +express or implied. See the License for the specific language governing +permissions and limitations under the License. + + +## CloudFusion + + + +* Copyright 2005-2010 [Ryan Parman](http://ryanparman.com) +* Copyright 2007-2010 [Foleeo Inc.](http://warpshare.com) +* Copyright 2007-2010 "CONTRIBUTORS" (see [CONTRIBUTORS.md](CONTRIBUTORS.md) for a list) + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +* Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +* Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +* Neither the name of the organization nor the names of its contributors + may be used to endorse or promote products derived from this software without + specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, +INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, +OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + + + + +## CacheCore + + + +* Copyright 2007-2010 [Ryan Parman](http://ryanparman.com) +* Copyright 2007-2010 [Foleeo Inc.](http://warpshare.com) + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +* Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +* Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +* Neither the name of the organization nor the names of its contributors + may be used to endorse or promote products derived from this software without + specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, +INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, +OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + + + + +## RequestCore + + + +* Copyright 2007-2010 [Ryan Parman](http://ryanparman.com) +* Copyright 2007-2010 [Foleeo Inc.](http://warpshare.com) + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +* Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +* Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +* Neither the name of the organization nor the names of its contributors + may be used to endorse or promote products derived from this software without + specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, +INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, +OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + + + + +## SimplePie + + + +* Copyright 2004-2010 [Ryan Parman](http://ryanparman.com) +* Copyright 2005-2010 [Geoffrey Sneddon](http://gsnedders.com) +* Copyright 2008-2011 [Ryan McCue](http://ryanmccue.info) + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + +* Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + +* Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +* Neither the name of the organization nor the names of its contributors + may be used to endorse or promote products derived from this software without + specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, +INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, +OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + + + + +## Reqwest + + + +* Copyright 2011 [Dustin Diaz](http://dustindiaz.com) + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. + + + + +## Human readable file sizes + + + +* Copyright 2004-2010 [Aidan Lister](http://aidanlister.com) +* Copyright 2007-2010 [Ryan Parman](http://ryanparman.com) + +Redistribution and use in source and binary forms, with or without +modification, is permitted provided that the following conditions +are met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + + 3. The name "PHP" must not be used to endorse or promote products + derived from this software without prior written permission. For + written permission, please contact group@php.net. + + 4. Products derived from this software may not be called "PHP", nor + may "PHP" appear in their name, without prior written permission + from group@php.net. You may indicate that your software works in + conjunction with PHP by saying "Foo for PHP" instead of calling + it "PHP Foo" or "phpfoo" + + 5. The PHP Group may publish revised and/or new versions of the + license from time to time. Each version will be given a + distinguishing version number. + Once covered code has been published under a particular version + of the license, you may always continue to use it under the terms + of that version. You may also choose to use such covered code + under the terms of any subsequent version of the license + published by the PHP Group. No one other than the PHP Group has + the right to modify the terms applicable to covered code created + under this License. + + 6. Redistributions of any form whatsoever must retain the following + acknowledgment: + "This product includes PHP software, freely available from + ". + +THIS SOFTWARE IS PROVIDED BY THE PHP DEVELOPMENT TEAM ``AS IS'' AND +ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A +PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE PHP +DEVELOPMENT TEAM OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, +INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +OF THE POSSIBILITY OF SUCH DAMAGE. + + + + +## Snippets from PHP.net documentation + +* `CFUtilities::is_base64()` - Copyright 2008 "debug" + +Redistribution and use in source and binary forms, with or without +modification, is permitted provided that the following conditions +are met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + + 3. The name "PHP" must not be used to endorse or promote products + derived from this software without prior written permission. For + written permission, please contact group@php.net. + + 4. Products derived from this software may not be called "PHP", nor + may "PHP" appear in their name, without prior written permission + from group@php.net. You may indicate that your software works in + conjunction with PHP by saying "Foo for PHP" instead of calling + it "PHP Foo" or "phpfoo" + + 5. The PHP Group may publish revised and/or new versions of the + license from time to time. Each version will be given a + distinguishing version number. + Once covered code has been published under a particular version + of the license, you may always continue to use it under the terms + of that version. You may also choose to use such covered code + under the terms of any subsequent version of the license + published by the PHP Group. No one other than the PHP Group has + the right to modify the terms applicable to covered code created + under this License. + + 6. Redistributions of any form whatsoever must retain the following + acknowledgment: + "This product includes PHP software, freely available from + ". + +THIS SOFTWARE IS PROVIDED BY THE PHP DEVELOPMENT TEAM ``AS IS'' AND +ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, +THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A +PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE PHP +DEVELOPMENT TEAM OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, +INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +OF THE POSSIBILITY OF SUCH DAMAGE. + + + + +## phunction PHP framework + + + +* Copyright 2010 [Alix Axel](mailto:alix-axel@users.sf.net) + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. + + + + +## Symfony YAML Component + + + +Copyright 2008-2009 [Fabien Potencier](http://fabien.potencier.org) + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is furnished +to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. + + + + +## PEAR Console_ProgressBar + + + +Copyright 2003-2007 [Stefan Walk](http://pear.php.net/user/et) + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is furnished +to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. + + + + +## Mozilla Certificate Authority + +* +* + +The contents of this file are subject to the Mozilla Public License Version +1.1 (the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at +http://www.mozilla.org/MPL/ + +Software distributed under the License is distributed on an "AS IS" basis, +WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +for the specific language governing rights and limitations under the +License. + +The Original Code is the Netscape security libraries. + +The Initial Developer of the Original Code is Netscape Communications +Corporation. Portions created by the Initial Developer are Copyright +(C) 1994-2000 the Initial Developer. All Rights Reserved. + + + + +## array-to-domdocument + + + +* Copyright 2010-2011 [Omer Hassan](https://code.google.com/u/113495690012051782542/) +* Portions copyright 2012 Amazon.com, Inc. or its affiliates. All Rights Reserved. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is furnished +to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. + + diff --git a/3rdparty/aws-sdk/_docs/STREAMWRAPPER_README.html b/3rdparty/aws-sdk/_docs/STREAMWRAPPER_README.html new file mode 100644 index 00000000000..5d91068aa23 --- /dev/null +++ b/3rdparty/aws-sdk/_docs/STREAMWRAPPER_README.html @@ -0,0 +1,243 @@ + + + + + README + + + +

S3 Stream Wrapper

The S3 Stream Wrapper is a stream wrapper interface for PHP that provides access to Amazon S3 using PHP’s standard File System API functions.

+ +

What issues does this address?

There are a large number of existing applications, code snippets and other bits of PHP that are designed to read and write from the local file system as part of their normal operations. Many of these apps could benefit from moving into the cloud, but doing so would require rewriting a substantial amount of code.

What if we could simplify this process so that the updates required to make an existing application cloud-backed would be very minimal?

+ +

Proposed solution

PHP provides an interface for solving this exact kind of problem, called the Stream Wrapper interface. By writing a class that implements this interface and registering it as a handler we can reduce both the amount of rewriting that needs to be done for existing applications, as well as substantially lower the learning curve for reading and writing from Amazon S3.

+ +

How do I use it?

After including the AWS SDK for PHP in your project, use the AmazonS3::register_stream_wrapper() method to register s3:// as a supported stream wrapper for Amazon S3. It's that simple. Amazon S3 file patterns take the following form: s3://bucket/object.

+ +

require_once 'AWSSDKforPHP/sdk.class.php';
+
+$s3 = new AmazonS3();
+$s3->register_stream_wrapper();
+
+$directory = 's3://my-new-bucket';
+$filename = $directory . '/put.txt';
+$contents = '';
+
+if (mkdir($directory))
+{
+    if (file_put_contents($filename, 'This is some sample data.'))
+    {
+        $handle = fopen($filename, 'rb+');
+        $contents = stream_get_contents($handle);
+        fclose($handle);
+    }
+
+    rmdir($directory);
+}
+
+echo $contents;

+ +

You may also pass a different protocol name as a parameter to AmazonS3::register_stream_wrapper() if you want to use something besides s3://. Using this technique you can create more than one stream wrapper with different configurations (e.g. for different regions). To do that you just need to create separate instances of the AmazonS3 class, configure them, and then register a stream wrapper for each of them with different protocol names.

+ +

require_once 'AWSSDKforPHP/sdk.class.php';
+
+$s3east = new AmazonS3();
+$s3east->set_region(AmazonS3::REGION_US_E1);
+$s3east->register_stream_wrapper('s3east');
+mkdir('s3east://my-easterly-bucket');
+
+$s3west = new AmazonS3();
+$s3west->set_region(AmazonS3::REGION_US_W1);
+$s3west->register_stream_wrapper('s3west');
+mkdir('s3west://my-westerly-bucket');

+ +

Tests and usage examples

We are also including tests written in the PHPT format. Not only do these tests show how the software can be used, but any tests submitted back to us should be in this format. These tests will likely fail for you unless you change the bucket names to be globally unique across S3. You can run the tests with pear.

cd S3StreamWrapper/tests;
+pear run-tests;

If you have PHPUnit 3.6+ and Xdebug installed, you can generate a code coverage report as follows:

cd S3StreamWrapper/tests && \
+phpunit --colors --coverage-html ./_coverage_report . && \
+open ./_coverage_report/index.html;

+ +

Notes and Known Issues

stream_lock() and stream_cast() are not currently implemented, and likely won't be.
Strangely touch() doesn’t seem to work. I think this is because of an issue with my implementation of url_stat(), but I can’t find any information on the magical combination of parameters that will make this work.
Using fopen() will always open in rb+ mode. Amazon S3 as a service doesn’t support anything else.
Because of the way that PHP interacts with the StreamWrapper interface, it’s difficult to optimize for batch requests under the hood. If you need to push or pull data from several objects, you may find that using batch requests with the standard interface has better latency.
rmdir() does not do a force-delete, so you will need to iterate over the files to delete them one-by-one.
realpath(), glob(), chmod(), chown(), chgrp(), tempnam() and a few other functions don’t support the StreamWrapper interface at the PHP-level because they're designed to work with the (no/low-latency) local file system.
Support for ftruncate() does not exist in any current release of PHP, but is implemented on the PHP trunk for a future release. http://bugs.php.net/53888.
Since Amazon S3 doesn’t support appending data, it is best to avoid functions that expect or rely on that functionality (e.g. fputcsv()).

+ +

Successfully tested with

+ +

Known issues with

+ +

A future version may provide S3-specific implementations of some of these functions (e.g., s3chmod(), s3glob(), s3touch()).

+ + diff --git a/3rdparty/aws-sdk/_docs/WHERE_IS_THE_API_REFERENCE.md b/3rdparty/aws-sdk/_docs/WHERE_IS_THE_API_REFERENCE.md new file mode 100644 index 00000000000..7ad235576b4 --- /dev/null +++ b/3rdparty/aws-sdk/_docs/WHERE_IS_THE_API_REFERENCE.md @@ -0,0 +1,2 @@ +You can find the API Reference at: +http://docs.amazonwebservices.com/AWSSDKforPHP/latest/ diff --git a/3rdparty/aws-sdk/authentication/signable.interface.php b/3rdparty/aws-sdk/authentication/signable.interface.php new file mode 100644 index 00000000000..5316d16a815 --- /dev/null +++ b/3rdparty/aws-sdk/authentication/signable.interface.php @@ -0,0 +1,48 @@ + class. + * + * @param string $endpoint (Required) The endpoint to direct the request to. + * @param string $operation (Required) The operation to execute as a result of this request. + * @param array $payload (Required) The options to use as part of the payload in the request. + * @param CFCredential $credentials (Required) The credentials to use for signing and making requests. + * @return void + */ + public function __construct($endpoint, $operation, $payload, CFCredential $credentials) + { + parent::__construct($endpoint, $operation, $payload, $credentials); + } + + /** + * Generates a cURL handle with all of the required authentication bits set. + * + * @return resource A cURL handle ready for executing. + */ + public function authenticate() + { + // Determine signing values + $current_time = time(); + $date = gmdate(CFUtilities::DATE_FORMAT_RFC2616, $current_time); + $timestamp = gmdate(CFUtilities::DATE_FORMAT_ISO8601, $current_time); + $query = array(); + + // Do we have an authentication token? + if ($this->auth_token) + { + $headers['X-Amz-Security-Token'] = $this->auth_token; + $query['SecurityToken'] = $this->auth_token; + } + + // Only add it if it exists. + if ($this->api_version) + { + $query['Version'] = $this->api_version; + } + + $query['Action'] = $this->operation; + $query['AWSAccessKeyId'] = $this->key; + $query['SignatureMethod'] = 'HmacSHA256'; + $query['SignatureVersion'] = 2; + $query['Timestamp'] = $timestamp; + + // Merge in any options that were passed in + if (is_array($this->payload)) + { + $query = array_merge($query, $this->payload); + } + + // Do a case-sensitive, natural order sort on the array keys. + uksort($query, 'strcmp'); + + // Create the string that needs to be hashed. + $canonical_query_string = $this->util->to_signable_string($query); + + // Remove the default scheme from the domain. + $domain = str_replace(array('http://', 'https://'), '', $this->endpoint); + + // Parse our request. + $parsed_url = parse_url('http://' . $domain); + + // Set the proper host header. + if (isset($parsed_url['port']) && (integer) $parsed_url['port'] !== 80 && (integer) $parsed_url['port'] !== 443) + { + $host_header = strtolower($parsed_url['host']) . ':' . $parsed_url['port']; + } + else + { + $host_header = strtolower($parsed_url['host']); + } + + // Set the proper request URI. + $request_uri = isset($parsed_url['path']) ? $parsed_url['path'] : '/'; + + // Prepare the string to sign + $this->string_to_sign = "POST\n$host_header\n$request_uri\n$canonical_query_string"; + + // Hash the AWS secret key and generate a signature for the request. + $query['Signature'] = base64_encode(hash_hmac('sha256', $this->string_to_sign, $this->secret_key, true)); + + // Generate the querystring from $query + $this->querystring = $this->util->to_query_string($query); + + // Gather information to pass along to other classes. + $helpers = array( + 'utilities' => $this->utilities_class, + 'request' => $this->request_class, + 'response' => $this->response_class, + ); + + // Compose the request. + $request_url = ($this->use_ssl ? 'https://' : 'http://') . $domain; + $request_url .= !isset($parsed_url['path']) ? '/' : ''; + + // Instantiate the request class + $request = new $this->request_class($request_url, $this->proxy, $helpers, $this->credentials); + $request->set_method('POST'); + $request->set_body($this->querystring); + $headers['Content-Type'] = 'application/x-www-form-urlencoded; charset=utf-8'; + + // Pass along registered stream callbacks + if ($this->registered_streaming_read_callback) + { + $request->register_streaming_read_callback($this->registered_streaming_read_callback); + } + + if ($this->registered_streaming_write_callback) + { + $request->register_streaming_write_callback($this->registered_streaming_write_callback); + } + + // Sort headers + uksort($headers, 'strnatcasecmp'); + + // Add headers to request and compute the string to sign + foreach ($headers as $header_key => $header_value) + { + // Strip linebreaks from header values as they're illegal and can allow for security issues + $header_value = str_replace(array("\r", "\n"), '', $header_value); + + // Add the header if it has a value + if ($header_value !== '') + { + $request->add_header($header_key, $header_value); + } + } + + return $request; + } +} diff --git a/3rdparty/aws-sdk/authentication/signature_v3json.class.php b/3rdparty/aws-sdk/authentication/signature_v3json.class.php new file mode 100644 index 00000000000..d07f554d1f7 --- /dev/null +++ b/3rdparty/aws-sdk/authentication/signature_v3json.class.php @@ -0,0 +1,235 @@ + class. + * + * @param string $endpoint (Required) The endpoint to direct the request to. + * @param string $operation (Required) The operation to execute as a result of this request. + * @param array $payload (Required) The options to use as part of the payload in the request. + * @param CFCredential $credentials (Required) The credentials to use for signing and making requests. + * @return void + */ + public function __construct($endpoint, $operation, $payload, CFCredential $credentials) + { + parent::__construct($endpoint, $operation, $payload, $credentials); + } + + /** + * Generates a cURL handle with all of the required authentication bits set. + * + * @return resource A cURL handle ready for executing. + */ + public function authenticate() + { + // Determine signing values + $current_time = time(); + $date = gmdate(CFUtilities::DATE_FORMAT_RFC2616, $current_time); + $timestamp = gmdate(CFUtilities::DATE_FORMAT_ISO8601, $current_time); + $nonce = $this->util->generate_guid(); + $curlopts = array(); + $signed_headers = array(); + $return_curl_handle = false; + $x_amz_target = null; + $query = array('body' => $this->payload); + + // Do we have an authentication token? + if ($this->auth_token) + { + $headers['X-Amz-Security-Token'] = $this->auth_token; + $query['SecurityToken'] = $this->auth_token; + } + + // Manage the key-value pairs that are used in the query. + if (stripos($this->operation, 'x-amz-target') !== false) + { + $x_amz_target = trim(str_ireplace('x-amz-target:', '', $this->operation)); + } + else + { + $query['Action'] = $this->operation; + } + + // Only add it if it exists. + if ($this->api_version) + { + $query['Version'] = $this->api_version; + } + + $curlopts = array(); + + // Set custom CURLOPT settings + if (is_array($this->payload) && isset($this->payload['curlopts'])) + { + $curlopts = $this->payload['curlopts']; + unset($this->payload['curlopts']); + } + + // Merge in any options that were passed in + if (is_array($this->payload)) + { + $query = array_merge($query, $this->payload); + } + + $return_curl_handle = isset($query['returnCurlHandle']) ? $query['returnCurlHandle'] : false; + unset($query['returnCurlHandle']); + + // Do a case-sensitive, natural order sort on the array keys. + uksort($query, 'strcmp'); + + // Normalize JSON input + if (isset($query['body']) && $query['body'] === '[]') + { + $query['body'] = '{}'; + } + + // Create the string that needs to be hashed. + $canonical_query_string = $this->util->encode_signature2($query['body']); + + // Remove the default scheme from the domain. + $domain = str_replace(array('http://', 'https://'), '', $this->endpoint); + + // Parse our request. + $parsed_url = parse_url('http://' . $domain); + + // Set the proper host header. + if (isset($parsed_url['port']) && (integer) $parsed_url['port'] !== 80 && (integer) $parsed_url['port'] !== 443) + { + $host_header = strtolower($parsed_url['host']) . ':' . $parsed_url['port']; + } + else + { + $host_header = strtolower($parsed_url['host']); + } + + // Set the proper request URI. + $request_uri = isset($parsed_url['path']) ? $parsed_url['path'] : '/'; + + // Generate the querystring from $query + $this->querystring = $this->util->to_query_string($query); + + // Gather information to pass along to other classes. + $helpers = array( + 'utilities' => $this->utilities_class, + 'request' => $this->request_class, + 'response' => $this->response_class, + ); + + // Compose the request. + $request_url = ($this->use_ssl ? 'https://' : 'http://') . $domain; + $request_url .= !isset($parsed_url['path']) ? '/' : ''; + + // Instantiate the request class + $request = new $this->request_class($request_url, $this->proxy, $helpers, $this->credentials); + $request->set_method('POST'); + //$request->set_body($this->querystring); + //$headers['Content-Type'] = 'application/x-www-form-urlencoded; charset=utf-8'; + + // Signing using X-Amz-Target is handled differently. + $headers['X-Amz-Target'] = $x_amz_target; + $headers['Content-Type'] = 'application/x-amz-json-1.0'; + $request->set_body($query['body']); + $this->querystring = $query['body']; + + // Pass along registered stream callbacks + if ($this->registered_streaming_read_callback) + { + $request->register_streaming_read_callback($this->registered_streaming_read_callback); + } + + if ($this->registered_streaming_write_callback) + { + $request->register_streaming_write_callback($this->registered_streaming_write_callback); + } + + // Add authentication headers + // $headers['X-Amz-Nonce'] = $nonce; + $headers['Date'] = $date; + $headers['Content-Length'] = strlen($this->querystring); + $headers['Content-MD5'] = $this->util->hex_to_base64(md5($this->querystring)); + $headers['Host'] = $host_header; + + // Sort headers + uksort($headers, 'strnatcasecmp'); + + // Prepare the string to sign (HTTP) + $this->string_to_sign = "POST\n$request_uri\n\n"; + + // Add headers to request and compute the string to sign + foreach ($headers as $header_key => $header_value) + { + // Strip linebreaks from header values as they're illegal and can allow for security issues + $header_value = str_replace(array("\r", "\n"), '', $header_value); + + // Add the header if it has a value + if ($header_value !== '') + { + $request->add_header($header_key, $header_value); + } + + // Generate the string to sign + if ( + substr(strtolower($header_key), 0, 8) === 'content-' || + strtolower($header_key) === 'date' || + strtolower($header_key) === 'expires' || + strtolower($header_key) === 'host' || + substr(strtolower($header_key), 0, 6) === 'x-amz-' + ) + { + $this->string_to_sign .= strtolower($header_key) . ':' . $header_value . "\n"; + $signed_headers[] = $header_key; + } + } + + $this->string_to_sign .= "\n"; + + if (isset($query['body']) && $query['body'] !== '') + { + $this->string_to_sign .= $query['body']; + } + + // Convert from string-to-sign to bytes-to-sign + $bytes_to_sign = hash('sha256', $this->string_to_sign, true); + + // Hash the AWS secret key and generate a signature for the request. + $signature = base64_encode(hash_hmac('sha256', $bytes_to_sign, $this->secret_key, true)); + + $headers['X-Amzn-Authorization'] = 'AWS3' + . ' AWSAccessKeyId=' . $this->key + . ',Algorithm=HmacSHA256' + . ',SignedHeaders=' . implode(';', $signed_headers) + . ',Signature=' . $signature; + + $request->add_header('X-Amzn-Authorization', $headers['X-Amzn-Authorization']); + $request->request_headers = $headers; + + return $request; + } +} diff --git a/3rdparty/aws-sdk/authentication/signature_v3query.class.php b/3rdparty/aws-sdk/authentication/signature_v3query.class.php new file mode 100644 index 00000000000..04565f928ed --- /dev/null +++ b/3rdparty/aws-sdk/authentication/signature_v3query.class.php @@ -0,0 +1,192 @@ + class. + * + * @param string $endpoint (Required) The endpoint to direct the request to. + * @param string $operation (Required) The operation to execute as a result of this request. + * @param array $payload (Required) The options to use as part of the payload in the request. + * @param CFCredential $credentials (Required) The credentials to use for signing and making requests. + * @return void + */ + public function __construct($endpoint, $operation, $payload, CFCredential $credentials) + { + parent::__construct($endpoint, $operation, $payload, $credentials); + } + + /** + * Generates a cURL handle with all of the required authentication bits set. + * + * @return resource A cURL handle ready for executing. + */ + public function authenticate() + { + // Determine signing values + $current_time = time(); + $date = gmdate(CFUtilities::DATE_FORMAT_RFC2616, $current_time); + $timestamp = gmdate(CFUtilities::DATE_FORMAT_ISO8601, $current_time); + $nonce = $this->util->generate_guid(); + $curlopts = array(); + $signed_headers = array(); + + // Do we have an authentication token? + if ($this->auth_token) + { + $headers['X-Amz-Security-Token'] = $this->auth_token; + $query['SecurityToken'] = $this->auth_token; + } + + $query['Action'] = $this->operation; + $query['Version'] = $this->api_version; + + // Set custom CURLOPT settings + if (is_array($this->payload) && isset($this->payload['curlopts'])) + { + $curlopts = $this->payload['curlopts']; + unset($this->payload['curlopts']); + } + + // Merge in any options that were passed in + if (is_array($this->payload)) + { + $query = array_merge($query, $this->payload); + } + + $return_curl_handle = isset($query['returnCurlHandle']) ? $query['returnCurlHandle'] : false; + unset($query['returnCurlHandle']); + + // Do a case-sensitive, natural order sort on the array keys. + uksort($query, 'strcmp'); + $canonical_query_string = $this->util->to_signable_string($query); + + // Remove the default scheme from the domain. + $domain = str_replace(array('http://', 'https://'), '', $this->endpoint); + + // Parse our request. + $parsed_url = parse_url('http://' . $domain); + + // Set the proper host header. + if (isset($parsed_url['port']) && (integer) $parsed_url['port'] !== 80 && (integer) $parsed_url['port'] !== 443) + { + $host_header = strtolower($parsed_url['host']) . ':' . $parsed_url['port']; + } + else + { + $host_header = strtolower($parsed_url['host']); + } + + // Set the proper request URI. + $request_uri = isset($parsed_url['path']) ? $parsed_url['path'] : '/'; + + // Generate the querystring from $query + $this->querystring = $this->util->to_query_string($query); + + // Gather information to pass along to other classes. + $helpers = array( + 'utilities' => $this->utilities_class, + 'request' => $this->request_class, + 'response' => $this->response_class, + ); + + // Compose the request. + $request_url = ($this->use_ssl ? 'https://' : 'http://') . $domain; + $request_url .= !isset($parsed_url['path']) ? '/' : ''; + + // Instantiate the request class + $request = new $this->request_class($request_url, $this->proxy, $helpers, $this->credentials); + $request->set_method('POST'); + $request->set_body($this->querystring); + $headers['Content-Type'] = 'application/x-www-form-urlencoded; charset=utf-8'; + + // Pass along registered stream callbacks + if ($this->registered_streaming_read_callback) + { + $request->register_streaming_read_callback($this->registered_streaming_read_callback); + } + + if ($this->registered_streaming_write_callback) + { + $request->register_streaming_write_callback($this->registered_streaming_write_callback); + } + + // Add authentication headers + $headers['X-Amz-Nonce'] = $nonce; + $headers['Date'] = $date; + $headers['Content-Length'] = strlen($this->querystring); + $headers['Content-MD5'] = $this->util->hex_to_base64(md5($this->querystring)); + $headers['Host'] = $host_header; + + // Sort headers + uksort($headers, 'strnatcasecmp'); + + // Prepare the string to sign (HTTPS) + $this->string_to_sign = $date . $nonce; + + // Add headers to request and compute the string to sign + foreach ($headers as $header_key => $header_value) + { + // Strip linebreaks from header values as they're illegal and can allow for security issues + $header_value = str_replace(array("\r", "\n"), '', $header_value); + + // Add the header if it has a value + if ($header_value !== '') + { + $request->add_header($header_key, $header_value); + } + + // Generate the string to sign + if ( + substr(strtolower($header_key), 0, 8) === 'content-' || + strtolower($header_key) === 'date' || + strtolower($header_key) === 'expires' || + strtolower($header_key) === 'host' || + substr(strtolower($header_key), 0, 6) === 'x-amz-' + ) + { + $signed_headers[] = $header_key; + } + } + + // Hash the AWS secret key and generate a signature for the request. + $signature = base64_encode(hash_hmac('sha256', $this->string_to_sign, $this->secret_key, true)); + + $headers['X-Amzn-Authorization'] = 'AWS3-HTTPS' + . ' AWSAccessKeyId=' . $this->key + . ',Algorithm=HmacSHA256' + . ',SignedHeaders=' . implode(';', $signed_headers) + . ',Signature=' . $signature; + + $request->add_header('X-Amzn-Authorization', $headers['X-Amzn-Authorization']); + $request->request_headers = $headers; + + return $request; + } +} diff --git a/3rdparty/aws-sdk/authentication/signature_v4json.class.php b/3rdparty/aws-sdk/authentication/signature_v4json.class.php new file mode 100644 index 00000000000..d3ab07ad8bf --- /dev/null +++ b/3rdparty/aws-sdk/authentication/signature_v4json.class.php @@ -0,0 +1,353 @@ + class. + * + * @param string $endpoint (Required) The endpoint to direct the request to. + * @param string $operation (Required) The operation to execute as a result of this request. + * @param array $payload (Required) The options to use as part of the payload in the request. + * @param CFCredential $credentials (Required) The credentials to use for signing and making requests. + * @return void + */ + public function __construct($endpoint, $operation, $payload, CFCredential $credentials) + { + parent::__construct($endpoint, $operation, $payload, $credentials); + } + + /** + * Generates a cURL handle with all of the required authentication bits set. + * + * @return resource A cURL handle ready for executing. + */ + public function authenticate() + { + // Determine signing values + $current_time = time(); + $timestamp = gmdate(CFUtilities::DATE_FORMAT_SIGV4, $current_time); + + // Initialize + $x_amz_target = null; + + $this->headers = array(); + $this->signed_headers = array(); + $this->canonical_headers = array(); + $this->query = array(); + + // Prepare JSON structure + $decoded = json_decode($this->payload, true); + $data = (array) (is_array($decoded) ? $decoded : $this->payload); + unset($data['curlopts']); + unset($data['returnCurlHandle']); + $this->body = json_encode($data); + if ($this->body === '' || $this->body === '[]') + { + $this->body = '{}'; + } + + // Do we have an authentication token? + if ($this->auth_token) + { + $this->headers['X-Amz-Security-Token'] = $this->auth_token; + $this->query['SecurityToken'] = $this->auth_token; + } + + // Manage the key-value pairs that are used in the query. + if (stripos($this->operation, 'x-amz-target') !== false) + { + $x_amz_target = trim(str_ireplace('x-amz-target:', '', $this->operation)); + } + else + { + $this->query['Action'] = $this->operation; + } + + // Only add it if it exists. + if ($this->api_version) + { + $this->query['Version'] = $this->api_version; + } + + // Do a case-sensitive, natural order sort on the array keys. + uksort($this->query, 'strcmp'); + + // Remove the default scheme from the domain. + $domain = str_replace(array('http://', 'https://'), '', $this->endpoint); + + // Parse our request. + $parsed_url = parse_url('http://' . $domain); + + // Set the proper host header. + if (isset($parsed_url['port']) && (integer) $parsed_url['port'] !== 80 && (integer) $parsed_url['port'] !== 443) + { + $host_header = strtolower($parsed_url['host']) . ':' . $parsed_url['port']; + } + else + { + $host_header = strtolower($parsed_url['host']); + } + + // Generate the querystring from $this->query + $this->querystring = $this->util->to_query_string($this->query); + + // Gather information to pass along to other classes. + $helpers = array( + 'utilities' => $this->utilities_class, + 'request' => $this->request_class, + 'response' => $this->response_class, + ); + + // Compose the request. + $request_url = ($this->use_ssl ? 'https://' : 'http://') . $domain; + $request_url .= !isset($parsed_url['path']) ? '/' : ''; + + // Instantiate the request class + $request = new $this->request_class($request_url, $this->proxy, $helpers, $this->credentials); + $request->set_method('POST'); + $request->set_body($this->body); + $this->querystring = $this->body; + $this->headers['Content-Type'] = 'application/x-amz-json-1.1'; + $this->headers['X-Amz-Target'] = $x_amz_target; + + // Pass along registered stream callbacks + if ($this->registered_streaming_read_callback) + { + $request->register_streaming_read_callback($this->registered_streaming_read_callback); + } + + if ($this->registered_streaming_write_callback) + { + $request->register_streaming_write_callback($this->registered_streaming_write_callback); + } + + // Add authentication headers + $this->headers['X-Amz-Date'] = $timestamp; + $this->headers['Content-Length'] = strlen($this->querystring); + $this->headers['Host'] = $host_header; + + // Sort headers + uksort($this->headers, 'strnatcasecmp'); + + // Add headers to request and compute the string to sign + foreach ($this->headers as $header_key => $header_value) + { + // Strip linebreaks from header values as they're illegal and can allow for security issues + $header_value = str_replace(array("\r", "\n"), '', $header_value); + + $request->add_header($header_key, $header_value); + $this->canonical_headers[] = strtolower($header_key) . ':' . $header_value; + + $this->signed_headers[] = strtolower($header_key); + } + + $this->headers['Authorization'] = $this->authorization($timestamp); + $request->add_header('Authorization', $this->headers['Authorization']); + $request->request_headers = $this->headers; + + return $request; + } + + /** + * Generates the authorization string to use for the request. + * + * @param string $datetime (Required) The current timestamp. + * @return string The authorization string. + */ + protected function authorization($datetime) + { + $access_key_id = $this->key; + + $parts = array(); + $parts[] = "AWS4-HMAC-SHA256 Credential=${access_key_id}/" . $this->credential_string($datetime); + $parts[] = 'SignedHeaders=' . implode(';', $this->signed_headers); + $parts[] = 'Signature=' . $this->hex16($this->signature($datetime)); + + return implode(',', $parts); + } + + /** + * Calculate the signature. + * + * @param string $datetime (Required) The current timestamp. + * @return string The signature. + */ + protected function signature($datetime) + { + $k_date = $this->hmac('AWS4' . $this->secret_key, substr($datetime, 0, 8)); + $k_region = $this->hmac($k_date, $this->region()); + $k_service = $this->hmac($k_region, $this->service()); + $k_credentials = $this->hmac($k_service, 'aws4_request'); + $signature = $this->hmac($k_credentials, $this->string_to_sign($datetime)); + + return $signature; + } + + /** + * Calculate the string to sign. + * + * @param string $datetime (Required) The current timestamp. + * @return string The string to sign. + */ + protected function string_to_sign($datetime) + { + $parts = array(); + $parts[] = 'AWS4-HMAC-SHA256'; + $parts[] = $datetime; + $parts[] = $this->credential_string($datetime); + $parts[] = $this->hex16($this->hash($this->canonical_request())); + + $this->string_to_sign = implode("\n", $parts); + + return $this->string_to_sign; + } + + /** + * Generates the credential string to use for signing. + * + * @param string $datetime (Required) The current timestamp. + * @return string The credential string. + */ + protected function credential_string($datetime) + { + $parts = array(); + $parts[] = substr($datetime, 0, 8); + $parts[] = $this->region(); + $parts[] = $this->service(); + $parts[] = 'aws4_request'; + + return implode('/', $parts); + } + + /** + * Calculate the canonical request. + * + * @return string The canonical request. + */ + protected function canonical_request() + { + $parts = array(); + $parts[] = 'POST'; + $parts[] = $this->canonical_uri(); + $parts[] = ''; // $parts[] = $this->canonical_querystring(); + $parts[] = implode("\n", $this->canonical_headers) . "\n"; + $parts[] = implode(';', $this->signed_headers); + $parts[] = $this->hex16($this->hash($this->body)); + + $this->canonical_request = implode("\n", $parts); + + return $this->canonical_request; + } + + /** + * The region ID to use in the signature. + * + * @return return The region ID. + */ + protected function region() + { + $pieces = explode('.', $this->endpoint); + + // Handle cases with single/no region (i.e. service.region.amazonaws.com vs. service.amazonaws.com) + if (count($pieces < 4)) + { + return 'us-east-1'; + } + + return $pieces[1]; + } + + /** + * The service ID to use in the signature. + * + * @return return The service ID. + */ + protected function service() + { + $pieces = explode('.', $this->endpoint); + return $pieces[0]; + } + + /** + * The request URI path. + * + * @return string The request URI path. + */ + protected function canonical_uri() + { + return '/'; + } + + /** + * The canonical query string. + * + * @return string The canonical query string. + */ + protected function canonical_querystring() + { + if (!isset($this->canonical_querystring)) + { + $this->canonical_querystring = $this->util->to_signable_string($this->query); + } + + return $this->canonical_querystring; + } + + /** + * Hex16-pack the data. + * + * @param string $value (Required) The data to hex16 pack. + * @return string The hex16-packed data. + */ + protected function hex16($value) + { + $result = unpack('H*', $value); + return reset($result); + } + + /** + * Applies HMAC SHA-256 encryption to the string, salted by the key. + * + * @return string Raw HMAC SHA-256 hashed string. + */ + protected function hmac($key, $string) + { + return hash_hmac('sha256', $string, $key, true); + } + + /** + * SHA-256 hashes the string. + * + * @return string Raw SHA-256 hashed string. + */ + protected function hash($string) + { + return hash('sha256', $string, true); + } +} diff --git a/3rdparty/aws-sdk/authentication/signature_v4query.class.php b/3rdparty/aws-sdk/authentication/signature_v4query.class.php new file mode 100644 index 00000000000..bd5a3fbf5b5 --- /dev/null +++ b/3rdparty/aws-sdk/authentication/signature_v4query.class.php @@ -0,0 +1,345 @@ + class. + * + * @param string $endpoint (Required) The endpoint to direct the request to. + * @param string $operation (Required) The operation to execute as a result of this request. + * @param array $payload (Required) The options to use as part of the payload in the request. + * @param CFCredential $credentials (Required) The credentials to use for signing and making requests. + * @return void + */ + public function __construct($endpoint, $operation, $payload, CFCredential $credentials) + { + parent::__construct($endpoint, $operation, $payload, $credentials); + } + + /** + * Generates a cURL handle with all of the required authentication bits set. + * + * @return resource A cURL handle ready for executing. + */ + public function authenticate() + { + // Determine signing values + $current_time = time(); + $timestamp = gmdate(CFUtilities::DATE_FORMAT_SIGV4, $current_time); + + // Initialize + $x_amz_target = null; + + $this->headers = array(); + $this->signed_headers = array(); + $this->canonical_headers = array(); + $this->query = array('body' => is_array($this->payload) ? $this->payload : array()); + + // Do we have an authentication token? + if ($this->auth_token) + { + $this->headers['X-Amz-Security-Token'] = $this->auth_token; + $this->query['body']['SecurityToken'] = $this->auth_token; + } + + // Manage the key-value pairs that are used in the query. + if (stripos($this->operation, 'x-amz-target') !== false) + { + $x_amz_target = trim(str_ireplace('x-amz-target:', '', $this->operation)); + } + else + { + $this->query['body']['Action'] = $this->operation; + } + + // Only add it if it exists. + if ($this->api_version) + { + $this->query['body']['Version'] = $this->api_version; + } + + // Do a case-sensitive, natural order sort on the array keys. + uksort($this->query['body'], 'strcmp'); + + // Remove the default scheme from the domain. + $domain = str_replace(array('http://', 'https://'), '', $this->endpoint); + + // Parse our request. + $parsed_url = parse_url('http://' . $domain); + + // Set the proper host header. + if (isset($parsed_url['port']) && (integer) $parsed_url['port'] !== 80 && (integer) $parsed_url['port'] !== 443) + { + $host_header = strtolower($parsed_url['host']) . ':' . $parsed_url['port']; + } + else + { + $host_header = strtolower($parsed_url['host']); + } + + // Generate the querystring from $this->query + $this->querystring = $this->util->to_query_string($this->query); + + // Gather information to pass along to other classes. + $helpers = array( + 'utilities' => $this->utilities_class, + 'request' => $this->request_class, + 'response' => $this->response_class, + ); + + // Compose the request. + $request_url = ($this->use_ssl ? 'https://' : 'http://') . $domain; + $request_url .= !isset($parsed_url['path']) ? '/' : ''; + + // Instantiate the request class + $request = new $this->request_class($request_url, $this->proxy, $helpers, $this->credentials); + $request->set_method('POST'); + $request->set_body($this->canonical_querystring()); + $this->querystring = $this->canonical_querystring(); + + $this->headers['Content-Type'] = 'application/x-www-form-urlencoded; charset=utf-8'; + $this->headers['X-Amz-Target'] = $x_amz_target; + + // Pass along registered stream callbacks + if ($this->registered_streaming_read_callback) + { + $request->register_streaming_read_callback($this->registered_streaming_read_callback); + } + + if ($this->registered_streaming_write_callback) + { + $request->register_streaming_write_callback($this->registered_streaming_write_callback); + } + + // Add authentication headers + $this->headers['X-Amz-Date'] = $timestamp; + $this->headers['Content-Length'] = strlen($this->querystring); + $this->headers['Content-MD5'] = $this->util->hex_to_base64(md5($this->querystring)); + $this->headers['Host'] = $host_header; + + // Sort headers + uksort($this->headers, 'strnatcasecmp'); + + // Add headers to request and compute the string to sign + foreach ($this->headers as $header_key => $header_value) + { + // Strip linebreaks from header values as they're illegal and can allow for security issues + $header_value = str_replace(array("\r", "\n"), '', $header_value); + + $request->add_header($header_key, $header_value); + $this->canonical_headers[] = strtolower($header_key) . ':' . $header_value; + + $this->signed_headers[] = strtolower($header_key); + } + + $this->headers['Authorization'] = $this->authorization($timestamp); + + $request->add_header('Authorization', $this->headers['Authorization']); + $request->request_headers = $this->headers; + + return $request; + } + + /** + * Generates the authorization string to use for the request. + * + * @param string $datetime (Required) The current timestamp. + * @return string The authorization string. + */ + protected function authorization($datetime) + { + $access_key_id = $this->key; + + $parts = array(); + $parts[] = "AWS4-HMAC-SHA256 Credential=${access_key_id}/" . $this->credential_string($datetime); + $parts[] = 'SignedHeaders=' . implode(';', $this->signed_headers); + $parts[] = 'Signature=' . $this->hex16($this->signature($datetime)); + + return implode(',', $parts); + } + + /** + * Calculate the signature. + * + * @param string $datetime (Required) The current timestamp. + * @return string The signature. + */ + protected function signature($datetime) + { + $k_date = $this->hmac('AWS4' . $this->secret_key, substr($datetime, 0, 8)); + $k_region = $this->hmac($k_date, $this->region()); + $k_service = $this->hmac($k_region, $this->service()); + $k_credentials = $this->hmac($k_service, 'aws4_request'); + $signature = $this->hmac($k_credentials, $this->string_to_sign($datetime)); + + return $signature; + } + + /** + * Calculate the string to sign. + * + * @param string $datetime (Required) The current timestamp. + * @return string The string to sign. + */ + protected function string_to_sign($datetime) + { + $parts = array(); + $parts[] = 'AWS4-HMAC-SHA256'; + $parts[] = $datetime; + $parts[] = $this->credential_string($datetime); + $parts[] = $this->hex16($this->hash($this->canonical_request())); + + $this->string_to_sign = implode("\n", $parts); + + return $this->string_to_sign; + } + + /** + * Generates the credential string to use for signing. + * + * @param string $datetime (Required) The current timestamp. + * @return string The credential string. + */ + protected function credential_string($datetime) + { + $parts = array(); + $parts[] = substr($datetime, 0, 8); + $parts[] = $this->region(); + $parts[] = $this->service(); + $parts[] = 'aws4_request'; + + return implode('/', $parts); + } + + /** + * Calculate the canonical request. + * + * @return string The canonical request. + */ + protected function canonical_request() + { + $parts = array(); + $parts[] = 'POST'; + $parts[] = $this->canonical_uri(); + $parts[] = ''; // $parts[] = $this->canonical_querystring(); + $parts[] = implode("\n", $this->canonical_headers) . "\n"; + $parts[] = implode(';', $this->signed_headers); + $parts[] = $this->hex16($this->hash($this->canonical_querystring())); + + $this->canonical_request = implode("\n", $parts); + + return $this->canonical_request; + } + + /** + * The region ID to use in the signature. + * + * @return return The region ID. + */ + protected function region() + { + $pieces = explode('.', $this->endpoint); + + // Handle cases with single/no region (i.e. service.region.amazonaws.com vs. service.amazonaws.com) + if (count($pieces < 4)) + { + return 'us-east-1'; + } + + return $pieces[1]; + } + + /** + * The service ID to use in the signature. + * + * @return return The service ID. + */ + protected function service() + { + $pieces = explode('.', $this->endpoint); + return ($pieces[0] === 'email') ? 'ses' : $pieces[0]; + } + + /** + * The request URI path. + * + * @return string The request URI path. + */ + protected function canonical_uri() + { + return '/'; + } + + /** + * The canonical query string. + * + * @return string The canonical query string. + */ + protected function canonical_querystring() + { + if (!isset($this->canonical_querystring)) + { + $this->canonical_querystring = $this->util->to_signable_string($this->query['body']); + } + + return $this->canonical_querystring; + } + + /** + * Hex16-pack the data. + * + * @param string $value (Required) The data to hex16 pack. + * @return string The hex16-packed data. + */ + protected function hex16($value) + { + $result = unpack('H*', $value); + return reset($result); + } + + /** + * Applies HMAC SHA-256 encryption to the string, salted by the key. + * + * @return string Raw HMAC SHA-256 hashed string. + */ + protected function hmac($key, $string) + { + return hash_hmac('sha256', $string, $key, true); + } + + /** + * SHA-256 hashes the string. + * + * @return string Raw SHA-256 hashed string. + */ + protected function hash($string) + { + return hash('sha256', $string, true); + } +} diff --git a/3rdparty/aws-sdk/authentication/signer.abstract.php b/3rdparty/aws-sdk/authentication/signer.abstract.php new file mode 100644 index 00000000000..f6bf7912f7b --- /dev/null +++ b/3rdparty/aws-sdk/authentication/signer.abstract.php @@ -0,0 +1,68 @@ +endpoint = $endpoint; + $this->operation = $operation; + $this->payload = $payload; + $this->credentials = $credentials; + } +} diff --git a/3rdparty/aws-sdk/config-sample.inc.php b/3rdparty/aws-sdk/config-sample.inc.php new file mode 100755 index 00000000000..93d2315b2ff --- /dev/null +++ b/3rdparty/aws-sdk/config-sample.inc.php @@ -0,0 +1,83 @@ + array( + + // Amazon Web Services Key. Found in the AWS Security Credentials. You can also pass + // this value as the first parameter to a service constructor. + 'key' => 'development-key', + + // Amazon Web Services Secret Key. Found in the AWS Security Credentials. You can also + // pass this value as the second parameter to a service constructor. + 'secret' => 'development-secret', + + // This option allows you to configure a preferred storage type to use for caching by + // default. This can be changed later using the set_cache_config() method. + // + // Valid values are: `apc`, `xcache`, or a file system path such as `./cache` or + // `/tmp/cache/`. + 'default_cache_config' => '', + + // Determines which Cerificate Authority file to use. + // + // A value of boolean `false` will use the Certificate Authority file available on the + // system. A value of boolean `true` will use the Certificate Authority provided by the + // SDK. Passing a file system path to a Certificate Authority file (chmodded to `0755`) + // will use that. + // + // Leave this set to `false` if you're not sure. + 'certificate_authority' => false + ), + + // Specify a default credential set to use if there are more than one. + '@default' => 'development' +)); diff --git a/3rdparty/aws-sdk/lib/dom/ArrayToDOMDocument.php b/3rdparty/aws-sdk/lib/dom/ArrayToDOMDocument.php new file mode 100644 index 00000000000..06ad502eebb --- /dev/null +++ b/3rdparty/aws-sdk/lib/dom/ArrayToDOMDocument.php @@ -0,0 +1,181 @@ +appendChild(self::createDOMElement($source, $rootTagName, $document)); + + return $document; + } + + /** + * @param array $source + * @param string $rootTagName + * @param bool $formatOutput + * @return string + */ + public static function arrayToXMLString(array $source, $rootTagName = 'root', $formatOutput = true) + { + $document = self::arrayToDOMDocument($source, $rootTagName); + $document->formatOutput = $formatOutput; + + return $document->saveXML(); + } + + /** + * @param DOMDocument $document + * @return array + */ + public static function domDocumentToArray(DOMDocument $document) + { + return self::createArray($document->documentElement); + } + + /** + * @param string $xmlString + * @return array + */ + public static function xmlStringToArray($xmlString) + { + $document = new DOMDocument(); + + return $document->loadXML($xmlString) ? self::domDocumentToArray($document) : array(); + } + + /** + * @param mixed $source + * @param string $tagName + * @param DOMDocument $document + * @return DOMNode + */ + private static function createDOMElement($source, $tagName, DOMDocument $document) + { + if (!is_array($source)) + { + $element = $document->createElement($tagName); + $element->appendChild($document->createCDATASection($source)); + + return $element; + } + + $element = $document->createElement($tagName); + + foreach ($source as $key => $value) + { + if (is_string($key) && !is_numeric($key)) + { + if ($key === self::ATTRIBUTES) + { + foreach ($value as $attributeName => $attributeValue) + { + $element->setAttribute($attributeName, $attributeValue); + } + } + elseif ($key === self::CONTENT) + { + $element->appendChild($document->createCDATASection($value)); + } + elseif (is_string($value) && !is_numeric($value)) + { + $element->appendChild(self::createDOMElement($value, $key, $document)); + } + elseif (is_array($value) && count($value)) + { + $keyNode = $document->createElement($key); + + foreach ($value as $elementKey => $elementValue) + { + if (is_string($elementKey) && !is_numeric($elementKey)) + { + $keyNode->appendChild(self::createDOMElement($elementValue, $elementKey, $document)); + } + else + { + $element->appendChild(self::createDOMElement($elementValue, $key, $document)); + } + } + + if ($keyNode->hasChildNodes()) + { + $element->appendChild($keyNode); + } + } + else + { + if (is_bool($value)) + { + $value = $value ? 'true' : 'false'; + } + + $element->appendChild(self::createDOMElement($value, $key, $document)); + } + } + else + { + $element->appendChild(self::createDOMElement($value, $tagName, $document)); + } + } + + return $element; + } + + /** + * @param DOMNode $domNode + * @return array + */ + private static function createArray(DOMNode $domNode) + { + $array = array(); + + for ($i = 0; $i < $domNode->childNodes->length; $i++) + { + $item = $domNode->childNodes->item($i); + + if ($item->nodeType === XML_ELEMENT_NODE) + { + $arrayElement = array(); + + for ($attributeIndex = 0; !is_null($attribute = $item->attributes->item($attributeIndex)); $attributeIndex++) + { + if ($attribute->nodeType === XML_ATTRIBUTE_NODE) + { + $arrayElement[self::ATTRIBUTES][$attribute->nodeName] = $attribute->nodeValue; + } + } + + $children = self::createArray($item); + + if (is_array($children)) + { + $arrayElement = array_merge($arrayElement, $children); + } + else + { + $arrayElement[self::CONTENT] = $children; + } + + $array[$item->nodeName][] = $arrayElement; + } + elseif ($item->nodeType === XML_CDATA_SECTION_NODE || ($item->nodeType === XML_TEXT_NODE && trim($item->nodeValue) !== '')) + { + return $item->nodeValue; + } + } + + return $array; + } +} diff --git a/3rdparty/aws-sdk/lib/requestcore/LICENSE b/3rdparty/aws-sdk/lib/requestcore/LICENSE new file mode 100755 index 00000000000..49b38bd620a --- /dev/null +++ b/3rdparty/aws-sdk/lib/requestcore/LICENSE @@ -0,0 +1,25 @@ +Copyright (c) 2006-2010 Ryan Parman, Foleeo Inc., and contributors. All rights reserved. + +Redistribution and use in source and binary forms, with or without modification, are +permitted provided that the following conditions are met: + + * Redistributions of source code must retain the above copyright notice, this list of + conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above copyright notice, this list + of conditions and the following disclaimer in the documentation and/or other materials + provided with the distribution. + + * Neither the name of Ryan Parman, Foleeo Inc. nor the names of its contributors may be used to + endorse or promote products derived from this software without specific prior written + permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS +OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY +AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS +AND CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. diff --git a/3rdparty/aws-sdk/lib/requestcore/README.md b/3rdparty/aws-sdk/lib/requestcore/README.md new file mode 100755 index 00000000000..373ea4dccad --- /dev/null +++ b/3rdparty/aws-sdk/lib/requestcore/README.md @@ -0,0 +1,15 @@ +# RequestCore + +RequestCore is a lightweight cURL-based HTTP request/response class that leverages MultiCurl for parallel requests. + +### PEAR HTTP_Request? + +RequestCore was written as a replacement for [PEAR HTTP_Request](http://pear.php.net/http_request/). While PEAR HTTP_Request is full-featured and heavy, RequestCore features only the essentials and is very lightweight. It also leverages the batch request support in cURL's `curl_multi_exec()` to enable multi-threaded requests that fire in parallel. + +### Reference and Download + +You can find the class reference at . You can get the code from . + +### License and Copyright + +This code is Copyright (c) 2008-2010, Ryan Parman. However, I'm licensing this code for others to use under the [Simplified BSD license](http://www.opensource.org/licenses/bsd-license.php). diff --git a/3rdparty/aws-sdk/lib/requestcore/cacert.pem b/3rdparty/aws-sdk/lib/requestcore/cacert.pem new file mode 100755 index 00000000000..80bff62fd27 --- /dev/null +++ b/3rdparty/aws-sdk/lib/requestcore/cacert.pem @@ -0,0 +1,3390 @@ +## +## ca-bundle.crt -- Bundle of CA Root Certificates +## +## Certificate data from Mozilla as of: Wed Jan 18 00:04:16 2012 +## +## This is a bundle of X.509 certificates of public Certificate Authorities +## (CA). These were automatically extracted from Mozilla's root certificates +## file (certdata.txt). This file can be found in the mozilla source tree: +## http://mxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1 +## +## It contains the certificates in PEM format and therefore +## can be directly used with curl / libcurl / php_curl, or with +## an Apache+mod_ssl webserver for SSL client authentication. +## Just configure this file as the SSLCACertificateFile. +## + +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Netscape security libraries. +# +# The Initial Developer of the Original Code is +# Netscape Communications Corporation. +# Portions created by the Initial Developer are Copyright (C) 1994-2000 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** +# @(#) $RCSfile: certdata.txt,v $ $Revision: 1.81 $ $Date: 2012/01/17 22:02:37 $ + +GTE CyberTrust Global Root +========================== +-----BEGIN CERTIFICATE----- +MIICWjCCAcMCAgGlMA0GCSqGSIb3DQEBBAUAMHUxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9HVEUg +Q29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNvbHV0aW9ucywgSW5jLjEjMCEG +A1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJvb3QwHhcNOTgwODEzMDAyOTAwWhcNMTgwODEz +MjM1OTAwWjB1MQswCQYDVQQGEwJVUzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQL +Ex5HVEUgQ3liZXJUcnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0 +IEdsb2JhbCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVD6C28FCc6HrHiM3dFw4u +sJTQGz0O9pTAipTHBsiQl8i4ZBp6fmw8U+E3KHNgf7KXUwefU/ltWJTSr41tiGeA5u2ylc9yMcql +HHK6XALnZELn+aks1joNrI1CqiQBOeacPwGFVw1Yh0X404Wqk2kmhXBIgD8SFcd5tB8FLztimQID +AQABMA0GCSqGSIb3DQEBBAUAA4GBAG3rGwnpXtlR22ciYaQqPEh346B8pt5zohQDhT37qw4wxYMW +M4ETCJ57NE7fQMh017l93PR2VX2bY1QY6fDq81yx2YtCHrnAlU66+tXifPVoYb+O7AWXX1uw16OF +NMQkpw0PlZPvy5TYnh+dXIVtx6quTx8itc2VrbqnzPmrC3p/ +-----END CERTIFICATE----- + +Thawte Server CA +================ +-----BEGIN CERTIFICATE----- +MIIDEzCCAnygAwIBAgIBATANBgkqhkiG9w0BAQQFADCBxDELMAkGA1UEBhMCWkExFTATBgNVBAgT +DFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYDVQQKExRUaGF3dGUgQ29uc3Vs +dGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UE +AxMQVGhhd3RlIFNlcnZlciBDQTEmMCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5j +b20wHhcNOTYwODAxMDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCBxDELMAkGA1UEBhMCWkExFTATBgNV +BAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYDVQQKExRUaGF3dGUgQ29u +c3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcG +A1UEAxMQVGhhd3RlIFNlcnZlciBDQTEmMCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0 +ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANOkUG7I/1Zr5s9dtuoMaHVHoqrC2oQl +/Kj0R1HahbUgdJSGHg91yekIYfUGbTBuFRkC6VLAYttNmZ7iagxEOM3+vuNkCXDF/rFrKbYvScg7 +1CcEJRCXL+eQbcAoQpnXTEPew/UhbVSfXcNY4cDk2VuwuNy0e982OsK1ZiIS1ocNAgMBAAGjEzAR +MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAB/pMaVz7lcxG7oWDTSEwjsrZqG9J +GubaUeNgcGyEYRGhGshIPllDfU+VPaGLtwtimHp1it2ITk6eQNuozDJ0uW8NxuOzRAvZim+aKZuZ +GCg70eNAKJpaPNW15yAbi8qkq43pUdniTCxZqdq5snUb9kLy78fyGPmJvKP/iiMucEc= +-----END CERTIFICATE----- + +Thawte Premium Server CA +======================== +-----BEGIN CERTIFICATE----- +MIIDJzCCApCgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBzjELMAkGA1UEBhMCWkExFTATBgNVBAgT +DFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYDVQQKExRUaGF3dGUgQ29uc3Vs +dGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UE +AxMYVGhhd3RlIFByZW1pdW0gU2VydmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNlcnZl +ckB0aGF3dGUuY29tMB4XDTk2MDgwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgc4xCzAJBgNVBAYT +AlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU +VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2 +aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBDQTEoMCYGCSqGSIb3DQEJARYZ +cHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0jY2 +aovXwlue2oFBYo847kkEVdbQ7xwblRZH7xhINTpS9CtqBo87L+pW46+GjZ4X9560ZXUCTe/LCaIh +Udib0GfQug2SBhRz1JPLlyoAnFxODLz6FVL88kRu2hFKbgifLy3j+ao6hnO2RlNYyIkFvYMRuHM/ +qgeN9EJN50CdHDcCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQAm +SCwWwlj66BZ0DKqqX1Q/8tfJeGBeXm43YyJ3Nn6yF8Q0ufUIhfzJATj/Tb7yFkJD57taRvvBxhEf +8UqwKEbJw8RCfbz6q1lu1bdRiBHjpIUZa4JMpAwSremkrj/xw0llmozFyD4lt5SZu5IycQfwhl7t +UCemDaYj+bvLpgcUQg== +-----END CERTIFICATE----- + +Equifax Secure CA +================= +-----BEGIN CERTIFICATE----- +MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJVUzEQMA4GA1UE +ChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 +MB4XDTk4MDgyMjE2NDE1MVoXDTE4MDgyMjE2NDE1MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoT +B0VxdWlmYXgxLTArBgNVBAsTJEVxdWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eTCB +nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0fCG2RFGiYCh7+2gRvE4RiIcPR +fM6fBeC4AfBONOziipUEZKzxa1NfBbPLZ4C/QgKO/t0BCezhABRP/PvwDN1Dulsr4R+AcJkVV5MW +8Q+XarfCaCMczE1ZMKxRHjuvK9buY0V7xdlfUNLjUA86iOe/FP3gx7kCAwEAAaOCAQkwggEFMHAG +A1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UE +CxMkRXF1aWZheCBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoG +A1UdEAQTMBGBDzIwMTgwODIyMTY0MTUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvS +spXXR9gjIBBPM5iQn9QwHQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdEwQFMAMB +Af8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUAA4GBAFjOKer89961 +zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y7qj/WsjTVbJmcVfewCHrPSqnI0kB +BIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee95 +70+sB3c4 +-----END CERTIFICATE----- + +Digital Signature Trust Co. Global CA 1 +======================================= +-----BEGIN CERTIFICATE----- +MIIDKTCCApKgAwIBAgIENnAVljANBgkqhkiG9w0BAQUFADBGMQswCQYDVQQGEwJVUzEkMCIGA1UE +ChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMREwDwYDVQQLEwhEU1RDQSBFMTAeFw05ODEy +MTAxODEwMjNaFw0xODEyMTAxODQwMjNaMEYxCzAJBgNVBAYTAlVTMSQwIgYDVQQKExtEaWdpdGFs +IFNpZ25hdHVyZSBUcnVzdCBDby4xETAPBgNVBAsTCERTVENBIEUxMIGdMA0GCSqGSIb3DQEBAQUA +A4GLADCBhwKBgQCgbIGpzzQeJN3+hijM3oMv+V7UQtLodGBmE5gGHKlREmlvMVW5SXIACH7TpWJE +NySZj9mDSI+ZbZUTu0M7LklOiDfBu1h//uG9+LthzfNHwJmm8fOR6Hh8AMthyUQncWlVSn5JTe2i +o74CTADKAqjuAQIxZA9SLRN0dja1erQtcQIBA6OCASQwggEgMBEGCWCGSAGG+EIBAQQEAwIABzBo +BgNVHR8EYTBfMF2gW6BZpFcwVTELMAkGA1UEBhMCVVMxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0 +dXJlIFRydXN0IENvLjERMA8GA1UECxMIRFNUQ0EgRTExDTALBgNVBAMTBENSTDEwKwYDVR0QBCQw +IoAPMTk5ODEyMTAxODEwMjNagQ8yMDE4MTIxMDE4MTAyM1owCwYDVR0PBAQDAgEGMB8GA1UdIwQY +MBaAFGp5fpFpRhgTCgJ3pVlbYJglDqL4MB0GA1UdDgQWBBRqeX6RaUYYEwoCd6VZW2CYJQ6i+DAM +BgNVHRMEBTADAQH/MBkGCSqGSIb2fQdBAAQMMAobBFY0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4GB +ACIS2Hod3IEGtgllsofIH160L+nEHvI8wbsEkBFKg05+k7lNQseSJqBcNJo4cvj9axY+IO6CizEq +kzaFI4iKPANo08kJD038bKTaKHKTDomAsH3+gG9lbRgzl4vCa4nuYD3Im+9/KzJic5PLPON74nZ4 +RbyhkwS7hp86W0N6w4pl +-----END CERTIFICATE----- + +Digital Signature Trust Co. Global CA 3 +======================================= +-----BEGIN CERTIFICATE----- +MIIDKTCCApKgAwIBAgIENm7TzjANBgkqhkiG9w0BAQUFADBGMQswCQYDVQQGEwJVUzEkMCIGA1UE +ChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMREwDwYDVQQLEwhEU1RDQSBFMjAeFw05ODEy +MDkxOTE3MjZaFw0xODEyMDkxOTQ3MjZaMEYxCzAJBgNVBAYTAlVTMSQwIgYDVQQKExtEaWdpdGFs +IFNpZ25hdHVyZSBUcnVzdCBDby4xETAPBgNVBAsTCERTVENBIEUyMIGdMA0GCSqGSIb3DQEBAQUA +A4GLADCBhwKBgQC/k48Xku8zExjrEH9OFr//Bo8qhbxe+SSmJIi2A7fBw18DW9Fvrn5C6mYjuGOD +VvsoLeE4i7TuqAHhzhy2iCoiRoX7n6dwqUcUP87eZfCocfdPJmyMvMa1795JJ/9IKn3oTQPMx7JS +xhcxEzu1TdvIxPbDDyQq2gyd55FbgM2UnQIBA6OCASQwggEgMBEGCWCGSAGG+EIBAQQEAwIABzBo +BgNVHR8EYTBfMF2gW6BZpFcwVTELMAkGA1UEBhMCVVMxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0 +dXJlIFRydXN0IENvLjERMA8GA1UECxMIRFNUQ0EgRTIxDTALBgNVBAMTBENSTDEwKwYDVR0QBCQw +IoAPMTk5ODEyMDkxOTE3MjZagQ8yMDE4MTIwOTE5MTcyNlowCwYDVR0PBAQDAgEGMB8GA1UdIwQY +MBaAFB6CTShlgDzJQW6sNS5ay97u+DlbMB0GA1UdDgQWBBQegk0oZYA8yUFurDUuWsve7vg5WzAM +BgNVHRMEBTADAQH/MBkGCSqGSIb2fQdBAAQMMAobBFY0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4GB +AEeNg61i8tuwnkUiBbmi1gMOOHLnnvx75pO2mqWilMg0HZHRxdf0CiUPPXiBng+xZ8SQTGPdXqfi +up/1902lMXucKS1M/mQ+7LZT/uqb7YLbdHVLB3luHtgZg3Pe9T7Qtd7nS2h9Qy4qIOF+oHhEngj1 +mPnHfxsb1gYgAlihw6ID +-----END CERTIFICATE----- + +Verisign Class 3 Public Primary Certification Authority +======================================================= +-----BEGIN CERTIFICATE----- +MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMx +FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmltYXJ5 +IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVow +XzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAz +IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUA +A4GNADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhEBarsAx94 +f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/isI19wKTakyYbnsZogy1Ol +hec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0GCSqGSIb3DQEBAgUAA4GBALtMEivPLCYA +TxQT3ab7/AoRhIzzKBxnki98tsX63/Dolbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59Ah +WM1pF+NEHJwZRDmJXNycAA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2Omuf +Tqj/ZA1k +-----END CERTIFICATE----- + +Verisign Class 3 Public Primary Certification Authority - G2 +============================================================ +-----BEGIN CERTIFICATE----- +MIIDAjCCAmsCEH3Z/gfPqB63EHln+6eJNMYwDQYJKoZIhvcNAQEFBQAwgcExCzAJBgNVBAYTAlVT +MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMyBQdWJsaWMgUHJpbWFy +eSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2ln +biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz +dCBOZXR3b3JrMB4XDTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVT +MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMyBQdWJsaWMgUHJpbWFy +eSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2ln +biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz +dCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMXtERXVxp0KvTuWpMmR9ZmDCO +FoUgRm1HP9SFIIThbbP4pO0M8RcPO/mn+SXXwc+EY/J8Y8+iR/LGWzOOZEAEaMGAuWQcRXfH2G71 +lSk8UOg013gfqLptQ5GVj0VXXn7F+8qkBOvqlzdUMG+7AUcyM83cV5tkaWH4mx0ciU9cZwIDAQAB +MA0GCSqGSIb3DQEBBQUAA4GBAFFNzb5cy5gZnBWyATl4Lk0PZ3BwmcYQWpSkU01UbSuvDV1Ai2TT +1+7eVmGSX6bEHRBhNtMsJzzoKQm5EWR0zLVznxxIqbxhAe7iF6YM40AIOw7n60RzKprxaZLvcRTD +Oaxxp5EJb+RxBrO6WVcmeQD2+A2iMzAo1KpYoJ2daZH9 +-----END CERTIFICATE----- + +GlobalSign Root CA +================== +-----BEGIN CERTIFICATE----- +MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkGA1UEBhMCQkUx +GTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jvb3QgQ0ExGzAZBgNVBAMTEkds +b2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAwMDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNV +BAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYD +VQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa +DuaZjc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavpxy0Sy6sc +THAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp1Wrjsok6Vjk4bwY8iGlb +Kk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdGsnUOhugZitVtbNV4FpWi6cgKOOvyJBNP +c1STE4U6G7weNLWLBYy5d4ux2x8gkasJU26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrX +gzT/LCrBbBlDSgeF59N89iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV +HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0BAQUF +AAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOzyj1hTdNGCbM+w6Dj +Y1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE38NflNUVyRRBnMRddWQVDf9VMOyG +j/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymPAbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhH +hm4qxFYxldBniYUr+WymXUadDKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveC +X4XSQRjbgbMEHMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A== +-----END CERTIFICATE----- + +GlobalSign Root CA - R2 +======================= +-----BEGIN CERTIFICATE----- +MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4GA1UECxMXR2xv +YmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2Jh +bFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxT +aWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2ln +bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6 +ErPLv4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8eoLrvozp +s6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklqtTleiDTsvHgMCJiEbKjN +S7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzdC9XZzPnqJworc5HGnRusyMvo4KD0L5CL +TfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pazq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6C +ygPCm48CAwEAAaOBnDCBmTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E +FgQUm+IHV2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5nbG9i +YWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG3lm0mi3f3BmGLjAN +BgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4GsJ0/WwbgcQ3izDJr86iw8bmEbTUsp +9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu +01yiPqFbQfXf5WRDLenVOavSot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG7 +9G+dwfCMNYxdAfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7 +TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg== +-----END CERTIFICATE----- + +ValiCert Class 1 VA +=================== +-----BEGIN CERTIFICATE----- +MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRp +b24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs +YXNzIDEgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZh +bGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNTIy +MjM0OFoXDTE5MDYyNTIyMjM0OFowgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0 +d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDEg +UG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0 +LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMIGfMA0GCSqGSIb3DQEBAQUA +A4GNADCBiQKBgQDYWYJ6ibiWuqYvaG9YLqdUHAZu9OqNSLwxlBfw8068srg1knaw0KWlAdcAAxIi +GQj4/xEjm84H9b9pGib+TunRf50sQB1ZaG6m+FiwnRqP0z/x3BkGgagO4DrdyFNFCQbmD3DD+kCm +DuJWBQ8YTfwggtFzVXSNdnKgHZ0dwN0/cQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFBoPUn0LBwG +lN+VYH+Wexf+T3GtZMjdd9LvWVXoP+iOBSoh8gfStadS/pyxtuJbdxdA6nLWI8sogTLDAHkY7FkX +icnGah5xyf23dKUlRWnFSKsZ4UWKJWsZ7uW7EvV/96aNUcPwnXS3qT6gpf+2SQMT2iLM7XGCK5nP +Orf1LXLI +-----END CERTIFICATE----- + +ValiCert Class 2 VA +=================== +-----BEGIN CERTIFICATE----- +MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRp +b24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs +YXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZh +bGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAw +MTk1NFoXDTE5MDYyNjAwMTk1NFowgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0 +d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIg +UG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0 +LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMIGfMA0GCSqGSIb3DQEBAQUA +A4GNADCBiQKBgQDOOnHK5avIWZJV16vYdA757tn2VUdZZUcOBVXc65g2PFxTXdMwzzjsvUGJ7SVC +CSRrCl6zfN1SLUzm1NZ9WlmpZdRJEy0kTRxQb7XBhVQ7/nHk01xC+YDgkRoKWzk2Z/M/VXwbP7Rf +ZHM047QSv4dk+NoS/zcnwbNDu+97bi5p9wIDAQABMA0GCSqGSIb3DQEBBQUAA4GBADt/UG9vUJSZ +SWI4OB9L+KXIPqeCgfYrx+jFzug6EILLGACOTb2oWH+heQC1u+mNr0HZDzTuIYEZoDJJKPTEjlbV +UjP9UNV+mWwD5MlM/Mtsq2azSiGM5bUMMj4QssxsodyamEwCW/POuZ6lcg5Ktz885hZo+L7tdEy8 +W9ViH0Pd +-----END CERTIFICATE----- + +RSA Root Certificate 1 +====================== +-----BEGIN CERTIFICATE----- +MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRp +b24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs +YXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZh +bGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAw +MjIzM1oXDTE5MDYyNjAwMjIzM1owgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0 +d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDMg +UG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0 +LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMIGfMA0GCSqGSIb3DQEBAQUA +A4GNADCBiQKBgQDjmFGWHOjVsQaBalfDcnWTq8+epvzzFlLWLU2fNUSoLgRNB0mKOCn1dzfnt6td +3zZxFJmP3MKS8edgkpfs2Ejcv8ECIMYkpChMMFp2bbFc893enhBxoYjHW5tBbcqwuI4V7q0zK89H +BFx1cQqYJJgpp0lZpd34t0NiYfPT4tBVPwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFa7AliEZwgs +3x/be0kz9dNnnfS0ChCzycUs4pJqcXgn8nCDQtM+z6lU9PHYkhaM0QTLS6vJn0WuPIqpsHEzXcjF +V9+vqDWzf4mH6eglkrh/hXqu1rweN1gqZ8mRzyqBPu3GOd/APhmcGcwTTYJBtYze4D1gCCAPRX5r +on+jjBXu +-----END CERTIFICATE----- + +Verisign Class 3 Public Primary Certification Authority - G3 +============================================================ +-----BEGIN CERTIFICATE----- +MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQswCQYDVQQGEwJV +UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv +cmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl +IG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQsw +CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy +dXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhv +cml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDMgUHVibGljIFByaW1hcnkg +Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAMu6nFL8eB8aHm8bN3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1 +EUGO+i2tKmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGukxUc +cLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBmCC+Vk7+qRy+oRpfw +EuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJXwzw3sJ2zq/3avL6QaaiMxTJ5Xpj +055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWuimi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEA +ERSWwauSCPc/L8my/uRan2Te2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5f +j267Cz3qWhMeDGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC +/Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565pF4ErWjfJXir0 +xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGtTxzhT5yvDwyd93gN2PQ1VoDa +t20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ== +-----END CERTIFICATE----- + +Verisign Class 4 Public Primary Certification Authority - G3 +============================================================ +-----BEGIN CERTIFICATE----- +MIIEGjCCAwICEQDsoKeLbnVqAc/EfMwvlF7XMA0GCSqGSIb3DQEBBQUAMIHKMQswCQYDVQQGEwJV +UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv +cmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl +IG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDQgUHVibGljIFByaW1hcnkgQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQsw +CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy +dXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhv +cml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDQgUHVibGljIFByaW1hcnkg +Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAK3LpRFpxlmr8Y+1GQ9Wzsy1HyDkniYlS+BzZYlZ3tCD5PUPtbut8XzoIfzk6AzufEUiGXaS +tBO3IFsJ+mGuqPKljYXCKtbeZjbSmwL0qJJgfJxptI8kHtCGUvYynEFYHiK9zUVilQhu0GbdU6LM +8BDcVHOLBKFGMzNcF0C5nk3T875Vg+ixiY5afJqWIpA7iCXy0lOIAgwLePLmNxdLMEYH5IBtptiW +Lugs+BGzOA1mppvqySNb247i8xOOGlktqgLw7KSHZtzBP/XYufTsgsbSPZUd5cBPhMnZo0QoBmrX +Razwa2rvTl/4EYIeOGM0ZlDUPpNz+jDDZq3/ky2X7wMCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEA +j/ola09b5KROJ1WrIhVZPMq1CtRK26vdoV9TxaBXOcLORyu+OshWv8LZJxA6sQU8wHcxuzrTBXtt +mhwwjIDLk5Mqg6sFUYICABFna/OIYUdfA5PVWw3g8dShMjWFsjrbsIKr0csKvE+MW8VLADsfKoKm +fjaF3H48ZwC15DtS4KjrXRX5xm3wrR0OhbepmnMUWluPQSjA1egtTaRezarZ7c7c2NU8Qh0XwRJd +RTjDOPP8hS6DRkiy1yBfkjaP53kPmF6Z6PDQpLv1U70qzlmwr25/bLvSHgCwIe34QWKCudiyxLtG +UPMxxY8BqHTr9Xgn2uf3ZkPznoM+IKrDNWCRzg== +-----END CERTIFICATE----- + +Entrust.net Secure Server CA +============================ +-----BEGIN CERTIFICATE----- +MIIE2DCCBEGgAwIBAgIEN0rSQzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMCVVMxFDASBgNV +BAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5uZXQvQ1BTIGluY29ycC4gYnkg +cmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRl +ZDE6MDgGA1UEAxMxRW50cnVzdC5uZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhv +cml0eTAeFw05OTA1MjUxNjA5NDBaFw0xOTA1MjUxNjM5NDBaMIHDMQswCQYDVQQGEwJVUzEUMBIG +A1UEChMLRW50cnVzdC5uZXQxOzA5BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5jb3JwLiBi +eSByZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBFbnRydXN0Lm5ldCBMaW1p +dGVkMTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0 +aG9yaXR5MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQDNKIM0VBuJ8w+vN5Ex/68xYMmo6LIQ +aO2f55M28Qpku0f1BBc/I0dNxScZgSYMVHINiC3ZH5oSn7yzcdOAGT9HZnuMNSjSuQrfJNqc1lB5 +gXpa0zf3wkrYKZImZNHkmGw6AIr1NJtl+O3jEP/9uElY3KDegjlrgbEWGWG5VLbmQwIBA6OCAdcw +ggHTMBEGCWCGSAGG+EIBAQQEAwIABzCCARkGA1UdHwSCARAwggEMMIHeoIHboIHYpIHVMIHSMQsw +CQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxOzA5BgNVBAsTMnd3dy5lbnRydXN0Lm5l +dC9DUFMgaW5jb3JwLiBieSByZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBF +bnRydXN0Lm5ldCBMaW1pdGVkMTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUgU2VydmVyIENl +cnRpZmljYXRpb24gQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMCmgJ6AlhiNodHRwOi8vd3d3LmVu +dHJ1c3QubmV0L0NSTC9uZXQxLmNybDArBgNVHRAEJDAigA8xOTk5MDUyNTE2MDk0MFqBDzIwMTkw +NTI1MTYwOTQwWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAU8BdiE1U9s/8KAGv7UISX8+1i0Bow +HQYDVR0OBBYEFPAXYhNVPbP/CgBr+1CEl/PtYtAaMAwGA1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EA +BAwwChsEVjQuMAMCBJAwDQYJKoZIhvcNAQEFBQADgYEAkNwwAvpkdMKnCqV8IY00F6j7Rw7/JXyN +Ewr75Ji174z4xRAN95K+8cPV1ZVqBLssziY2ZcgxxufuP+NXdYR6Ee9GTxj005i7qIcyunL2POI9 +n9cd2cNgQ4xYDiKWL2KjLB+6rQXvqzJ4h6BUcxm1XAX5Uj5tLUUL9wqT6u0G+bI= +-----END CERTIFICATE----- + +Entrust.net Premium 2048 Secure Server CA +========================================= +-----BEGIN CERTIFICATE----- +MIIEXDCCA0SgAwIBAgIEOGO5ZjANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChMLRW50cnVzdC5u +ZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBpbmNvcnAuIGJ5IHJlZi4gKGxp +bWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNV +BAMTKkVudHJ1c3QubmV0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQx +NzUwNTFaFw0xOTEyMjQxODIwNTFaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3 +d3d3LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTEl +MCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5u +ZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEArU1LqRKGsuqjIAcVFmQqK0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOL +Gp18EzoOH1u3Hs/lJBQesYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSr +hRSGlVuXMlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVTXTzW +nLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/HoZdenoVve8AjhUi +VBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH4QIDAQABo3QwcjARBglghkgBhvhC +AQEEBAMCAAcwHwYDVR0jBBgwFoAUVeSB0RGAvtiJuQijMfmhJAkWuXAwHQYDVR0OBBYEFFXkgdER +gL7YibkIozH5oSQJFrlwMB0GCSqGSIb2fQdBAAQQMA4bCFY1LjA6NC4wAwIEkDANBgkqhkiG9w0B +AQUFAAOCAQEAWUesIYSKF8mciVMeuoCFGsY8Tj6xnLZ8xpJdGGQC49MGCBFhfGPjK50xA3B20qMo +oPS7mmNz7W3lKtvtFKkrxjYR0CvrB4ul2p5cGZ1WEvVUKcgF7bISKo30Axv/55IQh7A6tcOdBTcS +o8f0FbnVpDkWm1M6I5HxqIKiaohowXkCIryqptau37AUX7iH0N18f3v/rxzP5tsHrV7bhZ3QKw0z +2wTR5klAEyt2+z7pnIkPFc4YsIV4IU9rTw76NmfNB/L/CNDi3tm/Kq+4h4YhPATKt5Rof8886ZjX +OP/swNlQ8C5LWK5Gb9Auw2DaclVyvUxFnmG6v4SBkgPR0ml8xQ== +-----END CERTIFICATE----- + +Baltimore CyberTrust Root +========================= +-----BEGIN CERTIFICATE----- +MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJRTESMBAGA1UE +ChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3li +ZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoXDTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMC +SUUxEjAQBgNVBAoTCUJhbHRpbW9yZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFs +dGltb3JlIEN5YmVyVHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKME +uyKrmD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjrIZ3AQSsB +UnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeKmpYcqWe4PwzV9/lSEy/C +G9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSuXmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9 +XbIGevOF6uvUA65ehD5f/xXtabz5OTZydc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjpr +l3RjM71oGDHweI12v/yejl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoI +VDaGezq1BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEB +BQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT929hkTI7gQCvlYpNRh +cL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3WgxjkzSswF07r51XgdIGn9w/xZchMB5 +hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsa +Y71k5h+3zvDyny67G7fyUIhzksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9H +RCwBXbsdtTLSR9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp +-----END CERTIFICATE----- + +Equifax Secure Global eBusiness CA +================================== +-----BEGIN CERTIFICATE----- +MIICkDCCAfmgAwIBAgIBATANBgkqhkiG9w0BAQQFADBaMQswCQYDVQQGEwJVUzEcMBoGA1UEChMT +RXF1aWZheCBTZWN1cmUgSW5jLjEtMCsGA1UEAxMkRXF1aWZheCBTZWN1cmUgR2xvYmFsIGVCdXNp +bmVzcyBDQS0xMB4XDTk5MDYyMTA0MDAwMFoXDTIwMDYyMTA0MDAwMFowWjELMAkGA1UEBhMCVVMx +HDAaBgNVBAoTE0VxdWlmYXggU2VjdXJlIEluYy4xLTArBgNVBAMTJEVxdWlmYXggU2VjdXJlIEds +b2JhbCBlQnVzaW5lc3MgQ0EtMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuucXkAJlsTRV +PEnCUdXfp9E3j9HngXNBUmCbnaEXJnitx7HoJpQytd4zjTov2/KaelpzmKNc6fuKcxtc58O/gGzN +qfTWK8D3+ZmqY6KxRwIP1ORROhI8bIpaVIRw28HFkM9yRcuoWcDNM50/o5brhTMhHD4ePmBudpxn +hcXIw2ECAwEAAaNmMGQwEQYJYIZIAYb4QgEBBAQDAgAHMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0j +BBgwFoAUvqigdHJQa0S3ySPY+6j/s1draGwwHQYDVR0OBBYEFL6ooHRyUGtEt8kj2Puo/7NXa2hs +MA0GCSqGSIb3DQEBBAUAA4GBADDiAVGqx+pf2rnQZQ8w1j7aDRRJbpGTJxQx78T3LUX47Me/okEN +I7SS+RkAZ70Br83gcfxaz2TE4JaY0KNA4gGK7ycH8WUBikQtBmV1UsCGECAhX2xrD2yuCRyv8qIY +NMR1pHMc8Y3c7635s3a0kr/clRAevsvIO1qEYBlWlKlV +-----END CERTIFICATE----- + +Equifax Secure eBusiness CA 1 +============================= +-----BEGIN CERTIFICATE----- +MIICgjCCAeugAwIBAgIBBDANBgkqhkiG9w0BAQQFADBTMQswCQYDVQQGEwJVUzEcMBoGA1UEChMT +RXF1aWZheCBTZWN1cmUgSW5jLjEmMCQGA1UEAxMdRXF1aWZheCBTZWN1cmUgZUJ1c2luZXNzIENB +LTEwHhcNOTkwNjIxMDQwMDAwWhcNMjAwNjIxMDQwMDAwWjBTMQswCQYDVQQGEwJVUzEcMBoGA1UE +ChMTRXF1aWZheCBTZWN1cmUgSW5jLjEmMCQGA1UEAxMdRXF1aWZheCBTZWN1cmUgZUJ1c2luZXNz +IENBLTEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM4vGbwXt3fek6lfWg0XTzQaDJj0ItlZ +1MRoRvC0NcWFAyDGr0WlIVFFQesWWDYyb+JQYmT5/VGcqiTZ9J2DKocKIdMSODRsjQBuWqDZQu4a +IZX5UkxVWsUPOE9G+m34LjXWHXzr4vCwdYDIqROsvojvOm6rXyo4YgKwEnv+j6YDAgMBAAGjZjBk +MBEGCWCGSAGG+EIBAQQEAwIABzAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFEp4MlIR21kW +Nl7fwRQ2QGpHfEyhMB0GA1UdDgQWBBRKeDJSEdtZFjZe38EUNkBqR3xMoTANBgkqhkiG9w0BAQQF +AAOBgQB1W6ibAxHm6VZMzfmpTMANmvPMZWnmJXbMWbfWVMMdzZmsGd20hdXgPfxiIKeES1hl8eL5 +lSE/9dR+WB5Hh1Q+WKG1tfgq73HnvMP2sUlG4tega+VWeponmHxGYhTnyfxuAxJ5gDgdSIKN/Bf+ +KpYrtWKmpj29f5JZzVoqgrI3eQ== +-----END CERTIFICATE----- + +Equifax Secure eBusiness CA 2 +============================= +-----BEGIN CERTIFICATE----- +MIIDIDCCAomgAwIBAgIEN3DPtTANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJVUzEXMBUGA1UE +ChMORXF1aWZheCBTZWN1cmUxJjAkBgNVBAsTHUVxdWlmYXggU2VjdXJlIGVCdXNpbmVzcyBDQS0y +MB4XDTk5MDYyMzEyMTQ0NVoXDTE5MDYyMzEyMTQ0NVowTjELMAkGA1UEBhMCVVMxFzAVBgNVBAoT +DkVxdWlmYXggU2VjdXJlMSYwJAYDVQQLEx1FcXVpZmF4IFNlY3VyZSBlQnVzaW5lc3MgQ0EtMjCB +nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Dk5kx5SBhsoNviyoynF7Y6yEb3+6+e0dMKP/wXn +2Z0GvxLIPw7y1tEkshHe0XMJitSxLJgJDR5QRrKDpkWNYmi7hRsgcDKqQM2mll/EcTc/BPO3QSQ5 +BxoeLmFYoBIL5aXfxavqN3HMHMg3OrmXUqesxWoklE6ce8/AatbfIb0CAwEAAaOCAQkwggEFMHAG +A1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEXMBUGA1UEChMORXF1aWZheCBTZWN1cmUx +JjAkBgNVBAsTHUVxdWlmYXggU2VjdXJlIGVCdXNpbmVzcyBDQS0yMQ0wCwYDVQQDEwRDUkwxMBoG +A1UdEAQTMBGBDzIwMTkwNjIzMTIxNDQ1WjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUUJ4L6q9e +uSBIplBqy/3YIHqngnYwHQYDVR0OBBYEFFCeC+qvXrkgSKZQasv92CB6p4J2MAwGA1UdEwQFMAMB +Af8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUAA4GBAAyGgq3oThr1 +jokn4jVYPSm0B482UJW/bsGe68SQsoWou7dC4A8HOd/7npCy0cE+U58DRLB+S/Rv5Hwf5+Kx5Lia +78O9zt4LMjTZ3ijtM2vE1Nc9ElirfQkty3D1E4qUoSek1nDFbZS1yX2doNLGCEnZZpum0/QL3MUm +V+GRMOrN +-----END CERTIFICATE----- + +AddTrust Low-Value Services Root +================================ +-----BEGIN CERTIFICATE----- +MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML +QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRU +cnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMwMTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQsw +CQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBO +ZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ulCDtbKRY6 +54eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6ntGO0/7Gcrjyvd7ZWxbWr +oulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyldI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1 +Zmne3yzxbrww2ywkEtvrNTVokMsAsJchPXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJui +GMx1I4S+6+JNM3GOGvDC+Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8w +HQYDVR0OBBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8EBTAD +AQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBlMQswCQYDVQQGEwJT +RTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEw +HwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxt +ZBsfzQ3duQH6lmM0MkhHma6X7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0Ph +iVYrqW9yTkkz43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY +eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJlpz/+0WatC7xr +mYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOAWiFeIc9TVPC6b4nbqKqVz4vj +ccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk= +-----END CERTIFICATE----- + +AddTrust External Root +====================== +-----BEGIN CERTIFICATE----- +MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEUMBIGA1UEChML +QWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYD +VQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEw +NDgzOFowbzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRU +cnVzdCBFeHRlcm5hbCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0Eg +Um9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvtH7xsD821 ++iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9uMq/NzgtHj6RQa1wVsfw +Tz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzXmk6vBbOmcZSccbNQYArHE504B4YCqOmo +aSYYkKtMsE8jqzpPhNjfzp/haW+710LXa0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy +2xSoRcRdKn23tNbE7qzNE0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv7 +7+ldU9U0WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYDVR0P +BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0Jvf6xCZU7wO94CTL +VBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEmMCQGA1UECxMdQWRk +VHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsxIjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENB +IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZl +j7DYd7usQWxHYINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5 +6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvCNr4TDea9Y355 +e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEXc4g/VhsxOBi0cQ+azcgOno4u +G+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5amnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ= +-----END CERTIFICATE----- + +AddTrust Public Services Root +============================= +-----BEGIN CERTIFICATE----- +MIIEFTCCAv2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJTRTEUMBIGA1UEChML +QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSAwHgYDVQQDExdBZGRU +cnVzdCBQdWJsaWMgQ0EgUm9vdDAeFw0wMDA1MzAxMDQxNTBaFw0yMDA1MzAxMDQxNTBaMGQxCzAJ +BgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5l +dHdvcmsxIDAeBgNVBAMTF0FkZFRydXN0IFB1YmxpYyBDQSBSb290MIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+A3S72mnTRqX4jsIMEZBRpS9mVEBV6tsfSlbu +nyNu9DnLoblv8n75XYcmYZ4c+OLspoH4IcUkzBEMP9smcnrHAZcHF/nXGCwwfQ56HmIexkvA/X1i +d9NEHif2P0tEs7c42TkfYNVRknMDtABp4/MUTu7R3AnPdzRGULD4EfL+OHn3Bzn+UZKXC1sIXzSG +Aa2Il+tmzV7R/9x98oTaunet3IAIx6eH1lWfl2royBFkuucZKT8Rs3iQhCBSWxHveNCD9tVIkNAw +HM+A+WD+eeSI8t0A65RF62WUaUC6wNW0uLp9BBGo6zEFlpROWCGOn9Bg/QIDAQABo4HRMIHOMB0G +A1UdDgQWBBSBPjfYkrAfd59ctKtzquf2NGAv+jALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB +/zCBjgYDVR0jBIGGMIGDgBSBPjfYkrAfd59ctKtzquf2NGAv+qFopGYwZDELMAkGA1UEBhMCU0Ux +FDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRUcnVzdCBUVFAgTmV0d29yazEgMB4G +A1UEAxMXQWRkVHJ1c3QgUHVibGljIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBAAP3FUr4 +JNojVhaTdt02KLmuG7jD8WS6IBh4lSknVwW8fCr0uVFV2ocC3g8WFzH4qnkuCRO7r7IgGRLlk/lL ++YPoRNWyQSW/iHVv/xD8SlTQX/D67zZzfRs2RcYhbbQVuE7PnFylPVoAjgbjPGsye/Kf8Lb93/Ao +GEjwxrzQvzSAlsJKsW2Ox5BF3i9nrEUEo3rcVZLJR2bYGozH7ZxOmuASu7VqTITh4SINhwBk/ox9 +Yjllpu9CtoAlEmEBqCQTcAARJl/6NVDFSMwGR+gn2HCNX2TmoUQmXiLsks3/QppEIW1cxeMiHV9H +EufOX1362KqxMy3ZdvJOOjMMK7MtkAY= +-----END CERTIFICATE----- + +AddTrust Qualified Certificates Root +==================================== +-----BEGIN CERTIFICATE----- +MIIEHjCCAwagAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJTRTEUMBIGA1UEChML +QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSMwIQYDVQQDExpBZGRU +cnVzdCBRdWFsaWZpZWQgQ0EgUm9vdDAeFw0wMDA1MzAxMDQ0NTBaFw0yMDA1MzAxMDQ0NTBaMGcx +CzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQ +IE5ldHdvcmsxIzAhBgNVBAMTGkFkZFRydXN0IFF1YWxpZmllZCBDQSBSb290MIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoekn0e+EV+vhDTbYjx5eLfpMLXsDBwqxBb/4Oxx +64r1EW7tTw2R0hIYLUkVAcKkIhPHEWT/IhKauY5cLwjPcWqzZwFZ8V1G87B4pfYOQnrjfxvM0PC3 +KP0q6p6zsLkEqv32x7SxuCqg+1jxGaBvcCV+PmlKfw8i2O+tCBGaKZnhqkRFmhJePp1tUvznoD1o +L/BLcHwTOK28FSXx1s6rosAx1i+f4P8UWfyEk9mHfExUE+uf0S0R+Bg6Ot4l2ffTQO2kBhLEO+GR +wVY18BTcZTYJbqukB8c10cIDMzZbdSZtQvESa0NvS3GU+jQd7RNuyoB/mC9suWXY6QIDAQABo4HU +MIHRMB0GA1UdDgQWBBQ5lYtii1zJ1IC6WA+XPxUIQ8yYpzALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/ +BAUwAwEB/zCBkQYDVR0jBIGJMIGGgBQ5lYtii1zJ1IC6WA+XPxUIQ8yYp6FrpGkwZzELMAkGA1UE +BhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRUcnVzdCBUVFAgTmV0d29y +azEjMCEGA1UEAxMaQWRkVHJ1c3QgUXVhbGlmaWVkIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQAD +ggEBABmrder4i2VhlRO6aQTvhsoToMeqT2QbPxj2qC0sVY8FtzDqQmodwCVRLae/DLPt7wh/bDxG +GuoYQ992zPlmhpwsaPXpF/gxsxjE1kh9I0xowX67ARRvxdlu3rsEQmr49lx95dr6h+sNNVJn0J6X +dgWTP5XHAeZpVTh/EGGZyeNfpso+gmNIquIISD6q8rKFYqa0p9m9N5xotS1WfbC3P6CxB9bpT9ze +RXEwMn8bLgn5v1Kh7sKAPgZcLlVAwRv1cEWw3F369nJad9Jjzc9YiQBCYz95OdBEsIJuQRno3eDB +iFrRHnGTHyQwdOUeqN48Jzd/g66ed8/wMLH/S5noxqE= +-----END CERTIFICATE----- + +Entrust Root Certification Authority +==================================== +-----BEGIN CERTIFICATE----- +MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMCVVMxFjAUBgNV +BAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0Lm5ldC9DUFMgaXMgaW5jb3Jw +b3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMWKGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsG +A1UEAxMkRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA2MTEyNzIwMjM0 +MloXDTI2MTEyNzIwNTM0MlowgbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMu +MTkwNwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSByZWZlcmVu +Y2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNVBAMTJEVudHJ1c3QgUm9v +dCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +ALaVtkNC+sZtKm9I35RMOVcF7sN5EUFoNu3s/poBj6E4KPz3EEZmLk0eGrEaTsbRwJWIsMn/MYsz +A9u3g3s+IIRe7bJWKKf44LlAcTfFy0cOlypowCKVYhXbR9n10Cv/gkvJrT7eTNuQgFA/CYqEAOww +Cj0Yzfv9KlmaI5UXLEWeH25DeW0MXJj+SKfFI0dcXv1u5x609mhF0YaDW6KKjbHjKYD+JXGIrb68 +j6xSlkuqUY3kEzEZ6E5Nn9uss2rVvDlUccp6en+Q3X0dgNmBu1kmwhH+5pPi94DkZfs0Nw4pgHBN +rziGLp5/V6+eF67rHMsoIV+2HNjnogQi+dPa2MsCAwEAAaOBsDCBrTAOBgNVHQ8BAf8EBAMCAQYw +DwYDVR0TAQH/BAUwAwEB/zArBgNVHRAEJDAigA8yMDA2MTEyNzIwMjM0MlqBDzIwMjYxMTI3MjA1 +MzQyWjAfBgNVHSMEGDAWgBRokORnpKZTgMeGZqTx90tD+4S9bTAdBgNVHQ4EFgQUaJDkZ6SmU4DH +hmak8fdLQ/uEvW0wHQYJKoZIhvZ9B0EABBAwDhsIVjcuMTo0LjADAgSQMA0GCSqGSIb3DQEBBQUA +A4IBAQCT1DCw1wMgKtD5Y+iRDAUgqV8ZyntyTtSx29CW+1RaGSwMCPeyvIWonX9tO1KzKtvn1ISM +Y/YPyyYBkVBs9F8U4pN0wBOeMDpQ47RgxRzwIkSNcUesyBrJ6ZuaAGAT/3B+XxFNSRuzFVJ7yVTa +v52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP9WQcCk3RvKqsnyrQ/39/2n3qse0wJcGE2jTS +W3iDVuycNsMm4hH2Z0kdkquM++v/eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0 +tHuu2guQOHXvgR1m0vdXcDazv/wor3ElhVsT/h5/WrQ8 +-----END CERTIFICATE----- + +RSA Security 2048 v3 +==================== +-----BEGIN CERTIFICATE----- +MIIDYTCCAkmgAwIBAgIQCgEBAQAAAnwAAAAKAAAAAjANBgkqhkiG9w0BAQUFADA6MRkwFwYDVQQK +ExBSU0EgU2VjdXJpdHkgSW5jMR0wGwYDVQQLExRSU0EgU2VjdXJpdHkgMjA0OCBWMzAeFw0wMTAy +MjIyMDM5MjNaFw0yNjAyMjIyMDM5MjNaMDoxGTAXBgNVBAoTEFJTQSBTZWN1cml0eSBJbmMxHTAb +BgNVBAsTFFJTQSBTZWN1cml0eSAyMDQ4IFYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC +AQEAt49VcdKA3XtpeafwGFAyPGJn9gqVB93mG/Oe2dJBVGutn3y+Gc37RqtBaB4Y6lXIL5F4iSj7 +Jylg/9+PjDvJSZu1pJTOAeo+tWN7fyb9Gd3AIb2E0S1PRsNO3Ng3OTsor8udGuorryGlwSMiuLgb +WhOHV4PR8CDn6E8jQrAApX2J6elhc5SYcSa8LWrg903w8bYqODGBDSnhAMFRD0xS+ARaqn1y07iH +KrtjEAMqs6FPDVpeRrc9DvV07Jmf+T0kgYim3WBU6JU2PcYJk5qjEoAAVZkZR73QpXzDuvsf9/UP ++Ky5tfQ3mBMY3oVbtwyCO4dvlTlYMNpuAWgXIszACwIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/ +MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBQHw1EwpKrpRa41JPr/JCwz0LGdjDAdBgNVHQ4E +FgQUB8NRMKSq6UWuNST6/yQsM9CxnYwwDQYJKoZIhvcNAQEFBQADggEBAF8+hnZuuDU8TjYcHnmY +v/3VEhF5Ug7uMYm83X/50cYVIeiKAVQNOvtUudZj1LGqlk2iQk3UUx+LEN5/Zb5gEydxiKRz44Rj +0aRV4VCT5hsOedBnvEbIvz8XDZXmxpBp3ue0L96VfdASPz0+f00/FGj1EVDVwfSQpQgdMWD/YIwj +VAqv/qFuxdF6Kmh4zx6CCiC0H63lhbJqaHVOrSU3lIW+vaHU6rcMSzyd6BIA8F+sDeGscGNz9395 +nzIlQnQFgCi/vcEkllgVsRch6YlL2weIZ/QVrXA+L02FO8K32/6YaCOJ4XQP3vTFhGMpG8zLB8kA +pKnXwiJPZ9d37CAFYd4= +-----END CERTIFICATE----- + +GeoTrust Global CA +================== +-----BEGIN CERTIFICATE----- +MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVTMRYwFAYDVQQK +Ew1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9iYWwgQ0EwHhcNMDIwNTIxMDQw +MDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5j +LjEbMBkGA1UEAxMSR2VvVHJ1c3QgR2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEA2swYYzD99BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjo +BbdqfnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDviS2Aelet +8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU1XupGc1V3sjs0l44U+Vc +T4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+bw8HHa8sHo9gOeL6NlMTOdReJivbPagU +vTLrGAMoUgRx5aszPeE4uwc2hGKceeoWMPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBTAephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVk +DBF9qn1luMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKInZ57Q +zxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfStQWVYrmm3ok9Nns4 +d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcFPseKUgzbFbS9bZvlxrFUaKnjaZC2 +mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Unhw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6p +XE0zX5IJL4hmXXeXxx12E6nV5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvm +Mw== +-----END CERTIFICATE----- + +GeoTrust Global CA 2 +==================== +-----BEGIN CERTIFICATE----- +MIIDZjCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN +R2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFsIENBIDIwHhcNMDQwMzA0MDUw +MDAwWhcNMTkwMzA0MDUwMDAwWjBEMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5j +LjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFsIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQDvPE1APRDfO1MA4Wf+lGAVPoWI8YkNkMgoI5kF6CsgncbzYEbYwbLVjDHZ3CB5JIG/ +NTL8Y2nbsSpr7iFY8gjpeMtvy/wWUsiRxP89c96xPqfCfWbB9X5SJBri1WeR0IIQ13hLTytCOb1k +LUCgsBDTOEhGiKEMuzozKmKY+wCdE1l/bztyqu6mD4b5BWHqZ38MN5aL5mkWRxHCJ1kDs6ZgwiFA +Vvqgx306E+PsV8ez1q6diYD3Aecs9pYrEw15LNnA5IZ7S4wMcoKK+xfNAGw6EzywhIdLFnopsk/b +HdQL82Y3vdj2V7teJHq4PIu5+pIaGoSe2HSPqht/XvT+RSIhAgMBAAGjYzBhMA8GA1UdEwEB/wQF +MAMBAf8wHQYDVR0OBBYEFHE4NvICMVNHK266ZUapEBVYIAUJMB8GA1UdIwQYMBaAFHE4NvICMVNH +K266ZUapEBVYIAUJMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAQEAA/e1K6tdEPx7 +srJerJsOflN4WT5CBP51o62sgU7XAotexC3IUnbHLB/8gTKY0UvGkpMzNTEv/NgdRN3ggX+d6Yvh +ZJFiCzkIjKx0nVnZellSlxG5FntvRdOW2TF9AjYPnDtuzywNA0ZF66D0f0hExghAzN4bcLUprbqL +OzRldRtxIR0sFAqwlpW41uryZfspuk/qkZN0abby/+Ea0AzRdoXLiiW9l14sbxWZJue2Kf8i7MkC +x1YAzUm5s2x7UwQa4qjJqhIFI8LO57sEAszAR6LkxCkvW0VXiVHuPOtSCP8HNR6fNWpHSlaY0VqF +H4z1Ir+rzoPz4iIprn2DQKi6bA== +-----END CERTIFICATE----- + +GeoTrust Universal CA +===================== +-----BEGIN CERTIFICATE----- +MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN +R2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVyc2FsIENBMB4XDTA0MDMwNDA1 +MDAwMFoXDTI5MDMwNDA1MDAwMFowRTELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IElu +Yy4xHjAcBgNVBAMTFUdlb1RydXN0IFVuaXZlcnNhbCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIP +ADCCAgoCggIBAKYVVaCjxuAfjJ0hUNfBvitbtaSeodlyWL0AG0y/YckUHUWCq8YdgNY96xCcOq9t +JPi8cQGeBvV8Xx7BDlXKg5pZMK4ZyzBIle0iN430SppyZj6tlcDgFgDgEB8rMQ7XlFTTQjOgNB0e +RXbdT8oYN+yFFXoZCPzVx5zw8qkuEKmS5j1YPakWaDwvdSEYfyh3peFhF7em6fgemdtzbvQKoiFs +7tqqhZJmr/Z6a4LauiIINQ/PQvE1+mrufislzDoR5G2vc7J2Ha3QsnhnGqQ5HFELZ1aD/ThdDc7d +8Lsrlh/eezJS/R27tQahsiFepdaVaH/wmZ7cRQg+59IJDTWU3YBOU5fXtQlEIGQWFwMCTFMNaN7V +qnJNk22CDtucvc+081xdVHppCZbW2xHBjXWotM85yM48vCR85mLK4b19p71XZQvk/iXttmkQ3Cga +Rr0BHdCXteGYO8A3ZNY9lO4L4fUorgtWv3GLIylBjobFS1J72HGrH4oVpjuDWtdYAVHGTEHZf9hB +Z3KiKN9gg6meyHv8U3NyWfWTehd2Ds735VzZC1U0oqpbtWpU5xPKV+yXbfReBi9Fi1jUIxaS5BZu +KGNZMN9QAZxjiRqf2xeUgnA3wySemkfWWspOqGmJch+RbNt+nhutxx9z3SxPGWX9f5NAEC7S8O08 +ni4oPmkmM8V7AgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNq7LqqwDLiIJlF0 +XG0D08DYj3rWMB8GA1UdIwQYMBaAFNq7LqqwDLiIJlF0XG0D08DYj3rWMA4GA1UdDwEB/wQEAwIB +hjANBgkqhkiG9w0BAQUFAAOCAgEAMXjmx7XfuJRAyXHEqDXsRh3ChfMoWIawC/yOsjmPRFWrZIRc +aanQmjg8+uUfNeVE44B5lGiku8SfPeE0zTBGi1QrlaXv9z+ZhP015s8xxtxqv6fXIwjhmF7DWgh2 +qaavdy+3YL1ERmrvl/9zlcGO6JP7/TG37FcREUWbMPEaiDnBTzynANXH/KttgCJwpQzgXQQpAvvL +oJHRfNbDflDVnVi+QTjruXU8FdmbyUqDWcDaU/0zuzYYm4UPFd3uLax2k7nZAY1IEKj79TiG8dsK +xr2EoyNB3tZ3b4XUhRxQ4K5RirqNPnbiucon8l+f725ZDQbYKxek0nxru18UGkiPGkzns0ccjkxF +KyDuSN/n3QmOGKjaQI2SJhFTYXNd673nxE0pN2HrrDktZy4W1vUAg4WhzH92xH3kt0tm7wNFYGm2 +DFKWkoRepqO1pD4r2czYG0eq8kTaT/kD6PAUyz/zg97QwVTjt+gKN02LIFkDMBmhLMi9ER/frslK +xfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQtDF4JbAiXfKM9fJP/P6EU +p8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/SfuvmbJxPgWp6ZKy7PtXny3YuxadIwVyQD8vI +P/rmMuGNG2+k5o7Y+SlIis5z/iw= +-----END CERTIFICATE----- + +GeoTrust Universal CA 2 +======================= +-----BEGIN CERTIFICATE----- +MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN +R2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVyc2FsIENBIDIwHhcNMDQwMzA0 +MDUwMDAwWhcNMjkwMzA0MDUwMDAwWjBHMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3Qg +SW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVyc2FsIENBIDIwggIiMA0GCSqGSIb3DQEBAQUA +A4ICDwAwggIKAoICAQCzVFLByT7y2dyxUxpZKeexw0Uo5dfR7cXFS6GqdHtXr0om/Nj1XqduGdt0 +DE81WzILAePb63p3NeqqWuDW6KFXlPCQo3RWlEQwAx5cTiuFJnSCegx2oG9NzkEtoBUGFF+3Qs17 +j1hhNNwqCPkuwwGmIkQcTAeC5lvO0Ep8BNMZcyfwqph/Lq9O64ceJHdqXbboW0W63MOhBW9Wjo8Q +JqVJwy7XQYci4E+GymC16qFjwAGXEHm9ADwSbSsVsaxLse4YuU6W3Nx2/zu+z18DwPw76L5GG//a +QMJS9/7jOvdqdzXQ2o3rXhhqMcceujwbKNZrVMaqW9eiLBsZzKIC9ptZvTdrhrVtgrrY6slWvKk2 +WP0+GfPtDCapkzj4T8FdIgbQl+rhrcZV4IErKIM6+vR7IVEAvlI4zs1meaj0gVbi0IMJR1FbUGrP +20gaXT73y/Zl92zxlfgCOzJWgjl6W70viRu/obTo/3+NjN8D8WBOWBFM66M/ECuDmgFz2ZRthAAn +ZqzwcEAJQpKtT5MNYQlRJNiS1QuUYbKHsu3/mjX/hVTK7URDrBs8FmtISgocQIgfksILAAX/8sgC +SqSqqcyZlpwvWOB94b67B9xfBHJcMTTD7F8t4D1kkCLm0ey4Lt1ZrtmhN79UNdxzMk+MBB4zsslG +8dhcyFVQyWi9qLo2CQIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR281Xh+qQ2 ++/CfXGJx7Tz0RzgQKzAfBgNVHSMEGDAWgBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAOBgNVHQ8BAf8E +BAMCAYYwDQYJKoZIhvcNAQEFBQADggIBAGbBxiPz2eAubl/oz66wsCVNK/g7WJtAJDday6sWSf+z +dXkzoS9tcBc0kf5nfo/sm+VegqlVHy/c1FEHEv6sFj4sNcZj/NwQ6w2jqtB8zNHQL1EuxBRa3ugZ +4T7GzKQp5y6EqgYweHZUcyiYWTjgAA1i00J9IZ+uPTqM1fp3DRgrFg5fNuH8KrUwJM/gYwx7WBr+ +mbpCErGR9Hxo4sjoryzqyX6uuyo9DRXcNJW2GHSoag/HtPQTxORb7QrSpJdMKu0vbBKJPfEncKpq +A1Ihn0CoZ1Dy81of398j9tx4TuaYT1U6U+Pv8vSfx3zYWK8pIpe44L2RLrB27FcRz+8pRPPphXpg +Y+RdM4kX2TGq2tbzGDVyz4crL2MjhF2EjD9XoIj8mZEoJmmZ1I+XRL6O1UixpCgp8RW04eWe3fiP +pm8m1wk8OhwRDqZsN/etRIcsKMfYdIKz0G9KV7s1KSegi+ghp4dkNl3M2Basx7InQJJVOCiNUW7d +FGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH6aLcr34YEoP9VhdBLtUp +gn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwXQMAJKOSLakhT2+zNVVXxxvjpoixMptEm +X36vWkzaH6byHCx+rgIW0lbQL1dTR+iS +-----END CERTIFICATE----- + +America Online Root Certification Authority 1 +============================================= +-----BEGIN CERTIFICATE----- +MIIDpDCCAoygAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEcMBoGA1UEChMT +QW1lcmljYSBPbmxpbmUgSW5jLjE2MDQGA1UEAxMtQW1lcmljYSBPbmxpbmUgUm9vdCBDZXJ0aWZp +Y2F0aW9uIEF1dGhvcml0eSAxMB4XDTAyMDUyODA2MDAwMFoXDTM3MTExOTIwNDMwMFowYzELMAkG +A1UEBhMCVVMxHDAaBgNVBAoTE0FtZXJpY2EgT25saW5lIEluYy4xNjA0BgNVBAMTLUFtZXJpY2Eg +T25saW5lIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAKgv6KRpBgNHw+kqmP8ZonCaxlCyfqXfaE0bfA+2l2h9LaaLl+lkhsmj76CG +v2BlnEtUiMJIxUo5vxTjWVXlGbR0yLQFOVwWpeKVBeASrlmLojNoWBym1BW32J/X3HGrfpq/m44z +DyL9Hy7nBzbvYjnF3cu6JRQj3gzGPTzOggjmZj7aUTsWOqMFf6Dch9Wc/HKpoH145LcxVR5lu9Rh +sCFg7RAycsWSJR74kEoYeEfffjA3PlAb2xzTa5qGUwew76wGePiEmf4hjUyAtgyC9mZweRrTT6PP +8c9GsEsPPt2IYriMqQkoO3rHl+Ee5fSfwMCuJKDIodkP1nsmgmkyPacCAwEAAaNjMGEwDwYDVR0T +AQH/BAUwAwEB/zAdBgNVHQ4EFgQUAK3Zo/Z59m50qX8zPYEX10zPM94wHwYDVR0jBBgwFoAUAK3Z +o/Z59m50qX8zPYEX10zPM94wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBBQUAA4IBAQB8itEf +GDeC4Liwo+1WlchiYZwFos3CYiZhzRAW18y0ZTTQEYqtqKkFZu90821fnZmv9ov761KyBZiibyrF +VL0lvV+uyIbqRizBs73B6UlwGBaXCBOMIOAbLjpHyx7kADCVW/RFo8AasAFOq73AI25jP4BKxQft +3OJvx8Fi8eNy1gTIdGcL+oiroQHIb/AUr9KZzVGTfu0uOMe9zkZQPXLjeSWdm4grECDdpbgyn43g +Kd8hdIaC2y+CMMbHNYaz+ZZfRtsMRf3zUMNvxsNIrUam4SdHCh0Om7bCd39j8uB9Gr784N/Xx6ds +sPmuujz9dLQR6FgNgLzTqIA6me11zEZ7 +-----END CERTIFICATE----- + +America Online Root Certification Authority 2 +============================================= +-----BEGIN CERTIFICATE----- +MIIFpDCCA4ygAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEcMBoGA1UEChMT +QW1lcmljYSBPbmxpbmUgSW5jLjE2MDQGA1UEAxMtQW1lcmljYSBPbmxpbmUgUm9vdCBDZXJ0aWZp +Y2F0aW9uIEF1dGhvcml0eSAyMB4XDTAyMDUyODA2MDAwMFoXDTM3MDkyOTE0MDgwMFowYzELMAkG +A1UEBhMCVVMxHDAaBgNVBAoTE0FtZXJpY2EgT25saW5lIEluYy4xNjA0BgNVBAMTLUFtZXJpY2Eg +T25saW5lIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMjCCAiIwDQYJKoZIhvcNAQEBBQAD +ggIPADCCAgoCggIBAMxBRR3pPU0Q9oyxQcngXssNt79Hc9PwVU3dxgz6sWYFas14tNwC206B89en +fHG8dWOgXeMHDEjsJcQDIPT/DjsS/5uN4cbVG7RtIuOx238hZK+GvFciKtZHgVdEglZTvYYUAQv8 +f3SkWq7xuhG1m1hagLQ3eAkzfDJHA1zEpYNI9FdWboE2JxhP7JsowtS013wMPgwr38oE18aO6lhO +qKSlGBxsRZijQdEt0sdtjRnxrXm3gT+9BoInLRBYBbV4Bbkv2wxrkJB+FFk4u5QkE+XRnRTf04JN +RvCAOVIyD+OEsnpD8l7eXz8d3eOyG6ChKiMDbi4BFYdcpnV1x5dhvt6G3NRI270qv0pV2uh9UPu0 +gBe4lL8BPeraunzgWGcXuVjgiIZGZ2ydEEdYMtA1fHkqkKJaEBEjNa0vzORKW6fIJ/KD3l67Xnfn +6KVuY8INXWHQjNJsWiEOyiijzirplcdIz5ZvHZIlyMbGwcEMBawmxNJ10uEqZ8A9W6Wa6897Gqid +FEXlD6CaZd4vKL3Ob5Rmg0gp2OpljK+T2WSfVVcmv2/LNzGZo2C7HK2JNDJiuEMhBnIMoVxtRsX6 +Kc8w3onccVvdtjc+31D1uAclJuW8tf48ArO3+L5DwYcRlJ4jbBeKuIonDFRH8KmzwICMoCfrHRnj +B453cMor9H124HhnAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFE1FwWg4u3Op +aaEg5+31IqEjFNeeMB8GA1UdIwQYMBaAFE1FwWg4u3OpaaEg5+31IqEjFNeeMA4GA1UdDwEB/wQE +AwIBhjANBgkqhkiG9w0BAQUFAAOCAgEAZ2sGuV9FOypLM7PmG2tZTiLMubekJcmnxPBUlgtk87FY +T15R/LKXeydlwuXK5w0MJXti4/qftIe3RUavg6WXSIylvfEWK5t2LHo1YGwRgJfMqZJS5ivmae2p ++DYtLHe/YUjRYwu5W1LtGLBDQiKmsXeu3mnFzcccobGlHBD7GL4acN3Bkku+KVqdPzW+5X1R+FXg +JXUjhx5c3LqdsKyzadsXg8n33gy8CNyRnqjQ1xU3c6U1uPx+xURABsPr+CKAXEfOAuMRn0T//Zoy +zH1kUQ7rVyZ2OuMeIjzCpjbdGe+n/BLzJsBZMYVMnNjP36TMzCmT/5RtdlwTCJfy7aULTd3oyWgO +ZtMADjMSW7yV5TKQqLPGbIOtd+6Lfn6xqavT4fG2wLHqiMDn05DpKJKUe2h7lyoKZy2FAjgQ5ANh +1NolNscIWC2hp1GvMApJ9aZphwctREZ2jirlmjvXGKL8nDgQzMY70rUXOm/9riW99XJZZLF0Kjhf +GEzfz3EEWjbUvy+ZnOjZurGV5gJLIaFb1cFPj65pbVPbAZO1XB4Y3WRayhgoPmMEEf0cjQAPuDff +Z4qdZqkCapH/E8ovXYO8h5Ns3CRRFgQlZvqz2cK6Kb6aSDiCmfS/O0oxGfm/jiEzFMpPVF/7zvuP +cX/9XhmgD0uRuMRUvAawRY8mkaKO/qk= +-----END CERTIFICATE----- + +Visa eCommerce Root +=================== +-----BEGIN CERTIFICATE----- +MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBrMQswCQYDVQQG +EwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5hdGlvbmFsIFNlcnZpY2Ug +QXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNvbW1lcmNlIFJvb3QwHhcNMDIwNjI2MDIxODM2 +WhcNMjIwNjI0MDAxNjEyWjBrMQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMm +VmlzYSBJbnRlcm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNv +bW1lcmNlIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvV95WHm6h2mCxlCfL +F9sHP4CFT8icttD0b0/Pmdjh28JIXDqsOTPHH2qLJj0rNfVIsZHBAk4ElpF7sDPwsRROEW+1QK8b +RaVK7362rPKgH1g/EkZgPI2h4H3PVz4zHvtH8aoVlwdVZqW1LS7YgFmypw23RuwhY/81q6UCzyr0 +TP579ZRdhE2o8mCP2w4lPJ9zcc+U30rq299yOIzzlr3xF7zSujtFWsan9sYXiwGd/BmoKoMWuDpI +/k4+oKsGGelT84ATB+0tvz8KPFUgOSwsAGl0lUq8ILKpeeUYiZGo3BxN77t+Nwtd/jmliFKMAGzs +GHxBvfaLdXe6YJ2E5/4tAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG +MB0GA1UdDgQWBBQVOIMPPyw/cDMezUb+B4wg4NfDtzANBgkqhkiG9w0BAQUFAAOCAQEAX/FBfXxc +CLkr4NWSR/pnXKUTwwMhmytMiUbPWU3J/qVAtmPN3XEolWcRzCSs00Rsca4BIGsDoo8Ytyk6feUW +YFN4PMCvFYP3j1IzJL1kk5fui/fbGKhtcbP3LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pz +zkWKsKZJ/0x9nXGIxHYdkFsd7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBu +YQa7FkKMcPcw++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt +398znM/jra6O1I7mT1GvFpLgXPYHDw== +-----END CERTIFICATE----- + +Certum Root CA +============== +-----BEGIN CERTIFICATE----- +MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBMMRswGQYDVQQK +ExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBDQTAeFw0wMjA2MTExMDQ2Mzla +Fw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBMMRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8u +by4xEjAQBgNVBAMTCUNlcnR1bSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6x +wS7TT3zNJc4YPk/EjG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdL +kKWoePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GIULdtlkIJ +89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapuOb7kky/ZR6By6/qmW6/K +Uz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUgAKpoC6EahQGcxEZjgoi2IrHu/qpGWX7P +NSzVttpd90gzFFS269lvzs2I1qsb2pY7HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkq +hkiG9w0BAQUFAAOCAQEAuI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+ +GXYkHAQaTOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTgxSvg +GrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1qCjqTE5s7FCMTY5w/ +0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5xO/fIR/RpbxXyEV6DHpx8Uq79AtoS +qFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs6GAqm4VKQPNriiTsBhYscw== +-----END CERTIFICATE----- + +Comodo AAA Services root +======================== +-----BEGIN CERTIFICATE----- +MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEbMBkGA1UECAwS +R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0Eg +TGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAw +MFoXDTI4MTIzMTIzNTk1OVowezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hl +c3RlcjEQMA4GA1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV +BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQuaBtDFcCLNSS1UY8y2bmhG +C1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe3M/vg4aijJRPn2jymJBGhCfHdr/jzDUs +i14HZGWCwEiwqJH5YZ92IFCokcdmtet4YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszW +Y19zjNoFmag4qMsXeDZRrOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjH +Ypy+g8cmez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQUoBEK +Iz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wewYDVR0f +BHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20vQUFBQ2VydGlmaWNhdGVTZXJ2aWNl +cy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29tb2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2Vz +LmNybDANBgkqhkiG9w0BAQUFAAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm +7l3sAg9g1o1QGE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz +Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2G9w84FoVxp7Z +8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsil2D4kF501KKaU73yqWjgom7C +12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg== +-----END CERTIFICATE----- + +Comodo Secure Services root +=========================== +-----BEGIN CERTIFICATE----- +MIIEPzCCAyegAwIBAgIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwS +R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0Eg +TGltaXRlZDEkMCIGA1UEAwwbU2VjdXJlIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAw +MDAwMFoXDTI4MTIzMTIzNTk1OVowfjELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFu +Y2hlc3RlcjEQMA4GA1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxJDAi +BgNVBAMMG1NlY3VyZSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAMBxM4KK0HDrc4eCQNUd5MvJDkKQ+d40uaG6EfQlhfPMcm3ye5drswfxdySRXyWP +9nQ95IDC+DwN879A6vfIUtFyb+/Iq0G4bi4XKpVpDM3SHpR7LZQdqnXXs5jLrLxkU0C8j6ysNstc +rbvd4JQX7NFc0L/vpZXJkMWwrPsbQ996CF23uPJAGysnnlDOXmWCiIxe004MeuoIkbY2qitC++rC +oznl2yY4rYsK7hljxxwk3wN42ubqwUcaCwtGCd0C/N7Lh1/XMGNooa7cMqG6vv5Eq2i2pRcV/b3V +p6ea5EQz6YiO/O1R65NxTq0B50SOqy3LqP4BSUjwwN3HaNiS/j0CAwEAAaOBxzCBxDAdBgNVHQ4E +FgQUPNiTiMLAggnMAZkGkyDpnnAJY08wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w +gYEGA1UdHwR6MHgwO6A5oDeGNWh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1NlY3VyZUNlcnRpZmlj +YXRlU2VydmljZXMuY3JsMDmgN6A1hjNodHRwOi8vY3JsLmNvbW9kby5uZXQvU2VjdXJlQ2VydGlm +aWNhdGVTZXJ2aWNlcy5jcmwwDQYJKoZIhvcNAQEFBQADggEBAIcBbSMdflsXfcFhMs+P5/OKlFlm +4J4oqF7Tt/Q05qo5spcWxYJvMqTpjOev/e/C6LlLqqP05tqNZSH7uoDrJiiFGv45jN5bBAS0VPmj +Z55B+glSzAVIqMk/IQQezkhr/IXownuvf7fM+F86/TXGDe+X3EyrEeFryzHRbPtIgKvcnDe4IRRL +DXE97IMzbtFuMhbsmMcWi1mmNKsFVy2T96oTy9IT4rcuO81rUBcJaD61JlfutuC23bkpgHl9j6Pw +pCikFcSF9CfUa7/lXORlAnZUtOM3ZiTTGWHIUhDlizeauan5Hb/qmZJhlv8BzaFfDbxxvA6sCx1H +RR3B7Hzs/Sk= +-----END CERTIFICATE----- + +Comodo Trusted Services root +============================ +-----BEGIN CERTIFICATE----- +MIIEQzCCAyugAwIBAgIBATANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJHQjEbMBkGA1UECAwS +R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0Eg +TGltaXRlZDElMCMGA1UEAwwcVHJ1c3RlZCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0wNDAxMDEw +MDAwMDBaFw0yODEyMzEyMzU5NTlaMH8xCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1h +bmNoZXN0ZXIxEDAOBgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSUw +IwYDVQQDDBxUcnVzdGVkIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQIIO0Yfyod5jWaHiWsnOWWfnJSoBVC21ndZHoa0Lh7 +3TkVvFVIxO06AOoxEbrycXQaZ7jPM8yoMa+j49d/vzMtTGo87IvDktJTdyR0nAducPy9C1t2ul/y +/9c3S0pgePfw+spwtOpZqqPOSC+pw7ILfhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6 +juljatEPmsbS9Is6FARW1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAEAtdbtz6SrGsS +ivnkBbA7kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt6wIDAQABo4HJMIHGMB0GA1Ud +DgQWBBTFe1i97doladL3WRaoszLAeydb9DAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB +/zCBgwYDVR0fBHwwejA8oDqgOIY2aHR0cDovL2NybC5jb21vZG9jYS5jb20vVHJ1c3RlZENlcnRp +ZmljYXRlU2VydmljZXMuY3JsMDqgOKA2hjRodHRwOi8vY3JsLmNvbW9kby5uZXQvVHJ1c3RlZENl +cnRpZmljYXRlU2VydmljZXMuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQDIk4E7ibSvuIQSTI3S8Ntw +uleGFTQQuS9/HrCoiWChisJ3DFBKmwCL2Iv0QeLQg4pKHBQGsKNoBXAxMKdTmw7pSqBYaWcOrp32 +pSxBvzwGa+RZzG0Q8ZZvH9/0BAKkn0U+yNj6NkZEUD+Cl5EfKNsYEYwq5GWDVxISjBc/lDb+XbDA +BHcTuPQV1T84zJQ6VdCsmPW6AF/ghhmBeC8owH7TzEIK9a5QoNE+xqFx7D+gIIxmOom0jtTYsU0l +R+4viMi14QVFwL4Ucd56/Y57fU0IlqUSc/AtyjcndBInTMu2l+nZrghtWjlA3QVHdWpaIbOjGM9O +9y5Xt5hwXsjEeLBi +-----END CERTIFICATE----- + +QuoVadis Root CA +================ +-----BEGIN CERTIFICATE----- +MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJCTTEZMBcGA1UE +ChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 +eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAz +MTkxODMzMzNaFw0yMTAzMTcxODMzMzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRp +cyBMaW1pdGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQD +EyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Ypli4kVEAkOPcahdxYTMuk +J0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2DrOpm2RgbaIr1VxqYuvXtdj182d6UajtL +F8HVj71lODqV0D1VNk7feVcxKh7YWWVJWCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeL +YzcS19Dsw3sgQUSj7cugF+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWen +AScOospUxbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCCAk4w +PQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVvdmFkaXNvZmZzaG9y +ZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREwggENMIIBCQYJKwYBBAG+WAABMIH7 +MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNlIG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmlj +YXRlIGJ5IGFueSBwYXJ0eSBhc3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJs +ZSBzdGFuZGFyZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh +Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYIKwYBBQUHAgEW +Fmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3TKbkGGew5Oanwl4Rqy+/fMIGu +BgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rqy+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkw +FwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0 +aG9yaXR5MS4wLAYDVQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6 +tlCLMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSkfnIYj9lo +fFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf87C9TqnN7Az10buYWnuul +LsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1RcHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2x +gI4JVrmcGmD+XcHXetwReNDWXcG31a0ymQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi +5upZIof4l/UO/erMkqQWxFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi +5nrQNiOKSnQ2+Q== +-----END CERTIFICATE----- + +QuoVadis Root CA 2 +================== +-----BEGIN CERTIFICATE----- +MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoT +EFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMjAeFw0wNjExMjQx +ODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM +aW1pdGVkMRswGQYDVQQDExJRdW9WYWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4IC +DwAwggIKAoICAQCaGMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6 +XJxgFyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55JWpzmM+Yk +lvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bBrrcCaoF6qUWD4gXmuVbB +lDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp+ARz8un+XJiM9XOva7R+zdRcAitMOeGy +lZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt +66/3FsvbzSUr5R/7mp/iUcw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1Jdxn +wQ5hYIizPtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og/zOh +D7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UHoycR7hYQe7xFSkyy +BNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuIyV77zGHcizN300QyNQliBJIWENie +J0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1Ud +DgQWBBQahGK8SEwzJQTU7tD2A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGU +a6FJpEcwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMT +ElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2fBluornFdLwUv +Z+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzng/iN/Ae42l9NLmeyhP3ZRPx3 +UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2BlfF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodm +VjB3pjd4M1IQWK4/YY7yarHvGH5KWWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK ++JDSV6IZUaUtl0HaB0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrW +IozchLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPRTUIZ3Ph1 +WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWDmbA4CD/pXvk1B+TJYm5X +f6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0ZohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II +4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8 +VCLAAVBpQ570su9t+Oza8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u +-----END CERTIFICATE----- + +QuoVadis Root CA 3 +================== +-----BEGIN CERTIFICATE----- +MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoT +EFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMzAeFw0wNjExMjQx +OTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM +aW1pdGVkMRswGQYDVQQDExJRdW9WYWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4IC +DwAwggIKAoICAQDMV0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNgg +DhoB4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUrH556VOij +KTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd8lyyBTNvijbO0BNO/79K +DDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9CabwvvWhDFlaJKjdhkf2mrk7AyxRllDdLkgbv +BNDInIjbC3uBr7E9KsRlOni27tyAsdLTmZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwp +p5ijJUMv7/FfJuGITfhebtfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8 +nT8KKdjcT5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDtWAEX +MJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZc6tsgLjoC2SToJyM +Gf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A4iLItLRkT9a6fUg+qGkM17uGcclz +uD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYDVR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHT +BgkrBgEEAb5YAAMwgcUwgZMGCCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmlj +YXRlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0 +aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVudC4wLQYIKwYB +BQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2NwczALBgNVHQ8EBAMCAQYwHQYD +VR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4GA1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4 +ywLQoUmkRzBFMQswCQYDVQQGEwJCTTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UE +AxMSUXVvVmFkaXMgUm9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZV +qyM07ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSemd1o417+s +hvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd+LJ2w/w4E6oM3kJpK27z +POuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2 +Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadNt54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp +8kokUvd0/bpO5qgdAm6xDYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBC +bjPsMZ57k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6szHXu +g/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0jWy10QJLZYxkNc91p +vGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeTmJlglFwjz1onl14LBQaTNx47aTbr +qZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK4SVhM7JZG+Ju1zdXtg2pEto= +-----END CERTIFICATE----- + +Security Communication Root CA +============================== +-----BEGIN CERTIFICATE----- +MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMP +U0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEw +HhcNMDMwOTMwMDQyMDQ5WhcNMjMwOTMwMDQyMDQ5WjBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMP +U0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzs/5/022x7xZ8V6UMbXaKL0u/ZPtM7orw +8yl89f/uKuDp6bpbZCKamm8sOiZpUQWZJtzVHGpxxpp9Hp3dfGzGjGdnSj74cbAZJ6kJDKaVv0uM +DPpVmDvY6CKhS3E4eayXkmmziX7qIWgGmBSWh9JhNrxtJ1aeV+7AwFb9Ms+k2Y7CI9eNqPPYJayX +5HA49LY6tJ07lyZDo6G8SVlyTCMwhwFY9k6+HGhWZq/NQV3Is00qVUarH9oe4kA92819uZKAnDfd +DJZkndwi92SL32HeFZRSFaB9UslLqCHJxrHty8OVYNEP8Ktw+N/LTX7s1vqr2b1/VPKl6Xn62dZ2 +JChzAgMBAAGjPzA9MB0GA1UdDgQWBBSgc0mZaNyFW2XjmygvV5+9M7wHSDALBgNVHQ8EBAMCAQYw +DwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaECpqLvkT115swW1F7NgE+vGkl3g +0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfrUj94nK9NrvjVT8+a +mCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5Bw+SUEmK3TGXX8npN6o7WWWXlDLJ +s58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJUJRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ +6rBK+1YWc26sTfcioU+tHXotRSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAi +FL39vmwLAw== +-----END CERTIFICATE----- + +Sonera Class 2 Root CA +====================== +-----BEGIN CERTIFICATE----- +MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEPMA0GA1UEChMG +U29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAxMDQwNjA3Mjk0MFoXDTIxMDQw +NjA3Mjk0MFowOTELMAkGA1UEBhMCRkkxDzANBgNVBAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJh +IENsYXNzMiBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJAXSjWdyvANlsdE+hY3 +/Ei9vX+ALTU74W+oZ6m/AxxNjG8yR9VBaKQTBME1DJqEQ/xcHf+Js+gXGM2RX/uJ4+q/Tl18GybT +dXnt5oTjV+WtKcT0OijnpXuENmmz/V52vaMtmdOQTiMofRhj8VQ7Jp12W5dCsv+u8E7s3TmVToMG +f+dJQMjFAbJUWmYdPfz56TwKnoG4cPABi+QjVHzIrviQHgCWctRUz2EjvOr7nQKV0ba5cTppCD8P +tOFCx4j1P5iop7oc4HFx71hXgVB6XGt0Rg6DA5jDjqhu8nYybieDwnPz3BjotJPqdURrBGAgcVeH +nfO+oJAjPYok4doh28MCAwEAAaMzMDEwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISqCqWITT +XjwwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBazof5FnIVV0sd2ZvnoiYw7JNn39Yt +0jSv9zilzqsWuasvfDXLrNAPtEwr/IDva4yRXzZ299uzGxnq9LIR/WFxRL8oszodv7ND6J+/3DEI +cbCdjdY0RzKQxmUk96BKfARzjzlvF4xytb1LyHr4e4PDKE6cCepnP7JnBBvDFNr450kkkdAdavph +Oe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6Tk6ezAyNlNzZRZxe7EJQY670XcSx +EtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLH +llpwrN9M +-----END CERTIFICATE----- + +Staat der Nederlanden Root CA +============================= +-----BEGIN CERTIFICATE----- +MIIDujCCAqKgAwIBAgIEAJiWijANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJOTDEeMBwGA1UE +ChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSYwJAYDVQQDEx1TdGFhdCBkZXIgTmVkZXJsYW5kZW4g +Um9vdCBDQTAeFw0wMjEyMTcwOTIzNDlaFw0xNTEyMTYwOTE1MzhaMFUxCzAJBgNVBAYTAk5MMR4w +HAYDVQQKExVTdGFhdCBkZXIgTmVkZXJsYW5kZW4xJjAkBgNVBAMTHVN0YWF0IGRlciBOZWRlcmxh +bmRlbiBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNK1URF6gaYUmHFt +vsznExvWJw56s2oYHLZhWtVhCb/ekBPHZ+7d89rFDBKeNVU+LCeIQGv33N0iYfXCxw719tV2U02P +jLwYdjeFnejKScfST5gTCaI+Ioicf9byEGW07l8Y1Rfj+MX94p2i71MOhXeiD+EwR+4A5zN9RGca +C1Hoi6CeUJhoNFIfLm0B8mBF8jHrqTFoKbt6QZ7GGX+UtFE5A3+y3qcym7RHjm+0Sq7lr7HcsBth +vJly3uSJt3omXdozSVtSnA71iq3DuD3oBmrC1SoLbHuEvVYFy4ZlkuxEK7COudxwC0barbxjiDn6 +22r+I/q85Ej0ZytqERAhSQIDAQABo4GRMIGOMAwGA1UdEwQFMAMBAf8wTwYDVR0gBEgwRjBEBgRV +HSAAMDwwOgYIKwYBBQUHAgEWLmh0dHA6Ly93d3cucGtpb3ZlcmhlaWQubmwvcG9saWNpZXMvcm9v +dC1wb2xpY3kwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSofeu8Y6R0E3QA7Jbg0zTBLL9s+DAN +BgkqhkiG9w0BAQUFAAOCAQEABYSHVXQ2YcG70dTGFagTtJ+k/rvuFbQvBgwp8qiSpGEN/KtcCFtR +EytNwiphyPgJWPwtArI5fZlmgb9uXJVFIGzmeafR2Bwp/MIgJ1HI8XxdNGdphREwxgDS1/PTfLbw +MVcoEoJz6TMvplW0C5GUR5z6u3pCMuiufi3IvKwUv9kP2Vv8wfl6leF9fpb8cbDCTMjfRTTJzg3y +nGQI0DvDKcWy7ZAEwbEpkcUwb8GpcjPM/l0WFywRaed+/sWDCN+83CI6LiBpIzlWYGeQiy52OfsR +iJf2fL1LuCAWZwWN4jvBcj+UlTfHXbme2JOhF4//DGYVwSR8MnwDHTuhWEUykw== +-----END CERTIFICATE----- + +TDC Internet Root CA +==================== +-----BEGIN CERTIFICATE----- +MIIEKzCCAxOgAwIBAgIEOsylTDANBgkqhkiG9w0BAQUFADBDMQswCQYDVQQGEwJESzEVMBMGA1UE +ChMMVERDIEludGVybmV0MR0wGwYDVQQLExRUREMgSW50ZXJuZXQgUm9vdCBDQTAeFw0wMTA0MDUx +NjMzMTdaFw0yMTA0MDUxNzAzMTdaMEMxCzAJBgNVBAYTAkRLMRUwEwYDVQQKEwxUREMgSW50ZXJu +ZXQxHTAbBgNVBAsTFFREQyBJbnRlcm5ldCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAxLhAvJHVYx/XmaCLDEAedLdInUaMArLgJF/wGROnN4NrXceO+YQwzho7+vvOi20j +xsNuZp+Jpd/gQlBn+h9sHvTQBda/ytZO5GhgbEaqHF1j4QeGDmUApy6mcca8uYGoOn0a0vnRrEvL +znWv3Hv6gXPU/Lq9QYjUdLP5Xjg6PEOo0pVOd20TDJ2PeAG3WiAfAzc14izbSysseLlJ28TQx5yc +5IogCSEWVmb/Bexb4/DPqyQkXsN/cHoSxNK1EKC2IeGNeGlVRGn1ypYcNIUXJXfi9i8nmHj9eQY6 +otZaQ8H/7AQ77hPv01ha/5Lr7K7a8jcDR0G2l8ktCkEiu7vmpwIDAQABo4IBJTCCASEwEQYJYIZI +AYb4QgEBBAQDAgAHMGUGA1UdHwReMFwwWqBYoFakVDBSMQswCQYDVQQGEwJESzEVMBMGA1UEChMM +VERDIEludGVybmV0MR0wGwYDVQQLExRUREMgSW50ZXJuZXQgUm9vdCBDQTENMAsGA1UEAxMEQ1JM +MTArBgNVHRAEJDAigA8yMDAxMDQwNTE2MzMxN1qBDzIwMjEwNDA1MTcwMzE3WjALBgNVHQ8EBAMC +AQYwHwYDVR0jBBgwFoAUbGQBx/2FbazI2p5QCIUItTxWqFAwHQYDVR0OBBYEFGxkAcf9hW2syNqe +UAiFCLU8VqhQMAwGA1UdEwQFMAMBAf8wHQYJKoZIhvZ9B0EABBAwDhsIVjUuMDo0LjADAgSQMA0G +CSqGSIb3DQEBBQUAA4IBAQBOQ8zR3R0QGwZ/t6T609lN+yOfI1Rb5osvBCiLtSdtiaHsmGnc540m +gwV5dOy0uaOXwTUA/RXaOYE6lTGQ3pfphqiZdwzlWqCE/xIWrG64jcN7ksKsLtB9KOy282A4aW8+ +2ARVPp7MVdK6/rtHBNcK2RYKNCn1WBPVT8+PVkuzHu7TmHnaCB4Mb7j4Fifvwm899qNLPg7kbWzb +O0ESm70NRyN/PErQr8Cv9u8btRXE64PECV90i9kR+8JWsTz4cMo0jUNAE4z9mQNUecYu6oah9jrU +Cbz0vGbMPVjQV0kK7iXiQe4T+Zs4NNEA9X7nlB38aQNiuJkFBT1reBK9sG9l +-----END CERTIFICATE----- + +TDC OCES Root CA +================ +-----BEGIN CERTIFICATE----- +MIIFGTCCBAGgAwIBAgIEPki9xDANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJESzEMMAoGA1UE +ChMDVERDMRQwEgYDVQQDEwtUREMgT0NFUyBDQTAeFw0wMzAyMTEwODM5MzBaFw0zNzAyMTEwOTA5 +MzBaMDExCzAJBgNVBAYTAkRLMQwwCgYDVQQKEwNUREMxFDASBgNVBAMTC1REQyBPQ0VTIENBMIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGL2YSCyz8DGhdfjeebM7fI5kqSXLmSjhFuH +nEz9pPPEXyG9VhDr2y5h7JNp46PMvZnDBfwGuMo2HP6QjklMxFaaL1a8z3sM8W9Hpg1DTeLpHTk0 +zY0s2RKY+ePhwUp8hjjEqcRhiNJerxomTdXkoCJHhNlktxmW/OwZ5LKXJk5KTMuPJItUGBxIYXvV +iGjaXbXqzRowwYCDdlCqT9HU3Tjw7xb04QxQBr/q+3pJoSgrHPb8FTKjdGqPqcNiKXEx5TukYBde +dObaE+3pHx8b0bJoc8YQNHVGEBDjkAB2QMuLt0MJIf+rTpPGWOmlgtt3xDqZsXKVSQTwtyv6e1mO +3QIDAQABo4ICNzCCAjMwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwgewGA1UdIASB +5DCB4TCB3gYIKoFQgSkBAQEwgdEwLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cuY2VydGlmaWthdC5k +ay9yZXBvc2l0b3J5MIGdBggrBgEFBQcCAjCBkDAKFgNUREMwAwIBARqBgUNlcnRpZmlrYXRlciBm +cmEgZGVubmUgQ0EgdWRzdGVkZXMgdW5kZXIgT0lEIDEuMi4yMDguMTY5LjEuMS4xLiBDZXJ0aWZp +Y2F0ZXMgZnJvbSB0aGlzIENBIGFyZSBpc3N1ZWQgdW5kZXIgT0lEIDEuMi4yMDguMTY5LjEuMS4x +LjARBglghkgBhvhCAQEEBAMCAAcwgYEGA1UdHwR6MHgwSKBGoESkQjBAMQswCQYDVQQGEwJESzEM +MAoGA1UEChMDVERDMRQwEgYDVQQDEwtUREMgT0NFUyBDQTENMAsGA1UEAxMEQ1JMMTAsoCqgKIYm +aHR0cDovL2NybC5vY2VzLmNlcnRpZmlrYXQuZGsvb2Nlcy5jcmwwKwYDVR0QBCQwIoAPMjAwMzAy +MTEwODM5MzBagQ8yMDM3MDIxMTA5MDkzMFowHwYDVR0jBBgwFoAUYLWF7FZkfhIZJ2cdUBVLc647 ++RIwHQYDVR0OBBYEFGC1hexWZH4SGSdnHVAVS3OuO/kSMB0GCSqGSIb2fQdBAAQQMA4bCFY2LjA6 +NC4wAwIEkDANBgkqhkiG9w0BAQUFAAOCAQEACromJkbTc6gJ82sLMJn9iuFXehHTuJTXCRBuo7E4 +A9G28kNBKWKnctj7fAXmMXAnVBhOinxO5dHKjHiIzxvTkIvmI/gLDjNDfZziChmPyQE+dF10yYsc +A+UYyAFMP8uXBV2YcaaYb7Z8vTd/vuGTJW1v8AqtFxjhA7wHKcitJuj4YfD9IQl+mo6paH1IYnK9 +AOoBmbgGglGBTvH1tJFUuSN6AJqfXY3gPGS5GhKSKseCRHI53OI8xthV9RVOyAUO28bQYqbsFbS1 +AoLbrIyigfCbmTH1ICCoiGEKB5+U/NDXG8wuF/MEJ3Zn61SD/aSQfgY9BKNDLdr8C2LqL19iUw== +-----END CERTIFICATE----- + +UTN DATACorp SGC Root CA +======================== +-----BEGIN CERTIFICATE----- +MIIEXjCCA0agAwIBAgIQRL4Mi1AAIbQR0ypoBqmtaTANBgkqhkiG9w0BAQUFADCBkzELMAkGA1UE +BhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwGA1UEChMVVGhl +IFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xGzAZ +BgNVBAMTElVUTiAtIERBVEFDb3JwIFNHQzAeFw05OTA2MjQxODU3MjFaFw0xOTA2MjQxOTA2MzBa +MIGTMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVVQxFzAVBgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4w +HAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRy +dXN0LmNvbTEbMBkGA1UEAxMSVVROIC0gREFUQUNvcnAgU0dDMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEA3+5YEKIrblXEjr8uRgnn4AgPLit6E5Qbvfa2gI5lBZMAHryv4g+OGQ0SR+ys +raP6LnD43m77VkIVni5c7yPeIbkFdicZD0/Ww5y0vpQZY/KmEQrrU0icvvIpOxboGqBMpsn0GFlo +wHDyUwDAXlCCpVZvNvlK4ESGoE1O1kduSUrLZ9emxAW5jh70/P/N5zbgnAVssjMiFdC04MwXwLLA +9P4yPykqlXvY8qdOD1R8oQ2AswkDwf9c3V6aPryuvEeKaq5xyh+xKrhfQgUL7EYw0XILyulWbfXv +33i+Ybqypa4ETLyorGkVl73v67SMvzX41MPRKA5cOp9wGDMgd8SirwIDAQABo4GrMIGoMAsGA1Ud +DwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRTMtGzz3/64PGgXYVOktKeRR20TzA9 +BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVROLURBVEFDb3JwU0dD +LmNybDAqBgNVHSUEIzAhBggrBgEFBQcDAQYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBMA0GCSqGSIb3 +DQEBBQUAA4IBAQAnNZcAiosovcYzMB4p/OL31ZjUQLtgyr+rFywJNn9Q+kHcrpY6CiM+iVnJowft +Gzet/Hy+UUla3joKVAgWRcKZsYfNjGjgaQPpxE6YsjuMFrMOoAyYUJuTqXAJyCyjj98C5OBxOvG0 +I3KgqgHf35g+FFCgMSa9KOlaMCZ1+XtgHI3zzVAmbQQnmt/VDUVHKWss5nbZqSl9Mt3JNjy9rjXx +EZ4du5A/EkdOjtd+D2JzHVImOBwYSf0wdJrE5SIv2MCN7ZF6TACPcn9d2t0bi0Vr591pl6jFVkwP +DPafepE39peC4N1xaf92P2BNPM/3mfnGV/TJVTl4uix5yaaIK/QI +-----END CERTIFICATE----- + +UTN USERFirst Hardware Root CA +============================== +-----BEGIN CERTIFICATE----- +MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCBlzELMAkGA1UE +BhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwGA1UEChMVVGhl +IFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAd +BgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgx +OTIyWjCBlzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0 +eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVz +ZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdhcmUwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlI +wrthdBKWHTxqctU8EGc6Oe0rE81m65UJM6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFd +tqdt++BxF2uiiPsA3/4aMXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8 +i4fDidNdoI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqIDsjf +Pe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9KsyoUhbAgMBAAGjgbkw +gbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFKFyXyYbKJhDlV0HN9WF +lp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNF +UkZpcnN0LUhhcmR3YXJlLmNybDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUF +BwMGBggrBgEFBQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM +//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28GpgoiskliCE7/yMgUsogW +XecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gECJChicsZUN/KHAG8HQQZexB2 +lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kn +iCrVWFCVH/A7HFe7fRQ5YiuayZSSKqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67 +nfhmqA== +-----END CERTIFICATE----- + +Camerfirma Chambers of Commerce Root +==================================== +-----BEGIN CERTIFICATE----- +MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEnMCUGA1UEChMe +QUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1i +ZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAx +NjEzNDNaFw0zNzA5MzAxNjEzNDRaMH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZp +cm1hIFNBIENJRiBBODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3Jn +MSIwIAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0BAQEFAAOC +AQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtbunXF/KGIJPov7coISjlU +xFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0dBmpAPrMMhe5cG3nCYsS4No41XQEMIwRH +NaqbYE6gZj3LJgqcQKH0XZi/caulAGgq7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jW +DA+wWFjbw2Y3npuRVDM30pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFV +d9oKDMyXroDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIGA1Ud +EwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5jaGFtYmVyc2lnbi5v +cmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p26EpW1eLTXYGduHRooowDgYDVR0P +AQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hh +bWJlcnNpZ24ub3JnMCcGA1UdEgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYD +VR0gBFEwTzBNBgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz +aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEBAAxBl8IahsAi +fJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZdp0AJPaxJRUXcLo0waLIJuvvD +L8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wN +UPf6s+xCX6ndbcj0dc97wXImsQEcXCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/n +ADydb47kMgkdTXg0eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1 +erfutGWaIZDgqtCYvDi1czyL+Nw= +-----END CERTIFICATE----- + +Camerfirma Global Chambersign Root +================================== +-----BEGIN CERTIFICATE----- +MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEnMCUGA1UEChMe +QUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1i +ZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYx +NDE4WhcNMzcwOTMwMTYxNDE4WjB9MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJt +YSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEg +MB4GA1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUAA4IBDQAw +ggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0Mi+ITaFgCPS3CU6gSS9J +1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/sQJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8O +by4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpVeAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl +6DJWk0aJqCWKZQbua795B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c +8lCrEqWhz0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0TAQH/ +BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1iZXJzaWduLm9yZy9j +aGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4wTcbOX60Qq+UDpfqpFDAOBgNVHQ8B +Af8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAHMCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBj +aGFtYmVyc2lnbi5vcmcwKgYDVR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9y +ZzBbBgNVHSAEVDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh +bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0BAQUFAAOCAQEA +PDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUMbKGKfKX0j//U2K0X1S0E0T9Y +gOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXiryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJ +PJ7oKXqJ1/6v/2j1pReQvayZzKWGVwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4 +IBHNfTIzSJRUTN3cecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREes +t2d/AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A== +-----END CERTIFICATE----- + +NetLock Notary (Class A) Root +============================= +-----BEGIN CERTIFICATE----- +MIIGfTCCBWWgAwIBAgICAQMwDQYJKoZIhvcNAQEEBQAwga8xCzAJBgNVBAYTAkhVMRAwDgYDVQQI +EwdIdW5nYXJ5MREwDwYDVQQHEwhCdWRhcGVzdDEnMCUGA1UEChMeTmV0TG9jayBIYWxvemF0Yml6 +dG9uc2FnaSBLZnQuMRowGAYDVQQLExFUYW51c2l0dmFueWtpYWRvazE2MDQGA1UEAxMtTmV0TG9j +ayBLb3pqZWd5em9pIChDbGFzcyBBKSBUYW51c2l0dmFueWtpYWRvMB4XDTk5MDIyNDIzMTQ0N1oX +DTE5MDIxOTIzMTQ0N1owga8xCzAJBgNVBAYTAkhVMRAwDgYDVQQIEwdIdW5nYXJ5MREwDwYDVQQH +EwhCdWRhcGVzdDEnMCUGA1UEChMeTmV0TG9jayBIYWxvemF0Yml6dG9uc2FnaSBLZnQuMRowGAYD +VQQLExFUYW51c2l0dmFueWtpYWRvazE2MDQGA1UEAxMtTmV0TG9jayBLb3pqZWd5em9pIChDbGFz +cyBBKSBUYW51c2l0dmFueWtpYWRvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHSM +D7tM9DceqQWC2ObhbHDqeLVu0ThEDaiDzl3S1tWBxdRL51uUcCbbO51qTGL3cfNk1mE7PetzozfZ +z+qMkjvN9wfcZnSX9EUi3fRc4L9t875lM+QVOr/bmJBVOMTtplVjC7B4BPTjbsE/jvxReB+SnoPC +/tmwqcm8WgD/qaiYdPv2LD4VOQ22BFWoDpggQrOxJa1+mm9dU7GrDPzr4PN6s6iz/0b2Y6LYOph7 +tqyF/7AlT3Rj5xMHpQqPBffAZG9+pyeAlt7ULoZgx2srXnN7F+eRP2QM2EsiNCubMvJIH5+hCoR6 +4sKtlz2O1cH5VqNQ6ca0+pii7pXmKgOM3wIDAQABo4ICnzCCApswDgYDVR0PAQH/BAQDAgAGMBIG +A1UdEwEB/wQIMAYBAf8CAQQwEQYJYIZIAYb4QgEBBAQDAgAHMIICYAYJYIZIAYb4QgENBIICURaC +Ak1GSUdZRUxFTSEgRXplbiB0YW51c2l0dmFueSBhIE5ldExvY2sgS2Z0LiBBbHRhbGFub3MgU3pv +bGdhbHRhdGFzaSBGZWx0ZXRlbGVpYmVuIGxlaXJ0IGVsamFyYXNvayBhbGFwamFuIGtlc3p1bHQu +IEEgaGl0ZWxlc2l0ZXMgZm9seWFtYXRhdCBhIE5ldExvY2sgS2Z0LiB0ZXJtZWtmZWxlbG9zc2Vn +LWJpenRvc2l0YXNhIHZlZGkuIEEgZGlnaXRhbGlzIGFsYWlyYXMgZWxmb2dhZGFzYW5hayBmZWx0 +ZXRlbGUgYXogZWxvaXJ0IGVsbGVub3J6ZXNpIGVsamFyYXMgbWVndGV0ZWxlLiBBeiBlbGphcmFz +IGxlaXJhc2EgbWVndGFsYWxoYXRvIGEgTmV0TG9jayBLZnQuIEludGVybmV0IGhvbmxhcGphbiBh +IGh0dHBzOi8vd3d3Lm5ldGxvY2submV0L2RvY3MgY2ltZW4gdmFneSBrZXJoZXRvIGF6IGVsbGVu +b3J6ZXNAbmV0bG9jay5uZXQgZS1tYWlsIGNpbWVuLiBJTVBPUlRBTlQhIFRoZSBpc3N1YW5jZSBh +bmQgdGhlIHVzZSBvZiB0aGlzIGNlcnRpZmljYXRlIGlzIHN1YmplY3QgdG8gdGhlIE5ldExvY2sg +Q1BTIGF2YWlsYWJsZSBhdCBodHRwczovL3d3dy5uZXRsb2NrLm5ldC9kb2NzIG9yIGJ5IGUtbWFp +bCBhdCBjcHNAbmV0bG9jay5uZXQuMA0GCSqGSIb3DQEBBAUAA4IBAQBIJEb3ulZv+sgoA0BO5TE5 +ayZrU3/b39/zcT0mwBQOxmd7I6gMc90Bu8bKbjc5VdXHjFYgDigKDtIqpLBJUsY4B/6+CgmM0ZjP +ytoUMaFP0jn8DxEsQ8Pdq5PHVT5HfBgaANzze9jyf1JsIPQLX2lS9O74silg6+NJMSEN1rUQQeJB +CWziGppWS3cC9qCbmieH6FUpccKQn0V4GuEVZD3QDtigdp+uxdAu6tYPVuxkf1qbFFgBJ34TUMdr +KuZoPL9coAob4Q566eKAw+np9v1sEZ7Q5SgnK1QyQhSCdeZK8CtmdWOMovsEPoMOmzbwGOQmIMOM +8CgHrTwXZoi1/baI +-----END CERTIFICATE----- + +NetLock Business (Class B) Root +=============================== +-----BEGIN CERTIFICATE----- +MIIFSzCCBLSgAwIBAgIBaTANBgkqhkiG9w0BAQQFADCBmTELMAkGA1UEBhMCSFUxETAPBgNVBAcT +CEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0b25zYWdpIEtmdC4xGjAYBgNV +BAsTEVRhbnVzaXR2YW55a2lhZG9rMTIwMAYDVQQDEylOZXRMb2NrIFV6bGV0aSAoQ2xhc3MgQikg +VGFudXNpdHZhbnlraWFkbzAeFw05OTAyMjUxNDEwMjJaFw0xOTAyMjAxNDEwMjJaMIGZMQswCQYD +VQQGEwJIVTERMA8GA1UEBxMIQnVkYXBlc3QxJzAlBgNVBAoTHk5ldExvY2sgSGFsb3phdGJpenRv +bnNhZ2kgS2Z0LjEaMBgGA1UECxMRVGFudXNpdHZhbnlraWFkb2sxMjAwBgNVBAMTKU5ldExvY2sg +VXpsZXRpIChDbGFzcyBCKSBUYW51c2l0dmFueWtpYWRvMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB +iQKBgQCx6gTsIKAjwo84YM/HRrPVG/77uZmeBNwcf4xKgZjupNTKihe5In+DCnVMm8Bp2GQ5o+2S +o/1bXHQawEfKOml2mrriRBf8TKPV/riXiK+IA4kfpPIEPsgHC+b5sy96YhQJRhTKZPWLgLViqNhr +1nGTLbO/CVRY7QbrqHvcQ7GhaQIDAQABo4ICnzCCApswEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNV +HQ8BAf8EBAMCAAYwEQYJYIZIAYb4QgEBBAQDAgAHMIICYAYJYIZIAYb4QgENBIICURaCAk1GSUdZ +RUxFTSEgRXplbiB0YW51c2l0dmFueSBhIE5ldExvY2sgS2Z0LiBBbHRhbGFub3MgU3pvbGdhbHRh +dGFzaSBGZWx0ZXRlbGVpYmVuIGxlaXJ0IGVsamFyYXNvayBhbGFwamFuIGtlc3p1bHQuIEEgaGl0 +ZWxlc2l0ZXMgZm9seWFtYXRhdCBhIE5ldExvY2sgS2Z0LiB0ZXJtZWtmZWxlbG9zc2VnLWJpenRv +c2l0YXNhIHZlZGkuIEEgZGlnaXRhbGlzIGFsYWlyYXMgZWxmb2dhZGFzYW5hayBmZWx0ZXRlbGUg +YXogZWxvaXJ0IGVsbGVub3J6ZXNpIGVsamFyYXMgbWVndGV0ZWxlLiBBeiBlbGphcmFzIGxlaXJh +c2EgbWVndGFsYWxoYXRvIGEgTmV0TG9jayBLZnQuIEludGVybmV0IGhvbmxhcGphbiBhIGh0dHBz +Oi8vd3d3Lm5ldGxvY2submV0L2RvY3MgY2ltZW4gdmFneSBrZXJoZXRvIGF6IGVsbGVub3J6ZXNA +bmV0bG9jay5uZXQgZS1tYWlsIGNpbWVuLiBJTVBPUlRBTlQhIFRoZSBpc3N1YW5jZSBhbmQgdGhl +IHVzZSBvZiB0aGlzIGNlcnRpZmljYXRlIGlzIHN1YmplY3QgdG8gdGhlIE5ldExvY2sgQ1BTIGF2 +YWlsYWJsZSBhdCBodHRwczovL3d3dy5uZXRsb2NrLm5ldC9kb2NzIG9yIGJ5IGUtbWFpbCBhdCBj +cHNAbmV0bG9jay5uZXQuMA0GCSqGSIb3DQEBBAUAA4GBAATbrowXr/gOkDFOzT4JwG06sPgzTEdM +43WIEJessDgVkcYplswhwG08pXTP2IKlOcNl40JwuyKQ433bNXbhoLXan3BukxowOR0w2y7jfLKR +stE3Kfq51hdcR0/jHTjrn9V7lagonhVK0dHQKwCXoOKSNitjrFgBazMpUIaD8QFI +-----END CERTIFICATE----- + +NetLock Express (Class C) Root +============================== +-----BEGIN CERTIFICATE----- +MIIFTzCCBLigAwIBAgIBaDANBgkqhkiG9w0BAQQFADCBmzELMAkGA1UEBhMCSFUxETAPBgNVBAcT +CEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0b25zYWdpIEtmdC4xGjAYBgNV +BAsTEVRhbnVzaXR2YW55a2lhZG9rMTQwMgYDVQQDEytOZXRMb2NrIEV4cHJlc3N6IChDbGFzcyBD +KSBUYW51c2l0dmFueWtpYWRvMB4XDTk5MDIyNTE0MDgxMVoXDTE5MDIyMDE0MDgxMVowgZsxCzAJ +BgNVBAYTAkhVMREwDwYDVQQHEwhCdWRhcGVzdDEnMCUGA1UEChMeTmV0TG9jayBIYWxvemF0Yml6 +dG9uc2FnaSBLZnQuMRowGAYDVQQLExFUYW51c2l0dmFueWtpYWRvazE0MDIGA1UEAxMrTmV0TG9j +ayBFeHByZXNzeiAoQ2xhc3MgQykgVGFudXNpdHZhbnlraWFkbzCBnzANBgkqhkiG9w0BAQEFAAOB +jQAwgYkCgYEA6+ywbGGKIyWvYCDj2Z/8kwvbXY2wobNAOoLO/XXgeDIDhlqGlZHtU/qdQPzm6N3Z +W3oDvV3zOwzDUXmbrVWg6dADEK8KuhRC2VImESLH0iDMgqSaqf64gXadarfSNnU+sYYJ9m5tfk63 +euyucYT2BDMIJTLrdKwWRMbkQJMdf60CAwEAAaOCAp8wggKbMBIGA1UdEwEB/wQIMAYBAf8CAQQw +DgYDVR0PAQH/BAQDAgAGMBEGCWCGSAGG+EIBAQQEAwIABzCCAmAGCWCGSAGG+EIBDQSCAlEWggJN +RklHWUVMRU0hIEV6ZW4gdGFudXNpdHZhbnkgYSBOZXRMb2NrIEtmdC4gQWx0YWxhbm9zIFN6b2xn +YWx0YXRhc2kgRmVsdGV0ZWxlaWJlbiBsZWlydCBlbGphcmFzb2sgYWxhcGphbiBrZXN6dWx0LiBB +IGhpdGVsZXNpdGVzIGZvbHlhbWF0YXQgYSBOZXRMb2NrIEtmdC4gdGVybWVrZmVsZWxvc3NlZy1i +aXp0b3NpdGFzYSB2ZWRpLiBBIGRpZ2l0YWxpcyBhbGFpcmFzIGVsZm9nYWRhc2FuYWsgZmVsdGV0 +ZWxlIGF6IGVsb2lydCBlbGxlbm9yemVzaSBlbGphcmFzIG1lZ3RldGVsZS4gQXogZWxqYXJhcyBs +ZWlyYXNhIG1lZ3RhbGFsaGF0byBhIE5ldExvY2sgS2Z0LiBJbnRlcm5ldCBob25sYXBqYW4gYSBo +dHRwczovL3d3dy5uZXRsb2NrLm5ldC9kb2NzIGNpbWVuIHZhZ3kga2VyaGV0byBheiBlbGxlbm9y +emVzQG5ldGxvY2submV0IGUtbWFpbCBjaW1lbi4gSU1QT1JUQU5UISBUaGUgaXNzdWFuY2UgYW5k +IHRoZSB1c2Ugb2YgdGhpcyBjZXJ0aWZpY2F0ZSBpcyBzdWJqZWN0IHRvIHRoZSBOZXRMb2NrIENQ +UyBhdmFpbGFibGUgYXQgaHR0cHM6Ly93d3cubmV0bG9jay5uZXQvZG9jcyBvciBieSBlLW1haWwg +YXQgY3BzQG5ldGxvY2submV0LjANBgkqhkiG9w0BAQQFAAOBgQAQrX/XDDKACtiG8XmYta3UzbM2 +xJZIwVzNmtkFLp++UOv0JhQQLdRmF/iewSf98e3ke0ugbLWrmldwpu2gpO0u9f38vf5NNwgMvOOW +gyL1SRt/Syu0VMGAfJlOHdCM7tCs5ZL6dVb+ZKATj7i4Fp1hBWeAyNDYpQcCNJgEjTME1A== +-----END CERTIFICATE----- + +XRamp Global CA Root +==================== +-----BEGIN CERTIFICATE----- +MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCBgjELMAkGA1UE +BhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2Vj +dXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBB +dXRob3JpdHkwHhcNMDQxMTAxMTcxNDA0WhcNMzUwMTAxMDUzNzE5WjCBgjELMAkGA1UEBhMCVVMx +HjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkg +U2VydmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3Jp +dHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJB69FbS638eMpSe2OAtp87ZOqCwu +IR1cRN8hXX4jdP5efrRKt6atH67gBhbim1vZZ3RrXYCPKZ2GG9mcDZhtdhAoWORlsH9KmHmf4MMx +foArtYzAQDsRhtDLooY2YKTVMIJt2W7QDxIEM5dfT2Fa8OT5kavnHTu86M/0ay00fOJIYRyO82FE +zG+gSqmUsE3a56k0enI4qEHMPJQRfevIpoy3hsvKMzvZPTeL+3o+hiznc9cKV6xkmxnr9A8ECIqs +AxcZZPRaJSKNNCyy9mgdEm3Tih4U2sSPpuIjhdV6Db1q4Ons7Be7QhtnqiXtRYMh/MHJfNViPvry +xS3T/dRlAgMBAAGjgZ8wgZwwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1Ud +EwEB/wQFMAMBAf8wHQYDVR0OBBYEFMZPoj0GY4QJnM5i5ASsjVy16bYbMDYGA1UdHwQvMC0wK6Ap +oCeGJWh0dHA6Ly9jcmwueHJhbXBzZWN1cml0eS5jb20vWEdDQS5jcmwwEAYJKwYBBAGCNxUBBAMC +AQEwDQYJKoZIhvcNAQEFBQADggEBAJEVOQMBG2f7Shz5CmBbodpNl2L5JFMn14JkTpAuw0kbK5rc +/Kh4ZzXxHfARvbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt +qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLaIR9NmXmd4c8n +nxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSyi6mx5O+aGtA9aZnuqCij4Tyz +8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQO+7ETPTsJ3xCwnR8gooJybQDJbw= +-----END CERTIFICATE----- + +Go Daddy Class 2 CA +=================== +-----BEGIN CERTIFICATE----- +MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMY +VGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRp +ZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkG +A1UEBhMCVVMxITAfBgNVBAoTGFRoZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28g +RGFkZHkgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQAD +ggENADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCAPVYYYwhv +2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6wwdhFJ2+qN1j3hybX2C32 +qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXiEqITLdiOr18SPaAIBQi2XKVlOARFmR6j +YGB0xUGlcmIbYsUfb18aQr4CUWWoriMYavx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmY +vLEHZ6IVDd2gWMZEewo+YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0O +BBYEFNLEsNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h/t2o +atTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMu +MTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwG +A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wim +PQoZ+YeAEW5p5JYXMP80kWNyOO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKt +I3lpjbi2Tc7PTMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ +HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mERdEr/VxqHD3VI +Ls9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5CufReYNnyicsbkqWletNw+vHX/b +vZ8= +-----END CERTIFICATE----- + +Starfield Class 2 CA +==================== +-----BEGIN CERTIFICATE----- +MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzElMCMGA1UEChMc +U3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZpZWxkIENsYXNzIDIg +Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQwNjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBo +MQswCQYDVQQGEwJVUzElMCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAG +A1UECxMpU3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqG +SIb3DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf8MOh2tTY +bitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN+lq2cwQlZut3f+dZxkqZ +JRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVm +epsZGD3/cVE8MC5fvj13c7JdBmzDI1aaK4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSN +F4Azbl5KXZnJHoe0nRrA1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HF +MIHCMB0GA1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fRzt0f +hvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNo +bm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBDbGFzcyAyIENlcnRpZmljYXRpb24g +QXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGs +afPzWdqbAYcaT1epoXkJKtv3L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLM +PUxA2IGvd56Deruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl +xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynpVSJYACPq4xJD +KVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEYWQPJIrSPnNVeKtelttQKbfi3 +QBFGmh95DmK/D5fs4C8fF5Q= +-----END CERTIFICATE----- + +StartCom Certification Authority +================================ +-----BEGIN CERTIFICATE----- +MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMN +U3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmlu +ZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0 +NjM2WhcNMzYwOTE3MTk0NjM2WjB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRk +LjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMg +U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw +ggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZkpMyONvg45iPwbm2xPN1y +o4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rfOQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/ +Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/CJi/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/d +eMotHweXMAEtcnn6RtYTKqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt +2PZE4XNiHzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMMAv+Z +6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w+2OqqGwaVLRcJXrJ +osmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/ +untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVc +UjyJthkqcwEKDwOzEmDyei+B26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT +37uMdBNSSwIDAQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE +FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9jZXJ0LnN0YXJ0 +Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3JsLnN0YXJ0Y29tLm9yZy9zZnNj +YS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFMBgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUH +AgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRw +Oi8vY2VydC5zdGFydGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYg +U3RhcnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlhYmlsaXR5 +LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2YgdGhlIFN0YXJ0Q29tIENl +cnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFpbGFibGUgYXQgaHR0cDovL2NlcnQuc3Rh +cnRjb20ub3JnL3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilT +dGFydENvbSBGcmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOC +AgEAFmyZ9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8jhvh +3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUWFjgKXlf2Ysd6AgXm +vB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJzewT4F+irsfMuXGRuczE6Eri8sxHk +fY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3 +fsNrarnDy0RLrHiQi+fHLB5LEUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZ +EoalHmdkrQYuL6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq +yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuCO3NJo2pXh5Tl +1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6Vum0ABj6y6koQOdjQK/W/7HW/ +lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkyShNOsF/5oirpt9P/FlUQqmMGqz9IgcgA38coro +g14= +-----END CERTIFICATE----- + +Taiwan GRCA +=========== +-----BEGIN CERTIFICATE----- +MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/MQswCQYDVQQG +EwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4X +DTAyMTIwNTEzMjMzM1oXDTMyMTIwNTEzMjMzM1owPzELMAkGA1UEBhMCVFcxMDAuBgNVBAoMJ0dv +dmVybm1lbnQgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQAD +ggIPADCCAgoCggIBAJoluOzMonWoe/fOW1mKydGGEghU7Jzy50b2iPN86aXfTEc2pBsBHH8eV4qN +w8XRIePaJD9IK/ufLqGU5ywck9G/GwGHU5nOp/UKIXZ3/6m3xnOUT0b3EEk3+qhZSV1qgQdW8or5 +BtD3cCJNtLdBuTK4sfCxw5w/cP1T3YGq2GN49thTbqGsaoQkclSGxtKyyhwOeYHWtXBiCAEuTk8O +1RGvqa/lmr/czIdtJuTJV6L7lvnM4T9TjGxMfptTCAtsF/tnyMKtsc2AtJfcdgEWFelq16TheEfO +htX7MfP6Mb40qij7cEwdScevLJ1tZqa2jWR+tSBqnTuBto9AAGdLiYa4zGX+FVPpBMHWXx1E1wov +J5pGfaENda1UhhXcSTvxls4Pm6Dso3pdvtUqdULle96ltqqvKKyskKw4t9VoNSZ63Pc78/1Fm9G7 +Q3hub/FCVGqY8A2tl+lSXunVanLeavcbYBT0peS2cWeqH+riTcFCQP5nRhc4L0c/cZyu5SHKYS1t +B6iEfC3uUSXxY5Ce/eFXiGvviiNtsea9P63RPZYLhY3Naye7twWb7LuRqQoHEgKXTiCQ8P8NHuJB +O9NAOueNXdpm5AKwB1KYXA6OM5zCppX7VRluTI6uSw+9wThNXo+EHWbNxWCWtFJaBYmOlXqYwZE8 +lSOyDvR5tMl8wUohAgMBAAGjajBoMB0GA1UdDgQWBBTMzO/MKWCkO7GStjz6MmKPrCUVOzAMBgNV +HRMEBTADAQH/MDkGBGcqBwAEMTAvMC0CAQAwCQYFKw4DAhoFADAHBgVnKgMAAAQUA5vwIhP/lSg2 +09yewDL7MTqKUWUwDQYJKoZIhvcNAQEFBQADggIBAECASvomyc5eMN1PhnR2WPWus4MzeKR6dBcZ +TulStbngCnRiqmjKeKBMmo4sIy7VahIkv9Ro04rQ2JyftB8M3jh+Vzj8jeJPXgyfqzvS/3WXy6Tj +Zwj/5cAWtUgBfen5Cv8b5Wppv3ghqMKnI6mGq3ZW6A4M9hPdKmaKZEk9GhiHkASfQlK3T8v+R0F2 +Ne//AHY2RTKbxkaFXeIksB7jSJaYV0eUVXoPQbFEJPPB/hprv4j9wabak2BegUqZIJxIZhm1AHlU +D7gsL0u8qV1bYH+Mh6XgUmMqvtg7hUAV/h62ZT/FS9p+tXo1KaMuephgIqP0fSdOLeq0dDzpD6Qz +DxARvBMB1uUO07+1EqLhRSPAzAhuYbeJq4PjJB7mXQfnHyA+z2fI56wwbSdLaG5LKlwCCDTb+Hbk +Z6MmnD+iMsJKxYEYMRBWqoTvLQr/uB930r+lWKBi5NdLkXWNiYCYfm3LU05er/ayl4WXudpVBrkk +7tfGOB5jGxI7leFYrPLfhNVfmS8NVVvmONsuP3LpSIXLuykTjx44VbnzssQwmSNOXfJIoRIM3BKQ +CZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDeLMDDav7v3Aun+kbfYNucpllQdSNpc5Oy ++fwC00fmcc4QAu4njIT/rEUNE1yDMuAlpYYsfPQS +-----END CERTIFICATE----- + +Firmaprofesional Root CA +======================== +-----BEGIN CERTIFICATE----- +MIIEVzCCAz+gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBnTELMAkGA1UEBhMCRVMxIjAgBgNVBAcT +GUMvIE11bnRhbmVyIDI0NCBCYXJjZWxvbmExQjBABgNVBAMTOUF1dG9yaWRhZCBkZSBDZXJ0aWZp +Y2FjaW9uIEZpcm1hcHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2ODEmMCQGCSqGSIb3DQEJARYXY2FA +ZmlybWFwcm9mZXNpb25hbC5jb20wHhcNMDExMDI0MjIwMDAwWhcNMTMxMDI0MjIwMDAwWjCBnTEL +MAkGA1UEBhMCRVMxIjAgBgNVBAcTGUMvIE11bnRhbmVyIDI0NCBCYXJjZWxvbmExQjBABgNVBAMT +OUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1hcHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2 +ODEmMCQGCSqGSIb3DQEJARYXY2FAZmlybWFwcm9mZXNpb25hbC5jb20wggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQDnIwNvbyOlXnjOlSztlB5uCp4Bx+ow0Syd3Tfom5h5VtP8c9/Qit5V +j1H5WuretXDE7aTt/6MNbg9kUDGvASdYrv5sp0ovFy3Tc9UTHI9ZpTQsHVQERc1ouKDAA6XPhUJH +lShbz++AbOCQl4oBPB3zhxAwJkh91/zpnZFx/0GaqUC1N5wpIE8fUuOgfRNtVLcK3ulqTgesrBlf +3H5idPayBQC6haD9HThuy1q7hryUZzM1gywfI834yJFxzJeL764P3CkDG8A563DtwW4O2GcLiam8 +NeTvtjS0pbbELaW+0MOUJEjb35bTALVmGotmBQ/dPz/LP6pemkr4tErvlTcbAgMBAAGjgZ8wgZww +KgYDVR0RBCMwIYYfaHR0cDovL3d3dy5maXJtYXByb2Zlc2lvbmFsLmNvbTASBgNVHRMBAf8ECDAG +AQH/AgEBMCsGA1UdEAQkMCKADzIwMDExMDI0MjIwMDAwWoEPMjAxMzEwMjQyMjAwMDBaMA4GA1Ud +DwEB/wQEAwIBBjAdBgNVHQ4EFgQUMwugZtHq2s7eYpMEKFK1FH84aLcwDQYJKoZIhvcNAQEFBQAD +ggEBAEdz/o0nVPD11HecJ3lXV7cVVuzH2Fi3AQL0M+2TUIiefEaxvT8Ub/GzR0iLjJcG1+p+o1wq +u00vR+L4OQbJnC4xGgN49Lw4xiKLMzHwFgQEffl25EvXwOaD7FnMP97/T2u3Z36mhoEyIwOdyPdf +wUpgpZKpsaSgYMN4h7Mi8yrrW6ntBas3D7Hi05V2Y1Z0jFhyGzflZKG+TQyTmAyX9odtsz/ny4Cm +7YjHX1BiAuiZdBbQ5rQ58SfLyEDW44YQqSMSkuBpQWOnryULwMWSyx6Yo1q6xTMPoJcB3X/ge9YG +VM+h4k0460tQtcsm9MracEpqoeJ5quGnM/b9Sh/22WA= +-----END CERTIFICATE----- + +Wells Fargo Root CA +=================== +-----BEGIN CERTIFICATE----- +MIID5TCCAs2gAwIBAgIEOeSXnjANBgkqhkiG9w0BAQUFADCBgjELMAkGA1UEBhMCVVMxFDASBgNV +BAoTC1dlbGxzIEZhcmdvMSwwKgYDVQQLEyNXZWxscyBGYXJnbyBDZXJ0aWZpY2F0aW9uIEF1dGhv +cml0eTEvMC0GA1UEAxMmV2VsbHMgRmFyZ28gUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcN +MDAxMDExMTY0MTI4WhcNMjEwMTE0MTY0MTI4WjCBgjELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1dl +bGxzIEZhcmdvMSwwKgYDVQQLEyNXZWxscyBGYXJnbyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEv +MC0GA1UEAxMmV2VsbHMgRmFyZ28gUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVqDM7Jvk0/82bfuUER84A4n135zHCLielTWi5MbqNQ1mX +x3Oqfz1cQJ4F5aHiidlMuD+b+Qy0yGIZLEWukR5zcUHESxP9cMIlrCL1dQu3U+SlK93OvRw6esP3 +E48mVJwWa2uv+9iWsWCaSOAlIiR5NM4OJgALTqv9i86C1y8IcGjBqAr5dE8Hq6T54oN+J3N0Prj5 +OEL8pahbSCOz6+MlsoCultQKnMJ4msZoGK43YjdeUXWoWGPAUe5AeH6orxqg4bB4nVCMe+ez/I4j +sNtlAHCEAQgAFG5Uhpq6zPk3EPbg3oQtnaSFN9OH4xXQwReQfhkhahKpdv0SAulPIV4XAgMBAAGj +YTBfMA8GA1UdEwEB/wQFMAMBAf8wTAYDVR0gBEUwQzBBBgtghkgBhvt7hwcBCzAyMDAGCCsGAQUF +BwIBFiRodHRwOi8vd3d3LndlbGxzZmFyZ28uY29tL2NlcnRwb2xpY3kwDQYJKoZIhvcNAQEFBQAD +ggEBANIn3ZwKdyu7IvICtUpKkfnRLb7kuxpo7w6kAOnu5+/u9vnldKTC2FJYxHT7zmu1Oyl5GFrv +m+0fazbuSCUlFLZWohDo7qd/0D+j0MNdJu4HzMPBJCGHHt8qElNvQRbn7a6U+oxy+hNH8Dx+rn0R +OhPs7fpvcmR7nX1/Jv16+yWt6j4pf0zjAFcysLPp7VMX2YuyFA4w6OXVE8Zkr8QA1dhYJPz1j+zx +x32l2w8n0cbyQIjmH/ZhqPRCyLk306m+LFZ4wnKbWV01QIroTmMatukgalHizqSQ33ZwmVxwQ023 +tqcZZE6St8WRPH9IFmV7Fv3L/PvZ1dZPIWU7Sn9Ho/s= +-----END CERTIFICATE----- + +Swisscom Root CA 1 +================== +-----BEGIN CERTIFICATE----- +MIIF2TCCA8GgAwIBAgIQXAuFXAvnWUHfV8w/f52oNjANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQG +EwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2VydGlmaWNhdGUgU2Vy +dmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3QgQ0EgMTAeFw0wNTA4MTgxMjA2MjBaFw0yNTA4 +MTgyMjA2MjBaMGQxCzAJBgNVBAYTAmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGln +aXRhbCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAxMIIC +IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0LmwqAzZuz8h+BvVM5OAFmUgdbI9m2BtRsiM +MW8Xw/qabFbtPMWRV8PNq5ZJkCoZSx6jbVfd8StiKHVFXqrWW/oLJdihFvkcxC7mlSpnzNApbjyF +NDhhSbEAn9Y6cV9Nbc5fuankiX9qUvrKm/LcqfmdmUc/TilftKaNXXsLmREDA/7n29uj/x2lzZAe +AR81sH8A25Bvxn570e56eqeqDFdvpG3FEzuwpdntMhy0XmeLVNxzh+XTF3xmUHJd1BpYwdnP2IkC +b6dJtDZd0KTeByy2dbcokdaXvij1mB7qWybJvbCXc9qukSbraMH5ORXWZ0sKbU/Lz7DkQnGMU3nn +7uHbHaBuHYwadzVcFh4rUx80i9Fs/PJnB3r1re3WmquhsUvhzDdf/X/NTa64H5xD+SpYVUNFvJbN +cA78yeNmuk6NO4HLFWR7uZToXTNShXEuT46iBhFRyePLoW4xCGQMwtI89Tbo19AOeCMgkckkKmUp +WyL3Ic6DXqTz3kvTaI9GdVyDCW4pa8RwjPWd1yAv/0bSKzjCL3UcPX7ape8eYIVpQtPM+GP+HkM5 +haa2Y0EQs3MevNP6yn0WR+Kn1dCjigoIlmJWbjTb2QK5MHXjBNLnj8KwEUAKrNVxAmKLMb7dxiNY +MUJDLXT5xp6mig/p/r+D5kNXJLrvRjSq1xIBOO0CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYw +HQYDVR0hBBYwFDASBgdghXQBUwABBgdghXQBUwABMBIGA1UdEwEB/wQIMAYBAf8CAQcwHwYDVR0j +BBgwFoAUAyUv3m+CATpcLNwroWm1Z9SM0/0wHQYDVR0OBBYEFAMlL95vggE6XCzcK6FptWfUjNP9 +MA0GCSqGSIb3DQEBBQUAA4ICAQA1EMvspgQNDQ/NwNurqPKIlwzfky9NfEBWMXrrpA9gzXrzvsMn +jgM+pN0S734edAY8PzHyHHuRMSG08NBsl9Tpl7IkVh5WwzW9iAUPWxAaZOHHgjD5Mq2eUCzneAXQ +MbFamIp1TpBcahQq4FJHgmDmHtqBsfsUC1rxn9KVuj7QG9YVHaO+htXbD8BJZLsuUBlL0iT43R4H +VtA4oJVwIHaM190e3p9xxCPvgxNcoyQVTSlAPGrEqdi3pkSlDfTgnXceQHAm/NrZNuR55LU/vJtl +vrsRls/bxig5OgjOR1tTWsWZ/l2p3e9M1MalrQLmjAcSHm8D0W+go/MpvRLHUKKwf4ipmXeascCl +OS5cfGniLLDqN2qk4Vrh9VDlg++luyqI54zb/W1elxmofmZ1a3Hqv7HHb6D0jqTsNFFbjCYDcKF3 +1QESVwA12yPeDooomf2xEG9L/zgtYE4snOtnta1J7ksfrK/7DZBaZmBwXarNeNQk7shBoJMBkpxq +nvy5JMWzFYJ+vq6VK+uxwNrjAWALXmmshFZhvnEX/h0TD/7Gh0Xp/jKgGg0TpJRVcaUWi7rKibCy +x/yP2FS1k2Kdzs9Z+z0YzirLNRWCXf9UIltxUvu3yf5gmwBBZPCqKuy2QkPOiWaByIufOVQDJdMW +NY6E0F/6MBr1mmz0DlP5OlvRHA== +-----END CERTIFICATE----- + +DigiCert Assured ID Root CA +=========================== +-----BEGIN CERTIFICATE----- +MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSQw +IgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzEx +MTEwMDAwMDAwWjBlMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQL +ExB3d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0Ew +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7cJpSIqvTO +9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYPmDI2dsze3Tyoou9q+yHy +UmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW +/lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpy +oeb6pNnVFzF1roV9Iq4/AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whf +GHdPAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRF +66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzANBgkq +hkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRCdWKuh+vy1dneVrOfzM4UKLkNl2Bc +EkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTffwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38Fn +SbNd67IJKusm7Xi+fT8r87cmNW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i +8b5QZ7dsvfPxH2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe ++o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g== +-----END CERTIFICATE----- + +DigiCert Global Root CA +======================= +-----BEGIN CERTIFICATE----- +MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBhMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAw +HgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAw +MDAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3 +dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsBCSDMAZOn +TjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97nh6Vfe63SKMI2tavegw5 +BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt43C/dxC//AH2hdmoRBBYMql1GNXRor5H +4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7PT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y +7vrTC0LUq7dBMtoM1O/4gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQAB +o2MwYTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbRTLtm +8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJKoZIhvcNAQEF +BQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/EsrhMAtudXH/vTBH1jLuG2cenTnmCmr +EbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIt +tep3Sp+dWOIrWcBAI+0tKIJFPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886 +UAb3LujEV0lsYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk +CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4= +-----END CERTIFICATE----- + +DigiCert High Assurance EV Root CA +================================== +-----BEGIN CERTIFICATE----- +MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBsMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSsw +KQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAw +MFoXDTMxMTExMDAwMDAwMFowbDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZ +MBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFu +Y2UgRVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm+9S75S0t +Mqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTWPNt0OKRKzE0lgvdKpVMS +OO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEMxChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3 +MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFBIk5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQ +NAQTXKFx01p8VdteZOE3hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUe +h10aUAsgEsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMB +Af8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSY +JhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3NecnzyIZgYIVyHbIUf4KmeqvxgydkAQ +V8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6zeM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFp +myPInngiK3BD41VHMWEZ71jFhS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkK +mNEVX58Svnw2Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe +vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep+OkuE6N36B9K +-----END CERTIFICATE----- + +Certplus Class 2 Primary CA +=========================== +-----BEGIN CERTIFICATE----- +MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAwPTELMAkGA1UE +BhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFzcyAyIFByaW1hcnkgQ0EwHhcN +OTkwNzA3MTcwNTAwWhcNMTkwNzA2MjM1OTU5WjA9MQswCQYDVQQGEwJGUjERMA8GA1UEChMIQ2Vy +dHBsdXMxGzAZBgNVBAMTEkNsYXNzIDIgUHJpbWFyeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBANxQltAS+DXSCHh6tlJw/W/uz7kRy1134ezpfgSN1sxvc0NXYKwzCkTsA18cgCSR +5aiRVhKC9+Ar9NuuYS6JEI1rbLqzAr3VNsVINyPi8Fo3UjMXEuLRYE2+L0ER4/YXJQyLkcAbmXuZ +Vg2v7tK8R1fjeUl7NIknJITesezpWE7+Tt9avkGtrAjFGA7v0lPubNCdEgETjdyAYveVqUSISnFO +YFWe2yMZeVYHDD9jC1yw4r5+FfyUM1hBOHTE4Y+L3yasH7WLO7dDWWuwJKZtkIvEcupdM5i3y95e +e++U8Rs+yskhwcWYAqqi9lt3m/V+llU0HGdpwPFC40es/CgcZlUCAwEAAaOBjDCBiTAPBgNVHRME +CDAGAQH/AgEKMAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQU43Mt38sOKAze3bOkynm4jrvoMIkwEQYJ +YIZIAYb4QgEBBAQDAgEGMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly93d3cuY2VydHBsdXMuY29t +L0NSTC9jbGFzczIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQCnVM+IRBnL39R/AN9WM2K191EBkOvD +P9GIROkkXe/nFL0gt5o8AP5tn9uQ3Nf0YtaLcF3n5QRIqWh8yfFC82x/xXp8HVGIutIKPidd3i1R +TtMTZGnkLuPT55sJmabglZvOGtd/vjzOUrMRFcEPF80Du5wlFbqidon8BvEY0JNLDnyCt6X09l/+ +7UCmnYR0ObncHoUW2ikbhiMAybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW +//1IMwrh3KWBkJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7 +l7+ijrRU +-----END CERTIFICATE----- + +DST Root CA X3 +============== +-----BEGIN CERTIFICATE----- +MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/MSQwIgYDVQQK +ExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMTDkRTVCBSb290IENBIFgzMB4X +DTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVowPzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1 +cmUgVHJ1c3QgQ28uMRcwFQYDVQQDEw5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmT +rE4Orz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEqOLl5CjH9 +UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9bxiqKqy69cK3FCxolkHRy +xXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40d +utolucbY38EVAjqr2m7xPi71XAicPNaDaeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0T +AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQ +MA0GCSqGSIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69ikug +dB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXrAvHRAosZy5Q6XkjE +GB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZzR8srzJmwN0jP41ZL9c8PDHIyh8bw +RLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubS +fZGL+T0yjWW06XyxV3bqxbYoOb8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ +-----END CERTIFICATE----- + +DST ACES CA X6 +============== +-----BEGIN CERTIFICATE----- +MIIECTCCAvGgAwIBAgIQDV6ZCtadt3js2AdWO4YV2TANBgkqhkiG9w0BAQUFADBbMQswCQYDVQQG +EwJVUzEgMB4GA1UEChMXRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QxETAPBgNVBAsTCERTVCBBQ0VT +MRcwFQYDVQQDEw5EU1QgQUNFUyBDQSBYNjAeFw0wMzExMjAyMTE5NThaFw0xNzExMjAyMTE5NTha +MFsxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdDERMA8GA1UE +CxMIRFNUIEFDRVMxFzAVBgNVBAMTDkRTVCBBQ0VTIENBIFg2MIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAuT31LMmU3HWKlV1j6IR3dma5WZFcRt2SPp/5DgO0PWGSvSMmtWPuktKe1jzI +DZBfZIGxqAgNTNj50wUoUrQBJcWVHAx+PhCEdc/BGZFjz+iokYi5Q1K7gLFViYsx+tC3dr5BPTCa +pCIlF3PoHuLTrCq9Wzgh1SpL11V94zpVvddtawJXa+ZHfAjIgrrep4c9oW24MFbCswKBXy314pow +GCi4ZtPLAZZv6opFVdbgnf9nKxcCpk4aahELfrd755jWjHZvwTvbUJN+5dCOHze4vbrGn2zpfDPy +MjwmR/onJALJfh1biEITajV8fTXpLmaRcpPVMibEdPVTo7NdmvYJywIDAQABo4HIMIHFMA8GA1Ud +EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgHGMB8GA1UdEQQYMBaBFHBraS1vcHNAdHJ1c3Rkc3Qu +Y29tMGIGA1UdIARbMFkwVwYKYIZIAWUDAgEBATBJMEcGCCsGAQUFBwIBFjtodHRwOi8vd3d3LnRy +dXN0ZHN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9saWN5L0FDRVMtaW5kZXguaHRtbDAdBgNVHQ4EFgQU +CXIGThhDD+XWzMNqizF7eI+og7gwDQYJKoZIhvcNAQEFBQADggEBAKPYjtay284F5zLNAdMEA+V2 +5FYrnJmQ6AgwbN99Pe7lv7UkQIRJ4dEorsTCOlMwiPH1d25Ryvr/ma8kXxug/fKshMrfqfBfBC6t +Fr8hlxCBPeP/h40y3JTlR4peahPJlJU90u7INJXQgNStMgiAVDzgvVJT11J8smk/f3rPanTK+gQq +nExaBqXpIK1FZg9p8d2/6eMyi/rgwYZNcjwu2JN4Cir42NInPRmJX1p7ijvMDNpRrscL9yuwNwXs +vFcj4jjSm2jzVhKIT0J8uDHEtdvkyCE06UgRNe76x5JXxZ805Mf29w4LTJxoeHtxMcfrHuBnQfO3 +oKfN5XozNmr6mis= +-----END CERTIFICATE----- + +TURKTRUST Certificate Services Provider Root 1 +============================================== +-----BEGIN CERTIFICATE----- +MIID+zCCAuOgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBtzE/MD0GA1UEAww2VMOcUktUUlVTVCBF +bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxMQswCQYDVQQGDAJUUjEP +MA0GA1UEBwwGQU5LQVJBMVYwVAYDVQQKDE0oYykgMjAwNSBUw5xSS1RSVVNUIEJpbGdpIMSwbGV0 +acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLjAeFw0wNTA1MTMx +MDI3MTdaFw0xNTAzMjIxMDI3MTdaMIG3MT8wPQYDVQQDDDZUw5xSS1RSVVNUIEVsZWt0cm9uaWsg +U2VydGlmaWthIEhpem1ldCBTYcSfbGF5xLFjxLFzxLExCzAJBgNVBAYMAlRSMQ8wDQYDVQQHDAZB +TktBUkExVjBUBgNVBAoMTShjKSAyMDA1IFTDnFJLVFJVU1QgQmlsZ2kgxLBsZXRpxZ9pbSB2ZSBC +aWxpxZ9pbSBHw7x2ZW5sacSfaSBIaXptZXRsZXJpIEEuxZ4uMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAylIF1mMD2Bxf3dJ7XfIMYGFbazt0K3gNfUW9InTojAPBxhEqPZW8qZSwu5GX +yGl8hMW0kWxsE2qkVa2kheiVfrMArwDCBRj1cJ02i67L5BuBf5OI+2pVu32Fks66WJ/bMsW9Xe8i +Si9BB35JYbOG7E6mQW6EvAPs9TscyB/C7qju6hJKjRTP8wrgUDn5CDX4EVmt5yLqS8oUBt5CurKZ +8y1UiBAG6uEaPj1nH/vO+3yC6BFdSsG5FOpU2WabfIl9BJpiyelSPJ6c79L1JuTm5Rh8i27fbMx4 +W09ysstcP4wFjdFMjK2Sx+F4f2VsSQZQLJ4ywtdKxnWKWU51b0dewQIDAQABoxAwDjAMBgNVHRME +BTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAV9VX/N5aAWSGk/KEVTCD21F/aAyT8z5Aa9CEKmu46 +sWrv7/hg0Uw2ZkUd82YCdAR7kjCo3gp2D++Vbr3JN+YaDayJSFvMgzbC9UZcWYJWtNX+I7TYVBxE +q8Sn5RTOPEFhfEPmzcSBCYsk+1Ql1haolgxnB2+zUEfjHCQo3SqYpGH+2+oSN7wBGjSFvW5P55Fy +B0SFHljKVETd96y5y4khctuPwGkplyqjrhgjlxxBKot8KsF8kOipKMDTkcatKIdAaLX/7KfS0zgY +nNN9aV3wxqUeJBujR/xpB2jn5Jq07Q+hh4cCzofSSE7hvP/L8XKSRGQDJereW26fyfJOrN3H +-----END CERTIFICATE----- + +TURKTRUST Certificate Services Provider Root 2 +============================================== +-----BEGIN CERTIFICATE----- +MIIEPDCCAySgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvjE/MD0GA1UEAww2VMOcUktUUlVTVCBF +bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxMQswCQYDVQQGEwJUUjEP +MA0GA1UEBwwGQW5rYXJhMV0wWwYDVQQKDFRUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUg +QmlsacWfaW0gR8O8dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLiAoYykgS2FzxLFtIDIwMDUwHhcN +MDUxMTA3MTAwNzU3WhcNMTUwOTE2MTAwNzU3WjCBvjE/MD0GA1UEAww2VMOcUktUUlVTVCBFbGVr +dHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxMQswCQYDVQQGEwJUUjEPMA0G +A1UEBwwGQW5rYXJhMV0wWwYDVQQKDFRUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmls +acWfaW0gR8O8dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLiAoYykgS2FzxLFtIDIwMDUwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpNn7DkUNMwxmYCMjHWHtPFoylzkkBH3MOrHUTpvqe +LCDe2JAOCtFp0if7qnefJ1Il4std2NiDUBd9irWCPwSOtNXwSadktx4uXyCcUHVPr+G1QRT0mJKI +x+XlZEdhR3n9wFHxwZnn3M5q+6+1ATDcRhzviuyV79z/rxAc653YsKpqhRgNF8k+v/Gb0AmJQv2g +QrSdiVFVKc8bcLyEVK3BEx+Y9C52YItdP5qtygy/p1Zbj3e41Z55SZI/4PGXJHpsmxcPbe9TmJEr +5A++WXkHeLuXlfSfadRYhwqp48y2WBmfJiGxxFmNskF1wK1pzpwACPI2/z7woQ8arBT9pmAPAgMB +AAGjQzBBMB0GA1UdDgQWBBTZN7NOBf3Zz58SFq62iS/rJTqIHDAPBgNVHQ8BAf8EBQMDBwYAMA8G +A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAHJglrfJ3NgpXiOFX7KzLXb7iNcX/ntt +Rbj2hWyfIvwqECLsqrkw9qtY1jkQMZkpAL2JZkH7dN6RwRgLn7Vhy506vvWolKMiVW4XSf/SKfE4 +Jl3vpao6+XF75tpYHdN0wgH6PmlYX63LaL4ULptswLbcoCb6dxriJNoaN+BnrdFzgw2lGh1uEpJ+ +hGIAF728JRhX8tepb1mIvDS3LoV4nZbcFMMsilKbloxSZj2GFotHuFEJjOp9zYhys2AzsfAKRO8P +9Qk3iCQOLGsgOqL6EfJANZxEaGM7rDNvY7wsu/LSy3Z9fYjYHcgFHW68lKlmjHdxx/qR+i9Rnuk5 +UrbnBEI= +-----END CERTIFICATE----- + +SwissSign Gold CA - G2 +====================== +-----BEGIN CERTIFICATE----- +MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkNIMRUw +EwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2lnbiBHb2xkIENBIC0gRzIwHhcN +MDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBFMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dp +c3NTaWduIEFHMR8wHQYDVQQDExZTd2lzc1NpZ24gR29sZCBDQSAtIEcyMIICIjANBgkqhkiG9w0B +AQEFAAOCAg8AMIICCgKCAgEAr+TufoskDhJuqVAtFkQ7kpJcyrhdhJJCEyq8ZVeCQD5XJM1QiyUq +t2/876LQwB8CJEoTlo8jE+YoWACjR8cGp4QjK7u9lit/VcyLwVcfDmJlD909Vopz2q5+bbqBHH5C +jCA12UNNhPqE21Is8w4ndwtrvxEvcnifLtg+5hg3Wipy+dpikJKVyh+c6bM8K8vzARO/Ws/BtQpg +vd21mWRTuKCWs2/iJneRjOBiEAKfNA+k1ZIzUd6+jbqEemA8atufK+ze3gE/bk3lUIbLtK/tREDF +ylqM2tIrfKjuvqblCqoOpd8FUrdVxyJdMmqXl2MT28nbeTZ7hTpKxVKJ+STnnXepgv9VHKVxaSvR +AiTysybUa9oEVeXBCsdtMDeQKuSeFDNeFhdVxVu1yzSJkvGdJo+hB9TGsnhQ2wwMC3wLjEHXuend +jIj3o02yMszYF9rNt85mndT9Xv+9lz4pded+p2JYryU0pUHHPbwNUMoDAw8IWh+Vc3hiv69yFGkO +peUDDniOJihC8AcLYiAQZzlG+qkDzAQ4embvIIO1jEpWjpEA/I5cgt6IoMPiaG59je883WX0XaxR +7ySArqpWl2/5rX3aYT+YdzylkbYcjCbaZaIJbcHiVOO5ykxMgI93e2CaHt+28kgeDrpOVG2Y4OGi +GqJ3UM/EY5LsRxmd6+ZrzsECAwEAAaOBrDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQUWyV7lqRlUX64OfPAeGZe6Drn8O4wHwYDVR0jBBgwFoAUWyV7lqRlUX64 +OfPAeGZe6Drn8O4wRgYDVR0gBD8wPTA7BglghXQBWQECAQEwLjAsBggrBgEFBQcCARYgaHR0cDov +L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBACe645R88a7A3hfm +5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczOUYrHUDFu4Up+GC9pWbY9ZIEr +44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5O1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOf +Mke6UiI0HTJ6CVanfCU2qT1L2sCCbwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6m +Gu6uLftIdxf+u+yvGPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxp +mo/a77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCChdiDyyJk +vC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid392qgQmwLOM7XdVAyksLf +KzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEppLd6leNcG2mqeSz53OiATIgHQv2ieY2Br +NU0LbbqhPcCT4H8js1WtciVORvnSFu+wZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6Lqj +viOvrv1vA+ACOzB2+httQc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ +-----END CERTIFICATE----- + +SwissSign Silver CA - G2 +======================== +-----BEGIN CERTIFICATE----- +MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCQ0gxFTAT +BgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMB4X +DTA2MTAyNTA4MzI0NloXDTM2MTAyNTA4MzI0NlowRzELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3 +aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEAxPGHf9N4Mfc4yfjDmUO8x/e8N+dOcbpLj6VzHVxumK4DV644 +N0MvFz0fyM5oEMF4rhkDKxD6LHmD9ui5aLlV8gREpzn5/ASLHvGiTSf5YXu6t+WiE7brYT7QbNHm ++/pe7R20nqA1W6GSy/BJkv6FCgU+5tkL4k+73JU3/JHpMjUi0R86TieFnbAVlDLaYQ1HTWBCrpJH +6INaUFjpiou5XaHc3ZlKHzZnu0jkg7Y360g6rw9njxcH6ATK72oxh9TAtvmUcXtnZLi2kUpCe2Uu +MGoM9ZDulebyzYLs2aFK7PayS+VFheZteJMELpyCbTapxDFkH4aDCyr0NQp4yVXPQbBH6TCfmb5h +qAaEuSh6XzjZG6k4sIN/c8HDO0gqgg8hm7jMqDXDhBuDsz6+pJVpATqJAHgE2cn0mRmrVn5bi4Y5 +FZGkECwJMoBgs5PAKrYYC51+jUnyEEp/+dVGLxmSo5mnJqy7jDzmDrxHB9xzUfFwZC8I+bRHHTBs +ROopN4WSaGa8gzj+ezku01DwH/teYLappvonQfGbGHLy9YR0SslnxFSuSGTfjNFusB3hB48IHpmc +celM2KX3RxIfdNFRnobzwqIjQAtz20um53MGjMGg6cFZrEb65i/4z3GcRm25xBWNOHkDRUjvxF3X +CO6HOSKGsg0PWEP3calILv3q1h8CAwEAAaOBrDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ +BAUwAwEB/zAdBgNVHQ4EFgQUF6DNweRBtjpbO8tFnb0cwpj6hlgwHwYDVR0jBBgwFoAUF6DNweRB +tjpbO8tFnb0cwpj6hlgwRgYDVR0gBD8wPTA7BglghXQBWQEDAQEwLjAsBggrBgEFBQcCARYgaHR0 +cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBAHPGgeAn0i0P +4JUw4ppBf1AsX19iYamGamkYDHRJ1l2E6kFSGG9YrVBWIGrGvShpWJHckRE1qTodvBqlYJ7YH39F +kWnZfrt4csEGDyrOj4VwYaygzQu4OSlWhDJOhrs9xCrZ1x9y7v5RoSJBsXECYxqCsGKrXlcSH9/L +3XWgwF15kIwb4FDm3jH+mHtwX6WQ2K34ArZv02DdQEsixT2tOnqfGhpHkXkzuoLcMmkDlm4fS/Bx +/uNncqCxv1yL5PqZIseEuRuNI5c/7SXgz2W79WEE790eslpBIlqhn10s6FvJbakMDHiqYMZWjwFa +DGi8aRl5xB9+lwW/xekkUV7U1UtT7dkjWjYDZaPBA61BMPNGG4WQr2W11bHkFlt4dR2Xem1ZqSqP +e97Dh4kQmUlzeMg9vVE1dCrV8X5pGyq7O70luJpaPXJhkGaH7gzWTdQRdAtq/gsD/KNVV4n+Ssuu +WxcFyPKNIzFTONItaj+CuY0IavdeQXRuwxF+B6wpYJE/OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJ +DIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ub +DgEj8Z+7fNzcbBGXJbLytGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u +-----END CERTIFICATE----- + +GeoTrust Primary Certification Authority +======================================== +-----BEGIN CERTIFICATE----- +MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQG +EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMoR2VvVHJ1c3QgUHJpbWFyeSBD +ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjExMjcwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMFgx +CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhHZW9UcnVzdCBQ +cmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEAvrgVe//UfH1nrYNke8hCUy3f9oQIIGHWAVlqnEQRr+92/ZV+zmEwu3qDXwK9AWbK7hWN +b6EwnL2hhZ6UOvNWiAAxz9juapYC2e0DjPt1befquFUWBRaa9OBesYjAZIVcFU2Ix7e64HXprQU9 +nceJSOC7KMgD4TCTZF5SwFlwIjVXiIrxlQqD17wxcwE07e9GceBrAqg1cmuXm2bgyxx5X9gaBGge +RwLmnWDiNpcB3841kt++Z8dtd1k7j53WkBWUvEI0EME5+bEnPn7WinXFsq+W06Lem+SYvn3h6YGt +tm/81w7a4DSwDRp35+MImO9Y+pyEtzavwt+s0vQQBnBxNQIDAQABo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQULNVQQZcVi/CPNmFbSvtr2ZnJM5IwDQYJKoZI +hvcNAQEFBQADggEBAFpwfyzdtzRP9YZRqSa+S7iq8XEN3GHHoOo0Hnp3DwQ16CePbJC/kRYkRj5K +Ts4rFtULUh38H2eiAkUxT87z+gOneZ1TatnaYzr4gNfTmeGl4b7UVXGYNTq+k+qurUKykG/g/CFN +NWMziUnWm07Kx+dOCQD32sfvmWKZd7aVIl6KoKv0uHiYyjgZmclynnjNS6yvGaBzEi38wkG6gZHa +Floxt/m0cYASSJlyc1pZU8FjUjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG +1riR/aYNKxoUAT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk= +-----END CERTIFICATE----- + +thawte Primary Root CA +====================== +-----BEGIN CERTIFICATE----- +MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCBqTELMAkGA1UE +BhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2 +aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhv +cml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYxMTE3 +MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwg +SW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMv +KGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMT +FnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs +oPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQLZU0HObrTQmnHNK4yZc2AreJ +1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGc +q/gcfomk6KHYcWUNo1F77rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/K +aAcdHJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR32HuHUETVPm4p +afs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYD +VR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUF +AAOCAQEAeRHAS7ORtvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeE +uzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQaEfZYGDm/Ac9IiAX +xPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqdE8hhuvU5HIe6uL17In/2/qxAeeWsEG89 +jxt5dovEN7MhGITlNgDrYyCZuen+MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVH +z7z9M/P2C2F+fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaA== +-----END CERTIFICATE----- + +VeriSign Class 3 Public Primary Certification Authority - G5 +============================================================ +-----BEGIN CERTIFICATE----- +MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE +BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBO +ZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVk +IHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRp +ZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCB +yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2ln +biBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBh +dXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmlt +YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKz +j/i5Vbext0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhD +Y2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/ +Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNHiDxpg8v+R70r +fk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/ +BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2Uv +Z2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy +aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqG +SIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzEp6B4Eq1iDkVwZMXnl2YtmAl+ +X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKE +KQsTb47bDN0lAtukixlE0kF6BWlKWE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiC +Km0oHw0LxOXnGiYZ4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vE +ZV8NhnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq +-----END CERTIFICATE----- + +SecureTrust CA +============== +-----BEGIN CERTIFICATE----- +MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBIMQswCQYDVQQG +EwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24xFzAVBgNVBAMTDlNlY3VyZVRy +dXN0IENBMB4XDTA2MTEwNzE5MzExOFoXDTI5MTIzMTE5NDA1NVowSDELMAkGA1UEBhMCVVMxIDAe +BgNVBAoTF1NlY3VyZVRydXN0IENvcnBvcmF0aW9uMRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTCC +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKukgeWVzfX2FI7CT8rU4niVWJxB4Q2ZQCQX +OZEzZum+4YOvYlyJ0fwkW2Gz4BERQRwdbvC4u/jep4G6pkjGnx29vo6pQT64lO0pGtSO0gMdA+9t +DWccV9cGrcrI9f4Or2YlSASWC12juhbDCE/RRvgUXPLIXgGZbf2IzIaowW8xQmxSPmjL8xk037uH +GFaAJsTQ3MBv396gwpEWoGQRS0S8Hvbn+mPeZqx2pHGj7DaUaHp3pLHnDi+BeuK1cobvomuL8A/b +01k/unK8RCSc43Oz969XL0Imnal0ugBS8kvNU3xHCzaFDmapCJcWNFfBZveA4+1wVMeT4C4oFVmH +ursCAwEAAaOBnTCBmjATBgkrBgEEAYI3FAIEBh4EAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/ +BAUwAwEB/zAdBgNVHQ4EFgQUQjK2FvoE/f5dS3rD/fdMQB1aQ68wNAYDVR0fBC0wKzApoCegJYYj +aHR0cDovL2NybC5zZWN1cmV0cnVzdC5jb20vU1RDQS5jcmwwEAYJKwYBBAGCNxUBBAMCAQAwDQYJ +KoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt36Z3q059c4EVlew3KW+JwULKUBRSu +SceNQQcSc5R+DCMh/bwQf2AQWnL1mA6s7Ll/3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHf +mbx8IVQr5Fiiu1cprp6poxkmD5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZ +nMUFdAvnZyPSCPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR +3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE= +-----END CERTIFICATE----- + +Secure Global CA +================ +-----BEGIN CERTIFICATE----- +MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQG +EwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBH +bG9iYWwgQ0EwHhcNMDYxMTA3MTk0MjI4WhcNMjkxMjMxMTk1MjA2WjBKMQswCQYDVQQGEwJVUzEg +MB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwg +Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNS7YrGxVaQZx5RNoJLNP2MwhR/jx +YDiJiQPpvepeRlMJ3Fz1Wuj3RSoC6zFh1ykzTM7HfAo3fg+6MpjhHZevj8fcyTiW89sa/FHtaMbQ +bqR8JNGuQsiWUGMu4P51/pinX0kuleM5M2SOHqRfkNJnPLLZ/kG5VacJjnIFHovdRIWCQtBJwB1g +8NEXLJXr9qXBkqPFwqcIYA1gBBCWeZ4WNOaptvolRTnIHmX5k/Wq8VLcmZg9pYYaDDUz+kulBAYV +HDGA76oYa8J719rO+TMg1fW9ajMtgQT7sFzUnKPiXB3jqUJ1XnvUd+85VLrJChgbEplJL4hL/VBi +0XPnj3pDAgMBAAGjgZ0wgZowEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1Ud +EwEB/wQFMAMBAf8wHQYDVR0OBBYEFK9EBMJBfkiD2045AuzshHrmzsmkMDQGA1UdHwQtMCswKaAn +oCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NHQ0EuY3JsMBAGCSsGAQQBgjcVAQQDAgEA +MA0GCSqGSIb3DQEBBQUAA4IBAQBjGghAfaReUw132HquHw0LURYD7xh8yOOvaliTFGCRsoTciE6+ +OYo68+aCiV0BN7OrJKQVDpI1WkpEXk5X+nXOH0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cn +CDpOGR86p1hcF895P4vkp9MmI50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/5 +3CYNv6ZHdAbYiNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc +f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW +-----END CERTIFICATE----- + +COMODO Certification Authority +============================== +-----BEGIN CERTIFICATE----- +MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCBgTELMAkGA1UE +BhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgG +A1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNVBAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1 +dGhvcml0eTAeFw0wNjEyMDEwMDAwMDBaFw0yOTEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEb +MBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFD +T01PRE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3UcEbVASY06m/weaKXTuH ++7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI2GqGd0S7WWaXUF601CxwRM/aN5VCaTww +xHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV +4EajcNxo2f8ESIl33rXp+2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA +1KGzqSX+DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5OnKVI +rLsm9wIDAQABo4GOMIGLMB0GA1UdDgQWBBQLWOWLxkwVN6RAqTCpIb5HNlpW/zAOBgNVHQ8BAf8E +BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBJBgNVHR8EQjBAMD6gPKA6hjhodHRwOi8vY3JsLmNvbW9k +b2NhLmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDANBgkqhkiG9w0BAQUFAAOC +AQEAPpiem/Yb6dc5t3iuHXIYSdOH5EOC6z/JqvWote9VfCFSZfnVDeFs9D6Mk3ORLgLETgdxb8CP +OGEIqB6BCsAvIC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/ +RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4zJVSk/BwJVmc +IGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5ddBA6+C4OmF4O5MBKgxTMVBbkN ++8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IBZQ== +-----END CERTIFICATE----- + +Network Solutions Certificate Authority +======================================= +-----BEGIN CERTIFICATE----- +MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBiMQswCQYDVQQG +EwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydOZXR3b3Jr +IFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMx +MjM1OTU5WjBiMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu +MTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkvH6SMG3G2I4rC7xGzuAnlt7e+foS0zwzc7MEL7xx +jOWftiJgPl9dzgn/ggwbmlFQGiaJ3dVhXRncEg8tCqJDXRfQNJIg6nPPOCwGJgl6cvf6UDL4wpPT +aaIjzkGxzOTVHzbRijr4jGPiFFlp7Q3Tf2vouAPlT2rlmGNpSAW+Lv8ztumXWWn4Zxmuk2GWRBXT +crA/vGp97Eh/jcOrqnErU2lBUzS1sLnFBgrEsEX1QV1uiUV7PTsmjHTC5dLRfbIR1PtYMiKagMnc +/Qzpf14Dl847ABSHJ3A4qY5usyd2mFHgBeMhqxrVhSI8KbWaFsWAqPS7azCPL0YCorEMIuDTAgMB +AAGjgZcwgZQwHQYDVR0OBBYEFCEwyfsA106Y2oeqKtCnLrFAMadMMA4GA1UdDwEB/wQEAwIBBjAP +BgNVHRMBAf8EBTADAQH/MFIGA1UdHwRLMEkwR6BFoEOGQWh0dHA6Ly9jcmwubmV0c29sc3NsLmNv +bS9OZXR3b3JrU29sdXRpb25zQ2VydGlmaWNhdGVBdXRob3JpdHkuY3JsMA0GCSqGSIb3DQEBBQUA +A4IBAQC7rkvnt1frf6ott3NHhWrB5KUd5Oc86fRZZXe1eltajSU24HqXLjjAV2CDmAaDn7l2em5Q +4LqILPxFzBiwmZVRDuwduIj/h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/ +GGUsyfJj4akH/nxxH2szJGoeBfcFaMBqEssuXmHLrijTfsK0ZpEmXzwuJF/LWA/rKOyvEZbz3Htv +wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHNpGxlaKFJdlxD +ydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey +-----END CERTIFICATE----- + +WellsSecure Public Root Certificate Authority +============================================= +-----BEGIN CERTIFICATE----- +MIIEvTCCA6WgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBhTELMAkGA1UEBhMCVVMxIDAeBgNVBAoM +F1dlbGxzIEZhcmdvIFdlbGxzU2VjdXJlMRwwGgYDVQQLDBNXZWxscyBGYXJnbyBCYW5rIE5BMTYw +NAYDVQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcN +MDcxMjEzMTcwNzU0WhcNMjIxMjE0MDAwNzU0WjCBhTELMAkGA1UEBhMCVVMxIDAeBgNVBAoMF1dl +bGxzIEZhcmdvIFdlbGxzU2VjdXJlMRwwGgYDVQQLDBNXZWxscyBGYXJnbyBCYW5rIE5BMTYwNAYD +VQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDub7S9eeKPCCGeOARBJe+rWxxTkqxtnt3CxC5FlAM1 +iGd0V+PfjLindo8796jE2yljDpFoNoqXjopxaAkH5OjUDk/41itMpBb570OYj7OeUt9tkTmPOL13 +i0Nj67eT/DBMHAGTthP796EfvyXhdDcsHqRePGj4S78NuR4uNuip5Kf4D8uCdXw1LSLWwr8L87T8 +bJVhHlfXBIEyg1J55oNjz7fLY4sR4r1e6/aN7ZVyKLSsEmLpSjPmgzKuBXWVvYSV2ypcm44uDLiB +K0HmOFafSZtsdvqKXfcBeYF8wYNABf5x/Qw/zE5gCQ5lRxAvAcAFP4/4s0HvWkJ+We/SlwxlAgMB +AAGjggE0MIIBMDAPBgNVHRMBAf8EBTADAQH/MDkGA1UdHwQyMDAwLqAsoCqGKGh0dHA6Ly9jcmwu +cGtpLndlbGxzZmFyZ28uY29tL3dzcHJjYS5jcmwwDgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBQm +lRkQ2eihl5H/3BnZtQQ+0nMKajCBsgYDVR0jBIGqMIGngBQmlRkQ2eihl5H/3BnZtQQ+0nMKaqGB +i6SBiDCBhTELMAkGA1UEBhMCVVMxIDAeBgNVBAoMF1dlbGxzIEZhcmdvIFdlbGxzU2VjdXJlMRww +GgYDVQQLDBNXZWxscyBGYXJnbyBCYW5rIE5BMTYwNAYDVQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMg +Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHmCAQEwDQYJKoZIhvcNAQEFBQADggEBALkVsUSRzCPI +K0134/iaeycNzXK7mQDKfGYZUMbVmO2rvwNa5U3lHshPcZeG1eMd/ZDJPHV3V3p9+N701NX3leZ0 +bh08rnyd2wIDBSxxSyU+B+NemvVmFymIGjifz6pBA4SXa5M4esowRBskRDPQ5NHcKDj0E0M1NSlj +qHyita04pO2t/caaH/+Xc/77szWnk4bGdpEA5qxRFsQnMlzbc9qlk1eOPm01JghZ1edE13YgY+es +E2fDbbFwRnzVlhE9iW9dqKHrjQrawx0zbKPqZxmamX9LPYNRKh3KL4YMon4QLSvUFpULB6ouFJJJ +tylv2G0xffX8oRAHh84vWdw+WNs= +-----END CERTIFICATE----- + +COMODO ECC Certification Authority +================================== +-----BEGIN CERTIFICATE----- +MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTELMAkGA1UEBhMC +R0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UE +ChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBB +dXRob3JpdHkwHhcNMDgwMzA2MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0Ix +GzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR +Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRo +b3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQDR3svdcmCFYX7deSRFtSrYpn1PlILBs5BAH+X +4QokPB0BBO490o0JlwzgdeT6+3eKKvUDYEs2ixYjFq0JcfRK9ChQtP6IHG4/bC8vCVlbpVsLM5ni +wz2J+Wos77LTBumjQjBAMB0GA1UdDgQWBBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8E +BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VG +FAkK+qDmfQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdvGDeA +U/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY= +-----END CERTIFICATE----- + +IGC/A +===== +-----BEGIN CERTIFICATE----- +MIIEAjCCAuqgAwIBAgIFORFFEJQwDQYJKoZIhvcNAQEFBQAwgYUxCzAJBgNVBAYTAkZSMQ8wDQYD +VQQIEwZGcmFuY2UxDjAMBgNVBAcTBVBhcmlzMRAwDgYDVQQKEwdQTS9TR0ROMQ4wDAYDVQQLEwVE +Q1NTSTEOMAwGA1UEAxMFSUdDL0ExIzAhBgkqhkiG9w0BCQEWFGlnY2FAc2dkbi5wbS5nb3V2LmZy +MB4XDTAyMTIxMzE0MjkyM1oXDTIwMTAxNzE0MjkyMlowgYUxCzAJBgNVBAYTAkZSMQ8wDQYDVQQI +EwZGcmFuY2UxDjAMBgNVBAcTBVBhcmlzMRAwDgYDVQQKEwdQTS9TR0ROMQ4wDAYDVQQLEwVEQ1NT +STEOMAwGA1UEAxMFSUdDL0ExIzAhBgkqhkiG9w0BCQEWFGlnY2FAc2dkbi5wbS5nb3V2LmZyMIIB +IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh/R0GLFMzvABIaIs9z4iPf930Pfeo2aSVz2 +TqrMHLmh6yeJ8kbpO0px1R2OLc/mratjUMdUC24SyZA2xtgv2pGqaMVy/hcKshd+ebUyiHDKcMCW +So7kVc0dJ5S/znIq7Fz5cyD+vfcuiWe4u0dzEvfRNWk68gq5rv9GQkaiv6GFGvm/5P9JhfejcIYy +HF2fYPepraX/z9E0+X1bF8bc1g4oa8Ld8fUzaJ1O/Id8NhLWo4DoQw1VYZTqZDdH6nfK0LJYBcNd +frGoRpAxVs5wKpayMLh35nnAvSk7/ZR3TL0gzUEl4C7HG7vupARB0l2tEmqKm0f7yd1GQOGdPDPQ +tQIDAQABo3cwdTAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBRjAVBgNVHSAEDjAMMAoGCCqB +egF5AQEBMB0GA1UdDgQWBBSjBS8YYFDCiQrdKyFP/45OqDAxNjAfBgNVHSMEGDAWgBSjBS8YYFDC +iQrdKyFP/45OqDAxNjANBgkqhkiG9w0BAQUFAAOCAQEABdwm2Pp3FURo/C9mOnTgXeQp/wYHE4RK +q89toB9RlPhJy3Q2FLwV3duJL92PoF189RLrn544pEfMs5bZvpwlqwN+Mw+VgQ39FuCIvjfwbF3Q +MZsyK10XZZOYYLxuj7GoPB7ZHPOpJkL5ZB3C55L29B5aqhlSXa/oovdgoPaN8In1buAKBQGVyYsg +Crpa/JosPL3Dt8ldeCUFP1YUmwza+zpI/pdpXsoQhvdOlgQITeywvl3cO45Pwf2aNjSaTFR+FwNI +lQgRHAdvhQh+XU3Endv7rs6y0bO4g2wdsrN58dhwmX7wEwLOXt1R0982gaEbeC9xs/FZTEYYKKuF +0mBWWg== +-----END CERTIFICATE----- + +Security Communication EV RootCA1 +================================= +-----BEGIN CERTIFICATE----- +MIIDfTCCAmWgAwIBAgIBADANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJKUDElMCMGA1UEChMc +U0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEqMCgGA1UECxMhU2VjdXJpdHkgQ29tbXVuaWNh +dGlvbiBFViBSb290Q0ExMB4XDTA3MDYwNjAyMTIzMloXDTM3MDYwNjAyMTIzMlowYDELMAkGA1UE +BhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xKjAoBgNVBAsTIVNl +Y3VyaXR5IENvbW11bmljYXRpb24gRVYgUm9vdENBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC +AQoCggEBALx/7FebJOD+nLpCeamIivqA4PUHKUPqjgo0No0c+qe1OXj/l3X3L+SqawSERMqm4miO +/VVQYg+kcQ7OBzgtQoVQrTyWb4vVog7P3kmJPdZkLjjlHmy1V4qe70gOzXppFodEtZDkBp2uoQSX +WHnvIEqCa4wiv+wfD+mEce3xDuS4GBPMVjZd0ZoeUWs5bmB2iDQL87PRsJ3KYeJkHcFGB7hj3R4z +ZbOOCVVSPbW9/wfrrWFVGCypaZhKqkDFMxRldAD5kd6vA0jFQFTcD4SQaCDFkpbcLuUCRarAX1T4 +bepJz11sS6/vmsJWXMY1VkJqMF/Cq/biPT+zyRGPMUzXn0kCAwEAAaNCMEAwHQYDVR0OBBYEFDVK +9U2vP9eCOKyrcWUXdYydVZPmMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqG +SIb3DQEBBQUAA4IBAQCoh+ns+EBnXcPBZsdAS5f8hxOQWsTvoMpfi7ent/HWtWS3irO4G8za+6xm +iEHO6Pzk2x6Ipu0nUBsCMCRGef4Eh3CXQHPRwMFXGZpppSeZq51ihPZRwSzJIxXYKLerJRO1RuGG +Av8mjMSIkh1W/hln8lXkgKNrnKt34VFxDSDbEJrbvXZ5B3eZKK2aXtqxT0QsNY6llsf9g/BYxnnW +mHyojf6GPgcWkuF75x3sM3Z+Qi5KhfmRiWiEA4Glm5q+4zfFVKtWOxgtQaQM+ELbmaDgcm+7XeEW +T1MKZPlO9L9OVL14bIjqv5wTJMJwaaJ/D8g8rQjJsJhAoyrniIPtd490 +-----END CERTIFICATE----- + +OISTE WISeKey Global Root GA CA +=============================== +-----BEGIN CERTIFICATE----- +MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCBijELMAkGA1UE +BhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHlyaWdodCAoYykgMjAwNTEiMCAG +A1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBH +bG9iYWwgUm9vdCBHQSBDQTAeFw0wNTEyMTExNjAzNDRaFw0zNzEyMTExNjA5NTFaMIGKMQswCQYD +VQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEbMBkGA1UECxMSQ29weXJpZ2h0IChjKSAyMDA1MSIw +IAYDVQQLExlPSVNURSBGb3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5 +IEdsb2JhbCBSb290IEdBIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0+zAJs9 +Nt350UlqaxBJH+zYK7LG+DKBKUOVTJoZIyEVRd7jyBxRVVuuk+g3/ytr6dTqvirdqFEr12bDYVxg +Asj1znJ7O7jyTmUIms2kahnBAbtzptf2w93NvKSLtZlhuAGio9RN1AU9ka34tAhxZK9w8RxrfvbD +d50kc3vkDIzh2TbhmYsFmQvtRTEJysIA2/dyoJaqlYfQjse2YXMNdmaM3Bu0Y6Kff5MTMPGhJ9vZ +/yxViJGg4E8HsChWjBgbl0SOid3gF27nKu+POQoxhILYQBRJLnpB5Kf+42TMwVlxSywhp1t94B3R +LoGbw9ho972WG6xwsRYUC9tguSYBBQIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQUswN+rja8sHnR3JQmthG+IbJphpQwEAYJKwYBBAGCNxUBBAMCAQAwDQYJ +KoZIhvcNAQEFBQADggEBAEuh/wuHbrP5wUOxSPMowB0uyQlB+pQAHKSkq0lPjz0e701vvbyk9vIm +MMkQyh2I+3QZH4VFvbBsUfk2ftv1TDI6QU9bR8/oCy22xBmddMVHxjtqD6wU2zz0c5ypBd8A3HR4 ++vg1YFkCExh8vPtNsCBtQ7tgMHpnM1zFmdH4LTlSc/uMqpclXHLZCB6rTjzjgTGfA6b7wP4piFXa +hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZiFj4A4xylNoEY +okxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ/L7fCg0= +-----END CERTIFICATE----- + +Microsec e-Szigno Root CA +========================= +-----BEGIN CERTIFICATE----- +MIIHqDCCBpCgAwIBAgIRAMy4579OKRr9otxmpRwsDxEwDQYJKoZIhvcNAQEFBQAwcjELMAkGA1UE +BhMCSFUxETAPBgNVBAcTCEJ1ZGFwZXN0MRYwFAYDVQQKEw1NaWNyb3NlYyBMdGQuMRQwEgYDVQQL +EwtlLVN6aWdubyBDQTEiMCAGA1UEAxMZTWljcm9zZWMgZS1Temlnbm8gUm9vdCBDQTAeFw0wNTA0 +MDYxMjI4NDRaFw0xNzA0MDYxMjI4NDRaMHIxCzAJBgNVBAYTAkhVMREwDwYDVQQHEwhCdWRhcGVz +dDEWMBQGA1UEChMNTWljcm9zZWMgTHRkLjEUMBIGA1UECxMLZS1Temlnbm8gQ0ExIjAgBgNVBAMT +GU1pY3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQDtyADVgXvNOABHzNuEwSFpLHSQDCHZU4ftPkNEU6+r+ICbPHiN1I2uuO/TEdyB5s87lozWbxXG +d36hL+BfkrYn13aaHUM86tnsL+4582pnS4uCzyL4ZVX+LMsvfUh6PXX5qqAnu3jCBspRwn5mS6/N +oqdNAoI/gqyFxuEPkEeZlApxcpMqyabAvjxWTHOSJ/FrtfX9/DAFYJLG65Z+AZHCabEeHXtTRbjc +QR/Ji3HWVBTji1R4P770Yjtb9aPs1ZJ04nQw7wHb4dSrmZsqa/i9phyGI0Jf7Enemotb9HI6QMVJ +PqW+jqpx62z69Rrkav17fVVA71hu5tnVvCSrwe+3AgMBAAGjggQ3MIIEMzBnBggrBgEFBQcBAQRb +MFkwKAYIKwYBBQUHMAGGHGh0dHBzOi8vcmNhLmUtc3ppZ25vLmh1L29jc3AwLQYIKwYBBQUHMAKG +IWh0dHA6Ly93d3cuZS1zemlnbm8uaHUvUm9vdENBLmNydDAPBgNVHRMBAf8EBTADAQH/MIIBcwYD +VR0gBIIBajCCAWYwggFiBgwrBgEEAYGoGAIBAQEwggFQMCgGCCsGAQUFBwIBFhxodHRwOi8vd3d3 +LmUtc3ppZ25vLmh1L1NaU1ovMIIBIgYIKwYBBQUHAgIwggEUHoIBEABBACAAdABhAG4A+gBzAO0A +dAB2AOEAbgB5ACAA6QByAHQAZQBsAG0AZQB6AOkAcwDpAGgAZQB6ACAA6QBzACAAZQBsAGYAbwBn +AGEAZADhAHMA4QBoAG8AegAgAGEAIABTAHoAbwBsAGcA4QBsAHQAYQB0APMAIABTAHoAbwBsAGcA +4QBsAHQAYQB0AOEAcwBpACAAUwB6AGEAYgDhAGwAeQB6AGEAdABhACAAcwB6AGUAcgBpAG4AdAAg +AGsAZQBsAGwAIABlAGwAagDhAHIAbgBpADoAIABoAHQAdABwADoALwAvAHcAdwB3AC4AZQAtAHMA +egBpAGcAbgBvAC4AaAB1AC8AUwBaAFMAWgAvMIHIBgNVHR8EgcAwgb0wgbqggbeggbSGIWh0dHA6 +Ly93d3cuZS1zemlnbm8uaHUvUm9vdENBLmNybIaBjmxkYXA6Ly9sZGFwLmUtc3ppZ25vLmh1L0NO +PU1pY3Jvc2VjJTIwZS1Temlnbm8lMjBSb290JTIwQ0EsT1U9ZS1Temlnbm8lMjBDQSxPPU1pY3Jv +c2VjJTIwTHRkLixMPUJ1ZGFwZXN0LEM9SFU/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdDtiaW5h +cnkwDgYDVR0PAQH/BAQDAgEGMIGWBgNVHREEgY4wgYuBEGluZm9AZS1zemlnbm8uaHWkdzB1MSMw +IQYDVQQDDBpNaWNyb3NlYyBlLVN6aWduw7MgUm9vdCBDQTEWMBQGA1UECwwNZS1TemlnbsOzIEhT +WjEWMBQGA1UEChMNTWljcm9zZWMgS2Z0LjERMA8GA1UEBxMIQnVkYXBlc3QxCzAJBgNVBAYTAkhV +MIGsBgNVHSMEgaQwgaGAFMegSXUWYYTbMUuE0vE3QJDvTtz3oXakdDByMQswCQYDVQQGEwJIVTER +MA8GA1UEBxMIQnVkYXBlc3QxFjAUBgNVBAoTDU1pY3Jvc2VjIEx0ZC4xFDASBgNVBAsTC2UtU3pp +Z25vIENBMSIwIAYDVQQDExlNaWNyb3NlYyBlLVN6aWdubyBSb290IENBghEAzLjnv04pGv2i3Gal +HCwPETAdBgNVHQ4EFgQUx6BJdRZhhNsxS4TS8TdAkO9O3PcwDQYJKoZIhvcNAQEFBQADggEBANMT +nGZjWS7KXHAM/IO8VbH0jgdsZifOwTsgqRy7RlRw7lrMoHfqaEQn6/Ip3Xep1fvj1KcExJW4C+FE +aGAHQzAxQmHl7tnlJNUb3+FKG6qfx1/4ehHqE5MAyopYse7tDk2016g2JnzgOsHVV4Lxdbb9iV/a +86g4nzUGCM4ilb7N1fy+W955a9x6qWVmvrElWl/tftOsRm1M9DKHtCAE4Gx4sHfRhUZLphK3dehK +yVZs15KrnfVJONJPU+NVkBHbmJbGSfI+9J8b4PeI3CVimUTYc78/MPMMNz7UwiiAc7EBt51alhQB +S6kRnSlqLtBdgcDPsiBDxwPgN05dCtxZICU= +-----END CERTIFICATE----- + +Certigna +======== +-----BEGIN CERTIFICATE----- +MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNVBAYTAkZSMRIw +EAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4XDTA3MDYyOTE1MTMwNVoXDTI3 +MDYyOTE1MTMwNVowNDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURoaW15b3RpczERMA8GA1UEAwwI +Q2VydGlnbmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIaPHJ1tazNHUmgh7stL7q +XOEm7RFHYeGifBZ4QCHkYJ5ayGPhxLGWkv8YbWkj4Sti993iNi+RB7lIzw7sebYs5zRLcAglozyH +GxnygQcPOJAZ0xH+hrTy0V4eHpbNgGzOOzGTtvKg0KmVEn2lmsxryIRWijOp5yIVUxbwzBfsV1/p +ogqYCd7jX5xv3EjjhQsVWqa6n6xI4wmy9/Qy3l40vhx4XUJbzg4ij02Q130yGLMLLGq/jj8UEYkg +DncUtT2UCIf3JR7VsmAA7G8qKCVuKj4YYxclPz5EIBb2JsglrgVKtOdjLPOMFlN+XPsRGgjBRmKf +Irjxwo1p3Po6WAbfAgMBAAGjgbwwgbkwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUGu3+QTmQ +tCRZvgHyUtVF9lo53BEwZAYDVR0jBF0wW4AUGu3+QTmQtCRZvgHyUtVF9lo53BGhOKQ2MDQxCzAJ +BgNVBAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hggkA/tzjAQ/J +SP8wDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG9w0BAQUFAAOCAQEA +hQMeknH2Qq/ho2Ge6/PAD/Kl1NqV5ta+aDY9fm4fTIrv0Q8hbV6lUmPOEvjvKtpv6zf+EwLHyzs+ +ImvaYS5/1HI93TDhHkxAGYwP15zRgzB7mFncfca5DClMoTOi62c6ZYTTluLtdkVwj7Ur3vkj1klu +PBS1xp81HlDQwY9qcEQCYsuuHWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY +1gkIl2PlwS6wt0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw +WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg== +-----END CERTIFICATE----- + +AC Ra\xC3\xADz Certic\xC3\xA1mara S.A. +====================================== +-----BEGIN CERTIFICATE----- +MIIGZjCCBE6gAwIBAgIPB35Sk3vgFeNX8GmMy+wMMA0GCSqGSIb3DQEBBQUAMHsxCzAJBgNVBAYT +AkNPMUcwRQYDVQQKDD5Tb2NpZWRhZCBDYW1lcmFsIGRlIENlcnRpZmljYWNpw7NuIERpZ2l0YWwg +LSBDZXJ0aWPDoW1hcmEgUy5BLjEjMCEGA1UEAwwaQUMgUmHDrXogQ2VydGljw6FtYXJhIFMuQS4w +HhcNMDYxMTI3MjA0NjI5WhcNMzAwNDAyMjE0MjAyWjB7MQswCQYDVQQGEwJDTzFHMEUGA1UECgw+ +U29jaWVkYWQgQ2FtZXJhbCBkZSBDZXJ0aWZpY2FjacOzbiBEaWdpdGFsIC0gQ2VydGljw6FtYXJh +IFMuQS4xIzAhBgNVBAMMGkFDIFJhw616IENlcnRpY8OhbWFyYSBTLkEuMIICIjANBgkqhkiG9w0B +AQEFAAOCAg8AMIICCgKCAgEAq2uJo1PMSCMI+8PPUZYILrgIem08kBeGqentLhM0R7LQcNzJPNCN +yu5LF6vQhbCnIwTLqKL85XXbQMpiiY9QngE9JlsYhBzLfDe3fezTf3MZsGqy2IiKLUV0qPezuMDU +2s0iiXRNWhU5cxh0T7XrmafBHoi0wpOQY5fzp6cSsgkiBzPZkc0OnB8OIMfuuzONj8LSWKdf/WU3 +4ojC2I+GdV75LaeHM/J4Ny+LvB2GNzmxlPLYvEqcgxhaBvzz1NS6jBUJJfD5to0EfhcSM2tXSExP +2yYe68yQ54v5aHxwD6Mq0Do43zeX4lvegGHTgNiRg0JaTASJaBE8rF9ogEHMYELODVoqDA+bMMCm +8Ibbq0nXl21Ii/kDwFJnmxL3wvIumGVC2daa49AZMQyth9VXAnow6IYm+48jilSH5L887uvDdUhf +HjlvgWJsxS3EF1QZtzeNnDeRyPYL1epjb4OsOMLzP96a++EjYfDIJss2yKHzMI+ko6Kh3VOz3vCa +Mh+DkXkwwakfU5tTohVTP92dsxA7SH2JD/ztA/X7JWR1DhcZDY8AFmd5ekD8LVkH2ZD6mq093ICK +5lw1omdMEWux+IBkAC1vImHFrEsm5VoQgpukg3s0956JkSCXjrdCx2bD0Omk1vUgjcTDlaxECp1b +czwmPS9KvqfJpxAe+59QafMCAwEAAaOB5jCB4zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE +AwIBBjAdBgNVHQ4EFgQU0QnQ6dfOeXRU+Tows/RtLAMDG2gwgaAGA1UdIASBmDCBlTCBkgYEVR0g +ADCBiTArBggrBgEFBQcCARYfaHR0cDovL3d3dy5jZXJ0aWNhbWFyYS5jb20vZHBjLzBaBggrBgEF +BQcCAjBOGkxMaW1pdGFjaW9uZXMgZGUgZ2FyYW507WFzIGRlIGVzdGUgY2VydGlmaWNhZG8gc2Ug +cHVlZGVuIGVuY29udHJhciBlbiBsYSBEUEMuMA0GCSqGSIb3DQEBBQUAA4ICAQBclLW4RZFNjmEf +AygPU3zmpFmps4p6xbD/CHwso3EcIRNnoZUSQDWDg4902zNc8El2CoFS3UnUmjIz75uny3XlesuX +EpBcunvFm9+7OSPI/5jOCk0iAUgHforA1SBClETvv3eiiWdIG0ADBaGJ7M9i4z0ldma/Jre7Ir5v +/zlXdLp6yQGVwZVR6Kss+LGGIOk/yzVb0hfpKv6DExdA7ohiZVvVO2Dpezy4ydV/NgIlqmjCMRW3 +MGXrfx1IebHPOeJCgBbT9ZMj/EyXyVo3bHwi2ErN0o42gzmRkBDI8ck1fj+404HGIGQatlDCIaR4 +3NAvO2STdPCWkPHv+wlaNECW8DYSwaN0jJN+Qd53i+yG2dIPPy3RzECiiWZIHiCznCNZc6lEc7wk +eZBWN7PGKX6jD/EpOe9+XCgycDWs2rjIdWb8m0w5R44bb5tNAlQiM+9hup4phO9OSzNHdpdqy35f +/RWmnkJDW2ZaiogN9xa5P1FlK2Zqi9E4UqLWRhH6/JocdJ6PlwsCT2TG9WjTSy3/pDceiz+/RL5h +RqGEPQgnTIEgd4kI6mdAXmwIUV80WoyWaM3X94nCHNMyAK9Sy9NgWyo6R35rMDOhYil/SrnhLecU +Iw4OGEfhefwVVdCx/CVxY3UzHCMrr1zZ7Ud3YA47Dx7SwNxkBYn8eNZcLCZDqQ== +-----END CERTIFICATE----- + +TC TrustCenter Class 2 CA II +============================ +-----BEGIN CERTIFICATE----- +MIIEqjCCA5KgAwIBAgIOLmoAAQACH9dSISwRXDswDQYJKoZIhvcNAQEFBQAwdjELMAkGA1UEBhMC +REUxHDAaBgNVBAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxIjAgBgNVBAsTGVRDIFRydXN0Q2VudGVy +IENsYXNzIDIgQ0ExJTAjBgNVBAMTHFRDIFRydXN0Q2VudGVyIENsYXNzIDIgQ0EgSUkwHhcNMDYw +MTEyMTQzODQzWhcNMjUxMjMxMjI1OTU5WjB2MQswCQYDVQQGEwJERTEcMBoGA1UEChMTVEMgVHJ1 +c3RDZW50ZXIgR21iSDEiMCAGA1UECxMZVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMiBDQTElMCMGA1UE +AxMcVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMiBDQSBJSTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC +AQoCggEBAKuAh5uO8MN8h9foJIIRszzdQ2Lu+MNF2ujhoF/RKrLqk2jftMjWQ+nEdVl//OEd+DFw +IxuInie5e/060smp6RQvkL4DUsFJzfb95AhmC1eKokKguNV/aVyQMrKXDcpK3EY+AlWJU+MaWss2 +xgdW94zPEfRMuzBwBJWl9jmM/XOBCH2JXjIeIqkiRUuwZi4wzJ9l/fzLganx4Duvo4bRierERXlQ +Xa7pIXSSTYtZgo+U4+lK8edJsBTj9WLL1XK9H7nSn6DNqPoByNkN39r8R52zyFTfSUrxIan+GE7u +SNQZu+995OKdy1u2bv/jzVrndIIFuoAlOMvkaZ6vQaoahPUCAwEAAaOCATQwggEwMA8GA1UdEwEB +/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTjq1RMgKHbVkO3kUrL84J6E1wIqzCB +7QYDVR0fBIHlMIHiMIHfoIHcoIHZhjVodHRwOi8vd3d3LnRydXN0Y2VudGVyLmRlL2NybC92Mi90 +Y19jbGFzc18yX2NhX0lJLmNybIaBn2xkYXA6Ly93d3cudHJ1c3RjZW50ZXIuZGUvQ049VEMlMjBU +cnVzdENlbnRlciUyMENsYXNzJTIwMiUyMENBJTIwSUksTz1UQyUyMFRydXN0Q2VudGVyJTIwR21i +SCxPVT1yb290Y2VydHMsREM9dHJ1c3RjZW50ZXIsREM9ZGU/Y2VydGlmaWNhdGVSZXZvY2F0aW9u +TGlzdD9iYXNlPzANBgkqhkiG9w0BAQUFAAOCAQEAjNfffu4bgBCzg/XbEeprS6iSGNn3Bzn1LL4G +dXpoUxUc6krtXvwjshOg0wn/9vYua0Fxec3ibf2uWWuFHbhOIprtZjluS5TmVfwLG4t3wVMTZonZ +KNaL80VKY7f9ewthXbhtvsPcW3nS7Yblok2+XnR8au0WOB9/WIFaGusyiC2y8zl3gK9etmF1Kdsj +TYjKUCjLhdLTEKJZbtOTVAB6okaVhgWcqRmY5TFyDADiZ9lA4CQze28suVyrZZ0srHbqNZn1l7kP +JOzHdiEoZa5X6AeIdUpWoNIFOqTmjZKILPPy4cHGYdtBxceb9w4aUUXCYWvcZCcXjFq32nQozZfk +vQ== +-----END CERTIFICATE----- + +TC TrustCenter Class 3 CA II +============================ +-----BEGIN CERTIFICATE----- +MIIEqjCCA5KgAwIBAgIOSkcAAQAC5aBd1j8AUb8wDQYJKoZIhvcNAQEFBQAwdjELMAkGA1UEBhMC +REUxHDAaBgNVBAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxIjAgBgNVBAsTGVRDIFRydXN0Q2VudGVy +IENsYXNzIDMgQ0ExJTAjBgNVBAMTHFRDIFRydXN0Q2VudGVyIENsYXNzIDMgQ0EgSUkwHhcNMDYw +MTEyMTQ0MTU3WhcNMjUxMjMxMjI1OTU5WjB2MQswCQYDVQQGEwJERTEcMBoGA1UEChMTVEMgVHJ1 +c3RDZW50ZXIgR21iSDEiMCAGA1UECxMZVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQTElMCMGA1UE +AxMcVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQSBJSTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC +AQoCggEBALTgu1G7OVyLBMVMeRwjhjEQY0NVJz/GRcekPewJDRoeIMJWHt4bNwcwIi9v8Qbxq63W +yKthoy9DxLCyLfzDlml7forkzMA5EpBCYMnMNWju2l+QVl/NHE1bWEnrDgFPZPosPIlY2C8u4rBo +6SI7dYnWRBpl8huXJh0obazovVkdKyT21oQDZogkAHhg8fir/gKya/si+zXmFtGt9i4S5Po1auUZ +uV3bOx4a+9P/FRQI2AlqukWdFHlgfa9Aigdzs5OW03Q0jTo3Kd5c7PXuLjHCINy+8U9/I1LZW+Jk +2ZyqBwi1Rb3R0DHBq1SfqdLDYmAD8bs5SpJKPQq5ncWg/jcCAwEAAaOCATQwggEwMA8GA1UdEwEB +/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTUovyfs8PYA9NXXAek0CSnwPIA1DCB +7QYDVR0fBIHlMIHiMIHfoIHcoIHZhjVodHRwOi8vd3d3LnRydXN0Y2VudGVyLmRlL2NybC92Mi90 +Y19jbGFzc18zX2NhX0lJLmNybIaBn2xkYXA6Ly93d3cudHJ1c3RjZW50ZXIuZGUvQ049VEMlMjBU +cnVzdENlbnRlciUyMENsYXNzJTIwMyUyMENBJTIwSUksTz1UQyUyMFRydXN0Q2VudGVyJTIwR21i +SCxPVT1yb290Y2VydHMsREM9dHJ1c3RjZW50ZXIsREM9ZGU/Y2VydGlmaWNhdGVSZXZvY2F0aW9u +TGlzdD9iYXNlPzANBgkqhkiG9w0BAQUFAAOCAQEANmDkcPcGIEPZIxpC8vijsrlNirTzwppVMXzE +O2eatN9NDoqTSheLG43KieHPOh6sHfGcMrSOWXaiQYUlN6AT0PV8TtXqluJucsG7Kv5sbviRmEb8 +yRtXW+rIGjs/sFGYPAfaLFkB2otE6OF0/ado3VS6g0bsyEa1+K+XwDsJHI/OcpY9M1ZwvJbL2NV9 +IJqDnxrcOfHFcqMRA/07QlIp2+gB95tejNaNhk4Z+rwcvsUhpYeeeC422wlxo3I0+GzjBgnyXlal +092Y+tTmBvTwtiBjS+opvaqCZh77gaqnN60TGOaSw4HBM7uIHqHn4rS9MWwOUT1v+5ZWgOI2F9Hc +5A== +-----END CERTIFICATE----- + +TC TrustCenter Universal CA I +============================= +-----BEGIN CERTIFICATE----- +MIID3TCCAsWgAwIBAgIOHaIAAQAC7LdggHiNtgYwDQYJKoZIhvcNAQEFBQAweTELMAkGA1UEBhMC +REUxHDAaBgNVBAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxJDAiBgNVBAsTG1RDIFRydXN0Q2VudGVy +IFVuaXZlcnNhbCBDQTEmMCQGA1UEAxMdVEMgVHJ1c3RDZW50ZXIgVW5pdmVyc2FsIENBIEkwHhcN +MDYwMzIyMTU1NDI4WhcNMjUxMjMxMjI1OTU5WjB5MQswCQYDVQQGEwJERTEcMBoGA1UEChMTVEMg +VHJ1c3RDZW50ZXIgR21iSDEkMCIGA1UECxMbVEMgVHJ1c3RDZW50ZXIgVW5pdmVyc2FsIENBMSYw +JAYDVQQDEx1UQyBUcnVzdENlbnRlciBVbml2ZXJzYWwgQ0EgSTCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAKR3I5ZEr5D0MacQ9CaHnPM42Q9e3s9B6DGtxnSRJJZ4Hgmgm5qVSkr1YnwC +qMqs+1oEdjneX/H5s7/zA1hV0qq34wQi0fiU2iIIAI3TfCZdzHd55yx4Oagmcw6iXSVphU9VDprv +xrlE4Vc93x9UIuVvZaozhDrzznq+VZeujRIPFDPiUHDDSYcTvFHe15gSWu86gzOSBnWLknwSaHtw +ag+1m7Z3W0hZneTvWq3zwZ7U10VOylY0Ibw+F1tvdwxIAUMpsN0/lm7mlaoMwCC2/T42J5zjXM9O +gdwZu5GQfezmlwQek8wiSdeXhrYTCjxDI3d+8NzmzSQfO4ObNDqDNOMCAwEAAaNjMGEwHwYDVR0j +BBgwFoAUkqR1LKSevoFE63n8isWVpesQdXMwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC +AYYwHQYDVR0OBBYEFJKkdSyknr6BROt5/IrFlaXrEHVzMA0GCSqGSIb3DQEBBQUAA4IBAQAo0uCG +1eb4e/CX3CJrO5UUVg8RMKWaTzqwOuAGy2X17caXJ/4l8lfmXpWMPmRgFVp/Lw0BxbFg/UU1z/Cy +vwbZ71q+s2IhtNerNXxTPqYn8aEt2hojnczd7Dwtnic0XQ/CNnm8yUpiLe1r2X1BQ3y2qsrtYbE3 +ghUJGooWMNjsydZHcnhLEEYUjl8Or+zHL6sQ17bxbuyGssLoDZJz3KL0Dzq/YSMQiZxIQG5wALPT +ujdEWBF6AmqI8Dc08BnprNRlc/ZpjGSUOnmFKbAWKwyCPwacx/0QK54PLLae4xW/2TYcuiUaUj0a +7CIMHOCkoj3w6DnPgcB77V0fb8XQC9eY +-----END CERTIFICATE----- + +Deutsche Telekom Root CA 2 +========================== +-----BEGIN CERTIFICATE----- +MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEcMBoGA1UEChMT +RGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2VjIFRydXN0IENlbnRlcjEjMCEG +A1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290IENBIDIwHhcNOTkwNzA5MTIxMTAwWhcNMTkwNzA5 +MjM1OTAwWjBxMQswCQYDVQQGEwJERTEcMBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0G +A1UECxMWVC1UZWxlU2VjIFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBS +b290IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrC6M14IspFLEUha88EOQ5 +bzVdSq7d6mGNlUn0b2SjGmBmpKlAIoTZ1KXleJMOaAGtuU1cOs7TuKhCQN/Po7qCWWqSG6wcmtoI +KyUn+WkjR/Hg6yx6m/UTAtB+NHzCnjwAWav12gz1MjwrrFDa1sPeg5TKqAyZMg4ISFZbavva4VhY +AUlfckE8FQYBjl2tqriTtM2e66foai1SNNs671x1Udrb8zH57nGYMsRUFUQM+ZtV7a3fGAigo4aK +Se5TBY8ZTNXeWHmb0mocQqvF1afPaA+W5OFhmHZhyJF81j4A4pFQh+GdCuatl9Idxjp9y7zaAzTV +jlsB9WoHtxa2bkp/AgMBAAGjQjBAMB0GA1UdDgQWBBQxw3kbuvVT1xfgiXotF2wKsyudMzAPBgNV +HRMECDAGAQH/AgEFMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAlGRZrTlk5ynr +E/5aw4sTV8gEJPB0d8Bg42f76Ymmg7+Wgnxu1MM9756AbrsptJh6sTtU6zkXR34ajgv8HzFZMQSy +zhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpaIzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8 +rZ7/gFnkm0W09juwzTkZmDLl6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4G +dyd1Lx+4ivn+xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU +Cm26OWMohpLzGITY+9HPBVZkVw== +-----END CERTIFICATE----- + +ComSign Secured CA +================== +-----BEGIN CERTIFICATE----- +MIIDqzCCApOgAwIBAgIRAMcoRwmzuGxFjB36JPU2TukwDQYJKoZIhvcNAQEFBQAwPDEbMBkGA1UE +AxMSQ29tU2lnbiBTZWN1cmVkIENBMRAwDgYDVQQKEwdDb21TaWduMQswCQYDVQQGEwJJTDAeFw0w +NDAzMjQxMTM3MjBaFw0yOTAzMTYxNTA0NTZaMDwxGzAZBgNVBAMTEkNvbVNpZ24gU2VjdXJlZCBD +QTEQMA4GA1UEChMHQ29tU2lnbjELMAkGA1UEBhMCSUwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQDGtWhfHZQVw6QIVS3joFd67+l0Kru5fFdJGhFeTymHDEjWaueP1H5XJLkGieQcPOqs +49ohgHMhCu95mGwfCP+hUH3ymBvJVG8+pSjsIQQPRbsHPaHA+iqYHU4Gk/v1iDurX8sWv+bznkqH +7Rnqwp9D5PGBpX8QTz7RSmKtUxvLg/8HZaWSLWapW7ha9B20IZFKF3ueMv5WJDmyVIRD9YTC2LxB +kMyd1mja6YJQqTtoz7VdApRgFrFD2UNd3V2Hbuq7s8lr9gOUCXDeFhF6K+h2j0kQmHe5Y1yLM5d1 +9guMsqtb3nQgJT/j8xH5h2iGNXHDHYwt6+UarA9z1YJZQIDTAgMBAAGjgacwgaQwDAYDVR0TBAUw +AwEB/zBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8vZmVkaXIuY29tc2lnbi5jby5pbC9jcmwvQ29t +U2lnblNlY3VyZWRDQS5jcmwwDgYDVR0PAQH/BAQDAgGGMB8GA1UdIwQYMBaAFMFL7XC29z58ADsA +j8c+DkWfHl3sMB0GA1UdDgQWBBTBS+1wtvc+fAA7AI/HPg5Fnx5d7DANBgkqhkiG9w0BAQUFAAOC +AQEAFs/ukhNQq3sUnjO2QiBq1BW9Cav8cujvR3qQrFHBZE7piL1DRYHjZiM/EoZNGeQFsOY3wo3a +BijJD4mkU6l1P7CW+6tMM1X5eCZGbxs2mPtCdsGCuY7e+0X5YxtiOzkGynd6qDwJz2w2PQ8KRUtp +FhpFfTMDZflScZAmlaxMDPWLkz/MdXSFmLr/YnpNH4n+rr2UAJm/EaXc4HnFFgt9AmEd6oX5AhVP +51qJThRv4zdLhfXBPGHg/QVBspJ/wx2g0K5SZGBrGMYmnNj1ZOQ2GmKfig8+/21OGVZOIJFsnzQz +OjRXUDpvgV4GxvU+fE6OK85lBi5d0ipTdF7Tbieejw== +-----END CERTIFICATE----- + +Cybertrust Global Root +====================== +-----BEGIN CERTIFICATE----- +MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYGA1UEChMPQ3li +ZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2JhbCBSb290MB4XDTA2MTIxNTA4 +MDAwMFoXDTIxMTIxNTA4MDAwMFowOzEYMBYGA1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQD +ExZDeWJlcnRydXN0IEdsb2JhbCBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA ++Mi8vRRQZhP/8NN57CPytxrHjoXxEnOmGaoQ25yiZXRadz5RfVb23CO21O1fWLE3TdVJDm71aofW +0ozSJ8bi/zafmGWgE07GKmSb1ZASzxQG9Dvj1Ci+6A74q05IlG2OlTEQXO2iLb3VOm2yHLtgwEZL +AfVJrn5GitB0jaEMAs7u/OePuGtm839EAL9mJRQr3RAwHQeWP032a7iPt3sMpTjr3kfb1V05/Iin +89cqdPHoWqI7n1C6poxFNcJQZZXcY4Lv3b93TZxiyWNzFtApD0mpSPCzqrdsxacwOUBdrsTiXSZT +8M4cIwhhqJQZugRiQOwfOHB3EgZxpzAYXSUnpQIDAQABo4GlMIGiMA4GA1UdDwEB/wQEAwIBBjAP +BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBS2CHsNesysIEyGVjJez6tuhS1wVzA/BgNVHR8EODA2 +MDSgMqAwhi5odHRwOi8vd3d3Mi5wdWJsaWMtdHJ1c3QuY29tL2NybC9jdC9jdHJvb3QuY3JsMB8G +A1UdIwQYMBaAFLYIew16zKwgTIZWMl7Pq26FLXBXMA0GCSqGSIb3DQEBBQUAA4IBAQBW7wojoFRO +lZfJ+InaRcHUowAl9B8Tq7ejhVhpwjCt2BWKLePJzYFa+HMjWqd8BfP9IjsO0QbE2zZMcwSO5bAi +5MXzLqXZI+O4Tkogp24CJJ8iYGd7ix1yCcUxXOl5n4BHPa2hCwcUPUf/A2kaDAtE52Mlp3+yybh2 +hO0j9n0Hq0V+09+zv+mKts2oomcrUtW3ZfA5TGOgkXmTUg9U3YO7n9GPp1Nzw8v/MOx8BLjYRB+T +X3EJIrduPuocA06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW +WL1WMRJOEcgh4LMRkWXbtKaIOM5V +-----END CERTIFICATE----- + +ePKI Root Certification Authority +================================= +-----BEGIN CERTIFICATE----- +MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQG +EwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0ZC4xKjAoBgNVBAsMIWVQS0kg +Um9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNDEyMjAwMjMxMjdaFw0zNDEyMjAwMjMx +MjdaMF4xCzAJBgNVBAYTAlRXMSMwIQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEq +MCgGA1UECwwhZVBLSSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0B +AQEFAAOCAg8AMIICCgKCAgEA4SUP7o3biDN1Z82tH306Tm2d0y8U82N0ywEhajfqhFAHSyZbCUNs +IZ5qyNUD9WBpj8zwIuQf5/dqIjG3LBXy4P4AakP/h2XGtRrBp0xtInAhijHyl3SJCRImHJ7K2RKi +lTza6We/CKBk49ZCt0Xvl/T29de1ShUCWH2YWEtgvM3XDZoTM1PRYfl61dd4s5oz9wCGzh1NlDiv +qOx4UXCKXBCDUSH3ET00hl7lSM2XgYI1TBnsZfZrxQWh7kcT1rMhJ5QQCtkkO7q+RBNGMD+XPNjX +12ruOzjjK9SXDrkb5wdJfzcq+Xd4z1TtW0ado4AOkUPB1ltfFLqfpo0kR0BZv3I4sjZsN/+Z0V0O +WQqraffAsgRFelQArr5T9rXn4fg8ozHSqf4hUmTFpmfwdQcGlBSBVcYn5AGPF8Fqcde+S/uUWH1+ +ETOxQvdibBjWzwloPn9s9h6PYq2lY9sJpx8iQkEeb5mKPtf5P0B6ebClAZLSnT0IFaUQAS2zMnao +lQ2zepr7BxB4EW/hj8e6DyUadCrlHJhBmd8hh+iVBmoKs2pHdmX2Os+PYhcZewoozRrSgx4hxyy/ +vv9haLdnG7t4TY3OZ+XkwY63I2binZB1NJipNiuKmpS5nezMirH4JYlcWrYvjB9teSSnUmjDhDXi +Zo1jDiVN1Rmy5nk3pyKdVDECAwEAAaNqMGgwHQYDVR0OBBYEFB4M97Zn8uGSJglFwFU5Lnc/Qkqi +MAwGA1UdEwQFMAMBAf8wOQYEZyoHAAQxMC8wLQIBADAJBgUrDgMCGgUAMAcGBWcqAwAABBRFsMLH +ClZ87lt4DJX5GFPBphzYEDANBgkqhkiG9w0BAQUFAAOCAgEACbODU1kBPpVJufGBuvl2ICO1J2B0 +1GqZNF5sAFPZn/KmsSQHRGoqxqWOeBLoR9lYGxMqXnmbnwoqZ6YlPwZpVnPDimZI+ymBV3QGypzq +KOg4ZyYr8dW1P2WT+DZdjo2NQCCHGervJ8A9tDkPJXtoUHRVnAxZfVo9QZQlUgjgRywVMRnVvwdV +xrsStZf0X4OFunHB2WyBEXYKCrC/gpf36j36+uwtqSiUO1bd0lEursC9CBWMd1I0ltabrNMdjmEP +NXubrjlpC2JgQCA2j6/7Nu4tCEoduL+bXPjqpRugc6bY+G7gMwRfaKonh+3ZwZCc7b3jajWvY9+r +GNm65ulK6lCKD2GTHuItGeIwlDWSXQ62B68ZgI9HkFFLLk3dheLSClIKF5r8GrBQAuUBo2M3IUxE +xJtRmREOc5wGj1QupyheRDmHVi03vYVElOEMSyycw5KFNGHLD7ibSkNS/jQ6fbjpKdx2qcgw+BRx +gMYeNkh0IkFch4LoGHGLQYlE535YW6i4jRPpp2zDR+2zGp1iro2C6pSe3VkQw63d4k3jMdXH7Ojy +sP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTEW9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmOD +BCEIZ43ygknQW/2xzQ+DhNQ+IIX3Sj0rnP0qCglN6oH4EZw= +-----END CERTIFICATE----- + +T\xc3\x9c\x42\xC4\xB0TAK UEKAE K\xC3\xB6k Sertifika Hizmet Sa\xC4\x9Flay\xc4\xb1\x63\xc4\xb1s\xc4\xb1 - S\xC3\xBCr\xC3\xBCm 3 +============================================================================================================================= +-----BEGIN CERTIFICATE----- +MIIFFzCCA/+gAwIBAgIBETANBgkqhkiG9w0BAQUFADCCASsxCzAJBgNVBAYTAlRSMRgwFgYDVQQH +DA9HZWJ6ZSAtIEtvY2FlbGkxRzBFBgNVBAoMPlTDvHJraXllIEJpbGltc2VsIHZlIFRla25vbG9q +aWsgQXJhxZ90xLFybWEgS3VydW11IC0gVMOcQsSwVEFLMUgwRgYDVQQLDD9VbHVzYWwgRWxla3Ry +b25payB2ZSBLcmlwdG9sb2ppIEFyYcWfdMSxcm1hIEVuc3RpdMO8c8O8IC0gVUVLQUUxIzAhBgNV +BAsMGkthbXUgU2VydGlmaWthc3lvbiBNZXJrZXppMUowSAYDVQQDDEFUw5xCxLBUQUsgVUVLQUUg +S8O2ayBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSAtIFPDvHLDvG0gMzAeFw0wNzA4 +MjQxMTM3MDdaFw0xNzA4MjExMTM3MDdaMIIBKzELMAkGA1UEBhMCVFIxGDAWBgNVBAcMD0dlYnpl +IC0gS29jYWVsaTFHMEUGA1UECgw+VMO8cmtpeWUgQmlsaW1zZWwgdmUgVGVrbm9sb2ppayBBcmHF +n3TEsXJtYSBLdXJ1bXUgLSBUw5xCxLBUQUsxSDBGBgNVBAsMP1VsdXNhbCBFbGVrdHJvbmlrIHZl +IEtyaXB0b2xvamkgQXJhxZ90xLFybWEgRW5zdGl0w7xzw7wgLSBVRUtBRTEjMCEGA1UECwwaS2Ft +dSBTZXJ0aWZpa2FzeW9uIE1lcmtlemkxSjBIBgNVBAMMQVTDnELEsFRBSyBVRUtBRSBLw7ZrIFNl +cnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIC0gU8O8csO8bSAzMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAim1L/xCIOsP2fpTo6iBkcK4hgb46ezzb8R1Sf1n68yJMlaCQvEhO +Eav7t7WNeoMojCZG2E6VQIdhn8WebYGHV2yKO7Rm6sxA/OOqbLLLAdsyv9Lrhc+hDVXDWzhXcLh1 +xnnRFDDtG1hba+818qEhTsXOfJlfbLm4IpNQp81McGq+agV/E5wrHur+R84EpW+sky58K5+eeROR +6Oqeyjh1jmKwlZMq5d/pXpduIF9fhHpEORlAHLpVK/swsoHvhOPc7Jg4OQOFCKlUAwUp8MmPi+oL +hmUZEdPpCSPeaJMDyTYcIW7OjGbxmTDY17PDHfiBLqi9ggtm/oLL4eAagsNAgQIDAQABo0IwQDAd +BgNVHQ4EFgQUvYiHyY/2pAoLquvF/pEjnatKijIwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF +MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAB18+kmPNOm3JpIWmgV050vQbTlswyb2zrgxvMTfvCr4 +N5EY3ATIZJkrGG2AA1nJrvhY0D7twyOfaTyGOBye79oneNGEN3GKPEs5z35FBtYt2IpNeBLWrcLT +y9LQQfMmNkqblWwM7uXRQydmwYj3erMgbOqwaSvHIOgMA8RBBZniP+Rr+KCGgceExh/VS4ESshYh +LBOhgLJeDEoTniDYYkCrkOpkSi+sDQESeUWoL4cZaMjihccwsnX5OD+ywJO0a+IDRM5noN+J1q2M +dqMTw5RhK2vZbMEHCiIHhWyFJEapvj+LeISCfiQMnf2BN+MlqO02TpUsyZyQ2uypQjyttgI= +-----END CERTIFICATE----- + +Buypass Class 2 CA 1 +==================== +-----BEGIN CERTIFICATE----- +MIIDUzCCAjugAwIBAgIBATANBgkqhkiG9w0BAQUFADBLMQswCQYDVQQGEwJOTzEdMBsGA1UECgwU +QnV5cGFzcyBBUy05ODMxNjMzMjcxHTAbBgNVBAMMFEJ1eXBhc3MgQ2xhc3MgMiBDQSAxMB4XDTA2 +MTAxMzEwMjUwOVoXDTE2MTAxMzEwMjUwOVowSzELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBh +c3MgQVMtOTgzMTYzMzI3MR0wGwYDVQQDDBRCdXlwYXNzIENsYXNzIDIgQ0EgMTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAIs8B0XY9t/mx8q6jUPFR42wWsE425KEHK8T1A9vNkYgxC7M +cXA0ojTTNy7Y3Tp3L8DrKehc0rWpkTSHIln+zNvnma+WwajHQN2lFYxuyHyXA8vmIPLXl18xoS83 +0r7uvqmtqEyeIWZDO6i88wmjONVZJMHCR3axiFyCO7srpgTXjAePzdVBHfCuuCkslFJgNJQ72uA4 +0Z0zPhX0kzLFANq1KWYOOngPIVJfAuWSeyXTkh4vFZ2B5J2O6O+JzhRMVB0cgRJNcKi+EAUXfh/R +uFdV7c27UsKwHnjCTTZoy1YmwVLBvXb3WNVyfh9EdrsAiR0WnVE1703CVu9r4Iw7DekCAwEAAaNC +MEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUP42aWYv8e3uco684sDntkHGA1sgwDgYDVR0P +AQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQAVGn4TirnoB6NLJzKyQJHyIdFkhb5jatLPgcIV +1Xp+DCmsNx4cfHZSldq1fyOhKXdlyTKdqC5Wq2B2zha0jX94wNWZUYN/Xtm+DKhQ7SLHrQVMdvvt +7h5HZPb3J31cKA9FxVxiXqaakZG3Uxcu3K1gnZZkOb1naLKuBctN518fV4bVIJwo+28TOPX2EZL2 +fZleHwzoq0QkKXJAPTZSr4xYkHPB7GEseaHsh7U/2k3ZIQAw3pDaDtMaSKk+hQsUi4y8QZ5q9w5w +wDX3OaJdZtB7WZ+oRxKaJyOkLY4ng5IgodcVf/EuGO70SH8vf/GhGLWhC5SgYiAynB321O+/TIho +-----END CERTIFICATE----- + +Buypass Class 3 CA 1 +==================== +-----BEGIN CERTIFICATE----- +MIIDUzCCAjugAwIBAgIBAjANBgkqhkiG9w0BAQUFADBLMQswCQYDVQQGEwJOTzEdMBsGA1UECgwU +QnV5cGFzcyBBUy05ODMxNjMzMjcxHTAbBgNVBAMMFEJ1eXBhc3MgQ2xhc3MgMyBDQSAxMB4XDTA1 +MDUwOTE0MTMwM1oXDTE1MDUwOTE0MTMwM1owSzELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBh +c3MgQVMtOTgzMTYzMzI3MR0wGwYDVQQDDBRCdXlwYXNzIENsYXNzIDMgQ0EgMTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAKSO13TZKWTeXx+HgJHqTjnmGcZEC4DVC69TB4sSveZn8AKx +ifZgisRbsELRwCGoy+Gb72RRtqfPFfV0gGgEkKBYouZ0plNTVUhjP5JW3SROjvi6K//zNIqeKNc0 +n6wv1g/xpC+9UrJJhW05NfBEMJNGJPO251P7vGGvqaMU+8IXF4Rs4HyI+MkcVyzwPX6UvCWThOia +AJpFBUJXgPROztmuOfbIUxAMZTpHe2DC1vqRycZxbL2RhzyRhkmr8w+gbCZ2Xhysm3HljbybIR6c +1jh+JIAVMYKWsUnTYjdbiAwKYjT+p0h+mbEwi5A3lRyoH6UsjfRVyNvdWQrCrXig9IsCAwEAAaNC +MEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUOBTmyPCppAP0Tj4io1vy1uCtQHQwDgYDVR0P +AQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQABZ6OMySU9E2NdFm/soT4JXJEVKirZgCFPBdy7 +pYmrEzMqnji3jG8CcmPHc3ceCQa6Oyh7pEfJYWsICCD8igWKH7y6xsL+z27sEzNxZy5p+qksP2bA +EllNC1QCkoS72xLvg3BweMhT+t/Gxv/ciC8HwEmdMldg0/L2mSlf56oBzKwzqBwKu5HEA6BvtjT5 +htOzdlSY9EqBs1OdTUDs5XcTRa9bqh/YL0yCe/4qxFi7T/ye/QNlGioOw6UgFpRreaaiErS7GqQj +el/wroQk5PMr+4okoyeYZdowdXb8GZHo2+ubPzK/QJcHJrrM85SFSnonk8+QQtS4Wxam58tAA915 +-----END CERTIFICATE----- + +EBG Elektronik Sertifika Hizmet Sa\xC4\x9Flay\xc4\xb1\x63\xc4\xb1s\xc4\xb1 +========================================================================== +-----BEGIN CERTIFICATE----- +MIIF5zCCA8+gAwIBAgIITK9zQhyOdAIwDQYJKoZIhvcNAQEFBQAwgYAxODA2BgNVBAMML0VCRyBF +bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxMTcwNQYDVQQKDC5FQkcg +QmlsacWfaW0gVGVrbm9sb2ppbGVyaSB2ZSBIaXptZXRsZXJpIEEuxZ4uMQswCQYDVQQGEwJUUjAe +Fw0wNjA4MTcwMDIxMDlaFw0xNjA4MTQwMDMxMDlaMIGAMTgwNgYDVQQDDC9FQkcgRWxla3Ryb25p +ayBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTE3MDUGA1UECgwuRUJHIEJpbGnFn2lt +IFRla25vbG9qaWxlcmkgdmUgSGl6bWV0bGVyaSBBLsWeLjELMAkGA1UEBhMCVFIwggIiMA0GCSqG +SIb3DQEBAQUAA4ICDwAwggIKAoICAQDuoIRh0DpqZhAy2DE4f6en5f2h4fuXd7hxlugTlkaDT7by +X3JWbhNgpQGR4lvFzVcfd2NR/y8927k/qqk153nQ9dAktiHq6yOU/im/+4mRDGSaBUorzAzu8T2b +gmmkTPiab+ci2hC6X5L8GCcKqKpE+i4stPtGmggDg3KriORqcsnlZR9uKg+ds+g75AxuetpX/dfr +eYteIAbTdgtsApWjluTLdlHRKJ2hGvxEok3MenaoDT2/F08iiFD9rrbskFBKW5+VQarKD7JK/oCZ +TqNGFav4c0JqwmZ2sQomFd2TkuzbqV9UIlKRcF0T6kjsbgNs2d1s/OsNA/+mgxKb8amTD8UmTDGy +Y5lhcucqZJnSuOl14nypqZoaqsNW2xCaPINStnuWt6yHd6i58mcLlEOzrz5z+kI2sSXFCjEmN1Zn +uqMLfdb3ic1nobc6HmZP9qBVFCVMLDMNpkGMvQQxahByCp0OLna9XvNRiYuoP1Vzv9s6xiQFlpJI +qkuNKgPlV5EQ9GooFW5Hd4RcUXSfGenmHmMWOeMRFeNYGkS9y8RsZteEBt8w9DeiQyJ50hBs37vm +ExH8nYQKE3vwO9D8owrXieqWfo1IhR5kX9tUoqzVegJ5a9KK8GfaZXINFHDk6Y54jzJ0fFfy1tb0 +Nokb+Clsi7n2l9GkLqq+CxnCRelwXQIDAJ3Zo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB +/wQEAwIBBjAdBgNVHQ4EFgQU587GT/wWZ5b6SqMHwQSny2re2kcwHwYDVR0jBBgwFoAU587GT/wW +Z5b6SqMHwQSny2re2kcwDQYJKoZIhvcNAQEFBQADggIBAJuYml2+8ygjdsZs93/mQJ7ANtyVDR2t +FcU22NU57/IeIl6zgrRdu0waypIN30ckHrMk2pGI6YNw3ZPX6bqz3xZaPt7gyPvT/Wwp+BVGoGgm +zJNSroIBk5DKd8pNSe/iWtkqvTDOTLKBtjDOWU/aWR1qeqRFsIImgYZ29fUQALjuswnoT4cCB64k +XPBfrAowzIpAoHMEwfuJJPaaHFy3PApnNgUIMbOv2AFoKuB4j3TeuFGkjGwgPaL7s9QJ/XvCgKqT +bCmYIai7FvOpEl90tYeY8pUm3zTvilORiF0alKM/fCL414i6poyWqD1SNGKfAB5UVUJnxk1Gj7sU +RT0KlhaOEKGXmdXTMIXM3rRyt7yKPBgpaP3ccQfuJDlq+u2lrDgv+R4QDgZxGhBM/nV+/x5XOULK +1+EVoVZVWRvRo68R2E7DpSvvkL/A7IITW43WciyTTo9qKd+FPNMN4KIYEsxVL0e3p5sC/kH2iExt +2qkBR4NkJ2IQgtYSe14DHzSpyZH+r11thie3I6p1GMog57AP14kOpmciY/SDQSsGS7tY1dHXt7kQ +Y9iJSrSq3RZj9W6+YKH47ejWkE8axsWgKdOnIaj1Wjz3x0miIZpKlVIglnKaZsv30oZDfCK+lvm9 +AahH3eU7QPl1K5srRmSGjR70j/sHd9DqSaIcjVIUpgqT +-----END CERTIFICATE----- + +certSIGN ROOT CA +================ +-----BEGIN CERTIFICATE----- +MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYTAlJPMREwDwYD +VQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBDQTAeFw0wNjA3MDQxNzIwMDRa +Fw0zMTA3MDQxNzIwMDRaMDsxCzAJBgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UE +CxMQY2VydFNJR04gUk9PVCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALczuX7I +JUqOtdu0KBuqV5Do0SLTZLrTk+jUrIZhQGpgV2hUhE28alQCBf/fm5oqrl0Hj0rDKH/v+yv6efHH +rfAQUySQi2bJqIirr1qjAOm+ukbuW3N7LBeCgV5iLKECZbO9xSsAfsT8AzNXDe3i+s5dRdY4zTW2 +ssHQnIFKquSyAVwdj1+ZxLGt24gh65AIgoDzMKND5pCCrlUoSe1b16kQOA7+j0xbm0bqQfWwCHTD +0IgztnzXdN/chNFDDnU5oSVAKOp4yw4sLjmdjItuFhwvJoIQ4uNllAoEwF73XVv4EOLQunpL+943 +AAAaWyjj0pxzPjKHmKHJUS/X3qwzs08CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8B +Af8EBAMCAcYwHQYDVR0OBBYEFOCMm9slSbPxfIbWskKHC9BroNnkMA0GCSqGSIb3DQEBBQUAA4IB +AQA+0hyJLjX8+HXd5n9liPRyTMks1zJO890ZeUe9jjtbkw9QSSQTaxQGcu8J06Gh40CEyecYMnQ8 +SG4Pn0vU9x7Tk4ZkVJdjclDVVc/6IJMCopvDI5NOFlV2oHB5bc0hH88vLbwZ44gx+FkagQnIl6Z0 +x2DEW8xXjrJ1/RsCCdtZb3KTafcxQdaIOL+Hsr0Wefmq5L6IJd1hJyMctTEHBDa0GpC9oHRxUIlt +vBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNwi/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7Nz +TogVZ96edhBiIL5VaZVDADlN9u6wWk5JRFRYX0KD +-----END CERTIFICATE----- + +CNNIC ROOT +========== +-----BEGIN CERTIFICATE----- +MIIDVTCCAj2gAwIBAgIESTMAATANBgkqhkiG9w0BAQUFADAyMQswCQYDVQQGEwJDTjEOMAwGA1UE +ChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwHhcNMDcwNDE2MDcwOTE0WhcNMjcwNDE2MDcw +OTE0WjAyMQswCQYDVQQGEwJDTjEOMAwGA1UEChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1Qw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTNfc/c3et6FtzF8LRb+1VvG7q6KR5smzD +o+/hn7E7SIX1mlwhIhAsxYLO2uOabjfhhyzcuQxauohV3/2q2x8x6gHx3zkBwRP9SFIhxFXf2tiz +VHa6dLG3fdfA6PZZxU3Iva0fFNrfWEQlMhkqx35+jq44sDB7R3IJMfAw28Mbdim7aXZOV/kbZKKT +VrdvmW7bCgScEeOAH8tjlBAKqeFkgjH5jCftppkA9nCTGPihNIaj3XrCGHn2emU1z5DrvTOTn1Or +czvmmzQgLx3vqR1jGqCA2wMv+SYahtKNu6m+UjqHZ0gNv7Sg2Ca+I19zN38m5pIEo3/PIKe38zrK +y5nLAgMBAAGjczBxMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBRl8jGtKvf33VKWCscC +wQ7vptU7ETAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIB/jAdBgNVHQ4EFgQUZfIxrSr3991S +lgrHAsEO76bVOxEwDQYJKoZIhvcNAQEFBQADggEBAEs17szkrr/Dbq2flTtLP1se31cpolnKOOK5 +Gv+e5m4y3R6u6jW39ZORTtpC4cMXYFDy0VwmuYK36m3knITnA3kXr5g9lNvHugDnuL8BV8F3RTIM +O/G0HAiw/VGgod2aHRM2mm23xzy54cXZF/qD1T0VoDy7HgviyJA/qIYM/PmLXoXLT1tLYhFHxUV8 +BS9BsZ4QaRuZluBVeftOhpm4lNqGOGqTo+fLbuXf6iFViZx9fX+Y9QCJ7uOEwFyWtcVG6kbghVW2 +G8kS1sHNzYDzAgE8yGnLRUhj2JTQ7IUOO04RZfSCjKY9ri4ilAnIXOo8gV0WKgOXFlUJ24pBgp5m +mxE= +-----END CERTIFICATE----- + +ApplicationCA - Japanese Government +=================================== +-----BEGIN CERTIFICATE----- +MIIDoDCCAoigAwIBAgIBMTANBgkqhkiG9w0BAQUFADBDMQswCQYDVQQGEwJKUDEcMBoGA1UEChMT +SmFwYW5lc2UgR292ZXJubWVudDEWMBQGA1UECxMNQXBwbGljYXRpb25DQTAeFw0wNzEyMTIxNTAw +MDBaFw0xNzEyMTIxNTAwMDBaMEMxCzAJBgNVBAYTAkpQMRwwGgYDVQQKExNKYXBhbmVzZSBHb3Zl +cm5tZW50MRYwFAYDVQQLEw1BcHBsaWNhdGlvbkNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEAp23gdE6Hj6UG3mii24aZS2QNcfAKBZuOquHMLtJqO8F6tJdhjYq+xpqcBrSGUeQ3DnR4 +fl+Kf5Sk10cI/VBaVuRorChzoHvpfxiSQE8tnfWuREhzNgaeZCw7NCPbXCbkcXmP1G55IrmTwcrN +wVbtiGrXoDkhBFcsovW8R0FPXjQilbUfKW1eSvNNcr5BViCH/OlQR9cwFO5cjFW6WY2H/CPek9AE +jP3vbb3QesmlOmpyM8ZKDQUXKi17safY1vC+9D/qDihtQWEjdnjDuGWk81quzMKq2edY3rZ+nYVu +nyoKb58DKTCXKB28t89UKU5RMfkntigm/qJj5kEW8DOYRwIDAQABo4GeMIGbMB0GA1UdDgQWBBRU +WssmP3HMlEYNllPqa0jQk/5CdTAOBgNVHQ8BAf8EBAMCAQYwWQYDVR0RBFIwUKROMEwxCzAJBgNV +BAYTAkpQMRgwFgYDVQQKDA/ml6XmnKzlm73mlL/lupwxIzAhBgNVBAsMGuOCouODl+ODquOCseOD +vOOCt+ODp+ODs0NBMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADlqRHZ3ODrs +o2dGD/mLBqj7apAxzn7s2tGJfHrrLgy9mTLnsCTWw//1sogJhyzjVOGjprIIC8CFqMjSnHH2HZ9g +/DgzE+Ge3Atf2hZQKXsvcJEPmbo0NI2VdMV+eKlmXb3KIXdCEKxmJj3ekav9FfBv7WxfEPjzFvYD +io+nEhEMy/0/ecGc/WLuo89UDNErXxc+4z6/wCs+CZv+iKZ+tJIX/COUgb1up8WMwusRRdv4QcmW +dupwX3kSa+SjB1oF7ydJzyGfikwJcGapJsErEU4z0g781mzSDjJkaP+tBXhfAx2o45CsJOAPQKdL +rosot4LKGAfmt1t06SAZf7IbiVQ= +-----END CERTIFICATE----- + +GeoTrust Primary Certification Authority - G3 +============================================= +-----BEGIN CERTIFICATE----- +MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UE +BhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChjKSAyMDA4IEdlb1RydXN0 +IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFy +eSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEczMB4XDTA4MDQwMjAwMDAwMFoXDTM3MTIwMTIz +NTk1OVowgZgxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAo +YykgMjAwOCBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNVBAMT +LUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMzCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBANziXmJYHTNXOTIz+uvLh4yn1ErdBojqZI4xmKU4kB6Yzy5j +K/BGvESyiaHAKAxJcCGVn2TAppMSAmUmhsalifD614SgcK9PGpc/BkTVyetyEH3kMSj7HGHmKAdE +c5IiaacDiGydY8hS2pgn5whMcD60yRLBxWeDXTPzAxHsatBT4tG6NmCUgLthY2xbF37fQJQeqw3C +IShwiP/WJmxsYAQlTlV+fe+/lEjetx3dcI0FX4ilm/LC7urRQEFtYjgdVgbFA0dRIBn8exALDmKu +dlW/X3e+PkkBUz2YJQN2JFodtNuJ6nnltrM7P7pMKEF/BqxqjsHQ9gUdfeZChuOl1UcCAwEAAaNC +MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMR5yo6hTgMdHNxr +2zFblD4/MH8tMA0GCSqGSIb3DQEBCwUAA4IBAQAtxRPPVoB7eni9n64smefv2t+UXglpp+duaIy9 +cr5HqQ6XErhK8WTTOd8lNNTBzU6B8A8ExCSzNJbGpqow32hhc9f5joWJ7w5elShKKiePEI4ufIbE +Ap7aDHdlDkQNkv39sxY2+hENHYwOB4lqKVb3cvTdFZx3NWZXqxNT2I7BQMXXExZacse3aQHEerGD +AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUHSJsMC8tJP33s +t/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2Gspki4cErx5z481+oghLrGREt +-----END CERTIFICATE----- + +thawte Primary Root CA - G2 +=========================== +-----BEGIN CERTIFICATE----- +MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDELMAkGA1UEBhMC +VVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE4MDYGA1UECxMvKGMpIDIwMDcgdGhhd3RlLCBJbmMu +IC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3Qg +Q0EgLSBHMjAeFw0wNzExMDUwMDAwMDBaFw0zODAxMTgyMzU5NTlaMIGEMQswCQYDVQQGEwJVUzEV +MBMGA1UEChMMdGhhd3RlLCBJbmMuMTgwNgYDVQQLEy8oYykgMjAwNyB0aGF3dGUsIEluYy4gLSBG +b3IgYXV0aG9yaXplZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAt +IEcyMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEotWcgnuVnfFSeIf+iha/BebfowJPDQfGAFG6DAJS +LSKkQjnE/o/qycG+1E3/n3qe4rF8mq2nhglzh9HnmuN6papu+7qzcMBniKI11KOasf2twu8x+qi5 +8/sIxpHR+ymVo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU +mtgAMADna3+FGO6Lts6KDPgR4bswCgYIKoZIzj0EAwMDaQAwZgIxAN344FdHW6fmCsO99YCKlzUN +G4k8VIZ3KMqh9HneteY4sPBlcIx/AlTCv//YoT7ZzwIxAMSNlPzcU9LcnXgWHxUzI1NS41oxXZ3K +rr0TKUQNJ1uo52icEvdYPy5yAlejj6EULg== +-----END CERTIFICATE----- + +thawte Primary Root CA - G3 +=========================== +-----BEGIN CERTIFICATE----- +MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCBrjELMAkGA1UE +BhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2 +aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhv +cml6ZWQgdXNlIG9ubHkxJDAiBgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzAeFw0w +ODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIGuMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhh +d3RlLCBJbmMuMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMTgwNgYD +VQQLEy8oYykgMjAwOCB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEkMCIG +A1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAtIEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAsr8nLPvb2FvdeHsbnndmgcs+vHyu86YnmjSjaDFxODNi5PNxZnmxqWWjpYvVj2At +P0LMqmsywCPLLEHd5N/8YZzic7IilRFDGF/Eth9XbAoFWCLINkw6fKXRz4aviKdEAhN0cXMKQlkC ++BsUa0Lfb1+6a4KinVvnSr0eAXLbS3ToO39/fR8EtCab4LRarEc9VbjXsCZSKAExQGbY2SS99irY +7CFJXJv2eul/VTV+lmuNk5Mny5K76qxAwJ/C+IDPXfRa3M50hqY+bAtTyr2SzhkGcuYMXDhpxwTW +vGzOW/b3aJzcJRVIiKHpqfiYnODz1TEoYRFsZ5aNOZnLwkUkOQIDAQABo0IwQDAPBgNVHRMBAf8E +BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUrWyqlGCc7eT/+j4KdCtjA/e2Wb8wDQYJ +KoZIhvcNAQELBQADggEBABpA2JVlrAmSicY59BDlqQ5mU1143vokkbvnRFHfxhY0Cu9qRFHqKweK +A3rD6z8KLFIWoCtDuSWQP3CpMyVtRRooOyfPqsMpQhvfO0zAMzRbQYi/aytlryjvsvXDqmbOe1bu +t8jLZ8HJnBoYuMTDSQPxYA5QzUbF83d597YV4Djbxy8ooAw/dyZ02SUS2jHaGh7cKUGRIjxpp7sC +8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fMm7v/OeZWYdMKp8RcTGB7BXcm +er/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZuMdRAGmI0Nj81Aa6sY6A= +-----END CERTIFICATE----- + +GeoTrust Primary Certification Authority - G2 +============================================= +-----BEGIN CERTIFICATE----- +MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDELMAkGA1UEBhMC +VVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChjKSAyMDA3IEdlb1RydXN0IElu +Yy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBD +ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMB4XDTA3MTEwNTAwMDAwMFoXDTM4MDExODIzNTk1 +OVowgZgxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykg +MjAwNyBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNVBAMTLUdl +b1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjB2MBAGByqGSM49AgEG +BSuBBAAiA2IABBWx6P0DFUPlrOuHNxFi79KDNlJ9RVcLSo17VDs6bl8VAsBQps8lL33KSLjHUGMc +KiEIfJo22Av+0SbFWDEwKCXzXV2juLaltJLtbCyf691DiaI8S0iRHVDsJt/WYC69IaNCMEAwDwYD +VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBVfNVdRVfslsq0DafwBo/q+ +EVXVMAoGCCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGTqQ7m +ndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBuczrD6ogRLQy7rQkgu2 +npaqBA+K +-----END CERTIFICATE----- + +VeriSign Universal Root Certification Authority +=============================================== +-----BEGIN CERTIFICATE----- +MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCBvTELMAkGA1UE +BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBO +ZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVk +IHVzZSBvbmx5MTgwNgYDVQQDEy9WZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9u +IEF1dGhvcml0eTAeFw0wODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIG9MQswCQYDVQQGEwJV +UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv +cmsxOjA4BgNVBAsTMShjKSAyMDA4IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl +IG9ubHkxODA2BgNVBAMTL1ZlcmlTaWduIFVuaXZlcnNhbCBSb290IENlcnRpZmljYXRpb24gQXV0 +aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2E3XrEBNNti1xWb/1hajCMj +1mCOkdeQmIN65lgZOIzF9uVkhbSicfvtvbnazU0AtMgtc6XHaXGVHzk8skQHnOgO+k1KxCHfKWGP +MiJhgsWHH26MfF8WIFFE0XBPV+rjHOPMee5Y2A7Cs0WTwCznmhcrewA3ekEzeOEz4vMQGn+HLL72 +9fdC4uW/h2KJXwBL38Xd5HVEMkE6HnFuacsLdUYI0crSK5XQz/u5QGtkjFdN/BMReYTtXlT2NJ8I +AfMQJQYXStrxHXpma5hgZqTZ79IugvHw7wnqRMkVauIDbjPTrJ9VAMf2CGqUuV/c4DPxhGD5WycR +tPwW8rtWaoAljQIDAQABo4GyMIGvMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMG0G +CCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2O +a8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMB0GA1Ud +DgQWBBS2d/ppSEefUxLVwuoHMnYH0ZcHGTANBgkqhkiG9w0BAQsFAAOCAQEASvj4sAPmLGd75JR3 +Y8xuTPl9Dg3cyLk1uXBPY/ok+myDjEedO2Pzmvl2MpWRsXe8rJq+seQxIcaBlVZaDrHC1LGmWazx +Y8u4TB1ZkErvkBYoH1quEPuBUDgMbMzxPcP1Y+Oz4yHJJDnp/RVmRvQbEdBNc6N9Rvk97ahfYtTx +P/jgdFcrGJ2BtMQo2pSXpXDrrB2+BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+P +wGZsY6rp2aQW9IHRlRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4 +mJO37M2CYfE45k+XmCpajQ== +-----END CERTIFICATE----- + +VeriSign Class 3 Public Primary Certification Authority - G4 +============================================================ +-----BEGIN CERTIFICATE----- +MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjELMAkGA1UEBhMC +VVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3 +b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVz +ZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmlj +YXRpb24gQXV0aG9yaXR5IC0gRzQwHhcNMDcxMTA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCByjEL +MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBU +cnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRo +b3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5 +IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASnVnp8 +Utpkmw4tXNherJI9/gHmGUo9FANL+mAnINmDiWn6VMaaGF5VKmTeBvaNSjutEDxlPZCIBIngMGGz +rl0Bp3vefLK+ymVhAIau2o970ImtTR1ZmkGxvEeA3J5iw/mjgbIwga8wDwYDVR0TAQH/BAUwAwEB +/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEw +HzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24u +Y29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFLMWkf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMD +A2gAMGUCMGYhDBgmYFo4e1ZC4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIx +AJw9SDkjOVgaFRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA== +-----END CERTIFICATE----- + +NetLock Arany (Class Gold) FÅ‘tanÃºsÃtvÃ¡ny +============================================ +-----BEGIN CERTIFICATE----- +MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQGEwJIVTERMA8G +A1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3MDUGA1UECwwuVGFuw7pzw610 +dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNlcnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBB +cmFueSAoQ2xhc3MgR29sZCkgRsWRdGFuw7pzw610dsOhbnkwHhcNMDgxMjExMTUwODIxWhcNMjgx +MjA2MTUwODIxWjCBpzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxO +ZXRMb2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlmaWNhdGlv +biBTZXJ2aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNzIEdvbGQpIEbFkXRhbsO6 +c8OtdHbDoW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCRec75LbRTDofTjl5Bu +0jBFHjzuZ9lk4BqKf8owyoPjIMHj9DrTlF8afFttvzBPhCf2nx9JvMaZCpDyD/V/Q4Q3Y1GLeqVw +/HpYzY6b7cNGbIRwXdrzAZAj/E4wqX7hJ2Pn7WQ8oLjJM2P+FpD/sLj916jAwJRDC7bVWaaeVtAk +H3B5r9s5VA1lddkVQZQBr17s9o3x/61k/iCa11zr/qYfCGSji3ZVrR47KGAuhyXoqq8fxmRGILdw +fzzeSNuWU7c5d+Qa4scWhHaXWy+7GRWF+GmF9ZmnqfI0p6m2pgP8b4Y9VHx2BJtr+UBdADTHLpl1 +neWIA6pN+APSQnbAGwIDAKiLo0UwQzASBgNVHRMBAf8ECDAGAQH/AgEEMA4GA1UdDwEB/wQEAwIB +BjAdBgNVHQ4EFgQUzPpnk/C2uNClwB7zU/2MU9+D15YwDQYJKoZIhvcNAQELBQADggEBAKt/7hwW +qZw8UQCgwBEIBaeZ5m8BiFRhbvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTta +YtOUZcTh5m2C+C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC +bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2FuLjbvrW5Kfna +NwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2XjG4Kvte9nHfRCaexOYNkbQu +dZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E= +-----END CERTIFICATE----- + +Staat der Nederlanden Root CA - G2 +================================== +-----BEGIN CERTIFICATE----- +MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJOTDEeMBwGA1UE +CgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFhdCBkZXIgTmVkZXJsYW5kZW4g +Um9vdCBDQSAtIEcyMB4XDTA4MDMyNjExMTgxN1oXDTIwMDMyNTExMDMxMFowWjELMAkGA1UEBhMC +TkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5l +ZGVybGFuZGVuIFJvb3QgQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMVZ +5291qj5LnLW4rJ4L5PnZyqtdj7U5EILXr1HgO+EASGrP2uEGQxGZqhQlEq0i6ABtQ8SpuOUfiUtn +vWFI7/3S4GCI5bkYYCjDdyutsDeqN95kWSpGV+RLufg3fNU254DBtvPUZ5uW6M7XxgpT0GtJlvOj +CwV3SPcl5XCsMBQgJeN/dVrlSPhOewMHBPqCYYdu8DvEpMfQ9XQ+pV0aCPKbJdL2rAQmPlU6Yiil +e7Iwr/g3wtG61jj99O9JMDeZJiFIhQGp5Rbn3JBV3w/oOM2ZNyFPXfUib2rFEhZgF1XyZWampzCR +OME4HYYEhLoaJXhena/MUGDWE4dS7WMfbWV9whUYdMrhfmQpjHLYFhN9C0lK8SgbIHRrxT3dsKpI +CT0ugpTNGmXZK4iambwYfp/ufWZ8Pr2UuIHOzZgweMFvZ9C+X+Bo7d7iscksWXiSqt8rYGPy5V65 +48r6f1CGPqI0GAwJaCgRHOThuVw+R7oyPxjMW4T182t0xHJ04eOLoEq9jWYv6q012iDTiIJh8BIi +trzQ1aTsr1SIJSQ8p22xcik/Plemf1WvbibG/ufMQFxRRIEKeN5KzlW/HdXZt1bv8Hb/C3m1r737 +qWmRRpdogBQ2HbN/uymYNqUg+oJgYjOk7Na6B6duxc8UpufWkjTYgfX8HV2qXB72o007uPc5AgMB +AAGjgZcwgZQwDwYDVR0TAQH/BAUwAwEB/zBSBgNVHSAESzBJMEcGBFUdIAAwPzA9BggrBgEFBQcC +ARYxaHR0cDovL3d3dy5wa2lvdmVyaGVpZC5ubC9wb2xpY2llcy9yb290LXBvbGljeS1HMjAOBgNV +HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJFoMocVHYnitfGsNig0jQt8YojrMA0GCSqGSIb3DQEBCwUA +A4ICAQCoQUpnKpKBglBu4dfYszk78wIVCVBR7y29JHuIhjv5tLySCZa59sCrI2AGeYwRTlHSeYAz ++51IvuxBQ4EffkdAHOV6CMqqi3WtFMTC6GY8ggen5ieCWxjmD27ZUD6KQhgpxrRW/FYQoAUXvQwj +f/ST7ZwaUb7dRUG/kSS0H4zpX897IZmflZ85OkYcbPnNe5yQzSipx6lVu6xiNGI1E0sUOlWDuYaN +kqbG9AclVMwWVxJKgnjIFNkXgiYtXSAfea7+1HAWFpWD2DU5/1JddRwWxRNVz0fMdWVSSt7wsKfk +CpYL+63C4iWEst3kvX5ZbJvw8NjnyvLplzh+ib7M+zkXYT9y2zqR2GUBGR2tUKRXCnxLvJxxcypF +URmFzI79R6d0lR2o0a9OF7FpJsKqeFdbxU2n5Z4FF5TKsl+gSRiNNOkmbEgeqmiSBeGCc1qb3Adb +CG19ndeNIdn8FCCqwkXfP+cAslHkwvgFuXkajDTznlvkN1trSt8sV4pAWja63XVECDdCcAz+3F4h +oKOKwJCcaNpQ5kUQR3i2TtJlycM33+FCY7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoV +IPVVYpbtbZNQvOSqeK3Zywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm +66+KAQ== +-----END CERTIFICATE----- + +CA Disig +======== +-----BEGIN CERTIFICATE----- +MIIEDzCCAvegAwIBAgIBATANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJTSzETMBEGA1UEBxMK +QnJhdGlzbGF2YTETMBEGA1UEChMKRGlzaWcgYS5zLjERMA8GA1UEAxMIQ0EgRGlzaWcwHhcNMDYw +MzIyMDEzOTM0WhcNMTYwMzIyMDEzOTM0WjBKMQswCQYDVQQGEwJTSzETMBEGA1UEBxMKQnJhdGlz +bGF2YTETMBEGA1UEChMKRGlzaWcgYS5zLjERMA8GA1UEAxMIQ0EgRGlzaWcwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQCS9jHBfYj9mQGp2HvycXXxMcbzdWb6UShGhJd4NLxs/LxFWYgm +GErENx+hSkS943EE9UQX4j/8SFhvXJ56CbpRNyIjZkMhsDxkovhqFQ4/61HhVKndBpnXmjxUizkD +Pw/Fzsbrg3ICqB9x8y34dQjbYkzo+s7552oftms1grrijxaSfQUMbEYDXcDtab86wYqg6I7ZuUUo +hwjstMoVvoLdtUSLLa2GDGhibYVW8qwUYzrG0ZmsNHhWS8+2rT+MitcE5eN4TPWGqvWP+j1scaMt +ymfraHtuM6kMgiioTGohQBUgDCZbg8KpFhXAJIJdKxatymP2dACw30PEEGBWZ2NFAgMBAAGjgf8w +gfwwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUjbJJaJ1yCCW5wCf1UJNWSEZx+Y8wDgYDVR0P +AQH/BAQDAgEGMDYGA1UdEQQvMC2BE2Nhb3BlcmF0b3JAZGlzaWcuc2uGFmh0dHA6Ly93d3cuZGlz +aWcuc2svY2EwZgYDVR0fBF8wXTAtoCugKYYnaHR0cDovL3d3dy5kaXNpZy5zay9jYS9jcmwvY2Ff +ZGlzaWcuY3JsMCygKqAohiZodHRwOi8vY2EuZGlzaWcuc2svY2EvY3JsL2NhX2Rpc2lnLmNybDAa +BgNVHSAEEzARMA8GDSuBHpGT5goAAAABAQEwDQYJKoZIhvcNAQEFBQADggEBAF00dGFMrzvY/59t +WDYcPQuBDRIrRhCA/ec8J9B6yKm2fnQwM6M6int0wHl5QpNt/7EpFIKrIYwvF/k/Ji/1WcbvgAa3 +mkkp7M5+cTxqEEHA9tOasnxakZzArFvITV734VP/Q3f8nktnbNfzg9Gg4H8l37iYC5oyOGwwoPP/ +CBUz91BKez6jPiCp3C9WgArtQVCwyfTssuMmRAAOb54GvCKWU3BlxFAKRmukLyeBEicTXxChds6K +ezfqwzlhA5WYOudsiCUI/HloDYd9Yvi0X/vF2Ey9WLw/Q1vUHgFNPGO+I++MzVpQuGhU+QqZMxEA +4Z7CRneC9VkGjCFMhwnN5ag= +-----END CERTIFICATE----- + +Juur-SK +======= +-----BEGIN CERTIFICATE----- +MIIE5jCCA86gAwIBAgIEO45L/DANBgkqhkiG9w0BAQUFADBdMRgwFgYJKoZIhvcNAQkBFglwa2lA +c2suZWUxCzAJBgNVBAYTAkVFMSIwIAYDVQQKExlBUyBTZXJ0aWZpdHNlZXJpbWlza2Vza3VzMRAw +DgYDVQQDEwdKdXVyLVNLMB4XDTAxMDgzMDE0MjMwMVoXDTE2MDgyNjE0MjMwMVowXTEYMBYGCSqG +SIb3DQEJARYJcGtpQHNrLmVlMQswCQYDVQQGEwJFRTEiMCAGA1UEChMZQVMgU2VydGlmaXRzZWVy +aW1pc2tlc2t1czEQMA4GA1UEAxMHSnV1ci1TSzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAIFxNj4zB9bjMI0TfncyRsvPGbJgMUaXhvSYRqTCZUXP00B841oiqBB4M8yIsdOBSvZiF3tf +TQou0M+LI+5PAk676w7KvRhj6IAcjeEcjT3g/1tf6mTll+g/mX8MCgkzABpTpyHhOEvWgxutr2TC ++Rx6jGZITWYfGAriPrsfB2WThbkasLnE+w0R9vXW+RvHLCu3GFH+4Hv2qEivbDtPL+/40UceJlfw +UR0zlv/vWT3aTdEVNMfqPxZIe5EcgEMPPbgFPtGzlc3Yyg/CQ2fbt5PgIoIuvvVoKIO5wTtpeyDa +Tpxt4brNj3pssAki14sL2xzVWiZbDcDq5WDQn/413z8CAwEAAaOCAawwggGoMA8GA1UdEwEB/wQF +MAMBAf8wggEWBgNVHSAEggENMIIBCTCCAQUGCisGAQQBzh8BAQEwgfYwgdAGCCsGAQUFBwICMIHD +HoHAAFMAZQBlACAAcwBlAHIAdABpAGYAaQBrAGEAYQB0ACAAbwBuACAAdgDkAGwAagBhAHMAdABh +AHQAdQBkACAAQQBTAC0AaQBzACAAUwBlAHIAdABpAGYAaQB0AHMAZQBlAHIAaQBtAGkAcwBrAGUA +cwBrAHUAcwAgAGEAbABhAG0ALQBTAEsAIABzAGUAcgB0AGkAZgBpAGsAYQBhAHQAaQBkAGUAIABr +AGkAbgBuAGkAdABhAG0AaQBzAGUAawBzMCEGCCsGAQUFBwIBFhVodHRwOi8vd3d3LnNrLmVlL2Nw +cy8wKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL3d3dy5zay5lZS9qdXVyL2NybC8wHQYDVR0OBBYE +FASqekej5ImvGs8KQKcYP2/v6X2+MB8GA1UdIwQYMBaAFASqekej5ImvGs8KQKcYP2/v6X2+MA4G +A1UdDwEB/wQEAwIB5jANBgkqhkiG9w0BAQUFAAOCAQEAe8EYlFOiCfP+JmeaUOTDBS8rNXiRTHyo +ERF5TElZrMj3hWVcRrs7EKACr81Ptcw2Kuxd/u+gkcm2k298gFTsxwhwDY77guwqYHhpNjbRxZyL +abVAyJRld/JXIWY7zoVAtjNjGr95HvxcHdMdkxuLDF2FvZkwMhgJkVLpfKG6/2SSmuz+Ne6ML678 +IIbsSt4beDI3poHSna9aEhbKmVv8b20OxaAehsmR0FyYgl9jDIpaq9iVpszLita/ZEuOyoqysOkh +Mp6qqIWYNIE5ITuoOlIyPfZrN4YGWhWY3PARZv40ILcD9EEQfTmEeZZyY7aWAuVrua0ZTbvGRNs2 +yyqcjg== +-----END CERTIFICATE----- + +Hongkong Post Root CA 1 +======================= +-----BEGIN CERTIFICATE----- +MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsxFjAUBgNVBAoT +DUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3QgUm9vdCBDQSAxMB4XDTAzMDUx +NTA1MTMxNFoXDTIzMDUxNTA0NTIyOVowRzELMAkGA1UEBhMCSEsxFjAUBgNVBAoTDUhvbmdrb25n +IFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3QgUm9vdCBDQSAxMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEArP84tulmAknjorThkPlAj3n54r15/gK97iSSHSL22oVyaf7XPwnU3ZG1 +ApzQjVrhVcNQhrkpJsLj2aDxaQMoIIBFIi1WpztUlVYiWR8o3x8gPW2iNr4joLFutbEnPzlTCeqr +auh0ssJlXI6/fMN4hM2eFvz1Lk8gKgifd/PFHsSaUmYeSF7jEAaPIpjhZY4bXSNmO7ilMlHIhqqh +qZ5/dpTCpmy3QfDVyAY45tQM4vM7TG1QjMSDJ8EThFk9nnV0ttgCXjqQesBCNnLsak3c78QA3xMY +V18meMjWCnl3v/evt3a5pQuEF10Q6m/hq5URX208o1xNg1vysxmKgIsLhwIDAQABoyYwJDASBgNV +HRMBAf8ECDAGAQH/AgEDMA4GA1UdDwEB/wQEAwIBxjANBgkqhkiG9w0BAQUFAAOCAQEADkbVPK7i +h9legYsCmEEIjEy82tvuJxuC52pF7BaLT4Wg87JwvVqWuspube5Gi27nKi6Wsxkz67SfqLI37pio +l7Yutmcn1KZJ/RyTZXaeQi/cImyaT/JaFTmxcdcrUehtHJjA2Sr0oYJ71clBoiMBdDhViw+5Lmei +IAQ32pwL0xch4I+XeTRvhEgCIDMb5jREn5Fw9IBehEPCKdJsEhTkYY2sEJCehFC78JZvRZ+K88ps +T/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpOfMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilT +c4afU9hDDl3WY4JxHYB0yvbiAmvZWg== +-----END CERTIFICATE----- + +SecureSign RootCA11 +=================== +-----BEGIN CERTIFICATE----- +MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJKUDErMCkGA1UEChMi +SmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoGA1UEAxMTU2VjdXJlU2lnbiBS +b290Q0ExMTAeFw0wOTA0MDgwNDU2NDdaFw0yOTA0MDgwNDU2NDdaMFgxCzAJBgNVBAYTAkpQMSsw +KQYDVQQKEyJKYXBhbiBDZXJ0aWZpY2F0aW9uIFNlcnZpY2VzLCBJbmMuMRwwGgYDVQQDExNTZWN1 +cmVTaWduIFJvb3RDQTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/XeqpRyQBTvL +TJszi1oURaTnkBbR31fSIRCkF/3frNYfp+TbfPfs37gD2pRY/V1yfIw/XwFndBWW4wI8h9uuywGO +wvNmxoVF9ALGOrVisq/6nL+k5tSAMJjzDbaTj6nU2DbysPyKyiyhFTOVMdrAG/LuYpmGYz+/3ZMq +g6h2uRMft85OQoWPIucuGvKVCbIFtUROd6EgvanyTgp9UK31BQ1FT0Zx/Sg+U/sE2C3XZR1KG/rP +O7AxmjVuyIsG0wCR8pQIZUyxNAYAeoni8McDWc/V1uinMrPmmECGxc0nEovMe863ETxiYAcjPitA +bpSACW22s293bzUIUPsCh8U+iQIDAQABo0IwQDAdBgNVHQ4EFgQUW/hNT7KlhtQ60vFjmqC+CfZX +t94wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAKCh +OBZmLqdWHyGcBvod7bkixTgm2E5P7KN/ed5GIaGHd48HCJqypMWvDzKYC3xmKbabfSVSSUOrTC4r +bnpwrxYO4wJs+0LmGJ1F2FXI6Dvd5+H0LgscNFxsWEr7jIhQX5Ucv+2rIrVls4W6ng+4reV6G4pQ +Oh29Dbx7VFALuUKvVaAYga1lme++5Jy/xIWrQbJUb9wlze144o4MjQlJ3WN7WmmWAiGovVJZ6X01 +y8hSyn+B/tlr0/cR7SXf+Of5pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061 +lgeLKBObjBmNQSdJQO7e5iNEOdyhIta6A/I= +-----END CERTIFICATE----- + +ACEDICOM Root +============= +-----BEGIN CERTIFICATE----- +MIIFtTCCA52gAwIBAgIIYY3HhjsBggUwDQYJKoZIhvcNAQEFBQAwRDEWMBQGA1UEAwwNQUNFRElD +T00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00xCzAJBgNVBAYTAkVTMB4XDTA4 +MDQxODE2MjQyMloXDTI4MDQxMzE2MjQyMlowRDEWMBQGA1UEAwwNQUNFRElDT00gUm9vdDEMMAoG +A1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00xCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEF +AAOCAg8AMIICCgKCAgEA/5KV4WgGdrQsyFhIyv2AVClVYyT/kGWbEHV7w2rbYgIB8hiGtXxaOLHk +WLn709gtn70yN78sFW2+tfQh0hOR2QetAQXW8713zl9CgQr5auODAKgrLlUTY4HKRxx7XBZXehuD +YAQ6PmXDzQHe3qTWDLqO3tkE7hdWIpuPY/1NFgu3e3eM+SW10W2ZEi5PGrjm6gSSrj0RuVFCPYew +MYWveVqc/udOXpJPQ/yrOq2lEiZmueIM15jO1FillUAKt0SdE3QrwqXrIhWYENiLxQSfHY9g5QYb +m8+5eaA9oiM/Qj9r+hwDezCNzmzAv+YbX79nuIQZ1RXve8uQNjFiybwCq0Zfm/4aaJQ0PZCOrfbk +HQl/Sog4P75n/TSW9R28MHTLOO7VbKvU/PQAtwBbhTIWdjPp2KOZnQUAqhbm84F9b32qhm2tFXTT +xKJxqvQUfecyuB+81fFOvW8XAjnXDpVCOscAPukmYxHqC9FK/xidstd7LzrZlvvoHpKuE1XI2Sf2 +3EgbsCTBheN3nZqk8wwRHQ3ItBTutYJXCb8gWH8vIiPYcMt5bMlL8qkqyPyHK9caUPgn6C9D4zq9 +2Fdx/c6mUlv53U3t5fZvie27k5x2IXXwkkwp9y+cAS7+UEaeZAwUswdbxcJzbPEHXEUkFDWug/Fq +TYl6+rPYLWbwNof1K1MCAwEAAaOBqjCBpzAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKaz +4SsrSbbXc6GqlPUB53NlTKxQMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUprPhKytJttdzoaqU +9QHnc2VMrFAwRAYDVR0gBD0wOzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly9hY2VkaWNv +bS5lZGljb21ncm91cC5jb20vZG9jMA0GCSqGSIb3DQEBBQUAA4ICAQDOLAtSUWImfQwng4/F9tqg +aHtPkl7qpHMyEVNEskTLnewPeUKzEKbHDZ3Ltvo/Onzqv4hTGzz3gvoFNTPhNahXwOf9jU8/kzJP +eGYDdwdY6ZXIfj7QeQCM8htRM5u8lOk6e25SLTKeI6RF+7YuE7CLGLHdztUdp0J/Vb77W7tH1Pwk +zQSulgUV1qzOMPPKC8W64iLgpq0i5ALudBF/TP94HTXa5gI06xgSYXcGCRZj6hitoocf8seACQl1 +ThCojz2GuHURwCRiipZ7SkXp7FnFvmuD5uHorLUwHv4FB4D54SMNUI8FmP8sX+g7tq3PgbUhh8oI +KiMnMCArz+2UW6yyetLHKKGKC5tNSixthT8Jcjxn4tncB7rrZXtaAWPWkFtPF2Y9fwsZo5NjEFIq +nxQWWOLcpfShFosOkYuByptZ+thrkQdlVV9SH686+5DdaaVbnG0OLLb6zqylfDJKZ0DcMDQj3dcE +I2bw/FWAp/tmGYI1Z2JwOV5vx+qQQEQIHriy1tvuWacNGHk0vFQYXlPKNFHtRQrmjseCNj6nOGOp +MCwXEGCSn1WHElkQwg9naRHMTh5+Spqtr0CodaxWkHS4oJyleW/c6RrIaQXpuvoDs3zk4E7Czp3o +tkYNbn5XOmeUwssfnHdKZ05phkOTOPu220+DkdRgfks+KzgHVZhepA== +-----END CERTIFICATE----- + +Verisign Class 3 Public Primary Certification Authority +======================================================= +-----BEGIN CERTIFICATE----- +MIICPDCCAaUCEDyRMcsf9tAbDpq40ES/Er4wDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCVVMx +FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmltYXJ5 +IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDEyOTAwMDAwMFoXDTI4MDgwMjIzNTk1OVow +XzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAz +IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUA +A4GNADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhEBarsAx94 +f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/isI19wKTakyYbnsZogy1Ol +hec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBABByUqkFFBky +CEHwxWsKzH4PIRnN5GfcX6kb5sroc50i2JhucwNhkcV8sEVAbkSdjbCxlnRhLQ2pRdKkkirWmnWX +bj9T/UWZYB2oK0z5XqcJ2HUw19JlYD1n1khVdWk/kfVIC0dpImmClr7JyDiGSnoscxlIaU5rfGW/ +D/xwzoiQ +-----END CERTIFICATE----- + +Microsec e-Szigno Root CA 2009 +============================== +-----BEGIN CERTIFICATE----- +MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYDVQQGEwJIVTER +MA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jv +c2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5o +dTAeFw0wOTA2MTYxMTMwMThaFw0yOTEyMzAxMTMwMThaMIGCMQswCQYDVQQGEwJIVTERMA8GA1UE +BwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUt +U3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOn4j/NjrdqG2KfgQvvPkd6mJviZpWNwrZuuyjNA +fW2WbqEORO7hE52UQlKavXWFdCyoDh2Tthi3jCyoz/tccbna7P7ofo/kLx2yqHWH2Leh5TvPmUpG +0IMZfcChEhyVbUr02MelTTMuhTlAdX4UfIASmFDHQWe4oIBhVKZsTh/gnQ4H6cm6M+f+wFUoLAKA +pxn1ntxVUwOXewdI/5n7N4okxFnMUBBjjqqpGrCEGob5X7uxUG6k0QrM1XF+H6cbfPVTbiJfyyvm +1HxdrtbCxkzlBQHZ7Vf8wSN5/PrIJIOV87VqUQHQd9bpEqH5GoP7ghu5sJf0dgYzQ0mg/wu1+rUC +AwEAAaOBgDB+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTLD8bf +QkPMPcu1SCOhGnqmKrs0aDAfBgNVHSMEGDAWgBTLD8bfQkPMPcu1SCOhGnqmKrs0aDAbBgNVHREE +FDASgRBpbmZvQGUtc3ppZ25vLmh1MA0GCSqGSIb3DQEBCwUAA4IBAQDJ0Q5eLtXMs3w+y/w9/w0o +lZMEyL/azXm4Q5DwpL7v8u8hmLzU1F0G9u5C7DBsoKqpyvGvivo/C3NqPuouQH4frlRheesuCDfX +I/OMn74dseGkddug4lQUsbocKaQY9hK6ohQU4zE1yED/t+AFdlfBHFny+L/k7SViXITwfn4fs775 +tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c2Pm2G2JwCz02 +yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5tHMN1Rq41Bab2XD0h7lbwyYIi +LXpUq3DDfSJlgnCW +-----END CERTIFICATE----- + +E-Guven Kok Elektronik Sertifika Hizmet Saglayicisi +=================================================== +-----BEGIN CERTIFICATE----- +MIIDtjCCAp6gAwIBAgIQRJmNPMADJ72cdpW56tustTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQG +EwJUUjEoMCYGA1UEChMfRWxla3Ryb25payBCaWxnaSBHdXZlbmxpZ2kgQS5TLjE8MDoGA1UEAxMz +ZS1HdXZlbiBLb2sgRWxla3Ryb25payBTZXJ0aWZpa2EgSGl6bWV0IFNhZ2xheWljaXNpMB4XDTA3 +MDEwNDExMzI0OFoXDTE3MDEwNDExMzI0OFowdTELMAkGA1UEBhMCVFIxKDAmBgNVBAoTH0VsZWt0 +cm9uaWsgQmlsZ2kgR3V2ZW5saWdpIEEuUy4xPDA6BgNVBAMTM2UtR3V2ZW4gS29rIEVsZWt0cm9u +aWsgU2VydGlmaWthIEhpem1ldCBTYWdsYXlpY2lzaTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC +AQoCggEBAMMSIJ6wXgBljU5Gu4Bc6SwGl9XzcslwuedLZYDBS75+PNdUMZTe1RK6UxYC6lhj71vY +8+0qGqpxSKPcEC1fX+tcS5yWCEIlKBHMilpiAVDV6wlTL/jDj/6z/P2douNffb7tC+Bg62nsM+3Y +jfsSSYMAyYuXjDtzKjKzEve5TfL0TW3H5tYmNwjy2f1rXKPlSFxYvEK+A1qBuhw1DADT9SN+cTAI +JjjcJRFHLfO6IxClv7wC90Nex/6wN1CZew+TzuZDLMN+DfIcQ2Zgy2ExR4ejT669VmxMvLz4Bcpk +9Ok0oSy1c+HCPujIyTQlCFzz7abHlJ+tiEMl1+E5YP6sOVkCAwEAAaNCMEAwDgYDVR0PAQH/BAQD +AgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFJ/uRLOU1fqRTy7ZVZoEVtstxNulMA0GCSqG +SIb3DQEBBQUAA4IBAQB/X7lTW2M9dTLn+sR0GstG30ZpHFLPqk/CaOv/gKlR6D1id4k9CnU58W5d +F4dvaAXBlGzZXd/aslnLpRCKysw5zZ/rTt5S/wzw9JKp8mxTq5vSR6AfdPebmvEvFZ96ZDAYBzwq +D2fK/A+JYZ1lpTzlvBNbCNvj/+27BrtqBrF6T2XGgv0enIu1De5Iu7i9qgi0+6N8y5/NkHZchpZ4 +Vwpm+Vganf2XKWDeEaaQHBkc7gGWIjQ0LpH5t8Qn0Xvmv/uARFoW5evg1Ao4vOSR49XrXMGs3xtq +fJ7lddK2l4fbzIcrQzqECK+rPNv3PGYxhrCdU3nt+CPeQuMtgvEP5fqX +-----END CERTIFICATE----- + +GlobalSign Root CA - R3 +======================= +-----BEGIN CERTIFICATE----- +MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4GA1UECxMXR2xv +YmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2Jh +bFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxT +aWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2ln +bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWt +iHL8RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsTgHeMCOFJ +0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmmKPZpO/bLyCiR5Z2KYVc3 +rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zdQQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjl +OCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZXriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2 +xmmFghcCAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE +FI/wS3+oLkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZURUm7 +lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMpjjM5RcOO5LlXbKr8 +EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK6fBdRoyV3XpYKBovHd7NADdBj+1E +bddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQXmcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18 +YIvDQVETI53O9zJrlAGomecsMx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7r +kpeDMdmztcpHWD9f +-----END CERTIFICATE----- + +TC TrustCenter Universal CA III +=============================== +-----BEGIN CERTIFICATE----- +MIID4TCCAsmgAwIBAgIOYyUAAQACFI0zFQLkbPQwDQYJKoZIhvcNAQEFBQAwezELMAkGA1UEBhMC +REUxHDAaBgNVBAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxJDAiBgNVBAsTG1RDIFRydXN0Q2VudGVy +IFVuaXZlcnNhbCBDQTEoMCYGA1UEAxMfVEMgVHJ1c3RDZW50ZXIgVW5pdmVyc2FsIENBIElJSTAe +Fw0wOTA5MDkwODE1MjdaFw0yOTEyMzEyMzU5NTlaMHsxCzAJBgNVBAYTAkRFMRwwGgYDVQQKExNU +QyBUcnVzdENlbnRlciBHbWJIMSQwIgYDVQQLExtUQyBUcnVzdENlbnRlciBVbml2ZXJzYWwgQ0Ex +KDAmBgNVBAMTH1RDIFRydXN0Q2VudGVyIFVuaXZlcnNhbCBDQSBJSUkwggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQDC2pxisLlxErALyBpXsq6DFJmzNEubkKLF5+cvAqBNLaT6hdqbJYUt +QCggbergvbFIgyIpRJ9Og+41URNzdNW88jBmlFPAQDYvDIRlzg9uwliT6CwLOunBjvvya8o84pxO +juT5fdMnnxvVZ3iHLX8LR7PH6MlIfK8vzArZQe+f/prhsq75U7Xl6UafYOPfjdN/+5Z+s7Vy+Eut +CHnNaYlAJ/Uqwa1D7KRTyGG299J5KmcYdkhtWyUB0SbFt1dpIxVbYYqt8Bst2a9c8SaQaanVDED1 +M4BDj5yjdipFtK+/fz6HP3bFzSreIMUWWMv5G/UPyw0RUmS40nZid4PxWJ//AgMBAAGjYzBhMB8G +A1UdIwQYMBaAFFbn4VslQ4Dg9ozhcbyO5YAvxEjiMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ +BAQDAgEGMB0GA1UdDgQWBBRW5+FbJUOA4PaM4XG8juWAL8RI4jANBgkqhkiG9w0BAQUFAAOCAQEA +g8ev6n9NCjw5sWi+e22JLumzCecYV42FmhfzdkJQEw/HkG8zrcVJYCtsSVgZ1OK+t7+rSbyUyKu+ +KGwWaODIl0YgoGhnYIg5IFHYaAERzqf2EQf27OysGh+yZm5WZ2B6dF7AbZc2rrUNXWZzwCUyRdhK +BgePxLcHsU0GDeGl6/R1yrqc0L2z0zIkTO5+4nYES0lT2PLpVDP85XEfPRRclkvxOvIAu2y0+pZV +CIgJwcyRGSmwIC3/yzikQOEXvnlhgP8HA4ZMTnsGnxGGjYnuJ8Tb4rwZjgvDwxPHLQNjO9Po5KIq +woIIlBZU8O8fJ5AluA0OKBtHd0e9HKgl8ZS0Zg== +-----END CERTIFICATE----- + +Autoridad de Certificacion Firmaprofesional CIF A62634068 +========================================================= +-----BEGIN CERTIFICATE----- +MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UEBhMCRVMxQjBA +BgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1hcHJvZmVzaW9uYWwgQ0lGIEE2 +MjYzNDA2ODAeFw0wOTA1MjAwODM4MTVaFw0zMDEyMzEwODM4MTVaMFExCzAJBgNVBAYTAkVTMUIw +QAYDVQQDDDlBdXRvcmlkYWQgZGUgQ2VydGlmaWNhY2lvbiBGaXJtYXByb2Zlc2lvbmFsIENJRiBB +NjI2MzQwNjgwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKlmuO6vj78aI14H9M2uDD +Utd9thDIAl6zQyrET2qyyhxdKJp4ERppWVevtSBC5IsP5t9bpgOSL/UR5GLXMnE42QQMcas9UX4P +B99jBVzpv5RvwSmCwLTaUbDBPLutN0pcyvFLNg4kq7/DhHf9qFD0sefGL9ItWY16Ck6WaVICqjaY +7Pz6FIMMNx/Jkjd/14Et5cS54D40/mf0PmbR0/RAz15iNA9wBj4gGFrO93IbJWyTdBSTo3OxDqqH +ECNZXyAFGUftaI6SEspd/NYrspI8IM/hX68gvqB2f3bl7BqGYTM+53u0P6APjqK5am+5hyZvQWyI +plD9amML9ZMWGxmPsu2bm8mQ9QEM3xk9Dz44I8kvjwzRAv4bVdZO0I08r0+k8/6vKtMFnXkIoctX +MbScyJCyZ/QYFpM6/EfY0XiWMR+6KwxfXZmtY4laJCB22N/9q06mIqqdXuYnin1oKaPnirjaEbsX +LZmdEyRG98Xi2J+Of8ePdG1asuhy9azuJBCtLxTa/y2aRnFHvkLfuwHb9H/TKI8xWVvTyQKmtFLK +bpf7Q8UIJm+K9Lv9nyiqDdVF8xM6HdjAeI9BZzwelGSuewvF6NkBiDkal4ZkQdU7hwxu+g/GvUgU +vzlN1J5Bto+WHWOWk9mVBngxaJ43BjuAiUVhOSPHG0SjFeUc+JIwuwIDAQABo4HvMIHsMBIGA1Ud +EwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRlzeurNR4APn7VdMActHNH +DhpkLzCBpgYDVR0gBIGeMIGbMIGYBgRVHSAAMIGPMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmZp +cm1hcHJvZmVzaW9uYWwuY29tL2NwczBcBggrBgEFBQcCAjBQHk4AUABhAHMAZQBvACAAZABlACAA +bABhACAAQgBvAG4AYQBuAG8AdgBhACAANAA3ACAAQgBhAHIAYwBlAGwAbwBuAGEAIAAwADgAMAAx +ADcwDQYJKoZIhvcNAQEFBQADggIBABd9oPm03cXF661LJLWhAqvdpYhKsg9VSytXjDvlMd3+xDLx +51tkljYyGOylMnfX40S2wBEqgLk9am58m9Ot/MPWo+ZkKXzR4Tgegiv/J2Wv+xYVxC5xhOW1//qk +R71kMrv2JYSiJ0L1ILDCExARzRAVukKQKtJE4ZYm6zFIEv0q2skGz3QeqUvVhyj5eTSSPi5E6PaP +T481PyWzOdxjKpBrIF/EUhJOlywqrJ2X3kjyo2bbwtKDlaZmp54lD+kLM5FlClrD2VQS3a/DTg4f +Jl4N3LON7NWBcN7STyQF82xO9UxJZo3R/9ILJUFI/lGExkKvgATP0H5kSeTy36LssUzAKh3ntLFl +osS88Zj0qnAHY7S42jtM+kAiMFsRpvAFDsYCA0irhpuF3dvd6qJ2gHN99ZwExEWN57kci57q13XR +crHedUTnQn3iV2t93Jm8PYMo6oCTjcVMZcFwgbg4/EMxsvYDNEeyrPsiBsse3RdHHF9mudMaotoR +saS8I8nkvof/uZS2+F0gStRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTD +KCOM/iczQ0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQBjLMi +6Et8Vcad+qMUu2WFbm5PEn4KPJ2V +-----END CERTIFICATE----- + +Izenpe.com +========== +-----BEGIN CERTIFICATE----- +MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4MQswCQYDVQQG +EwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6ZW5wZS5jb20wHhcNMDcxMjEz +MTMwODI4WhcNMzcxMjEzMDgyNzI1WjA4MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMu +QS4xEzARBgNVBAMMCkl6ZW5wZS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJ +03rKDx6sp4boFmVqscIbRTJxldn+EFvMr+eleQGPicPK8lVx93e+d5TzcqQsRNiekpsUOqHnJJAK +ClaOxdgmlOHZSOEtPtoKct2jmRXagaKH9HtuJneJWK3W6wyyQXpzbm3benhB6QiIEn6HLmYRY2xU ++zydcsC8Lv/Ct90NduM61/e0aL6i9eOBbsFGb12N4E3GVFWJGjMxCrFXuaOKmMPsOzTFlUFpfnXC +PCDFYbpRR6AgkJOhkEvzTnyFRVSa0QUmQbC1TR0zvsQDyCV8wXDbO/QJLVQnSKwv4cSsPsjLkkxT +OTcj7NMB+eAJRE1NZMDhDVqHIrytG6P+JrUV86f8hBnp7KGItERphIPzidF0BqnMC9bC3ieFUCbK +F7jJeodWLBoBHmy+E60QrLUk9TiRodZL2vG70t5HtfG8gfZZa88ZU+mNFctKy6lvROUbQc/hhqfK +0GqfvEyNBjNaooXlkDWgYlwWTvDjovoDGrQscbNYLN57C9saD+veIR8GdwYDsMnvmfzAuU8Lhij+ +0rnq49qlw0dpEuDb8PYZi+17cNcC1u2HGCgsBCRMd+RIihrGO5rUD8r6ddIBQFqNeb+Lz0vPqhbB +leStTIo+F5HUsWLlguWABKQDfo2/2n+iD5dPDNMN+9fR5XJ+HMh3/1uaD7euBUbl8agW7EekFwID +AQABo4H2MIHzMIGwBgNVHREEgagwgaWBD2luZm9AaXplbnBlLmNvbaSBkTCBjjFHMEUGA1UECgw+ +SVpFTlBFIFMuQS4gLSBDSUYgQTAxMzM3MjYwLVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBG +NjIgUzgxQzBBBgNVBAkMOkF2ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAwMTAx +MCBWaXRvcmlhLUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0O +BBYEFB0cZQ6o8iV7tJHP5LGx5r1VdGwFMA0GCSqGSIb3DQEBCwUAA4ICAQB4pgwWSp9MiDrAyw6l +Fn2fuUhfGI8NYjb2zRlrrKvV9pF9rnHzP7MOeIWblaQnIUdCSnxIOvVFfLMMjlF4rJUT3sb9fbga +kEyrkgPH7UIBzg/YsfqikuFgba56awmqxinuaElnMIAkejEWOVt+8Rwu3WwJrfIxwYJOubv5vr8q +hT/AQKM6WfxZSzwoJNu0FXWuDYi6LnPAvViH5ULy617uHjAimcs30cQhbIHsvm0m5hzkQiCeR7Cs +g1lwLDXWrzY0tM07+DKo7+N4ifuNRSzanLh+QBxh5z6ikixL8s36mLYp//Pye6kfLqCTVyvehQP5 +aTfLnnhqBbTFMXiJ7HqnheG5ezzevh55hM6fcA5ZwjUukCox2eRFekGkLhObNA5me0mrZJfQRsN5 +nXJQY6aYWwa9SG3YOYNw6DXwBdGqvOPbyALqfP2C2sJbUjWumDqtujWTI6cfSN01RpiyEGjkpTHC +ClguGYEQyVB1/OpaFs4R1+7vUIgtYf8/QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZo +Q0iy2+tzJOeRf1SktoA+naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1Z +WrOZyGlsQyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw== +-----END CERTIFICATE----- + +Chambers of Commerce Root - 2008 +================================ +-----BEGIN CERTIFICATE----- +MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYDVQQGEwJFVTFD +MEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNv +bS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMu +QS4xKTAnBgNVBAMTIENoYW1iZXJzIG9mIENvbW1lcmNlIFJvb3QgLSAyMDA4MB4XDTA4MDgwMTEy +Mjk1MFoXDTM4MDczMTEyMjk1MFowga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNl +ZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQF +EwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJl +cnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC +AQCvAMtwNyuAWko6bHiUfaN/Gh/2NdW928sNRHI+JrKQUrpjOyhYb6WzbZSm891kDFX29ufyIiKA +XuFixrYp4YFs8r/lfTJqVKAyGVn+H4vXPWCGhSRv4xGzdz4gljUha7MI2XAuZPeEklPWDrCQiorj +h40G072QDuKZoRuGDtqaCrsLYVAGUvGef3bsyw/QHg3PmTA9HMRFEFis1tPo1+XqxQEHd9ZR5gN/ +ikilTWh1uem8nk4ZcfUyS5xtYBkL+8ydddy/Js2Pk3g5eXNeJQ7KXOt3EgfLZEFHcpOrUMPrCXZk +NNI5t3YRCQ12RcSprj1qr7V9ZS+UWBDsXHyvfuK2GNnQm05aSd+pZgvMPMZ4fKecHePOjlO+Bd5g +D2vlGts/4+EhySnB8esHnFIbAURRPHsl18TlUlRdJQfKFiC4reRB7noI/plvg6aRArBsNlVq5331 +lubKgdaX8ZSD6e2wsWsSaR6s+12pxZjptFtYer49okQ6Y1nUCyXeG0+95QGezdIp1Z8XGQpvvwyQ +0wlf2eOKNcx5Wk0ZN5K3xMGtr/R5JJqyAQuxr1yW84Ay+1w9mPGgP0revq+ULtlVmhduYJ1jbLhj +ya6BXBg14JC7vjxPNyK5fuvPnnchpj04gftI2jE9K+OJ9dC1vX7gUMQSibMjmhAxhduub+84Mxh2 +EQIDAQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBDDAdBgNVHQ4EFgQU+SSsD7K1+HnA+mCI +G8TZTQKeFxkwgeMGA1UdIwSB2zCB2IAU+SSsD7K1+HnA+mCIG8TZTQKeFxmhgbSkgbEwga4xCzAJ +BgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNh +bWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENh +bWVyZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDiC +CQCj2kJ+pLGu2jAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUH +AgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZIhvcNAQEFBQADggIBAJASryI1 +wqM58C7e6bXpeHxIvj99RZJe6dqxGfwWPJ+0W2aeaufDuV2I6A+tzyMP3iU6XsxPpcG1Lawk0lgH +3qLPaYRgM+gQDROpI9CF5Y57pp49chNyM/WqfcZjHwj0/gF/JM8rLFQJ3uIrbZLGOU8W6jx+ekbU +RWpGqOt1glanq6B8aBMz9p0w8G8nOSQjKpD9kCk18pPfNKXG9/jvjA9iSnyu0/VU+I22mlaHFoI6 +M6taIgj3grrqLuBHmrS1RaMFO9ncLkVAO+rcf+g769HsJtg1pDDFOqxXnrN2pSB7+R5KBWIBpih1 +YJeSDW4+TTdDDZIVnBgizVGZoCkaPF+KMjNbMMeJL0eYD6MDxvbxrN8y8NmBGuScvfaAFPDRLLmF +9dijscilIeUcE5fuDr3fKanvNFNb0+RqE4QGtjICxFKuItLcsiFCGtpA8CnJ7AoMXOLQusxI0zcK +zBIKinmwPQN/aUv0NCB9szTqjktk9T79syNnFQ0EuPAtwQlRPLJsFfClI9eDdOTlLsn+mCdCxqvG +nrDQWzilm1DefhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg +OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZd0jQ +-----END CERTIFICATE----- + +Global Chambersign Root - 2008 +============================== +-----BEGIN CERTIFICATE----- +MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYDVQQGEwJFVTFD +MEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNv +bS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMu +QS4xJzAlBgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwODAeFw0wODA4MDExMjMx +NDBaFw0zODA3MzExMjMxNDBaMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUg +Y3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJ +QTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBD +aGFtYmVyc2lnbiBSb290IC0gMjAwODCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMDf +VtPkOpt2RbQT2//BthmLN0EYlVJH6xedKYiONWwGMi5HYvNJBL99RDaxccy9Wglz1dmFRP+RVyXf +XjaOcNFccUMd2drvXNL7G706tcuto8xEpw2uIRU/uXpbknXYpBI4iRmKt4DS4jJvVpyR1ogQC7N0 +ZJJ0YPP2zxhPYLIj0Mc7zmFLmY/CDNBAspjcDahOo7kKrmCgrUVSY7pmvWjg+b4aqIG7HkF4ddPB +/gBVsIdU6CeQNR1MM62X/JcumIS/LMmjv9GYERTtY/jKmIhYF5ntRQOXfjyGHoiMvvKRhI9lNNgA +TH23MRdaKXoKGCQwoze1eqkBfSbW+Q6OWfH9GzO1KTsXO0G2Id3UwD2ln58fQ1DJu7xsepeY7s2M +H/ucUa6LcL0nn3HAa6x9kGbo1106DbDVwo3VyJ2dwW3Q0L9R5OP4wzg2rtandeavhENdk5IMagfe +Ox2YItaswTXbo6Al/3K1dh3ebeksZixShNBFks4c5eUzHdwHU1SjqoI7mjcv3N2gZOnm3b2u/GSF +HTynyQbehP9r6GsaPMWis0L7iwk+XwhSx2LE1AVxv8Rk5Pihg+g+EpuoHtQ2TS9x9o0o9oOpE9Jh +wZG7SMA0j0GMS0zbaRL/UJScIINZc+18ofLx/d33SdNDWKBWY8o9PeU1VlnpDsogzCtLkykPAgMB +AAGjggFqMIIBZjASBgNVHRMBAf8ECDAGAQH/AgEMMB0GA1UdDgQWBBS5CcqcHtvTbDprru1U8VuT +BjUuXjCB4QYDVR0jBIHZMIHWgBS5CcqcHtvTbDprru1U8VuTBjUuXqGBsqSBrzCBrDELMAkGA1UE +BhMCRVUxQzBBBgNVBAcTOk1hZHJpZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJm +aXJtYS5jb20vYWRkcmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJm +aXJtYSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAtIDIwMDiCCQDJzdPp +1X0jzjAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0 +dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZIhvcNAQEFBQADggIBAICIf3DekijZBZRG +/5BXqfEv3xoNa/p8DhxJJHkn2EaqbylZUohwEurdPfWbU1Rv4WCiqAm57OtZfMY18dwY6fFn5a+6 +ReAJ3spED8IXDneRRXozX1+WLGiLwUePmJs9wOzL9dWCkoQ10b42OFZyMVtHLaoXpGNR6woBrX/s +dZ7LoR/xfxKxueRkf2fWIyr0uDldmOghp+G9PUIadJpwr2hsUF1Jz//7Dl3mLEfXgTpZALVza2Mg +9jFFCDkO9HB+QHBaP9BrQql0PSgvAm11cpUJjUhjxsYjV5KTXjXBjfkK9yydYhz2rXzdpjEetrHH +foUm+qRqtdpjMNHvkzeyZi99Bffnt0uYlDXA2TopwZ2yUDMdSqlapskD7+3056huirRXhOukP9Du +qqqHW2Pok+JrqNS4cnhrG+055F3Lm6qH1U9OAP7Zap88MQ8oAgF9mOinsKJknnn4SPIVqczmyETr +P3iZ8ntxPjzxmKfFGBI/5rsoM0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVq +c5iJWzouE4gev8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z +09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/B +-----END CERTIFICATE----- + +Go Daddy Root Certificate Authority - G2 +======================================== +-----BEGIN CERTIFICATE----- +MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT +B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdvRGFkZHkuY29tLCBJbmMu +MTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5 +MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgYMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6 +b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8G +A1UEAxMoR28gRGFkZHkgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAL9xYgjx+lk09xvJGKP3gElY6SKDE6bFIEMBO4Tx5oVJnyfq +9oQbTqC023CYxzIBsQU+B07u9PpPL1kwIuerGVZr4oAH/PMWdYA5UXvl+TW2dE6pjYIT5LY/qQOD ++qK+ihVqf94Lw7YZFAXK6sOoBJQ7RnwyDfMAZiLIjWltNowRGLfTshxgtDj6AozO091GB94KPutd +fMh8+7ArU6SSYmlRJQVhGkSBjCypQ5Yj36w6gZoOKcUcqeldHraenjAKOc7xiID7S13MMuyFYkMl +NAJWJwGRtDtwKj9useiciAF9n9T521NtYJ2/LOdYq7hfRvzOxBsDPAnrSTFcaUaz4EcCAwEAAaNC +MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFDqahQcQZyi27/a9 +BUFuIMGU2g/eMA0GCSqGSIb3DQEBCwUAA4IBAQCZ21151fmXWWcDYfF+OwYxdS2hII5PZYe096ac +vNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu9tfeE8tTEH6KRtGX+rcuKxGrkLAngPnon1rpN5+r +5N9ss4UXnT3ZJE95kTXWXwTrgIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYV +N8Gb5DKj7Tjo2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO +LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI4uJEvlz36hz1 +-----END CERTIFICATE----- + +Starfield Root Certificate Authority - G2 +========================================= +-----BEGIN CERTIFICATE----- +MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT +B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9s +b2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVsZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0 +eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAlVTMRAw +DgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQg +VGVjaG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZpY2F0ZSBB +dXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL3twQP89o/8ArFv +W59I2Z154qK3A2FWGMNHttfKPTUuiUP3oWmb3ooa/RMgnLRJdzIpVv257IzdIvpy3Cdhl+72WoTs +bhm5iSzchFvVdPtrX8WJpRBSiUZV9Lh1HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNk +N3mSwOxGXn/hbVNMYq/NHwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uLicFZ8WJ/X7Nf +ZTD4p7dNdloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzRmZTRouNjWwl2tVZi4Ut0HZbU +JtQIBFnQmA4O5t78w+wfkPECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC +AQYwHQYDVR0OBBYEFHwMMh+n2TB/xH1oo2Kooc6rB1snMA0GCSqGSIb3DQEBCwUAA4IBAQARWfol +TwNvlJk7mh+ChTnUdgWUXuEok21iXQnCoKjUsHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx +4mcujJUDJi5DnUox9g61DLu34jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUw +F5okxBDgBPfg8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K +pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1mMpYjn0q7pBZ +c2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0 +-----END CERTIFICATE----- + +Starfield Services Root Certificate Authority - G2 +================================================== +-----BEGIN CERTIFICATE----- +MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgT +B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9s +b2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRl +IEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgZgxCzAJBgNV +BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxT +dGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTswOQYDVQQDEzJTdGFyZmllbGQgU2VydmljZXMg +Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC +AQoCggEBANUMOsQq+U7i9b4Zl1+OiFOxHz/Lz58gE20pOsgPfTz3a3Y4Y9k2YKibXlwAgLIvWX/2 +h/klQ4bnaRtSmpDhcePYLQ1Ob/bISdm28xpWriu2dBTrz/sm4xq6HZYuajtYlIlHVv8loJNwU4Pa +hHQUw2eeBGg6345AWh1KTs9DkTvnVtYAcMtS7nt9rjrnvDH5RfbCYM8TWQIrgMw0R9+53pBlbQLP +LJGmpufehRhJfGZOozptqbXuNC66DQO4M99H67FrjSXZm86B0UVGMpZwh94CDklDhbZsc7tk6mFB +rMnUVN+HL8cisibMn1lUaJ/8viovxFUcdUBgF4UCVTmLfwUCAwEAAaNCMEAwDwYDVR0TAQH/BAUw +AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJxfAN+qAdcwKziIorhtSpzyEZGDMA0GCSqG +SIb3DQEBCwUAA4IBAQBLNqaEd2ndOxmfZyMIbw5hyf2E3F/YNoHN2BtBLZ9g3ccaaNnRbobhiCPP +E95Dz+I0swSdHynVv/heyNXBve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTy +xQGjhdByPq1zqwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd +iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn0q23KXB56jza +YyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCNsSi6 +-----END CERTIFICATE----- + +AffirmTrust Commercial +====================== +-----BEGIN CERTIFICATE----- +MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UEBhMCVVMxFDAS +BgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBDb21tZXJjaWFsMB4XDTEw +MDEyOTE0MDYwNloXDTMwMTIzMTE0MDYwNlowRDELMAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmly +bVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBDb21tZXJjaWFsMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEA9htPZwcroRX1BiLLHwGy43NFBkRJLLtJJRTWzsO3qyxPxkEylFf6Eqdb +DuKPHx6GGaeqtS25Xw2Kwq+FNXkyLbscYjfysVtKPcrNcV/pQr6U6Mje+SJIZMblq8Yrba0F8PrV +C8+a5fBQpIs7R6UjW3p6+DM/uO+Zl+MgwdYoic+U+7lF7eNAFxHUdPALMeIrJmqbTFeurCA+ukV6 +BfO9m2kVrn1OIGPENXY6BwLJN/3HR+7o8XYdcxXyl6S1yHp52UKqK39c/s4mT6NmgTWvRLpUHhww +MmWd5jyTXlBOeuM61G7MGvv50jeuJCqrVwMiKA1JdX+3KNp1v47j3A55MQIDAQABo0IwQDAdBgNV +HQ4EFgQUnZPGU4teyq8/nx4P5ZmVvCT2lI8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC +AQYwDQYJKoZIhvcNAQELBQADggEBAFis9AQOzcAN/wr91LoWXym9e2iZWEnStB03TX8nfUYGXUPG +hi4+c7ImfU+TqbbEKpqrIZcUsd6M06uJFdhrJNTxFq7YpFzUf1GO7RgBsZNjvbz4YYCanrHOQnDi +qX0GJX0nof5v7LMeJNrjS1UaADs1tDvZ110w/YETifLCBivtZ8SOyUOyXGsViQK8YvxO8rUzqrJv +0wqiUOP2O+guRMLbZjipM1ZI8W0bM40NjD9gN53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0kh +sUlHRUe072o0EclNmsxZt9YCnlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8= +-----END CERTIFICATE----- + +AffirmTrust Networking +====================== +-----BEGIN CERTIFICATE----- +MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UEBhMCVVMxFDAS +BgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBOZXR3b3JraW5nMB4XDTEw +MDEyOTE0MDgyNFoXDTMwMTIzMTE0MDgyNFowRDELMAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmly +bVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBOZXR3b3JraW5nMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAtITMMxcua5Rsa2FSoOujz3mUTOWUgJnLVWREZY9nZOIG41w3SfYvm4SE +Hi3yYJ0wTsyEheIszx6e/jarM3c1RNg1lho9Nuh6DtjVR6FqaYvZ/Ls6rnla1fTWcbuakCNrmreI +dIcMHl+5ni36q1Mr3Lt2PpNMCAiMHqIjHNRqrSK6mQEubWXLviRmVSRLQESxG9fhwoXA3hA/Pe24 +/PHxI1Pcv2WXb9n5QHGNfb2V1M6+oF4nI979ptAmDgAp6zxG8D1gvz9Q0twmQVGeFDdCBKNwV6gb +h+0t+nvujArjqWaJGctB+d1ENmHP4ndGyH329JKBNv3bNPFyfvMMFr20FQIDAQABo0IwQDAdBgNV +HQ4EFgQUBx/S55zawm6iQLSwelAQUHTEyL0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC +AQYwDQYJKoZIhvcNAQEFBQADggEBAIlXshZ6qML91tmbmzTCnLQyFE2npN/svqe++EPbkTfOtDIu +UFUaNU52Q3Eg75N3ThVwLofDwR1t3Mu1J9QsVtFSUzpE0nPIxBsFZVpikpzuQY0x2+c06lkh1QF6 +12S4ZDnNye2v7UsDSKegmQGA3GWjNq5lWUhPgkvIZfFXHeVZLgo/bNjR9eUJtGxUAArgFU2HdW23 +WJZa3W3SAKD0m0i+wzekujbgfIeFlxoVot4uolu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9 +/ZFvgrG+CJPbFEfxojfHRZ48x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9s= +-----END CERTIFICATE----- + +AffirmTrust Premium +=================== +-----BEGIN CERTIFICATE----- +MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UEBhMCVVMxFDAS +BgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVzdCBQcmVtaXVtMB4XDTEwMDEy +OTE0MTAzNloXDTQwMTIzMTE0MTAzNlowQTELMAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRy +dXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVzdCBQcmVtaXVtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A +MIICCgKCAgEAxBLfqV/+Qd3d9Z+K4/as4Tx4mrzY8H96oDMq3I0gW64tb+eT2TZwamjPjlGjhVtn +BKAQJG9dKILBl1fYSCkTtuG+kU3fhQxTGJoeJKJPj/CihQvL9Cl/0qRY7iZNyaqoe5rZ+jjeRFcV +5fiMyNlI4g0WJx0eyIOFJbe6qlVBzAMiSy2RjYvmia9mx+n/K+k8rNrSs8PhaJyJ+HoAVt70VZVs ++7pk3WKL3wt3MutizCaam7uqYoNMtAZ6MMgpv+0GTZe5HMQxK9VfvFMSF5yZVylmd2EhMQcuJUmd +GPLu8ytxjLW6OQdJd/zvLpKQBY0tL3d770O/Nbua2Plzpyzy0FfuKE4mX4+QaAkvuPjcBukumj5R +p9EixAqnOEhss/n/fauGV+O61oV4d7pD6kh/9ti+I20ev9E2bFhc8e6kGVQa9QPSdubhjL08s9NI +S+LI+H+SqHZGnEJlPqQewQcDWkYtuJfzt9WyVSHvutxMAJf7FJUnM7/oQ0dG0giZFmA7mn7S5u04 +6uwBHjxIVkkJx0w3AJ6IDsBz4W9m6XJHMD4Q5QsDyZpCAGzFlH5hxIrff4IaC1nEWTJ3s7xgaVY5 +/bQGeyzWZDbZvUjthB9+pSKPKrhC9IK31FOQeE4tGv2Bb0TXOwF0lkLgAOIua+rF7nKsu7/+6qqo ++Nz2snmKtmcCAwEAAaNCMEAwHQYDVR0OBBYEFJ3AZ6YMItkm9UWrpmVSESfYRaxjMA8GA1UdEwEB +/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBDAUAA4ICAQCzV00QYk465KzquByv +MiPIs0laUZx2KI15qldGF9X1Uva3ROgIRL8YhNILgM3FEv0AVQVhh0HctSSePMTYyPtwni94loMg +Nt58D2kTiKV1NpgIpsbfrM7jWNa3Pt668+s0QNiigfV4Py/VpfzZotReBA4Xrf5B8OWycvpEgjNC +6C1Y91aMYj+6QrCcDFx+LmUmXFNPALJ4fqENmS2NuB2OosSw/WDQMKSOyARiqcTtNd56l+0OOF6S +L5Nwpamcb6d9Ex1+xghIsV5n61EIJenmJWtSKZGc0jlzCFfemQa0W50QBuHCAKi4HEoCChTQwUHK ++4w1IX2COPKpVJEZNZOUbWo6xbLQu4mGk+ibyQ86p3q4ofB4Rvr8Ny/lioTz3/4E2aFooC8k4gmV +BtWVyuEklut89pMFu+1z6S3RdTnX5yTb2E5fQ4+e0BQ5v1VwSJlXMbSc7kqYA5YwH2AG7hsj/oFg +IxpHYoWlzBk0gG+zrBrjn/B7SK3VAdlntqlyk+otZrWyuOQ9PLLvTIzq6we/qzWaVYa8GKa1qF60 +g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaORtGdFNrHF+QFlozEJLUb +zxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6eKeC2uAloGRwYQw== +-----END CERTIFICATE----- + +AffirmTrust Premium ECC +======================= +-----BEGIN CERTIFICATE----- +MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMCVVMxFDASBgNV +BAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQcmVtaXVtIEVDQzAeFw0xMDAx +MjkxNDIwMjRaFw00MDEyMzExNDIwMjRaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1U +cnVzdDEgMB4GA1UEAwwXQWZmaXJtVHJ1c3QgUHJlbWl1bSBFQ0MwdjAQBgcqhkjOPQIBBgUrgQQA +IgNiAAQNMF4bFZ0D0KF5Nbc6PJJ6yhUczWLznCZcBz3lVPqj1swS6vQUX+iOGasvLkjmrBhDeKzQ +N8O9ss0s5kfiGuZjuD0uL3jET9v0D6RoTFVya5UdThhClXjMNzyR4ptlKymjQjBAMB0GA1UdDgQW +BBSaryl6wBE1NSZRMADDav5A1a7WPDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAK +BggqhkjOPQQDAwNnADBkAjAXCfOHiFBar8jAQr9HX/VsaobgxCd05DhT1wV/GzTjxi+zygk8N53X +57hG8f2h4nECMEJZh0PUUd+60wkyWs6Iflc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKM +eQ== +-----END CERTIFICATE----- + +Certum Trusted Network CA +========================= +-----BEGIN CERTIFICATE----- +MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBMMSIwIAYDVQQK +ExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlv +biBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBUcnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIy +MTIwNzM3WhcNMjkxMjMxMTIwNzM3WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBU +ZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 +MSIwIAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rHUV+rpDKmYYe2bg+G0jAC +l/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LMTXPb865Px1bVWqeWifrzq2jUI4ZZJ88J +J7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVUBBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4 +fOQtf/WsX+sWn7Et0brMkUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0 +cvW0QM8xAcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNVHRMB +Af8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNVHQ8BAf8EBAMCAQYw +DQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15ysHhE49wcrwn9I0j6vSrEuVUEtRCj +jSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfLI9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1 +mS1FhIrlQgnXdAIv94nYmem8J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5aj +Zt3hrvJBW8qYVoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI +03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw= +-----END CERTIFICATE----- + +Certinomis - AutoritÃ© Racine +============================= +-----BEGIN CERTIFICATE----- +MIIFnDCCA4SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJGUjETMBEGA1UEChMK +Q2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxJjAkBgNVBAMMHUNlcnRpbm9taXMg +LSBBdXRvcml0w6kgUmFjaW5lMB4XDTA4MDkxNzA4Mjg1OVoXDTI4MDkxNzA4Mjg1OVowYzELMAkG +A1UEBhMCRlIxEzARBgNVBAoTCkNlcnRpbm9taXMxFzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMSYw +JAYDVQQDDB1DZXJ0aW5vbWlzIC0gQXV0b3JpdMOpIFJhY2luZTCCAiIwDQYJKoZIhvcNAQEBBQAD +ggIPADCCAgoCggIBAJ2Fn4bT46/HsmtuM+Cet0I0VZ35gb5j2CN2DpdUzZlMGvE5x4jYF1AMnmHa +wE5V3udauHpOd4cN5bjr+p5eex7Ezyh0x5P1FMYiKAT5kcOrJ3NqDi5N8y4oH3DfVS9O7cdxbwly +Lu3VMpfQ8Vh30WC8Tl7bmoT2R2FFK/ZQpn9qcSdIhDWerP5pqZ56XjUl+rSnSTV3lqc2W+HN3yNw +2F1MpQiD8aYkOBOo7C+ooWfHpi2GR+6K/OybDnT0K0kCe5B1jPyZOQE51kqJ5Z52qz6WKDgmi92N +jMD2AR5vpTESOH2VwnHu7XSu5DaiQ3XV8QCb4uTXzEIDS3h65X27uK4uIJPT5GHfceF2Z5c/tt9q +c1pkIuVC28+BA5PY9OMQ4HL2AHCs8MF6DwV/zzRpRbWT5BnbUhYjBYkOjUjkJW+zeL9i9Qf6lSTC +lrLooyPCXQP8w9PlfMl1I9f09bze5N/NgL+RiH2nE7Q5uiy6vdFrzPOlKO1Enn1So2+WLhl+HPNb +xxaOu2B9d2ZHVIIAEWBsMsGoOBvrbpgT1u449fCfDu/+MYHB0iSVL1N6aaLwD4ZFjliCK0wi1F6g +530mJ0jfJUaNSih8hp75mxpZuWW/Bd22Ql095gBIgl4g9xGC3srYn+Y3RyYe63j3YcNBZFgCQfna +4NH4+ej9Uji29YnfAgMBAAGjWzBZMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G +A1UdDgQWBBQNjLZh2kS40RR9w759XkjwzspqsDAXBgNVHSAEEDAOMAwGCiqBegFWAgIAAQEwDQYJ +KoZIhvcNAQEFBQADggIBACQ+YAZ+He86PtvqrxyaLAEL9MW12Ukx9F1BjYkMTv9sov3/4gbIOZ/x +WqndIlgVqIrTseYyCYIDbNc/CMf4uboAbbnW/FIyXaR/pDGUu7ZMOH8oMDX/nyNTt7buFHAAQCva +R6s0fl6nVjBhK4tDrP22iCj1a7Y+YEq6QpA0Z43q619FVDsXrIvkxmUP7tCMXWY5zjKn2BCXwH40 +nJ+U8/aGH88bc62UeYdocMMzpXDn2NU4lG9jeeu/Cg4I58UvD0KgKxRA/yHgBcUn4YQRE7rWhh1B +CxMjidPJC+iKunqjo3M3NYB9Ergzd0A4wPpeMNLytqOx1qKVl4GbUu1pTP+A5FPbVFsDbVRfsbjv +JL1vnxHDx2TCDyhihWZeGnuyt++uNckZM6i4J9szVb9o4XVIRFb7zdNIu0eJOqxp9YDG5ERQL1TE +qkPFMTFYvZbF6nVsmnWxTfj3l/+WFvKXTej28xH5On2KOG4Ey+HTRRWqpdEdnV1j6CTmNhTih60b +WfVEm/vXd3wfAXBioSAaosUaKPQhA+4u2cGA6rnZgtZbdsLLO7XSAPCjDuGtbkD326C00EauFddE +wk01+dIL8hf2rGbVJLJP0RyZwG71fet0BLj5TXcJ17TPBzAJ8bgAVtkXFhYKK4bfjwEZGuW7gmP/ +vgt2Fl43N+bYdJeimUV5 +-----END CERTIFICATE----- + +Root CA Generalitat Valenciana +============================== +-----BEGIN CERTIFICATE----- +MIIGizCCBXOgAwIBAgIEO0XlaDANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJFUzEfMB0GA1UE +ChMWR2VuZXJhbGl0YXQgVmFsZW5jaWFuYTEPMA0GA1UECxMGUEtJR1ZBMScwJQYDVQQDEx5Sb290 +IENBIEdlbmVyYWxpdGF0IFZhbGVuY2lhbmEwHhcNMDEwNzA2MTYyMjQ3WhcNMjEwNzAxMTUyMjQ3 +WjBoMQswCQYDVQQGEwJFUzEfMB0GA1UEChMWR2VuZXJhbGl0YXQgVmFsZW5jaWFuYTEPMA0GA1UE +CxMGUEtJR1ZBMScwJQYDVQQDEx5Sb290IENBIEdlbmVyYWxpdGF0IFZhbGVuY2lhbmEwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGKqtXETcvIorKA3Qdyu0togu8M1JAJke+WmmmO3I2 +F0zo37i7L3bhQEZ0ZQKQUgi0/6iMweDHiVYQOTPvaLRfX9ptI6GJXiKjSgbwJ/BXufjpTjJ3Cj9B +ZPPrZe52/lSqfR0grvPXdMIKX/UIKFIIzFVd0g/bmoGlu6GzwZTNVOAydTGRGmKy3nXiz0+J2ZGQ +D0EbtFpKd71ng+CT516nDOeB0/RSrFOyA8dEJvt55cs0YFAQexvba9dHq198aMpunUEDEO5rmXte +JajCq+TA81yc477OMUxkHl6AovWDfgzWyoxVjr7gvkkHD6MkQXpYHYTqWBLI4bft75PelAgxAgMB +AAGjggM7MIIDNzAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLnBraS5n +dmEuZXMwEgYDVR0TAQH/BAgwBgEB/wIBAjCCAjQGA1UdIASCAiswggInMIICIwYKKwYBBAG/VQIB +ADCCAhMwggHoBggrBgEFBQcCAjCCAdoeggHWAEEAdQB0AG8AcgBpAGQAYQBkACAAZABlACAAQwBl +AHIAdABpAGYAaQBjAGEAYwBpAPMAbgAgAFIAYQDtAHoAIABkAGUAIABsAGEAIABHAGUAbgBlAHIA +YQBsAGkAdABhAHQAIABWAGEAbABlAG4AYwBpAGEAbgBhAC4ADQAKAEwAYQAgAEQAZQBjAGwAYQBy +AGEAYwBpAPMAbgAgAGQAZQAgAFAAcgDhAGMAdABpAGMAYQBzACAAZABlACAAQwBlAHIAdABpAGYA +aQBjAGEAYwBpAPMAbgAgAHEAdQBlACAAcgBpAGcAZQAgAGUAbAAgAGYAdQBuAGMAaQBvAG4AYQBt +AGkAZQBuAHQAbwAgAGQAZQAgAGwAYQAgAHAAcgBlAHMAZQBuAHQAZQAgAEEAdQB0AG8AcgBpAGQA +YQBkACAAZABlACAAQwBlAHIAdABpAGYAaQBjAGEAYwBpAPMAbgAgAHMAZQAgAGUAbgBjAHUAZQBu +AHQAcgBhACAAZQBuACAAbABhACAAZABpAHIAZQBjAGMAaQDzAG4AIAB3AGUAYgAgAGgAdAB0AHAA +OgAvAC8AdwB3AHcALgBwAGsAaQAuAGcAdgBhAC4AZQBzAC8AYwBwAHMwJQYIKwYBBQUHAgEWGWh0 +dHA6Ly93d3cucGtpLmd2YS5lcy9jcHMwHQYDVR0OBBYEFHs100DSHHgZZu90ECjcPk+yeAT8MIGV +BgNVHSMEgY0wgYqAFHs100DSHHgZZu90ECjcPk+yeAT8oWykajBoMQswCQYDVQQGEwJFUzEfMB0G +A1UEChMWR2VuZXJhbGl0YXQgVmFsZW5jaWFuYTEPMA0GA1UECxMGUEtJR1ZBMScwJQYDVQQDEx5S +b290IENBIEdlbmVyYWxpdGF0IFZhbGVuY2lhbmGCBDtF5WgwDQYJKoZIhvcNAQEFBQADggEBACRh +TvW1yEICKrNcda3FbcrnlD+laJWIwVTAEGmiEi8YPyVQqHxK6sYJ2fR1xkDar1CdPaUWu20xxsdz +Ckj+IHLtb8zog2EWRpABlUt9jppSCS/2bxzkoXHPjCpaF3ODR00PNvsETUlR4hTJZGH71BTg9J63 +NI8KJr2XXPR5OkowGcytT6CYirQxlyric21+eLj4iIlPsSKRZEv1UN4D2+XFducTZnV+ZfsBn5OH +iJ35Rld8TWCvmHMTI6QgkYH60GFmuH3Rr9ZvHmw96RH9qfmCIoaZM3Fa6hlXPZHNqcCjbgcTpsnt ++GijnsNacgmHKNHEc8RzGF9QdRYxn7fofMM= +-----END CERTIFICATE----- + +A-Trust-nQual-03 +================ +-----BEGIN CERTIFICATE----- +MIIDzzCCAregAwIBAgIDAWweMA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJBVDFIMEYGA1UE +Cgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy +a2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5RdWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5R +dWFsLTAzMB4XDTA1MDgxNzIyMDAwMFoXDTE1MDgxNzIyMDAwMFowgY0xCzAJBgNVBAYTAkFUMUgw +RgYDVQQKDD9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0 +ZW52ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMMEEEtVHJ1 +c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtPWFuA/OQO8BBC4SA +zewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUjlUC5B3ilJfYKvUWG6Nm9wASOhURh73+n +yfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZznF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPE +SU7l0+m0iKsMrmKS1GWH2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4 +iHQF63n1k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs2e3V +cuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECERqlWdV +eRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAVdRU0VlIXLOThaq/Yy/kgM40 +ozRiPvbY7meIMQQDbwvUB/tOdQ/TLtPAF8fGKOwGDREkDg6lXb+MshOWcdzUzg4NCmgybLlBMRmr +sQd7TZjTXLDR8KdCoLXEjq/+8T/0709GAHbrAvv5ndJAlseIOrifEXnzgGWovR/TeIGgUUw3tKZd +JXDRZslo+S4RFGjxVJgIrCaSD96JntT6s3kr0qN51OyLrIdTaEJMUVF0HhsnLuP1Hyl0Te2v9+GS +mYHovjrHF1D2t8b8m7CKa9aIA5GPBnc6hQLdmNVDeD/GMBWsm2vLV7eJUYs66MmEDNuxUCAKGkq6 +ahq97BvIxYSazQ== +-----END CERTIFICATE----- + +TWCA Root Certification Authority +================================= +-----BEGIN CERTIFICATE----- +MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzESMBAGA1UECgwJ +VEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkwHhcNMDgwODI4MDcyNDMzWhcNMzAxMjMxMTU1OTU5WjBfMQswCQYDVQQG +EwJUVzESMBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NB +IFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQCwfnK4pAOU5qfeCTiRShFAh6d8WWQUe7UREN3+v9XAu1bihSX0NXIP+FPQQeFEAcK0HMMx +QhZHhTMidrIKbw/lJVBPhYa+v5guEGcevhEFhgWQxFnQfHgQsIBct+HHK3XLfJ+utdGdIzdjp9xC +oi2SBBtQwXu4PhvJVgSLL1KbralW6cH/ralYhzC2gfeXRfwZVzsrb+RH9JlF/h3x+JejiB03HFyP +4HYlmlD4oFT/RJB2I9IyxsOrBr/8+7/zrX2SYgJbKdM1o5OaQ2RgXbL6Mv87BK9NQGr5x+PvI/1r +y+UPizgN7gr8/g+YnzAx3WxSZfmLgb4i4RxYA7qRG4kHAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIB +BjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqOFsmjd6LWvJPelSDGRjjCDWmujANBgkqhkiG +9w0BAQUFAAOCAQEAPNV3PdrfibqHDAhUaiBQkr6wQT25JmSDCi/oQMCXKCeCMErJk/9q56YAf4lC +mtYR5VPOL8zy2gXE/uJQxDqGfczafhAJO5I1KlOy/usrBdlsXebQ79NqZp4VKIV66IIArB6nCWlW +QtNoURi+VJq/REG6Sb4gumlc7rh3zc5sH62Dlhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVY +T0bf+215WfKEIlKuD8z7fDvnaspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocny +Yh0igzyXxfkZYiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw== +-----END CERTIFICATE----- + +Security Communication RootCA2 +============================== +-----BEGIN CERTIFICATE----- +MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDElMCMGA1UEChMc +U0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMeU2VjdXJpdHkgQ29tbXVuaWNh +dGlvbiBSb290Q0EyMB4XDTA5MDUyOTA1MDAzOVoXDTI5MDUyOTA1MDAzOVowXTELMAkGA1UEBhMC +SlAxJTAjBgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xJzAlBgNVBAsTHlNlY3Vy +aXR5IENvbW11bmljYXRpb24gUm9vdENBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +ANAVOVKxUrO6xVmCxF1SrjpDZYBLx/KWvNs2l9amZIyoXvDjChz335c9S672XewhtUGrzbl+dp++ ++T42NKA7wfYxEUV0kz1XgMX5iZnK5atq1LXaQZAQwdbWQonCv/Q4EpVMVAX3NuRFg3sUZdbcDE3R +3n4MqzvEFb46VqZab3ZpUql6ucjrappdUtAtCms1FgkQhNBqyjoGADdH5H5XTz+L62e4iKrFvlNV +spHEfbmwhRkGeC7bYRr6hfVKkaHnFtWOojnflLhwHyg/i/xAXmODPIMqGplrz95Zajv8bxbXH/1K +EOtOghY6rCcMU/Gt1SSwawNQwS08Ft1ENCcadfsCAwEAAaNCMEAwHQYDVR0OBBYEFAqFqXdlBZh8 +QIH4D5csOPEK7DzPMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEB +CwUAA4IBAQBMOqNErLlFsceTfsgLCkLfZOoc7llsCLqJX2rKSpWeeo8HxdpFcoJxDjrSzG+ntKEj +u/Ykn8sX/oymzsLS28yN/HH8AynBbF0zX2S2ZTuJbxh2ePXcokgfGT+Ok+vx+hfuzU7jBBJV1uXk +3fs+BXziHV7Gp7yXT2g69ekuCkO2r1dcYmh8t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6q +tnRGEmyR7jTV7JqR50S+kDFy1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29 +mvVXIwAHIRc/SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03 +-----END CERTIFICATE----- + +EC-ACC +====== +-----BEGIN CERTIFICATE----- +MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB8zELMAkGA1UE +BhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2VydGlmaWNhY2lvIChOSUYgUS0w +ODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYD +VQQLEyxWZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UE +CxMsSmVyYXJxdWlhIEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMT +BkVDLUFDQzAeFw0wMzAxMDcyMzAwMDBaFw0zMTAxMDcyMjU5NTlaMIHzMQswCQYDVQQGEwJFUzE7 +MDkGA1UEChMyQWdlbmNpYSBDYXRhbGFuYSBkZSBDZXJ0aWZpY2FjaW8gKE5JRiBRLTA4MDExNzYt +SSkxKDAmBgNVBAsTH1NlcnZlaXMgUHVibGljcyBkZSBDZXJ0aWZpY2FjaW8xNTAzBgNVBAsTLFZl +Z2V1IGh0dHBzOi8vd3d3LmNhdGNlcnQubmV0L3ZlcmFycmVsIChjKTAzMTUwMwYDVQQLEyxKZXJh +cnF1aWEgRW50aXRhdHMgZGUgQ2VydGlmaWNhY2lvIENhdGFsYW5lczEPMA0GA1UEAxMGRUMtQUND +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyLHT+KXQpWIR4NA9h0X84NzJB5R85iK +w5K4/0CQBXCHYMkAqbWUZRkiFRfCQ2xmRJoNBD45b6VLeqpjt4pEndljkYRm4CgPukLjbo73FCeT +ae6RDqNfDrHrZqJyTxIThmV6PttPB/SnCWDaOkKZx7J/sxaVHMf5NLWUhdWZXqBIoH7nF2W4onW4 +HvPlQn2v7fOKSGRdghST2MDk/7NQcvJ29rNdQlB50JQ+awwAvthrDk4q7D7SzIKiGGUzE3eeml0a +E9jD2z3Il3rucO2n5nzbcc8tlGLfbdb1OL4/pYUKGbio2Al1QnDE6u/LDsg0qBIimAy4E5S2S+zw +0JDnJwIDAQABo4HjMIHgMB0GA1UdEQQWMBSBEmVjX2FjY0BjYXRjZXJ0Lm5ldDAPBgNVHRMBAf8E +BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUoMOLRKo3pUW/l4Ba0fF4opvpXY0wfwYD +VR0gBHgwdjB0BgsrBgEEAfV4AQMBCjBlMCwGCCsGAQUFBwIBFiBodHRwczovL3d3dy5jYXRjZXJ0 +Lm5ldC92ZXJhcnJlbDA1BggrBgEFBQcCAjApGidWZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5l +dC92ZXJhcnJlbCAwDQYJKoZIhvcNAQEFBQADggEBAKBIW4IB9k1IuDlVNZyAelOZ1Vr/sXE7zDkJ +lF7W2u++AVtd0x7Y/X1PzaBB4DSTv8vihpw3kpBWHNzrKQXlxJ7HNd+KDM3FIUPpqojlNcAZQmNa +Al6kSBg6hW/cnbw/nZzBh7h6YQjpdwt/cKt63dmXLGQehb+8dJahw3oS7AwaboMMPOhyRp/7SNVe +l+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOSAgu+TGbrIP65y7WZf+a2 +E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xlnJ2lYJU6Un/10asIbvPuW/mIPX64b24D +5EI= +-----END CERTIFICATE----- + +Hellenic Academic and Research Institutions RootCA 2011 +======================================================= +-----BEGIN CERTIFICATE----- +MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1IxRDBCBgNVBAoT +O0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9y +aXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25z +IFJvb3RDQSAyMDExMB4XDTExMTIwNjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYT +AkdSMUQwQgYDVQQKEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25z +IENlcnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNo +IEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +AKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPzdYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI +1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJfel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa +71HFK9+WXesyHgLacEnsbgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u +8yBRQlqD75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSPFEDH +3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNVHRMBAf8EBTADAQH/ +MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp5dgTBCPuQSUwRwYDVR0eBEAwPqA8 +MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQub3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQu +b3JnMA0GCSqGSIb3DQEBBQUAA4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVt +XdMiKahsog2p6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8 +TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7dIsXRSZMFpGD +/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8AcysNnq/onN694/BtZqhFLKPM58N +7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXIl7WdmplNsDz4SgCbZN2fOUvRJ9e4 +-----END CERTIFICATE----- diff --git a/3rdparty/aws-sdk/lib/requestcore/requestcore.class.php b/3rdparty/aws-sdk/lib/requestcore/requestcore.class.php new file mode 100755 index 00000000000..087694f08cd --- /dev/null +++ b/3rdparty/aws-sdk/lib/requestcore/requestcore.class.php @@ -0,0 +1,1028 @@ +). + */ + public $request_class = 'RequestCore'; + + /** + * The default class to use for HTTP Responses (defaults to ). + */ + public $response_class = 'ResponseCore'; + + /** + * Default useragent string to use. + */ + public $useragent = 'RequestCore/1.4.4'; + + /** + * File to read from while streaming up. + */ + public $read_file = null; + + /** + * The resource to read from while streaming up. + */ + public $read_stream = null; + + /** + * The size of the stream to read from. + */ + public $read_stream_size = null; + + /** + * The length already read from the stream. + */ + public $read_stream_read = 0; + + /** + * File to write to while streaming down. + */ + public $write_file = null; + + /** + * The resource to write to while streaming down. + */ + public $write_stream = null; + + /** + * Stores the intended starting seek position. + */ + public $seek_position = null; + + /** + * The location of the cacert.pem file to use. + */ + public $cacert_location = false; + + /** + * The state of SSL certificate verification. + */ + public $ssl_verification = true; + + /** + * The user-defined callback function to call when a stream is read from. + */ + public $registered_streaming_read_callback = null; + + /** + * The user-defined callback function to call when a stream is written to. + */ + public $registered_streaming_write_callback = null; + + + /*%******************************************************************************************%*/ + // CONSTANTS + + /** + * GET HTTP Method + */ + const HTTP_GET = 'GET'; + + /** + * POST HTTP Method + */ + const HTTP_POST = 'POST'; + + /** + * PUT HTTP Method + */ + const HTTP_PUT = 'PUT'; + + /** + * DELETE HTTP Method + */ + const HTTP_DELETE = 'DELETE'; + + /** + * HEAD HTTP Method + */ + const HTTP_HEAD = 'HEAD'; + + + /*%******************************************************************************************%*/ + // CONSTRUCTOR/DESTRUCTOR + + /** + * Constructs a new instance of this class. + * + * @param string $url (Optional) The URL to request or service endpoint to query. + * @param string $proxy (Optional) The faux-url to use for proxy settings. Takes the following format: `proxy://user:pass@hostname:port` + * @param array $helpers (Optional) An associative array of classnames to use for request, and response functionality. Gets passed in automatically by the calling class. + * @return $this A reference to the current instance. + */ + public function __construct($url = null, $proxy = null, $helpers = null) + { + // Set some default values. + $this->request_url = $url; + $this->method = self::HTTP_GET; + $this->request_headers = array(); + $this->request_body = ''; + + // Set a new Request class if one was set. + if (isset($helpers['request']) && !empty($helpers['request'])) + { + $this->request_class = $helpers['request']; + } + + // Set a new Request class if one was set. + if (isset($helpers['response']) && !empty($helpers['response'])) + { + $this->response_class = $helpers['response']; + } + + if ($proxy) + { + $this->set_proxy($proxy); + } + + return $this; + } + + /** + * Destructs the instance. Closes opened file handles. + * + * @return $this A reference to the current instance. + */ + public function __destruct() + { + if (isset($this->read_file) && isset($this->read_stream)) + { + fclose($this->read_stream); + } + + if (isset($this->write_file) && isset($this->write_stream)) + { + fclose($this->write_stream); + } + + return $this; + } + + + /*%******************************************************************************************%*/ + // REQUEST METHODS + + /** + * Sets the credentials to use for authentication. + * + * @param string $user (Required) The username to authenticate with. + * @param string $pass (Required) The password to authenticate with. + * @return $this A reference to the current instance. + */ + public function set_credentials($user, $pass) + { + $this->username = $user; + $this->password = $pass; + return $this; + } + + /** + * Adds a custom HTTP header to the cURL request. + * + * @param string $key (Required) The custom HTTP header to set. + * @param mixed $value (Required) The value to assign to the custom HTTP header. + * @return $this A reference to the current instance. + */ + public function add_header($key, $value) + { + $this->request_headers[$key] = $value; + return $this; + } + + /** + * Removes an HTTP header from the cURL request. + * + * @param string $key (Required) The custom HTTP header to set. + * @return $this A reference to the current instance. + */ + public function remove_header($key) + { + if (isset($this->request_headers[$key])) + { + unset($this->request_headers[$key]); + } + return $this; + } + + /** + * Set the method type for the request. + * + * @param string $method (Required) One of the following constants: , , , , . + * @return $this A reference to the current instance. + */ + public function set_method($method) + { + $this->method = strtoupper($method); + return $this; + } + + /** + * Sets a custom useragent string for the class. + * + * @param string $ua (Required) The useragent string to use. + * @return $this A reference to the current instance. + */ + public function set_useragent($ua) + { + $this->useragent = $ua; + return $this; + } + + /** + * Set the body to send in the request. + * + * @param string $body (Required) The textual content to send along in the body of the request. + * @return $this A reference to the current instance. + */ + public function set_body($body) + { + $this->request_body = $body; + return $this; + } + + /** + * Set the URL to make the request to. + * + * @param string $url (Required) The URL to make the request to. + * @return $this A reference to the current instance. + */ + public function set_request_url($url) + { + $this->request_url = $url; + return $this; + } + + /** + * Set additional CURLOPT settings. These will merge with the default settings, and override if + * there is a duplicate. + * + * @param array $curlopts (Optional) A set of key-value pairs that set `CURLOPT` options. These will merge with the existing CURLOPTs, and ones passed here will override the defaults. Keys should be the `CURLOPT_*` constants, not strings. + * @return $this A reference to the current instance. + */ + public function set_curlopts($curlopts) + { + $this->curlopts = $curlopts; + return $this; + } + + /** + * Sets the length in bytes to read from the stream while streaming up. + * + * @param integer $size (Required) The length in bytes to read from the stream. + * @return $this A reference to the current instance. + */ + public function set_read_stream_size($size) + { + $this->read_stream_size = $size; + + return $this; + } + + /** + * Sets the resource to read from while streaming up. Reads the stream from its current position until + * EOF or `$size` bytes have been read. If `$size` is not given it will be determined by and + * . + * + * @param resource $resource (Required) The readable resource to read from. + * @param integer $size (Optional) The size of the stream to read. + * @return $this A reference to the current instance. + */ + public function set_read_stream($resource, $size = null) + { + if (!isset($size) || $size < 0) + { + $stats = fstat($resource); + + if ($stats && $stats['size'] >= 0) + { + $position = ftell($resource); + + if ($position !== false && $position >= 0) + { + $size = $stats['size'] - $position; + } + } + } + + $this->read_stream = $resource; + + return $this->set_read_stream_size($size); + } + + /** + * Sets the file to read from while streaming up. + * + * @param string $location (Required) The readable location to read from. + * @return $this A reference to the current instance. + */ + public function set_read_file($location) + { + $this->read_file = $location; + $read_file_handle = fopen($location, 'r'); + + return $this->set_read_stream($read_file_handle); + } + + /** + * Sets the resource to write to while streaming down. + * + * @param resource $resource (Required) The writeable resource to write to. + * @return $this A reference to the current instance. + */ + public function set_write_stream($resource) + { + $this->write_stream = $resource; + + return $this; + } + + /** + * Sets the file to write to while streaming down. + * + * @param string $location (Required) The writeable location to write to. + * @return $this A reference to the current instance. + */ + public function set_write_file($location) + { + $this->write_file = $location; + $write_file_handle = fopen($location, 'w'); + + return $this->set_write_stream($write_file_handle); + } + + /** + * Set the proxy to use for making requests. + * + * @param string $proxy (Required) The faux-url to use for proxy settings. Takes the following format: `proxy://user:pass@hostname:port` + * @return $this A reference to the current instance. + */ + public function set_proxy($proxy) + { + $proxy = parse_url($proxy); + $proxy['user'] = isset($proxy['user']) ? $proxy['user'] : null; + $proxy['pass'] = isset($proxy['pass']) ? $proxy['pass'] : null; + $proxy['port'] = isset($proxy['port']) ? $proxy['port'] : null; + $this->proxy = $proxy; + return $this; + } + + /** + * Set the intended starting seek position. + * + * @param integer $position (Required) The byte-position of the stream to begin reading from. + * @return $this A reference to the current instance. + */ + public function set_seek_position($position) + { + $this->seek_position = isset($position) ? (integer) $position : null; + + return $this; + } + + /** + * Register a callback function to execute whenever a data stream is read from using + * . + * + * The user-defined callback function should accept three arguments: + * + *

$curl_handle - resource - Required - The cURL handle resource that represents the in-progress transfer.
$file_handle - resource - Required - The file handle resource that represents the file on the local file system.
$length - integer - Required - The length in kilobytes of the data chunk that was transferred.

+ * + * @param string|array|function $callback (Required) The callback function is called by , so you can pass the following values:

The name of a global function to execute, passed as a string.
A method to execute, passed as array('ClassName', 'MethodName').
An anonymous function (PHP 5.3+).

+ * @return $this A reference to the current instance. + */ + public function register_streaming_read_callback($callback) + { + $this->registered_streaming_read_callback = $callback; + + return $this; + } + + /** + * Register a callback function to execute whenever a data stream is written to using + * . + * + * The user-defined callback function should accept two arguments: + * + *

$curl_handle - resource - Required - The cURL handle resource that represents the in-progress transfer.
$length - integer - Required - The length in kilobytes of the data chunk that was transferred.

+ * + * @param string|array|function $callback (Required) The callback function is called by , so you can pass the following values:

The name of a global function to execute, passed as a string.
A method to execute, passed as array('ClassName', 'MethodName').
An anonymous function (PHP 5.3+).

+ * @return $this A reference to the current instance. + */ + public function register_streaming_write_callback($callback) + { + $this->registered_streaming_write_callback = $callback; + + return $this; + } + + + /*%******************************************************************************************%*/ + // PREPARE, SEND, AND PROCESS REQUEST + + /** + * A callback function that is invoked by cURL for streaming up. + * + * @param resource $curl_handle (Required) The cURL handle for the request. + * @param resource $file_handle (Required) The open file handle resource. + * @param integer $length (Required) The maximum number of bytes to read. + * @return binary Binary data from a stream. + */ + public function streaming_read_callback($curl_handle, $file_handle, $length) + { + // Once we've sent as much as we're supposed to send... + if ($this->read_stream_read >= $this->read_stream_size) + { + // Send EOF + return ''; + } + + // If we're at the beginning of an upload and need to seek... + if ($this->read_stream_read == 0 && isset($this->seek_position) && $this->seek_position !== ftell($this->read_stream)) + { + if (fseek($this->read_stream, $this->seek_position) !== 0) + { + throw new RequestCore_Exception('The stream does not support seeking and is either not at the requested position or the position is unknown.'); + } + } + + $read = fread($this->read_stream, min($this->read_stream_size - $this->read_stream_read, $length)); // Remaining upload data or cURL's requested chunk size + $this->read_stream_read += strlen($read); + + $out = $read === false ? '' : $read; + + // Execute callback function + if ($this->registered_streaming_read_callback) + { + call_user_func($this->registered_streaming_read_callback, $curl_handle, $file_handle, $out); + } + + return $out; + } + + /** + * A callback function that is invoked by cURL for streaming down. + * + * @param resource $curl_handle (Required) The cURL handle for the request. + * @param binary $data (Required) The data to write. + * @return integer The number of bytes written. + */ + public function streaming_write_callback($curl_handle, $data) + { + $length = strlen($data); + $written_total = 0; + $written_last = 0; + + while ($written_total < $length) + { + $written_last = fwrite($this->write_stream, substr($data, $written_total)); + + if ($written_last === false) + { + return $written_total; + } + + $written_total += $written_last; + } + + // Execute callback function + if ($this->registered_streaming_write_callback) + { + call_user_func($this->registered_streaming_write_callback, $curl_handle, $written_total); + } + + return $written_total; + } + + /** + * Prepares and adds the details of the cURL request. This can be passed along to a + * function. + * + * @return resource The handle for the cURL object. + */ + public function prep_request() + { + $curl_handle = curl_init(); + + // Set default options. + curl_setopt($curl_handle, CURLOPT_URL, $this->request_url); + curl_setopt($curl_handle, CURLOPT_FILETIME, true); + curl_setopt($curl_handle, CURLOPT_FRESH_CONNECT, false); + curl_setopt($curl_handle, CURLOPT_CLOSEPOLICY, CURLCLOSEPOLICY_LEAST_RECENTLY_USED); + curl_setopt($curl_handle, CURLOPT_MAXREDIRS, 5); + curl_setopt($curl_handle, CURLOPT_HEADER, true); + curl_setopt($curl_handle, CURLOPT_RETURNTRANSFER, true); + curl_setopt($curl_handle, CURLOPT_TIMEOUT, 5184000); + curl_setopt($curl_handle, CURLOPT_CONNECTTIMEOUT, 120); + curl_setopt($curl_handle, CURLOPT_NOSIGNAL, true); + curl_setopt($curl_handle, CURLOPT_REFERER, $this->request_url); + curl_setopt($curl_handle, CURLOPT_USERAGENT, $this->useragent); + curl_setopt($curl_handle, CURLOPT_READFUNCTION, array($this, 'streaming_read_callback')); + + // Verification of the SSL cert + if ($this->ssl_verification) + { + curl_setopt($curl_handle, CURLOPT_SSL_VERIFYPEER, true); + curl_setopt($curl_handle, CURLOPT_SSL_VERIFYHOST, 2); + } + else + { + curl_setopt($curl_handle, CURLOPT_SSL_VERIFYPEER, false); + curl_setopt($curl_handle, CURLOPT_SSL_VERIFYHOST, false); + } + + // chmod the file as 0755 + if ($this->cacert_location === true) + { + curl_setopt($curl_handle, CURLOPT_CAINFO, dirname(__FILE__) . '/cacert.pem'); + } + elseif (is_string($this->cacert_location)) + { + curl_setopt($curl_handle, CURLOPT_CAINFO, $this->cacert_location); + } + + // Debug mode + if ($this->debug_mode) + { + curl_setopt($curl_handle, CURLOPT_VERBOSE, true); + } + + // Handle open_basedir & safe mode + if (!ini_get('safe_mode') && !ini_get('open_basedir')) + { + curl_setopt($curl_handle, CURLOPT_FOLLOWLOCATION, true); + } + + // Enable a proxy connection if requested. + if ($this->proxy) + { + curl_setopt($curl_handle, CURLOPT_HTTPPROXYTUNNEL, true); + + $host = $this->proxy['host']; + $host .= ($this->proxy['port']) ? ':' . $this->proxy['port'] : ''; + curl_setopt($curl_handle, CURLOPT_PROXY, $host); + + if (isset($this->proxy['user']) && isset($this->proxy['pass'])) + { + curl_setopt($curl_handle, CURLOPT_PROXYUSERPWD, $this->proxy['user'] . ':' . $this->proxy['pass']); + } + } + + // Set credentials for HTTP Basic/Digest Authentication. + if ($this->username && $this->password) + { + curl_setopt($curl_handle, CURLOPT_HTTPAUTH, CURLAUTH_ANY); + curl_setopt($curl_handle, CURLOPT_USERPWD, $this->username . ':' . $this->password); + } + + // Handle the encoding if we can. + if (extension_loaded('zlib')) + { + curl_setopt($curl_handle, CURLOPT_ENCODING, 'gzip, deflate'); + } + + // Process custom headers + if (isset($this->request_headers) && count($this->request_headers)) + { + $temp_headers = array(); + + foreach ($this->request_headers as $k => $v) + { + $temp_headers[] = $k . ': ' . $v; + } + + curl_setopt($curl_handle, CURLOPT_HTTPHEADER, $temp_headers); + } + + switch ($this->method) + { + case self::HTTP_PUT: + curl_setopt($curl_handle, CURLOPT_CUSTOMREQUEST, 'PUT'); + if (isset($this->read_stream)) + { + if (!isset($this->read_stream_size) || $this->read_stream_size < 0) + { + throw new RequestCore_Exception('The stream size for the streaming upload cannot be determined.'); + } + + curl_setopt($curl_handle, CURLOPT_INFILESIZE, $this->read_stream_size); + curl_setopt($curl_handle, CURLOPT_UPLOAD, true); + } + else + { + curl_setopt($curl_handle, CURLOPT_POSTFIELDS, $this->request_body); + } + break; + + case self::HTTP_POST: + curl_setopt($curl_handle, CURLOPT_POST, true); + curl_setopt($curl_handle, CURLOPT_POSTFIELDS, $this->request_body); + break; + + case self::HTTP_HEAD: + curl_setopt($curl_handle, CURLOPT_CUSTOMREQUEST, self::HTTP_HEAD); + curl_setopt($curl_handle, CURLOPT_NOBODY, 1); + break; + + default: // Assumed GET + curl_setopt($curl_handle, CURLOPT_CUSTOMREQUEST, $this->method); + if (isset($this->write_stream)) + { + curl_setopt($curl_handle, CURLOPT_WRITEFUNCTION, array($this, 'streaming_write_callback')); + curl_setopt($curl_handle, CURLOPT_HEADER, false); + } + else + { + curl_setopt($curl_handle, CURLOPT_POSTFIELDS, $this->request_body); + } + break; + } + + // Merge in the CURLOPTs + if (isset($this->curlopts) && sizeof($this->curlopts) > 0) + { + foreach ($this->curlopts as $k => $v) + { + curl_setopt($curl_handle, $k, $v); + } + } + + return $curl_handle; + } + + /** + * Take the post-processed cURL data and break it down into useful header/body/info chunks. Uses the + * data stored in the `curl_handle` and `response` properties unless replacement data is passed in via + * parameters. + * + * @param resource $curl_handle (Optional) The reference to the already executed cURL request. + * @param string $response (Optional) The actual response content itself that needs to be parsed. + * @return ResponseCore A object containing a parsed HTTP response. + */ + public function process_response($curl_handle = null, $response = null) + { + // Accept a custom one if it's passed. + if ($curl_handle && $response) + { + $this->curl_handle = $curl_handle; + $this->response = $response; + } + + // As long as this came back as a valid resource... + if (is_resource($this->curl_handle)) + { + // Determine what's what. + $header_size = curl_getinfo($this->curl_handle, CURLINFO_HEADER_SIZE); + $this->response_headers = substr($this->response, 0, $header_size); + $this->response_body = substr($this->response, $header_size); + $this->response_code = curl_getinfo($this->curl_handle, CURLINFO_HTTP_CODE); + $this->response_info = curl_getinfo($this->curl_handle); + + // Parse out the headers + $this->response_headers = explode("\r\n\r\n", trim($this->response_headers)); + $this->response_headers = array_pop($this->response_headers); + $this->response_headers = explode("\r\n", $this->response_headers); + array_shift($this->response_headers); + + // Loop through and split up the headers. + $header_assoc = array(); + foreach ($this->response_headers as $header) + { + $kv = explode(': ', $header); + $header_assoc[strtolower($kv[0])] = $kv[1]; + } + + // Reset the headers to the appropriate property. + $this->response_headers = $header_assoc; + $this->response_headers['_info'] = $this->response_info; + $this->response_headers['_info']['method'] = $this->method; + + if ($curl_handle && $response) + { + return new $this->response_class($this->response_headers, $this->response_body, $this->response_code, $this->curl_handle); + } + } + + // Return false + return false; + } + + /** + * Sends the request, calling necessary utility functions to update built-in properties. + * + * @param boolean $parse (Optional) Whether to parse the response with ResponseCore or not. + * @return string The resulting unparsed data from the request. + */ + public function send_request($parse = false) + { + set_time_limit(0); + + $curl_handle = $this->prep_request(); + $this->response = curl_exec($curl_handle); + + if ($this->response === false) + { + throw new cURL_Exception('cURL resource: ' . (string) $curl_handle . '; cURL error: ' . curl_error($curl_handle) . ' (cURL error code ' . curl_errno($curl_handle) . '). See http://curl.haxx.se/libcurl/c/libcurl-errors.html for an explanation of error codes.'); + } + + $parsed_response = $this->process_response($curl_handle, $this->response); + + curl_close($curl_handle); + + if ($parse) + { + return $parsed_response; + } + + return $this->response; + } + + /** + * Sends the request using , enabling parallel requests. Uses the "rolling" method. + * + * @param array $handles (Required) An indexed array of cURL handles to process simultaneously. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

callback - string|array - Optional - The string name of a function to pass the response data to. If this is a method, pass an array where the [0] index is the class and the [1] index is the method name.
limit - integer - Optional - The number of simultaneous requests to make. This can be useful for scaling around slow server responses. Defaults to trusting cURLs judgement as to how many to use.

+ * @return array Post-processed cURL responses. + */ + public function send_multi_request($handles, $opt = null) + { + set_time_limit(0); + + // Skip everything if there are no handles to process. + if (count($handles) === 0) return array(); + + if (!$opt) $opt = array(); + + // Initialize any missing options + $limit = isset($opt['limit']) ? $opt['limit'] : -1; + + // Initialize + $handle_list = $handles; + $http = new $this->request_class(); + $multi_handle = curl_multi_init(); + $handles_post = array(); + $added = count($handles); + $last_handle = null; + $count = 0; + $i = 0; + + // Loop through the cURL handles and add as many as it set by the limit parameter. + while ($i < $added) + { + if ($limit > 0 && $i >= $limit) break; + curl_multi_add_handle($multi_handle, array_shift($handles)); + $i++; + } + + do + { + $active = false; + + // Start executing and wait for a response. + while (($status = curl_multi_exec($multi_handle, $active)) === CURLM_CALL_MULTI_PERFORM) + { + // Start looking for possible responses immediately when we have to add more handles + if (count($handles) > 0) break; + } + + // Figure out which requests finished. + $to_process = array(); + + while ($done = curl_multi_info_read($multi_handle)) + { + // Since curl_errno() isn't reliable for handles that were in multirequests, we check the 'result' of the info read, which contains the curl error number, (listed here http://curl.haxx.se/libcurl/c/libcurl-errors.html ) + if ($done['result'] > 0) + { + throw new cURL_Multi_Exception('cURL resource: ' . (string) $done['handle'] . '; cURL error: ' . curl_error($done['handle']) . ' (cURL error code ' . $done['result'] . '). See http://curl.haxx.se/libcurl/c/libcurl-errors.html for an explanation of error codes.'); + } + + // Because curl_multi_info_read() might return more than one message about a request, we check to see if this request is already in our array of completed requests + elseif (!isset($to_process[(int) $done['handle']])) + { + $to_process[(int) $done['handle']] = $done; + } + } + + // Actually deal with the request + foreach ($to_process as $pkey => $done) + { + $response = $http->process_response($done['handle'], curl_multi_getcontent($done['handle'])); + $key = array_search($done['handle'], $handle_list, true); + $handles_post[$key] = $response; + + if (count($handles) > 0) + { + curl_multi_add_handle($multi_handle, array_shift($handles)); + } + + curl_multi_remove_handle($multi_handle, $done['handle']); + curl_close($done['handle']); + } + } + while ($active || count($handles_post) < $added); + + curl_multi_close($multi_handle); + + ksort($handles_post, SORT_NUMERIC); + return $handles_post; + } + + + /*%******************************************************************************************%*/ + // RESPONSE METHODS + + /** + * Get the HTTP response headers from the request. + * + * @param string $header (Optional) A specific header value to return. Defaults to all headers. + * @return string|array All or selected header values. + */ + public function get_response_header($header = null) + { + if ($header) + { + return $this->response_headers[strtolower($header)]; + } + return $this->response_headers; + } + + /** + * Get the HTTP response body from the request. + * + * @return string The response body. + */ + public function get_response_body() + { + return $this->response_body; + } + + /** + * Get the HTTP response code from the request. + * + * @return string The HTTP response code. + */ + public function get_response_code() + { + return $this->response_code; + } +} + + +/** + * Container for all response-related methods. + */ +class ResponseCore +{ + /** + * Stores the HTTP header information. + */ + public $header; + + /** + * Stores the SimpleXML response. + */ + public $body; + + /** + * Stores the HTTP response code. + */ + public $status; + + /** + * Constructs a new instance of this class. + * + * @param array $header (Required) Associative array of HTTP headers (typically returned by ). + * @param string $body (Required) XML-formatted response from AWS. + * @param integer $status (Optional) HTTP response status code from the request. + * @return object Contains an `header` property (HTTP headers as an associative array), a or `body` property, and an `status` code. + */ + public function __construct($header, $body, $status = null) + { + $this->header = $header; + $this->body = $body; + $this->status = $status; + + return $this; + } + + /** + * Did we receive the status code we expected? + * + * @param integer|array $codes (Optional) The status code(s) to expect. Pass an for a single acceptable value, or an of integers for multiple acceptable values. + * @return boolean Whether we received the expected status code or not. + */ + public function isOK($codes = array(200, 201, 204, 206)) + { + if (is_array($codes)) + { + return in_array($this->status, $codes); + } + + return $this->status === $codes; + } +} + +class cURL_Exception extends Exception {} +class cURL_Multi_Exception extends cURL_Exception {} +class RequestCore_Exception extends Exception {} diff --git a/3rdparty/aws-sdk/lib/yaml/LICENSE b/3rdparty/aws-sdk/lib/yaml/LICENSE new file mode 100644 index 00000000000..3cef853170e --- /dev/null +++ b/3rdparty/aws-sdk/lib/yaml/LICENSE @@ -0,0 +1,19 @@ +Copyright (c) 2008-2009 Fabien Potencier + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is furnished +to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/3rdparty/aws-sdk/lib/yaml/README.markdown b/3rdparty/aws-sdk/lib/yaml/README.markdown new file mode 100644 index 00000000000..e4f80cfbac4 --- /dev/null +++ b/3rdparty/aws-sdk/lib/yaml/README.markdown @@ -0,0 +1,15 @@ +Symfony YAML: A PHP library that speaks YAML +============================================ + +Symfony YAML is a PHP library that parses YAML strings and converts them to +PHP arrays. It can also converts PHP arrays to YAML strings. Its official +website is at http://components.symfony-project.org/yaml/. + +The documentation is to be found in the `doc/` directory. + +Symfony YAML is licensed under the MIT license (see LICENSE file). + +The Symfony YAML library is developed and maintained by the +[symfony](http://www.symfony-project.org/) project team. It has been extracted +from symfony to be used as a standalone library. Symfony YAML is part of the +[symfony components project](http://components.symfony-project.org/). diff --git a/3rdparty/aws-sdk/lib/yaml/lib/sfYaml.php b/3rdparty/aws-sdk/lib/yaml/lib/sfYaml.php new file mode 100644 index 00000000000..1d89ccc9736 --- /dev/null +++ b/3rdparty/aws-sdk/lib/yaml/lib/sfYaml.php @@ -0,0 +1,135 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +/** + * sfYaml offers convenience methods to load and dump YAML. + * + * @package symfony + * @subpackage yaml + * @author Fabien Potencier + * @version SVN: $Id: sfYaml.class.php 8988 2008-05-15 20:24:26Z fabien $ + */ +class sfYaml +{ + static protected + $spec = '1.2'; + + /** + * Sets the YAML specification version to use. + * + * @param string $version The YAML specification version + */ + static public function setSpecVersion($version) + { + if (!in_array($version, array('1.1', '1.2'))) + { + throw new InvalidArgumentException(sprintf('Version %s of the YAML specifications is not supported', $version)); + } + + self::$spec = $version; + } + + /** + * Gets the YAML specification version to use. + * + * @return string The YAML specification version + */ + static public function getSpecVersion() + { + return self::$spec; + } + + /** + * Loads YAML into a PHP array. + * + * The load method, when supplied with a YAML stream (string or file), + * will do its best to convert YAML in a file into a PHP array. + * + * Usage: + *


+   *   $array = sfYaml::load('config.yml');
+   *   print_r($array);
+   *

+ * + * @param string $input Path of YAML file or string containing YAML + * + * @return array The YAML converted to a PHP array + * + * @throws InvalidArgumentException If the YAML is not valid + */ + public static function load($input) + { + $file = ''; + + // if input is a file, process it + if (strpos($input, "\n") === false && is_file($input)) + { + $file = $input; + + ob_start(); + $retval = include($input); + $content = ob_get_clean(); + + // if an array is returned by the config file assume it's in plain php form else in YAML + $input = is_array($retval) ? $retval : $content; + } + + // if an array is returned by the config file assume it's in plain php form else in YAML + if (is_array($input)) + { + return $input; + } + + require_once dirname(__FILE__).'/sfYamlParser.php'; + + $yaml = new sfYamlParser(); + + try + { + $ret = $yaml->parse($input); + } + catch (Exception $e) + { + throw new InvalidArgumentException(sprintf('Unable to parse %s: %s', $file ? sprintf('file "%s"', $file) : 'string', $e->getMessage())); + } + + return $ret; + } + + /** + * Dumps a PHP array to a YAML string. + * + * The dump method, when supplied with an array, will do its best + * to convert the array into friendly YAML. + * + * @param array $array PHP array + * @param integer $inline The level where you switch to inline YAML + * + * @return string A YAML string representing the original PHP array + */ + public static function dump($array, $inline = 2) + { + require_once dirname(__FILE__).'/sfYamlDumper.php'; + + $yaml = new sfYamlDumper(); + + return $yaml->dump($array, $inline); + } +} + +/** + * Wraps echo to automatically provide a newline. + * + * @param string $string The string to echo with new line + */ +function echoln($string) +{ + echo $string."\n"; +} diff --git a/3rdparty/aws-sdk/lib/yaml/lib/sfYamlDumper.php b/3rdparty/aws-sdk/lib/yaml/lib/sfYamlDumper.php new file mode 100644 index 00000000000..0ada2b37d21 --- /dev/null +++ b/3rdparty/aws-sdk/lib/yaml/lib/sfYamlDumper.php @@ -0,0 +1,60 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +require_once(dirname(__FILE__).'/sfYamlInline.php'); + +/** + * sfYamlDumper dumps PHP variables to YAML strings. + * + * @package symfony + * @subpackage yaml + * @author Fabien Potencier + * @version SVN: $Id: sfYamlDumper.class.php 10575 2008-08-01 13:08:42Z nicolas $ + */ +class sfYamlDumper +{ + /** + * Dumps a PHP value to YAML. + * + * @param mixed $input The PHP value + * @param integer $inline The level where you switch to inline YAML + * @param integer $indent The level o indentation indentation (used internally) + * + * @return string The YAML representation of the PHP value + */ + public function dump($input, $inline = 0, $indent = 0) + { + $output = ''; + $prefix = $indent ? str_repeat(' ', $indent) : ''; + + if ($inline <= 0 || !is_array($input) || empty($input)) + { + $output .= $prefix.sfYamlInline::dump($input); + } + else + { + $isAHash = array_keys($input) !== range(0, count($input) - 1); + + foreach ($input as $key => $value) + { + $willBeInlined = $inline - 1 <= 0 || !is_array($value) || empty($value); + + $output .= sprintf('%s%s%s%s', + $prefix, + $isAHash ? sfYamlInline::dump($key).':' : '-', + $willBeInlined ? ' ' : "\n", + $this->dump($value, $inline - 1, $willBeInlined ? 0 : $indent + 2) + ).($willBeInlined ? "\n" : ''); + } + } + + return $output; + } +} diff --git a/3rdparty/aws-sdk/lib/yaml/lib/sfYamlInline.php b/3rdparty/aws-sdk/lib/yaml/lib/sfYamlInline.php new file mode 100644 index 00000000000..66edb4f07ab --- /dev/null +++ b/3rdparty/aws-sdk/lib/yaml/lib/sfYamlInline.php @@ -0,0 +1,442 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +require_once dirname(__FILE__).'/sfYaml.php'; + +/** + * sfYamlInline implements a YAML parser/dumper for the YAML inline syntax. + * + * @package symfony + * @subpackage yaml + * @author Fabien Potencier + * @version SVN: $Id: sfYamlInline.class.php 16177 2009-03-11 08:32:48Z fabien $ + */ +class sfYamlInline +{ + const REGEX_QUOTED_STRING = '(?:"([^"\\\\]*(?:\\\\.[^"\\\\]*)*)"|\'([^\']*(?:\'\'[^\']*)*)\')'; + + /** + * Convert a YAML string to a PHP array. + * + * @param string $value A YAML string + * + * @return array A PHP array representing the YAML string + */ + static public function load($value) + { + $value = trim($value); + + if (0 == strlen($value)) + { + return ''; + } + + if (function_exists('mb_internal_encoding') && ((int) ini_get('mbstring.func_overload')) & 2) + { + $mbEncoding = mb_internal_encoding(); + mb_internal_encoding('ASCII'); + } + + switch ($value[0]) + { + case '[': + $result = self::parseSequence($value); + break; + case '{': + $result = self::parseMapping($value); + break; + default: + $result = self::parseScalar($value); + } + + if (isset($mbEncoding)) + { + mb_internal_encoding($mbEncoding); + } + + return $result; + } + + /** + * Dumps a given PHP variable to a YAML string. + * + * @param mixed $value The PHP variable to convert + * + * @return string The YAML string representing the PHP array + */ + static public function dump($value) + { + if ('1.1' === sfYaml::getSpecVersion()) + { + $trueValues = array('true', 'on', '+', 'yes', 'y'); + $falseValues = array('false', 'off', '-', 'no', 'n'); + } + else + { + $trueValues = array('true'); + $falseValues = array('false'); + } + + switch (true) + { + case is_resource($value): + throw new InvalidArgumentException('Unable to dump PHP resources in a YAML file.'); + case is_object($value): + return '!!php/object:'.serialize($value); + case is_array($value): + return self::dumpArray($value); + case null === $value: + return 'null'; + case true === $value: + return 'true'; + case false === $value: + return 'false'; + case ctype_digit($value): + return is_string($value) ? "'$value'" : (int) $value; + case is_numeric($value): + return is_infinite($value) ? str_ireplace('INF', '.Inf', strval($value)) : (is_string($value) ? "'$value'" : $value); + case false !== strpos($value, "\n") || false !== strpos($value, "\r"): + return sprintf('"%s"', str_replace(array('"', "\n", "\r"), array('\\"', '\n', '\r'), $value)); + case preg_match('/[ \s \' " \: \{ \} \[ \] , & \* \# \?] | \A[ - ? | < > = ! % @ ` ]/x', $value): + return sprintf("'%s'", str_replace('\'', '\'\'', $value)); + case '' == $value: + return "''"; + case preg_match(self::getTimestampRegex(), $value): + return "'$value'"; + case in_array(strtolower($value), $trueValues): + return "'$value'"; + case in_array(strtolower($value), $falseValues): + return "'$value'"; + case in_array(strtolower($value), array('null', '~')): + return "'$value'"; + default: + return $value; + } + } + + /** + * Dumps a PHP array to a YAML string. + * + * @param array $value The PHP array to dump + * + * @return string The YAML string representing the PHP array + */ + static protected function dumpArray($value) + { + // array + $keys = array_keys($value); + if ( + (1 == count($keys) && '0' == $keys[0]) + || + (count($keys) > 1 && array_reduce($keys, create_function('$v,$w', 'return (integer) $v + $w;'), 0) == count($keys) * (count($keys) - 1) / 2)) + { + $output = array(); + foreach ($value as $val) + { + $output[] = self::dump($val); + } + + return sprintf('[%s]', implode(', ', $output)); + } + + // mapping + $output = array(); + foreach ($value as $key => $val) + { + $output[] = sprintf('%s: %s', self::dump($key), self::dump($val)); + } + + return sprintf('{ %s }', implode(', ', $output)); + } + + /** + * Parses a scalar to a YAML string. + * + * @param scalar $scalar + * @param string $delimiters + * @param array $stringDelimiter + * @param integer $i + * @param boolean $evaluate + * + * @return string A YAML string + */ + static public function parseScalar($scalar, $delimiters = null, $stringDelimiters = array('"', "'"), &$i = 0, $evaluate = true) + { + if (in_array($scalar[$i], $stringDelimiters)) + { + // quoted scalar + $output = self::parseQuotedScalar($scalar, $i); + } + else + { + // "normal" string + if (!$delimiters) + { + $output = substr($scalar, $i); + $i += strlen($output); + + // remove comments + if (false !== $strpos = strpos($output, ' #')) + { + $output = rtrim(substr($output, 0, $strpos)); + } + } + else if (preg_match('/^(.+?)('.implode('|', $delimiters).')/', substr($scalar, $i), $match)) + { + $output = $match[1]; + $i += strlen($output); + } + else + { + throw new InvalidArgumentException(sprintf('Malformed inline YAML string (%s).', $scalar)); + } + + $output = $evaluate ? self::evaluateScalar($output) : $output; + } + + return $output; + } + + /** + * Parses a quoted scalar to YAML. + * + * @param string $scalar + * @param integer $i + * + * @return string A YAML string + */ + static protected function parseQuotedScalar($scalar, &$i) + { + if (!preg_match('/'.self::REGEX_QUOTED_STRING.'/A', substr($scalar, $i), $match)) + { + throw new InvalidArgumentException(sprintf('Malformed inline YAML string (%s).', substr($scalar, $i))); + } + + $output = substr($match[0], 1, strlen($match[0]) - 2); + + if ('"' == $scalar[$i]) + { + // evaluate the string + $output = str_replace(array('\\"', '\\n', '\\r'), array('"', "\n", "\r"), $output); + } + else + { + // unescape ' + $output = str_replace('\'\'', '\'', $output); + } + + $i += strlen($match[0]); + + return $output; + } + + /** + * Parses a sequence to a YAML string. + * + * @param string $sequence + * @param integer $i + * + * @return string A YAML string + */ + static protected function parseSequence($sequence, &$i = 0) + { + $output = array(); + $len = strlen($sequence); + $i += 1; + + // [foo, bar, ...] + while ($i < $len) + { + switch ($sequence[$i]) + { + case '[': + // nested sequence + $output[] = self::parseSequence($sequence, $i); + break; + case '{': + // nested mapping + $output[] = self::parseMapping($sequence, $i); + break; + case ']': + return $output; + case ',': + case ' ': + break; + default: + $isQuoted = in_array($sequence[$i], array('"', "'")); + $value = self::parseScalar($sequence, array(',', ']'), array('"', "'"), $i); + + if (!$isQuoted && false !== strpos($value, ': ')) + { + // embedded mapping? + try + { + $value = self::parseMapping('{'.$value.'}'); + } + catch (InvalidArgumentException $e) + { + // no, it's not + } + } + + $output[] = $value; + + --$i; + } + + ++$i; + } + + throw new InvalidArgumentException(sprintf('Malformed inline YAML string %s', $sequence)); + } + + /** + * Parses a mapping to a YAML string. + * + * @param string $mapping + * @param integer $i + * + * @return string A YAML string + */ + static protected function parseMapping($mapping, &$i = 0) + { + $output = array(); + $len = strlen($mapping); + $i += 1; + + // {foo: bar, bar:foo, ...} + while ($i < $len) + { + switch ($mapping[$i]) + { + case ' ': + case ',': + ++$i; + continue 2; + case '}': + return $output; + } + + // key + $key = self::parseScalar($mapping, array(':', ' '), array('"', "'"), $i, false); + + // value + $done = false; + while ($i < $len) + { + switch ($mapping[$i]) + { + case '[': + // nested sequence + $output[$key] = self::parseSequence($mapping, $i); + $done = true; + break; + case '{': + // nested mapping + $output[$key] = self::parseMapping($mapping, $i); + $done = true; + break; + case ':': + case ' ': + break; + default: + $output[$key] = self::parseScalar($mapping, array(',', '}'), array('"', "'"), $i); + $done = true; + --$i; + } + + ++$i; + + if ($done) + { + continue 2; + } + } + } + + throw new InvalidArgumentException(sprintf('Malformed inline YAML string %s', $mapping)); + } + + /** + * Evaluates scalars and replaces magic values. + * + * @param string $scalar + * + * @return string A YAML string + */ + static protected function evaluateScalar($scalar) + { + $scalar = trim($scalar); + + if ('1.1' === sfYaml::getSpecVersion()) + { + $trueValues = array('true', 'on', '+', 'yes', 'y'); + $falseValues = array('false', 'off', '-', 'no', 'n'); + } + else + { + $trueValues = array('true'); + $falseValues = array('false'); + } + + switch (true) + { + case 'null' == strtolower($scalar): + case '' == $scalar: + case '~' == $scalar: + return null; + case 0 === strpos($scalar, '!str'): + return (string) substr($scalar, 5); + case 0 === strpos($scalar, '! '): + return intval(self::parseScalar(substr($scalar, 2))); + case 0 === strpos($scalar, '!!php/object:'): + return unserialize(substr($scalar, 13)); + case ctype_digit($scalar): + $raw = $scalar; + $cast = intval($scalar); + return '0' == $scalar[0] ? octdec($scalar) : (((string) $raw == (string) $cast) ? $cast : $raw); + case in_array(strtolower($scalar), $trueValues): + return true; + case in_array(strtolower($scalar), $falseValues): + return false; + case is_numeric($scalar): + return '0x' == $scalar[0].$scalar[1] ? hexdec($scalar) : floatval($scalar); + case 0 == strcasecmp($scalar, '.inf'): + case 0 == strcasecmp($scalar, '.NaN'): + return -log(0); + case 0 == strcasecmp($scalar, '-.inf'): + return log(0); + case preg_match('/^(-|\+)?[0-9,]+(\.[0-9]+)?$/', $scalar): + return floatval(str_replace(',', '', $scalar)); + case preg_match(self::getTimestampRegex(), $scalar): + return strtotime($scalar); + default: + return (string) $scalar; + } + } + + static protected function getTimestampRegex() + { + return <<[0-9][0-9][0-9][0-9]) + -(?P[0-9][0-9]?) + -(?P[0-9][0-9]?) + (?:(?:[Tt]|[ \t]+) + (?P[0-9][0-9]?) + :(?P[0-9][0-9]) + :(?P[0-9][0-9]) + (?:\.(?P[0-9]*))? + (?:[ \t]*(?PZ|(?P[-+])(?P[0-9][0-9]?) + (?::(?P[0-9][0-9]))?))?)? + $~x +EOF; + } +} diff --git a/3rdparty/aws-sdk/lib/yaml/lib/sfYamlParser.php b/3rdparty/aws-sdk/lib/yaml/lib/sfYamlParser.php new file mode 100644 index 00000000000..4c56a56db07 --- /dev/null +++ b/3rdparty/aws-sdk/lib/yaml/lib/sfYamlParser.php @@ -0,0 +1,612 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +require_once(dirname(__FILE__).'/sfYamlInline.php'); + +if (!defined('PREG_BAD_UTF8_OFFSET_ERROR')) +{ + define('PREG_BAD_UTF8_OFFSET_ERROR', 5); +} + +/** + * sfYamlParser parses YAML strings to convert them to PHP arrays. + * + * @package symfony + * @subpackage yaml + * @author Fabien Potencier + * @version SVN: $Id: sfYamlParser.class.php 10832 2008-08-13 07:46:08Z fabien $ + */ +class sfYamlParser +{ + protected + $offset = 0, + $lines = array(), + $currentLineNb = -1, + $currentLine = '', + $refs = array(); + + /** + * Constructor + * + * @param integer $offset The offset of YAML document (used for line numbers in error messages) + */ + public function __construct($offset = 0) + { + $this->offset = $offset; + } + + /** + * Parses a YAML string to a PHP value. + * + * @param string $value A YAML string + * + * @return mixed A PHP value + * + * @throws InvalidArgumentException If the YAML is not valid + */ + public function parse($value) + { + $value = str_replace("\t", ' ', $value); // Convert tabs to spaces. + + $this->currentLineNb = -1; + $this->currentLine = ''; + $this->lines = explode("\n", $this->cleanup($value)); + + if (function_exists('mb_internal_encoding') && ((int) ini_get('mbstring.func_overload')) & 2) + { + $mbEncoding = mb_internal_encoding(); + mb_internal_encoding('ASCII'); + } + + $data = array(); + while ($this->moveToNextLine()) + { + if ($this->isCurrentLineEmpty()) + { + continue; + } + + // tab? + if (preg_match('#^\t+#', $this->currentLine)) + { + throw new InvalidArgumentException(sprintf('A YAML file cannot contain tabs as indentation at line %d (%s).', $this->getRealCurrentLineNb() + 1, $this->currentLine)); + } + + $isRef = $isInPlace = $isProcessed = false; + if (preg_match('#^\-((?P\s+)(?P.+?))?\s*$#', $this->currentLine, $values)) + { + if (isset($values['value']) && preg_match('#^&(?P[^ ]+) *(?P.*)#', $values['value'], $matches)) + { + $isRef = $matches['ref']; + $values['value'] = $matches['value']; + } + + // array + if (!isset($values['value']) || '' == trim($values['value'], ' ') || 0 === strpos(ltrim($values['value'], ' '), '#')) + { + $c = $this->getRealCurrentLineNb() + 1; + $parser = new sfYamlParser($c); + $parser->refs =& $this->refs; + $data[] = $parser->parse($this->getNextEmbedBlock()); + } + else + { + if (isset($values['leadspaces']) + && ' ' == $values['leadspaces'] + && preg_match('#^(?P'.sfYamlInline::REGEX_QUOTED_STRING.'|[^ \'"\{].*?) *\:(\s+(?P.+?))?\s*$#', $values['value'], $matches)) + { + // this is a compact notation element, add to next block and parse + $c = $this->getRealCurrentLineNb(); + $parser = new sfYamlParser($c); + $parser->refs =& $this->refs; + + $block = $values['value']; + if (!$this->isNextLineIndented()) + { + $block .= "\n".$this->getNextEmbedBlock($this->getCurrentLineIndentation() + 2); + } + + $data[] = $parser->parse($block); + } + else + { + $data[] = $this->parseValue($values['value']); + } + } + } + else if (preg_match('#^(?P'.sfYamlInline::REGEX_QUOTED_STRING.'|[^ \'"].*?) *\:(\s+(?P.+?))?\s*$#', $this->currentLine, $values)) + { + $key = sfYamlInline::parseScalar($values['key']); + + if ('<<' === $key) + { + if (isset($values['value']) && '*' === substr($values['value'], 0, 1)) + { + $isInPlace = substr($values['value'], 1); + if (!array_key_exists($isInPlace, $this->refs)) + { + throw new InvalidArgumentException(sprintf('Reference "%s" does not exist at line %s (%s).', $isInPlace, $this->getRealCurrentLineNb() + 1, $this->currentLine)); + } + } + else + { + if (isset($values['value']) && $values['value'] !== '') + { + $value = $values['value']; + } + else + { + $value = $this->getNextEmbedBlock(); + } + $c = $this->getRealCurrentLineNb() + 1; + $parser = new sfYamlParser($c); + $parser->refs =& $this->refs; + $parsed = $parser->parse($value); + + $merged = array(); + if (!is_array($parsed)) + { + throw new InvalidArgumentException(sprintf("YAML merge keys used with a scalar value instead of an array at line %s (%s)", $this->getRealCurrentLineNb() + 1, $this->currentLine)); + } + else if (isset($parsed[0])) + { + // Numeric array, merge individual elements + foreach (array_reverse($parsed) as $parsedItem) + { + if (!is_array($parsedItem)) + { + throw new InvalidArgumentException(sprintf("Merge items must be arrays at line %s (%s).", $this->getRealCurrentLineNb() + 1, $parsedItem)); + } + $merged = array_merge($parsedItem, $merged); + } + } + else + { + // Associative array, merge + $merged = array_merge($merge, $parsed); + } + + $isProcessed = $merged; + } + } + else if (isset($values['value']) && preg_match('#^&(?P[^ ]+) *(?P.*)#', $values['value'], $matches)) + { + $isRef = $matches['ref']; + $values['value'] = $matches['value']; + } + + if ($isProcessed) + { + // Merge keys + $data = $isProcessed; + } + // hash + else if (!isset($values['value']) || '' == trim($values['value'], ' ') || 0 === strpos(ltrim($values['value'], ' '), '#')) + { + // if next line is less indented or equal, then it means that the current value is null + if ($this->isNextLineIndented()) + { + $data[$key] = null; + } + else + { + $c = $this->getRealCurrentLineNb() + 1; + $parser = new sfYamlParser($c); + $parser->refs =& $this->refs; + $data[$key] = $parser->parse($this->getNextEmbedBlock()); + } + } + else + { + if ($isInPlace) + { + $data = $this->refs[$isInPlace]; + } + else + { + $data[$key] = $this->parseValue($values['value']); + } + } + } + else + { + // 1-liner followed by newline + if (2 == count($this->lines) && empty($this->lines[1])) + { + $value = sfYamlInline::load($this->lines[0]); + if (is_array($value)) + { + $first = reset($value); + if ('*' === substr($first, 0, 1)) + { + $data = array(); + foreach ($value as $alias) + { + $data[] = $this->refs[substr($alias, 1)]; + } + $value = $data; + } + } + + if (isset($mbEncoding)) + { + mb_internal_encoding($mbEncoding); + } + + return $value; + } + + switch (preg_last_error()) + { + case PREG_INTERNAL_ERROR: + $error = 'Internal PCRE error on line'; + break; + case PREG_BACKTRACK_LIMIT_ERROR: + $error = 'pcre.backtrack_limit reached on line'; + break; + case PREG_RECURSION_LIMIT_ERROR: + $error = 'pcre.recursion_limit reached on line'; + break; + case PREG_BAD_UTF8_ERROR: + $error = 'Malformed UTF-8 data on line'; + break; + case PREG_BAD_UTF8_OFFSET_ERROR: + $error = 'Offset doesn\'t correspond to the begin of a valid UTF-8 code point on line'; + break; + default: + $error = 'Unable to parse line'; + } + + throw new InvalidArgumentException(sprintf('%s %d (%s).', $error, $this->getRealCurrentLineNb() + 1, $this->currentLine)); + } + + if ($isRef) + { + $this->refs[$isRef] = end($data); + } + } + + if (isset($mbEncoding)) + { + mb_internal_encoding($mbEncoding); + } + + return empty($data) ? null : $data; + } + + /** + * Returns the current line number (takes the offset into account). + * + * @return integer The current line number + */ + protected function getRealCurrentLineNb() + { + return $this->currentLineNb + $this->offset; + } + + /** + * Returns the current line indentation. + * + * @return integer The current line indentation + */ + protected function getCurrentLineIndentation() + { + return strlen($this->currentLine) - strlen(ltrim($this->currentLine, ' ')); + } + + /** + * Returns the next embed block of YAML. + * + * @param integer $indentation The indent level at which the block is to be read, or null for default + * + * @return string A YAML string + */ + protected function getNextEmbedBlock($indentation = null) + { + $this->moveToNextLine(); + + if (null === $indentation) + { + $newIndent = $this->getCurrentLineIndentation(); + + if (!$this->isCurrentLineEmpty() && 0 == $newIndent) + { + throw new InvalidArgumentException(sprintf('Indentation problem at line %d (%s)', $this->getRealCurrentLineNb() + 1, $this->currentLine)); + } + } + else + { + $newIndent = $indentation; + } + + $data = array(substr($this->currentLine, $newIndent)); + + while ($this->moveToNextLine()) + { + if ($this->isCurrentLineEmpty()) + { + if ($this->isCurrentLineBlank()) + { + $data[] = substr($this->currentLine, $newIndent); + } + + continue; + } + + $indent = $this->getCurrentLineIndentation(); + + if (preg_match('#^(?P *)$#', $this->currentLine, $match)) + { + // empty line + $data[] = $match['text']; + } + else if ($indent >= $newIndent) + { + $data[] = substr($this->currentLine, $newIndent); + } + else if (0 == $indent) + { + $this->moveToPreviousLine(); + + break; + } + else + { + throw new InvalidArgumentException(sprintf('Indentation problem at line %d (%s)', $this->getRealCurrentLineNb() + 1, $this->currentLine)); + } + } + + return implode("\n", $data); + } + + /** + * Moves the parser to the next line. + */ + protected function moveToNextLine() + { + if ($this->currentLineNb >= count($this->lines) - 1) + { + return false; + } + + $this->currentLine = $this->lines[++$this->currentLineNb]; + + return true; + } + + /** + * Moves the parser to the previous line. + */ + protected function moveToPreviousLine() + { + $this->currentLine = $this->lines[--$this->currentLineNb]; + } + + /** + * Parses a YAML value. + * + * @param string $value A YAML value + * + * @return mixed A PHP value + */ + protected function parseValue($value) + { + if ('*' === substr($value, 0, 1)) + { + if (false !== $pos = strpos($value, '#')) + { + $value = substr($value, 1, $pos - 2); + } + else + { + $value = substr($value, 1); + } + + if (!array_key_exists($value, $this->refs)) + { + throw new InvalidArgumentException(sprintf('Reference "%s" does not exist (%s).', $value, $this->currentLine)); + } + return $this->refs[$value]; + } + + if (preg_match('/^(?P\||>)(?P\+|\-|\d+|\+\d+|\-\d+|\d+\+|\d+\-)?(?P +#.*)?$/', $value, $matches)) + { + $modifiers = isset($matches['modifiers']) ? $matches['modifiers'] : ''; + + return $this->parseFoldedScalar($matches['separator'], preg_replace('#\d+#', '', $modifiers), intval(abs($modifiers))); + } + else + { + return sfYamlInline::load($value); + } + } + + /** + * Parses a folded scalar. + * + * @param string $separator The separator that was used to begin this folded scalar (| or >) + * @param string $indicator The indicator that was used to begin this folded scalar (+ or -) + * @param integer $indentation The indentation that was used to begin this folded scalar + * + * @return string The text value + */ + protected function parseFoldedScalar($separator, $indicator = '', $indentation = 0) + { + $separator = '|' == $separator ? "\n" : ' '; + $text = ''; + + $notEOF = $this->moveToNextLine(); + + while ($notEOF && $this->isCurrentLineBlank()) + { + $text .= "\n"; + + $notEOF = $this->moveToNextLine(); + } + + if (!$notEOF) + { + return ''; + } + + if (!preg_match('#^(?P'.($indentation ? str_repeat(' ', $indentation) : ' +').')(?P.*)$#', $this->currentLine, $matches)) + { + $this->moveToPreviousLine(); + + return ''; + } + + $textIndent = $matches['indent']; + $previousIndent = 0; + + $text .= $matches['text'].$separator; + while ($this->currentLineNb + 1 < count($this->lines)) + { + $this->moveToNextLine(); + + if (preg_match('#^(?P {'.strlen($textIndent).',})(?P.+)$#', $this->currentLine, $matches)) + { + if (' ' == $separator && $previousIndent != $matches['indent']) + { + $text = substr($text, 0, -1)."\n"; + } + $previousIndent = $matches['indent']; + + $text .= str_repeat(' ', $diff = strlen($matches['indent']) - strlen($textIndent)).$matches['text'].($diff ? "\n" : $separator); + } + else if (preg_match('#^(?P *)$#', $this->currentLine, $matches)) + { + $text .= preg_replace('#^ {1,'.strlen($textIndent).'}#', '', $matches['text'])."\n"; + } + else + { + $this->moveToPreviousLine(); + + break; + } + } + + if (' ' == $separator) + { + // replace last separator by a newline + $text = preg_replace('/ (\n*)$/', "\n$1", $text); + } + + switch ($indicator) + { + case '': + $text = preg_replace('#\n+$#s', "\n", $text); + break; + case '+': + break; + case '-': + $text = preg_replace('#\n+$#s', '', $text); + break; + } + + return $text; + } + + /** + * Returns true if the next line is indented. + * + * @return Boolean Returns true if the next line is indented, false otherwise + */ + protected function isNextLineIndented() + { + $currentIndentation = $this->getCurrentLineIndentation(); + $notEOF = $this->moveToNextLine(); + + while ($notEOF && $this->isCurrentLineEmpty()) + { + $notEOF = $this->moveToNextLine(); + } + + if (false === $notEOF) + { + return false; + } + + $ret = false; + if ($this->getCurrentLineIndentation() <= $currentIndentation) + { + $ret = true; + } + + $this->moveToPreviousLine(); + + return $ret; + } + + /** + * Returns true if the current line is blank or if it is a comment line. + * + * @return Boolean Returns true if the current line is empty or if it is a comment line, false otherwise + */ + protected function isCurrentLineEmpty() + { + return $this->isCurrentLineBlank() || $this->isCurrentLineComment(); + } + + /** + * Returns true if the current line is blank. + * + * @return Boolean Returns true if the current line is blank, false otherwise + */ + protected function isCurrentLineBlank() + { + return '' == trim($this->currentLine, ' '); + } + + /** + * Returns true if the current line is a comment line. + * + * @return Boolean Returns true if the current line is a comment line, false otherwise + */ + protected function isCurrentLineComment() + { + //checking explicitly the first char of the trim is faster than loops or strpos + $ltrimmedLine = ltrim($this->currentLine, ' '); + return $ltrimmedLine[0] === '#'; + } + + /** + * Cleanups a YAML string to be parsed. + * + * @param string $value The input YAML string + * + * @return string A cleaned up YAML string + */ + protected function cleanup($value) + { + $value = str_replace(array("\r\n", "\r"), "\n", $value); + + if (!preg_match("#\n$#", $value)) + { + $value .= "\n"; + } + + // strip YAML header + $count = 0; + $value = preg_replace('#^\%YAML[: ][\d\.]+.*\n#s', '', $value, -1, $count); + $this->offset += $count; + + // remove leading comments and/or --- + $trimmedValue = preg_replace('#^((\#.*?\n)|(\-\-\-.*?\n))*#s', '', $value, -1, $count); + if ($count == 1) + { + // items have been removed, update the offset + $this->offset += substr_count($value, "\n") - substr_count($trimmedValue, "\n"); + $value = $trimmedValue; + } + + return $value; + } +} diff --git a/3rdparty/aws-sdk/sdk.class.php b/3rdparty/aws-sdk/sdk.class.php new file mode 100755 index 00000000000..4e171b027cb --- /dev/null +++ b/3rdparty/aws-sdk/sdk.class.php @@ -0,0 +1,1434 @@ +). + */ + public $utilities_class = 'CFUtilities'; + + /** + * The default class to use for HTTP requests (defaults to ). + */ + public $request_class = 'CFRequest'; + + /** + * The default class to use for HTTP responses (defaults to ). + */ + public $response_class = 'CFResponse'; + + /** + * The default class to use for parsing XML (defaults to ). + */ + public $parser_class = 'CFSimpleXML'; + + /** + * The default class to use for handling batch requests (defaults to ). + */ + public $batch_class = 'CFBatchRequest'; + + /** + * The state of SSL/HTTPS use. + */ + public $use_ssl = true; + + /** + * The state of SSL certificate verification. + */ + public $ssl_verification = true; + + /** + * The proxy to use for connecting. + */ + public $proxy = null; + + /** + * The alternate hostname to use, if any. + */ + public $hostname = null; + + /** + * The state of the capability to override the hostname with . + */ + public $override_hostname = true; + + /** + * The alternate port number to use, if any. + */ + public $port_number = null; + + /** + * The alternate resource prefix to use, if any. + */ + public $resource_prefix = null; + + /** + * The state of cache flow usage. + */ + public $use_cache_flow = false; + + /** + * The caching class to use. + */ + public $cache_class = null; + + /** + * The caching location to use. + */ + public $cache_location = null; + + /** + * When the cache should be considered stale. + */ + public $cache_expires = null; + + /** + * The state of cache compression. + */ + public $cache_compress = null; + + /** + * The current instantiated cache object. + */ + public $cache_object = null; + + /** + * The current instantiated batch request object. + */ + public $batch_object = null; + + /** + * The internally instantiated batch request object. + */ + public $internal_batch_object = null; + + /** + * The state of batch flow usage. + */ + public $use_batch_flow = false; + + /** + * The state of the cache deletion setting. + */ + public $delete_cache = false; + + /** + * The state of the debug mode setting. + */ + public $debug_mode = false; + + /** + * The number of times to retry failed requests. + */ + public $max_retries = 3; + + /** + * The user-defined callback function to call when a stream is read from. + */ + public $registered_streaming_read_callback = null; + + /** + * The user-defined callback function to call when a stream is written to. + */ + public $registered_streaming_write_callback = null; + + /** + * The credentials to use for authentication. + */ + public $credentials = array(); + + /** + * The authentication class to use. + */ + public $auth_class = null; + + /** + * The operation to execute. + */ + public $operation = null; + + /** + * The payload to send. + */ + public $payload = array(); + + /** + * The string prefix to prepend to the operation name. + */ + public $operation_prefix = ''; + + /** + * The number of times a request has been retried. + */ + public $redirects = 0; + + /** + * The state of whether the response should be parsed or not. + */ + public $parse_the_response = true; + + + /*%******************************************************************************************%*/ + // CONSTRUCTOR + + /** + * The constructor. This class should not be instantiated directly. Rather, a service-specific class + * should be instantiated. + * + * @param array $options (Optional) An associative array of parameters that can have the following keys:

certificate_authority - boolean - Optional - Determines which Cerificate Authority file to use. A value of boolean false will use the Certificate Authority file available on the system. A value of boolean true will use the Certificate Authority provided by the SDK. Passing a file system path to a Certificate Authority file (chmodded to 0755) will use that. Leave this set to false if you're not sure.
credentials - string - Optional - The name of the credential set to use for authentication.
default_cache_config - string - Optional - This option allows a preferred storage type to be configured for long-term caching. This can be changed later using the method. Valid values are: apc, xcache, or a file system path such as ./cache or /tmp/cache/.
key - string - Optional - Your AWS key, or a session key. If blank, the default credential set will be used.
secret - string - Optional - Your AWS secret key, or a session secret key. If blank, the default credential set will be used.
token - string - Optional - An AWS session token.

+ * @return void + */ + public function __construct(array $options = array()) + { + // Instantiate the utilities class. + $this->util = new $this->utilities_class(); + + // Determine the current service. + $this->service = get_class($this); + + // Create credentials based on the options + $instance_credentials = new CFCredential($options); + + // Retreive a credential set from config.inc.php if it exists + if (isset($options['credentials'])) + { + // Use a specific credential set and merge with the instance credentials + $this->credentials = CFCredentials::get($options['credentials']) + ->merge($instance_credentials); + } + else + { + try + { + // Use the default credential set and merge with the instance credentials + $this->credentials = CFCredentials::get(CFCredentials::DEFAULT_KEY) + ->merge($instance_credentials); + } + catch (CFCredentials_Exception $e) + { + if (isset($options['key']) && isset($options['secret'])) + { + // Only the instance credentials were provided + $this->credentials = $instance_credentials; + } + else + { + // No credentials provided in the config file or constructor + throw new CFCredentials_Exception('No credentials were provided to ' . $this->service . '.'); + } + } + } + + // Set internal credentials after they are resolved + $this->key = $this->credentials->key; + $this->secret_key = $this->credentials->secret; + $this->auth_token = $this->credentials->token; + + // Automatically enable whichever caching mechanism is set to default. + $this->set_cache_config($this->credentials->default_cache_config); + } + + /** + * Alternate approach to constructing a new instance. Supports chaining. + * + * @param array $options (Optional) An associative array of parameters that can have the following keys:

certificate_authority - boolean - Optional - Determines which Cerificate Authority file to use. A value of boolean false will use the Certificate Authority file available on the system. A value of boolean true will use the Certificate Authority provided by the SDK. Passing a file system path to a Certificate Authority file (chmodded to 0755) will use that. Leave this set to false if you're not sure.
credentials - string - Optional - The name of the credential set to use for authentication.
default_cache_config - string - Optional - This option allows a preferred storage type to be configured for long-term caching. This can be changed later using the method. Valid values are: apc, xcache, or a file system path such as ./cache or /tmp/cache/.
key - string - Optional - Your AWS key, or a session key. If blank, the default credential set will be used.
secret - string - Optional - Your AWS secret key, or a session secret key. If blank, the default credential set will be used.
token - string - Optional - An AWS session token.

+ * @return void + */ + public static function factory(array $options = array()) + { + if (version_compare(PHP_VERSION, '5.3.0', '<')) + { + throw new Exception('PHP 5.3 or newer is required to instantiate a new class with CLASS::factory().'); + } + + $self = get_called_class(); + return new $self($options); + } + + + /*%******************************************************************************************%*/ + // MAGIC METHODS + + /** + * A magic method that allows `camelCase` method names to be translated into `snake_case` names. + * + * @param string $name (Required) The name of the method. + * @param array $arguments (Required) The arguments passed to the method. + * @return mixed The results of the intended method. + */ + public function __call($name, $arguments) + { + // Convert camelCase method calls to snake_case. + $method_name = strtolower(preg_replace('/([a-z])([A-Z])/', '$1_$2', $name)); + + if (method_exists($this, $method_name)) + { + return call_user_func_array(array($this, $method_name), $arguments); + } + + throw new CFRuntime_Exception('The method ' . $name . '() is undefined. Attempted to map to ' . $method_name . '() which is also undefined. Error occurred'); + } + + + /*%******************************************************************************************%*/ + // SET CUSTOM SETTINGS + + /** + * Set the proxy settings to use. + * + * @param string $proxy (Required) Accepts proxy credentials in the following format: `proxy://user:pass@hostname:port` + * @return $this A reference to the current instance. + */ + public function set_proxy($proxy) + { + $this->proxy = $proxy; + return $this; + } + + /** + * Set the hostname to connect to. This is useful for alternate services that are API-compatible with + * AWS, but run from a different hostname. + * + * @param string $hostname (Required) The alternate hostname to use in place of the default one. Useful for mock or test applications living on different hostnames. + * @param integer $port_number (Optional) The alternate port number to use in place of the default one. Useful for mock or test applications living on different port numbers. + * @return $this A reference to the current instance. + */ + public function set_hostname($hostname, $port_number = null) + { + if ($this->override_hostname) + { + $this->hostname = $hostname; + + if ($port_number) + { + $this->port_number = $port_number; + $this->hostname .= ':' . (string) $this->port_number; + } + } + + return $this; + } + + /** + * Set the resource prefix to use. This method is useful for alternate services that are API-compatible + * with AWS. + * + * @param string $prefix (Required) An alternate prefix to prepend to the resource path. Useful for mock or test applications. + * @return $this A reference to the current instance. + */ + public function set_resource_prefix($prefix) + { + $this->resource_prefix = $prefix; + return $this; + } + + /** + * Disables any subsequent use of the method. + * + * @param boolean $override (Optional) Whether or not subsequent calls to should be obeyed. A `false` value disables the further effectiveness of . Defaults to `true`. + * @return $this A reference to the current instance. + */ + public function allow_hostname_override($override = true) + { + $this->override_hostname = $override; + return $this; + } + + /** + * Disables SSL/HTTPS connections for hosts that don't support them. Some services, however, still + * require SSL support. + * + * This method will throw a user warning when invoked, which can be hidden by changing your + * settings. + * + * @return $this A reference to the current instance. + */ + public function disable_ssl() + { + trigger_error('Disabling SSL connections is potentially unsafe and highly discouraged.', E_USER_WARNING); + $this->use_ssl = false; + return $this; + } + + /** + * Disables the verification of the SSL Certificate Authority. Doing so can enable an attacker to carry + * out a man-in-the-middle attack. + * + * https://secure.wikimedia.org/wikipedia/en/wiki/Man-in-the-middle_attack + * + * This method will throw a user warning when invoked, which can be hidden by changing your + * settings. + * + * @return $this A reference to the current instance. + */ + public function disable_ssl_verification($ssl_verification = false) + { + trigger_error('Disabling the verification of SSL certificates can lead to man-in-the-middle attacks. It is potentially unsafe and highly discouraged.', E_USER_WARNING); + $this->ssl_verification = $ssl_verification; + return $this; + } + + /** + * Enables HTTP request/response header logging to `STDERR`. + * + * @param boolean $enabled (Optional) Whether or not to enable debug mode. Defaults to `true`. + * @return $this A reference to the current instance. + */ + public function enable_debug_mode($enabled = true) + { + $this->debug_mode = $enabled; + return $this; + } + + /** + * Sets the maximum number of times to retry failed requests. + * + * @param integer $retries (Optional) The maximum number of times to retry failed requests. Defaults to `3`. + * @return $this A reference to the current instance. + */ + public function set_max_retries($retries = 3) + { + $this->max_retries = $retries; + return $this; + } + + /** + * Set the caching configuration to use for response caching. + * + * @param string $location (Required)

The location to store the cache object in. This may vary by cache method.

File - The local file system paths such as ./cache (relative) or /tmp/cache/ (absolute). The location must be server-writable.
APC - Pass in apc to use this lightweight cache. You must have the APC extension installed.
XCache - Pass in xcache to use this lightweight cache. You must have the XCache extension installed.
Memcached - Pass in an indexed array of associative arrays. Each associative array should have a host and a port value representing a Memcached server to connect to.
PDO - A URL-style string (e.g. pdo.mysql://user:pass@localhost/cache) or a standard DSN-style string (e.g. pdo.sqlite:/sqlite/cache.db). MUST be prefixed with pdo.. See CachePDO and PDO for more details.

+ * @param boolean $gzip (Optional) Whether or not data should be gzipped before being stored. A value of `true` will compress the contents before caching them. A value of `false` will leave the contents uncompressed. Defaults to `true`. + * @return $this A reference to the current instance. + */ + public function set_cache_config($location, $gzip = true) + { + // If we have an array, we're probably passing in Memcached servers and ports. + if (is_array($location)) + { + $this->cache_class = 'CacheMC'; + } + else + { + // I would expect locations like `/tmp/cache`, `pdo.mysql://user:pass@hostname:port`, `pdo.sqlite:memory:`, and `apc`. + $type = strtolower(substr($location, 0, 3)); + switch ($type) + { + case 'apc': + $this->cache_class = 'CacheAPC'; + break; + + case 'xca': // First three letters of `xcache` + $this->cache_class = 'CacheXCache'; + break; + + case 'pdo': + $this->cache_class = 'CachePDO'; + $location = substr($location, 4); + break; + + default: + $this->cache_class = 'CacheFile'; + break; + } + } + + // Set the remaining cache information. + $this->cache_location = $location; + $this->cache_compress = $gzip; + + return $this; + } + + /** + * Register a callback function to execute whenever a data stream is read from using + * . + * + * The user-defined callback function should accept three arguments: + * + *

$curl_handle - resource - Required - The cURL handle resource that represents the in-progress transfer.
$file_handle - resource - Required - The file handle resource that represents the file on the local file system.
$length - integer - Required - The length in kilobytes of the data chunk that was transferred.

+ * + * @param string|array|function $callback (Required) The callback function is called by , so you can pass the following values:

The name of a global function to execute, passed as a string.
A method to execute, passed as array('ClassName', 'MethodName').
An anonymous function (PHP 5.3+).

+ * @return $this A reference to the current instance. + */ + public function register_streaming_read_callback($callback) + { + $this->registered_streaming_read_callback = $callback; + return $this; + } + + /** + * Register a callback function to execute whenever a data stream is written to using + * . + * + * The user-defined callback function should accept two arguments: + * + *

$curl_handle - resource - Required - The cURL handle resource that represents the in-progress transfer.
$length - integer - Required - The length in kilobytes of the data chunk that was transferred.

+ * + * @param string|array|function $callback (Required) The callback function is called by , so you can pass the following values:

The name of a global function to execute, passed as a string.
A method to execute, passed as array('ClassName', 'MethodName').
An anonymous function (PHP 5.3+).

+ * @return $this A reference to the current instance. + */ + public function register_streaming_write_callback($callback) + { + $this->registered_streaming_write_callback = $callback; + return $this; + } + + /** + * Fetches and caches STS credentials. This is meant to be used by the constructor, and is not to be + * manually invoked. + * + * @param CacheCore $cache (Required) The a reference to the cache object that is being used to handle the caching. + * @param array $options (Required) The options that were passed into the constructor. + * @return mixed The data to be cached, or NULL. + */ + public function cache_sts_credentials($cache, $options) + { + $token = new AmazonSTS($options); + $response = $token->get_session_token(); + + if ($response->isOK()) + { + // Update the expiration + $expiration_time = strtotime((string) $response->body->GetSessionTokenResult->Credentials->Expiration); + $expiration_duration = round(($expiration_time - time()) * 0.85); + $cache->expire_in($expiration_duration); + + // Return the important data + return array( + 'key' => (string) $response->body->GetSessionTokenResult->Credentials->AccessKeyId, + 'secret' => (string) $response->body->GetSessionTokenResult->Credentials->SecretAccessKey, + 'token' => (string) $response->body->GetSessionTokenResult->Credentials->SessionToken, + 'expires' => (string) $response->body->GetSessionTokenResult->Credentials->Expiration, + ); + } + + return null; + } + + + /*%******************************************************************************************%*/ + // SET CUSTOM CLASSES + + /** + * Set a custom class for this functionality. Use this method when extending/overriding existing classes + * with new functionality. + * + * The replacement class must extend from . + * + * @param string $class (Optional) The name of the new class to use for this functionality. + * @return $this A reference to the current instance. + */ + public function set_utilities_class($class = 'CFUtilities') + { + $this->utilities_class = $class; + $this->util = new $this->utilities_class(); + return $this; + } + + /** + * Set a custom class for this functionality. Use this method when extending/overriding existing classes + * with new functionality. + * + * The replacement class must extend from . + * + * @param string $class (Optional) The name of the new class to use for this functionality. + * @param $this A reference to the current instance. + */ + public function set_request_class($class = 'CFRequest') + { + $this->request_class = $class; + return $this; + } + + /** + * Set a custom class for this functionality. Use this method when extending/overriding existing classes + * with new functionality. + * + * The replacement class must extend from . + * + * @param string $class (Optional) The name of the new class to use for this functionality. + * @return $this A reference to the current instance. + */ + public function set_response_class($class = 'CFResponse') + { + $this->response_class = $class; + return $this; + } + + /** + * Set a custom class for this functionality. Use this method when extending/overriding existing classes + * with new functionality. + * + * The replacement class must extend from . + * + * @param string $class (Optional) The name of the new class to use for this functionality. + * @return $this A reference to the current instance. + */ + public function set_parser_class($class = 'CFSimpleXML') + { + $this->parser_class = $class; + return $this; + } + + /** + * Set a custom class for this functionality. Use this method when extending/overriding existing classes + * with new functionality. + * + * The replacement class must extend from . + * + * @param string $class (Optional) The name of the new class to use for this functionality. + * @return $this A reference to the current instance. + */ + public function set_batch_class($class = 'CFBatchRequest') + { + $this->batch_class = $class; + return $this; + } + + + /*%******************************************************************************************%*/ + // AUTHENTICATION + + /** + * Default, shared method for authenticating a connection to AWS. + * + * @param string $operation (Required) Indicates the operation to perform. + * @param array $payload (Required) An associative array of parameters for authenticating. See the individual methods for allowed keys. + * @return CFResponse Object containing a parsed HTTP response. + */ + public function authenticate($operation, $payload) + { + $original_payload = $payload; + $method_arguments = func_get_args(); + $curlopts = array(); + $return_curl_handle = false; + + if (substr($operation, 0, strlen($this->operation_prefix)) !== $this->operation_prefix) + { + $operation = $this->operation_prefix . $operation; + } + + // Extract the custom CURLOPT settings from the payload + if (is_array($payload) && isset($payload['curlopts'])) + { + $curlopts = $payload['curlopts']; + unset($payload['curlopts']); + } + + // Determine whether the response or curl handle should be returned + if (is_array($payload) && isset($payload['returnCurlHandle'])) + { + $return_curl_handle = isset($payload['returnCurlHandle']) ? $payload['returnCurlHandle'] : false; + unset($payload['returnCurlHandle']); + } + + // Use the caching flow to determine if we need to do a round-trip to the server. + if ($this->use_cache_flow) + { + // Generate an identifier specific to this particular set of arguments. + $cache_id = $this->key . '_' . get_class($this) . '_' . $operation . '_' . sha1(serialize($method_arguments)); + + // Instantiate the appropriate caching object. + $this->cache_object = new $this->cache_class($cache_id, $this->cache_location, $this->cache_expires, $this->cache_compress); + + if ($this->delete_cache) + { + $this->use_cache_flow = false; + $this->delete_cache = false; + return $this->cache_object->delete(); + } + + // Invoke the cache callback function to determine whether to pull data from the cache or make a fresh request. + $data = $this->cache_object->response_manager(array($this, 'cache_callback'), $method_arguments); + + // Parse the XML body + $data = $this->parse_callback($data); + + // End! + return $data; + } + + /*%******************************************************************************************%*/ + + // Signer + $signer = new $this->auth_class($this->hostname, $operation, $payload, $this->credentials); + $signer->key = $this->key; + $signer->secret_key = $this->secret_key; + $signer->auth_token = $this->auth_token; + $signer->api_version = $this->api_version; + $signer->utilities_class = $this->utilities_class; + $signer->request_class = $this->request_class; + $signer->response_class = $this->response_class; + $signer->use_ssl = $this->use_ssl; + $signer->proxy = $this->proxy; + $signer->util = $this->util; + $signer->registered_streaming_read_callback = $this->registered_streaming_read_callback; + $signer->registered_streaming_write_callback = $this->registered_streaming_write_callback; + $request = $signer->authenticate(); + + // Update RequestCore settings + $request->request_class = $this->request_class; + $request->response_class = $this->response_class; + $request->ssl_verification = $this->ssl_verification; + + /*%******************************************************************************************%*/ + + // Debug mode + if ($this->debug_mode) + { + $request->debug_mode = $this->debug_mode; + } + + // Set custom CURLOPT settings + if (count($curlopts)) + { + $request->set_curlopts($curlopts); + } + + // Manage the (newer) batch request API or the (older) returnCurlHandle setting. + if ($this->use_batch_flow) + { + $handle = $request->prep_request(); + $this->batch_object->add($handle); + $this->use_batch_flow = false; + + return $handle; + } + elseif ($return_curl_handle) + { + return $request->prep_request(); + } + + // Send! + $request->send_request(); + + // Prepare the response. + $headers = $request->get_response_header(); + $headers['x-aws-stringtosign'] = $signer->string_to_sign; + + if (isset($signer->canonical_request)) + { + $headers['x-aws-canonicalrequest'] = $signer->canonical_request; + } + + $headers['x-aws-request-headers'] = $request->request_headers; + $headers['x-aws-body'] = $signer->querystring; + + $data = new $this->response_class($headers, ($this->parse_the_response === true) ? $this->parse_callback($request->get_response_body()) : $request->get_response_body(), $request->get_response_code()); + + // Was it Amazon's fault the request failed? Retry the request until we reach $max_retries. + if ( + (integer) $request->get_response_code() === 500 || // Internal Error (presumably transient) + (integer) $request->get_response_code() === 503) // Service Unavailable (presumably transient) + { + if ($this->redirects <= $this->max_retries) + { + // Exponential backoff + $delay = (integer) (pow(4, $this->redirects) * 100000); + usleep($delay); + $this->redirects++; + $data = $this->authenticate($operation, $original_payload); + } + } + + // DynamoDB has custom logic + elseif ( + (integer) $request->get_response_code() === 400 && + stripos((string) $request->get_response_body(), 'com.amazonaws.dynamodb.') !== false && ( + stripos((string) $request->get_response_body(), 'ProvisionedThroughputExceededException') !== false + ) + ) + { + if ($this->redirects === 0) + { + $this->redirects++; + $data = $this->authenticate($operation, $original_payload); + } + elseif ($this->redirects <= max($this->max_retries, 10)) + { + // Exponential backoff + $delay = (integer) (pow(2, ($this->redirects - 1)) * 50000); + usleep($delay); + $this->redirects++; + $data = $this->authenticate($operation, $original_payload); + } + } + + $this->redirects = 0; + return $data; + } + + + /*%******************************************************************************************%*/ + // BATCH REQUEST LAYER + + /** + * Specifies that the intended request should be queued for a later batch request. + * + * @param CFBatchRequest $queue (Optional) The instance to use for managing batch requests. If not available, it generates a new instance of . + * @return $this A reference to the current instance. + */ + public function batch(CFBatchRequest &$queue = null) + { + if ($queue) + { + $this->batch_object = $queue; + } + elseif ($this->internal_batch_object) + { + $this->batch_object = &$this->internal_batch_object; + } + else + { + $this->internal_batch_object = new $this->batch_class(); + $this->batch_object = &$this->internal_batch_object; + } + + $this->use_batch_flow = true; + + return $this; + } + + /** + * Executes the batch request queue by sending all queued requests. + * + * @param boolean $clear_after_send (Optional) Whether or not to clear the batch queue after sending a request. Defaults to `true`. Set this to `false` if you are caching batch responses and want to retrieve results later. + * @return array An array of objects. + */ + public function send($clear_after_send = true) + { + if ($this->use_batch_flow) + { + // When we send the request, disable batch flow. + $this->use_batch_flow = false; + + // If we're not caching, simply send the request. + if (!$this->use_cache_flow) + { + $response = $this->batch_object->send(); + $parsed_data = array_map(array($this, 'parse_callback'), $response); + $parsed_data = new CFArray($parsed_data); + + // Clear the queue + if ($clear_after_send) + { + $this->batch_object->queue = array(); + } + + return $parsed_data; + } + + // Generate an identifier specific to this particular set of arguments. + $cache_id = $this->key . '_' . get_class($this) . '_' . sha1(serialize($this->batch_object)); + + // Instantiate the appropriate caching object. + $this->cache_object = new $this->cache_class($cache_id, $this->cache_location, $this->cache_expires, $this->cache_compress); + + if ($this->delete_cache) + { + $this->use_cache_flow = false; + $this->delete_cache = false; + return $this->cache_object->delete(); + } + + // Invoke the cache callback function to determine whether to pull data from the cache or make a fresh request. + $data_set = $this->cache_object->response_manager(array($this, 'cache_callback_batch'), array($this->batch_object)); + $parsed_data = array_map(array($this, 'parse_callback'), $data_set); + $parsed_data = new CFArray($parsed_data); + + // Clear the queue + if ($clear_after_send) + { + $this->batch_object->queue = array(); + } + + // End! + return $parsed_data; + } + + // Load the class + $null = new CFBatchRequest(); + unset($null); + + throw new CFBatchRequest_Exception('You must use $object->batch()->send()'); + } + + /** + * Parses a response body into a PHP object if appropriate. + * + * @param CFResponse|string $response (Required) The object to parse, or an XML string that would otherwise be a response body. + * @param string $content_type (Optional) The content-type to use when determining how to parse the content. + * @return CFResponse|string A parsed object, or parsed XML. + */ + public function parse_callback($response, $headers = null) + { + // Bail out + if (!$this->parse_the_response) return $response; + + // Shorten this so we have a (mostly) single code path + if (isset($response->body)) + { + if (is_string($response->body)) + { + $body = $response->body; + } + else + { + return $response; + } + } + elseif (is_string($response)) + { + $body = $response; + } + else + { + return $response; + } + + // Decompress gzipped content + if (isset($headers['content-encoding'])) + { + switch (strtolower(trim($headers['content-encoding'], "\x09\x0A\x0D\x20"))) + { + case 'gzip': + case 'x-gzip': + $decoder = new CFGzipDecode($body); + if ($decoder->parse()) + { + $body = $decoder->data; + } + break; + + case 'deflate': + if (($uncompressed = gzuncompress($body)) !== false) + { + $body = $uncompressed; + } + elseif (($uncompressed = gzinflate($body)) !== false) + { + $body = $uncompressed; + } + break; + } + } + + // Look for XML cues + if ( + (isset($headers['content-type']) && ($headers['content-type'] === 'text/xml' || $headers['content-type'] === 'application/xml')) || // We know it's XML + (!isset($headers['content-type']) && (stripos($body, '') === 0) || preg_match('/^<(\w*) xmlns="http(s?):\/\/(\w*).amazon(aws)?.com/im', $body)) // Sniff for XML + ) + { + // Strip the default XML namespace to simplify XPath expressions + $body = str_replace("xmlns=", "ns=", $body); + + try { + // Parse the XML body + $body = new $this->parser_class($body); + } + catch (Exception $e) + { + throw new Parser_Exception($e->getMessage()); + } + } + // Look for JSON cues + elseif ( + (isset($headers['content-type']) && ($headers['content-type'] === 'application/json') || $headers['content-type'] === 'application/x-amz-json-1.0') || // We know it's JSON + (!isset($headers['content-type']) && $this->util->is_json($body)) // Sniff for JSON + ) + { + // Normalize JSON to a CFSimpleXML object + $body = CFJSON::to_xml($body, $this->parser_class); + } + + // Put the parsed data back where it goes + if (isset($response->body)) + { + $response->body = $body; + } + else + { + $response = $body; + } + + return $response; + } + + + /*%******************************************************************************************%*/ + // CACHING LAYER + + /** + * Specifies that the resulting object should be cached according to the settings from + * . + * + * @param string|integer $expires (Required) The time the cache is to expire. Accepts a number of seconds as an integer, or an amount of time, as a string, that is understood by (e.g. "1 hour"). + * @param $this A reference to the current instance. + * @return $this + */ + public function cache($expires) + { + // Die if they haven't used set_cache_config(). + if (!$this->cache_class) + { + throw new CFRuntime_Exception('Must call set_cache_config() before using cache()'); + } + + if (is_string($expires)) + { + $expires = strtotime($expires); + $this->cache_expires = $expires - time(); + } + elseif (is_int($expires)) + { + $this->cache_expires = $expires; + } + + $this->use_cache_flow = true; + + return $this; + } + + /** + * The callback function that is executed when the cache doesn't exist or has expired. The response of + * this method is cached. Accepts identical parameters as the method. Never call this + * method directly -- it is used internally by the caching system. + * + * @param string $operation (Required) Indicates the operation to perform. + * @param array $payload (Required) An associative array of parameters for authenticating. See the individual methods for allowed keys. + * @return CFResponse A parsed HTTP response. + */ + public function cache_callback($operation, $payload) + { + // Disable the cache flow since it's already been handled. + $this->use_cache_flow = false; + + // Make the request + $response = $this->authenticate($operation, $payload); + + // If this is an XML document, convert it back to a string. + if (isset($response->body) && ($response->body instanceof SimpleXMLElement)) + { + $response->body = $response->body->asXML(); + } + + return $response; + } + + /** + * Used for caching the results of a batch request. Never call this method directly; it is used + * internally by the caching system. + * + * @param CFBatchRequest $batch (Required) The batch request object to send. + * @return CFResponse A parsed HTTP response. + */ + public function cache_callback_batch(CFBatchRequest $batch) + { + return $batch->send(); + } + + /** + * Deletes a cached object using the specified cache storage type. + * + * @return boolean A value of `true` if cached object exists and is successfully deleted, otherwise `false`. + */ + public function delete_cache() + { + $this->use_cache_flow = true; + $this->delete_cache = true; + + return $this; + } +} + + +/** + * Contains the functionality for auto-loading service classes. + */ +class CFLoader +{ + /*%******************************************************************************************%*/ + // AUTO-LOADER + + /** + * Automatically load classes that aren't included. + * + * @param string $class (Required) The classname to load. + * @return boolean Whether or not the file was successfully loaded. + */ + public static function autoloader($class) + { + $path = dirname(__FILE__) . DIRECTORY_SEPARATOR; + + // Amazon SDK classes + if (strstr($class, 'Amazon')) + { + if (file_exists($require_this = $path . 'services' . DIRECTORY_SEPARATOR . str_ireplace('Amazon', '', strtolower($class)) . '.class.php')) + { + require_once $require_this; + return true; + } + + return false; + } + + // Utility classes + elseif (strstr($class, 'CF')) + { + if (file_exists($require_this = $path . 'utilities' . DIRECTORY_SEPARATOR . str_ireplace('CF', '', strtolower($class)) . '.class.php')) + { + require_once $require_this; + return true; + } + + return false; + } + + // Load CacheCore + elseif (strstr($class, 'Cache')) + { + if (file_exists($require_this = $path . 'lib' . DIRECTORY_SEPARATOR . 'cachecore' . DIRECTORY_SEPARATOR . strtolower($class) . '.class.php')) + { + require_once $require_this; + return true; + } + + return false; + } + + // Load RequestCore + elseif (strstr($class, 'RequestCore') || strstr($class, 'ResponseCore')) + { + if (file_exists($require_this = $path . 'lib' . DIRECTORY_SEPARATOR . 'requestcore' . DIRECTORY_SEPARATOR . 'requestcore.class.php')) + { + require_once $require_this; + return true; + } + + return false; + } + + // Load array-to-domdocument + elseif (strstr($class, 'Array2DOM')) + { + if (file_exists($require_this = $path . 'lib' . DIRECTORY_SEPARATOR . 'dom' . DIRECTORY_SEPARATOR . 'ArrayToDOMDocument.php')) + { + require_once $require_this; + return true; + } + + return false; + } + + // Load Authentication Signers + elseif (strstr($class, 'Auth')) + { + if (file_exists($require_this = $path . 'authentication' . DIRECTORY_SEPARATOR . str_replace('auth', 'signature_', strtolower($class)) . '.class.php')) + { + require_once $require_this; + return true; + } + + return false; + } + + // Load Signer interface + elseif ($class === 'Signer') + { + if (!interface_exists('Signable', false) && + file_exists($require_this = $path . 'authentication' . DIRECTORY_SEPARATOR . 'signable.interface.php')) + { + require_once $require_this; + } + + if (file_exists($require_this = $path . 'authentication' . DIRECTORY_SEPARATOR . 'signer.abstract.php')) + { + require_once $require_this; + return true; + } + + return false; + } + + // Load Symfony YAML classes + elseif (strstr($class, 'sfYaml')) + { + if (file_exists($require_this = $path . 'lib' . DIRECTORY_SEPARATOR . 'yaml' . DIRECTORY_SEPARATOR . 'lib' . DIRECTORY_SEPARATOR . 'sfYaml.php')) + { + require_once $require_this; + return true; + } + + return false; + } + + return false; + } +} + +// Register the autoloader. +spl_autoload_register(array('CFLoader', 'autoloader')); + + +/*%******************************************************************************************%*/ +// CONFIGURATION + +// Look for include file in the same directory (e.g. `./config.inc.php`). +if (file_exists(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'config.inc.php')) +{ + include_once dirname(__FILE__) . DIRECTORY_SEPARATOR . 'config.inc.php'; +} +// Fallback to `~/.aws/sdk/config.inc.php` +else +{ + if (!isset($_ENV['HOME']) && isset($_SERVER['HOME'])) + { + $_ENV['HOME'] = $_SERVER['HOME']; + } + elseif (!isset($_ENV['HOME']) && !isset($_SERVER['HOME'])) + { + $_ENV['HOME'] = `cd ~ && pwd`; + if (!$_ENV['HOME']) + { + switch (strtolower(PHP_OS)) + { + case 'darwin': + $_ENV['HOME'] = '/Users/' . get_current_user(); + break; + + case 'windows': + case 'winnt': + case 'win32': + $_ENV['HOME'] = 'c:' . DIRECTORY_SEPARATOR . 'Documents and Settings' . DIRECTORY_SEPARATOR . get_current_user(); + break; + + default: + $_ENV['HOME'] = '/home/' . get_current_user(); + break; + } + } + } + + if (getenv('HOME') && file_exists(getenv('HOME') . DIRECTORY_SEPARATOR . '.aws' . DIRECTORY_SEPARATOR . 'sdk' . DIRECTORY_SEPARATOR . 'config.inc.php')) + { + include_once getenv('HOME') . DIRECTORY_SEPARATOR . '.aws' . DIRECTORY_SEPARATOR . 'sdk' . DIRECTORY_SEPARATOR . 'config.inc.php'; + } +} diff --git a/3rdparty/aws-sdk/services/s3.class.php b/3rdparty/aws-sdk/services/s3.class.php new file mode 100755 index 00000000000..2e9e1cd52b1 --- /dev/null +++ b/3rdparty/aws-sdk/services/s3.class.php @@ -0,0 +1,3979 @@ + for more information. + * + * @version 2012.01.17 + * @license See the included NOTICE.md file for more information. + * @copyright See the included NOTICE.md file for more information. + * @link http://aws.amazon.com/s3/ Amazon Simple Storage Service + * @link http://aws.amazon.com/documentation/s3/ Amazon Simple Storage Service documentation + */ +class AmazonS3 extends CFRuntime +{ + /*%******************************************************************************************%*/ + // REGIONAL ENDPOINTS + + /** + * Specify the queue URL for the US-Standard (Northern Virginia & Washington State) Region. + */ + const REGION_US_E1 = 's3.amazonaws.com'; + + /** + * Specify the queue URL for the US-Standard (Northern Virginia & Washington State) Region. + */ + const REGION_VIRGINIA = self::REGION_US_E1; + + /** + * Specify the queue URL for the US-Standard (Northern Virginia & Washington State) Region. + */ + const REGION_US_STANDARD = self::REGION_US_E1; + + /** + * Specify the queue URL for the US-West 1 (Northern California) Region. + */ + const REGION_US_W1 = 's3-us-west-1.amazonaws.com'; + + /** + * Specify the queue URL for the US-West 1 (Northern California) Region. + */ + const REGION_CALIFORNIA = self::REGION_US_W1; + + /** + * Specify the queue URL for the US-West 2 (Oregon) Region. + */ + const REGION_US_W2 = 's3-us-west-2.amazonaws.com'; + + /** + * Specify the queue URL for the US-West 2 (Oregon) Region. + */ + const REGION_OREGON = self::REGION_US_W2; + + /** + * Specify the queue URL for the EU (Ireland) Region. + */ + const REGION_EU_W1 = 's3-eu-west-1.amazonaws.com'; + + /** + * Specify the queue URL for the EU (Ireland) Region. + */ + const REGION_IRELAND = self::REGION_EU_W1; + + /** + * Specify the queue URL for the Asia Pacific (Singapore) Region. + */ + const REGION_APAC_SE1 = 's3-ap-southeast-1.amazonaws.com'; + + /** + * Specify the queue URL for the Asia Pacific (Singapore) Region. + */ + const REGION_SINGAPORE = self::REGION_APAC_SE1; + + /** + * Specify the queue URL for the Asia Pacific (Japan) Region. + */ + const REGION_APAC_NE1 = 's3-ap-northeast-1.amazonaws.com'; + + /** + * Specify the queue URL for the Asia Pacific (Japan) Region. + */ + const REGION_TOKYO = self::REGION_APAC_NE1; + + /** + * Specify the queue URL for the South America (Sao Paulo) Region. + */ + const REGION_SA_E1 = 's3-sa-east-1.amazonaws.com'; + + /** + * Specify the queue URL for the South America (Sao Paulo) Region. + */ + const REGION_SAO_PAULO = self::REGION_SA_E1; + + /** + * Specify the queue URL for the United States GovCloud Region. + */ + const REGION_US_GOV1 = 's3-us-gov-west-1.amazonaws.com'; + + /** + * Specify the queue URL for the United States GovCloud FIPS 140-2 Region. + */ + const REGION_US_GOV1_FIPS = 's3-fips-us-gov-west-1.amazonaws.com'; + + /** + * The default endpoint. + */ + const DEFAULT_URL = self::REGION_US_E1; + + + /*%******************************************************************************************%*/ + // REGIONAL WEBSITE ENDPOINTS + + /** + * Specify the queue URL for the US-Standard (Northern Virginia & Washington State) Website Region. + */ + const REGION_US_E1_WEBSITE = 's3-website-us-east-1.amazonaws.com'; + + /** + * Specify the queue URL for the US-Standard (Northern Virginia & Washington State) Website Region. + */ + const REGION_VIRGINIA_WEBSITE = self::REGION_US_E1_WEBSITE; + + /** + * Specify the queue URL for the US-Standard (Northern Virginia & Washington State) Website Region. + */ + const REGION_US_STANDARD_WEBSITE = self::REGION_US_E1_WEBSITE; + + /** + * Specify the queue URL for the US-West 1 (Northern California) Website Region. + */ + const REGION_US_W1_WEBSITE = 's3-website-us-west-1.amazonaws.com'; + + /** + * Specify the queue URL for the US-West 1 (Northern California) Website Region. + */ + const REGION_CALIFORNIA_WEBSITE = self::REGION_US_W1_WEBSITE; + + /** + * Specify the queue URL for the US-West 2 (Oregon) Website Region. + */ + const REGION_US_W2_WEBSITE = 's3-website-us-west-2.amazonaws.com'; + + /** + * Specify the queue URL for the US-West 2 (Oregon) Website Region. + */ + const REGION_OREGON_WEBSITE = self::REGION_US_W2_WEBSITE; + + /** + * Specify the queue URL for the EU (Ireland) Website Region. + */ + const REGION_EU_W1_WEBSITE = 's3-website-eu-west-1.amazonaws.com'; + + /** + * Specify the queue URL for the EU (Ireland) Website Region. + */ + const REGION_IRELAND_WEBSITE = self::REGION_EU_W1_WEBSITE; + + /** + * Specify the queue URL for the Asia Pacific (Singapore) Website Region. + */ + const REGION_APAC_SE1_WEBSITE = 's3-website-ap-southeast-1.amazonaws.com'; + + /** + * Specify the queue URL for the Asia Pacific (Singapore) Website Region. + */ + const REGION_SINGAPORE_WEBSITE = self::REGION_APAC_SE1_WEBSITE; + + /** + * Specify the queue URL for the Asia Pacific (Japan) Website Region. + */ + const REGION_APAC_NE1_WEBSITE = 's3-website-ap-northeast-1.amazonaws.com'; + + /** + * Specify the queue URL for the Asia Pacific (Japan) Website Region. + */ + const REGION_TOKYO_WEBSITE = self::REGION_APAC_NE1_WEBSITE; + + /** + * Specify the queue URL for the South America (Sao Paulo) Website Region. + */ + const REGION_SA_E1_WEBSITE = 's3-website-sa-east-1.amazonaws.com'; + + /** + * Specify the queue URL for the South America (Sao Paulo) Website Region. + */ + const REGION_SAO_PAULO_WEBSITE = self::REGION_SA_E1_WEBSITE; + + /** + * Specify the queue URL for the United States GovCloud Website Region. + */ + const REGION_US_GOV1_WEBSITE = 's3-website-us-gov-west-1.amazonaws.com'; + + + /*%******************************************************************************************%*/ + // ACL + + /** + * ACL: Owner-only read/write. + */ + const ACL_PRIVATE = 'private'; + + /** + * ACL: Owner read/write, public read. + */ + const ACL_PUBLIC = 'public-read'; + + /** + * ACL: Public read/write. + */ + const ACL_OPEN = 'public-read-write'; + + /** + * ACL: Owner read/write, authenticated read. + */ + const ACL_AUTH_READ = 'authenticated-read'; + + /** + * ACL: Bucket owner read. + */ + const ACL_OWNER_READ = 'bucket-owner-read'; + + /** + * ACL: Bucket owner full control. + */ + const ACL_OWNER_FULL_CONTROL = 'bucket-owner-full-control'; + + + /*%******************************************************************************************%*/ + // GRANTS + + /** + * When applied to a bucket, grants permission to list the bucket. When applied to an object, this + * grants permission to read the object data and/or metadata. + */ + const GRANT_READ = 'READ'; + + /** + * When applied to a bucket, grants permission to create, overwrite, and delete any object in the + * bucket. This permission is not supported for objects. + */ + const GRANT_WRITE = 'WRITE'; + + /** + * Grants permission to read the ACL for the applicable bucket or object. The owner of a bucket or + * object always has this permission implicitly. + */ + const GRANT_READ_ACP = 'READ_ACP'; + + /** + * Gives permission to overwrite the ACP for the applicable bucket or object. The owner of a bucket + * or object always has this permission implicitly. Granting this permission is equivalent to granting + * FULL_CONTROL because the grant recipient can make any changes to the ACP. + */ + const GRANT_WRITE_ACP = 'WRITE_ACP'; + + /** + * Provides READ, WRITE, READ_ACP, and WRITE_ACP permissions. It does not convey additional rights and + * is provided only for convenience. + */ + const GRANT_FULL_CONTROL = 'FULL_CONTROL'; + + + /*%******************************************************************************************%*/ + // USERS + + /** + * The "AuthenticatedUsers" group for access control policies. + */ + const USERS_AUTH = 'http://acs.amazonaws.com/groups/global/AuthenticatedUsers'; + + /** + * The "AllUsers" group for access control policies. + */ + const USERS_ALL = 'http://acs.amazonaws.com/groups/global/AllUsers'; + + /** + * The "LogDelivery" group for access control policies. + */ + const USERS_LOGGING = 'http://acs.amazonaws.com/groups/s3/LogDelivery'; + + + /*%******************************************************************************************%*/ + // PATTERNS + + /** + * PCRE: Match all items + */ + const PCRE_ALL = '/.*/i'; + + + /*%******************************************************************************************%*/ + // STORAGE + + /** + * Standard storage redundancy. + */ + const STORAGE_STANDARD = 'STANDARD'; + + /** + * Reduced storage redundancy. + */ + const STORAGE_REDUCED = 'REDUCED_REDUNDANCY'; + + + /*%******************************************************************************************%*/ + // PROPERTIES + + /** + * The request URL. + */ + public $request_url; + + /** + * The virtual host setting. + */ + public $vhost; + + /** + * The base XML elements to use for access control policy methods. + */ + public $base_acp_xml; + + /** + * The base XML elements to use for creating buckets in regions. + */ + public $base_location_constraint; + + /** + * The base XML elements to use for logging methods. + */ + public $base_logging_xml; + + /** + * The base XML elements to use for notifications. + */ + public $base_notification_xml; + + /** + * The base XML elements to use for versioning. + */ + public $base_versioning_xml; + + /** + * The base XML elements to use for completing a multipart upload. + */ + public $complete_mpu_xml; + + /** + * The base XML elements to use for website support. + */ + public $website_config_xml; + + /** + * The base XML elements to use for multi-object delete support. + */ + public $multi_object_delete_xml; + + /** + * The base XML elements to use for object expiration support. + */ + public $object_expiration_xml; + + /** + * The DNS vs. Path-style setting. + */ + public $path_style = false; + + /** + * The state of whether the prefix change is temporary or permanent. + */ + public $temporary_prefix = false; + + + /*%******************************************************************************************%*/ + // CONSTRUCTOR + + /** + * Constructs a new instance of . + * + * @param array $options (Optional) An associative array of parameters that can have the following keys:

certificate_authority - boolean - Optional - Determines which Cerificate Authority file to use. A value of boolean false will use the Certificate Authority file available on the system. A value of boolean true will use the Certificate Authority provided by the SDK. Passing a file system path to a Certificate Authority file (chmodded to 0755) will use that. Leave this set to false if you're not sure.
credentials - string - Optional - The name of the credential set to use for authentication.
default_cache_config - string - Optional - This option allows a preferred storage type to be configured for long-term caching. This can be changed later using the method. Valid values are: apc, xcache, or a file system path such as ./cache or /tmp/cache/.
key - string - Optional - Your AWS key, or a session key. If blank, the default credential set will be used.
secret - string - Optional - Your AWS secret key, or a session secret key. If blank, the default credential set will be used.
token - string - Optional - An AWS session token.

+ * @return void + */ + public function __construct(array $options = array()) + { + $this->vhost = null; + $this->api_version = '2006-03-01'; + $this->hostname = self::DEFAULT_URL; + + $this->base_acp_xml = ''; + $this->base_location_constraint = ''; + $this->base_logging_xml = ''; + $this->base_notification_xml = ''; + $this->base_versioning_xml = ''; + $this->complete_mpu_xml = ''; + $this->website_config_xml = 'index.htmlerror.html'; + $this->multi_object_delete_xml = ''; + $this->object_expiration_xml = ''; + + parent::__construct($options); + } + + + /*%******************************************************************************************%*/ + // AUTHENTICATION + + /** + * Authenticates a connection to Amazon S3. Do not use directly unless implementing custom methods for + * this class. + * + * @param string $operation (Required) The name of the bucket to operate on (S3 Only). + * @param array $payload (Required) An associative array of parameters for authenticating. See inline comments for allowed keys. + * @return CFResponse A object containing a parsed HTTP response. + * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/S3_Authentication.html REST authentication + */ + public function authenticate($operation, $payload) + { + /* + * Overriding or extending this class? You can pass the following "magic" keys into $opt. + * + * ## verb, resource, sub_resource and query_string ## + * /?& + * GET /filename.txt?versions&prefix=abc&max-items=1 + * + * ## versionId, uploadId, partNumber, response-* ## + * These don't follow the same rules as above, in that the they needs to be signed, while + * other query_string values do not. + * + * ## curlopts ## + * These values get passed directly to the cURL methods in RequestCore. + * + * ## fileUpload, fileDownload, seekTo ## + * These are slightly modified and then passed to the cURL methods in RequestCore. + * + * ## headers ## + * $opt['headers'] is an array, whose keys are HTTP headers to be sent. + * + * ## body ## + * This is the request body that is sent to the server via PUT/POST. + * + * ## preauth ## + * This is a hook that tells authenticate() to generate a pre-authenticated URL. + * + * ## returnCurlHandle ## + * Tells authenticate() to return the cURL handle for the request instead of executing it. + */ + + // Rename variables (to overcome inheritence issues) + $bucket = $operation; + $opt = $payload; + + // Validate the S3 bucket name + if (!$this->validate_bucketname_support($bucket)) + { + // @codeCoverageIgnoreStart + throw new S3_Exception('S3 does not support "' . $bucket . '" as a valid bucket name. Review "Bucket Restrictions and Limitations" in the S3 Developer Guide for more information.'); + // @codeCoverageIgnoreEnd + } + + // Die if $opt isn't set. + if (!$opt) return false; + + $method_arguments = func_get_args(); + + // Use the caching flow to determine if we need to do a round-trip to the server. + if ($this->use_cache_flow) + { + // Generate an identifier specific to this particular set of arguments. + $cache_id = $this->key . '_' . get_class($this) . '_' . $bucket . '_' . sha1(serialize($method_arguments)); + + // Instantiate the appropriate caching object. + $this->cache_object = new $this->cache_class($cache_id, $this->cache_location, $this->cache_expires, $this->cache_compress); + + if ($this->delete_cache) + { + $this->use_cache_flow = false; + $this->delete_cache = false; + return $this->cache_object->delete(); + } + + // Invoke the cache callback function to determine whether to pull data from the cache or make a fresh request. + $data = $this->cache_object->response_manager(array($this, 'cache_callback'), $method_arguments); + + if ($this->parse_the_response) + { + // Parse the XML body + $data = $this->parse_callback($data); + } + + // End! + return $data; + } + + // If we haven't already set a resource prefix and the bucket name isn't DNS-valid... + if ((!$this->resource_prefix && !$this->validate_bucketname_create($bucket)) || $this->path_style) + { + // Fall back to the older path-style URI + $this->set_resource_prefix('/' . $bucket); + $this->temporary_prefix = true; + } + + // Determine hostname + $scheme = $this->use_ssl ? 'https://' : 'http://'; + if ($this->resource_prefix || $this->path_style) // Use bucket-in-path method. + { + $hostname = $this->hostname . $this->resource_prefix . (($bucket === '' || $this->resource_prefix === '/' . $bucket) ? '' : ('/' . $bucket)); + } + else + { + $hostname = $this->vhost ? $this->vhost : (($bucket === '') ? $this->hostname : ($bucket . '.') . $this->hostname); + } + + // Get the UTC timestamp in RFC 2616 format + $date = gmdate(CFUtilities::DATE_FORMAT_RFC2616, time()); + + // Storage for request parameters. + $resource = ''; + $sub_resource = ''; + $querystringparams = array(); + $signable_querystringparams = array(); + $string_to_sign = ''; + $headers = array( + 'Content-MD5' => '', + 'Content-Type' => 'application/x-www-form-urlencoded', + 'Date' => $date + ); + + /*%******************************************************************************************%*/ + + // Do we have an authentication token? + if ($this->auth_token) + { + $headers['X-Amz-Security-Token'] = $this->auth_token; + } + + // Handle specific resources + if (isset($opt['resource'])) + { + $resource .= $opt['resource']; + } + + // Merge query string values + if (isset($opt['query_string'])) + { + $querystringparams = array_merge($querystringparams, $opt['query_string']); + } + $query_string = $this->util->to_query_string($querystringparams); + + // Merge the signable query string values. Must be alphabetical. + $signable_list = array( + 'partNumber', + 'response-cache-control', + 'response-content-disposition', + 'response-content-encoding', + 'response-content-language', + 'response-content-type', + 'response-expires', + 'uploadId', + 'versionId' + ); + foreach ($signable_list as $item) + { + if (isset($opt[$item])) + { + $signable_querystringparams[$item] = $opt[$item]; + } + } + $signable_query_string = $this->util->to_query_string($signable_querystringparams); + + // Merge the HTTP headers + if (isset($opt['headers'])) + { + $headers = array_merge($headers, $opt['headers']); + } + + // Compile the URI to request + $conjunction = '?'; + $signable_resource = '/' . str_replace('%2F', '/', rawurlencode($resource)); + $non_signable_resource = ''; + + if (isset($opt['sub_resource'])) + { + $signable_resource .= $conjunction . rawurlencode($opt['sub_resource']); + $conjunction = '&'; + } + if ($signable_query_string !== '') + { + $signable_query_string = $conjunction . $signable_query_string; + $conjunction = '&'; + } + if ($query_string !== '') + { + $non_signable_resource .= $conjunction . $query_string; + $conjunction = '&'; + } + if (substr($hostname, -1) === substr($signable_resource, 0, 1)) + { + $signable_resource = ltrim($signable_resource, '/'); + } + + $this->request_url = $scheme . $hostname . $signable_resource . $signable_query_string . $non_signable_resource; + + if (isset($opt['location'])) + { + $this->request_url = $opt['location']; + } + + // Gather information to pass along to other classes. + $helpers = array( + 'utilities' => $this->utilities_class, + 'request' => $this->request_class, + 'response' => $this->response_class, + ); + + // Instantiate the request class + $request = new $this->request_class($this->request_url, $this->proxy, $helpers, $this->credentials); + + // Update RequestCore settings + $request->request_class = $this->request_class; + $request->response_class = $this->response_class; + $request->ssl_verification = $this->ssl_verification; + + // Pass along registered stream callbacks + if ($this->registered_streaming_read_callback) + { + $request->register_streaming_read_callback($this->registered_streaming_read_callback); + } + + if ($this->registered_streaming_write_callback) + { + $request->register_streaming_write_callback($this->registered_streaming_write_callback); + } + + // Streaming uploads + if (isset($opt['fileUpload'])) + { + if (is_resource($opt['fileUpload'])) + { + // Determine the length to read from the stream + $length = null; // From current position until EOF by default, size determined by set_read_stream() + + if (isset($headers['Content-Length'])) + { + $length = $headers['Content-Length']; + } + elseif (isset($opt['seekTo'])) + { + // Read from seekTo until EOF by default + $stats = fstat($opt['fileUpload']); + + if ($stats && $stats['size'] >= 0) + { + $length = $stats['size'] - (integer) $opt['seekTo']; + } + } + + $request->set_read_stream($opt['fileUpload'], $length); + + if ($headers['Content-Type'] === 'application/x-www-form-urlencoded') + { + $headers['Content-Type'] = 'application/octet-stream'; + } + } + else + { + $request->set_read_file($opt['fileUpload']); + + // Determine the length to read from the file + $length = $request->read_stream_size; // The file size by default + + if (isset($headers['Content-Length'])) + { + $length = $headers['Content-Length']; + } + elseif (isset($opt['seekTo']) && isset($length)) + { + // Read from seekTo until EOF by default + $length -= (integer) $opt['seekTo']; + } + + $request->set_read_stream_size($length); + + // Attempt to guess the correct mime-type + if ($headers['Content-Type'] === 'application/x-www-form-urlencoded') + { + $extension = explode('.', $opt['fileUpload']); + $extension = array_pop($extension); + $mime_type = CFMimeTypes::get_mimetype($extension); + $headers['Content-Type'] = $mime_type; + } + } + + $headers['Content-Length'] = $request->read_stream_size; + $headers['Content-MD5'] = ''; + } + + // Handle streaming file offsets + if (isset($opt['seekTo'])) + { + // Pass the seek position to RequestCore + $request->set_seek_position((integer) $opt['seekTo']); + } + + // Streaming downloads + if (isset($opt['fileDownload'])) + { + if (is_resource($opt['fileDownload'])) + { + $request->set_write_stream($opt['fileDownload']); + } + else + { + $request->set_write_file($opt['fileDownload']); + } + } + + $curlopts = array(); + + // Set custom CURLOPT settings + if (isset($opt['curlopts'])) + { + $curlopts = $opt['curlopts']; + } + + // Debug mode + if ($this->debug_mode) + { + $curlopts[CURLOPT_VERBOSE] = true; + } + + // Set the curl options. + if (count($curlopts)) + { + $request->set_curlopts($curlopts); + } + + // Do we have a verb? + if (isset($opt['verb'])) + { + $request->set_method($opt['verb']); + $string_to_sign .= $opt['verb'] . "\n"; + } + + // Add headers and content when we have a body + if (isset($opt['body'])) + { + $request->set_body($opt['body']); + $headers['Content-Length'] = strlen($opt['body']); + + if ($headers['Content-Type'] === 'application/x-www-form-urlencoded') + { + $headers['Content-Type'] = 'application/octet-stream'; + } + + if (!isset($opt['NoContentMD5']) || $opt['NoContentMD5'] !== true) + { + $headers['Content-MD5'] = $this->util->hex_to_base64(md5($opt['body'])); + } + } + + // Handle query-string authentication + if (isset($opt['preauth']) && (integer) $opt['preauth'] > 0) + { + unset($headers['Date']); + $headers['Content-Type'] = ''; + $headers['Expires'] = is_int($opt['preauth']) ? $opt['preauth'] : strtotime($opt['preauth']); + } + + // Sort headers + uksort($headers, 'strnatcasecmp'); + + // Add headers to request and compute the string to sign + foreach ($headers as $header_key => $header_value) + { + // Strip linebreaks from header values as they're illegal and can allow for security issues + $header_value = str_replace(array("\r", "\n"), '', $header_value); + + // Add the header if it has a value + if ($header_value !== '') + { + $request->add_header($header_key, $header_value); + } + + // Generate the string to sign + if ( + strtolower($header_key) === 'content-md5' || + strtolower($header_key) === 'content-type' || + strtolower($header_key) === 'date' || + (strtolower($header_key) === 'expires' && isset($opt['preauth']) && (integer) $opt['preauth'] > 0) + ) + { + $string_to_sign .= $header_value . "\n"; + } + elseif (substr(strtolower($header_key), 0, 6) === 'x-amz-') + { + $string_to_sign .= strtolower($header_key) . ':' . $header_value . "\n"; + } + } + + // Add the signable resource location + $string_to_sign .= ($this->resource_prefix ? $this->resource_prefix : ''); + $string_to_sign .= (($bucket === '' || $this->resource_prefix === '/' . $bucket) ? '' : ('/' . $bucket)) . $signable_resource . urldecode($signable_query_string); + + // Hash the AWS secret key and generate a signature for the request. + $signature = base64_encode(hash_hmac('sha1', $string_to_sign, $this->secret_key, true)); + $request->add_header('Authorization', 'AWS ' . $this->key . ':' . $signature); + + // If we're generating a URL, return the URL to the calling method. + if (isset($opt['preauth']) && (integer) $opt['preauth'] > 0) + { + $query_params = array( + 'AWSAccessKeyId' => $this->key, + 'Expires' => $headers['Expires'], + 'Signature' => $signature, + ); + + // If using short-term credentials, add the token to the query string + if ($this->auth_token) + { + $query_params['x-amz-security-token'] = $this->auth_token; + } + + return $this->request_url . $conjunction . http_build_query($query_params, '', '&'); + } + elseif (isset($opt['preauth'])) + { + return $this->request_url; + } + + /*%******************************************************************************************%*/ + + // If our changes were temporary, reset them. + if ($this->temporary_prefix) + { + $this->temporary_prefix = false; + $this->resource_prefix = null; + } + + // Manage the (newer) batch request API or the (older) returnCurlHandle setting. + if ($this->use_batch_flow) + { + $handle = $request->prep_request(); + $this->batch_object->add($handle); + $this->use_batch_flow = false; + + return $handle; + } + elseif (isset($opt['returnCurlHandle']) && $opt['returnCurlHandle'] === true) + { + return $request->prep_request(); + } + + // Send! + $request->send_request(); + + // Prepare the response + $headers = $request->get_response_header(); + $headers['x-aws-request-url'] = $this->request_url; + $headers['x-aws-redirects'] = $this->redirects; + $headers['x-aws-stringtosign'] = $string_to_sign; + $headers['x-aws-requestheaders'] = $request->request_headers; + + // Did we have a request body? + if (isset($opt['body'])) + { + $headers['x-aws-requestbody'] = $opt['body']; + } + + $data = new $this->response_class($headers, $this->parse_callback($request->get_response_body()), $request->get_response_code()); + + // Did Amazon tell us to redirect? Typically happens for multiple rapid requests EU datacenters. + // @see: http://docs.amazonwebservices.com/AmazonS3/latest/dev/Redirects.html + // @codeCoverageIgnoreStart + if ((integer) $request->get_response_code() === 307) // Temporary redirect to new endpoint. + { + $this->redirects++; + $opt['location'] = $headers['location']; + $data = $this->authenticate($bucket, $opt); + } + + // Was it Amazon's fault the request failed? Retry the request until we reach $max_retries. + elseif ((integer) $request->get_response_code() === 500 || (integer) $request->get_response_code() === 503) + { + if ($this->redirects <= $this->max_retries) + { + // Exponential backoff + $delay = (integer) (pow(4, $this->redirects) * 100000); + usleep($delay); + $this->redirects++; + $data = $this->authenticate($bucket, $opt); + } + } + // @codeCoverageIgnoreEnd + + // Return! + $this->redirects = 0; + return $data; + } + + /** + * Validates whether or not the specified Amazon S3 bucket name is valid for DNS-style access. This + * method is leveraged by any method that creates buckets. + * + * @param string $bucket (Required) The name of the bucket to validate. + * @return boolean Whether or not the specified Amazon S3 bucket name is valid for DNS-style access. A value of true means that the bucket name is valid. A value of false means that the bucket name is invalid. + */ + public function validate_bucketname_create($bucket) + { + // list_buckets() uses this. Let it pass. + if ($bucket === '') return true; + + if ( + ($bucket === null || $bucket === false) || // Must not be null or false + preg_match('/[^(a-z0-9\-\.)]/', $bucket) || // Must be in the lowercase Roman alphabet, period or hyphen + !preg_match('/^([a-z]|\d)/', $bucket) || // Must start with a number or letter + !(strlen($bucket) >= 3 && strlen($bucket) <= 63) || // Must be between 3 and 63 characters long + (strpos($bucket, '..') !== false) || // Bucket names cannot contain two, adjacent periods + (strpos($bucket, '-.') !== false) || // Bucket names cannot contain dashes next to periods + (strpos($bucket, '.-') !== false) || // Bucket names cannot contain dashes next to periods + preg_match('/(-|\.)$/', $bucket) || // Bucket names should not end with a dash or period + preg_match('/^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$/', $bucket) // Must not be formatted as an IP address + ) return false; + + return true; + } + + /** + * Validates whether or not the specified Amazon S3 bucket name is valid for path-style access. This + * method is leveraged by any method that reads from buckets. + * + * @param string $bucket (Required) The name of the bucket to validate. + * @return boolean Whether or not the bucket name is valid. A value of true means that the bucket name is valid. A value of false means that the bucket name is invalid. + */ + public function validate_bucketname_support($bucket) + { + // list_buckets() uses this. Let it pass. + if ($bucket === '') return true; + + // Validate + if ( + ($bucket === null || $bucket === false) || // Must not be null or false + preg_match('/[^(a-z0-9_\-\.)]/i', $bucket) || // Must be in the Roman alphabet, period, hyphen or underscore + !preg_match('/^([a-z]|\d)/i', $bucket) || // Must start with a number or letter + !(strlen($bucket) >= 3 && strlen($bucket) <= 255) || // Must be between 3 and 255 characters long + preg_match('/^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$/', $bucket) // Must not be formatted as an IP address + ) return false; + + return true; + } + + /*%******************************************************************************************%*/ + // SETTERS + + /** + * Sets the region to use for subsequent Amazon S3 operations. This will also reset any prior use of + * . + * + * @param string $region (Required) The region to use for subsequent Amazon S3 operations. For a complete list of REGION constants, see the AmazonS3 Constants page in the API reference. + * @return $this A reference to the current instance. + */ + public function set_region($region) + { + // @codeCoverageIgnoreStart + $this->set_hostname($region); + + switch ($region) + { + case self::REGION_US_E1: // Northern Virginia + $this->enable_path_style(false); + break; + + case self::REGION_EU_W1: // Ireland + $this->enable_path_style(); // Always use path-style access for EU endpoint. + break; + + default: + $this->enable_path_style(false); + break; + + } + // @codeCoverageIgnoreEnd + + return $this; + } + + /** + * Sets the virtual host to use in place of the default `bucket.s3.amazonaws.com` domain. + * + * @param string $vhost (Required) The virtual host to use in place of the default `bucket.s3.amazonaws.com` domain. + * @return $this A reference to the current instance. + * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/VirtualHosting.html Virtual Hosting of Buckets + */ + public function set_vhost($vhost) + { + $this->vhost = $vhost; + return $this; + } + + /** + * Enables the use of the older path-style URI access for all requests. + * + * @param string $style (Optional) Whether or not to enable path-style URI access for all requests. The default value is true. + * @return $this A reference to the current instance. + */ + public function enable_path_style($style = true) + { + $this->path_style = $style; + return $this; + } + + + /*%******************************************************************************************%*/ + // BUCKET METHODS + + /** + * Creates an Amazon S3 bucket. + * + * Every object stored in Amazon S3 is contained in a bucket. Buckets partition the namespace of + * objects stored in Amazon S3 at the top level. in a bucket, any name can be used for objects. + * However, bucket names must be unique across all of Amazon S3. + * + * @param string $bucket (Required) The name of the bucket to create. + * @param string $region (Required) The preferred geographical location for the bucket. [Allowed values: `AmazonS3::REGION_US_E1 `, `AmazonS3::REGION_US_W1`, `AmazonS3::REGION_EU_W1`, `AmazonS3::REGION_APAC_SE1`, `AmazonS3::REGION_APAC_NE1`] + * @param string $acl (Optional) The ACL settings for the specified bucket. [Allowed values: AmazonS3::ACL_PRIVATE, AmazonS3::ACL_PUBLIC, AmazonS3::ACL_OPEN, AmazonS3::ACL_AUTH_READ, AmazonS3::ACL_OWNER_READ, AmazonS3::ACL_OWNER_FULL_CONTROL]. The default value is . + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request.

+ * @return CFResponse A object containing a parsed HTTP response. + * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/UsingBucket.html Working with Amazon S3 Buckets + */ + public function create_bucket($bucket, $region, $acl = self::ACL_PRIVATE, $opt = null) + { + // If the bucket contains uppercase letters... + if (preg_match('/[A-Z]/', $bucket)) + { + // Throw a warning + trigger_error('Since DNS-valid bucket names cannot contain uppercase characters, "' . $bucket . '" has been automatically converted to "' . strtolower($bucket) . '"', E_USER_WARNING); + + // Force the bucketname to lowercase + $bucket = strtolower($bucket); + } + + // Validate the S3 bucket name for creation + if (!$this->validate_bucketname_create($bucket)) + { + // @codeCoverageIgnoreStart + throw new S3_Exception('"' . $bucket . '" is not DNS-valid (i.e., .s3.amazonaws.com), and cannot be used as an S3 bucket name. Review "Bucket Restrictions and Limitations" in the S3 Developer Guide for more information.'); + // @codeCoverageIgnoreEnd + } + + if (!$opt) $opt = array(); + $opt['verb'] = 'PUT'; + $opt['headers'] = array( + 'Content-Type' => 'application/xml', + 'x-amz-acl' => $acl + ); + + // Defaults + $this->set_region($region); // Also sets path-style + $xml = simplexml_load_string($this->base_location_constraint); + + switch ($region) + { + case self::REGION_US_E1: // Northern Virginia + $opt['body'] = ''; + break; + + case self::REGION_EU_W1: // Ireland + $xml->LocationConstraint = 'EU'; + $opt['body'] = $xml->asXML(); + break; + + default: + $xml->LocationConstraint = str_replace(array('s3-', '.amazonaws.com'), '', $region); + $opt['body'] = $xml->asXML(); + break; + } + + $response = $this->authenticate($bucket, $opt); + + // Make sure we're set back to DNS-style URLs + $this->enable_path_style(false); + + return $response; + } + + /** + * Gets the region in which the specified Amazon S3 bucket is located. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

preauth - integer|string - Optional - Specifies that a presigned URL for this request should be returned. May be passed as a number of seconds since UNIX Epoch, or any string compatible with .
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function get_bucket_region($bucket, $opt = null) + { + // Add this to our request + if (!$opt) $opt = array(); + $opt['verb'] = 'GET'; + $opt['sub_resource'] = 'location'; + + // Authenticate to S3 + $response = $this->authenticate($bucket, $opt); + + if ($response->isOK()) + { + // Handle body + $response->body = (string) $response->body; + } + + return $response; + } + + /** + * Gets the HTTP headers for the specified Amazon S3 bucket. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

preauth - integer|string - Optional - Specifies that a presigned URL for this request should be returned. May be passed as a number of seconds since UNIX Epoch, or any string compatible with .
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function get_bucket_headers($bucket, $opt = null) + { + if (!$opt) $opt = array(); + $opt['verb'] = 'HEAD'; + + return $this->authenticate($bucket, $opt); + } + + /** + * Deletes a bucket from an Amazon S3 account. A bucket must be empty before the bucket itself can be deleted. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param boolean $force (Optional) Whether to force-delete the bucket and all of its contents. The default value is false. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return mixed A object if the bucket was deleted successfully. Returns boolean false if otherwise. + */ + public function delete_bucket($bucket, $force = false, $opt = null) + { + // Set default value + $success = true; + + if ($force) + { + // Delete all of the items from the bucket. + $success = $this->delete_all_object_versions($bucket); + } + + // As long as we were successful... + if ($success) + { + if (!$opt) $opt = array(); + $opt['verb'] = 'DELETE'; + + return $this->authenticate($bucket, $opt); + } + + // @codeCoverageIgnoreStart + return false; + // @codeCoverageIgnoreEnd + } + + /** + * Gets a list of all buckets contained in the caller's Amazon S3 account. + * + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

preauth - integer|string - Optional - Specifies that a presigned URL for this request should be returned. May be passed as a number of seconds since UNIX Epoch, or any string compatible with .
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function list_buckets($opt = null) + { + if (!$opt) $opt = array(); + $opt['verb'] = 'GET'; + + return $this->authenticate('', $opt); + } + + /** + * Gets the access control list (ACL) settings for the specified Amazon S3 bucket. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

preauth - integer|string - Optional - Specifies that a presigned URL for this request should be returned. May be passed as a number of seconds since UNIX Epoch, or any string compatible with .
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/RESTAccessPolicy.html REST Access Control Policy + */ + public function get_bucket_acl($bucket, $opt = null) + { + // Add this to our request + if (!$opt) $opt = array(); + $opt['verb'] = 'GET'; + $opt['sub_resource'] = 'acl'; + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Sets the access control list (ACL) settings for the specified Amazon S3 bucket. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string $acl (Optional) The ACL settings for the specified bucket. [Allowed values: AmazonS3::ACL_PRIVATE, AmazonS3::ACL_PUBLIC, AmazonS3::ACL_OPEN, AmazonS3::ACL_AUTH_READ, AmazonS3::ACL_OWNER_READ, AmazonS3::ACL_OWNER_FULL_CONTROL]. Alternatively, an array of associative arrays. Each associative array contains an `id` and a `permission` key. The default value is . + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/RESTAccessPolicy.html REST Access Control Policy + */ + public function set_bucket_acl($bucket, $acl = self::ACL_PRIVATE, $opt = null) + { + // Add this to our request + if (!$opt) $opt = array(); + $opt['verb'] = 'PUT'; + $opt['sub_resource'] = 'acl'; + $opt['headers'] = array( + 'Content-Type' => 'application/xml' + ); + + // Make sure these are defined. + // @codeCoverageIgnoreStart + if (!$this->credentials->canonical_id || !$this->credentials->canonical_name) + { + // Fetch the data live. + $canonical = $this->get_canonical_user_id(); + $this->credentials->canonical_id = $canonical['id']; + $this->credentials->canonical_name = $canonical['display_name']; + } + // @codeCoverageIgnoreEnd + + if (is_array($acl)) + { + $opt['body'] = $this->generate_access_policy($this->credentials->canonical_id, $this->credentials->canonical_name, $acl); + } + else + { + $opt['body'] = ''; + $opt['headers']['x-amz-acl'] = $acl; + } + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + + /*%******************************************************************************************%*/ + // OBJECT METHODS + + /** + * Creates an Amazon S3 object. After an Amazon S3 bucket is created, objects can be stored in it. + * + * Each standard object can hold up to 5 GB of data. When an object is stored in Amazon S3, the data is streamed + * to multiple storage servers in multiple data centers. This ensures the data remains available in the + * event of internal network or hardware failure. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string $filename (Required) The file name for the object. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

body - string - Required; Conditional - The data to be stored in the object. Either this parameter or fileUpload must be specified.
fileUpload - string|resource - Required; Conditional - The URL/path for the file to upload, or an open resource. Either this parameter or body is required.
acl - string - Optional - The ACL settings for the specified object. [Allowed values: AmazonS3::ACL_PRIVATE, AmazonS3::ACL_PUBLIC, AmazonS3::ACL_OPEN, AmazonS3::ACL_AUTH_READ, AmazonS3::ACL_OWNER_READ, AmazonS3::ACL_OWNER_FULL_CONTROL]. The default value is ACL_PRIVATE.
contentType - string - Optional - The type of content that is being sent in the body. If a file is being uploaded via fileUpload as a file system path, it will attempt to determine the correct mime-type based on the file extension. The default value is application/octet-stream.
encryption - string - Optional - The algorithm to use for encrypting the object. [Allowed values: AES256]
headers - array - Optional - Standard HTTP headers to send along in the request. Accepts an associative array of key-value pairs.
length - integer - Optional - The size of the object in bytes. For more information, see RFC 2616, section 14.13. The value can also be passed to the header option as Content-Length.
meta - array - Optional - An associative array of key-value pairs. Represented by x-amz-meta-:. Any header starting with this prefix is considered user metadata. It will be stored with the object and returned when you retrieve the object. The total size of the HTTP request, not including the body, must be less than 4 KB.
seekTo - integer - Optional - The starting position in bytes within the file/stream to upload from.
storage - string - Optional - Whether to use Standard or Reduced Redundancy storage. [Allowed values: AmazonS3::STORAGE_STANDARD, AmazonS3::STORAGE_REDUCED]. The default value is STORAGE_STANDARD.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

etag - string - Optional - The ETag header passed in from a previous request. If specified, request LastModified option must be specified as well. Will trigger a 304 Not Modified status code if the file hasn't changed.
fileDownload - string|resource - Optional - The file system location to download the file to, or an open file resource. Must be a server-writable location.
headers - array - Optional - Standard HTTP headers to send along in the request. Accepts an associative array of key-value pairs.
lastmodified - string - Optional - The LastModified header passed in from a previous request. If specified, request ETag option must be specified as well. Will trigger a 304 Not Modified status code if the file hasn't changed.
preauth - integer|string - Optional - Specifies that a presigned URL for this request should be returned. May be passed as a number of seconds since UNIX Epoch, or any string compatible with .
range - string - Optional - The range of bytes to fetch from the object. Specify this parameter when downloading partial bits or completing incomplete object downloads. The specified range must be notated with a hyphen (e.g., 0-10485759). Defaults to the byte range of the complete Amazon S3 object.
response - array - Optional - Allows adjustments to specific response headers. Pass an associative array where each key is one of the following: cache-control, content-disposition, content-encoding, content-language, content-type, expires. The expires value should use and be formatted with the DATE_RFC2822 constant.
versionId - string - Optional - The version of the object to retrieve. Version IDs are returned in the x-amz-version-id header of any previous object-related request.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function get_object($bucket, $filename, $opt = null) + { + if (!$opt) $opt = array(); + + // Add this to our request + $opt['verb'] = 'GET'; + $opt['resource'] = $filename; + + if (!isset($opt['headers']) || !is_array($opt['headers'])) + { + $opt['headers'] = array(); + } + + if (isset($opt['lastmodified'])) + { + $opt['headers']['If-Modified-Since'] = $opt['lastmodified']; + } + + if (isset($opt['etag'])) + { + $opt['headers']['If-None-Match'] = $opt['etag']; + } + + // Partial content range + if (isset($opt['range'])) + { + $opt['headers']['Range'] = 'bytes=' . $opt['range']; + } + + // GET responses + if (isset($opt['response'])) + { + foreach ($opt['response'] as $key => $value) + { + $opt['response-' . $key] = $value; + unset($opt['response'][$key]); + } + } + + // Authenticate to S3 + $this->parse_the_response = false; + $response = $this->authenticate($bucket, $opt); + $this->parse_the_response = true; + + return $response; + } + + /** + * Gets the HTTP headers for the specified Amazon S3 object. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string $filename (Required) The file name for the object. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

versionId - string - Optional - The version of the object to retrieve. Version IDs are returned in the x-amz-version-id header of any previous object-related request.
preauth - integer|string - Optional - Specifies that a presigned URL for this request should be returned. May be passed as a number of seconds since UNIX Epoch, or any string compatible with .
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function get_object_headers($bucket, $filename, $opt = null) + { + // Add this to our request + if (!$opt) $opt = array(); + $opt['verb'] = 'HEAD'; + $opt['resource'] = $filename; + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Deletes an Amazon S3 object from the specified bucket. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string $filename (Required) The file name for the object. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

versionId - string - Optional - The version of the object to delete. Version IDs are returned in the x-amz-version-id header of any previous object-related request.
MFASerial - string - Optional - The serial number on the back of the Gemalto device. MFASerial and MFAToken must both be set for MFA to work.
MFAToken - string - Optional - The current token displayed on the Gemalto device. MFASerial and MFAToken must both be set for MFA to work.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + * @link http://aws.amazon.com/mfa/ Multi-Factor Authentication + */ + public function delete_object($bucket, $filename, $opt = null) + { + // Add this to our request + if (!$opt) $opt = array(); + $opt['verb'] = 'DELETE'; + $opt['resource'] = $filename; + + // Enable MFA delete? + // @codeCoverageIgnoreStart + if (isset($opt['MFASerial']) && isset($opt['MFAToken'])) + { + $opt['headers'] = array( + 'x-amz-mfa' => ($opt['MFASerial'] . ' ' . $opt['MFAToken']) + ); + } + // @codeCoverageIgnoreEnd + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Deletes two or more specified Amazon S3 objects from the specified bucket. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

objects - array - Required - The object references to delete from the bucket.
- key - string - Required - The name of the object (e.g., the "key") to delete. This should include the entire file path including all "subdirectories".
- version_id - string - Optional - If the object is versioned, include the version ID to delete.
quiet - boolean - Optional - Whether or not Amazon S3 should use "Quiet" mode for this operation. A value of true will enable Quiet mode. A value of false will use Verbose mode. The default value is false.
MFASerial - string - Optional - The serial number on the back of the Gemalto device. MFASerial and MFAToken must both be set for MFA to work.
MFAToken - string - Optional - The current token displayed on the Gemalto device. MFASerial and MFAToken must both be set for MFA to work.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + * @link http://aws.amazon.com/mfa/ Multi-Factor Authentication + */ + public function delete_objects($bucket, $opt = null) + { + // Add this to our request + if (!$opt) $opt = array(); + $opt['verb'] = 'POST'; + $opt['sub_resource'] = 'delete'; + $opt['body'] = ''; + + // Bail out + if (!isset($opt['objects']) || !is_array($opt['objects'])) + { + throw new S3_Exception('The ' . __FUNCTION__ . ' method requires the "objects" option to be set as an array.'); + } + + $xml = new SimpleXMLElement($this->multi_object_delete_xml); + + // Add the objects + foreach ($opt['objects'] as $object) + { + $xobject = $xml->addChild('Object'); + $xobject->addChild('Key', $object['key']); + + if (isset($object['version_id'])) + { + $xobject->addChild('VersionId', $object['version_id']); + } + } + + // Quiet mode? + if (isset($opt['quiet'])) + { + $quiet = 'false'; + if (is_bool($opt['quiet'])) // Boolean + { + $quiet = $opt['quiet'] ? 'true' : 'false'; + } + elseif (is_string($opt['quiet'])) // String + { + $quiet = ($opt['quiet'] === 'true') ? 'true' : 'false'; + } + + $xml->addChild('Quiet', $quiet); + } + + // Enable MFA delete? + // @codeCoverageIgnoreStart + if (isset($opt['MFASerial']) && isset($opt['MFAToken'])) + { + $opt['headers'] = array( + 'x-amz-mfa' => ($opt['MFASerial'] . ' ' . $opt['MFAToken']) + ); + } + // @codeCoverageIgnoreEnd + + $opt['body'] = $xml->asXML(); + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Gets a list of all Amazon S3 objects in the specified bucket. + * + * NOTE: This method is paginated, and will not return more than max-keys keys. If you want to retrieve a list of all keys, you will need to make multiple calls to this function using the marker option to specify the pagination offset (the key of the last processed key--lexically ordered) and the IsTruncated response key to detect when all results have been processed. See: the S3 REST documentation for get_bucket for more information. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

delimiter - string - Optional - Keys that contain the same string between the prefix and the first occurrence of the delimiter will be rolled up into a single result element in the CommonPrefixes collection.
marker - string - Optional - Restricts the response to contain results that only occur alphabetically after the value of the marker.
max-keys - string - Optional - The maximum number of results returned by the method call. The returned list will contain no more results than the specified value, but may return fewer. The default value is 1000.
preauth - integer|string - Optional - Specifies that a presigned URL for this request should be returned. May be passed as a number of seconds since UNIX Epoch, or any string compatible with .
prefix - string - Optional - Restricts the response to contain results that begin only with the specified prefix.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function list_objects($bucket, $opt = null) + { + if (!$opt) $opt = array(); + + // Add this to our request + $opt['verb'] = 'GET'; + + foreach (array('delimiter', 'marker', 'max-keys', 'prefix') as $param) + { + if (isset($opt[$param])) + { + $opt['query_string'][$param] = $opt[$param]; + unset($opt[$param]); + } + } + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Copies an Amazon S3 object to a new location, whether in the same Amazon S3 region, bucket, or otherwise. + * + * @param array $source (Required) The bucket and file name to copy from. The following keys must be set:

bucket - string - Required - Specifies the name of the bucket containing the source object.
filename - string - Required - Specifies the file name of the source object to copy.

+ * @param array $dest (Required) The bucket and file name to copy to. The following keys must be set:

bucket - string - Required - Specifies the name of the bucket to copy the object to.
filename - string - Required - Specifies the file name to copy the object to.

+ * @param array $opt (Optional) An associative array of parameters that can have the following keys:

acl - string - Optional - The ACL settings for the specified object. [Allowed values: AmazonS3::ACL_PRIVATE, AmazonS3::ACL_PUBLIC, AmazonS3::ACL_OPEN, AmazonS3::ACL_AUTH_READ, AmazonS3::ACL_OWNER_READ, AmazonS3::ACL_OWNER_FULL_CONTROL]. Alternatively, an array of associative arrays. Each associative array contains an id and a permission key. The default value is ACL_PRIVATE.
encryption - string - Optional - The algorithm to use for encrypting the object. [Allowed values: AES256]
storage - string - Optional - Whether to use Standard or Reduced Redundancy storage. [Allowed values: AmazonS3::STORAGE_STANDARD, AmazonS3::STORAGE_REDUCED]. The default value is STORAGE_STANDARD.
versionId - string - Optional - The version of the object to copy. Version IDs are returned in the x-amz-version-id header of any previous object-related request.
ifMatch - string - Optional - The ETag header from a previous request. Copies the object if its entity tag (ETag) matches the specified tag; otherwise, the request returns a 412 HTTP status code error (precondition failed). Used in conjunction with ifUnmodifiedSince.
ifUnmodifiedSince - string - Optional - The LastModified header from a previous request. Copies the object if it hasn't been modified since the specified time; otherwise, the request returns a 412 HTTP status code error (precondition failed). Used in conjunction with ifMatch.
ifNoneMatch - string - Optional - The ETag header from a previous request. Copies the object if its entity tag (ETag) is different than the specified ETag; otherwise, the request returns a 412 HTTP status code error (failed condition). Used in conjunction with ifModifiedSince.
ifModifiedSince - string - Optional - The LastModified header from a previous request. Copies the object if it has been modified since the specified time; otherwise, the request returns a 412 HTTP status code error (failed condition). Used in conjunction with ifNoneMatch.
headers - array - Optional - Standard HTTP headers to send along in the request. Accepts an associative array of key-value pairs.
meta - array - Optional - Associative array of key-value pairs. Represented by x-amz-meta-: Any header starting with this prefix is considered user metadata. It will be stored with the object and returned when you retrieve the object. The total size of the HTTP request, not including the body, must be less than 4 KB.
metadataDirective - string - Optional - Accepts either COPY or REPLACE. You will likely never need to use this, as it manages itself with no issues.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/API/RESTObjectCOPY.html Copying Amazon S3 Objects + */ + public function copy_object($source, $dest, $opt = null) + { + if (!$opt) $opt = array(); + $batch = array(); + + // Add this to our request + $opt['verb'] = 'PUT'; + $opt['resource'] = $dest['filename']; + $opt['body'] = ''; + + // Handle copy source + if (isset($source['bucket']) && isset($source['filename'])) + { + $opt['headers']['x-amz-copy-source'] = '/' . $source['bucket'] . '/' . rawurlencode($source['filename']) + . (isset($opt['versionId']) ? ('?' . 'versionId=' . rawurlencode($opt['versionId'])) : ''); // Append the versionId to copy, if available + unset($opt['versionId']); + + // Determine if we need to lookup the pre-existing content-type. + if ( + (!$this->use_batch_flow && !isset($opt['returnCurlHandle'])) && + !in_array(strtolower('content-type'), array_map('strtolower', array_keys($opt['headers']))) + ) + { + $response = $this->get_object_headers($source['bucket'], $source['filename']); + if ($response->isOK()) + { + $opt['headers']['Content-Type'] = $response->header['content-type']; + } + } + } + + // Handle metadata directive + $opt['headers']['x-amz-metadata-directive'] = 'COPY'; + if ($source['bucket'] === $dest['bucket'] && $source['filename'] === $dest['filename']) + { + $opt['headers']['x-amz-metadata-directive'] = 'REPLACE'; + } + if (isset($opt['metadataDirective'])) + { + $opt['headers']['x-amz-metadata-directive'] = $opt['metadataDirective']; + unset($opt['metadataDirective']); + } + + // Handle Access Control Lists. Can also pass canned ACLs as an HTTP header. + if (isset($opt['acl']) && is_array($opt['acl'])) + { + $batch[] = $this->set_object_acl($dest['bucket'], $dest['filename'], $opt['acl'], array( + 'returnCurlHandle' => true + )); + unset($opt['acl']); + } + elseif (isset($opt['acl'])) + { + $opt['headers']['x-amz-acl'] = $opt['acl']; + unset($opt['acl']); + } + + // Handle storage settings. Can also be passed as an HTTP header. + if (isset($opt['storage'])) + { + $opt['headers']['x-amz-storage-class'] = $opt['storage']; + unset($opt['storage']); + } + + // Handle encryption settings. Can also be passed as an HTTP header. + if (isset($opt['encryption'])) + { + $opt['headers']['x-amz-server-side-encryption'] = $opt['encryption']; + unset($opt['encryption']); + } + + // Handle conditional-copy parameters + if (isset($opt['ifMatch'])) + { + $opt['headers']['x-amz-copy-source-if-match'] = $opt['ifMatch']; + unset($opt['ifMatch']); + } + if (isset($opt['ifNoneMatch'])) + { + $opt['headers']['x-amz-copy-source-if-none-match'] = $opt['ifNoneMatch']; + unset($opt['ifNoneMatch']); + } + if (isset($opt['ifUnmodifiedSince'])) + { + $opt['headers']['x-amz-copy-source-if-unmodified-since'] = $opt['ifUnmodifiedSince']; + unset($opt['ifUnmodifiedSince']); + } + if (isset($opt['ifModifiedSince'])) + { + $opt['headers']['x-amz-copy-source-if-modified-since'] = $opt['ifModifiedSince']; + unset($opt['ifModifiedSince']); + } + + // Handle meta tags. Can also be passed as an HTTP header. + if (isset($opt['meta'])) + { + foreach ($opt['meta'] as $meta_key => $meta_value) + { + // e.g., `My Meta Header` is converted to `x-amz-meta-my-meta-header`. + $opt['headers']['x-amz-meta-' . strtolower(str_replace(' ', '-', $meta_key))] = $meta_value; + } + unset($opt['meta']); + } + + // Authenticate to S3 + $response = $this->authenticate($dest['bucket'], $opt); + + // Attempt to reset ACLs + $http = new RequestCore(); + $http->send_multi_request($batch); + + return $response; + } + + /** + * Updates an Amazon S3 object with new headers or other metadata. To replace the content of the + * specified Amazon S3 object, call with the same bucket and file name parameters. + * + * @param string $bucket (Required) The name of the bucket that contains the source file. + * @param string $filename (Required) The source file name that you want to update. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

acl - string - Optional - The ACL settings for the specified object. [Allowed values: AmazonS3::ACL_PRIVATE, AmazonS3::ACL_PUBLIC, AmazonS3::ACL_OPEN, AmazonS3::ACL_AUTH_READ, AmazonS3::ACL_OWNER_READ, AmazonS3::ACL_OWNER_FULL_CONTROL]. The default value is .
headers - array - Optional - Standard HTTP headers to send along in the request. Accepts an associative array of key-value pairs.
meta - array - Optional - An associative array of key-value pairs. Any header with the x-amz-meta- prefix is considered user metadata and is stored with the Amazon S3 object. It will be stored with the object and returned when you retrieve the object. The total size of the HTTP request, not including the body, must be less than 4 KB.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

versionId - string - Optional - The version of the object to retrieve. Version IDs are returned in the x-amz-version-id header of any previous object-related request.
preauth - integer|string - Optional - Specifies that a presigned URL for this request should be returned. May be passed as a number of seconds since UNIX Epoch, or any string compatible with .
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/RESTAccessPolicy.html REST Access Control Policy + */ + public function get_object_acl($bucket, $filename, $opt = null) + { + // Add this to our request + if (!$opt) $opt = array(); + $opt['verb'] = 'GET'; + $opt['resource'] = $filename; + $opt['sub_resource'] = 'acl'; + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Sets the access control list (ACL) settings for the specified Amazon S3 object. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string $filename (Required) The file name for the object. + * @param string $acl (Optional) The ACL settings for the specified object. Accepts any of the following constants: [Allowed values: AmazonS3::ACL_PRIVATE, AmazonS3::ACL_PUBLIC, AmazonS3::ACL_OPEN, AmazonS3::ACL_AUTH_READ, AmazonS3::ACL_OWNER_READ, AmazonS3::ACL_OWNER_FULL_CONTROL]. Alternatively, an array of associative arrays. Each associative array contains an id and a permission key. The default value is ACL_PRIVATE. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/RESTAccessPolicy.html REST Access Control Policy + */ + public function set_object_acl($bucket, $filename, $acl = self::ACL_PRIVATE, $opt = null) + { + // Add this to our request + if (!$opt) $opt = array(); + $opt['verb'] = 'PUT'; + $opt['resource'] = $filename; + $opt['sub_resource'] = 'acl'; + + // Retrieve the original metadata + $metadata = $this->get_object_metadata($bucket, $filename); + if ($metadata && $metadata['ContentType']) + { + $opt['headers']['Content-Type'] = $metadata['ContentType']; + } + if ($metadata && $metadata['StorageClass']) + { + $opt['headers']['x-amz-storage-class'] = $metadata['StorageClass']; + } + + // Make sure these are defined. + // @codeCoverageIgnoreStart + if (!$this->credentials->canonical_id || !$this->credentials->canonical_name) + { + // Fetch the data live. + $canonical = $this->get_canonical_user_id(); + $this->credentials->canonical_id = $canonical['id']; + $this->credentials->canonical_name = $canonical['display_name']; + } + // @codeCoverageIgnoreEnd + + if (is_array($acl)) + { + $opt['body'] = $this->generate_access_policy($this->credentials->canonical_id, $this->credentials->canonical_name, $acl); + } + else + { + $opt['body'] = ''; + $opt['headers']['x-amz-acl'] = $acl; + } + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Generates the XML to be used for the Access Control Policy. + * + * @param string $canonical_id (Required) The canonical ID for the bucket owner. This is provided as the `id` return value from . + * @param string $canonical_name (Required) The canonical display name for the bucket owner. This is provided as the `display_name` value from . + * @param array $users (Optional) An array of associative arrays. Each associative array contains an `id` value and a `permission` value. + * @return string Access Control Policy XML. + * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/S3_ACLs.html Access Control Lists + */ + public function generate_access_policy($canonical_id, $canonical_name, $users) + { + $xml = simplexml_load_string($this->base_acp_xml); + $owner = $xml->addChild('Owner'); + $owner->addChild('ID', $canonical_id); + $owner->addChild('DisplayName', $canonical_name); + $acl = $xml->addChild('AccessControlList'); + + foreach ($users as $user) + { + $grant = $acl->addChild('Grant'); + $grantee = $grant->addChild('Grantee'); + + switch ($user['id']) + { + // Authorized Users + case self::USERS_AUTH: + $grantee->addAttribute('xsi:type', 'Group', 'http://www.w3.org/2001/XMLSchema-instance'); + $grantee->addChild('URI', self::USERS_AUTH); + break; + + // All Users + case self::USERS_ALL: + $grantee->addAttribute('xsi:type', 'Group', 'http://www.w3.org/2001/XMLSchema-instance'); + $grantee->addChild('URI', self::USERS_ALL); + break; + + // The Logging User + case self::USERS_LOGGING: + $grantee->addAttribute('xsi:type', 'Group', 'http://www.w3.org/2001/XMLSchema-instance'); + $grantee->addChild('URI', self::USERS_LOGGING); + break; + + // Email Address or Canonical Id + default: + if (strpos($user['id'], '@')) + { + $grantee->addAttribute('xsi:type', 'AmazonCustomerByEmail', 'http://www.w3.org/2001/XMLSchema-instance'); + $grantee->addChild('EmailAddress', $user['id']); + } + else + { + // Assume Canonical Id + $grantee->addAttribute('xsi:type', 'CanonicalUser', 'http://www.w3.org/2001/XMLSchema-instance'); + $grantee->addChild('ID', $user['id']); + } + break; + } + + $grant->addChild('Permission', $user['permission']); + } + + return $xml->asXML(); + } + + + /*%******************************************************************************************%*/ + // LOGGING METHODS + + /** + * Gets the access logs associated with the specified Amazon S3 bucket. + * + * @param string $bucket (Required) The name of the bucket to use. Pass a `null` value when using the method. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

preauth - integer|string - Optional - Specifies that a presigned URL for this request should be returned. May be passed as a number of seconds since UNIX Epoch, or any string compatible with .
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/ServerLogs.html Server Access Logging + */ + public function get_logs($bucket, $opt = null) + { + // Add this to our request + if (!$opt) $opt = array(); + $opt['verb'] = 'GET'; + $opt['sub_resource'] = 'logging'; + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Enables access logging for the specified Amazon S3 bucket. + * + * @param string $bucket (Required) The name of the bucket to enable logging for. Pass a `null` value when using the method. + * @param string $target_bucket (Required) The name of the bucket to store the logs in. + * @param string $target_prefix (Required) The prefix to give to the log file names. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

users - array - Optional - An array of associative arrays specifying any user to give access to. Each associative array contains an id and permission value.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/LoggingAPI.html Server Access Logging Configuration API + */ + public function disable_logging($bucket, $opt = null) + { + // Add this to our request + if (!$opt) $opt = array(); + $opt['verb'] = 'PUT'; + $opt['sub_resource'] = 'logging'; + $opt['headers'] = array( + 'Content-Type' => 'application/xml' + ); + $opt['body'] = $this->base_logging_xml; + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + + /*%******************************************************************************************%*/ + // CONVENIENCE METHODS + + /** + * Gets whether or not the specified Amazon S3 bucket exists in Amazon S3. This includes buckets + * that do not belong to the caller. + * + * @param string $bucket (Required) The name of the bucket to use. + * @return boolean A value of true if the bucket exists, or a value of false if it does not. + */ + public function if_bucket_exists($bucket) + { + if ($this->use_batch_flow) + { + throw new S3_Exception(__FUNCTION__ . '() cannot be batch requested'); + } + + $header = $this->get_bucket_headers($bucket); + return (bool) $header->isOK(); + } + + /** + * Gets whether or not the specified Amazon S3 object exists in the specified bucket. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string $filename (Required) The file name for the object. + * @return boolean A value of true if the object exists, or a value of false if it does not. + */ + public function if_object_exists($bucket, $filename) + { + if ($this->use_batch_flow) + { + throw new S3_Exception(__FUNCTION__ . '() cannot be batch requested'); + } + + $header = $this->get_object_headers($bucket, $filename); + + if ($header->isOK()) { return true; } + elseif ($header->status === 404) { return false; } + + // @codeCoverageIgnoreStart + return null; + // @codeCoverageIgnoreEnd + } + + /** + * Gets whether or not the specified Amazon S3 bucket has a bucket policy associated with it. + * + * @param string $bucket (Required) The name of the bucket to use. + * @return boolean A value of true if a bucket policy exists, or a value of false if one does not. + */ + public function if_bucket_policy_exists($bucket) + { + if ($this->use_batch_flow) + { + // @codeCoverageIgnoreStart + throw new S3_Exception(__FUNCTION__ . '() cannot be batch requested'); + // @codeCoverageIgnoreEnd + } + + $response = $this->get_bucket_policy($bucket); + + if ($response->isOK()) { return true; } + elseif ($response->status === 404) { return false; } + + // @codeCoverageIgnoreStart + return null; + // @codeCoverageIgnoreEnd + } + + /** + * Gets the number of Amazon S3 objects in the specified bucket. + * + * @param string $bucket (Required) The name of the bucket to use. + * @return integer The number of Amazon S3 objects in the bucket. + */ + public function get_bucket_object_count($bucket) + { + if ($this->use_batch_flow) + { + // @codeCoverageIgnoreStart + throw new S3_Exception(__FUNCTION__ . '() cannot be batch requested'); + // @codeCoverageIgnoreEnd + } + + return count($this->get_object_list($bucket)); + } + + /** + * Gets the cumulative file size of the contents of the Amazon S3 bucket. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param boolean $friendly_format (Optional) A value of true will format the return value to 2 decimal points using the largest possible unit (i.e., 3.42 GB). A value of false will format the return value as the raw number of bytes. + * @return integer|string The number of bytes as an integer, or the friendly format as a string. + */ + public function get_bucket_filesize($bucket, $friendly_format = false) + { + if ($this->use_batch_flow) + { + throw new S3_Exception(__FUNCTION__ . '() cannot be batch requested'); + } + + $filesize = 0; + $list = $this->list_objects($bucket); + + foreach ($list->body->Contents as $filename) + { + $filesize += (integer) $filename->Size; + } + + while ((string) $list->body->IsTruncated === 'true') + { + $body = (array) $list->body; + $list = $this->list_objects($bucket, array( + 'marker' => (string) end($body['Contents'])->Key + )); + + foreach ($list->body->Contents as $object) + { + $filesize += (integer) $object->Size; + } + } + + if ($friendly_format) + { + $filesize = $this->util->size_readable($filesize); + } + + return $filesize; + } + + /** + * Gets the file size of the specified Amazon S3 object. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string $filename (Required) The file name for the object. + * @param boolean $friendly_format (Optional) A value of true will format the return value to 2 decimal points using the largest possible unit (i.e., 3.42 GB). A value of false will format the return value as the raw number of bytes. + * @return integer|string The number of bytes as an integer, or the friendly format as a string. + */ + public function get_object_filesize($bucket, $filename, $friendly_format = false) + { + if ($this->use_batch_flow) + { + throw new S3_Exception(__FUNCTION__ . '() cannot be batch requested'); + } + + $object = $this->get_object_headers($bucket, $filename); + $filesize = (integer) $object->header['content-length']; + + if ($friendly_format) + { + $filesize = $this->util->size_readable($filesize); + } + + return $filesize; + } + + /** + * Changes the content type for an existing Amazon S3 object. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string $filename (Required) The file name for the object. + * @param string $contentType (Required) The content-type to apply to the object. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function change_content_type($bucket, $filename, $contentType, $opt = null) + { + if (!$opt) $opt = array(); + + // Retrieve the original metadata + $metadata = $this->get_object_metadata($bucket, $filename); + if ($metadata && $metadata['ACL']) + { + $opt['acl'] = $metadata['ACL']; + } + if ($metadata && $metadata['StorageClass']) + { + $opt['headers']['x-amz-storage-class'] = $metadata['StorageClass']; + } + + // Merge optional parameters + $opt = array_merge_recursive(array( + 'headers' => array( + 'Content-Type' => $contentType + ), + 'metadataDirective' => 'COPY' + ), $opt); + + return $this->copy_object( + array('bucket' => $bucket, 'filename' => $filename), + array('bucket' => $bucket, 'filename' => $filename), + $opt + ); + } + + /** + * Changes the storage redundancy for an existing object. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string $filename (Required) The file name for the object. + * @param string $storage (Required) The storage setting to apply to the object. [Allowed values: AmazonS3::STORAGE_STANDARD, AmazonS3::STORAGE_REDUCED] + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function change_storage_redundancy($bucket, $filename, $storage, $opt = null) + { + if (!$opt) $opt = array(); + + // Retrieve the original metadata + $metadata = $this->get_object_metadata($bucket, $filename); + if ($metadata && $metadata['ACL']) + { + $opt['acl'] = $metadata['ACL']; + } + if ($metadata && $metadata['ContentType']) + { + $opt['headers']['Content-Type'] = $metadata['ContentType']; + } + + // Merge optional parameters + $opt = array_merge(array( + 'storage' => $storage, + 'metadataDirective' => 'COPY', + ), $opt); + + return $this->copy_object( + array('bucket' => $bucket, 'filename' => $filename), + array('bucket' => $bucket, 'filename' => $filename), + $opt + ); + } + + /** + * Gets a simplified list of bucket names on an Amazon S3 account. + * + * @param string $pcre (Optional) A Perl-Compatible Regular Expression (PCRE) to filter the bucket names against. + * @return array The list of matching bucket names. If there are no results, the method will return an empty array. + * @link http://php.net/pcre Regular Expressions (Perl-Compatible) + */ + public function get_bucket_list($pcre = null) + { + if ($this->use_batch_flow) + { + throw new S3_Exception(__FUNCTION__ . '() cannot be batch requested'); + } + + // Get a list of buckets. + $list = $this->list_buckets(); + if ($list = $list->body->query('descendant-or-self::Name')) + { + $list = $list->map_string($pcre); + return $list; + } + + // @codeCoverageIgnoreStart + return array(); + // @codeCoverageIgnoreEnd + } + + /** + * Gets a simplified list of Amazon S3 object file names contained in a bucket. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

delimiter - string - Optional - Keys that contain the same string between the prefix and the first occurrence of the delimiter will be rolled up into a single result element in the CommonPrefixes collection.
marker - string - Optional - Restricts the response to contain results that only occur alphabetically after the value of the marker.
max-keys - integer - Optional - The maximum number of results returned by the method call. The returned list will contain no more results than the specified value, but may return less. A value of zero is treated as if you did not specify max-keys.
pcre - string - Optional - A Perl-Compatible Regular Expression (PCRE) to filter the names against. This is applied only AFTER any native Amazon S3 filtering from specified prefix, marker, max-keys, or delimiter values are applied.
prefix - string - Optional - Restricts the response to contain results that begin only with the specified prefix.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.

. + * @return boolean A value of true means that all objects were successfully deleted. A value of false means that at least one object failed to delete. + * @link http://php.net/pcre Regular Expressions (Perl-Compatible) + */ + public function delete_all_objects($bucket, $pcre = self::PCRE_ALL) + { + // Collect all matches + $list = $this->get_object_list($bucket, array('pcre' => $pcre)); + + // As long as we have at least one match... + if (count($list) > 0) + { + $objects = array(); + + foreach ($list as $object) + { + $objects[] = array('key' => $object); + } + + $batch = new CFBatchRequest(); + $batch->use_credentials($this->credentials); + + foreach (array_chunk($objects, 1000) as $object_set) + { + $this->batch($batch)->delete_objects($bucket, array( + 'objects' => $object_set + )); + } + + $responses = $this->batch($batch)->send(); + $is_ok = true; + + foreach ($responses as $response) + { + if (!$response->isOK() || isset($response->body->Error)) + { + $is_ok = false; + } + } + + return $is_ok; + } + + // If there are no matches, return true + return true; + } + + /** + * Deletes all of the versions of all Amazon S3 objects inside the specified bucket. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string $pcre (Optional) A Perl-Compatible Regular Expression (PCRE) to filter the names against. The default value is . + * @return boolean A value of true means that all object versions were successfully deleted. A value of false means that at least one object/version failed to delete. + * @link http://php.net/pcre Regular Expressions (Perl-Compatible) + */ + public function delete_all_object_versions($bucket, $pcre = null) + { + // Instantiate + $versions = $this->list_bucket_object_versions($bucket); + + // Gather all nodes together into a single array + if ($versions->body->DeleteMarker() && $versions->body->Version()) + { + $markers = array_merge($versions->body->DeleteMarker()->getArrayCopy(), $versions->body->Version()->getArrayCopy()); + } + elseif ($versions->body->DeleteMarker()) + { + $markers = $versions->body->DeleteMarker()->getArrayCopy(); + } + elseif ($versions->body->Version()) + { + $markers = $versions->body->Version()->getArrayCopy(); + } + else + { + $markers = array(); + } + + while ((string) $versions->body->IsTruncated === 'true') + { + $versions = $this->list_bucket_object_versions($bucket, array( + 'key-marker' => (string) $versions->body->NextKeyMarker + )); + + // Gather all nodes together into a single array + if ($versions->body->DeleteMarker() && $versions->body->Version()) + { + $markers = array_merge($markers, $versions->body->DeleteMarker()->getArrayCopy(), $versions->body->Version()->getArrayCopy()); + } + elseif ($versions->body->DeleteMarker()) + { + $markers = array_merge($markers, $versions->body->DeleteMarker()->getArrayCopy()); + } + elseif ($versions->body->Version()) + { + $markers = array_merge($markers, $versions->body->Version()->getArrayCopy()); + } + } + + $objects = array(); + + // Loop through markers + foreach ($markers as $marker) + { + if ($pcre) + { + if (preg_match($pcre, (string) $marker->Key)) + { + $xx = array('key' => (string) $marker->Key); + if ((string) $marker->VersionId !== 'null') + { + $xx['version_id'] = (string) $marker->VersionId; + } + $objects[] = $xx; + unset($xx); + } + } + else + { + $xx = array('key' => (string) $marker->Key); + if ((string) $marker->VersionId !== 'null') + { + $xx['version_id'] = (string) $marker->VersionId; + } + $objects[] = $xx; + unset($xx); + } + } + + $batch = new CFBatchRequest(); + $batch->use_credentials($this->credentials); + + foreach (array_chunk($objects, 1000) as $object_set) + { + $this->batch($batch)->delete_objects($bucket, array( + 'objects' => $object_set + )); + } + + $responses = $this->batch($batch)->send(); + $is_ok = true; + + foreach ($responses as $response) + { + if (!$response->isOK() || isset($response->body->Error)) + { + $is_ok = false; + } + } + + return $is_ok; + } + + /** + * Gets the collective metadata for the given Amazon S3 object. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string $filename (Required) The file name for the Amazon S3 object. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

versionId - string - Optional - The version of the object to retrieve. Version IDs are returned in the x-amz-version-id header of any previous object-related request.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return mixed If the object exists, the method returns the collective metadata for the Amazon S3 object. If the object does not exist, the method returns boolean false. + */ + public function get_object_metadata($bucket, $filename, $opt = null) + { + $batch = new CFBatchRequest(); + $this->batch($batch)->get_object_acl($bucket, $filename); // Get ACL info + $this->batch($batch)->get_object_headers($bucket, $filename); // Get content-type + $this->batch($batch)->list_objects($bucket, array( // Get other metadata + 'max-keys' => 1, + 'prefix' => $filename + )); + $response = $this->batch($batch)->send(); + + // Fail if any requests were unsuccessful + if (!$response->areOK()) + { + return false; + } + + $data = array( + 'ACL' => array(), + 'ContentType' => null, + 'ETag' => null, + 'Headers' => null, + 'Key' => null, + 'LastModified' => null, + 'Owner' => array(), + 'Size' => null, + 'StorageClass' => null, + ); + + // Add the content type + $data['ContentType'] = (string) $response[1]->header['content-type']; + + // Add the other metadata (including storage type) + $contents = json_decode(json_encode($response[2]->body->query('descendant-or-self::Contents')->first()), true); + $data = array_merge($data, (is_array($contents) ? $contents : array())); + + // Add ACL info + $grants = $response[0]->body->query('descendant-or-self::Grant'); + $max = count($grants); + + // Add raw header info + $data['Headers'] = $response[1]->header; + foreach (array('_info', 'x-amz-id-2', 'x-amz-request-id', 'cneonction', 'server', 'content-length', 'content-type', 'etag') as $header) + { + unset($data['Headers'][$header]); + } + ksort($data['Headers']); + + if (count($grants) > 0) + { + foreach ($grants as $grant) + { + $dgrant = array( + 'id' => (string) $this->util->try_these(array('ID', 'URI'), $grant->Grantee), + 'permission' => (string) $grant->Permission + ); + + $data['ACL'][] = $dgrant; + } + } + + return $data; + } + + + /*%******************************************************************************************%*/ + // URLS + + /** + * Gets the web-accessible URL for the Amazon S3 object or generates a time-limited signed request for + * a private file. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string $filename (Required) The file name for the Amazon S3 object. + * @param integer|string $preauth (Optional) Specifies that a presigned URL for this request should be returned. May be passed as a number of seconds since UNIX Epoch, or any string compatible with . + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

https - boolean - Optional - Set to true if you would like the URL be in https mode. Otherwise, the default behavior is always to use http regardless of your SSL settings. + *
method - string - Optional - The HTTP method to use for the request. Defaults to a value of GET.
response - array - Optional - Allows adjustments to specific response headers. Pass an associative array where each key is one of the following: cache-control, content-disposition, content-encoding, content-language, content-type, expires. The expires value should use and be formatted with the DATE_RFC2822 constant.
torrent - boolean - Optional - A value of true will return a URL to a torrent of the Amazon S3 object. A value of false will return a non-torrent URL. Defaults to false.
versionId - string - Optional - The version of the object. Version IDs are returned in the x-amz-version-id header of any previous object-related request.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return string The file URL, with authentication and/or torrent parameters if requested. + * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/S3_QSAuth.html Using Query String Authentication + */ + public function get_object_url($bucket, $filename, $preauth = 0, $opt = null) + { + // Add this to our request + if (!$opt) $opt = array(); + $opt['verb'] = isset($opt['method']) ? $opt['method'] : 'GET'; + $opt['resource'] = $filename; + $opt['preauth'] = $preauth; + + if (isset($opt['torrent']) && $opt['torrent']) + { + $opt['sub_resource'] = 'torrent'; + unset($opt['torrent']); + } + + // GET responses + if (isset($opt['response'])) + { + foreach ($opt['response'] as $key => $value) + { + $opt['response-' . $key] = $value; + unset($opt['response'][$key]); + } + } + + // Determine whether or not to use SSL + $use_ssl = isset($opt['https']) ? (bool) $opt['https'] : false; + unset($opt['https']); + $current_use_ssl_setting = $this->use_ssl; + + // Authenticate to S3 + $this->use_ssl = $use_ssl; + $response = $this->authenticate($bucket, $opt); + $this->use_ssl = $current_use_ssl_setting; + + return $response; + } + + /** + * Gets the web-accessible URL to a torrent of the Amazon S3 object. The Amazon S3 object's access + * control list settings (ACL) MUST be set to for a valid URL to be returned. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string $filename (Required) The file name for the object. + * @param integer|string $preauth (Optional) Specifies that a presigned URL for this request should be returned. May be passed as a number of seconds since UNIX Epoch, or any string compatible with . + * @return string The torrent URL, with authentication parameters if requested. + * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/index.html?S3TorrentRetrieve.html Using BitTorrent to Retrieve Objects Stored in Amazon S3 + */ + public function get_torrent_url($bucket, $filename, $preauth = 0) + { + return $this->get_object_url($bucket, $filename, $preauth, array( + 'torrent' => true + )); + } + + + /*%******************************************************************************************%*/ + // VERSIONING + + /** + * Enables versioning support for the specified Amazon S3 bucket. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

MFASerial - string (Optional) The serial number on the back of the Gemalto device. MFASerial, MFAToken and MFAStatus must all be set for MFA to work.
MFAToken - string (Optional) The current token displayed on the Gemalto device. MFASerial, MFAToken and MFAStatus must all be set for MFA to work.
MFAStatus - string (Optional) The MFA Delete status. Can be Enabled or Disabled. MFASerial, MFAToken and MFAStatus must all be set for MFA to work.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + * @link http://aws.amazon.com/mfa/ Multi-Factor Authentication + */ + public function enable_versioning($bucket, $opt = null) + { + if (!$opt) $opt = array(); + + // Add this to our request + $opt['verb'] = 'PUT'; + $opt['sub_resource'] = 'versioning'; + $opt['headers'] = array( + 'Content-Type' => 'application/xml' + ); + + $xml = simplexml_load_string($this->base_versioning_xml); + $xml->addChild('Status', 'Enabled'); + + // Enable MFA delete? + // @codeCoverageIgnoreStart + if (isset($opt['MFASerial']) && isset($opt['MFAToken']) && isset($opt['MFAStatus'])) + { + $xml->addChild('MfaDelete', $opt['MFAStatus']); + $opt['headers']['x-amz-mfa'] = ($opt['MFASerial'] . ' ' . $opt['MFAToken']); + } + // @codeCoverageIgnoreEnd + + $opt['body'] = $xml->asXML(); + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Disables versioning support for the specified Amazon S3 bucket. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

MFASerial - string - Optional - The serial number on the back of the Gemalto device. MFASerial, MFAToken and MFAStatus must all be set for MFA to work.
MFAToken - string - Optional - The current token displayed on the Gemalto device. MFASerial, MFAToken and MFAStatus must all be set for MFA to work.
MFAStatus - string - Optional - The MFA Delete status. Can be Enabled or Disabled. MFASerial, MFAToken and MFAStatus must all be set for MFA to work.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + * @link http://aws.amazon.com/mfa/ Multi-Factor Authentication + */ + public function disable_versioning($bucket, $opt = null) + { + if (!$opt) $opt = array(); + + // Add this to our request + $opt['verb'] = 'PUT'; + $opt['sub_resource'] = 'versioning'; + $opt['headers'] = array( + 'Content-Type' => 'application/xml' + ); + + $xml = simplexml_load_string($this->base_versioning_xml); + $xml->addChild('Status', 'Suspended'); + + // Enable MFA delete? + // @codeCoverageIgnoreStart + if (isset($opt['MFASerial']) && isset($opt['MFAToken']) && isset($opt['MFAStatus'])) + { + $xml->addChild('MfaDelete', $opt['MFAStatus']); + $opt['headers']['x-amz-mfa'] = ($opt['MFASerial'] . ' ' . $opt['MFAToken']); + } + // @codeCoverageIgnoreEnd + + $opt['body'] = $xml->asXML(); + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Gets an Amazon S3 bucket's versioning status. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

preauth - integer|string - Optional - Specifies that a presigned URL for this request should be returned. May be passed as a number of seconds since UNIX Epoch, or any string compatible with .
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function get_versioning_status($bucket, $opt = null) + { + if (!$opt) $opt = array(); + $opt['verb'] = 'GET'; + $opt['sub_resource'] = 'versioning'; + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Gets a list of all the versions of Amazon S3 objects in the specified bucket. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

delimiter - string - Optional - Unicode string parameter. Keys that contain the same string between the prefix and the first occurrence of the delimiter will be rolled up into a single result element in the CommonPrefixes collection.
key-marker - string - Optional - Restricts the response to contain results that only occur alphabetically after the value of the key-marker.
max-keys - string - Optional - Limits the number of results returned in response to your query. Will return no more than this number of results, but possibly less.
prefix - string - Optional - Restricts the response to only contain results that begin with the specified prefix.
version-id-marker - string - Optional - Restricts the response to contain results that only occur alphabetically after the value of the version-id-marker.
preauth - integer|string - Optional - Specifies that a presigned URL for this request should be returned. May be passed as a number of seconds since UNIX Epoch, or any string compatible with .
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function list_bucket_object_versions($bucket, $opt = null) + { + if (!$opt) $opt = array(); + $opt['verb'] = 'GET'; + $opt['sub_resource'] = 'versions'; + + foreach (array('delimiter', 'key-marker', 'max-keys', 'prefix', 'version-id-marker') as $param) + { + if (isset($opt[$param])) + { + $opt['query_string'][$param] = $opt[$param]; + unset($opt[$param]); + } + } + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + + /*%******************************************************************************************%*/ + // BUCKET POLICIES + + /** + * Sets the policy sub-resource for the specified Amazon S3 bucket. The specified policy replaces any + * policy the bucket already has. + * + * To perform this operation, the caller must be authorized to set a policy for the bucket and have + * PutPolicy permissions. If the caller does not have PutPolicy permissions for the bucket, Amazon S3 + * returns a `403 Access Denied` error. If the caller has the correct permissions but has not been + * authorized by the bucket owner, Amazon S3 returns a `405 Method Not Allowed` error. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param CFPolicy $policy (Required) The JSON policy to use. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/AccessPolicyLanguage.html Appendix: The Access Policy Language + */ + public function set_bucket_policy($bucket, CFPolicy $policy, $opt = null) + { + if (!$opt) $opt = array(); + $opt['verb'] = 'PUT'; + $opt['sub_resource'] = 'policy'; + $opt['body'] = $policy->get_json(); + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Gets the policy of the specified Amazon S3 bucket. + * + * To use this operation, the caller must have GetPolicy permissions for the specified bucket and must be + * the bucket owner. If the caller does not have GetPolicy permissions, this method will generate a + * `403 Access Denied` error. If the caller has the correct permissions but is not the bucket owner, this + * method will generate a `405 Method Not Allowed` error. If the bucket does not have a policy defined for + * it, this method will generate a `404 Policy Not Found` error. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function get_bucket_policy($bucket, $opt = null) + { + if (!$opt) $opt = array(); + $opt['verb'] = 'GET'; + $opt['sub_resource'] = 'policy'; + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Deletes the bucket policy for the specified Amazon S3 bucket. To delete the policy, the caller must + * be the bucket owner and have `DeletePolicy` permissions for the specified bucket. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. If you do not have `DeletePolicy` permissions, Amazon S3 returns a `403 Access Denied` error. If you have the correct permissions, but are not the bucket owner, Amazon S3 returns a `405 Method Not Allowed` error. If the bucket doesn't have a policy, Amazon S3 returns a `204 No Content` error. + */ + public function delete_bucket_policy($bucket, $opt = null) + { + if (!$opt) $opt = array(); + $opt['verb'] = 'DELETE'; + $opt['sub_resource'] = 'policy'; + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + + /*%******************************************************************************************%*/ + // BUCKET NOTIFICATIONS + + /** + * Enables notifications of specified events for an Amazon S3 bucket. Currently, the + * `s3:ReducedRedundancyLostObject` event is the only event supported for notifications. The + * `s3:ReducedRedundancyLostObject` event is triggered when Amazon S3 detects that it has lost all + * copies of an Amazon S3 object and can no longer service requests for that object. + * + * If the bucket owner and Amazon SNS topic owner are the same, the bucket owner has permission to + * publish notifications to the topic by default. Otherwise, the owner of the topic must create a + * policy to enable the bucket owner to publish to the topic. + * + * By default, only the bucket owner can configure notifications on a bucket. However, bucket owners + * can use bucket policies to grant permission to other users to set this configuration with the + * `s3:PutBucketNotification` permission. + * + * After a PUT operation is called to configure notifications on a bucket, Amazon S3 publishes a test + * notification to ensure that the topic exists and that the bucket owner has permission to publish + * to the specified topic. If the notification is successfully published to the SNS topic, the PUT + * operation updates the bucket configuration and returns the 200 OK responses with a + * `x-amz-sns-test-message-id` header containing the message ID of the test notification sent to topic. + * + * @param string $bucket (Required) The name of the bucket to create bucket notifications for. + * @param string $topic_arn (Required) The SNS topic ARN to send notifications to. + * @param string $event (Required) The event type to listen for. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/NotificationHowTo.html Setting Up Notification of Bucket Events + */ + public function create_bucket_notification($bucket, $topic_arn, $event, $opt = null) + { + if (!$opt) $opt = array(); + $opt['verb'] = 'PUT'; + $opt['sub_resource'] = 'notification'; + $opt['headers'] = array( + 'Content-Type' => 'application/xml' + ); + + $xml = simplexml_load_string($this->base_notification_xml); + $topic_config = $xml->addChild('TopicConfiguration'); + $topic_config->addChild('Topic', $topic_arn); + $topic_config->addChild('Event', $event); + + $opt['body'] = $xml->asXML(); + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Gets the notification configuration of a bucket. Currently, the `s3:ReducedRedundancyLostObject` event + * is the only event supported for notifications. The `s3:ReducedRedundancyLostObject` event is triggered + * when Amazon S3 detects that it has lost all replicas of a Reduced Redundancy Storage object and can no + * longer service requests for that object. + * + * If notifications are not enabled on the bucket, the operation returns an empty + * `NotificatonConfiguration` element. + * + * By default, you must be the bucket owner to read the notification configuration of a bucket. However, + * the bucket owner can use a bucket policy to grant permission to other users to read this configuration + * with the `s3:GetBucketNotification` permission. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/NotificationHowTo.html Setting Up Notification of Bucket Events + */ + public function delete_bucket_notification($bucket, $opt = null) + { + if (!$opt) $opt = array(); + $opt['verb'] = 'PUT'; + $opt['sub_resource'] = 'notification'; + $opt['body'] = $this->base_notification_xml; + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + + /*%******************************************************************************************%*/ + // MULTIPART UPLOAD + + /** + * Calculates the correct values for sequentially reading a file for multipart upload. This method should + * be used in conjunction with . + * + * @param integer $filesize (Required) The size in bytes of the entire file. + * @param integer $part_size (Required) The size in bytes of the part of the file to send. + * @return array An array containing key-value pairs. The keys are `seekTo` and `length`. + */ + public function get_multipart_counts($filesize, $part_size) + { + $i = 0; + $sizecount = $filesize; + $values = array(); + + while ($sizecount > 0) + { + $sizecount -= $part_size; + $values[] = array( + 'seekTo' => ($part_size * $i), + 'length' => (($sizecount > 0) ? $part_size : ($sizecount + $part_size)), + ); + $i++; + } + + return $values; + } + + /** + * Initiates a multipart upload and returns an `UploadId`. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string $filename (Required) The file name for the object. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

acl - string - Optional - The ACL settings for the specified object. [Allowed values: AmazonS3::ACL_PRIVATE, AmazonS3::ACL_PUBLIC, AmazonS3::ACL_OPEN, AmazonS3::ACL_AUTH_READ, AmazonS3::ACL_OWNER_READ, AmazonS3::ACL_OWNER_FULL_CONTROL]. The default value is ACL_PRIVATE.
contentType - string - Optional - The type of content that is being sent. The default value is application/octet-stream.
encryption - string - Optional - The algorithm to use for encrypting the object. [Allowed values: AES256]
headers - array - Optional - Standard HTTP headers to send along in the request. Accepts an associative array of key-value pairs.
meta - array - Optional - An associative array of key-value pairs. Any header starting with x-amz-meta-: is considered user metadata. It will be stored with the object and returned when you retrieve the object. The total size of the HTTP request, not including the body, must be less than 4 KB.
storage - string - Optional - Whether to use Standard or Reduced Redundancy storage. [Allowed values: AmazonS3::STORAGE_STANDARD, AmazonS3::STORAGE_REDUCED]. The default value is STORAGE_STANDARD.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/RESTAccessPolicy.html REST Access Control Policy + */ + public function initiate_multipart_upload($bucket, $filename, $opt = null) + { + if (!$opt) $opt = array(); + + // Add this to our request + $opt['verb'] = 'POST'; + $opt['resource'] = $filename; + $opt['sub_resource'] = 'uploads'; + $opt['body'] = ''; + + // Handle content type. Can also be passed as an HTTP header. + if (isset($opt['contentType'])) + { + $opt['headers']['Content-Type'] = $opt['contentType']; + unset($opt['contentType']); + } + + // Set a default content type. + if (!isset($opt['headers']['Content-Type'])) + { + $opt['headers']['Content-Type'] = 'application/octet-stream'; + } + + // Handle Access Control Lists. Can also be passed as an HTTP header. + if (isset($opt['acl'])) + { + $opt['headers']['x-amz-acl'] = $opt['acl']; + unset($opt['acl']); + } + + // Handle storage settings. Can also be passed as an HTTP header. + if (isset($opt['storage'])) + { + $opt['headers']['x-amz-storage-class'] = $opt['storage']; + unset($opt['storage']); + } + + // Handle encryption settings. Can also be passed as an HTTP header. + if (isset($opt['encryption'])) + { + $opt['headers']['x-amz-server-side-encryption'] = $opt['encryption']; + unset($opt['encryption']); + } + + // Handle meta tags. Can also be passed as an HTTP header. + if (isset($opt['meta'])) + { + foreach ($opt['meta'] as $meta_key => $meta_value) + { + // e.g., `My Meta Header` is converted to `x-amz-meta-my-meta-header`. + $opt['headers']['x-amz-meta-' . strtolower(str_replace(' ', '-', $meta_key))] = $meta_value; + } + unset($opt['meta']); + } + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Uploads a single part of a multipart upload. The part size cannot be smaller than 5 MB + * or larger than 5 TB. A multipart upload can have no more than 10,000 parts. + * + * Amazon S3 charges for storage as well as requests to the service. Smaller part sizes (and more + * requests) allow for faster failures and better upload reliability. Larger part sizes (and fewer + * requests) costs slightly less but has lower upload reliability. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string $filename (Required) The file name for the object. + * @param string $upload_id (Required) The upload ID identifying the multipart upload whose parts are being listed. The upload ID is retrieved from a call to . + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

fileUpload - string|resource - Required - The URL/path for the file to upload or an open resource.
partNumber - integer - Required - The part number order of the multipart upload.
expect - string - Optional - Specifies that the SDK not send the request body until it receives an acknowledgement. If the message is rejected based on the headers, the body of the message is not sent. For more information, see RFC 2616, section 14.20. The value can also be passed to the header option as Expect. [Allowed values: 100-continue]
headers - array - Optional - Standard HTTP headers to send along in the request. Accepts an associative array of key-value pairs.
length - integer - Optional - The size of the part in bytes. For more information, see RFC 2616, section 14.13. The value can also be passed to the header option as Content-Length.
md5 - string - Optional - The base64 encoded 128-bit MD5 digest of the part data. This header can be used as a message integrity check to verify that the part data is the same data that was originally sent. Although it is optional, we recommend using this mechanism as an end-to-end integrity check. For more information, see RFC 1864. The value can also be passed to the header option as Content-MD5.
seekTo - integer - Optional - The starting position in bytes for the piece of the file/stream to upload.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function upload_part($bucket, $filename, $upload_id, $opt = null) + { + if (!$opt) $opt = array(); + + // Add this to our request + $opt['verb'] = 'PUT'; + $opt['resource'] = $filename; + $opt['uploadId'] = $upload_id; + + if (!isset($opt['fileUpload']) || !isset($opt['partNumber'])) + { + throw new S3_Exception('The `fileUpload` and `partNumber` options are both required in ' . __FUNCTION__ . '().'); + } + + // Handle expectation. Can also be passed as an HTTP header. + if (isset($opt['expect'])) + { + $opt['headers']['Expect'] = $opt['expect']; + unset($opt['expect']); + } + + // Handle content length. Can also be passed as an HTTP header. + if (isset($opt['length'])) + { + $opt['headers']['Content-Length'] = $opt['length']; + unset($opt['length']); + } + + // Handle content md5. Can also be passed as an HTTP header. + if (isset($opt['md5'])) + { + $opt['headers']['Content-MD5'] = $opt['md5']; + unset($opt['md5']); + } + + $opt['headers']['Expect'] = '100-continue'; + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Lists the completed parts of an in-progress multipart upload. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string $filename (Required) The file name for the object. + * @param string $upload_id (Required) The upload ID identifying the multipart upload whose parts are being listed. The upload ID is retrieved from a call to . + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

max-parts - integer - Optional - The maximum number of parts to return in the response body.
part-number-marker - string - Optional - Restricts the response to contain results that only occur numerically after the value of the part-number-marker.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function list_parts($bucket, $filename, $upload_id, $opt = null) + { + if (!$opt) $opt = array(); + + // Add this to our request + $opt['verb'] = 'GET'; + $opt['resource'] = $filename; + $opt['uploadId'] = $upload_id; + $opt['query_string'] = array(); + + foreach (array('max-parts', 'part-number-marker') as $param) + { + if (isset($opt[$param])) + { + $opt['query_string'][$param] = $opt[$param]; + unset($opt[$param]); + } + } + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Aborts an in-progress multipart upload. This operation cannot be reversed. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string $filename (Required) The file name for the object. + * @param string $upload_id (Required) The upload ID identifying the multipart upload whose parts are being listed. The upload ID is retrieved from a call to . + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function abort_multipart_upload($bucket, $filename, $upload_id, $opt = null) + { + if (!$opt) $opt = array(); + + // Add this to our request + $opt['verb'] = 'DELETE'; + $opt['resource'] = $filename; + $opt['uploadId'] = $upload_id; + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Completes an in-progress multipart upload. A multipart upload is completed by describing the part + * numbers and corresponding ETag values in order, and submitting that data to Amazon S3 as an XML document. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string $filename (Required) The file name for the object. + * @param string $upload_id (Required) The upload ID identifying the multipart upload whose parts are being listed. The upload ID is retrieved from a call to . + * @param string|array|SimpleXMLElement|CFResponse $parts (Required) The completion XML document. This document can be provided in multiple ways; as a string of XML, as a object representing the XML document, as an indexed array of associative arrays where the keys are PartNumber and ETag, or as a object returned by . + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function complete_multipart_upload($bucket, $filename, $upload_id, $parts, $opt = null) + { + if (!$opt) $opt = array(); + + // Add this to our request + $opt['verb'] = 'POST'; + $opt['resource'] = $filename; + $opt['uploadId'] = $upload_id; + $opt['headers'] = array( + 'Content-Type' => 'application/xml' + ); + + // Disable Content-MD5 calculation for this operation + $opt['NoContentMD5'] = true; + + if (is_string($parts)) + { + // Assume it's the intended XML. + $opt['body'] = $parts; + } + elseif ($parts instanceof SimpleXMLElement) + { + // Assume it's a SimpleXMLElement object representing the XML. + $opt['body'] = $parts->asXML(); + } + elseif (is_array($parts) || $parts instanceof CFResponse) + { + $xml = simplexml_load_string($this->complete_mpu_xml); + + if (is_array($parts)) + { + // Generate the appropriate XML. + foreach ($parts as $node) + { + $part = $xml->addChild('Part'); + $part->addChild('PartNumber', $node['PartNumber']); + $part->addChild('ETag', $node['ETag']); + } + + } + elseif ($parts instanceof CFResponse) + { + // Assume it's a response from list_parts(). + foreach ($parts->body->Part as $node) + { + $part = $xml->addChild('Part'); + $part->addChild('PartNumber', (string) $node->PartNumber); + $part->addChild('ETag', (string) $node->ETag); + } + } + + $opt['body'] = $xml->asXML(); + } + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Lists the in-progress multipart uploads. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

delimiter - string - Optional - Keys that contain the same string between the prefix and the first occurrence of the delimiter will be rolled up into a single result element in the CommonPrefixes collection.
key-marker - string - Optional - Restricts the response to contain results that only occur alphabetically after the value of the key-marker. If used in conjunction with upload-id-marker, the results will be filtered to include keys whose upload ID is alphabetically after the value of upload-id-marker.
upload-id-marker - string - Optional - Restricts the response to contain results that only occur alphabetically after the value of the upload-id-marker. Must be used in conjunction with key-marker.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function list_multipart_uploads($bucket, $opt = null) + { + if (!$opt) $opt = array(); + + // Add this to our request + $opt['verb'] = 'GET'; + $opt['sub_resource'] = 'uploads'; + + foreach (array('key-marker', 'max-uploads', 'upload-id-marker') as $param) + { + if (isset($opt[$param])) + { + $opt['query_string'][$param] = $opt[$param]; + unset($opt[$param]); + } + } + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Since Amazon S3's standard operation only supports copying objects that are smaller than + * 5 GB, the ability to copy large objects (greater than 5 GB) requires the use of "Multipart Copy". + * + * Copying large objects requires the developer to initiate a new multipart "upload", copy pieces of the + * large object (specifying a range of bytes up to 5 GB from the large source file), then complete the + * multipart "upload". + * + * NOTE: This is a synchronous operation, not an asynchronous operation, which means + * that Amazon S3 will not return a response for this operation until the copy has completed across the Amazon + * S3 server fleet. Copying objects within a single region will complete more quickly than copying objects + * across regions. The synchronous nature of this operation is different from other services where + * responses are typically returned immediately, even if the operation itself has not yet been completed on + * the server-side. + * + * @param array $source (Required) The bucket and file name to copy from. The following keys must be set:

bucket - string - Required - Specifies the name of the bucket containing the source object.
filename - string - Required - Specifies the file name of the source object to copy.

+ * @param array $dest (Required) The bucket and file name to copy to. The following keys must be set:

bucket - string - Required - Specifies the name of the bucket to copy the object to.
filename - string - Required - Specifies the file name to copy the object to.

+ * @param string $upload_id (Required) The upload ID identifying the multipart upload whose parts are being listed. The upload ID is retrieved from a call to . + * @param integer $part_number (Required) A part number uniquely identifies a part and defines its position within the destination object. When you complete a multipart upload, a complete object is created by concatenating parts in ascending order based on part number. If you copy a new part using the same part number as a previously copied/uploaded part, the previously written part is overwritten. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

ifMatch - string - Optional - The ETag header from a previous request. Copies the object if its entity tag (ETag) matches the specified tag; otherwise, the request returns a 412 HTTP status code error (precondition failed). Used in conjunction with ifUnmodifiedSince.
ifUnmodifiedSince - string - Optional - The LastModified header from a previous request. Copies the object if it hasn't been modified since the specified time; otherwise, the request returns a 412 HTTP status code error (precondition failed). Used in conjunction with ifMatch.
ifNoneMatch - string - Optional - The ETag header from a previous request. Copies the object if its entity tag (ETag) is different than the specified ETag; otherwise, the request returns a 412 HTTP status code error (failed condition). Used in conjunction with ifModifiedSince.
ifModifiedSince - string - Optional - The LastModified header from a previous request. Copies the object if it has been modified since the specified time; otherwise, the request returns a 412 HTTP status code error (failed condition). Used in conjunction with ifNoneMatch.
range - string - Optional - The range of bytes to copy from the object. Specify this parameter when copying partial bits. The specified range must be notated with a hyphen (e.g., 0-10485759). Defaults to the byte range of the complete Amazon S3 object.
versionId - string - Optional - The version of the object to copy. Version IDs are returned in the x-amz-version-id header of any previous object-related request.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function copy_part($source, $dest, $upload_id, $part_number, $opt = null) + { + if (!$opt) $opt = array(); + + // Add this to our request + $opt['verb'] = 'PUT'; + $opt['resource'] = $dest['filename']; + $opt['uploadId'] = $upload_id; + $opt['partNumber'] = $part_number; + + // Handle copy source + if (isset($source['bucket']) && isset($source['filename'])) + { + $opt['headers']['x-amz-copy-source'] = '/' . $source['bucket'] . '/' . rawurlencode($source['filename']) + . (isset($opt['versionId']) ? ('?' . 'versionId=' . rawurlencode($opt['versionId'])) : ''); // Append the versionId to copy, if available + unset($opt['versionId']); + } + + // Handle conditional-copy parameters + if (isset($opt['ifMatch'])) + { + $opt['headers']['x-amz-copy-source-if-match'] = $opt['ifMatch']; + unset($opt['ifMatch']); + } + if (isset($opt['ifNoneMatch'])) + { + $opt['headers']['x-amz-copy-source-if-none-match'] = $opt['ifNoneMatch']; + unset($opt['ifNoneMatch']); + } + if (isset($opt['ifUnmodifiedSince'])) + { + $opt['headers']['x-amz-copy-source-if-unmodified-since'] = $opt['ifUnmodifiedSince']; + unset($opt['ifUnmodifiedSince']); + } + if (isset($opt['ifModifiedSince'])) + { + $opt['headers']['x-amz-copy-source-if-modified-since'] = $opt['ifModifiedSince']; + unset($opt['ifModifiedSince']); + } + + // Partial content range + if (isset($opt['range'])) + { + $opt['headers']['x-amz-copy-source-range'] = 'bytes=' . $opt['range']; + } + + // Authenticate to S3 + return $this->authenticate($dest['bucket'], $opt); + } + + /** + * Creates an Amazon S3 object using the multipart upload APIs. It is analogous to . + * + * While each individual part of a multipart upload can hold up to 5 GB of data, this method limits the + * part size to a maximum of 500 MB. The combined size of all parts can not exceed 5 TB of data. When an + * object is stored in Amazon S3, the data is streamed to multiple storage servers in multiple data + * centers. This ensures the data remains available in the event of internal network or hardware failure. + * + * Amazon S3 charges for storage as well as requests to the service. Smaller part sizes (and more + * requests) allow for faster failures and better upload reliability. Larger part sizes (and fewer + * requests) costs slightly less but has lower upload reliability. + * + * In certain cases with large objects, it's possible for this method to attempt to open more file system + * connections than allowed by the OS. In this case, either + * increase the number of connections + * allowed or increase the value of the partSize parameter to use a larger part size. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string $filename (Required) The file name for the object. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

fileUpload - string|resource - Required - The URL/path for the file to upload, or an open resource.
acl - string - Optional - The ACL settings for the specified object. [Allowed values: AmazonS3::ACL_PRIVATE, AmazonS3::ACL_PUBLIC, AmazonS3::ACL_OPEN, AmazonS3::ACL_AUTH_READ, AmazonS3::ACL_OWNER_READ, AmazonS3::ACL_OWNER_FULL_CONTROL]. The default value is ACL_PRIVATE.
contentType - string - Optional - The type of content that is being sent in the body. The default value is application/octet-stream.
headers - array - Optional - Standard HTTP headers to send along in the request. Accepts an associative array of key-value pairs.
length - integer - Optional - The size of the object in bytes. For more information, see RFC 2616, section 14.13. The value can also be passed to the header option as Content-Length.
limit - integer - Optional - The maximum number of concurrent uploads done by cURL. Gets passed to CFBatchRequest.
meta - array - Optional - An associative array of key-value pairs. Any header starting with x-amz-meta-: is considered user metadata. It will be stored with the object and returned when you retrieve the object. The total size of the HTTP request, not including the body, must be less than 4 KB.
partSize - integer - Optional - The size of an individual part. The size may not be smaller than 5 MB or larger than 500 MB. The default value is 50 MB.
seekTo - integer - Optional - The starting position in bytes for the first piece of the file/stream to upload.
storage - string - Optional - Whether to use Standard or Reduced Redundancy storage. [Allowed values: AmazonS3::STORAGE_STANDARD, AmazonS3::STORAGE_REDUCED]. The default value is STORAGE_STANDARD.
uploadId - string - Optional - An upload ID identifying an existing multipart upload to use. If this option is not set, one will be created automatically.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/RESTAccessPolicy.html REST Access Control Policy + */ + public function create_mpu_object($bucket, $filename, $opt = null) + { + if ($this->use_batch_flow) + { + throw new S3_Exception(__FUNCTION__ . '() cannot be batch requested'); + } + + if (!$opt) $opt = array(); + + // Handle content length. Can also be passed as an HTTP header. + if (isset($opt['length'])) + { + $opt['headers']['Content-Length'] = $opt['length']; + unset($opt['length']); + } + + if (!isset($opt['fileUpload'])) + { + throw new S3_Exception('The `fileUpload` option is required in ' . __FUNCTION__ . '().'); + } + elseif (is_resource($opt['fileUpload'])) + { + $opt['limit'] = 1; // We can only read from this one resource. + $upload_position = isset($opt['seekTo']) ? (integer) $opt['seekTo'] : ftell($opt['fileUpload']); + $upload_filesize = isset($opt['headers']['Content-Length']) ? (integer) $opt['headers']['Content-Length'] : null; + + if (!isset($upload_filesize) && $upload_position !== false) + { + $stats = fstat($opt['fileUpload']); + + if ($stats && $stats['size'] >= 0) + { + $upload_filesize = $stats['size'] - $upload_position; + } + } + } + else + { + $upload_position = isset($opt['seekTo']) ? (integer) $opt['seekTo'] : 0; + + if (isset($opt['headers']['Content-Length'])) + { + $upload_filesize = (integer) $opt['headers']['Content-Length']; + } + else + { + $upload_filesize = filesize($opt['fileUpload']); + + if ($upload_filesize !== false) + { + $upload_filesize -= $upload_position; + } + } + } + + if ($upload_position === false || !isset($upload_filesize) || $upload_filesize === false || $upload_filesize < 0) + { + throw new S3_Exception('The size of `fileUpload` cannot be determined in ' . __FUNCTION__ . '().'); + } + + // Handle part size + if (isset($opt['partSize'])) + { + // If less that 5 MB... + if ((integer) $opt['partSize'] < 5242880) + { + $opt['partSize'] = 5242880; // 5 MB + } + // If more than 500 MB... + elseif ((integer) $opt['partSize'] > 524288000) + { + $opt['partSize'] = 524288000; // 500 MB + } + } + else + { + $opt['partSize'] = 52428800; // 50 MB + } + + // If the upload size is smaller than the piece size, failover to create_object(). + if ($upload_filesize < $opt['partSize'] && !isset($opt['uploadId'])) + { + return $this->create_object($bucket, $filename, $opt); + } + + // Initiate multipart upload + if (isset($opt['uploadId'])) + { + $upload_id = $opt['uploadId']; + } + else + { + // Compose options for initiate_multipart_upload(). + $_opt = array(); + foreach (array('contentType', 'acl', 'storage', 'headers', 'meta') as $param) + { + if (isset($opt[$param])) + { + $_opt[$param] = $opt[$param]; + } + } + + $upload = $this->initiate_multipart_upload($bucket, $filename, $_opt); + if (!$upload->isOK()) + { + return $upload; + } + + // Fetch the UploadId + $upload_id = (string) $upload->body->UploadId; + } + + // Get the list of pieces + $pieces = $this->get_multipart_counts($upload_filesize, (integer) $opt['partSize']); + + // Queue batch requests + $batch = new CFBatchRequest(isset($opt['limit']) ? (integer) $opt['limit'] : null); + foreach ($pieces as $i => $piece) + { + $this->batch($batch)->upload_part($bucket, $filename, $upload_id, array( + 'expect' => '100-continue', + 'fileUpload' => $opt['fileUpload'], + 'partNumber' => ($i + 1), + 'seekTo' => $upload_position + (integer) $piece['seekTo'], + 'length' => (integer) $piece['length'], + )); + } + + // Send batch requests + $batch_responses = $this->batch($batch)->send(); + if (!$batch_responses->areOK()) + { + return $batch_responses; + } + + // Compose completion XML + $parts = array(); + foreach ($batch_responses as $i => $response) + { + $parts[] = array('PartNumber' => ($i + 1), 'ETag' => $response->header['etag']); + } + + return $this->complete_multipart_upload($bucket, $filename, $upload_id, $parts); + } + + /** + * Aborts all multipart uploads initiated before the specified date. This operation cannot be reversed. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param string|integer $when (Optional) The time and date to use for comparison. Accepts any value that understands. + * @return CFArray A containing a series of 0 or more objects, containing a parsed HTTP response. + */ + public function abort_multipart_uploads_by_date($bucket, $when = null) + { + if ($this->use_batch_flow) + { + // @codeCoverageIgnoreStart + throw new S3_Exception(__FUNCTION__ . '() cannot be batch requested'); + // @codeCoverageIgnoreEnd + } + + $when = $when ? $when : time(); + $handles = array(); + $data = $this->list_multipart_uploads($bucket)->body; + $when = is_int($when) ? $when : strtotime($when); + + if (!($data instanceof CFSimpleXML)) + { + return false; + } + + $list = $data->query('descendant-or-self::Upload/Initiated'); + + if (count($list) > 0) + { + foreach ($list as $node) + { + if (strtotime((string) $node) < $when) + { + $q = new CFBatchRequest(); + $parent = $node->parent(); + + $upload_id = $parent + ->query('descendant-or-self::UploadId') + ->first() + ->to_string(); + + $filename = $parent + ->query('descendant-or-self::Key') + ->first() + ->to_string(); + + $handles[] = $this->abort_multipart_upload($bucket, $filename, $upload_id, array( + 'returnCurlHandle' => true + )); + } + } + + $http = new CFRequest(); + $responses = $http->send_multi_request($handles); + + if (is_array($responses) && count($responses) > 0) + { + return new CFArray($responses); + } + } + + return new CFArray(); + } + + + /*%******************************************************************************************%*/ + // WEBSITE CONFIGURATION + + /** + * Enables and configures an Amazon S3 website using the corresponding bucket as the content source. + * The website will have one default domain name associated with it, which is the bucket name. If you + * attempt to configure an Amazon S3 website for a bucket whose name is not compatible with DNS, + * Amazon S3 returns an InvalidBucketName error. For more information on bucket names and DNS, + * refer to Bucket Restrictions and Limitations. + * + * To visit the bucket as a website a new endpoint is created in the following pattern: + * http://<bucketName>.s3-website-<region>.amazonaws.com. This is a sample URL + * for a bucket called example-bucket in the us-east-1 region. + * (e.g., http://example-bucket.s3-website-us-east-1.amazonaws.com) + * + * @param string $bucket (Required) The name of the bucket to use. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

indexDocument - string - Optional - The file path to use as the root document. The default value is index.html.
errorDocument - string - Optional - The file path to use as the error document. The default value is error.html.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function create_website_config($bucket, $opt = null) + { + if (!$opt) $opt = array(); + $opt['verb'] = 'PUT'; + $opt['sub_resource'] = 'website'; + + $xml = simplexml_load_string($this->website_config_xml); + if (isset($opt['indexDocument'])) + { + $xml->IndexDocument->Suffix = $opt['indexDocument']; + } + if (isset($opt['errorDocument'])) + { + $xml->ErrorDocument->Key = $opt['errorDocument']; + } + + $opt['body'] = $xml->asXML(); + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Retrieves the website configuration for a bucket. The contents of this response are identical to the + * content submitted by the user during the website creation operation. If a website configuration has + * never been set, Amazon S3 will return a 404 error. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function get_website_config($bucket, $opt = null) + { + if (!$opt) $opt = array(); + $opt['verb'] = 'GET'; + $opt['sub_resource'] = 'website'; + $opt['headers'] = array( + 'Content-Type' => 'application/xml' + ); + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + /** + * Removes the website configuration for a bucket. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function delete_website_config($bucket, $opt = null) + { + if (!$opt) $opt = array(); + $opt['verb'] = 'DELETE'; + $opt['sub_resource'] = 'website'; + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + + /*%******************************************************************************************%*/ + // OBJECT EXPIRATION + + /** + * Enables the ability to specify an expiry period for objects when an object should be deleted, + * measured as number of days from creation time. Amazon S3 guarantees that the object will be + * deleted when the expiration time is passed. + * + * @param string $bucket (Required) The name of the bucket to use. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

rules - string - Required - The object expiration rule-sets to apply to the bucket.
- x - array - Required - This represents a simple array index.
  - id - string - Optional - Unique identifier for the rule. The value cannot be longer than 255 characters. + *
  - prefix - string - Required - The Amazon S3 object prefix which targets the file(s) for expiration.
  - expiration - array - Required - The container for the unit of measurement by which the expiration time is calculated.
    - days - integer - Required - The number of days until the targetted objects expire from the bucket.
  - enabled - boolean - Optional - Whether or not to enable this rule-set. A value of true enables the rule-set. A value of false disables the rule-set. The default value is true.
curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

+ * @return CFResponse A object containing a parsed HTTP response. + */ + public function create_object_expiration_config($bucket, $opt = null) + { + if (!$opt) $opt = array(); + $opt['verb'] = 'PUT'; + $opt['sub_resource'] = 'lifecycle'; + $opt['headers'] = array( + 'Content-Type' => 'application/xml' + ); + + $xml = simplexml_load_string($this->object_expiration_xml, $this->parser_class); + + if (isset($opt['rules']) && is_array($opt['rules']) && count($opt['rules'])) + { + foreach ($opt['rules'] as $rule) + { + $xrule = $xml->addChild('Rule'); + + // ID + if (isset($rule['id'])) + { + if (strlen($rule['id']) > 255) + { + throw new S3_Exception('The "id" for a rule must not be more than 255 characters in the ' . __FUNCTION__ . ' method.'); + } + + $xrule->addChild('ID', $rule['id']); + } + + // Prefix + if (isset($rule['prefix'])) + { + $xrule->addChild('Prefix', $rule['prefix']); + } + else + { + throw new S3_Exception('Each rule requires a "prefix" in the ' . __FUNCTION__ . ' method.'); + } + + // Status + $enabled = 'Enabled'; + if (isset($rule['enabled'])) + { + if (is_bool($rule['enabled'])) // Boolean + { + $enabled = $rule['enabled'] ? 'Enabled' : 'Disabled'; + } + elseif (is_string($rule['enabled'])) // String + { + $enabled = (strtolower($rule['enabled']) === 'true') ? 'Enabled' : 'Disabled'; + } + + $xrule->addChild('Status', $enabled); + } + else + { + $xrule->addChild('Status', 'Enabled'); + } + + // Expiration + if (isset($rule['expiration'])) + { + $xexpiration = $xrule->addChild('Expiration'); + + if (isset($rule['expiration']['days'])) + { + $xexpiration->addChild('Days', $rule['expiration']['days']); + } + } + else + { + throw new S3_Exception('Each rule requires a "expiration" in the ' . __FUNCTION__ . ' method.'); + } + } + } + + $opt['body'] = $xml->asXML(); + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + public function get_object_expiration_config($bucket, $opt = null) + { + if (!$opt) $opt = array(); + $opt['verb'] = 'GET'; + $opt['sub_resource'] = 'lifecycle'; + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + public function delete_object_expiration_config($bucket, $opt = null) + { + if (!$opt) $opt = array(); + $opt['verb'] = 'DELETE'; + $opt['sub_resource'] = 'lifecycle'; + + // Authenticate to S3 + return $this->authenticate($bucket, $opt); + } + + + /*%******************************************************************************************%*/ + // MISCELLANEOUS + + /** + * Gets the canonical user ID and display name from the Amazon S3 server. + * + * @return array An associative array containing the `id` and `display_name` values. + */ + public function get_canonical_user_id() + { + if ($this->use_batch_flow) + { + throw new S3_Exception(__FUNCTION__ . '() cannot be batch requested'); + } + + $id = $this->list_buckets(); + + return array( + 'id' => (string) $id->body->Owner->ID, + 'display_name' => (string) $id->body->Owner->DisplayName + ); + } + + /** + * Loads and registers the S3StreamWrapper class as a stream wrapper. + * + * @param string $protocol (Optional) The name of the protocol to register. + * @return boolean Whether or not the registration succeeded. + */ + public function register_stream_wrapper($protocol = 's3') + { + require_once dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'extensions' + . DIRECTORY_SEPARATOR . 's3streamwrapper.class.php'; + + return S3StreamWrapper::register($this, $protocol); + } +} diff --git a/3rdparty/aws-sdk/utilities/array.class.php b/3rdparty/aws-sdk/utilities/array.class.php new file mode 100644 index 00000000000..dea673546f8 --- /dev/null +++ b/3rdparty/aws-sdk/utilities/array.class.php @@ -0,0 +1,312 @@ + object extends PHP's built-in object by providing convenience methods for + * rapidly manipulating array data. Specifically, the `CFArray` object is intended for working with + * and objects that are returned by AWS services. + * + * @version 2012.01.17 + * @license See the included NOTICE.md file for more information. + * @copyright See the included NOTICE.md file for more information. + * @link http://aws.amazon.com/php/ PHP Developer Center + * @link http://php.net/ArrayObject ArrayObject + */ +class CFArray extends ArrayObject +{ + /** + * Constructs a new instance of . + * + * @param mixed $input (Optional) The input parameter accepts an array or an Object. The default value is an empty array. + * @param integer $flags (Optional) Flags to control the behavior of the ArrayObject object. Defaults to . + * @param string $iterator_class (Optional) Specify the class that will be used for iteration of the object. is the default class used. + * @return mixed Either an array of matches, or a single element. + */ + public function __construct($input = array(), $flags = self::STD_PROP_LIST, $iterator_class = 'ArrayIterator') + { + // Provide a default value + $input = $input ? $input : array(); + + try { + return parent::__construct($input, $flags, $iterator_class); + } + catch (InvalidArgumentException $e) + { + throw new CFArray_Exception($e->getMessage()); + } + } + + /** + * Alternate approach to constructing a new instance. Supports chaining. + * + * @param mixed $input (Optional) The input parameter accepts an array or an Object. The default value is an empty array. + * @param integer $flags (Optional) Flags to control the behavior of the ArrayObject object. Defaults to . + * @param string $iterator_class (Optional) Specify the class that will be used for iteration of the object. is the default class used. + * @return mixed Either an array of matches, or a single element. + */ + public static function init($input = array(), $flags = self::STD_PROP_LIST, $iterator_class = 'ArrayIterator') + { + if (version_compare(PHP_VERSION, '5.3.0', '<')) + { + throw new Exception('PHP 5.3 or newer is required to instantiate a new class with CLASS::init().'); + } + + $self = get_called_class(); + return new $self($input, $flags, $iterator_class); + } + + /** + * Handles how the object is rendered when cast as a string. + * + * @return string The word "Array". + */ + public function __toString() + { + return 'Array'; + } + + + /*%******************************************************************************************%*/ + // REFORMATTING + + /** + * Maps each element in the object as an integer. + * + * @return array The contents of the object mapped as integers. + */ + public function map_integer() + { + return array_map('intval', $this->getArrayCopy()); + } + + /** + * Maps each element in the CFArray object as a string. + * + * @param string $pcre (Optional) A Perl-Compatible Regular Expression (PCRE) to filter the names against. + * @return array The contents of the object mapped as strings. If there are no results, the method will return an empty array. + */ + public function map_string($pcre = null) + { + $list = array_map('strval', $this->getArrayCopy()); + $dlist = array(); + + if ($pcre) + { + foreach ($list as $item) + { + $dlist[] = preg_match($pcre, $item) ? $item : null; + } + + $list = array_values(array_filter($dlist)); + } + + return $list; + } + + + /*%******************************************************************************************%*/ + // CONFIRMATION + + /** + * Verifies that _all_ responses were successful. A single failed request will cause to return false. Equivalent to , except it applies to all responses. + * + * @return boolean Whether _all_ requests were successful or not. + */ + public function areOK() + { + $dlist = array(); + $list = $this->getArrayCopy(); + + foreach ($list as $response) + { + if ($response instanceof CFResponse) + { + $dlist[] = $response->isOK(); + } + } + + return (array_search(false, $dlist, true) !== false) ? false : true; + } + + + /*%******************************************************************************************%*/ + // ITERATING AND EXECUTING + + /** + * Iterates over a object, and executes a function for each matched element. + * + * The callback function takes three parameters:

$item - mixed - Optional - The individual node in the array.
$key - mixed - Optional - The key for the array node.
$bind - mixed - Optional - The variable that was passed into the $bind parameter.

$item - mixed - Optional - The individual node in the array.
$key - mixed - Optional - The key for the array node.
$bind - mixed - Optional - The variable that was passed into the $bind parameter.

$item - mixed - Optional - The individual node in the array.
$key - mixed - Optional - The key for the array node.
$bind - mixed - Optional - The variable that was passed into the $bind parameter.

+ * + * @param string|function $callback (Required) The callback function to execute. PHP 5.3 or newer can use an anonymous function. + * @param mixed $bind (Optional) A variable from the calling scope to pass-by-reference into the local scope of the callback function. + * @return CFArray A new object containing the return values. + */ + public function filter($callback, &$bind = null) + { + $items = $this->getArrayCopy(); + $collect = array(); + + foreach ($items as $key => &$item) + { + if ($callback($item, $key, $bind) !== false) + { + $collect[] = $item; + } + } + + return new CFArray($collect); + } + + /** + * Alias for . This functionality was incorrectly named _reduce_ in earlier versions of the SDK. + * + * @param string|function $callback (Required) The callback function to execute. PHP 5.3 or newer can use an anonymous function. + * @param mixed $bind (Optional) A variable from the calling scope to pass-by-reference into the local scope of the callback function. + * @return CFArray A new object containing the return values. + */ + public function reduce($callback, &$bind = null) + { + return $this->filter($callback, $bind); + } + + + /*%******************************************************************************************%*/ + // TRAVERSAL + + /** + * Gets the first result in the array. + * + * @return mixed The first result in the object. Returns `false` if there are no items in the array. + */ + public function first() + { + $items = $this->getArrayCopy(); + return count($items) ? $items[0] : false; + } + + /** + * Gets the last result in the array. + * + * @return mixed The last result in the object. Returns `false` if there are no items in the array. + */ + public function last() + { + $items = $this->getArrayCopy(); + return count($items) ? end($items) : false; + } + + /** + * Removes all `null` values from an array. + * + * @return CFArray A new object containing the non-null values. + */ + public function compress() + { + return new CFArray(array_filter($this->getArrayCopy())); + } + + /** + * Reindexes the array, starting from zero. + * + * @return CFArray A new object with indexes starting at zero. + */ + public function reindex() + { + return new CFArray(array_values($this->getArrayCopy())); + } + + + /*%******************************************************************************************%*/ + // ALTERNATE FORMATS + + /** + * Gets the current XML node as a JSON string. + * + * @return string The current XML node as a JSON string. + */ + public function to_json() + { + return json_encode($this->getArrayCopy()); + } + + /** + * Gets the current XML node as a YAML string. + * + * @return string The current XML node as a YAML string. + */ + public function to_yaml() + { + return sfYaml::dump($this->getArrayCopy(), 5); + } +} + +class CFArray_Exception extends Exception {} diff --git a/3rdparty/aws-sdk/utilities/batchrequest.class.php b/3rdparty/aws-sdk/utilities/batchrequest.class.php new file mode 100644 index 00000000000..978283471a4 --- /dev/null +++ b/3rdparty/aws-sdk/utilities/batchrequest.class.php @@ -0,0 +1,126 @@ +queue = array(); + $this->limit = $limit ? $limit : -1; + $this->credentials = new CFCredential(array()); + return $this; + } + + /** + * Sets the AWS credentials to use for the batch request. + * + * @param CFCredential $credentials (Required) The credentials to use for signing and making requests. + * @return $this A reference to the current instance. + */ + public function use_credentials(CFCredential $credentials) + { + $this->credentials = $credentials; + return $this; + } + + /** + * Adds a new cURL handle to the request queue. + * + * @param resource $handle (Required) A cURL resource to add to the queue. + * @return $this A reference to the current instance. + */ + public function add($handle) + { + $this->queue[] = $handle; + return $this; + } + + /** + * Executes the batch request queue. + * + * @param array $opt (DO NOT USE) Enabled for compatibility with the method this overrides, although any values passed will be ignored. + * @return array An indexed array of objects. + */ + public function send($opt = null) + { + $http = new $this->request_class(null, $this->proxy, null, $this->credentials); + + // Make the request + $response = $http->send_multi_request($this->queue, array( + 'limit' => $this->limit + )); + + return $response; + } +} diff --git a/3rdparty/aws-sdk/utilities/complextype.class.php b/3rdparty/aws-sdk/utilities/complextype.class.php new file mode 100644 index 00000000000..e0509b9e368 --- /dev/null +++ b/3rdparty/aws-sdk/utilities/complextype.class.php @@ -0,0 +1,123 @@ + function. + * @param string $member (Optional) The name of the "member" property that AWS uses for lists in certain services. Defaults to an empty string. + * @param string $default_key (Optional) The default key to use when the value for `$data` is a string. Defaults to an empty string. + * @return array The option group parameters to merge into another method's `$opt` parameter. + */ + public static function json($json, $member = '', $default_key = '') + { + return self::option_group(json_decode($json, true), $member, $default_key); + } + + /** + * Takes a YAML object, as a string, to convert to query string keys. + * + * @param string $yaml (Required) A YAML object. + * @param string $member (Optional) The name of the "member" property that AWS uses for lists in certain services. Defaults to an empty string. + * @param string $default_key (Optional) The default key to use when the value for `$data` is a string. Defaults to an empty string. + * @return array The option group parameters to merge into another method's `$opt` parameter. + */ + public static function yaml($yaml, $member = '', $default_key = '') + { + return self::option_group(sfYaml::load($yaml), $member, $default_key); + } + + /** + * Takes an associative array to convert to query string keys. + * + * @param array $map (Required) An associative array. + * @param string $member (Optional) The name of the "member" property that AWS uses for lists in certain services. Defaults to an empty string. + * @param string $default_key (Optional) The default key to use when the value for `$data` is a string. Defaults to an empty string. + * @return array The option group parameters to merge into another method's `$opt` parameter. + */ + public static function map($map, $member = '', $default_key = '') + { + return self::option_group($map, $member, $default_key); + } + + /** + * A protected method that is used by , and . + * + * @param string|array $data (Required) The data to iterate over. + * @param string $member (Optional) The name of the "member" property that AWS uses for lists in certain services. Defaults to an empty string. + * @param string $key (Optional) The default key to use when the value for `$data` is a string. Defaults to an empty string. + * @param array $out (Optional) INTERNAL ONLY. The array that contains the calculated values up to this point. + * @return array The option group parameters to merge into another method's `$opt` parameter. + */ + public static function option_group($data, $member = '', $key = '', &$out = array()) + { + $reset = $key; + + if (is_array($data)) + { + foreach ($data as $k => $v) + { + // Avoid 0-based indexes. + if (is_int($k)) + { + $k = $k + 1; + + if ($member !== '') + { + $key .= '.' . $member; + } + } + + $key .= ($key === '' ? $k : '.' . $k); + + if (is_array($v)) + { + self::option_group($v, $member, $key, $out); + } + elseif ($v instanceof CFStepConfig) + { + self::option_group($v->get_config(), $member, $key, $out); + } + else + { + $out[$key] = $v; + } + + $key = $reset; + } + } + else + { + $out[$key] = $data; + } + + return $out; + } +} diff --git a/3rdparty/aws-sdk/utilities/credential.class.php b/3rdparty/aws-sdk/utilities/credential.class.php new file mode 100644 index 00000000000..05c0ffcf6d8 --- /dev/null +++ b/3rdparty/aws-sdk/utilities/credential.class.php @@ -0,0 +1,157 @@ + class represents an individual credential set. + * + * @version 2011.11.15 + * @license See the included NOTICE.md file for more information. + * @copyright See the included NOTICE.md file for more information. + * @link http://aws.amazon.com/php/ PHP Developer Center + */ +class CFCredential implements ArrayAccess +{ + /** + * Stores the internal representation of the collection. + */ + private $collection; + + /** + * Default getter. Enables syntax such as $object->method->chained_method();. Also supports + * $object->key. Matching methods are prioritized over matching keys. + * + * @param string $name (Required) The name of the method to execute or key to retrieve. + * @return mixed The results of calling the function $name(), or the value of the key $object[$name]. + */ + public function __get($name) + { + return $this[$name]; + } + + /** + * Default setter. + * + * @param string $name (Required) The name of the method to execute. + * @param string $value (Required) The value to pass to the method. + * @return mixed The results of calling the function, $name. + */ + public function __set($name, $value) + { + $this[$name] = $value; + return $this; + } + + /** + * Create a clone of the object. + * + * @return CFCredential A clone of the current instance. + */ + public function __clone() + { + $this->collection = clone $this->collection; + } + + + /*%******************************************************************************************%*/ + // CONSTRUCTOR + + /** + * Constructs a new instance of the class. + */ + public function __construct($value = array()) + { + $this->collection = new ArrayObject($value, ArrayObject::ARRAY_AS_PROPS); + } + + /** + * Check whether or not a specific offset exists. + * + * @param integer $offset (Required) The location in the collection to verify the existence of. + * @return boolean A value of true indicates that the collection offset exists. A value of false indicates that it does not. + */ + public function offsetExists($offset) + { + return $this->collection->offsetExists($offset); + } + + /** + * Get the value for a specific offset. + * + * @param integer $offset (Required) The location in the collection to retrieve the value for. + * @return mixed The value of the collection offset. NULL is returned if the offset does not exist. + */ + public function offsetGet($offset) + { + if ($this->collection->offsetExists($offset)) + { + return $this->collection->offsetGet($offset); + } + + return null; + } + + /** + * Set the value for a specific offset. + * + * @param integer $offset (Required) The location in the collection to set a new value for. + * @param mixed $value (Required) The new value for the collection location. + * @return CFCredential A reference to the current collection. + */ + public function offsetSet($offset, $value) + { + $this->collection->offsetSet($offset, $value); + return $this; + } + + /** + * Unset the value for a specific offset. + * + * @param integer $offset (Required) The location in the collection to unset. + * @return CFCredential A reference to the current collection. + */ + public function offsetUnset($offset) + { + $this->collection->offsetUnset($offset); + return $this; + } + + /** + * Merge another instance of onto this one. + * + * @param CFCredential $credential (Required) Another instance of . + * @return CFCredential A reference to the current collection. + */ + public function merge(CFCredential $credential) + { + $merged = array_merge($this->to_array(), $credential->to_array()); + $this->collection->exchangeArray($merged); + return $this; + } + + /** + * Retrieves the data as a standard array. + * + * @return array The data as an array. + */ + public function to_array() + { + return $this->collection->getArrayCopy(); + } +} diff --git a/3rdparty/aws-sdk/utilities/credentials.class.php b/3rdparty/aws-sdk/utilities/credentials.class.php new file mode 100644 index 00000000000..2504a081b23 --- /dev/null +++ b/3rdparty/aws-sdk/utilities/credentials.class.php @@ -0,0 +1,125 @@ + class enables developers to easily switch between multiple sets of credentials. + * + * @version 2011.11.15 + * @license See the included NOTICE.md file for more information. + * @copyright See the included NOTICE.md file for more information. + * @link http://aws.amazon.com/php/ PHP Developer Center + */ +class CFCredentials +{ + /** + * The key used to specify the default credential set + */ + const DEFAULT_KEY = '@default'; + + /** + * The key used to identify inherited credentials + */ + const INHERIT_KEY = '@inherit'; + + /** + * Stores the credentials + */ + protected static $credentials = array(); + + /** + * Prevents this class from being constructed + */ + final private function __construct() {} + + /** + * Stores the credentials for re-use. + * + * @param array $credential_sets (Required) The named credential sets that should be made available to the application. + * @return void + */ + public static function set(array $credential_sets) + { + // Make sure a default credential set is specified or can be inferred + if (count($credential_sets) === 1) + { + $credential_sets[self::DEFAULT_KEY] = reset($credential_sets); + } + elseif (!isset($credential_sets[self::DEFAULT_KEY])) + { + throw new CFCredentials_Exception('If more than one credential set is provided, a default credential set (identified by the key "' . self::DEFAULT_KEY . '") must be specified.'); + } + + // Resolve any @inherit tags + foreach ($credential_sets as $credential_name => &$credential_set) + { + if (is_array($credential_set)) + { + foreach ($credential_set as $credential_key => &$credential_value) + { + if ($credential_key === self::INHERIT_KEY) + { + if (!isset($credential_sets[$credential_value])) + { + throw new CFCredentials_Exception('The credential set, "' . $credential_value . '", does not exist and cannot be inherited.'); + } + + $credential_set = array_merge($credential_sets[$credential_value], $credential_set); + unset($credential_set[self::INHERIT_KEY]); + } + } + } + } + + // Normalize the value of the @default credential set + $default = $credential_sets[self::DEFAULT_KEY]; + if (is_string($default)) + { + if (!isset($credential_sets[$default])) + { + throw new CFCredentials_Exception('The credential set, "' . $default . '", does not exist and cannot be used as the default credential set.'); + } + + $credential_sets[self::DEFAULT_KEY] = $credential_sets[$default]; + } + + // Store the credentials + self::$credentials = $credential_sets; + } + + /** + * Retrieves the requested credentials from the internal credential store. + * + * @param string $credential_set (Optional) The name of the credential set to retrieve. The default value is set in DEFAULT_KEY. + * @return stdClass A stdClass object where the properties represent the keys that were provided. + */ + public static function get($credential_name = self::DEFAULT_KEY) + { + // Make sure the credential set exists + if (!isset(self::$credentials[$credential_name])) + { + throw new CFCredentials_Exception('The credential set, "' . $credential_name . '", does not exist and cannot be retrieved.'); + } + + // Return the credential set as an object + return new CFCredential(self::$credentials[$credential_name]); + } +} + +class CFCredentials_Exception extends Exception {} diff --git a/3rdparty/aws-sdk/utilities/gzipdecode.class.php b/3rdparty/aws-sdk/utilities/gzipdecode.class.php new file mode 100644 index 00000000000..f80822a7048 --- /dev/null +++ b/3rdparty/aws-sdk/utilities/gzipdecode.class.php @@ -0,0 +1,377 @@ +compressed_data = $data; + $this->compressed_size = strlen($data); + } + + /** + * Decode the GZIP stream + * + * @access public + */ + public function parse() + { + if ($this->compressed_size >= $this->min_compressed_size) + { + // Check ID1, ID2, and CM + if (substr($this->compressed_data, 0, 3) !== "\x1F\x8B\x08") + { + return false; + } + + // Get the FLG (FLaGs) + $this->flags = ord($this->compressed_data[3]); + + // FLG bits above (1 << 4) are reserved + if ($this->flags > 0x1F) + { + return false; + } + + // Advance the pointer after the above + $this->position += 4; + + // MTIME + $mtime = substr($this->compressed_data, $this->position, 4); + // Reverse the string if we're on a big-endian arch because l is the only signed long and is machine endianness + if (current(unpack('S', "\x00\x01")) === 1) + { + $mtime = strrev($mtime); + } + $this->MTIME = current(unpack('l', $mtime)); + $this->position += 4; + + // Get the XFL (eXtra FLags) + $this->XFL = ord($this->compressed_data[$this->position++]); + + // Get the OS (Operating System) + $this->OS = ord($this->compressed_data[$this->position++]); + + // Parse the FEXTRA + if ($this->flags & 4) + { + // Read subfield IDs + $this->SI1 = $this->compressed_data[$this->position++]; + $this->SI2 = $this->compressed_data[$this->position++]; + + // SI2 set to zero is reserved for future use + if ($this->SI2 === "\x00") + { + return false; + } + + // Get the length of the extra field + $len = current(unpack('v', substr($this->compressed_data, $this->position, 2))); + $position += 2; + + // Check the length of the string is still valid + $this->min_compressed_size += $len + 4; + if ($this->compressed_size >= $this->min_compressed_size) + { + // Set the extra field to the given data + $this->extra_field = substr($this->compressed_data, $this->position, $len); + $this->position += $len; + } + else + { + return false; + } + } + + // Parse the FNAME + if ($this->flags & 8) + { + // Get the length of the filename + $len = strcspn($this->compressed_data, "\x00", $this->position); + + // Check the length of the string is still valid + $this->min_compressed_size += $len + 1; + if ($this->compressed_size >= $this->min_compressed_size) + { + // Set the original filename to the given string + $this->filename = substr($this->compressed_data, $this->position, $len); + $this->position += $len + 1; + } + else + { + return false; + } + } + + // Parse the FCOMMENT + if ($this->flags & 16) + { + // Get the length of the comment + $len = strcspn($this->compressed_data, "\x00", $this->position); + + // Check the length of the string is still valid + $this->min_compressed_size += $len + 1; + if ($this->compressed_size >= $this->min_compressed_size) + { + // Set the original comment to the given string + $this->comment = substr($this->compressed_data, $this->position, $len); + $this->position += $len + 1; + } + else + { + return false; + } + } + + // Parse the FHCRC + if ($this->flags & 2) + { + // Check the length of the string is still valid + $this->min_compressed_size += $len + 2; + if ($this->compressed_size >= $this->min_compressed_size) + { + // Read the CRC + $crc = current(unpack('v', substr($this->compressed_data, $this->position, 2))); + + // Check the CRC matches + if ((crc32(substr($this->compressed_data, 0, $this->position)) & 0xFFFF) === $crc) + { + $this->position += 2; + } + else + { + return false; + } + } + else + { + return false; + } + } + + // Decompress the actual data + if (($this->data = gzinflate(substr($this->compressed_data, $this->position, -8))) === false) + { + return false; + } + else + { + $this->position = $this->compressed_size - 8; + } + + // Check CRC of data + $crc = current(unpack('V', substr($this->compressed_data, $this->position, 4))); + $this->position += 4; + /*if (extension_loaded('hash') && sprintf('%u', current(unpack('V', hash('crc32b', $this->data)))) !== sprintf('%u', $crc)) + { + return false; + }*/ + + // Check ISIZE of data + $isize = current(unpack('V', substr($this->compressed_data, $this->position, 4))); + $this->position += 4; + if (sprintf('%u', strlen($this->data) & 0xFFFFFFFF) !== sprintf('%u', $isize)) + { + return false; + } + + // Wow, against all odds, we've actually got a valid gzip string + return true; + } + else + { + return false; + } + } +} diff --git a/3rdparty/aws-sdk/utilities/hadoopbase.class.php b/3rdparty/aws-sdk/utilities/hadoopbase.class.php new file mode 100644 index 00000000000..eb8bc5c3a81 --- /dev/null +++ b/3rdparty/aws-sdk/utilities/hadoopbase.class.php @@ -0,0 +1,67 @@ + object. + */ + public static function script_runner($script, $args = null) + { + if (!$args) $args = array(); + array_unshift($args, $script); + + return array( + 'Jar' => 's3://us-east-1.elasticmapreduce/libs/script-runner/script-runner.jar', + 'Args' => $args + ); + } + + /** + * Prepares a Hive or Pig script before passing it to the script runner. + * + * @param string $type (Required) The type of script to run. [Allowed values: `hive`, `pig`]. + * @param array $args (Optional) An indexed array of arguments to pass to the script. + * @return array A standard array that is intended to be passed into a object. + * @link http://hive.apache.org Apache Hive + * @link http://pig.apache.org Apache Pig + */ + public static function hive_pig_script($type, $args = null) + { + if (!$args) $args = array(); + $args = is_array($args) ? $args : array($args); + $args = array_merge(array('--base-path', 's3://us-east-1.elasticmapreduce/libs/' . $type . '/'), $args); + + return self::script_runner('s3://us-east-1.elasticmapreduce/libs/' . $type . '/' . $type . '-script', $args); + } +} diff --git a/3rdparty/aws-sdk/utilities/hadoopbootstrap.class.php b/3rdparty/aws-sdk/utilities/hadoopbootstrap.class.php new file mode 100644 index 00000000000..baaa0c08d4b --- /dev/null +++ b/3rdparty/aws-sdk/utilities/hadoopbootstrap.class.php @@ -0,0 +1,127 @@ +true, the bootstrap action executes. + * @param array $args (Optional) An indexed array of arguments to pass to the script. + * @return array A configuration set to be provided when running a job flow. + */ + public static function run_if($condition, $args = null) + { + if (!$args) $args = array(); + $args = is_array($args) ? $args : array($args); + + return self::script_runner('s3://us-east-1.elasticmapreduce/bootstrap-actions/run-if', $args); + } + + /** + * Specify options to merge with Hadoop's default configuration. + * + * @param string $file (Required) The Hadoop configuration file to merge with. [Allowed values: CFHadoopBootstrap::CONFIG_SITE, CFHadoopBootstrap::CONFIG_DEFAULT, CFHadoopBootstrap::CONFIG_CORE, CFHadoopBootstrap::CONFIG_HDFS, CFHadoopBootstrap::CONFIG_MAPREDUCE] + * @param string|array $config (Required) This can either be an XML file in S3 (as s3://bucket/path), or an associative array of key-value pairs. + * @return array A configuration set to be provided when running a job flow. + */ + public static function configure($file, $config) + { + $args = array(); + $file_arg = '-' . $file; + + if (is_string($config)) + { + $args[] = $file_arg; + $args[] = $config; + } + elseif (is_array($config)) + { + foreach ($config as $key => $value) + { + $args[] = $file_arg; + $args[] = $key . '=' . $value; + } + } + + return self::script_runner('s3://us-east-1.elasticmapreduce/bootstrap-actions/configure-hadoop', $args); + } + + /** + * Create a new bootstrap action which lets you configure Hadoop's daemons. The options are written to + * the hadoop-user-env.sh file. + * + * @param string $daemon_type (Required) The Hadoop daemon to configure. + * @param array $opt (Optional) An associative array of parameters that can have the following keys:

HeapSize - integer - Optional - The requested heap size of the daemon, in megabytes.
CLIOptions - string - Optional - Additional Java command line arguments to pass to the daemon.
Replace - boolean - Optional - Whether or not the file should be replaced. A value of true will replace the existing configuration file. A value of false will append the options to the configuration file.

+ * @return array A configuration set to be provided when running a job flow. + */ + public static function daemon($daemon_type, $opt = null) + { + if (!$opt) $opt = array(); + $args = array(); + + foreach ($opt as $key => $value) + { + switch ($key) + { + case 'HeapSize': + $args[] = '--' . $daemon_type . '-heap-size=' . $value; + break; + case 'CLIOptions': + $args[] = '--' . $daemon_type . '-opts="' . $value . '"'; + break; + case 'Replace': + if ((is_string($value) && $value === 'true') || (is_bool($value) && $value === true)) + { + $args[] = '--replace'; + } + break; + } + } + + return self::script_runner('s3://us-east-1.elasticmapreduce/bootstrap-actions/configure-daemons', $args); + } +} diff --git a/3rdparty/aws-sdk/utilities/hadoopstep.class.php b/3rdparty/aws-sdk/utilities/hadoopstep.class.php new file mode 100644 index 00000000000..2371e007489 --- /dev/null +++ b/3rdparty/aws-sdk/utilities/hadoopstep.class.php @@ -0,0 +1,98 @@ + object. + */ + public static function enable_debugging() + { + return self::script_runner('s3://us-east-1.elasticmapreduce/libs/state-pusher/0.1/fetch'); + } + + /** + * Step that installs Hive on your job flow. + * + * @return array A standard array that is intended to be passed into a object. + * @link http://hive.apache.org Apache Hive + */ + public static function install_hive() + { + return self::hive_pig_script('hive', '--install-hive'); + } + + /** + * Step that runs a Hive script on your job flow. + * + * @param string $script (Required) The script to run with `script-runner.jar`. + * @param array $args (Optional) An indexed array of arguments to pass to the script. + * @return array A standard array that is intended to be passed into a object. + * @link http://hive.apache.org Apache Hive + */ + public static function run_hive_script($script, $args = null) + { + if (!$args) $args = array(); + $args = is_array($args) ? $args : array($args); + $args = array_merge(array('--run-hive-script', '--args', '-f', $script), $args); + + return self::hive_pig_script('hive', $args); + } + + /** + * Step that installs Pig on your job flow. + * + * @return array A standard array that is intended to be passed into a object. + * @link http://pig.apache.org Apache Pig + */ + public static function install_pig() + { + return self::hive_pig_script('pig', '--install-pig'); + } + + /** + * Step that runs a Pig script on your job flow. + * + * @param string $script (Required) The script to run with `script-runner.jar`. + * @param array $args (Optional) An indexed array of arguments to pass to the script. + * @return array A standard array that is intended to be passed into a object. + * @link http://pig.apache.org Apache Pig + */ + public static function run_pig_script($script, $args = null) + { + if (!$args) $args = array(); + $args = is_array($args) ? $args : array($args); + $args = array_merge(array('--run-pig-script', '--args', '-f', $script), $args); + + return self::hive_pig_script('pig', $args); + } +} diff --git a/3rdparty/aws-sdk/utilities/info.class.php b/3rdparty/aws-sdk/utilities/info.class.php new file mode 100644 index 00000000000..2ba289a5f01 --- /dev/null +++ b/3rdparty/aws-sdk/utilities/info.class.php @@ -0,0 +1,69 @@ +api_version; + unset($obj); + } + + return $collect; + } +} diff --git a/3rdparty/aws-sdk/utilities/json.class.php b/3rdparty/aws-sdk/utilities/json.class.php new file mode 100644 index 00000000000..dfa83839863 --- /dev/null +++ b/3rdparty/aws-sdk/utilities/json.class.php @@ -0,0 +1,89 @@ +SimpleXMLElement. Has a default value of CFSimpleXML. + * @return CFSimpleXML An XML representation of the data. + */ + public static function to_xml($json, $parser = 'CFSimpleXML') + { + // If we haven't parsed the JSON, do it + if (!is_array($json)) + { + // Handle the case of JSON-encoded NULL value + if ($json === 'null') + { + $json = null; + } + else + { + $json = json_decode($json, true); + + if (function_exists('json_last_error')) + { + // Did we encounter an error? + switch (json_last_error()) + { + case JSON_ERROR_DEPTH: + throw new JSON_Exception('Maximum stack depth exceeded.'); + + case JSON_ERROR_CTRL_CHAR: + throw new JSON_Exception('Unexpected control character found.'); + + case JSON_ERROR_SYNTAX: + throw new JSON_Exception('Syntax error; Malformed JSON.'); + + case JSON_ERROR_STATE_MISMATCH: + throw new JSON_Exception('Invalid or malformed JSON.'); + } + } + // json_last_error() not available? + elseif ($json === null) + { + throw new JSON_Exception('Unknown JSON error. Be sure to validate your JSON and read the notes on http://php.net/json_decode.'); + } + } + } + + // Hand off for the recursive work + $string = Array2DOM::arrayToXMLString($json, 'rootElement', true); + + return simplexml_load_string($string, $parser, LIBXML_NOCDATA); + } +} + + +/** + * Default JSON Exception. + */ +class JSON_Exception extends Exception {} diff --git a/3rdparty/aws-sdk/utilities/manifest.class.php b/3rdparty/aws-sdk/utilities/manifest.class.php new file mode 100644 index 00000000000..82410a328db --- /dev/null +++ b/3rdparty/aws-sdk/utilities/manifest.class.php @@ -0,0 +1,54 @@ + function. + * @return string A YAML manifest document. + */ + public static function json($json) + { + $map = json_decode($json, true); + return sfYaml::dump($map); + } + + /** + * Takes an associative array to convert to a YAML manifest. + * + * @param array $map (Required) An associative array. + * @return string A YAML manifest document. + */ + public static function map($map) + { + return sfYaml::dump($map); + } +} diff --git a/3rdparty/aws-sdk/utilities/mimetypes.class.php b/3rdparty/aws-sdk/utilities/mimetypes.class.php new file mode 100644 index 00000000000..5fa23d3942a --- /dev/null +++ b/3rdparty/aws-sdk/utilities/mimetypes.class.php @@ -0,0 +1,223 @@ + 'video/3gpp', + 'ai' => 'application/postscript', + 'aif' => 'audio/x-aiff', + 'aifc' => 'audio/x-aiff', + 'aiff' => 'audio/x-aiff', + 'asc' => 'text/plain', + 'atom' => 'application/atom+xml', + 'au' => 'audio/basic', + 'avi' => 'video/x-msvideo', + 'bcpio' => 'application/x-bcpio', + 'bin' => 'application/octet-stream', + 'bmp' => 'image/bmp', + 'cdf' => 'application/x-netcdf', + 'cgm' => 'image/cgm', + 'class' => 'application/octet-stream', + 'cpio' => 'application/x-cpio', + 'cpt' => 'application/mac-compactpro', + 'csh' => 'application/x-csh', + 'css' => 'text/css', + 'dcr' => 'application/x-director', + 'dif' => 'video/x-dv', + 'dir' => 'application/x-director', + 'djv' => 'image/vnd.djvu', + 'djvu' => 'image/vnd.djvu', + 'dll' => 'application/octet-stream', + 'dmg' => 'application/octet-stream', + 'dms' => 'application/octet-stream', + 'doc' => 'application/msword', + 'dtd' => 'application/xml-dtd', + 'dv' => 'video/x-dv', + 'dvi' => 'application/x-dvi', + 'dxr' => 'application/x-director', + 'eps' => 'application/postscript', + 'etx' => 'text/x-setext', + 'exe' => 'application/octet-stream', + 'ez' => 'application/andrew-inset', + 'flv' => 'video/x-flv', + 'gif' => 'image/gif', + 'gram' => 'application/srgs', + 'grxml' => 'application/srgs+xml', + 'gtar' => 'application/x-gtar', + 'gz' => 'application/x-gzip', + 'hdf' => 'application/x-hdf', + 'hqx' => 'application/mac-binhex40', + 'htm' => 'text/html', + 'html' => 'text/html', + 'ice' => 'x-conference/x-cooltalk', + 'ico' => 'image/x-icon', + 'ics' => 'text/calendar', + 'ief' => 'image/ief', + 'ifb' => 'text/calendar', + 'iges' => 'model/iges', + 'igs' => 'model/iges', + 'jnlp' => 'application/x-java-jnlp-file', + 'jp2' => 'image/jp2', + 'jpe' => 'image/jpeg', + 'jpeg' => 'image/jpeg', + 'jpg' => 'image/jpeg', + 'js' => 'application/x-javascript', + 'kar' => 'audio/midi', + 'latex' => 'application/x-latex', + 'lha' => 'application/octet-stream', + 'lzh' => 'application/octet-stream', + 'm3u' => 'audio/x-mpegurl', + 'm4a' => 'audio/mp4a-latm', + 'm4p' => 'audio/mp4a-latm', + 'm4u' => 'video/vnd.mpegurl', + 'm4v' => 'video/x-m4v', + 'mac' => 'image/x-macpaint', + 'man' => 'application/x-troff-man', + 'mathml' => 'application/mathml+xml', + 'me' => 'application/x-troff-me', + 'mesh' => 'model/mesh', + 'mid' => 'audio/midi', + 'midi' => 'audio/midi', + 'mif' => 'application/vnd.mif', + 'mov' => 'video/quicktime', + 'movie' => 'video/x-sgi-movie', + 'mp2' => 'audio/mpeg', + 'mp3' => 'audio/mpeg', + 'mp4' => 'video/mp4', + 'mpe' => 'video/mpeg', + 'mpeg' => 'video/mpeg', + 'mpg' => 'video/mpeg', + 'mpga' => 'audio/mpeg', + 'ms' => 'application/x-troff-ms', + 'msh' => 'model/mesh', + 'mxu' => 'video/vnd.mpegurl', + 'nc' => 'application/x-netcdf', + 'oda' => 'application/oda', + 'ogg' => 'application/ogg', + 'ogv' => 'video/ogv', + 'pbm' => 'image/x-portable-bitmap', + 'pct' => 'image/pict', + 'pdb' => 'chemical/x-pdb', + 'pdf' => 'application/pdf', + 'pgm' => 'image/x-portable-graymap', + 'pgn' => 'application/x-chess-pgn', + 'pic' => 'image/pict', + 'pict' => 'image/pict', + 'png' => 'image/png', + 'pnm' => 'image/x-portable-anymap', + 'pnt' => 'image/x-macpaint', + 'pntg' => 'image/x-macpaint', + 'ppm' => 'image/x-portable-pixmap', + 'ppt' => 'application/vnd.ms-powerpoint', + 'ps' => 'application/postscript', + 'qt' => 'video/quicktime', + 'qti' => 'image/x-quicktime', + 'qtif' => 'image/x-quicktime', + 'ra' => 'audio/x-pn-realaudio', + 'ram' => 'audio/x-pn-realaudio', + 'ras' => 'image/x-cmu-raster', + 'rdf' => 'application/rdf+xml', + 'rgb' => 'image/x-rgb', + 'rm' => 'application/vnd.rn-realmedia', + 'roff' => 'application/x-troff', + 'rtf' => 'text/rtf', + 'rtx' => 'text/richtext', + 'sgm' => 'text/sgml', + 'sgml' => 'text/sgml', + 'sh' => 'application/x-sh', + 'shar' => 'application/x-shar', + 'silo' => 'model/mesh', + 'sit' => 'application/x-stuffit', + 'skd' => 'application/x-koan', + 'skm' => 'application/x-koan', + 'skp' => 'application/x-koan', + 'skt' => 'application/x-koan', + 'smi' => 'application/smil', + 'smil' => 'application/smil', + 'snd' => 'audio/basic', + 'so' => 'application/octet-stream', + 'spl' => 'application/x-futuresplash', + 'src' => 'application/x-wais-source', + 'sv4cpio' => 'application/x-sv4cpio', + 'sv4crc' => 'application/x-sv4crc', + 'svg' => 'image/svg+xml', + 'swf' => 'application/x-shockwave-flash', + 't' => 'application/x-troff', + 'tar' => 'application/x-tar', + 'tcl' => 'application/x-tcl', + 'tex' => 'application/x-tex', + 'texi' => 'application/x-texinfo', + 'texinfo' => 'application/x-texinfo', + 'tif' => 'image/tiff', + 'tiff' => 'image/tiff', + 'tr' => 'application/x-troff', + 'tsv' => 'text/tab-separated-values', + 'txt' => 'text/plain', + 'ustar' => 'application/x-ustar', + 'vcd' => 'application/x-cdlink', + 'vrml' => 'model/vrml', + 'vxml' => 'application/voicexml+xml', + 'wav' => 'audio/x-wav', + 'wbmp' => 'image/vnd.wap.wbmp', + 'wbxml' => 'application/vnd.wap.wbxml', + 'webm' => 'video/webm', + 'wml' => 'text/vnd.wap.wml', + 'wmlc' => 'application/vnd.wap.wmlc', + 'wmls' => 'text/vnd.wap.wmlscript', + 'wmlsc' => 'application/vnd.wap.wmlscriptc', + 'wmv' => 'video/x-ms-wmv', + 'wrl' => 'model/vrml', + 'xbm' => 'image/x-xbitmap', + 'xht' => 'application/xhtml+xml', + 'xhtml' => 'application/xhtml+xml', + 'xls' => 'application/vnd.ms-excel', + 'xml' => 'application/xml', + 'xpm' => 'image/x-xpixmap', + 'xsl' => 'application/xml', + 'xslt' => 'application/xslt+xml', + 'xul' => 'application/vnd.mozilla.xul+xml', + 'xwd' => 'image/x-xwindowdump', + 'xyz' => 'chemical/x-xyz', + 'zip' => 'application/zip', + ); + + /** + * Attempt to match the file extension to a known mime-type. + * + * @param string $ext (Required) The file extension to attempt to map. + * @return string The mime-type to use for the file extension. + */ + public static function get_mimetype($ext) + { + return (isset(self::$mime_types[$ext]) ? self::$mime_types[$ext] : 'application/octet-stream'); + } +} diff --git a/3rdparty/aws-sdk/utilities/policy.class.php b/3rdparty/aws-sdk/utilities/policy.class.php new file mode 100644 index 00000000000..9c53fee0d72 --- /dev/null +++ b/3rdparty/aws-sdk/utilities/policy.class.php @@ -0,0 +1,134 @@ + (e.g. , ). + * @param string|array $policy (Required) The associative array representing the S3 policy to use, or a string of JSON content. + * @return $this A reference to the current instance. + * @link http://docs.amazonwebservices.com/AmazonS3/2006-03-01/dev/index.html?HTTPPOSTForms.html S3 Policies + * @link http://docs.amazonwebservices.com/AmazonS3/latest/dev/index.html?AccessPolicyLanguage.html Access Policy Language + */ + public function __construct($auth, $policy) + { + $this->auth = $auth; + + if (is_array($policy)) // We received an associative array... + { + $this->json_policy = json_encode($policy); + } + else // We received a valid, parseable JSON string... + { + $this->json_policy = json_encode(json_decode($policy, true)); + } + + return $this; + } + + /** + * Alternate approach to constructing a new instance. Supports chaining. + * + * @param CFRuntime $auth (Required) An instance of any authenticated AWS object that is an instance of (e.g. , ). + * @param string|array $policy (Required) The associative array representing the S3 policy to use, or a string of JSON content. + * @return $this A reference to the current instance. + */ + public static function init($auth, $policy) + { + if (version_compare(PHP_VERSION, '5.3.0', '<')) + { + throw new Exception('PHP 5.3 or newer is required to instantiate a new class with CLASS::init().'); + } + + $self = get_called_class(); + return new $self($auth, $policy); + } + + /** + * Get the key from the authenticated instance. + * + * @return string The key from the authenticated instance. + */ + public function get_key() + { + return $this->auth->key; + } + + /** + * Base64-encodes the JSON string. + * + * @return string The Base64-encoded version of the JSON string. + */ + public function get_policy() + { + return base64_encode($this->json_policy); + } + + /** + * Gets the JSON string with the whitespace removed. + * + * @return string The JSON string without extraneous whitespace. + */ + public function get_json() + { + return $this->json_policy; + } + + /** + * Gets the JSON string with the whitespace removed. + * + * @return string The Base64-encoded, signed JSON string. + */ + public function get_policy_signature() + { + return base64_encode(hash_hmac('sha1', $this->get_policy(), $this->auth->secret_key)); + } + + /** + * Decode a policy that was returned from the service. + * + * @param string $response (Required) The policy returned by AWS that you want to decode into an object. + * @return string The Base64-encoded, signed JSON string. + */ + public static function decode_policy($response) + { + return json_decode(urldecode($response), true); + } +} diff --git a/3rdparty/aws-sdk/utilities/request.class.php b/3rdparty/aws-sdk/utilities/request.class.php new file mode 100644 index 00000000000..8e049fb5169 --- /dev/null +++ b/3rdparty/aws-sdk/utilities/request.class.php @@ -0,0 +1,70 @@ +). + */ + public $request_class = 'CFRequest'; + + /** + * The default class to use for HTTP Responses (defaults to ). + */ + public $response_class = 'CFResponse'; + + /** + * The active credential set. + */ + public $credentials; + + + /*%******************************************************************************************%*/ + // CONSTRUCTOR + + /** + * Constructs a new instance of this class. + * + * @param string $url (Optional) The URL to request or service endpoint to query. + * @param string $proxy (Optional) The faux-url to use for proxy settings. Takes the following format: `proxy://user:pass@hostname:port` + * @param array $helpers (Optional) An associative array of classnames to use for request, and response functionality. Gets passed in automatically by the calling class. + * @param CFCredential $credentials (Required) The credentials to use for signing and making requests. + * @return $this A reference to the current instance. + */ + public function __construct($url = null, $proxy = null, $helpers = null, CFCredential $credentials = null) + { + parent::__construct($url, $proxy, $helpers); + + // Standard settings for all requests + $this->set_useragent(CFRUNTIME_USERAGENT); + $this->credentials = $credentials; + $this->cacert_location = ($this->credentials['certificate_authority'] ? $this->credentials['certificate_authority'] : false); + + return $this; + } +} diff --git a/3rdparty/aws-sdk/utilities/response.class.php b/3rdparty/aws-sdk/utilities/response.class.php new file mode 100644 index 00000000000..740d55d5d94 --- /dev/null +++ b/3rdparty/aws-sdk/utilities/response.class.php @@ -0,0 +1,29 @@ + element. + */ + public function __call($name, $arguments) + { + // Remap $this + $self = $this; + + // Re-base the XML + $self = new CFSimpleXML($self->asXML()); + + // Determine XPath query + $self->xpath_expression = 'descendant-or-self::' . $name; + + // Get the results and augment with CFArray + $results = $self->xpath($self->xpath_expression); + if (!count($results)) return false; + $results = new CFArray($results); + + // If an integer was passed, return only that result + if (isset($arguments[0]) && is_int($arguments[0])) + { + if (isset($results[$arguments[0]])) + { + return $results[$arguments[0]]; + } + + return false; + } + + return $results; + } + + /** + * Alternate approach to constructing a new instance. Supports chaining. + * + * @param string $data (Required) A well-formed XML string or the path or URL to an XML document if $data_is_url is true. + * @param integer $options (Optional) Used to specify additional LibXML parameters. The default value is 0. + * @param boolean $data_is_url (Optional) Specify a value of true to specify that data is a path or URL to an XML document instead of string data. The default value is false. + * @param string $ns (Optional) The XML namespace to return values for. + * @param boolean $is_prefix (Optional) (No description provided by PHP.net.) + * @return CFSimpleXML Creates a new element. + */ + public static function init($data, $options = 0, $data_is_url, $ns, $is_prefix = false) + { + if (version_compare(PHP_VERSION, '5.3.0', '<')) + { + throw new Exception('PHP 5.3 or newer is required to instantiate a new class with CLASS::init().'); + } + + $self = get_called_class(); + return new $self($data, $options, $data_is_url, $ns, $is_prefix); + } + + + /*%******************************************************************************************%*/ + // TRAVERSAL + + /** + * Wraps the results of an XPath query in a object. + * + * @param string $expr (Required) The XPath expression to use to query the XML response. + * @return CFArray A object containing the results of the XPath query. + */ + public function query($expr) + { + return new CFArray($this->xpath($expr)); + } + + /** + * Gets the parent or a preferred ancestor of the current element. + * + * @param string $node (Optional) Name of the ancestor element to match and return. + * @return CFSimpleXML A object containing the requested node. + */ + public function parent($node = null) + { + if ($node) + { + $parents = $this->xpath('ancestor-or-self::' . $node); + } + else + { + $parents = $this->xpath('parent::*'); + } + + return $parents[0]; + } + + + /*%******************************************************************************************%*/ + // ALTERNATE FORMATS + + /** + * Gets the current XML node as a true string. + * + * @return string The current XML node as a true string. + */ + public function to_string() + { + return (string) $this; + } + + /** + * Gets the current XML node as , a child class of PHP's class. + * + * @return CFArray The current XML node as a object. + */ + public function to_array() + { + return new CFArray(json_decode(json_encode($this), true)); + } + + /** + * Gets the current XML node as a stdClass object. + * + * @return array The current XML node as a stdClass object. + */ + public function to_stdClass() + { + return json_decode(json_encode($this)); + } + + /** + * Gets the current XML node as a JSON string. + * + * @return string The current XML node as a JSON string. + */ + public function to_json() + { + return json_encode($this); + } + + /** + * Gets the current XML node as a YAML string. + * + * @return string The current XML node as a YAML string. + */ + public function to_yaml() + { + return sfYaml::dump(json_decode(json_encode($this), true), 5); + } + + + /*%******************************************************************************************%*/ + // COMPARISONS + + /** + * Whether or not the current node exactly matches the compared value. + * + * @param string $value (Required) The value to compare the current node to. + * @return boolean Whether or not the current node exactly matches the compared value. + */ + public function is($value) + { + return ((string) $this === $value); + } + + /** + * Whether or not the current node contains the compared value. + * + * @param string $value (Required) The value to use to determine whether it is contained within the node. + * @return boolean Whether or not the current node contains the compared value. + */ + public function contains($value) + { + return (stripos((string) $this, $value) !== false); + } + + /** + * Whether or not the current node matches the regular expression pattern. + * + * @param string $pattern (Required) The pattern to match the current node against. + * @return boolean Whether or not the current node matches the pattern. + */ + public function matches($pattern) + { + return (bool) preg_match($pattern, (string) $this); + } + + /** + * Whether or not the current node starts with the compared value. + * + * @param string $value (Required) The value to compare the current node to. + * @return boolean Whether or not the current node starts with the compared value. + */ + public function starts_with($value) + { + return $this->matches("@^$value@u"); + } + + /** + * Whether or not the current node ends with the compared value. + * + * @param string $value (Required) The value to compare the current node to. + * @return boolean Whether or not the current node ends with the compared value. + */ + public function ends_with($value) + { + return $this->matches("@$value$@u"); + } +} diff --git a/3rdparty/aws-sdk/utilities/stacktemplate.class.php b/3rdparty/aws-sdk/utilities/stacktemplate.class.php new file mode 100644 index 00000000000..1e29ef34036 --- /dev/null +++ b/3rdparty/aws-sdk/utilities/stacktemplate.class.php @@ -0,0 +1,52 @@ +strict JSON-specific formatting. + * @return string A JSON representation of the template. + */ + public static function json($template) + { + return json_encode(json_decode($template, true)); + } + + /** + * Converts an associative array (map) of the template into a JSON string. + * + * @param array $template (Required) An associative array that maps directly to its JSON counterpart. + * @return string A JSON representation of the template. + */ + public static function map($template) + { + return json_encode($template); + } +} diff --git a/3rdparty/aws-sdk/utilities/stepconfig.class.php b/3rdparty/aws-sdk/utilities/stepconfig.class.php new file mode 100644 index 00000000000..71492995f44 --- /dev/null +++ b/3rdparty/aws-sdk/utilities/stepconfig.class.php @@ -0,0 +1,91 @@ +config = $config; + } + + /** + * Constructs a new instance of this class, and allows chaining. + * + * @param array $config (Required) An associative array representing the Hadoop step configuration. + * @return $this A reference to the current instance. + */ + public static function init($config) + { + if (version_compare(PHP_VERSION, '5.3.0', '<')) + { + throw new Exception('PHP 5.3 or newer is required to instantiate a new class with CLASS::init().'); + } + + $self = get_called_class(); + return new $self($config); + } + + /** + * Returns a JSON representation of the object when typecast as a string. + * + * @return string A JSON representation of the object. + * @link http://www.php.net/manual/en/language.oop5.magic.php#language.oop5.magic.tostring PHP Magic Methods + */ + public function __toString() + { + return json_encode($this->config); + } + + /** + * Returns the configuration data. + * + * @return array The configuration data. + */ + public function get_config() + { + return $this->config; + } +} diff --git a/3rdparty/aws-sdk/utilities/utilities.class.php b/3rdparty/aws-sdk/utilities/utilities.class.php new file mode 100755 index 00000000000..d4d1120abff --- /dev/null +++ b/3rdparty/aws-sdk/utilities/utilities.class.php @@ -0,0 +1,399 @@ +getConstant($const); + } + + /** + * Convert a HEX value to Base64. + * + * @param string $str (Required) Value to convert. + * @return string Base64-encoded string. + */ + public function hex_to_base64($str) + { + $raw = ''; + + for ($i = 0; $i < strlen($str); $i += 2) + { + $raw .= chr(hexdec(substr($str, $i, 2))); + } + + return base64_encode($raw); + } + + /** + * Convert an associative array into a query string. + * + * @param array $array (Required) Array to convert. + * @return string URL-friendly query string. + */ + public function to_query_string($array) + { + $temp = array(); + + foreach ($array as $key => $value) + { + if (is_string($key) && !is_array($value)) + { + $temp[] = rawurlencode($key) . '=' . rawurlencode($value); + } + } + + return implode('&', $temp); + } + + /** + * Convert an associative array into a sign-able string. + * + * @param array $array (Required) Array to convert. + * @return string URL-friendly sign-able string. + */ + public function to_signable_string($array) + { + $t = array(); + + foreach ($array as $k => $v) + { + $t[] = $this->encode_signature2($k) . '=' . $this->encode_signature2($v); + } + + return implode('&', $t); + } + + /** + * Encode the value according to RFC 3986. + * + * @param string $string (Required) String to convert. + * @return string URL-friendly sign-able string. + */ + public function encode_signature2($string) + { + $string = rawurlencode($string); + return str_replace('%7E', '~', $string); + } + + /** + * Convert a query string into an associative array. Multiple, identical keys will become an indexed array. + * + * @param string $qs (Required) Query string to convert. + * @return array Associative array of keys and values. + */ + public function query_to_array($qs) + { + $query = explode('&', $qs); + $data = array(); + + foreach ($query as $q) + { + $q = explode('=', $q); + + if (isset($data[$q[0]]) && is_array($data[$q[0]])) + { + $data[$q[0]][] = urldecode($q[1]); + } + else if (isset($data[$q[0]]) && !is_array($data[$q[0]])) + { + $data[$q[0]] = array($data[$q[0]]); + $data[$q[0]][] = urldecode($q[1]); + } + else + { + $data[urldecode($q[0])] = urldecode($q[1]); + } + } + return $data; + } + + /** + * Return human readable file sizes. + * + * @author Aidan Lister + * @author Ryan Parman + * @license http://www.php.net/license/3_01.txt PHP License + * @param integer $size (Required) Filesize in bytes. + * @param string $unit (Optional) The maximum unit to use. Defaults to the largest appropriate unit. + * @param string $default (Optional) The format for the return string. Defaults to `%01.2f %s`. + * @return string The human-readable file size. + * @link http://aidanlister.com/repos/v/function.size_readable.php Original Function + */ + public function size_readable($size, $unit = null, $default = null) + { + // Units + $sizes = array('B', 'kB', 'MB', 'GB', 'TB', 'PB', 'EB'); + $mod = 1024; + $ii = count($sizes) - 1; + + // Max unit + $unit = array_search((string) $unit, $sizes); + if ($unit === null || $unit === false) + { + $unit = $ii; + } + + // Return string + if ($default === null) + { + $default = '%01.2f %s'; + } + + // Loop + $i = 0; + while ($unit != $i && $size >= 1024 && $i < $ii) + { + $size /= $mod; + $i++; + } + + return sprintf($default, $size, $sizes[$i]); + } + + /** + * Convert a number of seconds into Hours:Minutes:Seconds. + * + * @param integer $seconds (Required) The number of seconds to convert. + * @return string The formatted time. + */ + public function time_hms($seconds) + { + $time = ''; + + // First pass + $hours = (int) ($seconds / 3600); + $seconds = $seconds % 3600; + $minutes = (int) ($seconds / 60); + $seconds = $seconds % 60; + + // Cleanup + $time .= ($hours) ? $hours . ':' : ''; + $time .= ($minutes < 10 && $hours > 0) ? '0' . $minutes : $minutes; + $time .= ':'; + $time .= ($seconds < 10) ? '0' . $seconds : $seconds; + + return $time; + } + + /** + * Returns the first value that is set. Based on [Try.these()](http://api.prototypejs.org/language/Try/these/) from [Prototype](http://prototypejs.org). + * + * @param array $attrs (Required) The attributes to test, as strings. Intended for testing properties of the $base object, but also works with variables if you place an @ symbol at the beginning of the command. + * @param object $base (Optional) The base object to use, if any. + * @param mixed $default (Optional) What to return if there are no matches. Defaults to `null`. + * @return mixed Either a matching property of a given object, boolean `false`, or any other data type you might choose. + */ + public function try_these($attrs, $base = null, $default = null) + { + if ($base) + { + foreach ($attrs as $attr) + { + if (isset($base->$attr)) + { + return $base->$attr; + } + } + } + else + { + foreach ($attrs as $attr) + { + if (isset($attr)) + { + return $attr; + } + } + } + + return $default; + } + + /** + * Can be removed once all calls are updated. + * + * @deprecated Use instead. + * @param mixed $obj (Required) The PHP object to convert into a JSON string. + * @return string A JSON string. + */ + public function json_encode($obj) + { + return json_encode($obj); + } + + /** + * Converts a SimpleXML response to an array structure. + * + * @param ResponseCore $response (Required) A response value. + * @return array The response value as a standard, multi-dimensional array. + */ + public function convert_response_to_array(ResponseCore $response) + { + return json_decode(json_encode($response), true); + } + + /** + * Checks to see if a date stamp is ISO-8601 formatted, and if not, makes it so. + * + * @param string $datestamp (Required) A date stamp, or a string that can be parsed into a date stamp. + * @return string An ISO-8601 formatted date stamp. + */ + public function convert_date_to_iso8601($datestamp) + { + if (!preg_match('/\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}((\+|-)\d{2}:\d{2}|Z)/m', $datestamp)) + { + return gmdate(self::DATE_FORMAT_ISO8601, strtotime($datestamp)); + } + + return $datestamp; + } + + /** + * Determines whether the data is Base64 encoded or not. + * + * @license http://us.php.net/manual/en/function.base64-decode.php#81425 PHP License + * @param string $s (Required) The string to test. + * @return boolean Whether the string is Base64 encoded or not. + */ + public function is_base64($s) + { + return (bool) preg_match('/^[a-zA-Z0-9\/\r\n+]*={0,2}$/', $s); + } + + /** + * Determines whether the data is a JSON string or not. + * + * @param string $s (Required) The string to test. + * @return boolean Whether the string is a valid JSON object or not. + */ + public function is_json($s) + { + return !!(json_decode($s) instanceof stdClass); + } + + /** + * Decodes `\uXXXX` entities into their real unicode character equivalents. + * + * @param string $s (Required) The string to decode. + * @return string The decoded string. + */ + public function decode_uhex($s) + { + preg_match_all('/\\\u([0-9a-f]{4})/i', $s, $matches); + $matches = $matches[count($matches) - 1]; + $map = array(); + + foreach ($matches as $match) + { + if (!isset($map[$match])) + { + $map['\u' . $match] = html_entity_decode('&#' . hexdec($match) . ';', ENT_NOQUOTES, 'UTF-8'); + } + } + + return str_replace(array_keys($map), $map, $s); + } + + /** + * Generates a random GUID. + * + * @author Alix Axel + * @license http://www.php.net/license/3_01.txt PHP License + * @return string A random GUID. + */ + public function generate_guid() + { + return sprintf( + '%04X%04X-%04X-%04X-%04X-%04X%04X%04X', + mt_rand(0, 65535), + mt_rand(0, 65535), + mt_rand(0, 65535), + mt_rand(16384, 20479), + mt_rand(32768, 49151), + mt_rand(0, 65535), + mt_rand(0, 65535), + mt_rand(0, 65535) + ); + } +} diff --git a/apps/files_external/lib/amazons3.php b/apps/files_external/lib/amazons3.php index e847ef143c3..b8e5b9b079b 100644 --- a/apps/files_external/lib/amazons3.php +++ b/apps/files_external/lib/amazons3.php @@ -20,7 +20,7 @@ * License along with this library. If not, see . */ -require_once 'aws-sdk-1.5.5/sdk.class.php'; +require_once 'aws-sdk/sdk.class.php'; class OC_Filestorage_AmazonS3 extends OC_Filestorage_Common { -- cgit v1.2.3 From 0a49bae87aecef9f6d51007fe02a5071b2f662a4 Mon Sep 17 00:00:00 2001 From: Thomas Tanghus Date: Fri, 8 Jun 2012 20:38:06 +0200 Subject: Contacts: Closed stupid XSS hole. Thanks AnybodyElse ;-) --- apps/contacts/ajax/uploadphoto.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/contacts/ajax/uploadphoto.php b/apps/contacts/ajax/uploadphoto.php index 09c4e55d4a9..32abc6c2859 100644 --- a/apps/contacts/ajax/uploadphoto.php +++ b/apps/contacts/ajax/uploadphoto.php @@ -59,7 +59,7 @@ if ($fn) { bailOut(OC_Contacts_App::$l10n->t('Couldn\'t save temporary image: ').$tmpkey); } } else { - bailOut(OC_Contacts_App::$l10n->t('Couldn\'t load temporary image: ').$tmpkey.$data); + bailOut(OC_Contacts_App::$l10n->t('Couldn\'t load temporary image: ').$tmpkey); } } -- cgit v1.2.3 From 7c5c257bf69f77cea599bdf641676977009ee162 Mon Sep 17 00:00:00 2001 From: Bart Visscher Date: Fri, 8 Jun 2012 16:39:21 +0200 Subject: Comment layout and spelling fixes --- lib/connector/sabre/node.php | 6 ++++-- lib/fileproxy.php | 15 +++++++++------ lib/filesystem.php | 2 +- 3 files changed, 14 insertions(+), 9 deletions(-) diff --git a/lib/connector/sabre/node.php b/lib/connector/sabre/node.php index a7d1de8b953..bb367a18c42 100644 --- a/lib/connector/sabre/node.php +++ b/lib/connector/sabre/node.php @@ -137,7 +137,9 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr /** * Returns a list of properties for this nodes.; * - * The properties list is a list of propertynames the client requested, encoded as xmlnamespace#tagName, for example: http://www.example.org/namespace#author + * The properties list is a list of propertynames the client requested, + * encoded as xmlnamespace#tagName, for example: + * http://www.example.org/namespace#author * If the array is empty, all properties should be returned * * @param array $properties @@ -153,11 +155,11 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr $existing[$row['propertyname']] = $row['propertyvalue']; } + // if the array was empty, we need to return everything if(count($properties) == 0){ return $existing; } - // if the array was empty, we need to return everything $props = array(); foreach($properties as $property) { if (isset($existing[$property])) $props[$property] = $existing[$property]; diff --git a/lib/fileproxy.php b/lib/fileproxy.php index 70db9cca23c..180284f73de 100644 --- a/lib/fileproxy.php +++ b/lib/fileproxy.php @@ -27,14 +27,17 @@ * Manipulation happens by using 2 kind of proxy operations, pre and post proxies * that manipulate the filesystem call and the result of the call respectively * - * A pre-proxy recieves the filepath as arugments (or 2 filespaths in case of operations like copy or move) and return a boolean - * If a pre-proxy returnes false the file operation will be canceled + * A pre-proxy recieves the filepath as arugments (or 2 filespaths in case of + * operations like copy or move) and return a boolean + * If a pre-proxy returns false the file operation will be canceled * All filesystem operations have a pre-proxy * * A post-proxy recieves 2 arguments, the filepath and the result of the operation. - * The return calue of the post-proxy will be used as the new result of the operation - * The operations that have a post-proxy are - * file_get_contents, is_file, is_dir, file_exists, stat, is_readable, is_writable, fileatime, filemtime, filectime, file_get_contents, getMimeType, hash, fopen, free_space and search + * The return value of the post-proxy will be used as the new result of the operation + * The operations that have a post-proxy are: + * file_get_contents, is_file, is_dir, file_exists, stat, is_readable, + * is_writable, fileatime, filemtime, filectime, file_get_contents, + * getMimeType, hash, fopen, free_space and search */ class OC_FileProxy{ @@ -51,7 +54,7 @@ class OC_FileProxy{ } /** - * fallback function when a proxy operation is not implement + * fallback function when a proxy operation is not implemented * @param string $function the name of the proxy operation * @param mixed * diff --git a/lib/filesystem.php b/lib/filesystem.php index 84d45f5f24b..43d743b639d 100644 --- a/lib/filesystem.php +++ b/lib/filesystem.php @@ -281,7 +281,7 @@ class OC_Filesystem{ } /** - * change the root to a fake toor + * change the root to a fake root * @param string fakeRoot * @return bool */ -- cgit v1.2.3 From d9d6876be9bbf32c39f676e3d6cbab85e57abd34 Mon Sep 17 00:00:00 2001 From: Bart Visscher Date: Fri, 8 Jun 2012 20:26:08 +0200 Subject: Add stat cache to OC_Connector_Sabre_Node and OC_Connector_Sabre_File Speeds up access of directories with large number of files. --- lib/connector/sabre/file.php | 4 ++-- lib/connector/sabre/node.php | 18 +++++++++++++++--- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/lib/connector/sabre/file.php b/lib/connector/sabre/file.php index f2efe0a5ac1..3ba1b3355f2 100644 --- a/lib/connector/sabre/file.php +++ b/lib/connector/sabre/file.php @@ -63,8 +63,8 @@ class OC_Connector_Sabre_File extends OC_Connector_Sabre_Node implements Sabre_D * @return int */ public function getSize() { - - return OC_Filesystem::filesize($this->path); + $this->stat(); + return $this->stat_cache['size']; } diff --git a/lib/connector/sabre/node.php b/lib/connector/sabre/node.php index bb367a18c42..e7bcea3171d 100644 --- a/lib/connector/sabre/node.php +++ b/lib/connector/sabre/node.php @@ -29,6 +29,11 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr * @var string */ protected $path; + /** + * file stat cache + * @var array + */ + protected $stat_cache; /** * Sets up the node, expects a full path name @@ -77,7 +82,14 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr } - + /** + * Set the stat cache + */ + protected function stat() { + if (!isset($this->stat_cache)) { + $this->stat_cache = OC_Filesystem::stat($this->path); + } + } /** * Returns the last modification time, as a unix timestamp @@ -85,8 +97,8 @@ abstract class OC_Connector_Sabre_Node implements Sabre_DAV_INode, Sabre_DAV_IPr * @return int */ public function getLastModified() { - - return OC_Filesystem::filemtime($this->path); + $this->stat(); + return $this->stat_cache['mtime']; } -- cgit v1.2.3 From 6af980c20c99e31629f283dae39161ece8a415fc Mon Sep 17 00:00:00 2001 From: Bart Visscher Date: Fri, 8 Jun 2012 20:47:11 +0200 Subject: Add cache for getStorage and getInternalPath functions. These are called for almost every file operation. --- lib/filesystemview.php | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/lib/filesystemview.php b/lib/filesystemview.php index c8df59cf827..8aa7b49f413 100644 --- a/lib/filesystemview.php +++ b/lib/filesystemview.php @@ -40,6 +40,8 @@ class OC_FilesystemView { private $fakeRoot=''; + private $internal_path_cache=array(); + private $storage_cache=array(); public function __construct($root){ $this->fakeRoot=$root; @@ -84,7 +86,10 @@ class OC_FilesystemView { * @return bool */ public function getInternalPath($path){ - return OC_Filesystem::getInternalPath($this->getAbsolutePath($path)); + if (!isset($this->internal_path_cache[$path])) { + $this->internal_path_cache[$path] = OC_Filesystem::getInternalPath($this->getAbsolutePath($path)); + } + return $this->internal_path_cache[$path]; } /** * get the storage object for a path @@ -92,7 +97,10 @@ class OC_FilesystemView { * @return OC_Filestorage */ public function getStorage($path){ - return OC_Filesystem::getStorage($this->getAbsolutePath($path)); + if (!isset($this->storage_cache[$path])) { + $this->storage_cache[$path] = OC_Filesystem::getStorage($this->getAbsolutePath($path)); + } + return $this->storage_cache[$path]; } /** -- cgit v1.2.3 From b9a152450837c90ab3463c0d00ff05219d4b875e Mon Sep 17 00:00:00 2001 From: Bart Visscher Date: Fri, 8 Jun 2012 21:08:38 +0200 Subject: Smarter code for OC_FileProxy --- lib/fileproxy.php | 18 ++++-------------- 1 file changed, 4 insertions(+), 14 deletions(-) diff --git a/lib/fileproxy.php b/lib/fileproxy.php index 180284f73de..82c9298788c 100644 --- a/lib/fileproxy.php +++ b/lib/fileproxy.php @@ -44,15 +44,6 @@ class OC_FileProxy{ private static $proxies=array(); public static $enabled=true; - /** - * check if this proxy implments a specific proxy operation - * @param string #proxy name of the proxy operation - * @return bool - */ - public function provides($operation){ - return method_exists($this,$operation); - } - /** * fallback function when a proxy operation is not implemented * @param string $function the name of the proxy operation @@ -76,11 +67,10 @@ class OC_FileProxy{ self::$proxies[]=$proxy; } - public static function getProxies($operation,$post){ - $operation=(($post)?'post':'pre').$operation; + public static function getProxies($operation){ $proxies=array(); foreach(self::$proxies as $proxy){ - if($proxy->provides($operation)){ + if(method_exists($proxy,$operation)){ $proxies[]=$proxy; } } @@ -91,8 +81,8 @@ class OC_FileProxy{ if(!self::$enabled){ return true; } - $proxies=self::getProxies($operation,false); $operation='pre'.$operation; + $proxies=self::getProxies($operation); foreach($proxies as $proxy){ if(!is_null($filepath2)){ if($proxy->$operation($filepath,$filepath2)===false){ @@ -111,8 +101,8 @@ class OC_FileProxy{ if(!self::$enabled){ return $result; } - $proxies=self::getProxies($operation,true); $operation='post'.$operation; + $proxies=self::getProxies($operation); foreach($proxies as $proxy){ $result=$proxy->$operation($path,$result); } -- cgit v1.2.3 From ac365121022f8b03ac47c41f8b3e32f9ba3f90e6 Mon Sep 17 00:00:00 2001 From: Bart Visscher Date: Fri, 8 Jun 2012 21:23:25 +0200 Subject: Don't use substr to get first char of string --- apps/files_archive/lib/storage.php | 2 +- apps/files_external/lib/ftp.php | 2 +- apps/files_external/lib/smb.php | 8 ++++---- apps/files_external/lib/swift.php | 2 +- apps/files_external/lib/webdav.php | 4 ++-- apps/user_ldap/lib_ldap.php | 4 ++-- lib/app.php | 2 +- lib/archive/tar.php | 4 ++-- lib/archive/zip.php | 2 +- lib/filesystem.php | 10 +++++----- lib/filesystemview.php | 2 +- lib/installer.php | 2 +- lib/user/database.php | 2 +- tests/index.php | 2 +- 14 files changed, 24 insertions(+), 24 deletions(-) diff --git a/apps/files_archive/lib/storage.php b/apps/files_archive/lib/storage.php index b8f7d468385..86761663611 100644 --- a/apps/files_archive/lib/storage.php +++ b/apps/files_archive/lib/storage.php @@ -18,7 +18,7 @@ class OC_Filestorage_Archive extends OC_Filestorage_Common{ private static $rootView; private function stripPath($path){//files should never start with / - if(substr($path,0,1)=='/'){ + if(!$path || $path[0]=='/'){ $path=substr($path,1); } return $path; diff --git a/apps/files_external/lib/ftp.php b/apps/files_external/lib/ftp.php index e9655ebf3a5..4d5ae670de5 100644 --- a/apps/files_external/lib/ftp.php +++ b/apps/files_external/lib/ftp.php @@ -21,7 +21,7 @@ class OC_FileStorage_FTP extends OC_FileStorage_StreamWrapper{ $this->password=$params['password']; $this->secure=isset($params['secure'])?(bool)$params['secure']:false; $this->root=isset($params['root'])?$params['root']:'/'; - if(substr($this->root,0,1)!='/'){ + if(!$this->root || $this->root[0]!='/'){ $this->root='/'.$this->root; } diff --git a/apps/files_external/lib/smb.php b/apps/files_external/lib/smb.php index f594fbb880d..9112655194a 100644 --- a/apps/files_external/lib/smb.php +++ b/apps/files_external/lib/smb.php @@ -23,13 +23,13 @@ class OC_FileStorage_SMB extends OC_FileStorage_StreamWrapper{ $this->password=$params['password']; $this->share=$params['share']; $this->root=isset($params['root'])?$params['root']:'/'; + if(!$this->root || $this->root[0]!='/'){ + $this->root='/'.$this->root; + } if(substr($this->root,-1,1)!='/'){ $this->root.='/'; } - if(substr($this->root,0,1)!='/'){ - $this->root='/'.$this->root; - } - if(substr($this->share,0,1)!='/'){ + if(!$this->share || $this->share[0]!='/'){ $this->share='/'.$this->share; } if(substr($this->share,-1,1)=='/'){ diff --git a/apps/files_external/lib/swift.php b/apps/files_external/lib/swift.php index e3ba9c240cf..58b95a6ae01 100644 --- a/apps/files_external/lib/swift.php +++ b/apps/files_external/lib/swift.php @@ -269,7 +269,7 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{ $this->user=$params['user']; $this->root=isset($params['root'])?$params['root']:'/'; $this->secure=isset($params['secure'])?(bool)$params['secure']:true; - if(substr($this->root,0,1)!='/'){ + if(!$this->root || $this->root[0]!='/'){ $this->root='/'.$this->root; } $this->auth = new CF_Authentication($this->user, $this->token, null, $this->host); diff --git a/apps/files_external/lib/webdav.php b/apps/files_external/lib/webdav.php index 07c90d4878e..d136f04f3eb 100644 --- a/apps/files_external/lib/webdav.php +++ b/apps/files_external/lib/webdav.php @@ -25,7 +25,7 @@ class OC_FileStorage_DAV extends OC_Filestorage_Common{ $this->password=$params['password']; $this->secure=isset($params['secure'])?(bool)$params['secure']:false; $this->root=isset($params['root'])?$params['root']:'/'; - if(substr($this->root,0,1)!='/'){ + if(!$this->root || $this->root[0]!='/'){ $this->root='/'.$this->root; } if(substr($this->root,-1,1)!='/'){ @@ -273,7 +273,7 @@ class OC_FileStorage_DAV extends OC_Filestorage_Common{ } private function cleanPath($path){ - if(substr($path,0,1)=='/'){ + if(!$path || $path[0]=='/'){ return substr($path,1); }else{ return $path; diff --git a/apps/user_ldap/lib_ldap.php b/apps/user_ldap/lib_ldap.php index 22d464b65a2..befdf267bcd 100644 --- a/apps/user_ldap/lib_ldap.php +++ b/apps/user_ldap/lib_ldap.php @@ -576,7 +576,7 @@ class OC_LDAP { static private function combineFilter($filters, $operator) { $combinedFilter = '('.$operator; foreach($filters as $filter) { - if(substr($filter,0,1) != '(') { + if($filter[0] != '(') { $filter = '('.$filter.')'; } $combinedFilter.=$filter; @@ -692,4 +692,4 @@ class OC_LDAP { return false; } - } \ No newline at end of file + } diff --git a/lib/app.php b/lib/app.php index e8a5a1291d9..0c51e3c5532 100755 --- a/lib/app.php +++ b/lib/app.php @@ -469,7 +469,7 @@ class OC_App{ $apps=array(); $dh=opendir(OC::$APPSROOT.'/apps'); while($file=readdir($dh)){ - if(substr($file,0,1)!='.' and is_file(OC::$APPSROOT.'/apps/'.$file.'/appinfo/app.php')){ + if($file[0]!='.' and is_file(OC::$APPSROOT.'/apps/'.$file.'/appinfo/app.php')){ $apps[]=$file; } } diff --git a/lib/archive/tar.php b/lib/archive/tar.php index 4ff78779834..944a0ac4ba4 100644 --- a/lib/archive/tar.php +++ b/lib/archive/tar.php @@ -150,7 +150,7 @@ class OC_Archive_TAR extends OC_Archive{ $folderContent=array(); $pathLength=strlen($path); foreach($files as $file){ - if(substr($file,0,1)=='/'){ + if($file[0]=='/'){ $file=substr($file,1); } if(substr($file,0,$pathLength)==$path and $file!=$path){ @@ -241,7 +241,7 @@ class OC_Archive_TAR extends OC_Archive{ } } } - if(substr($path,0,1)!='/'){//not all programs agree on the use of a leading / + if($path[0]!='/'){//not all programs agree on the use of a leading / return $this->fileExists('/'.$path); }else{ return false; diff --git a/lib/archive/zip.php b/lib/archive/zip.php index 22ab48937eb..6631a649b16 100644 --- a/lib/archive/zip.php +++ b/lib/archive/zip.php @@ -191,7 +191,7 @@ class OC_Archive_ZIP extends OC_Archive{ } private function stripPath($path){ - if(substr($path,0,1)=='/'){ + if(!$path || $path[0]=='/'){ return substr($path,1); }else{ return $path; diff --git a/lib/filesystem.php b/lib/filesystem.php index 43d743b639d..337b0f1464b 100644 --- a/lib/filesystem.php +++ b/lib/filesystem.php @@ -150,7 +150,7 @@ class OC_Filesystem{ if(!$path){ $path='/'; } - if(substr($path,0,1)!=='/'){ + if($path[0]!=='/'){ $path='/'.$path; } $foundMountPoint=''; @@ -313,12 +313,12 @@ class OC_Filesystem{ * @param string mountpoint */ static public function mount($class,$arguments,$mountpoint){ + if($mountpoint[0]!='/'){ + $mountpoint='/'.$mountpoint; + } if(substr($mountpoint,-1)!=='/'){ $mountpoint=$mountpoint.'/'; } - if(substr($mountpoint,0,1)!=='/'){ - $mountpoint='/'.$mountpoint; - } self::$mounts[$mountpoint]=array('class'=>$class,'arguments'=>$arguments); } @@ -349,7 +349,7 @@ class OC_Filesystem{ * @return bool */ static public function isValidPath($path){ - if(substr($path,0,1)!=='/'){ + if(!$path || $path[0]!=='/'){ $path='/'.$path; } if(strstr($path,'/../') || strrchr($path, '/') === '/..' ){ diff --git a/lib/filesystemview.php b/lib/filesystemview.php index 8aa7b49f413..6e34257a460 100644 --- a/lib/filesystemview.php +++ b/lib/filesystemview.php @@ -51,7 +51,7 @@ class OC_FilesystemView { if(!$path){ $path='/'; } - if(substr($path,0,1)!=='/'){ + if($path[0]!=='/'){ $path='/'.$path; } return $this->fakeRoot.$path; diff --git a/lib/installer.php b/lib/installer.php index 5c030d2917d..34c6f8c7bb9 100644 --- a/lib/installer.php +++ b/lib/installer.php @@ -110,7 +110,7 @@ class OC_Installer{ //try to find it in a subdir $dh=opendir($extractDir); while($folder=readdir($dh)){ - if(substr($folder,0,1)!='.' and is_dir($extractDir.'/'.$folder)){ + if($folder[0]!='.' and is_dir($extractDir.'/'.$folder)){ if(is_file($extractDir.'/'.$folder.'/appinfo/info.xml')){ $extractDir.='/'.$folder; } diff --git a/lib/user/database.php b/lib/user/database.php index bb077c8364f..a48b8357d64 100644 --- a/lib/user/database.php +++ b/lib/user/database.php @@ -129,7 +129,7 @@ class OC_User_Database extends OC_User_Backend { $row=$result->fetchRow(); if($row){ $storedHash=$row['password']; - if (substr($storedHash,0,1)=='$'){//the new phpass based hashing + if ($storedHash[0]=='$'){//the new phpass based hashing $hasher=$this->getHasher(); if($hasher->CheckPassword($password.OC_Config::getValue('passwordsalt', ''), $storedHash)){ return $row['uid']; diff --git a/tests/index.php b/tests/index.php index 9c5178f81a8..691bf2a5d45 100644 --- a/tests/index.php +++ b/tests/index.php @@ -47,7 +47,7 @@ function loadTests($dir=''){ } if($dh=opendir($dir)){ while($name=readdir($dh)){ - if(substr($name,0,1)!='.'){//no hidden files, '.' or '..' + if($name[0]!='.'){//no hidden files, '.' or '..' $file=$dir.'/'.$name; if(is_dir($file)){ loadTests($file); -- cgit v1.2.3 From 9e434dea605b029d56f1bed01d87c26a0c7f4ebb Mon Sep 17 00:00:00 2001 From: Bartek Przybylski Date: Fri, 8 Jun 2012 20:26:17 +0200 Subject: tabs for spaces, removing thumbnail on file removal --- apps/gallery/appinfo/app.php | 2 + apps/gallery/css/styles.css | 18 +-- apps/gallery/index.php | 3 + apps/gallery/js/album_cover.js | 138 ---------------------- apps/gallery/lib/hooks_handlers.php | 224 +++++++++++++++++------------------- apps/gallery/lib/managers.php | 2 +- apps/gallery/lib/tiles.php | 4 +- apps/gallery/templates/index.php | 9 +- 8 files changed, 121 insertions(+), 279 deletions(-) delete mode 100644 apps/gallery/js/album_cover.js diff --git a/apps/gallery/appinfo/app.php b/apps/gallery/appinfo/app.php index e1db33eb314..2aa6a9e8f92 100644 --- a/apps/gallery/appinfo/app.php +++ b/apps/gallery/appinfo/app.php @@ -26,6 +26,8 @@ OC::$CLASSPATH['OC_Gallery_Photo'] = 'apps/gallery/lib/photo.php'; OC::$CLASSPATH['OC_Gallery_Scanner'] = 'apps/gallery/lib/scanner.php'; OC::$CLASSPATH['OC_Gallery_Sharing'] = 'apps/gallery/lib/sharing.php'; OC::$CLASSPATH['OC_Gallery_Hooks_Handlers'] = 'apps/gallery/lib/hooks_handlers.php'; +OC::$CLASSPATH['Pictures_Managers'] = 'apps/gallery/lib/managers.php'; +OC::$CLASSPATH['Pictures_Tiles'] = 'apps/gallery/lib/tiles.php'; $l = OC_L10N::get('gallery'); diff --git a/apps/gallery/css/styles.css b/apps/gallery/css/styles.css index fbf54e43db2..98d36515493 100644 --- a/apps/gallery/css/styles.css +++ b/apps/gallery/css/styles.css @@ -1,20 +1,6 @@ -div#gallery_list { margin: 4.5em 2em 0 2em; } -div#gallery_list.leftcontent { padding-top: 15pt; margin: 0; position: absolute; bottom:0px; text-align: center; overflow: auto; } -div.gallery_box { width: 200px; position:relative; text-align: center; border: 0; display: inline-block; margin: 5pt; vertical-align: top; padding: 5px 5px 5px 5px; position: relative; -webkit-transition: color 0.5s ease-in-out; -o-transition: color 0.5s ease-in-out; -moz-transition: color 0.5s ease-in-out;color: #BBB;} -div.album {border: 1px solid #e0e0e0; border-radius: 7px;} -div.gallery_box h1 { font-size: 9pt; font-family: Verdana; } -div.gallery_album_decoration { width: 200px; position: absolute; border: 0; height: 20px; top: 5px; text-align:right; vertical-align:middle; background-color: #eee; opacity: 0; -webkit-transition: opacity 0.5s ease-in-out; -moz-transition: opacity 0.5s ease-in-out; -o-transition: opacity 0.5s ease-in-out; } -div.gallery_box:hover { color: black; } -div.gallery_box:hover div.gallery_album_decoration { opacity: 0.7;} -div.gallery_album_decoration a {padding: 0 4pt; cursor: pointer;} -div.gallery_album_cover { width: 200px; height: 200px; border: 0; padding: 0; position:relative;} -div.gallery_box:hover div.gallery_control_overlay { opacity:0.5 } -div.gallery_control_overlay a { color:white; } -#gallery_images.rightcontent { padding:10px 5px; bottom: 0px; overflow: auto; right:0px} -#scan { position:absolute; right:13.5em; top:0em; } -#scan #scanprogressbar { position:relative; display:inline-block; width:10em; height:1.5em; top:.4em; } +#gallerycontent { margin-top: 2.8em; overflow: visible; } #g-settings {position: absolute; left 13.5em; top: 0;} -input[type=button] { -webkit-transition: opacity 0.5s ease-in-out; -moz-transition: opacity 0.5s ease-in-out; -o-transition: opacity 0.5s ease-in-out; opacity: 1} +div#controls input[type=button] { -webkit-transition: opacity 0.5s ease-in-out; -moz-transition: opacity 0.5s ease-in-out; -o-transition: opacity 0.5s ease-in-out; opacity: 1; position:absolute; right:13.5em; top:0em; } input[type=button]:disabled { opacity: 0.5 } .ui-dialog tr {background-color: #eee;} .ui-dialog input {width: 90%;} diff --git a/apps/gallery/index.php b/apps/gallery/index.php index 9d4654a7cc5..740f4bf04f5 100644 --- a/apps/gallery/index.php +++ b/apps/gallery/index.php @@ -27,6 +27,9 @@ OCP\User::checkLoggedIn(); OCP\App::checkAppEnabled('gallery'); OCP\App::setActiveNavigationEntry( 'gallery_index' ); +OCP\Util::addStyle('gallery', 'styles'); +OCP\Util::addScript('gallery', 'pictures'); + $tmpl = new OCP\Template( 'gallery', 'index', 'user' ); $tmpl->printPage(); ?> diff --git a/apps/gallery/js/album_cover.js b/apps/gallery/js/album_cover.js deleted file mode 100644 index 905034f6fd1..00000000000 --- a/apps/gallery/js/album_cover.js +++ /dev/null @@ -1,138 +0,0 @@ -var actual_cover; -var paths = []; -var crumbCount = 0; -$(document).ready(returnToElement(0)); - -function returnToElement(num) { - while (crumbCount != num) { - $('#g-album-navigation .last').remove(); - $('#g-album-navigation .crumb :last').parent().addClass('last'); - crumbCount--; - paths.pop(); - } - var p=''; - for (var i in paths) p += paths[i]+'/'; - $('#g-album-loading').show(); - $.getJSON(OC.filePath('gallery','ajax','galleryOp.php'), {operation: 'get_gallery', path: p }, albumClickHandler); -} - -function albumClick(title) { - paths.push(title); - crumbCount++; - var p = ''; - for (var i in paths) p += paths[i]+'/'; - $('#g-album-loading').show(); - $.getJSON(OC.filePath('gallery','ajax','galleryOp.php'), {operation: 'get_gallery', path: p }, function(r) { - albumClickHandler(r); - if ($('#g-album-navigation :last-child')) - $('#g-album-navigation :last-child').removeClass('last'); - $('#g-album-navigation').append('

'+decodeURIComponent(escape(title))+'

'); - }); -} - -function constructSharingPath() { - return document.location.protocol + '//' + document.location.host + OC.linkTo('', 'public.php') + '?service=gallery&token=' + Albums.token; -} - -function shareGallery() { - var existing_token = ''; - if (Albums.token) - existing_token = constructSharingPath(); - var form_fields = [{text: 'Share', name: 'share', type: 'checkbox', value: Albums.shared}, - {text: 'Share recursive', name: 'recursive', type: 'checkbox', value: Albums.recursive}, - {text: 'Shared gallery address', name: 'address', type: 'text', value: existing_token}]; - OC.dialogs.form(form_fields, t('gallery', 'Share gallery'), function(values){ - var p = ''; - for (var i in paths) p += paths[i]+'/'; - if (p == '') p = '/'; - alert(p); - $.getJSON(OC.filePath('gallery', 'ajax', 'galleryOp.php'), {operation: 'share', path: p, share: values[0].value, recursive: values[1].value}, function(r) { - if (r.status == 'success') { - Albums.shared = r.sharing; - if (Albums.shared) { - Albums.token = r.token; - Albums.recursive = r.recursive; - } else { - Albums.token = ''; - Albums.recursive = false; - } - var actual_addr = ''; - if (Albums.token) - actual_addr = constructSharingPath(); - $('input[name="address"]').val(actual_addr); - } else { - OC.dialogs.alert(t('gallery', 'Error: ') + r.cause, t('gallery', 'Internal error')); - } - }); - }); -} - -function albumClickHandler(r) { - Albums.photos = []; - Albums.albums = []; - if (r.status == 'success') { - for (var i in r.albums) { - var a = r.albums[i]; - Albums.add(a.name, a.numOfItems, a.path, a.shared, a.recursive, a.token); - } - for (var i in r.photos) { - Albums.photos.push(r.photos[i]); - } - Albums.shared = r.shared; - if (Albums.shared) { - Albums.recursive = r.recursive; - Albums.token = r.token; - } else { - Albums.recursive = false; - Albums.token = ''; - } - $(document).ready(function(){ - var targetDiv = $('#gallery_list'); - targetDiv.html(''); - Albums.display(targetDiv); - //$('#gallery_list').sortable({revert:true}); - $('.album').each(function(i, el) { - $(el).click(albumClick.bind(null,$(el).attr('title'))); - //$(el).draggable({connectToSortable: '#gallery_list', handle: '.dummy'}); - }); - }); - } else { - OC.dialogs.alert(t('gallery', 'Error: ') + r.cause, t('gallery', 'Internal error')); - } - $('#g-album-loading').hide(); -} - -var albumCounter = 0; -var totalAlbums = 0; - -function scanForAlbums(cleanup) { - Scanner.scanAlbums(); - return; -} - -function settings() { - OC.dialogs.form([{text: t('gallery', 'Scanning root'), name: 'root', type:'text', value:gallery_scanning_root}, - {text: t('gallery', 'Default order'), name: 'order', type:'select', value:gallery_default_order, options:[ - {text:t('gallery', 'Ascending'), value:'ASC'}, {text: t('gallery', 'Descending'), value:'DESC'} ]}], - t('gallery', 'Settings'), - function(values) { - var scanning_root = values[0].value; - var disp_order = values[1].value; - if (scanning_root == '') { - OC.dialogs.alert(t('gallery', 'Scanning root cannot be empty'), t('gallery', 'Error')); - return; - } - $.getJSON(OC.filePath('gallery','ajax','galleryOp.php'), {operation: 'store_settings', root: scanning_root, order: disp_order}, function(r) { - if (r.status == 'success') { - if (r.rescan == 'yes') { - Albums.clear(document.getElementById('gallery_list')); - scanForAlbums(true); - } - gallery_scanning_root = scanning_root; - } else { - OC.dialogs.alert(t('gallery', 'Error: ') + r.cause, t('gallery', 'Error')); - return; - } - }); - }); -} diff --git a/apps/gallery/lib/hooks_handlers.php b/apps/gallery/lib/hooks_handlers.php index 6391e9f4e54..30c4b50577d 100644 --- a/apps/gallery/lib/hooks_handlers.php +++ b/apps/gallery/lib/hooks_handlers.php @@ -13,136 +13,120 @@ * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU AFFERO GENERAL PUBLIC LICENSE for more details. -* +* * You should have received a copy of the GNU Lesser General Public -* License along with this library. If not, see . +* License along with this library. If not, see . * */ -OCP\Util::connectHook(OC_Filesystem::CLASSNAME, OC_Filesystem::signal_post_write, "OC_Gallery_Hooks_Handlers", "addPhotoFromPath"); OCP\Util::connectHook(OC_Filesystem::CLASSNAME, OC_Filesystem::signal_delete, "OC_Gallery_Hooks_Handlers", "removePhoto"); //OCP\Util::connectHook(OC_Filesystem::CLASSNAME, OC_Filesystem::signal_post_rename, "OC_Gallery_Hooks_Handlers", "renamePhoto"); -require_once(OC::$CLASSPATH['OC_Gallery_Album']); -require_once(OC::$CLASSPATH['OC_Gallery_Photo']); +require_once(OC::$CLASSPATH['Pictures_Managers']); class OC_Gallery_Hooks_Handlers { - private static $APP_TAG = "Gallery"; - - private static function isPhoto($filename) { - $ext = strtolower(substr($filename, strrpos($filename, '.')+1)); - return $ext=='png' || $ext=='jpeg' || $ext=='jpg' || $ext=='gif'; - } - - private static function directoryContainsPhotos($dirpath) { - $dirhandle = OC_Filesystem::opendir($dirpath.'/'); - if ($dirhandle != FALSE) { - while (($filename = readdir($dirhandle)) != FALSE) { - if ($filename[0] == '.') continue; - if (self::isPhoto($dirpath.'/'.$filename)) return true; - } - } - return false; - } - - private static function createAlbum($path) { - $new_album_name = trim(str_replace('/', '.', $path), '.'); - if ($new_album_name == '') - $new_album_name = 'main'; - - OCP\Util::writeLog(self::$APP_TAG, 'Creating new album '.$new_album_name, OCP\Util::DEBUG); - OC_Gallery_Album::create(OCP\USER::getUser(), $new_album_name, $path); - - return OC_Gallery_Album::find(OCP\USER::getUser(), null, $path); - } - - public static function pathInRoot($path) { - $root = OCP\Config::getUserValue(OCP\USER::getUser(), 'gallery', 'root', '/'); - return substr($path, 0, strlen($path)>strlen($root)?strlen($root):strlen($path)) == $root; - } - - public static function addPhotoFromPath($params) { - $fullpath = $params[OC_Filesystem::signal_param_path]; - $fullpath = rtrim(dirname($fullpath),'/').'/'.basename($fullpath); - - if (!self::isPhoto($fullpath)) return; - - $a = OC_Gallery_Album::find(OCP\USER::getUser(), null, dirname($fullpath)); - if (!($r = $a->fetchRow())) { - OC_Gallery_Album::create(OCP\USER::getUser(), basename(dirname($fullpath)), dirname($fullpath)); - $a = OC_Gallery_Album::find(OCP\USER::getUser(), null, dirname($fullpath)); - $r = $a->fetchRow(); - } - $albumId = $r['album_id']; - $p = OC_Gallery_Album::find($albumId, $fullpath); - if (!($p->fetchRow())) - OC_Gallery_Photo::create($albumId, $fullpath); - } - - public static function removePhoto($params) { - $fullpath = $params[OC_Filesystem::signal_param_path]; - $fullpath = rtrim(dirname($fullpath),'/').'/'.basename($fullpath); - - if (OC_Filesystem::is_dir($fullpath)) { - OC_Gallery_Album::remove(OCP\USER::getUser(), null, $fullpath); - } elseif (self::isPhoto($fullpath)) { - $a = OC_Gallery_Album::find(OCP\USER::getUser(), null, rtrim(dirname($fullpath),'/')); - if (($r = $a->fetchRow())) { - OC_Gallery_Photo::removeByPath($fullpath, $r['album_id']); - $p = OC_Gallery_Photo::findForAlbum(OCP\USER::getUser(), $r['album_name']); - if (!($p->fetchRow())) { - OC_Gallery_Album::remove(OCP\USER::getUser(), null, dirname($fullpath)); - } - } - } - } - - public static function renamePhoto($params) { - $oldpath = $params[OC_Filesystem::signal_param_oldpath]; - $newpath = $params[OC_Filesystem::signal_param_newpath]; - if (OC_Filesystem::is_dir($newpath.'/') && self::directoryContainsPhotos($newpath)) { - OC_Gallery_Album::changePath($oldpath, $newpath, OCP\USER::getUser()); - } elseif (self::isPhoto($newpath)) { - $olddir = dirname($oldpath); - $newdir = dirname($newpath); - if ($olddir == '') $olddir = '/'; - if ($newdir == '') $newdir = '/'; - if (!self::isPhoto($newpath)) return; - OCP\Util::writeLog(self::$APP_TAG, 'Moving photo from '.$oldpath.' to '.$newpath, OCP\Util::DEBUG); - $album; - $newAlbumId; - $oldAlbumId; - if ($olddir == $newdir) { - // album changing is not needed - $albums = OC_Gallery_Album::find(OCP\USER::getUser(), null, $olddir); - $album = $albums->fetchRow(); - if (!$album) { - $albums = self::createAlbum($newdir); - $album = $albums->fetchRow(); - } - $newAlbumId = $oldAlbumId = $album['album_id']; - } else { - $newalbum = OC_Gallery_Album::find(OCP\USER::getUser(), null, $newdir); - $oldalbum = OC_Gallery_Album::find(OCP\USER::getUser(), null, $olddir); - - if (!($newalbum = $newalbum->fetchRow())) { - $newalbum = self::createAlbum($newdir); - $newalbum = $newalbum->fetchRow(); - } - $oldalbum = $oldalbum->fetchRow(); - if (!$oldalbum) { - OC_Gallery_Photo::create($newalbum['album_id'], $newpath); - return; - } - $newAlbumId = $newalbum['album_id']; - $oldAlbumId = $oldalbum['album_id']; - - } - OC_Gallery_Photo::changePath($oldAlbumId, $newAlbumId, $oldpath, $newpath); - } - } + private static $APP_TAG = "Gallery"; + + private static function isPhoto($filename) { + $ext = strtolower(substr($filename, strrpos($filename, '.')+1)); + return $ext=='png' || $ext=='jpeg' || $ext=='jpg' || $ext=='gif'; + } + + private static function directoryContainsPhotos($dirpath) { + $dirhandle = OC_Filesystem::opendir($dirpath.'/'); + if ($dirhandle != FALSE) { + while (($filename = readdir($dirhandle)) != FALSE) { + if ($filename[0] == '.') continue; + if (self::isPhoto($dirpath.'/'.$filename)) return true; + } + } + return false; + } + + private static function createAlbum($path) { + $new_album_name = trim(str_replace('/', '.', $path), '.'); + if ($new_album_name == '') + $new_album_name = 'main'; + + OCP\Util::writeLog(self::$APP_TAG, 'Creating new album '.$new_album_name, OCP\Util::DEBUG); + OC_Gallery_Album::create(OCP\USER::getUser(), $new_album_name, $path); + + return OC_Gallery_Album::find(OCP\USER::getUser(), null, $path); + } + + public static function pathInRoot($path) { + $root = OCP\Config::getUserValue(OCP\USER::getUser(), 'gallery', 'root', '/'); + return substr($path, 0, strlen($path)>strlen($root)?strlen($root):strlen($path)) == $root; + } + + public static function addPhotoFromPath($params) { + $fullpath = $params[OC_Filesystem::signal_param_path]; + $fullpath = rtrim(dirname($fullpath),'/').'/'.basename($fullpath); + + if (!self::isPhoto($fullpath)) return; + + $a = OC_Gallery_Album::find(OCP\USER::getUser(), null, dirname($fullpath)); + if (!($r = $a->fetchRow())) { + OC_Gallery_Album::create(OCP\USER::getUser(), basename(dirname($fullpath)), dirname($fullpath)); + $a = OC_Gallery_Album::find(OCP\USER::getUser(), null, dirname($fullpath)); + $r = $a->fetchRow(); + } + $albumId = $r['album_id']; + $p = OC_Gallery_Album::find($albumId, $fullpath); + if (!($p->fetchRow())) + OC_Gallery_Photo::create($albumId, $fullpath); + } + + public static function removePhoto($params) { + \OC\Pictures\ThumbnailsManager::getInstance()->delete($params[OC_Filesystem::signal_param_path]); + } + + public static function renamePhoto($params) { + $oldpath = $params[OC_Filesystem::signal_param_oldpath]; + $newpath = $params[OC_Filesystem::signal_param_newpath]; + if (OC_Filesystem::is_dir($newpath.'/') && self::directoryContainsPhotos($newpath)) { + OC_Gallery_Album::changePath($oldpath, $newpath, OCP\USER::getUser()); + } elseif (self::isPhoto($newpath)) { + $olddir = dirname($oldpath); + $newdir = dirname($newpath); + if ($olddir == '') $olddir = '/'; + if ($newdir == '') $newdir = '/'; + if (!self::isPhoto($newpath)) return; + OCP\Util::writeLog(self::$APP_TAG, 'Moving photo from '.$oldpath.' to '.$newpath, OCP\Util::DEBUG); + $album; + $newAlbumId; + $oldAlbumId; + if ($olddir == $newdir) { + // album changing is not needed + $albums = OC_Gallery_Album::find(OCP\USER::getUser(), null, $olddir); + $album = $albums->fetchRow(); + if (!$album) { + $albums = self::createAlbum($newdir); + $album = $albums->fetchRow(); + } + $newAlbumId = $oldAlbumId = $album['album_id']; + } else { + $newalbum = OC_Gallery_Album::find(OCP\USER::getUser(), null, $newdir); + $oldalbum = OC_Gallery_Album::find(OCP\USER::getUser(), null, $olddir); + + if (!($newalbum = $newalbum->fetchRow())) { + $newalbum = self::createAlbum($newdir); + $newalbum = $newalbum->fetchRow(); + } + $oldalbum = $oldalbum->fetchRow(); + if (!$oldalbum) { + OC_Gallery_Photo::create($newalbum['album_id'], $newpath); + return; + } + $newAlbumId = $newalbum['album_id']; + $oldAlbumId = $oldalbum['album_id']; + + } + OC_Gallery_Photo::changePath($oldAlbumId, $newAlbumId, $oldpath, $newpath); + } + } } ?> diff --git a/apps/gallery/lib/managers.php b/apps/gallery/lib/managers.php index 2444659d0a4..2d2bdd2734b 100644 --- a/apps/gallery/lib/managers.php +++ b/apps/gallery/lib/managers.php @@ -88,7 +88,7 @@ class ThumbnailsManager { } public function delete($path) { - unlink(\OC::$CONFIG_DATADIRECTORY_ROOT.'/'.\OC_User::getUser()."/gallery".$path); + unlink(\OCP\Config::getSystemValue('datadirectory').'/'.\OC_User::getUser()."/gallery".$path); } private function __construct() {} diff --git a/apps/gallery/lib/tiles.php b/apps/gallery/lib/tiles.php index ff9519142ac..f1961cb72e5 100644 --- a/apps/gallery/lib/tiles.php +++ b/apps/gallery/lib/tiles.php @@ -156,11 +156,11 @@ class TileStack extends TileBase { } public function getOnHoverAction() { - return 'javascript:t(this);return false;'; + return 'javascript:explode(this);return false;'; } public function getOnOutAction() { - return 'javascript:o(this);return false;'; + return 'javascript:deplode(this);return false;'; } public function getCount() { diff --git a/apps/gallery/templates/index.php b/apps/gallery/templates/index.php index 39e3bbf47b3..88cf0912cbd 100644 --- a/apps/gallery/templates/index.php +++ b/apps/gallery/templates/index.php @@ -15,7 +15,7 @@ div.visible { opacity: 0.8;} var root = ""; -function t(element) { +function explode(element) { $('div', element).each(function(index, elem) { if ($(elem).hasClass('title')) { $(elem).addClass('visible'); @@ -27,7 +27,7 @@ function t(element) { }); } -function o(element) { +function deplode(element) { $('div', element).each(function(index, elem) { if ($(elem).hasClass('title')) { $(elem).removeClass('visible'); @@ -55,6 +55,10 @@ $(document).ready(function() { +

+
+

getCount() != 0) { echo $tl->get(); ?> +

-- cgit v1.2.3 From 71b04717ab2331b616d9040c48cbaebc5044f5c0 Mon Sep 17 00:00:00 2001 From: Bartek Przybylski Date: Fri, 8 Jun 2012 20:27:08 +0200 Subject: adding missing file --- apps/gallery/js/pictures.js | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 apps/gallery/js/pictures.js diff --git a/apps/gallery/js/pictures.js b/apps/gallery/js/pictures.js new file mode 100644 index 00000000000..678c9bcbf55 --- /dev/null +++ b/apps/gallery/js/pictures.js @@ -0,0 +1,37 @@ + +function constructSharingPath() { + return document.location.protocol + '//' + document.location.host + OC.linkTo('', 'public.php') + '?service=gallery&token=' + Albums.token; +} + +function shareGallery() { + var existing_token = ''; + //if (Albums.token) + // existing_token = constructSharingPath(); + var form_fields = [{text: 'Share', name: 'share', type: 'checkbox', value: false}, + {text: 'Share recursive', name: 'recursive', type: 'checkbox', value: false}, + {text: 'Shared gallery address', name: 'address', type: 'text', value: ''}]; + OC.dialogs.form(form_fields, t('gallery', 'Share gallery'), function(values){ + var p = ''; + for (var i in paths) p += paths[i]+'/'; + if (p == '') p = '/'; + alert(p); + $.getJSON(OC.filePath('gallery', 'ajax', 'galleryOp.php'), {operation: 'share', path: p, share: values[0].value, recursive: values[1].value}, function(r) { + if (r.status == 'success') { + Albums.shared = r.sharing; + if (Albums.shared) { + Albums.token = r.token; + Albums.recursive = r.recursive; + } else { + Albums.token = ''; + Albums.recursive = false; + } + var actual_addr = ''; + if (Albums.token) + actual_addr = constructSharingPath(); + $('input[name="address"]').val(actual_addr); + } else { + OC.dialogs.alert(t('gallery', 'Error: ') + r.cause, t('gallery', 'Internal error')); + } + }); + }); +} -- cgit v1.2.3 From 6b0a2ae60eb8d3beb5adad7022ce4f9ba9e25aee Mon Sep 17 00:00:00 2001 From: Bartek Przybylski Date: Fri, 8 Jun 2012 20:34:10 +0200 Subject: remove old code --- apps/gallery/lib/hooks_handlers.php | 92 +------------------------------------ 1 file changed, 1 insertion(+), 91 deletions(-) diff --git a/apps/gallery/lib/hooks_handlers.php b/apps/gallery/lib/hooks_handlers.php index 30c4b50577d..a9f4dc6affc 100644 --- a/apps/gallery/lib/hooks_handlers.php +++ b/apps/gallery/lib/hooks_handlers.php @@ -27,57 +27,6 @@ OCP\Util::connectHook(OC_Filesystem::CLASSNAME, OC_Filesystem::signal_delete, "O require_once(OC::$CLASSPATH['Pictures_Managers']); class OC_Gallery_Hooks_Handlers { - private static $APP_TAG = "Gallery"; - - private static function isPhoto($filename) { - $ext = strtolower(substr($filename, strrpos($filename, '.')+1)); - return $ext=='png' || $ext=='jpeg' || $ext=='jpg' || $ext=='gif'; - } - - private static function directoryContainsPhotos($dirpath) { - $dirhandle = OC_Filesystem::opendir($dirpath.'/'); - if ($dirhandle != FALSE) { - while (($filename = readdir($dirhandle)) != FALSE) { - if ($filename[0] == '.') continue; - if (self::isPhoto($dirpath.'/'.$filename)) return true; - } - } - return false; - } - - private static function createAlbum($path) { - $new_album_name = trim(str_replace('/', '.', $path), '.'); - if ($new_album_name == '') - $new_album_name = 'main'; - - OCP\Util::writeLog(self::$APP_TAG, 'Creating new album '.$new_album_name, OCP\Util::DEBUG); - OC_Gallery_Album::create(OCP\USER::getUser(), $new_album_name, $path); - - return OC_Gallery_Album::find(OCP\USER::getUser(), null, $path); - } - - public static function pathInRoot($path) { - $root = OCP\Config::getUserValue(OCP\USER::getUser(), 'gallery', 'root', '/'); - return substr($path, 0, strlen($path)>strlen($root)?strlen($root):strlen($path)) == $root; - } - - public static function addPhotoFromPath($params) { - $fullpath = $params[OC_Filesystem::signal_param_path]; - $fullpath = rtrim(dirname($fullpath),'/').'/'.basename($fullpath); - - if (!self::isPhoto($fullpath)) return; - - $a = OC_Gallery_Album::find(OCP\USER::getUser(), null, dirname($fullpath)); - if (!($r = $a->fetchRow())) { - OC_Gallery_Album::create(OCP\USER::getUser(), basename(dirname($fullpath)), dirname($fullpath)); - $a = OC_Gallery_Album::find(OCP\USER::getUser(), null, dirname($fullpath)); - $r = $a->fetchRow(); - } - $albumId = $r['album_id']; - $p = OC_Gallery_Album::find($albumId, $fullpath); - if (!($p->fetchRow())) - OC_Gallery_Photo::create($albumId, $fullpath); - } public static function removePhoto($params) { \OC\Pictures\ThumbnailsManager::getInstance()->delete($params[OC_Filesystem::signal_param_path]); @@ -86,46 +35,7 @@ class OC_Gallery_Hooks_Handlers { public static function renamePhoto($params) { $oldpath = $params[OC_Filesystem::signal_param_oldpath]; $newpath = $params[OC_Filesystem::signal_param_newpath]; - if (OC_Filesystem::is_dir($newpath.'/') && self::directoryContainsPhotos($newpath)) { - OC_Gallery_Album::changePath($oldpath, $newpath, OCP\USER::getUser()); - } elseif (self::isPhoto($newpath)) { - $olddir = dirname($oldpath); - $newdir = dirname($newpath); - if ($olddir == '') $olddir = '/'; - if ($newdir == '') $newdir = '/'; - if (!self::isPhoto($newpath)) return; - OCP\Util::writeLog(self::$APP_TAG, 'Moving photo from '.$oldpath.' to '.$newpath, OCP\Util::DEBUG); - $album; - $newAlbumId; - $oldAlbumId; - if ($olddir == $newdir) { - // album changing is not needed - $albums = OC_Gallery_Album::find(OCP\USER::getUser(), null, $olddir); - $album = $albums->fetchRow(); - if (!$album) { - $albums = self::createAlbum($newdir); - $album = $albums->fetchRow(); - } - $newAlbumId = $oldAlbumId = $album['album_id']; - } else { - $newalbum = OC_Gallery_Album::find(OCP\USER::getUser(), null, $newdir); - $oldalbum = OC_Gallery_Album::find(OCP\USER::getUser(), null, $olddir); - - if (!($newalbum = $newalbum->fetchRow())) { - $newalbum = self::createAlbum($newdir); - $newalbum = $newalbum->fetchRow(); - } - $oldalbum = $oldalbum->fetchRow(); - if (!$oldalbum) { - OC_Gallery_Photo::create($newalbum['album_id'], $newpath); - return; - } - $newAlbumId = $newalbum['album_id']; - $oldAlbumId = $oldalbum['album_id']; - - } - OC_Gallery_Photo::changePath($oldAlbumId, $newAlbumId, $oldpath, $newpath); - } + //TODO: implement this } } -- cgit v1.2.3 From 8bc22907b86905bf60bb558eccaacfd61bcd7b72 Mon Sep 17 00:00:00 2001 From: Bartek Przybylski Date: Fri, 8 Jun 2012 21:31:31 +0200 Subject: adding navigation bar to gallery --- apps/gallery/index.php | 1 + apps/gallery/templates/index.php | 22 +++++++++++++++++----- 2 files changed, 18 insertions(+), 5 deletions(-) diff --git a/apps/gallery/index.php b/apps/gallery/index.php index 740f4bf04f5..b87d99bb6cc 100644 --- a/apps/gallery/index.php +++ b/apps/gallery/index.php @@ -27,6 +27,7 @@ OCP\User::checkLoggedIn(); OCP\App::checkAppEnabled('gallery'); OCP\App::setActiveNavigationEntry( 'gallery_index' ); +OCP\Util::addStyle('files', 'files'); OCP\Util::addStyle('gallery', 'styles'); OCP\Util::addScript('gallery', 'pictures'); diff --git a/apps/gallery/templates/index.php b/apps/gallery/templates/index.php index 88cf0912cbd..94d370f2e89 100644 --- a/apps/gallery/templates/index.php +++ b/apps/gallery/templates/index.php @@ -1,19 +1,20 @@ -

-
+

'.$paths[$i].'

'; + } + } + +?>

Date: Fri, 8 Jun 2012 21:44:05 +0200 Subject: hide share button until sharing wont be fixed --- apps/gallery/templates/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/gallery/templates/index.php b/apps/gallery/templates/index.php index 94d370f2e89..e761cb54725 100644 --- a/apps/gallery/templates/index.php +++ b/apps/gallery/templates/index.php @@ -68,7 +68,7 @@ $(document).ready(function() { } } -?>
+?>

Date: Fri, 8 Jun 2012 21:55:28 +0200 Subject: tabs for spaces, fix array key name --- apps/gallery/lib/managers.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/apps/gallery/lib/managers.php b/apps/gallery/lib/managers.php index 2d2bdd2734b..41300058936 100644 --- a/apps/gallery/lib/managers.php +++ b/apps/gallery/lib/managers.php @@ -33,9 +33,9 @@ class DatabaseManager { $stmt = \OCP\DB::prepare('INSERT INTO *PREFIX*pictures_images_cache (uid_owner, path, width, height) VALUES (?, ?, ?, ?)'); $stmt->execute(array(\OCP\USER::getUser(), $path, $image->width(), $image->height())); \OCP\DB::commit(); - $ret = array('filepath' => $path, 'width' => $image->width(), 'height' => $image->height()); + $ret = array('path' => $path, 'width' => $image->width(), 'height' => $image->height()); unset($image); - return $ret; + return $ret; } private function __construct() {} @@ -82,8 +82,8 @@ class ThumbnailsManager { public function getThumbnailInfo($path) { $arr = DatabaseManager::getInstance()->getFileData($path); $ret = array('filepath' => $arr['path'], - 'width' => $arr['width'], - 'height' => $arr['height']); + 'width' => $arr['width'], + 'height' => $arr['height']); return $ret; } -- cgit v1.2.3 From bdd12df4a2907060f599f999077f0d8bcb3ed636 Mon Sep 17 00:00:00 2001 From: Georg Ehrke Date: Fri, 8 Jun 2012 22:30:02 +0200 Subject: fix loading of OC::$REQUESTEDAPP if WTFE the app parameter is given but empty aka /?app --- lib/base.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/base.php b/lib/base.php index 4bd165862bb..d86a39966ee 100644 --- a/lib/base.php +++ b/lib/base.php @@ -427,7 +427,7 @@ class OC{ register_shutdown_function(array('OC_Helper','cleanTmp')); //parse the given parameters - self::$REQUESTEDAPP = (isset($_GET['app'])?str_replace(array('\0', '/', '\\', '..'), '', strip_tags($_GET['app'])):OC_Config::getValue('defaultapp', 'files')); + self::$REQUESTEDAPP = (isset($_GET['app']) && trim($_GET['app']) != '' && !is_null($_GET['app'])?str_replace(array('\0', '/', '\\', '..'), '', strip_tags($_GET['app'])):OC_Config::getValue('defaultapp', 'files')); if(substr_count(self::$REQUESTEDAPP, '?') != 0){ $app = substr(self::$REQUESTEDAPP, 0, strpos(self::$REQUESTEDAPP, '?')); $param = substr(self::$REQUESTEDAPP, strpos(self::$REQUESTEDAPP, '?') + 1); -- cgit v1.2.3 From 76de92477f42a9c52ce5f55fc8e91e19d4b3513d Mon Sep 17 00:00:00 2001 From: Robin Appelman Date: Sat, 9 Jun 2012 14:37:52 +0200 Subject: fix infinite redirect during setup for windows hosts --- lib/base.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/base.php b/lib/base.php index d86a39966ee..f85710ddfcf 100644 --- a/lib/base.php +++ b/lib/base.php @@ -124,7 +124,7 @@ class OC{ // calculate the documentroot $DOCUMENTROOT=realpath($_SERVER['DOCUMENT_ROOT']); OC::$SERVERROOT=str_replace("\\",'/',substr(__FILE__,0,-13)); - OC::$SUBURI=substr(realpath($_SERVER["SCRIPT_FILENAME"]),strlen(OC::$SERVERROOT)); + OC::$SUBURI= str_replace("\\","/",substr(realpath($_SERVER["SCRIPT_FILENAME"]),strlen(OC::$SERVERROOT))); $scriptName=$_SERVER["SCRIPT_NAME"]; if(substr($scriptName,-1)=='/'){ $scriptName.='index.php'; -- cgit v1.2.3 From 014895aeab547ce30b91c291b3d517d2dcc1c047 Mon Sep 17 00:00:00 2001 From: Bart Visscher Date: Sat, 9 Jun 2012 14:32:02 +0200 Subject: Check for missing path_info, also use OC_Response for 404 error --- remote.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/remote.php b/remote.php index 7131dfc9407..b1be50f36a7 100644 --- a/remote.php +++ b/remote.php @@ -7,13 +7,17 @@ if (array_key_exists('PATH_INFO', $_SERVER)){ }else{ $path_info = substr($_SERVER['PHP_SELF'], strpos($_SERVER['PHP_SELF'], basename(__FILE__)) + strlen(basename(__FILE__))); } +if ($path_info === false) { + OC_Response::setStatus(OC_Response::STATUS_NOT_FOUND); + exit; +} if (!$pos = strpos($path_info, '/', 1)) { $pos = strlen($path_info); } $service=substr($path_info, 1, $pos-1); $file = OC_AppConfig::getValue('core', 'remote_' . $service); if(is_null($file)){ - header('HTTP/1.0 404 Not Found'); + OC_Response::setStatus(OC_Response::STATUS_NOT_FOUND); exit; } @@ -22,4 +26,4 @@ $app=$parts[2]; OC_App::loadApp($app); $baseuri = OC::$WEBROOT . '/remote.php/'.$service.'/'; -require_once(OC::$APPSROOT . $file); \ No newline at end of file +require_once(OC::$APPSROOT . $file); -- cgit v1.2.3 From 4aee5a7ce43cb6d4c64838aa20d5f09adeba57ca Mon Sep 17 00:00:00 2001 From: Bart Visscher Date: Sat, 9 Jun 2012 14:32:51 +0200 Subject: Tasks: Use POST for ajax calls that change data --- apps/tasks/ajax/addtask.php | 2 +- apps/tasks/ajax/delete.php | 2 +- apps/tasks/js/tasks.js | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/apps/tasks/ajax/addtask.php b/apps/tasks/ajax/addtask.php index d6e313bd089..9f35e7f21ec 100644 --- a/apps/tasks/ajax/addtask.php +++ b/apps/tasks/ajax/addtask.php @@ -8,7 +8,7 @@ $calendars = OC_Calendar_Calendar::allCalendars(OCP\User::getUser(), true); $first_calendar = reset($calendars); $cid = $first_calendar['id']; -$input = $_GET['text']; +$input = $_POST['text']; $request = array(); $request['summary'] = $input; $request["categories"] = null; diff --git a/apps/tasks/ajax/delete.php b/apps/tasks/ajax/delete.php index 6d2868748d1..e29add9b556 100644 --- a/apps/tasks/ajax/delete.php +++ b/apps/tasks/ajax/delete.php @@ -24,7 +24,7 @@ OCP\JSON::checkLoggedIn(); OCP\JSON::checkAppEnabled('tasks'); -$id = $_GET['id']; +$id = $_POST['id']; $task = OC_Calendar_App::getEventObject( $id ); OC_Calendar_Object::delete($id); diff --git a/apps/tasks/js/tasks.js b/apps/tasks/js/tasks.js index 60d2a523be1..d1e3a9969b4 100644 --- a/apps/tasks/js/tasks.js +++ b/apps/tasks/js/tasks.js @@ -440,7 +440,7 @@ $(document).ready(function(){ $('#tasks_delete').live('click',function(){ var id = $('#task_details').data('id'); - $.getJSON('ajax/delete.php',{'id':id},function(jsondata){ + $.post('ajax/delete.php',{'id':id},function(jsondata){ if(jsondata.status == 'success'){ $('#tasks [data-id="'+jsondata.data.id+'"]').remove(); $('#task_details').data('id',''); @@ -455,7 +455,7 @@ $(document).ready(function(){ $('#tasks_addtask').click(function(){ var input = $('#tasks_newtask').val(); - $.getJSON(OC.filePath('tasks', 'ajax', 'addtask.php'),{text:input},function(jsondata){ + $.post(OC.filePath('tasks', 'ajax', 'addtask.php'),{text:input},function(jsondata){ if(jsondata.status == 'success'){ $('#tasks_list').append(OC.Tasks.create_task_div(jsondata.task)); } -- cgit v1.2.3 From 28ab92ee76c3528637f543c45644e26859fcdb60 Mon Sep 17 00:00:00 2001 From: Georg Ehrke Date: Sat, 9 Jun 2012 14:40:15 +0200 Subject: make use of post instead of get --- apps/calendar/ajax/calendar/edit.form.php | 2 +- apps/calendar/ajax/changeview.php | 2 +- apps/calendar/ajax/event/edit.form.php | 2 +- apps/calendar/ajax/import/import.php | 4 ++-- apps/calendar/ajax/settings/guesstimezone.php | 4 ++-- apps/calendar/ajax/share/activation.php | 4 ++-- apps/calendar/ajax/share/changepermission.php | 10 +++++----- apps/calendar/ajax/share/dropdown.php | 2 +- apps/calendar/ajax/share/share.php | 8 ++++---- apps/calendar/ajax/share/unshare.php | 8 ++++---- apps/calendar/js/calendar.js | 16 ++++++++-------- apps/calendar/js/geo.js | 2 +- apps/calendar/js/loader.js | 2 +- 13 files changed, 33 insertions(+), 33 deletions(-) diff --git a/apps/calendar/ajax/calendar/edit.form.php b/apps/calendar/ajax/calendar/edit.form.php index 77366809311..036ed12bb74 100644 --- a/apps/calendar/ajax/calendar/edit.form.php +++ b/apps/calendar/ajax/calendar/edit.form.php @@ -11,7 +11,7 @@ OCP\JSON::checkLoggedIn(); OCP\JSON::checkAppEnabled('calendar'); $calendarcolor_options = OC_Calendar_Calendar::getCalendarColorOptions(); -$calendar = OC_Calendar_App::getCalendar($_GET['calendarid']); +$calendar = OC_Calendar_App::getCalendar($_POST['calendarid']); $tmpl = new OCP\Template("calendar", "part.editcalendar"); $tmpl->assign('new', false); $tmpl->assign('calendarcolor_options', $calendarcolor_options); diff --git a/apps/calendar/ajax/changeview.php b/apps/calendar/ajax/changeview.php index 2c2d09ccb12..0099fd5ec21 100644 --- a/apps/calendar/ajax/changeview.php +++ b/apps/calendar/ajax/changeview.php @@ -7,7 +7,7 @@ */ OCP\JSON::checkLoggedIn(); OCP\JSON::checkAppEnabled('calendar'); -$view = $_GET['v']; +$view = $_POST['v']; switch($view){ case 'agendaWeek': case 'month'; diff --git a/apps/calendar/ajax/event/edit.form.php b/apps/calendar/ajax/event/edit.form.php index f2ea84dd205..dbb78edb798 100644 --- a/apps/calendar/ajax/event/edit.form.php +++ b/apps/calendar/ajax/event/edit.form.php @@ -13,7 +13,7 @@ if(!OCP\User::isLoggedIn()) { } OCP\JSON::checkAppEnabled('calendar'); -$id = $_GET['id']; +$id = $_POST['id']; $data = OC_Calendar_App::getEventObject($id, true, true); if(!$data){ diff --git a/apps/calendar/ajax/import/import.php b/apps/calendar/ajax/import/import.php index a3eaed844a1..6fdad12c085 100644 --- a/apps/calendar/ajax/import/import.php +++ b/apps/calendar/ajax/import/import.php @@ -16,9 +16,9 @@ $nl="\r\n"; $comps = array('VEVENT'=>true, 'VTODO'=>true, 'VJOURNAL'=>true); global $progresskey; -$progresskey = 'calendar.import-' . $_GET['progresskey']; +$progresskey = 'calendar.import-' . $_POST['progresskey']; -if (isset($_GET['progress']) && $_GET['progress']) { +if (isset($_POST['progress']) && $_POST['progress']) { echo OC_Cache::get($progresskey); die; } diff --git a/apps/calendar/ajax/settings/guesstimezone.php b/apps/calendar/ajax/settings/guesstimezone.php index 13092777b78..f36f3bf061f 100644 --- a/apps/calendar/ajax/settings/guesstimezone.php +++ b/apps/calendar/ajax/settings/guesstimezone.php @@ -12,8 +12,8 @@ OCP\JSON::checkAppEnabled('calendar'); $l = OC_L10N::get('calendar'); -$lat = $_GET['lat']; -$lng = $_GET['long']; +$lat = $_POST['lat']; +$lng = $_POST['lng']; $timezone = OC_Geo::timezone($lat, $lng); diff --git a/apps/calendar/ajax/share/activation.php b/apps/calendar/ajax/share/activation.php index 7d6b8fcb16e..bce8693577b 100644 --- a/apps/calendar/ajax/share/activation.php +++ b/apps/calendar/ajax/share/activation.php @@ -5,7 +5,7 @@ * later. * See the COPYING-README file. */ -$id = strip_tags($_GET['id']); -$activation = strip_tags($_GET['activation']); +$id = strip_tags($_POST['id']); +$activation = strip_tags($_POST['activation']); OC_Calendar_Share::set_active(OCP\USER::getUser(), $id, $activation); OCP\JSON::success(); diff --git a/apps/calendar/ajax/share/changepermission.php b/apps/calendar/ajax/share/changepermission.php index 2737420c94e..e807c164a23 100644 --- a/apps/calendar/ajax/share/changepermission.php +++ b/apps/calendar/ajax/share/changepermission.php @@ -6,9 +6,9 @@ * See the COPYING-README file. */ -$id = strip_tags($_GET['id']); -$idtype = strip_tags($_GET['idtype']); -$permission = (int) strip_tags($_GET['permission']); +$id = strip_tags($_POST['id']); +$idtype = strip_tags($_POST['idtype']); +$permission = (int) strip_tags($_POST['permission']); switch($idtype){ case 'calendar': case 'event': @@ -25,8 +25,8 @@ if($idtype == 'event' && !OC_Calendar_App::getEventObject($id)){ OCP\JSON::error(array('message'=>'permission denied')); exit; } -$sharewith = $_GET['sharewith']; -$sharetype = strip_tags($_GET['sharetype']); +$sharewith = $_POST['sharewith']; +$sharetype = strip_tags($_POST['sharetype']); switch($sharetype){ case 'user': case 'group': diff --git a/apps/calendar/ajax/share/dropdown.php b/apps/calendar/ajax/share/dropdown.php index a3b0faca4bf..86cf4ac090e 100644 --- a/apps/calendar/ajax/share/dropdown.php +++ b/apps/calendar/ajax/share/dropdown.php @@ -7,7 +7,7 @@ */ $user = OCP\USER::getUser(); -$calid = $_GET['calid']; +$calid = $_POST['calid']; $calendar = OC_Calendar_Calendar::find($calid); if($calendar['userid'] != $user){ OCP\JSON::error(); diff --git a/apps/calendar/ajax/share/share.php b/apps/calendar/ajax/share/share.php index 629a7b6b79f..838db619f62 100644 --- a/apps/calendar/ajax/share/share.php +++ b/apps/calendar/ajax/share/share.php @@ -6,8 +6,8 @@ * See the COPYING-README file. */ -$id = strip_tags($_GET['id']); -$idtype = strip_tags($_GET['idtype']); +$id = strip_tags($_POST['id']); +$idtype = strip_tags($_POST['idtype']); switch($idtype){ case 'calendar': case 'event': @@ -24,8 +24,8 @@ if($idtype == 'event' && !OC_Calendar_App::getEventObject($id)){ OCP\JSON::error(array('message'=>'permission denied')); exit; } -$sharewith = $_GET['sharewith']; -$sharetype = strip_tags($_GET['sharetype']); +$sharewith = $_POST['sharewith']; +$sharetype = strip_tags($_POST['sharetype']); switch($sharetype){ case 'user': case 'group': diff --git a/apps/calendar/ajax/share/unshare.php b/apps/calendar/ajax/share/unshare.php index fe7c98452d7..1ce04677fb1 100644 --- a/apps/calendar/ajax/share/unshare.php +++ b/apps/calendar/ajax/share/unshare.php @@ -6,8 +6,8 @@ * See the COPYING-README file. */ -$id = strip_tags($_GET['id']); -$idtype = strip_tags($_GET['idtype']); +$id = strip_tags($_POST['id']); +$idtype = strip_tags($_POST['idtype']); switch($idtype){ case 'calendar': case 'event': @@ -24,8 +24,8 @@ if($idtype == 'event' && !OC_Calendar_App::getEventObject($id)){ OCP\JSON::error(array('message'=>'permission denied')); exit; } -$sharewith = $_GET['sharewith']; -$sharetype = strip_tags($_GET['sharetype']); +$sharewith = $_POST['sharewith']; +$sharetype = strip_tags($_POST['sharetype']); switch($sharetype){ case 'user': case 'group': diff --git a/apps/calendar/js/calendar.js b/apps/calendar/js/calendar.js index b5411d3fd95..f869fcf2ad2 100644 --- a/apps/calendar/js/calendar.js +++ b/apps/calendar/js/calendar.js @@ -77,7 +77,7 @@ Calendar={ $('#event').dialog('destroy').remove(); }else{ Calendar.UI.loading(true); - $('#dialog_holder').load(OC.filePath('calendar', 'ajax/event', 'edit.form.php') + '?id=' + id, Calendar.UI.startEventDialog); + $('#dialog_holder').load(OC.filePath('calendar', 'ajax/event', 'edit.form.php'), {id: id}, Calendar.UI.startEventDialog); } }, submitDeleteEventForm:function(url){ @@ -413,7 +413,7 @@ Calendar={ }, edit:function(object, calendarid){ var tr = $(document.createElement('tr')) - .load(OC.filePath('calendar', 'ajax/calendar', 'edit.form.php') + "?calendarid="+calendarid, + .load(OC.filePath('calendar', 'ajax/calendar', 'edit.form.php'), {calendarid: calendarid}, function(){Calendar.UI.Calendar.colorPicker(this)}); $(object).closest('tr').after(tr).hide(); }, @@ -502,14 +502,14 @@ Calendar={ currentid: 'false', idtype: '', activation:function(object,owner,id){ - $.getJSON(OC.filePath('calendar', 'ajax/share', 'activation.php'),{id:id, idtype:'calendar', activation:object.checked?1:0}); + $.post(OC.filePath('calendar', 'ajax/share', 'activation.php'),{id:id, idtype:'calendar', activation:object.checked?1:0}); $('#calendar_holder').fullCalendar('refetchEvents'); }, dropdown:function(userid, calid){ $('.calendar_share_dropdown').remove(); var element = document.getElementById(userid+'_'+calid); $('

').appendTo(element); - $.get(OC.filePath('calendar', 'ajax/share', 'dropdown.php') + '?calid=' + calid, function(data){ + $.post(OC.filePath('calendar', 'ajax/share', 'dropdown.php'), {calid: calid}, function(data){ $('.calendar_share_dropdown').html(data); $('.calendar_share_dropdown').show('blind'); $('#share_user').chosen(); @@ -519,7 +519,7 @@ Calendar={ Calendar.UI.Share.idtype = 'calendar'; }, share:function(id, idtype, sharewith, sharetype){ - $.getJSON(OC.filePath('calendar', 'ajax/share', 'share.php'),{id:id, idtype:idtype, sharewith:sharewith, sharetype:sharetype}, function(data){ + $.post(OC.filePath('calendar', 'ajax/share', 'share.php'),{id:id, idtype:idtype, sharewith:sharewith, sharetype:sharetype}, function(data){ if(sharetype == 'public'){ $('#public_token').val(parent.location.protocol+'//'+location.host+OC.linkTo('', 'public.php')+'?service=calendar&t='+data.message); $('#public_token').css('display', 'block'); @@ -527,7 +527,7 @@ Calendar={ }); }, unshare:function(id, idtype, sharewith, sharetype){ - $.getJSON(OC.filePath('calendar', 'ajax/share', 'unshare.php'),{id:id, idtype:idtype, sharewith:sharewith, sharetype:sharetype}, function(){ + $.post(OC.filePath('calendar', 'ajax/share', 'unshare.php'),{id:id, idtype:idtype, sharewith:sharewith, sharetype:sharetype}, function(){ if(sharetype == 'public'){ $('#public_token').val(''); $('#public_token').css('display', 'none'); @@ -535,7 +535,7 @@ Calendar={ }); }, changepermission:function(id, idtype, sharewith, sharetype, permission){ - $.getJSON(OC.filePath('calendar', 'ajax/share', 'changepermission.php'),{id:id, idtype:idtype, sharewith: sharewith, sharetype:sharetype, permission: (permission?1:0)}); + $.post(OC.filePath('calendar', 'ajax/share', 'changepermission.php'),{id:id, idtype:idtype, sharewith: sharewith, sharetype:sharetype, permission: (permission?1:0)}); }, init:function(){ $('.calendar_share_dropdown').live('mouseleave', function(){ @@ -846,7 +846,7 @@ $(document).ready(function(){ viewDisplay: function(view) { $('#datecontrol_date').html(view.title); if (view.name != defaultView) { - $.get(OC.filePath('calendar', 'ajax', 'changeview.php') + "?v="+view.name); + $.post(OC.filePath('calendar', 'ajax', 'changeview.php'), {v:view.name}); defaultView = view.name; } Calendar.UI.setViewActive(view.name); diff --git a/apps/calendar/js/geo.js b/apps/calendar/js/geo.js index 092d8547469..99290d940e3 100644 --- a/apps/calendar/js/geo.js +++ b/apps/calendar/js/geo.js @@ -6,7 +6,7 @@ */ if (navigator.geolocation) { navigator.geolocation.getCurrentPosition(function(position) { - $.getJSON(OC.filePath('calendar', 'ajax/settings', 'guesstimezone.php') + '?lat=' + position.coords.latitude + '&long=' + position.coords.longitude, + $.post(OC.filePath('calendar', 'ajax/settings', 'guesstimezone.php'), {lat: position.coords.latitude, lng: position.coords.longitude}, function(data){ if (data.status == 'success' && typeof(data.message) != 'undefined'){ $('#notification').html(data.message); diff --git a/apps/calendar/js/loader.js b/apps/calendar/js/loader.js index 838521ec7f5..0fc5018e89c 100644 --- a/apps/calendar/js/loader.js +++ b/apps/calendar/js/loader.js @@ -63,7 +63,7 @@ Calendar_Import={ }); }, getimportstatus: function(progresskey){ - $.get(OC.filePath('calendar', 'ajax/import', 'import.php') + '?progress=1&progresskey=' + progresskey, function(percent){ + $.post(OC.filePath('calendar', 'ajax/import', 'import.php'), {progress:1,progresskey: progresskey}, function(percent){ $('#progressbar').progressbar('option', 'value', parseInt(percent)); if(percent < 100){ window.setTimeout('Calendar_Import.getimportstatus(\'' + progresskey + '\')', 500); -- cgit v1.2.3 From 88341e5797c09d5cdb3c8b7ff713b4a62d51bd60 Mon Sep 17 00:00:00 2001 From: Thomas Tanghus Date: Sat, 9 Jun 2012 14:53:35 +0200 Subject: Code cleanup. --- apps/contacts/ajax/addproperty.php | 31 +++++++++++++++++++++---------- 1 file changed, 21 insertions(+), 10 deletions(-) diff --git a/apps/contacts/ajax/addproperty.php b/apps/contacts/ajax/addproperty.php index 2f932d752a7..42b0c782035 100644 --- a/apps/contacts/ajax/addproperty.php +++ b/apps/contacts/ajax/addproperty.php @@ -24,6 +24,12 @@ OCP\JSON::checkLoggedIn(); OCP\JSON::checkAppEnabled('contacts'); +function bailOut($msg) { + OCP\JSON::error(array('data' => array('message' => $msg))); + OCP\Util::writeLog('contacts','ajax/addproperty.php: '.$msg, OCP\Util::DEBUG); + exit(); +} + $id = isset($_POST['id'])?$_POST['id']:null; $name = isset($_POST['name'])?$_POST['name']:null; $value = isset($_POST['value'])?$_POST['value']:null; @@ -31,11 +37,21 @@ $parameters = isset($_POST['parameters'])?$_POST['parameters']:array(); $vcard = OC_Contacts_App::getContactVCard($id); +if(!$name) { + bailOut(OC_Contacts_App::$l10n->t('element name is not set.')); +} +if(!$id) { + bailOut(OC_Contacts_App::$l10n->t('id is not set.')); +} + +if(!$vcard) { + bailOut(OC_Contacts_App::$l10n->t('Could not parse contact: ').$id); +} + if(!is_array($value)){ $value = trim($value); if(!$value && in_array($name, array('TEL', 'EMAIL', 'ORG', 'BDAY', 'URL', 'NICKNAME', 'NOTE'))) { - OCP\JSON::error(array('data' => array('message' => OC_Contacts_App::$l10n->t('Cannot add empty property.')))); - exit(); + bailOut(OC_Contacts_App::$l10n->t('Cannot add empty property.')); } } elseif($name === 'ADR') { // only add if non-empty elements. $empty = true; @@ -46,8 +62,7 @@ if(!is_array($value)){ } } if($empty) { - OCP\JSON::error(array('data' => array('message' => OC_Contacts_App::$l10n->t('At least one of the address fields has to be filled out.')))); - exit(); + bailOut(OC_Contacts_App::$l10n->t('At least one of the address fields has to be filled out.')); } } @@ -56,9 +71,7 @@ $current = $vcard->select($name); foreach($current as $item) { $tmpvalue = (is_array($value)?implode(';', $value):$value); if($tmpvalue == $item->value) { - OCP\JSON::error(array('data' => array('message' => OC_Contacts_App::$l10n->t('Trying to add duplicate property: ').$name.': '.$tmpvalue))); - OCP\Util::writeLog('contacts','ajax/addproperty.php: Trying to add duplicate property: '.$name.': '.$tmpvalue, OCP\Util::DEBUG); - exit(); + bailOut(OC_Contacts_App::$l10n->t('Trying to add duplicate property: '.$name.': '.$tmpvalue)); } } @@ -114,9 +127,7 @@ foreach ($parameters as $key=>$element) { $checksum = md5($vcard->children[$line]->serialize()); if(!OC_Contacts_VCard::edit($id,$vcard)) { - OCP\JSON::error(array('data' => array('message' => OC_Contacts_App::$l10n->t('Error adding contact property.')))); - OCP\Util::writeLog('contacts','ajax/addproperty.php: Error updating contact property: '.$name, OCP\Util::ERROR); - exit(); + bailOut(OC_Contacts_App::$l10n->t('Error adding contact property: '.$name)); } OCP\JSON::success(array('data' => array( 'checksum' => $checksum ))); -- cgit v1.2.3 From 081e1874cb476a16d7fd2d6ed5dabaeca61fffae Mon Sep 17 00:00:00 2001 From: Thomas Tanghus Date: Sat, 9 Jun 2012 15:00:18 +0200 Subject: Contacts: Use POST instead of GET. --- apps/contacts/ajax/deletecard.php | 2 +- apps/contacts/ajax/deleteproperty.php | 4 ++-- apps/contacts/js/contacts.js | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/apps/contacts/ajax/deletecard.php b/apps/contacts/ajax/deletecard.php index 6414fda93cb..e6d0405a240 100644 --- a/apps/contacts/ajax/deletecard.php +++ b/apps/contacts/ajax/deletecard.php @@ -29,7 +29,7 @@ function bailOut($msg) { OCP\JSON::checkLoggedIn(); OCP\JSON::checkAppEnabled('contacts'); -$id = isset($_GET['id'])?$_GET['id']:null; +$id = isset($_POST['id'])?$_POST['id']:null; if(!$id) { bailOut(OC_Contacts_App::$l10n->t('id is not set.')); } diff --git a/apps/contacts/ajax/deleteproperty.php b/apps/contacts/ajax/deleteproperty.php index b0746d18a79..e6c2bd9f803 100644 --- a/apps/contacts/ajax/deleteproperty.php +++ b/apps/contacts/ajax/deleteproperty.php @@ -24,8 +24,8 @@ OCP\JSON::checkLoggedIn(); OCP\JSON::checkAppEnabled('contacts'); -$id = $_GET['id']; -$checksum = $_GET['checksum']; +$id = $_POST['id']; +$checksum = $_POST['checksum']; $vcard = OC_Contacts_App::getContactVCard( $id ); $line = OC_Contacts_App::getPropertyLineByChecksum($vcard, $checksum); diff --git a/apps/contacts/js/contacts.js b/apps/contacts/js/contacts.js index 35d4a4a216d..a241856300b 100644 --- a/apps/contacts/js/contacts.js +++ b/apps/contacts/js/contacts.js @@ -368,7 +368,7 @@ Contacts={ $('#contacts_deletecard').tipsy('hide'); OC.dialogs.confirm(t('contacts', 'Are you sure you want to delete this contact?'), t('contacts', 'Warning'), function(answer) { if(answer == true) { - $.getJSON(OC.filePath('contacts', 'ajax', 'deletecard.php'),{'id':Contacts.UI.Card.id},function(jsondata){ + $.post(OC.filePath('contacts', 'ajax', 'deletecard.php'),{'id':Contacts.UI.Card.id},function(jsondata){ if(jsondata.status == 'success'){ var newid = ''; var curlistitem = $('#leftcontent [data-id="'+jsondata.data.id+'"]'); @@ -707,7 +707,7 @@ Contacts={ Contacts.UI.loading(obj, true); var checksum = Contacts.UI.checksumFor(obj); if(checksum) { - $.getJSON(OC.filePath('contacts', 'ajax', 'deleteproperty.php'),{'id': this.id, 'checksum': checksum },function(jsondata){ + $.post(OC.filePath('contacts', 'ajax', 'deleteproperty.php'),{'id': this.id, 'checksum': checksum },function(jsondata){ if(jsondata.status == 'success'){ if(type == 'list') { Contacts.UI.propertyContainerFor(obj).remove(); -- cgit v1.2.3 From 344299a074e135140262d051531f723be69c786f Mon Sep 17 00:00:00 2001 From: Frank Karlitschek Date: Sat, 9 Jun 2012 15:05:14 +0200 Subject: =?UTF-8?q?add=20two=20csrf=20check=20calls.=20Review=20and=20lot?= =?UTF-8?q?=C2=B4s=20of=20porting=20needed.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lib/public/util.php | 20 +++++++++++++++++++ lib/util.php | 56 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 76 insertions(+) diff --git a/lib/public/util.php b/lib/public/util.php index 9b499574da1..995161e2abe 100644 --- a/lib/public/util.php +++ b/lib/public/util.php @@ -248,6 +248,26 @@ class Util { } + /** + * Register an get/post call. This is important to prevent CSRF attacks + * TODO: write example + */ + public static function callRegister(){ + return(\OC_Util::callRegister()); + } + + + /** + * Check an ajax get/post call if the request token is valid. exit if not. + * Todo: Write howto + */ + public static function callCheck(){ + return(\OC_Util::callCheck()); + } + + + + } ?> diff --git a/lib/util.php b/lib/util.php index 20888fa71f4..ef8ba8efe72 100644 --- a/lib/util.php +++ b/lib/util.php @@ -343,4 +343,60 @@ class OC_Util { } return $id; } + + /** + * Register an get/post call. This is important to prevent CSRF attacks + * Todo: Write howto + */ + public static function callRegister(){ + // generate a random token. + $token=mt_rand(1000,9000).mt_rand(1000,9000).mt_rand(1000,9000); + + // store the token together with a timestamp in the session. + $_SESSION['requesttoken-'.$token]=time(); + + // return the token + return($token); + } + + + /** + * Check an ajax get/post call if the request token is valid. exit if not. + * Todo: Write howto + */ + public static function callCheck(){ + //mamimum time before token exires + $maxtime=(60*60); // 1 hour + + // searches in the get and post arrays for the token. + if(isset($_GET['requesttoken'])) { + $token=$_GET['requesttoken']; + }elseif(isset($_POST['requesttoken'])){ + $token=$_POST['requesttoken']; + }else{ + //no token found. exiting + exit; + } + + // check if the token is in the user session and if the timestamp is from the last hour. + if(isset($_SESSION['requesttoken-'.$token])) { + $timestamp=$_SESSION['requesttoken-'.$token]; + if($timestamp+$maxtime Date: Sat, 9 Jun 2012 15:07:09 +0200 Subject: fix potential xss in multiselect --- core/js/multiselect.js | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/core/js/multiselect.js b/core/js/multiselect.js index 541dddf0f70..5f339006d26 100644 --- a/core/js/multiselect.js +++ b/core/js/multiselect.js @@ -57,8 +57,11 @@ element=$(element); var item=element.val(); var id='ms'+multiSelectId+'-option-'+item; - var input=$(''); - var label=$(''+item+''); + var input=$(''); + input.attr('id',id); + var label=$(''); + label.attr('for',id); + label.text(item); if(settings.checked.indexOf(item)!=-1 || checked){ input.attr('checked',true); } @@ -130,7 +133,10 @@ li.text('+ '+settings.createText); li.before(createItem(this)); var select=button.parent().next(); - select.append($('')); + var option=$('