WP插件:让文章URL使用MD5

2017年11月28日 由 Amon 没有评论 »

作者:https://yutuo.net/archives/f672aa8acf6f11a5.html
演示:https://yutuo.net/

下载:https://yutuo.net/wp-content/uploads/files/2011/wp-slup-md5code.zip
下载:http://wordpress.org/extend/plugins/wp-slup-md5code/

WP主题:HelpGuru

2017年11月28日 由 Amon 没有评论 »

官网:https://themeforest.net/item/helpguru-a-selfservice-knowledge-base-wordpress-theme/8465592
演示:

应用:http://openlaw.cn/

下载:https://www.freedownloadify.org/news/1495620/download-themeforest-helpguru-v1-7-0-a-self-service-knowledge-base-wordpress-theme-nulled-php
下载:https://www.ruluthemes.com/helpguru-v1-7-0-a-wordpress-self-service-knowledge-base-theme/
下载:http://vganull.com/themeforest-helpguru-v1-7-0-a-self-service-knowledge-base-wordpress-theme-8465592-free-downl
下载:http://ar-sh.com/helpguru-v170-a-self-service-knowledge-base-wordpress-theme

怎样编译安装Certificate Authority Certificates

2017年11月27日 由 Amon 没有评论 »

编译安装Certificate Authority Certificates:

参考:http://www.linuxfromscratch.org/blfs/view/stable/postlfs/cacerts.html

Installed Programs: make-ca.sh, make-cert.pl and remove-expired-certs.sh
Installed Libraries: None
Installed Directories: /etc/ssl/certs

注意:因为Win下会产生句尾的^M,所以最好使用vi编辑;或者使用Win编辑后,使用dos2unix来处理。

yum安装:

yum install dos2unix

先创建一个文件:

/usr/bin/make-cert.pl

这个文件负责:reformat a certificate into a form needed by openssl.

内容如下:

#!/usr/bin/perl -w

# Used to generate PEM encoded files from Mozilla certdata.txt.
# Run as ./make-cert.pl > certificate.crt
#
# Parts of this script courtesy of RedHat (mkcabundle.pl)
#
# This script modified for use with single file data (tempfile.cer) extracted
# from certdata.txt, taken from the latest version in the Mozilla NSS source.
# mozilla/security/nss/lib/ckfw/builtins/certdata.txt
#
# Authors: DJ Lucas
#          Bruce Dubbs
#
# Version 20120211

my $certdata = './tempfile.cer';

open( IN, "cat $certdata|" )
    || die "could not open $certdata";

my $incert = 0;

while ( <IN> )
{
    if ( /^CKA_VALUE MULTILINE_OCTAL/ )
    {
        $incert = 1;
        open( OUT, "|openssl x509 -text -inform DER -fingerprint" )
            || die "could not pipe to openssl x509";
    }

    elsif ( /^END/ && $incert )
    {
        close( OUT );
        $incert = 0;
        print "\n\n";
    }

    elsif ($incert)
    {
        my @bs = split( /\\/ );
        foreach my $b (@bs)
        {
            chomp $b;
            printf( OUT "%c", oct($b) ) unless $b eq '';
        }
    }
}

再创建第二个文件:

/usr/bin/make-ca.sh

这个文件负责:creates the certificates and a bundle of all the certificates. It creates a ./certs directory and ./BLFS-ca-bundle-${VERSION}.crt

内容如下:

#!/bin/sh
# Begin make-ca.sh
# Script to populate OpenSSL's CApath from a bundle of PEM formatted CAs
#
# The file certdata.txt must exist in the local directory
# Version number is obtained from the version of the data.
#
# Authors: DJ Lucas
#          Bruce Dubbs
#
# Version 20120211

# Some data in the certs have UTF-8 characters
export LANG=en_US.utf8

certdata="certdata.txt"

if [ ! -r $certdata ]; then
  echo "$certdata must be in the local directory"
  exit 1
fi

REVISION=$(grep CVS_ID $certdata | cut -f4 -d'$')

if [ -z "${REVISION}" ]; then
  echo "$certfile has no 'Revision' in CVS_ID"
  exit 1
fi

VERSION=$(echo $REVISION | cut -f2 -d" ")

TEMPDIR=$(mktemp -d)
TRUSTATTRIBUTES="CKA_TRUST_SERVER_AUTH"
BUNDLE="BLFS-ca-bundle-${VERSION}.crt"
CONVERTSCRIPT="/usr/bin/make-cert.pl"
SSLDIR="/etc/ssl"

mkdir "${TEMPDIR}/certs"

# Get a list of starting lines for each cert
CERTBEGINLIST=$(grep -n "^# Certificate" "${certdata}" | cut -d ":" -f1)

# Get a list of ending lines for each cert
CERTENDLIST=`grep -n "^CKA_TRUST_STEP_UP_APPROVED" "${certdata}" | cut -d ":" -f 1`

# Start a loop
for certbegin in ${CERTBEGINLIST}; do
  for certend in ${CERTENDLIST}; do
    if test "${certend}" -gt "${certbegin}"; then
      break
    fi
  done

  # Dump to a temp file with the name of the file as the beginning line number
  sed -n "${certbegin},${certend}p" "${certdata}" > "${TEMPDIR}/certs/${certbegin}.tmp"
done

unset CERTBEGINLIST CERTDATA CERTENDLIST certbegin certend

mkdir -p certs
rm -f certs/*      # Make sure the directory is clean

for tempfile in ${TEMPDIR}/certs/*.tmp; do
  # Make sure that the cert is trusted...
  grep "CKA_TRUST_SERVER_AUTH" "${tempfile}" | \
    egrep "TRUST_UNKNOWN|NOT_TRUSTED" > /dev/null

  if test "${?}" = "0"; then
    # Throw a meaningful error and remove the file
    cp "${tempfile}" tempfile.cer
    perl ${CONVERTSCRIPT} > tempfile.crt
    keyhash=$(openssl x509 -noout -in tempfile.crt -hash)
    echo "Certificate ${keyhash} is not trusted!  Removing..."
    rm -f tempfile.cer tempfile.crt "${tempfile}"
    continue
  fi

  # If execution made it to here in the loop, the temp cert is trusted
  # Find the cert data and generate a cert file for it

  cp "${tempfile}" tempfile.cer
  perl ${CONVERTSCRIPT} > tempfile.crt
  keyhash=$(openssl x509 -noout -in tempfile.crt -hash)
  mv tempfile.crt "certs/${keyhash}.pem"
  rm -f tempfile.cer "${tempfile}"
  echo "Created ${keyhash}.pem"
done

# Remove blacklisted files
# MD5 Collision Proof of Concept CA
if test -f certs/8f111d69.pem; then
  echo "Certificate 8f111d69 is not trusted!  Removing..."
  rm -f certs/8f111d69.pem
fi

# Finally, generate the bundle and clean up.
cat certs/*.pem >  ${BUNDLE}
rm -r "${TEMPDIR}"

再创建第三个文件:

/usr/sbin/remove-expired-certs.sh

这个文件负责:remove expired certificates from a directory.

内容如下:

#!/bin/sh
# Begin /usr/sbin/remove-expired-certs.sh
#
# Version 20120211

# Make sure the date is parsed correctly on all systems
mydate()
{
  local y=$( echo $1 | cut -d" " -f4 )
  local M=$( echo $1 | cut -d" " -f1 )
  local d=$( echo $1 | cut -d" " -f2 )
  local m

  if [ ${d} -lt 10 ]; then d="0${d}"; fi

  case $M in
    Jan) m="01";;
    Feb) m="02";;
    Mar) m="03";;
    Apr) m="04";;
    May) m="05";;
    Jun) m="06";;
    Jul) m="07";;
    Aug) m="08";;
    Sep) m="09";;
    Oct) m="10";;
    Nov) m="11";;
    Dec) m="12";;
  esac

  certdate="${y}${m}${d}"
}

OPENSSL=/usr/bin/openssl
DIR=/etc/ssl/certs

if [ $# -gt 0 ]; then
  DIR="$1"
fi

certs=$( find ${DIR} -type f -name "*.pem" -o -name "*.crt" )
today=$( date +%Y%m%d )

for cert in $certs; do
  notafter=$( $OPENSSL x509 -enddate -in "${cert}" -noout )
  date=$( echo ${notafter} |  sed 's/^notAfter=//' )
  mydate "$date"

  if [ ${certdate} -lt ${today} ]; then
     echo "${cert} expired on ${certdate}! Removing..."
     rm -f "${cert}"
  fi
done

去除句尾的^M并更改文件权限:

dos2unix /usr/bin/make-cert.pl && dos2unix /usr/bin/make-ca.sh && dos2unix /usr/sbin/remove-expired-certs.sh 
chmod +x /usr/bin/make-cert.pl && chmod +x /usr/bin/make-ca.sh && chmod u+x /usr/sbin/remove-expired-certs.sh

然后执行命令:

URL=http://anduin.linuxfromscratch.org/BLFS/other/certdata.txt && rm -f certdata.txt && wget $URL && make-ca.sh && unset URL

然后执行命令:

SSLDIR=/etc/ssl && remove-expired-certs.sh certs && install -d ${SSLDIR}/certs && cp -v certs/*.pem ${SSLDIR}/certs && c_rehash && install BLFS-ca-bundle*.crt ${SSLDIR}/ca-bundle.crt && ln -sfv ../ca-bundle.crt ${SSLDIR}/certs/ca-certificates.crt && unset SSLDIR

如果发现没有c_rehash命令:

yum安装:

yum install openssl-perl

最后:Finally, clean up the current directory:

rm -r certs BLFS-ca-bundle*

最后生成文件将用于后续的gnutls的编译:

/etc/ssl/ca-bundle.crt

怎样编译安装libunistring

2017年11月27日 由 Amon 没有评论 »

【介绍】

参考:http://linuxfromscratch.org/blfs/view/svn/general/libunistring.html

【编译】

wget ftp://ftp.gnu.org/gnu/libunistring/libunistring-0.9.7.tar.xz  && xz -d libunistring-0.9.7.tar.xz && tar -xvf libunistring-0.9.7.tar && cd libunistring-0.9.7
./configure --prefix=/usr --disable-static --docdir=/usr/share/doc/libunistring-0.9.7
make && make check
make install

输出:

----------------------------------------------------------------------
Libraries have been installed in:
   /usr/lib
...
 /usr/bin/mkdir -p '/usr/include/unistring'
 /usr/bin/install -c -m 644  unistring/inline.h '/usr/include/unistring'
 /usr/bin/install -c -m 644  unitypes.h unistr.h uniconv.h unistdio.h uniname.h unictype.h uniwidth.h unigbrk.h uniwbrk.h unilbrk.h uninorm.h unicase.h '/usr/include/.'
...

备注:

Installed Libraries: libunistring.so
Installed Directory: /usr/include/unistring and /usr/share/doc/libunistring-0.9.7

怎样编译安装apr+apr-util

2017年11月27日 由 Amon 没有评论 »

参考:https://amon.org/apr-2016

不要卸载低版本!

安装apr:

参考:http://www.linuxfromscratch.org/blfs/view/cvs/general/apr.html
下载:http://archive.apache.org/dist/apr/

编译安装:

最新版是apr-1.6.3

wget http://archive.apache.org/dist/apr/apr-1.6.3.tar.bz2 && tar -xjvf apr-1.6.3.tar.bz2 && cd apr-1.6.3
./configure --prefix=/usr --disable-static --with-installbuilddir=/usr/share/apr-1/build
make && make install

输出:

...
Libraries have been installed in:
   /usr/lib
...
/usr/bin/install -c -m 755 apr-config.out /usr/bin/apr-1-config

安装完成。

安装apr-util:

参考:http://www.linuxfromscratch.org/blfs/view/cvs/general/apr-util.html
下载:http://archive.apache.org/dist/apr/

编译安装:

目前最新版是apr-util-1.6.1

wget http://archive.apache.org/dist/apr/apr-util-1.6.1.tar.bz2 && tar -xjvf apr-util-1.6.1.tar.bz2 && cd apr-util-1.6.1
./configure --prefix=/usr --with-apr=/usr --with-gdbm=/usr --with-openssl=/usr --with-crypto
make && make install

make时报错:

...
xml/apr_xml.c:35:19: fatal error: expat.h: No such file or directory
 #include <expat.h>
                   ^
compilation terminated.
make[1]: ***  Error 1
make[1]: Leaving directory `/root/apr-1.6.3/apr-util-1.6.1'
make: *** [all-recursive] Error 1

参考:https://github.com/scottcorgan/bucket-list/issues/2

yum install expat-devel

重新make通过,然后make install。

输出:

...
Libraries have been installed in:
   /usr/lib
...
/usr/bin/install -c -m 644 aprutil.exp /usr/lib
/usr/bin/install -c -m 755 apu-config.out /usr/bin/apu-1-config

安装完成。