Changeset 1913863
- Timestamp:
- 07/24/2018 12:29:28 AM (8 years ago)
- Location:
- lockr/trunk
- Files:
-
- 6 edited
-
lockr-admin-config.php (modified) (5 diffs)
-
lockr-admin-status.php (modified) (4 diffs)
-
lockr-admin.php (modified) (1 diff)
-
lockr.php (modified) (4 diffs)
-
readme.txt (modified) (6 diffs)
-
src/Lockr/KeyWrapper/LockrAesCbcKeyWrapper.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
lockr/trunk/lockr-admin-config.php
r1827999 r1913863 370 370 $cert_path = ABSPATH . $cert_path; 371 371 } 372 372 373 373 if ( ! is_readable($cert_path) ) { 374 374 add_settings_error( … … 377 377 "{$cert_path} must be a readable file." 378 378 ); 379 379 380 380 return $options; 381 381 } 382 382 383 383 update_option( 'lockr_partner', 'custom' ); 384 384 update_option( 'lockr_cert', $cert_path ); … … 387 387 if ( $partner ) { 388 388 update_option( 'lockr_partner', $partner['name'] ); 389 update_option( 'lockr_cert', $partner['cert']);389 delete_option( 'lockr_cert' ); 390 390 } else { 391 391 update_option( 'lockr_partner', '' ); 392 update_option( 'lockr_cert', '');392 delete_option('lockr_cert'); 393 393 } 394 394 } … … 402 402 $options['account_password'] = ''; 403 403 } 404 404 405 405 $name = get_bloginfo( 'name', 'display' ); 406 406 407 407 if ( ! filter_var( $options['account_email'], FILTER_VALIDATE_EMAIL ) ) { 408 408 add_settings_error( 'lockr_options', 'lockr-email', $options['account_email'] . ' is not a proper email address. Please try again.', 'error' ); … … 433 433 } 434 434 $options['account_password'] = ''; 435 return $options; 435 return $options; 436 436 } 437 437 } -
lockr/trunk/lockr-admin-status.php
r1602402 r1913863 52 52 $cert_valid = $status['cert_valid']; 53 53 $exists = $status['exists']; 54 $created = isset($status['created']) ? $status['created'] : false; 54 55 55 56 $items = array(); … … 114 115 115 116 if ( $cert_valid ) { 117 $has_cc = $status['has_cc']; 118 119 if ( $created ) { 120 $expires = ( new \DateTime() ) 121 ->setTimestamp($created) 122 ->add(new \DateInterval('P14D')); 123 if ( $expires > (new \DateTime()) ) { 124 $items[] = array( 125 'title' => 'Trial Expiration Date', 126 'value' => $expires->format( 'M jS, Y' ), 127 'severity' => 'lockr_ok', 128 ); 129 } elseif ( !$has_cc ) { 130 $items[] = array( 131 'title' => 'Trial Expiration Date', 132 'value' => $expires->format( 'M jS, Y' ), 133 'severity' => 'lockr_error', 134 ); 135 } 136 } 137 116 138 $partner = $status['info']['partner']; 117 139 $is_custom = in_array($partner, array('custom', 'lockr')); … … 122 144 Please add one before migrating to production. 123 145 EOL; 124 $is_not_custom_text = " You're ok for now, no credit card necessary to deploy to production.";146 $is_not_custom_text = "Since you're on a partnering host, a credit card is not necessary to move to production. However, please make sure you get a card on file ASAP. We will contact you if there is no card on file within 30 days of moving to production use."; 125 147 $default_description = $is_custom ? $is_custom_text : $is_not_custom_text; 126 148 $has_cc_text = <<<EOL … … 128 150 invoice for your key usage. 129 151 EOL; 130 $has_cc = $status['has_cc']; 152 131 153 $items[] = array( 132 154 'title' => 'Credit Card on File', -
lockr/trunk/lockr-admin.php
r1827999 r1913863 52 52 if ( $partner ) { 53 53 add_option( 'lockr_partner', $partner['name'] ); 54 add_option( 'lockr_cert', $partner['cert'] );55 54 } 56 55 } -
lockr/trunk/lockr.php
r1827999 r1913863 7 7 Plugin URI: https://lockr.io/ 8 8 Description: Integrate with the Lockr hosted secrets management platform. Secure all your plugin passwords, API tokens and encryption keys according to industry best practices. With Lockr, secrets management is easy. 9 Version: 2. 29 Version: 2.3 10 10 Author: Lockr 11 11 Author URI: htts://lockr.io/ … … 103 103 if ( $partner ) { 104 104 add_option( 'lockr_partner', $partner['name'] ); 105 add_option( 'lockr_cert', $partner['cert'] );106 105 } 107 106 } … … 186 185 187 186 if ( get_option( 'lockr_cert', false ) ) { 188 $cert_path = get_option( 'lockr_cert' ); 189 if ( $cert_path ) { 190 return new Partner( $cert_path, 'custom', $region ); 191 } 192 193 return new NullPartner( $region ); 187 188 $partner = get_option( 'lockr_partner', null ); 189 190 if( $partner == 'custom'){ 191 $cert_path = get_option('lockr_cert'); 192 if ($cert_path) { 193 return new Partner($cert_path, 'custom', $region); 194 } 195 196 return new NullPartner($region); 197 } 194 198 } 195 199 … … 250 254 return null; 251 255 } 252 256 253 257 $key = base64_decode($key); 254 258 -
lockr/trunk/readme.txt
r1827999 r1913863 26 26 * Regular Backups 27 27 * Multiple Region Redundancy 28 * Backed by Townsend Security's FIPS 140-2 compliant key manager, your keys are secured to industry standards. 28 * Backed by Townsend Security's FIPS 140-2 compliant key manager, your keys are secured to industry standards. 29 29 30 30 = Lockr is the first key management service for WordPress. = … … 34 34 Lockr is available for WordPress sites of all sizes. Easy to use for the novice site owner and advanced enough for the expert developer, Lockr secures web transactions and data at rest by protecting API and encryption keys. 35 35 For Site Builders: fill out a single registration form and you’re set. To use with other plugins, look for those that have Lockr available or use our patch library to update your favorite plugin to use Lockr. 36 For Developers: Lockr provides an easy to use framework to “get and set” keys from your custom plugin. Additionally, Lockr provides a simple to use yet strong AES-256 encryption function, ensuring your data is encrypted according to industry best-practices and securely stored. Using Lockr helps keep the developer safe, by removing the sensitive passwords and key secrets from the code and database, following security best practices should a site be compromised. 36 For Developers: Lockr provides an easy to use framework to “get and set” keys from your custom plugin. Additionally, Lockr provides a simple to use yet strong AES-256 encryption function, ensuring your data is encrypted according to industry best-practices and securely stored. Using Lockr helps keep the developer safe, by removing the sensitive passwords and key secrets from the code and database, following security best practices should a site be compromised. 37 37 38 38 = Is Lockr Safe? = … … 48 48 49 49 1. Upload the Lockr directory to the `/wp-content/plugins/plugin-name` directory, or install the plugin through the WordPress plugins screen directly. 50 2. Activate Lockr through the 'Plugins' screen in your WordPress 50 2. Activate Lockr through the 'Plugins' screen in your WordPress 51 51 3. Visit Settings > Lockr 52 52 4. If you are on a partnering hosting provider you can skip the automation and go directly to registering your site. If you are not, follow the steps in the forms presented to automate the issuance of a certificate to connect to Lockr. … … 69 69 Not to any noticeable effect. The connection to the Lockr server depends on the speed of your servers connection but on average we see round trips of under 200ms. This is about the same time that some database queries take. 70 70 71 = What is the uptime guarantee of Lockr = 71 = What is the uptime guarantee of Lockr = 72 72 73 73 We know your keys are critical to your site. To ensure you have your keys whenever you need it our cloud is built to scale, and we back that with a 99.9% uptime guarantee. A dedicated SLA is available for enterprise clients. … … 77 77 78 78 == Changelog == 79 80 = 2.3 = 81 With our new pricing, and free trial period, we've added a row to the status table to show when the trial period ends. We've also fixed a bug that caused some intermittent issues on Pantheon. 79 82 80 83 = 2.2 = … … 94 97 95 98 = 2.0 = 96 * Hello WordPress! Lockr is happy to be a part of the community and officially in the plugin directory. 99 * Hello WordPress! Lockr is happy to be a part of the community and officially in the plugin directory. 97 100 * To celebrate our release we have provided a function to encrypt/decrypt data based on a key stored in Lockr. Simply use lockr_encrypt() and lockr_decrypt() to secure your data. More features around encryption are planned for future releases -
lockr/trunk/src/Lockr/KeyWrapper/LockrAesCbcKeyWrapper.php
r1604775 r1913863 74 74 } 75 75 76 protected function encode($cipher, $mode, $iv, $key)76 protected static function encode($cipher, $mode, $iv, $key) 77 77 { 78 78 $parts = array( … … 86 86 } 87 87 88 protected function decode($encoded)88 protected static function decode($encoded) 89 89 { 90 90 $parts = explode('$', $encoded, 4);
Note: See TracChangeset
for help on using the changeset viewer.