8 Commits
3c29978907
...
9b0eb09298
| Author | SHA1 | Message | Date |
|---|---|---|---|
Gabriel Cossette
|
9b0eb09298 |
Merge branch 'testing' of https://git.weblibre.ca/gabriel/register_ynh
|
5 years ago |
|
Gabriel Cossette
|
e7eb0c5742 |
update
|
5 years ago |
|
Gabriel Cossette
|
0ad99dc675 |
update
|
5 years ago |
|
Gabriel Cossette
|
5f3f49c661 |
update
|
5 years ago |
|
Gabriel Cossette
|
4183dda171 |
update
|
5 years ago |
|
Gabriel Cossette
|
f4ae4ecba8 |
update
|
5 years ago |
|
Gabriel Cossette
|
99cc3a5cef |
update
|
5 years ago |
|
Gabriel Cossette
|
d1b3457a79 |
Update
|
5 years ago |
315 changed files with 32080 additions and 515 deletions
-
4conf/nginx.conf
-
50manifest.json
-
362scripts/_common.sh
-
165scripts/install
-
19scripts/remove
-
7www/.dockerignore
-
21www/.travis.yml
-
1www/Dockerfile
-
674www/LICENCE
-
61www/README.md
-
3www/conf/.gitignore
-
409www/conf/config.inc.php
-
19www/docs/Makefile
-
176www/docs/conf.py
-
98www/docs/config_apache.rst
-
278www/docs/config_general.rst
-
241www/docs/config_ldap.rst
-
66www/docs/config_mail.rst
-
83www/docs/config_nginx.rst
-
173www/docs/config_ppolicy.rst
-
114www/docs/config_preposthook.rst
-
147www/docs/config_questions.rst
-
157www/docs/config_sms.rst
-
83www/docs/config_tokens.rst
-
8www/docs/config_webserver.rst
-
BINwww/docs/images/br.png
-
BINwww/docs/images/catalonia.png
-
BINwww/docs/images/cn.png
-
BINwww/docs/images/cs.png
-
BINwww/docs/images/cz.png
-
BINwww/docs/images/de.png
-
BINwww/docs/images/ee.png
-
BINwww/docs/images/es.png
-
BINwww/docs/images/fr.png
-
BINwww/docs/images/gr.png
-
BINwww/docs/images/hu.png
-
BINwww/docs/images/it.png
-
BINwww/docs/images/jp.png
-
BINwww/docs/images/ltb-logo.png
-
BINwww/docs/images/ltb_ssp_screenshot.png
-
BINwww/docs/images/nl.png
-
BINwww/docs/images/no.png
-
BINwww/docs/images/pl.png
-
BINwww/docs/images/pt.png
-
BINwww/docs/images/rs.png
-
BINwww/docs/images/ru.png
-
BINwww/docs/images/se.png
-
BINwww/docs/images/sk.png
-
BINwww/docs/images/sl.png
-
BINwww/docs/images/tr.png
-
BINwww/docs/images/ua.png
-
BINwww/docs/images/us.png
-
22www/docs/index.rst
-
115www/docs/installation.rst
-
19www/docs/presentation.rst
-
2www/docs/requirements.txt
-
76www/docs/sms_api.rst
-
22www/docs/webservices.rst
-
41www/github-issues-to-changelog.pl
-
33www/htdocs/captcha.php
-
217www/htdocs/change.php
-
157www/htdocs/changesshkey.php
-
107www/htdocs/confirmcreate.php
-
206www/htdocs/create.php
-
68www/htdocs/css/self-service-password.css
-
BINwww/htdocs/images/favicon.ico
-
BINwww/htdocs/images/ltb-logo.png
-
BINwww/htdocs/images/unsplash-clouds.jpeg
-
BINwww/htdocs/images/unsplash-sky.jpeg
-
BINwww/htdocs/images/unsplash-space.jpeg
-
BINwww/htdocs/images/unsplash-stars.jpeg
-
321www/htdocs/index.php
-
163www/htdocs/js/jquery.selectunique.js
-
8www/htdocs/js/self-service-password.js
-
267www/htdocs/resetbyquestions.php
-
211www/htdocs/resetbytoken.php
-
327www/htdocs/sendsms.php
-
192www/htdocs/sendtoken.php
-
226www/htdocs/setquestions.php
-
1www/htdocs/vendor/bootstrap/css/bootstrap-theme.css.map
-
5www/htdocs/vendor/bootstrap/css/bootstrap-theme.min.css
-
1www/htdocs/vendor/bootstrap/css/bootstrap.css.map
-
5www/htdocs/vendor/bootstrap/css/bootstrap.min.css
-
BINwww/htdocs/vendor/bootstrap/fonts/glyphicons-halflings-regular.eot
-
288www/htdocs/vendor/bootstrap/fonts/glyphicons-halflings-regular.svg
-
BINwww/htdocs/vendor/bootstrap/fonts/glyphicons-halflings-regular.ttf
-
BINwww/htdocs/vendor/bootstrap/fonts/glyphicons-halflings-regular.woff
-
BINwww/htdocs/vendor/bootstrap/fonts/glyphicons-halflings-regular.woff2
-
6www/htdocs/vendor/bootstrap/js/bootstrap.min.js
-
163www/htdocs/vendor/bootstrap/js/jquery.selectunique.js
-
4www/htdocs/vendor/font-awesome/css/font-awesome.min.css
-
BINwww/htdocs/vendor/font-awesome/fonts/FontAwesome.otf
-
BINwww/htdocs/vendor/font-awesome/fonts/fontawesome-webfont.eot
-
2671www/htdocs/vendor/font-awesome/fonts/fontawesome-webfont.svg
-
BINwww/htdocs/vendor/font-awesome/fonts/fontawesome-webfont.ttf
-
BINwww/htdocs/vendor/font-awesome/fonts/fontawesome-webfont.woff
-
BINwww/htdocs/vendor/font-awesome/fonts/fontawesome-webfont.woff2
-
2www/htdocs/vendor/jquery/js/jquery-3.5.1.min.js
-
1www/htdocs/vendor/jquery/js/jquery-3.5.1.min.map
-
157www/lang/ca.inc.php
@ -0,0 +1,7 @@ |
|||
conf/config.inc.local.php |
|||
.git |
|||
github-issues-to-changelog.pl |
|||
packaging |
|||
README.md |
|||
tests |
|||
.travis.yml |
|||
@ -0,0 +1,21 @@ |
|||
language: php |
|||
|
|||
dist: trusty |
|||
|
|||
php: |
|||
- '5.4' |
|||
- '5.5' |
|||
- '5.6' |
|||
- '7.0' |
|||
- '7.1' |
|||
- '7.2' |
|||
- '7.4' |
|||
|
|||
before_install: |
|||
# If PHP >= 7.0, force use of PHPUnit 5.7 |
|||
- if php -r "exit( (int)! version_compare( '$TRAVIS_PHP_VERSION', '7.0', '>=' ) );"; then mkdir -p ~/bin && wget -O ~/bin/phpunit https://phar.phpunit.de/phpunit-5.7.phar && chmod +x ~/bin/phpunit; fi |
|||
|
|||
script: phpunit tests |
|||
|
|||
notifications: |
|||
irc: "irc.freenode.org#ltb-project" |
|||
@ -0,0 +1 @@ |
|||
packaging/docker/Dockerfile |
|||
@ -0,0 +1,674 @@ |
|||
GNU GENERAL PUBLIC LICENSE |
|||
Version 3, 29 June 2007 |
|||
|
|||
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/> |
|||
Everyone is permitted to copy and distribute verbatim copies |
|||
of this license document, but changing it is not allowed. |
|||
|
|||
Preamble |
|||
|
|||
The GNU General Public License is a free, copyleft license for |
|||
software and other kinds of works. |
|||
|
|||
The licenses for most software and other practical works are designed |
|||
to take away your freedom to share and change the works. By contrast, |
|||
the GNU General Public License is intended to guarantee your freedom to |
|||
share and change all versions of a program--to make sure it remains free |
|||
software for all its users. We, the Free Software Foundation, use the |
|||
GNU General Public License for most of our software; it applies also to |
|||
any other work released this way by its authors. You can apply it to |
|||
your programs, too. |
|||
|
|||
When we speak of free software, we are referring to freedom, not |
|||
price. Our General Public Licenses are designed to make sure that you |
|||
have the freedom to distribute copies of free software (and charge for |
|||
them if you wish), that you receive source code or can get it if you |
|||
want it, that you can change the software or use pieces of it in new |
|||
free programs, and that you know you can do these things. |
|||
|
|||
To protect your rights, we need to prevent others from denying you |
|||
these rights or asking you to surrender the rights. Therefore, you have |
|||
certain responsibilities if you distribute copies of the software, or if |
|||
you modify it: responsibilities to respect the freedom of others. |
|||
|
|||
For example, if you distribute copies of such a program, whether |
|||
gratis or for a fee, you must pass on to the recipients the same |
|||
freedoms that you received. You must make sure that they, too, receive |
|||
or can get the source code. And you must show them these terms so they |
|||
know their rights. |
|||
|
|||
Developers that use the GNU GPL protect your rights with two steps: |
|||
(1) assert copyright on the software, and (2) offer you this License |
|||
giving you legal permission to copy, distribute and/or modify it. |
|||
|
|||
For the developers' and authors' protection, the GPL clearly explains |
|||
that there is no warranty for this free software. For both users' and |
|||
authors' sake, the GPL requires that modified versions be marked as |
|||
changed, so that their problems will not be attributed erroneously to |
|||
authors of previous versions. |
|||
|
|||
Some devices are designed to deny users access to install or run |
|||
modified versions of the software inside them, although the manufacturer |
|||
can do so. This is fundamentally incompatible with the aim of |
|||
protecting users' freedom to change the software. The systematic |
|||
pattern of such abuse occurs in the area of products for individuals to |
|||
use, which is precisely where it is most unacceptable. Therefore, we |
|||
have designed this version of the GPL to prohibit the practice for those |
|||
products. If such problems arise substantially in other domains, we |
|||
stand ready to extend this provision to those domains in future versions |
|||
of the GPL, as needed to protect the freedom of users. |
|||
|
|||
Finally, every program is threatened constantly by software patents. |
|||
States should not allow patents to restrict development and use of |
|||
software on general-purpose computers, but in those that do, we wish to |
|||
avoid the special danger that patents applied to a free program could |
|||
make it effectively proprietary. To prevent this, the GPL assures that |
|||
patents cannot be used to render the program non-free. |
|||
|
|||
The precise terms and conditions for copying, distribution and |
|||
modification follow. |
|||
|
|||
TERMS AND CONDITIONS |
|||
|
|||
0. Definitions. |
|||
|
|||
"This License" refers to version 3 of the GNU General Public License. |
|||
|
|||
"Copyright" also means copyright-like laws that apply to other kinds of |
|||
works, such as semiconductor masks. |
|||
|
|||
"The Program" refers to any copyrightable work licensed under this |
|||
License. Each licensee is addressed as "you". "Licensees" and |
|||
"recipients" may be individuals or organizations. |
|||
|
|||
To "modify" a work means to copy from or adapt all or part of the work |
|||
in a fashion requiring copyright permission, other than the making of an |
|||
exact copy. The resulting work is called a "modified version" of the |
|||
earlier work or a work "based on" the earlier work. |
|||
|
|||
A "covered work" means either the unmodified Program or a work based |
|||
on the Program. |
|||
|
|||
To "propagate" a work means to do anything with it that, without |
|||
permission, would make you directly or secondarily liable for |
|||
infringement under applicable copyright law, except executing it on a |
|||
computer or modifying a private copy. Propagation includes copying, |
|||
distribution (with or without modification), making available to the |
|||
public, and in some countries other activities as well. |
|||
|
|||
To "convey" a work means any kind of propagation that enables other |
|||
parties to make or receive copies. Mere interaction with a user through |
|||
a computer network, with no transfer of a copy, is not conveying. |
|||
|
|||
An interactive user interface displays "Appropriate Legal Notices" |
|||
to the extent that it includes a convenient and prominently visible |
|||
feature that (1) displays an appropriate copyright notice, and (2) |
|||
tells the user that there is no warranty for the work (except to the |
|||
extent that warranties are provided), that licensees may convey the |
|||
work under this License, and how to view a copy of this License. If |
|||
the interface presents a list of user commands or options, such as a |
|||
menu, a prominent item in the list meets this criterion. |
|||
|
|||
1. Source Code. |
|||
|
|||
The "source code" for a work means the preferred form of the work |
|||
for making modifications to it. "Object code" means any non-source |
|||
form of a work. |
|||
|
|||
A "Standard Interface" means an interface that either is an official |
|||
standard defined by a recognized standards body, or, in the case of |
|||
interfaces specified for a particular programming language, one that |
|||
is widely used among developers working in that language. |
|||
|
|||
The "System Libraries" of an executable work include anything, other |
|||
than the work as a whole, that (a) is included in the normal form of |
|||
packaging a Major Component, but which is not part of that Major |
|||
Component, and (b) serves only to enable use of the work with that |
|||
Major Component, or to implement a Standard Interface for which an |
|||
implementation is available to the public in source code form. A |
|||
"Major Component", in this context, means a major essential component |
|||
(kernel, window system, and so on) of the specific operating system |
|||
(if any) on which the executable work runs, or a compiler used to |
|||
produce the work, or an object code interpreter used to run it. |
|||
|
|||
The "Corresponding Source" for a work in object code form means all |
|||
the source code needed to generate, install, and (for an executable |
|||
work) run the object code and to modify the work, including scripts to |
|||
control those activities. However, it does not include the work's |
|||
System Libraries, or general-purpose tools or generally available free |
|||
programs which are used unmodified in performing those activities but |
|||
which are not part of the work. For example, Corresponding Source |
|||
includes interface definition files associated with source files for |
|||
the work, and the source code for shared libraries and dynamically |
|||
linked subprograms that the work is specifically designed to require, |
|||
such as by intimate data communication or control flow between those |
|||
subprograms and other parts of the work. |
|||
|
|||
The Corresponding Source need not include anything that users |
|||
can regenerate automatically from other parts of the Corresponding |
|||
Source. |
|||
|
|||
The Corresponding Source for a work in source code form is that |
|||
same work. |
|||
|
|||
2. Basic Permissions. |
|||
|
|||
All rights granted under this License are granted for the term of |
|||
copyright on the Program, and are irrevocable provided the stated |
|||
conditions are met. This License explicitly affirms your unlimited |
|||
permission to run the unmodified Program. The output from running a |
|||
covered work is covered by this License only if the output, given its |
|||
content, constitutes a covered work. This License acknowledges your |
|||
rights of fair use or other equivalent, as provided by copyright law. |
|||
|
|||
You may make, run and propagate covered works that you do not |
|||
convey, without conditions so long as your license otherwise remains |
|||
in force. You may convey covered works to others for the sole purpose |
|||
of having them make modifications exclusively for you, or provide you |
|||
with facilities for running those works, provided that you comply with |
|||
the terms of this License in conveying all material for which you do |
|||
not control copyright. Those thus making or running the covered works |
|||
for you must do so exclusively on your behalf, under your direction |
|||
and control, on terms that prohibit them from making any copies of |
|||
your copyrighted material outside their relationship with you. |
|||
|
|||
Conveying under any other circumstances is permitted solely under |
|||
the conditions stated below. Sublicensing is not allowed; section 10 |
|||
makes it unnecessary. |
|||
|
|||
3. Protecting Users' Legal Rights From Anti-Circumvention Law. |
|||
|
|||
No covered work shall be deemed part of an effective technological |
|||
measure under any applicable law fulfilling obligations under article |
|||
11 of the WIPO copyright treaty adopted on 20 December 1996, or |
|||
similar laws prohibiting or restricting circumvention of such |
|||
measures. |
|||
|
|||
When you convey a covered work, you waive any legal power to forbid |
|||
circumvention of technological measures to the extent such circumvention |
|||
is effected by exercising rights under this License with respect to |
|||
the covered work, and you disclaim any intention to limit operation or |
|||
modification of the work as a means of enforcing, against the work's |
|||
users, your or third parties' legal rights to forbid circumvention of |
|||
technological measures. |
|||
|
|||
4. Conveying Verbatim Copies. |
|||
|
|||
You may convey verbatim copies of the Program's source code as you |
|||
receive it, in any medium, provided that you conspicuously and |
|||
appropriately publish on each copy an appropriate copyright notice; |
|||
keep intact all notices stating that this License and any |
|||
non-permissive terms added in accord with section 7 apply to the code; |
|||
keep intact all notices of the absence of any warranty; and give all |
|||
recipients a copy of this License along with the Program. |
|||
|
|||
You may charge any price or no price for each copy that you convey, |
|||
and you may offer support or warranty protection for a fee. |
|||
|
|||
5. Conveying Modified Source Versions. |
|||
|
|||
You may convey a work based on the Program, or the modifications to |
|||
produce it from the Program, in the form of source code under the |
|||
terms of section 4, provided that you also meet all of these conditions: |
|||
|
|||
a) The work must carry prominent notices stating that you modified |
|||
it, and giving a relevant date. |
|||
|
|||
b) The work must carry prominent notices stating that it is |
|||
released under this License and any conditions added under section |
|||
7. This requirement modifies the requirement in section 4 to |
|||
"keep intact all notices". |
|||
|
|||
c) You must license the entire work, as a whole, under this |
|||
License to anyone who comes into possession of a copy. This |
|||
License will therefore apply, along with any applicable section 7 |
|||
additional terms, to the whole of the work, and all its parts, |
|||
regardless of how they are packaged. This License gives no |
|||
permission to license the work in any other way, but it does not |
|||
invalidate such permission if you have separately received it. |
|||
|
|||
d) If the work has interactive user interfaces, each must display |
|||
Appropriate Legal Notices; however, if the Program has interactive |
|||
interfaces that do not display Appropriate Legal Notices, your |
|||
work need not make them do so. |
|||
|
|||
A compilation of a covered work with other separate and independent |
|||
works, which are not by their nature extensions of the covered work, |
|||
and which are not combined with it such as to form a larger program, |
|||
in or on a volume of a storage or distribution medium, is called an |
|||
"aggregate" if the compilation and its resulting copyright are not |
|||
used to limit the access or legal rights of the compilation's users |
|||
beyond what the individual works permit. Inclusion of a covered work |
|||
in an aggregate does not cause this License to apply to the other |
|||
parts of the aggregate. |
|||
|
|||
6. Conveying Non-Source Forms. |
|||
|
|||
You may convey a covered work in object code form under the terms |
|||
of sections 4 and 5, provided that you also convey the |
|||
machine-readable Corresponding Source under the terms of this License, |
|||
in one of these ways: |
|||
|
|||
a) Convey the object code in, or embodied in, a physical product |
|||
(including a physical distribution medium), accompanied by the |
|||
Corresponding Source fixed on a durable physical medium |
|||
customarily used for software interchange. |
|||
|
|||
b) Convey the object code in, or embodied in, a physical product |
|||
(including a physical distribution medium), accompanied by a |
|||
written offer, valid for at least three years and valid for as |
|||
long as you offer spare parts or customer support for that product |
|||
model, to give anyone who possesses the object code either (1) a |
|||
copy of the Corresponding Source for all the software in the |
|||
product that is covered by this License, on a durable physical |
|||
medium customarily used for software interchange, for a price no |
|||
more than your reasonable cost of physically performing this |
|||
conveying of source, or (2) access to copy the |
|||
Corresponding Source from a network server at no charge. |
|||
|
|||
c) Convey individual copies of the object code with a copy of the |
|||
written offer to provide the Corresponding Source. This |
|||
alternative is allowed only occasionally and noncommercially, and |
|||
only if you received the object code with such an offer, in accord |
|||
with subsection 6b. |
|||
|
|||
d) Convey the object code by offering access from a designated |
|||
place (gratis or for a charge), and offer equivalent access to the |
|||
Corresponding Source in the same way through the same place at no |
|||
further charge. You need not require recipients to copy the |
|||
Corresponding Source along with the object code. If the place to |
|||
copy the object code is a network server, the Corresponding Source |
|||
may be on a different server (operated by you or a third party) |
|||
that supports equivalent copying facilities, provided you maintain |
|||
clear directions next to the object code saying where to find the |
|||
Corresponding Source. Regardless of what server hosts the |
|||
Corresponding Source, you remain obligated to ensure that it is |
|||
available for as long as needed to satisfy these requirements. |
|||
|
|||
e) Convey the object code using peer-to-peer transmission, provided |
|||
you inform other peers where the object code and Corresponding |
|||
Source of the work are being offered to the general public at no |
|||
charge under subsection 6d. |
|||
|
|||
A separable portion of the object code, whose source code is excluded |
|||
from the Corresponding Source as a System Library, need not be |
|||
included in conveying the object code work. |
|||
|
|||
A "User Product" is either (1) a "consumer product", which means any |
|||
tangible personal property which is normally used for personal, family, |
|||
or household purposes, or (2) anything designed or sold for incorporation |
|||
into a dwelling. In determining whether a product is a consumer product, |
|||
doubtful cases shall be resolved in favor of coverage. For a particular |
|||
product received by a particular user, "normally used" refers to a |
|||
typical or common use of that class of product, regardless of the status |
|||
of the particular user or of the way in which the particular user |
|||
actually uses, or expects or is expected to use, the product. A product |
|||
is a consumer product regardless of whether the product has substantial |
|||
commercial, industrial or non-consumer uses, unless such uses represent |
|||
the only significant mode of use of the product. |
|||
|
|||
"Installation Information" for a User Product means any methods, |
|||
procedures, authorization keys, or other information required to install |
|||
and execute modified versions of a covered work in that User Product from |
|||
a modified version of its Corresponding Source. The information must |
|||
suffice to ensure that the continued functioning of the modified object |
|||
code is in no case prevented or interfered with solely because |
|||
modification has been made. |
|||
|
|||
If you convey an object code work under this section in, or with, or |
|||
specifically for use in, a User Product, and the conveying occurs as |
|||
part of a transaction in which the right of possession and use of the |
|||
User Product is transferred to the recipient in perpetuity or for a |
|||
fixed term (regardless of how the transaction is characterized), the |
|||
Corresponding Source conveyed under this section must be accompanied |
|||
by the Installation Information. But this requirement does not apply |
|||
if neither you nor any third party retains the ability to install |
|||
modified object code on the User Product (for example, the work has |
|||
been installed in ROM). |
|||
|
|||
The requirement to provide Installation Information does not include a |
|||
requirement to continue to provide support service, warranty, or updates |
|||
for a work that has been modified or installed by the recipient, or for |
|||
the User Product in which it has been modified or installed. Access to a |
|||
network may be denied when the modification itself materially and |
|||
adversely affects the operation of the network or violates the rules and |
|||
protocols for communication across the network. |
|||
|
|||
Corresponding Source conveyed, and Installation Information provided, |
|||
in accord with this section must be in a format that is publicly |
|||
documented (and with an implementation available to the public in |
|||
source code form), and must require no special password or key for |
|||
unpacking, reading or copying. |
|||
|
|||
7. Additional Terms. |
|||
|
|||
"Additional permissions" are terms that supplement the terms of this |
|||
License by making exceptions from one or more of its conditions. |
|||
Additional permissions that are applicable to the entire Program shall |
|||
be treated as though they were included in this License, to the extent |
|||
that they are valid under applicable law. If additional permissions |
|||
apply only to part of the Program, that part may be used separately |
|||
under those permissions, but the entire Program remains governed by |
|||
this License without regard to the additional permissions. |
|||
|
|||
When you convey a copy of a covered work, you may at your option |
|||
remove any additional permissions from that copy, or from any part of |
|||
it. (Additional permissions may be written to require their own |
|||
removal in certain cases when you modify the work.) You may place |
|||
additional permissions on material, added by you to a covered work, |
|||
for which you have or can give appropriate copyright permission. |
|||
|
|||
Notwithstanding any other provision of this License, for material you |
|||
add to a covered work, you may (if authorized by the copyright holders of |
|||
that material) supplement the terms of this License with terms: |
|||
|
|||
a) Disclaiming warranty or limiting liability differently from the |
|||
terms of sections 15 and 16 of this License; or |
|||
|
|||
b) Requiring preservation of specified reasonable legal notices or |
|||
author attributions in that material or in the Appropriate Legal |
|||
Notices displayed by works containing it; or |
|||
|
|||
c) Prohibiting misrepresentation of the origin of that material, or |
|||
requiring that modified versions of such material be marked in |
|||
reasonable ways as different from the original version; or |
|||
|
|||
d) Limiting the use for publicity purposes of names of licensors or |
|||
authors of the material; or |
|||
|
|||
e) Declining to grant rights under trademark law for use of some |
|||
trade names, trademarks, or service marks; or |
|||
|
|||
f) Requiring indemnification of licensors and authors of that |
|||
material by anyone who conveys the material (or modified versions of |
|||
it) with contractual assumptions of liability to the recipient, for |
|||
any liability that these contractual assumptions directly impose on |
|||
those licensors and authors. |
|||
|
|||
All other non-permissive additional terms are considered "further |
|||
restrictions" within the meaning of section 10. If the Program as you |
|||
received it, or any part of it, contains a notice stating that it is |
|||
governed by this License along with a term that is a further |
|||
restriction, you may remove that term. If a license document contains |
|||
a further restriction but permits relicensing or conveying under this |
|||
License, you may add to a covered work material governed by the terms |
|||
of that license document, provided that the further restriction does |
|||
not survive such relicensing or conveying. |
|||
|
|||
If you add terms to a covered work in accord with this section, you |
|||
must place, in the relevant source files, a statement of the |
|||
additional terms that apply to those files, or a notice indicating |
|||
where to find the applicable terms. |
|||
|
|||
Additional terms, permissive or non-permissive, may be stated in the |
|||
form of a separately written license, or stated as exceptions; |
|||
the above requirements apply either way. |
|||
|
|||
8. Termination. |
|||
|
|||
You may not propagate or modify a covered work except as expressly |
|||
provided under this License. Any attempt otherwise to propagate or |
|||
modify it is void, and will automatically terminate your rights under |
|||
this License (including any patent licenses granted under the third |
|||
paragraph of section 11). |
|||
|
|||
However, if you cease all violation of this License, then your |
|||
license from a particular copyright holder is reinstated (a) |
|||
provisionally, unless and until the copyright holder explicitly and |
|||
finally terminates your license, and (b) permanently, if the copyright |
|||
holder fails to notify you of the violation by some reasonable means |
|||
prior to 60 days after the cessation. |
|||
|
|||
Moreover, your license from a particular copyright holder is |
|||
reinstated permanently if the copyright holder notifies you of the |
|||
violation by some reasonable means, this is the first time you have |
|||
received notice of violation of this License (for any work) from that |
|||
copyright holder, and you cure the violation prior to 30 days after |
|||
your receipt of the notice. |
|||
|
|||
Termination of your rights under this section does not terminate the |
|||
licenses of parties who have received copies or rights from you under |
|||
this License. If your rights have been terminated and not permanently |
|||
reinstated, you do not qualify to receive new licenses for the same |
|||
material under section 10. |
|||
|
|||
9. Acceptance Not Required for Having Copies. |
|||
|
|||
You are not required to accept this License in order to receive or |
|||
run a copy of the Program. Ancillary propagation of a covered work |
|||
occurring solely as a consequence of using peer-to-peer transmission |
|||
to receive a copy likewise does not require acceptance. However, |
|||
nothing other than this License grants you permission to propagate or |
|||
modify any covered work. These actions infringe copyright if you do |
|||
not accept this License. Therefore, by modifying or propagating a |
|||
covered work, you indicate your acceptance of this License to do so. |
|||
|
|||
10. Automatic Licensing of Downstream Recipients. |
|||
|
|||
Each time you convey a covered work, the recipient automatically |
|||
receives a license from the original licensors, to run, modify and |
|||
propagate that work, subject to this License. You are not responsible |
|||
for enforcing compliance by third parties with this License. |
|||
|
|||
An "entity transaction" is a transaction transferring control of an |
|||
organization, or substantially all assets of one, or subdividing an |
|||
organization, or merging organizations. If propagation of a covered |
|||
work results from an entity transaction, each party to that |
|||
transaction who receives a copy of the work also receives whatever |
|||
licenses to the work the party's predecessor in interest had or could |
|||
give under the previous paragraph, plus a right to possession of the |
|||
Corresponding Source of the work from the predecessor in interest, if |
|||
the predecessor has it or can get it with reasonable efforts. |
|||
|
|||
You may not impose any further restrictions on the exercise of the |
|||
rights granted or affirmed under this License. For example, you may |
|||
not impose a license fee, royalty, or other charge for exercise of |
|||
rights granted under this License, and you may not initiate litigation |
|||
(including a cross-claim or counterclaim in a lawsuit) alleging that |
|||
any patent claim is infringed by making, using, selling, offering for |
|||
sale, or importing the Program or any portion of it. |
|||
|
|||
11. Patents. |
|||
|
|||
A "contributor" is a copyright holder who authorizes use under this |
|||
License of the Program or a work on which the Program is based. The |
|||
work thus licensed is called the contributor's "contributor version". |
|||
|
|||
A contributor's "essential patent claims" are all patent claims |
|||
owned or controlled by the contributor, whether already acquired or |
|||
hereafter acquired, that would be infringed by some manner, permitted |
|||
by this License, of making, using, or selling its contributor version, |
|||
but do not include claims that would be infringed only as a |
|||
consequence of further modification of the contributor version. For |
|||
purposes of this definition, "control" includes the right to grant |
|||
patent sublicenses in a manner consistent with the requirements of |
|||
this License. |
|||
|
|||
Each contributor grants you a non-exclusive, worldwide, royalty-free |
|||
patent license under the contributor's essential patent claims, to |
|||
make, use, sell, offer for sale, import and otherwise run, modify and |
|||
propagate the contents of its contributor version. |
|||
|
|||
In the following three paragraphs, a "patent license" is any express |
|||
agreement or commitment, however denominated, not to enforce a patent |
|||
(such as an express permission to practice a patent or covenant not to |
|||
sue for patent infringement). To "grant" such a patent license to a |
|||
party means to make such an agreement or commitment not to enforce a |
|||
patent against the party. |
|||
|
|||
If you convey a covered work, knowingly relying on a patent license, |
|||
and the Corresponding Source of the work is not available for anyone |
|||
to copy, free of charge and under the terms of this License, through a |
|||
publicly available network server or other readily accessible means, |
|||
then you must either (1) cause the Corresponding Source to be so |
|||
available, or (2) arrange to deprive yourself of the benefit of the |
|||
patent license for this particular work, or (3) arrange, in a manner |
|||
consistent with the requirements of this License, to extend the patent |
|||
license to downstream recipients. "Knowingly relying" means you have |
|||
actual knowledge that, but for the patent license, your conveying the |
|||
covered work in a country, or your recipient's use of the covered work |
|||
in a country, would infringe one or more identifiable patents in that |
|||
country that you have reason to believe are valid. |
|||
|
|||
If, pursuant to or in connection with a single transaction or |
|||
arrangement, you convey, or propagate by procuring conveyance of, a |
|||
covered work, and grant a patent license to some of the parties |
|||
receiving the covered work authorizing them to use, propagate, modify |
|||
or convey a specific copy of the covered work, then the patent license |
|||
you grant is automatically extended to all recipients of the covered |
|||
work and works based on it. |
|||
|
|||
A patent license is "discriminatory" if it does not include within |
|||
the scope of its coverage, prohibits the exercise of, or is |
|||
conditioned on the non-exercise of one or more of the rights that are |
|||
specifically granted under this License. You may not convey a covered |
|||
work if you are a party to an arrangement with a third party that is |
|||
in the business of distributing software, under which you make payment |
|||
to the third party based on the extent of your activity of conveying |
|||
the work, and under which the third party grants, to any of the |
|||
parties who would receive the covered work from you, a discriminatory |
|||
patent license (a) in connection with copies of the covered work |
|||
conveyed by you (or copies made from those copies), or (b) primarily |
|||
for and in connection with specific products or compilations that |
|||
contain the covered work, unless you entered into that arrangement, |
|||
or that patent license was granted, prior to 28 March 2007. |
|||
|
|||
Nothing in this License shall be construed as excluding or limiting |
|||
any implied license or other defenses to infringement that may |
|||
otherwise be available to you under applicable patent law. |
|||
|
|||
12. No Surrender of Others' Freedom. |
|||
|
|||
If conditions are imposed on you (whether by court order, agreement or |
|||
otherwise) that contradict the conditions of this License, they do not |
|||
excuse you from the conditions of this License. If you cannot convey a |
|||
covered work so as to satisfy simultaneously your obligations under this |
|||
License and any other pertinent obligations, then as a consequence you may |
|||
not convey it at all. For example, if you agree to terms that obligate you |
|||
to collect a royalty for further conveying from those to whom you convey |
|||
the Program, the only way you could satisfy both those terms and this |
|||
License would be to refrain entirely from conveying the Program. |
|||
|
|||
13. Use with the GNU Affero General Public License. |
|||
|
|||
Notwithstanding any other provision of this License, you have |
|||
permission to link or combine any covered work with a work licensed |
|||
under version 3 of the GNU Affero General Public License into a single |
|||
combined work, and to convey the resulting work. The terms of this |
|||
License will continue to apply to the part which is the covered work, |
|||
but the special requirements of the GNU Affero General Public License, |
|||
section 13, concerning interaction through a network will apply to the |
|||
combination as such. |
|||
|
|||
14. Revised Versions of this License. |
|||
|
|||
The Free Software Foundation may publish revised and/or new versions of |
|||
the GNU General Public License from time to time. Such new versions will |
|||
be similar in spirit to the present version, but may differ in detail to |
|||
address new problems or concerns. |
|||
|
|||
Each version is given a distinguishing version number. If the |
|||
Program specifies that a certain numbered version of the GNU General |
|||
Public License "or any later version" applies to it, you have the |
|||
option of following the terms and conditions either of that numbered |
|||
version or of any later version published by the Free Software |
|||
Foundation. If the Program does not specify a version number of the |
|||
GNU General Public License, you may choose any version ever published |
|||
by the Free Software Foundation. |
|||
|
|||
If the Program specifies that a proxy can decide which future |
|||
versions of the GNU General Public License can be used, that proxy's |
|||
public statement of acceptance of a version permanently authorizes you |
|||
to choose that version for the Program. |
|||
|
|||
Later license versions may give you additional or different |
|||
permissions. However, no additional obligations are imposed on any |
|||
author or copyright holder as a result of your choosing to follow a |
|||
later version. |
|||
|
|||
15. Disclaimer of Warranty. |
|||
|
|||
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY |
|||
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT |
|||
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY |
|||
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, |
|||
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|||
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM |
|||
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF |
|||
ALL NECESSARY SERVICING, REPAIR OR CORRECTION. |
|||
|
|||
16. Limitation of Liability. |
|||
|
|||
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING |
|||
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS |
|||
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY |
|||
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE |
|||
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF |
|||
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD |
|||
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), |
|||
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF |
|||
SUCH DAMAGES. |
|||
|
|||
17. Interpretation of Sections 15 and 16. |
|||
|
|||
If the disclaimer of warranty and limitation of liability provided |
|||
above cannot be given local legal effect according to their terms, |
|||
reviewing courts shall apply local law that most closely approximates |
|||
an absolute waiver of all civil liability in connection with the |
|||
Program, unless a warranty or assumption of liability accompanies a |
|||
copy of the Program in return for a fee. |
|||
|
|||
END OF TERMS AND CONDITIONS |
|||
|
|||
How to Apply These Terms to Your New Programs |
|||
|
|||
If you develop a new program, and you want it to be of the greatest |
|||
possible use to the public, the best way to achieve this is to make it |
|||
free software which everyone can redistribute and change under these terms. |
|||
|
|||
To do so, attach the following notices to the program. It is safest |
|||
to attach them to the start of each source file to most effectively |
|||
state the exclusion of warranty; and each file should have at least |
|||
the "copyright" line and a pointer to where the full notice is found. |
|||
|
|||
<one line to give the program's name and a brief idea of what it does.> |
|||
Copyright (C) <year> <name of author> |
|||
|
|||
This program is free software: you can redistribute it and/or modify |
|||
it under the terms of the GNU General Public License as published by |
|||
the Free Software Foundation, either version 3 of the License, or |
|||
(at your option) any later version. |
|||
|
|||
This program is distributed in the hope that it will be useful, |
|||
but WITHOUT ANY WARRANTY; without even the implied warranty of |
|||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|||
GNU General Public License for more details. |
|||
|
|||
You should have received a copy of the GNU General Public License |
|||
along with this program. If not, see <http://www.gnu.org/licenses/>. |
|||
|
|||
Also add information on how to contact you by electronic and paper mail. |
|||
|
|||
If the program does terminal interaction, make it output a short |
|||
notice like this when it starts in an interactive mode: |
|||
|
|||
<program> Copyright (C) <year> <name of author> |
|||
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. |
|||
This is free software, and you are welcome to redistribute it |
|||
under certain conditions; type `show c' for details. |
|||
|
|||
The hypothetical commands `show w' and `show c' should show the appropriate |
|||
parts of the General Public License. Of course, your program's commands |
|||
might be different; for a GUI interface, you would use an "about box". |
|||
|
|||
You should also get your employer (if you work as a programmer) or school, |
|||
if any, to sign a "copyright disclaimer" for the program, if necessary. |
|||
For more information on this, and how to apply and follow the GNU GPL, see |
|||
<http://www.gnu.org/licenses/>. |
|||
|
|||
The GNU General Public License does not permit incorporating your program |
|||
into proprietary programs. If your program is a subroutine library, you |
|||
may consider it more useful to permit linking proprietary applications with |
|||
the library. If this is what you want to do, use the GNU Lesser General |
|||
Public License instead of this License. But first, please read |
|||
<http://www.gnu.org/philosophy/why-not-lgpl.html>. |
|||
@ -0,0 +1,61 @@ |
|||
# LDAP Tool Box Self Service Password |
|||
|
|||
[](https://bestpractices.coreinfrastructure.org/projects/372) |
|||
[](https://travis-ci.org/ltb-project/self-service-password) |
|||
[](https://self-service-password.readthedocs.io/en/latest/?badge=latest) |
|||
|
|||
## Presentation |
|||
|
|||
Self Service Password is a PHP application that allows users to change their password in an LDAP directory. |
|||
|
|||
The application can be used on standard LDAPv3 directories (OpenLDAP, OpenDS, ApacheDS, Sun Oracle DSEE, Novell, etc.) and also on Active Directory. |
|||
|
|||
 |
|||
|
|||
It has the following features: |
|||
* Samba mode to change Samba passwords |
|||
* Active directory mode |
|||
* Local password policy: |
|||
* Minimum/maximum length |
|||
* Forbidden characters |
|||
* Upper, Lower, Digit or Special characters counters |
|||
* Reuse old password check |
|||
* Password same as login |
|||
* Complexity (different class of characters) |
|||
* Help messages |
|||
* Reset by questions |
|||
* Reset by mail challenge (token sent by mail) |
|||
* Reset by SMS (trough external Email 2 SMS service or SMS API) |
|||
* Change SSH Key in LDAP directory |
|||
* Captcha (built-in) |
|||
* Mail notification after password change |
|||
* Hook script before and after password change |
|||
|
|||
## Prerequisite |
|||
|
|||
* PHP (7 or later) |
|||
* PHP extensions required: |
|||
* php-curl (haveibeenpwned api) |
|||
* php-gd (captcha) |
|||
* php-filter |
|||
* php-ldap |
|||
* php-mbstring (reset mail) |
|||
* php-openssl (token crypt, probably built-in) |
|||
* Smarty 3 |
|||
* strong cryptography functions available (for random_compat, PHP 7 or libsodium or /dev/urandom readable or php-mcrypt extension installed) |
|||
* valid PHP mail server configuration (reset mail) |
|||
* valid PHP session configuration (reset mail) |
|||
|
|||
## Documentation |
|||
|
|||
Documentation is available on https://self-service-password.readthedocs.io/en/latest/ |
|||
|
|||
## Download |
|||
|
|||
Tarballs and packages for Debian and Red Hat are available on http://ltb-project.org/wiki/download#self_service_password |
|||
|
|||
Debian and Red Hat repositories are also available, see [installation instructions](https://self-service-password.readthedocs.io/en/latest/installation.html). |
|||
|
|||
## Source code |
|||
|
|||
Source codes are available on https://github.com/ltb-project/self-service-password |
|||
@ -0,0 +1,3 @@ |
|||
* |
|||
!.gitignore |
|||
!config.inc.php |
|||
@ -0,0 +1,409 @@ |
|||
<?php |
|||
#==============================================================================
|
|||
# LTB Self Service Password
|
|||
#
|
|||
# Copyright (C) 2009 Clement OUDOT
|
|||
# Copyright (C) 2009 LTB-project.org
|
|||
#
|
|||
# This program is free software; you can redistribute it and/or
|
|||
# modify it under the terms of the GNU General Public License
|
|||
# as published by the Free Software Foundation; either version 2
|
|||
# of the License, or (at your option) any later version.
|
|||
#
|
|||
# This program is distributed in the hope that it will be useful,
|
|||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|||
# GNU General Public License for more details.
|
|||
#
|
|||
# GPL License: http://www.gnu.org/licenses/gpl.txt
|
|||
#
|
|||
#==============================================================================
|
|||
|
|||
#==============================================================================
|
|||
# All the default values are kept here, you should not modify it but use
|
|||
# config.inc.local.php file instead to override the settings from here.
|
|||
#==============================================================================
|
|||
|
|||
#==============================================================================
|
|||
# Configuration
|
|||
#==============================================================================
|
|||
|
|||
# Debug mode
|
|||
# true: log and display any errors or warnings (use this in configuration/testing)
|
|||
# false: log only errors and do not display them (use this in production)
|
|||
$debug = false; |
|||
|
|||
# LDAP
|
|||
$ldap_url = "ldap://localhost"; |
|||
$ldap_starttls = false; |
|||
$ldap_binddn = "cn=manager,dc=example,dc=com"; |
|||
$ldap_bindpw = 'secret'; |
|||
$ldap_base = "dc=example,dc=com"; |
|||
$ldap_login_attribute = "uid"; |
|||
$ldap_fullname_attribute = "cn"; |
|||
$ldap_filter = "(&(objectClass=person)($ldap_login_attribute={login}))"; |
|||
$ldap_use_exop_passwd = false; |
|||
$ldap_use_ppolicy_control = false; |
|||
|
|||
# Active Directory mode
|
|||
# true: use unicodePwd as password field
|
|||
# false: LDAPv3 standard behavior
|
|||
$ad_mode = false; |
|||
# Force account unlock when password is changed
|
|||
$ad_options['force_unlock'] = false; |
|||
# Force user change password at next login
|
|||
$ad_options['force_pwd_change'] = false; |
|||
# Allow user with expired password to change password
|
|||
$ad_options['change_expired_password'] = false; |
|||
|
|||
# Samba mode
|
|||
# true: update sambaNTpassword and sambaPwdLastSet attributes too
|
|||
# false: just update the password
|
|||
$samba_mode = false; |
|||
# Set password min/max age in Samba attributes
|
|||
#$samba_options['min_age'] = 5;
|
|||
#$samba_options['max_age'] = 45;
|
|||
#$samba_options['expire_days'] = 90;
|
|||
|
|||
# Shadow options - require shadowAccount objectClass
|
|||
# Update shadowLastChange
|
|||
$shadow_options['update_shadowLastChange'] = false; |
|||
$shadow_options['update_shadowExpire'] = false; |
|||
|
|||
# Default to -1, never expire
|
|||
$shadow_options['shadow_expire_days'] = -1; |
|||
|
|||
# Hash mechanism for password:
|
|||
# SSHA, SSHA256, SSHA384, SSHA512
|
|||
# SHA, SHA256, SHA384, SHA512
|
|||
# SMD5
|
|||
# MD5
|
|||
# CRYPT
|
|||
# clear (the default)
|
|||
# auto (will check the hash of current password)
|
|||
# This option is not used with ad_mode = true
|
|||
$hash = "clear"; |
|||
|
|||
# Prefix to use for salt with CRYPT
|
|||
$hash_options['crypt_salt_prefix'] = "$6$"; |
|||
$hash_options['crypt_salt_length'] = "6"; |
|||
|
|||
# USE rate-limiting by IP and/or by user
|
|||
$use_ratelimit = false; |
|||
# dir for json db's (system default tmpdir)
|
|||
#$ratelimit_dbdir = '/tmp';
|
|||
# block attempts for same login ?
|
|||
$max_attempts_per_user = 2; |
|||
# block attempts for same IP ?
|
|||
$max_attempts_per_ip = 2; |
|||
# how many time to refuse subsequent requests ?
|
|||
$max_attempts_block_seconds = "60"; |
|||
# Header to use for client IP (HTTP_X_FORWARDED_FOR ?)
|
|||
$client_ip_header = 'REMOTE_ADDR'; |
|||
|
|||
# Local password policy
|
|||
# This is applied before directory password policy
|
|||
# Minimal length
|
|||
$pwd_min_length = 0; |
|||
# Maximal length
|
|||
$pwd_max_length = 0; |
|||
# Minimal lower characters
|
|||
$pwd_min_lower = 0; |
|||
# Minimal upper characters
|
|||
$pwd_min_upper = 0; |
|||
# Minimal digit characters
|
|||
$pwd_min_digit = 0; |
|||
# Minimal special characters
|
|||
$pwd_min_special = 0; |
|||
# Definition of special characters
|
|||
$pwd_special_chars = "^a-zA-Z0-9"; |
|||
# Forbidden characters
|
|||
#$pwd_forbidden_chars = "@%";
|
|||
# Don't reuse the same password as currently
|
|||
$pwd_no_reuse = true; |
|||
# Check that password is different than login
|
|||
$pwd_diff_login = true; |
|||
# Check new passwords differs from old one - minimum characters count
|
|||
$pwd_diff_last_min_chars = 0; |
|||
# Forbidden words which must not appear in the password
|
|||
$pwd_forbidden_words = array(); |
|||
# Forbidden ldap fields
|
|||
# Respective values of the user's entry must not appear in the password
|
|||
# example: $pwd_forbidden_ldap_fields = array('cn', 'givenName', 'sn', 'mail');
|
|||
$pwd_forbidden_ldap_fields = array(); |
|||
# Complexity: number of different class of character required
|
|||
$pwd_complexity = 0; |
|||
# use pwnedpasswords api v2 to securely check if the password has been on a leak
|
|||
$use_pwnedpasswords = false; |
|||
# Show policy constraints message:
|
|||
# always
|
|||
# never
|
|||
# onerror
|
|||
$pwd_show_policy = "never"; |
|||
# Position of password policy constraints message:
|
|||
# above - the form
|
|||
# below - the form
|
|||
$pwd_show_policy_pos = "above"; |
|||
|
|||
# disallow use of the only special character as defined in `$pwd_special_chars` at the beginning and end
|
|||
$pwd_no_special_at_ends = false; |
|||
|
|||
# Who changes the password?
|
|||
# Also applicable for question/answer save
|
|||
# user: the user itself
|
|||
# manager: the above binddn
|
|||
$who_change_password = "user"; |
|||
|
|||
# Show extended error message returned by LDAP directory when password is refused
|
|||
$show_extended_error = false; |
|||
|
|||
## Standard change
|
|||
# Use standard change form?
|
|||
$use_change = true; |
|||
|
|||
## SSH Key Change
|
|||
# Allow changing of sshPublicKey?
|
|||
$change_sshkey = false; |
|||
|
|||
# What attribute should be changed by the changesshkey action?
|
|||
$change_sshkey_attribute = "sshPublicKey"; |
|||
|
|||
# Who changes the sshPublicKey attribute?
|
|||
# Also applicable for question/answer save
|
|||
# user: the user itself
|
|||
# manager: the above binddn
|
|||
$who_change_sshkey = "user"; |
|||
|
|||
# Notify users anytime their sshPublicKey is changed
|
|||
## Requires mail configuration below
|
|||
$notify_on_sshkey_change = false; |
|||
|
|||
## Questions/answers
|
|||
# Use questions/answers?
|
|||
$use_questions = true; |
|||
# Allow to register more than one answer?
|
|||
$multiple_answers = false; |
|||
# Store many answers in a single string attribute
|
|||
# (only used if $multiple_answers = true)
|
|||
$multiple_answers_one_str = false; |
|||
|
|||
# Answer attribute should be hidden to users!
|
|||
$answer_objectClass = "extensibleObject"; |
|||
$answer_attribute = "info"; |
|||
|
|||
# Crypt answers inside the directory
|
|||
$crypt_answers = true; |
|||
|
|||
# Extra questions (built-in questions are in lang/$lang.inc.php)
|
|||
# Should the built-in questions be included?
|
|||
$questions_use_default = true; |
|||
#$messages['questions']['ice'] = "What is your favorite ice cream flavor?";
|
|||
|
|||
# How many questions must be answered.
|
|||
# If = 1: legacy behavior
|
|||
# If > 1:
|
|||
# this many questions will be included in the page forms
|
|||
# this many questions must be set at a time
|
|||
# user must answer this many correctly to reset a password
|
|||
# $multiple_answers must be true
|
|||
# at least this many possible questions must be available (there are only 2 questions built-in)
|
|||
$questions_count = 1; |
|||
|
|||
# Should the user be able to select registered question(s) by entering only the login?
|
|||
$question_populate_enable = false; |
|||
|
|||
## Token
|
|||
# Use tokens?
|
|||
# true (default)
|
|||
# false
|
|||
$use_tokens = true; |
|||
# Crypt tokens?
|
|||
# true (default)
|
|||
# false
|
|||
$crypt_tokens = true; |
|||
# Token lifetime in seconds
|
|||
$token_lifetime = "3600"; |
|||
|
|||
## Mail
|
|||
# LDAP mail attribute
|
|||
$mail_attribute = "mail"; |
|||
# Get mail address directly from LDAP (only first mail entry)
|
|||
# and hide mail input field
|
|||
# default = false
|
|||
$mail_address_use_ldap = false; |
|||
# Who the email should come from
|
|||
$mail_from = "admin@example.com"; |
|||
$mail_from_name = "Self Service Password"; |
|||
$mail_signature = ""; |
|||
# Notify users anytime their password is changed
|
|||
$notify_on_change = false; |
|||
# PHPMailer configuration (see https://github.com/PHPMailer/PHPMailer)
|
|||
$mail_sendmailpath = '/usr/sbin/sendmail'; |
|||
$mail_protocol = 'smtp'; |
|||
$mail_smtp_debug = 0; |
|||
$mail_debug_format = 'error_log'; |
|||
$mail_smtp_host = 'localhost'; |
|||
$mail_smtp_auth = false; |
|||
$mail_smtp_user = ''; |
|||
$mail_smtp_pass = ''; |
|||
$mail_smtp_port = 25; |
|||
$mail_smtp_timeout = 30; |
|||
$mail_smtp_keepalive = false; |
|||
$mail_smtp_secure = 'tls'; |
|||
$mail_smtp_autotls = true; |
|||
$mail_smtp_options = array(); |
|||
$mail_contenttype = 'text/plain'; |
|||
$mail_wordwrap = 0; |
|||
$mail_charset = 'utf-8'; |
|||
$mail_priority = 3; |
|||
|
|||
## SMS
|
|||
# Use sms
|
|||
$use_sms = true; |
|||
# SMS method (mail, api)
|
|||
$sms_method = "mail"; |
|||
$sms_api_lib = "lib/smsapi.inc.php"; |
|||
# GSM number attribute
|
|||
$sms_attribute = "mobile"; |
|||
# Partially hide number
|
|||
$sms_partially_hide_number = true; |
|||
# Send SMS mail to address
|
|||
$smsmailto = "{sms_attribute}@service.provider.com"; |
|||
# Subject when sending email to SMTP to SMS provider
|
|||
$smsmail_subject = "Provider code"; |
|||
# Message
|
|||
$sms_message = "{smsresetmessage} {smstoken}"; |
|||
# Remove non digit characters from GSM number
|
|||
$sms_sanitize_number = false; |
|||
# Truncate GSM number
|
|||
$sms_truncate_number = false; |
|||
$sms_truncate_number_length = 10; |
|||
# SMS token length
|
|||
$sms_token_length = 6; |
|||
# Max attempts allowed for SMS token
|
|||
$max_attempts = 3; |
|||
|
|||
# Encryption, decryption keyphrase, required if $use_tokens = true and $crypt_tokens = true, or $use_sms, or $crypt_answer
|
|||
# Please change it to anything long, random and complicated, you do not have to remember it
|
|||
# Changing it will also invalidate all previous tokens and SMS codes
|
|||
$keyphrase = "secret"; |
|||
|
|||
# Reset URL (if behind a reverse proxy)
|
|||
#$reset_url = $_SERVER['HTTP_X_FORWARDED_PROTO'] . "://" . $_SERVER['HTTP_X_FORWARDED_HOST'] . $_SERVER['SCRIPT_NAME'];
|
|||
|
|||
# Display help messages
|
|||
$show_help = true; |
|||
|
|||
# Default language
|
|||
$lang = "en"; |
|||
|
|||
# List of authorized languages. If empty, all language are allowed.
|
|||
# If not empty and the user's browser language setting is not in that list, language from $lang will be used.
|
|||
$allowed_lang = array(); |
|||
|
|||
# Display menu on top
|
|||
$show_menu = true; |
|||
|
|||
# Logo
|
|||
$logo = "images/ltb-logo.png"; |
|||
|
|||
# Background image
|
|||
$background_image = "images/unsplash-space.jpeg"; |
|||
|
|||
$custom_css = ""; |
|||
$display_footer = true; |
|||
|
|||
# Where to log password resets - Make sure apache has write permission
|
|||
# By default, they are logged in Apache log
|
|||
#$reset_request_log = "/var/log/self-service-password";
|
|||
|
|||
# Invalid characters in login
|
|||
# Set at least "*()&|" to prevent LDAP injection
|
|||
# If empty, only alphanumeric characters are accepted
|
|||
$login_forbidden_chars = "*()&|"; |
|||
|
|||
## Captcha
|
|||
$use_captcha = false; |
|||
|
|||
## Default action
|
|||
# change
|
|||
# sendtoken
|
|||
# sendsms
|
|||
$default_action = "change"; |
|||
|
|||
## Rest API
|
|||
$use_restapi = false; |
|||
|
|||
## Extra messages
|
|||
# They can also be defined in lang/ files
|
|||
#$messages['passwordchangedextramessage'] = NULL;
|
|||
#$messages['changehelpextramessage'] = NULL;
|
|||
|
|||
## Pre Hook
|
|||
# Launch a prehook script before changing password.
|
|||
# Script should return with 0, to allow password change.
|
|||
# Any other exit code would abort password modification
|
|||
#$prehook = "/usr/share/self-service-password/prehook.sh";
|
|||
# Display prehook error
|
|||
#$display_prehook_error = true;
|
|||
# Encode passwords sent to prehook script as base64. This will prevent alteration of the passwords if set to true.
|
|||
# To read the actual password in the prehook script, use a base64_decode function/tool
|
|||
#$prehook_password_encodebase64 = false;
|
|||
# Ignore prehook error. This will allow to change password even if prehook script fails.
|
|||
#$ignore_prehook_error = true;
|
|||
|
|||
## Post Hook
|
|||
# Launch a posthook script after successful password change
|
|||
#$posthook = "/usr/share/self-service-password/posthook.sh";
|
|||
# Display posthook error
|
|||
#$display_posthook_error = true;
|
|||
# Encode passwords sent to posthook script as base64. This will prevent alteration of the passwords if set to true.
|
|||
# To read the actual password in the posthook script, use a base64_decode function/tool
|
|||
#$posthook_password_encodebase64 = false;
|
|||
|
|||
# Force setlocale if your default PHP configuration is not correct
|
|||
#setlocale(LC_CTYPE, "en_US.UTF-8");
|
|||
|
|||
# Hide some messages to not disclose sensitive information
|
|||
# These messages will be replaced by badcredentials error
|
|||
#$obscure_failure_messages = array("mailnomatch");
|
|||
|
|||
# HTTP Header name that may hold a login to preset in forms
|
|||
#$header_name_preset_login="Auth-User";
|
|||
|
|||
# The name of an HTTP Header that may hold a reference to an extra config file to include.
|
|||
#$header_name_extra_config="SSP-Extra-Config";
|
|||
|
|||
# Cache directory
|
|||
#$smarty_compile_dir = "/var/cache/self-service-password/templates_c";
|
|||
#$smarty_cache_dir = "/var/cache/self-service-password/cache";
|
|||
|
|||
# Allow to override current settings with local configuration
|
|||
if (file_exists (__DIR__ . '/config.inc.local.php')) { |
|||
require __DIR__ . '/config.inc.local.php'; |
|||
} |
|||
|
|||
# Smarty
|
|||
if (!defined("SMARTY")) { |
|||
define("SMARTY", "/usr/share/php/smarty3/Smarty.class.php"); |
|||
} |
|||
|
|||
# Set preset login from HTTP header $header_name_preset_login
|
|||
$presetLogin = ""; |
|||
if (isset($header_name_preset_login)) { |
|||
$presetLoginKey = "HTTP_".strtoupper(str_replace('-','_',$header_name_preset_login)); |
|||
if (array_key_exists($presetLoginKey, $_SERVER)) { |
|||
$presetLogin = preg_replace("/[^a-zA-Z0-9-_@\.]+/", "", filter_var($_SERVER[$presetLoginKey], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_HIGH)); |
|||
} |
|||
} |
|||
|
|||
# Allow to override current settings with an extra configuration file, whose reference is passed in HTTP_HEADER $header_name_extra_config
|
|||
if (isset($header_name_extra_config)) { |
|||
$extraConfigKey = "HTTP_".strtoupper(str_replace('-','_',$header_name_extra_config)); |
|||
if (array_key_exists($extraConfigKey, $_SERVER)) { |
|||
$extraConfig = preg_replace("/[^a-zA-Z0-9-_]+/", "", filter_var($_SERVER[$extraConfigKey], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_HIGH)); |
|||
if (strlen($extraConfig) > 0 && file_exists (__DIR__ . "/config.inc.".$extraConfig.".php")) { |
|||
require __DIR__ . "/config.inc.".$extraConfig.".php"; |
|||
} |
|||
} |
|||
} |
|||
@ -0,0 +1,19 @@ |
|||
# Minimal makefile for Sphinx documentation
|
|||
#
|
|||
|
|||
# You can set these variables from the command line.
|
|||
SPHINXOPTS = |
|||
SPHINXBUILD = sphinx-build |
|||
SOURCEDIR = . |
|||
BUILDDIR = _build |
|||
|
|||
# Put it first so that "make" without argument is like "make help".
|
|||
help: |
|||
@$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) |
|||
|
|||
.PHONY: help Makefile |
|||
|
|||
# Catch-all target: route all unknown targets to Sphinx using the new
|
|||
# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS).
|
|||
%: Makefile |
|||
@$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O) |
|||
@ -0,0 +1,176 @@ |
|||
# -*- coding: utf-8 -*- |
|||
# |
|||
# Configuration file for the Sphinx documentation builder. |
|||
# |
|||
# This file does only contain a selection of the most common options. For a |
|||
# full list see the documentation: |
|||
# http://www.sphinx-doc.org/en/master/config |
|||
|
|||
# -- Path setup -------------------------------------------------------------- |
|||
|
|||
# If extensions (or modules to document with autodoc) are in another directory, |
|||
# add these directories to sys.path here. If the directory is relative to the |
|||
# documentation root, use os.path.abspath to make it absolute, like shown here. |
|||
# |
|||
# import os |
|||
# import sys |
|||
# sys.path.insert(0, os.path.abspath('.')) |
|||
|
|||
|
|||
# -- Project information ----------------------------------------------------- |
|||
|
|||
project = u'LDAP Tool Box Self Service Password' |
|||
copyright = u'2020, LDAP Tool Box' |
|||
author = u'LDAP Tool Box' |
|||
|
|||
# The short X.Y version |
|||
version = u'' |
|||
# The full version, including alpha/beta/rc tags |
|||
release = u'' |
|||
|
|||
|
|||
# -- General configuration --------------------------------------------------- |
|||
|
|||
# If your documentation needs a minimal Sphinx version, state it here. |
|||
# |
|||
# needs_sphinx = '1.0' |
|||
|
|||
# Add any Sphinx extension module names here, as strings. They can be |
|||
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom |
|||
# ones. |
|||
extensions = [ |
|||
'sphinx-prompt', |
|||
'sphinxcontrib.openapi' |
|||
] |
|||
|
|||
# Add any paths that contain templates here, relative to this directory. |
|||
templates_path = ['_templates'] |
|||
|
|||
# The suffix(es) of source filenames. |
|||
# You can specify multiple suffix as a list of string: |
|||
# |
|||
# source_suffix = ['.rst', '.md'] |
|||
source_suffix = '.rst' |
|||
|
|||
# The master toctree document. |
|||
master_doc = 'index' |
|||
|
|||
# The language for content autogenerated by Sphinx. Refer to documentation |
|||
# for a list of supported languages. |
|||
# |
|||
# This is also used if you do content translation via gettext catalogs. |
|||
# Usually you set "language" from the command line for these cases. |
|||
language = None |
|||
|
|||
# List of patterns, relative to source directory, that match files and |
|||
# directories to ignore when looking for source files. |
|||
# This pattern also affects html_static_path and html_extra_path. |
|||
exclude_patterns = [u'_build', 'Thumbs.db', '.DS_Store'] |
|||
|
|||
# The name of the Pygments (syntax highlighting) style to use. |
|||
pygments_style = None |
|||
|
|||
|
|||
# -- Options for HTML output ------------------------------------------------- |
|||
|
|||
# The theme to use for HTML and HTML Help pages. See the documentation for |
|||
# a list of builtin themes. |
|||
# |
|||
html_theme = 'sphinx_rtd_theme' |
|||
html_logo = 'images/ltb-logo.png' |
|||
|
|||
# Theme options are theme-specific and customize the look and feel of a theme |
|||
# further. For a list of options available for each theme, see the |
|||
# documentation. |
|||
# |
|||
# html_theme_options = {} |
|||
|
|||
# Add any paths that contain custom static files (such as style sheets) here, |
|||
# relative to this directory. They are copied after the builtin static files, |
|||
# so a file named "default.css" will overwrite the builtin "default.css". |
|||
html_static_path = ['_static'] |
|||
|
|||
# Custom sidebar templates, must be a dictionary that maps document names |
|||
# to template names. |
|||
# |
|||
# The default sidebars (for documents that don't match any pattern) are |
|||
# defined by theme itself. Builtin themes are using these templates by |
|||
# default: ``['localtoc.html', 'relations.html', 'sourcelink.html', |
|||
# 'searchbox.html']``. |
|||
# |
|||
# html_sidebars = {} |
|||
|
|||
|
|||
# -- Options for HTMLHelp output --------------------------------------------- |
|||
|
|||
# Output file base name for HTML help builder. |
|||
htmlhelp_basename = 'SelfServicePassworddoc' |
|||
|
|||
|
|||
# -- Options for LaTeX output ------------------------------------------------ |
|||
|
|||
latex_elements = { |
|||
# The paper size ('letterpaper' or 'a4paper'). |
|||
# |
|||
# 'papersize': 'letterpaper', |
|||
|
|||
# The font size ('10pt', '11pt' or '12pt'). |
|||
# |
|||
# 'pointsize': '10pt', |
|||
|
|||
# Additional stuff for the LaTeX preamble. |
|||
# |
|||
# 'preamble': '', |
|||
|
|||
# Latex figure (float) alignment |
|||
# |
|||
# 'figure_align': 'htbp', |
|||
} |
|||
|
|||
# Grouping the document tree into LaTeX files. List of tuples |
|||
# (source start file, target name, title, |
|||
# author, documentclass [howto, manual, or own class]). |
|||
latex_documents = [ |
|||
(master_doc, 'SelfServicePassword.tex', u'Self Service Password Documentation', |
|||
u'Clément OUDOT', 'manual'), |
|||
] |
|||
|
|||
|
|||
# -- Options for manual page output ------------------------------------------ |
|||
|
|||
# One entry per manual page. List of tuples |
|||
# (source start file, name, description, authors, manual section). |
|||
man_pages = [ |
|||
(master_doc, 'selfservicepassword', u'Self Service Password Documentation', |
|||
[author], 1) |
|||
] |
|||
|
|||
|
|||
# -- Options for Texinfo output ---------------------------------------------- |
|||
|
|||
# Grouping the document tree into Texinfo files. List of tuples |
|||
# (source start file, target name, title, author, |
|||
# dir menu entry, description, category) |
|||
texinfo_documents = [ |
|||
(master_doc, 'SelfServicePassword', u'Self Service Password Documentation', |
|||
author, 'SelfServicePassword', 'One line description of project.', |
|||
'Miscellaneous'), |
|||
] |
|||
|
|||
|
|||
# -- Options for Epub output ------------------------------------------------- |
|||
|
|||
# Bibliographic Dublin Core info. |
|||
epub_title = project |
|||
|
|||
# The unique identifier of the text. This can be a ISBN number |
|||
# or the project homepage. |
|||
# |
|||
# epub_identifier = '' |
|||
|
|||
# A unique identification for the text. |
|||
# |
|||
# epub_uid = '' |
|||
|
|||
# A list of files that should not be packed into the epub file. |
|||
epub_exclude_files = ['search.html'] |
|||
@ -0,0 +1,98 @@ |
|||
Apache configuration |
|||
==================== |
|||
|
|||
.. tip:: Debian and RPM packages already include Apache configuration |
|||
|
|||
Here is an example of Apache configuration using a virtual host: |
|||
|
|||
.. code:: apache |
|||
|
|||
<VirtualHost *:80> |
|||
ServerName ssp.example.com |
|||
|
|||
DocumentRoot /usr/local/self-service-password/htdocs |
|||
DirectoryIndex index.php |
|||
|
|||
AddDefaultCharset UTF-8 |
|||
|
|||
<Directory /usr/local/self-service-password/htdocs> |
|||
AllowOverride None |
|||
<IfVersion >= 2.3> |
|||
Require all granted |
|||
</IfVersion> |
|||
<IfVersion < 2.3> |
|||
Order Deny,Allow |
|||
Allow from all |
|||
</IfVersion> |
|||
</Directory> |
|||
|
|||
Alias /rest /usr/local/self-service-password/rest |
|||
|
|||
<Directory /usr/local/self-service-password/rest> |
|||
AllowOverride None |
|||
<IfVersion >= 2.3> |
|||
Require all denied |
|||
</IfVersion> |
|||
<IfVersion < 2.3> |
|||
Order Deny,Allow |
|||
Deny from all |
|||
</IfVersion> |
|||
</Directory> |
|||
|
|||
LogLevel warn |
|||
ErrorLog /var/log/apache2/ssp_error.log |
|||
CustomLog /var/log/apache2/ssp_access.log combined |
|||
</VirtualHost> |
|||
|
|||
You have to change the server name to fit your own domain configuration. |
|||
|
|||
This file should then be included in Apache configuration. |
|||
|
|||
With Debian package, just enable the site like this: |
|||
|
|||
.. prompt:: bash # |
|||
|
|||
a2ensite self-service-password |
|||
|
|||
|
|||
You can also configure Self Service Password in the default virtual host: |
|||
|
|||
.. code:: apache |
|||
|
|||
Alias /ssp /usr/local/self-service-password/htdocs |
|||
|
|||
<Directory /usr/local/self-service-password/htdocs> |
|||
AllowOverride None |
|||
<IfVersion >= 2.3> |
|||
Require all granted |
|||
</IfVersion> |
|||
<IfVersion < 2.3> |
|||
Order Deny,Allow |
|||
Allow from all |
|||
</IfVersion> |
|||
DirectoryIndex index.php |
|||
AddDefaultCharset UTF-8 |
|||
</Directory> |
|||
|
|||
Alias /ssp/rest /usr/local/self-service-password/rest |
|||
|
|||
<Directory /usr/local/self-service-password/rest> |
|||
AllowOverride None |
|||
<IfVersion >= 2.3> |
|||
Require all denied |
|||
</IfVersion> |
|||
<IfVersion < 2.3> |
|||
Order Deny,Allow |
|||
Deny from all |
|||
</IfVersion> |
|||
DirectoryIndex index.php |
|||
AddDefaultCharset UTF-8 |
|||
</Directory> |
|||
|
|||
Check you configuration and reload Apache: |
|||
|
|||
.. prompt:: bash # |
|||
|
|||
apachectl configtest |
|||
apachectl reload |
|||
|
|||
@ -0,0 +1,278 @@ |
|||
General parameters |
|||
================== |
|||
|
|||
Configuration files |
|||
------------------- |
|||
|
|||
To configure Self Service Password, you need to create a *local* |
|||
configuration file named ``config.inc.local.php`` in |
|||
``self-service-password/conf``. For example : |
|||
|
|||
.. code:: php |
|||
|
|||
<?php |
|||
// Override config.inc.php parameters below |
|||
|
|||
?> |
|||
|
|||
Self Service Password default configuration file is |
|||
``self-service-password/conf/config.inc.php``. It includes |
|||
``config.inc.local.php``. Consequently, you can override all parameters |
|||
in ``config.inc.local.php``. This prevents you to be disturbed by an |
|||
upgrade. |
|||
|
|||
.. warning:: |
|||
Do not copy ``config.inc.php`` into ``config.inc.local.php``, as the first one includes the second. |
|||
You would then create an infinite loop and crash your application. |
|||
|
|||
Multi tenancy |
|||
------------- |
|||
|
|||
You can load a specific configuration file by passing a HTTP header. |
|||
This feature is disable by default. To enable it: |
|||
|
|||
.. code:: php |
|||
|
|||
$header_name_extra_config = "SSP-Extra-Config"; |
|||
|
|||
Then if you send the header ``SSP-Extra-Config: mydomain``, the file |
|||
``conf/config.inc.mydomain.php`` will be loaded. |
|||
|
|||
Language |
|||
-------- |
|||
|
|||
Available languages are: |
|||
|
|||
- Basque (eu) |
|||
- |image0| Brazilian (pt-BR) |
|||
- |image1| Catalonia (ca) |
|||
- |image2| Chinese (cn, zh-CN, zh-TW) |
|||
- |image3| Czech (cs) |
|||
- |image4| Dutch (nl) |
|||
- |image5| English (en) |
|||
- |image6| Estonian (ee) |
|||
- |image7| French (fr) |
|||
- |image8| German (de) |
|||
- |image9| Greek (el) |
|||
- |image10| Hungarian (hu) |
|||
- |image11| Italian (it) |
|||
- |image12| Japanese (ja) |
|||
- |image13| Norwegian bokmål (nb-NO) |
|||
- |image14| Polish (pl) |
|||
- |image15| Portuguese (pt-PT) |
|||
- |image16| Russian (ru) |
|||
- |image23| Serbian (rs) |
|||
- |image17| Slovak (sk) |
|||
- |image18| Slovenian (sl) |
|||
- |image19| Spanish (es) |
|||
- |image20| Swedish (sv) |
|||
- |image21| Turkish (tr) |
|||
- |image22| Ukranian (uk) |
|||
|
|||
Set one of them in ``$lang``: |
|||
|
|||
.. code:: php |
|||
|
|||
$lang = "en"; |
|||
|
|||
Menu |
|||
---- |
|||
|
|||
To display a top menu, activate the option: |
|||
|
|||
.. code:: php |
|||
|
|||
$show_menu = true; |
|||
|
|||
If menu is not shown, the default application title will be displayed. |
|||
|
|||
Messages |
|||
-------- |
|||
|
|||
Help messages provide information to users on how use the interface. |
|||
They can be disabled with ``$show_help``: |
|||
|
|||
.. code:: php |
|||
|
|||
$show_help = false; |
|||
|
|||
You can add extra messages by setting values in these parameters: |
|||
|
|||
.. code:: php |
|||
|
|||
$messages['passwordchangedextramessage'] = "Congratulations!"; |
|||
$messages['changehelpextramessage'] = "Contact us if you are lost..."; |
|||
|
|||
Graphics |
|||
-------- |
|||
|
|||
Logo |
|||
^^^^ |
|||
|
|||
You change the default logo with your own. Set the path to your logo in |
|||
``$logo``: |
|||
|
|||
.. code:: php |
|||
|
|||
$logo = "images/ltb-logo.png"; |
|||
|
|||
.. tip:: Comment this parameter to hide logo |
|||
|
|||
Background |
|||
^^^^^^^^^^ |
|||
|
|||
You change the background image with your own. Set the path to image in |
|||
``$background_image``: |
|||
|
|||
.. code:: php |
|||
|
|||
$background_image = "images/unsplash-space.jpeg"; |
|||
|
|||
.. tip:: Comment this parameter to falll back to default background color |
|||
|
|||
Custom CSS |
|||
^^^^^^^^^^ |
|||
|
|||
To easily customize CSS, you can use a separate CSS file: |
|||
|
|||
.. code:: php |
|||
|
|||
$custom_css = "css/custom.css"; |
|||
|
|||
Footer |
|||
^^^^^^ |
|||
|
|||
You can hide the footer bar: |
|||
|
|||
.. code:: php |
|||
|
|||
$display_footer = false; |
|||
|
|||
Debug |
|||
----- |
|||
|
|||
You can turn on debug mode with ``$debug``: |
|||
|
|||
.. code:: php |
|||
|
|||
$debug = true; |
|||
|
|||
Security |
|||
-------- |
|||
|
|||
You need a key phrase if you use ciphered tokens (see :ref:`config_tokens`) |
|||
|
|||
.. code:: php |
|||
|
|||
$keyphrase = "secret"; |
|||
|
|||
There is also a protection on login to avoid LDAP injections. Some |
|||
characters are forbidden, you can change the list of forbidden |
|||
characters in login with ``$login_forbidden_chars``: |
|||
|
|||
.. code:: php |
|||
|
|||
$login_forbidden_chars = "*()&|"; |
|||
|
|||
.. tip:: If no characters are configured in ``$login_forbidden_chars``, |
|||
only alphanumeric characters are allowed. |
|||
|
|||
You can configure "obscure" messages, so that some errors are not |
|||
displayed and replaced by a generic "bad credentials" error: |
|||
|
|||
.. code:: php |
|||
|
|||
$obscure_failure_messages = array("mailnomatch"); |
|||
|
|||
You may want to limit number of tries per user/ip in a short time |
|||
(especially with sms option). If you enable this defaults are 2 tries |
|||
per login and per hour, and same for ip address: |
|||
|
|||
.. code:: php |
|||
|
|||
$enable_ratelimit = true; |
|||
|
|||
Other possible options for rate limiting: |
|||
|
|||
.. code:: php |
|||
|
|||
$ratelimit_dbdir = '/tmp'; |
|||
$max_attempts_per_user = 2; |
|||
$max_attempts_per_ip = 2; |
|||
$max_attempts_block_seconds = "60"; |
|||
$client_ip_header = 'REMOTE_ADDR'; |
|||
|
|||
Default action |
|||
-------------- |
|||
|
|||
By default, the password change page is displayed. You can configure |
|||
which page should be displayed when no action is defined: |
|||
|
|||
.. code:: php |
|||
|
|||
$default_action = "change"; |
|||
|
|||
Possibles values are: |
|||
|
|||
- ``change`` |
|||
- ``sendtoken`` |
|||
- ``sendsms`` |
|||
|
|||
You can disable the standard password change if you don't need it: |
|||
|
|||
.. code:: php |
|||
|
|||
$use_change = false; |
|||
|
|||
In this case, be sure to also remove "change" from default action, else |
|||
the change page will still be displayed. |
|||
|
|||
Prefill user login |
|||
------------------ |
|||
|
|||
If Self Service Password is called from another application, you can |
|||
prefill the login but sending an HTTP header. |
|||
|
|||
To enable this feature: |
|||
|
|||
.. code:: php |
|||
|
|||
$header_name_preset_login = "Auth-User"; |
|||
|
|||
Captcha |
|||
------- |
|||
|
|||
To require a captcha, set ``$use_captcha``: |
|||
|
|||
.. code:: php |
|||
|
|||
$use_captcha = true; |
|||
|
|||
.. tip:: The captcha is used on every form in Self Service Password |
|||
(password change, token, questions, etc.) |
|||
|
|||
.. |image0| image:: images/br.png |
|||
.. |image1| image:: images/catalonia.png |
|||
.. |image2| image:: images/cn.png |
|||
.. |image3| image:: images/cz.png |
|||
.. |image4| image:: images/nl.png |
|||
.. |image5| image:: images/us.png |
|||
.. |image6| image:: images/ee.png |
|||
.. |image7| image:: images/fr.png |
|||
.. |image8| image:: images/de.png |
|||
.. |image9| image:: images/gr.png |
|||
.. |image10| image:: images/hu.png |
|||
.. |image11| image:: images/it.png |
|||
.. |image12| image:: images/jp.png |
|||
.. |image13| image:: images/no.png |
|||
.. |image14| image:: images/pl.png |
|||
.. |image15| image:: images/pt.png |
|||
.. |image16| image:: images/ru.png |
|||
.. |image17| image:: images/sk.png |
|||
.. |image18| image:: images/sl.png |
|||
.. |image19| image:: images/es.png |
|||
.. |image20| image:: images/se.png |
|||
.. |image21| image:: images/tr.png |
|||
.. |image22| image:: images/ua.png |
|||
.. |image23| image:: images/rs.png |
|||
|
|||
@ -0,0 +1,241 @@ |
|||
LDAP connection |
|||
=============== |
|||
|
|||
Server address |
|||
-------------- |
|||
|
|||
Use an LDAP URI to configure the location of your LDAP server in |
|||
``$ldap_url``: |
|||
|
|||
.. code:: php |
|||
|
|||
$ldap_url = "ldap://localhost:389"; |
|||
|
|||
You can set several URI, so that next server will be tried if the |
|||
previous is down: |
|||
|
|||
.. code:: php |
|||
|
|||
$ldap_url = "ldap://server1 ldap://server2"; |
|||
|
|||
To use SSL, set ``ldaps`` in the URI: |
|||
|
|||
.. code:: php |
|||
|
|||
$ldap_url = "ldaps://localhost"; |
|||
|
|||
To use StartTLS, set ``true`` in ``$ldap_starttls``: |
|||
|
|||
.. code:: php |
|||
|
|||
$ldap_starttls = true; |
|||
|
|||
.. warning:: LDAP certificate management in PHP relies on LDAP |
|||
system libraries. Under Linux, you can configure ``/etc/ldap.conf`` (or |
|||
``/etc/ldap/ldap.conf`` on Debian/Ubuntu, or |
|||
``C:\OpenLDAP\sysconf\ldap.conf`` for Windows). |
|||
|
|||
- Provide the certificate from the certificate authority that issued |
|||
your LDAP server's certificate: |
|||
|
|||
:: |
|||
|
|||
TLS_CACERT /etc/ssl/ca.crt |
|||
|
|||
- Or, disable server certificate checking: |
|||
|
|||
:: |
|||
|
|||
TLS_REQCERT allow |
|||
|
|||
If you face issues with non matching TLS versions between SSP and your |
|||
LDAP server, you can try to set this option: |
|||
|
|||
:: |
|||
|
|||
TLS_CIPHER_SUITE TLSv1+RSA |
|||
|
|||
|
|||
Credentials |
|||
----------- |
|||
|
|||
Configure DN and password in ``$ldap_bindn`` and ``$ldap_bindpw``, for example a service account: |
|||
|
|||
.. code:: php |
|||
|
|||
$ldap_binddn = "cn=ssp,ou=dsa,dc=example,dc=com"; |
|||
$ldap_bindpw = "secret"; |
|||
|
|||
.. tip:: You can leave these parameters empty to bind anonymously. In |
|||
this case, the password modification must be done with user's |
|||
credentials. But this will not work for password reset. |
|||
|
|||
If you want an SSP account to do this on behalf of the user set the value of ``$who_change_password`` to ``manager``. |
|||
|
|||
To instead use user's credentials when writing in LDAP directory, replace ``manager`` with ``user`` in ``$who_change_password``: |
|||
|
|||
.. code:: php |
|||
|
|||
$who_change_password = "user"; |
|||
|
|||
.. warning:: The user account can only be used for standard password |
|||
change, when user is giving its old password. For other password changes |
|||
(token, questions, ...), manager account will always be used, whatever |
|||
value is set in ``$who_change_password``. |
|||
|
|||
Search parameters |
|||
----------------- |
|||
|
|||
You can set the base of the search in ``$ldap_base``: |
|||
|
|||
.. code:: php |
|||
|
|||
$ldap_base = "dc=example,dc=com"; |
|||
|
|||
The filter can be set in ``$ldap_filter``: |
|||
|
|||
.. code:: php |
|||
|
|||
$ldap_filter = "(&(objectClass=person)(uid={login}))"; |
|||
|
|||
.. tip:: The string ``{login}`` is replaced by submitted login. |
|||
|
|||
Extensions |
|||
---------- |
|||
|
|||
You can use LDAP password modify extended operation with |
|||
``$ldap_use_exop_passwd``: |
|||
|
|||
.. code:: php |
|||
|
|||
$ldap_use_exop_passwd = true; |
|||
|
|||
You can also enable LDAP password policy control with ``$ldap_use_ppolicy_control``: |
|||
|
|||
.. code:: php |
|||
|
|||
$ldap_use_ppolicy_control = true; |
|||
|
|||
Special modes |
|||
------------- |
|||
|
|||
Active Directory |
|||
~~~~~~~~~~~~~~~~ |
|||
|
|||
Password in Active Directory is not managed like in other LDAP |
|||
directories. Use option ``$ad_mode`` to use ``unicodePwd`` as password |
|||
field: |
|||
|
|||
.. code:: php |
|||
|
|||
$ad_mode = true; |
|||
|
|||
You must also use SSL on LDAP connection because AD refuses to change a |
|||
password on a clear connection. See this |
|||
`documentation </documentation/general/active_directory_certificates>`__ |
|||
to manage Active Directory certificates. |
|||
|
|||
Adapt the search filter too: |
|||
|
|||
.. code:: php |
|||
|
|||
$ldap_filter = "(&(objectClass=user)(sAMAccountName={login})(!(userAccountControl:1.2.840.113556.1.4.803:=2)))"; |
|||
|
|||
You can tune some options: |
|||
|
|||
- Force unlock: will unlock a locked account when password is changed |
|||
|
|||
.. code:: php |
|||
|
|||
$ad_options['force_unlock'] = true; |
|||
|
|||
- Force user to change password at next login: |
|||
|
|||
.. code:: php |
|||
|
|||
$ad_options['force_pwd_change'] = true; |
|||
|
|||
- Allow user to change password if password is expired: |
|||
|
|||
.. code:: php |
|||
|
|||
$ad_options['change_expired_password'] = true; |
|||
|
|||
You need to have an account on Active Directory with rights to change |
|||
password of users. To set the minimum rights for this account, do the |
|||
following: |
|||
|
|||
- Create a basic domain account without any additional privileges |
|||
- Use Delegate control wizard within "User and computers", then |
|||
|
|||
- User Object |
|||
- Reset Password |
|||
- Write lockoutTime (if unlock is enabled) |
|||
- Write shadowlastchange |
|||
|
|||
If you enabled the reset by questions feature (see :ref:`config_questions`), |
|||
you also need to give rights on the question attribute: |
|||
|
|||
- Right click the OU where you want delegation of permissions to |
|||
propagate down from and select "Delegate Control…" |
|||
- Add the account to delegate to, click Next |
|||
- Create a custom task to delegate |
|||
- Select the radio button for "Only the following objects in the |
|||
folder", then select "User objects" at the bottom of the list, click |
|||
Next |
|||
- Select the "Property-specific" checkbox only, then locate the |
|||
attribute you are using to store the "Reset by questions" answer in. |
|||
|
|||
Samba 3 or lower |
|||
~~~~~~~~~~~~~~~~ |
|||
|
|||
To manage compatibility with Windows world, Samba stores a specific hash |
|||
of the password in a second attribute (``sambaNTpassword``). It also |
|||
store modification date in ``sambaPwdLastSet``. Use ``$samba_mode`` to |
|||
manage these attributes: |
|||
|
|||
.. code:: php |
|||
|
|||
$samba_mode = true; |
|||
|
|||
You can also update ``sambaPwdCanChange`` and ``sambaPwdMustChange`` |
|||
attributes by settings minimal and maximal age, in days: |
|||
|
|||
.. code:: php |
|||
|
|||
$samba_options['min_age'] = 5; |
|||
$samba_options['max_age'] = 45; |
|||
|
|||
To set an expiration date for a Samba account (attribute |
|||
``sambaKickofftime``), configure a maximal age, in days: |
|||
|
|||
.. code:: php |
|||
|
|||
$samba_options['expire_days'] = 90; |
|||
|
|||
.. tip:: Samba modifications will only be done on entries of class |
|||
``sambaSamAccount`` |
|||
|
|||
.. tip:: For Samba 4, you must use AD mode, not Samba mode. |
|||
|
|||
Shadow |
|||
~~~~~~ |
|||
|
|||
If using ``shadowAccount`` object class for users, you can update the |
|||
``shadowLastChange`` attribute when changing password: |
|||
|
|||
.. code:: php |
|||
|
|||
$shadow_options['update_shadowLastChange'] = true; |
|||
|
|||
You can also update the ``shadowExpire`` attribute to define when the |
|||
password will expire. Use ``-1`` to never expire, else configure the |
|||
number of days: |
|||
|
|||
.. code:: php |
|||
|
|||
$shadow_options['update_shadowExpire'] = true; |
|||
$shadow_options['shadow_expire_days'] = 365; |
|||
|
|||
.. tip:: Shadow modifications will only be done on entries of class |
|||
``shadowAccount`` |
|||
@ -0,0 +1,66 @@ |
|||
.. _config_mail: |
|||
|
|||
Mail |
|||
==== |
|||
|
|||
LDAP Attribute |
|||
-------------- |
|||
|
|||
Set the LDAP attribute where user email is stored: |
|||
|
|||
.. code:: php |
|||
|
|||
$mail_attribute = "mail"; |
|||
|
|||
.. tip:: Only the first value of this attribute will be used to get the |
|||
mail address. |
|||
|
|||
Sender name |
|||
----------- |
|||
|
|||
You can change the default ``From`` header and add a signature: |
|||
|
|||
.. code:: php |
|||
|
|||
$mail_from = "admin@example.com"; |
|||
$mail_from_name = "Self Service Password administrator"; |
|||
$mail_signature = ""; |
|||
|
|||
Change password notification |
|||
---------------------------- |
|||
|
|||
Use this option to send a confirmation mail to the user, just after a |
|||
successful mail change: |
|||
|
|||
.. code:: php |
|||
|
|||
$notify_on_change = true; |
|||
|
|||
PHPMailer |
|||
--------- |
|||
|
|||
You can set all parameters for PHPMailer: |
|||
|
|||
.. code:: php |
|||
|
|||
$mail_sendmailpath = '/usr/sbin/sendmail'; |
|||
$mail_protocol = 'smtp'; |
|||
$mail_smtp_debug = 0; |
|||
$mail_debug_format = 'html'; |
|||
$mail_smtp_host = 'localhost'; |
|||
$mail_smtp_auth = false; |
|||
$mail_smtp_user = ''; |
|||
$mail_smtp_pass = ''; |
|||
$mail_smtp_port = 25; |
|||
$mail_smtp_timeout = 30; |
|||
$mail_smtp_keepalive = false; |
|||
$mail_smtp_secure = 'tls'; |
|||
$mail_smtp_autotls = true; |
|||
$mail_smtp_options = array(); |
|||
$mail_contenttype = 'text/plain'; |
|||
$mail_wordwrap = 0; |
|||
$mail_charset = 'utf-8'; |
|||
$mail_priority = 3; |
|||
|
|||
.. tip:: See https://github.com/PHPMailer/PHPMailer for more |
|||
information |
|||
@ -0,0 +1,83 @@ |
|||
Nginx configuration |
|||
=================== |
|||
|
|||
Configuration with FastCGI: |
|||
|
|||
.. code:: nginx |
|||
|
|||
server { |
|||
listen 80; |
|||
|
|||
root /var/www/html; |
|||
index index.php index.html index.htm; |
|||
|
|||
# Make site accessible from http://localhost/ |
|||
server_name _; |
|||
|
|||
# Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html |
|||
sendfile off; |
|||
|
|||
gzip on; |
|||
gzip_comp_level 6; |
|||
gzip_min_length 1000; |
|||
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js; |
|||
gzip_vary on; |
|||
gzip_proxied any; |
|||
gzip_disable "MSIE [1-6]\.(?!.*SV1)"; |
|||
|
|||
# Add stdout logging |
|||
|
|||
error_log /dev/stdout warn; |
|||
access_log /dev/stdout main; |
|||
|
|||
|
|||
# pass the PHP scripts to FastCGI server listening on socket |
|||
# |
|||
location ~ \.php { |
|||
fastcgi_pass unix:/var/run/php-fpm.socket; |
|||
fastcgi_split_path_info ^(.+\.php)(/.+)$; |
|||
fastcgi_param PATH_INFO $fastcgi_path_info; |
|||
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; |
|||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; |
|||
fastcgi_index index.php; |
|||
try_files $fastcgi_script_name =404; |
|||
fastcgi_read_timeout 600; |
|||
include fastcgi_params; |
|||
} |
|||
|
|||
error_page 404 /404.html; |
|||
location = /404.html { |
|||
root /usr/share/nginx/html; |
|||
internal; |
|||
} |
|||
|
|||
# deny access to . files, for security |
|||
# |
|||
location ~ /\. { |
|||
log_not_found off; |
|||
deny all; |
|||
} |
|||
|
|||
location ~ /scripts { |
|||
log_not_found off; |
|||
deny all; |
|||
} |
|||
|
|||
} |
|||
|
|||
.. tip:: If you get sessions errors with Nginx, try to set |
|||
``output_buffering`` to ``4096`` |
|||
(see https://github.com/ltb-project/self-service-password/issues/74) |
|||
|
|||
Example of php.ini: |
|||
|
|||
.. code:: ini |
|||
|
|||
session.save_path = /tmp |
|||
upload_max_filesize = 10M |
|||
post_max_size = 16M |
|||
max_execution_time = 600 |
|||
request_terminate_timeout = 600 |
|||
expose_php = Off |
|||
output_buffering = 4096 |
|||
|
|||
@ -0,0 +1,173 @@ |
|||
Password policy |
|||
=============== |
|||
|
|||
Hashing |
|||
------- |
|||
|
|||
You can use these schemes to hash the password before sending it to LDAP |
|||
directory: |
|||
|
|||
- SHA |
|||
- SSHA |
|||
- MD5 |
|||
- SMD5 |
|||
- CRYPT |
|||
- clear |
|||
- auto |
|||
|
|||
Set one of them in ``$hash``: |
|||
|
|||
.. code:: php |
|||
|
|||
$hash = "clear"; |
|||
|
|||
.. warning:: This option is ignored with Active Directory |
|||
mode. |
|||
|
|||
.. tip:: Use ``auto`` to get the current password value and find the |
|||
hash. This requires a read access to the password. |
|||
|
|||
You can configure the crypt salt prefix to choose the algorithm (see |
|||
`crypt documentation <http://php.net/manual/en/function.crypt.php>`__): |
|||
|
|||
.. code:: php |
|||
|
|||
$hash_options['crypt_salt_prefix'] = "$6$"; |
|||
|
|||
Size |
|||
---- |
|||
|
|||
Set minimal and maximal length in ``$pwd_min_length`` and |
|||
``$pwd_max_length``: |
|||
|
|||
.. code:: php |
|||
|
|||
$pwd_min_length = 4; |
|||
$pwd_max_length = 8; |
|||
|
|||
.. tip:: Set ``0`` in ``$pwd_max_length`` to disable maximal length |
|||
checking. |
|||
|
|||
Characters |
|||
---------- |
|||
|
|||
You can set the minimal number of lower, upper, digit and special |
|||
characters: |
|||
|
|||
.. code:: php |
|||
|
|||
$pwd_min_lower = 3; |
|||
$pwd_min_upper = 1; |
|||
$pwd_min_digit = 1; |
|||
$pwd_min_special = 1; |
|||
|
|||
Special characters are defined with a regular expression, by default: |
|||
|
|||
.. code:: php |
|||
|
|||
$pwd_special_chars = "^a-zA-Z0-9"; |
|||
|
|||
This means special characters are all characters except alphabetical |
|||
letters and digits. |
|||
|
|||
You can check that these special characters are not at beginning or end |
|||
of the password: |
|||
|
|||
.. code:: php |
|||
|
|||
$pwd_no_special_at_ends = true; |
|||
|
|||
You can also disallow characters from being in password, with |
|||
``$pwd_forbidden_chars``: |
|||
|
|||
.. code:: php |
|||
|
|||
$pwd_forbidden_chars = "@%"; |
|||
|
|||
This means that ``@`` and ``%`` could not be present in a password. |
|||
|
|||
You can define how many different class of characters (lower, upper, |
|||
digit, special) are needed in the password: |
|||
|
|||
.. code:: php |
|||
|
|||
$pwd_complexity = 2; |
|||
|
|||
Pwned Passwords |
|||
--------------- |
|||
|
|||
Allows to check if the password was already compromised, using |
|||
https://haveibeenpwned.com/ database: |
|||
|
|||
.. code:: php |
|||
|
|||
$use_pwnedpasswords = true; |
|||
|
|||
Reuse |
|||
----- |
|||
|
|||
You can prevent a user from using his old password as a new password if |
|||
this check is not done by the directory: |
|||
|
|||
.. code:: php |
|||
|
|||
$pwd_no_reuse = true; |
|||
|
|||
You may also want to check for partial password reuses, ensuring the |
|||
new password includes at least N distinct new characters: |
|||
|
|||
.. code:: php |
|||
|
|||
$pwd_diff_last_min_chars = 3; |
|||
|
|||
Forbidden words |
|||
--------------- |
|||
|
|||
Give a list of forbidden words that the password should not contain: |
|||
|
|||
.. code:: php |
|||
|
|||
$pwd_forbidden_words = array("azerty", "qwerty", "password"); |
|||
|
|||
Forbidden LDAP fields |
|||
--------------------- |
|||
|
|||
Give a list of LDAP fields which values should not be present in the password: |
|||
|
|||
.. code:: php |
|||
|
|||
$pwd_forbidden_ldap_fields = array('cn', 'givenName', 'sn', 'mail'); |
|||
|
|||
Show policy |
|||
----------- |
|||
|
|||
Password policy can be displayed to user by configuring |
|||
``$pwd_show_policy``. Three values are accepted: |
|||
|
|||
- ``always``: policy is always displayed |
|||
- ``never``: policy is never displayed |
|||
- ``onerror``: policy is only displayed if password is rejected because |
|||
of it, and the user provided his old password correctly. |
|||
|
|||
.. code:: php |
|||
|
|||
$pwd_show_policy = "never"; |
|||
|
|||
You can also configure if the policy will be displayed above or below |
|||
the form: |
|||
|
|||
.. code:: php |
|||
|
|||
$pwd_show_policy_pos = "above"; |
|||
|
|||
Extended error |
|||
-------------- |
|||
|
|||
You can display the error message returned by the directory when |
|||
password is refused. The message content depends on your LDAP server |
|||
software: |
|||
|
|||
.. code:: php |
|||
|
|||
$show_extended_error = true; |
|||
|
|||
@ -0,0 +1,114 @@ |
|||
Pre & Post Hook configuration |
|||
============================= |
|||
|
|||
How it works? |
|||
------------- |
|||
|
|||
You can write a script that will be called before changing a |
|||
password (pre hook) or after a successful password change (post hook). |
|||
|
|||
This allow for example to update a file or a database on password |
|||
change. |
|||
|
|||
This script must be executable by the user running Apache. It will take |
|||
3 arguments: |
|||
|
|||
- ``$login`` : the user login |
|||
- ``$newpassword`` : the new password |
|||
- ``$oldpassword`` : the old password |
|||
|
|||
.. tip:: The old password is only provided on standard password change, |
|||
not on password reset |
|||
|
|||
To declare this script, use: |
|||
|
|||
.. code:: php |
|||
|
|||
$prehook = "/usr/share/self-service-password/prehook.sh"; |
|||
$posthook = "/usr/share/self-service-password/posthook.sh"; |
|||
|
|||
You can choose to display an error if the script return code is greater |
|||
than 0: |
|||
|
|||
.. code:: php |
|||
|
|||
$display_prehook_error = true; |
|||
$display_posthook_error = true; |
|||
|
|||
The displayed message will be the first line of the script output. |
|||
|
|||
Another option can be enabled to encode the password in base64 before |
|||
sending it to the script, which can avoid an execution issue if the |
|||
password contains special characters: |
|||
|
|||
.. code:: php |
|||
|
|||
$prehook_password_encodebase64 = false; |
|||
$posthook_password_encodebase64 = false; |
|||
|
|||
By default With prehook script, the password will not be changed in LDAP directory if the script fails. |
|||
You can change this behavior to ignore script error. This could be useful to run prehook script and display a warning |
|||
if it fails, but still try to update password in the directory. |
|||
|
|||
.. code:: php |
|||
|
|||
$ignore_prehook_error = true; |
|||
|
|||
Here is an example of a simple hook script: |
|||
|
|||
.. code:: bash |
|||
|
|||
#!/bin/bash |
|||
|
|||
LOGIN=$1 |
|||
NEWPASSWORD=$2 |
|||
OLDPASSWORD=$3 |
|||
|
|||
echo `date` >> /tmp/posthook.log |
|||
echo "$LOGIN / $NEWPASSWORD / $OLDPASSWORD" >> /tmp/posthook.log |
|||
|
|||
... there is an error ... |
|||
echo "Posthook script has failed" |
|||
exit 1 |
|||
... there is no error ... |
|||
exit 0 |
|||
|
|||
.. warning:: This script is an example, do use not it in production: |
|||
passwords should never be put in logs. Write your own script to |
|||
propagate the password in a safe place |
|||
|
|||
.. warning:: If you are using systemd, it is possible that the |
|||
PrivateTmp feature is enabled by default for Apache (in your |
|||
httpd.service or apache2.service). |
|||
|
|||
When enabled, all logs written from posthook.sh to /tmp will be |
|||
redirected to |
|||
/tmp/systemd-private-XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX-apache2.service-XXXXXX/tmp |
|||
or similar. |
|||
|
|||
Example : Multi LDAP posthook |
|||
----------------------------- |
|||
|
|||
You can configure multiple LDAP backend. |
|||
|
|||
To enable this option, you have to add the posthook : |
|||
|
|||
.. code:: php |
|||
|
|||
$posthook = "php /usr/share/self-service-password/multi_ldap_change.php $login $newpassword"; |
|||
|
|||
You need to add the list of your ldap backend : |
|||
|
|||
.. code:: php |
|||
|
|||
$secondaries_ldap[0]['ldap_url'] = 'ldap://ldap2.example.com'; |
|||
$secondaries_ldap[1]['ldap_url'] = 'ldap://ldap3.example.com'; |
|||
|
|||
It's necessary to activate the base64 enconding for special characters. |
|||
You can be enabled this option with this configuration line : |
|||
|
|||
.. code:: php |
|||
|
|||
$posthook_password_encodebase64 = true; |
|||
|
|||
.. warning:: This script suppose that you use the same credentials on all your backend. |
|||
@ -0,0 +1,147 @@ |
|||
.. _config_questions: |
|||
|
|||
Reset by questions |
|||
================== |
|||
|
|||
|
|||
How it works? |
|||
------------- |
|||
|
|||
First, the user should choose a question and register an answer. This |
|||
answer will be stored in an attribute of its LDAP entry with this |
|||
syntax: |
|||
|
|||
:: |
|||
|
|||
{questionid}answer |
|||
|
|||
.. warning:: You should configure your LDAP directory to protect this |
|||
data, to be only accessed by Self Service Password. See also in this |
|||
page how to encrypt values into LDAP directory. |
|||
|
|||
.. warning:: The data will be written by the user or by the manager, |
|||
depending on ``$who_change_password`` parameter. |
|||
|
|||
Then, the user can reset its password by entering its answer and setting |
|||
a new password. |
|||
|
|||
Activation |
|||
---------- |
|||
|
|||
You can enable or disable this feature with ``$use_questions``: |
|||
|
|||
.. code:: php |
|||
|
|||
$use_questions = true; |
|||
|
|||
Multiple answers |
|||
---------------- |
|||
|
|||
By default, a user can only register an answer to one question. You can |
|||
allow users to register an answer to more than one question with this |
|||
parameter: |
|||
|
|||
.. code:: php |
|||
|
|||
$multiple_answers = true; |
|||
|
|||
Then the user can use any valid answer to reset its password. |
|||
|
|||
You can also configure how many questions are displayed in the form. |
|||
If you want to require 2 answers to 2 different questions, configure ``$questions_count``: |
|||
|
|||
.. code:: php |
|||
|
|||
$questions_count = 2; |
|||
|
|||
Populate questions |
|||
------------------ |
|||
|
|||
This feature allows users to first submit an empty form with just their login. |
|||
The form will be displayed again with questions already registered for this user. |
|||
As this lowers the security, this is disabled by defaut. |
|||
Configure ``$question_populate_enable`` to enable it: |
|||
|
|||
.. code:: php |
|||
|
|||
$question_populate_enable = true; |
|||
|
|||
Attribute and object class |
|||
-------------------------- |
|||
|
|||
Set the attribute in which the answer will be stored: |
|||
|
|||
.. code:: php |
|||
|
|||
$answer_attribute = "info"; |
|||
|
|||
.. warning:: The attribute name must be in lower case, this is required |
|||
by php-ldap API. |
|||
|
|||
If the above attribute is not in a standard user object class, configure |
|||
the object class to use with this attribute: |
|||
|
|||
.. code:: php |
|||
|
|||
$answer_objectClass = "extensibleObject"; |
|||
|
|||
.. tip:: The object class will be added to the entry only if it is not |
|||
already present. |
|||
|
|||
If you enabled multiple answers, you can choose if they will be stored as multiple values |
|||
of the attribute, or stored in a single value: |
|||
|
|||
.. code:: php |
|||
|
|||
$multiple_answers_one_str = true; |
|||
|
|||
On Active Directory, extensibleObject is not known. You can use for example: |
|||
|
|||
.. code:: php |
|||
|
|||
$answer_attribute = "comment"; |
|||
$answer_objectClass = "user"; |
|||
|
|||
Crypt answers |
|||
------------- |
|||
|
|||
Before 1.3 release, answers could not be encrypted in LDAP directory. An |
|||
option can now be used to encrypt answers: |
|||
|
|||
.. code:: php |
|||
|
|||
$crypt_answers = true; |
|||
|
|||
You can set this option to ``false`` to keep the old behavior. |
|||
|
|||
.. warning:: If you enable this option, you must change the default |
|||
value of the `security keyphrase <config_general#security>`__ |
|||
|
|||
A script is provided to encrypt all clear text answers in LDAP |
|||
directory, to allow a swooth migration. Just run the script (it will use |
|||
your SSP LDAP settings to update values): |
|||
|
|||
.. prompt:: bash # |
|||
|
|||
php /usr/share/self-service-password/scripts/encrypt_answers.php |
|||
|
|||
Edit questions |
|||
-------------- |
|||
|
|||
Default questions are registered in lang files: ``lang/**codelang**.inc.php``. |
|||
|
|||
To add a question, you can create a new value in the |
|||
``$messages['questions']`` array, directly in local configuration file |
|||
(``config.inc.local.php``): |
|||
|
|||
.. code:: php |
|||
|
|||
$messages['questions']['ice'] = "What is your favorite ice cream flavor?"; |
|||
|
|||
Or better, to be able to translate it, create it in every customized lang file under ``conf/``. |
|||
|
|||
To disable the default questions form the main configuration file, set: |
|||
|
|||
.. code:: php |
|||
|
|||
$questions_use_default = true; |
|||
@ -0,0 +1,157 @@ |
|||
Reset by SMS |
|||
============ |
|||
|
|||
How it works? |
|||
------------- |
|||
|
|||
First, the user will enter his login. With this login, SSP will try to |
|||
get information, like name and mobile phone number. |
|||
|
|||
If information is found, the user can check it and confirm the sent of |
|||
reset code trough SMS. |
|||
|
|||
A message is sent either to an Email to SMS gateway, either trough an |
|||
API (called with PHP code or by script). |
|||
|
|||
SMS provider |
|||
------------ |
|||
|
|||
You first have to choose SMS provider. Search the web to find one, many |
|||
have a free trial so you can test the feature. |
|||
|
|||
Some known providers: |
|||
|
|||
- Email 2 SMS: |
|||
|
|||
- `SMS Global <https://www.smsglobal.com/>`__ |
|||
|
|||
- API: |
|||
|
|||
- `SMS Global <https://www.smsglobal.com/>`__ |
|||
- `Smart Focus <https://help-developer.smartfocus.com/>`__ |
|||
- `OVH SMS API <https://docs.ovh.com/fr/sms/envoyer_des_sms_avec_lapi_ovh_en_php/>`__ |
|||
|
|||
Activation |
|||
---------- |
|||
|
|||
You can enable or disable this feature with $use_sms: |
|||
|
|||
.. code:: php |
|||
|
|||
$use_sms = true; |
|||
|
|||
.. warning:: If you enable this option, you must change the default |
|||
value of the security keyphrase. |
|||
|
|||
Method |
|||
------ |
|||
|
|||
Choose which method to use, ``mail`` or ``api``: |
|||
|
|||
.. code:: php |
|||
|
|||
$sms_method = "mail"; |
|||
|
|||
Mail |
|||
^^^^ |
|||
|
|||
If you choose the mail method, the mail will be sent to SMS provider |
|||
trough mail configuration (see :ref:`config_mail`). |
|||
|
|||
You can adjust some settings here, depending on provider guidelines: |
|||
|
|||
.. code:: php |
|||
|
|||
# Send SMS mail to address |
|||
$smsmailto = "{sms_attribute}@service.provider.com"; |
|||
# Subject when sending email to SMTP to SMS provider |
|||
$smsmail_subject = "Provider code"; |
|||
|
|||
API |
|||
^^^ |
|||
|
|||
If you choose API, you need to define which library will be called: |
|||
|
|||
.. code:: php |
|||
|
|||
$sms_api_lib = "lib/smsapi.inc.php"; |
|||
|
|||
In this library, you must define the ``send_sms_by_api`` function: |
|||
|
|||
.. code:: php |
|||
|
|||
function send_sms_by_api($mobile, $message) { |
|||
|
|||
# PHP code |
|||
# ... |
|||
|
|||
# Or call to external script |
|||
# $command = escapeshellcmd(/path/to/script).' '.escapeshellarg($mobile).' '.escapeshellarg($message); |
|||
# exec($command); |
|||
|
|||
return 1; |
|||
} |
|||
|
|||
Read the provider guidelines to know how to access its API. |
|||
|
|||
.. tip:: An example is given in lib/smsapi-example.inc.php. Copy this |
|||
file to lib/smsapi.inc.php and start coding! |
|||
|
|||
See also :ref:`sms_api`. |
|||
|
|||
Mobile attribute |
|||
---------------- |
|||
|
|||
Set here which LDAP attribute hold the user mobile phone: |
|||
|
|||
.. code:: php |
|||
|
|||
$sms_attribute = "mobile"; |
|||
|
|||
You can also partially hide the value when it is displayed on the |
|||
confirmation page: |
|||
|
|||
.. code:: php |
|||
|
|||
$sms_partially_hide_number = true; |
|||
|
|||
To remove any non digit character from SMS number; |
|||
|
|||
.. code:: php |
|||
|
|||
$sms_sanitize_number = true; |
|||
|
|||
To truncate SMS number: |
|||
|
|||
.. code:: php |
|||
|
|||
$sms_truncate_number = true; |
|||
$sms_truncate_number_length = 10; |
|||
|
|||
Message |
|||
------- |
|||
|
|||
Set the message here, it uses by default the ``smsresetmessage`` message |
|||
defined in lang files and the ``smstoken`` parameter: |
|||
|
|||
.. code:: php |
|||
|
|||
# Message |
|||
$sms_message = "{smsresetmessage} {smstoken}"; |
|||
|
|||
Token |
|||
----- |
|||
|
|||
You can set the token length: |
|||
|
|||
.. code:: php |
|||
|
|||
$sms_token_length = 6; |
|||
|
|||
You can also configure the allowed attempts: |
|||
|
|||
.. code:: php |
|||
|
|||
$max_attempts = 3; |
|||
|
|||
After these attempts, the sent token is no more valid. |
|||
@ -0,0 +1,83 @@ |
|||
.. _config_tokens: |
|||
|
|||
Reset by mail tokens |
|||
==================== |
|||
|
|||
How it works? |
|||
------------- |
|||
|
|||
First, the user will enter his login and his mail address. A mail is |
|||
sent to him. |
|||
|
|||
Then, the user click on the link in the mail, an can set a new password. |
|||
|
|||
.. tip:: PHP sessions are used to store and retrieve token on server |
|||
side. |
|||
|
|||
Activation |
|||
---------- |
|||
|
|||
You can enable or disable this feature with ``$use_tokens``: |
|||
|
|||
.. code:: php |
|||
|
|||
$use_tokens = true; |
|||
|
|||
Mail configuration |
|||
------------------ |
|||
|
|||
See :ref:`config_mail`. |
|||
|
|||
You can also avoid to request the mail to the user, only the login will |
|||
be asekd, and the mail will be read in LDAP: |
|||
|
|||
.. code:: php |
|||
|
|||
$mail_address_use_ldap = true; |
|||
|
|||
Security |
|||
-------- |
|||
|
|||
You can crypt tokens, to protect the session identifier: |
|||
|
|||
.. code:: php |
|||
|
|||
$crypt_tokens = true; |
|||
|
|||
.. warning:: If you enable this option, you must change the default |
|||
value of the security keyphrase. |
|||
|
|||
You should set a token lifetime, so they are deleted if unused. The |
|||
value is in seconds: |
|||
|
|||
.. code:: php |
|||
|
|||
$token_lifetime = "3600"; |
|||
|
|||
.. warning:: Token deletion is managed by PHP session garbage |
|||
collector. |
|||
|
|||
Log |
|||
--- |
|||
|
|||
By default, generated URLs are logged in the default Apache error log. |
|||
This behavior can be changed, to log in a specific file: |
|||
|
|||
.. code:: php |
|||
|
|||
$reset_request_log = "/var/log/self-service-password"; |
|||
|
|||
.. warning:: Apache user must have write permission on this |
|||
file. |
|||
|
|||
Reset URL |
|||
--------- |
|||
|
|||
By default, reset URL is computed using server name and port, but these |
|||
values can be wrong if the application is behind a reverse proxy. In |
|||
this case you can set yourself the reset URL: |
|||
|
|||
.. code:: php |
|||
|
|||
$reset_url = $_SERVER['HTTP_X_FORWARDED_PROTO'] . "://" . $_SERVER['HTTP_X_FORWARDED_HOST'] . $_SERVER['SCRIPT_NAME']; |
|||
|
|||
@ -0,0 +1,8 @@ |
|||
Webserver configuration |
|||
======================= |
|||
|
|||
.. toctree:: |
|||
:maxdepth: 1 |
|||
|
|||
config_apache.rst |
|||
config_nginx.rst |
|||
|
After Width: 16 | Height: 11 | Size: 593 B |
|
After Width: 16 | Height: 11 | Size: 398 B |
|
After Width: 16 | Height: 11 | Size: 472 B |
|
After Width: 16 | Height: 11 | Size: 439 B |
|
After Width: 16 | Height: 11 | Size: 476 B |
|
After Width: 16 | Height: 11 | Size: 545 B |
|
After Width: 16 | Height: 11 | Size: 429 B |
|
After Width: 16 | Height: 11 | Size: 469 B |
|
After Width: 16 | Height: 11 | Size: 545 B |
|
After Width: 16 | Height: 11 | Size: 487 B |
|
After Width: 16 | Height: 11 | Size: 432 B |
|
After Width: 16 | Height: 11 | Size: 420 B |
|
After Width: 16 | Height: 11 | Size: 420 B |
|
After Width: 140 | Height: 150 | Size: 12 KiB |
|
After Width: 1200 | Height: 1000 | Size: 1.5 MiB |
|
After Width: 16 | Height: 11 | Size: 453 B |
|
After Width: 16 | Height: 11 | Size: 512 B |
|
After Width: 16 | Height: 11 | Size: 374 B |
|
After Width: 16 | Height: 11 | Size: 554 B |
|
After Width: 16 | Height: 11 | Size: 423 B |
|
After Width: 16 | Height: 11 | Size: 420 B |
|
After Width: 16 | Height: 11 | Size: 542 B |
|
After Width: 16 | Height: 11 | Size: 562 B |
|
After Width: 16 | Height: 11 | Size: 436 B |
|
After Width: 16 | Height: 11 | Size: 492 B |
|
After Width: 16 | Height: 11 | Size: 446 B |
|
After Width: 16 | Height: 11 | Size: 609 B |
@ -0,0 +1,22 @@ |
|||
LDAP Tool Box Self Service Password documentation |
|||
================================================= |
|||
|
|||
.. image:: images/ltb_ssp_screenshot.png |
|||
|
|||
.. toctree:: |
|||
:maxdepth: 2 |
|||
:caption: Contents: |
|||
|
|||
presentation.rst |
|||
installation.rst |
|||
config_webserver.rst |
|||
config_general.rst |
|||
config_ldap.rst |
|||
config_ppolicy.rst |
|||
config_questions.rst |
|||
config_tokens.rst |
|||
config_sms.rst |
|||
config_mail.rst |
|||
config_preposthook.rst |
|||
webservices.rst |
|||
|
|||
@ -0,0 +1,115 @@ |
|||
Installation |
|||
============ |
|||
|
|||
From tarball |
|||
------------ |
|||
|
|||
Uncompress and unarchive the tarball: |
|||
|
|||
.. prompt:: bash $ |
|||
|
|||
tar -zxvf ltb-project-self-service-password-*.tar.gz |
|||
|
|||
Install files in ``/usr/share/``: |
|||
|
|||
.. prompt:: bash # |
|||
|
|||
mv ltb-project-self-service-password-* /usr/share/self-service-password |
|||
|
|||
You need to install these prerequisites: |
|||
|
|||
* Apache or another web server |
|||
* php (7 or later) |
|||
* php-curl (haveibeenpwned api) |
|||
* php-filter |
|||
* php-gd (captcha) |
|||
* php-ldap |
|||
* php-mbstring (reset mail) |
|||
* php-openssl (token crypt, probably built-in) |
|||
* Smarty (version 3) |
|||
|
|||
Debian / Ubuntu |
|||
--------------- |
|||
|
|||
Configure the repository: |
|||
|
|||
.. prompt:: bash # |
|||
|
|||
vi /etc/apt/sources.list.d/ltb-project.list |
|||
|
|||
.. code-block:: ini |
|||
|
|||
deb [arch=amd64] https://ltb-project.org/debian/stable stable main |
|||
|
|||
Import repository key: |
|||
|
|||
.. prompt:: bash # |
|||
|
|||
wget -O - https://ltb-project.org/wiki/lib/RPM-GPG-KEY-LTB-project | sudo apt-key add - |
|||
|
|||
Then update: |
|||
|
|||
.. prompt:: bash # |
|||
|
|||
apt update |
|||
|
|||
You are now ready to install: |
|||
|
|||
.. prompt:: bash # |
|||
|
|||
apt install self-service-password |
|||
|
|||
CentOS / RedHat |
|||
--------------- |
|||
|
|||
.. warning:: You may need to install first the package `php-Smarty`_ which is not in official repositories. |
|||
|
|||
.. _php-Smarty: https://pkgs.org/download/php-Smarty |
|||
|
|||
Configure the yum repository: |
|||
|
|||
.. prompt:: bash # |
|||
|
|||
vi /etc/yum.repos.d/ltb-project.repo |
|||
|
|||
.. code-block:: ini |
|||
|
|||
[ltb-project-noarch] |
|||
name=LTB project packages (noarch) |
|||
baseurl=https://ltb-project.org/rpm/$releasever/noarch |
|||
enabled=1 |
|||
gpgcheck=1 |
|||
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project |
|||
|
|||
Then update: |
|||
|
|||
.. prompt:: bash # |
|||
|
|||
yum update |
|||
|
|||
Import repository key: |
|||
|
|||
.. prompt:: bash # |
|||
|
|||
rpm --import https://ltb-project.org/wiki/lib/RPM-GPG-KEY-LTB-project |
|||
|
|||
You are now ready to install: |
|||
|
|||
.. prompt:: bash # |
|||
|
|||
yum install self-service-password |
|||
|
|||
.. warning:: CentOS 7 comes with PHP 5 by default, you need to install PHP 7. |
|||
|
|||
Docker |
|||
------ |
|||
|
|||
Prepare a local configuration file for Self Service Password, for example ``/home/test/ssp.conf.php``. |
|||
|
|||
Start container, mounting that configuration file: |
|||
|
|||
.. prompt:: bash # |
|||
|
|||
docker run -p 80:80 \ |
|||
-v /home/test/ssp.conf.php:/var/www/conf/config.inc.local.php \ |
|||
-it docker.io/ltbproject/self-service-password:latest |
|||
@ -0,0 +1,19 @@ |
|||
Presentation |
|||
============ |
|||
|
|||
LDAP Tool Box Self Service Password is a web application for end users. |
|||
It allows them to change or reset their password if they lost it. |
|||
|
|||
It works with any LDAP directory, including Active Directory. |
|||
|
|||
Features |
|||
-------- |
|||
|
|||
* Standard password change |
|||
* Reset by questions, token sent by mail, token sent by SMS |
|||
* Local password policy |
|||
* LDAP advanced usage: password modify extended operation, password policy control |
|||
* SSH key change |
|||
* Active Directory and Samba modes |
|||
* Prehook/Posthook: a script can be launched before and after the password is changed |
|||
* Mail notifications |
|||
@ -0,0 +1,2 @@ |
|||
sphinx-prompt |
|||
sphinxcontrib.openapi |
|||
@ -0,0 +1,76 @@ |
|||
.. _sms_api: |
|||
|
|||
SMS API |
|||
======= |
|||
|
|||
This page presents some code samples to send SMS trough API of SMS |
|||
providers. |
|||
|
|||
LinkMobility (pswin) |
|||
-------------------- |
|||
|
|||
Provider website: https://www.linkmobility.com/ |
|||
|
|||
.. code:: php |
|||
|
|||
function send_sms_by_api($mobile, $message) { |
|||
$post = [ |
|||
'USER' => 'api_username', |
|||
'PW' => 'api_password', |
|||
'SND' => 'SenderName', |
|||
'RCV' => $mobile, |
|||
'TXT' => $message, |
|||
]; |
|||
$ch = curl_init(); |
|||
curl_setopt($ch, CURLOPT_URL, 'https://simple.pswin.com'); |
|||
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); |
|||
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post)); |
|||
$response = curl_exec($ch); |
|||
|
|||
return 1; |
|||
} |
|||
|
|||
Twilio |
|||
------ |
|||
|
|||
Provider website: https://www.twilio.com/ |
|||
|
|||
Code sample provided in SSP sources: |
|||
https://raw.githubusercontent.com/ltb-project/self-service-password/master/lib/smsapi-twilio.inc.php |
|||
|
|||
You can enable it in configuration: |
|||
|
|||
.. code:: php |
|||
|
|||
$sms_api_lib = "lib/smsapi-twilio.inc.php"; |
|||
$twilio_sid = '<sid>'; |
|||
$twilio_auth_token = '<authtoken>'; |
|||
$twilio_outgoing_number = '+18881234567'; |
|||
$twilio_lookup_first = true; |
|||
|
|||
OVH |
|||
--- |
|||
|
|||
Provider website: https://www.ovh.com/ |
|||
|
|||
Code sample provided in SSP sources: |
|||
https://raw.githubusercontent.com/ltb-project/self-service-password/master/lib/smsapi-ovh.inc.php |
|||
|
|||
Get credentials here: |
|||
https://api.ovh.com/createToken/index.cgi?GET=/sms&GET=/sms/*&PUT=/sms/*&DELETE=/sms/*&POST=/sms/* |
|||
|
|||
Go to lib/ovhsms and type |
|||
|
|||
.. code:: sh |
|||
composer install |
|||
|
|||
Then you can enable it in configuration: |
|||
|
|||
.. code:: php |
|||
|
|||
$sms_api_lib = "lib/ovhsms/smsapi-ovh.inc.php"; |
|||
$ovh_appkey="KKK"; |
|||
$ovh_appsecret="SSS"; |
|||
$ovh_consumerkey="CCC"; |
|||
$ovh_smssender="MYSENDER"; |
|||
|
|||
@ -0,0 +1,22 @@ |
|||
Webservices (REST API) |
|||
====================== |
|||
|
|||
Configuration |
|||
------------- |
|||
|
|||
REST API access is forbidden by default in web server configuration. |
|||
|
|||
You must allow and protect access (for example with htaccess). |
|||
|
|||
You must also enable rest_api in configuration: |
|||
|
|||
.. code:: php |
|||
|
|||
$use_restapi = true; |
|||
|
|||
API |
|||
--- |
|||
|
|||
Here are available services: |
|||
|
|||
.. openapi:: ../rest/v1/doc/openapi-spec.yaml |
|||
@ -0,0 +1,41 @@ |
|||
#!/usr/bin/perl |
|||
# |
|||
# Script to parse Github JSON API response and convert to changelog |
|||
# Usage: curl 'https://api.github.com/repos/ltb-project/self-service-password/issues?milestone=MILESTONE&state=all&direction=asc&per_page=100&page=1' | perl github-issues-to-changelog.pl |
|||
|
|||
use JSON; |
|||
|
|||
my $input; |
|||
while(<>) { $input .= "$_\n"; } |
|||
|
|||
my $json = decode_json $input; |
|||
|
|||
# Debian changelog |
|||
print "# Debian\n"; |
|||
foreach my $issue (@$json) { |
|||
print " * gh#" . $issue->{number} .": " . $issue->{title} . "\n"; |
|||
} |
|||
print "\n"; |
|||
|
|||
# RPM changelog |
|||
print "# RPM\n"; |
|||
foreach my $issue (@$json) { |
|||
print "- gh#" . $issue->{number} .": " . $issue->{title} . "\n"; |
|||
} |
|||
print "\n"; |
|||
|
|||
# GitHub changelog |
|||
print "# GitHub\n"; |
|||
foreach my $issue (@$json) { |
|||
print "* #" . $issue->{number} .": " . $issue->{title} . "\n"; |
|||
} |
|||
print "\n"; |
|||
|
|||
# Release contributors |
|||
print "# Contributors\n"; |
|||
foreach my $issue (@$json) { |
|||
print "Author of issue #" . $issue->{number} .": " . $issue->{user}->{login} . "\n"; |
|||
} |
|||
|
|||
|
|||
exit 0; |
|||
@ -0,0 +1,33 @@ |
|||
<?php |
|||
#==============================================================================
|
|||
# LTB Self Service Password
|
|||
#
|
|||
# Copyright (C) 2009 Clement OUDOT
|
|||
# Copyright (C) 2009 LTB-project.org
|
|||
#
|
|||
# This program is free software; you can redistribute it and/or
|
|||
# modify it under the terms of the GNU General Public License
|
|||
# as published by the Free Software Foundation; either version 2
|
|||
# of the License, or (at your option) any later version.
|
|||
#
|
|||
# This program is distributed in the hope that it will be useful,
|
|||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|||
# GNU General Public License for more details.
|
|||
#
|
|||
# GPL License: http://www.gnu.org/licenses/gpl.txt
|
|||
#
|
|||
#==============================================================================
|
|||
|
|||
require_once("../lib/vendor/autoload.php"); |
|||
use Gregwar\Captcha\CaptchaBuilder; |
|||
session_start(); |
|||
|
|||
$captcha = new CaptchaBuilder; |
|||
$_SESSION['phrase'] = $captcha->getPhrase(); |
|||
header('Content-Type: image/jpeg'); |
|||
$captcha |
|||
->build() |
|||
->output() |
|||
; |
|||
?>
|
|||
@ -0,0 +1,217 @@ |
|||
<?php |
|||
#==============================================================================
|
|||
# LTB Self Service Password
|
|||
#
|
|||
# Copyright (C) 2009 Clement OUDOT
|
|||
# Copyright (C) 2009 LTB-project.org
|
|||
#
|
|||
# This program is free software; you can redistribute it and/or
|
|||
# modify it under the terms of the GNU General Public License
|
|||
# as published by the Free Software Foundation; either version 2
|
|||
# of the License, or (at your option) any later version.
|
|||
#
|
|||
# This program is distributed in the hope that it will be useful,
|
|||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|||
# GNU General Public License for more details.
|
|||
#
|
|||
# GPL License: http://www.gnu.org/licenses/gpl.txt
|
|||
#
|
|||
#==============================================================================
|
|||
|
|||
# This page is called to change password
|
|||
|
|||
#==============================================================================
|
|||
# POST parameters
|
|||
#==============================================================================
|
|||
# Initiate vars
|
|||
$result = ""; |
|||
$login = $presetLogin; |
|||
$confirmpassword = ""; |
|||
$newpassword = ""; |
|||
$oldpassword = ""; |
|||
$captchaphrase = ""; |
|||
$ldap = ""; |
|||
$userdn = ""; |
|||
if (!isset($pwd_forbidden_chars)) { $pwd_forbidden_chars=""; } |
|||
$mail = ""; |
|||
$extended_error_msg = ""; |
|||
|
|||
if ($use_captcha) { |
|||
if (isset($_POST["captchaphrase"]) and $_POST["captchaphrase"]) { $captchaphrase = strval($_POST["captchaphrase"]); } |
|||
else { $result = "captcharequired"; } |
|||
} |
|||
if (isset($_POST["confirmpassword"]) and $_POST["confirmpassword"]) { $confirmpassword = strval($_POST["confirmpassword"]); } |
|||
else { $result = "confirmpasswordrequired"; } |
|||
if (isset($_POST["newpassword"]) and $_POST["newpassword"]) { $newpassword = strval($_POST["newpassword"]); } |
|||
else { $result = "newpasswordrequired"; } |
|||
if (isset($_POST["oldpassword"]) and $_POST["oldpassword"]) { $oldpassword = strval($_POST["oldpassword"]); } |
|||
else { $result = "oldpasswordrequired"; } |
|||
if (isset($_REQUEST["login"]) and $_REQUEST["login"]) { $login = strval($_REQUEST["login"]); } |
|||
else { $result = "loginrequired"; } |
|||
if (! isset($_REQUEST["login"]) and ! isset($_POST["confirmpassword"]) and ! isset($_POST["newpassword"]) and ! isset($_POST["oldpassword"])) |
|||
{ $result = "emptychangeform"; } |
|||
|
|||
# Check the entered username for characters that our installation doesn't support
|
|||
if ( $result === "" ) { |
|||
$result = check_username_validity($login,$login_forbidden_chars); |
|||
} |
|||
|
|||
# Match new and confirm password
|
|||
if ( $newpassword != $confirmpassword ) { $result="nomatch"; } |
|||
|
|||
#==============================================================================
|
|||
# Check captcha
|
|||
#==============================================================================
|
|||
if ( $result === "" && $use_captcha ) { |
|||
session_start(); |
|||
if ( !check_captcha($_SESSION['phrase'], $captchaphrase) ) { |
|||
$result = "badcaptcha"; |
|||
} |
|||
unset($_SESSION['phrase']); |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Check old password
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
|
|||
# Connect to LDAP
|
|||
$ldap = ldap_connect($ldap_url); |
|||
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); |
|||
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); |
|||
if ( $ldap_starttls && !ldap_start_tls($ldap) ) { |
|||
$result = "ldaperror"; |
|||
error_log("LDAP - Unable to use StartTLS"); |
|||
} else { |
|||
|
|||
# Bind
|
|||
if ( isset($ldap_binddn) && isset($ldap_bindpw) ) { |
|||
$bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw); |
|||
} else { |
|||
$bind = ldap_bind($ldap); |
|||
} |
|||
|
|||
if ( !$bind ) { |
|||
$result = "ldaperror"; |
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
error_log("LDAP - Bind error $errno (".ldap_error($ldap).")"); |
|||
} |
|||
} else { |
|||
|
|||
# Search for user
|
|||
$ldap_filter = str_replace("{login}", $login, $ldap_filter); |
|||
$search = ldap_search($ldap, $ldap_base, $ldap_filter); |
|||
|
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
$result = "ldaperror"; |
|||
error_log("LDAP - Search error $errno (".ldap_error($ldap).")"); |
|||
} else { |
|||
|
|||
# Get user DN
|
|||
$entry = ldap_first_entry($ldap, $search); |
|||
$userdn = ldap_get_dn($ldap, $entry); |
|||
|
|||
if( !$userdn ) { |
|||
$result = "badcredentials"; |
|||
error_log("LDAP - User $login not found"); |
|||
} else { |
|||
|
|||
# Get user email for notification
|
|||
if ( $notify_on_change ) { |
|||
$mailValues = ldap_get_values($ldap, $entry, $mail_attribute); |
|||
if ( $mailValues["count"] > 0 ) { |
|||
$mail = $mailValues[0]; |
|||
} |
|||
} |
|||
|
|||
# Check objectClass to allow samba and shadow updates
|
|||
$ocValues = ldap_get_values($ldap, $entry, 'objectClass'); |
|||
if ( !in_array( 'sambaSamAccount', $ocValues ) and !in_array( 'sambaSAMAccount', $ocValues ) ) { |
|||
$samba_mode = false; |
|||
} |
|||
if ( !in_array( 'shadowAccount', $ocValues ) ) { |
|||
$shadow_options['update_shadowLastChange'] = false; |
|||
$shadow_options['update_shadowExpire'] = false; |
|||
} |
|||
|
|||
$entry = ldap_get_attributes($ldap, $entry); |
|||
$entry['dn'] = $userdn; |
|||
|
|||
# Bind with old password
|
|||
$bind = ldap_bind($ldap, $userdn, $oldpassword); |
|||
if ( !$bind ) { |
|||
$result = "badcredentials"; |
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
error_log("LDAP - Bind user error $errno (".ldap_error($ldap).")"); |
|||
} |
|||
if ( ($errno == 49) && $ad_mode ) { |
|||
if ( ldap_get_option($ldap, 0x0032, $extended_error) ) { |
|||
error_log("LDAP - Bind user extended_error $extended_error (".ldap_error($ldap).")"); |
|||
$extended_error = explode(', ', $extended_error); |
|||
if ( strpos($extended_error[2], '773') or strpos($extended_error[0], 'NT_STATUS_PASSWORD_MUST_CHANGE') ) { |
|||
error_log("LDAP - Bind user password needs to be changed"); |
|||
$result = ""; |
|||
} |
|||
if ( ( strpos($extended_error[2], '532') or strpos($extended_error[0], 'NT_STATUS_ACCOUNT_EXPIRED') ) and $ad_options['change_expired_password'] ) { |
|||
error_log("LDAP - Bind user password is expired"); |
|||
$result = ""; |
|||
} |
|||
unset($extended_error); |
|||
} |
|||
} |
|||
} |
|||
if ( $result === "" ) { |
|||
|
|||
# Rebind as Manager if needed
|
|||
if ( $who_change_password == "manager" ) { |
|||
$bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw); |
|||
} |
|||
|
|||
}}}}} |
|||
|
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Check password strength
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
$result = check_password_strength( $newpassword, $oldpassword, $pwd_policy_config, $login, $entry ); |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Change password
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
if ( isset($prehook) ) { |
|||
$command = hook_command($prehook, $login, $newpassword, $oldpassword, $prehook_password_encodebase64); |
|||
exec($command, $prehook_output, $prehook_return); |
|||
} |
|||
if ( ! isset($prehook_return) || $prehook_return === 0 || $ignore_prehook_error ) { |
|||
$result = change_password($ldap, $userdn, $newpassword, $ad_mode, $ad_options, $samba_mode, $samba_options, $shadow_options, $hash, $hash_options, $who_change_password, $oldpassword, $ldap_use_exop_passwd, $ldap_use_ppolicy_control); |
|||
if ( $result === "passwordchanged" && isset($posthook) ) { |
|||
$command = hook_command($posthook, $login, $newpassword, $oldpassword, $posthook_password_encodebase64); |
|||
exec($command, $posthook_output, $posthook_return); |
|||
} |
|||
if ( $result !== "passwordchanged" ) { |
|||
if ( $show_extended_error ) { |
|||
ldap_get_option($ldap, 0x0032, $extended_error_msg); |
|||
} |
|||
} |
|||
} |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Notify password change
|
|||
#==============================================================================
|
|||
if ($result === "passwordchanged") { |
|||
if ($mail and $notify_on_change) { |
|||
$data = array( "login" => $login, "mail" => $mail, "password" => $newpassword); |
|||
if ( !send_mail($mailer, $mail, $mail_from, $mail_from_name, $messages["changesubject"], $messages["changemessage"].$mail_signature, $data) ) { |
|||
error_log("Error while sending change email to $mail (user $login)"); |
|||
} |
|||
} |
|||
} |
|||
@ -0,0 +1,157 @@ |
|||
<?php |
|||
#==============================================================================
|
|||
# LTB Self Service Password
|
|||
#
|
|||
# Copyright (C) 2009 Clement OUDOT
|
|||
# Copyright (C) 2009 LTB-project.org
|
|||
#
|
|||
# This program is free software; you can redistribute it and/or
|
|||
# modify it under the terms of the GNU General Public License
|
|||
# as published by the Free Software Foundation; either version 2
|
|||
# of the License, or (at your option) any later version.
|
|||
#
|
|||
# This program is distributed in the hope that it will be useful,
|
|||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|||
# GNU General Public License for more details.
|
|||
#
|
|||
# GPL License: http://www.gnu.org/licenses/gpl.txt
|
|||
#
|
|||
#==============================================================================
|
|||
|
|||
# This page is called to change sshPublicKey
|
|||
|
|||
#==============================================================================
|
|||
# POST parameters
|
|||
#==============================================================================
|
|||
# Initiate vars
|
|||
$result = ""; |
|||
$login = $presetLogin; |
|||
$password = ""; |
|||
$sshkey = ""; |
|||
$ldap = ""; |
|||
$userdn = ""; |
|||
$mail = ""; |
|||
$captchaphrase = ""; |
|||
|
|||
if ($use_captcha) { |
|||
if (isset($_POST["captchaphrase"]) and $_POST["captchaphrase"]) { $captchaphrase = strval($_POST["captchaphrase"]); } |
|||
else { $result = "captcharequired"; } |
|||
} |
|||
if (isset($_POST["password"]) and $_POST["password"]) { $password = strval($_POST["password"]); } |
|||
else { $result = "passwordrequired"; } |
|||
if (isset($_POST["sshkey"]) and $_POST["sshkey"]) { $sshkey = strval($_POST["sshkey"]); } |
|||
else { $result = "sshkeyrequired"; } |
|||
if (isset($_REQUEST["login"]) and $_REQUEST["login"]) { $login = strval($_REQUEST["login"]); } |
|||
else { $result = "loginrequired"; } |
|||
if (! isset($_REQUEST["login"]) and ! isset($_POST["password"]) and ! isset($_POST["sshkey"])) |
|||
{ $result = "emptysshkeychangeform"; } |
|||
|
|||
# Check the entered username for characters that our installation doesn't support
|
|||
if ( $result === "" ) { |
|||
$result = check_username_validity($login,$login_forbidden_chars); |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Check captcha
|
|||
#==============================================================================
|
|||
if ( $result === "" && $use_captcha ) { |
|||
session_start(); |
|||
if ( !check_captcha($_SESSION['phrase'], $captchaphrase) ) { |
|||
$result = "badcaptcha"; |
|||
} |
|||
unset($_SESSION['phrase']); |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Check password
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
|
|||
# Connect to LDAP
|
|||
$ldap = ldap_connect($ldap_url); |
|||
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); |
|||
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); |
|||
if ( $ldap_starttls && !ldap_start_tls($ldap) ) { |
|||
$result = "ldaperror"; |
|||
error_log("LDAP - Unable to use StartTLS"); |
|||
} else { |
|||
|
|||
# Bind
|
|||
if ( isset($ldap_binddn) && isset($ldap_bindpw) ) { |
|||
$bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw); |
|||
} else { |
|||
$bind = ldap_bind($ldap); |
|||
} |
|||
|
|||
if ( !$bind ) { |
|||
$result = "ldaperror"; |
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
error_log("LDAP - Bind error $errno (".ldap_error($ldap).")"); |
|||
} |
|||
} else { |
|||
|
|||
# Search for user
|
|||
$ldap_filter = str_replace("{login}", $login, $ldap_filter); |
|||
$search = ldap_search($ldap, $ldap_base, $ldap_filter); |
|||
|
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
$result = "ldaperror"; |
|||
error_log("LDAP - Search error $errno (".ldap_error($ldap).")"); |
|||
} else { |
|||
|
|||
# Get user DN
|
|||
$entry = ldap_first_entry($ldap, $search); |
|||
$userdn = ldap_get_dn($ldap, $entry); |
|||
|
|||
if( !$userdn ) { |
|||
$result = "badcredentials"; |
|||
error_log("LDAP - User $login not found"); |
|||
} else { |
|||
|
|||
# Get user email for notification
|
|||
if ( $notify_on_sshkey_change ) { |
|||
$mailValues = ldap_get_values($ldap, $entry, $mail_attribute); |
|||
if ( $mailValues["count"] > 0 ) { |
|||
$mail = $mailValues[0]; |
|||
} |
|||
} |
|||
|
|||
# Bind with old password
|
|||
$bind = ldap_bind($ldap, $userdn, $password); |
|||
if ( !$bind ) { |
|||
$result = "badcredentials"; |
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
error_log("LDAP - Bind user error $errno (".ldap_error($ldap).")"); |
|||
} |
|||
} else { |
|||
|
|||
# Rebind as Manager if needed
|
|||
if ( $who_change_sshkey == "manager" ) { |
|||
$bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw); |
|||
} |
|||
|
|||
}}}}} |
|||
|
|||
} |
|||
|
|||
|
|||
#==============================================================================
|
|||
# Change sshPublicKey
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
$result = change_sshkey($ldap, $userdn, $change_sshkey_attribute, $sshkey); |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Notify password change
|
|||
#==============================================================================
|
|||
if ($mail and $notify_on_sshkey_change) { |
|||
$data = array( "login" => $login, "mail" => $mail, "sshkey" => $sshkey); |
|||
if ( !send_mail($mailer, $mail, $mail_from, $mail_from_name, $messages["changesshkeysubject"], $messages["changesshkeymessage"].$mail_signature, $data) ) { |
|||
error_log("Error while sending change email to $mail (user $login)"); |
|||
} |
|||
} |
|||
@ -0,0 +1,107 @@ |
|||
<?php |
|||
#==============================================================================
|
|||
# LTB Self Service Password
|
|||
#
|
|||
# Copyright (C) 2009 Clement OUDOT
|
|||
# Copyright (C) 2009 LTB-project.org
|
|||
#
|
|||
# This program is free software; you can redistribute it and/or
|
|||
# modify it under the terms of the GNU General Public License
|
|||
# as published by the Free Software Foundation; either version 2
|
|||
# of the License, or (at your option) any later version.
|
|||
#
|
|||
# This program is distributed in the hope that it will be useful,
|
|||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|||
# GNU General Public License for more details.
|
|||
#
|
|||
# GPL License: http://www.gnu.org/licenses/gpl.txt
|
|||
#
|
|||
#==============================================================================
|
|||
|
|||
# This page is called to reset a password when a valid token is found in URL
|
|||
|
|||
#==============================================================================
|
|||
# POST parameters
|
|||
#==============================================================================
|
|||
# Initiate vars
|
|||
$result = ""; |
|||
$login = $presetLogin; |
|||
$email = ""; |
|||
$firstname = ""; |
|||
$lastname = ""; |
|||
$token = ""; |
|||
$tokenid = ""; |
|||
$password = ""; |
|||
$ldap = ""; |
|||
$userdn = ""; |
|||
if (!isset($pwd_forbidden_chars)) { $pwd_forbidden_chars=""; } |
|||
$mail = ""; |
|||
$extended_error_msg = ""; |
|||
|
|||
if (isset($_REQUEST["token"]) and $_REQUEST["token"]) { $token = strval($_REQUEST["token"]); } |
|||
else { $result = "tokenrequired"; } |
|||
|
|||
#==============================================================================
|
|||
# Get token
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
|
|||
# Open session with the token
|
|||
if ( $crypt_tokens ) { |
|||
$tokenid = decrypt($token, $keyphrase); |
|||
} else { |
|||
$tokenid = $token; |
|||
} |
|||
|
|||
ini_set("session.use_cookies",0); |
|||
ini_set("session.use_only_cookies",1); |
|||
|
|||
session_id($tokenid); |
|||
session_name("token"); |
|||
session_start(); |
|||
$login = $_SESSION['login']; |
|||
$firstname = $_SESSION['firstname']; |
|||
$lastname = $_SESSION['lastname']; |
|||
$email = $_SESSION['email']; |
|||
$password = $_SESSION['password']; |
|||
|
|||
if ( !$login ) { |
|||
$result = "tokennotvalid"; |
|||
error_log("Unable to open session $tokenid"); |
|||
} else if (isset($token_lifetime)) { |
|||
# Manage lifetime with session content
|
|||
$tokentime = $_SESSION['time']; |
|||
if ( time() - $tokentime > $token_lifetime ) { |
|||
$result = "tokennotvalid"; |
|||
error_log("Token lifetime expired"); |
|||
} |
|||
} |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Get info
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
|
|||
if (isset($_POST["firstname"]) and $_POST["firstname"]) { $firstname = $_POST["firstname"]; } |
|||
else { $result = "firstnamerequired"; } |
|||
|
|||
if (isset($_POST["lastname"]) and $_POST["lastname"]) { $lastname = $_POST["lastname"]; } |
|||
else { $result = "lastnamerequired"; } |
|||
|
|||
if (isset($_POST["email"]) and $_POST["email"]) { $email = $_POST["email"]; } |
|||
else { $result = "emailrequired"; } |
|||
|
|||
if (isset($_POST["password"]) and $_POST["password"]) { $password = $_POST["password"]; } |
|||
else { $result = "passwordrequired"; } |
|||
} |
|||
|
|||
system("sudo yunohost user create $login -f $firstname -l $lastname -p '$password' -d yntest.weblibre.ca"); |
|||
system("sudo yunohost user update $login --add-mailforward $email"); |
|||
|
|||
# Delete token if all is ok
|
|||
if ( $result === "passwordchanged" ) { |
|||
$_SESSION = array(); |
|||
session_destroy(); |
|||
} |
|||
@ -0,0 +1,206 @@ |
|||
<?php |
|||
#==============================================================================
|
|||
# LTB Self Service Password
|
|||
#
|
|||
# Copyright (C) 2009 Clement OUDOT
|
|||
# Copyright (C) 2009 LTB-project.org
|
|||
#
|
|||
# This program is free software; you can redistribute it and/or
|
|||
# modify it under the terms of the GNU General Public License
|
|||
# as published by the Free Software Foundation; either version 2
|
|||
# of the License, or (at your option) any later version.
|
|||
#
|
|||
# This program is distributed in the hope that it will be useful,
|
|||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|||
# GNU General Public License for more details.
|
|||
#
|
|||
# GPL License: http://www.gnu.org/licenses/gpl.txt
|
|||
#
|
|||
#==============================================================================
|
|||
|
|||
# This page is called to change password
|
|||
|
|||
#==============================================================================
|
|||
# POST parameters
|
|||
#==============================================================================
|
|||
# Initiate vars
|
|||
$result = ""; |
|||
$login = $presetLogin; |
|||
$firstname = ""; |
|||
$lastname = ""; |
|||
$email = ""; |
|||
$password = ""; |
|||
$confirmpassword = ""; |
|||
$captchaphrase = ""; |
|||
$ldap = ""; |
|||
$userdn = ""; |
|||
if (!isset($pwd_forbidden_chars)) { $pwd_forbidden_chars=""; } |
|||
$mail = ""; |
|||
$extended_error_msg = ""; |
|||
|
|||
if ($use_captcha) { |
|||
if (isset($_POST["captchaphrase"]) and $_POST["captchaphrase"]) { $captchaphrase = strval($_POST["captchaphrase"]); } |
|||
else { $result = "captcharequired"; } |
|||
} |
|||
if (isset($_REQUEST["login"]) and $_REQUEST["login"]) { $login = strval($_REQUEST["login"]); } |
|||
else { $result = "loginrequired"; } |
|||
if (isset($_REQUEST["firstname"]) and $_REQUEST["firstname"]) { $firstname = strval($_REQUEST["firstname"]); } |
|||
else { $result = "firstnamerequired"; } |
|||
if (isset($_REQUEST["lastname"]) and $_REQUEST["lastname"]) { $lastname = strval($_REQUEST["lastname"]); } |
|||
else { $result = "lastnamerequired"; } |
|||
if (isset($_REQUEST["email"]) and $_REQUEST["email"]) { $email = strval($_REQUEST["email"]); } |
|||
else { $result = "emailrequired"; } |
|||
if (isset($_POST["password"]) and $_POST["password"]) { $password = strval($_POST["password"]); } |
|||
else { $result = "passwordrequired"; } |
|||
if (isset($_POST["confirmpassword"]) and $_POST["confirmpassword"]) { $confirmpassword = strval($_POST["confirmpassword"]); } |
|||
else { $result = "confirmpasswordrequired"; } |
|||
if (! isset($_REQUEST["login"]) and ! isset($_POST["email"]) and ! isset($_POST["password"]) and ! isset($_POST["confirmpassword"])) |
|||
{ $result = "createaccount"; } |
|||
|
|||
# Check the entered username for characters that our installation doesn't support
|
|||
if ( $result === "" ) { |
|||
$result = check_username_validity($login,$login_forbidden_chars); |
|||
} |
|||
|
|||
# Match new and confirm password
|
|||
if ( $password != $confirmpassword ) { $result="nomatch"; } |
|||
|
|||
#==============================================================================
|
|||
# Check captcha
|
|||
#==============================================================================
|
|||
if ( $result === "" && $use_captcha ) { |
|||
session_start(); |
|||
if ( !check_captcha($_SESSION['phrase'], $captchaphrase) ) { |
|||
$result = "badcaptcha"; |
|||
} |
|||
unset($_SESSION['phrase']); |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Check old password
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
|
|||
# Connect to LDAP
|
|||
$ldap = ldap_connect($ldap_url); |
|||
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); |
|||
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); |
|||
if ( $ldap_starttls && !ldap_start_tls($ldap) ) { |
|||
$result = "ldaperror"; |
|||
error_log("LDAP - Unable to use StartTLS"); |
|||
} else { |
|||
|
|||
# Bind
|
|||
if ( isset($ldap_binddn) && isset($ldap_bindpw) ) { |
|||
$bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw); |
|||
} else { |
|||
$bind = ldap_bind($ldap); |
|||
} |
|||
|
|||
if ( !$bind ) { |
|||
$result = "ldaperror"; |
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
error_log("LDAP - Bind error $errno (".ldap_error($ldap).")"); |
|||
} |
|||
} else { |
|||
|
|||
# Search for user
|
|||
$ldap_filter = str_replace("{login}", $email, $ldap_filter); |
|||
$search = ldap_search($ldap, $ldap_base, $ldap_filter); |
|||
|
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
$result = "ldaperror"; |
|||
error_log("LDAP - Search error $errno (".ldap_error($ldap).")"); |
|||
} else { |
|||
|
|||
# Get user DN
|
|||
$entry = ldap_first_entry($ldap, $search); |
|||
if ( $entry != false ) { |
|||
$userdn = ldap_get_dn($ldap, $entry); |
|||
if( $userdn ) { |
|||
$result = "userexists"; |
|||
error_log("LDAP - User $login found"); |
|||
} |
|||
} |
|||
}}} |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Check password strength
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
$result = check_password_strength( $password, "" , $pwd_policy_config, $login, $entry ); |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Build and store token
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
|
|||
# Use PHP session to register token
|
|||
# We do not generate cookie
|
|||
ini_set("session.use_cookies",0); |
|||
ini_set("session.use_only_cookies",1); |
|||
|
|||
session_name("token"); |
|||
session_start(); |
|||
$_SESSION['login'] = $login; |
|||
$_SESSION['firstname'] = $firstname; |
|||
$_SESSION['lastname'] = $lastname; |
|||
$_SESSION['email'] = $email; |
|||
$_SESSION['password'] = $password; |
|||
$_SESSION['time'] = time(); |
|||
|
|||
if ( $crypt_tokens ) { |
|||
$token = encrypt(session_id(), $keyphrase); |
|||
} else { |
|||
$token = session_id(); |
|||
} |
|||
|
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Send token by mail
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
|
|||
if ( empty($reset_url) ) { |
|||
|
|||
# Build reset by token URL
|
|||
$method = "http"; |
|||
if ( !empty($_SERVER['HTTPS']) ) { $method .= "s"; } |
|||
$server_name = $_SERVER['SERVER_NAME']; |
|||
$server_port = $_SERVER['SERVER_PORT']; |
|||
$script_name = $_SERVER['SCRIPT_NAME']; |
|||
|
|||
# Force server port if non standard port
|
|||
if ( ( $method === "http" and $server_port != "80" ) |
|||
or ( $method === "https" and $server_port != "443" ) |
|||
) { |
|||
$server_name .= ":".$server_port; |
|||
} |
|||
|
|||
$reset_url = $method."://".$server_name.$script_name; |
|||
} |
|||
|
|||
$reset_url .= "?action=confirmcreate&token=".urlencode($token); |
|||
|
|||
if ( !empty($reset_request_log) ) { |
|||
error_log("Send reset URL " . ( $debug ? "$reset_url" : "HIDDEN") . "\n\n", 3, $reset_request_log); |
|||
} else { |
|||
error_log("Send reset URL " . ( $debug ? "$reset_url" : "HIDDEN")); |
|||
} |
|||
|
|||
$data = array( "login" => $login, "email" => $email, "url" => $reset_url ) ; |
|||
|
|||
# Send message
|
|||
if ( send_mail($mailer, $email, $mail_from, $mail_from_name, $messages["resetsubject"], $messages["resetmessage"].$mail_signature, $data) ) { |
|||
$result = "tokensent"; |
|||
} else { |
|||
$result = "tokennotsent"; |
|||
error_log("Error while sending token to $email (user $login)"); |
|||
} |
|||
} |
|||
@ -0,0 +1,68 @@ |
|||
/* CSS for LDAP Tool Box Self Service Password */ |
|||
|
|||
html, body { |
|||
background: #eee; |
|||
padding-top: 20px; |
|||
font-size: 12pt; |
|||
} |
|||
|
|||
a, a:hover { |
|||
text-decoration: none; |
|||
} |
|||
|
|||
.panel, .alert, .navbar-wrapper { |
|||
box-shadow:0 3px 6px rgba(0,0,0,.25); |
|||
} |
|||
|
|||
.panel { |
|||
background-color:#fff; |
|||
background-color:rgba(255,255,255,0.8); |
|||
} |
|||
|
|||
img.logo { |
|||
margin-bottom: 20px; |
|||
} |
|||
|
|||
img.menu-logo { |
|||
display: inline; |
|||
height: 25px; |
|||
} |
|||
|
|||
.table { |
|||
margin-bottom: 0; |
|||
} |
|||
|
|||
.display img { |
|||
margin-bottom: 20px; |
|||
} |
|||
|
|||
.input-group-addon label { |
|||
margin: 0; |
|||
font-weight: normal; |
|||
} |
|||
|
|||
div#footer { |
|||
position:fixed; |
|||
bottom:0; |
|||
background-color:#fff; |
|||
background-color:rgba(255,255,255,0.8); |
|||
text-align:center; |
|||
padding:5px; |
|||
width:100%; |
|||
} |
|||
|
|||
@media print { |
|||
|
|||
html, body { |
|||
margin: 0; |
|||
padding: 0; |
|||
} |
|||
.container { |
|||
width: 100%; |
|||
} |
|||
|
|||
a[href]:after { |
|||
content: none; |
|||
} |
|||
|
|||
} |
|||
|
After Width: 140 | Height: 150 | Size: 12 KiB |
|
After Width: 1600 | Height: 1142 | Size: 98 KiB |
|
After Width: 1600 | Height: 1066 | Size: 82 KiB |
|
After Width: 1600 | Height: 1057 | Size: 379 KiB |
|
After Width: 1600 | Height: 1066 | Size: 362 KiB |
@ -0,0 +1,321 @@ |
|||
<?php |
|||
|
|||
#==============================================================================
|
|||
# Version
|
|||
#==============================================================================
|
|||
$version = "1.4.3"; |
|||
|
|||
#==============================================================================
|
|||
# Configuration
|
|||
#==============================================================================
|
|||
require_once("../conf/config.inc.php"); |
|||
|
|||
#==============================================================================
|
|||
# Includes
|
|||
#==============================================================================
|
|||
require_once("../lib/vendor/defuse-crypto.phar"); |
|||
require_once("../lib/functions.inc.php"); |
|||
require_once("../lib/vendor/autoload.php"); |
|||
if ($use_captcha) { |
|||
require_once("../lib/captcha.inc.php"); |
|||
} |
|||
if ($use_pwnedpasswords) { |
|||
require_once("../lib/vendor/ron-maxweb/pwned-passwords/src/PwnedPasswords/PwnedPasswords.php"); |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# VARIABLES
|
|||
#==============================================================================
|
|||
# Get source for menu
|
|||
if (isset($_REQUEST["source"]) and $_REQUEST["source"]) { $source = $_REQUEST["source"]; } |
|||
else { $source="unknown"; } |
|||
|
|||
#==============================================================================
|
|||
# Language
|
|||
#==============================================================================
|
|||
require_once("../lib/detectbrowserlanguage.php"); |
|||
# Available languages
|
|||
$languages = array(); |
|||
if ($handle = opendir('../lang')) { |
|||
while (false !== ($entry = readdir($handle))) { |
|||
if ($entry != "." && $entry != "..") { |
|||
$entry_lang = str_replace(".inc.php", "", $entry); |
|||
if ($entry_lang === $lang || empty($allowed_lang) || in_array($entry_lang, $allowed_lang) ) { |
|||
array_push($languages, $entry_lang); |
|||
} |
|||
} |
|||
} |
|||
closedir($handle); |
|||
} |
|||
$lang = detectLanguage($lang, $languages); |
|||
require_once("../lang/$lang.inc.php"); |
|||
|
|||
# Remove default questions
|
|||
if (!$questions_use_default) { |
|||
unset($messages['questions']['birthday']); |
|||
unset($messages['questions']['color']); |
|||
} |
|||
|
|||
if (file_exists("../conf/$lang.inc.php")) { |
|||
require_once("../conf/$lang.inc.php"); |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# PHP modules
|
|||
#==============================================================================
|
|||
# Init dependency check results variable
|
|||
$dependency_check_results = array(); |
|||
|
|||
# Check PHP-LDAP presence
|
|||
if ( ! function_exists('ldap_connect') ) { $dependency_check_results[] = "nophpldap"; } |
|||
else { |
|||
# Check ldap_modify_batch presence if AD mode and password change as user
|
|||
if ( $ad_mode and $who_change_password === "user" and ! function_exists('ldap_modify_batch') ) { $dependency_check_results[] = "phpupgraderequired"; } |
|||
# Check ldap_exop_passwd if LDAP exop password modify enabled
|
|||
if ( $ldap_use_exop_passwd and ! function_exists('ldap_exop_passwd') ) { $dependency_check_results[] = "phpupgraderequired"; } |
|||
# Check LDAP_CONTROL_PASSWORDPOLICYREQUEST if LDAP ppolicy control enabled
|
|||
if ( $ldap_use_ppolicy_control and ! defined('LDAP_CONTROL_PASSWORDPOLICYREQUEST') ) { $dependency_check_results[] = "phpupgraderequired"; } |
|||
} |
|||
|
|||
# Check PHP mhash presence if Samba mode active
|
|||
if ( $samba_mode and ! function_exists('hash') and ! function_exists('mhash') ) { $dependency_check_results[] = "nophpmhash"; } |
|||
|
|||
# Check PHP mbstring presence
|
|||
if ( ! function_exists('mb_internal_encoding') ) { $dependency_check_results[] = "nophpmbstring"; } |
|||
|
|||
# Check PHP xml presence
|
|||
if ( ! function_exists('utf8_decode') ) { $dependency_check_results[] = "nophpxml"; } |
|||
|
|||
# Check keyphrase setting
|
|||
if ( ( ( $use_tokens and $crypt_tokens ) or $use_sms or $crypt_answers ) and ( empty($keyphrase) or $keyphrase == "secret") ) { $dependency_check_results[] = "nokeyphrase"; } |
|||
|
|||
|
|||
#==============================================================================
|
|||
# Email Config
|
|||
#==============================================================================
|
|||
use PHPMailer\PHPMailer\PHPMailer; |
|||
use PHPMailer\PHPMailer\Exception; |
|||
use PHPMailer\PHPMailer\SMTP; |
|||
$mailer = new PHPMailer; |
|||
$mailer->Priority = $mail_priority; |
|||
$mailer->CharSet = $mail_charset; |
|||
$mailer->ContentType = $mail_contenttype; |
|||
$mailer->WordWrap = $mail_wordwrap; |
|||
$mailer->Sendmail = $mail_sendmailpath; |
|||
$mailer->Mailer = $mail_protocol; |
|||
$mailer->SMTPDebug = $mail_smtp_debug; |
|||
$mailer->Debugoutput = $mail_debug_format; |
|||
$mailer->Host = $mail_smtp_host; |
|||
$mailer->Port = $mail_smtp_port; |
|||
$mailer->SMTPSecure = $mail_smtp_secure; |
|||
$mailer->SMTPAutoTLS = $mail_smtp_autotls; |
|||
$mailer->SMTPAuth = $mail_smtp_auth; |
|||
$mailer->Username = $mail_smtp_user; |
|||
$mailer->Password = $mail_smtp_pass; |
|||
$mailer->SMTPKeepAlive = $mail_smtp_keepalive; |
|||
$mailer->SMTPOptions = $mail_smtp_options; |
|||
$mailer->Timeout = $mail_smtp_timeout; |
|||
|
|||
#==============================================================================
|
|||
# Other default values
|
|||
#==============================================================================
|
|||
if (!isset($ldap_login_attribute)) { $ldap_login_attribute = "uid"; } |
|||
if (!isset($ldap_fullname_attribute)) { $ldap_fullname_attribute = "cn"; } |
|||
if (!isset($pwd_forbidden_chars)) { $pwd_forbidden_chars = ""; } |
|||
if (!isset($hash_options)) { $hash_options = array(); } |
|||
if (!isset($samba_options)) { $samba_options = array(); } |
|||
if (!isset($ldap_starttls)) { $ldap_starttls = false; } |
|||
|
|||
# Password policy array
|
|||
$pwd_policy_config = array( |
|||
"pwd_show_policy" => $pwd_show_policy, |
|||
"pwd_min_length" => $pwd_min_length, |
|||
"pwd_max_length" => $pwd_max_length, |
|||
"pwd_min_lower" => $pwd_min_lower, |
|||
"pwd_min_upper" => $pwd_min_upper, |
|||
"pwd_min_digit" => $pwd_min_digit, |
|||
"pwd_min_special" => $pwd_min_special, |
|||
"pwd_special_chars" => $pwd_special_chars, |
|||
"pwd_forbidden_chars" => $pwd_forbidden_chars, |
|||
"pwd_no_reuse" => $pwd_no_reuse, |
|||
"pwd_diff_last_min_chars" => $pwd_diff_last_min_chars, |
|||
"pwd_diff_login" => $pwd_diff_login, |
|||
"pwd_complexity" => $pwd_complexity, |
|||
"use_pwnedpasswords" => $use_pwnedpasswords, |
|||
"pwd_no_special_at_ends" => $pwd_no_special_at_ends, |
|||
"pwd_forbidden_words" => $pwd_forbidden_words, |
|||
"pwd_forbidden_ldap_fields" => $pwd_forbidden_ldap_fields |
|||
); |
|||
|
|||
if (!isset($pwd_show_policy_pos)) { $pwd_show_policy_pos = "above"; } |
|||
|
|||
# rate-limiting config array
|
|||
$rrl_config = array( |
|||
"max_per_user" => $max_attempts_per_user, |
|||
"max_per_ip" => $max_attempts_per_ip, |
|||
"per_time" => $max_attempts_block_seconds, |
|||
"dbdir" => isset($ratelimit_dbdir) ? $ratelimit_dbdir : sys_get_temp_dir(), |
|||
); |
|||
|
|||
#==============================================================================
|
|||
# Route to action
|
|||
#==============================================================================
|
|||
$result = ""; |
|||
$action = "change"; |
|||
if (isset($default_action)) { $action = $default_action; } |
|||
if (isset($_GET["action"]) and $_GET['action']) { $action = $_GET["action"]; } |
|||
|
|||
# Available actions
|
|||
$available_actions = array(); |
|||
if ( $use_change ) { array_push( $available_actions, "change"); } |
|||
if ( $change_sshkey ) { array_push( $available_actions, "changesshkey"); } |
|||
if ( $use_questions ) { array_push( $available_actions, "resetbyquestions", "setquestions"); } |
|||
if ( $use_tokens ) { array_push( $available_actions, "resetbytoken", "sendtoken"); } |
|||
if ( $use_sms ) { array_push( $available_actions, "resetbytoken", "sendsms"); } |
|||
if ( $use_create ) { array_push( $available_actions, "create", "confirmcreate"); } |
|||
|
|||
# Ensure requested action is available, or fall back to default
|
|||
if ( ! in_array($action, $available_actions) ) { $action = $default_action; } |
|||
|
|||
if (file_exists($action.".php")) { require_once($action.".php"); } |
|||
|
|||
#==============================================================================
|
|||
# Smarty
|
|||
#==============================================================================
|
|||
require_once(SMARTY); |
|||
|
|||
$compile_dir = isset($smarty_compile_dir) ? $smarty_compile_dir : "../templates_c/"; |
|||
$cache_dir = isset($smarty_cache_dir) ? $smarty_cache_dir : "../cache/"; |
|||
|
|||
$smarty = new Smarty(); |
|||
$smarty->escape_html = true; |
|||
$smarty->setTemplateDir('../templates/'); |
|||
$smarty->setCompileDir($compile_dir); |
|||
$smarty->setCacheDir($cache_dir); |
|||
$smarty->debugging = $debug; |
|||
|
|||
error_reporting(0); |
|||
if ($debug) { |
|||
error_reporting(E_ALL); |
|||
# Set debug for LDAP
|
|||
ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7); |
|||
} |
|||
|
|||
# Assign configuration variables
|
|||
$smarty->assign('ldap_params',array('ldap_url' => $ldap_url, 'ldap_starttls' => $ldap_starttls, 'ldap_binddn' => $ldap_binddn, 'ldap_bindpw' => $ldap_bindpw)); |
|||
$smarty->assign('logo',$logo); |
|||
$smarty->assign('background_image',$background_image); |
|||
$smarty->assign('custom_css',$custom_css); |
|||
$smarty->assign('version',$version); |
|||
$smarty->assign('display_footer',$display_footer); |
|||
$smarty->assign('show_menu', $show_menu); |
|||
$smarty->assign('show_help', $show_help); |
|||
$smarty->assign('use_questions', $use_questions); |
|||
$smarty->assign('use_tokens', $use_tokens); |
|||
$smarty->assign('use_sms', $use_sms); |
|||
$smarty->assign('change_sshkey', $change_sshkey); |
|||
$smarty->assign('mail_address_use_ldap', $mail_address_use_ldap); |
|||
$smarty->assign('default_action', $default_action); |
|||
//$smarty->assign('',);
|
|||
|
|||
if (isset($source)) { $smarty->assign('source', $source); } |
|||
if (isset($login)) { $smarty->assign('login', $login); } |
|||
if (isset($token)) { $smarty->assign('token', $token); } |
|||
if (isset($use_captcha)) { $smarty->assign('use_captcha', $use_captcha); } |
|||
// TODO : Make it clean function show_policy - START
|
|||
if (isset($pwd_show_policy_pos)) { |
|||
$smarty->assign('pwd_show_policy_pos', $pwd_show_policy_pos); |
|||
$smarty->assign('pwd_show_policy', $pwd_show_policy); |
|||
$smarty->assign('pwd_show_policy_onerror', true); |
|||
if ( $pwd_show_policy === "onerror" ) { |
|||
if ( !preg_match( "/tooshort|toobig|minlower|minupper|mindigit|minspecial|forbiddenchars|sameasold|notcomplex|sameaslogin|pwned|specialatends/" , $result) ) { |
|||
$smarty->assign('pwd_show_policy_onerror', false); |
|||
} else { |
|||
$smarty->assign('pwd_show_policy_onerror', true); |
|||
} |
|||
} |
|||
if (isset($pwd_min_length)) { $smarty->assign('pwd_min_length', $pwd_min_length); } |
|||
if (isset($pwd_max_length)) { $smarty->assign('pwd_max_length', $pwd_max_length); } |
|||
if (isset($pwd_min_lower)) { $smarty->assign('pwd_min_lower', $pwd_min_lower); } |
|||
if (isset($pwd_min_upper)) { $smarty->assign('pwd_min_upper', $pwd_min_upper); } |
|||
if (isset($pwd_min_digit)) { $smarty->assign('pwd_min_digit', $pwd_min_digit); } |
|||
if (isset($pwd_min_special)) { $smarty->assign('pwd_min_special', $pwd_min_special); } |
|||
if (isset($pwd_complexity)) { $smarty->assign('pwd_complexity', $pwd_complexity); } |
|||
if (isset($pwd_diff_last_min_chars)) { $smarty->assign('pwd_diff_last_min_chars', $pwd_diff_last_min_chars); } |
|||
if (isset($pwd_forbidden_chars)) { $smarty->assign('pwd_forbidden_chars', $pwd_forbidden_chars); } |
|||
if (isset($pwd_no_reuse)) { $smarty->assign('pwd_no_reuse', $pwd_no_reuse); } |
|||
if (isset($pwd_diff_login)) { $smarty->assign('pwd_diff_login', $pwd_diff_login); } |
|||
if (isset($use_pwnedpasswords)) { $smarty->assign('use_pwnedpasswords', $use_pwnedpasswords); } |
|||
if (isset($pwd_no_special_at_ends)) { $smarty->assign('pwd_no_special_at_ends', $pwd_no_special_at_ends); } |
|||
} |
|||
// TODO : Make it clean function show_policy - END
|
|||
if (isset($smsdisplay)) { $smarty->assign('smsdisplay', $smsdisplay); } |
|||
// TODO : Make it clean $prehook_return/$posthook_return - START
|
|||
if (isset($prehook_return)) { |
|||
$smarty->assign('prehook_return', $prehook_return); |
|||
} else { |
|||
$smarty->assign('prehook_return', false); |
|||
} |
|||
if (isset($posthook_return)) { |
|||
$smarty->assign('posthook_return', $posthook_return); |
|||
} else { |
|||
$smarty->assign('posthook_return', false); |
|||
} |
|||
// TODO : Make it clean $prehook_return/$posthook_return - END
|
|||
if (isset($prehook_output)) { $smarty->assign('prehook_output', $prehook_output); } |
|||
if (isset($posthook_output)) { $smarty->assign('posthook_output', $posthook_output); } |
|||
if (isset($display_prehook_error)) { $smarty->assign('display_prehook_error', $display_prehook_error); } |
|||
if (isset($display_posthook_error)) { $smarty->assign('display_posthook_error', $display_posthook_error); } |
|||
if (isset($show_extended_error)) { $smarty->assign('show_extended_error', $show_extended_error); } |
|||
if (isset($extended_error_msg)) { $smarty->assign('extended_error_msg', $extended_error_msg); } |
|||
//if (isset($var)) { $smarty->assign('var', $var); }
|
|||
|
|||
# Assign messages
|
|||
$smarty->assign('lang',$lang); |
|||
foreach ($messages as $key => $message) { |
|||
$smarty->assign('msg_'.$key,$message); |
|||
} |
|||
|
|||
|
|||
$smarty->assign('action', $action); |
|||
|
|||
if (isset($question_populate_enable)) { $smarty->assign('question_populate_enable', $question_populate_enable); } |
|||
if (isset($questions_count)) { $smarty->assign('questions_count', $questions_count); } |
|||
if (isset($question)) { $smarty->assign('question', $question); } |
|||
|
|||
if (isset($login)) { $smarty->assign('login', $login); } |
|||
if (isset($usermail)) { $smarty->assign('usermail', $usermail); } |
|||
if (isset($displayname[0])) { $smarty->assign('displayname', $displayname[0]); } |
|||
if (isset($encrypted_sms_login)) { $smarty->assign('encrypted_sms_login', $encrypted_sms_login); } |
|||
|
|||
if ( isset($obscure_failure_messages) && in_array($result, $obscure_failure_messages) ) { $result = "badcredentials"; } |
|||
|
|||
# Set error message, criticity and fa_class
|
|||
|
|||
if ($result) { |
|||
$smarty->assign('error', $messages[$result]); |
|||
// TODO : Make it clean $error_sms - START
|
|||
if ($action == 'sendsms') { |
|||
if (isset($result) && ($result == 'smscrypttokensrequired' || $result == 'smsuserfound' || $result == 'smssent' || $result == 'tokenattempts')) { |
|||
$smarty->assign('error_sms', $result); |
|||
} else { |
|||
$smarty->assign('error_sms', false); |
|||
} |
|||
} |
|||
// TODO : Make it clean $error_sms - END
|
|||
$smarty->assign('result_criticity', get_criticity($result)); |
|||
$smarty->assign('result_fa_class', get_fa_class($result)); |
|||
} else { |
|||
$smarty->assign('error', ""); |
|||
} |
|||
$smarty->assign('result', $result); |
|||
|
|||
# Set dependency check message, criticity and fa_class
|
|||
|
|||
$dependency_errors = array(); |
|||
foreach ($dependency_check_results as $result) { |
|||
$dependency_errors[$result] = array( 'error' => $messages[$result], 'criticity' => get_criticity($result), 'fa_class' => get_fa_class($result) ); |
|||
} |
|||
$smarty->assign('dependency_errors', $dependency_errors); |
|||
|
|||
$smarty->display('index.tpl'); |
|||
@ -0,0 +1,163 @@ |
|||
/* |
|||
jquery-selectunique.js v0.1.0 |
|||
|
|||
Given a group of select fields with the same options, SelectUnique will remove an option from the |
|||
other select fields when it's selected, and put it back when it's changed. |
|||
|
|||
Home: http://github.com/sshaw/jquery-selectunique
|
|||
License (MIT): http://www.opensource.org/licenses/mit-license.php
|
|||
|
|||
Copyright (c) 2013 Skye Shaw |
|||
*/ |
|||
|
|||
(function($) { |
|||
var NS = 'selectunique'; |
|||
var KEY_SELECTED = NS + '-selected'; |
|||
|
|||
var SelectUnique = function(q, options) { |
|||
var self = this; |
|||
|
|||
self.q = q.find('option').parent('select'); // We need a set containing the select elements
|
|||
self.options = $.extend({}, options); |
|||
self.optionIndex = {}; |
|||
|
|||
self.q.on('change.' + NS, function() { |
|||
self._selectChanged($(this)); |
|||
}); |
|||
|
|||
$(self._uniqueOptions(self.q.find('option'))).each(function() { |
|||
self.optionIndex[self._optionId(this)] = this.index; |
|||
}); |
|||
|
|||
self.q.has(':selected').each(function() { |
|||
self._optionSelected($(this)); |
|||
}); |
|||
}; |
|||
|
|||
SelectUnique.prototype = { |
|||
constructor: SelectUnique, |
|||
|
|||
_selectChanged: function(select) { |
|||
var self = this, prevOption = select.data(KEY_SELECTED); |
|||
|
|||
if(prevOption) { |
|||
self.q.not(select).each(function() { |
|||
var thisSelect = $(this); |
|||
thisSelect.append(self._cloneOption(prevOption)); |
|||
self._sortOptions(thisSelect); |
|||
}); |
|||
} |
|||
|
|||
self._optionSelected(select); |
|||
}, |
|||
|
|||
_optionSelected: function(select) { |
|||
var self = this, selOption = select.find(':selected'); |
|||
|
|||
if(self._ignoreOption(selOption)) { |
|||
select.data(KEY_SELECTED, null); |
|||
} |
|||
else { |
|||
select.data(KEY_SELECTED, selOption); |
|||
self.q.not(select).each(function() { |
|||
var thisSelect = $(this); |
|||
thisSelect.find('option').each(function() { |
|||
var thisOption = $(this); |
|||
|
|||
// Ignore val(), we only care about what the user sees. This allows for cases
|
|||
// where the text is the same but the value is dependent on the select it's in.
|
|||
if(selOption.text() == thisOption.text()) { |
|||
thisOption.remove(); |
|||
return; |
|||
} |
|||
}); |
|||
}); |
|||
} |
|||
}, |
|||
|
|||
_ignoreOption: function(option) { |
|||
return $.trim(option.val()) == '' || ($.isFunction(this.options.ignoreOption) && this.options.ignoreOption(option)); |
|||
}, |
|||
|
|||
_cloneOption: function(option) { |
|||
// We must set selected to false everytime because this will be true:
|
|||
// (cache[x] = original.clone(true).prop('selected', false)).clone(true).prop('selected')
|
|||
return option.clone(true).prop('selected', false); |
|||
}, |
|||
|
|||
_sortOptions: function(select) { |
|||
var self = this, options = select.find('option'), val = select.val(); |
|||
options.sort(function(a,b) { |
|||
return self.optionIndex[self._optionId(a)] - self.optionIndex[self._optionId(b)]; |
|||
}); |
|||
|
|||
select.html(options); |
|||
select.val(val); |
|||
}, |
|||
|
|||
_optionId: function(option) { |
|||
return [option.value, option.text].join('-'); |
|||
}, |
|||
|
|||
_uniqueOptions: function(options) { |
|||
var self = this, unique = [], seen = {}; |
|||
|
|||
options.each(function() { |
|||
var key = self._optionId(this); |
|||
if(!seen[key] && !self._ignoreOption($(this))) { |
|||
seen[key] = true; |
|||
unique.push(this); |
|||
} |
|||
}); |
|||
|
|||
return unique; |
|||
}, |
|||
|
|||
_removeHandlers: function() { |
|||
this.q.off('.'+NS); |
|||
}, |
|||
|
|||
refresh: function() { |
|||
var self = this; |
|||
|
|||
}, |
|||
|
|||
selected: function() { |
|||
var selected = this._uniqueOptions(this.q.find(':selected')); |
|||
return $.map(selected, function(e) { |
|||
return e.cloneNode(true); |
|||
}); |
|||
}, |
|||
|
|||
remaining: function() { |
|||
var remaining = this._uniqueOptions(this.q.find('option:not(:selected)')); |
|||
return $.map(remaining, function(e) { |
|||
return e.cloneNode(true); |
|||
}); |
|||
|
|||
} |
|||
}; |
|||
|
|||
$.fn.selectunique = function(options) { |
|||
if(this.has('select,option').length) { |
|||
var uniq = this.data(NS); |
|||
if(!uniq) |
|||
this.data(NS, uniq = new SelectUnique(this, options)); |
|||
|
|||
if(typeof options == 'string') { |
|||
if(options == 'refresh') { |
|||
uniq._removeHandlers(); |
|||
this.data(NS, uniq = new SelectUnique(this)); |
|||
} |
|||
else { |
|||
if(!uniq[options]) |
|||
$.error("selectunique: no such method '" + options + "'"); |
|||
|
|||
return uniq[options](); |
|||
} |
|||
} |
|||
} |
|||
|
|||
return this; |
|||
}; |
|||
})(window.jQuery); |
|||
@ -0,0 +1,8 @@ |
|||
$(document).ready(function(){ |
|||
// Menu links popovers
|
|||
$('[data-toggle="menu-popover"]').popover({ |
|||
trigger: 'hover', |
|||
placement: 'bottom', |
|||
container: 'body' // Allows the popover to be larger than the menu button
|
|||
}); |
|||
}); |
|||
@ -0,0 +1,267 @@ |
|||
<?php |
|||
#==============================================================================
|
|||
# LTB Self Service Password
|
|||
#
|
|||
# Copyright (C) 2009 Clement OUDOT
|
|||
# Copyright (C) 2009 LTB-project.org
|
|||
#
|
|||
# This program is free software; you can redistribute it and/or
|
|||
# modify it under the terms of the GNU General Public License
|
|||
# as published by the Free Software Foundation; either version 2
|
|||
# of the License, or (at your option) any later version.
|
|||
#
|
|||
# This program is distributed in the hope that it will be useful,
|
|||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|||
# GNU General Public License for more details.
|
|||
#
|
|||
# GPL License: http://www.gnu.org/licenses/gpl.txt
|
|||
#
|
|||
#==============================================================================
|
|||
|
|||
# This page is called to reset a password trusting question/anwser
|
|||
|
|||
#==============================================================================
|
|||
# POST parameters
|
|||
#==============================================================================
|
|||
# Initiate vars
|
|||
$result = ""; |
|||
$login = $presetLogin; |
|||
$question = []; |
|||
$answer = []; |
|||
$newpassword = ""; |
|||
$confirmpassword = ""; |
|||
$captchaphrase = ""; |
|||
$ldap = ""; |
|||
$userdn = ""; |
|||
if (!isset($pwd_forbidden_chars)) { $pwd_forbidden_chars=""; } |
|||
$mail = ""; |
|||
$extended_error_msg = ""; |
|||
$questions_count = $multiple_answers ? $questions_count : 1; |
|||
|
|||
if ($use_captcha) { |
|||
if (isset($_POST["captchaphrase"]) and $_POST["captchaphrase"]) { $captchaphrase = strval($_POST["captchaphrase"]); } |
|||
else { $result = "captcharequired"; } |
|||
} |
|||
if (isset($_POST["confirmpassword"]) and $_POST["confirmpassword"]) { $confirmpassword = strval($_POST["confirmpassword"]); } |
|||
else { $result = "confirmpasswordrequired"; } |
|||
if (isset($_POST["newpassword"]) and $_POST["newpassword"]) { $newpassword = strval($_POST["newpassword"]); } |
|||
else { $result = "newpasswordrequired"; } |
|||
|
|||
# Use arrays for question/answer, to accommodate multiple questions on the same page
|
|||
if (isset($_POST["answer"]) and $_POST["answer"]) { |
|||
if ($questions_count > 1) { |
|||
$answer = $_POST["answer"]; |
|||
if (in_array('', $answer)) { |
|||
$result = "answerrequired"; |
|||
} |
|||
} else { |
|||
$answer[0] = strval($_POST["answer"]); |
|||
} |
|||
} else { |
|||
$result = "answerrequired"; |
|||
} |
|||
if (isset($_POST["question"]) and $_POST["question"]) { |
|||
if ($questions_count > 1) { |
|||
$question = $_POST["question"]; |
|||
if (in_array('', $question)) { |
|||
$result = "questionrequired"; |
|||
} |
|||
} else { |
|||
$question[0] = strval($_POST["question"]); |
|||
} |
|||
} else { |
|||
$result = "questionrequired"; |
|||
} |
|||
if (isset($_REQUEST["login"]) and $_REQUEST["login"]) { $login = strval($_REQUEST["login"]); } |
|||
else { $result = "loginrequired"; } |
|||
if (! isset($_POST["confirmpassword"]) and ! isset($_POST["newpassword"]) and ! isset($_POST["answer"]) and ! isset($_POST["question"]) and ! isset($_REQUEST["login"])) |
|||
{ $result = "emptyresetbyquestionsform"; } |
|||
|
|||
# Check the entered username for characters that our installation doesn't support
|
|||
if ( $result === "" ) { |
|||
$result = check_username_validity($login,$login_forbidden_chars); |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Check captcha
|
|||
#==============================================================================
|
|||
if ( $result === "" && $use_captcha ) { |
|||
session_start(); |
|||
if ( !check_captcha($_SESSION['phrase'], $captchaphrase) ) { |
|||
$result = "badcaptcha"; |
|||
} |
|||
unset($_SESSION['phrase']); |
|||
} |
|||
|
|||
# Should we pre-populate the question?
|
|||
# This should ensure that $login is valid and everything else is empty.
|
|||
$populate_questions = $question_populate_enable |
|||
&& $result == "questionrequired" |
|||
&& !array_filter($question) |
|||
&& !array_filter($answer) |
|||
&& empty($newpassword) |
|||
&& empty($confirmpassword); |
|||
|
|||
#==============================================================================
|
|||
# Check question/answer
|
|||
#==============================================================================
|
|||
if ( $result === "" || $populate_questions) { |
|||
|
|||
# Connect to LDAP
|
|||
$ldap = ldap_connect($ldap_url); |
|||
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); |
|||
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); |
|||
if ( $ldap_starttls && !ldap_start_tls($ldap) ) { |
|||
$result = "ldaperror"; |
|||
error_log("LDAP - Unable to use StartTLS"); |
|||
} else { |
|||
|
|||
# Bind
|
|||
if ( isset($ldap_binddn) && isset($ldap_bindpw) ) { |
|||
$bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw); |
|||
} else { |
|||
$bind = ldap_bind($ldap); |
|||
} |
|||
|
|||
if ( !$bind ) { |
|||
$result = "ldaperror"; |
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
error_log("LDAP - Bind error $errno (".ldap_error($ldap).")"); |
|||
} |
|||
} else { |
|||
|
|||
# Search for user
|
|||
$ldap_filter = str_replace("{login}", $login, $ldap_filter); |
|||
$search = ldap_search($ldap, $ldap_base, $ldap_filter); |
|||
|
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
$result = "ldaperror"; |
|||
error_log("LDAP - Search error $errno (".ldap_error($ldap).")"); |
|||
} else { |
|||
|
|||
# Get user DN
|
|||
$entry = ldap_first_entry($ldap, $search); |
|||
$userdn = ldap_get_dn($ldap, $entry); |
|||
|
|||
if( !$userdn ) { |
|||
$result = "badcredentials"; |
|||
error_log("LDAP - User $login not found"); |
|||
} else { |
|||
|
|||
# Check objectClass to allow samba and shadow updates
|
|||
$ocValues = ldap_get_values($ldap, $entry, 'objectClass'); |
|||
if ( !in_array( 'sambaSamAccount', $ocValues ) and !in_array( 'sambaSAMAccount', $ocValues ) ) { |
|||
$samba_mode = false; |
|||
} |
|||
if ( !in_array( 'shadowAccount', $ocValues ) ) { |
|||
$shadow_options['update_shadowLastChange'] = false; |
|||
$shadow_options['update_shadowExpire'] = false; |
|||
} |
|||
|
|||
# Get user email for notification
|
|||
if ( $notify_on_change ) { |
|||
$mailValues = ldap_get_values($ldap, $entry, $mail_attribute); |
|||
if ( $mailValues["count"] > 0 ) { |
|||
$mail = $mailValues[0]; |
|||
} |
|||
} |
|||
|
|||
# Get question/answer values
|
|||
$questionValues = ldap_get_values($ldap, $entry, $answer_attribute); |
|||
unset($questionValues["count"]); |
|||
|
|||
if ($multiple_answers and $multiple_answers_one_str) { |
|||
# Unpack multiple questions/answers
|
|||
$questionValues = str_getcsv($questionValues[0]); |
|||
} |
|||
|
|||
if ($populate_questions) { |
|||
$pattern = "/^\{(.+?)\}/i"; |
|||
$i = 0; |
|||
foreach ($questionValues as $questionValue) { |
|||
$value = $crypt_answers ? decrypt($questionValue, $keyphrase) : $questionValue; |
|||
if (preg_match($pattern, $value, $matched)) { |
|||
$question[$i++] = $matched[1]; |
|||
} |
|||
if ($i >= $questions_count) { |
|||
$result = "emptyresetbyquestionsform"; |
|||
break; |
|||
} |
|||
} |
|||
} else { |
|||
# Match with user submitted values
|
|||
$pattern = "/^\{(.+?)\}(.+)$/i"; |
|||
$registered_questions = []; |
|||
|
|||
# Get registered questions
|
|||
foreach ($questionValues as $questionValue) { |
|||
$value = $crypt_answers ? decrypt($questionValue, $keyphrase) : $questionValue; |
|||
if (preg_match($pattern, $value, $matched)) { |
|||
$registered_questions[$matched[1]] = $matched[2]; |
|||
} |
|||
} |
|||
|
|||
$matched = 0; |
|||
# Match answer(s)
|
|||
for ($q = 0; $q < $questions_count; $q++) { |
|||
if (hash_equals($registered_questions[$question[$q]], $answer[$q])) { |
|||
$matched++; |
|||
} |
|||
} |
|||
|
|||
if ($matched < $questions_count) { |
|||
$result = "answernomatch"; |
|||
error_log("Answer does not match question for user $login"); |
|||
} |
|||
} |
|||
|
|||
$entry = ldap_get_attributes($ldap, $entry); |
|||
$entry['dn'] = $userdn; |
|||
|
|||
}}}}} |
|||
|
|||
#==============================================================================
|
|||
# Check and register new passord
|
|||
#==============================================================================
|
|||
# Match new and confirm password
|
|||
if ( $result === "" ) { |
|||
if ( $newpassword != $confirmpassword ) { $result="nomatch"; } |
|||
} |
|||
|
|||
# Check password strength
|
|||
if ( $result === "" ) { |
|||
$result = check_password_strength( $newpassword, "", $pwd_policy_config, $login, $entry ); |
|||
} |
|||
|
|||
# Change password
|
|||
if ($result === "") { |
|||
if ( isset($prehook) ) { |
|||
$command = hook_command($prehook, $login, $newpassword, null, $prehook_password_encodebase64); |
|||
exec($command, $prehook_output, $prehook_return); |
|||
} |
|||
if ( ! isset($prehook_return) || $prehook_return === 0 || $ignore_prehook_error ) { |
|||
$result = change_password($ldap, $userdn, $newpassword, $ad_mode, $ad_options, $samba_mode, $samba_options, $shadow_options, $hash, $hash_options, "", "", $ldap_use_exop_passwd, $ldap_use_ppolicy_control); |
|||
if ( $result === "passwordchanged" && isset($posthook) ) { |
|||
$command = hook_command($posthook, $login, $newpassword, null, $posthook_password_encodebase64); |
|||
exec($command, $posthook_output, $posthook_return); |
|||
} |
|||
if ( $result !== "passwordchanged" ) { |
|||
if ( $show_extended_error ) { |
|||
ldap_get_option($ldap, 0x0032, $extended_error_msg); |
|||
} |
|||
} |
|||
} |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Notify password change
|
|||
#==============================================================================
|
|||
if ($mail and $notify_on_change and $result === 'paswordchanged') { |
|||
$data = array( "login" => $login, "mail" => $mail, "password" => $newpassword); |
|||
if ( !send_mail($mailer, $mail, $mail_from, $mail_from_name, $messages["changesubject"], $messages["changemessage"].$mail_signature, $data) ) { |
|||
error_log("Error while sending change email to $mail (user $login)"); |
|||
} |
|||
} |
|||
@ -0,0 +1,211 @@ |
|||
<?php |
|||
#==============================================================================
|
|||
# LTB Self Service Password
|
|||
#
|
|||
# Copyright (C) 2009 Clement OUDOT
|
|||
# Copyright (C) 2009 LTB-project.org
|
|||
#
|
|||
# This program is free software; you can redistribute it and/or
|
|||
# modify it under the terms of the GNU General Public License
|
|||
# as published by the Free Software Foundation; either version 2
|
|||
# of the License, or (at your option) any later version.
|
|||
#
|
|||
# This program is distributed in the hope that it will be useful,
|
|||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|||
# GNU General Public License for more details.
|
|||
#
|
|||
# GPL License: http://www.gnu.org/licenses/gpl.txt
|
|||
#
|
|||
#==============================================================================
|
|||
|
|||
# This page is called to reset a password when a valid token is found in URL
|
|||
|
|||
#==============================================================================
|
|||
# POST parameters
|
|||
#==============================================================================
|
|||
# Initiate vars
|
|||
$result = ""; |
|||
$login = $presetLogin; |
|||
$token = ""; |
|||
$tokenid = ""; |
|||
$newpassword = ""; |
|||
$confirmpassword = ""; |
|||
$ldap = ""; |
|||
$userdn = ""; |
|||
if (!isset($pwd_forbidden_chars)) { $pwd_forbidden_chars=""; } |
|||
$mail = ""; |
|||
$extended_error_msg = ""; |
|||
|
|||
if (isset($_REQUEST["token"]) and $_REQUEST["token"]) { $token = strval($_REQUEST["token"]); } |
|||
else { $result = "tokenrequired"; } |
|||
|
|||
#==============================================================================
|
|||
# Get token
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
|
|||
# Open session with the token
|
|||
if ( $crypt_tokens ) { |
|||
$tokenid = decrypt($token, $keyphrase); |
|||
} else { |
|||
$tokenid = $token; |
|||
} |
|||
|
|||
ini_set("session.use_cookies",0); |
|||
ini_set("session.use_only_cookies",1); |
|||
|
|||
session_id($tokenid); |
|||
session_name("token"); |
|||
session_start(); |
|||
$login = $_SESSION['login']; |
|||
$smstoken = $_SESSION['smstoken']; |
|||
|
|||
if ( !$login ) { |
|||
$result = "tokennotvalid"; |
|||
error_log("Unable to open session $tokenid"); |
|||
} else if ( isset($smstoken) and ( $smstoken !== $_REQUEST['smstoken'] ) ) { |
|||
$result = "tokennotvalid"; |
|||
error_log("Token not associated with SMS code ".$_REQUEST['smstoken']); |
|||
} else if (isset($token_lifetime)) { |
|||
# Manage lifetime with session content
|
|||
$tokentime = $_SESSION['time']; |
|||
if ( time() - $tokentime > $token_lifetime ) { |
|||
$result = "tokennotvalid"; |
|||
error_log("Token lifetime expired"); |
|||
} |
|||
} |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Get passwords
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
|
|||
if (isset($_POST["confirmpassword"]) and $_POST["confirmpassword"]) { $confirmpassword = $_POST["confirmpassword"]; } |
|||
else { $result = "confirmpasswordrequired"; } |
|||
if (isset($_POST["newpassword"]) and $_POST["newpassword"]) { $newpassword = $_POST["newpassword"]; } |
|||
else { $result = "newpasswordrequired"; } |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Find user
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
|
|||
# Connect to LDAP
|
|||
$ldap = ldap_connect($ldap_url); |
|||
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); |
|||
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); |
|||
if ( $ldap_starttls && !ldap_start_tls($ldap) ) { |
|||
$result = "ldaperror"; |
|||
error_log("LDAP - Unable to use StartTLS"); |
|||
} else { |
|||
|
|||
# Bind
|
|||
if ( isset($ldap_binddn) && isset($ldap_bindpw) ) { |
|||
$bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw); |
|||
} else { |
|||
$bind = ldap_bind($ldap); |
|||
} |
|||
|
|||
if ( !$bind ) { |
|||
$result = "ldaperror"; |
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
error_log("LDAP - Bind error $errno (".ldap_error($ldap).")"); |
|||
} |
|||
} else { |
|||
|
|||
# Search for user
|
|||
$ldap_filter = str_replace("{email}", $login, $ldap_filter); |
|||
$search = ldap_search($ldap, $ldap_base, $ldap_filter); |
|||
|
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
$result = "ldaperror"; |
|||
error_log("LDAP - Search error $errno (".ldap_error($ldap).")"); |
|||
} else { |
|||
|
|||
# Get user DN
|
|||
$entry = ldap_first_entry($ldap, $search); |
|||
$userdn = ldap_get_dn($ldap, $entry); |
|||
|
|||
if( !$userdn ) { |
|||
$result = "badcredentials"; |
|||
error_log("LDAP - User $login not found"); |
|||
} |
|||
|
|||
# Check objectClass to allow samba and shadow updates
|
|||
$ocValues = ldap_get_values($ldap, $entry, 'objectClass'); |
|||
if ( !in_array( 'sambaSamAccount', $ocValues ) and !in_array( 'sambaSAMAccount', $ocValues ) ) { |
|||
$samba_mode = false; |
|||
} |
|||
if ( !in_array( 'shadowAccount', $ocValues ) ) { |
|||
$shadow_options['update_shadowLastChange'] = false; |
|||
$shadow_options['update_shadowExpire'] = false; |
|||
} |
|||
|
|||
# Get user email for notification
|
|||
if ( $notify_on_change ) { |
|||
$mailValues = ldap_get_values($ldap, $entry, $mail_attribute); |
|||
if ( $mailValues["count"] > 0 ) { |
|||
$mail = $mailValues[0]; |
|||
} |
|||
} |
|||
} |
|||
} |
|||
} |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Check and register new passord
|
|||
#==============================================================================
|
|||
# Match new and confirm password
|
|||
if ( $result === "" ) { |
|||
if ( $newpassword != $confirmpassword ) { $result="nomatch"; } |
|||
} |
|||
|
|||
# Check password strength
|
|||
if ( $result === "" ) { |
|||
$result = check_password_strength( $newpassword, "", $pwd_policy_config, $login, $entry ); |
|||
} |
|||
|
|||
# Change password
|
|||
if ($result === "") { |
|||
if ( isset($prehook) ) { |
|||
$command = hook_command($prehook, $login, $newpassword, null, $prehook_password_encodebase64); |
|||
exec($command, $prehook_output, $prehook_return); |
|||
} |
|||
if ( ! isset($prehook_return) || $prehook_return === 0 || $ignore_prehook_error ) { |
|||
# $result = change_password($ldap, $userdn, $newpassword, $ad_mode, $ad_options, $samba_mode, $samba_options, $shadow_options, $hash, $hash_options, "", "", $ldap_use_exop_passwd, $ldap_use_ppolicy_control);
|
|||
$newpassword=str_replace("'","'\''",$newpassword); |
|||
system("sudo yunohost user update $login -p '$newpassword'"); |
|||
|
|||
if ( $result === "passwordchanged" && isset($posthook) ) { |
|||
$command = hook_command($posthook, $login, $newpassword, null, $posthook_password_encodebase64); |
|||
exec($command, $posthook_output, $posthook_return); |
|||
} |
|||
if ( $result !== "passwordchanged" ) { |
|||
if ( $show_extended_error ) { |
|||
ldap_get_option($ldap, 0x0032, $extended_error_msg); |
|||
} |
|||
} |
|||
} |
|||
} |
|||
|
|||
# Delete token if all is ok
|
|||
if ( $result === "passwordchanged" ) { |
|||
$_SESSION = array(); |
|||
session_destroy(); |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Notify password change
|
|||
#==============================================================================
|
|||
if ($mail and $notify_on_change and $result === 'paswordchanged') { |
|||
$data = array( "login" => $login, "mail" => $mail, "password" => $newpassword); |
|||
if ( !send_mail($mailer, $mail, $mail_from, $mail_from_name, $messages["changesubject"], $messages["changemessage"].$mail_signature, $data) ) { |
|||
error_log("Error while sending change email to $mail (user $login)"); |
|||
} |
|||
} |
|||
@ -0,0 +1,327 @@ |
|||
<?php |
|||
#==============================================================================
|
|||
# LTB Self Service Password
|
|||
#
|
|||
# Copyright (C) 2009 Clement OUDOT
|
|||
# Copyright (C) 2009 LTB-project.org
|
|||
#
|
|||
# This program is free software; you can redistribute it and/or
|
|||
# modify it under the terms of the GNU General Public License
|
|||
# as published by the Free Software Foundation; either version 2
|
|||
# of the License, or (at your option) any later version.
|
|||
#
|
|||
# This program is distributed in the hope that it will be useful,
|
|||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|||
# GNU General Public License for more details.
|
|||
#
|
|||
# GPL License: http://www.gnu.org/licenses/gpl.txt
|
|||
#
|
|||
#==============================================================================
|
|||
|
|||
# This page is called to send random generated password to user by SMS
|
|||
|
|||
#==============================================================================
|
|||
# POST parameters
|
|||
#==============================================================================
|
|||
# Initiate vars
|
|||
$result = ""; |
|||
$login = $presetLogin; |
|||
$sms = ""; |
|||
$smsdisplay = ""; |
|||
$ldap = ""; |
|||
$userdn = ""; |
|||
$smstoken = ""; |
|||
$token = ""; |
|||
$sessiontoken = ""; |
|||
$attempts = 0; |
|||
$captchaphrase = ""; |
|||
|
|||
if ($use_captcha) { |
|||
if (isset($_POST["captchaphrase"]) and $_POST["captchaphrase"]) { $captchaphrase = strval($_POST["captchaphrase"]); } |
|||
elseif (!(isset($_REQUEST["smstoken"]) and isset($_REQUEST["token"]))) { $result = "captcharequired"; } |
|||
} |
|||
if (!$crypt_tokens) { |
|||
$result = "crypttokensrequired"; |
|||
} elseif (isset($_REQUEST["smstoken"]) and isset($_REQUEST["token"])) { |
|||
$token = strval($_REQUEST["token"]); |
|||
$smstoken = strval($_REQUEST["smstoken"]); |
|||
|
|||
# Open session with the token
|
|||
$tokenid = decrypt($token, $keyphrase); |
|||
|
|||
ini_set("session.use_cookies",0); |
|||
ini_set("session.use_only_cookies",1); |
|||
|
|||
session_id($tokenid); |
|||
session_name("smstoken"); |
|||
session_start(); |
|||
$login = $_SESSION['login']; |
|||
$sessiontoken = $_SESSION['smstoken']; |
|||
$attempts = $_SESSION['attempts']; |
|||
|
|||
if ( !$login or !$sessiontoken) { |
|||
$result = "tokennotvalid"; |
|||
error_log("Unable to open session $smstokenid"); |
|||
} elseif ($sessiontoken != $smstoken) { |
|||
if ($attempts < $max_attempts) { |
|||
$_SESSION['attempts'] = $attempts + 1; |
|||
$result = "tokenattempts"; |
|||
error_log("SMS token $smstoken not valid, attempt $attempts"); |
|||
} |
|||
else { |
|||
$result = "tokennotvalid"; |
|||
error_log("SMS token $smstoken not valid"); |
|||
} |
|||
} elseif (isset($token_lifetime)) { |
|||
# Manage lifetime with session content
|
|||
$tokentime = $_SESSION['time']; |
|||
if ( time() - $tokentime > $token_lifetime ) { |
|||
$result = "tokennotvalid"; |
|||
error_log("Token lifetime expired"); |
|||
} |
|||
} |
|||
# Delete token if not valid or all is ok
|
|||
if ( $result === "tokennotvalid" ) { |
|||
$_SESSION = array(); |
|||
session_destroy(); |
|||
} |
|||
if ( $result === "" ) { |
|||
$_SESSION = array(); |
|||
session_destroy(); |
|||
$result = "buildtoken"; |
|||
} |
|||
} elseif (isset($_REQUEST["encrypted_sms_login"])) { |
|||
$decrypted_sms_login = explode(':', decrypt($_REQUEST["encrypted_sms_login"], $keyphrase)); |
|||
$sms = $decrypted_sms_login[0]; |
|||
$login = $decrypted_sms_login[1]; |
|||
$result = "sendsms"; |
|||
} elseif (isset($_REQUEST["login"]) and $_REQUEST["login"]) { |
|||
$login = strval($_REQUEST["login"]); |
|||
} else { |
|||
$result = "emptysendsmsform"; |
|||
} |
|||
|
|||
# Check the entered username for characters that our installation doesn't support
|
|||
if ( $result === "" ) { |
|||
$result = check_username_validity($login,$login_forbidden_chars); |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Check captcha
|
|||
#==============================================================================
|
|||
if ( $result === "" && $use_captcha ) { |
|||
session_start(); |
|||
if ( !check_captcha($_SESSION['phrase'], $captchaphrase) ) { |
|||
$result = "badcaptcha"; |
|||
} |
|||
unset($_SESSION['phrase']); |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Check sms
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
|
|||
# Connect to LDAP
|
|||
$ldap = ldap_connect($ldap_url); |
|||
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); |
|||
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); |
|||
if ( $ldap_starttls && !ldap_start_tls($ldap) ) { |
|||
$result = "ldaperror"; |
|||
error_log("LDAP - Unable to use StartTLS"); |
|||
} else { |
|||
|
|||
# Bind
|
|||
if ( isset($ldap_binddn) && isset($ldap_bindpw) ) { |
|||
$bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw); |
|||
} else { |
|||
$bind = ldap_bind($ldap); |
|||
} |
|||
|
|||
if ( !$bind ) { |
|||
$result = "ldaperror"; |
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
error_log("LDAP - Bind error $errno (".ldap_error($ldap).")"); |
|||
} |
|||
} else { |
|||
|
|||
# Search for user
|
|||
$ldap_filter = str_replace("{login}", $login, $ldap_filter); |
|||
$search = ldap_search($ldap, $ldap_base, $ldap_filter); |
|||
|
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
$result = "ldaperror"; |
|||
error_log("LDAP - Search error $errno (".ldap_error($ldap).")"); |
|||
} else { |
|||
|
|||
# Get user DN
|
|||
$entry = ldap_first_entry($ldap, $search); |
|||
$userdn = ldap_get_dn($ldap, $entry); |
|||
|
|||
if( !$userdn ) { |
|||
$result = "badcredentials"; |
|||
error_log("LDAP - User $login not found"); |
|||
} |
|||
|
|||
# Get sms values
|
|||
$smsValues = ldap_get_values($ldap, $entry, $sms_attribute); |
|||
|
|||
# Check sms number
|
|||
if ( $smsValues["count"] > 0 ) { |
|||
$sms = $smsValues[0]; |
|||
if ( $sms_sanitize_number ) { |
|||
$sms = preg_replace('/[^0-9]/', '', $sms); |
|||
} |
|||
if ( $sms_truncate_number ) { |
|||
$sms = substr($sms, -$sms_truncate_number_length); |
|||
} |
|||
$smsdisplay = $sms; |
|||
if ( $sms_partially_hide_number ) { |
|||
$smsdisplay = substr_replace($sms, '****', 4 , 4); |
|||
} |
|||
} |
|||
|
|||
if ( !$sms ) { |
|||
$result = "smsnonumber"; |
|||
error_log("No SMS number found for user $login"); |
|||
} else { |
|||
$displayname = ldap_get_values($ldap, $entry, $ldap_fullname_attribute); |
|||
$encrypted_sms_login = encrypt("$sms:$login", $keyphrase); |
|||
$result = "smsuserfound"; |
|||
if ( $use_ratelimit ) { |
|||
if ( ! allowed_rate($login,$_SERVER[$client_ip_header],$rrl_config) ) { |
|||
$result = "throttle"; |
|||
error_log("LDAP - User $login too fast"); |
|||
} |
|||
} |
|||
} |
|||
|
|||
}}}} |
|||
|
|||
#==============================================================================
|
|||
# Generate sms token and send by sms
|
|||
#==============================================================================
|
|||
if ( $result === "sendsms" ) { |
|||
|
|||
# Generate sms token
|
|||
$smstoken = generate_sms_token($sms_token_length); |
|||
|
|||
# Create temporary session to avoid token replay
|
|||
ini_set("session.use_cookies",0); |
|||
ini_set("session.use_only_cookies",1); |
|||
|
|||
session_name("smstoken"); |
|||
session_start(); |
|||
$_SESSION['login'] = $login; |
|||
$_SESSION['smstoken'] = $smstoken; |
|||
$_SESSION['time'] = time(); |
|||
$_SESSION['attempts'] = 0; |
|||
|
|||
$data = array( "sms_attribute" => $sms, "smsresetmessage" => $messages['smsresetmessage'], "smstoken" => $smstoken) ; |
|||
|
|||
# Send message
|
|||
|
|||
if( !$sms_method ) { $sms_method = "mail"; } |
|||
|
|||
if ( $sms_method === "mail" ) { |
|||
|
|||
if ( send_mail($mailer, $smsmailto, $mail_from, $mail_from_name, $smsmail_subject, $sms_message, $data) ) { |
|||
$token = encrypt(session_id(), $keyphrase); |
|||
$result = "smssent"; |
|||
if ( !empty($reset_request_log) ) { |
|||
error_log("Send SMS code $smstoken by $sms_method to $sms\n\n", 3, $reset_request_log); |
|||
} else { |
|||
error_log("Send SMS code $smstoken by $sms_method to $sms"); |
|||
} |
|||
} else { |
|||
$result = "smsnotsent"; |
|||
error_log("Error while sending sms by $sms_method to $sms (user $login)"); |
|||
} |
|||
|
|||
} |
|||
|
|||
if ( $sms_method === "api" ) { |
|||
if (!$sms_api_lib) { |
|||
$result = "smsnotsent"; |
|||
error_log('No API library found, set $sms_api_lib in configuration.'); |
|||
} else { |
|||
include_once("../".$sms_api_lib); |
|||
$sms_message = str_replace('{smsresetmessage}', $messages['smsresetmessage'], $sms_message); |
|||
$sms_message = str_replace('{smstoken}', $smstoken, $sms_message); |
|||
if ( send_sms_by_api($sms, $sms_message) ) { |
|||
$token = encrypt(session_id(), $keyphrase); |
|||
$result = "smssent"; |
|||
if ( !empty($reset_request_log) ) { |
|||
error_log("Send SMS code $smstoken by $sms_method to $sms\n\n", 3, $reset_request_log); |
|||
} else { |
|||
error_log("Send SMS code $smstoken by $sms_method to $sms"); |
|||
} |
|||
} else { |
|||
$result = "smsnotsent"; |
|||
error_log("Error while sending sms by $sms_method to $sms (user $login)"); |
|||
} |
|||
} |
|||
} |
|||
|
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Build and store token
|
|||
#==============================================================================
|
|||
if ( $result === "buildtoken" ) { |
|||
|
|||
# Use PHP session to register token
|
|||
# We do not generate cookie
|
|||
ini_set("session.use_cookies",0); |
|||
ini_set("session.use_only_cookies",1); |
|||
|
|||
session_name("token"); |
|||
session_start(); |
|||
$_SESSION['login'] = $login; |
|||
$_SESSION['time'] = time(); |
|||
$_SESSION['smstoken'] = $smstoken; |
|||
|
|||
$token = encrypt(session_id(), $keyphrase); |
|||
|
|||
$result = "redirect"; |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Redirect to resetbytoken page
|
|||
#==============================================================================
|
|||
if ( $result === "redirect" ) { |
|||
|
|||
if ( empty($reset_url) ) { |
|||
|
|||
# Build reset by token URL
|
|||
$method = "http"; |
|||
if ( !empty($_SERVER['HTTPS']) ) { $method .= "s"; } |
|||
$server_name = $_SERVER['SERVER_NAME']; |
|||
$server_port = $_SERVER['SERVER_PORT']; |
|||
$script_name = $_SERVER['SCRIPT_NAME']; |
|||
|
|||
# Force server port if non standard port
|
|||
if ( ( $method === "http" and $server_port != "80" ) |
|||
or ( $method === "https" and $server_port != "443" ) |
|||
) { |
|||
$server_name .= ":".$server_port; |
|||
} |
|||
|
|||
$reset_url = $method."://".$server_name.$script_name; |
|||
} |
|||
|
|||
$reset_url .= "?action=resetbytoken&source=sms&token=".urlencode($token)."&smstoken=".urlencode($smstoken); |
|||
|
|||
if ( !empty($reset_request_log) ) { |
|||
error_log("Send reset URL " . ( $debug ? "$reset_url" : "HIDDEN") . "\n\n", 3, $reset_request_log); |
|||
} else { |
|||
error_log("Send reset URL " . ( $debug ? "$reset_url" : "HIDDEN") ); |
|||
} |
|||
|
|||
# Redirect
|
|||
header("Location: " . $reset_url); |
|||
exit; |
|||
} |
|||
@ -0,0 +1,192 @@ |
|||
<?php |
|||
#==============================================================================
|
|||
# LTB Self Service Password
|
|||
#
|
|||
# Copyright (C) 2009 Clement OUDOT
|
|||
# Copyright (C) 2009 LTB-project.org
|
|||
#
|
|||
# This program is free software; you can redistribute it and/or
|
|||
# modify it under the terms of the GNU General Public License
|
|||
# as published by the Free Software Foundation; either version 2
|
|||
# of the License, or (at your option) any later version.
|
|||
#
|
|||
# This program is distributed in the hope that it will be useful,
|
|||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|||
# GNU General Public License for more details.
|
|||
#
|
|||
# GPL License: http://www.gnu.org/licenses/gpl.txt
|
|||
#
|
|||
#==============================================================================
|
|||
|
|||
# This page is called to send a reset token by mail
|
|||
|
|||
#==============================================================================
|
|||
# POST parameters
|
|||
#==============================================================================
|
|||
# Initiate vars
|
|||
$result = ""; |
|||
$login = $presetLogin; |
|||
$email = ""; |
|||
$mail = ""; |
|||
$ldap = ""; |
|||
$userdn = ""; |
|||
$token = ""; |
|||
$usermail = ""; |
|||
$captchaphrase = ""; |
|||
|
|||
|
|||
if (!$mail_address_use_ldap) { |
|||
if (isset($_POST["mail"]) and $_POST["mail"]) { |
|||
$mail = strval($_POST["mail"]); |
|||
$usermail = strval($_POST["mail"]); |
|||
} elseif (isset($_GET["usermail"]) and $_GET["usermail"]) { |
|||
$usermail = strval($_GET["usermail"]); |
|||
$result = "checkdatabeforesubmit"; |
|||
} else { |
|||
$result = "mailrequired"; |
|||
} |
|||
} |
|||
if ($use_captcha) { |
|||
if (isset($_POST["captchaphrase"]) and $_POST["captchaphrase"]) { $captchaphrase = strval($_POST["captchaphrase"]); } |
|||
else { $result = "captcharequired"; } |
|||
} |
|||
|
|||
if (isset($_REQUEST["email"]) and $_REQUEST["email"]) { $email = strval($_REQUEST["email"]); } |
|||
else { $result = "emailrequired"; } |
|||
if (! isset($_POST["mail"]) and ! isset($_REQUEST["email"])) |
|||
{ $result = "emptysendtokenform"; } |
|||
|
|||
# Check the entered username for characters that our installation doesn't support
|
|||
if ( $result === "" ) { |
|||
$result = check_username_validity($login,$login_forbidden_chars); |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Check captcha
|
|||
#==============================================================================
|
|||
if ( $result === "" && $use_captcha ) { |
|||
session_start(); |
|||
if ( !check_captcha($_SESSION['phrase'], $captchaphrase) ) { |
|||
$result = "badcaptcha"; |
|||
} |
|||
unset($_SESSION['phrase']); |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Check mail
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
|
|||
# Connect to LDAP
|
|||
$ldap = ldap_connect($ldap_url); |
|||
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); |
|||
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); |
|||
if ( $ldap_starttls && !ldap_start_tls($ldap) ) { |
|||
$result = "ldaperror"; |
|||
error_log("LDAP - Unable to use StartTLS"); |
|||
} else { |
|||
|
|||
# Bind
|
|||
if ( isset($ldap_binddn) && isset($ldap_bindpw) ) { |
|||
$bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw); |
|||
} else { |
|||
$bind = ldap_bind($ldap); |
|||
} |
|||
|
|||
if ( !$bind ) { |
|||
$result = "ldaperror"; |
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
error_log("LDAP - Bind error $errno (".ldap_error($ldap).")"); |
|||
} |
|||
} else { |
|||
|
|||
# Search for user
|
|||
$ldap_filter = str_replace("{email}", $email, $ldap_filter); |
|||
$search = ldap_search($ldap, $ldap_base, $ldap_filter); |
|||
|
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
$result = "ldaperror"; |
|||
error_log("LDAP - Search error $errno (".ldap_error($ldap).")"); |
|||
} else { |
|||
|
|||
# Get user DN
|
|||
$entry = ldap_first_entry($ldap, $search); |
|||
$userdn = ldap_get_dn($ldap, $entry); |
|||
|
|||
if( !$userdn ) { |
|||
$result = "badcredentials"; |
|||
error_log("LDAP - User $login not found"); |
|||
} else { |
|||
# Compare mail values
|
|||
$login = ldap_get_values($ldap, $entry, "uid"); |
|||
|
|||
}}}}} |
|||
|
|||
#==============================================================================
|
|||
# Build and store token
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
|
|||
# Use PHP session to register token
|
|||
# We do not generate cookie
|
|||
ini_set("session.use_cookies",0); |
|||
ini_set("session.use_only_cookies",1); |
|||
|
|||
session_name("token"); |
|||
session_start(); |
|||
$_SESSION['login'] = $login[0]; |
|||
$_SESSION['time'] = time(); |
|||
|
|||
if ( $crypt_tokens ) { |
|||
$token = encrypt(session_id(), $keyphrase); |
|||
} else { |
|||
$token = session_id(); |
|||
} |
|||
|
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Send token by mail
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
|
|||
if ( empty($reset_url) ) { |
|||
|
|||
# Build reset by token URL
|
|||
$method = "http"; |
|||
if ( !empty($_SERVER['HTTPS']) ) { $method .= "s"; } |
|||
$server_name = $_SERVER['SERVER_NAME']; |
|||
$server_port = $_SERVER['SERVER_PORT']; |
|||
$script_name = $_SERVER['SCRIPT_NAME']; |
|||
|
|||
# Force server port if non standard port
|
|||
if ( ( $method === "http" and $server_port != "80" ) |
|||
or ( $method === "https" and $server_port != "443" ) |
|||
) { |
|||
$server_name .= ":".$server_port; |
|||
} |
|||
|
|||
$reset_url = $method."://".$server_name.$script_name; |
|||
} |
|||
|
|||
$reset_url .= "?action=resetbytoken&token=".urlencode($token); |
|||
|
|||
if ( !empty($reset_request_log) ) { |
|||
error_log("Send reset URL " . ( $debug ? "$reset_url" : "HIDDEN") . "\n\n", 3, $reset_request_log); |
|||
} else { |
|||
error_log("Send reset URL " . ( $debug ? "$reset_url" : "HIDDEN")); |
|||
} |
|||
|
|||
$data = array( "login" => $login, "mail" => $email, "url" => $reset_url ) ; |
|||
|
|||
# Send message
|
|||
if ( send_mail($mailer, $email, $mail_from, $mail_from_name, $messages["resetsubject"], $messages["resetmessage"].$mail_signature, $data) ) { |
|||
$result = "tokensent"; |
|||
} else { |
|||
$result = "tokennotsent"; |
|||
error_log("Error while sending token to $email (user $login)"); |
|||
} |
|||
} |
|||
@ -0,0 +1,226 @@ |
|||
<?php |
|||
#==============================================================================
|
|||
# LTB Self Service Password
|
|||
#
|
|||
# Copyright (C) 2009 Clement OUDOT
|
|||
# Copyright (C) 2009 LTB-project.org
|
|||
#
|
|||
# This program is free software; you can redistribute it and/or
|
|||
# modify it under the terms of the GNU General Public License
|
|||
# as published by the Free Software Foundation; either version 2
|
|||
# of the License, or (at your option) any later version.
|
|||
#
|
|||
# This program is distributed in the hope that it will be useful,
|
|||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|||
# GNU General Public License for more details.
|
|||
#
|
|||
# GPL License: http://www.gnu.org/licenses/gpl.txt
|
|||
#
|
|||
#==============================================================================
|
|||
|
|||
# This page is called to set answers for a user
|
|||
|
|||
#==============================================================================
|
|||
# POST parameters
|
|||
#==============================================================================
|
|||
# Initiate vars
|
|||
$result = ""; |
|||
$login = $presetLogin; |
|||
$password = ""; |
|||
$question = []; |
|||
$answer = []; |
|||
$ldap = ""; |
|||
$userdn = ""; |
|||
$questions_count = $multiple_answers ? $questions_count : 1; |
|||
$captchaphrase = ""; |
|||
|
|||
# Use arrays for question/answer, to accommodate multiple questions on the same page
|
|||
if (isset($_POST["answer"]) and $_POST["answer"]) { |
|||
if ($questions_count > 1) { |
|||
$answer = $_POST["answer"]; |
|||
if (in_array('', $answer)) { |
|||
$result = "answerrequired"; |
|||
} |
|||
} else { |
|||
$answer[0] = strval($_POST["answer"]); |
|||
} |
|||
} else { |
|||
$result = "answerrequired"; |
|||
} |
|||
if (isset($_POST["question"]) and $_POST["question"]) { |
|||
if ($questions_count > 1) { |
|||
$question = $_POST["question"]; |
|||
if (in_array('', $question)) { |
|||
$result = "questionrequired"; |
|||
} |
|||
} else { |
|||
$question[0] = strval($_POST["question"]); |
|||
} |
|||
} else { |
|||
$result = "questionrequired"; |
|||
} |
|||
if ($use_captcha) { |
|||
if (isset($_POST["captchaphrase"]) and $_POST["captchaphrase"]) { $captchaphrase = strval($_POST["captchaphrase"]); } |
|||
else { $result = "captcharequired"; } |
|||
} |
|||
if (isset($_POST["password"]) and $_POST["password"]) { $password = strval($_POST["password"]); } |
|||
else { $result = "passwordrequired"; } |
|||
if (isset($_REQUEST["login"]) and $_REQUEST["login"]) { $login = strval($_REQUEST["login"]); } |
|||
else { $result = "loginrequired"; } |
|||
if (! isset($_POST["answer"]) and ! isset($_POST["question"]) and ! isset($_POST["password"]) and ! isset($_REQUEST["login"])) |
|||
{ $result = "emptysetquestionsform"; } |
|||
|
|||
# Check the entered username for characters that our installation doesn't support
|
|||
if ( $result === "" ) { |
|||
$result = check_username_validity($login,$login_forbidden_chars); |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Check captcha
|
|||
#==============================================================================
|
|||
if ( $result === "" && $use_captcha ) { |
|||
session_start(); |
|||
if ( !check_captcha($_SESSION['phrase'], $captchaphrase) ) { |
|||
$result = "badcaptcha"; |
|||
} |
|||
unset($_SESSION['phrase']); |
|||
} |
|||
|
|||
#==============================================================================
|
|||
# Check password
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
|
|||
# Connect to LDAP
|
|||
$ldap = ldap_connect($ldap_url); |
|||
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); |
|||
ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); |
|||
if ( $ldap_starttls && !ldap_start_tls($ldap) ) { |
|||
$result = "ldaperror"; |
|||
error_log("LDAP - Unable to use StartTLS"); |
|||
} else { |
|||
|
|||
# Bind
|
|||
if ( isset($ldap_binddn) && isset($ldap_bindpw) ) { |
|||
$bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw); |
|||
} else { |
|||
$bind = ldap_bind($ldap); |
|||
} |
|||
|
|||
if ( !$bind ) { |
|||
$result = "ldaperror"; |
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
error_log("LDAP - Bind error $errno (".ldap_error($ldap).")"); |
|||
} |
|||
} else { |
|||
|
|||
# Search for user
|
|||
$ldap_filter = str_replace("{login}", $login, $ldap_filter); |
|||
$search = ldap_search($ldap, $ldap_base, $ldap_filter); |
|||
|
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
$result = "ldaperror"; |
|||
error_log("LDAP - Search error $errno (".ldap_error($ldap).")"); |
|||
} else { |
|||
|
|||
# Get user DN
|
|||
$entry = ldap_first_entry($ldap, $search); |
|||
$userdn = ldap_get_dn($ldap, $entry); |
|||
|
|||
if( !$userdn ) { |
|||
$result = "badcredentials"; |
|||
error_log("LDAP - User $login not found"); |
|||
} else { |
|||
|
|||
# Bind with password
|
|||
$bind = ldap_bind($ldap, $userdn, $password); |
|||
if ( !$bind ) { |
|||
$result = "badcredentials"; |
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
error_log("LDAP - Bind user error $errno (".ldap_error($ldap).")"); |
|||
} |
|||
}}}}}} |
|||
|
|||
#==============================================================================
|
|||
# Register answer
|
|||
#==============================================================================
|
|||
if ( $result === "" ) { |
|||
|
|||
# Rebind as Manager if needed
|
|||
if ( $who_change_password == "manager" ) { |
|||
$bind = ldap_bind($ldap, $ldap_binddn, $ldap_bindpw); |
|||
} |
|||
|
|||
# Check objectClass presence and pull back previous answers.
|
|||
$search = ldap_search($ldap, $userdn, "(objectClass=*)", array("objectClass", $answer_attribute) ); |
|||
|
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
$result = "ldaperror"; |
|||
error_log("LDAP - Search error $errno (".ldap_error($ldap).")"); |
|||
} else { |
|||
|
|||
# Get objectClass values from user entry
|
|||
$entry = ldap_first_entry($ldap, $search); |
|||
$ocValues = ldap_get_values($ldap, $entry, "objectClass"); |
|||
|
|||
# Remove 'count' key
|
|||
unset($ocValues["count"]); |
|||
|
|||
$aValues = ldap_get_values($ldap, $entry, $answer_attribute ); |
|||
# Remove 'count' key
|
|||
unset($aValues["count"]); |
|||
|
|||
if ($multiple_answers and $multiple_answers_one_str) { |
|||
# Unpack multiple questions/answers
|
|||
$aValues = is_array($aValues) ? str_getcsv($aValues[0]) : array(); |
|||
} |
|||
|
|||
if (! in_array( $answer_objectClass, $ocValues ) ) { |
|||
|
|||
# Answer objectClass is not present, add it
|
|||
array_push($ocValues, $answer_objectClass ); |
|||
$ocValues = array_values( $ocValues ); |
|||
$userdata["objectClass"] = $ocValues; |
|||
} |
|||
|
|||
$i = 0; |
|||
while ($i < $questions_count) { |
|||
$answer_value = '{'.$question[$i].'}'.$answer[$i]; |
|||
$answers[$i++] = $crypt_answers ? encrypt($answer_value, $keyphrase) : $answer_value; |
|||
} |
|||
|
|||
# Do we need to process multiple answers on this request?
|
|||
if ($aValues != NULL && $multiple_answers == true ) { |
|||
# Now determine if this answer has already been registered. If yes, don't add to the answer array.
|
|||
$pattern = "/^\{(.+?)\}/i"; |
|||
# Examine each previous question registered and look for matches.
|
|||
foreach ( $aValues as $key => $answer_encrypt ) { |
|||
$value = $crypt_answers ? decrypt($answer_encrypt, $keyphrase) : $answer_encrypt; |
|||
if (!(preg_match($pattern, $value, $matched) and in_array($matched[1], $question))) { |
|||
$answers[$i++] = $answer_encrypt; |
|||
} |
|||
} |
|||
} |
|||
|
|||
if ($multiple_answers and $multiple_answers_one_str) { |
|||
# Pack multiple questions/answers - works whether encrypted or not
|
|||
$userdata[$answer_attribute][0] = str_putcsv($answers); |
|||
} else { |
|||
$userdata[$answer_attribute] = $answers; |
|||
} |
|||
$replace = ldap_mod_replace($ldap, $userdn , $userdata); |
|||
|
|||
$errno = ldap_errno($ldap); |
|||
if ( $errno ) { |
|||
$result = "answermoderror"; |
|||
error_log("LDAP - Modify answer (error $errno (".ldap_error($ldap).")"); |
|||
} else { |
|||
$result = "answerchanged"; |
|||
} |
|||
|
|||
}} |
|||
1
www/htdocs/vendor/bootstrap/css/bootstrap-theme.css.map
File diff suppressed because it is too large
View File
File diff suppressed because it is too large
View File
5
www/htdocs/vendor/bootstrap/css/bootstrap-theme.min.css
File diff suppressed because it is too large
View File
File diff suppressed because it is too large
View File
1
www/htdocs/vendor/bootstrap/css/bootstrap.css.map
File diff suppressed because it is too large
View File
File diff suppressed because it is too large
View File
5
www/htdocs/vendor/bootstrap/css/bootstrap.min.css
File diff suppressed because it is too large
View File
File diff suppressed because it is too large
View File
@ -0,0 +1,288 @@ |
|||
<?xml version="1.0" standalone="no"?> |
|||
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd" > |
|||
<svg xmlns="http://www.w3.org/2000/svg"> |
|||
<metadata></metadata> |
|||
<defs> |
|||
<font id="glyphicons_halflingsregular" horiz-adv-x="1200" > |
|||
<font-face units-per-em="1200" ascent="960" descent="-240" /> |
|||
<missing-glyph horiz-adv-x="500" /> |
|||
<glyph horiz-adv-x="0" /> |
|||
<glyph horiz-adv-x="400" /> |
|||
<glyph unicode=" " /> |
|||
<glyph unicode="*" d="M600 1100q15 0 34 -1.5t30 -3.5l11 -1q10 -2 17.5 -10.5t7.5 -18.5v-224l158 158q7 7 18 8t19 -6l106 -106q7 -8 6 -19t-8 -18l-158 -158h224q10 0 18.5 -7.5t10.5 -17.5q6 -41 6 -75q0 -15 -1.5 -34t-3.5 -30l-1 -11q-2 -10 -10.5 -17.5t-18.5 -7.5h-224l158 -158 q7 -7 8 -18t-6 -19l-106 -106q-8 -7 -19 -6t-18 8l-158 158v-224q0 -10 -7.5 -18.5t-17.5 -10.5q-41 -6 -75 -6q-15 0 -34 1.5t-30 3.5l-11 1q-10 2 -17.5 10.5t-7.5 18.5v224l-158 -158q-7 -7 -18 -8t-19 6l-106 106q-7 8 -6 19t8 18l158 158h-224q-10 0 -18.5 7.5 t-10.5 17.5q-6 41 -6 75q0 15 1.5 34t3.5 30l1 11q2 10 10.5 17.5t18.5 7.5h224l-158 158q-7 7 -8 18t6 19l106 106q8 7 19 6t18 -8l158 -158v224q0 10 7.5 18.5t17.5 10.5q41 6 75 6z" /> |
|||
<glyph unicode="+" d="M450 1100h200q21 0 35.5 -14.5t14.5 -35.5v-350h350q21 0 35.5 -14.5t14.5 -35.5v-200q0 -21 -14.5 -35.5t-35.5 -14.5h-350v-350q0 -21 -14.5 -35.5t-35.5 -14.5h-200q-21 0 -35.5 14.5t-14.5 35.5v350h-350q-21 0 -35.5 14.5t-14.5 35.5v200q0 21 14.5 35.5t35.5 14.5 h350v350q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode=" " /> |
|||
<glyph unicode="¥" d="M825 1100h250q10 0 12.5 -5t-5.5 -13l-364 -364q-6 -6 -11 -18h268q10 0 13 -6t-3 -14l-120 -160q-6 -8 -18 -14t-22 -6h-125v-100h275q10 0 13 -6t-3 -14l-120 -160q-6 -8 -18 -14t-22 -6h-125v-174q0 -11 -7.5 -18.5t-18.5 -7.5h-148q-11 0 -18.5 7.5t-7.5 18.5v174 h-275q-10 0 -13 6t3 14l120 160q6 8 18 14t22 6h125v100h-275q-10 0 -13 6t3 14l120 160q6 8 18 14t22 6h118q-5 12 -11 18l-364 364q-8 8 -5.5 13t12.5 5h250q25 0 43 -18l164 -164q8 -8 18 -8t18 8l164 164q18 18 43 18z" /> |
|||
<glyph unicode=" " horiz-adv-x="650" /> |
|||
<glyph unicode=" " horiz-adv-x="1300" /> |
|||
<glyph unicode=" " horiz-adv-x="650" /> |
|||
<glyph unicode=" " horiz-adv-x="1300" /> |
|||
<glyph unicode=" " horiz-adv-x="433" /> |
|||
<glyph unicode=" " horiz-adv-x="325" /> |
|||
<glyph unicode=" " horiz-adv-x="216" /> |
|||
<glyph unicode=" " horiz-adv-x="216" /> |
|||
<glyph unicode=" " horiz-adv-x="162" /> |
|||
<glyph unicode=" " horiz-adv-x="260" /> |
|||
<glyph unicode=" " horiz-adv-x="72" /> |
|||
<glyph unicode=" " horiz-adv-x="260" /> |
|||
<glyph unicode=" " horiz-adv-x="325" /> |
|||
<glyph unicode="€" d="M744 1198q242 0 354 -189q60 -104 66 -209h-181q0 45 -17.5 82.5t-43.5 61.5t-58 40.5t-60.5 24t-51.5 7.5q-19 0 -40.5 -5.5t-49.5 -20.5t-53 -38t-49 -62.5t-39 -89.5h379l-100 -100h-300q-6 -50 -6 -100h406l-100 -100h-300q9 -74 33 -132t52.5 -91t61.5 -54.5t59 -29 t47 -7.5q22 0 50.5 7.5t60.5 24.5t58 41t43.5 61t17.5 80h174q-30 -171 -128 -278q-107 -117 -274 -117q-206 0 -324 158q-36 48 -69 133t-45 204h-217l100 100h112q1 47 6 100h-218l100 100h134q20 87 51 153.5t62 103.5q117 141 297 141z" /> |
|||
<glyph unicode="₽" d="M428 1200h350q67 0 120 -13t86 -31t57 -49.5t35 -56.5t17 -64.5t6.5 -60.5t0.5 -57v-16.5v-16.5q0 -36 -0.5 -57t-6.5 -61t-17 -65t-35 -57t-57 -50.5t-86 -31.5t-120 -13h-178l-2 -100h288q10 0 13 -6t-3 -14l-120 -160q-6 -8 -18 -14t-22 -6h-138v-175q0 -11 -5.5 -18 t-15.5 -7h-149q-10 0 -17.5 7.5t-7.5 17.5v175h-267q-10 0 -13 6t3 14l120 160q6 8 18 14t22 6h117v100h-267q-10 0 -13 6t3 14l120 160q6 8 18 14t22 6h117v475q0 10 7.5 17.5t17.5 7.5zM600 1000v-300h203q64 0 86.5 33t22.5 119q0 84 -22.5 116t-86.5 32h-203z" /> |
|||
<glyph unicode="−" d="M250 700h800q21 0 35.5 -14.5t14.5 -35.5v-200q0 -21 -14.5 -35.5t-35.5 -14.5h-800q-21 0 -35.5 14.5t-14.5 35.5v200q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="⌛" d="M1000 1200v-150q0 -21 -14.5 -35.5t-35.5 -14.5h-50v-100q0 -91 -49.5 -165.5t-130.5 -109.5q81 -35 130.5 -109.5t49.5 -165.5v-150h50q21 0 35.5 -14.5t14.5 -35.5v-150h-800v150q0 21 14.5 35.5t35.5 14.5h50v150q0 91 49.5 165.5t130.5 109.5q-81 35 -130.5 109.5 t-49.5 165.5v100h-50q-21 0 -35.5 14.5t-14.5 35.5v150h800zM400 1000v-100q0 -60 32.5 -109.5t87.5 -73.5q28 -12 44 -37t16 -55t-16 -55t-44 -37q-55 -24 -87.5 -73.5t-32.5 -109.5v-150h400v150q0 60 -32.5 109.5t-87.5 73.5q-28 12 -44 37t-16 55t16 55t44 37 q55 24 87.5 73.5t32.5 109.5v100h-400z" /> |
|||
<glyph unicode="◼" horiz-adv-x="500" d="M0 0z" /> |
|||
<glyph unicode="☁" d="M503 1089q110 0 200.5 -59.5t134.5 -156.5q44 14 90 14q120 0 205 -86.5t85 -206.5q0 -121 -85 -207.5t-205 -86.5h-750q-79 0 -135.5 57t-56.5 137q0 69 42.5 122.5t108.5 67.5q-2 12 -2 37q0 153 108 260.5t260 107.5z" /> |
|||
<glyph unicode="⛺" d="M774 1193.5q16 -9.5 20.5 -27t-5.5 -33.5l-136 -187l467 -746h30q20 0 35 -18.5t15 -39.5v-42h-1200v42q0 21 15 39.5t35 18.5h30l468 746l-135 183q-10 16 -5.5 34t20.5 28t34 5.5t28 -20.5l111 -148l112 150q9 16 27 20.5t34 -5zM600 200h377l-182 112l-195 534v-646z " /> |
|||
<glyph unicode="✉" d="M25 1100h1150q10 0 12.5 -5t-5.5 -13l-564 -567q-8 -8 -18 -8t-18 8l-564 567q-8 8 -5.5 13t12.5 5zM18 882l264 -264q8 -8 8 -18t-8 -18l-264 -264q-8 -8 -13 -5.5t-5 12.5v550q0 10 5 12.5t13 -5.5zM918 618l264 264q8 8 13 5.5t5 -12.5v-550q0 -10 -5 -12.5t-13 5.5 l-264 264q-8 8 -8 18t8 18zM818 482l364 -364q8 -8 5.5 -13t-12.5 -5h-1150q-10 0 -12.5 5t5.5 13l364 364q8 8 18 8t18 -8l164 -164q8 -8 18 -8t18 8l164 164q8 8 18 8t18 -8z" /> |
|||
<glyph unicode="✏" d="M1011 1210q19 0 33 -13l153 -153q13 -14 13 -33t-13 -33l-99 -92l-214 214l95 96q13 14 32 14zM1013 800l-615 -614l-214 214l614 614zM317 96l-333 -112l110 335z" /> |
|||
<glyph unicode="" d="M700 650v-550h250q21 0 35.5 -14.5t14.5 -35.5v-50h-800v50q0 21 14.5 35.5t35.5 14.5h250v550l-500 550h1200z" /> |
|||
<glyph unicode="" d="M368 1017l645 163q39 15 63 0t24 -49v-831q0 -55 -41.5 -95.5t-111.5 -63.5q-79 -25 -147 -4.5t-86 75t25.5 111.5t122.5 82q72 24 138 8v521l-600 -155v-606q0 -42 -44 -90t-109 -69q-79 -26 -147 -5.5t-86 75.5t25.5 111.5t122.5 82.5q72 24 138 7v639q0 38 14.5 59 t53.5 34z" /> |
|||
<glyph unicode="" d="M500 1191q100 0 191 -39t156.5 -104.5t104.5 -156.5t39 -191l-1 -2l1 -5q0 -141 -78 -262l275 -274q23 -26 22.5 -44.5t-22.5 -42.5l-59 -58q-26 -20 -46.5 -20t-39.5 20l-275 274q-119 -77 -261 -77l-5 1l-2 -1q-100 0 -191 39t-156.5 104.5t-104.5 156.5t-39 191 t39 191t104.5 156.5t156.5 104.5t191 39zM500 1022q-88 0 -162 -43t-117 -117t-43 -162t43 -162t117 -117t162 -43t162 43t117 117t43 162t-43 162t-117 117t-162 43z" /> |
|||
<glyph unicode="" d="M649 949q48 68 109.5 104t121.5 38.5t118.5 -20t102.5 -64t71 -100.5t27 -123q0 -57 -33.5 -117.5t-94 -124.5t-126.5 -127.5t-150 -152.5t-146 -174q-62 85 -145.5 174t-150 152.5t-126.5 127.5t-93.5 124.5t-33.5 117.5q0 64 28 123t73 100.5t104 64t119 20 t120.5 -38.5t104.5 -104z" /> |
|||
<glyph unicode="" d="M407 800l131 353q7 19 17.5 19t17.5 -19l129 -353h421q21 0 24 -8.5t-14 -20.5l-342 -249l130 -401q7 -20 -0.5 -25.5t-24.5 6.5l-343 246l-342 -247q-17 -12 -24.5 -6.5t-0.5 25.5l130 400l-347 251q-17 12 -14 20.5t23 8.5h429z" /> |
|||
<glyph unicode="" d="M407 800l131 353q7 19 17.5 19t17.5 -19l129 -353h421q21 0 24 -8.5t-14 -20.5l-342 -249l130 -401q7 -20 -0.5 -25.5t-24.5 6.5l-343 246l-342 -247q-17 -12 -24.5 -6.5t-0.5 25.5l130 400l-347 251q-17 12 -14 20.5t23 8.5h429zM477 700h-240l197 -142l-74 -226 l193 139l195 -140l-74 229l192 140h-234l-78 211z" /> |
|||
<glyph unicode="" d="M600 1200q124 0 212 -88t88 -212v-250q0 -46 -31 -98t-69 -52v-75q0 -10 6 -21.5t15 -17.5l358 -230q9 -5 15 -16.5t6 -21.5v-93q0 -10 -7.5 -17.5t-17.5 -7.5h-1150q-10 0 -17.5 7.5t-7.5 17.5v93q0 10 6 21.5t15 16.5l358 230q9 6 15 17.5t6 21.5v75q-38 0 -69 52 t-31 98v250q0 124 88 212t212 88z" /> |
|||
<glyph unicode="" d="M25 1100h1150q10 0 17.5 -7.5t7.5 -17.5v-1050q0 -10 -7.5 -17.5t-17.5 -7.5h-1150q-10 0 -17.5 7.5t-7.5 17.5v1050q0 10 7.5 17.5t17.5 7.5zM100 1000v-100h100v100h-100zM875 1000h-550q-10 0 -17.5 -7.5t-7.5 -17.5v-350q0 -10 7.5 -17.5t17.5 -7.5h550 q10 0 17.5 7.5t7.5 17.5v350q0 10 -7.5 17.5t-17.5 7.5zM1000 1000v-100h100v100h-100zM100 800v-100h100v100h-100zM1000 800v-100h100v100h-100zM100 600v-100h100v100h-100zM1000 600v-100h100v100h-100zM875 500h-550q-10 0 -17.5 -7.5t-7.5 -17.5v-350q0 -10 7.5 -17.5 t17.5 -7.5h550q10 0 17.5 7.5t7.5 17.5v350q0 10 -7.5 17.5t-17.5 7.5zM100 400v-100h100v100h-100zM1000 400v-100h100v100h-100zM100 200v-100h100v100h-100zM1000 200v-100h100v100h-100z" /> |
|||
<glyph unicode="" d="M50 1100h400q21 0 35.5 -14.5t14.5 -35.5v-400q0 -21 -14.5 -35.5t-35.5 -14.5h-400q-21 0 -35.5 14.5t-14.5 35.5v400q0 21 14.5 35.5t35.5 14.5zM650 1100h400q21 0 35.5 -14.5t14.5 -35.5v-400q0 -21 -14.5 -35.5t-35.5 -14.5h-400q-21 0 -35.5 14.5t-14.5 35.5v400 q0 21 14.5 35.5t35.5 14.5zM50 500h400q21 0 35.5 -14.5t14.5 -35.5v-400q0 -21 -14.5 -35.5t-35.5 -14.5h-400q-21 0 -35.5 14.5t-14.5 35.5v400q0 21 14.5 35.5t35.5 14.5zM650 500h400q21 0 35.5 -14.5t14.5 -35.5v-400q0 -21 -14.5 -35.5t-35.5 -14.5h-400 q-21 0 -35.5 14.5t-14.5 35.5v400q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M50 1100h200q21 0 35.5 -14.5t14.5 -35.5v-200q0 -21 -14.5 -35.5t-35.5 -14.5h-200q-21 0 -35.5 14.5t-14.5 35.5v200q0 21 14.5 35.5t35.5 14.5zM450 1100h200q21 0 35.5 -14.5t14.5 -35.5v-200q0 -21 -14.5 -35.5t-35.5 -14.5h-200q-21 0 -35.5 14.5t-14.5 35.5v200 q0 21 14.5 35.5t35.5 14.5zM850 1100h200q21 0 35.5 -14.5t14.5 -35.5v-200q0 -21 -14.5 -35.5t-35.5 -14.5h-200q-21 0 -35.5 14.5t-14.5 35.5v200q0 21 14.5 35.5t35.5 14.5zM50 700h200q21 0 35.5 -14.5t14.5 -35.5v-200q0 -21 -14.5 -35.5t-35.5 -14.5h-200 q-21 0 -35.5 14.5t-14.5 35.5v200q0 21 14.5 35.5t35.5 14.5zM450 700h200q21 0 35.5 -14.5t14.5 -35.5v-200q0 -21 -14.5 -35.5t-35.5 -14.5h-200q-21 0 -35.5 14.5t-14.5 35.5v200q0 21 14.5 35.5t35.5 14.5zM850 700h200q21 0 35.5 -14.5t14.5 -35.5v-200 q0 -21 -14.5 -35.5t-35.5 -14.5h-200q-21 0 -35.5 14.5t-14.5 35.5v200q0 21 14.5 35.5t35.5 14.5zM50 300h200q21 0 35.5 -14.5t14.5 -35.5v-200q0 -21 -14.5 -35.5t-35.5 -14.5h-200q-21 0 -35.5 14.5t-14.5 35.5v200q0 21 14.5 35.5t35.5 14.5zM450 300h200 q21 0 35.5 -14.5t14.5 -35.5v-200q0 -21 -14.5 -35.5t-35.5 -14.5h-200q-21 0 -35.5 14.5t-14.5 35.5v200q0 21 14.5 35.5t35.5 14.5zM850 300h200q21 0 35.5 -14.5t14.5 -35.5v-200q0 -21 -14.5 -35.5t-35.5 -14.5h-200q-21 0 -35.5 14.5t-14.5 35.5v200q0 21 14.5 35.5 t35.5 14.5z" /> |
|||
<glyph unicode="" d="M50 1100h200q21 0 35.5 -14.5t14.5 -35.5v-200q0 -21 -14.5 -35.5t-35.5 -14.5h-200q-21 0 -35.5 14.5t-14.5 35.5v200q0 21 14.5 35.5t35.5 14.5zM450 1100h700q21 0 35.5 -14.5t14.5 -35.5v-200q0 -21 -14.5 -35.5t-35.5 -14.5h-700q-21 0 -35.5 14.5t-14.5 35.5v200 q0 21 14.5 35.5t35.5 14.5zM50 700h200q21 0 35.5 -14.5t14.5 -35.5v-200q0 -21 -14.5 -35.5t-35.5 -14.5h-200q-21 0 -35.5 14.5t-14.5 35.5v200q0 21 14.5 35.5t35.5 14.5zM450 700h700q21 0 35.5 -14.5t14.5 -35.5v-200q0 -21 -14.5 -35.5t-35.5 -14.5h-700 q-21 0 -35.5 14.5t-14.5 35.5v200q0 21 14.5 35.5t35.5 14.5zM50 300h200q21 0 35.5 -14.5t14.5 -35.5v-200q0 -21 -14.5 -35.5t-35.5 -14.5h-200q-21 0 -35.5 14.5t-14.5 35.5v200q0 21 14.5 35.5t35.5 14.5zM450 300h700q21 0 35.5 -14.5t14.5 -35.5v-200 q0 -21 -14.5 -35.5t-35.5 -14.5h-700q-21 0 -35.5 14.5t-14.5 35.5v200q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M465 477l571 571q8 8 18 8t17 -8l177 -177q8 -7 8 -17t-8 -18l-783 -784q-7 -8 -17.5 -8t-17.5 8l-384 384q-8 8 -8 18t8 17l177 177q7 8 17 8t18 -8l171 -171q7 -7 18 -7t18 7z" /> |
|||
<glyph unicode="" d="M904 1083l178 -179q8 -8 8 -18.5t-8 -17.5l-267 -268l267 -268q8 -7 8 -17.5t-8 -18.5l-178 -178q-8 -8 -18.5 -8t-17.5 8l-268 267l-268 -267q-7 -8 -17.5 -8t-18.5 8l-178 178q-8 8 -8 18.5t8 17.5l267 268l-267 268q-8 7 -8 17.5t8 18.5l178 178q8 8 18.5 8t17.5 -8 l268 -267l268 268q7 7 17.5 7t18.5 -7z" /> |
|||
<glyph unicode="" d="M507 1177q98 0 187.5 -38.5t154.5 -103.5t103.5 -154.5t38.5 -187.5q0 -141 -78 -262l300 -299q8 -8 8 -18.5t-8 -18.5l-109 -108q-7 -8 -17.5 -8t-18.5 8l-300 299q-119 -77 -261 -77q-98 0 -188 38.5t-154.5 103t-103 154.5t-38.5 188t38.5 187.5t103 154.5 t154.5 103.5t188 38.5zM506.5 1023q-89.5 0 -165.5 -44t-120 -120.5t-44 -166t44 -165.5t120 -120t165.5 -44t166 44t120.5 120t44 165.5t-44 166t-120.5 120.5t-166 44zM425 900h150q10 0 17.5 -7.5t7.5 -17.5v-75h75q10 0 17.5 -7.5t7.5 -17.5v-150q0 -10 -7.5 -17.5 t-17.5 -7.5h-75v-75q0 -10 -7.5 -17.5t-17.5 -7.5h-150q-10 0 -17.5 7.5t-7.5 17.5v75h-75q-10 0 -17.5 7.5t-7.5 17.5v150q0 10 7.5 17.5t17.5 7.5h75v75q0 10 7.5 17.5t17.5 7.5z" /> |
|||
<glyph unicode="" d="M507 1177q98 0 187.5 -38.5t154.5 -103.5t103.5 -154.5t38.5 -187.5q0 -141 -78 -262l300 -299q8 -8 8 -18.5t-8 -18.5l-109 -108q-7 -8 -17.5 -8t-18.5 8l-300 299q-119 -77 -261 -77q-98 0 -188 38.5t-154.5 103t-103 154.5t-38.5 188t38.5 187.5t103 154.5 t154.5 103.5t188 38.5zM506.5 1023q-89.5 0 -165.5 -44t-120 -120.5t-44 -166t44 -165.5t120 -120t165.5 -44t166 44t120.5 120t44 165.5t-44 166t-120.5 120.5t-166 44zM325 800h350q10 0 17.5 -7.5t7.5 -17.5v-150q0 -10 -7.5 -17.5t-17.5 -7.5h-350q-10 0 -17.5 7.5 t-7.5 17.5v150q0 10 7.5 17.5t17.5 7.5z" /> |
|||
<glyph unicode="" d="M550 1200h100q21 0 35.5 -14.5t14.5 -35.5v-400q0 -21 -14.5 -35.5t-35.5 -14.5h-100q-21 0 -35.5 14.5t-14.5 35.5v400q0 21 14.5 35.5t35.5 14.5zM800 975v166q167 -62 272 -209.5t105 -331.5q0 -117 -45.5 -224t-123 -184.5t-184.5 -123t-224 -45.5t-224 45.5 t-184.5 123t-123 184.5t-45.5 224q0 184 105 331.5t272 209.5v-166q-103 -55 -165 -155t-62 -220q0 -116 57 -214.5t155.5 -155.5t214.5 -57t214.5 57t155.5 155.5t57 214.5q0 120 -62 220t-165 155z" /> |
|||
<glyph unicode="" d="M1025 1200h150q10 0 17.5 -7.5t7.5 -17.5v-1150q0 -10 -7.5 -17.5t-17.5 -7.5h-150q-10 0 -17.5 7.5t-7.5 17.5v1150q0 10 7.5 17.5t17.5 7.5zM725 800h150q10 0 17.5 -7.5t7.5 -17.5v-750q0 -10 -7.5 -17.5t-17.5 -7.5h-150q-10 0 -17.5 7.5t-7.5 17.5v750 q0 10 7.5 17.5t17.5 7.5zM425 500h150q10 0 17.5 -7.5t7.5 -17.5v-450q0 -10 -7.5 -17.5t-17.5 -7.5h-150q-10 0 -17.5 7.5t-7.5 17.5v450q0 10 7.5 17.5t17.5 7.5zM125 300h150q10 0 17.5 -7.5t7.5 -17.5v-250q0 -10 -7.5 -17.5t-17.5 -7.5h-150q-10 0 -17.5 7.5t-7.5 17.5 v250q0 10 7.5 17.5t17.5 7.5z" /> |
|||
<glyph unicode="" d="M600 1174q33 0 74 -5l38 -152l5 -1q49 -14 94 -39l5 -2l134 80q61 -48 104 -105l-80 -134l3 -5q25 -44 39 -93l1 -6l152 -38q5 -43 5 -73q0 -34 -5 -74l-152 -38l-1 -6q-15 -49 -39 -93l-3 -5l80 -134q-48 -61 -104 -105l-134 81l-5 -3q-44 -25 -94 -39l-5 -2l-38 -151 q-43 -5 -74 -5q-33 0 -74 5l-38 151l-5 2q-49 14 -94 39l-5 3l-134 -81q-60 48 -104 105l80 134l-3 5q-25 45 -38 93l-2 6l-151 38q-6 42 -6 74q0 33 6 73l151 38l2 6q13 48 38 93l3 5l-80 134q47 61 105 105l133 -80l5 2q45 25 94 39l5 1l38 152q43 5 74 5zM600 815 q-89 0 -152 -63t-63 -151.5t63 -151.5t152 -63t152 63t63 151.5t-63 151.5t-152 63z" /> |
|||
<glyph unicode="" d="M500 1300h300q41 0 70.5 -29.5t29.5 -70.5v-100h275q10 0 17.5 -7.5t7.5 -17.5v-75h-1100v75q0 10 7.5 17.5t17.5 7.5h275v100q0 41 29.5 70.5t70.5 29.5zM500 1200v-100h300v100h-300zM1100 900v-800q0 -41 -29.5 -70.5t-70.5 -29.5h-700q-41 0 -70.5 29.5t-29.5 70.5 v800h900zM300 800v-700h100v700h-100zM500 800v-700h100v700h-100zM700 800v-700h100v700h-100zM900 800v-700h100v700h-100z" /> |
|||
<glyph unicode="" d="M18 618l620 608q8 7 18.5 7t17.5 -7l608 -608q8 -8 5.5 -13t-12.5 -5h-175v-575q0 -10 -7.5 -17.5t-17.5 -7.5h-250q-10 0 -17.5 7.5t-7.5 17.5v375h-300v-375q0 -10 -7.5 -17.5t-17.5 -7.5h-250q-10 0 -17.5 7.5t-7.5 17.5v575h-175q-10 0 -12.5 5t5.5 13z" /> |
|||
<glyph unicode="" d="M600 1200v-400q0 -41 29.5 -70.5t70.5 -29.5h300v-650q0 -21 -14.5 -35.5t-35.5 -14.5h-800q-21 0 -35.5 14.5t-14.5 35.5v1100q0 21 14.5 35.5t35.5 14.5h450zM1000 800h-250q-21 0 -35.5 14.5t-14.5 35.5v250z" /> |
|||
<glyph unicode="" d="M600 1177q117 0 224 -45.5t184.5 -123t123 -184.5t45.5 -224t-45.5 -224t-123 -184.5t-184.5 -123t-224 -45.5t-224 45.5t-184.5 123t-123 184.5t-45.5 224t45.5 224t123 184.5t184.5 123t224 45.5zM600 1027q-116 0 -214.5 -57t-155.5 -155.5t-57 -214.5t57 -214.5 t155.5 -155.5t214.5 -57t214.5 57t155.5 155.5t57 214.5t-57 214.5t-155.5 155.5t-214.5 57zM525 900h50q10 0 17.5 -7.5t7.5 -17.5v-275h175q10 0 17.5 -7.5t7.5 -17.5v-50q0 -10 -7.5 -17.5t-17.5 -7.5h-250q-10 0 -17.5 7.5t-7.5 17.5v350q0 10 7.5 17.5t17.5 7.5z" /> |
|||
<glyph unicode="" d="M1300 0h-538l-41 400h-242l-41 -400h-538l431 1200h209l-21 -300h162l-20 300h208zM515 800l-27 -300h224l-27 300h-170z" /> |
|||
<glyph unicode="" d="M550 1200h200q21 0 35.5 -14.5t14.5 -35.5v-450h191q20 0 25.5 -11.5t-7.5 -27.5l-327 -400q-13 -16 -32 -16t-32 16l-327 400q-13 16 -7.5 27.5t25.5 11.5h191v450q0 21 14.5 35.5t35.5 14.5zM1125 400h50q10 0 17.5 -7.5t7.5 -17.5v-350q0 -10 -7.5 -17.5t-17.5 -7.5 h-1050q-10 0 -17.5 7.5t-7.5 17.5v350q0 10 7.5 17.5t17.5 7.5h50q10 0 17.5 -7.5t7.5 -17.5v-175h900v175q0 10 7.5 17.5t17.5 7.5z" /> |
|||
<glyph unicode="" d="M600 1177q117 0 224 -45.5t184.5 -123t123 -184.5t45.5 -224t-45.5 -224t-123 -184.5t-184.5 -123t-224 -45.5t-224 45.5t-184.5 123t-123 184.5t-45.5 224t45.5 224t123 184.5t184.5 123t224 45.5zM600 1027q-116 0 -214.5 -57t-155.5 -155.5t-57 -214.5t57 -214.5 t155.5 -155.5t214.5 -57t214.5 57t155.5 155.5t57 214.5t-57 214.5t-155.5 155.5t-214.5 57zM525 900h150q10 0 17.5 -7.5t7.5 -17.5v-275h137q21 0 26 -11.5t-8 -27.5l-223 -275q-13 -16 -32 -16t-32 16l-223 275q-13 16 -8 27.5t26 11.5h137v275q0 10 7.5 17.5t17.5 7.5z " /> |
|||
<glyph unicode="" d="M600 1177q117 0 224 -45.5t184.5 -123t123 -184.5t45.5 -224t-45.5 -224t-123 -184.5t-184.5 -123t-224 -45.5t-224 45.5t-184.5 123t-123 184.5t-45.5 224t45.5 224t123 184.5t184.5 123t224 45.5zM600 1027q-116 0 -214.5 -57t-155.5 -155.5t-57 -214.5t57 -214.5 t155.5 -155.5t214.5 -57t214.5 57t155.5 155.5t57 214.5t-57 214.5t-155.5 155.5t-214.5 57zM632 914l223 -275q13 -16 8 -27.5t-26 -11.5h-137v-275q0 -10 -7.5 -17.5t-17.5 -7.5h-150q-10 0 -17.5 7.5t-7.5 17.5v275h-137q-21 0 -26 11.5t8 27.5l223 275q13 16 32 16 t32 -16z" /> |
|||
<glyph unicode="" d="M225 1200h750q10 0 19.5 -7t12.5 -17l186 -652q7 -24 7 -49v-425q0 -12 -4 -27t-9 -17q-12 -6 -37 -6h-1100q-12 0 -27 4t-17 8q-6 13 -6 38l1 425q0 25 7 49l185 652q3 10 12.5 17t19.5 7zM878 1000h-556q-10 0 -19 -7t-11 -18l-87 -450q-2 -11 4 -18t16 -7h150 q10 0 19.5 -7t11.5 -17l38 -152q2 -10 11.5 -17t19.5 -7h250q10 0 19.5 7t11.5 17l38 152q2 10 11.5 17t19.5 7h150q10 0 16 7t4 18l-87 450q-2 11 -11 18t-19 7z" /> |
|||
<glyph unicode="" d="M600 1177q117 0 224 -45.5t184.5 -123t123 -184.5t45.5 -224t-45.5 -224t-123 -184.5t-184.5 -123t-224 -45.5t-224 45.5t-184.5 123t-123 184.5t-45.5 224t45.5 224t123 184.5t184.5 123t224 45.5zM600 1027q-116 0 -214.5 -57t-155.5 -155.5t-57 -214.5t57 -214.5 t155.5 -155.5t214.5 -57t214.5 57t155.5 155.5t57 214.5t-57 214.5t-155.5 155.5t-214.5 57zM540 820l253 -190q17 -12 17 -30t-17 -30l-253 -190q-16 -12 -28 -6.5t-12 26.5v400q0 21 12 26.5t28 -6.5z" /> |
|||
<glyph unicode="" d="M947 1060l135 135q7 7 12.5 5t5.5 -13v-362q0 -10 -7.5 -17.5t-17.5 -7.5h-362q-11 0 -13 5.5t5 12.5l133 133q-109 76 -238 76q-116 0 -214.5 -57t-155.5 -155.5t-57 -214.5t57 -214.5t155.5 -155.5t214.5 -57t214.5 57t155.5 155.5t57 214.5h150q0 -117 -45.5 -224 t-123 -184.5t-184.5 -123t-224 -45.5t-224 45.5t-184.5 123t-123 184.5t-45.5 224t45.5 224t123 184.5t184.5 123t224 45.5q192 0 347 -117z" /> |
|||
<glyph unicode="" d="M947 1060l135 135q7 7 12.5 5t5.5 -13v-361q0 -11 -7.5 -18.5t-18.5 -7.5h-361q-11 0 -13 5.5t5 12.5l134 134q-110 75 -239 75q-116 0 -214.5 -57t-155.5 -155.5t-57 -214.5h-150q0 117 45.5 224t123 184.5t184.5 123t224 45.5q192 0 347 -117zM1027 600h150 q0 -117 -45.5 -224t-123 -184.5t-184.5 -123t-224 -45.5q-192 0 -348 118l-134 -134q-7 -8 -12.5 -5.5t-5.5 12.5v360q0 11 7.5 18.5t18.5 7.5h360q10 0 12.5 -5.5t-5.5 -12.5l-133 -133q110 -76 240 -76q116 0 214.5 57t155.5 155.5t57 214.5z" /> |
|||
<glyph unicode="" d="M125 1200h1050q10 0 17.5 -7.5t7.5 -17.5v-1150q0 -10 -7.5 -17.5t-17.5 -7.5h-1050q-10 0 -17.5 7.5t-7.5 17.5v1150q0 10 7.5 17.5t17.5 7.5zM1075 1000h-850q-10 0 -17.5 -7.5t-7.5 -17.5v-850q0 -10 7.5 -17.5t17.5 -7.5h850q10 0 17.5 7.5t7.5 17.5v850 q0 10 -7.5 17.5t-17.5 7.5zM325 900h50q10 0 17.5 -7.5t7.5 -17.5v-50q0 -10 -7.5 -17.5t-17.5 -7.5h-50q-10 0 -17.5 7.5t-7.5 17.5v50q0 10 7.5 17.5t17.5 7.5zM525 900h450q10 0 17.5 -7.5t7.5 -17.5v-50q0 -10 -7.5 -17.5t-17.5 -7.5h-450q-10 0 -17.5 7.5t-7.5 17.5v50 q0 10 7.5 17.5t17.5 7.5zM325 700h50q10 0 17.5 -7.5t7.5 -17.5v-50q0 -10 -7.5 -17.5t-17.5 -7.5h-50q-10 0 -17.5 7.5t-7.5 17.5v50q0 10 7.5 17.5t17.5 7.5zM525 700h450q10 0 17.5 -7.5t7.5 -17.5v-50q0 -10 -7.5 -17.5t-17.5 -7.5h-450q-10 0 -17.5 7.5t-7.5 17.5v50 q0 10 7.5 17.5t17.5 7.5zM325 500h50q10 0 17.5 -7.5t7.5 -17.5v-50q0 -10 -7.5 -17.5t-17.5 -7.5h-50q-10 0 -17.5 7.5t-7.5 17.5v50q0 10 7.5 17.5t17.5 7.5zM525 500h450q10 0 17.5 -7.5t7.5 -17.5v-50q0 -10 -7.5 -17.5t-17.5 -7.5h-450q-10 0 -17.5 7.5t-7.5 17.5v50 q0 10 7.5 17.5t17.5 7.5zM325 300h50q10 0 17.5 -7.5t7.5 -17.5v-50q0 -10 -7.5 -17.5t-17.5 -7.5h-50q-10 0 -17.5 7.5t-7.5 17.5v50q0 10 7.5 17.5t17.5 7.5zM525 300h450q10 0 17.5 -7.5t7.5 -17.5v-50q0 -10 -7.5 -17.5t-17.5 -7.5h-450q-10 0 -17.5 7.5t-7.5 17.5v50 q0 10 7.5 17.5t17.5 7.5z" /> |
|||
<glyph unicode="" d="M900 800v200q0 83 -58.5 141.5t-141.5 58.5h-300q-82 0 -141 -59t-59 -141v-200h-100q-41 0 -70.5 -29.5t-29.5 -70.5v-600q0 -41 29.5 -70.5t70.5 -29.5h900q41 0 70.5 29.5t29.5 70.5v600q0 41 -29.5 70.5t-70.5 29.5h-100zM400 800v150q0 21 15 35.5t35 14.5h200 q20 0 35 -14.5t15 -35.5v-150h-300z" /> |
|||
<glyph unicode="" d="M125 1100h50q10 0 17.5 -7.5t7.5 -17.5v-1075h-100v1075q0 10 7.5 17.5t17.5 7.5zM1075 1052q4 0 9 -2q16 -6 16 -23v-421q0 -6 -3 -12q-33 -59 -66.5 -99t-65.5 -58t-56.5 -24.5t-52.5 -6.5q-26 0 -57.5 6.5t-52.5 13.5t-60 21q-41 15 -63 22.5t-57.5 15t-65.5 7.5 q-85 0 -160 -57q-7 -5 -15 -5q-6 0 -11 3q-14 7 -14 22v438q22 55 82 98.5t119 46.5q23 2 43 0.5t43 -7t32.5 -8.5t38 -13t32.5 -11q41 -14 63.5 -21t57 -14t63.5 -7q103 0 183 87q7 8 18 8z" /> |
|||
<glyph unicode="" d="M600 1175q116 0 227 -49.5t192.5 -131t131 -192.5t49.5 -227v-300q0 -10 -7.5 -17.5t-17.5 -7.5h-50q-10 0 -17.5 7.5t-7.5 17.5v300q0 127 -70.5 231.5t-184.5 161.5t-245 57t-245 -57t-184.5 -161.5t-70.5 -231.5v-300q0 -10 -7.5 -17.5t-17.5 -7.5h-50 q-10 0 -17.5 7.5t-7.5 17.5v300q0 116 49.5 227t131 192.5t192.5 131t227 49.5zM220 500h160q8 0 14 -6t6 -14v-460q0 -8 -6 -14t-14 -6h-160q-8 0 -14 6t-6 14v460q0 8 6 14t14 6zM820 500h160q8 0 14 -6t6 -14v-460q0 -8 -6 -14t-14 -6h-160q-8 0 -14 6t-6 14v460 q0 8 6 14t14 6z" /> |
|||
<glyph unicode="" d="M321 814l258 172q9 6 15 2.5t6 -13.5v-750q0 -10 -6 -13.5t-15 2.5l-258 172q-21 14 -46 14h-250q-10 0 -17.5 7.5t-7.5 17.5v350q0 10 7.5 17.5t17.5 7.5h250q25 0 46 14zM900 668l120 120q7 7 17 7t17 -7l34 -34q7 -7 7 -17t-7 -17l-120 -120l120 -120q7 -7 7 -17 t-7 -17l-34 -34q-7 -7 -17 -7t-17 7l-120 119l-120 -119q-7 -7 -17 -7t-17 7l-34 34q-7 7 -7 17t7 17l119 120l-119 120q-7 7 -7 17t7 17l34 34q7 8 17 8t17 -8z" /> |
|||
<glyph unicode="" d="M321 814l258 172q9 6 15 2.5t6 -13.5v-750q0 -10 -6 -13.5t-15 2.5l-258 172q-21 14 -46 14h-250q-10 0 -17.5 7.5t-7.5 17.5v350q0 10 7.5 17.5t17.5 7.5h250q25 0 46 14zM766 900h4q10 -1 16 -10q96 -129 96 -290q0 -154 -90 -281q-6 -9 -17 -10l-3 -1q-9 0 -16 6 l-29 23q-7 7 -8.5 16.5t4.5 17.5q72 103 72 229q0 132 -78 238q-6 8 -4.5 18t9.5 17l29 22q7 5 15 5z" /> |
|||
<glyph unicode="" d="M967 1004h3q11 -1 17 -10q135 -179 135 -396q0 -105 -34 -206.5t-98 -185.5q-7 -9 -17 -10h-3q-9 0 -16 6l-42 34q-8 6 -9 16t5 18q111 150 111 328q0 90 -29.5 176t-84.5 157q-6 9 -5 19t10 16l42 33q7 5 15 5zM321 814l258 172q9 6 15 2.5t6 -13.5v-750q0 -10 -6 -13.5 t-15 2.5l-258 172q-21 14 -46 14h-250q-10 0 -17.5 7.5t-7.5 17.5v350q0 10 7.5 17.5t17.5 7.5h250q25 0 46 14zM766 900h4q10 -1 16 -10q96 -129 96 -290q0 -154 -90 -281q-6 -9 -17 -10l-3 -1q-9 0 -16 6l-29 23q-7 7 -8.5 16.5t4.5 17.5q72 103 72 229q0 132 -78 238 q-6 8 -4.5 18.5t9.5 16.5l29 22q7 5 15 5z" /> |
|||
<glyph unicode="" d="M500 900h100v-100h-100v-100h-400v-100h-100v600h500v-300zM1200 700h-200v-100h200v-200h-300v300h-200v300h-100v200h600v-500zM100 1100v-300h300v300h-300zM800 1100v-300h300v300h-300zM300 900h-100v100h100v-100zM1000 900h-100v100h100v-100zM300 500h200v-500 h-500v500h200v100h100v-100zM800 300h200v-100h-100v-100h-200v100h-100v100h100v200h-200v100h300v-300zM100 400v-300h300v300h-300zM300 200h-100v100h100v-100zM1200 200h-100v100h100v-100zM700 0h-100v100h100v-100zM1200 0h-300v100h300v-100z" /> |
|||
<glyph unicode="" d="M100 200h-100v1000h100v-1000zM300 200h-100v1000h100v-1000zM700 200h-200v1000h200v-1000zM900 200h-100v1000h100v-1000zM1200 200h-200v1000h200v-1000zM400 0h-300v100h300v-100zM600 0h-100v91h100v-91zM800 0h-100v91h100v-91zM1100 0h-200v91h200v-91z" /> |
|||
<glyph unicode="" d="M500 1200l682 -682q8 -8 8 -18t-8 -18l-464 -464q-8 -8 -18 -8t-18 8l-682 682l1 475q0 10 7.5 17.5t17.5 7.5h474zM319.5 1024.5q-29.5 29.5 -71 29.5t-71 -29.5t-29.5 -71.5t29.5 -71.5t71 -29.5t71 29.5t29.5 71.5t-29.5 71.5z" /> |
|||
<glyph unicode="" d="M500 1200l682 -682q8 -8 8 -18t-8 -18l-464 -464q-8 -8 -18 -8t-18 8l-682 682l1 475q0 10 7.5 17.5t17.5 7.5h474zM800 1200l682 -682q8 -8 8 -18t-8 -18l-464 -464q-8 -8 -18 -8t-18 8l-56 56l424 426l-700 700h150zM319.5 1024.5q-29.5 29.5 -71 29.5t-71 -29.5 t-29.5 -71.5t29.5 -71.5t71 -29.5t71 29.5t29.5 71.5t-29.5 71.5z" /> |
|||
<glyph unicode="" d="M300 1200h825q75 0 75 -75v-900q0 -25 -18 -43l-64 -64q-8 -8 -13 -5.5t-5 12.5v950q0 10 -7.5 17.5t-17.5 7.5h-700q-25 0 -43 -18l-64 -64q-8 -8 -5.5 -13t12.5 -5h700q10 0 17.5 -7.5t7.5 -17.5v-950q0 -10 -7.5 -17.5t-17.5 -7.5h-850q-10 0 -17.5 7.5t-7.5 17.5v975 q0 25 18 43l139 139q18 18 43 18z" /> |
|||
<glyph unicode="" d="M250 1200h800q21 0 35.5 -14.5t14.5 -35.5v-1150l-450 444l-450 -445v1151q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M822 1200h-444q-11 0 -19 -7.5t-9 -17.5l-78 -301q-7 -24 7 -45l57 -108q6 -9 17.5 -15t21.5 -6h450q10 0 21.5 6t17.5 15l62 108q14 21 7 45l-83 301q-1 10 -9 17.5t-19 7.5zM1175 800h-150q-10 0 -21 -6.5t-15 -15.5l-78 -156q-4 -9 -15 -15.5t-21 -6.5h-550 q-10 0 -21 6.5t-15 15.5l-78 156q-4 9 -15 15.5t-21 6.5h-150q-10 0 -17.5 -7.5t-7.5 -17.5v-650q0 -10 7.5 -17.5t17.5 -7.5h150q10 0 17.5 7.5t7.5 17.5v150q0 10 7.5 17.5t17.5 7.5h750q10 0 17.5 -7.5t7.5 -17.5v-150q0 -10 7.5 -17.5t17.5 -7.5h150q10 0 17.5 7.5 t7.5 17.5v650q0 10 -7.5 17.5t-17.5 7.5zM850 200h-500q-10 0 -19.5 -7t-11.5 -17l-38 -152q-2 -10 3.5 -17t15.5 -7h600q10 0 15.5 7t3.5 17l-38 152q-2 10 -11.5 17t-19.5 7z" /> |
|||
<glyph unicode="" d="M500 1100h200q56 0 102.5 -20.5t72.5 -50t44 -59t25 -50.5l6 -20h150q41 0 70.5 -29.5t29.5 -70.5v-600q0 -41 -29.5 -70.5t-70.5 -29.5h-1000q-41 0 -70.5 29.5t-29.5 70.5v600q0 41 29.5 70.5t70.5 29.5h150q2 8 6.5 21.5t24 48t45 61t72 48t102.5 21.5zM900 800v-100 h100v100h-100zM600 730q-95 0 -162.5 -67.5t-67.5 -162.5t67.5 -162.5t162.5 -67.5t162.5 67.5t67.5 162.5t-67.5 162.5t-162.5 67.5zM600 603q43 0 73 -30t30 -73t-30 -73t-73 -30t-73 30t-30 73t30 73t73 30z" /> |
|||
<glyph unicode="" d="M681 1199l385 -998q20 -50 60 -92q18 -19 36.5 -29.5t27.5 -11.5l10 -2v-66h-417v66q53 0 75 43.5t5 88.5l-82 222h-391q-58 -145 -92 -234q-11 -34 -6.5 -57t25.5 -37t46 -20t55 -6v-66h-365v66q56 24 84 52q12 12 25 30.5t20 31.5l7 13l399 1006h93zM416 521h340 l-162 457z" /> |
|||
<glyph unicode="" d="M753 641q5 -1 14.5 -4.5t36 -15.5t50.5 -26.5t53.5 -40t50.5 -54.5t35.5 -70t14.5 -87q0 -67 -27.5 -125.5t-71.5 -97.5t-98.5 -66.5t-108.5 -40.5t-102 -13h-500v89q41 7 70.5 32.5t29.5 65.5v827q0 24 -0.5 34t-3.5 24t-8.5 19.5t-17 13.5t-28 12.5t-42.5 11.5v71 l471 -1q57 0 115.5 -20.5t108 -57t80.5 -94t31 -124.5q0 -51 -15.5 -96.5t-38 -74.5t-45 -50.5t-38.5 -30.5zM400 700h139q78 0 130.5 48.5t52.5 122.5q0 41 -8.5 70.5t-29.5 55.5t-62.5 39.5t-103.5 13.5h-118v-350zM400 200h216q80 0 121 50.5t41 130.5q0 90 -62.5 154.5 t-156.5 64.5h-159v-400z" /> |
|||
<glyph unicode="" d="M877 1200l2 -57q-83 -19 -116 -45.5t-40 -66.5l-132 -839q-9 -49 13 -69t96 -26v-97h-500v97q186 16 200 98l173 832q3 17 3 30t-1.5 22.5t-9 17.5t-13.5 12.5t-21.5 10t-26 8.5t-33.5 10q-13 3 -19 5v57h425z" /> |
|||
<glyph unicode="" d="M1300 900h-50q0 21 -4 37t-9.5 26.5t-18 17.5t-22 11t-28.5 5.5t-31 2t-37 0.5h-200v-850q0 -22 25 -34.5t50 -13.5l25 -2v-100h-400v100q4 0 11 0.5t24 3t30 7t24 15t11 24.5v850h-200q-25 0 -37 -0.5t-31 -2t-28.5 -5.5t-22 -11t-18 -17.5t-9.5 -26.5t-4 -37h-50v300 h1000v-300zM175 1000h-75v-800h75l-125 -167l-125 167h75v800h-75l125 167z" /> |
|||
<glyph unicode="" d="M1100 900h-50q0 21 -4 37t-9.5 26.5t-18 17.5t-22 11t-28.5 5.5t-31 2t-37 0.5h-200v-650q0 -22 25 -34.5t50 -13.5l25 -2v-100h-400v100q4 0 11 0.5t24 3t30 7t24 15t11 24.5v650h-200q-25 0 -37 -0.5t-31 -2t-28.5 -5.5t-22 -11t-18 -17.5t-9.5 -26.5t-4 -37h-50v300 h1000v-300zM1167 50l-167 -125v75h-800v-75l-167 125l167 125v-75h800v75z" /> |
|||
<glyph unicode="" d="M50 1100h600q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-600q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5zM50 800h1000q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-1000q-21 0 -35.5 14.5t-14.5 35.5v100 q0 21 14.5 35.5t35.5 14.5zM50 500h800q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-800q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5zM50 200h1100q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-1100 q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M250 1100h700q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-700q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5zM50 800h1100q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-1100q-21 0 -35.5 14.5t-14.5 35.5v100 q0 21 14.5 35.5t35.5 14.5zM250 500h700q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-700q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5zM50 200h1100q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-1100 q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M500 950v100q0 21 14.5 35.5t35.5 14.5h600q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-600q-21 0 -35.5 14.5t-14.5 35.5zM100 650v100q0 21 14.5 35.5t35.5 14.5h1000q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-1000 q-21 0 -35.5 14.5t-14.5 35.5zM300 350v100q0 21 14.5 35.5t35.5 14.5h800q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-800q-21 0 -35.5 14.5t-14.5 35.5zM0 50v100q0 21 14.5 35.5t35.5 14.5h1100q21 0 35.5 -14.5t14.5 -35.5v-100 q0 -21 -14.5 -35.5t-35.5 -14.5h-1100q-21 0 -35.5 14.5t-14.5 35.5z" /> |
|||
<glyph unicode="" d="M50 1100h1100q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-1100q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5zM50 800h1100q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-1100q-21 0 -35.5 14.5t-14.5 35.5v100 q0 21 14.5 35.5t35.5 14.5zM50 500h1100q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-1100q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5zM50 200h1100q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-1100 q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M50 1100h100q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-100q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5zM350 1100h800q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-800q-21 0 -35.5 14.5t-14.5 35.5v100 q0 21 14.5 35.5t35.5 14.5zM50 800h100q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-100q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5zM350 800h800q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-800 q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5zM50 500h100q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-100q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5zM350 500h800q21 0 35.5 -14.5t14.5 -35.5v-100 q0 -21 -14.5 -35.5t-35.5 -14.5h-800q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5zM50 200h100q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-100q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5zM350 200h800 q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-800q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M400 0h-100v1100h100v-1100zM550 1100h100q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-100q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5zM550 800h500q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-500 q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5zM267 550l-167 -125v75h-200v100h200v75zM550 500h300q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-300q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5zM550 200h600 q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-600q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M50 1100h100q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-100q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5zM900 0h-100v1100h100v-1100zM50 800h500q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-500 q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5zM1100 600h200v-100h-200v-75l-167 125l167 125v-75zM50 500h300q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-300q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5zM50 200h600 q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-600q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M75 1000h750q31 0 53 -22t22 -53v-650q0 -31 -22 -53t-53 -22h-750q-31 0 -53 22t-22 53v650q0 31 22 53t53 22zM1200 300l-300 300l300 300v-600z" /> |
|||
<glyph unicode="" d="M44 1100h1112q18 0 31 -13t13 -31v-1012q0 -18 -13 -31t-31 -13h-1112q-18 0 -31 13t-13 31v1012q0 18 13 31t31 13zM100 1000v-737l247 182l298 -131l-74 156l293 318l236 -288v500h-1000zM342 884q56 0 95 -39t39 -94.5t-39 -95t-95 -39.5t-95 39.5t-39 95t39 94.5 t95 39z" /> |
|||
<glyph unicode="" d="M648 1169q117 0 216 -60t156.5 -161t57.5 -218q0 -115 -70 -258q-69 -109 -158 -225.5t-143 -179.5l-54 -62q-9 8 -25.5 24.5t-63.5 67.5t-91 103t-98.5 128t-95.5 148q-60 132 -60 249q0 88 34 169.5t91.5 142t137 96.5t166.5 36zM652.5 974q-91.5 0 -156.5 -65 t-65 -157t65 -156.5t156.5 -64.5t156.5 64.5t65 156.5t-65 157t-156.5 65z" /> |
|||
<glyph unicode="" d="M600 1177q117 0 224 -45.5t184.5 -123t123 -184.5t45.5 -224t-45.5 -224t-123 -184.5t-184.5 -123t-224 -45.5t-224 45.5t-184.5 123t-123 184.5t-45.5 224t45.5 224t123 184.5t184.5 123t224 45.5zM600 173v854q-116 0 -214.5 -57t-155.5 -155.5t-57 -214.5t57 -214.5 t155.5 -155.5t214.5 -57z" /> |
|||
<glyph unicode="" d="M554 1295q21 -72 57.5 -143.5t76 -130t83 -118t82.5 -117t70 -116t49.5 -126t18.5 -136.5q0 -71 -25.5 -135t-68.5 -111t-99 -82t-118.5 -54t-125.5 -23q-84 5 -161.5 34t-139.5 78.5t-99 125t-37 164.5q0 69 18 136.5t49.5 126.5t69.5 116.5t81.5 117.5t83.5 119 t76.5 131t58.5 143zM344 710q-23 -33 -43.5 -70.5t-40.5 -102.5t-17 -123q1 -37 14.5 -69.5t30 -52t41 -37t38.5 -24.5t33 -15q21 -7 32 -1t13 22l6 34q2 10 -2.5 22t-13.5 19q-5 4 -14 12t-29.5 40.5t-32.5 73.5q-26 89 6 271q2 11 -6 11q-8 1 -15 -10z" /> |
|||
<glyph unicode="" d="M1000 1013l108 115q2 1 5 2t13 2t20.5 -1t25 -9.5t28.5 -21.5q22 -22 27 -43t0 -32l-6 -10l-108 -115zM350 1100h400q50 0 105 -13l-187 -187h-368q-41 0 -70.5 -29.5t-29.5 -70.5v-500q0 -41 29.5 -70.5t70.5 -29.5h500q41 0 70.5 29.5t29.5 70.5v182l200 200v-332 q0 -165 -93.5 -257.5t-256.5 -92.5h-400q-165 0 -257.5 92.5t-92.5 257.5v400q0 165 92.5 257.5t257.5 92.5zM1009 803l-362 -362l-161 -50l55 170l355 355z" /> |
|||
<glyph unicode="" d="M350 1100h361q-164 -146 -216 -200h-195q-41 0 -70.5 -29.5t-29.5 -70.5v-500q0 -41 29.5 -70.5t70.5 -29.5h500q41 0 70.5 29.5t29.5 70.5l200 153v-103q0 -165 -92.5 -257.5t-257.5 -92.5h-400q-165 0 -257.5 92.5t-92.5 257.5v400q0 165 92.5 257.5t257.5 92.5z M824 1073l339 -301q8 -7 8 -17.5t-8 -17.5l-340 -306q-7 -6 -12.5 -4t-6.5 11v203q-26 1 -54.5 0t-78.5 -7.5t-92 -17.5t-86 -35t-70 -57q10 59 33 108t51.5 81.5t65 58.5t68.5 40.5t67 24.5t56 13.5t40 4.5v210q1 10 6.5 12.5t13.5 -4.5z" /> |
|||
<glyph unicode="" d="M350 1100h350q60 0 127 -23l-178 -177h-349q-41 0 -70.5 -29.5t-29.5 -70.5v-500q0 -41 29.5 -70.5t70.5 -29.5h500q41 0 70.5 29.5t29.5 70.5v69l200 200v-219q0 -165 -92.5 -257.5t-257.5 -92.5h-400q-165 0 -257.5 92.5t-92.5 257.5v400q0 165 92.5 257.5t257.5 92.5z M643 639l395 395q7 7 17.5 7t17.5 -7l101 -101q7 -7 7 -17.5t-7 -17.5l-531 -532q-7 -7 -17.5 -7t-17.5 7l-248 248q-7 7 -7 17.5t7 17.5l101 101q7 7 17.5 7t17.5 -7l111 -111q8 -7 18 -7t18 7z" /> |
|||
<glyph unicode="" d="M318 918l264 264q8 8 18 8t18 -8l260 -264q7 -8 4.5 -13t-12.5 -5h-170v-200h200v173q0 10 5 12t13 -5l264 -260q8 -7 8 -17.5t-8 -17.5l-264 -265q-8 -7 -13 -5t-5 12v173h-200v-200h170q10 0 12.5 -5t-4.5 -13l-260 -264q-8 -8 -18 -8t-18 8l-264 264q-8 8 -5.5 13 t12.5 5h175v200h-200v-173q0 -10 -5 -12t-13 5l-264 265q-8 7 -8 17.5t8 17.5l264 260q8 7 13 5t5 -12v-173h200v200h-175q-10 0 -12.5 5t5.5 13z" /> |
|||
<glyph unicode="" d="M250 1100h100q21 0 35.5 -14.5t14.5 -35.5v-438l464 453q15 14 25.5 10t10.5 -25v-1000q0 -21 -10.5 -25t-25.5 10l-464 453v-438q0 -21 -14.5 -35.5t-35.5 -14.5h-100q-21 0 -35.5 14.5t-14.5 35.5v1000q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M50 1100h100q21 0 35.5 -14.5t14.5 -35.5v-438l464 453q15 14 25.5 10t10.5 -25v-438l464 453q15 14 25.5 10t10.5 -25v-1000q0 -21 -10.5 -25t-25.5 10l-464 453v-438q0 -21 -10.5 -25t-25.5 10l-464 453v-438q0 -21 -14.5 -35.5t-35.5 -14.5h-100q-21 0 -35.5 14.5 t-14.5 35.5v1000q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M1200 1050v-1000q0 -21 -10.5 -25t-25.5 10l-464 453v-438q0 -21 -10.5 -25t-25.5 10l-492 480q-15 14 -15 35t15 35l492 480q15 14 25.5 10t10.5 -25v-438l464 453q15 14 25.5 10t10.5 -25z" /> |
|||
<glyph unicode="" d="M243 1074l814 -498q18 -11 18 -26t-18 -26l-814 -498q-18 -11 -30.5 -4t-12.5 28v1000q0 21 12.5 28t30.5 -4z" /> |
|||
<glyph unicode="" d="M250 1000h200q21 0 35.5 -14.5t14.5 -35.5v-800q0 -21 -14.5 -35.5t-35.5 -14.5h-200q-21 0 -35.5 14.5t-14.5 35.5v800q0 21 14.5 35.5t35.5 14.5zM650 1000h200q21 0 35.5 -14.5t14.5 -35.5v-800q0 -21 -14.5 -35.5t-35.5 -14.5h-200q-21 0 -35.5 14.5t-14.5 35.5v800 q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M1100 950v-800q0 -21 -14.5 -35.5t-35.5 -14.5h-800q-21 0 -35.5 14.5t-14.5 35.5v800q0 21 14.5 35.5t35.5 14.5h800q21 0 35.5 -14.5t14.5 -35.5z" /> |
|||
<glyph unicode="" d="M500 612v438q0 21 10.5 25t25.5 -10l492 -480q15 -14 15 -35t-15 -35l-492 -480q-15 -14 -25.5 -10t-10.5 25v438l-464 -453q-15 -14 -25.5 -10t-10.5 25v1000q0 21 10.5 25t25.5 -10z" /> |
|||
<glyph unicode="" d="M1048 1102l100 1q20 0 35 -14.5t15 -35.5l5 -1000q0 -21 -14.5 -35.5t-35.5 -14.5l-100 -1q-21 0 -35.5 14.5t-14.5 35.5l-2 437l-463 -454q-14 -15 -24.5 -10.5t-10.5 25.5l-2 437l-462 -455q-15 -14 -25.5 -9.5t-10.5 24.5l-5 1000q0 21 10.5 25.5t25.5 -10.5l466 -450 l-2 438q0 20 10.5 24.5t25.5 -9.5l466 -451l-2 438q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M850 1100h100q21 0 35.5 -14.5t14.5 -35.5v-1000q0 -21 -14.5 -35.5t-35.5 -14.5h-100q-21 0 -35.5 14.5t-14.5 35.5v438l-464 -453q-15 -14 -25.5 -10t-10.5 25v1000q0 21 10.5 25t25.5 -10l464 -453v438q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M686 1081l501 -540q15 -15 10.5 -26t-26.5 -11h-1042q-22 0 -26.5 11t10.5 26l501 540q15 15 36 15t36 -15zM150 400h1000q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-1000q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M885 900l-352 -353l352 -353l-197 -198l-552 552l552 550z" /> |
|||
<glyph unicode="" d="M1064 547l-551 -551l-198 198l353 353l-353 353l198 198z" /> |
|||
<glyph unicode="" d="M600 1177q117 0 224 -45.5t184.5 -123t123 -184.5t45.5 -224t-45.5 -224t-123 -184.5t-184.5 -123t-224 -45.5t-224 45.5t-184.5 123t-123 184.5t-45.5 224t45.5 224t123 184.5t184.5 123t224 45.5zM650 900h-100q-21 0 -35.5 -14.5t-14.5 -35.5v-150h-150 q-21 0 -35.5 -14.5t-14.5 -35.5v-100q0 -21 14.5 -35.5t35.5 -14.5h150v-150q0 -21 14.5 -35.5t35.5 -14.5h100q21 0 35.5 14.5t14.5 35.5v150h150q21 0 35.5 14.5t14.5 35.5v100q0 21 -14.5 35.5t-35.5 14.5h-150v150q0 21 -14.5 35.5t-35.5 14.5z" /> |
|||
<glyph unicode="" d="M600 1177q117 0 224 -45.5t184.5 -123t123 -184.5t45.5 -224t-45.5 -224t-123 -184.5t-184.5 -123t-224 -45.5t-224 45.5t-184.5 123t-123 184.5t-45.5 224t45.5 224t123 184.5t184.5 123t224 45.5zM850 700h-500q-21 0 -35.5 -14.5t-14.5 -35.5v-100q0 -21 14.5 -35.5 t35.5 -14.5h500q21 0 35.5 14.5t14.5 35.5v100q0 21 -14.5 35.5t-35.5 14.5z" /> |
|||
<glyph unicode="" d="M600 1177q117 0 224 -45.5t184.5 -123t123 -184.5t45.5 -224t-45.5 -224t-123 -184.5t-184.5 -123t-224 -45.5t-224 45.5t-184.5 123t-123 184.5t-45.5 224t45.5 224t123 184.5t184.5 123t224 45.5zM741.5 913q-12.5 0 -21.5 -9l-120 -120l-120 120q-9 9 -21.5 9 t-21.5 -9l-141 -141q-9 -9 -9 -21.5t9 -21.5l120 -120l-120 -120q-9 -9 -9 -21.5t9 -21.5l141 -141q9 -9 21.5 -9t21.5 9l120 120l120 -120q9 -9 21.5 -9t21.5 9l141 141q9 9 9 21.5t-9 21.5l-120 120l120 120q9 9 9 21.5t-9 21.5l-141 141q-9 9 -21.5 9z" /> |
|||
<glyph unicode="" d="M600 1177q117 0 224 -45.5t184.5 -123t123 -184.5t45.5 -224t-45.5 -224t-123 -184.5t-184.5 -123t-224 -45.5t-224 45.5t-184.5 123t-123 184.5t-45.5 224t45.5 224t123 184.5t184.5 123t224 45.5zM546 623l-84 85q-7 7 -17.5 7t-18.5 -7l-139 -139q-7 -8 -7 -18t7 -18 l242 -241q7 -8 17.5 -8t17.5 8l375 375q7 7 7 17.5t-7 18.5l-139 139q-7 7 -17.5 7t-17.5 -7z" /> |
|||
<glyph unicode="" d="M600 1177q117 0 224 -45.5t184.5 -123t123 -184.5t45.5 -224t-45.5 -224t-123 -184.5t-184.5 -123t-224 -45.5t-224 45.5t-184.5 123t-123 184.5t-45.5 224t45.5 224t123 184.5t184.5 123t224 45.5zM588 941q-29 0 -59 -5.5t-63 -20.5t-58 -38.5t-41.5 -63t-16.5 -89.5 q0 -25 20 -25h131q30 -5 35 11q6 20 20.5 28t45.5 8q20 0 31.5 -10.5t11.5 -28.5q0 -23 -7 -34t-26 -18q-1 0 -13.5 -4t-19.5 -7.5t-20 -10.5t-22 -17t-18.5 -24t-15.5 -35t-8 -46q-1 -8 5.5 -16.5t20.5 -8.5h173q7 0 22 8t35 28t37.5 48t29.5 74t12 100q0 47 -17 83 t-42.5 57t-59.5 34.5t-64 18t-59 4.5zM675 400h-150q-10 0 -17.5 -7.5t-7.5 -17.5v-150q0 -10 7.5 -17.5t17.5 -7.5h150q10 0 17.5 7.5t7.5 17.5v150q0 10 -7.5 17.5t-17.5 7.5z" /> |
|||
<glyph unicode="" d="M600 1177q117 0 224 -45.5t184.5 -123t123 -184.5t45.5 -224t-45.5 -224t-123 -184.5t-184.5 -123t-224 -45.5t-224 45.5t-184.5 123t-123 184.5t-45.5 224t45.5 224t123 184.5t184.5 123t224 45.5zM675 1000h-150q-10 0 -17.5 -7.5t-7.5 -17.5v-150q0 -10 7.5 -17.5 t17.5 -7.5h150q10 0 17.5 7.5t7.5 17.5v150q0 10 -7.5 17.5t-17.5 7.5zM675 700h-250q-10 0 -17.5 -7.5t-7.5 -17.5v-50q0 -10 7.5 -17.5t17.5 -7.5h75v-200h-75q-10 0 -17.5 -7.5t-7.5 -17.5v-50q0 -10 7.5 -17.5t17.5 -7.5h350q10 0 17.5 7.5t7.5 17.5v50q0 10 -7.5 17.5 t-17.5 7.5h-75v275q0 10 -7.5 17.5t-17.5 7.5z" /> |
|||
<glyph unicode="" d="M525 1200h150q10 0 17.5 -7.5t7.5 -17.5v-194q103 -27 178.5 -102.5t102.5 -178.5h194q10 0 17.5 -7.5t7.5 -17.5v-150q0 -10 -7.5 -17.5t-17.5 -7.5h-194q-27 -103 -102.5 -178.5t-178.5 -102.5v-194q0 -10 -7.5 -17.5t-17.5 -7.5h-150q-10 0 -17.5 7.5t-7.5 17.5v194 q-103 27 -178.5 102.5t-102.5 178.5h-194q-10 0 -17.5 7.5t-7.5 17.5v150q0 10 7.5 17.5t17.5 7.5h194q27 103 102.5 178.5t178.5 102.5v194q0 10 7.5 17.5t17.5 7.5zM700 893v-168q0 -10 -7.5 -17.5t-17.5 -7.5h-150q-10 0 -17.5 7.5t-7.5 17.5v168q-68 -23 -119 -74 t-74 -119h168q10 0 17.5 -7.5t7.5 -17.5v-150q0 -10 -7.5 -17.5t-17.5 -7.5h-168q23 -68 74 -119t119 -74v168q0 10 7.5 17.5t17.5 7.5h150q10 0 17.5 -7.5t7.5 -17.5v-168q68 23 119 74t74 119h-168q-10 0 -17.5 7.5t-7.5 17.5v150q0 10 7.5 17.5t17.5 7.5h168 q-23 68 -74 119t-119 74z" /> |
|||
<glyph unicode="" d="M600 1177q117 0 224 -45.5t184.5 -123t123 -184.5t45.5 -224t-45.5 -224t-123 -184.5t-184.5 -123t-224 -45.5t-224 45.5t-184.5 123t-123 184.5t-45.5 224t45.5 224t123 184.5t184.5 123t224 45.5zM600 1027q-116 0 -214.5 -57t-155.5 -155.5t-57 -214.5t57 -214.5 t155.5 -155.5t214.5 -57t214.5 57t155.5 155.5t57 214.5t-57 214.5t-155.5 155.5t-214.5 57zM759 823l64 -64q7 -7 7 -17.5t-7 -17.5l-124 -124l124 -124q7 -7 7 -17.5t-7 -17.5l-64 -64q-7 -7 -17.5 -7t-17.5 7l-124 124l-124 -124q-7 -7 -17.5 -7t-17.5 7l-64 64 q-7 7 -7 17.5t7 17.5l124 124l-124 124q-7 7 -7 17.5t7 17.5l64 64q7 7 17.5 7t17.5 -7l124 -124l124 124q7 7 17.5 7t17.5 -7z" /> |
|||
<glyph unicode="" d="M600 1177q117 0 224 -45.5t184.5 -123t123 -184.5t45.5 -224t-45.5 -224t-123 -184.5t-184.5 -123t-224 -45.5t-224 45.5t-184.5 123t-123 184.5t-45.5 224t45.5 224t123 184.5t184.5 123t224 45.5zM600 1027q-116 0 -214.5 -57t-155.5 -155.5t-57 -214.5t57 -214.5 t155.5 -155.5t214.5 -57t214.5 57t155.5 155.5t57 214.5t-57 214.5t-155.5 155.5t-214.5 57zM782 788l106 -106q7 -7 7 -17.5t-7 -17.5l-320 -321q-8 -7 -18 -7t-18 7l-202 203q-8 7 -8 17.5t8 17.5l106 106q7 8 17.5 8t17.5 -8l79 -79l197 197q7 7 17.5 7t17.5 -7z" /> |
|||
<glyph unicode="" d="M600 1177q117 0 224 -45.5t184.5 -123t123 -184.5t45.5 -224t-45.5 -224t-123 -184.5t-184.5 -123t-224 -45.5t-224 45.5t-184.5 123t-123 184.5t-45.5 224t45.5 224t123 184.5t184.5 123t224 45.5zM600 1027q-116 0 -214.5 -57t-155.5 -155.5t-57 -214.5q0 -120 65 -225 l587 587q-105 65 -225 65zM965 819l-584 -584q104 -62 219 -62q116 0 214.5 57t155.5 155.5t57 214.5q0 115 -62 219z" /> |
|||
<glyph unicode="" d="M39 582l522 427q16 13 27.5 8t11.5 -26v-291h550q21 0 35.5 -14.5t14.5 -35.5v-200q0 -21 -14.5 -35.5t-35.5 -14.5h-550v-291q0 -21 -11.5 -26t-27.5 8l-522 427q-16 13 -16 32t16 32z" /> |
|||
<glyph unicode="" d="M639 1009l522 -427q16 -13 16 -32t-16 -32l-522 -427q-16 -13 -27.5 -8t-11.5 26v291h-550q-21 0 -35.5 14.5t-14.5 35.5v200q0 21 14.5 35.5t35.5 14.5h550v291q0 21 11.5 26t27.5 -8z" /> |
|||
<glyph unicode="" d="M682 1161l427 -522q13 -16 8 -27.5t-26 -11.5h-291v-550q0 -21 -14.5 -35.5t-35.5 -14.5h-200q-21 0 -35.5 14.5t-14.5 35.5v550h-291q-21 0 -26 11.5t8 27.5l427 522q13 16 32 16t32 -16z" /> |
|||
<glyph unicode="" d="M550 1200h200q21 0 35.5 -14.5t14.5 -35.5v-550h291q21 0 26 -11.5t-8 -27.5l-427 -522q-13 -16 -32 -16t-32 16l-427 522q-13 16 -8 27.5t26 11.5h291v550q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M639 1109l522 -427q16 -13 16 -32t-16 -32l-522 -427q-16 -13 -27.5 -8t-11.5 26v291q-94 -2 -182 -20t-170.5 -52t-147 -92.5t-100.5 -135.5q5 105 27 193.5t67.5 167t113 135t167 91.5t225.5 42v262q0 21 11.5 26t27.5 -8z" /> |
|||
<glyph unicode="" d="M850 1200h300q21 0 35.5 -14.5t14.5 -35.5v-300q0 -21 -10.5 -25t-24.5 10l-94 94l-249 -249q-8 -7 -18 -7t-18 7l-106 106q-7 8 -7 18t7 18l249 249l-94 94q-14 14 -10 24.5t25 10.5zM350 0h-300q-21 0 -35.5 14.5t-14.5 35.5v300q0 21 10.5 25t24.5 -10l94 -94l249 249 q8 7 18 7t18 -7l106 -106q7 -8 7 -18t-7 -18l-249 -249l94 -94q14 -14 10 -24.5t-25 -10.5z" /> |
|||
<glyph unicode="" d="M1014 1120l106 -106q7 -8 7 -18t-7 -18l-249 -249l94 -94q14 -14 10 -24.5t-25 -10.5h-300q-21 0 -35.5 14.5t-14.5 35.5v300q0 21 10.5 25t24.5 -10l94 -94l249 249q8 7 18 7t18 -7zM250 600h300q21 0 35.5 -14.5t14.5 -35.5v-300q0 -21 -10.5 -25t-24.5 10l-94 94 l-249 -249q-8 -7 -18 -7t-18 7l-106 106q-7 8 -7 18t7 18l249 249l-94 94q-14 14 -10 24.5t25 10.5z" /> |
|||
<glyph unicode="" d="M600 1177q117 0 224 -45.5t184.5 -123t123 -184.5t45.5 -224t-45.5 -224t-123 -184.5t-184.5 -123t-224 -45.5t-224 45.5t-184.5 123t-123 184.5t-45.5 224t45.5 224t123 184.5t184.5 123t224 45.5zM704 900h-208q-20 0 -32 -14.5t-8 -34.5l58 -302q4 -20 21.5 -34.5 t37.5 -14.5h54q20 0 37.5 14.5t21.5 34.5l58 302q4 20 -8 34.5t-32 14.5zM675 400h-150q-10 0 -17.5 -7.5t-7.5 -17.5v-150q0 -10 7.5 -17.5t17.5 -7.5h150q10 0 17.5 7.5t7.5 17.5v150q0 10 -7.5 17.5t-17.5 7.5z" /> |
|||
<glyph unicode="" d="M260 1200q9 0 19 -2t15 -4l5 -2q22 -10 44 -23l196 -118q21 -13 36 -24q29 -21 37 -12q11 13 49 35l196 118q22 13 45 23q17 7 38 7q23 0 47 -16.5t37 -33.5l13 -16q14 -21 18 -45l25 -123l8 -44q1 -9 8.5 -14.5t17.5 -5.5h61q10 0 17.5 -7.5t7.5 -17.5v-50 q0 -10 -7.5 -17.5t-17.5 -7.5h-50q-10 0 -17.5 -7.5t-7.5 -17.5v-175h-400v300h-200v-300h-400v175q0 10 -7.5 17.5t-17.5 7.5h-50q-10 0 -17.5 7.5t-7.5 17.5v50q0 10 7.5 17.5t17.5 7.5h61q11 0 18 3t7 8q0 4 9 52l25 128q5 25 19 45q2 3 5 7t13.5 15t21.5 19.5t26.5 15.5 t29.5 7zM915 1079l-166 -162q-7 -7 -5 -12t12 -5h219q10 0 15 7t2 17l-51 149q-3 10 -11 12t-15 -6zM463 917l-177 157q-8 7 -16 5t-11 -12l-51 -143q-3 -10 2 -17t15 -7h231q11 0 12.5 5t-5.5 12zM500 0h-375q-10 0 -17.5 7.5t-7.5 17.5v375h400v-400zM1100 400v-375 q0 -10 -7.5 -17.5t-17.5 -7.5h-375v400h400z" /> |
|||
<glyph unicode="" d="M1165 1190q8 3 21 -6.5t13 -17.5q-2 -178 -24.5 -323.5t-55.5 -245.5t-87 -174.5t-102.5 -118.5t-118 -68.5t-118.5 -33t-120 -4.5t-105 9.5t-90 16.5q-61 12 -78 11q-4 1 -12.5 0t-34 -14.5t-52.5 -40.5l-153 -153q-26 -24 -37 -14.5t-11 43.5q0 64 42 102q8 8 50.5 45 t66.5 58q19 17 35 47t13 61q-9 55 -10 102.5t7 111t37 130t78 129.5q39 51 80 88t89.5 63.5t94.5 45t113.5 36t129 31t157.5 37t182 47.5zM1116 1098q-8 9 -22.5 -3t-45.5 -50q-38 -47 -119 -103.5t-142 -89.5l-62 -33q-56 -30 -102 -57t-104 -68t-102.5 -80.5t-85.5 -91 t-64 -104.5q-24 -56 -31 -86t2 -32t31.5 17.5t55.5 59.5q25 30 94 75.5t125.5 77.5t147.5 81q70 37 118.5 69t102 79.5t99 111t86.5 148.5q22 50 24 60t-6 19z" /> |
|||
<glyph unicode="" d="M653 1231q-39 -67 -54.5 -131t-10.5 -114.5t24.5 -96.5t47.5 -80t63.5 -62.5t68.5 -46.5t65 -30q-4 7 -17.5 35t-18.5 39.5t-17 39.5t-17 43t-13 42t-9.5 44.5t-2 42t4 43t13.5 39t23 38.5q96 -42 165 -107.5t105 -138t52 -156t13 -159t-19 -149.5q-13 -55 -44 -106.5 t-68 -87t-78.5 -64.5t-72.5 -45t-53 -22q-72 -22 -127 -11q-31 6 -13 19q6 3 17 7q13 5 32.5 21t41 44t38.5 63.5t21.5 81.5t-6.5 94.5t-50 107t-104 115.5q10 -104 -0.5 -189t-37 -140.5t-65 -93t-84 -52t-93.5 -11t-95 24.5q-80 36 -131.5 114t-53.5 171q-2 23 0 49.5 t4.5 52.5t13.5 56t27.5 60t46 64.5t69.5 68.5q-8 -53 -5 -102.5t17.5 -90t34 -68.5t44.5 -39t49 -2q31 13 38.5 36t-4.5 55t-29 64.5t-36 75t-26 75.5q-15 85 2 161.5t53.5 128.5t85.5 92.5t93.5 61t81.5 25.5z" /> |
|||
<glyph unicode="" d="M600 1094q82 0 160.5 -22.5t140 -59t116.5 -82.5t94.5 -95t68 -95t42.5 -82.5t14 -57.5t-14 -57.5t-43 -82.5t-68.5 -95t-94.5 -95t-116.5 -82.5t-140 -59t-159.5 -22.5t-159.5 22.5t-140 59t-116.5 82.5t-94.5 95t-68.5 95t-43 82.5t-14 57.5t14 57.5t42.5 82.5t68 95 t94.5 95t116.5 82.5t140 59t160.5 22.5zM888 829q-15 15 -18 12t5 -22q25 -57 25 -119q0 -124 -88 -212t-212 -88t-212 88t-88 212q0 59 23 114q8 19 4.5 22t-17.5 -12q-70 -69 -160 -184q-13 -16 -15 -40.5t9 -42.5q22 -36 47 -71t70 -82t92.5 -81t113 -58.5t133.5 -24.5 t133.5 24t113 58.5t92.5 81.5t70 81.5t47 70.5q11 18 9 42.5t-14 41.5q-90 117 -163 189zM448 727l-35 -36q-15 -15 -19.5 -38.5t4.5 -41.5q37 -68 93 -116q16 -13 38.5 -11t36.5 17l35 34q14 15 12.5 33.5t-16.5 33.5q-44 44 -89 117q-11 18 -28 20t-32 -12z" /> |
|||
<glyph unicode="" d="M592 0h-148l31 120q-91 20 -175.5 68.5t-143.5 106.5t-103.5 119t-66.5 110t-22 76q0 21 14 57.5t42.5 82.5t68 95t94.5 95t116.5 82.5t140 59t160.5 22.5q61 0 126 -15l32 121h148zM944 770l47 181q108 -85 176.5 -192t68.5 -159q0 -26 -19.5 -71t-59.5 -102t-93 -112 t-129 -104.5t-158 -75.5l46 173q77 49 136 117t97 131q11 18 9 42.5t-14 41.5q-54 70 -107 130zM310 824q-70 -69 -160 -184q-13 -16 -15 -40.5t9 -42.5q18 -30 39 -60t57 -70.5t74 -73t90 -61t105 -41.5l41 154q-107 18 -178.5 101.5t-71.5 193.5q0 59 23 114q8 19 4.5 22 t-17.5 -12zM448 727l-35 -36q-15 -15 -19.5 -38.5t4.5 -41.5q37 -68 93 -116q16 -13 38.5 -11t36.5 17l12 11l22 86l-3 4q-44 44 -89 117q-11 18 -28 20t-32 -12z" /> |
|||
<glyph unicode="" d="M-90 100l642 1066q20 31 48 28.5t48 -35.5l642 -1056q21 -32 7.5 -67.5t-50.5 -35.5h-1294q-37 0 -50.5 34t7.5 66zM155 200h345v75q0 10 7.5 17.5t17.5 7.5h150q10 0 17.5 -7.5t7.5 -17.5v-75h345l-445 723zM496 700h208q20 0 32 -14.5t8 -34.5l-58 -252 q-4 -20 -21.5 -34.5t-37.5 -14.5h-54q-20 0 -37.5 14.5t-21.5 34.5l-58 252q-4 20 8 34.5t32 14.5z" /> |
|||
<glyph unicode="" d="M650 1200q62 0 106 -44t44 -106v-339l363 -325q15 -14 26 -38.5t11 -44.5v-41q0 -20 -12 -26.5t-29 5.5l-359 249v-263q100 -93 100 -113v-64q0 -21 -13 -29t-32 1l-205 128l-205 -128q-19 -9 -32 -1t-13 29v64q0 20 100 113v263l-359 -249q-17 -12 -29 -5.5t-12 26.5v41 q0 20 11 44.5t26 38.5l363 325v339q0 62 44 106t106 44z" /> |
|||
<glyph unicode="" d="M850 1200h100q21 0 35.5 -14.5t14.5 -35.5v-50h50q21 0 35.5 -14.5t14.5 -35.5v-150h-1100v150q0 21 14.5 35.5t35.5 14.5h50v50q0 21 14.5 35.5t35.5 14.5h100q21 0 35.5 -14.5t14.5 -35.5v-50h500v50q0 21 14.5 35.5t35.5 14.5zM1100 800v-750q0 -21 -14.5 -35.5 t-35.5 -14.5h-1000q-21 0 -35.5 14.5t-14.5 35.5v750h1100zM100 600v-100h100v100h-100zM300 600v-100h100v100h-100zM500 600v-100h100v100h-100zM700 600v-100h100v100h-100zM900 600v-100h100v100h-100zM100 400v-100h100v100h-100zM300 400v-100h100v100h-100zM500 400 v-100h100v100h-100zM700 400v-100h100v100h-100zM900 400v-100h100v100h-100zM100 200v-100h100v100h-100zM300 200v-100h100v100h-100zM500 200v-100h100v100h-100zM700 200v-100h100v100h-100zM900 200v-100h100v100h-100z" /> |
|||
<glyph unicode="" d="M1135 1165l249 -230q15 -14 15 -35t-15 -35l-249 -230q-14 -14 -24.5 -10t-10.5 25v150h-159l-600 -600h-291q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5h209l600 600h241v150q0 21 10.5 25t24.5 -10zM522 819l-141 -141l-122 122h-209q-21 0 -35.5 14.5 t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5h291zM1135 565l249 -230q15 -14 15 -35t-15 -35l-249 -230q-14 -14 -24.5 -10t-10.5 25v150h-241l-181 181l141 141l122 -122h159v150q0 21 10.5 25t24.5 -10z" /> |
|||
<glyph unicode="" d="M100 1100h1000q41 0 70.5 -29.5t29.5 -70.5v-600q0 -41 -29.5 -70.5t-70.5 -29.5h-596l-304 -300v300h-100q-41 0 -70.5 29.5t-29.5 70.5v600q0 41 29.5 70.5t70.5 29.5z" /> |
|||
<glyph unicode="" d="M150 1200h200q21 0 35.5 -14.5t14.5 -35.5v-250h-300v250q0 21 14.5 35.5t35.5 14.5zM850 1200h200q21 0 35.5 -14.5t14.5 -35.5v-250h-300v250q0 21 14.5 35.5t35.5 14.5zM1100 800v-300q0 -41 -3 -77.5t-15 -89.5t-32 -96t-58 -89t-89 -77t-129 -51t-174 -20t-174 20 t-129 51t-89 77t-58 89t-32 96t-15 89.5t-3 77.5v300h300v-250v-27v-42.5t1.5 -41t5 -38t10 -35t16.5 -30t25.5 -24.5t35 -19t46.5 -12t60 -4t60 4.5t46.5 12.5t35 19.5t25 25.5t17 30.5t10 35t5 38t2 40.5t-0.5 42v25v250h300z" /> |
|||
<glyph unicode="" d="M1100 411l-198 -199l-353 353l-353 -353l-197 199l551 551z" /> |
|||
<glyph unicode="" d="M1101 789l-550 -551l-551 551l198 199l353 -353l353 353z" /> |
|||
<glyph unicode="" d="M404 1000h746q21 0 35.5 -14.5t14.5 -35.5v-551h150q21 0 25 -10.5t-10 -24.5l-230 -249q-14 -15 -35 -15t-35 15l-230 249q-14 14 -10 24.5t25 10.5h150v401h-381zM135 984l230 -249q14 -14 10 -24.5t-25 -10.5h-150v-400h385l215 -200h-750q-21 0 -35.5 14.5 t-14.5 35.5v550h-150q-21 0 -25 10.5t10 24.5l230 249q14 15 35 15t35 -15z" /> |
|||
<glyph unicode="" d="M56 1200h94q17 0 31 -11t18 -27l38 -162h896q24 0 39 -18.5t10 -42.5l-100 -475q-5 -21 -27 -42.5t-55 -21.5h-633l48 -200h535q21 0 35.5 -14.5t14.5 -35.5t-14.5 -35.5t-35.5 -14.5h-50v-50q0 -21 -14.5 -35.5t-35.5 -14.5t-35.5 14.5t-14.5 35.5v50h-300v-50 q0 -21 -14.5 -35.5t-35.5 -14.5t-35.5 14.5t-14.5 35.5v50h-31q-18 0 -32.5 10t-20.5 19l-5 10l-201 961h-54q-20 0 -35 14.5t-15 35.5t15 35.5t35 14.5z" /> |
|||
<glyph unicode="" d="M1200 1000v-100h-1200v100h200q0 41 29.5 70.5t70.5 29.5h300q41 0 70.5 -29.5t29.5 -70.5h500zM0 800h1200v-800h-1200v800z" /> |
|||
<glyph unicode="" d="M200 800l-200 -400v600h200q0 41 29.5 70.5t70.5 29.5h300q42 0 71 -29.5t29 -70.5h500v-200h-1000zM1500 700l-300 -700h-1200l300 700h1200z" /> |
|||
<glyph unicode="" d="M635 1184l230 -249q14 -14 10 -24.5t-25 -10.5h-150v-601h150q21 0 25 -10.5t-10 -24.5l-230 -249q-14 -15 -35 -15t-35 15l-230 249q-14 14 -10 24.5t25 10.5h150v601h-150q-21 0 -25 10.5t10 24.5l230 249q14 15 35 15t35 -15z" /> |
|||
<glyph unicode="" d="M936 864l249 -229q14 -15 14 -35.5t-14 -35.5l-249 -229q-15 -15 -25.5 -10.5t-10.5 24.5v151h-600v-151q0 -20 -10.5 -24.5t-25.5 10.5l-249 229q-14 15 -14 35.5t14 35.5l249 229q15 15 25.5 10.5t10.5 -25.5v-149h600v149q0 21 10.5 25.5t25.5 -10.5z" /> |
|||
<glyph unicode="" d="M1169 400l-172 732q-5 23 -23 45.5t-38 22.5h-672q-20 0 -38 -20t-23 -41l-172 -739h1138zM1100 300h-1000q-41 0 -70.5 -29.5t-29.5 -70.5v-100q0 -41 29.5 -70.5t70.5 -29.5h1000q41 0 70.5 29.5t29.5 70.5v100q0 41 -29.5 70.5t-70.5 29.5zM800 100v100h100v-100h-100 zM1000 100v100h100v-100h-100z" /> |
|||
<glyph unicode="" d="M1150 1100q21 0 35.5 -14.5t14.5 -35.5v-850q0 -21 -14.5 -35.5t-35.5 -14.5t-35.5 14.5t-14.5 35.5v850q0 21 14.5 35.5t35.5 14.5zM1000 200l-675 200h-38l47 -276q3 -16 -5.5 -20t-29.5 -4h-7h-84q-20 0 -34.5 14t-18.5 35q-55 337 -55 351v250v6q0 16 1 23.5t6.5 14 t17.5 6.5h200l675 250v-850zM0 750v-250q-4 0 -11 0.5t-24 6t-30 15t-24 30t-11 48.5v50q0 26 10.5 46t25 30t29 16t25.5 7z" /> |
|||
<glyph unicode="" d="M553 1200h94q20 0 29 -10.5t3 -29.5l-18 -37q83 -19 144 -82.5t76 -140.5l63 -327l118 -173h17q19 0 33 -14.5t14 -35t-13 -40.5t-31 -27q-8 -4 -23 -9.5t-65 -19.5t-103 -25t-132.5 -20t-158.5 -9q-57 0 -115 5t-104 12t-88.5 15.5t-73.5 17.5t-54.5 16t-35.5 12l-11 4 q-18 8 -31 28t-13 40.5t14 35t33 14.5h17l118 173l63 327q15 77 76 140t144 83l-18 32q-6 19 3.5 32t28.5 13zM498 110q50 -6 102 -6q53 0 102 6q-12 -49 -39.5 -79.5t-62.5 -30.5t-63 30.5t-39 79.5z" /> |
|||
<glyph unicode="" d="M800 946l224 78l-78 -224l234 -45l-180 -155l180 -155l-234 -45l78 -224l-224 78l-45 -234l-155 180l-155 -180l-45 234l-224 -78l78 224l-234 45l180 155l-180 155l234 45l-78 224l224 -78l45 234l155 -180l155 180z" /> |
|||
<glyph unicode="" d="M650 1200h50q40 0 70 -40.5t30 -84.5v-150l-28 -125h328q40 0 70 -40.5t30 -84.5v-100q0 -45 -29 -74l-238 -344q-16 -24 -38 -40.5t-45 -16.5h-250q-7 0 -42 25t-66 50l-31 25h-61q-45 0 -72.5 18t-27.5 57v400q0 36 20 63l145 196l96 198q13 28 37.5 48t51.5 20z M650 1100l-100 -212l-150 -213v-375h100l136 -100h214l250 375v125h-450l50 225v175h-50zM50 800h100q21 0 35.5 -14.5t14.5 -35.5v-500q0 -21 -14.5 -35.5t-35.5 -14.5h-100q-21 0 -35.5 14.5t-14.5 35.5v500q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M600 1100h250q23 0 45 -16.5t38 -40.5l238 -344q29 -29 29 -74v-100q0 -44 -30 -84.5t-70 -40.5h-328q28 -118 28 -125v-150q0 -44 -30 -84.5t-70 -40.5h-50q-27 0 -51.5 20t-37.5 48l-96 198l-145 196q-20 27 -20 63v400q0 39 27.5 57t72.5 18h61q124 100 139 100z M50 1000h100q21 0 35.5 -14.5t14.5 -35.5v-500q0 -21 -14.5 -35.5t-35.5 -14.5h-100q-21 0 -35.5 14.5t-14.5 35.5v500q0 21 14.5 35.5t35.5 14.5zM636 1000l-136 -100h-100v-375l150 -213l100 -212h50v175l-50 225h450v125l-250 375h-214z" /> |
|||
<glyph unicode="" d="M356 873l363 230q31 16 53 -6l110 -112q13 -13 13.5 -32t-11.5 -34l-84 -121h302q84 0 138 -38t54 -110t-55 -111t-139 -39h-106l-131 -339q-6 -21 -19.5 -41t-28.5 -20h-342q-7 0 -90 81t-83 94v525q0 17 14 35.5t28 28.5zM400 792v-503l100 -89h293l131 339 q6 21 19.5 41t28.5 20h203q21 0 30.5 25t0.5 50t-31 25h-456h-7h-6h-5.5t-6 0.5t-5 1.5t-5 2t-4 2.5t-4 4t-2.5 4.5q-12 25 5 47l146 183l-86 83zM50 800h100q21 0 35.5 -14.5t14.5 -35.5v-500q0 -21 -14.5 -35.5t-35.5 -14.5h-100q-21 0 -35.5 14.5t-14.5 35.5v500 q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M475 1103l366 -230q2 -1 6 -3.5t14 -10.5t18 -16.5t14.5 -20t6.5 -22.5v-525q0 -13 -86 -94t-93 -81h-342q-15 0 -28.5 20t-19.5 41l-131 339h-106q-85 0 -139.5 39t-54.5 111t54 110t138 38h302l-85 121q-11 15 -10.5 34t13.5 32l110 112q22 22 53 6zM370 945l146 -183 q17 -22 5 -47q-2 -2 -3.5 -4.5t-4 -4t-4 -2.5t-5 -2t-5 -1.5t-6 -0.5h-6h-6.5h-6h-475v-100h221q15 0 29 -20t20 -41l130 -339h294l106 89v503l-342 236zM1050 800h100q21 0 35.5 -14.5t14.5 -35.5v-500q0 -21 -14.5 -35.5t-35.5 -14.5h-100q-21 0 -35.5 14.5t-14.5 35.5 v500q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M550 1294q72 0 111 -55t39 -139v-106l339 -131q21 -6 41 -19.5t20 -28.5v-342q0 -7 -81 -90t-94 -83h-525q-17 0 -35.5 14t-28.5 28l-9 14l-230 363q-16 31 6 53l112 110q13 13 32 13.5t34 -11.5l121 -84v302q0 84 38 138t110 54zM600 972v203q0 21 -25 30.5t-50 0.5 t-25 -31v-456v-7v-6v-5.5t-0.5 -6t-1.5 -5t-2 -5t-2.5 -4t-4 -4t-4.5 -2.5q-25 -12 -47 5l-183 146l-83 -86l236 -339h503l89 100v293l-339 131q-21 6 -41 19.5t-20 28.5zM450 200h500q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-500 q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M350 1100h500q21 0 35.5 14.5t14.5 35.5v100q0 21 -14.5 35.5t-35.5 14.5h-500q-21 0 -35.5 -14.5t-14.5 -35.5v-100q0 -21 14.5 -35.5t35.5 -14.5zM600 306v-106q0 -84 -39 -139t-111 -55t-110 54t-38 138v302l-121 -84q-15 -12 -34 -11.5t-32 13.5l-112 110 q-22 22 -6 53l230 363q1 2 3.5 6t10.5 13.5t16.5 17t20 13.5t22.5 6h525q13 0 94 -83t81 -90v-342q0 -15 -20 -28.5t-41 -19.5zM308 900l-236 -339l83 -86l183 146q22 17 47 5q2 -1 4.5 -2.5t4 -4t2.5 -4t2 -5t1.5 -5t0.5 -6v-5.5v-6v-7v-456q0 -22 25 -31t50 0.5t25 30.5 v203q0 15 20 28.5t41 19.5l339 131v293l-89 100h-503z" /> |
|||
<glyph unicode="" d="M600 1178q118 0 225 -45.5t184.5 -123t123 -184.5t45.5 -225t-45.5 -225t-123 -184.5t-184.5 -123t-225 -45.5t-225 45.5t-184.5 123t-123 184.5t-45.5 225t45.5 225t123 184.5t184.5 123t225 45.5zM914 632l-275 223q-16 13 -27.5 8t-11.5 -26v-137h-275 q-10 0 -17.5 -7.5t-7.5 -17.5v-150q0 -10 7.5 -17.5t17.5 -7.5h275v-137q0 -21 11.5 -26t27.5 8l275 223q16 13 16 32t-16 32z" /> |
|||
<glyph unicode="" d="M600 1178q118 0 225 -45.5t184.5 -123t123 -184.5t45.5 -225t-45.5 -225t-123 -184.5t-184.5 -123t-225 -45.5t-225 45.5t-184.5 123t-123 184.5t-45.5 225t45.5 225t123 184.5t184.5 123t225 45.5zM561 855l-275 -223q-16 -13 -16 -32t16 -32l275 -223q16 -13 27.5 -8 t11.5 26v137h275q10 0 17.5 7.5t7.5 17.5v150q0 10 -7.5 17.5t-17.5 7.5h-275v137q0 21 -11.5 26t-27.5 -8z" /> |
|||
<glyph unicode="" d="M600 1178q118 0 225 -45.5t184.5 -123t123 -184.5t45.5 -225t-45.5 -225t-123 -184.5t-184.5 -123t-225 -45.5t-225 45.5t-184.5 123t-123 184.5t-45.5 225t45.5 225t123 184.5t184.5 123t225 45.5zM855 639l-223 275q-13 16 -32 16t-32 -16l-223 -275q-13 -16 -8 -27.5 t26 -11.5h137v-275q0 -10 7.5 -17.5t17.5 -7.5h150q10 0 17.5 7.5t7.5 17.5v275h137q21 0 26 11.5t-8 27.5z" /> |
|||
<glyph unicode="" d="M600 1178q118 0 225 -45.5t184.5 -123t123 -184.5t45.5 -225t-45.5 -225t-123 -184.5t-184.5 -123t-225 -45.5t-225 45.5t-184.5 123t-123 184.5t-45.5 225t45.5 225t123 184.5t184.5 123t225 45.5zM675 900h-150q-10 0 -17.5 -7.5t-7.5 -17.5v-275h-137q-21 0 -26 -11.5 t8 -27.5l223 -275q13 -16 32 -16t32 16l223 275q13 16 8 27.5t-26 11.5h-137v275q0 10 -7.5 17.5t-17.5 7.5z" /> |
|||
<glyph unicode="" d="M600 1176q116 0 222.5 -46t184 -123.5t123.5 -184t46 -222.5t-46 -222.5t-123.5 -184t-184 -123.5t-222.5 -46t-222.5 46t-184 123.5t-123.5 184t-46 222.5t46 222.5t123.5 184t184 123.5t222.5 46zM627 1101q-15 -12 -36.5 -20.5t-35.5 -12t-43 -8t-39 -6.5 q-15 -3 -45.5 0t-45.5 -2q-20 -7 -51.5 -26.5t-34.5 -34.5q-3 -11 6.5 -22.5t8.5 -18.5q-3 -34 -27.5 -91t-29.5 -79q-9 -34 5 -93t8 -87q0 -9 17 -44.5t16 -59.5q12 0 23 -5t23.5 -15t19.5 -14q16 -8 33 -15t40.5 -15t34.5 -12q21 -9 52.5 -32t60 -38t57.5 -11 q7 -15 -3 -34t-22.5 -40t-9.5 -38q13 -21 23 -34.5t27.5 -27.5t36.5 -18q0 -7 -3.5 -16t-3.5 -14t5 -17q104 -2 221 112q30 29 46.5 47t34.5 49t21 63q-13 8 -37 8.5t-36 7.5q-15 7 -49.5 15t-51.5 19q-18 0 -41 -0.5t-43 -1.5t-42 -6.5t-38 -16.5q-51 -35 -66 -12 q-4 1 -3.5 25.5t0.5 25.5q-6 13 -26.5 17.5t-24.5 6.5q1 15 -0.5 30.5t-7 28t-18.5 11.5t-31 -21q-23 -25 -42 4q-19 28 -8 58q6 16 22 22q6 -1 26 -1.5t33.5 -4t19.5 -13.5q7 -12 18 -24t21.5 -20.5t20 -15t15.5 -10.5l5 -3q2 12 7.5 30.5t8 34.5t-0.5 32q-3 18 3.5 29 t18 22.5t15.5 24.5q6 14 10.5 35t8 31t15.5 22.5t34 22.5q-6 18 10 36q8 0 24 -1.5t24.5 -1.5t20 4.5t20.5 15.5q-10 23 -31 42.5t-37.5 29.5t-49 27t-43.5 23q0 1 2 8t3 11.5t1.5 10.5t-1 9.5t-4.5 4.5q31 -13 58.5 -14.5t38.5 2.5l12 5q5 28 -9.5 46t-36.5 24t-50 15 t-41 20q-18 -4 -37 0zM613 994q0 -17 8 -42t17 -45t9 -23q-8 1 -39.5 5.5t-52.5 10t-37 16.5q3 11 16 29.5t16 25.5q10 -10 19 -10t14 6t13.5 14.5t16.5 12.5z" /> |
|||
<glyph unicode="" d="M756 1157q164 92 306 -9l-259 -138l145 -232l251 126q6 -89 -34 -156.5t-117 -110.5q-60 -34 -127 -39.5t-126 16.5l-596 -596q-15 -16 -36.5 -16t-36.5 16l-111 110q-15 15 -15 36.5t15 37.5l600 599q-34 101 5.5 201.5t135.5 154.5z" /> |
|||
<glyph unicode="" horiz-adv-x="1220" d="M100 1196h1000q41 0 70.5 -29.5t29.5 -70.5v-100q0 -41 -29.5 -70.5t-70.5 -29.5h-1000q-41 0 -70.5 29.5t-29.5 70.5v100q0 41 29.5 70.5t70.5 29.5zM1100 1096h-200v-100h200v100zM100 796h1000q41 0 70.5 -29.5t29.5 -70.5v-100q0 -41 -29.5 -70.5t-70.5 -29.5h-1000 q-41 0 -70.5 29.5t-29.5 70.5v100q0 41 29.5 70.5t70.5 29.5zM1100 696h-500v-100h500v100zM100 396h1000q41 0 70.5 -29.5t29.5 -70.5v-100q0 -41 -29.5 -70.5t-70.5 -29.5h-1000q-41 0 -70.5 29.5t-29.5 70.5v100q0 41 29.5 70.5t70.5 29.5zM1100 296h-300v-100h300v100z " /> |
|||
<glyph unicode="" d="M150 1200h900q21 0 35.5 -14.5t14.5 -35.5t-14.5 -35.5t-35.5 -14.5h-900q-21 0 -35.5 14.5t-14.5 35.5t14.5 35.5t35.5 14.5zM700 500v-300l-200 -200v500l-350 500h900z" /> |
|||
<glyph unicode="" d="M500 1200h200q41 0 70.5 -29.5t29.5 -70.5v-100h300q41 0 70.5 -29.5t29.5 -70.5v-400h-500v100h-200v-100h-500v400q0 41 29.5 70.5t70.5 29.5h300v100q0 41 29.5 70.5t70.5 29.5zM500 1100v-100h200v100h-200zM1200 400v-200q0 -41 -29.5 -70.5t-70.5 -29.5h-1000 q-41 0 -70.5 29.5t-29.5 70.5v200h1200z" /> |
|||
<glyph unicode="" d="M50 1200h300q21 0 25 -10.5t-10 -24.5l-94 -94l199 -199q7 -8 7 -18t-7 -18l-106 -106q-8 -7 -18 -7t-18 7l-199 199l-94 -94q-14 -14 -24.5 -10t-10.5 25v300q0 21 14.5 35.5t35.5 14.5zM850 1200h300q21 0 35.5 -14.5t14.5 -35.5v-300q0 -21 -10.5 -25t-24.5 10l-94 94 l-199 -199q-8 -7 -18 -7t-18 7l-106 106q-7 8 -7 18t7 18l199 199l-94 94q-14 14 -10 24.5t25 10.5zM364 470l106 -106q7 -8 7 -18t-7 -18l-199 -199l94 -94q14 -14 10 -24.5t-25 -10.5h-300q-21 0 -35.5 14.5t-14.5 35.5v300q0 21 10.5 25t24.5 -10l94 -94l199 199 q8 7 18 7t18 -7zM1071 271l94 94q14 14 24.5 10t10.5 -25v-300q0 -21 -14.5 -35.5t-35.5 -14.5h-300q-21 0 -25 10.5t10 24.5l94 94l-199 199q-7 8 -7 18t7 18l106 106q8 7 18 7t18 -7z" /> |
|||
<glyph unicode="" d="M596 1192q121 0 231.5 -47.5t190 -127t127 -190t47.5 -231.5t-47.5 -231.5t-127 -190.5t-190 -127t-231.5 -47t-231.5 47t-190.5 127t-127 190.5t-47 231.5t47 231.5t127 190t190.5 127t231.5 47.5zM596 1010q-112 0 -207.5 -55.5t-151 -151t-55.5 -207.5t55.5 -207.5 t151 -151t207.5 -55.5t207.5 55.5t151 151t55.5 207.5t-55.5 207.5t-151 151t-207.5 55.5zM454.5 905q22.5 0 38.5 -16t16 -38.5t-16 -39t-38.5 -16.5t-38.5 16.5t-16 39t16 38.5t38.5 16zM754.5 905q22.5 0 38.5 -16t16 -38.5t-16 -39t-38 -16.5q-14 0 -29 10l-55 -145 q17 -23 17 -51q0 -36 -25.5 -61.5t-61.5 -25.5t-61.5 25.5t-25.5 61.5q0 32 20.5 56.5t51.5 29.5l122 126l1 1q-9 14 -9 28q0 23 16 39t38.5 16zM345.5 709q22.5 0 38.5 -16t16 -38.5t-16 -38.5t-38.5 -16t-38.5 16t-16 38.5t16 38.5t38.5 16zM854.5 709q22.5 0 38.5 -16 t16 -38.5t-16 -38.5t-38.5 -16t-38.5 16t-16 38.5t16 38.5t38.5 16z" /> |
|||
<glyph unicode="" d="M546 173l469 470q91 91 99 192q7 98 -52 175.5t-154 94.5q-22 4 -47 4q-34 0 -66.5 -10t-56.5 -23t-55.5 -38t-48 -41.5t-48.5 -47.5q-376 -375 -391 -390q-30 -27 -45 -41.5t-37.5 -41t-32 -46.5t-16 -47.5t-1.5 -56.5q9 -62 53.5 -95t99.5 -33q74 0 125 51l548 548 q36 36 20 75q-7 16 -21.5 26t-32.5 10q-26 0 -50 -23q-13 -12 -39 -38l-341 -338q-15 -15 -35.5 -15.5t-34.5 13.5t-14 34.5t14 34.5q327 333 361 367q35 35 67.5 51.5t78.5 16.5q14 0 29 -1q44 -8 74.5 -35.5t43.5 -68.5q14 -47 2 -96.5t-47 -84.5q-12 -11 -32 -32 t-79.5 -81t-114.5 -115t-124.5 -123.5t-123 -119.5t-96.5 -89t-57 -45q-56 -27 -120 -27q-70 0 -129 32t-93 89q-48 78 -35 173t81 163l511 511q71 72 111 96q91 55 198 55q80 0 152 -33q78 -36 129.5 -103t66.5 -154q17 -93 -11 -183.5t-94 -156.5l-482 -476 q-15 -15 -36 -16t-37 14t-17.5 34t14.5 35z" /> |
|||
<glyph unicode="" d="M649 949q48 68 109.5 104t121.5 38.5t118.5 -20t102.5 -64t71 -100.5t27 -123q0 -57 -33.5 -117.5t-94 -124.5t-126.5 -127.5t-150 -152.5t-146 -174q-62 85 -145.5 174t-150 152.5t-126.5 127.5t-93.5 124.5t-33.5 117.5q0 64 28 123t73 100.5t104 64t119 20 t120.5 -38.5t104.5 -104zM896 972q-33 0 -64.5 -19t-56.5 -46t-47.5 -53.5t-43.5 -45.5t-37.5 -19t-36 19t-40 45.5t-43 53.5t-54 46t-65.5 19q-67 0 -122.5 -55.5t-55.5 -132.5q0 -23 13.5 -51t46 -65t57.5 -63t76 -75l22 -22q15 -14 44 -44t50.5 -51t46 -44t41 -35t23 -12 t23.5 12t42.5 36t46 44t52.5 52t44 43q4 4 12 13q43 41 63.5 62t52 55t46 55t26 46t11.5 44q0 79 -53 133.5t-120 54.5z" /> |
|||
<glyph unicode="" d="M776.5 1214q93.5 0 159.5 -66l141 -141q66 -66 66 -160q0 -42 -28 -95.5t-62 -87.5l-29 -29q-31 53 -77 99l-18 18l95 95l-247 248l-389 -389l212 -212l-105 -106l-19 18l-141 141q-66 66 -66 159t66 159l283 283q65 66 158.5 66zM600 706l105 105q10 -8 19 -17l141 -141 q66 -66 66 -159t-66 -159l-283 -283q-66 -66 -159 -66t-159 66l-141 141q-66 66 -66 159.5t66 159.5l55 55q29 -55 75 -102l18 -17l-95 -95l247 -248l389 389z" /> |
|||
<glyph unicode="" d="M603 1200q85 0 162 -15t127 -38t79 -48t29 -46v-953q0 -41 -29.5 -70.5t-70.5 -29.5h-600q-41 0 -70.5 29.5t-29.5 70.5v953q0 21 30 46.5t81 48t129 37.5t163 15zM300 1000v-700h600v700h-600zM600 254q-43 0 -73.5 -30.5t-30.5 -73.5t30.5 -73.5t73.5 -30.5t73.5 30.5 t30.5 73.5t-30.5 73.5t-73.5 30.5z" /> |
|||
<glyph unicode="" d="M902 1185l283 -282q15 -15 15 -36t-14.5 -35.5t-35.5 -14.5t-35 15l-36 35l-279 -267v-300l-212 210l-308 -307l-280 -203l203 280l307 308l-210 212h300l267 279l-35 36q-15 14 -15 35t14.5 35.5t35.5 14.5t35 -15z" /> |
|||
<glyph unicode="" d="M700 1248v-78q38 -5 72.5 -14.5t75.5 -31.5t71 -53.5t52 -84t24 -118.5h-159q-4 36 -10.5 59t-21 45t-40 35.5t-64.5 20.5v-307l64 -13q34 -7 64 -16.5t70 -32t67.5 -52.5t47.5 -80t20 -112q0 -139 -89 -224t-244 -97v-77h-100v79q-150 16 -237 103q-40 40 -52.5 93.5 t-15.5 139.5h139q5 -77 48.5 -126t117.5 -65v335l-27 8q-46 14 -79 26.5t-72 36t-63 52t-40 72.5t-16 98q0 70 25 126t67.5 92t94.5 57t110 27v77h100zM600 754v274q-29 -4 -50 -11t-42 -21.5t-31.5 -41.5t-10.5 -65q0 -29 7 -50.5t16.5 -34t28.5 -22.5t31.5 -14t37.5 -10 q9 -3 13 -4zM700 547v-310q22 2 42.5 6.5t45 15.5t41.5 27t29 42t12 59.5t-12.5 59.5t-38 44.5t-53 31t-66.5 24.5z" /> |
|||
<glyph unicode="" d="M561 1197q84 0 160.5 -40t123.5 -109.5t47 -147.5h-153q0 40 -19.5 71.5t-49.5 48.5t-59.5 26t-55.5 9q-37 0 -79 -14.5t-62 -35.5q-41 -44 -41 -101q0 -26 13.5 -63t26.5 -61t37 -66q6 -9 9 -14h241v-100h-197q8 -50 -2.5 -115t-31.5 -95q-45 -62 -99 -112 q34 10 83 17.5t71 7.5q32 1 102 -16t104 -17q83 0 136 30l50 -147q-31 -19 -58 -30.5t-55 -15.5t-42 -4.5t-46 -0.5q-23 0 -76 17t-111 32.5t-96 11.5q-39 -3 -82 -16t-67 -25l-23 -11l-55 145q4 3 16 11t15.5 10.5t13 9t15.5 12t14.5 14t17.5 18.5q48 55 54 126.5 t-30 142.5h-221v100h166q-23 47 -44 104q-7 20 -12 41.5t-6 55.5t6 66.5t29.5 70.5t58.5 71q97 88 263 88z" /> |
|||
<glyph unicode="" d="M400 300h150q21 0 25 -11t-10 -25l-230 -250q-14 -15 -35 -15t-35 15l-230 250q-14 14 -10 25t25 11h150v900h200v-900zM935 1184l230 -249q14 -14 10 -24.5t-25 -10.5h-150v-900h-200v900h-150q-21 0 -25 10.5t10 24.5l230 249q14 15 35 15t35 -15z" /> |
|||
<glyph unicode="" d="M1000 700h-100v100h-100v-100h-100v500h300v-500zM400 300h150q21 0 25 -11t-10 -25l-230 -250q-14 -15 -35 -15t-35 15l-230 250q-14 14 -10 25t25 11h150v900h200v-900zM801 1100v-200h100v200h-100zM1000 350l-200 -250h200v-100h-300v150l200 250h-200v100h300v-150z " /> |
|||
<glyph unicode="" d="M400 300h150q21 0 25 -11t-10 -25l-230 -250q-14 -15 -35 -15t-35 15l-230 250q-14 14 -10 25t25 11h150v900h200v-900zM1000 1050l-200 -250h200v-100h-300v150l200 250h-200v100h300v-150zM1000 0h-100v100h-100v-100h-100v500h300v-500zM801 400v-200h100v200h-100z " /> |
|||
<glyph unicode="" d="M400 300h150q21 0 25 -11t-10 -25l-230 -250q-14 -15 -35 -15t-35 15l-230 250q-14 14 -10 25t25 11h150v900h200v-900zM1000 700h-100v400h-100v100h200v-500zM1100 0h-100v100h-200v400h300v-500zM901 400v-200h100v200h-100z" /> |
|||
<glyph unicode="" d="M400 300h150q21 0 25 -11t-10 -25l-230 -250q-14 -15 -35 -15t-35 15l-230 250q-14 14 -10 25t25 11h150v900h200v-900zM1100 700h-100v100h-200v400h300v-500zM901 1100v-200h100v200h-100zM1000 0h-100v400h-100v100h200v-500z" /> |
|||
<glyph unicode="" d="M400 300h150q21 0 25 -11t-10 -25l-230 -250q-14 -15 -35 -15t-35 15l-230 250q-14 14 -10 25t25 11h150v900h200v-900zM900 1000h-200v200h200v-200zM1000 700h-300v200h300v-200zM1100 400h-400v200h400v-200zM1200 100h-500v200h500v-200z" /> |
|||
<glyph unicode="" d="M400 300h150q21 0 25 -11t-10 -25l-230 -250q-14 -15 -35 -15t-35 15l-230 250q-14 14 -10 25t25 11h150v900h200v-900zM1200 1000h-500v200h500v-200zM1100 700h-400v200h400v-200zM1000 400h-300v200h300v-200zM900 100h-200v200h200v-200z" /> |
|||
<glyph unicode="" d="M350 1100h400q162 0 256 -93.5t94 -256.5v-400q0 -165 -93.5 -257.5t-256.5 -92.5h-400q-165 0 -257.5 92.5t-92.5 257.5v400q0 165 92.5 257.5t257.5 92.5zM800 900h-500q-41 0 -70.5 -29.5t-29.5 -70.5v-500q0 -41 29.5 -70.5t70.5 -29.5h500q41 0 70.5 29.5t29.5 70.5 v500q0 41 -29.5 70.5t-70.5 29.5z" /> |
|||
<glyph unicode="" d="M350 1100h400q165 0 257.5 -92.5t92.5 -257.5v-400q0 -165 -92.5 -257.5t-257.5 -92.5h-400q-163 0 -256.5 92.5t-93.5 257.5v400q0 163 94 256.5t256 93.5zM800 900h-500q-41 0 -70.5 -29.5t-29.5 -70.5v-500q0 -41 29.5 -70.5t70.5 -29.5h500q41 0 70.5 29.5t29.5 70.5 v500q0 41 -29.5 70.5t-70.5 29.5zM440 770l253 -190q17 -12 17 -30t-17 -30l-253 -190q-16 -12 -28 -6.5t-12 26.5v400q0 21 12 26.5t28 -6.5z" /> |
|||
<glyph unicode="" d="M350 1100h400q163 0 256.5 -94t93.5 -256v-400q0 -165 -92.5 -257.5t-257.5 -92.5h-400q-165 0 -257.5 92.5t-92.5 257.5v400q0 163 92.5 256.5t257.5 93.5zM800 900h-500q-41 0 -70.5 -29.5t-29.5 -70.5v-500q0 -41 29.5 -70.5t70.5 -29.5h500q41 0 70.5 29.5t29.5 70.5 v500q0 41 -29.5 70.5t-70.5 29.5zM350 700h400q21 0 26.5 -12t-6.5 -28l-190 -253q-12 -17 -30 -17t-30 17l-190 253q-12 16 -6.5 28t26.5 12z" /> |
|||
<glyph unicode="" d="M350 1100h400q165 0 257.5 -92.5t92.5 -257.5v-400q0 -163 -92.5 -256.5t-257.5 -93.5h-400q-163 0 -256.5 94t-93.5 256v400q0 165 92.5 257.5t257.5 92.5zM800 900h-500q-41 0 -70.5 -29.5t-29.5 -70.5v-500q0 -41 29.5 -70.5t70.5 -29.5h500q41 0 70.5 29.5t29.5 70.5 v500q0 41 -29.5 70.5t-70.5 29.5zM580 693l190 -253q12 -16 6.5 -28t-26.5 -12h-400q-21 0 -26.5 12t6.5 28l190 253q12 17 30 17t30 -17z" /> |
|||
<glyph unicode="" d="M550 1100h400q165 0 257.5 -92.5t92.5 -257.5v-400q0 -165 -92.5 -257.5t-257.5 -92.5h-400q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5h450q41 0 70.5 29.5t29.5 70.5v500q0 41 -29.5 70.5t-70.5 29.5h-450q-21 0 -35.5 14.5t-14.5 35.5v100 q0 21 14.5 35.5t35.5 14.5zM338 867l324 -284q16 -14 16 -33t-16 -33l-324 -284q-16 -14 -27 -9t-11 26v150h-250q-21 0 -35.5 14.5t-14.5 35.5v200q0 21 14.5 35.5t35.5 14.5h250v150q0 21 11 26t27 -9z" /> |
|||
<glyph unicode="" d="M793 1182l9 -9q8 -10 5 -27q-3 -11 -79 -225.5t-78 -221.5l300 1q24 0 32.5 -17.5t-5.5 -35.5q-1 0 -133.5 -155t-267 -312.5t-138.5 -162.5q-12 -15 -26 -15h-9l-9 8q-9 11 -4 32q2 9 42 123.5t79 224.5l39 110h-302q-23 0 -31 19q-10 21 6 41q75 86 209.5 237.5 t228 257t98.5 111.5q9 16 25 16h9z" /> |
|||
<glyph unicode="" d="M350 1100h400q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-450q-41 0 -70.5 -29.5t-29.5 -70.5v-500q0 -41 29.5 -70.5t70.5 -29.5h450q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-400q-165 0 -257.5 92.5t-92.5 257.5v400 q0 165 92.5 257.5t257.5 92.5zM938 867l324 -284q16 -14 16 -33t-16 -33l-324 -284q-16 -14 -27 -9t-11 26v150h-250q-21 0 -35.5 14.5t-14.5 35.5v200q0 21 14.5 35.5t35.5 14.5h250v150q0 21 11 26t27 -9z" /> |
|||
<glyph unicode="" d="M750 1200h400q21 0 35.5 -14.5t14.5 -35.5v-400q0 -21 -10.5 -25t-24.5 10l-109 109l-312 -312q-15 -15 -35.5 -15t-35.5 15l-141 141q-15 15 -15 35.5t15 35.5l312 312l-109 109q-14 14 -10 24.5t25 10.5zM456 900h-156q-41 0 -70.5 -29.5t-29.5 -70.5v-500 q0 -41 29.5 -70.5t70.5 -29.5h500q41 0 70.5 29.5t29.5 70.5v148l200 200v-298q0 -165 -93.5 -257.5t-256.5 -92.5h-400q-165 0 -257.5 92.5t-92.5 257.5v400q0 165 92.5 257.5t257.5 92.5h300z" /> |
|||
<glyph unicode="" d="M600 1186q119 0 227.5 -46.5t187 -125t125 -187t46.5 -227.5t-46.5 -227.5t-125 -187t-187 -125t-227.5 -46.5t-227.5 46.5t-187 125t-125 187t-46.5 227.5t46.5 227.5t125 187t187 125t227.5 46.5zM600 1022q-115 0 -212 -56.5t-153.5 -153.5t-56.5 -212t56.5 -212 t153.5 -153.5t212 -56.5t212 56.5t153.5 153.5t56.5 212t-56.5 212t-153.5 153.5t-212 56.5zM600 794q80 0 137 -57t57 -137t-57 -137t-137 -57t-137 57t-57 137t57 137t137 57z" /> |
|||
<glyph unicode="" d="M450 1200h200q21 0 35.5 -14.5t14.5 -35.5v-350h245q20 0 25 -11t-9 -26l-383 -426q-14 -15 -33.5 -15t-32.5 15l-379 426q-13 15 -8.5 26t25.5 11h250v350q0 21 14.5 35.5t35.5 14.5zM50 300h1000q21 0 35.5 -14.5t14.5 -35.5v-250h-1100v250q0 21 14.5 35.5t35.5 14.5z M900 200v-50h100v50h-100z" /> |
|||
<glyph unicode="" d="M583 1182l378 -435q14 -15 9 -31t-26 -16h-244v-250q0 -20 -17 -35t-39 -15h-200q-20 0 -32 14.5t-12 35.5v250h-250q-20 0 -25.5 16.5t8.5 31.5l383 431q14 16 33.5 17t33.5 -14zM50 300h1000q21 0 35.5 -14.5t14.5 -35.5v-250h-1100v250q0 21 14.5 35.5t35.5 14.5z M900 200v-50h100v50h-100z" /> |
|||
<glyph unicode="" d="M396 723l369 369q7 7 17.5 7t17.5 -7l139 -139q7 -8 7 -18.5t-7 -17.5l-525 -525q-7 -8 -17.5 -8t-17.5 8l-292 291q-7 8 -7 18t7 18l139 139q8 7 18.5 7t17.5 -7zM50 300h1000q21 0 35.5 -14.5t14.5 -35.5v-250h-1100v250q0 21 14.5 35.5t35.5 14.5zM900 200v-50h100v50 h-100z" /> |
|||
<glyph unicode="" d="M135 1023l142 142q14 14 35 14t35 -14l77 -77l-212 -212l-77 76q-14 15 -14 36t14 35zM655 855l210 210q14 14 24.5 10t10.5 -25l-2 -599q-1 -20 -15.5 -35t-35.5 -15l-597 -1q-21 0 -25 10.5t10 24.5l208 208l-154 155l212 212zM50 300h1000q21 0 35.5 -14.5t14.5 -35.5 v-250h-1100v250q0 21 14.5 35.5t35.5 14.5zM900 200v-50h100v50h-100z" /> |
|||
<glyph unicode="" d="M350 1200l599 -2q20 -1 35 -15.5t15 -35.5l1 -597q0 -21 -10.5 -25t-24.5 10l-208 208l-155 -154l-212 212l155 154l-210 210q-14 14 -10 24.5t25 10.5zM524 512l-76 -77q-15 -14 -36 -14t-35 14l-142 142q-14 14 -14 35t14 35l77 77zM50 300h1000q21 0 35.5 -14.5 t14.5 -35.5v-250h-1100v250q0 21 14.5 35.5t35.5 14.5zM900 200v-50h100v50h-100z" /> |
|||
<glyph unicode="" d="M1200 103l-483 276l-314 -399v423h-399l1196 796v-1096zM483 424v-230l683 953z" /> |
|||
<glyph unicode="" d="M1100 1000v-850q0 -21 -14.5 -35.5t-35.5 -14.5h-150v400h-700v-400h-150q-21 0 -35.5 14.5t-14.5 35.5v1000q0 20 14.5 35t35.5 15h250v-300h500v300h100zM700 1000h-100v200h100v-200z" /> |
|||
<glyph unicode="" d="M1100 1000l-2 -149l-299 -299l-95 95q-9 9 -21.5 9t-21.5 -9l-149 -147h-312v-400h-150q-21 0 -35.5 14.5t-14.5 35.5v1000q0 20 14.5 35t35.5 15h250v-300h500v300h100zM700 1000h-100v200h100v-200zM1132 638l106 -106q7 -7 7 -17.5t-7 -17.5l-420 -421q-8 -7 -18 -7 t-18 7l-202 203q-8 7 -8 17.5t8 17.5l106 106q7 8 17.5 8t17.5 -8l79 -79l297 297q7 7 17.5 7t17.5 -7z" /> |
|||
<glyph unicode="" d="M1100 1000v-269l-103 -103l-134 134q-15 15 -33.5 16.5t-34.5 -12.5l-266 -266h-329v-400h-150q-21 0 -35.5 14.5t-14.5 35.5v1000q0 20 14.5 35t35.5 15h250v-300h500v300h100zM700 1000h-100v200h100v-200zM1202 572l70 -70q15 -15 15 -35.5t-15 -35.5l-131 -131 l131 -131q15 -15 15 -35.5t-15 -35.5l-70 -70q-15 -15 -35.5 -15t-35.5 15l-131 131l-131 -131q-15 -15 -35.5 -15t-35.5 15l-70 70q-15 15 -15 35.5t15 35.5l131 131l-131 131q-15 15 -15 35.5t15 35.5l70 70q15 15 35.5 15t35.5 -15l131 -131l131 131q15 15 35.5 15 t35.5 -15z" /> |
|||
<glyph unicode="" d="M1100 1000v-300h-350q-21 0 -35.5 -14.5t-14.5 -35.5v-150h-500v-400h-150q-21 0 -35.5 14.5t-14.5 35.5v1000q0 20 14.5 35t35.5 15h250v-300h500v300h100zM700 1000h-100v200h100v-200zM850 600h100q21 0 35.5 -14.5t14.5 -35.5v-250h150q21 0 25 -10.5t-10 -24.5 l-230 -230q-14 -14 -35 -14t-35 14l-230 230q-14 14 -10 24.5t25 10.5h150v250q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M1100 1000v-400l-165 165q-14 15 -35 15t-35 -15l-263 -265h-402v-400h-150q-21 0 -35.5 14.5t-14.5 35.5v1000q0 20 14.5 35t35.5 15h250v-300h500v300h100zM700 1000h-100v200h100v-200zM935 565l230 -229q14 -15 10 -25.5t-25 -10.5h-150v-250q0 -20 -14.5 -35 t-35.5 -15h-100q-21 0 -35.5 15t-14.5 35v250h-150q-21 0 -25 10.5t10 25.5l230 229q14 15 35 15t35 -15z" /> |
|||
<glyph unicode="" d="M50 1100h1100q21 0 35.5 -14.5t14.5 -35.5v-150h-1200v150q0 21 14.5 35.5t35.5 14.5zM1200 800v-550q0 -21 -14.5 -35.5t-35.5 -14.5h-1100q-21 0 -35.5 14.5t-14.5 35.5v550h1200zM100 500v-200h400v200h-400z" /> |
|||
<glyph unicode="" d="M935 1165l248 -230q14 -14 14 -35t-14 -35l-248 -230q-14 -14 -24.5 -10t-10.5 25v150h-400v200h400v150q0 21 10.5 25t24.5 -10zM200 800h-50q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5h50v-200zM400 800h-100v200h100v-200zM18 435l247 230 q14 14 24.5 10t10.5 -25v-150h400v-200h-400v-150q0 -21 -10.5 -25t-24.5 10l-247 230q-15 14 -15 35t15 35zM900 300h-100v200h100v-200zM1000 500h51q20 0 34.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-34.5 -14.5h-51v200z" /> |
|||
<glyph unicode="" d="M862 1073l276 116q25 18 43.5 8t18.5 -41v-1106q0 -21 -14.5 -35.5t-35.5 -14.5h-200q-21 0 -35.5 14.5t-14.5 35.5v397q-4 1 -11 5t-24 17.5t-30 29t-24 42t-11 56.5v359q0 31 18.5 65t43.5 52zM550 1200q22 0 34.5 -12.5t14.5 -24.5l1 -13v-450q0 -28 -10.5 -59.5 t-25 -56t-29 -45t-25.5 -31.5l-10 -11v-447q0 -21 -14.5 -35.5t-35.5 -14.5h-200q-21 0 -35.5 14.5t-14.5 35.5v447q-4 4 -11 11.5t-24 30.5t-30 46t-24 55t-11 60v450q0 2 0.5 5.5t4 12t8.5 15t14.5 12t22.5 5.5q20 0 32.5 -12.5t14.5 -24.5l3 -13v-350h100v350v5.5t2.5 12 t7 15t15 12t25.5 5.5q23 0 35.5 -12.5t13.5 -24.5l1 -13v-350h100v350q0 2 0.5 5.5t3 12t7 15t15 12t24.5 5.5z" /> |
|||
<glyph unicode="" d="M1200 1100v-56q-4 0 -11 -0.5t-24 -3t-30 -7.5t-24 -15t-11 -24v-888q0 -22 25 -34.5t50 -13.5l25 -2v-56h-400v56q75 0 87.5 6.5t12.5 43.5v394h-500v-394q0 -37 12.5 -43.5t87.5 -6.5v-56h-400v56q4 0 11 0.5t24 3t30 7.5t24 15t11 24v888q0 22 -25 34.5t-50 13.5 l-25 2v56h400v-56q-75 0 -87.5 -6.5t-12.5 -43.5v-394h500v394q0 37 -12.5 43.5t-87.5 6.5v56h400z" /> |
|||
<glyph unicode="" d="M675 1000h375q21 0 35.5 -14.5t14.5 -35.5v-150h-105l-295 -98v98l-200 200h-400l100 100h375zM100 900h300q41 0 70.5 -29.5t29.5 -70.5v-500q0 -41 -29.5 -70.5t-70.5 -29.5h-300q-41 0 -70.5 29.5t-29.5 70.5v500q0 41 29.5 70.5t70.5 29.5zM100 800v-200h300v200 h-300zM1100 535l-400 -133v163l400 133v-163zM100 500v-200h300v200h-300zM1100 398v-248q0 -21 -14.5 -35.5t-35.5 -14.5h-375l-100 -100h-375l-100 100h400l200 200h105z" /> |
|||
<glyph unicode="" d="M17 1007l162 162q17 17 40 14t37 -22l139 -194q14 -20 11 -44.5t-20 -41.5l-119 -118q102 -142 228 -268t267 -227l119 118q17 17 42.5 19t44.5 -12l192 -136q19 -14 22.5 -37.5t-13.5 -40.5l-163 -162q-3 -1 -9.5 -1t-29.5 2t-47.5 6t-62.5 14.5t-77.5 26.5t-90 42.5 t-101.5 60t-111 83t-119 108.5q-74 74 -133.5 150.5t-94.5 138.5t-60 119.5t-34.5 100t-15 74.5t-4.5 48z" /> |
|||
<glyph unicode="" d="M600 1100q92 0 175 -10.5t141.5 -27t108.5 -36.5t81.5 -40t53.5 -37t31 -27l9 -10v-200q0 -21 -14.5 -33t-34.5 -9l-202 34q-20 3 -34.5 20t-14.5 38v146q-141 24 -300 24t-300 -24v-146q0 -21 -14.5 -38t-34.5 -20l-202 -34q-20 -3 -34.5 9t-14.5 33v200q3 4 9.5 10.5 t31 26t54 37.5t80.5 39.5t109 37.5t141 26.5t175 10.5zM600 795q56 0 97 -9.5t60 -23.5t30 -28t12 -24l1 -10v-50l365 -303q14 -15 24.5 -40t10.5 -45v-212q0 -21 -14.5 -35.5t-35.5 -14.5h-1100q-21 0 -35.5 14.5t-14.5 35.5v212q0 20 10.5 45t24.5 40l365 303v50 q0 4 1 10.5t12 23t30 29t60 22.5t97 10z" /> |
|||
<glyph unicode="" d="M1100 700l-200 -200h-600l-200 200v500h200v-200h200v200h200v-200h200v200h200v-500zM250 400h700q21 0 35.5 -14.5t14.5 -35.5t-14.5 -35.5t-35.5 -14.5h-12l137 -100h-950l137 100h-12q-21 0 -35.5 14.5t-14.5 35.5t14.5 35.5t35.5 14.5zM50 100h1100q21 0 35.5 -14.5 t14.5 -35.5v-50h-1200v50q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M700 1100h-100q-41 0 -70.5 -29.5t-29.5 -70.5v-1000h300v1000q0 41 -29.5 70.5t-70.5 29.5zM1100 800h-100q-41 0 -70.5 -29.5t-29.5 -70.5v-700h300v700q0 41 -29.5 70.5t-70.5 29.5zM400 0h-300v400q0 41 29.5 70.5t70.5 29.5h100q41 0 70.5 -29.5t29.5 -70.5v-400z " /> |
|||
<glyph unicode="" d="M200 1100h700q124 0 212 -88t88 -212v-500q0 -124 -88 -212t-212 -88h-700q-124 0 -212 88t-88 212v500q0 124 88 212t212 88zM100 900v-700h900v700h-900zM500 700h-200v-100h200v-300h-300v100h200v100h-200v300h300v-100zM900 700v-300l-100 -100h-200v500h200z M700 700v-300h100v300h-100z" /> |
|||
<glyph unicode="" d="M200 1100h700q124 0 212 -88t88 -212v-500q0 -124 -88 -212t-212 -88h-700q-124 0 -212 88t-88 212v500q0 124 88 212t212 88zM100 900v-700h900v700h-900zM500 300h-100v200h-100v-200h-100v500h100v-200h100v200h100v-500zM900 700v-300l-100 -100h-200v500h200z M700 700v-300h100v300h-100z" /> |
|||
<glyph unicode="" d="M200 1100h700q124 0 212 -88t88 -212v-500q0 -124 -88 -212t-212 -88h-700q-124 0 -212 88t-88 212v500q0 124 88 212t212 88zM100 900v-700h900v700h-900zM500 700h-200v-300h200v-100h-300v500h300v-100zM900 700h-200v-300h200v-100h-300v500h300v-100z" /> |
|||
<glyph unicode="" d="M200 1100h700q124 0 212 -88t88 -212v-500q0 -124 -88 -212t-212 -88h-700q-124 0 -212 88t-88 212v500q0 124 88 212t212 88zM100 900v-700h900v700h-900zM500 400l-300 150l300 150v-300zM900 550l-300 -150v300z" /> |
|||
<glyph unicode="" d="M200 1100h700q124 0 212 -88t88 -212v-500q0 -124 -88 -212t-212 -88h-700q-124 0 -212 88t-88 212v500q0 124 88 212t212 88zM100 900v-700h900v700h-900zM900 300h-700v500h700v-500zM800 700h-130q-38 0 -66.5 -43t-28.5 -108t27 -107t68 -42h130v300zM300 700v-300 h130q41 0 68 42t27 107t-28.5 108t-66.5 43h-130z" /> |
|||
<glyph unicode="" d="M200 1100h700q124 0 212 -88t88 -212v-500q0 -124 -88 -212t-212 -88h-700q-124 0 -212 88t-88 212v500q0 124 88 212t212 88zM100 900v-700h900v700h-900zM500 700h-200v-100h200v-300h-300v100h200v100h-200v300h300v-100zM900 300h-100v400h-100v100h200v-500z M700 300h-100v100h100v-100z" /> |
|||
<glyph unicode="" d="M200 1100h700q124 0 212 -88t88 -212v-500q0 -124 -88 -212t-212 -88h-700q-124 0 -212 88t-88 212v500q0 124 88 212t212 88zM100 900v-700h900v700h-900zM300 700h200v-400h-300v500h100v-100zM900 300h-100v400h-100v100h200v-500zM300 600v-200h100v200h-100z M700 300h-100v100h100v-100z" /> |
|||
<glyph unicode="" d="M200 1100h700q124 0 212 -88t88 -212v-500q0 -124 -88 -212t-212 -88h-700q-124 0 -212 88t-88 212v500q0 124 88 212t212 88zM100 900v-700h900v700h-900zM500 500l-199 -200h-100v50l199 200v150h-200v100h300v-300zM900 300h-100v400h-100v100h200v-500zM701 300h-100 v100h100v-100z" /> |
|||
<glyph unicode="" d="M600 1191q120 0 229.5 -47t188.5 -126t126 -188.5t47 -229.5t-47 -229.5t-126 -188.5t-188.5 -126t-229.5 -47t-229.5 47t-188.5 126t-126 188.5t-47 229.5t47 229.5t126 188.5t188.5 126t229.5 47zM600 1021q-114 0 -211 -56.5t-153.5 -153.5t-56.5 -211t56.5 -211 t153.5 -153.5t211 -56.5t211 56.5t153.5 153.5t56.5 211t-56.5 211t-153.5 153.5t-211 56.5zM800 700h-300v-200h300v-100h-300l-100 100v200l100 100h300v-100z" /> |
|||
<glyph unicode="" d="M600 1191q120 0 229.5 -47t188.5 -126t126 -188.5t47 -229.5t-47 -229.5t-126 -188.5t-188.5 -126t-229.5 -47t-229.5 47t-188.5 126t-126 188.5t-47 229.5t47 229.5t126 188.5t188.5 126t229.5 47zM600 1021q-114 0 -211 -56.5t-153.5 -153.5t-56.5 -211t56.5 -211 t153.5 -153.5t211 -56.5t211 56.5t153.5 153.5t56.5 211t-56.5 211t-153.5 153.5t-211 56.5zM800 700v-100l-50 -50l100 -100v-50h-100l-100 100h-150v-100h-100v400h300zM500 700v-100h200v100h-200z" /> |
|||
<glyph unicode="" d="M503 1089q110 0 200.5 -59.5t134.5 -156.5q44 14 90 14q120 0 205 -86.5t85 -207t-85 -207t-205 -86.5h-128v250q0 21 -14.5 35.5t-35.5 14.5h-300q-21 0 -35.5 -14.5t-14.5 -35.5v-250h-222q-80 0 -136 57.5t-56 136.5q0 69 43 122.5t108 67.5q-2 19 -2 37q0 100 49 185 t134 134t185 49zM525 500h150q10 0 17.5 -7.5t7.5 -17.5v-275h137q21 0 26 -11.5t-8 -27.5l-223 -244q-13 -16 -32 -16t-32 16l-223 244q-13 16 -8 27.5t26 11.5h137v275q0 10 7.5 17.5t17.5 7.5z" /> |
|||
<glyph unicode="" d="M502 1089q110 0 201 -59.5t135 -156.5q43 15 89 15q121 0 206 -86.5t86 -206.5q0 -99 -60 -181t-150 -110l-378 360q-13 16 -31.5 16t-31.5 -16l-381 -365h-9q-79 0 -135.5 57.5t-56.5 136.5q0 69 43 122.5t108 67.5q-2 19 -2 38q0 100 49 184.5t133.5 134t184.5 49.5z M632 467l223 -228q13 -16 8 -27.5t-26 -11.5h-137v-275q0 -10 -7.5 -17.5t-17.5 -7.5h-150q-10 0 -17.5 7.5t-7.5 17.5v275h-137q-21 0 -26 11.5t8 27.5q199 204 223 228q19 19 31.5 19t32.5 -19z" /> |
|||
<glyph unicode="" d="M700 100v100h400l-270 300h170l-270 300h170l-300 333l-300 -333h170l-270 -300h170l-270 -300h400v-100h-50q-21 0 -35.5 -14.5t-14.5 -35.5v-50h400v50q0 21 -14.5 35.5t-35.5 14.5h-50z" /> |
|||
<glyph unicode="" d="M600 1179q94 0 167.5 -56.5t99.5 -145.5q89 -6 150.5 -71.5t61.5 -155.5q0 -61 -29.5 -112.5t-79.5 -82.5q9 -29 9 -55q0 -74 -52.5 -126.5t-126.5 -52.5q-55 0 -100 30v-251q21 0 35.5 -14.5t14.5 -35.5v-50h-300v50q0 21 14.5 35.5t35.5 14.5v251q-45 -30 -100 -30 q-74 0 -126.5 52.5t-52.5 126.5q0 18 4 38q-47 21 -75.5 65t-28.5 97q0 74 52.5 126.5t126.5 52.5q5 0 23 -2q0 2 -1 10t-1 13q0 116 81.5 197.5t197.5 81.5z" /> |
|||
<glyph unicode="" d="M1010 1010q111 -111 150.5 -260.5t0 -299t-150.5 -260.5q-83 -83 -191.5 -126.5t-218.5 -43.5t-218.5 43.5t-191.5 126.5q-111 111 -150.5 260.5t0 299t150.5 260.5q83 83 191.5 126.5t218.5 43.5t218.5 -43.5t191.5 -126.5zM476 1065q-4 0 -8 -1q-121 -34 -209.5 -122.5 t-122.5 -209.5q-4 -12 2.5 -23t18.5 -14l36 -9q3 -1 7 -1q23 0 29 22q27 96 98 166q70 71 166 98q11 3 17.5 13.5t3.5 22.5l-9 35q-3 13 -14 19q-7 4 -15 4zM512 920q-4 0 -9 -2q-80 -24 -138.5 -82.5t-82.5 -138.5q-4 -13 2 -24t19 -14l34 -9q4 -1 8 -1q22 0 28 21 q18 58 58.5 98.5t97.5 58.5q12 3 18 13.5t3 21.5l-9 35q-3 12 -14 19q-7 4 -15 4zM719.5 719.5q-49.5 49.5 -119.5 49.5t-119.5 -49.5t-49.5 -119.5t49.5 -119.5t119.5 -49.5t119.5 49.5t49.5 119.5t-49.5 119.5zM855 551q-22 0 -28 -21q-18 -58 -58.5 -98.5t-98.5 -57.5 q-11 -4 -17 -14.5t-3 -21.5l9 -35q3 -12 14 -19q7 -4 15 -4q4 0 9 2q80 24 138.5 82.5t82.5 138.5q4 13 -2.5 24t-18.5 14l-34 9q-4 1 -8 1zM1000 515q-23 0 -29 -22q-27 -96 -98 -166q-70 -71 -166 -98q-11 -3 -17.5 -13.5t-3.5 -22.5l9 -35q3 -13 14 -19q7 -4 15 -4 q4 0 8 1q121 34 209.5 122.5t122.5 209.5q4 12 -2.5 23t-18.5 14l-36 9q-3 1 -7 1z" /> |
|||
<glyph unicode="" d="M700 800h300v-380h-180v200h-340v-200h-380v755q0 10 7.5 17.5t17.5 7.5h575v-400zM1000 900h-200v200zM700 300h162l-212 -212l-212 212h162v200h100v-200zM520 0h-395q-10 0 -17.5 7.5t-7.5 17.5v395zM1000 220v-195q0 -10 -7.5 -17.5t-17.5 -7.5h-195z" /> |
|||
<glyph unicode="" d="M700 800h300v-520l-350 350l-550 -550v1095q0 10 7.5 17.5t17.5 7.5h575v-400zM1000 900h-200v200zM862 200h-162v-200h-100v200h-162l212 212zM480 0h-355q-10 0 -17.5 7.5t-7.5 17.5v55h380v-80zM1000 80v-55q0 -10 -7.5 -17.5t-17.5 -7.5h-155v80h180z" /> |
|||
<glyph unicode="" d="M1162 800h-162v-200h100l100 -100h-300v300h-162l212 212zM200 800h200q27 0 40 -2t29.5 -10.5t23.5 -30t7 -57.5h300v-100h-600l-200 -350v450h100q0 36 7 57.5t23.5 30t29.5 10.5t40 2zM800 400h240l-240 -400h-800l300 500h500v-100z" /> |
|||
<glyph unicode="" d="M650 1100h100q21 0 35.5 -14.5t14.5 -35.5v-50h50q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-300q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5h50v50q0 21 14.5 35.5t35.5 14.5zM1000 850v150q41 0 70.5 -29.5t29.5 -70.5v-800 q0 -41 -29.5 -70.5t-70.5 -29.5h-600q-1 0 -20 4l246 246l-326 326v324q0 41 29.5 70.5t70.5 29.5v-150q0 -62 44 -106t106 -44h300q62 0 106 44t44 106zM412 250l-212 -212v162h-200v100h200v162z" /> |
|||
<glyph unicode="" d="M450 1100h100q21 0 35.5 -14.5t14.5 -35.5v-50h50q21 0 35.5 -14.5t14.5 -35.5v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-300q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5h50v50q0 21 14.5 35.5t35.5 14.5zM800 850v150q41 0 70.5 -29.5t29.5 -70.5v-500 h-200v-300h200q0 -36 -7 -57.5t-23.5 -30t-29.5 -10.5t-40 -2h-600q-41 0 -70.5 29.5t-29.5 70.5v800q0 41 29.5 70.5t70.5 29.5v-150q0 -62 44 -106t106 -44h300q62 0 106 44t44 106zM1212 250l-212 -212v162h-200v100h200v162z" /> |
|||
<glyph unicode="" d="M658 1197l637 -1104q23 -38 7 -65.5t-60 -27.5h-1276q-44 0 -60 27.5t7 65.5l637 1104q22 39 54 39t54 -39zM704 800h-208q-20 0 -32 -14.5t-8 -34.5l58 -302q4 -20 21.5 -34.5t37.5 -14.5h54q20 0 37.5 14.5t21.5 34.5l58 302q4 20 -8 34.5t-32 14.5zM500 300v-100h200 v100h-200z" /> |
|||
<glyph unicode="" d="M425 1100h250q10 0 17.5 -7.5t7.5 -17.5v-150q0 -10 -7.5 -17.5t-17.5 -7.5h-250q-10 0 -17.5 7.5t-7.5 17.5v150q0 10 7.5 17.5t17.5 7.5zM425 800h250q10 0 17.5 -7.5t7.5 -17.5v-150q0 -10 -7.5 -17.5t-17.5 -7.5h-250q-10 0 -17.5 7.5t-7.5 17.5v150q0 10 7.5 17.5 t17.5 7.5zM825 800h250q10 0 17.5 -7.5t7.5 -17.5v-150q0 -10 -7.5 -17.5t-17.5 -7.5h-250q-10 0 -17.5 7.5t-7.5 17.5v150q0 10 7.5 17.5t17.5 7.5zM25 500h250q10 0 17.5 -7.5t7.5 -17.5v-150q0 -10 -7.5 -17.5t-17.5 -7.5h-250q-10 0 -17.5 7.5t-7.5 17.5v150 q0 10 7.5 17.5t17.5 7.5zM425 500h250q10 0 17.5 -7.5t7.5 -17.5v-150q0 -10 -7.5 -17.5t-17.5 -7.5h-250q-10 0 -17.5 7.5t-7.5 17.5v150q0 10 7.5 17.5t17.5 7.5zM825 500h250q10 0 17.5 -7.5t7.5 -17.5v-150q0 -10 -7.5 -17.5t-17.5 -7.5h-250q-10 0 -17.5 7.5t-7.5 17.5 v150q0 10 7.5 17.5t17.5 7.5zM25 200h250q10 0 17.5 -7.5t7.5 -17.5v-150q0 -10 -7.5 -17.5t-17.5 -7.5h-250q-10 0 -17.5 7.5t-7.5 17.5v150q0 10 7.5 17.5t17.5 7.5zM425 200h250q10 0 17.5 -7.5t7.5 -17.5v-150q0 -10 -7.5 -17.5t-17.5 -7.5h-250q-10 0 -17.5 7.5 t-7.5 17.5v150q0 10 7.5 17.5t17.5 7.5zM825 200h250q10 0 17.5 -7.5t7.5 -17.5v-150q0 -10 -7.5 -17.5t-17.5 -7.5h-250q-10 0 -17.5 7.5t-7.5 17.5v150q0 10 7.5 17.5t17.5 7.5z" /> |
|||
<glyph unicode="" d="M700 1200h100v-200h-100v-100h350q62 0 86.5 -39.5t-3.5 -94.5l-66 -132q-41 -83 -81 -134h-772q-40 51 -81 134l-66 132q-28 55 -3.5 94.5t86.5 39.5h350v100h-100v200h100v100h200v-100zM250 400h700q21 0 35.5 -14.5t14.5 -35.5t-14.5 -35.5t-35.5 -14.5h-12l137 -100 h-950l138 100h-13q-21 0 -35.5 14.5t-14.5 35.5t14.5 35.5t35.5 14.5zM50 100h1100q21 0 35.5 -14.5t14.5 -35.5v-50h-1200v50q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M600 1300q40 0 68.5 -29.5t28.5 -70.5h-194q0 41 28.5 70.5t68.5 29.5zM443 1100h314q18 -37 18 -75q0 -8 -3 -25h328q41 0 44.5 -16.5t-30.5 -38.5l-175 -145h-678l-178 145q-34 22 -29 38.5t46 16.5h328q-3 17 -3 25q0 38 18 75zM250 700h700q21 0 35.5 -14.5 t14.5 -35.5t-14.5 -35.5t-35.5 -14.5h-150v-200l275 -200h-950l275 200v200h-150q-21 0 -35.5 14.5t-14.5 35.5t14.5 35.5t35.5 14.5zM50 100h1100q21 0 35.5 -14.5t14.5 -35.5v-50h-1200v50q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M600 1181q75 0 128 -53t53 -128t-53 -128t-128 -53t-128 53t-53 128t53 128t128 53zM602 798h46q34 0 55.5 -28.5t21.5 -86.5q0 -76 39 -183h-324q39 107 39 183q0 58 21.5 86.5t56.5 28.5h45zM250 400h700q21 0 35.5 -14.5t14.5 -35.5t-14.5 -35.5t-35.5 -14.5h-13 l138 -100h-950l137 100h-12q-21 0 -35.5 14.5t-14.5 35.5t14.5 35.5t35.5 14.5zM50 100h1100q21 0 35.5 -14.5t14.5 -35.5v-50h-1200v50q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M600 1300q47 0 92.5 -53.5t71 -123t25.5 -123.5q0 -78 -55.5 -133.5t-133.5 -55.5t-133.5 55.5t-55.5 133.5q0 62 34 143l144 -143l111 111l-163 163q34 26 63 26zM602 798h46q34 0 55.5 -28.5t21.5 -86.5q0 -76 39 -183h-324q39 107 39 183q0 58 21.5 86.5t56.5 28.5h45 zM250 400h700q21 0 35.5 -14.5t14.5 -35.5t-14.5 -35.5t-35.5 -14.5h-13l138 -100h-950l137 100h-12q-21 0 -35.5 14.5t-14.5 35.5t14.5 35.5t35.5 14.5zM50 100h1100q21 0 35.5 -14.5t14.5 -35.5v-50h-1200v50q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M600 1200l300 -161v-139h-300q0 -57 18.5 -108t50 -91.5t63 -72t70 -67.5t57.5 -61h-530q-60 83 -90.5 177.5t-30.5 178.5t33 164.5t87.5 139.5t126 96.5t145.5 41.5v-98zM250 400h700q21 0 35.5 -14.5t14.5 -35.5t-14.5 -35.5t-35.5 -14.5h-13l138 -100h-950l137 100 h-12q-21 0 -35.5 14.5t-14.5 35.5t14.5 35.5t35.5 14.5zM50 100h1100q21 0 35.5 -14.5t14.5 -35.5v-50h-1200v50q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M600 1300q41 0 70.5 -29.5t29.5 -70.5v-78q46 -26 73 -72t27 -100v-50h-400v50q0 54 27 100t73 72v78q0 41 29.5 70.5t70.5 29.5zM400 800h400q54 0 100 -27t72 -73h-172v-100h200v-100h-200v-100h200v-100h-200v-100h200q0 -83 -58.5 -141.5t-141.5 -58.5h-400 q-83 0 -141.5 58.5t-58.5 141.5v400q0 83 58.5 141.5t141.5 58.5z" /> |
|||
<glyph unicode="" d="M150 1100h900q21 0 35.5 -14.5t14.5 -35.5v-500q0 -21 -14.5 -35.5t-35.5 -14.5h-900q-21 0 -35.5 14.5t-14.5 35.5v500q0 21 14.5 35.5t35.5 14.5zM125 400h950q10 0 17.5 -7.5t7.5 -17.5v-50q0 -10 -7.5 -17.5t-17.5 -7.5h-283l224 -224q13 -13 13 -31.5t-13 -32 t-31.5 -13.5t-31.5 13l-88 88h-524l-87 -88q-13 -13 -32 -13t-32 13.5t-13 32t13 31.5l224 224h-289q-10 0 -17.5 7.5t-7.5 17.5v50q0 10 7.5 17.5t17.5 7.5zM541 300l-100 -100h324l-100 100h-124z" /> |
|||
<glyph unicode="" d="M200 1100h800q83 0 141.5 -58.5t58.5 -141.5v-200h-100q0 41 -29.5 70.5t-70.5 29.5h-250q-41 0 -70.5 -29.5t-29.5 -70.5h-100q0 41 -29.5 70.5t-70.5 29.5h-250q-41 0 -70.5 -29.5t-29.5 -70.5h-100v200q0 83 58.5 141.5t141.5 58.5zM100 600h1000q41 0 70.5 -29.5 t29.5 -70.5v-300h-1200v300q0 41 29.5 70.5t70.5 29.5zM300 100v-50q0 -21 -14.5 -35.5t-35.5 -14.5h-100q-21 0 -35.5 14.5t-14.5 35.5v50h200zM1100 100v-50q0 -21 -14.5 -35.5t-35.5 -14.5h-100q-21 0 -35.5 14.5t-14.5 35.5v50h200z" /> |
|||
<glyph unicode="" d="M480 1165l682 -683q31 -31 31 -75.5t-31 -75.5l-131 -131h-481l-517 518q-32 31 -32 75.5t32 75.5l295 296q31 31 75.5 31t76.5 -31zM108 794l342 -342l303 304l-341 341zM250 100h800q21 0 35.5 -14.5t14.5 -35.5v-50h-900v50q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M1057 647l-189 506q-8 19 -27.5 33t-40.5 14h-400q-21 0 -40.5 -14t-27.5 -33l-189 -506q-8 -19 1.5 -33t30.5 -14h625v-150q0 -21 14.5 -35.5t35.5 -14.5t35.5 14.5t14.5 35.5v150h125q21 0 30.5 14t1.5 33zM897 0h-595v50q0 21 14.5 35.5t35.5 14.5h50v50 q0 21 14.5 35.5t35.5 14.5h48v300h200v-300h47q21 0 35.5 -14.5t14.5 -35.5v-50h50q21 0 35.5 -14.5t14.5 -35.5v-50z" /> |
|||
<glyph unicode="" d="M900 800h300v-575q0 -10 -7.5 -17.5t-17.5 -7.5h-375v591l-300 300v84q0 10 7.5 17.5t17.5 7.5h375v-400zM1200 900h-200v200zM400 600h300v-575q0 -10 -7.5 -17.5t-17.5 -7.5h-650q-10 0 -17.5 7.5t-7.5 17.5v950q0 10 7.5 17.5t17.5 7.5h375v-400zM700 700h-200v200z " /> |
|||
<glyph unicode="" d="M484 1095h195q75 0 146 -32.5t124 -86t89.5 -122.5t48.5 -142q18 -14 35 -20q31 -10 64.5 6.5t43.5 48.5q10 34 -15 71q-19 27 -9 43q5 8 12.5 11t19 -1t23.5 -16q41 -44 39 -105q-3 -63 -46 -106.5t-104 -43.5h-62q-7 -55 -35 -117t-56 -100l-39 -234q-3 -20 -20 -34.5 t-38 -14.5h-100q-21 0 -33 14.5t-9 34.5l12 70q-49 -14 -91 -14h-195q-24 0 -65 8l-11 -64q-3 -20 -20 -34.5t-38 -14.5h-100q-21 0 -33 14.5t-9 34.5l26 157q-84 74 -128 175l-159 53q-19 7 -33 26t-14 40v50q0 21 14.5 35.5t35.5 14.5h124q11 87 56 166l-111 95 q-16 14 -12.5 23.5t24.5 9.5h203q116 101 250 101zM675 1000h-250q-10 0 -17.5 -7.5t-7.5 -17.5v-50q0 -10 7.5 -17.5t17.5 -7.5h250q10 0 17.5 7.5t7.5 17.5v50q0 10 -7.5 17.5t-17.5 7.5z" /> |
|||
<glyph unicode="" d="M641 900l423 247q19 8 42 2.5t37 -21.5l32 -38q14 -15 12.5 -36t-17.5 -34l-139 -120h-390zM50 1100h106q67 0 103 -17t66 -71l102 -212h823q21 0 35.5 -14.5t14.5 -35.5v-50q0 -21 -14 -40t-33 -26l-737 -132q-23 -4 -40 6t-26 25q-42 67 -100 67h-300q-62 0 -106 44 t-44 106v200q0 62 44 106t106 44zM173 928h-80q-19 0 -28 -14t-9 -35v-56q0 -51 42 -51h134q16 0 21.5 8t5.5 24q0 11 -16 45t-27 51q-18 28 -43 28zM550 727q-32 0 -54.5 -22.5t-22.5 -54.5t22.5 -54.5t54.5 -22.5t54.5 22.5t22.5 54.5t-22.5 54.5t-54.5 22.5zM130 389 l152 130q18 19 34 24t31 -3.5t24.5 -17.5t25.5 -28q28 -35 50.5 -51t48.5 -13l63 5l48 -179q13 -61 -3.5 -97.5t-67.5 -79.5l-80 -69q-47 -40 -109 -35.5t-103 51.5l-130 151q-40 47 -35.5 109.5t51.5 102.5zM380 377l-102 -88q-31 -27 2 -65l37 -43q13 -15 27.5 -19.5 t31.5 6.5l61 53q19 16 14 49q-2 20 -12 56t-17 45q-11 12 -19 14t-23 -8z" /> |
|||
<glyph unicode="" d="M625 1200h150q10 0 17.5 -7.5t7.5 -17.5v-109q79 -33 131 -87.5t53 -128.5q1 -46 -15 -84.5t-39 -61t-46 -38t-39 -21.5l-17 -6q6 0 15 -1.5t35 -9t50 -17.5t53 -30t50 -45t35.5 -64t14.5 -84q0 -59 -11.5 -105.5t-28.5 -76.5t-44 -51t-49.5 -31.5t-54.5 -16t-49.5 -6.5 t-43.5 -1v-75q0 -10 -7.5 -17.5t-17.5 -7.5h-150q-10 0 -17.5 7.5t-7.5 17.5v75h-100v-75q0 -10 -7.5 -17.5t-17.5 -7.5h-150q-10 0 -17.5 7.5t-7.5 17.5v75h-175q-10 0 -17.5 7.5t-7.5 17.5v150q0 10 7.5 17.5t17.5 7.5h75v600h-75q-10 0 -17.5 7.5t-7.5 17.5v150 q0 10 7.5 17.5t17.5 7.5h175v75q0 10 7.5 17.5t17.5 7.5h150q10 0 17.5 -7.5t7.5 -17.5v-75h100v75q0 10 7.5 17.5t17.5 7.5zM400 900v-200h263q28 0 48.5 10.5t30 25t15 29t5.5 25.5l1 10q0 4 -0.5 11t-6 24t-15 30t-30 24t-48.5 11h-263zM400 500v-200h363q28 0 48.5 10.5 t30 25t15 29t5.5 25.5l1 10q0 4 -0.5 11t-6 24t-15 30t-30 24t-48.5 11h-363z" /> |
|||
<glyph unicode="" d="M212 1198h780q86 0 147 -61t61 -147v-416q0 -51 -18 -142.5t-36 -157.5l-18 -66q-29 -87 -93.5 -146.5t-146.5 -59.5h-572q-82 0 -147 59t-93 147q-8 28 -20 73t-32 143.5t-20 149.5v416q0 86 61 147t147 61zM600 1045q-70 0 -132.5 -11.5t-105.5 -30.5t-78.5 -41.5 t-57 -45t-36 -41t-20.5 -30.5l-6 -12l156 -243h560l156 243q-2 5 -6 12.5t-20 29.5t-36.5 42t-57 44.5t-79 42t-105 29.5t-132.5 12zM762 703h-157l195 261z" /> |
|||
<glyph unicode="" d="M475 1300h150q103 0 189 -86t86 -189v-500q0 -41 -42 -83t-83 -42h-450q-41 0 -83 42t-42 83v500q0 103 86 189t189 86zM700 300v-225q0 -21 -27 -48t-48 -27h-150q-21 0 -48 27t-27 48v225h300z" /> |
|||
<glyph unicode="" d="M475 1300h96q0 -150 89.5 -239.5t239.5 -89.5v-446q0 -41 -42 -83t-83 -42h-450q-41 0 -83 42t-42 83v500q0 103 86 189t189 86zM700 300v-225q0 -21 -27 -48t-48 -27h-150q-21 0 -48 27t-27 48v225h300z" /> |
|||
<glyph unicode="" d="M1294 767l-638 -283l-378 170l-78 -60v-224l100 -150v-199l-150 148l-150 -149v200l100 150v250q0 4 -0.5 10.5t0 9.5t1 8t3 8t6.5 6l47 40l-147 65l642 283zM1000 380l-350 -166l-350 166v147l350 -165l350 165v-147z" /> |
|||
<glyph unicode="" d="M250 800q62 0 106 -44t44 -106t-44 -106t-106 -44t-106 44t-44 106t44 106t106 44zM650 800q62 0 106 -44t44 -106t-44 -106t-106 -44t-106 44t-44 106t44 106t106 44zM1050 800q62 0 106 -44t44 -106t-44 -106t-106 -44t-106 44t-44 106t44 106t106 44z" /> |
|||
<glyph unicode="" d="M550 1100q62 0 106 -44t44 -106t-44 -106t-106 -44t-106 44t-44 106t44 106t106 44zM550 700q62 0 106 -44t44 -106t-44 -106t-106 -44t-106 44t-44 106t44 106t106 44zM550 300q62 0 106 -44t44 -106t-44 -106t-106 -44t-106 44t-44 106t44 106t106 44z" /> |
|||
<glyph unicode="" d="M125 1100h950q10 0 17.5 -7.5t7.5 -17.5v-150q0 -10 -7.5 -17.5t-17.5 -7.5h-950q-10 0 -17.5 7.5t-7.5 17.5v150q0 10 7.5 17.5t17.5 7.5zM125 700h950q10 0 17.5 -7.5t7.5 -17.5v-150q0 -10 -7.5 -17.5t-17.5 -7.5h-950q-10 0 -17.5 7.5t-7.5 17.5v150q0 10 7.5 17.5 t17.5 7.5zM125 300h950q10 0 17.5 -7.5t7.5 -17.5v-150q0 -10 -7.5 -17.5t-17.5 -7.5h-950q-10 0 -17.5 7.5t-7.5 17.5v150q0 10 7.5 17.5t17.5 7.5z" /> |
|||
<glyph unicode="" d="M350 1200h500q162 0 256 -93.5t94 -256.5v-500q0 -165 -93.5 -257.5t-256.5 -92.5h-500q-165 0 -257.5 92.5t-92.5 257.5v500q0 165 92.5 257.5t257.5 92.5zM900 1000h-600q-41 0 -70.5 -29.5t-29.5 -70.5v-600q0 -41 29.5 -70.5t70.5 -29.5h600q41 0 70.5 29.5 t29.5 70.5v600q0 41 -29.5 70.5t-70.5 29.5zM350 900h500q21 0 35.5 -14.5t14.5 -35.5v-300q0 -21 -14.5 -35.5t-35.5 -14.5h-500q-21 0 -35.5 14.5t-14.5 35.5v300q0 21 14.5 35.5t35.5 14.5zM400 800v-200h400v200h-400z" /> |
|||
<glyph unicode="" d="M150 1100h1000q21 0 35.5 -14.5t14.5 -35.5t-14.5 -35.5t-35.5 -14.5h-50v-200h50q21 0 35.5 -14.5t14.5 -35.5t-14.5 -35.5t-35.5 -14.5h-50v-200h50q21 0 35.5 -14.5t14.5 -35.5t-14.5 -35.5t-35.5 -14.5h-50v-200h50q21 0 35.5 -14.5t14.5 -35.5t-14.5 -35.5 t-35.5 -14.5h-1000q-21 0 -35.5 14.5t-14.5 35.5t14.5 35.5t35.5 14.5h50v200h-50q-21 0 -35.5 14.5t-14.5 35.5t14.5 35.5t35.5 14.5h50v200h-50q-21 0 -35.5 14.5t-14.5 35.5t14.5 35.5t35.5 14.5h50v200h-50q-21 0 -35.5 14.5t-14.5 35.5t14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M650 1187q87 -67 118.5 -156t0 -178t-118.5 -155q-87 66 -118.5 155t0 178t118.5 156zM300 800q124 0 212 -88t88 -212q-124 0 -212 88t-88 212zM1000 800q0 -124 -88 -212t-212 -88q0 124 88 212t212 88zM300 500q124 0 212 -88t88 -212q-124 0 -212 88t-88 212z M1000 500q0 -124 -88 -212t-212 -88q0 124 88 212t212 88zM700 199v-144q0 -21 -14.5 -35.5t-35.5 -14.5t-35.5 14.5t-14.5 35.5v142q40 -4 43 -4q17 0 57 6z" /> |
|||
<glyph unicode="" d="M745 878l69 19q25 6 45 -12l298 -295q11 -11 15 -26.5t-2 -30.5q-5 -14 -18 -23.5t-28 -9.5h-8q1 0 1 -13q0 -29 -2 -56t-8.5 -62t-20 -63t-33 -53t-51 -39t-72.5 -14h-146q-184 0 -184 288q0 24 10 47q-20 4 -62 4t-63 -4q11 -24 11 -47q0 -288 -184 -288h-142 q-48 0 -84.5 21t-56 51t-32 71.5t-16 75t-3.5 68.5q0 13 2 13h-7q-15 0 -27.5 9.5t-18.5 23.5q-6 15 -2 30.5t15 25.5l298 296q20 18 46 11l76 -19q20 -5 30.5 -22.5t5.5 -37.5t-22.5 -31t-37.5 -5l-51 12l-182 -193h891l-182 193l-44 -12q-20 -5 -37.5 6t-22.5 31t6 37.5 t31 22.5z" /> |
|||
<glyph unicode="" d="M1200 900h-50q0 21 -4 37t-9.5 26.5t-18 17.5t-22 11t-28.5 5.5t-31 2t-37 0.5h-200v-850q0 -22 25 -34.5t50 -13.5l25 -2v-100h-400v100q4 0 11 0.5t24 3t30 7t24 15t11 24.5v850h-200q-25 0 -37 -0.5t-31 -2t-28.5 -5.5t-22 -11t-18 -17.5t-9.5 -26.5t-4 -37h-50v300 h1000v-300zM500 450h-25q0 15 -4 24.5t-9 14.5t-17 7.5t-20 3t-25 0.5h-100v-425q0 -11 12.5 -17.5t25.5 -7.5h12v-50h-200v50q50 0 50 25v425h-100q-17 0 -25 -0.5t-20 -3t-17 -7.5t-9 -14.5t-4 -24.5h-25v150h500v-150z" /> |
|||
<glyph unicode="" d="M1000 300v50q-25 0 -55 32q-14 14 -25 31t-16 27l-4 11l-289 747h-69l-300 -754q-18 -35 -39 -56q-9 -9 -24.5 -18.5t-26.5 -14.5l-11 -5v-50h273v50q-49 0 -78.5 21.5t-11.5 67.5l69 176h293l61 -166q13 -34 -3.5 -66.5t-55.5 -32.5v-50h312zM412 691l134 342l121 -342 h-255zM1100 150v-100q0 -21 -14.5 -35.5t-35.5 -14.5h-1000q-21 0 -35.5 14.5t-14.5 35.5v100q0 21 14.5 35.5t35.5 14.5h1000q21 0 35.5 -14.5t14.5 -35.5z" /> |
|||
<glyph unicode="" d="M50 1200h1100q21 0 35.5 -14.5t14.5 -35.5v-1100q0 -21 -14.5 -35.5t-35.5 -14.5h-1100q-21 0 -35.5 14.5t-14.5 35.5v1100q0 21 14.5 35.5t35.5 14.5zM611 1118h-70q-13 0 -18 -12l-299 -753q-17 -32 -35 -51q-18 -18 -56 -34q-12 -5 -12 -18v-50q0 -8 5.5 -14t14.5 -6 h273q8 0 14 6t6 14v50q0 8 -6 14t-14 6q-55 0 -71 23q-10 14 0 39l63 163h266l57 -153q11 -31 -6 -55q-12 -17 -36 -17q-8 0 -14 -6t-6 -14v-50q0 -8 6 -14t14 -6h313q8 0 14 6t6 14v50q0 7 -5.5 13t-13.5 7q-17 0 -42 25q-25 27 -40 63h-1l-288 748q-5 12 -19 12zM639 611 h-197l103 264z" /> |
|||
<glyph unicode="" d="M1200 1100h-1200v100h1200v-100zM50 1000h400q21 0 35.5 -14.5t14.5 -35.5v-900q0 -21 -14.5 -35.5t-35.5 -14.5h-400q-21 0 -35.5 14.5t-14.5 35.5v900q0 21 14.5 35.5t35.5 14.5zM650 1000h400q21 0 35.5 -14.5t14.5 -35.5v-400q0 -21 -14.5 -35.5t-35.5 -14.5h-400 q-21 0 -35.5 14.5t-14.5 35.5v400q0 21 14.5 35.5t35.5 14.5zM700 900v-300h300v300h-300z" /> |
|||
<glyph unicode="" d="M50 1200h400q21 0 35.5 -14.5t14.5 -35.5v-900q0 -21 -14.5 -35.5t-35.5 -14.5h-400q-21 0 -35.5 14.5t-14.5 35.5v900q0 21 14.5 35.5t35.5 14.5zM650 700h400q21 0 35.5 -14.5t14.5 -35.5v-400q0 -21 -14.5 -35.5t-35.5 -14.5h-400q-21 0 -35.5 14.5t-14.5 35.5v400 q0 21 14.5 35.5t35.5 14.5zM700 600v-300h300v300h-300zM1200 0h-1200v100h1200v-100z" /> |
|||
<glyph unicode="" d="M50 1000h400q21 0 35.5 -14.5t14.5 -35.5v-350h100v150q0 21 14.5 35.5t35.5 14.5h400q21 0 35.5 -14.5t14.5 -35.5v-150h100v-100h-100v-150q0 -21 -14.5 -35.5t-35.5 -14.5h-400q-21 0 -35.5 14.5t-14.5 35.5v150h-100v-350q0 -21 -14.5 -35.5t-35.5 -14.5h-400 q-21 0 -35.5 14.5t-14.5 35.5v800q0 21 14.5 35.5t35.5 14.5zM700 700v-300h300v300h-300z" /> |
|||
<glyph unicode="" d="M100 0h-100v1200h100v-1200zM250 1100h400q21 0 35.5 -14.5t14.5 -35.5v-400q0 -21 -14.5 -35.5t-35.5 -14.5h-400q-21 0 -35.5 14.5t-14.5 35.5v400q0 21 14.5 35.5t35.5 14.5zM300 1000v-300h300v300h-300zM250 500h900q21 0 35.5 -14.5t14.5 -35.5v-400 q0 -21 -14.5 -35.5t-35.5 -14.5h-900q-21 0 -35.5 14.5t-14.5 35.5v400q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M600 1100h150q21 0 35.5 -14.5t14.5 -35.5v-400q0 -21 -14.5 -35.5t-35.5 -14.5h-150v-100h450q21 0 35.5 -14.5t14.5 -35.5v-400q0 -21 -14.5 -35.5t-35.5 -14.5h-900q-21 0 -35.5 14.5t-14.5 35.5v400q0 21 14.5 35.5t35.5 14.5h350v100h-150q-21 0 -35.5 14.5 t-14.5 35.5v400q0 21 14.5 35.5t35.5 14.5h150v100h100v-100zM400 1000v-300h300v300h-300z" /> |
|||
<glyph unicode="" d="M1200 0h-100v1200h100v-1200zM550 1100h400q21 0 35.5 -14.5t14.5 -35.5v-400q0 -21 -14.5 -35.5t-35.5 -14.5h-400q-21 0 -35.5 14.5t-14.5 35.5v400q0 21 14.5 35.5t35.5 14.5zM600 1000v-300h300v300h-300zM50 500h900q21 0 35.5 -14.5t14.5 -35.5v-400 q0 -21 -14.5 -35.5t-35.5 -14.5h-900q-21 0 -35.5 14.5t-14.5 35.5v400q0 21 14.5 35.5t35.5 14.5z" /> |
|||
<glyph unicode="" d="M865 565l-494 -494q-23 -23 -41 -23q-14 0 -22 13.5t-8 38.5v1000q0 25 8 38.5t22 13.5q18 0 41 -23l494 -494q14 -14 14 -35t-14 -35z" /> |
|||
<glyph unicode="" d="M335 635l494 494q29 29 50 20.5t21 -49.5v-1000q0 -41 -21 -49.5t-50 20.5l-494 494q-14 14 -14 35t14 35z" /> |
|||
<glyph unicode="" d="M100 900h1000q41 0 49.5 -21t-20.5 -50l-494 -494q-14 -14 -35 -14t-35 14l-494 494q-29 29 -20.5 50t49.5 21z" /> |
|||
<glyph unicode="" d="M635 865l494 -494q29 -29 20.5 -50t-49.5 -21h-1000q-41 0 -49.5 21t20.5 50l494 494q14 14 35 14t35 -14z" /> |
|||
<glyph unicode="" d="M700 741v-182l-692 -323v221l413 193l-413 193v221zM1200 0h-800v200h800v-200z" /> |
|||
<glyph unicode="" d="M1200 900h-200v-100h200v-100h-300v300h200v100h-200v100h300v-300zM0 700h50q0 21 4 37t9.5 26.5t18 17.5t22 11t28.5 5.5t31 2t37 0.5h100v-550q0 -22 -25 -34.5t-50 -13.5l-25 -2v-100h400v100q-4 0 -11 0.5t-24 3t-30 7t-24 15t-11 24.5v550h100q25 0 37 -0.5t31 -2 t28.5 -5.5t22 -11t18 -17.5t9.5 -26.5t4 -37h50v300h-800v-300z" /> |
|||
<glyph unicode="" d="M800 700h-50q0 21 -4 37t-9.5 26.5t-18 17.5t-22 11t-28.5 5.5t-31 2t-37 0.5h-100v-550q0 -22 25 -34.5t50 -14.5l25 -1v-100h-400v100q4 0 11 0.5t24 3t30 7t24 15t11 24.5v550h-100q-25 0 -37 -0.5t-31 -2t-28.5 -5.5t-22 -11t-18 -17.5t-9.5 -26.5t-4 -37h-50v300 h800v-300zM1100 200h-200v-100h200v-100h-300v300h200v100h-200v100h300v-300z" /> |
|||
<glyph unicode="" d="M701 1098h160q16 0 21 -11t-7 -23l-464 -464l464 -464q12 -12 7 -23t-21 -11h-160q-13 0 -23 9l-471 471q-7 8 -7 18t7 18l471 471q10 9 23 9z" /> |
|||
<glyph unicode="" d="M339 1098h160q13 0 23 -9l471 -471q7 -8 7 -18t-7 -18l-471 -471q-10 -9 -23 -9h-160q-16 0 -21 11t7 23l464 464l-464 464q-12 12 -7 23t21 11z" /> |
|||
<glyph unicode="" d="M1087 882q11 -5 11 -21v-160q0 -13 -9 -23l-471 -471q-8 -7 -18 -7t-18 7l-471 471q-9 10 -9 23v160q0 16 11 21t23 -7l464 -464l464 464q12 12 23 7z" /> |
|||
<glyph unicode="" d="M618 993l471 -471q9 -10 9 -23v-160q0 -16 -11 -21t-23 7l-464 464l-464 -464q-12 -12 -23 -7t-11 21v160q0 13 9 23l471 471q8 7 18 7t18 -7z" /> |
|||
<glyph unicode="" d="M1000 1200q0 -124 -88 -212t-212 -88q0 124 88 212t212 88zM450 1000h100q21 0 40 -14t26 -33l79 -194q5 1 16 3q34 6 54 9.5t60 7t65.5 1t61 -10t56.5 -23t42.5 -42t29 -64t5 -92t-19.5 -121.5q-1 -7 -3 -19.5t-11 -50t-20.5 -73t-32.5 -81.5t-46.5 -83t-64 -70 t-82.5 -50q-13 -5 -42 -5t-65.5 2.5t-47.5 2.5q-14 0 -49.5 -3.5t-63 -3.5t-43.5 7q-57 25 -104.5 78.5t-75 111.5t-46.5 112t-26 90l-7 35q-15 63 -18 115t4.5 88.5t26 64t39.5 43.5t52 25.5t58.5 13t62.5 2t59.5 -4.5t55.5 -8l-147 192q-12 18 -5.5 30t27.5 12z" /> |
|||
<glyph unicode="🔑" d="M250 1200h600q21 0 35.5 -14.5t14.5 -35.5v-400q0 -21 -14.5 -35.5t-35.5 -14.5h-150v-500l-255 -178q-19 -9 -32 -1t-13 29v650h-150q-21 0 -35.5 14.5t-14.5 35.5v400q0 21 14.5 35.5t35.5 14.5zM400 1100v-100h300v100h-300z" /> |
|||
<glyph unicode="🚪" d="M250 1200h750q39 0 69.5 -40.5t30.5 -84.5v-933l-700 -117v950l600 125h-700v-1000h-100v1025q0 23 15.5 49t34.5 26zM500 525v-100l100 20v100z" /> |
|||
</font> |
|||
</defs></svg> |
|||
6
www/htdocs/vendor/bootstrap/js/bootstrap.min.js
File diff suppressed because it is too large
View File
File diff suppressed because it is too large
View File
@ -0,0 +1,163 @@ |
|||
/* |
|||
jquery-selectunique.js v0.1.0 |
|||
|
|||
Given a group of select fields with the same options, SelectUnique will remove an option from the |
|||
other select fields when it's selected, and put it back when it's changed. |
|||
|
|||
Home: http://github.com/sshaw/jquery-selectunique
|
|||
License (MIT): http://www.opensource.org/licenses/mit-license.php
|
|||
|
|||
Copyright (c) 2013 Skye Shaw |
|||
*/ |
|||
|
|||
(function($) { |
|||
var NS = 'selectunique'; |
|||
var KEY_SELECTED = NS + '-selected'; |
|||
|
|||
var SelectUnique = function(q, options) { |
|||
var self = this; |
|||
|
|||
self.q = q.find('option').parent('select'); // We need a set containing the select elements
|
|||
self.options = $.extend({}, options); |
|||
self.optionIndex = {}; |
|||
|
|||
self.q.on('change.' + NS, function() { |
|||
self._selectChanged($(this)); |
|||
}); |
|||
|
|||
$(self._uniqueOptions(self.q.find('option'))).each(function() { |
|||
self.optionIndex[self._optionId(this)] = this.index; |
|||
}); |
|||
|
|||
self.q.has(':selected').each(function() { |
|||
self._optionSelected($(this)); |
|||
}); |
|||
}; |
|||
|
|||
SelectUnique.prototype = { |
|||
constructor: SelectUnique, |
|||
|
|||
_selectChanged: function(select) { |
|||
var self = this, prevOption = select.data(KEY_SELECTED); |
|||
|
|||
if(prevOption) { |
|||
self.q.not(select).each(function() { |
|||
var thisSelect = $(this); |
|||
thisSelect.append(self._cloneOption(prevOption)); |
|||
self._sortOptions(thisSelect); |
|||
}); |
|||
} |
|||
|
|||
self._optionSelected(select); |
|||
}, |
|||
|
|||
_optionSelected: function(select) { |
|||
var self = this, selOption = select.find(':selected'); |
|||
|
|||
if(self._ignoreOption(selOption)) { |
|||
select.data(KEY_SELECTED, null); |
|||
} |
|||
else { |
|||
select.data(KEY_SELECTED, selOption); |
|||
self.q.not(select).each(function() { |
|||
var thisSelect = $(this); |
|||
thisSelect.find('option').each(function() { |
|||
var thisOption = $(this); |
|||
|
|||
// Ignore val(), we only care about what the user sees. This allows for cases
|
|||
// where the text is the same but the value is dependent on the select it's in.
|
|||
if(selOption.text() == thisOption.text()) { |
|||
thisOption.remove(); |
|||
return; |
|||
} |
|||
}); |
|||
}); |
|||
} |
|||
}, |
|||
|
|||
_ignoreOption: function(option) { |
|||
return $.trim(option.val()) == '' || ($.isFunction(this.options.ignoreOption) && this.options.ignoreOption(option)); |
|||
}, |
|||
|
|||
_cloneOption: function(option) { |
|||
// We must set selected to false everytime because this will be true:
|
|||
// (cache[x] = original.clone(true).prop('selected', false)).clone(true).prop('selected')
|
|||
return option.clone(true).prop('selected', false); |
|||
}, |
|||
|
|||
_sortOptions: function(select) { |
|||
var self = this, options = select.find('option'), val = select.val(); |
|||
options.sort(function(a,b) { |
|||
return self.optionIndex[self._optionId(a)] - self.optionIndex[self._optionId(b)]; |
|||
}); |
|||
|
|||
select.html(options); |
|||
select.val(val); |
|||
}, |
|||
|
|||
_optionId: function(option) { |
|||
return [option.value, option.text].join('-'); |
|||
}, |
|||
|
|||
_uniqueOptions: function(options) { |
|||
var self = this, unique = [], seen = {}; |
|||
|
|||
options.each(function() { |
|||
var key = self._optionId(this); |
|||
if(!seen[key] && !self._ignoreOption($(this))) { |
|||
seen[key] = true; |
|||
unique.push(this); |
|||
} |
|||
}); |
|||
|
|||
return unique; |
|||
}, |
|||
|
|||
_removeHandlers: function() { |
|||
this.q.off('.'+NS); |
|||
}, |
|||
|
|||
refresh: function() { |
|||
var self = this; |
|||
|
|||
}, |
|||
|
|||
selected: function() { |
|||
var selected = this._uniqueOptions(this.q.find(':selected')); |
|||
return $.map(selected, function(e) { |
|||
return e.cloneNode(true); |
|||
}); |
|||
}, |
|||
|
|||
remaining: function() { |
|||
var remaining = this._uniqueOptions(this.q.find('option:not(:selected)')); |
|||
return $.map(remaining, function(e) { |
|||
return e.cloneNode(true); |
|||
}); |
|||
|
|||
} |
|||
}; |
|||
|
|||
$.fn.selectunique = function(options) { |
|||
if(this.has('select,option').length) { |
|||
var uniq = this.data(NS); |
|||
if(!uniq) |
|||
this.data(NS, uniq = new SelectUnique(this, options)); |
|||
|
|||
if(typeof options == 'string') { |
|||
if(options == 'refresh') { |
|||
uniq._removeHandlers(); |
|||
this.data(NS, uniq = new SelectUnique(this)); |
|||
} |
|||
else { |
|||
if(!uniq[options]) |
|||
$.error("selectunique: no such method '" + options + "'"); |
|||
|
|||
return uniq[options](); |
|||
} |
|||
} |
|||
} |
|||
|
|||
return this; |
|||
}; |
|||
})(window.jQuery); |
|||
4
www/htdocs/vendor/font-awesome/css/font-awesome.min.css
File diff suppressed because it is too large
View File
File diff suppressed because it is too large
View File
2671
www/htdocs/vendor/font-awesome/fonts/fontawesome-webfont.svg
File diff suppressed because it is too large
View File
File diff suppressed because it is too large
View File
2
www/htdocs/vendor/jquery/js/jquery-3.5.1.min.js
File diff suppressed because it is too large
View File
File diff suppressed because it is too large
View File
1
www/htdocs/vendor/jquery/js/jquery-3.5.1.min.map
File diff suppressed because it is too large
View File
File diff suppressed because it is too large
View File
@ -0,0 +1,157 @@ |
|||
<?php |
|||
#==============================================================================
|
|||
# LTB Self Service Password
|
|||
#
|
|||
# Copyright (C) 2009 Clement OUDOT
|
|||
# Copyright (C) 2009 LTB-project.org
|
|||
#
|
|||
# This program is free software; you can redistribute it and/or
|
|||
# modify it under the terms of the GNU General Public License
|
|||
# as published by the Free Software Foundation; either version 2
|
|||
# of the License, or (at your option) any later version.
|
|||
#
|
|||
# This program is distributed in the hope that it will be useful,
|
|||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|||
# GNU General Public License for more details.
|
|||
#
|
|||
# GPL License: http://www.gnu.org/licenses/gpl.txt
|
|||
#
|
|||
#==============================================================================
|
|||
|
|||
# Traducció al català per Carlos Sicilia
|
|||
|
|||
#==============================================================================
|
|||
# Catalan
|
|||
#==============================================================================
|
|||
$messages['phpupgraderequired'] = "PHP upgrade required"; |
|||
$messages['nophpldap'] = "Cal instal·lar PHP LDAP per fer servir aquesta eina"; |
|||
$messages['nophpmhash'] = "Cal instal·lar PHP mhash per fer servir el mode Samba"; |
|||
$messages['nokeyphrase'] = "Token encryption requires a random string in keyphrase setting"; |
|||
$messages['ldaperror'] = "No es pot accedir al servidor LDAP"; |
|||
$messages['loginrequired'] = "Cal el nom d'usuari"; |
|||
$messages['oldpasswordrequired'] = "Cal la contrasenya anterior"; |
|||
$messages['newpasswordrequired'] = "Cal la contrasenya actual"; |
|||
$messages['confirmpasswordrequired'] = "Si us plau, confirmeu la contrasenya nova"; |
|||
$messages['passwordchanged'] = "La seva contrasenya ha canviat"; |
|||
$messages['nomatch'] = "Les contrasenyes no són iguals"; |
|||
$messages['badcredentials'] = "El nom d'usuari o la contrasenya són incorrectes"; |
|||
$messages['passworderror'] = "El servidor ha refusat la contrasenya"; |
|||
$messages['title'] = "Autoservei de canvi de contrasenyes"; |
|||
$messages['login'] = "Nom d'usuari"; |
|||
$messages['oldpassword'] = "Contrasenya anterior"; |
|||
$messages['newpassword'] = "Contrasenya nova"; |
|||
$messages['confirmpassword'] = "Confirmeu la nova contrasenya"; |
|||
$messages['submit'] = "Enviar"; |
|||
$messages['tooshort'] = "La vostra contrasenya és massa curta"; |
|||
$messages['toobig'] = "La vostra contrasenya és massa llarga"; |
|||
$messages['minlower'] = "La vostra contrasenya no té prou minúscules"; |
|||
$messages['minupper'] = "La vostra contrasenya no té prou majúscules"; |
|||
$messages['mindigit'] = "La vostra contrasenya no té prou xifres"; |
|||
$messages['minspecial'] = "La vostra contrasenya no té prou caràcters especials"; |
|||
$messages['sameasold'] = "La nova contrasenya és igual a la antiga"; |
|||
$messages['policy'] = "Cal que la contrasenya respecti les següents normes"; |
|||
$messages['policyminlength'] = "Longitud mínima"; |
|||
$messages['policymaxlength'] = "Longitud màxima"; |
|||
$messages['policyminlower'] = "Mínima quantitat de minúscules"; |
|||
$messages['policyminupper'] = "Mínima quantitat de majúscules"; |
|||
$messages['policymindigit'] = "Mínima quantitat de xifres"; |
|||
$messages['policyminspecial'] = "Mínima quantitat de caràcters especials"; |
|||
$messages['forbiddenchars'] = "La seva contrasenya conté caràcters prohibits"; |
|||
$messages['policyforbiddenchars'] = "Caràcters prohibits"; |
|||
$messages['policynoreuse'] = "La contrasenya nova no pot ser la mateixa que abans"; |
|||
$messages['questions']['birthday'] = "Quan és el vostre aniversari?"; |
|||
$messages['questions']['color'] = "Quin és el vostre color preferit?"; |
|||
$messages['password'] = "Contrasenya"; |
|||
$messages['question'] = "Pregunta"; |
|||
$messages['answer'] = "Resposta"; |
|||
$messages['setquestionshelp'] = "Estableixi o modifiqui la seva pregunta i resposta secreta. Després podrà canviar la seva contrasenya <a href=\"?action=resetbyquestions\">aquÃ</a>."; |
|||
$messages['answerrequired'] = "No heu donat una resposta"; |
|||
$messages['questionrequired'] = "No ha seleccionat una pregunta"; |
|||
$messages['passwordrequired'] = "Cal la contrasenya"; |
|||
$messages['answermoderror'] = "No ha quedat gravada la resposta"; |
|||
$messages['answerchanged'] = "La resposta ha quedat gravada"; |
|||
$messages['answernomatch'] = "La resposta no és correcta"; |
|||
$messages['resetbyquestionshelp'] = "Trieu una pregunta i responeu-la per restaurar la seva contrasenya. Requereix <a href=\"?action=setquestions\">haver gravat una resposta</a>."; |
|||
$messages['changehelp'] = "Escriviu la contrasenya anterior i trieu la nova."; |
|||
$messages['changehelpreset'] = "Heu oblidat la contrasenya?"; |
|||
$messages['changehelpquestions'] = "<a href=\"?action=resetbyquestions\">Restaurar la contrasenya responent preguntes</a>"; |
|||
$messages['changehelptoken'] = "<a href=\"?action=sendtoken\">Restaurar la contrasenya amb confirmació per correu</a>"; |
|||
$messages['changehelpsms'] = "<a href=\"?action=sendsms\">Reset your password with a SMS</a>"; |
|||
$messages['resetmessage'] = "Hola {login},\n\nFer clic aquà per restaurar la vostra contrasenya:\n{url}\n\nSi no heu demanat aquest servei, si us plau ignoreu-lo."; |
|||
$messages['resetsubject'] = "Restaurar la contrasenya"; |
|||
$messages['sendtokenhelp'] = "Escriviu el vostre usuari i correu per restaurar la contrasenya. Rebreu un correu per confirmar-ho."; |
|||
$messages['sendtokenhelpnomail'] = "Escriviu el vostre usuari per restaurar la contrasenya. Rebreu un correu per confirmar-ho."; |
|||
$messages['resetbysmshelp'] = "The token sent by sms allows you to reset your password. To get a new token, <a href=\"?action=sendsms\">click here</a>."; |
|||
$messages['mail'] = "Correu"; |
|||
$messages['mailrequired'] = "Cal el vostre correu"; |
|||
$messages['mailnomatch'] = "El correu no coincideix amb el registrat per l'usuari"; |
|||
$messages['tokensent'] = "Hem enviat un correu de confirmació"; |
|||
$messages['tokennotsent'] = "Error enviant el correu de confirmació"; |
|||
$messages['tokenrequired'] = "Cal una fitxa"; |
|||
$messages['tokennotvalid'] = "La fitxa no és vàlida"; |
|||
$messages['resetbytokenhelp'] = "La fitxa enviada per correu us permet restaurar la contrasenya. Per aconseguir una nova fitxa, <a href=\"?action=sendtoken\">fer clic aquÃ</a>."; |
|||
$messages['changemessage'] = "Hola {login},\n\nHeu canviat la vostra contrasenya.\n\nSi no heu sol·licitat aquest servei, poseu-vos en contacte amb el vostre administrador inmediatament."; |
|||
$messages['changesubject'] = "Heu canviat la vostra contrasenya"; |
|||
$messages['badcaptcha'] = "El captcha no és correcte. Torneu a provar-ho."; |
|||
$messages['captcharequired'] = "The captcha is required."; |
|||
$messages['captcha'] = "Captcha"; |
|||
$messages['notcomplex'] = "La vostra contrasenya no té prou classes diferents de caràcters"; |
|||
$messages['policycomplex'] = "Mínim de classes de caràcters diferents:"; |
|||
$messages['sms'] = "SMS Numero"; |
|||
$messages['smsresetmessage'] = "El token de restabliment de contrasenya és:"; |
|||
$messages['sendsmshelp'] = "Introdueixi el seu nom d'usuari per obtenir testimoni de restabliment de contrasenya. A continuació, escriviu token en els SMS enviats."; |
|||
$messages['smssent'] = "Un codi de confirmació ha estat enviat per SMS"; |
|||
$messages['smsnotsent'] = "Error enviant el SMS"; |
|||
$messages['smsnonumber'] = "No es pot trobar el número de telèfon mòbil"; |
|||
$messages['userfullname'] = "Nom d'usuari complert"; |
|||
$messages['username'] = "Nom d'usuari"; |
|||
$messages['smscrypttokensrequired'] = "No es pot utilitzar el reset per sms sense ajust de les opcions crypt_tokens"; |
|||
$messages['smsuserfound'] = "Revisi que la informació d'usuari és correcte i premi Enviar per obternir el token per SMS"; |
|||
$messages['smstoken'] = "token SMS"; |
|||
$messages['loginrequired'] = "Es requereix el seu nom d'usuari"; |
|||
$messages['minspecial'] = "La teva contrasenya no té prou caràcters especials"; |
|||
$messages['getuser'] = "Obtenir usuari"; |
|||
$messages['nophpmbstring'] = "Ha d'instal·lar PHP mbstring"; |
|||
$messages['menuquestions'] = "Pregunte"; |
|||
$messages['menutoken'] = "Correu"; |
|||
$messages['menusms'] = "SMS"; |
|||
$messages['nophpxml'] = "Cal instal·lar PHP XML per fer servir aquesta eina"; |
|||
$messages['tokenattempts'] = "Invalid token, try again"; |
|||
$messages['emptychangeform'] = "Change your password"; |
|||
$messages['emptysendtokenform'] = "Email a password reset link"; |
|||
$messages['emptyresetbyquestionsform'] = "Reset your password"; |
|||
$messages['emptysetquestionsform'] = "Set your password reset questions"; |
|||
$messages['emptysendsmsform'] = "Get a reset code"; |
|||
$messages['sameaslogin'] = "Your new password is identical to your login"; |
|||
$messages['policydifflogin'] = "Your new password may not be the same as your login"; |
|||
$messages['sshkeyrequired'] = "Es requereix SSH Key"; |
|||
$messages['changesshkeysubject'] = "La seva clau de SSH s'ha canviat"; |
|||
$messages['emptysshkeychangeform'] = "Canviar la clau d'SSH"; |
|||
$messages['sshkey'] = "claus SSH"; |
|||
$messages['sshkeychanged'] = "La seva clau de SSH es va canviar"; |
|||
$messages['sshkeyerror'] = "SSH Key was refused by the LDAP directory"; |
|||
$messages['menusshkey'] = "claus SSH"; |
|||
$messages['changehelpsshkey'] = "<a href=\"?action=changesshkey\">Canviar la clau d'SSH</a>"; |
|||
$messages['changesshkeyhelp'] = "Introduïu la contrasenya i la clau SSH."; |
|||
$messages['changesshkeymessage'] = "Hola {login},\n\nLa claus SSH s'ha canviat.\n\nSi no va iniciar aquest canvi, poseu-vos en contacte amb l'administrador immediatament."; |
|||
$messages['pwned'] = "Your new password has already been published on leaks, you should consider changing it on any other service that it is in use"; |
|||
$messages['policypwned'] = "Your new password may not be published on any previous public password leak from any site"; |
|||
$messages['throttle'] = "Too fast! Please try again later (if ever you are human)"; |
|||
$messages['policydiffminchars'] = "Minimum number of new unique characters:"; |
|||
$messages['diffminchars'] = "Your new password is too similar to your old password"; |
|||
$messages['specialatends'] = "Your new password has its only special character at the beginning or end"; |
|||
$messages['policyspecialatends'] = "Your new password may not have its only special character at the beginning or end"; |
|||
$messages['checkdatabeforesubmit'] = "Please check your information before submitting the form"; |
|||
$messages['forbiddenwords'] = "Your passwords contains forbidden words or strings"; |
|||
$messages['policyforbiddenwords'] = "Your password must not contain:"; |
|||
$messages['forbiddenldapfields'] = "Your password contains values from your LDAP entry"; |
|||
$messages['policyforbiddenldapfields'] = "Your password may not contain values from the following LDAP fields:"; |
|||
$messages['ldap_cn'] = "common name"; |
|||
$messages['ldap_givenName'] = "given name"; |
|||
$messages['ldap_sn'] = "surname"; |
|||
$messages['ldap_mail'] = "mail address"; |
|||
$messages["questionspopulatehint"] = "Enter only your login to retrieve the questions you've registered."; |
|||
$messages['badquality'] = "Password quality is too low"; |
|||
$messages['tooyoung'] = "Password was changed too recently"; |
|||
$messages['inhistory'] = "Password is in history of old passwords"; |
|||
Some files were not shown because too many files changed in this diff
Write
Preview
Loading…
Cancel
Save
Reference in new issue