Page MenuHomestyx hydra
Files F1434822

No OneTemporary
Actions

View Options

diff --git a/src/applications/auth/controller/oauthdiagnostics/PhabricatorOAuthDiagnosticsController.php b/src/applications/auth/controller/oauthdiagnostics/PhabricatorOAuthDiagnosticsController.php
index 0eca204851..f7bb38bde5 100644
--- a/src/applications/auth/controller/oauthdiagnostics/PhabricatorOAuthDiagnosticsController.php
+++ b/src/applications/auth/controller/oauthdiagnostics/PhabricatorOAuthDiagnosticsController.php
@@ -1,238 +1,226 @@
<?php
/*
- * Copyright 2011 Facebook, Inc.
+ * Copyright 2012 Facebook, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
class PhabricatorOAuthDiagnosticsController
extends PhabricatorAuthController {
public function shouldRequireLogin() {
return false;
}
public function willProcessRequest(array $data) {
$this->provider = PhabricatorOAuthProvider::newProvider($data['provider']);
}
public function processRequest() {
$provider = $this->provider;
-
-
$auth_enabled = $provider->isProviderEnabled();
$client_id = $provider->getClientID();
$client_secret = $provider->getClientSecret();
+ $key = $provider->getProviderKey();
+ $name = phutil_escape_html($provider->getProviderName());
$res_ok = '<strong style="color: #00aa00;">OK</strong>';
$res_no = '<strong style="color: #aa0000;">NO</strong>';
$res_na = '<strong style="color: #999999;">N/A</strong>';
$results = array();
-
+ $auth_key = $key . '.auth-enabled';
if (!$auth_enabled) {
- $results['facebook.auth-enabled'] = array(
+ $results[$auth_key] = array(
$res_no,
'false',
- 'Facebook authentication is disabled in the configuration. Edit the '.
- 'environmental configuration to enable "facebook.auth-enabled".');
+ $name . ' authentication is disabled in the configuration. Edit the '.
+ 'Phabricator configuration to enable "'.$auth_key.'".');
} else {
- $results['facebook.auth-enabled'] = array(
+ $results[$auth_key] = array(
$res_ok,
'true',
- 'Facebook authentication is enabled.');
+ $name.' authentication is enabled.');
}
+ $client_id_key = $key. '.application-id';
if (!$client_id) {
- $results['facebook.application-id'] = array(
+ $results[$client_id_key] = array(
$res_no,
null,
- 'No Facebook Application ID is configured. Edit the environmental '.
+ 'No '.$name.' Application ID is configured. Edit the Phabricator '.
'configuration to specify an application ID in '.
- '"facebook.application-id". To generate an ID, sign into Facebook, '.
- 'install the "Developer" application, and use it to create a new '.
- 'Facebook application.');
+ '"'.$client_id_key.'". '.$provider->renderGetClientIDHelp());
} else {
- $results['facebook.application-id'] = array(
+ $results[$client_id_key] = array(
$res_ok,
$client_id,
'Application ID is set.');
}
+ $client_secret_key = $key.'.application-secret';
if (!$client_secret) {
- $results['facebook.application-secret'] = array(
+ $results[$client_secret_key] = array(
$res_no,
null,
- 'No Facebook Application secret is configured. Edit the environmental '.
- 'configuration to specify an Application Secret, in '.
- '"facebook.application-secret". You can find the application secret '.
- 'in the Facebook "Developer" application on Facebook.');
+ 'No '.$name.' Application secret is configured. Edit the '.
+ 'Phabricator configuration to specify an Application Secret, in '.
+ '"'.$client_secret_key.'". '.$provider->renderGetClientSecretHelp());
} else {
- $results['facebook.application-secret'] = array(
+ $results[$client_secret_key] = array(
$res_ok,
"It's a secret!",
'Application secret is set.');
}
$timeout = stream_context_create(
array(
'http' => array(
'ignore_errors' => true,
'timeout' => 5,
),
));
$timeout_strict = stream_context_create(
array(
'http' => array(
'timeout' => 5,
),
));
$internet = @file_get_contents("http://google.com/", false, $timeout);
if ($internet === false) {
$results['internet'] = array(
$res_no,
null,
'Unable to make an HTTP request to Google. Check your outbound '.
'internet connection and firewall/filtering settings.');
} else {
$results['internet'] = array(
$res_ok,
null,
'Internet seems OK.');
}
- $facebook = @file_get_contents("http://facebook.com/", false, $timeout);
- if ($facebook === false) {
- $results['facebook.com'] = array(
- $res_no,
- null,
- 'Unable to make an HTTP request to facebook.com. Facebook may be '.
- 'down or inaccessible.');
- } else {
- $results['facebook.com'] = array(
- $res_ok,
- null,
- 'Made a request to facebook.com.');
- }
-
- $graph = @file_get_contents(
- "https://graph.facebook.com/me",
- false,
- $timeout);
- if ($graph === false) {
- $results['Facebook Graph'] = array(
- $res_no,
- null,
- "Unable to make an HTTPS request to graph.facebook.com. ".
- "The Facebook graph may be down or inaccessible.");
- } else {
- $results['Facebook Graph'] = array(
- $res_ok,
- null,
- 'Made a request to graph.facebook.com.');
+ $test_uris = $provider->getTestURIs();
+ foreach ($test_uris as $uri) {
+ $success = @file_get_contents($uri, false, $timeout);
+ if ($success === false) {
+ $results[$uri] = array(
+ $res_no,
+ null,
+ "Unable to make an HTTP request to {$uri}. {$name} may be ".
+ 'down or inaccessible.');
+ } else {
+ $results[$uri] = array(
+ $res_ok,
+ null,
+ 'Made a request to '.$uri.'.');
+ }
}
- $test_uri = new PhutilURI('https://graph.facebook.com/oauth/access_token');
+ $test_uri = new PhutilURI($provider->getTokenURI());
$test_uri->setQueryParams(
array(
'client_id' => $client_id,
'client_secret' => $client_secret,
'grant_type' => 'client_credentials',
));
$token_value = @file_get_contents($test_uri, false, $timeout);
$token_strict = @file_get_contents($test_uri, false, $timeout_strict);
if ($token_value === false) {
$results['App Login'] = array(
$res_no,
null,
"Unable to perform an application login with your Application ID and ".
"Application Secret. You may have mistyped or misconfigured them; ".
- "Facebook may have revoked your authorization; or Facebook may be ".
+ "{$name} may have revoked your authorization; or {$name} may be ".
"having technical problems.");
} else {
if ($token_strict) {
$results['App Login'] = array(
$res_ok,
'(A Valid Token)',
- "Raw application login to Facebook works.");
+ "Raw application login to {$name} works.");
} else {
$data = json_decode($token_value, true);
if (!is_array($data)) {
$results['App Login'] = array(
$res_no,
$token_value,
- "Application Login failed but the graph server did not respond ".
- "with valid JSON error information. Facebook may be experiencing ".
+ "Application Login failed but the provider did not respond ".
+ "with valid JSON error information. {$name} may be experiencing ".
"technical problems.");
} else {
$results['App Login'] = array(
$res_no,
null,
"Application Login failed with error: ".$token_value);
}
}
}
return $this->renderResults($results);
}
private function renderResults($results) {
+ $provider = $this->provider;
$rows = array();
foreach ($results as $key => $result) {
$rows[] = array(
phutil_escape_html($key),
$result[0],
phutil_escape_html($result[1]),
phutil_escape_html($result[2]),
);
}
$table_view = new AphrontTableView($rows);
$table_view->setHeaders(
array(
'Test',
'Result',
'Value',
'Details',
));
$table_view->setColumnClasses(
array(
null,
null,
null,
'wide',
));
+ $title = $provider->getProviderName() . ' Auth Diagnostics';
+
$panel_view = new AphrontPanelView();
- $panel_view->setHeader('Facebook Auth Diagnostics');
+ $panel_view->setHeader($title);
$panel_view->appendChild(
'<p class="aphront-panel-instructions">These tests may be able to '.
'help diagnose the root cause of problems you experience with '.
- 'Facebook Authentication. Reload the page to run the tests again.</p>');
+ $provider->getProviderName() .
+ ' Authentication. Reload the page to run the tests again.</p>');
$panel_view->appendChild($table_view);
return $this->buildStandardPageResponse(
$panel_view,
array(
- 'title' => 'Facebook Auth Diagnostics',
+ 'title' => $title,
));
-
}
}
diff --git a/src/applications/auth/oauth/provider/base/PhabricatorOAuthProvider.php b/src/applications/auth/oauth/provider/base/PhabricatorOAuthProvider.php
index f886b0aff4..1c6f8b3913 100644
--- a/src/applications/auth/oauth/provider/base/PhabricatorOAuthProvider.php
+++ b/src/applications/auth/oauth/provider/base/PhabricatorOAuthProvider.php
@@ -1,121 +1,136 @@
<?php
/*
* Copyright 2012 Facebook, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
abstract class PhabricatorOAuthProvider {
- const PROVIDER_FACEBOOK = 'facebook';
- const PROVIDER_GITHUB = 'github';
- const PROVIDER_GOOGLE = 'google';
+ const PROVIDER_FACEBOOK = 'facebook';
+ const PROVIDER_GITHUB = 'github';
+ const PROVIDER_GOOGLE = 'google';
+ const PROVIDER_PHABRICATOR = 'phabricator';
private $accessToken;
abstract public function getProviderKey();
abstract public function getProviderName();
abstract public function isProviderEnabled();
abstract public function isProviderLinkPermanent();
abstract public function isProviderRegistrationEnabled();
- abstract public function getRedirectURI();
abstract public function getClientID();
+ abstract public function renderGetClientIDHelp();
abstract public function getClientSecret();
+ abstract public function renderGetClientSecretHelp();
abstract public function getAuthURI();
+ abstract public function getTestURIs();
/**
* If the provider needs extra stuff in the auth request, return it here.
* For example, Google needs a response_type parameter.
*/
public function getExtraAuthParameters() {
return array();
}
abstract public function getTokenURI();
/**
* If the provider needs extra stuff in the token request, return it here.
* For example, Google needs a grant_type parameter.
*/
public function getExtraTokenParameters() {
return array();
}
abstract public function getUserInfoURI();
abstract public function getMinimumScope();
abstract public function setUserData($data);
abstract public function retrieveUserID();
abstract public function retrieveUserEmail();
abstract public function retrieveUserAccountName();
abstract public function retrieveUserProfileImage();
abstract public function retrieveUserAccountURI();
abstract public function retrieveUserRealName();
/**
* Override this if the provider returns the token response as, e.g., JSON
* or XML.
*/
public function decodeTokenResponse($response) {
$data = null;
parse_str($response, $data);
return $data;
}
public function __construct() {
}
+ /**
+ * This is where the OAuth provider will redirect the user after the user
+ * grants Phabricator access.
+ */
+ final public function getRedirectURI() {
+ $key = $this->getProviderKey();
+ return PhabricatorEnv::getURI('/oauth/'.$key.'/login/');
+ }
final public function setAccessToken($access_token) {
$this->accessToken = $access_token;
return $this;
}
final public function getAccessToken() {
return $this->accessToken;
}
public static function newProvider($which) {
switch ($which) {
case self::PROVIDER_FACEBOOK:
$class = 'PhabricatorOAuthProviderFacebook';
break;
case self::PROVIDER_GITHUB:
$class = 'PhabricatorOAuthProviderGitHub';
break;
case self::PROVIDER_GOOGLE:
$class = 'PhabricatorOAuthProviderGoogle';
break;
+ case self::PROVIDER_PHABRICATOR:
+ $class = 'PhabricatorOAuthProviderPhabricator';
+ break;
default:
throw new Exception('Unknown OAuth provider.');
}
PhutilSymbolLoader::loadClass($class);
return newv($class, array());
}
public static function getAllProviders() {
$all = array(
self::PROVIDER_FACEBOOK,
self::PROVIDER_GITHUB,
self::PROVIDER_GOOGLE,
+ self::PROVIDER_PHABRICATOR,
);
$providers = array();
foreach ($all as $provider) {
$providers[$provider] = self::newProvider($provider);
}
return $providers;
}
}
diff --git a/src/applications/auth/oauth/provider/base/__init__.php b/src/applications/auth/oauth/provider/base/__init__.php
index 247c83fee4..fcc5fa3984 100644
--- a/src/applications/auth/oauth/provider/base/__init__.php
+++ b/src/applications/auth/oauth/provider/base/__init__.php
@@ -1,13 +1,15 @@
<?php
/**
* This file is automatically generated. Lint this module to rebuild it.
* @generated
*/
+phutil_require_module('phabricator', 'infrastructure/env');
+
phutil_require_module('phutil', 'symbols');
phutil_require_module('phutil', 'utils');
phutil_require_source('PhabricatorOAuthProvider.php');
diff --git a/src/applications/auth/oauth/provider/facebook/PhabricatorOAuthProviderFacebook.php b/src/applications/auth/oauth/provider/facebook/PhabricatorOAuthProviderFacebook.php
index aa305fe09f..fd1dc59df5 100644
--- a/src/applications/auth/oauth/provider/facebook/PhabricatorOAuthProviderFacebook.php
+++ b/src/applications/auth/oauth/provider/facebook/PhabricatorOAuthProviderFacebook.php
@@ -1,106 +1,119 @@
<?php
/*
- * Copyright 2011 Facebook, Inc.
+ * Copyright 2012 Facebook, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
class PhabricatorOAuthProviderFacebook extends PhabricatorOAuthProvider {
private $userData;
public function getProviderKey() {
return self::PROVIDER_FACEBOOK;
}
public function getProviderName() {
return 'Facebook';
}
public function isProviderEnabled() {
return PhabricatorEnv::getEnvConfig('facebook.auth-enabled');
}
public function isProviderLinkPermanent() {
return PhabricatorEnv::getEnvConfig('facebook.auth-permanent');
}
public function isProviderRegistrationEnabled() {
return PhabricatorEnv::getEnvConfig('facebook.registration-enabled');
}
- public function getRedirectURI() {
- return PhabricatorEnv::getURI('/oauth/facebook/login/');
- }
-
public function getClientID() {
return PhabricatorEnv::getEnvConfig('facebook.application-id');
}
+ public function renderGetClientIDHelp() {
+ return 'To generate an ID, sign into Facebook, install the "Developer"'.
+ ' application, and use it to create a new Facebook application.';
+ }
+
public function getClientSecret() {
return PhabricatorEnv::getEnvConfig('facebook.application-secret');
}
+ public function renderGetClientSecretHelp() {
+ return 'You can find the application secret in the Facebook'.
+ ' "Developer" application on Facebook.';
+ }
+
public function getAuthURI() {
return 'https://www.facebook.com/dialog/oauth';
}
+ public function getTestURIs() {
+ return array(
+ 'http://facebook.com',
+ 'https://graph.facebook.com/me'
+ );
+ }
+
public function getTokenURI() {
return 'https://graph.facebook.com/oauth/access_token';
}
public function getUserInfoURI() {
return 'https://graph.facebook.com/me';
}
public function getMinimumScope() {
return 'email';
}
public function setUserData($data) {
$this->userData = json_decode($data, true);
return $this;
}
public function retrieveUserID() {
return $this->userData['id'];
}
public function retrieveUserEmail() {
return $this->userData['email'];
}
public function retrieveUserAccountName() {
$matches = null;
$link = $this->userData['link'];
if (preg_match('@/([a-zA-Z0-9]+)$@', $link, $matches)) {
return $matches[1];
}
return null;
}
public function retrieveUserProfileImage() {
$uri = 'https://graph.facebook.com/me/picture?access_token=';
return @file_get_contents($uri.$this->getAccessToken());
}
public function retrieveUserAccountURI() {
return $this->userData['link'];
}
public function retrieveUserRealName() {
return $this->userData['name'];
}
}
diff --git a/src/applications/auth/oauth/provider/github/PhabricatorOAuthProviderGitHub.php b/src/applications/auth/oauth/provider/github/PhabricatorOAuthProviderGitHub.php
index 868988687c..61675f2508 100644
--- a/src/applications/auth/oauth/provider/github/PhabricatorOAuthProviderGitHub.php
+++ b/src/applications/auth/oauth/provider/github/PhabricatorOAuthProviderGitHub.php
@@ -1,109 +1,119 @@
<?php
/*
* Copyright 2012 Facebook, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
class PhabricatorOAuthProviderGitHub extends PhabricatorOAuthProvider {
private $userData;
public function getProviderKey() {
return self::PROVIDER_GITHUB;
}
public function getProviderName() {
return 'GitHub';
}
public function isProviderEnabled() {
return PhabricatorEnv::getEnvConfig('github.auth-enabled');
}
public function isProviderLinkPermanent() {
return PhabricatorEnv::getEnvConfig('github.auth-permanent');
}
public function isProviderRegistrationEnabled() {
return PhabricatorEnv::getEnvConfig('github.registration-enabled');
}
- public function getRedirectURI() {
- return PhabricatorEnv::getURI('/oauth/github/login/');
- }
-
public function getClientID() {
return PhabricatorEnv::getEnvConfig('github.application-id');
}
+ public function renderGetClientIDHelp() {
+ return null;
+ }
+
public function getClientSecret() {
return PhabricatorEnv::getEnvConfig('github.application-secret');
}
+ public function renderGetClientSecretHelp() {
+ return null;
+ }
+
public function getAuthURI() {
return 'https://github.com/login/oauth/authorize';
}
public function getTokenURI() {
return 'https://github.com/login/oauth/access_token';
}
+ public function getTestURIs() {
+ return array(
+ 'http://github.com',
+ );
+ }
+
public function getUserInfoURI() {
return 'https://github.com/api/v2/json/user/show';
}
public function getMinimumScope() {
return null;
}
public function setUserData($data) {
$this->userData = idx(json_decode($data, true), 'user');
return $this;
}
public function retrieveUserID() {
return $this->userData['id'];
}
public function retrieveUserEmail() {
return idx($this->userData, 'email');
}
public function retrieveUserAccountName() {
return $this->userData['login'];
}
public function retrieveUserProfileImage() {
$id = $this->userData['gravatar_id'];
if ($id) {
$uri = 'http://www.gravatar.com/avatar/'.$id.'?s=50';
return @file_get_contents($uri);
}
return null;
}
public function retrieveUserAccountURI() {
$username = $this->retrieveUserAccountName();
if ($username) {
return 'https://github.com/'.$username;
}
return null;
}
public function retrieveUserRealName() {
return idx($this->userData, 'name');
}
}
diff --git a/src/applications/auth/oauth/provider/google/PhabricatorOAuthProviderGoogle.php b/src/applications/auth/oauth/provider/google/PhabricatorOAuthProviderGoogle.php
index bb49b1b6f2..feee95ead3 100644
--- a/src/applications/auth/oauth/provider/google/PhabricatorOAuthProviderGoogle.php
+++ b/src/applications/auth/oauth/provider/google/PhabricatorOAuthProviderGoogle.php
@@ -1,136 +1,146 @@
<?php
/*
* Copyright 2012 Facebook, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
class PhabricatorOAuthProviderGoogle extends PhabricatorOAuthProvider {
private $userData;
public function getProviderKey() {
return self::PROVIDER_GOOGLE;
}
public function getProviderName() {
return 'Google';
}
public function isProviderEnabled() {
return PhabricatorEnv::getEnvConfig('google.auth-enabled');
}
public function isProviderLinkPermanent() {
return PhabricatorEnv::getEnvConfig('google.auth-permanent');
}
public function isProviderRegistrationEnabled() {
return PhabricatorEnv::getEnvConfig('google.registration-enabled');
}
- public function getRedirectURI() {
- return PhabricatorEnv::getURI('/oauth/google/login/');
- }
-
public function getClientID() {
return PhabricatorEnv::getEnvConfig('google.application-id');
}
+ public function renderGetClientIDHelp() {
+ return null;
+ }
+
public function getClientSecret() {
return PhabricatorEnv::getEnvConfig('google.application-secret');
}
+ public function renderGetClientSecretHelp() {
+ return null;
+ }
+
public function getAuthURI() {
return 'https://accounts.google.com/o/oauth2/auth';
}
+ public function getTestURIs() {
+ return array(
+ 'http://www.google.com'
+ );
+ }
+
public function getTokenURI() {
return 'https://accounts.google.com/o/oauth2/token';
}
public function getUserInfoURI() {
return 'https://www.google.com/m8/feeds/contacts/default/full';
}
public function getMinimumScope() {
// This is the Google contacts API, which is apparently the best way to get
// the user ID / login / email since Google doesn't apparently have a
// more generic "user.info" sort of call (or, if it does, I couldn't find
// it). This is sort of terrifying since it lets Phabricator read your whole
// address book and possibly your physical address and such, so it would
// be really nice to find a way to restrict this scope to something less
// crazily permissive. But users will click anything and the dialog isn't
// very scary, so whatever.
return 'https://www.google.com/m8/feeds';
}
public function setUserData($data) {
$xml = new SimpleXMLElement($data);
$id = (string)$xml->id;
$this->userData = array(
'id' => $id,
'email' => (string)$xml->author[0]->email,
'real' => (string)$xml->author[0]->name,
// Guess account name from email address, this is just a hint anyway.
'account' => head(explode('@', $id)),
);
return $this;
}
public function retrieveUserID() {
return $this->userData['id'];
}
public function retrieveUserEmail() {
return $this->userData['email'];
}
public function retrieveUserAccountName() {
return $this->userData['account'];
}
public function retrieveUserProfileImage() {
// No apparent API access to Plus yet.
return null;
}
public function retrieveUserAccountURI() {
// No apparent API access to Plus yet.
return null;
}
public function retrieveUserRealName() {
return $this->userData['real'];
}
public function getExtraAuthParameters() {
return array(
'response_type' => 'code',
);
}
public function getExtraTokenParameters() {
return array(
'grant_type' => 'authorization_code',
);
}
public function decodeTokenResponse($response) {
return json_decode($response, true);
}
}

File Metadata

Mime Type
text/x-diff
Expires
Thu, Nov 6, 4:25 AM (21 h, 9 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
321501
Default Alt Text
(26 KB)

Event Timeline

styx copyright 2020 sirocyl / ellie (kymkdd) / ncommander / styx contributors
Use of other names and brands is not intended to reflect a claim of, or right to, use the name or brand.
styx is an operating system using the Linux kernel and components, and "styx Linux" as a phrase does not reflect the inclusion of the Linux brand or trademark in the styx project.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.
Terms and Conditions (TODO: fix this!)