From 3d7b9560cb6bd3fa88eeba997af5f8fc90f5acca Mon Sep 17 00:00:00 2001 From: zzz Date: Sat, 9 May 2009 21:44:48 +0000 Subject: [PATCH 1/4] Connect client: fix NPE when used with advanced i2ptunnel features --- .../java/src/net/i2p/i2ptunnel/I2PTunnelConnectClient.java | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelConnectClient.java b/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelConnectClient.java index 9e102aa98..13906807e 100644 --- a/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelConnectClient.java +++ b/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelConnectClient.java @@ -156,6 +156,12 @@ public class I2PTunnelConnectClient extends I2PTunnelClientBase implements Runna defaultOpts.setProperty(I2PSocketOptions.PROP_READ_TIMEOUT, ""+DEFAULT_READ_TIMEOUT); if (!defaultOpts.contains("i2p.streaming.inactivityTimeout")) defaultOpts.setProperty("i2p.streaming.inactivityTimeout", ""+DEFAULT_READ_TIMEOUT); + // delayed start + if (sockMgr == null) { + synchronized(sockLock) { + sockMgr = getSocketManager(); + } + } I2PSocketOptions opts = sockMgr.buildOptions(defaultOpts); if (!defaultOpts.containsKey(I2PSocketOptions.PROP_CONNECT_TIMEOUT)) opts.setConnectTimeout(DEFAULT_CONNECT_TIMEOUT); From 70a2e48a7261b3b779de94111c3cb5f39fe34f2a Mon Sep 17 00:00:00 2001 From: zzz Date: Mon, 11 May 2009 16:34:05 +0000 Subject: [PATCH 2/4] Dont instantiate unused AdminManager --- router/java/src/net/i2p/router/RouterContext.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/router/java/src/net/i2p/router/RouterContext.java b/router/java/src/net/i2p/router/RouterContext.java index 782bc8a87..719224058 100644 --- a/router/java/src/net/i2p/router/RouterContext.java +++ b/router/java/src/net/i2p/router/RouterContext.java @@ -87,7 +87,7 @@ public class RouterContext extends I2PAppContext { return envProps; } private void initAll() { - _adminManager = new AdminManager(this); + //_adminManager = new AdminManager(this); if ("false".equals(getProperty("i2p.dummyClientFacade", "false"))) _clientManagerFacade = new ClientManagerFacadeImpl(this); else From 117d3a5614e65ecf26544363facba8068f4928e1 Mon Sep 17 00:00:00 2001 From: zzz Date: Mon, 11 May 2009 16:35:30 +0000 Subject: [PATCH 3/4] * NetDb: Don't accept stores of our own LeaseSets or RouterInfo --- .../kademlia/FloodfillVerifyStoreJob.java | 10 ++----- ...andleFloodfillDatabaseStoreMessageJob.java | 27 +++++++++++++++++++ 2 files changed, 29 insertions(+), 8 deletions(-) diff --git a/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillVerifyStoreJob.java b/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillVerifyStoreJob.java index 0e5829b24..d541f781f 100644 --- a/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillVerifyStoreJob.java +++ b/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillVerifyStoreJob.java @@ -100,16 +100,10 @@ public class FloodfillVerifyStoreJob extends JobImpl { public boolean isMatch(I2NPMessage message) { if (message instanceof DatabaseStoreMessage) { DatabaseStoreMessage dsm = (DatabaseStoreMessage)message; - if (_key.equals(dsm.getKey())) - return true; - else - return false; + return _key.equals(dsm.getKey()); } else if (message instanceof DatabaseSearchReplyMessage) { DatabaseSearchReplyMessage dsrm = (DatabaseSearchReplyMessage)message; - if (_key.equals(dsrm.getSearchKey())) - return true; - else - return false; + return _key.equals(dsrm.getSearchKey()); } return false; } diff --git a/router/java/src/net/i2p/router/networkdb/kademlia/HandleFloodfillDatabaseStoreMessageJob.java b/router/java/src/net/i2p/router/networkdb/kademlia/HandleFloodfillDatabaseStoreMessageJob.java index 505638ecb..2c3cdbe4e 100644 --- a/router/java/src/net/i2p/router/networkdb/kademlia/HandleFloodfillDatabaseStoreMessageJob.java +++ b/router/java/src/net/i2p/router/networkdb/kademlia/HandleFloodfillDatabaseStoreMessageJob.java @@ -41,6 +41,8 @@ public class HandleFloodfillDatabaseStoreMessageJob extends JobImpl { _log = ctx.logManager().getLog(getClass()); ctx.statManager().createRateStat("netDb.storeHandled", "How many netDb store messages have we handled?", "NetworkDatabase", new long[] { 5*60*1000l, 60*60*1000l, 24*60*60*1000l }); ctx.statManager().createRateStat("netDb.storeLeaseSetHandled", "How many leaseSet store messages have we handled?", "NetworkDatabase", new long[] { 5*60*1000l, 60*60*1000l, 24*60*60*1000l }); + //ctx.statManager().createRateStat("netDb.storeLocalLeaseSetAttempt", "Peer tries to store our leaseset (multihome?)", "NetworkDatabase", new long[] { 60*60*1000l }); + //ctx.statManager().createRateStat("netDb.storeLocalRouterInfoAttempt", "Peer tries to store our router info", "NetworkDatabase", new long[] { 60*60*1000l }); ctx.statManager().createRateStat("netDb.storeRouterInfoHandled", "How many routerInfo store messages have we handled?", "NetworkDatabase", new long[] { 5*60*1000l, 60*60*1000l, 24*60*60*1000l }); ctx.statManager().createRateStat("netDb.storeRecvTime", "How long it takes to handle the local store part of a dbStore?", "NetworkDatabase", new long[] { 60*1000l, 10*60*1000l }); ctx.statManager().createRateStat("netDb.storeFloodNew", "How long it takes to flood out a newly received entry?", "NetworkDatabase", new long[] { 60*1000l, 10*60*1000l }); @@ -64,6 +66,18 @@ public class HandleFloodfillDatabaseStoreMessageJob extends JobImpl { getContext().statManager().addRateData("netDb.storeLeaseSetHandled", 1, 0); try { + // Never store a leaseSet for a local dest received from somebody else. + // This generally happens from a FloodfillVerifyStoreJob. + // If it is valid, it shouldn't be newer than what we have - unless + // somebody has our keys... + // This could happen with multihoming - where it's really important to prevent + // storing the other guy's leaseset, it will confuse us badly. + if (getContext().clientManager().isLocal(_message.getKey())) { + //getContext().statManager().addRateData("netDb.storeLocalLeaseSetAttempt", 1, 0); + // throw rather than return, so that we send the ack below (prevent easy attack) + throw new IllegalArgumentException("Peer attempted to store local leaseSet: " + + _message.getKey().toBase64().substring(0, 4)); + } LeaseSet ls = _message.getLeaseSet(); // mark it as something we received, so we'll answer queries // for it. this flag does NOT get set on entries that we @@ -86,6 +100,15 @@ public class HandleFloodfillDatabaseStoreMessageJob extends JobImpl { _log.info("Handling dbStore of router " + key + " with publishDate of " + new Date(_message.getRouterInfo().getPublished())); try { + // Never store our RouterInfo received from somebody else. + // This generally happens from a FloodfillVerifyStoreJob. + // If it is valid, it shouldn't be newer than what we have - unless + // somebody has our keys... + if (getContext().routerHash().equals(key)) { + //getContext().statManager().addRateData("netDb.storeLocalRouterInfoAttempt", 1, 0); + // throw rather than return, so that we send the ack below (prevent easy attack) + throw new IllegalArgumentException("Peer attempted to store our RouterInfo"); + } prevNetDb = getContext().netDb().store(key, _message.getRouterInfo()); wasNew = ((null == prevNetDb) || (prevNetDb.getPublished() < _message.getRouterInfo().getPublished())); // Check new routerinfo address against blocklist @@ -146,9 +169,13 @@ public class HandleFloodfillDatabaseStoreMessageJob extends JobImpl { } } else { + // Should we record in the profile? if (_log.shouldLog(Log.WARN)) _log.warn("Peer " + _fromHash.toBase64() + " sent bad data: " + invalidMessage); } + } else if (invalidMessage != null) { + if (_log.shouldLog(Log.WARN)) + _log.warn("Unknown peer sent bad data: " + invalidMessage); } } From a8c97053c7729886c53a79662cde3955ec1989f7 Mon Sep 17 00:00:00 2001 From: zzz Date: Mon, 11 May 2009 16:41:37 +0000 Subject: [PATCH 4/4] * logs.jsp: Put critical log at the top --- apps/routerconsole/jsp/logs.jsp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/apps/routerconsole/jsp/logs.jsp b/apps/routerconsole/jsp/logs.jsp index dbaca0403..374a2ed8b 100644 --- a/apps/routerconsole/jsp/logs.jsp +++ b/apps/routerconsole/jsp/logs.jsp @@ -23,12 +23,12 @@ jbigi <%=net.i2p.util.NativeBigInteger.loadStatus()%>
" /> -

Router logs:

- -

Critical logs:

+

Router logs:

+ +

Service (Wrapper) logs: