I2P_Developers/i2p.itoopie
3
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

2005-11-26 Raccoon23

Browse Source 
* Added support for 'dynamic keys' mode, where the router creates a new
      router identity whenever it detects a substantial change in its public
      address (read: SSU IP or port).  This only offers minimal additional
      protection against trivial attackers, but should provide functional
      improvement for people who have periodic IP changes, since their new
      router address would not be shitlisted while their old one would be.
    * Added further infrastructure for restricted route operation, but its use
      is not recommended.
This commit is contained in:
jrandom
2005-11-26 09:16:11 +00:00
committed by zzz
parent ef82cc4f20
commit 9089fdd2d5
23 changed files with 319 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
apps/routerconsole/java/src/net/i2p/router/web/ConfigNetHandler.java
View File

@ -17,6 +17,10 @@ import java.util.Set;
import net.i2p.time.Timestamper;
import net.i2p.router.transport.udp.UDPTransport;
import net.i2p.router.Router;
import net.i2p.data.RouterInfo;
import net.i2p.router.web.ConfigServiceHandler.UpdateWrapperManagerTask;
import net.i2p.router.web.ConfigServiceHandler.UpdateWrapperManagerAndRekeyTask;
/**
* Handler to deal with form submissions from the main config form and act
@ -31,6 +35,8 @@ public class ConfigNetHandler extends FormHandler {
private boolean _recheckReachabilityRequested;
private boolean _timeSyncEnabled;
private boolean _requireIntroductions;
private boolean _hiddenMode;
private boolean _dynamicKeys;
private String _tcpPort;
private String _udpPort;
private String _inboundRate;
@ -62,6 +68,8 @@ public class ConfigNetHandler extends FormHandler {
public void setEnabletimesync(String moo) { _timeSyncEnabled = true; }
public void setRecheckReachability(String moo) { _recheckReachabilityRequested = true; }
public void setRequireIntroductions(String moo) { _requireIntroductions = true; }
public void setHiddenMode(String moo) { _hiddenMode = true; }
public void setDynamicKeys(String moo) { _dynamicKeys = true; }
public void setHostname(String hostname) {
_hostname = (hostname != null ? hostname.trim() : null);
@ -263,6 +271,28 @@ public class ConfigNetHandler extends FormHandler {
addFormNotice("Updating bandwidth share percentage");
}
}
// If hidden mode value changes, restart is required
if (_hiddenMode && "false".equalsIgnoreCase(_context.getProperty(Router.PROP_HIDDEN, "false"))) {
_context.router().setConfigSetting(Router.PROP_HIDDEN, "true");
_context.router().getRouterInfo().addCapability(RouterInfo.CAPABILITY_HIDDEN);
addFormNotice("Gracefully restarting into Hidden Router Mode. Make sure you have no 0-1 length "
+ "<a href=\"configtunnels.jsp\">tunnels!</a>");
hiddenSwitch();
}
if (!_hiddenMode && "true".equalsIgnoreCase(_context.getProperty(Router.PROP_HIDDEN, "false"))) {
_context.router().removeConfigSetting(Router.PROP_HIDDEN);
_context.router().getRouterInfo().delCapability(RouterInfo.CAPABILITY_HIDDEN);
addFormNotice("Gracefully restarting to exit Hidden Router Mode");
hiddenSwitch();
}
if (_dynamicKeys) {
_context.router().setConfigSetting(Router.PROP_DYNAMIC_KEYS, "true");
} else {
_context.router().removeConfigSetting(Router.PROP_DYNAMIC_KEYS);
}
if (_requireIntroductions) {
_context.router().setConfigSetting(UDPTransport.PROP_FORCE_INTRODUCERS, "true");
@ -290,6 +320,12 @@ public class ConfigNetHandler extends FormHandler {
addFormNotice("Soft restart complete");
}
}
private void hiddenSwitch() {
// Full restart required to generate new keys
_context.router().addShutdownTask(new UpdateWrapperManagerAndRekeyTask(Router.EXIT_GRACEFUL_RESTART));
_context.router().shutdownGracefully(Router.EXIT_GRACEFUL_RESTART);
}
private void updateRates() {
boolean updated = false;

17
apps/routerconsole/java/src/net/i2p/router/web/ConfigNetHelper.java
View File

@ -6,6 +6,7 @@ import net.i2p.router.CommSystemFacade;
import net.i2p.data.RouterAddress;
import net.i2p.router.transport.udp.UDPAddress;
import net.i2p.router.transport.udp.UDPTransport;
import net.i2p.router.Router;
public class ConfigNetHelper {
private RouterContext _context;
@ -63,6 +64,22 @@ public class ConfigNetHelper {
return " checked ";
}
public String getHiddenModeChecked() {
String enabled = _context.getProperty(Router.PROP_HIDDEN, "false");
if ( (enabled != null) && ("true".equalsIgnoreCase(enabled)) )
return " checked ";
else
return "";
}
public String getDynamicKeysChecked() {
String enabled = _context.getProperty(Router.PROP_DYNAMIC_KEYS, "false");
if ( (enabled != null) && ("true".equalsIgnoreCase(enabled)) )
return " checked ";
else
return "";
}
public String getRequireIntroductionsChecked() {
short status = _context.commSystem().getReachabilityStatus();
switch (status) {

25
apps/routerconsole/java/src/net/i2p/router/web/ConfigServiceHandler.java
View File

@ -33,6 +33,21 @@ public class ConfigServiceHandler extends FormHandler {
}
}
}
public static class UpdateWrapperManagerAndRekeyTask implements Runnable {
private int _exitCode;
public UpdateWrapperManagerAndRekeyTask(int exitCode) {
_exitCode = exitCode;
}
public void run() {
try {
Router.killKeys();
WrapperManager.signalStopped(_exitCode);
} catch (Throwable t) {
t.printStackTrace();
}
}
}
protected void processForm() {
if (_action == null) return;
@ -56,6 +71,14 @@ public class ConfigServiceHandler extends FormHandler {
_context.router().addShutdownTask(new UpdateWrapperManagerTask(Router.EXIT_HARD_RESTART));
_context.router().shutdown(Router.EXIT_HARD_RESTART);
addFormNotice("Hard restart requested");
} else if ("Rekey and Restart".equals(_action)) {
addFormNotice("Rekeying after graceful restart");
_context.router().addShutdownTask(new UpdateWrapperManagerAndRekeyTask(Router.EXIT_GRACEFUL_RESTART));
_context.router().shutdownGracefully(Router.EXIT_GRACEFUL_RESTART);
} else if ("Rekey and Shutdown".equals(_action)) {
addFormNotice("Rekeying after graceful shutdown");
_context.router().addShutdownTask(new UpdateWrapperManagerAndRekeyTask(Router.EXIT_GRACEFUL));
_context.router().shutdownGracefully(Router.EXIT_GRACEFUL);
} else if ("Run I2P on startup".equals(_action)) {
installService();
} else if ("Don't run I2P on startup".equals(_action)) {
@ -195,4 +218,4 @@ public class ConfigServiceHandler extends FormHandler {
addFormError("Error updating the client config");
}
}
}
}

17
apps/routerconsole/jsp/config.jsp
View File

@ -58,6 +58,23 @@
<jsp:getProperty name="nethelper" property="sharePercentageBox" /><br />
Sharing a higher percentage will improve your anonymity and help the network
<hr />
<b>Dynamic Router Keys: </b>
<input type="checkbox" name="dynamicKeys" value="true" <jsp:getProperty name="nethelper" property="dynamicKeysChecked" /> /><br />
<p>
This setting causes your router identity to be regenerated every time your IP address
changes. If you have a dynamic IP this option can speed up your reintegration into
the network (since people will have shitlisted your old router identity), and, for
very weak adversaries, help frustrate trivial
<a href="http://www.i2p.net/how_threatmodel#intersection">intersection
attacks</a> against the NetDB. Your different router identities would only be
'hidden' among other I2P users at your ISP, and further analysis would link
the router identities further.</p>
<p>Note that when I2P detects an IP address change, it will automatically
initiate a restart in order to rekey and to disconnect from peers before they
update their profiles - any long lasting client connections will be disconnected,
though such would likely already be the case anyway, since the IP address changed.
</p>
<hr />
<input type="submit" name="save" value="Save changes" /> <input type="reset" value="Cancel" /><br />
</form>
</div>