diff --git a/apps/routerconsole/java/src/net/i2p/router/web/ConfigServiceHandler.java b/apps/routerconsole/java/src/net/i2p/router/web/ConfigServiceHandler.java
index 60ea04742..7d23aafa0 100644
--- a/apps/routerconsole/java/src/net/i2p/router/web/ConfigServiceHandler.java
+++ b/apps/routerconsole/java/src/net/i2p/router/web/ConfigServiceHandler.java
@@ -8,26 +8,11 @@ import net.i2p.router.ClientTunnelSettings;
*
*/
public class ConfigServiceHandler extends FormHandler {
- private String _action;
- private String _nonce;
-
- public void ConfigNetHandler() {
- _action = null;
- _nonce = null;
- }
+ public void ConfigNetHandler() {}
protected void processForm() {
if (_action == null) return;
- if (_nonce == null) {
- addFormError("You trying to mess with me? Huh? Are you?");
- return;
- }
- String nonce = System.getProperty(ConfigServiceHandler.class.getName() + ".nonce");
- String noncePrev = System.getProperty(ConfigServiceHandler.class.getName() + ".noncePrev");
- if ( (!_nonce.equals(nonce)) && (!_nonce.equals(noncePrev)) ) {
- addFormError("Invalid nonce? Hmmm, someone is spoofing you. prev=["+ noncePrev + "] nonce=[" + nonce + "] param=[" + _nonce + "]");
- return;
- }
+
if ("Shutdown gracefully".equals(_action)) {
_context.router().shutdownGracefully();
addFormNotice("Graceful shutdown initiated");
@@ -41,6 +26,4 @@ public class ConfigServiceHandler extends FormHandler {
addFormNotice("Blah blah blah. whatever. I'm not going to " + _action);
}
}
- public void setAction(String action) { _action = action; }
- public void setNonce(String nonce) { _nonce = nonce; }
}
diff --git a/apps/routerconsole/java/src/net/i2p/router/web/FormHandler.java b/apps/routerconsole/java/src/net/i2p/router/web/FormHandler.java
index 73b12f4dd..02acc1b9c 100644
--- a/apps/routerconsole/java/src/net/i2p/router/web/FormHandler.java
+++ b/apps/routerconsole/java/src/net/i2p/router/web/FormHandler.java
@@ -19,14 +19,20 @@ import net.i2p.router.ClientTunnelSettings;
*/
public class FormHandler {
protected RouterContext _context;
+ private String _nonce;
+ protected String _action;
private List _errors;
private List _notices;
private boolean _processed;
+ private boolean _valid;
public FormHandler() {
_errors = new ArrayList();
_notices = new ArrayList();
+ _action = null;
_processed = false;
+ _valid = true;
+ _nonce = null;
}
/**
@@ -43,6 +49,9 @@ public class FormHandler {
}
}
+ public void setNonce(String val) { _nonce = val; }
+ public void setAction(String val) { _action = val; }
+
/**
* Override this to perform the final processing (in turn, adding formNotice
* and formError messages, etc)
@@ -72,6 +81,7 @@ public class FormHandler {
*
*/
public String getErrors() {
+ validate();
return render(_errors);
}
@@ -81,12 +91,43 @@ public class FormHandler {
*
*/
public String getNotices() {
+ validate();
return render(_notices);
}
+ /**
+ * Make sure the nonce was set correctly, otherwise someone could just
+ * create a link like /confignet.jsp?hostname=localhost and break the
+ * user's node (or worse).
+ *
+ */
+ private void validate() {
+ if (_processed) return;
+
+ _valid = true;
+ if (_action == null) {
+ // not a form submit
+ _valid = false;
+ return;
+ }
+ if (_nonce == null) {
+ addFormError("You trying to mess with me? Huh? Are you?");
+ _valid = false;
+ return;
+ }
+ String nonce = System.getProperty(getClass().getName() + ".nonce");
+ String noncePrev = System.getProperty(getClass().getName() + ".noncePrev");
+ if ( ( (nonce == null) || (!_nonce.equals(nonce)) ) &&
+ ( (noncePrev == null) || (!_nonce.equals(noncePrev)) ) ) {
+ addFormError("Invalid nonce, are you being spoofed?");
+ _valid = false;
+ }
+ }
+
private String render(List source) {
if (!_processed) {
- processForm();
+ if (_valid)
+ processForm();
_processed = true;
}
if (source.size() <= 0) {
diff --git a/apps/routerconsole/jsp/config.jsp b/apps/routerconsole/jsp/config.jsp
index 7558e9ddc..55350b1a8 100644
--- a/apps/routerconsole/jsp/config.jsp
+++ b/apps/routerconsole/jsp/config.jsp
@@ -22,6 +22,12 @@