I2P_Developers/i2p.itoopie
3
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

standardized the spoof prevention:

Browse Source 
- set the nonce and noncePrev for the handler when rendering the form
- include the current nonce in the hidden parameter "nonce"
- include an "action" parameter (so we know we want to execute something and hence, validate the nonce, rather than just display the page)
- if the nonce submitted doesnt match what is set in the nonce or noncePrev when validating, its invalid.  refuse to process
This commit is contained in:
jrandom
2004-08-23 17:11:38 +00:00
committed by zzz
parent 9f7320fa67
commit bce5b44275
6 changed files with 65 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
apps/routerconsole/java/src/net/i2p/router/web/ConfigServiceHandler.java
View File

@ -8,26 +8,11 @@ import net.i2p.router.ClientTunnelSettings;
*
*/
public class ConfigServiceHandler extends FormHandler {
private String _action;
private String _nonce;
public void ConfigNetHandler() {
_action = null;
_nonce = null;
}
public void ConfigNetHandler() {}
protected void processForm() {
if (_action == null) return;
if (_nonce == null) {
addFormError("You trying to mess with me? Huh? Are you?");
return;
}
String nonce = System.getProperty(ConfigServiceHandler.class.getName() + ".nonce");
String noncePrev = System.getProperty(ConfigServiceHandler.class.getName() + ".noncePrev");
if ( (!_nonce.equals(nonce)) && (!_nonce.equals(noncePrev)) ) {
addFormError("Invalid nonce? Hmmm, someone is spoofing you. prev=["+ noncePrev + "] nonce=[" + nonce + "] param=[" + _nonce + "]");
return;
}
if ("Shutdown gracefully".equals(_action)) {
_context.router().shutdownGracefully();
addFormNotice("Graceful shutdown initiated");
@ -41,6 +26,4 @@ public class ConfigServiceHandler extends FormHandler {
addFormNotice("Blah blah blah. whatever. I'm not going to " + _action);
}
}
public void setAction(String action) { _action = action; }
public void setNonce(String nonce) { _nonce = nonce; }
}

43
apps/routerconsole/java/src/net/i2p/router/web/FormHandler.java
View File

@ -19,14 +19,20 @@ import net.i2p.router.ClientTunnelSettings;
*/
public class FormHandler {
protected RouterContext _context;
private String _nonce;
protected String _action;
private List _errors;
private List _notices;
private boolean _processed;
private boolean _valid;
public FormHandler() {
_errors = new ArrayList();
_notices = new ArrayList();
_action = null;
_processed = false;
_valid = true;
_nonce = null;
}
/**
@ -43,6 +49,9 @@ public class FormHandler {
}
}
public void setNonce(String val) { _nonce = val; }
public void setAction(String val) { _action = val; }
/**
* Override this to perform the final processing (in turn, adding formNotice
* and formError messages, etc)
@ -72,6 +81,7 @@ public class FormHandler {
*
*/
public String getErrors() {
validate();
return render(_errors);
}
@ -81,12 +91,43 @@ public class FormHandler {
*
*/
public String getNotices() {
validate();
return render(_notices);
}
/**
* Make sure the nonce was set correctly, otherwise someone could just
* create a link like /confignet.jsp?hostname=localhost and break the
* user's node (or worse).
*
*/
private void validate() {
if (_processed) return;
_valid = true;
if (_action == null) {
// not a form submit
_valid = false;
return;
}
if (_nonce == null) {
addFormError("You trying to mess with me? Huh? Are you?");
_valid = false;
return;
}
String nonce = System.getProperty(getClass().getName() + ".nonce");
String noncePrev = System.getProperty(getClass().getName() + ".noncePrev");
if ( ( (nonce == null) || (!_nonce.equals(nonce)) ) &&
( (noncePrev == null) || (!_nonce.equals(noncePrev)) ) ) {
addFormError("Invalid nonce, are you being spoofed?");
_valid = false;
}
}
private String render(List source) {
if (!_processed) {
processForm();
if (_valid)
processForm();
_processed = true;
}
if (source.size() <= 0) {