From fbf6282c1aac0e1ef9f3ac7f9a88519f1e1d13d9 Mon Sep 17 00:00:00 2001
From: zzz <zzz>
Date: Fri, 4 Jan 2008 02:37:24 +0000
Subject: [PATCH] 2008-01-03 zzz     * addressbook: Do basic validation of
 hostnames and destkeys     * susidns: Add support for the private
 addressbook,       update the text and links somewhat

---
 apps/addressbook/config.txt                   |  5 ++++
 .../java/src/addressbook/AddressBook.java     | 23 +++++++++++++++-
 .../src/i2p/susi/dns/AddressbookBean.java     | 22 +++++++++++++---
 .../java/src/i2p/susi/dns/VersionBean.java    |  4 +--
 apps/susidns/src/jsp/addressbook.jsp          | 17 +++++++-----
 apps/susidns/src/jsp/config.jsp               | 26 ++++++++++---------
 apps/susidns/src/jsp/index.jsp                | 19 +++++++++-----
 apps/susidns/src/jsp/subscriptions.jsp        | 10 ++++---
 history.txt                                   |  7 ++++-
 .../src/net/i2p/router/RouterVersion.java     |  4 +--
 10 files changed, 97 insertions(+), 40 deletions(-)

diff --git a/apps/addressbook/config.txt b/apps/addressbook/config.txt
index 53e03127e..49a4212f4 100644
--- a/apps/addressbook/config.txt
+++ b/apps/addressbook/config.txt
@@ -17,6 +17,10 @@
 #                            Contains the addresses from your master address book
 #                            and your subscribed address books. (../userhosts.txt)
 #
+# private_addressbook        The path to the private address book used by the router.  
+#                            This is used only by the router and SusiDNS.
+#                            It is not published by addressbook. (../privatehosts.txt)
+#
 # published_addressbook      The path to the copy of your address book made 
 #                            available on i2p. (../eepsite/docroot/hosts.txt)
 #
@@ -35,6 +39,7 @@ proxy_host=localhost
 proxy_port=4444
 master_addressbook=myhosts.txt
 router_addressbook=../userhosts.txt
+private_addressbook=../privatehosts.txt
 published_addressbook=../eepsite/docroot/hosts.txt
 log=log.txt
 subscriptions=subscriptions.txt
diff --git a/apps/addressbook/java/src/addressbook/AddressBook.java b/apps/addressbook/java/src/addressbook/AddressBook.java
index 6184111d4..94049f2da 100644
--- a/apps/addressbook/java/src/addressbook/AddressBook.java
+++ b/apps/addressbook/java/src/addressbook/AddressBook.java
@@ -152,6 +152,27 @@ public class AddressBook {
         return this.addresses.toString();
     }
 
+    /**
+     * Do basic validation of the hostname and dest
+     * hostname was already converted to lower case by ConfigParser.parse()
+     */
+    private static boolean valid(String host, String dest) {
+	return
+		host.endsWith(".i2p") &&
+		host.length() > 4 &&
+		host.length() <= 67 &&          // 63 + ".i2p"
+                (! host.startsWith(".")) &&
+                (! host.startsWith("-")) &&
+                (! host.endsWith("-.i2p")) &&
+		host.indexOf("..") < 0 &&
+                host.replaceAll("[a-z0-9.-]", "").length() == 0 &&
+
+		dest.length() == 516 &&
+                dest.endsWith("AAAA") &&
+                dest.replaceAll("[a-zA-Z0-9~-]", "").length() == 0
+                ;	
+    }
+
     /**
      * Merge this AddressBook with AddressBook other, writing messages about new
      * addresses or conflicts to log. Addresses in AddressBook other that are
@@ -170,7 +191,7 @@ public class AddressBook {
             String otherKey = (String) otherIter.next();
             String otherValue = (String) other.addresses.get(otherKey);
 
-            if (otherKey.endsWith(".i2p") && otherValue.length() == 516) {
+            if (valid(otherKey, otherValue)) {
                 if (this.addresses.containsKey(otherKey) && !overwrite) {
                     if (!this.addresses.get(otherKey).equals(otherValue)
                             && log != null) {
diff --git a/apps/susidns/src/java/src/i2p/susi/dns/AddressbookBean.java b/apps/susidns/src/java/src/i2p/susi/dns/AddressbookBean.java
index 0636c5c63..8cdca45c6 100644
--- a/apps/susidns/src/java/src/i2p/susi/dns/AddressbookBean.java
+++ b/apps/susidns/src/java/src/i2p/susi/dns/AddressbookBean.java
@@ -19,7 +19,7 @@
  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  *  
- * $Revision: 1.1 $
+ * $Revision: 1.2 $
  */
 
 package i2p.susi.dns;
@@ -76,6 +76,8 @@ public class AddressbookBean
 		deletionMarks = new LinkedList();
 	}
 	private long configLastLoaded = 0;
+	private static final String PRIVATE_BOOK = "private_addressbook";
+	private static final String DEFAULT_PRIVATE_BOOK = "../privatehosts.txt";
 	private void loadConfig()
 	{
 		long currentTime = System.currentTimeMillis();
@@ -86,6 +88,9 @@ public class AddressbookBean
 		try {
 			properties.clear();
 			properties.load( new FileInputStream( ConfigBean.configFileName ) );
+			// added in 0.5, for compatibility with 0.4 config.txt
+			if( properties.getProperty(PRIVATE_BOOK) == null)
+				properties.setProperty(PRIVATE_BOOK, DEFAULT_PRIVATE_BOOK);
 			configLastLoaded = currentTime;
 		}
 		catch (Exception e) {
@@ -112,8 +117,9 @@ public class AddressbookBean
 	public String getBook()
 	{
 		if( book == null || ( book.compareToIgnoreCase( "master" ) != 0 &&
-				book.compareToIgnoreCase( "router" ) != 0 ) &&
-				book.compareToIgnoreCase( "published" ) != 0 )
+				book.compareToIgnoreCase( "router" ) != 0 &&
+				book.compareToIgnoreCase( "private" ) != 0 &&
+				book.compareToIgnoreCase( "published" ) != 0  ))
 			book = "master";
 		
 		return book;
@@ -163,7 +169,11 @@ public class AddressbookBean
 				list.addLast( new AddressBean( name, destination ) );
 			}
 			// Format a message about filtered addressbook size, and the number of displayed entries
-			message = "Filtered list contains " + list.size() + " entries";
+			if( filter != null && filter.length() > 0 )
+				message = "Filtered l";
+			else
+				message = "L";
+			message += "ist contains " + list.size() + " entries";
 			if (list.size() > 300) message += ", displaying the first 300."; else message += ".";
 
 			Object array[] = list.toArray();
@@ -251,6 +261,10 @@ public class AddressbookBean
 	{
 		return getBook().compareToIgnoreCase( "published" ) == 0;
 	}
+	public boolean isPrivate()
+	{
+		return getBook().compareToIgnoreCase( "private" ) == 0;
+	}
 	public void setFilter(String filter) {
 		if( filter != null && ( filter.length() == 0 || filter.compareToIgnoreCase( "none" ) == 0 ) ) {
 			filter = null;
diff --git a/apps/susidns/src/java/src/i2p/susi/dns/VersionBean.java b/apps/susidns/src/java/src/i2p/susi/dns/VersionBean.java
index 3e7a572e7..ffc701046 100644
--- a/apps/susidns/src/java/src/i2p/susi/dns/VersionBean.java
+++ b/apps/susidns/src/java/src/i2p/susi/dns/VersionBean.java
@@ -19,14 +19,14 @@
  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  *  
- * $Revision: 1.4 $
+ * $Revision: 1.1 $
  */
 
 package i2p.susi.dns;
 
 public class VersionBean {
 	
-	private static String version = "0.4";
+	private static String version = "0.5";
 	private static String url = "http://susi.i2p/?i2paddresshelper=T2DU1KAz3meB0B53U8Y06-I7vHR7XmC0qXAJfLW6b-1L1FVKoySRZz4xazHAwyv2xtRpvKrv6ukLm1tThEW0zQWtZPtX8G6KkzMibD8t7IS~4yw-9VkBtUydyYfsX08AK3v~-egSW8HCXTdyIJVtrETJb337VDUHW-7D4L1JLbwSH4if2ooks6yFTrljK5aVMi-16dZOVvmoyJc3jBqSdK6kraO4gW5-vHTmbLwL498p9nug1KOg1DqgN2GeU5X1QlVrlpFb~IIfdP~O8NT7u-LAjW3jSJsMbLDHMSYTIhC7xmJIiBoi-qk8p6TLynAmvJ7HRvbx4N1EB-uJHyD16wsZkkHyEOfmXbj0ZqLyKEGb3thPwCz-M9v~c2Qt3WbwjXJAtHpjlHkdJ4Fg91cX2oak~JoapnPf6Syw8hko5syf6VVoCYLnrrYyM8oGl8mLclHkj~VCidQNqMSM74IhrHfK6HmRikqtZBexb5M6wfMTTqBvaHURdD21GOpFKYBUAAAA";
 	
 	public String getVersion() {
diff --git a/apps/susidns/src/jsp/addressbook.jsp b/apps/susidns/src/jsp/addressbook.jsp
index eec222aee..1e78118b9 100644
--- a/apps/susidns/src/jsp/addressbook.jsp
+++ b/apps/susidns/src/jsp/addressbook.jsp
@@ -20,7 +20,7 @@
  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  *  
- * $Revision: 1.2 $
+ * $Revision: 1.3 $
  */
 %>
 <%@ page contentType="text/html"%>
@@ -48,9 +48,11 @@
 <p>addressbooks
 <a href="addressbook.jsp?book=master">master</a> |
 <a href="addressbook.jsp?book=router">router</a> |
-<a href="addressbook.jsp?book=published">published</a> *
+<a href="addressbook.jsp?book=published">published</a> |
+<a href="addressbook.jsp?book=private">private</a> *
 <a href="subscriptions.jsp">subscriptions</a> *
-<a href="config.jsp">configuration</a>
+<a href="config.jsp">configuration</a> *
+<a href="index.jsp">overview</a>
 </p>
 </div>
 
@@ -92,7 +94,8 @@
 <a href="addressbook.jsp?filter=0-9">0-9</a>
 <a href="addressbook.jsp?filter=none">all</a></p>
 <c:if test="${book.hasFilter}">
-<p>Current filter: ${book.filter}</p>
+<p>Current filter: ${book.filter}
+(<a href="addressbook.jsp?filter=none">clear filter</a>)</p>
 </c:if>
 </div>
 
@@ -117,7 +120,7 @@
 <table class="book" cellspacing="0" cellpadding="5">
 <tr class="head">
 
-<c:if test="${book.master || book.router || book.published}">
+<c:if test="${book.master || book.router || book.published || book.private}">
 <th>&nbsp;</th>
 </c:if>
 
@@ -127,7 +130,7 @@
 <!-- limit iterator to 300, or "Form too large" may result on submit -->
 <c:forEach items="${book.entries}" var="addr" begin="0" end="299">
 <tr class="list${book.trClass}">
-<c:if test="${book.master || book.router || book.published}">
+<c:if test="${book.master || book.router || book.published || book.private}">
 <td class="checkbox"><input type="checkbox" name="checked" value="${addr.name}" alt="Mark for deletion"></td>
 </c:if>
 <td class="names"><a href="http://${addr.name}/">${addr.name}</a> -
@@ -139,7 +142,7 @@
 </table>
 </div>
 
-<c:if test="${book.master || book.router || book.published}">
+<c:if test="${book.master || book.router || book.published || book.private}">
 <div id="buttons">
 <p class="buttons"><input type="image" name="action" value="delete" src="images/delete.png" alt="Delete checked" />
 </p>
diff --git a/apps/susidns/src/jsp/config.jsp b/apps/susidns/src/jsp/config.jsp
index 938f60009..6bb924073 100644
--- a/apps/susidns/src/jsp/config.jsp
+++ b/apps/susidns/src/jsp/config.jsp
@@ -20,7 +20,7 @@
  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  *  
- * $Revision: 1.14 $
+ * $Revision: 1.1 $
  */
 %>
 <%@ page contentType="text/html" %>
@@ -43,9 +43,11 @@
 addressbooks
 <a href="addressbook.jsp?book=master">master</a> |
 <a href="addressbook.jsp?book=router">router</a> |
-<a href="addressbook.jsp?book=published">published</a> *
+<a href="addressbook.jsp?book=published">published</a> |
+<a href="addressbook.jsp?book=private">private</a> *
 <a href="subscriptions.jsp">subscriptions</a> *
-<a href="config.jsp">configuration</a>
+configuration *
+<a href="index.jsp">overview</a>
 </p>
 </div>
 <div id="headline">
@@ -65,22 +67,22 @@ addressbooks
 <div id="help">
 <h3>Hints</h3>
 <ol>
-<li>All file or directory paths here are relative to the addressbooks working directory, which normally
+<li>All file or directory paths here are relative to the addressbook's working directory, which normally
 is located at $I2P/addressbook/.</li>
-<li>If you want to manually add lines to an addressbook, add them to the master addressbook. The router
+<li>If you want to manually add lines to an addressbook, add them to the private or master addressbooks. The router
 addressbook and the published addressbook are overwritten by the addressbook application.</li>
-<li><b>Important:</b>When you publish your addressbook, <b>ALL</b> destinations appear there, even those
-from your master addressbook. Unfortunately the master addressbook points to your userhosts.txt, which was
-used for private destinations before. So if you want to keep the destinations in your userhosts.txt secret,
-please change the master addressbook to a different file before turning on addressbook publishing.</li>
+<li><b>Important:</b>When you publish your addressbook, <b>ALL</b> destinations from the master and router addressbooks appear there.
+Use the private addressbook for private destinations, these are not published.
+</li>
 </ol>
 <h3>Options</h3>
 <ul>
 <li><b>subscriptions</b> - file containing the list of subscriptions URLs (no need to change)</li>
 <li><b>update_delay</b> - update interval in hours (no need to change)</li>
 <li><b>published_addressbook</b> - your public hosts.txt file (choose a path within your webserver document root)</li>
-<li><b>router_addressbook</b> - your hosts.txt (no need to change)</li>
-<li><b>master_addressbook</b> - your personal addressbook, it gets never overwritten by the addressbook</li>
+<li><b>router_addressbook</b> - your hosts.txt (don't change)</li>
+<li><b>master_addressbook</b> - your personal addressbook, it never gets overwritten by the addressbook (don't change)</li>
+<li><b>private_addressbook</b> - your private addressbook, it is never published (defaults to ../privatehosts.txt, don't change)</li>
 <li><b>proxy_port</b> - http port for your eepProxy (no need to change)</li>
 <li><b>proxy_host</b> - hostname for your eepProxy (no need to change)</li>
 <li><b>should_publish</b> - true/false whether to write the published addressbook</li>
@@ -93,4 +95,4 @@ please change the master addressbook to a different file before turning on addre
 <p class="footer">susidns v${version.version} &copy; <a href="${version.url}">susi</a> 2005 </p>
 </div>
 </body>
-</html>
\ No newline at end of file
+</html>
diff --git a/apps/susidns/src/jsp/index.jsp b/apps/susidns/src/jsp/index.jsp
index db3694b51..90ac4cabb 100644
--- a/apps/susidns/src/jsp/index.jsp
+++ b/apps/susidns/src/jsp/index.jsp
@@ -20,7 +20,7 @@
  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  *  
- * $Revision: 1.1 $
+ * $Revision: 1.2 $
  */
 %>
 <%@ page contentType="text/html"%>
@@ -42,9 +42,11 @@
 <p>addressbooks
 <a href="addressbook.jsp?book=master">master</a> |
 <a href="addressbook.jsp?book=router">router</a> |
-<a href="addressbook.jsp?book=published">published</a> *
+<a href="addressbook.jsp?book=published">published</a> |
+<a href="addressbook.jsp?book=private">private</a> *
 <a href="subscriptions.jsp">subscriptions</a> *
-<a href="config.jsp">configuration</a>
+<a href="config.jsp">configuration</a> *
+overview
 </p>
 </div>
 
@@ -64,10 +66,13 @@ just add them to your <a href="subscriptions.jsp">subscriptions</a> file.)
 from duck in the forum.</p>
 <h3>How does the addressbook work?</h3>
 <p>The addressbook application regularly (normally once per hour) polls your subscriptions and merges their content
-into your so called router addressbook (normally your plain hosts.txt). Then it merges your so called master addressbook (normally
-your userhosts.txt) into the router addressbook as well. If configured the router addressbook is now written to the so published addressbook, 
-which is a publicly available copy of your hosts.txt somewhere in your eepsites document root. (Yes, this means that, with activated publication,
-your once private keys from userhosts.txt now are publicly available for everybody.)
+into your so-called router addressbook (normally your plain hosts.txt). Then it merges your so-called master addressbook (normally
+your userhosts.txt) into the router addressbook as well. If configured, the router addressbook is now written to the published addressbook, 
+which is a publicly available copy of your hosts.txt somewhere in your eepsite's document root.
+</p><p>
+The router also uses a private addressbook (privatehosts.txt, not shown in the picture), which is not merged or published.
+Hosts in the private addressbook can be accessed by you but their addresses are never distributed to others.
+The private addressbook can also be used for aliases of hosts in your other addressbooks.
 </p>
 <p><img src="images/how.png" border="0" alt="addressbook working scheme"/></p>
 </div>
diff --git a/apps/susidns/src/jsp/subscriptions.jsp b/apps/susidns/src/jsp/subscriptions.jsp
index 76c3780a1..939ddb066 100644
--- a/apps/susidns/src/jsp/subscriptions.jsp
+++ b/apps/susidns/src/jsp/subscriptions.jsp
@@ -20,7 +20,7 @@
  *  along with this program; if not, write to the Free Software
  *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  *  
- * $Revision: 1.1 $
+ * $Revision: 1.2 $
  */
 %>
 <%@ page contentType="text/html"%>
@@ -42,9 +42,11 @@
 <p>addressbooks
 <a href="addressbook.jsp?book=master">master</a> |
 <a href="addressbook.jsp?book=router">router</a> |
-<a href="addressbook.jsp?book=published">published</a> *
-<a href="subscriptions.jsp">subscriptions</a> *
-<a href="config.jsp">configuration</a>
+<a href="addressbook.jsp?book=published">published</a> |
+<a href="addressbook.jsp?book=private">private</a> *
+subscriptions *
+<a href="config.jsp">configuration</a> *
+<a href="index.jsp">overview</a>
 </p>
 </div>
 <div id="headline">
diff --git a/history.txt b/history.txt
index e0bed3cf5..226710338 100644
--- a/history.txt
+++ b/history.txt
@@ -1,4 +1,9 @@
-$Id: history.txt,v 1.609 2007-12-29 22:45:12 zzz Exp $
+$Id: history.txt,v 1.610 2008-01-02 17:08:50 zzz Exp $
+
+2008-01-03 zzz
+    * addressbook: Do basic validation of hostnames and destkeys
+    * susidns: Add support for the private addressbook,
+      update the text and links somewhat
 
 2008-01-02 zzz
     * Add stats.i2p to the jump list
diff --git a/router/java/src/net/i2p/router/RouterVersion.java b/router/java/src/net/i2p/router/RouterVersion.java
index b6e2b9b59..5d6a84f45 100644
--- a/router/java/src/net/i2p/router/RouterVersion.java
+++ b/router/java/src/net/i2p/router/RouterVersion.java
@@ -15,9 +15,9 @@ import net.i2p.CoreVersion;
  *
  */
 public class RouterVersion {
-    public final static String ID = "$Revision: 1.544 $ $Date: 2007-12-29 22:45:09 $";
+    public final static String ID = "$Revision: 1.545 $ $Date: 2008-01-02 17:08:48 $";
     public final static String VERSION = "0.6.1.30";
-    public final static long BUILD = 16;
+    public final static long BUILD = 17;
     public static void main(String args[]) {
         System.out.println("I2P Router version: " + VERSION + "-" + BUILD);
         System.out.println("Router ID: " + RouterVersion.ID);