forked from I2P_Developers/i2p.i2p
- Fix MD5 passwords after testing
- Remove unused password fallback in FormHandler
This commit is contained in:
@ -28,11 +28,11 @@ public class ConsolePasswordManager extends RouterPasswordManager {
|
||||
private static final String PROP_MIGRATED = "routerconsole.passwordManager.migrated";
|
||||
// migrate these to hash
|
||||
private static final String PROP_CONSOLE_OLD = "consolePassword";
|
||||
public static final String PROP_CONSOLE_NEW = "routerconsole.auth";
|
||||
private static final String CONSOLE_USER = "admin";
|
||||
|
||||
public ConsolePasswordManager(RouterContext ctx) {
|
||||
super(ctx);
|
||||
migrateConsole();
|
||||
}
|
||||
|
||||
/**
|
||||
@ -48,7 +48,7 @@ public class ConsolePasswordManager extends RouterPasswordManager {
|
||||
//checkCrypt(realm, user, pw) ||
|
||||
checkMD5(realm, user, pw);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* The username is the salt
|
||||
*
|
||||
@ -119,7 +119,8 @@ public class ConsolePasswordManager extends RouterPasswordManager {
|
||||
}
|
||||
|
||||
/**
|
||||
* Migrate from plaintext to salt/hash
|
||||
* Migrate from plaintext to MD5 hash
|
||||
* Ref: RFC 2617
|
||||
*
|
||||
* @return success or nothing to migrate
|
||||
*/
|
||||
@ -130,9 +131,13 @@ public class ConsolePasswordManager extends RouterPasswordManager {
|
||||
// consolePassword
|
||||
String pw = _context.getProperty(PROP_CONSOLE_OLD);
|
||||
if (pw != null) {
|
||||
if (pw.length() > 0)
|
||||
saveMD5(PROP_CONSOLE_NEW, CONSOLE_USER, pw);
|
||||
return _context.router().saveConfig(PROP_CONSOLE_OLD, null);
|
||||
if (pw.length() > 0) {
|
||||
pw = CONSOLE_USER + ':' + RouterConsoleRunner.JETTY_REALM + ':' + pw;
|
||||
saveMD5(RouterConsoleRunner.PROP_CONSOLE_PW, CONSOLE_USER, pw);
|
||||
}
|
||||
Map toAdd = Collections.singletonMap(PROP_MIGRATED, "true");
|
||||
List toDel = Collections.singletonList(PROP_CONSOLE_OLD);
|
||||
return _context.router().saveConfig(toAdd, toDel);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
@ -21,7 +21,6 @@ public class FormHandler {
|
||||
private String _nonce;
|
||||
protected String _action;
|
||||
protected String _method;
|
||||
protected String _passphrase;
|
||||
private final List<String> _errors;
|
||||
private final List<String> _notices;
|
||||
private boolean _processed;
|
||||
@ -52,7 +51,6 @@ public class FormHandler {
|
||||
|
||||
public void setNonce(String val) { _nonce = val; }
|
||||
public void setAction(String val) { _action = val; }
|
||||
public void setPassphrase(String val) { _passphrase = val; }
|
||||
|
||||
/**
|
||||
* Call this to prevent changes using GET
|
||||
@ -168,14 +166,8 @@ public class FormHandler {
|
||||
String noncePrev = nonce + PREV_SUFFIX;
|
||||
if ( ( (nonce == null) || (!_nonce.equals(nonce)) ) &&
|
||||
( (noncePrev == null) || (!_nonce.equals(noncePrev)) ) ) {
|
||||
|
||||
String expected = _context.getProperty("consolePassword");
|
||||
if ( (expected != null) && (expected.trim().length() > 0) && (expected.equals(_passphrase)) ) {
|
||||
// ok
|
||||
} else {
|
||||
addFormError(_("Invalid form submission, probably because you used the 'back' or 'reload' button on your browser. Please resubmit."));
|
||||
_valid = false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -80,8 +80,9 @@ public class RouterConsoleRunner implements RouterApp {
|
||||
|
||||
// Jetty Auth
|
||||
private static final DigestAuthenticator authenticator = new DigestAuthenticator();
|
||||
private static final String JETTY_REALM = "i2prouter";
|
||||
public static final String JETTY_REALM = "i2prouter";
|
||||
private static final String JETTY_ROLE = "routerAdmin";
|
||||
public static final String PROP_CONSOLE_PW = "routerconsole.auth." + JETTY_REALM;
|
||||
|
||||
public static final String ROUTERCONSOLE = "routerconsole";
|
||||
public static final String PREFIX = "webapps.";
|
||||
@ -706,8 +707,7 @@ public class RouterConsoleRunner implements RouterApp {
|
||||
SecurityHandler sec = new SecurityHandler();
|
||||
List<ConstraintMapping> constraints = new ArrayList(4);
|
||||
ConsolePasswordManager mgr = new ConsolePasswordManager(ctx);
|
||||
mgr.migrateConsole();
|
||||
Map<String, String> userpw = mgr.getMD5(PasswordManager.PROP_CONSOLE_NEW);
|
||||
Map<String, String> userpw = mgr.getMD5(PROP_CONSOLE_PW);
|
||||
if (!userpw.isEmpty()) {
|
||||
HashUserRealm realm = new HashUserRealm(JETTY_REALM);
|
||||
sec.setUserRealm(realm);
|
||||
|
Reference in New Issue
Block a user