echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Fix MD5 passwords after testing

Browse Source 
- Remove unused password fallback in FormHandler
This commit is contained in:
zzz
2012-10-13 15:41:57 +00:00
parent fc7f995bd2
commit 05740f7903
3 changed files with 14 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
apps/routerconsole/java/src/net/i2p/router/web/ConsolePasswordManager.java
View File

@ -28,11 +28,11 @@ public class ConsolePasswordManager extends RouterPasswordManager {
private static final String PROP_MIGRATED = "routerconsole.passwordManager.migrated"; private static final String PROP_MIGRATED = "routerconsole.passwordManager.migrated";
// migrate these to hash // migrate these to hash
private static final String PROP_CONSOLE_OLD = "consolePassword"; private static final String PROP_CONSOLE_OLD = "consolePassword";
public static final String PROP_CONSOLE_NEW = "routerconsole.auth";
private static final String CONSOLE_USER = "admin"; private static final String CONSOLE_USER = "admin";
public ConsolePasswordManager(RouterContext ctx) { public ConsolePasswordManager(RouterContext ctx) {
super(ctx); super(ctx);
migrateConsole();
} }
/** /**
@ -119,7 +119,8 @@ public class ConsolePasswordManager extends RouterPasswordManager {
} }
/** /**
* Migrate from plaintext to salt/hash * Migrate from plaintext to MD5 hash
* Ref: RFC 2617
* *
* @return success or nothing to migrate * @return success or nothing to migrate
*/ */
@ -130,9 +131,13 @@ public class ConsolePasswordManager extends RouterPasswordManager {
// consolePassword // consolePassword
String pw = _context.getProperty(PROP_CONSOLE_OLD); String pw = _context.getProperty(PROP_CONSOLE_OLD);
if (pw != null) { if (pw != null) {
if (pw.length() > 0) if (pw.length() > 0) {
saveMD5(PROP_CONSOLE_NEW, CONSOLE_USER, pw); pw = CONSOLE_USER + ':' + RouterConsoleRunner.JETTY_REALM + ':' + pw;
return _context.router().saveConfig(PROP_CONSOLE_OLD, null); saveMD5(RouterConsoleRunner.PROP_CONSOLE_PW, CONSOLE_USER, pw);
}
Map toAdd = Collections.singletonMap(PROP_MIGRATED, "true");
List toDel = Collections.singletonList(PROP_CONSOLE_OLD);
return _context.router().saveConfig(toAdd, toDel);
} }
return true; return true;
} }

8
apps/routerconsole/java/src/net/i2p/router/web/FormHandler.java
View File

@ -21,7 +21,6 @@ public class FormHandler {
private String _nonce; private String _nonce;
protected String _action; protected String _action;
protected String _method; protected String _method;
protected String _passphrase;
private final List<String> _errors; private final List<String> _errors;
private final List<String> _notices; private final List<String> _notices;
private boolean _processed; private boolean _processed;
@ -52,7 +51,6 @@ public class FormHandler {
public void setNonce(String val) { _nonce = val; } public void setNonce(String val) { _nonce = val; }
public void setAction(String val) { _action = val; } public void setAction(String val) { _action = val; }
public void setPassphrase(String val) { _passphrase = val; }
/** /**
* Call this to prevent changes using GET * Call this to prevent changes using GET
@ -168,14 +166,8 @@ public class FormHandler {
String noncePrev = nonce + PREV_SUFFIX; String noncePrev = nonce + PREV_SUFFIX;
if ( ( (nonce == null) || (!_nonce.equals(nonce)) ) && if ( ( (nonce == null) || (!_nonce.equals(nonce)) ) &&
( (noncePrev == null) || (!_nonce.equals(noncePrev)) ) ) { ( (noncePrev == null) || (!_nonce.equals(noncePrev)) ) ) {
String expected = _context.getProperty("consolePassword");
if ( (expected != null) && (expected.trim().length() > 0) && (expected.equals(_passphrase)) ) {
// ok
} else {
addFormError(_("Invalid form submission, probably because you used the 'back' or 'reload' button on your browser. Please resubmit.")); addFormError(_("Invalid form submission, probably because you used the 'back' or 'reload' button on your browser. Please resubmit."));
_valid = false; _valid = false;
}
} }
} }

6
apps/routerconsole/java/src/net/i2p/router/web/RouterConsoleRunner.java
View File

@ -80,8 +80,9 @@ public class RouterConsoleRunner implements RouterApp {
// Jetty Auth // Jetty Auth
private static final DigestAuthenticator authenticator = new DigestAuthenticator(); private static final DigestAuthenticator authenticator = new DigestAuthenticator();
private static final String JETTY_REALM = "i2prouter"; public static final String JETTY_REALM = "i2prouter";
private static final String JETTY_ROLE = "routerAdmin"; private static final String JETTY_ROLE = "routerAdmin";
public static final String PROP_CONSOLE_PW = "routerconsole.auth." + JETTY_REALM;
public static final String ROUTERCONSOLE = "routerconsole"; public static final String ROUTERCONSOLE = "routerconsole";
public static final String PREFIX = "webapps."; public static final String PREFIX = "webapps.";
@ -706,8 +707,7 @@ public class RouterConsoleRunner implements RouterApp {
SecurityHandler sec = new SecurityHandler(); SecurityHandler sec = new SecurityHandler();
List<ConstraintMapping> constraints = new ArrayList(4); List<ConstraintMapping> constraints = new ArrayList(4);
ConsolePasswordManager mgr = new ConsolePasswordManager(ctx); ConsolePasswordManager mgr = new ConsolePasswordManager(ctx);
mgr.migrateConsole(); Map<String, String> userpw = mgr.getMD5(PROP_CONSOLE_PW);
Map<String, String> userpw = mgr.getMD5(PasswordManager.PROP_CONSOLE_NEW);
if (!userpw.isEmpty()) { if (!userpw.isEmpty()) {
HashUserRealm realm = new HashUserRealm(JETTY_REALM); HashUserRealm realm = new HashUserRealm(JETTY_REALM);
sec.setUserRealm(realm); sec.setUserRealm(realm);