echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

News: Verify received CRL before saving

Browse Source
This commit is contained in:
zzz
2016-04-28 22:17:27 +00:00
parent 52c9bf6d80
commit d885e00c64
4 changed files with 15 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
apps/routerconsole/java/src/net/i2p/router/update/NewsFetcher.java
View File

@ -1,5 +1,6 @@
package net.i2p.router.update; package net.i2p.router.update;
import java.io.ByteArrayInputStream;
import java.io.BufferedWriter; import java.io.BufferedWriter;
import java.io.File; import java.io.File;
import java.io.FileInputStream; import java.io.FileInputStream;
@ -10,6 +11,7 @@ import java.io.OutputStreamWriter;
import java.io.Writer; import java.io.Writer;
import java.net.URI; import java.net.URI;
import java.net.URISyntaxException; import java.net.URISyntaxException;
import java.security.GeneralSecurityException;
import java.text.DateFormat; import java.text.DateFormat;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Collections; import java.util.Collections;
@ -21,6 +23,7 @@ import java.util.Map;
import java.util.StringTokenizer; import java.util.StringTokenizer;
import net.i2p.app.ClientAppManager; import net.i2p.app.ClientAppManager;
import net.i2p.crypto.CertUtil;
import net.i2p.crypto.SU3File; import net.i2p.crypto.SU3File;
import net.i2p.crypto.TrustedUpdate; import net.i2p.crypto.TrustedUpdate;
import net.i2p.data.Base64; import net.i2p.data.Base64;
@ -585,8 +588,13 @@ class NewsFetcher extends UpdateRunner {
continue; continue;
OutputStream out = null; OutputStream out = null;
try { try {
byte[] data = DataHelper.getUTF8(e.data);
// test for validity
CertUtil.loadCRL(new ByteArrayInputStream(data));
out = new SecureFileOutputStream(f); out = new SecureFileOutputStream(f);
out.write(DataHelper.getUTF8(e.data)); out.write(data);
} catch (GeneralSecurityException gse) {
_log.error("Bad CRL", gse);
} catch (IOException ioe) { } catch (IOException ioe) {
_log.error("Failed to write CRL", ioe); _log.error("Failed to write CRL", ioe);
} finally { } finally {

4
core/java/src/net/i2p/crypto/CertUtil.java
View File

@ -515,9 +515,9 @@ public final class CertUtil {
* Load a CRL. Does NOT Close the stream. * Load a CRL. Does NOT Close the stream.
* *
* @return non-null * @return non-null
* @since 0.9.25 * @since 0.9.25 public since 0.9.26
*/ */
private static X509CRL loadCRL(InputStream in) throws GeneralSecurityException { public static X509CRL loadCRL(InputStream in) throws GeneralSecurityException {
CertificateFactory cf = CertificateFactory.getInstance("X.509"); CertificateFactory cf = CertificateFactory.getInstance("X.509");
return (X509CRL) cf.generateCRL(in); return (X509CRL) cf.generateCRL(in);
} }

3
history.txt
View File

@ -1,3 +1,6 @@
2016-04-28 zzz
* News: Parse and store CRLs in news feed
2016-04-28 zzz 2016-04-28 zzz
Prop from i2p.i2p.zzz.gmp6-prop: Prop from i2p.i2p.zzz.gmp6-prop:
* CPUID: * CPUID:

2
router/java/src/net/i2p/router/RouterVersion.java
View File

@ -18,7 +18,7 @@ public class RouterVersion {
/** deprecated */ /** deprecated */
public final static String ID = "Monotone"; public final static String ID = "Monotone";
public final static String VERSION = CoreVersion.VERSION; public final static String VERSION = CoreVersion.VERSION;
public final static long BUILD = 6; public final static long BUILD = 7;
/** for example "-test" */ /** for example "-test" */
public final static String EXTRA = ""; public final static String EXTRA = "";