echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

I2CP, i2ptunnel: Check for expired offline signature client-side

Browse Source 
Better error message on the router side
This commit is contained in:
zzz
2020-06-06 18:44:49 +00:00
parent ac76d544b9
commit f1a277c4d7
3 changed files with 19 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelServer.java
View File

@ -43,6 +43,7 @@ import net.i2p.client.streaming.IncomingConnectionFilter;
import net.i2p.client.streaming.StatefulConnectionFilter;
import net.i2p.crypto.SigType;
import net.i2p.data.Base64;
import net.i2p.data.DataHelper;
import net.i2p.data.Hash;
import net.i2p.util.EventDispatcher;
import net.i2p.util.I2PAppThread;
@ -302,9 +303,15 @@ public class I2PTunnelServer extends I2PTunnelTask implements Runnable {
*/
private void connectManager() {
int retries = 0;
while (sockMgr.getSession().isClosed()) {
I2PSession session = sockMgr.getSession();
if (session.isOffline()) {
long exp = session.getOfflineExpiration();
if (exp < getTunnel().getContext().clock().now())
throw new IllegalArgumentException("Offline signature expired " + DataHelper.formatTime(exp));
}
while (session.isClosed()) {
try {
sockMgr.getSession().connect();
session.connect();
// Now connect the subsessions, if any
List<I2PSession> subs = sockMgr.getSubsessions();
if (!subs.isEmpty()) {

6
core/java/src/net/i2p/client/impl/I2CPMessageProducer.java
View File

@ -23,6 +23,7 @@ import net.i2p.client.I2PSessionException;
import net.i2p.client.SendMessageOptions;
import net.i2p.data.DatabaseEntry;
import net.i2p.data.DataFormatException;
import net.i2p.data.DataHelper;
import net.i2p.data.Destination;
import net.i2p.data.LeaseSet;
import net.i2p.data.Payload;
@ -148,7 +149,10 @@ class I2CPMessageProducer {
}
cfg.setOptions(p);
if (isOffline) {
cfg.setOfflineSignature(session.getOfflineExpiration(),
long exp = session.getOfflineExpiration();
if (exp < _context.clock().now())
throw new I2PSessionException("Offline signature expired " + DataHelper.formatTime(exp));
cfg.setOfflineSignature(exp,
session.getTransientSigningPublicKey(),
session.getOfflineSignature());
}

6
router/java/src/net/i2p/router/client/ClientMessageEventListener.java
View File

@ -250,8 +250,12 @@ class ClientMessageEventListener implements I2CPMessageReader.I2CPMessageEventLi
msg += DataHelper.formatDuration(0 - skew) + " in the future";
_log.error(msg);
_runner.disconnectClient(msg);
} else if (in.getOfflineSignature() != null && in.getOfflineExpiration() < _context.clock().now()) {
String msg = "Offline signature expired " + DataHelper.formatTime(in.getOfflineExpiration());
_log.error(msg);
_runner.disconnectClient(msg);
} else {
_log.error("Signature verification failed on a create session message");
_log.error("Signature verification failed on a create session message:\n" + in);
_runner.disconnectClient("Invalid signature on CreateSessionMessage");
}
return;