echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
10,417 Commits 1 Branch 167 Tags
60d9c1651a6bc054f15dbaa656cc25dd99cedfaf
Commit Graph

10417 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
zzz
b28eb708a4 * Console: 
- Fix update buttons
   - Don't filter parameter names starting with "nofilter_"
   - Re-allow configadvanced, news URL, and unsigned update URL if routerconsole.advanced=true
   - Re-allow plugin install if routerconsole.advanced=true or routerconsole.enablePluginInstall=true
   - Only allow whitelisted plugin signers, unless routerconsole.allowUntrustedPlugins=true
   - Re-allow clients.config changes if routerconsole.advanced=true or routerconsole.enableClientChange=true
   - More escaping
 * i2psnark: Fix add torrent form
 2014-08-03 13:58:51 +00:00
echelon2
bf9c4b2346 new su3 cert as pwd for old lost, old one not in use till yet 2014-07-31 19:11:48 +00:00
zzz
d33aa097fe bump 2014-07-31 14:56:04 +00:00
zzz
8673c232b6 Whitelist of known plugin public keys 
Compiled by kytv from plugins.i2p
todo: implementation
 2014-07-31 14:51:02 +00:00
zzz
d3ea5d2122 drop ExecNamingService, moving to i2p.scripts 2014-07-31 14:44:52 +00:00
zzz
370d2555c7 Notes and logging re: compiling with Java 8 2014-07-31 14:42:51 +00:00
zzz
5332cee3e8 update credit as requested 2014-07-27 11:02:59 +00:00
zzz
1246e1c498 0.9.14 i2p-0.9.14 2014-07-26 20:32:26 +00:00
zzz
d6b0b1b93c refresh tweaks 
another escape html
 2014-07-26 20:14:01 +00:00
zzz
1e0c970c95 remove add client button 2014-07-26 19:31:36 +00:00
zzz
db9f49c7d4 updates after review: 
Disable clients.config editing in UI
Strip single quotes too
Fix double-escaping in susimail folder page
 2014-07-26 18:58:58 +00:00
zzz
1603353ae8 Susimail escaping from psi plus some more 2014-07-26 16:50:58 +00:00
zzz
6753d23309 Add filtering for getParameterMap() 
Don't return null entries in getParameterValues() array
Log in getParameterValues() too
static
 2014-07-26 15:09:40 +00:00
zzz
ca5755b0fd javadoc move new classes 2014-07-26 13:51:48 +00:00
zzz
2c8223274d filter pattern tweaks 2014-07-26 13:43:52 +00:00
zzz
f0dd09cf9c filter logging 2014-07-26 12:18:35 +00:00
zzz
4746d9eb80 Fix CSP to allow inline style and refresh 
Add filter to all webapps
 2014-07-26 11:01:16 +00:00
zzz
99401c5639 fix link 2014-07-26 10:51:42 +00:00
zzz
58578d9020 Console: 
XSSFilter patch from str4d:
  XSSFilter and XSSRequestWrapper were from http://ricardozuasti.com/2012/stronger-anti-cross-site-scripting-xss-filter-for-java-web-apps/
  No provided license, but it is clearly intended for public consumption.
  But most of it is boilerplate provided by the Servlet Filter system.
  In fact, now that I have stripped out his JS-specific patterns and replaced it with the whitelist,
  it is effectively identical to what I would have written from scratch.
 2014-07-26 09:39:31 +00:00
zzz
af575d6c95 * Console: 
- Fix several XSS issues (thx Aaron Portnoy of Exodus Intel)
  - Add Content-Security-Policy and X-XSS-Protection headers
  - Disable changing news feed URL from UI
  - Disable plugin install from UI
  - Disable setting unsigned update URL from UI
  - Disable /configadvanced
* DataHelper: Disallow \r in storeProps() (thx joernchen of Phenoelit)
* ExecNamingService: Disable (thx joernchen of Phenoelit)
* Startup: Add susimail.config to migrated files
 2014-07-26 09:32:26 +00:00
str4d
e9c8748c0b Updated Eclipse settings 2014-07-26 02:48:49 +00:00
kytv
08409d016b translation updates from Transifex 2014-07-23 13:55:58 +00:00
kytv
42bfbfc60b geoip database updates 2014-07-23 13:54:36 +00:00
kytv
c7c087d964 fix poupdate target 2014-07-23 13:49:09 +00:00
zzz
89764c12e7 bob finals, synch 2014-07-23 13:12:32 +00:00
meeh
bd45d5483f Added new reseed host, thanks to Backup. 
Notes: Only HTTPS and SU3 (v2) support.
 2014-07-22 17:56:50 +00:00
zzz
328d7d0008 SAM: 
- Don't spawn a thread for each transmitted datagram
 - Set protocol field for raw and signed datagrams
 - Enforce a 60s timeout for HELLO
 - Use naming service cache to reduce Destination object churn
 - Get Log object from the log manager
 - Log spelling fixes
 2014-07-22 14:52:08 +00:00
zzz
cca5bef8c1 propagate from branch 'i2p.i2p' (head 79d0ad4538a0adc4ced6ac26cb725abe3d5ccee3) 
to branch 'i2p.i2p.zzz.test2' (head 73032545b42f6f9caffffca08d0a8b97f5cf7e3a)
 2014-07-22 14:38:28 +00:00
zzz
ce4874d825 better logging of reseed su3 errors 2014-07-21 20:05:05 +00:00
meeh
9b408b67ef Adding Matt's SU3 reseed key. 2014-07-21 18:07:02 +00:00
zzz
c3bf100082 readme_fr.html thx hummingbird 2014-07-21 13:24:13 +00:00
zzz
b282ccd890 increment error count on exception 2014-07-21 13:23:14 +00:00
meeh
f38b741813 Adding sindu's reseed key. ( i2p-netdb.innovatio.no ) 2014-07-21 01:47:37 +00:00
str4d
3a899d52d1 Don't grab the ClientApp if we don't need to 2014-07-19 23:55:43 +00:00
zzz
a2567b0ee2 * SusiMail: Better error message on decode fail 
http://forum.i2p/viewtopic.php?t=11469
 2014-07-19 16:31:59 +00:00
zzz
4b0019c732 * SAM: Add support for RAW on the bridge socket in v3 (ticket #1334) 
log fixes
 2014-07-19 15:43:51 +00:00
zzz
5d21738410 * i2psnark: Don't prefer leeches during end game, to 
prevent slowdowns or stalls
 2014-07-19 12:48:16 +00:00
zzz
df81006b42 javadoc 2014-07-19 12:40:23 +00:00
zzz
2c7006e9bd Streaming; Disable fail-fast for now. It's failing on leaseset lookup 
far too often. Need to fix that first.
 2014-07-19 12:39:37 +00:00
kytv
b1caa8d5a3 fix URL in initialNews: It's i2p-projekt not i2p-project 
(thanks to SeekingFor for the heads-up)
 2014-07-15 23:46:08 +00:00
zzz
8b2ffada10 - fix test 
- final
- last week's history
 2014-07-15 14:30:19 +00:00
str4d
0998738e94 Updated history 2014-07-15 12:59:56 +00:00
str4d
c04062bbdf Forgot to update @since 2014-07-15 12:58:58 +00:00
str4d
0c7a3a3a39 Stubs for I2CP connections over Unix domain sockets 2014-07-15 12:54:22 +00:00
zzz
f364a83f4f mtn.i2p-projekt.i2p 2014-07-14 20:40:36 +00:00
zzz
9dabc75866 * SU3File: Disable the X.509 CN checking of local certs on Android, 
as the javax.naming classes are not available.
   Any issues with local certs will be discovered in non-Android testing.
 2014-07-13 13:29:55 +00:00
zzz
2c185ea76c * Datagrams: 
- Redefine the repliable datagram signature for non-DSA_SHA1 sig types;
    was the sig of the SHA-256 of the payload, now the sig of the payload itself.
    This is an incompatible change but nobody is yet using the new
    sig types for datagram applications.
  - Don't pollute the hash cache with hashes of payloads
  - Check for too-big datagrams
  - Remove assertion check
  - Cleanups
 2014-07-11 19:31:44 +00:00
zzz
39e859c368 javadoc 2014-07-11 19:29:44 +00:00
str4d
2cfe5e678a propagate from branch 'i2p.i2p' (head e02e6d733a703970e20e732e5156cbabc394e88e) 
to branch 'i2p.i2p.str4d.eddsa' (head 3910d01bed7c5a216f52bfd1d9fd96b59f058745)
 2014-07-10 09:29:34 +00:00
zzz
d48991f71f Crypto: Move TransientSessionKeyManager from core to router. 
I2PAppContext will return the dummy SessionKeyManager which
is sufficient for non-tag uses (e.g. Bote).
Client use of end-to-end encryption using SessionTags was
disabled in release 0.6, 2005-07-27.
 2014-07-09 13:52:26 +00:00