ed4fe56e7e
I2CP:
...
- Verify crypto key pair in LS
- Verfiy same dest as before in LS
Router: Don't try to use an unavailable sig type for the router,
even if it's the default
RouterInfo: Work around unsupported raw signatures for
RI Ed25519 sig type
2014-08-26 19:14:51 +00:00
2b9a368b18
propagate from branch 'i2p.i2p' (head 695c0048cc8ce28df0574a5e188c77c07c9b42ce)
...
to branch 'i2p.i2p.zzz.test2' (head c116da02ea4b4d01dd028bc58ea02b43ae9af8cd)
2014-08-25 12:05:15 +00:00
593779b54f
Router: Prep for RI sig types:
...
- New router.sigType config
- Generate / regenerate router keys based on config
- New router.keys2 file format for sig types and padding
- Fix RouterInfo.readBytes() signature verification with sig types
- Catch unset padding in KeysAndCert.writeBytes()
- Catch key errors in ReadRouterJob
- Show RI sig type on /netdb in console
- Move some things from Router to startup classes
- Startup classes package private
- Buffer readin of key files
- Remove configurability of router.info and router.keys file locations
2014-08-23 23:48:16 +00:00
34d3704680
sig type availability check
2014-08-23 15:09:24 +00:00
819504f08f
console escape fixes and cleanups
2014-08-23 13:44:56 +00:00
e65ec2a589
i2ptunnel escape fixes
2014-08-23 13:20:25 +00:00
1bc355b8fd
i2psnark escape fixes
2014-08-23 13:19:44 +00:00
5041d819a9
propagate from branch 'i2p.i2p' (head b026fe071e77884ef6d104635c793ef16357ec71)
...
to branch 'i2p.i2p.str4d.eddsa' (head 0d928736c4a34d8a337e1f55e095fe90564ea1fb)
2014-08-21 23:27:34 +00:00
02ab6eac62
javadoc
2014-08-21 17:38:35 +00:00
d7feab116f
Core: Move router data structures, and the deprecated RouterAddress sorter, from core to router.
...
This will break Android and the i2pcontrol plugin but shouldn't affect anything else.
2014-08-21 17:36:06 +00:00
975378b224
* i2ptunnel:
...
- Add local SSL support for std. and IRC client tunnels (ticket #1107 )
Keystore goes in ~/.i2p/keystore; pubkey cert goes in ~/.i2p/certificates/i2ptunnel
- Escape messages to index page
- Show message for uncaught exception
2014-08-21 12:21:29 +00:00
915e003355
* i2ptunnel: Use I2PAppThread
2014-08-21 11:58:09 +00:00
dee6e16e6c
* i2psnark:
...
- Escape control chars in encodePath()
- Increase max piece size to 8 MB (ticket #1347 )
2014-08-21 11:49:58 +00:00
c860674613
propagate from branch 'i2p.i2p' (head e8883e85a7761bbda9df59b3f6b57601cc01bb5a)
...
to branch 'i2p.i2p.str4d.eddsa' (head a1cc4ae4a17efaca2825dae64b2cc55aa520ca27)
2014-08-20 02:11:15 +00:00
33b7f08d5c
* i2psnark:
...
- Don't filter create torrent form, and
fix exception on ':' in file names (ticket #1342 )
- Don't remap file names on torrents we created, and
save remap setting in torrent config file (tickets #571 , 771)
- Escaping fixes since names may not be remapped
- Use better encodePath() from Jetty
- Don't say create torrent succeeded when it didn't
- Add more sanity checks for torrent creation
2014-08-19 20:34:46 +00:00
51995cc428
* i2psnark:
...
- Don't send HTML-only headers for icons
- Catch IllegalStateException for icons
2014-08-18 18:52:47 +00:00
a3e3a305ce
removed notification of port 8887
2014-08-17 14:54:50 +00:00
15facc72b3
* Console: Escaping fix (ticket #1348 )
2014-08-15 11:49:56 +00:00
d5edcbc6e1
* Console, EventLog: Added {BECAME,NOT}_FLOODFILL events. They will now be shown on the console's /events page when the router's ff status changes.
...
* EventLog: Fix a minor typo.
2014-08-13 21:29:17 +00:00
eb97ef4cb2
* i2psnark: Fix add torrent NPE
2014-08-13 19:17:26 +00:00
9c38e1e191
* Console: Escaping fix (ticket #1346 )
2014-08-13 19:10:25 +00:00
7c3d3b4128
fix dependency checking for ministreaming po files
2014-08-13 19:07:39 +00:00
367cea4b1f
new translation files
2014-08-10 19:32:11 +00:00
c9ce1751c1
propagate from branch 'i2p.i2p.zzz.snarkconfig' (head ad48ab1a9e769c58ea2e286337927f5c0e1568be)
...
to branch 'i2p.i2p' (head 0cd9e265bd38c40839e68de8f51233489acad346)
2014-08-10 14:14:00 +00:00
e3be1d1a04
propagate from branch 'i2p.i2p.zzz.test2' (head c182b371bc28158dd47262b89e5bd0cdda29e07b)
...
to branch 'i2p.i2p' (head 4fc776f7b76b028bb890affccfdcfbefbb932c58)
2014-08-10 13:56:15 +00:00
6fa2a416be
Console: Hide client delete button too
2014-08-10 12:18:18 +00:00
fdb54c315b
propagate from branch 'i2p.i2p' (head b8f5da367cf5d16bc1d91aa2097830c350c9ef8a)
...
to branch 'i2p.i2p.str4d.eddsa' (head 6fcc5b5019abb36251e28fe0f7723fd1a046a8e9)
2014-08-10 11:41:45 +00:00
22a7757461
Console: Show share options below 30% (ticket #1329 )
2014-08-09 18:08:00 +00:00
fbdc535287
* i2psnark: Fix more escaped messages
2014-08-08 20:05:42 +00:00
506419964b
Plugins: SU3 support in form, type checking,
...
don't require DSA key in SU3
2014-08-07 19:27:53 +00:00
35bb8c5348
Plugins: partial SU3 support
2014-08-07 19:06:41 +00:00
79fe799aeb
Plugins: Stub out SU3 support
2014-08-07 18:45:04 +00:00
d4722e0d2c
* i2psnark: Fix excaped message
2014-08-07 13:39:24 +00:00
7187f6f714
* Console: Display full path to config file
...
* i2ptunnel: More escaping
2014-08-06 13:40:25 +00:00
0e9ceba057
* i2ptunnel: Fix filtering of custom options
2014-08-05 21:26:48 +00:00
fe3059f0ab
* Plugins: Enforce signing key matches that in plugin.config
2014-08-05 21:23:48 +00:00
b28eb708a4
* Console:
...
- Fix update buttons
- Don't filter parameter names starting with "nofilter_"
- Re-allow configadvanced, news URL, and unsigned update URL if routerconsole.advanced=true
- Re-allow plugin install if routerconsole.advanced=true or routerconsole.enablePluginInstall=true
- Only allow whitelisted plugin signers, unless routerconsole.allowUntrustedPlugins=true
- Re-allow clients.config changes if routerconsole.advanced=true or routerconsole.enableClientChange=true
- More escaping
* i2psnark: Fix add torrent form
2014-08-03 13:58:51 +00:00
8673c232b6
Whitelist of known plugin public keys
...
Compiled by kytv from plugins.i2p
todo: implementation
2014-07-31 14:51:02 +00:00
d6b0b1b93c
refresh tweaks
...
another escape html
2014-07-26 20:14:01 +00:00
1e0c970c95
remove add client button
2014-07-26 19:31:36 +00:00
db9f49c7d4
updates after review:
...
Disable clients.config editing in UI
Strip single quotes too
Fix double-escaping in susimail folder page
2014-07-26 18:58:58 +00:00
1603353ae8
Susimail escaping from psi plus some more
2014-07-26 16:50:58 +00:00
6753d23309
Add filtering for getParameterMap()
...
Don't return null entries in getParameterValues() array
Log in getParameterValues() too
static
2014-07-26 15:09:40 +00:00
2c8223274d
filter pattern tweaks
2014-07-26 13:43:52 +00:00
f0dd09cf9c
filter logging
2014-07-26 12:18:35 +00:00
4746d9eb80
Fix CSP to allow inline style and refresh
...
Add filter to all webapps
2014-07-26 11:01:16 +00:00
58578d9020
Console:
...
XSSFilter patch from str4d:
XSSFilter and XSSRequestWrapper were from http://ricardozuasti.com/2012/stronger-anti-cross-site-scripting-xss-filter-for-java-web-apps/
No provided license, but it is clearly intended for public consumption.
But most of it is boilerplate provided by the Servlet Filter system.
In fact, now that I have stripped out his JS-specific patterns and replaced it with the whitelist,
it is effectively identical to what I would have written from scratch.
2014-07-26 09:39:31 +00:00
af575d6c95
* Console:
...
- Fix several XSS issues (thx Aaron Portnoy of Exodus Intel)
- Add Content-Security-Policy and X-XSS-Protection headers
- Disable changing news feed URL from UI
- Disable plugin install from UI
- Disable setting unsigned update URL from UI
- Disable /configadvanced
* DataHelper: Disallow \r in storeProps() (thx joernchen of Phenoelit)
* ExecNamingService: Disable (thx joernchen of Phenoelit)
* Startup: Add susimail.config to migrated files
2014-07-26 09:32:26 +00:00
e9c8748c0b
Updated Eclipse settings
2014-07-26 02:48:49 +00:00
08409d016b
translation updates from Transifex
2014-07-23 13:55:58 +00:00
