AGentooCat/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Keyring: Separate local and remote dests on /configkeyring

Browse Source 
Prohibit local changes on /configkeyring
Remove local keys from keyring on tunnel shutdown or encryption disable
Ensure subsession encryption setting matches primary session
(ticket #2108)
This commit is contained in:
zzz
2018-01-14 18:48:47 +00:00
parent 8ef042af6a
commit c2bfb80233
8 changed files with 69 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
core/java/src/net/i2p/client/impl/I2PSessionImpl.java
View File

@@ -360,6 +360,10 @@ public abstract class I2PSessionImpl implements I2PSession, I2CPMessageReader.I2
session.destroySession();
} catch (I2PSessionException ise) {}
}
// do we need this here? subsession.destroySession() calls primary
Destination d = session.getMyDestination();
if (d != null)
_context.keyRing().remove(d.calculateHash());
}
/**
@@ -1210,6 +1214,10 @@ public abstract class I2PSessionImpl implements I2PSession, I2CPMessageReader.I2
private void closeSocket() {
if (_log.shouldLog(Log.INFO))
_log.info(getPrefix() + "Closing the socket", new Exception("closeSocket"));
// maybe not the right place for this, but let's be sure
Destination d = _myDestination;
if (d != null)
_context.keyRing().remove(d.calculateHash());
synchronized(_stateLock) {
changeState(State.CLOSING);
locked_closeSocket();
@@ -1217,6 +1225,9 @@ public abstract class I2PSessionImpl implements I2PSession, I2CPMessageReader.I2
}
synchronized (_subsessionLock) {
for (SubSession sess : _subsessions) {
d = sess.getMyDestination();
if (d != null)
_context.keyRing().remove(d.calculateHash());
sess.changeState(State.CLOSED);
sess.setSessionId(null);
sess.setLeaseSet(null);

18
core/java/src/net/i2p/client/impl/RequestLeaseSetMessageHandler.java
View File

@@ -12,6 +12,7 @@ package net.i2p.client.impl;
import java.io.EOFException;
import java.security.GeneralSecurityException;
import java.util.Map;
import java.util.Properties;
import java.util.concurrent.ConcurrentHashMap;
import net.i2p.I2PAppContext;
@@ -21,6 +22,7 @@ import net.i2p.crypto.SigType;
import net.i2p.data.DataFormatException;
import net.i2p.data.DataHelper;
import net.i2p.data.Destination;
import net.i2p.data.Hash;
import net.i2p.data.Lease;
import net.i2p.data.LeaseSet;
import net.i2p.data.PrivateKey;
@@ -158,17 +160,27 @@ class RequestLeaseSetMessageHandler extends HandlerImpl {
leaseSet.setEncryptionKey(li.getPublicKey());
leaseSet.setSigningKey(li.getSigningPublicKey());
boolean encrypt = Boolean.parseBoolean(session.getOptions().getProperty("i2cp.encryptLeaseSet"));
String sk = session.getOptions().getProperty("i2cp.leaseSetKey");
// SubSession options aren't updated via the gui, so use the primary options
Properties opts;
if (session instanceof SubSession)
opts = ((SubSession) session).getPrimaryOptions();
else
opts = session.getOptions();
boolean encrypt = Boolean.parseBoolean(opts.getProperty("i2cp.encryptLeaseSet"));
String sk = opts.getProperty("i2cp.leaseSetKey");
Hash h = dest.calculateHash();
if (encrypt && sk != null) {
SessionKey key = new SessionKey();
try {
key.fromBase64(sk);
leaseSet.encrypt(key);
_context.keyRing().put(session.getMyDestination().calculateHash(), key);
_context.keyRing().put(h, key);
} catch (DataFormatException dfe) {
_log.error("Bad leaseset key: " + sk);
_context.keyRing().remove(h);
}
} else {
_context.keyRing().remove(h);
}
try {
leaseSet.sign(session.getPrivateKey());

7
core/java/src/net/i2p/client/impl/SubSession.java
View File

@@ -85,6 +85,13 @@ class SubSession extends I2PSessionMuxedImpl {
@Override
public void updateOptions(Properties options) {}
/**
* @since 0.9.33
*/
public Properties getPrimaryOptions() {
return _primary.getOptions();
}
/**
* Connect to the router and establish a session. This call blocks until
* a session is granted.