forked from I2P_Developers/i2p.i2p
SSL wizard: Start of POST handling
Work around Jetty XML bug classpath fixes to follow
This commit is contained in:
@@ -56,7 +56,7 @@
|
||||
debug="true" deprecation="on" source="${javac.version}" target="${javac.version}"
|
||||
destdir="./build/obj"
|
||||
includeAntRuntime="false"
|
||||
classpath="../../../core/java/build/i2p.jar:build/i2ptunnel.jar:../../jetty/jettylib/jetty-i2p.jar:../../jetty/jettylib/jetty-xml.jar" >
|
||||
classpath="../../../core/java/build/i2p.jar:build/i2ptunnel.jar:../../jetty/jettylib/jetty-i2p.jar:../../jetty/jettylib/jetty-util.jar:../../jetty/jettylib/jetty-xml.jar" >
|
||||
<compilerarg line="${javac.compilerargs}" />
|
||||
</javac>
|
||||
</target>
|
||||
@@ -318,7 +318,6 @@
|
||||
<pathelement location="../../jetty/jettylib/tomcat-util-scan.jar" />
|
||||
|
||||
<pathelement location="../../jetty/jettylib/jasper-el.jar" />
|
||||
<pathelement location="../../jetty/jettylib/commons-logging.jar" />
|
||||
<pathelement location="../../jetty/jettylib/commons-el.jar" />
|
||||
<pathelement location="../../jetty/jettylib/jetty-util.jar" />
|
||||
<pathelement location="${ant.home}/lib/ant.jar" />
|
||||
@@ -353,8 +352,8 @@
|
||||
<pathelement location="../../jetty/jettylib/tomcat-util.jar" />
|
||||
<pathelement location="../../jetty/jettylib/tomcat-util-scan.jar" />
|
||||
|
||||
<pathelement location="../../jetty/jettylib/commons-logging.jar" />
|
||||
<pathelement location="../../jetty/jettylib/commons-el.jar" />
|
||||
<pathelement location="../../jetty/jettylib/jetty-util.jar" />
|
||||
<pathelement location="build/i2ptunnel.jar" />
|
||||
<pathelement location="build/temp-beans.jar" />
|
||||
<pathelement location="../../../core/java/build/i2p.jar" />
|
||||
|
||||
@@ -134,8 +134,11 @@ public class IndexBean {
|
||||
}
|
||||
}
|
||||
|
||||
/** do we know this nonce? @since 0.8.1 */
|
||||
private static boolean haveNonce(String nonce) {
|
||||
/**
|
||||
* do we know this nonce?
|
||||
* @since 0.8.1 public since 0.9.35
|
||||
*/
|
||||
public static boolean haveNonce(String nonce) {
|
||||
synchronized (_nonces) {
|
||||
return _nonces.contains(nonce);
|
||||
}
|
||||
|
||||
@@ -100,6 +100,111 @@ input.default { width: 1px; height: 1px; visibility: hidden; }
|
||||
if (name == null || name.equals(""))
|
||||
name = editBean.getTunnelName(curTunnel);
|
||||
if (!"new".equals(tunnelType)) {
|
||||
// POST handling
|
||||
String action = request.getParameter("action");
|
||||
if (action != null) {
|
||||
String nonce = request.getParameter("nonce");
|
||||
String newpw = request.getParameter("nofilter_keyPassword");
|
||||
String appNum = request.getParameter("clientAppNumber");
|
||||
String ksPath = request.getParameter("nofilter_ksPath");
|
||||
String jettySSLConfigPath = request.getParameter("nofilter_jettySSLFile");
|
||||
if (newpw != null) {
|
||||
newpw = newpw.trim();
|
||||
if (newpw.length() <= 0)
|
||||
newpw = null;
|
||||
}
|
||||
if (!editBean.haveNonce(nonce)) {
|
||||
out.println(intl._t("Invalid form submission, probably because you used the 'back' or 'reload' button on your browser. Please resubmit.")
|
||||
+ ' ' +
|
||||
intl._t("If the problem persists, verify that you have cookies enabled in your browser."));
|
||||
} else if (!action.equals("Generate")) {
|
||||
out.println("Unknown form action");
|
||||
} else if (newpw == null) {
|
||||
out.println("Password required");
|
||||
} else if (appNum == null || ksPath == null || jettySSLConfigPath == null) {
|
||||
out.println("Missing parameters");
|
||||
} else if (b32.length() <= 0) {
|
||||
out.println("No destination set - start tunnel first");
|
||||
} else if (name == null || !name.endsWith(".i2p")) {
|
||||
out.println("No hostname set - go back and configure");
|
||||
} else {
|
||||
boolean ok = true;
|
||||
|
||||
// generate selfsigned cert
|
||||
java.util.Set<String> altNames = new java.util.HashSet<String>(4);
|
||||
altNames.add(b32);
|
||||
altNames.add(name);
|
||||
if (!name.startsWith("www."))
|
||||
altNames.add("www." + name);
|
||||
if (altb32 != null && altb32.length() > 0)
|
||||
altNames.add(altb32);
|
||||
File ks = new File(ksPath);
|
||||
ok = net.i2p.crypto.KeyStoreUtil.createKeys(ks, "eepsite", name, altNames, b32, newpw);
|
||||
if (ok) {
|
||||
out.println("Created selfsigned cert");
|
||||
}
|
||||
|
||||
// rewrite jetty-ssl.xml
|
||||
if (ok) {
|
||||
String obf = org.eclipse.jetty.util.security.Password.obfuscate(newpw);
|
||||
File f = new File(jettySSLConfigPath);
|
||||
try {
|
||||
org.eclipse.jetty.xml.XmlParser.Node root;
|
||||
root = net.i2p.jetty.JettyXmlConfigurationParser.parse(f);
|
||||
//JettyXmlConfigurationParser.setValue(root, "KeyStorePassword", ...);
|
||||
JettyXmlConfigurationParser.setValue(root, "KeyManagerPassword", obf);
|
||||
JettyXmlConfigurationParser.setValue(root, "TrustStorePassword", obf);
|
||||
File fb = new File(jettySSLConfigPath + ".bkup");
|
||||
if (fb.exists())
|
||||
fb = new File(jettySSLConfigPath + '-' + System.currentTimeMillis() + ".bkup");
|
||||
ok = net.i2p.util.FileUtil.copy(f, fb, false, true);
|
||||
if (ok) {
|
||||
java.io.Writer w = null;
|
||||
try {
|
||||
w = new java.io.OutputStreamWriter(new net.i2p.util.SecureFileOutputStream(f), "UTF-8");
|
||||
w.write(root.toString());
|
||||
} catch (java.io.IOException ioe) {
|
||||
ioe.printStackTrace();
|
||||
ok = false;
|
||||
} finally {
|
||||
if (w != null) try { w.close(); } catch (java.io.IOException ioe2) {}
|
||||
}
|
||||
}
|
||||
} catch (org.xml.sax.SAXException saxe) {
|
||||
saxe.printStackTrace();
|
||||
out.println(DataHelper.escapeHTML(saxe.getMessage()));
|
||||
ok = false;
|
||||
}
|
||||
}
|
||||
|
||||
// rewrite clients.config
|
||||
boolean isSSLEnabled = Boolean.parseBoolean(request.getParameter("isSSLEnabled"));
|
||||
if (ok && !isSSLEnabled) {
|
||||
}
|
||||
|
||||
// stop and restart jetty
|
||||
|
||||
// stop tunnel
|
||||
if (ok) {
|
||||
|
||||
}
|
||||
|
||||
// rewrite i2ptunnel.config
|
||||
if (ok) {
|
||||
|
||||
}
|
||||
|
||||
// restart tunnel
|
||||
if (ok) {
|
||||
|
||||
}
|
||||
|
||||
if (ok) {
|
||||
out.println(intl. _t("Configuration changes saved"));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
%>
|
||||
|
||||
<form method="post" action="ssl" accept-charset="UTF-8">
|
||||
@@ -374,6 +479,10 @@ input.default { width: 1px; height: 1px; visibility: hidden; }
|
||||
} // isPWDefault
|
||||
%>
|
||||
<tr><td colspan="7"><b><%=intl._t("Password")%>:</b>
|
||||
<input type="hidden" name="clientAppNumber" value="<%=i%>" />
|
||||
<input type="hidden" name="isSSLEnabled" value="<%=isEnabled%>" />
|
||||
<input type="hidden" name="nofilter_ksPath" value="<%=ksPath%>" />
|
||||
<input type="hidden" name="nofilter_jettySSLFile" value="<%=jettySSLFile%>" />
|
||||
<input type="password" name="nofilter_keyPassword" title="<%=intl._t("Set password required to access this service")%>" value="" class="freetext password" />
|
||||
</td></tr>
|
||||
<tr><td class="buttons" colspan="7">
|
||||
|
||||
@@ -120,6 +120,12 @@ public class JettyXmlConfigurationParser
|
||||
if (aname != null && aname.toLowerCase(Locale.US).equals(nameLC)) {
|
||||
// Node doesn't support set() or remove() but it does have clear()
|
||||
n.clear();
|
||||
// work around bug in XmlParser.Node.add(int, Object)
|
||||
// where it will AIOOBE when calling add(String) after clear() after add(String)
|
||||
// because the _lastString field isn't reset to false
|
||||
// so we need to add a non-String object and then clear again.
|
||||
n.add(Integer.valueOf(0));
|
||||
n.clear();
|
||||
n.add(value);
|
||||
return true;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user