zzz/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Packages Projects Releases Wiki Activity

NetDB: Refactor family validation

Browse Source 
Return a result code from verify()
Load all known certs at startup rather than continually reloading them
Only give full verified status to known keys
Enforce signatures in netdb store when key is available
Show family verification status on /netdb
Export our cert to disk if missing
Add stormycloud family cert
Bypass /24 Sybil penalty
This commit is contained in:
zzz
2022-03-20 07:41:49 -04:00
parent fc88d672c5
commit c520dcb0f6
5 changed files with 196 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
apps/routerconsole/java/src/net/i2p/router/web/helpers/NetDbRenderer.java
View File

@@ -41,6 +41,7 @@ import net.i2p.data.router.RouterInfo;
import net.i2p.router.JobImpl;
import net.i2p.router.RouterContext;
import net.i2p.router.TunnelPoolSettings;
import net.i2p.router.crypto.FamilyKeyCrypto;
import net.i2p.router.util.HashDistance; // debug
import net.i2p.router.networkdb.kademlia.FloodfillNetworkDatabaseFacade;
import static net.i2p.router.sybil.Util.biLog2;
@@ -985,7 +986,6 @@ class NetDbRenderer {
* Be careful to use stripHTML for any displayed routerInfo data
* to prevent vulnerabilities
*/
private void renderRouterInfo(StringBuilder buf, RouterInfo info, boolean isUs, boolean full) {
String hash = info.getIdentity().getHash().toBase64();
buf.append("<table class=\"netdbentry\">" +
@@ -1065,7 +1065,7 @@ class NetDbRenderer {
}
buf.append("</td></tr>\n");
if (full) {
buf.append("<tr><td><b>" + _t("Stats") + ":</b><td colspan=\"2\"><code>");
buf.append("<tr><td><b>").append(_t("Stats")).append(":</b><td colspan=\"2\"><code>");
Map<Object, Object> p = info.getOptionsMap();
for (Map.Entry<Object, Object> e : p.entrySet()) {
String key = (String) e.getKey();
@@ -1073,6 +1073,17 @@ class NetDbRenderer {
buf.append(DataHelper.stripHTML(key)).append(" = ").append(DataHelper.stripHTML(val)).append("<br>\n");
}
buf.append("</code></td></tr>\n");
String family = info.getOption("family");
if (family != null) {
FamilyKeyCrypto fkc = _context.router().getFamilyKeyCrypto();
if (fkc != null) {
buf.append("<tr><td><b>").append(_t("Family"))
.append(":</b><td colspan=\"2\"><span class=\"netdb_info\">")
.append(fkc.verify(info) == FamilyKeyCrypto.Result.STORED_KEY ? "Verified" : "Unverified")
.append(' ').append(DataHelper.stripHTML(family))
.append("</span></td></tr>\n");
}
}
}
buf.append("</table>\n");
}