- Fix MD5 passwords after testing

- Remove unused password fallback in FormHandler

- Fix MD5 passwords after testing
05740f79 · zzz · fc7f995b · 05740f79 · 05740f79 · 05740f79
Commit 05740f79 authored 12 years ago by zzz
--- a/apps/routerconsole/java/src/net/i2p/router/web/ConsolePasswordManager.java
+++ b/apps/routerconsole/java/src/net/i2p/router/web/ConsolePasswordManager.java
@@ -28,11 +28,11 @@ public class ConsolePasswordManager extends RouterPasswordManager {
    private static final String PROP_MIGRATED = "routerconsole.passwordManager.migrated";
    // migrate these to hash
    private static final String PROP_CONSOLE_OLD = "consolePassword";
-    public static final String PROP_CONSOLE_NEW = "routerconsole.auth";
    private static final String CONSOLE_USER = "admin";

    public ConsolePasswordManager(RouterContext ctx) {
        super(ctx);
+        migrateConsole();
    }
    
    /**
@@ -48,7 +48,7 @@ public class ConsolePasswordManager extends RouterPasswordManager {
               //checkCrypt(realm, user, pw) ||
               checkMD5(realm, user, pw);
    }
-    
+
    /**
     *  The username is the salt
     *
@@ -119,7 +119,8 @@ public class ConsolePasswordManager extends RouterPasswordManager {
    }

    /**
-     *  Migrate from plaintext to salt/hash
+     *  Migrate from plaintext to MD5 hash
+     *  Ref: RFC 2617
     *
     *  @return success or nothing to migrate
     */
@@ -130,9 +131,13 @@ public class ConsolePasswordManager extends RouterPasswordManager {
            // consolePassword
            String pw = _context.getProperty(PROP_CONSOLE_OLD);
            if (pw != null) {
-                if (pw.length() > 0)
-                    saveMD5(PROP_CONSOLE_NEW, CONSOLE_USER, pw);
-                return _context.router().saveConfig(PROP_CONSOLE_OLD, null);
+                if (pw.length() > 0) {
+                    pw = CONSOLE_USER + ':' + RouterConsoleRunner.JETTY_REALM + ':' + pw;
+                    saveMD5(RouterConsoleRunner.PROP_CONSOLE_PW, CONSOLE_USER, pw);
+                }
+                Map toAdd = Collections.singletonMap(PROP_MIGRATED, "true");
+                List toDel = Collections.singletonList(PROP_CONSOLE_OLD);
+                return _context.router().saveConfig(toAdd, toDel);
            }
            return true;
        }

--- a/apps/routerconsole/java/src/net/i2p/router/web/FormHandler.java
+++ b/apps/routerconsole/java/src/net/i2p/router/web/FormHandler.java
@@ -21,7 +21,6 @@ public class FormHandler {
    private String _nonce;
    protected String _action;
    protected String _method;
-    protected String _passphrase;
    private final List<String> _errors;
    private final List<String> _notices;
    private boolean _processed;
@@ -52,7 +51,6 @@ public class FormHandler {

    public void setNonce(String val) { _nonce = val; }
    public void setAction(String val) { _action = val; }
-    public void setPassphrase(String val) { _passphrase = val; }

    /**
     * Call this to prevent changes using GET
@@ -168,14 +166,8 @@ public class FormHandler {
        String noncePrev = nonce + PREV_SUFFIX;
        if ( ( (nonce == null) || (!_nonce.equals(nonce)) ) &&
             ( (noncePrev == null) || (!_nonce.equals(noncePrev)) ) ) {
-                 
-            String expected = _context.getProperty("consolePassword");
-            if ( (expected != null) && (expected.trim().length() > 0) && (expected.equals(_passphrase)) ) {
-                // ok
-            } else {
                addFormError(_("Invalid form submission, probably because you used the 'back' or 'reload' button on your browser. Please resubmit."));
                _valid = false;
-            }
        }
    }
    

--- a/apps/routerconsole/java/src/net/i2p/router/web/RouterConsoleRunner.java
+++ b/apps/routerconsole/java/src/net/i2p/router/web/RouterConsoleRunner.java
@@ -80,8 +80,9 @@ public class RouterConsoleRunner implements RouterApp {

    // Jetty Auth
    private static final DigestAuthenticator authenticator = new DigestAuthenticator();
-    private static final String JETTY_REALM = "i2prouter";
+    public static final String JETTY_REALM = "i2prouter";
    private static final String JETTY_ROLE = "routerAdmin";
+    public static final String PROP_CONSOLE_PW = "routerconsole.auth." + JETTY_REALM;

    public static final String ROUTERCONSOLE = "routerconsole";
    public static final String PREFIX = "webapps.";
@@ -706,8 +707,7 @@ public class RouterConsoleRunner implements RouterApp {
        SecurityHandler sec = new SecurityHandler();
        List<ConstraintMapping> constraints = new ArrayList(4);
        ConsolePasswordManager mgr = new ConsolePasswordManager(ctx);
-        mgr.migrateConsole();
-        Map<String, String> userpw = mgr.getMD5(PasswordManager.PROP_CONSOLE_NEW);
+        Map<String, String> userpw = mgr.getMD5(PROP_CONSOLE_PW);
        if (!userpw.isEmpty()) {
            HashUserRealm realm = new HashUserRealm(JETTY_REALM);
            sec.setUserRealm(realm);