diff --git a/apps/i2pcontrol/java/net/i2p/i2pcontrol/security/KeyStoreProvider.java b/apps/i2pcontrol/java/net/i2p/i2pcontrol/security/KeyStoreProvider.java
index 544f38b8fadee05c7e932802b2aaf09e1c06bd2c..1b771d09344316825010c99d1bc89fed0b50d2bf 100644
--- a/apps/i2pcontrol/java/net/i2p/i2pcontrol/security/KeyStoreProvider.java
+++ b/apps/i2pcontrol/java/net/i2p/i2pcontrol/security/KeyStoreProvider.java
@@ -186,17 +186,18 @@ public class KeyStoreProvider {
if (_keystore == null) {
File keyStoreFile = new File(getKeyStoreLocation());
+ InputStream is = null;
try {
_keystore = KeyStore.getInstance(KeyStore.getDefaultType());
if (keyStoreFile.exists()) {
- InputStream is = new FileInputStream(keyStoreFile);
+ is = new FileInputStream(keyStoreFile);
_keystore.load(is, DEFAULT_KEYSTORE_PASSWORD.toCharArray());
return _keystore;
}
initialize();
if (keyStoreFile.exists()) {
- InputStream is = new FileInputStream(keyStoreFile);
+ is = new FileInputStream(keyStoreFile);
_keystore.load(is, DEFAULT_KEYSTORE_PASSWORD.toCharArray());
return _keystore;
} else {
@@ -204,6 +205,8 @@ public class KeyStoreProvider {
}
} catch (Exception e) {
// Ignore. Not an issue. Let's just create a new keystore instead.
+ } finally {
+ if (is != null) try { is.close(); } catch (IOException ioe) {}
}
return null;
} else {
diff --git a/apps/routerconsole/java/src/net/i2p/router/sybil/Analysis.java b/apps/routerconsole/java/src/net/i2p/router/sybil/Analysis.java
index 5cc33969fc55492af037e7e06dda5e2f0cc64ef4..60a65b62177d71f1a969987ea89a327704a83a94 100644
--- a/apps/routerconsole/java/src/net/i2p/router/sybil/Analysis.java
+++ b/apps/routerconsole/java/src/net/i2p/router/sybil/Analysis.java
@@ -323,8 +323,6 @@ public class Analysis extends JobImpl implements RouterApp {
if (_log.shouldWarn())
_log.warn("Analyzing " + ris.size() + " routers, including non-floodfills? " + includeAll);
- double avgMinDist = getAvgMinDist(ris);
-
// IP analysis
calculateIPGroupsFamily(ris, points);
List<RouterInfo> ri32 = new ArrayList<RouterInfo>(4);
diff --git a/apps/routerconsole/java/src/net/i2p/router/web/helpers/HomeHelper.java b/apps/routerconsole/java/src/net/i2p/router/web/helpers/HomeHelper.java
index 14ef78cc565889fe2d8384ea7a0795733179b920..3fdb753c822b49c8e54f77e3a6c63c8f08fe7e18 100644
--- a/apps/routerconsole/java/src/net/i2p/router/web/helpers/HomeHelper.java
+++ b/apps/routerconsole/java/src/net/i2p/router/web/helpers/HomeHelper.java
@@ -34,7 +34,7 @@ public class HomeHelper extends HelperBase {
static final String PROP_MONITORING = "routerconsole.monitoring";
static final String PROP_OLDHOME = "routerconsole.oldHomePage";
private static final String PROP_SEARCH = "routerconsole.showSearch";
- public final String bottomWrap = "<br>\n" +
+ private static final String bottomWrap = "<br>\n" +
"<div class=\"clearer\"> </div>\n" +
"</div>\n" +
"</div>\n";
diff --git a/apps/routerconsole/jsp/configplugins.jsp b/apps/routerconsole/jsp/configplugins.jsp
index 29911facd3511d859ac39295bf586a3510cbe46a..23004bcde3021fdc95497712f4bed6f90c3e883a 100644
--- a/apps/routerconsole/jsp/configplugins.jsp
+++ b/apps/routerconsole/jsp/configplugins.jsp
@@ -60,7 +60,7 @@ input.default { width: 1px; height: 1px; visibility: hidden; }
<b>URL:</b>
<%
String url = request.getParameter("pluginURL");
- String value = url != null ? "value=\"" + url + '"' : "";
+ String value = url != null ? "value=\"" + net.i2p.data.DataHelper.escapeHTML(url) + '"' : "";
%>
<input type="text" size="60" name="pluginURL" title="<%=intl._t("To install a plugin, enter the download URL:")%>" <%=value%>>
</td>
@@ -84,7 +84,7 @@ input.default { width: 1px; height: 1px; visibility: hidden; }
String file = request.getParameter("pluginFile");
if (file != null && file.length() > 0) {
%>
-<input type="text" size="60" name="pluginFile" value="<%=file%>">
+<input type="text" size="60" name="pluginFile" value="<%=net.i2p.data.DataHelper.escapeHTML(file)%>">
<%
} else {
%>
diff --git a/apps/routerconsole/jsp/configreseed.jsp b/apps/routerconsole/jsp/configreseed.jsp
index 7443851f2e611ce52d8d245abee07ddfa35e7b58..44672c023d50b9d47c6db86e828ed81955011702 100644
--- a/apps/routerconsole/jsp/configreseed.jsp
+++ b/apps/routerconsole/jsp/configreseed.jsp
@@ -70,7 +70,7 @@
<b><%=intl._t("Enter zip or su3 URL")%>:</b>
<%
String url = request.getParameter("url");
- String value = url != null ? "value=\"" + url + '"' : "";
+ String value = url != null ? "value=\"" + net.i2p.data.DataHelper.escapeHTML(url) + '"' : "";
%>
<input name="url" type="text" size="60" <%=value%> />
</td>
@@ -93,7 +93,7 @@
String file = request.getParameter("file");
if (file != null && file.length() > 0) {
%>
-<input type="text" size="60" name="file" value="<%=file%>">
+<input type="text" size="60" name="file" value="<%=net.i2p.data.DataHelper.escapeHTML(file)%>">
<%
} else {
%>
diff --git a/apps/routerconsole/jsp/viewstat.jsp b/apps/routerconsole/jsp/viewstat.jsp
index 2876e2b75374e0f66a5b3787ac6921fde9559cae..fdce14bfa3605020e6059f7560a60e05a1a13ca1 100644
--- a/apps/routerconsole/jsp/viewstat.jsp
+++ b/apps/routerconsole/jsp/viewstat.jsp
@@ -38,6 +38,11 @@ if ( !rendered && ((rs != null) || fakeBw) ) {
if (!fakeBw)
rate = rs.getRate(per);
if ( (rate != null) || (fakeBw) ) {
+ if (stat != null &&
+ (stat.indexOf('\n') >= 0 || stat.indexOf('\r') >= 0)) {
+ response.sendError(403, "param");
+ return;
+ }
java.io.OutputStream cout = response.getOutputStream();
String format = request.getParameter("format");
response.setHeader("X-Content-Type-Options", "nosniff");
diff --git a/apps/streaming/java/src/net/i2p/client/streaming/impl/Connection.java b/apps/streaming/java/src/net/i2p/client/streaming/impl/Connection.java
index 898e2bbbdb1d3d6d3df5b32d695c80f04d7b6e42..9698ec9d0f948e333b72f350bbe7063c0bbbeee8 100644
--- a/apps/streaming/java/src/net/i2p/client/streaming/impl/Connection.java
+++ b/apps/streaming/java/src/net/i2p/client/streaming/impl/Connection.java
@@ -1656,7 +1656,6 @@ class Connection {
return false;
}
- long now = _context.clock().now();
_context.statManager().addRateData("stream.fastRetransmit", _packet.getLifetime(), _packet.getLifetime());
// revamp various fields, in case we need to ack more, etc
diff --git a/apps/susimail/src/src/i2p/susi/webmail/WebMail.java b/apps/susimail/src/src/i2p/susi/webmail/WebMail.java
index 50e1ae5114cdebdd41aa22a189f342279ee9d5e4..49536ac866a2011eaf4dbd55e54c86be0530b851 100644
--- a/apps/susimail/src/src/i2p/susi/webmail/WebMail.java
+++ b/apps/susimail/src/src/i2p/susi/webmail/WebMail.java
@@ -3092,10 +3092,10 @@ public class WebMail extends HttpServlet
*/
private static void showLogin( PrintWriter out )
{
- boolean fixed = Boolean.parseBoolean(Config.getProperty( CONFIG_PORTS_FIXED, "true" ));
- String host = Config.getProperty(CONFIG_HOST, DEFAULT_HOST);
- String pop3 = Config.getProperty(CONFIG_PORTS_POP3, Integer.toString(DEFAULT_POP3PORT));
- String smtp = Config.getProperty(CONFIG_PORTS_SMTP, Integer.toString(DEFAULT_SMTPPORT));
+ //boolean fixed = Boolean.parseBoolean(Config.getProperty( CONFIG_PORTS_FIXED, "true" ));
+ //String host = Config.getProperty(CONFIG_HOST, DEFAULT_HOST);
+ //String pop3 = Config.getProperty(CONFIG_PORTS_POP3, Integer.toString(DEFAULT_POP3PORT));
+ //String smtp = Config.getProperty(CONFIG_PORTS_SMTP, Integer.toString(DEFAULT_SMTPPORT));
out.println( "<div id=\"dologin\"><h1>" + _t("Email Login") + "</h1><table cellspacing=\"3\" cellpadding=\"5\">\n" +
// current postman hq length limits 16/12, new postman version 32/32
diff --git a/core/java/src/net/i2p/data/PrivateKeyFile.java b/core/java/src/net/i2p/data/PrivateKeyFile.java
index 4fdcd32c21f7f8cebb7f3bbea3fbee868ac5e08e..b6db55fa7f0dd7cea399b0f3028fcb40c242b00d 100644
--- a/core/java/src/net/i2p/data/PrivateKeyFile.java
+++ b/core/java/src/net/i2p/data/PrivateKeyFile.java
@@ -967,7 +967,6 @@ public class PrivateKeyFile {
SigType type = spk.getType();
if (type == SigType.EdDSA_SHA512_Ed25519 ||
type == SigType.RedDSA_SHA512_Ed25519) {
- I2PAppContext ctx = I2PAppContext.getGlobalContext();
s.append("\nBlinded B32: ").append(Blinding.encode(spk));
s.append("\n + auth key: ").append(Blinding.encode(spk, false, true));
s.append("\n + password: ").append(Blinding.encode(spk, true, false));
diff --git a/router/java/src/net/i2p/router/RouterVersion.java b/router/java/src/net/i2p/router/RouterVersion.java
index cef568607596f50571da020c3575d4b0bee2f1d0..59b43357e5bf3257a1485251a5717c541b5be882 100644
--- a/router/java/src/net/i2p/router/RouterVersion.java
+++ b/router/java/src/net/i2p/router/RouterVersion.java
@@ -18,7 +18,7 @@ public class RouterVersion {
/** deprecated */
public final static String ID = "Monotone";
public final static String VERSION = CoreVersion.VERSION;
- public final static long BUILD = 12;
+ public final static long BUILD = 13;
/** for example "-test" */
public final static String EXTRA = "-rc";
diff --git a/router/java/src/net/i2p/router/crypto/ratchet/ECIESAEADEngine.java b/router/java/src/net/i2p/router/crypto/ratchet/ECIESAEADEngine.java
index e8382df4142d728b82b3443c6b1edbac632260c1..feca72994d456f281326bfebe3de0b5d6de9cab3 100644
--- a/router/java/src/net/i2p/router/crypto/ratchet/ECIESAEADEngine.java
+++ b/router/java/src/net/i2p/router/crypto/ratchet/ECIESAEADEngine.java
@@ -190,7 +190,6 @@ public final class ECIESAEADEngine {
RatchetSessionTag st = new RatchetSessionTag(tag);
SessionKeyAndNonce key = keyManager.consumeTag(st);
CloveSet decrypted;
- final boolean shouldDebug = _log.shouldDebug();
if (key != null) {
decrypted = xx_decryptFast(tag, st, key, data, targetPrivateKey, keyManager);
// we do NOT retry as NS
@@ -957,9 +956,11 @@ public final class ECIESAEADEngine {
/**
* No ad
*/
+/*
private final byte[] encryptAEADBlock(byte data[], SessionKey key, long n) {
return encryptAEADBlock(null, data, key, n);
}
+*/
/**
*
diff --git a/router/java/src/net/i2p/router/crypto/ratchet/RatchetSKM.java b/router/java/src/net/i2p/router/crypto/ratchet/RatchetSKM.java
index aa0880b2cee28d4a7085ce5fbd32734b215a2e2b..3c8a1005d166664c847b1c2cc0ae10ada8034cf7 100644
--- a/router/java/src/net/i2p/router/crypto/ratchet/RatchetSKM.java
+++ b/router/java/src/net/i2p/router/crypto/ratchet/RatchetSKM.java
@@ -1157,7 +1157,6 @@ public class RatchetSKM extends SessionKeyManager implements SessionTagListener
_hisIBKey = receivedKey;
// create new OB TS, delete old one
- PublicKey pub = nextKeys.getPublic();
PrivateKey priv = nextKeys.getPrivate();
PrivateKey sharedSecret = ECIESAEADEngine.doDH(priv, key);
byte[] sk = new byte[32];
diff --git a/router/java/src/net/i2p/router/message/OutboundClientMessageOneShotJob.java b/router/java/src/net/i2p/router/message/OutboundClientMessageOneShotJob.java
index 7250c08945720c496ccfef2a78eb1e72d3d02e59..5c996400c758f8b5839e5d7418c709c46911fdb1 100644
--- a/router/java/src/net/i2p/router/message/OutboundClientMessageOneShotJob.java
+++ b/router/java/src/net/i2p/router/message/OutboundClientMessageOneShotJob.java
@@ -1196,7 +1196,7 @@ public class OutboundClientMessageOneShotJob extends JobImpl {
}
public void onReply() {
- runJob();
+ super.runJob();
}
}
diff --git a/router/java/src/net/i2p/router/tunnel/pool/TunnelPoolManager.java b/router/java/src/net/i2p/router/tunnel/pool/TunnelPoolManager.java
index b005951372ce28f2f4a38bd8fce1b383341a1bc5..15c9d347dccbfcb5dbe7885701ba996bf0a9cc2a 100644
--- a/router/java/src/net/i2p/router/tunnel/pool/TunnelPoolManager.java
+++ b/router/java/src/net/i2p/router/tunnel/pool/TunnelPoolManager.java
@@ -562,7 +562,6 @@ public class TunnelPoolManager implements TunnelManagerFacade {
(!_context.getBooleanPropertyDefaultTrue("router.disableTunnelTesting") ||
_context.router().isHidden() ||
_context.router().getRouterInfo().getAddressCount() <= 0)) {
- Hash client = cfg.getDestination();
TunnelPool pool = cfg.getTunnelPool();
_context.jobQueue().addJob(new TestJob(_context, cfg, pool));
}