Changeset 48ccf85e


Ignore:
Timestamp:
Oct 5, 2010 12:08:59 AM (10 years ago)
Author:
zzz <zzz@…>
Branches:
master
Children:
2d601099
Parents:
6cf7bc7
Message:

try again to fix the i2ptunnel nonce problem

File:
1 edited

Legend:

Unmodified
Added
Removed
  • apps/i2ptunnel/java/src/net/i2p/i2ptunnel/web/IndexBean.java

    r6cf7bc7 r48ccf85e  
    1010
    1111import java.util.concurrent.ConcurrentHashMap;
     12import java.util.ArrayList;
    1213import java.util.Arrays;
    1314import java.util.HashSet;
     
    4243    private String _action;
    4344    private int _tunnel;
    44     private long _prevNonce;
    45     private long _prevNonce2;
    46     private long _curNonce;
    47     private long _nextNonce;
     45    //private long _prevNonce;
     46    //private long _prevNonce2;
     47    private String _curNonce;
     48    //private long _nextNonce;
    4849
    4950    private String _type;
     
    8687    //public static final String PROP_TUNNEL_PASSPHRASE = "i2ptunnel.passphrase";
    8788    public static final String PROP_TUNNEL_PASSPHRASE = "consolePassword";
    88     static final String PROP_NONCE = IndexBean.class.getName() + ".nonce";
    89     static final String PROP_NONCE_OLD = PROP_NONCE + '2';
     89    //static final String PROP_NONCE = IndexBean.class.getName() + ".nonce";
     90    //static final String PROP_NONCE_OLD = PROP_NONCE + '2';
     91    /** 3 wasn't enough for some browsers. They are reloading the page for some reason - maybe HEAD? @since 0.8.1 */
     92    private static final int MAX_NONCES = 5;
     93    /** store nonces in a static FIFO instead of in System Properties @since 0.8.1 */
     94    private static final List<String> _nonces = new ArrayList(MAX_NONCES + 1);
     95
    9096    static final String CLIENT_NICKNAME = "shared clients";
    91    
    9297    public static final String PROP_THEME_NAME = "routerconsole.theme";
    9398    public static final String DEFAULT_THEME = "light";
     
    99104        _log = _context.logManager().getLog(IndexBean.class);
    100105        _group = TunnelControllerGroup.getInstance();
    101         _action = null;
    102106        _tunnel = -1;
    103         _curNonce = -1;
    104         _prevNonce = -1;
    105         _prevNonce2 = -1;
    106         try {
    107             String nonce2 = System.getProperty(PROP_NONCE_OLD);
    108             if (nonce2 != null)
    109                 _prevNonce2 = Long.parseLong(nonce2);
    110             String nonce = System.getProperty(PROP_NONCE);
    111             if (nonce != null) {
    112                 _prevNonce = Long.parseLong(nonce);
    113                 System.setProperty(PROP_NONCE_OLD, nonce);
    114             }
    115         } catch (NumberFormatException nfe) {}
    116         _nextNonce = _context.random().nextLong();
    117         System.setProperty(PROP_NONCE, Long.toString(_nextNonce));
     107        _curNonce = "-1";
     108        addNonce();
    118109        _booleanOptions = new ConcurrentHashSet(4);
    119110        _otherOptions = new ConcurrentHashMap(4);
    120111    }
    121112   
    122     public long getNextNonce() { return _nextNonce; }
     113    public static String getNextNonce() {
     114        synchronized (_nonces) {
     115            return _nonces.get(0);
     116        }
     117    }
     118
    123119    public void setNonce(String nonce) {
    124120        if ( (nonce == null) || (nonce.trim().length() <= 0) ) return;
    125         try {
    126             _curNonce = Long.parseLong(nonce);
    127         } catch (NumberFormatException nfe) {
    128             _curNonce = -1;
     121        _curNonce = nonce;
     122    }
     123
     124    /** add a random nonce to the head of the queue @since 0.8.1 */
     125    private void addNonce() {
     126        String nextNonce = Long.toString(_context.random().nextLong());
     127        synchronized (_nonces) {
     128            _nonces.add(0, nextNonce);
     129            int sz = _nonces.size();
     130            if (sz > MAX_NONCES)
     131                _nonces.remove(sz - 1);
     132        }
     133    }
     134
     135    /** do we know this nonce? @since 0.8.1 */
     136    private static boolean haveNonce(String nonce) {
     137        synchronized (_nonces) {
     138            return _nonces.contains(nonce);
    129139        }
    130140    }
     
    156166        if ( (_action == null) || (_action.trim().length() <= 0) || ("Cancel".equals(_action)))
    157167            return "";
    158         if ( (_prevNonce != _curNonce) && (_prevNonce2 != _curNonce) && (!validPassphrase()) )
     168        if ( (!haveNonce(_curNonce)) && (!validPassphrase()) )
    159169            return "Invalid form submission, probably because you used the 'back' or 'reload' button on your browser. Please resubmit.";
    160170        if ("Stop all".equals(_action))
Note: See TracChangeset for help on using the changeset viewer.