Changeset 6ca0c54


Ignore:
Timestamp:
Nov 2, 2014 3:23:13 PM (7 years ago)
Author:
zzz <zzz@…>
Branches:
master
Children:
702830a
Parents:
2284c96
Message:

i2ptunnel:
ECDSA default for all new server tunnels
ECDSA default for streamr client tunnels
Fix display of server destination on edit page when not running (privkey file path wasn't absolute)
Fix display of persistent client key b32 on edit page when not running
Fix display of server sig type on edit page when we have a privkey file
Add KeysAndCert?.getSigType()
Javadocs

Files:
5 edited

Legend:

Unmodified
Added
Removed
  • apps/i2ptunnel/java/src/net/i2p/i2ptunnel/TunnelController.java

    r2284c96 r6ca0c54  
    8585    public static final String TYPE_STD_CLIENT = "client";
    8686    public static final String TYPE_STD_SERVER = "server";
     87    /** Client in the UI and I2P side but a server on the localhost side */
    8788    public static final String TYPE_STREAMR_CLIENT = "streamrclient";
     89    /** Server in the UI and I2P side but a client on the localhost side */
    8890    public static final String TYPE_STREAMR_SERVER = "streamrserver";
     91
     92    /**
     93     *  This is guaranteed to be available.
     94     *  @since 0.9.17
     95     */
     96    public static final SigType PREFERRED_SIGTYPE = SigType.ECDSA_SHA256_P256.isAvailable() ?
     97                                                    SigType.ECDSA_SHA256_P256 :
     98                                                    SigType.DSA_SHA1;
     99
    89100
    90101    /**
     
    126137    private boolean createPrivateKey() {
    127138        I2PClient client = I2PClientFactory.createClient();
    128         String filename = getPrivKeyFile();
    129         if ( (filename == null) || (filename.trim().length() <= 0) ) {
     139        File keyFile = getPrivateKeyFile();
     140        if (keyFile == null) {
    130141            log("No filename specified for the private key");
    131142            return false;
    132143        }
    133144       
    134         File keyFile = new File(getPrivKeyFile());
    135         if (!keyFile.isAbsolute())
    136             keyFile = new File(I2PAppContext.getGlobalContext().getConfigDir(), getPrivKeyFile());
    137145        if (keyFile.exists()) {
    138146            //log("Not overwriting existing private keys in " + keyFile.getAbsolutePath());
     
    146154        try {
    147155            fos = new SecureFileOutputStream(keyFile);
    148             SigType stype = I2PClient.DEFAULT_SIGTYPE;
     156            SigType stype = PREFERRED_SIGTYPE;
    149157            String st = _config.getProperty(OPT_SIG_TYPE);
    150158            if (st != null) {
    151159                SigType type = SigType.parseSigType(st);
    152                 if (type != null)
     160                if (type != null && type.isAvailable())
    153161                    stype = type;
    154162                else
     
    587595            }
    588596            // same default logic as in EditBean.getSigType()
    589             if ((type.equals(TYPE_IRC_CLIENT) || type.equals(TYPE_STD_CLIENT) || type.equals(TYPE_SOCKS_IRC))
    590                 && !Boolean.valueOf(getSharedClient())) {
    591                 if (!_config.containsKey(OPT_SIG_TYPE) &&
    592                     SigType.ECDSA_SHA256_P256.isAvailable())
    593                     _config.setProperty(OPT_SIG_TYPE, "ECDSA_SHA256_P256");
     597            if (!isClient(type) ||
     598                ((type.equals(TYPE_IRC_CLIENT) || type.equals(TYPE_STD_CLIENT) ||
     599                  type.equals(TYPE_SOCKS_IRC) || type.equals(TYPE_STREAMR_CLIENT))
     600                 && !Boolean.valueOf(getSharedClient()))) {
     601                if (!_config.containsKey(OPT_SIG_TYPE))
     602                    _config.setProperty(OPT_SIG_TYPE, PREFERRED_SIGTYPE.name());
    594603            }
    595604        }
     
    642651
    643652    /**
     653     *  Is it a client or server in the UI and I2P side?
     654     *  Note that a streamr client is a UI and I2P client but a server on the localhost side.
     655     *  Note that a streamr server is a UI and I2P server but a client on the localhost side.
     656     *
     657     *  @since 0.9.17
     658     */
     659    public boolean isClient() {
     660        return isClient(getType());
     661    }
     662
     663    /**
     664     *  Is it a client or server in the UI and I2P side?
     665     *  Note that a streamr client is a UI and I2P client but a server on the localhost side.
     666     *  Note that a streamr server is a UI and I2P server but a client on the localhost side.
     667     *
     668     *  @since 0.9.17 moved from IndexBean
     669     */
     670    public static boolean isClient(String type) {
     671        return TYPE_STD_CLIENT.equals(type) ||
     672               TYPE_HTTP_CLIENT.equals(type) ||
     673               TYPE_SOCKS.equals(type) ||
     674               TYPE_SOCKS_IRC.equals(type) ||
     675               TYPE_CONNECT.equals(type) ||
     676               TYPE_STREAMR_CLIENT.equals(type) ||
     677               TYPE_IRC_CLIENT.equals(type);
     678    }
     679
     680    /**
    644681     *  These are the ones with a prefix of "option."
    645682     *
     
    665702    public String getTargetPort() { return _config.getProperty(PROP_TARGET_PORT); }
    666703    public String getSpoofedHost() { return _config.getProperty(PROP_SPOOFED_HOST); }
     704
     705    /**
     706     *  Probably not absolute. May be null. getPrivateKeyFile() recommended.
     707     */
    667708    public String getPrivKeyFile() { return _config.getProperty(PROP_FILE); }
     709
    668710    public String getListenPort() { return _config.getProperty(PROP_LISTEN_PORT); }
    669711    public String getTargetDestination() { return _config.getProperty(PROP_DEST); }
     
    675717    public boolean getPersistentClientKey() { return Boolean.parseBoolean(_config.getProperty(OPT_PERSISTENT)); }
    676718
     719    /**
     720     *  Does not necessarily exist.
     721     *  @return absolute path or null if unset
     722     *  @since 0.9.17
     723     */
     724    public File getPrivateKeyFile() {
     725        String f = getPrivKeyFile();
     726        if (f == null)
     727            return null;
     728        f = f.trim();
     729        if (f.length() == 0)
     730            return null;
     731        File rv = new File(f);
     732        if (!rv.isAbsolute())
     733            rv = new File(I2PAppContext.getGlobalContext().getConfigDir(), f);
     734        return rv;
     735    }
     736
     737    /**
     738     *  Returns null if not running.
     739     *  @return Base64 or null
     740     */
    677741    public String getMyDestination() {
     742        Destination dest = getDestination();
     743        if (dest != null)
     744            return dest.toBase64();
     745        return null;
     746    }
     747   
     748    /**
     749     *  Returns null if not running.
     750     *  @return "{52 chars}.b32.i2p" or null
     751     */
     752    public String getMyDestHashBase32() {
     753        Destination dest = getDestination();
     754        if (dest != null)
     755            return dest.toBase32();
     756        return null;
     757    }
     758   
     759    /**
     760     *  Returns null if not running.
     761     *  @return Destination or null
     762     *  @since 0.9.17
     763     */
     764    public Destination getDestination() {
    678765        if (_tunnel != null) {
    679766            List<I2PSession> sessions = _tunnel.getSessions();
     
    682769                Destination dest = session.getMyDestination();
    683770                if (dest != null)
    684                     return dest.toBase64();
    685             }
    686         }
    687         return null;
    688     }
    689    
    690     /**
    691      *  @return "{52 chars}.b32.i2p" or null
    692      */
    693     public String getMyDestHashBase32() {
    694         if (_tunnel != null) {
    695             List<I2PSession> sessions = _tunnel.getSessions();
    696             for (int i = 0; i < sessions.size(); i++) {
    697                 I2PSession session = sessions.get(i);
    698                 Destination dest = session.getMyDestination();
    699                 if (dest != null)
    700                     return dest.toBase32();
     771                    return dest;
    701772            }
    702773        }
  • apps/i2ptunnel/java/src/net/i2p/i2ptunnel/web/EditBean.java

    r2284c96 r6ca0c54  
    4242    public EditBean() { super(); }
    4343   
     44    /**
     45     *  Is it a client or server in the UI and I2P side?
     46     *  Note that a streamr client is a UI and I2P client but a server on the localhost side.
     47     *  Note that a streamr server is a UI and I2P server but a client on the localhost side.
     48     */
    4449    public static boolean staticIsClient(int tunnel) {
    4550        TunnelControllerGroup group = TunnelControllerGroup.getInstance();
     
    191196        boolean isShared;
    192197        if (tunnel >= 0) {
     198            Destination d = getDestination(tunnel);
     199            if (d != null) {
     200                type = d.getSigType();
     201                if (type != null)
     202                    return type.getCode();
     203            }
    193204            String stype = getProperty(tunnel, I2PClient.PROP_SIGTYPE, null);
    194205            type = stype != null ? SigType.parseSigType(stype) : null;
     
    202213        if (type == null) {
    203214            // same default logic as in TunnelController.setConfig()
    204             if ((TunnelController.TYPE_IRC_CLIENT.equals(ttype) ||
    205                  TunnelController.TYPE_SOCKS_IRC.equals(ttype) ||
    206                  TunnelController.TYPE_STD_CLIENT.equals(ttype)) &&
    207                 !isShared &&
    208                 SigType.ECDSA_SHA256_P256.isAvailable())
    209                 type = SigType.ECDSA_SHA256_P256;
     215            if ((!TunnelController.isClient(ttype) ||
     216                ((TunnelController.TYPE_IRC_CLIENT.equals(ttype) ||
     217                  TunnelController.TYPE_SOCKS_IRC.equals(ttype) ||
     218                  TunnelController.TYPE_STREAMR_CLIENT.equals(ttype) ||
     219                  TunnelController.TYPE_STD_CLIENT.equals(ttype)) &&
     220                 !isShared)))
     221                type = TunnelController.PREFERRED_SIGTYPE;
    210222            else
    211223                type = SigType.DSA_SHA1;
  • apps/i2ptunnel/java/src/net/i2p/i2ptunnel/web/IndexBean.java

    r2284c96 r6ca0c54  
    468468    }
    469469   
     470    /**
     471     *  Is it a client or server in the UI and I2P side?
     472     *  Note that a streamr client is a UI and I2P client but a server on the localhost side.
     473     *  Note that a streamr server is a UI and I2P server but a client on the localhost side.
     474     */
    470475    public boolean isClient(int tunnelNum) {
    471476        TunnelController cur = getController(tunnelNum);
    472477        if (cur == null) return false;
    473         return isClient(cur.getType());
    474     }
    475 
     478        return cur.isClient();
     479    }
     480
     481    /**
     482     *  Is it a client or server in the UI and I2P side?
     483     *  Note that a streamr client is a UI and I2P client but a server on the localhost side.
     484     *  Note that a streamr server is a UI and I2P server but a client on the localhost side.
     485     */
    476486    public static boolean isClient(String type) {
    477         return ( (TunnelController.TYPE_STD_CLIENT.equals(type)) ||
    478                         (TunnelController.TYPE_HTTP_CLIENT.equals(type)) ||
    479                         (TunnelController.TYPE_SOCKS.equals(type)) ||
    480                         (TunnelController.TYPE_SOCKS_IRC.equals(type)) ||
    481                         (TunnelController.TYPE_CONNECT.equals(type)) ||
    482                         (TunnelController.TYPE_STREAMR_CLIENT.equals(type)) ||
    483                         (TunnelController.TYPE_IRC_CLIENT.equals(type)));
     487        return TunnelController.isClient(type);
    484488    }
    485489   
     
    658662    }
    659663   
    660     public String getDestinationBase64(int tunnel) {
     664    /**
     665     *  Works even if tunnel is not running.
     666     *  @return Destination or null
     667     *  @since 0.9.17
     668     */
     669    protected Destination getDestination(int tunnel) {
    661670        TunnelController tun = getController(tunnel);
    662671        if (tun != null) {
    663             String rv = tun.getMyDestination();
     672            Destination rv = tun.getDestination();
    664673            if (rv != null)
    665674                return rv;
    666675            // if not running, do this the hard way
    667             String keyFile = tun.getPrivKeyFile();
    668             if (keyFile != null && keyFile.trim().length() > 0) {
     676            File keyFile = tun.getPrivateKeyFile();
     677            if (keyFile != null) {
    669678                PrivateKeyFile pkf = new PrivateKeyFile(keyFile);
    670679                try {
    671                     Destination d = pkf.getDestination();
    672                     if (d != null)
    673                         return d.toBase64();
     680                    rv = pkf.getDestination();
     681                    if (rv != null)
     682                        return rv;
    674683                } catch (Exception e) {}
    675684            }
    676685        }
     686        return null;
     687    }
     688   
     689    /**
     690     *  Works even if tunnel is not running.
     691     *  @return Base64 or ""
     692     */
     693    public String getDestinationBase64(int tunnel) {
     694        Destination d = getDestination(tunnel);
     695        if (d != null)
     696            return d.toBase64();
    677697        return "";
    678698    }
    679699   
    680700    /**
     701     *  Works even if tunnel is not running.
    681702     *  @return "{52 chars}.b32.i2p" or ""
    682703     */
    683704    public String getDestHashBase32(int tunnel) {
    684         TunnelController tun = getController(tunnel);
    685         if (tun != null) {
    686             String rv = tun.getMyDestHashBase32();
    687             if (rv != null)
    688                 return rv;
    689         }
     705        Destination d = getDestination(tunnel);
     706        if (d != null)
     707            return d.toBase32();
    690708        return "";
    691709    }
  • core/java/src/net/i2p/data/KeysAndCert.java

    r2284c96 r6ca0c54  
    1717
    1818import net.i2p.crypto.SHA256Generator;
     19import net.i2p.crypto.SigType;
    1920
    2021/**
     
    5051            throw new IllegalStateException();
    5152        _certificate = cert;
     53    }
     54
     55    /**
     56     *  @return null if not set or unknown
     57     *  @since 0.9.17
     58     */
     59    public SigType getSigType() {
     60        if (_certificate == null)
     61            return null;
     62        if (_certificate.getCertificateType() == Certificate.CERTIFICATE_TYPE_KEY) {
     63            try {
     64                KeyCertificate kcert = _certificate.toKeyCertificate();
     65                return kcert.getSigType();
     66            } catch (DataFormatException dfe) {}
     67        }
     68        return SigType.DSA_SHA1;
    5269    }
    5370
  • installer/resources/i2ptunnel.config

    r2284c96 r6ca0c54  
    9292tunnel.3.option.inbound.nickname=eepsite
    9393tunnel.3.option.outbound.nickname=eepsite
     94tunnel.3.option.i2cp.destination.sigType=ECDSA_SHA256_P256
    9495tunnel.3.option.inbound.length=3
    9596tunnel.3.option.inbound.lengthVariance=0
Note: See TracChangeset for help on using the changeset viewer.