Changeset 975378b2


Ignore:
Timestamp:
Aug 21, 2014 12:21:29 PM (6 years ago)
Author:
zzz <zzz@…>
Branches:
master
Children:
c921ecc
Parents:
915e003
Message:
  • i2ptunnel:
    • Add local SSL support for std. and IRC client tunnels (ticket #1107) Keystore goes in ~/.i2p/keystore; pubkey cert goes in ~/.i2p/certificates/i2ptunnel
    • Escape messages to index page
    • Show message for uncaught exception
Files:
1 added
6 edited

Legend:

Unmodified
Added
Removed
  • apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelClientBase.java

    r915e003 r975378b2  
    2525import java.util.concurrent.atomic.AtomicLong;
    2626
     27import javax.net.ssl.SSLServerSocketFactory;
     28
    2729import net.i2p.I2PAppContext;
    2830import net.i2p.I2PException;
     
    8688    private static int _executorThreadCount;
    8789    private static final Object _executorLock = new Object();
     90
     91    public static final String PROP_USE_SSL = I2PTunnelServer.PROP_USE_SSL;
    8892
    8993    /**
     
    600604                return;
    601605            }
    602             ss = new ServerSocket(localPort, 0, addr);
     606            Properties opts = getTunnel().getClientOptions();
     607            boolean useSSL = Boolean.parseBoolean(opts.getProperty(PROP_USE_SSL));
     608            if (useSSL) {
     609                // was already done in web/IndexBean.java when saving the config
     610                boolean wasCreated = SSLClientUtil.verifyKeyStore(opts);
     611                if (wasCreated) {
     612                    // From here, we can't save the config.
     613                    // We shouldn't get here, as SSL isn't the default, so it would
     614                    // be enabled via the GUI only.
     615                    // If it was done manually, the keys will be regenerated at every startup,
     616                    // which is bad.
     617                    _log.logAlways(Log.WARN, "Created new i2ptunnel SSL keys but can't save the config, disable and enable via i2ptunnel GUI");
     618                }
     619                SSLServerSocketFactory fact = SSLClientUtil.initializeFactory(opts);
     620                ss = fact.createServerSocket(localPort, 0, addr);
     621            } else {
     622                ss = new ServerSocket(localPort, 0, addr);
     623            }
    603624
    604625            // If a free port was requested, find out what we got
  • apps/i2ptunnel/java/src/net/i2p/i2ptunnel/web/IndexBean.java

    r915e003 r975378b2  
    2727import net.i2p.client.I2PClient;
    2828import net.i2p.data.Certificate;
     29import net.i2p.data.DataHelper;
    2930import net.i2p.data.Destination;
    3031import net.i2p.data.PrivateKeyFile;
    3132import net.i2p.data.SessionKey;
     33import net.i2p.i2ptunnel.I2PTunnelClientBase;
    3234import net.i2p.i2ptunnel.I2PTunnelConnectClient;
    3335import net.i2p.i2ptunnel.I2PTunnelHTTPClient;
     
    3638import net.i2p.i2ptunnel.I2PTunnelIRCClient;
    3739import net.i2p.i2ptunnel.I2PTunnelServer;
     40import net.i2p.i2ptunnel.SSLClientUtil;
    3841import net.i2p.i2ptunnel.TunnelController;
    3942import net.i2p.i2ptunnel.TunnelControllerGroup;
     
    256259        try { Thread.sleep(1000); } catch (InterruptedException ie) {}
    257260        // and give them something to look at in any case
    258         return _("Starting tunnel") + ' ' + getTunnelName(_tunnel) + "&hellip;";
     261        return _("Starting tunnel") + ' ' + getTunnelName(_tunnel) + "...";
    259262    }
    260263   
     
    269272        try { Thread.sleep(1000); } catch (InterruptedException ie) {}
    270273        // and give them something to look at in any case
    271         return _("Stopping tunnel") + ' ' + getTunnelName(_tunnel) + "&hellip;";
     274        return _("Stopping tunnel") + ' ' + getTunnelName(_tunnel) + "...";
    272275    }
    273276   
     
    277280       
    278281        Properties config = getConfig();
    279        
     282
     283        String ksMsg = null;
     284        String type = config.getProperty(TunnelController.PROP_TYPE);
     285        if (TunnelController.TYPE_STD_CLIENT.equals(type) || TunnelController.TYPE_IRC_CLIENT.equals(type)) {
     286            //
     287            // If we switch to SSL, create the keystore here, so we can store the new properties.
     288            // Down in I2PTunnelClientBase it's very hard to save the config.
     289            //
     290            if (Boolean.parseBoolean(config.getProperty(OPT + I2PTunnelClientBase.PROP_USE_SSL))) {
     291                try {
     292                    boolean created = SSLClientUtil.verifyKeyStore(config, OPT);
     293                    if (created) {
     294                        // config now contains new keystore props
     295                        ksMsg = "Created new self-signed certificate for tunnel " + getTunnelName(_tunnel);
     296                    }       
     297                } catch (IOException ioe) {       
     298                    ksMsg = "Failed to create new self-signed certificate for tunnel " +
     299                            getTunnelName(_tunnel) + ", check logs: " + ioe;
     300                }       
     301            }       
     302        }       
    280303        if (cur == null) {
    281304            // creating new
     
    328351       
    329352        List<String> msgs = doSave();
     353        if (ksMsg != null)
     354            msgs.add(ksMsg);
    330355        return getMessages(msgs);
    331356    }
     
    398423     * messages.
    399424     *
     425     * @return HTML escaped
    400426     */
    401427    public String getMessages() {
     
    406432        if (_action != null) {
    407433            try {
    408                 buf.append(processAction()).append("\n");
     434                buf.append(processAction()).append('\n');
    409435            } catch (Exception e) {
    410436                _log.log(Log.CRIT, "Error processing " + _action, e);
     437                buf.append("Error: ").append(e.toString()).append('\n');
    411438            }
    412439        }
    413440        getMessages(_group.clearAllMessages(), buf);
    414         return buf.toString();
     441        return DataHelper.escapeHTML(buf.toString());
    415442    }
    416443   
     
    12941321        };
    12951322    private static final String _booleanClientOpts[] = {
    1296         "i2cp.reduceOnIdle", "i2cp.closeOnIdle", "i2cp.newDestOnResume", "persistentClientKey", "i2cp.delayOpen"
     1323        "i2cp.reduceOnIdle", "i2cp.closeOnIdle", "i2cp.newDestOnResume", "persistentClientKey", "i2cp.delayOpen",
     1324        I2PTunnelClientBase.PROP_USE_SSL,
    12971325        };
    12981326    private static final String _booleanProxyOpts[] = {
  • apps/i2ptunnel/jsp/editClient.jsp

    r915e003 r975378b2  
    141141         <% } /* streamrclient */ %>
    142142            </div>
     143         <% if ("client".equals(tunnelType) || "ircclient".equals(tunnelType)) {
     144          %><div id="portField" class="rowItem">
     145                <label>
     146                    <%=intl._("Use SSL?")%>
     147                </label>
     148                <input value="1" type="checkbox" id="startOnLoad" name="useSSL" title="Clients use SSL to connect" <%=(editBean.isSSLEnabled(curTunnel) ? " checked=\"checked\"" : "")%> class="tickbox" />               
     149            </div>
     150         <% } /* tunnel types */ %>
    143151
    144152            <div class="subdivider">
  • apps/i2ptunnel/jsp/index.jsp

    r915e003 r975378b2  
    245245               String cPort= indexBean.getClientPort2(curClient);
    246246               out.write(cPort);
     247               if (indexBean.isSSLEnabled(curClient))
     248                   out.write(" SSL");
    247249          %>
    248250            </span>
  • history.txt

    r915e003 r975378b2  
     12014-08-21 zzz
     2 * i2psnark:
     3   - Escape control chars in encodePath()
     4   - Increase max piece size to 8 MB (ticket #1347)
     5 * i2ptunnel: Add local SSL support for std. and IRC client tunnels (ticket #1107)
     6
    172014-08-19 zzz
    28 * i2psnark:
  • router/java/src/net/i2p/router/RouterVersion.java

    r915e003 r975378b2  
    1919    public final static String ID = "Monotone";
    2020    public final static String VERSION = CoreVersion.VERSION;
    21     public final static long BUILD = 7;
     21    public final static long BUILD = 8;
    2222
    2323    /** for example "-test" */
Note: See TracChangeset for help on using the changeset viewer.