marek/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Packages Projects Releases Wiki Activity

i2ptunnel: Strip server Date header

Browse Source 
More efficient header checks
Jetty config tweaks
This commit is contained in:
zzz
2018-03-10 16:56:59 +00:00
parent fe808a8800
commit e7c2162874
4 changed files with 22 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelHTTPServer.java
View File

@@ -66,13 +66,18 @@ public class I2PTunnelHTTPServer extends I2PTunnelServer {
private static final String HASH_HEADER = "X-I2P-DestHash"; private static final String HASH_HEADER = "X-I2P-DestHash";
private static final String DEST64_HEADER = "X-I2P-DestB64"; private static final String DEST64_HEADER = "X-I2P-DestB64";
private static final String DEST32_HEADER = "X-I2P-DestB32"; private static final String DEST32_HEADER = "X-I2P-DestB32";
private static final String[] CLIENT_SKIPHEADERS = {HASH_HEADER, DEST64_HEADER, DEST32_HEADER}; /** MUST ALL BE LOWER CASE */
private static final String SERVER_HEADER = "Server"; private static final String[] CLIENT_SKIPHEADERS = {HASH_HEADER.toLowerCase(Locale.US),
private static final String X_POWERED_BY_HEADER = "X-Powered-By"; DEST64_HEADER.toLowerCase(Locale.US),
private static final String X_RUNTIME_HEADER = "X-Runtime"; // Rails DEST32_HEADER.toLowerCase(Locale.US)};
private static final String DATE_HEADER = "date";
private static final String SERVER_HEADER = "server";
private static final String X_POWERED_BY_HEADER = "x-powered-by";
private static final String X_RUNTIME_HEADER = "x-runtime"; // Rails
// https://httpoxy.org // https://httpoxy.org
private static final String PROXY_HEADER = "Proxy"; private static final String PROXY_HEADER = "proxy";
private static final String[] SERVER_SKIPHEADERS = {SERVER_HEADER, X_POWERED_BY_HEADER, X_RUNTIME_HEADER, PROXY_HEADER}; /** MUST ALL BE LOWER CASE */
private static final String[] SERVER_SKIPHEADERS = {DATE_HEADER, SERVER_HEADER, X_POWERED_BY_HEADER, X_RUNTIME_HEADER, PROXY_HEADER};
/** timeout for first request line */ /** timeout for first request line */
private static final long HEADER_TIMEOUT = 15*1000; private static final long HEADER_TIMEOUT = 15*1000;
/** total timeout for the request and all the headers */ /** total timeout for the request and all the headers */
@@ -951,6 +956,7 @@ public class I2PTunnelHTTPServer extends I2PTunnelServer {
* @param socket if null, use in as InputStream * @param socket if null, use in as InputStream
* @param in if null, use socket.getInputStream() as InputStream * @param in if null, use socket.getInputStream() as InputStream
* @param command out parameter, first line * @param command out parameter, first line
* @param skipHeaders MUST be lower case
* @throws SocketTimeoutException if timeout is reached before newline * @throws SocketTimeoutException if timeout is reached before newline
* @throws EOFException if EOF is reached before newline * @throws EOFException if EOF is reached before newline
* @throws LineTooLongException if one header too long, or too many headers, or total size too big * @throws LineTooLongException if one header too long, or too many headers, or total size too big
@@ -1039,7 +1045,7 @@ public class I2PTunnelHTTPServer extends I2PTunnelServer {
// For outgoing, we remove certain headers to improve anonymity. // For outgoing, we remove certain headers to improve anonymity.
boolean skip = false; boolean skip = false;
for (String skipHeader: skipHeaders) { for (String skipHeader: skipHeaders) {
if (skipHeader.toLowerCase(Locale.US).equals(lcName)) { if (skipHeader.equals(lcName)) {
skip = true; skip = true;
break; break;
} }

5
installer/resources/eepsite/contexts/base-context.xml
View File

@@ -15,6 +15,11 @@ to serve static html files and images.
<Arg>org.eclipse.jetty.servlet.Default.cacheControl</Arg> <Arg>org.eclipse.jetty.servlet.Default.cacheControl</Arg>
<Arg>max-age=3600,public</Arg> <Arg>max-age=3600,public</Arg>
</Call> </Call>
<!-- change to true to allow directory listings -->
<Call name="setInitParameter">
<Arg>org.eclipse.jetty.servlet.Default.dirAllowed</Arg>
<Arg>false</Arg>
</Call>
<Call name="setMimeTypes"> <Call name="setMimeTypes">
<Arg> <Arg>
<New class="org.eclipse.jetty.http.MimeTypes"> <New class="org.eclipse.jetty.http.MimeTypes">

3
installer/resources/eepsite/jetty-ssl.xml
View File

@@ -269,7 +269,8 @@
<Arg> <Arg>
<New class="org.eclipse.jetty.server.HttpConfiguration"> <New class="org.eclipse.jetty.server.HttpConfiguration">
<Set name="sendServerVersion">false</Set> <Set name="sendServerVersion">false</Set>
<Set name="sendDateHeader">true</Set> <Set name="sendDateHeader">false</Set>
<Set name="sendXPoweredBy">false</Set>
</New> </New>
</Arg> </Arg>
</New> </New>

3
installer/resources/eepsite/jetty.xml
View File

@@ -117,7 +117,8 @@
<Arg> <Arg>
<New class="org.eclipse.jetty.server.HttpConfiguration"> <New class="org.eclipse.jetty.server.HttpConfiguration">
<Set name="sendServerVersion">false</Set> <Set name="sendServerVersion">false</Set>
<Set name="sendDateHeader">true</Set> <Set name="sendDateHeader">false</Set>
<Set name="sendXPoweredBy">false</Set>
</New> </New>
</Arg> </Arg>
</New> </New>