* Key certs:

- Hide setting in i2ptunnel edit pages unless advanced user - Only store LS with key certs to routers that support it
2014-01-28 14:21:54 +00:00
parent 17e63b054c
commit 28575dbdae
4 changed files with 30 additions and 0 deletions
--- a/router/java/src/net/i2p/router/networkdb/kademlia/StoreJob.java
+++ b/router/java/src/net/i2p/router/networkdb/kademlia/StoreJob.java
@@ -12,8 +12,10 @@ import java.util.ArrayList;
 import java.util.List;
 import java.util.Set;

+import net.i2p.data.Certificate;
 import net.i2p.data.DatabaseEntry;
 import net.i2p.data.Hash;
+import net.i2p.data.LeaseSet;
 import net.i2p.data.RouterInfo;
 import net.i2p.data.TunnelId;
 import net.i2p.data.i2np.DatabaseStoreMessage;
@@ -163,6 +165,12 @@ class StoreJob extends JobImpl {
                    if (_log.shouldLog(Log.INFO))
                        _log.info(getJobId() + ": Error selecting closest hash that wasnt a router! " + peer + " : " + ds);
                    _state.addSkipped(peer);
+                } else if (_state.getData().getType() == DatabaseEntry.KEY_TYPE_LEASESET &&
+                           ((LeaseSet)_state.getData()).getDestination().getCertificate().getCertificateType() == Certificate.CERTIFICATE_TYPE_KEY &&
+                           !supportsKeyCerts((RouterInfo)ds)) {
+                    if (_log.shouldLog(Log.INFO))
+                        _log.info(getJobId() + ": Skipping router that doesn't support key certs " + peer + " : " + ds);
+                    _state.addSkipped(peer);
                } else {
                    int peerTimeout = _facade.getPeerTimeout(peer);

@@ -487,6 +495,19 @@ class StoreJob extends JobImpl {
        return VersionComparator.comp(v, MIN_ENCRYPTION_VERSION) >= 0;
    }

+    private static final String MIN_KEYCERT_VERSION = "0.9.11";
+
+    /**
+     * Does he support key certs (assumed with a non-DSA key)?
+     * @since 0.9.11
+     */
+    private static boolean supportsKeyCerts(RouterInfo ri) {
+        String v = ri.getOption("router.version");
+        if (v == null)
+            return false;
+        return VersionComparator.comp(v, MIN_KEYCERT_VERSION) >= 0;
+    }
+
    /**
     * Called after sending a dbStore to a peer successfully, 
     * marking the store as successful