From e1c533e9ded1f82ca7726fd3ecfb8c5c0be80c0f Mon Sep 17 00:00:00 2001 From: str4d Date: Mon, 8 Apr 2013 22:44:58 +0000 Subject: [PATCH 1/7] Fixed path to start.ico --- installer/c/i2pExe/I2P.rc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/installer/c/i2pExe/I2P.rc b/installer/c/i2pExe/I2P.rc index 325d48943..6c0bfa839 100644 --- a/installer/c/i2pExe/I2P.rc +++ b/installer/c/i2pExe/I2P.rc @@ -94,7 +94,7 @@ END // Icon with lowest ID value placed first to ensure application icon // remains consistent on all systems. -IDI_ICON1 ICON "start.ico" +IDI_ICON1 ICON "../../resources/start.ico" #endif // English (U.S.) resources ///////////////////////////////////////////////////////////////////////////// From 1eda9e9053c029dcecc2edeb8461df68a69dba01 Mon Sep 17 00:00:00 2001 From: zzz Date: Wed, 10 Apr 2013 17:01:54 +0000 Subject: [PATCH 2/7] set ethertype to IPv4 --- .../java/src/net/i2p/client/streaming/PcapWriter.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/streaming/java/src/net/i2p/client/streaming/PcapWriter.java b/apps/streaming/java/src/net/i2p/client/streaming/PcapWriter.java index a5020cccd..1eee76190 100644 --- a/apps/streaming/java/src/net/i2p/client/streaming/PcapWriter.java +++ b/apps/streaming/java/src/net/i2p/client/streaming/PcapWriter.java @@ -49,10 +49,10 @@ public class PcapWriter { 0, 2, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, (byte) 0xff, (byte) 0xff, 0, 0, 0, 1 }; - /** dummy macs and ethertype */ + /** dummy macs, IPv4 ethertype */ private static final byte[] MAC_HEADER = { 1, 2, 3, 4, 5, 6, 1, 2, 3, 4, 5, 6, - (byte) 0x80, 0 }; + (byte) 0x08, 0 }; private static final byte[] IP_HEADER_1 = { 0x45, 0 }; // the length goes after this private static final byte[] IP_HEADER_2 = { 0x12, 0x34, 0x40, 0, 64, 6 }; // ID, flags, TTL and TCP private static final byte[] UNK_IP = { (byte) 0xff, 0, 0, 0}; From 13633a0532ccec3b8a65e98f321cd733867cdfe5 Mon Sep 17 00:00:00 2001 From: zzz Date: Wed, 10 Apr 2013 17:03:15 +0000 Subject: [PATCH 3/7] remove debug id --- core/java/src/net/i2p/crypto/ElGamalAESEngine.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/core/java/src/net/i2p/crypto/ElGamalAESEngine.java b/core/java/src/net/i2p/crypto/ElGamalAESEngine.java index 52254c281..c5fe75778 100644 --- a/core/java/src/net/i2p/crypto/ElGamalAESEngine.java +++ b/core/java/src/net/i2p/crypto/ElGamalAESEngine.java @@ -105,20 +105,19 @@ public class ElGamalAESEngine { boolean wasExisting = false; if (key != null) { //if (_log.shouldLog(Log.DEBUG)) _log.debug("Key is known for tag " + st); - long id = _context.random().nextLong(); if (_log.shouldLog(Log.DEBUG)) - _log.debug(id + ": Decrypting existing session encrypted with tag: " + st.toString() + ": key: " + key.toBase64() + ": " + data.length + " bytes " /* + Base64.encode(data, 0, 64) */ ); + _log.debug("Decrypting existing session encrypted with tag: " + st.toString() + ": key: " + key.toBase64() + ": " + data.length + " bytes " /* + Base64.encode(data, 0, 64) */ ); decrypted = decryptExistingSession(data, key, targetPrivateKey, foundTags, usedKey, foundKey); if (decrypted != null) { _context.statManager().updateFrequency("crypto.elGamalAES.decryptExistingSession"); if ( (!foundTags.isEmpty()) && (_log.shouldLog(Log.DEBUG)) ) - _log.debug(id + ": ElG/AES decrypt success with " + st + ": found tags: " + foundTags); + _log.debug("ElG/AES decrypt success with " + st + ": found tags: " + foundTags); wasExisting = true; } else { _context.statManager().updateFrequency("crypto.elGamalAES.decryptFailed"); if (_log.shouldLog(Log.WARN)) { - _log.warn(id + ": ElG decrypt fail: known tag [" + st + "], failed decrypt"); + _log.warn("ElG decrypt fail: known tag [" + st + "], failed decrypt"); } } } else { @@ -568,6 +567,7 @@ public class ElGamalAESEngine { * - random bytes, padding the total size to greater than paddedSize with a mod 16 = 0 * * + * @param target unused, this is AES encrypt only using the session key and tag * @param tagsForDelivery session tags to be associated with the key or null; * 200 max enforced at receiver */ From 1222776da3989ac7536908451b2848818bf11ecb Mon Sep 17 00:00:00 2001 From: zzz Date: Wed, 10 Apr 2013 17:04:07 +0000 Subject: [PATCH 4/7] tweak proxy error page --- installer/resources/proxy/dnfh-header.ht | 8 ++++---- installer/resources/proxy/dnfh-header_de.ht | 4 ++-- installer/resources/proxy/dnfh-header_fr.ht | 8 ++++---- installer/resources/proxy/dnfh-header_nl.ht | 8 ++++---- installer/resources/proxy/dnfh-header_ru.ht | 2 +- installer/resources/proxy/dnfh-header_zh.ht | 8 ++++---- 6 files changed, 19 insertions(+), 19 deletions(-) diff --git a/installer/resources/proxy/dnfh-header.ht b/installer/resources/proxy/dnfh-header.ht index 126c93f25..936fde514 100644 --- a/installer/resources/proxy/dnfh-header.ht +++ b/installer/resources/proxy/dnfh-header.ht @@ -19,10 +19,10 @@ Proxy-Connection: close

Warning: Eepsite Not Found in Addressbook

The eepsite was not found in your router's addressbook. -Check the link or find a BASE64 address. -If you have the BASE64 address, paste it into your userhosts.txt using -SusiDNS, -use a BASE64 address helper, or use a jump service link below. +Check the link or find a Base 32 or Base 64 address. +If you have the Base 64 address, +add it to your addressbook. +Otherwise, find a Base 32 or address helper link, or use a jump service link below.

Seeing this page often? See the FAQ diff --git a/installer/resources/proxy/dnfh-header_de.ht b/installer/resources/proxy/dnfh-header_de.ht index 9f9413424..70016a619 100644 --- a/installer/resources/proxy/dnfh-header_de.ht +++ b/installer/resources/proxy/dnfh-header_de.ht @@ -20,8 +20,8 @@ Proxy-Connection: close

Die Eepseite konnte nicht im Adressbuch des Routers gefunden werden. Überprüfen Sie den Link oder finden Sie eine BASIS64-Adresse! -Wenn Sie eine BASIS64-Adresse haben, fügen Sie diese unter folgendem Link zu Ihrer userhosts.txt hinzu: -SusiDNS, +Wenn Sie eine BASIS64-Adresse haben, fügen Sie diese unter folgendem Link zu Ihrer hosts.txt hinzu: +SusiDNS, benutzen Sie einen BASIS64-Adresshelfer oder einen der folgenden Sprungdienste:

diff --git a/installer/resources/proxy/dnfh-header_fr.ht b/installer/resources/proxy/dnfh-header_fr.ht index c24e2d6bf..0c03e0f97 100644 --- a/installer/resources/proxy/dnfh-header_fr.ht +++ b/installer/resources/proxy/dnfh-header_fr.ht @@ -19,10 +19,10 @@ Proxy-Connection: close

Avertissement I2P: site eep non trouvé dans le carnet d'adresses

Le site eep n'était pas dans le carnet d'adresses de votre routeur. -Vérifiez le lien ou trouvez l'adresse BASE64. -Si vous avez l'adresse BASE64, reportez-la dans votre fichier userhosts.txt en passant par -SusiDNS, -utilisez un lien d'adresse BASE64, ou un service de saut (jump) en lien ci-dessous. +Vérifiez le lien ou trouvez l'adresse Base 64. +Si vous avez l'adresse Base 64, reportez-la dans votre fichier hosts.txt en passant par +SusiDNS, +utilisez un lien d'adresse Base 64, ou un service de saut (jump) en lien ci-dessous.

Si vous voyez cette page souvent: lisez la faq pour obtenir diff --git a/installer/resources/proxy/dnfh-header_nl.ht b/installer/resources/proxy/dnfh-header_nl.ht index 296a62ddd..f2a3d1d19 100644 --- a/installer/resources/proxy/dnfh-header_nl.ht +++ b/installer/resources/proxy/dnfh-header_nl.ht @@ -19,10 +19,10 @@ Proxy-Connection: close

Waarschuwing: Eepsite Niet Gevonden in Adresboek

De eepsite was niet gevonden in je router's adresboek. -Controlleer de link of zoek een BASE64 adres. -Indien je een BASE64 adres hebt, plak het in je userhosts.txt via -SusiDNS, -gebruikt een BASE64 adres helper, of gebruik een jump service link hieronder. +Controlleer de link of zoek een Base 64 adres. +Indien je een Base 64 adres hebt, plak het in je hosts.txt via +SusiDNS, +gebruikt een Base 64 adres helper, of gebruik een jump service link hieronder.

Zie je deze pagina vaak? Lees de FAQ diff --git a/installer/resources/proxy/dnfh-header_ru.ht b/installer/resources/proxy/dnfh-header_ru.ht index 0e3419559..e7bc4c24b 100644 --- a/installer/resources/proxy/dnfh-header_ru.ht +++ b/installer/resources/proxy/dnfh-header_ru.ht @@ -25,7 +25,7 @@ Proxy-Connection: close Попробуйте воспользоваться jump-сервисами (блок ссылок в конце этой страницы). Если кто-то уже добавил этот сайт в jump-сервис, Вы получите addresshelper-ссылку, по которой сможете перейти на сайт.

-Если ни один из jump-сервисов не помог, попробуйте найти BASE64-адрес этого сайта. Добавьте BASE64-адрес в Ваш файл userhosts.txt используя SusiDNS. +Если ни один из jump-сервисов не помог, попробуйте найти Base 64-адрес этого сайта. Добавьте Base 64-адрес в Ваш файл hosts.txt используя SusiDNS.

Часто видите эту страницу? Загляните в соответствующий раздел FAQ за помощью по настройке автоматической подписки на адреса новых сайтов. diff --git a/installer/resources/proxy/dnfh-header_zh.ht b/installer/resources/proxy/dnfh-header_zh.ht index 1e65a67c1..09cbb24cd 100644 --- a/installer/resources/proxy/dnfh-header_zh.ht +++ b/installer/resources/proxy/dnfh-header_zh.ht @@ -19,10 +19,10 @@ Proxy-Connection: close

警告: 地址簿中的找不到此站点

您所访问的匿名站点(的目标密钥)不存在于您路由器的地址簿中。 -检查链接,或寻找对应的BASE64地址. -如果您知道对应的BASE64地址请通过 -SusiDNS -将其复制入您的 userhosts.txt 中,直接使用 BASE64 地址访问,或使用下面的跳转链接。

+检查链接,或寻找对应的Base 64地址. +如果您知道对应的Base 64地址请通过 +SusiDNS +将其复制入您的 hosts.txt 中,直接使用 Base 64 地址访问,或使用下面的跳转链接。

经常见到此页面? 请参见 FAQ 常见问答 中的 添加更多订阅到地址簿中

From 5962577b53b0b35843ede16db2f08b2a4d400b32 Mon Sep 17 00:00:00 2001 From: zzz Date: Wed, 10 Apr 2013 17:06:32 +0000 Subject: [PATCH 5/7] - I2NP: Ignore unused 7 bits of the Database Lookup Message, so we can use them later --- .../net/i2p/router/networkdb/HandleDatabaseLookupMessageJob.java | 1 + 1 file changed, 1 insertion(+) diff --git a/router/java/src/net/i2p/router/networkdb/HandleDatabaseLookupMessageJob.java b/router/java/src/net/i2p/router/networkdb/HandleDatabaseLookupMessageJob.java index 13f81f1e6..52f32e491 100644 --- a/router/java/src/net/i2p/router/networkdb/HandleDatabaseLookupMessageJob.java +++ b/router/java/src/net/i2p/router/networkdb/HandleDatabaseLookupMessageJob.java @@ -78,6 +78,7 @@ public class HandleDatabaseLookupMessageJob extends JobImpl { return; } + // TODO only look up once, then check type LeaseSet ls = getContext().netDb().lookupLeaseSetLocally(_message.getSearchKey()); if (ls != null) { // We have to be very careful here to decide whether or not to send out the leaseSet, From 65480456cd7333ad699daeae08154968221181f6 Mon Sep 17 00:00:00 2001 From: zzz Date: Wed, 10 Apr 2013 17:22:51 +0000 Subject: [PATCH 6/7] - I2NP: Ignore unused 7 bits of the Database Lookup Message, so we can use them later --- .../i2p/data/i2np/DatabaseLookupMessage.java | 19 ++++++------------- 1 file changed, 6 insertions(+), 13 deletions(-) diff --git a/router/java/src/net/i2p/data/i2np/DatabaseLookupMessage.java b/router/java/src/net/i2p/data/i2np/DatabaseLookupMessage.java index ca53fda9b..d889fce74 100644 --- a/router/java/src/net/i2p/data/i2np/DatabaseLookupMessage.java +++ b/router/java/src/net/i2p/data/i2np/DatabaseLookupMessage.java @@ -222,17 +222,9 @@ public class DatabaseLookupMessage extends FastI2NPMessageImpl { curIndex += Hash.HASH_LENGTH; //_fromHash = new Hash(fromData); - boolean tunnelSpecified = false; - switch (data[curIndex]) { - case DataHelper.BOOLEAN_TRUE: - tunnelSpecified = true; - break; - case DataHelper.BOOLEAN_FALSE: - tunnelSpecified = false; - break; - default: - throw new I2NPMessageException("Tunnel must be explicitly specified (or not)"); - } + // as of 0.9.6, ignore other 7 bits of the flag byte + // TODO store the whole flag byte + boolean tunnelSpecified = (data[curIndex] & 0x01) != 0; curIndex++; if (tunnelSpecified) { @@ -277,13 +269,14 @@ public class DatabaseLookupMessage extends FastI2NPMessageImpl { curIndex += Hash.HASH_LENGTH; System.arraycopy(_fromHash.getData(), 0, out, curIndex, Hash.HASH_LENGTH); curIndex += Hash.HASH_LENGTH; + // TODO allow specification of the other 7 bits of the flag byte if (_replyTunnel != null) { - out[curIndex++] = DataHelper.BOOLEAN_TRUE; + out[curIndex++] = 0x01; byte id[] = DataHelper.toLong(4, _replyTunnel.getTunnelId()); System.arraycopy(id, 0, out, curIndex, 4); curIndex += 4; } else { - out[curIndex++] = DataHelper.BOOLEAN_FALSE; + out[curIndex++] = 0x00; } if ( (_dontIncludePeers == null) || (_dontIncludePeers.isEmpty()) ) { out[curIndex++] = 0x0; From 1be0695a218deb6e6f032e4524ebcc3ab1e5113e Mon Sep 17 00:00:00 2001 From: zzz Date: Wed, 10 Apr 2013 17:23:43 +0000 Subject: [PATCH 7/7] remove extra semicolon --- .../java/src/net/i2p/i2ptunnel/HTTPResponseOutputStream.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/HTTPResponseOutputStream.java b/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/HTTPResponseOutputStream.java index abb7822ad..73dba50da 100644 --- a/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/HTTPResponseOutputStream.java +++ b/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/HTTPResponseOutputStream.java @@ -65,10 +65,12 @@ class HTTPResponseOutputStream extends FilterOutputStream { _buf1[0] = (byte)c; write(_buf1, 0, 1); } + @Override public void write(byte buf[]) throws IOException { write(buf, 0, buf.length); } + @Override public void write(byte buf[], int off, int len) throws IOException { if (_headerWritten) { @@ -181,6 +183,7 @@ class HTTPResponseOutputStream extends FilterOutputStream { _gzip = true; } else if ("proxy-authenticate".equals(lcKey)) { // filter this hop-by-hop header; outproxy authentication must be configured in I2PTunnelHTTPClient + // see e.g. http://blog.c22.cc/2013/03/11/privoxy-proxy-authentication-credential-exposure-cve-2013-2503/ } else { if ("content-length".equals(lcKey)) { // save for compress decision on server side @@ -272,7 +275,7 @@ class HTTPResponseOutputStream extends FilterOutputStream { while ( (read = _in.read(buf)) != -1) { if (_log.shouldLog(Log.DEBUG)) _log.debug("Read " + read + " and writing it to the browser/streams"); -; _out.write(buf, 0, read); + _out.write(buf, 0, read); _out.flush(); written += read; }