I2P_Developers/i2p.android.base
3
0
Fork 2
Code Issues 39 Pull Requests Actions 1 Packages Projects Releases Wiki Activity

* Plugins: Fix signature verification if router.config specifies

Browse Source 
trustedUpdateKeys (ticket #416)
This commit is contained in:
zzz
2011-02-19 19:14:05 +00:00
parent fde7b21ca4
commit 7c3af2cdd6
3 changed files with 15 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
apps/routerconsole/java/src/net/i2p/router/web/PluginUpdateHandler.java
View File

@ -213,10 +213,15 @@ public class PluginUpdateHandler extends UpdateHandler {
if (up.haveKey(pubkey)) { if (up.haveKey(pubkey)) {
// the key is already in the TrustedUpdate keyring // the key is already in the TrustedUpdate keyring
// verify the sig and verify that it is signed by the signer in the plugin.config file // verify the sig and verify that it is signed by the signer in the plugin.config file
// Allow "" as the previously-known signer
String signingKeyName = up.verifyAndGetSigner(f); String signingKeyName = up.verifyAndGetSigner(f);
if (!signer.equals(signingKeyName)) { if (!(signer.equals(signingKeyName) || "".equals(signingKeyName))) {
f.delete(); f.delete();
to.delete(); to.delete();
if (signingKeyName == null)
_log.error("Failed to verify plugin signature, corrupt plugin or bad signature, signed by: " + signer);
else
_log.error("Plugin signer \"" + signer + "\" does not match existing signer in plugin.config file \"" + signingKeyName + "\"");
statusDone("<b>" + _("Plugin signature verification of {0} failed", url) + "</b>"); statusDone("<b>" + _("Plugin signature verification of {0} failed", url) + "</b>");
return; return;
} }
@ -226,6 +231,7 @@ public class PluginUpdateHandler extends UpdateHandler {
// bad or duplicate key // bad or duplicate key
f.delete(); f.delete();
to.delete(); to.delete();
_log.error("Bad key or key mismatch - Failed to add plugin key \"" + pubkey + "\" for plugin signer \"" + signer + "\"");
statusDone("<b>" + _("Plugin signature verification of {0} failed", url) + "</b>"); statusDone("<b>" + _("Plugin signature verification of {0} failed", url) + "</b>");
return; return;
} }
@ -235,6 +241,11 @@ public class PluginUpdateHandler extends UpdateHandler {
if (!signer.equals(signingKeyName)) { if (!signer.equals(signingKeyName)) {
f.delete(); f.delete();
to.delete(); to.delete();
if (signingKeyName == null)
_log.error("Failed to verify plugin signature, corrupt plugin or bad signature, signed by: " + signer);
else
// shouldn't happen
_log.error("Plugin signer \"" + signer + "\" does not match new signer in plugin.config file \"" + signingKeyName + "\"");
statusDone("<b>" + _("Plugin signature verification of {0} failed", url) + "</b>"); statusDone("<b>" + _("Plugin signature verification of {0} failed", url) + "</b>");
return; return;
} }

2
history.txt
View File

@ -1,6 +1,8 @@
2011-02-19 zzz 2011-02-19 zzz
* I2PTunnel: Fix standalone server tunnels * I2PTunnel: Fix standalone server tunnels
http://forum.i2p/viewtopic.php?t=5376 http://forum.i2p/viewtopic.php?t=5376
* Plugins: Fix signature verification if router.config specifies
trustedUpdateKeys (ticket #416)
2011-02-18 Mathiasdm 2011-02-18 Mathiasdm
* Desktopgui now has an option to be disabled (desktopgui.enabled) * Desktopgui now has an option to be disabled (desktopgui.enabled)

2
router/java/src/net/i2p/router/RouterVersion.java
View File

@ -18,7 +18,7 @@ public class RouterVersion {
/** deprecated */ /** deprecated */
public final static String ID = "Monotone"; public final static String ID = "Monotone";
public final static String VERSION = CoreVersion.VERSION; public final static String VERSION = CoreVersion.VERSION;
public final static long BUILD = 15; public final static long BUILD = 16;
/** for example "-test" */ /** for example "-test" */
public final static String EXTRA = "-rc"; public final static String EXTRA = "-rc";