[freenet-cvs] r11696 - in trunk/freenet/src/freenet: keys node

Fri Feb 9 00:56:55 UTC 2007

Author: toad
Date: 2007-02-09 00:56:54 +0000 (Fri, 09 Feb 2007)
New Revision: 11696

Modified:
   trunk/freenet/src/freenet/keys/InsertableClientSSK.java
   trunk/freenet/src/freenet/node/Node.java
   trunk/freenet/src/freenet/node/NodeARKInserter.java
   trunk/freenet/src/freenet/node/NodeIPDetector.java
   trunk/freenet/src/freenet/node/PeerNode.java
Log:
Automatically replace ARK if necessary.
Keep inserting to old ARK for now.

Modified: trunk/freenet/src/freenet/keys/InsertableClientSSK.java
===================================================================

--- trunk/freenet/src/freenet/keys/InsertableClientSSK.java	2007-02-08 22:10:49 UTC (rev 11695)
+++ trunk/freenet/src/freenet/keys/InsertableClientSSK.java	2007-02-09 00:56:54 UTC (rev 11696)
@@ -233,5 +233,10 @@
 	public DSAGroup getCryptoGroup() {
 		return Global.DSAgroupBigA;
 	}
+
+	/** If true, this SSK is using the old, back compatible, insecure crypto algorithm */
+	public boolean isInsecure() {
+		return cryptoAlgorithm == Key.ALGO_INSECURE_AES_PCFB_256_SHA256;
+	}
 	
 }

Modified: trunk/freenet/src/freenet/node/Node.java
===================================================================
--- trunk/freenet/src/freenet/node/Node.java	2007-02-08 22:10:49 UTC (rev 11695)
+++ trunk/freenet/src/freenet/node/Node.java	2007-02-09 00:56:54 UTC (rev 11696)
@@ -318,6 +318,11 @@
 	InsertableClientSSK myARK;
 	/** My ARK sequence number */
 	long myARKNumber;
+	// FIXME remove old ARK support
+	/** My old ARK SSK private key */
+	InsertableClientSSK myOldARK;
+	/** My old ARK sequence number */
+	long myOldARKNumber;
 	/** FetcherContext for ARKs */
 	public final FetcherContext arkFetcherContext;
 	/** Next time to log the PeerNode status summary */
@@ -595,6 +600,11 @@
 			this.myPubKey = new DSAPublicKey(myCryptoGroup, myPrivKey);
 		}
 		InsertableClientSSK ark = null;
+		
+		// ARK
+		
+		boolean arkIsOld = false;
+		
 		String s = fs.get("ark.number");
 		
 		String privARK = fs.get("ark.privURI");
@@ -602,6 +612,7 @@
 			if(privARK != null) {
 				FreenetURI uri = new FreenetURI(privARK);
 				ark = InsertableClientSSK.create(uri);
+				arkIsOld = ark.isInsecure();
 				if(s == null) {
 					ark = null;
 				} else {
@@ -622,6 +633,40 @@
 			myARKNumber = 0;
 		}
 		this.myARK = ark;
+		
+		if(arkIsOld) {
+			myOldARKNumber = myARKNumber;
+			myOldARK = myARK;
+			myARK = InsertableClientSSK.createRandom(r, "ark");
+			myARKNumber = 0;
+		} else {
+			ark = null;
+			s = fs.get("old-ark.number");
+			privARK = fs.get("old-ark.privURI");
+			try {
+				if(privARK != null) {
+					FreenetURI uri = new FreenetURI(privARK);
+					ark = InsertableClientSSK.create(uri);
+					arkIsOld = ark.isInsecure();
+					if(s == null) {
+						ark = null;
+					} else {
+						try {
+							myOldARKNumber = Long.parseLong(s);
+						} catch (NumberFormatException e) {
+							myOldARKNumber = 0;
+							ark = null;
+						}
+					}
+				}
+			} catch (MalformedURLException e) {
+				Logger.minor(this, "Caught "+e, e);
+				ark = null;
+			}
+			this.myOldARK = ark;
+			
+		}
+		
 		wasTestnet = Fields.stringToBool(fs.get("testnet"), false);
 	}
 
@@ -1689,6 +1734,9 @@
 		SimpleFieldSet fs = exportPublicFieldSet(false);
 		fs.put("dsaPrivKey", myPrivKey.asFieldSet());
 		fs.put("ark.privURI", this.myARK.getInsertURI().toString(false, false));
+		if(myOldARK != null) {
+			fs.put("old-ark.privURI", this.myOldARK.getInsertURI().toString(false, false));
+		}
 		return fs;
 	}
 	
@@ -1729,6 +1777,10 @@
 		}
 		fs.put("ark.number", Long.toString(this.myARKNumber)); // Can be changed on setup
 		fs.put("ark.pubURI", this.myARK.getURI().toString(false, false)); // Can be changed on setup
+		if(myOldARK != null) {
+			fs.put("old-ark.number", Long.toString(this.myOldARKNumber));
+			fs.put("old-ark.pubURI", this.myOldARK.getURI().toString(false, false));
+		}
 		
 		synchronized (referenceSync) {
 			if(myReferenceSignature == null || mySignedReference == null || !mySignedReference.equals(fs.toOrderedString())){

Modified: trunk/freenet/src/freenet/node/NodeARKInserter.java
===================================================================
--- trunk/freenet/src/freenet/node/NodeARKInserter.java	2007-02-08 22:10:49 UTC (rev 11695)
+++ trunk/freenet/src/freenet/node/NodeARKInserter.java	2007-02-09 00:56:54 UTC (rev 11696)
@@ -33,8 +33,9 @@
 
 	/**
 	 * @param node
+	 * @param old If true, use the old ARK rather than the new ARK
 	 */
-	NodeARKInserter(Node node, NodeIPDetector detector) {
+	NodeARKInserter(Node node, NodeIPDetector detector, boolean old) {
 		this.node = node;
 		this.detector = detector;
 		logMINOR = Logger.shouldLog(Logger.MINOR, this);

Modified: trunk/freenet/src/freenet/node/NodeIPDetector.java
===================================================================
--- trunk/freenet/src/freenet/node/NodeIPDetector.java	2007-02-08 22:10:49 UTC (rev 11695)
+++ trunk/freenet/src/freenet/node/NodeIPDetector.java	2007-02-09 00:56:54 UTC (rev 11696)
@@ -49,6 +49,8 @@
 	public boolean includeLocalAddressesInNoderefs;
 	/** ARK inserter. */
 	private final NodeARKInserter arkPutter;
+	// FIXME remove old ARK support
+	private final NodeARKInserter oldARKPutter;
 	/** Set when we have grounds to believe that we may be behind a symmetric NAT. */
 	boolean maybeSymmetric;
 	private boolean hasDetectedPM;
@@ -62,7 +64,11 @@
 		ipDetectorManager = new IPDetectorPluginManager(node, this);
 		ipDetector = new IPAddressDetector(10*1000, this);
 		primaryIPUndetectedAlert = new IPUndetectedUserAlert(node);
-		arkPutter = new NodeARKInserter(node, this);
+		arkPutter = new NodeARKInserter(node, this, false);
+		if(node.myOldARK != null)
+			oldARKPutter = new NodeARKInserter(node, this, true);
+		else
+			oldARKPutter = null;
 	}
 
 	/**
@@ -256,6 +262,8 @@
 		pluginDetectedIPs = list;
 		redetectAddress();
 		arkPutter.update();
+		if(oldARKPutter != null)
+			oldARKPutter.update();
 	}
 
 	public void redetectAddress() {
@@ -265,6 +273,8 @@
 			lastIP = newIP;
 		}
 		arkPutter.update();
+		if(oldARKPutter != null)
+			oldARKPutter.update();
 		node.writeNodeFile();
 	}
 
@@ -388,6 +398,7 @@
 		ticker.queueTimedJob(new FastRunnable() {
 			public void run() {
 				arkPutter.start();
+				if(oldARKPutter != null) oldARKPutter.start();
 			}
 		}, 60*1000);
 	}

Modified: trunk/freenet/src/freenet/node/PeerNode.java
===================================================================
--- trunk/freenet/src/freenet/node/PeerNode.java	2007-02-08 22:10:49 UTC (rev 11695)
+++ trunk/freenet/src/freenet/node/PeerNode.java	2007-02-09 00:56:54 UTC (rev 11696)
@@ -2293,25 +2293,6 @@
 		return myARK;
 	}
 
-	public synchronized void updateARK(FreenetURI newURI) {
-		try {
-			USK usk = USK.create(newURI);
-			if(!myARK.equals(usk.copy(myARK.suggestedEdition), false)) {
-				Logger.error(this, "Changing ARK not supported (and shouldn't be possible): from "+myARK+" to "+usk+" for "+this);
-			} else if(myARK.suggestedEdition > usk.suggestedEdition) {
-				Logger.minor(this, "Ignoring ARK edition decrease: "+myARK.suggestedEdition+" to "+usk.suggestedEdition+" for "+this);
-			} else if(myARK.suggestedEdition < usk.suggestedEdition) {
-				if(logMINOR) Logger.minor(this, "New ARK edition found");
-				myARK = usk;
-			} else if(myARK == null) {
-				if(logMINOR) Logger.minor(this, "Setting ARK to "+usk+" was null on "+this);
-				myARK = usk;
-			}
-		} catch (MalformedURLException e) {
-			Logger.error(this, "ARK update failed: Could not parse permanent redirect (from USK): "+newURI+" : "+e, e);
-		}
-	}
-
 	public void gotARK(SimpleFieldSet fs, long fetchedEdition) {
 		try {
 			synchronized(this) {


