From bbackde at googlemail.com Sun Sep 2 08:52:24 2007 From: bbackde at googlemail.com (bbackde at googlemail.com) Date: Sun, 2 Sep 2007 10:52:24 +0200 Subject: [freenet-dev] Freenet 0.7 build 1055/1056 In-Reply-To: <200708311637.34949.toad@amphibian.dyndns.org> References: <200708311637.34949.toad@amphibian.dyndns.org> Message-ID: > - Require a new freenet-ext.jar (#17), which includes an updated database engine. Where can I get this #17 ? No auto-update is available, and a manual invocation of update.cmd finds no new jars. I'm still on #13, so 1056 doesn't require #17 as you said ;) On 8/31/07, Matthew Toseland wrote: > Freenet 0.7 build 1056 is now available (1055 is mandatory; sorry for the long > delay between making it available and announcing it, we've been busy). Please > upgrade. We are still interested in any difficulty you have with the > auto-update system; please report problems with that and any other bugs you > find. > 1055 changelog: > - Major swapping algorithm changes to try to both prevent deliberate attacks > and progressive degeneration of the network caused by churn. Either way the > result would be large parts of the network clustered into very small parts of > the keyspace. We now randomize node locations every 2000 swaps, swap a bit > more widely, enforce the maximum swap HTL, and send swaps less frequently. > - Fix bug in metadata generation for larger freesites, report invalid metadata > as invalid metadata rather than a temp space error, and allow more files to > be cached in the container cache. > - Hopefully fix the CSS filter bugs relating to negative offsets. > - Always write some critical config options to disk, so they can be easily > changed. > - Datastore recovery improvements. > - Various synchronization/concurrency fixes, minor optimisations, diagnostics, > and debugging-related changes (logging etc). > 1056 and 1055: > - Require a new freenet-ext.jar (#17), which includes an updated database > engine. > Also lots of work on the various Summer of Code projects by our students, > including unit tests, the new searching system, JFK (new link crypto), the > Echo blog engine, and some simulations. Several of these items will be > releasable in the not too distant future. > > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > -- __________________________________________________ GnuPG key: (0x48DBFA8A) Keyserver: pgpkeys.pca.dfn.de Fingerprint: 477D F057 1BD4 1AE7 8A54 8679 6690 E2EC 48DB FA8A __________________________________________________ From nextgens at freenetproject.org Sun Sep 2 08:56:17 2007 From: nextgens at freenetproject.org (Florent =?iso-8859-1?Q?Daigni=E8re?=) Date: Sun, 2 Sep 2007 10:56:17 +0200 Subject: [freenet-dev] Freenet 0.7 build 1055/1056 In-Reply-To: References: <200708311637.34949.toad@amphibian.dyndns.org> Message-ID: <20070902085616.GC5587@freenetproject.org> * bbackde at googlemail.com [2007-09-02 10:52:24]: > > - Require a new freenet-ext.jar (#17), which includes an updated database > engine. > > Where can I get this #17 ? No auto-update is available, and a manual > invocation of update.cmd finds no new jars. I'm still on #13, so 1056 > doesn't require #17 as you said ;) What's the story about the auto-updater not working ? From here I can retrieve USK at BFa1voWr5PunINSZ5BGMqFwhkJTiDBBUrOZ0MYBXseg,BOrxeLzUMb6R9tEZzexymY0zyKAmBNvrU4A9Q0tAqu0,AQACAAE/ext/17 and haven't seen any bug on mantis regarding a non-working updater... What do your logs say ? NextGen$ > > On 8/31/07, Matthew Toseland wrote: > > Freenet 0.7 build 1056 is now available (1055 is mandatory; sorry for the long > > delay between making it available and announcing it, we've been busy). Please > > upgrade. We are still interested in any difficulty you have with the > > auto-update system; please report problems with that and any other bugs you > > find. > > 1055 changelog: > > - Major swapping algorithm changes to try to both prevent deliberate attacks > > and progressive degeneration of the network caused by churn. Either way the > > result would be large parts of the network clustered into very small parts of > > the keyspace. We now randomize node locations every 2000 swaps, swap a bit > > more widely, enforce the maximum swap HTL, and send swaps less frequently. > > - Fix bug in metadata generation for larger freesites, report invalid metadata > > as invalid metadata rather than a temp space error, and allow more files to > > be cached in the container cache. > > - Hopefully fix the CSS filter bugs relating to negative offsets. > > - Always write some critical config options to disk, so they can be easily > > changed. > > - Datastore recovery improvements. > > - Various synchronization/concurrency fixes, minor optimisations, diagnostics, > > and debugging-related changes (logging etc). > > 1056 and 1055: > > - Require a new freenet-ext.jar (#17), which includes an updated database > > engine. > > Also lots of work on the various Summer of Code projects by our students, > > including unit tests, the new searching system, JFK (new link crypto), the > > Echo blog engine, and some simulations. Several of these items will be > > releasable in the not too distant future. > > > > _______________________________________________ > > Devl mailing list > > Devl at freenetproject.org > > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > > > > > > -- > __________________________________________________ > GnuPG key: (0x48DBFA8A) > Keyserver: pgpkeys.pca.dfn.de > Fingerprint: > 477D F057 1BD4 1AE7 8A54 8679 6690 E2EC 48DB FA8A > __________________________________________________ > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070902/882a5aca/attachment.pgp From bbackde at googlemail.com Sun Sep 2 09:19:01 2007 From: bbackde at googlemail.com (bbackde at googlemail.com) Date: Sun, 2 Sep 2007 11:19:01 +0200 Subject: [freenet-dev] Freenet 0.7 build 1055/1056 In-Reply-To: <20070902085616.GC5587@freenetproject.org> References: <200708311637.34949.toad@amphibian.dyndns.org> <20070902085616.GC5587@freenetproject.org> Message-ID: The node page says Version Information & Node Control Freenet 0.7 Build #1056 r14871 Freenet-ext Build #13 (17 is recommended) r12938 Shortly after a node start, the node page says A new stable version of Freenet is available It seems that your node isn't running the latest version of the software. Your node is currently downloading a new version of Freenet (extra jar version 1056).Would you like the node to automatically restart as soon as it has downloaded the update? I can click UPDATE ASAP, bit it never updates. No matter if I click or not, after some time this message vanishes from the node page and never reappears until next node start. Please notice the extra jar version 1056, is this correct? I will now try to get the #17 from the key you mentioned. On 9/2/07, Florent Daigni?re wrote: > * bbackde at googlemail.com [2007-09-02 10:52:24]: > > > > - Require a new freenet-ext.jar (#17), which includes an updated database > > engine. > > > > Where can I get this #17 ? No auto-update is available, and a manual > > invocation of update.cmd finds no new jars. I'm still on #13, so 1056 > > doesn't require #17 as you said ;) > > What's the story about the auto-updater not working ? > > From here I can retrieve > USK at BFa1voWr5PunINSZ5BGMqFwhkJTiDBBUrOZ0MYBXseg,BOrxeLzUMb6R9tEZzexymY0zyKAmBNvrU4A9Q0tAqu0,AQACAAE/ext/17 > and haven't seen any bug on mantis regarding a non-working updater... > > What do your logs say ? > > NextGen$ > > > > > On 8/31/07, Matthew Toseland wrote: > > > Freenet 0.7 build 1056 is now available (1055 is mandatory; sorry for the long > > > delay between making it available and announcing it, we've been busy). Please > > > upgrade. We are still interested in any difficulty you have with the > > > auto-update system; please report problems with that and any other bugs you > > > find. > > > 1055 changelog: > > > - Major swapping algorithm changes to try to both prevent deliberate attacks > > > and progressive degeneration of the network caused by churn. Either way the > > > result would be large parts of the network clustered into very small parts of > > > the keyspace. We now randomize node locations every 2000 swaps, swap a bit > > > more widely, enforce the maximum swap HTL, and send swaps less frequently. > > > - Fix bug in metadata generation for larger freesites, report invalid metadata > > > as invalid metadata rather than a temp space error, and allow more files to > > > be cached in the container cache. > > > - Hopefully fix the CSS filter bugs relating to negative offsets. > > > - Always write some critical config options to disk, so they can be easily > > > changed. > > > - Datastore recovery improvements. > > > - Various synchronization/concurrency fixes, minor optimisations, diagnostics, > > > and debugging-related changes (logging etc). > > > 1056 and 1055: > > > - Require a new freenet-ext.jar (#17), which includes an updated database > > > engine. > > > Also lots of work on the various Summer of Code projects by our students, > > > including unit tests, the new searching system, JFK (new link crypto), the > > > Echo blog engine, and some simulations. Several of these items will be > > > releasable in the not too distant future. > > > > > > _______________________________________________ > > > Devl mailing list > > > Devl at freenetproject.org > > > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > > > > > > > > > > > -- > > __________________________________________________ > > GnuPG key: (0x48DBFA8A) > > Keyserver: pgpkeys.pca.dfn.de > > Fingerprint: > > 477D F057 1BD4 1AE7 8A54 8679 6690 E2EC 48DB FA8A > > __________________________________________________ > > _______________________________________________ > > Devl mailing list > > Devl at freenetproject.org > > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > > iD8DBQFG2nqwU/Z/dHFfxtcRAjodAJ9ID+0fTks+101oY3BWOZziMl90CQCaAmp+ > StMm1l9JVfnSr7SAuuqfjgg= > =q4ma > -----END PGP SIGNATURE----- > > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > -- __________________________________________________ GnuPG key: (0x48DBFA8A) Keyserver: pgpkeys.pca.dfn.de Fingerprint: 477D F057 1BD4 1AE7 8A54 8679 6690 E2EC 48DB FA8A __________________________________________________ From nextgens at freenetproject.org Sun Sep 2 09:58:48 2007 From: nextgens at freenetproject.org (Florent =?iso-8859-1?Q?Daigni=E8re?=) Date: Sun, 2 Sep 2007 11:58:48 +0200 Subject: [freenet-dev] Freenet 0.7 build 1055/1056 In-Reply-To: References: <200708311637.34949.toad@amphibian.dyndns.org> <20070902085616.GC5587@freenetproject.org> Message-ID: <20070902095848.GE5587@freenetproject.org> * bbackde at googlemail.com [2007-09-02 11:19:01]: > The node page says > > Version Information & Node Control > Freenet 0.7 Build #1056 r14871 > Freenet-ext Build #13 (17 is recommended) r12938 > > Shortly after a node start, the node page says > > A new stable version of Freenet is available > It seems that your node isn't running the latest version of the > software. Your node is currently downloading a new version of Freenet > (extra jar version 1056).Would you like the node to automatically > restart as soon as it has downloaded the update? > > I can click UPDATE ASAP, bit it never updates. No matter if I click or > not, after some time this message vanishes from the node page and > never reappears until next node start. > Please notice the extra jar version 1056, is this correct? > > I will now try to get the #17 from the key you mentioned. Can you provide your wrapper.log, wrapper.conf, and the node.updater section of your freenet.ini file please ? Does freenet-ext.jar.new exist in freenet's folder ? NextGen$ > > On 9/2/07, Florent Daigni?re wrote: > > * bbackde at googlemail.com [2007-09-02 10:52:24]: > > > > > > - Require a new freenet-ext.jar (#17), which includes an updated database > > > engine. > > > > > > Where can I get this #17 ? No auto-update is available, and a manual > > > invocation of update.cmd finds no new jars. I'm still on #13, so 1056 > > > doesn't require #17 as you said ;) > > > > What's the story about the auto-updater not working ? > > > > From here I can retrieve > > USK at BFa1voWr5PunINSZ5BGMqFwhkJTiDBBUrOZ0MYBXseg,BOrxeLzUMb6R9tEZzexymY0zyKAmBNvrU4A9Q0tAqu0,AQACAAE/ext/17 > > and haven't seen any bug on mantis regarding a non-working updater... > > > > What do your logs say ? > > > > NextGen$ > > > > > > > > On 8/31/07, Matthew Toseland wrote: > > > > Freenet 0.7 build 1056 is now available (1055 is mandatory; sorry for the long > > > > delay between making it available and announcing it, we've been busy). Please > > > > upgrade. We are still interested in any difficulty you have with the > > > > auto-update system; please report problems with that and any other bugs you > > > > find. > > > > 1055 changelog: > > > > - Major swapping algorithm changes to try to both prevent deliberate attacks > > > > and progressive degeneration of the network caused by churn. Either way the > > > > result would be large parts of the network clustered into very small parts of > > > > the keyspace. We now randomize node locations every 2000 swaps, swap a bit > > > > more widely, enforce the maximum swap HTL, and send swaps less frequently. > > > > - Fix bug in metadata generation for larger freesites, report invalid metadata > > > > as invalid metadata rather than a temp space error, and allow more files to > > > > be cached in the container cache. > > > > - Hopefully fix the CSS filter bugs relating to negative offsets. > > > > - Always write some critical config options to disk, so they can be easily > > > > changed. > > > > - Datastore recovery improvements. > > > > - Various synchronization/concurrency fixes, minor optimisations, diagnostics, > > > > and debugging-related changes (logging etc). > > > > 1056 and 1055: > > > > - Require a new freenet-ext.jar (#17), which includes an updated database > > > > engine. > > > > Also lots of work on the various Summer of Code projects by our students, > > > > including unit tests, the new searching system, JFK (new link crypto), the > > > > Echo blog engine, and some simulations. Several of these items will be > > > > releasable in the not too distant future. > > > > > > > > _______________________________________________ > > > > Devl mailing list > > > > Devl at freenetproject.org > > > > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > > > > > > > > > > > > > > > > -- > > > __________________________________________________ > > > GnuPG key: (0x48DBFA8A) > > > Keyserver: pgpkeys.pca.dfn.de > > > Fingerprint: > > > 477D F057 1BD4 1AE7 8A54 8679 6690 E2EC 48DB FA8A > > > __________________________________________________ > > > _______________________________________________ > > > Devl mailing list > > > Devl at freenetproject.org > > > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v1.4.6 (GNU/Linux) > > > > iD8DBQFG2nqwU/Z/dHFfxtcRAjodAJ9ID+0fTks+101oY3BWOZziMl90CQCaAmp+ > > StMm1l9JVfnSr7SAuuqfjgg= > > =q4ma > > -----END PGP SIGNATURE----- > > > > _______________________________________________ > > Devl mailing list > > Devl at freenetproject.org > > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > > > > > -- > __________________________________________________ > GnuPG key: (0x48DBFA8A) > Keyserver: pgpkeys.pca.dfn.de > Fingerprint: > 477D F057 1BD4 1AE7 8A54 8679 6690 E2EC 48DB FA8A > __________________________________________________ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070902/d4e10c10/attachment.pgp From guido-frn at unknownsite.de Sun Sep 2 18:40:12 2007 From: guido-frn at unknownsite.de (Guido Winkelmann) Date: Sun, 2 Sep 2007 20:40:12 +0200 Subject: [freenet-dev] Freenet 0.7 build 1055/1056 In-Reply-To: <200708311637.34949.toad@amphibian.dyndns.org> References: <200708311637.34949.toad@amphibian.dyndns.org> Message-ID: <200709022040.12592.guido-frn@unknownsite.de> Am Freitag, 31. August 2007 17:37:30 schrieb Matthew Toseland: > Freenet 0.7 build 1056 is now available (1055 is mandatory; sorry for the > long delay between making it available and announcing it, we've been busy). > Please upgrade. We are still interested in any difficulty you have with the > auto-update system; please report problems with that and any other bugs you > find. Okay, since you're asking... Auto-update hasn't been working for me for one or two months, simply because starting freenet using the wrapper doesn't work for me. I've posted this problem to freenet-support about one and a half months ago, but haven't received any answer to it yet. Guido From nextgens at freenetproject.org Mon Sep 3 23:37:41 2007 From: nextgens at freenetproject.org (Florent =?iso-8859-1?Q?Daigni=E8re?=) Date: Tue, 4 Sep 2007 01:37:41 +0200 Subject: [freenet-dev] Freenet 0.7 build 1055/1056 In-Reply-To: <200709022040.12592.guido-frn@unknownsite.de> References: <200708311637.34949.toad@amphibian.dyndns.org> <200709022040.12592.guido-frn@unknownsite.de> Message-ID: <20070903233740.GB5614@freenetproject.org> * Guido Winkelmann [2007-09-02 20:40:12]: > Am Freitag, 31. August 2007 17:37:30 schrieb Matthew Toseland: > > Freenet 0.7 build 1056 is now available (1055 is mandatory; sorry for the > > long delay between making it available and announcing it, we've been busy). > > Please upgrade. We are still interested in any difficulty you have with the > > auto-update system; please report problems with that and any other bugs you > > find. > > Okay, since you're asking... > > Auto-update hasn't been working for me for one or two months, simply because > starting freenet using the wrapper doesn't work for me. That sounds like a different issue. > > I've posted this problem to freenet-support about one and a half months ago, > but haven't received any answer to it yet. > > Guido I don't read @support and usually don't support users. NextGen$ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070904/dc1aaece/attachment.pgp From toad at amphibian.dyndns.org Tue Sep 4 15:20:23 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Tue, 4 Sep 2007 16:20:23 +0100 Subject: [freenet-dev] Freenet 0.7 build 1055/1056 In-Reply-To: <20070903233740.GB5614@freenetproject.org> References: <200708311637.34949.toad@amphibian.dyndns.org> <200709022040.12592.guido-frn@unknownsite.de> <20070903233740.GB5614@freenetproject.org> Message-ID: <200709041620.24180.toad@amphibian.dyndns.org> I've heard complaints about auto-update not working from Frost and IIRC I filed a bug for it. On Tuesday 04 September 2007 00:37, Florent Daigni?re wrote: > * Guido Winkelmann [2007-09-02 20:40:12]: > > > Am Freitag, 31. August 2007 17:37:30 schrieb Matthew Toseland: > > > Freenet 0.7 build 1056 is now available (1055 is mandatory; sorry for the > > > long delay between making it available and announcing it, we've been busy). > > > Please upgrade. We are still interested in any difficulty you have with the > > > auto-update system; please report problems with that and any other bugs you > > > find. > > > > Okay, since you're asking... > > > > Auto-update hasn't been working for me for one or two months, simply because > > starting freenet using the wrapper doesn't work for me. > > That sounds like a different issue. > > > > > I've posted this problem to freenet-support about one and a half months ago, > > but haven't received any answer to it yet. > > > > Guido > > I don't read @support and usually don't support users. > > NextGen$ > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070904/4c957e33/attachment.pgp From toad at amphibian.dyndns.org Tue Sep 4 16:10:12 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Tue, 4 Sep 2007 17:10:12 +0100 Subject: [freenet-dev] [freenet-cvs] r14883 - trunk/freenet/src/freenet/support In-Reply-To: <20070826142518.CA2BE47AA98@freenetproject.org> References: <20070826142518.CA2BE47AA98@freenetproject.org> Message-ID: <200709041710.18225.toad@amphibian.dyndns.org> Not sure I understand why the below is necessary, at least on 1.4 ... ? On Sunday 26 August 2007 15:25, you wrote: > Author: sback > Date: 2007-08-26 14:25:18 +0000 (Sun, 26 Aug 2007) > New Revision: 14883 > > Modified: > trunk/freenet/src/freenet/support/TimeSortedHashtable.java > Log: > Added a simple-and-always-allowed cast to provide class compatibility even to java 1.5 > > Modified: trunk/freenet/src/freenet/support/TimeSortedHashtable.java > =================================================================== > --- trunk/freenet/src/freenet/support/TimeSortedHashtable.java 2007-08-25 21:55:29 UTC (rev 14882) > +++ trunk/freenet/src/freenet/support/TimeSortedHashtable.java 2007-08-26 14:25:18 UTC (rev 14883) > @@ -32,7 +32,7 @@ > private class MyComparator implements Comparator { > > public int compare(Object arg0, Object arg1) { > - if(arg0 instanceof Long && arg1 instanceof Long) return ((Long)arg0).compareTo(arg1); > + if(arg0 instanceof Long && arg1 instanceof Long) return ((Long)arg0).compareTo((Long)arg1); > if(arg0 instanceof Element && arg1 instanceof Element) return ((Element)arg0).compareTo(arg1); > // Comparing a Long with an Element, because we are searching for an Element by the value of a Long. > // Hence we do not need to consider the element value. > > _______________________________________________ > cvs mailing list > cvs at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/cvs > > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070904/01d36265/attachment.pgp From toad at amphibian.dyndns.org Thu Sep 6 23:27:37 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Fri, 7 Sep 2007 00:27:37 +0100 Subject: [freenet-dev] Freenet 0.7 build 1057 Message-ID: <200709070027.38295.toad@amphibian.dyndns.org> Freenet 0.7 build 1057 is now available. Please upgrade. This build fixes various bugs, including one which would cause opennet nodes to become gradually unable to accept any requests, and a filehandle leak that would result in the node breaking with "Too many open files". There has also recently been significant progress with the various Summer of Code projects; this has now finished, some of the code (e.g. the xmlspider/xmllibrarian, and the unit tests) is working and integrated already. Please report any bugs you find. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070907/ad270227/attachment.pgp From toad at amphibian.dyndns.org Fri Sep 7 12:32:00 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Fri, 7 Sep 2007 13:32:00 +0100 Subject: [freenet-dev] Paper on result merging in P2P networks. Message-ID: <200709071332.00628.toad@amphibian.dyndns.org> Somebody (mrogers?) mentioned the following thesis on result merging in P2P searches. It might be relevant to our work with XMLLibrarian multiple index support? http://www.l3s.de/~chernov/chernov_thesis.pdf -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070907/3530b352/attachment.pgp From toad at amphibian.dyndns.org Fri Sep 7 12:35:09 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Fri, 7 Sep 2007 13:35:09 +0100 Subject: [freenet-dev] Unharvestable Tor Message-ID: <200709071335.10125.toad@amphibian.dyndns.org> Might be worth a read: https://tor.eff.org/svn/trunk/doc/design-paper/blocking.html -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070907/2632cd47/attachment.pgp From toad at amphibian.dyndns.org Fri Sep 7 13:53:40 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Fri, 7 Sep 2007 14:53:40 +0100 Subject: [freenet-dev] Freenet 0.7 build 1058 Message-ID: <200709071453.46152.toad@amphibian.dyndns.org> Freenet 0.7 build 1058 is available. This fixes a bug which was preventing freenet-ext.jar from being automatically updated. Please upgrade. If your node still fails to update or cannot access freesites, download files etc, please update manually using update.sh or update.cmd. This build will be mandatory at 0:00 GMT on Wednesday. Thanks! -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070907/41ecdd17/attachment.pgp From toad at amphibian.dyndns.org Fri Sep 7 22:09:40 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Fri, 7 Sep 2007 23:09:40 +0100 Subject: [freenet-dev] Windows users please run update.cmd Message-ID: <200709072309.45332.toad@amphibian.dyndns.org> There has been a major bug in the Windows installer code. Please could all Windows users manually run the update.cmd script. This will fix it. Details: We were registering an unprivelidged account for Freenet, but not setting password expiry. So after 42 days the node breaks and has to be reinstalled. This is *bad*! Thanks -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070907/9b1275f0/attachment.pgp From toad at amphibian.dyndns.org Fri Sep 7 23:14:04 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Sat, 8 Sep 2007 00:14:04 +0100 Subject: [freenet-dev] [freenet-cvs] r15019 - trunk/apps/new_installer/res/windows/bin In-Reply-To: <20070907203609.820B447AA91@freenetproject.org> References: <20070907203609.820B447AA91@freenetproject.org> Message-ID: <200709080014.09628.toad@amphibian.dyndns.org> If you don't cd bin then it's not ../wrapper.conf, surely it's wrapper.conf ? On Friday 07 September 2007 21:36, you wrote: > Author: nextgens > Date: 2007-09-07 20:36:09 +0000 (Fri, 07 Sep 2007) > New Revision: 15019 > > Modified: > trunk/apps/new_installer/res/windows/bin/install_service.bat > trunk/apps/new_installer/res/windows/bin/remove_service.bat > Log: > new_installer: better logic > > Modified: trunk/apps/new_installer/res/windows/bin/install_service.bat > =================================================================== > --- trunk/apps/new_installer/res/windows/bin/install_service.bat 2007-09-07 20:28:52 UTC (rev 15018) > +++ trunk/apps/new_installer/res/windows/bin/install_service.bat 2007-09-07 20:36:09 UTC (rev 15019) > @@ -1,6 +1,7 @@ > @set PATH=%SYSTEMROOT%\System32\;%PATH% > > +if not exist wrapper-windows-x86-32.exe cd bin > @echo Cleaning up > - at bin\wrapper-windows-x86-32.exe -r ../wrapper.conf > + at wrapper-windows-x86-32.exe -r ../wrapper.conf > @echo Registering Freenet as a system service > - at bin\wrapper-windows-x86-32.exe -i ../wrapper.conf > + at wrapper-windows-x86-32.exe -i ../wrapper.conf > > Modified: trunk/apps/new_installer/res/windows/bin/remove_service.bat > =================================================================== > --- trunk/apps/new_installer/res/windows/bin/remove_service.bat 2007-09-07 20:28:52 UTC (rev 15018) > +++ trunk/apps/new_installer/res/windows/bin/remove_service.bat 2007-09-07 20:36:09 UTC (rev 15019) > @@ -1,5 +1,6 @@ > @set PATH=%SYSTEMROOT%\System32\;%PATH% > > +if not exist wrapper-windows-x86-32.exe cd bin > @echo Cleaning up > @net stop freenet-darknet > @echo Unregistering Freenet as a system service > > _______________________________________________ > cvs mailing list > cvs at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/cvs > > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070908/dfd0a7af/attachment.pgp From nextgens at freenetproject.org Sat Sep 8 08:27:45 2007 From: nextgens at freenetproject.org (Florent =?iso-8859-1?Q?Daigni=E8re?=) Date: Sat, 8 Sep 2007 10:27:45 +0200 Subject: [freenet-dev] [freenet-cvs] r15019 - trunk/apps/new_installer/res/windows/bin In-Reply-To: <200709080014.09628.toad@amphibian.dyndns.org> References: <20070907203609.820B447AA91@freenetproject.org> <200709080014.09628.toad@amphibian.dyndns.org> Message-ID: <20070908082745.GA5719@freenetproject.org> * Matthew Toseland [2007-09-08 00:14:04]: > If you don't cd bin then it's not ../wrapper.conf, surely it's wrapper.conf ? No; the path is relative to the location of the binary. > > On Friday 07 September 2007 21:36, you wrote: > > Author: nextgens > > Date: 2007-09-07 20:36:09 +0000 (Fri, 07 Sep 2007) > > New Revision: 15019 > > > > Modified: > > trunk/apps/new_installer/res/windows/bin/install_service.bat > > trunk/apps/new_installer/res/windows/bin/remove_service.bat > > Log: > > new_installer: better logic > > > > Modified: trunk/apps/new_installer/res/windows/bin/install_service.bat > > =================================================================== > > --- trunk/apps/new_installer/res/windows/bin/install_service.bat 2007-09-07 > 20:28:52 UTC (rev 15018) > > +++ trunk/apps/new_installer/res/windows/bin/install_service.bat 2007-09-07 > 20:36:09 UTC (rev 15019) > > @@ -1,6 +1,7 @@ > > @set PATH=%SYSTEMROOT%\System32\;%PATH% > > > > +if not exist wrapper-windows-x86-32.exe cd bin > > @echo Cleaning up > > - at bin\wrapper-windows-x86-32.exe -r ../wrapper.conf > > + at wrapper-windows-x86-32.exe -r ../wrapper.conf > > @echo Registering Freenet as a system service > > - at bin\wrapper-windows-x86-32.exe -i ../wrapper.conf > > + at wrapper-windows-x86-32.exe -i ../wrapper.conf > > > > Modified: trunk/apps/new_installer/res/windows/bin/remove_service.bat > > =================================================================== > > --- trunk/apps/new_installer/res/windows/bin/remove_service.bat 2007-09-07 > 20:28:52 UTC (rev 15018) > > +++ trunk/apps/new_installer/res/windows/bin/remove_service.bat 2007-09-07 > 20:36:09 UTC (rev 15019) > > @@ -1,5 +1,6 @@ > > @set PATH=%SYSTEMROOT%\System32\;%PATH% > > > > +if not exist wrapper-windows-x86-32.exe cd bin > > @echo Cleaning up > > @net stop freenet-darknet > > @echo Unregistering Freenet as a system service > > > > _______________________________________________ > > cvs mailing list > > cvs at freenetproject.org > > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/cvs > > > > > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070908/d9c01f5c/attachment.pgp From toad at amphibian.dyndns.org Sat Sep 8 12:15:23 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Sat, 8 Sep 2007 13:15:23 +0100 Subject: [freenet-dev] [freenet-cvs] r15030 - trunk/freenet/src/freenet/node In-Reply-To: <20070908074856.43FCC4798B9@freenetproject.org> References: <20070908074856.43FCC4798B9@freenetproject.org> Message-ID: <200709081315.28772.toad@amphibian.dyndns.org> Hmmm... You think we've given them enough time to move pre-1010 content? Probably... On Saturday 08 September 2007 08:48, you wrote: > Author: juiceman > Date: 2007-09-08 07:48:55 +0000 (Sat, 08 Sep 2007) > New Revision: 15030 > > Modified: > trunk/freenet/src/freenet/node/NodeClientCore.java > Log: > Remove access to config options for insecure pre-1010 keys. I will slowly start removing back-compatibility code unless someone else would prefer to do it. > > Modified: trunk/freenet/src/freenet/node/NodeClientCore.java > =================================================================== > --- trunk/freenet/src/freenet/node/NodeClientCore.java 2007-09-08 00:02:08 UTC (rev 15029) > +++ trunk/freenet/src/freenet/node/NodeClientCore.java 2007-09-08 07:48:55 UTC (rev 15030) > @@ -331,35 +331,35 @@ > // REDFLAG normally we wouldn't use static variables to carry important non-final data, but in this > // case it's temporary code which will be removed before 0.7.0. > > - nodeConfig.register("allowInsecureCHKs", false, sortOrder++, true, false, "NodeClientCore.allowInsecureCHK", "NodeClientCore.allowInsecureCHKLong", > - new BooleanCallback() { > + //nodeConfig.register("allowInsecureCHKs", false, sortOrder++, true, false, "NodeClientCore.allowInsecureCHK", "NodeClientCore.allowInsecureCHKLong", > + // new BooleanCallback() { > > - public boolean get() { > - return Key.ALLOW_INSECURE_CLIENT_CHKS; > - } > + // public boolean get() { > + // return Key.ALLOW_INSECURE_CLIENT_CHKS; > + // } > > - public void set(boolean val) throws InvalidConfigValueException { > - Key.ALLOW_INSECURE_CLIENT_CHKS = val; > - } > - > - }); > + // public void set(boolean val) throws InvalidConfigValueException { > + // Key.ALLOW_INSECURE_CLIENT_CHKS = val; > + // } > + // > + //}); > > - Key.ALLOW_INSECURE_CLIENT_CHKS = nodeConfig.getBoolean("allowInsecureCHKs"); > + Key.ALLOW_INSECURE_CLIENT_CHKS = false; > > - nodeConfig.register("allowInsecureSSKs", false, sortOrder++, true, false, "NodeClientCore.allowInsecureSSK", "NodeClientCore.allowInsecureSSKLong", > - new BooleanCallback() { > + //nodeConfig.register("allowInsecureSSKs", false, sortOrder++, true, false, "NodeClientCore.allowInsecureSSK", "NodeClientCore.allowInsecureSSKLong", > + // new BooleanCallback() { > > - public boolean get() { > - return Key.ALLOW_INSECURE_CLIENT_SSKS; > - } > + // public boolean get() { > + // return Key.ALLOW_INSECURE_CLIENT_SSKS; > + // } > > - public void set(boolean val) throws InvalidConfigValueException { > - Key.ALLOW_INSECURE_CLIENT_SSKS = val; > - } > - > - }); > + // public void set(boolean val) throws InvalidConfigValueException { > + // Key.ALLOW_INSECURE_CLIENT_SSKS = val; > + // } > + // > + //}); > > - Key.ALLOW_INSECURE_CLIENT_SSKS = nodeConfig.getBoolean("allowInsecureSSKs"); > + Key.ALLOW_INSECURE_CLIENT_SSKS = false; > > // This is all part of construction, not of start(). > // Some plugins depend on it, so it needs to be *created* before they are started. > > _______________________________________________ > cvs mailing list > cvs at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/cvs > > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070908/b758bc97/attachment.pgp From toad at amphibian.dyndns.org Sat Sep 8 12:32:18 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Sat, 8 Sep 2007 13:32:18 +0100 Subject: [freenet-dev] Freenet 0.7 build 1059 Message-ID: <200709081332.19675.toad@amphibian.dyndns.org> Freenet 0.7 build 1059 is now available. Please upgrade. Please reload the UPnP plugin - unload it, restart the node, and load it by typing UPnP* into the box. Then you will have support for automatic port forwarding of both darknet (friends) and opennet (strangers) ports. The other significant change in this build is that the backwards compatibility options for pre-1010 keys have been removed. Apologies for the fast release cycle, I thought I'd release it while the changes were small, self-contained and known to work, especially given they should improve opennet connectivity significantly. Of course you will find bugs; please tell us about them. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070908/a13474bb/attachment.pgp From toad at amphibian.dyndns.org Sat Sep 8 16:44:41 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Sat, 8 Sep 2007 17:44:41 +0100 Subject: [freenet-dev] Freenet 0.7 build 1059 In-Reply-To: <200709081332.19675.toad@amphibian.dyndns.org> References: <200709081332.19675.toad@amphibian.dyndns.org> Message-ID: <200709081744.46243.toad@amphibian.dyndns.org> Sorry folk, load it by typing UPnP# not UPnP*. The difference is that the latter will download it on every startup from emu; the former will download it once. If you are really paranoid, find a different way to get it or don't use it at all. On Saturday 08 September 2007 13:32, Matthew Toseland wrote: > Freenet 0.7 build 1059 is now available. Please upgrade. Please reload the > UPnP plugin - unload it, restart the node, and load it by typing UPnP* into > the box. Then you will have support for automatic port forwarding of both > darknet (friends) and opennet (strangers) ports. The other significant change > in this build is that the backwards compatibility options for pre-1010 keys > have been removed. Apologies for the fast release cycle, I thought I'd > release it while the changes were small, self-contained and known to work, > especially given they should improve opennet connectivity significantly. Of > course you will find bugs; please tell us about them. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070908/3dc5b6cf/attachment.pgp From toad at amphibian.dyndns.org Sat Sep 8 17:18:48 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Sat, 8 Sep 2007 18:18:48 +0100 Subject: [freenet-dev] [freenet-support] Freenet 0.7 build 1059 In-Reply-To: <200709081744.46243.toad@amphibian.dyndns.org> References: <200709081332.19675.toad@amphibian.dyndns.org> <200709081744.46243.toad@amphibian.dyndns.org> Message-ID: <200709081818.53811.toad@amphibian.dyndns.org> Apparently this doesn't work either, due to a bug. I've fixed this and various plugin related bugs in trunk, I will release 1060 shortly. Sorry.. On Saturday 08 September 2007 17:44, Matthew Toseland wrote: > Sorry folk, load it by typing UPnP# not UPnP*. The difference is that the > latter will download it on every startup from emu; the former will download > it once. If you are really paranoid, find a different way to get it or don't > use it at all. > > On Saturday 08 September 2007 13:32, Matthew Toseland wrote: > > Freenet 0.7 build 1059 is now available. Please upgrade. Please reload the > > UPnP plugin - unload it, restart the node, and load it by typing UPnP* into > > the box. Then you will have support for automatic port forwarding of both > > darknet (friends) and opennet (strangers) ports. The other significant > change > > in this build is that the backwards compatibility options for pre-1010 keys > > have been removed. Apologies for the fast release cycle, I thought I'd > > release it while the changes were small, self-contained and known to work, > > especially given they should improve opennet connectivity significantly. Of > > course you will find bugs; please tell us about them. > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070908/e61f9cbe/attachment.pgp From toad at amphibian.dyndns.org Sat Sep 8 19:42:23 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Sat, 8 Sep 2007 20:42:23 +0100 Subject: [freenet-dev] Freenet 0.7 build 1060 and UPnP/plugins (sorry) Message-ID: <200709082042.28334.toad@amphibian.dyndns.org> Freenet 0.7 build 1060 is now available. Please upgrade to 1060, then, if you need it (most people do), get the new version of the UPnP plugin by unloading it and restarting if necessary and then loading UPnP# in the plugins box. This will automatically download it from our servers (so if you're really paranoid, you can't do it this way). 1060 fixes lots of bugs in the node related to plugins, for example the above doesn't work in 1059, and there are various bugs affecting the UPnP and JSTUN plugins. Two other reasons for the release of 1060 are that I accidentally deployed a trunk build as 1059, and that I asked people to reload the UPnP plugin in 1059, first by asking them to load UPnP* (which works, but is bad because it reloads it on every startup), and then by asking them to load UPnP# (which doesn't work in 1059). I'm sorry for the rapid fire releases in recent days, next week hopefully we will be back to the normal rhythm of at most 2 a week. Anyway, the purpose of the UPnP plugin, around which the last few releases revolve, is to automatically forward your ports - both darknet and opennet - across your router. There are a few other bugfixes in 1059 and 1060, but none of them are urgent; you don't need to update immediately if you are not behind a router (meaning a NAT/PAT/etc - 99% of cable/DSL modems with an ethernet connection nowadays). -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070908/2de5273b/attachment.pgp From juiceman69 at gmail.com Sun Sep 9 21:26:35 2007 From: juiceman69 at gmail.com (Juiceman) Date: Sun, 9 Sep 2007 17:26:35 -0400 Subject: [freenet-dev] ignoreTooManyPathComponents Message-ID: <8b525dee0709091426p3758b54dqe4a929782fffe6a2@mail.gmail.com> Do we still need to keep this; do all of the current clients handle this ok? // FIXME remove this code, the new behaviour should be handled by all clients nodeConfig.register("ignoreTooManyPathComponents", false, sortOrder++, true, false, "NodeClientCore.ignoreTooManyPathComponents", "NodeClientCore.ignoreTooManyPathComponentsLong", new BooleanCallback() { public boolean get() { return ignoreTooManyPathComponents; } public void set(boolean val) throws InvalidConfigValueException { synchronized(NodeClientCore.this) { ignoreTooManyPathComponents = val; } } }); ignoreTooManyPathComponents = nodeConfig.getBoolean("ignoreTooManyPathComponents"); From toad at amphibian.dyndns.org Mon Sep 10 21:50:43 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Mon, 10 Sep 2007 22:50:43 +0100 Subject: [freenet-dev] [freenet-cvs] r15120 - trunk/freenet/src/freenet/node/fcp In-Reply-To: <20070910195434.F0D8247AEEF@freenetproject.org> References: <20070910195434.F0D8247AEEF@freenetproject.org> Message-ID: <200709102250.48626.toad@amphibian.dyndns.org> I don't see how this changes anything: ConnectionInputHandler already checks for whether the connection has been closed: if(handler.isClosed()) return; I've committed a better fix. On Monday 10 September 2007 20:54, you wrote: > Author: nextgens > Date: 2007-09-10 19:54:34 +0000 (Mon, 10 Sep 2007) > New Revision: 15120 > > Modified: > trunk/freenet/src/freenet/node/fcp/FCPConnectionHandler.java > trunk/freenet/src/freenet/node/fcp/FCPConnectionInputHandler.java > Log: > Fix a potential security issue with FCP -thanks to makomk for the heads up- > Will detail the vulnerability when this fix hits stable. > > Modified: trunk/freenet/src/freenet/node/fcp/FCPConnectionHandler.java > =================================================================== > --- trunk/freenet/src/freenet/node/fcp/FCPConnectionHandler.java 2007-09-10 19:24:45 UTC (rev 15119) > +++ trunk/freenet/src/freenet/node/fcp/FCPConnectionHandler.java 2007-09-10 19:54:34 UTC (rev 15120) > @@ -97,6 +97,7 @@ > requests = new ClientRequest[requestsByIdentifier.size()]; > requests = (ClientRequest[]) requestsByIdentifier.values().toArray(requests); > } > + try { sock.close(); } catch (IOException e) {} > for(int i=0;i requests[i].onLostConnection(); > if((client != null) && !client.hasPersistentRequests()) > > Modified: trunk/freenet/src/freenet/node/fcp/FCPConnectionInputHandler.java > =================================================================== > --- trunk/freenet/src/freenet/node/fcp/FCPConnectionInputHandler.java 2007-09-10 19:24:45 UTC (rev 15119) > +++ trunk/freenet/src/freenet/node/fcp/FCPConnectionInputHandler.java 2007-09-10 19:54:34 UTC (rev 15120) > @@ -67,11 +67,12 @@ > is.close(); > return; > } > - if(messageType.equals("")) continue; > + if(messageType.equals("")) > + continue; > fs = new SimpleFieldSet(lis, 4096, 128, true, true, true, true); > > // check for valid endmarker > - if (fs.getEndMarker() != null && (!fs.getEndMarker().startsWith("End")) && (!"Data".equals(fs.getEndMarker()))) { > + if (!firstMessage && fs.getEndMarker() != null && (!fs.getEndMarker().startsWith("End")) && (!"Data".equals(fs.getEndMarker()))) { > FCPMessage err = new ProtocolErrorMessage(ProtocolErrorMessage.MESSAGE_PARSE_ERROR, false, "Invalid end marker: "+fs.getEndMarker(), fs.get("Identifer"), fs.getBoolean("Global", false)); > handler.outputHandler.queue(err); > continue; > @@ -84,8 +85,15 @@ > msg = FCPMessage.create(messageType, fs, handler.bf, handler.server.core.persistentTempBucketFactory); > if(msg == null) continue; > } catch (MessageInvalidException e) { > - FCPMessage err = new ProtocolErrorMessage(e.protocolCode, false, e.getMessage(), e.ident, e.global); > - handler.outputHandler.queue(err); > + if(firstMessage) { > + FCPMessage err = new ProtocolErrorMessage(ProtocolErrorMessage.CLIENT_HELLO_MUST_BE_FIRST_MESSAGE, true, null, null, false); > + handler.outputHandler.queue(err); > + handler.close(); > + continue; > + } else { > + FCPMessage err = new ProtocolErrorMessage(e.protocolCode, false, e.getMessage(), e.ident, e.global); > + handler.outputHandler.queue(err); > + } > continue; > } > if(firstMessage && !(msg instanceof ClientHelloMessage)) { > > _______________________________________________ > cvs mailing list > cvs at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/cvs > > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070910/280cc060/attachment.pgp From toad at amphibian.dyndns.org Mon Sep 10 21:57:46 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Mon, 10 Sep 2007 22:57:46 +0100 Subject: [freenet-dev] Freenet 0.7 build 1061 Message-ID: <200709102257.46844.toad@amphibian.dyndns.org> Freenet 0.7 build 1061 is now available. Please upgrade. This build removes some backwards compatibility code (pre-1010 keys, which had broken encryption, are no longer accessible and no longer passed across the network), has some localisation fixes and fixes an exploitable bug in FCP. Please upgrade, and tell us if you find any bugs. Thanks. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070910/c96f5667/attachment.pgp From nextgens at freenetproject.org Tue Sep 11 00:57:24 2007 From: nextgens at freenetproject.org (Florent =?iso-8859-1?Q?Daigni=E8re?=) Date: Tue, 11 Sep 2007 02:57:24 +0200 Subject: [freenet-dev] [freenet-cvs] r15120 - trunk/freenet/src/freenet/node/fcp In-Reply-To: <200709102250.48626.toad@amphibian.dyndns.org> References: <20070910195434.F0D8247AEEF@freenetproject.org> <200709102250.48626.toad@amphibian.dyndns.org> Message-ID: <20070911005723.GA29181@freenetproject.org> * Matthew Toseland [2007-09-10 22:50:43]: > I don't see how this changes anything: ConnectionInputHandler already checks > for whether the connection has been closed: > > if(handler.isClosed()) return; > > I've committed a better fix. Sure, I chose to close the socket directly... whereas you close the input stream in r15121 ... the old code wasn't doing neither anyway and that was the "bug". > > On Monday 10 September 2007 20:54, you wrote: > > Author: nextgens > > Date: 2007-09-10 19:54:34 +0000 (Mon, 10 Sep 2007) > > New Revision: 15120 > > > > Modified: > > trunk/freenet/src/freenet/node/fcp/FCPConnectionHandler.java > > trunk/freenet/src/freenet/node/fcp/FCPConnectionInputHandler.java > > Log: > > Fix a potential security issue with FCP -thanks to makomk for the heads up- > > Will detail the vulnerability when this fix hits stable. > > > > Modified: trunk/freenet/src/freenet/node/fcp/FCPConnectionHandler.java > > =================================================================== > > --- trunk/freenet/src/freenet/node/fcp/FCPConnectionHandler.java 2007-09-10 > 19:24:45 UTC (rev 15119) > > +++ trunk/freenet/src/freenet/node/fcp/FCPConnectionHandler.java 2007-09-10 > 19:54:34 UTC (rev 15120) > > @@ -97,6 +97,7 @@ > > requests = new ClientRequest[requestsByIdentifier.size()]; > > requests = (ClientRequest[]) > requestsByIdentifier.values().toArray(requests); > > } > > + try { sock.close(); } catch (IOException e) {} > > for(int i=0;i > requests[i].onLostConnection(); > > if((client != null) && !client.hasPersistentRequests()) > > > > Modified: trunk/freenet/src/freenet/node/fcp/FCPConnectionInputHandler.java > > =================================================================== > > --- trunk/freenet/src/freenet/node/fcp/FCPConnectionInputHandler.java > 2007-09-10 19:24:45 UTC (rev 15119) > > +++ trunk/freenet/src/freenet/node/fcp/FCPConnectionInputHandler.java > 2007-09-10 19:54:34 UTC (rev 15120) > > @@ -67,11 +67,12 @@ > > is.close(); > > return; > > } > > - if(messageType.equals("")) continue; > > + if(messageType.equals("")) > > + continue; > > fs = new SimpleFieldSet(lis, 4096, 128, true, true, true, true); > > > > // check for valid endmarker > > - if (fs.getEndMarker() != null && (!fs.getEndMarker().startsWith("End")) > && (!"Data".equals(fs.getEndMarker()))) { > > + if (!firstMessage && fs.getEndMarker() != null && > (!fs.getEndMarker().startsWith("End")) && > (!"Data".equals(fs.getEndMarker()))) { > > FCPMessage err = new > ProtocolErrorMessage(ProtocolErrorMessage.MESSAGE_PARSE_ERROR, > false, "Invalid end marker: "+fs.getEndMarker(), fs.get("Identifer"), > fs.getBoolean("Global", false)); > > handler.outputHandler.queue(err); > > continue; > > @@ -84,8 +85,15 @@ > > msg = FCPMessage.create(messageType, fs, handler.bf, > handler.server.core.persistentTempBucketFactory); > > if(msg == null) continue; > > } catch (MessageInvalidException e) { > > - FCPMessage err = new ProtocolErrorMessage(e.protocolCode, false, > e.getMessage(), e.ident, e.global); > > - handler.outputHandler.queue(err); > > + if(firstMessage) { > > + FCPMessage err = new > ProtocolErrorMessage(ProtocolErrorMessage.CLIENT_HELLO_MUST_BE_FIRST_MESSAGE, > true, null, null, false); > > + handler.outputHandler.queue(err); > > + handler.close(); > > + continue; > > + } else { > > + FCPMessage err = new ProtocolErrorMessage(e.protocolCode, false, > e.getMessage(), e.ident, e.global); > > + handler.outputHandler.queue(err); > > + } > > continue; > > } > > if(firstMessage && !(msg instanceof ClientHelloMessage)) { > > > > _______________________________________________ > > cvs mailing list > > cvs at freenetproject.org > > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/cvs > > > > > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070911/c762834d/attachment.pgp From toad at amphibian.dyndns.org Tue Sep 11 15:06:38 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Tue, 11 Sep 2007 16:06:38 +0100 Subject: [freenet-dev] Wiki page on opennet (in)security Message-ID: <200709111606.45249.toad@amphibian.dyndns.org> Please contribute any attacks you discover in opennet or made easier by opennet on the below wiki page. http://wiki.freenetproject.org/OpennetAttacks -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070911/648d7f7f/attachment.pgp From toad at amphibian.dyndns.org Thu Sep 13 17:11:47 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Thu, 13 Sep 2007 18:11:47 +0100 Subject: [freenet-dev] [freenet-cvs] r15120 - trunk/freenet/src/freenet/node/fcp In-Reply-To: <20070911005723.GA29181@freenetproject.org> References: <20070910195434.F0D8247AEEF@freenetproject.org> <200709102250.48626.toad@amphibian.dyndns.org> <20070911005723.GA29181@freenetproject.org> Message-ID: <200709131811.52853.toad@amphibian.dyndns.org> On Tuesday 11 September 2007 01:57, Florent Daigni?re wrote: > * Matthew Toseland [2007-09-10 22:50:43]: > > > I don't see how this changes anything: ConnectionInputHandler already checks > > for whether the connection has been closed: > > > > if(handler.isClosed()) return; > > > > I've committed a better fix. > > Sure, I chose to close the socket directly... whereas you close the > input stream in r15121 ... the old code wasn't doing neither anyway and > that was the "bug". Closing the socket directly is messy IMHO. > > > > > On Monday 10 September 2007 20:54, you wrote: > > > Author: nextgens > > > Date: 2007-09-10 19:54:34 +0000 (Mon, 10 Sep 2007) > > > New Revision: 15120 > > > > > > Modified: > > > trunk/freenet/src/freenet/node/fcp/FCPConnectionHandler.java > > > trunk/freenet/src/freenet/node/fcp/FCPConnectionInputHandler.java > > > Log: > > > Fix a potential security issue with FCP -thanks to makomk for the heads up- > > > Will detail the vulnerability when this fix hits stable. > > > > > > Modified: trunk/freenet/src/freenet/node/fcp/FCPConnectionHandler.java > > > =================================================================== > > > --- trunk/freenet/src/freenet/node/fcp/FCPConnectionHandler.java 2007-09-10 > > 19:24:45 UTC (rev 15119) > > > +++ trunk/freenet/src/freenet/node/fcp/FCPConnectionHandler.java 2007-09-10 > > 19:54:34 UTC (rev 15120) > > > @@ -97,6 +97,7 @@ > > > requests = new ClientRequest[requestsByIdentifier.size()]; > > > requests = (ClientRequest[]) > > requestsByIdentifier.values().toArray(requests); > > > } > > > + try { sock.close(); } catch (IOException e) {} > > > for(int i=0;i > > requests[i].onLostConnection(); > > > if((client != null) && !client.hasPersistentRequests()) > > > > > > Modified: trunk/freenet/src/freenet/node/fcp/FCPConnectionInputHandler.java > > > =================================================================== > > > --- trunk/freenet/src/freenet/node/fcp/FCPConnectionInputHandler.java > > 2007-09-10 19:24:45 UTC (rev 15119) > > > +++ trunk/freenet/src/freenet/node/fcp/FCPConnectionInputHandler.java > > 2007-09-10 19:54:34 UTC (rev 15120) > > > @@ -67,11 +67,12 @@ > > > is.close(); > > > return; > > > } > > > - if(messageType.equals("")) continue; > > > + if(messageType.equals("")) > > > + continue; > > > fs = new SimpleFieldSet(lis, 4096, 128, true, true, true, true); > > > > > > // check for valid endmarker > > > - if (fs.getEndMarker() != null && (!fs.getEndMarker().startsWith("End")) > > && (!"Data".equals(fs.getEndMarker()))) { > > > + if (!firstMessage && fs.getEndMarker() != null && > > (!fs.getEndMarker().startsWith("End")) && > > (!"Data".equals(fs.getEndMarker()))) { > > > FCPMessage err = new > > ProtocolErrorMessage(ProtocolErrorMessage.MESSAGE_PARSE_ERROR, > > false, "Invalid end marker: "+fs.getEndMarker(), fs.get("Identifer"), > > fs.getBoolean("Global", false)); > > > handler.outputHandler.queue(err); > > > continue; > > > @@ -84,8 +85,15 @@ > > > msg = FCPMessage.create(messageType, fs, handler.bf, > > handler.server.core.persistentTempBucketFactory); > > > if(msg == null) continue; > > > } catch (MessageInvalidException e) { > > > - FCPMessage err = new ProtocolErrorMessage(e.protocolCode, false, > > e.getMessage(), e.ident, e.global); > > > - handler.outputHandler.queue(err); > > > + if(firstMessage) { > > > + FCPMessage err = new > > ProtocolErrorMessage(ProtocolErrorMessage.CLIENT_HELLO_MUST_BE_FIRST_MESSAGE, > > true, null, null, false); > > > + handler.outputHandler.queue(err); > > > + handler.close(); > > > + continue; > > > + } else { > > > + FCPMessage err = new ProtocolErrorMessage(e.protocolCode, false, > > e.getMessage(), e.ident, e.global); > > > + handler.outputHandler.queue(err); > > > + } > > > continue; > > > } > > > if(firstMessage && !(msg instanceof ClientHelloMessage)) { > > > > > > _______________________________________________ > > > cvs mailing list > > > cvs at freenetproject.org > > > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/cvs > > > > > > > > > > > _______________________________________________ > > Devl mailing list > > Devl at freenetproject.org > > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070913/68a862b6/attachment.pgp From juiceman69 at gmail.com Fri Sep 14 03:47:24 2007 From: juiceman69 at gmail.com (Juiceman) Date: Thu, 13 Sep 2007 23:47:24 -0400 Subject: [freenet-dev] [freenet-cvs] r15153 - trunk/freenet/src/freenet/node In-Reply-To: <20070914034501.C5FFF47961C@freenetproject.org> References: <20070914034501.C5FFF47961C@freenetproject.org> Message-ID: <8b525dee0709132047k1da0f10r3b8513943e75af43@mail.gmail.com> On 9/13/07, juiceman at freenetproject.org wrote: > Author: juiceman > Date: 2007-09-14 03:45:01 +0000 (Fri, 14 Sep 2007) > New Revision: 15153 > > Modified: > trunk/freenet/src/freenet/node/NodeClientCore.java > Log: > Oops, removed 1 line too many > > Modified: trunk/freenet/src/freenet/node/NodeClientCore.java > =================================================================== > --- trunk/freenet/src/freenet/node/NodeClientCore.java 2007-09-14 03:11:03 UTC (rev 15152) > +++ trunk/freenet/src/freenet/node/NodeClientCore.java 2007-09-14 03:45:01 UTC (rev 15153) > @@ -241,8 +241,6 @@ > } > > }); > - if(node.lastVersion <= 1024) > - nodeConfig.fixOldDefault("downloadAllowedDirs", "downloads"); > setDownloadAllowedDirs(nodeConfig.getStringArr("downloadAllowedDirs")); Nevermind the comment, I thought I had committed a version where I took out all three lines. This was old back compat code and should be safe to remove. From toad at amphibian.dyndns.org Fri Sep 14 13:58:26 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Fri, 14 Sep 2007 14:58:26 +0100 Subject: [freenet-dev] [freenet-cvs] r15135 - in trunk/freenet/src/freenet: clients/http pluginmanager In-Reply-To: <20070913112455.8B48547AA44@freenetproject.org> References: <20070913112455.8B48547AA44@freenetproject.org> Message-ID: <200709141458.27055.toad@amphibian.dyndns.org> IMHO this is ugly. It's basically a function of the plugin loader, not the interface. On Thursday 13 September 2007 12:24, you wrote: > Author: nextgens > Date: 2007-09-13 11:24:55 +0000 (Thu, 13 Sep 2007) > New Revision: 15135 > > Modified: > trunk/freenet/src/freenet/clients/http/PproxyToadlet.java > trunk/freenet/src/freenet/pluginmanager/PluginManager.java > Log: > plugins: Move some code around... sorry for the big diff > > Basically, checking for # should be done on the toadlet and not on the plugin manager ... otherwise we end up storing the # version in the configuration ... and we actually re-download everything on each startup :( > > nb: current loaded plugins using # will be "forgotten" > > Modified: trunk/freenet/src/freenet/clients/http/PproxyToadlet.java > =================================================================== > --- trunk/freenet/src/freenet/clients/http/PproxyToadlet.java 2007-09-13 09:08:18 UTC (rev 15134) > +++ trunk/freenet/src/freenet/clients/http/PproxyToadlet.java 2007-09-13 11:24:55 UTC (rev 15135) > @@ -1,7 +1,12 @@ > package freenet.clients.http; > > +import java.io.File; > +import java.io.FileNotFoundException; > import java.io.IOException; > +import java.io.InputStream; > +import java.net.MalformedURLException; > import java.net.URI; > +import java.net.URL; > import java.util.Date; > import java.util.Iterator; > > @@ -20,6 +25,7 @@ > import freenet.support.Logger; > import freenet.support.MultiValueTable; > import freenet.support.api.HTTPRequest; > +import freenet.support.io.FileUtil; > > public class PproxyToadlet extends Toadlet { > private static final int MAX_PLUGIN_NAME_LENGTH = 1024; > @@ -39,7 +45,7 @@ > } > > public void handlePost(URI uri, HTTPRequest request, ToadletContext ctx) > - throws ToadletContextClosedException, IOException { > + throws ToadletContextClosedException, IOException { > > MultiValueTable headers = new MultiValueTable(); > > @@ -55,7 +61,7 @@ > super.sendErrorPage(ctx, 403, "Unauthorized", l10n("unauthorized")); > return; > } > - > + > String path=request.getPath(); > > // remove leading / and plugins/ from path > @@ -65,7 +71,7 @@ > if(Logger.shouldLog(Logger.MINOR, this)) Logger.minor(this, "Pproxy received POST on "+path); > > PluginManager pm = node.pluginManager; > - > + > if(path.length()>0) > { > try > @@ -114,10 +120,85 @@ > { > > if (request.isPartSet("load")) { > - if(Logger.shouldLog(Logger.MINOR, this)) Logger.minor(this, "Loading "+request.getPartAsString("load", MAX_PLUGIN_NAME_LENGTH)); > - pm.startPlugin(request.getPartAsString("load", MAX_PLUGIN_NAME_LENGTH), true); > - //writeReply(ctx, 200, "text/html", "OK", mkForwardPage("Loading plugin", "Loading plugin...", ".", 5)); > + String filename = request.getPartAsString("load", MAX_PLUGIN_NAME_LENGTH); > + final boolean logMINOR = Logger.shouldLog(Logger.MINOR, this); > + boolean downloaded = false; > > + if(logMINOR) Logger.minor(this, "Loading "+filename); > + if (filename.endsWith("#")) { > + for (int tries = 0; (tries <= 5) && (downloaded == false); tries++) { > + if (filename.indexOf('@') > -1) { > + Logger > + .error(this, > + "We don't allow downloads from anywhere else but our server"); > + return; > + } > + String pluginname = filename.substring(0, > + filename.length() - 1); > + filename = null; > + > + URL url; > + InputStream is = null; > + > + try { > + url = new URL( > + "http://downloads.freenetproject.org/alpha/plugins/" > + + pluginname + ".jar.url"); > + if (logMINOR) > + Logger.minor(this, "Downloading " + url); > + is = url.openStream(); > + > + File pluginsDirectory = new File("plugins"); > + if (!pluginsDirectory.exists()) { > + Logger > + .normal(this, > + "The plugin directory hasn't been found, let's create it"); > + if (!pluginsDirectory.mkdir()) > + return; > + } > + > + File finalFile = new File("plugins/" + pluginname > + + ".jar"); > + if (!FileUtil.writeTo(is, finalFile)) > + Logger.error(this, > + "Failed to rename the temporary file into " > + + finalFile); > + > + filename = "*@file://" > + + FileUtil.getCanonicalFile(finalFile); > + if (logMINOR) > + Logger.minor(this, "Rewritten to " + filename); > + downloaded = true; > + } catch (MalformedURLException mue) { > + Logger.error(this, > + "MalformedURLException has occured : " + mue, > + mue); > + return; > + } catch (FileNotFoundException e) { > + Logger.error(this, > + "FileNotFoundException has occured : " + e, e); > + return; > + } catch (IOException ioe) { > + System.out.println("Caught :" + ioe.getMessage()); > + ioe.printStackTrace(); > + return; > + } finally { > + try { > + if (is != null) > + is.close(); > + } catch (IOException ioe) { > + } > + } > + if (filename == null) > + return; > + else if(!downloaded) { > + Logger.error(this, "Can't load the given plugin; giving up"); > + return; > + } > + } > + } > + > + pm.startPlugin(filename, true); > headers.put("Location", "."); > ctx.sendReplyHeaders(302, "Found", headers, null, 0); > return; > @@ -192,7 +273,7 @@ > } > > public void handleGet(URI uri, HTTPRequest request, ToadletContext ctx) > - throws ToadletContextClosedException, IOException { > + throws ToadletContextClosedException, IOException { > > //String basepath = "/plugins/"; > String path = request.getPath(); > @@ -202,7 +283,7 @@ > if(path.startsWith("plugins/")) path = path.substring("plugins/".length()); > > PluginManager pm = node.pluginManager; > - > + > if(Logger.shouldLog(Logger.MINOR, this)) > Logger.minor(this, "Pproxy fetching "+path); > try { > @@ -281,18 +362,18 @@ > if(pi.isStopping()) { > actionCell.addChild("#", l10n("pluginStopping")); > } else { > - if (pi.isPproxyPlugin()) { > - HTMLNode visitForm = actionCell.addChild("form", new String[] { "method", "action", "target" }, new String[] { "get", pi.getPluginClassName(), "_new" }); > - visitForm.addChild("input", new String[] { "type", "name", "value" }, new String[] { "hidden", "formPassword", core.formPassword }); > - visitForm.addChild("input", new String[] { "type", "value" }, new String[] { "submit", L10n.getString("PluginToadlet.visit") }); > + if (pi.isPproxyPlugin()) { > + HTMLNode visitForm = actionCell.addChild("form", new String[] { "method", "action", "target" }, new String[] { "get", pi.getPluginClassName(), "_new" }); > + visitForm.addChild("input", new String[] { "type", "name", "value" }, new String[] { "hidden", "formPassword", core.formPassword }); > + visitForm.addChild("input", new String[] { "type", "value" }, new String[] { "submit", L10n.getString("PluginToadlet.visit") }); > + } > + HTMLNode unloadForm = ctx.addFormChild(actionCell, ".", "unloadPluginForm"); > + unloadForm.addChild("input", new String[] { "type", "name", "value" }, new String[] { "hidden", "unload", pi.getThreadName() }); > + unloadForm.addChild("input", new String[] { "type", "value" }, new String[] { "submit", l10n("unload") }); > + HTMLNode reloadForm = ctx.addFormChild(actionCell, ".", "reloadPluginForm"); > + reloadForm.addChild("input", new String[] { "type", "name", "value" }, new String[] { "hidden", "reload", pi.getThreadName() }); > + reloadForm.addChild("input", new String[] { "type", "value" }, new String[] { "submit", l10n("reload") }); > } > - HTMLNode unloadForm = ctx.addFormChild(actionCell, ".", "unloadPluginForm"); > - unloadForm.addChild("input", new String[] { "type", "name", "value" }, new String[] { "hidden", "unload", pi.getThreadName() }); > - unloadForm.addChild("input", new String[] { "type", "value" }, new String[] { "submit", l10n("unload") }); > - HTMLNode reloadForm = ctx.addFormChild(actionCell, ".", "reloadPluginForm"); > - reloadForm.addChild("input", new String[] { "type", "name", "value" }, new String[] { "hidden", "reload", pi.getThreadName() }); > - reloadForm.addChild("input", new String[] { "type", "value" }, new String[] { "submit", l10n("reload") }); > - } > } > } > > > Modified: trunk/freenet/src/freenet/pluginmanager/PluginManager.java > =================================================================== > --- trunk/freenet/src/freenet/pluginmanager/PluginManager.java 2007-09-13 09:08:18 UTC (rev 15134) > +++ trunk/freenet/src/freenet/pluginmanager/PluginManager.java 2007-09-13 11:24:55 UTC (rev 15135) > @@ -4,13 +4,10 @@ > package freenet.pluginmanager; > > import java.io.BufferedReader; > -import java.io.File; > -import java.io.FileNotFoundException; > import java.io.IOException; > import java.io.InputStream; > import java.io.InputStreamReader; > import java.net.JarURLConnection; > -import java.net.MalformedURLException; > import java.net.URI; > import java.net.URL; > import java.net.URLClassLoader; > @@ -34,7 +31,6 @@ > import freenet.support.URIPreEncoder; > import freenet.support.api.HTTPRequest; > import freenet.support.api.StringArrCallback; > -import freenet.support.io.FileUtil; > > public class PluginManager { > > @@ -68,15 +64,15 @@ > // Start plugins in the config > pmconfig.register("loadplugin", null, 9, true, false, "PluginManager.loadedOnStartup", "PluginManager.loadedOnStartupLong", > new StringArrCallback() { > - public String[] get() { > - return getConfigLoadString(); > - } > - public void set(String[] val) throws InvalidConfigValueException { > - //if(storeDir.equals(new File(val))) return; > - // FIXME > - throw new InvalidConfigValueException(L10n.getString("PluginManager.cannotSetOnceLoaded")); > - } > - }); > + public String[] get() { > + return getConfigLoadString(); > + } > + public void set(String[] val) throws InvalidConfigValueException { > + //if(storeDir.equals(new File(val))) return; > + // FIXME > + throw new InvalidConfigValueException(L10n.getString("PluginManager.cannotSetOnceLoaded")); > + } > + }); > > String fns[] = pmconfig.getStringArr("loadplugin"); > if (fns != null) { > @@ -93,7 +89,7 @@ > for (int i = 0 ; i < fns.length ; i++) > System.err.println("Load: " + StringArrOption.decode(fns[i])); > System.err.println("================================="); > - */ > + */ > } > > private String[] getConfigLoadString() { > @@ -135,9 +131,9 @@ > System.err.println("Plugin "+filename+" appears to require a later JVM"); > Logger.error(this, "Plugin "+filename+" appears to require a later JVM"); > core.alerts.register(new SimpleUserAlert(true, > - l10n("pluginReqNewerJVMTitle", "name", filename), > - l10n("pluginReqNewerJVM", "name", filename), > - UserAlert.ERROR)); > + l10n("pluginReqNewerJVMTitle", "name", filename), > + l10n("pluginReqNewerJVM", "name", filename), > + UserAlert.ERROR)); > } > } > if(store) core.storeConfig(); > @@ -156,7 +152,7 @@ > node.ipDetector.registerPortForwardPlugin((FredPluginPortForward) plug); > } > } > - > + > private String l10n(String key, String pattern, String value) { > return L10n.getString("PluginManager."+key, pattern, value); > } > @@ -178,7 +174,7 @@ > } > core.storeConfig(); > } > - > + > public void unregisterPluginToadlet(PluginInfoWrapper pi) { > synchronized (toadletList) { > try { > @@ -260,7 +256,7 @@ > } > /*if (handler == null) > return null; > - */ > + */ > > if (handler instanceof FredPluginHTTP) > return ((FredPluginHTTP)handler).handleHTTPGet(request); > @@ -275,7 +271,7 @@ > } > /*if (handler == null) > return null; > - */ > + */ > > if (handler instanceof FredPluginHTTP) > return ((FredPluginHTTP)handler).handleHTTPPost(request); > @@ -310,94 +306,19 @@ > * @throws PluginNotFoundException If anything goes wrong. > */ > private FredPlugin LoadPlugin(String origFilename) > - throws PluginNotFoundException { > + throws PluginNotFoundException { > logMINOR = Logger.shouldLog(Logger.MINOR, this); > Class cls = null; > for (int tries = 0; (tries <= 5) && (cls == null); tries++) { > String filename = origFilename; > + if (filename.endsWith("*")) { > + filename = "*@http://downloads.freenetproject.org/alpha/plugins/" > + + filename.substring(filename.lastIndexOf(".") + 1, > + filename.length() - 1) + ".jar.url"; > + if (logMINOR) > + Logger.minor(this, "Rewritten to " + filename); > + } > try { > - if (filename.endsWith("*")) { > - filename = "*@http://downloads.freenetproject.org/alpha/plugins/" > - + filename.substring(filename.lastIndexOf(".") + 1, > - filename.length() - 1) + ".jar.url"; > - // System.out.println(filename); > - if (logMINOR) > - Logger.minor(this, "Rewritten to " + filename); > - } > - if (filename.endsWith("#")) { > - if (filename.indexOf('@') > -1) { > - Logger > - .error(this, > - "We don't allow downloads from anywhere else but our server"); > - return null; > - } > - String pluginname = filename.substring(0, > - filename.length() - 1); > - filename = null; > - > - URL url; > - InputStream is = null; > - > - try { > - url = new URL( > - "http://downloads.freenetproject.org/alpha/plugins/" > - + pluginname + ".jar.url"); > - if (logMINOR) > - Logger.minor(this, "Downloading " + url); > - is = url.openStream(); > - > - File pluginsDirectory = new File("plugins"); > - if (!pluginsDirectory.exists()) { > - Logger > - .normal(this, > - "The plugin directory hasn't been found, let's create it"); > - if (!pluginsDirectory.mkdir()) > - return null; > - } > - > - File finalFile = new File("plugins/" + pluginname > - + ".jar"); > - if (!FileUtil.writeTo(is, finalFile)) { > - Logger.error(this, > - "Failed to rename the temporary file into " > - + finalFile); > - throw new PluginNotFoundException( > - "Cannot write plugin to " > - + finalFile > - + " from " > - + url > - + " - check for permissions problem and disk full!"); > - } > - > - filename = "*@file://" > - + FileUtil.getCanonicalFile(finalFile); > - if (logMINOR) > - Logger.minor(this, "Rewritten to " + filename); > - > - } catch (MalformedURLException mue) { > - Logger.error(this, > - "MalformedURLException has occured : " + mue, > - mue); > - return null; > - } catch (FileNotFoundException e) { > - Logger.error(this, > - "FileNotFoundException has occured : " + e, e); > - return null; > - } catch (IOException ioe) { > - System.out.println("Caught :" + ioe.getMessage()); > - ioe.printStackTrace(); > - return null; > - } finally { > - try { > - if (is != null) > - is.close(); > - } catch (IOException ioe) { > - } > - } > - if (filename == null) > - return null; > - } > - > BufferedReader in = null; > InputStream is = null; > if ((filename.indexOf("@") >= 0)) { > @@ -411,7 +332,7 @@ > String[] parts = filename.split("@"); > if (parts.length != 2) { > throw new PluginNotFoundException( > - "Could not split at \"@\"."); > + "Could not split at \"@\"."); > } > realClass = parts[0]; > realURL = parts[1]; > @@ -431,8 +352,8 @@ > if (realURL == null) > throw new PluginNotFoundException( > "Initialization error: " > - + url > - + " isn't a plugin loading url!"); > + + url > + + " isn't a plugin loading url!"); > realURL = realURL.trim(); > if (logMINOR) > Logger.minor(this, "Loaded new URL: " > @@ -458,7 +379,7 @@ > > URL url = new URL("jar:" + realURL + "!/"); > JarURLConnection jarConnection = (JarURLConnection) url > - .openConnection(); > + .openConnection(); > // Java seems to cache even file: urls... > jarConnection.setUseCaches(false); > JarFile jf = jarConnection.getJarFile(); > @@ -487,8 +408,8 @@ > if (logMINOR) > Logger.minor(this, > "Found plugin main class " > - + realClass > - + " from manifest"); > + + realClass > + + " from manifest"); > } > } > // System.err.println("Real classname: " + > @@ -517,7 +438,6 @@ > > if (cls == null) > throw new PluginNotFoundException("Unknown error"); > - > } catch (Exception e) { > Logger.normal(this, "Failed to load plugin " + filename + " : " > + e, e); > @@ -548,7 +468,7 @@ > > return (FredPlugin) o; > } > - > + > Ticker getTicker() { > return node.getTicker(); > } > > _______________________________________________ > cvs mailing list > cvs at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/cvs > > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070914/9af0b5bd/attachment.pgp From nextgens at freenetproject.org Fri Sep 14 14:05:23 2007 From: nextgens at freenetproject.org (Florent =?iso-8859-1?Q?Daigni=E8re?=) Date: Fri, 14 Sep 2007 16:05:23 +0200 Subject: [freenet-dev] [freenet-cvs] r15135 - in trunk/freenet/src/freenet: clients/http pluginmanager In-Reply-To: <200709141458.27055.toad@amphibian.dyndns.org> References: <20070913112455.8B48547AA44@freenetproject.org> <200709141458.27055.toad@amphibian.dyndns.org> Message-ID: <20070914140522.GC5558@freenetproject.org> * Matthew Toseland [2007-09-14 14:58:26]: > IMHO this is ugly. It's basically a function of the plugin loader, not the > interface. Agreed... but to be done properly the whole plugin system has to be redesigned (remember, you were working on it last year)... and the urgency is/was to fix the bug causing plugins to be re-downloaded on every startup. > > On Thursday 13 September 2007 12:24, you wrote: > > Author: nextgens > > Date: 2007-09-13 11:24:55 +0000 (Thu, 13 Sep 2007) > > New Revision: 15135 > > > > Modified: > > trunk/freenet/src/freenet/clients/http/PproxyToadlet.java > > trunk/freenet/src/freenet/pluginmanager/PluginManager.java > > Log: > > plugins: Move some code around... sorry for the big diff > > > > Basically, checking for # should be done on the toadlet and not on > the plugin manager ... otherwise we end up storing the # version in the > configuration ... and we actually re-download everything on each startup :( > > > > nb: current loaded plugins using # will be "forgotten" > > > > Modified: trunk/freenet/src/freenet/clients/http/PproxyToadlet.java > > =================================================================== > > --- trunk/freenet/src/freenet/clients/http/PproxyToadlet.java 2007-09-13 > 09:08:18 UTC (rev 15134) > > +++ trunk/freenet/src/freenet/clients/http/PproxyToadlet.java 2007-09-13 > 11:24:55 UTC (rev 15135) > > @@ -1,7 +1,12 @@ > > package freenet.clients.http; > > > > +import java.io.File; > > +import java.io.FileNotFoundException; > > import java.io.IOException; > > +import java.io.InputStream; > > +import java.net.MalformedURLException; > > import java.net.URI; > > +import java.net.URL; > > import java.util.Date; > > import java.util.Iterator; > > > > @@ -20,6 +25,7 @@ > > import freenet.support.Logger; > > import freenet.support.MultiValueTable; > > import freenet.support.api.HTTPRequest; > > +import freenet.support.io.FileUtil; > > > > public class PproxyToadlet extends Toadlet { > > private static final int MAX_PLUGIN_NAME_LENGTH = 1024; > > @@ -39,7 +45,7 @@ > > } > > > > public void handlePost(URI uri, HTTPRequest request, ToadletContext ctx) > > - throws ToadletContextClosedException, IOException { > > + throws ToadletContextClosedException, IOException { > > > > MultiValueTable headers = new MultiValueTable(); > > > > @@ -55,7 +61,7 @@ > > super.sendErrorPage(ctx, 403, "Unauthorized", l10n("unauthorized")); > > return; > > } > > - > > + > > String path=request.getPath(); > > > > // remove leading / and plugins/ from path > > @@ -65,7 +71,7 @@ > > if(Logger.shouldLog(Logger.MINOR, this)) Logger.minor(this, "Pproxy > received POST on "+path); > > > > PluginManager pm = node.pluginManager; > > - > > + > > if(path.length()>0) > > { > > try > > @@ -114,10 +120,85 @@ > > { > > > > if (request.isPartSet("load")) { > > - if(Logger.shouldLog(Logger.MINOR, this)) > Logger.minor(this, "Loading "+request.getPartAsString("load", > MAX_PLUGIN_NAME_LENGTH)); > > - pm.startPlugin(request.getPartAsString("load", MAX_PLUGIN_NAME_LENGTH), > true); > > - //writeReply(ctx, 200, "text/html", "OK", mkForwardPage("Loading > plugin", "Loading plugin...", ".", 5)); > > + String filename = request.getPartAsString("load", > MAX_PLUGIN_NAME_LENGTH); > > + final boolean logMINOR = Logger.shouldLog(Logger.MINOR, this); > > + boolean downloaded = false; > > > > + if(logMINOR) Logger.minor(this, "Loading "+filename); > > + if (filename.endsWith("#")) { > > + for (int tries = 0; (tries <= 5) && (downloaded == false); tries++) { > > + if (filename.indexOf('@') > -1) { > > + Logger > > + .error(this, > > + "We don't allow downloads from anywhere else but our server"); > > + return; > > + } > > + String pluginname = filename.substring(0, > > + filename.length() - 1); > > + filename = null; > > + > > + URL url; > > + InputStream is = null; > > + > > + try { > > + url = new URL( > > + "http://downloads.freenetproject.org/alpha/plugins/" > > + + pluginname + ".jar.url"); > > + if (logMINOR) > > + Logger.minor(this, "Downloading " + url); > > + is = url.openStream(); > > + > > + File pluginsDirectory = new File("plugins"); > > + if (!pluginsDirectory.exists()) { > > + Logger > > + .normal(this, > > + "The plugin directory hasn't been found, let's create it"); > > + if (!pluginsDirectory.mkdir()) > > + return; > > + } > > + > > + File finalFile = new File("plugins/" + pluginname > > + + ".jar"); > > + if (!FileUtil.writeTo(is, finalFile)) > > + Logger.error(this, > > + "Failed to rename the temporary file into " > > + + finalFile); > > + > > + filename = "*@file://" > > + + FileUtil.getCanonicalFile(finalFile); > > + if (logMINOR) > > + Logger.minor(this, "Rewritten to " + filename); > > + downloaded = true; > > + } catch (MalformedURLException mue) { > > + Logger.error(this, > > + "MalformedURLException has occured : " + mue, > > + mue); > > + return; > > + } catch (FileNotFoundException e) { > > + Logger.error(this, > > + "FileNotFoundException has occured : " + e, e); > > + return; > > + } catch (IOException ioe) { > > + System.out.println("Caught :" + ioe.getMessage()); > > + ioe.printStackTrace(); > > + return; > > + } finally { > > + try { > > + if (is != null) > > + is.close(); > > + } catch (IOException ioe) { > > + } > > + } > > + if (filename == null) > > + return; > > + else if(!downloaded) { > > + Logger.error(this, "Can't load the given plugin; giving up"); > > + return; > > + } > > + } > > + } > > + > > + pm.startPlugin(filename, true); > > headers.put("Location", "."); > > ctx.sendReplyHeaders(302, "Found", headers, null, 0); > > return; > > @@ -192,7 +273,7 @@ > > } > > > > public void handleGet(URI uri, HTTPRequest request, ToadletContext ctx) > > - throws ToadletContextClosedException, IOException { > > + throws ToadletContextClosedException, IOException { > > > > //String basepath = "/plugins/"; > > String path = request.getPath(); > > @@ -202,7 +283,7 @@ > > if(path.startsWith("plugins/")) path = > path.substring("plugins/".length()); > > > > PluginManager pm = node.pluginManager; > > - > > + > > if(Logger.shouldLog(Logger.MINOR, this)) > > Logger.minor(this, "Pproxy fetching "+path); > > try { > > @@ -281,18 +362,18 @@ > > if(pi.isStopping()) { > > actionCell.addChild("#", l10n("pluginStopping")); > > } else { > > - if (pi.isPproxyPlugin()) { > > - HTMLNode visitForm = actionCell.addChild("form", new String[] > { "method", "action", "target" }, new String[] { "get", > pi.getPluginClassName(), "_new" }); > > - visitForm.addChild("input", new String[] { "type", "name", "value" }, > new String[] { "hidden", "formPassword", core.formPassword }); > > - visitForm.addChild("input", new String[] { "type", "value" }, new > String[] { "submit", L10n.getString("PluginToadlet.visit") }); > > + if (pi.isPproxyPlugin()) { > > + HTMLNode visitForm = actionCell.addChild("form", new String[] > { "method", "action", "target" }, new String[] { "get", > pi.getPluginClassName(), "_new" }); > > + visitForm.addChild("input", new String[] > { "type", "name", "value" }, new String[] { "hidden", "formPassword", > core.formPassword }); > > + visitForm.addChild("input", new String[] { "type", "value" }, new > String[] { "submit", L10n.getString("PluginToadlet.visit") }); > > + } > > + HTMLNode unloadForm = > ctx.addFormChild(actionCell, ".", "unloadPluginForm"); > > + unloadForm.addChild("input", new String[] > { "type", "name", "value" }, new String[] { "hidden", "unload", > pi.getThreadName() }); > > + unloadForm.addChild("input", new String[] { "type", "value" }, new > String[] { "submit", l10n("unload") }); > > + HTMLNode reloadForm = > ctx.addFormChild(actionCell, ".", "reloadPluginForm"); > > + reloadForm.addChild("input", new String[] > { "type", "name", "value" }, new String[] { "hidden", "reload", > pi.getThreadName() }); > > + reloadForm.addChild("input", new String[] { "type", "value" }, new > String[] { "submit", l10n("reload") }); > > } > > - HTMLNode unloadForm = > ctx.addFormChild(actionCell, ".", "unloadPluginForm"); > > - unloadForm.addChild("input", new String[] { "type", "name", "value" }, > new String[] { "hidden", "unload", pi.getThreadName() }); > > - unloadForm.addChild("input", new String[] { "type", "value" }, new > String[] { "submit", l10n("unload") }); > > - HTMLNode reloadForm = > ctx.addFormChild(actionCell, ".", "reloadPluginForm"); > > - reloadForm.addChild("input", new String[] { "type", "name", "value" }, > new String[] { "hidden", "reload", pi.getThreadName() }); > > - reloadForm.addChild("input", new String[] { "type", "value" }, new > String[] { "submit", l10n("reload") }); > > - } > > } > > } > > > > > > Modified: trunk/freenet/src/freenet/pluginmanager/PluginManager.java > > =================================================================== > > --- trunk/freenet/src/freenet/pluginmanager/PluginManager.java 2007-09-13 > 09:08:18 UTC (rev 15134) > > +++ trunk/freenet/src/freenet/pluginmanager/PluginManager.java 2007-09-13 > 11:24:55 UTC (rev 15135) > > @@ -4,13 +4,10 @@ > > package freenet.pluginmanager; > > > > import java.io.BufferedReader; > > -import java.io.File; > > -import java.io.FileNotFoundException; > > import java.io.IOException; > > import java.io.InputStream; > > import java.io.InputStreamReader; > > import java.net.JarURLConnection; > > -import java.net.MalformedURLException; > > import java.net.URI; > > import java.net.URL; > > import java.net.URLClassLoader; > > @@ -34,7 +31,6 @@ > > import freenet.support.URIPreEncoder; > > import freenet.support.api.HTTPRequest; > > import freenet.support.api.StringArrCallback; > > -import freenet.support.io.FileUtil; > > > > public class PluginManager { > > > > @@ -68,15 +64,15 @@ > > // Start plugins in the config > > pmconfig.register("loadplugin", null, 9, true, > false, "PluginManager.loadedOnStartup", "PluginManager.loadedOnStartupLong", > > new StringArrCallback() { > > - public String[] get() { > > - return getConfigLoadString(); > > - } > > - public void set(String[] val) throws InvalidConfigValueException { > > - //if(storeDir.equals(new File(val))) return; > > - // FIXME > > - throw new > InvalidConfigValueException(L10n.getString("PluginManager.cannotSetOnceLoaded")); > > - } > > - }); > > + public String[] get() { > > + return getConfigLoadString(); > > + } > > + public void set(String[] val) throws InvalidConfigValueException { > > + //if(storeDir.equals(new File(val))) return; > > + // FIXME > > + throw new > InvalidConfigValueException(L10n.getString("PluginManager.cannotSetOnceLoaded")); > > + } > > + }); > > > > String fns[] = pmconfig.getStringArr("loadplugin"); > > if (fns != null) { > > @@ -93,7 +89,7 @@ > > for (int i = 0 ; i < fns.length ; i++) > > System.err.println("Load: " + StringArrOption.decode(fns[i])); > > System.err.println("================================="); > > - */ > > + */ > > } > > > > private String[] getConfigLoadString() { > > @@ -135,9 +131,9 @@ > > System.err.println("Plugin "+filename+" appears to require a later > JVM"); > > Logger.error(this, "Plugin "+filename+" appears to require a later > JVM"); > > core.alerts.register(new SimpleUserAlert(true, > > - l10n("pluginReqNewerJVMTitle", "name", filename), > > - l10n("pluginReqNewerJVM", "name", filename), > > - UserAlert.ERROR)); > > + l10n("pluginReqNewerJVMTitle", "name", filename), > > + l10n("pluginReqNewerJVM", "name", filename), > > + UserAlert.ERROR)); > > } > > } > > if(store) core.storeConfig(); > > @@ -156,7 +152,7 @@ > > node.ipDetector.registerPortForwardPlugin((FredPluginPortForward) plug); > > } > > } > > - > > + > > private String l10n(String key, String pattern, String value) { > > return L10n.getString("PluginManager."+key, pattern, value); > > } > > @@ -178,7 +174,7 @@ > > } > > core.storeConfig(); > > } > > - > > + > > public void unregisterPluginToadlet(PluginInfoWrapper pi) { > > synchronized (toadletList) { > > try { > > @@ -260,7 +256,7 @@ > > } > > /*if (handler == null) > > return null; > > - */ > > + */ > > > > if (handler instanceof FredPluginHTTP) > > return ((FredPluginHTTP)handler).handleHTTPGet(request); > > @@ -275,7 +271,7 @@ > > } > > /*if (handler == null) > > return null; > > - */ > > + */ > > > > if (handler instanceof FredPluginHTTP) > > return ((FredPluginHTTP)handler).handleHTTPPost(request); > > @@ -310,94 +306,19 @@ > > * @throws PluginNotFoundException If anything goes wrong. > > */ > > private FredPlugin LoadPlugin(String origFilename) > > - throws PluginNotFoundException { > > + throws PluginNotFoundException { > > logMINOR = Logger.shouldLog(Logger.MINOR, this); > > Class cls = null; > > for (int tries = 0; (tries <= 5) && (cls == null); tries++) { > > String filename = origFilename; > > + if (filename.endsWith("*")) { > > + filename = "*@http://downloads.freenetproject.org/alpha/plugins/" > > + + filename.substring(filename.lastIndexOf(".") + 1, > > + filename.length() - 1) + ".jar.url"; > > + if (logMINOR) > > + Logger.minor(this, "Rewritten to " + filename); > > + } > > try { > > - if (filename.endsWith("*")) { > > - filename = "*@http://downloads.freenetproject.org/alpha/plugins/" > > - + filename.substring(filename.lastIndexOf(".") + 1, > > - filename.length() - 1) + ".jar.url"; > > - // System.out.println(filename); > > - if (logMINOR) > > - Logger.minor(this, "Rewritten to " + filename); > > - } > > - if (filename.endsWith("#")) { > > - if (filename.indexOf('@') > -1) { > > - Logger > > - .error(this, > > - "We don't allow downloads from anywhere else but our server"); > > - return null; > > - } > > - String pluginname = filename.substring(0, > > - filename.length() - 1); > > - filename = null; > > - > > - URL url; > > - InputStream is = null; > > - > > - try { > > - url = new URL( > > - "http://downloads.freenetproject.org/alpha/plugins/" > > - + pluginname + ".jar.url"); > > - if (logMINOR) > > - Logger.minor(this, "Downloading " + url); > > - is = url.openStream(); > > - > > - File pluginsDirectory = new File("plugins"); > > - if (!pluginsDirectory.exists()) { > > - Logger > > - .normal(this, > > - "The plugin directory hasn't been found, let's create it"); > > - if (!pluginsDirectory.mkdir()) > > - return null; > > - } > > - > > - File finalFile = new File("plugins/" + pluginname > > - + ".jar"); > > - if (!FileUtil.writeTo(is, finalFile)) { > > - Logger.error(this, > > - "Failed to rename the temporary file into " > > - + finalFile); > > - throw new PluginNotFoundException( > > - "Cannot write plugin to " > > - + finalFile > > - + " from " > > - + url > > - + " - check for permissions problem and disk full!"); > > - } > > - > > - filename = "*@file://" > > - + FileUtil.getCanonicalFile(finalFile); > > - if (logMINOR) > > - Logger.minor(this, "Rewritten to " + filename); > > - > > - } catch (MalformedURLException mue) { > > - Logger.error(this, > > - "MalformedURLException has occured : " + mue, > > - mue); > > - return null; > > - } catch (FileNotFoundException e) { > > - Logger.error(this, > > - "FileNotFoundException has occured : " + e, e); > > - return null; > > - } catch (IOException ioe) { > > - System.out.println("Caught :" + ioe.getMessage()); > > - ioe.printStackTrace(); > > - return null; > > - } finally { > > - try { > > - if (is != null) > > - is.close(); > > - } catch (IOException ioe) { > > - } > > - } > > - if (filename == null) > > - return null; > > - } > > - > > BufferedReader in = null; > > InputStream is = null; > > if ((filename.indexOf("@") >= 0)) { > > @@ -411,7 +332,7 @@ > > String[] parts = filename.split("@"); > > if (parts.length != 2) { > > throw new PluginNotFoundException( > > - "Could not split at \"@\"."); > > + "Could not split at \"@\"."); > > } > > realClass = parts[0]; > > realURL = parts[1]; > > @@ -431,8 +352,8 @@ > > if (realURL == null) > > throw new PluginNotFoundException( > > "Initialization error: " > > - + url > > - + " isn't a plugin loading url!"); > > + + url > > + + " isn't a plugin loading url!"); > > realURL = realURL.trim(); > > if (logMINOR) > > Logger.minor(this, "Loaded new URL: " > > @@ -458,7 +379,7 @@ > > > > URL url = new URL("jar:" + realURL + "!/"); > > JarURLConnection jarConnection = (JarURLConnection) url > > - .openConnection(); > > + .openConnection(); > > // Java seems to cache even file: urls... > > jarConnection.setUseCaches(false); > > JarFile jf = jarConnection.getJarFile(); > > @@ -487,8 +408,8 @@ > > if (logMINOR) > > Logger.minor(this, > > "Found plugin main class " > > - + realClass > > - + " from manifest"); > > + + realClass > > + + " from manifest"); > > } > > } > > // System.err.println("Real classname: " + > > @@ -517,7 +438,6 @@ > > > > if (cls == null) > > throw new PluginNotFoundException("Unknown error"); > > - > > } catch (Exception e) { > > Logger.normal(this, "Failed to load plugin " + filename + " : " > > + e, e); > > @@ -548,7 +468,7 @@ > > > > return (FredPlugin) o; > > } > > - > > + > > Ticker getTicker() { > > return node.getTicker(); > > } > > > > _______________________________________________ > > cvs mailing list > > cvs at freenetproject.org > > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/cvs > > > > > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070914/5d21195d/attachment.pgp From toad at amphibian.dyndns.org Fri Sep 14 17:14:38 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Fri, 14 Sep 2007 18:14:38 +0100 Subject: [freenet-dev] Freenet 0.7 build 1062 Message-ID: <200709141814.52804.toad@amphibian.dyndns.org> Freenet 0.7 build 1062 is now available. Please upgrade. This build fixes various bugs, including in FCP direct disk access, plugins (loading a plugin as # was loading it over HTTP on every startup - oops!), and bookmarks. There is also some optimisation work. Please report any bugs you find. Thanks. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070914/1352be8c/attachment.pgp From gmaxwell at gmail.com Wed Sep 19 14:05:45 2007 From: gmaxwell at gmail.com (Gregory Maxwell) Date: Wed, 19 Sep 2007 10:05:45 -0400 Subject: [freenet-dev] Opennet and location swapping Message-ID: There doesn't seem to be much in the way of freenet .7 opennet design documents available yet, so please pardon me if I'm asking foolish questions. For hybrid nodes with both opennet and darknet peers does it really make sense that opennet links participate in location swapping? It seems to me that a nodes numerous opennet links may exert excessive influence over it's location, moving it off the position which would be correct for the fixed darknet topology. Would it not make more sense if nodes connected to both simply slowly changed who they link to on the opennet to achieve a desirable distance distribution from their swapping derived location on the darknet. I'm seeing quite a few opennet links with very high latency. Because opennet is already is 'less secure' and exists mostly as a way to bootstrap freenet, would it be acceptable to mostly prefer peers with lower latency? From bbackde at googlemail.com Thu Sep 20 07:00:28 2007 From: bbackde at googlemail.com (bbackde at googlemail.com) Date: Thu, 20 Sep 2007 09:00:28 +0200 Subject: [freenet-dev] TestDDA thoughts Message-ID: Now, as TestDDA becames nearly mandatory (there is still an option to disable the need for TestDDA), I am forced to implement it, even if I have no time for it. Anyhow... Studying the docs about the design of TestDDA, I wonder why it was implemented in a way that requires the node AND the client to maintain a list of directories that were authenticated for DDA? Also it makes the handling for clients more complicated because they have to trigger a TestDDA. IMHO a better design would have been the following: Once a client starts a GET or PUT, the node checks if the directory is authenticated. If not, then the NODE sends a request for authentication to the client. Its quite the same as the current implementation, but triggered by the node, not by the client. This way the client would not have to track already authenticated directories per socket. The node does this anyway... If someone agrees that this would be a good idea, I would like to have this implemented. A new option in ClientGet or ClientPut could be used to tell the node that the client expects the new way to authenticate for DDA. Default is to use the existing TestDDA. From nextgens at freenetproject.org Thu Sep 20 07:37:28 2007 From: nextgens at freenetproject.org (Florent =?iso-8859-1?Q?Daigni=E8re?=) Date: Thu, 20 Sep 2007 09:37:28 +0200 Subject: [freenet-dev] TestDDA thoughts In-Reply-To: References: Message-ID: <20070920073727.GA5490@freenetproject.org> * bbackde at googlemail.com [2007-09-20 09:00:28]: > Now, as TestDDA becames nearly mandatory (there is still an option to > disable the need for TestDDA), I am forced to implement it, even if I > have no time for it. Anyhow... > > Studying the docs about the design of TestDDA, I wonder why it was > implemented in a way that requires the node AND the client to maintain > a list of directories that were authenticated for DDA? Also it makes > the handling for clients more complicated because they have to trigger > a TestDDA. > > IMHO a better design would have been the following: Once a client > starts a GET or PUT, the node checks if the directory is > authenticated. If not, then the NODE sends a request for > authentication to the client. Its quite the same as the current > implementation, but triggered by the node, not by the client. This way > the client would not have to track already authenticated directories > per socket. The node does this anyway... > > If someone agrees that this would be a good idea, I would like to have > this implemented. A new option in ClientGet or ClientPut could be used > to tell the node that the client expects the new way to authenticate > for DDA. Default is to use the existing TestDDA. Once again suggestions would have been welcome when the protocol was designed... not now that it becomes mandatory. By the way, you can "try" to send something without TestDDA ... and if the node returns a ProtocolError with the DDA-reserved code then assume it has to be done. NextGen$ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070920/f6cc176d/attachment.pgp From Volodya at WhenGendarmeSleeps.org Thu Sep 20 08:12:23 2007 From: Volodya at WhenGendarmeSleeps.org (Volodya) Date: Thu, 20 Sep 2007 12:12:23 +0400 Subject: [freenet-dev] TestDDA thoughts In-Reply-To: <20070920073727.GA5490@freenetproject.org> References: <20070920073727.GA5490@freenetproject.org> Message-ID: <46F22B67.5010209@WhenGendarmeSleeps.org> > Once again suggestions would have been welcome when the protocol was > designed... not now that it becomes mandatory. I think that you cannot expect everybody to follow the development as it goes necesserily. bback has noticed something that he didn't like and he's letting you know that there is a better way, it doesn't mean that he's trying to undermine the progress or anything. > By the way, you can "try" to send something without TestDDA ... and if > the node returns a ProtocolError with the DDA-reserved code then assume > it has to be done. Sort of like programming in Java through Exceptions rather than get-methods... > NextGen$ Free your mind and seek the truth. - Volodya -- http://freedom.libsyn.com/ Voice of Freedom, Radical Podcast http://freeselfdefence.info/ Self-defence wiki http://www.kingstonstudents.org/ Kingston University students' forum "None of us are free until all of us are free." ~ Mihail Bakunin From bbackde at googlemail.com Thu Sep 20 08:49:38 2007 From: bbackde at googlemail.com (bbackde at googlemail.com) Date: Thu, 20 Sep 2007 10:49:38 +0200 Subject: [freenet-dev] TestDDA thoughts In-Reply-To: <20070920073727.GA5490@freenetproject.org> References: <20070920073727.GA5490@freenetproject.org> Message-ID: On 9/20/07, Florent Daigni?re wrote: > * bbackde at googlemail.com [2007-09-20 09:00:28]: > > > Now, as TestDDA becames nearly mandatory (there is still an option to > > disable the need for TestDDA), I am forced to implement it, even if I > > have no time for it. Anyhow... > > > > Studying the docs about the design of TestDDA, I wonder why it was > > implemented in a way that requires the node AND the client to maintain > > a list of directories that were authenticated for DDA? Also it makes > > the handling for clients more complicated because they have to trigger > > a TestDDA. > > > > IMHO a better design would have been the following: Once a client > > starts a GET or PUT, the node checks if the directory is > > authenticated. If not, then the NODE sends a request for > > authentication to the client. Its quite the same as the current > > implementation, but triggered by the node, not by the client. This way > > the client would not have to track already authenticated directories > > per socket. The node does this anyway... > > > > If someone agrees that this would be a good idea, I would like to have > > this implemented. A new option in ClientGet or ClientPut could be used > > to tell the node that the client expects the new way to authenticate > > for DDA. Default is to use the existing TestDDA. > > Once again suggestions would have been welcome when the protocol was > designed... not now that it becomes mandatory. Sorry that I can't follow your development cycles. I just wanted to tell you about my idea. > > By the way, you can "try" to send something without TestDDA ... and if > the node returns a ProtocolError with the DDA-reserved code then assume > it has to be done. I also thought about this approach (as volodya said, its not the best one, but it fits into my design). For one who does not want to reimplement the tracking of successfully authenticated directories, the alternative is what thaw does (if I understand it correctly): make a TestDDA request each time when a request is started. But I don't want to do this, because if someone starts to get/put many files, this would lead to many requests and the client/node have to write/read alot of files -> big overhead. > > NextGen$ > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > > iD8DBQFG8iM3U/Z/dHFfxtcRAnwbAKC/vdt4hSNRZufOfWEwTpWAHLiVjgCbBOeK > 6IfCsoMXqp1NCjTIplgRqq8= > =HLPg > -----END PGP SIGNATURE----- > > _______________________________________________ > Devl mailing list > Devl at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl > -- __________________________________________________ GnuPG key: (0x48DBFA8A) Keyserver: pgpkeys.pca.dfn.de Fingerprint: 477D F057 1BD4 1AE7 8A54 8679 6690 E2EC 48DB FA8A __________________________________________________ From toad at amphibian.dyndns.org Thu Sep 20 19:12:35 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Thu, 20 Sep 2007 20:12:35 +0100 Subject: [freenet-dev] Opennet and location swapping In-Reply-To: References: Message-ID: <200709202012.35975.toad@amphibian.dyndns.org> On Wednesday 19 September 2007 15:05, you wrote: > There doesn't seem to be much in the way of freenet .7 opennet design > documents available yet, so please pardon me if I'm asking foolish > questions. We are all idiots most of the time. Inexperience doesn't make you more of an idiot in any statistically meaningful way. (Thanks Scott Adams for pointing out this basic fact about human nature!). > > For hybrid nodes with both opennet and darknet peers does it really > make sense that opennet links participate in location swapping? Yes. It's been simulated (admittedly not in great detail), and seems to work. And I don't really see what the alternative is, given that many peers will be simultaneously opennet and darknet on a single network, and given that we must take into account opennet peers when deciding whether to swap on darknet. > > It seems to me that a nodes numerous opennet links may exert excessive > influence over it's location, moving it off the position which would > be correct for the fixed darknet topology. Most likely the "fixed darknet topology" isn't even fully connected. We need a single network. > > Would it not make more sense if nodes connected to both simply slowly > changed who they link to on the opennet to achieve a desirable > distance distribution from their swapping derived location on the > darknet. They do change who they link to. That's the whole point of opennet. > > I'm seeing quite a few opennet links with very high latency. Because > opennet is already is 'less secure' and exists mostly as a way to > bootstrap freenet, would it be acceptable to mostly prefer peers with > lower latency? Opennet will eventually purge the slow nodes as it is based on dropping the least-recently-successful node. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070920/4d256b23/attachment.pgp From toad at amphibian.dyndns.org Thu Sep 20 20:44:31 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Thu, 20 Sep 2007 21:44:31 +0100 Subject: [freenet-dev] TestDDA thoughts In-Reply-To: References: <200709202017.11841.toad@amphibian.dyndns.org> Message-ID: <200709202144.32400.toad@amphibian.dyndns.org> On Thursday 20 September 2007 20:27, you wrote: > I didn't write that I see a problem with that. The only thing is that > I have to send the request again, so this testDDA is out of order and > not related to the current request. But no problem, I will implement > it the 'perfect' way: my FcpSocket will track the authenticated > directories and issue testDDA before requests if needed. Would it help to have a ClientToken on TestDDA? I also wonder about multiple parallel TestDDA's.. I suppose the best thing for the client would be to wait for some kind of ack? Also, if the filesystem is readonly, you *will* need to use FileHash instead of TestDDA. > > On 9/20/07, Matthew Toseland wrote: > > On Thursday 20 September 2007 09:49, you wrote: > > > > By the way, you can "try" to send something without TestDDA ... and if > > > > the node returns a ProtocolError with the DDA-reserved code then assume > > > > it has to be done. > > > > > > I also thought about this approach (as volodya said, its not the best > > > one, but it fits into my design). For one who does not want to > > > reimplement the tracking of successfully authenticated directories, > > > the alternative is what thaw does (if I understand it correctly): > > > make a TestDDA request each time when a request is started. But I > > > don't want to do this, because if someone starts to get/put many > > > files, this would lead to many requests and the client/node have to > > > write/read alot of files -> big overhead. > > > > As nextgens said, all you have to do is respond to a ProtocolError (with e.g. > > code 25), by doing a TestDDA. Why is that a problem? -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070920/b021c7e1/attachment.pgp From toad at amphibian.dyndns.org Fri Sep 21 09:43:42 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Fri, 21 Sep 2007 10:43:42 +0100 Subject: [freenet-dev] [freenet-cvs] r15221 - trunk/freenet/src/freenet/node In-Reply-To: <20070921014005.811C347815C@freenetproject.org> References: <20070921014005.811C347815C@freenetproject.org> Message-ID: <200709211043.48237.toad@amphibian.dyndns.org> I'm not sure this is helpful. Our database objects are rather small. I presume that BDB's internal btree nodes are 2k? On Friday 21 September 2007 02:40, you wrote: > Author: juiceman > Date: 2007-09-21 01:40:05 +0000 (Fri, 21 Sep 2007) > New Revision: 15221 > > Modified: > trunk/freenet/src/freenet/node/Node.java > Log: > Increase JE DB read buffer block size from 2K to 6K to virtually eliminate nRepeatFaultReads see > http://www.oracle.com/technology/products/berkeley-db/faq/je_faq.html#39 > and > http://www.oracle.com/technology/documentation/berkeley-db/je/java/com/sleepycat/je/EnvironmentStats.html#getNRepeatFaultReads() > > Shouldn't materially affect total memory usage but may give a slight read performance increase. > > > Modified: trunk/freenet/src/freenet/node/Node.java > =================================================================== > --- trunk/freenet/src/freenet/node/Node.java 2007-09-21 00:18:40 UTC (rev 15220) > +++ trunk/freenet/src/freenet/node/Node.java 2007-09-21 01:40:05 UTC (rev 15221) > @@ -948,6 +948,7 @@ > envConfig.setTxnWriteNoSync(true); > envConfig.setLockTimeout(600*1000*1000); // should be long enough even for severely overloaded nodes! > // Note that the above is in *MICRO*seconds. > + envConfig.setConfigParam("je.log.faultReadSize", "6144"); > > File dbDir = new File(storeDir, "database-"+getDarknetPortNumber()); > dbDir.mkdirs(); > > _______________________________________________ > cvs mailing list > cvs at freenetproject.org > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/cvs > > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070921/5b60cc43/attachment.pgp From toad at amphibian.dyndns.org Fri Sep 21 09:48:21 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Fri, 21 Sep 2007 10:48:21 +0100 Subject: [freenet-dev] [freenet-cvs] r15221 - trunk/freenet/src/freenet/node In-Reply-To: <200709211043.48237.toad@amphibian.dyndns.org> References: <20070921014005.811C347815C@freenetproject.org> <200709211043.48237.toad@amphibian.dyndns.org> Message-ID: <200709211048.21650.toad@amphibian.dyndns.org> On Friday 21 September 2007 10:43, Matthew Toseland wrote: > I'm not sure this is helpful. Our database objects are rather small. I presume > that BDB's internal btree nodes are 2k? Hmmm ok, that is very strange. :) > > On Friday 21 September 2007 02:40, you wrote: > > Author: juiceman > > Date: 2007-09-21 01:40:05 +0000 (Fri, 21 Sep 2007) > > New Revision: 15221 > > > > Modified: > > trunk/freenet/src/freenet/node/Node.java > > Log: > > Increase JE DB read buffer block size from 2K to 6K to virtually eliminate > nRepeatFaultReads see > > http://www.oracle.com/technology/products/berkeley-db/faq/je_faq.html#39 > > and > > > http://www.oracle.com/technology/documentation/berkeley-db/je/java/com/sleepycat/je/EnvironmentStats.html#getNRepeatFaultReads() > > > > Shouldn't materially affect total memory usage but may give a slight read > performance increase. > > > > > > Modified: trunk/freenet/src/freenet/node/Node.java > > =================================================================== > > --- trunk/freenet/src/freenet/node/Node.java 2007-09-21 00:18:40 UTC (rev > 15220) > > +++ trunk/freenet/src/freenet/node/Node.java 2007-09-21 01:40:05 UTC (rev > 15221) > > @@ -948,6 +948,7 @@ > > envConfig.setTxnWriteNoSync(true); > > envConfig.setLockTimeout(600*1000*1000); // should be long enough even > for severely overloaded nodes! > > // Note that the above is in *MICRO*seconds. > > + envConfig.setConfigParam("je.log.faultReadSize", "6144"); > > > > File dbDir = new File(storeDir, "database-"+getDarknetPortNumber()); > > dbDir.mkdirs(); > > > > _______________________________________________ > > cvs mailing list > > cvs at freenetproject.org > > http://emu.freenetproject.org/cgi-bin/mailman/listinfo/cvs > > > > > -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://emu.freenetproject.org/pipermail/devl/attachments/20070921/74c2960c/attachment.pgp From toad at amphibian.dyndns.org Fri Sep 21 12:09:41 2007 From: toad at amphibian.dyndns.org (Matthew Toseland) Date: Fri, 21 Sep 2007 13:09:41 +0100 Subject: [freenet-dev] [freenet-cvs] r15096 - branches/freenet-jfk/src/freenet/node In-Reply-To: <20070909221549.661ED47A2D5@freenetproject.org> References: <20070909221549.661ED47A2D5@freenetproject.org> Message-ID: <200709211309.42478.toad@amphibian.dyndns.org> A group isn't a single number... read the wikipedia page on DSA. On Sunday 09 September 2007 23:15, you wrote: > Author: nextgens > Date: 2007-09-09 22:15:49 +0000 (Sun, 09 Sep 2007) > New Revision: 15096 > > Modified: > branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java > Log: > More work on JFK support (message2 parsing should be tested)... Fix a few bugs I've introduced > > Modified: branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java > =================================================================== > --- branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java 2007-09-09 21:19:34 UTC (rev 15095) > +++ branches/freenet-jfk/src/freenet/node/FNPPacketMangler.java 2007-09-09 22:15:49 UTC (rev 15096) > @@ -522,7 +522,7 @@ > byte[] hisExponential = new byte[DiffieHellman.modulusLengthInBytes()]; > System.arraycopy(payload, 4 + NONCE_SIZE, hisExponential, 0, DiffieHellman.modulusLengthInBytes()); > > - NativeBigInteger _hisExponential = new NativeBigInteger(hisExponential); > + NativeBigInteger _hisExponential = new NativeBigInteger(1, hisExponential); > if(_hisExponential.compareTo(NativeBigInteger.ONE) > 0) > sendMessage2(nonceInitiator, hisExponential, pn, replyTo); > else > @@ -548,7 +548,7 @@ > Logger.error(this, "HUH ??, please report it :"+ e.getMessage(),e); > return; > } > - byte[] authenticator = computeHashedJFKAuthenticator(myExponential, myNonce, nonceInitator, idR); > + byte[] authenticator = computeHashedJFKAuthenticator(myExponential, myNonce, nonceInitator, replyTo.getAddress().getAddress()); > > byte[] message2 = new byte[NONCE_SIZE*2+DiffieHellman.modulusLengthInBytes()+myDHGroup.length+ > signature.length+ > @@ -561,6 +561,10 @@ > offset += NONCE_SIZE; > System.arraycopy(myExponential, 0, message2, offset, myExponential.length); > offset += myExponential.length; > + // TODO: are groups modulo something ? > + message2[offset++] = Integer.valueOf(myDHGroup.length).byteValue(); > + System.arraycopy(myDHGroup, 0, message2, offset, myDHGroup.length); > + offset += myDHGroup.length; > System.arraycopy(idR, 0, message2, offset, idR.length); > offset += idR.length; > > @@ -585,9 +589,9 @@ > System.arraycopy(gR,0,authData,offset,gR.length); > offset += gR.length; > System.arraycopy(nR,0,authData,offset,nR.length); > - offset += nR.length+1; > + offset += nR.length; > System.arraycopy(nI,0,authData,offset,nI.length); > - offset += nI.length+1; > + offset += nI.length; > System.arraycopy(address, 0, authData, offset, address.length); > > /* > @@ -624,47 +628,61 @@ > private void ProcessMessage2(byte[] payload,PeerNode pn,Peer replyTo,int phase) > { > long t1=System.currentTimeMillis(); > + // FIXME: follow the spec and send IDr' ? > + if(payload.length-3 < NONCE_SIZE + DiffieHellman.modulusLengthInBytes()) { > + Logger.error(this, "Packet too short from "+pn+": "+payload.length+" after decryption in JFK("+phase+"), should be "+(NONCE_SIZE + DiffieHellman.modulusLengthInBytes())); > + return; > + } > > - byte[] Ni = iNonce(); > - byte[] Nr = rNonce(); > - byte[] DHExpr = Gr(pn); > - byte[] authData=new byte[Ni.length+Nr.length+DHExpr.length+1]; > - System.arraycopy(Ni,0,authData,0,Ni.length); > - System.arraycopy(Nr,0,authData,Ni.length+1,Nr.length); > - System.arraycopy(DHExpr,0,authData,Ni.length+Nr.length+1,DHExpr.length); > - byte[] signData=new byte[DHExpr.length+1]; > - System.arraycopy(DHExpr,0,signData,0,DHExpr.length); > - //Compute the Signature:DSA > - PKR=new DSAPrivateKey(g, r); > - //Params: Data,DSAGroup,DSAPrivateKey,randomSource > - DSASignature sig = crypto.sign(signData,g,PKR,r); > - byte[] r = sig.getRBytes(Node.SIGNATURE_PARAMETER_LENGTH); > - byte[] s = sig.getSBytes(Node.SIGNATURE_PARAMETER_LENGTH); > - Logger.minor(this, " r="+HexUtil.bytesToHex(sig.getR().toByteArray())+" s="+HexUtil.bytesToHex(sig.getS().toByteArray())); > - if(r.length > 255 || s.length > 255) > - throw new IllegalStateException("R or S is too long: r.length="+r.length+" s.length="+s.length); > - //Data sent in the clear > - byte[] unVerifiedData=new byte[Ni.length+Nr.length+DHExpr.length+1]; > - System.arraycopy(Ni,0,unVerifiedData,0,Ni.length); > - System.arraycopy(Nr,0,unVerifiedData,Ni.length+1,Nr.length); > - System.arraycopy(DHExpr,0,unVerifiedData,Ni.length+Nr.length+1,DHExpr.length); > - /* > - * Compute the authenticator > - * Used by the responder in Message4 to verify the authenticity of the message > - * The same authenticator is used in Message3 and identified using the DSAPrivateKey > - */ > - HKrGenerator trKey=new HKrGenerator(node); > - byte[] hkr=trKey.getNewHKr(); > - HMAC hash=new HMAC(SHA1.getInstance()); > - byte[] authenticator = hash.mac(hkr,authData,hkr.length); > - authenticatorCache.put(PKR,authenticator); > - byte[] Message2=new byte[authenticator.length+unVerifiedData.length+s.length+r.length+1]; > - byte[] signedData=new byte[s.length+r.length]; > - System.arraycopy(signedData,0,Message2,0,signedData.length); > - System.arraycopy(unVerifiedData,0,Message2,signData.length+1,unVerifiedData.length); > - System.arraycopy(authenticator,0,Message2,signedData.length+unVerifiedData.length+1,authenticator.length); > - //Send params:Version,negType,phase,data,peernode,peer > - sendMessage1or2Packet(1,2,1,Message2,pn,replyTo); > + int inputOffset=3; > + byte[] nonceInitiator = new byte[NONCE_SIZE]; > + System.arraycopy(payload, inputOffset, nonceInitiator, 0, NONCE_SIZE); > + inputOffset += NONCE_SIZE; > + byte[] nonceResponder = new byte[NONCE_SIZE]; > + System.arraycopy(payload, inputOffset, nonceResponder, 0, NONCE_SIZE); > + inputOffset += NONCE_SIZE; > + > + byte[] hisExponential = new byte[DiffieHellman.modulusLengthInBytes()]; > + System.arraycopy(payload, inputOffset, hisExponential, 0, DiffieHellman.modulusLengthInBytes()); > + inputOffset += DiffieHellman.modulusLengthInBytes(); > + NativeBigInteger _hisExponential = new NativeBigInteger(1, hisExponential); > + if(_hisExponential.compareTo(NativeBigInteger.ONE) < 1) { > + Logger.error(this, "We can't accept the exponential "+pn+" sent us; it's smaller than 1!!"); > + return; > + } > + > + int hisGroupLength = payload[inputOffset++]; > + // FIXME: arbitrary > + if((hisGroupLength < 1) || (hisGroupLength > 256)) { > + Logger.error(this, "The proposed group length is too big! ("+hisGroupLength+')'); > + return; > + } > + byte[] hisGroup = new byte[hisGroupLength]; > + System.arraycopy(payload, inputOffset, hisGroup, 0, hisGroupLength); > + inputOffset += hisGroupLength; > + > + //TODO: implement > + byte[] hisID = new byte[0]; > + > + byte[] remoteSignedExponentials = new byte[Node.SIGNATURE_PARAMETER_LENGTH]; > + System.arraycopy(payload, inputOffset, remoteSignedExponentials, 0, Node.SIGNATURE_PARAMETER_LENGTH); > + inputOffset += Node.SIGNATURE_PARAMETER_LENGTH; > + // At that point we don't know if it's "him"; let's check it out > + byte[] locallyExpectedExponentials = new byte[hisExponential.length+hisGroupLength]; > + System.arraycopy(hisExponential, 0, locallyExpectedExponentials, 0, hisExponential.length); > + System.arraycopy(hisGroup, 0, locallyExpectedExponentials, hisExponential.length, hisGroupLength); > + DSASignature signatureToCheck = new DSASignature(new String(remoteSignedExponentials)); > + if(!DSA.verify(pn.peerPubKey, signatureToCheck, new NativeBigInteger(1,locallyExpectedExponentials), false)) { > + Logger.error(this, "The signature verification has failed!!"); > + return; > + } > + > + byte[] remoteHashedAuthenticator = new byte[HASH_LENGTH]; > + System.arraycopy(payload, inputOffset, remoteHashedAuthenticator, 0, HASH_LENGTH); > + inputOffset += HASH_LENGTH; > + // FIXME: maybe the cache should be checked before verifying the signature > + sendMessage3Packet(1, 2, 3, nonceInitiator, nonceResponder, hisExponential, remoteHashedAuthenticator, pn, replyTo); > + > long t2=System.currentTimeMillis(); > if((t2-t1)>500) > Logger.error(this,"Message1 timeout error:Sending packet for"+pn.getPeer()); > @@ -768,7 +786,7 @@ > > byte[] address = replyTo.getAddress().getAddress(); > // FIXME: feed computeJFKAuthenticator with the right parameters ^-^ > - sendMessage3Packet(1,2,2,data,pn,replyTo, computeHashedJFKAuthenticator(null, null, null, null)); > + sendMessage3Packet(1,2,2,data,null,null, null, computeHashedJFKAuthenticator(null, null, null, null), pn, replyTo); > } > > /* > @@ -886,12 +904,16 @@ > * @param The peer to which we need to send the packet > */ > > - private void sendMessage3Packet(int version,int negType,int phase,byte[] data,PeerNode pn,Peer replyTo, byte[] hashedAuthenticator) > + private void sendMessage3Packet(int version,int negType,int phase,byte[] nonceInitiator,byte[] nonceResponder,byte[] hisExponential, byte[] hashedAuthenticator, PeerNode pn, Peer replyTo) > { > long now = System.currentTimeMillis(); > long delta = now - pn.lastSentPacketTime(); > - byte[] output = new byte[data.length+3]; > - if((data.length+3) > sock.getMaxPacketSize()) > + > + DiffieHellmanLightContext dhContext = getLightDiffieHellmanContext(); > + byte[] ourExponential = dhCon