Author: nextgens
Date: 2006-07-20 22:07:23 +0000 (Thu, 20 Jul 2006)
New Revision: 9681
Modified:
trunk/freenet/src/freenet/clients/http/ConfigToadlet.java
trunk/freenet/src/freenet/clients/http/DarknetConnectionsToadlet.java
trunk/freenet/src/freenet/clients/http/FProxyToadlet.java
trunk/freenet/src/freenet/clients/http/N2NTMToadlet.java
trunk/freenet/src/freenet/clients/http/PluginToadlet.java
trunk/freenet/src/freenet/clients/http/PproxyToadlet.java
trunk/freenet/src/freenet/clients/http/QueueToadlet.java
trunk/freenet/src/freenet/node/Node.java
trunk/freenet/src/freenet/node/useralerts/MeaningfulNodeNameUserAlert.java
Log:
as toad has pointed out, making Node.formpassword static will preclude running
two nodes within the same jvm ... so I revert it
Modified: trunk/freenet/src/freenet/clients/http/ConfigToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/ConfigToadlet.java 2006-07-20
21:58:55 UTC (rev 9680)
+++ trunk/freenet/src/freenet/clients/http/ConfigToadlet.java 2006-07-20
22:07:23 UTC (rev 9681)
@@ -48,7 +48,7 @@
}
String pass = request.getParam("formPassword");
- if((pass == null) || !pass.equals(Node.formPassword)) {
+ if((pass == null) || !pass.equals(node.formPassword)) {
MultiValueTable headers = new MultiValueTable();
headers.put("Location", "/config/");
ctx.sendReplyHeaders(302, "Found", headers, null, 0);
@@ -126,7 +126,7 @@
buf.append("</div>\n");
buf.append("<div class=\"infobox-content\">\n");
buf.append("<form method=\"post\" action=\".\">");
- buf.append("<input type=\"hidden\" name=\"formPassword\"
value=\""+Node.formPassword+"\">");
+ buf.append("<input type=\"hidden\" name=\"formPassword\"
value=\""+node.formPassword+"\">");
for(int i=0; i<sc.length;i++){
StringBuffer buf2 = new StringBuffer();
Modified: trunk/freenet/src/freenet/clients/http/DarknetConnectionsToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/DarknetConnectionsToadlet.java
2006-07-20 21:58:55 UTC (rev 9680)
+++ trunk/freenet/src/freenet/clients/http/DarknetConnectionsToadlet.java
2006-07-20 22:07:23 UTC (rev 9681)
@@ -422,7 +422,7 @@
buf.append("<input type=\"submit\"
name=\"submit\" value=\"Go\" />\n");
buf.append(" <span
class=\"darknet_connections\">* Requesting ARK</span>\n");
}
- buf.append("<input type=\"hidden\"
name=\"formPassword\" value=\"").append(Node.formPassword).append("\" />");
+ buf.append("<input type=\"hidden\"
name=\"formPassword\" value=\"").append(node.formPassword).append("\" />");
buf.append("</form>\n");
}
buf.append("</div>\n");
@@ -444,7 +444,7 @@
buf.append("or file:\n");
buf.append("<input id=\"reffile\" type=\"file\"
name=\"reffile\" />\n");
buf.append("<br />\n");
- buf.append("<input type=\"hidden\" name=\"formPassword\"
value=\"").append(Node.formPassword).append("\" />");
+ buf.append("<input type=\"hidden\" name=\"formPassword\"
value=\"").append(node.formPassword).append("\" />");
buf.append("<input type=\"submit\" name=\"add\" value=\"Add\"
/>\n");
buf.append("</form>\n");
buf.append("</div>\n");
@@ -476,7 +476,7 @@
HTTPRequest request = new HTTPRequest(uri, data, ctx);
String pass = request.getPartAsString("formPassword", 32);
- if((pass == null) || !pass.equals(Node.formPassword)) {
+ if((pass == null) || !pass.equals(node.formPassword)) {
MultiValueTable headers = new MultiValueTable();
headers.put("Location", "/darknet/");
ctx.sendReplyHeaders(302, "Found", headers, null, 0);
Modified: trunk/freenet/src/freenet/clients/http/FProxyToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/FProxyToadlet.java 2006-07-20
21:58:55 UTC (rev 9680)
+++ trunk/freenet/src/freenet/clients/http/FProxyToadlet.java 2006-07-20
22:07:23 UTC (rev 9681)
@@ -265,7 +265,7 @@
buf.append("<input type=\"hidden\" name=\"key\"
value=\""+key.toString(false)+"\">");
buf.append("<input type=\"hidden\"
name=\"return-type\" value=\"disk\">");
buf.append("<input type=\"hidden\"
name=\"persistence\" value=\"forever\">");
- buf.append("<input type=\"hidden\"
name=\"formPassword\" value=\""+Node.formPassword+"\">");
+ buf.append("<input type=\"hidden\"
name=\"formPassword\" value=\""+node.formPassword+"\">");
if(mime != null)
buf.append("<input type=\"hidden\"
name=\"type\" value=\""+URLEncoder.encode(mime)+"\">");
buf.append("<input type=\"submit\"
name=\"download\" value=\"Download in background and store in downloads
directory\">");
Modified: trunk/freenet/src/freenet/clients/http/N2NTMToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/N2NTMToadlet.java 2006-07-20
21:58:55 UTC (rev 9680)
+++ trunk/freenet/src/freenet/clients/http/N2NTMToadlet.java 2006-07-20
22:07:23 UTC (rev 9681)
@@ -64,7 +64,7 @@
}
buf.append("<form action=\".\" method=\"post\"
enctype=\"multipart/form-data\">\n");
- buf.append("<input type=\"hidden\" name=\"formPassword\"
value=\""+Node.formPassword+"\">");
+ buf.append("<input type=\"hidden\" name=\"formPassword\"
value=\""+node.formPassword+"\">");
buf.append("<div class=\"infobox infobox-normal\">");
buf.append("<div class=\"infobox-header\">");
buf.append("Sending Node To Node Text Message to
"+HTMLEncoder.encode(peernode_name)+"\n");
@@ -95,7 +95,7 @@
StringBuffer buf = new StringBuffer(1024);
String pass = request.getPartAsString("formPassword", 32);
- if((pass == null) || !pass.equals(Node.formPassword)) {
+ if((pass == null) || !pass.equals(node.formPassword)) {
MultiValueTable headers = new MultiValueTable();
headers.put("Location", "/send_n2ntm/");
ctx.sendReplyHeaders(302, "Found", headers, null, 0);
Modified: trunk/freenet/src/freenet/clients/http/PluginToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/PluginToadlet.java 2006-07-20
21:58:55 UTC (rev 9680)
+++ trunk/freenet/src/freenet/clients/http/PluginToadlet.java 2006-07-20
22:07:23 UTC (rev 9681)
@@ -121,7 +121,7 @@
}
String pass = httpRequest.getParam("formPassword");
- if((pass == null) || !pass.equals(Node.formPassword)) {
+ if((pass == null) || !pass.equals(node.formPassword)) {
MultiValueTable headers = new MultiValueTable();
headers.put("Location", "/plugin/");
ctx.sendReplyHeaders(302, "Found", headers, null, 0);
@@ -219,10 +219,10 @@
outputBuffer.append("<td/>");
}
outputBuffer.append("<td><form action=\"./\"
method=\"post\"><input type=\"hidden\" name=\"action\" value=\"reload\"/><input
type=\"hidden\" name=\"pluginName\" value=\"").append(internalName).append("\"
/><input type=\"submit\" value=\"Reload\" />" +
- "<input type=\"hidden\"
name=\"formPassword\" value=\""+Node.formPassword+"\">"+
+ "<input type=\"hidden\"
name=\"formPassword\" value=\""+node.formPassword+"\">"+
"</form></td>");
outputBuffer.append("<td><form action=\"./\"
method=\"post\"><input type=\"hidden\" name=\"action\" value=\"unload\"/><input
type=\"hidden\" name=\"pluginName\" value=\"").append(internalName).append("\"
/><input type=\"submit\" value=\"Unload\" />" +
- "<input type=\"hidden\"
name=\"formPassword\" value=\""+Node.formPassword+"\">"+
+ "<input type=\"hidden\"
name=\"formPassword\" value=\""+node.formPassword+"\">"+
"</form></td>");
outputBuffer.append("</tr>\n");
}
@@ -275,7 +275,7 @@
outputBuffer.append("<div class=\"infobox-content\">");
outputBuffer.append("<form action=\"./\" method=\"post\">");
outputBuffer.append("<input type=\"hidden\" name=\"action\"
value=\"add\" />");
- outputBuffer.append("<input type=\"hidden\"
name=\"formPassword\" value=\""+Node.formPassword+"\">");
+ outputBuffer.append("<input type=\"hidden\"
name=\"formPassword\" value=\""+node.formPassword+"\">");
outputBuffer.append("<input type=\"text\" size=\"40\"
name=\"pluginName\" value=\"\" /> ");
outputBuffer.append("<input type=\"submit\" value=\"Load
plugin\" />");
outputBuffer.append("</form>");
Modified: trunk/freenet/src/freenet/clients/http/PproxyToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/PproxyToadlet.java 2006-07-20
21:58:55 UTC (rev 9680)
+++ trunk/freenet/src/freenet/clients/http/PproxyToadlet.java 2006-07-20
22:07:23 UTC (rev 9681)
@@ -56,7 +56,7 @@
MultiValueTable headers = new MultiValueTable();
String pass = request.getParam("formPassword");
- if((pass == null) || !pass.equals(Node.formPassword)) {
+ if((pass == null) || !pass.equals(node.formPassword)) {
MultiValueTable hdrs = new MultiValueTable();
headers.put("Location", "/queue/");
ctx.sendReplyHeaders(302, "Found", hdrs, null, 0);
@@ -98,7 +98,7 @@
buf.append("<div class=\"infobox-content\">\n");
buf.append("Are you sure you wish to unload " +
HTMLEncoder.encode(request.getParam("unload")) + "?\n");
buf.append("<form action=\"/plugins/\"
method=\"post\">\n");
- buf.append("<input type=\"hidden\"
name=\"formPassword\" value=\""+Node.formPassword+"\">");
+ buf.append("<input type=\"hidden\"
name=\"formPassword\" value=\""+node.formPassword+"\">");
buf.append("<input type=\"submit\" name=\"cancel\"
value=\"Cancel\" />\n");
buf.append("<input type=\"hidden\"
name=\"unloadconfirm\" value=\"" +
HTMLEncoder.encode(request.getParam("unload")) + "\">\n");
buf.append("<input type=\"submit\" name=\"confirm\"
value=\"Unload\" />\n");
@@ -219,16 +219,16 @@
out.append("<td>");
if (pi.isPproxyPlugin()) {
out.append("<form
method=\"get\" action=\"" + pi.getPluginClassName() + "\">" +
- "<input
type=\"hidden\" name=\"formPassword\" value=\""+Node.formPassword+"\">"+
+ "<input
type=\"hidden\" name=\"formPassword\" value=\""+node.formPassword+"\">"+
"<input
type=\"submit\" value=\"Visit\"></form>");
}
out.append("<form method=\"post\"
action=\".\">" +
"<input type=\"hidden\"
name=\"unload\" value=\"" + pi.getThreadName() + "\" />"+
- "<input type=\"hidden\"
name=\"formPassword\" value=\""+Node.formPassword+"\">"+
+ "<input type=\"hidden\"
name=\"formPassword\" value=\""+node.formPassword+"\">"+
"<input type=\"submit\"
value=\"Unload\"></form>");
out.append("<form method=\"post\"
action=\".\">" +
"<input type=\"hidden\"
name=\"reload\" value=\"" + pi.getThreadName() + "\" />"+
- "<input type=\"hidden\"
name=\"formPassword\" value=\""+Node.formPassword+"\">"+
+ "<input type=\"hidden\"
name=\"formPassword\" value=\""+node.formPassword+"\">"+
"<input type=\"submit\"
value=\"Reload\"></form>");
out.append("</td></tr>\n");
}
@@ -244,7 +244,7 @@
// Obsolete
//out.append("<form method=\"get\"><div>Remove plugin:
(enter ID) <input type=\"text\" name=\"remove\" size=40/><input type=\"submit\"
value=\"Remove\"/></div></form>\n");
out.append("<form method=\"post\" action=\".\">" +
- "<input type=\"hidden\"
name=\"formPassword\" value=\""+Node.formPassword+"\">"+
+ "<input type=\"hidden\"
name=\"formPassword\" value=\""+node.formPassword+"\">"+
"<div>Load plugin: <input type=\"text\"
name=\"load\" size=\"40\"/><input type=\"submit\" value=\"Load\"
/></div></form>\n");
//
out.append("</div>\n");
Modified: trunk/freenet/src/freenet/clients/http/QueueToadlet.java
===================================================================
--- trunk/freenet/src/freenet/clients/http/QueueToadlet.java 2006-07-20
21:58:55 UTC (rev 9680)
+++ trunk/freenet/src/freenet/clients/http/QueueToadlet.java 2006-07-20
22:07:23 UTC (rev 9681)
@@ -45,7 +45,7 @@
HTTPRequest request = new HTTPRequest(uri, data, ctx);
String pass = request.getParam("formPassword");
- if((pass == null) || !pass.equals(Node.formPassword)) {
+ if((pass == null) || !pass.equals(node.formPassword)) {
MultiValueTable headers = new MultiValueTable();
headers.put("Location", "/queue/");
ctx.sendReplyHeaders(302, "Found", headers, null, 0);
@@ -533,7 +533,7 @@
private void writeDeleteCell(ClientRequest p, StringBuffer buf) {
buf.append("<td>");
buf.append("<form action=\"/queue/\" method=\"post\">");
- buf.append("<input type=\"hidden\" name=\"formPassword\"
value=\""+Node.formPassword+"\">");
+ buf.append("<input type=\"hidden\" name=\"formPassword\"
value=\""+node.formPassword+"\">");
buf.append("<input type=\"hidden\" name=\"identifier\"
value=\"");
buf.append(HTMLEncoder.encode(p.getIdentifier()));
buf.append("\"><input type=\"submit\" name=\"remove_request\"
value=\"Delete\">");
@@ -544,7 +544,7 @@
private void writeDeleteAll(StringBuffer buf) {
buf.append("<td>");
buf.append("<form action=\"/queue/\" method=\"post\">");
- buf.append("<input type=\"hidden\" name=\"formPassword\"
value=\""+Node.formPassword+"\">");
+ buf.append("<input type=\"hidden\" name=\"formPassword\"
value=\""+node.formPassword+"\">");
buf.append("<input type=\"submit\" name=\"remove_AllRequests\"
value=\"Delete Everything\">");
buf.append("</form>\n");
buf.append("</td>\n");
Modified: trunk/freenet/src/freenet/node/Node.java
===================================================================
--- trunk/freenet/src/freenet/node/Node.java 2006-07-20 21:58:55 UTC (rev
9680)
+++ trunk/freenet/src/freenet/node/Node.java 2006-07-20 22:07:23 UTC (rev
9681)
@@ -651,11 +651,7 @@
public final UserAlertManager alerts;
final TimeDecayingRunningAverage throttledPacketSendAverage;
/** Must be included as a hidden field in order for any dangerous HTTP
operation to complete successfully. */
- public static final String formPassword = String.valueOf(
- String.valueOf(
-
System.getProperties().toString()+System.currentTimeMillis()
- ).hashCode()
- );
+ public final String formPassword;
final TimeDecayingRunningAverage remoteChkFetchBytesSentAverage;
final TimeDecayingRunningAverage remoteSskFetchBytesSentAverage;
final TimeDecayingRunningAverage remoteChkInsertBytesSentAverage;
@@ -1034,6 +1030,9 @@
// Easy stuff
Logger.normal(this, "Initializing Node using SVN
r"+Version.cvsRevision+" and freenet-ext r"+NodeStarter.extRevisionNumber);
System.out.println("Initializing Node using SVN
r"+Version.cvsRevision+" and freenet-ext r"+NodeStarter.extRevisionNumber);
+ byte[] pwdBuf = new byte[16];
+ random.nextBytes(pwdBuf);
+ this.formPassword = Base64.encode(pwdBuf);
nodeStarter=ns;
if(logConfigHandler != lc)
logConfigHandler=lc;
Modified:
trunk/freenet/src/freenet/node/useralerts/MeaningfulNodeNameUserAlert.java
===================================================================
--- trunk/freenet/src/freenet/node/useralerts/MeaningfulNodeNameUserAlert.java
2006-07-20 21:58:55 UTC (rev 9680)
+++ trunk/freenet/src/freenet/node/useralerts/MeaningfulNodeNameUserAlert.java
2006-07-20 22:07:23 UTC (rev 9681)
@@ -33,7 +33,7 @@
"Putting your e-mail address or IRC nickname there is generally
speaking " +
"a good idea and helps your friends to identify your node.");
buf.append("<form method=\"post\" action=\"/config/\">");
- buf.append("<input type=\"hidden\" name=\"formPassword\"
value=\""+Node.formPassword+"\">");
+ buf.append("<input type=\"hidden\" name=\"formPassword\"
value=\""+node.formPassword+"\">");
//buf.append("<ul class=\"config\"><span
class=\"configprefix\">"+sc.getPrefix()+"</span>\n");
buf.append("<ul class=\"config\">\n");
buf.append("<li>");
