dandri/i2p.i2p
1
0
Fork 0
mirror of https://github.com/i2p/i2p.i2p.git synced 2026-06-07 06:41:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
18,305 Commits 1 Branch 306 Tags
35585ce02de7eebaeb0aac4e092942cfd6df7c4e
Commit Graph

7965 Commits

Author SHA1 Message Date
zzz ba694d4702 i2psnark: Fix check for existing base file when adding via create form 
don't use the filtered name
 2026-05-17 12:27:06 -04:00
zzz a9ded0827d i2psnark: Use unfiltered base file name if it exists 
reported by: Igillis
 2026-05-17 12:23:03 -04:00
zzz 479154c75e i2psnark: Add check for empty filenames 
reported by: bottomlineit.co.za
 2026-05-17 12:16:33 -04:00
zzz dd29ae7e86 Remove more deprecated thread calls in bw tester 2026-05-16 14:48:17 -04:00
zzz 634a533861 i2psnark: Increase max form keys 
Jetty default max is 1000 which got hit by a user
on the details page priorities form with more than 1000 files in a directory.
 2026-05-15 13:56:25 -04:00
zzz d4fb957549 susimail: Remove static login nonce 
Fix the original problem this was a workaround for.
The next nonce was put in the old session object that was invalidated.
Put it in the new session object instead.
 2026-05-15 12:44:18 -04:00
zzz 2e194a47fe Console: Don't display hide/show news links on /configupdate 
and stay on same page when clicking hide/show links.
Also fix HTML dangling span if lastUpdated == 0

Fixes Gitea #249
Adapted from GH PR #149 by tahnous
 2026-05-15 10:24:07 -04:00
zzz 5f71311cbd More constant time string comparisons 
adapted from I2PPlus
 2026-05-10 19:28:42 -04:00
zzz 85499fbb8b Hoist random() calls out of session synch blocks 2026-05-10 09:06:00 -04:00
zzz dfaa5c3f81 i2ptunnel: P-R-G for list page forms 2026-05-09 12:48:28 -04:00
zzz 102b7f0674 i2ptunnel: Refactor list page forms 
- Move all form buttons to POST and enforce
- Use form attributes for per-tunnel buttons (thanks drzed)
- Remove xml headers
- Remove ancient IE workarounds
 2026-05-09 12:00:51 -04:00
zzz a4afe588f3 Util: Use constant-time comparison in various password checkers 
reported by: bottomlineit.co.za
 2026-05-08 15:02:22 -04:00
zzz bbe18c9e9f Console: Remove ancient IE workaround code 
reported by: bottomlineit.co.za
 2026-05-08 12:42:52 -04:00
zzz f0afcfcf68 Console: Add missing description for jsonrpc webapp 2026-05-07 15:30:35 -04:00
zzz 41ba80fa87 i2ptunnel: Refactor nonces 
Replace the static nonce list with a session-bound nonce queue,
move form keys from static to session.
Prep for button conversion to POST

related changes to follow
 2026-05-07 13:51:08 -04:00
zzz 98fb8c2af5 javadoc corrections 2026-05-07 11:40:42 -04:00
zzz f13ba5d987 i2psnark: Refactor nonces 
Replace the webapp-wide nonce with two session-bound nonce queues,
one for the outer section and details/config pages, one for
the inner (XHR) section.

Any form-stuffing scripts that grab the nonce must be updated
to store and return the session cookie also.

related changes to follow

reported by: bottomlineit.co.za
 2026-05-07 11:14:35 -04:00
zzz ea83c15d49 CSS tweak 2026-05-06 13:14:23 -04:00
zzz a587f79c75 Console: Add search option for PQ SSU2 2026-05-06 12:53:30 -04:00
zzz 8f2a8b3e3a Console: Validate Origin header 
related changes to follow
adapted from code in I2P+, same license as ours

reported by: bottomlineit.co.za
 2026-05-06 12:48:46 -04:00
zzz 0a9e68f688 Console: Refactor nonces 
Replace the following static nonces with a consolidated session-bound nonce queue in CSSHelper:
- "console" static final nonce stored in CSSHelper
- "system" (restart) static final nonce stored in ConfigRestartBean
- "update" nonce stored in System properties via SummaryHelper
- "reseed" nonce stored in System properties via SummaryHelper

related changes to follow

reported by: bottomlineit.co.za
 2026-05-06 12:44:49 -04:00
zzz 28bd5ce456 Console: Make section render methods private 2026-05-04 14:50:46 -04:00
zzz 7ecd7fcae1 Console: Remove unused getNonce() calls 2026-05-04 14:44:31 -04:00
zzz 566d4f86e6 i2psnark: Remove support for ancient name.utf-8 and path.utf-8 metainfo entries 
These were non-standard old pre-utf8 fields, and were never well-tested code paths.
name and path are always UTF-8 now according to the specs.
utf-8 flavors bypassed some sanitization.

reported by: bottomlineit.co.za
 2026-05-01 18:09:52 -04:00
zzz c3c222d5d3 Console: Specify full path to Windows service scripts 
reported by: bottomlineit.co.za
 2026-05-01 16:40:56 -04:00
zzz 6c33651714 i2ptunnel, I2CP, SAM: Add delays on auth failure 
to slow down repeat attempts
 2026-04-27 12:13:18 -04:00
zzz 818d0dfd5f i2psnark: Fix autostart of completed torrents when added to the directory 
by not saving the torrent config file twice
(once via storageAllChecked() and once via storageCompleted() from Storage.checkCreateFiles())
the 1st call set running=true but the 2nd set running=false
 2026-04-26 15:42:16 -04:00
zzz 66b6986ee0 Update: Randomize the order of news URLs when fetching 
so if the "primary" is older than the "backup" things will still get updated eventually
 2026-04-26 08:30:49 -04:00
zzz 7c99bb702e Console: Sanitize plugin name in ConfigClientsHandler 
reported by: bottomlineit.co.za
 2026-04-25 18:19:26 -04:00
zzz 4f892d6331 I2CP, SAM: Support lookup of ls2 options (proposal 167) 2026-04-25 10:43:58 -04:00
zzz 3ad729aae9 Addressbook: Do not re-add hosts deleted in router address book 
persist in file deleted.txt
and support regexes manually added in that file
change some Daemon methods to private

github #138
 2026-04-25 10:07:58 -04:00
zzz 2a7f1caa21 SOCKS4a: Limit max string length 
prevent local OOM

reported by: bottomlineit.co.za
 2026-04-25 09:57:47 -04:00
zzz ba572bd1bd spotbugs fixes all over 2026-04-25 09:53:32 -04:00
zzz 9d0d5eb604 Pull translations from Weblate 
fix 'ant testscripts'
 2026-04-17 14:24:24 -04:00
zzz 735c9592f8 poupdate-source 2026-04-08 11:34:22 -04:00
zzz 4265d6d60e i2ptunnel: Catch corrupt HTTP responses sooner 
log tweaks
 2026-04-04 06:47:02 -04:00
zzz 882b00434e Console: Move language dropdown data so translation report can get to it 
Add dropdown data to translation report
 2026-03-31 13:28:05 -04:00
zzz 8ce7e47624 SAM: Use session for b32 lookups if available 
so router doesn't use expl. tunnels and put LS in main db
 2026-03-27 16:39:02 -04:00
zzz 2e0d9bd726 SAM: error message for NAMING LOOKUP NAME=ME out-of-session rather than just close socket 2026-03-27 10:06:26 -04:00
zzz 10da8f733e Remove deprecated ThreadGroup and SecurityManager calls 2026-03-26 13:15:09 -04:00
zzz fcce5ed3bf Console: Add sidebar link to client netdb tab 2026-03-25 16:30:20 -04:00
zzz 44263ae960 Console: Display LS2 options if any 2026-03-25 10:36:24 -04:00
zzz 44f98f28fc Improve SAM error message 2026-03-24 11:30:15 -04:00
zzz daba09000f Console: HTML fix for Weblate take 6 2026-03-23 12:10:11 -04:00
zzz 0ee2bde6cb Console: HTML fix for Weblate take 5 2026-03-23 10:22:23 -04:00
zzz 70c2b3f377 Console: HTML fixes for Weblate take 4 2026-03-22 18:15:10 -04:00
zzz 1a4a04eeab Console: Show conn limits on peer status page 2026-03-21 16:19:36 -04:00
zzz 0ba36d48df i2ptunnel: Add warning if hostname set to default mysite.i2p 2026-03-21 16:09:35 -04:00
zzz 6706195da1 Console: HTML tweaks to English files 
to try to make Weblate parser happy
 2026-03-20 10:06:45 -04:00
zzz 813bb6fd34 Build: Gradle fixes for Jetty 12 
Gitea #537
 2026-03-19 19:27:22 -04:00