I2CP: Enforce strict authorization when auth is enabled

2014-09-04 13:28:40 +00:00
parent 09cf973712
commit 1078c42a14
1 changed files with 2 additions and 2 deletions
--- a/router/java/src/net/i2p/router/client/ClientMessageEventListener.java
+++ b/router/java/src/net/i2p/router/client/ClientMessageEventListener.java
@@ -84,8 +84,8 @@ class ClientMessageEventListener implements I2CPMessageReader.I2CPMessageEventLi
            _log.debug("Message received: \n" + message);
        int type = message.getType();
        if (!_authorized) {
-            // TODO change to default true
-            boolean strict = _context.getBooleanProperty(PROP_AUTH_STRICT);
+            // Default true as of 0.9.16
+            boolean strict = _context.getBooleanPropertyDefaultTrue(PROP_AUTH_STRICT);
            if ((strict && type != GetDateMessage.MESSAGE_TYPE) ||
                (type != CreateSessionMessage.MESSAGE_TYPE &&
                 type != GetDateMessage.MESSAGE_TYPE &&