- Redefine the repliable datagram signature for non-DSA_SHA1 sig types;
was the sig of the SHA-256 of the payload, now the sig of the payload itself.
This is an incompatible change but nobody is yet using the new
sig types for datagram applications.
- Don't pollute the hash cache with hashes of payloads
- Check for too-big datagrams
- Remove assertion check
- Cleanups
- Clean up and reuse MessageState for asynch notification
- New I2PSession sendMessage() method and listener
- Move VerifyUsage from SimpleScheduler to SimpleTimer2 for efficiency
- Fix up javadocs
- Add SessionID to HostLookup/Reply messages, for future
use when we have multiple sessions
- New SessionID constructor w/ value
- Throw IAE on invalid SessionID values
- Bump all comments from 0.9.10 to 0.9.11
- Support i2cp.destination.sigType option in TunnelController and
I2PSocketManagerFactory
- Fixup of Destination.create() and Destination.size()
- Add generic off/len methods in DSAEngine, needed for streaming
- Fixup of sign/verify in streaming Packet
- Javadocs
of signing keys and signatures in RouterIdentities and Destinations.
Untested, not even for regressions, except with command line
using PrivateKeyFile.
Based on preliminary spec at http://zzz.i2p/topics/1442?page=1#p7524
Not done:
- Transport handshake signing
- Configuration of default type
- Specification of type in options to I2PSocketManagerFactory
- Specification of type in i2ptunnel
- Fix up caching of SigningPublicKey and P256 key cert
- Any non-default crypto type in the key cert
- Documentation
- Add support for b64 conversion in destLookup()
- Catch invalid message length sooner
I2Ping:
- Extend I2PTunnelClientBase so non-shared-client,
I2CP options, and other features will work
- Fixes for fields and threading
Streaming:
- Send LS with ping (broken since 0.9.2)
- Set the NO_ACK flag on pings and pongs
- Add support for hostname lookups over I2CP with new
HostLookup and HostReply messages.
- Move username / password from CreateSession
to GetDate for early authentication;
this is an incompatible chage.
Outside router context with authentication enabled,
new clients will not work with old routers.
Early authentication is not yet enforced, enable with
i2cp.strictAuth=true. Will change default to true in a later release.
- Block all actions before authentication.
- Better disconnect messages to clients for diagnostics
- Improve lookup command, add auth command in i2ptunnel CLI for testing
- Don't start ClientWriterRunner thread in constructor
- Don't flush in ClientWriterRunner unless necessary
- Send GetDate even in SimpleSession outside of RouterContext
- Improve SetDate wait logic to reduce locks and break out when
Disconnect received
- Add Disconnect handler to SimpleSession
- I2Ping cleanups
- Javadocs
move cert location to certificates/i2cp.
* I2PTunnel: Support SSL for connection to local server
for Standard, HTTP, and IRC server tunnels.
Put server cert in certificates/i2ptunnel if necessary.
Consolidate KeyStore code from SSLEepGet, I2CPSSLSocketFactory,
SSLClientListenerRunner, and RouterConsoleRunner into new
KeyStoreUtil and CertUtil classes in net.i2p.crypto (ticket #744)
- Move more cleanups to finally block
- Bounded wait
- Don't ignore InterruptedExceptions, wrap in I2PSessionException and throw
- More finals
- Synch tweaks
- I2PSocketManagerFactory: New createDisconnectedManager(), javadocs
- I2PSessionImpl: Rewrite state management and locking, prevent multiple
connect() calls, but allow disconnect() to interrupt connect()
- I2PSimpleSession: Changes to match I2PSessionImpl
- I2PTunnelServer: Don't connect in constructor, use createDisconnectedManager()
for a final manager, finals and cleanups
Lightly tested.
Todo: I2PTunnelClientBase
- Add new I2CP RequestVariableLeaseSetMessage
- Send RVLSM if client supports it; handle on client side;
disabled by default for the moment.
- Add LeaseSet.getLatestLeaseDate()
- Check latest, not earliest, date too far in future in KNDF.validate()
- Check latest date too far in past in KNDF.validate()
- Only check gateway and tunnel ID for equality in OCMOSJ lease caching to reduce churn
- Split up KNDF.validate(RI) for efficiency, don't need to check
signature, netid, etc. before lookups, only on store
- Remove enforeNetID config
- Fix major bug causing newer leasesets to be treated as older, and not stored or published
- Increase max adjustment time of earliest lease
- TransientDataStore cleanups
- RouterInfo and LeaseSet equals() speedups
- Fix bug that kept reverse index from being updated
- Bump DB version to 3 to trigger repopulation of the reverse index
- Make metaindex final
- Add freelist check to the main() test
- Prep for delivery of detailed failure codes to the client (ticket #788)
- Store session ID as an int instead of a long
- Clean up some duplicate createRateStat calls (ticket #787 comment 2)
- Other optimizations, cleanups, final
- Better fix for logging dropped messages (ticket #758)
- Implement fast receive to reduce per-message handshakes
- Make messageReliability=none the default
