- Change default RI sig type to Ed25519, with a 10% chance od
rekeying from DSA at each restart
- Don't initialize KeyManager before selecting sig type
- Don't log KeyManager error when changing sig type
- Return partial piece to coordinator after reject
- Fix tracking of downloaded portion of piece after reject
- Send reject on receipt of bad request
- Mark piece unrequested after receiving bad data, so it
will be requested again, but not from the same peer
- Fix NPE in Request constructor on error
- Fix stuck before completion due to reject handling (ticket #1633)
sender queue, not on the way out, so that SSU requests
bandwidth allocations for each packet in parallel
and competes more effectively with NTCP for bandwidth.
Inbound stubbed-out only.
so I/O doesn't stall under high CPU load
- Raise DH generator thread priority to keep
DH building out of event pumper thread
- Raise PRNG and YK generator thread priorites one notch
- Set I2PThread priority in constructor
Fixes problems mainly seen on Windows, which seems
to be much more sensitive to priority settings
St. Maarten, South Sudan
AP: black flag copied from A1
BL: official flag is France, copied from FR
BQ, SX, SS: PNG files generated from public domain SVG files from Wikipedia
Shortened some other country names (remove "Republic of", etc.)
Change spelling to Macau, Vietnam
at least one OB tunnel, so the client waits until we are ready.
This will reduce drops, retransmissions, and failures on new client tunnels.
Fixes to prevent multiple pending LS requests.
- When socket is closed, set sessionID and LS to null,
close subsession and set its sessionID and LS to null
- Checks on client side for null session ID
- Check for null session in Destroy Session message
- Don't kill I2CP connection due to a bad session ID
in a SendMessage, just drop the message and send
a MessageStatusMessage
- Log tweaks
Catch null SessionId in messages and stop connection instead of NPE
Wait for LS in SubSession in connect() so we don't send data w/o
a session ID and leaseset
Log tweaks
Send our own RI unsolicited in reply if we aren't floodfill
Don't ack or flood a store of an unknown type
PeerTestJob: Don't generate zero reply token
Tunnels: More checks of messages received down exploratory tunnels
javadocs and comments
Store the session in Connection;
Don't create a new ConnectionManager for a subsession,
now that all components track the session properly.
@since updates
- Directly connect to nearby floodfills to share our RI to speed up integration of new floodfills (#1195).
- Called on both non-ff -> ff OR ff -> non-ff.
- Create FloodfillRouterInfoFloodJob to do so.
InflaterOutputStream, available since Java 6.
Removes PipedInputStream, PipedOutputStream.
Removes Pusher threads.
Remove delay workaround for truncated pages, no longer required.
NetDb: Drop all-zero lookups and stores, add stats
SSU:
- Fix debug logging of dumped packets
- Drop sessions with bad clock skew, banlist peer, add stats
- Drop sessions with corrupt DSM, banlist peer, add stats
Log tweaks
isn't destroyed and immediately replaced by i2ptunnel,
which caused dup shared clients in a race at startup;
Clarify session exception text if not open
isn't treated as CLOSED and immediately replaced by i2ptunnel,
which caused dup shared clients in a race at startup
(possible related tickets #642, #650, #815, #1545)
- Close sockets and stop tunnels when router-side SAM stops (ticket #1572)
- Better checks for quoting status message strings (ticket #1488)
- Set encoding for sam.keys file
- Don't throw NPE on rare stream errors
- Comment out unused dumpProperties()
- Cleanups, log tweaks, thread name tweaks
caused by calling close() from HTTPResponseOutputStream.Pusher,
but close() rendered the underlying InflaterInputStream unusable.
Broken in -15. Caused failed HTTP fetches and other flakiness.
Sink.send() may now throw RuntimeException,
converted from IOException or I2PSessionException;
interrupt runner threads on error;
ignore I2PSessionException in Pinger.close();
logging and javadoc improvements;
untested
Full version is used as the su3 version.
Uses same su3 certs as release updates. Users may add additional certs
to ~/.i2p/certificates/router/ as necessary.
Copy echelon's reseed key for use as a router signer.
Unsigned update remains a separate option for now.
Various update subsystem cleanups.
I created this patch a couple of years ago and at that time symlinking (for
reasons I don't remember anymore) didn't work. Now it works with symlinks, so
let's go with that. (Tested in OpenBSD 5.7)
We don't include a wrapper for OpenBSD and Tanuki doesn't offer OpenBSD
binaries either. It is available as an OpenBSD package. Therefore, if the
wrapper is not found (likely), advise the user to install it. The next time
`i2prouter start` is run, the wrapper will be copied to the I2P install
directory and it should "just work".
to reduce object churn, we only need one
Add DeliveryInstructions.create() to return immmutable
local instructions, to reduce object churn
Minor cleanups
certificates/ssl/netdb.i2p2.no2.crt was checked in on 2014-12-08 with the
intention of its replacing certificates/ssl/netdb.i2p2.no.crt after a
transition period of a few months had passed. The certificate has already been
switched out on the server.
enum fixes so we don't always force a peer test quickly
set reachability status at startup when interfaces are configured
prevent firewalled -> OK -> firewalled+OK transition
certificates/ssl/ieb9oopo.mooo.com2 was checked in on 11/23/2014 with the
intention of its replacing certificates/ssl/ieb9oopo.mooo.com.crt after a
transition period of a few months had passed. The certificate has already been
switched out on the server.
Implement methods to remove only a single IPv4 or IPv6 address,
so that IPv6 addresses will remain when SSU detects that IPv4 is firewalled
Summary bar status fixes
Fix getIsPortFixed() for more enum cases
log tweaks, cleanups
Don't include NTCP conns established too long ago in clock skew vector
Hide unestablished outbound NTCP conns from /peers view
Add per-transport status to /peers
Put status description instead of code into event log reachability changes
- NTCP inbound skew calculation had flipped sign
- Include RTT in NTCP skew calulation
- Set SSU skew on first packet so it's right from the beginning
- Above should fix the "ignoring clock offset" error
- Javadocs
RouterClock:
- Add config to disable clock adjustment for testing
- Reduce window in skew vector for slew calculation
- Double max slew rate
let the shutdown progress normally;
Make it an I2PThread instead of a Runner so we can
call fireOOM() for consistent logging (ticket #1549)
Router: Don't add OOM listener on Android so
we don't hang onto the context
- Add hostname verification using code from
Apache HttpClient 4.4.1 (Apache 2.0 license)
and one small class from HttpCore 4.4.1,
slightly modified to remove additional Apache dependencies
and unneeded code.
- Includes support for public suffix list;
use basic list with standard TLDs,
and also support loading the big Mozilla list,
but don't bundle the 150KB Mozilla list for now.
- For Android, use its default verifier, which
should actually work (unlike Oracle)
- Java 7 not required, although servers requiring SNI will now
fail on Java 6, which does not support SNI
SSLEepGet:
- Rework recent setSoTimeout code changes, as they broke SNI
- Add option to save certs even if no errors
- Add option to disable hostname verification
Apache HttpClient 4.4.1 (Apache 2.0 license)
and one small class from HttpCore 4.4.1,
unmodified as a baseline for future merges.
Does not compile.
See following checkins for more info
catch IAE from getInstance() if i2ptunnel.config isn't found
in app context; log tweaks; config command tweaks
Unit tests: Fix several NPEs in LocalClientManager,
implement HostLookup
- Add country-to-continent mapping
- Add continent pool.ntp.org zones as first fallback,
this will improve time service for countries that don't have a zone
- Don't start threads in constructors
- Fix logging, better prevention of initialization loops
- Log severe errors to wrapper log also
continent.txt file from http://dev.maxmind.com/geoip/legacy/codes/country_continent/
Creative Commons Attribution-ShareAlike 3.0 Unported License
http://dev.maxmind.com/geoip/legacy/geolite/
Terms already met in LICENSE.txt
Start availability notifier in subsession
Availability notifier cleanup
Various log tweaks added while chasing this down
Better subsession state management
I2PSocketManagerFull verifies subsession to force connect()
Successfully tested
Stub out hardcoded list of DSA-only destinations
Tweak client name length in summary bar
Force initial leaseset request for subsession
Send SessionStatus msg before LS request for subsession
Fix sending CreateSessionMessage for subsession
New AliasedTunnelPool for subsessions, don't reuse TunnelPool,
so it has its own settings
Fix addAlias()
Simplify refreshSettings()
Send status message on subsession create failure
Fix settings for subsession
Fix NPE in requestLeaseSet()
Fix setting new session ID in SessionStatusMessage
Fix subsession support detection
Streaming: one socket manager, multiple connection managers.
Change data structure for subessions in socket manager
Subsession cleanup on destroy
I2PTunnel: add DSA subsession for non-DSA shared client
Javadocs
which will make the network-down message in the console consistent.
Javadocs for getActivePeers() and getActiveSendPeers()
Make getActivePeers() and getActiveSendPeers() abstract in TransportImpl
Make getActivePeers() and getActiveSendPeers() more efficient
Preliminary conn limits for P/X
Log tweaks
i2ptunnel:
- Better timeout handling when reading headers in HTTP server (improved fix for ticket #723)
Enforce total header timeout with new readLine()
- Prep for returning specific HTTP errors to client on request timeout and header errors,
instead of just closing socket... further work to be in i2p.i2p.zzz.test2 branch
Streaming:
- Fix read timeout on input stream - was waiting too long, often twice as long as timeout, or more
Enforce total timeout even when notify()ed
- Fix read() returning 0 on read timeout instead of -1 (possible fix for ticket #335)
This prevents passing partial headers to server on timeout
- Fix javadocs for read timeout to match current behavior
- Fix StandardSocket SoTimeout to account for differences with I2PSocket readTimeout
- log tweaks
transparently, to support HTTPS over the same tunnel,
when so configured.
Jetty: Add extensive help to jetty-ssl.xml for setting
up SSL on the same server.
with a Writer or getBytes("UTF-8") for efficiency and to
avoid encoding issues.
Store strings as strings, not bytes.
Catch IOEs to prevent cascading error pages.
Minor cleanups
- Move multipart form support from susimail to jetty-i2p.jar
so console can use it
- Add multipart form support to formhandler.jsi and FormHandler.java
Reseed:
- Fix zip magic number
- Finish manual reseed from local file
package.html files for jetty-i2p.jar
- Add form to manually reseed from zip or su3 URL
(result status not yet working)
- Add form to manually reseed from local zip or su3 file
(not yet working, needs multipart/form-date moved from susimail)
- Add form to create reseed zip file to share
(working)
- Backend support and refactoring in reseed code
Work in progress.
Router-side I2CP mostly done.
Client-side I2CP mostly done but undecided on how to handle
listeners.
Streaming stubbed out but may be wrong, may need multiple socket managers,
not clear how to proceed.
I2PTunnel not started.
Blacklist of DSA-only dests not started.
Router leaseset publishing not correct. Not clear whether to have
additional tunnel pools with flags, or put the tunnel pools into
the client hashmap twice. Client config contains destination,
may need to move that to tunnel pool.
Prop from i2p.i2p.zzz.upnp, containing:
Cyberlink for Java v3.0 + (2015-02-15) from github
See branch revs for more info and fixups.
Previous was Cyberlink for Java v2.1 (2011-09-16) from SVN.
From a scan of the 2.1-to-3.0 diff, it's mostly
formatting changes, getting rid of DOS line endings,
and a couple of new features we don't need.
I see very few fixes. And the Device.getAbsoluteURL()
"fixes" did not work in my testing, I had to fix them again.
Unlikely to fix any of the open UPnP tickets #481#725#728#1194#1480.
But now we're current.
- Send exploratory lookups directly to the floodfill if
we are already connected to him
- Don't encrypt RI lookups when overloaded
- Don't explore when overloaded
- SearchJob cleanups
Tunnels: Drop instead of reject requests on high job lag
Unmodified cybergarage-upnp from github rev 9499b03 2015-02-05
https://github.com/cybergarage/cybergarage-upnp/commits/master
which is the same as rev 3ed1af9 2014-07-28 except for
the addition of README.md which we aren't using.
This is post-version 3.0.
Omitted files:
router/java/src/org/cybergarage/xml/parser/XercesParser.java
router/java/src/org/cybergarage/xml/parser/XmlPullParser.java
router/java/src/org/cybergarage/xml/parser/kXML2Parser.java
chmod all files back to 644.
Diverging from 2.1 checkin rev 59eae97dbb470d8c4a1e4dba3a9763e134bb0c53
in prep for merging.
License unchanged.
Compile tested only.
- Use lifetime average value for job lag
- Change the job lag limit to less than 25ms
- Consider and set the limit of backlogged tunnels to less than 5
receiving a message. Possible workaround for tickets #551, #1075, #1411.
Root cause of problem not yet found.
- Increase threshold for loop throttle, this probably isn't the problem.
- Log tweaks
to the lease, as that may be reducing the odds of trying a
different path and hurting connection reliability.
While the change may slightly increase connection congestion,
if it helps with reliability then it's worth it.
- Sort introducers in router address, so we won't force a republish
due to a different ordering of the same introducers
- Don't publish an address if we need introducers but don't have any,
so the user won't see a 'firewalled with inbound NTCP enabled' message
caused by change in 0.9.17 removing IP/port from published address
when firewalled. We must now keep a local unpublished address
also, containing the detected IP/port.
- Rescan for devices periodically and when reachability changes (tickets #661, #959)
- Don't put "I2P" in registered protocol name
- Add uptime to UPnP info
- HTML escaping
- Remove static log on Android
- Javadocs and cleanups
PLRIJ interval was 37-50 minutes. Reduce that by 4x,
but for 3 out of 4 times, only publish if something changes,
including cost. 4th time, always publish, as before.
This will hopefully reduce routers getting slammed to
conn limits on a transport.
Tunnels: Cleanup, catch more cases of zero-hop configuration
ClientAppConfig: Start i2ptunnel sooner
Since BuildRequestor won't use a zero-hop exploratory as a paired tunnel
for client builds, it's now safe to start client tunnels
before the expl. tunnels are ready. This will save up to 90 seconds.
The webpack* and cloudflare* certificates are for ssl.webpack.de and
cowpuncher.drollette.com, respectively. I'm removing the smartcom.org
certificate because it's unused.
Big savings is on client side (two less threads per connection)
- Move client pool from static inI2PTunnelClientBase to TCG.
- Use client pool for some server threads
- Run some things inline that were formerly threads
- Client-side I2PTunnelRunner thread used to do nothing but start 2 more
threads; now it runs one inline (like we do for server-side HTTP)
- Javadocs and cleanups
Was originally intended to reduce load for high-traffic servers
but most of the savings for now is on the client side.
Ref: http://zzz.i2p/topics/1741
Todo: Figure out how to run the HTTP client-side gunzipper inline too
Todo: More server-side improvements
---
Client side:
before:
4-5 threads, 1-2 pooled
I2PTunnel Client Runner (BlockingRunner from client pool)
starts I2PTunnelRunner or I2PTunnelHTTPClientRunner and exits
starts StreamForwarder toI2P and waits
starts StreamForwarder fromI2P and waits
starts HTTPResponseOutputStream (HTTP gunzip only) (from client pool)
now:
2-3 threads, 1-2 pooled
I2PTunnel Client Runner (BlockingRunner from client pool)
runs I2PTunnelRunner or I2PTunnelHTTPClientRunner inline
starts StreamForwarder toI2P and waits
runs StreamForwarder fromI2P inline
starts HTTPResponseOutputStream (HTTP gunzip only) (from client pool)
---
Server side:
before:
1-4 threads, 0-1 pooled
Server Handler Pool (Handler from server pool) execpt for standard server, blockingHandle() inline in acceptor
starts I2PTunnelRunner or CompressedRequestor and exits
starts StreamForwarder toI2P and waits (inline for HTTP)
starts StreamForwarder fromI2P and waits (except not for HTTP GET)
now:
1-4 threads, 0-2 pooled
Server Handler Pool (Handler from server pool) execpt for standard server, blockingHandle() inline in acceptor
starts I2PTunnelRunner or CompressedRequestor and exits (using client pool)
starts StreamForwarder toI2P and waits (inline for HTTP)
starts StreamForwarder fromI2P and waits (except not for HTTP GET)
please commit some updates for my reseed servers: Add new ssl-certs:
ieb9oopo.mooo.com2.crt --> certificates/ssl/
link.mx24.eu.crt --> certificates/ssl/
The first one is a new ssl-cert as exchange for the current one.
On http-server side the exchange will take place sometimes next year,
until then the current existing ieb9oopo.mooo.com.crt is still valid.
The second is a new reseed server from me.
Reseeder.java: Please add to DEFAULT_SSL_SEED_URL:
https://link.mx24.eu/
with this comment:
// Only HTTPS and SU3 (v3) support
Also the list can be cleaned up from these other dead servers:
Move some data structures away from ByteArray; offsets were always zero
- New BuildRequestRecord constructors
- BuildRequestRecord field becomes final byte[222]
- IV becomes byte[16]
- Build record becomes EncryptedBuildRecord
Remove extra copy in BuildRequestRecord.encryptRecord()
Remove unused BuildRequestRecord.readOurIdentityMatches()
- Fix bug that left server acceptor thread running after close
- Add destroy() methods to release all resources when closing a tunnel for good,
particularly the streaming timer threads
- Use COWAL to prevent concurrency problems
- Javadocs
Streaming:
- Don't return null from accept() any more; actually throw
ConnectException as the javadocs have always specified
- Throw ConnectException from accept() if interrupted; previously caught and ignored
- Throw exceptions from ConnectionHandler.accept(), not higher up
- Close ServerSocket when ConnectionManager is shut down
- Synchronize setActive(), clear queue when starting to accept,
better handling of calls that don't change state
- Javadocs
ConfigClientsHelper: Call isPluginRunning() less often
PluginStarter: Simplify detection of active threads
Above changes mostly in support of zzzot plugin implementing ClientApp
and being able to shut down completely so there are no threads
in its thread group, so /configclients will all show status as stopped.
Previously, the I2PTunnelServer acceptor thread and
one or more streaming timer threads would remain.
- move signing to ant macros so they can be used by multiple build targets
- add support for signed devbuilds
- add support for generating i2pseeds.su3 (for testing)
Full acks were included in the bitfield portion, which
ran over and appeared to be fragments.
Also clean up setting bytes with initial data, for clarity.
ECDSA default for all new server tunnels
ECDSA default for streamr client tunnels
Fix display of server destination on edit page when not running (privkey file path wasn't absolute)
Fix display of persistent client key b32 on edit page when not running
Fix display of server sig type on edit page when we have a privkey file
Add KeysAndCert.getSigType()
Javadocs
- Fix SU3File support (tested)
- Finish implementation (untested)
- Output metadata as comments in news.xml
- Support signed HTML
- Copy router certs to news
No spec yet, just followed str4d's testnews.atom.xml proposal.
Atom parsing is tested, su3 part is incomplete and untested.
Todo: add spec to http://i2p-projekt.i2p/en/docs/spec/updates,
finish su3 and test.
Switch back to QueuedThreadPool (ticket #1395)
In Jetty 5/6, the default QTP was not concurrent, so we switched to
ThreadPoolExecutor with a fixed-size queue, a set maxThreads,
and a RejectedExecutionPolicy of CallerRuns.
Unfortunately, CallerRuns causes lockups in Jetty NIO.
In addition, no flavor of TPE gives us what QTP does:
- TPE direct handoff (which we were using) never queues.
This doesn't provide any burst management when maxThreads is reached.
CallerRuns was an attempt to work around that.
- TPE unbounded queue does not adjust the number of threads.
This doesn't provide automatic resource management.
- TPE bounded queue does not add threads until the queue is full.
This doesn't provide good responsiveness to even small bursts.
QTP adds threads as soon as the queue is non-empty.
QTP as of Jetty 7 uses concurrent.
QTP unbounded queue is the default in Jetty.
So switch back to QTP with a bounded queue, which does what we want,
which is first expand the thread pool, then start queueing, then reject.
ref:
http://docs.oracle.com/javase/6/docs/api/java/util/concurrent/ThreadPoolExecutor.htmlhttps://wiki.eclipse.org/Jetty/Howto/High_Load
- Remove duplicate load3 and load4 methods
- Change load3 return type to int
- Comment out dead stores
- Re-roll the add, subtract, and negate loops;
there's no speed benefit or timing reason to unroll them
- Check for field already set
- Remove shifts by 0
- Fix model and family calculation
- Fix most AMD family 15 IDs
- Add AMD Llano, Jaguar, Bulldozer 2
- Add Intel Ivy Bridge, Haswell, Broadwell, Penryn, Pineview, Cedarview, Bay Trail, Avoton, and others
- Set best-guess capabilities for most Intel processors
- Supply best-guess model string in most cases
- Processors listed above, and some others, may see crypto speedups as a result
- Code cleanup, reduce number of JNI calls
- Merge dup cases
- Tab removal
- Javadocs
- Prep for future enhancements by refactoring to a state machine model
- Reduce object churn; use SimpleByteCache
- Synchronization
- Define some constants
- More finals
- Log tweaks
- Forward port from trunk: Don't send HTML-only headers for icons (2nd try)
- Consolidate HTML header code
- Set no-cache headers
- Don't set HTML headers for redirects
- Move from core to RouterKeyGenerator in router.jar
- Leave RoutingKeyGenerator as a simple abstract class
- DatabaseEntry now uses timestamp instead of mod data
to determine if mod data has changed. Don't expose
mod data to DatabaseEntry any more.
- I2PAppContext.routingKeyGenerator() now returns null;
you must be in RouterContext to get a generator.
- Add ACKBitfield.highestReceived() for efficiency
- Only write as many partial bitfield bytes as required,
rather than 10 (for 64 bits) every time.
- Don't allow more than 10 bytes when reading in bitfield
- Don't send an extra byte if (fragments % 7) == 0
- Don't send a corrupt ack packet if the partial ack got completed (race)
- Log tweaks
Fix SSU Output Queue errors due to races with PacketBuilder:
- Remove all buffer caching as it can't be made thread-safe.
Just allocate buffer in constructor and let GC handle it
- Do fragmenting in constructor and make all fragment fields final
- Don't track per-fragment retransmissions as it wasn't used
- Move ack tracking from an array to a long
- Sync all ack methods
- Entire class now thread-safe (thx dg)
This has always been in the spec and implemented in the receive side
since the beginning, so it is compatible with all versions.
- Switch preparePackets() return value from a "sparse array" to a list
- UDPPacketReader cleanups
- UDPPacket javadocs
- Cycle through downloaded/size sorters
- Cycle through uploaded/ratio sorters
- Fix ratio comparator
- Display ratio when sorted by ratio, and on details page (ticket #1298)
- Better handling of unsupported encryption in destinations
- Implement handling of unsupported encryption in router identities
- Banlist forever all RIs with unsupported encryption
- New negative cache of all dests with unsupported encryption
- New methods for destination lookup that will succeed even if
the LS is expired or encryption is unsupported
- Use new dest lookup so client will get the right error code
later, rather than failing with no LS when we really got it
but just couldn't verify it.
- Cleanups and javadocs
OCMOSJ: Detect unsupported encryption on dest and return the correct failure code
through I2CP to streaming to i2ptunnel
Streaming: Re-enable message status override, but treat LS lookup failure
as a soft failure for now.
HTTP Client: Add error page for unsupported encryption
- Verify crypto key pair in LS
- Verfiy same dest as before in LS
Router: Don't try to use an unavailable sig type for the router,
even if it's the default
RouterInfo: Work around unsupported raw signatures for
RI Ed25519 sig type
Router:
- Use eepPriv.dat format for router keys file (thx orignal)
- Consolidate router keys readin code
- Update killKeys file list
RouterPrivateKeyFile: New extension to add getRouterIdentity()
- New router.sigType config
- Generate / regenerate router keys based on config
- New router.keys2 file format for sig types and padding
- Fix RouterInfo.readBytes() signature verification with sig types
- Catch unset padding in KeysAndCert.writeBytes()
- Catch key errors in ReadRouterJob
- Show RI sig type on /netdb in console
- Move some things from Router to startup classes
- Startup classes package private
- Buffer readin of key files
- Remove configurability of router.info and router.keys file locations
- Add local SSL support for std. and IRC client tunnels (ticket #1107)
Keystore goes in ~/.i2p/keystore; pubkey cert goes in ~/.i2p/certificates/i2ptunnel
- Escape messages to index page
- Show message for uncaught exception
- Don't filter create torrent form, and
fix exception on ':' in file names (ticket #1342)
- Don't remap file names on torrents we created, and
save remap setting in torrent config file (tickets #571, 771)
- Escaping fixes since names may not be remapped
- Use better encodePath() from Jetty
- Don't say create torrent succeeded when it didn't
- Add more sanity checks for torrent creation
XSSFilter patch from str4d:
XSSFilter and XSSRequestWrapper were from http://ricardozuasti.com/2012/stronger-anti-cross-site-scripting-xss-filter-for-java-web-apps/
No provided license, but it is clearly intended for public consumption.
But most of it is boilerplate provided by the Servlet Filter system.
In fact, now that I have stripped out his JS-specific patterns and replaced it with the whitelist,
it is effectively identical to what I would have written from scratch.
- Don't spawn a thread for each transmitted datagram
- Set protocol field for raw and signed datagrams
- Enforce a 60s timeout for HELLO
- Use naming service cache to reduce Destination object churn
- Get Log object from the log manager
- Log spelling fixes
- Redefine the repliable datagram signature for non-DSA_SHA1 sig types;
was the sig of the SHA-256 of the payload, now the sig of the payload itself.
This is an incompatible change but nobody is yet using the new
sig types for datagram applications.
- Don't pollute the hash cache with hashes of payloads
- Check for too-big datagrams
- Remove assertion check
- Cleanups
I2PAppContext will return the dummy SessionKeyManager which
is sufficient for non-tag uses (e.g. Bote).
Client use of end-to-end encryption using SessionTags was
disabled in release 0.6, 2005-07-27.
Removing reseed host after request.
From: pkol <pkol@mail.i2p>
To: Meeh <meeh@mail.i2p>
Subject: Reseed server shutdown
X-Mailer: smtp.postman.i2p - Official I2P Mailer
Hi meeh,
I wanted to announce the discontinuation of my reseed server
(reseed.pkol.de) at the end of July/beginning of August.
Thanks for your support during the initial setup.
Cheers
pkol
- Catch numerous decoding errors that were previously misdecoded (ticket #1318)
- Improve decoding efficiency, reduce copies
- encode(String) now uses UTF-8 encoding
- decode() now accepts short strings without trailing '='
- whitespace in decode will now cause an error, was previously ignored
- Cleanups
- Windows: x86 and x64 versions self-compiled with VS2010 in
Windows 7. The icon has been changed from Tanuki's default to Itoopie.
- Linux ARMv6: Compiled on a RaspberryPi using gcc 4.6.3-14+rpi1,
Oracle Java 1.7.0+update40 and stripped
- All other binaries are from the "community edition" deltapack offered by
Tanuki.
- Add SIGNATURE_TYPE support to GENERATE and CREATE
- Don't NPE checking dest+privkeys
- Simplify HELLO checking
- Don't require two params in HELLO message
- Make MIN parameter optional too
- Version checking fixes
- Bump version to 3.1, only visible if requested
- Cleanups, javadocs
Version handling (ticket #1318)
- MAX param now optional
- 1-digit versions now accepted for MIN and MAX
- Use VersionComparator for version tests
- Don't require a minor version of 0
- Fix empty properties check
- Overrides
- Prep for version 3.1
Throw exception on null option key (ticket #1325)
- Display webapp name in html title (ticket #1311)
- Use tracker from magnet link in display (ticket #1313)
- Clarify auto-start (ticket #1293)
- Include tracker in magnet link on details page (ticket #964)
- Recognize .azw4 extension as ebook
- Cleanups
- This came from the script from Tanuki but it does return useful information
(as far as its use in the script) in my testing. uname -m is better for our
needs. (The problem is only seen on certain CPUs when *all* available wrapper
binaries are present and the script tries to resolve the correct binary to use..
The last-modified date was getting updated even when
the server returned e.g. 503, preventing routers from
getting the latest file on a subsequent fetch.
required to precompile jsps with tags (SusiDNS and Bote).
As of 6.0.39, these utils are required but they are not bundled
in the Tomcat deployer package, the main package is required.
This checkin has only the classes required from the jar.
* OCMOSJ:
- Increase timeout if we must lookup leaseset
* Streaming:
- Shorter expire time in TCBCache
- Don't fail a connection once it is up
- Log tweaks
- Store seed/leech status in DHT tracker (ticket #1280)
- Increase max received DHT nodes (Vuze sends more than K)
- Recognize not-registered message from diftracker
- Fix bug in DHT unannounce()
- Respond to get_peers with an empty peers list instead of
a nodes list if the requester was the only peer (ticket #1279)
- Fix sendError() (still unused)
- Display custom error pages for I2PSocketExceptions (ticket #788)
- Tag I2PSocketException text for translation (no bundles yet)
- Move methods from superclasses to I2PTunnelHTTPClientBase
- Fix connect client error pages, but they aren't displayed anyway
- Don't start I2PTunnelRunner threads in constructor (ticket #973)
- Synch close() in I2PTunnelServer
- Cleanups and javadocs
- Clean up and reuse MessageState for asynch notification
- New I2PSession sendMessage() method and listener
- Move VerifyUsage from SimpleScheduler to SimpleTimer2 for efficiency
- Fix up javadocs
Router side:
Store message nonce in ClientMessage, so we may send
a MessageStatusMessage with a failure code to the client
without sending an ACCEPTED MessageStatusMessage first.
All MessageStatusMessages sent in response to outbound messages will now have a valid nonce.
- Locking fixes on peer testing
- More locking fixes on rebuilding address
- Slow down peer test frequency, esp. when firewalled
* Transports:
- Deprecate unused recheckReachability()
- Add locking for disk cache
- Remove cancel button from login page
- New configuration page
- Move set page form to configuration page
- Theme and folder js enhancements
- Wrench icon from Silk, same license as the others
- Send delete to server for mails already downloaded
- Fix idle closer waiting for deletions
- Add tooltips for icons
- Add new options to properties resource
- Add feedback when reload config button pushed (ticket #1158)
- Reset page size when config reloaded
- Remove max page size limit
- Show page nav buttons on bottom too if page is big
- Set title to subject on message view
- Log tweaks
- Move delete and confirmation button in folder view to bottom left,
page size form to bottom right
- Attachment finals and cleanup
- Increase max size for full download again
- Fix repeated re-saves of mail to disk
- Enable auto-deletion of downloaded mails
- Consolidate check box processing
- Button spacing tweaks
- Add raw attachment download method
- Display image attachments inline
- Don't rezip certain attachment types, just offer link
- Handle attachment sending directly, don't put ref in session
- Add background mail checker, not yet enabled
- Add idle timeout connection closer
- Rely on idle checker for most delayed deletions
- Cleanup resources better when shutting down session
- Don't add deleted mails to folder, caused errors after deletions
- Set socket soTimeouts so things don't hang forever
- Display errors after check mail button pushed
- More IOE debug logging
- Fix HeaderLine decoder going past the headers,
which was causing corruption in forwarded mails
- More efficient output buffer allocation in HeaderLine decoder
- Load all mails from disk at startup
- Add offline mode
- MailCache now has the total UIDL view
- Copy silk folder icon from snark to console for use by susimail
- Show sender name in folder view
- Add support for configured sender name
- Add HTML escaping of '&'
- Fix Folder sorting so UP is up and DOWN is down
- Use replace() instead of replaceAll() where appropriate
- Fix capture by show page after back button
- Pipeline all deletes and quit
- Don't reconnect after delete and quit
- Verify connected before each POP3 operation
- Null check in comparators
- Don't clear messages if a reconnection fails
- Use locale-based sorting for strings
- Increase limit for full fetch again
- Increase default page size back again
- Add MailPart constructor, make fields final
- Add ReadBuffer constructor, make fields final
- Move decoding to MailPart method
- Setters/getters for Mail header, body, part
- Classes package private
- Finals, constructors
- Don't require an attachment to be "uploaded" to send it
- Move delete attachment button, hide if no attachments
- Icon for delete attachment button
- Fix html error in bccToSelf input
- Don't store encoding class names in config
- New susimail.debug setting in config
- Use DataHelper to load config file
- Close any open POP3 socket when session is unbound
- Don't keep returning user to compose page (ticket #1252)
- Add javascript capture of back button from compose page
- New reply button icon (from Silk, same license as the others)
- Save BCC-to-self preference in the session
- Tweak the BCC-to-self layout
- Fix date format in reply
- CSS padding in inputs
- Flush writes in SMTP
- Don't wait for SMTP response after QUIT
- Translate the "login failed" message
- Show "no messages" in folder view if none
- Message view attachment cleanups
- Fix the message view layout in CSS
- Pipeline USER and PASS to save a round-trip at startup
- Better synchronization in POP3
- Properly de-byte-stuff in POP3
- Flush writes in POP3 for speedup
- Remove unnecessary caching in POP3, this is handled in MailCache
- More efficient handling of POP3 server responses
- Remove 60s timeout for fetching a message,
so retrieval of large messages doesn't fail
- Don't allow line breaks in date/time or size in folder view
- Use DataHelper.formatSize2() for message size
- Identify susimail log messages in wrapper
- Debug log tweaks
- Increase max size of mails that are fetched in full,
previous limit was so small it never happened.
- Move page nav to top of folder view, hide if only one page
- Put message nav buttons on second line
- Refuse to send mail with no "to"
- Reduce default page size as it slows startup
- Remove unnecessary casts
- Right justify some input fields
- Pass DSRM hashes through IMD to ILJ for client tunnels too
- Query unknown DRSM hashes in ILJ without looking up
when using client tunnels; look up after querying
when using expl. tunnels to speed things up
- Don't look up banlisted hashes
- Check 'from' hash in DSRM against list of peers sent to
- Don't query an unknown peer through a zero-hop OB tunnel
- Log tweaks
Extend expiration of returned message in IMD
- Look for DeliveryStatusMessages beyond the message expiration,
so we don't throw out a tagset that gets acked late
- Allow re-adding of a "failed" tagset to the SKM
- Extend max message age in MessageValidator
- Remove unused and confusing timeout param when registering a selector
- Log tweaks, javadocs, cleanups
start of a connection (ticket #1187)
* NTCP:
- Lower send priority of the RI at exchange
- Bob will now send his RI even if he doesn't have Alice's
- Send RI again sooner on long-lived connections
- Replace BC MD5 with JVM version, refactor I2PHMAC to use
MessageDigest instead of BC Digest (ticket #1189)
- Use JVM HmacSHA256 instead of I2PHMAC for Syndie since it is standard
- Move backup news to psi.i2p
- Move default addressbook subscription to i2p-projekt.i2p
- Remove www.i2p2.i2p from default update lists
- Add psi.i2p to hosts.txt
- Update links on help pages to avoid redirects on new website
and select the correct language
* SusiDNS: Fix whitespace issues
- Convert to getopt (ticket #1173)
- New option -e for hashcash effort, instead of -h with optional arg
- Stub out -t option, to be propped from ecdsa branch
Will require manual merge with ecdsa branch...
- Convert to getopt (ticket #1173)
* EepHead, PartialEepGet:
- New option -c for clearnet (no proxy), same as -p:0
- New option -o, same as EepGet
- Proxy option -p with host name arg only (no ':') now allowed
- Add proxy auth support with -u and -x options (ticket #1173)
* EepGet:
- Catch error in -h option
- Cleanups
- Convert to getopt (ticket #1173)
- New option -c for clearnet (no proxy), same as -p:0
- Proxy option -p with host name arg only (no ':') now allowed
- Proxy password option is now -x, not the second arg to -u
- Prompt for proxy password if not supplied in options
- Line length option is now -l, not the second arg to -m
- Error on nonproxied .onion hosts
- Update man page, sort options (ticket #1173)
except for the following which are used by android,
to maintain compatibility with very old phones, for now:
addressbook.war
BOB.jar
i2p.jar
i2ptunnel.jar
mstreaming.jar
router.jar
streaming.jar
- Update to Jetty 8.x, Servlet 3.0, JSP 2.2
- Require Java 6
- Use Servlet and JSP jars from Jetty instead of Tomcat
- Tomcat remains at 6.0.37 supporting Servlet 2.5 / JSP 2.1
- Remove Jetty dependency in console error pages
- Build files for Jetty 8.1.14
- Doc updates
- Delete Jetty 7.6.14
- Jetty 8.1.14 not yet checked in,
waiting to see if a new version is released soon,
but build will download it for testing
- Set ports on many packets that were missing them
- Use connection throttling methods on pings too (ticket #1142)
- Add methods to set ports on pings
- Argument checking on ping methods
(ticket #1173)
This is Java getopt 1.0.14 (released 2012/02/08)
Source was retrieved from https://github.com/arenn/java-getopt
Previous version 1.0.13 (released 2006/08/29)
is available at http://www.urbanophile.com/arenn/hacking/getopt/
Copyright (c) 1998 by Aaron M. Renn (arenn@urbanophile.com),
LGPL v2.
Include the small translation files, add to build.xml and to .tx/config
Fixes:
Simplified Chinese
MessagesBundle_chs.properties renamed to MessagesBundle_zh.properties
Traditional Chinese
MessagesBundle_cht.properties renamed to MessagesBundle_zh_TW.properties
Norwegian Bokmaal
MessagesBundle_no.properties renamed to MessagesBundle_nb.properties
- Add SessionID to HostLookup/Reply messages, for future
use when we have multiple sessions
- New SessionID constructor w/ value
- Throw IAE on invalid SessionID values
- Bump all comments from 0.9.10 to 0.9.11
- Add clientAppManager() to I2PAppContext so it can be used there
- Add routerAppManager() to RouterContext for convenience inside router
Start of SSL support in I2PTunnelHTTPClient
- Add initialSocketData support back to I2PTunnelOutproxyRunner
- Works for orchid (and in-net?)
- TODO Doesn't work for in-net proxy
- Need separate config for SSL proxy
- Add setting in i2ptunnel server edit page
- Comment out cert setting on i2ptunnel server edit page
- Show key type on susidns details page
- Show key type on LS debug page
- Support i2cp.destination.sigType option in TunnelController and
I2PSocketManagerFactory
- Fixup of Destination.create() and Destination.size()
- Add generic off/len methods in DSAEngine, needed for streaming
- Fixup of sign/verify in streaming Packet
- Javadocs
of signing keys and signatures in RouterIdentities and Destinations.
Untested, not even for regressions, except with command line
using PrivateKeyFile.
Based on preliminary spec at http://zzz.i2p/topics/1442?page=1#p7524
Not done:
- Transport handshake signing
- Configuration of default type
- Specification of type in options to I2PSocketManagerFactory
- Specification of type in i2ptunnel
- Fix up caching of SigningPublicKey and P256 key cert
- Any non-default crypto type in the key cert
- Documentation
- Refactor file deletion in prep for better file name handling (ticket #571)
- Don't use canonical files in directory listings,
for speed and to avoid file comparison problems (tickets #1079, #1148)
- Set base file/dir in Storage constructor, make final,
in prep for arbitrary locations (ticket #1028)
- Add support for b64 conversion in destLookup()
- Catch invalid message length sooner
I2Ping:
- Extend I2PTunnelClientBase so non-shared-client,
I2CP options, and other features will work
- Fixes for fields and threading
Streaming:
- Send LS with ping (broken since 0.9.2)
- Set the NO_ACK flag on pings and pongs
- Add support for hostname lookups over I2CP with new
HostLookup and HostReply messages.
- Move username / password from CreateSession
to GetDate for early authentication;
this is an incompatible chage.
Outside router context with authentication enabled,
new clients will not work with old routers.
Early authentication is not yet enforced, enable with
i2cp.strictAuth=true. Will change default to true in a later release.
- Block all actions before authentication.
- Better disconnect messages to clients for diagnostics
- Improve lookup command, add auth command in i2ptunnel CLI for testing
- Don't start ClientWriterRunner thread in constructor
- Don't flush in ClientWriterRunner unless necessary
- Send GetDate even in SimpleSession outside of RouterContext
- Improve SetDate wait logic to reduce locks and break out when
Disconnect received
- Add Disconnect handler to SimpleSession
- I2Ping cleanups
- Javadocs
- Move config file and DHT persistence file to a config dir
- Move per-torrent configuration from "zmeta" in the main config file
to a per-torrent config file (ticket #1132)
- Split timestamp and bitfield into separate configs
- Fix misspelling of autoStart config
- Remove two unused SnarkManager methods
- Just before midnight, flood to new location too so lookups
don't fail after keyspace rotation (ticket #510)
- Refactor RoutingKeyGenerator and UpdateRoutingKeyModifierJob
in support of the above
- Display next key on LS debug page
- Increase new kad size to K=24, B=4
- Fix router count by counting in the data store, not the kbuckets
- Randomize the order we load router infos at startup so we
don't bias the kbuckets
- Move KBucketSetTest to new directory
- Fix testSelf() as new implementation will never include myself
- Delete KBucketImplTest, not applicable/useful now
Next todo: port KBSTest from i2p.zzz.kademlia branch
- Move net.i2p.kademlia package from i2psnark to core, and convert
netdb to use it.
- Delete old implementation in netdb
- Fixups in netdb for generics
- Add debug output to /debug
This is the next step in the development plan, in which we previously:
- Copied the code from netdb to the i2p.zzz.kademlia branch, fixed it,
and made it generic for hash size (June 2012);
- Moved it from the i2p.zzz.kademlia branch to the i2p.i2p.zzz.dhtsnark
branch, and implemented KRPC with it (June 2012);
- Propped it from i2p.i2p.zzz.dhtsnark to trunk for 0.9.2 (July-Sept. 2012);
- Proved it out in 0.9.2 - 0.9.9 (Oct. 2012 - Nov. 2013)
The plan was to maintain the KBucketSet public methods throughout the development
so we could drop the new version back into netdb, so here we drop it in.
Setting of K=16, B=3 is just an initial guess, to be reviewed.
This moves about 18 KB from i2psnark.jar to i2p.jar and removes about 12 KB from router.jar.
Unit test fixup: todo.
a client socket manager configured with i2cp.newDestOnResume,
or a shared client.
This prevents lots of orphaned StreamingTimer threads.
There are still cases where these threads may stick around,
when a tunnel is stopped but not restarted. We don't know in
some cases when a tunnel could be restarted and when it can't.
destroySocketManager() should always be called when discarding a
SocketManager but i2ptunnel doesn't do that now. More to do,
but this fixes the most common case of leaked threads.
Related tickets: ##642 #961
This will improve network capacity.
Apparent problems with lower limits were actually due to
unrelated bugs that were fixed by 0.9.8.1-22.
This can go lower still; I've been testing 33% without issues.
- Windows: Self-compiled with VS2010 in Windows 7. The icon has been
changed from Tanuki's default to Itoopie.
- Linux ARMv6: Compiled on a RaspberryPi using gcc 4.6.3-14+rpi1,
Icedtea6 6b27-1.12.5-1+rpi1 and stripped
- All other binaries are from the "community edition" deltapack offered by
Tanuki.
- Put garlicked DSM messages in the InNetMessagePool instead of handling directly,
so the IterativeSearchJob will see the response and declare success.
Only affected LS lookups as we do not request encrypted replies for RI lookups.
Similar to the fix for verifies 6dc5bed94321ae2b290cfe351511d18465e08f91
This bug was causing initial lookups to fail but subsequent ones to succeed.
Broken since 0.9.7 when encrypted replies was introduced.
Ticket #1125
- Fix several 'increment of volatile is not atomic' all over
Remaining: UDP PeerState.java, to be checked in separately
- Comment out all of unused MessageStateMonitor
- Reject type 3 (undefined) delivery instructions at both OBEP and IBEP,
would be treated as LOCAL
- Reject type 0 (LOCAL) delivery instructions at OBEP, no current usage,
would cause NPE if handled
- Increase threshold for idle timeout reduction from 33% to 60%.
This was reduced from 75% to 33% in -10 and it caused significant
tunnel build problems, for reasons that aren't entirely clear.
- Don't change the SSU idle timeout quicker when firewalled.
- log tweaks
- Build a new exploratory fallback tunnel in the BuildExecutor
loop if we run out.
- Don't use closest expl. tunnel as the paired tunnel for a build,
use a random one instead (partially back out change from -12)
- Log tweaks
- Don't discard an encrypted DSRM received
down a tunnel, just strip the hashes like we do for unencrypted
- Send a store of our own encrypted LS received down a tunnel to
the InNetMessagePool so the FloodfillVerifyStoreJob will see it.
* NetDB: Fix LS store verifies with encrypted replies
by storing the tagset with the correct SKM for the inbound tunnel used.
Broken since 0.9.7 when it was introduced.
change, by querying the config instead of StatSummarizer to
determine if a stat is graphed.
- Don't append to a string in a loop
- parseConfig() return a Set instead of List to avoid O(n**2) behavior
when deteriming config changes
- Don't use fallback expl. tunnels as the paired tunnel
for a client tunnel build.
This will cause more client tunnel breakage but it's
really bad to use a zero-hop for this.
- Fix selection of an expl. tunnel close to a hash
- Don't update build generation stat if the generation failed
- log tweaks
- Check blacklist/whitelist before connection limits, so
a blacklisted peer does not increment the counters
- Don't increment total throttle if peer is throttled
- Fix blacklist NPE after config change (ticket #1070)
Route connections to specific targets based on incoming I2P port
with custom option targetForPort.xxxx=myserver:yyyy
This allows multiple services on a single server tunnel (ticket #1066)
- Allow host:port targets; set defaults in i2ptunnel.config (ticket #1066)
- Don't fail start if hostname is unresolvable; retry at connect time (ticket #946)
- Output IRC message on connect fail
- Update target list on-the-fly when configuration changes
move cert location to certificates/i2cp.
* I2PTunnel: Support SSL for connection to local server
for Standard, HTTP, and IRC server tunnels.
Put server cert in certificates/i2ptunnel if necessary.
- Make I2PSocketFull.close() nonblocking; it will now cause any user-side
writes blocked in I/O (Connection.packetSendChoke()) to throw
an exception (tickets #629, #1041)
- Don't ignore InterruptedExceptions; throw InterruptedIOException
- Back out static disconnect exception
- MessageInputStream locking fixes
- Cleanups
I2PSnark:
- Close socket before closing output stream to avoid blocking in
Peer.disconnect(), and prevent Peer.disconnect() loop
- Combine getPeers and announce into a single method, as we must announce to
the closest from the getPeers, not the closest from the kbuckets
- Stop getPeers when nothing closer is found
- Increase dest lookup and search timeouts
- Increase max search depth
- Loop tracker client faster when in magnet mode
- Loop tracker client faster if DHT announce fails
- Don't return an empty peers list if we only know about the requestor
- volatiles, log tweaks
- Major fixes of getPeers() to follow
to branch 'i2p.i2p' (head a1c2ba4663abc7470f427c6a14854707d58b486a)
Prop from branch i2p.i2p.zzz.ecdsa:
* Build:
- Generate su3 file in release target
- Add zzz's new RSA 4096 pubkey cert for updates
- Fix checkcerts.sh
* Console: Move advanced setting to HelperBase
* DSAEngine changes:
- Implement raw sign/verify for other SigTypes
- Add sign/verify methods using Java keys
* ECDSA Support:
- Add ECConstants which looks for named curves and falls back to
explicitly defining the curves
- Add support for ECDSA to SigType, DSAEngine and KeyGenerator
- Attempt to add BC as a Provider
- genSpec: fallback to BC provider
* EepGet:
- Fix non-proxied PartialEepGet
- Prevent non-proxied eepget for an I2P host
* KeyGenerator changes:
- Generate key pairs for all supported SigTypes
- KeyPairGen: Catch ProviderException, fallback to BC provider
- Add KeyGenerator main() tests
* KeyRing and DirKeyRing added: simple backend for storing X.509 certs
* KeyStoreUtil added:
- Consolidate KeyStore code from SSLEepGet, I2CPSSLSocketFactory,
SSLClientListenerRunner, and RouterConsoleRunner into new
KeyStoreUtil and CertUtil classes in net.i2p.crypto (ticket #744)
- Change default to RSA 2048 (ticket #1017)
- Set file modes on written keys
- Overwrite check in createKeys()
- New getCert(), getKey()
- Extend keygen max wait
- Read back private key to verify after keygen
- Validate cert after reading from file
- Validate CN in cert
- Specify cert signature algorithm when generating keys
* NativeBigInteger: Tweak to prevent early context instantiation
* RSA support added: constants, parameters, sig types, support in DSAEngine, KeyGenerator, SigUtil
* SHA1Hash: Add no-arg constructor
* SigType changes:
- Add parameters (curve specs) to SigTypes
- Add getHashInstance()
- Add RSA, fix ECDSA
- Renumber, rename, comment out types that are too short.
* SigUtil added:
- Converters from Java formats (ASN.1, X.509, PKCS#8)
to I2P formats for Signatures and SigningKeys
- Move ASN.1 converter from DSAEngine to SigUtil, generalize
for variable length, add support for longer sequences,
add more sanity checks, add more exceptions
- Move I2P-to-Java DSA key conversion from DSAEngine to SigUtil
- Add Java-to-I2P DSA key conversion
- Add Java key import
- New split() and combine() methods
* SSLEepGet: Move all certificates to certificates/ssl, in preparation
for other certificate uses by SU3File
* SU3File changes:
- Support all SigTypes
- Implement keygen
- Readahead to get sigtype on verify, as we need the hash type
- Enum for content type
- Add unknown content type, make default
- Fix NPE if private key not found or sign fails
- Store generated keys in keystore, and get private key from keystore
for signing, in Java format
- Use Java keys to sign and verify so we don't
lose the key parameters in the conversion to I2P keys
- Type checking of Java private key vs. type when signing
- Use certs instead of public keys for verification
- Fix arg processing
- Improve validate-without-extract
- New extract command
- Change static fields to avoid early context init
- Reduce PRNG buffer size for faster signing
* Update: Preliminary work for su3 router updates:
- New ROUTER_SIGNED_SU3 UpdateType
- Add support for torrent and HTTP
- Refactor UpdateRunners to return actual UpdateType
- Deal with signed/su3 conflicts
- Verify and extract su3 files.
- Stub out support for clearnet su3 updating
- New config for proxying news, separate from proxying update
- PartialEepGet and SSLEepGet tweaks to support clearnet update
- Remove proxy, key, and url config from /configupdate
- More URI checks in UpdateRunner
- Add https support for news fetch
- Add su3 mime type
- Reset found version in update loop so we don't fetch from
the next host too.
- Prevent NPE on version after SSL fetch
- Reset found version in update loop so we don't fetch from
the next host too.
- Prevent NPE on version after SSL fetch
- Fix su3 version check
* EepGet:
- Fix non-proxied PartialEepGet
- Prevent non-proxied eepget for an I2P host
- Fail if no hostname in URL
- Stub out support for clearnet su3 updating
- PartialEepGet and SSLEepGet tweaks to support clearnet update
- Remove proxy, key, and url config from /configupdate
- More URI checks in UpdateRunner
- Add su3 mime type
- Move advanced setting to HelperBase
- Prevent multiple calls or reentrancy in disconnect() (ticket #1041)
- Implement processing of close to skip TIME-WAIT, and
wait for all packets to be acked (not just the CLOSE) before
doing so, if possible (ticket #1042)
- Don't call disconnect() or disconnectComplete() from I2PSocketFull.destroy()
so retransmissions and acks can still happen (removes some close loops)
- Don't call disconnect() until we have both sent and received a CLOSE (ticket #1040)
- Don't reset the connection from CPH just because we sent a CLOSE
and it was acked (ticket #1040)
- Ack packets even if we sent a CLOSE (ticket #1040)
- Retransmit CLOSE if not acked (ticket #1040)
- Send received packets to the MessageInputStream even if we haven't received a SYN
- Don't call MessageInputStream.messageReceived() for ack-only packets, that was pointless
- Don't send a RESET after timeout of an outbound connection
- Work around bugs on other end by limiting retransmission of CLOSE packets
- Make _isInbound final
- More cleanups, javadocs, log tweaks
- Cleanups
- Remove setCloseReceivedOn(), unused outside Connection
- OR the isFlagSet parameter instead of multiple calls
- Remove acked packets from _outboundPackets inside synced iterator
- Short-circuit _outboundPackets iterator if empty
- Small optimization if not logging in ConnectionPacketHandler
- Stub out processing of close ack (ticket #1042)
- new ROUTER_SIGNED_SU3 UpdateType
- Add support for torrent and HTTP
- Refactor UpdateRunners to return actual UpdateType
- Deal with signed/su3 conflicts
- unpack/verify stubbed only
This solves the following problem which was found on OpenBSD:
bundle:
[exec] Generating net.i2p.desktopgui.messages_ar ResourceBundle...
[exec] ERROR - msgfmt failed on locale/messages_ar.po, not updating translations
[exec] msgfmt: Java compiler not found, try installing gcj or set $JAVAC
[exec] msgfmt: compilation of Java class failed, please try --verbose or set $JAVAC
[exec] 9 translated messages.
In OpenBSD 5.4, neither java nor javac are in the PATH.
- check status of i2psvc with ldd
- only warn about libiconv in FreeBSD if the package isn't installed. In recent
versions of FreeBSD, OpenJDK depends on libiconv so it should always be
available.
- SU3File better arg processing, implement content type arg
- Type checking of Java private key vs. type when signing
- Add unknown content type, make default
Specify RSA parameters
Add RSA sig types
Specify cert signature algorithm when generating keys
Extend keygen max wait
Catch NPE if sign fails in SU3File
Fix signature conversion for RSA
Fix public key conversion for RSA
- enum for content type
- fix NPE if private key not found
- use certs instead of public keys for verification
- improve validate-without-extract
- new extract command
Consolidate KeyStore code from SSLEepGet, I2CPSSLSocketFactory,
SSLClientListenerRunner, and RouterConsoleRunner into new
KeyStoreUtil and CertUtil classes in net.i2p.crypto (ticket #744)
- KeyGenerator: Measure sign and verify separately in test
- SU3File: Start to support other SigTypes
- SigType: Add getHashInstance(), fix hash length for ECDSA_SHA256_P192
- SHA1Hash: Add no-arg constructor
Rebuild router identity if key length doesn't match setting.
This affects RI and LS encryption keys, and DH and YK.
Faster = 64 bit with working jbigi, non-ARM, non-GNU (for now)
Override default with crypto.elGamal.useLongKey=true/false
LS key is built at client startup (Dest key unused)
This will churn most of the RIs at the release.
* SystemVersion: Add isARM()
- Add ECConstants which looks for named curves and falls back to
explicitly defining the curves
- Add SigUtil with converters from Java formats (ASN.1, X.509,
PKCS#8) to I2P formats for Signatures and SigningKeys
- Move ASN.1 converter from DSAEngine to SigUtil, generalize
for variable length, add support for longer sequences,
add more sanity checks, add more exceptions
- Attempt to add BC as a Provider
- Add parameters (curve specs) to SigTypes
- Add support for ECDSA to DSAEngine and KeyGenerator
- Add KeyGenerator main() tests
- More javadocs
All is Java 1.5 compatible but the actual algorithms, curves,
and other support aren't necessarily present in any JVM.
Todo: More tests, more fallbacks for various JVMs
- French, Portugeuse, Russian, Spanish, and Turkish updates from Transifex
- Start of Romanian translation from Transifex
- Update English POs for sending to TX
* Debian: Update changelog
- Windows: Self-compiled with VS2010 in Windows 7. The icon has been
changed from Tanuki's default to Itoopie.
- Linux ARMv6: Compiled on a RaspberryPi using gcc 4.6.3-14+rpi1,
Icedtea6 6b27-1.12.5-1+rpi1 and stripped
- All other binaries are from the "community edition" deltapack offered by
Tanuki.
Streaming RTO changes:
apps/streaming/java/src/net/i2p/client/streaming/ConnectionOptions.java
apps/streaming/java/src/net/i2p/client/streaming/TCBShare.java
apps/ministreaming/java/src/net/i2p/client/streaming/I2PSocketOptionsImpl.java
new reseed:
applied changes from dbfea0ca35dbf9df85b5703db6f97a9579beb364
through 325a9ed6f0f47eeabb33710073edf973671c63c9
disable RI verifies:
applied changes from 4ef48b93946923e3371ab62719a474d869520697
through a77990850b3534101571c88db4704676645914df
i2prouter bashism fix:
applied changes from b5a0148f96728466561ece9be0e50ac9ad3f1468
through e301d0499f4c688ed3a5febe30bf8098c7f2cdf9
i2psnark increase max piece size, mime type updates:
apps/i2psnark/java/src/org/klomp/snark/Storage.java
apps/i2psnark/java/src/org/klomp/snark/web/I2PSnarkServlet.java
apps/i2psnark/mime.properties
UPnP fix:
applied changes from 3d4a5cd3d933f75fdff7696f560c569f4674bd73
through 75e5f5d4e0f0dd44140908bb6e73830e3448bdde
- Prep for new signature algorithms; new SigType enum;
Signature, SigningPublicKey, SigningPrivateKey store type
- New Hash384 and Hash512 classes
- Remove length field in SimpleDataStructure
- New SU3File generator/verifier/extractor
- Prefer IPv6 by default
- Fix IPv6-only option
- Don't try NTCP IPv6 addresses unless we have one
- Fix non-%16 SSU padding in data and session confirmed packets; enable by default
- Log tweaks
- Don't delay the refiller if we need more (don't limit max output)
- Add FortunaRandomSource.main() to output to stdout for testing e.g. with dieharder
- Move more cleanups to finally block
- Bounded wait
- Don't ignore InterruptedExceptions, wrap in I2PSessionException and throw
- More finals
- Synch tweaks
- Tag initialNews.xml for TranslateReader
- Drop static translated initialNews pages
- Add new routerconsole bundle for the news alone, shipped in the jar
- Use TranslateReader in HTTP proxy for initial news
- Initial translations created manually from translated xml filesx
- Add translated proxy error pages and initial news to deletelist.txt
TODO: ar translation fails checkpo.sh
- New varargs method in Translate
- New TranslateReader to translate static files on-the-fly using _("") tagging
- Tag proxy error pages for TranslateReader
- Drop static translated proxy error pages
- Add new i2ptunnel bundle for the proxy alone, shipped in the jar
- Use TranslateReader in HTTP proxy for error pages
- Move HTTP proxy strings from the web *war) to proxy (jar) bundle so they will be loaded
- Initial translations created by msgmerge from i2ptunnel and routerconsole po files, un-fuzzied
- I2PSocketManagerFactory: New createDisconnectedManager(), javadocs
- I2PSessionImpl: Rewrite state management and locking, prevent multiple
connect() calls, but allow disconnect() to interrupt connect()
- I2PSimpleSession: Changes to match I2PSessionImpl
- I2PTunnelServer: Don't connect in constructor, use createDisconnectedManager()
for a final manager, finals and cleanups
Lightly tested.
Todo: I2PTunnelClientBase
- Make classes extensible for router-side test stubs
- Add router-side local-only test implementation, no full router required.
Only tested with external clients, probably doesn't work in-JVM.
- Don't start threads in ClientManager constructor
- Remove unused Reader param in ClientMessageEventListener methods
- Cleanups, volatiles, finals, javadocs
This change is required after de-parameterizing the i2prouter script. I
hardcoded the file name because the $0 variable isn't expanded (because of
single quotes). When using double-quotes (and escaping with back-slashes), the
strings weren't translated. I've decided to de-parameterize until I figure out
what the problem is.
preserve all non-standard fields (such as those created by Robert) so the
infohash doesn't change on restart, splitting the swarm.
(http://zzz.i2p/topics/1327 thx 'backup')
- Ignore padding beyond last multiple of 16 (prep for obfuscation)
- Comment out xor with 0 (version)
- Don't need to zero IV buf before overwriting
* AES:
- Decrypt speedup by XOR in place
- Log if decrypt not mod 16
- Add new I2CP RequestVariableLeaseSetMessage
- Send RVLSM if client supports it; handle on client side;
disabled by default for the moment.
- Add LeaseSet.getLatestLeaseDate()
- Check latest, not earliest, date too far in future in KNDF.validate()
- Check latest date too far in past in KNDF.validate()
- Only check gateway and tunnel ID for equality in OCMOSJ lease caching to reduce churn
- Split up KNDF.validate(RI) for efficiency, don't need to check
signature, netid, etc. before lookups, only on store
- Remove enforeNetID config
- Fix major bug causing newer leasesets to be treated as older, and not stored or published
- Increase max adjustment time of earliest lease
- TransientDataStore cleanups
- RouterInfo and LeaseSet equals() speedups
- Fix bug that kept reverse index from being updated
- Bump DB version to 3 to trigger repopulation of the reverse index
- Make metaindex final
- Add freelist check to the main() test
- Add idle detector, reduce tunnel count when idle (prep for torrent updates)
- Cancel CoordinatorAcceptor cleaner when halted
- Make PeerCoordinatorSet an Iterable
- Reduce max protocol errors to 1
- Disable unused PeerMonitorTask
- Fix debug netDb.alwaysQuery setting so it works again, and always
sends to that router first (move from FNDF to IterativeSearchJob)
- Don't reuse DLM reply key/tag
- FloodfillPeerSelector: Note unused kbucket param in javadocs
- Debug logging for encrypted DSRM/DSM
- Windows: Self-compiled with VS2010 in Windows 7. The icon has been
changed from Tanuki's default to Itoopie.
- Linux ARMv6: Compiled on a RaspberryPi using gcc 4.6.3-14+rpi1,
Icedtea6 6b27-1.12.5-1+rpi1 and stripped
- All other binaries are from the "community edition" deltapack offered by
Tanuki.
- Add support for requesting an encrypted reply
* NetDB:
- Add support for encrypted DatabaseSearchReplyMessage and DatabaseStoreMessage
in response to a DatabaseLookupMessage
* PRNG: Cleanups using Collections.singletonMap()
* Router utils: New RemovableSingletonSet
* TransientSessionKeyManager:
- Support variable expiration for inbound tag sets
- Several efficiency improvements
* VersionComparator: Add static method, use most places
This will allow overrides to be set without editing /usr/bin/i2prouter.
i2prouter may be replaced during upgrades. /etc/default/i2p will only be
changed by debconf (e.g. "dpkg-reconfigure i2p").
- Handle gzipped input data in merge tool
- Add script to generate compressed data
- Add local additions
- Add compressed data file, generated from Maxmind data fetched 2013-05-24
- Include data in installer and updater
- Update Maxmind license info, now CC-SA 3.0
- Deprecate some setters
- Add warning about setCost()
- Change cost storage from int to short
- Cost range checks
* NTCP:
- Republish even if only changing cost
* Transports:
- Sort multiple peer addresses by cost, with adjustment for local IPv6 preference
- Add default IPv6Config for ease of changing later
* RouterAddress and RouterInfo toString() cleanups; don't cache RI in _stringified
* NTCP: Fix publishing address when host specified but interface is not
* log tweaks
- Add floodfillEnabled() to NetworkDatabaseFacade so callers don't
have to cast to FNDF, and Dummy NDF will work
- Remove static FNDF.floodfillEnabled()
* SSUDemo: cleanups
- Explicitly specify shell when RUN_AS_USER is set. This allows I2P to start
under limited accounts that do not have a defined shell.
- When installing as a service, point out that I2P_CONFIG_DIR may need to be
set. I2P_CONFIG_DIR defaults to $HOME/.i2p for the user that installed I2P
and when running as a service this may not be desired.
(e.g., RUN_AS_USER=i2p & I2P_CONFIG_DIR=/root/.i2p)
(The RUN_AS_USER shell problem was spotted at https://github.com/mattias-ohlsson/i2p/blob/master/i2p.spec)
- Pass device IP back in forward port callback
- Only declare success if forwarded IP is public
NTCP: Bad bind config not fatal
GeoIP:
- Use cached IP in RouterAddresses
- Use both NTCP and SSU addresses
- Skip IPv6 for now
Blocklist:
- Add IPv6 in-memory single list
- Limit in-memory single list size
- Fix dup check in getAddresses()
support for Solaris (tested with Solaris 11 x86)
mbuild-all.sh:
- output correctly formatted file names (tested in Solaris x86, FreeBSD (x86 and x64) and Linux (x86 & x64))
- switch from echo -e to the more portable printf
- more error checking, comments
debian/patches: refreshed based on changes to core/c/*
libjcpuid-x86_64-solaris.so: built in solaris 11 x86 with
java 1.7.0_07 and gcc 4.5.2, stripped
* Start transports in a standard order to make testing easier
* When transports learn of interface addresses before being started, save them
and use them at startup
* Pick SSU random port before startListening() and have the TransportManager
pass it to NTCP before starting
* Only restart NTCP after changing addresses when necessary;
prevent thrashing at startup (ticket #459)
* Only call rebuildRouterInfo() once at startup
* More checking of min/max SSU port config
* Invalid SSU bind config no longer fatal
* Allow "true" for ipv6 config
* log tweaks
* javadocs
- Add new constructor
- Add add getHost() and deepEquals()
- Compare host string, not IP, in equals()
SSU:
- Remove all _external* fields; use _currentAddresses in super
- Big rework of externalAddressReceived(), rebuildExternalAddress(),
needsRebuild(), and replaceAddress() for multiple addresses and IPv6
- Add caching in UDPAddress
- More IPv6 flavors of utility methods
- Remove two-art replaceAddress()
* SSU Introduction:
- Document that Alice-Bob RelayRequest/RelayResponse may be IPv4 or IPv6,
but don't implement IPv6 yet.
Changes required in IntroductionManager and PacketBuilder to send Alice's
IPv4 address in the RelayRequest packet over IPv6, and to publish
IPv6 introducer IPs.
- Bob-Charlie RelayIntro must be IPv4
- Only offer/accept relay tags as Bob or Charlie if the Bob-Charlie session is IPv4
- Alice-Charlie communication must be IPv4
- javadocs
- Bind SSU to configured internal, not external, port at startup
- Use only internal ports for UPnP (getRequestedPort() fixups)
- Don't have NTCP follow frequent SSU port changes
- Don't use external SSU port for internal NTCP port
- Display internal SSU port on /confignet
- Synchronize tracking of last IP/port
- Don't accept IPv6 address changes from peers
- Remove unused getLocalAddress()
- Pkg private getLocalPort()
Peer tests:
- Use only IPv4 peer for Alice and Bob in peer tests; Charlie may be an IPv6 peer.
- Enforce IPv4 (Alice's) address inside PeerTest packet
- Change from single UDPEndpoint to a List of UDPEndpoints
- Move (single) receive queue from UDPReceiver to PacketHandler
- Multiple transmit queues (one for each UDPEndpoint/UDPSender),
select queue in PacketPusher
- Throw exception on UDPEndpoint.startup() failure
* Add new *.i2p2.de certificate
* Added backup's ressed server. (Thanks backup!)
* Temporary removing h2ik's server since he's been AWOL since 06-03-2013 and he's reseed server is down.
applied changes from 185bc62d33224812060d2f68266a029935fb710d
through 48ac112fe938c8e960413ad60f64d313a1e5c9ac
applied changes from 1194eb12084302380b4315b20e5ae0c574ce1be3
through e415e24aca895c5a1f88380b1a3946e3b49749a9
* WorkingDir: Correctly strip DOS line endings while migrating,
to fix eepsite location on 0.9.5 Windows installs (ticket #919)
applied changes from cc74155815c98674b74cd7d9abb59704005d6b85
through 40d650b134e48bdb0bb636227381c22217365c47
Implement new Main wrapper class for utility.jar, to
work around izpack ticket #162http://jira.codehaus.org/browse/IZPACK-162
which prevents us from specifying a main class as it fails on
Windows installations when a full path including a drive letter is specified
(ticket #912)
- Notify manager about all available update methods at once, so the priority
system works and it doesn't only update via HTTP
- Start router update download at startup if available
- Only check plugins when core version increases, not decreases, so we
don't update plugins when downgrading
- Limit length of URL shown on summary bar
- Limit number of torrents displayed; add previous/next page buttons
- Only register one instance with UpdateManager
- New icons from famfam/silk, same license
Date computations as performed in this script require the use of GNU date,
which is only available by default on Linux systems. With this check-in we
explicitly check for the existence of GNU date before continuing with the date
calculations.
Previous versions of this script relied on 'certtool' to print the expiration
dates but certtool isn't available by default on non-Linux systems either. The
previous check-in added support for using OpenSSL, retaining the old behavior
on non-Linux systems.
(Also a re-arrangement of the date warning logic)
- Encrypt DatabaseLookup messages out exploratory tunnels
when we already have the RI of the ff
- Don't use multiple routers from the same /16 in lookups or stores
This enables .onion domain names to be accessed by clients that are being
routed through the SOCKS tunnel by e.g. proxychains (assuming that the SOCKS
tunnel has been configured with a SOCKS outproxy that exits into Tor). If the
.onion is not mapped to an IP address, the client would attempt a DNS lookup
which would of course fail to find the .onion.
Clearnet domain names can also be mapped to IPs, but this is irrelevant as DNS
lookups work through SOCKS (via the configured outproxy).
- Use servlet path as base for config file and data directory names,
so we may have multiple instances running together
- Don't override service(), use doGet() and doPost() instead
Required due to webapp classloader changes in Jetty 7,
we can no longer access or extend Jetty classes.
- Extend javax HttpServlet instead of Jetty's DefaultServlet
- Implement BasicServlet to replace functions of DefaultServlet
- Add MimeTypes implementation to add to servlet's defaults
- Add local mime.properties file, remove checks in I2PSnarkServlet for those
we were missing
- Eliminate all use of Jetty utility classes including MimeType, Resource,
Buffer, Cache, URIUtil, ...
TODO:
- Use servlet path everywhere, so the war can be renamed
- Don't override service()
- Fix format of last-modified header to use strictest RFC 822
- Stop immediately if socket connection to proxy fails
- Don't forget lastModified/etag headers after redirect
- Note SocketTimeout API breakage for Syndie
in error.
- add jenkins.cobertura.report target. The jenkins plugin couldn't find the
sources, so I'm hoping this helps it out.
- add debug lines cobertura needs
most did not have hashCode() implementations.
These are never used as keys in a Set or Map or checked for equality.
Fixes findbugs issues (ticket #379)
- move deprecated installer-only classes (Exec, Delete, and Copy) from
i2p.jar into installer/
- replace installer/resources/fixpaths.cmd with an improved method in java
- combine the installer-only utility classes into a single jar and call the
classes from within izpack
- Prep for delivery of detailed failure codes to the client (ticket #788)
- Store session ID as an int instead of a long
- Clean up some duplicate createRateStat calls (ticket #787 comment 2)
- Other optimizations, cleanups, final
- set eol for certain files in installer targets (since editing *.config and *.xml in windows is practically impossible without an externally installed editor such as vim or notepad++ and of course we want people to be able to read the licenses if they desire...etc.)
- try to prevent user error by ensuring that the proxy/*.ht files have eol set to crlf in the prepConsoleDocs target
- trimMtnRev: create a new property with the revision trimmed to 8 characters.
- getExtendedVersion: create a new property that includes the full version with the shortened MTN revision tacked on
- debchange: automatically update debian/changelog with the I2P version. Called by the "debian" target unless the property noAutoDebchange is set.
- debian-tarball: export i2p.i2p branch to a new directory, remove the binaries like jbigi and launch4j, and create a tarball.
* move packages created by "ant debian" to ${basedir}
* add debian/changelog to .mtn-ignore since it is now automatically updated (by default).
* add *.deb to .mtn-ignore
getReleaseNumber and getBuildNumber were *NIX only targets that relied on the external tools grep, cut, awk, and tr. These targets have been rewritten to use ant features.
If someone runs "ant debian" to make installable packages, they do not need to
have their own wrapper or commons-logging jars. The PPA builds, however, do
require them. During the last release I made the mistake of overwriting my "PPA
debian/control" file with the one from MTN that did not include these
dependencies.
Also updating "debianhowto" to reflect the fact that we no longer use
Debian's/Ubuntu's Jetty pkgs since Jetty6 appears to be leaving their repos in
the near future.
The directory installer/lib/ will be removed if a 'stripped' source tarball is
required. Without the changes in this commit, removing this directory will
require hackery to be performed on the I2P source in order for any of the ant
targets to work.
The project files for jetty are in the apps/jetty folder. Dependencies will be
resolved once the project has been built normally once via e.g. "ant updater".
To import a branch of trunk into Eclipse, create a new workspace based in the
root directory of the checked-out branch, and then select "File -> Import..."
then "General -> Existing Projects into Workspace", then for "Select root
directory" choose the root directory of the branch (and of the workspace).
Select all projects that appear, so that dependencies are satisfied.
Currently left out are i2psnark, routerconsole and susimail, because they all
depend on jars in apps/jetty/jettylib, which seems to be auto-generated. Need
to check whether the existence of that folder (from having Eclipse files in it)
will prevent the jars being populated or not.
- Windows: Self-compiled with VS2010 in Windows 7. The icon has been
changed from Tanuki's default to Itoopie.
- FreeBSD: Self-compiled in FreeBSD 7.4 to eliminate the dependency on the
compat6x port and stripped.
- Linux PPC32: Self-compiled in Debian Squeeze and stripped
- Linux x86, Linux x64, Linux ARMv5, MacOSX & Solaris: Binares are from the
"community edition" deltapack offered by Tanuki. The Linux binaries have
been stripped.
These binaries are identical on 32-bit kFreeBSD, NetBSD, and OpenBSD systems.
If a corei CPU is found on these systems we'll use the core2 jbigi binary.
194868,ad47c3d909d0fb85242566f3c7b4be5b,libjbigi-kfreebsd-core2.so
194868,ad47c3d909d0fb85242566f3c7b4be5b,libjbigi-kfreebsd-corei.so
202848,57aa013ca310f3aae990f5ee78c100bd,libjbigi-netbsd-core2.so
202848,57aa013ca310f3aae990f5ee78c100bd,libjbigi-netbsd-corei.so
207657,01483211b6e077057302e256f185f7e7,libjbigi-openbsd-core2.so
207657,01483211b6e077057302e256f185f7e7,libjbigi-openbsd-corei.so
The I2P project does not currently ship these binaries, but they can be found
in unofficial jbigi packages.
- add kFreeBSD to NBI and CPUID
- add kFreeBSD to jcpuid/jbigi build scripts
- refresh debian patches to compensate for kFreeBSD changes
- i2prouter: Detect kFreeBSD and normalize its name
- clean up osid (switching to "elif") and adding support for detecting kFreeBSD
- update postinstall.sh; I2P cannot be installed using gij so postinstall.sh
will not be run. If/when openjdk finally comes to kFreeBSD, we'll be ready for it.
On Debian Squeeze the default-jre-* packages point to gij/gcj which is suboptimal.
Openjdk cannot be forced since not all platforms--such as kFreeBSD--have it as
an available option.
Add a new class to store results from rate calculations
Add a new method to compute average, last and current measurements
Use the new method in RouterThrottleImpl
(spotted at http://pastethis.i2p/show/2280/ and jcpuid already matches
*FreeBSD* so this fixes a minor consistency issue. Thanks to the anonymous
paster.)
The bug has been there forever but never happened before
0.9.3 because the buffers were all 32KB and the largest
fragment was about 1500 bytes. In 0.9.3, there are multiple
buffer sizes, the smallest is 512 bytes, and a packet
of exactly 512 bytes would be silently dropped.
Thanks zab for finding it.
In my testing:
32 bit Windows (and, of course, 32 bit JRE) = Java added to the PATH
64 bit Windows and 64 bit JRE = Java added to the PATH
64 bit Windows and 32 bit JRE = Java *not* added to the PATH.
So...with this check-in:
- If the environment variable JAVA is set in the script, we'll use that
manually specified Java. We will not look in the registry, but we'll check to
make sure that the binary exists.
- If Java is found in the system path, we'll use it instead. We will not look in the
registry.
- If the variable is not set manually and Java is not in the system path we'll
look in the registry to find the java binary.
I've tested this in Windows XP, Vista, and 7 but it should work in any supported version
of Windows.
I've failed to get in contact with him for a renewal of his certificate. Errors might appear in logs
on installs after that date, just remove https://euve5653.vserver.de from /configreseed in console
and you wont get errors.
- More DHT limits
- Announce to backup trackers if DHT is empty
- Use PEX and DHT info in torrent peer count
- Don't use temp files for announces
- TrackerClient refactoring
- cleanups
- Better fix for logging dropped messages (ticket #758)
- Implement fast receive to reduce per-message handshakes
- Make messageReliability=none the default
*Behaviors.scala should really go in net.i2p.update.* in core, but ScalaTest
doesn't seem to be picking up the cross-dependency properly and just ignores
any Spec which includes them; they will move once the build.xml is fixed.
- Add kbucket debugging
- Eliminate redundant explore keys
- Add more limits to DHT tracker
- Delay expiration at startup
- Only enable updates for dev builds and 1% of release builds
* Update Manager: Warn on dup registration
- Refactor TCG to use ClientApp interface
- Remove 'reload config' button
- Synchronization fixes
- Don't instantiate early, to allow router to hold
a reference. TCG.getInstance() may now
return null when in RouterContext.
- Jsps display message when TCG not initialized
- Fix (again) partial piece avoidance for seeds
- Fix several partial piece (temp file) leaks,
some uncovered by previous rarest-first fixes, some in end game
- Don't lose all DHT peers if we stop quickly (backport from update branch)
- Explore a kbucket if it's less than 3/4 full (backport from update branch)
- Add start() in UpdateTask so things happen in the right order
- Add toString() in UpdateTask for better debugging
- Fix getID() for plugin UpdateTasks
- Add a simple network monitor
- Add new reachability state for network disconnected
- Prevent any tunnel building when disconnected (ticket #519)
- Don't unleash watchdog when disconnected
- Add remove method
- Add console password form to configui.jsp
- Consolidate multiple setSettings()/getJettyString() in FormHandler
- Some form message tweaks
- Prep for ClientApp interface by storing context in a field,
shuffle around what's static and what's not
(ticket #347)
- Remove ports from port mapper on shutdown, other changes to
track actual ports better
(ticket #731)
- Hook in password manager using MD5, untested.
(ticket #731)
Let's not direct people to see how to configure their browser at
http://www.i2p2.i2p/htproxyports when you need to have your proxy configured to go there!
- Add peer test throttling
- Peer test packet count fixes
- Adjust peer test timeouts and add backoff
- Reject relays and peer tests from same /16
- More peer test cleanup and log tweaks
* Transports:
- Enforce minimum peer port
- Warn on low router ports
- Set default read timeout in standard server
- Reduce header timeout, enforce total header timeout
in IRC and HTTP servers (ticket #723)
* Streaming: Don't ignore option or force connect timeout to 5 minutes
* Streaming javadocs
* SocketTimeout cleanup
- More synchronization fixes
- Reduce chance of dup acks in a single message
- Reduce max unsent acks to 50
- Use last ack time in ping decision too
- Reduce ack delay
- Increase max outbound establishments based on bandwidth
- Synchronization fix for Java 5
- Use multiple buffer sizes in OutboundMessageState to
reduce memory usage
- Adjust skew calculation, synchronize too
- Ping loop improvements
- Fix memory leak in _peersByRemoteHost map caused by not
removing peers that change IP or port
- Send keepalives if firewalled
- Handle peers that change ports on an established session
- Synchronize adds and drops
- Don't use peers with high RTTs in clock skew calculation
- Reduce initial RTT/RTO
Footer hidden when embedded because of margin issues, and out-of-place-ness.
Have confirmed that susi's opinion when the themes were initially updated was
"do what you want", so no legal problem.
in configfile will only work on older launchd version. Ref manpage:
(-w Overrides the Disabled key and sets it to false. In previous ver-
sions, this option would modify the configuration file. Now the
state of the Disabled key is stored elsewhere on-disk.)
* SSU:
- Separate PeerState outbound message list into a queue for unsent messages
and a list for sent messages awaiting ack
- Implement PeerState outbound queue as CoDelPriority
- Implement backlogged indication like in NTCP
- Add caching in RouterAddress with secondary caching
in Addresses; use caches to speed up transport bids,
blocklist checks, geoip lookups, and profile organizer checks
(ticket #707)
- Limit IP cache size in TransportImpl
- Clear caches at shutdown
* RouterAddress: Remove unused expiration field to save space
- Centralize priority definitions
- Raise netdb store and reply priority
GarlicMessage:
- Add notes about GarlicMessageHandler and HandleGarlicMessageJob
being unused in practice
- Limit queue sizes
- Add stat for overflow
- Remove some stats
- Change pumper to LinkedHashSet for efficiency
(like NTCP Reader/Writer)
- Limit messages pumped per cycle to increase
round-robin fairness
- Comment out some unused code
- Javadoc
- Limit UDPSender queue size
- Increase UDPSender max packet lifetime
- Clear UDPSender queue before sending destroys to all
- Increase PeerState queue size so large streaming windows
don't get dropped right away, especially at slow start
- Various improvements on iterating over pending outbound
messages in PeerState
Compiled on trimslice:
gcc version 4.5.2 (Ubuntu/Linaro 4.5.2-8ubuntu4)
java version "1.6.0_18"
OpenJDK Runtime Environment (IcedTea6 1.8.13) (6b18-1.8.13-0ubuntu1~11.04.1)
OpenJDK Zero VM (build 14.0-b16, mixed mode)
Wrapper 3.5.15 GPLv2
All binaries stripped.
- Windows: Self-compiled with VS2010 in Windows 7. The icon has been
changed from Tanuki's default to Itoopie.
- FreeBSD: Self-compiled in FreeBSD 7.4 to eliminate the dependency on the
compat6x port.
- Linux ARMv5 & PPC32: Self-compiled in Debian Squeeze
- Linux x86, Linux x64, MacOSX & Solaris: Binares are from the "community
edition" deltapack offered by Tanuki. The x86 and x64 binaries for Linux
have been stripped.
table lookup for more flexibility
* Streaming: Use packet type and current window size to adjust
number of tags sent and tag threshold, to improve
efficiency and reliability
- Use extended I2CP options for datagrams
- Fix timeout for sent datagrams
- Reduce token timeout
- Check token age before use
- Limit incoming token size
- Add methods for sending a message with extended options
- Fix cases where the efficient sendNoEffort() wasn't being used
* OCMOSJ:
- Implement per-message overrides for tag threshold,
tags to send, and bundle leaseset
- Fix bug adjusting timeouts
- Warn on client expiration time bugs
- Use external, not internal port to sign SessionCreated message.
Together with previous fix to allow external port change, this
should fix session establish fails when NAT changes our port
- Track outbound establishments by both Hash and IP/port,
to improve lookups of establishments in progress
- Fix expiration of outbound establishments
- Validate address/port in RelayResponse messages
- Change RemoteHostID to store Hash instead of byte[] for the peer hash
- Log tweaks
- Use remote MTU when published (ticket #687)
- Queue outbound msgs during inbound establish
- IntroManager cleanups
- More synchronization
- More log tweaks
- Remove use of outbound timers in EstablishmentManager; drive all events in Establisher thread
- Don't change nonces when retransmitting intro packets
- More synchronization in EstablishmentManager
- Increase establishment timeouts and implement timeouts for individual phases (ticket #669)
- Fix bug where InboundEstablishState.createdPacketSent() wasn't being called,
so SessionCreated packets weren't retransmitted
- Increase retransmission timeout for SessionCreated and implement backoff
- Send destroy if establishment times out in the middle
- Fix code that pulls outbound states off a deferred queue
- Improve UDPPacket.toString() for debugging
- More logging of packets dropped in EstablishmentManager
- Change establish states to enums
- Reject some packet types if they came in via fallback introKey
- Increase retransmission timeout for SessionRequest, SessionConfirm,
and RelayRequest; implement backoff
- Move UDPFlooder to test
- More volatiles, finals, cleanups, stat removals, log tweaks
the old version (grep -o '[0-9]*\.[0-9]*\.[0-9]*') won't detect versions as 10.8, or 10.7
added cut -d: -f2 | sed -e 's/[^0-9]*//' , matching both 10.8, 10.7.4, etc.
- Use local MTU detection
- i2np.udp.mtu now sets max MTU, not initial MTU
- Put local MTU in netDb
- Fix receive MTU calculations
- Track remote MTU based on actual received packet size
- Display local MTU on peers page
GMP 4.3.2
Compiled on Raspberry Pi with gcc version: gcc (Debian 4.6.3-8+rpi1) 4.6.3
java version "1.6.0_24"
OpenJDK Runtime Environment (IcedTea6 1.11.3) (6b24-1.11.3-2+rpi1)
OpenJDK Zero VM (build 20.0-b12, mixed mode)
Stripped.
Had a report that the ARMv5 jbigi worked on the RPi but it didn't for me.
See NativeBigInteger for more info.
/proc/cpuinfo:
Processor : ARMv6-compatible processor rev 7 (v6l)
BogoMIPS : 697.95
Features : swp half thumb fastmult vfp edsp java tls
CPU implementer : 0x41
CPU architecture: 7
CPU variant : 0x0
CPU part : 0xb76
CPU revision : 7
Hardware : BCM2708
Revision : 0002
To run (once tests exist) execute something like
ant -Dclasspath=/usr/share/java/mockito-core.jar
-Dscalatest.libs=./lib
-Dwith.cobertura=/usr/share/java/cobertura.jar
fulltest
- Limit PacketHandler threads to 1 (ticket #660)
- Limit queue sizes between UDPReceiver and PacketHandler,
and between PacketHandler and MessageReceiver, to prevent OOMs
and/or excessive queue delays
- Increase UDPPacket cache size based on max mem
- Remove more stats
At the same time I'm making more Debian-specific changes, such as
- not checking for Gentoo (this is obviously never going to be true :P)
- not mentioning IzPack replacing variables (also not applicable)
- inform about dpkg-reconfigure i2p in the event someone tries to remove or
install an initscript with "i2prouter install|remove|uninstall"
- remove the manual wrapper instructions
- Catch some cases where UDPPackets were not returned to the cache (ticket #675)
- Fix inverted logging logic (ticket #663)
- Remove check in UDPPacket.getLifetime() (ticket #664)
- RemoteHostID cleanup, cache hashcode
- Remove udp.fetchRemoteSlow stat
- Remove some time stamping in UDPPacket
- Other cleanups - see http://zzz.i2p/topics/1198
The old JUnit tests are still present, but "ant test" and "ant fulltest" default
to the (pending) ScalaTest ones. To run the ScalaTest tests with Cobertura, execute
the following:
ant -Dscalatest.libs=./lib -Dwith.cobertura=/usr/share/java/cobertura.jar fulltest
The scalatest.libs property must point to a directory containing scala-compiler.jar,
scala-library.jar and scalatest.jar.
This is required in order to get the theme config keys of the various apps into
themes.config; this way, the routerconsole requires no knowledge of what apps
support universal theming, and can just blanket apply themes to all known keys.
The iframing pages remain accessible in the console, so this may be reverted in future,
or made configurable. The /webmail link buried in the text of the several readme.html
files has been left.
Before iframing i2ptunnel, clicking the Preview button would open the site in the parent
window. This change will cause the sites to open in the parent window from
within the iframed page.
Previously, README.Debian use to be installed to /u/s/d/i2p. A while ago I
split I2P into smaller packages and symlinked /usr/share/doc/libjbigi-jni and
/usr/share/doc/i2p to /usr/share/doc/i2p-router. I didn't noticed that
README.Debian wasn't being included after the split, so now I'm explicitly
adding it.
- Don't send a keepalive to a peer we are going to disconnect
- Disconnect peer when idle a long time
- PeerCheckerTask cleanup
- Static ref cleanup
- Don't show a downloaded torrent file as "seeding"
- Better torrent file download icon (from Silk, same license as the others)
- Allow at least 3 packets and up to half the window to be active resends
instead of just 1, to reduce stall time after a packet drop
- Increase fast retransmit threshold back to 3 to reduce retransmissions
- Don't fast retransmit if we recently retransmitted it already
- Allow double the window as long as gaps are less than the window
- Don't set the MSS in a resent packet (saves 2 bytes)
- Remove redundant calls to updateAcks()
- Update activity timer when resending a packet
- Reset unackedPacketsReceived counter at all places where acks are sent
so it isn't wrong
- Fix some places where the activeResends count could become wrong
- Prevent storm of CLOSE packets
- Never resend the whole packet in ackImmediately(), just send an ack
- Cancel flusher timer in MessageOutputStream when closed
- Move some createRateStats to ConnectionManager to reduce repeated calls
- Cleanups, javadocs, logging, volatile, finals
resulting in trailing zeros after the random padding in the unencrypted AES data block.
The number of zeros equaled the number of tags included (typ. 6 or 40).
As the data size is rounded up to the next multiple of 16,
this increased the size of the data by 0, 16, 32, or 48 bytes when tags were included.
Bug introduced 2004-10-30.
- Increase TX expire from 10 to 12 min, while keeping RX expire at 15 min.
3 minutes should be plenty of clock skew + delay.
- Move tags-to-send and low-threshold values to be per-SKM
- New session config options crypto.tagsToSend and crypto.lowTagThreshold
- Prep for per-packet override of tags and thresholds
- Cleanups and Javadocs
* I2PTunnel: Add some defaults for the new session config options
* OCMOSJ:
- Don't bundle LeaseSet just because we're requesting an ACK
- Changed session config option shouldBundleReplyInfo to default to true
and be used to disable bundling altogether when set to false.
Was previously an undocumented option to force bundling with a certain probability.
- Don't send tags unless we've already generated a reply token (race)
- Cleanups and Javadocs
- Bootstrap only once in explore thread
- Add exploring to explore thread
- Don't store default DHT setting in config file, so we can switch default to true later
- Add new enforce-protocol streaming config, sorry locks out < 0.7.1 peers
- Log tweaks
implementing out-of-console updaters like i2psnark.
- Add new update interfaces in net.i2p.update
- All update implementations moved to routerconsole update/
- Implement an UpdateManager that registers with the RouterContext
- UpdateManager handles multiple types of things to update
(router, plugins, news, ...) and methods of updating (HTTP, ...)
- UpdateManager maintains list of installed, downloaded, and available versions of everything
- Define Updaters that can check for a new version and/or download an item
- Individual Updaters register with the UpdateManager obtained from
I2PAppContext, identifying the type of update item and
update method they can handle.
- Updaters need only core libs, no router.jar or routerconsole access required.
- All checks and updates are initiated via the UpdateManager.
- All status on checks and updates in-progress or completed are
obtained from the UpdateManager. No more use of System properties
to broadcast update state.
- All update and checker tasks are intantiated on demand and threaded;
no more static references left over.
- Split out the Runners and Checkers from the Handlers and make the inheritance more sane.
- No more permanent NewsFetcher thread; run on the SimpleScheduler queue
and thread a checker task only to fetch the news.
- No more static NewsFetcher instance in routerconsole.
All helper methods that are still required are moved to NewsHelper.
The UpdateManager implements the policy for when to check and download.
All requests go through the UpdateManager.
For each update type, there's several parts:
- The xxxUpdateHandler implements the Updater
- The xxxUpdateChecker implements the UpdateTask for checking
- The xxxUpdateRunner implements the UpdateTask for downloading
New and moved classes:
web/ update/
---- -------
new ConsoleUpdateManager.java
new PluginUpdateChecker.java from PluginUpdateChecker
PluginUpdateChecker -> PluginUpdateHandler.java
PluginUpdateHandler.java -> PluginUpdateRunner
new UnsignedUpdateHandler.java
UnsignedUpdateHandler -> UnsignedUpdateRunner.java
new UnsignedUpdateChecker from NewsFetcher
UpdateHandler.java remains
new UpdateHandler.java
new UpdateRunner.java from UpdateHandler
move NewsHandler from NewsFetcher
new NewsFetcher
new NewsTimerTask
new DummyHandler
Initial checkin. Unfinished, untested, unpolished.
- More client options cleanups
- Options changes now propagate to running
socket managers and sessions, and through to the router
* SocketManager:
- Simplify factory, use 4-arg constructor,
make fields final, deprecate 0-arg constructor
- Improve how options are updated
- Javadocs
* I2PTunnel:
- Pass port through HTTP client proxy
- HTTP server proxy sets host header to
the value of "spoofedhost.xx" option for port xx
- Set client options more efficiently
- Move last-seen tracking from NodeInfo to NID, add fail tracking
- Make NodeInfo fields final
- Remove nodes on consecutive failures
- Only persist nodes heard from recently
- Implement NID verification for security
This does mean that the iframe don't-refresh state (= refresh rate of 0 seconds)
doesn't hold if the page is changed (in fact, the refresh rate becomes the
minimum) - so maybe better to have a different config var for that?
- Display torrent file downloads in torrent area
- Sort magnets and downloads first
- Fix sorting problem when torrent dir is a symlink
- Reduce max file idle time
- arrow_down icon copied from console css
- Move private tracker config from create box to torrent config
- Refactor private and open tracker configuration
- Add private indication on details page
Now, Ajax will be used first, and will fall back to IFrame if JS is disabled,
and a separate page if on a text or mobile browser.
Also, /home and /console (and everywhere) now all have the same summary bar
content, which currently defaults to the original full listing.
- Shutdown now closes tunnel
- Delay after sending stop announces at shutdown
- Stub out using Hash cache
- Implement stop for all cleaners
- Log tweaks
This solidifies the summary bar design pattern of modular sections separated by
<hr>s which in future could be reordered or hidden without affecting the theme.
- Fix updating node ID when receiving pong
- Fix getting DHT enable setting from config file
- Fix handling of get_peers replies
- Fix sending and receiving announces without signing
- Fix incoming/outgoing token handling
- Set cleanup timer for all queries
- More debug logging
- Change DHT from option bit to extension message
- Add DHT start/stop code
- Add UI for DHT enabling
- Add raw datagram protocol type and use for response port
- Close connection immediately if bad protocol,
this makes blacklist work better too
- Stop adding peers when we hit the limit
- Lower limit for outbound connections so we give
new peers a better chance in large swarms
Note: this now refreshes along with the rest of the sidebar, so the news.xml
file is read once every 15s - it may be better to cache the headings somewhere,
though it's debatable whether reading the cache file is better than reading the
news.xml file...
- Move from core to router, leave stub in core
so it doesn't break compatibility. This removes a
thread in app context and prevents any app context from
running NTP; external clients must use the time
received from the router.
- Increase query interval
and 'aeec86a504a5fd67dff12d6775411a9c865d42ad'
Merge to aeec86a504a5fd67dff12d6775411a9c865d42ad
which is just before the 2009-08-11 whitespace cleanup at ef1c23821d433903124f7612cbc46ac096fc985b
- Fixes when complete except for skipped files
(ticket #447) status in UI, don't connect outbound,
disconnect seeds when done
- More classes pkg private
- Store received chunks in temp files
- Don't allocate from heap for unneeded chunks
- Remove peer count restriction for torrents with large pieces
- Use priorities and rarest calculations to sort partials
- Preserve p parameter in clear messages link
Izpack tries to parse the 'unix-only' files in Windows. If we don't copy them,
the installation will fail in Windows. Therefore, moving the files that were in
the preppkg-unix target to the preppkg-base target. They're so small I don't
see how this will be a problem.
All are from the "delta-pack" with the following exceptions:
* binaries for FreeBSD have been compiled in FreeBSD 7.4 to eliminate the
dependency on FBSD v6 compatibility libs. They've also been stripped.
* Tanuki doesn't offer win64 binaries. Since the x64 binaries had to be
compiled anyway, I've added an itoopie icon to the binary and both x86 and
x64 binaries are compiled by me.
* Linux PPC binaries have been compiled by me since upstream mistakenly ships a
64bit PPC binary as a 32bit binary.
* Linux ARMv5 have been compiled by me.
* The Linux x64 and x86 binaries have been stripped.
Compiled on trimslice:
gcc version 4.5.2 (Ubuntu/Linaro 4.5.2-8ubuntu4)
java version "1.6.0_18"
OpenJDK Runtime Environment (IcedTea6 1.8.13) (6b18-1.8.13-0ubuntu1~11.04.1)
OpenJDK Zero VM (build 14.0-b16, mixed mode)
Wrapper 3.5.14 GPLv2
All binaries stripped.
- Fix verifies stuck on one peer by blamimg the verify peer on failure
- Follow DSRM in response to RI verifies, to help integration
- Increase floodfill verify timeout
- Fix state when storage dies during transition out of magnet mode
- Fix NPE in magnet mode
- Error logging improvements
- Support add-torrent with infohash alone
- CSS tweaks
- Don't reread RI if netdb date is recent
- Prevent LS/RI overwrites
- Disallow hash mismatches in RI files
- Reseed won't fetch our own RI
- Reseed won't overwrite recent RIs
- Move from core to router/transport
- Make non-static, instantiate in TransportManager
- Generate keypair in constructor and make final
to move more processing to the precalc thread
and eliminate races
- Synchronize getSessionKey() to eliminate races
- Comment out unused methods
* UDPTransport:
- Make key builder final in InboundEstablishState to
eliminate rare NPE (ticket #406)
- Remove unused static instance
- Include old commons logging classes in commons-logging.jar
- Preserve manifests in Jetty/Tomcat jars
* Jetty Logger: Promote warns to erros when a Throwable is the second arg
- Don't use unacked tagsets after consecutive ack failures
and revert to full ElGamal if necessary (ticket #574)
- Synchronize creation of new sessions to prevent dups
- Don't remove an unacked session until it's really out of tags
- Failsafe removal of old unacked tagsets
- Cleanups, final, comments, log tweaks, debug.jsp tweaks, synchronization tweaks
Enabling this should be safe since we will ship separate installers for
Win/non-Win. Those that don't want to build the EXEs can set noEXE in build.properties,
Even better might be to run one of
* ant installer-freebsd
* ant installer-linux
* ant installer-nowindows
* ant installer-osx
- Remove static logs
- Sort addresses in RouterInfo at initialization only;
change from Set to List to save space
- Remove unused counters in Lease to save space
- Increase max leases to 16
inbound tunnels to improve success
* NetDB:
- Don't publish our RI if it has no addresses
- Publish our RI sooner after startup
to facilitate our IB tunnel builds
- Move PID and status files to config dir in i2prouter
- Don't set PID files in wrapper.config as Windows doesn't need them
and the wrapper won't start if the dir doesn't exist
- Move wrapper.log to config dir using override in i2prouter,
Windows stays in system temp dir
- Move wrapper.log to config dir for no wrapper
- Move wrapper.log setup for no wrapper from RouterLaunch
to WorkingDir
- Redirect stderr too when no wrapper
- Create config dir in i2prouter for Linux/Mac
At present the ?page= in the URL isn't affected, which could possibly
confuse users - maybe move to having the page variable as a POST variable
so the url is just always /i2ptunnel/wizard
It's outdated and the text was misleading. It is NOT a "custom-build" that is
"security hardened"--it's a Firefox profile. Having echelon's site
linked on the router console should be enough.
The idea is to utilise the existing saveChanges function in IndexBean.java
that the edit page posts to. Consequently, the wizard will need to have all
the same inputs that need to be POSTed as the edit page does.
This was interfering with the plugins section, where HTML is intentionally
passed into the description field. Now, only when the description field is
being plugged into the value property of an input tag will it be escaped.
This mainly has an effect on the size of the javadocs package (i2p-doc shrinks
to half of its present size when using bzip2). xz would give better
compression, of course, but xz support isn't isn't available in the version of
dpkg that ships with Lucid. All supported versions of Debian and Ubuntu support
bzip2 in .debs, so this will only have the impact of giving us smaller javadoc
packages.
- Only stop a plugin before update if it was running
- Don't start a plugin after update if it was disabled
- Disable plugin if it fails version checks at startup
- merge mbuild_jbigi.sh into build_jbigi.sh and drop mbuild_jbigi.sh
- make build.sh's tests optional
- try to determine the locations of JAVA_HOME and I2P
- Fix failsafe shutdown hook broken in 0.8.8;
HUP, INT, and TERM signals should now shut down cleanly.
- Shutdown hook no longer prevents other hooks from running
- Trap HUP, if router.gracefulHUP=true, and do graceful shutdown.
Only under wrapper, non-Windows.
- i2prouter stop now uses SIGTERM
- Implement i2prouter graceful using SIGHUP (ticket #580)
- Configure wrapper to ignore SIGUSR1 and SIGUSR2 as they will shut down
or crash the JVM
On systems without an i2psvc group, the postinstall would fail. This change
will add the group if it doesn't exist. Also adding "||true" to the usermod
command in case the command returns a non-zero status.
Before there was a patch to add the -deb1 to the RouterVersion.java file, but
it needed me to update the deb#. With my newly budding regex skills, I'm now manipulating
it using sed and determining the number according to the debian version number.
With this check-in I'm adding the EXTRAVERSION to our javadocs and the custom
installer targets (if EXTRAVERSION is set in RouterVersion.java). Also,
i2pinstall*jar and i2pinstall.bz2 will be removed when ant clean is run.
Compiled on trimslice:
gcc version 4.5.2 (Ubuntu/Linaro 4.5.2-8ubuntu4)
java version "1.6.0_18"
OpenJDK Runtime Environment (IcedTea6 1.8.10) (6b18-1.8.10-0ubuntu1~11.04.1)
OpenJDK Zero VM (build 14.0-b16, mixed mode)
Wrapper 3.5.13 GPLv2
All binaries stripped.
- Fix I2PRequestLog javadoc
- Rename jetty-threadpool.jar to jetty-java5-threadpool.jar to match ubuntu symlink
- Bundle jetty-rewrite-handler.jar (20KB) and .xml config to
make it easier to do rewrites (unused by I2P)
I removed Tanuki's broken CPU "bitness" check for OSX in
3db46be1ede7d858b6c319905cf310d99227eb29. With this commit I add one that
works. Note that at this point we don't use the "bitness" checking because we
ship a quad-fat wrapper for OSX. Unfortunately, one can only manipulate the osx
binaries with "lipo" which is only available in OSX. In the future we may want
to use the "bitness" logic.
In any case, the old check set the bits to 64 for Leopard and above, but just
because a Mac is running Leopard or Snow Leopard doesn't mean it's 64bit
capable. This addition of mine will actually check the flags using sysctl. I'm
not using uname because OSX < Lion starts in 32bit mode by default (but can
still run 64bit binaries).
- Fix NPE logging error when Router.saveConfig() fails early
- Log readConfig() and saveConfig() errors to wrapper log if
router log not yet available
- Handle non-split configuration in MigrateJetty
- Better logging of migration errors
- Handle existing backup files during migration better
- move router.ping to /var/run/i2p
- move temp files to /var/tmp/i2p
- Since gaps are allowed in the numbering with newer wrapper versions, start
*.adddional.# numbering at 10
- redirect errors to stderr
The routerconsole's precompilejsp target failed when using the jetty packages
from Debian. These escaped jsp files also work with 'our' jetty6 (and jetty6).
- Remove synchronization
- Do not allow contents to change after being set, throw IllegalStateException
- Do not copy contents out in getters
- Make options final
- Add getOption() and getOptionsMap() methods
for ease in building multiple routers in the JVM,
and also because starting threads in a constructor is bad practice.
All threads now start in runRouter().
Installation of updates now only happens via Router.main().
Jetty 6 package.
- Add several jars from the Jetty 6 distribution
- Update jetty.xml
- Add context XML files
- Update WorkingDir to migrate the content XML files
- Update RouterConsoleRunner and LocaleWebAppHandler
- Remove all old Jetty 5.1.15 local mods;
this will break Seedless using a custom Server() constructor
- Update I2PRequestLog to be a mod of NCSARequestLog from 6.1.26
- Put I2PRequestLog in its own jar
- Copy MultiPartRequest and other required classes from Jetty 5.1.15
and add it to susimail, as the replacement MultiPartFilter in
Jetty 6 is difficult to migrate to, and does not support content-type
- Update i2psnark for Jetty 6
- Disable i2psnark RunStandalone, unused and instantiated Jetty 5
- Fix up all webapp build.xml to reference new jars
Not yet working: Plugin/webapp run detection and stopping, eepsite CGI
Not well tested: Plugins, classpaths, webapps
Check for /etc/environment and /etc/default/locale and retrieve/set locale
variables from them--but only if LANG is unset. This should help in those
cases in which someone is starting I2P as a daemon using an initscript and I2P is
starting /before/ the environment is configured, leading to the wrong file
encoding being detected.
- Speed up heavily used long/byte[] converters
- Add little endian versions of the converters
- Cache common properties keys
* RouterAddress: Cache transport names
- Payloads an exact multiple of 512 bytes failed to decompress
- Data at the end of the stream could be lost
- read() returned -1 when the data was 0xff
- Deprecate unused stream methods and I2NPMessageReader since
all transports provide encapsulation.
- Don't throw IOE from byte array methods
- Use cached null cert in GarlicClove
- Add method to limit size of buffer to read
- Don't check checksum at input, in most cases
- Reuse checksum at output, for unomodified pass-through messages
(but recalculating it now and logging on a mismatch for testing)
- Fix DatabaseLookupMessage to internally store the don't include peers as
a List, not a Set, so it doesn't get reordered and break the checksum
- Log cleanup
* NTCP:
- Zero-copy and limit size when handing buffer to I2NP
- Log hex dump message on I2NPMessageException, like in SSU
- Don't close connection on I2NPMessageException
The amount of RAM that I2P is limited to can be adjusted using debconf. The
value in /etc/i2p/wrapper.config is stored in the debconf db and is written to
/etc/default/i2p.
- Earlier detection and better logging of
truncated TunnelGatewayMessage and DatabaseStoreMessage
- Fix and enhance UnknownI2NPMessage implementation
- Don't deserialize or verify the checksum of the
embeddedI2NP message in the TunnelGatewayMessage
at the IBGW, just use UnknownI2NPMessage and pass it along,
except if zero hop; Still to do: similar thing at OBEP
- Round expiration times when converting to/from seconds for SSU
- Cleanups and javadoc
- Change large MTU from 1492 to 1484 and small from 608 to 620
for encryption padding efficiency
- Enforce sent MTU limit
- Increase receive buffer size from 1536 to 1572 so that excessive-sized
packets sent by 0.8.9-0.8.11 routers aren't dropped
- Limit the max acks in a data packet
- Limit the duplicate acks in successive data packets
- Only include acks that will fit in the mtu in a data packet
- Correctly remove acks from the pending set after they are sent,
so they aren't sent repeatedly
- Don't pad data packets unless necessary
- Debug logging and javadocs
- Complete rework of participating traffic RED.
Implement an accurate bandwidth tracker in FIFOBandwidthRefiller.
- Fix drop priority of VTBM at OBEP
- Lower drop priority of VTBRM at IBGW
- Raise threshold from 95% to 120%
- Remove unused things in HopConfig
...needs more testing...
- Split up config network page
- CSS tweaks and cleanups
- Change some form notices to errors
- Spiff up the buttons
new silk icons: See licenses/LICENSE-SilkIcons.txt
new toopie icon: Shrunk from existing one
Tanuki's script has a broken check for
OSX versions older than Leopard that sets
the CPU bitness to 32 for < 10.5. Since the
doesn't even work on Tiger (or older) (and
our binary is quad-FAT), this check is not
neeeded.
- Ensure failsafe pumper code gets run on schedule
- Don't copy the read buffers
- Adjust minimum read buffers based on memory
- New i2np.ntcp.useDirectBuffer option (default false)
- Mark peer unreachable when read failure is during establishment
- Change some Reader Lists to Sets to avoid linear search
- Log tweaks, debugging, new loop stats
- First cut at improving EventPumper performance (ticket #551)
- Establishment timeout cleanup/concurrent
- Remove some logging and stats
- Switch some Queues from LBQ to CLQ
- Static ByteBuffer cache
- Increase default max connections again
- Reduce min idle time
- Separate out introducer pinger from introducer selection
so it can be run separately and more often
- Only ping introducers if we need them
* Translation updates from Transifex:
- I2PSnark: de, es, and pt
- I2PTunnel: de and es
- RouterConsole: de and es
- SusiDNS: de and es
- SusiMail: de and es
IMHO, having the information panel ("To start I2P, etc.") displayed at the end
of the installation process makes a lot more sense.
Hopefully others agree...
Compiled on trimslice
gcc version 4.5.2 (Ubuntu/Linaro 4.5.2-8ubuntu4)
java version "1.6.0_18"
OpenJDK Runtime Environment (IcedTea6 1.8.8) (6b18-1.8.8-0ubuntu1~11.04.1)
OpenJDK Zero VM (build 14.0-b16, mixed mode)
Wrapper 3.5.12 GPLv2
All binaries stripped.
Upgrading our wrapper to 3.5.12 to fix the upstream wrapper's umask bug. All
binaries are from the delta pack except for Win64, FreeBSD, Linux ARM, and OSX
(See history.txt for more info).
* merge x64 improvements from mbuild.sh into build.sh
* drop mbuild.sh
* add logic to determine the location of JAVA_HOME if not defined.
* update core/c/mbuild to call jcpuid/build.sh
- Add refresh time option
- Add public file permissions option (ticket #501)
- Fix configuration of tunnel parameters (ticket #524)
- Allow changing I2CP parameters while tunnel is open
- Remove duplicated options in I2CP options string
- Don't open tunnel when saving config
The upstream script has support for Ubuntu but not Debian. This change allows
the same methods used for Ubuntu to be used for Debian. This *should* work for
any version of Linux that has Debian in its family tree.
With this check-in comes an update of our i2prouter script based upon the
script src/bin/sh.script.in from the 3.5.9 source tarball of the wrapper.
Some of the benefits of this newer version include:
- logic to determine which wrapper binary to use (32bit VS 64bit) and falling
back to alternate "bitness." This would be most useful for portable packages.
- support for far more platforms and archs than the 3.1.1 based script (such as
Solaris, risc, os/390, HP-UX, AIX, mips, ia64, etc.)
- support for installing I2P as a daemon in most UNIX-based environments with
the command "i2prouter install". The installed service can be removed with
"i2prouter remove". With testing this option has been confirmed to work in
OSX, Fedora, Slackware, Debian, Ubuntu, FreeBSD, and SuSE. It does not work
in Arch Linux (yet).
When zipping with infozip, executable permissions are left intact. When zip is
called with ant, these permissions are lost. When tarring using ant the
permissions seem to be lost too. Switching to calling tar directly ensures that
the executable permissions aren't lost.
These scripts are based on InstallApp-NT.bat.in and UninstallApp-NT.bat.in from
WRAPPERSRC/src/bin of version 3.5.9 of the wrapper.
Tested in XP and Win7.
This is based on WRAPPERSRC/src/bin/StartApp-NT.bat.in from 3.5.9 of the
wrapper. The i2prouter.bat that we ship doesn't work; this one does. Tested in
XP and Win7.
to avoid clogging the Hash cache with one-time hashes,
and avoiding the global cache lock.
This also greatly increases Hash cache hit rates.
Also use SimpleByteCache for temporary byte buffers.
The default service path in Windows is fugly and not very convenient. I2P uses
the correct path, but if you want to access snark or eepsite data, one must go to
%SYSTEMROOT%\config\systemprofile\AppData\Roaming\I2P\ (Vista/7) or
%SYSTEMROOT%\system32\config\systemprofile\Application Data\I2P (XP/2003). If
this wasn't bad enough, in some cases one must take ownership of this path and
grant permission to him- or herself to access the folder.
With this changeset, I'm setting the path to %ALLUSERSPROFILE%\Application
Data\I2P as well as adding a shortcut to the I2P folder in the Start menu.
- Replace the old parallel lookup method with a true
Kademlia lookup that iteratively queries additional floodfill
peers returned in DatabaseSearchReplyMessages. This is a more
efficient and reliable lookup that will work much better
when not all floodfill peers are known, and it removes a serious
limitation to network growth.
- Limit max number of DSRM entries to look up
- Cleanups, javadocs, log tweaks
on localized versions of Windows.
----
Non-English versions of Windows do not have a Users group; instead they use a
localized group name. As a result, when installing I2P on a non-English Windows
box, the installer will show an error when trying to run the fixperms.bat
script.
Using the SID will work with any localized Windows. SID list @
http://support.microsoft.com/kb/243330/en-us
- Update Italian, Chinese, Spanish, Polish, Swedish,
and Vietnamese translations from transifex
** po files contain errors, to be fixed in next checkin
- Allow NTP to reinitialize clock after the comm system
in the first minute of uptime
- Fix i2ptunnels not restarting
- Increase minimum forward clock shift for soft restart
- Reduce minimum backward clock shift for soft restart
- Signal the I2CP client with a different message when restarting
- I2CP client reconnects when receiving restart message
installed by default if a JRE isn't installed yet. Since the packages
previously depended on "default-jre|java5-runtime|java6-runtime", an
already-installed headless package would have satisfied the dependency.
/usr/share/i2p/docs/javadoc and /usr/share/doc/i2p-doc/api is a symbolic link
to this location. To ensure the link can be created, we check to see if
/usr/share/doc/i2p-doc/api is a folder. If it is, it gets removed.
- Follow all DSRM's, not just the last one, by moving the code
from the match job to the selector
- Update peer profile after SingleSearchJob
- Cleanups, javadocs, log tweaks, final
- Explore even more aggressively at startup
- Increase SingleSearchJob timeout
- Increase time at startup for processing DSRM
- Cleanups, final, javadoc, concurrent
- Revert change in UDPPacket that caused massive corruption
- Reduce buffer sizes from 2048 to 1536
- Discard too-large received packets sooner
- More cleanups
- Notes on MTU
- Complete rewrite of OutboundMessageFragments for
concurrent and for efficiency to avoid O(n**2) behavior
- Queue a new send immediately after a packet is acked
- Cleanups, log tweaks, javadocs, final
- Cancel our JVM shutdown hook when shutting down
- Run a spinner task so shutdown always completes
- exit() instead of halt() so other JVM shutdown hooks run
- Prevent duplicate wrapper notifier hooks
- Notify the wrapper twice, once for stopping and once for stopped
clock shifts by partially restarting the router. Also improve
restarts initiated from config.jsp
Tickets #465, #468, #494
* UPnP: Wait for a while to ensure port removal at shutdown or restart
- Use system SHA-256 MessageDigest instead of Sha256Standalone in PRNG
- Deprecate DataHelper functions using Sha256Standalone arguments;
used only by Syndie
- Note deprecation in javadocs
- Log error on out-of-order spans
- Log error on corrupt level and discard
- Fix SkipSpan non-flush bug causing null levels
- Add level fixer that repairs nulls and out-of-order levels
- Fix bug on backwards span construction, not hit in practice
- Lots of log level changes
Instead of deleting debian/copyright with "ant clean", add it to .mtn-ignore.
With the current method, the copyright file doesn't end up in the debian source
package...
- Remove floodfills from dont-include list in exploration
DatabaseLookupMessage, as the dont-include-floodfills flag
has been supported since release 0.7.9.
This will make exploration work better, as there is room for
non-floodfills in the don't-include list now.
- Reduce min and max exploration intervals
- Explore aggressively at startup and if known routers is low
- Explore slowly if known routers is high
* Shutdown:
- Clear more resources in peer manager, netdb, stat manager,
session key manager, naming service, tunnel dispatcher,
OCMOSJ (result of testing with jvisualvm)
- Don't call wrapper on shutdown (starting two threads) if we
were started with runplain
- Fix Polish po file
- Install as a service by default on Windows again
- Change CPUID getters to package private
- Split new jbigi install messages into two lines
- Javadocs
Add an icon (in OSX parlance, a 'bundle') to the installation folder to start
I2P.
While there might be a better way to handle this (admittedly, I don't know OSX
that well), it is my belief that this way is less 'hackish' than the various
OSX 'installers' that I've seen floating around.
GnewSense.
This change will break nothing since we check for the existence of the lsb
function files in the initscript. With an older version of lsb-base (like the
one that came with Hardy (and GnewSense uses), the output from the initscript
will simply look a little different (but again, nothing will break). Virtually
everything but GnewSense comes with the desired lsb-base package anyway...
- Stop I2PThread from starting a new App context at shutdown
- Stop LogWriter from starting a new App context at shutdown
- Have router kill any leftover App context at startup
- Kill the global app context
- Recognize multi-router case
- Fix RandomIterator, YKGenerator, DHBuilder, NTCPConnection
hanging on to old context -
probably other offenders not yet found
- Fix DHBuilder thread not stopping
- Implement and call shutdown for RouterWatchdog
- Fix i2psnark DirMonitor not stopping
- Fix UPnP-Disposer not stopping quickly
- Implement and call YKGenerator and DHSessionKeyBuilder shutdown
- Implement and call shutdown for BandwidthRefiller
- Implement and register shutdown hook for Timestamper
- Implement and register shutdown hook for Jetty console server
- Fix UPnP-SSDPNotifySocket thread not stopping
- Fix all but one UDP PacketHandler threads not stopping
- Add the router version to the zip file comment in the updater
- Add a class to extract the zip file comment
- Require the sud version header to match the zip file comment
to prevent spoofing of the version number, since the version
number in the header is not covered by the sud signature.
My rationale for this:
1) in case someone is installing I2P on top of an already existing installation
this will cause I2P to be shutdown
2) no hangs during the installation if i2p is already installed as a service
3) in case the NT service settings are changed in wrapper.config by us, this
will force the service settings to be updated.
4) versions of I2P < 0.8.7 did not remove the service when uninstalling. If someone
removed I2P in the past and reinstalls I2P--opting to run as a service--the
installation process will hang.
jbigi and wrapper files for arm.
Compiled on trimslice with gcc version 4.4.5 (Ubuntu/Linaro 4.4.4-14ubuntu5)
Log postinstall errors to postinstall.log.
java version "1.6.0_18"
OpenJDK Runtime Environment (IcedTea6 1.8.7) (6b18-1.8.7-0ubuntu2.1)
OpenJDK Zero VM (build 14.0-b16, mixed mode)
GMP 4.3.2 (half the size of 5.0.2, and no speed difference) LGPLv3
Wrapper 3.5.9 GPLv2
All binaries stripped.
As on the Android emulator, the stock BigInteger.modPow()
has some serious bug on arm.
Without the libjbigi checked in here, the JVM crashes almost immediately.
With this checkin I'm trying to lessen the occurences of ticket #474:
If a user installs I2P on top of an already existing I2P installation with the service
enabled, the installer will hang. The Quit button cannot be clicked. Clicking
the X in the corner seems to roll back the installation.
Also #472: service is not removed when I2P is uninstalled
working directory set to $INSTALL_DIR, C:\Program Files\I2P is not removed in
XP.
...but even with the working directory removed, the the Uninstaller folder is left
within $INSTALL_DIR in Windows 7.
for use with a 32 bit JRE.
Rationale:
On an x64 system using a 32 bit jvm Without the 32 bit libwrapper, messages
like this will be shown in wrapper.log with the wrapper in MTN & I2P >= 0.8.7:
-----------------------
Launching a JVM...
WrapperManager: Initializing...
WrapperManager:
WrapperManager: WARNING - Unable to load the Wrapper's native library 'libwrapper.so'.
WrapperManager: The file is located on the path at the following location but
WrapperManager: could not be loaded:
WrapperManager: $I2P/lib/libwrapper.so
WrapperManager: Please verify that the file is both readable and executable by the
WrapperManager: current user and that the file has not been corrupted in any way.
WrapperManager: One common cause of this problem is running a 32-bit version
WrapperManager: of the Wrapper with a 64-bit version of Java, or vica versa.
WrapperManager: This is a 32-bit JVM.
WrapperManager: Reported cause:
WrapperManager: $I2P/lib/libwrapper.so: $I2P/lib/libwrapper.so:
wrong ELF class: ELFCLASS64 (Possible cause: architecture word width mismatch)
WrapperManager: System signals will not be handled correctly.
-----------------------
With libwrapper.so removed, one sees the following:
WrapperManager: WARNING - Unable to load the Wrapper's native library because none of the
WrapperManager: following files:
WrapperManager: libwrapper-linux-x86-32.so
WrapperManager: libwrapper.so
WrapperManager: could be located on the following java.library.path:
WrapperManager: $I2P
WrapperManager: $I2P/lib
WrapperManager: Please see the documentation for the wrapper.java.library.path
WrapperManager: configuration property.
WrapperManager: System signals will not be handled correctly.
-----------------------
The 32 bit lib names, when installed on an x64 system, will match the alternate
names that the wrapper looks for.
Fixed single quotes.
Email follows:
...
I attached file "snark-messages_pl.po.gz". I give you permission to use this file in I2PSnark distribution.
If you don't believe me that it is true polish translation, you can check it with some web translator.
Fist I used ordinary text editor to translate. Later I used Poedit <http://www.poedit.net/>.
And I don't know why it gives strange error messages when I save the file.
17:43:29: snark-messages_pl.po:172: a format specification for argument {0} doesn't exist in 'msgstr'
17:43:29: snark-messages_pl.po:177: a format specification for argument {0} doesn't exist in 'msgstr'
17:43:29: msgfmt: found 2 fatal errors
_______
greetz,
polacco
Tested in Windows 7.
As has been customary, these were linked with gmp-5.0.2.
Built using
"x86_64-w64-mingw32-gcc (GCC) 4.5.3" on Debian Sid with debug symbols stripped
using x86_64-w64-mingw32-strip.
The Tanuki Software website states "64-bit Windows versions of the Java Service Wrapper
are not currently being made available in the Community Edition." The Makefile
for x86_64 is missing from the upstream tarball as well.
Well...included in this checkin is a diff against
$WRAPPER-3.5.9-SRC/src/c/Makefile-windows-x86-32.nmake (see the README in
installer/libs/wrapper/win64.
- removing from /build.xml
- moving recent changes from installer/resources/postinstall.bat to installer/install.xml
- dropping installer/resources/postinstall.bat
* JBigI:
- Add new libjbigi-linux-xxx.so files built by sponge, now that we have
CPUID.java support for them (thanks hottuna).
See http://zzz.i2p/topics/306 for discussion and test results.
64-bit processors (atom, core2, corei, nano):
Built with GMP 5.0.2. License is LGPLv3.
Built by sponge with GCC 4.4.4, downloaded from
http://sponge.i2p/files/jbigi/gmp-5.0.2/
For 64-bit processors, both performance testing and
the GMP changelog http://gmplib.org/gmp5.0.html led us to use 5.0.2
for both the 32- and 64-bit versions, even though the files are twice as big.
5.0.x contains specific optimizations for atom and nano.
All 64-bit libs have _64 appended.
32-bit processors (pentiumm, geode):
Built with GMP 4.3.2. License is LGPLv3.
Built by sponge with GCC 4.4.4, downloaded from
http://sponge.i2p/files/jbigi/gmp-4.3.2/
The 4.3.2 files are half the size of those built with GMP 5.0.2, and there was
little or no performance difference between the two versions for 32 bit processors.
Compiled using mingw32 in Windows XP (gcc --version returns v4.5.2).
As was done with the Linux and FreeBSD builds, jbigi was linked with gmp-4.3.2
for the 32bit cpus and 5.0.2 for the 64bit CPUs.
Since there current isn't a free version of the wrapper for x64 Windows, there
aren't any x64 versions of these dlls.
The aging v3.1.x of the java wrapper is being replaced in this
checkin with the latest (current) stable release, 3.5.9.
There is now only one copy of wrapper.jar, located in wrapper/all.
The build.xml scripts have been changed to reflect this new path.
All binaries--with the exception of solaris (I don't have
SPARC hardware)--have been stripped.
FreeBSD x64 is being included in this release.
I have only included the x86 macosx wrapper due to not having a
system to test the x64 code on. On the plus side, the wrapper is
universal (a FAT powerpc & Intel Mac) binary. No more prompting
to install Rosetta!
Just as was done with Sponge's compiles for Linux, the 32bit libs/cpus were linked with gmp 4.3.2.
The 64bit compiles were linked with gmp 5.0.2. The 32bit compiles for 64bit cpus were linked with 5.0.2 as well.
All .so files were compiled with the default gcc on FreeBSD-8.2-RELEASE
gcc (GCC) 4.2.1 20070719 [FreeBSD]
- Import the main_rules file and remove the copied rules
- Set the version code and name in the apk badging
- Build target is 8 to allow SD install, MIN-SDK is still 3
- Fix NPE on new install
- Remove some debug code from NBigI
- Replace old non-PIC 62-bit linux libs (GMP 4.1.4 built in 2005)
with PIC libs built with GMP 5.0.2. License is LGPLv3.
Built by sponge with GCC 4.4.4, downloaded from
http://sponge.i2p/files/jbigi/gmp-5.0.2/
For 64-bit processors, both performance testing and
the GMP changelog led us to use 5.0.2 for both the 32- and 64-bit versions,
even though the files are twice as big.
See http://zzz.i2p/topics/306 for discussion and test results.
libjbigi-linux-athlon64.so was a 64 bit file; by the new naming standard
supported by NativeBigInteger, it is now a 32-bit file and the
64-bit one is libjbigi-linux-athlon64_64.so.
All new 64-bit libs will have _64 appended.
- Update build docs
with PIC libs built with GMP 4.3.2. License is LGPLv3.
Built by sponge with GCC 4.4.4, downloaded from
http://sponge.i2p/files/jbigi/gmp-4.3.2/
The 4.3.2 files are half the size of those built with GMP 5.0.2, and there was
little or no performance difference between the two versions for 32 bit processors.
See http://zzz.i2p/topics/306 for discussion and test results.
- More efficient build of i2p.jar and crypto.jar
- More build fixes
- Merge package configuration resource with configuration file on device if it exists
- Add launcher icon, resized from installer/resources/eepsite.help/help/lib/itoopie.png
- Start of a libjbigi build script
- Increase min API to 3 so we can use JNI
- Use java.security.MessageDigest instead of bundled GNU SHA-256 code
if available, which it should always be.
5 to 20% faster on Oracle JVM; 40 to 60% on Harmony;
5 to 15% on JamVM; 20x (!) on GIJ.
- Use java.security.MessageDigest instead of bundled Bitzi SHA-1 code
if available on non-Oracle JVMs, which it should always be.
Not faster on Oracle JVM; 30 to 60% faster on Harmony;
15 to 20% on JamVM; 10-15x (!) on GIJ.
In some distributions (such as Debian, for example) net.ipv6.bindv6only=1 is
set by default. In some configurations, networking in java applications will be
broken. Someone recently came into #i2p experiencing this very problem.
This change closes#464.
- Append I2CP Version information to the Get/Set Date Messages,
so that both the router and client are aware of the other side's version,
and future protocol changes will be easier to implement.
Previously, router version information was not available to the client,
so when router and client were in different JVMs,
old clients would work with new routers
but new clients would not work with old routers.
After this change, we can design future changes so that new clients
will work with old routers.
This is an enhancement to the old protocol version byte sent by the client,
which we have never changed and probably never will.
- Prevent a client from setting the router's clock
- Javadocs
Braces were put around variable names so that router will run in kFreeBSD.
runplain.sh should now be shell agnostic (it runs in dash. it even runs in
*posh*, a ridiculously picky shell).
which caused eepget to repeatedly retry the new redirect
of an i2paddresshelper query by the HTTP proxy.
This was clearly non-compliant (the Location: header requires
an absolute URI including any query string).
This was part of the original redirect handling added by
jrandom to eepget back when it was in syndie;
appending that changelog just in case this hackery was
required by Freenet USKs, which I doubt.
Also, reset the redirect counter when retrying.
==============
Revision: 62a8cac8565958d111d0a47a443c964918d2e3ef
Parent: 277fe109ea4416f7d8a6dba6e09cd4f605a8ce1a
Author: jrandom@i2p.net
Date: 10/22/2006 15:06:30
Branch: i2p.syndie
Changelog:
...
- add support for HTTP 301 redirects to EepGet (so freenet USKs work as
intended)
This commit splits the i2p package into a second package, i2p-router.
* The new 'i2p-router' package does not depend on the java-wrapper nor jbigi.
Jbigi is recommended. This package can be installed on the ports or
distributions that the java-wrapper is not available for.
* The new 'i2p' package depends on i2p-router, libjbigi-jni, and the java-wrapper.
This package will add the i2psvc system user and the initscript. Existing
users of the i2p package will have the i2p-router package pulled in
automatically and for them there will be no usability changes.
Executive summary: No functionality changes will take place for either those
that installed the i2p package in the past or those that
install the newly split i2p package. For them, "The Song
Remains the Same."
- Increase max fast and high-cap tier sizes
- Slow profile eval cycle after sufficient uptime
- Fix bug which started a new build after a successful build
- Misc. cleanups
* DataHelper: Speed up eq() (Ticket #437)
* HTTPServer: Strip inbound X-Accept-Encoding header
* netdb.jsp: HTML fixes
* Plugins: Log error when console server not found
* Reseed: Log tweak
- Fix bugs in flushes
- Add magic numbers for free pages and free list
- More bounds checking
- Lots of checks for double-kill / double-free
- Make some freelist errors non-fatal
- Cleanups, logging, javadocs, test code
- Automatic corruption repair in blockfile
- Automatic removal of bad entries in BFNS
- Use unsigned shorts to extend max lengths to 65535
- Check max length
- Throw IOE on negative ints
- Tweak fromProperties() exceptions
- Fix DataHelper encoding issues (ticket #436)
- CSS tweaks
- Use getNames() for merging to hosts.txt naming services to avoid O(n**2)
- Fix naming service selection
- Don't merge from master book unless publishing
- Add naming service and direct config options
- Refactor handling of required stats
- Shorten description of required stats
- Improve save messages on configstats.jsp
- Change bw.sendBps and bw.receiveBps stats to bytes, not Kbytes
- Expires directive for graphs
sha1sum 7d76f5cdec625fd1ce21acc0e46d286fbd6d307f
Released 2008-09-05
Downloaded from http://sourceforge.net/projects/jrobin/files/jrobin/1.5.9/
License: LGPL 2.1
It appears that the only difference from 1.5.9 is it was compiled with Java 5
instead of Java 6. The 1.5.9 jars out there also contain the large font .ttf files,
which are not in 1.5.9.1.
The only announcement I could find about 1.5.9.1 is here:
http://opennms.530661.n2.nabble.com/Am-I-missing-something-td841945.html
The following directories are dropped from the jar during the build process:
org/jrobin/cmd/
org/jrobin/convertor/
org/jrobin/inspector/
- Fix search capability
- Fix result count and view within results
- Fix published address book
- Fix ngettext
- Cache size
- Fix 0-9 filter
- Addressbook updates via API, except for published
- More query options
- More exception logging
- Fix lookup infinite loop
- Fix lookup NPE
* SusiDNS:
- Refactoring for new NamingService API
- Initial conversion to new NamingService API
(still needs work)
- Fix lots of HTML warnings
- Some Java 5 cleanup
- Parameterize download button tags (ticket #425)
- Clean up summary bar HTML warnings
- Just display a summary bar link for text browsers
- Move welcome div from the readme files to index.jsp
- Require a nonce to change language
- Fix numerous readme HTML errors
- Fix flag locations in readmes
- desktopgui.enable now defaults to false; run systray if false
- Start icon app before console
- Restore systray form in configservice.jsp
- Only save lang when clicking on flags if desktopgui is running
- Only allow two-letter lang code from cgi parameter
- A flag of for the Arabic language, including the four Pan-Arab colors. Note: This is the 1917 Arab revolt / Hashemite dynasty flag.
Source:
http://commons.wikimedia.org/wiki/File:Arabic-Language-Flag.svg
License:
I, the copyright holder of this work, release this work into the public domain. This applies worldwide.
In some countries this may not be legally possible; if so:
I grant anyone the right to use this work for any purpose, without any conditions, unless such conditions are required by law.
Converted to 16x11 png by zzz / gimp
- revert ch flag old change
- Add includeAntRuntime=false to all javac targets
- Add build date, mtn rev, and changed file list to all manifests
- Add unless=uptodate to all jar and war targets
(bob and dtg still todo)
* fix build script poupdate target on windows
* change messages_nl.po's encoding to UTF-8 (desktopUI)
* add message_zh.po for desktopUI
- POs not translated yet, just updated
- Add experimental bandwidth limiter
- Add I2PSession API method to update tunnel and bandwidth
configuration on an existing session
- Filter more system properties before passing them to the router
- Convert everything from DataStructure to the
new DatabaseEntry superclass
- Optimizations made possible by DatabaseEntry
- Don't rescan netDb directory unless changed
- New SDSCache for SimpleDataStructures
- New SimpleByteCache for byte[]
- Cache Hash, PublicKey, and SigningPublicKey
- Remove global lock in ByteCache
- Fix changing 'use open trackers' config setting (old bug)
- More TrackerClient fixes for no primary announce
- More BEValue.toString() improvements for debugging
- Better BEValue.toString()
(most of the following got missed in the last checkin)
- Fix about 9 NPEs
- Fix numwant in magnet mode
- Send metadata size in extension handshake
- Open trackers are primary if we don't have primary trackers
- Add missing break in port message handling
- Increase max msg size to account for metadata msg
- Remember magnets across restarts
- Drop peers w/o extensions if we need metainfo
- Fix DATA messages
- Fix tracker transition to non-magnet
- Fix infohash for non-magnet
- Fix up peer transition to non-magnet
- More logging
- Move BWLimits and DestLookup message support from
I2PSimpleSession to I2PSessionImpl
- Include the Hash in the DestReplyMessage on a failed lookup
so the client may correlate replies
- Add support for parallel lookups and BWLimits requests
- Add support for specifying the timeout for DestLookups
(can only be smaller than the router timeout for now)
- Extend dest lookup router timeout from 10s to 15s
- Change the UpdateHandler to try all sources in a loop, rather than one,
so the user need not retry manually
- For each source, fetch the first 56 bytes and check the version
before downloading the whole thing, so we need not wait for every
host to have the latest before updating the news.
- Fix numwant in magnet mode
- Send metadata size in extension handshake
- Open trackers are primary if we don't have primary trackers
- Add missing break in port message handling
- Increase max msg size to account for metadata msg
- Remember magnets across restarts
- Drop peers w/o extensions if we need metainfo
- Fix DATA messages
- Fix tracker transition to non-magnet
- Fix infohash for non-magnet
- Fix up peer transition to non-magnet
- More logging
to allow locking and prevent interference by the DirMonitor
- More checks for whether torrent is already running
- Consistent filename filtering in all cases
- Allow null announce string
- Move snarks map to a CHM
- Remember last tracker selection
- Add callback for reception of metainfo
- Restore text (ticket #273)
- Fix several HTML errors (ticket #273)
- Fix HTML error causing info links to be unclickable in dillo (tiicket #273)
- Fix alt text duplicated or looking bad in text browsers (ticket #273)
- Fix Opera button errors (ticket #332)
- Fix POST resubmission errors (ticket #334)
- Catch FetchAndAdd copy error (ticket #352)
- Set permissions on downloaded torrent files
- Hide some columns when not running
- Lots of spacing cleanups
- Rename images so users don't end up with unused files
- Remove ~15 unused images
- Clean up theme selection speed-coding exercise
- Indent fixes
- Add SSL support - To enable, change clients.config. Examples:
## Change to SSL only - just add a '-s'
clientApp.0.args=-s 7657 ::1,127.0.0.1 ./webapps/
## Use both non-SSL and SSL - add '-s port interface'
clientApp.0.args=7657 ::1,127.0.0.1 -s 7667 ::1,127.0.0.1 ./webapps/
## ...and change URLLauncher args further down for the browser to open https:// at startup if you like.
- For clients, use a common thread pool that expires idle threads
rather than keeping 5 accept() threads for each client.
This also removes the configurable (30s default) max wait time
for a socket, this may have to be restored.
- Use pool for HTTP decompression also.
implemented in 0.7.9 to an internal Queue that directly
passes I2CPMessage objects. For in-JVM clients,
this eliminates two writer threads per client and
avoids the serialization/deserialization of I2CP messages.
- Use System locale and time zone for default date/time format,
so it matches the wrapper log time (we can't set the wrapper log time zone).
(existing installs must remove logger.dateFormat line
in logger.config to get system default format)
- Force RuntimeExceptions to CRIT level
- Don't have log() count buffer size
- Drop queued outbound requests when choked
- Redo some data structures and locking to hopefully prevent deadlock
- Memory reduction part 3: Return partial pieces to PeerCoordinator when choked
The only defecency is that if one is running, that it considers the
entire pliugin to be running. I'm not sure if that is a good thing
or a bad thing, but the other code checks threads that way.
- Convert GraphHelper to a FormHandler
- Require POST for all forms
- Change the way we store the Writer to prevent problems
- Fix bonus setting on configpeer.jsp
- More ".jsp" removal
- Implement additional CA loading
- Provide facility to reuse SSL state for speed
- Provide facility to store previously untrusted certificates
- Add SSL reseed hosts, prefer them by default
- Reseed message cleanup
* build.xml:
- Add www.cacert.org cert to the installer and updater so
SSL on a.netdb.i2p2.de and c.netdb.i2p2.de will work
- Cleanup, fix distclean error in older ants.
- Change translation of some terms:
+ тред -> поток
+ журнал -> лог
+ аптайм -> время работы
- use lowercase for second word where needed
- Reorder words where needed
These things was discussed on irc #ru
- Shim in a new abstract superclass I2PTunnelHTTPClientBase for common code
- Add local proxy username/password authorization
- Add outproxy username/password authorization
- Filter hop-by-hop Proxy headers appropriately
- Shim in 3 new abstract classes
SimpleDataStructure, KeysAndCert, and DatabaseEntry
===========
Right now, everything in net.i2p.data extends DataStructureImpl.
There are several goals for adding some intermediate abstract classes,
between DataStructureImpl and the concrete classes:
1) Merge common code
2) Make the simple cases (a single byte array) more efficient
by adding a common base class.
I'm calling this one SimpleDataStructure.
3) Make a common base class for Destination and RouterIdentity
since they are almost exactly the same thing.
Consolidate the getters/setters and hash functions here.
I'm calling this one KeysAndCert.
4) Make a common base class for LeaseSet and RouterInfo so
so netDb and I2NP can handle them easier, without doing
"instanceof" all over the place.
Consolidate the hash, signature, and routing key functions here.
I'm calling this one DatabaseEntry.
5) Make it easier to add more object caching.
The additional classes are retrofit
above many of the data types:
DataStructureImpl (unchanged)
-------------------
ByteArray
Certificate
Lease
Payload
RouterAddress
TunnelId
SimpleDataStructure (new)
-------------------------
Hash
PrivateKey
PublicKey
SessionKey
SessionTag (was ByteArray)
Signature
SigningPrivateKey
SigningPublicKey
KeysAndCert (new)
-----------------
Destination
RouterIdentity
DatabaseEntry (new)
-------------------
LeaseSet
RouterInfo
- Limit number of parallel requests of a single piece when in the end game
- Shorten and weight the speed tracker so the display is more
reflective of current speed
and '4ef1d99f924ee431587d6f85241540e031fecbc1'
to branch 'i2p.i2p'
Explicit merge from test4.
1.6 JDK now required to build.
1.5 JRE still OK to run I2P.
* configlogging.jsp:
- Add easy way to add an override
- Make file size specifier more flexible
* Console:
- Sort RouterAddress options on netdb.jsp and peers.jsp
- Remove unused web-*.xml file from war
* Crypto:
- Convert all ArrayList caching to LBQs in YKGenerator,
HMACGenerator, and AESKeyCache.
- Change DSAEngine params from Hash to new SHA1Hash, since
these were really 20 byte hashes, not 32 byte Hashes.
- Add stats to track YKGenerator caching success
- Fix YKGenerator precalculation to be much more useful by
increasing the cache size and dramatically shortening the delay
- Option cleanups
- YKGenerator cleanups
- Mark HMAC256Generator unused
* EepGet: Reset length variable on redirect
* Files: Change permissions to 600/700 for all written files/directories.
Now requires Java 1.6 to build, but only 1.5+ to run.
(requires 1.6 to set permissiomns)
* GeoIP: Fix locking bug causing lookups to stop
* Hash: Throw IAE if data length is not 32 bytes,
now that DSAEngine abuse is gone
* HTTPResponseOutputStream:
- More caching
- Stats cleanup
- Max header length check
- Catch OOM
- Initializer cleanup
- Javadoc
* I2CP:
- Add new option i2cp.messageReliability=none, which prevents the
router from sending MessageStatusMessages back in reply to an
outbound SendMessageMessage. Since the streaming lib always ignored
the MSMs anyway, make it the default for streaming.
This will reduce the I2CP traffic significantly.
MSM handling now avoided, but it is still fairly broken, see
comments in I2PSessionImpl2.
- Cleanups to replace method calls with fields
- More cleanups, javadoc, rate reduction
* i2psnark:
- Compact response format
- Add link to finished torrent in message box
- Don't let one bad torrent prevent others from
starting or stopping
- Sort peers by completion %
- Add some missing mime types to web.xml
- shouldLog() cleanup
* i2ptunnel:
- Now that streaming flush() is fixed, use it in IRCClient, and
for initial data in I2PTunnel runner, to avoid the 250 ms
passive flush delay
- Add hostname DSA signature field, to be used for addkey forms.
Experimental, may be commented out later.
- More header blocking (thanks telecomix!)
- Remove unused web-*.xml file from war
* Installer: Add startup hint for non-x86
* Javadoc updates all over the place
* LogConsoleBuffer: Java 5
* Naming:
- Increase cache size and expiration time
- Add clearCache() method
- Don't use EepGet or Exec for b32
- Javadoc updates
* NetDB:
- Expire unreachable routers quickly, even if they don't have introducers,
so we don't have old data on routers that ran out of introducers.
- Fix rare NPEs at shutdown
* NTCP:
- Workaround for a rare 100% CPU bug in EventPumper
- Cleanups
* Streaming:
- Make flush() block less, by waiting only for "accept" into the
streaming queue rather than "completion" (i.e. ACK from the far end).
This prevents complete stalls when flushing, and should help performance
of apps that use flush(), like i2psnark (and SAM?).
close() still does a flush that waits for completion, as i2ptunnel
doesn't like a fast return from close().
- cleanups
* SusiDNS:
- Remove unused web-*.xml file from war
* TransportManager: Convert _transports from a List to a CHM
to prevent a rare concurrent exception
* Tunnels:
- Don't use peers < 0.7.9 for tunnels due to the old
message corruption bugs
- Javadoc
- Cleanups
* UDP:
- Beginnings of destroy message support
- Try to avoid running out of introducers by relaxing selection criteria
and increasing minimum number of potential introducers
- Avoid rare AIOOBE
- PacketBuilder refactor
- Make most classes package private
- Comments
- Logging cleanup
- Comment out a main()
- Make flush() block less, by waiting only for "accept" into the
streaming queue rather than "completion" (i.e. ACK from the far end).
This prevents complete window stalls when flushing, and should help performance
of apps that use flush(), like i2psnark (and SAM?).
close() still does a flush that waits for completion, as i2ptunnel
doesn't like a fast return from close().
- flush/close javadocs and comments
* i2ptunnel:
- Now that streaming flush() is fixed, use it in IRCClient, and
for initial data in I2PTunnelRunner, to avoid the 250 ms
passive flush delay
- Expire unreachable routers quickly, even if they don't have introducers,
so we don't have old data on routers that ran out of introducers.
- Fix rare NPEs at shutdown
- Add new option i2cp.messageReliability=none, which prevents the
router from sending MessageStatusMessages back in reply to an
outbound SendMessageMessage. Since the streaming lib always ignored
the MSMs anyway, make it the default for streaming.
This will reduce the I2CP traffic significantly.
MSM handling now avoided, but it is still fairly broken, see
comments in I2PSessionImpl2.
- Cleanups, javadoc, rate reduction
- Convert all ArrayList caching to LBQs in YKGenerator,
HMACGenerator, and AESKeyCache.
- Change DSAEngine params from Hash to new SHA1Hash, since
these were really 20 byte hashes, not 32 byte Hashes.
- Add stats to track YKGenerator caching success
- Fix YKGenerator precalculation to be much more useful by
increasing the cache size and dramatically shortening the delay
- Option cleanups
- YKGenerator cleanups
- Mark HMAC256Generator unused
* Base64: comment out some unused methods
* Remove huge whitespace in CryptoConstants
* ElGamalAESEngine:
- Reduce rates
- Check number of tags earlier
- Rework PeerID class so it depends only on peer desthash, since
peer ID is not available with compact format. Implement deferred
lookup of destination.
- Implement compact tracker requests and response handling
(may not be the final format)
- Fix Peer hashCode()
- Java 5
- Use new receivedAsReply flag in LeaseSet to mark
those received as response to a query
- Mark which methods in FloodfillPeerSelector may return
our own hash
- Redefine selectNearest() so it may return our own hash,
so it can be used for closeness measurement
- Redefine findNearestRouters() to return Hashes
instead of RouterInfos
- Fix LeaseSet response decisions for floodfills, based
on partial keyspace and closeness measurements
- List only count of published leasesets in netdb
Show definitions panel if any transport is enabled (was: only for UDP).
Use div.wideload for the whole page (was: only for transports and broken if only one of them enabled).
jbigi's build.sh had a number of failed assumptions as per where I2P and JAVA_HOME were which needed to be removed and a warning put in their place. A better solution would be to have some way to search for JAVA_HOME and I2P in common locations, but at least this solution works if you do it manually:
I2P=~i2p JAVA_HOME=/usr/lib/jvm/java-6-sun-1.6.0.20 sh build.sh dynamic
thank zzz for prodding me to do this
Loading a class would be one of them!
So we do a quick check first, If it bombs out, we delay and try again.
If it bombs after that, then we throw the ClassNotFoundException.
- Add a per-cache stat
- Limit each cache based on max memory
- Disable in UDP MessageReceiver
- Add clearAll() method to be called when under
severe memory pressure; call from Router
- add configs/win batchfiles to installer/resources/portable
* currently only pkg-portable-win32 on win32 available
need linuxers to write target preppkg-portable-nix/pkg-portable-linux
and enable pkg-portable-win32 on linux (i doubt anyone need it ?)
shell scripts should goto installer/resources/portable/configs/linux/
Enter b32 or b64 hash or dest into list box, and
check enable for whitelist. Uncheck enable and enter
i2cp.enableBlackList=true in advanced i2cp options for
blacklist. Todo: make black/whitelists radio buttons.
Fix the window size increment logic so it does it much more often.
The code increased the window size by MSS * MSS / N, like
in RFC 2581, but it did it only once every N,
so that was like MSS * MSS / N**2.
Now do it all the time, except for isolated packets like keepalives
that aren't using more than one message of the window.
Seems to speed up outbound significantly, without any
noticable increase in stream.sendsBeforeAck.
- Detect and drop dup SYNs rather than create
a duplicate connection - will hopefully fix
"Received a syn with the wrong IDs"
- Send reset for a SYN ACK with the wrong IDs
- Don't send a reset to a null dest
- Logging tweaks
- Cleanups
- Always show start button for webapps and plugins
* configclients.jsp, configupdate.jsp:
- Fix submission when entering CR in a text box
* Plugins:
- Stop all plugins at shutdown
- Log tweaks
* WebApps:
- Remove the WAC after stopping it
- Stop a WAC before starting it to prevent dups
- Send numwant=0 if we don't need peers
- Report returned complete and incomplete counts
if higher than peer count
- Allow missing peer list
- Log tweaks
- Negative delay means run immediately and inline
- Add methods to test class and run inline,
to propagate errors to the console
- Add javadoc for clients.config format
- Use new methods for plugins
- Big refactor of several classes for concurrent,
elimination of several locks
- Reduce max number of resent acks in a packet to
lower overhead
- Take incoming messages from the head of the queue,
not sure why taking them from the tail "reduces latency"
- Java 5 cleanup
- New, for filtering IRC client traffic when using SOCKS
* I2PTunnelIRCClient:
- Make filter classes static and public for use by SOCKS
- Eliminate redundant case conversion
- Pass ISON message through (jIRCii uses it for pings)
- Switch back to StringBuffer since it's used by 2 threads
- Set daemon on filter threads
* SOCKS5Server:
- Fix handling of multiple authentication methods
- Put B32 instead of B64 in Host: header, saves 450 bytes
- Eliminate some redundant lookups
- Fix http://i2p/b64/ and /eepproxy/site/ requests
- Disallow a port specified for an i2p address
- Cleanup and comments
- Replace the unused-since-2006 TimedWeightedPriorityMessageQueue
with DummyThrottle
- Don't instantiate and start TWPMQ Cleaner and OutboundRefiller
threads, part of priority queues unused since 0.6.1.11
- Don't instantiate and start UDPFlooder, it is for testing only
will be transparently unpacked with unpack200. Savings is about 60%.
Someday we will do this for suds, but we can do it for xpi2ps now.
* build: Add updater200 target
- Add js delete confirm
- Remove delete button for webapps
* i2psnark:
- Ignore a non-i2p tracker in a torrent rather than deleting
the torrent, thus "converting" a torrent to in-netowrk use
via the open trackers
- Add js delete confirm
- getFramedAveragePeerClockSkew() now returns a long (ms);
was a Long (s)
- Implement NTP-style clock slewing so the clock is adjusted
gradually
- Implement clock strata so we prefer better clocks
- Implement a timestamper in the transport so we will periodically
update the clock even if NTP is not working
This allows the router to converge the clock instead of simply
hoping the first connected peer is correct.
- Slow down NTP attempts after several consecutive failures
- Check plugin key against all installed plugins
- Reword some error messages
* VersionComparator: add '-' and '_' as valid separators
to better support plugin and java version checking
The license is BSD for launch4j and MIT for the wrapper code in head/
Changelog is in installer/lib/launch4j/web/changelog.html
Hopefully this will fix installs for 64-bit JRE on 64-bit windows.
The previous version was 2.0-RC3 2005-08-13.
The previous license was GPLv2 for launch4j and LGPLv2.1 for the wrapper code in head/
The bin/ld.exe and bin/windres.exe files were contributed by
i2p users in 2005 so the i2p installer could be built on windows.
They have not been updated for 3.0.1, so pkg builds on windows
will presumably still get 2.0-RC3.
* configclients.jsp: Use new WebAppStarter so webapps that are
started later also get the temp dir, password, and classpath
configuration just like if they were started at the beginning
* configupdate.jsp: Delay after checking for update so the
summary bar will have buttons.
- Randomize Build Message expiration to make it harder to guess hop position
- Save expired tunnel build configs for a while, so that we will still use the tunnel
and update peer stats if the reply comes in late
- Don't update our own profile for Tunnel Build Replies
- Add getRecordCount() to TunnelBuildMessage and TunnelBuildReplyMessage
so they can be extended.
- New I2NP Messages VariableTunnelBuildMessage and VariableTunnelBuildReplyMessage,
which contain the number of request slots in them.
- Convert all static assumptions of 8 slots to getRecordCount()
- Use the new VTBM if all hops in the tunnel and the OBEP or IBGW of the reply tunnel
support it, and the tunnel is 4 hops or shorter.
- Reply to a VTBM with a VTBRM of the same size
- Make BuildReplyHandler static
- Convert the currentlyBuilding List to a ConcurrentHashMap to speed reply lookups
and eliminate a global lock; don't put fallback tunnels in there
- Add new tunnel.corruptBuildReply stat
- Various cleanups and javadoc
Tested as compatible with current network, new messages untested.
- Store and report UDP clock skews even for large values, so
a badly skewed local clock will be reported to the console
- Don't shitlist for NTCP clock skew if we don't know what time it is
- If NTP hasn't worked yet, have NTCP or SSU update the clock one time
- Include failed clock skew in NTCP skew vector if there aren't many connections
- Don't include NTCP clock skews for non-established connections
- Fix framed clock skew frame size
- Report framed clock skew even if for only one peer, if NTP hasn't worked yet
- Don't log RRD errors after clock adjustment
- Reduce min skew for console warning to 30s (was 45s)
- More Java 5 cleanups
- Enable multiple parallel job runners much sooner to speed startup
- Rearrange the startup order to get the long jobs started sooner
- Don't allow the netDb readin job to clog the job queue
on a stream... AKA setting keepalive. This should fix the stuck NTCP
issue that has been bothing zzz for years.
* Set keepalive on BOB connections too, since this will assist closing
the connections in the event of a crash on a client.
Since the earliest date functions as a version number,
this will force the floodfill to flood each new version;
otherwise it won't if the earliest time hasn't changed.
- Do LS stores and verifies through client tunnels
to prevent correlation by the OBEP or FF
- Encrypt LS stores to prevent snooping by the OBEP
- Encrypt LS and RI verifies to prevent snooping by the OBEP
- Extend verify delay and timeout
- Reenable RI verifies
- Disallow simultaneous verifies for the same key
- Don't resend on verify timeout; try a different peer instead
- Adjust ff selection criteria
- More code to detect improper reuse of cached objects
after release
- Don't pass a msg with a failed IV on to
the FragmentHandler at the OBEP
- More cleanups and comments
as it may be reused if retried in another transport;
a nasty bug causing corrupt messages
- Lots of code to detect improper reuse of cached objects
after release
- Do RED dropping before the IBGW fragmenter, not after
- Change batch time to 250ms for IBGWs (was 100ms)
- Change batch time to 150ms for exploratory OBGWs (was 100ms)
- Start a new message in the fragmenter if almost full
- Fix a major, longstanding synchronization bug in the FragmentHandler
which led to corrupt messages at the endpoints
- More cleanups and comments
- Fix status to show a disconnected network error rather than
clock skew or UDP error when disconnected
- Use peer clock skew rather than clock offset for determining
whether to display clock skew error, i.e. display what matters
* Transport: Rework peer clock skew method to always return a value
by falling back to router clock offset;
Fix possible AIOOBE and divide by zero; remove logging;
reduce min number of peers
- Switch all I2PThreads to I2PAppThreads
- Run an InternalSocket as well for the HTTP Proxy
* EepGet: Use InternalSocket
* Console: Change "depth" to "length"
- Switch from ArrayList to ConcurrentHashSet in
KBucketImpl to reduce chance of deadlock;
remove periodic shuffling of the bucket,
needs to be addressed elsewhere
- When an "immediate" ack is requested, do it within
250 ms (was 2000)
- Request immediate acks when < 1/3 of window remains,
or when < 3 packets remain in window,
and every 8 packets (was when < 2 packets in window remain)
- Change requested delay to RTT/2 (was RTO/2)
- Log cleanup and javadoc
- Add support for error page translations
- Add support for external pages for all errors
- Fix lack of \r in error page headers
- HTML transitional fixes
- Cleanups
was not doing unsigned comparisons!
* Floodfill rework part 2 of N:
Store closest to the key, subject to last failed
lookup and store stats.
* FloodfillPeerSelector: Use standard XORComparator
instead of messing with BigInteger
* FloodfillVerifyStoreJob: Set correct timeout for
requeued store job
* KNDF: Rework getPeerTimout() to use 1 day averages,
and lower the min, max, and multiplication factor.
* Publish jobs: Lengthen timeout to 90s (was 30s for
routerinfos and 60s for leasesets)
* StoreJob: Limit max peer timeout to 15s for direct stores
- Fix bug where reply selector wasn't registered for
routerinfo stores, so we didn't get stats, and
we kept retrying. This also prevented verification
and profile updates for routerinfo stores.
This bug was introduced 4 years ago by the change to
store routerinfos directly.
- Add dbStoreSuccessful() to profile, and have FVSJ
call it or dbStoreFailed() as appropriate to give
credit or blame to the floodfill we stored to.
- Don't let FVSJ verify using the peer we stored to
- Reject torrents with too many pieces
- Reject torrents with a single file named *.torrent
- Increase max piece size to 2MB (was 1MB), but reduce
max number of connections to lessen ooms
- countries.txt: Convert to mixed case, include in update
- netdb.jsp: Hide all routers by default, sort and tag country names
- oldstats.jsp: Move to stats.jsp
- profiles.jsp: Show new DBH times instead of counts
* Profiles:
- Track last good and bad lookup times
and last good and bad store times,
to prep for floodfill changes
- Don't reset last-heard-about at router startup
* Checklist and Android readme fixups
- Remove the almost-unused send and receive size RateStats;
this also reduces the effective time for isActive()
- Only store DB history on-demand to save space;
fix up resulting NPEs
- Rewrite TrustedUpdate version comparator, use for netdb version table
so 0.7.10 will be sorted correctly
- Reduce netdb.jsp memory usage
- More tagging fixups
- configclients.jsp fixup for "Web console"
- Don't save config when checking for updates on configupdate.jsp
- Rework ConfigRestartBean and tag
- More tag fixups
- Add lang=xx for testing
- Add file for additional tagged strings
- summerbar related files since drz is working on it
- string requiring word reordering
- string with link in the middle
- string which looks unusual
- string found not in router console source
update the POs
- Don't hide link to configui.jsp for IE any more
- Add lang selection on configui.jsp
- Tag strings in configui.jsp
- Load console_big.css if lang == zh
- Add _x() tag for static iniitializers
- HTML transitional input tags
- Persistent lang setting with routerconsole.lang=xx
- Loading any page with ?lang=xx changes the persistent setting
- Add a custom Jetty handler to load foo_xx.jsp if it
exists for language xx. This is for jsp files with lots
of text in them. Otherwise use inline translate methods.
Not for included jsps.
- Add a script to create and update messages_xx.po translation
files, and create ResourceBundles from them
- Add class to translate strings from cached ResourceBundles
- Add translate wrappers to HelperBase, FormHandler, and *Renderer,
so calls can be made from both jsp and java files
- Add two example translations on configupdate.jsp - one in
the jsp itself and one in the helper.
- This is for strings in routerconsole only. Will be expanded
to other webapps and the router later.
- Enable per-client SessionKeyManagers for better anonymity
- tagsDelivered() now means tags are sent, not acked.
- OCMOSJ uses the new TagSetHandle object returned from tagsDelivered()
to call tagsAcked() or failTags() as appropriate.
- Assume tags delivered on an established session to
reduce streaming lib stalls caused by massive tag deliveries;
should increase throughput and window sizes on long-lived streams
- Unacked tagsets on a new session are stored on a separate list
- Don't kill an OB Session just because it's temporarily out of tags
- Increase min tag threshold to 30 (was 20) due to new speculative
tags delivered scheme, and to increase effective max window
- More Java 5 and dead code cleanups, and more comments and javadoc,
debug logging cleanups
- New I2PSocketEepGet fetches through existing tunnels
rather than through the proxy
- Use new eepget for i2psnark
- Add a fake user agent for non-proxied fetches
- Cleanups
- oops, store leaseset locally even when shutting down
(fix -16)
- Java 5 cleanups
* PRNG:
- Rename config option to prng.buffers (was router.prng.buffers)
- Change the default from 16 to 2 for I2PAppContext (saves 3.5MB)
* TunnelPool:
- Don't test tunnels when shutting down
- Less rates
- Java 5 cleanups
Prep for SessionKeyManager work in the router -
Fix up SKM renderStatusHTML(); add debug.jsp to see it;
Redefine getClientSessionKeyManager();
More cleanups
- Fix problems where a requested unsigned update would actually
kick off a signed update
- Fix problem when policy set to notify, and clicking
check for update, incorrectly causing unsigned update download
and bad messages
- Verify zip integrity of unsigned updates
- Move zip files to router dir, not base dir
- More tweaks and cleanup
- Fix BufferedStatsLog so it works at all
- Don't instantiate BufferedStatsLog unless stats.logFilters
property is defined (restart now required to enable logging)
This eliminates the StatLogWriter thread and a decent
amount of memory.
- Move two CLI classes out of the lib
- Commment out places where getStatLog() isn't checked for null
- Cleanups
* DataHelper, Router:
- Save config files in UTF-8 rather than the default encoding,
since we read them in UTF-8
* jetty.xml: Change encoding to UTF-8
* logs.jsp: Add system encoding
* NTCP: Clean up clock skew shitlist message
* Shitlist: Clean up expire message
* WorkingDir: Ensure modified files are processed with UTF-8 encoding
* Merge in dr|z3d and my own html fixes for router console java and jsp
files so that Opera (and now IE?) doesn't puke anymore on the missing
and misplaced HTML tags.
* Optimized all jsp files so that they are shorter to save space, which
is then used to fix the broken HTML. We should break even space-wise.
* Bump to -13.
- Make IRC Proxy non-shared, delayed-start, close-on-idle
for new users, for the anonymity benefits (see "Shared Clients,
Correlation and Collusion" http://zzz.i2p/topics/217 )
- Remove "experimental" flag on new client options
* configclients.jsp: Add full path to config file
* Add some path help in some config files
* Code Janitor time! Many fixes and documenting fixes that should be
done in the future. for the most part, this is a general code cleanup.
* On smaller/embedded systems, the "final" keyword cleanups will have
more of an impact than on larger systems.
* Document missing hashCode() methods.
* Unhide more variables to make code easier to read.
- Add new unsigned update option, triggered by
last-modified date, using the new EepHead.
Buttons still are not hidden after download complete.
- Make the .sud updater use the temp dir when proxied
- Several cleanups
- small pedantic fix
* streaming:
- Fix a deadly race condition.
- Some small pedantic fixes.
* core:
- Fix a deadly race condition.
* BOB:
- Fixed some races that occured from fixing races in streaming and core.
- Some badly needed code refactoring to depend less on the database.
under the assumption that they are already talking
to most of the routers, so there's no reason to reject. This may drive them
to their conn. limits, but it's hopefully a temporary solution to the
tunnel build congestion. As the net grows this will have to be revisited.
Under the one-packet-enough theory, and the fact that most
tunnels in a x+1 pool are of length x, variable lengths
don't really help that much. Also, a default of 1 led
to all sorts of problems with iMule/SAM, who was not
setting the variance properties.
This will affect exploratory tunnels for new users,
and those that have never saved a change on configtunnels.jsp,
and iMule users 1.4.5 and earlier.
- Move from a single connection limit threshold (80%) to
two (75% and 87%), and only start rejecting tunnels
at the higher threshold, to increase build success
- Move some limit methods from the transports to TransportImpl
- Add limit methods with a threshold argument
address to no address, so that inbound NTCP is disabled
after SSU detects a firewall. When UPnP was apparently successful
but the router is still firewalled (due to an additional
software firewall or a bad UPnP indication, for example)
the router will now remove the NTCP address.
* General cleanup on streaming and ministreaming.
This fixes some compile warnings, and prepares for a larger fix.
There is no code-flow changes, just lint. One warning remains as I am
unsure exactly how to solve the problem yet.
* Remove the last reference to my eepsite as a "news.xml" source,
and likewise stop my public key from being included
among valid release signing keys.
---------------------------------------------------------------------------------------
* netdb.jsp: Add country chart at bottom, clean up version chart
---------------------------------------------------------------------------------------
* Browser Launch: Wait until the routerconsole is up before launching the browser
---------------------------------------------------------------------------------------
* ReseedHandler:
- check for upper case HREF to be compatible with apache indexes
- Limit exploratory tunnels to connected peers when over
half the connection limit (was 80%)
- Have the high capacity tier fall back to a new connected tier
before moving on to the not failing tier
so that tunnel build success doesn't collapse
* PeerTestJob:
- Limit to connected peers
- Move reseeding from the routerconsole app to
the router, so that we can bootstrap an embedded router lacking a routerconsole
(iMule or android for example), without additional modifications.
This allows better integration between the reseeding function
and the netDb.
- Call reseed from PersistentDataStore, not from the
routerconsole init, and start seeding as soon as the netdb has read
the netDb/ directory, not when the console starts.
- Wake up the netdb reader as soon as reseeding is done,
rather than waiting up to 60s.
- Don't display the reseed button on the console until the
netdb initialization is done.
* NetDb:
- Fix an NPE on early shutdown
* RouterConsoleRunner:
- Catch a class not found error better
- Put the duplicate classes back in the war, because
the jar is not in the wrapper.config classpath in existing
installs. We could take them out of the jar, but then
they won't be available for standalone snark and future
updates via snark.
- Delete the dist/ dir in distclean
- Move FetchAndAdd to static inner class
- Remove duplicate classes from i2psnark.war (120KB);
fixes sporadic FetchAndAdd IllegalAccessError
- Fix standalone build to include i2psnark.jar since classes
aren't in the .war anymore
- Have standalone jetty use I2PAppContext temp directory
- Replace launch-i2psnark.jar with launch-i2psnark script,
since RunStandalone is in i2p.jar
- Clean up jetty-i2psnark.xml, turn off jetty logging
- Remove standalone build from the pkg target in the main build.xml
- Extract files from jar to temp dir, load from that dir, then
copy to the base dir if we have permissions (and failing silently
if we don't), so we have optimized libs and no complaints
when we have a read-only base dir.
- Don't cd to script location, no longer required
* RouterLaunch:
- If no wrapper, put wrapper.log in system temp dir
unless specified with -Dwrapper.logfile=/path/to/wrapper.log
or it already exists in CWD (for backward compatibility)
- Append rather than replace wrapper.log
- Pass wrapper log location to router as a property, so that logs.jsp can find it
* logs.jsp:
- Get wrapper log location from a property too
* runplain.sh:
- Add path substitution to runplain.sh on install
- Pass I2P base dir to the router as a property
* wrapper.config:
- Put wrapper.log in system temp dir for new installs
- Pass I2P base dir to the router as a property
* WorkingDir:
- Don't migrate an existing install by default
- Never migrate the data (too hard)
- Change the wrapper.config classpath to one line: lib/*.jar
This means we lose control of classpath load order, so move the windows installer
jars copy.jar, delete.jar, and exec.jar to a new installer/ directory so
these jars won't be in the classpath or potentially conflict, since
copy.jar and delete.jar include FileUtil.class, and we don't want to have
to remember to add them to the updater if we ever change FileUtil.class.
Delete the installer/ directory in postinstall.sh since it is windows-only.
- Move the console css from default.css in the .war to docs/themes/console/console.css,
and support console themes in the main console with routerconsole.theme=foo
(previous izpack was 3.7.2 from 2005-04-22)
izpack 4.3.0 from :
http://dist.codehaus.org/izpack/releases/4.3.0/IzPack-install-4.3.0.jar
SHA1 f06da6b26ac2c68fed64ab38980352989b8d8841
(no signatures or sha1sums found on website, and the jar is unsigned)
License: Apache 2.0
upack izpack:
java -jar IzPack-install-4.3.0.jar
or
java -jar IzPack-install-4.3.0.jar -console
get the standalone-compiler.jar from the installation lib/ directory:
SHA1 6d2b4a5657bfb864a333b1c4b1c0f8223aa57d80
(no signatures or sha1sums found on website, and the jar is unsigned)
This fixes the bug with the install windows centered in all the
workspaces, not the current workspace. And who knows what other
bugs in the last 4 years.
To fix Vista (and presumably Windows 7) permissiom problems,
add a run-privileged flag for those, and run the new fixperms.bat
which calls icacls to add the privileges to the install directory.
Add support for 6 more language packs found in the new release.
Change from ISO3 codes to native language names.
Disable creation of the i2p.tar.bz2 file in build.xml
(distributed as i2pheadless-0.7.x.tar.bz2), as izpack 4.3.0 now
supports headless installation with java -jar i2pinstall.exe -console.
Update INSTALL.txt and INSTALL-headless.txt accordingly.
* BOB now cleans up tunnels, although they can take up to 5 minutes to
disapear. This is due to the fact that the streaming lib doesn't
actually remove the connections properly and kill them off when the
manager is destroyed. I'm not certain if this is a bug, or a feature,
but it sure is annoying, and you have to wait for the connections to
time out. What should happen is the streaming lib should cause an IO
error to the pending read or write.
Eliminate all uses of the current working directory, and
set up multiple directories specified by absolute paths for various uses.
Add a WorkingDir class to create a user config directory and
migrate files to it for new installs.
The directory will be $HOME/.i2p on linux and %APPDIR%\I2P on Windows,
or as specified in the system property -Di2p.dir.config=/path/to/i2pdir
All files except for the base install and temp files will be
in the config directory by default.
Temp files will be in a i2p-xxxxx subdirectory of the system temp directory
specified by the system property java.io.tmpdir.
Convert all file opens in the code to be relative to a specific directory,
as specified in the context. Code and applications should never open
files relative to the current working directory (e.g. new File("foo")).
All files should be accessed in the appropriate context directory,
e.g. new File(_context.getAppDir(), "foo").
The router.config file location may be specified as a system property on the
java command line with -Drouter.configLocation=/path/to/router.config
All directories may be specified as properties in the router.config file.
The migration will copy all files from an existing installation,
except i2psnark/, with the system property -Di2p.dir.migrate=true.
Otherwise it will just set up a new directory with a minimal configuration.
The migration will also create a modified wrapper.config and (on linux only)
a modified i2prouter script, and place them in the config directory.
There are no changes to the installer or the default i2prouter, i2prouter.bat,
i2prouter, wrapper.config, runplain.sh, windows service installer/uninstaller,
etc. in this checkin.
* Directories. These are all set at instantiation and will not be changed by
* subsequent property changes.
* All properties, if set, should be absolute paths.
*
* Name Property Method Files
* ----- -------- ----- -----
* Base i2p.dir.base getBaseDir() lib/, webapps/, docs/, geoip/, licenses/, ...
* Temp i2p.dir.temp getTempDir() Temporary files
* Config i2p.dir.config getConfigDir() *.config, hosts.txt, addressbook/, ...
*
* (the following all default to the same as Config)
*
* Router i2p.dir.router getRouterDir() netDb/, peerProfiles/, router.*, keyBackup/, ...
* Log i2p.dir.log getLogDir() wrapper.log*, logs/
* PID i2p.dir.pid getPIDDir() wrapper *.pid files, router.ping
* App i2p.dir.app getAppDir() eepsite/, ...
*
* Note that we can't control where the wrapper actually puts its files.
All these will be set appropriately in a Router Context.
In an I2P App Context, all except Temp will be the current working directory.
Lightly tested so far, needs much more testing.
- Don't instantiate unused SessionKeyPersistenceHelper
- Use TransientSessionKeyManager instead of PersistentSessionKeyManager
- Add generics to TransientSessionKeyManager to help understand it
- Change initial session map size to 64 (was 1024)
- Prepare for per-destination SessionKeyManagers in ElGamalAESEngine
- Adjust interface to have persistent and non-persistent methods,
to prepare for partial storage in RAM
* PersistentDataStore:
- Cleanup, simplify, and concurrentify
- Tweak stats
- Remove write limit
- Flush to disk on shutdown
- Don't write out what we just read in
- Reduce displayed entries from 300 to 100
- Add ability to go forward or back
- Make textareas bigger
- Clean up file names
- Clarify messages about filter and search
- No longer use i2np.udp.forceIntroducers
- Tweak UDP port qualification
- Fix allowing low ports again
- Add option to completely disable NTCP, for those behind nasty firewalls
- Use SSU reachability rather than global reachability for determining NTCP reachability,
since we are now reporting NTCP reachability too
the UPnP device goes away - same as for HTTP POST
- Stuff the port mapping requester into a thread so it doesn't
delay everything for several seconds
- Handle UPnP devices that return IP = 0.0.0.0
- Better HTML output when no IP found
- Tweak logging
- Set Disposer thread name
- Keep the control point running after we find an IGD,
so that we get notifications of it leaving or
coming back or replaced.
- Set Status to OK for local public addresses or UPnP port open
- Allow UDP address changes after we transition to firewalled
- Have NTCP start reporting reachability status, this will
get OK on the console more often and mask UDP problems,
which might be good or bad...
- Fix UDP port configuration
- Reword and rearrange configuration options again
- Rearrange configuration help
- More right-alignment on config
- Prevent Concurrent modification exception in UPnP
- UPnP HTML output tweaks - remove "plugin" references
- Move UDP message failed log from WARN to INFO
- Short-circuit message history call in UDP
- Try to fix locking to prevent duplicate destinations when using
the new option new-dest-on-resume. Still not right for shared clients
but should be better for non-shared.
SSU reachability is OK. i2np.ntcp.autoip=always for the old behavior.
autoip default is now "true".
i2np.ntcp.hostname=xxx now trumps i2np.tcp.autoip.
- SSU always tells NTCP when status changes.
now defaults to auto; and configured now trumps auto.
Port configuration now does not affect whether inbound
NTCP is enabled - the host configuration alone can do that.
* more BOB fixes, complete with warnings when things go wrong, and
success messages when things turn around and go right. Terminates
early so that applications wait no more than 10 seconds or so.
* Reversed a few earlier patches that caused some odd behavior.
* Changed some core println()'s to debugging messages.
- Correct the meanings of the i2np.ntcp.autoip and i2np.ntcp.autoport
advanced config. If you have one of these set but not the other, you
will have to adjust your configuration on config.jsp.
Jetty forms the temp directory name from, among other things, the bound
address. The patch in 0.7.2 to bind to IPV6 addresses led to ':' in the
directory name, which is not allowed on windows. Change these to '_'.
* PeerProfile:
- Replace a hot lock with concurrent RW lock
- Rewrite ugly IP Restriction code
- Also use transport IP in restriction code
* Transport: Start the previously unused CleanupUnreachable
java.lang.IllegalStateException: Unable to serialize the message (net.i2p.data.i2np.DatabaseStoreMessage): Invalid key type
at net.i2p.data.i2np.I2NPMessageImpl.toByteArray(I2NPMessageImpl.java:238)
at net.i2p.router.transport.ntcp.NTCPConnection.bufferedPrepare(NTCPConnection.java:668)
at net.i2p.router.transport.ntcp.NTCPConnection.send(NTCPConnection.java:295)
at net.i2p.router.transport.ntcp.NTCPConnection.enqueueFloodfillMessage(NTCPConnection.java:412)
at net.i2p.router.transport.ntcp.NTCPConnection.enqueueInfoMessage(NTCPConnection.java:373)
at net.i2p.router.transport.ntcp.NTCPTransport.outboundMessageReady(NTCPTransport.java:179)
at net.i2p.router.transport.TransportImpl.send(TransportImpl.java:339)
...
* Code janator work, basic corrections involving @Override, and
appling final where it is important. Also fixed some equals methods
and commented places that need fixing.
* Catch NPE in NTCP.
This possibly augments fix 2009-04-11 welterde below.
* Various LINT on NTCP sources, and removal of space-wasting
spaces at end of lines in sources touched.
* i2ptunnel janitorial work and fixes on most locks.
Some locks still need work, and are marked with LINT in the comment.
Just grep for "LINT" to see where the remaining places are.
* More BOB threadgroup fixes, plus debug dump when things go wrong.
* Fixes to streaminglib, I2CP, which are related to the TG problem.
* JavaDocs fixups.
- Enable IPv6 stack in the JVM, hopefully won't break anything
- Patch Jetty to support binding to IPv6 addresses
- Allow multiple bind addresses for the router console
in the clients.config file; for new installs the
default is now "127.0.0.1,::1"
- Change most instances of "localhost" to "127.0.0.1"
throughout the code
* Router:
- Move some classes to private static inner
* SimpleTimer2, SimpleScheduler fixed so that the threads all run from
The main threadgroup, not in the current possible child threadgroup.
So long as any SimpleTimer2/SimpleScheduler is started *BEFORE* any
child threadgroups, the constructors are threadgroup safe. What would
be super cool is if they were to be all jailed within thier very own
threadgroup too, but, I2P isn't up to the task of this yet.
* Fixes to BOB to ensure the above is true.
To use the application, you need to (by default) add the following to clients.config :
# desktopgui
clientApp.6.args=
clientApp.6.delay=5
clientApp.6.main=desktopgui.Main
clientApp.6.name=desktopgui
clientApp.6.startOnLoad=true
- Maintain a router hash -> IP map in transport,
to support additional IP checks
(unused for now)
- Catch error on pre-2.6 kernels
- Some concurrent conversion
- Fix an HTML error on peers.jsp
- Remove unused calculators and RateStats:
CapacityCalculator, StrictSpeedCalculator, IsFailingCalculator;
sendFailureSize, processSuccessRate, processfailureRate, commErrorRate,
tunnelTestResponseTimeSlow
- Reduced number of Rates in these RateStats:
sendSuccessSize, receiveSize, rejectRate, failRate
- ~5KB/profile savings total
- Deflate speed calculation once an hour instead of once a day,
to improve fast tier selection
the code CWD is / but the only writable directory is
/data/data/net.i2p.router/files/ - still a ton of places to be
fixed, will be fixed up as things get working
- Load some config files from resources at startup
- Fix up logging
- Add reseed capability, by copying some code over from routerconsole
- Deal with conflicting bouncycastle libs
- Move ConEvent from SimpleTimer to SimpleScheduler
- Move RetransmissionTimer (ResendPacketEvent)
from SimpleTimer to new SimpleTimer2
- Move ActivityTimer and Flusher from SimpleTimer to RetransmissionTimer
- SimpleTimer2 allows specifying "fuzz" to reduce
timer queue churn further
As Debian's package building system is rather complicated and requires root
access unconditionally for some reason, doing it from ant isn't really
feasible. However to build any debian package anywhere is the same system, so
including helpful documentation on how to use that system as an ant build
target would be most useful in this case. Hopefully Debian users will
only have to deal with the already built .deb anyway.
- Fix tunnel reduction/restore, hook in the GUI
- Hook leaseset encryption into the GUI
- Implement saves for all the new stuff
- Add cancel button
- Add b32 display for non-http servers
- Prep for CONNECT
- Fix error msg when connection goes away
This sets i2p up as a functional Debian source package. dpkg-buildpackage
will build i2p using ant preppkg (tarball takes too long and not
helpful). It creates a binary .deb archive of the i2p installation,
which when installed goes into /var/lib/i2p as the non-root user i2p,
and adds an /etc/init.d script to start it up.
Some problems not yet solved:
1) under Debian the conf should go into /etc/i2p, but since it doesn't
things like the eepsite index file get overwritten if you reinstall.
should check for those somehow and not replace them, or ask the user.
2) under Debian they like it if you split the generated data from the
static code, so i2p should go into /usr/lib/i2p maybe, but its
netDB and any other cache files into /var/cache/i2p
that's important not just for organization, but also /var is often
on a filesystem optimized for churn. For now just put it in /var/lib
3) i2p is supposedly architecture independant, but it does choose a
native jbigi library on postinstall, so does that really count
as architecture independant?
- Change default length to 2+0
- Cleanup helper code
- Stub out the following new options (C=client, S=server):
+ Access list (S)
+ Certificate type (S)
+ Encrypted LeaseSet (S)
+ New dest on idle restart (C)
+ Tunnel closure on idle (C)
+ Tunnel reduction on idle (C,S)
Pass message timeout through new I2CP message
SendMessageExpiresMessage, so that the router
uses the same expiration as the streaming lib.
Should help reliability.
* I2CP:
Implement new I2CP message ReconfigureSessionMessage.
Will be used for tunnel reduction.
- Disable ExploreKeySelectorJob completely, just have
StartExplorersJob select a random key if queue is empty
- Add netDb.alwaysQuery=[B64Hash] for debugging
- Queue results of exploration for more exploration
- Floodfills periodically shuffle their KBuckets, and
FloodfillPeerSelector sorts more keys, so that
exploration works well
- Give each search a minimum of time even at the end
- Fix ExploreJob exclude peer list
- Always add floodfills to exclude peer list
- Don't queue keys for exploration or run ExploreJob
if floodfill
- Allow floodfills to return non-floodfills in
a DSRM msg so exploration works
- Expire routers with introducers after 90m.
This should improve reachability to firewalled routers
by keeping introducer info current.
- Expire routers with no addresses after 90m.
Implement Base32 Hash hostnames, via the naming service.
Names are of the form [52-characters].i2p, where
the 52 characters are the Base32 representation of our
256-byte hash. The client requests a lookup of the hash
via a brief I2CP session using new I2CP request/reply
messages. The router looks up the leaseset for the hash
to convert the hash to a dest. Convert the I2PTunnel
'preview' links to use Base32 hostnames as a
demonstration.
- Cleanup max connections code
- Add i2np.udp.maxConnections
- Set max connections based on share bandwidth
- Add haveCapacity() that can be used for connection
throttling in the router
- Reject IBGW/OBEP requests when near connection limit
- Reduce idle timeout when near connection limit
* Tunnel request handler:
- Require tunnel.dropLoad* stats
- Speed up request loop
is closed from under it.
Enhancement: BOB can now clear a destination in under 1 second with the above fix.
BOB also will do a thread dump when something really aweful happens,
so that developers/users can help in debugging.
- Fixes and cleanups when NTCP and/or UDP transports disabled
- More TCP removal cleanup
- Clean up bandwidth limiting, centralize defaults
- Force burst to be >= limit
- Increase default bw to 48/24, burst 64/32
* Delay shitlist cleaner at startup
* Strip wrapper properties from client config
* Define multiple cert type
* Prohibit negative maxSends in streaming
* HTML fixup on configtunnels.jsp
* Increase wrapper exit timeout from default 15s to 30s
- Better handling of 504 gateway timeout
(keep going up to limit of retry count rather
than just one more partial fetch)
- Add -t cmd line option for timeout
- Better handling of 403, 409, 503 errors
- Don't keep going after unknown return code
- Don't delay before exiting after a failure
- Don't create SnarkManager instance until first call,
so it doesn't create the i2psnark dir, read the config,
etc., for single Snark instances.
- Don't read i2psnark.config twice; fix setting
i2psnark.dir
- More Snark constructor changes for calling from router
- Make max connections per torrent configurable
- Remove static instances of I2PSnarkUtil, ConnectionAcceptor,
and PeerCoordinatorSet
- Convert static classes in Snark to listeners
- Fix Snark to work in single torrent mode again
- Should now work with multiple single Snarks
- Refactor to allow running a single Snark without a SnarkManager again,
by moving some things from SnarkManager to I2PSnarkUtil,
having Snark call completeListener callbacks,
and having Storage call storageListener callbacks.
This is in preparation for using Snark for router updates.
Step 2 is to allow multiple I2PSnarkUtil instances.
- Big rewrite of Storage to open file descriptors on demand, and
close them when unused, so we can support large numbers of torrents.
- Add more info to Connection.toString() for debugging
- Fix lifetimeMessages{Sent,Received} stats
- Reduce RTT damping to 0.875 (was 0.9)
- Add a stream.con.initialRTT.{in,out} stats
- Use the depend task with caching for more accurate dependencies
- Make sure the routerconsole gets the latest router version
- Fix addressbook repeated builds
when the initial data is larger than one MTU,
e.g. HTTP GETs with large URLs, CGI params or cookies,
or large HTTP POSTS:
- Don't reject additional packets received without a
send stream ID (i.e. sent before the SYN ACK was received)
- Put unknown non-SYN packets on the SYN queue also
so they won't be rejected
- Reduce flusher delay to 250ms (was 500)
- Flush unless window is full (was window is non-empty)
- Don't distclean in the updaterRouter target
- Don't make prepUpdate and prepupdateSmall depend
on distclean
- Don't make susimail build always clean
- Make pkg depend on distclean to be sure
- Clean out more routerconsole and susidns files in 'ant clean'
- i2ptunnel, routerconsole, susidns:
Only build WEB-INF when necessary
- systray: Only build jar when necessary
- Don't build i2psnark standalone for the updater target
- Add a signed Certificate type
- Add a main() to PrivateKeyFile to generate
Destinations with various Certificate types
- Add a VerifiedDestination class to check Certificates
of various types
- Add a HashCash library from http://www.nettgryppa.com/code/
(no distribution restrictions)
- Allow non-null Certificates in addressbook
- Update dbLookup profile stats in FloodOnlySearchJob
and FloodfillVerifyStoreJob
- Fix response time store in profile in SearchJob
* profiles.jsp: Don't override locale number format,
clean up the response time output for floodfills
- Don't do peer tests when hidden
- Don't offer to introduce when hidden
- Don't continually rebuild routerInfo when hidden
- Don't continually rebuild routerInfo when
i2np.udp.internalPort is set but i2np.udp.port is not
- Remove some unused functions
Added socketSoTimeout
CHANGED RetransmissionTimer is now public
FIXED SimpleTimer has a way to be stopped, and reap it's children
CLEANUP A few javadoc additions, where I could figgure out bits
CLEANUP all code that needed to catch the timeout exception for socketSoTimeout
Added socketSoTimeout
CHANGED RetransmissionTimer is now public
FIXED SimpleTimer has a way to be stopped, and reap it's children
FIXED Lots of javadoc additions, where I could
CLEANUP all code that needed to catch the timeout exception for socketSoTimeout
and fixed all the broken mainstream applications depending on it.
Fixed a grave bug in SimpleTimer.
Fixed Steraming Timer to be public.
Fixed a pile of JavaDoc comments, and reformatted the files I touched.
* Tunnels:
- Add missing message accounting for inbound gateways,
we were underestimating participating traffic because of it,
and the tunnels were classified "inactive"
- Add participating tunnel role on tunnels.jsp
- Correctly check inbound and outbound total bw limits separately
- Fix up and actually use the tunnel.participatingMessageCount stat,
favor it if lower than the total bw stat, so that
client traffic isn't included for throttle decisions
- Reduce min message count from 60 to 40
* Tunnel Dispatcher:
- Add tunnel.participatingBandwidth stat
- Remove all 3h and 24h stats
* Throttle:
- Use 60s rather than 10m tunnel.participatingMessageCount stat
- Fix a summary bar message
* Tunnel Dispatcher: Update tunnel.participatingMessageCount
every 20s, rather than at tunnel expiration, to maintain
a more current stat
* NetDb: Add netDb.exploreKeySet stat
* netdb.jsp: Add parameter ?r=xxxxxx to view a single routerinfo,
and ?r=. to view our own; change links on other pages too
- Add config i2psnark.linkPrefix to enable access to completed
torrents from a different machine - examples:
i2psnark.linkPrefix=file://///localserver/path/to/files/
i2psnark.linkPrefix=http://localwebserver/path/
Stop i2psnark, add to i2psnark.config, restart
- Remove Galen and NickyB trackers
peer for direct RouterInfo stores, to mimimize floodfill
connections
* Peer Profiles: Classify connected peers as "active",
which will help improve the fast pool
* Transport Manager: Add isEstablished(Hash)
- New, disabled by default, except for blocking of
forever-shitlisted peers. See source for instructions
and file format.
* Transport - Reject peers from inbound connections:
- Check IP against blocklist
- Check router hash against forever-shitlist, then block IP
- Try to pick better introducers by checking shitlist,
wasUnreachable list, failing list, and idle times
- To keep introducer connections up and valid,
periodically send a "ping" (a data packet with no data and no acks)
to everybody that has been an introducer in the last two hours
- Add a stat udp.receiveRelayRequestBadTag, make udp.receiveRelayRequest only for good ones
- Remove some 60s and 5m stats, leave only the 10m ones
- Narrow the range for the retransmit time after an allocation fail
- Adjust some logging
- Don't write router key backup when leaseSet keys are updated
- Synchronize to prevent concurrent writes (thanks Galen!)
- Backup keys every 7 days instead of every 5 minutes
- Repair corrupted files with wrong length rather than die
- Register shutdown hook to properly shutdown torrents when
the router shuts down, hopefully will reduce corruption
- Add Galen tracker
- Add a note about how to chane directory
to control which .wars in webapps/ get run. Apps are enabled
by default; disable by (e.g.) webapps.syndie.startOnLoad=false
Config file is written if it does not exist.
Implement methods for use by upcoming configclients.jsp.
- Remove several more stats
- Don't publish bw stats in first hour of uptime
- Publish floodfill stats even if other stats are disabled
- Changes not effective until 0.6.2.1 to provide cover.
* Reachability: Restrict peers with no SSU address at all from inbound tunnels
* News:
- Add display of last updated and last checked time
on index.jsp and configupdate.jsp
- Add a function to get update version (unused for now)
* config.jsp: Add another warning
* Shitlist:
- Add shitlistForever() and isShitlistedForever(), unused for now
- Sort the HTML output by router hash
* config.jsp: Add another warning
* netdb.jsp:
- Sort the lease HTML output by dest hash, local first
- Sort the router HTML output by router hash
- Sort the leases by expiration date in TunnelPool.locked_buildNewLeaseSet()
to make later LeaseSet comparisons reliable. This cleans up the code too.
- Fix broken old vs. new LeaseSet comparison
in ClientConnectionRunner.requestLeaseSet(),
so that we only sign and publish a new LeaseSet when it's really new.
Should reduce outbound overhead both in LeaseSet publishing and LeaseSet bundling,
and floodfill router load, since locked_buildNewLeaseSet() generates
the same LeaseSet as before quite frequently, often just seconds apart.
- Add exception to enforce max # of leases = 6, should be plenty
- Rewrite TunnelPool.locked_buildNewLeaseSet() so it doesn't add lots of
leases and then immediately remove them again, triggering
the new leaseSet size exception
- Remove the now unused LeaseSet.removeLease(lease) and
LeaseSet.removeLease(index)
- Store first and last expiration for efficiency
- Use CapacityBonus rather than ReachablilityBonus in the Capacity calculation
- Persist CapacityBonus rather than ReachabilityBonus
- Include SpeedBonus in the Speed calculation
- Prevent negative values in Speed and Capacity when using bonuses
- Clean up SpeedCalculator.java
* Stats: Add a fake uptime if not publishing stats, to get participating tunnels
* build.xml:
- Add an updateSmall target which includes only the essentials
- Clean up the build file some
- Remove empty eepsite/ and subdirs from i2pupdate.zip
* configtunnels.jsp: Add warning
* i2psnark: Catch a bencode exception (bad peer from tracker) earlier
* i2psnark-standalone: Fix exception http://forum.i2p/viewtopic.php?p=12217
- Call the previously unused profile.tunnelTestFailed()
(redefined to include a probability argument)
and severely downgrade a peer's capacity upon failures,
depending on tunnel length and direction.
This will help push unreachable and malicious peers
out of the High Capacity tier.
- Put recent fail rate on profiles.jsp
* ProfileOrganizer: Logging cleanup
* eepsite_index.html: Update add-host and jump links
* HTTP Proxy: Remove trevorreznik jump server from list
* TunnelPeerSelectors:
- Re-enable strict ordering of peers,
based on XOR distance from a random hash
- Restrict peers with uptime < 90m from tunnels (was 2h),
which is really 60m due to rounding in netDb publishing.
* i2psnark:
- Limit max pipelined requests from a single peer to 128KB
(was unlimited; i2p-bt default is 5 * 64KB)
- Increase max uploaders per torrent to 6 (was 4)
- Reduce max connections per torrent to 16 (was 24) to increase
unchoke time and reduce memory consumption
- Strictly enforce max connections per torrent
- Choke more gradually when over BW limit
* help.jsp: Add a link to the FAQ
* peers.jsp: Fix UDP direction indicators
* hosts.txt: Add update.postman.i2p
- Randomize the PeerCheckerTask start times to make global limiting
work better
- Calculate bw limits using 40s rather than 4m averages to make
bw limiting work better
- Change default bw limit from uplimit/3 to uplimit/2 due to
overhead reduction from the leaseset bundling change
- Restrict peers requiring introducers from inbound tunnels,
since it's slow and unreliable... and many of them advertise
NTCP, which seems unlikely to work
- Provide warning on summary bar if firewalled with inbound NTCP enabled
* Stats: Remove the bw.[send,recv]Bps[1,15]s stats unless
log level net.i2p.router.transport.FIFOBandwidthLimiter >= WARN
at startup (you didn't get any data unless you set the log level anyway)
* oldstats.jsp: Don't put 2 decimal places on integer event counts
* Remove the Internals link from the menu bar
* i2psnark: Extend startup delay from 1 to 3 minutes
- Fix a couple of tunnel cache cleaning bugs
- Cache based on source+dest pairs rather than just dest
- Send the reply leaseSet only when necessary,
rather than all the time (big savings in overhead)
- Enable persistent lease selection again
- Logging tweaks
- Fix a bug from -19 causing the persistent lease selection
removed in -17 to be back again
- Use netDb-listed-unreachable instead of detected-unreachable
for exclusion of unreachable peers from selected leases,
as there are potential anonymity problems with using
detected-unreachable
- Tweak logging some more
* NetDb stats: Remove a couple more including the inefficient stat_identities
- Track unreachable peers persistently
(i.e. separately from shitlist, and not cleared when they contact us)
- Exclude detected unreachable peers from inbound tunnels
- Exclude detected unreachable peers from selected leases
- Exclude detected unreachable floodfill peers from lookups
- Show unreachable status on profiles.jsp
- Extend shitlist time from 4-8m to 40-60m
- Add some shitlist logging
- Don't shitlist twice when unreachable on all transports
- Exclude netDb-listed unreachable peers from inbound tunnels;
this won't help much since there are very few of these now
- Remove 10s delay on inbound UDP connections used for the
0.6.1.10 transition
- Track and display UDP connection direction on peers.jsp
- Show shitlist status in-line on profiles.jsp
- Back out strict peer ordering until we fix SSU
- Back out persistent lease selection until we fix SSU
- Fix detection of UDP REJECT_UNSOLICITED by recording status on expiration
- Increase known Charlie time to 10m; 3m wasn't enough
- Don't continue retransmitting peer test if we know Charlie
- Don't run multiple peer tests at once
- Tighten test frequency range to 6.5-19.5m, was 0-26m
* NTCP: Don't drop a connection unless both directions are idle;
Fix idle time for outbound connections
* Outbound message: Make sure cached lease is in current leaseSet
* Stats: Put all NetworkDatabase stats in same group
* TunnelPool: Stop building tunnels and leaseSets after client shutdown
* i2psnark: Add locking to prevent two I2CP connections
* HostsTxtNamingService: Add reverse lookup support
* Outbound message: Minor cleanup
* i2psnark TrackerCLient: Minor cleanup
* checklist.txt: Minor edit
* hosts.txt: Add perv.i2p, false.i2p, mtn.i2p2.i2p
* i2ptunnel.config: Change CVS client to mtn
* netdb.jsp: Show leaseSet destinations using reverse lookup
* profiles.jsp: First cut at showing floodfill data
lease to reduce out-of-order delivery.
* ExploratoryPeerSelector: Back out the floodfill peer exclusion
for now, as it prevents speed rating of those peers
- Add support for secondary open trackers
- Refactor and simplify the TrackerClient code
- Add welterde's tracker to the default list
- Don't have eepget retry announces
- Slow down tracker contacts if they've failed for a while
- Add some debug support showing connections (?p=2)
- Fix counting so it really takes 4 consecutive failures
rather than 4 total to remove a tunnel
- Credit or blame goes to the exploratory tunnel as well
as the tunnel being tested
- Adjust tunnel test timeout based on tunnel length
* ExploratoryPeerSelector: Tweak logging
* ProfileOrganizer: Adjust integration calculation again
* build.xml: Add to help
* checklist.txt: Tweak
* readme.html: Fix forum links
* netDb: Remove tunnel.testFailedTime
- Exclude floodfill peers
- Tweak the HighCap vs. NonFailing decision
* i2psnark: Increase retries for .torrent fetch
* IRC Proxy: Prevent mIRC from sending an alternate DCC request
containing an IP
* readme.html: Reorder some items
* Stats: Add some more required stats
* Streaming lib: Fix slow start to be exponential growth,
fix congestion avoidance to be linear growth.
Should speed up local connections a lot, and remote
connections a little.
- Use more recent stats to calculate integrationory.txt
- Show that fast peers are also high-capacity on profiles.jsp
* readme.html: Update Syndie link
* TunnelPool: Update comments
* netDb: Report 1-2h uptime as 90m to further frustrate tracking,
get rid of the 60s tunnel stats
(effective as of .33 to provide cover)
- Fix a bug that caused a single FloodfillOnlySearchJob
instance to be run multiple times, with unpredictable
results
- Select ff peers randomly to improve reliability
- Add some bulletproofing
- Don't require a peer to be high-capacity to be
well-integrated (not used for anything right now,
but want to get it right for possible floodfill verification)
- Don't fall back to median for high-capacity threshold
if the mean is higher than the median, this prevents
frequent large high-capacity counts
- Fix high-capacity selector that picked one too many
* Console: put well-integrated count back in the summary
(fixes command line status)
* UpdateHandler:
- Fix byte count display
- Display final status on router console
- Don't allow multiple update jobs to queue up
- Increase max retries
- Code cleanup
- Don't show 'check for update' button when update in progress
- Enhance error messages
* Give the Jetty build file ability to ask permission
before downloading the Jetty archive from the web,
and to verify its SHA1 + MD5 hashes. Adjust the main build file
in accordance with this change.
* Improve the release checklist.
- Prevent peers with matching IPs from joining same tunnel.
Match 0-4 bytes of IP (0=off, 1=most restrictive, 4=least).
Default is 2 (disallow routers in same /16).
Set with router.defaultPool.IPRestriction=x
- Comment out unused RebuildPeriod pool setting
- Add random key to pool in preparation for XOR peer ordering
(was Meta = PetName + HostsTxt)
* Naming: Add two new experimental NamingServices, EepGet and Exec,
not enabled by default -
see source comments in core/java/src/net/i2p/client/naming
for configuration instructions
* i2psnark: Remove orion and gaytorrents from default tracker list
* Remove orion from jump list and from eepsite_index.html
* Jbigi: Change jbigi version to 4.2.2 in build scripts - tested by amiga
* Capitalize OutboundMessageDistributor job name
* TunnelPool: Add a warning if all tunnels are backlogged
previous tunnel when no longer backlogged
* Catch an nio exception in an NTCP logging statement if loglevel is WARN
* IRC Proxy: terminate all messages with \r\n (thanks TrivialPursuit!)
participating tunnel count to seesaw -
should increase network capacity
* Leave participating tunnels in 10s batches for efficiency
* Update participating tunnel ratestat when leaving a tunnel too,
to generate a smoother graph
* Fix tunnel.participatingMessageCount stat to include all
participating tunnels, not just outbound endpoints
* Simplify Expire Tunnel job name
rather than 1 every 10 sec;
Don't store leasesets to disk or read them in
* Combine rates for pools with the same length setting
in the new tunnel build algorithm
* Clarify a log message in the UpdateHandler
* addressbook: Limit size of subscribed hosts.txt,
don't save old etag or last-modified data
* EepGet: Add some logging,
enforce size limits even when size not in returned header,
don't return old etag or last-modified data,
don't call transferFailed listener more than once
* profiles.jsp formatting cleanup
* NTCP: Reduce max idle time from 60m to 20m
* NTCP: Fix idle time on connections with zero messages,
correctly drop these connections
* Add stats.i2p to the jump list
* Impose 20MB limit on POSTs and catch OOMs in POST
* eepsite_index.html: add stats.i2p services
* addressbook: log source of new keys; disallow dests > 516 bytes
* addressbook: convert hostnames to lower case to prevent duplicates
* susidns: generalize references to orion
* Escape both CR, LF and CR LF line breaks in Router.saveConfig()
and unescape them in DataHelper.loadProps() to support
saving and loading config properties with line breaks
* Change the update URLs textbox into a textarea like keys have,
so different URLs go on different lines
* Modify TrustedUpdate to provide a method which supplies a key list
delimited with CR LF line breaks
* Modify DEFAULT_UPDATE_URL to supply a default URL list
delimited with CR LF line breaks
* Modify selectUpdateURL() to handle URL lists
delimited by any kind of line breaks
* Start saving trusted update keys
* Improve formatting on configupdate.jsp
* Add support for multiple update URLs
* Change default for update to use i2p proxy,
add several URLs as defaults
* Enable trusted key form on configupdate.jsp
* Separate the checks "does Jetty .zip file need downloading"
and "does Jetty .zip file need extracting" in the Jetty buildfile.
First download (unless already done), then extract (unless done).
* i2psnark: increase streaming lib write timeout to 240 sec and change
timeout action from "ping" to "disconect", as the fix in .30 to
honor options on outbound connections led to hung outbound connections
(bitfield never transmitted, connection never dropped)
* IRC Proxy: Fix several possible anonymity holes:
- Block CTCP in NOTICE messages
- Block CTCP anywhere in PRIVMSG and NOTICE, not just at first character
- Check for lower case commands
(Thanks sponge!)
* Implement pushback of NTCP transport backlog to the outbound tunnel selection code
* Clean up the NTCP and UDP tables on peers.jsp to be consistent,
fix some of the sorting
* eepsite_index.html: Add links to trevorreznik address book
* streaming lib: Fix SocketManagerFactory to honor options on outbound connections
* streaming lib: Fix setDefaultOptions() when called with a ConnectionOptions parameter
* i2psnark: Don't make outbound connections to already-connected peers
* i2psnark: Debug logging cleanup
control of timeouts and transparent redirection). the users of eepget
in this source tree don't necessarily use the timeout controls, though
they can be updated to do so
* Lower the threshold between the K and L bandwidth class,
so that K is now < 12 KB/s, instead of <= 16 KB/s.
Hopefully this lets people with 128 kbit/s (16 KB/s) upload lines
participate in routing, if they keep the default share percentage.
* Take the post-download routerInfo size check back out of ReseedHandler,
since it wasn't helpful, and a lower limit caused false warnings.
* Give EepGet ability to enforce a min/max HTTP response size.
* Enforce a maximum response size of 8 MB when ReseedHandler
downloads into a ByteArrayOutputStream.
* Refactor ReseedHandler/ReseedRunner from static to ordinary classes,
change invocation from RouterConsoleRunner accordingly.
* Add an EepGet status listener to ReseedHandler to log causes of reseed failure,
provide status reports to indicate the progress of reseeding.
* Enable icon for default eepsite, and the index page
of the router console (more later).
* Clean up graphs.jsp - set K=1024 where appropriate,
output image sizes in html, catch ooms, other minor tweaks
* Fix current event count truncation which fixes graphs with low
60-sec event counts displaying high values
(bw.* and router.* graphs for example were 1.5x too high)
Affects all "events per period" (non-lifetime) counts.
* Add auto-detect IP/Port to NTCP. When enabled on config.jsp,
SSU will notify/restart NTCP when the external address changes.
Now you can enable inbound TCP without a static IP or dyndns service.
* Replace broken option i2np.udp.alwaysPreferred with
i2np.udp.preferred and adjust UDP bids; possible settings are
"false" (default), "true", and "always".
Default setting results in same behavior as before
(NTCP is preferred unless it isn't established and UDP is established).
Use to compare NTCP and UDP transports.
* First pass on EepGet and ReseedHandler improvements,
please avoid use on routers which matter!
* Give EepGet ability of downloading into an OutputStream,
such as the ByteArrayOutputStream of ReseedHandler.
* Detect failure to reseed better, report it persistently
and more verbosely, provide a link to logs
and suggest manual reseed.
* i2psnark tracker handling tweaks:
- Add link to tracker details page (Postman only for now, requires bytemonsoon patch)
- Add Base URL to tracker list configuration
- Web page links built from tracker list Base URLs
- Only build and sort tracker list once
- Add anonymityWeb tracker to default list
- Add tooltip info for TrackerErrs
- Stop torrent if not registered with tracker
- Mark temp files as delete on exit
* i2psnark: Cleanup some handling of saved partial pieces
* i2psnark: Put bit counting in Bitfield.java for efficiency
* i2psnark: Save torrent completion state in i2psnark.config
* Streaming lib changes to improve upstream performance during congestion:
* Change min window size from 12 to 1
* Change max timeout from 10 to 45 sec
* Change initial timeout from 10 to 15 sec
* Change intial window size for i2psnark from 12 to 1
* Change slow start growth rate for i2psnark from 1/2 to 1
* Implement priority sending for NTCP
* Disable trimForOverload() in tunnel BuildExecutor which
was preventing tunnel builds when outbound traffic was high
(i.e. most of the time when running i2psnark)
* Tell our peers about who we know in the floodfill netDb every
6 hours or so, mitigating the situation where peers lose track
of floodfill routers.
* Disable the Syndie updater (people should use the new Syndie,
not this one)
* Disable the eepsite tunnel by default
* Modify ReseedHandler to query the "i2p.reseedURL" property from I2PAppContext
instead of System, so setting a reseed URL in advanced configuration has effect.
* Clean out obsolete reseed code from ConfigNetHandler.
* i2psnark: More choking rotation tweaks
* Improve performance by not reading in the whole
piece from disk for each request. A huge memory savings
on 1MB torrents with many peers.
* i2psnark: Add 'Stop All' link on web page
* Add some links to trackers and forum on web page
* Don't start tunnel if 'Autostart' unchecked
* Fix torrent restart bug by reopening file descriptors
* i2psnark: Improvements for torrents with > 4 leechers:
choke based on upload rate when seeding, and
be smarter and fairer about rotating choked peers.
* Handle two common i2psnark OOM situations rather
than shutting down the whole thing.
* Fix reporting to tracker of remaining bytes for
torrents > 4GB (but ByteMonsoon still has a bug)
* i2psnark: Fix and enable generation of multifile torrents,
print error if no tracker selected at create-torrent,
fix stopping a torrent that hasn't started successfully,
add eBook and GayTorrents trackers to form,
web page formatting tweaks
* Ensure we get NTP samples from more diverse sources
(0.pool.ntp.org, 1.pool.ntp.org, etc)
* Discard median-based peer skew calculator as framed average works,
and adjusting its percentage can make it behave median-like
* Require more data points (from at least 20 peers)
before considering a peer skew measurement reliable
2006-10-10 jrandom
* Removed the status display from the console, as its more confusing
than informative (though the content is still displayed in the HTML)
* Add a framed average peer clock skew calculator
* Add config property "router.clockOffsetSanityCheck" to determine
if NTP-suggested clock offsets get sanity checked (default "true")
* Reject NTP-suggested clock offsets if they'd increase peer clock skew
by more than 5 seconds, or make it more than 20 seconds total
* Decrease log level in getMedianPeerClockSkew()
* Subclass from Clock a RouterClock which can access router transports,
with the goal of developing it to second-guess NTP results
* Make transports report clock skew in seconds
* Adjust renderStatusHTML() methods accordingly
* Show average for NTCP clock skews too
* Give transports a getClockSkews() method to report clock skews
* Give transport manager a getClockSkews() method to aggregate results
* Give comm system facade a getMedianPeerClockSkew() method which RouterClock calls
(to observe results, add "net.i2p.router.transport.CommSystemFacadeImpl=WARN" to
logging)
* Extra explicitness in NTCP classes to denote unit of time.
* Fix some places in NTCPConnection where milliseconds and seconds were confused
* i2psnark: Paranoid copy before writing pieces,
recheck files on completion, redownload bad pieces
* i2psnark: Don't contact tracker as often when seeding
* i2psnark: Implement retransmission of requests. This
eliminates one cause of complete stalls with a peer.
This problem is common on torrents with a small number of
active peers where there are no choke/unchokes to kickstart things.
* i2psnark: Mark a peer's requests as unrequested on disconnect,
preventing premature end game
* i2psnark: Randomize selection of next piece during end game
* i2psnark: Don't restore a partial piece to a peer that is already working on it
* i2psnark: strip ".torrent" on web page
* i2psnark: Limit piece size in generated torrent to 1MB max
* i2psnark: Fix bug where new peers would always be set to "interested"
regardless of actual interest
* i2psnark: Reduce max piece size from 10MB to 1MB; larger may have severe
memory and efficiency problems
* Tweak the PRNG logging so it only displays error messages if there are
problems
* Disable dynamic router keys for the time being, as they don't offer
meaningful security, may hurt the router, and makes it harder to
determine the network health. The code to restart on SSU IP change is
still enabled however.
* Disable tunnel load testing, leaning back on the tiered selection for
the time being.
* Spattering of bugfixes
* i2psnark: Implement basic partial-piece saves across connections
* i2psnark: Implement keep-alive sending. This will keep non-i2psnark clients
from dropping us for inactivity but also renders the 2-minute transmit-inactivity
code in i2psnark ineffective. Will have to research why there is transmit but
not receive inactivity code. With the current connection limit of 24 peers
we aren't in any danger of keeping out new peers by keeping inactive ones.
* i2psnark: Increase CHECK_PERIOD from 20 to 40 since nothing happens in 20 seconds
* i2psnark: Fix dropped chunk handling
* i2psnark: Web rate report cleanup
* i2psnark: Report cleared trackerErr immediately
* i2psnark: Add trackerErr reporting after previous success; retry more quickly
* i2psnark: Set up new connections more quickly
* i2psnark: Don't delay tracker fetch when setting up lots of connections
* i2psnark: Reduce MAX_UPLOADERS from 12 to 4
* Limit form size in SusiDNS to avoid exceeding a POST size limit on postback
* Print messages about addressbook size to give better overview
* Enable delete function in published addressbook
* Increase the tunnel building timeout
* Avoid a rare race (thanks bar!)
* Fix the bandwidth capacity publishing code to factor in share percentage
and outbound throttling (oops)
* Actually fix the threading deadlock issue in the netDb (removing
the synchronized access to individual kbuckets while validating
individual entries) (thanks cervantes, postman, frosk, et al!)
* Cut down NTCP connection establishments once we know the peer is skewed
(rather than wait for full establishment before verifying)
* Removed a lock on the stats framework when accessing rates, which
shouldn't be a problem, assuming rates are created (pretty much) all at
once and merely updated during the lifetime of the jvm.
* When dropping a netDb router reference, only accept newer
references as part of the update check
* If we have been up for a while, don't accept really old
router references (published 2 or more days ago)
* Drop router references once they are no longer valid, even if
they were allowed in due to the lax restrictions on startup
* When dropping a netDb router reference, only accept newer
references as part of the update check
* If we have been up for a while, don't accept really old
router references (published 2 or more days ago)
* Drop router references once they are no longer valid, even if
they were allowed in due to the lax restrictions on startup
* Every time we create a new router identity, add an entry to the
new "identlog.txt" text file in the I2P install directory. For
debugging purposes, publish the count of how many identities the
router has cycled through, though not the identities itself.
* Cleaned up the way the multitransport shitlisting worked, and
added per-transport shitlists
* When dropping a router reference locally, first fire a netDb
lookup for the entry
* Take the peer selection filters into account when organizing the
profiles (thanks Complication!)
* Avoid some obvious configuration errors for the NTCP transport
(invalid ports, "null" ip, etc)
* Deal with some small NTCP bugs found in the wild (unresolveable
hosts, strange network discons, etc)
* Send our netDb info to peers we have direct NTCP connections to
after each 6-12 hours of connection uptime
* Clean up the NTCP reading and writing queue logic to avoid some
potential delays
* Allow people to specify the IP that the SSU transport binds on
locally, via the advanced config "i2np.udp.bindInterface=1.2.3.4"
2006-07-18 jrandom
* Add a failsafe to the NTCP transport to make sure we keep
pumping writes when we should.
* Properly reallow 16-32KBps routers in the default config
(thanks Complication!)
* Improve the multitransport shitlisting (thanks Complication!)
* Allow routers with a capacity of 16-32KBps to be used in tunnels under
the default configuration (thanks for the stats Complication!)
* Properly allow older router references to load on startup
(thanks bar, Complication, et al!)
* Add a new "i2p.alwaysAllowReseed" advanced config property, though
hopefully today's changes should make this unnecessary (thanks void!)
* Improved NTCP buffering
* Close NTCP connections if we are too backlogged when writing to them
* New NIO-based tcp transport (NTCP), enabled by default for outbound
connections only. Those who configure their NAT/firewall to allow
inbound connections and specify the external host and port
(dyndns/etc is ok) on /config.jsp can receive inbound connections.
SSU is still enabled for use by default for all users as a fallback.
* Substantial bugfix to the tunnel gateway processing to transfer
messages sequentially instead of interleaved
* Renamed GNU/crypto classes to avoid name clashes with kaffe and other
GNU/Classpath based JVMs
* Adjust the Fortuna PRNG's pooling system to reduce contention on
refill with a background thread to refill the output buffer
* Add per-transport support for the shitlist
* Add a new async pumped tunnel gateway to reduce tunnel dispatcher
contention
* Ensure that the I2PTunnel web interface won't update tunnel settings
for shared clients when a non-shared client is modified
(thanks for spotting, BarkerJr!)
* Cut down the proactive rejections due to queue size - if we are
at the point of having decrypted the request off the queue, might
as well let it through, rather than waste that decryption
* Only send netDb searches to the floodfill peers for the time being
* Add some proof of concept filters for tunnel participation. By default,
it will skip peers with an advertised bandwith of less than 32KBps or
an advertised uptime of less than 2 hours. If this is sufficient, a
safer implementation of these filters will be implemented.
* Fix some oversights in my previous changes:
adjust some loglevels, make a few statements less wasteful,
make one comparison less confusing and more likely to log unexpected values
* Separate growth factors for tunnel count and tunnel test time
* Reduce growth factors, so probabalistic throttle would activate
* Square probAccept values to decelerate stronger when far from average
* Create a bandwidth stat with approximately 15-second half life
* Make allowTunnel() check the 1-second bandwidth for overload
before doing allowance calculations using 15-second bandwidth
* Tweak the overload detector in BuildExecutor to be more sensitive
for rising edges, add ability to initiate tunnel drops
* Add a function to seek and drop the highest-rate participating tunnel,
keeping a fixed+random grace period between such drops.
It doesn't seem very effective, so disabled by default
("router.dropTunnelsOnOverload=true" to enable)
* Allow a single build attempt to proceed despite 1-minute overload
only if the 1-second rate shows enough spare bandwidth
(e.g. overload has already eased)
* Correct a misnamed property in SummaryHelper.java
to avoid confusion
* Make the maximum allowance of our own concurrent
tunnel builds slightly adaptive: one concurrent build per 6 KB/s
within the fixed range 2..10
* While overloaded, try to avoid completely choking our own build attempts,
instead prefer limiting them to 1
* Adjust the tunnel build timeouts to cut down on expirations, and
increased the SSU connection establishment retransmission rate to
something less glacial.
* For the first 5 minutes of uptime, be less aggressive with tunnel
exploration, opting for more reliable peers to start with.
* Adjust how we pick high capacity peers to allow the inclusion of fast
peers (the previous filter assumed an old usage pattern)
* New set of stats to help track per-packet-type bandwidth usage better
* Cut out the proactive tail drop from the SSU transport, for now
* Reduce the frequency of tunnel build attempts while we're saturated
* Don't drop tunnel requests as easily - prefer to explicitly reject them
* Adjust the proactive tunnel request dropping so we will reject what we
can instead of dropping so much (but still dropping if we get too far
overloaded)
* Throttling improvements on SSU - throttle all transmissions to a peer
when we are retransmitting, not just retransmissions. Also, if
we're already retransmitting to a peer, probabalistically tail drop new
messages targetting that peer, based on the estimated wait time before
transmission.
* Fixed the rounding error in the inbound tunnel drop probability.
* Include a combined send/receive graph (good idea cervantes!)
* Proactively drop inbound tunnel requests probabalistically as the
estimated queue time approaches our limit, rather than letting them all
through up to that limit.
* Process inbound tunnel requests more efficiently
* Proactively drop inbound tunnel requests if the queue before we'd
process it in is too long (dynamically adjusted by cpu load)
* Adjust the tunnel rejection throttle to reject requeusts when we have to
proactively drop too many requests.
* Display the number of pending inbound tunnel join requests on the router
console (as the "handle backlog")
* Include a few more stats in the default set of graphs
* Cut down on the time that we allow a tunnel creation request to sit by
without response, and reject tunnel creation requests that are lagged
locally. Also switch to a bounded FIFO instead of a LIFO
* Threading tweaks for the message handling (thanks bar!)
* Don't add addresses to syndie with blank names (thanks Complication!)
* Further ban clearance
* Fix during the ssu handshake to avoid an unnecessary failure on
packet retransmission (thanks ripple!)
* Fix during the SSU handshake to use the negotiated session key asap,
rather than using the intro key for more than we should (thanks ripple!)
* Fixes to the message reply registry (thanks Complication!)
* More comprehensive syndie banning (for repeated pushes)
* Publish the router's ballpark bandwidth limit (w/in a power of 2), for
testing purposes
* Put a floor back on the capacity threshold, so too many failing peers
won't cause us to pick very bad peers (unless we have very few good
ones)
* Bugfix to cut down on peers using introducers unneessarily (thanks
Complication!)
* Reduced the default streaming lib message size to fit into a single
tunnel message, rather than require 5 tunnel messages to be transferred
without loss before recomposition. This reduces throughput, but should
increase reliability, at least for the time being.
* Misc small bugfixes in the router (thanks all!)
* More tweaking for Syndie's CSS (thanks Doubtful Salmon!)
* Take out the router watchdog's teeth (don't restart on leaseset failure)
* Filter the IRC ping/pong messages, as some clients send unsafe
information in them (thanks aardvax and dust!)
* Substantially reduced the lock contention in the message registry (a
major hotspot that can choke most threads). Also reworked the locking
so we don't need per-message timer events
* No need to have additional per-peer message clearing, as they are
either unregistered individually or expired.
* Include some of the more transient tunnel throttling
* Added a simple purge and ban of syndie authors, shown as the
"Purge and ban" button on the addressbook for authors that are already
on the ignore list. All of their entries and metadata are deleted from
the archive, and the are transparently filtered from any remote
syndication (so no user on the syndie instance will pull any new posts
from them)
* More strict tunnel join throtting when congested
* Try to desync tunnel building near startup (thanks Complication!)
* If we are highly congested, fall back on only querying the floodfill
netDb peers, and only storing to those peers too
* Cleaned up the floodfill-only queries
* Avoid a very strange (unconfirmed) bug that people using the systray's
browser picker dialog could cause by disabling the GUI-based browser
picker.
* Cut down on subsequent streaming lib reset packets transmitted
* Use a larger MTU more often
* Allow netDb searches to query shitlisted peers, as the queries are
indirect.
* Add an option to disable non-floodfill netDb searches (non-floodfill
searches are used by default, but can be disabled by adding
netDb.floodfillOnly=true to the advanced config)
* Made the netDb search load limitations a little less stringent
* Add support for specifying the number of periods to be plotted on the
graphs - e.g. to plot only the last hour of a stat that is averaged at
the 60 second period, add &periodCount=60
* Add support for graphing the event count as well as the average stat
value (done by adding &showEvents=true to the URL). Also supports
hiding the legend (&hideLegend=true), the grid (&hideGrid=true), and
the title (&hideTitle=true).
* Removed an unnecessary arbitrary filter on the profile organizer so we
can pick high capacity and fast peers more appropriately
* Integrate basic hooks for jrobin (http://jrobin.org) into the router
console. Selected stats can be harvested automatically and fed into
in-memory RRD databases, and those databases can be served up either as
PNG images or as RRDtool compatible XML dumps (see oldstats.jsp for
details). A base set of stats are harvested by default, but an
alternate list can be specified by setting the 'stat.summaries' list on
the advanced config. For instance:
stat.summaries=bw.recvRate.60000,bw.sendRate.60000
* HTML tweaking for the general config page (thanks void!)
* Odd NPE fix (thanks Complication!)
* Integrate basic hooks for jrobin (http://jrobin.org) into the router
console. Selected stats can be harvested automatically and fed into
in-memory RRD databases, and those databases can be served up either as
PNG images or as RRDtool compatible XML dumps (see oldstats.jsp for
details). A base set of stats are harvested by default, but an
alternate list can be specified by setting the 'stat.summaries' list on
the advanced config. For instance:
stat.summaries=bw.recvRate.60000,bw.sendRate.60000
* HTML tweaking for the general config page (thanks void!)
* Odd NPE fix (thanks Complication!)
* Further stat cleanup
* Keep track of how many peers we are actively trying to communicate with,
beyond those who are just trying to communicate with us.
* Further router tunnel participation throttle revisions to avoid spurious
rejections
* Rate stat display cleanup (thanks ripple!)
* Don't even try to send messages that have been queued too long
* Further stat cleanup
* Keep track of how many peers we are actively trying to communicate with,
beyond those who are just trying to communicate with us.
* Further router tunnel participation throttle revisions to avoid spurious
rejections
* Rate stat display cleanup (thanks ripple!)
* Don't even try to send messages that have been queued too long
* HTML fixes in Syndie to work better with opera (thanks shaklen!)
* Give netDb lookups to floodfill peers more time, as they are much more
likely to succeed (thereby cutting down on the unnecessary netDb
searches outside the floodfill set)
* Fix to the SSU IP detection code so we won't use introducers when we
don't need them (thanks Complication!)
* Add a brief shitlist to i2psnark so it doesn't keep on trying to reach
peers given to it
* Don't let netDb searches wander across too many peers
* Don't use the 1s bandwidth usage in the tunnel participation throttle,
as its too volatile to have much meaning.
* Don't bork if a Syndie post is missing an entry.sml
* More aggressive tunnel throttling as we approach our bandwidth limit,
and throttle based off periods wider than 1 second.
* Included Doubtful Salmon's syndie stylings (thanks!)
2006-02-27 jrandom
* Adjust the jbigi.jar to use the athlon-optimized jbigi on windows/amd64
machines, rather than the generic jbigi (until we have an athlon64
optimized version)
2006-02-27 jrandom
* Adjust the jbigi.jar to use the athlon-optimized jbigi on windows/amd64
machines, rather than the generic jbigi (until we have an athlon64
optimized version)
* Switch from the bouncycastle to the gnu-crypto implementation for
SHA256, as benchmarks show a 10-30% speedup.
* Removed some unnecessary object caches
* Don't close i2psnark streams prematurely
* Made the Syndie permalinks in the thread view point to the blog view
* Disabled TCP again (since the live net seems to be doing well w/out it)
* Fix the message time on inbound SSU establishment (thanks zzz!)
* Don't be so aggressive with parallel tunnel creation when a tunnel pool
just starts up
* Rounding calculation cleanup in the stats, and avoid an uncontested
mutex (thanks ripple!)
* SSU handshake cleanup to help force incompatible peers to stop nagging
us by both not giving them an updated reference to us and by dropping
future handshake packets from them.
* Fix to properly profile tunnel joins (thanks Ragnarok, frosk, et al!)
* More aggressive poor-man's PMTU, allowing larger MTUs on less reliable
links
* Further class validator refactorings
* Fix to properly profile tunnel joins (thanks Ragnarok, frosk, et al!)
* More aggressive poor-man's PMTU, allowing larger MTUs on less reliable
links
* Further class validator refactorings
* Throttle the outbound SSU establishment queue, so it doesn't fill up the
heap when backlogged (and so that the messages queued up on it don't sit
there forever)
* Further SSU memory cleanup
* Clean up the address regeneration code so it knows when to rebuild the
local info more precisely.
* Throttle the outbound SSU establishment queue, so it doesn't fill up the
heap when backlogged (and so that the messages queued up on it don't sit
there forever)
* Further SSU memory cleanup
* Properly enable TCP this time (oops)
* Deal with multiple form handlers on the same page in the console without
being too annoying (thanks blubb and bd_!)
* Major SSU and router tuning to reduce contention, memory usage, and GC
churn. There are still issues to be worked out, but this should be a
substantial improvement.
* Modified the optional netDb harvester task to support choosing whether
to use (non-anonymous) direct connections or (anonymous) exploratory
tunnels to do the harvesting. Harvesting itself is enabled via the
advanced config "netDb.shouldHarvest=true" (default is false) and the
connection type can be chosen via "netDb.harvestDirectly=false" (default
is false).
* Major SSU and router tuning to reduce contention, memory usage, and GC
churn. There are still issues to be worked out, but this should be a
substantial improvement.
* Modified the optional netDb harvester task to support choosing whether
to use (non-anonymous) direct connections or (anonymous) exploratory
tunnels to do the harvesting. Harvesting itself is enabled via the
advanced config "netDb.shouldHarvest=true" (default is false) and the
connection type can be chosen via "netDb.harvestDirectly=false" (default
is false).
* Moved the current net's reseed URL to a different location than where
the old net looks (dev.i2p.net/i2pdb2/ vs .../i2pdb/)
* More aggressively expire inbound messages (on receive, not just on send)
* Add in a hook for breaking backwards compatibility in the SSU wire
protocol directly by including a version as part of the handshake. The
version is currently set to 0, however, so the wire protocol from this
build is compatible with all earlier SSU implementations.
* Increased the number of complete message readers, cutting down
substantially on the delay processing inbound messages.
* Delete the message history file on startup
* Reworked the restart/shutdown display on the console (thanks bd_!)
* Moved the current net's reseed URL to a different location than where
the old net looks (dev.i2p.net/i2pdb2/ vs .../i2pdb/)
* More aggressively expire inbound messages (on receive, not just on send)
* Add in a hook for breaking backwards compatibility in the SSU wire
protocol directly by including a version as part of the handshake. The
version is currently set to 0, however, so the wire protocol from this
build is compatible with all earlier SSU implementations.
* Increased the number of complete message readers, cutting down
substantially on the delay processing inbound messages.
* Delete the message history file on startup
* Reworked the restart/shutdown display on the console (thanks bd_!)
* Migrate the outbound packets from a central component to the individual
per-peer components, substantially cutting down on lock contention when
dealing with higher degrees.
* Load balance the outbound SSU transfers evenly across peers, rather than
across messages (so peers with few messages won't be starved by peers
with many).
* Reduce the frequency of router info rebuilds (thanks bar!)
* Migrate the outbound packets from a central component to the individual
per-peer components, substantially cutting down on lock contention when
dealing with higher degrees.
* Load balance the outbound SSU transfers evenly across peers, rather than
across messages (so peers with few messages won't be starved by peers
with many).
* Reduce the frequency of router info rebuilds (thanks bar!)
* Add a new AIMD throttle in SSU to control the number of concurrent
messages being sent to a given peer, in addition to the throttle on the
number of concurrent bytes to that peer.
* Adjust the existing SSU outbound queue to throttle based on the queue's
lag, not an arbitrary number of packets.
* Add a new AIMD throttle in SSU to control the number of concurrent
messages being sent to a given peer, in addition to the throttle on the
number of concurrent bytes to that peer.
* Adjust the existing SSU outbound queue to throttle based on the queue's
lag, not an arbitrary number of packets.
* Disable the message history log file by default (duh - feel free to
delete messageHistory.txt after upgrading. thanks deathfatty!)
* Limit the size of the inbound tunnel build request queue so we don't
get an insane backlog of requests that we're bound to reject, and adjust
the queue processing so we keep on churning through them when we've got
a backlog.
* Small fixes for the multiuser syndie operation (thanks Complication!)
* Renamed modified PRNG classes that were imported from gnu-crypto so we
don't conflict with JVMs using that as a JCE provider (thanks blx!)
* Disable the message history log file by default (duh - feel free to
delete messageHistory.txt after upgrading. thanks deathfatty!)
* Limit the size of the inbound tunnel build request queue so we don't
get an insane backlog of requests that we're bound to reject, and adjust
the queue processing so we keep on churning through them when we've got
a backlog.
* Small fixes for the multiuser syndie operation (thanks Complication!)
* Renamed modified PRNG classes that were imported from gnu-crypto so we
don't conflict with JVMs using that as a JCE provider (thanks blx!)
* Bugfix to the I2PTunnel web config to properly accept i2cp port settings
* Initial sucker refactoring to simplify reuse of the html parsing
* Beginnings of hooks to push imported rss/atom out to remote syndie
archives automatically (though not enabled currently)
* Further SSU peer test cleanup
* Bugfix to the I2PTunnel web config to properly accept i2cp port settings
* Initial sucker refactoring to simplify reuse of the html parsing
* Beginnings of hooks to push imported rss/atom out to remote syndie
archives automatically (though not enabled currently)
* Further SSU peer test cleanup
* Add in per-blog RSS feeds to Syndie
* Upgraded sucker's ROME dependency to 0.8, bundling sucked enclosures
with the posts, marking additional attachments as Media RSS enclosures
(http://search.yahoo.com/mrss/), since RSS only supports one enclosure
per item.
* Don't allow the default syndie user to be set to something invalid if
its in single user mode.
* Add in per-blog RSS feeds to Syndie
* Upgraded sucker's ROME dependency to 0.8, bundling sucked enclosures
with the posts, marking additional attachments as Media RSS enclosures
(http://search.yahoo.com/mrss/), since RSS only supports one enclosure
per item.
* Don't allow the default syndie user to be set to something invalid if
its in single user mode.
* Run the peer profile coalescing/reorganization outside the job queue
(on one of the timers), to cut down on some job queue congestion. Also,
trim old profiles while running, not just when starting up.
* Slightly more sane intra-floodfill-node netDb activity (only flood new
entries)
* Workaround in the I2PTunnelHTTPServer for some bad requests (though the
source of the bug is not yet addressed)
* Better I2PSnark reconnection handling
* Further cleanup in the new tunnel build process
* Make sure we expire old participants properly
* Remove much of the transient overload throttling (it wasn't using a good
metric)
* Run the peer profile coalescing/reorganization outside the job queue
(on one of the timers), to cut down on some job queue congestion. Also,
trim old profiles while running, not just when starting up.
* Slightly more sane intra-floodfill-node netDb activity (only flood new
entries)
* Workaround in the I2PTunnelHTTPServer for some bad requests (though the
source of the bug is not yet addressed)
* Better I2PSnark reconnection handling
* Further cleanup in the new tunnel build process
* Make sure we expire old participants properly
* Remove much of the transient overload throttling (it wasn't using a good
metric)
* Run the peer profile coalescing/reorganization outside the job queue
(on one of the timers), to cut down on some job queue congestion. Also,
trim old profiles while running, not just when starting up.
* Slightly more sane intra-floodfill-node netDb activity (only flood new
entries)
* Workaround in the I2PTunnelHTTPServer for some bad requests (though the
source of the bug is not yet addressed)
* Better I2PSnark reconnection handling
* Further cleanup in the new tunnel build process
* Make sure we expire old participants properly
* Remove much of the transient overload throttling (it wasn't using a good
metric)
* New tunnel build process - does not use the new crypto or new peer
selection strategies. However, it does drop the fallback tunnel
procedure, except for tunnels who are configured to allow them, or for
the exploratory pool during bootstrapping or after a catastrophic
failure. This new process prefers to fail rather than use too-short
tunnels, so while it can do some pretty aggressive tunnel rebuilding,
it may expose more tunnel failures to the user.
* Always prefer normal tunnels to fallback tunnels.
* Potential fix for a bug while changing i2cp settings on I2PSnark (thanks
bar!)
* Do all of the netDb entry writing in a separate thread, avoiding
duplicates and batching them up.
* Add title attributes to all external links in Syndie, so we can rollover
and quickly see if it's worth clicking on.
* Fixed a minor compiler warning.
* First pass of the new tunnel creation crypto, specified in the new
router/doc/tunnel-alt-creation.html (referenced in the current
router/doc/tunnel-alt.html). It isn't actually used anywhere yet, other
than in the test code, but the code verifies the technical viability, so
further scrutiny would be warranted.
* Only create the loadtest.log if requested to do so (thanks zzz!)
* Make sure we cleanly take into consideration the appropriate data
points when filtering out duplicate messages in the message validator,
and report the right bloom filter false positives rate (not used for
anything except debugging)
* Syndie CSS tweaks to removed some redundant declarations, improve font
scaling and layout robustness. Improved cross browser compatibility
(in other words "kicked IE"). Tightened the look of the blog template
a little.
* Include the attachments/blogs/etc for comments on the blog view
* Syndie HTML fixes (thanks cervantes!)
* Make sure we fully reset the objects going into our cache before we
reuse them (thanks zzz!)
* Added the per-post list of attachments/blogs/etc to the blog view in
Syndie (though this does not yet include comments or some further
refinements)
* Have the I2P shortcut launch i2p.exe instead of i2psvc.exe on windows,
removing the dox box (though also removes the restart functionality...)
* Give the i2p.exe the correct java.library.path to support the systray
dll (thanks Bobcat, Sugadude, anon!)
* Removed a longstanding bug that had caused unnecessary router identity
churn due to clock skew
* Temporarily sanity check within the streaming lib for long pending
writes
* Added support for a blog-wide logo to Syndie, and automated the pushing
of updated extended blog info data along side the metadata.
* Removed a longstanding bug that had caused unnecessary router identity
churn due to clock skew
* Temporarily sanity check within the streaming lib for long pending
writes
* Added support for a blog-wide logo to Syndie, and automated the pushing
of updated extended blog info data along side the metadata.
* Removed a longstanding bug that had caused unnecessary router identity
churn due to clock skew
* Temporarily sanity check within the streaming lib for long pending
writes
* Added support for a blog-wide logo to Syndie, and automated the pushing
of updated extended blog info data along side the metadata.
* Rather than profile individual tunnels for throughput over their
lifetime, do so at 1 minute intervals (allowing less frequently active
tunnels to be more fairly measured).
* Run the live tunnel load test across two tunnels at a time, by default.
The load test runs for a random period from 90s to the tunnel lifetime,
self paced. This should help gathering data for profiling peers that
are in exploratory tunnels.
2006-01-03 jrandom
* Calculate the overall peer throughput across the 3 fastest one minute
tunnel throughput values, rather than the single fastest throughput.
* Degrade the profiled throughput data over time (cutting the profiled
peaks in half once a day, on average)
* Enable yet another new speed calculation for profiling peers, using the
peak throughput from individual tunnels that a peer is participating in,
rather than across all tunnels they are participating in. This helps
gather a fairer peer throughput measurement, since it won't allow a slow
high capacity peer seem to have a higher throughput (pushing a little
data across many tunnels at once, as opposed to lots of data across a
single tunnel). This degrades over time like the other.
* Add basic OS/2 support to the jbigi code (though we do not bundle a
precompiled OS/2 library)
* Disable multifile torrent creation in I2PSnark's web UI for the moment
(though it can still seed and participate in multifile swarms)
* Enable a new speed calculation for profiling peers, using their peak
1 minute average tunnel throughput as their speed.
* Include a simple torrent creator in the I2PSnark web UI
* Further streaming lib closing improvements
* Refactored the load test components to run off live tunnels (though,
still not safe for normal/anonymous load testing)
* Replaced the bundled linux jcpuid (written in C++) with scintilla's
jcpuid (written in C), removing the libg++.so.5 dependency that has bit
some distros (e.g. mandriva)
* Add a new Status: line on the router console - "ERR-ClockSkew", in case
the clock is too skewed to do anything useful (check the year and month,
not just the hour and minute).
* Fixed the read/write timeouts in the streaming lib (so that it actually
honors them now)
* Minor I2PSnark cleanups (no read timeout, more careful shutdown and
torrent closing)
* Handle an oddball tunnel creation failure (thanks Xunk)
2005-12-22 jrandom
* Bundle the standalone I2PSnark launcher in the installer and update
process (launch as "java -jar launch-i2psnark.jar", viewing the
interface on http://localhost:8002/)
* Don't autostart swarming torrents by default so that you can run a
standalone I2PSnark from the I2P install dir and not have the embedded
I2PSnark autolaunch the torrents that the standalone instance is running
* Fixed a rare streaming lib bug that could let a blocking call wait
forever.
* Fix for old Syndie blog bookmarks (thanks Complication!)
* Fix for I2PSnark to accept incoming connections again (oops)
* Randomize the order that peers from the tracker are contacted
* I2PSnark logging, disconnect old inactive peers rather than new ones,
memory usage reduction, better OOM handling, and a shared connection
acceptor.
* Cleaned up the Syndie blog page and the resulting filters (viewing a
blog from the blog page shows threads started by the selected author,
not those that they merely participate in)
* Added a standalone runner for the I2PSnark web ui (build with the
command "ant i2psnark", unzip i2psnark-standalone.zip somewhere, run
with "java -jar launch-i2psnark.jar", and go to http://localhost:8002/).
* Further I2PSnark error handling
2005-12-17 jrandom
* Let multiuser accounts authorize themselves to access the remote
functionality again (thanks Ch0Hag!)
* Adjust the JVM heap size to 128MB for new installs (existing users can
accomplish this by editing wrapper.config, adding the line
"wrapper.java.maxmemory=128", and then doing a full shutdown and startup
of the router). This is relevent for heavy usage of I2PSnark in the
router console.
* Added a standalone runner for the I2PSnark web ui (build with the
command "ant i2psnark", unzip i2psnark-standalone.zip somewhere, run
with "java -jar launch-i2psnark.jar", and go to http://localhost:8002/).
* Further I2PSnark error handling
* Added some I2PSnark sanity checks, an OOMListener when running
standalone, and a guard against keeping memory tied up indefinitely.
* Sanity check on the watchdog (thanks zzz!)
* Handle invalid HTTP requests in I2PTunnel a little better
* Moved I2PSnark from using Threads to I2PThreads, so we handle OOMs
properly (thanks Complication!)
* More guards in I2PSnark for zany behavior (I2PSession recon w/ skew,
b0rking in the DirMonitor, etc)
* Added multitorrent support to I2PSnark, accessible currently by running
"i2psnark.jar --config i2psnark.config" (which may or may not exist).
It then joins the swarm for any torrents in ./i2psnark/*.torrent, saving
their data in that directory as well. Removing the .torrent file stops
participation, and it is currently set to seed indefinitely. Completion
is logged to the logger and standard output, with further UI interaction
left to the (work in progress) web UI.
* Fix to drop peer references when we shitlist people again (thanks zzz!)
* Further I2PSnark fixes to deal with arbitrary torrent info attributes
(thanks Complication!)
* Don't test tunnels expiring within 90 seconds
* Defer Test Tunnel jobs if job lag too large
* Use JobQueue.getMaxLag() rather than the jobQueue.jobLag stat to measure
job lag for tunnel build backoff, allowing for more agile handling
(since the stat is only updated once a minute)
* Use tunnel length override if all tunnels are expiring within one
minute.
* Fixed I2PSnark's handling of some torrent files to deal with those
created by Azureus and I2PRufus (it didn't know how to deal with
additional meta info, such as path.utf-8 or name.utf-8).
* Create different strategies for exploratory tunnels (which are difficult
to create) and client tunnels (which are much easier)
* Gradually increase number of parallel build attempts as tunnel expiry
nears.
* Temporarily shorten attempted build tunnel length if builds using
configured tunnel length are unsuccessful
* React more aggressively to tunnel failure than routine tunnel
replacement
* Make tunnel creation times randomized - there is existing code to
randomize the tunnels but it isn't effective due to the tunnel creation
strategy. Currently, most tunnels get built all at once, at about 2 1/2
to 3 minutes before expiration. The patch fixes this by fixing the
randomization, and by changing the overlap time (with old tunnels) to a
range of 2 to 4 minutes.
* Reduce number of excess tunnels. Lots of excess tunnels get created due
to overlapping calls. Just about anything generated a call which could
build many tunnels all at once, even if tunnel building was already in
process.
* Miscellaneous router console enhancements
* Added an RDF and XML thread export to Syndie, reachable at
.../threadnav/rdf or .../threadnav/xml, accepting the parameters
count=$numThreads and offset=$threadIndex. If the $numThreads is -1, it
displays all threads.
* Bugfix in Syndie for a problem in the threaded indexer (thanks CofE!)
* Always include ourselves in the favorite authors (since we don't
bookmark ourselves)
* Added support for a 'most recent posts' view that CofE requested, which
includes the ability to filter by age (e.g. posts by your favorite
authors in the last 5 days).
* Adjusted Syndie to use the threaded view that cervantes suggested, which
displays a a single thread path at a time - from root to leaf - rather
than a depth first traversal.
* Package up a standalone Syndie install into a "syndie-standalone.zip",
buildable with "ant syndie". It extracts into ./syndie/, launches with
"java -jar launchsyndie.jar" (or javaw, on windows, to avoid a dos box),
running a single user Syndie instance (by default). It also creates a
default subscription to syndiemedia without any anonymity (using no
proxy). Upgrades can be done by just replacing the syndie.war with the
one from I2P.
* Cleaned up the build process to deal with Jetty 5.1.6 and rename the
new commons-logging-api.jar to commons-logging.jar, which it replaces.
Jetty 5.1.6 is pushed with all updates. Also, no need to push a
separate jdom or rome, as they're inside syndie.war.
* Don't let the TCP transport alone shitlist a peer, since other
transports may be working. Also display whether TCP connections are
inbound or outbound on the peers page.
* Fixed some substantial bugs in the SSU introducers where we wouldn't
talk to anyone who didn't expose an IP (even if they had introducers),
among other goofy things.
* When dealing with SSU introducers, send them all a packet at 3s/6s/9s,
rather than sending one a packet at 3s, then another a packet at 6s,
and a third a packet at 9s.
* Fixed Syndie attachments (oops)
* Further Syndie UI cleanup
* Bundled our patched MultiPartRequest code from jetty (APL2 licensed),
since it hasn't been applied to the jetty CVS yet [1]. Its packaged
into syndie.jar and renamed to net.i2p.syndie.web.MultiPartRequest, but
will be removed as soon as its integrated into Jetty. This patch allows
posting content in various character sets.
[1] http://article.gmane.org/gmane.comp.java.jetty.general/6031
* Upgraded new installs to the latest stable jetty (5.1.6), though this
isn't pushed as part of the update yet, as there aren't any critical
bugs.
* Added back in the OSX jbigi, which was accidentally removed a few revs
back (thanks for the bug report stoerte!) New installs will get the
full jbigi, or you can pull the jbigi.jar from CVS by going to
http://dev.i2p.net/cgi-bin/cvsweb.cgi/i2p/installer/lib/jbigi/jbigi.jar
and clicking on the first "download" link, saving that jbigi.jar to
lib/jbigi.jar in your I2P installation directory. After restarting your
router, it should load up fine.
* Inlined the Syndie CSS to reduce the number of HTTP requests (and
because firefox [and others?] delay rendering until they fetch the css).
* Make sure we fire the shutdown tasks when regenerating a new identity
(thanks picsou!)
* Cleaned up some of the things I b0rked in the 'dynamic keys' mode
* Don't drop SSU sessions if they're still transmitting data successfully,
even if there are transmission failures
* Adjusted the time summarization to display hours after 119m, not 90m
* Further EepGet cleanup (grr)
* Update the sorting in Syndie to consider children 'newer' than parents,
even if they have the same message ID (duh)
* Cleaned up some nav links in Syndie (good idea gloin, spaetz!)
* Added a bunch of tooltips to Syndie's fields (thanks polecat!)
* Force support for nonvalidating XML in Jetty (so we can handle GCJ/etc
better)
* Be more explicit about what messages we will handle through a client
tunnel, and how we will handle them. This cuts off a set of attacks
that an active adversary could mount, though they're probably nonobvious
and would require at least some sophistication.
* Added support for 'dynamic keys' mode, where the router creates a new
router identity whenever it detects a substantial change in its public
address (read: SSU IP or port). This only offers minimal additional
protection against trivial attackers, but should provide functional
improvement for people who have periodic IP changes, since their new
router address would not be shitlisted while their old one would be.
* Added further infrastructure for restricted route operation, but its use
is not recommended.
* Don't publish stats for periods we haven't reached yet (thanks zzz!)
* Cleaned up the syndie threaded display to show the last updated date for
a subthread, and to highlight threads updated in the last two days.
* IE doesn't strip SPAN from <button> form fields, so add in a workaround
within I2PTunnel.
* Increase the maximum SSU retransmission timeout to accomodate slower or
more congested links (though SSU's RTO calculation will usually use a
much lower timeout)
* Moved the streaming lib timed events off the main timer queues and onto
a streaming lib specific set of timer queues. Streaming lib timed
events are more likely to have lock contention on the I2CP socket while
other timed events in the router are (largely) independent.
* Fixed a case sensitive lookup bug (thanks tino!)
* Syndie cleanup - new edit form on the preview page, and fixed some blog
links (thanks tino!)
* IE doesn't strip SPAN from <button> form fields, so add in a workaround
within I2PTunnel.
* Increase the maximum SSU retransmission timeout to accomodate slower or
more congested links (though SSU's RTO calculation will usually use a
much lower timeout)
* Moved the streaming lib timed events off the main timer queues and onto
a streaming lib specific set of timer queues. Streaming lib timed
events are more likely to have lock contention on the I2CP socket while
other timed events in the router are (largely) independent.
* Fixed a case sensitive lookup bug (thanks tino!)
* Syndie cleanup - new edit form on the preview page, and fixed some blog
links (thanks tino!)
* Implemented a trivial pure java PMTU backoff strategy, switching between
a 608 byte MTU and a 1350 byte MTU, depending upon retransmission rates.
* Fixed new user registration in Syndie (thanks Complication!)
* More aggressive I2PTunnel content encoding munging to work around some
rare HTTP behavior (ignoring q values on Accept-encoding, using gzip
even when only identity is specified, etc). I2PTunnelHTTPServer now
sends "Accept-encoding: \r\n" plus "X-Accept-encoding: x-i2p-gzip\r\n",
and I2PTunnelHTTPServer handles x-i2p-gzip in either the Accept-encoding
or X-Accept-encoding headers. Eepsite operators who do not know to
check for X-Accept-encoding will simply use the identity encoding.
* Add filtering threads by author to Syndie, populated with authors in the
user's addressbook
* When creating the default user, add
"http://syndiemedia.i2p/archive/archive.txt" to their addressbook,
configured to automatically pull updates. (what other archives should
be included?)
* Tiny servlet to help dole out the new routerconsole themes, and bundle
the installer/resources/themes/** into ./docs/themes/** on both install
and update.
* Initial pass of the routerconsole revamp, starting with I2PTunnel and
being progressively rolled out to other sections at later dates.
Featuring abstracted W3C strict XHTML1.0 markup, with CSS providing
layout and styling.
* Implemented console themes. Users can create their own themes by
creating css files in: {i2pdir}/docs/themes/console/{themename}/
and activating it using the routerconsole.theme={themename} advanced
config property. Look at the example incomplete "defCon1" theme.
Note: This is very much a work in progress. Folks might want to hold-off
creating their own skins until the markup has solidified.
* Added "routerconsole.javascript.disabled=true" to disable console
client-side scripting and "routerconsole.css.disabled=true" to remove
css styling (only rolled out in the i2ptunnel interface currently)
* Fixed long standing bug with i2ptunnel client and server edit screens
where tunnel count and depth properties would fail to save. Added
backup quantity and variance configuration options.
* Added basic accessibility support (key shortcuts, linear markup, alt and
title information and form labels).
* So far only tested on IE6, Firefox 1.0.6, Opera 8 and lynx.
* Initial pass of the routerconsole revamp, starting with I2PTunnel and
being progressively rolled out to other sections at later dates.
Featuring abstracted W3C strict XHTML1.0 markup, with CSS providing
layout and styling.
* Implemented console themes. Users can create their own themes by
creating css files in: {i2pdir}/docs/themes/console/{themename}/
and activating it using the routerconsole.theme={themename} advanced
config property. Look at the example incomplete "defCon1" theme.
Note: This is very much a work in progress. Folks might want to hold-off
creating their own skins until the markup has solidified.
* Added "routerconsole.javascript.disabled=true" to disable console
client-side scripting and "routerconsole.css.disabled=true" to remove
css styling (only rolled out in the i2ptunnel interface currently)
* Fixed long standing bug with i2ptunnel client and server edit screens
where tunnel count and depth properties would fail to save. Added
backup quantity and variance configuration options.
* Added basic accessibility support (key shortcuts, linear markup, alt and
title information and form labels).
* So far only tested on IE6, Firefox 1.0.6, Opera 8 and lynx.
* Default Syndie to single user mode, and automatically log into a default
user account (additional accounts can be logged into with the 'switch'
or login pages, and new accounts can be created with the register page).
* Disable the 'automated' column on the Syndie addressbook unless the user
is appropriately authorized (good idea Polecat!)
* Include SSU establishment failure in the peer profile as a commError,
as we do for TCP establishment failures.
* Don't throttle the initial transmission of a message because of ongoing
retransmissions to a peer, since the initial transmission of a message
is more valuable than a retransmission (since it has less latency).
* Cleaned up links to SusiDNS and I2PTunnel (thanks zzz!)
* Include the most recent ACKs with packets, rather than only sending an
ack exactly once. SSU differs from TCP in this regard, as TCP has ever
increasing sequence numbers, while each message ID in SSU is random, so
we don't get the benefit of later ACKs implicitly ACKing earlier
messages.
* Reduced the max retransmission timeout for SSU
* Don't try to send messages queued up for a long time waiting for
establishment.
* Include the most recent ACKs with packets, rather than only sending an
ack exactly once. SSU differs from TCP in this regard, as TCP has ever
increasing sequence numbers, while each message ID in SSU is random, so
we don't get the benefit of later ACKs implicitly ACKing earlier
messages.
* Reduced the max retransmission timeout for SSU
* Don't try to send messages queued up for a long time waiting for
establishment.
* Fix for some syndie reply scenarios (thanks identiguy and CofE!)
* Removed a potentially infinitely recursive call (oops)
(forgot to commit this file before. oops)
* Merge sucker into syndie with a rssimport.jsp page.
* Add getContentType() to EepGet.
* Make chunked transfer work (better) with EepGet.
* Do replaceAll("<","<") for logs.
* Improved the bandwidth throtting on tunnel participation, especially for
low bandwidth peers.
* Improved failure handling in SSU with proactive reestablishment of
failing idle peers, and rather than shitlisting a peer who failed too
much, drop the SSU session and allow a new attempt (which, if it fails,
will cause a shitlisting)
* Clarify the cause of the shitlist on the profiles page, and include
bandwidth limiter info at the bottom of the peers page.
* Improved the bandwidth throtting on tunnel participation, especially for
low bandwidth peers.
* Improved failure handling in SSU with proactive reestablishment of
failing idle peers, and rather than shitlisting a peer who failed too
much, drop the SSU session and allow a new attempt (which, if it fails,
will cause a shitlisting)
* Clarify the cause of the shitlist on the profiles page, and include
bandwidth limiter info at the bottom of the peers page.
* In Syndie, propogate the subject and tags in a reply, and show the parent
post on the edit page for easy quoting. (thanks identiguy and CofE!)
* Streamline some netDb query handling to run outside the jobqueue -
which means they'll run on the particular SSU thread that handles the
message. This should help out heavily loaded netDb peers.
* Defer netDb searches for newly referenced peers until we actually want
them
* Ignore netDb references to peers on our shitlist
* Set the timeout for end to end client messages to the max delay after
finding the leaseSet, so we don't have as many expired messages floating
around.
* Add a floor to the streaming lib window size
* When we need to send a streaming lib ACK, try to retransmit one of the
unacked packets instead (with updated ACK/NACK fields, of course). The
bandwidth cost of an unnecessary retransmission should be minor as
compared to both an ACK packet (rounded up to 1KB in the tunnels) and
the probability of a necessary retransmission.
* Adjust the streaming lib cwin algorithm to allow growth after a full
cwin messages if the rtt is trending downwards. If it is not, use the
existing algorithm.
* Increased the maximum rto size in the streaming lib.
* Load balancing bugfix on end to end messages to distribute across
tunnels more evenly.
* Defer netDb searches for newly referenced peers until we actually want
them
* Ignore netDb references to peers on our shitlist
* Set the timeout for end to end client messages to the max delay after
finding the leaseSet, so we don't have as many expired messages floating
around.
* Add a floor to the streaming lib window size
* When we need to send a streaming lib ACK, try to retransmit one of the
unacked packets instead (with updated ACK/NACK fields, of course). The
bandwidth cost of an unnecessary retransmission should be minor as
compared to both an ACK packet (rounded up to 1KB in the tunnels) and
the probability of a necessary retransmission.
* Adjust the streaming lib cwin algorithm to allow growth after a full
cwin messages if the rtt is trending downwards. If it is not, use the
existing algorithm.
* Increased the maximum rto size in the streaming lib.
* Load balancing bugfix on end to end messages to distribute across
tunnels more evenly.
* Add a blocking fetch to EepGetScheduler and RemoteArchiveBean and use them from the updater, to prevent race conditions with multiple archive fetches.
* Integrated GNU-Crypto's Fortuna PRNG, seeding it off /dev/urandom and
./prngseed.rnd (if they exist), and reseeding it with data out of
various crypto operations (unused bits in a DH exchange, intermediary
bits in a DSA signature generation, extra bits in an ElGamal decrypt).
The Fortuna implementation under gnu.crypto.prng has been modified to
use BouncyCastle's SHA256 and Cryptix's AES (since those are the ones
I2P uses), and the resulting gnu.crypto.prng.* are therefor available
under GPL+Classpath's linking exception (~= LGPL). I2P's SecureRandom
wrapper around it is, of course, public domain.
* Fix bug in ircclient that prevented it to use its own dest (i.e. was
always shared. (thx for info Ragnarok)
* Fix crash in Sucker with some bad html.
* Workaround a bug in GCJ's Calendar implementation
* Propery throw an exception in the streaming lib if we try to write to a
closed stream. This will hopefully help clear some I2Phex bugs (thanks
GregorK!)
* Ported the snark bittorrent client to I2P such that it is compatible
with i2p-bt and azneti2p. For usage information, grab an update and run
"java -jar lib/i2psnark.jar". It isn't currently multitorrent capable,
but adding in support would be fairly easy (see PeerAcceptor.java:49)
* Don't allow leaseSets expiring too far in the future (thanks postman)
libjbigi.so. Yeah, this means that i2psnark uses pure java modPow, but it doesn't do
any real heavy lifting anyway, except a DSA signature every 5-10 minutes. whoop de do.
* Ported the snark bittorrent client to I2P such that it is compatible
with i2p-bt and azneti2p. For usage information, grab an update and run
"java -jar lib/i2psnark.jar". It isn't currently multitorrent capable,
but adding in support would be fairly easy (see PeerAcceptor.java:49)
* Don't allow leaseSets expiring too far in the future (thanks postman)
The build in tracker has been removed for simplicity.
Example usage:
java -jar lib/i2psnark.jar myFile.torrent
or, a more verbose setting:
java -jar lib/i2psnark.jar --eepproxy 127.0.0.1 4444 \
--i2cp 127.0.0.1 7654 "inbound.length=2 outbound.length=2" \
--debug 6 myFile.torrent
* Bugfix for the auto-update code to handle different usage patterns
* Decreased the addressbook recheck frequency to once every 12 hours
instead of hourly.
* Handle dynamically changing the HMAC size (again, unless your nym is
toad or jrandom, ignore this ;)
* Cleaned up some synchronization/locking code
* Allow an env prop to configure whether we want to use the backwards
compatible (but not standards compliant) HMAC-MD5, or whether we want
to use the not-backwards compatible (but standards compliant) one. No
one should touch this setting, unless your name is toad or jrandom ;)
* Added some new dummy facades
* Be more aggressive on loading up the router.config before building the
router context
* Added new hooks for apps to deal with previously undefined I2NP message
types without having to modify any code.
* Demo code for using a castrated router for SSU comm (SSUDemo.java)
* Bundled dust's Sucker for pulling RSS/Atom content into SML, which can
then be injected into Syndie with the Syndie CLI.
* Bundled ROME and JDOM (BSD and Apache licensed, respectively) for
RSS/Atom parsing.
2005-10-13 jrandom
* SSU retransmission choke bugfix (== != !=)
* Include initial transmissions in the retransmission choke, so that
if we are already retransmitting a message, we won't send anything
to that peer other than that message (or ACKs, if necessary)
* SSU retransmission choke bugfix (== != !=)
* Include initial transmissions in the retransmission choke, so that
if we are already retransmitting a message, we won't send anything
to that peer other than that message (or ACKs, if necessary)
* Choke SSU retransmissions to a peer while there is already a
retransmission in flight to them. This currently lets other initial
transmissions through, since packet loss is often sporadic, but maybe
this should block initial transmissions as well?
* Display the retransmission bytes stat on peers.jsp (thanks bar!)
* Filter QUIT messages in the I2PTunnelIRCClient proxy
* Piggyback the SSU partial ACKs with data packets. This is backwards
compatible.
* Syndie RSS renderer bugfix, plus now include the full entry instead of
just the blurb before the cut.
* Piggyback the SSU explicit ACKs with data packets (partial ACKs aren't
yet piggybacked). This is backwards compatible.
* SML parser cleanup in Syndie
* Implemented a new I2PTunnelIRCClient which locally filters inbound and
outbound IRC commands for anonymity and security purposes, removing all
CTCP messages except ACTION, as well as stripping the hostname from the
USER message (while leaving the nick and 'full name'). The IRC proxy
doesn't use this by default, but you can enable it by creating a new
"IRC proxy" tunnel on the web interface, or by changing the tunnel type
to "ircclient" in i2ptunnel.config.
2005-10-10 jrandom
* I2PTunnel http client config cleanup and stats
* Minor SSU congestion tweaks and stats
* Reduced netDb exploration period
* Implemented a new I2PTunnelIRCClient which locally filters inbound and
outbound IRC commands for anonymity and security purposes, removing all
CTCP messages except ACTION, as well as stripping the hostname from the
USER message (while leaving the nick and 'full name'). The IRC proxy
doesn't use this by default, but you can enable it by creating a new
"IRC proxy" tunnel on the web interface, or by changing the tunnel type
to "ircclient" in i2ptunnel.config.
2005-10-10 jrandom
* I2PTunnel http client config cleanup and stats
* Minor SSU congestion tweaks and stats
* Reduced netDb exploration period
* Now that the streaming lib works reasonably, set the default inactivity
event to send a 0 byte keepalive payload, rather than disconnecting the
stream. This should cut the irc netsplits and help out with other long
lived streams. The default timeout is now less than the old timeout as
well, so the keepalive will be sent before earlier builds fire their
fatal timeouts.
2005-10-07 jrandom
* Include the 1 second bandwidth usage on the console rather than the
1 minute rate, as the 1 second value doesn't have the 1m/5m quantization
issues.
* Allow the I2PTunnelHTTPServer to send back the first few packets of an
HTTP response quicker, and initialize the streaming lib's cwin more
carefully.
* Added a small web UI to the new Syndie scheduled updater. If you log in
as a user authorized to use the remote archive funtionality, you can
request remote archives in your address book to be automatically pulled
down by checking the "scheduled?" checkbox.
* Allow the first few packets in the stream to fill in their IDs during
handshake (thanks cervantes, Complication, et al!) This should fix at
least some of the intermittent HTTP POST issues.
* Killed three more streaming lib bugs, one of which caused excess packets
to be transmitted (dupacking dupacks), one that was the root of many of
the old hung streams (shrinking highest received), and another that was
releasing data too soon.
* Only allow autodetection of our IP address if we haven't received an
inbound connection in the last two minutes.
* Increase the default max streaming resends to 8 from 5 (and down from
the earlier 10)
* Support noreseed.i2p in addition to .i2pnoreseed for disabling automatic
reseeding - useful on OSes that make it hard to create dot files.
Thanks Complication (and anon)!
* Fixed the installer version string (thanks Frontier!)
* Added cleaner rejection of invalid IP addresses, shitlist those who send
us invalid IP addresses, verify again that we are not sending invalid IP
addresses, and log an error if it happens. (Thanks Complication, ptm,
and adab!)
2005-09-29 jrandom
* Let syndie users modify their metadata.
* Reseed the router on startup if there aren't enough peer references
known locally. This can be disabled by creating the file .i2pnoreseed
in your home directory, and the existing detection and reseed handling
on the web interface is unchanged.
2005-09-29 jrandom
* Let syndie users modify their metadata.
* Reseed the router on startup if there aren't enough peer references
known locally. This can be disabled by creating the file .i2pnoreseed
in your home directory, and the existing detection and reseed handling
on the web interface is unchanged.
* I2PTunnel bugfix (thanks Complication!)
* Increase the SSU cwin slower during congestion avoidance (at k/cwin^2
instead of k/cwin)
* Limit the number of inbound SSU sessions being built at once (using
half of the i2np.udp.maxConcurrentEstablish config prop)
* Don't shitlist on a message send failure alone (unless there aren't any
common transports).
* More careful bandwidth bursting
* Reworded the SSU introductions config section (thanks duck!)
* Force identity content encoding for I2PTunnel httpserver requests
(thanks redzara!)
* Further x-i2p-gzip bugfixes for the end of streams
* Reduce the minimum bandwidth limits to 3KBps steady and burst (though
I2P's performance at 3KBps is another issue)
* Cleaned up some streaming lib structures
* Allow reseeding on the console if the netDb knows less than 30 peers,
rather than less than 10 (without internet connectivity, we keep the
last 15 router references)
* Reenable the x-i2p-gzip HTTP processing by default, flushing the stream
more aggressively.
* Show the status that used to be called "ERR-Reject" as "OK (NAT)"
* Reduced the default maximum number of streaming lib resends of a packet
(10 retransmits is a bit much with a reasonable RTO)
* Better i2paddresshelper handling in the I2PTunnel httpclient, plus a new
conflict resolution page if the i2paddresshelper parameter differs from
an existing name to destination mapping.
2005-09-25 jrandom
* Fix a long standing streaming lib bug (in the inactivity detection code)
* Improved handling of initial streaming lib packet retransmissions to
kill the "lost first packet" bug (where a page shows up with the first
few KB missing)
* Add support for initial window sizes greater than 1 - useful for
eepsites to transmit e.g. 4 packets full of data along with the initial
ACK, thereby cutting down on the rtt latency. The congestion window
size can and does still shrink down to 1 packet though.
* Adjusted the streaming lib retransmission calculation algorithm to be
more TCP-like.
* Bugfix in susidns for deleting entries
2005-09-21 jrandom
* Add support for HTTP POST to EepGet
* Use HTTP POST for syndie bulk fetches, since there's a lot of data to
put in that URL.
* Added support for pure 64bit linux with jbigi and the java service
wrapper (no need for jcpuid if we're on os.arch=amd64). Thanks mule
et al for help testing!
* UI cleanup in Syndie (thanks gloin and bar!)
2005-09-17 jrandom
* Clean up syndie a bit more and bundle a default introductory post with
both new installs and updates.
* Typo fixes on the console (thanks bar!)
* Updated the bandwidth limiter to use two tiers of bandwidth - our normal
steady state rate, plus a new limit on how fast we transfer when
bursting. This is different from the old "burst as fast as possible
until we're out of tokens" policy, and should help those with congested
networks. See /config.jsp to manage this rate.
* Bugfixes in Syndie to handle missing cache files (no data was lost, the
old posts just didn't show up).
* Log properly in EepPost
* Added the natively compiled jbigi and patched java service wrapper for
OS X. Thanks Bill Dorsey for letting me use your machine!
* Don't build i2p.exe or i2pinstall.exe when run on OS X machines, as we
don't bundle the binutils necessary (and there'd be a naming conflict
if we did).
* Added 'single user' functionality to syndie - if the single user
checkbox on the admin page is checked, all users are allowed to control
the instance and sync up with remote syndie nodes.
* Temporarily disable the x-i2p-gzip in i2ptunnel until it is more closely
debugged.
* Adjust I2PTunnelHTTPServer so it can be used for outproxy operators
(just specify the spoofed host as an empty string), allowing them to
honor x-i2p-gzip encoding.
* Let windows users build the exes too (thanks bar and redzara!)
* Allow I2PTunnel httpserver operators to disable gzip compression on
individual tunnels with the i2ptunnel.gzip=false client option
(good idea susi!)
* Added the i2p.exe and i2pinstall.exe for windows users, using launch4j.
* Added runplain.sh for *nix/osx users having problems using the java
service wrapper (called from the install dir as: sh runplain.sh)
* Bundle susidns and syndie, with links on the top nav
* Have I2PTunnelHTTPClient and I2PTunnelHTTPServer use the x-i2p-gzip
content-encoding (if offered), reducing the payload size before it
reaches the streaming lib. The existing compression is at the i2cp
level, so we've been packetizing 4KB of uncompressed data and then
compressing those messages, rather than compressing and then packetizing
4KB of compressed data. This should reduce the number of round trips
to fetch web pages substantially.
* Adjust the startup and timing of the addressbook so that susidns always
has config to work off, and expose a method for susidns to tell it to
reload its config and rerun.
* More careful error handling with introductions (thanks dust!)
* Fix the forceIntroducers checkbox on config.jsp (thanks Complication!)
* Hide the shitlist on the summary so it doesn't confuse new users.
* Removed guaranteed delivery mode entirely (so existing i2phex clients
using it can get the benefits of mode=best_effort). Guaranteed delivery
is offered at the streaming lib level.
* Improve the peer selection code for peer testing, as everyone now
supports tests.
* Give the watchdog its fangs - if it detects obscene job lag or if
clients have been unable to get a leaseSet for more than 5 minutes,
restart the router. This was disabled a year ago due to spurious
restarts, and can be disabled by "watchdog.haltOnHang=false", but the
cause of the spurious restarts should be gone.
* More aggressively publish updated routerInfo.
* Expose the flag to force SSU introductions on the router console
* Don't give people the option to disable SNTP time sync, at least not
through the router console, because there is no reason to disable it.
No, not even if your OS is "ntp synced", because chances are, its not.
* Test the router's reachability earlier and more aggressively
* Use the low level bandwidth limiter's rates for the router console, and
if the router has net.i2p.router.transport.FIFOBandwidthLimiter=INFO in
the logger config, keep track of the 1 second transfer rates as the stat
'bw.sendBps1s' and 'bw.recvBps1s', allowing closer monitoring of burst
behavior.
* Added preliminary support for NAT hole punching through SSU introducers
* Honor peer test results from peers that we have an SSU session with if
those sessions are idle for 3 minutes or more.
* HTML cleanup for the router console (thanks!)
2005-09-07 jrandom
* Lay the foundation for 'client routers' - the ability for peers to opt
out of participating in tunnels entirely due to firewall/NAT issues.
Individual routers have control over where those peers are used in
tunnels - in outbound or inbound, exploratory or client tunnels, or
none at all. The defaults with this build are to simply act as before -
placing everyone as potential participants in any tunnel.
* Another part of the foundation includes the option for netDb
participants to refuse to answer queries regarding peers who are marked
as unreachable, though this too is disabled by default (meaning the
routerInfo is retrievable from the netDb).
* Expose the HTTP headers to EepGet status listeners
* Handle DSA key failures properly (if the signature is not invertable, it
is obviously invalid)
also, syndie now properly detects whether the remote archive can send a filtered export.zip
by examining the HTTP headers for X-Syndie-Export-Capable: true. If the remote archive
does not set that header (and neither freesites, nor apache or anything other than the ArchiveServlet will),
it uses individual HTTP requests for individual blog posts and metadata fetches.
rss.jsp can in turn receive all the filters that index.jsp can - e.g. ?blog=blah or ?selector=group://foo,
and by default returns the latest 10 values (overridden with ?wanted=15). If you want it to pull
with a user's blog's preferences (filters, groups, etc), you can specify ?login=user&password=password
* Don't persist peer profiles until we are shutting down, as the
persistence process gobbles RAM and wall time.
* Bugfix to allow you to check/uncheck the sharedClient setting on the
I2PTunnel web interface.
* Be more careful when expiring a failed tunnel message fragment so we
don't drop the data while attempting to read it.
* Don't publish leaseSets to the netDb if they will never be looked for -
namely, if they are for destinations that only establish outbound
streams. I2PTunnel's 'client' and 'httpclient' proxies have been
modified to tell the router that it doesn't need to publish their
leaseSet (by setting the I2CP config option 'i2cp.dontPublishLeaseSet'
to 'true').
* Don't publish the top 10 peer rankings of each router in the netdb, as
it isn't being watched right now.
* Don't publish leaseSets to the netDb if they will never be looked for -
namely, if they are for destinations that only establish outbound
streams. I2PTunnel's 'client' and 'httpclient' proxies have been
modified to tell the router that it doesn't need to publish their
leaseSet (by setting the I2CP config option 'i2cp.dontPublishLeaseSet'
to 'true').
* Don't publish the top 10 peer rankings of each router in the netdb, as
it isn't being watched right now.
* Minor logging and optimization tweaks in the router and SDK
* Use ISO-8859-1 in the XML files (thanks redzara!)
* The consolePassword config property can now be used to bypass the router
console's nonce checking, allowing CLI restarts
* Minor logging and optimization tweaks in the router and SDK
* Use ISO-8859-1 in the XML files (thanks redzara!)
* The consolePassword config property can now be used to bypass the router
console's nonce checking, allowing CLI restarts
* Catch errors with corrupt tunnel messages more gracefully (no need to
kill the thread and cause an OOM...)
* Don't skip shitlisted peers for netDb store messages, as they aren't
necessarily shitlisted by other people (though they probably are).
* Adjust the netDb store per-peer timeout based on each particular peer's
profile (timeout = 4x their average netDb store response time)
* Don't republish leaseSets to *failed* peers - send them to peers who
replied but just didn't know the value.
* Set a 5 second timeout on the I2PTunnelHTTPServer reading the client's
HTTP headers, rather than blocking indefinitely. HTTP headers should be
sent entirely within the first streaming packet anyway, so this won't be
a problem.
* Don't use the I2PTunnel*Server handler thread pool by default, as it may
prevent any clients from accessing the server if the handlers get
blocked by the streaming lib or other issues.
* Don't overwrite a known status (OK/ERR-Reject/ERR-SymmetricNAT) with
Unknown.
* Removed the concept of "no bandwidth limit" - if none is specified, its
16KBps in/out.
* Include ack packets in the per-peer cwin throttle (they were part of the
bandwidth limit though).
* Tweak the SSU cwin operation to get more accurrate estimates under
congestions.
* SSU improvements to resend more efficiently.
* Added a basic scheduler to eepget to fetch multiple files sequentially.
* Removed the concept of "no bandwidth limit" - if none is specified, its
16KBps in/out.
* Include ack packets in the per-peer cwin throttle (they were part of the
bandwidth limit though).
* Tweak the SSU cwin operation to get more accurrate estimates under
congestions.
* SSU improvements to resend more efficiently.
* Added a basic scheduler to eepget to fetch multiple files sequentially.
* Revise the SSU peer testing protocol so that Bob verifies Charlie's
viability before agreeing to Alice's request. This doesn't work with
older SSU peer test builds, but is backwards compatible (older nodes
won't ask newer nodes to participate in tests, and newer nodes won't
ask older nodes to either).
* Revise the SSU peer testing protocol so that Bob verifies Charlie's
viability before agreeing to Alice's request. This doesn't work with
older SSU peer test builds, but is backwards compatible (older nodes
won't ask newer nodes to participate in tests, and newer nodes won't
ask older nodes to either).
* Keep detailed stats on the peer testing, publishing the results in the
netDb.
* Don't overwrite the status with 'unknown' unless we haven't had a valid
status in a while.
* Make sure to avoid shitlisted peers for peer testing.
* When we get an unknown result to a peer test, try again soon afterwards.
* When a peer tells us that our address is different from what we expect,
if we've done a recent peer test with a result of OK, fire off a peer
test to make sure our IP/port is still valid. If our test is old or the
result was not OK, accept their suggestion, but queue up a peer test for
later.
* Don't try to do a netDb store to a shitlisted peer, and adjust the way
we monitor netDb store progress (to clear up the high netDb.storePeers
stat)
* Deployed the peer testing implementation to be run every few minutes on
each router, as well as any time the user requests a test manually. The
tests do not reconfigure the ports at the moment, merely determine under
what conditions the local router is reachable. The status shown in the
top left will be "ERR-SymmetricNAT" if the user's IP and port show up
differently for different peers, "ERR-Reject" if the router cannot
receive unsolicited packets or the peer helping test could not find a
collaborator, "Unknown" if the test has not been run or the test
participants were unreachable, or "OK" if the router can receive
unsolicited connections and those connections use the same IP and port.
state = 2 means all three handlers are blocking on udpReceiver.receive())
this can legitimately happen if the bandwidth limiter or router throttle chokes the receive for >= 1s.
* Add a configurable throttle to the number of concurrent outbound SSU
connection negotiations (via i2np.udp.maxConcurrentEstablish=4). This
may help those with slow connections to get integrated at the start.
* Further fixlets to the streaming lib
* Display the average clock skew for both SSU and TCP connections
2005-08-07 jrandom
* Fixed the long standing streaming lib bug where we could lose the first
packet on retransmission.
* Avoid an NPE when a message expires on the SSU queue.
* Adjust the streaming lib's window growth factor with an additional
Vegas-esque congestion detection algorithm.
* Removed an unnecessary SSU session drop
* Reduced the MTU (until we get a working PMTU lib)
* Deferr tunnel acceptance until we know how to reach the next hop,
rejecting it if we can't find them in time.
* If our netDb store of our leaseSet fails, give it a few seconds before
republishing.
* Fix an addressbook NPE when a new hostname from the master addressbook
didn't exist in the router addressbook.
* Fix an addressbook bug which caused subscriptions not to be parsed at
all. (Oops!)
* Fix an addressbook NPE when a new hostname from the master addressbook
didn't exist in the router addressbook.
* Fix an addressbook bug which caused subscriptions not to be parsed at
all. (Oops!)
* Adjust the netDb search and store per peer timeouts to match the average
measured per peer success times, rather than huge fixed values.
* Optimized and reverified the netDb peer selection / retrieval process
within the kbuckets.
* Drop TCP connections that don't have any useful activity in 10 minutes.
* If i2np.udp.fixedPort=true, never change the externally published port,
even if we are autodetecting the IP address.
(also includes most of the new peer/NAT testing, but thats not used atm)
2005-07-27 jrandom
* Enabled SSU as the default top priority transport, adjusting the
config.jsp page accordingly.
* Add verification fields to the SSU and TCP connection negotiation (not
compatible with previous builds)
* Enable the backwards incompatible tunnel crypto change as documented in
tunnel-alt.html (have each hop encrypt the received IV before using it,
then encrypt it again before sending it on)
* Disable the I2CP encryption, leaving in place the end to end garlic
encryption (another backwards incompatible change)
* Adjust the protocol versions on the TCP and SSU transports so that they
won't talk to older routers.
* Fix up the config stats handling again
* Fix a rare off-by-one in the SSU fragmentation
* Reduce some unnecessary netDb resending by inluding the peers queried
successfully in the store redundancy count.
* Fix in the SDK for a bug which would manifest itself as misrouted
streaming packets when a destination has many concurrent streaming
connections (thanks duck!)
* No more "Graceful shutdown in -18140121441141s"
* Further preparation for removing I2CP crypto
* Added some validation to the DH key agreement (thanks $anon)
* Validate tunnel data message expirations (though not really a problem,
since tunnels expire)
* Minor PRNG threading cleanup
* Added workaround for an odd win32 bug in the stats configuration
console page which meant only the first checkbox selection was saved.
2005-07-15 Romster
* Added per group selection toggles in the stats configuration console
page.
* Fixed a recently injected bug in the multitransport bidding which had
allowed an essentially arbitrary choice of transports, rather than the
properly ordered choice.
(getLatency() != getLatencyMs(). duh)
* Fixed a long standing bug where we weren't properly comparing session
tags but instead largely depending upon comparing their hashCode,
causing intermittent decryption errors.
* Reduced the growth factor on the slow start and congestion avoidance for
the streaming lib.
* Adjusted some of the I2PTunnelServer threading to use a small pool of
handlers, rather than launching off new threads which then immediately
launch off an I2PTunnelRunner instance (which launches 3 more threads..)
* Don't persist session keys / session tags (not worth it, for now)
* Added some detection and handling code for duplicate session tags being
delivered (root cause still not addressed)
* Make the PRNG's buffer size configurable (via the config property
"i2p.prng.totalBufferSizeKB=4096")
* Disable SSU flooding by default (duh)
* Updates to the StreamSink apps for better throttling tests.
* Use a buffered PRNG, pulling the PRNG data off a larger precalculated
buffer, rather than the underlying PRNG's (likely small) one, which in
turn reduces the frequency of recalcing.
* More tuning to reduce temporary allocation churn
* Within the tunnel, use xor(IV, msg[0:16]) as the flag to detect dups,
rather than the IV by itself, preventing an attack that would let
colluding internal adversaries tag a message to determine that they are
in the same tunnel. Thanks dvorak for the catch!
* Drop long inactive profiles on startup and shutdown
* /configstats.jsp: web interface to pick what stats to log
* Deliver more session tags to account for wider window sizes
* Cache some intermediate values in our HMACSHA256 and BC's HMAC
* Track the client send rate (stream.sendBps and client.sendBpsRaw)
* UrlLauncher: adjust the browser selection order
* I2PAppContext: hooks for dummy HMACSHA256 and a weak PRNG
* StreamSinkClient: add support for sending an unlimited amount of data
* Migrate the tests out of the default build jars
2005-06-22 Comwiz
* Migrate the core tests to junit
* Phase 1 of the unit test bounty completed. (The router build script was modified not to build the router
tests because of a broken dependancy on the core tests. This should be fixed in
phase 3 of the unit test bounty.)
* increased the maximum number of fragments allowed in a message from 31 to 127,
reducing the maximum fragment size to 8KB and moving around some bits in the fragment
info. This is not backwards compatible.
* removed the old (hokey) congestion control description, replacing it with the TCP-esque
algorithm implemented
note: the code for the ACK bitfields and fragment info changes have not yet been
implemented, so the old version of this document describes whats going on in the live net.
the new bitfields / fragment info should be deployed in the next day or so (hopefully :)
* Cleaned up the peers page a bit more.
more udp stuff:
* add new config option: i2np.udp.alwaysPreferred=true to adjust the bidding
so that UDP is picked first, even if a TCP connection exists
* fixed the initial clock skew problem (duh)
* reduced the MTU to 576 (largest nearly-universally-safe, and allows a
tunnel message in 2 fragments)
* handle some races @ connection establishment (thanks duck!)
* if there are more ACKs than we can send in a packet, reschedule another
ACK immediately
* Added a small new page to the web console (/peers.jsp) which contains
the peer connection information. This will be cleaned up a lot more
before 0.6 is out, but its a start.
* Reduced some SimpleTimer churn
* add hooks for per-peer choking in the outbound message queue - if/when a
peer reaches their cwin, no further messages will enter the 'active' pool
until there are more bytes available. other messages waiting (either later
on in the same priority queue, or in the queues for other priorities) may
take that slot.
* when we have a message acked, release the acked size to the congestion
window (duh), rather than waiting for the second to expire and refill the
capacity.
* send packets in a volley explicitly, waiting until we can allocate the full
cwin size for that message
* more stats. including per-peer KBps (updated every second)
* improved blocking/timeout situations on the send queue
* added drop simulation hook
* provide logical RTO limits
* Reduce the peer profile stat coallesce overhead by inlining it with the
reorganize.
* Limit each transport to at most one address (any transport that requires
multiple entry points can include those alternatives in the address).
udp stuff:
* change the UDP transport's style from "udp" to "SSUv1"
* keep track of each peer's skew
* properly handle session reestablishment over an existing session, rather
than requiring both sides to expire first
* More fixes for the I2PTunnel "other" interface handling (thanks nelgin!)
* Add back the code to handle bids from multiple transports (though there
is still only one transport enabled by default)
* Adjust the router's queueing of outbound client messages when under
heavy load by running the preparatory job in the client's I2CP handler
thread, thereby blocking additional outbound messages when the router is
hosed.
* No need to validate or persist a netDb entry if we already have it
And for some udp stuff:
* only bid on what we know (duh)
* reduceed the queue size in the UDPSender itself, so that ACKs go
through more quickly, leaving the payload messages to queue up in
the outbound fragment scheduler
* rather than /= 2 on congestion, /= 2/3 (still AIMD, but less drastic)
* adjust the fragment selector so a wsiz throttle won't force extra
volleys
* mark congestion when it occurs, not after the message has been
ACKed
* when doing a round robin over the active messages, move on to the
next after a full volley, not after each packet (causing less "fair"
performance but better latency)
* reduced the lock contention in the inboundMessageFragments by
moving the ack and complete queues to the ACKSender and
MessageReceiver respectively (each of which have their own
threads)
* prefer new and existing UDP sessions to new TCP sessions, but
prefer existing TCP sessions to new UDP sessions
* Added button to router console for manual update checks.
* Fixed bug in configupdate.jsp that caused the proxy port to be updated
every time the form was submitted even if it hadn't changed.
* Added a pool of PRNGs using a different synchronization technique,
hopefully sufficient to work around IBM's PRNG bugs until we get our
own Fortuna.
* In the streaming lib, don't jack up the RTT on NACK, and have the window
size bound the not-yet-ready messages to the peer, not the unacked
message count (not sure yet whether this is worthwile).
* Many additions to the messageHistory log.
* Handle out of order tunnel fragment delivery (not an issue on the live
net with TCP, but critical with UDP).
* Added a pool of PRNGs using a different synchronization technique,
hopefully sufficient to work around IBM's PRNG bugs until we get our
own Fortuna.
* In the streaming lib, don't jack up the RTT on NACK, and have the window
size bound the not-yet-ready messages to the peer, not the unacked
message count (not sure yet whether this is worthwile).
* Many additions to the messageHistory log.
* Handle out of order tunnel fragment delivery (not an issue on the live
net with TCP, but critical with UDP).
and for udp stuff:
* implemented tcp-esque rto code in the udp transport
* make sure we don't ACK too many messages at once
* transmit fragments in a simple (nonrandom) order so that we can more easily
adjust timeouts/etc.
* let the active outbound pool grow dynamically if there are outbound slots to
spare
* use a simple decaying bloom filter at the UDP level to drop duplicate resent
packets.
And this is the big "Fix the Parser" patch. It turns the sam_parse function in src/parse.c into something that actually works. Generating the argument list from an incoming SAM thingy is a bit memory churn-y; perhaps when I have time I'll replace all those strdups with structures that simply track the (start,end) indices.
Oh and also I moved i2p-ping to the new system. Which required 0 change in code. All I did was fix the Makefile, and add shared library libtool support. Anyway, so enjoy folks. It's rare I'm this productive
- polecat
* In the SDK, we don't actually need to block when we're sending a message
as BestEffort (and these days, we're always sending BestEffort).
* Pass out client messages in fewer (larger) steps.
* Have the InNetMessagePool short circuit dispatch requests.
* Have the message validator take into account expiration to cut down on
false positives at high transfer rates.
* Allow configuration of the probabalistic window size growth rate in the
streaming lib's slow start and congestion avoidance phases, and default
them to a more conservative value (2), rather than the previous value
(1).
* Reduce the ack delay in the streaming lib to 500ms
* Honor choke requests in the streaming lib (only affects those getting
insanely high transfer rates)
* Let the user specify an interface besides 127.0.0.1 or 0.0.0.0 on the
I2PTunnel client page (thanks maestro^!)
(plus minor udp tweaks)
* Added the possibility for i2ptunnel client and httpclient instances to
have their own i2p session (and hence, destination and tunnels). By
default, tunnels are shared, but that can be changed on the web
interface or with the sharedClient config option in i2ptunnel.config.
2005-04-17 jrandom
* Marked the net.i2p.i2ptunnel.TunnelManager as deprecated. Anyone use
this? If not, I want to drop it (lots of tiny details with lots of
duplicated semantics).
* Added new user-editable eepproxy error page templates.
2005-04-17 jrandom
* Revamp the tunnel building throttles, fixing a situation where the
rebuild may not recover, and defaulting it to unthrottled (users with
slow CPUs may want to set "router.tunnel.shouldThrottle=true" in their
advanced router config)
* use the new raw i2np message format (the previous corruptions were due to above)
* add a new test component (UDPFlooder) which floods all peers at the rate desired
* packet munging fix for highly fragmented messages
* include basic slow start code
* fixed the UDP peer rate refilling
* cleaned up some nextSend scheduling
* Make sure we don't get cached updates (thanks smeghead!)
* Clear out the callback for the TestJob after it passes (only affects the
job timing accounting)
* include a new signedOnTime so that we can prepare the packet at a different moment from
when we encrypt & send it (also allowing us to reuse that signature on resends for the same
establishment)
* Security improvements to TrustedUpdate: signing and verification of the
version string along with the data payload for signed update files
(consequently the positions of the DSA signature and version string fields
have been swapped in the spec for the update file's header); router will
no longer perform a trusted update if the signed update's version is lower
than or equal to the currently running router's version.
* Added two new CLI commands to TrustedUpdate: showversion, verifyupdate.
* Extended TrustedUpdate public API for use by third party applications.
* Retry I2PTunnel startup if we are unable to build a socketManager for a
client or httpclient tunnel.
* Add some basic sanity checking on the I2CP settings (thanks duck!)
* After a successfull netDb search for a leaseSet, republish it to all of
the peers we have tried so far who did not give us the key (up to 10),
rather than the old K closest (which may include peers who had given us
the key)
* Don't wait 5 minutes to publish a leaseSet (duh!), and rather than
republish it every 5 minutes, republish it every 3. In addition, always
republish as soon as the leaseSet changes (duh^2).
* Minor fix for oddball startup race (thanks travis_bickle!)
* Minor AES update to allow in-place decryption.
SigningPublicKey, which take a single String argument and construct
the object from the Base64 data in that string (where this data is
the product of a .toBase64() call on a prior instance).
2005-03-29 jrandom
* Decreased the initial RTT estimate to 10s to allow more retries.
* Increased the default netDb store replication factor from 2 to 6 to take
into consideration tunnel failures.
* Address some statistical anonymity attacks against the netDb that could
be mounted by an active internal adversary by only answering lookups for
leaseSets we received through an unsolicited store.
* Don't throttle lookup responses (we throttle enough elsewhere)
* Fix the NewsFetcher so that it doesn't incorrectly resume midway through
the file (thanks nickster!)
* Updated the I2PTunnel HTML (thanks postman!)
* Added support to the I2PTunnel pages for the URL parameter "passphrase",
which, if matched against the router.config "i2ptunnel.passphrase" value,
skips the nonce check. If the config prop doesn't exist or is blank, no
passphrase is accepted.
* Implemented HMAC-SHA256.
* Enable the tunnel batching with a 500ms delay by default
* Dropped compatability with 0.5.0.3 and earlier releases
* Implemented the news fetch / update policy code, as configurated on
/configupdate.jsp. Defaults are to grab the news every 24h (or if it
doesn't exist yet, on startup). No action is taken however, though if
the news.xml specifies that a new release is available, an option to
update will be shown on the router console.
* New initialNews.xml delivered with new installs, and moved news.xml out
of the i2pwww module and into the i2p module so that we can bundle it
within each update.
* New /configupdate.jsp page for controlling the update / notification
process, as well as various minor related updates. Note that not all
options are exposed yet, and the update detection code isn't in place
in this commit - it currently says there is always an update available.
* New EepGet component for reliable downloading, with a CLI exposed in
java -cp lib/i2p.jar net.i2p.util.EepGet url
* Added a default signing key to the TrustedUpdate component to be used
for verifying updates. This signing key can be authenticated via
gpg --verify i2p/core/java/src/net/i2p/crypto/TrustedUpdate.java
* New public domain SHA1 implementation for the DSA code so that we can
handle signing streams of arbitrary size without excess memory usage
(thanks P.Verdy!)
* Added some helpers to the TrustedUpdate to work off streams and to offer
a minimal CLI:
TrustedUpdate keygen pubKeyFile privKeyFile
TrustedUpdate sign origFile signedFile privKeyFile
TrustedUpdate verify signedFile
* Fixed the tunnel fragmentation handler to deal with multiple fragments
in a single message properly (rather than release the buffer into the
cache after processing the first one) (duh!)
* Added the batching preprocessor which will bundle together multiple
small messages inside a single tunnel message by delaying their delivery
up to .5s, or whenever the pending data will fill a full message,
whichever comes first. This is disabled at the moment, since without the
above bugfix widely deployed, lots and lots of messages would fail.
* Within each tunnel pool, stick with a randomly selected peer for up to
.5s before randomizing and selecting again, instead of randomizing the
pool each time a tunnel is needed.
* Fixed the tunnel fragmentation handler to deal with multiple fragments
in a single message properly (rather than release the buffer into the
cache after processing the first one) (duh!)
* Added the batching preprocessor which will bundle together multiple
small messages inside a single tunnel message by delaying their delivery
up to .5s, or whenever the pending data will fill a full message,
whichever comes first. This is disabled at the moment, since without the
above bugfix widely deployed, lots and lots of messages would fail.
* Within each tunnel pool, stick with a randomly selected peer for up to
.5s before randomizing and selecting again, instead of randomizing the
pool each time a tunnel is needed.
2005-03-18 jrandom
* Minor tweak to the timestamper to help reduce small skews
* Adjust the stats published to include only the relevent ones
* Only show the currently used speed calculation on the profile page
* Allow the full max # resends to be sent, rather than piggybacking the
RESET packet along side the final resend (duh)
* Add irc.postman.i2p to the default list of IRC servers for new installs
* Drop support for routers running 0.5 or 0.5.0.1 while maintaining
backwards compatability for users running 0.5.0.2.
* Update the old speed calculator and associated profile data points to
use a non-tiered moving average of the tunnel test time, avoiding the
freshness issues of the old tiered speed stats.
* Explicitly synchronize all of the methods on the PRNG, rather than just
the feeder methods (sun and kaffe only need the feeder, but it seems ibm
needs all of them synchronized).
* Properly use the tunnel tests as part of the profile stats.
* Don't flood the jobqueue with sequential persist profile tasks, but
instead, inject a brief scheduling delay between them.
* Reduce the TCP connection establishment timeout to 20s (which is still
absurdly excessive)
* Reduced the max resend delay to 30s so we can get some resends in when
dealing with client apps that hang up early (e.g. wget)
* Added more alternative socketManager factories (good call aum!)
* Adjust the old speed calculator to include end to end RTT data in its
estimates, and use that as the primary speed calculator again.
* Use the mean of the high capacity speeds to determine the fast
threshold, rather than the median. Perhaps we should use the mean of
all active non-failing peers?
* Updated the profile page to sort by tier, then alphabetically.
* Added some alternative socketManager factories (good call aum!)
* New strict speed calculator that goes off the actual number of messages
verifiably sent through the peer by way of tunnels. Initially, this only
contains the successful message count on inbound tunnels, but may be
augmented later to include verified outbound messages, peers queried in
the netDb, etc. The speed calculation decays quickly, but should give
a better differential than the previous stat (both values are shown on
the /profiles.jsp page)
2005-03-11 jrandom
* Rather than the fixed resend timeout floor (10s), use 10s+RTT as the
minimum (increased on resends as before, of course).
* Always prod the clock update listeners, even if just to tell them that
the time hasn't changed much.
* Added support for explicit peer selection for individual tunnel pools,
which will be useful in debugging but not recommended for use by normal
end users.
* More aggressively search for the next hop's routerInfo on tunnel join.
* Give messages received via inbound tunnels that are bound to remote
locations sufficient time (taking into account clock skew).
* Give alternate direct send messages sufficient time (10s min, not 5s)
* Always give the end to end data message the explicit timeout (though the
old default was sufficient before)
* No need to give end to end messages an insane expiration (+2m), as we
are already handling skew on the receiving side.
* Don't complain too loudly about expired TunnelCreateMessages (at least,
not until after all those 0.5 and 0.5.0.1 users upgrade ;)
* Properly keep the sendBps stat
* When running the router with router.keepHistory=true, log more data to
messageHistory.txt
* Logging updates
* Minor formatting updates
2005-03-06 jrandom
* Allow the I2PTunnel web interface to select streaming lib options for
individual client tunnels, rather than sharing them across all of them,
as we do with the session options. This way people can (and should) set
the irc proxy to interactive and the eepproxy to bulk.
* Added a startRouter.sh script to new installs which simply calls
"sh i2prouter start". This should make it clear how people should start
I2P.
* Filter HTTP response headers in the eepproxy, forcing Connection: close
so that broken (/malicious) webservers can't allow persistent
connections. All HTTP compliant browsers should now always close the
socket.
* Enabled the GZIPInputStream's cache (they were'nt cached before)
* Make sure our first send is always a SYN (duh)
* Workaround for some buggy compilers
* Loop while starting up the I2PTunnel instances, in case the I2CP
listener isn't up yet (thanks detonate!)
* Implement custom reusable GZIP streams to both reduce memory churn
and prevent the exposure of data in the standard GZIP header (creation
time, OS, etc). This is RFC1952 compliant, and backwards compatible,
though has only been tested within the confines of I2P's compression use
(DataHelper.[de]compress).
* Preemptively support the next protocol version, so that after the 0.5.0.2
release, we'll be able to drop protocol=2 to get rid of 0.5 users.
* Fix one substantial OOM cause (session tag manager was only dropping
tags once the critical limit was met, rather than honoring their
expiration) (duh)
* Lots of small memory fixes
* Double the allowable concurrent outstanding tunnel build tasks (20)
* Really disable the streaming lib packet caching
* Synchronized a message handling point in the SDK (even though its use is
already essentially single threaded, its better to play it safe)
* Don't add new RepublishLeaseSetJobs on failure, just requeue up the
existing one (duh)
* Throttle the number of concurrent pending tunnel builds across all
pools, in addition to simply throttling the number of new requests per
minute for each pool individually. This should avoid the cascading
failure when tunnel builds take too long, as no new builds will be
created until the previous ones are handled.
* Factored out and extended the DataHelper's unit tests for dealing with
long and date formatting.
* Explicitly specify the HTTP auth realm as "i2prouter", though this
alone doesn't address the bug where jetty asks for authentication too
much. (thanks orion!)
* Updated the StreamSinkServer to ignore all read bytes, rather than write
them to the filesystem.
* Don't rerequest leaseSets if there are already pending requests
* Reverted the insufficiently tested caching in the DSA/SHA1 impl, and
temporary disabled the streaming lib packet caching.
* Reduced the resend RTT penalty to 10s
* Further streaming lib caching improvements
* Reduce the minimum RTT (used to calculate retry timeouts), but also
increase the RTT on resends.
* Lower the default message size to 4KB from 16KB to further reduce the
chance of failed fragmentation.
* Extend tunnel rebuild throttling to include fallback rebuilds
* If there are less than 20 routers known, don't drop the last 20 (to help
avoid dropping all peers under catastrophic failures)
* New stats for end to end messages - "client.leaseSetFoundLocally",
"client.leaseSetFoundRemoteTime", and "client.leaseSetFailedRemoteTime"
* Throttle the number of tunnel rebuilds per minute, preventing CPU
overload under catastrophic failures (thanks Tracker and cervantes!)
* Block the router startup process until we've initialized the clock
* Cache temporary memory allocation in the DSA's SHA1 impl, and the packet
data in the streaming lib.
* Fixed a streaming lib bug where the connection initiator would fail the
stream if the ACK to their SYN was lost.
* Reworked the tunnel (re)building process to remove the tokens and
provide cleaner controls on the tunnels built.
* Fixed situations where the timestamper wanted to test more servers than
were provided (thanks Tracker!)
* Get rid of the dead SAM sessions by using the streaming lib's callbacks
(thanks Tracker!)
* Temporary workaround for the I2CP disconnect bug (have the streaminglib
try to automatically reconnect on accept()/connect(..)).
* Loop check for expired lease republishing (just in case)
* Temporary workaround for the I2CP disconnect bug (have the streaminglib
try to automatically reconnect on accept()/connect(..)).
* Loop check for expired lease republishing (just in case)
* Adjusted (and fixed...) the timestamper change detection
* Deal with a rare reordering bug at the beginning of a stream (so we
don't drop it unnecessarily)
* Cleaned up some dropped message handling in the router
* Reduced job queue churn when dealing with a large number of tunnels by
sharing an expiration job
* Keep a separate list of the most recent CRIT messages (shown on the
logs.jsp). This way they don't get buried among any other messages.
* For clarity, display the tunnel variance config as "Randomization" on
the web console.
* If lease republishing fails (boo! hiss!) try it again
* Actually fix the negative jobLag in the right place (this time)
* Allow reseeding when there are less than 10 known peer references
* Lots of logging updates.
* Allow the streaming lib resend frequency to drop down to 20s as the
minimum, so that up to 2 retries can get sent on an http request.
* Add further limits to failsafe tunnels.
* Keep exploratory and client tunnel testing and building stats separate.
* Only use the 60s period for throttling tunnel requests due to transient
network overload.
* Rebuild tunnels earlier (1-3m before expiration, by default)
* Cache the next hop's routerInfo for participating tunnels so that the
tunnel participation doesn't depend on the netDb.
* Fixed a long standing bug in the streaming lib where we wouldn't always
unchoke messages when the window size grows.
* Make sure the window size never reaches 0 (duh)
* Allow the streaming lib resend frequency to drop down to 20s as the
minimum, so that up to 2 retries can get sent on an http request.
* Add further limits to failsafe tunnels.
* Keep exploratory and client tunnel testing and building stats separate.
* Only use the 60s period for throttling tunnel requests due to transient
network overload.
* Rebuild tunnels earlier (1-3m before expiration, by default)
* Cache the next hop's routerInfo for participating tunnels so that the
tunnel participation doesn't depend on the netDb.
* Fixed a long standing bug in the streaming lib where we wouldn't always
unchoke messages when the window size grows.
* Make sure the window size never reaches 0 (duh)
* Only build failsafe tunnels if we need them
* Properly implement the selectNotFailingPeers so that we get a random
selection of peers, rather than using the strictOrdering (thanks dm!)
* Don't include too many "don't tell me about" peer references in the
lookup message - only send the 10 peer references closest to the target.
* Only build new extra tunnels on failure if we don't have enough
* Fix a fencepost in the tunnel building so that e.g. a variance of
2 means +/- 2, not +/- 1 (thanks dm!)
* Avoid an NPE on client disconnect
* Never select a shitlisted peer to participate in a tunnel
* Have netDb store messages timeout after 10s, not the full 60s (duh)
* Keep session tags around for a little longer, just in case (grr)
* Cleaned up some closing event issues on the streaming lib
* Stop bundling the jetty 5.1.2 and updated wrapper.config in the update
so that 0.4.* users will need to do a clean install, but we don't need
to shove an additional 2MB in each update to those already on 0.5.
* Imported the susimail css (oops, thanks susi!)
* Fixed the braindead tunnel testing logic
* If a large number of tunnels are failing (within the last 5-10 minutes)
and the current tunnel pool's configuration allows it, randomly build a
zero hop tunnel to replace failed tunnels.
* Enable postman's POP3 and SMTP tunnels by default
* Added some error handling when the number of session tags exceeds the
realistic capacity, dropping a random chunk of received tag sets and
conducting some minor analysis of the remaining ones. This is a part
of a pretty serious error condition, and logs as CRIT (if/when people
see "TOO MANY SESSION TAGS!", please let me know the full log line it
puts in the wrapper.log or /logs.jsp)
* Update the addressbook to only write to the published hosts location
if the addressbook's config contains "should_publish=true" (by default,
it contains "should_publish=false")
* (Merged the 0.5-pre branch back into CVS HEAD)
* Replaced the old tunnel routing crypto with the one specified in
router/doc/tunnel-alt.html, including updates to the web console to view
and tweak it.
* Provide the means for routers to reject tunnel requests with a wider
range of responses:
probabalistic rejection, due to approaching overload
transient rejection, due to temporary overload
bandwidth rejection, due to persistent bandwidth overload
critical rejection, due to general router fault (or imminent shutdown)
The different responses are factored into the profiles accordingly.
* Replaced the old I2CP tunnel related options (tunnels.depthInbound, etc)
with a series of new properties, relevent to the new tunnel routing code:
inbound.nickname (used on the console)
inbound.quantity (# of tunnels to use in any leaseSets)
inbound.backupQuantity (# of tunnels to keep in the ready)
inbound.length (# of remote peers in the tunnel)
inbound.lengthVariance (if > 0, permute the length by adding a random #
up to the variance. if < 0, permute the length
by adding or subtracting a random # up to the
variance)
outbound.* (same as the inbound, except for the, uh, outbound tunnels
in that client's pool)
There are other options, and more will be added later, but the above are
the most relevent ones.
* Replaced Jetty 4.2.21 with Jetty 5.1.2
* Compress all profile data on disk.
* Adjust the reseeding functionality to work even when the JVM's http proxy
is set.
* Enable a poor-man's interactive-flow in the streaming lib by choking the
max window size.
* Reduced the default streaming lib max message size to 16KB (though still
configurable by the user), also doubling the default maximum window
size.
* Replaced the RouterIdentity in a Lease with its SHA256 hash.
* Reduced the overall I2NP message checksum from a full 32 byte SHA256 to
the first byte of the SHA256.
* Added a new "netId" flag to let routers drop references to other routers
who we won't be able to talk to.
* Extended the timestamper to get a second (or third) opinion whenever it
wants to actually adjust the clock offset.
* Replaced that kludge of a timestamp I2NP message with a full blown
DateMessage.
* Substantial memory optimizations within the router and the SDK to reduce
GC churn. Client apps and the streaming libs have not been tuned,
however.
* More bugfixes thank you can shake a stick at.
2005-02-13 jrandom
* Updated jbigi source to handle 64bit CPUs. The bundled jbigi.jar still
only contains 32bit versions, so build your own, placing libjbigi.so in
your install dir if necessary. (thanks mule!)
* Added support for libjbigi-$os-athlon64 to NativeBigInteger and CPUID
(thanks spaetz!)
* Initial check-in of Pants, a new utility to help us manage our 3rd-party
dependencies (Fortuna, Jetty, Java Service Wrapper, etc.). Some parts of
Pants are still non-functional at this time so don't mess with it yet
unless you want to potentially mangle your working copy of CVS.
* i2pProxy.pac, i2pbench.sh, and i2ptest.sh are now shipped with the dist
packages and installed to $i2pinstalldir/scripts.
* Added command line params to i2ptest.sh and i2pbench.sh: --gij to run them
using gij + libgcj, and --sourcedir to run them from the source tree
instead of the installation directory.
* Fixed unreachable for() statement clause in the KBucketImpl class that was
causing gcj to toss a compilation warning (jrandom++).
* Added a couple of scripts, i2ptest.sh and i2pbench.sh, to manage the core
tests and benchmarks.
* Routerconsole now builds under gcj 3.4.3.
* Corrected divide by zero error in TunnelId class under gcj (jrandom++).
* added more inbound tests
* made the tunnel preprocessing header more clear and included better fragmentation support
(still left: tests for outbound tunnel processing, structures and jobs to integrate with the router,
remove that full SHA256 from each and every I2NPMessage or put a smaller one at the
transport layer, and all the rest of the tunnel pooling/building stuff)
* C#-ification of sam-sharp: interface greatly simplified using delegates
and events; SamBaseEventHandler provides basic implementation and helper
methods but is now optional.
* NAnt buildfile and README added for sam-sharp.
* Port the java SAM client library to mono/C# and released into the
public domain. The 0.1 version of this port is available in CVS as
i2p/apps/sam/csharp/src/I2P.SAM.Client. The other nonfunctional C#
library has been removed.
* Updated jbigi build scripts for OSX.
2005-01-21 jrandom
* Added support for OSX to the NativeBigInteger code so that it will look
in the classpath for libjbigi-osx-none.jnilib. At the moment, that file
is not bundled with the shipped jbigi.jar yet though.
tunnel ID they listen on and make sure the previous peer doesn't change over time. The
worst that a hostile peer could do is create a multiplicative work factor - they send N
messages, causing N*#hops in the loop of bandwidth usage. This is identical to the hostile
peer simply building a pair of tunnels and sending N messages through them.
also added some discussion about the tradeoffs and variations wrt fixed size tunnel messages.
* Added meaningful support for adjusting the preferred message size in the
streaming lib by setting the i2p.streaming.maxMessageSize=32768 (or
whatever). The other side will mimic a reduction (but never an increase).
* Always make sure to use distinct ConnectionOption objects for each
connection (duh)
* Reduced the default ACK delay to 500ms on in the streaming lib
* Only shrink the streaming window once per window
* Don't bundle a new jetty.xml with updates
* Catch another local routerInfo corruption issue on startup.
* Caught a series of (previously unhandled) errors caused by requeueing
messages that had timed out on the TCP transport (thanks mae^!)
* Reduce the barrier to dropping session tags on streaming lib resends -
every fourth send should drop the tags, forcing ElGamal encryption. This
will help speed up the recovery after a disconnect, rather than the drop
every fifth send.
This prevents the first peer after the gateway from looking at the encrypted data received
and seeing "hey, none of the checksum blocks match the payload, they must be the gateway".
done (e.g. *what* gets encrypted, modifying the tunnelCreate messages, the tunnel
building process, and the new tunnel pooling). I seem to have lost much of the typed
up docs describing this too, so I'll be hitting that next.
2005-01-06 jrandom
* Added a startup message to the addressbook, printing its version number
to stdout (which is sent to wrapper.config) when it loads.
* Updated the addressbook to reread the config file periodically
* Added orion.i2p to the list of eepsites on the default homepage
* Handle unexpected network read errors more carefully (thanks parg!)
* Added more methods to partially compare (DataHelper) and display
arrays (Base64.encode).
* Exposed the AES encryptBlock/decryptBlock on the context.aes()
* Be more generous on the throttle when just starting up the router
* Fix a missing scheduled event in the streaming lib (caused after reset)
* Add a new DisconnectListener on the I2PSocketManager to allow
notification of session destruction.
* Make sure our own router identity is valid, and if it isn't, build a new
one and restart the router. Alternately, you can run the Router with
the single command line argument "rebuild" and it will do the same.
* Integrated latest addressbook changes (2.0.3) which include support for
deploying as a .war file with no existing addressbook configuration.
* Updated main build process to bundle the addressbook.war in the
i2pinstall.jar and i2pupdate.zip.
* Speling fxi (thanks digum!)
* Bugfix for the I2PTunnel web interface so that it now properly launches
newly added tunnels that are defined to be run on startup (thanks ugha!)
* Revised the I2PTunnel client and httpclient connection establishment
throttles. There is now a pool of threads that build the I2PSocket
connections with a default size of 5, configurable via the I2PTunnel
client option 'i2ptunnel.numConnectionBuilders' (if set to 0, it will
not throttle the number of concurrent builders, but will launch a thread
per socket during establishment). In addition, sockets accepted but
not yet allocated to one of the connection builders will be destroyed
after 30 seconds, configurable via 'i2ptunnel.maxWaitTime' (if set to
0, it will wait indefinitely).
* Imported Ragnarok's addressbook source (2.0.2) which is built but not
deployed in the i2pinstall.jar/i2pupdate.zip (yet).
* Don't treat connection inactivity closure as a connection error.
* Add in a new keepalive event on each TCP connection, proactively sending
a (tiny) time message every minute or two, as well as killing the
connection if no message has been fully sent within 5 minutes or so.
This should help deal with hung connections from IP address changes.
* Cleaned up the resending and choking algorithm in the streaming lib.
* Removed the read timeout override for I2PTunnel's httpclient, allowing
it to use the default for the streaming lib.
* Revised ack triggers in the streaming lib.
* Logging.
* Cleaned up the postinstall/startup scripts a bit more to handle winME,
and added windows info to the headless docs. (thanks ardvark!)
* Fixed a harmless (yet NPE inspiring) race during the final shutdown of
a stream (thanks frosk!)
* Add a pair of new stats for monitoring tunnel participation -
tunnel.participatingBytesProcessed (total # bytes transferred) and
tunnel.participatingBytesProcessedActive (total # bytes transferred for
tunnels whose byte count exceed the 10m average). This should help
further monitor congestion issues.
* Made the NamingService factory property public (thanks susi!)
* No longer do a blocking DNS lookup within the jobqueue (thanks mule!)
* Set a 60s dns cache TTL, instead of 0s. Most users who used to use
dyndns/etc now just use IP autodetection, so the old "we need ttl=0"
reasoning is gone.
* Added a new i2ptunnel type: 'httpserver', allowing you to specify what
hostname should be sent to the webserver. By default, new installs will
have an httpserver pointing at their jetty instance with the spoofed
name 'mysite.i2p' (editable on the /i2ptunnel/edit.jsp page).
<failif="tests.failed">Some tests failed; see details above.</fail>
</target>
<targetdepends="init,-do-not-recompile,compile-test-single,-pre-test-run-single,-do-test-run-single,-post-test-run-single"description="Run single unit test."name="test-single"/>
<failif="tests.failed">Some tests failed; see details above.</fail>
</target>
<targetdepends="init,-do-not-recompile,compile-test-single,-pre-test-run-single,-do-test-run-single,-post-test-run-single"description="Run single unit test."name="test-single"/>
<failif="tests.failed">Some tests failed; see details above.</fail>
</target>
<targetdepends="init,-do-not-recompile,compile-test-single,-pre-test-run-single,-do-test-run-single,-post-test-run-single"description="Run single unit test."name="test-single"/>
- Allow desktopgui to start, stop and restart I2P. - DONE
- Correct logging system - DONE
- Internationalisation:
* Add strings - DONE
* Add Windows support - NEED TO CHECK
* Might need some kind of trigger to reload the menu (for live language switching) - DONE
* Language choice is not actually set as a parameter in I2P config?
As a result, desktopgui always starts with the default, unless you manually set the language.
DONE - uses routerconsole.lang -- this parameter is now updated in routerconsole as well
- Check if we're inside I2P without using a command-line parameter - DONE
- Modify installer to set I2P directory parameter; or use $I2P? - Is already there
- Include in installer - TODO
- Start desktopgui without adding to clients.config and without adding a dependency on routerconsole!
* One possibility:
Adding some kind of 'ApplicationManager' that allows starting applications.
Extra remark: ApplicationManager should also allow stopping certain applications from launching.
Suggestion:
* ApplicationManager reads/writes clients.config
* ApplicationManager itself: independent from clients.config?
* Upon reboot, ApplicationManager could add a new application to clients.config _if_ the 'application.manager.version' is not there, or is smaller than the current version.
* ApplicationManager can be the clients.config backend for routerconsole, so routerconsole is not the dependency.
* API:
- addConfig(args, name, ...)
- removeConfig(int)
- removeConfig(ConfigFilter)
ConfigFilter() {
boolean filterArgs(String args);
boolean filterMain(String main);
...
}
- editConfig(args, name, ..., ConfigFilter)
- editConfig(args, name, ..., int)
- editConfigArgs(args, ConfigFilter)
- editConfigArgs(args, int)
- ...
* For now: added in the routerconsole startup (like the old SysTray. - DONE
Possible migration path: startup ApplicationManager in routerconsole the first time.
- Check bug: restart is happening instead of shutdown!
- Check build order (for example: first desktopgui, only later routerconsole)
- Fix tabs versus spaces ;-)
- Add check for Java version 6 in RouterConsoleRunner!
UNKNOWN:
- API to allow applications to add themselves to the menu?
* registerApplication(); -- should return a positive number on success, -1 on failure
* unregisterApplication(int); -- should return nothing (or bool for success?), and the parameter should be the number given when registering the application
- Fetch I2P localhost from the core I2P application?
- Use I2PAppContext::appDir (something like that) for desktopgui data.
- Consider SWT as option
* Check core/java/src/net/i2p/util/FileUtil.java for dynamic jar loading
* Possible logic:
- First try to load SWT (has the most options and is not ugly)
- Then load AWT
- Access router.jar from other JVM? Is this possible? -- no: use I2CP with auth (not ready yet)
- Start desktopgui with another user than the user starting I2P (required for daemon usage).
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
