CI:build_docker: cache entire ci-exports/ folder

Restoring cached globbed files doesn't seem to work.
The folder only contains a single file anyway,
 so it shouldn't endlessly grow in size.

.dockerignore

@@ -0,0 +1,31 @@
+.idea
+.git
+Dockerfile
+
+
+# Gradle
+.gradle
+build
+apps/BOB/build
+apps/addressbook/build
+apps/desktopgui/build
+apps/i2pcontrol/build
+apps/i2psnark/build
+apps/i2ptunnel/build
+apps/imagegen/build
+apps/jetty/build
+apps/jrobin/build
+apps/ministreaming/java/build
+apps/ministreaming/build
+apps/routerconsole/build
+apps/sam/build
+apps/streaming/build
+apps/susidns/build
+apps/susimail/build
+apps/systray/build
+core/java/build
+core/build
+installer/build
+router/java/build
+router/build
+

.gitlab-ci.yml

@@ -0,0 +1,67 @@
+image: openjdk:8-alpine
+
+stages:
+    - test
+    - build
+
+cache:
+    key: ${CI_COMMIT_REF_SLUG}
+    paths:
+        - $HOME/.gradle/caches/
+        - $HOME/.gradle/wrapper/
+        - .gradle
+
+test:
+    stage: test
+    coverage: '/Total.*?([0-9]{1,3})%/'
+    before_script:
+        - apk add --no-cache grep
+    script:
+        - ./gradlew codeCoverageReport
+        # The actual output that will be parsed by the code coverage
+        - grep -oP "Total.*?%" build/reports/jacoco/html/index.html
+    only:
+        - merge_requests
+        - tags
+
+# Make sure we can build a docker image
+# It's cached for later jobs
+build_docker:
+    stage: build
+    image: docker:19.03.12
+    services:
+        - docker:19.03.12-dind
+    script:
+        # Try to load latest branch image from local tar or from registry
+        - docker load -i ci-exports/$CI_COMMIT_REF_SLUG.tar || docker pull $CI_REGISTRY_IMAGE:latest || true
+        - docker build --cache-from $CI_REGISTRY_IMAGE:latest --tag $CI_REGISTRY_IMAGE:latest .
+        - mkdir -p ci-exports/
+        - docker save $CI_REGISTRY_IMAGE:latest > ci-exports/$CI_COMMIT_REF_SLUG.tar
+    variables:
+        # When using dind service, we need to instruct docker to talk with
+        # the daemon started inside of the service. The daemon is available
+        # with a network connection instead of the default
+        # /var/run/docker.sock socket. Docker 19.03 does this automatically
+        # by setting the DOCKER_HOST in
+        # https://github.com/docker-library/docker/blob/d45051476babc297257df490d22cbd806f1b11e4/19.03/docker-entrypoint.sh#L23-L29
+        #
+        # The 'docker' hostname is the alias of the service container as described at
+        # https://docs.gitlab.com/ee/ci/docker/using_docker_images.html#accessing-the-services.
+        #
+        # Specify to Docker where to create the certificates, Docker will
+        # create them automatically on boot, and will create
+        # `/certs/client` that will be shared between the service and job
+        # container, thanks to volume mount from config.toml
+        DOCKER_TLS_CERTDIR: "/certs"
+        # Use TLS https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#tls-enabled
+        DOCKER_HOST: tcp://docker:2376
+    cache:
+        # The same key should be used across branches
+        key: "$CI_COMMIT_REF_SLUG"
+        paths:
+            - ci-exports/
+    only:
+        - master
+        - merge_requests
+        - tags
+

Docker.entrypoint.sh

@@ -1,14 +0,0 @@
-#!/bin/sh
-
-export JAVA_HOME=/opt/jdk/jre
-
-# Ensure user rights
-chown -R i2p:nobody /opt/i2p
-chmod -R u+rwx /opt/i2p
-
-gosu i2p /opt/i2p/i2psvc /opt/i2p/wrapper.config wrapper.pidfile=/var/tmp/i2p.pid \
-   wrapper.name=i2p \
-   wrapper.displayname="I2P Service" \
-   wrapper.statusfile=/var/tmp/i2p.status \
-   wrapper.java.statusfile=/var/tmp/i2p.java.status \
-   wrapper.logfile=/var/tmp/wrapper.log

Dockerfile

@@ -1,62 +1,47 @@
-FROM meeh/java8server:latest
+# Use a multi-stage build to reduce the size of the resulting image
-# Docker image based on Alpine with Java.
+# We need alpine >v3 in order to install an apache-ant > 1.9
+FROM alpine:3 as builder
+ENV I2P_PREFIX="/opt/i2p"
 
-# We use Oracle Java to run I2P, but uses the openjdk to build it.
+WORKDIR /tmp/build
+COPY . ./
 
+# Build installer
+RUN apk --no-cache add build-base gettext tar bzip2 apache-ant openjdk8 expect
+RUN echo "noExe=true" >> build.properties
+RUN ant installer-linux
+RUN mkdir -p /opt
+RUN mv i2pinstall*.jar /tmp/i2pinstall.jar
 
-MAINTAINER Mikal Villa <mikal@sigterm.no>
+# Install i2p using the installer into I2P_PREFIX
+RUN expect -f ./Docker.expt
+RUN cd ${I2P_PREFIX}
+RUN rm -fr man docs *.bat *.command *.app
 
-ENV GIT_BRANCH="master"
+# Second stage only using the installer from the last stage
+# ---------------------------------------------------------
+# We can't use alpine here as the java service wrapper is built with glibc
+# alpine uses musl
+FROM openjdk:11.0-jre-slim
+
+ARG I2P_UID=1000
+ARG I2P_USER=i2p
 ENV I2P_PREFIX="/opt/i2p"
 ENV PATH=${I2P_PREFIX}/bin:$PATH
-ENV JAVA_HOME=/usr/lib/jvm/default-jvm
 
-ENV GOSU_VERSION=1.7
+# "install" i2p by copying over installed files
-ENV GOSU_SHASUM="34049cfc713e8b74b90d6de49690fa601dc040021980812b2f1f691534be8a50  /usr/local/bin/gosu"
+COPY --from=builder /opt/i2p ${I2P_PREFIX}
+COPY docker/* /opt/i2p/
 
-RUN mkdir /user && adduser -S -h /user i2p && chown -R i2p:nobody /user
+# Setup user and fix permissions in
+RUN adduser --system --uid ${I2P_UID} --home /user ${I2P_USER} \
+    && chown -R ${I2P_USER} /user \
+    && chown -R ${I2P_USER} ${I2P_PREFIX} \
+    && chmod -R u+rwx ${I2P_PREFIX}
 
-# Adding files first, since Docker.expt is required for installation
+EXPOSE 7654 7656 7657 7658 4444 6668 8998 7659 7660 4445
-ADD Docker.expt /tmp/Docker.expt
-ADD Docker.entrypoint.sh /entrypoint.sh
 
-# Required for wget https
+USER i2p
-RUN apk add --no-cache openssl
+ENTRYPOINT [ "/opt/i2p/i2psvc" ]
-# Gosu is a replacement for su/sudo in docker and not a backdoor :) See https://github.com/tianon/gosu
+CMD [ "/opt/i2p/wrapper.config", "wrapper.pidfile=/var/tmp/i2p.pid", "wrapper.name=i2p", "wrapper.displayname=\"I2P Service\"" , "wrapper.statusfile=/var/tmp/i2p.status", "wrapper.java.statusfile=/var/tmp/i2p.java.status", "wrapper.logfile=/var/tmp/wrapper.log" ]
-RUN wget -O /usr/local/bin/gosu https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-amd64 \
-    && echo "${GOSU_SHASUM}" | sha256sum -c && chmod +x /usr/local/bin/gosu
-
-#
-# Each RUN is a layer, adding the dependencies and building i2pd in one layer takes around 8-900Mb, so to keep the
-# image under 200mb we need to remove all the build dependencies in the same "RUN" / layer.
-#
-
-# The main layer
-RUN apk --no-cache add build-base git gettext tar bzip2 apache-ant openjdk8 expect \
-    && mkdir -p /usr/src/build \
-    && cd /usr/src/build \
-    && git clone -b ${GIT_BRANCH} https://github.com/i2p/i2p.i2p.git \
-    && cd /usr/src/build/i2p.i2p \
-    && echo "noExe=true" >> build.properties \
-    && ant installer-linux \
-    && cp i2pinstall*.jar /tmp/i2pinstall.jar \
-    && mkdir -p /opt \
-    && chown i2p:root /opt \
-    && chmod u+rw /opt \
-    && gosu i2p expect -f /tmp/Docker.expt \
-    && cd ${I2P_PREFIX} \
-    && rm -fr man docs *.bat *.command *.app /tmp/i2pinstall.jar /tmp/Docker.expt \
-    && rm -fr /usr/src/build \
-    && apk --purge del build-base apache-ant expect tcl expat git openjdk8 openjdk8-jre openjdk8-jre-base openjdk8-jre-lib bzip2 tar \
-      binutils-libs binutils pkgconfig libcurl libc-dev musl-dev g++ make fortify-headers pkgconf giflib libssh2 libxdmcp libxcb \
-      libx11 pcre alsa-lib libxi libxrender libxml2 readline bash openssl \
-    && rm -fr /usr/lib/jvm/default-jre \
-    && ln -sf /opt/jdk/jre /usr/lib/jvm/default-jre \
-    && chmod a+x /entrypoint.sh
-
-
-
-EXPOSE 7654 7656 7657 7658 4444 6668 8998 7659 7660 4445 15000-20000
-
-ENTRYPOINT [ "/entrypoint.sh" ]
 

apps/ministreaming/java/test/junit/net/i2p/client/streaming/I2PSocketExceptionTest.java

@@ -60,6 +60,6 @@ public class I2PSocketExceptionTest {
     public void testUnknownStatus() {
         I2PSocketException e = new I2PSocketException(255);
         assertThat(e.getStatus(), is(255));
-        assertThat(e.getMessage(), is("Failure code: 255"));
+        assertThat(e.getMessage(), endsWith(": 255"));
     }
 }

apps/routerconsole/jsp/confignet.jsp

@@ -46,7 +46,7 @@
   </td>
  </tr>
  <tr>
-  <th id="upnpconfig"><%=intl._t("UPnP Configuration")%>&nbsp;<a href="peers#upnp">[<%=intl._t("UPnP Status")%>]</a></th>
+  <th id="upnpconfig"><%=intl._t("UPnP Configuration")%>&nbsp;<a href="peers?tx=upnp">[<%=intl._t("UPnP Status")%>]</a></th>
  </tr>
  <tr>
   <td>

core/java/test/junit/net/i2p/util/ConvertToHashTest.java

@@ -0,0 +1,69 @@
+package net.i2p.util;
+
+import net.i2p.data.Hash;
+import org.junit.Test;
+
+import static org.junit.Assert.*;
+
+public class ConvertToHashTest {
+    private static final String zzzDotI2pBase32Hash = "lhbd7ojcaiofbfku7ixh47qj537g572zmhdc4oilvugzxdpdghua";
+    private static final String zzzDotI2pBase64Hash = "WcI~uSICHFCVVPoufn4J7v5u~1lhxi45C60Nm43jMeg=";
+    private static final String zzzDotI2pBase64Dest = "GKapJ8koUcBj~jmQzHsTYxDg2tpfWj0xjQTzd8BhfC9c3OS5fwPBNajgF-eOD6eCjFTqTlorlh7Hnd8kXj1qblUGXT-tDoR9~YV8dmXl51cJn9MVTRrEqRWSJVXbUUz9t5Po6Xa247Vr0sJn27R4KoKP8QVj1GuH6dB3b6wTPbOamC3dkO18vkQkfZWUdRMDXk0d8AdjB0E0864nOT~J9Fpnd2pQE5uoFT6P0DqtQR2jsFvf9ME61aqLvKPPWpkgdn4z6Zkm-NJOcDz2Nv8Si7hli94E9SghMYRsdjU-knObKvxiagn84FIwcOpepxuG~kFXdD5NfsH0v6Uri3usE3XWD7Pw6P8qVYF39jUIq4OiNMwPnNYzy2N4mDMQdsdHO3LUVh~DEppOy9AAmEoHDjjJxt2BFBbGxfdpZCpENkwvmZeYUyNCCzASqTOOlNzdpne8cuesn3NDXIpNnqEE6Oe5Qm5YOJykrX~Vx~cFFT3QzDGkIjjxlFBsjUJyYkFjBQAEAAcAAA==";
+
+
+    @Test
+    public void getHashNullPeer() {
+        assertNull(ConvertToHash.getHash(null));
+    }
+
+    @Test
+    public void getHashB64() {
+        Hash hash = ConvertToHash.getHash(zzzDotI2pBase64Hash);
+        assertNotNull(hash);
+        assertEquals(hash.toBase64(), zzzDotI2pBase64Hash);
+    }
+
+    @Test
+    public void getHashB64DotI2P() {
+        Hash hash = ConvertToHash.getHash(zzzDotI2pBase64Hash + ".i2p");
+        assertNotNull(hash);
+        assertEquals(hash.toBase64(), zzzDotI2pBase64Hash);
+    }
+
+    @Test
+    public void getHashDestinationB64() {
+        Hash hash = ConvertToHash.getHash(zzzDotI2pBase64Dest);
+        assertNotNull(hash);
+        assertEquals(hash.toBase64(), zzzDotI2pBase64Hash);
+    }
+
+    @Test
+    public void getHashDestinationB64DotI2P() {
+        Hash hash = ConvertToHash.getHash(zzzDotI2pBase64Dest + ".i2p");
+        assertNotNull(hash);
+        assertEquals(hash.toBase64(), zzzDotI2pBase64Hash);
+    }
+
+    @Test
+    public void getHashB32() {
+        Hash hash = ConvertToHash.getHash(zzzDotI2pBase32Hash);
+        assertNotNull(hash);
+        assertEquals(hash.toBase32(), zzzDotI2pBase32Hash + ".b32.i2p");
+    }
+
+    @Test
+    public void getHashB32DotI2P() {
+        String zzzB32I2P = zzzDotI2pBase32Hash + ".b32.i2p";
+        Hash hash = ConvertToHash.getHash(zzzB32I2P);
+        assertNotNull(hash);
+        assertEquals(hash.toBase32(), zzzB32I2P);
+    }
+
+    /**
+     * The case where a destination cannot be resolved at all
+     */
+    @Test
+    public void getHashResolveDestinationFail() {
+        assertNull(ConvertToHash.getHash("unknown.i2p"));
+    }
+}

docker/clients.config

@@ -0,0 +1,61 @@
+# NOTE: This I2P config file must use UTF-8 encoding
+#
+# If you have a 'split' directory installation, with configuration
+# files in ~/.i2p (Linux), %LOCALAPPDATA%\I2P (Windows),
+# or /Users/(user)/Library/Application Support/i2p (Mac), be sure to
+# edit the file in the configuration directory, NOT the install directory.
+# When running as a Linux daemon, the configuration directory is /var/lib/i2p
+# and the install directory is /usr/share/i2p .
+# When running as a Windows service, the configuration directory is \ProgramData\i2p
+# and the install directory is \Program Files\i2p .
+#
+# On first run, this file will be split into individual config files
+# in clients.config.d/ in the configuration directory.
+# Look in that directory for the file to edit.
+#
+
+# fire up the web console
+## There are several choices, here are some examples:
+## non-SSL, bind to local IPv4 only
+#clientApp.0.args=7657 127.0.0.1 ./webapps/
+## non-SSL, bind to local IPv6 only
+#clientApp.0.args=7657 ::1 ./webapps/
+## non-SSL, bind to all IPv4 addresses
+#clientApp.0.args=7657 0.0.0.0 ./webapps/
+## non-SSL, bind to all IPv6 addresses
+#clientApp.0.args=7657 :: ./webapps/
+## For SSL only, change clientApp.4.args below to https://
+## SSL only
+#clientApp.0.args=-s 7657 ::1,127.0.0.1 ./webapps/
+## non-SSL and SSL
+#clientApp.0.args=7657 ::1,127.0.0.1 -s 7667 ::1,127.0.0.1 ./webapps/
+## non-SSL only, both IPv6 and IPv4 local interfaces
+clientApp.0.args=7657 0.0.0.0 ./webapps/
+clientApp.0.main=net.i2p.router.web.RouterConsoleRunner
+clientApp.0.name=webConsole
+clientApp.0.onBoot=true
+
+# start up the SAM bridge so other client apps can connect
+clientApp.1.main=net.i2p.sam.SAMBridge
+clientApp.1.name=SAMBridge
+clientApp.1.args=sam.keys 0.0.0.0 7656 i2cp.tcp.host=localhost i2cp.tcp.port=7654
+clientApp.1.startOnLoad=false
+
+# poke the i2ptunnels defined in i2ptunnel.config
+clientApp.2.main=net.i2p.i2ptunnel.TunnelControllerGroup
+clientApp.2.name=Tunnels
+clientApp.2.args=i2ptunnel.config
+
+# run our own eepsite with a seperate jetty instance
+clientApp.3.main=org.mortbay.jetty.Server
+clientApp.3.name=eepsite
+clientApp.3.args=eepsite/jetty.xml
+clientApp.3.delay=30
+clientApp.3.startOnLoad=false
+
+# load a browser pointing at the web console whenever we start up
+clientApp.4.main=net.i2p.apps.systray.UrlLauncher
+clientApp.4.name=consoleBrowser
+clientApp.4.args=http://localhost:7657/
+clientApp.4.delay=5
+clientApp.4.startOnLoad=false

docker/i2ptunnel.config

@@ -0,0 +1,161 @@
+# NOTE: This I2P config file must use UTF-8 encoding
+#
+# If you have a 'split' directory installation, with configuration
+# files in ~/.i2p (Linux), %LOCALAPPDATA%\I2P (Windows),
+# or /Users/(user)/Library/Application Support/i2p (Mac), be sure to
+# edit the file in the configuration directory, NOT the install directory.
+# When running as a Linux daemon, the configuration directory is /var/lib/i2p
+# and the install directory is /usr/share/i2p .
+# When running as a Windows service, the configuration directory is \ProgramData\i2p
+# and the install directory is \Program Files\i2p .
+#
+# On first run, this file will be split into individual config files
+# in i2ptunnel.config.d/ in the configuration directory.
+# Look in that directory for the file to edit.
+#
+
+# eepproxy
+tunnel.0.name=I2P HTTP Proxy
+tunnel.0.description=HTTP proxy for browsing eepsites and the web
+tunnel.0.type=httpclient
+tunnel.0.sharedClient=true
+tunnel.0.interface=0.0.0.0
+tunnel.0.listenPort=4444
+tunnel.0.proxyList=false.i2p
+tunnel.0.i2cpHost=127.0.0.1
+tunnel.0.i2cpPort=7654
+tunnel.0.option.inbound.nickname=shared clients
+tunnel.0.option.outbound.nickname=shared clients
+tunnel.0.option.i2cp.leaseSetEncType=4,0
+tunnel.0.option.i2cp.reduceIdleTime=900000
+tunnel.0.option.i2cp.reduceOnIdle=true
+tunnel.0.option.i2cp.reduceQuantity=1
+tunnel.0.option.i2p.streaming.connectDelay=1000
+tunnel.0.option.i2ptunnel.httpclient.SSLOutproxies=false.i2p
+tunnel.0.option.inbound.length=3
+tunnel.0.option.inbound.lengthVariance=0
+tunnel.0.option.outbound.length=3
+tunnel.0.option.outbound.lengthVariance=0
+tunnel.0.option.outbound.priority=10
+tunnel.0.startOnLoad=true
+
+# irc
+tunnel.1.name=Irc2P
+tunnel.1.description=IRC tunnel to access the Irc2P network
+tunnel.1.type=ircclient
+tunnel.1.sharedClient=false
+tunnel.1.interface=0.0.0.0
+tunnel.1.listenPort=6668
+tunnel.1.targetDestination=irc.postman.i2p:6667,irc.echelon.i2p:6667
+tunnel.1.i2cpHost=127.0.0.1
+tunnel.1.i2cpPort=7654
+tunnel.1.option.inbound.nickname=Irc2P
+tunnel.1.option.outbound.nickname=Irc2P
+tunnel.1.option.i2cp.closeIdleTime=1200000
+tunnel.1.option.i2cp.closeOnIdle=true
+tunnel.1.option.i2cp.delayOpen=true
+tunnel.1.option.i2cp.destination.sigType=7
+tunnel.1.option.i2cp.leaseSetEncType=4,0
+tunnel.1.option.i2cp.newDestOnResume=false
+tunnel.1.option.i2cp.reduceIdleTime=600000
+tunnel.1.option.i2cp.reduceOnIdle=true
+tunnel.1.option.i2cp.reduceQuantity=1
+tunnel.1.option.i2p.streaming.connectDelay=1000
+tunnel.1.option.i2p.streaming.maxWindowSize=16
+tunnel.1.option.inbound.length=3
+tunnel.1.option.inbound.lengthVariance=0
+tunnel.1.option.outbound.length=3
+tunnel.1.option.outbound.lengthVariance=0
+tunnel.1.option.outbound.priority=15
+tunnel.1.startOnLoad=true
+
+# local eepserver
+tunnel.3.name=I2P webserver
+tunnel.3.description=My eepsite
+tunnel.3.type=httpserver
+tunnel.3.targetHost=127.0.0.1
+tunnel.3.targetPort=7658
+tunnel.3.spoofedHost=mysite.i2p
+tunnel.3.privKeyFile=eepsite/eepPriv.dat
+tunnel.3.i2cpHost=127.0.0.1
+tunnel.3.i2cpPort=7654
+tunnel.3.option.inbound.nickname=eepsite
+tunnel.3.option.outbound.nickname=eepsite
+tunnel.3.option.i2cp.destination.sigType=7
+tunnel.3.option.i2cp.leaseSetEncType=4,0
+tunnel.3.option.inbound.length=3
+tunnel.3.option.inbound.lengthVariance=0
+tunnel.3.option.outbound.length=3
+tunnel.3.option.outbound.lengthVariance=0
+# uncomment for HTTPS to port 7668
+#tunnel.3.option.targetForPort.443=127.0.0.1:7668
+tunnel.3.startOnLoad=false
+
+# postman's SMTP server - see hq.postman.i2p
+tunnel.4.description=smtp server
+tunnel.4.i2cpHost=127.0.0.1
+tunnel.4.i2cpPort=7654
+tunnel.4.interface=127.0.0.1
+tunnel.4.listenPort=7659
+tunnel.4.name=smtp.postman.i2p
+tunnel.4.option.inbound.nickname=shared clients
+tunnel.4.option.outbound.nickname=shared clients
+tunnel.4.option.i2cp.leaseSetEncType=4,0
+tunnel.4.option.i2cp.reduceIdleTime=900000
+tunnel.4.option.i2cp.reduceOnIdle=true
+tunnel.4.option.i2cp.reduceQuantity=1
+tunnel.4.option.inbound.length=3
+tunnel.4.option.inbound.lengthVariance=0
+tunnel.4.option.outbound.length=3
+tunnel.4.option.outbound.lengthVariance=0
+tunnel.4.startOnLoad=true
+tunnel.4.targetDestination=smtp.postman.i2p:25
+tunnel.4.type=client
+tunnel.4.sharedClient=true
+
+# postman's POP3 server - see hq.postman.i2p
+tunnel.2.name=pop3.postman.i2p
+tunnel.2.description=pop3 server
+tunnel.2.i2cpHost=127.0.0.1
+tunnel.2.i2cpPort=7654
+tunnel.2.interface=127.0.0.1
+tunnel.2.listenPort=7660
+tunnel.2.option.inbound.nickname=shared clients
+tunnel.2.option.outbound.nickname=shared clients
+tunnel.2.option.i2cp.leaseSetEncType=4,0
+tunnel.2.option.i2cp.reduceIdleTime=900000
+tunnel.2.option.i2cp.reduceOnIdle=true
+tunnel.2.option.i2cp.reduceQuantity=1
+tunnel.2.option.i2p.streaming.connectDelay=1000
+tunnel.2.option.inbound.length=3
+tunnel.2.option.inbound.lengthVariance=0
+tunnel.2.option.outbound.length=3
+tunnel.2.option.outbound.lengthVariance=0
+tunnel.2.startOnLoad=true
+tunnel.2.targetDestination=pop.postman.i2p:110
+tunnel.2.type=client
+tunnel.2.sharedClient=true
+
+# HTTPS (CONNECT) outproxy
+tunnel.5.name=I2P HTTPS Proxy
+tunnel.5.description=HTTPS proxy for browsing eepsites and the web
+tunnel.5.type=connectclient
+tunnel.5.sharedClient=true
+tunnel.5.interface=127.0.0.1
+tunnel.5.listenPort=4445
+tunnel.5.proxyList=outproxy-tor.meeh.i2p
+tunnel.5.i2cpHost=127.0.0.1
+tunnel.5.i2cpPort=7654
+tunnel.5.option.inbound.nickname=shared clients
+tunnel.5.option.outbound.nickname=shared clients
+tunnel.5.option.i2cp.leaseSetEncType=4,0
+tunnel.5.option.i2cp.reduceIdleTime=900000
+tunnel.5.option.i2cp.reduceOnIdle=true
+tunnel.5.option.i2cp.reduceQuantity=1
+tunnel.5.option.i2p.streaming.connectDelay=1000
+tunnel.5.option.inbound.length=3
+tunnel.5.option.inbound.lengthVariance=0
+tunnel.5.option.outbound.length=3
+tunnel.5.option.outbound.lengthVariance=0
+tunnel.5.startOnLoad=true
+

history.txt

@@ -1,3 +1,22 @@
+2021-01-20 zzz
+ * Console: Fix link to UPnP status
+ * SSU: Fix deadlock with router restart
+
+2021-01-14 zzz
+ * Router:
+   - Change default encryption type to ECIES-X25519 (proposal 156)
+   - Move Sybil subsystem from console to router
+   - Limit max addresses in RI
+
+2021-01-13 zzz
+ * Jetty: Fix URI in request logs
+
+2021-01-12 zzz
+ * i2psnark: Don't decrement downloaded counter after receiving bad piece
+
+2021-01-11 zzz
+ * Console: Delete rrd files for no-longer-configured stats at startup
+
 2021-01-08 zzz
  * i2ptunnel: Disable shared clients (DSA) (part 2)
  * SSU: Fix bandwidth estimator deadlock (ticket #2798)

router/java/src/net/i2p/router/RouterVersion.java

@@ -18,7 +18,7 @@ public class RouterVersion {
     /** deprecated */
     public final static String ID = "Monotone";
     public final static String VERSION = CoreVersion.VERSION;
-    public final static long BUILD = 13;
+    public final static long BUILD = 14;
 
     /** for example "-test" */
     public final static String EXTRA = "";

router/java/src/net/i2p/router/startup/WorkingDir.java

@@ -81,22 +81,33 @@ public class WorkingDir {
             String home = System.getProperty("user.home");
             if (isWindows) {
                 String appdata = System.getenv("LOCALAPPDATA");
-                if (appdata != null)
+                if (appdata != null) {
                     home = appdata;
+                }
                 // Don't mess with existing Roaming Application Data installs,
                 // in case somebody is using roaming appdata for a reason
                 // already. In new installs, use local appdata by default. -idk
                 appdata = System.getenv("APPDATA");
                 if (appdata != null) {
                     File checkOld = new File(appdata, WORKING_DIR_DEFAULT_WINDOWS);
-                    if (checkOld.exists() && checkOld.isDirectory())
+                    if (checkOld.exists() && checkOld.isDirectory()){
-                        home = appdata;
+                        File routerConfig = new File(checkOld.getAbsolutePath(), "router.config");
+                        // The Firefox profile installer was mistakenly using the Roaming application data
+                        // which is synced between devices on some Windows machines using MS cloud services,
+                        // instead of the local application data which is used by default.
+                        // It would create the router.config file in an empty directory, which the router would
+                        // then attempt to use, resulting in a router with no client applications. Checking
+                        // for clients.config.d determines if the directory is "Real" or not.
+                        File clientAppsConfig = new File(checkOld.getAbsolutePath(), "clients.config.d");
+                        if (routerConfig.exists() && clientAppsConfig.exists() && clientAppsConfig.isDirectory())
+                            home = appdata;
+                    }
                 }
                 dirf = new SecureDirectory(home, WORKING_DIR_DEFAULT_WINDOWS);
             } else if (SystemVersion.isMac()) {
                 String appdata = "/Library/Application Support/";
-		File old = new File(home,WORKING_DIR_DEFAULT);
+                File old = new File(home,WORKING_DIR_DEFAULT);
-		if (old.exists() && old.isDirectory())
+                if (old.exists() && old.isDirectory())
                     dirf = new SecureDirectory(home, WORKING_DIR_DEFAULT);
                 else {
                     home = home+appdata;

router/java/src/net/i2p/router/transport/udp/UDPTransport.java

@@ -2455,7 +2455,7 @@ public class UDPTransport extends TransportImpl implements TimedWeightedPriority
                 // warning, this calls back into us with allowRebuildRouterInfo = false,
                 // via CSFI.createAddresses->TM.getAddresses()->updateAddress()->REA
                 if (allowRebuildRouterInfo)
-                    _context.router().rebuildRouterInfo();
+                    rebuildRouterInfo();
             } else {
                 addr = null;
             }
@@ -2510,11 +2510,35 @@ public class UDPTransport extends TransportImpl implements TimedWeightedPriority
                 // warning, this calls back into us with allowRebuildRouterInfo = false,
                 // via CSFI.createAddresses->TM.getAddresses()->updateAddress()->REA
                 if (allowRebuildRouterInfo)
-                    _context.router().rebuildRouterInfo();
+                    rebuildRouterInfo();
             }
         }
     }
 
+    /**
+     *  Avoid deadlocks part 999
+     *  @since 0.9.49
+     */
+    private void rebuildRouterInfo() {
+        (new RebuildEvent()).schedule(0);
+    }
+
+    /**
+     *  @since 0.9.49
+     */
+    private class RebuildEvent extends SimpleTimer2.TimedEvent {
+        /**
+         *  Caller must schedule
+         */
+        public RebuildEvent() {
+            super(_context.simpleTimer2());
+        }
+        public void timeReached() {
+            _context.router().rebuildRouterInfo(true);
+        }
+    }
+
+
     /**
      *  Simple fetch of stored IP and port, since
      *  we don't put them in the real, published RouterAddress anymore