From 916b296ee0acc7b30b0535c2b2145028c6115e77 Mon Sep 17 00:00:00 2001
From: zzz <zzz@mail.i2p>
Date: Mon, 6 Apr 2020 13:54:49 +0000
Subject: [PATCH] Ratchet: Expire unused tagsets sooner

---
 history.txt                                        | 14 ++++++++++++++
 router/java/src/net/i2p/router/RouterVersion.java  |  2 +-
 .../i2p/router/crypto/ratchet/RatchetTagSet.java   | 11 ++++++++---
 3 files changed, 23 insertions(+), 4 deletions(-)

diff --git a/history.txt b/history.txt
index 9c758e2a3..046b6226f 100644
--- a/history.txt
+++ b/history.txt
@@ -1,3 +1,17 @@
+2020-04-06 zzz
+ * Ratchet:
+   - Finish Next Key impl.
+   - Performance improvements and cleanups
+   - Debug page fixes
+
+2020-04-03 zzz
+ * PrivateKeyFile: Add support for addsubdomain authentication strings
+
+2020-04-01 zzz
+ * Ratchet:
+   - Next Key WIP
+   - Validate NS datetime block; add NS key bloom filter
+
 2020-03-31 zzz
  * NetDB:
    - Add support for ratchet replies (proposal 154)
diff --git a/router/java/src/net/i2p/router/RouterVersion.java b/router/java/src/net/i2p/router/RouterVersion.java
index 4e28a2c8d..c10128fe6 100644
--- a/router/java/src/net/i2p/router/RouterVersion.java
+++ b/router/java/src/net/i2p/router/RouterVersion.java
@@ -18,7 +18,7 @@ public class RouterVersion {
     /** deprecated */
     public final static String ID = "Monotone";
     public final static String VERSION = CoreVersion.VERSION;
-    public final static long BUILD = 5;
+    public final static long BUILD = 6;
 
     /** for example "-test" */
     public final static String EXTRA = "";
diff --git a/router/java/src/net/i2p/router/crypto/ratchet/RatchetTagSet.java b/router/java/src/net/i2p/router/crypto/ratchet/RatchetTagSet.java
index ec169dc56..6f35afea4 100644
--- a/router/java/src/net/i2p/router/crypto/ratchet/RatchetTagSet.java
+++ b/router/java/src/net/i2p/router/crypto/ratchet/RatchetTagSet.java
@@ -272,12 +272,14 @@ class RatchetTagSet implements TagSetHandle {
 
     /**
      *  For inbound and outbound: Expiration.
-     *  Expiration is getDate() + getTimeout().
+     *  Expiration is getDate() + getTimeout() if acked.
+     *  May be shorter if not acked.
      *  @since 0.9.46
      */
     public synchronized long getExpiration() {
-        // TODO return shorter if not acked?
-        return _date + _timeout;
+        if (_acked)
+            return _date + _timeout;
+        return _created + Math.min(_timeout, RatchetSKM.SESSION_PENDING_DURATION_MS);
     }
 
     /** for debugging */
@@ -528,6 +530,9 @@ class RatchetTagSet implements TagSetHandle {
         byte[] key = new byte[32];
         hkdf.calculate(_symmkey_ck, _symmkey_constant, INFO_5, _symmkey_ck, key, 0);
         _lastKey++;
+        // for outbound, set acked
+        if (_sessionTags == null && _lastKey == 0)
+            _acked = true;
         // fill in ID and remoteKey as this may be for inbound
         return new SessionKeyAndNonce(key, _id, _lastKey, _remoteKey);
     }