Newer
Older
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
Prop from branch i2p.i2p.zzz.test2:
* Console:
- Implement webapp state detection and stop button for webapps
on /configclients (Ticket #1025)
- Set per-connector acceptors back to 1, Jetty default changed to 2?
- Tag strings on /jobs (ticket #969)
* Data Structures:
- Make Destination and RouterIdentity keys and cert immutable
- Add Destination cache
* i2psnark:
- Combine getPeers and announce into a single method, as we must announce to
the closest from the getPeers, not the closest from the kbuckets
- Stop getPeers when nothing closer is found
- Increase DHT dest lookup, search timeouts, and max search depth
- Loop tracker client faster when in magnet mode or if DHT announce fails
- Don't return an empty peers list in DHT if we only know about the requestor
- Refactor Storage file data structures
- Sort files when creating torrents
- Add torrent auto-stop support; enable for update file
- Add tunnel auto-close when no torrents are running
- Close socket before closing output stream to avoid blocking in
Peer.disconnect(), and prevent Peer.disconnect() loop
* I2PTunnelHTTPServer: Don't thread a receiver for GET or HEAD
* Jetty 7.6.13.v20130916
* Logging:
- Require strict match of class name component
- parseLimits() cleanup
* SSU: More efficient ImboundMessageState
* Streaming:
- Fix active stream counting so it doesn't count streams
that are closed and in TIME-WAIT state. Also, break out of the
counting loop as soon as we know the answer. (Ticket #1039)
- Consolidate scheduling of DisconnectEvent, and ensure
we only do it once. (Ticket #1041)
- Atomics for close/reset send/receive
so we only do things once. (Ticket #1041)
- Remove setCloseReceivedOn(), unused outside Connection
- OR the isFlagSet parameter instead of multiple calls
- Remove acked packets from _outboundPackets inside synced iterator
- Short-circuit _outboundPackets iterator if empty
- Small optimization if not logging in ConnectionPacketHandler
- Stub out processing of close ack (ticket #1042)
- Don't queue a message for an unknown connection on the SYN queue
if it has a send ID set, it must be for a recently closed connection
- Major rework of connection disconnect process. Tickets 1040-1042.
- Prevent multiple calls or reentrancy in disconnect() (ticket #1041)
- Implement processing of close to skip TIME-WAIT, and
wait for all packets to be acked (not just the CLOSE) before
doing so, if possible (ticket #1042)
- Don't call disconnect() or disconnectComplete() from I2PSocketFull.destroy()
so retransmissions and acks can still happen (removes some close loops)
- Don't call disconnect() until we have both sent and received a CLOSE (ticket #1040)
- Don't reset the connection from CPH just because we sent a CLOSE
and it was acked (ticket #1040)
- Ack packets even if we sent a CLOSE (ticket #1040)
- Retransmit CLOSE if not acked (ticket #1040)
- Send received packets to the MessageInputStream even if we haven't received a SYN
- Don't call MessageInputStream.messageReceived() for ack-only packets, that was pointless
- Don't send a RESET after timeout of an outbound connection
- Work around bugs on other end by limiting retransmission of CLOSE packets
- Make I2PSocketFull.close() nonblocking; it will now cause any user-side
writes blocked in I/O (Connection.packetSendChoke()) to throw
an exception (tickets #629, #1041)
- Don't ignore InterruptedExceptions; throw InterruptedIOException
- MessageInputStream locking fixes
- Make _isInbound final
- More cleanups, javadocs, log tweaks
* Transport: Treat more IPs as local
- 25/8 Hamachi (moved from 5/8 Nov. 2012)
- 2620:9b::/32 Hamachi
- 3ffc::/16 6bone
- 2001:db8::/32 example (RFC 3849)
- 0::/8 Includes IPv4 compatibility addresses ::xxxx:xxxx
* Update:
- Support notification of updates that cannot be downloaded
due to "constraints". Add constraint checks for java version,
router version, configuration, and base permissions. (ticket #1024)
- Thread news fetcher so it doesn't clog the scheduler
* Watchdog: Format messages better
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
2013-10-06 zzz
Prop from branch i2p.i2p.zzz.ecdsa:
* Build:
- Generate su3 file in release target
- Add zzz's new RSA 4096 pubkey cert for updates
- Fix checkcerts.sh
* Console: Move advanced setting to HelperBase
* DSAEngine changes:
- Implement raw sign/verify for other SigTypes
- Add sign/verify methods using Java keys
* ECDSA Support:
- Add ECConstants which looks for named curves and falls back to
explicitly defining the curves
- Add support for ECDSA to SigType, DSAEngine and KeyGenerator
- Attempt to add BC as a Provider
- genSpec: fallback to BC provider
* EepGet:
- Fix non-proxied PartialEepGet
- Prevent non-proxied eepget for an I2P host
* KeyGenerator changes:
- Generate key pairs for all supported SigTypes
- KeyPairGen: Catch ProviderException, fallback to BC provider
- Add KeyGenerator main() tests
* KeyRing and DirKeyRing added: simple backend for storing X.509 certs
* KeyStoreUtil added:
- Consolidate KeyStore code from SSLEepGet, I2CPSSLSocketFactory,
SSLClientListenerRunner, and RouterConsoleRunner into new
KeyStoreUtil and CertUtil classes in net.i2p.crypto (ticket #744)
- Change default to RSA 2048 (ticket #1017)
- Set file modes on written keys
- Overwrite check in createKeys()
- New getCert(), getKey()
- Extend keygen max wait
- Read back private key to verify after keygen
- Validate cert after reading from file
- Validate CN in cert
- Specify cert signature algorithm when generating keys
* NativeBigInteger: Tweak to prevent early context instantiation
* RSA support added: constants, parameters, sig types, support in DSAEngine, KeyGenerator, SigUtil
* SHA1Hash: Add no-arg constructor
* SigType changes:
- Add parameters (curve specs) to SigTypes
- Add getHashInstance()
- Add RSA, fix ECDSA
- Renumber, rename, comment out types that are too short.
* SigUtil added:
- Converters from Java formats (ASN.1, X.509, PKCS#8)
to I2P formats for Signatures and SigningKeys
- Move ASN.1 converter from DSAEngine to SigUtil, generalize
for variable length, add support for longer sequences,
add more sanity checks, add more exceptions
- Move I2P-to-Java DSA key conversion from DSAEngine to SigUtil
- Add Java-to-I2P DSA key conversion
- Add Java key import
- New split() and combine() methods
* SSLEepGet: Move all certificates to certificates/ssl, in preparation
for other certificate uses by SU3File
* SU3File changes:
- Support all SigTypes
- Implement keygen
- Readahead to get sigtype on verify, as we need the hash type
- Enum for content type
- Add unknown content type, make default
- Fix NPE if private key not found or sign fails
- Store generated keys in keystore, and get private key from keystore
for signing, in Java format
- Use Java keys to sign and verify so we don't
lose the key parameters in the conversion to I2P keys
- Type checking of Java private key vs. type when signing
- Use certs instead of public keys for verification
- Fix arg processing
- Improve validate-without-extract
- New extract command
- Change static fields to avoid early context init
- Reduce PRNG buffer size for faster signing
* Update: Preliminary work for su3 router updates:
- New ROUTER_SIGNED_SU3 UpdateType
- Add support for torrent and HTTP
- Refactor UpdateRunners to return actual UpdateType
- Deal with signed/su3 conflicts
- Verify and extract su3 files.
- Stub out support for clearnet su3 updating
- New config for proxying news, separate from proxying update
- PartialEepGet and SSLEepGet tweaks to support clearnet update
- Remove proxy, key, and url config from /configupdate
- More URI checks in UpdateRunner
- Add https support for news fetch
- Add su3 mime type
- Reset found version in update loop so we don't fetch from
the next host too.
- Prevent NPE on version after SSL fetch
2013-10-01 zzz
* Startup: Fix rekeying on Windows (tickets #1056, 1057)
2013-09-26 kytv
* French, German, Russian, and Swedish translation updates from Transifex
* Update geoip.txt based on Maxmind GeoLite Country database from 2013-09-03
2013-09-23 zzz
* Console: Add /proof page which can copied to prove you run a router
* Chinese, French, German, Russian, and Swedish translation updates from
Transifex
* Revert expl. default back to 2 hops, wait for next release
2013-09-07 zzz
* Crypto: Don't use "short exponent" on faster platforms.
Rebuild router identity if key length doesn't match setting.
2013-09-03 zzz
* configui: Change pw restart warning to error so people dont miss it
Loading
Loading full blame...