Newer
Older
2005-09-25 jrandom
* Fix a long standing streaming lib bug (in the inactivity detection code)
* Improved handling of initial streaming lib packet retransmissions to
kill the "lost first packet" bug (where a page shows up with the first
few KB missing)
* Add support for initial window sizes greater than 1 - useful for
eepsites to transmit e.g. 4 packets full of data along with the initial
ACK, thereby cutting down on the rtt latency. The congestion window
size can and does still shrink down to 1 packet though.
* Adjusted the streaming lib retransmission calculation algorithm to be
more TCP-like.
2005-09-21 redzara
* Use ISO-8859-1 for the susidns xml
2005-09-21 susi
* Bugfix in susidns for deleting entries
2005-09-21 jrandom
* Add support for HTTP POST to EepGet
* Use HTTP POST for syndie bulk fetches, since there's a lot of data to
put in that URL.
2005-09-18 jrandom
* Added support for pure 64bit linux with jbigi and the java service
wrapper (no need for jcpuid if we're on os.arch=amd64). Thanks mule
et al for help testing!
* UI cleanup in Syndie (thanks gloin and bar!)
2005-09-18 Ragnarok
* Made MetaNamingService the default naming service.
2005-09-17 Ragnarok
* Implemented a naming service using Syndie's petname db. It's not enabled
by default, but you can try it out by setting
i2p.naming.impl=net.i2p.client.naming.PetNameNamingService in
router.config.
* Implemented a meta naming service that will first lookup names in the
PetNameNamingService then fallback on the HostTxtNamingService. Which
naming services are checked and in which order is specified by
i2p.nameservicelist. This will probably become the default naming service
so please help test it out by setting
i2p.naming.impl=net.i2p.client.naming.MetaNamingService in router.config.
* 2005-09-17 0.6.0.6 released
2005-09-17 jrandom
* Clean up syndie a bit more and bundle a default introductory post with
both new installs and updates.
* Typo fixes on the console (thanks bar!)
* Updated the bandwidth limiter to use two tiers of bandwidth - our normal
steady state rate, plus a new limit on how fast we transfer when
bursting. This is different from the old "burst as fast as possible
until we're out of tokens" policy, and should help those with congested
networks. See /config.jsp to manage this rate.
* Bugfixes in Syndie to handle missing cache files (no data was lost, the
old posts just didn't show up).
* Log properly in EepPost
2005-09-17 jrandom
* Added the natively compiled jbigi and patched java service wrapper for
OS X. Thanks Bill Dorsey for letting me use your machine!
* Don't build i2p.exe or i2pinstall.exe when run on OS X machines, as we
don't bundle the binutils necessary (and there'd be a naming conflict
if we did).
* Added 'single user' functionality to syndie - if the single user
checkbox on the admin page is checked, all users are allowed to control
the instance and sync up with remote syndie nodes.
* Temporarily disable the x-i2p-gzip in i2ptunnel until it is more closely
debugged.
2005-09-16 jrandom
* Reject unroutable IPs in SSU like we do for the TCP transport (unless
you have i2np.udp.allowLocal=true defined - useful for private nets)
2005-09-16 jrandom
* Adjust I2PTunnelHTTPServer so it can be used for outproxy operators
(just specify the spoofed host as an empty string), allowing them to
honor x-i2p-gzip encoding.
* Let windows users build the exes too (thanks bar and redzara!)
* Allow I2PTunnel httpserver operators to disable gzip compression on
individual tunnels with the i2ptunnel.gzip=false client option
(good idea susi!)
2005-09-16 jrandom
* Added the i2p.exe and i2pinstall.exe for windows users, using launch4j.
* Added runplain.sh for *nix/osx users having problems using the java
service wrapper (called from the install dir as: sh runplain.sh)
* Bundle susidns and syndie, with links on the top nav
* Have I2PTunnelHTTPClient and I2PTunnelHTTPServer use the x-i2p-gzip
content-encoding (if offered), reducing the payload size before it
reaches the streaming lib. The existing compression is at the i2cp
level, so we've been packetizing 4KB of uncompressed data and then
compressing those messages, rather than compressing and then packetizing
4KB of compressed data. This should reduce the number of round trips
to fetch web pages substantially.
* Adjust the startup and timing of the addressbook so that susidns always
has config to work off, and expose a method for susidns to tell it to
reload its config and rerun.
2005-09-15 jrandom
* Error handling for failed intro packets (thanks red.hand!)
* More carefully verify intro addresses
2005-09-13 jrandom
* More careful error handling with introductions (thanks dust!)
* Fix the forceIntroducers checkbox on config.jsp (thanks Complication!)
* Hide the shitlist on the summary so it doesn't confuse new users.
2005-09-12 comwiz
* Migrated the router tests to junit
2005-09-12 jrandom
* Removed guaranteed delivery mode entirely (so existing i2phex clients
using it can get the benefits of mode=best_effort). Guaranteed delivery
is offered at the streaming lib level.
* Improve the peer selection code for peer testing, as everyone now
supports tests.
* Give the watchdog its fangs - if it detects obscene job lag or if
clients have been unable to get a leaseSet for more than 5 minutes,
restart the router. This was disabled a year ago due to spurious
restarts, and can be disabled by "watchdog.haltOnHang=false", but the
cause of the spurious restarts should be gone.
2005-09-12 jrandom
* Bugfix for skewed store which could kill a UDP thread (causing complete
comm failure and eventual OOM)
2005-09-12 jrandom
* More aggressively publish updated routerInfo.
* Expose the flag to force SSU introductions on the router console
* Don't give people the option to disable SNTP time sync, at least not
through the router console, because there is no reason to disable it.
No, not even if your OS is "ntp synced", because chances are, its not.
2005-09-10 jrandom
* Test the router's reachability earlier and more aggressively
* Use the low level bandwidth limiter's rates for the router console, and
if the router has net.i2p.router.transport.FIFOBandwidthLimiter=INFO in
the logger config, keep track of the 1 second transfer rates as the stat
'bw.sendBps1s' and 'bw.recvBps1s', allowing closer monitoring of burst
behavior.
2005-09-09 jrandom
* Added preliminary support for NAT hole punching through SSU introducers
* Honor peer test results from peers that we have an SSU session with if
those sessions are idle for 3 minutes or more.
* New build due to change in build number :P (thanks ugha!)
2005-09-07 BarkerJr
* HTML cleanup for the router console (thanks!)
2005-09-07 jrandom
* Lay the foundation for 'client routers' - the ability for peers to opt
out of participating in tunnels entirely due to firewall/NAT issues.
Individual routers have control over where those peers are used in
tunnels - in outbound or inbound, exploratory or client tunnels, or
none at all. The defaults with this build are to simply act as before -
placing everyone as potential participants in any tunnel.
* Another part of the foundation includes the option for netDb
participants to refuse to answer queries regarding peers who are marked
as unreachable, though this too is disabled by default (meaning the
routerInfo is retrievable from the netDb).
2005-09-05 jrandom
* Expose the HTTP headers to EepGet status listeners
* Handle DSA key failures properly (if the signature is not invertable, it
is obviously invalid)
2005-09-04 jrandom
* Don't persist peer profiles until we are shutting down, as the
persistence process gobbles RAM and wall time.
* Bugfix to allow you to check/uncheck the sharedClient setting on the
* Be more careful when expiring a failed tunnel message fragment so we
don't drop the data while attempting to read it.
2005-09-02 jrandom
* Don't refuse to send a netDb store if the targetted peer has failed a
bit (the value was an arbitrary amount).
* Logging changes
2005-09-01 jrandom
* Don't send out a netDb store of a router if it is more than a few hours
old, even if someone asked us for it.
2005-08-31 jrandom
* Don't publish leaseSets to the netDb if they will never be looked for -
namely, if they are for destinations that only establish outbound
streams. I2PTunnel's 'client' and 'httpclient' proxies have been
modified to tell the router that it doesn't need to publish their
leaseSet (by setting the I2CP config option 'i2cp.dontPublishLeaseSet'
to 'true').
* Don't publish the top 10 peer rankings of each router in the netdb, as
it isn't being watched right now.
2005-08-29 jrandom
* Added the new test Floodfill netDb
2005-08-27 jrandom
* Minor logging and optimization tweaks in the router and SDK
* Use ISO-8859-1 in the XML files (thanks redzara!)
* The consolePassword config property can now be used to bypass the router
console's nonce checking, allowing CLI restarts
2005-08-24 jrandom
* Catch errors with corrupt tunnel messages more gracefully (no need to
kill the thread and cause an OOM...)
* Don't skip shitlisted peers for netDb store messages, as they aren't
necessarily shitlisted by other people (though they probably are).
* Adjust the netDb store per-peer timeout based on each particular peer's
profile (timeout = 4x their average netDb store response time)
* Don't republish leaseSets to *failed* peers - send them to peers who
replied but just didn't know the value.
* Set a 5 second timeout on the I2PTunnelHTTPServer reading the client's
HTTP headers, rather than blocking indefinitely. HTTP headers should be
sent entirely within the first streaming packet anyway, so this won't be
a problem.
* Don't use the I2PTunnel*Server handler thread pool by default, as it may
prevent any clients from accessing the server if the handlers get
blocked by the streaming lib or other issues.
* Don't overwrite a known status (OK/ERR-Reject/ERR-SymmetricNAT) with
Unknown.
2005-08-23 jrandom
* Removed the concept of "no bandwidth limit" - if none is specified, its
16KBps in/out.
* Include ack packets in the per-peer cwin throttle (they were part of the
bandwidth limit though).
* Tweak the SSU cwin operation to get more accurrate estimates under
congestions.
* SSU improvements to resend more efficiently.
* Added a basic scheduler to eepget to fetch multiple files sequentially.
* 2005-08-21 0.6.0.3 released
2005-08-21 jrandom
* If we already have an established SSU session with the Charlie helping
test us, cancel the test with the status of "unknown".
2005-08-17 jrandom
* Revise the SSU peer testing protocol so that Bob verifies Charlie's
viability before agreeing to Alice's request. This doesn't work with
older SSU peer test builds, but is backwards compatible (older nodes
won't ask newer nodes to participate in tests, and newer nodes won't
ask older nodes to either).
2005-08-12 jrandom
* Keep detailed stats on the peer testing, publishing the results in the
netDb.
* Don't overwrite the status with 'unknown' unless we haven't had a valid
status in a while.
* Make sure to avoid shitlisted peers for peer testing.
* When we get an unknown result to a peer test, try again soon afterwards.
* When a peer tells us that our address is different from what we expect,
if we've done a recent peer test with a result of OK, fire off a peer
test to make sure our IP/port is still valid. If our test is old or the
result was not OK, accept their suggestion, but queue up a peer test for
later.
* Don't try to do a netDb store to a shitlisted peer, and adjust the way
we monitor netDb store progress (to clear up the high netDb.storePeers
stat)
2005-08-10 jrandom
* Deployed the peer testing implementation to be run every few minutes on
each router, as well as any time the user requests a test manually. The
tests do not reconfigure the ports at the moment, merely determine under
what conditions the local router is reachable. The status shown in the
top left will be "ERR-SymmetricNAT" if the user's IP and port show up
differently for different peers, "ERR-Reject" if the router cannot
receive unsolicited packets or the peer helping test could not find a
collaborator, "Unknown" if the test has not been run or the test
participants were unreachable, or "OK" if the router can receive
unsolicited connections and those connections use the same IP and port.
* 2005-08-08 0.6.0.2 released
2005-08-08 jrandom
* Add a configurable throttle to the number of concurrent outbound SSU
connection negotiations (via i2np.udp.maxConcurrentEstablish=4). This
may help those with slow connections to get integrated at the start.
* Further fixlets to the streaming lib
2005-08-07 Complication
* Display the average clock skew for both SSU and TCP connections
2005-08-07 jrandom
* Fixed the long standing streaming lib bug where we could lose the first
packet on retransmission.
* Avoid an NPE when a message expires on the SSU queue.
* Adjust the streaming lib's window growth factor with an additional
Vegas-esque congestion detection algorithm.
* Removed an unnecessary SSU session drop
* Reduced the MTU (until we get a working PMTU lib)
* Deferr tunnel acceptance until we know how to reach the next hop,
rejecting it if we can't find them in time.
* If our netDb store of our leaseSet fails, give it a few seconds before
republishing.
* 2005-08-03 0.6.0.1 released
2005-08-03 jrandom
* Backed out an inadvertant change to the netDb store redundancy factor.
* Verify tunnel participant caching.
* Logging cleanup
2005-08-01 duck
* Update IzPack to 3.7.2 (build 2005.04.22). This fixes bug #82.
2005-08-01 duck
* Fix an addressbook NPE when a new hostname from the master addressbook
didn't exist in the router addressbook.
* Fix an addressbook bug which caused subscriptions not to be parsed at
all. (Oops!)
2005-07-31 jrandom
* Adjust the netDb search and store per peer timeouts to match the average
measured per peer success times, rather than huge fixed values.
* Optimized and reverified the netDb peer selection / retrieval process
within the kbuckets.
* Drop TCP connections that don't have any useful activity in 10 minutes.
* If i2np.udp.fixedPort=true, never change the externally published port,
even if we are autodetecting the IP address.
* 2005-07-27 0.6 released
2005-07-27 jrandom
* Enabled SSU as the default top priority transport, adjusting the
config.jsp page accordingly.
* Add verification fields to the SSU and TCP connection negotiation (not
compatible with previous builds)
* Enable the backwards incompatible tunnel crypto change as documented in
tunnel-alt.html (have each hop encrypt the received IV before using it,
then encrypt it again before sending it on)
* Disable the I2CP encryption, leaving in place the end to end garlic
encryption (another backwards incompatible change)
* Adjust the protocol versions on the TCP and SSU transports so that they
won't talk to older routers.
* Fix up the config stats handling again
* Fix a rare off-by-one in the SSU fragmentation
* Reduce some unnecessary netDb resending by inluding the peers queried
successfully in the store redundancy count.
2005-07-22 jrandom
* Use the small thread pool for I2PTunnelHTTPServer (already used for
I2PTunnelServer)
* Minor memory churn reduction in I2CP
* Small stats update
2005-07-21 jrandom
* Fix in the SDK for a bug which would manifest itself as misrouted
streaming packets when a destination has many concurrent streaming
connections (thanks duck!)
* No more "Graceful shutdown in -18140121441141s"
2005-07-20 jrandom
* Allow the user to specify an external port # for SSU even if the external
host isn't specified (thanks duck!)
2005-07-19 jrandom
* Further preparation for removing I2CP crypto
* Added some validation to the DH key agreement (thanks $anon)
* Validate tunnel data message expirations (though not really a problem,
since tunnels expire)
* Minor PRNG threading cleanup
* Added workaround for an odd win32 bug in the stats configuration console
page which meant only the first checkbox selection was saved.
* Added per group selection toggles in the stats configuration console
page.
2005-07-13 jrandom
* Fixed a recently injected bug in the multitransport bidding which had
allowed an essentially arbitrary choice of transports, rather than the
properly ordered choice.
2005-07-13 jrandom
* Fixed a long standing bug where we weren't properly comparing session
tags but instead largely depending upon comparing their hashCode,
causing intermittent decryption errors.
* Add some data duplication to avoid a recently injected concurrency
problem in the session tag manager (thanks redzara and romster).
2005-07-11 jrandom
* Reduced the growth factor on the slow start and congestion avoidance for
the streaming lib.
* Adjusted some of the I2PTunnelServer threading to use a small pool of
handlers, rather than launching off new threads which then immediately
launch off an I2PTunnelRunner instance (which launches 3 more threads..)
* Don't persist session keys / session tags (not worth it, for now)
* Added some detection and handling code for duplicate session tags being
delivered (root cause still not addressed)
* Make the PRNG's buffer size configurable (via the config property
"i2p.prng.totalBufferSizeKB=4096")
* Disable SSU flooding by default (duh)
* Updates to the StreamSink apps for better throttling tests.
2005-07-05 jrandom
* Use a buffered PRNG, pulling the PRNG data off a larger precalculated
buffer, rather than the underlying PRNG's (likely small) one, which in
turn reduces the frequency of recalcing.
* More tuning to reduce temporary allocation churn
2005-07-04 jrandom
* Within the tunnel, use xor(IV, msg[0:16]) as the flag to detect dups,
rather than the IV by itself, preventing an attack that would let
colluding internal adversaries tag a message to determine that they are
in the same tunnel. Thanks dvorak for the catch!
* Drop long inactive profiles on startup and shutdown
* /configstats.jsp: web interface to pick what stats to log
* Deliver more session tags to account for wider window sizes
* Cache some intermediate values in our HMACSHA256 and BC's HMAC
* Track the client send rate (stream.sendBps and client.sendBpsRaw)
* UrlLauncher: adjust the browser selection order
* I2PAppContext: hooks for dummy HMACSHA256 and a weak PRNG
* StreamSinkClient: add support for sending an unlimited amount of data
* Migrate the tests out of the default build jars
2005-06-22 Comwiz
* Migrate the core tests to junit
2005-05-01 jrandom
* Added a substantial optimization to the AES engine by caching the
prepared session keys (duh).
2005-05-01 jrandom
* Cleaned up the peers page a bit more.
2005-04-30 jrandom
* Added a small new page to the web console (/peers.jsp) which contains
the peer connection information. This will be cleaned up a lot more
before 0.6 is out, but its a start.
2005-04-30 jrandom
* Reduced some SimpleTimer churn
2005-04-29 jrandom
* Reduce the peer profile stat coallesce overhead by inlining it with the
reorganize.
* Limit each transport to at most one address (any transport that requires
multiple entry points can include those alternatives in the address).
2005-04-28 jrandom
* More fixes for the I2PTunnel "other" interface handling (thanks nelgin!)
* Add back the code to handle bids from multiple transports (though there
is still only one transport enabled by default)
* Adjust the router's queueing of outbound client messages when under
heavy load by running the preparatory job in the client's I2CP handler
thread, thereby blocking additional outbound messages when the router is
hosed.
* No need to validate or persist a netDb entry if we already have it
2005-04-25 smeghead
* Added button to router console for manual update checks.
* Fixed bug in configupdate.jsp that caused the proxy port to be updated
every time the form was submitted even if it hadn't changed.
2005-04-24 jrandom
* Added a pool of PRNGs using a different synchronization technique,
hopefully sufficient to work around IBM's PRNG bugs until we get our
own Fortuna.
* In the streaming lib, don't jack up the RTT on NACK, and have the window
size bound the not-yet-ready messages to the peer, not the unacked
message count (not sure yet whether this is worthwile).
* Many additions to the messageHistory log.
* Handle out of order tunnel fragment delivery (not an issue on the live
net with TCP, but critical with UDP).
2005-04-20 jrandom
* In the SDK, we don't actually need to block when we're sending a message
as BestEffort (and these days, we're always sending BestEffort).
* Pass out client messages in fewer (larger) steps.
* Have the InNetMessagePool short circuit dispatch requests.
* Have the message validator take into account expiration to cut down on
false positives at high transfer rates.
* Allow configuration of the probabalistic window size growth rate in the
streaming lib's slow start and congestion avoidance phases, and default
them to a more conservative value (2), rather than the previous value
(1).
* Reduce the ack delay in the streaming lib to 500ms
* Honor choke requests in the streaming lib (only affects those getting
insanely high transfer rates)
* Let the user specify an interface besides 127.0.0.1 or 0.0.0.0 on the
I2PTunnel client page (thanks maestro^!)
2005-04-17 sirup
* Added the possibility for i2ptunnel client and httpclient instances to
have their own i2p session (and hence, destination and tunnels). By
default, tunnels are shared, but that can be changed on the web
interface or with the sharedClient config option in i2ptunnel.config.
2005-04-17 jrandom
* Marked the net.i2p.i2ptunnel.TunnelManager as deprecated. Anyone use
this? If not, I want to drop it (lots of tiny details with lots of
duplicated semantics).
2005-04-17 zzz
* Added new user-editable eepproxy error page templates.
2005-04-17 jrandom
* Revamp the tunnel building throttles, fixing a situation where the
rebuild may not recover, and defaulting it to unthrottled (users with
slow CPUs may want to set "router.tunnel.shouldThrottle=true" in their
advanced router config)
2005-04-16 jrandom
* Migrated to Bouncycastle's SHA256 and HMAC implementations for efficiency
2005-04-12 jrandom
* Make sure we don't get cached updates (thanks smeghead!)
* Clear out the callback for the TestJob after it passes (only affects the
job timing accounting)
2005-04-08 smeghead
* Added NativeBigInteger benchmark to scripts/i2pbench.sh.
2005-04-08 smeghead
* Security improvements to TrustedUpdate: signing and verification of the
version string along with the data payload for signed update files
(consequently the positions of the DSA signature and version string fields
have been swapped in the spec for the update file's header); router will
no longer perform a trusted update if the signed update's version is lower
than or equal to the currently running router's version.
* Added two new CLI commands to TrustedUpdate: showversion, verifyupdate.
* Extended TrustedUpdate public API for use by third party applications.
2005-04-05 jrandom
* Retry I2PTunnel startup if we are unable to build a socketManager for a
client or httpclient tunnel.
* Add some basic sanity checking on the I2CP settings (thanks duck!)
2005-04-05 jrandom
* After a successfull netDb search for a leaseSet, republish it to all of
the peers we have tried so far who did not give us the key (up to 10),
rather than the old K closest (which may include peers who had given us
the key)
* Don't wait 5 minutes to publish a leaseSet (duh!), and rather than
republish it every 5 minutes, republish it every 3. In addition, always
republish as soon as the leaseSet changes (duh^2).
* Minor fix for oddball startup race (thanks travis_bickle!)
* Minor AES update to allow in-place decryption.
2005-04-03 jrandom
* EepGet fix for open-ended HTTP fetches (such as the news.xml
feeding the NewsFetcher)
2005-04-01 jrandom
* Allow editing I2PTunnel server instances with five digit ports
(thanks nickless_head!)
* More NewsFetcher debugging for reported weirdness
2005-04-01 jrandom
* Fix to check for missing news file (thanks smeghead!)
* Added destination display CLI:
java -cp lib/i2p.jar net.i2p.data.Destination privKeyFilename
* Added destination display to the web interface (thanks pnspns)
* Installed CIA backdoor
4578
4579
4580
4581
4582
4583
4584
4585
4586
4587
4588
4589
4590
4591
4592
4593
4594
4595
4596
4597
4598
* 2005-03-29 0.5.0.5 released
2005-03-29 jrandom
* Decreased the initial RTT estimate to 10s to allow more retries.
* Increased the default netDb store replication factor from 2 to 6 to take
into consideration tunnel failures.
* Address some statistical anonymity attacks against the netDb that could
be mounted by an active internal adversary by only answering lookups for
leaseSets we received through an unsolicited store.
* Don't throttle lookup responses (we throttle enough elsewhere)
* Fix the NewsFetcher so that it doesn't incorrectly resume midway through
the file (thanks nickster!)
* Updated the I2PTunnel HTML (thanks postman!)
* Added support to the I2PTunnel pages for the URL parameter "passphrase",
which, if matched against the router.config "i2ptunnel.passphrase" value,
skips the nonce check. If the config prop doesn't exist or is blank, no
passphrase is accepted.
* Implemented HMAC-SHA256.
* Enable the tunnel batching with a 500ms delay by default
* Dropped compatability with 0.5.0.3 and earlier releases
2005-03-26 jrandom
* Added some error handling and fairly safe to cache data to the streaming
lib (good call Tom!)
2005-03-25 jrandom
* Fixed up building dependencies for the routerconsole on some more
aggressive compilers (thanks polecat!)
2005-03-23 jrandom
* Added more intelligent version checking in news.xml, in case we have a
version newer than the one specified.
2005-03-23 jrandom
* Added support for Transfer-Encoding: chunked to the EepGet, so that the
cvsweb.cgi doesn't puke on us.
2005-03-23 Connelly
* Fixed Bugzilla Bug #99 in the SAM Bridge, which caused pending
stream send data to not be sent if STREAM CLOSE is issued too fast.
2005-03-23 jrandom
* Implemented the news fetch / update policy code, as configurated on
/configupdate.jsp. Defaults are to grab the news every 24h (or if it
doesn't exist yet, on startup). No action is taken however, though if
the news.xml specifies that a new release is available, an option to
update will be shown on the router console.
* New initialNews.xml delivered with new installs, and moved news.xml out
of the i2pwww module and into the i2p module so that we can bundle it
within each update.
4631
4632
4633
4634
4635
4636
4637
4638
4639
4640
4641
4642
4643
4644
4645
4646
4647
4648
4649
4650
4651
4652
4653
2005-03-23 jrandom
* New /configupdate.jsp page for controlling the update / notification
process, as well as various minor related updates. Note that not all
options are exposed yet, and the update detection code isn't in place
in this commit - it currently says there is always an update available.
* New EepGet component for reliable downloading, with a CLI exposed in
java -cp lib/i2p.jar net.i2p.util.EepGet url
* Added a default signing key to the TrustedUpdate component to be used
for verifying updates. This signing key can be authenticated via
gpg --verify i2p/core/java/src/net/i2p/crypto/TrustedUpdate.java
* New public domain SHA1 implementation for the DSA code so that we can
handle signing streams of arbitrary size without excess memory usage
(thanks P.Verdy!)
* Added some helpers to the TrustedUpdate to work off streams and to offer
a minimal CLI:
TrustedUpdate keygen pubKeyFile privKeyFile
TrustedUpdate sign origFile signedFile privKeyFile
TrustedUpdate verify signedFile
2005-03-22 smeghead
* New TrustedUpdate component for signing/verifying files with a DSA
signature.
2005-03-21 jrandom
* Fixed the tunnel fragmentation handler to deal with multiple fragments
in a single message properly (rather than release the buffer into the
cache after processing the first one) (duh!)
* Added the batching preprocessor which will bundle together multiple
small messages inside a single tunnel message by delaying their delivery
up to .5s, or whenever the pending data will fill a full message,
whichever comes first. This is disabled at the moment, since without the
above bugfix widely deployed, lots and lots of messages would fail.
* Within each tunnel pool, stick with a randomly selected peer for up to
.5s before randomizing and selecting again, instead of randomizing the
pool each time a tunnel is needed.
* 2005-03-18 0.5.0.3 released
2005-03-18 jrandom
* Minor tweak to the timestamper to help reduce small skews
* Adjust the stats published to include only the relevent ones
* Only show the currently used speed calculation on the profile page
* Allow the full max # resends to be sent, rather than piggybacking the
RESET packet along side the final resend (duh)
* Add irc.postman.i2p to the default list of IRC servers for new installs
* Drop support for routers running 0.5 or 0.5.0.1 while maintaining
backwards compatability for users running 0.5.0.2.
2005-03-18 jrandom
* Eepproxy Fix for corrupted HTTP headers (thanks nickster!)
* Fixed case sensitivity issues on the HTTP headers (thanks duck!)
2005-03-17 jrandom
* Update the old speed calculator and associated profile data points to
use a non-tiered moving average of the tunnel test time, avoiding the
freshness issues of the old tiered speed stats.
* Explicitly synchronize all of the methods on the PRNG, rather than just
the feeder methods (sun and kaffe only need the feeder, but it seems ibm
needs all of them synchronized).
* Properly use the tunnel tests as part of the profile stats.
* Don't flood the jobqueue with sequential persist profile tasks, but
instead, inject a brief scheduling delay between them.
* Reduce the TCP connection establishment timeout to 20s (which is still
absurdly excessive)
* Reduced the max resend delay to 30s so we can get some resends in when
dealing with client apps that hang up early (e.g. wget)
* Added more alternative socketManager factories (good call aum!)
2005-03-16 jrandom
* Adjust the old speed calculator to include end to end RTT data in its
estimates, and use that as the primary speed calculator again.
* Use the mean of the high capacity speeds to determine the fast
threshold, rather than the median. Perhaps we should use the mean of
all active non-failing peers?
* Updated the profile page to sort by tier, then alphabetically.
* Added some alternative socketManager factories (good call aum!)
2005-03-14 jrandom
* New strict speed calculator that goes off the actual number of messages
verifiably sent through the peer by way of tunnels. Initially, this only
contains the successful message count on inbound tunnels, but may be
augmented later to include verified outbound messages, peers queried in
the netDb, etc. The speed calculation decays quickly, but should give
a better differential than the previous stat (both values are shown on
the /profiles.jsp page)
4717
4718
4719
4720
4721
4722
4723
4724
4725
4726
4727
4728
4729
4730
4731
4732
4733
4734
4735
4736
4737
4738
4739
4740
4741
4742
4743
2005-03-11 jrandom
* Rather than the fixed resend timeout floor (10s), use 10s+RTT as the
minimum (increased on resends as before, of course).
* Always prod the clock update listeners, even if just to tell them that
the time hasn't changed much.
* Added support for explicit peer selection for individual tunnel pools,
which will be useful in debugging but not recommended for use by normal
end users.
* More aggressively search for the next hop's routerInfo on tunnel join.
* Give messages received via inbound tunnels that are bound to remote
locations sufficient time (taking into account clock skew).
* Give alternate direct send messages sufficient time (10s min, not 5s)
* Always give the end to end data message the explicit timeout (though the
old default was sufficient before)
* No need to give end to end messages an insane expiration (+2m), as we
are already handling skew on the receiving side.
* Don't complain too loudly about expired TunnelCreateMessages (at least,
not until after all those 0.5 and 0.5.0.1 users upgrade ;)
* Properly keep the sendBps stat
* When running the router with router.keepHistory=true, log more data to
messageHistory.txt
* Logging updates
* Minor formatting updates
2005-03-08 jrandom
* More aggressively adjust the clock
2005-03-07 jrandom
* Fix the HTTP response header filter to allow multiple headers with the
same name (thanks duck and spotteri!)
* 2005-03-06 0.5.0.2 released
2005-03-06 jrandom
* Allow the I2PTunnel web interface to select streaming lib options for
individual client tunnels, rather than sharing them across all of them,
as we do with the session options. This way people can (and should) set
the irc proxy to interactive and the eepproxy to bulk.
* Added a startRouter.sh script to new installs which simply calls
"sh i2prouter start". This should make it clear how people should start
I2P.
* Properly expand the HTTP response header buffer (thanks shendaras!)
2005-03-04 jrandom
* Filter HTTP response headers in the eepproxy, forcing Connection: close
so that broken (/malicious) webservers can't allow persistent
connections. All HTTP compliant browsers should now always close the
socket.
* Enabled the GZIPInputStream's cache (they weren't cached before)
* Make sure our first send is always a SYN (duh)
* Workaround for some buggy compilers
2005-03-03 jrandom
* Loop while starting up the I2PTunnel instances, in case the I2CP
listener isn't up yet (thanks detonate!)
* Implement custom reusable GZIP streams to both reduce memory churn
and prevent the exposure of data in the standard GZIP header (creation
time, OS, etc). This is RFC1952 compliant, and backwards compatible,
though has only been tested within the confines of I2P's compression use
(DataHelper.[de]compress).
* Preemptively support the next protocol version, so that after the 0.5.0.2
release, we'll be able to drop protocol=2 to get rid of 0.5 users.
2005-03-02 jrandom
* Fix one substantial OOM cause (session tag manager was only dropping
tags once the critical limit was met, rather than honoring their
expiration) (duh)
* Lots of small memory fixes
* Double the allowable concurrent outstanding tunnel build tasks (20)
2005-03-01 jrandom
* Really disable the streaming lib packet caching
* Synchronized a message handling point in the SDK (even though its use is
already essentially single threaded, its better to play it safe)
* Don't add new RepublishLeaseSetJobs on failure, just requeue up the
existing one (duh)
* Throttle the number of concurrent pending tunnel builds across all
pools, in addition to simply throttling the number of new requests per
minute for each pool individually. This should avoid the cascading
failure when tunnel builds take too long, as no new builds will be
created until the previous ones are handled.
* Factored out and extended the DataHelper's unit tests for dealing with
long and date formatting.
* Explicitly specify the HTTP auth realm as "i2prouter", though this
alone doesn't address the bug where jetty asks for authentication too
much. (thanks orion!)
* Updated the StreamSinkServer to ignore all read bytes, rather than write
them to the filesystem.
2005-02-27 jrandom
* Don't rerequest leaseSets if there are already pending requests
* Reverted the insufficiently tested caching in the DSA/SHA1 impl, and
temporary disabled the streaming lib packet caching.
* Reduced the resend RTT penalty to 10s
2005-02-26 jrandom
* Force 1.3-isms on the precompiled jsps too (thanks laberhost)
2005-02-26 jrandom
* Further streaming lib caching improvements
* Reduce the minimum RTT (used to calculate retry timeouts), but also
increase the RTT on resends.
* Lower the default message size to 4KB from 16KB to further reduce the
chance of failed fragmentation.
* Extend tunnel rebuild throttling to include fallback rebuilds
* If there are less than 20 routers known, don't drop the last 20 (to help
avoid dropping all peers under catastrophic failures)
* New stats for end to end messages - "client.leaseSetFoundLocally",
"client.leaseSetFoundRemoteTime", and "client.leaseSetFailedRemoteTime"
2005-02-24 jrandom
* Throttle the number of tunnel rebuilds per minute, preventing CPU
overload under catastrophic failures (thanks Tracker and cervantes!)
* Block the router startup process until we've initialized the clock
2005-02-24 jrandom
* Cache temporary memory allocation in the DSA's SHA1 impl, and the packet
data in the streaming lib.
* Fixed a streaming lib bug where the connection initiator would fail the
stream if the ACK to their SYN was lost.
2005-02-23 jrandom
* Now that we don't get stale SAM sessions, it'd be nice if we didn't
get stale tunnel pools, don't you think?
2005-02-22 jrandom
* Reworked the tunnel (re)building process to remove the tokens and
provide cleaner controls on the tunnels built.
* Fixed situations where the timestamper wanted to test more servers than
were provided (thanks Tracker!)
* Get rid of the dead SAM sessions by using the streaming lib's callbacks
(thanks Tracker!)
2005-02-22 jrandom
* Temporary workaround for the I2CP disconnect bug (have the streaminglib
try to automatically reconnect on accept()/connect(..)).
* Loop check for expired lease republishing (just in case)
2005-02-22 jrandom
* Adjusted (and fixed...) the timestamper change detection
* Deal with a rare reordering bug at the beginning of a stream (so we
don't drop it unnecessarily)
* Cleaned up some dropped message handling in the router
* Reduced job queue churn when dealing with a large number of tunnels by
sharing an expiration job
* Keep a separate list of the most recent CRIT messages (shown on the
logs.jsp). This way they don't get buried among any other messages.
* For clarity, display the tunnel variance config as "Randomization" on
the web console.
* If lease republishing fails (boo! hiss!) try it again
* Actually fix the negative jobLag in the right place (this time)
* Allow reseeding when there are less than 10 known peer references
* Lots of logging updates.
2005-02-20 jrandom
* Allow the streaming lib resend frequency to drop down to 20s as the
minimum, so that up to 2 retries can get sent on an http request.
* Add further limits to failsafe tunnels.
* Keep exploratory and client tunnel testing and building stats separate.
* Only use the 60s period for throttling tunnel requests due to transient
network overload.
* Rebuild tunnels earlier (1-3m before expiration, by default)
* Cache the next hop's routerInfo for participating tunnels so that the
tunnel participation doesn't depend on the netDb.
* Fixed a long standing bug in the streaming lib where we wouldn't always
unchoke messages when the window size grows.
* Make sure the window size never reaches 0 (duh)
2005-02-20 jrandom
* Only build failsafe tunnels if we need them
* Properly implement the selectNotFailingPeers so that we get a random
selection of peers, rather than using the strictOrdering (thanks dm!)
* Don't include too many "don't tell me about" peer references in the
lookup message - only send the 10 peer references closest to the target.
2005-02-19 jrandom
* Only build new extra tunnels on failure if we don't have enough
* Fix a fencepost in the tunnel building so that e.g. a variance of
2 means +/- 2, not +/- 1 (thanks dm!)
* Avoid an NPE on client disconnect
* Never select a shitlisted peer to participate in a tunnel
* Have netDb store messages timeout after 10s, not the full 60s (duh)
* Keep session tags around for a little longer, just in case (grr)
* Cleaned up some closing event issues on the streaming lib
* Stop bundling the jetty 5.1.2 and updated wrapper.config in the update
so that 0.4.* users will need to do a clean install, but we don't need
to shove an additional 2MB in each update to those already on 0.5.
* Imported the susimail css (oops, thanks susi!)
2005-02-17 jrandom
* If the clock is adjusted during a job run, don't act as if the job took
negative time.
2005-02-17 jrandom
* Included the GPL'ed susimail 0.13 by default (thanks susi23!)
2005-02-17 jrandom
* Fixed the braindead tunnel testing logic
* If a large number of tunnels are failing (within the last 5-10 minutes)
and the current tunnel pool's configuration allows it, randomly build a
zero hop tunnel to replace failed tunnels.
* Enable postman's POP3 and SMTP tunnels by default
2005-02-16 jrandom
* Added some error handling when the number of session tags exceeds the
realistic capacity, dropping a random chunk of received tag sets and
conducting some minor analysis of the remaining ones. This is a part
of a pretty serious error condition, and logs as CRIT (if/when people
see "TOO MANY SESSION TAGS!", please let me know the full log line it
puts in the wrapper.log or /logs.jsp)
* Update the addressbook to only write to the published hosts location
if the addressbook's config contains "should_publish=true" (by default,
it contains "should_publish=false")
4935
4936
4937
4938
4939
4940
4941
4942
4943
4944
4945
4946
4947
4948
4949
4950
4951
4952
4953
4954
4955
4956
4957
4958
4959
4960
4961
4962
4963
4964
4965
4966
4967
4968
4969
4970
4971
4972
4973
4974
4975
4976
4977
4978
4979
4980
4981
4982
2005-02-16 jrandom
* (Merged the 0.5-pre branch back into CVS HEAD)
* Replaced the old tunnel routing crypto with the one specified in
router/doc/tunnel-alt.html, including updates to the web console to view
and tweak it.
* Provide the means for routers to reject tunnel requests with a wider
range of responses:
probabalistic rejection, due to approaching overload
transient rejection, due to temporary overload
bandwidth rejection, due to persistent bandwidth overload
critical rejection, due to general router fault (or imminent shutdown)
The different responses are factored into the profiles accordingly.
* Replaced the old I2CP tunnel related options (tunnels.depthInbound, etc)
with a series of new properties, relevent to the new tunnel routing code:
inbound.nickname (used on the console)
inbound.quantity (# of tunnels to use in any leaseSets)
inbound.backupQuantity (# of tunnels to keep in the ready)
inbound.length (# of remote peers in the tunnel)
inbound.lengthVariance (if > 0, permute the length by adding a random #
up to the variance. if < 0, permute the length
by adding or subtracting a random # up to the
variance)
outbound.* (same as the inbound, except for the, uh, outbound tunnels
in that client's pool)
There are other options, and more will be added later, but the above are
the most relevent ones.
* Replaced Jetty 4.2.21 with Jetty 5.1.2
* Compress all profile data on disk.
* Adjust the reseeding functionality to work even when the JVM's http proxy
is set.
* Enable a poor-man's interactive-flow in the streaming lib by choking the
max window size.
* Reduced the default streaming lib max message size to 16KB (though still
configurable by the user), also doubling the default maximum window
size.
* Replaced the RouterIdentity in a Lease with its SHA256 hash.
* Reduced the overall I2NP message checksum from a full 32 byte SHA256 to
the first byte of the SHA256.
* Added a new "netId" flag to let routers drop references to other routers
who we won't be able to talk to.
* Extended the timestamper to get a second (or third) opinion whenever it
wants to actually adjust the clock offset.
* Replaced that kludge of a timestamp I2NP message with a full blown
DateMessage.
* Substantial memory optimizations within the router and the SDK to reduce
GC churn. Client apps and the streaming libs have not been tuned,
however.
2005-02-13 jrandom
* Updated jbigi source to handle 64bit CPUs. The bundled jbigi.jar still
only contains 32bit versions, so build your own, placing libjbigi.so in
your install dir if necessary. (thanks mule!)
* Added support for libjbigi-$os-athlon64 to NativeBigInteger and CPUID
(thanks spaetz!)
2005-02-10 smeghead
* Initial check-in of Pants, a new utility to help us manage our 3rd-party
dependencies (Fortuna, Jetty, Java Service Wrapper, etc.). Some parts of
Pants are still non-functional at this time so don't mess with it yet
unless you want to potentially mangle your working copy of CVS.