history.txt

2013-10-06 zzz
 Prop from branch i2p.i2p.zzz.ecdsa:
 * Build:
   - Generate su3 file in release target
   - Add zzz's new RSA 4096 pubkey cert for updates
   - Fix checkcerts.sh
 * Console: Move advanced setting to HelperBase
 * DSAEngine changes:
   - Implement raw sign/verify for other SigTypes
   - Add sign/verify methods using Java keys
 * ECDSA Support:
   - Add ECConstants which looks for named curves and falls back to
     explicitly defining the curves
   - Add support for ECDSA to SigType, DSAEngine and KeyGenerator
   - Attempt to add BC as a Provider
   - genSpec: fallback to BC provider
 * EepGet:
   - Fix non-proxied PartialEepGet
   - Prevent non-proxied eepget for an I2P host
 * KeyGenerator changes:
   - Generate key pairs for all supported SigTypes
   - KeyPairGen: Catch ProviderException, fallback to BC provider
   - Add KeyGenerator main() tests
 * KeyRing and DirKeyRing added: simple backend for storing X.509 certs
 * KeyStoreUtil added:
   - Consolidate KeyStore code from SSLEepGet, I2CPSSLSocketFactory,
     SSLClientListenerRunner, and RouterConsoleRunner into new
     KeyStoreUtil and CertUtil classes in net.i2p.crypto (ticket #744)
   - Change default to RSA 2048 (ticket #1017)
   - Set file modes on written keys
   - Overwrite check in createKeys()
   - New getCert(), getKey()
   - Extend keygen max wait
   - Read back private key to verify after keygen
   - Validate cert after reading from file
   - Validate CN in cert
   - Specify cert signature algorithm when generating keys
 * NativeBigInteger: Tweak to prevent early context instantiation
 * RSA support added: constants, parameters, sig types, support in DSAEngine, KeyGenerator, SigUtil
 * SHA1Hash: Add no-arg constructor
 * SigType changes:
   - Add parameters (curve specs) to SigTypes
   - Add getHashInstance()
   - Add RSA, fix ECDSA
   - Renumber, rename, comment out types that are too short.
 * SigUtil added:
   - Converters from Java formats (ASN.1, X.509, PKCS#8)
     to I2P formats for Signatures and SigningKeys
   - Move ASN.1 converter from DSAEngine to SigUtil, generalize
     for variable length, add support for longer sequences,
     add more sanity checks, add more exceptions
   - Move I2P-to-Java DSA key conversion from DSAEngine to SigUtil
   - Add Java-to-I2P DSA key conversion
   - Add Java key import
   - New split() and combine() methods
 * SSLEepGet: Move all certificates to certificates/ssl, in preparation
   for other certificate uses by SU3File
 * SU3File changes:
   - Support all SigTypes
   - Implement keygen
   - Readahead to get sigtype on verify, as we need the hash type
   - Enum for content type
   - Add unknown content type, make default
   - Fix NPE if private key not found or sign fails
   - Store generated keys in keystore, and get private key from keystore
     for signing, in Java format
   - Use Java keys to sign and verify so we don't
     lose the key parameters in the conversion to I2P keys
   - Type checking of Java private key vs. type when signing
   - Use certs instead of public keys for verification
   - Fix arg processing
   - Improve validate-without-extract
   - New extract command
   - Change static fields to avoid early context init
   - Reduce PRNG buffer size for faster signing
 * Update: Preliminary work for su3 router updates:
   - New ROUTER_SIGNED_SU3 UpdateType
   - Add support for torrent and HTTP
   - Refactor UpdateRunners to return actual UpdateType
   - Deal with signed/su3 conflicts
   - Verify and extract su3 files.
   - Stub out support for clearnet su3 updating
   - New config for proxying news, separate from proxying update
   - PartialEepGet and SSLEepGet tweaks to support clearnet update
   - Remove proxy, key, and url config from /configupdate
   - More URI checks in UpdateRunner
   - Add https support for news fetch
   - Add su3 mime type
   - Reset found version in update loop so we don't fetch from
     the next host too.
   - Prevent NPE on version after SSL fetch

* 2013-10-02 0.9.8.1 released

2013-10-01 zzz
 * Startup: Fix rekeying on Windows (tickets #1056, 1057)

* 2013-09-30 0.9.8 released

2013-09-26 kytv
 * French, German, Russian, and Swedish translation updates from Transifex
 * Update geoip.txt based on Maxmind GeoLite Country database from 2013-09-03

2013-09-23 zzz
 * Console: Add /proof page which can copied to prove you run a router

2013-09-20 kytv
 * Chinese, French, German, Russian, and Swedish translation updates from
   Transifex

2013-09-17 zzz
 * Revert expl. default back to 2 hops, wait for next release

2013-09-07 zzz
 * Crypto: Don't use "short exponent" on faster platforms.
   Rebuild router identity if key length doesn't match setting.

2013-09-03 zzz
 * configui: Change pw restart warning to error so people dont miss it
 * Data: deprecate most of LeaseSetKeys
 * i2ptunnel: Reduce buffer size and use cache in HTTPServer
 * Jetty: Increase maxIdleTime
 * profiles: use different sort for floodfill profiles display
 * Utils: Consolidate maxMemory() calls

2013-08-31 zab
 * Streaming: Use only non-retransmitted packets when sampling RTT
   (Ticket 1007, RFC 6298)

2013-08-30 zzz
 * Addressbook: Don't write to log file on Android (ticket #859)
 * Addresses: Treat Teredo addresses 2001:0::/32 as local
 * Console: Display "accepting tunnels" instead of "rejecting tunnels"
            after 20 minutes (ticket #902)
 * i2psnark: Highlight table rows on hover
 * NTCP: Handle race where peer's NTCP address goes away
 * SSU, confignet: Add support for specifiying multiple addresses
 * SusiDNS: Don't require last subscription to be terminated by newline (ticket #1000)

2013-08-11 zzz
 * Jetty 7.6.12.v20130726

2013-08-11 kytv
 * Update Java Service Wrapper to v3.5.20
    - Windows: Self-compiled with VS2010 in Windows 7. The icon has been
      changed from Tanuki's default to Itoopie.
    - Linux ARMv6: Compiled on a RaspberryPi using gcc 4.6.3-14+rpi1,
      Icedtea6 6b27-1.12.5-1+rpi1 and stripped
    - All other binaries are from the "community edition" deltapack offered by
      Tanuki.
 * Translations
   - French, Portugeuse, Russian, Spanish, and Turkish updates from Transifex
   - Start of Romanian translation from Transifex

2013-08-11 zab
 * Streaming:
   - reduce initial ack delay 2000->1000
   - rework the logic of acking duplicate packets

* 2013-08-10 0.9.7.1 released

2012-08-10 zzz
 * Prop from i2p.i2p.0971
 * Update:
   - New update hosts, thanks Meeh and dg
   - Increase update-via-torrent to 30%

2012-07-30 zzz
 * i2psnark: Increase max piece size to 4 MB (ticket #993)
 * Tunnels: Extend local expiration of IB tunnels, to allow for
   more clock skew and not drop valid messages at their destination

2012-07-29 zzz
 * Signatures:
   - Prep for new signature algorithms; new SigType enum;
     Signature, SigningPublicKey, SigningPrivateKey store type
   - New Hash384 and Hash512 classes
   - Remove length field in SimpleDataStructure
   - New SU3File generator/verifier/extractor
 * GeoIPv6: Fix NPE (ticket #992)

2012-07-28 zzz
 * Addresses: Treat RFC 4193 addresses fc00::/7 as local
 * NetDB: Disable RI verifies for now

2012-07-26 zzz
 * Transports:
   - Fix IPv6-only option 2nd try
   - Treat RFC 4193 addresses fc00::/7 as local

2012-07-25 zzz
 * Transports:
   - Prefer IPv6 by default
   - Fix IPv6-only option
   - Don't try NTCP IPv6 addresses unless we have one
   - Fix non-%16 SSU padding; enable by default
 * Tunnels:
   - Make expl. default 3 hops  (ticket #966)
   - Allow expl. fallback up to -2 hops