Newer
Older
2014-03-05 zzz
* Transports: Don't send a duplicate store of our RI at
start of a connection (ticket #1187)
* NTCP:
- Lower send priority of the RI at exchange
- Bob will now send his RI even if he doesn't have Alice's
- Send RI again sooner on long-lived connections
2014-03-05 str4d
* susimail: Removed remaining Jetty dependencies in susimail
(patch from wockenfuss) (ticket #1165)
2014-02-24 zzz
* NetDB: Slow down router refresh after startup to reduce load
on exploratory tunnels
* NTCP:
- Add check for replayed session requests (ticket #1212)
- Disable inbound check connection
- Reduce object churn in EstablishmentManager
- Don't pollute Hash cache in EstablishmentManager
* Transports: Use SigUtil.rectify() in DH
* Tunnels: Rate-limit connections at the OBEP (ticket #1134)
2014-02-23 dg
* I2PTunnel: add 'irc.dg.i2p' to the default IRC2P tunnel (for more
information, see http://echelon.i2p/docs/IRC2p/irc2p_userguide.txt)
2014-02-21 zzz
* Build: Add property for target version
* I2CP Client: Generate revocation key of same type as signing key
* i2ptunnel: Only offer SigType options that are available in the JVM
* LeaseSet: Add check for SigType mismatch
* RouterAddress: Restore storage of expiration and use in signature
calculation, broken in 0.9.3, in anticipation of using it someday
* SigType: Add isAvailable()
2014-02-20 zzz
* i2ptunnel: Add inproxy block option to HTTP server
* Router: Allow null args to main() (broke Android)
2014-02-17 zzz
* HMAC:
- Replace BC MD5 with JVM version, refactor I2PHMAC to use
MessageDigest instead of BC Digest (ticket #1189)
- Use JVM HmacSHA256 instead of I2PHMAC for Syndie since it is standard
* SSU:
- Use session key for relay request/response if available (ticket #1206)
* Initial support for key certificates and arbitrary types and lengths
of signing keys and signatures in RouterIdentities and Destinations.
- Fixup of Destination.create() and Destination.size()
- Add generic off/len methods in DSAEngine, needed for streaming
- Support i2cp.destination.sigType option in TunnelController and
I2PSocketManagerFactory
- Fixup of sign/verify in streaming Packet
- Add setting in i2ptunnel server edit page (hidden for now)
- Comment out cert setting on i2ptunnel server edit page
- Show key type on susidns details page and LS debug page
- Hide setting in i2ptunnel edit pages unless advanced user
- Only store LS with key certs to routers that support it
- Only store LS with more than 6 leases to routers that support it
* Jetty:
- Update to Jetty 8.1.14.v20131031, Servlet 3.0, JSP 2.2
- Use Servlet and JSP jars from Jetty instead of Tomcat
- Tomcat remains at 6.0.37 supporting Servlet 2.5 / JSP 2.1
- Remove Jetty dependency in console error pages
- Require Java 6
2014-02-14 zzz
* I2CP:
- Add session limit, add new status code for refused
- Ramdomize session ID, prevent dups
- Make SessionId immutable
2014-02-13 zzz
* Router: Convert to getopt (ticket #1173)
* Tunnels: Change expl. OB default to 3+0
2014-02-11 zzz
* HTTP client proxy: Don't flush after headers for a POST,
so the POST data is included in the SYN packet,
to improve speed and reliability of small POSTs
3087
3088
3089
3090
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105
3106
3107
3108
3109
3110
3111
3112
3113
3114
3115
3116
3117
3118
3119
3120
3121
3122
3123
3124
3125
3126
3127
3128
2014-02-10 zzz
Prop from i2p.i2p.zzz.test2:
* Addressbook: Rewrite subscriptions.txt for new default URL
* Build: Honor require.gettext=false for i2prouter translations
* Core: Add lightweight getopt command line parsing lib (ticket #1173)
* EepGet:
- Convert to getopt (ticket #1173)
- New option -c for clearnet (no proxy), same as -p:0
- Proxy option -p with host name arg only (no ':') now allowed
- Proxy password option is now -x, not the second arg to -u
- Prompt for proxy password if not supplied in options
- Line length option is now -l, not the second arg to -m
- Error on nonproxied .onion hosts
- Update man page, sort options (ticket #1173)
- Support Digest proxy authentication (ticket #1173)
- Move authentication parsing method from I2PTunnelHTTPClientBase
* EepHead, PartialEepGet, SSLEepGet: Convert to getopt (ticket #1173)
* EepHead, PartialEepGet:
- New option -c for clearnet (no proxy), same as -p:0
- New option -o, same as EepGet
- Proxy option -p with host name arg only (no ':') now allowed
- Add proxy auth support with -u and -x options (ticket #1173)
* I2Ping:
- Convert to getopt (ticket #1173)
- Add support for from/to ports
* i2psnark: Cache PeerID.toString()
* I2PTunnel:
- Convert to getopt (ticket #1173)
- Add more argument sanity checking and a usage output
* PrivateKeyFile:
- Convert to getopt (ticket #1173)
- New option -e for hashcash effort, replaces -h with arg
- Stub out -t option, to be propped from ecdsa branch
* Streaming:
- Set ports on many packets that were missing them
- Use connection throttling methods on pings too (ticket #1142)
- Add methods to set ports on pings
- Argument checking on ping methods
* SU3File: Convert to getopt (ticket #1173)
* UpdateManager: Convert to RouterApp and remove update hooks from context
(ticket #1185)
2014-02-10 zzz
* Console:
- Don't reset graph settings when clicking restart or shutdown on graphs page
- Don't recommend guest login on trac, it's disabled
- Catch and remove corrupt jrb file (ticket #1186)
- Always set default language on /configui
* Transports: Reduce target connection count again to reduce
tunnel reject rate further
2014-02-07 zzz
* Services:
- Move backup news to psi.i2p
- Move default addressbook subscription to i2p-projekt.i2p
- Remove www.i2p2.i2p from default update lists
- Add psi.i2p to hosts.txt
- Update links on help pages to avoid redirects on new website
and select the correct language
* SusiDNS: Fix whitespace issues
2014-02-06 kytv
* Brazilian Portuguese, Danish, French, Japanese, Polish, Russian, Ukrainian
translation updates
* Updates to geoip.txt and geoipv6.dat.gz based on Maxmind GeoLite Country
database from 2014-02-05.
2014-01-31 zzz
* /logs: Fix encoding of wrapper log section (ticket #1193)
* NetDB: Fix cases where corrupt RouterInfo files were not deleted (ticket #1190)
* SOCKS: Remove static logs
2014-01-30 zzz
* InboundMessageDistributor: Set reply flag on LeaseSets
2014-01-28 zzz
* /configclients: Add link to plugins.i2p; don't show delete button for console
* Tunnels: Change expl. IB default to 2 + 0-1
2014-01-28 dg
* I2PSnark: Make 'kitty.png' transparent
2014-01-28 zzz
* I2CP: Use client tunnels for b32 lookups (ticket #1166)
3174
3175
3176
3177
3178
3179
3180
3181
3182
3183
3184
3185
3186
3187
3188
3189
3190
3191
3192
3193
3194
3195
3196
3197
3198
3199
3200
3201
3202
3203
3204
3205
3206
2014-01-27 zzz
Prop from i2p.i2p.zzz.i2cp:
* I2CP:
- Add support for hostname lookups over I2CP with new
HostLookup and HostReply messages.
- Move username / password from CreateSession to GetDate for
early authentication; this is an incompatible chage.
Outside router context with authentication enabled,
new clients will not work with old routers.
Early authentication is not yet enforced, enable with
i2cp.strictAuth=true. Will change default to true in a later release.
- Block all actions before authentication.
- Better disconnect messages to clients for diagnostics
- Improve lookup command, add auth command in i2ptunnel CLI for testing
- Don't start ClientWriterRunner thread in constructor
- Don't flush in ClientWriterRunner unless necessary
- Send GetDate even in SimpleSession outside of RouterContext
- Improve SetDate wait logic to reduce locks and break out when Disconnect received
- Add Disconnect handler to SimpleSession
- Add SessionID to HostLookup/Reply messages, for future
use when we have multiple sessions
- Throw IAE on invalid SessionID values
- Add support for b64 conversion in destLookup()
- Catch invalid message length sooner
* I2Ping:
- Extend I2PTunnelClientBase so non-shared-client,
I2CP options, and other features will work
- Fixes for fields and threading
- Cleanups
* Streaming:
- Send LS with ping (broken since 0.9.2)
- Set the NO_ACK flag on pings and pongs
2014-01-27 zab
* Move message serialization later in the SSU sending pipeline
* Up version to -5
2014-01-27 zzz
* i2ptunnel HTTP Proxy: Fix default enable for outproxy plugin
* i2psnark: Lower threshold for auto-stop
* i2ptunnel HTTP Proxy:
- Add support for HTTPS
- Add support for outproxy plugins
* Installer: Update links
* NetDB: Fix NPE after client shutdown (ticket #1174)
* Router: Lower frequency for publishing stats
* Update: All updates via torrent
2014-01-25 zab
* Move OutNetMessage buffer preparation to the Writer threads
(Ticket #1183)
* Up version to -1
* Updates to geoip.txt and geoipv6.dat.gz based on Maxmind GeoLite Country
database from 2014-01-08.
2014-01-20 zzz
* Console: Change www.i2p2.i2p links to i2p-projekt.i2p
* Reseed: Remove netdb.i2p2.de
* NetDB: Fix handling of DSRM and DSM down client tunnels
2014-01-11 zzz
* NetDB:
- Reduce min part tunnels for ffs to 35
- Use client tunnels for LS lookups from OCMOSJ (ticket #1166)
2014-01-11 str4d
* BOB: Pass through I2CP host/port (ticket #827)
2014-01-10 str4d
* BOB: Implement ClientApp interface (ticket #347)
2014-01-09 zzz
* Kademila: Fix NPE in remove()
2014-01-09 kytv
* Translations
- Updates to French, German, Romanian, and Russian
- New Brazilian Portuguese translation
- Mass pull of translations from Transifex
- Update of English strings
* susimail:
- Fixed pagination with zero entries (ticket #1168)
- UTF-8 support from wockenfuss (ticket #508)
2014-01-07 zzz
* Streaming: Fix StandardServerSocket.close() and isClosed()
2014-01-04 zzz
* Peermanager: Disable small same-country bonus
* Tunnels: Change client default to 3 hops in router;
change expl. default to 2+0 IB and 2 + 0-1 OB
2014-01-04 dg
* Streaming: Move streaming to new package (ticket #1135)
* Console: Change /configclients 'advanced warning' to include 'toopie, no red
* SOCKS5Server: Remove redundant, commented out line from my previous findbugs
2013-12-19 zzz
* NetDB: Fixes for ExpireRoutersJob
- Don't expire if too few routers
- Don't expire if net is disconnected
- Don't run in VMCommSystem
2013-12-15 zzz
* EepGet: Allow override of the User-Agent
* i2psnark: Set User-Agent
2013-12-14 zzz
* NetDB:
- Just before midnight, flood to new location too so lookups
don't fail after keyspace rotation (ticket #510)
- Refactor RoutingKeyGenerator and UpdateRoutingKeyModifierJob
in support of the above
2013-12-13 zzz
* i2ptunnel: Show destination for persistent client key only if available;
show b32 for the key as well
* NetDB:
- Increase new kad size to K=24, B=4
- Fix router count by counting in the data store, not the kbuckets
- Randomize the order we load router infos at startup so we
don't bias the kbuckets
3314
3315
3316
3317
3318
3319
3320
3321
3322
3323
3324
3325
3326
3327
3328
3329
3330
3331
3332
3333
3334
3335
3336
3337
3338
3339
3340
3341
3342
3343
3344
3345
3346
3347
3348
3349
3350
3351
3352
2013-12-10 zzz
Prop from i2p.i2p.zzz.test2:
* Config files: Allow empty values
* Data: Deprecate Signature.FAKE_SIGNATURE
* GeoIP: Thread the periodic lookup so it doesn't clog the timer queue
* I2CP router-side: Disconnect client on attempt to publish invalid leaseset
* i2psnark:
- Make a set of the default trackers so the config array
can be private and the lookup for the form is more efficient.
- Disable streaming pings (ticket #1142)
* i2ptunnel: Disable streaming pings for clients (ticket #1142)
* i2ptunnel IRC client: Do not filter server PING or client PONG (ticket #1141)
* Jetty 7.6.14.v20131031
* PeerManager: Thread the periodic reorg so it doesn't clog the timer queue
* PrivateKeyFile: Fix ISE (ticket #1145)
* Startup: Wait a while and recheck if a recent ping file is there,
so that a crashed router doesn't prevent a restart (ticket #633)
* Transport: Reduce target connections from 60% to 45% of limit
to improve network capacity. Apparent problems with lower limits were
actually due to unrelated bugs, fixed in 0.9.8.1-22.
* Translations:
- Add support for country variants (ticket #1133)
- Refactor data in ConfigUIHelper
* UDP PeerState: findbugs volatile/atomic/synch
Prop from i2p.i2p.zzz.netdbkad:
* NetDB:
- Move net.i2p.kademlia package from i2psnark to core, and convert
netdb to use it.
- Delete old implementation in netdb
- Fixups in netdb for generics
- Add debug output to /debug
* Kad unit tests:
- Move KBucketSetTest to new directory
- Fix testSelf() as new implementation will never include myself
- Delete KBucketImplTest, not applicable/useful now
- Port KBSTest from i2p.zzz.kademlia branch
- Fix RandomTrimmer so it always returns true, so it may be used
as the trimmer in the unit tests
2013-12-04 zzz
i2psnark: Fix ConnectionAcceptor not restarting after tunnel
restart, preventing incoming connections
2013-12-01 kytv
* Update geoip.txt based on Maxmind GeoLite Country database from 2013-11-05.
* French, Italian, Romanian, Spanish, and Swedish translation updates from transifex
2013-11-28 dg
* I2PTunnel: Don't send 'X-Powered-By' on HTTP server tunnels for anonymity reasons.
2013-11-25 str4d
* Reseed: Listen to "Require SSL" config option
2013-11-23 zzz
* i2ptunnel: Clean up old timer threads
2013-11-23 str4d
* susimail: Fix NPE when deleting last message (ticket #414)
2013-11-19 kytv
* Translation updates and start of Japanese translation pulled from Transifex
2013-11-14 kytv
* Update Java Service Wrapper to v3.5.22
- Windows: Self-compiled with VS2010 in Windows 7. The icon has been
changed from Tanuki's default to Itoopie.
- Linux ARMv6: Compiled on a RaspberryPi using gcc 4.6.3-14+rpi1,
Icedtea6 6b27-1.12.5-1+rpi1 and stripped
- All other binaries are from the "community edition" deltapack offered by
Tanuki.
2013-11-14 zzz
* Tunnels: Fix reception of encrypted responses to LS lookups (ticket #1125)
2013-11-07 zzz
* i2psnark: Fix file links, broken in -12 (ticket #1114)
* Logging: Track duplicates across flush interval (ticket #1110)
* NetDB: Fix RI publish interval, broken in -7
2013-11-03 zzz
* NetDB: Allow store of leaseset as long as one lease has not expired
* Transport:
- Expire wasUnreachable entries, so inbound tunnel build failures
don't escalate
- Add network status to event log
2013-11-01 zzz
* Transport: Fix GeoIPv6 (ticket #1096)
2013-10-31 zzz
* i2psnark: Always verify file lengths at startup (ticket #1099)
* Transports: Increase threshold for idle timeout reduction
(partially back out change from -10)
2013-10-29 dg
* i2psnark: Start torrents by default (ticket #1072)
* i2psnark: Fix start and start-all buttons on text-mode browsers
and Opera (ticket #1093)
* InboundMessageDistributor:
- Don't discard an encrypted DSRM received
down a tunnel, just strip the hashes like we do for unencrypted
- Send a store of our own encrypted LS received down a tunnel to
the InNetMessagePool so the FloodfillVerifyStoreJob will see it.
* NetDB: Fix LS store verifies with encrypted replies
by storing the tagset with the correct SKM for the inbound tunnel used.
Broken since 0.9.7 when it was introduced.
* Tunnels:
- Build a new exploratory fallback tunnel in the BuildExecutor
loop if we run out.
- Don't use closest expl. tunnel as the paired tunnel for a build,
use a random one instead (partially back out change from -12)
2013-10-28 dg
* I2PTunnel: Enable persistent keying for SOCKS tunnels (ticket #1088)
2013-10-27 zzz
* Streaming; Fix crash caused by previous blacklist fix (ticket #1070)
* Profiles: Ensure we select random peers even before the first reorganization
* Streaming: Randomize end of first conn limit period
* Tunnels:
- Don't use fallback expl. tunnels as the paired tunnel
for a client tunnel build.
- Fix selection of an expl. tunnel close to a hash
* Streaming:
- Check blacklist/whitelist before connection limits, so
a blacklisted peer does not increment the counters
- Don't increment total throttle if peer is throttled
- Fix blacklist NPE after config change (ticket #1070)
* Transports: Reduce connection idle time sooner
* i2psnark: Drop incoming connections on HTTP port
* I2PTunnel: Don't let uncaught exception kill server acceptor (ticket #1070)
* I2PTunnel standard, HTTP, and IRC servers:
Route connections to specific targets based on incoming I2P port
with custom option targetForPort.xxxx=myserver:yyyy
This allows multiple services on a single server tunnel (ticket #1066)
* I2PTunnel standard and IRC clients:
- Allow host:port targets; set defaults in i2ptunnel.config (ticket #1066)
- Don't fail start if hostname is unresolvable; retry at connect time (ticket #946)
- Output IRC message on connect exception
- Update target list on-the-fly when configuration changes
* NetDB:
- Increase RI publish interval to reduce the connection load on ffs
- Save RI-last-published time; check it before publishing
2013-10-19 zzz
* NetDB:
- Reinstate ExpireRoutersJob
- Reduce min part. tunnels for floodfill
- Reduce floodfill redundancy
2013-10-17 zzz
* I2CP: Move SSL client socket code to util,
move cert location to certificates/i2cp.
* I2PTunnel: Support SSL for connection to local server
for Standard, HTTP, and IRC server tunnels.
Put server cert in certificates/i2ptunnel if necessary.
* Streaming: Throw IOE if socket is closed (ticket #1077)
2013-10-14 kytv
* French translation updates from Transifex
2013-10-14 zzz
* Translations: Move country names to a new resource bundle
3497
3498
3499
3500
3501
3502
3503
3504
3505
3506
3507
3508
3509
3510
3511
3512
3513
3514
3515
3516
3517
3518
3519
3520
3521
3522
3523
Prop from branch i2p.i2p.zzz.test2:
* Console:
- Implement webapp state detection and stop button for webapps
on /configclients (Ticket #1025)
- Set per-connector acceptors back to 1, Jetty default changed to 2?
- Tag strings on /jobs (ticket #969)
* Data Structures:
- Make Destination and RouterIdentity keys and cert immutable
- Add Destination cache
* i2psnark:
- Combine getPeers and announce into a single method, as we must announce to
the closest from the getPeers, not the closest from the kbuckets
- Stop getPeers when nothing closer is found
- Increase DHT dest lookup, search timeouts, and max search depth
- Loop tracker client faster when in magnet mode or if DHT announce fails
- Don't return an empty peers list in DHT if we only know about the requestor
- Refactor Storage file data structures
- Sort files when creating torrents
- Add torrent auto-stop support; enable for update file
- Add tunnel auto-close when no torrents are running
- Close socket before closing output stream to avoid blocking in
Peer.disconnect(), and prevent Peer.disconnect() loop
* I2PTunnelHTTPServer: Don't thread a receiver for GET or HEAD
* Jetty 7.6.13.v20130916
* Logging:
- Require strict match of class name component
- parseLimits() cleanup
* SSU: More efficient InboundMessageState
3525
3526
3527
3528
3529
3530
3531
3532
3533
3534
3535
3536
3537
3538
3539
3540
3541
3542
3543
3544
3545
3546
3547
3548
3549
3550
3551
3552
3553
3554
3555
3556
3557
3558
3559
3560
3561
3562
3563
3564
3565
3566
3567
3568
3569
3570
3571
3572
3573
3574
3575
3576
* Streaming:
- Fix active stream counting so it doesn't count streams
that are closed and in TIME-WAIT state. Also, break out of the
counting loop as soon as we know the answer. (Ticket #1039)
- Consolidate scheduling of DisconnectEvent, and ensure
we only do it once. (Ticket #1041)
- Atomics for close/reset send/receive
so we only do things once. (Ticket #1041)
- Remove setCloseReceivedOn(), unused outside Connection
- OR the isFlagSet parameter instead of multiple calls
- Remove acked packets from _outboundPackets inside synced iterator
- Short-circuit _outboundPackets iterator if empty
- Small optimization if not logging in ConnectionPacketHandler
- Stub out processing of close ack (ticket #1042)
- Don't queue a message for an unknown connection on the SYN queue
if it has a send ID set, it must be for a recently closed connection
- Major rework of connection disconnect process. Tickets 1040-1042.
- Prevent multiple calls or reentrancy in disconnect() (ticket #1041)
- Implement processing of close to skip TIME-WAIT, and
wait for all packets to be acked (not just the CLOSE) before
doing so, if possible (ticket #1042)
- Don't call disconnect() or disconnectComplete() from I2PSocketFull.destroy()
so retransmissions and acks can still happen (removes some close loops)
- Don't call disconnect() until we have both sent and received a CLOSE (ticket #1040)
- Don't reset the connection from CPH just because we sent a CLOSE
and it was acked (ticket #1040)
- Ack packets even if we sent a CLOSE (ticket #1040)
- Retransmit CLOSE if not acked (ticket #1040)
- Send received packets to the MessageInputStream even if we haven't received a SYN
- Don't call MessageInputStream.messageReceived() for ack-only packets, that was pointless
- Don't send a RESET after timeout of an outbound connection
- Work around bugs on other end by limiting retransmission of CLOSE packets
- Make I2PSocketFull.close() nonblocking; it will now cause any user-side
writes blocked in I/O (Connection.packetSendChoke()) to throw
an exception (tickets #629, #1041)
- Don't ignore InterruptedExceptions; throw InterruptedIOException
- MessageInputStream locking fixes
- Make _isInbound final
- More cleanups, javadocs, log tweaks
* Transport: Treat more IPs as local
- 25/8 Hamachi (moved from 5/8 Nov. 2012)
- 2620:9b::/32 Hamachi
- 3ffc::/16 6bone
- 2001:db8::/32 example (RFC 3849)
- 0::/8 Includes IPv4 compatibility addresses ::xxxx:xxxx
* Update:
- Support notification of updates that cannot be downloaded
due to "constraints". Add constraint checks for java version,
router version, configuration, and base permissions. (ticket #1024)
- Thread news fetcher so it doesn't clog the scheduler
* Watchdog: Format messages better
3577
3578
3579
3580
3581
3582
3583
3584
3585
3586
3587
3588
3589
3590
3591
3592
3593
3594
3595
3596
3597
3598
3599
3600
3601
3602
3603
3604
3605
3606
3607
3608
3609
3610
3611
3612
3613
3614
3615
3616
3617
3618
3619
3620
3621
3622
3623
3624
3625
3626
3627
3628
3629
3630
3631
3632
3633
3634
3635
3636
3637
3638
3639
3640
3641
3642
3643
3644
3645
3646
3647
3648
3649
3650
3651
3652
3653
3654
3655
3656
3657
3658
3659
3660
3661
3662
3663
3664
3665
3666
3667
3668
2013-10-06 zzz
Prop from branch i2p.i2p.zzz.ecdsa:
* Build:
- Generate su3 file in release target
- Add zzz's new RSA 4096 pubkey cert for updates
- Fix checkcerts.sh
* Console: Move advanced setting to HelperBase
* DSAEngine changes:
- Implement raw sign/verify for other SigTypes
- Add sign/verify methods using Java keys
* ECDSA Support:
- Add ECConstants which looks for named curves and falls back to
explicitly defining the curves
- Add support for ECDSA to SigType, DSAEngine and KeyGenerator
- Attempt to add BC as a Provider
- genSpec: fallback to BC provider
* EepGet:
- Fix non-proxied PartialEepGet
- Prevent non-proxied eepget for an I2P host
* KeyGenerator changes:
- Generate key pairs for all supported SigTypes
- KeyPairGen: Catch ProviderException, fallback to BC provider
- Add KeyGenerator main() tests
* KeyRing and DirKeyRing added: simple backend for storing X.509 certs
* KeyStoreUtil added:
- Consolidate KeyStore code from SSLEepGet, I2CPSSLSocketFactory,
SSLClientListenerRunner, and RouterConsoleRunner into new
KeyStoreUtil and CertUtil classes in net.i2p.crypto (ticket #744)
- Change default to RSA 2048 (ticket #1017)
- Set file modes on written keys
- Overwrite check in createKeys()
- New getCert(), getKey()
- Extend keygen max wait
- Read back private key to verify after keygen
- Validate cert after reading from file
- Validate CN in cert
- Specify cert signature algorithm when generating keys
* NativeBigInteger: Tweak to prevent early context instantiation
* RSA support added: constants, parameters, sig types, support in DSAEngine, KeyGenerator, SigUtil
* SHA1Hash: Add no-arg constructor
* SigType changes:
- Add parameters (curve specs) to SigTypes
- Add getHashInstance()
- Add RSA, fix ECDSA
- Renumber, rename, comment out types that are too short.
* SigUtil added:
- Converters from Java formats (ASN.1, X.509, PKCS#8)
to I2P formats for Signatures and SigningKeys
- Move ASN.1 converter from DSAEngine to SigUtil, generalize
for variable length, add support for longer sequences,
add more sanity checks, add more exceptions
- Move I2P-to-Java DSA key conversion from DSAEngine to SigUtil
- Add Java-to-I2P DSA key conversion
- Add Java key import
- New split() and combine() methods
* SSLEepGet: Move all certificates to certificates/ssl, in preparation
for other certificate uses by SU3File
* SU3File changes:
- Support all SigTypes
- Implement keygen
- Readahead to get sigtype on verify, as we need the hash type
- Enum for content type
- Add unknown content type, make default
- Fix NPE if private key not found or sign fails
- Store generated keys in keystore, and get private key from keystore
for signing, in Java format
- Use Java keys to sign and verify so we don't
lose the key parameters in the conversion to I2P keys
- Type checking of Java private key vs. type when signing
- Use certs instead of public keys for verification
- Fix arg processing
- Improve validate-without-extract
- New extract command
- Change static fields to avoid early context init
- Reduce PRNG buffer size for faster signing
* Update: Preliminary work for su3 router updates:
- New ROUTER_SIGNED_SU3 UpdateType
- Add support for torrent and HTTP
- Refactor UpdateRunners to return actual UpdateType
- Deal with signed/su3 conflicts
- Verify and extract su3 files.
- Stub out support for clearnet su3 updating
- New config for proxying news, separate from proxying update
- PartialEepGet and SSLEepGet tweaks to support clearnet update
- Remove proxy, key, and url config from /configupdate
- More URI checks in UpdateRunner
- Add https support for news fetch
- Add su3 mime type
- Reset found version in update loop so we don't fetch from
the next host too.
- Prevent NPE on version after SSL fetch
2013-10-01 zzz
* Startup: Fix rekeying on Windows (tickets #1056, 1057)
2013-09-26 kytv
* French, German, Russian, and Swedish translation updates from Transifex
* Update geoip.txt based on Maxmind GeoLite Country database from 2013-09-03
2013-09-23 zzz
* Console: Add /proof page which can copied to prove you run a router
* Chinese, French, German, Russian, and Swedish translation updates from
Transifex
* Revert expl. default back to 2 hops, wait for next release
2013-09-07 zzz
* Crypto: Don't use "short exponent" on faster platforms.
Rebuild router identity if key length doesn't match setting.
2013-09-03 zzz
* configui: Change pw restart warning to error so people dont miss it
* Data: deprecate most of LeaseSetKeys
* i2ptunnel: Reduce buffer size and use cache in HTTPServer
* Jetty: Increase maxIdleTime
* profiles: use different sort for floodfill profiles display
* Utils: Consolidate maxMemory() calls
2013-08-31 zab
* Streaming: Use only non-retransmitted packets when sampling RTT
* Addressbook: Don't write to log file on Android (ticket #859)
* Addresses: Treat Teredo addresses 2001:0::/32 as local
* Console: Display "accepting tunnels" instead of "rejecting tunnels"
after 20 minutes (ticket #902)
* i2psnark: Highlight table rows on hover
* NTCP: Handle race where peer's NTCP address goes away
* SSU, confignet: Add support for specifiying multiple addresses
* SusiDNS: Don't require last subscription to be terminated by newline (ticket #1000)
2013-08-11 kytv
* Update Java Service Wrapper to v3.5.20
- Windows: Self-compiled with VS2010 in Windows 7. The icon has been
changed from Tanuki's default to Itoopie.
- Linux ARMv6: Compiled on a RaspberryPi using gcc 4.6.3-14+rpi1,
Icedtea6 6b27-1.12.5-1+rpi1 and stripped
- All other binaries are from the "community edition" deltapack offered by
Tanuki.
* Translations
- French, Portugeuse, Russian, Spanish, and Turkish updates from Transifex
- Start of Romanian translation from Transifex
2013-08-11 zab
* Streaming:
- reduce initial ack delay 2000->1000
- rework the logic of acking duplicate packets
* Prop from i2p.i2p.0971
* Update:
- New update hosts, thanks Meeh and dg
- Increase update-via-torrent to 30%
* i2psnark: Increase max piece size to 4 MB (ticket #993)
* Tunnels: Extend local expiration of IB tunnels, to allow for
more clock skew and not drop valid messages at their destination
* Signatures:
- Prep for new signature algorithms; new SigType enum;
Signature, SigningPublicKey, SigningPrivateKey store type
- New Hash384 and Hash512 classes
- Remove length field in SimpleDataStructure
- New SU3File generator/verifier/extractor
* Addresses: Treat RFC 4193 addresses fc00::/7 as local
* NetDB: Disable RI verifies for now
* Transports:
- Fix IPv6-only option 2nd try
- Treat RFC 4193 addresses fc00::/7 as local
* Transports:
- Prefer IPv6 by default
- Fix IPv6-only option
- Don't try NTCP IPv6 addresses unless we have one
- Fix non-%16 SSU padding; enable by default
* Tunnels:
- Make expl. default 3 hops (ticket #966)
- Allow expl. fallback up to -2 hops
* UPnP:
- main() tweaks for debugging
- Fix for devices that return base URLs with trailing '/' (ticket #986)
* BuildReplyHandler:
- Make non-static
- Don't pollute Hash cache with build response record hashes
- Use SimpleByteCache
- cleanups
* HashComparator:
- Don't pollute Hash cache with hashes
- cleanups
* I2CP:
- Don't NPE when loglevel=warn
- Don't enforce property length limits when inside router JVM
* I2PSnark: Log uncaught error in ThreadedStarter to router log
* I2PThread: Log uncaught error to wrapper log
3801
3802
3803
3804
3805
3806
3807
3808
3809
3810
3811
3812
3813
3814
3815
3816
3817
3818
3819
3820
3821
3822
3823
3824
3825
3826
3827
3828
3829
3830
3831
3832
3833
3834
3835
3836
3837
3838
3839
3840
3841
3842
3843
3844
3845
3846
3847
3848
3849
3850
3851
3852
3853
3854
3855
3856
3857
3858
3859
3860
3861
3862
3863
3864
3865
3866
3867
3868
3869
3870
3871
3872
3873
3874
3875
3876
3877
3878
3879
3880
3881
3882
3883
3884
3885
3886
3887
3888
3889
3890
3891
3892
3893
3894
3895
3896
3897
3898
3899
3900
3901
3902
3903
3904
3905
3906
3907
3908
3909
3910
3911
3912
3913
3914
3915
3916
3917
3918
3919
3920
3921
3922
3923
Prop from i2p.i2p.zzz.ipv6:
* Addresses:
- blocklist 192.88.88.0/24 6to4 anycast
- invalidate 2002::/16
- Strip scope from returned IPv6 addresses
* Blocklist:
- Add IPv6 in-memory single list
- Limit in-memory single list size
- Fix dup check in getAddresses()
* CSFI: Pass TransportManager instead of CSFI to GetBidsJob; remove unused methods
* Console:
- Add IPv6 column on /peers
- Other minor /peers cleanup
* FloodfillPeerSelector, ProfileOrganizer: Use 8 bytes for IPv6 check
* GeoIP:
- Use cached IP in RouterAddresses
- Use both NTCP and SSU addresses
* GeoIPv6:
- Handle gzipped input data in merge tool
- Add script to generate compressed data
- Add local additions
- Add compressed data file, generated from Maxmind data fetched 2013-05-24
- Include data in installer and updater
- Update Maxmind license info, now CC-SA 3.0
- Enable GeoIPv6 lookup in CSFI
* NetDb:
- Add floodfillEnabled() to NetworkDatabaseFacade so callers don't
have to cast to FNDF, and Dummy NDF will work
- Remove static FNDF.floodfillEnabled()
* NTCP:
- Move SSU address notification handling from CSFI to NTCPTransport
- Drop NTCPAddress, just use RouterAddress
- Drop _myAddress field, use super's currentAddress
- Bad bind config not fatal
- Fix publishing address when host specified but interface is not
- Republish even if only changing cost
* PacketPusher: Minor optimization
* Peer tests:
- Use only IPv4 peer for Alice and Bob in peer tests; Charlie may be an IPv6 peer.
- Enforce IPv4 (Alice's) address inside PeerTest packet
* RouterAddress and RouterInfo toString() cleanups; don't cache RI in _stringified
* RouterAddress:
- hashCode/equals tweaks
- Add new constructor
- Add add getHost() and deepEquals()
- Compare host string, not IP, in equals()
- Deprecate some setters
- Add warning about setCost()
- Change cost storage from int to short
- Cost range checks
* RouterContext: Fix disabling client manager with i2p.dummyClientFacade=true
* SSU:
- Change from single UDPEndpoint to a List of UDPEndpoints
- Move (single) receive queue from UDPReceiver to PacketHandler
- Multiple transmit queues (one for each UDPEndpoint/UDPSender),
select queue in PacketPusher
- Throw exception on UDPEndpoint.startup() failure
- Remove all _external* fields; use _currentAddresses in super
- Big rework of externalAddressReceived(), rebuildExternalAddress(),
needsRebuild(), and replaceAddress() for multiple addresses and IPv6
- Add caching in UDPAddress
- More IPv6 flavors of utility methods
- Remove two-arg replaceAddress()
- Fixes for i2np.udp.allowLocal, log tweaks, sender/receiver thread name tweaks
- Handle IPv6 in too-close checks
- IPv6 SSU MTU adjustments
- Hash IPv6 addresses in IPThrottler
* SSU Introduction:
- Document that Alice-Bob RelayRequest/RelayResponse may be IPv4 or IPv6,
but don't implement IPv6 yet.
Changes required in IntroductionManager and PacketBuilder to send Alice's
IPv4 address in the RelayRequest packet over IPv6, and to publish
IPv6 introducer IPs.
- Bob-Charlie RelayIntro must be IPv4
- Only offer/accept relay tags as Bob or Charlie if the Bob-Charlie session is IPv4
- Alice-Charlie communication must be IPv4
* SSUDemo:
- Configuration fixes, delete RI on exit, log tweaks, cleanups
- Use IPv6; don't use System properties
- Adapt for NTCP testing too
* Tests:
- New buildTest and prepTest targets
- Fix UDPEndpoint usage in unit tests: Restore receive(); Handle null UDPTransport
- Fix UDPEndpointTestStandalone: init context; Add unit test buildPacket() method to PacketBuilder;
Fix NPE in MessageHistory
* Transports:
- Add new TransportUtil for getting/setting IPv6 config
- Prep for supporting multiple RouterAddresses per-transport
- Prep for multiple address discovery
- Fix multiple-detection code in externalAddressReceived()
- Synchronize tracking of last IP/port
- Don't accept IPv6 address changes from peers
- Remove unused getLocalAddress()
- Pkg private getLocalPort()
- Start transports in a standard order to make testing easier
- When transports learn of interface addresses before being started, save them
and use them at startup
- Pick SSU random port before startListening() and have the TransportManager
pass it to NTCP before starting
- Only restart NTCP after changing addresses when necessary;
prevent thrashing at startup (ticket #459)
- Always bind NTCP if we have port; not just when not firewalled
- Only call rebuildRouterInfo() once at startup
- More checking of min/max SSU port config
- Invalid SSU bind config no longer fatal
- Allow "true" for ipv6 config
- SSU fixes for per-address and IPv6 MTU
- MTU.main() print all interfaces
- Add i2np.disable property for testing
* Transports:
- Sort multiple peer addresses by cost, with adjustment for local IPv6 preference
- Add default IPv6Config for ease of changing later
- Only treat IPv6 addresses as valid if we have a public IPv6 address
* Tunnel GW pumper: Limit threads when testing
* UDPAddress:
- Reduce object churn, check intro key length,
don't look for ihost3, reject ports < 1024, cleanups
- Remove dependency in console; make package private
* UPnP:
- Fix UPnP address received before startListening(), broken by isAlive() check
- Pass device IP back in forward port callback
- Only declare success if forwarded IP is public
3926
3927
3928
3929
3930
3931
3932
3933
3934
3935
3936
3937
3938
3939
3940
3941
3942
3943
3944
3945
3946
3947
3948
3949
3950
3951
3952
3953
3954
3955
3956
3957
3958
3959
3960
3961
* DHSessionKeyBuilder: Fix for session and mac keys if DH key is between 32 and 63 bytes.
Was: NPE. Now: mac key is hash of session key. Won't ever happen. (Ticket #963)
* I2CP/I2PTunnel locking fixes (partial fixes for tickets 650. 722, 815, 946, 947, 953):
- I2PSocketManagerFactory: New createDisconnectedManager(), javadocs
- I2PSessionImpl: Rewrite state management and locking, prevent multiple
connect() calls, but allow disconnect() to interrupt connect()
- I2PSimpleSession: Changes to match I2PSessionImpl
- I2PTunnelServer: Don't connect in constructor, use createDisconnectedManager()
for a final manager, finals and cleanups
* ClientManager:
- Make classes extensible for router-side test stubs
- Add router-side local-only test implementation, no full router required.
Only tested with external clients, probably doesn't work in-JVM.
- Don't start threads in ClientManager constructor
- Remove unused Reader param in ClientMessageEventListener methods
- Cleanups, volatiles, finals, javadocs
* Translations:
- New varargs method in Translate
- New TranslateReader to translate static files on-the-fly using _("") tagging
- Tag proxy error pages for TranslateReader
- Drop static translated proxy error pages
- Add new i2ptunnel bundle for the proxy alone, shipped in the jar.
- Use TranslateReader in HTTP proxy for error pages
- Move HTTP proxy strings from the web (war) to proxy (jar) bundle so they will be loaded
Fixes translations for the lower half of the proxy pages that weren't accessible in the war.
- Initial translations created by msgmerge from i2ptunnel and routerconsole po files, un-fuzzied
- Tag initialNews.xml for TranslateReader
- Drop static translated initialNews pages
- Add new routerconsole bundle for the news alone, shipped in the jar
- Use TranslateReader in HTTP proxy for initial news
- Initial translations created manually from translated xml filesx
- Add translated proxy error pages and initial news to deletelist.txt
* Transports: Consolidate translation methods in TransportImpl;
ngettext fix for "peers" string
* PRNG:
- Don't delay the refiller if we need more (don't limit max output)
- Add FortunaRandomSource.main() to output to stdout for testing e.g. with dieharder
* Streaming:
- initialize streaming RTT from sample, trac #979, RFC 6298
- store rttDev in TCBCache
2013-07-11 kytv
* Chinese, Russian, Spanish, and Turkish updates from Transifex
* Update geoip.txt based on Maxmind GeoLite Country database from 2013-07-02
2013-07-11 str4d
* susimail: Improvements to layout in mobile browsers
2013-07-06 zzz
* TunnelPool: Don't reuse peers for exploratory tunnels
2013-07-04 zzz
* Streaming:
- Don't stop timers when session disconnects (tickets #644, #810)
- Throw exception on attempt to use destroyed socket manager
* Console: Hide dead tunnel pools on /tunnels
* Updater: Fix plugin update checker (ticket #897)
* Utils: Reduce logging in wrapper log when extracting zip files