2005-09-17 jrandom
* Clean up syndie a bit more and bundle a default introductory post with
both new installs and updates.
* Typo fixes on the console (thanks bar!)
* Updated the bandwidth limiter to use two tiers of bandwidth - our normal
steady state rate, plus a new limit on how fast we transfer when
bursting. This is different from the old "burst as fast as possible
until we're out of tokens" policy, and should help those with congested
networks. See /config.jsp to manage this rate.
* Bugfixes in Syndie to handle missing cache files (no data was lost, the
old posts just didn't show up).
* Log properly in EepPost
* Added the natively compiled jbigi and patched java service wrapper for
OS X. Thanks Bill Dorsey for letting me use your machine!
* Don't build i2p.exe or i2pinstall.exe when run on OS X machines, as we
don't bundle the binutils necessary (and there'd be a naming conflict
if we did).
* Added 'single user' functionality to syndie - if the single user
checkbox on the admin page is checked, all users are allowed to control
the instance and sync up with remote syndie nodes.
* Temporarily disable the x-i2p-gzip in i2ptunnel until it is more closely
debugged.
* Adjust I2PTunnelHTTPServer so it can be used for outproxy operators
(just specify the spoofed host as an empty string), allowing them to
honor x-i2p-gzip encoding.
* Let windows users build the exes too (thanks bar and redzara!)
* Allow I2PTunnel httpserver operators to disable gzip compression on
individual tunnels with the i2ptunnel.gzip=false client option
(good idea susi!)
* Added the i2p.exe and i2pinstall.exe for windows users, using launch4j.
* Added runplain.sh for *nix/osx users having problems using the java
service wrapper (called from the install dir as: sh runplain.sh)
* Bundle susidns and syndie, with links on the top nav
* Have I2PTunnelHTTPClient and I2PTunnelHTTPServer use the x-i2p-gzip
content-encoding (if offered), reducing the payload size before it
reaches the streaming lib. The existing compression is at the i2cp
level, so we've been packetizing 4KB of uncompressed data and then
compressing those messages, rather than compressing and then packetizing
4KB of compressed data. This should reduce the number of round trips
to fetch web pages substantially.
* Adjust the startup and timing of the addressbook so that susidns always
has config to work off, and expose a method for susidns to tell it to
reload its config and rerun.
* More careful error handling with introductions (thanks dust!)
* Fix the forceIntroducers checkbox on config.jsp (thanks Complication!)
* Hide the shitlist on the summary so it doesn't confuse new users.
* Removed guaranteed delivery mode entirely (so existing i2phex clients
using it can get the benefits of mode=best_effort). Guaranteed delivery
is offered at the streaming lib level.
* Improve the peer selection code for peer testing, as everyone now
supports tests.
* Give the watchdog its fangs - if it detects obscene job lag or if
clients have been unable to get a leaseSet for more than 5 minutes,
restart the router. This was disabled a year ago due to spurious
restarts, and can be disabled by "watchdog.haltOnHang=false", but the
cause of the spurious restarts should be gone.
* More aggressively publish updated routerInfo.
* Expose the flag to force SSU introductions on the router console
* Don't give people the option to disable SNTP time sync, at least not
through the router console, because there is no reason to disable it.
No, not even if your OS is "ntp synced", because chances are, its not.
* Test the router's reachability earlier and more aggressively
* Use the low level bandwidth limiter's rates for the router console, and
if the router has net.i2p.router.transport.FIFOBandwidthLimiter=INFO in
the logger config, keep track of the 1 second transfer rates as the stat
'bw.sendBps1s' and 'bw.recvBps1s', allowing closer monitoring of burst
behavior.
* Added preliminary support for NAT hole punching through SSU introducers
* Honor peer test results from peers that we have an SSU session with if
those sessions are idle for 3 minutes or more.
* HTML cleanup for the router console (thanks!)
2005-09-07 jrandom
* Lay the foundation for 'client routers' - the ability for peers to opt
out of participating in tunnels entirely due to firewall/NAT issues.
Individual routers have control over where those peers are used in
tunnels - in outbound or inbound, exploratory or client tunnels, or
none at all. The defaults with this build are to simply act as before -
placing everyone as potential participants in any tunnel.
* Another part of the foundation includes the option for netDb
participants to refuse to answer queries regarding peers who are marked
as unreachable, though this too is disabled by default (meaning the
routerInfo is retrievable from the netDb).
* Don't persist peer profiles until we are shutting down, as the
persistence process gobbles RAM and wall time.
* Bugfix to allow you to check/uncheck the sharedClient setting on the
I2PTunnel web interface.
* Be more careful when expiring a failed tunnel message fragment so we
don't drop the data while attempting to read it.
* Don't publish leaseSets to the netDb if they will never be looked for -
namely, if they are for destinations that only establish outbound
streams. I2PTunnel's 'client' and 'httpclient' proxies have been
modified to tell the router that it doesn't need to publish their
leaseSet (by setting the I2CP config option 'i2cp.dontPublishLeaseSet'
to 'true').
* Don't publish the top 10 peer rankings of each router in the netdb, as
it isn't being watched right now.
* Minor logging and optimization tweaks in the router and SDK
* Use ISO-8859-1 in the XML files (thanks redzara!)
* The consolePassword config property can now be used to bypass the router
console's nonce checking, allowing CLI restarts
* Catch errors with corrupt tunnel messages more gracefully (no need to
kill the thread and cause an OOM...)
* Don't skip shitlisted peers for netDb store messages, as they aren't
necessarily shitlisted by other people (though they probably are).
* Adjust the netDb store per-peer timeout based on each particular peer's
profile (timeout = 4x their average netDb store response time)
* Don't republish leaseSets to *failed* peers - send them to peers who
replied but just didn't know the value.
* Set a 5 second timeout on the I2PTunnelHTTPServer reading the client's
HTTP headers, rather than blocking indefinitely. HTTP headers should be
sent entirely within the first streaming packet anyway, so this won't be
a problem.
* Don't use the I2PTunnel*Server handler thread pool by default, as it may
prevent any clients from accessing the server if the handlers get
blocked by the streaming lib or other issues.
* Don't overwrite a known status (OK/ERR-Reject/ERR-SymmetricNAT) with
Unknown.
* Removed the concept of "no bandwidth limit" - if none is specified, its
16KBps in/out.
* Include ack packets in the per-peer cwin throttle (they were part of the
bandwidth limit though).
* Tweak the SSU cwin operation to get more accurrate estimates under
congestions.
* SSU improvements to resend more efficiently.
* Added a basic scheduler to eepget to fetch multiple files sequentially.
* Revise the SSU peer testing protocol so that Bob verifies Charlie's
viability before agreeing to Alice's request. This doesn't work with
older SSU peer test builds, but is backwards compatible (older nodes
won't ask newer nodes to participate in tests, and newer nodes won't
ask older nodes to either).
* Keep detailed stats on the peer testing, publishing the results in the
netDb.
* Don't overwrite the status with 'unknown' unless we haven't had a valid
status in a while.
* Make sure to avoid shitlisted peers for peer testing.
* When we get an unknown result to a peer test, try again soon afterwards.
* When a peer tells us that our address is different from what we expect,
if we've done a recent peer test with a result of OK, fire off a peer
test to make sure our IP/port is still valid. If our test is old or the
result was not OK, accept their suggestion, but queue up a peer test for
later.
* Don't try to do a netDb store to a shitlisted peer, and adjust the way
we monitor netDb store progress (to clear up the high netDb.storePeers
stat)
* Deployed the peer testing implementation to be run every few minutes on
each router, as well as any time the user requests a test manually. The
tests do not reconfigure the ports at the moment, merely determine under
what conditions the local router is reachable. The status shown in the
top left will be "ERR-SymmetricNAT" if the user's IP and port show up
differently for different peers, "ERR-Reject" if the router cannot
receive unsolicited packets or the peer helping test could not find a
collaborator, "Unknown" if the test has not been run or the test
participants were unreachable, or "OK" if the router can receive
unsolicited connections and those connections use the same IP and port.
* Add a configurable throttle to the number of concurrent outbound SSU
connection negotiations (via i2np.udp.maxConcurrentEstablish=4). This
may help those with slow connections to get integrated at the start.
* Further fixlets to the streaming lib
* Display the average clock skew for both SSU and TCP connections
2005-08-07 jrandom
* Fixed the long standing streaming lib bug where we could lose the first
packet on retransmission.
* Avoid an NPE when a message expires on the SSU queue.
* Adjust the streaming lib's window growth factor with an additional
Vegas-esque congestion detection algorithm.
* Removed an unnecessary SSU session drop
* Reduced the MTU (until we get a working PMTU lib)
* Deferr tunnel acceptance until we know how to reach the next hop,
rejecting it if we can't find them in time.
* If our netDb store of our leaseSet fails, give it a few seconds before
republishing.
* Fix an addressbook NPE when a new hostname from the master addressbook
didn't exist in the router addressbook.
* Fix an addressbook bug which caused subscriptions not to be parsed at
all. (Oops!)
* Adjust the netDb search and store per peer timeouts to match the average
measured per peer success times, rather than huge fixed values.
* Optimized and reverified the netDb peer selection / retrieval process
within the kbuckets.
* Drop TCP connections that don't have any useful activity in 10 minutes.
* If i2np.udp.fixedPort=true, never change the externally published port,
even if we are autodetecting the IP address.
(also includes most of the new peer/NAT testing, but thats not used atm)
2005-07-27 jrandom
* Enabled SSU as the default top priority transport, adjusting the
config.jsp page accordingly.
* Add verification fields to the SSU and TCP connection negotiation (not
compatible with previous builds)
* Enable the backwards incompatible tunnel crypto change as documented in
tunnel-alt.html (have each hop encrypt the received IV before using it,
then encrypt it again before sending it on)
* Disable the I2CP encryption, leaving in place the end to end garlic
encryption (another backwards incompatible change)
* Adjust the protocol versions on the TCP and SSU transports so that they
won't talk to older routers.
* Fix up the config stats handling again
* Fix a rare off-by-one in the SSU fragmentation
* Reduce some unnecessary netDb resending by inluding the peers queried
successfully in the store redundancy count.
* Fix in the SDK for a bug which would manifest itself as misrouted
streaming packets when a destination has many concurrent streaming
connections (thanks duck!)
* No more "Graceful shutdown in -18140121441141s"
* Further preparation for removing I2CP crypto
* Added some validation to the DH key agreement (thanks $anon)
* Validate tunnel data message expirations (though not really a problem,
since tunnels expire)
* Minor PRNG threading cleanup
* Added workaround for an odd win32 bug in the stats configuration
console page which meant only the first checkbox selection was saved.
2005-07-15 Romster
* Added per group selection toggles in the stats configuration console
page.
* Fixed a recently injected bug in the multitransport bidding which had
allowed an essentially arbitrary choice of transports, rather than the
properly ordered choice.
(getLatency() != getLatencyMs(). duh)
* Fixed a long standing bug where we weren't properly comparing session
tags but instead largely depending upon comparing their hashCode,
causing intermittent decryption errors.
* Reduced the growth factor on the slow start and congestion avoidance for
the streaming lib.
* Adjusted some of the I2PTunnelServer threading to use a small pool of
handlers, rather than launching off new threads which then immediately
launch off an I2PTunnelRunner instance (which launches 3 more threads..)
* Don't persist session keys / session tags (not worth it, for now)
* Added some detection and handling code for duplicate session tags being
delivered (root cause still not addressed)
* Make the PRNG's buffer size configurable (via the config property
"i2p.prng.totalBufferSizeKB=4096")
* Disable SSU flooding by default (duh)
* Updates to the StreamSink apps for better throttling tests.
* Use a buffered PRNG, pulling the PRNG data off a larger precalculated
buffer, rather than the underlying PRNG's (likely small) one, which in
turn reduces the frequency of recalcing.
* More tuning to reduce temporary allocation churn
