* Minor logging and optimization tweaks in the router and SDK
* Use ISO-8859-1 in the XML files (thanks redzara!)
* The consolePassword config property can now be used to bypass the router
console's nonce checking, allowing CLI restarts
* Deployed the peer testing implementation to be run every few minutes on
each router, as well as any time the user requests a test manually. The
tests do not reconfigure the ports at the moment, merely determine under
what conditions the local router is reachable. The status shown in the
top left will be "ERR-SymmetricNAT" if the user's IP and port show up
differently for different peers, "ERR-Reject" if the router cannot
receive unsolicited packets or the peer helping test could not find a
collaborator, "Unknown" if the test has not been run or the test
participants were unreachable, or "OK" if the router can receive
unsolicited connections and those connections use the same IP and port.
2005-07-27 jrandom
* Enabled SSU as the default top priority transport, adjusting the
config.jsp page accordingly.
* Add verification fields to the SSU and TCP connection negotiation (not
compatible with previous builds)
* Enable the backwards incompatible tunnel crypto change as documented in
tunnel-alt.html (have each hop encrypt the received IV before using it,
then encrypt it again before sending it on)
* Disable the I2CP encryption, leaving in place the end to end garlic
encryption (another backwards incompatible change)
* Adjust the protocol versions on the TCP and SSU transports so that they
won't talk to older routers.
* Fix up the config stats handling again
* Fix a rare off-by-one in the SSU fragmentation
* Reduce some unnecessary netDb resending by inluding the peers queried
successfully in the store redundancy count.
* Added workaround for an odd win32 bug in the stats configuration
console page which meant only the first checkbox selection was saved.
2005-07-15 Romster
* Added per group selection toggles in the stats configuration console
page.
* Within the tunnel, use xor(IV, msg[0:16]) as the flag to detect dups,
rather than the IV by itself, preventing an attack that would let
colluding internal adversaries tag a message to determine that they are
in the same tunnel. Thanks dvorak for the catch!
* Drop long inactive profiles on startup and shutdown
* /configstats.jsp: web interface to pick what stats to log
* Deliver more session tags to account for wider window sizes
* Cache some intermediate values in our HMACSHA256 and BC's HMAC
* Track the client send rate (stream.sendBps and client.sendBpsRaw)
* UrlLauncher: adjust the browser selection order
* I2PAppContext: hooks for dummy HMACSHA256 and a weak PRNG
* StreamSinkClient: add support for sending an unlimited amount of data
* Migrate the tests out of the default build jars
2005-06-22 Comwiz
* Migrate the core tests to junit
* Added a small new page to the web console (/peers.jsp) which contains
the peer connection information. This will be cleaned up a lot more
before 0.6 is out, but its a start.
* Added button to router console for manual update checks.
* Fixed bug in configupdate.jsp that caused the proxy port to be updated
every time the form was submitted even if it hadn't changed.
* Implemented the news fetch / update policy code, as configurated on
/configupdate.jsp. Defaults are to grab the news every 24h (or if it
doesn't exist yet, on startup). No action is taken however, though if
the news.xml specifies that a new release is available, an option to
update will be shown on the router console.
* New initialNews.xml delivered with new installs, and moved news.xml out
of the i2pwww module and into the i2p module so that we can bundle it
within each update.
* New /configupdate.jsp page for controlling the update / notification
process, as well as various minor related updates. Note that not all
options are exposed yet, and the update detection code isn't in place
in this commit - it currently says there is always an update available.
* New EepGet component for reliable downloading, with a CLI exposed in
java -cp lib/i2p.jar net.i2p.util.EepGet url
* Added a default signing key to the TrustedUpdate component to be used
for verifying updates. This signing key can be authenticated via
gpg --verify i2p/core/java/src/net/i2p/crypto/TrustedUpdate.java
* New public domain SHA1 implementation for the DSA code so that we can
handle signing streams of arbitrary size without excess memory usage
(thanks P.Verdy!)
* Added some helpers to the TrustedUpdate to work off streams and to offer
a minimal CLI:
TrustedUpdate keygen pubKeyFile privKeyFile
TrustedUpdate sign origFile signedFile privKeyFile
TrustedUpdate verify signedFile
* Adjusted (and fixed...) the timestamper change detection
* Deal with a rare reordering bug at the beginning of a stream (so we
don't drop it unnecessarily)
* Cleaned up some dropped message handling in the router
* Reduced job queue churn when dealing with a large number of tunnels by
sharing an expiration job
* Keep a separate list of the most recent CRIT messages (shown on the
logs.jsp). This way they don't get buried among any other messages.
* For clarity, display the tunnel variance config as "Randomization" on
the web console.
* If lease republishing fails (boo! hiss!) try it again
* Actually fix the negative jobLag in the right place (this time)
* Allow reseeding when there are less than 10 known peer references
* Lots of logging updates.
* (Merged the 0.5-pre branch back into CVS HEAD)
* Replaced the old tunnel routing crypto with the one specified in
router/doc/tunnel-alt.html, including updates to the web console to view
and tweak it.
* Provide the means for routers to reject tunnel requests with a wider
range of responses:
probabalistic rejection, due to approaching overload
transient rejection, due to temporary overload
bandwidth rejection, due to persistent bandwidth overload
critical rejection, due to general router fault (or imminent shutdown)
The different responses are factored into the profiles accordingly.
* Replaced the old I2CP tunnel related options (tunnels.depthInbound, etc)
with a series of new properties, relevent to the new tunnel routing code:
inbound.nickname (used on the console)
inbound.quantity (# of tunnels to use in any leaseSets)
inbound.backupQuantity (# of tunnels to keep in the ready)
inbound.length (# of remote peers in the tunnel)
inbound.lengthVariance (if > 0, permute the length by adding a random #
up to the variance. if < 0, permute the length
by adding or subtracting a random # up to the
variance)
outbound.* (same as the inbound, except for the, uh, outbound tunnels
in that client's pool)
There are other options, and more will be added later, but the above are
the most relevent ones.
* Replaced Jetty 4.2.21 with Jetty 5.1.2
* Compress all profile data on disk.
* Adjust the reseeding functionality to work even when the JVM's http proxy
is set.
* Enable a poor-man's interactive-flow in the streaming lib by choking the
max window size.
* Reduced the default streaming lib max message size to 16KB (though still
configurable by the user), also doubling the default maximum window
size.
* Replaced the RouterIdentity in a Lease with its SHA256 hash.
* Reduced the overall I2NP message checksum from a full 32 byte SHA256 to
the first byte of the SHA256.
* Added a new "netId" flag to let routers drop references to other routers
who we won't be able to talk to.
* Extended the timestamper to get a second (or third) opinion whenever it
wants to actually adjust the clock offset.
* Replaced that kludge of a timestamp I2NP message with a full blown
DateMessage.
* Substantial memory optimizations within the router and the SDK to reduce
GC churn. Client apps and the streaming libs have not been tuned,
however.
* More bugfixes thank you can shake a stick at.
2005-02-13 jrandom
* Updated jbigi source to handle 64bit CPUs. The bundled jbigi.jar still
only contains 32bit versions, so build your own, placing libjbigi.so in
your install dir if necessary. (thanks mule!)
* Added support for libjbigi-$os-athlon64 to NativeBigInteger and CPUID
(thanks spaetz!)
* Catch another oddball case for a reset connection in the streaming lib.
* Add a dumpprofile.jsp page, called with ?peer=base64OfPeerHash, which
dumps the current state of that peer's profile. Instead of the full
base64, you can pass in however many characters you have and it will
return the first match found.
* Don't do a 'passive flush' while there are already outbound messages
unacked.
* Show the reseed link if up to 10 peers profiles are active (thanks
dburton!)
* Revised the installer to include start menu and desktop shortcuts for
windows platforms, including pretty icons (thanks DrWoo!)
* Allow clients specified in clients.config to have an explicit startup
delay.
* Update the default install to launch a browser pointing at the console
whenever I2P starts up, rather than only the first time it starts up
(configurable on /configservice.jsp, or in clients.config)
* Bugfix to the clock skew checking code to monitor the delta between
offsets, not the offset itself (duh)
* Router console html update
* New (and uuuuugly) code to verify that the wrapper.config contains
the necessary classpath entries on update. If it has to update the
wrapper.config, it will stop the JVM and service completely, since the
java service wrapper doesn't reread the wrapper.config on JVM restart -
requiring the user to manually restart the service after an update.
* Increase the TCP connection timeout to 30s (which is obscenely long)
* Revised the installer to include start menu and desktop shortcuts for
windows platforms, including pretty icons (thanks DrWoo!)
* Allow clients specified in clients.config to have an explicit startup
delay.
* Update the default install to launch a browser pointing at the console
whenever I2P starts up, rather than only the first time it starts up
(configurable on /configservice.jsp, or in clients.config)
* Bugfix to the clock skew checking code to monitor the delta between
offsets, not the offset itself (duh)
* Router console html update
* New (and uuuuugly) code to verify that the wrapper.config contains
the necessary classpath entries on update. If it has to update the
wrapper.config, it will stop the JVM and service completely, since the
java service wrapper doesn't reread the wrapper.config on JVM restart -
requiring the user to manually restart the service after an update.
* Increase the TCP connection timeout to 30s (which is obscenely long)
------------------------------------------------
* Update to the SAM bridge to reduce some unnecessary memory allocation.
* New stat to keep track of slow jobs (ones that take more than a second
to excute). This is published in the netDb as jobQueue.jobRunSlow
* Allow end of line comments in the hosts.txt and other config files,
using '#' to begin the comments (thanks susi!)
* Add support to I2PTunnel's 'client' feature for picking between multiple
target destinations (e.g. 'client 6668 irc.duck.i2p,irc.baffled.i2p')
* Add a quick link on the left hand nav to reseed if there aren't enough
known peers, as well as link to the config page if there are no active
peers. Revised config page accordingly.
* Expose a drop down on the /configclients.jsp to enter the outbound
tunnel depth.
* Improved *hosts.txt loading
* Explicitly override the JVM's timezone settings to use GMT so that
any client applications which use timezones won't leak sensitive
data (thanks gott!)
* Bundle sam.jar in the update (thanks duck!)
- sendsPerFailure: how many partial sends we make when they all fail
- timeoutCongestionInbound: describes how much faster than our average speed we were receiving data when each partial send timed out (in Bps)
- timeoutCongestionMessage: our send processing time when each partial send timed out (in ms)
- timeoutCongestionTunnel: our tunnel test time when each partial send timed out (in ms)
- participatingMessagesProcessedActive: # of messages more than the (most recent) average that a tunnel we were participating in transmitted (for tunnels with more than the average)
* updated to use Writer for rendering the console, so we can do partial writes (and hopefully help debug some kooky threading bugs on kaffe)
* Limit the number of connection tags saved to 10,000. This is a huge
limit, but consumes no more than 1MB of RAM. For now, we drop them
randomly after reaching that size, forcing those dropped peers to use
a full DH negotiation.
* HTML cleanup in the console.
* Update for the SDK reconnection to deal with overflow.
* Web improvements (@ not # on the /logs.jsp [thanks ugha!] and fixed the
rounding on lifetime bandwidth used [thanks gott!]).
2004-09-08 jrandom
* Updated the "Active:" peer count to display the # of connections as well
as the number of recently active router identities.
* Implement some basic updating code - on startup, if there is a file named
"i2pupdate.zip" in the I2P installation directory, extract it, delete it,
then restart.
* Added an ugly little script to allow launching the router on win9x
machines without a dos box (using javaw to run a .bat file).
* Logging updates.
* Updated VERSION constants to 0.4.0.1
* Address a race condition in the key management code that would manifest
itself as a corrupt router identity.
* Properly clear old transport addresses from being displayed on the old
console after soft restarts.
* Properly refuse to load the client applications more than once in the
same JVM.
* Added support for a graceful restart (a graceful shutdown followed by a
full JVM restart - useful for restarting client apps).
* More defensive programming, HTML cleanup, logging
* wrapper.config cleanup of duplicate lines
* Added some basic guards to prevent multiple instances from running.
Specifically, a file "router.ping" in the install directory which is
written to once a minute - if that file exists and has been modified
within the last minute, refuse to start up. In turn, adjust the
service wrapper to wait a minute before restarting a crashed JVM.
* Create a "work" directory in the I2P install dir which Jetty will
use for all of its temporary files.
* Tell the browser not to cache most of the router console's pages.
* Updated default wrapper.config to deal with the hard restart option
* Include the history.txt in the /help.jsp page
* HTML updates (wrapper.log, and no more unix scripts)
* Updated VERSION constants to 0.4
* use that to render the last few lines of the wrapper log on /logs.jsp (for the on demand stack trace)
* thread creation / finalization logging
* support a hard restart (stop immediately and restart the JVM) - useful for rerunning clients.config (etc)
* systray when not supported
* hook in to the service manager and let it know we're exiting gracefully (when appropriate)
* commented out but generally functional systray integration. i cant get it to build sometimes though, something is b0rking up
- set the nonce and noncePrev for the handler when rendering the form
- include the current nonce in the hidden parameter "nonce"
- include an "action" parameter (so we know we want to execute something and hence, validate the nonce, rather than just display the page)
- if the nonce submitted doesnt match what is set in the nonce or noncePrev when validating, its invalid. refuse to process
* new safer way of shutting down the router per discussions with oOo (dealing with a graceful
shutdown where the user updates their config before the shutdown is complete, etc)
* graceful shutdown implemented in the router - shutdownGracefully(), cancelGracefulShutdown(), shutdownInProgress()
* apply oOo's patch for beautifying the new console w/ links to a shitlisted peer's netDb entry
* apply oOo's patch to clean up the peer shitlist count more aggressively
* apply oOo's patch to allow removing lines via /configadvanced.jsp
* apply oOo's patch to clean up the memory usage display
* apply oOo's patch to include log messages on /logs.jsp most recent first, rather than last
* get rid of the netDb key shitlist (its a bad idea, better solution coming soon)
> Message-ID: <1776.202.37.75.101.1092369510.squirrel@202.37.75.101>
> From: adam@adambuckley.net
> To: jrandom@i2p.net
>
> [...]
>
> I hereby authorize my NtpClient.java and NtpMessage.java code to be
> redistributed under the BSD license for the purpose of integration with
> the I2P project, providing that I am credited as the original author of
> the code.
>
> [...]
w00t! adam++
code migrated into core/java/src/net/i2p/time, integrated with Clock,
dropping that whole ugly pass-the-time-through-URL, and hence dropped
support for :7655/setTime.
New router.config properties to control the timestamper:
time.sntpServerList=pool.ntp.org,pool.ntp.org,pool.ntp.org
time.queryFrequencyMs=300000
time.disabled=false
So, to disable, add time.disabled=true to your router.config. It is
enabled by default.
Default router.config and startup scripts updated accordingly (since
timestamper.jar is now gone)
