2006-10-10 jrandom
* Removed the status display from the console, as its more confusing
than informative (though the content is still displayed in the HTML)
* New NIO-based tcp transport (NTCP), enabled by default for outbound
connections only. Those who configure their NAT/firewall to allow
inbound connections and specify the external host and port
(dyndns/etc is ok) on /config.jsp can receive inbound connections.
SSU is still enabled for use by default for all users as a fallback.
* Substantial bugfix to the tunnel gateway processing to transfer
messages sequentially instead of interleaved
* Renamed GNU/crypto classes to avoid name clashes with kaffe and other
GNU/Classpath based JVMs
* Adjust the Fortuna PRNG's pooling system to reduce contention on
refill with a background thread to refill the output buffer
* Add per-transport support for the shitlist
* Add a new async pumped tunnel gateway to reduce tunnel dispatcher
contention
* Correct a misnamed property in SummaryHelper.java
to avoid confusion
* Make the maximum allowance of our own concurrent
tunnel builds slightly adaptive: one concurrent build per 6 KB/s
within the fixed range 2..10
* While overloaded, try to avoid completely choking our own build attempts,
instead prefer limiting them to 1
* Include a combined send/receive graph (good idea cervantes!)
* Proactively drop inbound tunnel requests probabalistically as the
estimated queue time approaches our limit, rather than letting them all
through up to that limit.
* Process inbound tunnel requests more efficiently
* Proactively drop inbound tunnel requests if the queue before we'd
process it in is too long (dynamically adjusted by cpu load)
* Adjust the tunnel rejection throttle to reject requeusts when we have to
proactively drop too many requests.
* Display the number of pending inbound tunnel join requests on the router
console (as the "handle backlog")
* Include a few more stats in the default set of graphs
* Made the netDb search load limitations a little less stringent
* Add support for specifying the number of periods to be plotted on the
graphs - e.g. to plot only the last hour of a stat that is averaged at
the 60 second period, add &periodCount=60
* Add support for graphing the event count as well as the average stat
value (done by adding &showEvents=true to the URL). Also supports
hiding the legend (&hideLegend=true), the grid (&hideGrid=true), and
the title (&hideTitle=true).
* Removed an unnecessary arbitrary filter on the profile organizer so we
can pick high capacity and fast peers more appropriately
* Integrate basic hooks for jrobin (http://jrobin.org) into the router
console. Selected stats can be harvested automatically and fed into
in-memory RRD databases, and those databases can be served up either as
PNG images or as RRDtool compatible XML dumps (see oldstats.jsp for
details). A base set of stats are harvested by default, but an
alternate list can be specified by setting the 'stat.summaries' list on
the advanced config. For instance:
stat.summaries=bw.recvRate.60000,bw.sendRate.60000
* HTML tweaking for the general config page (thanks void!)
* Odd NPE fix (thanks Complication!)
* Moved the current net's reseed URL to a different location than where
the old net looks (dev.i2p.net/i2pdb2/ vs .../i2pdb/)
* More aggressively expire inbound messages (on receive, not just on send)
* Add in a hook for breaking backwards compatibility in the SSU wire
protocol directly by including a version as part of the handshake. The
version is currently set to 0, however, so the wire protocol from this
build is compatible with all earlier SSU implementations.
* Increased the number of complete message readers, cutting down
substantially on the delay processing inbound messages.
* Delete the message history file on startup
* Reworked the restart/shutdown display on the console (thanks bd_!)
* Create different strategies for exploratory tunnels (which are difficult
to create) and client tunnels (which are much easier)
* Gradually increase number of parallel build attempts as tunnel expiry
nears.
* Temporarily shorten attempted build tunnel length if builds using
configured tunnel length are unsuccessful
* React more aggressively to tunnel failure than routine tunnel
replacement
* Make tunnel creation times randomized - there is existing code to
randomize the tunnels but it isn't effective due to the tunnel creation
strategy. Currently, most tunnels get built all at once, at about 2 1/2
to 3 minutes before expiration. The patch fixes this by fixing the
randomization, and by changing the overlap time (with old tunnels) to a
range of 2 to 4 minutes.
* Reduce number of excess tunnels. Lots of excess tunnels get created due
to overlapping calls. Just about anything generated a call which could
build many tunnels all at once, even if tunnel building was already in
process.
* Miscellaneous router console enhancements
* Added support for 'dynamic keys' mode, where the router creates a new
router identity whenever it detects a substantial change in its public
address (read: SSU IP or port). This only offers minimal additional
protection against trivial attackers, but should provide functional
improvement for people who have periodic IP changes, since their new
router address would not be shitlisted while their old one would be.
* Added further infrastructure for restricted route operation, but its use
is not recommended.
* Add filtering threads by author to Syndie, populated with authors in the
user's addressbook
* When creating the default user, add
"http://syndiemedia.i2p/archive/archive.txt" to their addressbook,
configured to automatically pull updates. (what other archives should
be included?)
* Tiny servlet to help dole out the new routerconsole themes, and bundle
the installer/resources/themes/** into ./docs/themes/** on both install
and update.
* Include SSU establishment failure in the peer profile as a commError,
as we do for TCP establishment failures.
* Don't throttle the initial transmission of a message because of ongoing
retransmissions to a peer, since the initial transmission of a message
is more valuable than a retransmission (since it has less latency).
* Cleaned up links to SusiDNS and I2PTunnel (thanks zzz!)
2005-10-07 jrandom
* Include the 1 second bandwidth usage on the console rather than the
1 minute rate, as the 1 second value doesn't have the 1m/5m quantization
issues.
* Reworded the SSU introductions config section (thanks duck!)
* Force identity content encoding for I2PTunnel httpserver requests
(thanks redzara!)
* Further x-i2p-gzip bugfixes for the end of streams
* Reduce the minimum bandwidth limits to 3KBps steady and burst (though
I2P's performance at 3KBps is another issue)
* Cleaned up some streaming lib structures
2005-09-17 jrandom
* Clean up syndie a bit more and bundle a default introductory post with
both new installs and updates.
* Typo fixes on the console (thanks bar!)
* Updated the bandwidth limiter to use two tiers of bandwidth - our normal
steady state rate, plus a new limit on how fast we transfer when
bursting. This is different from the old "burst as fast as possible
until we're out of tokens" policy, and should help those with congested
networks. See /config.jsp to manage this rate.
* Bugfixes in Syndie to handle missing cache files (no data was lost, the
old posts just didn't show up).
* Log properly in EepPost
* Added the i2p.exe and i2pinstall.exe for windows users, using launch4j.
* Added runplain.sh for *nix/osx users having problems using the java
service wrapper (called from the install dir as: sh runplain.sh)
* Bundle susidns and syndie, with links on the top nav
* Have I2PTunnelHTTPClient and I2PTunnelHTTPServer use the x-i2p-gzip
content-encoding (if offered), reducing the payload size before it
reaches the streaming lib. The existing compression is at the i2cp
level, so we've been packetizing 4KB of uncompressed data and then
compressing those messages, rather than compressing and then packetizing
4KB of compressed data. This should reduce the number of round trips
to fetch web pages substantially.
* Adjust the startup and timing of the addressbook so that susidns always
has config to work off, and expose a method for susidns to tell it to
reload its config and rerun.
* More careful error handling with introductions (thanks dust!)
* Fix the forceIntroducers checkbox on config.jsp (thanks Complication!)
* Hide the shitlist on the summary so it doesn't confuse new users.
* More aggressively publish updated routerInfo.
* Expose the flag to force SSU introductions on the router console
* Don't give people the option to disable SNTP time sync, at least not
through the router console, because there is no reason to disable it.
No, not even if your OS is "ntp synced", because chances are, its not.
* HTML cleanup for the router console (thanks!)
2005-09-07 jrandom
* Lay the foundation for 'client routers' - the ability for peers to opt
out of participating in tunnels entirely due to firewall/NAT issues.
Individual routers have control over where those peers are used in
tunnels - in outbound or inbound, exploratory or client tunnels, or
none at all. The defaults with this build are to simply act as before -
placing everyone as potential participants in any tunnel.
* Another part of the foundation includes the option for netDb
participants to refuse to answer queries regarding peers who are marked
as unreachable, though this too is disabled by default (meaning the
routerInfo is retrievable from the netDb).
* Minor logging and optimization tweaks in the router and SDK
* Use ISO-8859-1 in the XML files (thanks redzara!)
* The consolePassword config property can now be used to bypass the router
console's nonce checking, allowing CLI restarts
* Deployed the peer testing implementation to be run every few minutes on
each router, as well as any time the user requests a test manually. The
tests do not reconfigure the ports at the moment, merely determine under
what conditions the local router is reachable. The status shown in the
top left will be "ERR-SymmetricNAT" if the user's IP and port show up
differently for different peers, "ERR-Reject" if the router cannot
receive unsolicited packets or the peer helping test could not find a
collaborator, "Unknown" if the test has not been run or the test
participants were unreachable, or "OK" if the router can receive
unsolicited connections and those connections use the same IP and port.
2005-07-27 jrandom
* Enabled SSU as the default top priority transport, adjusting the
config.jsp page accordingly.
* Add verification fields to the SSU and TCP connection negotiation (not
compatible with previous builds)
* Enable the backwards incompatible tunnel crypto change as documented in
tunnel-alt.html (have each hop encrypt the received IV before using it,
then encrypt it again before sending it on)
* Disable the I2CP encryption, leaving in place the end to end garlic
encryption (another backwards incompatible change)
* Adjust the protocol versions on the TCP and SSU transports so that they
won't talk to older routers.
* Fix up the config stats handling again
* Fix a rare off-by-one in the SSU fragmentation
* Reduce some unnecessary netDb resending by inluding the peers queried
successfully in the store redundancy count.
* Added workaround for an odd win32 bug in the stats configuration
console page which meant only the first checkbox selection was saved.
2005-07-15 Romster
* Added per group selection toggles in the stats configuration console
page.
* Within the tunnel, use xor(IV, msg[0:16]) as the flag to detect dups,
rather than the IV by itself, preventing an attack that would let
colluding internal adversaries tag a message to determine that they are
in the same tunnel. Thanks dvorak for the catch!
* Drop long inactive profiles on startup and shutdown
* /configstats.jsp: web interface to pick what stats to log
* Deliver more session tags to account for wider window sizes
* Cache some intermediate values in our HMACSHA256 and BC's HMAC
* Track the client send rate (stream.sendBps and client.sendBpsRaw)
* UrlLauncher: adjust the browser selection order
* I2PAppContext: hooks for dummy HMACSHA256 and a weak PRNG
* StreamSinkClient: add support for sending an unlimited amount of data
* Migrate the tests out of the default build jars
2005-06-22 Comwiz
* Migrate the core tests to junit
* Added a small new page to the web console (/peers.jsp) which contains
the peer connection information. This will be cleaned up a lot more
before 0.6 is out, but its a start.
* Added button to router console for manual update checks.
* Fixed bug in configupdate.jsp that caused the proxy port to be updated
every time the form was submitted even if it hadn't changed.
* Implemented the news fetch / update policy code, as configurated on
/configupdate.jsp. Defaults are to grab the news every 24h (or if it
doesn't exist yet, on startup). No action is taken however, though if
the news.xml specifies that a new release is available, an option to
update will be shown on the router console.
* New initialNews.xml delivered with new installs, and moved news.xml out
of the i2pwww module and into the i2p module so that we can bundle it
within each update.
* New /configupdate.jsp page for controlling the update / notification
process, as well as various minor related updates. Note that not all
options are exposed yet, and the update detection code isn't in place
in this commit - it currently says there is always an update available.
* New EepGet component for reliable downloading, with a CLI exposed in
java -cp lib/i2p.jar net.i2p.util.EepGet url
* Added a default signing key to the TrustedUpdate component to be used
for verifying updates. This signing key can be authenticated via
gpg --verify i2p/core/java/src/net/i2p/crypto/TrustedUpdate.java
* New public domain SHA1 implementation for the DSA code so that we can
handle signing streams of arbitrary size without excess memory usage
(thanks P.Verdy!)
* Added some helpers to the TrustedUpdate to work off streams and to offer
a minimal CLI:
TrustedUpdate keygen pubKeyFile privKeyFile
TrustedUpdate sign origFile signedFile privKeyFile
TrustedUpdate verify signedFile
* Adjusted (and fixed...) the timestamper change detection
* Deal with a rare reordering bug at the beginning of a stream (so we
don't drop it unnecessarily)
* Cleaned up some dropped message handling in the router
* Reduced job queue churn when dealing with a large number of tunnels by
sharing an expiration job
* Keep a separate list of the most recent CRIT messages (shown on the
logs.jsp). This way they don't get buried among any other messages.
* For clarity, display the tunnel variance config as "Randomization" on
the web console.
* If lease republishing fails (boo! hiss!) try it again
* Actually fix the negative jobLag in the right place (this time)
* Allow reseeding when there are less than 10 known peer references
* Lots of logging updates.
