diff --git a/core/java/src/net/i2p/crypto/SU3File.java b/core/java/src/net/i2p/crypto/SU3File.java index 23d63f4ff7..3c797be254 100644 --- a/core/java/src/net/i2p/crypto/SU3File.java +++ b/core/java/src/net/i2p/crypto/SU3File.java @@ -358,9 +358,9 @@ public class SU3File { } private static final void showUsageCLI() { - System.err.println("Usage: SU3File showversion signedFile"); - System.err.println(" SU3File sign inputFile signedFile privateKeyFile version signerName"); - System.err.println(" SU3File verifysig signedFile"); + System.err.println("Usage: SU3File showversion signedFile.su3"); + System.err.println(" SU3File sign inputFile.zip signedFile.su3 privateKeyFile version signerName@mail.i2p"); + System.err.println(" SU3File verifysig signedFile.su3"); } /** @return success */ diff --git a/core/java/src/net/i2p/data/Destination.java b/core/java/src/net/i2p/data/Destination.java index 3c823a52b5..6a1764805f 100644 --- a/core/java/src/net/i2p/data/Destination.java +++ b/core/java/src/net/i2p/data/Destination.java @@ -13,6 +13,13 @@ package net.i2p.data; * Defines an end point in the I2P network. The Destination may move around * in the network, but messages sent to the Destination will find it * + * Note that the public (encryption) key is essentially unused, since + * "end-to-end" encryption was removed in 0.6. The public key in the + * LeaseSet is used instead. + * + * The first bytes of the public key are used for the IV for leaseset encryption, + * but that encryption is poorly designed and should be deprecated. + * * @author jrandom */ public class Destination extends KeysAndCert { diff --git a/core/java/src/net/i2p/data/LeaseSet.java b/core/java/src/net/i2p/data/LeaseSet.java index bf7ca7636e..a339ed6944 100644 --- a/core/java/src/net/i2p/data/LeaseSet.java +++ b/core/java/src/net/i2p/data/LeaseSet.java @@ -31,6 +31,10 @@ import net.i2p.util.RandomSource; * Only the gateways and tunnel IDs in the individual * leases are encrypted. * + * WARNING: + * Encryption is poorly designed and probably insecure. + * Not recommended. + * * Encrypted leases are not indicated as such. * The only way to tell a lease is encrypted is to * determine that the listed gateways do not exist. diff --git a/core/java/src/net/i2p/util/RandomSource.java b/core/java/src/net/i2p/util/RandomSource.java index 408af8f7ba..4f97c7d475 100644 --- a/core/java/src/net/i2p/util/RandomSource.java +++ b/core/java/src/net/i2p/util/RandomSource.java @@ -176,8 +176,7 @@ public class RandomSource extends SecureRandom implements EntropyHarvester { SecureRandom.getInstance("SHA1PRNG").nextBytes(buf); ok = true; } catch (NoSuchAlgorithmException e) {} - // why urandom? because /dev/random blocks, and there are arguments - // suggesting such blockages are largely meaningless + // why urandom? because /dev/random blocks ok = seedFromFile(new File("/dev/urandom"), buf) || ok; // we merge (XOR) in the data from /dev/urandom with our own seedfile File localFile = new File(_context.getConfigDir(), SEEDFILE); @@ -186,6 +185,8 @@ public class RandomSource extends SecureRandom implements EntropyHarvester { } /** + * XORs the seed into buf + * * @param f absolute path * @return success */ diff --git a/router/java/src/net/i2p/router/tunnel/OutboundTunnelEndpoint.java b/router/java/src/net/i2p/router/tunnel/OutboundTunnelEndpoint.java index a294238f4f..f8297d8507 100644 --- a/router/java/src/net/i2p/router/tunnel/OutboundTunnelEndpoint.java +++ b/router/java/src/net/i2p/router/tunnel/OutboundTunnelEndpoint.java @@ -29,6 +29,7 @@ class OutboundTunnelEndpoint { _handler = new RouterFragmentHandler(ctx, new DefragmentedHandler()); _outDistributor = new OutboundMessageDistributor(ctx, OutNetMessage.PRIORITY_PARTICIPATING); } + public void dispatch(TunnelDataMessage msg, Hash recvFrom) { _config.incrementProcessedMessages(); boolean ok = _processor.process(msg.getData(), 0, msg.getData().length, recvFrom); @@ -66,4 +67,10 @@ class OutboundTunnelEndpoint { _outDistributor.distribute(msg, toRouter, toTunnel); } } + + /** @since 0.9.8 */ + @Override + public String toString() { + return "OBEP " + _config.getReceiveTunnel(); + } } diff --git a/router/java/src/net/i2p/router/tunnel/ThrottledPumpedTunnelGateway.java b/router/java/src/net/i2p/router/tunnel/ThrottledPumpedTunnelGateway.java index d6da149449..388fedc979 100644 --- a/router/java/src/net/i2p/router/tunnel/ThrottledPumpedTunnelGateway.java +++ b/router/java/src/net/i2p/router/tunnel/ThrottledPumpedTunnelGateway.java @@ -44,4 +44,10 @@ class ThrottledPumpedTunnelGateway extends PumpedTunnelGateway { } add(new PendingGatewayMessage(msg, toRouter, toTunnel)); } + + /** @since 0.9.8 */ + @Override + public String toString() { + return "IBGW " + _config.getReceiveTunnel(); + } } diff --git a/router/java/src/net/i2p/router/tunnel/TunnelDispatcher.java b/router/java/src/net/i2p/router/tunnel/TunnelDispatcher.java index 9bb129e801..6ba5269fb1 100644 --- a/router/java/src/net/i2p/router/tunnel/TunnelDispatcher.java +++ b/router/java/src/net/i2p/router/tunnel/TunnelDispatcher.java @@ -491,11 +491,11 @@ public class TunnelDispatcher implements Service { boolean removed = (null != _participatingConfig.remove(recvId)); if (removed) { if (_log.shouldLog(Log.DEBUG)) - _log.debug("removing " + cfg, new Exception()); + _log.debug("removing " + cfg /* , new Exception() */ ); } else { // this is normal, this can get called twice if (_log.shouldLog(Log.DEBUG)) - _log.debug("Participating tunnel, but no longer listed in participatingConfig? " + cfg, new Exception()); + _log.debug("Participating tunnel, but no longer listed in participatingConfig? " + cfg /* , new Exception() */ ); } removed = (null != _participants.remove(recvId));