diff --git a/apps/streaming/java/src/net/i2p/client/streaming/impl/I2PSocketManagerFull.java b/apps/streaming/java/src/net/i2p/client/streaming/impl/I2PSocketManagerFull.java index 280c1549d9..89310ebdae 100644 --- a/apps/streaming/java/src/net/i2p/client/streaming/impl/I2PSocketManagerFull.java +++ b/apps/streaming/java/src/net/i2p/client/streaming/impl/I2PSocketManagerFull.java @@ -27,6 +27,7 @@ import net.i2p.client.streaming.I2PServerSocket; import net.i2p.client.streaming.I2PSocket; import net.i2p.client.streaming.I2PSocketManager; import net.i2p.client.streaming.I2PSocketOptions; +import net.i2p.crypto.SigAlgo; import net.i2p.crypto.SigType; import net.i2p.data.Certificate; import net.i2p.data.Destination; @@ -62,9 +63,12 @@ public class I2PSocketManagerFull implements I2PSocketManager { private final ConnectionManager _connectionManager; private final AtomicBoolean _isDestroyed = new AtomicBoolean(); - /** @since 0.9.21 */ - private static final Set _dsaOnly = new HashSet(16); - private static final String[] DSA_ONLY_HASHES = { + /** + * Does not support EC + * @since 0.9.21 + */ + private static final Set _ecUnsupported = new HashSet(16); + private static final String[] EC_UNSUPPORTED_HASHES = { // list from http://zzz.i2p/topics/1682?page=1#p8414 // bzr.welterde.i2p "Cvs1gCZTTkgD2Z2byh2J9atPmh5~I8~L7BNQnQl0hUE=", @@ -86,7 +90,7 @@ public class I2PSocketManagerFull implements I2PSocketManager { "VXwmNIwMy1BcUVmut0oZ72jbWoqFzvxJukmS-G8kAAE=", // paste.i2p2.i2p "DoyMyUUgOSTddvRpqYfKHFPPjkkX~iQmResyfjjBYWs=", - // syndie.wetlerde.i2p + // syndie.welterde.i2p "xMxC54BFgyp-~zzrQI3F8m2CK--9XMcNmSAep6RH4Kk=", // ugha.i2p "zsu3WF~QLBxZXH-gHq9MuZE6y8ROZmMF7dA2MbMMKkY=", @@ -95,13 +99,54 @@ public class I2PSocketManagerFull implements I2PSocketManager { // www.i2p2.i2p "im9gytzKT15mT1sB5LC9bHXCcwytQ4EPcrGQhoam-4w=" }; + + /** + * Does not support Ed + * @since 0.9.23 + */ + private static final Set _edUnsupported = new HashSet(16); + private static final String[] ED_UNSUPPORTED_HASHES = { + // list from http://zzz.i2p/topics/1682?page=1#p8414 + // minus those tested to support Ed + // last tested 2015-11-04 + // bzr.welterde.i2p + "Cvs1gCZTTkgD2Z2byh2J9atPmh5~I8~L7BNQnQl0hUE=", + // docs.i2p2.i2p + "WCXV87RdrF6j-mnn6qt7kVSBifHTlPL0PmVMFWwaolo=", + // i2jump.i2p + "9vaoGZbOaeqdRK2qEunlwRM9mUSW-I9R4OON35TDKK4=", + // irc.welterde.i2p + "5rjezx4McFk3bNhoJV-NTLlQW1AR~jiUcN6DOWMCCVc=", + // lists.i2p2.i2p + "qwtgoFoMSK0TOtbT4ovBX1jHUzCoZCPzrJVxjKD7RCg=", + // mtn.i2p2.i2p + "X5VDzYaoX9-P6bAWnrVSR5seGLkOeORP2l3Mh4drXPo=", + // nntp.welterde.i2p + "VXwmNIwMy1BcUVmut0oZ72jbWoqFzvxJukmS-G8kAAE=", + // paste.i2p2.i2p + "DoyMyUUgOSTddvRpqYfKHFPPjkkX~iQmResyfjjBYWs=", + // syndie.welterde.i2p + "xMxC54BFgyp-~zzrQI3F8m2CK--9XMcNmSAep6RH4Kk=", + // tracker.welterde.i2p + "EVkFgKkrDKyGfI7TIuDmlHoAmvHC~FbnY946DfujR0A=", + // www.i2p2.i2p + "im9gytzKT15mT1sB5LC9bHXCcwytQ4EPcrGQhoam-4w=" + }; static { - for (int i = 0; i < DSA_ONLY_HASHES.length; i++) { - String s = DSA_ONLY_HASHES[i]; + for (int i = 0; i < EC_UNSUPPORTED_HASHES.length; i++) { + String s = EC_UNSUPPORTED_HASHES[i]; Hash h = ConvertToHash.getHash(s); if (h != null) - _dsaOnly.add(h); + _ecUnsupported.add(h); + else + System.out.println("Bad hash " + s); + } + for (int i = 0; i < ED_UNSUPPORTED_HASHES.length; i++) { + String s = ED_UNSUPPORTED_HASHES[i]; + Hash h = ConvertToHash.getHash(s); + if (h != null) + _edUnsupported.add(h); else System.out.println("Bad hash " + s); } @@ -486,7 +531,10 @@ public class I2PSocketManagerFull implements I2PSocketManager { if (!_subsessions.isEmpty()) { updateUserDsaList(); Hash h = peer.calculateHash(); - if (_dsaOnly.contains(h) || (!_userDsaOnly.isEmpty() && _userDsaOnly.contains(h))) { + SigAlgo myAlgo = session.getMyDestination().getSigType().getBaseAlgorithm(); + if ((myAlgo == SigAlgo.EC && _ecUnsupported.contains(h)) || + (myAlgo == SigAlgo.EdDSA && _edUnsupported.contains(h)) || + (!_userDsaOnly.isEmpty() && _userDsaOnly.contains(h))) { // FIXME just taking the first one for now for (I2PSession sess : _subsessions) { if (sess.getMyDestination().getSigType() == SigType.DSA_SHA1) { @@ -512,7 +560,7 @@ public class I2PSocketManagerFull implements I2PSocketManager { /** * Update the global user DSA-only list. - * This does not affect the hardcoded DSA_ONLY_HASHES list above, + * This does not affect the hardcoded Ex_UNSUPPORTED_HASHES lists above, * the user can only add, not remove. * * @since 0.9.21 diff --git a/history.txt b/history.txt index 9d421fc457..82a4b99171 100644 --- a/history.txt +++ b/history.txt @@ -1,3 +1,7 @@ +2015-11-05 zzz + * I2CP: Fix additional connections getting rejected during tunnel open (ticket #1650) + * Streaming: Split blacklist into one for EC and one for Ed + 2015-11-04 zzz * Threads: More conversions to I2PAppThread * Timers: Improve OutboundMessageRegistry locking (ticket #1694) diff --git a/router/java/src/net/i2p/router/RouterVersion.java b/router/java/src/net/i2p/router/RouterVersion.java index 9319fc01c9..0bd65feeba 100644 --- a/router/java/src/net/i2p/router/RouterVersion.java +++ b/router/java/src/net/i2p/router/RouterVersion.java @@ -18,7 +18,7 @@ public class RouterVersion { /** deprecated */ public final static String ID = "Monotone"; public final static String VERSION = CoreVersion.VERSION; - public final static long BUILD = 22; + public final static long BUILD = 23; /** for example "-test" */ public final static String EXTRA = "";