zzz/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

propagate from branch 'i2p.i2p' (head b4b595d294ace07f7fde583957d8e00e96af347c)

Browse Source 
to branch 'i2p.i2p.zzz.test2' (head 90c482d231ea639bff8d37d390dac081e361f48f)
This commit is contained in:
zzz
2014-11-28 13:13:00 +00:00
parent 5383f9f097 be8832e87f
commit 449ce3176e
25 changed files with 377 additions and 112 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
apps/i2ptunnel/java/src/net/i2p/i2ptunnel/web/IndexBean.java
View File

@@ -1339,10 +1339,10 @@ public class IndexBean {
// as of 0.9.17, add a random key if not previously present
byte[] rk = new byte[32];
_context.random().nextBytes(rk);
config.setProperty(OPT + p, Base64.encode(rk));
config.setProperty(p, Base64.encode(rk));
p = OPT + "outbound.randomKey";
_context.random().nextBytes(rk);
config.setProperty(OPT + p, Base64.encode(rk));
config.setProperty(p, Base64.encode(rk));
}
}

48
apps/routerconsole/java/src/net/i2p/router/news/NewsMetadata.java
View File

@@ -1,6 +1,7 @@
package net.i2p.router.news;
import java.util.List;
import net.i2p.util.VersionComparator;
/**
* The update metadata.
@@ -15,14 +16,41 @@ public class NewsMetadata {
public String feedID;
public long feedUpdated;
// I2P update metadata
public long date;
public String minVersion;
public String minJavaVersion;
public String i2pVersion;
public String sudTorrent;
public String su2Torrent;
public String su3Torrent;
public List<String> su3Clearnet;
public List<String> su3SSL;
// I2P metadata
public List<Release> releases;
public static class Release implements Comparable<Release> {
public long date;
public String minVersion;
public String minJavaVersion;
public String i2pVersion;
public List<Update> updates;
@Override
public int compareTo(Release other) {
// Sort latest version first.
return VersionComparator.comp(other.i2pVersion, i2pVersion);
}
}
public static class Update implements Comparable<Update> {
public String type;
public String torrent;
public List<String> clearnet;
public List<String> ssl;
@Override
public int compareTo(Update other) {
return getTypeOrder() - other.getTypeOrder();
}
protected int getTypeOrder() {
if ("su3".equalsIgnoreCase(type))
return 1;
else if ("su2".equalsIgnoreCase(type))
return 2;
else
return 3;
}
}
}

97
apps/routerconsole/java/src/net/i2p/router/news/NewsXMLParser.java
View File

@@ -15,6 +15,7 @@ import java.util.Set;
import net.i2p.I2PAppContext;
import net.i2p.util.Log;
import org.cybergarage.util.Debug;
import org.cybergarage.xml.Attribute;
import org.cybergarage.xml.Node;
@@ -34,7 +35,7 @@ public class NewsXMLParser {
private NewsMetadata _metadata;
private XHTMLMode _mode;
private static final Set xhtmlWhitelist = new HashSet(Arrays.asList(new String[] {
private static final Set<String> xhtmlWhitelist = new HashSet<String>(Arrays.asList(new String[] {
"a", "b", "br", "div", "i", "p", "span", "font", "blockquote", "hr",
"del", "ins", "em", "strong", "mark", "sub", "sup", "tt", "code", "strike", "s", "u",
"h4", "h5", "h6",
@@ -45,7 +46,7 @@ public class NewsXMLParser {
}));
// http://www.w3.org/TR/html-markup/global-attributes.html#common.attrs.event-handler
private static final Set attributeBlacklist = new HashSet(Arrays.asList(new String[] {
private static final Set<String> attributeBlacklist = new HashSet<String>(Arrays.asList(new String[] {
"onabort", "onblur", "oncanplay", "oncanplaythrough", "onchange", "onclick",
"oncontextmenu", "ondblclick", "ondrag", "ondragend", "ondragenter", "ondragleave",
"ondragover", "ondragstart", "ondrop", "ondurationchange", "onemptied",
@@ -169,38 +170,67 @@ public class NewsXMLParser {
}
}
Node r = feed.getNode("i2p:release");
if (r == null)
List<NewsMetadata.Release> releases = new ArrayList<NewsMetadata.Release>();
List<Node> releaseNodes = getNodes(feed, "i2p:release");
if (releaseNodes.size() == 0)
throw new I2PParserException("no release data in XML");
// release attributes
String a = r.getAttributeValue("date");
if (a.length() > 0) {
long time = RFC3339Date.parse3339Date(a);
if (time > 0)
rv.date = time;
}
a = r.getAttributeValue("minVersion");
if (a.length() > 0)
rv.minVersion = a;
a = r.getAttributeValue("minJavaVersion");
if (a.length() > 0)
rv.minJavaVersion = a;
// release nodes
n = r.getNode("i2p:version");
if (n != null)
rv.i2pVersion = n.getValue();
List<Node> urls = getNodes(r, "i2p:torrent");
for (Node t : urls) {
// returns "" for none
String href = t.getAttributeValue("href");
if (href.length() > 0) {
String type = t.getAttributeValue("type");
if (type.equals("su2"))
rv.su2Torrent = href;
else if (type.equals("su3"))
rv.su3Torrent = href;
for (Node r : releaseNodes) {
NewsMetadata.Release release = new NewsMetadata.Release();
// release attributes
String a = r.getAttributeValue("date");
if (a.length() > 0) {
long time = RFC3339Date.parse3339Date(a);
if (time > 0)
release.date = time;
}
a = r.getAttributeValue("minVersion");
if (a.length() > 0)
release.minVersion = a;
a = r.getAttributeValue("minJavaVersion");
if (a.length() > 0)
release.minJavaVersion = a;
// release nodes
n = r.getNode("i2p:version");
if (n != null)
release.i2pVersion = n.getValue();
List<NewsMetadata.Update> updates = new ArrayList<NewsMetadata.Update>();
List<Node> updateNodes = getNodes(r, "i2p:update");
if (updateNodes.size() == 0)
throw new I2PParserException("no updates in release");
Set<String> types = new HashSet<String>();
for (Node u : updateNodes) {
// returns "" for none
String type = u.getAttributeValue("type");
if (type.isEmpty())
throw new I2PParserException("update with no type");
if (types.contains(type))
throw new I2PParserException("update with duplicate type");
NewsMetadata.Update update = new NewsMetadata.Update();
update.type = type;
types.add(type);
int totalSources = 0;
Node t = u.getNode("i2p:torrent");
if (t != null) {
// returns "" for none
String href = t.getAttributeValue("href");
if (href.length() > 0) {
update.torrent = href;
totalSources += 1;
}
}
if (totalSources == 0)
throw new I2PParserException("no sources for update type " + type);
updates.add(update);
}
Collections.sort(updates);
release.updates = updates;
releases.add(release);
}
Collections.sort(releases);
rv.releases = releases;
return rv;
}
@@ -388,8 +418,9 @@ public class NewsXMLParser {
parser.parse(new File(args[0]));
NewsMetadata ud = parser.getMetadata();
List<NewsEntry> entries = parser.getEntries();
System.out.println("Latest version is " + ud.i2pVersion);
System.out.println("Release timestamp: " + ud.date);
NewsMetadata.Release latestRelease = ud.releases.get(0);
System.out.println("Latest version is " + latestRelease.i2pVersion);
System.out.println("Release timestamp: " + latestRelease.date);
System.out.println("Feed timestamp: " + ud.feedUpdated);
System.out.println("Found " + entries.size() + " news entries");
for (int i = 0; i < entries.size(); i++) {

37
apps/routerconsole/java/src/net/i2p/router/update/NewsFetcher.java
View File

@@ -1,12 +1,9 @@
package net.i2p.router.update;
import java.io.BufferedWriter;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FilterInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
@@ -14,15 +11,12 @@ import java.io.Writer;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import net.i2p.crypto.SU3File;
@@ -459,22 +453,33 @@ class NewsFetcher extends UpdateRunner {
*/
private void outputOldNewsXML(NewsMetadata data, List<NewsEntry> entries,
String sudVersion, String signingKeyName, File to) throws IOException {
NewsMetadata.Release latestRelease = data.releases.get(0);
Writer out = null;
try {
out = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(to), "UTF-8"));
out.write("<!--\n");
// update metadata in old format
out.write("<i2p.release ");
if (data.i2pVersion != null)
out.write(" version=\"" + data.i2pVersion + '"');
if (data.minVersion != null)
out.write(" minVersion=\"" + data.minVersion + '"');
if (data.minJavaVersion != null)
out.write(" minJavaVersion=\"" + data.minJavaVersion + '"');
if (data.su2Torrent != null)
out.write(" su2Torrent=\"" + data.su2Torrent + '"');
if (data.su3Torrent != null)
out.write(" su3Torrent=\"" + data.su3Torrent + '"');
if (latestRelease.i2pVersion != null)
out.write(" version=\"" + latestRelease.i2pVersion + '"');
if (latestRelease.minVersion != null)
out.write(" minVersion=\"" + latestRelease.minVersion + '"');
if (latestRelease.minJavaVersion != null)
out.write(" minJavaVersion=\"" + latestRelease.minJavaVersion + '"');
String su3Torrent = "";
String su2Torrent = "";
for (NewsMetadata.Update update : latestRelease.updates) {
if (update.torrent != null) {
if ("su3".equals(update.type))
su3Torrent = update.torrent;
else if ("su2".equals(update.type))
su2Torrent = update.torrent;
}
}
if (!su2Torrent.isEmpty())
out.write(" su2Torrent=\"" + su2Torrent + '"');
if (!su3Torrent.isEmpty())
out.write(" su3Torrent=\"" + su3Torrent + '"');
out.write("/>\n");
// su3 and feed metadata for debugging
out.write("** News version:\t" + DataHelper.stripHTML(sudVersion) + '\n');

7
apps/routerconsole/java/src/net/i2p/router/web/SummaryBarRenderer.java
View File

@@ -348,8 +348,11 @@ public class SummaryBarRenderer {
.append(_helper.getReachability())
.append("</a></h4>\n");
if (!SigType.ECDSA_SHA256_P256.isAvailable()) {
buf.append("<hr>\n<h4><a href=\"/logs\" target=\"_top\" title=\"")
.append(_("See more information on the logs page"))
buf.append("<hr>\n<h4><a href=\"http://trac.i2p2.i2p/wiki/Crypto/ECDSA");
if ("ru".equals(Messages.getLanguage(_context)))
buf.append("-ru");
buf.append("\" target=\"_top\" title=\"")
.append(_("See more information on the wiki"))
.append("\">")
.append(_("Warning: ECDSA is not available. Update your Java or OS"))
.append("</a></h4>\n");

15
apps/sam/java/src/net/i2p/sam/SAMStreamSession.java
View File

@@ -82,7 +82,7 @@ class SAMStreamSession {
* Create a new SAM STREAM session.
*
* @param dest Base64-encoded destination and private keys (same format as PrivateKeyFile)
* @param dir Session direction ("RECEIVE", "CREATE" or "BOTH")
* @param dir Session direction ("RECEIVE", "CREATE" or "BOTH") or "__v3__" if extended by SAMv3StreamSession
* @param props Properties to setup the I2P session
* @param recv Object that will receive incoming data
* @throws IOException
@@ -98,7 +98,7 @@ class SAMStreamSession {
* Create a new SAM STREAM session.
*
* @param destStream Input stream containing the destination and private keys (same format as PrivateKeyFile)
* @param dir Session direction ("RECEIVE", "CREATE" or "BOTH")
* @param dir Session direction ("RECEIVE", "CREATE" or "BOTH") or "__v3__" if extended by SAMv3StreamSession
* @param props Properties to setup the I2P session
* @param recv Object that will receive incoming data
* @throws IOException
@@ -111,15 +111,24 @@ class SAMStreamSession {
_log = I2PAppContext.getGlobalContext().logManager().getLog(getClass());
boolean canReceive;
boolean startAcceptor;
if (dir.equals("BOTH")) {
canCreate = true;
canReceive = true;
startAcceptor = true;
} else if (dir.equals("__v3__")) {
// we are super to SAMv3StreamSession, don't start thread, he handles it
canCreate = true;
canReceive = true;
startAcceptor = false;
} else if (dir.equals("CREATE")) {
canCreate = true;
canReceive = false;
startAcceptor = false;
} else if (dir.equals("RECEIVE")) {
canCreate = false;
canReceive = true;
startAcceptor = true;
} else {
_log.error("BUG! Wrong direction passed to SAMStreamSession: "
+ dir);
@@ -162,7 +171,7 @@ class SAMStreamSession {
forceFlush = Boolean.parseBoolean(allprops.getProperty(PROP_FORCE_FLUSH, DEFAULT_FORCE_FLUSH));
if (canReceive) {
if (startAcceptor) {
server = new SAMStreamSessionServer();
Thread t = new I2PAppThread(server, "SAMStreamSessionServer");

2
apps/sam/java/src/net/i2p/sam/SAMv3StreamSession.java
View File

@@ -61,7 +61,7 @@ class SAMv3StreamSession extends SAMStreamSession implements SAMv3Handler.Sessi
public SAMv3StreamSession(String login)
throws IOException, DataFormatException, SAMException
{
super(getDB().get(login).getDest(), "BOTH",
super(getDB().get(login).getDest(), "__v3__",
getDB().get(login).getProps(),
getDB().get(login).getHandler());
this.nick = login ;

2
build.properties
View File

@@ -11,7 +11,7 @@
# Note: Include the trailing slash! Don't surround the URL in quotes!
javasedocs.url=http://docs.oracle.com/javase/6/docs/api/
javaeedocs.url=http://docs.oracle.com/javaee/6/api/
jettydocs.url=http://download.eclipse.org/jetty/stable-7/apidocs/
jettydocs.url=http://download.eclipse.org/jetty/stable-8/apidocs/
jrobindocs.url=http://docs.i2p-projekt.de/jrobin/javadoc/
wrapperdocs.url=http://wrapper.tanukisoftware.com/jdoc/
# these are only for unit test javadocs

8
core/java/src/net/i2p/data/PrivateKeyFile.java
View File

@@ -169,9 +169,11 @@ public class PrivateKeyFile {
usage();
return;
}
System.out.println(pkf);
pkf.write();
verifySignature(pkf.getDestination());
if (mode != 0) {
System.out.println(pkf);
pkf.write();
verifySignature(pkf.getDestination());
}
} catch (Exception e) {
e.printStackTrace();
System.exit(1);

21
core/java/src/net/i2p/data/Signature.java
View File

@@ -9,6 +9,8 @@ package net.i2p.data;
*
*/
import java.util.Arrays;
import net.i2p.crypto.SigType;
/**
@@ -102,4 +104,23 @@ public class Signature extends SimpleDataStructure {
buf.append(']');
return buf.toString();
}
/**
* @since 0.9.17
*/
@Override
public int hashCode() {
return DataHelper.hashCode(_type) ^ super.hashCode();
}
/**
* @since 0.9.17
*/
@Override
public boolean equals(Object obj) {
if (obj == this) return true;
if (obj == null || !(obj instanceof Signature)) return false;
Signature s = (Signature) obj;
return _type == s._type && Arrays.equals(_data, s._data);
}
}

21
core/java/src/net/i2p/data/SigningPrivateKey.java
View File

@@ -9,6 +9,8 @@ package net.i2p.data;
*
*/
import java.util.Arrays;
import net.i2p.crypto.KeyGenerator;
import net.i2p.crypto.SigType;
@@ -104,4 +106,23 @@ public class SigningPrivateKey extends SimpleDataStructure {
buf.append(']');
return buf.toString();
}
/**
* @since 0.9.17
*/
@Override
public int hashCode() {
return DataHelper.hashCode(_type) ^ super.hashCode();
}
/**
* @since 0.9.17
*/
@Override
public boolean equals(Object obj) {
if (obj == this) return true;
if (obj == null || !(obj instanceof SigningPrivateKey)) return false;
SigningPrivateKey s = (SigningPrivateKey) obj;
return _type == s._type && Arrays.equals(_data, s._data);
}
}

30
core/java/src/net/i2p/data/SigningPublicKey.java
View File

@@ -12,6 +12,7 @@ package net.i2p.data;
import java.io.InputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Arrays;
import net.i2p.crypto.SigType;
@@ -113,7 +114,8 @@ public class SigningPublicKey extends SimpleDataStructure {
}
/**
* Up-convert this from an untyped (type 0) SPK to a typed SPK based on the Key Cert given
* Up-convert this from an untyped (type 0) SPK to a typed SPK based on the Key Cert given.
* The type of the returned key will be null if the kcert sigtype is null.
*
* @throws IllegalArgumentException if this is already typed to a different type
* @since 0.9.12
@@ -126,6 +128,9 @@ public class SigningPublicKey extends SimpleDataStructure {
return this;
if (_type != SigType.DSA_SHA1)
throw new IllegalArgumentException("Cannot convert " + _type + " to " + newType);
// unknown type, keep the 128 bytes of data
if (newType == null)
return new SigningPublicKey(null, _data);
int newLen = newType.getPubkeyLen();
if (newLen == SigType.DSA_SHA1.getPubkeyLen())
return new SigningPublicKey(newType, _data);
@@ -145,7 +150,7 @@ public class SigningPublicKey extends SimpleDataStructure {
* Get the portion of this (type 0) SPK that is really padding based on the Key Cert type given,
* if any
*
* @return leading padding length > 0 or null
* @return leading padding length > 0 or null if no padding or type is unknown
* @throws IllegalArgumentException if this is already typed to a different type
* @since 0.9.12
*/
@@ -153,7 +158,7 @@ public class SigningPublicKey extends SimpleDataStructure {
if (_data == null)
throw new IllegalStateException();
SigType newType = kcert.getSigType();
if (_type == newType)
if (_type == newType || newType == null)
return null;
if (_type != SigType.DSA_SHA1)
throw new IllegalStateException("Cannot convert " + _type + " to " + newType);
@@ -200,4 +205,23 @@ public class SigningPublicKey extends SimpleDataStructure {
public static void clearCache() {
_cache.clear();
}
/**
* @since 0.9.17
*/
@Override
public int hashCode() {
return DataHelper.hashCode(_type) ^ super.hashCode();
}
/**
* @since 0.9.17
*/
@Override
public boolean equals(Object obj) {
if (obj == this) return true;
if (obj == null || !(obj instanceof SigningPublicKey)) return false;
SigningPublicKey s = (SigningPublicKey) obj;
return _type == s._type && Arrays.equals(_data, s._data);
}
}

28
history.txt
View File

@@ -1,3 +1,31 @@
2014-11-26 zzz
* BuildRequestor: Reduce delay when client build can't find
a paired tunnel (ticket #1412)
* Data:
- Fix NPE on unknown sig type in destination
- Fix hashcode and equals for typed data
* Tunnels: Disallow changing allowZeroHop setting for exploratory
2014-11-24 zzz
* i2ptunnel: Fix automatic setting of random key
* PrivateKeyFile: Don't rewrite file in main() if no options
2014-11-23 zzz
* Reseed hosts update
2014-11-22 zzz
* PeerSelector: If non-DSA, don't use incompatible peers
for exploratory tunnels or closest-hop in client tunnels
* SAM: Fix v3 bug accepting incoming connections
2014-11-17 zzz
* NetDB: Exclude A1/A2 "countries" from auto-floodfill
2014-11-15 zzz
* I2NP:
- Set lookup type flags even if no reply tunnel specified
- Reduce object churn when writing some messages
2014-11-13 zzz
* I2PTunnel:
- Fix bug that left server acceptor thread running after close

21
installer/resources/certificates/ssl/i2p.feared.eu.crt
View File

@@ -1,21 +0,0 @@
-----BEGIN CERTIFICATE-----
MIIDhTCCAm2gAwIBAgIJAPVgXcMcr3zqMA0GCSqGSIb3DQEBBQUAMFkxCzAJBgNV
BAYTAkVVMQ8wDQYDVQQIDAZFdXJvcGUxDDAKBgNVBAoMA0kyUDETMBEGA1UECwwK
T3V0cHJveGllczEWMBQGA1UEAwwNaTJwLmZlYXJlZC5ldTAeFw0xMjEwMjkxNzMw
MDZaFw0yMTAxMTUxNzMwMDZaMFkxCzAJBgNVBAYTAkVVMQ8wDQYDVQQIDAZFdXJv
cGUxDDAKBgNVBAoMA0kyUDETMBEGA1UECwwKT3V0cHJveGllczEWMBQGA1UEAwwN
aTJwLmZlYXJlZC5ldTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOUh
y2+6Q4RO+b5WPXX/cZ/9fiI7aWGe/C7z0083HOEqnkgGCYgxFWUCed6/eZbYoZ7/
PV1BAuEereNwTp+Ov7fQB2H73O9sSAEejW6O4C2PZiZWaPxpZiTJNENbLOZxJnIN
+fSqmA5pqvGkYAJ2heZH4v4tayun7Vib58GWuizhzJ4EvhOrOrLq/YHrxMn++r4e
kNNbq4QzWpfxNa7ocDY9OJh5qFzuc+6wKj1m1syK6euDqs5d6X+y0aDTMgRxey2b
tkmNx9wC0flLg1oMcv9o1zN+dENy7Inkd/SqbSjLUqDTJzdq6xURVsgLoV63pb6r
B4gbGIlriYWK/mOPTTkCAwEAAaNQME4wHQYDVR0OBBYEFOI94JZ3Rb2RVmr8QjOp
u3KfVSrNMB8GA1UdIwQYMBaAFOI94JZ3Rb2RVmr8QjOpu3KfVSrNMAwGA1UdEwQF
MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAD7bI05zg9nf9qanq4ZNw/rvEzYQRBmy
MqzZjcwBMGvbcEbS+zYAdAkfxmN3l/AT4I4z138Om0ud4ZJUQTVlRsJkMlmLD4Rt
Jbi2rl7mrY7Qupgu5hvgH+ZaEWr7LTq+tFjPycRS+zijw9NToKeAsgEex9zYIOYD
BxDUn/trvyA41ItvegWh803IsZUBb45Via+bopid9aFFkejRrck9hhcQ6fVh2yju
nuVwHrxNvGc0NmmJ7zI+nPESFS+TAYbWXikDhc5Vtyiuoz47WZU1cgXYYMejK4WA
+3GLvei7qKm4GOJSg7BngF5Iyj/n7ML1rBqTlN3KA1YOgpGCwJlKzto=
-----END CERTIFICATE-----

25
installer/resources/certificates/ssl/ieb9oopo.mooo.com2.crt Normal file
View File

@@ -0,0 +1,25 @@
-----BEGIN CERTIFICATE-----
MIIESzCCAzOgAwIBAgIJAKII1waVnWddMA0GCSqGSIb3DQEBCwUAMIG7MQswCQYD
VQQGEwJERTEaMBgGA1UECAwRaWViOW9vcG8ubW9vby5jb20xGjAYBgNVBAcMEWll
Yjlvb3BvLm1vb28uY29tMRowGAYDVQQKDBFpZWI5b29wby5tb29vLmNvbTEaMBgG
A1UECwwRaWViOW9vcG8ubW9vby5jb20xGjAYBgNVBAMMEWllYjlvb3BvLm1vb28u
Y29tMSAwHgYJKoZIhvcNAQkBFhFpZWI5b29wby5tb29vLmNvbTAeFw0xNDExMjIx
MzQzNThaFw0yMDA1MTQxMzQzNThaMIG7MQswCQYDVQQGEwJERTEaMBgGA1UECAwR
aWViOW9vcG8ubW9vby5jb20xGjAYBgNVBAcMEWllYjlvb3BvLm1vb28uY29tMRow
GAYDVQQKDBFpZWI5b29wby5tb29vLmNvbTEaMBgGA1UECwwRaWViOW9vcG8ubW9v
by5jb20xGjAYBgNVBAMMEWllYjlvb3BvLm1vb28uY29tMSAwHgYJKoZIhvcNAQkB
FhFpZWI5b29wby5tb29vLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhcnkSifOMw5bd66UlvYVsc42H22Nuy64qhtJHtggofrwBooF38kRCBVFL8
9Xjzr0xsSshvO6p7E+CEUtA8v55l5vNbUTAvGP9WmzeZyZuCFg9Heo3orNMbIK7m
ppwKhwh6tFEIEpUTz/+xF5NRt0+CqcS4aNHuH3JPwNugfTBuSa86GeSaqL7K4eEZ
bZXqQ16Onvi0yyMqRJDp/ijRFxr2eKGPWb55kuRSET9PxVhlgRKULZkr39Dh9q1c
wb9lAMLMRZIzPVnyvC9jWkIqSDl5bkAAto0n1Jkw92rRp6EVKgSLA/4vl9wTb6xf
WfT5cs7pykAE0WXBr9TqpS3okncCAwEAAaNQME4wHQYDVR0OBBYEFGeEOHhWiKwZ
TGbc7uuK3DD7YjYZMB8GA1UdIwQYMBaAFGeEOHhWiKwZTGbc7uuK3DD7YjYZMAwG
A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAAzRA/0OpJtCO4kQkTn/hux9
dRi9T6B54Xav5jG53iAPLTeMxsaLkvweh2pZ3kvEUrQhvW0JF8QBrHTsgxzb4Wd6
FNDHSgJbZv3uCjFtWeuUh+GTG1k9uwgNIEnx7J9Vp0JCi4ezi/HMNI7c+LjinM9f
hrAzclkeRPLYg645DkxckLyDUbrc9v1qWFoTpezXSBPO7n3Wk4sCytdoA1FkTdXh
RF4BWCl/3uOxcrn0TqoC9vCh8RcxnllOiOO5j4+PQ1Z6NkQ/5oRCK/jjaWc3Lr6/
FicOZJe29BVnrPGynqe0Ky1o+kTdXFflKowfr7g8dwn8k9YavjtGbl1ZSHeuMF8=
-----END CERTIFICATE-----

24
installer/resources/certificates/ssl/link.mx24.eu.crt Normal file
View File

@@ -0,0 +1,24 @@
-----BEGIN CERTIFICATE-----
MIIEDzCCAvegAwIBAgIJAMsPNG1k0yV4MA0GCSqGSIb3DQEBCwUAMIGdMQswCQYD
VQQGEwJERTEVMBMGA1UECAwMbGluay5teDI0LmV1MRUwEwYDVQQHDAxsaW5rLm14
MjQuZXUxFTATBgNVBAoMDGxpbmsubXgyNC5ldTEVMBMGA1UECwwMbGluay5teDI0
LmV1MRUwEwYDVQQDDAxsaW5rLm14MjQuZXUxGzAZBgkqhkiG9w0BCQEWDGxpbmsu
bXgyNC5ldTAeFw0xNDExMTkxOTE4NTRaFw0yMDA1MTExOTE4NTRaMIGdMQswCQYD
VQQGEwJERTEVMBMGA1UECAwMbGluay5teDI0LmV1MRUwEwYDVQQHDAxsaW5rLm14
MjQuZXUxFTATBgNVBAoMDGxpbmsubXgyNC5ldTEVMBMGA1UECwwMbGluay5teDI0
LmV1MRUwEwYDVQQDDAxsaW5rLm14MjQuZXUxGzAZBgkqhkiG9w0BCQEWDGxpbmsu
bXgyNC5ldTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL8modDBRkyh
SHSm92pTfguO3F6n5ocsBJ4vaVoosYq3ILCsapjqmynMHZUef6gEB7+Gn5cKXsH2
JaKOeb8DHrOFCaxfj187x1QfZj1UNMQblx2T9q4th12tqp+k4JuLwgemr+2uAUpM
xx/uHRJXD0hf67+fHQFYNVfa+WvT46xlKGsWDQ0LBsA/z4YGnyeaV4PrS5nj3euA
IbdfDj7rJea3bfhSqYA1ZH1cquKlsXOOYO5cIcXsa5dxDWX51QS+i7+ocph+JN1X
dRh6ZirE9OXZVXwXXVRnJSYjgBlP/DQBdE7YkE1R3LyCVZsgxJaaLV/ujijOIK61
SqEhHvFNRe0CAwEAAaNQME4wHQYDVR0OBBYEFB6XRz6VZlrAE+3xL6AyKrkq+y2X
MB8GA1UdIwQYMBaAFB6XRz6VZlrAE+3xL6AyKrkq+y2XMAwGA1UdEwQFMAMBAf8w
DQYJKoZIhvcNAQELBQADggEBADhxBA5GHisDVf5a+1hIi7FBGBjJJLqzlaKh+bFB
gTCYfk3F4wYzndr1HpdCZSSYDtY3mXFNMWQCpwvwvy1DM+9AMRY68wKNXHa/WypW
zQSqTfEH8cdaIXUALB7pdWFVr3rx0f7/8I0Gj/ByUbJ94rzd22vduX5riY0Rag6B
dPtW0M9bJrC1AIjexzDcStupj9v/ceGYZQYC4zb2tZ7Ek/6q+vei8TxWZjku7Dl4
YRPXXufyB24uQ1hJVy2fSyIJ63tIRJoEFLBNaKDOB53i10xLWBcsJpXKY57AOQMn
flqW4HG8uGJ/o1WjhiOB9eI7T9toy08zNzt+kSI/blFIoek=
-----END CERTIFICATE-----

1
installer/resources/deletelist.txt
View File

@@ -4,6 +4,7 @@ certificates/r31453.ovh.net
certificates/75.145.125.59.crt
certificates/forum.i2p2.de.crt
certificates/cowpuncher.drollette.com.crt
certificates/ssl/i2p.feared.eu.crt
certificates/ssl/reseed.pkol.de.crt
# old translated proxy error pages
docs/ahelper-conflict-header_ar.ht

4
router/java/src/net/i2p/router/RouterVersion.java
View File

@@ -18,10 +18,10 @@ public class RouterVersion {
/** deprecated */
public final static String ID = "Monotone";
public final static String VERSION = CoreVersion.VERSION;
public final static long BUILD = 6;
public final static long BUILD = 10;
/** for example "-test" */
public final static String EXTRA = "";
public final static String EXTRA = "-rc";
public final static String FULL_VERSION = VERSION + "-" + BUILD + EXTRA;
public static void main(String args[]) {
System.out.println("I2P Router version: " + FULL_VERSION);

7
router/java/src/net/i2p/router/TunnelPoolSettings.java
View File

@@ -244,9 +244,10 @@ public class TunnelPoolSettings {
String name = (String) e.getKey();
String value = (String) e.getValue();
if (name.startsWith(prefix)) {
if (name.equalsIgnoreCase(prefix + PROP_ALLOW_ZERO_HOP))
_allowZeroHop = getBoolean(value, DEFAULT_ALLOW_ZERO_HOP);
else if (name.equalsIgnoreCase(prefix + PROP_BACKUP_QUANTITY))
if (name.equalsIgnoreCase(prefix + PROP_ALLOW_ZERO_HOP)) {
if (!_isExploratory)
_allowZeroHop = getBoolean(value, DEFAULT_ALLOW_ZERO_HOP);
} else if (name.equalsIgnoreCase(prefix + PROP_BACKUP_QUANTITY))
_backupQuantity = getInt(value, DEFAULT_BACKUP_QUANTITY);
//else if (name.equalsIgnoreCase(prefix + PROP_DURATION))
// _duration = getInt(value, DEFAULT_DURATION);

4
router/java/src/net/i2p/router/networkdb/kademlia/FloodfillMonitorJob.java
View File

@@ -87,6 +87,10 @@ class FloodfillMonitorJob extends JobImpl {
if (getContext().commSystem().isInBadCountry())
return false;
String country = getContext().commSystem().getOurCountry();
// anonymous proxy, satellite provider (not in bad country list)
if ("a1".equals(country) || "a2".equals(country))
return false;
// Only if up a while...
if (getContext().router().getUptime() < MIN_UPTIME)

9
router/java/src/net/i2p/router/networkdb/reseed/Reseeder.java
View File

@@ -70,9 +70,7 @@ public class Reseeder {
* URLs are constructed, and because SSLEepGet doesn't follow redirects.
*/
public static final String DEFAULT_SEED_URL =
//http://netdb.i2p2.de/" + "," +
"http://reseed.i2p-projekt.de/" + "," +
//"http://euve5653.vserver.de/netDb/" + "," +
"http://cowpuncher.drollette.com/netdb/" + "," +
"http://i2p.mooo.com/netDb/" + "," +
"http://193.150.121.66/netDb/" + "," +
@@ -83,14 +81,10 @@ public class Reseeder {
"http://jp.reseed.i2p2.no/" + "," +
"http://i2p-netdb.innovatio.no/" + "," +
"http://ieb9oopo.mooo.com/";
// Temp disabled since h2ik have been AWOL since 06-03-2013
//"http://i2p.feared.eu/";
/** @since 0.8.2 */
public static final String DEFAULT_SSL_SEED_URL =
//"https://netdb.i2p2.de/" + "," +
"https://reseed.i2p-projekt.de/" + "," +
//"https://euve5653.vserver.de/netDb/" + "," +
"https://cowpuncher.drollette.com/netdb/" + "," +
"https://i2p.mooo.com/netDb/" + "," +
"https://193.150.121.66/netDb/" + "," +
@@ -101,9 +95,8 @@ public class Reseeder {
"https://jp.reseed.i2p2.no:444/" + "," +
"https://i2p-netdb.innovatio.no/" + "," +
"https://ssl.webpack.de/ivae2he9.sg4.e-plaza.de/" + "," + // Only HTTPS and SU3 (v2) support
"https://link.mx24.eu/" + "," + // Only HTTPS and SU3 (v3) support
"https://ieb9oopo.mooo.com/";
// Temp disabled since h2ik have been AWOL since 06-03-2013
//"https://i2p.feared.eu/";
private static final String SU3_FILENAME = "i2pseeds.su3";

5
router/java/src/net/i2p/router/tunnel/pool/BuildRequestor.java
View File

@@ -165,7 +165,10 @@ abstract class BuildRequestor {
exec.buildComplete(cfg, pool);
// Not even an exploratory tunnel? We are in big trouble.
// Let's not spin through here too fast.
try { Thread.sleep(250); } catch (InterruptedException ie) {}
// But don't let a client tunnel waiting for exploratories slow things down too much,
// as there may be other tunnel pools who can build
int ms = pool.getSettings().isExploratory() ? 250 : 25;
try { Thread.sleep(ms); } catch (InterruptedException ie) {}
return false;
}

27
router/java/src/net/i2p/router/tunnel/pool/ClientPeerSelector.java
View File

@@ -37,6 +37,10 @@ class ClientPeerSelector extends TunnelPeerSelector {
Set<Hash> exclude = getExclude(settings.isInbound(), false);
Set<Hash> matches = new HashSet<Hash>(length);
if (length == 1) {
// closest-hop restrictions
Set<Hash> moreExclude = getClosestHopExclude(settings.isInbound());
if (moreExclude != null)
exclude.addAll(moreExclude);
ctx.profileOrganizer().selectFastPeers(length, exclude, matches, 0);
matches.remove(ctx.routerHash());
rv = new ArrayList<Hash>(matches);
@@ -47,10 +51,22 @@ class ClientPeerSelector extends TunnelPeerSelector {
rv = new ArrayList<Hash>(length + 1);
// OBEP or IB last hop
// group 0 or 1 if two hops, otherwise group 0
Set<Hash> firstHopExclude;
if (!settings.isInbound()) {
// exclude existing OBEPs to get some diversity
// exclude existing OBEPs to get some diversity ?
// closest-hop restrictions
Set<Hash> moreExclude = getClosestHopExclude(false);
if (moreExclude != null) {
moreExclude.addAll(exclude);
firstHopExclude = moreExclude;
} else {
firstHopExclude = exclude;
}
} else {
firstHopExclude = exclude;
}
ctx.profileOrganizer().selectFastPeers(1, exclude, matches, settings.getRandomKey(), length == 2 ? SLICE_0_1 : SLICE_0);
ctx.profileOrganizer().selectFastPeers(1, firstHopExclude, matches, settings.getRandomKey(), length == 2 ? SLICE_0_1 : SLICE_0);
matches.remove(ctx.routerHash());
exclude.addAll(matches);
rv.addAll(matches);
@@ -74,7 +90,12 @@ class ClientPeerSelector extends TunnelPeerSelector {
// IBGW or OB first hop
// group 2 or 3 if two hops, otherwise group 1
if (settings.isInbound()) {
// exclude existing IBGWs to get some diversity
// exclude existing IBGWs to get some diversity ?
// closest-hop restrictions
Set<Hash> moreExclude = getClosestHopExclude(true);
if (moreExclude != null)
exclude.addAll(moreExclude);
}
ctx.profileOrganizer().selectFastPeers(1, exclude, matches, settings.getRandomKey(), length == 2 ? SLICE_2_3 : SLICE_1);
matches.remove(ctx.routerHash());

7
router/java/src/net/i2p/router/tunnel/pool/ExploratoryPeerSelector.java
View File

@@ -42,6 +42,13 @@ class ExploratoryPeerSelector extends TunnelPeerSelector {
Set<Hash> exclude = getExclude(settings.isInbound(), true);
exclude.add(ctx.routerHash());
// closest-hop restrictions
// Since we're applying orderPeers() later, we don't know
// which will be the closest hop, so just appply to all peers for now.
Set<Hash> moreExclude = getClosestHopExclude(settings.isInbound());
if (moreExclude != null)
exclude.addAll(moreExclude);
// Don't use ff peers for exploratory tunnels to lessen exposure to netDb searches and stores
// Hmm if they don't get explored they don't get a speed/capacity rating
// so they don't get used for client tunnels either.

35
router/java/src/net/i2p/router/tunnel/pool/TunnelPeerSelector.java
View File

@@ -14,6 +14,7 @@ import java.util.StringTokenizer;
import net.i2p.I2PAppContext;
import net.i2p.crypto.SHA256Generator;
import net.i2p.crypto.SigType;
import net.i2p.data.DataFormatException;
import net.i2p.data.Hash;
import net.i2p.data.router.RouterInfo;
@@ -327,6 +328,40 @@ public abstract class TunnelPeerSelector {
return peers;
}
/**
* Pick peers that we want to avoid for the first OB hop or last IB hop.
* This is only filled in if our router sig type is not DSA.
*
* @param isInbound unused
* @return null if none
* @since 0.9.17
*/
protected Set<Hash> getClosestHopExclude(boolean isInbound) {
RouterInfo ri = ctx.router().getRouterInfo();
if (ri == null)
return null;
SigType type = ri.getIdentity().getSigType();
if (type == SigType.DSA_SHA1)
return null;
Set<Hash> rv = new HashSet<Hash>(1024);
FloodfillNetworkDatabaseFacade fac = (FloodfillNetworkDatabaseFacade)ctx.netDb();
List<RouterInfo> known = fac.getKnownRouterData();
if (known != null) {
for (int i = 0; i < known.size(); i++) {
RouterInfo peer = known.get(i);
String v = peer.getOption("router.version");
if (v == null)
continue;
// RI sigtypes added in 0.9.16
// SSU inbound connection bug fixed in 0.9.17, but it won't bid, so NTCP only,
// no need to check
if (VersionComparator.comp(v, "0.9.16") < 0)
rv.add(peer.getIdentity().calculateHash());
}
}
return rv;
}
/** warning, this is also called by ProfileOrganizer.isSelectable() */
public static boolean shouldExclude(RouterContext ctx, RouterInfo peer) {
Log log = ctx.logManager().getLog(TunnelPeerSelector.class);