From 15137d9b6232d60339b5b010dd903a8d96b07449 Mon Sep 17 00:00:00 2001 From: zzz Date: Mon, 17 Nov 2014 14:19:00 +0000 Subject: [PATCH 01/19] NetDB: Exclude A1/A2 "countries" from auto-floodfill --- .../i2p/router/networkdb/kademlia/FloodfillMonitorJob.java | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillMonitorJob.java b/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillMonitorJob.java index 2dae6fdd7..f3e84597d 100644 --- a/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillMonitorJob.java +++ b/router/java/src/net/i2p/router/networkdb/kademlia/FloodfillMonitorJob.java @@ -87,6 +87,10 @@ class FloodfillMonitorJob extends JobImpl { if (getContext().commSystem().isInBadCountry()) return false; + String country = getContext().commSystem().getOurCountry(); + // anonymous proxy, satellite provider (not in bad country list) + if ("a1".equals(country) || "a2".equals(country)) + return false; // Only if up a while... if (getContext().router().getUptime() < MIN_UPTIME) From f76744a0c05a0516d6d1653e424c57ba665e496b Mon Sep 17 00:00:00 2001 From: str4d Date: Fri, 21 Nov 2014 12:46:33 +0000 Subject: [PATCH 02/19] Improved SU3 news file specification --- .../src/net/i2p/router/news/NewsMetadata.java | 48 +++++++--- .../net/i2p/router/news/NewsXMLParser.java | 89 ++++++++++++------- .../net/i2p/router/update/NewsFetcher.java | 33 ++++--- 3 files changed, 119 insertions(+), 51 deletions(-) diff --git a/apps/routerconsole/java/src/net/i2p/router/news/NewsMetadata.java b/apps/routerconsole/java/src/net/i2p/router/news/NewsMetadata.java index 732b814a7..e418c8640 100644 --- a/apps/routerconsole/java/src/net/i2p/router/news/NewsMetadata.java +++ b/apps/routerconsole/java/src/net/i2p/router/news/NewsMetadata.java @@ -1,6 +1,7 @@ package net.i2p.router.news; import java.util.List; +import net.i2p.util.VersionComparator; /** * The update metadata. @@ -15,14 +16,41 @@ public class NewsMetadata { public String feedID; public long feedUpdated; - // I2P update metadata - public long date; - public String minVersion; - public String minJavaVersion; - public String i2pVersion; - public String sudTorrent; - public String su2Torrent; - public String su3Torrent; - public List su3Clearnet; - public List su3SSL; + // I2P metadata + public List releases; + + public static class Release implements Comparable { + public long date; + public String minVersion; + public String minJavaVersion; + public String i2pVersion; + public List updates; + + @Override + public int compareTo(Release other) { + // Sort latest version first. + return VersionComparator.comp(other.i2pVersion, i2pVersion); + } + } + + public static class Update implements Comparable { + public String type; + public List torrent; + public List clearnet; + public List ssl; + + @Override + public int compareTo(Update other) { + return Integer.compare(getTypeOrder(), other.getTypeOrder()); + } + + protected int getTypeOrder() { + if ("su3".equalsIgnoreCase(type)) + return 1; + else if ("su2".equalsIgnoreCase(type)) + return 2; + else + return 3; + } + } } diff --git a/apps/routerconsole/java/src/net/i2p/router/news/NewsXMLParser.java b/apps/routerconsole/java/src/net/i2p/router/news/NewsXMLParser.java index f3b01bdd9..e643643ce 100644 --- a/apps/routerconsole/java/src/net/i2p/router/news/NewsXMLParser.java +++ b/apps/routerconsole/java/src/net/i2p/router/news/NewsXMLParser.java @@ -15,6 +15,7 @@ import java.util.Set; import net.i2p.I2PAppContext; import net.i2p.util.Log; + import org.cybergarage.util.Debug; import org.cybergarage.xml.Attribute; import org.cybergarage.xml.Node; @@ -169,38 +170,63 @@ public class NewsXMLParser { } } - Node r = feed.getNode("i2p:release"); - if (r == null) + List releases = new ArrayList(); + List releaseNodes = getNodes(feed, "i2p:release"); + if (releaseNodes.size() == 0) throw new I2PParserException("no release data in XML"); - // release attributes - String a = r.getAttributeValue("date"); - if (a.length() > 0) { - long time = RFC3339Date.parse3339Date(a); - if (time > 0) - rv.date = time; - } - a = r.getAttributeValue("minVersion"); - if (a.length() > 0) - rv.minVersion = a; - a = r.getAttributeValue("minJavaVersion"); - if (a.length() > 0) - rv.minJavaVersion = a; - // release nodes - n = r.getNode("i2p:version"); - if (n != null) - rv.i2pVersion = n.getValue(); - List urls = getNodes(r, "i2p:torrent"); - for (Node t : urls) { - // returns "" for none - String href = t.getAttributeValue("href"); - if (href.length() > 0) { - String type = t.getAttributeValue("type"); - if (type.equals("su2")) - rv.su2Torrent = href; - else if (type.equals("su3")) - rv.su3Torrent = href; + for (Node r : releaseNodes) { + NewsMetadata.Release release = new NewsMetadata.Release(); + // release attributes + String a = r.getAttributeValue("date"); + if (a.length() > 0) { + long time = RFC3339Date.parse3339Date(a); + if (time > 0) + release.date = time; } + a = r.getAttributeValue("minVersion"); + if (a.length() > 0) + release.minVersion = a; + a = r.getAttributeValue("minJavaVersion"); + if (a.length() > 0) + release.minJavaVersion = a; + // release nodes + n = r.getNode("i2p:version"); + if (n != null) + release.i2pVersion = n.getValue(); + + List updates = new ArrayList(); + List updateNodes = getNodes(r, "i2p:update"); + for (Node u : updateNodes) { + // returns "" for none + String type = u.getAttributeValue("type"); + if (type.length() > 0) { + NewsMetadata.Update update = new NewsMetadata.Update(); + update.type = type; + int totalSources = 0; + + List torrents = new ArrayList(); + List torrentNodes = getNodes(u, "i2p:torrent"); + for (Node t : torrentNodes) { + // returns "" for none + String href = t.getAttributeValue("href"); + if (href.length() > 0) { + torrents.add(href); + } + } + update.torrent = torrents; + totalSources += torrents.size(); + + if (totalSources == 0) + throw new I2PParserException("no sources for update type " + type); + updates.add(update); + } + } + Collections.sort(updates); + release.updates = updates; + releases.add(release); } + Collections.sort(releases); + rv.releases = releases; return rv; } @@ -388,8 +414,9 @@ public class NewsXMLParser { parser.parse(new File(args[0])); NewsMetadata ud = parser.getMetadata(); List entries = parser.getEntries(); - System.out.println("Latest version is " + ud.i2pVersion); - System.out.println("Release timestamp: " + ud.date); + NewsMetadata.Release latestRelease = ud.releases.get(0); + System.out.println("Latest version is " + latestRelease.i2pVersion); + System.out.println("Release timestamp: " + latestRelease.date); System.out.println("Feed timestamp: " + ud.feedUpdated); System.out.println("Found " + entries.size() + " news entries"); for (int i = 0; i < entries.size(); i++) { diff --git a/apps/routerconsole/java/src/net/i2p/router/update/NewsFetcher.java b/apps/routerconsole/java/src/net/i2p/router/update/NewsFetcher.java index a17926ed3..063068cdc 100644 --- a/apps/routerconsole/java/src/net/i2p/router/update/NewsFetcher.java +++ b/apps/routerconsole/java/src/net/i2p/router/update/NewsFetcher.java @@ -459,22 +459,35 @@ class NewsFetcher extends UpdateRunner { */ private void outputOldNewsXML(NewsMetadata data, List entries, String sudVersion, String signingKeyName, File to) throws IOException { + NewsMetadata.Release latestRelease = data.releases.get(0); Writer out = null; try { out = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(to), "UTF-8")); out.write(" certificates/ssl/ link.mx24.eu.crt --> certificates/ssl/ The first one is a new ssl-cert as exchange for the current one. On http-server side the exchange will take place sometimes next year, until then the current existing ieb9oopo.mooo.com.crt is still valid. The second is a new reseed server from me. Reseeder.java: Please add to DEFAULT_SSL_SEED_URL: https://link.mx24.eu/ with this comment: // Only HTTPS and SU3 (v3) support Also the list can be cleaned up from these other dead servers: --- .../certificates/ssl/ieb9oopo.mooo.com2.crt | 25 +++++++++++++++++++ .../certificates/ssl/link.mx24.eu.crt | 24 ++++++++++++++++++ .../i2p/router/networkdb/reseed/Reseeder.java | 9 +------ 3 files changed, 50 insertions(+), 8 deletions(-) create mode 100644 installer/resources/certificates/ssl/ieb9oopo.mooo.com2.crt create mode 100644 installer/resources/certificates/ssl/link.mx24.eu.crt diff --git a/installer/resources/certificates/ssl/ieb9oopo.mooo.com2.crt b/installer/resources/certificates/ssl/ieb9oopo.mooo.com2.crt new file mode 100644 index 000000000..8be9eef8a --- /dev/null +++ b/installer/resources/certificates/ssl/ieb9oopo.mooo.com2.crt @@ -0,0 +1,25 @@ +-----BEGIN CERTIFICATE----- +MIIESzCCAzOgAwIBAgIJAKII1waVnWddMA0GCSqGSIb3DQEBCwUAMIG7MQswCQYD +VQQGEwJERTEaMBgGA1UECAwRaWViOW9vcG8ubW9vby5jb20xGjAYBgNVBAcMEWll +Yjlvb3BvLm1vb28uY29tMRowGAYDVQQKDBFpZWI5b29wby5tb29vLmNvbTEaMBgG +A1UECwwRaWViOW9vcG8ubW9vby5jb20xGjAYBgNVBAMMEWllYjlvb3BvLm1vb28u +Y29tMSAwHgYJKoZIhvcNAQkBFhFpZWI5b29wby5tb29vLmNvbTAeFw0xNDExMjIx +MzQzNThaFw0yMDA1MTQxMzQzNThaMIG7MQswCQYDVQQGEwJERTEaMBgGA1UECAwR +aWViOW9vcG8ubW9vby5jb20xGjAYBgNVBAcMEWllYjlvb3BvLm1vb28uY29tMRow +GAYDVQQKDBFpZWI5b29wby5tb29vLmNvbTEaMBgGA1UECwwRaWViOW9vcG8ubW9v +by5jb20xGjAYBgNVBAMMEWllYjlvb3BvLm1vb28uY29tMSAwHgYJKoZIhvcNAQkB +FhFpZWI5b29wby5tb29vLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAMhcnkSifOMw5bd66UlvYVsc42H22Nuy64qhtJHtggofrwBooF38kRCBVFL8 +9Xjzr0xsSshvO6p7E+CEUtA8v55l5vNbUTAvGP9WmzeZyZuCFg9Heo3orNMbIK7m +ppwKhwh6tFEIEpUTz/+xF5NRt0+CqcS4aNHuH3JPwNugfTBuSa86GeSaqL7K4eEZ +bZXqQ16Onvi0yyMqRJDp/ijRFxr2eKGPWb55kuRSET9PxVhlgRKULZkr39Dh9q1c +wb9lAMLMRZIzPVnyvC9jWkIqSDl5bkAAto0n1Jkw92rRp6EVKgSLA/4vl9wTb6xf +WfT5cs7pykAE0WXBr9TqpS3okncCAwEAAaNQME4wHQYDVR0OBBYEFGeEOHhWiKwZ +TGbc7uuK3DD7YjYZMB8GA1UdIwQYMBaAFGeEOHhWiKwZTGbc7uuK3DD7YjYZMAwG +A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAAzRA/0OpJtCO4kQkTn/hux9 +dRi9T6B54Xav5jG53iAPLTeMxsaLkvweh2pZ3kvEUrQhvW0JF8QBrHTsgxzb4Wd6 +FNDHSgJbZv3uCjFtWeuUh+GTG1k9uwgNIEnx7J9Vp0JCi4ezi/HMNI7c+LjinM9f +hrAzclkeRPLYg645DkxckLyDUbrc9v1qWFoTpezXSBPO7n3Wk4sCytdoA1FkTdXh +RF4BWCl/3uOxcrn0TqoC9vCh8RcxnllOiOO5j4+PQ1Z6NkQ/5oRCK/jjaWc3Lr6/ +FicOZJe29BVnrPGynqe0Ky1o+kTdXFflKowfr7g8dwn8k9YavjtGbl1ZSHeuMF8= +-----END CERTIFICATE----- diff --git a/installer/resources/certificates/ssl/link.mx24.eu.crt b/installer/resources/certificates/ssl/link.mx24.eu.crt new file mode 100644 index 000000000..8e0d910fc --- /dev/null +++ b/installer/resources/certificates/ssl/link.mx24.eu.crt @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIIEDzCCAvegAwIBAgIJAMsPNG1k0yV4MA0GCSqGSIb3DQEBCwUAMIGdMQswCQYD +VQQGEwJERTEVMBMGA1UECAwMbGluay5teDI0LmV1MRUwEwYDVQQHDAxsaW5rLm14 +MjQuZXUxFTATBgNVBAoMDGxpbmsubXgyNC5ldTEVMBMGA1UECwwMbGluay5teDI0 +LmV1MRUwEwYDVQQDDAxsaW5rLm14MjQuZXUxGzAZBgkqhkiG9w0BCQEWDGxpbmsu +bXgyNC5ldTAeFw0xNDExMTkxOTE4NTRaFw0yMDA1MTExOTE4NTRaMIGdMQswCQYD +VQQGEwJERTEVMBMGA1UECAwMbGluay5teDI0LmV1MRUwEwYDVQQHDAxsaW5rLm14 +MjQuZXUxFTATBgNVBAoMDGxpbmsubXgyNC5ldTEVMBMGA1UECwwMbGluay5teDI0 +LmV1MRUwEwYDVQQDDAxsaW5rLm14MjQuZXUxGzAZBgkqhkiG9w0BCQEWDGxpbmsu +bXgyNC5ldTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL8modDBRkyh +SHSm92pTfguO3F6n5ocsBJ4vaVoosYq3ILCsapjqmynMHZUef6gEB7+Gn5cKXsH2 +JaKOeb8DHrOFCaxfj187x1QfZj1UNMQblx2T9q4th12tqp+k4JuLwgemr+2uAUpM +xx/uHRJXD0hf67+fHQFYNVfa+WvT46xlKGsWDQ0LBsA/z4YGnyeaV4PrS5nj3euA +IbdfDj7rJea3bfhSqYA1ZH1cquKlsXOOYO5cIcXsa5dxDWX51QS+i7+ocph+JN1X +dRh6ZirE9OXZVXwXXVRnJSYjgBlP/DQBdE7YkE1R3LyCVZsgxJaaLV/ujijOIK61 +SqEhHvFNRe0CAwEAAaNQME4wHQYDVR0OBBYEFB6XRz6VZlrAE+3xL6AyKrkq+y2X +MB8GA1UdIwQYMBaAFB6XRz6VZlrAE+3xL6AyKrkq+y2XMAwGA1UdEwQFMAMBAf8w +DQYJKoZIhvcNAQELBQADggEBADhxBA5GHisDVf5a+1hIi7FBGBjJJLqzlaKh+bFB +gTCYfk3F4wYzndr1HpdCZSSYDtY3mXFNMWQCpwvwvy1DM+9AMRY68wKNXHa/WypW +zQSqTfEH8cdaIXUALB7pdWFVr3rx0f7/8I0Gj/ByUbJ94rzd22vduX5riY0Rag6B +dPtW0M9bJrC1AIjexzDcStupj9v/ceGYZQYC4zb2tZ7Ek/6q+vei8TxWZjku7Dl4 +YRPXXufyB24uQ1hJVy2fSyIJ63tIRJoEFLBNaKDOB53i10xLWBcsJpXKY57AOQMn +flqW4HG8uGJ/o1WjhiOB9eI7T9toy08zNzt+kSI/blFIoek= +-----END CERTIFICATE----- diff --git a/router/java/src/net/i2p/router/networkdb/reseed/Reseeder.java b/router/java/src/net/i2p/router/networkdb/reseed/Reseeder.java index b494a441c..79338d8f6 100644 --- a/router/java/src/net/i2p/router/networkdb/reseed/Reseeder.java +++ b/router/java/src/net/i2p/router/networkdb/reseed/Reseeder.java @@ -70,9 +70,7 @@ public class Reseeder { * URLs are constructed, and because SSLEepGet doesn't follow redirects. */ public static final String DEFAULT_SEED_URL = - //http://netdb.i2p2.de/" + "," + "http://reseed.i2p-projekt.de/" + "," + - //"http://euve5653.vserver.de/netDb/" + "," + "http://cowpuncher.drollette.com/netdb/" + "," + "http://i2p.mooo.com/netDb/" + "," + "http://193.150.121.66/netDb/" + "," + @@ -83,14 +81,10 @@ public class Reseeder { "http://jp.reseed.i2p2.no/" + "," + "http://i2p-netdb.innovatio.no/" + "," + "http://ieb9oopo.mooo.com/"; - // Temp disabled since h2ik have been AWOL since 06-03-2013 - //"http://i2p.feared.eu/"; /** @since 0.8.2 */ public static final String DEFAULT_SSL_SEED_URL = - //"https://netdb.i2p2.de/" + "," + "https://reseed.i2p-projekt.de/" + "," + - //"https://euve5653.vserver.de/netDb/" + "," + "https://cowpuncher.drollette.com/netdb/" + "," + "https://i2p.mooo.com/netDb/" + "," + "https://193.150.121.66/netDb/" + "," + @@ -101,9 +95,8 @@ public class Reseeder { "https://jp.reseed.i2p2.no:444/" + "," + "https://i2p-netdb.innovatio.no/" + "," + "https://ssl.webpack.de/ivae2he9.sg4.e-plaza.de/" + "," + // Only HTTPS and SU3 (v2) support + "https://link.mx24.eu/" + "," + // Only HTTPS and SU3 (v3) support "https://ieb9oopo.mooo.com/"; - // Temp disabled since h2ik have been AWOL since 06-03-2013 - //"https://i2p.feared.eu/"; private static final String SU3_FILENAME = "i2pseeds.su3"; From 77e7982e7438f22fceae2a844cdf571964d3c27f Mon Sep 17 00:00:00 2001 From: zzz Date: Sun, 23 Nov 2014 14:24:22 +0000 Subject: [PATCH 12/19] Drop i2p.feared.eu ssl cert for reseed --- .../certificates/ssl/i2p.feared.eu.crt | 21 ------------------- installer/resources/deletelist.txt | 1 + 2 files changed, 1 insertion(+), 21 deletions(-) delete mode 100644 installer/resources/certificates/ssl/i2p.feared.eu.crt diff --git a/installer/resources/certificates/ssl/i2p.feared.eu.crt b/installer/resources/certificates/ssl/i2p.feared.eu.crt deleted file mode 100644 index 628c6290c..000000000 --- a/installer/resources/certificates/ssl/i2p.feared.eu.crt +++ /dev/null @@ -1,21 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDhTCCAm2gAwIBAgIJAPVgXcMcr3zqMA0GCSqGSIb3DQEBBQUAMFkxCzAJBgNV -BAYTAkVVMQ8wDQYDVQQIDAZFdXJvcGUxDDAKBgNVBAoMA0kyUDETMBEGA1UECwwK -T3V0cHJveGllczEWMBQGA1UEAwwNaTJwLmZlYXJlZC5ldTAeFw0xMjEwMjkxNzMw -MDZaFw0yMTAxMTUxNzMwMDZaMFkxCzAJBgNVBAYTAkVVMQ8wDQYDVQQIDAZFdXJv -cGUxDDAKBgNVBAoMA0kyUDETMBEGA1UECwwKT3V0cHJveGllczEWMBQGA1UEAwwN -aTJwLmZlYXJlZC5ldTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOUh -y2+6Q4RO+b5WPXX/cZ/9fiI7aWGe/C7z0083HOEqnkgGCYgxFWUCed6/eZbYoZ7/ -PV1BAuEereNwTp+Ov7fQB2H73O9sSAEejW6O4C2PZiZWaPxpZiTJNENbLOZxJnIN -+fSqmA5pqvGkYAJ2heZH4v4tayun7Vib58GWuizhzJ4EvhOrOrLq/YHrxMn++r4e -kNNbq4QzWpfxNa7ocDY9OJh5qFzuc+6wKj1m1syK6euDqs5d6X+y0aDTMgRxey2b -tkmNx9wC0flLg1oMcv9o1zN+dENy7Inkd/SqbSjLUqDTJzdq6xURVsgLoV63pb6r -B4gbGIlriYWK/mOPTTkCAwEAAaNQME4wHQYDVR0OBBYEFOI94JZ3Rb2RVmr8QjOp -u3KfVSrNMB8GA1UdIwQYMBaAFOI94JZ3Rb2RVmr8QjOpu3KfVSrNMAwGA1UdEwQF -MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAD7bI05zg9nf9qanq4ZNw/rvEzYQRBmy -MqzZjcwBMGvbcEbS+zYAdAkfxmN3l/AT4I4z138Om0ud4ZJUQTVlRsJkMlmLD4Rt -Jbi2rl7mrY7Qupgu5hvgH+ZaEWr7LTq+tFjPycRS+zijw9NToKeAsgEex9zYIOYD -BxDUn/trvyA41ItvegWh803IsZUBb45Via+bopid9aFFkejRrck9hhcQ6fVh2yju -nuVwHrxNvGc0NmmJ7zI+nPESFS+TAYbWXikDhc5Vtyiuoz47WZU1cgXYYMejK4WA -+3GLvei7qKm4GOJSg7BngF5Iyj/n7ML1rBqTlN3KA1YOgpGCwJlKzto= ------END CERTIFICATE----- diff --git a/installer/resources/deletelist.txt b/installer/resources/deletelist.txt index 513bfe167..c72a26515 100644 --- a/installer/resources/deletelist.txt +++ b/installer/resources/deletelist.txt @@ -4,6 +4,7 @@ certificates/r31453.ovh.net certificates/75.145.125.59.crt certificates/forum.i2p2.de.crt certificates/cowpuncher.drollette.com.crt +certificates/ssl/i2p.feared.eu.crt certificates/ssl/reseed.pkol.de.crt # old translated proxy error pages docs/ahelper-conflict-header_ar.ht From fd47cb88de23f057d4d88844543a610c8053df4d Mon Sep 17 00:00:00 2001 From: zzz Date: Mon, 24 Nov 2014 14:15:44 +0000 Subject: [PATCH 13/19] i2ptunnel: Fix automatic setting of random key --- apps/i2ptunnel/java/src/net/i2p/i2ptunnel/web/IndexBean.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/web/IndexBean.java b/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/web/IndexBean.java index 8deb1ac99..a1a8490b2 100644 --- a/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/web/IndexBean.java +++ b/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/web/IndexBean.java @@ -1339,10 +1339,10 @@ public class IndexBean { // as of 0.9.17, add a random key if not previously present byte[] rk = new byte[32]; _context.random().nextBytes(rk); - config.setProperty(OPT + p, Base64.encode(rk)); + config.setProperty(p, Base64.encode(rk)); p = OPT + "outbound.randomKey"; _context.random().nextBytes(rk); - config.setProperty(OPT + p, Base64.encode(rk)); + config.setProperty(p, Base64.encode(rk)); } } From 5f2b620819f6c30d92347652dd1c620de8367f9c Mon Sep 17 00:00:00 2001 From: zzz Date: Mon, 24 Nov 2014 14:26:53 +0000 Subject: [PATCH 14/19] PrivateKeyFile: Don't rewrite file in main() if no options --- core/java/src/net/i2p/data/PrivateKeyFile.java | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/core/java/src/net/i2p/data/PrivateKeyFile.java b/core/java/src/net/i2p/data/PrivateKeyFile.java index 42a26ef36..4e1a6d74a 100644 --- a/core/java/src/net/i2p/data/PrivateKeyFile.java +++ b/core/java/src/net/i2p/data/PrivateKeyFile.java @@ -169,9 +169,11 @@ public class PrivateKeyFile { usage(); return; } - System.out.println(pkf); - pkf.write(); - verifySignature(pkf.getDestination()); + if (mode != 0) { + System.out.println(pkf); + pkf.write(); + verifySignature(pkf.getDestination()); + } } catch (Exception e) { e.printStackTrace(); System.exit(1); From a38bd0b5cf666282c11c304d28597075f982d855 Mon Sep 17 00:00:00 2001 From: zzz Date: Wed, 26 Nov 2014 16:06:09 +0000 Subject: [PATCH 15/19] Data: Fix NPE on unknown sig type in destination Fix hashcode and equals for typed data --- core/java/src/net/i2p/data/Signature.java | 21 +++++++++++++ .../src/net/i2p/data/SigningPrivateKey.java | 21 +++++++++++++ .../src/net/i2p/data/SigningPublicKey.java | 30 +++++++++++++++++-- 3 files changed, 69 insertions(+), 3 deletions(-) diff --git a/core/java/src/net/i2p/data/Signature.java b/core/java/src/net/i2p/data/Signature.java index 1338cb664..05d24e51d 100644 --- a/core/java/src/net/i2p/data/Signature.java +++ b/core/java/src/net/i2p/data/Signature.java @@ -9,6 +9,8 @@ package net.i2p.data; * */ +import java.util.Arrays; + import net.i2p.crypto.SigType; /** @@ -102,4 +104,23 @@ public class Signature extends SimpleDataStructure { buf.append(']'); return buf.toString(); } + + /** + * @since 0.9.17 + */ + @Override + public int hashCode() { + return DataHelper.hashCode(_type) ^ super.hashCode(); + } + + /** + * @since 0.9.17 + */ + @Override + public boolean equals(Object obj) { + if (obj == this) return true; + if (obj == null || !(obj instanceof Signature)) return false; + Signature s = (Signature) obj; + return _type == s._type && Arrays.equals(_data, s._data); + } } diff --git a/core/java/src/net/i2p/data/SigningPrivateKey.java b/core/java/src/net/i2p/data/SigningPrivateKey.java index 07b8969e3..fcc9b2dc8 100644 --- a/core/java/src/net/i2p/data/SigningPrivateKey.java +++ b/core/java/src/net/i2p/data/SigningPrivateKey.java @@ -9,6 +9,8 @@ package net.i2p.data; * */ +import java.util.Arrays; + import net.i2p.crypto.KeyGenerator; import net.i2p.crypto.SigType; @@ -104,4 +106,23 @@ public class SigningPrivateKey extends SimpleDataStructure { buf.append(']'); return buf.toString(); } + + /** + * @since 0.9.17 + */ + @Override + public int hashCode() { + return DataHelper.hashCode(_type) ^ super.hashCode(); + } + + /** + * @since 0.9.17 + */ + @Override + public boolean equals(Object obj) { + if (obj == this) return true; + if (obj == null || !(obj instanceof SigningPrivateKey)) return false; + SigningPrivateKey s = (SigningPrivateKey) obj; + return _type == s._type && Arrays.equals(_data, s._data); + } } diff --git a/core/java/src/net/i2p/data/SigningPublicKey.java b/core/java/src/net/i2p/data/SigningPublicKey.java index 386deadac..860985d4b 100644 --- a/core/java/src/net/i2p/data/SigningPublicKey.java +++ b/core/java/src/net/i2p/data/SigningPublicKey.java @@ -12,6 +12,7 @@ package net.i2p.data; import java.io.InputStream; import java.io.IOException; import java.io.OutputStream; +import java.util.Arrays; import net.i2p.crypto.SigType; @@ -113,7 +114,8 @@ public class SigningPublicKey extends SimpleDataStructure { } /** - * Up-convert this from an untyped (type 0) SPK to a typed SPK based on the Key Cert given + * Up-convert this from an untyped (type 0) SPK to a typed SPK based on the Key Cert given. + * The type of the returned key will be null if the kcert sigtype is null. * * @throws IllegalArgumentException if this is already typed to a different type * @since 0.9.12 @@ -126,6 +128,9 @@ public class SigningPublicKey extends SimpleDataStructure { return this; if (_type != SigType.DSA_SHA1) throw new IllegalArgumentException("Cannot convert " + _type + " to " + newType); + // unknown type, keep the 128 bytes of data + if (newType == null) + return new SigningPublicKey(null, _data); int newLen = newType.getPubkeyLen(); if (newLen == SigType.DSA_SHA1.getPubkeyLen()) return new SigningPublicKey(newType, _data); @@ -145,7 +150,7 @@ public class SigningPublicKey extends SimpleDataStructure { * Get the portion of this (type 0) SPK that is really padding based on the Key Cert type given, * if any * - * @return leading padding length > 0 or null + * @return leading padding length > 0 or null if no padding or type is unknown * @throws IllegalArgumentException if this is already typed to a different type * @since 0.9.12 */ @@ -153,7 +158,7 @@ public class SigningPublicKey extends SimpleDataStructure { if (_data == null) throw new IllegalStateException(); SigType newType = kcert.getSigType(); - if (_type == newType) + if (_type == newType || newType == null) return null; if (_type != SigType.DSA_SHA1) throw new IllegalStateException("Cannot convert " + _type + " to " + newType); @@ -200,4 +205,23 @@ public class SigningPublicKey extends SimpleDataStructure { public static void clearCache() { _cache.clear(); } + + /** + * @since 0.9.17 + */ + @Override + public int hashCode() { + return DataHelper.hashCode(_type) ^ super.hashCode(); + } + + /** + * @since 0.9.17 + */ + @Override + public boolean equals(Object obj) { + if (obj == this) return true; + if (obj == null || !(obj instanceof SigningPublicKey)) return false; + SigningPublicKey s = (SigningPublicKey) obj; + return _type == s._type && Arrays.equals(_data, s._data); + } } From 9700f30c35087dd0fdcd5a7e2ef91c4e1a847c59 Mon Sep 17 00:00:00 2001 From: zzz Date: Wed, 26 Nov 2014 16:18:37 +0000 Subject: [PATCH 16/19] Tunnels: Disallow changing allowZeroHop setting for exploratory --- router/java/src/net/i2p/router/TunnelPoolSettings.java | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/router/java/src/net/i2p/router/TunnelPoolSettings.java b/router/java/src/net/i2p/router/TunnelPoolSettings.java index 481836d17..fd718e479 100644 --- a/router/java/src/net/i2p/router/TunnelPoolSettings.java +++ b/router/java/src/net/i2p/router/TunnelPoolSettings.java @@ -244,9 +244,10 @@ public class TunnelPoolSettings { String name = (String) e.getKey(); String value = (String) e.getValue(); if (name.startsWith(prefix)) { - if (name.equalsIgnoreCase(prefix + PROP_ALLOW_ZERO_HOP)) - _allowZeroHop = getBoolean(value, DEFAULT_ALLOW_ZERO_HOP); - else if (name.equalsIgnoreCase(prefix + PROP_BACKUP_QUANTITY)) + if (name.equalsIgnoreCase(prefix + PROP_ALLOW_ZERO_HOP)) { + if (!_isExploratory) + _allowZeroHop = getBoolean(value, DEFAULT_ALLOW_ZERO_HOP); + } else if (name.equalsIgnoreCase(prefix + PROP_BACKUP_QUANTITY)) _backupQuantity = getInt(value, DEFAULT_BACKUP_QUANTITY); //else if (name.equalsIgnoreCase(prefix + PROP_DURATION)) // _duration = getInt(value, DEFAULT_DURATION); From 285fa6cbc9e1a183267d4f30acc1fa4b328d5305 Mon Sep 17 00:00:00 2001 From: zzz Date: Wed, 26 Nov 2014 17:32:56 +0000 Subject: [PATCH 17/19] BuildRequestor: Reduce delay when client build can't find a paired tunnel (possible fix for ticket #1412) --- history.txt | 15 +++++++++++++++ router/java/src/net/i2p/router/RouterVersion.java | 2 +- .../i2p/router/tunnel/pool/BuildRequestor.java | 5 ++++- 3 files changed, 20 insertions(+), 2 deletions(-) diff --git a/history.txt b/history.txt index 7a6560702..ff226665e 100644 --- a/history.txt +++ b/history.txt @@ -1,3 +1,18 @@ +2014-11-26 zzz + * BuildRequestor: Reduce delay when client build can't find + a paired tunnel (ticket #1412) + * Data: + - Fix NPE on unknown sig type in destination + - Fix hashcode and equals for typed data + * Tunnels: Disallow changing allowZeroHop setting for exploratory + +2014-11-24 zzz + * i2ptunnel: Fix automatic setting of random key + * PrivateKeyFile: Don't rewrite file in main() if no options + +2014-11-23 zzz + * Reseed hosts update + 2014-11-22 zzz * PeerSelector: If non-DSA, don't use incompatible peers for exploratory tunnels or closest-hop in client tunnels diff --git a/router/java/src/net/i2p/router/RouterVersion.java b/router/java/src/net/i2p/router/RouterVersion.java index 47667df53..895e8eb46 100644 --- a/router/java/src/net/i2p/router/RouterVersion.java +++ b/router/java/src/net/i2p/router/RouterVersion.java @@ -18,7 +18,7 @@ public class RouterVersion { /** deprecated */ public final static String ID = "Monotone"; public final static String VERSION = CoreVersion.VERSION; - public final static long BUILD = 9; + public final static long BUILD = 10; /** for example "-test" */ public final static String EXTRA = "-rc"; diff --git a/router/java/src/net/i2p/router/tunnel/pool/BuildRequestor.java b/router/java/src/net/i2p/router/tunnel/pool/BuildRequestor.java index 31aaa8665..084a62c23 100644 --- a/router/java/src/net/i2p/router/tunnel/pool/BuildRequestor.java +++ b/router/java/src/net/i2p/router/tunnel/pool/BuildRequestor.java @@ -166,7 +166,10 @@ abstract class BuildRequestor { exec.buildComplete(cfg, pool); // Not even an exploratory tunnel? We are in big trouble. // Let's not spin through here too fast. - try { Thread.sleep(250); } catch (InterruptedException ie) {} + // But don't let a client tunnel waiting for exploratories slow things down too much, + // as there may be other tunnel pools who can build + int ms = pool.getSettings().isExploratory() ? 250 : 25; + try { Thread.sleep(ms); } catch (InterruptedException ie) {} return false; } From 59996906652b1ed1d72d7f1dba3e9590fae76d53 Mon Sep 17 00:00:00 2001 From: zzz Date: Thu, 27 Nov 2014 12:55:16 +0000 Subject: [PATCH 18/19] link ECDSA warning to wiki help page --- .../java/src/net/i2p/router/web/SummaryBarRenderer.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/routerconsole/java/src/net/i2p/router/web/SummaryBarRenderer.java b/apps/routerconsole/java/src/net/i2p/router/web/SummaryBarRenderer.java index 3a40b8283..03dcfefe8 100644 --- a/apps/routerconsole/java/src/net/i2p/router/web/SummaryBarRenderer.java +++ b/apps/routerconsole/java/src/net/i2p/router/web/SummaryBarRenderer.java @@ -348,8 +348,8 @@ public class SummaryBarRenderer { .append(_helper.getReachability()) .append("\n"); if (!SigType.ECDSA_SHA256_P256.isAvailable()) { - buf.append("
\n

\n

") .append(_("Warning: ECDSA is not available. Update your Java or OS")) .append("

\n"); From be8832e87f7e52340d62f97b830660c99c75098a Mon Sep 17 00:00:00 2001 From: zzz Date: Thu, 27 Nov 2014 18:17:07 +0000 Subject: [PATCH 19/19] link to Russian version of ECDSA help page --- .../java/src/net/i2p/router/web/SummaryBarRenderer.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/apps/routerconsole/java/src/net/i2p/router/web/SummaryBarRenderer.java b/apps/routerconsole/java/src/net/i2p/router/web/SummaryBarRenderer.java index 03dcfefe8..f10d6858f 100644 --- a/apps/routerconsole/java/src/net/i2p/router/web/SummaryBarRenderer.java +++ b/apps/routerconsole/java/src/net/i2p/router/web/SummaryBarRenderer.java @@ -348,7 +348,10 @@ public class SummaryBarRenderer { .append(_helper.getReachability()) .append("

\n"); if (!SigType.ECDSA_SHA256_P256.isAvailable()) { - buf.append("
\n

\n

") .append(_("Warning: ECDSA is not available. Update your Java or OS"))