Merge pull request #1825 from PurpleI2P/openssl

recent changes

daemon/HTTPServer.cpp

@@ -248,6 +248,9 @@ namespace http {
 				case eRouterErrorSymmetricNAT:
 					s << " - " << tr("Symmetric NAT");
 				break;
+				case eRouterErrorNoDescriptors:
+					s << " - " << tr("No Descriptors");
+				break;
 				default: ;
 			}
 		}
@@ -299,43 +302,48 @@ namespace http {
 		if ((outputFormat == OutputFormatEnum::forWebConsole) || !includeHiddenContent) {
 			s << "<label for=\"slide-info\">" << tr("Hidden content. Press on text to see.") << "</label>\r\n<input type=\"checkbox\" id=\"slide-info\" />\r\n<div class=\"slidecontent\">\r\n";
 		}
-		if (includeHiddenContent) {
+		if (includeHiddenContent) 
+		{
 			s << "<b>" << tr("Router Ident") << ":</b> " << i2p::context.GetRouterInfo().GetIdentHashBase64() << "<br>\r\n";
 			if (!i2p::context.GetRouterInfo().GetProperty("family").empty())
 				s << "<b>" << tr("Router Family") << ":</b> " << i2p::context.GetRouterInfo().GetProperty("family") << "<br>\r\n";
 			s << "<b>" << tr("Router Caps") << ":</b> " << i2p::context.GetRouterInfo().GetProperty("caps") << "<br>\r\n";
 			s << "<b>" << tr("Version") << ":</b> " VERSION "<br>\r\n";
 			s << "<b>"<< tr("Our external address") << ":</b>" << "<br>\r\n<table class=\"extaddr\"><tbody>\r\n";
-			for (const auto& address : i2p::context.GetRouterInfo().GetAddresses())
+			auto addresses = i2p::context.GetRouterInfo().GetAddresses ();
+			if (addresses)
 			{	
-				s << "<tr>\r\n<td>";
+				for (const auto& address : *addresses)
-				switch (address->transportStyle)
 				{
-					case i2p::data::RouterInfo::eTransportNTCP2:
+					s << "<tr>\r\n<td>";
-						s << "NTCP2";
+					switch (address->transportStyle)
-					break;
+					{
-					case i2p::data::RouterInfo::eTransportSSU2:
+						case i2p::data::RouterInfo::eTransportNTCP2:
-						s << "SSU2";
+							s << "NTCP2";
-					break;
+						break;
-					default:
+						case i2p::data::RouterInfo::eTransportSSU2:
-						s << tr("Unknown");
+							s << "SSU2";
-				}
+						break;
-				if (address->IsV6 ())
+						default:
-				{
+							s << tr("Unknown");
-					if (address->IsV4 ()) s << "v4";
+					}
-					s << "v6";
+					if (address->IsV6 ())
-				}
+					{
-				s << "</td>\r\n";
+						if (address->IsV4 ()) s << "v4";
-				if (address->published)
+						s << "v6";
-					s << "<td>" << address->host.to_string() << ":" << address->port << "</td>\r\n";
+					}
-				else
-				{
-					s << "<td>" << tr("supported");
-					if (address->port)
-						s << " :" << address->port;
 					s << "</td>\r\n";
+					if (address->published)
+						s << "<td>" << address->host.to_string() << ":" << address->port << "</td>\r\n";
+					else
+					{
+						s << "<td>" << tr("supported");
+						if (address->port)
+							s << " :" << address->port;
+						s << "</td>\r\n";
+					}
+					s << "</tr>\r\n";
 				}
-				s << "</tr>\r\n";
 			}	
 			s << "</tbody></table>\r\n";
 		}

daemon/UPnP.cpp

@@ -159,8 +159,9 @@ namespace transport
 
 	void UPnP::PortMapping ()
 	{
-		const auto& a = context.GetRouterInfo().GetAddresses();
+		auto a = context.GetRouterInfo().GetAddresses();
-		for (const auto& address : a)
+		if (!a) return;
+		for (const auto& address : *a)
 		{
 			if (!address->host.is_v6 () && address->port)
 				TryPortMapping (address);
@@ -210,8 +211,9 @@ namespace transport
 
 	void UPnP::CloseMapping ()
 	{
-		const auto& a = context.GetRouterInfo().GetAddresses();
+		auto a = context.GetRouterInfo().GetAddresses();
-		for (const auto& address : a)
+		if (!a) return;
+		for (const auto& address : *a)
 		{
 			if (!address->host.is_v6 () && address->port)
 			CloseMapping (address);

libi2pd/Gzip.cpp

@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2013-2020, The PurpleI2P Project
+* Copyright (c) 2013-2022, The PurpleI2P Project
 *
 * This file is part of Purple i2pd project and licensed under BSD3
 *
@@ -57,7 +57,8 @@ namespace data
 			if ((err = inflate (&m_Inflator, Z_NO_FLUSH)) == Z_STREAM_END)
 				return outLen - m_Inflator.avail_out;
 			// else
-			LogPrint (eLogError, "Gzip: Inflate error ", err);
+			if (err)
+				LogPrint (eLogError, "Gzip: Inflate error ", err);
 			return 0;
 		}
 	}
@@ -128,7 +129,8 @@ namespace data
 			return outLen - m_Deflator.avail_out;
 		}
 		// else
-		LogPrint (eLogError, "Gzip: Deflate error ", err);
+		if (err)
+			LogPrint (eLogError, "Gzip: Deflate error ", err);
 		return 0;
 	}
 
@@ -158,7 +160,8 @@ namespace data
 			offset = outLen - m_Deflator.avail_out;
 		}
 		// else
-		LogPrint (eLogError, "Gzip: Deflate error ", err);
+		if (err)
+			LogPrint (eLogError, "Gzip: Deflate error ", err);
 		return 0;
 	}
 

libi2pd/NTCP2.cpp

@@ -1210,8 +1210,9 @@ namespace transport
 			else
 				LogPrint(eLogInfo, "NTCP2: Proxy is not used");
 			// start acceptors
-			auto& addresses = context.GetRouterInfo ().GetAddresses ();
+			auto addresses = context.GetRouterInfo ().GetAddresses ();
-			for (const auto& address: addresses)
+			if (!addresses) return;
+			for (const auto& address: *addresses)
 			{
 				if (!address) continue;
 				if (address->IsPublishedNTCP2 () && address->port)
@@ -1424,7 +1425,14 @@ namespace transport
 				LogPrint (eLogError, "NTCP2: Connected from error ", ec.message ());
 		}
 		else
+		{	
 			LogPrint (eLogError, "NTCP2: Accept error ", error.message ());
+			if (error == boost::asio::error::no_descriptors)
+			{
+				i2p::context.SetError (eRouterErrorNoDescriptors);
+				return; 
+			}	
+		}	
 		
 		if (error != boost::asio::error::operation_aborted)
 		{			
@@ -1456,6 +1464,15 @@ namespace transport
 			else
 				LogPrint (eLogError, "NTCP2: Connected from error ", ec.message ());
 		}
+		else
+		{	
+			LogPrint (eLogError, "NTCP2: Accept ipv6 error ", error.message ());
+			if (error == boost::asio::error::no_descriptors)
+			{
+				i2p::context.SetErrorV6 (eRouterErrorNoDescriptors);
+				return; 
+			}	
+		}	
 
 		if (error != boost::asio::error::operation_aborted)
 		{
@@ -1500,8 +1517,24 @@ namespace transport
 				else
 					it++;
 			}
-
 			ScheduleTermination ();
+			
+			// try to restart acceptors if no description
+			// we do it after timer to let timer take descriptor first 
+			if (i2p::context.GetError () == eRouterErrorNoDescriptors)
+			{
+				i2p::context.SetError (eRouterErrorNone);
+				auto conn = std::make_shared<NTCP2Session> (*this);
+				m_NTCP2Acceptor->async_accept(conn->GetSocket (), std::bind (&NTCP2Server::HandleAccept, this,
+					conn, std::placeholders::_1));
+			}	
+			if (i2p::context.GetErrorV6 () == eRouterErrorNoDescriptors)
+			{
+				i2p::context.SetErrorV6 (eRouterErrorNone);
+				auto conn = std::make_shared<NTCP2Session> (*this);
+				m_NTCP2V6Acceptor->async_accept(conn->GetSocket (), std::bind (&NTCP2Server::HandleAcceptV6, this,
+					conn, std::placeholders::_1));
+			}	
 		}
 	}
 

libi2pd/NetDb.cpp

@@ -603,6 +603,7 @@ namespace data
 		uint64_t expirationTimeout = NETDB_MAX_EXPIRATION_TIMEOUT*1000LL;
 		uint64_t ts = i2p::util::GetMillisecondsSinceEpoch();
 		auto uptime = i2p::context.GetUptime ();
+		bool isLowRate = i2p::tunnel::tunnels.GetTunnelCreationSuccessRate () < NETDB_MIN_TUNNEL_CREATION_SUCCESS_RATE;
 		// routers don't expire if less than 90 or uptime is less than 1 hour
 		bool checkForExpiration = total > NETDB_MIN_ROUTERS && uptime > 600; // 10 minutes
 		if (checkForExpiration && uptime > 3600) // 1 hour
@@ -624,7 +625,7 @@ namespace data
 				continue;
 			}
 			// make router reachable back if too few routers or floodfills
-			if (it.second->IsUnreachable () && (total - deletedCount < NETDB_MIN_ROUTERS ||
+			if (it.second->IsUnreachable () && (total - deletedCount < NETDB_MIN_ROUTERS || isLowRate ||
 				(it.second->IsFloodfill () && totalFloodfills - deletedFloodfillsCount < NETDB_MIN_FLOODFILLS)))
 				it.second->SetUnreachable (false);
 			// find & mark expired routers
@@ -650,6 +651,7 @@ namespace data
 
 		m_RouterInfoBuffersPool.CleanUpMt ();
 		m_RouterInfoAddressesPool.CleanUpMt ();
+		m_RouterInfoAddressVectorsPool.CleanUpMt ();	
 			
 		if (updatedCount > 0)
 			LogPrint (eLogInfo, "NetDb: Saved ", updatedCount, " new/updated routers");

libi2pd/NetDb.hpp

@@ -38,6 +38,7 @@ namespace data
 {
 	const int NETDB_MIN_ROUTERS = 90;
 	const int NETDB_MIN_FLOODFILLS = 5;
+	const int NETDB_MIN_TUNNEL_CREATION_SUCCESS_RATE = 8; // in percents
 	const int NETDB_FLOODFILL_EXPIRATION_TIMEOUT = 60 * 60; // 1 hour, in seconds
 	const int NETDB_INTRODUCEE_EXPIRATION_TIMEOUT = 65 * 60;
 	const int NETDB_MIN_EXPIRATION_TIMEOUT = 90 * 60; // 1.5 hours
@@ -124,6 +125,13 @@ namespace data
 			std::shared_ptr<RouterInfo::Buffer> NewRouterInfoBuffer () { return m_RouterInfoBuffersPool.AcquireSharedMt (); };
 			void PopulateRouterInfoBuffer (std::shared_ptr<RouterInfo> r);
 			std::shared_ptr<RouterInfo::Address> NewRouterInfoAddress () { return m_RouterInfoAddressesPool.AcquireSharedMt (); };
+			boost::shared_ptr<RouterInfo::Addresses> NewRouterInfoAddresses () 
+			{  
+				return boost::shared_ptr<RouterInfo::Addresses>(m_RouterInfoAddressVectorsPool.AcquireMt (), 
+					std::bind <void (i2p::util::MemoryPoolMt<RouterInfo::Addresses>::*)(RouterInfo::Addresses *)>
+						(&i2p::util::MemoryPoolMt<RouterInfo::Addresses>::ReleaseMt, 
+						&m_RouterInfoAddressVectorsPool, std::placeholders::_1));
+			};
 			std::shared_ptr<Lease> NewLease (const Lease& lease) { return m_LeasesPool.AcquireSharedMt (lease); };
 
 			uint32_t GetPublishReplyToken () const { return m_PublishReplyToken; };
@@ -182,6 +190,7 @@ namespace data
 
 			i2p::util::MemoryPoolMt<RouterInfo::Buffer> m_RouterInfoBuffersPool;
 			i2p::util::MemoryPoolMt<RouterInfo::Address> m_RouterInfoAddressesPool;
+			i2p::util::MemoryPoolMt<RouterInfo::Addresses> m_RouterInfoAddressVectorsPool;
 			i2p::util::MemoryPoolMt<Lease> m_LeasesPool;
 	};
 

libi2pd/RouterContext.cpp

@@ -267,8 +267,10 @@ namespace i2p
 		
 	void RouterContext::UpdatePort (int port)
 	{
+		auto addresses = m_RouterInfo.GetAddresses ();
+		if (!addresses) return;
 		bool updated = false;
-		for (auto& address : m_RouterInfo.GetAddresses ())
+		for (auto& address : *addresses)
 		{
 			if (address->port != port && address->transportStyle == i2p::data::RouterInfo::eTransportSSU2)
 			{
@@ -283,8 +285,10 @@ namespace i2p
 	void RouterContext::PublishNTCP2Address (int port, bool publish, bool v4, bool v6, bool ygg)
 	{
 		if (!m_NTCP2Keys) return;
+		auto addresses = m_RouterInfo.GetAddresses ();
+		if (!addresses) return;
 		bool updated = false;
-		for (auto& address : m_RouterInfo.GetAddresses ())
+		for (auto& address : *addresses)
 		{
 			if (address->IsNTCP2 () && (address->port != port || address->published != publish))
 			{
@@ -312,9 +316,10 @@ namespace i2p
 
 	void RouterContext::UpdateNTCP2Address (bool enable)
 	{
-		auto& addresses = m_RouterInfo.GetAddresses ();
+		auto addresses = m_RouterInfo.GetAddresses ();
+		if (!addresses) return;
 		bool found = false, updated = false;
-		for (auto it = addresses.begin (); it != addresses.end ();)
+		for (auto it = addresses->begin (); it != addresses->end ();)
 		{
 			if ((*it)->IsNTCP2 ())
 			{
@@ -326,7 +331,7 @@ namespace i2p
 					it++;
 				}
 				else
-					it = addresses.erase (it);
+					it = addresses->erase (it);
 				updated = true;
 			}
 			else
@@ -344,10 +349,12 @@ namespace i2p
 	void RouterContext::PublishSSU2Address (int port, bool publish, bool v4, bool v6)
 	{
 		if (!m_SSU2Keys) return;
+		auto addresses = m_RouterInfo.GetAddresses ();
+		if (!addresses) return;
 		int newPort = 0;
 		if (!port)
 		{
-			for (const auto& address : m_RouterInfo.GetAddresses ())
+			for (const auto& address : *addresses)
 				if (address->port)
 				{
 					newPort = address->port;
@@ -356,7 +363,7 @@ namespace i2p
 			if (!newPort) newPort = SelectRandomPort ();
 		}
 		bool updated = false;
-		for (auto& address : m_RouterInfo.GetAddresses ())
+		for (auto& address : *addresses)
 		{
 			if (address->IsSSU2 () && (!address->port || address->port != port || address->published != publish) &&
 				((v4 && address->IsV4 ()) || (v6 && address->IsV6 ())))
@@ -377,9 +384,10 @@ namespace i2p
 
 	void RouterContext::UpdateSSU2Address (bool enable)
 	{
-		auto& addresses = m_RouterInfo.GetAddresses ();
+		auto addresses = m_RouterInfo.GetAddresses ();
+		if (!addresses) return;
 		bool found = false, updated = false;
-		for (auto it = addresses.begin (); it != addresses.end ();)
+		for (auto it = addresses->begin (); it != addresses->end ();)
 		{
 			if ((*it)->IsSSU2 ())
 			{
@@ -391,7 +399,7 @@ namespace i2p
 					it++;
 				}
 				else
-					it = addresses.erase (it);
+					it = addresses->erase (it);
 				updated = true;
 			}
 			else
@@ -422,8 +430,10 @@ namespace i2p
 
 	void RouterContext::UpdateAddress (const boost::asio::ip::address& host)
 	{
+		auto addresses = m_RouterInfo.GetAddresses ();
+		if (!addresses) return;
 		bool updated = false;
-		for (auto& address : m_RouterInfo.GetAddresses ())
+		for (auto& address : *addresses)
 		{
 			if (address->host != host && address->IsCompatible (host) &&
 				!i2p::util::net::IsYggdrasilAddress (address->host))
@@ -472,9 +482,10 @@ namespace i2p
 
 	void RouterContext::ClearSSU2Introducers (bool v4)
 	{
+		auto addresses = m_RouterInfo.GetAddresses ();
+		if (!addresses) return;
 		bool updated = false;
-		auto& addresses = m_RouterInfo.GetAddresses ();
+		for (auto& addr : *addresses)
-		for (auto& addr : addresses)
 			if (addr->IsSSU2 () && ((v4 && addr->IsV4 ()) || (!v4 && addr->IsV6 ())) &&
 			    addr->ssu && !addr->ssu->introducers.empty ())
 			{
@@ -597,15 +608,18 @@ namespace i2p
 		}
 		uint16_t port = 0;
 		// delete previous introducers
-		auto& addresses = m_RouterInfo.GetAddresses ();
+		auto addresses = m_RouterInfo.GetAddresses ();
-		for (auto& addr : addresses)
+		if (addresses) 
-			if (addr->ssu && ((v4 && addr->IsV4 ()) || (v6 && addr->IsV6 ())))
+		{	
-			{
+			for (auto& addr : *addresses)
-				addr->published = false;
+				if (addr->ssu && ((v4 && addr->IsV4 ()) || (v6 && addr->IsV6 ())))
-				addr->caps &= ~i2p::data::RouterInfo::eSSUIntroducer; // can't be introducer
+				{
-				addr->ssu->introducers.clear ();
+					addr->published = false;
-				port = addr->port;
+					addr->caps &= ~i2p::data::RouterInfo::eSSUIntroducer; // can't be introducer
-			}
+					addr->ssu->introducers.clear ();
+					port = addr->port;
+				}
+		}	
 		// unpublish NTCP2 addreeses
 		bool ntcp2; i2p::config::GetOption("ntcp2.enabled", ntcp2);
 		if (ntcp2)
@@ -630,15 +644,18 @@ namespace i2p
 		uint16_t port = 0;
 		// delete previous introducers
 		bool isSSU2Published; i2p::config::GetOption ("ssu2.published", isSSU2Published);
-		auto& addresses = m_RouterInfo.GetAddresses ();
+		auto addresses = m_RouterInfo.GetAddresses ();
-		for (auto& addr : addresses)
+		if (addresses) 
-			if (addr->ssu && isSSU2Published && ((v4 && addr->IsV4 ()) || (v6 && addr->IsV6 ())))
+		{	
-			{
+			for (auto& addr : *addresses)
-				addr->published = true;
+				if (addr->ssu && isSSU2Published && ((v4 && addr->IsV4 ()) || (v6 && addr->IsV6 ())))
-				addr->caps |= i2p::data::RouterInfo::eSSUIntroducer;
+				{
-				addr->ssu->introducers.clear ();
+					addr->published = true;
-				if (addr->port) port = addr->port;
+					addr->caps |= i2p::data::RouterInfo::eSSUIntroducer;
-			}
+					addr->ssu->introducers.clear ();
+					if (addr->port) port = addr->port;
+				}
+		}	
 		// publish NTCP2
 		bool ntcp2; i2p::config::GetOption("ntcp2.enabled", ntcp2);
 		if (ntcp2)
@@ -663,23 +680,26 @@ namespace i2p
 			// insert v6 addresses if necessary
 			bool foundNTCP2 = false, foundSSU2 = false;
 			uint16_t port = 0;
-			auto& addresses = m_RouterInfo.GetAddresses ();
+			auto addresses = m_RouterInfo.GetAddresses ();
-			for (auto& addr: addresses)
+			if (addresses) 
 			{
-				if (addr->IsV6 () && !i2p::util::net::IsYggdrasilAddress (addr->host))
+				for (auto& addr: *addresses)
 				{
-					switch (addr->transportStyle)
+					if (addr->IsV6 () && !i2p::util::net::IsYggdrasilAddress (addr->host))
 					{
-						case i2p::data::RouterInfo::eTransportNTCP2:
+						switch (addr->transportStyle)
-							foundNTCP2 = true;
+						{
-						break;
+							case i2p::data::RouterInfo::eTransportNTCP2:
-						case i2p::data::RouterInfo::eTransportSSU2:
+								foundNTCP2 = true;
-							foundSSU2 = true;
+							break;
-						break;
+							case i2p::data::RouterInfo::eTransportSSU2:
-						default: ;
+								foundSSU2 = true;
+							break;
+							default: ;
+						}
 					}
+					port = addr->port;
 				}
-				port = addr->port;
 			}
 			if (!port)
 			{
@@ -743,23 +763,26 @@ namespace i2p
 			bool foundNTCP2 = false, foundSSU2 = false;
 			std::string host = "127.0.0.1";
 			uint16_t port = 0;
-			auto& addresses = m_RouterInfo.GetAddresses ();
+			auto addresses = m_RouterInfo.GetAddresses ();
-			for (auto& addr: addresses)
+			if (addresses) 
 			{
-				if (addr->IsV4 ())
+				for (auto& addr: *addresses)
 				{
-					switch (addr->transportStyle)
+					if (addr->IsV4 ())
 					{
-						case i2p::data::RouterInfo::eTransportNTCP2:
+						switch (addr->transportStyle)
-							foundNTCP2 = true;
+						{
-						break;
+							case i2p::data::RouterInfo::eTransportNTCP2:
-						case i2p::data::RouterInfo::eTransportSSU2:
+								foundNTCP2 = true;
-							foundSSU2 = true;
+							break;
-						break;
+							case i2p::data::RouterInfo::eTransportSSU2:
-						default: ;
+								foundSSU2 = true;
+							break;
+							default: ;
+						}
 					}
+					if (addr->port) port = addr->port;
 				}
-				if (addr->port) port = addr->port;
 			}	
 			if (!port)
 			{
@@ -816,14 +839,17 @@ namespace i2p
 			i2p::config::GetOption ("ntcp2.port", port);
 			if (!port) i2p::config::GetOption("port", port);
 			bool foundMesh = false;
-			auto& addresses = m_RouterInfo.GetAddresses ();
+			auto addresses = m_RouterInfo.GetAddresses ();
-			for (auto& addr: addresses)
+			if (addresses) 
 			{
-				if (!port) port = addr->port;
+				for (auto& addr: *addresses)
-				if (i2p::util::net::IsYggdrasilAddress (addr->host))
 				{
-					foundMesh = true;
+					if (!port) port = addr->port;
-					break;
+					if (i2p::util::net::IsYggdrasilAddress (addr->host))
+					{
+						foundMesh = true;
+						break;
+					}
 				}
 			}	
 			if (!foundMesh)
@@ -837,8 +863,9 @@ namespace i2p
 	void RouterContext::SetMTU (int mtu, bool v4)
 	{
 		if (mtu < 1280 || mtu > 1500) return;
-		auto& addresses = m_RouterInfo.GetAddresses ();
+		auto addresses = m_RouterInfo.GetAddresses ();
-		for (auto& addr: addresses)
+		if (!addresses) return;
+		for (auto& addr: *addresses)
 		{
 			if (addr->ssu && ((v4 && addr->IsV4 ()) || (!v4 && addr->IsV6 ())))
 			{	
@@ -852,8 +879,9 @@ namespace i2p
 	{
 		bool isYgg = i2p::util::net::IsYggdrasilAddress (host);
 		bool updated = false;
-		auto& addresses = m_RouterInfo.GetAddresses ();
+		auto addresses = m_RouterInfo.GetAddresses ();
-		for (auto& addr: addresses)
+		if (!addresses) return;
+		for (auto& addr: *addresses)
 		{
 			if (addr->IsPublishedNTCP2 ())
 			{

libi2pd/RouterContext.h

@@ -47,7 +47,8 @@ namespace garlic
 		eRouterErrorNone = 0,
 		eRouterErrorClockSkew = 1,
 		eRouterErrorOffline = 2,
-		eRouterErrorSymmetricNAT = 3
+		eRouterErrorSymmetricNAT = 3,
+		eRouterErrorNoDescriptors = 4
 	};
 
 	class RouterContext: public i2p::garlic::GarlicDestination

libi2pd/RouterInfo.cpp

@@ -206,9 +206,10 @@ namespace data
 		s.read ((char *)&m_Timestamp, sizeof (m_Timestamp));
 		m_Timestamp = be64toh (m_Timestamp);
 		// read addresses
-		if (!m_NewAddresses) m_NewAddresses = boost::make_shared<Addresses>();
+		auto addresses = netdb.NewRouterInfoAddresses ();
 		uint8_t numAddresses;
 		s.read ((char *)&numAddresses, sizeof (numAddresses));
+		addresses->reserve (numAddresses);
 		for (int i = 0; i < numAddresses; i++)
 		{
 			uint8_t supportedTransports = 0;
@@ -417,19 +418,16 @@ namespace data
 			if (supportedTransports)
 			{
 				if (!(m_SupportedTransports & supportedTransports)) // avoid duplicates
-					m_NewAddresses->push_back(address);
+					addresses->push_back(address);
 				m_SupportedTransports |= supportedTransports;
 			}
 		}
 		// update addresses
-		auto prev = m_Addresses;
 #if (BOOST_VERSION >= 105300)
-		boost::atomic_store (&m_Addresses, m_NewAddresses);
+		boost::atomic_store (&m_Addresses, addresses);
 #else
-		m_Addresses = m_NewAddresses; // race condition
+		m_Addresses = addresses; // race condition
 #endif
-		if (prev) prev->clear ();
-		m_NewAddresses = prev;
 		// read peers
 		uint8_t numPeers;
 		s.read ((char *)&numPeers, sizeof (numPeers)); if (!s) return;
@@ -826,6 +824,15 @@ namespace data
 		return nullptr;
 	}
 
+	boost::shared_ptr<RouterInfo::Addresses> RouterInfo::GetAddresses () const
+	{
+#if (BOOST_VERSION >= 105300)
+		return boost::atomic_load (&m_Addresses);
+#else
+		return m_Addresses;
+#endif
+	}	
+		
 	template<typename Filter>
 	std::shared_ptr<const RouterInfo::Address> RouterInfo::GetAddress (Filter filter) const
 	{
@@ -1048,14 +1055,15 @@ namespace data
 
 	void LocalRouterInfo::WriteToStream (std::ostream& s) const
 	{
+		auto addresses = GetAddresses ();
+		if (!addresses) return;
+		
 		uint64_t ts = htobe64 (GetTimestamp ());
 		s.write ((const char *)&ts, sizeof (ts));
-
 		// addresses
-		const Addresses& addresses = GetAddresses ();
+		uint8_t numAddresses = addresses->size ();
-		uint8_t numAddresses = addresses.size ();
 		s.write ((char *)&numAddresses, sizeof (numAddresses));
-		for (const auto& addr_ptr : addresses)
+		for (const auto& addr_ptr : *addresses)
 		{
 			const Address& address = *addr_ptr;
 			// calculate cost
@@ -1257,7 +1265,9 @@ namespace data
 
 	bool LocalRouterInfo::AddSSU2Introducer (const Introducer& introducer, bool v4)
 	{
-		for (auto& addr : GetAddresses ())
+		auto addresses = GetAddresses ();
+		if (!addresses) return false;
+		for (auto& addr : *addresses)
 		{
 			if (addr->IsSSU2 () && ((v4 && addr->IsV4 ()) || (!v4 && addr->IsV6 ())))
 			{
@@ -1273,7 +1283,9 @@ namespace data
 
 	bool LocalRouterInfo::RemoveSSU2Introducer (const IdentHash& h, bool v4)
 	{
-		for (auto& addr: GetAddresses ())
+		auto addresses = GetAddresses ();
+		if (!addresses) return false;
+		for (auto& addr: *addresses)
 		{
 			if (addr->IsSSU2 () && ((v4 && addr->IsV4 ()) || (!v4 && addr->IsV6 ())))
 			{

libi2pd/RouterInfo.h

@@ -176,7 +176,7 @@ namespace data
 			int GetVersion () const { return m_Version; };
 			virtual void SetProperty (const std::string& key, const std::string& value) {};
 			virtual void ClearProperties () {};
-			Addresses& GetAddresses () { return *m_Addresses; }; // should be called for local RI only, otherwise must return shared_ptr
+			boost::shared_ptr<Addresses> GetAddresses () const; // should be called for local RI only, otherwise must return shared_ptr
 			std::shared_ptr<const Address> GetNTCP2AddressWithStaticKey (const uint8_t * key) const;
 			std::shared_ptr<const Address> GetSSU2AddressWithStaticKey (const uint8_t * key, bool isV6) const;
 			std::shared_ptr<const Address> GetPublishedNTCP2V4Address () const;
@@ -258,7 +258,6 @@ namespace data
 			void UpdateBuffer (const uint8_t * buf, size_t len);
 			void SetBufferLen (size_t len) { m_BufferLen = len; };
 			void RefreshTimestamp ();
-			const Addresses& GetAddresses () const { return *m_Addresses; };
 			CompatibleTransports GetReachableTransports () const { return m_ReachableTransports; };
 			void SetReachableTransports (CompatibleTransports transports) { m_ReachableTransports = transports; };
 
@@ -282,7 +281,7 @@ namespace data
 			std::shared_ptr<Buffer> m_Buffer;
 			size_t m_BufferLen;
 			uint64_t m_Timestamp;
-			boost::shared_ptr<Addresses> m_Addresses, m_NewAddresses; // TODO: use std::shared_ptr and std::atomic_store for gcc >= 4.9
+			boost::shared_ptr<Addresses> m_Addresses; // TODO: use std::shared_ptr and std::atomic_store for gcc >= 4.9
 			bool m_IsUpdated, m_IsUnreachable;
 			CompatibleTransports m_SupportedTransports, m_ReachableTransports;
 			uint8_t m_Caps;

libi2pd/SSU2.cpp

@@ -36,8 +36,9 @@ namespace transport
 			i2p::config::GetOption ("ssu2.published", m_IsPublished);
 			i2p::config::GetOption("nettime.frompeers", m_IsSyncClockFromPeers);
 			bool found = false;
-			auto& addresses = i2p::context.GetRouterInfo ().GetAddresses ();
+			auto addresses = i2p::context.GetRouterInfo ().GetAddresses ();
-			for (const auto& address: addresses)
+			if (!addresses) return;
+			for (const auto& address: *addresses)
 			{
 				if (!address) continue;
 				if (address->transportStyle == i2p::data::RouterInfo::eTransportSSU2)
@@ -368,6 +369,7 @@ namespace transport
 	bool SSU2Server::AddPendingOutgoingSession (std::shared_ptr<SSU2Session> session)
 	{
 		if (!session) return false;
+		std::unique_lock<std::mutex> l(m_PendingOutgoingSessionsMutex);
 		return m_PendingOutgoingSessions.emplace (session->GetRemoteEndpoint (), session).second;
 	}
 
@@ -381,6 +383,7 @@ namespace transport
 
 	std::shared_ptr<SSU2Session> SSU2Server::FindPendingOutgoingSession (const boost::asio::ip::udp::endpoint& ep) const
 	{
+		std::unique_lock<std::mutex> l(m_PendingOutgoingSessionsMutex);
 		auto it = m_PendingOutgoingSessions.find (ep);
 		if (it != m_PendingOutgoingSessions.end ())
 			return it->second;
@@ -389,6 +392,7 @@ namespace transport
 
 	void SSU2Server::RemovePendingOutgoingSession (const boost::asio::ip::udp::endpoint& ep)
 	{
+		std::unique_lock<std::mutex> l(m_PendingOutgoingSessionsMutex);
 		m_PendingOutgoingSessions.erase (ep);
 	}
 
@@ -492,9 +496,10 @@ namespace transport
 				break;
 				case eSSU2SessionStateClosing:
 					m_LastSession->ProcessData (buf, len, senderEndpoint); // we might receive termintaion block
-					if (m_LastSession && m_LastSession->GetState () != eSSU2SessionStateTerminated)
+					if (m_LastSession && m_LastSession->GetState () == eSSU2SessionStateClosing)
 						m_LastSession->RequestTermination (eSSU2TerminationReasonIdleTimeout); // send termination again
 				break;
+				case eSSU2SessionStateClosingConfirmed:	
 				case eSSU2SessionStateTerminated:
 					m_LastSession = nullptr;
 				break;
@@ -510,7 +515,10 @@ namespace transport
 			{
 				if (it1->second->GetState () == eSSU2SessionStateSessionRequestSent &&
 					it1->second->ProcessSessionCreated (buf, len))
+				{
+					std::unique_lock<std::mutex> l(m_PendingOutgoingSessionsMutex);
 					m_PendingOutgoingSessions.erase (it1); // we are done with that endpoint
+				}	
 				else
 					it1->second->ProcessRetry (buf, len);
 			}
@@ -754,6 +762,7 @@ namespace transport
 				if (it->second->IsTerminationTimeoutExpired (ts))
 				{
 					//it->second->Terminate ();
+					std::unique_lock<std::mutex> l(m_PendingOutgoingSessionsMutex);
 					it = m_PendingOutgoingSessions.erase (it);
 				}
 				else
@@ -844,13 +853,17 @@ namespace transport
 		m_OutgoingTokens[ep] = {token, exp};
 	}
 
-	uint64_t SSU2Server::FindOutgoingToken (const boost::asio::ip::udp::endpoint& ep) const
+	uint64_t SSU2Server::FindOutgoingToken (const boost::asio::ip::udp::endpoint& ep)
 	{
 		auto it = m_OutgoingTokens.find (ep);
 		if (it != m_OutgoingTokens.end ())
 		{
 			if (i2p::util::GetSecondsSinceEpoch () + SSU2_TOKEN_EXPIRATION_THRESHOLD > it->second.second)
-				return 0; // token expired
+			{	
+				// token expired
+				m_OutgoingTokens.erase (it);
+				return 0; 
+			}	
 			return it->second.first;
 		}
 		return 0;
@@ -858,12 +871,18 @@ namespace transport
 
 	uint64_t SSU2Server::GetIncomingToken (const boost::asio::ip::udp::endpoint& ep)
 	{
+		auto ts = i2p::util::GetSecondsSinceEpoch ();
 		auto it = m_IncomingTokens.find (ep);
 		if (it != m_IncomingTokens.end ())
-			return it->second.first;
+		{
+			if (ts + SSU2_TOKEN_EXPIRATION_THRESHOLD <= it->second.second)
+				return it->second.first;
+			else // token expired
+				m_IncomingTokens.erase (it);
+		}	
 		uint64_t token;
 		RAND_bytes ((uint8_t *)&token, 8);
-		m_IncomingTokens.emplace (ep, std::make_pair (token, i2p::util::GetSecondsSinceEpoch () + SSU2_TOKEN_EXPIRATION_TIMEOUT));
+		m_IncomingTokens.emplace (ep, std::make_pair (token, ts + SSU2_TOKEN_EXPIRATION_TIMEOUT));
 		return token;
 	}
 

libi2pd/SSU2.h

@@ -10,6 +10,7 @@
 #define SSU2_H__
 
 #include <unordered_map>
+#include <mutex>
 #include "util.h"
 #include "SSU2Session.h"
 
@@ -88,7 +89,7 @@ namespace transport
 			bool StartPeerTest (std::shared_ptr<const i2p::data::RouterInfo> router, bool v4);
 
 			void UpdateOutgoingToken (const boost::asio::ip::udp::endpoint& ep, uint64_t token, uint32_t exp);
-			uint64_t FindOutgoingToken (const boost::asio::ip::udp::endpoint& ep) const;
+			uint64_t FindOutgoingToken (const boost::asio::ip::udp::endpoint& ep);
 			uint64_t GetIncomingToken (const boost::asio::ip::udp::endpoint& ep);
 			std::pair<uint64_t, uint32_t> NewIncomingToken (const boost::asio::ip::udp::endpoint& ep);
 
@@ -140,6 +141,7 @@ namespace transport
 			std::unordered_map<uint64_t, std::shared_ptr<SSU2Session> > m_Sessions;
 			std::unordered_map<i2p::data::IdentHash, std::shared_ptr<SSU2Session> > m_SessionsByRouterHash;
 			std::map<boost::asio::ip::udp::endpoint, std::shared_ptr<SSU2Session> > m_PendingOutgoingSessions;
+			mutable std::mutex m_PendingOutgoingSessionsMutex;
 			std::map<boost::asio::ip::udp::endpoint, std::pair<uint64_t, uint32_t> > m_IncomingTokens, m_OutgoingTokens; // remote endpoint -> (token, expires in seconds)
 			std::map<uint32_t, std::shared_ptr<SSU2Session> > m_Relays; // we are introducer, relay tag -> session
 			std::list<i2p::data::IdentHash> m_Introducers, m_IntroducersV6; // introducers we are connected to

libi2pd/SSU2Session.cpp

@@ -878,7 +878,7 @@ namespace transport
 			// fragmented
 			if (numFragments > 2)
 			{
-				LogPrint (eLogError, "SSU2: Too many fragments ", numFragments, " in SessionConfirmed");
+				LogPrint (eLogError, "SSU2: Too many fragments ", (int)numFragments, " in SessionConfirmed from ", m_RemoteEndpoint);
 				return false;
 			}
 			if (len < 32)
@@ -1462,12 +1462,19 @@ namespace transport
 					m_IsDataReceived = true;
 				break;
 				case eSSU2BlkTermination:
-					LogPrint (eLogDebug, "SSU2: Termination reason=", (int)buf[11]);
+				{	
-					if (IsEstablished () && buf[11] != eSSU2TerminationReasonTerminationReceived)
+					uint8_t rsn = buf[11]; // reason		
+					LogPrint (eLogDebug, "SSU2: Termination reason=", (int)rsn);
+					if (IsEstablished () && rsn != eSSU2TerminationReasonTerminationReceived)
 						RequestTermination (eSSU2TerminationReasonTerminationReceived);
-					else
+					else if (m_State != eSSU2SessionStateTerminated)	
+					{
+						if (m_State == eSSU2SessionStateClosing && rsn == eSSU2TerminationReasonTerminationReceived)	
+							m_State = eSSU2SessionStateClosingConfirmed;
 						Done ();
-				break;
+					}		
+					break;
+				}		
 				case eSSU2BlkRelayRequest:
 					LogPrint (eLogDebug, "SSU2: RelayRequest");
 					HandleRelayRequest (buf + offset, size);
@@ -1623,7 +1630,7 @@ namespace transport
 				if (ts > it1->second->sendTime)
 				{
 					auto rtt = ts - it1->second->sendTime;
-					m_RTT = (m_RTT*m_SendPacketNum + rtt)/(m_SendPacketNum + 1);
+					m_RTT = std::round ((m_RTT*m_SendPacketNum + rtt)/(m_SendPacketNum + 1.0));
 					m_RTO = m_RTT*SSU2_kAPPA;
 					if (m_RTO < SSU2_MIN_RTO) m_RTO = SSU2_MIN_RTO;
 					if (m_RTO > SSU2_MAX_RTO) m_RTO = SSU2_MAX_RTO;
@@ -1656,13 +1663,23 @@ namespace transport
 				{
 					if (isV4)
 					{
-						if (i2p::context.GetStatus () == eRouterStatusTesting)
+						if (i2p::context.GetStatus () == eRouterStatusTesting || 
+						    m_State == eSSU2SessionStatePeerTest)
+						{	
 							i2p::context.SetError (eRouterErrorSymmetricNAT);
+							i2p::context.SetStatus (eRouterStatusFirewalled);
+							m_Server.RescheduleIntroducersUpdateTimer ();
+						}	
 					}
 					else
 					{
-						if (i2p::context.GetStatusV6 () == eRouterStatusTesting)
+						if (i2p::context.GetStatusV6 () == eRouterStatusTesting ||
+						    m_State == eSSU2SessionStatePeerTest)
+						{
 							i2p::context.SetErrorV6 (eRouterErrorSymmetricNAT);
+							i2p::context.SetStatusV6 (eRouterStatusFirewalled);
+							m_Server.RescheduleIntroducersUpdateTimerV6 ();
+						}	
 					}
 				}
 				else

libi2pd/SSU2Session.h

@@ -100,6 +100,7 @@ namespace transport
 		eSSU2SessionStateSessionConfirmedSent,
 		eSSU2SessionStateEstablished,
 		eSSU2SessionStateClosing,
+		eSSU2SessionStateClosingConfirmed,
 		eSSU2SessionStateTerminated,
 		eSSU2SessionStateFailed,
 		eSSU2SessionStateIntroduced,

libi2pd/Streaming.cpp

@@ -435,7 +435,7 @@ namespace stream
 					LogPrint(eLogError, "Streaming: Packet ", seqn, "sent from the future, sendTime=", sentPacket->sendTime);
 					rtt = 1;
 				}
-				m_RTT = (m_RTT*seqn + rtt)/(seqn + 1);
+				m_RTT = std::round ((m_RTT*seqn + rtt)/(seqn + 1.0));
 				m_RTO = m_RTT*1.5; // TODO: implement it better
 				LogPrint (eLogDebug, "Streaming: Packet ", seqn, " acknowledged rtt=", rtt, " sentTime=", sentPacket->sendTime);
 				m_SentPackets.erase (it++);

libi2pd/TransportSession.h

@@ -113,6 +113,7 @@ namespace transport
 			virtual uint32_t GetRelayTag () const { return 0; };
 			virtual void SendLocalRouterInfo (bool update = false) { SendI2NPMessages ({ CreateDatabaseStoreMsg () }); };
 			virtual void SendI2NPMessages (const std::vector<std::shared_ptr<I2NPMessage> >& msgs) = 0;
+			virtual bool IsEstablished () const = 0;
 			
 		protected:
 

libi2pd/Transports.cpp

@@ -743,7 +743,12 @@ namespace transport
 			auto ts = i2p::util::GetSecondsSinceEpoch ();
 			for (auto it = m_Peers.begin (); it != m_Peers.end (); )
 			{
-				if (it->second.sessions.empty () && ts > it->second.creationTime + SESSION_CREATION_TIMEOUT)
+				it->second.sessions.remove_if (
+					[](std::shared_ptr<TransportSession> session)->bool
+				    {
+						return !session || !session->IsEstablished ();
+					});
+ 				if (it->second.sessions.empty () && ts > it->second.creationTime + SESSION_CREATION_TIMEOUT)
 				{
 					LogPrint (eLogWarning, "Transports: Session to peer ", it->first.ToBase64 (), " has not been created in ", SESSION_CREATION_TIMEOUT, " seconds");
 					auto profile = i2p::data::GetRouterProfile(it->first);

libi2pd/util.h

@@ -112,7 +112,7 @@ namespace util
 	};
 
 	template<class T>
-	class MemoryPoolMt: public MemoryPool<T>
+	class MemoryPoolMt: private MemoryPool<T>
 	{
 		public:
 

libi2pd_client/HTTPProxy.cpp

@@ -252,6 +252,7 @@ namespace proxy {
 		req.RemoveHeader("From");
 		req.RemoveHeader("Forwarded");
 		req.RemoveHeader("DNT"); // Useless DoNotTrack flag
+		req.RemoveHeader("X-Requested-With"); // Android Webview send this with the value set to the application ID
 		req.RemoveHeader("Accept", "Accept-Encoding"); // Accept*, but Accept-Encoding
 		/* drop proxy-disclosing headers */
 		req.RemoveHeader("X-Forwarded");