mirror of
https://github.com/PurpleI2P/i2pd.git
synced 2025-10-24 04:29:03 +01:00
1094 lines
38 KiB
Text
1094 lines
38 KiB
Text
# for this file format description,
|
|
# see https://github.com/olivierlacan/keep-a-changelog
|
|
|
|
## [2.51.0] - 2024-04-06
|
|
### Added
|
|
- Non-blocking mode for UDP sockets
|
|
- Set SSU2 socket buffer size based on bandwidth limit
|
|
- Encrypted tunnel tests
|
|
- Support for multiple UDP server tunnels on one destination
|
|
- Publish medium congestion indication
|
|
- Local domain sockets for SOCKS proxy upstream
|
|
- Tunnel status "declined" in web console
|
|
- SAM error reply "Incompatible crypto" if remote destination has incompatible crypto
|
|
- Reduce amount of traffic by handling local message drops
|
|
- Keep SSU2 socket open even if it fails to bind
|
|
- Lower SSU2 resend traffic spikes
|
|
- Expiration for messages in SSU2 send queue
|
|
- Use EWMA for stream RTT estimation
|
|
- Request choking delay if too many NACKs in stream
|
|
- Allow 0ms latency for tunnel
|
|
- Randomize tunnels selection for tests
|
|
### Changed
|
|
- Upstream SOCKS proxy from SOCKS4 to SOCKS5
|
|
- Transit tunnels limit to 4 bytes. Default value to 10K
|
|
- Reply CANT_REACH_PEER if connect to ourselves in SAM
|
|
- Don't send already expired I2NP messages
|
|
- Use monotonic timer to measure tunnel test latency
|
|
- Standard NTCP2 frame doesn't exceed 16K
|
|
- Always send request through tunnels in case of restricted routes
|
|
- Don't delete connected routers from NetDb
|
|
- Send lookup reply directly to reply tunnel gateway if possible
|
|
- Reduce unreachable router ban interval to 8 minutes
|
|
- Don't request banned routers / don't try to connect to unreachable router
|
|
- Consider 'M' routers as low bandwidth
|
|
- Limit minimal received SSU2 packet size to 40 bytes
|
|
- Bob picks peer test session only if Charlie's address supports peer testing
|
|
- Reject peer test msg 2 if peer testing is not supported
|
|
- Don't request termination if SSU2 session was not established
|
|
- Set maximum SSU2 queue size depending on RTT value
|
|
- New streaming RTT calculation algorithm
|
|
- Don't double initial RTO for streams when changing tunnels
|
|
- Restore failed tunnel if test or data for inbound tunnel received
|
|
- Don't fail last remaining tunnel in pool
|
|
- Publish LeasetSet again if local destination was not ready or no tunnels
|
|
- Make more attempts to pick high bandwidth hop for client tunnel
|
|
- Reduced SSU2 session termination timeout to 165 seconds
|
|
- Reseeds list
|
|
### Fixed
|
|
- ECIESx25519 symmetric key tagset early expiration
|
|
- Encrypted LeaseSet lookup
|
|
- Outbound tunnel build fails if it's endpoint is the same as reply tunnel gateway
|
|
- I2PControl RouterManager returns invalid JSON when unknown params are passed
|
|
- Mix of data between different UDP sessions on the same server
|
|
- TARGET_OS_SIMULATOR check
|
|
- Handling of "reservedrange" param
|
|
- New NTCP2 session gets teminated upon termination of old one
|
|
- New SSU2 session gets teminated upon termination of old one
|
|
- Peer test to non-supporting router
|
|
- Streaming ackThrough off 1 if number of NACKs exceeds 255
|
|
- Race condition in ECIESx25519 tags table
|
|
- Good tunnel becomes failed
|
|
- Crash when packet comes to terminated stream
|
|
- Stream hangs during LeaseSet update
|
|
|
|
## [2.50.2] - 2024-01-06
|
|
###Fixed
|
|
- Crash with OpenSSL 3.2.0
|
|
- False positive clock skew detection
|
|
|
|
## [2.50.1] - 2023-12-23
|
|
###Fixed
|
|
- Support for new EdDSA usage behavior in OpenSSL 3.2.0
|
|
|
|
## [2.50.0] - 2023-12-18
|
|
### Added
|
|
- Support of concurrent ACCEPTs on SAM 3.1
|
|
- Haiku OS support
|
|
- Low bandwidth and far routers can expire before 1 hour
|
|
### Changed
|
|
- Don't pick too active peer for first hop
|
|
- Try peer test again if status is Unknown
|
|
- Send peer tests with random delay
|
|
- Reseeds list
|
|
### Fixed
|
|
- XSS vulnerability in addresshelper
|
|
- Publishing NAT64 ipv6 addresses
|
|
- Deadlock in AsyncSend callback
|
|
|
|
## [2.49.0] - 2023-09-18
|
|
### Added
|
|
- Handle SOCK5 authorization with empty user/password
|
|
- Drop incoming transport sessions from too old or from future routers
|
|
- Memory pool for router profiles
|
|
- Allow 0 hops in explicitPeers
|
|
### Changed
|
|
- Separate network and testing status
|
|
- Remove AVX code
|
|
- Improve NTCP2 transport session logging
|
|
- Select router with ipv4 for tunnel endpoint
|
|
- Consider all addresses non-published for U and H routers even if they have host/port
|
|
- Don't pick completely unreachable routers for tunnels
|
|
- Exclude SSU1 introducers from SSU2 addresses
|
|
- Don't create paired inbound tunnel if length is different
|
|
- Remove introducer from RouterInfo after 60 minutes
|
|
- Reduce SSU2 keep alive interval and add keep alive interval variance
|
|
- Don't pick too old sessions for introducer
|
|
### Fixed
|
|
- Version of the subnegotiation in user/password SOCKS5 response
|
|
- Send keepalive for existing session with introducer
|
|
- Buffer offset for EVP_EncryptFinal_ex() to include outlen
|
|
- Termination block size processing for transport sessions
|
|
- Crash if deleted BOB destination was shared between few BOB sessions
|
|
- Introducers with zero tag
|
|
- Padding for SSU2 path response
|
|
|
|
## [2.48.0] - 2023-06-12
|
|
### Added
|
|
- Allow user/password authentication method for SOCK5 proxy
|
|
- Publish reject all congestion cap 'G' if transit is not accepted
|
|
- 'critical' log level
|
|
- Print b32 on webconsole destination page
|
|
- Webconsole button to drop a remote LeaseSet
|
|
- limits.zombies param - minimum percentage of successfully created tunnels for routers cleanup
|
|
- Recognize real routers if successfully connected or responded to tunnel build request
|
|
### Changed
|
|
- Bypass slow transport sessions for first hop selection
|
|
- Limit AESNI inline asm to x86/x64
|
|
- Create smaller I2NP packets if possible
|
|
- Make router unreachable if AEAD tag verification fails in SessionCreated
|
|
- Don't include a router to floodfills list until it's confirmed as real
|
|
- Drop LeaseSet store request if not floodfill
|
|
- Bypass medium congestion('D') routers for client tunnels
|
|
- Publish encrypted RouterInfo through tunnels
|
|
- Check if s is valid x25519 public key
|
|
- Check if socket is open before sending data in SSU2
|
|
### Fixed
|
|
- Webconsole empty page if destination is not found
|
|
- i2p.streaming.answerPings param
|
|
- Reload tunnels
|
|
- Address caps for unspecified ipv6 address
|
|
- Incomplete HTTP headers in I2P tunnels
|
|
- SSU2 socket network exceptions on Windows
|
|
- Use of 'server' type tunnel port as inport (#1936)
|
|
|
|
## [2.47.0] - 2023-03-11
|
|
### Added
|
|
- Congestion caps
|
|
- SAM UDP port parameter
|
|
- Support domain addresses for yggdrasil reseeds
|
|
### Changed
|
|
- DHT for floodfills instead plain list
|
|
- Process router's messages in separate thread
|
|
- Don't publish non-reachable router
|
|
- Send and check target destination in first streaming SYN packet
|
|
- Reseeds list
|
|
### Fixed
|
|
- Memory leak in windows network state detection
|
|
- Reseed attempts from invalid address
|
|
|
|
## [2.46.1] - 2023-02-20
|
|
### Fixed
|
|
- Race condition while getting router's peer profile
|
|
- Creation of new router.info
|
|
- Displaying LeaseSets in the webconsole
|
|
- Crash when processing ACK request
|
|
|
|
## [2.46.0] - 2023-02-15
|
|
### Added
|
|
- Limit number of acked SSU2 packets to 511
|
|
- Localization to Swedish, Portuguese, Turkish, Polish
|
|
- Periodically send Datetime block in NTCP2 and SSU2
|
|
- Don't select random port from reserved
|
|
- In memory table for peer profiles
|
|
- Store if router was unreachable in it's peer profile
|
|
- Show IPv6 addresses in square brackets in webconsole
|
|
- Check referer when processing Addresshelper
|
|
### Changed
|
|
- Algorithm for tunnel creation success rate calculation
|
|
- Drop incoming NTCP2 and SSU2 connection if published IP doesn't match actual endpoint
|
|
- Exclude actually unreachable router from netdb for 2 hours
|
|
- Select first hop from high bandwidth peers for client tunnels
|
|
- Drop too long or too short LeaseSet
|
|
- Delete router from netdb if became invalid after update
|
|
- Terminate existing session if clock skew detected
|
|
- Close previous UDP socket if open before reopening
|
|
- Minimal version for floodfill is 0.9.51
|
|
- Sort transports by endpoints in webconsole
|
|
### Fixed
|
|
- Deadlock during processing I2NP block with Garlic in ECIES encrypted message to router
|
|
- Race condition with encrypted LeaseSets
|
|
- HTTP query detection
|
|
- Connection attempts to IPs from invalid ranges
|
|
- Publish "0.0.0.0" in RouterInfo
|
|
- Crash upon receiving PeerTest 7
|
|
- Tunnels for closed SAM session socket
|
|
- Missing NTCP2 address in RouterInfo if enabled back
|
|
|
|
## [2.45.1] - 2023-01-11
|
|
### Added
|
|
- Full Cone NAT status error
|
|
### Changed
|
|
- Drop duplicated I2NP messages in SSU2
|
|
- Set rejection code 30 if tunnel with id already exists
|
|
- Network status is always OK if peer test msg 5 received
|
|
### Fixed
|
|
- UPnP crash if SSU2 or NTCP2 is disabled
|
|
- Crash on termination for some platforms
|
|
|
|
## [2.45.0] - 2023-01-03
|
|
### Added
|
|
- Test for Symmetric NAT with peer test msgs 6 and 7
|
|
- Webconsole "No Descriptors" router error state
|
|
- 1 and 15 seconds bandwidth calculation for i2pcontrol
|
|
- Show non-zero send queue size for transports in web console
|
|
- Compressible padding for I2P addresses
|
|
- Localization to Czech
|
|
- Don't accept incoming session from invalid/reserved addresses for NTCP2 and SSU2
|
|
- Limit simultaneous tunnel build requests by 4 per pool
|
|
### Changed
|
|
- Removed SSU support
|
|
- Reduced bandwidth calculation interval from 60 to 15 seconds
|
|
- Increased default max transit tunnels number from 2500 to 5000 or 10000 for floodfill
|
|
- Transit tunnels limit is doubled if floodfill mode is enabled
|
|
- NTCP2 and SSU2 timestamps are rounded to seconds
|
|
- Drop RouterInfos and LeaseSets with timestamp from future
|
|
- Don't delete unreachable routers if tunnel creation success rate is too low
|
|
- Refuse duplicated incoming pending NTCP2 session from same IP
|
|
- Don't send SSU2 termination again if termination received block received
|
|
- Handle standard network error for SSU2 without throwing an exception
|
|
- Don't select overloaded peer for next tunnel
|
|
- Remove "X-Requested-With" in HTTP Proxy for non-AJAX requests
|
|
### Fixed
|
|
- File descriptors leak
|
|
- Random crash on AddressBook update
|
|
- Crash if incorrect LeaseSet size
|
|
- Spamming to log if no descriptors
|
|
- ::1 address in RouterInfo
|
|
- SSU2 network error handling (especially for Windows)
|
|
- Race condition with pending outgoing SSU2 sessions
|
|
- RTT self-reduction for long-live streams
|
|
|
|
## [2.44.0] - 2022-11-20
|
|
### Added
|
|
- SSL connection for server I2P tunnels
|
|
- Localization to Italian and Spanish
|
|
- SSU2 through SOCKS5 UDP proxy
|
|
- Reload tunnels through web console
|
|
- SSU2 send immediate ack request flag
|
|
- SSU2 send and verify path challenge
|
|
- Configurable ssu2.mtu4 and ssu2.mtu6
|
|
### Changed
|
|
- SSU2 is enabled and SSU is disabled by default
|
|
- Separate network status and error
|
|
- Random selection between NTCP2 and SSU2 priority
|
|
- Added notbob.i2p to jump services
|
|
- Remove DoNotTrack flag from HTTP Request header
|
|
- Skip addresshelper page if destination was not changed
|
|
- SSU2 allow different ports from RelayReponse and HolePunch
|
|
- SSU2 resend PeerTest msg 1 and msg 2
|
|
- SSU2 Send Retry instead SessionCreated if clock skew detected
|
|
### Fixed
|
|
- Long HTTP headers for HTTP proxy and HTTP server tunnel
|
|
- SSU2 resends and resend limits
|
|
- Crash at startup if addressbook is disabled
|
|
- NTCP2 ipv6 connection through SOCKS5 proxy
|
|
- SSU2 SessionRequest with zero token
|
|
- SSU2 MTU less than 1280
|
|
- SSU2 port=1
|
|
- Incorrect addresses from network interfaces
|
|
- Definitions for Darwin PPC; do not use pthread_setname_np
|
|
|
|
## [2.43.0] - 2022-08-22
|
|
### Added
|
|
- Complete SSU2 implementation
|
|
- Localization to Chinese
|
|
- Send RouterInfo update for long live sessions
|
|
- Explicit ipv6 ranges of known tunnel brokers for MTU detection
|
|
- Always send "Connection: close" and strip out Keep-Alive for server HTTP tunnel
|
|
- Show ports for all transports in web console
|
|
- Translation of webconsole site title
|
|
- Support for Windows ProgramData path when running as service
|
|
- Ability to turn off address book
|
|
- Handle signals TSTP and CONT to stop and resume network
|
|
### Changed
|
|
- Case insensitive headers for server HTTP tunnel
|
|
- Do not show 'Address registration' line if LeaseSet is encrypted
|
|
- SSU2 transports have higher priority than SSU
|
|
- Disable ElGamal precalculated table if no SSU
|
|
- Deprecate limits.ntcpsoft, limits.ntcphard and limits.ntcpthreads config options
|
|
- SSU2 is enabled and SSU is disabled by default for new installations
|
|
### Fixed
|
|
- Typo with Referer header name in HTTP proxy
|
|
- Can't handle garlic message from an exploratory tunnel
|
|
- Incorrect encryption key for exploratory lookup reply
|
|
- Bound checks issues in LeaseSets code
|
|
- MTU detection on Windows
|
|
- Crash on stop of active server tunnel
|
|
- Send datagram to wrong destination in SAM
|
|
- Incorrect static key in RouterInfo if the keys were regenerated
|
|
- Duplicated sessions in BOB
|
|
|
|
## [2.42.1] - 2022-05-24
|
|
### Fixed
|
|
- Incorrect jump link in HTTP Proxy
|
|
|
|
## [2.42.0] - 2022-05-22
|
|
### Added
|
|
- Preliminary SSU2 implementation
|
|
- Tunnel length variance
|
|
- Localization to French
|
|
- Daily cleanup of obsolete peer profiles
|
|
- Ordered jump services list in HTTP proxy
|
|
- Win32 service
|
|
- Show port for local non-published SSU addresses in web console
|
|
### Changed
|
|
- Maximum RouterInfo length increased to 3K
|
|
- Skip unknown addresses in RouterInfo
|
|
- Don't pick own router for peer test
|
|
- Reseeds list
|
|
- Internal numeric id for families
|
|
- Use ipv6 preference only when netinet headers not used
|
|
- Close stream if delete requested
|
|
- Remove version from title in web console
|
|
- Drop MESHNET build option
|
|
- Set data path before initialization
|
|
- Don't show registration block in web console if token is not provided
|
|
### Fixed
|
|
- Encrypted LeaseSet for EdDSA signature
|
|
- Clients tunnels are not built if clock is not synced on start
|
|
- Incorrect processing of i2cp.dontPublishLeaseSet param
|
|
- UDP tunnels reload
|
|
- Build for LibreSSL 3.5.2
|
|
- Race condition in short tunnel build message
|
|
- Race condition in local RouterInfo buffer allocation
|
|
|
|
## [2.41.0] - 2022-02-20
|
|
### Added
|
|
- Clock syncronization through SSU
|
|
- Drop routers older than 6 months on start
|
|
- Localization to German
|
|
- Don't send streaming ack too frequently
|
|
- Select compatible outbound tunnel for I2CP messages
|
|
- Restart webconsole's acceptor in case of exception
|
|
### Changed
|
|
- Use builtin bitswap for endian on windows
|
|
- Send SessionCreated before connection close if clock skew
|
|
- Try another floodfill for publishing if no compatible tunnels found
|
|
- Reduce memory usage for RouterInfo structures
|
|
- Avoid duplicated addresses in RouterInfo. Check presence of netId and version
|
|
- Use TCP/IP sockets for I2CP on Android instead local sockets
|
|
- Return uptime as integer in I2PControl
|
|
- Reseed servers list/cerificates
|
|
- Webconsole's dark style colors
|
|
### Fixed
|
|
- Attempt to use Yggdrasil on start on Android
|
|
- Attempts to send peer tests to itself
|
|
- Severe packets drop in SSU
|
|
- Crash on tunnel tests
|
|
- Loading addressbook subscriptions from config
|
|
- Multiple I2CP session to the same destination
|
|
- Build on Apple Silicon
|
|
|
|
## [2.40.0] - 2021-11-29
|
|
### Added
|
|
- Keep alive parameter for client tunnels
|
|
- Support openssl 3.0.0
|
|
- Localization to Armenian
|
|
- Show git commit info in version
|
|
- Windows menu item for opening datadir
|
|
- Reseed if too few floodfills
|
|
- Don't publish old and replacing tunnel in LeaseSet
|
|
- Webconsole light/dark theme depending on system settings (via CSS)
|
|
### Changed
|
|
- Set gzip compression to false by default
|
|
- Build tunnel through ECIES routers only
|
|
- Removed ElGamal support for tunnels
|
|
- Moved webconsole resources to separate file
|
|
- Pick tunnels with compatible transport with another tunnel of floodfill
|
|
- Use common cleanup timer for all SSU sessions
|
|
- Reduced memory usage
|
|
- Reseed servers list
|
|
- i18n code called from ClientContext
|
|
### Fixed
|
|
- Tunnels reload
|
|
- Some typos in log messages
|
|
- Cleanup relay requests table
|
|
- Server tunnel is not published
|
|
- Build on GNU/Hurd. Disable pthread_setname_np
|
|
- Crash when incorrect sigtype used with blinding
|
|
|
|
## [2.39.0] - 2021-08-23
|
|
### Added
|
|
- Short tunnel build messages
|
|
- Localization. To: Russian, Ukrainian, Turkmen, Uzbek and Afrikaans
|
|
- Custom CSS styles for webconsole
|
|
- Avoid slow tunnels with more than 250 ms per hop
|
|
- Process DELAY_REQUESTED streaming option
|
|
- "certsdir" options for certificates location
|
|
- Keep own RouterInfo in NetBb
|
|
- Pick ECIES routers only for tunnels on non-x64
|
|
- NTP sync through ipv6
|
|
- Allow ipv6 addresses for UDP server tunnels
|
|
### Changed
|
|
- Rekey of all routers to ECIES
|
|
- Better distribution for random tunnel's peer selection
|
|
- Yggdrasil reseed for v0.4, added two more
|
|
- Encryption type 0,4 by default for server tunnels
|
|
- Handle i2cp.dontPublishLeaseSet param for all destinations
|
|
- reg.i2p for subscriptions
|
|
- LeaseSet type 3 by default
|
|
- Don't allocate payload buffer for every single ECIESx25519 message
|
|
- Prefer public ipv6 instead rfc4941
|
|
- Optimal padding for one-time ECIESx25519 message
|
|
- Don't send datetime block for one-time ECIESx25519 message with one-time key
|
|
- Router with expired introducer is still valid
|
|
- Don't disable floodfill if still reachable by ipv6
|
|
- Set minimal version for floodfill to 0.9.38
|
|
- Eliminate extra lookups for sequential fragments on tunnel endpoint
|
|
- Consistent path for explicit peers
|
|
- Always create new tunnel from exploratory pool
|
|
- Don't try to connect to a router not reachable from us
|
|
- Mark additional ipv6 addresses/nets as reserved (#1679)
|
|
### Fixed
|
|
- Zero-hop tunnels
|
|
- Crash upon SAM session termination
|
|
- Build with boost < 1.55.0
|
|
- Address type for NTCP2 acceptors
|
|
- Check of ipv4/ipv6 address
|
|
- Request router to send to if not in NetDb
|
|
- Count outbound traffic for zero-hop tunnels
|
|
- URLdecode domain for registration string generator in webconsole
|
|
|
|
## [2.38.0] - 2021-05-17
|
|
### Added
|
|
- Publish ipv6 introducers
|
|
- Bind ipv6 or yggdrasil NTCP2 acceptor to specified address
|
|
- Support .b32.i2p addresses and hostnames for SAM STREAM CREATE
|
|
- ipv6 peer tests
|
|
- Publish iexp param for introducers
|
|
- Show ipv6 network status on the webconsole
|
|
- EdDSA signing keys can also be blinded
|
|
- Show router version on the webconsole
|
|
### Changed
|
|
- Rekey of all routers but floodfills to ECIES
|
|
- Increased number of precalculated x25519 keys to 15
|
|
- Don't publish LeaseSet without inbound tunnels
|
|
- Reseed from compatible address(ipv4 or ipv6)
|
|
- Recongnize v4 and v6 SSU addresses without host
|
|
- Inbound tunnel gateway must be ipv4 compatible
|
|
- Don't select next introducers from existing sessions
|
|
- Set X bandwidth for floodfill by default
|
|
### Fixed
|
|
- Incoming ECIES-x25519 session doesn't send updated LeaseSet
|
|
- Unique local address for server tunnels
|
|
- Race condition for LeaseSet creation in I2CP
|
|
- Relay tag for ipv6 introducer
|
|
- Already expired introducers
|
|
- Find connected router for first peer in tunnel
|
|
- Failed outgoing ECIES-x25519 session's tagset stays forever
|
|
- Yggdrasil address disappears if router becomes unreachable through ipv6
|
|
- Ignore SSU address/introducers if port is not specified
|
|
- Check identity and signature length for SSU SessionConfirmed
|
|
|
|
## [2.37.0] - 2021-03-15
|
|
### Added
|
|
- Address registration line for reg.i2p and stats.i2p through the web console
|
|
- "4" and "6" caps for addresses without published IP address
|
|
- Mesh and Proxy network statuses
|
|
- Symmetric NAT network status error
|
|
- Bind server tunnel connection to specified address
|
|
- lookuplocal BOB extended command
|
|
- address4 and address6 parameters to bind outgoing connections to
|
|
- Rekey of low-bandwidth routers to ECIES
|
|
- Popup notification windows when unable to parse config for Windows
|
|
### Changed
|
|
- Floodfills with "U" cap are not ignored anymore
|
|
- Check transports reachability between tunnel peers and between router and floodfill
|
|
- NTCP2 and reseed HTTP proxy support authorization now
|
|
- Show actual IP addresses for proxy connections
|
|
- Publish and handle SSU addreses without host
|
|
- Outbound tunnel endpoint must be ipv4 compatible
|
|
- Logging optimization
|
|
- Removed Windows service
|
|
### Fixed
|
|
- Incoming SSU session terminates after 5 seconds
|
|
- Outgoing NTCP2 ipv4 session even if ipv4 is disabled
|
|
- No incoming Yggdrasil connection if connected through NTCP2 proxy
|
|
- Race condition between tunnel build and floodfill requests decryption for ECIES routers
|
|
- Numeric bandwidth limitation
|
|
- Yggdrasil for Android
|
|
|
|
## [2.36.0] - 2021-02-15
|
|
### Added
|
|
- Encrypted lookup and publications to ECIES-x25519 floodfiils
|
|
- Yggdrasil transports and reseeds
|
|
- Dump addressbook in hosts.txt format
|
|
- Request RouterInfo through exploratory tunnels if direct connection to fllodfill is not possible
|
|
- Threads naming
|
|
- Check if public x25519 key is valid
|
|
- ECIES-X25519-AEAD-Ratchet for shared local destination
|
|
- LeaseSet creation timeout for I2CP session
|
|
- Resend RouterInfo after some interval for longer NTCP2 sessions
|
|
- Select reachable router of inbound tunnel gateway
|
|
- Reseed if no compatible routers in netdb
|
|
- Refresh on swipe in Android webconsole
|
|
### Changed
|
|
- reg.i2p for default addressbook instead inr.i2p
|
|
- ECIES-x25519 (crypto type 4) for new routers
|
|
- Try to connect to all compatible addresses from peer's RouterInfo
|
|
- Replace LeaseSet completely if store type changes
|
|
- Try ECIES-X25519-AEAD-Ratchet tag before ElGamal
|
|
- Don't detach ECIES-X25519-AEAD-Ratchet session from destination immediately
|
|
- Viewport and styles on error in HTTP proxy
|
|
- Don't create notification when Windows taskbar restarted
|
|
- Cumulative SSU ACK bitfields
|
|
- limit tunnel length to 8 hops
|
|
- Limit tunnels quantity to 16
|
|
### Fixed
|
|
- Handling chunked HTTP response in addressbook
|
|
- Missing ECIES-X25519-AEAD-Ratchet tags for multiple streams with the same destination
|
|
- Correct NAME for NAMING REPLY in SAM
|
|
- SSU crash on termination
|
|
- Offline signature length for stream close packet
|
|
- Don't send updated LeaseSet through a terminated session
|
|
- Decryption of follow-on ECIES-X25519-AEAD-Ratchet NSR messages
|
|
- Non-confirmed LeaseSet is resent too late for ECIES-X25519-AEAD-Ratchet session
|
|
|
|
## [2.35.0] - 2020-11-30
|
|
### Added
|
|
- ECIES-x25519 routers
|
|
- Random intro keys for SSU
|
|
- Graceful shutdown timer for windows
|
|
- Send queue for I2CP messages
|
|
- Update DSA router keys to EdDSA
|
|
- TCP_QUICKACK for NTCP2 sockets on Linux
|
|
### Changed
|
|
- Exclude floodfills with DSA signatures and < 0.9.28
|
|
- Random intervals between tunnel tests and manage for tunnel pools
|
|
- Don't replace an addressbook record by one with DSA signature
|
|
- Publish RouterInfo after update
|
|
- Create paired inbound tunnels if no inbound tunnels yet
|
|
- Reseed servers list
|
|
### Fixed
|
|
- Transient signature length, if different from identity
|
|
- Terminate I2CP session if destroyed
|
|
- RouterInfo publishing confirmation
|
|
- Check if ECIES-X25519-AEAD-Ratchet session expired before generating more tags
|
|
- Correct block size for delivery type local for ECIES-X25519-AEAD-Ratchet
|
|
|
|
## [2.34.0] - 2020-10-27
|
|
### Added
|
|
- Ping responses for streaming
|
|
- STREAM FORWARD for SAM
|
|
- Tunnels through ECIES-x25519 routers
|
|
- Single thread for I2CP
|
|
- Shared transient destination between proxies
|
|
- Database lookups from ECIES destinations with ratchets response
|
|
- Handle WebDAV HTTP methods
|
|
- Don't try to connect or build tunnels if offline
|
|
- Validate IP when trying connect to remote peer
|
|
- Handle ICMP responses and WinAPI errors for SSU
|
|
### Changed
|
|
- Removed NTCP
|
|
- Dropped gcc 4.7 support
|
|
- Encyption type 0,4 by default for client tunnels
|
|
- Stripped out some HTTP header for HTTP server response
|
|
- HTTP 1.1 addressbook requests
|
|
- Set LeaseSet type to 3 for ratchets if not specified
|
|
- Handle SSU v4 and v6 messages in one thread
|
|
- Eliminate DH keys thread
|
|
### Fixed
|
|
- Random crashes on I2CP session disconnect
|
|
- Stream through racthets hangs if first SYN was not acked
|
|
- Check "Last-Modified" instead "If-Modified-Since" for addressbook reponse
|
|
- Trim behind ECIESx25519 tags
|
|
- Few bugs with Android main activity
|
|
- QT visual and layout issues
|
|
|
|
## [2.33.0] - 2020-08-24
|
|
### Added
|
|
- Shared transient addresses
|
|
- crypto.ratchet.inboundTags paramater
|
|
- Multiple encryption keys through I2CP
|
|
- Pre-calculated x25519 ephemeral keys
|
|
- Change datagram routing path if nothing comes back in 10 seconds
|
|
- Shared routing path for datagram session
|
|
### Changed
|
|
- UDP tunnels send mix of repliable and raw datagrams in bulk
|
|
- Encrypt SSU packet again upon resend
|
|
- Start new tunnel message if remaining buffer is too small
|
|
- Use LeaseSet2 for ECIES-X25519-AEAD-Ratchet automatically
|
|
- Save new ECIES-X25519-AEAD-Ratchet session with NSR tagset
|
|
- Generate random padding lengths for ECIES-X25519-AEAD-Ratchet in bulk
|
|
- Webconsole layout
|
|
- Reseed servers list
|
|
### Fixed
|
|
- Don't connect through terminated SAM destination
|
|
- Differentiate UDP server sessions by port
|
|
- ECIES-X25519-AEAD-Ratchet through I2CP
|
|
- Don't save invalid address to AddressBook
|
|
- ECDSA signatures names in SAM
|
|
- AppArmor profile
|
|
|
|
## [2.32.1] - 2020-06-02
|
|
### Added
|
|
- Read explicit peers in tunnels config
|
|
### Fixed
|
|
- Generation of tags for detached sessions
|
|
- Non-updating LeaseSet1
|
|
- Start when deprecated websocket options present in i2pd.conf
|
|
|
|
## [2.32.0] - 2020-05-25
|
|
### Added
|
|
- Multiple encryption types for local destinations
|
|
- Next key and tagset for ECIES-X25519-AEAD-Ratchet
|
|
- NTCP2 through SOCKS proxy
|
|
- Throw error message if any port to bind is occupied
|
|
- gzip parameter for UDP tunnels
|
|
- Show ECIES-X25519-AEAD-Ratchet sessions and tags on the web console
|
|
- Simplified implementation of gzip for no compression mode
|
|
- Allow ECIES-X25519-AEAD-Ratchet session restart after 2 minutes
|
|
- Added logrotate config for rpm package
|
|
### Changed
|
|
- Select peers for client tunnels among routers >= 0.9.36
|
|
- Check ECIES flag for encrypted lookup reply
|
|
- Streaming MTU size 1812 for ECIES-X25519-AEAD-Ratchet
|
|
- Don't calculate checksum for Data message send through ECIES-X25519-AEAD-Ratchet
|
|
- Catch network connectivity status for Windows
|
|
- Stop as soon as no more transit tunnels during graceful shutdown for Android
|
|
- RouterInfo gzip compression level depends on size
|
|
- Send response to received datagram from ECIES-X25519-AEAD-Ratchet session
|
|
- Update webconsole functional
|
|
- Increased max transit tunnels limit
|
|
- Reseeds list
|
|
- Dropped windows support in cmake
|
|
### Fixed
|
|
- Correct timestamp check for LeaseSet2
|
|
- Encrypted leaseset without authentication
|
|
- Change SOCKS proxy connection response for clients without socks5h support (#1336)
|
|
|
|
## [2.31.0] - 2020-04-10
|
|
### Added
|
|
- NTCP2 through HTTP proxy
|
|
- Publish LeaseSet2 for I2CP destinations
|
|
- Show status page on main activity for android
|
|
- Handle ECIESFlag in DatabaseLookup at floodfill
|
|
- C++17 features for eligible compilers
|
|
### Changed
|
|
- Droped Websockets and Lua support
|
|
- Send DeliveryStatusMsg for LeaseSet for ECIES-X25519-AEAD-Ratchet
|
|
- Keep sending new session reply until established for ECIES-X25519-AEAD-Ratchet
|
|
- Updated SSU log messages
|
|
- Reopen SSU socket on exception
|
|
- Security hardening headers in web console
|
|
- Various web console changes
|
|
- Various QT changes
|
|
### Fixed
|
|
- NTCP2 socket descriptors leak
|
|
- Race condition with router's identity in transport sessions
|
|
- Not terminated streams remain forever
|
|
|
|
## [2.30.0] - 2020-02-25
|
|
### Added
|
|
- Single threaded SAM
|
|
- Experimental support of ECIES-X25519-AEAD-Ratchet crypto type
|
|
### Changed
|
|
- Minimal MTU size is 1280 for ipv6
|
|
- Use unordered_map instead map for destination's sessions and tags list
|
|
- Use std::shuffle instead std::random_shuffle
|
|
- SAM is single threaded by default
|
|
- Reseeds list
|
|
### Fixed
|
|
- Correct termination of streaming destination
|
|
- Extra ',' in RouterInfo response in I2PControl
|
|
- SAM crash on session termination
|
|
- Storage for Android 10
|
|
|
|
## [2.29.0] - 2019-10-21
|
|
### Added
|
|
- Client auth flag for b33 address
|
|
### Changed
|
|
- Remove incoming NTCP2 session from pending list when established
|
|
- Handle errors for NTCP2 SessionConfrimed send
|
|
### Fixed
|
|
- Failure to start on Windows XP
|
|
- SAM crash if invalid lookup address
|
|
- Possible crash when UPnP enabled on shutdown
|
|
|
|
## [2.28.0] - 2019-08-27
|
|
### Added
|
|
- RAW datagrams in SAM
|
|
- Publishing encrypted LeaseSet2 with DH or PSH authentication
|
|
- Ability to disable battery optimization for Android
|
|
- Transport Network ID Check
|
|
### Changed
|
|
- Set and handle published encrypted flag for LeaseSet2
|
|
### Fixed
|
|
- ReceiveID changes in the same stream
|
|
- "\r\n" command terminator in SAM
|
|
- Addressbook lines with signatures
|
|
|
|
## [2.27.0] - 2019-07-03
|
|
### Added
|
|
- Support of PSK and DH authentication for encrypted LeaseSet2
|
|
### Changed
|
|
- Uptime is based on monotonic timer
|
|
### Fixed
|
|
- BOB status command response
|
|
- Correct NTCP2 port if NTCP is disabled
|
|
- Flood encrypted LeaseSet2 with store hash
|
|
|
|
## [2.26.0] - 2019-06-07
|
|
### Added
|
|
- HTTP method "PROPFIND"
|
|
- Detection of external ipv6 address through the SSU
|
|
- NTCP2 publishing depends on network status
|
|
### Changed
|
|
- ntcp is disabled by default, ntcp2 is published by default
|
|
- Response to BOB's "list" command
|
|
- ipv6 address is not longer NTCP's local endpoint's address
|
|
- Reseeds list
|
|
- HTTP_REFERER stripping in httpproxy (#823)
|
|
### Fixed
|
|
- Check and handle incorrect BOB input
|
|
- Ignore introducers for NTCP or NTCP2 addresses
|
|
- RouterInfo check from NTCP2
|
|
|
|
## [2.25.0] - 2019-05-09
|
|
### Added
|
|
- Create, publish and handle encrypted LeaseSet2
|
|
- Support of b33 addresses
|
|
- RedDSA key blinding
|
|
- .b32.i2p addresses in jump links
|
|
- ntcp2.addressv6 parameter
|
|
### Changed
|
|
- Allow HTTP headers without value
|
|
- Set data directory from external storage path for Android
|
|
- addresshelper support is configurable per tunnel
|
|
- gradlew script for android build
|
|
### Fixed
|
|
- Deletion of expired encrypted LeaseSet2 on floodfills
|
|
- ipv6 fallback address
|
|
- SSU incoming packets routing
|
|
|
|
## [2.24.0] - 2019-03-21
|
|
### Added
|
|
- Support of transient keys for LeaseSet2
|
|
- Support of encrypted LeaseSet2
|
|
- Recognize signature type 11 (RedDSA)
|
|
- Support websocket connections over HTTP proxy
|
|
- Ability to disable full addressbook persist
|
|
### Changed
|
|
- Don't load peer profiles if non-persistant
|
|
- REUSE_ADDR for ipv6 acceptors
|
|
- Reset eTags if addressbook can't be loaded
|
|
### Fixed
|
|
- Build with boost 1.70
|
|
- Filter out unspecified addresses from RouterInfo
|
|
- Check floodfill status change
|
|
- Correct SAM response for invalid key
|
|
- SAM crash on termination for Windows
|
|
- Race condition for publishing
|
|
|
|
## [2.23.0] - 2019-01-21
|
|
### Added
|
|
- Standard LeaseSet2 support
|
|
- Ability to adjust timestamps through the NTP
|
|
- Ability to disable peer profile persist
|
|
- Request permission for android >= 6
|
|
- Initial addressbook to android assets
|
|
- Cancel graceful shutdown for android
|
|
- Russian translation for android
|
|
### Changed
|
|
- Chacha20 and Poly1305 implementation
|
|
- Eliminate extra copy of NTCP2 send buffers
|
|
- Extract content of tunnel.d from assets on android
|
|
- Removed name resolvers from transports
|
|
- Update reseed certificates
|
|
### Fixed
|
|
- LeaseSet published content verification
|
|
- Exclude invalid LeaseSets from the list on a floodfill
|
|
- Build for OpenWrt with openssl 1.1.1
|
|
|
|
## [2.22.0] - 2018-11-09
|
|
### Added
|
|
- Multiple tunnel config files from tunnels.d folder
|
|
### Changed
|
|
- Fetch own RouterInfo upon SessionRequest for NTCP2
|
|
- Faster XOR between AES blocks for non AVX capable CPUs
|
|
### Fixed
|
|
- Fixed NTCP2 termination send
|
|
|
|
## [2.21.1] - 2018-10-22
|
|
### Changed
|
|
- cost=13 for unpublished NTCP2 address
|
|
### Fixed
|
|
- Handle I2NP messages longer than 32K
|
|
|
|
## [2.21.0] - 2018-10-04
|
|
### Added
|
|
- EdDSA, x25519 and SipHash from openssl 1.1.1
|
|
- NTCP2 ipv6 incoming connections
|
|
- Show total number of destination's outgoing tags in the web console
|
|
### Changed
|
|
- Android build with openssl 1.1.1/boost 1.64
|
|
- Bandwidth classes 'P' and 'X' don't add 'O' anymore
|
|
### Fixed
|
|
- Update own RouterInfo if no SSU
|
|
- Recognize 'P' and 'X' routers as high bandwidth without 'O'
|
|
- NTCP address doesn't disappear if NTCP2 enabled
|
|
- Android with api 26+
|
|
|
|
## [2.20.0] - 2018-08-23
|
|
### Added
|
|
- Full implementation of NTCP2
|
|
- Assets for android
|
|
### Changed
|
|
- armeabi-v7a and x86 in one apk for android
|
|
- NTCP2 is enabled by default
|
|
- Show lease's expiration time in readable format in the web console
|
|
### Fixed
|
|
- Correct names for transports in the web console
|
|
|
|
## [2.19.0] - 2018-06-26
|
|
### Added
|
|
- ECIES support for RouterInfo
|
|
- HTTP outproxy authorization
|
|
- AVX/AESNI runtime detection
|
|
- Initial implementation of NTCP2
|
|
- I2CP session reconfigure
|
|
- I2CP method ClientServicesInfo
|
|
- Datagrams to websocks
|
|
### Changed
|
|
- RouterInfo uses EdDSA signature by default
|
|
- Remove stream bans
|
|
- Android build system changed to gradle
|
|
- Multiple changes in QT GUI
|
|
- Dockerfile
|
|
### Fixed
|
|
- zero tunnelID issue
|
|
- tunnels reload
|
|
- headers in webconsole
|
|
- XSS in webconsole from SAM session name
|
|
- build for gcc 8
|
|
- cmake build scripts
|
|
- systemd service files
|
|
- some netbsd issues
|
|
|
|
## [2.18.0] - 2018-01-30
|
|
### Added
|
|
- Show tunnel nicknames for I2CP destination in WebUI
|
|
- Re-create HTTP and SOCKS proxy by tunnel reload
|
|
- Graceful shutdown as soon as no more transit tunnels
|
|
### Changed
|
|
- Regenerate shared local destination by tunnel reload
|
|
- Use transient local destination by default if not specified
|
|
- Return correct code if pid file can't be created
|
|
- Timing and number of attempts for adressbook requests
|
|
- Certificates list
|
|
### Fixed
|
|
- Malformed addressbook subsctiption request
|
|
- Build with boost 1.66
|
|
- Few race conditions for SAM
|
|
- Check LeaseSet's signature before update
|
|
|
|
## [2.17.0] - 2017-12-04
|
|
### Added
|
|
- Reseed through HTTP and SOCKS proxy
|
|
- Show status of client services through web console
|
|
- Change log level through web connsole
|
|
- transient keys for tunnels
|
|
- i2p.streaming.initialAckDelay parameter
|
|
- CRYPTO_TYPE for SAM destination
|
|
- signature and crypto type for newkeys BOB command
|
|
### Changed
|
|
- Correct publication of ECIES destinations
|
|
- Disable RSA signatures completely
|
|
### Fixed
|
|
- CVE-2017-17066
|
|
- Possible buffer overflow for RSA-4096
|
|
- Shutdown from web console for Windows
|
|
- Web console page layout
|
|
## [2.16.0] - 2017-11-13
|
|
### Added
|
|
- https and "Connect" method for HTTP proxy
|
|
- outproxy for HTTP proxy
|
|
- initial support of ECIES crypto
|
|
- NTCP soft and hard descriptors limits
|
|
- Support full timestamps in logs
|
|
### Changed
|
|
- Faster implementation of GOST R 34.11 hash
|
|
- Reject routers with RSA signtures
|
|
- Reload config and shudown from Windows GUI
|
|
- Update tunnels address(destination) without restart
|
|
### Fixed
|
|
- BOB crashes if destination is not set
|
|
- Correct SAM tunnel name
|
|
- QT GUI issues
|
|
|
|
## [2.15.0] - 2017-08-17
|
|
### Added
|
|
- QT GUI
|
|
- Ability to add and remove I2P tunnels without restart
|
|
- Ability to disable SOCKS outproxy option
|
|
### Changed
|
|
- Strip-out Accept-* hedaers in HTTP proxy
|
|
- Don't run peer test if nat=false
|
|
- Separate output of NTCP and SSU sessions in Transports tab
|
|
### Fixed
|
|
- Handle lines with comments in hosts.txt file for address book
|
|
- Run router with empty netdb for testnet
|
|
- Skip expired introducers by iexp
|
|
|
|
## [2.14.0] - 2017-06-01
|
|
### Added
|
|
- Transit traffic bandwidth limitation
|
|
- NTCP connections through HTTP and SOCKS proxies
|
|
- Ability to disable address helper for HTTP proxy
|
|
### Changed
|
|
- Reseed servers list
|
|
- Minimal required version is 4.0 for Android
|
|
### Fixed
|
|
- Ignore comments in addressbook feed
|
|
|
|
## [2.13.0] - 2017-04-06
|
|
### Added
|
|
- Persist local destination's tags
|
|
- GOST signature types 9 and 10
|
|
- Exploratory tunnels configuration
|
|
### Changed
|
|
- Reseed servers list
|
|
- Inactive NTCP sockets get closed faster
|
|
- Some EdDSA speed up
|
|
### Fixed
|
|
- Multiple acceptors for SAM
|
|
- Follow on data after STREAM CREATE for SAM
|
|
- Memory leaks
|
|
|
|
## [2.12.0] - 2017-02-14
|
|
### Added
|
|
- Additional HTTP and SOCKS proxy tunnels
|
|
- Reseed from ZIP archive
|
|
- Some stats in a main window for Windows version
|
|
### Changed
|
|
- Reseed servers list
|
|
- MTU of 1488 for ipv6
|
|
- Android and Mac OS X versions use OpenSSL 1.1
|
|
- New logo for Android
|
|
### Fixed
|
|
- Multiple memory leaks
|
|
- Incomptibility of some EdDSA private keys with Java
|
|
- Clock skew for Windows XP
|
|
- Occasional crashes with I2PSnark
|
|
|
|
## [2.11.0] - 2016-12-18
|
|
### Added
|
|
- Websockets support
|
|
- Reseed through a floodfill
|
|
- Tunnel configuration for HTTP and SOCKS proxy
|
|
- Zero-hops tunnels for destinations
|
|
- Multiple acceptors for SAM
|
|
### Changed
|
|
- Reseed servers list
|
|
- DHT uses AVX if applicable
|
|
- New logo
|
|
- LeaseSet lookups
|
|
### Fixed
|
|
- HTTP Proxy connection reset for Windows
|
|
- Crash upon SAM session termination
|
|
- Can't connect to a destination for a longer time after restart
|
|
- Mass packet loss for UDP tunnels
|
|
|
|
## [2.10.2] - 2016-12-04
|
|
### Fixed
|
|
- Fixes UPnP discovery bug, producing excessive CPU usage
|
|
- Fixes sudden SSU thread stop for Windows.
|
|
|
|
## [2.10.1] - 2016-11-07
|
|
### Fixed
|
|
- Fixed some performance issues for Windows and Android
|
|
|
|
## [2.10.0] - 2016-10-17
|
|
### Added
|
|
- Datagram i2p tunnels
|
|
- Unique local addresses for server tunnels
|
|
- Configurable list of reseed servers and initial addressbook
|
|
- Configurable netid
|
|
- Initial iOS support
|
|
|
|
### Changed
|
|
- Reduced file descriptors usage
|
|
- Strict reseed checks enabled by default
|
|
|
|
## Fixed
|
|
- Multiple fixes in I2CP and BOB implementations
|
|
|
|
## [2.9.0] - 2016-08-12
|
|
### Changed
|
|
- Proxy refactoring & speedup
|
|
- Transmission-I2P support
|
|
- Graceful shutdown for Windows
|
|
- Android without QT
|
|
- Reduced number of timers in SSU
|
|
- ipv6 peer test support
|
|
- Reseed from SU3 file
|
|
|
|
## [2.8.0] - 2016-06-20
|
|
### Added
|
|
- Basic Android support
|
|
- I2CP implementation
|
|
- 'doxygen' target
|
|
|
|
### Changed
|
|
- I2PControl refactoring & fixes (proper jsonrpc responses on errors)
|
|
- boost::regex no more needed
|
|
|
|
### Fixed
|
|
- initscripts: added openrc one, in sysv-ish make I2PD_PORT optional
|
|
- properly close NTCP sessions (memleak)
|
|
|
|
## [2.7.0] - 2016-05-18
|
|
### Added
|
|
- Precomputed El-Gamal/DH tables
|
|
- Configurable limit of transit tunnels
|
|
|
|
### Changed
|
|
- Speed-up of asymmetric crypto for non-x64 platforms
|
|
- Refactoring of web-console
|
|
|
|
## [2.6.0] - 2016-03-31
|
|
### Added
|
|
- Graceful shutdown on SIGINT
|
|
- Numeric bandwidth limits (was: by router class)
|
|
- Jumpservices in web-console
|
|
- Logging to syslog
|
|
- Tray icon for windows application
|
|
|
|
### Changed
|
|
- Logs refactoring
|
|
- Improved statistics in web-console
|
|
|
|
### Deprecated:
|
|
- Renamed main/tunnels config files (will use old, if found, but emits warning)
|
|
|
|
## [2.5.1] - 2016-03-10
|
|
### Fixed
|
|
- Doesn't create ~/.i2pd dir if missing
|
|
|
|
## [2.5.0] - 2016-03-04
|
|
### Added
|
|
- IRC server tunnels
|
|
- SOCKS outproxy support
|
|
- Support for gzipped addressbook updates
|
|
- Support for router families
|
|
|
|
### Changed
|
|
- Shared RTT/RTO between streams
|
|
- Filesystem work refactoring
|
|
|
|
## [2.4.0] - 2016-02-03
|
|
### Added
|
|
- X-I2P-* headers for server http-tunnels
|
|
- I2CP options for I2P tunnels
|
|
- Show I2P tunnels in webconsole
|
|
|
|
### Changed
|
|
- Refactoring of cmdline/config parsing
|
|
|
|
## [2.3.0] - 2016-01-12
|
|
### Added
|
|
- Support for new router bandwidth class codes (P and X)
|
|
- I2PControl supports external webui
|
|
- Added --pidfile and --notransit parameters
|
|
- Ability to specify signature type for i2p tunnel
|
|
|
|
### Changed
|
|
- Fixed multiple floodfill-related bugs
|
|
- New webconsole layout
|
|
|
|
## [2.2.0] - 2015-12-22
|
|
### Added
|
|
- Ability to connect to router without ip via introducer
|
|
|
|
### Changed
|
|
- Persist temporary encryption keys for local destinations
|
|
- Performance improvements for EdDSA
|
|
- New addressbook structure
|
|
|
|
## [2.1.0] - 2015-11-12
|
|
### Added
|
|
- Implementation of EdDSA
|
|
|
|
### Changed
|
|
- EdDSA is default signature type for new RouterInfos
|