From 7ae40d89c1921981c89ec123dabcf83ee23a32fa Mon Sep 17 00:00:00 2001 From: orignal Date: Tue, 14 Feb 2017 12:39:59 -0500 Subject: [PATCH 01/27] updated ChangeLog --- ChangeLog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index f94c6436..347c8bf2 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,7 +4,7 @@ ## [2.12.0] - 2017-02-14 ### Added - Additional HTTP and SOCKS proxy tunnels -- Reseed from ZIP achieve +- Reseed from ZIP archive - Some stats in a main window for Windows version ### Changed - Reseed servers list From 55f891e2aa67cb8dea744a4e5cd58e1a66d4c243 Mon Sep 17 00:00:00 2001 From: orignal Date: Tue, 14 Feb 2017 14:20:37 -0500 Subject: [PATCH 02/27] fixed build error for gcc 4.7 --- NTCPSession.cpp | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/NTCPSession.cpp b/NTCPSession.cpp index 48b4aecb..8dbe4fe7 100644 --- a/NTCPSession.cpp +++ b/NTCPSession.cpp @@ -167,7 +167,13 @@ namespace transport return; } } - +#if (__GNUC__ == 4) && (__GNUC_MINOR__ <= 7) +// due the bug in gcc 4.7. std::shared_future.get() is not const + if (!m_DHKeysPair) + m_DHKeysPair = transports.GetNextDHKeysPair (); + CreateAESKey (m_Establisher->phase1.pubKey); + SendPhase2 (); +#else // TODO: check for number of pending keys auto s = shared_from_this (); auto keyCreated = std::async (std::launch::async, [s] () @@ -180,7 +186,8 @@ namespace transport { keyCreated.get (); s->SendPhase2 (); - }); + }); +#endif } } @@ -239,6 +246,11 @@ namespace transport } else { +#if (__GNUC__ == 4) && (__GNUC_MINOR__ <= 7) +// due the bug in gcc 4.7. std::shared_future.get() is not const + CreateAESKey (m_Establisher->phase2.pubKey); + HandlePhase2 (); +#else auto s = shared_from_this (); // create AES key in separate thread auto keyCreated = std::async (std::launch::async, [s] () @@ -251,6 +263,7 @@ namespace transport keyCreated.get (); // we might wait if no more pending operations s->HandlePhase2 (); }); +#endif } } From 83300044ddff9f8962d2946002c1855810e083f6 Mon Sep 17 00:00:00 2001 From: r4sas Date: Wed, 15 Feb 2017 09:04:40 +0300 Subject: [PATCH 03/27] fix osx upnp support fix tabulation in UPnP.cpp --- Makefile.homebrew | 1 + Makefile.osx | 5 + UPnP.cpp | 234 +++++++++++++++++++++++----------------------- 3 files changed, 123 insertions(+), 117 deletions(-) diff --git a/Makefile.homebrew b/Makefile.homebrew index f57f6495..05fd8dcf 100644 --- a/Makefile.homebrew +++ b/Makefile.homebrew @@ -11,6 +11,7 @@ LDLIBS = -lz -lcrypto -lssl -lboost_system -lboost_date_time -lboost_filesystem ifeq ($(USE_UPNP),yes) LDFLAGS += -ldl CXXFLAGS += -DUSE_UPNP + LDLIBS += -lminiupnpc endif # OSX Notes diff --git a/Makefile.osx b/Makefile.osx index f9372c8f..8d6a1c65 100644 --- a/Makefile.osx +++ b/Makefile.osx @@ -13,6 +13,11 @@ endif ifeq ($(USE_UPNP),yes) LDFLAGS += -ldl CXXFLAGS += -DUSE_UPNP +ifeq ($(USE_STATIC),yes) + LDLIBS += /usr/local/lib/libminiupnpc.a +else + LDLIBS += -lminiupnpc +endif endif ifeq ($(USE_AESNI),1) diff --git a/UPnP.cpp b/UPnP.cpp index 6a46ee77..20244786 100644 --- a/UPnP.cpp +++ b/UPnP.cpp @@ -22,49 +22,49 @@ namespace i2p { namespace transport { - UPnP::UPnP () : m_IsRunning(false), m_Thread (nullptr), m_Timer (m_Service) - { - } + UPnP::UPnP () : m_IsRunning(false), m_Thread (nullptr), m_Timer (m_Service) + { + } - void UPnP::Stop () - { + void UPnP::Stop () + { if (m_IsRunning) { - LogPrint(eLogInfo, "UPnP: stopping"); - m_IsRunning = false; + LogPrint(eLogInfo, "UPnP: stopping"); + m_IsRunning = false; m_Timer.cancel (); m_Service.stop (); - if (m_Thread) - { - m_Thread->join (); - m_Thread.reset (nullptr); - } + if (m_Thread) + { + m_Thread->join (); + m_Thread.reset (nullptr); + } CloseMapping (); - Close (); + Close (); } - } + } - void UPnP::Start() - { + void UPnP::Start() + { m_IsRunning = true; - LogPrint(eLogInfo, "UPnP: starting"); + LogPrint(eLogInfo, "UPnP: starting"); m_Service.post (std::bind (&UPnP::Discover, this)); std::unique_lock l(m_StartedMutex); - m_Thread.reset (new std::thread (std::bind (&UPnP::Run, this))); + m_Thread.reset (new std::thread (std::bind (&UPnP::Run, this))); m_Started.wait_for (l, std::chrono::seconds (5)); // 5 seconds maximum - } - - UPnP::~UPnP () - { + } + + UPnP::~UPnP () + { Stop (); - } + } - void UPnP::Run () - { + void UPnP::Run () + { while (m_IsRunning) { try - { + { m_Service.run (); // Discover failed break; // terminate the thread @@ -73,127 +73,127 @@ namespace transport { LogPrint (eLogError, "UPnP: runtime exception: ", ex.what ()); PortMapping (); - } - } - } - - void UPnP::Discover () - { - int nerror = 0; + } + } + } + + void UPnP::Discover () + { + int nerror = 0; #if MINIUPNPC_API_VERSION >= 14 - m_Devlist = upnpDiscover (2000, m_MulticastIf, m_Minissdpdpath, 0, 0, 2, &nerror); + m_Devlist = upnpDiscover (2000, m_MulticastIf, m_Minissdpdpath, 0, 0, 2, &nerror); #else - m_Devlist = upnpDiscover (2000, m_MulticastIf, m_Minissdpdpath, 0, 0, &nerror); + m_Devlist = upnpDiscover (2000, m_MulticastIf, m_Minissdpdpath, 0, 0, &nerror); #endif { - // notify satrting thread + // notify satrting thread std::unique_lock l(m_StartedMutex); m_Started.notify_all (); - } - - int r; - r = UPNP_GetValidIGD (m_Devlist, &m_upnpUrls, &m_upnpData, m_NetworkAddr, sizeof (m_NetworkAddr)); - if (r == 1) - { - r = UPNP_GetExternalIPAddress (m_upnpUrls.controlURL, m_upnpData.first.servicetype, m_externalIPAddress); - if(r != UPNPCOMMAND_SUCCESS) - { - LogPrint (eLogError, "UPnP: UPNP_GetExternalIPAddress() returned ", r); - return; - } - else - { - if (!m_externalIPAddress[0]) - { - LogPrint (eLogError, "UPnP: GetExternalIPAddress() failed."); - return; - } - } - } + } + + int r; + r = UPNP_GetValidIGD (m_Devlist, &m_upnpUrls, &m_upnpData, m_NetworkAddr, sizeof (m_NetworkAddr)); + if (r == 1) + { + r = UPNP_GetExternalIPAddress (m_upnpUrls.controlURL, m_upnpData.first.servicetype, m_externalIPAddress); + if(r != UPNPCOMMAND_SUCCESS) + { + LogPrint (eLogError, "UPnP: UPNP_GetExternalIPAddress() returned ", r); + return; + } + else + { + if (!m_externalIPAddress[0]) + { + LogPrint (eLogError, "UPnP: GetExternalIPAddress() failed."); + return; + } + } + } else { - LogPrint (eLogError, "UPnP: GetValidIGD() failed."); - return; + LogPrint (eLogError, "UPnP: GetValidIGD() failed."); + return; } - // UPnP discovered + // UPnP discovered LogPrint (eLogDebug, "UPnP: ExternalIPAddress is ", m_externalIPAddress); - i2p::context.UpdateAddress (boost::asio::ip::address::from_string (m_externalIPAddress)); + i2p::context.UpdateAddress (boost::asio::ip::address::from_string (m_externalIPAddress)); // port mapping PortMapping (); - } + } void UPnP::PortMapping () { const auto& a = context.GetRouterInfo().GetAddresses(); for (const auto& address : a) - { - if (!address->host.is_v6 ()) - TryPortMapping (address); - } + { + if (!address->host.is_v6 ()) + TryPortMapping (address); + } m_Timer.expires_from_now (boost::posix_time::minutes(20)); // every 20 minutes m_Timer.async_wait ([this](const boost::system::error_code& ecode) - { - if (ecode != boost::asio::error::operation_aborted) - PortMapping (); - }); + { + if (ecode != boost::asio::error::operation_aborted) + PortMapping (); + }); - } + } void UPnP::CloseMapping () { const auto& a = context.GetRouterInfo().GetAddresses(); for (const auto& address : a) - { - if (!address->host.is_v6 ()) - CloseMapping (address); - } - } - - void UPnP::TryPortMapping (std::shared_ptr address) - { - std::string strType (GetProto (address)), strPort (std::to_string (address->port)); - int r; - std::string strDesc; i2p::config::GetOption("upnp.name", strDesc); - r = UPNP_AddPortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strPort.c_str (), m_NetworkAddr, strDesc.c_str (), strType.c_str (), 0, "0"); - if (r!=UPNPCOMMAND_SUCCESS) - { - LogPrint (eLogError, "UPnP: AddPortMapping (", m_NetworkAddr, ":", strPort, ") failed with code ", r); - return; - } - else - { - LogPrint (eLogDebug, "UPnP: Port Mapping successful. (", m_NetworkAddr ,":", strPort, " type ", strType, " -> ", m_externalIPAddress ,":", strPort ,")"); - return; - } - } - - void UPnP::CloseMapping (std::shared_ptr address) - { - std::string strType (GetProto (address)), strPort (std::to_string (address->port)); - int r = 0; - r = UPNP_DeletePortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strType.c_str (), 0); - LogPrint (eLogError, "UPnP: DeletePortMapping() returned : ", r); - } - - void UPnP::Close () - { - freeUPNPDevlist (m_Devlist); - m_Devlist = 0; - FreeUPNPUrls (&m_upnpUrls); - } + { + if (!address->host.is_v6 ()) + CloseMapping (address); + } + } + + void UPnP::TryPortMapping (std::shared_ptr address) + { + std::string strType (GetProto (address)), strPort (std::to_string (address->port)); + int r; + std::string strDesc; i2p::config::GetOption("upnp.name", strDesc); + r = UPNP_AddPortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strPort.c_str (), m_NetworkAddr, strDesc.c_str (), strType.c_str (), 0, "0"); + if (r!=UPNPCOMMAND_SUCCESS) + { + LogPrint (eLogError, "UPnP: AddPortMapping (", m_NetworkAddr, ":", strPort, ") failed with code ", r); + return; + } + else + { + LogPrint (eLogDebug, "UPnP: Port Mapping successful. (", m_NetworkAddr ,":", strPort, " type ", strType, " -> ", m_externalIPAddress ,":", strPort ,")"); + return; + } + } + + void UPnP::CloseMapping (std::shared_ptr address) + { + std::string strType (GetProto (address)), strPort (std::to_string (address->port)); + int r = 0; + r = UPNP_DeletePortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strType.c_str (), 0); + LogPrint (eLogError, "UPnP: DeletePortMapping() returned : ", r); + } + + void UPnP::Close () + { + freeUPNPDevlist (m_Devlist); + m_Devlist = 0; + FreeUPNPUrls (&m_upnpUrls); + } std::string UPnP::GetProto (std::shared_ptr address) { switch (address->transportStyle) - { - case i2p::data::RouterInfo::eTransportNTCP: - return "TCP"; - break; - case i2p::data::RouterInfo::eTransportSSU: - default: - return "UDP"; - } + { + case i2p::data::RouterInfo::eTransportNTCP: + return "TCP"; + break; + case i2p::data::RouterInfo::eTransportSSU: + default: + return "UDP"; + } } } } From 78c3babc37fe79943e3956abf43f1ab915d6a6ff Mon Sep 17 00:00:00 2001 From: Darknet Villain Date: Thu, 16 Feb 2017 01:14:07 -0500 Subject: [PATCH 04/27] Move docs to new repo --- docs/README.md | 3 + docs/building/android.md | 65 ------- docs/building/cross.md | 74 -------- docs/building/ios.md | 85 --------- docs/building/requirements.md | 15 -- docs/building/unix.md | 136 --------------- docs/building/windows.md | 159 ----------------- docs/conf.py | 300 -------------------------------- docs/config_opts_after_2.3.0.md | 43 ----- docs/configuration.md | 165 ------------------ docs/family.md | 36 ---- docs/hacking.md | 114 ------------ docs/index.rst | 41 ----- docs/usage.md | 171 ------------------ 14 files changed, 3 insertions(+), 1404 deletions(-) create mode 100644 docs/README.md delete mode 100644 docs/building/android.md delete mode 100644 docs/building/cross.md delete mode 100644 docs/building/ios.md delete mode 100644 docs/building/requirements.md delete mode 100644 docs/building/unix.md delete mode 100644 docs/building/windows.md delete mode 100644 docs/conf.py delete mode 100644 docs/config_opts_after_2.3.0.md delete mode 100644 docs/configuration.md delete mode 100644 docs/family.md delete mode 100644 docs/hacking.md delete mode 100644 docs/index.rst delete mode 100644 docs/usage.md diff --git a/docs/README.md b/docs/README.md new file mode 100644 index 00000000..bcb289fa --- /dev/null +++ b/docs/README.md @@ -0,0 +1,3 @@ +Documentation is moved to [separate repository](https://github.com/PurpleI2P/i2pd_docs_en.git) + +[View docs online](https://i2pd.readthedocs.io/en/latest/) diff --git a/docs/building/android.md b/docs/building/android.md deleted file mode 100644 index 3e9ab089..00000000 --- a/docs/building/android.md +++ /dev/null @@ -1,65 +0,0 @@ -Building on Android -=================== - -There are two versions: with QT and without QT. - -Pre-requesties --------------- - -You need to install Android SDK, NDK and QT with android support. - -- [SDK](https://developer.android.com/studio/index.html) (choose command line tools only) -- [NDK](https://developer.android.com/ndk/downloads/index.html) -- [QT](https://www.qt.io/download-open-source/)(for QT only). - Choose one for your platform for android. For example QT 5.6 under Linux would be [this file](http://download.qt.io/official_releases/qt/5.6/5.6.1-1/qt-opensource-linux-x64-android-5.6.1-1.run) - -You also need Java JDK and Ant. - -QT-Creator (for QT only) ------------------------- - -Open QT-creator that should be installed with QT. -Go to Settings/Anndroid and specify correct paths to SDK and NDK. -If everything is correct you will see two set avaiable: -Android for armeabi-v7a (gcc, qt) and Android for x86 (gcc, qt). - -Dependencies --------------- - -Take following pre-compiled binaries from PurpleI2P's repositories. - - git clone https://github.com/PurpleI2P/Boost-for-Android-Prebuilt.git - git clone https://github.com/PurpleI2P/OpenSSL-for-Android-Prebuilt.git - git clone https://github.com/PurpleI2P/MiniUPnP-for-Android-Prebuilt.git - git clone https://github.com/PurpleI2P/android-ifaddrs.git - -Building the app with QT ------------------------- - -- Open `qt/i2pd_qt/i2pd_qt.pro` in the QT-creator -- Change line `MAIN_PATH = /path/to/libraries` to an actual path where you put the dependancies to -- Select appropriate project (usually armeabi-v7a) and build -- You will find an .apk file in `android-build/bin` folder - -Building the app without QT ---------------------------- - -- Change line `I2PD_LIBS_PATH` in `android/jni/Application.mk` to an actual path where you put the dependancies to -- Run `ndk-build -j4` from andorid folder -- Create or edit file 'local.properties'. Place 'sdk.dir=' and 'ndk.dir=' -- Run `ant clean debug` - -Creating release .apk ----------------------- - -In order to create release .apk you must obtain a Java keystore file(.jks). Either you have in already, or you can generate it yourself using keytool, or from one of you existing well-know ceritificates. -For example, i2pd release are signed with this [certificate](https://github.com/PurpleI2P/i2pd/blob/openssl/contrib/certificates/router/orignal_at_mail.i2p.crt). - -Create file 'ant.propeties': - - key.store='path to keystore file' - key.alias='alias name' - key.store.password='keystore password' - key.alias.password='alias password' - -Run `ant clean release` diff --git a/docs/building/cross.md b/docs/building/cross.md deleted file mode 100644 index fc884cad..00000000 --- a/docs/building/cross.md +++ /dev/null @@ -1,74 +0,0 @@ -Cross compilation notes -======================= - -Static 64 bit windows binary on Ubuntu 15.10 (Wily Werewolf) ------------------------------------------------------------- - -Install cross compiler and friends - - sudo apt-get install g++-mingw-w64-x86-64 - -Default is to use Win32 threading model which lacks std::mutex and such. So we change defaults - - sudo update-alternatives --set x86_64-w64-mingw32-g++ /usr/bin/x86_64-w64-mingw32-g++-posix - -From now on we assume we have everything in `~/dev/`. Get Boost sources unpacked into `~/dev/boost_1_60_0/` and change directory to it. -Now add out cross compiler configuration. Warning: the following will wipe out whatever you had in there. - - echo "using gcc : mingw : x86_64-w64-mingw32-g++ ;" > ~/user-config.jam - -Proceed with building Boost normal way, but let's define dedicated staging directory - - ./bootstrap.sh - ./b2 toolset=gcc-mingw target-os=windows variant=release link=static runtime-link=static address-model=64 \ - --build-type=minimal --with-filesystem --with-program_options --with-date_time \ - --stagedir=stage-mingw-64 - cd .. - -Now we get & build OpenSSL - - git clone https://github.com/openssl/openssl - cd openssl - git checkout OpenSSL_1_0_2g - ./Configure mingw64 no-rc2 no-rc4 no-rc5 no-idea no-bf no-cast no-whirlpool no-md2 no-md4 no-ripemd no-mdc2 \ - no-camellia no-seed no-comp no-krb5 no-gmp no-rfc3779 no-ec2m no-ssl2 no-jpake no-srp no-sctp no-srtp \ - --prefix=~/dev/stage --cross-compile-prefix=x86_64-w64-mingw32- - make depend - make - make install - cd .. - -...and zlib - - git clone https://github.com/madler/zlib - cd zlib - git checkout v1.2.8 - CC=x86_64-w64-mingw32-gcc CFLAGS=-O3 ./configure --static --64 --prefix=~/dev/stage - make - make install - cd .. - -Now we prepare cross toolchain hint file for CMake, let's name it `~/dev/toolchain-mingw.cmake` - - set(CMAKE_SYSTEM_NAME Windows) - set(CMAKE_C_COMPILER x86_64-w64-mingw32-gcc) - set(CMAKE_CXX_COMPILER x86_64-w64-mingw32-g++) - set(CMAKE_RC_COMPILER x86_64-w64-mingw32-windres) - set(CMAKE_FIND_ROOT_PATH /usr/x86_64-w64-mingw32) - set(CMAKE_FIND_ROOT_PATH_MODE_PROGRAM NEVER) - -Download miniupnpc, unpack and symlink it into `~/dev/miniupnpc/`. -Finally, we can build i2pd with all that goodness - - git clone https://github.com/PurpleI2P/i2pd - mkdir i2pd-mingw-64-build - cd i2pd-mingw-64-build - BOOST_ROOT=~/dev/boost_1_60_0 cmake -G 'Unix Makefiles' ~/dev/i2pd/build -DBUILD_TYPE=Release \ - -DCMAKE_TOOLCHAIN_FILE=~/dev/toolchain-mingw.cmake -DWITH_AESNI=ON -DWITH_UPNP=ON -DWITH_STATIC=ON \ - -DWITH_HARDENING=ON -DCMAKE_INSTALL_PREFIX:PATH=~/dev/i2pd-mingw-64-static \ - -DZLIB_ROOT=~/dev/stage -DBOOST_LIBRARYDIR:PATH=~/dev/boost_1_60_0/stage-mingw-64/lib \ - -DOPENSSL_ROOT_DIR:PATH=~/dev/stage - make - x86_64-w64-mingw32-strip i2pd.exe - -By now, you should have a release build with stripped symbols. diff --git a/docs/building/ios.md b/docs/building/ios.md deleted file mode 100644 index c1753569..00000000 --- a/docs/building/ios.md +++ /dev/null @@ -1,85 +0,0 @@ -Building on iOS -=================== - -How to build i2pd for iOS 9 and iOS Simulator 386/x64 - -Prerequisites --------------- - -XCode7+, cmake 3.2+ - -Dependencies ------------- - -- precompiled openssl -- precompiled boost with modules `filesystem`, `program_options`, `date_time` and `system` -- ios-cmake toolchain from `https://github.com/vovasty/ios-cmake.git` - -Building --------- - -Assume you have folder structure - - lib/ - libboost_date_time.a - libboost_filesystem.a - libboost_program_options.a - libboost_system.a - libboost.a - libcrypto.a - libssl.a - include/ - boost/ - openssl/ - ios-cmake/ - i2pd/ - -```bash -mkdir -p build/simulator/lib build/ios/lib include/i2pd - -pushd build/simulator && \ -cmake -DIOS_PLATFORM=SIMULATOR \ - -DPATCH=/usr/bin/patch \ - -DCMAKE_BUILD_TYPE=Release \ - -DCMAKE_TOOLCHAIN_FILE=../../ios-cmake/toolchain/iOS.cmake \ - -DWITH_STATIC=yes \ - -DWITH_BINARY=no \ - -DBoost_INCLUDE_DIR=../../include \ - -DOPENSSL_INCLUDE_DIR=../../include \ - -DBoost_LIBRARY_DIR=../../lib \ - -DOPENSSL_SSL_LIBRARY=../../lib/libssl.a \ - -DOPENSSL_CRYPTO_LIBRARY=../../lib/libcrypto.a \ - ../../i2pd/build && \ -make -j16 VERBOSE=1 && \ -popd - -pushd build/ios -cmake -DIOS_PLATFORM=OS \ - -DPATCH=/usr/bin/patch \ - -DCMAKE_BUILD_TYPE=Release \ - -DCMAKE_TOOLCHAIN_FILE=../../ios-cmake/toolchain/iOS.cmake \ - -DWITH_STATIC=yes \ - -DWITH_BINARY=no \ - -DBoost_INCLUDE_DIR=../../include \ - -DOPENSSL_INCLUDE_DIR=../../include \ - -DBoost_LIBRARY_DIR=../../lib \ - -DOPENSSL_SSL_LIBRARY=../../lib/libssl.a \ - -DOPENSSL_CRYPTO_LIBRARY=../../lib/libcrypto.a \ - ../../i2pd/build && \ -make -j16 VERBOSE=1 && \ -popd - -libtool -static -o lib/libi2pdclient.a build/*/libi2pdclient.a -libtool -static -o lib/libi2pd.a build/*/libi2pd.a - -cp i2pd/*.h include/i2pd -``` - -Include into project --------------------- - -- add all libraries in `lib` folder to `Project linked frameworks`. -- add `libc++` and `libz` libraries from system libraries to `Project linked frameworks`. -- add path to i2p headers to your `Headers search paths` - -Alternatively you may use swift wrapper `https://github.com/vovasty/SwiftyI2P.git` diff --git a/docs/building/requirements.md b/docs/building/requirements.md deleted file mode 100644 index 1bb163e1..00000000 --- a/docs/building/requirements.md +++ /dev/null @@ -1,15 +0,0 @@ -Build requirements -================== - -In general, for building i2pd you need several things: - -* compiler with c++11 support (for example: gcc >= 4.7, clang) -* boost >= 1.49 -* openssl library -* zlib library (openssl already depends on it) - -Optional tools: - -* cmake >= 2.8 (or 3.3+ if you want to use precompiled headers on windows) -* miniupnp library (for upnp support) -* [websocketpp](https://github.com/zaphoyd/websocketpp/) (for websocket ui) diff --git a/docs/building/unix.md b/docs/building/unix.md deleted file mode 100644 index b5c38aed..00000000 --- a/docs/building/unix.md +++ /dev/null @@ -1,136 +0,0 @@ -Building on Unix systems -============================= - -First of all we need to make sure that all dependencies are satisfied. - -This doc is trying to cover: - -* [Debian/Ubuntu](#debian-ubuntu) (contains packaging instructions) -* [Fedora/Centos](#fedora-centos) -* [Fedora/Centos](#mac-os-x) -* [FreeBSD](#freebsd) - -Make sure you have all required dependencies for your system successfully installed. -See [this](requirements.md) page for common requirements. - -If so then we are ready to go! -Let's clone the repository and start building the i2pd: - - git clone https://github.com/PurpleI2P/i2pd.git - -Generic build process looks like this (with cmake): - - cd i2pd/build - cmake . # see "CMake Options" section below - make # you may add VERBOSE=1 to cmdline for debugging - -..or with quick-and-dirty way with just make: - - cd i2pd/ - make - -After successfull build i2pd could be installed with: - - make install - -CMake Options -------------- - -Available CMake options(each option has a form of `=`, for more information see `man 1 cmake`): - -* `CMAKE_BUILD_TYPE` build profile (Debug/Release) -* `WITH_BINARY` build i2pd itself -* `WITH_LIBRARY` build libi2pd -* `WITH_STATIC` build static versions of library and i2pd binary -* `WITH_UPNP` build with UPnP support (requires libminiupnp) -* `WITH_AESNI` build with AES-NI support (ON/OFF) -* `WITH_HARDENING` enable hardening features (ON/OFF) (gcc only) -* `WITH_PCH` use pre-compiled header (experimental, speeds up build) -* `WITH_I2LUA` used when building i2lua -* `WITH_WEBSOCKETS` enable websocket server - - -Also there is `-L` flag for CMake that could be used to list current cached options: - - cmake -L - -Debian/Ubuntu -------------- - -You will need a compiler and other tools that could be installed with `build-essential` package: - - sudo apt-get install build-essential - -Also you will need a bunch of development libraries: - - sudo apt-get install \ - libboost-date-time-dev \ - libboost-filesystem-dev \ - libboost-program-options-dev \ - libboost-system-dev \ - libssl-dev - -If you need UPnP support miniupnpc development library should be installed (don't forget to rerun CMake with needed option): - - sudo apt-get install libminiupnpc-dev - -You may also build deb-package with the following: - - sudo apt-get install fakeroot devscripts - cd i2pd - debuild --no-tgz-check - -Fedora/Centos -------------- - -You will need a compiler and other tools to perform a build: - - sudo yum install make cmake gcc gcc-c++ - -Also you will need a bunch of development libraries - - sudo yum install boost-devel openssl-devel - -If you need UPnP support miniupnpc development library should be installed (don't forget to rerun CMake with needed option): - - sudo yum install miniupnpc-devel - -Latest Fedora systems using [DNF](https://en.wikipedia.org/wiki/DNF_(software)) instead of YUM by default, you may prefer to use DNF, but YUM should be ok - -Centos 7 has CMake 2.8.11 in the official repositories that too old to build i2pd, CMake >=2.8.12 is required. -But you can use cmake3 from the epel repository: - - yum install epel-release -y - yum install make cmake3 gcc gcc-c++ miniupnpc-devel boost-devel openssl-devel -y - -...and then use 'cmake3' instead 'cmake'. - -MAC OS X --------- - -Requires [homebrew](http://brew.sh) - - brew install boost libressl - -Then build: - - make HOMEBREW=1 - -FreeBSD -------- - -For 10.X use clang. You would also need devel/boost-libs, security/openssl and devel/gmake ports. -Type gmake, it invokes Makefile.bsd, make necessary changes there is required. - -Branch 9.X has gcc v4.2, that is too old (not supports -std=c++11) - -Required ports: - -* `devel/cmake` -* `devel/boost-libs` -* `lang/gcc47`(or later version) - -To use newer compiler you should set these variables(replace "47" with your actual gcc version): - - export CC=/usr/local/bin/gcc47 - export CXX=/usr/local/bin/g++47 diff --git a/docs/building/windows.md b/docs/building/windows.md deleted file mode 100644 index 7cc09cb8..00000000 --- a/docs/building/windows.md +++ /dev/null @@ -1,159 +0,0 @@ -Building on Windows -========================= - -There are two approaches available to build i2pd on Windows. The best -one depends on your needs and personal preferences. One is to use -msys2 and [unix alike infrastructure](unix.md). Another -one is to use Visual Studio. While there might be no difference for -end users of i2pd daemon, developers, however, shall be wary of -differences in C++ name mangling between the two compilers when making -a choice to be able to link their software against libi2pd. - -If you are a stranger to C++ with no development tools installed on -your system and your only goal is to have i2pd up and running from the -most recent source, consider using msys2. Although it relies on -command line operations, it should be straight forward. - -In this guide, we will use CMake for both approaches and we will -assume that you typically have your projects in C:\dev\ as your -development location for the sake of convenience. Adjust paths -accordingly if it is not the case. Note that msys uses unix-alike -paths like /c/dev/ for C:\dev\. - -msys2 ------ - -Get install file `msys2-$ARCH-*.exe` from `https://msys2.github.io` - -Where $ARCH is `i686` or `x86_64` (matching your system). - -- Open MSYS2 Shell (from Start menu). -- Install all prerequisites and download i2pd source: - - export ARCH='i686' # or 'x86_64' - export MINGW='mingw32' # or 'mingw64' - pacman -S mingw-w64-$ARCH-boost mingw-w64-$ARCH-openssl mingw-w64-$ARCH-gcc git make - mkdir -p /c/dev/i2pd - cd /c/dev/i2pd - git clone https://github.com/PurpleI2P/i2pd.git - cd i2pd - # we need compiler on PATH which is usually heavily cluttered on Windows - export PATH=/$MINGW/bin:/usr/bin - make - -### Caveats - -It is important to restrict PATH as described above. -If you have Strawberry Perl and/or Mercurial installed, -it will pick up gcc & openssl from the wrong places. - -If you do use precompiled headers to speed up compilation (recommended), -things can go wrong if compiler options have changed for whatever reason. -Just delete `stdafx.h.gch` found in your build folder, note the file extension. - -If you are an Arch Linux user, refrain from updating system with `pacman -Syu`. -Always update runtime separately as described on the home page, -otherwise you might end up with DLLs incompatibility problems. - -### AES-NI - -If your processor has [AES instruction set](https://en.wikipedia.org/wiki/AES_instruction_set), -use `make USE_AESNI=1` instead just `make`. No check is done however, it will compile, -but it might crash with `Illegal instruction` if this feature is not supported by your processor. - -You should be able to run ./i2pd . If you need to start from the new shell, -consider starting *MinGW-w64 Win32 Shell* instead of *MSYS2 Shell* -as it adds `/minw32/bin` to the PATH. - -### UPnP - -You can install it through the MSYS2 and build with `USE_UPNP` key. - - export ARCH='i686' # or 'x86_64' - pacman -S mingw-w64-$ARCH-miniupnpc - make USE_UPNP=yes - -Using Visual Studio -------------------- - -Requirements for building: - -* [CMake](https://cmake.org/) (tested with 3.1.3) -* [Visual Studio Community Edition](https://www.visualstudio.com/en-us/products/visual-studio-community-vs.aspx) (tested with VS2013 Update 4) -* [Boost](http://www.boost.org/) (tested with 1.59) -* Optionally [MiniUPnP](http://miniupnp.free.fr) (tested with 1.9), we need only few client headers -* OpenSSL (tested with 1.0.1p and 1.0.2e), if building from sources (recommended), you'll need as well - * [Netwide assembler](http://www.nasm.us/) - * Strawberry Perl or ActiveState Perl, do NOT try msys2 perl, it won't work - -### Building Boost - -Open a Command Prompt (there is no need to start Visual Studio command -prompt to build Boost) and run the following: - - cd C:\dev\boost - bootstrap - b2 toolset=msvc-12.0 --build-type=complete --with-filesystem --with-program_options --with-date_time - -If you are on 64-bit Windows and you want to build 64-bit version as well - - b2 toolset=msvc-12.0 --build-type=complete --stagedir=stage64 address-model=64 --with-filesystem --with-program_options --with-date_time - -After Boost is compiled, set the environment variable `BOOST_ROOT` to -the directory Boost was unpacked to, e.g., C:\dev\boost. - -If you are planning on building only particular variant, e.g. Debug only and static linking, -and/or you are out of space/time, you might consider `--build-type=minimal`. -Take a look at [appveyor.yml](../appveyor.yml) for details on how test builds are done. - -### Building OpenSSL - -Download OpenSSL, e.g. with git - - git clone https://github.com/openssl/openssl.git - cd openssl - git checkout OpenSSL_1_0_1p - -Now open Visual Studio command prompt and change directory to that with OpenSSL - - set "PATH=%PATH%;C:\Program Files (x86)\nasm" - perl Configure VC-WIN32 --prefix=c:\OpenSSL-Win32 - ms\do_nasm - nmake -f ms\ntdll.mak - nmake -f ms\ntdll.mak install - -You should have it installed into C:\OpenSSL-Win32 by now. - -Note that you might consider providing `-DOPENSSL_ROOT_DIR` to CMake and/or -create a symlink (with mklink /J) to C:\OpenSSL if you plan on maintain -multiple versions, e.g. 64 bit and/or static/shared. -See `C:\Program Files (x86)\CMake\share\cmake-3.3\Modules\FindOpenSSL.cmake` for details. - -### Get miniupnpc - -If you are behind a UPnP enabled router and don't feel like manually configuring port forwarding, -you should consider using [MiniUPnP](http://miniupnp.free.fr) client. -I2pd can be built capable of using miniupnpc shared library (DLL) to open up necessary port. -You'd want to have include headers around to build i2pd with support for this. -Unpack client source code to subdir, e.g. `C:\dev\miniupnpc`. -You may want to remove version number from folder name included in downloaded archive. - -### Creating Visual Studio project - -Start CMake GUI, navigate to i2pd directory, choose building directory, e.g. ./out, and configure options. - -Alternatively, if you feel adventurous, try that from the command line - - mkdir i2pd\out - cd i2pd\out - cmake ..\build -G "Visual Studio 12 2013" -DWITH_UPNP=ON -DWITH_PCH=ON -DCMAKE_INSTALL_PREFIX:PATH=C:\dev\Debug_Win32_stage - -If necessary files are not found `WITH_UPNP` will stay off. - -### Building i2pd - -You can open generated solution/project with Visual Studio and build from there, -alternatively you can use `cmake --build . --config Release --target install` or -[MSBuild tool](https://msdn.microsoft.com/en-us/library/dd293626.aspx) - - msbuild i2pd.sln /p:Configuration=Release diff --git a/docs/conf.py b/docs/conf.py deleted file mode 100644 index a39b138e..00000000 --- a/docs/conf.py +++ /dev/null @@ -1,300 +0,0 @@ -# -*- coding: utf-8 -*- -# -# i2pd documentation build configuration file, created by -# sphinx-quickstart on Tue Jan 12 06:26:12 2016. -# -# This file is execfile()d with the current directory set to its -# containing dir. -# -# Note that not all possible configuration values are present in this -# autogenerated file. -# -# All configuration values have a default; values that are commented out -# serve to show the default. - -import sys -import os -import shlex -from recommonmark.parser import CommonMarkParser - -source_parsers = { - '.md': CommonMarkParser, -} - -# Check if on RTD -on_rtd = os.environ.get('READTHEDOCS', None) == 'True' - -# If extensions (or modules to document with autodoc) are in another directory, -# add these directories to sys.path here. If the directory is relative to the -# documentation root, use os.path.abspath to make it absolute, like shown here. -#sys.path.insert(0, os.path.abspath('.')) - -# -- General configuration ------------------------------------------------ - -# If your documentation needs a minimal Sphinx version, state it here. -#needs_sphinx = '1.0' - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom -# ones. -extensions = [] - -# Add any paths that contain templates here, relative to this directory. -#templates_path = ['_templates'] - -# The suffix(es) of source filenames. -# You can specify multiple suffix as a list of string: -# source_suffix = ['.rst', '.md'] -source_suffix = ['.rst', '.md'] - -# The encoding of source files. -#source_encoding = 'utf-8-sig' - -# The master toctree document. -master_doc = 'index' - -# General information about the project. -project = u'i2pd' -copyright = u'2016, PurpleI2P team' -author = u'PurpleI2P team' - -# The version info for the project you're documenting, acts as replacement for -# |version| and |release|, also used in various other places throughout the -# built documents. -# -# The short X.Y version. -version = u'2.2.0' -# The full version, including alpha/beta/rc tags. -release = u'2.2.0' - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -# -# This is also used if you do content translation via gettext catalogs. -# Usually you set "language" from the command line for these cases. -language = None - -# There are two options for replacing |today|: either, you set today to some -# non-false value, then it is used: -#today = '' -# Else, today_fmt is used as the format for a strftime call. -#today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = ['_build'] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -#default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -#add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -#add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -#show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = 'sphinx' - -# A list of ignored prefixes for module index sorting. -#modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built documents. -#keep_warnings = False - -# If true, `todo` and `todoList` produce output, else they produce nothing. -todo_include_todos = False - - -# -- Options for HTML output ---------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = 'default' - -if not on_rtd: - try: - import sphinx_rtd_theme - html_theme = 'sphinx_rtd_theme' - html_theme_path = [sphinx_rtd_theme.get_html_theme_path()] - except ImportError: - pass - -# Theme options are theme-specific and customize the look and feel of a theme -# further. For a list of options available for each theme, see the -# documentation. -#html_theme_options = {} - -# Add any paths that contain custom themes here, relative to this directory. -#html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# " v documentation". -#html_title = None - -# A shorter title for the navigation bar. Default is the same as html_title. -#html_short_title = None - -# The name of an image file (relative to this directory) to place at the top -# of the sidebar. -#html_logo = None - -# The name of an image file (within the static path) to use as favicon of the -# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 -# pixels large. -#html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) here, -# relative to this directory. They are copied after the builtin static files, -# so a file named "default.css" will overwrite the builtin "default.css". -#html_static_path = ['_static'] - -# Add any extra paths that contain custom files (such as robots.txt or -# .htaccess) here, relative to this directory. These files are copied -# directly to the root of the documentation. -#html_extra_path = [] - -# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, -# using the given strftime format. -#html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -#html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -#html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names to -# template names. -#html_additional_pages = {} - -# If false, no module index is generated. -#html_domain_indices = True - -# If false, no index is generated. -#html_use_index = True - -# If true, the index is split into individual pages for each letter. -#html_split_index = False - -# If true, links to the reST sources are added to the pages. -#html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. -#html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. -#html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages will -# contain a tag referring to it. The value of this option must be the -# base URL from which the finished HTML is served. -#html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -#html_file_suffix = None - -# Language to be used for generating the HTML full-text search index. -# Sphinx supports the following languages: -# 'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja' -# 'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr' -#html_search_language = 'en' - -# A dictionary with options for the search language support, empty by default. -# Now only 'ja' uses this config value -#html_search_options = {'type': 'default'} - -# The name of a javascript file (relative to the configuration directory) that -# implements a search results scorer. If empty, the default will be used. -#html_search_scorer = 'scorer.js' - -# Output file base name for HTML help builder. -htmlhelp_basename = 'i2pddoc' - -# -- Options for LaTeX output --------------------------------------------- - -latex_elements = { -# The paper size ('letterpaper' or 'a4paper'). -#'papersize': 'letterpaper', - -# The font size ('10pt', '11pt' or '12pt'). -#'pointsize': '10pt', - -# Additional stuff for the LaTeX preamble. -#'preamble': '', - -# Latex figure (float) alignment -#'figure_align': 'htbp', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, -# author, documentclass [howto, manual, or own class]). -latex_documents = [ - (master_doc, 'i2pd.tex', u'i2pd Documentation', - u'PurpleI2P team', 'manual'), -] - -# The name of an image file (relative to this directory) to place at the top of -# the title page. -#latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings are parts, -# not chapters. -#latex_use_parts = False - -# If true, show page references after internal links. -#latex_show_pagerefs = False - -# If true, show URL addresses after external links. -#latex_show_urls = False - -# Documents to append as an appendix to all manuals. -#latex_appendices = [] - -# If false, no module index is generated. -#latex_domain_indices = True - - -# -- Options for manual page output --------------------------------------- - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - (master_doc, 'i2pd', u'i2pd Documentation', - [author], 1) -] - -# If true, show URL addresses after external links. -#man_show_urls = False - - -# -- Options for Texinfo output ------------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - (master_doc, 'i2pd', u'i2pd Documentation', - author, 'i2pd', 'One line description of project.', - 'Miscellaneous'), -] - -# Documents to append as an appendix to all manuals. -#texinfo_appendices = [] - -# If false, no module index is generated. -#texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -#texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -#texinfo_no_detailmenu = False diff --git a/docs/config_opts_after_2.3.0.md b/docs/config_opts_after_2.3.0.md deleted file mode 100644 index 1b2adcdb..00000000 --- a/docs/config_opts_after_2.3.0.md +++ /dev/null @@ -1,43 +0,0 @@ -Изменения обработки параметров в релизах > 2.3.0 ------------------------------------------------- - -Система параметров отличается от того, что было ранее и достаточно сильно: - -* изменения имён и стиля параметров - -Все параметры теперь в виде --help (gnu-style), у некоторых есть шорткаты в виде -h (unix-style). -Это касается всех систем, в том числе винды. - ---daemon=1 и подобное -> просто --daemon, без параметра. Нет опции - false, есть - true ---notransit=1 -> --notransit, то же что и выше: есть опция - false, нет - true ---v6 -> --ipv6 (первое было похоже на версию какого-то своего протокола, типа socksproxy --v5) ---tunnelscfg -> --tunconf (имя параметра было слишком длинным, cfg переделан на conf - единообразно с --conf) ---sockskeys -> разделён на два, для socks и httpproxy по-отдельности - -* поддержка секций в основном конфиге - -Выглядит это так: - - # основные опции - pidfile = /var/run/i2pd.pid - # - # настройки конкретного модуля - [httproxy] - address = 1.2.3.4 - port = 4446 - keys = httproxy-keys.dat - # и так далее - [sam] - enabled = no - addresss = 127.0.0.2 - # ^^ переопределяется только адрес, остальное берётся из дефолта - -Точно так же сейчас работает конфиг туннелей: секция до точки - имя, после - параметр - -* поддержка выключения отдельных сервисов "на корню" см sam.enabled и подобное - -Это позволило задать дефолт для номера порта и не писать его руками для включения. - -* добавлен --help (см #110) - -* присутствует некая валидация параметров, --port=abcd - не прокатит, --port=100500 - тоже diff --git a/docs/configuration.md b/docs/configuration.md deleted file mode 100644 index 8f17b220..00000000 --- a/docs/configuration.md +++ /dev/null @@ -1,165 +0,0 @@ -i2pd configuration -================== - -Command line options --------------------- - -Options specified on the command line take precedence over those in the config file. -If you are upgrading your very old router (< 2.3.0) see also [this](config_opts_after_2.3.0.md) page. - -* --help - Show builtin help message (default value of option will be shown in braces) -* --conf= - Config file (default: ~/.i2pd/i2pd.conf or /var/lib/i2pd/i2pd.conf) - This parameter will be silently ignored if the specified config file does not exist. -* --tunconf= - Tunnels config file (default: ~/.i2pd/tunnels.conf or /var/lib/i2pd/tunnels.conf) -* --pidfile= - Where to write pidfile (dont write by default) -* --log= - Logs destination: stdout, file (stdout if not set, file - otherwise, for compatibility) -* --logfile= - Path to logfile (default - autodetect) -* --loglevel= - Log messages above this level (debug, info, warn, error) -* --datadir= - Path to storage of i2pd data (RI, keys, peer profiles, ...) -* --host= - Router external IP for incoming connections -* --port= - Port to listen for incoming connections (default: auto) -* --daemon - Router will go to background after start -* --service - Router will use system folders like '/var/lib/i2pd' -* --ipv6 - Enable communication through ipv6. false by default -* --notransit - Router will not accept transit tunnels at startup. false by default -* --floodfill - Router will be floodfill. false by default -* --bandwidth= - Bandwidth limit: integer in KBps or letters: L (32), O (256), P (2048), X (>9000) -* --family= - Name of a family, router belongs to -* --netid= - Network ID, router belongs to. Main I2P is 2. - -Windows-specific options: - -* --svcctl= - Windows service management (--svcctl="install" or --svcctl="remove") -* --insomnia - Prevent system from sleeping -* --close= - Action on close: minimize, exit, ask - -All options below still possible in cmdline, but better write it in config file: - -* --http.enabled= - If webconsole is enabled. true by default -* --http.address= - The address to listen on (HTTP server) -* --http.port= - The port to listen on (HTTP server) 7070 by default -* --http.auth - Enable basic HTTP auth for webconsole -* --http.user= - Username for basic auth (default: i2pd) -* --http.pass= - Password for basic auth (default: random, see logs) - -* --httpproxy.enabled= - If HTTP proxy is enabled. true by default -* --httpproxy.address= - The address to listen on (HTTP Proxy) -* --httpproxy.port= - The port to listen on (HTTP Proxy) 4444 by default -* --httpproxy.keys= - optional keys file for HTTP proxy local destination -* --httpproxy.signaturetype= - signature type for new keys if keys file is set. 7 by default -* --httpproxy.inbound.length= - Inbound tunnels length if keys is set. 3 by default -* --httpproxy.inbound.quantity= - Inbound tunnels quantity if keys is set. 5 by default -* --httpproxy.outbound.length= - Outbound tunnels length if keys is set. 3 by default -* --httpproxy.outbound.quantity= - Outbound tunnels quantity if keys is set. 5 by default - -* --socksproxy.enabled= - If SOCKS proxy is enabled. true by default -* --socksproxy.address= - The address to listen on (SOCKS Proxy) -* --socksproxy.port= - The port to listen on (SOCKS Proxy). 4447 by default -* --socksproxy.keys= - optional keys file for SOCKS proxy local destination -* --socksproxy.signaturetype= - signature type for new keys if keys file is set. 7 by default -* --socksproxy.inbound.length= - Inbound tunnels length if keys is set. 3 by default -* --socksproxy.inbound.quantity= - Inbound tunnels quantity if keys is set. 5 by default -* --socksproxy.outbound.length= - Outbound tunnels length if keys is set. 3 by default -* --socksproxy.outbound.quantity= - Outbound tunnels quantity if keys is set. 5 by default -* --socksproxy.outproxy= - Address of outproxy. requests outside i2p will go there -* --socksproxy.outproxyport= - Outproxy remote port - -* --sam.address= - The address to listen on (SAM bridge) -* --sam.port= - Port of SAM bridge. Usually 7656. SAM is off if not specified -* --sam.enabled= - If SAM is enabled. false by default - -* --bob.address= - The address to listen on (BOB command channel) -* --bob.port= - Port of BOB command channel. Usually 2827. BOB is off if not specified -* --bob.enabled= - If BOB is enabled. false by default - -* --i2cp.address= - The address to listen on or an abstract address for Android LocalSocket -* --i2cp.port= - Port of I2CP server. Usually 7654. Ignored for Andorid -* --i2cp.enabled= - If I2CP is enabled. false by default. Other services don't require I2CP - -* --i2pcontrol.address= - The address to listen on (I2P control service) -* --i2pcontrol.port= - Port of I2P control service. Usually 7650. I2PControl is off if not specified -* --i2pcontrol.enabled= - If I2P control is enabled. false by default -* --i2pcontrol.password= - I2P control authentication password. itoopie by default -* --i2pcontrol.cert= - I2P control HTTPS certificate file name. i2pcontrol.crt.pem by default -* --i2pcontrol.key= - I2P control HTTPS certificate key file name. i2pcontrol.key.pem by default - -* --upnp.enabled= - Enable or disable UPnP, false by default for CLI and true for GUI (Windows, Android) -* --upnp.name= - Name i2pd appears in UPnP forwardings list. I2Pd by default - -* --precomputation.elgamal= - Use ElGamal precomputated tables. false for x64 and true for other platforms by default -* --reseed.verify= - Request SU3 signature verification -* --reseed.file= - Full path to SU3 file to reseed from -* --reseed.urls= - Reseed URLs, separated by comma -* --addressbook.defaulturl= - AddressBook subscription URL for initial setup -* --addressbook.subscriptions= - AddressBook subscriptions URLs, separated by comma - -* --limits.transittunnels= - Override maximum number of transit tunnels. 2500 by default -* --limits.openfiles= - Maximum size of corefile in Kb (0 - use system limit) -* --limits.coresize= - Maximum size of corefile in Kb (0 - use system limit) - -Config files ------------- - -INI-like, syntax is the following : = . -Comments are "#", not ";" as you may expect. See [boost ticket](https://svn.boost.org/trac/boost/ticket/808) -All command-line parameters are allowed as keys, but note for those which contains dot (.). - -For example: - -i2pd.conf: - - # comment - log = true - ipv6 = true - # settings for specific module - [httpproxy] - port = 4444 - # ^^ this will be --httproxy.port= in cmdline - # another comment - [sam] - enabled = true - -See also commented config with examples of all options in ``docs/i2pd.conf``. - -tunnels.conf: - - # outgoing tunnel sample, to remote service - # mandatory parameters: - # * type -- always "client" - # * port -- local port to listen to - # * destination -- i2p hostname - # optional parameters (may be omitted) - # * keys -- our identity, if unset, will be generated on every startup, - # if set and file missing, keys will be generated and placed to this file - # * address -- local interface to bind - # * signaturetype -- signature type for new destination. 0 (DSA/SHA1), 1 (EcDSA/SHA256) or 7 (EdDSA/SHA512) - [IRC] - type = client - address = 127.0.0.1 - port = 6668 - destination = irc.postman.i2p - keys = irc-keys.dat - # - # incoming tunnel sample, for local service - # mandatory parameters: - # * type -- "server" or "http" - # * host -- ip address of our service - # * port -- port of our service - # * keys -- file with LeaseSet of address in i2p - # optional parameters (may be omitted) - # * inport -- optional, i2p service port, if unset - the same as 'port' - # * accesslist -- comma-separated list of i2p addresses, allowed to connect - # every address is b32 without '.b32.i2p' part - [LOCALSITE] - type = http - host = 127.0.0.1 - port = 80 - keys = site-keys.dat - # - [IRC-SERVER] - type = server - host = 127.0.0.1 - port = 6667 - keys = irc.dat - -Also see [this page](https://github.com/PurpleI2P/i2pd/wiki/tunnels.cfg) for more tunnel examples. diff --git a/docs/family.md b/docs/family.md deleted file mode 100644 index bb925171..00000000 --- a/docs/family.md +++ /dev/null @@ -1,36 +0,0 @@ -Family configuration -==================== - -Your might want to specify a family, your router belongs to. -There are two possibilities: create new family or joing to existing. - -New family ------------ - -You must create family self-signed certificate and key. -The only key type supposted is prime256v1. -Use the following list of commands: - - openssl ecparam -name prime256v1 -genkey -out .key - openssl req -new -key .key -out .csr - touch v3.ext - openssl x509 -req -days 3650 -in .csr -signkey .key -out .crt -extfile v3.ext - -Specify .family.i2p.net for CN (Common Name) when requested. - -Once you are done with it place .key and .crt to /family folder (for exmple ~/.i2pd/family). -You should provide these two files to other members joining your family. -If you want to register you family and let I2P network recorgnize it, create pull request for you .crt file into contrib/certificate/family. -It will appear in i2pd and I2P next releases packages. Dont place .key file, it must be shared between you family members only. - -How to join existing family ---------------------------- - -Once you and that family agree to do it, they must give you .key and .crt file and you must place in /certificates/family/ folder. - -Publish your family -------------------- - -Run i2pd with parameter 'family=', make sure you have .key and .crt in your 'family' folder. -If everything is set properly, you router.info will contain two new fields: 'family' and 'family.sig'. -Otherwise your router will complain on startup with log messages starting with "Family:" prefix and severity 'warn' or 'error'. diff --git a/docs/hacking.md b/docs/hacking.md deleted file mode 100644 index 163575f0..00000000 --- a/docs/hacking.md +++ /dev/null @@ -1,114 +0,0 @@ - -# Hacking on I2PD - -This document contains notes compiled from hacking on i2pd - -## prerequisites - -This guide assumes: - -* a decent understanding of c++ -* basic understanding of how i2p works at i2np level and up - -## general structure - -Notes on multithreading - -* every compontent runs in its own thread - -* each component (usually) has a public function `GetService()` which can be used to obtain the `boost::asio::io_service` that it uses. - -* when talking between components/threads, **always** use `GetService().post()` and be mindfull of stack allocated memory. - - -### NetDb - -#### NetDb.h - -The `i2p::data::netdb` is a `i2p::data::NetDb` instance processes and dispatches *inbound* i2np messages passed in from transports. - -global singleton at `i2p::data::netdb` as of 2.10.1 - -#### NetDbRequests.h - -For Pending RouterInfo/LeaseSet lookup and store requests - - -### ClientContext - -#### ClientContext.h - -`i2p::client::ClientContext` spawns all destinations used by the i2p router including the shared local destination. - -global singleton at `i2p::client::context` as of 2.10.1 - - - -### Daemon - -File: Daemon.cpp - -`i2p::util::Daemon_Singleton_Private` subclasses implement the daemon start-up and tear-down, creates Http Webui and i2p control server. - - - - -### Destinations - -#### Destination.h - -each destination runs in its own thread - -##### i2p::client::LeaseSetDestination - -Base for `i2p::client::ClientDestination` - -##### i2p::client::ClientDestination - -Destination capable of creating (tcp/i2p) streams and datagram sessions. - - -#### Streaming.h - -##### i2p::stream::StreamingDestination - -Does not implement any destination related members, the name is a bit misleading. - -Owns a `i2p::client::ClientDestination` and runs in the destination thread. - -Anyone creating or using streams outside of the destination thread **MUST** be aware of the consequences of multithreaded c++ :^) - -If you use streaming please consider running all code within the destination thread using `ClientDestination::GetService().post()` - - -#### Garlic.h - -Provides Inter-Destination routing primatives. - -##### i2p::garlic::GarlicDestination - -sublcass of `i2p::client::LeaseSetDestination` for sending messages down shared routing paths. - -##### i2p::garlic::GarlicRoutingSession - -a point to point conversation between us and 1 other destination. - -##### i2p::garlic::GarlicRoutingPath - -A routing path currently used by a routing session. specifies which outbound tunnel to use and which remote lease set to use for `OBEP` to `IBGW` inter tunnel communication. - -members: - -* outboundTunnel (OBEP) -* remoteLease (IBGW) -* rtt (round trip time) -* updatedTime (last time this path's IBGW/OBEP was updated) -* numTimesUsesd (number of times this path was used) - -### Transports - -each transport runs in its own thread - -#### Transports.h - -`i2p::transport::Transports` contains NTCP and SSU transport instances diff --git a/docs/index.rst b/docs/index.rst deleted file mode 100644 index c1061171..00000000 --- a/docs/index.rst +++ /dev/null @@ -1,41 +0,0 @@ -i2pd -==== - -i2pd is a full-featured C++ implementation of -`I2P `_ client. - -* `Website `_ -* `GitHub `_ -* `Wiki `_ -* `Tickets/Issues `_ -* `Twitter `_ - -Installing ----------- - -The easiest way to install i2pd is by using -`precompiled binaries `_. -See documentation for how to build i2pd from source on your OS. - -Using i2pd ----------- - -See documentation and -`example config file `_. - -Contents: ---------- - -.. toctree:: - :maxdepth: 2 - - building/requirements - building/unix - building/windows - building/cross - building/android - building/ios - configuration - family - usage - diff --git a/docs/usage.md b/docs/usage.md deleted file mode 100644 index 7cb206c1..00000000 --- a/docs/usage.md +++ /dev/null @@ -1,171 +0,0 @@ -Usage and tutorials -=================== - - -i2pd can be used for: - -* [anonymous websites](#browsing-and-hosting-websites) -* [anonymous chats](#using-and-hosting-chat-servers) -* [anonymous file sharing](#file-sharing) - -and many more. - -## Starting, stopping and reloading configuration - -After you have built i2pd from source, just run a binary: - - ./i2pd - -To display all available options: - - ./i2pd --help - -i2pd can be controlled with signals. Process ID by default is written to file `~/.i2pd/i2pd.pid` or `/var/run/i2pd/i2pd.pid`. -You can use `kill` utility to send signals like this: - - kill -INT $( cat /var/run/i2pd/i2pd.pid ) - -i2pd supports the following signals: - -* INT - Graceful shutdown. i2pd will wait for 10 minutes and stop. Send second INT signal to shutdown i2pd immediately. -* HUP - Reload configuration files. - - -### systemd unit - -Some binary Linux packages have a systemd control unit, so it is possible to managage i2pd with it. - -Start/stop i2pd: - - sudo systemctl start i2pd.service - sudo systemctl stop i2pd.service - -Enable/disable i2pd to be started on bootup: - - sudo systemctl enable i2pd.service - sudo systemctl disable i2pd.service - - -## Configuring i2pd - -See [configuration documentation](/page/configuration.html). - - -## Browsing and hosting websites - -### Browse anonymous websites - -To browse anonymous websites inside Invisible Internet, configure your web browser to use HTTP proxy 127.0.0.1:4444 (available by default in i2pd). - -In Firefox: Preferences -> Advanced -> Network tab -> Connection Settings -> choose Manual proxy configuration, Enter HTTP proxy 127.0.0.1, Port 4444 - -In Chromium: run chromium executable with key - - chromium --proxy-server="http://127.0.0.1:4444" - -Note that if you wish to stay anonymous too you'll need to tune your browser for better privacy. Do your own research, [can start here](http://www.howtogeek.com/102032/how-to-optimize-mozilla-firefox-for-maximum-privacy/). - -Big list of Invisible Internet websites can be found at [identiguy.i2p](http://identiguy.i2p). - -### Host anonymous website - - -If you wish to run your own website in Invisible Internet, follow those steps: - -1) Run your webserver and find out which host:port it uses (for example, 127.0.0.1:8080). - -2) Configure i2pd to create HTTP server tunnel. Put in your ~/.i2pd/tunnels.conf file: - - [anon-website] - type = http - host = 127.0.0.1 - port = 8080 - keys = anon-website.dat - -3) Restart i2pd. - -4) Find b32 destination of your website. - - Go to webconsole -> [I2P tunnels page](http://127.0.0.1:7070/?page=i2p_tunnels). Look for Sever tunnels and you will see address like \.b32.i2p next to anon-website. - - Website is now available in Invisible Internet by visiting this address. - -5) (Optional) Register short and rememberable .i2p domain on [inr.i2p](http://inr.i2p). - - -## Using and hosting chat servers - -### Running anonymous IRC server - -1) Run your IRC server software and find out which host:port it uses (for example, 127.0.0.1:5555). - - For small private IRC servers you can use [miniircd](https://github.com/jrosdahl/miniircd), for large public networks [UnreadIRCd](https://www.unrealircd.org/). - -2) Configure i2pd to create IRC server tunnel. - - Simplest case, if your server does not support WebIRC, add this to ~/.i2pd/tunnels.conf: - - [anon-chatserver] - type = irc - host = 127.0.0.1 - port = 5555 - keys = chatserver-key.dat - - And that is it. - - Alternatively, if your IRC server supports WebIRC, for example, UnreadIRCd, put this into UnrealIRCd config: - - webirc { - mask 127.0.0.1; - password your_password; - }; - - Also change line: - - modes-on-connect "+ixw"; - - to - - modes-on-connect "+iw"; - - And this in ~/.i2pd/tunnels.conf: - - [anon-chatserver] - type = irc - host = 127.0.0.1 - port = 5555 - keys = chatserver-key.dat - webircpassword = your_password - -3) Restart i2pd. - -4) Find b32 destination of your anonymous IRC server. - - Go to webconsole -> [I2P tunnels page](http://127.0.0.1:7070/?page=i2p_tunnels). Look for Sever tunnels and you will see address like \.b32.i2p next to anon-chatserver. - - Clients will use this address to connect to your server anonymously. - -### Connect to anonymous IRC server - -To connect to IRC server at *walker.i2p*, add this to ~/.i2pd/tunnels.conf: - - [IRC2] - type = client - address = 127.0.0.1 - port = 6669 - destination = walker.i2p - #keys = walker-keys.dat - -Restart i2pd, then connect to irc://127.0.0.1:6669 with your IRC client. - -## File sharing - -You can share and download torrents with [Transmission-I2P](https://github.com/l-n-s/transmission-i2p). - -Alternative torrent-clients are [Robert](http://en.wikipedia.org/wiki/Robert_%28P2P_Software%29) and [Vuze](https://en.wikipedia.org/wiki/Vuze). - -Robert uses BOB protocol, i2pd must be run with parameter --bob.enabled=true. - -Vuze uses I2CP protocol, i2pd must be run with parameter --i2cp.enabled=true. - -Also, visit [postman tracker](http://tracker2.postman.i2p). From 7f51857fa5b824661d2fea3e815dde8f4c3d0eb5 Mon Sep 17 00:00:00 2001 From: Darknet Villain Date: Thu, 16 Feb 2017 01:20:59 -0500 Subject: [PATCH 05/27] Update README.md --- README.md | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 77527562..9582717a 100644 --- a/README.md +++ b/README.md @@ -17,6 +17,17 @@ applications (websites, instant messengers, chat-servers). I2P allows people from all around the world to communicate and share information without restrictions. +Features +-------- + +* Distributed anonymous networking framework +* End-to-end encrypted communications +* Small footprint, simple dependencies, fast performance +* Rich set of APIs for developers of secure applications + +Resources +--------- + * [Website](http://i2pd.website) * [Documentation](https://i2pd.readthedocs.io/en/latest/) * [Wiki](https://github.com/PurpleI2P/i2pd/wiki) @@ -34,7 +45,7 @@ i2pd from source on your OS. **Supported systems:** -* Linux x86/x64 - [![Build Status](https://travis-ci.org/PurpleI2P/i2pd.svg?branch=openssl)](https://travis-ci.org/PurpleI2P/i2pd) +* GNU/Linux x86/x64 - [![Build Status](https://travis-ci.org/PurpleI2P/i2pd.svg?branch=openssl)](https://travis-ci.org/PurpleI2P/i2pd) * Windows - [![Build status](https://ci.appveyor.com/api/projects/status/1908qe4p48ff1x23?svg=true)](https://ci.appveyor.com/project/PurpleI2P/i2pd) * Mac OS X * FreeBSD @@ -44,7 +55,7 @@ i2pd from source on your OS. Using i2pd ---------- -See [documentation](https://i2pd.readthedocs.io/en/latest/usage.html) and +See [documentation](https://i2pd.readthedocs.io/en/latest/user-guide/run/) and [example config file](https://github.com/PurpleI2P/i2pd/blob/openssl/docs/i2pd.conf). Donations From 4905dded87228d52909ef6c8b03a42fc27a2e8fa Mon Sep 17 00:00:00 2001 From: Darknet Villain Date: Thu, 16 Feb 2017 06:36:01 -0500 Subject: [PATCH 06/27] Moved files from docs/ to contrib/ --- {docs => contrib}/i2pd.conf | 0 {docs => contrib}/itoopieImage.png | Bin {docs => contrib}/subscriptions.txt | 0 {docs => contrib}/tunnels.conf | 0 4 files changed, 0 insertions(+), 0 deletions(-) rename {docs => contrib}/i2pd.conf (100%) rename {docs => contrib}/itoopieImage.png (100%) rename {docs => contrib}/subscriptions.txt (100%) rename {docs => contrib}/tunnels.conf (100%) diff --git a/docs/i2pd.conf b/contrib/i2pd.conf similarity index 100% rename from docs/i2pd.conf rename to contrib/i2pd.conf diff --git a/docs/itoopieImage.png b/contrib/itoopieImage.png similarity index 100% rename from docs/itoopieImage.png rename to contrib/itoopieImage.png diff --git a/docs/subscriptions.txt b/contrib/subscriptions.txt similarity index 100% rename from docs/subscriptions.txt rename to contrib/subscriptions.txt diff --git a/docs/tunnels.conf b/contrib/tunnels.conf similarity index 100% rename from docs/tunnels.conf rename to contrib/tunnels.conf From 4997934bfe3d0a00de427a5e755ed95581b47df6 Mon Sep 17 00:00:00 2001 From: Darknet Villain Date: Thu, 16 Feb 2017 06:48:06 -0500 Subject: [PATCH 07/27] Fix paths for moved contrib files --- README.md | 2 +- debian/docs | 1 - debian/i2pd.1 | 2 +- debian/i2pd.install | 6 +++--- 4 files changed, 5 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 9582717a..a2c7d23f 100644 --- a/README.md +++ b/README.md @@ -56,7 +56,7 @@ Using i2pd ---------- See [documentation](https://i2pd.readthedocs.io/en/latest/user-guide/run/) and -[example config file](https://github.com/PurpleI2P/i2pd/blob/openssl/docs/i2pd.conf). +[example config file](https://github.com/PurpleI2P/i2pd/blob/openssl/contrib/i2pd.conf). Donations --------- diff --git a/debian/docs b/debian/docs index ccf51f76..b43bf86b 100644 --- a/debian/docs +++ b/debian/docs @@ -1,2 +1 @@ README.md -docs/configuration.md diff --git a/debian/i2pd.1 b/debian/i2pd.1 index 7409cd49..e1390891 100644 --- a/debian/i2pd.1 +++ b/debian/i2pd.1 @@ -72,7 +72,7 @@ Bandwidth limit: integer in KBps or letter aliases: \fIL (32KBps)\fR, O (256), P \fB\-\-family=\fR Name of a family, router belongs to. .PP -See service-specific parameters in page \fIdocs/configuration.md\fR or in example config file \fIdocs/i2pd.conf\fR +See service-specific parameters in example config file \fIcontrib/i2pd.conf\fR .SH FILES .PP diff --git a/debian/i2pd.install b/debian/i2pd.install index 57036a79..7298f5c7 100644 --- a/debian/i2pd.install +++ b/debian/i2pd.install @@ -1,5 +1,5 @@ i2pd usr/sbin/ -docs/i2pd.conf etc/i2pd/ -docs/tunnels.conf etc/i2pd/ -docs/subscriptions.txt etc/i2pd/ +contrib/i2pd.conf etc/i2pd/ +contrib/tunnels.conf etc/i2pd/ +contrib/subscriptions.txt etc/i2pd/ contrib/certificates/ usr/share/i2pd/ From 217e99a0e2b940a56c2de328c623cf3b5c72b797 Mon Sep 17 00:00:00 2001 From: r4sas Date: Thu, 16 Feb 2017 16:16:19 +0300 Subject: [PATCH 08/27] updated InnoSetup script deleted old unused icon added doxygen "docs/generated" folder to gitignore --- .gitignore | 2 ++ Win32/installer.iss | 6 +++--- contrib/itoopieImage.png | Bin 8712 -> 0 bytes 3 files changed, 5 insertions(+), 3 deletions(-) delete mode 100644 contrib/itoopieImage.png diff --git a/.gitignore b/.gitignore index 961b53b5..d3dd8141 100644 --- a/.gitignore +++ b/.gitignore @@ -240,6 +240,8 @@ pip-log.txt docs/_build /androidIdea/ +# Doxygen +docs/generated # emacs files *~ diff --git a/Win32/installer.iss b/Win32/installer.iss index 358ffaf8..7ae21e39 100644 --- a/Win32/installer.iss +++ b/Win32/installer.iss @@ -28,9 +28,9 @@ AppUpdatesURL=https://github.com/PurpleI2P/i2pd/releases Source: ..\i2pd_x86.exe; DestDir: {app}; DestName: i2pd.exe; Flags: ignoreversion; Check: not IsWin64 Source: ..\i2pd_x64.exe; DestDir: {app}; DestName: i2pd.exe; Flags: ignoreversion; Check: IsWin64 Source: ..\README.md; DestDir: {app}; DestName: Readme.txt; Flags: onlyifdoesntexist -Source: ..\docs\i2pd.conf; DestDir: {userappdata}\i2pd; Flags: onlyifdoesntexist -Source: ..\docs\subscriptions.txt; DestDir: {userappdata}\i2pd; Flags: onlyifdoesntexist -Source: ..\docs\tunnels.conf; DestDir: {userappdata}\i2pd; Flags: onlyifdoesntexist +Source: ..\contrib\i2pd.conf; DestDir: {userappdata}\i2pd; Flags: onlyifdoesntexist +Source: ..\contrib\subscriptions.txt; DestDir: {userappdata}\i2pd; Flags: onlyifdoesntexist +Source: ..\contrib\tunnels.conf; DestDir: {userappdata}\i2pd; Flags: onlyifdoesntexist Source: ..\contrib\certificates\*; DestDir: {userappdata}\i2pd\certificates; Flags: onlyifdoesntexist recursesubdirs createallsubdirs [Icons] diff --git a/contrib/itoopieImage.png b/contrib/itoopieImage.png deleted file mode 100644 index a5dc7b680ba9dee30161ffb1c9fcd17bbd6ddd84..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 8712 zcmV+jBKO^iP)#iZS6wU+M?20 zYwb(xf+$t%hC*Gcf>03@K~O*el_l&;SQ0|WKAD;OJikBgoyjbBCIJ$XkQ`t0BF=K} zbI9(t4FIPG^#{fQ7XZV7F30fO zZ-GyNCBR~!tW96E3>pT^1j+$rzvKzL0@v69`~}EsV{!AOUjX|XK;ZQO!xmst8_Syq z{Q>YbvfyKZp$hnAn+?!3bPF&GNU()bFG@~8_Q{1#8HkKjl&*uv3r8!^b{@psQ;2qq zd=Ws2J)Za50MPi91$+#gQ6Isd*#~*`c`)WoICmhzoq~oLqAvnm5P$|4r~~_vpMQt= z=qq?<1*-5UT0MEW)HXUjZ2)K-ngqO9m*8_dB7b`w+&&JGoPuV0k3mI*kfwo_0NZzC z&iVlHi9vBo$`0Y|qum2u3ZX~+@Bq(1a5%to1-WQ|r_nDQ5)%Ydfos~9fY>w?SnFi%XQZMIz6rY4Y_(Rc zUEqe{KS!?4k7*Nhz=|HW0U&~kf%ZsYDt99Cz!AqWud~74wgiOG zU+kF?MgO@UmD7a6H{75U=9+xe+siTMF2h{*4btmJ8txd&fr(i6ELx1%#aX~jZ5p7K z(t%PZW=$A{ocAYmzeB)92+)&Y&tBx`8<7Qv(Y=1i>45zHU_`I(X#VOG5PSma`S(yy zy@%Sc!x@0X`XT>%E8?PIXij5%X9ecxrucbt(^QgWZcZT7r*aAROoBPQ{e14=26ilBmmf?XpwL@O} zTeI-5!XcF_BNbCEMTRkOAu`cjEBw5?yv<4}vku{?`|i7Me&{{cJRL2Z!0VZ*VFIez zv}w~?RX;ic6a;?TuPc7FGy(t%QNOv)5daD}v$ZY(KXFq3zqt-&*3_zSO~C#CMtN*2 zyIs3>d$w-f+PgmEpD|;`xQP=dt`b5BfIFW?Ik|3z8)kkG9E+GfefsVJ0|wOBS8u;+ z)v6X!xYS*Db7VQoj(n=&&qHy0Nd_Xn6U2{rA8 zaDWZ6ot?es7=;hunlfdIKLGf- zpGJf3+nu%dy#D&@4H3F8dZ`M5J&WE~`xu9W!Rkab*}>dF7QkfxmYhL^^Tz+L1A} z?uD%l0OvcY|0~alQq64NA6!qxph1IV9oOB7RTUIQg9i`x1^(Vv0FgO7hF*JLm&fBtk)WoRWLIs@D+5m8-Q{*qNcR1Sw;PZzE>YOh2*=L{a$;`~$ zErjSLghIMW*r`*e0wKhg z6DCa9rj#mo8bf(`d3w+uNJn?{{Jk*pbVn_4Mr#8=kH|O9%0uA~XO5JRoe_Lbeg669 zQAL^y7A!b8YSgH%#l^+l?b&1$7Z(p1GGs`Xg$oxR2H3W3TX3T(H3<$6v~NgMZ^@F#9m9iHTyaILY98(K%P-e}s+V4RDJYKKogKty zBF3C)!NTM5bpQJ6uXpF=eTg-H+$%zhpGeL9XkxobXcsEg5EhX z4Z&6e07sXnTb4CLqU?fmYlT}>RMctp>eU-UX1|X(S;Ihw+i$=9>t~;Rwp~CtBTu)o zcfu@mA55tYJ*%NZhkDA&$_6_6u1cw=o_Z?GYG1Ty(N`NcZtNfU%EZyJUF@6=#Ij>@ zS_=Ri_x(Ghp*by^2`u$c-Svc2@LCekv z3a6h^DqcZRZ(t9=iWMuijvYI;ZvbHTOhhRa8vyN7W2TX}8UQ5WENDlD`%QReYN)X& zdSz#4AFQmbEE+g)V0t|RP5}JBb5WTY&d=@l!2B8Y502&M=YKwC%$RRSjvUz+tJ?^j zGLV1yDY}dU9Zkf%M@DM_faAWL&y3Cd>{{8z;T)K4W=>dSHB%;1~4$be2|3g#8TmoFJ1ptmLs*IDp zqZHga4&$%4h6yKa&YU?Tsb}rys((USQv4b2H{n+kFrK-Sy5bE%uK~+Yl?UE{jI_En zNJ!8r3LC8j0F_Q}?kU35iQ2puQCf+a z*$(5h9>`0EBGS^Ve8u{voCyJ23s5oK)k#cHK#NkIDm8zK3HYsv?c(ocY5=^mDUd6 zsY>s!ifM|hY;6Eo?X(2F`3Y!=r>5`?7re1F=2HA|YXg8ID@rQRR)2$eDgwacK`vb% zljrkW8vs6!^}*BswQ2xPHJbT;Ty3aY8vwv+q7+5{{s_(IZyJU)n)**f{drDI_5X5H zjjO2v@UK{|=mW1JwNt2<`Mi&j#bq(w?%7Q>uI9kvSaCm9GasR8Ex)C`k%;R21Jt1s z$7flH)m^kzY5;&oVgOOx{sgAc!b3trz!P(kF@!IG8BIFAX27EatlqkgYyO5=sDa&S zu_j@q2bpnAOkQurI@E&JtO06(M`MBU(tA*bt7Qt`NI;FdFQ)JX@T;aCV{@5V)39RU zQFQPK+Kmt6Z)qUVHF)?{%+EK*)Uum^1x-HAX2i4I#Au=R%}%r)S(s<#p{W+)9Ip5d zdD9~?Cz!yhj5^fR<7{pg_8Q{k$1i&fb^dA19|YU>V-CDEZubwLZTmDiH8px6 zhOV*!zpl*&0Ornx4?aM={4&aR598YYqXr{C{4>IBG+`4-7wU&IFyHv(xF?eU?g9SV zW&{F4Fj6UA$2#7%P9?7i)GO0aKf3JXoE8!~>zA*`f5jir%BsTnsLtnXI+7s|P^hip zoBHrs08e9`eb{ON;1+_pN^v#Eu{AohFKYQez}3jwz;MB?1E|SQpcbtO=ijxAl|SSv z4U~{5bTo8y*7B|Th|kn2*41^+(0jnutq}lM0`JyyJi!9a$PcbQ5Bcr`4S#}2pe5}W z>oFgA1tPnCX46qUz^_Cm8A8Uuu8xi$zj}pt)qIwSIM246813>;RRFvN{6GlemSX0R zEypq1cMfOzI+3Ziu}iy$M^n5ZMMh`zLT;Gt+*dfzug5g&m)30Z!$mOZ59SosqelP`RHxog_(vMX1#~}a5YLwM4w#Lpzes?IjD?OwDe?@Cam)S zk5CP_`e%Y%{0xM7(hE9l$elO(&+S@fct8b}{8m;s_A?X?=bC=?!Q8jK-cd|bn2;t`&W z^%Vs?1>D$@0pPaXo690C_YmQWA9Jvcx@FMHs1@5LmFQGJWB8R&C{O|%z!+?38 z)dC=o9`aZGpJ5^~(2+=0PNnqX6#_v5Zk0}&E|I#4i60YXkE0=l9!cM0a9zvOk6SVT zMgU9fh@NtScLwR|A?~j1M5e64TW?GHJ^tqoTyw$&DEtwTI2Y>um9?|~7OoWmLE73y zxN+(3kYHmK)tqcH&_#RN`AaC(>oAx%G{*h4Mg-OywomJdVd98UYMB289;wKtqg2Nb z`_T}5#OJ~5PQDTm>H9BURXh7TlcfeTpjoDsNhH~HtSgMXp(Sa63BcS~!I}X5R^3*4 z9z)G&|5?@PoP5BNpzza^Q5OwIgqD;WI=rwb)cClxQPuc~kOExs#qeQE@&f)1+#FBv zoyn3j_;pnpDe8EHpG2a1kHtaX|CiUGOizR+(@}G33(wTWj1c~2T5TqPI6))o#;#2uksPKcm*dp@)+ohr|IWO8^cxzeh zS~8k*n#A}^B!Nem74`n7tWxd>r)VQvc1V}amr;@PC=xV|EA61*F?TFF{h*vwbq5yQ~dF;lNbL>hmlAGP4i;4`Vy z=+`91-Ep zNZXbh&<)usD|+nDEvU8jhBG8)yuUF?M`tJd96xhmggyONd?#Z}7!TH_S&IXJwT#2x zBOgowM=29i`BSQii6Zpb6<)mD#ZRikA_AfoK%sQwMbV8JjYN3j-P(Je!p`x(hso87 z@LfWs!mlxYMD(m#w;6NG-rD!iZ-N6jBvQS?J8}nm9Y3$6TC2jN08FG>&YD=(|H~~M z006H5XF;?XUO|<(o%>QZu}#+_Qt204zJJ*IAG(wPy!tV+ssCGK|4FLcBYLq86Dw+1h}DbO{o*5VHZs9kF(Vrha<;RBRXe$t$O7X~X>8&(*y ztuN+NIdqwpNyh(r(z|jX^2T=Ts^^3|ax#~$1_i(f9%pWhhrE}bh9C8YfT03JK={F6 zkL~6K1e~nle=>*7D|?~lc4OZ!JF>rro8rjAOD7%s0ZWuPN%^iidRRDjcoK)Yx#$oW zlV5>^l;^w9^W`pVuLlSYw@3hd0=&X6#SNh5hP*$ETxQcptV78c5IkZPLiP>Vbb%Qk z`Y#|J?!=x+84Nf*5$*C+x;~Um?)E$~H|4SS@-zy9zjqkR8@w+nsX8fIAOdLO(o_<> z4tMq|n9z&}Vv69&Xn&4;b=UeuR1?-m3kRiI#O{}KZHWy;J zvNb`3@IgSLh(24eT0vJA-QMm-*G+j8b#+k~gPG#j{8>pFzm&!x@`+wZ%@uQfXAtp0C!>XBlgNK(6s4ff8`chJD?y`_(Grr zs9zt%n)4Do*)Ra@wzC6mB*j)>|pN@kyTh@!)2vu1Iz z5G;h+`aoMN2%z+i4)|}(fMJPL7{WetSinIadzM$BEvi6&y%bd?;~u=IE@lMhGnCWl zM*?omk4b&Q#X33(xY)@)xrCMckIw?GW>~Rmn#O^$f#g<1=q{Ilqb3FC?jUiO&-vg? ztn{y&TND5Q-U00zkdZFnbo=!^EQREo@i z3mE1OD$7=|=_uB@I;qq)S~}*nK9lyc7u`fJy3vVD)rm|kjT90|Py&GuKNVDp!<5MV z91>gE$p*G44>f_%WjWoD^uVByqvX>i;Mv}n#nu_wWcn2an``K~q>`#vOYyF*CN~bx zg{?g2(Nbs@@NW)kYxT#-(YNitUQNop!a3?kV0>u;*KW4A}dF1y)U-h}iNv9J^3Huo^m%-ZQY%n*0 zSjp0`hq#(fVleH@pOd1EpsRY2BiaHA%}Xyu|NFm?Kfe^c$9hWxXd3xSA(XPJb%Ps0 z@nWj+w3>?|a?ugME)>wQo|h09l+qa;Fwv-?3n_HPOD@UyNk9?a*0LjAN#g+JbUt2< zWY4FQPA9YkEFf2mW50Tt!Q9M-U}Wz)pc6gCQ|wZc$QD1PQ2i0BL?}RaUV#43&n)5J zF$I0*v)myiPiO)qRZ!p}BElU1IZ`O$biABF5-Fqymv;j%8z^QenW(s+7j)w=*OG=m zq>o>Ha!RYI;YB;L9X?i3&+(^VbxCVE8ekmz)hEDcI|D`pP1)0Mvxh&>S$t|0Vu_Eb z&CP!7Cd3!7SZtj(4Wq<^l#*1EN%YQ^F)VaH5AzY9X4#0G?z!%F*=` zSdFrO*Hm`g2|LDffh!`^+Z&*g*rxp_Lii7!jkb3qs;C&X5%}xlu=oXQ4AL(KnDMlv zvIXq}y!Ok-v7fW4lg`)}5yTF78>EClhAbPFI*WD0{Todw{00GlQxB7C=%US|O1@J{_(aihlKN0iLNrQM1F#?nZg)zT}eXaDH)0J=gnV=Ws0b z-?gbdxdzV&x{fo1L6y1=_z5t*0~|bv&~uR9+zZ7q;pbQQc_!IBv2bVu{IWgbop2Qi3jE7p#o9 za60>x13>V}A|9=O0j$}9oIV<^-wvNXia68@p%j^p7dU{?Xzi>e&?RE;z}+ZCgev4O zjr1r>x9=$nfVFEOH@EixKi+IT{Pa)YR)M(hJw$malIY`Ntk7sV?eS33D1%dgPI=gS z`(wrjP9)M&6SOrH8j1KL9N8|XEC2xZ$0&YX<3lX}47qkK07YS*dZ@R*z7eZC!lQzU zWt28}%Zy07#zjIzR50z720$!YzrkJ$ZwFvYn5Q1PiL#nxT=nc8b*v$<(uiJkrF0>` zfphW>2MtSsL5*FmEE+l(*Wv&WVkALmB7_Le4$WQ+l35owh3fc7$3q#ZQ95BEiFg~x z7<6H>!VU%L_;8U(4Mv0pC~e&Ucq#bTQdwhVdf@jbwZrp(7tscFabh0jy#hi|GU?-1z8Z=Or8tZq2f zMSHuJd=5VJ6U>|uR590Hhh0c=L$+=Fc#uFY1_qLCbYwOAk3sWP@is-QAfDwm9r?~3N+H`7`FdTSQzOj+kq97QA+oqX6c3(x1IGPfPH|+7FQk`%D%S% z4&kR99q@7?M;T0eByKdke8XWrAstC7)~>>PnNtN3k2}ApBooodrM}0G#PMYKx6) zsSk?7R8tzqM|tP6HhQIGXyEQk~4QFdqq+ zBqB*f1+~+OUGpbx8o-&#gVyz_O#}twEG`Dkfo`9$=+EbMjC$S-9OV9uYR>HQT z^^l;|Cxq0}#jVT&5?BXmwrK#H+F><+P)*DO)yO<6!RiFI4){?U0KzF3cpUfvjlWT~ z82A#aHXx9vlLlnkuWX=$ZIc*wV5$IEZ~vwoYx63!Qqdpss>W*j?twuRb1 From f044851abb990c5d7e44e31897f28341d5a5b337 Mon Sep 17 00:00:00 2001 From: r4sas Date: Thu, 16 Feb 2017 16:29:08 +0300 Subject: [PATCH 09/27] fix typo --- Win32/Win32App.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Win32/Win32App.cpp b/Win32/Win32App.cpp index 5a447ad9..0aa5c6d6 100644 --- a/Win32/Win32App.cpp +++ b/Win32/Win32App.cpp @@ -143,7 +143,7 @@ namespace win32 s << "\n"; s << "Inbound: " << i2p::transport::transports.GetInBandwidth() / 1024 << " KiB/s; "; s << "Outbound: " << i2p::transport::transports.GetOutBandwidth() / 1024 << " KiB/s\n"; - s << "Recvieved: "; ShowTransfered (s, i2p::transport::transports.GetTotalReceivedBytes()); + s << "Received: "; ShowTransfered (s, i2p::transport::transports.GetTotalReceivedBytes()); s << "Sent: "; ShowTransfered (s, i2p::transport::transports.GetTotalSentBytes()); s << "\n"; s << "Routers: " << i2p::data::netdb.GetNumRouters () << "; "; From 16fa10b056f8590673e5c6ec0ee8ee6505fb08a0 Mon Sep 17 00:00:00 2001 From: r4sas Date: Thu, 16 Feb 2017 17:45:38 +0300 Subject: [PATCH 10/27] fix incorrect traffic counting --- Win32/Win32App.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Win32/Win32App.cpp b/Win32/Win32App.cpp index 0aa5c6d6..2be4cc02 100644 --- a/Win32/Win32App.cpp +++ b/Win32/Win32App.cpp @@ -99,7 +99,7 @@ namespace win32 s << seconds << " seconds\n"; } - static void ShowTransfered (std::stringstream& s, int transfer) + template static void ShowTransfered (std::stringstream& s, size transfer) { auto bytes = transfer & 0x03ff; transfer >>= 10; From 22af4da4d41ac4ab16d2f9ef867000dbf9a787b2 Mon Sep 17 00:00:00 2001 From: orignal Date: Thu, 16 Feb 2017 16:27:24 -0500 Subject: [PATCH 11/27] initial support of GOST crypto --- Crypto.cpp | 35 ++++++++++++++++++++++++++++++++++- Crypto.h | 2 +- 2 files changed, 35 insertions(+), 2 deletions(-) diff --git a/Crypto.cpp b/Crypto.cpp index cc138923..ae0fdd46 100644 --- a/Crypto.cpp +++ b/Crypto.cpp @@ -8,6 +8,7 @@ #include #include "TunnelBase.h" #include +#include #include "Log.h" #include "Crypto.h" @@ -800,10 +801,41 @@ namespace crypto m_OpenSSLMutexes[type]->unlock (); } }*/ + + static ENGINE * g_GostEngine = nullptr; + static bool InitGost () + { + auto g_GostEngine = ENGINE_by_id ("gost"); + if (!g_GostEngine) + { + ENGINE_load_builtin_engines (); +#if OPENSSL_API_COMPAT < 0x10100000L + ENGINE_load_dynamic (); +#endif + g_GostEngine = ENGINE_by_id ("gost"); + if (!g_GostEngine) return false; + } + + ENGINE_set_default (g_GostEngine, ENGINE_METHOD_ALL); + return true; + } - void InitCrypto (bool precomputation) + static void TerminateGost () + { + if (g_GostEngine) + { + ENGINE_finish (g_GostEngine); + ENGINE_free (g_GostEngine); +#if OPENSSL_API_COMPAT < 0x10100000L + ENGINE_cleanup(); +#endif + } + } + + void InitCrypto (bool precomputation, bool withGost) { SSL_library_init (); + if (withGost) InitGost (); /* auto numLocks = CRYPTO_num_locks(); for (int i = 0; i < numLocks; i++) m_OpenSSLMutexes.emplace_back (new std::mutex); @@ -833,6 +865,7 @@ namespace crypto ); delete[] g_ElggTable; g_ElggTable = nullptr; } + TerminateGost (); /* CRYPTO_set_locking_callback (nullptr); m_OpenSSLMutexes.clear ();*/ } diff --git a/Crypto.h b/Crypto.h index 3f99f2b6..afd4fc0d 100644 --- a/Crypto.h +++ b/Crypto.h @@ -278,7 +278,7 @@ namespace crypto #endif }; - void InitCrypto (bool precomputation); + void InitCrypto (bool precomputation, bool withGost = false); void TerminateCrypto (); } } From 9363db816c0452665496f9304a2d01687925a5cd Mon Sep 17 00:00:00 2001 From: orignal Date: Thu, 16 Feb 2017 21:18:18 -0500 Subject: [PATCH 12/27] GOST R 34.10 signer and verifier --- Signature.h | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/Signature.h b/Signature.h index c2618f91..f0b51050 100644 --- a/Signature.h +++ b/Signature.h @@ -441,6 +441,55 @@ namespace crypto EDDSA25519Signer signer (signingPrivateKey); memcpy (signingPublicKey, signer.GetPublicKey (), EDDSA25519_PUBLIC_KEY_LENGTH); } + + // ГОСТ Р 34.10-2001 + const size_t GOSTR3410_PUBLIC_KEY_LENGTH = 64; + const size_t GOSTR3410_SIGNATURE_LENGTH = 64; + + class GOSTR3410Verifier: public Verifier + { + public: + + GOSTR3410Verifier (const uint8_t * signingKey) { m_PublicKey = nullptr; } // TODO + ~GOSTR3410Verifier () { EVP_PKEY_free (m_PublicKey); } + + bool Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const + { + EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new (m_PublicKey, nullptr); + EVP_PKEY_verify_init (ctx); + int ret = EVP_PKEY_verify (ctx, signature, GOSTR3410_SIGNATURE_LENGTH, buf, len); + EVP_PKEY_CTX_free (ctx); + return ret == 1; + } + + size_t GetPublicKeyLen () const { return GOSTR3410_PUBLIC_KEY_LENGTH; } + size_t GetSignatureLen () const { return GOSTR3410_SIGNATURE_LENGTH; } + + private: + + EVP_PKEY * m_PublicKey; + }; + + class GOSTR3410Signer: public Signer + { + public: + + GOSTR3410Signer (const uint8_t * signingPrivateKey) { m_PrivateKey = nullptr; } // TODO + ~GOSTR3410Signer () { EVP_PKEY_free (m_PrivateKey); } + + void Sign (const uint8_t * buf, int len, uint8_t * signature) const + { + EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new (m_PrivateKey, nullptr); + EVP_PKEY_sign_init (ctx); + size_t l = GOSTR3410_SIGNATURE_LENGTH; + EVP_PKEY_sign (ctx, signature, &l, buf, len); + EVP_PKEY_CTX_free (ctx); + } + + private: + + EVP_PKEY * m_PrivateKey; + }; } } From f8a09df5c0d8861a7e1b383eab9e71f7c98244e1 Mon Sep 17 00:00:00 2001 From: orignal Date: Thu, 16 Feb 2017 21:45:12 -0500 Subject: [PATCH 13/27] generate GOST R 34.10 keys pair --- Signature.h | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/Signature.h b/Signature.h index f0b51050..19fa565b 100644 --- a/Signature.h +++ b/Signature.h @@ -490,6 +490,24 @@ namespace crypto EVP_PKEY * m_PrivateKey; }; + + inline void CreateGOSTR3410RandomKeys (uint8_t * signingPrivateKey, uint8_t * signingPublicKey) + { + auto ctx = EVP_PKEY_CTX_new_id(NID_id_GostR3410_2001, nullptr); + EVP_PKEY_keygen_init (ctx); + EVP_PKEY_CTX_ctrl_str (ctx, "paramset", "A"); + EVP_PKEY* pkey = nullptr; + EVP_PKEY_keygen (ctx, &pkey); + const EC_KEY* ecKey = (const EC_KEY*) EVP_PKEY_get0(pkey); + bn2buf (EC_KEY_get0_private_key (ecKey), signingPrivateKey, GOSTR3410_PUBLIC_KEY_LENGTH/2); + BIGNUM * x = BN_new(), * y = BN_new(); + EC_POINT_get_affine_coordinates_GFp (EC_KEY_get0_group(ecKey), EC_KEY_get0_public_key (ecKey), x, y, NULL); + bn2buf (x, signingPublicKey, GOSTR3410_PUBLIC_KEY_LENGTH/2); + bn2buf (y, signingPublicKey + GOSTR3410_PUBLIC_KEY_LENGTH/2, GOSTR3410_PUBLIC_KEY_LENGTH/2); + BN_free (x); BN_free (y); + EVP_PKEY_CTX_free (ctx); + EVP_PKEY_free (pkey); + } } } From c91b05bd4bb9e5a9c5a5ad5d2bdb3be991196b21 Mon Sep 17 00:00:00 2001 From: orignal Date: Fri, 17 Feb 2017 13:37:53 -0500 Subject: [PATCH 14/27] set correct curve from GOST R 34.10 signer and verifier --- Signature.h | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/Signature.h b/Signature.h index 19fa565b..3c45b739 100644 --- a/Signature.h +++ b/Signature.h @@ -450,7 +450,16 @@ namespace crypto { public: - GOSTR3410Verifier (const uint8_t * signingKey) { m_PublicKey = nullptr; } // TODO + GOSTR3410Verifier (const uint8_t * signingKey) + { + m_PublicKey = EVP_PKEY_new (); + EVP_PKEY_set_type (m_PublicKey, NID_id_GostR3410_2001); + EC_KEY * ecKey = (EC_KEY *)EVP_PKEY_get0 (m_PublicKey); + BIGNUM * x = BN_bin2bn (signingKey, GOSTR3410_PUBLIC_KEY_LENGTH/2, NULL); + BIGNUM * y = BN_bin2bn (signingKey + GOSTR3410_PUBLIC_KEY_LENGTH/2, GOSTR3410_PUBLIC_KEY_LENGTH/2, NULL); + EC_KEY_set_public_key_affine_coordinates (ecKey, x, y); + BN_free (x); BN_free (y); + } ~GOSTR3410Verifier () { EVP_PKEY_free (m_PublicKey); } bool Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const @@ -474,7 +483,13 @@ namespace crypto { public: - GOSTR3410Signer (const uint8_t * signingPrivateKey) { m_PrivateKey = nullptr; } // TODO + GOSTR3410Signer (const uint8_t * signingPrivateKey) + { + m_PrivateKey = EVP_PKEY_new (); + EVP_PKEY_set_type (m_PrivateKey, NID_id_GostR3410_2001); + EC_KEY * ecKey = (EC_KEY *)EVP_PKEY_get0 (m_PrivateKey); + EC_KEY_set_private_key (ecKey, BN_bin2bn (signingPrivateKey, GOSTR3410_PUBLIC_KEY_LENGTH/2, NULL)); + } ~GOSTR3410Signer () { EVP_PKEY_free (m_PrivateKey); } void Sign (const uint8_t * buf, int len, uint8_t * signature) const From c1042c8f2008a57ab1feb878651f0a5e981be536 Mon Sep 17 00:00:00 2001 From: orignal Date: Fri, 17 Feb 2017 22:26:24 -0500 Subject: [PATCH 15/27] GOST R 34.11 hash --- Crypto.cpp | 41 +++++++++++++++++++++++++++-------------- Crypto.h | 12 ++++++++++++ Signature.h | 14 +++++++++----- 3 files changed, 48 insertions(+), 19 deletions(-) diff --git a/Crypto.cpp b/Crypto.cpp index ae0fdd46..6b260ac1 100644 --- a/Crypto.cpp +++ b/Crypto.cpp @@ -8,7 +8,6 @@ #include #include "TunnelBase.h" #include -#include #include "Log.h" #include "Crypto.h" @@ -803,24 +802,40 @@ namespace crypto }*/ static ENGINE * g_GostEngine = nullptr; - static bool InitGost () + static const EVP_MD * g_Gost3411 = nullptr; + + ENGINE * GetGostEngine () + { + return g_GostEngine; + } + + uint8_t * GOSTR3411 (const uint8_t * buf, size_t len, uint8_t * digest) + { + if (!g_Gost3411) return false; + auto ctx = EVP_MD_CTX_new (); + EVP_DigestInit_ex (ctx, g_Gost3411, GetGostEngine ()); + EVP_DigestUpdate (ctx, buf, len); + EVP_DigestFinal_ex (ctx, digest, nullptr); + EVP_MD_CTX_free (ctx); + return digest; + } + + bool InitGost () { - auto g_GostEngine = ENGINE_by_id ("gost"); - if (!g_GostEngine) - { - ENGINE_load_builtin_engines (); #if OPENSSL_API_COMPAT < 0x10100000L - ENGINE_load_dynamic (); + ENGINE_load_builtin_engines (); + ENGINE_load_dynamic (); +#else + OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_ALL_BUILTIN |, NULL); #endif - g_GostEngine = ENGINE_by_id ("gost"); - if (!g_GostEngine) return false; - } + g_GostEngine = ENGINE_by_id ("gost"); + if (!g_GostEngine) return false; - ENGINE_set_default (g_GostEngine, ENGINE_METHOD_ALL); + g_Gost3411 = ENGINE_get_digest(g_GostEngine, NID_id_GostR3411_94); return true; } - static void TerminateGost () + void TerminateGost () { if (g_GostEngine) { @@ -835,7 +850,6 @@ namespace crypto void InitCrypto (bool precomputation, bool withGost) { SSL_library_init (); - if (withGost) InitGost (); /* auto numLocks = CRYPTO_num_locks(); for (int i = 0; i < numLocks; i++) m_OpenSSLMutexes.emplace_back (new std::mutex); @@ -865,7 +879,6 @@ namespace crypto ); delete[] g_ElggTable; g_ElggTable = nullptr; } - TerminateGost (); /* CRYPTO_set_locking_callback (nullptr); m_OpenSSLMutexes.clear ();*/ } diff --git a/Crypto.h b/Crypto.h index afd4fc0d..24d16ae5 100644 --- a/Crypto.h +++ b/Crypto.h @@ -12,6 +12,7 @@ #include #include #include +#include #include "Base.h" #include "Tag.h" @@ -278,6 +279,12 @@ namespace crypto #endif }; +// GOST + bool InitGost (); + void TerminateGost (); + ENGINE * GetGostEngine (); + uint8_t * GOSTR3411 (const uint8_t * buf, size_t len, uint8_t * digest); // hash + void InitCrypto (bool precomputation, bool withGost = false); void TerminateCrypto (); } @@ -326,6 +333,11 @@ inline void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **pri inline RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey) { return pkey->pkey.rsa; } +inline EVP_MD_CTX *EVP_MD_CTX_new () + { return EVP_MD_CTX_create(); } +inline void EVP_MD_CTX_free (EVP_MD_CTX *ctx) + { EVP_MD_CTX_destroy (ctx); } + // ssl #define TLS_method TLSv1_method diff --git a/Signature.h b/Signature.h index 3c45b739..21dccb98 100644 --- a/Signature.h +++ b/Signature.h @@ -464,9 +464,11 @@ namespace crypto bool Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const { - EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new (m_PublicKey, nullptr); + uint8_t digest[32]; + GOSTR3411 (buf, len, digest); + EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new (m_PublicKey, GetGostEngine ()); EVP_PKEY_verify_init (ctx); - int ret = EVP_PKEY_verify (ctx, signature, GOSTR3410_SIGNATURE_LENGTH, buf, len); + int ret = EVP_PKEY_verify (ctx, signature, GOSTR3410_SIGNATURE_LENGTH, digest, 32); EVP_PKEY_CTX_free (ctx); return ret == 1; } @@ -494,10 +496,12 @@ namespace crypto void Sign (const uint8_t * buf, int len, uint8_t * signature) const { - EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new (m_PrivateKey, nullptr); + uint8_t digest[32]; + GOSTR3411 (buf, len, digest); + EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new (m_PrivateKey, GetGostEngine ()); EVP_PKEY_sign_init (ctx); size_t l = GOSTR3410_SIGNATURE_LENGTH; - EVP_PKEY_sign (ctx, signature, &l, buf, len); + EVP_PKEY_sign (ctx, signature, &l, digest, 32); EVP_PKEY_CTX_free (ctx); } @@ -508,7 +512,7 @@ namespace crypto inline void CreateGOSTR3410RandomKeys (uint8_t * signingPrivateKey, uint8_t * signingPublicKey) { - auto ctx = EVP_PKEY_CTX_new_id(NID_id_GostR3410_2001, nullptr); + auto ctx = EVP_PKEY_CTX_new_id(NID_id_GostR3410_2001, GetGostEngine ()); EVP_PKEY_keygen_init (ctx); EVP_PKEY_CTX_ctrl_str (ctx, "paramset", "A"); EVP_PKEY* pkey = nullptr; From 85e2137d0e32e3d13a93a01033a428ac2c26b2c0 Mon Sep 17 00:00:00 2001 From: r4sas Date: Sat, 18 Feb 2017 09:14:23 +0300 Subject: [PATCH 16/27] disable incorrect check --- Crypto.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Crypto.cpp b/Crypto.cpp index 6b260ac1..7cffdb6c 100644 --- a/Crypto.cpp +++ b/Crypto.cpp @@ -811,7 +811,7 @@ namespace crypto uint8_t * GOSTR3411 (const uint8_t * buf, size_t len, uint8_t * digest) { - if (!g_Gost3411) return false; + //if (!g_Gost3411) return false; /* Converting bool to uint_8 ??? */ auto ctx = EVP_MD_CTX_new (); EVP_DigestInit_ex (ctx, g_Gost3411, GetGostEngine ()); EVP_DigestUpdate (ctx, buf, len); From 192b484a8c6dc9ab5eeaa1e381373853cfedb5ec Mon Sep 17 00:00:00 2001 From: orignal Date: Sat, 18 Feb 2017 07:00:14 -0500 Subject: [PATCH 17/27] fixed typo --- Crypto.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Crypto.cpp b/Crypto.cpp index 7cffdb6c..dd6a7811 100644 --- a/Crypto.cpp +++ b/Crypto.cpp @@ -811,7 +811,7 @@ namespace crypto uint8_t * GOSTR3411 (const uint8_t * buf, size_t len, uint8_t * digest) { - //if (!g_Gost3411) return false; /* Converting bool to uint_8 ??? */ + if (!g_Gost3411) return nullptr; auto ctx = EVP_MD_CTX_new (); EVP_DigestInit_ex (ctx, g_Gost3411, GetGostEngine ()); EVP_DigestUpdate (ctx, buf, len); From d75b9161539dc02901807a6496fe948fa6985fe9 Mon Sep 17 00:00:00 2001 From: orignal Date: Sat, 18 Feb 2017 18:45:21 -0500 Subject: [PATCH 18/27] correct GOST engine initialization --- Crypto.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Crypto.cpp b/Crypto.cpp index dd6a7811..fb3ce16b 100644 --- a/Crypto.cpp +++ b/Crypto.cpp @@ -831,6 +831,9 @@ namespace crypto g_GostEngine = ENGINE_by_id ("gost"); if (!g_GostEngine) return false; + ENGINE_init (g_GostEngine); + ENGINE_set_default (g_GostEngine, ENGINE_METHOD_ALL); + ENGINE_ctrl_cmd_string(g_GostEngine, "CRYPT_PARAMS", "id-Gost28147-89-CryptoPro-A-ParamSet", 0); g_Gost3411 = ENGINE_get_digest(g_GostEngine, NID_id_GostR3411_94); return true; } From 1cb89ce20d6bfe60844bb51bb0ef4a2ebfa9035f Mon Sep 17 00:00:00 2001 From: orignal Date: Sun, 19 Feb 2017 14:45:10 -0500 Subject: [PATCH 19/27] set correct curve parameters for GOST R 34.10 --- Crypto.cpp | 22 +++++++++++++++------- Crypto.h | 2 +- Signature.h | 18 ++++++++++-------- 3 files changed, 26 insertions(+), 16 deletions(-) diff --git a/Crypto.cpp b/Crypto.cpp index fb3ce16b..4aa6b82d 100644 --- a/Crypto.cpp +++ b/Crypto.cpp @@ -803,17 +803,18 @@ namespace crypto static ENGINE * g_GostEngine = nullptr; static const EVP_MD * g_Gost3411 = nullptr; - - ENGINE * GetGostEngine () + static EVP_PKEY * g_GostPKEY = nullptr; + + const EVP_PKEY * GetGostPKEY () { - return g_GostEngine; - } - + return g_GostPKEY; + } + uint8_t * GOSTR3411 (const uint8_t * buf, size_t len, uint8_t * digest) { if (!g_Gost3411) return nullptr; auto ctx = EVP_MD_CTX_new (); - EVP_DigestInit_ex (ctx, g_Gost3411, GetGostEngine ()); + EVP_DigestInit_ex (ctx, g_Gost3411, g_GostEngine); EVP_DigestUpdate (ctx, buf, len); EVP_DigestFinal_ex (ctx, digest, nullptr); EVP_MD_CTX_free (ctx); @@ -833,13 +834,20 @@ namespace crypto ENGINE_init (g_GostEngine); ENGINE_set_default (g_GostEngine, ENGINE_METHOD_ALL); - ENGINE_ctrl_cmd_string(g_GostEngine, "CRYPT_PARAMS", "id-Gost28147-89-CryptoPro-A-ParamSet", 0); g_Gost3411 = ENGINE_get_digest(g_GostEngine, NID_id_GostR3411_94); + + auto ctx = EVP_PKEY_CTX_new_id(NID_id_GostR3410_2001, g_GostEngine); + EVP_PKEY_keygen_init (ctx); + EVP_PKEY_CTX_ctrl_str (ctx, "paramset", "A"); // possible values 'A', 'B', 'C', 'XA', 'XB' + EVP_PKEY_keygen (ctx, &g_GostPKEY); // it seems only way to fill with correct params + EVP_PKEY_CTX_free (ctx); return true; } void TerminateGost () { + if (g_GostPKEY) + EVP_PKEY_free (g_GostPKEY); if (g_GostEngine) { ENGINE_finish (g_GostEngine); diff --git a/Crypto.h b/Crypto.h index 24d16ae5..fca7b073 100644 --- a/Crypto.h +++ b/Crypto.h @@ -282,7 +282,7 @@ namespace crypto // GOST bool InitGost (); void TerminateGost (); - ENGINE * GetGostEngine (); + const EVP_PKEY * GetGostPKEY (); uint8_t * GOSTR3411 (const uint8_t * buf, size_t len, uint8_t * digest); // hash void InitCrypto (bool precomputation, bool withGost = false); diff --git a/Signature.h b/Signature.h index 21dccb98..d8c04814 100644 --- a/Signature.h +++ b/Signature.h @@ -453,8 +453,9 @@ namespace crypto GOSTR3410Verifier (const uint8_t * signingKey) { m_PublicKey = EVP_PKEY_new (); - EVP_PKEY_set_type (m_PublicKey, NID_id_GostR3410_2001); - EC_KEY * ecKey = (EC_KEY *)EVP_PKEY_get0 (m_PublicKey); + EC_KEY * ecKey = EC_KEY_new (); + EVP_PKEY_assign (m_PublicKey, NID_id_GostR3410_2001, ecKey); + EVP_PKEY_copy_parameters (m_PublicKey, GetGostPKEY ()); BIGNUM * x = BN_bin2bn (signingKey, GOSTR3410_PUBLIC_KEY_LENGTH/2, NULL); BIGNUM * y = BN_bin2bn (signingKey + GOSTR3410_PUBLIC_KEY_LENGTH/2, GOSTR3410_PUBLIC_KEY_LENGTH/2, NULL); EC_KEY_set_public_key_affine_coordinates (ecKey, x, y); @@ -466,7 +467,7 @@ namespace crypto { uint8_t digest[32]; GOSTR3411 (buf, len, digest); - EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new (m_PublicKey, GetGostEngine ()); + EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new (m_PublicKey, nullptr); EVP_PKEY_verify_init (ctx); int ret = EVP_PKEY_verify (ctx, signature, GOSTR3410_SIGNATURE_LENGTH, digest, 32); EVP_PKEY_CTX_free (ctx); @@ -488,8 +489,9 @@ namespace crypto GOSTR3410Signer (const uint8_t * signingPrivateKey) { m_PrivateKey = EVP_PKEY_new (); - EVP_PKEY_set_type (m_PrivateKey, NID_id_GostR3410_2001); - EC_KEY * ecKey = (EC_KEY *)EVP_PKEY_get0 (m_PrivateKey); + EC_KEY * ecKey = EC_KEY_new (); + EVP_PKEY_assign (m_PrivateKey, NID_id_GostR3410_2001, ecKey); + EVP_PKEY_copy_parameters (m_PrivateKey, GetGostPKEY ()); EC_KEY_set_private_key (ecKey, BN_bin2bn (signingPrivateKey, GOSTR3410_PUBLIC_KEY_LENGTH/2, NULL)); } ~GOSTR3410Signer () { EVP_PKEY_free (m_PrivateKey); } @@ -498,7 +500,7 @@ namespace crypto { uint8_t digest[32]; GOSTR3411 (buf, len, digest); - EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new (m_PrivateKey, GetGostEngine ()); + EVP_PKEY_CTX *ctx = EVP_PKEY_CTX_new (m_PrivateKey, nullptr); EVP_PKEY_sign_init (ctx); size_t l = GOSTR3410_SIGNATURE_LENGTH; EVP_PKEY_sign (ctx, signature, &l, digest, 32); @@ -512,9 +514,9 @@ namespace crypto inline void CreateGOSTR3410RandomKeys (uint8_t * signingPrivateKey, uint8_t * signingPublicKey) { - auto ctx = EVP_PKEY_CTX_new_id(NID_id_GostR3410_2001, GetGostEngine ()); + auto ctx = EVP_PKEY_CTX_new_id(NID_id_GostR3410_2001, nullptr); EVP_PKEY_keygen_init (ctx); - EVP_PKEY_CTX_ctrl_str (ctx, "paramset", "A"); + EVP_PKEY_CTX_ctrl_str (ctx, "paramset", "A"); // TODO should be in one place EVP_PKEY* pkey = nullptr; EVP_PKEY_keygen (ctx, &pkey); const EC_KEY* ecKey = (const EC_KEY*) EVP_PKEY_get0(pkey); From 83b9b3bf4a3c7b03534054bd9d9f725eb15e4b71 Mon Sep 17 00:00:00 2001 From: orignal Date: Sun, 19 Feb 2017 18:08:10 -0500 Subject: [PATCH 20/27] enable GOST R 34.10 signatures from netid!=2 --- Crypto.cpp | 1 + Daemon.cpp | 2 ++ Identity.cpp | 19 +++++++++++++++++++ Identity.h | 3 +++ 4 files changed, 25 insertions(+) diff --git a/Crypto.cpp b/Crypto.cpp index 4aa6b82d..fec930ac 100644 --- a/Crypto.cpp +++ b/Crypto.cpp @@ -837,6 +837,7 @@ namespace crypto g_Gost3411 = ENGINE_get_digest(g_GostEngine, NID_id_GostR3411_94); auto ctx = EVP_PKEY_CTX_new_id(NID_id_GostR3410_2001, g_GostEngine); + if (!ctx) return false; EVP_PKEY_keygen_init (ctx); EVP_PKEY_CTX_ctrl_str (ctx, "paramset", "A"); // possible values 'A', 'B', 'C', 'XA', 'XB' EVP_PKEY_keygen (ctx, &g_GostPKEY); // it seems only way to fill with correct params diff --git a/Daemon.cpp b/Daemon.cpp index c7aaa279..5abadcb8 100644 --- a/Daemon.cpp +++ b/Daemon.cpp @@ -122,6 +122,7 @@ namespace i2p i2p::crypto::InitCrypto (precomputation); int netID; i2p::config::GetOption("netid", netID); + if (netID != 2) i2p::crypto::InitGost () // init GOST for own darknet i2p::context.SetNetID (netID); i2p::context.Init (); @@ -349,6 +350,7 @@ namespace i2p d.m_WebsocketServer = nullptr; } #endif + if (i2p::context.GetNetID () != 2) i2p::crypto::TerminateGost (); i2p::crypto::TerminateCrypto (); i2p::log::Logger().Stop(); diff --git a/Identity.cpp b/Identity.cpp index 4e9bee63..68659e2b 100644 --- a/Identity.cpp +++ b/Identity.cpp @@ -102,6 +102,13 @@ namespace data memcpy (m_StandardIdentity.signingKey + padding, signingKey, i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH); break; } + case SIGNING_KEY_TYPE_GOSTR3410_A_GOSTR3411: + { + size_t padding = 128 - i2p::crypto::GOSTR3410_PUBLIC_KEY_LENGTH; // 64 = 128 - 64 + RAND_bytes (m_StandardIdentity.signingKey, padding); + memcpy (m_StandardIdentity.signingKey + padding, signingKey, i2p::crypto::GOSTR3410_PUBLIC_KEY_LENGTH); + break; + } default: LogPrint (eLogError, "Identity: Signing key type ", (int)type, " is not supported"); } @@ -370,6 +377,12 @@ namespace data UpdateVerifier (new i2p::crypto::EDDSA25519Verifier (m_StandardIdentity.signingKey + padding)); break; } + case SIGNING_KEY_TYPE_GOSTR3410_A_GOSTR3411: + { + size_t padding = 128 - i2p::crypto::GOSTR3410_PUBLIC_KEY_LENGTH; // 64 = 128 - 64 + UpdateVerifier (new i2p::crypto::GOSTR3410Verifier (m_StandardIdentity.signingKey + padding)); + break; + } default: LogPrint (eLogError, "Identity: Signing key type ", (int)keyType, " is not supported"); } @@ -511,6 +524,9 @@ namespace data case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519: m_Signer.reset (new i2p::crypto::EDDSA25519Signer (m_SigningPrivateKey, m_Public->GetStandardIdentity ().certificate - i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH)); break; + case SIGNING_KEY_TYPE_GOSTR3410_A_GOSTR3411: + m_Signer.reset (new i2p::crypto::GOSTR3410Signer (m_SigningPrivateKey)); + break; default: LogPrint (eLogError, "Identity: Signing key type ", (int)m_Public->GetSigningKeyType (), " is not supported"); } @@ -546,6 +562,9 @@ namespace data case SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519: i2p::crypto::CreateEDDSA25519RandomKeys (keys.m_SigningPrivateKey, signingPublicKey); break; + case SIGNING_KEY_TYPE_GOSTR3410_A_GOSTR3411: + i2p::crypto::CreateGOSTR3410RandomKeys (keys.m_SigningPrivateKey, signingPublicKey); + break; default: LogPrint (eLogError, "Identity: Signing key type ", (int)type, " is not supported. Create DSA-SHA1"); return PrivateKeys (i2p::data::CreateRandomKeys ()); // DSA-SHA1 diff --git a/Identity.h b/Identity.h index 49dada48..5fbf1675 100644 --- a/Identity.h +++ b/Identity.h @@ -60,6 +60,9 @@ namespace data const uint16_t SIGNING_KEY_TYPE_RSA_SHA384_3072 = 5; const uint16_t SIGNING_KEY_TYPE_RSA_SHA512_4096 = 6; const uint16_t SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519 = 7; + // following signature type should never appear in netid=2 + const uint16_t SIGNING_KEY_TYPE_GOSTR3410_A_GOSTR3411 = 65280; // approved by FSB + typedef uint16_t SigningKeyType; typedef uint16_t CryptoKeyType; From d6e037dd28f66ccd79aad5ab296562e523ac6e1e Mon Sep 17 00:00:00 2001 From: orignal Date: Sun, 19 Feb 2017 19:31:37 -0500 Subject: [PATCH 21/27] fixed build error --- Daemon.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Daemon.cpp b/Daemon.cpp index 5abadcb8..74d3f859 100644 --- a/Daemon.cpp +++ b/Daemon.cpp @@ -122,7 +122,7 @@ namespace i2p i2p::crypto::InitCrypto (precomputation); int netID; i2p::config::GetOption("netid", netID); - if (netID != 2) i2p::crypto::InitGost () // init GOST for own darknet + if (netID != 2) i2p::crypto::InitGost (); // init GOST for own darknet i2p::context.SetNetID (netID); i2p::context.Init (); From ffc3a31d0972ca342b2478f9fd5d030a54926ea1 Mon Sep 17 00:00:00 2001 From: orignal Date: Tue, 21 Feb 2017 11:23:14 -0500 Subject: [PATCH 22/27] fixed andorid build --- Crypto.cpp | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/Crypto.cpp b/Crypto.cpp index fec930ac..53e9faeb 100644 --- a/Crypto.cpp +++ b/Crypto.cpp @@ -823,7 +823,8 @@ namespace crypto bool InitGost () { -#if OPENSSL_API_COMPAT < 0x10100000L +#ifndef OPENSSL_NO_ENGINE +#if (OPENSSL_VERSION_NUMBER < 0x010100000) || defined(LIBRESSL_VERSION_NUMBER) ENGINE_load_builtin_engines (); ENGINE_load_dynamic (); #else @@ -843,20 +844,26 @@ namespace crypto EVP_PKEY_keygen (ctx, &g_GostPKEY); // it seems only way to fill with correct params EVP_PKEY_CTX_free (ctx); return true; +#else + LogPrint (eLogError, "Can't initialize GOST. Engines are not supported"); + return false; +#endif } void TerminateGost () { if (g_GostPKEY) EVP_PKEY_free (g_GostPKEY); +#ifndef OPENSSL_NO_ENGINE if (g_GostEngine) { ENGINE_finish (g_GostEngine); ENGINE_free (g_GostEngine); -#if OPENSSL_API_COMPAT < 0x10100000L +#if (OPENSSL_VERSION_NUMBER < 0x010100000) || defined(LIBRESSL_VERSION_NUMBER) ENGINE_cleanup(); #endif } +#endif } void InitCrypto (bool precomputation, bool withGost) From e968c6a2a463fdb52d39ab1a473943583b44f717 Mon Sep 17 00:00:00 2001 From: orignal Date: Tue, 21 Feb 2017 11:36:53 -0500 Subject: [PATCH 23/27] fixed typo --- Crypto.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Crypto.cpp b/Crypto.cpp index 53e9faeb..65bed577 100644 --- a/Crypto.cpp +++ b/Crypto.cpp @@ -828,7 +828,7 @@ namespace crypto ENGINE_load_builtin_engines (); ENGINE_load_dynamic (); #else - OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_ALL_BUILTIN |, NULL); + OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_ALL_BUILTIN | NULL); #endif g_GostEngine = ENGINE_by_id ("gost"); if (!g_GostEngine) return false; From d8c30f6cbbe150b933047fb79281e3a10e45c7c3 Mon Sep 17 00:00:00 2001 From: orignal Date: Tue, 21 Feb 2017 11:38:11 -0500 Subject: [PATCH 24/27] fixed typo --- Crypto.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Crypto.cpp b/Crypto.cpp index 65bed577..4e8673d2 100644 --- a/Crypto.cpp +++ b/Crypto.cpp @@ -828,7 +828,7 @@ namespace crypto ENGINE_load_builtin_engines (); ENGINE_load_dynamic (); #else - OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_ALL_BUILTIN | NULL); + OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_ALL_BUILTIN, NULL); #endif g_GostEngine = ENGINE_by_id ("gost"); if (!g_GostEngine) return false; From c07928144c697424922a26cabd26d9f9363baab1 Mon Sep 17 00:00:00 2001 From: orignal Date: Tue, 21 Feb 2017 15:43:03 -0500 Subject: [PATCH 25/27] GOST support for Android openssl 1.1 --- android/jni/Android.mk | 15 +++++++++++---- android/jni/Application.mk | 1 + 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/android/jni/Android.mk b/android/jni/Android.mk index 5b77c66e..ad2592ee 100755 --- a/android/jni/Android.mk +++ b/android/jni/Android.mk @@ -97,18 +97,25 @@ include $(PREBUILT_STATIC_LIBRARY) LOCAL_PATH := $(call my-dir) include $(CLEAR_VARS) LOCAL_MODULE := crypto -LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.0/$(TARGET_ARCH_ABI)/lib/libcrypto.a -LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.0/include +LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.0e/$(TARGET_ARCH_ABI)/lib/libcrypto.a +LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.0e/include include $(PREBUILT_STATIC_LIBRARY) LOCAL_PATH := $(call my-dir) include $(CLEAR_VARS) LOCAL_MODULE := ssl -LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.0/$(TARGET_ARCH_ABI)/lib/libssl.a -LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.0/include +LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.0e/$(TARGET_ARCH_ABI)/lib/libssl.a +LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.0e/include LOCAL_STATIC_LIBRARIES := crypto include $(PREBUILT_STATIC_LIBRARY) +LOCAL_PATH := $(call my-dir) +include $(CLEAR_VARS) +LOCAL_MODULE := gost_engine +LOCAL_SRC_FILES := $(GOST_PATH)/gost-engine/$(TARGET_ARCH_ABI)/lib/libgost.a +LOCAL_EXPORT_C_INCLUDES := $(GOST_PATH)/gost-engine/include +include $(PREBUILT_STATIC_LIBRARY) + LOCAL_PATH := $(call my-dir) include $(CLEAR_VARS) LOCAL_MODULE := miniupnpc diff --git a/android/jni/Application.mk b/android/jni/Application.mk index e8a51add..ee031efc 100755 --- a/android/jni/Application.mk +++ b/android/jni/Application.mk @@ -30,3 +30,4 @@ BOOST_PATH = $(I2PD_LIBS_PATH)/Boost-for-Android-Prebuilt OPENSSL_PATH = $(I2PD_LIBS_PATH)/OpenSSL-for-Android-Prebuilt MINIUPNP_PATH = $(I2PD_LIBS_PATH)/MiniUPnP-for-Android-Prebuilt IFADDRS_PATH = $(I2PD_LIBS_PATH)/android-ifaddrs +GOST_PATH = $(I2PD_LIBS_PATH)/GOST-Engine-for-Android-Prebuilt From 145e36925f9ceab52f69bdaf93490ba4110bca5e Mon Sep 17 00:00:00 2001 From: orignal Date: Thu, 23 Feb 2017 22:08:25 -0500 Subject: [PATCH 26/27] check certificate size --- Identity.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Identity.cpp b/Identity.cpp index 68659e2b..aecb11cc 100644 --- a/Identity.cpp +++ b/Identity.cpp @@ -302,14 +302,14 @@ namespace data SigningKeyType IdentityEx::GetSigningKeyType () const { - if (m_StandardIdentity.certificate[0] == CERTIFICATE_TYPE_KEY && m_ExtendedBuffer) + if (m_StandardIdentity.certificate[0] == CERTIFICATE_TYPE_KEY && m_ExtendedLen >= 2) return bufbe16toh (m_ExtendedBuffer); // signing key return SIGNING_KEY_TYPE_DSA_SHA1; } CryptoKeyType IdentityEx::GetCryptoKeyType () const { - if (m_StandardIdentity.certificate[0] == CERTIFICATE_TYPE_KEY && m_ExtendedBuffer) + if (m_StandardIdentity.certificate[0] == CERTIFICATE_TYPE_KEY && m_ExtendedLen >= 4) return bufbe16toh (m_ExtendedBuffer + 2); // crypto key return CRYPTO_KEY_TYPE_ELGAMAL; } From 1ce6ad5ccc812599728e0a6f07767e52b48ecbee Mon Sep 17 00:00:00 2001 From: orignal Date: Fri, 24 Feb 2017 11:04:40 -0500 Subject: [PATCH 27/27] cleanup send buffer --- Streaming.cpp | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/Streaming.cpp b/Streaming.cpp index 551b1ff6..357a3373 100644 --- a/Streaming.cpp +++ b/Streaming.cpp @@ -408,10 +408,14 @@ namespace stream packets.push_back (p); numMsgs--; } - if (m_SendBuffer.eof () && m_SendHandler) + if (m_SendBuffer.eof ()) { - m_SendHandler (boost::system::error_code ()); - m_SendHandler = nullptr; + m_SendBuffer.str(""); // clean up buffer + if (m_SendHandler) + { + m_SendHandler (boost::system::error_code ()); + m_SendHandler = nullptr; + } } } if (packets.size () > 0)