2.14.0

NTCP SOCKS/HTTP Proxy support

.gitignore

@@ -1,5 +1,5 @@
 # i2pd
-obj/*.o
+*.o
 router.info
 router.keys
 i2p
@@ -240,10 +240,18 @@ pip-log.txt
 docs/_build
 /androidIdea/
 
+# Doxygen
+docs/generated
 
 # emacs files
 *~
 *\#*
 
 # gdb files
-.gdb_history
+.gdb_history
+
+# cmake makefile
+build/Makefile
+
+# debian stuff
+.pc/

ChangeLog

@@ -1,6 +1,31 @@
 # for this file format description,
 # see https://github.com/olivierlacan/keep-a-changelog
 
+## [2.14.0] - 2017-06-01
+### Added
+- Transit traffic bandwidth limitation
+- NTCP connections through HTTP and SOCKS proxies
+- Ability to disable address helper for HTTP proxy
+### Changed
+- Reseed servers list
+- Minimal required version is 4.0 for Android
+### Fixed
+- Ignore comments in addressbook feed
+
+## [2.13.0] - 2017-04-06
+### Added
+- Persist local destination's tags
+- GOST signature types 9 and 10
+- Exploratory tunnels configuration
+### Changed
+- Reseed servers list
+- Inactive NTCP sockets get closed faster
+- Some EdDSA speed up
+### Fixed
+- Multiple acceptors for SAM
+- Follow on data after STREAM CREATE for SAM
+- Memory leaks
+
 ## [2.12.0] - 2017-02-14
 ### Added
 - Additional HTTP and SOCKS proxy tunnels

Makefile

@@ -7,6 +7,10 @@ I2PD  := i2pd
 GREP := grep
 DEPS := obj/make.dep
 
+LIB_SRC_DIR := libi2pd
+LIB_CLIENT_SRC_DIR := libi2pd_client
+DAEMON_SRC_DIR := daemon
+
 include filelist.mk
 
 USE_AESNI	:= yes
@@ -17,24 +21,23 @@ USE_UPNP	:= no
 
 ifeq ($(WEBSOCKETS),1)
 	NEEDED_CXXFLAGS += -DWITH_EVENTS
-	DAEMON_SRC += Websocket.cpp
 endif
 
 ifeq ($(UNAME),Darwin)
-	DAEMON_SRC += DaemonLinux.cpp
+	DAEMON_SRC += $(DAEMON_SRC_DIR)/UnixDaemon.cpp
 	ifeq ($(HOMEBREW),1)
 		include Makefile.homebrew
 	else
 		include Makefile.osx
 	endif
 else ifeq ($(shell echo $(UNAME) | $(GREP) -Ec '(Free|Open)BSD'),1)
-	DAEMON_SRC += DaemonLinux.cpp
+	DAEMON_SRC += $(DAEMON_SRC_DIR)/UnixDaemon.cpp
 	include Makefile.bsd
 else ifeq ($(UNAME),Linux)
-	DAEMON_SRC += DaemonLinux.cpp
+	DAEMON_SRC += $(DAEMON_SRC_DIR)/UnixDaemon.cpp
 	include Makefile.linux
-else # win32 mingw
-	DAEMON_SRC += DaemonWin32.cpp Win32/Win32Service.cpp Win32/Win32App.cpp
+else
+	DAEMON_SRC += Win32/DaemonWin32.cpp Win32/Win32Service.cpp Win32/Win32App.cpp
 	include Makefile.mingw
 endif
 
@@ -42,11 +45,16 @@ ifeq ($(USE_MESHNET),yes)
 	NEEDED_CXXFLAGS += -DMESHNET
 endif
 
+NEEDED_CXXFLAGS += -I$(LIB_SRC_DIR) -I$(LIB_CLIENT_SRC_DIR)
+
 all: mk_obj_dir $(ARLIB) $(ARLIB_CLIENT) $(I2PD)
 
 mk_obj_dir:
 	@mkdir -p obj
 	@mkdir -p obj/Win32
+	@mkdir -p obj/$(LIB_SRC_DIR)
+	@mkdir -p obj/$(LIB_CLIENT_SRC_DIR)
+	@mkdir -p obj/$(DAEMON_SRC_DIR)
 
 api: mk_obj_dir $(SHLIB) $(ARLIB)
 api_client: mk_obj_dir $(SHLIB) $(ARLIB) $(SHLIB_CLIENT) $(ARLIB_CLIENT)
@@ -70,7 +78,7 @@ obj/%.o: %.cpp
 
 DAEMON_OBJS += $(patsubst %.cpp,obj/%.o,$(DAEMON_SRC))
 $(I2PD): $(DAEMON_OBJS) $(ARLIB) $(ARLIB_CLIENT)
-	$(CXX) -o $@ $^ $(LDLIBS) $(LDFLAGS)
+	$(CXX) -o $@ $^ $(LDFLAGS) $(LDLIBS)
 
 $(SHLIB): $(patsubst %.cpp,obj/%.o,$(LIB_SRC))
 ifneq ($(USE_STATIC),yes)

Makefile.homebrew

@@ -9,8 +9,9 @@ LDFLAGS = -L${SSLROOT}/lib -L${BOOSTROOT}/lib
 LDLIBS = -lz -lcrypto -lssl -lboost_system -lboost_date_time -lboost_filesystem -lboost_program_options -lpthread
 
 ifeq ($(USE_UPNP),yes)
-  LDFLAGS += -ldl
-  CXXFLAGS += -DUSE_UPNP
+	LDFLAGS += -ldl
+	CXXFLAGS += -DUSE_UPNP
+	LDLIBS += -lminiupnpc
 endif
 
 # OSX Notes
@@ -19,7 +20,7 @@ endif
 # Found no good way to detect it from command line. TODO: Might be some osx sysinfo magic
 # note from psi: 2009 macbook does not have aesni
 #ifeq ($(USE_AESNI),yes)
-#  CXXFLAGS += -maes -DAESNI
+#	CXXFLAGS += -maes -DAESNI
 #endif
 
 # Disabled, since it will be the default make rule. I think its better

Makefile.linux

@@ -12,7 +12,7 @@ INCFLAGS ?=
 # detect proper flag for c++11 support by compilers
 CXXVER := $(shell $(CXX) -dumpversion)
 ifeq ($(shell expr match $(CXX) 'clang'),5)
-	NEEDED_CXXFLAGS += -std=c++11
+	NEEDED_CXXFLAGS += -std=c++11 
 else ifeq ($(shell expr match ${CXXVER} "4\.[0-9][0-9]"),4) # gcc >= 4.10
 	NEEDED_CXXFLAGS += -std=c++11
 else ifeq ($(shell expr match ${CXXVER} "4\.[7-9]"),3) # >= 4.7
@@ -31,39 +31,36 @@ ifeq ($(USE_STATIC),yes)
 # NOTE: on glibc you will get this warning:
 #   Using 'getaddrinfo' in statically linked applications requires at runtime
 #   the shared libraries from the glibc version used for linking
-  LIBDIR := /usr/lib
-  LDLIBS  = $(LIBDIR)/libboost_system.a
-  LDLIBS += $(LIBDIR)/libboost_date_time.a
-  LDLIBS += $(LIBDIR)/libboost_filesystem.a
-  LDLIBS += $(LIBDIR)/libboost_program_options.a
-  LDLIBS += $(LIBDIR)/libssl.a
-  LDLIBS += $(LIBDIR)/libcrypto.a
-  LDLIBS += $(LIBDIR)/libz.a
-  LDLIBS += -lpthread -static-libstdc++ -static-libgcc -lrt -ldl
-  USE_AESNI := no
+	LIBDIR := /usr/lib
+	LDLIBS  = $(LIBDIR)/libboost_system.a
+	LDLIBS += $(LIBDIR)/libboost_date_time.a
+	LDLIBS += $(LIBDIR)/libboost_filesystem.a
+	LDLIBS += $(LIBDIR)/libboost_program_options.a
+	LDLIBS += $(LIBDIR)/libssl.a
+	LDLIBS += $(LIBDIR)/libcrypto.a
+	LDLIBS += $(LIBDIR)/libz.a
+	LDLIBS += -lpthread -static-libstdc++ -static-libgcc -lrt -ldl
+	USE_AESNI := no
 else
-  LDLIBS = -lcrypto -lssl -lz -lboost_system -lboost_date_time -lboost_filesystem -lboost_program_options -lpthread
+	LDLIBS = -lcrypto -lssl -lz -lboost_system -lboost_date_time -lboost_filesystem -lboost_program_options -lpthread
 endif
 
 # UPNP Support (miniupnpc 1.5 and higher)
 ifeq ($(USE_UPNP),yes)
-  CXXFLAGS += -DUSE_UPNP
+	CXXFLAGS += -DUSE_UPNP
 ifeq ($(USE_STATIC),yes)
-  LDLIBS += $(LIBDIR)/libminiupnpc.a
+	LDLIBS += $(LIBDIR)/libminiupnpc.a
 else
-  LDLIBS += -lminiupnpc
+	LDLIBS += -lminiupnpc
 endif
 endif
 
-IS_64 := $(shell $(CXX) -dumpmachine 2>&1 | $(GREP) -c "64")
 ifeq ($(USE_AESNI),yes)
-ifeq ($(IS_64),1)
 #check if AES-NI is supported by CPU
 ifneq ($(shell $(GREP) -c aes /proc/cpuinfo),0)
 	CPU_FLAGS += -maes -DAESNI
 endif
 endif
-endif
 
 ifeq ($(USE_AVX),yes)
 #check if AVX supported by CPU

Makefile.mingw

@@ -4,31 +4,29 @@ WINDRES = windres
 CXXFLAGS = -Os -D_MT -DWIN32 -D_WINDOWS -DWIN32_LEAN_AND_MEAN
 NEEDED_CXXFLAGS = -std=c++11
 BOOST_SUFFIX = -mt
-INCFLAGS = -I/usr/include/ -I/usr/local/include/
-LDFLAGS = -Wl,-rpath,/usr/local/lib \
-  -L/usr/local/lib 
+INCFLAGS = -I/usr/include/ -I/usr/local/include/ -I. -Idaemon
+LDFLAGS = -Wl,-rpath,/usr/local/lib -Wl,-Bstatic -static-libgcc -static-libstdc++ -L/usr/local/lib
 
-# UPNP Support 
+# UPNP Support
 ifeq ($(USE_UPNP),yes)
-  CXXFLAGS += -DUSE_UPNP -DMINIUPNP_STATICLIB
-  LDLIBS = -Wl,-Bstatic -lminiupnpc	
+	CXXFLAGS += -DUSE_UPNP -DMINIUPNP_STATICLIB
+	LDLIBS = -lminiupnpc
 endif
 
 LDLIBS += \
-  -Wl,-Bstatic -lboost_system$(BOOST_SUFFIX) \
-  -Wl,-Bstatic -lboost_date_time$(BOOST_SUFFIX) \
-  -Wl,-Bstatic -lboost_filesystem$(BOOST_SUFFIX) \
-  -Wl,-Bstatic -lboost_program_options$(BOOST_SUFFIX) \
-  -Wl,-Bstatic -lssl \
-  -Wl,-Bstatic -lcrypto \
-  -Wl,-Bstatic -lz \
-  -Wl,-Bstatic -lwsock32 \
-  -Wl,-Bstatic -lws2_32 \
-  -Wl,-Bstatic -lgdi32 \
-  -Wl,-Bstatic -liphlpapi \
-  -static-libgcc -static-libstdc++ \
-  -Wl,-Bstatic -lstdc++ \
-  -Wl,-Bstatic -lpthread
+	-lboost_system$(BOOST_SUFFIX) \
+	-lboost_date_time$(BOOST_SUFFIX) \
+	-lboost_filesystem$(BOOST_SUFFIX) \
+	-lboost_program_options$(BOOST_SUFFIX) \
+	-lssl \
+	-lcrypto \
+	-lz \
+	-lwsock32 \
+	-lws2_32 \
+	-lgdi32 \
+	-liphlpapi \
+	-lstdc++ \
+	-lpthread
 
 ifeq ($(USE_WIN32_APP), yes)
 	CXXFLAGS += -DWIN32_APP
@@ -50,7 +48,7 @@ endif
 
 ifeq ($(USE_ASLR),yes)
 	LDFLAGS += -Wl,--nxcompat -Wl,--high-entropy-va \
-      -Wl,--dynamicbase,--export-all-symbols
+	-Wl,--dynamicbase,--export-all-symbols
 endif
 
 obj/%.o : %.rc

Makefile.osx

@@ -13,6 +13,11 @@ endif
 ifeq ($(USE_UPNP),yes)
   LDFLAGS += -ldl
   CXXFLAGS += -DUSE_UPNP
+ifeq ($(USE_STATIC),yes)
+  LDLIBS += /usr/local/lib/libminiupnpc.a
+else
+  LDLIBS += -lminiupnpc
+endif
 endif
 
 ifeq ($(USE_AESNI),1)

README.md

@@ -17,6 +17,17 @@ applications (websites, instant messengers, chat-servers).
 I2P allows people from all around the world to communicate and share information
 without restrictions.
 
+Features
+--------
+
+* Distributed anonymous networking framework
+* End-to-end encrypted communications
+* Small footprint, simple dependencies, fast performance
+* Rich set of APIs for developers of secure applications
+
+Resources
+---------
+
 * [Website](http://i2pd.website)
 * [Documentation](https://i2pd.readthedocs.io/en/latest/)
 * [Wiki](https://github.com/PurpleI2P/i2pd/wiki)
@@ -34,7 +45,7 @@ i2pd from source on your OS.
 
 **Supported systems:**
 
-* Linux x86/x64  - [![Build Status](https://travis-ci.org/PurpleI2P/i2pd.svg?branch=openssl)](https://travis-ci.org/PurpleI2P/i2pd)  
+* GNU/Linux x86/x64  - [![Build Status](https://travis-ci.org/PurpleI2P/i2pd.svg?branch=openssl)](https://travis-ci.org/PurpleI2P/i2pd)  
 * Windows        - [![Build status](https://ci.appveyor.com/api/projects/status/1908qe4p48ff1x23?svg=true)](https://ci.appveyor.com/project/PurpleI2P/i2pd)  
 * Mac OS X
 * FreeBSD
@@ -44,17 +55,19 @@ i2pd from source on your OS.
 Using i2pd
 ----------
 
-See [documentation](https://i2pd.readthedocs.io/en/latest/usage.html) and 
-[example config file](https://github.com/PurpleI2P/i2pd/blob/openssl/docs/i2pd.conf).
+See [documentation](https://i2pd.readthedocs.io/en/latest/user-guide/run/) and 
+[example config file](https://github.com/PurpleI2P/i2pd/blob/openssl/contrib/i2pd.conf).
 
 Donations
 ---------
 
-BTC: 1K7Ds6KUeR8ya287UC4rYTjvC96vXyZbDY  
-DASH: Xw8YUrQpYzP9tZBmbjqxS3M97Q7v3vJKUF  
+BTC: 1K7Ds6KUeR8ya287UC4rYTjvC96vXyZbDY   
+ZEC: t1cTckLuXsr1dwVrK4NDzfhehss4NvMadAJ  
+DASH: Xw8YUrQpYzP9tZBmbjqxS3M97Q7v3vJKUF   
 LTC: LKQirrYrDeTuAPnpYq5y7LVKtywfkkHi59  
-ANC: AQJYweYYUqM1nVfLqfoSMpUMfzxvS4Xd7z  
-DOGE: DNXLQKziRPAsD9H3DFNjk4fLQrdaSX893Y 
+DOGE: DNXLQKziRPAsD9H3DFNjk4fLQrdaSX893Y  
+ANC: AQJYweYYUqM1nVfLqfoSMpUMfzxvS4Xd7z   
+GST: GbD2JSQHBHCKLa9WTHmigJRpyFgmBj4woG  
 
 License
 -------

UPnP.cpp

@@ -1,205 +0,0 @@
-#ifdef USE_UPNP
-#include <string>
-#include <thread>
-
-#include <boost/thread/thread.hpp>
-#include <boost/asio.hpp>
-#include <boost/bind.hpp>
-
-#include "Log.h"
-
-#include "RouterContext.h"
-#include "UPnP.h"
-#include "NetDb.h"
-#include "util.h"
-#include "RouterInfo.h"
-#include "Config.h"
-
-#include <miniupnpc/miniupnpc.h>
-#include <miniupnpc/upnpcommands.h>
-
-namespace i2p
-{
-namespace transport
-{
-    UPnP::UPnP () : m_IsRunning(false), m_Thread (nullptr), m_Timer (m_Service)
-    {
-    }
-
-    void UPnP::Stop ()
-    {
-		if (m_IsRunning)
-		{
-		    LogPrint(eLogInfo, "UPnP: stopping");
-			m_IsRunning = false;	
-			m_Timer.cancel ();
-			m_Service.stop ();
-		    if (m_Thread)
-		    {   
-		        m_Thread->join (); 
-		        m_Thread.reset (nullptr);
-		    }
-			CloseMapping ();
-		    Close ();
-		}
-    }
-
-    void UPnP::Start()
-    {
-		m_IsRunning = true;
-        LogPrint(eLogInfo, "UPnP: starting");
-		m_Service.post (std::bind (&UPnP::Discover, this));
-		std::unique_lock<std::mutex> l(m_StartedMutex);
-        m_Thread.reset (new std::thread (std::bind (&UPnP::Run, this)));
-		m_Started.wait_for (l, std::chrono::seconds (5)); // 5 seconds maximum
-    }
-    
-    UPnP::~UPnP ()
-    {
-		Stop ();
-    } 
-
-    void UPnP::Run ()
-    {
-		while (m_IsRunning)
-		{
-			try
-			{	
-				m_Service.run ();
-				// Discover failed
-				break; // terminate the thread
-			}
-			catch (std::exception& ex)
-			{
-				LogPrint (eLogError, "UPnP: runtime exception: ", ex.what ());
-				PortMapping ();
-			}	
-		}	
-    } 
-        
-    void UPnP::Discover ()
-    {
-        int nerror = 0;
-#if MINIUPNPC_API_VERSION >= 14
-        m_Devlist = upnpDiscover (2000, m_MulticastIf, m_Minissdpdpath, 0, 0, 2, &nerror);
-#else
-        m_Devlist = upnpDiscover (2000, m_MulticastIf, m_Minissdpdpath, 0, 0, &nerror);
-#endif
-		{
-			// notify satrting thread			
-			std::unique_lock<std::mutex> l(m_StartedMutex);
-			m_Started.notify_all ();
-		}	
-		
-        int r;
-        r = UPNP_GetValidIGD (m_Devlist, &m_upnpUrls, &m_upnpData, m_NetworkAddr, sizeof (m_NetworkAddr));
-        if (r == 1)
-        {
-            r = UPNP_GetExternalIPAddress (m_upnpUrls.controlURL, m_upnpData.first.servicetype, m_externalIPAddress);
-            if(r != UPNPCOMMAND_SUCCESS)
-            {
-                LogPrint (eLogError, "UPnP: UPNP_GetExternalIPAddress() returned ", r);
-                return;
-            }
-            else
-            {
-                if (!m_externalIPAddress[0])
-                {
-                    LogPrint (eLogError, "UPnP: GetExternalIPAddress() failed.");
-                    return;
-                }
-            }
-        }
-		else
-		{
-			 LogPrint (eLogError, "UPnP: GetValidIGD() failed.");
-             return;
-		}
-
-		// UPnP discovered	
-		LogPrint (eLogDebug, "UPnP: ExternalIPAddress is ", m_externalIPAddress);
-        i2p::context.UpdateAddress (boost::asio::ip::address::from_string (m_externalIPAddress));
-		// port mapping
-		PortMapping ();
-    }
-
-	void UPnP::PortMapping ()
-	{
-		const auto& a = context.GetRouterInfo().GetAddresses();
-		for (const auto& address : a)
-        {
-            if (!address->host.is_v6 ())
-            	TryPortMapping (address);
-        }
-		m_Timer.expires_from_now (boost::posix_time::minutes(20));	// every 20 minutes
-		m_Timer.async_wait ([this](const boost::system::error_code& ecode)
-			{ 
-				if (ecode != boost::asio::error::operation_aborted)	
-					PortMapping ();
-			});
-
-	}	
-
-	void UPnP::CloseMapping ()
-	{
-		const auto& a = context.GetRouterInfo().GetAddresses();
-		for (const auto& address : a)
-        {
-            if (!address->host.is_v6 ())
-            	CloseMapping (address);
-        }
-	}	
-
-    void UPnP::TryPortMapping (std::shared_ptr<i2p::data::RouterInfo::Address> address)
-    {
-        std::string strType (GetProto (address)), strPort (std::to_string (address->port));
-        int r;
-        std::string strDesc; i2p::config::GetOption("upnp.name", strDesc);
-        r = UPNP_AddPortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strPort.c_str (), m_NetworkAddr, strDesc.c_str (), strType.c_str (), 0, "0");
-        if (r!=UPNPCOMMAND_SUCCESS)
-        {
-            LogPrint (eLogError, "UPnP: AddPortMapping (", m_NetworkAddr, ":", strPort, ") failed with code ", r);
-            return;
-        }
-        else
-        {
-            LogPrint (eLogDebug, "UPnP: Port Mapping successful. (", m_NetworkAddr ,":", strPort, " type ", strType, " -> ", m_externalIPAddress ,":", strPort ,")");
-            return;
-        }
-    }
-
-    void UPnP::CloseMapping (std::shared_ptr<i2p::data::RouterInfo::Address> address)
-    {
-        std::string strType (GetProto (address)), strPort (std::to_string (address->port));
-        int r = 0;
-        r = UPNP_DeletePortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strType.c_str (), 0);
-        LogPrint (eLogError, "UPnP: DeletePortMapping() returned : ", r);
-    }
-
-    void UPnP::Close ()
-    {
-        freeUPNPDevlist (m_Devlist);
-        m_Devlist = 0;
-        FreeUPNPUrls (&m_upnpUrls);
-    }
-
-	std::string UPnP::GetProto (std::shared_ptr<i2p::data::RouterInfo::Address> address)
-	{
-		switch (address->transportStyle)
-        {
-            case i2p::data::RouterInfo::eTransportNTCP:
-                return "TCP";
-            break;
-            case i2p::data::RouterInfo::eTransportSSU:
-            default:
-                return "UDP";
-        }
-	}
-}
-}
-#else /* USE_UPNP */
-namespace i2p {
-namespace transport {
-}
-}
-#endif /* USE_UPNP */

Win32/Resource.rc2

@@ -6,7 +6,7 @@
 #error this file is not editable by Microsoft Visual C++
 #endif //APSTUDIO_INVOKED
 
-#include "../version.h"
+#include "../libi2pd/version.h"
 
 /////////////////////////////////////////////////////////////////////////////
 //

Win32/Win32App.cpp

@@ -1,13 +1,13 @@
 #include <string.h>
 #include <windows.h>
 #include <shellapi.h>
-#include "../ClientContext.h"
-#include "../Config.h"
-#include "../NetDb.h"
-#include "../RouterContext.h"
-#include "../Transports.h"
-#include "../Tunnel.h"
-#include "../version.h"
+#include "ClientContext.h"
+#include "Config.h"
+#include "NetDb.hpp"
+#include "RouterContext.h"
+#include "Transports.h"
+#include "Tunnel.h"
+#include "version.h"
 #include "resource.h"
 #include "Win32App.h"
 #include <stdio.h>
@@ -80,7 +80,7 @@ namespace win32
 		Shell_NotifyIcon (NIM_DELETE, &nid);
 	}
 
-	static void ShowUptime (std::stringstream& s, int seconds) 
+	static void ShowUptime (std::stringstream& s, int seconds)
 	{
 		int num;
 
@@ -99,7 +99,7 @@ namespace win32
 		s << seconds << " seconds\n";
 	}
 
-	static void ShowTransfered (std::stringstream& s, int transfer)
+	template <typename size> static void ShowTransfered (std::stringstream& s, size transfer)
 	{
 		auto bytes = transfer & 0x03ff;
 		transfer >>= 10;
@@ -125,8 +125,8 @@ namespace win32
 		{
 			case eRouterStatusOK: s << "OK"; break;
 			case eRouterStatusTesting: s << "Testing"; break;
-			case eRouterStatusFirewalled: s << "Firewalled"; break; 
-			case eRouterStatusError: 
+			case eRouterStatusFirewalled: s << "Firewalled"; break;
+			case eRouterStatusError:
 			{
 				switch (i2p::context.GetError())
 				{
@@ -143,7 +143,7 @@ namespace win32
 		s << "\n";
 		s << "Inbound: " << i2p::transport::transports.GetInBandwidth() / 1024 << " KiB/s; ";
 		s << "Outbound: " << i2p::transport::transports.GetOutBandwidth() / 1024 << " KiB/s\n";
-		s << "Recvieved: "; ShowTransfered (s, i2p::transport::transports.GetTotalReceivedBytes());
+		s << "Received: "; ShowTransfered (s, i2p::transport::transports.GetTotalReceivedBytes());
 		s << "Sent: "; ShowTransfered (s, i2p::transport::transports.GetTotalSentBytes());
 		s << "\n";
 		s << "Routers: " << i2p::data::netdb.GetNumRouters () << "; ";

Win32/Win32Service.cpp

@@ -7,8 +7,8 @@
 #include <strsafe.h>
 #include <windows.h>
 
-#include "../Daemon.h"
-#include "../Log.h"
+#include "Daemon.h"
+#include "Log.h"
 
 I2PService *I2PService::s_service = NULL;
 
@@ -100,7 +100,7 @@ I2PService::I2PService(PSTR pszServiceName,
 
 	m_fStopping = FALSE;
 
-	// Create a manual-reset event that is not signaled at first to indicate 
+	// Create a manual-reset event that is not signaled at first to indicate
 	// the stopped signal of the service.
 	m_hStoppedEvent = CreateEvent(NULL, TRUE, FALSE, NULL);
 	if (m_hStoppedEvent == NULL)

Win32/i2pd.vcxproj

@@ -83,7 +83,7 @@
     <ClInclude Include="..\LittleBigEndian.h" />
     <ClInclude Include="..\Log.h" />
 	<ClInclude Include="..\NetDbRequests.h" />
-    <ClInclude Include="..\NetDb.h" />
+    <ClInclude Include="..\NetDb.hpp" />
     <ClInclude Include="..\NTCPSession.h" />
     <ClInclude Include="..\Queue.h" />
 	<ClInclude Include="..\Profiling.h" />

Win32/i2pd.vcxproj.filters

@@ -158,7 +158,7 @@
     <ClInclude Include="..\Log.h">
       <Filter>Header Files</Filter>
     </ClInclude>
-    <ClInclude Include="..\NetDb.h">
+    <ClInclude Include="..\NetDb.hpp">
       <Filter>Header Files</Filter>
     </ClInclude>
     <ClInclude Include="..\NTCPSession.h">

Win32/installer.iss

@@ -1,5 +1,5 @@
 #define I2Pd_AppName "i2pd"
-#define I2Pd_ver "2.12.0"
+#define I2Pd_ver "2.14.0"
 #define I2Pd_Publisher "PurpleI2P"
 
 [Setup]
@@ -28,9 +28,9 @@ AppUpdatesURL=https://github.com/PurpleI2P/i2pd/releases
 Source: ..\i2pd_x86.exe; DestDir: {app}; DestName: i2pd.exe; Flags: ignoreversion; Check: not IsWin64
 Source: ..\i2pd_x64.exe; DestDir: {app}; DestName: i2pd.exe; Flags: ignoreversion; Check: IsWin64
 Source: ..\README.md; DestDir: {app}; DestName: Readme.txt; Flags: onlyifdoesntexist
-Source: ..\docs\i2pd.conf; DestDir: {userappdata}\i2pd; Flags: onlyifdoesntexist
-Source: ..\docs\subscriptions.txt; DestDir: {userappdata}\i2pd; Flags: onlyifdoesntexist
-Source: ..\docs\tunnels.conf; DestDir: {userappdata}\i2pd; Flags: onlyifdoesntexist
+Source: ..\contrib\i2pd.conf; DestDir: {userappdata}\i2pd; Flags: onlyifdoesntexist
+Source: ..\contrib\subscriptions.txt; DestDir: {userappdata}\i2pd; Flags: onlyifdoesntexist
+Source: ..\contrib\tunnels.conf; DestDir: {userappdata}\i2pd; Flags: onlyifdoesntexist
 Source: ..\contrib\certificates\*; DestDir: {userappdata}\i2pd\certificates; Flags: onlyifdoesntexist recursesubdirs createallsubdirs
 
 [Icons]

android/.gitignore

@@ -1,6 +1,7 @@
 gen
 tests
 .idea
+ant.properties
 local.properties
 build.sh
 bin

android/AndroidManifest.xml

@@ -2,8 +2,9 @@
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
       package="org.purplei2p.i2pd"
       android:versionCode="1"
-      android:versionName="2.12.0">
-    <uses-sdk android:minSdkVersion="9" android:targetSdkVersion="24"/>
+      android:versionName="2.14.0"
+	  android:installLocation="auto">
+    <uses-sdk android:minSdkVersion="14" android:targetSdkVersion="25"/>
 	<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
     <uses-permission android:name="android.permission.INTERNET"/>
     <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE"/>

android/build.xml

@@ -93,5 +93,4 @@
     -->
     <!-- version-tag: 1 -->
     <import file="${sdk.dir}/tools/ant/build.xml" />
-
 </project>

android/jni/Android.mk

@@ -2,7 +2,7 @@ LOCAL_PATH := $(call my-dir)
 include $(CLEAR_VARS)
 LOCAL_MODULE := i2pd
 LOCAL_CPP_FEATURES := rtti exceptions
-LOCAL_C_INCLUDES += $(IFADDRS_PATH) ../..
+LOCAL_C_INCLUDES += $(IFADDRS_PATH) $(LIB_SRC_PATH) $(LIB_CLIENT_SRC_PATH) $(DAEMON_SRC_PATH)
 LOCAL_STATIC_LIBRARIES := \
 	boost_system \
 	boost_date_time \
@@ -12,57 +12,13 @@ LOCAL_STATIC_LIBRARIES := \
 	miniupnpc
 LOCAL_LDLIBS := -lz
 
-LOCAL_SRC_FILES := DaemonAndroid.cpp i2pd_android.cpp \
-	$(IFADDRS_PATH)/ifaddrs.c \
-    ../../HTTPServer.cpp ../../I2PControl.cpp ../../Daemon.cpp ../../Config.cpp \
-    ../../AddressBook.cpp \
-    ../../api.cpp \
-    ../../Base.cpp \
-    ../../BOB.cpp \
-    ../../ClientContext.cpp \
-    ../../Crypto.cpp \
-    ../../Datagram.cpp \
-    ../../Destination.cpp \
-    ../../Family.cpp \
-    ../../FS.cpp \
-    ../../Garlic.cpp \
-    ../../Gzip.cpp \
-    ../../HTTP.cpp \
-    ../../HTTPProxy.cpp \
-    ../../I2CP.cpp \
-    ../../I2NPProtocol.cpp \
-    ../../I2PEndian.cpp \
-    ../../I2PService.cpp \
-    ../../I2PTunnel.cpp \
-    ../../Identity.cpp \
-    ../../LeaseSet.cpp \
-    ../../Log.cpp \
-    ../../NetDb.cpp \
-    ../../NetDbRequests.cpp \
-    ../../NTCPSession.cpp \
-    ../../Profiling.cpp \
-    ../../Reseed.cpp \
-    ../../RouterContext.cpp \
-    ../../RouterInfo.cpp \
-    ../../SAM.cpp \
-    ../../Signature.cpp \
-    ../../SOCKS.cpp \
-    ../../SSU.cpp \
-    ../../SSUData.cpp \
-    ../../SSUSession.cpp \
-    ../../Streaming.cpp \
-    ../../TransitTunnel.cpp \
-    ../../Transports.cpp \
-    ../../Tunnel.cpp \
-    ../../TunnelEndpoint.cpp \
-    ../../TunnelGateway.cpp \
-    ../../TunnelPool.cpp \
-	../../Timestamp.cpp \
-	../../Event.cpp \
-	../../WebSocks.cpp \
-../../BloomFilter.cpp \
-    ../../util.cpp \
-     ../../i2pd.cpp ../../UPnP.cpp
+LOCAL_SRC_FILES := DaemonAndroid.cpp i2pd_android.cpp $(IFADDRS_PATH)/ifaddrs.c \
+	$(wildcard $(LIB_SRC_PATH)/*.cpp)\
+	$(wildcard $(LIB_CLIENT_SRC_PATH)/*.cpp)\
+	$(DAEMON_SRC_PATH)/Daemon.cpp \
+	$(DAEMON_SRC_PATH)/UPnP.cpp \
+	$(DAEMON_SRC_PATH)/HTTPServer.cpp \
+	$(DAEMON_SRC_PATH)/I2PControl.cpp
 
 include $(BUILD_SHARED_LIBRARY)
 
@@ -97,15 +53,15 @@ include $(PREBUILT_STATIC_LIBRARY)
 LOCAL_PATH := $(call my-dir)
 include $(CLEAR_VARS)
 LOCAL_MODULE := crypto
-LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.0/$(TARGET_ARCH_ABI)/lib/libcrypto.a
-LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.0/include
+LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.0e/$(TARGET_ARCH_ABI)/lib/libcrypto.a
+LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.0e/include
 include $(PREBUILT_STATIC_LIBRARY)
 
 LOCAL_PATH := $(call my-dir)
 include $(CLEAR_VARS)
 LOCAL_MODULE := ssl
-LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.0/$(TARGET_ARCH_ABI)/lib/libssl.a
-LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.0/include
+LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.0e/$(TARGET_ARCH_ABI)/lib/libssl.a
+LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.0e/include
 LOCAL_STATIC_LIBRARIES := crypto
 include $(PREBUILT_STATIC_LIBRARY)
 

android/jni/Application.mk

@@ -3,7 +3,7 @@
 #APP_ABI := x86
 APP_ABI := armeabi-v7a
 #can be android-3 but will fail for x86 since arch-x86 is not present at ndkroot/platforms/android-3/ . libz is taken from there.
-APP_PLATFORM := android-9
+APP_PLATFORM := android-14
 
 # http://stackoverflow.com/a/21386866/529442 http://stackoverflow.com/a/15616255/529442 to enable c++11 support in Eclipse
 NDK_TOOLCHAIN_VERSION := 4.9
@@ -25,8 +25,15 @@ APP_OPTIM  := debug
 # git clone https://github.com/PurpleI2P/MiniUPnP-for-Android-Prebuilt.git
 # git clone https://github.com/PurpleI2P/android-ifaddrs.git
 # change to your own
-I2PD_LIBS_PATH=/path/to/libraries
+I2PD_LIBS_PATH = /path/to/libraries
 BOOST_PATH = $(I2PD_LIBS_PATH)/Boost-for-Android-Prebuilt
 OPENSSL_PATH = $(I2PD_LIBS_PATH)/OpenSSL-for-Android-Prebuilt
 MINIUPNP_PATH = $(I2PD_LIBS_PATH)/MiniUPnP-for-Android-Prebuilt
 IFADDRS_PATH = $(I2PD_LIBS_PATH)/android-ifaddrs
+
+# don't change me
+I2PD_SRC_PATH = $(PWD)/..
+
+LIB_SRC_PATH = $(I2PD_SRC_PATH)/libi2pd
+LIB_CLIENT_SRC_PATH = $(I2PD_SRC_PATH)/libi2pd_client
+DAEMON_SRC_PATH = $(I2PD_SRC_PATH)/daemon

android/jni/DaemonAndroid.cpp

@@ -1,5 +1,5 @@
 #include "DaemonAndroid.h"
-#include "../../Daemon.h"
+#include "Daemon.h"
 #include <iostream>
 #include <boost/exception/diagnostic_information.hpp>
 #include <boost/exception_ptr.hpp>
@@ -191,4 +191,3 @@ namespace android
 	}
 }
 }
-

android/jni/i2pd_android.cpp

@@ -3,8 +3,8 @@
 #include <jni.h>
 #include "org_purplei2p_i2pd_I2PD_JNI.h"
 #include "DaemonAndroid.h"
-#include "../../RouterContext.h"
-#include "../../Transports.h"
+#include "RouterContext.h"
+#include "Transports.h"
 
 JNIEXPORT jstring JNICALL Java_org_purplei2p_i2pd_I2PD_1JNI_getABICompiledWith
   (JNIEnv * env, jclass clazz) {
@@ -59,8 +59,8 @@ JNIEXPORT void JNICALL Java_org_purplei2p_i2pd_I2PD_1JNI_stopAcceptingTunnels
 }
 
 JNIEXPORT void JNICALL Java_org_purplei2p_i2pd_I2PD_1JNI_onNetworkStateChanged
-  (JNIEnv * env, jclass clazz, jboolean isConnected) 
+  (JNIEnv * env, jclass clazz, jboolean isConnected)
 {
 	bool isConnectedBool = (bool) isConnected;
-	i2p::transport::transports.SetOnline (isConnectedBool);	
+	i2p::transport::transports.SetOnline (isConnectedBool);
 }

android/libs/.gitignore

@@ -1 +0,0 @@
-armeabi-v7a

android/src/org/purplei2p/i2pd/ForegroundService.java

@@ -6,7 +6,6 @@ import android.app.Service;
 import android.content.Intent;
 import android.os.Binder;
 import android.os.IBinder;
-import android.support.v4.app.NotificationCompat;
 import android.util.Log;
 
 public class ForegroundService extends Service {
@@ -72,7 +71,7 @@ public class ForegroundService extends Service {
                 new Intent(this, I2PD.class), 0);
 
         // Set the info for the views that show in the notification panel.
-        Notification notification = new NotificationCompat.Builder(this)
+        Notification notification = new Notification.Builder(this)
                 .setSmallIcon(R.drawable.itoopie_notification_icon)  // the status icon
                 .setTicker(text)  // the status text
                 .setWhen(System.currentTimeMillis())  // the time stamp
@@ -85,4 +84,4 @@ public class ForegroundService extends Service {
         //mNM.notify(NOTIFICATION, notification);
         startForeground(NOTIFICATION, notification);
     }
-}
+}

appveyor.yml

@@ -1,4 +1,4 @@
-version: 1.0.{build}
+version: 2.14.{build}
 pull_requests:
   do_not_increment_build_number: true
 branches:
@@ -8,190 +8,42 @@ skip_tags: true
 os: Visual Studio 2015
 shallow_clone: true
 clone_depth: 1
-init:
-- cmd: >-
-    mkdir \projects\instdir
 
-    rem Appveyor has win32 openssl pre-installed that is picked up erroneously even for 64-bit. Cleaning the mess... Should happen before restoring cache.
-
-    rem Might consider passing OPENSSL_ROOT_DIR
-
-    if exist \OpenSSL-Win32 rmdir /S /Q \OpenSSL-Win32
-
-    if exist \OpenSSL-Win64 rmdir /S /Q \OpenSSL-Win64
-
-    if exist \OpenSSL rmdir /S /Q \OpenSSL
 environment:
-  BOOST_ROOT: C:\Libraries\boost_1_59_0
-  MINIUPNPC: miniupnpc-1.9.20151026
-  OPENSSL: OpenSSL_1_0_2e
-  ZLIB: zlib-1.2.8
+  MSYS2_PATH_TYPE: inherit
+  CHERE_INVOKING: enabled_from_arguments
   matrix:
-  # - type: static
-  #   msvc: 14
-  #   x64: 0
-  # - type: static
-  #   variant: Release
-  #   # FIXME why is this necessary with Appveyor???
-  #   cmake: -DSSL_EAY=/mingw32/lib/libssl.a -DLIB_EAY=/mingw32/lib/libcrypto.a
-  - type: shared
-    variant: Release
-  - type: static
-    msvc: 12
-    x64: 1
-    variant: RelWithDebInfo
-  - type: static
-    msvc: 14
-    variant: RelWithDebInfo
-    cmake: -DWITH_PCH=ON
-  # - type: static
-  #   msvc: 12
-  # - type: shared
-  #   msvc: 14
-  #   variant: Debug
-  # - type: shared
-  #   variant: Release
-  #   cmake: -DWITH_PCH=ON
-  #   x64: 1
+  - MSYSTEM: MINGW64
+  - MSYSTEM: MINGW32
+
 install:
-- if not exist \projects\miniupnpc\ (
-    mkdir \projects\miniupnpc
-    && curl -sL http://miniupnp.free.fr/files/download.php?file=%MINIUPNPC%.tar.gz -o \projects\miniupnpc\%MINIUPNPC%.tar.gz
-  )
-- tar --strip-components=1 --directory=\projects\miniupnpc -xzf \projects\miniupnpc\%MINIUPNPC%.tar.gz
-- if not exist \projects\zlib\ (
-    mkdir \projects\zlib
-    && cd \projects\zlib
-    && curl -sLO http://zlib.net/%ZLIB%.tar.gz
-  )
-- tar --strip-components=1 --directory=\projects\zlib -xzf \projects\zlib\%ZLIB%.tar.gz
-- patch -p0 C:/projects/zlib/CMakeLists.txt %APPVEYOR_BUILD_FOLDER%/build/cmake-zlib-static.patch
-- patch -p0 C:/projects/zlib/CMakeLists.txt %APPVEYOR_BUILD_FOLDER%/build/cmake-zlib-amd64.patch
-- if "%type%" == "static" (
-    set "static=ON"
-    && set "boostlib=lib"
+- c:\msys64\usr\bin\bash -lc "pacman --noconfirm -Rns gcc-fortran gcc"
+- c:\msys64\usr\bin\bash -lc "pacman --noconfirm -Syuu"
+
+- c:\msys64\usr\bin\bash -lc "pacman --noconfirm -Syuu"
+
+- if "%MSYSTEM%" == "MINGW64" (
+    c:\msys64\usr\bin\bash -lc "pacman --noconfirm -S mingw-w64-x86_64-boost mingw-w64-x86_64-miniupnpc"
   ) else (
-    set "static=OFF"
-    && set "dll=dll"
+    c:\msys64\usr\bin\bash -lc "pacman --noconfirm -S mingw-w64-i686-boost mingw-w64-i686-miniupnpc"
   )
-- if "%x64%"=="1" (
+
+- if "%MSYSTEM%" == "MINGW64" (
     set "bitness=64"
-    && set "openssl_target=VC-WIN64A"
-    && set "zlib_asm=-DAMD64=ON"
   ) else (
     set "bitness=32"
-    && set "openssl_target=VC-WIN32"
-    && set "zlib_asm=-DASM686=ON "-DCMAKE_ASM_MASM_FLAGS=/W0 /safeseh""
   )
-- C:\msys64\usr\bin\bash -lc "export PATH=/mingw%bitness%/bin:/usr/bin:. && cd /c/projects/miniupnpc && CC=gcc make -f Makefile.mingw init miniupnpc.dll > c:\projects\instdir\build_miniupnpc.log 2>&1 || cat c:\projects\instdir\build_miniupnpc.log"
-- set /a generator=%msvc%+2001
-- if defined msvc (
-    (
-      if "%x64%" == "1" (
-        call "C:\Program Files (x86)\Microsoft Visual Studio %msvc%.0\VC\vcvarsall.bat" amd64
-        && set "generator=Visual Studio %msvc% %generator% Win64"
-      ) else (
-        call "C:\Program Files (x86)\Microsoft Visual Studio %msvc%.0\VC\vcvarsall.bat" x86
-        && set "generator=Visual Studio %msvc% %generator%"
-      )
-    )
-    && set "zlib_root=C:/stage/zlib-Win%bitness%-vc%msvc%-%type%"
-    && if "%variant%" neq "Debug" (
-      set "boost_variant=variant=release"
-      && set "boostdbg=-gd"
-    )
-  ) else (
-    set "generator=Unix Makefiles"
-  )
-- if defined msvc if not exist %zlib_root% (
-    mkdir \projects\zlib-build
-    && cd \projects\zlib-build
-    && cmake ../zlib -G "%generator%" %zlib_asm% -DWITH_STATIC=%static% -DCMAKE_INSTALL_PREFIX=%zlib_root% > c:\projects\instdir\build_zlib.log
-    && cmake --build . --config Release --target INSTALL >> c:\projects\instdir\build_zlib.log
-    || type c:\projects\instdir\build_zlib.log
-  )
-- cmd: >-
-    rem cinst nasm
 
-    cd \projects
-
-    if not exist nasm-2.11.08-installer.exe curl --silent --location --remote-name http://www.nasm.us/pub/nasm/releasebuilds/2.11.08/win32/nasm-2.11.08-installer.exe
-
-    nasm-2.11.08-installer.exe /S
-
-    set "PATH=%PATH%;C:\Program Files (x86)\nasm"
-
-    if not exist %OPENSSL%.zip curl --silent --location --remote-name https://github.com/openssl/openssl/archive/%OPENSSL%.zip
-- cd %BOOST_ROOT%
-- if defined msvc if not exist "stage%bitness%\lib\%boostlib%boost_system-vc%msvc%0-mt%boostdbg%*" (
-    bootstrap > c:\projects\instdir\build_boost.log
-    && b2 toolset=msvc-%msvc%.0 %boost_variant% link=%type% runtime-link=%type% address-model=%bitness% --build-type=minimal --with-filesystem --with-program_options --with-date_time --stagedir=stage%bitness% >> c:\projects\instdir\build_boost.log
-    || type c:\projects\instdir\build_boost.log
-  )
-- if defined msvc if not exist C:\stage\OpenSSL-Win%bitness%-vc%msvc%-%type%\ (
-    cd \projects
-    && 7z x %OPENSSL%.zip > NUL
-    && cd openssl-%OPENSSL%
-    && perl Configure %openssl_target% no-rc2 no-rc4 no-rc5 no-idea no-bf no-cast no-whirlpool no-md2 no-md4 no-ripemd no-mdc2 no-camellia no-seed no-comp no-krb5 no-gmp no-rfc3779 no-ec2m no-ssl2 no-jpake no-srp no-sctp no-srtp --prefix=c:\stage\OpenSSL-Win%bitness%-vc%msvc%-%type% > c:\projects\instdir\build_openssl.log
-    && ( if "%x64%" == "1" ( ms\do_win64a >> c:\projects\instdir\build_openssl.log ) else ( ms\do_nasm >> c:\projects\instdir\build_openssl.log ) )
-    && nmake -f ms\nt%dll%.mak install >> c:\projects\instdir\build_openssl.log 2>&1
-    || type c:\projects\instdir\build_openssl.log
-  )
-- mklink /J \OpenSSL \stage\OpenSSL-Win%bitness%-vc%msvc%-%type%
-- rem already there: mingw-w64-i686-openssl mingw-w64-i686-gcc
-- if not defined msvc (
-    C:\msys64\usr\bin\bash -lc "pacman --needed --noconfirm -Sy bash pacman pacman-mirrors msys2-runtime msys2-runtime-devel cmake"
-    && if "%x64%" == "1" (
-      C:\msys64\usr\bin\bash -lc "pacman --noconfirm -S mingw-w64-x86_64-openssl mingw-w64-x86_64-boost mingw-w64-x86_64-miniupnpc mingw-w64-x86_64-extra-cmake-modules"
-    ) else (
-      C:\msys64\usr\bin\bash -lc "pacman --noconfirm -S mingw-w64-i686-openssl mingw-w64-i686-boost mingw-w64-i686-miniupnpc mingw-w64-i686-extra-cmake-modules"
-    )
-  )
-cache:
-- C:\projects\%OPENSSL%.zip
-- C:\projects\nasm-2.11.08-installer.exe
-- C:\projects\miniupnpc\%MINIUPNPC%.tar.gz
-- C:\stage
-- '%BOOST_ROOT%\stage32'
-- '%BOOST_ROOT%\stage64'
-- C:\projects\zlib\%ZLIB%.tar.gz
 build_script:
 - cmd: >-
-    mkdir \projects\build
+    cd \projects\i2pd
 
-    rem FIXME use fixup_bundle in cmake
+    echo MSYSTEM = %MSYSTEM%, bitness = %bitness%
 
-    rem msbuild i2pd.sln /p:Configuration=Release
+- c:\msys64\usr\bin\bash -lc "make USE_UPNP=yes -j2"
+- 7z a -tzip -mx9 -mmt i2pd-mingw-win%bitness%.zip i2pd.exe
 
-    if defined variant ( set cmake_extra=-DCMAKE_BUILD_TYPE=%variant% && set "cmake_build=--config %variant%" )
-
-    echo "bitness=%bitness%; static=%static%; dll=%dll%; type=%type%; generator=%generator%; variant=%variant%; cmake=%cmake%; cmake_extra=%cmake_extra%"
-- if not defined msvc (
-    C:\msys64\usr\bin\bash -lc "export PATH=/mingw%bitness%/bin:/usr/bin && cd /c/projects/build && CC=/mingw%bitness%/bin/gcc.exe CXX=/mingw%bitness%/bin/g++.exe /usr/bin/cmake /c/projects/i2pd/build -G 'Unix Makefiles' -DWITH_AESNI=ON -DWITH_UPNP=ON %cmake% %cmake_extra% -DWITH_STATIC=%static% -DWITH_HARDENING=ON -DCMAKE_INSTALL_PREFIX:PATH=/c/projects/instdir -DCMAKE_FIND_ROOT_PATH=/mingw%bitness% && make install"
-    && 7z a -tzip -mx9 -mmt C:\projects\i2pd\i2pd-mingw-win%bitness%-%type%.zip C:\projects\instdir\* C:\msys64\mingw%bitness%\bin\zlib1.dll C:\msys64\mingw%bitness%\bin\*eay32.dll
-  )
-- rem We are fine with multiple generated configurations in MS solution. Will use later
-- if defined msvc (
-    cd \projects\build
-    && cmake ..\i2pd\build -G "%generator%" -DWITH_UPNP=ON %cmake% -DWITH_STATIC=%static% -DZLIB_ROOT=%zlib_root% -DBoost_LIBRARY_DIR:PATH=%BOOST_ROOT%/stage%bitness%/lib -DCMAKE_INSTALL_PREFIX:PATH=c:/projects/instdir
-    && cmake --build . %cmake_build% --target install
-    && 7z a -tzip -mx9 -mmt C:\projects\i2pd\i2pd-vc%msvc%-win%bitness%-%type%.zip C:\projects\instdir\*
-    && cmake --build . %cmake_build% --target package
-    && xcopy i2pd*win*.exe ..\i2pd\
-  )
 test: off
+
 artifacts:
-- path: i2pd-vc12-win64-static.zip
-- path: i2pd-vc12-win32-static.zip
-- path: i2pd-vc12-win64-shared.zip
-- path: i2pd-vc12-win32-shared.zip
-- path: i2pd-vc14-win64-static.zip
-- path: i2pd-vc14-win32-static.zip
-- path: i2pd-vc14-win64-shared.zip
-- path: i2pd-vc14-win32-shared.zip
-- path: i2pd-mingw-win64-static.zip
-- path: i2pd-mingw-win32-static.zip
-- path: i2pd-mingw-win64-shared.zip
-- path: i2pd-mingw-win32-shared.zip
-- path: i2pd-2.1.0-win64.exe
-- path: i2pd-2.1.0-win32.exe
+- path: i2pd-mingw-win*.zip

build/.gitignore

@@ -8,3 +8,6 @@
 /CPackConfig.cmake
 /CPackSourceConfig.cmake
 /install_manifest.txt
+# windows build script
+i2pd*.zip
+build*.log

build/CMakeLists.txt

@@ -8,6 +8,7 @@ project ( "i2pd" )
 
 # configurale options
 option(WITH_AESNI     "Use AES-NI instructions set" OFF)
+option(WITH_AVX       "Use AVX instructions" OFF)
 option(WITH_HARDENING "Use hardening compiler flags" OFF)
 option(WITH_LIBRARY   "Build library" ON)
 option(WITH_BINARY    "Build binary" ON)
@@ -25,49 +26,57 @@ option(WITH_WEBSOCKETS "Build with websocket ui" OFF)
 set ( CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake_modules" )
 set ( CMAKE_SOURCE_DIR ".." )
 
+set(LIBI2PD_SRC_DIR ../libi2pd)
+set(LIBI2PD_CLIENT_SRC_DIR ../libi2pd_client)
+
+include_directories(${LIBI2PD_SRC_DIR})
+include_directories(${LIBI2PD_CLIENT_SRC_DIR})
+
 set (LIBI2PD_SRC
-  "${CMAKE_SOURCE_DIR}/BloomFilter.cpp"
-  "${CMAKE_SOURCE_DIR}/Config.cpp"
-  "${CMAKE_SOURCE_DIR}/Crypto.cpp"
-  "${CMAKE_SOURCE_DIR}/Garlic.cpp"
-  "${CMAKE_SOURCE_DIR}/Gzip.cpp"
-  "${CMAKE_SOURCE_DIR}/I2NPProtocol.cpp"
-  "${CMAKE_SOURCE_DIR}/Identity.cpp"
-  "${CMAKE_SOURCE_DIR}/LeaseSet.cpp"
-  "${CMAKE_SOURCE_DIR}/FS.cpp"
-  "${CMAKE_SOURCE_DIR}/Log.cpp"
-  "${CMAKE_SOURCE_DIR}/NTCPSession.cpp"
-  "${CMAKE_SOURCE_DIR}/NetDbRequests.cpp"	
-  "${CMAKE_SOURCE_DIR}/NetDb.cpp"
-  "${CMAKE_SOURCE_DIR}/Profiling.cpp"
-  "${CMAKE_SOURCE_DIR}/Reseed.cpp"
-  "${CMAKE_SOURCE_DIR}/RouterContext.cpp"
-  "${CMAKE_SOURCE_DIR}/RouterInfo.cpp"
-  "${CMAKE_SOURCE_DIR}/SSU.cpp"
-  "${CMAKE_SOURCE_DIR}/SSUData.cpp"
-  "${CMAKE_SOURCE_DIR}/SSUSession.cpp"
-  "${CMAKE_SOURCE_DIR}/Streaming.cpp"
-  "${CMAKE_SOURCE_DIR}/Destination.cpp"	
-  "${CMAKE_SOURCE_DIR}/TransitTunnel.cpp"
-  "${CMAKE_SOURCE_DIR}/Tunnel.cpp"
-  "${CMAKE_SOURCE_DIR}/TunnelGateway.cpp"
-  "${CMAKE_SOURCE_DIR}/Transports.cpp"
-  "${CMAKE_SOURCE_DIR}/TunnelEndpoint.cpp"
-  "${CMAKE_SOURCE_DIR}/TunnelPool.cpp"
-  "${CMAKE_SOURCE_DIR}/Base.cpp"
-  "${CMAKE_SOURCE_DIR}/util.cpp"
-  "${CMAKE_SOURCE_DIR}/Datagram.cpp"
-  "${CMAKE_SOURCE_DIR}/Family.cpp"
-  "${CMAKE_SOURCE_DIR}/Signature.cpp"
-  "${CMAKE_SOURCE_DIR}/Timestamp.cpp"	
-  "${CMAKE_SOURCE_DIR}/api.cpp"
-  "${CMAKE_SOURCE_DIR}/Event.cpp"
+  "${LIBI2PD_SRC_DIR}/BloomFilter.cpp"
+  "${LIBI2PD_SRC_DIR}/Config.cpp"
+  "${LIBI2PD_SRC_DIR}/Crypto.cpp"
+  "${LIBI2PD_SRC_DIR}/Garlic.cpp"
+  "${LIBI2PD_SRC_DIR}/Gzip.cpp"
+  "${LIBI2PD_SRC_DIR}/HTTP.cpp"
+  "${LIBI2PD_SRC_DIR}/I2NPProtocol.cpp"
+  "${LIBI2PD_SRC_DIR}/Identity.cpp"
+  "${LIBI2PD_SRC_DIR}/LeaseSet.cpp"
+  "${LIBI2PD_SRC_DIR}/FS.cpp"
+  "${LIBI2PD_SRC_DIR}/Log.cpp"
+  "${LIBI2PD_SRC_DIR}/NTCPSession.cpp"
+  "${LIBI2PD_SRC_DIR}/NetDbRequests.cpp"
+  "${LIBI2PD_SRC_DIR}/NetDb.cpp"
+  "${LIBI2PD_SRC_DIR}/Profiling.cpp"
+  "${LIBI2PD_SRC_DIR}/Reseed.cpp"
+  "${LIBI2PD_SRC_DIR}/RouterContext.cpp"
+  "${LIBI2PD_SRC_DIR}/RouterInfo.cpp"
+  "${LIBI2PD_SRC_DIR}/SSU.cpp"
+  "${LIBI2PD_SRC_DIR}/SSUData.cpp"
+  "${LIBI2PD_SRC_DIR}/SSUSession.cpp"
+  "${LIBI2PD_SRC_DIR}/Streaming.cpp"
+  "${LIBI2PD_SRC_DIR}/Destination.cpp"
+  "${LIBI2PD_SRC_DIR}/TransitTunnel.cpp"
+  "${LIBI2PD_SRC_DIR}/Tunnel.cpp"
+  "${LIBI2PD_SRC_DIR}/TunnelGateway.cpp"
+  "${LIBI2PD_SRC_DIR}/Transports.cpp"
+  "${LIBI2PD_SRC_DIR}/TunnelEndpoint.cpp"
+  "${LIBI2PD_SRC_DIR}/TunnelPool.cpp"
+  "${LIBI2PD_SRC_DIR}/Base.cpp"
+  "${LIBI2PD_SRC_DIR}/util.cpp"
+  "${LIBI2PD_SRC_DIR}/Datagram.cpp"
+  "${LIBI2PD_SRC_DIR}/Family.cpp"
+  "${LIBI2PD_SRC_DIR}/Signature.cpp"
+  "${LIBI2PD_SRC_DIR}/Timestamp.cpp"
+  "${LIBI2PD_SRC_DIR}/api.cpp"
+  "${LIBI2PD_SRC_DIR}/Event.cpp"
+  "${LIBI2PD_SRC_DIR}/Gost.cpp"
 )
 
 if (WITH_WEBSOCKETS)
   add_definitions(-DWITH_EVENTS)
   find_package(websocketpp REQUIRED)
-endif ()  
+endif ()
 
 if (CMAKE_SYSTEM_NAME STREQUAL "Windows" OR MSYS)
   list (APPEND LIBI2PD_SRC "${CMAKE_SOURCE_DIR}/I2PEndian.cpp")
@@ -88,30 +97,32 @@ install(TARGETS libi2pd
 # install(EXPORT libi2pd DESTINATION ${CMAKE_INSTALL_LIBDIR})
 
 set (CLIENT_SRC
-  "${CMAKE_SOURCE_DIR}/AddressBook.cpp"
-  "${CMAKE_SOURCE_DIR}/BOB.cpp"	
-  "${CMAKE_SOURCE_DIR}/ClientContext.cpp"
-  "${CMAKE_SOURCE_DIR}/I2PTunnel.cpp"
-  "${CMAKE_SOURCE_DIR}/I2PService.cpp"
-  "${CMAKE_SOURCE_DIR}/SAM.cpp"
-  "${CMAKE_SOURCE_DIR}/SOCKS.cpp"
-  "${CMAKE_SOURCE_DIR}/HTTP.cpp"
-  "${CMAKE_SOURCE_DIR}/HTTPProxy.cpp"
-  "${CMAKE_SOURCE_DIR}/I2CP.cpp"
-  "${CMAKE_SOURCE_DIR}/WebSocks.cpp"
-  )
+  "${LIBI2PD_CLIENT_SRC_DIR}/AddressBook.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/BOB.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/ClientContext.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/MatchedDestination.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/I2PTunnel.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/I2PService.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/SAM.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/SOCKS.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/HTTPProxy.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/I2CP.cpp"
+  "${LIBI2PD_CLIENT_SRC_DIR}/WebSocks.cpp"
+)
 
 if(WITH_WEBSOCKETS)
-  list (APPEND CLIENT_SRC "${CMAKE_SOURCE_DIR}/Websocket.cpp")
+  list (APPEND CLIENT_SRC "${LIBI2PD_CLIENT_SRC_DIR}/Websocket.cpp")
 endif ()
 add_library(i2pdclient ${CLIENT_SRC})
 
+set(DAEMON_SRC_DIR ../daemon)
+
 set (DAEMON_SRC
-  "${CMAKE_SOURCE_DIR}/Daemon.cpp"
-  "${CMAKE_SOURCE_DIR}/HTTPServer.cpp"
-  "${CMAKE_SOURCE_DIR}/I2PControl.cpp"
-  "${CMAKE_SOURCE_DIR}/i2pd.cpp"
-  "${CMAKE_SOURCE_DIR}/UPnP.cpp"
+  "${DAEMON_SRC_DIR}/Daemon.cpp"
+  "${DAEMON_SRC_DIR}/HTTPServer.cpp"
+  "${DAEMON_SRC_DIR}/I2PControl.cpp"
+  "${DAEMON_SRC_DIR}/i2pd.cpp"
+  "${DAEMON_SRC_DIR}/UPnP.cpp"
 )
 
 if (WITH_MESHNET)
@@ -176,22 +187,22 @@ endif ()
 
 # compiler flags customization (by system)
 if (CMAKE_SYSTEM_NAME STREQUAL "Linux")
-  list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/DaemonLinux.cpp")
+  list (APPEND DAEMON_SRC "${DAEMON_SRC_DIR}/UnixDaemon.cpp")
   # "'sleep_for' is not a member of 'std::this_thread'" in gcc 4.7/4.8
   add_definitions( "-D_GLIBCXX_USE_NANOSLEEP=1" )
 elseif (CMAKE_SYSTEM_NAME STREQUAL "FreeBSD")
-  list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/DaemonLinux.cpp")
+  list (APPEND DAEMON_SRC "${DAEMON_SRC_DIR}/UnixDaemon.cpp")
   # "'sleep_for' is not a member of 'std::this_thread'" in gcc 4.7/4.8
   add_definitions( "-D_GLIBCXX_USE_NANOSLEEP=1" )
 elseif (CMAKE_SYSTEM_NAME STREQUAL "Darwin")
-  list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/DaemonLinux.cpp")
-elseif (CMAKE_SYSTEM_NAME STREQUAL "OpenBSD")
-  list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/DaemonLinux.cpp")
-elseif (CMAKE_SYSTEM_NAME STREQUAL "Windows" OR MSYS)
-  list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/DaemonWin32.cpp")
+    list (APPEND DAEMON_SRC "${DAEMON_SRC_DIR}/UnixDaemon.cpp")
+  elseif (CMAKE_SYSTEM_NAME STREQUAL "OpenBSD")
+      list (APPEND DAEMON_SRC "${DAEMON_SRC_DIR}/UnixDaemon.cpp")
+    elseif (CMAKE_SYSTEM_NAME STREQUAL "Windows" OR MSYS)
+        list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/Win32/DaemonWin32.cpp")
   if (WITH_GUI)
     list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/Win32/Win32App.cpp")
-    set_source_files_properties("${CMAKE_SOURCE_DIR}/DaemonWin32.cpp"
+    set_source_files_properties("${CMAKE_SOURCE_DIR}/Win32/DaemonWin32.cpp"
       PROPERTIES COMPILE_DEFINITIONS WIN32_APP)
   endif ()
   list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/Win32/Win32Service.cpp")
@@ -203,6 +214,10 @@ if (WITH_AESNI)
   add_definitions ( -DAESNI )
 endif()
 
+if (WITH_AVX)
+  set ( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -mavx" )
+endif()
+
 if (WITH_ADDRSANITIZER)
   if (NOT MSVC)
     set( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=address -fno-omit-frame-pointer" )
@@ -273,7 +288,7 @@ endif ()
 
 if (WITH_PCH)
   include_directories(BEFORE ${CMAKE_BINARY_DIR})
-  add_library(stdafx STATIC "${CMAKE_SOURCE_DIR}/stdafx.cpp")
+  add_library(stdafx STATIC "${LIBI2PD_SRC_DIR}/stdafx.cpp")
   if(MSVC)
     target_compile_options(stdafx PRIVATE /Ycstdafx.h /Zm155)
     add_custom_command(TARGET stdafx POST_BUILD
@@ -289,10 +304,10 @@ if (WITH_PCH)
     get_directory_property(DEFS DEFINITIONS)
     string(REPLACE " " ";" FLAGS "${CMAKE_CXX_FLAGS} ${CMAKE_CXX_FLAGS_${BTU}} ${DEFS}")
     add_custom_command(TARGET stdafx PRE_BUILD
-      COMMAND ${CMAKE_CXX_COMPILER} ${FLAGS} -c ${CMAKE_CURRENT_SOURCE_DIR}/../stdafx.h -o ${CMAKE_BINARY_DIR}/stdafx.h.gch
+      COMMAND ${CMAKE_CXX_COMPILER} ${FLAGS} -c ${CMAKE_CURRENT_SOURCE_DIR}/../libi2pd/stdafx.h -o ${CMAKE_BINARY_DIR}/stdafx.h.gch
     )
-    target_compile_options(libi2pd PRIVATE -include stdafx.h)
-    target_compile_options(i2pdclient PRIVATE -include stdafx.h)
+    target_compile_options(libi2pd PRIVATE -include libi2pd/stdafx.h)
+    target_compile_options(i2pdclient PRIVATE -include libi2pd/stdafx.h)
   endif()
   target_link_libraries(libi2pd stdafx)
 endif()
@@ -356,7 +371,7 @@ include_directories( SYSTEM ${Boost_INCLUDE_DIRS} ${OPENSSL_INCLUDE_DIR} ${ZLIB_
 # warn if for meshnet
 if (WITH_MESHNET)
   message(STATUS "Building for testnet")
-  message(WARNING "This build will NOT work on mainline i2p")  
+  message(WARNING "This build will NOT work on mainline i2p")
 endif()
 
 
@@ -369,6 +384,7 @@ message(STATUS "Compiler path      : ${CMAKE_CXX_COMPILER}")
 message(STATUS "Install prefix:    : ${CMAKE_INSTALL_PREFIX}")
 message(STATUS "Options:")
 message(STATUS "  AESNI            : ${WITH_AESNI}")
+message(STATUS "  AVX              : ${WITH_AVX}")
 message(STATUS "  HARDENING        : ${WITH_HARDENING}")
 message(STATUS "  LIBRARY          : ${WITH_LIBRARY}")
 message(STATUS "  BINARY           : ${WITH_BINARY}")
@@ -400,7 +416,7 @@ if (WITH_BINARY)
     if (MSVC)
       target_compile_options("${PROJECT_NAME}" PRIVATE /FIstdafx.h /Yustdafx.h /Zm155 "/Fp${CMAKE_BINARY_DIR}/stdafx.dir/$<CONFIG>/stdafx.pch")
     else()
-      target_compile_options("${PROJECT_NAME}" PRIVATE -include stdafx.h)
+      target_compile_options("${PROJECT_NAME}" PRIVATE -include libi2pd/stdafx.h)
     endif()
   endif()
 
@@ -451,7 +467,7 @@ install(FILES "C:/projects/openssl-$ENV{OPENSSL}/LICENSE"
   OPTIONAL                      # for local builds only!
   )
 
-file(GLOB_RECURSE I2PD_SOURCES "../*.cpp" "../build" "../Win32" "../Makefile*")
+file(GLOB_RECURSE I2PD_SOURCES "../libi2pd/*.cpp" "../libi2pd_client/*.cpp" "../daemon/*.cpp" "../build" "../Win32" "../Makefile*")
 install(FILES ${I2PD_SOURCES} DESTINATION src/ COMPONENT Source)
 # install(DIRECTORY ../ DESTINATION src/
 #   # OPTIONAL
@@ -460,7 +476,7 @@ install(FILES ${I2PD_SOURCES} DESTINATION src/ COMPONENT Source)
 #   PATTERN "*.cpp"
 #   )
 
-file(GLOB I2PD_HEADERS "../*.h")
+file(GLOB I2PD_HEADERS "../libi2pd/*.h" "../libi2pd_client/*.h" "../daemon/*.h")
 install(FILES ${I2PD_HEADERS} DESTINATION src/ COMPONENT Headers)
 # install(DIRECTORY ../ DESTINATION src/
 #   # OPTIONAL
@@ -473,7 +489,7 @@ set(CPACK_PACKAGE_DESCRIPTION_SUMMARY "Purple I2P, a C++ I2P daemon")
 set(CPACK_PACKAGE_VENDOR "Purple I2P")
 set(CPACK_PACKAGE_DESCRIPTION_FILE "${CMAKE_CURRENT_SOURCE_DIR}/../README.md")
 set(CPACK_RESOURCE_FILE_LICENSE "${CMAKE_CURRENT_SOURCE_DIR}/../LICENSE")
-file(READ ../version.h version_h)
+file(READ ../libi2pd/version.h version_h)
 string(REGEX REPLACE ".*I2PD_VERSION_MAJOR ([0-9]+).*" "\\1" CPACK_PACKAGE_VERSION_MAJOR "${version_h}")
 string(REGEX REPLACE ".*I2PD_VERSION_MINOR ([0-9]+).*" "\\1" CPACK_PACKAGE_VERSION_MINOR "${version_h}")
 string(REGEX REPLACE ".*I2PD_VERSION_MICRO ([0-9]+).*" "\\1" CPACK_PACKAGE_VERSION_MICRO "${version_h}")

build/build_mingw.cmd

@@ -0,0 +1,62 @@
+@echo off
+setlocal enableextensions enabledelayedexpansion
+title Building i2pd
+
+REM Copyright (c) 2013-2017, The PurpleI2P Project
+REM This file is part of Purple i2pd project and licensed under BSD3
+REM See full license text in LICENSE file at top of project tree
+
+REM To use that script, you must have installed in your MSYS installation theese packages:
+REM Base: git make zip
+REM x86_64: mingw-w64-x86_64-boost mingw-w64-x86_64-openssl mingw-w64-x86_64-gcc
+REM i686: mingw-w64-i686-boost mingw-w64-i686-openssl mingw-w64-i686-gcc
+
+REM setting up variables for MSYS
+REM Note: if you installed MSYS64 to different path, edit WD variable (only C:\msys64 needed to edit)!
+set "WD=C:\msys64\usr\bin\"
+set MSYS2_PATH_TYPE=inherit
+set CHERE_INVOKING=enabled_from_arguments
+set MSYSTEM=MSYS
+
+REM detecting number of processors and subtract 1.
+set /a threads=%NUMBER_OF_PROCESSORS%-1
+
+REM we must work in root of repo
+cd ..
+
+echo Receiving latest commit and cleaning up...
+"%WD%bash" -lc "git pull && make clean" > build/build_git.log 2>&1
+echo.
+
+REM set to variable current commit hash
+FOR /F "usebackq" %%a IN (`%WD%bash -lc 'git describe --tags'`) DO (
+ set tag=%%a
+)
+
+REM starting building
+set MSYSTEM=MINGW32
+set bitness=32
+call :BUILDING
+echo.
+
+set MSYSTEM=MINGW64
+set bitness=64
+call :BUILDING
+echo.
+
+echo Build complete...
+pause
+exit /b 0
+
+:BUILDING
+echo Building i2pd %tag% for win%bitness%:
+echo Build AVX+AESNI...
+"%WD%bash" -lc "make USE_UPNP=yes USE_AVX=1 USE_AESNI=1 -j%threads% && zip -9 build/i2pd_%tag%_win%bitness%_mingw_avx_aesni.zip i2pd.exe && make clean" > build/build_win%bitness%_avx_aesni.log 2>&1
+echo Build AVX...
+"%WD%bash" -lc "make USE_UPNP=yes USE_AVX=1 -j%threads% && zip -9 build/i2pd_%tag%_win%bitness%_mingw_avx.zip i2pd.exe && make clean" > build/build_win%bitness%_avx.log 2>&1
+echo Build AESNI...
+"%WD%bash" -lc "make USE_UPNP=yes USE_AESNI=1 -j%threads% && zip -9 build/i2pd_%tag%_win%bitness%_mingw_aesni.zip i2pd.exe && make clean" > build/build_win%bitness%_aesni.log 2>&1
+echo Build without extensions...
+"%WD%bash" -lc "make USE_UPNP=yes -j%threads% && zip -9 build/i2pd_%tag%_win%bitness%_mingw.zip i2pd.exe && make clean" > build/build_win%bitness%.log 2>&1
+
+:EOF

contrib/.gitignore

@@ -1,2 +0,0 @@
-i2pd*.zip
-build*.log

contrib/build_mingw.cmd

@@ -1,22 +0,0 @@
-@echo off
-title <20><><EFBFBD>ઠ i2pd
-
-set "WD=C:\msys64"
-set CHERE_INVOKING=enabled_from_arguments
-set MSYSCON=mintty.exe
-
-echo <20><><EFBFBD>ઠ i2pd <20><><EFBFBD> win32. <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> Enter <20><>᫥ <20><><EFBFBD><EFBFBD>砭<EFBFBD><E7A0AD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>樨...
-set "MSYSTEM=MINGW32"
-set "CONTITLE=MinGW x32"
-start "%CONTITLE%" /WAIT C:\msys64\usr\bin\mintty.exe -i /msys2.ico /usr/bin/bash --login build_mingw.sh
-pause
-
-echo <20><><EFBFBD>ઠ i2pd <20><><EFBFBD> win64. <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> Enter <20><>᫥ <20><><EFBFBD><EFBFBD>砭<EFBFBD><E7A0AD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>樨...
-set "MSYSTEM=MINGW64"
-set "CONTITLE=MinGW x64"
-start "%CONTITLE%" /WAIT C:\msys64\usr\bin\mintty.exe -i /msys2.ico /usr/bin/bash --login build_mingw.sh
-pause
-
-echo <20><><EFBFBD>ઠ <20><><EFBFBD><EFBFBD><EFBFBD>襭<EFBFBD>...
-pause
-exit /b 0

contrib/build_mingw.sh

@@ -1,84 +0,0 @@
-#!/bin/sh
-
-# Определяем архитектуру.
-if [ $MSYSTEM == MINGW64 ]; then
-	export arch="win64"
-elif [ $MSYSTEM == MINGW32 ]; then
-	export arch="win32"
-else 
-	echo "Не могу понять, какая у вас архитектура, используемая для сборки.";
-	echo "Вы точно запустили скрипт в оболочке MSYS2 MinGW [64/32]-bit ?";
-	echo "Обычно её можно запустить выполнив c:\msys64\mingw64.exe или c:\msys64\mingw32.exe";
-	exit 1;
-fi;
-
-# Задаём переменной contrib текущий путь и переходим на уровень выше.
-export contrib=$PWD
-cd ..
-
-# Очистка от предыдущей сборки (на всякий случай =) ).
-make clean >> /dev/null
-
-# Обновляем репозиторий, и получаем хеш последнего коммита.
-echo "Получаем обновления из репозитория.";
-git pull
-if [ "$?" != 0 ]; then
-	echo "Не удалось обновить локальный репозиторий.";
-	echo "Вы точно запустили скрипт в папке репозитория?";
-	exit 1;
-fi;
-
-export commit=$(git rev-parse --verify HEAD | cut -c -7)
-if [ -z commit ]; then
-	echo "Не удалось получить хеш последнего коммита.";
-	echo "Вы точно запустили скрипт в папке репозитория?";
-	exit 1;
-fi;
-
-# Получаем версию приложения
-export version=$(grep -E "I2PD_VERSION_(MAJOR|MINOR|MICRO)\ " version.h | grep -oE '[^ ]+$' | tr '\n' '.'|head -c -1)
-
-# Получаем количество ядер, и уменьшаем количество потоков на 1 от количества ядер (если их больше чем 1).
-if [ $NUMBER_OF_PROCESSORS -ge 2 ]; then
-	export threads=$(( $NUMBER_OF_PROCESSORS - 1 ))
-else
-	export threads=$NUMBER_OF_PROCESSORS
-fi;
-
-echo "Собираем i2pd ${version} (коммит ${commit}) для ${arch}.";
-
-# Собираем приложение с разными параметрами, и архивируем в zip архивы.
-make USE_UPNP=yes USE_AVX=1 USE_AESNI=1 -j ${threads} > ${contrib}/build_avx_aesni.log 2>&1
-if [ "$?" != 0 ]; then
-	echo "Сборка не удалась. Смотрите в build_avx_aesni.log";
-	exit 1;
-fi;
-zip -9 ${contrib}/i2pd_${version}_${commit}_${arch}_mingw_avx_aesni.zip i2pd.exe >> /dev/null
-make clean >> /dev/null
-
-make USE_UPNP=yes USE_AVX=1 -j ${threads} > ${contrib}/build_avx.log 2>&1
-if [ "$?" != 0 ]; then
-	echo "Сборка не удалась. Смотрите в build_avx.log.";
-	exit 1;
-fi;
-zip -9 ${contrib}/i2pd_${version}_${commit}_${arch}_mingw_avx.zip i2pd.exe >> /dev/null
-make clean >> /dev/null
-
-make USE_UPNP=yes USE_AESNI=1 -j ${threads} > ${contrib}/build_aesni.log 2>&1
-if [ "$?" != 0 ]; then
-	echo "Сборка не удалась. Смотрите в build_aesni.log";
-	exit 1;
-fi;
-zip -9 ${contrib}/i2pd_${version}_${commit}_${arch}_mingw_aesni.zip i2pd.exe >> /dev/null
-make clean >> /dev/null
-
-make USE_UPNP=yes -j ${threads} > ${contrib}/build.log 2>&1
-if [ "$?" != 0 ]; then
-	echo "Сборка не удалась. Смотрите в build.log";
-	exit 1;
-fi;
-zip -9 ${contrib}/i2pd_${version}_${commit}_${arch}_mingw.zip i2pd.exe >> /dev/null
-make clean >> /dev/null
-
-echo "Сборка i2pd ${version} для ${arch} завершена.";
-exit 0;

contrib/certificates/reseed/randomrng_at_mail.i2p.crt

@@ -0,0 +1,34 @@
+-----BEGIN CERTIFICATE-----
+MIIFzTCCA7WgAwIBAgIQAkW0dwrp8UmNi9MTzU4/QjANBgkqhkiG9w0BAQsFADBy
+MQswCQYDVQQGEwJYWDELMAkGA1UEBxMCWFgxCzAJBgNVBAkTAlhYMR4wHAYDVQQK
+ExVJMlAgQW5vbnltb3VzIE5ldHdvcmsxDDAKBgNVBAsTA0kyUDEbMBkGA1UEAwwS
+cmFuZG9tcm5nQG1haWwuaTJwMB4XDTE3MDIyNTE2MTgyM1oXDTI3MDIyNTE2MTgy
+M1owcjELMAkGA1UEBhMCWFgxCzAJBgNVBAcTAlhYMQswCQYDVQQJEwJYWDEeMBwG
+A1UEChMVSTJQIEFub255bW91cyBOZXR3b3JrMQwwCgYDVQQLEwNJMlAxGzAZBgNV
+BAMMEnJhbmRvbXJuZ0BtYWlsLmkycDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC
+AgoCggIBAMSUiFKmGKb5sDkuB1mEGfXikfOJA5ATgMROXyY0XkwLWedBCC6pa1/X
+cVOfPDmDdmkPO8Brep7D2CLq21BBb4lAH7LrKHrABNjf1kfAwRAYMon9HsW3Yn+O
+yIAvGbVTXqQlWpeL1ZRGFhU/5h/D5UtEpcIyG0lkBYRfZ52wFKP2WP52TBcGVpj8
+wBQnXfGmAhRUQfKDmJVCB5GLzNSxrmbhbdyBzZMoeOLTaTfMfb7jSIakYzH4f0TZ
+1VE5+z+1BkJ53qVRH7IV1UBtSIBGD/L84wkqM5mIGKnZXiOyZxfKvS/sGr7WZuMu
+NK3ugCFfTZnxYtb0dDPaqeXrdB3OKE/d5ghAOcIyBWrfsRQJlaHSIwvpqz7Hr7vA
+3xSklkvvJoGwCIy2/+bFGP+Z6ietzvF9/mr1NcwxXGH32zjVmDSto+yaDjsMGFu1
+y4L4wUsOQOVsgNYPECC2HZOisUm/iYdw1+Y/PbgZS0sG3KzBZ1HYsvvFiTLZiyZR
++ZFTLmBoI3DPMfmTf0lRWXXWgUnWXDkxqBAV/fvmAc3XQfpI4HrkAYOllmAIStr9
+7OVsBAJiMcYWzx0UIZGBG+PE9uxHnGxVX64n2lKYLoXLWFURVoFJIYn7AJaxTv0N
+r0IduERKqoQ0wyCjZ6RJOtz26GFUe1bPa7rc/VgfbZwUbF17lzAVAgMBAAGjXzBd
+MA4GA1UdDwEB/wQEAwIChDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEw
+DwYDVR0TAQH/BAUwAwEB/zAbBgNVHQ4EFAQScmFuZG9tcm5nQG1haWwuaTJwMA0G
+CSqGSIb3DQEBCwUAA4ICAQAi4OOKzy7TcaFZccl2lmKp1wxDmaSaf/dhaqpaSKMS
+zzvgO9XIq6CLEY/YqSm5AjU8PsclaC8+g20THCSUHntL3Jxu2dw1m/H30Mg0I1uJ
+G7pyIVYwuwkdbalGQOaS0u3grzWnbCGMzuqeMBi8EBsZ5jsT5LGjgy1GE+BXl2tv
+9EEWhy8dSVh3cy1iaAM6ZhCyj4rSw4odQqH2NWDOFt52cycHe/rpvKKD1AlrmFHQ
+w18WnfUhr43JAyTWKxg/6uwdxb+cBTX0cad8lbOtQLiqNwOxQvEi/4uRrkdKtbRf
+Z+MUI0XIopH2XV5lLExtxXStAaB4mZTgAbFPCnBC0wKQh/sgdXmUWsEEk610NShC
+26jtXuPb43cDyCewUNCZ+jtzbc9pl6/SyatY/i2gAHamvGmeVJFzQkHe7YHRdzeR
+RIqnWGlwSh0roPPRCU2dNdBZ0uH9lYbkG0IzGmEtks+KQqG+1H0yZkSCmArarLfj
+aU5UslG+Zf1imqXtz5kFD/UMMuaQW05Sa/0YO6gW/hLtChHI5Jpd/Qb/KqLkPAM3
+PEVs4H5ZMVa6mLUsLIw9Ra2QozdB9lqoZBMRa0jqgJKxnAgNcWpYtTyJ2PtfA9oE
+xmjE6O3FlNSee4aKxZ2Kz7cTufd/+ndsSSeNuRLQVihXKNqkrQIuow+H/KDw930c
+Cw==
+-----END CERTIFICATE-----

contrib/i2pd.conf

@@ -64,12 +64,13 @@ ipv6 = false
 # nat = true
 
 ## Bandwidth configuration
-## L limit bandwidth to 32Kbs/sec, O - to 256Kbs/sec, P - to 2048Kbs/sec,
+## L limit bandwidth to 32KBs/sec, O - to 256KBs/sec, P - to 2048KBs/sec,
 ## X - unlimited
 ## Default is X for floodfill, L for regular node
 # bandwidth = L
 
-## Router will not accept transit tunnels at startup
+## Router will not accept transit tunnels, disabling transit traffic completely
+## (default = false)
 # notransit = true
 
 ## Router will be floodfill
@@ -141,7 +142,7 @@ port = 4447
 
 [sam]
 ## Uncomment and set to 'true' to enable SAM Bridge
-# enabled = false
+enabled = true
 ## Address and port service will listen on
 # address = 127.0.0.1
 # port = 7656

contrib/rpm/i2pd.spec

@@ -1,6 +1,8 @@
+%define build_timestamp %(date +"%Y%m%d")
+
 Name:           i2pd
-Version:        2.10.0
-Release:        3%{?dist}
+Version:        2.12.0
+Release:        %{build_timestamp}git%{?dist}
 Summary:        I2P router written in C++
 
 License:        BSD
@@ -101,6 +103,23 @@ getent passwd i2pd >/dev/null || \
 
 
 %changelog
+* Tue Feb 14 2017 orignal <i2porignal@yandex.ru> - 2.12.0
+- Additional HTTP and SOCKS proxy tunnels
+- Reseed from ZIP archive
+- 'X' bandwidth code
+- Reduced memory and file descriptors usage
+
+* Mon Dec 19 2016 orignal <i2porignal@yandex.ru> - 2.11.0
+- Full support of zero-hops tunnels
+- Tunnel configuration for HTTP and SOCKS proxy
+- Websockets support
+- Multiple acceptors for SAM destination
+- Routing path for UDP tunnels
+- Reseed through a floodfill
+- Use AVX instructions for DHT and HMAC if applicable
+- Fixed UPnP discovery bug, producing excessive CPU usage
+- Handle multiple lookups of the same LeaseSet correctly
+
 * Tue Oct 20 2016 Anatolii Vorona <vorona.tolik@gmail.com> - 2.10.0-3
 - add support C7
 - move rpm-related files to contrib folder

contrib/tunnels.conf

@@ -1,4 +1,4 @@
-[IRC]
+[IRC-IRC2P]
 type = client
 address = 127.0.0.1
 port = 6668
@@ -6,6 +6,14 @@ destination = irc.postman.i2p
 destinationport = 6667
 keys = irc-keys.dat
 
+#[IRC-ILITA]
+#type = client
+#address = 127.0.0.1
+#port = 6669
+#destination = irc.ilita.i2p
+#destinationport = 6667
+#keys = irc-keys.dat
+
 #[SMTP]
 #type = client
 #address = 127.0.0.1
@@ -22,12 +30,4 @@ keys = irc-keys.dat
 #destinationport = 110
 #keys = pop3-keys.dat
 
-#[MTN]
-#type = client
-#address = 127.0.0.1
-#port = 8998
-#destination = mtn.i2p-projekt.i2p
-#destinationport = 4691
-#keys = mtn-keys.dat
-
 # see more examples in /usr/share/doc/i2pd/configuration.md.gz

daemon/Daemon.cpp

@@ -14,7 +14,7 @@
 #include "RouterContext.h"
 #include "Tunnel.h"
 #include "HTTP.h"
-#include "NetDb.h"
+#include "NetDb.hpp"
 #include "Garlic.h"
 #include "Streaming.h"
 #include "Destination.h"
@@ -115,6 +115,12 @@ namespace i2p
 			}
 
 			LogPrint(eLogInfo,	"i2pd v", VERSION, " starting");
+#ifdef AESNI
+			LogPrint(eLogInfo,	"AESNI enabled");
+#endif
+#if defined(__AVX__)
+			LogPrint(eLogInfo,	"AVX enabled"); 
+#endif
 			LogPrint(eLogDebug, "FS: main config file: ", config);
 			LogPrint(eLogDebug, "FS: data directory: ", datadir);
 
@@ -140,7 +146,7 @@ namespace i2p
 			}
 			i2p::context.SetSupportsV6		 (ipv6);
 			i2p::context.SetSupportsV4		 (ipv4);
-			
+
 			bool transit; i2p::config::GetOption("notransit", transit);
 			i2p::context.SetAcceptsTunnels (!transit);
 			uint16_t transitTunnels; i2p::config::GetOption("limits.transittunnels", transitTunnels);
@@ -157,17 +163,17 @@ namespace i2p
 			/* this section also honors 'floodfill' flag, if set above */
 			std::string bandwidth; i2p::config::GetOption("bandwidth", bandwidth);
 			if (bandwidth.length () > 0)
-			{	
-				if (bandwidth[0] >= 'K' && bandwidth[0] <= 'X') 
+			{
+				if (bandwidth[0] >= 'K' && bandwidth[0] <= 'X')
 				{
 					i2p::context.SetBandwidth (bandwidth[0]);
 					LogPrint(eLogInfo, "Daemon: bandwidth set to ", i2p::context.GetBandwidthLimit (), "KBps");
-				} 
-				else 
+				}
+				else
 				{
 					auto value = std::atoi(bandwidth.c_str());
-					if (value > 0) 
-					{	
+					if (value > 0)
+					{
 						i2p::context.SetBandwidth (value);
 						LogPrint(eLogInfo, "Daemon: bandwidth set to ", i2p::context.GetBandwidthLimit (), " KBps");
 					}
@@ -175,24 +181,27 @@ namespace i2p
 					{
 						LogPrint(eLogInfo, "Daemon: unexpected bandwidth ", bandwidth, ". Set to 'low'");
 						i2p::context.SetBandwidth (i2p::data::CAPS_FLAG_LOW_BANDWIDTH2);
-					}	
-				}	
-			}	
-			else if (isFloodfill) 
+					}
+				}
+			}
+			else if (isFloodfill)
 			{
 				LogPrint(eLogInfo, "Daemon: floodfill bandwidth set to 'extra'");
 				i2p::context.SetBandwidth (i2p::data::CAPS_FLAG_EXTRA_BANDWIDTH1);
-			} 
+			}
 			else
 			{
 				LogPrint(eLogInfo, "Daemon: bandwidth set to 'low'");
 				i2p::context.SetBandwidth (i2p::data::CAPS_FLAG_LOW_BANDWIDTH2);
-			}	
+			}
+
+			int shareRatio; i2p::config::GetOption("share", shareRatio);
+			i2p::context.SetShareRatio (shareRatio);
 
 			std::string family; i2p::config::GetOption("family", family);
 			i2p::context.SetFamily (family);
 			if (family.length () > 0)
-				LogPrint(eLogInfo, "Daemon: family set to ", family);	
+				LogPrint(eLogInfo, "Daemon: family set to ", family);
 
       bool trust; i2p::config::GetOption("trust.enabled", trust);
       if (trust)
@@ -211,7 +220,7 @@ namespace i2p
 						fams.insert (fam.substr (pos, comma != std::string::npos ? comma - pos : std::string::npos));
 						pos = comma + 1;
 					}
-					while (comma != std::string::npos);				 
+					while (comma != std::string::npos);
 					i2p::transport::transports.RestrictRoutesToFamilies(fams);
 					restricted  = fams.size() > 0;
         }
@@ -222,11 +231,11 @@ namespace i2p
 					{
 						comma = routers.find (',', pos);
 						i2p::data::IdentHash ident;
-						ident.FromBase64 (routers.substr (pos, comma != std::string::npos ? comma - pos : std::string::npos));	
+						ident.FromBase64 (routers.substr (pos, comma != std::string::npos ? comma - pos : std::string::npos));
 						idents.insert (ident);
 						pos = comma + 1;
 					}
-					while (comma != std::string::npos);				 
+					while (comma != std::string::npos);
 					LogPrint(eLogInfo, "Daemon: setting restricted routes to use ", idents.size(), " trusted routesrs");
 					i2p::transport::transports.RestrictRoutesToRouters(idents);
 					restricted = idents.size() > 0;
@@ -242,7 +251,7 @@ namespace i2p
       }
       return true;
 		}
-			
+
 		bool Daemon_Singleton::start()
 		{
 			i2p::log::Logger().Start();
@@ -260,6 +269,7 @@ namespace i2p
 			LogPrint(eLogInfo, "Daemon: starting Transports");
 			if(!ssu) LogPrint(eLogInfo, "Daemon: ssu disabled");
 			if(!ntcp) LogPrint(eLogInfo, "Daemon: ntcp disabled");
+
 			i2p::transport::transports.Start(ntcp, ssu);
 			if (i2p::transport::transports.IsBoundNTCP() || i2p::transport::transports.IsBoundSSU()) {
 				LogPrint(eLogInfo, "Daemon: Transports started");
@@ -270,7 +280,7 @@ namespace i2p
 				i2p::data::netdb.Stop();
 				return false;
 			}
-						
+
 			bool http; i2p::config::GetOption("http.enabled", http);
 			if (http) {
 				std::string httpAddr; i2p::config::GetOption("http.address", httpAddr);
@@ -280,7 +290,7 @@ namespace i2p
 				d.httpServer->Start();
 			}
 
-			
+
 			LogPrint(eLogInfo, "Daemon: starting Tunnels");
 			i2p::tunnel::tunnels.Start();
 

daemon/HTTPServer.cpp

@@ -11,9 +11,8 @@
 #include "Log.h"
 #include "Config.h"
 #include "Tunnel.h"
-#include "TransitTunnel.h"
 #include "Transports.h"
-#include "NetDb.h"
+#include "NetDb.hpp"
 #include "HTTP.h"
 #include "LeaseSet.h"
 #include "Destination.h"
@@ -109,6 +108,18 @@ namespace http {
 		s << seconds << " seconds";
 	}
 
+	static void ShowTraffic (std::stringstream& s, uint64_t bytes)
+	{
+		s << std::fixed << std::setprecision(2);
+		auto numKBytes = (double) bytes / 1024;
+		if (numKBytes < 1024)
+			s << numKBytes << " KiB";
+		else if (numKBytes < 1024 * 1024)
+			s << numKBytes / 1024 << " MiB";
+		else
+			s << numKBytes / 1024 / 1024 << " GiB";
+	}
+
 	static void ShowTunnelDetails (std::stringstream& s, enum i2p::tunnel::TunnelState eState, int bytes)
 	{
 		std::string state;
@@ -212,24 +223,14 @@ namespace http {
 			s << "<b>Family:</b> " << family << "<br>\r\n";
 		s << "<b>Tunnel creation success rate:</b> " << i2p::tunnel::tunnels.GetTunnelCreationSuccessRate () << "%<br>\r\n";
 		s << "<b>Received:</b> ";
-		s << std::fixed << std::setprecision(2);
-		auto numKBytesReceived = (double) i2p::transport::transports.GetTotalReceivedBytes () / 1024;
-		if (numKBytesReceived < 1024)
-			s << numKBytesReceived << " KiB";
-		else if (numKBytesReceived < 1024 * 1024)
-			s << numKBytesReceived / 1024 << " MiB";
-		else
-			s << numKBytesReceived / 1024 / 1024 << " GiB";
+		ShowTraffic (s, i2p::transport::transports.GetTotalReceivedBytes ());
 		s << " (" << (double) i2p::transport::transports.GetInBandwidth () / 1024 << " KiB/s)<br>\r\n";
 		s << "<b>Sent:</b> ";
-		auto numKBytesSent = (double) i2p::transport::transports.GetTotalSentBytes () / 1024;
-		if (numKBytesSent < 1024)
-			s << numKBytesSent << " KiB";
-		else if (numKBytesSent < 1024 * 1024)
-			s << numKBytesSent / 1024 << " MiB";
-		else
-			s << numKBytesSent / 1024 / 1024 << " GiB";
+		ShowTraffic (s, i2p::transport::transports.GetTotalSentBytes ());
 		s << " (" << (double) i2p::transport::transports.GetOutBandwidth () / 1024 << " KiB/s)<br>\r\n";
+		s << "<b>Transit:</b> ";
+		ShowTraffic (s, i2p::transport::transports.GetTotalTransitTransmittedBytes ());
+		s << " (" << (double) i2p::transport::transports.GetTransitBandwidth () / 1024 << " KiB/s)<br>\r\n";		
 		s << "<b>Data path:</b> " << i2p::fs::GetDataDir() << "<br>\r\n";
 		s << "<div class='slide'\r\n><label for='slide1'>Hidden content. Press on text to see.</label>\r\n<input type='checkbox' id='slide1'/>\r\n<p class='content'>\r\n";
 		s << "<b>Router Ident:</b> " << i2p::context.GetRouterInfo().GetIdentHashBase64() << "<br>\r\n";

daemon/I2PControl.cpp

@@ -17,7 +17,7 @@
 #include "FS.h"
 #include "Log.h"
 #include "Config.h"
-#include "NetDb.h"
+#include "NetDb.hpp"
 #include "RouterContext.h"
 #include "Daemon.h"
 #include "Tunnel.h"

daemon/UPnP.cpp

@@ -0,0 +1,205 @@
+#ifdef USE_UPNP
+#include <string>
+#include <thread>
+
+#include <boost/thread/thread.hpp>
+#include <boost/asio.hpp>
+#include <boost/bind.hpp>
+
+#include "Log.h"
+
+#include "RouterContext.h"
+#include "UPnP.h"
+#include "NetDb.hpp"
+#include "util.h"
+#include "RouterInfo.h"
+#include "Config.h"
+
+#include <miniupnpc/miniupnpc.h>
+#include <miniupnpc/upnpcommands.h>
+
+namespace i2p
+{
+namespace transport
+{
+	UPnP::UPnP () : m_IsRunning(false), m_Thread (nullptr), m_Timer (m_Service)
+	{
+	}
+
+	void UPnP::Stop ()
+	{
+		if (m_IsRunning)
+		{
+			LogPrint(eLogInfo, "UPnP: stopping");
+			m_IsRunning = false;
+			m_Timer.cancel ();
+			m_Service.stop ();
+			if (m_Thread)
+			{
+				m_Thread->join ();
+				m_Thread.reset (nullptr);
+			}
+			CloseMapping ();
+			Close ();
+		}
+	}
+
+	void UPnP::Start()
+	{
+		m_IsRunning = true;
+		LogPrint(eLogInfo, "UPnP: starting");
+		m_Service.post (std::bind (&UPnP::Discover, this));
+		std::unique_lock<std::mutex> l(m_StartedMutex);
+		m_Thread.reset (new std::thread (std::bind (&UPnP::Run, this)));
+		m_Started.wait_for (l, std::chrono::seconds (5)); // 5 seconds maximum
+	}
+
+	UPnP::~UPnP ()
+	{
+		Stop ();
+	}
+
+	void UPnP::Run ()
+	{
+		while (m_IsRunning)
+		{
+			try
+			{
+				m_Service.run ();
+				// Discover failed
+				break; // terminate the thread
+			}
+			catch (std::exception& ex)
+			{
+				LogPrint (eLogError, "UPnP: runtime exception: ", ex.what ());
+				PortMapping ();
+			}
+		}
+	}
+
+	void UPnP::Discover ()
+	{
+		int nerror = 0;
+#if MINIUPNPC_API_VERSION >= 14
+		m_Devlist = upnpDiscover (2000, m_MulticastIf, m_Minissdpdpath, 0, 0, 2, &nerror);
+#else
+		m_Devlist = upnpDiscover (2000, m_MulticastIf, m_Minissdpdpath, 0, 0, &nerror);
+#endif
+		{
+			// notify satrting thread
+			std::unique_lock<std::mutex> l(m_StartedMutex);
+			m_Started.notify_all ();
+		}
+
+		int r;
+		r = UPNP_GetValidIGD (m_Devlist, &m_upnpUrls, &m_upnpData, m_NetworkAddr, sizeof (m_NetworkAddr));
+		if (r == 1)
+		{
+			r = UPNP_GetExternalIPAddress (m_upnpUrls.controlURL, m_upnpData.first.servicetype, m_externalIPAddress);
+			if(r != UPNPCOMMAND_SUCCESS)
+			{
+				LogPrint (eLogError, "UPnP: UPNP_GetExternalIPAddress() returned ", r);
+				return;
+			}
+			else
+			{
+				if (!m_externalIPAddress[0])
+				{
+					LogPrint (eLogError, "UPnP: GetExternalIPAddress() failed.");
+					return;
+				}
+			}
+		}
+		else
+		{
+			LogPrint (eLogError, "UPnP: GetValidIGD() failed.");
+			return;
+		}
+
+		// UPnP discovered
+		LogPrint (eLogDebug, "UPnP: ExternalIPAddress is ", m_externalIPAddress);
+		i2p::context.UpdateAddress (boost::asio::ip::address::from_string (m_externalIPAddress));
+		// port mapping
+		PortMapping ();
+	}
+
+	void UPnP::PortMapping ()
+	{
+		const auto& a = context.GetRouterInfo().GetAddresses();
+		for (const auto& address : a)
+		{
+			if (!address->host.is_v6 ())
+			TryPortMapping (address);
+		}
+		m_Timer.expires_from_now (boost::posix_time::minutes(20));	// every 20 minutes
+		m_Timer.async_wait ([this](const boost::system::error_code& ecode)
+		{
+			if (ecode != boost::asio::error::operation_aborted)
+			PortMapping ();
+		});
+
+	}
+
+	void UPnP::CloseMapping ()
+	{
+		const auto& a = context.GetRouterInfo().GetAddresses();
+		for (const auto& address : a)
+		{
+			if (!address->host.is_v6 ())
+			CloseMapping (address);
+		}
+	}
+
+	void UPnP::TryPortMapping (std::shared_ptr<i2p::data::RouterInfo::Address> address)
+	{
+		std::string strType (GetProto (address)), strPort (std::to_string (address->port));
+		int r;
+		std::string strDesc; i2p::config::GetOption("upnp.name", strDesc);
+		r = UPNP_AddPortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strPort.c_str (), m_NetworkAddr, strDesc.c_str (), strType.c_str (), 0, "0");
+		if (r!=UPNPCOMMAND_SUCCESS)
+		{
+			LogPrint (eLogError, "UPnP: AddPortMapping (", m_NetworkAddr, ":", strPort, ") failed with code ", r);
+			return;
+		}
+		else
+		{
+			LogPrint (eLogDebug, "UPnP: Port Mapping successful. (", m_NetworkAddr ,":", strPort, " type ", strType, " -> ", m_externalIPAddress ,":", strPort ,")");
+			return;
+		}
+	}
+
+	void UPnP::CloseMapping (std::shared_ptr<i2p::data::RouterInfo::Address> address)
+	{
+		std::string strType (GetProto (address)), strPort (std::to_string (address->port));
+		int r = 0;
+		r = UPNP_DeletePortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strType.c_str (), 0);
+		LogPrint (eLogError, "UPnP: DeletePortMapping() returned : ", r);
+	}
+
+	void UPnP::Close ()
+	{
+		freeUPNPDevlist (m_Devlist);
+		m_Devlist = 0;
+		FreeUPNPUrls (&m_upnpUrls);
+	}
+
+	std::string UPnP::GetProto (std::shared_ptr<i2p::data::RouterInfo::Address> address)
+	{
+		switch (address->transportStyle)
+		{
+			case i2p::data::RouterInfo::eTransportNTCP:
+			return "TCP";
+			break;
+			case i2p::data::RouterInfo::eTransportSSU:
+			default:
+			return "UDP";
+		}
+	}
+}
+}
+#else /* USE_UPNP */
+namespace i2p {
+namespace transport {
+}
+}
+#endif /* USE_UPNP */

daemon/UnixDaemon.cpp

@@ -42,6 +42,9 @@ void handle_signal(int sig)
 		case SIGTERM:
 			Daemon.running = 0; // Exit loop
 		break;
+		case SIGPIPE:
+			LogPrint(eLogInfo, "SIGPIPE received");
+		break;
 	}
 }
 
@@ -160,6 +163,7 @@ namespace i2p
 			sigaction(SIGABRT, &sa, 0);
 			sigaction(SIGTERM, &sa, 0);
 			sigaction(SIGINT, &sa, 0);
+			sigaction(SIGPIPE, &sa, 0);			
 
 			return Daemon_Singleton::start();
 		}

debian/changelog

@@ -1,8 +1,26 @@
+i2pd (2.14.0-1) unstable; urgency=low
+
+  * updated to version 2.14.0/0.9.30
+  * updated debian/control
+  * renamed logrotate to i2pd.logrotate
+  * fixed init.d script
+
+ -- orignal <orignal@i2pmail.org>  Thu, 1 Jun 2017 14:00:00 +0000
+
+i2pd (2.13.0-1) unstable; urgency=low
+
+  * updated to version 2.13.0/0.9.29
+  * updated debian/control
+  * renamed logrotate to i2pd.logrotate
+  * fixed init.d script
+
+ -- orignal <orignal@i2pmail.org>  Thu, 6 Apr 2017 14:00:00 +0000
+
 i2pd (2.12.0-1) unstable; urgency=low
 
   * updated to version 2.12.0/0.9.28
 
- -- orignal <orignal@i2pmail.org>  Tue, 14 Feb 2016 17:59:30 +0000
+ -- orignal <orignal@i2pmail.org>  Tue, 14 Feb 2017 17:59:30 +0000
 
 i2pd (2.11.0-1) unstable; urgency=low
 

debian/control

@@ -1,17 +1,10 @@
 Source: i2pd
 Section: net
-Priority: extra
+Priority: optional
 Maintainer: R4SAS <r4sas@i2pmail.org>
-Build-Depends: debhelper (>= 9.0.0), dpkg-dev (>= 1.16.1~),
- gcc (>= 4.7) | clang (>= 3.3),
- libboost-system-dev (>= 1.46),
- libboost-date-time-dev,
- libboost-filesystem-dev,
- libboost-program-options-dev,
- libminiupnpc-dev,
- libssl-dev
-Standards-Version: 3.9.3
-Homepage: https://github.com/PurpleI2P/i2pd
+Build-Depends: debhelper (>= 9), dpkg-dev (>= 1.16.1~), gcc (>= 4.7) | clang (>= 3.3), libboost-system-dev (>= 1.46), libboost-date-time-dev, libboost-filesystem-dev, libboost-program-options-dev, libminiupnpc-dev, libssl-dev, zlib1g-dev
+Standards-Version: 3.9.6
+Homepage: http://i2pd.website/
 Vcs-Git: git://github.com/PurpleI2P/i2pd.git
 Vcs-Browser: https://github.com/PurpleI2P/i2pd.git
 
@@ -19,26 +12,23 @@ Package: i2pd
 Architecture: any
 Pre-Depends: adduser
 Depends: ${shlibs:Depends}, ${misc:Depends}
-Recommends: privoxy
-Suggests: tor
-Description: load-balanced unspoofable packet switching network - C++ port
- I2P is an anonymizing network, offering a simple layer that identity-sensitive
- applications can use to securely communicate. All data is wrapped with several
- layers of encryption, and the network is both distributed and dynamic, with no
- trusted parties.
+Suggests: tor, privoxy
+Description: A full-featured C++ implementation of I2P client.
+ I2P (Invisible Internet Protocol) is a universal anonymous network layer. All
+ communications over I2P are anonymous and end-to-end encrypted, participants
+ don't reveal their real IP addresses.
  .
- This package contains the port of the I2P router to C++. Unless willing
- to test and report problems, you should install the 'i2p' package instead.
+ This package contains the full-featured C++ implementation of I2P router.
 
 Package: i2pd-dbg
 Architecture: any
 Priority: extra
 Section: debug
 Depends: i2pd (= ${binary:Version}), ${misc:Depends}
+Suggests: gdb
 Description: i2pd debugging symbols
- I2P is an anonymizing network, offering a simple layer that identity-sensitive
- applications can use to securely communicate. All data is wrapped with several
- layers of encryption, and the network is both distributed and dynamic, with no
- trusted parties.
+ I2P (Invisible Internet Protocol) is a universal anonymous network layer. All
+ communications over I2P are anonymous and end-to-end encrypted, participants
+ don't reveal their real IP addresses.
  .
  This package contains symbols required for debugging.

debian/docs

@@ -1,2 +1 @@
 README.md
-docs/configuration.md

debian/i2pd.1

@@ -72,7 +72,7 @@ Bandwidth limit: integer in KBps or letter aliases: \fIL (32KBps)\fR, O (256), P
 \fB\-\-family=\fR
 Name of a family, router belongs to.
 .PP
-See service-specific parameters in page \fIdocs/configuration.md\fR or in example config file \fIdocs/i2pd.conf\fR
+See service-specific parameters in example config file \fIcontrib/i2pd.conf\fR
 
 .SH FILES
 .PP

debian/i2pd.install

@@ -1,5 +1,5 @@
 i2pd usr/sbin/
-docs/i2pd.conf      etc/i2pd/
-docs/tunnels.conf etc/i2pd/
-docs/subscriptions.txt etc/i2pd/
+contrib/i2pd.conf      etc/i2pd/
+contrib/tunnels.conf etc/i2pd/
+contrib/subscriptions.txt etc/i2pd/
 contrib/certificates/ usr/share/i2pd/

debian/i2pd.upstart

@@ -6,4 +6,6 @@ stop on runlevel [016] or unmounting-filesystem
 # these can be overridden in /etc/init/i2pd.override
 env LOGFILE="/var/log/i2pd/i2pd.log"
 
+expect fork
+
 exec /usr/sbin/i2pd --daemon --service --log=file --logfile=$LOGFILE

docs/README.md

@@ -0,0 +1,3 @@
+Documentation is moved to [separate repository](https://github.com/PurpleI2P/i2pd_docs_en.git)
+
+[View docs online](https://i2pd.readthedocs.io/en/latest/)

docs/building/android.md

@@ -1,65 +0,0 @@
-Building on Android
-===================
-
-There are two versions: with QT and without QT.
-
-Pre-requesties
---------------
-
-You need to install Android SDK, NDK  and QT with android support.
-
-- [SDK](https://developer.android.com/studio/index.html) (choose command line tools only)
-- [NDK](https://developer.android.com/ndk/downloads/index.html)
-- [QT](https://www.qt.io/download-open-source/)(for QT only).
-  Choose one for your platform for android. For example QT 5.6 under Linux would be [this file](http://download.qt.io/official_releases/qt/5.6/5.6.1-1/qt-opensource-linux-x64-android-5.6.1-1.run)
-
-You also need Java JDK and Ant.
-
-QT-Creator (for QT only)
-------------------------
-
-Open QT-creator that should be installed with QT.
-Go to Settings/Anndroid and specify correct paths to SDK and NDK.
-If everything is correct you will see two set avaiable:
-Android for armeabi-v7a (gcc, qt) and Android for x86 (gcc, qt).
-
-Dependencies
---------------
-
-Take following pre-compiled binaries from PurpleI2P's repositories.
-
-	git clone https://github.com/PurpleI2P/Boost-for-Android-Prebuilt.git
-	git clone https://github.com/PurpleI2P/OpenSSL-for-Android-Prebuilt.git
-	git clone https://github.com/PurpleI2P/MiniUPnP-for-Android-Prebuilt.git
-	git clone https://github.com/PurpleI2P/android-ifaddrs.git
-
-Building the app with QT
-------------------------
-
-- Open `qt/i2pd_qt/i2pd_qt.pro` in the QT-creator
-- Change line `MAIN_PATH = /path/to/libraries` to an actual path where you put the dependancies to
-- Select appropriate project (usually armeabi-v7a) and build
-- You will find an .apk file in `android-build/bin` folder
-
-Building the app without QT
----------------------------
-
-- Change line `I2PD_LIBS_PATH` in `android/jni/Application.mk` to an actual path where you put the dependancies to
-- Run `ndk-build -j4` from andorid folder
-- Create or edit file 'local.properties'. Place 'sdk.dir=<path to SDK>' and 'ndk.dir=<path to NDK>'
-- Run `ant clean debug`
-
-Creating release .apk
-----------------------
-
-In order to create release .apk you must obtain a Java keystore file(.jks). Either you have in already, or you can generate it yourself using keytool, or from one of you existing well-know ceritificates.
-For example, i2pd release are signed with this [certificate](https://github.com/PurpleI2P/i2pd/blob/openssl/contrib/certificates/router/orignal_at_mail.i2p.crt).
-
-Create file 'ant.propeties':
-
-	key.store='path to keystore file'
-	key.alias='alias name'
-	key.store.password='keystore password'
-	key.alias.password='alias password'
-
-Run `ant clean release`

docs/building/cross.md

@@ -1,74 +0,0 @@
-Cross compilation notes
-=======================
-
-Static 64 bit windows binary on Ubuntu 15.10 (Wily Werewolf)
-------------------------------------------------------------
-
-Install cross compiler and friends
-
-	sudo apt-get install g++-mingw-w64-x86-64
-
-Default is to use Win32 threading model which lacks std::mutex and such. So we change defaults
-
-	sudo update-alternatives --set x86_64-w64-mingw32-g++ /usr/bin/x86_64-w64-mingw32-g++-posix
-
-From now on we assume we have everything in `~/dev/`. Get Boost sources unpacked into `~/dev/boost_1_60_0/` and change directory to it.
-Now add out cross compiler configuration. Warning: the following will wipe out whatever you had in there.
-
-	echo "using gcc : mingw : x86_64-w64-mingw32-g++ ;" > ~/user-config.jam
-
-Proceed with building Boost normal way, but let's define dedicated staging directory
-
-	./bootstrap.sh
-	./b2 toolset=gcc-mingw target-os=windows variant=release link=static runtime-link=static address-model=64 \
-	  --build-type=minimal --with-filesystem --with-program_options --with-date_time \
-	  --stagedir=stage-mingw-64
-	cd ..
-
-Now we get & build OpenSSL
-
-	git clone https://github.com/openssl/openssl
-	cd openssl
-	git checkout OpenSSL_1_0_2g
-	./Configure mingw64 no-rc2 no-rc4 no-rc5 no-idea no-bf no-cast no-whirlpool no-md2 no-md4 no-ripemd no-mdc2 \
-	  no-camellia no-seed no-comp no-krb5 no-gmp no-rfc3779 no-ec2m no-ssl2 no-jpake no-srp no-sctp no-srtp \
-	  --prefix=~/dev/stage --cross-compile-prefix=x86_64-w64-mingw32-
-	make depend
-	make
-	make install
-	cd ..
-
-...and zlib
-
-	git clone https://github.com/madler/zlib
-	cd zlib
-	git checkout v1.2.8
-	CC=x86_64-w64-mingw32-gcc CFLAGS=-O3 ./configure --static --64 --prefix=~/dev/stage
-	make
-	make install
-	cd ..
-
-Now we prepare cross toolchain hint file for CMake, let's name it `~/dev/toolchain-mingw.cmake`
-
-	set(CMAKE_SYSTEM_NAME Windows)
-	set(CMAKE_C_COMPILER x86_64-w64-mingw32-gcc)
-	set(CMAKE_CXX_COMPILER x86_64-w64-mingw32-g++)
-	set(CMAKE_RC_COMPILER x86_64-w64-mingw32-windres)
-	set(CMAKE_FIND_ROOT_PATH /usr/x86_64-w64-mingw32)
-	set(CMAKE_FIND_ROOT_PATH_MODE_PROGRAM NEVER)
-
-Download miniupnpc, unpack and symlink it into `~/dev/miniupnpc/`.
-Finally, we can build i2pd with all that goodness
-
-	git clone https://github.com/PurpleI2P/i2pd
-	mkdir i2pd-mingw-64-build
-	cd i2pd-mingw-64-build
-	BOOST_ROOT=~/dev/boost_1_60_0 cmake -G 'Unix Makefiles' ~/dev/i2pd/build -DBUILD_TYPE=Release \
-	  -DCMAKE_TOOLCHAIN_FILE=~/dev/toolchain-mingw.cmake -DWITH_AESNI=ON -DWITH_UPNP=ON -DWITH_STATIC=ON \
-	  -DWITH_HARDENING=ON -DCMAKE_INSTALL_PREFIX:PATH=~/dev/i2pd-mingw-64-static \
-	  -DZLIB_ROOT=~/dev/stage -DBOOST_LIBRARYDIR:PATH=~/dev/boost_1_60_0/stage-mingw-64/lib \
-	  -DOPENSSL_ROOT_DIR:PATH=~/dev/stage
-	make
-	x86_64-w64-mingw32-strip i2pd.exe
-
-By now, you should have a release build with stripped symbols.

docs/building/ios.md

@@ -1,85 +0,0 @@
-Building on iOS
-===================
-
-How to build i2pd for iOS 9 and iOS Simulator 386/x64
-
-Prerequisites
---------------
-
-XCode7+, cmake 3.2+
-
-Dependencies
-------------
-
-- precompiled openssl
-- precompiled boost with modules `filesystem`, `program_options`, `date_time` and `system`
-- ios-cmake toolchain from `https://github.com/vovasty/ios-cmake.git`
-
-Building
---------
-
-Assume you have folder structure
-
-	lib/
-		libboost_date_time.a
-		libboost_filesystem.a
-		libboost_program_options.a
-		libboost_system.a
-		libboost.a
-		libcrypto.a
-		libssl.a
-	include/
-		boost/
-		openssl/
-	ios-cmake/
-	i2pd/
-
-```bash
-mkdir -p build/simulator/lib build/ios/lib include/i2pd
-
-pushd build/simulator && \
-cmake   -DIOS_PLATFORM=SIMULATOR \
-        -DPATCH=/usr/bin/patch \
-        -DCMAKE_BUILD_TYPE=Release \
-        -DCMAKE_TOOLCHAIN_FILE=../../ios-cmake/toolchain/iOS.cmake \
-        -DWITH_STATIC=yes \
-        -DWITH_BINARY=no \
-        -DBoost_INCLUDE_DIR=../../include \
-        -DOPENSSL_INCLUDE_DIR=../../include \
-        -DBoost_LIBRARY_DIR=../../lib \
-        -DOPENSSL_SSL_LIBRARY=../../lib/libssl.a \
-        -DOPENSSL_CRYPTO_LIBRARY=../../lib/libcrypto.a \
-        ../../i2pd/build && \
-make -j16 VERBOSE=1 && \
-popd
-
-pushd build/ios
-cmake   -DIOS_PLATFORM=OS \
-        -DPATCH=/usr/bin/patch \
-        -DCMAKE_BUILD_TYPE=Release \
-        -DCMAKE_TOOLCHAIN_FILE=../../ios-cmake/toolchain/iOS.cmake \
-        -DWITH_STATIC=yes \
-        -DWITH_BINARY=no \
-        -DBoost_INCLUDE_DIR=../../include \
-        -DOPENSSL_INCLUDE_DIR=../../include \
-        -DBoost_LIBRARY_DIR=../../lib \
-        -DOPENSSL_SSL_LIBRARY=../../lib/libssl.a \
-        -DOPENSSL_CRYPTO_LIBRARY=../../lib/libcrypto.a \
-        ../../i2pd/build && \
-make -j16 VERBOSE=1 && \
-popd
-
-libtool -static -o lib/libi2pdclient.a build/*/libi2pdclient.a
-libtool -static -o lib/libi2pd.a build/*/libi2pd.a
-
-cp i2pd/*.h include/i2pd
-```
-
-Include into project
---------------------
-
-- add all libraries in `lib` folder to `Project linked frameworks`.
-- add `libc++` and `libz` libraries from system libraries to `Project linked frameworks`.
-- add path to i2p headers to your `Headers search paths`
-
-Alternatively you may use swift wrapper `https://github.com/vovasty/SwiftyI2P.git`

docs/building/requirements.md

@@ -1,15 +0,0 @@
-Build requirements
-==================
-
-In general, for building i2pd you need several things:
-
-* compiler with c++11 support (for example: gcc >= 4.7, clang)
-* boost >= 1.49
-* openssl library
-* zlib library (openssl already depends on it)
-
-Optional tools:
-
-* cmake >= 2.8 (or 3.3+ if you want to use precompiled headers on windows)
-* miniupnp library (for upnp support)
-* [websocketpp](https://github.com/zaphoyd/websocketpp/) (for websocket ui)

docs/building/unix.md

@@ -1,136 +0,0 @@
-Building on Unix systems
-=============================
-
-First of all we need to make sure that all dependencies are satisfied.
-
-This doc is trying to cover:
-
-* [Debian/Ubuntu](#debian-ubuntu) (contains packaging instructions)
-* [Fedora/Centos](#fedora-centos)
-* [Fedora/Centos](#mac-os-x)
-* [FreeBSD](#freebsd)
-
-Make sure you have all required dependencies for your system successfully installed.
-See [this](requirements.md) page for common requirements.
-
-If so then we are ready to go!
-Let's clone the repository and start building the i2pd:
-
-	git clone https://github.com/PurpleI2P/i2pd.git
-
-Generic build process looks like this (with cmake):
-
-	cd i2pd/build
-	cmake <cmake options> . # see "CMake Options" section below
-	make                    # you may add VERBOSE=1 to cmdline for debugging
-
-..or with quick-and-dirty way with just make:
-
-	cd i2pd/
-	make
-
-After successfull build i2pd could be installed with:
-
-	make install
-
-CMake Options
--------------
-
-Available CMake options(each option has a form of `<key>=<value>`, for more information see `man 1 cmake`):
-
-* `CMAKE_BUILD_TYPE` build profile (Debug/Release)
-* `WITH_BINARY`      build i2pd itself
-* `WITH_LIBRARY`     build libi2pd
-* `WITH_STATIC`      build static versions of library and i2pd binary
-* `WITH_UPNP`        build with UPnP support (requires libminiupnp)
-* `WITH_AESNI`       build with AES-NI support (ON/OFF)
-* `WITH_HARDENING`   enable hardening features (ON/OFF) (gcc only)
-* `WITH_PCH`         use pre-compiled header (experimental, speeds up build)
-* `WITH_I2LUA`       used when building i2lua
-* `WITH_WEBSOCKETS`  enable websocket server
-
-
-Also there is `-L` flag for CMake that could be used to list current cached options:
-
-	cmake -L
-
-Debian/Ubuntu
--------------
-
-You will need a compiler and other tools that could be installed with `build-essential` package:
-
-	sudo apt-get install build-essential
-
-Also you will need a bunch of development libraries:
-
-	sudo apt-get install \
-	    libboost-date-time-dev \
-	    libboost-filesystem-dev \
-	    libboost-program-options-dev \
-	    libboost-system-dev \
-	    libssl-dev
-
-If you need UPnP support miniupnpc development library should be installed (don't forget to rerun CMake with needed option):
-
-	sudo apt-get install libminiupnpc-dev
-
-You may also build deb-package with the following:
-
-	sudo apt-get install fakeroot devscripts
-	cd i2pd
-	debuild --no-tgz-check
-
-Fedora/Centos
--------------
-
-You will need a compiler and other tools to perform a build:
-
-	sudo yum install make cmake gcc gcc-c++
-
-Also you will need a bunch of development libraries
-
-	sudo yum install boost-devel openssl-devel
-
-If you need UPnP support miniupnpc development library should be installed (don't forget to rerun CMake with needed option):
-
-	sudo yum install miniupnpc-devel
-
-Latest Fedora systems using [DNF](https://en.wikipedia.org/wiki/DNF_(software)) instead of YUM by default, you may prefer to use DNF, but YUM should be ok
-
-Centos 7 has CMake 2.8.11 in the official repositories that too old to build i2pd, CMake >=2.8.12 is required.
-But you can use cmake3 from the epel repository:
-
-	yum install epel-release -y
-	yum install make cmake3 gcc gcc-c++ miniupnpc-devel boost-devel openssl-devel -y
-
-...and then use 'cmake3' instead 'cmake'.
-
-MAC OS X
---------
-
-Requires [homebrew](http://brew.sh)
-
-	brew install boost libressl
-
-Then build:
-
-	make HOMEBREW=1
-
-FreeBSD
--------
-
-For 10.X  use clang. You would also need devel/boost-libs, security/openssl and devel/gmake ports.
-Type gmake, it invokes Makefile.bsd, make necessary changes there is required.
-
-Branch 9.X has gcc v4.2, that is too old (not supports -std=c++11)
-
-Required ports:
-
-* `devel/cmake`
-* `devel/boost-libs`
-* `lang/gcc47`(or later version)
-
-To use newer compiler you should set these variables(replace "47" with your actual gcc version):
-
-	export CC=/usr/local/bin/gcc47
-	export CXX=/usr/local/bin/g++47

docs/building/windows.md

@@ -1,159 +0,0 @@
-Building on Windows
-=========================
-
-There are two approaches available to build i2pd on Windows. The best
-one depends on your needs and personal preferences. One is to use
-msys2 and [unix alike infrastructure](unix.md). Another
-one is to use Visual Studio. While there might be no difference for
-end users of i2pd daemon, developers, however, shall be wary of
-differences in C++ name mangling between the two compilers when making
-a choice to be able to link their software against libi2pd.
-
-If you are a stranger to C++ with no development tools installed on
-your system and your only goal is to have i2pd up and running from the
-most recent source, consider using msys2. Although it relies on
-command line operations, it should be straight forward.
-
-In this guide, we will use CMake for both approaches and we will
-assume that you typically have your projects in C:\dev\ as your
-development location for the sake of convenience. Adjust paths
-accordingly if it is not the case. Note that msys uses unix-alike
-paths like /c/dev/ for C:\dev\.
-
-msys2
------
-
-Get install file `msys2-$ARCH-*.exe` from `https://msys2.github.io`
-
-Where $ARCH is `i686` or `x86_64` (matching your system).
-
-- Open MSYS2 Shell (from Start menu).
-- Install all prerequisites and download i2pd source:
-
-        export ARCH='i686'     # or 'x86_64'
-        export MINGW='mingw32' # or 'mingw64'
-        pacman -S mingw-w64-$ARCH-boost mingw-w64-$ARCH-openssl mingw-w64-$ARCH-gcc git make
-        mkdir -p /c/dev/i2pd
-        cd /c/dev/i2pd
-        git clone https://github.com/PurpleI2P/i2pd.git
-        cd i2pd
-        # we need compiler on PATH which is usually heavily cluttered on Windows
-        export PATH=/$MINGW/bin:/usr/bin
-        make
-
-### Caveats
-
-It is important to restrict PATH as described above.
-If you have Strawberry Perl and/or Mercurial installed,
-it will pick up gcc & openssl from the wrong places.
-
-If you do use precompiled headers to speed up compilation (recommended),
-things can go wrong if compiler options have changed for whatever reason.
-Just delete `stdafx.h.gch` found in your build folder, note the file extension.
-
-If you are an Arch Linux user, refrain from updating system with `pacman -Syu`.
-Always update runtime separately as described on the home page,
-otherwise you might end up with DLLs incompatibility problems.
-
-### AES-NI
-
-If your processor has [AES instruction set](https://en.wikipedia.org/wiki/AES_instruction_set),
-use `make USE_AESNI=1` instead just `make`. No check is done however, it will compile,
-but it might crash with `Illegal instruction` if this feature is not supported by your processor.
-
-You should be able to run ./i2pd . If you need to start from the new shell,
-consider starting *MinGW-w64 Win32 Shell* instead of *MSYS2 Shell*
-as it adds `/minw32/bin` to the PATH.
-
-### UPnP
-
-You can install it through the MSYS2 and build with `USE_UPNP` key.
-
-	export ARCH='i686' # or 'x86_64'
-	pacman -S mingw-w64-$ARCH-miniupnpc
-	make USE_UPNP=yes
-
-Using Visual Studio
--------------------
-
-Requirements for building:
-
-* [CMake](https://cmake.org/) (tested with 3.1.3)
-* [Visual Studio Community Edition](https://www.visualstudio.com/en-us/products/visual-studio-community-vs.aspx) (tested with VS2013 Update 4)
-* [Boost](http://www.boost.org/) (tested with 1.59)
-* Optionally [MiniUPnP](http://miniupnp.free.fr) (tested with 1.9), we need only few client headers
-* OpenSSL (tested with 1.0.1p and 1.0.2e), if building from sources (recommended), you'll need as well
-	* [Netwide assembler](http://www.nasm.us/)
-	* Strawberry Perl or ActiveState Perl, do NOT try msys2 perl, it won't work
-
-### Building Boost
-
-Open a Command Prompt (there is no need to start Visual Studio command
-prompt to build Boost) and run the following:
-
-	cd C:\dev\boost
-	bootstrap
-	b2 toolset=msvc-12.0 --build-type=complete --with-filesystem --with-program_options --with-date_time
-
-If you are on 64-bit Windows and you want to build 64-bit version as well
-
-	b2 toolset=msvc-12.0 --build-type=complete --stagedir=stage64 address-model=64 --with-filesystem --with-program_options --with-date_time
-
-After Boost is compiled, set the environment variable `BOOST_ROOT` to
-the directory Boost was unpacked to, e.g., C:\dev\boost.
-
-If you are planning on building only particular variant, e.g. Debug only and static linking,
-and/or you are out of space/time, you might consider `--build-type=minimal`.
-Take a look at [appveyor.yml](../appveyor.yml) for details on how test builds are done.
-
-### Building OpenSSL
-
-Download OpenSSL, e.g. with git
-
-	git clone https://github.com/openssl/openssl.git
-	cd openssl
-	git checkout OpenSSL_1_0_1p
-
-Now open Visual Studio command prompt and change directory to that with OpenSSL
-
-	set "PATH=%PATH%;C:\Program Files (x86)\nasm"
-	perl Configure VC-WIN32 --prefix=c:\OpenSSL-Win32
-	ms\do_nasm
-	nmake -f ms\ntdll.mak
-	nmake -f ms\ntdll.mak install
-
-You should have it installed into C:\OpenSSL-Win32 by now.
-
-Note that you might consider providing `-DOPENSSL_ROOT_DIR` to CMake and/or
-create a symlink (with mklink /J) to C:\OpenSSL if you plan on maintain
-multiple versions, e.g. 64 bit and/or static/shared.
-See `C:\Program Files (x86)\CMake\share\cmake-3.3\Modules\FindOpenSSL.cmake` for details.
-
-### Get miniupnpc
-
-If you are behind a UPnP enabled router and don't feel like manually configuring port forwarding,
-you should consider using [MiniUPnP](http://miniupnp.free.fr) client.
-I2pd can be built capable of using miniupnpc shared library (DLL) to open up necessary port.
-You'd want to have include headers around to build i2pd with support for this.
-Unpack client source code to subdir, e.g. `C:\dev\miniupnpc`.
-You may want to remove version number from folder name included in downloaded archive.
- 
-### Creating Visual Studio project
-
-Start CMake GUI, navigate to i2pd directory, choose building directory,  e.g. ./out, and configure options.
-
-Alternatively, if you feel adventurous, try that from the command line
-
-	mkdir i2pd\out
-	cd i2pd\out
-	cmake ..\build -G "Visual Studio 12 2013" -DWITH_UPNP=ON -DWITH_PCH=ON -DCMAKE_INSTALL_PREFIX:PATH=C:\dev\Debug_Win32_stage
-
-If necessary files are not found `WITH_UPNP` will stay off.
-
-### Building i2pd
-
-You can open generated solution/project with Visual Studio and build from there,
-alternatively you can use `cmake --build . --config Release --target install` or
-[MSBuild tool](https://msdn.microsoft.com/en-us/library/dd293626.aspx)
-
-	msbuild i2pd.sln /p:Configuration=Release

docs/conf.py

@@ -1,300 +0,0 @@
-# -*- coding: utf-8 -*-
-#
-# i2pd documentation build configuration file, created by
-# sphinx-quickstart on Tue Jan 12 06:26:12 2016.
-#
-# This file is execfile()d with the current directory set to its
-# containing dir.
-#
-# Note that not all possible configuration values are present in this
-# autogenerated file.
-#
-# All configuration values have a default; values that are commented out
-# serve to show the default.
-
-import sys
-import os
-import shlex
-from recommonmark.parser import CommonMarkParser
-
-source_parsers = {
-    '.md': CommonMarkParser,
-}
-
-# Check if on RTD
-on_rtd = os.environ.get('READTHEDOCS', None) == 'True'
-
-# If extensions (or modules to document with autodoc) are in another directory,
-# add these directories to sys.path here. If the directory is relative to the
-# documentation root, use os.path.abspath to make it absolute, like shown here.
-#sys.path.insert(0, os.path.abspath('.'))
-
-# -- General configuration ------------------------------------------------
-
-# If your documentation needs a minimal Sphinx version, state it here.
-#needs_sphinx = '1.0'
-
-# Add any Sphinx extension module names here, as strings. They can be
-# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
-# ones.
-extensions = []
-
-# Add any paths that contain templates here, relative to this directory.
-#templates_path = ['_templates']
-
-# The suffix(es) of source filenames.
-# You can specify multiple suffix as a list of string:
-# source_suffix = ['.rst', '.md']
-source_suffix = ['.rst', '.md']
-
-# The encoding of source files.
-#source_encoding = 'utf-8-sig'
-
-# The master toctree document.
-master_doc = 'index'
-
-# General information about the project.
-project = u'i2pd'
-copyright = u'2016, PurpleI2P team'
-author = u'PurpleI2P team'
-
-# The version info for the project you're documenting, acts as replacement for
-# |version| and |release|, also used in various other places throughout the
-# built documents.
-#
-# The short X.Y version.
-version = u'2.2.0'
-# The full version, including alpha/beta/rc tags.
-release = u'2.2.0'
-
-# The language for content autogenerated by Sphinx. Refer to documentation
-# for a list of supported languages.
-#
-# This is also used if you do content translation via gettext catalogs.
-# Usually you set "language" from the command line for these cases.
-language = None
-
-# There are two options for replacing |today|: either, you set today to some
-# non-false value, then it is used:
-#today = ''
-# Else, today_fmt is used as the format for a strftime call.
-#today_fmt = '%B %d, %Y'
-
-# List of patterns, relative to source directory, that match files and
-# directories to ignore when looking for source files.
-exclude_patterns = ['_build']
-
-# The reST default role (used for this markup: `text`) to use for all
-# documents.
-#default_role = None
-
-# If true, '()' will be appended to :func: etc. cross-reference text.
-#add_function_parentheses = True
-
-# If true, the current module name will be prepended to all description
-# unit titles (such as .. function::).
-#add_module_names = True
-
-# If true, sectionauthor and moduleauthor directives will be shown in the
-# output. They are ignored by default.
-#show_authors = False
-
-# The name of the Pygments (syntax highlighting) style to use.
-pygments_style = 'sphinx'
-
-# A list of ignored prefixes for module index sorting.
-#modindex_common_prefix = []
-
-# If true, keep warnings as "system message" paragraphs in the built documents.
-#keep_warnings = False
-
-# If true, `todo` and `todoList` produce output, else they produce nothing.
-todo_include_todos = False
-
-
-# -- Options for HTML output ----------------------------------------------
-
-# The theme to use for HTML and HTML Help pages.  See the documentation for
-# a list of builtin themes.
-html_theme = 'default'
-
-if not on_rtd:
-    try:
-        import sphinx_rtd_theme
-        html_theme = 'sphinx_rtd_theme'
-        html_theme_path = [sphinx_rtd_theme.get_html_theme_path()]
-    except ImportError:
-        pass
-
-# Theme options are theme-specific and customize the look and feel of a theme
-# further.  For a list of options available for each theme, see the
-# documentation.
-#html_theme_options = {}
-
-# Add any paths that contain custom themes here, relative to this directory.
-#html_theme_path = []
-
-# The name for this set of Sphinx documents.  If None, it defaults to
-# "<project> v<release> documentation".
-#html_title = None
-
-# A shorter title for the navigation bar.  Default is the same as html_title.
-#html_short_title = None
-
-# The name of an image file (relative to this directory) to place at the top
-# of the sidebar.
-#html_logo = None
-
-# The name of an image file (within the static path) to use as favicon of the
-# docs.  This file should be a Windows icon file (.ico) being 16x16 or 32x32
-# pixels large.
-#html_favicon = None
-
-# Add any paths that contain custom static files (such as style sheets) here,
-# relative to this directory. They are copied after the builtin static files,
-# so a file named "default.css" will overwrite the builtin "default.css".
-#html_static_path = ['_static']
-
-# Add any extra paths that contain custom files (such as robots.txt or
-# .htaccess) here, relative to this directory. These files are copied
-# directly to the root of the documentation.
-#html_extra_path = []
-
-# If not '', a 'Last updated on:' timestamp is inserted at every page bottom,
-# using the given strftime format.
-#html_last_updated_fmt = '%b %d, %Y'
-
-# If true, SmartyPants will be used to convert quotes and dashes to
-# typographically correct entities.
-#html_use_smartypants = True
-
-# Custom sidebar templates, maps document names to template names.
-#html_sidebars = {}
-
-# Additional templates that should be rendered to pages, maps page names to
-# template names.
-#html_additional_pages = {}
-
-# If false, no module index is generated.
-#html_domain_indices = True
-
-# If false, no index is generated.
-#html_use_index = True
-
-# If true, the index is split into individual pages for each letter.
-#html_split_index = False
-
-# If true, links to the reST sources are added to the pages.
-#html_show_sourcelink = True
-
-# If true, "Created using Sphinx" is shown in the HTML footer. Default is True.
-#html_show_sphinx = True
-
-# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True.
-#html_show_copyright = True
-
-# If true, an OpenSearch description file will be output, and all pages will
-# contain a <link> tag referring to it.  The value of this option must be the
-# base URL from which the finished HTML is served.
-#html_use_opensearch = ''
-
-# This is the file name suffix for HTML files (e.g. ".xhtml").
-#html_file_suffix = None
-
-# Language to be used for generating the HTML full-text search index.
-# Sphinx supports the following languages:
-#   'da', 'de', 'en', 'es', 'fi', 'fr', 'hu', 'it', 'ja'
-#   'nl', 'no', 'pt', 'ro', 'ru', 'sv', 'tr'
-#html_search_language = 'en'
-
-# A dictionary with options for the search language support, empty by default.
-# Now only 'ja' uses this config value
-#html_search_options = {'type': 'default'}
-
-# The name of a javascript file (relative to the configuration directory) that
-# implements a search results scorer. If empty, the default will be used.
-#html_search_scorer = 'scorer.js'
-
-# Output file base name for HTML help builder.
-htmlhelp_basename = 'i2pddoc'
-
-# -- Options for LaTeX output ---------------------------------------------
-
-latex_elements = {
-# The paper size ('letterpaper' or 'a4paper').
-#'papersize': 'letterpaper',
-
-# The font size ('10pt', '11pt' or '12pt').
-#'pointsize': '10pt',
-
-# Additional stuff for the LaTeX preamble.
-#'preamble': '',
-
-# Latex figure (float) alignment
-#'figure_align': 'htbp',
-}
-
-# Grouping the document tree into LaTeX files. List of tuples
-# (source start file, target name, title,
-#  author, documentclass [howto, manual, or own class]).
-latex_documents = [
-  (master_doc, 'i2pd.tex', u'i2pd Documentation',
-   u'PurpleI2P team', 'manual'),
-]
-
-# The name of an image file (relative to this directory) to place at the top of
-# the title page.
-#latex_logo = None
-
-# For "manual" documents, if this is true, then toplevel headings are parts,
-# not chapters.
-#latex_use_parts = False
-
-# If true, show page references after internal links.
-#latex_show_pagerefs = False
-
-# If true, show URL addresses after external links.
-#latex_show_urls = False
-
-# Documents to append as an appendix to all manuals.
-#latex_appendices = []
-
-# If false, no module index is generated.
-#latex_domain_indices = True
-
-
-# -- Options for manual page output ---------------------------------------
-
-# One entry per manual page. List of tuples
-# (source start file, name, description, authors, manual section).
-man_pages = [
-    (master_doc, 'i2pd', u'i2pd Documentation',
-     [author], 1)
-]
-
-# If true, show URL addresses after external links.
-#man_show_urls = False
-
-
-# -- Options for Texinfo output -------------------------------------------
-
-# Grouping the document tree into Texinfo files. List of tuples
-# (source start file, target name, title, author,
-#  dir menu entry, description, category)
-texinfo_documents = [
-  (master_doc, 'i2pd', u'i2pd Documentation',
-   author, 'i2pd', 'One line description of project.',
-   'Miscellaneous'),
-]
-
-# Documents to append as an appendix to all manuals.
-#texinfo_appendices = []
-
-# If false, no module index is generated.
-#texinfo_domain_indices = True
-
-# How to display URL addresses: 'footnote', 'no', or 'inline'.
-#texinfo_show_urls = 'footnote'
-
-# If true, do not generate a @detailmenu in the "Top" node's menu.
-#texinfo_no_detailmenu = False

docs/config_opts_after_2.3.0.md

@@ -1,43 +0,0 @@
-Изменения обработки параметров в релизах > 2.3.0
-------------------------------------------------
-
-Система параметров отличается от того, что было ранее и достаточно сильно:
-
-* изменения имён и стиля параметров
-
-Все параметры теперь в виде --help (gnu-style), у некоторых есть шорткаты в виде -h (unix-style). 
-Это касается всех систем, в том числе винды.
-
---daemon=1 и подобное -> просто --daemon, без параметра. Нет опции - false, есть - true
---notransit=1 -> --notransit, то же что и выше: есть опция - false, нет - true
---v6 -> --ipv6 (первое было похоже на версию какого-то своего протокола, типа socksproxy --v5)
---tunnelscfg -> --tunconf (имя параметра было слишком длинным, cfg переделан на conf - единообразно с --conf)
---sockskeys -> разделён на два, для socks и httpproxy по-отдельности
-
-* поддержка секций в основном конфиге
-
-Выглядит это так:
-
-    # основные опции
-    pidfile = /var/run/i2pd.pid
-    #
-    # настройки конкретного модуля
-    [httproxy]
-    address = 1.2.3.4
-    port    = 4446
-    keys    = httproxy-keys.dat
-    # и так далее
-    [sam]
-    enabled = no
-    addresss = 127.0.0.2
-    # ^^ переопределяется только адрес, остальное берётся из дефолта
-
-Точно так же сейчас работает конфиг туннелей: секция до точки - имя, после - параметр
-
-* поддержка выключения отдельных сервисов "на корню" см sam.enabled и подобное
-
-Это позволило задать дефолт для номера порта и не писать его руками для включения.
-
-* добавлен --help (см #110)
-
-* присутствует некая валидация параметров, --port=abcd - не прокатит, --port=100500 - тоже

docs/configuration.md

@@ -1,165 +0,0 @@
-i2pd configuration
-==================
-
-Command line options
---------------------
-
-Options specified on the command line take precedence over those in the config file.
-If you are upgrading your very old router (< 2.3.0) see also [this](config_opts_after_2.3.0.md) page.
-
-* --help                - Show builtin help message (default value of option will be shown in braces)
-* --conf=               - Config file (default: ~/.i2pd/i2pd.conf or /var/lib/i2pd/i2pd.conf)
-                          This parameter will be silently ignored if the specified config file does not exist.
-* --tunconf=            - Tunnels config file (default: ~/.i2pd/tunnels.conf or /var/lib/i2pd/tunnels.conf)
-* --pidfile=            - Where to write pidfile (dont write by default)
-* --log=                - Logs destination: stdout, file (stdout if not set, file - otherwise, for compatibility)
-* --logfile=            - Path to logfile (default - autodetect)
-* --loglevel=           - Log messages above this level (debug, info, warn, error)
-* --datadir=            - Path to storage of i2pd data (RI, keys, peer profiles, ...)
-* --host=               - Router external IP for incoming connections
-* --port=               - Port to listen for incoming connections (default: auto)
-* --daemon              - Router will go to background after start
-* --service             - Router will use system folders like '/var/lib/i2pd'
-* --ipv6                - Enable communication through ipv6. false by default
-* --notransit           - Router will not accept transit tunnels at startup. false by default
-* --floodfill           - Router will be floodfill. false by default
-* --bandwidth=          - Bandwidth limit: integer in KBps or letters: L (32), O (256), P (2048), X (>9000)
-* --family=             - Name of a family, router belongs to
-* --netid=				- Network ID, router belongs to. Main I2P is 2.
-
-Windows-specific options:
-
-* --svcctl=             - Windows service management (--svcctl="install" or --svcctl="remove")
-* --insomnia            - Prevent system from sleeping
-* --close=              - Action on close: minimize, exit, ask
-
-All options below still possible in cmdline, but better write it in config file:
-
-* --http.enabled=       - If webconsole is enabled. true by default  
-* --http.address=       - The address to listen on (HTTP server)
-* --http.port=          - The port to listen on (HTTP server) 7070 by default
-* --http.auth           - Enable basic HTTP auth for webconsole
-* --http.user=          - Username for basic auth (default: i2pd)
-* --http.pass=          - Password for basic auth (default: random, see logs)
-
-* --httpproxy.enabled=  - If HTTP proxy is enabled. true by default  
-* --httpproxy.address=  - The address to listen on (HTTP Proxy)  
-* --httpproxy.port=     - The port to listen on (HTTP Proxy) 4444 by default  
-* --httpproxy.keys=     - optional keys file for HTTP proxy local destination  
-* --httpproxy.signaturetype=    - signature type for new keys if keys file is set. 7 by default  
-* --httpproxy.inbound.length= 	- Inbound tunnels length if keys is set. 3 by default  
-* --httpproxy.inbound.quantity= - Inbound tunnels quantity if keys is set. 5 by default  
-* --httpproxy.outbound.length=	- Outbound tunnels length if keys is set. 3 by default  
-* --httpproxy.outbound.quantity= - Outbound tunnels quantity if keys is set. 5 by default    
-
-* --socksproxy.enabled=  - If SOCKS proxy is enabled. true by default  
-* --socksproxy.address= - The address to listen on (SOCKS Proxy)  
-* --socksproxy.port=    - The port to listen on (SOCKS Proxy). 4447 by default  
-* --socksproxy.keys=    - optional keys file for SOCKS proxy local destination  
-* --socksproxy.signaturetype=   - signature type for new keys if keys file is set. 7 by default
-* --socksproxy.inbound.length= 	- Inbound tunnels length if keys is set. 3 by default  
-* --socksproxy.inbound.quantity= - Inbound tunnels quantity if keys is set. 5 by default  
-* --socksproxy.outbound.length=	- Outbound tunnels length if keys is set. 3 by default  
-* --socksproxy.outbound.quantity= - Outbound tunnels quantity if keys is set. 5 by default  
-* --socksproxy.outproxy= - Address of outproxy. requests outside i2p will go there  
-* --socksproxy.outproxyport=  - Outproxy remote port  
-
-* --sam.address=        - The address to listen on (SAM bridge)
-* --sam.port=           - Port of SAM bridge. Usually 7656. SAM is off if not specified
-* --sam.enabled=        - If SAM is enabled. false by default 
-
-* --bob.address=        - The address to listen on (BOB command channel)
-* --bob.port=           - Port of BOB command channel. Usually 2827. BOB is off if not specified
-* --bob.enabled=        - If BOB is enabled. false by default 
-
-* --i2cp.address=        - The address to listen on or an abstract address for Android LocalSocket
-* --i2cp.port=           - Port of I2CP server. Usually 7654. Ignored for Andorid
-* --i2cp.enabled=        - If I2CP is enabled. false by default. Other services don't require I2CP 
-
-* --i2pcontrol.address=  - The address to listen on (I2P control service)  
-* --i2pcontrol.port=     - Port of I2P control service. Usually 7650. I2PControl is off if not specified  
-* --i2pcontrol.enabled=  - If I2P control is enabled. false by default  
-* --i2pcontrol.password= - I2P control authentication password. itoopie by default  
-* --i2pcontrol.cert=     - I2P control HTTPS certificate file name. i2pcontrol.crt.pem by default  
-* --i2pcontrol.key=      - I2P control HTTPS certificate key file name. i2pcontrol.key.pem by default  
-
-* --upnp.enabled=       - Enable or disable UPnP, false by default for CLI and true for GUI (Windows, Android)  
-* --upnp.name=          - Name i2pd appears in UPnP forwardings list. I2Pd by default  
-
-* --precomputation.elgamal=  - Use ElGamal precomputated tables. false for x64 and true for other platforms by default  
-* --reseed.verify=      - Request SU3 signature verification  
-* --reseed.file=        - Full path to SU3 file to reseed from  
-* --reseed.urls=        - Reseed URLs, separated by comma
-* --addressbook.defaulturl=     - AddressBook subscription URL for initial setup
-* --addressbook.subscriptions=  - AddressBook subscriptions URLs, separated by comma
-
-* --limits.transittunnels=  - Override maximum number of transit tunnels. 2500 by default   
-* --limits.openfiles=	- Maximum size of corefile in Kb (0 - use system limit)  
-* --limits.coresize=	- Maximum size of corefile in Kb (0 - use system limit)  
-
-Config files
-------------
-
-INI-like, syntax is the following : <key> = <value>.
-Comments are "#", not ";" as you may expect. See [boost ticket](https://svn.boost.org/trac/boost/ticket/808)
-All command-line parameters are allowed as keys, but note for those which contains dot (.).
-
-For example:
-
-i2pd.conf:
-
-    # comment
-    log = true
-    ipv6 = true
-    # settings for specific module
-    [httpproxy]
-    port = 4444
-    # ^^ this will be --httproxy.port= in cmdline
-    # another comment
-    [sam]
-    enabled = true
-
-See also commented config with examples of all options in ``docs/i2pd.conf``.
-
-tunnels.conf:
-
-    # outgoing tunnel sample, to remote service
-    # mandatory parameters:
-    # * type -- always "client"
-    # * port -- local port to listen to
-    # * destination -- i2p hostname
-    # optional parameters (may be omitted)
-    # * keys -- our identity, if unset, will be generated on every startup,
-    #     if set and file missing, keys will be generated and placed to this file
-    # * address -- local interface to bind
-    # * signaturetype -- signature type for new destination. 0 (DSA/SHA1), 1 (EcDSA/SHA256) or 7 (EdDSA/SHA512)
-    [IRC]
-    type = client
-    address = 127.0.0.1
-    port = 6668
-    destination = irc.postman.i2p
-    keys = irc-keys.dat
-    #
-    # incoming tunnel sample, for local service
-    # mandatory parameters:
-    # * type -- "server" or "http"
-    # * host -- ip address of our service
-    # * port -- port of our service
-    # * keys -- file with LeaseSet of address in i2p
-    # optional parameters (may be omitted)
-    # * inport -- optional, i2p service port, if unset - the same as 'port'
-    # * accesslist -- comma-separated list of i2p addresses, allowed to connect
-    #    every address is b32 without '.b32.i2p' part
-    [LOCALSITE]
-    type = http
-    host = 127.0.0.1
-    port = 80
-    keys = site-keys.dat
-    #
-    [IRC-SERVER]
-    type = server
-    host = 127.0.0.1
-    port = 6667
-    keys = irc.dat
-
-Also see [this page](https://github.com/PurpleI2P/i2pd/wiki/tunnels.cfg) for more tunnel examples.

docs/family.md

@@ -1,36 +0,0 @@
-Family configuration
-====================
-
-Your might want to specify a family, your router belongs to.
-There are two possibilities: create new family or joing to existing.
-
-New family
------------
-
-You must create family self-signed certificate and key.  
-The only key type supposted is prime256v1.
-Use the following list of commands:  
-
-    openssl ecparam -name prime256v1 -genkey -out <your family name>.key  
-    openssl req -new -key <your family name>.key -out <your family name>.csr  
-    touch v3.ext
-    openssl x509 -req -days 3650 -in <your family name>.csr -signkey <your family name>.key -out <your family name>.crt -extfile v3.ext  
-
-Specify <your family name>.family.i2p.net for CN (Common Name) when requested.
-
-Once you are done with it place <your-family-name>.key and <your-family-name>.crt to <ip2d data>/family folder (for exmple ~/.i2pd/family).
-You should provide these two files to other members joining your family.
-If you want to register you family and let I2P network recorgnize it, create pull request for you .crt file into contrib/certificate/family.
-It will appear in i2pd and I2P next releases packages. Dont place .key file, it must be shared between you family members only.
-
-How to join existing family
----------------------------
-
-Once you and that family agree to do it, they must give you .key and .crt file and you must place in <i2pd datadir>/certificates/family/ folder.
-
-Publish your family
--------------------
-
-Run i2pd with parameter 'family=<your-family-name>', make sure you have <your-family-name>.key and <your-family-name>.crt in your 'family' folder.
-If everything is set properly, you router.info will contain two new fields: 'family' and 'family.sig'.
-Otherwise your router will complain on startup with log messages starting with "Family:" prefix and severity 'warn' or 'error'.

docs/hacking.md

@@ -1,114 +0,0 @@
-
-# Hacking on I2PD
-
-This document contains notes compiled from hacking on i2pd
-
-## prerequisites
-
-This guide assumes:
-
-* a decent understanding of c++ 
-* basic understanding of how i2p works at i2np level and up
-
-## general structure
-
-Notes on multithreading
-
-* every compontent runs in its own thread 
-
-* each component (usually) has a public function `GetService()` which can be used to obtain the `boost::asio::io_service` that it uses.
-
-* when talking between components/threads, **always** use `GetService().post()` and be mindfull of stack allocated memory.
-
-
-### NetDb
-
-#### NetDb.h
-
-The `i2p::data::netdb` is a `i2p::data::NetDb` instance processes and dispatches *inbound* i2np messages passed in from transports.
-
-global singleton at `i2p::data::netdb` as of 2.10.1
-
-#### NetDbRequests.h
-
-For Pending RouterInfo/LeaseSet lookup and store requests
-
-
-### ClientContext 
-
-#### ClientContext.h
-
-`i2p::client::ClientContext` spawns all destinations used by the i2p router including the shared local destination.
-
-global singleton at `i2p::client::context` as of 2.10.1
-
-
-
-### Daemon
-
-File: Daemon.cpp
-
-`i2p::util::Daemon_Singleton_Private` subclasses implement the daemon start-up and tear-down, creates Http Webui and i2p control server.
-
-
-
-
-### Destinations
-
-#### Destination.h
-
-each destination runs in its own thread
-
-##### i2p::client::LeaseSetDestination
-
-Base for `i2p::client::ClientDestination`
-
-##### i2p::client::ClientDestination
-
-Destination capable of creating (tcp/i2p) streams and datagram sessions.
-
-
-#### Streaming.h
-
-##### i2p::stream::StreamingDestination
-
-Does not implement any destination related members, the name is a bit misleading.
-
-Owns a `i2p::client::ClientDestination` and runs in the destination thread.
-
-Anyone creating or using streams outside of the destination thread **MUST** be aware of the consequences of multithreaded c++ :^)
-
-If you use streaming please consider running all code within the destination thread using `ClientDestination::GetService().post()`
-
-
-#### Garlic.h
-
-Provides Inter-Destination routing primatives.
-
-##### i2p::garlic::GarlicDestination
-
-sublcass of `i2p::client::LeaseSetDestination` for sending messages down shared routing paths.
-
-##### i2p::garlic::GarlicRoutingSession
-
-a point to point conversation between us and 1 other destination.
-
-##### i2p::garlic::GarlicRoutingPath
-
-A routing path currently used by a routing session. specifies which outbound tunnel to use and which remote lease set to use for `OBEP` to `IBGW` inter tunnel communication.
-
-members:
-
-* outboundTunnel (OBEP)
-* remoteLease (IBGW)
-* rtt (round trip time)
-* updatedTime (last time this path's IBGW/OBEP was updated)
-* numTimesUsesd (number of times this path was used)
-
-### Transports
-
-each transport runs in its own thread
-
-#### Transports.h
-
-`i2p::transport::Transports` contains NTCP and SSU transport instances

docs/index.rst

@@ -1,41 +0,0 @@
-i2pd
-====
-
-i2pd is a full-featured C++ implementation of 
-`I2P <https://geti2p.net/en/about/intro>`_ client.
-
-* `Website <http://i2pd.website>`_
-* `GitHub <https://github.com/PurpleI2P/i2pd>`_
-* `Wiki <https://github.com/PurpleI2P/i2pd/wiki>`_
-* `Tickets/Issues <https://github.com/PurpleI2P/i2pd/issues>`_
-* `Twitter <https://twitter.com/i2porignal>`_
-
-Installing
-----------
-
-The easiest way to install i2pd is by using 
-`precompiled binaries <https://github.com/PurpleI2P/i2pd/releases/latest>`_. 
-See documentation for how to build i2pd from source on your OS.
-
-Using i2pd
-----------
-
-See documentation and 
-`example config file <https://github.com/PurpleI2P/i2pd/blob/openssl/docs/i2pd.conf>`_.
-
-Contents:
----------
-
-.. toctree::
-   :maxdepth: 2
-
-   building/requirements
-   building/unix
-   building/windows
-   building/cross
-   building/android
-   building/ios
-   configuration
-   family
-   usage
-

docs/usage.md

@@ -1,171 +0,0 @@
-Usage and tutorials
-===================
-
-
-i2pd can be used for:
-
-* [anonymous websites](#browsing-and-hosting-websites)
-* [anonymous chats](#using-and-hosting-chat-servers)
-* [anonymous file sharing](#file-sharing)
-
-and many more.
-
-## Starting, stopping and reloading configuration
-
-After you have built i2pd from source, just run a binary:
-
-    ./i2pd
-
-To display all available options:
-
-    ./i2pd --help
-
-i2pd can be controlled with signals. Process ID by default is written to file `~/.i2pd/i2pd.pid` or `/var/run/i2pd/i2pd.pid`.
-You can use `kill` utility to send signals like this:
-
-    kill -INT $( cat /var/run/i2pd/i2pd.pid )
-
-i2pd supports the following signals:
-
-* INT - Graceful shutdown. i2pd will wait for 10 minutes and stop. Send second INT signal to shutdown i2pd immediately.
-* HUP - Reload configuration files.
-
-
-### systemd unit
-
-Some binary Linux packages have a systemd control unit, so it is possible to managage i2pd with it.
-
-Start/stop i2pd:
-
-    sudo systemctl start i2pd.service
-    sudo systemctl stop i2pd.service
-
-Enable/disable i2pd to be started on bootup:
-
-    sudo systemctl enable i2pd.service
-    sudo systemctl disable i2pd.service
-
-
-## Configuring i2pd
-
-See [configuration documentation](/page/configuration.html).
-
-
-## Browsing and hosting websites
-
-### Browse anonymous websites
-
-To browse anonymous websites inside Invisible Internet, configure your web browser to use HTTP proxy 127.0.0.1:4444 (available by default in i2pd).
-
-In Firefox: Preferences -> Advanced -> Network tab -> Connection Settings -> choose Manual proxy configuration, Enter HTTP proxy 127.0.0.1, Port 4444
-
-In Chromium: run chromium executable with key
-
-    chromium --proxy-server="http://127.0.0.1:4444"
-
-Note that if you wish to stay anonymous too you'll need to tune your browser for better privacy. Do your own research, [can start here](http://www.howtogeek.com/102032/how-to-optimize-mozilla-firefox-for-maximum-privacy/).
-
-Big list of Invisible Internet websites can be found at [identiguy.i2p](http://identiguy.i2p).
-
-### Host anonymous website
-
-
-If you wish to run your own website in Invisible Internet, follow those steps:
-
-1) Run your webserver and find out which host:port it uses (for example, 127.0.0.1:8080).
-
-2) Configure i2pd to create HTTP server tunnel. Put in your ~/.i2pd/tunnels.conf file:
-
-        [anon-website]
-        type = http
-        host = 127.0.0.1
-        port = 8080
-        keys = anon-website.dat
-
-3) Restart i2pd.
-
-4) Find b32 destination of your website.
-
-    Go to webconsole -> [I2P tunnels page](http://127.0.0.1:7070/?page=i2p_tunnels). Look for Sever tunnels and you will see address like \<long random string\>.b32.i2p next to anon-website.
-
-    Website is now available in Invisible Internet by visiting this address.
-
-5) (Optional) Register short and rememberable .i2p domain on [inr.i2p](http://inr.i2p).
-
-
-## Using and hosting chat servers
-
-### Running anonymous IRC server
-
-1) Run your IRC server software and find out which host:port it uses (for example, 127.0.0.1:5555).
-
-    For small private IRC servers you can use [miniircd](https://github.com/jrosdahl/miniircd), for large public networks [UnreadIRCd](https://www.unrealircd.org/).
-
-2) Configure i2pd to create IRC server tunnel.
-
-    Simplest case, if your server does not support WebIRC, add this to ~/.i2pd/tunnels.conf:
-
-        [anon-chatserver]
-        type = irc
-        host = 127.0.0.1     
-        port = 5555
-        keys = chatserver-key.dat
-
-    And that is it.
-
-    Alternatively, if your IRC server supports WebIRC, for example, UnreadIRCd, put this into UnrealIRCd config:
-
-        webirc {
-            mask 127.0.0.1;
-            password your_password;
-        };
-
-    Also change line:
-
-        modes-on-connect "+ixw";
-
-    to
-
-        modes-on-connect "+iw";
-
-    And this in ~/.i2pd/tunnels.conf:
-
-        [anon-chatserver]
-        type = irc
-        host = 127.0.0.1
-        port = 5555
-        keys = chatserver-key.dat
-        webircpassword = your_password
-
-3) Restart i2pd.
-
-4) Find b32 destination of your anonymous IRC server.
-
-    Go to webconsole -> [I2P tunnels page](http://127.0.0.1:7070/?page=i2p_tunnels). Look for Sever tunnels and you will see address like \<long random string\>.b32.i2p next to anon-chatserver.
-
-    Clients will use this address to connect to your server anonymously.
-
-### Connect to anonymous IRC server
-
-To connect to IRC server at *walker.i2p*, add this to ~/.i2pd/tunnels.conf:
-
-    [IRC2]
-    type = client
-    address = 127.0.0.1
-    port = 6669
-    destination = walker.i2p
-    #keys = walker-keys.dat
-
-Restart i2pd, then connect to irc://127.0.0.1:6669 with your IRC client.
-
-## File sharing
-
-You can share and download torrents with [Transmission-I2P](https://github.com/l-n-s/transmission-i2p).
-
-Alternative torrent-clients are [Robert](http://en.wikipedia.org/wiki/Robert_%28P2P_Software%29) and [Vuze](https://en.wikipedia.org/wiki/Vuze).
-
-Robert uses BOB protocol, i2pd must be run with parameter --bob.enabled=true.
-
-Vuze uses I2CP protocol, i2pd must be run with parameter --i2cp.enabled=true.
-
-Also, visit [postman tracker](http://tracker2.postman.i2p).

filelist.mk

@@ -1,17 +1,22 @@
-LIB_SRC = \
-  BloomFilter.cpp Gzip.cpp Crypto.cpp Datagram.cpp Garlic.cpp I2NPProtocol.cpp LeaseSet.cpp \
-  Log.cpp NTCPSession.cpp NetDb.cpp NetDbRequests.cpp Profiling.cpp \
-  Reseed.cpp RouterContext.cpp RouterInfo.cpp Signature.cpp SSU.cpp \
-  SSUSession.cpp SSUData.cpp Streaming.cpp Identity.cpp TransitTunnel.cpp \
-  Transports.cpp Tunnel.cpp TunnelEndpoint.cpp TunnelPool.cpp TunnelGateway.cpp \
-  Destination.cpp Base.cpp I2PEndian.cpp FS.cpp Config.cpp Family.cpp \
-  Config.cpp HTTP.cpp Timestamp.cpp util.cpp api.cpp Event.cpp
+#LIB_SRC = \
+#  BloomFilter.cpp Gzip.cpp Crypto.cpp Datagram.cpp Garlic.cpp I2NPProtocol.cpp LeaseSet.cpp \
+#  Log.cpp NTCPSession.cpp NetDb.cpp NetDbRequests.cpp Profiling.cpp \
+#  Reseed.cpp RouterContext.cpp RouterInfo.cpp Signature.cpp SSU.cpp \
+#  SSUSession.cpp SSUData.cpp Streaming.cpp Identity.cpp TransitTunnel.cpp \
+#  Transports.cpp Tunnel.cpp TunnelEndpoint.cpp TunnelPool.cpp TunnelGateway.cpp \
+#  Destination.cpp Base.cpp I2PEndian.cpp FS.cpp Config.cpp Family.cpp \
+#  Config.cpp HTTP.cpp Timestamp.cpp util.cpp api.cpp Event.cpp Gost.cpp
 
-LIB_CLIENT_SRC = \
-	AddressBook.cpp BOB.cpp ClientContext.cpp I2PTunnel.cpp I2PService.cpp \
-	SAM.cpp SOCKS.cpp HTTPProxy.cpp I2CP.cpp WebSocks.cpp
+LIB_SRC = $(wildcard $(LIB_SRC_DIR)/*.cpp)
+
+#LIB_CLIENT_SRC = \
+#	AddressBook.cpp BOB.cpp ClientContext.cpp I2PTunnel.cpp I2PService.cpp MatchedDestination.cpp \
+#	SAM.cpp SOCKS.cpp HTTPProxy.cpp I2CP.cpp WebSocks.cpp
+
+LIB_CLIENT_SRC = $(wildcard $(LIB_CLIENT_SRC_DIR)/*.cpp)
 
 # also: Daemon{Linux,Win32}.cpp will be added later
-DAEMON_SRC = \
-	HTTPServer.cpp I2PControl.cpp UPnP.cpp Daemon.cpp i2pd.cpp
+#DAEMON_SRC = \
+#	HTTPServer.cpp I2PControl.cpp UPnP.cpp Daemon.cpp i2pd.cpp
 
+DAEMON_SRC = $(wildcard $(DAEMON_SRC_DIR)/*.cpp)

libi2pd/Config.cpp

@@ -48,21 +48,23 @@ namespace config {
       ("port",      value<uint16_t>()->default_value(0),                "Port to listen for incoming connections (default: auto)")
       ("ipv4",      value<bool>()->zero_tokens()->default_value(true),  "Enable communication through ipv4")
       ("ipv6",      value<bool>()->zero_tokens()->default_value(false), "Enable communication through ipv6")
-	  ("netid",		value<int>()->default_value(I2PD_NET_ID), "Specify NetID. Main I2P is 2") 	
+	  ("netid",		value<int>()->default_value(I2PD_NET_ID), "Specify NetID. Main I2P is 2")
       ("daemon",    value<bool>()->zero_tokens()->default_value(false), "Router will go to background after start")
       ("service",   value<bool>()->zero_tokens()->default_value(false), "Router will use system folders like '/var/lib/i2pd'")
       ("notransit", value<bool>()->zero_tokens()->default_value(false), "Router will not accept transit tunnels at startup")
       ("floodfill", value<bool>()->zero_tokens()->default_value(false), "Router will be floodfill")
-      ("bandwidth", value<std::string>()->default_value(""), "Bandwidth limit: integer in kbps or letters: L (32), O (256), P (2048), X (>9000)")
+      ("bandwidth", value<std::string>()->default_value(""), "Bandwidth limit: integer in KBps or letters: L (32), O (256), P (2048), X (>9000)")
+	  ("share",	value<int>()->default_value(100), "Limit of transit traffic from max bandwidth in percents. (default: 100")
       ("ntcp", value<bool>()->zero_tokens()->default_value(true), "Enable NTCP transport")
       ("ssu", value<bool>()->zero_tokens()->default_value(true), "Enable SSU transport")
+			("ntcpproxy", value<std::string>()->default_value(""), "proxy url for ntcp transport")
 #ifdef _WIN32
       ("svcctl",    value<std::string>()->default_value(""),     "Windows service management ('install' or 'remove')")
       ("insomnia", value<bool>()->zero_tokens()->default_value(false), "Prevent system from sleeping")
       ("close", value<std::string>()->default_value("ask"), "Action on close: minimize, exit, ask") // TODO: add custom validator or something
 #endif
       ;
-		
+
     options_description limits("Limits options");
     limits.add_options()
       ("limits.coresize",         value<uint32_t>()->default_value(0),    "Maximum size of corefile in Kb (0 - use system limit)")
@@ -86,14 +88,15 @@ namespace config {
       ("httpproxy.address",   value<std::string>()->default_value("127.0.0.1"),           "HTTP Proxy listen address")
       ("httpproxy.port",      value<uint16_t>()->default_value(4444),                     "HTTP Proxy listen port")
       ("httpproxy.keys",      value<std::string>()->default_value(""),  "File to persist HTTP Proxy keys")
-	  ("httpproxy.signaturetype",      value<i2p::data::SigningKeyType>()->default_value(i2p::data::SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519), "Signature type for new keys. 7 (EdDSA) by default")	
-	  ("httpproxy.inbound.length",      value<std::string>()->default_value("3"),  "HTTP proxy inbound tunnel length")	
+	  ("httpproxy.signaturetype",      value<i2p::data::SigningKeyType>()->default_value(i2p::data::SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519), "Signature type for new keys. 7 (EdDSA) by default")
+	  ("httpproxy.inbound.length",      value<std::string>()->default_value("3"),  "HTTP proxy inbound tunnel length")
 	  ("httpproxy.outbound.length",     value<std::string>()->default_value("3"),  "HTTP proxy outbound tunnel length")
-	  ("httpproxy.inbound.quantity",    value<std::string>()->default_value("5"),  "HTTP proxy inbound tunnels quantity")	
+	  ("httpproxy.inbound.quantity",    value<std::string>()->default_value("5"),  "HTTP proxy inbound tunnels quantity")
 	  ("httpproxy.outbound.quantity",   value<std::string>()->default_value("5"),  "HTTP proxy outbound tunnels quantity")
-	  ("httpproxy.latency.min",    value<std::string>()->default_value("0"),  "HTTP proxy min latency for tunnels")	
+	  ("httpproxy.latency.min",    value<std::string>()->default_value("0"),  "HTTP proxy min latency for tunnels")
 	  ("httpproxy.latency.max",   value<std::string>()->default_value("0"),  "HTTP proxy max latency for tunnels")
 			("httpproxy.outproxy", value<std::string>()->default_value(""), "HTTP proxy upstream out proxy url")
+	  ("httpproxy.addresshelper",   value<bool>()->default_value(true),                         "Enable or disable addresshelper")
       ;
 
     options_description socksproxy("SOCKS Proxy options");
@@ -102,20 +105,20 @@ namespace config {
       ("socksproxy.address",  value<std::string>()->default_value("127.0.0.1"),           "SOCKS Proxy listen address")
       ("socksproxy.port",     value<uint16_t>()->default_value(4447),                     "SOCKS Proxy listen port")
       ("socksproxy.keys",     value<std::string>()->default_value(""), "File to persist SOCKS Proxy keys")
-	  ("socksproxy.signaturetype",      value<i2p::data::SigningKeyType>()->default_value(i2p::data::SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519), "Signature type for new keys. 7 (EdDSA) by default")	
-      ("socksproxy.inbound.length",      value<std::string>()->default_value("3"),  "SOCKS proxy inbound tunnel length")	
+	  ("socksproxy.signaturetype",      value<i2p::data::SigningKeyType>()->default_value(i2p::data::SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519), "Signature type for new keys. 7 (EdDSA) by default")
+      ("socksproxy.inbound.length",      value<std::string>()->default_value("3"),  "SOCKS proxy inbound tunnel length")
 	  ("socksproxy.outbound.length",     value<std::string>()->default_value("3"),  "SOCKS proxy outbound tunnel length")
-	  ("socksproxy.inbound.quantity",    value<std::string>()->default_value("5"),  "SOCKS proxy inbound tunnels quantity")	
+	  ("socksproxy.inbound.quantity",    value<std::string>()->default_value("5"),  "SOCKS proxy inbound tunnels quantity")
 	  ("socksproxy.outbound.quantity",   value<std::string>()->default_value("5"),  "SOCKS proxy outbound tunnels quantity")
-	  ("socksproxy.latency.min",    value<std::string>()->default_value("0"),  "SOCKS proxy min latency for tunnels")	
-	  ("socksproxy.latency.max",   value<std::string>()->default_value("0"),  "SOCKS proxy max latency for tunnels")	
+	  ("socksproxy.latency.min",    value<std::string>()->default_value("0"),  "SOCKS proxy min latency for tunnels")
+	  ("socksproxy.latency.max",   value<std::string>()->default_value("0"),  "SOCKS proxy max latency for tunnels")
 	  ("socksproxy.outproxy", value<std::string>()->default_value("127.0.0.1"), "Upstream outproxy address for SOCKS Proxy")
       ("socksproxy.outproxyport", value<uint16_t>()->default_value(9050), "Upstream outproxy port for SOCKS Proxy")
       ;
 
     options_description sam("SAM bridge options");
     sam.add_options()
-      ("sam.enabled",         value<bool>()->default_value(false),                        "Enable or disable SAM Application bridge")
+      ("sam.enabled",         value<bool>()->default_value(true),                        "Enable or disable SAM Application bridge")
       ("sam.address",         value<std::string>()->default_value("127.0.0.1"),           "SAM listen address")
       ("sam.port",            value<uint16_t>()->default_value(7656),                     "SAM listen port")
       ;
@@ -146,26 +149,26 @@ namespace config {
 
 	bool upnp_default = false;
 #if (defined(USE_UPNP) && (defined(WIN32_APP) || defined(ANDROID)))
-	upnp_default = true; // enable UPNP for windows GUI and android by default	
+	upnp_default = true; // enable UPNP for windows GUI and android by default
 #endif
   	options_description upnp("UPnP options");
   	upnp.add_options()
     ("upnp.enabled",  value<bool>()->default_value(upnp_default),             "Enable or disable UPnP: automatic port forwarding")
-	("upnp.name", value<std::string>()->default_value("I2Pd"), "Name i2pd appears in UPnP forwardings list") 
+	("upnp.name", value<std::string>()->default_value("I2Pd"), "Name i2pd appears in UPnP forwardings list")
     ;
 
 	options_description precomputation("Precomputation options");
-	precomputation.add_options()  
-	  ("precomputation.elgamal",  
-#if defined(__x86_64__)	   
-	   value<bool>()->default_value(false),   
+	precomputation.add_options()
+	  ("precomputation.elgamal",
+#if defined(__x86_64__)
+	   value<bool>()->default_value(false),
 #else
-	   value<bool>()->default_value(true),  
-#endif	   
+	   value<bool>()->default_value(true),
+#endif
 	   "Enable or disable elgamal precomputation table")
 	  ;
-	
-	options_description reseed("Reseed options");	
+
+	options_description reseed("Reseed options");
 	reseed.add_options()
 	  ("reseed.verify", value<bool>()->default_value(false), "Verify .su3 signature")
 	  ("reseed.threshold", value<uint16_t>()->default_value(25), "Minimum number of known routers before requesting reseed")
@@ -186,15 +189,16 @@ namespace config {
 	    "https://reseed.memcpy.io/,"
 	    "https://reseed.onion.im/,"
 	    "https://itoopie.atomike.ninja/"
+//		"https://randomrng.ddns.net/"	   // dead
 		),  "Reseed URLs, separated by comma")
-	  ;	
+	  ;
 
   	options_description addressbook("AddressBook options");
   	addressbook.add_options()
       ("addressbook.defaulturl", value<std::string>()->default_value(
                 "http://joajgazyztfssty4w2on5oaqksz6tqoxbduy553y34mf4byv6gpq.b32.i2p/export/alive-hosts.txt"
                 ), "AddressBook subscription URL for initial setup")
-      ("addressbook.subscriptions", value<std::string>()->default_value(""), 
+      ("addressbook.subscriptions", value<std::string>()->default_value(""),
                 "AddressBook subscriptions URLs, separated by comma");
 
   	options_description trust("Trust options");
@@ -203,44 +207,60 @@ namespace config {
       ("trust.family", value<std::string>()->default_value(""), "Router Familiy to trust for first hops")
 			("trust.routers", value<std::string>()->default_value(""), "Only Connect to these routers")
       ("trust.hidden", value<bool>()->default_value(false), "Should we hide our router from other routers?");
-		
+
     options_description websocket("Websocket Options");
     websocket.add_options()
       ("websockets.enabled", value<bool>()->default_value(false), "enable websocket server")
       ("websockets.address", value<std::string>()->default_value("127.0.0.1"), "address to bind websocket server on")
       ("websockets.port", value<uint16_t>()->default_value(7666), "port to bind websocket server on");
 
+	options_description exploratory("Exploratory Options");
+	exploratory.add_options()
+	  ("exploratory.inbound.length",      value<int>()->default_value(2),  "Exploratory inbound tunnel length")
+	  ("exploratory.outbound.length",     value<int>()->default_value(2),  "Exploratory outbound tunnel length")
+	  ("exploratory.inbound.quantity",    value<int>()->default_value(3),  "Exploratory inbound tunnels quantity")
+	  ("exploratory.outbound.quantity",   value<int>()->default_value(3),  "Exploratory outbound tunnels quantity");
+
     m_OptionsDesc
       .add(general)
-	  .add(limits)	
+	  .add(limits)
       .add(httpserver)
       .add(httpproxy)
       .add(socksproxy)
       .add(sam)
       .add(bob)
-	  .add(i2cp)	
+	  .add(i2cp)
       .add(i2pcontrol)
       .add(upnp)
 	  .add(precomputation)
-	  .add(reseed) 
-      .add(addressbook)	
+	  .add(reseed)
+      .add(addressbook)
       .add(trust)
       .add(websocket)
+	  .add(exploratory)
       ;
   }
 
-  void ParseCmdline(int argc, char* argv[]) {
-    try {
+  void ParseCmdline(int argc, char* argv[], bool ignoreUnknown)
+  {
+    try
+	{
       auto style = boost::program_options::command_line_style::unix_style
                  | boost::program_options::command_line_style::allow_long_disguise;
       style &=   ~ boost::program_options::command_line_style::allow_guessing;
-      store(parse_command_line(argc, argv, m_OptionsDesc, style), m_Options);
-    } catch (boost::program_options::error& e) {
+	  if (ignoreUnknown)
+	  	store(command_line_parser(argc, argv).options(m_OptionsDesc).style (style).allow_unregistered().run(), m_Options);
+	  else
+      	store(parse_command_line(argc, argv, m_OptionsDesc, style), m_Options);
+    }
+	catch (boost::program_options::error& e)
+	{
       std::cerr << "args: " << e.what() << std::endl;
       exit(EXIT_FAILURE);
     }
 
-    if (m_Options.count("help") || m_Options.count("h")) {
+    if (!ignoreUnknown && (m_Options.count("help") || m_Options.count("h")))
+	{
       std::cout << "i2pd version " << I2PD_VERSION << " (" << I2P_VERSION << ")" << std::endl;
       std::cout << m_OptionsDesc;
       exit(EXIT_SUCCESS);
@@ -252,17 +272,17 @@ namespace config {
 
     std::ifstream config(path, std::ios::in);
 
-    if (!config.is_open()) 
+    if (!config.is_open())
 	{
       std::cerr << "missing/unreadable config file: " << path << std::endl;
       exit(EXIT_FAILURE);
     }
 
-    try 
+    try
 	{
 		store(boost::program_options::parse_config_file(config, m_OptionsDesc), m_Options);
-    } 
-	catch (boost::program_options::error& e) 
+    }
+	catch (boost::program_options::error& e)
 	{
       std::cerr << e.what() << std::endl;
       exit(EXIT_FAILURE);

libi2pd/Config.h

@@ -41,7 +41,7 @@ namespace config {
    *
    * Other exceptions will be passed to higher level.
    */
-  void ParseCmdline(int argc, char* argv[]);
+  void ParseCmdline(int argc, char* argv[], bool ignoreUnknown = false);
 
   /**
    * @brief  Load and parse given config file

libi2pd/Crypto.cpp

@@ -272,11 +272,15 @@ namespace crypto
 	}	
 	
 // ElGamal
-	void ElGamalEncrypt (const uint8_t * key, const uint8_t * data, uint8_t * encrypted, bool zeroPadding)
+	void ElGamalEncrypt (const uint8_t * key, const uint8_t * data, uint8_t * encrypted, BN_CTX * ctx, bool zeroPadding)
 	{
-		BN_CTX * ctx = BN_CTX_new ();
+		BN_CTX_start (ctx);
+		// everything, but a, because a might come from table	
+		BIGNUM * k = BN_CTX_get (ctx);
+		BIGNUM * y = BN_CTX_get (ctx);
+		BIGNUM * b1 = BN_CTX_get (ctx);
+		BIGNUM * b = BN_CTX_get (ctx);
 		// select random k
-		BIGNUM * k = BN_new ();
 #if defined(__x86_64__)
 		BN_rand (k, ELGAMAL_FULL_EXPONENT_NUM_BITS, -1, 1); // full exponent for x64
 #else
@@ -292,23 +296,18 @@ namespace crypto
 			BN_mod_exp (a, elgg, k, elgp, ctx);
 		}
 
-		BIGNUM * y = BN_new ();
+		// restore y from key
 		BN_bin2bn (key, 256, y);
 		// calculate b1
-		BIGNUM * b1 = BN_new ();
 		BN_mod_exp (b1, y, k, elgp, ctx);
-		BN_free (y);
-		BN_free (k);
 		// create m
 		uint8_t m[255];
 		m[0] = 0xFF;
 		memcpy (m+33, data, 222);
 		SHA256 (m+33, 222, m+1);
 		// calculate b = b1*m mod p
-		BIGNUM * b = BN_new ();
 		BN_bin2bn (m, 255, b);
 		BN_mod_mul (b, b1, b, elgp, ctx);
-		BN_free (b1);
 		// copy a and b
 		if (zeroPadding)
 		{
@@ -322,16 +321,15 @@ namespace crypto
 			bn2buf (a, encrypted, 256);
 			bn2buf (b, encrypted + 256, 256);
 		}		
-		BN_free (b);
 		BN_free (a);
-		BN_CTX_free (ctx);
+		BN_CTX_end (ctx);
 	}
 
 	bool ElGamalDecrypt (const uint8_t * key, const uint8_t * encrypted, 
-		uint8_t * data, bool zeroPadding)
+		uint8_t * data, BN_CTX * ctx, bool zeroPadding)
 	{
-		BN_CTX * ctx = BN_CTX_new ();
-		BIGNUM * x = BN_new (), * a = BN_new (), * b = BN_new ();
+		BN_CTX_start (ctx);
+		BIGNUM * x = BN_CTX_get (ctx), * a = BN_CTX_get (ctx), * b = BN_CTX_get (ctx);
 		BN_bin2bn (key, 256, x);
 		BN_sub (x, elgp, x); BN_sub_word (x, 1); // x = elgp - x- 1
 		BN_bin2bn (zeroPadding ? encrypted + 1 : encrypted, 256, a);
@@ -341,8 +339,7 @@ namespace crypto
 		BN_mod_mul (b, b, x, elgp, ctx);	
 		uint8_t m[255];
 		bn2buf (b, m, 255); 
-		BN_free (x); BN_free (a); BN_free (b); 
-		BN_CTX_free (ctx);
+		BN_CTX_end (ctx);
 		uint8_t hash[32];
 		SHA256 (m + 33, 222, hash);
 		if (memcmp (m + 1, hash, 32))
@@ -801,6 +798,7 @@ namespace crypto
 		}	
 	}*/
 	
+
 	void InitCrypto (bool precomputation)
 	{
 		SSL_library_init ();

libi2pd/Crypto.h

@@ -12,6 +12,7 @@
 #include <openssl/sha.h>
 #include <openssl/evp.h>
 #include <openssl/rand.h>
+#include <openssl/engine.h>
 
 #include "Base.h"
 #include "Tag.h"
@@ -47,8 +48,8 @@ namespace crypto
 	};	
 	
 	// ElGamal
-	void ElGamalEncrypt (const uint8_t * key, const uint8_t * data, uint8_t * encrypted, bool zeroPadding = false);
-	bool ElGamalDecrypt (const uint8_t * key, const uint8_t * encrypted, uint8_t * data, bool zeroPadding = false);
+	void ElGamalEncrypt (const uint8_t * key, const uint8_t * data, uint8_t * encrypted, BN_CTX * ctx, bool zeroPadding = false);
+	bool ElGamalDecrypt (const uint8_t * key, const uint8_t * encrypted, uint8_t * data, BN_CTX * ctx, bool zeroPadding = false);
 	void GenerateElGamalKeyPair (uint8_t * priv, uint8_t * pub);
 
 	// HMAC
@@ -277,7 +278,7 @@ namespace crypto
 			CBCDecryption m_LayerDecryption;
 #endif
 	};	
-
+	
 	void InitCrypto (bool precomputation);
 	void TerminateCrypto ();
 }		
@@ -288,13 +289,26 @@ namespace crypto
 #if (OPENSSL_VERSION_NUMBER < 0x010100000) || defined(LIBRESSL_VERSION_NUMBER) // 1.1.0 or LibreSSL
 // define getters and setters introduced in 1.1.0
 inline int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) 
-	{ d->p = p; d->q = q; d->g = g; return 1; }
+	{ 
+		if (d->p) BN_free (d->p);
+		if (d->q) BN_free (d->q);
+		if (d->g) BN_free (d->g);
+		d->p = p; d->q = q; d->g = g; return 1; 
+	}
 inline int DSA_set0_key(DSA *d, BIGNUM *pub_key, BIGNUM *priv_key) 
-	{ d->pub_key = pub_key; d->priv_key = priv_key; return 1; } 
+	{ 
+		if (d->pub_key) BN_free (d->pub_key);
+		if (d->priv_key) BN_free (d->priv_key);
+		d->pub_key = pub_key; d->priv_key = priv_key; return 1; 
+	} 
 inline void DSA_get0_key(const DSA *d, const BIGNUM **pub_key, const BIGNUM **priv_key) 
 	{ *pub_key = d->pub_key; *priv_key = d->priv_key; }
 inline int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s) 
-	{ sig->r = r; sig->s = s; return 1; }
+	{ 
+		if (sig->r) BN_free (sig->r);
+		if (sig->s) BN_free (sig->s);
+		sig->r = r; sig->s = s; return 1; 
+	}
 inline void DSA_SIG_get0(const DSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps) 
 	{ *pr = sig->r; *ps = sig->s; }
 
@@ -308,12 +322,22 @@ inline void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM
 	{ *pr = sig->r; *ps = sig->s; }
 
 inline int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d) 
-	{ r->n = n; r->e = e; r->d = d; return 1; }
+	{
+		if (r->n) BN_free (r->n);
+		if (r->e) BN_free (r->e);
+		if (r->d) BN_free (r->d);
+		r->n = n; r->e = e; r->d = d; return 1; 
+	}
 inline void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
 	{ *n = r->n; *e = r->e; *d = r->d; }
 
 inline int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
-	{ dh->p = p; dh->q = q; dh->g = g;  return 1; }
+	{ 
+		if (dh->p) BN_free (dh->p);
+		if (dh->q) BN_free (dh->q);
+		if (dh->g) BN_free (dh->g);
+		dh->p = p; dh->q = q; dh->g = g;  return 1; 
+	}
 inline int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key)
 	{ 
 		if (dh->pub_key) BN_free (dh->pub_key); 
@@ -326,6 +350,11 @@ inline void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **pri
 inline RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey)
 	{ return pkey->pkey.rsa; }
 
+inline EVP_MD_CTX *EVP_MD_CTX_new ()
+	{ return EVP_MD_CTX_create(); }
+inline void EVP_MD_CTX_free (EVP_MD_CTX *ctx)
+	{ EVP_MD_CTX_destroy (ctx); }
+
 // ssl
 #define TLS_method TLSv1_method
 

libi2pd/Datagram.cpp

@@ -255,9 +255,11 @@ namespace datagram
 			}
 			if(m_CurrentRemoteLease && m_CurrentRemoteLease->ExpiresWithin(DATAGRAM_SESSION_LEASE_HANDOVER_WINDOW)) {
 				// bad lease, switch to next one
+				if(m_RemoteLeaseSet && m_RemoteLeaseSet->IsExpired())
+					m_RemoteLeaseSet = m_LocalDestination->FindLeaseSet(m_RemoteIdent);
 				if(m_RemoteLeaseSet) {
 					auto ls = m_RemoteLeaseSet->GetNonExpiredLeasesExcluding([&](const i2p::data::Lease& l) -> bool {
-							return l.tunnelGateway == m_CurrentRemoteLease->tunnelGateway;
+							return l.tunnelID == m_CurrentRemoteLease->tunnelID;
 					});
 					auto sz = ls.size();
 					if (sz) {
@@ -278,7 +280,7 @@ namespace datagram
 				m_CurrentOutboundTunnel = m_LocalDestination->GetTunnelPool()->GetNextOutboundTunnel(m_CurrentOutboundTunnel);
 			}
 			// switch lease if bad
-			if(m_CurrentRemoteLease == nullptr || m_CurrentRemoteLease->ExpiresWithin(DATAGRAM_SESSION_LEASE_HANDOVER_WINDOW)) {
+			if(m_CurrentRemoteLease && m_CurrentRemoteLease->ExpiresWithin(DATAGRAM_SESSION_LEASE_HANDOVER_WINDOW)) {
 				if(!m_RemoteLeaseSet) {
 					m_RemoteLeaseSet = m_LocalDestination->FindLeaseSet(m_RemoteIdent);
 				}
@@ -299,6 +301,17 @@ namespace datagram
 					LogPrint(eLogWarning, "DatagramSession: no remote lease set found for ", m_RemoteIdent.ToBase32());
 					return nullptr;
 				}
+			} else if (!m_CurrentRemoteLease) {
+				if(!m_RemoteLeaseSet) m_RemoteLeaseSet = m_LocalDestination->FindLeaseSet(m_RemoteIdent);
+				if (m_RemoteLeaseSet)
+				{
+					auto ls = m_RemoteLeaseSet->GetNonExpiredLeases();
+					auto sz = ls.size();
+					if (sz) {
+						auto idx = rand() % sz;
+						m_CurrentRemoteLease = ls[idx];
+					}
+				}
 			}
 			path->outboundTunnel = m_CurrentOutboundTunnel;
 			path->remoteLease = m_CurrentRemoteLease;
@@ -346,7 +359,7 @@ namespace datagram
 
 	void DatagramSession::ScheduleFlushSendQueue()
 	{
-		boost::posix_time::milliseconds dlt(100);
+		boost::posix_time::milliseconds dlt(10);
 		m_SendQueueTimer.expires_from_now(dlt);
 		auto self = shared_from_this();
 		m_SendQueueTimer.async_wait([self](const boost::system::error_code & ec) { if(ec) return; self->FlushSendQueue(); });

libi2pd/Datagram.h

@@ -19,28 +19,28 @@ namespace client
 }
 namespace datagram
 {
-	// milliseconds for max session idle time 
+	// milliseconds for max session idle time
 	const uint64_t DATAGRAM_SESSION_MAX_IDLE = 10 * 60 * 1000;
 	// milliseconds for how long we try sticking to a dead routing path before trying to switch
 	const uint64_t DATAGRAM_SESSION_PATH_TIMEOUT = 10 * 1000;
 	// milliseconds interval a routing path is used before switching
 	const uint64_t DATAGRAM_SESSION_PATH_SWITCH_INTERVAL = 20 * 60 * 1000;
 	// milliseconds before lease expire should we try switching leases
-	const uint64_t DATAGRAM_SESSION_LEASE_HANDOVER_WINDOW = 10 * 1000;
+	const uint64_t DATAGRAM_SESSION_LEASE_HANDOVER_WINDOW = 30 * 1000;
 	// milliseconds fudge factor for leases handover
 	const uint64_t DATAGRAM_SESSION_LEASE_HANDOVER_FUDGE = 1000;
 	// milliseconds minimum time between path switches
 	const uint64_t DATAGRAM_SESSION_PATH_MIN_LIFETIME = 5 * 1000;
   // max 64 messages buffered in send queue for each datagram session
   const size_t DATAGRAM_SEND_QUEUE_MAX_SIZE = 64;
-	
+
 	class DatagramSession : public std::enable_shared_from_this<DatagramSession>
 	{
 	public:
 		DatagramSession(i2p::client::ClientDestination * localDestination, const i2p::data::IdentHash & remoteIdent);
 
 		void Start ();
-		void Stop ();	
+		void Stop ();
 
 
     /** @brief ack the garlic routing path */
@@ -56,7 +56,7 @@ namespace datagram
 			std::shared_ptr<const i2p::data::IdentHash> IBGW;
 			std::shared_ptr<const i2p::data::IdentHash> OBEP;
 			const uint64_t activity;
- 
+
 			Info() : IBGW(nullptr), OBEP(nullptr), activity(0) {}
 			Info(const uint8_t * ibgw, const uint8_t * obep, const uint64_t a) :
 				activity(a) {
@@ -77,7 +77,7 @@ namespace datagram
     void HandleSend(std::shared_ptr<I2NPMessage> msg);
 
     std::shared_ptr<i2p::garlic::GarlicRoutingPath> GetSharedRoutingPath();
-    
+
     void HandleLeaseSetUpdated(std::shared_ptr<i2p::data::LeaseSet> ls);
 
 	private:
@@ -95,16 +95,16 @@ namespace datagram
 
 	typedef std::shared_ptr<DatagramSession> DatagramSession_ptr;
 
-	const size_t MAX_DATAGRAM_SIZE = 32768;	 
+	const size_t MAX_DATAGRAM_SIZE = 32768;
 	class DatagramDestination
 	{
 		typedef std::function<void (const i2p::data::IdentityEx& from, uint16_t fromPort, uint16_t toPort, const uint8_t * buf, size_t len)> Receiver;
 
 		public:
 
-    
-			DatagramDestination (std::shared_ptr<i2p::client::ClientDestination> owner);
-			~DatagramDestination ();	
+
+    DatagramDestination (std::shared_ptr<i2p::client::ClientDestination> owner);
+			~DatagramDestination ();
 
     	void SendDatagramTo (const uint8_t * payload, size_t len, const i2p::data::IdentHash & ident, uint16_t fromPort = 0, uint16_t toPort = 0);
 			void HandleDataMessagePayload (uint16_t fromPort, uint16_t toPort, const uint8_t * buf, size_t len);
@@ -116,21 +116,21 @@ namespace datagram
 			void ResetReceiver (uint16_t port) { std::lock_guard<std::mutex> lock(m_ReceiversMutex); m_ReceiversByPorts.erase (port); };
 
 			std::shared_ptr<DatagramSession::Info> GetInfoForRemote(const i2p::data::IdentHash & remote);
-		
+
 			// clean up stale sessions
 			void CleanUp ();
 
 		private:
-						
+
     std::shared_ptr<DatagramSession> ObtainSession(const i2p::data::IdentHash & ident);
-			
+
 			std::shared_ptr<I2NPMessage> CreateDataMessage (const uint8_t * payload, size_t len, uint16_t fromPort, uint16_t toPort);
 
 			void HandleDatagram (uint16_t fromPort, uint16_t toPort, uint8_t *const& buf, size_t len);
 
 			/** find a receiver by port, if none by port is found try default receiever, otherwise returns nullptr */
 			Receiver FindReceiver(uint16_t port);
-			
+
 		private:
 			i2p::client::ClientDestination * m_Owner;
 			i2p::data::IdentityEx m_Identity;
@@ -142,9 +142,8 @@ namespace datagram
 
 			i2p::data::GzipInflator m_Inflator;
 			i2p::data::GzipDeflator m_Deflator;
-	};		
+	};
 }
 }
 
 #endif
-

libi2pd/Destination.cpp

@@ -4,7 +4,7 @@
 #include "Log.h"
 #include "FS.h"
 #include "Timestamp.h"
-#include "NetDb.h"
+#include "NetDb.hpp"
 #include "Destination.h"
 #include "util.h"
 
@@ -110,6 +110,7 @@ namespace client
 	{	
 		if (!m_IsRunning)
 		{	
+			LoadTags ();
 			m_IsRunning = true;
 			m_Pool->SetLocalDestination (shared_from_this ());
 			m_Pool->SetActive (true);	
@@ -145,6 +146,7 @@ namespace client
 				delete m_Thread;
 				m_Thread = 0;
 			}	
+			SaveTags ();
 			CleanUp (); // GarlicDestination
 			return true;
 		}	

libi2pd/Destination.h

@@ -17,7 +17,7 @@
 #include "Crypto.h"
 #include "LeaseSet.h"
 #include "Garlic.h"
-#include "NetDb.h"
+#include "NetDb.hpp"
 #include "Streaming.h"
 #include "Datagram.h"
 
@@ -27,16 +27,16 @@ namespace client
 {
 	const uint8_t PROTOCOL_TYPE_STREAMING = 6;
 	const uint8_t PROTOCOL_TYPE_DATAGRAM = 17;
-	const uint8_t PROTOCOL_TYPE_RAW = 18;	
+	const uint8_t PROTOCOL_TYPE_RAW = 18;
 	const int PUBLISH_CONFIRMATION_TIMEOUT = 5; // in seconds
 	const int PUBLISH_VERIFICATION_TIMEOUT = 10; // in seconds after successfull publish
-	const int PUBLISH_MIN_INTERVAL = 20; // in seconds 
-	const int PUBLISH_REGULAR_VERIFICATION_INTERNAL = 100; // in seconds periodically	
+	const int PUBLISH_MIN_INTERVAL = 20; // in seconds
+	const int PUBLISH_REGULAR_VERIFICATION_INTERNAL = 100; // in seconds periodically
 	const int LEASESET_REQUEST_TIMEOUT = 5; // in seconds
 	const int MAX_LEASESET_REQUEST_TIMEOUT = 40; // in seconds
-	const int DESTINATION_CLEANUP_TIMEOUT = 3; // in minutes 
+	const int DESTINATION_CLEANUP_TIMEOUT = 3; // in minutes
 	const unsigned int MAX_NUM_FLOODFILLS_PER_REQUEST = 7;
-	
+
 	// I2CP
 	const char I2CP_PARAM_INBOUND_TUNNEL_LENGTH[] = "inbound.length";
 	const int DEFAULT_INBOUND_TUNNEL_LENGTH = 3;
@@ -56,7 +56,7 @@ namespace client
 	const int DEFAULT_MIN_TUNNEL_LATENCY = 0;
 	const char I2CP_PARAM_MAX_TUNNEL_LATENCY[] = "latency.max";
 	const int DEFAULT_MAX_TUNNEL_LATENCY = 0;
-	
+
 	typedef std::function<void (std::shared_ptr<i2p::stream::Stream> stream)> StreamRequestComplete;
 
 	class LeaseSetDestination: public i2p::garlic::GarlicDestination,
@@ -78,24 +78,24 @@ namespace client
 			{
 				for (auto& it: requestComplete) it (ls);
 				requestComplete.clear ();
-			}	
-		};	
-		
-		
+			}
+		};
+
+
 		public:
 
 			LeaseSetDestination (bool isPublic, const std::map<std::string, std::string> * params = nullptr);
-			~LeaseSetDestination ();	
+			~LeaseSetDestination ();
 
 			virtual bool Start ();
 			virtual bool Stop ();
 			bool IsRunning () const { return m_IsRunning; };
 			boost::asio::io_service& GetService () { return m_Service; };
-			std::shared_ptr<i2p::tunnel::TunnelPool> GetTunnelPool () { return m_Pool; }; 
+			std::shared_ptr<i2p::tunnel::TunnelPool> GetTunnelPool () { return m_Pool; };
 			bool IsReady () const { return m_LeaseSet && !m_LeaseSet->IsExpired () && m_Pool->GetOutboundTunnels ().size () > 0; };
 			std::shared_ptr<const i2p::data::LeaseSet> FindLeaseSet (const i2p::data::IdentHash& ident);
 			bool RequestDestination (const i2p::data::IdentHash& dest, RequestComplete requestComplete = nullptr);
-			void CancelDestinationRequest (const i2p::data::IdentHash& dest, bool notify = true);	
+			void CancelDestinationRequest (const i2p::data::IdentHash& dest, bool notify = true);
 
 			// implements GarlicDestination
 			std::shared_ptr<const i2p::data::LocalLeaseSet> GetLeaseSet ();
@@ -105,7 +105,7 @@ namespace client
 			// override GarlicDestination
 			bool SubmitSessionKey (const uint8_t * key, const uint8_t * tag);
 			void ProcessGarlicMessage (std::shared_ptr<I2NPMessage> msg);
-			void ProcessDeliveryStatusMessage (std::shared_ptr<I2NPMessage> msg);	
+			void ProcessDeliveryStatusMessage (std::shared_ptr<I2NPMessage> msg);
 			void SetLeaseSetUpdated ();
 
 		protected:
@@ -115,10 +115,10 @@ namespace client
 			// I2CP
 			virtual void HandleDataMessage (const uint8_t * buf, size_t len) = 0;
 			virtual void CreateNewLeaseSet (std::vector<std::shared_ptr<i2p::tunnel::InboundTunnel> > tunnels) = 0;
-			
+
 		private:
-				
-			void Run ();			
+
+			void Run ();
 			void UpdateLeaseSet ();
 			void Publish ();
 			void HandlePublishConfirmationTimer (const boost::system::error_code& ecode);
@@ -126,18 +126,18 @@ namespace client
 			void HandlePublishDelayTimer (const boost::system::error_code& ecode);
 			void HandleDatabaseStoreMessage (const uint8_t * buf, size_t len);
 			void HandleDatabaseSearchReplyMessage (const uint8_t * buf, size_t len);
-			void HandleDeliveryStatusMessage (std::shared_ptr<I2NPMessage> msg);		
+			void HandleDeliveryStatusMessage (std::shared_ptr<I2NPMessage> msg);
 
 			void RequestLeaseSet (const i2p::data::IdentHash& dest, RequestComplete requestComplete);
-			bool SendLeaseSetRequest (const i2p::data::IdentHash& dest, std::shared_ptr<const i2p::data::RouterInfo>  nextFloodfill, std::shared_ptr<LeaseSetRequest> request);	
+			bool SendLeaseSetRequest (const i2p::data::IdentHash& dest, std::shared_ptr<const i2p::data::RouterInfo>  nextFloodfill, std::shared_ptr<LeaseSetRequest> request);
 			void HandleRequestTimoutTimer (const boost::system::error_code& ecode, const i2p::data::IdentHash& dest);
 			void HandleCleanupTimer (const boost::system::error_code& ecode);
-			void CleanupRemoteLeaseSets ();			
-			
+			void CleanupRemoteLeaseSets ();
+
 		private:
 
 			volatile bool m_IsRunning;
-			std::thread * m_Thread;	
+			std::thread * m_Thread;
 			boost::asio::io_service m_Service;
 			mutable std::mutex m_RemoteLeaseSetsMutex;
 			std::map<i2p::data::IdentHash, std::shared_ptr<i2p::data::LeaseSet> > m_RemoteLeaseSets;
@@ -150,16 +150,16 @@ namespace client
 			uint32_t m_PublishReplyToken;
 			uint64_t m_LastSubmissionTime; // in seconds
 			std::set<i2p::data::IdentHash> m_ExcludedFloodfills; // for publishing
-	
-			boost::asio::deadline_timer m_PublishConfirmationTimer, m_PublishVerificationTimer, 
+
+			boost::asio::deadline_timer m_PublishConfirmationTimer, m_PublishVerificationTimer,
 				m_PublishDelayTimer, m_CleanupTimer;
 
 		public:
-			
+
 			// for HTTP only
 			int GetNumRemoteLeaseSets () const { return m_RemoteLeaseSets.size (); };
 			const decltype(m_RemoteLeaseSets)& GetLeaseSets () const { return m_RemoteLeaseSets; };
-	};	
+	};
 
 	class ClientDestination: public LeaseSetDestination
 	{
@@ -171,16 +171,16 @@ namespace client
 			// if cancelled before ready, informs promise with nullptr
 			void Ready(ReadyPromise & p);
 #endif
-		
+
 			ClientDestination (const i2p::data::PrivateKeys& keys, bool isPublic, const std::map<std::string, std::string> * params = nullptr);
 			~ClientDestination ();
-			
-			bool Start ();
-			bool Stop ();
-			
+
+			virtual bool Start ();
+			virtual bool Stop ();
+
 			const i2p::data::PrivateKeys& GetPrivateKeys () const { return m_Keys; };
-			void Sign (const uint8_t * buf, int len, uint8_t * signature) const { m_Keys.Sign (buf, len, signature); };	
-			
+			void Sign (const uint8_t * buf, int len, uint8_t * signature) const { m_Keys.Sign (buf, len, signature); };
+
 			// streaming
 			std::shared_ptr<i2p::stream::StreamingDestination> CreateStreamingDestination (int port, bool gzip = true); // additional
 			std::shared_ptr<i2p::stream::StreamingDestination> GetStreamingDestination (int port = 0) const;
@@ -191,31 +191,31 @@ namespace client
 			void StopAcceptingStreams ();
 			bool IsAcceptingStreams () const;
 			void AcceptOnce (const i2p::stream::StreamingDestination::Acceptor& acceptor);
-			
+
 			// datagram
       i2p::datagram::DatagramDestination * GetDatagramDestination () const { return m_DatagramDestination; };
       i2p::datagram::DatagramDestination * CreateDatagramDestination ();
-			
-			// implements LocalDestination		
+
+			// implements LocalDestination
 			const uint8_t * GetEncryptionPrivateKey () const { return m_EncryptionPrivateKey; };
-			std::shared_ptr<const i2p::data::IdentityEx> GetIdentity () const { return m_Keys.GetPublic (); };			
+			std::shared_ptr<const i2p::data::IdentityEx> GetIdentity () const { return m_Keys.GetPublic (); };
 
 		protected:
-			
+
 			void CleanupDestination ();
 			// I2CP
 			void HandleDataMessage (const uint8_t * buf, size_t len);
 			void CreateNewLeaseSet (std::vector<std::shared_ptr<i2p::tunnel::InboundTunnel> > tunnels);
-			
+
 		private:
 
 			std::shared_ptr<ClientDestination> GetSharedFromThis ()
-			{ return std::static_pointer_cast<ClientDestination>(shared_from_this ()); }   
+			{ return std::static_pointer_cast<ClientDestination>(shared_from_this ()); }
 			void PersistTemporaryKeys ();
 #ifdef I2LUA
 			void ScheduleCheckForReady(ReadyPromise * p);
 			void HandleCheckForReady(const boost::system::error_code & ecode, ReadyPromise * p);
-#endif      
+#endif
 		private:
 
 			i2p::data::PrivateKeys m_Keys;
@@ -226,13 +226,13 @@ namespace client
       i2p::datagram::DatagramDestination * m_DatagramDestination;
 
 			boost::asio::deadline_timer m_ReadyChecker;
-			
+
 		public:
 
 			// for HTTP only
 			std::vector<std::shared_ptr<const i2p::stream::Stream> > GetAllStreams () const;
-	};	
-}	
-}	
+	};
+}
+}
 
 #endif

libi2pd/FS.cpp

@@ -16,6 +16,7 @@
 #include "Base.h"
 #include "FS.h"
 #include "Log.h"
+#include "Garlic.h"
 
 namespace i2p {
 namespace fs {
@@ -93,6 +94,11 @@ namespace fs {
     std::string destinations = DataDirPath("destinations");
     if (!boost::filesystem::exists(destinations))
       boost::filesystem::create_directory(destinations);
+	std::string tags = DataDirPath("tags");
+    if (!boost::filesystem::exists(tags))
+    	boost::filesystem::create_directory(tags);
+	else
+		i2p::garlic::CleanUpTagsFiles ();
 
     return true;
   }
@@ -116,6 +122,14 @@ namespace fs {
     return boost::filesystem::exists(path);
   }
 
+  uint32_t GetLastUpdateTime (const std::string & path)
+  {	
+	 if (!boost::filesystem::exists(path)) return 0;
+	 boost::system::error_code ec;
+	 auto t = boost::filesystem::last_write_time (path, ec);
+	 return ec ? 0 : t;
+  }				
+
   bool Remove(const std::string & path) {
     if (!boost::filesystem::exists(path))
       return false;

libi2pd/FS.h

@@ -97,7 +97,7 @@ namespace fs {
    * @param files Vector to store found files
    * @return true on success and false if directory not exists
    */
-  bool ReadDir(const std::string & path, std::vector<std::string> & files);
+  bool ReadDir(const std::string & path, std::vector<std::string> & files);		
 
   /**
    * @brief Remove file with given path
@@ -112,6 +112,8 @@ namespace fs {
    * @return true if file exists, false otherwise
    */
   bool Exists(const std::string & path);
+
+  uint32_t GetLastUpdateTime (const std::string & path); // seconds since epoch			
  
   bool CreateDirectory (const std::string& path);	
 

libi2pd/Garlic.cpp

@@ -10,6 +10,7 @@
 #include "Transports.h"
 #include "Timestamp.h"
 #include "Log.h"
+#include "FS.h"
 #include "Garlic.h"
 
 namespace i2p
@@ -187,7 +188,9 @@ namespace garlic
 			RAND_bytes (elGamal.preIV, 32); // Pre-IV
 			uint8_t iv[32]; // IV is first 16 bytes
 			SHA256(elGamal.preIV, 32, iv); 
-			i2p::crypto::ElGamalEncrypt (m_Destination->GetEncryptionPublicKey (), (uint8_t *)&elGamal, buf, true);			
+			BN_CTX * ctx = BN_CTX_new ();
+			i2p::crypto::ElGamalEncrypt (m_Destination->GetEncryptionPublicKey (), (uint8_t *)&elGamal, buf, ctx, true);	
+			BN_CTX_free (ctx);		
 			m_Encryption.SetIV (iv);
 			buf += 514;
 			len += 514;	
@@ -388,9 +391,15 @@ namespace garlic
 
 		return size;
 	}
-	
+
+	GarlicDestination::GarlicDestination (): m_NumTags (32) // 32 tags by default
+	{
+		m_Ctx = BN_CTX_new ();
+	} 
+		
 	GarlicDestination::~GarlicDestination ()
 	{
+		BN_CTX_free (m_Ctx);
 	}
 
 	void GarlicDestination::CleanUp ()
@@ -404,9 +413,7 @@ namespace garlic
 		if (key)
 		{
 			uint32_t ts = i2p::util::GetSecondsSinceEpoch ();
-			auto decryption = std::make_shared<i2p::crypto::CBCDecryption>();
-			decryption->SetKey (key);
-			m_Tags[SessionTag(tag, ts)] = decryption;
+			m_Tags[SessionTag(tag, ts)] = std::make_shared<AESDecryption>(key);
 		}
 	}
 
@@ -430,26 +437,26 @@ namespace garlic
 		if (it != m_Tags.end ())
 		{
 			// tag found. Use AES
+			auto decryption = it->second;
+			m_Tags.erase (it); // tag might be used only once	
 			if (length >= 32)
 			{	
 				uint8_t iv[32]; // IV is first 16 bytes
 				SHA256(buf, 32, iv);
-				it->second->SetIV (iv);
-				it->second->Decrypt (buf + 32, length - 32, buf + 32);
-				HandleAESBlock (buf + 32, length - 32, it->second, msg->from);
+				decryption->SetIV (iv);
+				decryption->Decrypt (buf + 32, length - 32, buf + 32);
+				HandleAESBlock (buf + 32, length - 32, decryption, msg->from);
 			}	
 			else
 				LogPrint (eLogWarning, "Garlic: message length ", length, " is less than 32 bytes");
-			m_Tags.erase (it); // tag might be used only once	
 		}
 		else
 		{
 			// tag not found. Use ElGamal
 			ElGamalBlock elGamal;
-			if (length >= 514 && i2p::crypto::ElGamalDecrypt (GetEncryptionPrivateKey (), buf, (uint8_t *)&elGamal, true))
+			if (length >= 514 && i2p::crypto::ElGamalDecrypt (GetEncryptionPrivateKey (), buf, (uint8_t *)&elGamal, m_Ctx, true))
 			{	
-				auto decryption = std::make_shared<i2p::crypto::CBCDecryption>();
-				decryption->SetKey (elGamal.sessionKey);
+				auto decryption = std::make_shared<AESDecryption>(elGamal.sessionKey);
 				uint8_t iv[32]; // IV is first 16 bytes
 				SHA256(elGamal.preIV, 32, iv); 
 				decryption->SetIV (iv);
@@ -461,7 +468,7 @@ namespace garlic
 		}
 	}	
 
-	void GarlicDestination::HandleAESBlock (uint8_t * buf, size_t len, std::shared_ptr<i2p::crypto::CBCDecryption> decryption,
+	void GarlicDestination::HandleAESBlock (uint8_t * buf, size_t len, std::shared_ptr<AESDecryption> decryption,
 		std::shared_ptr<i2p::tunnel::InboundTunnel> from)
 	{
 		uint16_t tagCount = bufbe16toh (buf);
@@ -706,5 +713,75 @@ namespace garlic
 		HandleDeliveryStatusMessage (msg);
 	}
 
+	void GarlicDestination::SaveTags ()
+	{
+		if (m_Tags.empty ()) return;
+		std::string ident = GetIdentHash().ToBase32();
+		std::string path  = i2p::fs::DataDirPath("tags", (ident + ".tags"));
+		std::ofstream f (path, std::ofstream::binary | std::ofstream::out | std::ofstream::trunc);	
+		uint32_t ts = i2p::util::GetSecondsSinceEpoch ();
+		// 4 bytes timestamp, 32 bytes tag, 32 bytes key
+		for (auto it: m_Tags)
+		{
+			if (ts < it.first.creationTime + INCOMING_TAGS_EXPIRATION_TIMEOUT)
+			{
+				f.write ((char *)&it.first.creationTime, 4);
+				f.write ((char *)it.first.data (), 32);
+				f.write ((char *)it.second->GetKey ().data (), 32);
+			} 
+		}
+	}
+
+	void GarlicDestination::LoadTags ()
+	{
+		std::string ident = GetIdentHash().ToBase32();
+		std::string path  = i2p::fs::DataDirPath("tags", (ident + ".tags"));
+		uint32_t ts = i2p::util::GetSecondsSinceEpoch ();
+		if (ts < i2p::fs::GetLastUpdateTime (path) + INCOMING_TAGS_EXPIRATION_TIMEOUT) 
+		{
+			// might contain non-expired tags
+			std::ifstream f (path, std::ifstream::binary);
+			if (f) 
+			{
+				std::map<i2p::crypto::AESKey, std::shared_ptr<AESDecryption> > keys;
+				// 4 bytes timestamp, 32 bytes tag, 32 bytes key
+				while (!f.eof ())
+				{
+					uint32_t t;
+					uint8_t tag[32], key[32];
+					f.read ((char *)&t, 4); if (f.eof ()) break;
+					if (ts < t + INCOMING_TAGS_EXPIRATION_TIMEOUT)
+					{
+						f.read ((char *)tag, 32);
+						f.read ((char *)key, 32);
+					}
+					else
+						f.seekg (64, std::ios::cur); // skip 
+					if (f.eof ()) break;
+
+					std::shared_ptr<AESDecryption> decryption;
+					auto it = keys.find (key);
+					if (it != keys.end ())
+						decryption = it->second;
+					else
+						decryption = std::make_shared<AESDecryption>(key);
+					m_Tags.insert (std::make_pair (SessionTag (tag, ts), decryption));
+				}
+				if (!m_Tags.empty ()) 
+					LogPrint (eLogInfo, m_Tags.size (), " loaded for ", ident);	
+			}
+		}
+		i2p::fs::Remove (path);	 
+	}
+
+	void CleanUpTagsFiles ()
+	{
+		std::vector<std::string> files; 
+		i2p::fs::ReadDir (i2p::fs::DataDirPath("tags"), files);
+		uint32_t ts = i2p::util::GetSecondsSinceEpoch ();
+		for (auto  it: files)
+			if (ts >= i2p::fs::GetLastUpdateTime (it) + INCOMING_TAGS_EXPIRATION_TIMEOUT)
+				 i2p::fs::Remove (it);
+	}
 }	
 }

libi2pd/Garlic.h

@@ -59,6 +59,22 @@ namespace garlic
 		uint32_t creationTime; // seconds since epoch	
 	};
 
+	// AESDecryption is associated with session tags and store key
+	class AESDecryption: public i2p::crypto::CBCDecryption
+	{
+		public:
+
+			AESDecryption (const uint8_t * key): m_Key (key)
+			{
+				SetKey (key);
+			}			
+			const i2p::crypto::AESKey& GetKey () const { return m_Key; };
+
+		private:
+
+			i2p::crypto::AESKey m_Key;
+	};
+
 	struct GarlicRoutingPath
 	{
 		std::shared_ptr<i2p::tunnel::OutboundTunnel> outboundTunnel;
@@ -67,7 +83,7 @@ namespace garlic
 		uint32_t updateTime; // seconds since epoch
 		int numTimesUsed; 
 	};	
-	
+
 	class GarlicDestination;
 	class GarlicRoutingSession: public std::enable_shared_from_this<GarlicRoutingSession>
 	{
@@ -153,11 +169,11 @@ namespace garlic
 	{
 		public:
 
-			GarlicDestination (): m_NumTags (32) {}; // 32 tags by default
+			GarlicDestination ();
 			~GarlicDestination ();
 
 			void CleanUp ();
-			void SetNumTags (int numTags) { m_NumTags = numTags; };		
+			void SetNumTags (int numTags) { m_NumTags = numTags; };	
 			std::shared_ptr<GarlicRoutingSession> GetRoutingSession (std::shared_ptr<const i2p::data::RoutingDestination> destination, bool attachLeaseSet);	
 			void CleanupExpiredTags ();
 			void RemoveDeliveryStatusSession (uint32_t msgID);
@@ -180,21 +196,25 @@ namespace garlic
 
 			void HandleGarlicMessage (std::shared_ptr<I2NPMessage> msg);
 			void HandleDeliveryStatusMessage (std::shared_ptr<I2NPMessage> msg);			
-	
+
+			void SaveTags ();
+			void LoadTags ();	
+
 		private:
 
-			void HandleAESBlock (uint8_t * buf, size_t len, std::shared_ptr<i2p::crypto::CBCDecryption> decryption, 
+			void HandleAESBlock (uint8_t * buf, size_t len, std::shared_ptr<AESDecryption> decryption, 
 				std::shared_ptr<i2p::tunnel::InboundTunnel> from);
 			void HandleGarlicPayload (uint8_t * buf, size_t len, std::shared_ptr<i2p::tunnel::InboundTunnel> from);
 
 		private:
-			
+
+			BN_CTX * m_Ctx; // incoming
 			// outgoing sessions
 			int m_NumTags;
 			std::mutex m_SessionsMutex;
 			std::map<i2p::data::IdentHash, GarlicRoutingSessionPtr> m_Sessions;
 			// incoming
-			std::map<SessionTag, std::shared_ptr<i2p::crypto::CBCDecryption>> m_Tags;
+			std::map<SessionTag, std::shared_ptr<AESDecryption> > m_Tags;
 			// DeliveryStatus
 			std::mutex m_DeliveryStatusSessionsMutex;
 			std::map<uint32_t, GarlicRoutingSessionPtr> m_DeliveryStatusSessions; // msgID -> session
@@ -204,7 +224,10 @@ namespace garlic
 			// for HTTP only
 			size_t GetNumIncomingTags () const { return m_Tags.size (); }	
 			const decltype(m_Sessions)& GetSessions () const { return m_Sessions; };
-	};	
+	};
+
+	void CleanUpTagsFiles ();
+	
 }	
 }
 

libi2pd/Gost.cpp

@@ -0,0 +1,530 @@
+#include <string.h>
+#include <array>
+#include <openssl/sha.h>
+#include <openssl/evp.h>
+#include "I2PEndian.h"
+#include "Gost.h"
+
+namespace i2p
+{
+namespace crypto
+{
+
+// GOST R 34.10
+
+	GOSTR3410Curve::GOSTR3410Curve (BIGNUM * a, BIGNUM * b, BIGNUM * p, BIGNUM * q, BIGNUM * x, BIGNUM * y)
+	{
+		m_KeyLen = BN_num_bytes (p);
+		BN_CTX * ctx = BN_CTX_new ();
+		m_Group = EC_GROUP_new_curve_GFp (p, a, b, ctx);
+		EC_POINT * P = EC_POINT_new (m_Group);
+		EC_POINT_set_affine_coordinates_GFp (m_Group, P, x, y, ctx);
+		EC_GROUP_set_generator (m_Group, P, q, nullptr);
+		EC_GROUP_set_curve_name (m_Group, NID_id_GostR3410_2001);
+		EC_POINT_free(P);
+		BN_CTX_free (ctx);
+	}
+
+	GOSTR3410Curve::~GOSTR3410Curve ()
+	{
+		EC_GROUP_free (m_Group);
+	}				
+
+	EC_POINT * GOSTR3410Curve::MulP (const BIGNUM * n) const
+	{
+		BN_CTX * ctx = BN_CTX_new ();
+		auto p = EC_POINT_new (m_Group);
+		EC_POINT_mul (m_Group, p, n, nullptr, nullptr, ctx);
+		BN_CTX_free (ctx);
+		return p;
+	}
+
+	bool GOSTR3410Curve::GetXY (const EC_POINT * p, BIGNUM * x, BIGNUM * y) const
+	{
+		return EC_POINT_get_affine_coordinates_GFp (m_Group, p, x, y, nullptr);
+	}
+
+	EC_POINT * GOSTR3410Curve::CreatePoint (const BIGNUM * x, const BIGNUM * y) const
+	{
+		EC_POINT * p = EC_POINT_new (m_Group);
+		EC_POINT_set_affine_coordinates_GFp (m_Group, p, x, y, nullptr);
+		return p;
+	}
+
+	void GOSTR3410Curve::Sign (const BIGNUM * priv, const BIGNUM * digest, BIGNUM * r, BIGNUM * s)
+	{
+		BN_CTX * ctx = BN_CTX_new ();
+		BN_CTX_start (ctx);
+		BIGNUM * q = BN_CTX_get (ctx);
+		EC_GROUP_get_order(m_Group, q, ctx);
+		BIGNUM * k = BN_CTX_get (ctx);
+		BN_rand_range (k, q); // 0 < k < q
+		EC_POINT * C = MulP (k); // C = k*P
+		GetXY (C, r, nullptr); // r = Cx
+		EC_POINT_free (C);
+		BN_mod_mul (s, r, priv, q, ctx); // (r*priv)%q
+		BIGNUM * tmp = BN_CTX_get (ctx);
+		BN_mod_mul (tmp, k, digest, q, ctx); // (k*digest)%q
+		BN_mod_add (s, s, tmp, q, ctx); // (r*priv+k*digest)%q
+		BN_CTX_end (ctx);
+		BN_CTX_free (ctx);
+	}
+
+	bool GOSTR3410Curve::Verify (const EC_POINT * pub, const BIGNUM * digest, const BIGNUM * r, const BIGNUM * s)
+	{
+		BN_CTX * ctx = BN_CTX_new ();
+		BN_CTX_start (ctx);
+		BIGNUM * q = BN_CTX_get (ctx);
+		EC_GROUP_get_order(m_Group, q, ctx);
+		BIGNUM * h = BN_CTX_get (ctx);
+		BN_mod (h, digest, q, ctx); // h = digest % q
+		BN_mod_inverse (h, h, q, ctx); // 1/h mod q
+		BIGNUM * z1 = BN_CTX_get (ctx);
+		BN_mod_mul (z1, s, h, q, ctx); // z1 = s/h
+		BIGNUM * z2 = BN_CTX_get (ctx);				
+		BN_sub (z2, q, r); // z2 = -r
+		BN_mod_mul (z2, z2, h, q, ctx); // z2 = -r/h
+		EC_POINT * C = EC_POINT_new (m_Group);
+		EC_POINT_mul (m_Group, C, z1, pub, z2, ctx); // z1*P + z2*pub
+		BIGNUM * x = BN_CTX_get (ctx);	
+		GetXY  (C, x, nullptr); // Cx
+		BN_mod (x, x, q, ctx); // Cx % q
+		bool ret = !BN_cmp (x, r); // Cx = r ?
+		EC_POINT_free (C);
+		BN_CTX_end (ctx);
+		BN_CTX_free (ctx);
+		return ret;
+	}	
+
+	EC_POINT * GOSTR3410Curve::RecoverPublicKey (const BIGNUM * digest, const BIGNUM * r, const BIGNUM * s, bool isNegativeY) const 
+	{
+		// s*P = r*Q + h*C
+		BN_CTX * ctx = BN_CTX_new ();
+		BN_CTX_start (ctx);
+		EC_POINT * C = EC_POINT_new (m_Group); // C = k*P = (rx, ry)
+		EC_POINT * Q  = nullptr;
+		if (EC_POINT_set_compressed_coordinates_GFp (m_Group, C, r, isNegativeY ? 1 : 0,  ctx))
+		{	
+			EC_POINT * S = EC_POINT_new (m_Group); // S = s*P
+			EC_POINT_mul (m_Group, S, s, nullptr, nullptr, ctx);
+			BIGNUM * q = BN_CTX_get (ctx);
+			EC_GROUP_get_order(m_Group, q, ctx);
+			BIGNUM * h = BN_CTX_get (ctx);
+			BN_mod (h, digest, q, ctx); // h = digest % q
+			BN_sub (h, q, h); // h = -h
+			EC_POINT * H = EC_POINT_new (m_Group); 
+			EC_POINT_mul (m_Group, H, nullptr, C, h, ctx); // -h*C
+			EC_POINT_add (m_Group, C, S, H, ctx); // s*P - h*C
+			EC_POINT_free (H);
+			EC_POINT_free (S);
+			BIGNUM * r1 = BN_CTX_get (ctx);
+			BN_mod_inverse (r1, r, q, ctx);
+			Q = EC_POINT_new (m_Group); 
+			EC_POINT_mul (m_Group, Q, nullptr, C, r1, ctx); // (s*P - h*C)/r 
+		}	
+		EC_POINT_free (C);
+		BN_CTX_end (ctx);
+		BN_CTX_free (ctx);
+		return Q;
+	}	
+	
+	static GOSTR3410Curve * CreateGOSTR3410Curve (GOSTR3410ParamSet paramSet)
+	{
+		// a, b, p, q, x, y	
+		static const char * params[eGOSTR3410NumParamSets][6] = 
+		{
+			{ 
+				"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD94",
+				"A6",
+				"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97",
+				"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF6C611070995AD10045841B09B761B893",
+				"1",
+				"8D91E471E0989CDA27DF505A453F2B7635294F2DDF23E3B122ACC99C9E9F1E14"
+			}, // CryptoPro A
+			{
+				"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC4",
+				"E8C2505DEDFC86DDC1BD0B2B6667F1DA34B82574761CB0E879BD081CFD0B6265EE3CB090F30D27614CB4574010DA90DD862EF9D4EBEE4761503190785A71C760",
+				"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC7",
+				"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF27E69532F48D89116FF22B8D4E0560609B4B38ABFAD2B85DCACDB1411F10B275",
+				"3",
+				"7503CFE87A836AE3A61B8816E25450E6CE5E1C93ACF1ABC1778064FDCBEFA921DF1626BE4FD036E93D75E6A50E3A41E98028FE5FC235F5B889A589CB5215F2A4"		
+			} // tc26-2012-paramSetA-512
+		};	
+		
+		BIGNUM * a = nullptr, * b = nullptr, * p = nullptr, * q =nullptr, * x = nullptr, * y = nullptr;
+		BN_hex2bn(&a, params[paramSet][0]);
+		BN_hex2bn(&b, params[paramSet][1]);
+		BN_hex2bn(&p, params[paramSet][2]);
+		BN_hex2bn(&q, params[paramSet][3]);
+		BN_hex2bn(&x, params[paramSet][4]);
+		BN_hex2bn(&y, params[paramSet][5]);
+		auto curve = new GOSTR3410Curve (a, b, p, q, x, y);
+		BN_free (a); BN_free (b); BN_free (p); BN_free (q); BN_free (x); BN_free (y);
+		return curve;
+	}	
+
+	static std::array<std::unique_ptr<GOSTR3410Curve>, eGOSTR3410NumParamSets> g_GOSTR3410Curves;
+	std::unique_ptr<GOSTR3410Curve>& GetGOSTR3410Curve (GOSTR3410ParamSet paramSet)
+	{
+		if (!g_GOSTR3410Curves[paramSet])
+		{
+			auto c = CreateGOSTR3410Curve (paramSet);	
+			if (!g_GOSTR3410Curves[paramSet]) // make sure it was not created already
+				g_GOSTR3410Curves[paramSet].reset (c);
+			else
+				delete c;
+		}	
+		return g_GOSTR3410Curves[paramSet]; 
+	}
+
+// ГОСТ 34.11-2012
+
+	static const uint8_t sbox_[256] =
+	{
+		0xFC, 0xEE, 0xDD, 0x11, 0xCF, 0x6E, 0x31, 0x16, 0xFB, 0xC4, 0xFA, 0xDA, 0x23, 0xC5, 0x04, 0x4D,
+		0xE9, 0x77, 0xF0, 0xDB, 0x93, 0x2E, 0x99, 0xBA, 0x17, 0x36, 0xF1, 0xBB, 0x14, 0xCD, 0x5F, 0xC1,
+		0xF9, 0x18, 0x65, 0x5A, 0xE2, 0x5C, 0xEF, 0x21, 0x81, 0x1C, 0x3C, 0x42, 0x8B, 0x01, 0x8E, 0x4F,
+		0x05, 0x84, 0x02, 0xAE, 0xE3, 0x6A, 0x8F, 0xA0, 0x06, 0x0B, 0xED, 0x98, 0x7F, 0xD4, 0xD3, 0x1F,
+		0xEB, 0x34, 0x2C, 0x51, 0xEA, 0xC8, 0x48, 0xAB, 0xF2, 0x2A, 0x68, 0xA2, 0xFD, 0x3A, 0xCE, 0xCC,
+		0xB5, 0x70, 0x0E, 0x56, 0x08, 0x0C, 0x76, 0x12, 0xBF, 0x72, 0x13, 0x47, 0x9C, 0xB7, 0x5D, 0x87,
+		0x15, 0xA1, 0x96, 0x29, 0x10, 0x7B, 0x9A, 0xC7, 0xF3, 0x91, 0x78, 0x6F, 0x9D, 0x9E, 0xB2, 0xB1,
+		0x32, 0x75, 0x19, 0x3D, 0xFF, 0x35, 0x8A, 0x7E, 0x6D, 0x54, 0xC6, 0x80, 0xC3, 0xBD, 0x0D, 0x57,
+		0xDF, 0xF5, 0x24, 0xA9, 0x3E, 0xA8, 0x43, 0xC9, 0xD7, 0x79, 0xD6, 0xF6, 0x7C, 0x22, 0xB9, 0x03,
+		0xE0, 0x0F, 0xEC, 0xDE, 0x7A, 0x94, 0xB0, 0xBC, 0xDC, 0xE8, 0x28, 0x50, 0x4E, 0x33, 0x0A, 0x4A,
+		0xA7, 0x97, 0x60, 0x73, 0x1E, 0x00, 0x62, 0x44, 0x1A, 0xB8, 0x38, 0x82, 0x64, 0x9F, 0x26, 0x41,
+		0xAD, 0x45, 0x46, 0x92, 0x27, 0x5E, 0x55, 0x2F, 0x8C, 0xA3, 0xA5, 0x7D, 0x69, 0xD5, 0x95, 0x3B,
+		0x07, 0x58, 0xB3, 0x40, 0x86, 0xAC, 0x1D, 0xF7, 0x30, 0x37, 0x6B, 0xE4, 0x88, 0xD9, 0xE7, 0x89,
+		0xE1, 0x1B, 0x83, 0x49, 0x4C, 0x3F, 0xF8, 0xFE, 0x8D, 0x53, 0xAA, 0x90, 0xCA, 0xD8, 0x85, 0x61,
+		0x20, 0x71, 0x67, 0xA4, 0x2D, 0x2B, 0x09, 0x5B, 0xCB, 0x9B, 0x25, 0xD0, 0xBE, 0xE5, 0x6C, 0x52,
+		0x59, 0xA6, 0x74, 0xD2, 0xE6, 0xF4, 0xB4, 0xC0, 0xD1, 0x66, 0xAF, 0xC2, 0x39, 0x4B, 0x63, 0xB6
+	};
+
+	static const uint64_t A_[64] = 
+	{
+		0x8e20faa72ba0b470, 0x47107ddd9b505a38, 0xad08b0e0c3282d1c, 0xd8045870ef14980e,
+		0x6c022c38f90a4c07, 0x3601161cf205268d, 0x1b8e0b0e798c13c8, 0x83478b07b2468764,
+		0xa011d380818e8f40, 0x5086e740ce47c920, 0x2843fd2067adea10, 0x14aff010bdd87508,
+		0x0ad97808d06cb404, 0x05e23c0468365a02, 0x8c711e02341b2d01, 0x46b60f011a83988e,
+		0x90dab52a387ae76f, 0x486dd4151c3dfdb9, 0x24b86a840e90f0d2, 0x125c354207487869,
+		0x092e94218d243cba, 0x8a174a9ec8121e5d, 0x4585254f64090fa0, 0xaccc9ca9328a8950,
+		0x9d4df05d5f661451, 0xc0a878a0a1330aa6, 0x60543c50de970553, 0x302a1e286fc58ca7,
+		0x18150f14b9ec46dd, 0x0c84890ad27623e0, 0x0642ca05693b9f70, 0x0321658cba93c138,
+		0x86275df09ce8aaa8, 0x439da0784e745554, 0xafc0503c273aa42a, 0xd960281e9d1d5215,
+		0xe230140fc0802984, 0x71180a8960409a42, 0xb60c05ca30204d21, 0x5b068c651810a89e,
+		0x456c34887a3805b9, 0xac361a443d1c8cd2, 0x561b0d22900e4669, 0x2b838811480723ba,
+		0x9bcf4486248d9f5d, 0xc3e9224312c8c1a0, 0xeffa11af0964ee50, 0xf97d86d98a327728,
+		0xe4fa2054a80b329c, 0x727d102a548b194e, 0x39b008152acb8227, 0x9258048415eb419d,
+		0x492c024284fbaec0, 0xaa16012142f35760, 0x550b8e9e21f7a530, 0xa48b474f9ef5dc18,
+		0x70a6a56e2440598e, 0x3853dc371220a247, 0x1ca76e95091051ad, 0x0edd37c48a08a6d8,
+		0x07e095624504536c, 0x8d70c431ac02a736, 0xc83862965601dd1b, 0x641c314b2b8ee083
+	}; 
+
+	static const uint8_t C_[12][64] = 
+	{
+		{
+			0xb1,0x08,0x5b,0xda,0x1e,0xca,0xda,0xe9,0xeb,0xcb,0x2f,0x81,0xc0,0x65,0x7c,0x1f,
+			0x2f,0x6a,0x76,0x43,0x2e,0x45,0xd0,0x16,0x71,0x4e,0xb8,0x8d,0x75,0x85,0xc4,0xfc,
+			0x4b,0x7c,0xe0,0x91,0x92,0x67,0x69,0x01,0xa2,0x42,0x2a,0x08,0xa4,0x60,0xd3,0x15,
+			0x05,0x76,0x74,0x36,0xcc,0x74,0x4d,0x23,0xdd,0x80,0x65,0x59,0xf2,0xa6,0x45,0x07
+		},
+		{
+			0x6f,0xa3,0xb5,0x8a,0xa9,0x9d,0x2f,0x1a,0x4f,0xe3,0x9d,0x46,0x0f,0x70,0xb5,0xd7,
+			0xf3,0xfe,0xea,0x72,0x0a,0x23,0x2b,0x98,0x61,0xd5,0x5e,0x0f,0x16,0xb5,0x01,0x31,
+			0x9a,0xb5,0x17,0x6b,0x12,0xd6,0x99,0x58,0x5c,0xb5,0x61,0xc2,0xdb,0x0a,0xa7,0xca,
+			0x55,0xdd,0xa2,0x1b,0xd7,0xcb,0xcd,0x56,0xe6,0x79,0x04,0x70,0x21,0xb1,0x9b,0xb7
+		},
+		{
+			0xf5,0x74,0xdc,0xac,0x2b,0xce,0x2f,0xc7,0x0a,0x39,0xfc,0x28,0x6a,0x3d,0x84,0x35,
+			0x06,0xf1,0x5e,0x5f,0x52,0x9c,0x1f,0x8b,0xf2,0xea,0x75,0x14,0xb1,0x29,0x7b,0x7b,
+			0xd3,0xe2,0x0f,0xe4,0x90,0x35,0x9e,0xb1,0xc1,0xc9,0x3a,0x37,0x60,0x62,0xdb,0x09,
+			0xc2,0xb6,0xf4,0x43,0x86,0x7a,0xdb,0x31,0x99,0x1e,0x96,0xf5,0x0a,0xba,0x0a,0xb2
+		},
+		{
+			0xef,0x1f,0xdf,0xb3,0xe8,0x15,0x66,0xd2,0xf9,0x48,0xe1,0xa0,0x5d,0x71,0xe4,0xdd,
+			0x48,0x8e,0x85,0x7e,0x33,0x5c,0x3c,0x7d,0x9d,0x72,0x1c,0xad,0x68,0x5e,0x35,0x3f,
+			0xa9,0xd7,0x2c,0x82,0xed,0x03,0xd6,0x75,0xd8,0xb7,0x13,0x33,0x93,0x52,0x03,0xbe,
+			0x34,0x53,0xea,0xa1,0x93,0xe8,0x37,0xf1,0x22,0x0c,0xbe,0xbc,0x84,0xe3,0xd1,0x2e
+		},
+		{
+			0x4b,0xea,0x6b,0xac,0xad,0x47,0x47,0x99,0x9a,0x3f,0x41,0x0c,0x6c,0xa9,0x23,0x63,
+			0x7f,0x15,0x1c,0x1f,0x16,0x86,0x10,0x4a,0x35,0x9e,0x35,0xd7,0x80,0x0f,0xff,0xbd,
+			0xbf,0xcd,0x17,0x47,0x25,0x3a,0xf5,0xa3,0xdf,0xff,0x00,0xb7,0x23,0x27,0x1a,0x16,
+			0x7a,0x56,0xa2,0x7e,0xa9,0xea,0x63,0xf5,0x60,0x17,0x58,0xfd,0x7c,0x6c,0xfe,0x57
+		},
+		{
+			0xae,0x4f,0xae,0xae,0x1d,0x3a,0xd3,0xd9,0x6f,0xa4,0xc3,0x3b,0x7a,0x30,0x39,0xc0,
+			0x2d,0x66,0xc4,0xf9,0x51,0x42,0xa4,0x6c,0x18,0x7f,0x9a,0xb4,0x9a,0xf0,0x8e,0xc6,
+			0xcf,0xfa,0xa6,0xb7,0x1c,0x9a,0xb7,0xb4,0x0a,0xf2,0x1f,0x66,0xc2,0xbe,0xc6,0xb6,
+			0xbf,0x71,0xc5,0x72,0x36,0x90,0x4f,0x35,0xfa,0x68,0x40,0x7a,0x46,0x64,0x7d,0x6e
+		},
+		{
+			0xf4,0xc7,0x0e,0x16,0xee,0xaa,0xc5,0xec,0x51,0xac,0x86,0xfe,0xbf,0x24,0x09,0x54,
+			0x39,0x9e,0xc6,0xc7,0xe6,0xbf,0x87,0xc9,0xd3,0x47,0x3e,0x33,0x19,0x7a,0x93,0xc9,
+			0x09,0x92,0xab,0xc5,0x2d,0x82,0x2c,0x37,0x06,0x47,0x69,0x83,0x28,0x4a,0x05,0x04,
+			0x35,0x17,0x45,0x4c,0xa2,0x3c,0x4a,0xf3,0x88,0x86,0x56,0x4d,0x3a,0x14,0xd4,0x93
+		},
+		{
+			0x9b,0x1f,0x5b,0x42,0x4d,0x93,0xc9,0xa7,0x03,0xe7,0xaa,0x02,0x0c,0x6e,0x41,0x41,
+			0x4e,0xb7,0xf8,0x71,0x9c,0x36,0xde,0x1e,0x89,0xb4,0x44,0x3b,0x4d,0xdb,0xc4,0x9a,
+			0xf4,0x89,0x2b,0xcb,0x92,0x9b,0x06,0x90,0x69,0xd1,0x8d,0x2b,0xd1,0xa5,0xc4,0x2f,
+			0x36,0xac,0xc2,0x35,0x59,0x51,0xa8,0xd9,0xa4,0x7f,0x0d,0xd4,0xbf,0x02,0xe7,0x1e
+		},
+		{
+			0x37,0x8f,0x5a,0x54,0x16,0x31,0x22,0x9b,0x94,0x4c,0x9a,0xd8,0xec,0x16,0x5f,0xde,
+			0x3a,0x7d,0x3a,0x1b,0x25,0x89,0x42,0x24,0x3c,0xd9,0x55,0xb7,0xe0,0x0d,0x09,0x84,
+			0x80,0x0a,0x44,0x0b,0xdb,0xb2,0xce,0xb1,0x7b,0x2b,0x8a,0x9a,0xa6,0x07,0x9c,0x54,
+			0x0e,0x38,0xdc,0x92,0xcb,0x1f,0x2a,0x60,0x72,0x61,0x44,0x51,0x83,0x23,0x5a,0xdb
+		},
+		{
+			0xab,0xbe,0xde,0xa6,0x80,0x05,0x6f,0x52,0x38,0x2a,0xe5,0x48,0xb2,0xe4,0xf3,0xf3,
+			0x89,0x41,0xe7,0x1c,0xff,0x8a,0x78,0xdb,0x1f,0xff,0xe1,0x8a,0x1b,0x33,0x61,0x03,
+			0x9f,0xe7,0x67,0x02,0xaf,0x69,0x33,0x4b,0x7a,0x1e,0x6c,0x30,0x3b,0x76,0x52,0xf4,
+			0x36,0x98,0xfa,0xd1,0x15,0x3b,0xb6,0xc3,0x74,0xb4,0xc7,0xfb,0x98,0x45,0x9c,0xed
+		},
+		{
+			0x7b,0xcd,0x9e,0xd0,0xef,0xc8,0x89,0xfb,0x30,0x02,0xc6,0xcd,0x63,0x5a,0xfe,0x94,
+			0xd8,0xfa,0x6b,0xbb,0xeb,0xab,0x07,0x61,0x20,0x01,0x80,0x21,0x14,0x84,0x66,0x79,
+			0x8a,0x1d,0x71,0xef,0xea,0x48,0xb9,0xca,0xef,0xba,0xcd,0x1d,0x7d,0x47,0x6e,0x98,
+			0xde,0xa2,0x59,0x4a,0xc0,0x6f,0xd8,0x5d,0x6b,0xca,0xa4,0xcd,0x81,0xf3,0x2d,0x1b
+		},
+		{
+			0x37,0x8e,0xe7,0x67,0xf1,0x16,0x31,0xba,0xd2,0x13,0x80,0xb0,0x04,0x49,0xb1,0x7a,
+			0xcd,0xa4,0x3c,0x32,0xbc,0xdf,0x1d,0x77,0xf8,0x20,0x12,0xd4,0x30,0x21,0x9f,0x9b,
+			0x5d,0x80,0xef,0x9d,0x18,0x91,0xcc,0x86,0xe7,0x1d,0xa4,0xaa,0x88,0xe1,0x28,0x52,
+			0xfa,0xf4,0x17,0xd5,0xd9,0xb2,0x1b,0x99,0x48,0xbc,0x92,0x4a,0xf1,0x1b,0xd7,0x20
+		}
+	};
+	
+	union GOST3411Block // 8 bytes aligned
+	{
+		uint8_t buf[64];
+		uint64_t ll[8];
+
+		GOST3411Block operator^(const GOST3411Block& other) const
+		{
+			GOST3411Block ret;
+			for (int i = 0; i < 8; i++)
+				ret.ll[i] = ll[i]^other.ll[i];
+			return ret;
+		}	
+
+		GOST3411Block operator^(const uint8_t * other) const
+		{
+			GOST3411Block ret;
+			for (int i = 0; i < 64; i++)
+				ret.buf[i] = buf[i]^other[i];
+			return ret;
+		}	
+		
+		GOST3411Block operator+(const GOST3411Block& other) const
+		{
+			GOST3411Block ret;
+			uint8_t carry = 0;
+			for (int i = 63; i >= 0; i--)
+			{
+				uint16_t sum = buf[i] + other.buf[i] + carry;
+				ret.buf[i] = sum;
+				carry = sum >> 8;
+			}	
+			return ret;
+		}
+
+		void Add (uint32_t c)
+		{
+			for (int i = 63; i >= 0; i--)
+			{
+				if (!c) return;	
+				c += buf[i];
+				buf[i] = c;
+				c >>= 8;		
+			}
+		}
+
+		void SPL ()
+		{
+			uint8_t p[64];
+			memcpy (p, buf, 64); // we need to copy it for P's transposition
+			for (int i = 0; i < 8; i++)
+			{
+				uint64_t c = 0;
+				for (int j = 0; j < 8; j++)
+				{	
+					uint8_t bit = 0x80;
+					uint8_t byte = sbox_[p[j*8+i]]; // S - sbox_, P - transpose (i,j)
+					for (int k = 0; k < 8; k++)
+					{
+						if (byte & bit) c ^= A_[j*8+k];
+						bit >>= 1;
+					}
+				}	
+				ll[i] = htobe64 (c);	
+			}	
+		}	
+
+		GOST3411Block E (const GOST3411Block& m)
+		{
+			GOST3411Block k = *this;
+			GOST3411Block res = k^m;
+			for (int i = 0; i < 12; i++)
+			{
+				res.SPL ();
+				k = k^C_[i];
+				k.SPL ();
+				res = k^res;
+			}	
+			return res;
+		}	
+	};
+	
+	static GOST3411Block gN (const GOST3411Block& N, const GOST3411Block& h, const GOST3411Block& m)
+	{
+		GOST3411Block res = N ^ h;
+		res.SPL ();
+		res = res.E (m);
+		res = res^h;
+		res = res^m;
+		return res;	
+	}	
+
+	static void H (const uint8_t * iv, const uint8_t * buf, size_t len, uint8_t * digest)
+	{
+		// stage 1	
+		GOST3411Block h, N, s, m;
+		memcpy (h.buf, iv, 64);
+		memset (N.buf, 0, 64);
+		memset (s.buf, 0, 64);
+		size_t l = len;
+		// stage 2
+		while (l >= 64)
+		{
+			memcpy (m.buf, buf + l - 64, 64); // TODO
+			h= gN (N, h, m);
+			N.Add (512);
+			s = m + s;
+			l -= 64;
+		}
+		// stage 3
+		size_t padding = 64 - l;
+		if (padding)
+		{
+			memset (m.buf, 0, padding - 1);
+			m.buf[padding - 1] = 1;
+		}
+		memcpy (m.buf + padding, buf, l);
+
+		h = gN (N, h, m);
+		N.Add (l*8);	
+		s = m + s;
+	
+		GOST3411Block N0;
+		memset (N0.buf, 0, 64);
+		h = gN (N0, h, N);
+		h = gN (N0, h, s);
+		
+		memcpy (digest, h.buf, 64); 
+	}
+
+	void GOSTR3411_2012_256 (const uint8_t * buf, size_t len, uint8_t * digest)
+	{
+		uint8_t iv[64];
+		memset (iv, 1, 64);
+		uint8_t h[64];
+		H (iv, buf, len, h);
+		memcpy (digest, h, 32); // first half
+	}
+
+	void GOSTR3411_2012_512 (const uint8_t * buf, size_t len, uint8_t * digest)
+	{
+		uint8_t iv[64];
+		memset (iv, 0, 64);
+		H (iv, buf, len, digest);
+	}
+
+	// reverse order
+	struct GOSTR3411_2012_CTX
+	{
+		GOST3411Block h, N, s, m;
+		size_t len;
+		bool is512;
+	};
+	
+	GOSTR3411_2012_CTX * GOSTR3411_2012_CTX_new ()
+	{
+		return new GOSTR3411_2012_CTX;
+	}
+
+	void GOSTR3411_2012_CTX_free (GOSTR3411_2012_CTX * ctx)
+	{
+		delete ctx;
+	}
+
+	void GOSTR3411_2012_CTX_Init (GOSTR3411_2012_CTX * ctx, bool is512)
+	{
+		uint8_t iv[64];
+		memset (iv, is512 ? 0 : 1, 64);
+		memcpy (ctx->h.buf, iv, 64);
+		memset (ctx->N.buf, 0, 64);
+		memset (ctx->s.buf, 0, 64);
+		ctx->len = 0;
+		ctx->is512 = is512;
+	}
+
+	void GOSTR3411_2012_CTX_Update (const uint8_t * buf, size_t len, GOSTR3411_2012_CTX * ctx)
+	{
+		if (!len) return;
+		if (ctx->len > 0) // something left from buffer
+		{
+			size_t l = 64 - ctx->len;
+			if (len < l) l = len;
+			for (size_t i = 0; i < l; i++)
+				ctx->m.buf[ctx->len + i] = buf[l-i-1]; // invert	 
+			ctx->len += l; len -= l; buf += l;
+
+			ctx->h = gN (ctx->N, ctx->h, ctx->m);
+			ctx->N.Add (512);
+			ctx->s = ctx->m + ctx->s;
+		}
+		while (len >= 64)
+		{
+			for (size_t i = 0; i < 64; i++)
+				ctx->m.buf[i] = buf[63-i]; // invert	
+			len -= 64; buf += 64;
+			ctx->h = gN (ctx->N, ctx->h, ctx->m);
+			ctx->N.Add (512);
+			ctx->s = ctx->m + ctx->s;
+		}
+		if (len > 0) // carry remaining
+		{
+			for (size_t i = 0; i < len; i++)
+				ctx->m.buf[i] = buf[len-i-1]; // invert
+		}
+		ctx->len = len;
+	}
+
+	void GOSTR3411_2012_CTX_Finish (uint8_t * digest, GOSTR3411_2012_CTX * ctx)
+	{
+		GOST3411Block m;	
+		size_t padding = 64 - ctx->len;
+		if (padding)
+		{
+			memset (m.buf, 0, padding - 1);
+			m.buf[padding - 1] = 1;
+		}
+		memcpy (m.buf + padding, ctx->m.buf, ctx->len);
+
+		ctx->h = gN (ctx->N, ctx->h, m);
+		ctx->N.Add (ctx->len*8);	
+		ctx->s = m + ctx->s;
+	
+		GOST3411Block N0;
+		memset (N0.buf, 0, 64);
+		ctx->h = gN (N0, ctx->h, ctx->N);
+		ctx->h = gN (N0, ctx->h, ctx->s);
+		
+		size_t sz = ctx->is512 ? 64 : 32;
+		for (size_t i = 0; i < sz; i++)
+			digest[i] = ctx->h.buf[sz - i - 1];
+	}
+
+}
+}

libi2pd/Gost.h

@@ -0,0 +1,62 @@
+#ifndef GOST_H__
+#define GOST_H__
+
+#include <memory>
+#include <openssl/ec.h>
+
+namespace i2p
+{
+namespace crypto
+{
+
+	// ГОСТ Р 34.10
+	
+	enum GOSTR3410ParamSet
+	{
+		eGOSTR3410CryptoProA = 0,   // 1.2.643.2.2.35.1
+		// XchA = A, XchB = C
+		//eGOSTR3410CryptoProXchA,    // 1.2.643.2.2.36.0
+		//eGOSTR3410CryptoProXchB,	// 1.2.643.2.2.36.1		
+		eGOSTR3410TC26A512,		// 1.2.643.7.1.2.1.2.1
+		eGOSTR3410NumParamSets
+	};	
+	
+	class GOSTR3410Curve
+	{
+		public:
+
+			GOSTR3410Curve (BIGNUM * a, BIGNUM * b, BIGNUM * p, BIGNUM * q, BIGNUM * x, BIGNUM * y);
+			~GOSTR3410Curve ();			
+
+			size_t GetKeyLen () const { return m_KeyLen; }; 
+			const EC_GROUP * GetGroup () const { return m_Group; };
+			EC_POINT * MulP (const BIGNUM * n) const;
+			bool GetXY (const EC_POINT * p, BIGNUM * x, BIGNUM * y) const;
+			EC_POINT * CreatePoint (const BIGNUM * x, const BIGNUM * y) const;
+			void Sign (const BIGNUM * priv, const BIGNUM * digest, BIGNUM * r, BIGNUM * s);
+			bool Verify (const EC_POINT * pub, const BIGNUM * digest, const BIGNUM * r, const BIGNUM * s);
+			EC_POINT * RecoverPublicKey (const BIGNUM * digest, const BIGNUM * r, const BIGNUM * s, bool isNegativeY = false) const;
+			
+		private:
+
+			EC_GROUP * m_Group;
+			size_t m_KeyLen; // in bytes
+	};
+
+	std::unique_ptr<GOSTR3410Curve>& GetGOSTR3410Curve (GOSTR3410ParamSet paramSet);
+
+// Big Endian
+	void GOSTR3411_2012_256 (const uint8_t * buf, size_t len, uint8_t * digest);
+	void GOSTR3411_2012_512 (const uint8_t * buf, size_t len, uint8_t * digest);	
+
+// Little Endian
+	struct GOSTR3411_2012_CTX;
+	GOSTR3411_2012_CTX * GOSTR3411_2012_CTX_new ();
+	void GOSTR3411_2012_CTX_Init (GOSTR3411_2012_CTX * ctx, bool is512 = true);
+	void GOSTR3411_2012_CTX_Update (const uint8_t * buf, size_t len, GOSTR3411_2012_CTX * ctx);
+	void GOSTR3411_2012_CTX_Finish (uint8_t * digest, GOSTR3411_2012_CTX * ctx);	
+	void GOSTR3411_2012_CTX_free (GOSTR3411_2012_CTX * ctx);
+}
+}
+
+#endif

libi2pd/I2NPProtocol.cpp

@@ -6,7 +6,7 @@
 #include "I2PEndian.h"
 #include "Timestamp.h"
 #include "RouterContext.h"
-#include "NetDb.h"
+#include "NetDb.hpp"
 #include "Tunnel.h"
 #include "Transports.h"
 #include "Garlic.h"
@@ -326,12 +326,14 @@ namespace i2p
 			if (!memcmp (record + BUILD_REQUEST_RECORD_TO_PEER_OFFSET, (const uint8_t *)i2p::context.GetRouterInfo ().GetIdentHash (), 16))
 			{	
 				LogPrint (eLogDebug, "I2NP: Build request record ", i, " is ours");
-			
-				i2p::crypto::ElGamalDecrypt (i2p::context.GetEncryptionPrivateKey (), record + BUILD_REQUEST_RECORD_ENCRYPTED_OFFSET, clearText);
+				BN_CTX * ctx = BN_CTX_new ();
+				i2p::crypto::ElGamalDecrypt (i2p::context.GetEncryptionPrivateKey (), record + BUILD_REQUEST_RECORD_ENCRYPTED_OFFSET, clearText, ctx);
+				BN_CTX_free (ctx);
 				// replace record to reply			
 				if (i2p::context.AcceptsTunnels () && 
 					i2p::tunnel::tunnels.GetTransitTunnels ().size () <= g_MaxNumTransitTunnels &&
-					!i2p::transport::transports.IsBandwidthExceeded ())
+					!i2p::transport::transports.IsBandwidthExceeded () &&
+					!i2p::transport::transports.IsTransitBandwidthExceeded ())
 				{	
 					auto transitTunnel = i2p::tunnel::CreateTransitTunnel (
 							bufbe32toh (clearText + BUILD_REQUEST_RECORD_RECEIVE_TUNNEL_OFFSET), 

libi2pd/I2NPProtocol.h

@@ -209,6 +209,7 @@ namespace tunnel
 
 	std::shared_ptr<I2NPMessage> NewI2NPMessage ();
 	std::shared_ptr<I2NPMessage> NewI2NPShortMessage ();
+	std::shared_ptr<I2NPMessage> NewI2NPTunnelMessage ();
 	std::shared_ptr<I2NPMessage> NewI2NPMessage (size_t len);
 	
 	std::shared_ptr<I2NPMessage> CreateI2NPMessage (I2NPMessageType msgType, const uint8_t * buf, size_t len, uint32_t replyMsgID = 0);