version updated

Library build 2

AddressBook.cpp

@@ -1,23 +1,168 @@
 #include <string.h>
+#include <inttypes.h>
 #include <string>
 #include <map>
+#include <fstream>
+#include <boost/filesystem.hpp>
 #include "base64.h"
 #include "util.h"
 #include "Identity.h"
 #include "Log.h"
 #include "AddressBook.h"
 
-#include <boost/algorithm/string.hpp>
-
 namespace i2p
 {
 namespace client
 {
 
+	class AddressBookFilesystemStorage: public AddressBookStorage
+	{
+		public:
+
+			AddressBookFilesystemStorage ();
+			bool GetAddress (const i2p::data::IdentHash& ident, i2p::data::IdentityEx& address) const;
+			void AddAddress (const i2p::data::IdentityEx& address);
+			void RemoveAddress (const i2p::data::IdentHash& ident);
+
+			int Load (std::map<std::string, i2p::data::IdentHash>& addresses);
+			int Save (const std::map<std::string, i2p::data::IdentHash>& addresses);
+
+		private:	
+			
+			boost::filesystem::path GetPath () const { return i2p::util::filesystem::GetDefaultDataDir() / "addressbook"; };
+
+	};
+
+	AddressBookFilesystemStorage::AddressBookFilesystemStorage ()
+	{
+		auto path = GetPath ();
+		if (!boost::filesystem::exists (path))
+		{
+			// Create directory is necessary
+			if (!boost::filesystem::create_directory (path))
+				LogPrint (eLogError, "Failed to create addressbook directory");
+		}
+	}
+
+	bool AddressBookFilesystemStorage::GetAddress (const i2p::data::IdentHash& ident, i2p::data::IdentityEx& address) const
+	{
+		auto filename = GetPath () / (ident.ToBase32() + ".b32");
+		std::ifstream f(filename.c_str (), std::ifstream::binary);
+		if (f.is_open ())	
+		{
+			f.seekg (0,std::ios::end);
+			size_t len = f.tellg ();
+			if (len < i2p::data::DEFAULT_IDENTITY_SIZE)
+			{
+				LogPrint (eLogError, "File ", filename, " is too short. ", len);
+				return false;
+			}
+			f.seekg(0, std::ios::beg);
+			uint8_t * buf = new uint8_t[len];
+			f.read((char *)buf, len);
+			address.FromBuffer (buf, len);
+			delete[] buf;
+			return true;
+		}
+		else
+			return false;
+	}
+
+	void AddressBookFilesystemStorage::AddAddress (const i2p::data::IdentityEx& address)
+	{
+		auto filename = GetPath () / (address.GetIdentHash ().ToBase32() + ".b32");
+		std::ofstream f (filename.c_str (), std::ofstream::binary | std::ofstream::out);
+		if (f.is_open ())	
+		{
+			size_t len = address.GetFullLen ();
+			uint8_t * buf = new uint8_t[len];
+			address.ToBuffer (buf, len);
+			f.write ((char *)buf, len);
+			delete[] buf;
+		}
+		else
+			LogPrint (eLogError, "Can't open file ", filename);	
+	}	
+
+	void AddressBookFilesystemStorage::RemoveAddress (const i2p::data::IdentHash& ident)
+	{
+		auto filename = GetPath () / (ident.ToBase32() + ".b32");
+		if (boost::filesystem::exists (filename))  
+			boost::filesystem::remove (filename);
+	}
+
+	int AddressBookFilesystemStorage::Load (std::map<std::string, i2p::data::IdentHash>& addresses)
+	{
+		int num = 0;	
+		auto filename = GetPath () / "addresses.csv";
+		std::ifstream f (filename.c_str (), std::ofstream::in); // in text mode
+		if (f.is_open ())	
+		{
+			addresses.clear ();
+			while (!f.eof ())
+			{
+				std::string s;
+				getline(f, s);
+				if (!s.length())
+					continue; // skip empty line
+
+				size_t pos = s.find(',');
+				if (pos != std::string::npos)
+				{
+					std::string name = s.substr(0, pos++);
+					std::string addr = s.substr(pos);
+
+					i2p::data::IdentHash ident;
+					ident.FromBase32 (addr);
+					addresses[name] = ident;
+					num++;
+				}		
+			}
+			LogPrint (eLogInfo, num, " addresses loaded");
+		}
+		else
+			LogPrint (eLogWarning, filename, " not found");
+		return num;
+	}
+
+	int AddressBookFilesystemStorage::Save (const std::map<std::string, i2p::data::IdentHash>& addresses)
+	{
+		int num = 0;
+		auto filename = GetPath () / "addresses.csv";
+		std::ofstream f (filename.c_str (), std::ofstream::out); // in text mode
+		if (f.is_open ())	
+		{
+			for (auto it: addresses)
+			{
+				f << it.first << "," << it.second.ToBase32 () << std::endl;
+				num++;
+			}
+			LogPrint (eLogInfo, num, " addresses save");
+		}
+		else	
+			LogPrint (eLogError, "Can't open file ", filename);	
+		return num;	
+	}	
+
+//---------------------------------------------------------------------
 	AddressBook::AddressBook (): m_IsLoaded (false), m_IsDowloading (false)
 	{
 	}
 
+	AddressBook::~AddressBook ()
+	{
+		if (m_Storage)
+		{
+			m_Storage->Save (m_Addresses);
+			delete m_Storage;
+		}
+	}
+
+	AddressBookStorage * AddressBook::CreateStorage ()
+	{
+		return new AddressBookFilesystemStorage ();
+	}	
+
 	bool AddressBook::GetIdentHash (const std::string& address, i2p::data::IdentHash& ident)
 	{
 		auto pos = address.find(".b32.i2p");
@@ -37,9 +182,16 @@ namespace client
 					ident = *identHash;
 					return true;
 				}
+				else
+					return false;
 			}
 		}	
-		return false;
+		// if not .b32 we assume full base64 address
+		i2p::data::IdentityEx dest;
+		if (!dest.FromBase64 (address))
+			return false;
+		ident = dest.GetIdentHash ();
+		return true;
 	}
 	
 	const i2p::data::IdentHash * AddressBook::FindAddress (const std::string& address)
@@ -59,10 +211,29 @@ namespace client
 	{
 		i2p::data::IdentityEx ident;
 		ident.FromBase64 (base64);
+		if (!m_Storage)
+			 m_Storage = CreateStorage ();
+		m_Storage->AddAddress (ident);
 		m_Addresses[address] = ident.GetIdentHash ();
 		LogPrint (address,"->",ident.GetIdentHash ().ToBase32 (), ".b32.i2p added");
 	}
 
+	void AddressBook::InsertAddress (const i2p::data::IdentityEx& address)
+	{
+		if (!m_Storage) 
+			m_Storage = CreateStorage ();
+		m_Storage->AddAddress (address);
+	}
+
+	bool AddressBook::GetAddress (const std::string& address, i2p::data::IdentityEx& identity)
+	{
+		if (!m_Storage) 
+			m_Storage = CreateStorage ();
+		i2p::data::IdentHash ident;
+		if (!GetIdentHash (address, ident)) return false;
+		return m_Storage->GetAddress (ident, identity);
+	}	
+
 	void AddressBook::LoadHostsFromI2P ()
 	{
 		std::string content;
@@ -88,6 +259,16 @@ namespace client
 
 	void AddressBook::LoadHosts ()
 	{
+		if (!m_Storage)
+			 m_Storage = CreateStorage ();
+		int numAddresses = m_Storage->Load (m_Addresses);
+		if (numAddresses > 0)
+		{
+			m_IsLoaded = true;
+			return;
+		}
+	
+		// otherwise try hosts.txt
 		std::ifstream f (i2p::util::filesystem::GetFullPath ("hosts.txt").c_str (), std::ofstream::in); // in text mode
 		if (!f.is_open ())	
 		{
@@ -100,10 +281,8 @@ namespace client
 			}
 			return;
 		}
-		int numAddresses = 0;
 
 		std::string s;
-
 		while (!f.eof ())
 		{
 			getline(f, s);
@@ -121,10 +300,12 @@ namespace client
 				i2p::data::IdentityEx ident;
 				ident.FromBase64(addr);
 				m_Addresses[name] = ident.GetIdentHash ();
+				m_Storage->AddAddress (ident);
 				numAddresses++;
 			}		
 		}
 		LogPrint (numAddresses, " addresses loaded");
+		m_Storage->Save (m_Addresses);
 		m_IsLoaded = true;
 	}
 

AddressBook.h

@@ -13,21 +13,42 @@ namespace i2p
 {
 namespace client
 {
+	class AddressBookStorage // interface for storage
+	{
+		public:
+
+			virtual ~AddressBookStorage () {};
+			virtual bool GetAddress (const i2p::data::IdentHash& ident, i2p::data::IdentityEx& address) const = 0;	
+			virtual void AddAddress (const i2p::data::IdentityEx& address) = 0;
+			virtual void RemoveAddress (const i2p::data::IdentHash& ident) = 0;
+		
+			virtual int Load (std::map<std::string, i2p::data::IdentHash>& addresses) = 0;
+			virtual int Save (const std::map<std::string, i2p::data::IdentHash>& addresses) = 0;
+	};			
+
 	class AddressBook
 	{
 		public:
 
 			AddressBook ();
+			~AddressBook ();
 			bool GetIdentHash (const std::string& address, i2p::data::IdentHash& ident);
+			bool GetAddress (const std::string& address, i2p::data::IdentityEx& identity);
 			const i2p::data::IdentHash * FindAddress (const std::string& address);
 			void InsertAddress (const std::string& address, const std::string& base64); // for jump service
+			void InsertAddress (const i2p::data::IdentityEx& address);
 		
 		private:
-	
+
+			AddressBookStorage * CreateStorage ();	
+
+		private:	
+
 			void LoadHosts ();
 			void LoadHostsFromI2P ();
 
 			std::map<std::string, i2p::data::IdentHash>  m_Addresses;
+			AddressBookStorage * m_Storage;
 			bool m_IsLoaded, m_IsDowloading;
 	};
 }

BOB.cpp

@@ -0,0 +1,656 @@
+#include <string.h>
+#include <boost/lexical_cast.hpp>
+#include "Log.h"
+#include "NetDb.h"
+#include "ClientContext.h"
+#include "BOB.h"
+
+namespace i2p
+{
+namespace client
+{
+	BOBI2PInboundTunnel::BOBI2PInboundTunnel (boost::asio::io_service& service, int port, ClientDestination * localDestination): 
+		BOBI2PTunnel (service, localDestination), 
+		m_Acceptor (service, boost::asio::ip::tcp::endpoint (boost::asio::ip::tcp::v4(), port)),
+		m_Timer (service)
+	{
+	}
+
+	BOBI2PInboundTunnel::~BOBI2PInboundTunnel ()
+	{
+		Stop ();
+	}
+
+	void BOBI2PInboundTunnel::Start ()
+	{
+		m_Acceptor.listen ();
+		Accept ();
+	}
+
+	void BOBI2PInboundTunnel::Stop ()
+	{
+		m_Acceptor.close();
+		ClearConnections ();
+	}
+
+	void BOBI2PInboundTunnel::Accept ()
+	{
+		auto receiver = new AddressReceiver ();
+		receiver->socket = new boost::asio::ip::tcp::socket (GetService ());
+		m_Acceptor.async_accept (*receiver->socket, std::bind (&BOBI2PInboundTunnel::HandleAccept, this,
+			std::placeholders::_1, receiver));
+	}	
+
+	void BOBI2PInboundTunnel::HandleAccept (const boost::system::error_code& ecode, AddressReceiver * receiver)
+	{
+		if (!ecode)
+		{
+			Accept ();	
+			ReceiveAddress (receiver);
+		}
+		else
+		{	
+			delete receiver->socket;
+			delete receiver;
+		}	
+	}
+
+	void BOBI2PInboundTunnel::ReceiveAddress (AddressReceiver * receiver)
+	{
+		receiver->socket->async_read_some (boost::asio::buffer(
+		        receiver->buffer + receiver->bufferOffset, 
+				BOB_COMMAND_BUFFER_SIZE - receiver->bufferOffset),                
+			std::bind(&BOBI2PInboundTunnel::HandleReceivedAddress, this, 
+				std::placeholders::_1, std::placeholders::_2, receiver));
+	}
+	
+	void BOBI2PInboundTunnel::HandleReceivedAddress (const boost::system::error_code& ecode, std::size_t bytes_transferred,
+		AddressReceiver * receiver)
+	{
+		if (ecode)
+		{
+			LogPrint ("BOB inbound tunnel read error: ", ecode.message ());
+			delete receiver->socket;
+			delete receiver;
+		}	
+		else
+		{
+			receiver->bufferOffset += bytes_transferred;
+			receiver->buffer[receiver->bufferOffset] = 0;
+			char * eol = strchr (receiver->buffer, '\n');
+			if (eol)
+			{
+				*eol = 0;
+				
+				receiver->data = (uint8_t *)eol + 1;
+				receiver->dataLen = receiver->bufferOffset - (eol - receiver->buffer + 1);
+				i2p::data::IdentHash ident;
+				if (!context.GetAddressBook ().GetIdentHash (receiver->buffer, ident)) 
+				{
+					LogPrint (eLogError, "BOB address ", receiver->buffer, " not found");
+					delete receiver->socket;
+					delete receiver;
+					return;
+				}
+				auto leaseSet = GetLocalDestination ()->FindLeaseSet (ident);
+				if (leaseSet)
+					CreateConnection (receiver, leaseSet);
+				else
+				{
+					i2p::data::netdb.RequestDestination (ident, true, GetLocalDestination ()->GetTunnelPool ());
+					m_Timer.expires_from_now (boost::posix_time::seconds (I2P_TUNNEL_DESTINATION_REQUEST_TIMEOUT));
+					m_Timer.async_wait (std::bind (&BOBI2PInboundTunnel::HandleDestinationRequestTimer,
+						this, std::placeholders::_1, receiver, ident));
+				}
+			}
+			else
+			{
+				if (receiver->bufferOffset < BOB_COMMAND_BUFFER_SIZE)
+					ReceiveAddress (receiver);
+				else
+				{	
+					LogPrint ("BOB missing inbound address ");
+					delete receiver->socket;
+					delete receiver;
+				}	
+			}			
+		}
+	}
+
+	void BOBI2PInboundTunnel::HandleDestinationRequestTimer (const boost::system::error_code& ecode, AddressReceiver * receiver, i2p::data::IdentHash ident)
+	{
+		if (ecode != boost::asio::error::operation_aborted)
+		{
+			auto leaseSet = GetLocalDestination ()->FindLeaseSet (ident);
+			if (leaseSet)
+			{
+				CreateConnection (receiver, leaseSet);
+				return;
+			}
+			else
+				LogPrint ("LeaseSet for BOB inbound destination not found");
+		}
+		delete receiver->socket;
+		delete receiver;
+	}	
+
+	void BOBI2PInboundTunnel::CreateConnection (AddressReceiver * receiver, const i2p::data::LeaseSet * leaseSet)
+	{
+		LogPrint ("New BOB inbound connection");
+		auto connection = std::make_shared<I2PTunnelConnection>(this, receiver->socket, leaseSet);
+		AddConnection (connection);
+		connection->I2PConnect (receiver->data, receiver->dataLen);
+		delete receiver;
+	}
+
+	BOBI2POutboundTunnel::BOBI2POutboundTunnel (boost::asio::io_service& service, const std::string& address, int port, 
+		ClientDestination * localDestination, bool quiet): BOBI2PTunnel (service, localDestination),
+		m_Endpoint (boost::asio::ip::address::from_string (address), port), m_IsQuiet (quiet)
+	{
+	}
+	
+	void BOBI2POutboundTunnel::Start ()
+	{
+		Accept ();
+	}
+
+	void BOBI2POutboundTunnel::Stop ()
+	{
+		ClearConnections ();
+	}	
+
+	void BOBI2POutboundTunnel::Accept ()
+	{
+		auto localDestination = GetLocalDestination ();	
+		if (localDestination)
+			localDestination->AcceptStreams (std::bind (&BOBI2POutboundTunnel::HandleAccept, this, std::placeholders::_1));
+		else
+			LogPrint ("Local destination not set for server tunnel");
+	}
+
+	void BOBI2POutboundTunnel::HandleAccept (std::shared_ptr<i2p::stream::Stream> stream)
+	{
+		if (stream)
+		{	
+			auto conn = std::make_shared<I2PTunnelConnection> (this, stream, new boost::asio::ip::tcp::socket (GetService ()), m_Endpoint, m_IsQuiet);
+			AddConnection (conn);
+			conn->Connect ();
+		}	
+	}
+
+	BOBDestination::BOBDestination (boost::asio::io_service& service, ClientDestination& localDestination):
+		m_Service (service), m_LocalDestination (localDestination), 
+		m_OutboundTunnel (nullptr), m_InboundTunnel (nullptr)
+	{
+	}
+		
+	BOBDestination::~BOBDestination ()
+	{
+		delete m_OutboundTunnel;
+		delete m_InboundTunnel;
+	}	
+
+	void BOBDestination::Start ()
+	{
+		if (m_OutboundTunnel) m_OutboundTunnel->Start ();
+		if (m_InboundTunnel) m_InboundTunnel->Start ();
+	}
+		
+	void BOBDestination::Stop ()
+	{		
+		StopTunnels ();
+		m_LocalDestination.Stop ();
+	}	
+
+	void BOBDestination::StopTunnels ()
+	{
+		if (m_OutboundTunnel)
+		{	
+			m_OutboundTunnel->Stop ();
+			delete m_OutboundTunnel;
+			m_OutboundTunnel = nullptr;
+		}	
+		if (m_InboundTunnel)
+		{	
+			m_InboundTunnel->Stop ();
+			delete m_InboundTunnel;
+			m_InboundTunnel = nullptr;
+		}	
+	}	
+		
+	void BOBDestination::CreateInboundTunnel (int port)
+	{
+		if (!m_InboundTunnel)
+			m_InboundTunnel = new BOBI2PInboundTunnel (m_Service, port, &m_LocalDestination);
+	}
+		
+	void BOBDestination::CreateOutboundTunnel (const std::string& address, int port, bool quiet)
+	{
+		if (!m_OutboundTunnel)
+			m_OutboundTunnel = new BOBI2POutboundTunnel (m_Service, address, port, &m_LocalDestination, quiet);
+	}	
+		
+	BOBCommandSession::BOBCommandSession (BOBCommandChannel& owner): 
+		m_Owner (owner), m_Socket (m_Owner.GetService ()), m_ReceiveBufferOffset (0),
+		m_IsOpen (true), m_IsQuiet (false), m_InPort (0), m_OutPort (0),
+		m_CurrentDestination (nullptr)
+	{
+	}
+
+	BOBCommandSession::~BOBCommandSession ()
+	{
+	}
+
+	void BOBCommandSession::Terminate ()
+	{
+		m_Socket.close ();
+		m_IsOpen = false;	
+	}
+
+	void BOBCommandSession::Receive ()
+	{
+		m_Socket.async_read_some (boost::asio::buffer(m_ReceiveBuffer + m_ReceiveBufferOffset, BOB_COMMAND_BUFFER_SIZE - m_ReceiveBufferOffset),                
+			std::bind(&BOBCommandSession::HandleReceived, shared_from_this (), 
+			std::placeholders::_1, std::placeholders::_2));
+	}
+
+	void BOBCommandSession::HandleReceived (const boost::system::error_code& ecode, std::size_t bytes_transferred)
+	{
+		if (ecode)
+		{
+			LogPrint ("BOB command channel read error: ", ecode.message ());
+			if (ecode != boost::asio::error::operation_aborted)
+				Terminate ();
+		}	
+		else
+		{	
+			size_t size = m_ReceiveBufferOffset + bytes_transferred; 
+			m_ReceiveBuffer[size] = 0;
+			char * eol = strchr (m_ReceiveBuffer, '\n');
+			if (eol)
+			{
+				*eol = 0;
+				char * operand =  strchr (m_ReceiveBuffer, ' ');
+				if (operand)  
+				{	
+					*operand = 0;
+					operand++;
+				}	
+				else 
+					operand = eol;
+				// process command
+				auto& handlers = m_Owner.GetCommandHandlers ();
+				auto it = handlers.find (m_ReceiveBuffer);
+				if (it != handlers.end ())
+					(this->*(it->second))(operand, eol - operand);
+				else	
+				{
+					LogPrint (eLogError, "BOB unknown command ", m_ReceiveBuffer);
+					SendReplyError ("unknown command");
+				}
+
+				m_ReceiveBufferOffset = size - (eol - m_ReceiveBuffer) - 1;
+				memmove (m_ReceiveBuffer, eol + 1, m_ReceiveBufferOffset);
+			}
+			else
+			{
+				if (size < BOB_COMMAND_BUFFER_SIZE)
+					m_ReceiveBufferOffset = size;
+				else
+				{
+					LogPrint (eLogError, "Malformed input of the BOB command channel");
+					Terminate ();
+				}
+			}	
+		}
+	}
+
+	void BOBCommandSession::Send (size_t len)
+	{
+		boost::asio::async_write (m_Socket, boost::asio::buffer (m_SendBuffer, len), 
+			boost::asio::transfer_all (),
+			std::bind(&BOBCommandSession::HandleSent, shared_from_this (), 
+				std::placeholders::_1, std::placeholders::_2));
+	}
+
+	void BOBCommandSession::HandleSent (const boost::system::error_code& ecode, std::size_t bytes_transferred)
+	{
+		if (ecode)
+        {
+			LogPrint ("BOB command channel send error: ", ecode.message ());
+			if (ecode != boost::asio::error::operation_aborted)
+				Terminate ();
+		}
+		else
+		{
+			if (m_IsOpen)
+				Receive ();
+			else
+				Terminate ();	
+		}
+	}
+
+	void BOBCommandSession::SendReplyOK (const char * msg)
+	{
+#ifdef _MSC_VER
+		size_t len = sprintf_s (m_SendBuffer, BOB_COMMAND_BUFFER_SIZE, BOB_REPLY_OK, msg);
+#else		
+		size_t len = snprintf (m_SendBuffer, BOB_COMMAND_BUFFER_SIZE, BOB_REPLY_OK, msg);
+#endif
+		Send (len);
+	}
+
+	void BOBCommandSession::SendReplyError (const char * msg)
+	{
+#ifdef _MSC_VER
+		size_t len = sprintf_s (m_SendBuffer, BOB_COMMAND_BUFFER_SIZE, BOB_REPLY_ERROR, msg);
+#else		
+		size_t len = snprintf (m_SendBuffer, BOB_COMMAND_BUFFER_SIZE, BOB_REPLY_ERROR, msg);
+#endif
+		Send (len);	
+	}
+		
+	void BOBCommandSession::SendVersion ()
+	{
+		size_t len = strlen (BOB_VERSION);
+		memcpy (m_SendBuffer, BOB_VERSION, len);
+		Send (len);
+	}
+
+	void BOBCommandSession::SendData (const char * nickname)
+	{
+#ifdef _MSC_VER
+		size_t len = sprintf_s (m_SendBuffer, BOB_COMMAND_BUFFER_SIZE, BOB_DATA, nickname);
+#else		
+		size_t len = snprintf (m_SendBuffer, BOB_COMMAND_BUFFER_SIZE, BOB_DATA, nickname);
+#endif
+		Send (len);			
+	}
+		
+	void BOBCommandSession::ZapCommandHandler (const char * operand, size_t len)
+	{
+		LogPrint (eLogDebug, "BOB: zap");
+		Terminate ();
+	}
+
+	void BOBCommandSession::QuitCommandHandler (const char * operand, size_t len)
+	{
+		LogPrint (eLogDebug, "BOB: quit");
+		m_IsOpen = false;
+		SendReplyOK ("Bye!");
+	}
+
+	void BOBCommandSession::StartCommandHandler (const char * operand, size_t len)
+	{
+		LogPrint (eLogDebug, "BOB: start ", m_Nickname);
+		if (!m_CurrentDestination)
+		{	
+			m_CurrentDestination = new BOBDestination (m_Owner.GetService (),
+				*context.CreateNewLocalDestination (m_Keys, true, &m_Options));
+			m_Owner.AddDestination (m_Nickname, m_CurrentDestination);
+		}	
+		if (m_InPort)
+			m_CurrentDestination->CreateInboundTunnel (m_InPort);
+		if (m_OutPort && !m_Address.empty ())
+			m_CurrentDestination->CreateOutboundTunnel (m_Address, m_OutPort, m_IsQuiet);
+		m_CurrentDestination->Start ();	
+		SendReplyOK ("tunnel starting");	
+	}	
+	
+	void BOBCommandSession::StopCommandHandler (const char * operand, size_t len)
+	{
+		auto dest = m_Owner.FindDestination (m_Nickname);
+		if (dest)
+		{
+			dest->StopTunnels ();
+			SendReplyOK ("tunnel stopping");
+		}
+		else
+			SendReplyError ("tunnel not found");
+	}	
+	
+	void BOBCommandSession::SetNickCommandHandler (const char * operand, size_t len)
+	{
+		LogPrint (eLogDebug, "BOB: setnick ", operand);
+		m_Nickname = operand;
+		std::string msg ("Nickname set to ");
+		msg += operand;
+		SendReplyOK (msg.c_str ());
+	}	
+
+	void BOBCommandSession::GetNickCommandHandler (const char * operand, size_t len)
+	{
+		LogPrint (eLogDebug, "BOB: getnick ", operand);
+		m_CurrentDestination = m_Owner.FindDestination (operand); 
+		if (m_CurrentDestination)
+		{
+			m_Keys = m_CurrentDestination->GetKeys ();
+			m_Nickname = operand;
+			std::string msg ("Nickname set to ");
+			msg += operand;
+			SendReplyOK (msg.c_str ());
+		}
+		else
+			SendReplyError ("tunnel not found");	
+	}	
+
+	void BOBCommandSession::NewkeysCommandHandler (const char * operand, size_t len)
+	{
+		LogPrint (eLogDebug, "BOB: newkeys");
+		m_Keys = i2p::data::PrivateKeys::CreateRandomKeys ();
+		SendReplyOK (m_Keys.GetPublic ().ToBase64 ().c_str ());
+	}	
+
+	void BOBCommandSession::SetkeysCommandHandler (const char * operand, size_t len)
+	{
+		LogPrint (eLogDebug, "BOB: setkeys ", operand);
+		m_Keys.FromBase64 (operand);
+		SendReplyOK (m_Keys.GetPublic ().ToBase64 ().c_str ());
+	}
+		
+	void BOBCommandSession::GetkeysCommandHandler (const char * operand, size_t len)
+	{		
+		LogPrint (eLogDebug, "BOB: getkeys");
+		SendReplyOK (m_Keys.ToBase64 ().c_str ());
+	}	
+
+	void BOBCommandSession::GetdestCommandHandler (const char * operand, size_t len)
+	{
+		LogPrint (eLogDebug, "BOB: getdest");
+		SendReplyOK (m_Keys.GetPublic ().ToBase64 ().c_str ());
+	}	
+		
+	void BOBCommandSession::OuthostCommandHandler (const char * operand, size_t len)
+	{
+		LogPrint (eLogDebug, "BOB: outhost ", operand);
+		m_Address = operand;
+		SendReplyOK ("outhost set");
+	}
+		
+	void BOBCommandSession::OutportCommandHandler (const char * operand, size_t len)
+	{
+		LogPrint (eLogDebug, "BOB: outport ", operand);
+		m_OutPort = boost::lexical_cast<int>(operand);
+		SendReplyOK ("outbound port set");
+	}	
+
+	void BOBCommandSession::InhostCommandHandler (const char * operand, size_t len)
+	{
+		LogPrint (eLogDebug, "BOB: inhost ", operand);
+		m_Address = operand;
+		SendReplyOK ("inhost set");
+	}
+		
+	void BOBCommandSession::InportCommandHandler (const char * operand, size_t len)
+	{
+		LogPrint (eLogDebug, "BOB: inport ", operand);
+		m_InPort = boost::lexical_cast<int>(operand);
+		SendReplyOK ("inbound port set");
+	}		
+
+	void BOBCommandSession::QuietCommandHandler (const char * operand, size_t len)
+	{
+		LogPrint (eLogDebug, "BOB: quiet");
+		m_IsQuiet = true;
+		SendReplyOK ("quiet");
+	}	
+	
+	void BOBCommandSession::LookupCommandHandler (const char * operand, size_t len)
+	{
+		LogPrint (eLogDebug, "BOB: lookup ", operand);
+		i2p::data::IdentityEx addr;
+		if (!context.GetAddressBook ().GetAddress (operand, addr)) 
+		{
+			SendReplyError ("Address Not found");
+			return;
+		}		
+		SendReplyOK (addr.ToBase64 ().c_str ());
+	}
+
+	void BOBCommandSession::ClearCommandHandler (const char * operand, size_t len)
+	{
+		LogPrint (eLogDebug, "BOB: clear");
+		m_Owner.DeleteDestination (m_Nickname);
+		SendReplyOK ("cleared");
+	}	
+
+	void BOBCommandSession::ListCommandHandler (const char * operand, size_t len)
+	{
+		LogPrint (eLogDebug, "BOB: list");
+		auto& destinations = m_Owner.GetDestinations ();
+		for (auto it: destinations)
+			SendData (it.first.c_str ());
+		SendReplyOK ("Listing done");
+	}	
+
+	void BOBCommandSession::OptionCommandHandler (const char * operand, size_t len)
+	{
+		LogPrint (eLogDebug, "BOB: option ", operand);
+		const char * value = strchr (operand, '=');
+		if (value)
+		{	
+			*(const_cast<char *>(value)) = 0;
+			m_Options[operand] = value + 1; 
+			*(const_cast<char *>(value)) = '=';
+			SendReplyOK ("option");
+		}	
+		else
+			SendReplyError ("malformed");
+	}	
+		
+	BOBCommandChannel::BOBCommandChannel (int port):
+		m_IsRunning (false), m_Thread (nullptr),
+		m_Acceptor (m_Service, boost::asio::ip::tcp::endpoint(boost::asio::ip::tcp::v4(), port))
+	{
+		// command -> handler
+		m_CommandHandlers[BOB_COMMAND_ZAP] = &BOBCommandSession::ZapCommandHandler; 
+		m_CommandHandlers[BOB_COMMAND_QUIT] = &BOBCommandSession::QuitCommandHandler;
+		m_CommandHandlers[BOB_COMMAND_START] = &BOBCommandSession::StartCommandHandler;
+		m_CommandHandlers[BOB_COMMAND_STOP] = &BOBCommandSession::StopCommandHandler;
+		m_CommandHandlers[BOB_COMMAND_SETNICK] = &BOBCommandSession::SetNickCommandHandler;
+		m_CommandHandlers[BOB_COMMAND_GETNICK] = &BOBCommandSession::GetNickCommandHandler;
+		m_CommandHandlers[BOB_COMMAND_NEWKEYS] = &BOBCommandSession::NewkeysCommandHandler;
+		m_CommandHandlers[BOB_COMMAND_GETKEYS] = &BOBCommandSession::GetkeysCommandHandler;
+		m_CommandHandlers[BOB_COMMAND_SETKEYS] = &BOBCommandSession::SetkeysCommandHandler;
+		m_CommandHandlers[BOB_COMMAND_GETDEST] = &BOBCommandSession::GetdestCommandHandler;
+		m_CommandHandlers[BOB_COMMAND_OUTHOST] = &BOBCommandSession::OuthostCommandHandler;
+		m_CommandHandlers[BOB_COMMAND_OUTPORT] = &BOBCommandSession::OutportCommandHandler;
+		m_CommandHandlers[BOB_COMMAND_INHOST] = &BOBCommandSession::InhostCommandHandler;
+		m_CommandHandlers[BOB_COMMAND_INPORT] = &BOBCommandSession::InportCommandHandler;
+		m_CommandHandlers[BOB_COMMAND_QUIET] = &BOBCommandSession::QuietCommandHandler;
+		m_CommandHandlers[BOB_COMMAND_LOOKUP] = &BOBCommandSession::LookupCommandHandler;
+		m_CommandHandlers[BOB_COMMAND_CLEAR] = &BOBCommandSession::ClearCommandHandler;
+		m_CommandHandlers[BOB_COMMAND_LIST] = &BOBCommandSession::ListCommandHandler;
+		m_CommandHandlers[BOB_COMMAND_OPTION] = &BOBCommandSession::OptionCommandHandler;
+	}
+
+	BOBCommandChannel::~BOBCommandChannel ()
+	{
+		Stop ();
+		for (auto it: m_Destinations)
+			delete it.second;
+	}
+
+	void BOBCommandChannel::Start ()
+	{
+		Accept ();
+		m_IsRunning = true;
+		m_Thread = new std::thread (std::bind (&BOBCommandChannel::Run, this));
+	}
+
+	void BOBCommandChannel::Stop ()
+	{
+		for (auto it: m_Destinations)
+			it.second->Stop ();
+		m_IsRunning = false;
+		m_Service.stop ();
+		if (m_Thread)
+		{	
+			m_Thread->join (); 
+			delete m_Thread;
+			m_Thread = nullptr;
+		}	
+	}
+		
+	void BOBCommandChannel::Run () 
+	{ 
+		while (m_IsRunning)
+		{
+			try
+			{	
+				m_Service.run ();
+			}
+			catch (std::exception& ex)
+			{
+				LogPrint (eLogError, "BOB: ", ex.what ());
+			}	
+		}	
+	}
+
+	void BOBCommandChannel::AddDestination (const std::string& name, BOBDestination * dest)
+	{
+		m_Destinations[name] = dest;
+	}	
+
+	void BOBCommandChannel::DeleteDestination (const std::string& name)
+	{
+		auto it = m_Destinations.find (name);
+		if (it != m_Destinations.end ())
+		{
+			it->second->Stop ();
+			delete it->second;
+			m_Destinations.erase (it);
+		}	
+	}	
+		
+	BOBDestination * BOBCommandChannel::FindDestination (const std::string& name)
+	{
+		auto it = m_Destinations.find (name);
+		if (it != m_Destinations.end ())
+			return it->second;
+		return nullptr;	
+	}
+		
+	void BOBCommandChannel::Accept ()
+	{
+		auto newSession = std::make_shared<BOBCommandSession> (*this);
+		m_Acceptor.async_accept (newSession->GetSocket (), std::bind (&BOBCommandChannel::HandleAccept, this,
+			std::placeholders::_1, newSession));
+	}
+
+	void BOBCommandChannel::HandleAccept(const boost::system::error_code& ecode, std::shared_ptr<BOBCommandSession> session)
+	{
+		if (ecode != boost::asio::error::operation_aborted)
+			Accept ();
+
+		if (!ecode)
+		{
+			LogPrint (eLogInfo, "New BOB command connection from ", session->GetSocket ().remote_endpoint ());
+			session->SendVersion ();	
+		}
+		else
+			LogPrint (eLogError, "BOB accept error: ",  ecode.message ());
+	}
+}
+}
+

BOB.h

@@ -0,0 +1,238 @@
+#ifndef BOB_H__
+#define BOB_H__
+
+#include <inttypes.h>
+#include <thread>
+#include <memory>
+#include <map>
+#include <string>
+#include <boost/asio.hpp>
+#include "I2PTunnel.h"
+#include "Identity.h"
+#include "LeaseSet.h"
+
+namespace i2p
+{
+namespace client
+{
+	const size_t BOB_COMMAND_BUFFER_SIZE = 1024;
+	const char BOB_COMMAND_ZAP[] = "zap";
+	const char BOB_COMMAND_QUIT[] = "quit";
+	const char BOB_COMMAND_START[] = "start";
+	const char BOB_COMMAND_STOP[] = "stop";	
+	const char BOB_COMMAND_SETNICK[] = "setnick";
+	const char BOB_COMMAND_GETNICK[] = "getnick";		
+	const char BOB_COMMAND_NEWKEYS[] = "newkeys";
+	const char BOB_COMMAND_GETKEYS[] = "getkeys";
+	const char BOB_COMMAND_SETKEYS[] = "setkeys";
+	const char BOB_COMMAND_GETDEST[] = "getdest";
+	const char BOB_COMMAND_OUTHOST[] = "outhost";	
+	const char BOB_COMMAND_OUTPORT[] = "outport";
+	const char BOB_COMMAND_INHOST[] = "inhost";	
+	const char BOB_COMMAND_INPORT[] = "inport";
+	const char BOB_COMMAND_QUIET[] = "quiet";
+	const char BOB_COMMAND_LOOKUP[] = "lookup";	
+	const char BOB_COMMAND_CLEAR[] = "clear";
+	const char BOB_COMMAND_LIST[] = "list";
+	const char BOB_COMMAND_OPTION[] = "option";
+	
+	const char BOB_VERSION[] = "BOB 00.00.10\nOK\n";	
+	const char BOB_REPLY_OK[] = "OK %s\n";
+	const char BOB_REPLY_ERROR[] = "ERROR %s\n";
+	const char BOB_DATA[] = "NICKNAME %s\n";
+
+	class BOBI2PTunnel: public I2PTunnel
+	{
+		public:
+
+			BOBI2PTunnel (boost::asio::io_service& service, ClientDestination * localDestination): 
+				I2PTunnel (service, localDestination) {};
+
+			virtual void Start () {};
+			virtual void Stop () {};				
+	};	
+	
+	class BOBI2PInboundTunnel: public BOBI2PTunnel
+	{
+			struct AddressReceiver
+			{
+				boost::asio::ip::tcp::socket * socket;
+				char buffer[BOB_COMMAND_BUFFER_SIZE + 1]; // for destination base64 address
+				uint8_t * data; 
+				size_t dataLen, bufferOffset; 
+
+				AddressReceiver (): data (nullptr), dataLen (0), bufferOffset (0) {};
+			};	
+		
+		public:
+
+			BOBI2PInboundTunnel (boost::asio::io_service& service, int port, ClientDestination * localDestination);
+			~BOBI2PInboundTunnel ();
+
+			void Start ();
+			void Stop ();
+
+		private:
+
+			void Accept ();
+			void HandleAccept (const boost::system::error_code& ecode, AddressReceiver * receiver);
+
+			void ReceiveAddress (AddressReceiver * receiver);
+			void HandleReceivedAddress (const boost::system::error_code& ecode, std::size_t bytes_transferred,
+				AddressReceiver * receiver);
+
+			void HandleDestinationRequestTimer (const boost::system::error_code& ecode, AddressReceiver * receiver, i2p::data::IdentHash ident);
+
+			void CreateConnection (AddressReceiver * receiver, const i2p::data::LeaseSet * leaseSet);
+
+		private:
+
+			boost::asio::ip::tcp::acceptor m_Acceptor;	
+			boost::asio::deadline_timer m_Timer;
+	};
+
+	class BOBI2POutboundTunnel: public BOBI2PTunnel
+	{
+		public:
+
+			 BOBI2POutboundTunnel (boost::asio::io_service& service, const std::string& address, int port, 
+				ClientDestination * localDestination, bool quiet);	
+
+			void Start ();
+			void Stop ();
+
+			void SetQuiet () { m_IsQuiet = true; };
+
+		private:
+
+			void Accept ();
+			void HandleAccept (std::shared_ptr<i2p::stream::Stream> stream);
+
+		private:
+
+			boost::asio::ip::tcp::endpoint m_Endpoint;	
+			bool m_IsQuiet;	
+	};
+
+
+	class BOBDestination
+	{
+		public:
+
+			BOBDestination (boost::asio::io_service& service, ClientDestination& localDestination);
+			~BOBDestination ();
+
+			void Start ();
+			void Stop ();
+			void StopTunnels ();
+			void CreateInboundTunnel (int port);
+			void CreateOutboundTunnel (const std::string& address, int port, bool quiet);
+			const i2p::data::PrivateKeys& GetKeys () const { return m_LocalDestination.GetPrivateKeys (); };
+			
+		private:	
+
+			boost::asio::io_service& m_Service;
+			ClientDestination& m_LocalDestination;
+			BOBI2POutboundTunnel * m_OutboundTunnel;
+			BOBI2PInboundTunnel * m_InboundTunnel;
+	};	
+	
+	class BOBCommandChannel;
+	class BOBCommandSession: public std::enable_shared_from_this<BOBCommandSession>
+	{
+		public:
+
+			BOBCommandSession (BOBCommandChannel& owner);
+			~BOBCommandSession ();	
+			void Terminate ();
+
+			boost::asio::ip::tcp::socket& GetSocket () { return m_Socket; };
+			void SendVersion ();
+
+			// command handlers
+			void ZapCommandHandler (const char * operand, size_t len);
+			void QuitCommandHandler (const char * operand, size_t len);
+			void StartCommandHandler (const char * operand, size_t len);
+			void StopCommandHandler (const char * operand, size_t len);
+			void SetNickCommandHandler (const char * operand, size_t len);
+			void GetNickCommandHandler (const char * operand, size_t len);
+			void NewkeysCommandHandler (const char * operand, size_t len);
+			void SetkeysCommandHandler (const char * operand, size_t len);
+			void GetkeysCommandHandler (const char * operand, size_t len);
+			void GetdestCommandHandler (const char * operand, size_t len);
+			void OuthostCommandHandler (const char * operand, size_t len);
+			void OutportCommandHandler (const char * operand, size_t len);
+			void InhostCommandHandler (const char * operand, size_t len);
+			void InportCommandHandler (const char * operand, size_t len);			
+			void QuietCommandHandler (const char * operand, size_t len);	
+			void LookupCommandHandler (const char * operand, size_t len);
+			void ClearCommandHandler (const char * operand, size_t len);
+			void ListCommandHandler (const char * operand, size_t len);
+			void OptionCommandHandler (const char * operand, size_t len);
+			
+		private:
+
+			void Receive ();
+			void HandleReceived (const boost::system::error_code& ecode, std::size_t bytes_transferred);
+
+			void Send (size_t len);
+			void HandleSent (const boost::system::error_code& ecode, std::size_t bytes_transferred);
+			void SendReplyOK (const char * msg);
+			void SendReplyError (const char * msg);
+			void SendData (const char * nickname);
+
+		private:
+
+			BOBCommandChannel& m_Owner;
+			boost::asio::ip::tcp::socket m_Socket;
+			char m_ReceiveBuffer[BOB_COMMAND_BUFFER_SIZE + 1], m_SendBuffer[BOB_COMMAND_BUFFER_SIZE + 1];
+			size_t m_ReceiveBufferOffset;
+			bool m_IsOpen, m_IsQuiet;
+			std::string m_Nickname, m_Address;
+			int m_InPort, m_OutPort;
+			i2p::data::PrivateKeys m_Keys;
+			std::map<std::string, std::string> m_Options; 
+			BOBDestination * m_CurrentDestination;
+	};
+	typedef void (BOBCommandSession::*BOBCommandHandler)(const char * operand, size_t len);
+
+	class BOBCommandChannel
+	{
+		public:
+
+			BOBCommandChannel (int port);
+			~BOBCommandChannel ();
+
+			void Start ();
+			void Stop ();
+
+			boost::asio::io_service& GetService () { return m_Service; };
+			void AddDestination (const std::string& name, BOBDestination * dest);
+			void DeleteDestination (const std::string& name);
+			BOBDestination * FindDestination (const std::string& name);
+			
+		private:
+
+			void Run ();
+			void Accept ();
+			void HandleAccept(const boost::system::error_code& ecode, std::shared_ptr<BOBCommandSession> session);
+
+		private:
+
+			bool m_IsRunning;
+			std::thread * m_Thread;	
+			boost::asio::io_service m_Service;
+			boost::asio::ip::tcp::acceptor m_Acceptor;
+			std::map<std::string, BOBDestination *> m_Destinations;
+			std::map<std::string, BOBCommandHandler> m_CommandHandlers;
+
+		public:
+
+			const decltype(m_CommandHandlers)& GetCommandHandlers () const { return m_CommandHandlers; };
+			const decltype(m_Destinations)& GetDestinations () const { return m_Destinations; };
+	};	
+}
+}
+
+#endif
+

ClientContext.cpp

@@ -1,5 +1,7 @@
+#include <fstream>
 #include "util.h"
 #include "Log.h"
+#include "Identity.h"
 #include "ClientContext.h"
 
 namespace i2p
@@ -10,7 +12,7 @@ namespace client
 
 	ClientContext::ClientContext (): m_SharedLocalDestination (nullptr),
 		m_HttpProxy (nullptr), m_SocksProxy (nullptr), m_IrcTunnel (nullptr),
-		m_ServerTunnel (nullptr), m_SamBridge (nullptr)	
+		m_ServerTunnel (nullptr), m_SamBridge (nullptr), m_BOBCommandChannel (nullptr)
 	{
 	}
 	
@@ -21,13 +23,14 @@ namespace client
 		delete m_IrcTunnel;
 		delete m_ServerTunnel;
 		delete m_SamBridge;
+		delete m_BOBCommandChannel;
 	}
 	
 	void ClientContext::Start ()
 	{
 		if (!m_SharedLocalDestination)
 		{	
-			m_SharedLocalDestination = new ClientDestination (false, i2p::data::SIGNING_KEY_TYPE_DSA_SHA1); // non-public, DSA
+			m_SharedLocalDestination = CreateNewLocalDestination (); // non-public, DSA
 			m_Destinations[m_SharedLocalDestination->GetIdentity ().GetIdentHash ()] = m_SharedLocalDestination;
 			m_SharedLocalDestination->Start ();
 		}
@@ -44,7 +47,7 @@ namespace client
 			ClientDestination * localDestination = nullptr;
 			std::string ircKeys = i2p::util::config::GetArg("-irckeys", "");	
 			if (ircKeys.length () > 0)
-				localDestination = i2p::client::context.LoadLocalDestination (ircKeys, false);
+				localDestination = LoadLocalDestination (ircKeys, false);
 			m_IrcTunnel = new I2PClientTunnel (m_SocksProxy->GetService (), ircDestination,
 				i2p::util::config::GetArg("-ircport", 6668), localDestination);
 			m_IrcTunnel->Start ();
@@ -53,7 +56,7 @@ namespace client
 		std::string eepKeys = i2p::util::config::GetArg("-eepkeys", "");
 		if (eepKeys.length () > 0) // eepkeys file is presented
 		{
-			auto localDestination = i2p::client::context.LoadLocalDestination (eepKeys, true);
+			auto localDestination = LoadLocalDestination (eepKeys, true);
 			m_ServerTunnel = new I2PServerTunnel (m_SocksProxy->GetService (), 
 				i2p::util::config::GetArg("-eephost", "127.0.0.1"), i2p::util::config::GetArg("-eepport", 80),
 				localDestination);
@@ -67,6 +70,13 @@ namespace client
 			m_SamBridge->Start ();
 			LogPrint("SAM bridge started");
 		} 
+		int bobPort = i2p::util::config::GetArg("-bobport", 0);
+		if (bobPort)
+		{
+			m_BOBCommandChannel = new BOBCommandChannel (bobPort);
+			m_BOBCommandChannel->Start ();
+			LogPrint("BOB command channel started");
+		} 
 	}
 		
 	void ClientContext::Stop ()
@@ -100,7 +110,14 @@ namespace client
 			m_SamBridge = nullptr;
 			LogPrint("SAM brdige stoped");	
 		}		
-		
+		if (m_BOBCommandChannel)
+		{
+			m_BOBCommandChannel->Stop ();
+			delete m_BOBCommandChannel; 
+			m_BOBCommandChannel = nullptr;
+			LogPrint("BOB command channel stoped");	
+		}			
+
 		for (auto it: m_Destinations)
 		{	
 			it.second->Stop ();
@@ -109,43 +126,49 @@ namespace client
 		m_Destinations.clear ();
 		m_SharedLocalDestination = 0; // deleted through m_Destination
 	}	
-
-	void ClientContext::LoadLocalDestinations ()
-	{
-		int numDestinations = 0;
-		boost::filesystem::path p (i2p::util::filesystem::GetDataDir());
-		boost::filesystem::directory_iterator end;
-		for (boost::filesystem::directory_iterator it (p); it != end; ++it)
-		{
-			if (boost::filesystem::is_regular_file (*it) && it->path ().extension () == ".dat")
-			{
-				auto fullPath =
-#if BOOST_VERSION > 10500
-				it->path().string();
-#else
-				it->path();
-#endif
-				auto localDestination = new ClientDestination (fullPath, true);
-				m_Destinations[localDestination->GetIdentHash ()] = localDestination;
-				numDestinations++;
-			}	
-		}	
-		if (numDestinations > 0)
-			LogPrint (numDestinations, " local destinations loaded");
-	}	
 	
 	ClientDestination * ClientContext::LoadLocalDestination (const std::string& filename, bool isPublic)
 	{
-		auto localDestination = new ClientDestination (i2p::util::filesystem::GetFullPath (filename), isPublic);
+		i2p::data::PrivateKeys keys;
+		std::string fullPath = i2p::util::filesystem::GetFullPath (filename);
+		std::ifstream s(fullPath.c_str (), std::ifstream::binary);
+		if (s.is_open ())	
+		{	
+			s.seekg (0, std::ios::end);
+			size_t len = s.tellg();
+			s.seekg (0, std::ios::beg);
+			uint8_t * buf = new uint8_t[len];
+			s.read ((char *)buf, len);
+			keys.FromBuffer (buf, len);
+			delete[] buf;
+			LogPrint ("Local address ", keys.GetPublic ().GetIdentHash ().ToBase32 (), ".b32.i2p loaded");
+		}	
+		else
+		{
+			LogPrint ("Can't open file ", fullPath, " Creating new one");
+			keys = i2p::data::PrivateKeys::CreateRandomKeys (i2p::data::SIGNING_KEY_TYPE_DSA_SHA1); 
+			std::ofstream f (fullPath, std::ofstream::binary | std::ofstream::out);
+			size_t len = keys.GetFullLen ();
+			uint8_t * buf = new uint8_t[len];
+			len = keys.ToBuffer (buf, len);
+			f.write ((char *)buf, len);
+			delete[] buf;
+			
+			LogPrint ("New private keys file ", fullPath, " for ", keys.GetPublic ().GetIdentHash ().ToBase32 (), ".b32.i2p created");
+		}	
+
+		auto localDestination = new ClientDestination (keys, isPublic);
 		std::unique_lock<std::mutex> l(m_DestinationsMutex);	
 		m_Destinations[localDestination->GetIdentHash ()] = localDestination;
 		localDestination->Start ();
 		return localDestination;
 	}
 
-	ClientDestination * ClientContext::CreateNewLocalDestination (bool isPublic, i2p::data::SigningKeyType sigType)
+	ClientDestination * ClientContext::CreateNewLocalDestination (bool isPublic, i2p::data::SigningKeyType sigType,
+		const std::map<std::string, std::string> * params)
 	{
-		auto localDestination = new ClientDestination (isPublic, sigType);
+		i2p::data::PrivateKeys keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType);
+		auto localDestination = new ClientDestination (keys, isPublic, params);
 		std::unique_lock<std::mutex> l(m_DestinationsMutex);
 		m_Destinations[localDestination->GetIdentHash ()] = localDestination;
 		localDestination->Start ();
@@ -168,7 +191,8 @@ namespace client
 		}
 	}
 
-	ClientDestination * ClientContext::CreateNewLocalDestination (const i2p::data::PrivateKeys& keys, bool isPublic)
+	ClientDestination * ClientContext::CreateNewLocalDestination (const i2p::data::PrivateKeys& keys, bool isPublic,
+		const std::map<std::string, std::string> * params)
 	{
 		auto it = m_Destinations.find (keys.GetPublic ().GetIdentHash ());
 		if (it != m_Destinations.end ())
@@ -181,7 +205,7 @@ namespace client
 			}	
 			return nullptr;
 		}	
-		auto localDestination = new ClientDestination (keys, isPublic);
+		auto localDestination = new ClientDestination (keys, isPublic, params);
 		std::unique_lock<std::mutex> l(m_DestinationsMutex);
 		m_Destinations[keys.GetPublic ().GetIdentHash ()] = localDestination;
 		localDestination->Start ();

ClientContext.h

@@ -7,6 +7,7 @@
 #include "SOCKS.h"
 #include "I2PTunnel.h"
 #include "SAM.h"
+#include "BOB.h"
 #include "AddressBook.h"
 
 namespace i2p
@@ -24,17 +25,15 @@ namespace client
 			void Stop ();
 
 			ClientDestination * GetSharedLocalDestination () const { return m_SharedLocalDestination; };
-			ClientDestination * CreateNewLocalDestination (bool isPublic = true, i2p::data::SigningKeyType sigType = i2p::data::SIGNING_KEY_TYPE_DSA_SHA1); // transient
+			ClientDestination * CreateNewLocalDestination (bool isPublic = false, i2p::data::SigningKeyType sigType = i2p::data::SIGNING_KEY_TYPE_DSA_SHA1,
-			ClientDestination * CreateNewLocalDestination (const i2p::data::PrivateKeys& keys, bool isPublic = true);
+			    const std::map<std::string, std::string> * params = nullptr); // transient
+			ClientDestination * CreateNewLocalDestination (const i2p::data::PrivateKeys& keys, bool isPublic = true, 
+				const std::map<std::string, std::string> * params = nullptr);
 			void DeleteLocalDestination (ClientDestination * destination);
 			ClientDestination * FindLocalDestination (const i2p::data::IdentHash& destination) const;		
 			ClientDestination * LoadLocalDestination (const std::string& filename, bool isPublic);
 
 			AddressBook& GetAddressBook () { return m_AddressBook; };
-
-		private:	
-
-			void LoadLocalDestinations ();
 			
 		private:
 
@@ -49,6 +48,7 @@ namespace client
 			I2PClientTunnel * m_IrcTunnel;
 			I2PServerTunnel * m_ServerTunnel;
 			SAMBridge * m_SamBridge;
+			BOBCommandChannel * m_BOBCommandChannel;
 
 		public:
 			// for HTTP

CryptoConst.h

@@ -28,7 +28,10 @@ namespace crypto
 	// DSA
 	#define dsap GetCryptoConstants ().dsap	
 	#define dsaq GetCryptoConstants ().dsaq
-	#define dsag GetCryptoConstants ().dsag		
+	#define dsag GetCryptoConstants ().dsag	
+
+	// RSA
+	const int rsae = 65537;	
 }		
 }	
 

Datagram.cpp

@@ -36,18 +36,15 @@ namespace datagram
 		else
 			m_Owner.Sign (buf1, len, signature);
 		
-		auto service = m_Owner.GetService ();
+		m_Owner.GetService ().post (std::bind (&DatagramDestination::SendMsg, this, 
-		if (service) 
+			CreateDataMessage (buf, len + headerLen), remote));
-			service->post (boost::bind (&DatagramDestination::SendMsg, this, 
-				CreateDataMessage (buf, len + headerLen), remote));
-		else
-			LogPrint (eLogWarning, "Failed to send datagram. Destination is not running");
 	}
 
 	void DatagramDestination::SendMsg (I2NPMessage * msg, const i2p::data::LeaseSet& remote)
 	{
+		auto outboundTunnel = m_Owner.GetTunnelPool ()->GetNextOutboundTunnel ();
 		auto leases = remote.GetNonExpiredLeases ();
-		if (!leases.empty ())
+		if (!leases.empty () && outboundTunnel)
 		{
 			std::vector<i2p::tunnel::TunnelMessageBlock> msgs;			
 			uint32_t i = i2p::context.GetRandomNumberGenerator ().GenerateWord32 (0, leases.size () - 1);
@@ -58,11 +55,14 @@ namespace datagram
 					leases[i].tunnelGateway, leases[i].tunnelID,
 					garlic
 				});
-			m_Owner.SendTunnelDataMsgs (msgs);
+			outboundTunnel->SendTunnelDataMsg (msgs);
 		}
 		else
 		{
-			LogPrint (eLogWarning, "Failed to send datagram. All leases expired");
+			if (outboundTunnel)
+				LogPrint (eLogWarning, "Failed to send datagram. All leases expired");
+			else
+				LogPrint (eLogWarning, "Failed to send datagram. No outbound tunnels");
 			DeleteI2NPMessage (msg);	
 		}	
 	}

Destination.cpp

@@ -1,5 +1,5 @@
-#include <fstream>
 #include <algorithm>
+#include <boost/lexical_cast.hpp>
 #include <cryptopp/dh.h>
 #include "Log.h"
 #include "util.h"
@@ -10,67 +10,42 @@ namespace i2p
 {
 namespace client
 {
-	ClientDestination::ClientDestination (bool isPublic, i2p::data::SigningKeyType sigType): 
+	ClientDestination::ClientDestination (const i2p::data::PrivateKeys& keys, bool isPublic, 
-		m_IsRunning (false), m_Thread (nullptr), m_Service (nullptr), m_Work (nullptr), 
+			const std::map<std::string, std::string> * params):
-		m_CurrentOutboundTunnel (nullptr), m_LeaseSet (nullptr), m_IsPublic (isPublic),
+		m_IsRunning (false), m_Thread (nullptr), m_Work (m_Service),	
-		m_DatagramDestination (nullptr)
+		m_Keys (keys), m_LeaseSet (nullptr), m_IsPublic (isPublic), m_PublishReplyToken (0),
-	{		
+		m_DatagramDestination (nullptr), m_PublishConfirmationTimer (m_Service)
-		m_Keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType);
+	{
 		CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg);
 		dh.GenerateKeyPair(i2p::context.GetRandomNumberGenerator (), m_EncryptionPrivateKey, m_EncryptionPublicKey);
-		m_Pool = i2p::tunnel::tunnels.CreateTunnelPool (*this, 3); // 3-hops tunnel
+		int inboundTunnelLen = DEFAULT_INBOUND_TUNNEL_LENGTH;
-		if (m_IsPublic)
+		int outboundTunnelLen = DEFAULT_OUTBOUND_TUNNEL_LENGTH;
-			LogPrint ("Local address ", GetIdentHash ().ToBase32 (), ".b32.i2p created");
+		if (params)
-		m_StreamingDestination = new i2p::stream::StreamingDestination (*this); // TODO:
-	}
-
-	ClientDestination::ClientDestination (const std::string& fullPath, bool isPublic):
-		m_IsRunning (false), m_Thread (nullptr), m_Service (nullptr), m_Work (nullptr),
-		m_CurrentOutboundTunnel (nullptr), m_LeaseSet (nullptr), m_IsPublic (isPublic),
-		m_DatagramDestination (nullptr)
-	{
-		std::ifstream s(fullPath.c_str (), std::ifstream::binary);
-		if (s.is_open ())	
-		{	
-			s.seekg (0, std::ios::end);
-			size_t len = s.tellg();
-			s.seekg (0, std::ios::beg);
-			uint8_t * buf = new uint8_t[len];
-			s.read ((char *)buf, len);
-			m_Keys.FromBuffer (buf, len);
-			delete[] buf;
-			LogPrint ("Local address ", GetIdentHash ().ToBase32 (), ".b32.i2p loaded");
-		}	
-		else
 		{
-			LogPrint ("Can't open file ", fullPath, " Creating new one");
+			auto it = params->find (I2CP_PARAM_INBOUND_TUNNEL_LENGTH);
-			m_Keys = i2p::data::PrivateKeys::CreateRandomKeys (i2p::data::SIGNING_KEY_TYPE_DSA_SHA1); 
+			if (it != params->end ())
-			std::ofstream f (fullPath, std::ofstream::binary | std::ofstream::out);
+			{	
-			size_t len = m_Keys.GetFullLen ();
+				int len = boost::lexical_cast<int>(it->second);
-			uint8_t * buf = new uint8_t[len];
+				if (len > 0)
-			len = m_Keys.ToBuffer (buf, len);
+				{
-			f.write ((char *)buf, len);
+					inboundTunnelLen = len;
-			delete[] buf;
+					LogPrint (eLogInfo, "Inbound tunnel length set to ", len);
-			
+				}
-			LogPrint ("New private keys file ", fullPath, " for ", m_Keys.GetPublic ().GetIdentHash ().ToBase32 (), ".b32.i2p created");
+			}	
+			it = params->find (I2CP_PARAM_OUTBOUND_TUNNEL_LENGTH);
+			if (it != params->end ())
+			{
+				int len = boost::lexical_cast<int>(it->second);
+				if (len > 0)
+				{
+					outboundTunnelLen = len;
+					LogPrint (eLogInfo, "Outbound tunnel length set to ", len);
+				}
+			}	
 		}	
-
+		m_Pool = i2p::tunnel::tunnels.CreateTunnelPool (this, inboundTunnelLen, outboundTunnelLen);  
-		CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg);
-		dh.GenerateKeyPair(i2p::context.GetRandomNumberGenerator (), m_EncryptionPrivateKey, m_EncryptionPublicKey);
-		m_Pool = i2p::tunnel::tunnels.CreateTunnelPool (*this, 3); // 3-hops tunnel 
-		m_StreamingDestination = new i2p::stream::StreamingDestination (*this); // TODO:
-	}
-
-	ClientDestination::ClientDestination (const i2p::data::PrivateKeys& keys, bool isPublic):
-		m_IsRunning (false), m_Thread (nullptr), m_Service (nullptr), m_Work (nullptr),	
-		m_Keys (keys), m_CurrentOutboundTunnel (nullptr), m_LeaseSet (nullptr), m_IsPublic (isPublic),
-		m_DatagramDestination (nullptr)
-	{
-		CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg);
-		dh.GenerateKeyPair(i2p::context.GetRandomNumberGenerator (), m_EncryptionPrivateKey, m_EncryptionPublicKey);
-		m_Pool = i2p::tunnel::tunnels.CreateTunnelPool (*this, 3); // 3-hops tunnel 
 		if (m_IsPublic)
-			LogPrint ("Local address ", GetIdentHash ().ToBase32 (), ".b32.i2p created");
+			LogPrint (eLogInfo, "Local address ", GetIdentHash ().ToBase32 (), ".b32.i2p created");
 		m_StreamingDestination = new i2p::stream::StreamingDestination (*this); // TODO:
 	}
 
@@ -81,23 +56,26 @@ namespace client
 			delete it.second;
 		if (m_Pool)
 			i2p::tunnel::tunnels.DeleteTunnelPool (m_Pool);		
-		delete m_LeaseSet;
-		delete m_Work;
-		delete m_Service;
-		delete m_StreamingDestination;
-		delete m_DatagramDestination;
 	}	
 
 	void ClientDestination::Run ()
 	{
-		if (m_Service)
+		while (m_IsRunning)
-			m_Service->run ();
+		{
+			try
+			{	
+				m_Service.run ();
+			}
+			catch (std::exception& ex)
+			{
+				LogPrint ("Destination: ", ex.what ());
+			}	
+		}	
 	}	
 
 	void ClientDestination::Start ()
 	{	
-		m_Service = new boost::asio::io_service;
+		m_Pool->SetLocalDestination (this);
-		m_Work = new boost::asio::io_service::work (*m_Service);
 		m_Pool->SetActive (true);
 		m_IsRunning = true;
 		m_Thread = new std::thread (std::bind (&ClientDestination::Run, this));
@@ -114,18 +92,18 @@ namespace client
 			delete d;
 		}	
 		if (m_Pool)
+		{	
+			m_Pool->SetLocalDestination (nullptr);
 			i2p::tunnel::tunnels.StopTunnelPool (m_Pool);
+		}	
 		m_IsRunning = false;
-		if (m_Service)
+		m_Service.stop ();
-			m_Service->stop ();
 		if (m_Thread)
 		{	
 			m_Thread->join (); 
 			delete m_Thread;
 			m_Thread = 0;
 		}	
-		delete m_Work; m_Work = nullptr;
-		delete m_Service; m_Service = nullptr;
 	}	
 
 	const i2p::data::LeaseSet * ClientDestination::FindLeaseSet (const i2p::data::IdentHash& ident)
@@ -175,27 +153,29 @@ namespace client
 		}	
 	}	
 
-	void ClientDestination::SendTunnelDataMsgs (const std::vector<i2p::tunnel::TunnelMessageBlock>& msgs)
+	bool ClientDestination::SubmitSessionKey (const uint8_t * key, const uint8_t * tag)
 	{
-		m_CurrentOutboundTunnel = m_Pool->GetNextOutboundTunnel (m_CurrentOutboundTunnel);
+		struct
-		if (m_CurrentOutboundTunnel)
-			m_CurrentOutboundTunnel->SendTunnelDataMsg (msgs);
-		else
 		{
-			LogPrint ("No outbound tunnels in the pool");
+			uint8_t k[32], t[32];
-			for (auto it: msgs)
+		} data;	
-				DeleteI2NPMessage (it.data);
+		memcpy (data.k, key, 32);
-		}
+		memcpy (data.t, tag, 32);
+		m_Service.post ([this,data](void)
+			{
+				this->AddSessionKey (data.k, data.t);
+			});
+		return true;
 	}
 
 	void ClientDestination::ProcessGarlicMessage (I2NPMessage * msg)
 	{
-		m_Service->post (boost::bind (&ClientDestination::HandleGarlicMessage, this, msg)); 
+		m_Service.post (std::bind (&ClientDestination::HandleGarlicMessage, this, msg)); 
 	}
 
 	void ClientDestination::ProcessDeliveryStatusMessage (I2NPMessage * msg)
 	{
-		m_Service->post (boost::bind (&ClientDestination::HandleDeliveryStatusMessage, this, msg)); 
+		m_Service.post (std::bind (&ClientDestination::HandleDeliveryStatusMessage, this, msg)); 
 	}
 
 	void ClientDestination::HandleI2NPMessage (const uint8_t * buf, size_t len, i2p::tunnel::InboundTunnel * from)
@@ -223,21 +203,36 @@ namespace client
 			offset += 36;
 		if (msg->type == 1) // LeaseSet
 		{
-			LogPrint ("Remote LeaseSet");
+			LogPrint (eLogDebug, "Remote LeaseSet");
 			auto it = m_RemoteLeaseSets.find (msg->key);
 			if (it != m_RemoteLeaseSets.end ())
 			{
 				it->second->Update (buf + offset, len - offset); 
-				LogPrint ("Remote LeaseSet updated");
+				LogPrint (eLogDebug, "Remote LeaseSet updated");
 			}
 			else
 			{	
-				LogPrint ("New remote LeaseSet added");
+				LogPrint (eLogDebug, "New remote LeaseSet added");
 				m_RemoteLeaseSets[msg->key] = new i2p::data::LeaseSet (buf + offset, len - offset);
 			}	
 		}	
 		else
-			LogPrint ("Unexpected client's DatabaseStore type ", msg->type, ". Dropped");
+			LogPrint (eLogError, "Unexpected client's DatabaseStore type ", msg->type, ". Dropped");
+	}	
+
+	void ClientDestination::HandleDeliveryStatusMessage (I2NPMessage * msg)
+	{
+		I2NPDeliveryStatusMsg * deliveryStatus = (I2NPDeliveryStatusMsg *)msg->GetPayload ();
+		uint32_t msgID = be32toh (deliveryStatus->msgID);
+		if (msgID == m_PublishReplyToken)
+		{
+			LogPrint (eLogDebug, "Publishing confirmed");
+			m_ExcludedFloodfills.clear ();
+			m_PublishReplyToken = 0;
+			i2p::DeleteI2NPMessage (msg);
+		}
+		else
+			i2p::garlic::GarlicDestination::HandleDeliveryStatusMessage (msg);
 	}	
 
 	void ClientDestination::SetLeaseSetUpdated ()
@@ -245,7 +240,56 @@ namespace client
 		i2p::garlic::GarlicDestination::SetLeaseSetUpdated ();	
 		UpdateLeaseSet ();
 		if (m_IsPublic)
-			i2p::data::netdb.PublishLeaseSet (m_LeaseSet, m_Pool);
+			Publish ();
+	}
+
+	void ClientDestination::Publish ()
+	{	
+		if (!m_LeaseSet || !m_Pool) 
+		{
+			LogPrint (eLogError, "Can't publish non-existing LeaseSet");
+			return;
+		}
+		if (m_PublishReplyToken)
+		{
+			LogPrint (eLogInfo, "Publishing is pending");
+			return;
+		}
+		auto outbound = m_Pool->GetNextOutboundTunnel ();
+		if (!outbound)
+		{
+			LogPrint ("Can't publish LeaseSet. No outbound tunnels");
+			return;
+		}
+		std::set<i2p::data::IdentHash> excluded; 
+		auto floodfill = i2p::data::netdb.GetClosestFloodfill (m_LeaseSet->GetIdentHash (), m_ExcludedFloodfills);	
+		if (!floodfill)
+		{
+			LogPrint ("Can't publish LeaseSet. No more floodfills found");
+			m_ExcludedFloodfills.clear ();
+			return;
+		}	
+		m_ExcludedFloodfills.insert (floodfill->GetIdentHash ());
+		LogPrint (eLogDebug, "Publish LeaseSet of ", GetIdentHash ().ToBase32 ());
+		m_PublishReplyToken = i2p::context.GetRandomNumberGenerator ().GenerateWord32 ();
+		auto msg = WrapMessage (*floodfill, i2p::CreateDatabaseStoreMsg (m_LeaseSet, m_PublishReplyToken));			
+		m_PublishConfirmationTimer.expires_from_now (boost::posix_time::seconds(PUBLISH_CONFIRMATION_TIMEOUT));
+		m_PublishConfirmationTimer.async_wait (std::bind (&ClientDestination::HandlePublishConfirmationTimer,
+			this, std::placeholders::_1));	
+		outbound->SendTunnelDataMsg (floodfill->GetIdentHash (), 0, msg);	
+	}
+
+	void ClientDestination::HandlePublishConfirmationTimer (const boost::system::error_code& ecode)
+	{
+		if (ecode != boost::asio::error::operation_aborted)
+		{	
+			if (m_PublishReplyToken)
+			{
+				LogPrint (eLogWarning, "Publish confirmation was not received in ", PUBLISH_CONFIRMATION_TIMEOUT,  "seconds. Try again");
+				m_PublishReplyToken = 0;
+				Publish ();
+			}
+		}
 	}
 
 	void ClientDestination::HandleDataMessage (const uint8_t * buf, size_t len)
@@ -274,7 +318,7 @@ namespace client
 		}
 	}	
 
-	i2p::stream::Stream * ClientDestination::CreateStream (const i2p::data::LeaseSet& remote, int port)
+	std::shared_ptr<i2p::stream::Stream> ClientDestination::CreateStream (const i2p::data::LeaseSet& remote, int port)
 	{
 		if (m_StreamingDestination)
 			return m_StreamingDestination->CreateNewOutgoingStream (remote, port);

Destination.h

@@ -3,6 +3,9 @@
 
 #include <thread>
 #include <mutex>
+#include <memory>
+#include <map>
+#include <string>
 #include "Identity.h"
 #include "TunnelPool.h"
 #include "CryptoConst.h"
@@ -18,30 +21,32 @@ namespace client
 	const uint8_t PROTOCOL_TYPE_STREAMING = 6;
 	const uint8_t PROTOCOL_TYPE_DATAGRAM = 17;
 	const uint8_t PROTOCOL_TYPE_RAW = 18;	
+	const int PUBLISH_CONFIRMATION_TIMEOUT = 5; // in seconds
 
+	// I2CP
+	const char I2CP_PARAM_INBOUND_TUNNEL_LENGTH[] = "inbound.length";
+	const int DEFAULT_INBOUND_TUNNEL_LENGTH = 3;
+	const char I2CP_PARAM_OUTBOUND_TUNNEL_LENGTH[] = "outbound.length";
+	const int DEFAULT_OUTBOUND_TUNNEL_LENGTH = 3;
+	
 	class ClientDestination: public i2p::garlic::GarlicDestination
 	{
 		public:
 
-			ClientDestination (bool isPublic, i2p::data::SigningKeyType sigType);
+			ClientDestination (const i2p::data::PrivateKeys& keys, bool isPublic, const std::map<std::string, std::string> * params = nullptr);
-			ClientDestination (const std::string& fullPath, bool isPublic);
-			ClientDestination (const i2p::data::PrivateKeys& keys, bool isPublic);
 			~ClientDestination ();	
 
 			virtual void Start ();
 			virtual void Stop ();
 			bool IsRunning () const { return m_IsRunning; };
-			boost::asio::io_service * GetService () { return m_Service; };
+			boost::asio::io_service& GetService () { return m_Service; };
 			i2p::tunnel::TunnelPool * GetTunnelPool () { return m_Pool; }; 
 			bool IsReady () const { return m_LeaseSet && m_LeaseSet->HasNonExpiredLeases (); };
-
-			void ResetCurrentOutboundTunnel () { m_CurrentOutboundTunnel = nullptr; };
 			const i2p::data::LeaseSet * FindLeaseSet (const i2p::data::IdentHash& ident);
-			void SendTunnelDataMsgs (const std::vector<i2p::tunnel::TunnelMessageBlock>& msgs);
 
 			// streaming
 			i2p::stream::StreamingDestination * GetStreamingDestination () const { return m_StreamingDestination; };
-			i2p::stream::Stream * CreateStream (const i2p::data::LeaseSet& remote, int port = 0);
+			std::shared_ptr<i2p::stream::Stream> CreateStream (const i2p::data::LeaseSet& remote, int port = 0);
 			void AcceptStreams (const i2p::stream::StreamingDestination::Acceptor& acceptor);
 			void StopAcceptingStreams ();
 			bool IsAcceptingStreams () const;
@@ -60,6 +65,7 @@ namespace client
 			void HandleI2NPMessage (const uint8_t * buf, size_t len, i2p::tunnel::InboundTunnel * from);
 
 			// override GarlicDestination
+			bool SubmitSessionKey (const uint8_t * key, const uint8_t * tag);
 			void ProcessGarlicMessage (I2NPMessage * msg);
 			void ProcessDeliveryStatusMessage (I2NPMessage * msg);	
 			void SetLeaseSetUpdated ();
@@ -71,26 +77,32 @@ namespace client
 				
 			void Run ();			
 			void UpdateLeaseSet ();
-			void HandleDatabaseStoreMessage (const uint8_t * buf, size_t len);			
+			void Publish ();
+			void HandlePublishConfirmationTimer (const boost::system::error_code& ecode);
+			void HandleDatabaseStoreMessage (const uint8_t * buf, size_t len);	
+			void HandleDeliveryStatusMessage (I2NPMessage * msg);		
 
 		private:
 
 			bool m_IsRunning;
 			std::thread * m_Thread;	
-			boost::asio::io_service * m_Service;
+			boost::asio::io_service m_Service;
-			boost::asio::io_service::work * m_Work;
+			boost::asio::io_service::work m_Work;
 			i2p::data::PrivateKeys m_Keys;
 			uint8_t m_EncryptionPublicKey[256], m_EncryptionPrivateKey[256];
 			std::map<i2p::data::IdentHash, i2p::data::LeaseSet *> m_RemoteLeaseSets;
 
 			i2p::tunnel::TunnelPool * m_Pool;
-			i2p::tunnel::OutboundTunnel * m_CurrentOutboundTunnel;
 			i2p::data::LeaseSet * m_LeaseSet;
 			bool m_IsPublic;
-		
+			uint32_t m_PublishReplyToken;
+			std::set<i2p::data::IdentHash> m_ExcludedFloodfills; // for publishing
+			
 			i2p::stream::StreamingDestination * m_StreamingDestination;
 			i2p::datagram::DatagramDestination * m_DatagramDestination;
 	
+			boost::asio::deadline_timer m_PublishConfirmationTimer;
+
 		public:
 			
 			// for HTTP only

Garlic.cpp

@@ -83,6 +83,7 @@ namespace garlic
 	I2NPMessage * GarlicRoutingSession::WrapSingleMessage (I2NPMessage * msg)
 	{
 		I2NPMessage * m = NewI2NPMessage ();
+		m->Align (12); // in order to get buf aligned to 16 (12 + 4)
 		size_t len = 0;
 		uint8_t * buf = m->GetPayload () + 4; // 4 bytes for length
 
@@ -278,7 +279,7 @@ namespace garlic
 					uint8_t key[32], tag[32];
 					m_Rnd.GenerateBlock (key, 32); // random session key 
 					m_Rnd.GenerateBlock (tag, 32); // random session tag
-					m_Owner->AddSessionKey (key, tag);
+					m_Owner->SubmitSessionKey (key, tag);
 					GarlicRoutingSession garlic (key, tag);
 					msg = garlic.WrapSingleMessage (msg);		
 				}
@@ -321,6 +322,12 @@ namespace garlic
 		}
 	}
 
+	bool GarlicDestination::SubmitSessionKey (const uint8_t * key, const uint8_t * tag) 
+	{
+		AddSessionKey (key, tag);
+		return true;
+	}
+
 	void GarlicDestination::HandleGarlicMessage (I2NPMessage * msg)
 	{
 		uint8_t * buf = msg->GetPayload ();
@@ -383,18 +390,24 @@ namespace garlic
 		i2p::tunnel::InboundTunnel * from)
 	{
 		uint16_t tagCount = be16toh (*(uint16_t *)buf);
-		buf += 2;	
+		buf += 2; len -= 2;	
 		if (tagCount > 0)
 		{	
+			if (tagCount*32 > len) 
+			{
+				LogPrint (eLogError, "Tag count ", tagCount, " exceeds length ", len);
+				return ;
+			}	
 			uint32_t ts = i2p::util::GetSecondsSinceEpoch ();
 			for (int i = 0; i < tagCount; i++)
 				m_Tags[SessionTag(buf + i*32, ts)] = decryption;	
 		}	
 		buf += tagCount*32;
+		len -= tagCount*32;
 		uint32_t payloadSize = be32toh (*(uint32_t *)buf);
 		if (payloadSize > len)
 		{
-			LogPrint ("Unexpected payload size ", payloadSize);
+			LogPrint (eLogError, "Unexpected payload size ", payloadSize);
 			return;
 		}	
 		buf += 4;

Garlic.h

@@ -110,6 +110,7 @@ namespace garlic
 			    I2NPMessage * msg, bool attachLeaseSet = false);
 
 			void AddSessionKey (const uint8_t * key, const uint8_t * tag); // one tag
+			virtual bool SubmitSessionKey (const uint8_t * key, const uint8_t * tag); // from different thread
 			void DeliveryStatusSent (GarlicRoutingSession * session, uint32_t msgID);
 			
 			virtual void ProcessGarlicMessage (I2NPMessage * msg);

HTTPServer.cpp

@@ -514,14 +514,16 @@ namespace util
 
 	void HTTPConnection::Terminate ()
 	{
-		if (m_Stream)
+		if (!m_Stream) return;
-		{
-			m_Stream->Close ();
-			i2p::stream::DeleteStream (m_Stream);
-			m_Stream = nullptr;
-		}
 		m_Socket->close ();
-		//delete this;
+		m_Stream->Close ();
+			
+		m_Socket->get_io_service ().post ([=](void)
+			{
+				m_Stream.reset ();
+				m_Stream = nullptr;
+				// delete this
+			});
 	}
 
 	void HTTPConnection::Receive ()
@@ -602,7 +604,10 @@ namespace util
 	void HTTPConnection::HandleWriteReply (const boost::system::error_code& ecode)
 	{
 		if (ecode != boost::asio::error::operation_aborted)
+		{
+			m_Socket->close ();
 			Terminate ();
+		}	
 	}
 
 	void HTTPConnection::HandleWrite (const boost::system::error_code& ecode)
@@ -710,7 +715,7 @@ namespace util
 			if (it.second && it.second->IsEstablished ())
 			{
 				// incoming connection doesn't have remote RI
-				bool outgoing = it.second->GetRemoteRouter ();
+				auto outgoing = it.second->GetRemoteRouter ();
 				if (outgoing) s << "-->";
 				s << it.second->GetRemoteIdentity ().GetIdentHash ().ToBase64 ().substr (0, 4) <<  ": "
 					<< it.second->GetSocket ().remote_endpoint().address ().to_string ();
@@ -727,7 +732,7 @@ namespace util
 			for (auto it: ssuServer->GetSessions ())
 			{
 				// incoming connections don't have remote router
-				bool outgoing = it.second->GetRemoteRouter ();
+				auto outgoing = it.second->GetRemoteRouter ();
 				auto endpoint = it.second->GetRemoteEndpoint ();
 				if (outgoing) s << "-->";
 				s << endpoint.address ().to_string () << ":" << endpoint.port ();
@@ -744,8 +749,6 @@ namespace util
 		for (auto it: i2p::tunnel::tunnels.GetOutboundTunnels ())
 		{
 			it->GetTunnelConfig ()->Print (s);
-			if (it->GetTunnelPool () && !it->GetTunnelPool ()->IsExploratory ())
-				s << " " << "Pool";
 			auto state = it->GetState ();
 			if (state == i2p::tunnel::eTunnelStateFailed)
 				s << " " << "Failed";
@@ -758,8 +761,6 @@ namespace util
 		for (auto it: i2p::tunnel::tunnels.GetInboundTunnels ())
 		{
 			it.second->GetTunnelConfig ()->Print (s);
-			if (it.second->GetTunnelPool () && !it.second->GetTunnelPool ()->IsExploratory ())
-				s << " " << "Pool";
 			auto state = it.second->GetState ();
 			if (state == i2p::tunnel::eTunnelStateFailed)
 				s << " " << "Failed";
@@ -810,11 +811,21 @@ namespace util
 				for (auto it: pool->GetOutboundTunnels ())
 				{
 					it->GetTunnelConfig ()->Print (s);
+					auto state = it->GetState ();
+					if (state == i2p::tunnel::eTunnelStateFailed)
+						s << " " << "Failed";
+					else if (state == i2p::tunnel::eTunnelStateExpiring)
+						s << " " << "Exp";
 					s << "<br>" << std::endl;
 				}
 				for (auto it: pool->GetInboundTunnels ())
 				{
 					it->GetTunnelConfig ()->Print (s);
+					auto state = it->GetState ();
+					if (state == i2p::tunnel::eTunnelStateFailed)
+						s << " " << "Failed";
+					else if (state == i2p::tunnel::eTunnelStateExpiring)
+						s << " " << "Exp";
 					s << "<br>" << std::endl;
 				}
 			}	

HTTPServer.h

@@ -3,6 +3,7 @@
 
 #include <sstream>
 #include <thread>
+#include <memory>
 #include <boost/asio.hpp>
 #include <boost/array.hpp>
 #include "LeaseSet.h"
@@ -79,7 +80,7 @@ namespace util
 
 			boost::asio::ip::tcp::socket * m_Socket;
 			boost::asio::deadline_timer m_Timer;
-			i2p::stream::Stream * m_Stream;
+			std::shared_ptr<i2p::stream::Stream> m_Stream;
 			char m_Buffer[HTTP_CONNECTION_BUFFER_SIZE + 1], m_StreamBuffer[HTTP_CONNECTION_BUFFER_SIZE + 1];
 			size_t m_BufferLen;
 			request m_Request;

I2NPProtocol.cpp

@@ -160,8 +160,8 @@ namespace i2p
 			rnd.GenerateBlock (buf, 32); // key
 			buf[32] = 1; // 1 tag
 			rnd.GenerateBlock (buf + 33, 32); // tag
-			if (pool)
+			if (pool && pool->GetLocalDestination ())
-				pool->GetGarlicDestination ().AddSessionKey (buf, buf + 33); // introduce new key-tag to garlic engine
+				pool->GetLocalDestination ()->SubmitSessionKey (buf, buf + 33); // introduce new key-tag to garlic engine
 			else
 				LogPrint ("Destination for encrypteed reply not specified");
 			buf += 65;
@@ -562,8 +562,16 @@ namespace i2p
 				break;
 				case eI2NPGarlic:
 					LogPrint ("Garlic");
-					if (msg->from && msg->from->GetTunnelPool ())
+					if (msg->from)
-						msg->from->GetTunnelPool ()->GetGarlicDestination ().ProcessGarlicMessage (msg);
+					{
+						if (msg->from->GetTunnelPool ())
+							msg->from->GetTunnelPool ()->ProcessGarlicMessage (msg);
+						else
+						{
+							LogPrint (eLogInfo, "Local destination for garlic doesn't exist anymore");
+							DeleteI2NPMessage (msg);
+						}	
+					}
 					else
 						i2p::context.ProcessGarlicMessage (msg); 
 				break;

I2NPProtocol.h

@@ -118,6 +118,15 @@ namespace tunnel
 		uint8_t * GetBuffer () { return buf + offset; };
 		const uint8_t * GetBuffer () const { return buf + offset; };
 		size_t GetLength () const { return len - offset; };
+		void Align (size_t alignment) 
+		{
+			size_t rem = ((size_t)GetBuffer ()) % alignment;
+			if (rem)
+			{
+				offset += (alignment - rem);
+				len += (alignment - rem);
+			}	
+		}
 
 		I2NPMessage& operator=(const I2NPMessage& other)
 		{

I2PTunnel.cpp

@@ -1,4 +1,3 @@
-#include <boost/bind.hpp>
 #include "base64.h"
 #include "Log.h"
 #include "NetDb.h"
@@ -12,21 +11,16 @@ namespace client
 {
 	I2PTunnelConnection::I2PTunnelConnection (I2PTunnel * owner, 
 	    boost::asio::ip::tcp::socket * socket, const i2p::data::LeaseSet * leaseSet): 
-		m_Socket (socket), m_Owner (owner) 
+		m_Socket (socket), m_Owner (owner), m_RemoteEndpoint (socket->remote_endpoint ()),
+		m_IsQuiet (true)
 	{
 		m_Stream = m_Owner->GetLocalDestination ()->CreateStream (*leaseSet);
-		m_Stream->Send (m_Buffer, 0); // connect
-		StreamReceive ();
-		Receive ();
 	}	
 
-	I2PTunnelConnection::I2PTunnelConnection (I2PTunnel * owner, i2p::stream::Stream * stream,  
+	I2PTunnelConnection::I2PTunnelConnection (I2PTunnel * owner, std::shared_ptr<i2p::stream::Stream> stream,  
-	    boost::asio::ip::tcp::socket * socket, const boost::asio::ip::tcp::endpoint& target):
+	    boost::asio::ip::tcp::socket * socket, const boost::asio::ip::tcp::endpoint& target, bool quiet):
-		m_Socket (socket), m_Stream (stream), m_Owner (owner)
+		m_Socket (socket), m_Stream (stream), m_Owner (owner), m_RemoteEndpoint (target), m_IsQuiet (quiet)
 	{
-		if (m_Socket)
-			m_Socket->async_connect (target, boost::bind (&I2PTunnelConnection::HandleConnect,
-				this, boost::asio::placeholders::error));
 	}
 
 	I2PTunnelConnection::~I2PTunnelConnection ()
@@ -34,25 +28,40 @@ namespace client
 		delete m_Socket;
 	}	
 
+	void I2PTunnelConnection::I2PConnect (const uint8_t * msg, size_t len)
+	{
+		if (msg)
+			m_Stream->Send (msg, len); // connect and send
+		else	
+			m_Stream->Send (m_Buffer, 0); // connect
+		StreamReceive ();
+		Receive ();
+	}
+		
+	void I2PTunnelConnection::Connect ()
+	{
+		if (m_Socket)
+			m_Socket->async_connect (m_RemoteEndpoint, std::bind (&I2PTunnelConnection::HandleConnect,
+				shared_from_this (), std::placeholders::_1));
+	}	
+		
 	void I2PTunnelConnection::Terminate ()
 	{	
 		if (m_Stream)
 		{
 			m_Stream->Close ();
-			i2p::stream::DeleteStream (m_Stream);
+			m_Stream.reset ();
-			m_Stream = nullptr;
 		}	
 		m_Socket->close ();
 		if (m_Owner)
-			m_Owner->RemoveConnection (this);
+			m_Owner->RemoveConnection (shared_from_this ());
-		//delete this;	
 	}			
 
 	void I2PTunnelConnection::Receive ()
 	{
 		m_Socket->async_read_some (boost::asio::buffer(m_Buffer, I2P_TUNNEL_CONNECTION_BUFFER_SIZE),                
-			boost::bind(&I2PTunnelConnection::HandleReceived, this, 
+			std::bind(&I2PTunnelConnection::HandleReceived, shared_from_this (), 
-			boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred));
+			std::placeholders::_1, std::placeholders::_2));
 	}	
 	
 	void I2PTunnelConnection::HandleReceived (const boost::system::error_code& ecode, std::size_t bytes_transferred)
@@ -87,8 +96,8 @@ namespace client
 	{
 		if (m_Stream)
 			m_Stream->AsyncReceive (boost::asio::buffer (m_StreamBuffer, I2P_TUNNEL_CONNECTION_BUFFER_SIZE),
-				boost::bind (&I2PTunnelConnection::HandleStreamReceive, this,
+				std::bind (&I2PTunnelConnection::HandleStreamReceive, shared_from_this (),
-					boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred),
+					std::placeholders::_1, std::placeholders::_2),
 				I2P_TUNNEL_CONNECTION_MAX_IDLE);
 	}	
 
@@ -103,7 +112,7 @@ namespace client
 		else
 		{
 			boost::asio::async_write (*m_Socket, boost::asio::buffer (m_StreamBuffer, bytes_transferred),
-        		boost::bind (&I2PTunnelConnection::HandleWrite, this, boost::asio::placeholders::error));
+        		std::bind (&I2PTunnelConnection::HandleWrite, shared_from_this (), std::placeholders::_1));
 		}
 	}
 
@@ -112,35 +121,37 @@ namespace client
 		if (ecode)
 		{
 			LogPrint ("I2PTunnel connect error: ", ecode.message ());
-			if (ecode != boost::asio::error::operation_aborted)
+			Terminate ();
-			{
-				if (m_Stream) m_Stream->Close ();
-				i2p::stream::DeleteStream (m_Stream);
-				m_Stream = nullptr;
-			}	
 		}
 		else
 		{
 			LogPrint ("I2PTunnel connected");
-			StreamReceive ();
+			if (m_IsQuiet)
+				StreamReceive ();
+			else
+			{
+				// send destination first like received from I2P
+				std::string dest = m_Stream->GetRemoteIdentity ().ToBase64 ();
+				dest += "\n";
+				memcpy (m_StreamBuffer, dest.c_str (), dest.size ());
+				HandleStreamReceive (boost::system::error_code (), dest.size ());
+			}	
 			Receive ();	
 		}
 	}
 
-	void I2PTunnel::AddConnection (I2PTunnelConnection * conn)
+	void I2PTunnel::AddConnection (std::shared_ptr<I2PTunnelConnection> conn)
 	{
 		m_Connections.insert (conn);
 	}
 		
-	void I2PTunnel::RemoveConnection (I2PTunnelConnection * conn)
+	void I2PTunnel::RemoveConnection (std::shared_ptr<I2PTunnelConnection> conn)
 	{
 		m_Connections.erase (conn);
 	}	
 	
 	void I2PTunnel::ClearConnections ()
 	{
-		for (auto it: m_Connections)
-			delete it;
 		m_Connections.clear ();
 	}	
 		
@@ -181,8 +192,8 @@ namespace client
 	void I2PClientTunnel::Accept ()
 	{
 		auto newSocket = new boost::asio::ip::tcp::socket (GetService ());
-		m_Acceptor.async_accept (*newSocket, boost::bind (&I2PClientTunnel::HandleAccept, this,
+		m_Acceptor.async_accept (*newSocket, std::bind (&I2PClientTunnel::HandleAccept, this,
-			boost::asio::placeholders::error, newSocket));
+			std::placeholders::_1, newSocket));
 	}	
 
 	void I2PClientTunnel::HandleAccept (const boost::system::error_code& ecode, boost::asio::ip::tcp::socket * socket)
@@ -205,8 +216,8 @@ namespace client
 				{
 					i2p::data::netdb.RequestDestination (*m_DestinationIdentHash, true, GetLocalDestination ()->GetTunnelPool ());
 					m_Timer.expires_from_now (boost::posix_time::seconds (I2P_TUNNEL_DESTINATION_REQUEST_TIMEOUT));
-					m_Timer.async_wait (boost::bind (&I2PClientTunnel::HandleDestinationRequestTimer,
+					m_Timer.async_wait (std::bind (&I2PClientTunnel::HandleDestinationRequestTimer,
-						this, boost::asio::placeholders::error, socket));
+						this, std::placeholders::_1, socket));
 				}
 			}	
 			else
@@ -240,8 +251,9 @@ namespace client
 		if (m_RemoteLeaseSet) // leaseSet found
 		{	
 			LogPrint ("New I2PTunnel connection");
-			auto connection = new I2PTunnelConnection (this, socket, m_RemoteLeaseSet);
+			auto connection = std::make_shared<I2PTunnelConnection>(this, socket, m_RemoteLeaseSet);
 			AddConnection (connection);
+			connection->I2PConnect ();
 		}
 		else
 		{
@@ -275,10 +287,14 @@ namespace client
 			LogPrint ("Local destination not set for server tunnel");
 	}
 
-	void I2PServerTunnel::HandleAccept (i2p::stream::Stream * stream)
+	void I2PServerTunnel::HandleAccept (std::shared_ptr<i2p::stream::Stream> stream)
 	{
 		if (stream)
-			new I2PTunnelConnection (this, stream, new boost::asio::ip::tcp::socket (GetService ()), m_Endpoint);
+		{	
+			auto conn = std::make_shared<I2PTunnelConnection> (this, stream, new boost::asio::ip::tcp::socket (GetService ()), m_Endpoint);
+			AddConnection (conn);
+			conn->Connect ();
+		}	
 	}
 }		
 }	

I2PTunnel.h

@@ -4,6 +4,7 @@
 #include <inttypes.h>
 #include <string>
 #include <set>
+#include <memory>
 #include <boost/asio.hpp>
 #include "Identity.h"
 #include "Destination.h"
@@ -18,16 +19,19 @@ namespace client
 	const int I2P_TUNNEL_DESTINATION_REQUEST_TIMEOUT = 10; // in seconds
 
 	class I2PTunnel;
-	class I2PTunnelConnection
+	class I2PTunnelConnection: public std::enable_shared_from_this<I2PTunnelConnection>
 	{
 		public:
 
 			I2PTunnelConnection (I2PTunnel * owner, boost::asio::ip::tcp::socket * socket,
-				const i2p::data::LeaseSet * leaseSet);
+				const i2p::data::LeaseSet * leaseSet); // to I2P
-			I2PTunnelConnection (I2PTunnel * owner, i2p::stream::Stream * stream,  boost::asio::ip::tcp::socket * socket, 
+			I2PTunnelConnection (I2PTunnel * owner, std::shared_ptr<i2p::stream::Stream> stream,  boost::asio::ip::tcp::socket * socket, 
-				const boost::asio::ip::tcp::endpoint& target); 
+				const boost::asio::ip::tcp::endpoint& target, bool quiet = true); // from I2P
 			~I2PTunnelConnection ();
 
+			void I2PConnect (const uint8_t * msg = nullptr, size_t len = 0);
+			void Connect ();
+			
 		private:
 
 			void Terminate ();	
@@ -44,8 +48,10 @@ namespace client
 
 			uint8_t m_Buffer[I2P_TUNNEL_CONNECTION_BUFFER_SIZE], m_StreamBuffer[I2P_TUNNEL_CONNECTION_BUFFER_SIZE];
 			boost::asio::ip::tcp::socket * m_Socket;
-			i2p::stream::Stream * m_Stream;
+			std::shared_ptr<i2p::stream::Stream> m_Stream;
 			I2PTunnel * m_Owner;
+			boost::asio::ip::tcp::endpoint m_RemoteEndpoint;
+			bool m_IsQuiet; // don't send destination
 	};	
 
 	class I2PTunnel
@@ -56,8 +62,8 @@ namespace client
 				m_Service (service), m_LocalDestination (localDestination) {};
 			virtual ~I2PTunnel () { ClearConnections (); }; 
 
-			void AddConnection (I2PTunnelConnection * conn);
+			void AddConnection (std::shared_ptr<I2PTunnelConnection> conn);
-			void RemoveConnection (I2PTunnelConnection * conn);	
+			void RemoveConnection (std::shared_ptr<I2PTunnelConnection> conn);	
 			void ClearConnections ();
 			ClientDestination * GetLocalDestination () { return m_LocalDestination; };
 			void SetLocalDestination (ClientDestination * dest) { m_LocalDestination = dest; }; 			
@@ -68,7 +74,7 @@ namespace client
 
 			boost::asio::io_service& m_Service;
 			ClientDestination * m_LocalDestination;
-			std::set<I2PTunnelConnection *> m_Connections;
+			std::set<std::shared_ptr<I2PTunnelConnection> > m_Connections;
 	};	
 	
 	class I2PClientTunnel: public I2PTunnel
@@ -111,7 +117,7 @@ namespace client
 		private:
 
 			void Accept ();
-			void HandleAccept (i2p::stream::Stream * stream);
+			void HandleAccept (std::shared_ptr<i2p::stream::Stream> stream);
 
 		private:
 

Identity.cpp

@@ -42,18 +42,77 @@ namespace data
 	IdentityEx::IdentityEx(const uint8_t * publicKey, const uint8_t * signingKey, SigningKeyType type)
 	{	
 		memcpy (m_StandardIdentity.publicKey, publicKey, sizeof (m_StandardIdentity.publicKey));
-		if (type == SIGNING_KEY_TYPE_ECDSA_SHA256_P256)
+		if (type != SIGNING_KEY_TYPE_DSA_SHA1)
 		{
-			memcpy (m_StandardIdentity.signingKey + 64, signingKey, 64);
+			size_t excessLen = 0;
+			uint8_t * excessBuf = nullptr;
+			switch (type)
+			{
+				case SIGNING_KEY_TYPE_ECDSA_SHA256_P256:
+				{	
+					size_t padding =  128 - i2p::crypto::ECDSAP256_KEY_LENGTH; // 64 = 128 - 64
+					memcpy (m_StandardIdentity.signingKey + padding, signingKey, i2p::crypto::ECDSAP256_KEY_LENGTH);
+					break;
+				}
+				case SIGNING_KEY_TYPE_ECDSA_SHA384_P384:
+				{	
+					size_t padding = 128 - i2p::crypto::ECDSAP384_KEY_LENGTH; // 32 = 128 - 96
+					memcpy (m_StandardIdentity.signingKey + padding, signingKey, i2p::crypto::ECDSAP384_KEY_LENGTH);
+					break;
+				}	
+				case SIGNING_KEY_TYPE_ECDSA_SHA512_P521:
+				{
+					memcpy (m_StandardIdentity.signingKey, signingKey, 128);
+					excessLen = i2p::crypto::ECDSAP521_KEY_LENGTH - 128; // 4 = 132 - 128
+					excessBuf = new uint8_t[excessLen];
+					memcpy (excessBuf, signingKey + 128, excessLen);
+					break;
+				}	
+				case SIGNING_KEY_TYPE_RSA_SHA256_2048:
+				{
+					memcpy (m_StandardIdentity.signingKey, signingKey, 128);
+					excessLen = i2p::crypto::RSASHA2562048_KEY_LENGTH - 128; // 128 = 256 - 128
+					excessBuf = new uint8_t[excessLen];
+					memcpy (excessBuf, signingKey + 128, excessLen);
+					break;
+				}	
+				case SIGNING_KEY_TYPE_RSA_SHA384_3072:
+				{
+					memcpy (m_StandardIdentity.signingKey, signingKey, 128);
+					excessLen = i2p::crypto::RSASHA3843072_KEY_LENGTH - 128; // 256 = 384 - 128
+					excessBuf = new uint8_t[excessLen];
+					memcpy (excessBuf, signingKey + 128, excessLen);
+					break;
+				}	
+				case SIGNING_KEY_TYPE_RSA_SHA512_4096:
+				{
+					memcpy (m_StandardIdentity.signingKey, signingKey, 128);
+					excessLen = i2p::crypto::RSASHA5124096_KEY_LENGTH - 128; // 384 = 512 - 128
+					excessBuf = new uint8_t[excessLen];
+					memcpy (excessBuf, signingKey + 128, excessLen);
+					break;
+				}		
+				default:
+					LogPrint ("Signing key type ", (int)type, " is not supported");
+			}	
+			m_ExtendedLen = 4 + excessLen; // 4 bytes extra + excess length
+			// fill certificate
 			m_StandardIdentity.certificate.type = CERTIFICATE_TYPE_KEY;
-			m_ExtendedLen = 4; // 4 bytes extra
+			m_StandardIdentity.certificate.length = htobe16 (m_ExtendedLen); 
-			m_StandardIdentity.certificate.length = htobe16 (4); 
+			// fill extended buffer
 			m_ExtendedBuffer = new uint8_t[m_ExtendedLen];
-			*(uint16_t *)m_ExtendedBuffer = htobe16 (SIGNING_KEY_TYPE_ECDSA_SHA256_P256);
+			*(uint16_t *)m_ExtendedBuffer = htobe16 (type);
 			*(uint16_t *)(m_ExtendedBuffer + 2) = htobe16 (CRYPTO_KEY_TYPE_ELGAMAL);
-			uint8_t buf[DEFAULT_IDENTITY_SIZE + 4];
+			if (excessLen && excessBuf)
-			ToBuffer (buf, DEFAULT_IDENTITY_SIZE + 4);
+			{
+				memcpy (m_ExtendedBuffer + 4, excessBuf, excessLen);
+				delete[] excessBuf;
+			}	
+			// calculate ident hash
+			uint8_t * buf = new uint8_t[GetFullLen ()];
+			ToBuffer (buf, GetFullLen ());
 			CryptoPP::SHA256().CalculateDigest(m_IdentHash, buf, GetFullLen ());
+			delete[] buf;
 		}
 		else // DSA-SHA1
 		{
@@ -122,14 +181,27 @@ namespace data
 		
 	size_t IdentityEx::FromBuffer (const uint8_t * buf, size_t len)
 	{
+		if (len < DEFAULT_IDENTITY_SIZE)
+		{
+			LogPrint (eLogError, "Identity buffer length ", len, " is too small");
+			return 0;
+		}	
 		memcpy (&m_StandardIdentity, buf, DEFAULT_IDENTITY_SIZE);
 
 		delete[] m_ExtendedBuffer;
 		if (m_StandardIdentity.certificate.length)
 		{
 			m_ExtendedLen = be16toh (m_StandardIdentity.certificate.length);
-			m_ExtendedBuffer = new uint8_t[m_ExtendedLen];
+			if (m_ExtendedLen + DEFAULT_IDENTITY_SIZE <= len)
-			memcpy (m_ExtendedBuffer, buf + DEFAULT_IDENTITY_SIZE, m_ExtendedLen);
+			{	
+				m_ExtendedBuffer = new uint8_t[m_ExtendedLen];
+				memcpy (m_ExtendedBuffer, buf + DEFAULT_IDENTITY_SIZE, m_ExtendedLen);
+			}	
+			else
+			{
+				LogPrint (eLogError, "Certificate length ", m_ExtendedLen, " exceeds buffer length ", len - DEFAULT_IDENTITY_SIZE);
+				return 0;
+			}	
 		}		
 		else
 		{
@@ -154,11 +226,21 @@ namespace data
 
 	size_t IdentityEx::FromBase64(const std::string& s)
 	{
-		uint8_t buf[512];
+		uint8_t buf[1024];
-		auto len = Base64ToByteStream (s.c_str(), s.length(), buf, 512);
+		auto len = Base64ToByteStream (s.c_str(), s.length(), buf, 1024);
 		return FromBuffer (buf, len);
 	}	
-		
+	
+	std::string IdentityEx::ToBase64 () const
+	{
+		uint8_t buf[1024];
+		char str[1536];
+		size_t l = ToBuffer (buf, 1024);
+		size_t l1 = i2p::data::ByteStreamToBase64 (buf, l, str, 1536);
+		str[l1] = 0;
+		return std::string (str);
+	}
+	
 	size_t IdentityEx::GetSigningPublicKeyLen () const
 	{
 		if (!m_Verifier) CreateVerifier ();
@@ -167,6 +249,14 @@ namespace data
 		return 128;
 	}	
 
+	size_t IdentityEx::GetSigningPrivateKeyLen () const
+	{
+		if (!m_Verifier) CreateVerifier ();
+		if (m_Verifier)	
+			return m_Verifier->GetPrivateKeyLen ();
+		return GetSignatureLen ()/2;
+	}	
+		
 	size_t IdentityEx::GetSignatureLen () const
 	{	
 		if (!m_Verifier) CreateVerifier ();	
@@ -188,6 +278,13 @@ namespace data
 			return be16toh (*(const uint16_t *)m_ExtendedBuffer); // signing key
 		return SIGNING_KEY_TYPE_DSA_SHA1;
 	}	
+
+	CryptoKeyType IdentityEx::GetCryptoKeyType () const
+	{
+		if (m_StandardIdentity.certificate.type == CERTIFICATE_TYPE_KEY && m_ExtendedBuffer)				
+			return be16toh (*(const uint16_t *)(m_ExtendedBuffer + 2)); // crypto key
+		return CRYPTO_KEY_TYPE_ELGAMAL;
+	}	
 		
 	void IdentityEx::CreateVerifier () const 
 	{
@@ -198,19 +295,72 @@ namespace data
 				m_Verifier = new i2p::crypto::DSAVerifier (m_StandardIdentity.signingKey);
 			break;
 			case SIGNING_KEY_TYPE_ECDSA_SHA256_P256:
-				m_Verifier = new i2p::crypto::ECDSAP256Verifier (m_StandardIdentity.signingKey + 64);
+			{	
-			break;	
+				size_t padding =  128 - i2p::crypto::ECDSAP256_KEY_LENGTH; // 64 = 128 - 64
+				m_Verifier = new i2p::crypto::ECDSAP256Verifier (m_StandardIdentity.signingKey + padding);
+				break;
+			}	
+			case SIGNING_KEY_TYPE_ECDSA_SHA384_P384:
+			{	
+				size_t padding = 128 - i2p::crypto::ECDSAP384_KEY_LENGTH; // 32 = 128 - 96
+				m_Verifier = new i2p::crypto::ECDSAP384Verifier (m_StandardIdentity.signingKey + padding);
+				break;
+			}	
+			case SIGNING_KEY_TYPE_ECDSA_SHA512_P521:
+			{	
+				uint8_t signingKey[i2p::crypto::ECDSAP521_KEY_LENGTH];
+				memcpy (signingKey, m_StandardIdentity.signingKey, 128);
+				size_t excessLen = i2p::crypto::ECDSAP521_KEY_LENGTH - 128; // 4 = 132- 128
+				memcpy (signingKey + 128, m_ExtendedBuffer + 4, excessLen); // right after signing and crypto key types
+				m_Verifier = new i2p::crypto::ECDSAP521Verifier (signingKey);
+				break;
+			}		
+			case SIGNING_KEY_TYPE_RSA_SHA256_2048:
+			{	
+				uint8_t signingKey[i2p::crypto::RSASHA2562048_KEY_LENGTH];
+				memcpy (signingKey, m_StandardIdentity.signingKey, 128);
+				size_t excessLen = i2p::crypto::RSASHA2562048_KEY_LENGTH - 128; // 128 = 256- 128
+				memcpy (signingKey + 128, m_ExtendedBuffer + 4, excessLen); // right after signing and crypto key types
+				m_Verifier = new i2p::crypto:: RSASHA2562048Verifier (signingKey);
+				break;
+			}	
+			case SIGNING_KEY_TYPE_RSA_SHA384_3072:
+			{	
+				uint8_t signingKey[i2p::crypto::RSASHA3843072_KEY_LENGTH];
+				memcpy (signingKey, m_StandardIdentity.signingKey, 128);
+				size_t excessLen = i2p::crypto::RSASHA3843072_KEY_LENGTH - 128; // 256 = 384- 128
+				memcpy (signingKey + 128, m_ExtendedBuffer + 4, excessLen); // right after signing and crypto key types
+				m_Verifier = new i2p::crypto:: RSASHA3843072Verifier (signingKey);
+				break;
+			}	
+			case SIGNING_KEY_TYPE_RSA_SHA512_4096:
+			{	
+				uint8_t signingKey[i2p::crypto::RSASHA5124096_KEY_LENGTH];
+				memcpy (signingKey, m_StandardIdentity.signingKey, 128);
+				size_t excessLen = i2p::crypto::RSASHA5124096_KEY_LENGTH - 128; // 384 = 512- 128
+				memcpy (signingKey + 128, m_ExtendedBuffer + 4, excessLen); // right after signing and crypto key types
+				m_Verifier = new i2p::crypto:: RSASHA5124096Verifier (signingKey);
+				break;
+			}		
 			default:
 				LogPrint ("Signing key type ", (int)keyType, " is not supported");
 		}			
 	}	
 	
+	void IdentityEx::DropVerifier ()
+	{
+		auto verifier = m_Verifier;
+		m_Verifier = nullptr; // TODO: make this atomic
+		delete verifier;
+	}
+
 	PrivateKeys& PrivateKeys::operator=(const Keys& keys)
 	{
 		m_Public = Identity (keys);
 		memcpy (m_PrivateKey, keys.privateKey, 256); // 256 
-		memcpy (m_SigningPrivateKey, keys.signingPrivateKey, 20); // 20 - DSA
+		memcpy (m_SigningPrivateKey, keys.signingPrivateKey, m_Public.GetSigningPrivateKeyLen ());
 		delete m_Signer;
+		m_Signer = nullptr;
 		CreateSigner ();
 		return *this;
 	}
@@ -219,8 +369,9 @@ namespace data
 	{		
 		m_Public = other.m_Public;
 		memcpy (m_PrivateKey, other.m_PrivateKey, 256); // 256 
-		memcpy (m_SigningPrivateKey, other.m_SigningPrivateKey, 128); // 128
+		memcpy (m_SigningPrivateKey, other.m_SigningPrivateKey, m_Public.GetSigningPrivateKeyLen ()); 
 		delete m_Signer;
+		m_Signer = nullptr;
 		CreateSigner ();
 		return *this;
 	}	
@@ -230,10 +381,11 @@ namespace data
 		size_t ret = m_Public.FromBuffer (buf, len);
 		memcpy (m_PrivateKey, buf + ret, 256); // private key always 256
 		ret += 256;
-		size_t signingPrivateKeySize = m_Public.GetSignatureLen ()/2; // 20 for DSA
+		size_t signingPrivateKeySize = m_Public.GetSigningPrivateKeyLen ();
 		memcpy (m_SigningPrivateKey, buf + ret, signingPrivateKeySize); 
 		ret += signingPrivateKeySize;
 		delete m_Signer;
+		m_Signer = nullptr;
 		CreateSigner ();
 		return ret;
 	}
@@ -243,12 +395,34 @@ namespace data
 		size_t ret = m_Public.ToBuffer (buf, len);
 		memcpy (buf + ret, m_PrivateKey, 256); // private key always 256
 		ret += 256;
-		size_t signingPrivateKeySize = m_Public.GetSignatureLen ()/2; // 20 for DSA
+		size_t signingPrivateKeySize = m_Public.GetSigningPrivateKeyLen (); 
 		memcpy (buf + ret, m_SigningPrivateKey, signingPrivateKeySize); 
 		ret += signingPrivateKeySize;
 		return ret;
 	}	
 
+	size_t PrivateKeys::FromBase64(const std::string& s)
+	{
+		uint8_t * buf = new uint8_t[s.length ()];
+		size_t l = i2p::data::Base64ToByteStream (s.c_str (), s.length (), buf, s.length ());
+		size_t ret = FromBuffer (buf, l);
+		delete[] buf;
+		return ret;
+	}	
+	
+	std::string PrivateKeys::ToBase64 () const
+	{
+		uint8_t * buf = new uint8_t[GetFullLen ()];
+		char * str = new char[GetFullLen ()*2];
+		size_t l = ToBuffer (buf, GetFullLen ());
+		size_t l1 = i2p::data::ByteStreamToBase64 (buf, l, str, GetFullLen ()*2);
+		str[l1] = 0;
+		delete[] buf;
+		std::string ret(str);
+		delete[] str;
+		return ret;
+	}
+
 	void PrivateKeys::Sign (const uint8_t * buf, int len, uint8_t * signature) const
 	{
 		if (m_Signer)
@@ -257,26 +431,73 @@ namespace data
 
 	void PrivateKeys::CreateSigner ()
 	{
-		if (m_Public.GetSigningKeyType () == SIGNING_KEY_TYPE_ECDSA_SHA256_P256)
+		switch (m_Public.GetSigningKeyType ())
-			m_Signer = new i2p::crypto::ECDSAP256Signer (m_SigningPrivateKey);
+		{	
-		else
+			case SIGNING_KEY_TYPE_DSA_SHA1:
-			m_Signer = new i2p::crypto::DSASigner (m_SigningPrivateKey);
+				m_Signer = new i2p::crypto::DSASigner (m_SigningPrivateKey);
+			break;	
+			case SIGNING_KEY_TYPE_ECDSA_SHA256_P256:
+				m_Signer = new i2p::crypto::ECDSAP256Signer (m_SigningPrivateKey);
+			break;
+			case SIGNING_KEY_TYPE_ECDSA_SHA384_P384:
+				m_Signer = new i2p::crypto::ECDSAP384Signer (m_SigningPrivateKey);
+			break;	
+			case SIGNING_KEY_TYPE_ECDSA_SHA512_P521:
+				m_Signer = new i2p::crypto::ECDSAP521Signer (m_SigningPrivateKey);
+			break;	
+			case SIGNING_KEY_TYPE_RSA_SHA256_2048:
+				m_Signer = new i2p::crypto::RSASHA2562048Signer (m_SigningPrivateKey);
+			break;
+			case SIGNING_KEY_TYPE_RSA_SHA384_3072:
+				m_Signer = new i2p::crypto::RSASHA3843072Signer (m_SigningPrivateKey);
+			break;
+			case SIGNING_KEY_TYPE_RSA_SHA512_4096:
+				m_Signer = new i2p::crypto::RSASHA5124096Signer (m_SigningPrivateKey);
+			break;	
+			default:
+				LogPrint ("Signing key type ", (int)m_Public.GetSigningKeyType (), " is not supported");
+		}
 	}	
 		
 	PrivateKeys PrivateKeys::CreateRandomKeys (SigningKeyType type)
 	{
-		if (type == SIGNING_KEY_TYPE_ECDSA_SHA256_P256)
+		if (type != SIGNING_KEY_TYPE_DSA_SHA1)
 		{
 			PrivateKeys keys;
 			auto& rnd = i2p::context.GetRandomNumberGenerator ();
+			// signature
+			uint8_t signingPublicKey[512]; // signing public key is 512 bytes max 
+			switch (type)
+			{	
+				case SIGNING_KEY_TYPE_ECDSA_SHA256_P256:
+					i2p::crypto::CreateECDSAP256RandomKeys (rnd, keys.m_SigningPrivateKey, signingPublicKey);
+				break;	
+				case SIGNING_KEY_TYPE_ECDSA_SHA384_P384:
+					i2p::crypto::CreateECDSAP384RandomKeys (rnd, keys.m_SigningPrivateKey, signingPublicKey);	
+				break;
+				case SIGNING_KEY_TYPE_ECDSA_SHA512_P521:
+					i2p::crypto::CreateECDSAP521RandomKeys (rnd, keys.m_SigningPrivateKey, signingPublicKey);	
+				break;	
+				case SIGNING_KEY_TYPE_RSA_SHA256_2048:
+					i2p::crypto::CreateRSARandomKeys (rnd, i2p::crypto::RSASHA2562048_KEY_LENGTH, keys.m_SigningPrivateKey, signingPublicKey);	
+				break;
+				case SIGNING_KEY_TYPE_RSA_SHA384_3072:
+					i2p::crypto::CreateRSARandomKeys (rnd, i2p::crypto::RSASHA3843072_KEY_LENGTH, keys.m_SigningPrivateKey, signingPublicKey);	
+				break;
+				case SIGNING_KEY_TYPE_RSA_SHA512_4096:
+					i2p::crypto::CreateRSARandomKeys (rnd, i2p::crypto::RSASHA5124096_KEY_LENGTH, keys.m_SigningPrivateKey, signingPublicKey);	
+				break;	
+				default:
+					LogPrint ("Signing key type ", (int)type, " is not supported. Create DSA-SHA1");
+					return PrivateKeys (i2p::data::CreateRandomKeys ()); // DSA-SHA1
+			}	
 			// encryption
 			uint8_t publicKey[256];
 			CryptoPP::DH dh (i2p::crypto::elgp, i2p::crypto::elgg);
 			dh.GenerateKeyPair(rnd, keys.m_PrivateKey, publicKey);
-			// signature
+			// identity
-			uint8_t signingPublicKey[64];
+			keys.m_Public = IdentityEx (publicKey, signingPublicKey, type);
-			i2p::crypto::CreateECDSAP256RandomKeys (rnd, keys.m_SigningPrivateKey, signingPublicKey);
+
-			keys.m_Public = IdentityEx (publicKey, signingPublicKey, SIGNING_KEY_TYPE_ECDSA_SHA256_P256);
 			keys.CreateSigner ();
 			return keys;
 		}	

Identity.h

@@ -56,6 +56,11 @@ namespace data
 				return std::string (str);
 			}	
 
+			void FromBase32 (const std::string& s)
+			{
+				i2p::data::Base32ToByteStream (s.c_str (), s.length (), m_Buf, sz);
+			}
+
 		private:
 
 			union // 8 bytes alignment
@@ -102,11 +107,17 @@ namespace data
 	Keys CreateRandomKeys ();
 	
 	const size_t DEFAULT_IDENTITY_SIZE = sizeof (Identity); // 387 bytes
-
+	
 	const uint16_t CRYPTO_KEY_TYPE_ELGAMAL = 0;
 	const uint16_t SIGNING_KEY_TYPE_DSA_SHA1 = 0;
 	const uint16_t SIGNING_KEY_TYPE_ECDSA_SHA256_P256 = 1;
+	const uint16_t SIGNING_KEY_TYPE_ECDSA_SHA384_P384 = 2;
+	const uint16_t SIGNING_KEY_TYPE_ECDSA_SHA512_P521 = 3;
+	const uint16_t SIGNING_KEY_TYPE_RSA_SHA256_2048 = 4;
+	const uint16_t SIGNING_KEY_TYPE_RSA_SHA384_3072 = 5;
+	const uint16_t SIGNING_KEY_TYPE_RSA_SHA512_4096 = 6;
 	typedef uint16_t SigningKeyType;
+	typedef uint16_t CryptoKeyType;	
 	
 	class IdentityEx
 	{
@@ -121,17 +132,21 @@ namespace data
 			IdentityEx& operator=(const IdentityEx& other);
 			IdentityEx& operator=(const Identity& standard);
 
-			size_t FromBase64(const std::string& s);
 			size_t FromBuffer (const uint8_t * buf, size_t len);
 			size_t ToBuffer (uint8_t * buf, size_t len) const;
+			size_t FromBase64(const std::string& s);
+			std::string ToBase64 () const;
 			const Identity& GetStandardIdentity () const { return m_StandardIdentity; };
 			const IdentHash& GetIdentHash () const { return m_IdentHash; };
 			size_t GetFullLen () const { return m_ExtendedLen + DEFAULT_IDENTITY_SIZE; };
 			size_t GetSigningPublicKeyLen () const;
+			size_t GetSigningPrivateKeyLen () const;
 			size_t GetSignatureLen () const;
 			bool Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const;
 			SigningKeyType GetSigningKeyType () const;
-			
+			CryptoKeyType GetCryptoKeyType () const;
+			void DropVerifier (); // to save memory			
+
 		private:
 
 			void CreateVerifier () const;
@@ -161,10 +176,13 @@ namespace data
 			const uint8_t * GetSigningPrivateKey () const { return m_SigningPrivateKey; };
 			void Sign (const uint8_t * buf, int len, uint8_t * signature) const;
 
-			size_t GetFullLen () const { return m_Public.GetFullLen () + 256 + m_Public.GetSignatureLen ()/2; };			
+			size_t GetFullLen () const { return m_Public.GetFullLen () + 256 + m_Public.GetSigningPrivateKeyLen (); }; 		
 			size_t FromBuffer (const uint8_t * buf, size_t len);
 			size_t ToBuffer (uint8_t * buf, size_t len) const;
 
+			size_t FromBase64(const std::string& s);
+			std::string ToBase64 () const;
+
 			static PrivateKeys CreateRandomKeys (SigningKeyType type = SIGNING_KEY_TYPE_DSA_SHA1);
 	
 		private:
@@ -175,7 +193,7 @@ namespace data
 
 			IdentityEx m_Public;
 			uint8_t m_PrivateKey[256];
-			uint8_t m_SigningPrivateKey[128]; // assume private key doesn't exceed 128 bytes
+			uint8_t m_SigningPrivateKey[1024]; // assume private key doesn't exceed 1024 bytes
 			i2p::crypto::Signer * m_Signer;
 	};
 

LeaseSet.cpp

@@ -22,11 +22,17 @@ namespace data
 	LeaseSet::LeaseSet (const i2p::tunnel::TunnelPool& pool)
 	{	
 		// header
-		const i2p::data::LocalDestination& localDestination = pool.GetLocalDestination ();
+		const i2p::data::LocalDestination * localDestination = pool.GetLocalDestination ();
-		m_BufferLen = localDestination.GetIdentity ().ToBuffer (m_Buffer, MAX_LS_BUFFER_SIZE);
+		if (!localDestination)
-		memcpy (m_Buffer + m_BufferLen, localDestination.GetEncryptionPublicKey (), 256);
+		{
+			m_BufferLen = 0;
+			LogPrint (eLogError, "Destination for local LeaseSet doesn't exist");
+			return;
+		}	
+		m_BufferLen = localDestination->GetIdentity ().ToBuffer (m_Buffer, MAX_LS_BUFFER_SIZE);
+		memcpy (m_Buffer + m_BufferLen, localDestination->GetEncryptionPublicKey (), 256);
 		m_BufferLen += 256;
-		auto signingKeyLen = localDestination.GetIdentity ().GetSigningPublicKeyLen ();
+		auto signingKeyLen = localDestination->GetIdentity ().GetSigningPublicKeyLen ();
 		memset (m_Buffer + m_BufferLen, 0, signingKeyLen);
 		m_BufferLen += signingKeyLen;
 		auto tunnels = pool.GetInboundTunnels (5); // 5 tunnels maximum
@@ -44,8 +50,8 @@ namespace data
 			m_BufferLen += sizeof (Lease);
 		}	
 		// signature
-		localDestination.Sign (m_Buffer, m_BufferLen, m_Buffer + m_BufferLen);
+		localDestination->Sign (m_Buffer, m_BufferLen, m_Buffer + m_BufferLen);
-		m_BufferLen += localDestination.GetIdentity ().GetSignatureLen (); 
+		m_BufferLen += localDestination->GetIdentity ().GetSignatureLen (); 
 		LogPrint ("Local LeaseSet of ", tunnels.size (), " leases created");
 
 		ReadFromBuffer ();

LeaseSet.h

@@ -36,7 +36,7 @@ namespace data
 	
 #pragma pack()	
 
-	const int MAX_LS_BUFFER_SIZE = 2048;	
+	const int MAX_LS_BUFFER_SIZE = 3072;	
 	class LeaseSet: public RoutingDestination
 	{
 		public:

Log.cpp

@@ -20,19 +20,24 @@ void LogMsg::Process()
 
 void Log::Flush ()
 {
-	if (m_LogFile)
+	if (m_LogStream)
-		m_LogFile->flush();
+		m_LogStream->flush();
 }
 
 void Log::SetLogFile (const std::string& fullFilePath)
 {
-	if (m_LogFile) delete m_LogFile;
+	auto logFile = new std::ofstream (fullFilePath, std::ofstream::out | std::ofstream::binary | std::ofstream::trunc);
-	m_LogFile = new std::ofstream (fullFilePath, std::ofstream::out | std::ofstream::binary | std::ofstream::trunc);
+	if (logFile->is_open ())
-	if (m_LogFile->is_open ())
-		LogPrint("Logging to file ",  fullFilePath, " enabled.");
-	else
 	{
-		delete m_LogFile;
+		SetLogStream (logFile);
-		m_LogFile = nullptr;
+		LogPrint("Logging to file ",  fullFilePath, " enabled.");
-	}
+	}	
+	else
+		delete logFile;
+}
+
+void Log::SetLogStream (std::ostream * logStream)
+{
+	if (m_LogStream) delete m_LogStream;	
+	m_LogStream = logStream;
 }

Log.h

@@ -32,11 +32,12 @@ class Log: public i2p::util::MsgQueue<LogMsg>
 {
 	public:
 
-		Log (): m_LogFile (nullptr) { SetOnEmpty (std::bind (&Log::Flush, this)); };
+		Log (): m_LogStream (nullptr) { SetOnEmpty (std::bind (&Log::Flush, this)); };
-		~Log () { delete m_LogFile; };
+		~Log () { delete m_LogStream; };
 
 		void SetLogFile (const std::string& fullFilePath);
-		std::ofstream * GetLogFile () const { return m_LogFile; };	
+		void SetLogStream (std::ostream * logStream);
+		std::ostream * GetLogStream () const { return m_LogStream; };	
 
 	private:
 
@@ -44,7 +45,7 @@ class Log: public i2p::util::MsgQueue<LogMsg>
 
 	private:
 		
-		std::ofstream * m_LogFile;
+		std::ostream * m_LogStream;
 };
 
 extern Log * g_Log;
@@ -59,6 +60,16 @@ inline void StartLog (const std::string& fullFilePath)
 	}	
 }
 
+inline void StartLog (std::ostream * s)
+{
+	if (!g_Log)
+	{	
+		g_Log = new Log ();
+		if (s)
+			g_Log->SetLogStream (s);
+	}	
+}
+
 inline void StopLog ()
 {
 	if (g_Log)
@@ -84,7 +95,7 @@ void LogPrint (std::stringstream& s, TValue arg, TArgs... args)
 template<typename... TArgs>
 void LogPrint (LogLevel level, TArgs... args) 
 {
-	LogMsg * msg = (g_Log && g_Log->GetLogFile ()) ? new LogMsg (*g_Log->GetLogFile (), level) : 
+	LogMsg * msg = (g_Log && g_Log->GetLogStream ()) ? new LogMsg (*g_Log->GetLogStream (), level) : 
 		new LogMsg (std::cout, level);
 	LogPrint (msg->s, args...);
 	msg->s << std::endl;

Makefile

@@ -1,29 +1,52 @@
 UNAME := $(shell uname -s)
+SHLIB := libi2pd.so
+I2PD  := i2p
+
+include filelist.mk
+
+USE_AESNI  := yes
+USE_STATIC := no
 
 ifeq ($(UNAME),Darwin)
+  DAEMON_SRC += DaemonLinux.cpp
 	include Makefile.osx
-else ifeq ($(UNAME), FreeBSD)
+else ifeq ($(UNAME),FreeBSD)
+  DAEMON_SRC += DaemonLinux.cpp
 	include Makefile.bsd
-else
+else ifeq ($(UNAME),Linux)
+  DAEMON_SRC += DaemonLinux.cpp
 	include Makefile.linux
+else # win32
+  DAEMON_SRC += DaemonWin32.cpp
 endif
 
-all: obj i2p
+all: obj $(SHLIB) $(I2PD)
-
-i2p: $(OBJECTS:obj/%=obj/%)
-	$(CXX) -o $@ $^ $(LDLIBS) $(LDFLAGS) $(LIBS)
-
-.SUFFIXES:
-.SUFFIXES:	.c .cc .C .cpp .o
-
-obj/%.o : %.cpp
-	$(CXX) -o $@ $< -c $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) $(CPU_FLAGS)
 
 obj:
 	mkdir -p obj
 
+obj/%.o : %.cpp %.h
+	$(CXX) $(CXXFLAGS) $(INCFLAGS) -c -o $@ $<
+
+# weaker rule for building files without headers
+obj/%.o : %.cpp
+	$(CXX) $(CXXFLAGS) $(INCFLAGS) -c -o $@ $<
+
+$(I2PD):  $(patsubst %.cpp,obj/%.o,$(DAEMON_SRC))
+	$(CXX) -o $@ $^ $(LDFLAGS)  $(LDLIBS)
+
+$(SHLIB): $(patsubst %.cpp,obj/%.o,$(LIB_SRC))
+	$(CXX) -o  $@ $^ $(LDFLAGS)  $(LDLIBS) -shared 
+
 clean:
-	rm -fr obj i2p
+	rm -fr obj $(I2PD) $(SHLIB)
+
+LATEST_TAG=$(shell git describe --tags --abbrev=0 master)
+dist:
+	git archive --format=tar.gz -9 --worktree-attributes \
+	    --prefix=i2pd_$(LATEST_TAG)/ $(LATEST_TAG) -o i2pd_$(LATEST_TAG).tar.gz
+
 
 .PHONY: all
 .PHONY: clean
+.PHONY: dist

Makefile.bsd

@@ -1,8 +1,5 @@
 CXX = g++
-CXXFLAGS = -O2
+CXXFLAGS = -g -Wall -O2 -std=c++11
-NEEDED_CXXFLAGS = -std=c++11
-include filelist.mk
 INCFLAGS = -I/usr/include/ -I/usr/local/include/
 LDFLAGS = -Wl,-rpath,/usr/local/lib -L/usr/local/lib
 LDLIBS = -lcryptopp -lboost_system -lboost_date_time -lboost_filesystem -lboost_regex -lboost_program_options -lpthread
-LIBS =

Makefile.linux

@@ -1,43 +1,43 @@
-CXXFLAGS = -g -Wall
+CXXFLAGS = -g -Wall -fPIC
-CXXVER := $(shell $(CXX) -dumpversion)
-
-FGREP = fgrep
-IS_64 := $(shell $(CXX) -dumpmachine 2>&1 | $(FGREP) -c "64")
-USE_AESNI := yes
-ifeq ($(shell expr match ${CXXVER} "4\.[0-9][0-9]"),4) # >= 4.10
-NEEDED_CXXFLAGS += -std=c++11
-else ifeq ($(shell expr match ${CXXVER} "4\.[7-9]"),3) # >= 4.7
-NEEDED_CXXFLAGS += -std=c++11
-else ifeq ($(shell expr match ${CXXVER} "4\.6"),3) # = 4.6
-NEEDED_CXXFLAGS += -std=c++0x
-else ifeq ($(shell expr match $(CXX) 'clang'),5)
-NEEDED_CXXFLAGS += -std=c++11
-else # not supported
-$(error Compiler too old)
-endif
-
-LIBDIR := /usr/lib
-
-include filelist.mk
 INCFLAGS =
-ifeq ($(STATIC),yes)
+
-LDLIBS += $(LIBDIR)/libcryptopp.a $(LIBDIR)/libboost_system.a
+# detect proper flag for c++11 support by gcc
-LDLIBS += $(LIBDIR)/libboost_date_time.a $(LIBDIR)/libboost_filesystem.a
+CXXVER := $(shell $(CXX) -dumpversion)
-LDLIBS += $(LIBDIR)/libboost_regex.a $(LIBDIR)/libboost_program_options.a
+ifeq ($(shell expr match ${CXXVER} "4\.[0-9][0-9]"),4) # >= 4.10
-LDLIBS += -lpthread -static-libstdc++ -static-libgcc
+  CXXFLAGS += -std=c++11
-USE_AESNI := no
+else ifeq ($(shell expr match ${CXXVER} "4\.[7-9]"),3) # >= 4.7
-else
+  CXXFLAGS += -std=c++11
-LDLIBS = -lcryptopp -lboost_system -lboost_date_time -lboost_filesystem -lboost_regex -lboost_program_options -lpthread
+else ifeq ($(shell expr match ${CXXVER} "4\.6"),3) # = 4.6
+  CXXFLAGS += -std=c++0x
+else ifeq ($(shell expr match $(CXX) 'clang'),5)
+  CXXFLAGS += -std=c++11
+else # not supported
+  $(error Compiler too old)
 endif
-LIBS =
 
+ifeq ($(USE_STATIC),yes)
+  LIBDIR := /usr/lib
+  LDLIBS  = $(LIBDIR)/libboost_system.a
+  LDLIBS += $(LIBDIR)/libboost_date_time.a
+  LDLIBS += $(LIBDIR)/libboost_filesystem.a
+  LDLIBS += $(LIBDIR)/libboost_regex.a
+  LDLIBS += $(LIBDIR)/libboost_program_options.a
+  LDLIBS += $(LIBDIR)/libcryptopp.a
+  LDLIBS += -lpthread -static-libstdc++ -static-libgcc
+  USE_AESNI := no
+else
+  LDLIBS = -lcryptopp -lboost_system -lboost_date_time -lboost_filesystem -lboost_regex -lboost_program_options -lpthread
+endif
 
+GREP = fgrep
+IS_64 := $(shell $(CXX) -dumpmachine 2>&1 | $(GREP) -c "64")
 ifeq ($(USE_AESNI),yes)
 ifeq ($(IS_64),1)
 #check if AES-NI is supported by CPU
-ifneq ($(shell grep -c aes /proc/cpuinfo),0)
+ifneq ($(shell $(GREP) -c aes /proc/cpuinfo),0)
-	CPU_FLAGS = -maes -DAESNI
+  CXXFLAGS += -maes -DAESNI
+else
+  $(warning "AESNI support enabled requested but not supported by this CPU")
 endif
 endif
 endif
-

Makefile.osx

@@ -1,18 +1,17 @@
 CXX = clang++
-CXXFLAGS = -g -Wall -std=c++11 -lstdc++ -I/usr/local/include
+CXXFLAGS = -g -Wall -std=c++11 -lstdc++ -DCRYPTOPP_DISABLE_ASM
-include filelist.mk
+INCFLAGS = -I/usr/local/include
-INCFLAGS = -DCRYPTOPP_DISABLE_ASM
 LDFLAGS = -Wl,-rpath,/usr/local/lib -L/usr/local/lib
 LDLIBS = -lcryptopp -lboost_system -lboost_date_time -lboost_filesystem -lboost_regex -lboost_program_options -lpthread
-LIBS =
 
 # OSX Notes
 # http://www.hutsby.net/2011/08/macs-with-aes-ni.html
 # Seems like all recent Mac's have AES-NI, after firmware upgrade 2.2
 # Found no good way to detect it from command line. TODO: Might be some osx sysinfo magic
-CXXFLAGS += -maes -DAESNI
+ifeq ($(USE_AESNI),yes)
-
+  CXXFLAGS += -maes -DAESNI
-# Apple Mac OSX
-UNAME_S := $(shell uname -s)
-ifeq ($(UNAME_S),Darwin)
 endif
+
+install: all
+	mkdir -p ${PREFIX}/
+	cp -r i2p ${PREFIX}/

NTCPSession.cpp

@@ -1,7 +1,6 @@
 #include <string.h>
 #include <stdlib.h>
 #include "I2PEndian.h"
-#include <boost/bind.hpp>
 #include <cryptopp/dh.h>
 #include "base64.h"
 #include "Log.h"
@@ -19,7 +18,7 @@ namespace i2p
 {
 namespace transport
 {
-	NTCPSession::NTCPSession (boost::asio::io_service& service, const i2p::data::RouterInfo * in_RemoteRouter): 
+	NTCPSession::NTCPSession (boost::asio::io_service& service, std::shared_ptr<const i2p::data::RouterInfo> in_RemoteRouter): 
 		TransportSession (in_RemoteRouter),	m_Socket (service), 
 		m_TerminationTimer (service), m_IsEstablished (false), m_ReceiveBufferOffset (0), 
 		m_NextMessage (nullptr), m_NumSentBytes (0), m_NumReceivedBytes (0)
@@ -44,7 +43,7 @@ namespace transport
 		uint8_t sharedKey[256];
 		if (!dh.Agree (sharedKey, m_DHKeysPair->privateKey, pubKey))
 		{    
-		    LogPrint ("Couldn't create shared key");
+		    LogPrint (eLogError, "Couldn't create shared key");
 			Terminate ();
 			return;
 		};
@@ -66,7 +65,7 @@ namespace transport
 				nonZero++;
 				if (nonZero - sharedKey > 32)
 				{
-					LogPrint ("First 32 bytes of shared key is all zeros. Ignored");
+					LogPrint (eLogWarning, "First 32 bytes of shared key is all zeros. Ignored");
 					return;
 				}	
 			}
@@ -78,7 +77,6 @@ namespace transport
 	{
 		m_IsEstablished = false;
 		m_Socket.close ();
-		transports.RemoveNTCPSession (this);
 		int numDelayed = 0;
 		for (auto it :m_DelayedMessages)
 		{	
@@ -89,16 +87,14 @@ namespace transport
 		}	
 		m_DelayedMessages.clear ();
 		if (numDelayed > 0)
-			LogPrint ("NTCP session ", numDelayed, " not sent");
+			LogPrint (eLogWarning, "NTCP session ", numDelayed, " not sent");
 		// TODO: notify tunnels
-		
+		transports.RemoveNTCPSession (shared_from_this ());
-		delete this;
 		LogPrint ("NTCP session terminated");
 	}	
 
 	void NTCPSession::Connected ()
 	{
-		LogPrint ("NTCP session connected");
 		m_IsEstablished = true;
 
 		delete m_Establisher;
@@ -131,31 +127,31 @@ namespace transport
 			m_Establisher->phase1.HXxorHI[i] ^= ident[i];
 		
 		boost::asio::async_write (m_Socket, boost::asio::buffer (&m_Establisher->phase1, sizeof (NTCPPhase1)), boost::asio::transfer_all (),
-        	boost::bind(&NTCPSession::HandlePhase1Sent, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred));
+        	std::bind(&NTCPSession::HandlePhase1Sent, shared_from_this (), std::placeholders::_1, std::placeholders::_2));
 	}	
 
 	void NTCPSession::ServerLogin ()
 	{
 		// receive Phase1
 		boost::asio::async_read (m_Socket, boost::asio::buffer(&m_Establisher->phase1, sizeof (NTCPPhase1)), boost::asio::transfer_all (),                    
-			boost::bind(&NTCPSession::HandlePhase1Received, this, 
+			std::bind(&NTCPSession::HandlePhase1Received, shared_from_this (), 
-				boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred));
+				std::placeholders::_1, std::placeholders::_2));
 	}	
 		
 	void NTCPSession::HandlePhase1Sent (const boost::system::error_code& ecode, std::size_t bytes_transferred)
 	{
 		if (ecode)
         {
-			LogPrint ("Couldn't send Phase 1 message: ", ecode.message ());
+			LogPrint (eLogWarning, "Couldn't send Phase 1 message: ", ecode.message ());
 			if (ecode != boost::asio::error::operation_aborted)
 				Terminate ();
 		}
 		else
 		{	
-			LogPrint ("Phase 1 sent: ", bytes_transferred);
+			LogPrint (eLogDebug, "Phase 1 sent: ", bytes_transferred);
 			boost::asio::async_read (m_Socket, boost::asio::buffer(&m_Establisher->phase2, sizeof (NTCPPhase2)), boost::asio::transfer_all (),                 
-				boost::bind(&NTCPSession::HandlePhase2Received, this, 
+				std::bind(&NTCPSession::HandlePhase2Received, shared_from_this (), 
-					boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred));
+					std::placeholders::_1, std::placeholders::_2));
 		}	
 	}	
 
@@ -163,13 +159,13 @@ namespace transport
 	{
 		if (ecode)
         {
-			LogPrint ("Phase 1 read error: ", ecode.message ());
+			LogPrint (eLogError, "Phase 1 read error: ", ecode.message ());
 			if (ecode != boost::asio::error::operation_aborted)
 				Terminate ();
 		}
 		else
 		{	
-			LogPrint ("Phase 1 received: ", bytes_transferred);
+			LogPrint (eLogDebug, "Phase 1 received: ", bytes_transferred);
 			// verify ident
 			uint8_t digest[32];
 			CryptoPP::SHA256().CalculateDigest(digest, m_Establisher->phase1.pubKey, 256);
@@ -178,7 +174,7 @@ namespace transport
 			{	
 				if ((m_Establisher->phase1.HXxorHI[i] ^ ident[i]) != digest[i])
 				{
-					LogPrint ("Wrong ident");
+					LogPrint (eLogError, "Wrong ident");
 					Terminate ();
 					return;
 				}	
@@ -211,7 +207,7 @@ namespace transport
 		
 		m_Encryption.Encrypt ((uint8_t *)&m_Establisher->phase2.encrypted, sizeof(m_Establisher->phase2.encrypted), (uint8_t *)&m_Establisher->phase2.encrypted);
 		boost::asio::async_write (m_Socket, boost::asio::buffer (&m_Establisher->phase2, sizeof (NTCPPhase2)), boost::asio::transfer_all (),
-        	boost::bind(&NTCPSession::HandlePhase2Sent, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred, tsB));
+        	std::bind(&NTCPSession::HandlePhase2Sent, shared_from_this (), std::placeholders::_1, std::placeholders::_2, tsB));
 
 	}	
 		
@@ -219,16 +215,16 @@ namespace transport
 	{
 		if (ecode)
         {
-			LogPrint ("Couldn't send Phase 2 message: ", ecode.message ());
+			LogPrint (eLogWarning, "Couldn't send Phase 2 message: ", ecode.message ());
 			if (ecode != boost::asio::error::operation_aborted)
 				Terminate ();
 		}
 		else
 		{	
-			LogPrint ("Phase 2 sent: ", bytes_transferred);
+			LogPrint (eLogDebug, "Phase 2 sent: ", bytes_transferred);
-			boost::asio::async_read (m_Socket, boost::asio::buffer(&m_Establisher->phase3, sizeof (NTCPPhase3)), boost::asio::transfer_all (),                   
+			boost::asio::async_read (m_Socket, boost::asio::buffer(m_ReceiveBuffer, NTCP_DEFAULT_PHASE3_SIZE), boost::asio::transfer_all (),                   
-				boost::bind(&NTCPSession::HandlePhase3Received, this, 
+				std::bind(&NTCPSession::HandlePhase3Received, shared_from_this (), 
-					boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred, tsB));
+					std::placeholders::_1, std::placeholders::_2, tsB));
 		}	
 	}	
 		
@@ -248,7 +244,7 @@ namespace transport
 		}
 		else
 		{	
-			LogPrint ("Phase 2 received: ", bytes_transferred);
+			LogPrint (eLogDebug, "Phase 2 received: ", bytes_transferred);
 		
 			i2p::crypto::AESKey aesKey;
 			CreateAESKey (m_Establisher->phase2.pubKey, aesKey);
@@ -265,7 +261,7 @@ namespace transport
 			CryptoPP::SHA256().CalculateDigest(hxy, xy, 512); 
 			if (memcmp (hxy, m_Establisher->phase2.encrypted.hxy, 32))
 			{
-				LogPrint ("Incorrect hash");
+				LogPrint (eLogError, "Incorrect hash");
 				transports.ReuseDHKeysPair (m_DHKeysPair);
 				m_DHKeysPair = nullptr;
 				Terminate ();
@@ -277,39 +273,56 @@ namespace transport
 
 	void NTCPSession::SendPhase3 ()
 	{
-		m_Establisher->phase3.size = htons (i2p::data::DEFAULT_IDENTITY_SIZE);
+		auto keys = i2p::context.GetPrivateKeys ();
-		memcpy (&m_Establisher->phase3.ident, &i2p::context.GetIdentity ().GetStandardIdentity (), i2p::data::DEFAULT_IDENTITY_SIZE);	// TODO:	
+		uint8_t * buf = m_ReceiveBuffer; 
+		*(uint16_t *)buf = htobe16 (keys.GetPublic ().GetFullLen ());
+		buf += 2;
+		buf += i2p::context.GetIdentity ().ToBuffer (buf, NTCP_BUFFER_SIZE);
 		uint32_t tsA = htobe32 (i2p::util::GetSecondsSinceEpoch ());
-		m_Establisher->phase3.timestamp = tsA;
+		*(uint32_t *)buf = tsA;
-		
+		buf += 4;		
+		size_t signatureLen = keys.GetPublic ().GetSignatureLen ();
+		size_t len = (buf - m_ReceiveBuffer) + signatureLen;
+		size_t paddingSize = len & 0x0F; // %16
+		if (paddingSize > 0) 
+		{
+			paddingSize = 16 - paddingSize;
+			// TODO: fill padding with random data
+			buf += paddingSize;
+			len += paddingSize;
+		}
+
 		SignedData s;
 		s.Insert (m_Establisher->phase1.pubKey, 256); // x
 		s.Insert (m_Establisher->phase2.pubKey, 256); // y
 		s.Insert (m_RemoteIdentity.GetIdentHash (), 32); // ident
  		s.Insert (tsA);	// tsA
 		s.Insert (m_Establisher->phase2.encrypted.timestamp); // tsB
-		s.Sign (i2p::context.GetPrivateKeys (), m_Establisher->phase3.signature);	
+		s.Sign (keys, buf);
 
-		m_Encryption.Encrypt((uint8_t *)&m_Establisher->phase3, sizeof(NTCPPhase3), (uint8_t *)&m_Establisher->phase3);
+		m_Encryption.Encrypt(m_ReceiveBuffer, len, m_ReceiveBuffer);		        
-		        
+		boost::asio::async_write (m_Socket, boost::asio::buffer (m_ReceiveBuffer, len), boost::asio::transfer_all (),
-		boost::asio::async_write (m_Socket, boost::asio::buffer (&m_Establisher->phase3, sizeof (NTCPPhase3)), boost::asio::transfer_all (),
+        	std::bind(&NTCPSession::HandlePhase3Sent, shared_from_this (), std::placeholders::_1, std::placeholders::_2, tsA));				
-        	boost::bind(&NTCPSession::HandlePhase3Sent, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred, tsA));				
 	}	
 		
 	void NTCPSession::HandlePhase3Sent (const boost::system::error_code& ecode, std::size_t bytes_transferred, uint32_t tsA)
 	{
 		if (ecode)
         {
-			LogPrint ("Couldn't send Phase 3 message: ", ecode.message ());
+			LogPrint (eLogWarning, "Couldn't send Phase 3 message: ", ecode.message ());
 			if (ecode != boost::asio::error::operation_aborted)
 				Terminate ();
 		}
 		else
 		{	
-			LogPrint ("Phase 3 sent: ", bytes_transferred);
+			LogPrint (eLogDebug, "Phase 3 sent: ", bytes_transferred);
-			boost::asio::async_read (m_Socket, boost::asio::buffer(&m_Establisher->phase4, sizeof (NTCPPhase4)), boost::asio::transfer_all (),                  
+			// wait for phase4 
-				boost::bind(&NTCPSession::HandlePhase4Received, this, 
+			auto signatureLen = m_RemoteIdentity.GetSignatureLen ();
-					boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred, tsA));
+			size_t paddingSize = signatureLen & 0x0F; // %16
+			if (paddingSize > 0) signatureLen += (16 - paddingSize);	
+			boost::asio::async_read (m_Socket, boost::asio::buffer(m_ReceiveBuffer, signatureLen), boost::asio::transfer_all (),                  
+				std::bind(&NTCPSession::HandlePhase4Received, shared_from_this (), 
+					std::placeholders::_1, std::placeholders::_2, tsA));
 		}	
 	}	
 
@@ -317,59 +330,106 @@ namespace transport
 	{	
 		if (ecode)
         {
-			LogPrint ("Phase 3 read error: ", ecode.message ());
+			LogPrint (eLogError, "Phase 3 read error: ", ecode.message ());
 			if (ecode != boost::asio::error::operation_aborted)
 				Terminate ();
 		}
 		else
 		{	
-			LogPrint ("Phase 3 received: ", bytes_transferred);
+			LogPrint (eLogDebug, "Phase 3 received: ", bytes_transferred);
-			m_Decryption.Decrypt ((uint8_t *)&m_Establisher->phase3, sizeof(NTCPPhase3), (uint8_t *)&m_Establisher->phase3);
+			m_Decryption.Decrypt (m_ReceiveBuffer, bytes_transferred, m_ReceiveBuffer);
-			m_RemoteIdentity = m_Establisher->phase3.ident;
+			uint8_t * buf = m_ReceiveBuffer;
-
+			uint16_t size = be16toh (*(uint16_t *)buf);
-			SignedData s;
+			m_RemoteIdentity.FromBuffer (buf + 2, size);
-			s.Insert (m_Establisher->phase1.pubKey, 256); // x
+			size_t expectedSize = size + 2/*size*/ + 4/*timestamp*/ + m_RemoteIdentity.GetSignatureLen ();
-			s.Insert (m_Establisher->phase2.pubKey, 256); // y
+			size_t paddingLen = expectedSize & 0x0F;
-			s.Insert (i2p::context.GetRouterInfo ().GetIdentHash (), 32); // ident
+			if (paddingLen) paddingLen = (16 - paddingLen);	
-			s.Insert (m_Establisher->phase3.timestamp); // tsA
+			if (expectedSize > NTCP_DEFAULT_PHASE3_SIZE)
-			s.Insert (tsB); // tsB			
+			{
-			if (!s.Verify (m_RemoteIdentity, m_Establisher->phase3.signature))
+				// we need more bytes for Phase3
-			{	
+				expectedSize += paddingLen;	
-				LogPrint ("signature verification failed");
+				LogPrint (eLogDebug, "Wait for ", expectedSize, " more bytes for Phase3");
-				Terminate ();
+				boost::asio::async_read (m_Socket, boost::asio::buffer(m_ReceiveBuffer + NTCP_DEFAULT_PHASE3_SIZE, expectedSize), boost::asio::transfer_all (),                   
-				return;
+				std::bind(&NTCPSession::HandlePhase3ExtraReceived, shared_from_this (), 
-			}	
+					std::placeholders::_1, std::placeholders::_2, tsB, paddingLen));
-
+			}
-			SendPhase4 (tsB);
+			else
+				HandlePhase3 (tsB, paddingLen);
 		}	
 	}
 
-	void NTCPSession::SendPhase4 (uint32_t tsB)
+	void NTCPSession::HandlePhase3ExtraReceived (const boost::system::error_code& ecode, std::size_t bytes_transferred, uint32_t tsB, size_t paddingLen)
+	{
+		if (ecode)
+        {
+			LogPrint (eLogError, "Phase 3 extra read error: ", ecode.message ());
+			if (ecode != boost::asio::error::operation_aborted)
+				Terminate ();
+		}
+		else
+		{
+			LogPrint (eLogDebug, "Phase 3 extra received: ", bytes_transferred);
+			m_Decryption.Decrypt (m_ReceiveBuffer + NTCP_DEFAULT_PHASE3_SIZE, bytes_transferred, m_ReceiveBuffer+ NTCP_DEFAULT_PHASE3_SIZE);
+			HandlePhase3 (tsB, paddingLen);
+		}		
+	}	
+
+	void NTCPSession::HandlePhase3 (uint32_t tsB, size_t paddingLen)
+	{
+		uint8_t * buf = m_ReceiveBuffer + m_RemoteIdentity.GetFullLen () + 2 /*size*/;
+		uint32_t tsA = *(uint32_t *)buf; 
+		buf += 4;
+		buf += paddingLen;	
+
+		SignedData s;
+		s.Insert (m_Establisher->phase1.pubKey, 256); // x
+		s.Insert (m_Establisher->phase2.pubKey, 256); // y
+		s.Insert (i2p::context.GetRouterInfo ().GetIdentHash (), 32); // ident
+		s.Insert (tsA); // tsA
+		s.Insert (tsB); // tsB			
+		if (!s.Verify (m_RemoteIdentity, buf))
+		{	
+			LogPrint (eLogError, "signature verification failed");
+			Terminate ();
+			return;
+		}	
+
+		SendPhase4 (tsA, tsB);
+	}
+
+	void NTCPSession::SendPhase4 (uint32_t tsA, uint32_t tsB)
 	{
 		SignedData s;
 		s.Insert (m_Establisher->phase1.pubKey, 256); // x
 		s.Insert (m_Establisher->phase2.pubKey, 256); // y
 		s.Insert (m_RemoteIdentity.GetIdentHash (), 32); // ident
-		s.Insert (m_Establisher->phase3.timestamp); // tsA
+		s.Insert (tsA); // tsA
 		s.Insert (tsB); // tsB
-		s.Sign (i2p::context.GetPrivateKeys (), m_Establisher->phase4.signature);
+		auto keys = i2p::context.GetPrivateKeys ();
-		m_Encryption.Encrypt ((uint8_t *)&m_Establisher->phase4, sizeof(NTCPPhase4), (uint8_t *)&m_Establisher->phase4);
+ 		auto signatureLen = keys.GetPublic ().GetSignatureLen ();
+		s.Sign (keys, m_ReceiveBuffer);
+		size_t paddingSize = signatureLen & 0x0F; // %16
+		if (paddingSize > 0) signatureLen += (16 - paddingSize);		
+		m_Encryption.Encrypt (m_ReceiveBuffer, signatureLen, m_ReceiveBuffer);
 
-		boost::asio::async_write (m_Socket, boost::asio::buffer (&m_Establisher->phase4, sizeof (NTCPPhase4)), boost::asio::transfer_all (),
+		boost::asio::async_write (m_Socket, boost::asio::buffer (m_ReceiveBuffer, signatureLen), boost::asio::transfer_all (),
-        	boost::bind(&NTCPSession::HandlePhase4Sent, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred));
+        	std::bind(&NTCPSession::HandlePhase4Sent, shared_from_this (), std::placeholders::_1, std::placeholders::_2));
 	}	
 
 	void NTCPSession::HandlePhase4Sent (const boost::system::error_code& ecode,  std::size_t bytes_transferred)
 	{
 		if (ecode)
         {
-			LogPrint ("Couldn't send Phase 4 message: ", ecode.message ());
+			LogPrint (eLogWarning, "Couldn't send Phase 4 message: ", ecode.message ());
 			if (ecode != boost::asio::error::operation_aborted)
 				Terminate ();
 		}
 		else
 		{	
-			LogPrint ("Phase 4 sent: ", bytes_transferred);
+			LogPrint (eLogDebug, "Phase 4 sent: ", bytes_transferred);
+			LogPrint ("NTCP server session connected");
+			transports.AddNTCPSession (shared_from_this ());
+
 			Connected ();
 			m_ReceiveBufferOffset = 0;
 			m_NextMessage = nullptr;
@@ -381,7 +441,7 @@ namespace transport
 	{
 		if (ecode)
         {
-			LogPrint ("Phase 4 read error: ", ecode.message ());
+			LogPrint (eLogError, "Phase 4 read error: ", ecode.message ());
 			if (ecode != boost::asio::error::operation_aborted)
 			{
 				 // this router doesn't like us	
@@ -391,8 +451,8 @@ namespace transport
 		}
 		else
 		{	
-			LogPrint ("Phase 4 received: ", bytes_transferred);
+			LogPrint (eLogDebug, "Phase 4 received: ", bytes_transferred);
-			m_Decryption.Decrypt((uint8_t *)&m_Establisher->phase4, sizeof(NTCPPhase4), (uint8_t *)&m_Establisher->phase4);
+			m_Decryption.Decrypt(m_ReceiveBuffer, bytes_transferred, m_ReceiveBuffer);
 
 			// verify signature
 			SignedData s;
@@ -402,12 +462,13 @@ namespace transport
 			s.Insert (tsA); // tsA
 			s.Insert (m_Establisher->phase2.encrypted.timestamp); // tsB
 
-			if (!s.Verify (m_RemoteIdentity, m_Establisher->phase4.signature))
+			if (!s.Verify (m_RemoteIdentity, m_ReceiveBuffer))
 			{	
-				LogPrint ("signature verification failed");
+				LogPrint (eLogError, "signature verification failed");
 				Terminate ();
 				return;
 			}	
+			LogPrint ("NTCP session connected");
 			Connected ();
 						
 			m_ReceiveBufferOffset = 0;
@@ -419,15 +480,15 @@ namespace transport
 	void NTCPSession::Receive ()
 	{
 		m_Socket.async_read_some (boost::asio::buffer(m_ReceiveBuffer + m_ReceiveBufferOffset, NTCP_BUFFER_SIZE - m_ReceiveBufferOffset),                
-			boost::bind(&NTCPSession::HandleReceived, this, 
+			std::bind(&NTCPSession::HandleReceived, shared_from_this (), 
-			boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred));
+			std::placeholders::_1, std::placeholders::_2));
 	}	
 		
 	void NTCPSession::HandleReceived (const boost::system::error_code& ecode, std::size_t bytes_transferred)
 	{
 		if (ecode)
         {
-			LogPrint ("Read error: ", ecode.message ());
+			LogPrint (eLogError, "Read error: ", ecode.message ());
 			//if (ecode != boost::asio::error::operation_aborted)
 				Terminate ();
 		}
@@ -472,7 +533,7 @@ namespace transport
 				// new message
 				if (dataSize > NTCP_MAX_MESSAGE_SIZE)
 				{
-					LogPrint ("NTCP data size ", dataSize, " exceeds max size");
+					LogPrint (eLogError, "NTCP data size ", dataSize, " exceeds max size");
 					i2p::DeleteI2NPMessage (m_NextMessage);
 					m_NextMessage = nullptr;
 					return false;
@@ -515,7 +576,7 @@ namespace transport
 			// regular I2NP
 			if (msg->offset < 2)
 			{
-				LogPrint ("Malformed I2NP message");
+				LogPrint (eLogError, "Malformed I2NP message");
 				i2p::DeleteI2NPMessage (msg);
 			}	
 			sendBuffer = msg->GetBuffer () - 2; 
@@ -540,7 +601,7 @@ namespace transport
 		m_Encryption.Encrypt(sendBuffer, l, sendBuffer);	
 
 		boost::asio::async_write (m_Socket, boost::asio::buffer (sendBuffer, l), boost::asio::transfer_all (),                      
-        	boost::bind(&NTCPSession::HandleSent, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred, msg));	
+        	std::bind(&NTCPSession::HandleSent, shared_from_this (), std::placeholders::_1, std::placeholders::_2, msg));	
 	}
 		
 	void NTCPSession::HandleSent (const boost::system::error_code& ecode, std::size_t bytes_transferred, i2p::I2NPMessage * msg)
@@ -549,7 +610,7 @@ namespace transport
 			i2p::DeleteI2NPMessage (msg);
 		if (ecode)
         {
-			LogPrint ("Couldn't send msg: ", ecode.message ());
+			LogPrint (eLogWarning, "Couldn't send msg: ", ecode.message ());
 			// we shouldn't call Terminate () here, because HandleReceive takes care
 			// TODO: 'delete this' statement in Terminate () must be eliminated later
 			// Terminate ();
@@ -581,8 +642,8 @@ namespace transport
 	{
 		m_TerminationTimer.cancel ();
 		m_TerminationTimer.expires_from_now (boost::posix_time::seconds(NTCP_TERMINATION_TIMEOUT));
-		m_TerminationTimer.async_wait (boost::bind (&NTCPSession::HandleTerminationTimer,
+		m_TerminationTimer.async_wait (std::bind (&NTCPSession::HandleTerminationTimer,
-			this, boost::asio::placeholders::error));
+			shared_from_this (), std::placeholders::_1));
 	}
 
 	void NTCPSession::HandleTerminationTimer (const boost::system::error_code& ecode)
@@ -594,47 +655,5 @@ namespace transport
 			m_Socket.close ();// invoke Terminate () from HandleReceive 
 		}	
 	}	
-		
-		
-	NTCPClient::NTCPClient (boost::asio::io_service& service, const boost::asio::ip::address& address, 
-		int port, const i2p::data::RouterInfo& in_RouterInfo): 
-		NTCPSession (service, &in_RouterInfo), m_Endpoint (address, port)	
-	{
-		Connect ();
-	}
-
-	void NTCPClient::Connect ()
-	{
-		LogPrint ("Connecting to ", m_Endpoint.address ().to_string (),":",  m_Endpoint.port ());
-		 GetSocket ().async_connect (m_Endpoint, boost::bind (&NTCPClient::HandleConnect,
-			this, boost::asio::placeholders::error));
-	}	
-
-	void NTCPClient::HandleConnect (const boost::system::error_code& ecode)
-	{
-		if (ecode)
-        {
-			LogPrint ("Connect error: ", ecode.message ());
-			if (ecode != boost::asio::error::operation_aborted)
-			{
-				i2p::data::netdb.SetUnreachable (GetRemoteIdentity ().GetIdentHash (), true);
-				Terminate ();
-			}
-		}
-		else
-		{
-			LogPrint ("Connected");
-			if (GetSocket ().local_endpoint ().protocol () == boost::asio::ip::tcp::v6()) // ipv6
-				context.UpdateNTCPV6Address (GetSocket ().local_endpoint ().address ());
-			ClientLogin ();
-		}	
-	}	
-
-	void NTCPServerConnection::Connected ()
-	{
-		LogPrint ("NTCP server session connected");
-		transports.AddNTCPSession (this);
-		NTCPSession::Connected ();
-	}	
 }	
 }	

NTCPSession.h

@@ -3,7 +3,7 @@
 
 #include <inttypes.h>
 #include <list>
-#include <boost/asio.hpp>
+#include <memory>
 #include <cryptopp/modes.h>
 #include <cryptopp/aes.h>
 #include <cryptopp/adler32.h>
@@ -35,35 +35,21 @@ namespace transport
 			uint8_t filler[12];
 		} encrypted;	
 	};	
-
-	struct NTCPPhase3
-	{
-		uint16_t size;
-		i2p::data::Identity ident;
-		uint32_t timestamp; 
-		uint8_t padding[15];
-		uint8_t signature[40];
-	};
-
-
-	struct NTCPPhase4
-	{
-		uint8_t signature[40];
-		uint8_t padding[8];
-	};
 	
 #pragma pack()	
 
 	const size_t NTCP_MAX_MESSAGE_SIZE = 16384; 
 	const size_t NTCP_BUFFER_SIZE = 1040; // fits one tunnel message (1028)
 	const int NTCP_TERMINATION_TIMEOUT = 120; // 2 minutes
+	const size_t NTCP_DEFAULT_PHASE3_SIZE = 2/*size*/ + i2p::data::DEFAULT_IDENTITY_SIZE/*387*/ + 4/*ts*/ + 15/*padding*/ + 40/*signature*/; // 448 	
 
-	class NTCPSession: public TransportSession
+	class NTCPSession: public TransportSession, public std::enable_shared_from_this<NTCPSession>
 	{
 		public:
 
-			NTCPSession (boost::asio::io_service& service, const i2p::data::RouterInfo * in_RemoteRouter = nullptr);
+			NTCPSession (boost::asio::io_service& service, std::shared_ptr<const i2p::data::RouterInfo> in_RemoteRouter = nullptr);
 			~NTCPSession ();
+			void Terminate ();
 
 			boost::asio::ip::tcp::socket& GetSocket () { return m_Socket; };
 			bool IsEstablished () const { return m_IsEstablished; };
@@ -77,8 +63,7 @@ namespace transport
 			
 		protected:
 
-			void Terminate ();
+			void Connected ();
-			virtual void Connected ();
 			void SendTimeSyncMessage ();
 			void SetIsEstablished (bool isEstablished) { m_IsEstablished = isEstablished; }
 			
@@ -95,10 +80,12 @@ namespace transport
 
 			//server
 			void SendPhase2 ();
-			void SendPhase4 (uint32_t tsB);
+			void SendPhase4 (uint32_t tsA, uint32_t tsB);
 			void HandlePhase1Received (const boost::system::error_code& ecode, std::size_t bytes_transferred);
 			void HandlePhase2Sent (const boost::system::error_code& ecode, std::size_t bytes_transferred, uint32_t tsB);
 			void HandlePhase3Received (const boost::system::error_code& ecode, std::size_t bytes_transferred, uint32_t tsB);
+			void HandlePhase3ExtraReceived (const boost::system::error_code& ecode, std::size_t bytes_transferred, uint32_t tsB, size_t paddingLen);
+			void HandlePhase3 (uint32_t tsB, size_t paddingLen);
 			void HandlePhase4Sent (const boost::system::error_code& ecode,  std::size_t bytes_transferred);
 			
 			// common
@@ -128,11 +115,10 @@ namespace transport
 			{	
 				NTCPPhase1 phase1;
 				NTCPPhase2 phase2;
-				NTCPPhase3 phase3;
-				NTCPPhase4 phase4;
 			} * m_Establisher;	
 			
-			uint8_t m_ReceiveBuffer[NTCP_BUFFER_SIZE + 16], m_TimeSyncBuffer[16];
+			i2p::crypto::AESAlignedBuffer<NTCP_BUFFER_SIZE + 16> m_ReceiveBuffer;
+			i2p::crypto::AESAlignedBuffer<16> m_TimeSyncBuffer;
 			int m_ReceiveBufferOffset; 
 
 			i2p::I2NPMessage * m_NextMessage;
@@ -141,34 +127,6 @@ namespace transport
 
 			size_t m_NumSentBytes, m_NumReceivedBytes;
 	};	
-
-	class NTCPClient: public NTCPSession
-	{
-		public:
-
-			NTCPClient (boost::asio::io_service& service, const boost::asio::ip::address& address, int port, const i2p::data::RouterInfo& in_RouterInfo);
-
-		private:
-
-			void Connect ();
-			void HandleConnect (const boost::system::error_code& ecode);
-			
-		private:
-
-			boost::asio::ip::tcp::endpoint m_Endpoint;
-	};	
-
-	class NTCPServerConnection: public NTCPSession
-	{
-		public:
-
-			NTCPServerConnection (boost::asio::io_service& service): 
-				NTCPSession (service) {};
-			
-		protected:
-
-			virtual void Connected ();
-	};	
 }	
 }	
 

NetDb.cpp

@@ -21,7 +21,7 @@ namespace i2p
 {
 namespace data
 {		
-	I2NPMessage * RequestedDestination::CreateRequestMessage (const RouterInfo * router,
+	I2NPMessage * RequestedDestination::CreateRequestMessage (std::shared_ptr<const RouterInfo> router,
 		const i2p::tunnel::InboundTunnel * replyTunnel)
 	{
 		I2NPMessage * msg = i2p::CreateDatabaseLookupMsg (m_Destination, 
@@ -29,8 +29,8 @@ namespace data
 		    &m_ExcludedPeers, m_IsLeaseSet, m_Pool);
 		if (m_IsLeaseSet) // wrap lookup message into garlic
 		{
-			if (m_Pool)
+			if (m_Pool && m_Pool->GetLocalDestination ())
-				msg = m_Pool->GetGarlicDestination ().WrapMessage (*router, msg);
+				msg = m_Pool->GetLocalDestination ()->WrapMessage (*router, msg);
 			else
 				LogPrint ("Can't create garlic message without destination");
 		}	
@@ -62,7 +62,7 @@ namespace data
 #endif			
 	NetDb netdb;
 
-	NetDb::NetDb (): m_IsRunning (false), m_ReseedRetries (0), m_Thread (0)
+	NetDb::NetDb (): m_IsRunning (false), m_Thread (0)
 	{
 	}
 	
@@ -78,12 +78,27 @@ namespace data
 	void NetDb::Start ()
 	{	
 		Load (m_NetDbPath);
-		while (m_RouterInfos.size () < 100 && m_ReseedRetries < 10)
+		if (m_RouterInfos.size () < 100) // reseed if # of router less than 100
-		{
+		{	
 			Reseeder reseeder;
-			reseeder.reseedNow();
+			reseeder.LoadCertificates (); // we need certificates for SU3 verification
-			m_ReseedRetries++;
+
-			Load (m_NetDbPath);
+			// try SU3 first
+			int reseedRetries = 0;
+			while (m_RouterInfos.size () < 100 && reseedRetries < 10)
+			{	
+				reseeder.ReseedNowSU3();
+				reseedRetries++;
+			}	
+
+			// if still not enough download .dat files
+			reseedRetries = 0;
+			while (m_RouterInfos.size () < 100 && reseedRetries < 10)
+			{
+				reseeder.reseedNow();
+				reseedRetries++;
+				Load (m_NetDbPath);
+			}
 		}	
 		m_Thread = new std::thread (std::bind (&NetDb::Run, this));
 	}
@@ -165,26 +180,36 @@ namespace data
 		}	
 	}	
 	
+	void NetDb::AddRouterInfo (const uint8_t * buf, int len)
+	{
+		IdentityEx identity;
+		if (identity.FromBuffer (buf, len))
+			AddRouterInfo (identity.GetIdentHash (), buf, len);	
+	}
+
 	void NetDb::AddRouterInfo (const IdentHash& ident, const uint8_t * buf, int len)
 	{	
-		DeleteRequestedDestination (ident);
+		DeleteRequestedDestination (ident);	
-		auto it = m_RouterInfos.find(ident);
+		auto r = FindRouter (ident);
-		if (it != m_RouterInfos.end ())
+		if (r)
 		{
-			auto ts = it->second->GetTimestamp ();
+			auto ts = r->GetTimestamp ();
-			it->second->Update (buf, len);
+			r->Update (buf, len);
-			if (it->second->GetTimestamp () > ts)
+			if (r->GetTimestamp () > ts)
 				LogPrint ("RouterInfo updated");
 		}	
 		else	
 		{	
 			LogPrint ("New RouterInfo added");
-			auto r = std::make_shared<RouterInfo> (buf, len);
+			auto newRouter = std::make_shared<RouterInfo> (buf, len);
-			m_RouterInfos[r->GetIdentHash ()] = r;
+			{
-			if (r->IsFloodfill ())
+				std::unique_lock<std::mutex> l(m_RouterInfosMutex);
+				m_RouterInfos[newRouter->GetIdentHash ()] = newRouter;
+			}
+			if (newRouter->IsFloodfill ())
 			{
 				std::unique_lock<std::mutex> l(m_FloodfillsMutex);
-				m_Floodfills.push_back (r);
+				m_Floodfills.push_back (newRouter);
 			}	
 		}	
 	}	
@@ -209,11 +234,12 @@ namespace data
 		}	
 	}	
 
-	RouterInfo * NetDb::FindRouter (const IdentHash& ident) const
+	std::shared_ptr<RouterInfo> NetDb::FindRouter (const IdentHash& ident) const
 	{
+		std::unique_lock<std::mutex> l(m_RouterInfosMutex);
 		auto it = m_RouterInfos.find (ident);
 		if (it != m_RouterInfos.end ())
-			return it->second.get ();
+			return it->second;
 		else
 			return nullptr;
 	}
@@ -354,18 +380,36 @@ namespace data
 				
 				if (it.second->IsUnreachable ())
 				{	
+					// delete RI file
 					if (boost::filesystem::exists (GetFilePath (fullDirectory, it.second.get ())))
 					{    
 						boost::filesystem::remove (GetFilePath (fullDirectory, it.second.get ()));
 						deletedCount++;
 					}	
+					// delete from floodfills list
+					if (it.second->IsFloodfill ())
+					{
+						std::unique_lock<std::mutex> l(m_FloodfillsMutex);
+						m_Floodfills.remove (it.second);
+					}
 				}
 			}	
 		}	
 		if (count > 0)
 			LogPrint (count," new/updated routers saved");
 		if (deletedCount > 0)
+		{
 			LogPrint (deletedCount," routers deleted");
+			// clean up RouterInfos table
+			std::unique_lock<std::mutex> l(m_RouterInfosMutex);
+			for (auto it = m_RouterInfos.begin (); it != m_RouterInfos.end ();)
+			{
+				if (it->second->IsUnreachable ())
+					it = m_RouterInfos.erase (it);
+				else
+					it++;
+			}
+		}
 	}
 
 	void NetDb::RequestDestination (const IdentHash& destination, bool isLeaseSet, i2p::tunnel::TunnelPool * pool)
@@ -611,7 +655,7 @@ namespace data
 				LogPrint ("Requested RouterInfo ", key, " found");
 				router->LoadBuffer ();
 				if (router->GetBuffer ()) 
-					replyMsg = CreateDatabaseStoreMsg (router);
+					replyMsg = CreateDatabaseStoreMsg (router.get ());
 			}
 		}
 		if (!replyMsg)
@@ -633,7 +677,7 @@ namespace data
 				excludedRouters.insert (excluded);
 				excluded += 32;
 			}	
-			replyMsg = CreateDatabaseSearchReply (buf, GetClosestFloodfill (buf, excludedRouters));
+			replyMsg = CreateDatabaseSearchReply (buf, GetClosestFloodfill (buf, excludedRouters).get ());
 		}
 		else
 			excluded += numExcluded*32; // we don't care about exluded	
@@ -697,9 +741,9 @@ namespace data
 			rnd.GenerateBlock (randomHash, 32);
 			RequestedDestination * dest = CreateRequestedDestination (IdentHash (randomHash), false, true, exploratoryPool);
 			auto floodfill = GetClosestFloodfill (randomHash, dest->GetExcludedPeers ());
-			if (floodfill && !floodfills.count (floodfill)) // request floodfill only once
+			if (floodfill && !floodfills.count (floodfill.get ())) // request floodfill only once
 			{	
-				floodfills.insert (floodfill);
+				floodfills.insert (floodfill.get ());
 				if (throughTunnels)
 				{	
 					msgs.push_back (i2p::tunnel::TunnelMessageBlock 
@@ -787,22 +831,22 @@ namespace data
 			});
 	}	
 	
-	std::shared_ptr<const RouterInfo> NetDb::GetRandomRouter (const RouterInfo * compatibleWith) const
+	std::shared_ptr<const RouterInfo> NetDb::GetRandomRouter (std::shared_ptr<const RouterInfo> compatibleWith) const
 	{
 		return GetRandomRouter (
 			[compatibleWith](std::shared_ptr<const RouterInfo> router)->bool 
 			{ 
-				return !router->IsHidden () && router.get () != compatibleWith && 
+				return !router->IsHidden () && router != compatibleWith && 
 					router->IsCompatible (*compatibleWith); 
 			});
 	}	
 
-	std::shared_ptr<const RouterInfo> NetDb::GetHighBandwidthRandomRouter (const RouterInfo * compatibleWith) const
+	std::shared_ptr<const RouterInfo> NetDb::GetHighBandwidthRandomRouter (std::shared_ptr<const RouterInfo> compatibleWith) const
 	{
 		return GetRandomRouter (
 			[compatibleWith](std::shared_ptr<const RouterInfo> router)->bool 
 			{ 
-				return !router->IsHidden () && router.get () != compatibleWith &&
+				return !router->IsHidden () && router != compatibleWith &&
 					router->IsCompatible (*compatibleWith) && (router->GetCaps () & RouterInfo::eHighBandwidth); 
 			});
 	}	
@@ -815,6 +859,7 @@ namespace data
 		for (int j = 0; j < 2; j++)
 		{	
 			uint32_t i = 0;
+			std::unique_lock<std::mutex> l(m_RouterInfosMutex);
 			for (auto it: m_RouterInfos)
 			{	
 				if (i >= ind)
@@ -836,10 +881,10 @@ namespace data
 		if (msg) m_Queue.Put (msg);	
 	}	
 
-	const RouterInfo * NetDb::GetClosestFloodfill (const IdentHash& destination, 
+	std::shared_ptr<const RouterInfo> NetDb::GetClosestFloodfill (const IdentHash& destination, 
 		const std::set<IdentHash>& excluded) const
 	{
-		RouterInfo * r = nullptr;
+		std::shared_ptr<const RouterInfo> r;
 		XORMetric minMetric;
 		IdentHash destKey = CreateRoutingKey (destination);
 		minMetric.SetMax ();
@@ -852,7 +897,7 @@ namespace data
 				if (m < minMetric)
 				{
 					minMetric = m;
-					r = it.get ();
+					r = it;
 				}
 			}	
 		}	
@@ -873,26 +918,5 @@ namespace data
 				it++;
 		}
 	}
-
-	void NetDb::PublishLeaseSet (const LeaseSet * leaseSet, i2p::tunnel::TunnelPool * pool)
-	{
-		if (!leaseSet || !pool) return;
-		auto outbound = pool->GetNextOutboundTunnel ();
-		if (!outbound)
-		{
-			LogPrint ("Can't publish LeaseSet. No outbound tunnels");
-			return;
-		}
-		std::set<IdentHash> excluded; 
-		auto floodfill = GetClosestFloodfill (leaseSet->GetIdentHash (), excluded);	
-		if (!floodfill)
-		{
-			LogPrint ("Can't publish LeaseSet. No floodfills found");
-			return;
-		}	
-		uint32_t replyToken = i2p::context.GetRandomNumberGenerator ().GenerateWord32 ();
-		auto msg = pool->GetGarlicDestination ().WrapMessage (*floodfill, i2p::CreateDatabaseStoreMsg (leaseSet, replyToken));	
-		outbound->SendTunnelDataMsg (floodfill->GetIdentHash (), 0, msg);		
-	}
 }
 }

NetDb.h

@@ -4,7 +4,7 @@
 #include <inttypes.h>
 #include <set>
 #include <map>
-#include <vector>
+#include <list>
 #include <string>
 #include <thread>
 #include <mutex>
@@ -27,19 +27,19 @@ namespace data
 			RequestedDestination (const IdentHash& destination, bool isLeaseSet, 
 			    bool isExploratory = false, i2p::tunnel::TunnelPool * pool = nullptr):
 				m_Destination (destination), m_IsLeaseSet (isLeaseSet), m_IsExploratory (isExploratory), 
-				m_Pool (pool), m_LastRouter (nullptr), m_CreationTime (0) {};
+				m_Pool (pool), m_CreationTime (0) {};
 			
 			const IdentHash& GetDestination () const { return m_Destination; };
 			int GetNumExcludedPeers () const { return m_ExcludedPeers.size (); };
 			const std::set<IdentHash>& GetExcludedPeers () { return m_ExcludedPeers; };
 			void ClearExcludedPeers ();
-			const RouterInfo * GetLastRouter () const { return m_LastRouter; };
+			std::shared_ptr<const RouterInfo> GetLastRouter () const { return m_LastRouter; };
 			i2p::tunnel::TunnelPool * GetTunnelPool () { return m_Pool; };
 			bool IsExploratory () const { return m_IsExploratory; };
 			bool IsLeaseSet () const { return m_IsLeaseSet; };
 			bool IsExcluded (const IdentHash& ident) const { return m_ExcludedPeers.count (ident); };
 			uint64_t GetCreationTime () const { return m_CreationTime; };
-			I2NPMessage * CreateRequestMessage (const RouterInfo * router, const i2p::tunnel::InboundTunnel * replyTunnel);
+			I2NPMessage * CreateRequestMessage (std::shared_ptr<const RouterInfo>, const i2p::tunnel::InboundTunnel * replyTunnel);
 			I2NPMessage * CreateRequestMessage (const IdentHash& floodfill);
 						
 		private:
@@ -48,7 +48,7 @@ namespace data
 			bool m_IsLeaseSet, m_IsExploratory;
 			i2p::tunnel::TunnelPool * m_Pool;
 			std::set<IdentHash> m_ExcludedPeers;
-			const RouterInfo * m_LastRouter;
+			std::shared_ptr<const RouterInfo> m_LastRouter;
 			uint64_t m_CreationTime;
 	};	
 	
@@ -62,12 +62,12 @@ namespace data
 			void Start ();
 			void Stop ();
 			
+			void AddRouterInfo (const uint8_t * buf, int len);
 			void AddRouterInfo (const IdentHash& ident, const uint8_t * buf, int len);
 			void AddLeaseSet (const IdentHash& ident, const uint8_t * buf, int len, i2p::tunnel::InboundTunnel * from);
-			RouterInfo * FindRouter (const IdentHash& ident) const;
+			std::shared_ptr<RouterInfo> FindRouter (const IdentHash& ident) const;
 			LeaseSet * FindLeaseSet (const IdentHash& destination) const;
 
-			void PublishLeaseSet (const LeaseSet * leaseSet, i2p::tunnel::TunnelPool * pool);
 			void RequestDestination (const IdentHash& destination, bool isLeaseSet = false, 
 				i2p::tunnel::TunnelPool * pool = nullptr);			
 			
@@ -76,8 +76,9 @@ namespace data
 			void HandleDatabaseLookupMsg (I2NPMessage * msg);			
 
 			std::shared_ptr<const RouterInfo> GetRandomRouter () const;
-			std::shared_ptr<const RouterInfo> GetRandomRouter (const RouterInfo * compatibleWith) const;
+			std::shared_ptr<const RouterInfo> GetRandomRouter (std::shared_ptr<const RouterInfo> compatibleWith) const;
-			std::shared_ptr<const RouterInfo> GetHighBandwidthRandomRouter (const RouterInfo * compatibleWith) const;
+			std::shared_ptr<const RouterInfo> GetHighBandwidthRandomRouter (std::shared_ptr<const RouterInfo> compatibleWith) const;
+			std::shared_ptr<const RouterInfo> GetClosestFloodfill (const IdentHash& destination, const std::set<IdentHash>& excluded) const;
 			void SetUnreachable (const IdentHash& ident, bool unreachable);			
 
 			void PostI2NPMsg (I2NPMessage * msg);
@@ -95,7 +96,6 @@ namespace data
 			void Run (); // exploratory thread
 			void Explore (int numDestinations);
 			void Publish ();
-			const RouterInfo * GetClosestFloodfill (const IdentHash& destination, const std::set<IdentHash>& excluded) const;
 			void ManageLeaseSets ();
 
 			RequestedDestination * CreateRequestedDestination (const IdentHash& dest, 
@@ -109,14 +109,14 @@ namespace data
 		private:
 
 			std::map<IdentHash, LeaseSet *> m_LeaseSets;
+			mutable std::mutex m_RouterInfosMutex;
 			std::map<IdentHash, std::shared_ptr<RouterInfo> > m_RouterInfos;
 			mutable std::mutex m_FloodfillsMutex;
-			std::vector<std::shared_ptr<RouterInfo> > m_Floodfills;
+			std::list<std::shared_ptr<RouterInfo> > m_Floodfills;
 			std::mutex m_RequestedDestinationsMutex;
 			std::map<IdentHash, RequestedDestination *> m_RequestedDestinations;
 			
 			bool m_IsRunning;
-			int m_ReseedRetries;
 			std::thread * m_Thread;	
 			i2p::util::Queue<I2NPMessage> m_Queue; // of I2NPDatabaseStoreMsg
 

Queue.h

@@ -142,8 +142,8 @@ namespace util
 		private:
 			
 			volatile bool m_IsRunning;
-			std::thread m_Thread;	
 			OnEmpty m_OnEmpty;
+			std::thread m_Thread;	
 	};	
 }		
 }	

README.md

@@ -48,8 +48,8 @@ This should resulting in for example:
 http://localhost:7070/4oes3rlgrpbkmzv4lqcfili23h3cvpwslqcfjlk6vvguxyggspwa.b32.i2p
 
 
-Options
+Cmdline options
--------
+---------------
 
 * --host=               - The external IP
 * --port=               - The port to listen on
@@ -64,8 +64,22 @@ Options
 * --ircport=            - The local port of IRC tunnel to listen on. 6668 by default
 * --ircdest=            - I2P destination address of IRC server. For example irc.postman.i2p
 * --irckeys=            - optional keys file for local destination
-* --eepkeys=            - File name containing destination keys. For example privKeys.dat
+* --eepkeys=            - File name containing destination keys, for example privKeys.dat.
+                          The file will be created if it does not already exist (issue #110).
 * --eephost=            - Address incoming trafic forward to. 127.0.0.1 by default
 * --eepport=            - Port incoming trafic forward to. 80 by default
 * --samport=            - Port of SAM bridge. Usually 7656. SAM is off if not specified
+* --bobport=            - Port of BOB command channel. Usually 2827. BOB is off if not specified
+* --conf=               - Config file (default: ~/.i2pd/i2p.conf or /var/lib/i2pd/i2p.conf)
+                          This parameter will be silently ignored if the specified config file does not exist.
+                          Options specified on the command line take precedence over those in the config file.
 
+Config file
+-----------
+
+INI-like, syntax is the following : <key> = <value>.
+All command-line parameters are allowed as keys, for example:
+
+	log = 1
+	v6 = 0
+	ircdest = irc.postman.i2p

Reseed.cpp

@@ -1,11 +1,19 @@
-#include <iostream>
+#include <string.h>
 #include <fstream>
+#include <sstream>
 #include <boost/regex.hpp>
 #include <boost/filesystem.hpp>
-#include <cryptopp/gzip.h>
+#include <cryptopp/osrng.h>
+#include <cryptopp/asn.h>
+#include <cryptopp/base64.h>
+#include <cryptopp/crc.h>
+#include <cryptopp/zinflate.h>
 #include "I2PEndian.h"
 #include "Reseed.h"
 #include "Log.h"
+#include "Identity.h"
+#include "CryptoConst.h"
+#include "NetDb.h"
 #include "util.h"
 
 
@@ -121,59 +129,374 @@ namespace data
 		return false;
 	}	
 
-	void ProcessSU3File (const char * filename)
+	int Reseeder::ReseedNowSU3 ()
 	{
-		static uint32_t headerSignature = htole32 (0x04044B50);
+		CryptoPP::AutoSeededRandomPool rnd;
+		auto ind = rnd.GenerateWord32 (0, httpReseedHostList.size() - 1);
+		std::string reseedHost = httpReseedHostList[ind];
+		return ReseedFromSU3 (reseedHost);
+	}
 
+	int Reseeder::ReseedFromSU3 (const std::string& host)
+	{
+		std::string url = host + "i2pseeds.su3";
+		LogPrint (eLogInfo, "Dowloading SU3 from ", host);
+		std::string su3 = i2p::util::http::httpRequest (url);
+		if (su3.length () > 0)
+		{
+			std::stringstream s(su3);
+			return ProcessSU3Stream (s);
+		}
+		else
+		{
+			LogPrint (eLogWarning, "SU3 download failed");
+			return 0;
+		}
+	}
+	
+	int Reseeder::ProcessSU3File (const char * filename)
+	{
 		std::ifstream s(filename, std::ifstream::binary);
 		if (s.is_open ())	
-		{	
+			return ProcessSU3Stream (s);
-			while (!s.eof ())
+		else
+		{
+			LogPrint (eLogError, "Can't open file ", filename);
+			return 0;
+		}
+	}
+
+	const char SU3_MAGIC_NUMBER[]="I2Psu3";	
+	const uint32_t ZIP_HEADER_SIGNATURE = 0x04034B50;
+	const uint32_t ZIP_CENTRAL_DIRECTORY_HEADER_SIGNATURE = 0x02014B50;	
+	const uint16_t ZIP_BIT_FLAG_DATA_DESCRIPTOR = 0x0008;	
+	int Reseeder::ProcessSU3Stream (std::istream& s)
+	{
+		char magicNumber[7];
+		s.read (magicNumber, 7); // magic number and zero byte 6
+		if (strcmp (magicNumber, SU3_MAGIC_NUMBER))
+		{
+			LogPrint (eLogError, "Unexpected SU3 magic number");	
+			return 0;
+		}			
+		s.seekg (1, std::ios::cur); // su3 file format version
+		SigningKeyType signatureType;
+		s.read ((char *)&signatureType, 2);  // signature type
+		signatureType = be16toh (signatureType);
+		uint16_t signatureLength;
+		s.read ((char *)&signatureLength, 2);  // signature length
+		signatureLength = be16toh (signatureLength);
+		s.seekg (1, std::ios::cur); // unused
+		uint8_t versionLength;
+		s.read ((char *)&versionLength, 1);  // version length	
+		s.seekg (1, std::ios::cur); // unused
+		uint8_t signerIDLength;
+		s.read ((char *)&signerIDLength, 1);  // signer ID length	
+		uint64_t contentLength;
+		s.read ((char *)&contentLength, 8);  // content length	
+		contentLength = be64toh (contentLength);
+		s.seekg (1, std::ios::cur); // unused
+		uint8_t fileType;
+		s.read ((char *)&fileType, 1);  // file type	
+		if (fileType != 0x00) //  zip file
+		{
+			LogPrint (eLogError, "Can't handle file type ", (int)fileType);	
+			return 0;
+		}
+		s.seekg (1, std::ios::cur); // unused
+		uint8_t contentType;
+		s.read ((char *)&contentType, 1);  // content type	
+		if (contentType != 0x03) // reseed data
+		{
+			LogPrint (eLogError, "Unexpected content type ", (int)contentType);	
+			return 0;
+		}
+		s.seekg (12, std::ios::cur); // unused
+
+		s.seekg (versionLength, std::ios::cur); // skip version
+		char signerID[256];
+		s.read (signerID, signerIDLength); // signerID
+		signerID[signerIDLength] = 0;
+		
+		//try to verify signature
+		auto it = m_SigningKeys.find (signerID);
+		if (it != m_SigningKeys.end ())
+		{
+			// TODO: implement all signature types
+			if (signatureType == SIGNING_KEY_TYPE_RSA_SHA512_4096)
 			{
-				uint32_t signature;
+				size_t pos = s.tellg ();
-				s.read ((char *)&signature, 4);
+				size_t tbsLen = pos + contentLength;
-				if (signature == headerSignature)
+				uint8_t * tbs = new uint8_t[tbsLen];
+				s.seekg (0, std::ios::beg);
+				s.read ((char *)tbs, tbsLen);
+				uint8_t * signature = new uint8_t[signatureLength];
+				s.read ((char *)signature, signatureLength);
+				// RSA-raw
+				i2p::crypto::RSASHA5124096RawVerifier verifier(it->second);
+				verifier.Update (tbs, tbsLen);
+				if (!verifier.Verify (signature))
+					LogPrint (eLogWarning, "SU3 signature verification failed");
+				delete[] signature;
+				delete[] tbs;
+				s.seekg (pos, std::ios::beg);
+			}
+			else
+				LogPrint (eLogWarning, "Signature type ", signatureType, " is not supported");
+		}
+		else
+			LogPrint (eLogWarning, "Certificate for ", signerID, " not loaded");
+		
+		// handle content
+		int numFiles = 0;
+		size_t contentPos = s.tellg ();
+		while (!s.eof ())
+		{	
+			uint32_t signature;
+			s.read ((char *)&signature, 4);
+			signature = le32toh (signature);
+			if (signature == ZIP_HEADER_SIGNATURE)
+			{
+				// next local file
+				s.seekg (2, std::ios::cur); // version
+				uint16_t bitFlag;
+				s.read ((char *)&bitFlag, 2);	
+				bitFlag = le16toh (bitFlag);
+				uint16_t compressionMethod;
+				s.read ((char *)&compressionMethod, 2);	
+				compressionMethod = le16toh (compressionMethod);
+				s.seekg (4, std::ios::cur); // skip fields we don't care about
+				uint32_t crc32, compressedSize, uncompressedSize; 
+				s.read ((char *)&crc32, 4);	
+				crc32 = le32toh (crc32);	
+				s.read ((char *)&compressedSize, 4);	
+				compressedSize = le32toh (compressedSize);	
+				s.read ((char *)&uncompressedSize, 4);
+				uncompressedSize = le32toh (uncompressedSize);	
+				uint16_t fileNameLength, extraFieldLength; 
+				s.read ((char *)&fileNameLength, 2);	
+				fileNameLength = le16toh (fileNameLength);
+				s.read ((char *)&extraFieldLength, 2);
+				extraFieldLength = le16toh (extraFieldLength);
+				char localFileName[255];
+				s.read (localFileName, fileNameLength);
+				localFileName[fileNameLength] = 0;
+				s.seekg (extraFieldLength, std::ios::cur);
+				// take care about data desriptor if presented
+				if (bitFlag & ZIP_BIT_FLAG_DATA_DESCRIPTOR)
 				{
-					// next local file
+					size_t pos = s.tellg ();
-					s.seekg (14, std::ios::cur); // skip field we don't care about
+					if (!FindZipDataDescriptor (s))
-					uint32_t compressedSize, uncompressedSize; 
+					{
+						LogPrint (eLogError, "SU3 archive data descriptor not found");
+						return numFiles;
+					}								
+	
+					s.read ((char *)&crc32, 4);	
+					crc32 = le32toh (crc32);
 					s.read ((char *)&compressedSize, 4);	
-					compressedSize = le32toh (compressedSize);	
+					compressedSize = le32toh (compressedSize) + 4; // ??? we must consider signature as part of compressed data
 					s.read ((char *)&uncompressedSize, 4);
 					uncompressedSize = le32toh (uncompressedSize);	
-					uint16_t fileNameLength, extraFieldLength; 
-					s.read ((char *)&fileNameLength, 2);	
-					fileNameLength = le32toh (fileNameLength);
-					s.read ((char *)&extraFieldLength, 2);
-					extraFieldLength = le32toh (extraFieldLength);
-					char localFileName[255];
-					s.read (localFileName, fileNameLength);
-					localFileName[fileNameLength] = 0;
-					s.seekg (extraFieldLength, std::ios::cur);
 
-					uint8_t * compressed = new uint8_t[compressedSize];
+					// now we know compressed and uncompressed size
-					s.read ((char *)compressed, compressedSize);
+					s.seekg (pos, std::ios::beg); // back to compressed data
-					CryptoPP::Gunzip decompressor;
+				}
-					decompressor.Put (compressed, compressedSize);
+
-					delete[] compressed;	
+				LogPrint (eLogDebug, "Proccessing file ", localFileName, " ", compressedSize, " bytes");
+				if (!compressedSize)
+				{
+					LogPrint (eLogWarning, "Unexpected size 0. Skipped");
+					continue;
+				}	
+				
+				uint8_t * compressed = new uint8_t[compressedSize];
+				s.read ((char *)compressed, compressedSize);
+				if (compressionMethod) // we assume Deflate
+				{
+					CryptoPP::Inflator decompressor;
+					decompressor.Put (compressed, compressedSize);	
+					decompressor.MessageEnd();
 					if (decompressor.MaxRetrievable () <= uncompressedSize)
 					{
 						uint8_t * uncompressed = new uint8_t[uncompressedSize];	
-						decompressor.Get (uncompressed, decompressor.MaxRetrievable ());	
+						decompressor.Get (uncompressed, uncompressedSize);	
-						// TODO: save file		
+						if (CryptoPP::CRC32().VerifyDigest ((uint8_t *)&crc32, uncompressed, uncompressedSize))
+						{
+							i2p::data::netdb.AddRouterInfo (uncompressed, uncompressedSize);
+							numFiles++;
+						}
+						else
+							LogPrint (eLogError, "CRC32 verification failed");
 						delete[] uncompressed;
 					}
 					else
 						LogPrint (eLogError, "Actual uncompressed size ", decompressor.MaxRetrievable (), " exceed ", uncompressedSize, " from header");
-				}
+				}	
-				else
+				else // no compression
-					break; // no more files
+				{
+					i2p::data::netdb.AddRouterInfo (compressed, compressedSize);
+					numFiles++;
+				}	
+				delete[] compressed;
+				if (bitFlag & ZIP_BIT_FLAG_DATA_DESCRIPTOR)
+					s.seekg (12, std::ios::cur); // skip data descriptor section if presented (12 = 16 - 4)
 			}
+			else
+			{
+				if (signature != ZIP_CENTRAL_DIRECTORY_HEADER_SIGNATURE)
+					LogPrint (eLogWarning, "Missing zip central directory header");
+				break; // no more files
+			}
+			size_t end = s.tellg ();
+			if (end - contentPos >= contentLength)
+				break; // we are beyond contentLength
 		}
-		else
+		return numFiles;
-			LogPrint (eLogError, "Can't open file ", filename);
 	}
 
+	const uint8_t ZIP_DATA_DESCRIPTOR_SIGNATURE[] = { 0x50, 0x4B, 0x07, 0x08 };	
+	bool Reseeder::FindZipDataDescriptor (std::istream& s)
+	{
+		size_t nextInd = 0;	
+		while (!s.eof ())
+		{
+			uint8_t nextByte;
+			s.read ((char *)&nextByte, 1);
+			if (nextByte == ZIP_DATA_DESCRIPTOR_SIGNATURE[nextInd])	
+			{
+				nextInd++;
+				if (nextInd >= sizeof (ZIP_DATA_DESCRIPTOR_SIGNATURE))
+					return true;
+			}
+			else
+				nextInd = 0;
+		}
+		return s;
+	}
+
+	const char CERTIFICATE_HEADER[] = "-----BEGIN CERTIFICATE-----";
+	const char CERTIFICATE_FOOTER[] = "-----END CERTIFICATE-----";
+	void Reseeder::LoadCertificate (const std::string& filename)
+	{
+		std::ifstream s(filename, std::ifstream::binary);
+		if (s.is_open ())	
+		{
+			s.seekg (0, std::ios::end);
+			size_t len = s.tellg ();
+			s.seekg (0, std::ios::beg);
+			char buf[2048];
+			s.read (buf, len);
+			std::string cert (buf, len);
+			// assume file in pem format
+			auto pos1 = cert.find (CERTIFICATE_HEADER);	
+			auto pos2 = cert.find (CERTIFICATE_FOOTER);	
+			if (pos1 == std::string::npos || pos2 == std::string::npos)
+			{
+				LogPrint (eLogError, "Malformed certificate file");
+				return;
+			}	
+			pos1 += strlen (CERTIFICATE_HEADER);
+			pos2 -= pos1;
+			std::string base64 = cert.substr (pos1, pos2);
+
+			CryptoPP::ByteQueue queue;
+			CryptoPP::Base64Decoder decoder; // regular base64 rather than I2P 
+			decoder.Attach (new CryptoPP::Redirector (queue));
+			decoder.Put ((const uint8_t *)base64.data(), base64.length());
+			decoder.MessageEnd ();
+
+			// extract X.509
+			CryptoPP::BERSequenceDecoder x509Cert (queue);
+			CryptoPP::BERSequenceDecoder tbsCert (x509Cert);
+			// version
+			uint32_t ver;
+			CryptoPP::BERGeneralDecoder context (tbsCert, CryptoPP::CONTEXT_SPECIFIC | CryptoPP::CONSTRUCTED);
+			CryptoPP::BERDecodeUnsigned<uint32_t>(context, ver, CryptoPP::INTEGER);
+			// serial
+			CryptoPP::Integer serial;
+       		serial.BERDecode(tbsCert);	
+			// signature
+			CryptoPP::BERSequenceDecoder signature (tbsCert);
+       		signature.SkipAll();
+			
+			// issuer
+			std::string name;
+			CryptoPP::BERSequenceDecoder issuer (tbsCert);
+			{
+				CryptoPP::BERSetDecoder c (issuer);	c.SkipAll();
+				CryptoPP::BERSetDecoder st (issuer); st.SkipAll();
+				CryptoPP::BERSetDecoder l (issuer); l.SkipAll();
+				CryptoPP::BERSetDecoder o (issuer); o.SkipAll();
+				CryptoPP::BERSetDecoder ou (issuer); ou.SkipAll();
+				CryptoPP::BERSetDecoder cn (issuer);
+				{		
+					CryptoPP::BERSequenceDecoder attributes (cn);
+					{			
+						CryptoPP::BERGeneralDecoder ident(attributes, CryptoPP::OBJECT_IDENTIFIER);
+						ident.SkipAll ();
+						CryptoPP::BERDecodeTextString (attributes, name, CryptoPP::UTF8_STRING);
+					}	
+				}	
+			}	
+       		issuer.SkipAll();
+			// validity
+			CryptoPP::BERSequenceDecoder validity (tbsCert);
+       		validity.SkipAll();
+			// subject
+			CryptoPP::BERSequenceDecoder subject (tbsCert);
+       		subject.SkipAll();
+			// public key
+			CryptoPP::BERSequenceDecoder publicKey (tbsCert);
+			{			
+				CryptoPP::BERSequenceDecoder ident (publicKey);
+				ident.SkipAll ();
+				CryptoPP::BERGeneralDecoder key (publicKey, CryptoPP::BIT_STRING);
+				key.Skip (1); // FIXME: probably bug in crypto++
+				CryptoPP::BERSequenceDecoder keyPair (key);
+				CryptoPP::Integer n;
+       			n.BERDecode (keyPair);
+				if (name.length () > 0) 
+				{	
+					PublicKey value;
+					n.Encode (value, 512);
+					m_SigningKeys[name] = value;
+				}		
+				else
+					LogPrint (eLogWarning, "Unknown issuer. Skipped");
+			}	
+       		publicKey.SkipAll();
+			
+			tbsCert.SkipAll();
+			x509Cert.SkipAll();
+		}
+		else
+			LogPrint (eLogError, "Can't open certificate file ", filename);
+	}
+
+	void Reseeder::LoadCertificates ()
+	{
+		boost::filesystem::path reseedDir = i2p::util::filesystem::GetCertificatesDir() / "reseed";
+		
+		if (!boost::filesystem::exists (reseedDir))
+		{
+			LogPrint (eLogWarning, "Reseed certificates not loaded. ", reseedDir, " doesn't exist");
+			return;
+		}
+
+		int numCertificates = 0;
+		boost::filesystem::directory_iterator end; // empty
+		for (boost::filesystem::directory_iterator it (reseedDir); it != end; ++it)
+		{
+			if (boost::filesystem::is_regular_file (it->status()) && it->path ().extension () == ".crt")
+			{	
+				LoadCertificate (it->path ().string ());
+				numCertificates++;
+			}	
+		}	
+		LogPrint (eLogInfo, numCertificates, " certificates loaded");
+	}	
+	
 }
 }
 

Reseed.h

@@ -1,8 +1,11 @@
 #ifndef RESEED_H
 #define RESEED_H
 
+#include <iostream>
 #include <string>
 #include <vector>
+#include <map>
+#include "Identity.h"
 
 namespace i2p
 {
@@ -11,13 +14,31 @@ namespace data
 
 	class Reseeder
 	{
+		typedef Tag<512> PublicKey;	
+		
 		public:
+		
 			Reseeder();
 			~Reseeder();
-			bool reseedNow();
+			bool reseedNow(); // depreacted
-	};
+			int ReseedNowSU3 ();
 
-	void ProcessSU3File (const char * filename);	
+			void LoadCertificates ();
+		
+		private:
+
+			void LoadCertificate (const std::string& filename);
+			
+			int ReseedFromSU3 (const std::string& host);
+			int ProcessSU3File (const char * filename);	
+			int ProcessSU3Stream (std::istream& s);	
+
+			bool FindZipDataDescriptor (std::istream& s);
+
+		private:	
+
+			std::map<std::string, PublicKey> m_SigningKeys;
+	};
 }
 }
 

RouterInfo.cpp

@@ -101,8 +101,12 @@ namespace data
 		{	
 			// verify signature
 			int l = m_BufferLen - m_RouterIdentity.GetSignatureLen ();
-			if (!m_RouterIdentity.Verify ((uint8_t *)m_Buffer, l, (uint8_t *)m_Buffer + l))	
+			if (!m_RouterIdentity.Verify ((uint8_t *)m_Buffer, l, (uint8_t *)m_Buffer + l))
-				LogPrint (eLogError, "signature verification failed");
+			{	
+				LogPrint (eLogError, "signature verification failed");	
+				m_IsUnreachable = true;
+			}
+			m_RouterIdentity.DropVerifier ();
 		}	
 	}	
 	

SAM.cpp

@@ -3,7 +3,7 @@
 #ifdef _MSC_VER
 #include <stdlib.h>
 #endif
-#include <boost/bind.hpp>
+#include <boost/lexical_cast.hpp>
 #include "base64.h"
 #include "Identity.h"
 #include "Log.h"
@@ -25,22 +25,22 @@ namespace client
 
 	SAMSocket::~SAMSocket ()
 	{
-		if (m_Stream)
+		Terminate ();
-		{
-			m_Stream->Close ();
-			i2p::stream::DeleteStream (m_Stream);
-			m_Stream = nullptr;
-		}
 	}	
 
-	void SAMSocket::Terminate ()
+	void SAMSocket::CloseStream ()
 	{
 		if (m_Stream)
-		{
+		{	
 			m_Stream->Close ();
-			i2p::stream::DeleteStream (m_Stream);
+			m_Stream.reset ();
-			m_Stream = nullptr;
+		}	
-		}
+	}	
+		
+	void SAMSocket::Terminate ()
+	{
+		CloseStream ();
+		
 		switch (m_SocketType)
 		{
 			case eSAMSocketTypeSession:
@@ -49,14 +49,14 @@ namespace client
 			case eSAMSocketTypeStream:
 			{
 				if (m_Session)
-					m_Session->sockets.remove (this);
+					m_Session->sockets.remove (shared_from_this ());
 				break;
 			}
 			case eSAMSocketTypeAcceptor:
 			{
 				if (m_Session)
 				{
-					m_Session->sockets.remove (this);
+					m_Session->sockets.remove (shared_from_this ());
 					m_Session->localDestination->StopAcceptingStreams ();
 				}
 				break;
@@ -64,15 +64,15 @@ namespace client
 			default:
 				;
 		}
+		m_SocketType = eSAMSocketTypeTerminated;
 		m_Socket.close ();
-	//	delete this;
 	}
 
 	void SAMSocket::ReceiveHandshake ()
 	{
 		m_Socket.async_read_some (boost::asio::buffer(m_Buffer, SAM_SOCKET_BUFFER_SIZE),                
-			boost::bind(&SAMSocket::HandleHandshakeReceived, this, 
+			std::bind(&SAMSocket::HandleHandshakeReceived, shared_from_this (), 
-			boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred));
+			std::placeholders::_1, std::placeholders::_2));
 	}
 
 	void SAMSocket::HandleHandshakeReceived (const boost::system::error_code& ecode, std::size_t bytes_transferred)
@@ -87,12 +87,41 @@ namespace client
 		{	
 			m_Buffer[bytes_transferred] = 0;
 			LogPrint ("SAM handshake ", m_Buffer);
-			if (!memcmp (m_Buffer, SAM_HANDSHAKE, strlen (SAM_HANDSHAKE)))
+			char * separator = strchr (m_Buffer, ' ');
+			if (separator)
 			{
-				// TODO: check version
+				separator = strchr (separator + 1, ' ');	
-				boost::asio::async_write (m_Socket, boost::asio::buffer (SAM_HANDSHAKE_REPLY, strlen (SAM_HANDSHAKE_REPLY)), boost::asio::transfer_all (),
+				if (separator) 
-        			boost::bind(&SAMSocket::HandleHandshakeReplySent, this, 
+					*separator = 0;
-					boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred));
+			}
+
+			if (!strcmp (m_Buffer, SAM_HANDSHAKE))
+			{
+				std::string version("3.0");
+				// try to find MIN and MAX, 3.0 if not found
+				if (separator)
+				{
+					separator++;
+					std::map<std::string, std::string> params;
+					ExtractParams (separator, bytes_transferred - (separator - m_Buffer), params);
+					auto it = params.find (SAM_PARAM_MAX);
+					// TODO: check MIN as well
+					if (it != params.end ())
+						version = it->second;
+				}
+				if (version[0] == '3') // we support v3 (3.0 and 3.1) only
+				{
+#ifdef _MSC_VER
+					size_t l = sprintf_s (m_Buffer, SAM_SOCKET_BUFFER_SIZE, SAM_HANDSHAKE_REPLY, version.c_str ());
+#else		
+					size_t l = snprintf (m_Buffer, SAM_SOCKET_BUFFER_SIZE, SAM_HANDSHAKE_REPLY, version.c_str ());
+#endif
+					boost::asio::async_write (m_Socket, boost::asio::buffer (m_Buffer, l), boost::asio::transfer_all (),
+        				std::bind(&SAMSocket::HandleHandshakeReplySent, shared_from_this (), 
+						std::placeholders::_1, std::placeholders::_2));
+				}	
+				else
+					SendMessageReply (SAM_HANDSHAKE_I2P_ERROR, strlen (SAM_HANDSHAKE_I2P_ERROR), true);
 			}
 			else
 			{
@@ -113,8 +142,8 @@ namespace client
 		else
 		{
 			m_Socket.async_read_some (boost::asio::buffer(m_Buffer, SAM_SOCKET_BUFFER_SIZE),                
-				boost::bind(&SAMSocket::HandleMessage, this, 
+				std::bind(&SAMSocket::HandleMessage, shared_from_this (), 
-				boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred));	
+				std::placeholders::_1, std::placeholders::_2));	
 		}	
 	}
 
@@ -122,8 +151,8 @@ namespace client
 	{
 		if (!m_IsSilent || m_SocketType == eSAMSocketTypeAcceptor) 
 			boost::asio::async_write (m_Socket, boost::asio::buffer (msg, len), boost::asio::transfer_all (),
-				boost::bind(&SAMSocket::HandleMessageReplySent, this, 
+				std::bind(&SAMSocket::HandleMessageReplySent, shared_from_this (), 
-				boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred, close));
+				std::placeholders::_1, std::placeholders::_2, close));
 		else
 		{
 			if (close)
@@ -212,14 +241,16 @@ namespace client
 		std::string& style = params[SAM_PARAM_STYLE]; 
 		std::string& id = params[SAM_PARAM_ID];
 		std::string& destination = params[SAM_PARAM_DESTINATION];
-		m_ID = id;
+		m_ID = id; 
 		if (m_Owner.FindSession (id))
 		{
 			// session exists
 			SendMessageReply (SAM_SESSION_CREATE_DUPLICATED_ID, strlen(SAM_SESSION_CREATE_DUPLICATED_ID), true);
 			return;
 		}
-		m_Session = m_Owner.CreateSession (id, destination == SAM_VALUE_TRANSIENT ? "" : destination); 
+
+		// create destination	
+		m_Session = m_Owner.CreateSession (id, destination == SAM_VALUE_TRANSIENT ? "" : destination, &params); 
 		if (m_Session)
 		{
 			m_SocketType = eSAMSocketTypeSession;
@@ -228,7 +259,7 @@ namespace client
 				if (style == SAM_VALUE_DATAGRAM)
 				{
 					auto dest = m_Session->localDestination->CreateDatagramDestination ();
-					dest->SetReceiver (std::bind (&SAMSocket::HandleI2PDatagramReceive, this, 
+					dest->SetReceiver (std::bind (&SAMSocket::HandleI2PDatagramReceive, shared_from_this (), 
 						std::placeholders::_1, std::placeholders::_2, std::placeholders::_3));
 				}
 				SendSessionCreateReplyOk ();
@@ -236,8 +267,8 @@ namespace client
 			else
 			{
 				m_Timer.expires_from_now (boost::posix_time::seconds(SAM_SESSION_READINESS_CHECK_INTERVAL));
-				m_Timer.async_wait (boost::bind (&SAMSocket::HandleSessionReadinessCheckTimer,
+				m_Timer.async_wait (std::bind (&SAMSocket::HandleSessionReadinessCheckTimer,
-					this, boost::asio::placeholders::error));	
+					shared_from_this (), std::placeholders::_1));	
 			}
 		}
 		else
@@ -253,8 +284,8 @@ namespace client
 			else
 			{
 				m_Timer.expires_from_now (boost::posix_time::seconds(SAM_SESSION_READINESS_CHECK_INTERVAL));
-				m_Timer.async_wait (boost::bind (&SAMSocket::HandleSessionReadinessCheckTimer,
+				m_Timer.async_wait (std::bind (&SAMSocket::HandleSessionReadinessCheckTimer,
-					this, boost::asio::placeholders::error));
+					shared_from_this (), std::placeholders::_1));
 			}	
 		}
 	}
@@ -287,10 +318,9 @@ namespace client
 		m_Session = m_Owner.FindSession (id);
 		if (m_Session)
 		{
-			uint8_t ident[1024];
-			size_t l = i2p::data::Base64ToByteStream (destination.c_str (), destination.length (), ident, 1024);
 			i2p::data::IdentityEx dest;
-			dest.FromBuffer (ident, l);
+			dest.FromBase64 (destination);
+			context.GetAddressBook ().InsertAddress (dest);
 			auto leaseSet = i2p::data::netdb.FindLeaseSet (dest.GetIdentHash ());
 			if (leaseSet)
 				Connect (*leaseSet);
@@ -298,8 +328,8 @@ namespace client
 			{
 				i2p::data::netdb.RequestDestination (dest.GetIdentHash (), true, m_Session->localDestination->GetTunnelPool ());
 				m_Timer.expires_from_now (boost::posix_time::seconds(SAM_CONNECT_TIMEOUT));
-				m_Timer.async_wait (boost::bind (&SAMSocket::HandleStreamDestinationRequestTimer,
+				m_Timer.async_wait (std::bind (&SAMSocket::HandleStreamDestinationRequestTimer,
-					this, boost::asio::placeholders::error, dest.GetIdentHash ()));	
+					shared_from_this (), std::placeholders::_1, dest.GetIdentHash ()));	
 			}
 		}
 		else	
@@ -309,7 +339,7 @@ namespace client
 	void SAMSocket::Connect (const i2p::data::LeaseSet& remote)
 	{
 		m_SocketType = eSAMSocketTypeStream;
-		m_Session->sockets.push_back (this);
+		m_Session->sockets.push_back (shared_from_this ());
 		m_Stream = m_Session->localDestination->CreateStream (remote);
 		m_Stream->Send ((uint8_t *)m_Buffer, 0); // connect
 		I2PReceive ();			
@@ -331,26 +361,6 @@ namespace client
 		}
 	}
 
-	void SAMSocket::HandleNamingLookupDestinationRequestTimer (const boost::system::error_code& ecode, i2p::data::IdentHash ident)
-	{
-		if (!ecode) // timeout expired
-		{
-			auto leaseSet = m_Session->localDestination->FindLeaseSet (ident);
-			if (leaseSet)
-				SendNamingLookupReply (leaseSet);
-			else
-			{
-				LogPrint ("SAM name destination not found");
-#ifdef _MSC_VER
-				size_t len = sprintf_s (m_Buffer, SAM_SOCKET_BUFFER_SIZE, SAM_NAMING_REPLY_KEY_NOT_FOUND, (ident.ToBase32 () + ".b32.i2p").c_str ());
-#else
-				size_t len = snprintf (m_Buffer, SAM_SOCKET_BUFFER_SIZE, SAM_NAMING_REPLY_KEY_NOT_FOUND, (ident.ToBase32 () + ".b32.i2p").c_str ());
-#endif
-				SendMessageReply (m_Buffer, len, false);
-			}
-		}
-	}
-
 	void SAMSocket::ProcessStreamAccept (char * buf, size_t len)
 	{
 		LogPrint ("SAM stream accept: ", buf);
@@ -366,8 +376,8 @@ namespace client
 			if (!m_Session->localDestination->IsAcceptingStreams ())
 			{
 				m_SocketType = eSAMSocketTypeAcceptor;
-				m_Session->sockets.push_back (this);
+				m_Session->sockets.push_back (shared_from_this ());
-				m_Session->localDestination->AcceptStreams (std::bind (&SAMSocket::HandleI2PAccept, this, std::placeholders::_1));
+				m_Session->localDestination->AcceptStreams (std::bind (&SAMSocket::HandleI2PAccept, shared_from_this (), std::placeholders::_1));
 				SendMessageReply (SAM_STREAM_STATUS_OK, strlen(SAM_STREAM_STATUS_OK), false);
 			}
 			else
@@ -383,19 +393,12 @@ namespace client
 		auto localDestination = i2p::client::context.CreateNewLocalDestination ();
 		if (localDestination)
 		{
-			uint8_t buf[1024];
+			auto priv = localDestination->GetPrivateKeys ().ToBase64 ();
-			char priv[1024], pub[1024];
+			auto pub = localDestination->GetIdentity ().ToBase64 ();
-			size_t l = localDestination->GetPrivateKeys ().ToBuffer (buf, 1024);
-			size_t l1 = i2p::data::ByteStreamToBase64 (buf, l, priv, 1024);
-			priv[l1] = 0;
-
-			l = localDestination->GetIdentity ().ToBuffer (buf, 1024);
-			l1 = i2p::data::ByteStreamToBase64 (buf, l, pub, 1024);
-			pub[l1] = 0;
 #ifdef _MSC_VER
-			size_t len = sprintf_s (m_Buffer, SAM_SOCKET_BUFFER_SIZE, SAM_DEST_REPLY, pub, priv);	
+			size_t len = sprintf_s (m_Buffer, SAM_SOCKET_BUFFER_SIZE, SAM_DEST_REPLY, pub.c_str (), priv.c_str ());	
 #else			                        
-			size_t len = snprintf (m_Buffer, SAM_SOCKET_BUFFER_SIZE, SAM_DEST_REPLY, pub, priv);
+			size_t len = snprintf (m_Buffer, SAM_SOCKET_BUFFER_SIZE, SAM_DEST_REPLY, pub.c_str (), priv.c_str ());
 #endif
 			SendMessageReply (m_Buffer, len, true);
 		}
@@ -410,22 +413,12 @@ namespace client
 		ExtractParams (buf, len, params);
 		std::string& name = params[SAM_PARAM_NAME];
 		i2p::data::IdentHash ident;
+		i2p::data::IdentityEx identity;
 		if (name == "ME")
 			SendNamingLookupReply (nullptr);
-		else if (m_Session && context.GetAddressBook ().GetIdentHash (name, ident))
+		else if (context.GetAddressBook ().GetAddress (name, identity))
-		{
+			SendNamingLookupReply (identity);
-			auto leaseSet = m_Session->localDestination->FindLeaseSet (ident);
+		else 
-			if (leaseSet)
-				SendNamingLookupReply (leaseSet);
-			else
-			{
-				i2p::data::netdb.RequestDestination (ident, true, m_Session->localDestination->GetTunnelPool ());
-				m_Timer.expires_from_now (boost::posix_time::seconds(SAM_NAMING_LOOKUP_TIMEOUT));
-				m_Timer.async_wait (boost::bind (&SAMSocket::HandleNamingLookupDestinationRequestTimer,
-					this, boost::asio::placeholders::error, ident));
-			}	
-		}
-		else
 		{
 #ifdef _MSC_VER
 			size_t len = sprintf_s (m_Buffer, SAM_SOCKET_BUFFER_SIZE, SAM_NAMING_REPLY_INVALID_KEY, name.c_str());
@@ -438,18 +431,22 @@ namespace client
 
 	void SAMSocket::SendNamingLookupReply (const i2p::data::LeaseSet * leaseSet)
 	{
-		uint8_t buf[1024];
-		char pub[1024];
 		const i2p::data::IdentityEx& identity = leaseSet ? leaseSet->GetIdentity () : m_Session->localDestination->GetIdentity ();
-		size_t l = identity.ToBuffer (buf, 1024);
+		if (leaseSet)
-		size_t l1 = i2p::data::ByteStreamToBase64 (buf, l, pub, 1024);
+			// we found LeaseSet for our address, store it to addressbook
-		pub[l1] = 0;
+			context.GetAddressBook ().InsertAddress (identity);
+		SendNamingLookupReply (identity);
+	}
+
+	void SAMSocket::SendNamingLookupReply (const i2p::data::IdentityEx& identity)
+	{
+		auto base64 = identity.ToBase64 ();
 #ifdef _MSC_VER
-		size_t l2 = sprintf_s (m_Buffer, SAM_SOCKET_BUFFER_SIZE, SAM_NAMING_REPLY, pub); 	
+		size_t l = sprintf_s (m_Buffer, SAM_SOCKET_BUFFER_SIZE, SAM_NAMING_REPLY, base64.c_str ()); 	
 #else			
-		size_t l2 = snprintf (m_Buffer, SAM_SOCKET_BUFFER_SIZE, SAM_NAMING_REPLY, pub);
+		size_t l = snprintf (m_Buffer, SAM_SOCKET_BUFFER_SIZE, SAM_NAMING_REPLY, base64.c_str ());
 #endif
-		SendMessageReply (m_Buffer, l2, false);
+		SendMessageReply (m_Buffer, l, false);
 	}
 
 	void SAMSocket::ExtractParams (char * buf, size_t len, std::map<std::string, std::string>& params)
@@ -474,8 +471,8 @@ namespace client
 	void SAMSocket::Receive ()
 	{
 		m_Socket.async_read_some (boost::asio::buffer(m_Buffer, SAM_SOCKET_BUFFER_SIZE),                
-			boost::bind((m_SocketType == eSAMSocketTypeSession) ? &SAMSocket::HandleMessage : &SAMSocket::HandleReceived,
+			std::bind((m_SocketType == eSAMSocketTypeSession) ? &SAMSocket::HandleMessage : &SAMSocket::HandleReceived,
-			this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred));
+			shared_from_this (), std::placeholders::_1, std::placeholders::_2));
 	}
 
 	void SAMSocket::HandleReceived (const boost::system::error_code& ecode, std::size_t bytes_transferred)
@@ -498,8 +495,8 @@ namespace client
 	{
 		if (m_Stream)
 			m_Stream->AsyncReceive (boost::asio::buffer (m_StreamBuffer, SAM_SOCKET_BUFFER_SIZE),
-				boost::bind (&SAMSocket::HandleI2PReceive, this,
+				std::bind (&SAMSocket::HandleI2PReceive, shared_from_this (),
-					boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred),
+					std::placeholders::_1, std::placeholders::_2),
 				SAM_SOCKET_CONNECTION_MAX_IDLE);
 	}	
 
@@ -514,7 +511,7 @@ namespace client
 		else
 		{
 			boost::asio::async_write (m_Socket, boost::asio::buffer (m_StreamBuffer, bytes_transferred),
-        		boost::bind (&SAMSocket::HandleWriteI2PData, this, boost::asio::placeholders::error));
+        		std::bind (&SAMSocket::HandleWriteI2PData, shared_from_this (), std::placeholders::_1));
 		}
 	}
 
@@ -530,12 +527,13 @@ namespace client
 			I2PReceive ();
 	}
 
-	void SAMSocket::HandleI2PAccept (i2p::stream::Stream * stream)
+	void SAMSocket::HandleI2PAccept (std::shared_ptr<i2p::stream::Stream> stream)
 	{
 		if (stream)
 		{
 			LogPrint ("SAM incoming I2P connection for session ", m_ID);
 			m_Stream = stream;
+			context.GetAddressBook ().InsertAddress (stream->GetRemoteIdentity ());
 			auto session = m_Owner.FindSession (m_ID);
 			if (session)	
 				session->localDestination->StopAcceptingStreams ();	
@@ -554,20 +552,17 @@ namespace client
 
 	void SAMSocket::HandleI2PDatagramReceive (const i2p::data::IdentityEx& ident, const uint8_t * buf, size_t len)
 	{
-		uint8_t identBuf[1024];
+		auto base64 = ident.ToBase64 ();
-		size_t l = ident.ToBuffer (identBuf, 1024);
-		size_t l1 = i2p::data::ByteStreamToBase64 (identBuf, l, m_Buffer, SAM_SOCKET_BUFFER_SIZE);
-		m_Buffer[l1] = 0;
 #ifdef _MSC_VER
-		size_t l2 = sprintf_s ((char *)m_StreamBuffer, SAM_SOCKET_BUFFER_SIZE, SAM_DATAGRAM_RECEIVED, m_Buffer, len); 	
+		size_t l = sprintf_s ((char *)m_StreamBuffer, SAM_SOCKET_BUFFER_SIZE, SAM_DATAGRAM_RECEIVED, base64.c_str (), len); 	
 #else			
-		size_t l2 = snprintf ((char *)m_StreamBuffer, SAM_SOCKET_BUFFER_SIZE, SAM_DATAGRAM_RECEIVED, m_Buffer, len); 	
+		size_t l = snprintf ((char *)m_StreamBuffer, SAM_SOCKET_BUFFER_SIZE, SAM_DATAGRAM_RECEIVED, base64.c_str (), len); 	
 #endif
-		if (len < SAM_SOCKET_BUFFER_SIZE - l2)	
+		if (len < SAM_SOCKET_BUFFER_SIZE - l)	
 		{	
-			memcpy (m_StreamBuffer + l2, buf, len);
+			memcpy (m_StreamBuffer + l, buf, len);
-			boost::asio::async_write (m_Socket, boost::asio::buffer (m_StreamBuffer, len + l2),
+			boost::asio::async_write (m_Socket, boost::asio::buffer (m_StreamBuffer, len + l),
-        		boost::bind (&SAMSocket::HandleWriteI2PData, this, boost::asio::placeholders::error));
+        		std::bind (&SAMSocket::HandleWriteI2PData, shared_from_this (), std::placeholders::_1));
 		}
 		else
 			LogPrint (eLogWarning, "Datagram size ", len," exceeds buffer");
@@ -576,15 +571,13 @@ namespace client
 	SAMBridge::SAMBridge (int port):
 		m_IsRunning (false), m_Thread (nullptr),
 		m_Acceptor (m_Service, boost::asio::ip::tcp::endpoint(boost::asio::ip::tcp::v4(), port)),
-		m_DatagramEndpoint (boost::asio::ip::udp::v4 (), port-1), m_DatagramSocket (m_Service, m_DatagramEndpoint),
+		m_DatagramEndpoint (boost::asio::ip::udp::v4 (), port-1), m_DatagramSocket (m_Service, m_DatagramEndpoint)
-		m_NewSocket (nullptr)
 	{
 	}
 
 	SAMBridge::~SAMBridge ()
 	{
 		Stop ();
-		delete m_NewSocket;
 	}	
 
 	void SAMBridge::Start ()
@@ -624,43 +617,48 @@ namespace client
 
 	void SAMBridge::Accept ()
 	{
-		m_NewSocket = new SAMSocket (*this);
+		auto newSocket = std::make_shared<SAMSocket> (*this);
-		m_Acceptor.async_accept (m_NewSocket->GetSocket (), boost::bind (&SAMBridge::HandleAccept, this,
+		m_Acceptor.async_accept (newSocket->GetSocket (), std::bind (&SAMBridge::HandleAccept, this,
-			boost::asio::placeholders::error));
+			std::placeholders::_1, newSocket));
 	}
 
-	void SAMBridge::HandleAccept(const boost::system::error_code& ecode)
+	void SAMBridge::HandleAccept(const boost::system::error_code& ecode, std::shared_ptr<SAMSocket> socket)
 	{
 		if (!ecode)
 		{
-			LogPrint ("New SAM connection from ", m_NewSocket->GetSocket ().remote_endpoint ());
+			LogPrint ("New SAM connection from ", socket->GetSocket ().remote_endpoint ());
-			m_NewSocket->ReceiveHandshake ();		
+			socket->ReceiveHandshake ();		
 		}
 		else
-		{
 			LogPrint ("SAM accept error: ",  ecode.message ());
-			delete m_NewSocket;
-			m_NewSocket = nullptr;	
-		}
 
 		if (ecode != boost::asio::error::operation_aborted)
 			Accept ();
 	}
 
-	SAMSession * SAMBridge::CreateSession (const std::string& id, const std::string& destination)
+	SAMSession * SAMBridge::CreateSession (const std::string& id, const std::string& destination, 
+		const std::map<std::string, std::string> * params)
 	{
 		ClientDestination * localDestination = nullptr; 
 		if (destination != "")
 		{
-			uint8_t * buf = new uint8_t[destination.length ()];
-			size_t l = i2p::data::Base64ToByteStream (destination.c_str (), destination.length (), buf, destination.length ());
 			i2p::data::PrivateKeys keys;
-			keys.FromBuffer (buf, l);
+			keys.FromBase64 (destination);
-			delete[] buf;
+			localDestination = i2p::client::context.CreateNewLocalDestination (keys, true, params);
-			localDestination = i2p::client::context.CreateNewLocalDestination (keys);
 		}
 		else // transient
-			localDestination = i2p::client::context.CreateNewLocalDestination (); 
+		{
+			// extract signature type
+			i2p::data::SigningKeyType signatureType = i2p::data::SIGNING_KEY_TYPE_DSA_SHA1;
+			if (params)
+			{
+				auto it = params->find (SAM_PARAM_SIGNATURE_TYPE);
+				if (it != params->end ())
+					// TODO: extract string values	
+					signatureType = boost::lexical_cast<int> (it->second);
+			}
+			localDestination = i2p::client::context.CreateNewLocalDestination (false, signatureType, params); 
+		}
 		if (localDestination)
 		{
 			SAMSession session;
@@ -680,10 +678,10 @@ namespace client
 		auto it = m_Sessions.find (id);
 		if (it != m_Sessions.end ())
 		{
-			for (auto it1 : it->second.sockets)
+			for (auto it1: it->second.sockets)
-				delete it1;
+				it1->CloseStream ();
 			it->second.sockets.clear ();
-			it->second.localDestination->Stop ();
+			i2p::client::context.DeleteLocalDestination (it->second.localDestination);
 			m_Sessions.erase (it);
 		}
 	}
@@ -702,7 +700,7 @@ namespace client
 		m_DatagramSocket.async_receive_from (
 			boost::asio::buffer (m_DatagramReceiveBuffer, i2p::datagram::MAX_DATAGRAM_SIZE), 
 			m_SenderEndpoint,
-			boost::bind (&SAMBridge::HandleReceivedDatagram, this, boost::asio::placeholders::error, boost::asio::placeholders::bytes_transferred)); 
+			std::bind (&SAMBridge::HandleReceivedDatagram, this, std::placeholders::_1, std::placeholders::_2)); 
 	}
 
 	void SAMBridge::HandleReceivedDatagram (const boost::system::error_code& ecode, std::size_t bytes_transferred)
@@ -725,10 +723,8 @@ namespace client
 					auto session = FindSession (sessionID);
 					if (session)
 					{	
-						uint8_t ident[1024];
-						size_t l = i2p::data::Base64ToByteStream (destination, strlen(destination), ident, 1024);
 						i2p::data::IdentityEx dest;
-						dest.FromBuffer (ident, l);
+						dest.FromBase64 (destination);
 						auto leaseSet = i2p::data::netdb.FindLeaseSet (dest.GetIdentHash ());
 						if (leaseSet)
 							session->localDestination->GetDatagramDestination ()->

SAM.h

@@ -7,6 +7,7 @@
 #include <list>
 #include <thread>
 #include <mutex>
+#include <memory>
 #include <boost/asio.hpp>
 #include "Identity.h"
 #include "LeaseSet.h"
@@ -23,7 +24,8 @@ namespace client
 	const int SAM_NAMING_LOOKUP_TIMEOUT = 5; // in seconds
 	const int SAM_SESSION_READINESS_CHECK_INTERVAL = 20; // in seconds	
 	const char SAM_HANDSHAKE[] = "HELLO VERSION";
-	const char SAM_HANDSHAKE_REPLY[] = "HELLO REPLY RESULT=OK VERSION=3.0\n";
+	const char SAM_HANDSHAKE_REPLY[] = "HELLO REPLY RESULT=OK VERSION=%s\n";
+	const char SAM_HANDSHAKE_I2P_ERROR[] = "HELLO REPLY RESULT=I2P_ERROR\n";	
 	const char SAM_SESSION_CREATE[] = "SESSION CREATE";
 	const char SAM_SESSION_CREATE_REPLY_OK[] = "SESSION STATUS RESULT=OK DESTINATION=%s\n";
 	const char SAM_SESSION_CREATE_DUPLICATED_ID[] = "SESSION STATUS RESULT=DUPLICATED_ID\n";
@@ -39,14 +41,17 @@ namespace client
 	const char SAM_DEST_REPLY_I2P_ERROR[] = "DEST REPLY RESULT=I2P_ERROR\n";
 	const char SAM_NAMING_LOOKUP[] = "NAMING LOOKUP";
 	const char SAM_NAMING_REPLY[] = "NAMING REPLY RESULT=OK NAME=ME VALUE=%s\n";
-	const char SAM_DATAGRAM_RECEIVED[] = "DATAGRAM_RECEIVED DESTINATION=%s SIZE=%i\n";	
+	const char SAM_DATAGRAM_RECEIVED[] = "DATAGRAM_RECEIVED DESTINATION=%s SIZE=%lu\n";	
 	const char SAM_NAMING_REPLY_INVALID_KEY[] = "NAMING REPLY RESULT=INVALID_KEY NAME=%s\n";
-	const char SAM_NAMING_REPLY_KEY_NOT_FOUND[] = "NAMING REPLY RESULT=INVALID_KEY_NOT_FOUND NAME=%s\n";		
+	const char SAM_NAMING_REPLY_KEY_NOT_FOUND[] = "NAMING REPLY RESULT=INVALID_KEY_NOT_FOUND NAME=%s\n";
+	const char SAM_PARAM_MIN[] = "MIN";	
+	const char SAM_PARAM_MAX[] = "MAX";				
 	const char SAM_PARAM_STYLE[] = "STYLE";		
 	const char SAM_PARAM_ID[] = "ID";	
 	const char SAM_PARAM_SILENT[] = "SILENT";
 	const char SAM_PARAM_DESTINATION[] = "DESTINATION";	
-	const char SAM_PARAM_NAME[] = "NAME";		
+	const char SAM_PARAM_NAME[] = "NAME";
+	const char SAM_PARAM_SIGNATURE_TYPE[] = "SIGNATURE_TYPE";		
 	const char SAM_VALUE_TRANSIENT[] = "TRANSIENT";	
 	const char SAM_VALUE_STREAM[] = "STREAM";
 	const char SAM_VALUE_DATAGRAM[] = "DATAGRAM";
@@ -59,24 +64,27 @@ namespace client
 		eSAMSocketTypeUnknown,
 		eSAMSocketTypeSession,
 		eSAMSocketTypeStream,
-		eSAMSocketTypeAcceptor	
+		eSAMSocketTypeAcceptor,
+		eSAMSocketTypeTerminated
 	};
 
 	class SAMBridge;
 	class SAMSession;
-	class SAMSocket
+	class SAMSocket: public std::enable_shared_from_this<SAMSocket>
 	{
 		public:
 
 			SAMSocket (SAMBridge& owner);
 			~SAMSocket ();			
+			void CloseStream (); // TODO: implement it better	
 
 			boost::asio::ip::tcp::socket& GetSocket () { return m_Socket; };
 			void ReceiveHandshake ();
+			void SetSocketType (SAMSocketType socketType) { m_SocketType = socketType; };
 
 		private:
 
-			void Terminate ();
+			void Terminate ();	
 			void HandleHandshakeReceived (const boost::system::error_code& ecode, std::size_t bytes_transferred);
 			void HandleHandshakeReplySent (const boost::system::error_code& ecode, std::size_t bytes_transferred);
 			void HandleMessage (const boost::system::error_code& ecode, std::size_t bytes_transferred);
@@ -87,7 +95,7 @@ namespace client
 
 			void I2PReceive ();	
 			void HandleI2PReceive (const boost::system::error_code& ecode, std::size_t bytes_transferred);
-			void HandleI2PAccept (i2p::stream::Stream * stream);
+			void HandleI2PAccept (std::shared_ptr<i2p::stream::Stream> stream);
 			void HandleWriteI2PData (const boost::system::error_code& ecode);
 			void HandleI2PDatagramReceive (const i2p::data::IdentityEx& ident, const uint8_t * buf, size_t len);
 
@@ -100,8 +108,8 @@ namespace client
 
 			void Connect (const i2p::data::LeaseSet& remote);
 			void HandleStreamDestinationRequestTimer (const boost::system::error_code& ecode, i2p::data::IdentHash ident);
-			void HandleNamingLookupDestinationRequestTimer (const boost::system::error_code& ecode, i2p::data::IdentHash ident);
 			void SendNamingLookupReply (const i2p::data::LeaseSet * leaseSet);
+			void SendNamingLookupReply (const i2p::data::IdentityEx& identity);
 			void HandleSessionReadinessCheckTimer (const boost::system::error_code& ecode);
 			void SendSessionCreateReplyOk ();
 
@@ -115,14 +123,20 @@ namespace client
 			SAMSocketType m_SocketType;
 			std::string m_ID; // nickname
 			bool m_IsSilent;
-			i2p::stream::Stream * m_Stream;
+			std::shared_ptr<i2p::stream::Stream> m_Stream;
 			SAMSession * m_Session;
 	};	
 
 	struct SAMSession
 	{
 		ClientDestination * localDestination;
-		std::list<SAMSocket *> sockets;
+		std::list<std::shared_ptr<SAMSocket> > sockets;
+				
+		~SAMSession ()
+		{
+			for (auto it: sockets)
+				it->SetSocketType (eSAMSocketTypeTerminated);
+		}		
 	};
 
 	class SAMBridge
@@ -136,7 +150,8 @@ namespace client
 			void Stop ();
 			
 			boost::asio::io_service& GetService () { return m_Service; };
-			SAMSession * CreateSession (const std::string& id, const std::string& destination = ""); // empty string  means transient
+			SAMSession * CreateSession (const std::string& id, const std::string& destination, // empty string  means transient
+				const std::map<std::string, std::string> * params);
 			void CloseSession (const std::string& id);
 			SAMSession * FindSession (const std::string& id);
 
@@ -145,7 +160,7 @@ namespace client
 			void Run ();
 
 			void Accept ();
-			void HandleAccept(const boost::system::error_code& ecode);
+			void HandleAccept(const boost::system::error_code& ecode, std::shared_ptr<SAMSocket> socket);
 
 			void ReceiveDatagram ();
 			void HandleReceivedDatagram (const boost::system::error_code& ecode, std::size_t bytes_transferred);
@@ -158,7 +173,6 @@ namespace client
 			boost::asio::ip::tcp::acceptor m_Acceptor;
 			boost::asio::ip::udp::endpoint m_DatagramEndpoint, m_SenderEndpoint;
 			boost::asio::ip::udp::socket m_DatagramSocket;
-			SAMSocket * m_NewSocket;
 			std::mutex m_SessionsMutex;
 			std::map<std::string, SAMSession> m_Sessions;
 			uint8_t m_DatagramReceiveBuffer[i2p::datagram::MAX_DATAGRAM_SIZE+1];

SOCKS.cpp

@@ -77,8 +77,7 @@ namespace proxy
 	{
 		if (m_stream) {
 			LogPrint("--- socks4a close stream");
-			delete m_stream;
+			m_stream.reset ();
-			m_stream = nullptr;
 		}
 	}
 

SOCKS.h

@@ -5,7 +5,7 @@
 #include <boost/asio.hpp>
 #include <vector>
 #include <mutex>
-
+#include <memory>
 #include "Identity.h"
 #include "Streaming.h"
 
@@ -47,7 +47,7 @@ namespace proxy
             boost::asio::io_service * m_ios;
             boost::asio::ip::tcp::socket * m_sock;
             boost::asio::deadline_timer m_ls_timer;
-            i2p::stream::Stream * m_stream;
+            std::shared_ptr<i2p::stream::Stream> m_stream;
             i2p::data::LeaseSet * m_ls;
             i2p::data::IdentHash m_dest;
             state m_state;

SSU.cpp

@@ -9,9 +9,10 @@ namespace i2p
 {
 namespace transport
 {
-	SSUServer::SSUServer (int port): m_Thread (nullptr), m_Work (m_Service),
+	SSUServer::SSUServer (int port): m_Thread (nullptr), m_ThreadV6 (nullptr), m_Work (m_Service), 
-		m_Endpoint (boost::asio::ip::udp::v4 (), port), m_EndpointV6 (boost::asio::ip::udp::v6 (), port),
+		m_WorkV6 (m_ServiceV6),m_Endpoint (boost::asio::ip::udp::v4 (), port), 
-		m_Socket (m_Service, m_Endpoint), m_SocketV6 (m_Service), m_IntroducersUpdateTimer (m_Service)	
+		m_EndpointV6 (boost::asio::ip::udp::v6 (), port), m_Socket (m_Service, m_Endpoint), 
+		m_SocketV6 (m_ServiceV6), m_IntroducersUpdateTimer (m_Service)	
 	{
 		m_Socket.set_option (boost::asio::socket_base::receive_buffer_size (65535));
 		m_Socket.set_option (boost::asio::socket_base::send_buffer_size (65535));
@@ -27,17 +28,18 @@ namespace transport
 	
 	SSUServer::~SSUServer ()
 	{
-		for (auto it: m_Sessions)
-			delete it.second;
 	}
 
 	void SSUServer::Start ()
 	{
 		m_IsRunning = true;
 		m_Thread = new std::thread (std::bind (&SSUServer::Run, this));
-		m_Service.post (boost::bind (&SSUServer::Receive, this));  
+		m_Service.post (std::bind (&SSUServer::Receive, this));  
 		if (context.SupportsV6 ())
-			m_Service.post (boost::bind (&SSUServer::ReceiveV6, this));  
+		{	
+			m_ThreadV6 = new std::thread (std::bind (&SSUServer::RunV6, this));
+			m_ServiceV6.post (std::bind (&SSUServer::ReceiveV6, this));  
+		}	
 		if (i2p::context.IsUnreachable ())
 			ScheduleIntroducersUpdateTimer ();
 	}
@@ -48,12 +50,20 @@ namespace transport
 		m_IsRunning = false;
 		m_Service.stop ();
 		m_Socket.close ();
+		m_ServiceV6.stop ();
+		m_SocketV6.close ();
 		if (m_Thread)
 		{	
 			m_Thread->join (); 
 			delete m_Thread;
-			m_Thread = 0;
+			m_Thread = nullptr;
-		}	
+		}
+		if (m_ThreadV6)
+		{	
+			m_ThreadV6->join (); 
+			delete m_ThreadV6;
+			m_ThreadV6 = nullptr;
+		}
 	}
 
 	void SSUServer::Run () 
@@ -70,13 +80,28 @@ namespace transport
 			}	
 		}	
 	}
-		
+
+	void SSUServer::RunV6 () 
+	{ 
+		while (m_IsRunning)
+		{
+			try
+			{	
+				m_ServiceV6.run ();
+			}
+			catch (std::exception& ex)
+			{
+				LogPrint (eLogError, "SSU V6 server: ", ex.what ());
+			}	
+		}	
+	}	
+	
 	void SSUServer::AddRelay (uint32_t tag, const boost::asio::ip::udp::endpoint& relay)
 	{
 		m_Relays[tag] = relay;
 	}	
 
-	SSUSession * SSUServer::FindRelaySession (uint32_t tag)
+	std::shared_ptr<SSUSession> SSUServer::FindRelaySession (uint32_t tag)
 	{
 		auto it = m_Relays.find (tag);
 		if (it != m_Relays.end ())
@@ -128,20 +153,21 @@ namespace transport
 
 	void SSUServer::HandleReceivedBuffer (boost::asio::ip::udp::endpoint& from, uint8_t * buf, std::size_t bytes_transferred)
 	{
-		SSUSession * session = nullptr;
+		std::shared_ptr<SSUSession> session;
 		auto it = m_Sessions.find (from);
 		if (it != m_Sessions.end ())
 			session = it->second;
 		if (!session)
 		{
-			session = new SSUSession (*this, from);
+			session = std::make_shared<SSUSession> (*this, from);
+			session->WaitForConnect ();
 			m_Sessions[from] = session;
 			LogPrint ("New SSU session from ", from.address ().to_string (), ":", from.port (), " created");
 		}
 		session->ProcessNextMessage (buf, bytes_transferred, from);
 	}
 
-	SSUSession * SSUServer::FindSession (const i2p::data::RouterInfo * router)
+	std::shared_ptr<SSUSession> SSUServer::FindSession (std::shared_ptr<const i2p::data::RouterInfo> router) const
 	{
 		if (!router) return nullptr;
 		auto address = router->GetSSUAddress (true); // v4 only
@@ -155,7 +181,7 @@ namespace transport
 		return FindSession (boost::asio::ip::udp::endpoint (address->host, address->port));
 	}	
 
-	SSUSession * SSUServer::FindSession (const boost::asio::ip::udp::endpoint& e)
+	std::shared_ptr<SSUSession> SSUServer::FindSession (const boost::asio::ip::udp::endpoint& e) const
 	{
 		auto it = m_Sessions.find (e);
 		if (it != m_Sessions.end ())
@@ -164,9 +190,9 @@ namespace transport
 			return nullptr;
 	}
 		
-	SSUSession * SSUServer::GetSession (const i2p::data::RouterInfo * router, bool peerTest)
+	std::shared_ptr<SSUSession> SSUServer::GetSession (std::shared_ptr<const i2p::data::RouterInfo> router, bool peerTest)
 	{
-		SSUSession * session = nullptr;
+		std::shared_ptr<SSUSession> session;
 		if (router)
 		{
 			auto address = router->GetSSUAddress (!context.SupportsV6 ());
@@ -179,7 +205,7 @@ namespace transport
 				else
 				{
 					// otherwise create new session					
-					session = new SSUSession (*this, remoteEndpoint, router, peerTest);
+					session = std::make_shared<SSUSession> (*this, remoteEndpoint, router, peerTest);
 					m_Sessions[remoteEndpoint] = session;
 					
 					if (!router->UsesIntroducer ())
@@ -195,7 +221,7 @@ namespace transport
 						int numIntroducers = address->introducers.size ();
 						if (numIntroducers > 0)
 						{
-							SSUSession * introducerSession = nullptr;
+							std::shared_ptr<SSUSession> introducerSession;
 							const i2p::data::RouterInfo::Introducer * introducer = nullptr;
 							// we might have a session to introducer already
 							for (int i = 0; i < numIntroducers; i++)
@@ -216,7 +242,7 @@ namespace transport
 								LogPrint ("Creating new session to introducer");
 								introducer = &(address->introducers[0]); // TODO:
 								boost::asio::ip::udp::endpoint introducerEndpoint (introducer->iHost, introducer->iPort);
-								introducerSession = new SSUSession (*this, introducerEndpoint, router);
+								introducerSession = std::make_shared<SSUSession> (*this, introducerEndpoint, router);
 								m_Sessions[introducerEndpoint] = introducerSession;													
 							}	
 							// introduce
@@ -231,8 +257,7 @@ namespace transport
 						{	
 							LogPrint (eLogWarning, "Can't connect to unreachable router. No introducers presented");
 							m_Sessions.erase (remoteEndpoint);
-							delete session;
+							session.reset ();
-							session = nullptr;
 						}	
 					}
 				}
@@ -243,30 +268,26 @@ namespace transport
 		return session;
 	}
 
-	void SSUServer::DeleteSession (SSUSession * session)
+	void SSUServer::DeleteSession (std::shared_ptr<SSUSession> session)
 	{
 		if (session)
 		{
 			session->Close ();
 			m_Sessions.erase (session->GetRemoteEndpoint ());
-			delete session;
 		}	
 	}	
 
 	void SSUServer::DeleteAllSessions ()
 	{
 		for (auto it: m_Sessions)
-		{
 			it.second->Close ();
-			delete it.second;			
-		}	
 		m_Sessions.clear ();
 	}
 
 	template<typename Filter>
-	SSUSession * SSUServer::GetRandomSession (Filter filter)
+	std::shared_ptr<SSUSession> SSUServer::GetRandomSession (Filter filter)
 	{
-		std::vector<SSUSession *> filteredSessions;
+		std::vector<std::shared_ptr<SSUSession> > filteredSessions;
 		for (auto s :m_Sessions)
 			if (filter (s.second)) filteredSessions.push_back (s.second);
 		if (filteredSessions.size () > 0)
@@ -277,10 +298,10 @@ namespace transport
 		return nullptr;	
 	}
 
-	SSUSession * SSUServer::GetRandomEstablishedSession (const SSUSession * excluded)
+	std::shared_ptr<SSUSession> SSUServer::GetRandomEstablishedSession (std::shared_ptr<const SSUSession> excluded)
 	{
 		return GetRandomSession (
-			[excluded](SSUSession * session)->bool 
+			[excluded](std::shared_ptr<SSUSession> session)->bool 
 			{ 
 				return session->GetState () == eSessionStateEstablished &&
 					session != excluded; 
@@ -295,16 +316,16 @@ namespace transport
 		for (int i = 0; i < maxNumIntroducers; i++)
 		{
 			auto session = GetRandomSession (
-				[&ret, ts](SSUSession * session)->bool 
+				[&ret, ts](std::shared_ptr<SSUSession> session)->bool 
 				{ 
-					return session->GetRelayTag () && !ret.count (session) &&
+					return session->GetRelayTag () && !ret.count (session.get ()) &&
 						session->GetState () == eSessionStateEstablished &&
 						ts < session->GetCreationTime () + SSU_TO_INTRODUCER_SESSION_DURATION; 
 				}
 											);	
 			if (session)
 			{
-				ret.insert (session);
+				ret.insert (session.get ());
 				break;
 			}	
 		}
@@ -314,8 +335,8 @@ namespace transport
 	void SSUServer::ScheduleIntroducersUpdateTimer ()
 	{
 		m_IntroducersUpdateTimer.expires_from_now (boost::posix_time::seconds(SSU_KEEP_ALIVE_INTERVAL));
-		m_IntroducersUpdateTimer.async_wait (boost::bind (&SSUServer::HandleIntroducersUpdateTimer,
+		m_IntroducersUpdateTimer.async_wait (std::bind (&SSUServer::HandleIntroducersUpdateTimer,
-			this, boost::asio::placeholders::error));	
+			this, std::placeholders::_1));	
 	}
 
 	void SSUServer::HandleIntroducersUpdateTimer (const boost::system::error_code& ecode)

SSU.h

@@ -31,22 +31,23 @@ namespace transport
 			~SSUServer ();
 			void Start ();
 			void Stop ();
-			SSUSession * GetSession (const i2p::data::RouterInfo * router, bool peerTest = false);
+			std::shared_ptr<SSUSession> GetSession (std::shared_ptr<const i2p::data::RouterInfo> router, bool peerTest = false);
-			SSUSession * FindSession (const i2p::data::RouterInfo * router);
+			std::shared_ptr<SSUSession> FindSession (std::shared_ptr<const i2p::data::RouterInfo> router) const;
-			SSUSession * FindSession (const boost::asio::ip::udp::endpoint& e);
+			std::shared_ptr<SSUSession> FindSession (const boost::asio::ip::udp::endpoint& e) const;
-			SSUSession * GetRandomEstablishedSession (const SSUSession * excluded);
+			std::shared_ptr<SSUSession> GetRandomEstablishedSession (std::shared_ptr<const SSUSession> excluded);
-			void DeleteSession (SSUSession * session);
+			void DeleteSession (std::shared_ptr<SSUSession> session);
 			void DeleteAllSessions ();			
 
 			boost::asio::io_service& GetService () { return m_Socket.get_io_service(); };
 			const boost::asio::ip::udp::endpoint& GetEndpoint () const { return m_Endpoint; };			
 			void Send (const uint8_t * buf, size_t len, const boost::asio::ip::udp::endpoint& to);
 			void AddRelay (uint32_t tag, const boost::asio::ip::udp::endpoint& relay);
-			SSUSession * FindRelaySession (uint32_t tag);
+			std::shared_ptr<SSUSession> FindRelaySession (uint32_t tag);
 
 		private:
 
 			void Run ();
+			void RunV6 ();
 			void Receive ();
 			void ReceiveV6 ();
 			void HandleReceivedFrom (const boost::system::error_code& ecode, std::size_t bytes_transferred);
@@ -54,7 +55,7 @@ namespace transport
 			void HandleReceivedBuffer (boost::asio::ip::udp::endpoint& from, uint8_t * buf, std::size_t bytes_transferred);
 
 			template<typename Filter>
-			SSUSession * GetRandomSession (Filter filter);
+			std::shared_ptr<SSUSession> GetRandomSession (Filter filter);
 			
 			std::set<SSUSession *> FindIntroducers (int maxNumIntroducers);	
 			void ScheduleIntroducersUpdateTimer ();
@@ -63,9 +64,9 @@ namespace transport
 		private:
 
 			bool m_IsRunning;
-			std::thread * m_Thread;	
+			std::thread * m_Thread, * m_ThreadV6;	
-			boost::asio::io_service m_Service;
+			boost::asio::io_service m_Service, m_ServiceV6;
-			boost::asio::io_service::work m_Work;
+			boost::asio::io_service::work m_Work, m_WorkV6;
 			boost::asio::ip::udp::endpoint m_Endpoint, m_EndpointV6;
 			boost::asio::ip::udp::socket m_Socket, m_SocketV6;
 			boost::asio::ip::udp::endpoint m_SenderEndpoint, m_SenderEndpointV6;
@@ -73,7 +74,7 @@ namespace transport
 			std::list<boost::asio::ip::udp::endpoint> m_Introducers; // introducers we are connected to
 			i2p::crypto::AESAlignedBuffer<2*SSU_MTU_V4> m_ReceiveBuffer;
 			i2p::crypto::AESAlignedBuffer<2*SSU_MTU_V6> m_ReceiveBufferV6; 
-			std::map<boost::asio::ip::udp::endpoint, SSUSession *> m_Sessions;
+			std::map<boost::asio::ip::udp::endpoint, std::shared_ptr<SSUSession> > m_Sessions;
 			std::map<uint32_t, boost::asio::ip::udp::endpoint> m_Relays; // we are introducer
 
 		public:

SSUData.cpp

@@ -401,8 +401,9 @@ namespace transport
 	{		
 		m_ResendTimer.cancel ();
 		m_ResendTimer.expires_from_now (boost::posix_time::seconds(RESEND_INTERVAL));
-		m_ResendTimer.async_wait (boost::bind (&SSUData::HandleResendTimer,
+		auto s = m_Session.shared_from_this();
-			this, boost::asio::placeholders::error));
+		m_ResendTimer.async_wait ([s](const boost::system::error_code& ecode)
+			{ s->m_Data.HandleResendTimer (ecode); });
 	}
 		
 	void SSUData::HandleResendTimer (const boost::system::error_code& ecode)

SSUSession.cpp

@@ -14,15 +14,13 @@ namespace i2p
 namespace transport
 {
 	SSUSession::SSUSession (SSUServer& server, boost::asio::ip::udp::endpoint& remoteEndpoint,
-		const i2p::data::RouterInfo * router, bool peerTest ): TransportSession (router), 
+		std::shared_ptr<const i2p::data::RouterInfo> router, bool peerTest ): TransportSession (router), 
 		m_Server (server), m_RemoteEndpoint (remoteEndpoint), 
 		m_Timer (m_Server.GetService ()), m_PeerTest (peerTest),
  		m_State (eSessionStateUnknown), m_IsSessionKey (false), m_RelayTag (0),
 		m_Data (*this), m_NumSentBytes (0), m_NumReceivedBytes (0)
 	{
 		m_CreationTime = i2p::util::GetSecondsSinceEpoch ();
-		if (!router) // incoming session
-			ScheduleConnectTimer ();
 	}
 
 	SSUSession::~SSUSession ()
@@ -111,7 +109,7 @@ namespace transport
 					else
 					{
 						LogPrint (eLogError, "MAC verification failed ", len, " bytes from ", senderEndpoint);
-						m_Server.DeleteSession (this); 
+						m_Server.DeleteSession (shared_from_this ()); 
 						return;
 					}	
 				}	
@@ -146,13 +144,13 @@ namespace transport
 			case PAYLOAD_TYPE_SESSION_DESTROYED:
 			{
 				LogPrint (eLogDebug, "SSU session destroy received");
-				m_Server.DeleteSession (this); // delete this 
+				m_Server.DeleteSession (shared_from_this ()); 
 				break;
 			}	
 			case PAYLOAD_TYPE_RELAY_RESPONSE:
 				ProcessRelayResponse (buf, len);
 				if (m_State != eSessionStateEstablished)
-					m_Server.DeleteSession (this);
+					m_Server.DeleteSession (shared_from_this ());
 			break;
 			case PAYLOAD_TYPE_RELAY_REQUEST:
 				LogPrint (eLogDebug, "SSU relay request received");
@@ -461,7 +459,7 @@ namespace transport
 			buf += 32; // introkey
 			uint32_t nonce = be32toh (*(uint32_t *)buf);
 			SendRelayResponse (nonce, from, introKey, session->m_RemoteEndpoint);
-			SendRelayIntro (session, from);
+			SendRelayIntro (session.get (), from);
 		}	
 	}
 
@@ -701,12 +699,20 @@ namespace transport
 		}	
 	}
 
+	void SSUSession::WaitForConnect ()
+	{
+		if (!m_RemoteRouter) // incoming session
+			ScheduleConnectTimer ();
+		else
+			LogPrint (eLogError, "SSU wait for connect for outgoing session");	
+	}
+
 	void SSUSession::ScheduleConnectTimer ()
 	{
 		m_Timer.cancel ();
 		m_Timer.expires_from_now (boost::posix_time::seconds(SSU_CONNECT_TIMEOUT));
-		m_Timer.async_wait (boost::bind (&SSUSession::HandleConnectTimer,
+		m_Timer.async_wait (std::bind (&SSUSession::HandleConnectTimer,
-			this, boost::asio::placeholders::error));	
+			shared_from_this (), std::placeholders::_1));	
 }
 
 	void SSUSession::HandleConnectTimer (const boost::system::error_code& ecode)
@@ -725,8 +731,8 @@ namespace transport
 		{	
 			// set connect timer
 			m_Timer.expires_from_now (boost::posix_time::seconds(SSU_CONNECT_TIMEOUT));
-			m_Timer.async_wait (boost::bind (&SSUSession::HandleConnectTimer,
+			m_Timer.async_wait (std::bind (&SSUSession::HandleConnectTimer,
-				this, boost::asio::placeholders::error));
+				shared_from_this (), std::placeholders::_1));
 		}	
 		SendRelayRequest (iTag, iKey);
 	}
@@ -736,8 +742,8 @@ namespace transport
 		m_State = eSessionStateIntroduced;
 		// set connect timer
 		m_Timer.expires_from_now (boost::posix_time::seconds(SSU_CONNECT_TIMEOUT));
-		m_Timer.async_wait (boost::bind (&SSUSession::HandleConnectTimer,
+		m_Timer.async_wait (std::bind (&SSUSession::HandleConnectTimer,
-			this, boost::asio::placeholders::error));			
+			shared_from_this (), std::placeholders::_1));			
 	}
 
 	void SSUSession::Close ()
@@ -776,7 +782,7 @@ namespace transport
 		if (m_State != eSessionStateFailed)
 		{	
 			m_State = eSessionStateFailed;
-			m_Server.DeleteSession (this); // delete this 
+			m_Server.DeleteSession (shared_from_this ());  
 		}	
 	}	
 
@@ -784,8 +790,8 @@ namespace transport
 	{
 		m_Timer.cancel ();
 		m_Timer.expires_from_now (boost::posix_time::seconds(SSU_TERMINATION_TIMEOUT));
-		m_Timer.async_wait (boost::bind (&SSUSession::HandleTerminationTimer,
+		m_Timer.async_wait (std::bind (&SSUSession::HandleTerminationTimer,
-			this, boost::asio::placeholders::error));
+			shared_from_this (), std::placeholders::_1));
 	}
 
 	void SSUSession::HandleTerminationTimer (const boost::system::error_code& ecode)
@@ -815,7 +821,7 @@ namespace transport
 
 	void SSUSession::SendI2NPMessage (I2NPMessage * msg)
 	{
-		m_Server.GetService ().post (boost::bind (&SSUSession::PostI2NPMessage, this, msg));    
+		m_Server.GetService ().post (std::bind (&SSUSession::PostI2NPMessage, shared_from_this (), msg));    
 	}	
 
 	void SSUSession::PostI2NPMessage (I2NPMessage * msg)
@@ -891,7 +897,7 @@ namespace transport
 				else
 				{
 					LogPrint (eLogDebug, "SSU peer test from Alice. We are Bob");
-					auto session = m_Server.GetRandomEstablishedSession (this); // charlie
+					auto session = m_Server.GetRandomEstablishedSession (shared_from_this ()); // charlie
 					if (session)
 						session->SendPeerTest (nonce, senderEndpoint.address ().to_v4 ().to_ulong (),
 							senderEndpoint.port (), introKey, false); 		

SSUSession.h

@@ -4,7 +4,7 @@
 #include <inttypes.h>
 #include <set>
 #include <list>
-#include <boost/asio.hpp>
+#include <memory>
 #include "aes.h"
 #include "hmac.h"
 #include "I2NPProtocol.h"
@@ -50,16 +50,17 @@ namespace transport
 	};	
 
 	class SSUServer;
-	class SSUSession: public TransportSession
+	class SSUSession: public TransportSession, public std::enable_shared_from_this<SSUSession>
 	{
 		public:
 
 			SSUSession (SSUServer& server, boost::asio::ip::udp::endpoint& remoteEndpoint,
-				const i2p::data::RouterInfo * router = nullptr, bool peerTest = false);
+				std::shared_ptr<const i2p::data::RouterInfo> router = nullptr, bool peerTest = false);
 			void ProcessNextMessage (uint8_t * buf, size_t len, const boost::asio::ip::udp::endpoint& senderEndpoint);		
 			~SSUSession ();
 			
 			void Connect ();
+			void WaitForConnect ();
 			void Introduce (uint32_t iTag, const uint8_t * iKey);
 			void WaitForIntroduction ();
 			void Close ();

Signature.h

@@ -3,6 +3,7 @@
 
 #include <inttypes.h>
 #include <cryptopp/dsa.h>
+#include <cryptopp/rsa.h>
 #include <cryptopp/asn.h>
 #include <cryptopp/oids.h>
 #include <cryptopp/osrng.h>
@@ -21,6 +22,7 @@ namespace crypto
 			virtual bool Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const = 0;
 			virtual size_t GetPublicKeyLen () const = 0;
 			virtual size_t GetSignatureLen () const = 0;
+			virtual size_t GetPrivateKeyLen () const { return GetSignatureLen ()/2; };
 	};
 
 	class Signer
@@ -87,67 +89,327 @@ namespace crypto
 		publicKey.GetPublicElement ().Encode (signingPublicKey, DSA_PUBLIC_KEY_LENGTH);
 	}	
 
-
+	template<typename Hash, size_t keyLen>
-	const size_t ECDSAP256_PUBLIC_KEY_LENGTH = 64;
+	class ECDSAVerifier: public Verifier
-	const size_t ECDSAP256_PUBLIC_KEY_HALF_LENGTH = ECDSAP256_PUBLIC_KEY_LENGTH/2;
+	{		
-	const size_t ECDSAP256_SIGNATURE_LENGTH = 64;
-	const size_t ECDSAP256_PRIVATE_KEY_LENGTH = ECDSAP256_SIGNATURE_LENGTH/2;		
-	class ECDSAP256Verifier: public Verifier
-	{
 		public:
 
-			ECDSAP256Verifier (const uint8_t * signingKey)
+			template<typename Curve>
+			ECDSAVerifier (Curve curve, const uint8_t * signingKey)
 			{
-				m_PublicKey.Initialize (CryptoPP::ASN1::secp256r1(), 
+				m_PublicKey.Initialize (curve, 
-					CryptoPP::ECP::Point (CryptoPP::Integer (signingKey, ECDSAP256_PUBLIC_KEY_HALF_LENGTH), 
+					CryptoPP::ECP::Point (CryptoPP::Integer (signingKey, keyLen/2), 
-					CryptoPP::Integer (signingKey + ECDSAP256_PUBLIC_KEY_HALF_LENGTH, ECDSAP256_PUBLIC_KEY_HALF_LENGTH)));
+					CryptoPP::Integer (signingKey + keyLen/2, keyLen/2)));
-			}			
+			}
 
 			bool Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const
 			{
-				CryptoPP::ECDSA<CryptoPP::ECP, CryptoPP::SHA256>::Verifier verifier (m_PublicKey);
+				typename CryptoPP::ECDSA<CryptoPP::ECP, Hash>::Verifier verifier (m_PublicKey);
-				return verifier.VerifyMessage (buf, len, signature, ECDSAP256_SIGNATURE_LENGTH);
+				return verifier.VerifyMessage (buf, len, signature, keyLen); // signature length
 			}	
 
-			size_t GetPublicKeyLen () const { return ECDSAP256_PUBLIC_KEY_LENGTH; };
+			size_t GetPublicKeyLen () const { return keyLen; };
-			size_t GetSignatureLen () const { return ECDSAP256_SIGNATURE_LENGTH; };
+			size_t GetSignatureLen () const { return keyLen; }; // signature length = key length
 			
 		private:
 
-			CryptoPP::ECDSA<CryptoPP::ECP, CryptoPP::SHA256>::PublicKey m_PublicKey;
+			typename CryptoPP::ECDSA<CryptoPP::ECP, Hash>::PublicKey m_PublicKey;
-	};	
+	};
 
-	class ECDSAP256Signer: public Signer
+	template<typename Hash>
+	class ECDSASigner: public Signer
 	{
 		public:
 
-			ECDSAP256Signer (const uint8_t * signingPrivateKey)
+			template<typename Curve>
+			ECDSASigner (Curve curve, const uint8_t * signingPrivateKey, size_t keyLen)
 			{
-				m_PrivateKey.Initialize (CryptoPP::ASN1::secp256r1(), CryptoPP::Integer (signingPrivateKey, ECDSAP256_PRIVATE_KEY_LENGTH));
+				m_PrivateKey.Initialize (curve, CryptoPP::Integer (signingPrivateKey, keyLen/2)); // private key length
 			}
 
 			void Sign (CryptoPP::RandomNumberGenerator& rnd, const uint8_t * buf, int len, uint8_t * signature) const
 			{
-				CryptoPP::ECDSA<CryptoPP::ECP, CryptoPP::SHA256>::Signer signer (m_PrivateKey);
+				typename CryptoPP::ECDSA<CryptoPP::ECP, Hash>::Signer signer (m_PrivateKey);
 				signer.SignMessage (rnd, buf, len, signature);
 			}
 
 		private:
 
-			CryptoPP::ECDSA<CryptoPP::ECP, CryptoPP::SHA256>::PrivateKey m_PrivateKey;
+			typename CryptoPP::ECDSA<CryptoPP::ECP, Hash>::PrivateKey m_PrivateKey;
+	};
+
+	template<typename Hash, typename Curve>
+	inline void CreateECDSARandomKeys (CryptoPP::RandomNumberGenerator& rnd, Curve curve, 
+		size_t keyLen, uint8_t * signingPrivateKey, uint8_t * signingPublicKey)
+	{
+		typename CryptoPP::ECDSA<CryptoPP::ECP, Hash>::PrivateKey privateKey;
+		typename CryptoPP::ECDSA<CryptoPP::ECP, Hash>::PublicKey publicKey;
+		privateKey.Initialize (rnd, curve);
+		privateKey.MakePublicKey (publicKey);
+		privateKey.GetPrivateExponent ().Encode (signingPrivateKey, keyLen/2);	
+		auto q = publicKey.GetPublicElement ();
+		q.x.Encode (signingPublicKey, keyLen/2);
+		q.y.Encode (signingPublicKey + keyLen/2, keyLen/2);
+	}	
+
+// ECDSA_SHA256_P256
+	const size_t ECDSAP256_KEY_LENGTH = 64;	
+	class ECDSAP256Verifier: public ECDSAVerifier<CryptoPP::SHA256, ECDSAP256_KEY_LENGTH>
+	{
+		public:
+
+			ECDSAP256Verifier (const uint8_t * signingKey): 
+				ECDSAVerifier (CryptoPP::ASN1::secp256r1(), signingKey)
+			{
+			}			
+	};	
+
+	class ECDSAP256Signer: public ECDSASigner<CryptoPP::SHA256>
+	{
+		public:
+
+			ECDSAP256Signer (const uint8_t * signingPrivateKey):
+				ECDSASigner (CryptoPP::ASN1::secp256r1(), signingPrivateKey, ECDSAP256_KEY_LENGTH)
+			{
+			}
 	};
 
 	inline void CreateECDSAP256RandomKeys (CryptoPP::RandomNumberGenerator& rnd, uint8_t * signingPrivateKey, uint8_t * signingPublicKey)
 	{
-		CryptoPP::ECDSA<CryptoPP::ECP, CryptoPP::SHA256>::PrivateKey privateKey;
+		CreateECDSARandomKeys<CryptoPP::SHA256> (rnd, CryptoPP::ASN1::secp256r1(), ECDSAP256_KEY_LENGTH, signingPrivateKey, signingPublicKey);
-		CryptoPP::ECDSA<CryptoPP::ECP, CryptoPP::SHA256>::PublicKey publicKey;
-		privateKey.Initialize (rnd, CryptoPP::ASN1::secp256r1());
-		privateKey.MakePublicKey (publicKey);
-		privateKey.GetPrivateExponent ().Encode (signingPrivateKey, ECDSAP256_PRIVATE_KEY_LENGTH);	
-		auto q = publicKey.GetPublicElement ();
-		q.x.Encode (signingPublicKey, ECDSAP256_PUBLIC_KEY_HALF_LENGTH);
-		q.y.Encode (signingPublicKey + ECDSAP256_PUBLIC_KEY_HALF_LENGTH, ECDSAP256_PUBLIC_KEY_HALF_LENGTH);
 	}	
+
+// ECDSA_SHA384_P384
+	const size_t ECDSAP384_KEY_LENGTH = 96;
+	class ECDSAP384Verifier: public ECDSAVerifier<CryptoPP::SHA384, ECDSAP384_KEY_LENGTH>
+	{
+		public:
+
+			ECDSAP384Verifier (const uint8_t * signingKey): 
+				ECDSAVerifier (CryptoPP::ASN1::secp384r1(), signingKey)
+			{
+			}			
+	};	
+
+	class ECDSAP384Signer: public ECDSASigner<CryptoPP::SHA384>
+	{
+		public:
+
+			ECDSAP384Signer (const uint8_t * signingPrivateKey):
+				ECDSASigner (CryptoPP::ASN1::secp384r1(), signingPrivateKey, ECDSAP384_KEY_LENGTH)
+			{
+			}
+	};
+
+	inline void CreateECDSAP384RandomKeys (CryptoPP::RandomNumberGenerator& rnd, uint8_t * signingPrivateKey, uint8_t * signingPublicKey)
+	{
+		CreateECDSARandomKeys<CryptoPP::SHA384> (rnd, CryptoPP::ASN1::secp384r1(), ECDSAP384_KEY_LENGTH, signingPrivateKey, signingPublicKey);
+	}	
+
+// ECDSA_SHA512_P521
+	const size_t ECDSAP521_KEY_LENGTH = 132;
+	class ECDSAP521Verifier: public ECDSAVerifier<CryptoPP::SHA512, ECDSAP521_KEY_LENGTH>
+	{
+		public:
+
+			ECDSAP521Verifier (const uint8_t * signingKey): 
+				ECDSAVerifier (CryptoPP::ASN1::secp521r1(), signingKey)
+			{
+			}			
+	};	
+
+	class ECDSAP521Signer: public ECDSASigner<CryptoPP::SHA512>
+	{
+		public:
+
+			ECDSAP521Signer (const uint8_t * signingPrivateKey):
+				ECDSASigner (CryptoPP::ASN1::secp521r1(), signingPrivateKey, ECDSAP521_KEY_LENGTH)
+			{
+			}
+	};
+
+	inline void CreateECDSAP521RandomKeys (CryptoPP::RandomNumberGenerator& rnd, uint8_t * signingPrivateKey, uint8_t * signingPublicKey)
+	{
+		CreateECDSARandomKeys<CryptoPP::SHA512> (rnd, CryptoPP::ASN1::secp521r1(), ECDSAP521_KEY_LENGTH, signingPrivateKey, signingPublicKey);
+	}
+
+// RSA
+	template<typename Hash, size_t keyLen>	
+	class RSAVerifier: public Verifier
+	{
+		public:
+
+			RSAVerifier (const uint8_t * signingKey)
+			{
+				m_PublicKey.Initialize (CryptoPP::Integer (signingKey, keyLen), CryptoPP::Integer (rsae));
+			}
+
+			bool Verify (const uint8_t * buf, size_t len, const uint8_t * signature) const 
+			{
+				typename CryptoPP::RSASS<CryptoPP::PKCS1v15, Hash>::Verifier verifier (m_PublicKey);
+				return verifier.VerifyMessage (buf, len, signature, keyLen); // signature length
+			}
+			size_t GetPublicKeyLen () const { return keyLen; }
+			size_t GetSignatureLen () const { return keyLen; }	
+			size_t GetPrivateKeyLen () const { return GetSignatureLen ()*2; };
+
+		private:
+			
+			CryptoPP::RSA::PublicKey m_PublicKey;			
+	};	
+
+	
+	template<typename Hash>
+	class RSASigner: public Signer
+	{
+		public:
+
+			RSASigner (const uint8_t * signingPrivateKey, size_t keyLen)
+			{
+				m_PrivateKey.Initialize (CryptoPP::Integer (signingPrivateKey, keyLen/2),
+				    rsae,                 			
+					CryptoPP::Integer (signingPrivateKey + keyLen/2, keyLen/2));
+			}
+
+			void Sign (CryptoPP::RandomNumberGenerator& rnd, const uint8_t * buf, int len, uint8_t * signature) const
+			{
+				typename CryptoPP::RSASS<CryptoPP::PKCS1v15, Hash>::Signer signer (m_PrivateKey);
+				signer.SignMessage (rnd, buf, len, signature);
+			}
+			
+		private:
+
+			CryptoPP::RSA::PrivateKey m_PrivateKey;
+	};		
+
+	inline void CreateRSARandomKeys (CryptoPP::RandomNumberGenerator& rnd, 
+		size_t publicKeyLen, uint8_t * signingPrivateKey, uint8_t * signingPublicKey)
+	{
+		CryptoPP::RSA::PrivateKey privateKey;
+		privateKey.Initialize (rnd, publicKeyLen*8, rsae);
+		privateKey.GetModulus ().Encode (signingPrivateKey, publicKeyLen);	
+		privateKey.GetPrivateExponent ().Encode (signingPrivateKey + publicKeyLen, publicKeyLen);	
+		privateKey.GetModulus ().Encode (signingPublicKey, publicKeyLen);
+	}	
+
+	
+//  RSA_SHA256_2048
+	const size_t RSASHA2562048_KEY_LENGTH = 256;
+	class RSASHA2562048Verifier: public RSAVerifier<CryptoPP::SHA256, RSASHA2562048_KEY_LENGTH> 
+	{
+		public:
+
+			RSASHA2562048Verifier (const uint8_t * signingKey): RSAVerifier (signingKey) 
+			{
+			}
+	};
+
+	class RSASHA2562048Signer: public RSASigner<CryptoPP::SHA256> 
+	{
+		public:
+
+			RSASHA2562048Signer (const uint8_t * signingPrivateKey): 
+				RSASigner (signingPrivateKey, RSASHA2562048_KEY_LENGTH*2) 
+			{
+			}
+	};
+
+//  RSA_SHA384_3072
+	const size_t RSASHA3843072_KEY_LENGTH = 384;
+	class RSASHA3843072Verifier: public RSAVerifier<CryptoPP::SHA384, RSASHA3843072_KEY_LENGTH> 
+	{
+		public:
+
+			RSASHA3843072Verifier (const uint8_t * signingKey): RSAVerifier (signingKey) 
+			{
+			}
+	};
+
+	class RSASHA3843072Signer: public RSASigner<CryptoPP::SHA384> 
+	{
+		public:
+
+			RSASHA3843072Signer (const uint8_t * signingPrivateKey): 
+				RSASigner (signingPrivateKey, RSASHA3843072_KEY_LENGTH*2) 
+			{
+			}
+	};
+
+//  RSA_SHA512_4096
+	const size_t RSASHA5124096_KEY_LENGTH = 512;
+	class RSASHA5124096Verifier: public RSAVerifier<CryptoPP::SHA512, RSASHA5124096_KEY_LENGTH> 
+	{
+		public:
+
+			RSASHA5124096Verifier (const uint8_t * signingKey): RSAVerifier (signingKey) 
+			{
+			}
+	};
+
+	class RSASHA5124096Signer: public RSASigner<CryptoPP::SHA512> 
+	{
+		public:
+
+			RSASHA5124096Signer (const uint8_t * signingPrivateKey): 
+				RSASigner (signingPrivateKey, RSASHA5124096_KEY_LENGTH*2) 
+			{
+			}
+	};
+
+// Raw verifiers	
+	class RawVerifier
+	{
+		public:
+			
+			virtual ~RawVerifier () {};
+			virtual void Update (const uint8_t * buf, size_t len) = 0;
+			virtual bool Verify (const uint8_t * signature) = 0;
+	};		
+
+	template<typename Hash, size_t keyLen>
+	class RSARawVerifier: public RawVerifier
+	{
+		public:
+
+			RSARawVerifier (const uint8_t * signingKey):
+				n (signingKey, keyLen)
+			{
+			}
+
+			void Update (const uint8_t * buf, size_t len)
+			{
+				m_Hash.Update (buf, len);
+			}
+			
+			bool Verify (const uint8_t * signature)
+			{
+				// RSA encryption first
+				CryptoPP::Integer enSig (a_exp_b_mod_c (CryptoPP::Integer (signature, keyLen), 
+					CryptoPP::Integer (i2p::crypto::rsae), n)); // s^e mod n 
+				uint8_t enSigBuf[keyLen];
+				enSig.Encode (enSigBuf, keyLen);
+
+				uint8_t digest[Hash::DIGESTSIZE];
+				m_Hash.Final (digest);
+				if ((int)keyLen < Hash::DIGESTSIZE) return false; // can't verify digest longer than key
+				// we assume digest is right aligned, at least for PKCS#1 v1.5 padding 
+				return !memcmp (enSigBuf + (keyLen - Hash::DIGESTSIZE), digest, Hash::DIGESTSIZE); 				
+			}
+
+		private:
+
+			CryptoPP::Integer n; // RSA modulus	
+			Hash m_Hash;
+	};	
+
+	class RSASHA5124096RawVerifier: public RSARawVerifier<CryptoPP::SHA512, RSASHA5124096_KEY_LENGTH> 
+	{
+		public:
+
+			RSASHA5124096RawVerifier (const uint8_t * signingKey): RSARawVerifier (signingKey) 
+			{
+			}
+	};
 }
 }
 

Streaming.cpp

@@ -15,9 +15,9 @@ namespace stream
 		const i2p::data::LeaseSet& remote, int port): m_Service (service), m_SendStreamID (0), 
 		m_SequenceNumber (0), m_LastReceivedSequenceNumber (-1), m_IsOpen (false), 
 		m_IsReset (false), m_IsAckSendScheduled (false), m_LocalDestination (local), 
-		m_RemoteLeaseSet (&remote), m_RoutingSession (nullptr), m_ReceiveTimer (m_Service),
+		m_RemoteLeaseSet (&remote), m_RoutingSession (nullptr), m_CurrentOutboundTunnel (nullptr),
-		m_ResendTimer (m_Service), m_AckSendTimer (m_Service), m_NumSentBytes (0), 
+		m_ReceiveTimer (m_Service), m_ResendTimer (m_Service), m_AckSendTimer (m_Service), 
-		m_NumReceivedBytes (0), m_Port (port)
+		m_NumSentBytes (0), m_NumReceivedBytes (0), m_Port (port)
 	{
 		m_RecvStreamID = i2p::context.GetRandomNumberGenerator ().GenerateWord32 ();
 		UpdateCurrentRemoteLease ();
@@ -26,9 +26,9 @@ namespace stream
 	Stream::Stream (boost::asio::io_service& service, StreamingDestination& local):
 		m_Service (service), m_SendStreamID (0), m_SequenceNumber (0), m_LastReceivedSequenceNumber (-1), 
 		m_IsOpen (false), m_IsReset (false), m_IsAckSendScheduled (false), m_LocalDestination (local),
-		m_RemoteLeaseSet (nullptr), m_RoutingSession (nullptr), m_ReceiveTimer (m_Service), 
+		m_RemoteLeaseSet (nullptr), m_RoutingSession (nullptr), m_CurrentOutboundTunnel (nullptr),
-		m_ResendTimer (m_Service), m_AckSendTimer (m_Service), m_NumSentBytes (0), 
+		m_ReceiveTimer (m_Service), m_ResendTimer (m_Service), m_AckSendTimer (m_Service), 
-		m_NumReceivedBytes (0), m_Port (0)
+		m_NumSentBytes (0), m_NumReceivedBytes (0), m_Port (0)
 	{
 		m_RecvStreamID = i2p::context.GetRandomNumberGenerator ().GenerateWord32 ();
 	}
@@ -52,8 +52,7 @@ namespace stream
 		for (auto it: m_SavedPackets)
 			delete it;
 		m_SavedPackets.clear ();
-		
+		LogPrint (eLogDebug, "Stream deleted");
-		Close ();
 	}	
 		
 	void Stream::HandleNextPacket (Packet * packet)
@@ -70,12 +69,12 @@ namespace stream
 		if (!receivedSeqn && !isSyn)
 		{
 			// plain ack
-			LogPrint ("Plain ACK received");
+			LogPrint (eLogDebug, "Plain ACK received");
 			delete packet;
 			return;
 		}
 
-		LogPrint ("Received seqn=", receivedSeqn); 
+		LogPrint (eLogDebug, "Received seqn=", receivedSeqn); 
 		if (isSyn || receivedSeqn == m_LastReceivedSequenceNumber + 1)
 		{			
 			// we have received next in sequence message
@@ -102,8 +101,8 @@ namespace stream
 				{
 					m_IsAckSendScheduled = true;
 					m_AckSendTimer.expires_from_now (boost::posix_time::milliseconds(ACK_SEND_TIMEOUT));
-					m_AckSendTimer.async_wait (boost::bind (&Stream::HandleAckSendTimer,
+					m_AckSendTimer.async_wait (std::bind (&Stream::HandleAckSendTimer,
-						this, boost::asio::placeholders::error));
+						shared_from_this (), std::placeholders::_1));
 				}
 			}	
 			else if (isSyn)
@@ -115,17 +114,24 @@ namespace stream
 			if (receivedSeqn <= m_LastReceivedSequenceNumber)
 			{
 				// we have received duplicate. Most likely our outbound tunnel is dead
-				LogPrint ("Duplicate message ", receivedSeqn, " received");
+				LogPrint (eLogWarning, "Duplicate message ", receivedSeqn, " received");
-				m_LocalDestination.GetOwner ().ResetCurrentOutboundTunnel (); // pick another outbound tunnel 
+				m_CurrentOutboundTunnel = nullptr; // pick another outbound tunnel 
 				UpdateCurrentRemoteLease (); // pick another lease
 				SendQuickAck (); // resend ack for previous message again
 				delete packet; // packet dropped
 			}	
 			else
 			{
-				LogPrint ("Missing messages from ", m_LastReceivedSequenceNumber + 1, " to ", receivedSeqn - 1);
+				LogPrint (eLogWarning, "Missing messages from ", m_LastReceivedSequenceNumber + 1, " to ", receivedSeqn - 1);
 				// save message and wait for missing message again
 				SavePacket (packet);
+				// send NACKs for missing messages ASAP
+				if (m_IsAckSendScheduled)
+				{
+					m_IsAckSendScheduled = false;	
+					m_AckSendTimer.cancel ();
+				}
+				SendQuickAck ();
 			}	
 		}	
 	}	
@@ -140,11 +146,11 @@ namespace stream
 		// process flags
 		uint32_t receivedSeqn = packet->GetSeqn ();
 		uint16_t flags = packet->GetFlags ();
-		LogPrint ("Process seqn=", receivedSeqn, ", flags=", flags);
+		LogPrint (eLogDebug, "Process seqn=", receivedSeqn, ", flags=", flags);
 		
 		const uint8_t * optionData = packet->GetOptionData ();
 		if (flags & PACKET_FLAG_SYNCHRONIZE)
-			LogPrint ("Synchronize");
+			LogPrint (eLogDebug, "Synchronize");
 
 		if (flags & PACKET_FLAG_DELAY_REQUESTED)
 		{
@@ -154,28 +160,28 @@ namespace stream
 		if (flags & PACKET_FLAG_FROM_INCLUDED)
 		{
 			optionData += m_RemoteIdentity.FromBuffer (optionData, packet->GetOptionSize ());
-			LogPrint ("From identity ", m_RemoteIdentity.GetIdentHash ().ToBase64 ());		
+			LogPrint (eLogInfo, "From identity ", m_RemoteIdentity.GetIdentHash ().ToBase64 ());		
 			if (!m_RemoteLeaseSet)
-				LogPrint ("Incoming stream from ", m_RemoteIdentity.GetIdentHash ().ToBase64 ());
+				LogPrint (eLogDebug, "Incoming stream from ", m_RemoteIdentity.GetIdentHash ().ToBase64 ());
 		}	
 
 		if (flags & PACKET_FLAG_MAX_PACKET_SIZE_INCLUDED)
 		{
 			uint16_t maxPacketSize = be16toh (*(uint16_t *)optionData);
-			LogPrint ("Max packet size ", maxPacketSize);
+			LogPrint (eLogDebug, "Max packet size ", maxPacketSize);
 			optionData += 2;
 		}	
 		
 		if (flags & PACKET_FLAG_SIGNATURE_INCLUDED)
 		{
-			LogPrint ("Signature");
+			LogPrint (eLogDebug, "Signature");
 			uint8_t signature[256]; 
 			auto signatureLen = m_RemoteIdentity.GetSignatureLen ();
 			memcpy (signature, optionData, signatureLen);
 			memset (const_cast<uint8_t *>(optionData), 0, signatureLen);
 			if (!m_RemoteIdentity.Verify (packet->GetBuffer (), packet->GetLength (), signature))
 			{  
-				LogPrint ("Signature verification failed");
+				LogPrint (eLogError, "Signature verification failed");
 			    Close ();
 				flags |= PACKET_FLAG_CLOSE;
 			}	
@@ -196,13 +202,10 @@ namespace stream
 
 		if (flags & PACKET_FLAG_CLOSE)
 		{
-			LogPrint ("Closed");
+			LogPrint (eLogInfo, "Closed");
-			SendQuickAck (); // send ack for close explicitly?
+			Close ();
 			m_IsOpen = false;
 			m_IsReset = true;
-			m_ReceiveTimer.cancel ();
-			m_ResendTimer.cancel ();
-			m_AckSendTimer.cancel ();
 		}
 	}	
 
@@ -226,13 +229,13 @@ namespace stream
 						}
 					if (nacked)
 					{
-						LogPrint ("Packet ", seqn, " NACK");
+						LogPrint (eLogDebug, "Packet ", seqn, " NACK");
 						it++;
 						continue;
 					}	
 				}
 				auto sentPacket = *it;
-				LogPrint ("Packet ", seqn, " acknowledged");
+				LogPrint (eLogDebug, "Packet ", seqn, " acknowledged");
 				m_SentPackets.erase (it++);
 				delete sentPacket;	
 			}
@@ -246,6 +249,7 @@ namespace stream
 	size_t Stream::Send (const uint8_t * buf, size_t len)
 	{
 		bool isNoAck = m_LastReceivedSequenceNumber < 0; // first packet
+		std::vector<Packet *> packets;
 		while (!m_IsOpen || len > 0)
 		{
 			Packet * p = new Packet ();
@@ -309,15 +313,28 @@ namespace stream
 				size += sentLen; // payload
 			}	
 			p->len = size;
-			m_Service.post (boost::bind (&Stream::SendPacket, this, p));
+			packets.push_back (p);
 		}
-
+		if (packets.size () > 0)
+			m_Service.post (std::bind (&Stream::PostPackets, shared_from_this (), packets));
 		return len;
 	}	
 
 		
 	void Stream::SendQuickAck ()
 	{
+		int32_t lastReceivedSeqn = m_LastReceivedSequenceNumber;
+		if (!m_SavedPackets.empty ())
+		{
+			int32_t seqn = (*m_SavedPackets.rbegin ())->GetSeqn ();
+			if (seqn > lastReceivedSeqn) lastReceivedSeqn = seqn;
+		}	
+		if (lastReceivedSeqn < 0) 
+		{	
+			LogPrint (eLogError, "No packets have been received yet");
+			return;
+		}
+		
 		Packet p;
 		uint8_t * packet = p.GetBuffer ();	
 		size_t size = 0;
@@ -327,10 +344,35 @@ namespace stream
 		size += 4; // receiveStreamID
 		*(uint32_t *)(packet + size) = 0; // this is plain Ack message
 		size += 4; // sequenceNum
-		*(uint32_t *)(packet + size) = htobe32 (m_LastReceivedSequenceNumber);
+		*(uint32_t *)(packet + size) = htobe32 (lastReceivedSeqn);
 		size += 4; // ack Through
-		packet[size] = 0; 
+		if (lastReceivedSeqn > m_LastReceivedSequenceNumber) 
-		size++; // NACK count
+		{	
+			// fill NACKs
+			uint8_t * nacks = packet + size + 1;
+			uint8_t numNacks = 0;
+			auto nextSeqn = m_LastReceivedSequenceNumber + 1;
+			for (auto it: m_SavedPackets)
+			{
+				auto seqn = it->GetSeqn ();
+				for (uint32_t i = nextSeqn; i < seqn; i++)
+				{
+					*(uint32_t *)nacks = htobe32 (i);
+					nacks += 4;
+					numNacks++;
+				}	
+				nextSeqn = seqn + 1;
+			}
+			packet[size] = numNacks; 
+			size++; // NACK count	
+			size += numNacks*4; // NACKs
+		}	
+		else
+		{
+			// No NACKs
+			packet[size] = 0; 
+			size++; // NACK count		
+		}	
 		size++; // resend delay
 		*(uint16_t *)(packet + size) = 0; // nof flags set
 		size += 2; // flags
@@ -372,8 +414,10 @@ namespace stream
 			m_LocalDestination.GetOwner ().Sign (packet, size, signature);
 			
 			p->len = size;
-			SendPacket (p);
+			m_Service.post (std::bind (&Stream::SendPacket, shared_from_this (), p));
 			LogPrint ("FIN sent");
+			m_ReceiveTimer.cancel ();
+			m_LocalDestination.DeleteStream (shared_from_this ());
 		}	
 	}
 
@@ -420,7 +464,31 @@ namespace stream
 		else
 			return false;
 	}	
-	
+
+	void Stream::PostPackets (const std::vector<Packet *> packets)
+	{
+		if (m_IsOpen)
+		{	
+			if (packets.size () > 0)
+			{
+				m_IsAckSendScheduled = false;	
+				m_AckSendTimer.cancel ();
+			}
+			bool isEmpty = m_SentPackets.empty ();
+			for (auto it: packets)
+				m_SentPackets.insert (it);
+			SendPackets (packets);
+			if (isEmpty)
+				ScheduleResend ();
+		}
+		else
+		{
+			// delete 
+			for (auto it: packets)
+				delete it;	
+		}	
+	}	
+		
 	void Stream::SendPackets (const std::vector<Packet *>& packets)
 	{
 		if (!m_RemoteLeaseSet)
@@ -432,6 +500,12 @@ namespace stream
 				return;
 			}
 		}
+		m_CurrentOutboundTunnel = m_LocalDestination.GetOwner ().GetTunnelPool ()->GetNextOutboundTunnel (m_CurrentOutboundTunnel);
+		if (!m_CurrentOutboundTunnel)
+		{
+			LogPrint ("No outbound tunnels in the pool");
+			return;
+		}
 
 		auto ts = i2p::util::GetMillisecondsSinceEpoch ();
 		if (ts >= m_CurrentRemoteLease.endDate)
@@ -450,7 +524,7 @@ namespace stream
 							});	
 				m_NumSentBytes += it->GetLength ();
 			}
-			m_LocalDestination.GetOwner ().SendTunnelDataMsgs (msgs);
+			m_CurrentOutboundTunnel->SendTunnelDataMsg (msgs);
 		}	
 		else
 			LogPrint ("All leases are expired");
@@ -460,8 +534,8 @@ namespace stream
 	{
 		m_ResendTimer.cancel ();
 		m_ResendTimer.expires_from_now (boost::posix_time::seconds(RESEND_TIMEOUT));
-		m_ResendTimer.async_wait (boost::bind (&Stream::HandleResendTimer,
+		m_ResendTimer.async_wait (std::bind (&Stream::HandleResendTimer,
-			this, boost::asio::placeholders::error));
+			shared_from_this (), std::placeholders::_1));
 	}
 		
 	void Stream::HandleResendTimer (const boost::system::error_code& ecode)
@@ -476,7 +550,8 @@ namespace stream
 					packets.push_back (it);
 				else
 				{
-					Close ();
+					LogPrint (eLogWarning, "Packet ", it->GetSeqn (), "was not ACKed after ", MAX_NUM_RESEND_ATTEMPTS,  " attempts. Terminate");
+					m_IsOpen = false;
 					m_IsReset = true;
 					m_ReceiveTimer.cancel ();
 					return;
@@ -484,7 +559,7 @@ namespace stream
 			}	
 			if (packets.size () > 0)
 			{
-				m_LocalDestination.GetOwner ().ResetCurrentOutboundTunnel (); // pick another outbound tunnel 
+				m_CurrentOutboundTunnel = nullptr; // pick another outbound tunnel 
 				UpdateCurrentRemoteLease (); // pick another lease
 				SendPackets (packets);
 			}	
@@ -563,8 +638,6 @@ namespace stream
 		ResetAcceptor ();
 		{
 			std::unique_lock<std::mutex> l(m_StreamsMutex);
-			for (auto it: m_Streams)
-				delete it.second;	
 			m_Streams.clear ();
 		}	
 	}	
@@ -597,36 +670,30 @@ namespace stream
 		}	
 	}	
 
-	Stream * StreamingDestination::CreateNewOutgoingStream (const i2p::data::LeaseSet& remote, int port)
+	std::shared_ptr<Stream> StreamingDestination::CreateNewOutgoingStream (const i2p::data::LeaseSet& remote, int port)
 	{
-		Stream * s = new Stream (*m_Owner.GetService (), *this, remote, port);
+		auto s = std::make_shared<Stream> (m_Owner.GetService (), *this, remote, port);
 		std::unique_lock<std::mutex> l(m_StreamsMutex);
 		m_Streams[s->GetRecvStreamID ()] = s;
 		return s;
 	}	
 
-	Stream * StreamingDestination::CreateNewIncomingStream ()
+	std::shared_ptr<Stream> StreamingDestination::CreateNewIncomingStream ()
 	{
-		Stream * s = new Stream (*m_Owner.GetService (), *this);
+		auto s = std::make_shared<Stream> (m_Owner.GetService (), *this);
 		std::unique_lock<std::mutex> l(m_StreamsMutex);
 		m_Streams[s->GetRecvStreamID ()] = s;
 		return s;
 	}
 
-	void StreamingDestination::DeleteStream (Stream * stream)
+	void StreamingDestination::DeleteStream (std::shared_ptr<Stream> stream)
 	{
 		if (stream)
 		{	
 			std::unique_lock<std::mutex> l(m_StreamsMutex);
 			auto it = m_Streams.find (stream->GetRecvStreamID ());
 			if (it != m_Streams.end ())
-			{	
 				m_Streams.erase (it);
-				if (m_Owner.GetService ())
-					m_Owner.GetService ()->post ([stream](void) { delete stream; }); 
-				else
-					delete stream;
-			}	
 		}	
 	}		
 
@@ -650,11 +717,5 @@ namespace stream
 			delete uncompressed;
 		}	
 	}
-
-	void DeleteStream (Stream * stream)
-	{
-		if (stream)
-			stream->GetLocalDestination ().DeleteStream (stream);
-	}
 }		
 }	

Streaming.h

@@ -7,8 +7,8 @@
 #include <set>
 #include <queue>
 #include <functional>
+#include <memory>
 #include <boost/asio.hpp>
-#include <boost/bind.hpp>
 #include "I2PEndian.h"
 #include "Identity.h"
 #include "LeaseSet.h"
@@ -45,8 +45,8 @@ namespace stream
 	
 	struct Packet
 	{
-		uint8_t buf[MAX_PACKET_SIZE];	
 		size_t len, offset;
+		uint8_t buf[MAX_PACKET_SIZE];	
 		int numResendAttempts;
 		
 		Packet (): len (0), offset (0), numResendAttempts (0) {};
@@ -78,7 +78,7 @@ namespace stream
 	};	
 	
 	class StreamingDestination;
-	class Stream
+	class Stream: public std::enable_shared_from_this<Stream>
 	{	
 		public:
 
@@ -112,6 +112,7 @@ namespace stream
 
 			void SendQuickAck ();
 			bool SendPacket (Packet * packet);
+			void PostPackets (const std::vector<Packet *> packets);
 			void SendPackets (const std::vector<Packet *>& packets);
 
 			void SavePacket (Packet * packet);
@@ -141,6 +142,7 @@ namespace stream
 			const i2p::data::LeaseSet * m_RemoteLeaseSet;
 			i2p::garlic::GarlicRoutingSession * m_RoutingSession;
 			i2p::data::Lease m_CurrentRemoteLease;
+			i2p::tunnel::OutboundTunnel * m_CurrentOutboundTunnel;
 			std::queue<Packet *> m_ReceiveQueue;
 			std::set<Packet *, PacketCmp> m_SavedPackets;
 			std::set<Packet *, PacketCmp> m_SentPackets;
@@ -153,7 +155,7 @@ namespace stream
 	{
 		public:
 
-			typedef std::function<void (Stream *)> Acceptor;
+			typedef std::function<void (std::shared_ptr<Stream>)> Acceptor;
 
 			StreamingDestination (i2p::client::ClientDestination& owner): m_Owner (owner) {};
 			~StreamingDestination () {};	
@@ -161,8 +163,8 @@ namespace stream
 			void Start ();
 			void Stop ();
 
-			Stream * CreateNewOutgoingStream (const i2p::data::LeaseSet& remote, int port = 0);
+			std::shared_ptr<Stream> CreateNewOutgoingStream (const i2p::data::LeaseSet& remote, int port = 0);
-			void DeleteStream (Stream * stream);			
+			void DeleteStream (std::shared_ptr<Stream> stream);			
 			void SetAcceptor (const Acceptor& acceptor) { m_Acceptor = acceptor; };
 			void ResetAcceptor () { m_Acceptor = nullptr; };
 			bool IsAcceptorSet () const { return m_Acceptor != nullptr; };	
@@ -173,13 +175,13 @@ namespace stream
 		private:		
 	
 			void HandleNextPacket (Packet * packet);
-			Stream * CreateNewIncomingStream ();
+			std::shared_ptr<Stream> CreateNewIncomingStream ();
 
 		private:
 
 			i2p::client::ClientDestination& m_Owner;
 			std::mutex m_StreamsMutex;
-			std::map<uint32_t, Stream *> m_Streams;
+			std::map<uint32_t, std::shared_ptr<Stream> > m_Streams;
 			Acceptor m_Acceptor;
 			
 		public:
@@ -188,8 +190,6 @@ namespace stream
 			const decltype(m_Streams)& GetStreams () const { return m_Streams; };
 	};		
 
-	void DeleteStream (Stream * stream);
-
 //-------------------------------------------------
 
 	template<typename Buffer, typename ReceiveHandler>
@@ -197,15 +197,17 @@ namespace stream
 	{
 		if (!m_ReceiveQueue.empty ())
 		{
-			m_Service.post ([=](void) { this->HandleReceiveTimer (
+			auto s = shared_from_this();
+			m_Service.post ([=](void) { s->HandleReceiveTimer (
 				boost::asio::error::make_error_code (boost::asio::error::operation_aborted),
 				buffer, handler); });
 		}
 		else
 		{
 			m_ReceiveTimer.expires_from_now (boost::posix_time::seconds(timeout));
+			auto s = shared_from_this();
 			m_ReceiveTimer.async_wait ([=](const boost::system::error_code& ecode)
-				{ this->HandleReceiveTimer (ecode, buffer, handler); });
+				{ s->HandleReceiveTimer (ecode, buffer, handler); });
 		}
 	}
 

TransportSession.h

@@ -3,6 +3,7 @@
 
 #include <inttypes.h>
 #include <iostream>
+#include <memory>
 #include "Identity.h"
 #include "RouterInfo.h"
 
@@ -51,7 +52,7 @@ namespace transport
 	{
 		public:
 
-			TransportSession (const i2p::data::RouterInfo * in_RemoteRouter): 
+			TransportSession (std::shared_ptr<const i2p::data::RouterInfo> in_RemoteRouter): 
 				m_RemoteRouter (in_RemoteRouter), m_DHKeysPair (nullptr) 
 			{
 				if (m_RemoteRouter)
@@ -60,12 +61,12 @@ namespace transport
 
 			virtual ~TransportSession () { delete m_DHKeysPair; };
 			
-			const i2p::data::RouterInfo * GetRemoteRouter () { return m_RemoteRouter; };
+			std::shared_ptr<const i2p::data::RouterInfo> GetRemoteRouter () { return m_RemoteRouter; };
 			const i2p::data::IdentityEx& GetRemoteIdentity () { return m_RemoteIdentity; };
 
 		protected:
 
-			const i2p::data::RouterInfo * m_RemoteRouter;
+			std::shared_ptr<const i2p::data::RouterInfo> m_RemoteRouter;
 			i2p::data::IdentityEx m_RemoteIdentity; 
 			DHKeysPair * m_DHKeysPair; // X - for client and Y - for server
 	};	

Transports.cpp

@@ -121,7 +121,7 @@ namespace transport
 					boost::asio::ip::tcp::endpoint(boost::asio::ip::tcp::v4(), address.port));
 
 				LogPrint ("Start listening TCP port ", address.port);	
-				auto conn = new NTCPServerConnection (m_Service);
+				auto conn = std::make_shared<NTCPSession>(m_Service);
 				m_NTCPAcceptor->async_accept(conn->GetSocket (), boost::bind (&Transports::HandleAccept, this, 
 					conn, boost::asio::placeholders::error));	
 				
@@ -134,7 +134,7 @@ namespace transport
 					m_NTCPV6Acceptor->listen ();
 
 					LogPrint ("Start listening V6 TCP port ", address.port);	
-					auto conn = new NTCPServerConnection (m_Service);
+					auto conn = std::make_shared<NTCPSession> (m_Service);
 					m_NTCPV6Acceptor->async_accept(conn->GetSocket (), boost::bind (&Transports::HandleAcceptV6,
 						this, conn, boost::asio::placeholders::error));
 				}	
@@ -162,10 +162,8 @@ namespace transport
 			delete m_SSUServer;
 			m_SSUServer = nullptr;
 		}	
-		
-		for (auto session: m_NTCPSessions)
-			delete session.second;
 		m_NTCPSessions.clear ();
+		
 		delete m_NTCPAcceptor;
 		m_NTCPAcceptor = nullptr;
 		delete m_NTCPV6Acceptor;
@@ -197,55 +195,79 @@ namespace transport
 		}	
 	}
 		
-	void Transports::AddNTCPSession (NTCPSession * session)
+	void Transports::AddNTCPSession (std::shared_ptr<NTCPSession> session)
 	{
 		if (session)
 			m_NTCPSessions[session->GetRemoteIdentity ().GetIdentHash ()] = session;
 	}	
 
-	void Transports::RemoveNTCPSession (NTCPSession * session)
+	void Transports::RemoveNTCPSession (std::shared_ptr<NTCPSession> session)
 	{
 		if (session)
 			m_NTCPSessions.erase (session->GetRemoteIdentity ().GetIdentHash ());
 	}	
 		
-	void Transports::HandleAccept (NTCPServerConnection * conn, const boost::system::error_code& error)
+	void Transports::HandleAccept (std::shared_ptr<NTCPSession> conn, const boost::system::error_code& error)
 	{		
 		if (!error)
 		{
 			LogPrint ("Connected from ", conn->GetSocket ().remote_endpoint().address ().to_string ());
 			conn->ServerLogin ();
 		}
-		else
+		
-			delete conn;
 
 		if (error != boost::asio::error::operation_aborted)
 		{
-    		conn = new NTCPServerConnection (m_Service);
+    		conn = std::make_shared<NTCPSession> (m_Service);
 			m_NTCPAcceptor->async_accept(conn->GetSocket (), boost::bind (&Transports::HandleAccept, this, 
 				conn, boost::asio::placeholders::error));
 		}	
 	}
 
-	void Transports::HandleAcceptV6 (NTCPServerConnection * conn, const boost::system::error_code& error)
+	void Transports::HandleAcceptV6 (std::shared_ptr<NTCPSession> conn, const boost::system::error_code& error)
 	{		
 		if (!error)
 		{
 			LogPrint ("Connected from ", conn->GetSocket ().remote_endpoint().address ().to_string ());
 			conn->ServerLogin ();
 		}
-		else
-			delete conn;
 
 		if (error != boost::asio::error::operation_aborted)
 		{
-    		conn = new NTCPServerConnection (m_Service);
+    		conn = std::make_shared<NTCPSession> (m_Service);
 			m_NTCPV6Acceptor->async_accept(conn->GetSocket (), boost::bind (&Transports::HandleAcceptV6, this, 
 				conn, boost::asio::placeholders::error));
 		}	
 	}
 
-	NTCPSession * Transports::GetNextNTCPSession ()
+	void Transports::Connect (const boost::asio::ip::address& address, int port, std::shared_ptr<NTCPSession> conn)
+	{
+		LogPrint ("Connecting to ", address ,":",  port);
+		conn->GetSocket ().async_connect (boost::asio::ip::tcp::endpoint (address, port), 
+			boost::bind (&Transports::HandleConnect, this, boost::asio::placeholders::error, conn));
+	}
+
+	void Transports::HandleConnect (const boost::system::error_code& ecode, std::shared_ptr<NTCPSession> conn)
+	{
+		if (ecode)
+        {
+			LogPrint ("Connect error: ", ecode.message ());
+			if (ecode != boost::asio::error::operation_aborted)
+			{
+				i2p::data::netdb.SetUnreachable (conn->GetRemoteIdentity ().GetIdentHash (), true);
+				conn->Terminate ();
+			}
+		}
+		else
+		{
+			LogPrint ("Connected");
+			if (conn->GetSocket ().local_endpoint ().protocol () == boost::asio::ip::tcp::v6()) // ipv6
+				context.UpdateNTCPV6Address (conn->GetSocket ().local_endpoint ().address ());
+			conn->ClientLogin ();
+		}	
+	}	
+
+	std::shared_ptr<NTCPSession> Transports::GetNextNTCPSession ()
 	{
 		for (auto session: m_NTCPSessions)
 			if (session.second->IsEstablished ())
@@ -253,7 +275,7 @@ namespace transport
 		return 0;
 	}	
 
-	NTCPSession * Transports::FindNTCPSession (const i2p::data::IdentHash& ident)
+	std::shared_ptr<NTCPSession> Transports::FindNTCPSession (const i2p::data::IdentHash& ident)
 	{
 		auto it = m_NTCPSessions.find (ident);
 		if (it != m_NTCPSessions.end ())
@@ -277,7 +299,7 @@ namespace transport
 			session->SendI2NPMessage (msg);
 		else
 		{
-			RouterInfo * r = netdb.FindRouter (ident);
+			auto r = netdb.FindRouter (ident);
 			if (r)
 			{	
 				auto ssuSession = m_SSUServer ? m_SSUServer->FindSession (r) : nullptr;
@@ -290,9 +312,10 @@ namespace transport
 					auto address = r->GetNTCPAddress (!context.SupportsV6 ()); 
 					if (address && !r->UsesIntroducer () && !r->IsUnreachable () && msg->GetLength () < NTCP_MAX_MESSAGE_SIZE)
 					{	
-						auto s = new NTCPClient (m_Service, address->host, address->port, *r);
+						auto s = std::make_shared<NTCPSession> (m_Service, r);
 						AddNTCPSession (s);
 						s->SendI2NPMessage (msg);
+						Connect (address->host, address->port, s);
 					}	
 					else
 					{	
@@ -323,7 +346,7 @@ namespace transport
 	void Transports::HandleResendTimer (const boost::system::error_code& ecode, 
 		boost::asio::deadline_timer * timer, const i2p::data::IdentHash& ident, i2p::I2NPMessage * msg)
 	{
-		RouterInfo * r = netdb.FindRouter (ident);
+		auto r = netdb.FindRouter (ident);
 		if (r)
 		{
 			LogPrint ("Router found. Sending message");
@@ -337,13 +360,13 @@ namespace transport
 		delete timer;
 	}	
 		
-	void Transports::CloseSession (const i2p::data::RouterInfo * router)
+	void Transports::CloseSession (std::shared_ptr<const i2p::data::RouterInfo> router)
 	{
 		if (!router) return;
 		m_Service.post (boost::bind (&Transports::PostCloseSession, this, router));    
 	}	
 
-	void Transports::PostCloseSession (const i2p::data::RouterInfo * router)
+	void Transports::PostCloseSession (std::shared_ptr<const i2p::data::RouterInfo> router)
 	{
 		auto ssuSession = m_SSUServer ? m_SSUServer->FindSession (router) : nullptr;
 		if (ssuSession) // try SSU first
@@ -360,7 +383,7 @@ namespace transport
 		{
 			auto router = i2p::data::netdb.GetRandomRouter ();
 			if (router && router->IsSSU () && m_SSUServer)
-				m_SSUServer->GetSession (router.get (), true);  // peer test	
+				m_SSUServer->GetSession (router, true);  // peer test	
 		}	
 	}
 			

Transports.h

@@ -8,6 +8,7 @@
 #include <map>
 #include <queue>
 #include <string>
+#include <memory>
 #include <cryptopp/osrng.h>
 #include <boost/asio.hpp>
 #include "TransportSession.h"
@@ -63,25 +64,28 @@ namespace transport
 			i2p::transport::DHKeysPair * GetNextDHKeysPair ();	
 			void ReuseDHKeysPair (DHKeysPair * pair);
 
-			void AddNTCPSession (NTCPSession * session);
+			void AddNTCPSession (std::shared_ptr<NTCPSession> session);
-			void RemoveNTCPSession (NTCPSession * session);
+			void RemoveNTCPSession (std::shared_ptr<NTCPSession> session);
 			
-			NTCPSession * GetNextNTCPSession ();
+			std::shared_ptr<NTCPSession> GetNextNTCPSession ();
-			NTCPSession * FindNTCPSession (const i2p::data::IdentHash& ident);
+			std::shared_ptr<NTCPSession> FindNTCPSession (const i2p::data::IdentHash& ident);
 
 			void SendMessage (const i2p::data::IdentHash& ident, i2p::I2NPMessage * msg);
-			void CloseSession (const i2p::data::RouterInfo * router);
+			void CloseSession (std::shared_ptr<const i2p::data::RouterInfo> router);
 			
 		private:
 
 			void Run ();
-			void HandleAccept (NTCPServerConnection * conn, const boost::system::error_code& error);
+			void HandleAccept (std::shared_ptr<NTCPSession> conn, const boost::system::error_code& error);
-			void HandleAcceptV6 (NTCPServerConnection * conn, const boost::system::error_code& error);
+			void HandleAcceptV6 (std::shared_ptr<NTCPSession> conn, const boost::system::error_code& error);
 			void HandleResendTimer (const boost::system::error_code& ecode, boost::asio::deadline_timer * timer,
 				const i2p::data::IdentHash& ident, i2p::I2NPMessage * msg);
 			void PostMessage (const i2p::data::IdentHash& ident, i2p::I2NPMessage * msg);
-			void PostCloseSession (const i2p::data::RouterInfo * router);
+			void PostCloseSession (std::shared_ptr<const i2p::data::RouterInfo> router);
 			
+			void Connect (const boost::asio::ip::address& address, int port, std::shared_ptr<NTCPSession> conn);
+			void HandleConnect (const boost::system::error_code& ecode, std::shared_ptr<NTCPSession> conn);
+
 			void DetectExternalIP ();
 			
 		private:
@@ -92,7 +96,7 @@ namespace transport
 			boost::asio::io_service::work m_Work;
 			boost::asio::ip::tcp::acceptor * m_NTCPAcceptor, * m_NTCPV6Acceptor;
 
-			std::map<i2p::data::IdentHash, NTCPSession *> m_NTCPSessions;
+			std::map<i2p::data::IdentHash, std::shared_ptr<NTCPSession> > m_NTCPSessions;
 			SSUServer * m_SSUServer;
 
 			DHKeysPairSupplier m_DHKeysPairSupplier;

Tunnel.cpp

@@ -221,7 +221,7 @@ namespace tunnel
 		m_PendingTunnels.clear ();*/
 
 		for (auto& it: m_Pools)
-			delete it.second;
+			delete it;
 		m_Pools.clear ();
 	}	
 	
@@ -287,11 +287,11 @@ namespace tunnel
 		return tunnel;
 	}	
 
-	TunnelPool * Tunnels::CreateTunnelPool (i2p::garlic::GarlicDestination& localDestination, int numHops)
+	TunnelPool * Tunnels::CreateTunnelPool (i2p::garlic::GarlicDestination * localDestination, int numInboundHops, int numOutboundHops)
 	{
-		auto pool = new TunnelPool (localDestination, numHops);
+		auto pool = new TunnelPool (localDestination, numInboundHops, numOutboundHops);
 		std::unique_lock<std::mutex> l(m_PoolsMutex);
-		m_Pools[pool->GetIdentHash ()] = pool;
+		m_Pools.push_back (pool);
 		return pool;
 	}	
 
@@ -300,7 +300,10 @@ namespace tunnel
 		if (pool)
 		{	
 			StopTunnelPool (pool);
-			m_Pools.erase (pool->GetLocalDestination ().GetIdentHash ());
+			{
+				std::unique_lock<std::mutex> l(m_PoolsMutex);
+				m_Pools.remove (pool);
+			}	
 			for (auto it: m_PendingTunnels)
 				if (it.second->GetTunnelPool () == pool)
 					it.second->SetTunnelPool (nullptr);
@@ -466,9 +469,9 @@ namespace tunnel
 			if (!inboundTunnel) return;
 			LogPrint ("Creating one hop outbound tunnel...");
 			CreateTunnel<OutboundTunnel> (
-			  	new TunnelConfig (std::vector<const i2p::data::RouterInfo *> 
+			  	new TunnelConfig (std::vector<std::shared_ptr<const i2p::data::RouterInfo> > 
 				    { 
-						i2p::data::netdb.GetRandomRouter ().get ()
+						i2p::data::netdb.GetRandomRouter ()
 					},		
 		     		inboundTunnel->GetTunnelConfig ()));
 		}
@@ -510,7 +513,7 @@ namespace tunnel
 			LogPrint ("Creating zero hops inbound tunnel...");
 			CreateZeroHopsInboundTunnel ();
 			if (!m_ExploratoryPool)
-				m_ExploratoryPool = CreateTunnelPool (i2p::context, 2); // 2-hop exploratory
+				m_ExploratoryPool = CreateTunnelPool (&i2p::context, 2, 2); // 2-hop exploratory
 			return;
 		}
 		
@@ -519,9 +522,9 @@ namespace tunnel
 			// trying to create one more inbound tunnel			
 			LogPrint ("Creating one hop inbound tunnel...");
 			CreateTunnel<InboundTunnel> (
-				new TunnelConfig (std::vector<const i2p::data::RouterInfo *>
+				new TunnelConfig (std::vector<std::shared_ptr<const i2p::data::RouterInfo> >
 				    {              
-						i2p::data::netdb.GetRandomRouter ().get ()
+						i2p::data::netdb.GetRandomRouter ()
 					}));
 		}
 	}	
@@ -551,7 +554,7 @@ namespace tunnel
 		std::unique_lock<std::mutex> l(m_PoolsMutex);
 		for (auto it: m_Pools)
 		{	
-			TunnelPool * pool = it.second;
+			TunnelPool * pool = it;
 			if (pool->IsActive ())
 			{	
 				pool->CreateTunnels ();
@@ -609,9 +612,9 @@ namespace tunnel
 	void Tunnels::CreateZeroHopsInboundTunnel ()
 	{
 		CreateTunnel<InboundTunnel> (
-			new TunnelConfig (std::vector<const i2p::data::RouterInfo *>
+			new TunnelConfig (std::vector<std::shared_ptr<const i2p::data::RouterInfo> >
 			    { 
-					&i2p::context.GetRouterInfo ()
+					i2p::context.GetSharedRouterInfo ()
 				}));
 	}	
 }

Tunnel.h

@@ -79,7 +79,7 @@ namespace tunnel
 
 			void SendTunnelDataMsg (const uint8_t * gwHash, uint32_t gwTunnel, i2p::I2NPMessage * msg);
 			void SendTunnelDataMsg (const std::vector<TunnelMessageBlock>& msgs); // multiple messages
-			const i2p::data::RouterInfo * GetEndpointRouter () const 
+			std::shared_ptr<const i2p::data::RouterInfo> GetEndpointRouter () const 
 				{ return GetTunnelConfig ()->GetLastHop ()->router; }; 
 			size_t GetNumSentBytes () const { return m_Gateway.GetNumSentBytes (); };
 
@@ -129,7 +129,7 @@ namespace tunnel
 			void PostTunnelData (I2NPMessage * msg);
 			template<class TTunnel>
 			TTunnel * CreateTunnel (TunnelConfig * config, OutboundTunnel * outboundTunnel = 0);
-			TunnelPool * CreateTunnelPool (i2p::garlic::GarlicDestination& localDestination, int numHops);
+			TunnelPool * CreateTunnelPool (i2p::garlic::GarlicDestination * localDestination, int numInboundHops, int numOuboundHops);
 			void DeleteTunnelPool (TunnelPool * pool);
 			void StopTunnelPool (TunnelPool * pool);
 			
@@ -157,7 +157,7 @@ namespace tunnel
 			std::mutex m_TransitTunnelsMutex;
 			std::map<uint32_t, TransitTunnel *> m_TransitTunnels;
 			std::mutex m_PoolsMutex;
-			std::map<i2p::data::IdentHash, TunnelPool *> m_Pools;
+			std::list<TunnelPool *> m_Pools;
 			TunnelPool * m_ExploratoryPool;
 			i2p::util::Queue<I2NPMessage> m_Queue;
 

TunnelConfig.h

@@ -4,6 +4,7 @@
 #include <inttypes.h>
 #include <sstream>
 #include <vector>
+#include <memory>
 #include "aes.h"
 #include "RouterInfo.h"
 #include "RouterContext.h"
@@ -14,7 +15,7 @@ namespace tunnel
 {
 	struct TunnelHopConfig
 	{
-		const i2p::data::RouterInfo * router, * nextRouter;
+		std::shared_ptr<const i2p::data::RouterInfo> router, nextRouter;
 		uint32_t tunnelID, nextTunnelID;
 		uint8_t layerKey[32];
 		uint8_t ivKey[32];
@@ -26,7 +27,7 @@ namespace tunnel
 		i2p::crypto::TunnelDecryption decryption;	
 		int recordIndex; // record # in tunnel build message
 		
-		TunnelHopConfig (const i2p::data::RouterInfo * r)
+		TunnelHopConfig (std::shared_ptr<const i2p::data::RouterInfo> r)
 		{
 			CryptoPP::RandomNumberGenerator& rnd = i2p::context.GetRandomNumberGenerator ();
 			rnd.GenerateBlock (layerKey, 32);
@@ -36,14 +37,14 @@ namespace tunnel
 			isGateway = true;
 			isEndpoint = true;
 			router = r; 
-			nextRouter = 0;
+			//nextRouter = nullptr; 
 			nextTunnelID = 0;
 
-			next = 0;
+			next = nullptr;
-			prev = 0;
+			prev = nullptr;
 		}	
 
-		void SetNextRouter (const i2p::data::RouterInfo * r)
+		void SetNextRouter (std::shared_ptr<const i2p::data::RouterInfo> r)
 		{
 			nextRouter = r;
 			isEndpoint = false;
@@ -88,7 +89,7 @@ namespace tunnel
 		public:			
 			
 
-			TunnelConfig (std::vector<const i2p::data::RouterInfo *> peers, 
+			TunnelConfig (std::vector<std::shared_ptr<const i2p::data::RouterInfo> > peers, 
 				const TunnelConfig * replyTunnelConfig = nullptr) // replyTunnelConfig=nullptr means inbound
 			{
 				TunnelHopConfig * prev = nullptr;
@@ -109,7 +110,7 @@ namespace tunnel
 					m_LastHop->SetReplyHop (replyTunnelConfig->GetFirstHop ());
 				}	
 				else // inbound
-					m_LastHop->SetNextRouter (&i2p::context.GetRouterInfo ());
+					m_LastHop->SetNextRouter (i2p::context.GetSharedRouterInfo ());
 			}
 			
 			~TunnelConfig ()
@@ -184,7 +185,7 @@ namespace tunnel
 						if (hop->isGateway) // inbound tunnel
 							newHop->SetReplyHop (m_FirstHop); // use it as reply tunnel
 						else
-							newHop->SetNextRouter (&i2p::context.GetRouterInfo ());
+							newHop->SetNextRouter (i2p::context.GetSharedRouterInfo ());
 					}	
 					if (!hop->next) newConfig->m_FirstHop = newHop; // last hop
 									
@@ -195,7 +196,7 @@ namespace tunnel
 
 			TunnelConfig * Clone (const TunnelConfig * replyTunnelConfig = nullptr) const
 			{
-				std::vector<const i2p::data::RouterInfo *> peers;
+				std::vector<std::shared_ptr<const i2p::data::RouterInfo> > peers;
 				TunnelHopConfig * hop = m_FirstHop;
 				while (hop)
 				{

TunnelGateway.cpp

@@ -132,6 +132,7 @@ namespace tunnel
 	void TunnelGatewayBuffer::CreateCurrentTunnelDataMessage ()
 	{
 		m_CurrentTunnelDataMsg = NewI2NPMessage ();
+		m_CurrentTunnelDataMsg->Align (12);
 		// we reserve space for padding
 		m_CurrentTunnelDataMsg->offset += TUNNEL_DATA_MSG_SIZE + sizeof (I2NPHeader);
 		m_CurrentTunnelDataMsg->len = m_CurrentTunnelDataMsg->offset;

TunnelPool.cpp

@@ -10,9 +10,9 @@ namespace i2p
 {
 namespace tunnel
 {
-	TunnelPool::TunnelPool (i2p::garlic::GarlicDestination& localDestination, int numHops, int numTunnels):
+	TunnelPool::TunnelPool (i2p::garlic::GarlicDestination * localDestination, int numInboundHops, int numOutboundHops, int numTunnels):
-		m_LocalDestination (localDestination), m_NumHops (numHops), m_NumTunnels (numTunnels),
+		m_LocalDestination (localDestination), m_NumInboundHops (numInboundHops), m_NumOutboundHops (numOutboundHops),
-		m_IsActive (true)
+		m_NumTunnels (numTunnels), m_IsActive (true)
 	{
 	}
 
@@ -45,7 +45,8 @@ namespace tunnel
 			std::unique_lock<std::mutex> l(m_InboundTunnelsMutex);
 			m_InboundTunnels.insert (createdTunnel);
 		}
-		m_LocalDestination.SetLeaseSetUpdated ();
+		if (m_LocalDestination)
+			m_LocalDestination->SetLeaseSetUpdated ();
 	}
 
 	void TunnelPool::TunnelExpired (InboundTunnel * expiredTunnel)
@@ -183,13 +184,15 @@ namespace tunnel
 						std::unique_lock<std::mutex> l(m_InboundTunnelsMutex);
 						m_InboundTunnels.erase (it.second.second);
 					}
-					m_LocalDestination.SetLeaseSetUpdated ();
+					if (m_LocalDestination)
+						m_LocalDestination->SetLeaseSetUpdated ();
 				}	
 				else
 					it.second.second->SetState (eTunnelStateTestFailed);
 			}	
 		}
-		m_Tests.clear ();	
+		m_Tests.clear ();
+		// new tests	
 		auto it1 = m_OutboundTunnels.begin ();
 		auto it2 = m_InboundTunnels.begin ();
 		while (it1 != m_OutboundTunnels.end () && it2 != m_InboundTunnels.end ())
@@ -207,15 +210,26 @@ namespace tunnel
 			}
 			if (!failed)
 			{
-				uint32_t msgID = rnd.GenerateWord32 ();
+ 				uint32_t msgID = rnd.GenerateWord32 ();
-				m_Tests[msgID] = std::make_pair (*it1, *it2);
+ 				m_Tests[msgID] = std::make_pair (*it1, *it2);
-				(*it1)->SendTunnelDataMsg ((*it2)->GetNextIdentHash (), (*it2)->GetNextTunnelID (),
+ 				(*it1)->SendTunnelDataMsg ((*it2)->GetNextIdentHash (), (*it2)->GetNextTunnelID (),
 					CreateDeliveryStatusMsg (msgID));
 				it1++; it2++;
 			}	
 		}
 	}
 
+	void TunnelPool::ProcessGarlicMessage (I2NPMessage * msg)
+	{
+		if (m_LocalDestination)
+			m_LocalDestination->ProcessGarlicMessage (msg);
+		else
+		{
+			LogPrint (eLogWarning, "Local destination doesn't exist. Dropped");
+			DeleteI2NPMessage (msg);
+		}	
+	}	
+		
 	void TunnelPool::ProcessDeliveryStatus (I2NPMessage * msg)
 	{
 		I2NPDeliveryStatusMsg * deliveryStatus = (I2NPDeliveryStatusMsg *)msg->GetPayload ();
@@ -232,15 +246,25 @@ namespace tunnel
 			DeleteI2NPMessage (msg);
 		}
 		else
-			m_LocalDestination.ProcessDeliveryStatusMessage (msg);
+		{
+			if (m_LocalDestination)
+				m_LocalDestination->ProcessDeliveryStatusMessage (msg);
+			else
+			{	
+				LogPrint (eLogWarning, "Local destination doesn't exist. Dropped");
+				DeleteI2NPMessage (msg);
+			}	
+		}	
 	}
 
-	const i2p::data::RouterInfo * TunnelPool::SelectNextHop (const i2p::data::RouterInfo * prevHop) const
+	std::shared_ptr<const i2p::data::RouterInfo> TunnelPool::SelectNextHop (std::shared_ptr<const i2p::data::RouterInfo> prevHop) const
 	{
-		auto hop = m_NumHops >= 3 ? i2p::data::netdb.GetHighBandwidthRandomRouter (prevHop).get () :
+		bool isExploratory = (m_LocalDestination == &i2p::context); // TODO: implement it better
-			i2p::data::netdb.GetRandomRouter (prevHop).get ();
+		auto hop =  isExploratory ? i2p::data::netdb.GetRandomRouter (prevHop): 
+			i2p::data::netdb.GetHighBandwidthRandomRouter (prevHop);
+			
 		if (!hop)
-			hop = i2p::data::netdb.GetRandomRouter ().get ();
+			hop = i2p::data::netdb.GetRandomRouter ();
 		return hop;	
 	}	
 		
@@ -250,9 +274,9 @@ namespace tunnel
 		if (!outboundTunnel)
 			outboundTunnel = tunnels.GetNextOutboundTunnel ();
 		LogPrint ("Creating destination inbound tunnel...");
-		const i2p::data::RouterInfo * prevHop = &i2p::context.GetRouterInfo ();	
+		auto prevHop = i2p::context.GetSharedRouterInfo ();	
-		std::vector<const i2p::data::RouterInfo *> hops;
+		std::vector<std::shared_ptr<const i2p::data::RouterInfo> > hops;
-		int numHops = m_NumHops;
+		int numHops = m_NumInboundHops;
 		if (outboundTunnel)
 		{	
 			// last hop
@@ -294,9 +318,9 @@ namespace tunnel
 		{	
 			LogPrint ("Creating destination outbound tunnel...");
 
-			const i2p::data::RouterInfo * prevHop = &i2p::context.GetRouterInfo ();
+			auto prevHop = i2p::context.GetSharedRouterInfo ();
-			std::vector<const i2p::data::RouterInfo *> hops;
+			std::vector<std::shared_ptr<const i2p::data::RouterInfo> > hops;
-			for (int i = 0; i < m_NumHops; i++)
+			for (int i = 0; i < m_NumOutboundHops; i++)
 			{
 				auto hop = SelectNextHop (prevHop);
 				prevHop = hop;

TunnelPool.h

@@ -26,14 +26,11 @@ namespace tunnel
 	{
 		public:
 
-			TunnelPool (i2p::garlic::GarlicDestination& localDestination, int numHops, int numTunnels = 5);
+			TunnelPool (i2p::garlic::GarlicDestination * localDestination, int numInboundHops, int numOutboundHops, int numTunnels = 5);
 			~TunnelPool ();
-
+		
-			const uint8_t * GetEncryptionPrivateKey () const { return m_LocalDestination.GetEncryptionPrivateKey (); };
+			i2p::garlic::GarlicDestination * GetLocalDestination () const { return m_LocalDestination; };
-			const uint8_t * GetEncryptionPublicKey () const { return m_LocalDestination.GetEncryptionPublicKey (); };
+			void SetLocalDestination (i2p::garlic::GarlicDestination * destination) { m_LocalDestination = destination; };
-			const i2p::data::LocalDestination& GetLocalDestination () const { return m_LocalDestination; };			
-			i2p::garlic::GarlicDestination& GetGarlicDestination () const { return m_LocalDestination; };	
-			bool IsExploratory () const { return GetIdentHash () == i2p::context.GetIdentHash (); };		
 
 			void CreateTunnels ();
 			void TunnelCreated (InboundTunnel * createdTunnel);
@@ -42,10 +39,10 @@ namespace tunnel
 			void TunnelExpired (OutboundTunnel * expiredTunnel);
 			std::vector<InboundTunnel *> GetInboundTunnels (int num) const;
 			OutboundTunnel * GetNextOutboundTunnel (OutboundTunnel * suggested = nullptr) const;
-			InboundTunnel * GetNextInboundTunnel (InboundTunnel * suggested = nullptr) const;
+			InboundTunnel * GetNextInboundTunnel (InboundTunnel * suggested = nullptr) const;		
-			const i2p::data::IdentHash& GetIdentHash () const { return m_LocalDestination.GetIdentHash (); };			
 
 			void TestTunnels ();
+			void ProcessGarlicMessage (I2NPMessage * msg);
 			void ProcessDeliveryStatus (I2NPMessage * msg);
 
 			bool IsActive () const { return m_IsActive; };
@@ -61,12 +58,12 @@ namespace tunnel
 			template<class TTunnels>
 			typename TTunnels::value_type GetNextTunnel (TTunnels& tunnels, 
 				typename TTunnels::value_type suggested = nullptr) const;
-			const i2p::data::RouterInfo * SelectNextHop (const i2p::data::RouterInfo * prevHop) const;
+			std::shared_ptr<const i2p::data::RouterInfo> SelectNextHop (std::shared_ptr<const i2p::data::RouterInfo> prevHop) const;
 			
 		private:
 
-			i2p::garlic::GarlicDestination& m_LocalDestination;
+			i2p::garlic::GarlicDestination * m_LocalDestination;
-			int m_NumHops, m_NumTunnels;
+			int m_NumInboundHops, m_NumOutboundHops, m_NumTunnels;
 			mutable std::mutex m_InboundTunnelsMutex;
 			std::set<InboundTunnel *, TunnelCreationTimeCmp> m_InboundTunnels; // recent tunnel appears first
 			mutable std::mutex m_OutboundTunnelsMutex;

Win32/PurpleI2P.nsi

@@ -1,6 +1,6 @@
 # NSIS Installer script. (Tested with NSIS 2.64 on Windows 7)
 # Author: Mikal Villa (Meeh)
-# Version: 1.0
+# Version: 1.1
 Name PurpleI2P
 
 RequestExecutionLevel highest
@@ -9,7 +9,7 @@ ShowInstDetails show
 
 # General Symbol Definitions
 !define REGKEY "SOFTWARE\$(^Name)"
-!define VERSION 0.2.0.0
+!define VERSION 0.3.0.0
 !define COMPANY "The Privacy Solutions Project"
 !define URL "https://i2p.io"
 
@@ -64,13 +64,13 @@ Var StartMenuGroup
 !insertmacro MUI_LANGUAGE English
 
 # Installer attributes
-OutFile PurpleI2P-0.2.0.0-win32-setup.exe
+OutFile PurpleI2P-0.3.0.0-win32-setup.exe
 InstallDir $PROGRAMFILES\PurpleI2P
 CRCCheck on
 XPStyle on
 BrandingText " "
 ShowInstDetails show
-VIProductVersion 0.2.0.0
+VIProductVersion 0.3.0.0
 VIAddVersionKey ProductName PurpleI2P
 VIAddVersionKey ProductVersion "${VERSION}"
 VIAddVersionKey CompanyName "${COMPANY}"

Win32/i2pd.vcxproj

@@ -22,6 +22,7 @@
     <ClCompile Include="..\AddressBook.cpp" />
     <ClCompile Include="..\aes.cpp" />
     <ClCompile Include="..\base64.cpp" />
+	<ClCompile Include="..\BOB.cpp" />
     <ClCompile Include="..\CryptoConst.cpp" />
     <ClCompile Include="..\Daemon.cpp" />
     <ClCompile Include="..\DaemonWin32.cpp" />
@@ -62,6 +63,7 @@
   <ItemGroup>
     <ClInclude Include="..\AddressBook.h" />
     <ClInclude Include="..\base64.h" />
+	<ClInclude Include="..\BOB.h" />
     <ClInclude Include="..\CryptoConst.h" />
     <ClInclude Include="..\Daemon.h" />
     <ClInclude Include="..\ElGamal.h" />
@@ -278,4 +280,4 @@
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
   <ImportGroup Label="ExtensionTargets">
   </ImportGroup>
-</Project>
+</Project>

aes.cpp

@@ -25,7 +25,7 @@ namespace crypto
 		"movaps	%%xmm3, %%xmm4 \n" \
 		"pslldq	$4, %%xmm4 \n" \
 		"pxor %%xmm4, %%xmm3 \n" \
-	    "pslldq	$4, %%xmm4 \n" \
+		"pslldq	$4, %%xmm4 \n" \
 		"pxor %%xmm4, %%xmm3 \n" \
 		"pslldq	$4, %%xmm4 \n" \
 		"pxor %%xmm4, %%xmm3 \n" \
@@ -163,7 +163,7 @@ namespace crypto
 		__asm__
 		(
 		 	"movups	(%[iv]), %%xmm1 \n"
-		 	"block_e: \n"
+		 	"1: \n"
 		 	"movups	(%[in]), %%xmm0 \n"
 		 	"pxor %%xmm1, %%xmm0 \n"
 		 	EncryptAES256(sched)
@@ -172,7 +172,7 @@ namespace crypto
 		 	"add $16, %[in] \n"
 		 	"add $16, %[out] \n"
 		 	"dec %[num] \n"
-		 	"jnz block_e; \n"	 	
+		 	"jnz 1b \n"	 	
 		 	"movups	%%xmm1, (%[iv]) \n"
 			: 
 			: [iv]"r"(&m_LastBlock), [sched]"r"(m_ECBEncryption.GetKeySchedule ()), 
@@ -222,7 +222,7 @@ namespace crypto
 		__asm__
 		(
 			"movups	(%[iv]), %%xmm1 \n"
-		 	"block_d: \n"
+		 	"1: \n"
 		 	"movups	(%[in]), %%xmm0 \n"
 			"movaps %%xmm0, %%xmm2 \n"
 		 	DecryptAES256(sched)
@@ -232,7 +232,7 @@ namespace crypto
 		 	"add $16, %[in] \n"
 		 	"add $16, %[out] \n"
 		 	"dec %[num] \n"
-		 	"jnz block_d; \n"	 	
+		 	"jnz 1b \n"	 	
 		 	"movups	%%xmm1, (%[iv]) \n"
 			: 
 			: [iv]"r"(&m_IV), [sched]"r"(m_ECBDecryption.GetKeySchedule ()), 
@@ -289,7 +289,7 @@ namespace crypto
 			EncryptAES256(sched_iv)
 			"movups %%xmm0, (%[payload]) \n"
 			// encrypt data, IV is xmm1
-			"block_et: \n"
+			"1: \n"
 			"add $16, %[payload] \n"
 		 	"movups	(%[payload]), %%xmm0 \n"
 		 	"pxor %%xmm1, %%xmm0 \n"
@@ -297,7 +297,7 @@ namespace crypto
 		 	"movaps	%%xmm0, %%xmm1 \n"	
 		 	"movups	%%xmm0, (%[payload]) \n"
 		 	"dec %[num] \n"
-		 	"jnz block_et; \n"	 	
+		 	"jnz 1b \n"	 	
 			: 
 			: [sched_iv]"r"(m_IVEncryption.GetKeySchedule ()), [sched_l]"r"(m_LayerEncryption.GetKeySchedule ()), 
 			  [payload]"r"(payload), [num]"r"(63) // 63 blocks = 1008 bytes
@@ -324,7 +324,7 @@ namespace crypto
 			DecryptAES256(sched_iv)
 			"movups %%xmm0, (%[payload]) \n"
 			// decrypt data, IV is xmm1
-			"block_dt: \n"
+			"1: \n"
 			"add $16, %[payload] \n"
 			"movups	(%[payload]), %%xmm0 \n"
 			"movaps %%xmm0, %%xmm2 \n"
@@ -333,7 +333,7 @@ namespace crypto
 		 	"movups	%%xmm0, (%[payload]) \n"
 			"movaps %%xmm2, %%xmm1 \n"
 		 	"dec %[num] \n"
-		 	"jnz block_dt; \n"	 	
+		 	"jnz 1b \n"	 	
 			: 
 			: [sched_iv]"r"(m_IVDecryption.GetKeySchedule ()), [sched_l]"r"(m_LayerDecryption.GetKeySchedule ()), 
 			  [payload]"r"(payload), [num]"r"(63) // 63 blocks = 1008 bytes

aes.h

@@ -45,7 +45,7 @@ namespace crypto
 			AESAlignedBuffer ()
 			{
 				m_Buf = m_UnalignedBuffer;
-				uint8_t rem = ((uint64_t)m_Buf) & 0x0f;
+				uint8_t rem = ((size_t)m_Buf) & 0x0f;
 				if (rem)
 					m_Buf += (16 - rem);
 			}

api.cpp

@@ -21,9 +21,12 @@ namespace api
 		i2p::context.Init ();	
 	}
 
-	void StartI2P ()
+	void StartI2P (std::ostream * logStream)
 	{
-		StartLog (i2p::util::filesystem::GetAppName () + ".log");
+		if (logStream)
+			StartLog (logStream);
+		else
+			StartLog (i2p::util::filesystem::GetAppName () + ".log");
 		i2p::data::netdb.Start();
 		LogPrint("NetDB started");
 		i2p::transport::transports.Start();
@@ -44,16 +47,19 @@ namespace api
 		StopLog ();
 	}
 
-	i2p::client::ClientDestination * CreateLocalDestination (const i2p::data::PrivateKeys& keys, bool isPublic)
+	i2p::client::ClientDestination * CreateLocalDestination (const i2p::data::PrivateKeys& keys, bool isPublic,
+		const std::map<std::string, std::string> * params)
 	{
-		auto localDestination = new i2p::client::ClientDestination (keys, isPublic);
+		auto localDestination = new i2p::client::ClientDestination (keys, isPublic, params);
 		localDestination->Start ();
 		return localDestination;
 	}
 
-	i2p::client::ClientDestination * CreateLocalDestination (bool isPublic, i2p::data::SigningKeyType sigType)
+	i2p::client::ClientDestination * CreateLocalDestination (bool isPublic, i2p::data::SigningKeyType sigType,
+		const std::map<std::string, std::string> * params)
 	{
-		auto localDestination = new i2p::client::ClientDestination (isPublic, sigType);
+		i2p::data::PrivateKeys keys = i2p::data::PrivateKeys::CreateRandomKeys (sigType);
+		auto localDestination = new i2p::client::ClientDestination (keys, isPublic, params);
 		localDestination->Start ();
 		return localDestination;
 	}
@@ -73,9 +79,10 @@ namespace api
 			i2p::data::netdb.RequestDestination (remote, true, dest->GetTunnelPool ());
 	}
 
-	i2p::stream::Stream * CreateStream (i2p::client::ClientDestination * dest, const i2p::data::IdentHash& remote)
+	std::shared_ptr<i2p::stream::Stream> CreateStream (i2p::client::ClientDestination * dest, const i2p::data::IdentHash& remote)
 	{
-		auto leaseSet = i2p::data::netdb.FindLeaseSet (remote);
+		if (!dest) return nullptr;
+		auto leaseSet = dest->FindLeaseSet (remote);
 		if (leaseSet)
 		{
 			auto stream = dest->CreateStream (*leaseSet);
@@ -95,13 +102,10 @@ namespace api
 			dest->AcceptStreams (acceptor);
 	}
 
-	void DestroyStream (i2p::stream::Stream * stream)
+	void DestroyStream (std::shared_ptr<i2p::stream::Stream> stream)
 	{
 		if (stream)
-		{
 			stream->Close ();
-			i2p::stream::DeleteStream (stream);
-		}
 	}
 }
 }

api.h

@@ -0,0 +1,36 @@
+#ifndef API_H__
+#define API_H__
+
+#include <memory>
+#include <iostream>
+#include "Identity.h"
+#include "Destination.h"
+#include "Streaming.h"
+
+namespace i2p
+{
+namespace api
+{
+	// initialization start and stop	
+	void InitI2P (int argc, char* argv[], const char * appName);
+	void StartI2P (std::ostream * logStream = nullptr);
+	// write system log to logStream, if not specified to <appName>.log in application's folder
+	void StopI2P ();
+
+	// destinations
+	i2p::client::ClientDestination * CreateLocalDestination (const i2p::data::PrivateKeys& keys, bool isPublic = true,
+		const std::map<std::string, std::string> * params = nullptr); 
+	i2p::client::ClientDestination * CreateLocalDestination (bool isPublic = false, i2p::data::SigningKeyType sigType = i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA256_P256, 
+		const std::map<std::string, std::string> * params = nullptr); // transient destinations usually not published
+	void DestroyLocalDestination (i2p::client::ClientDestination * dest);
+
+	// streams
+	void RequestLeaseSet (i2p::client::ClientDestination * dest, const i2p::data::IdentHash& remote);
+	std::shared_ptr<i2p::stream::Stream> CreateStream (i2p::client::ClientDestination * dest, const i2p::data::IdentHash& remote);
+	void AcceptStream (i2p::client::ClientDestination * dest, const i2p::stream::StreamingDestination::Acceptor& acceptor);
+	void DestroyStream (std::shared_ptr<i2p::stream::Stream> stream);
+}
+}
+
+#endif
+

api/Makefile

@@ -1,33 +0,0 @@
-UNAME := $(shell uname -s)
-
-ifeq ($(UNAME),Darwin)
-	include ../Makefile.osx
-else ifeq ($(UNAME), FreeBSD)
-	include ../Makefile.bsd
-else
-	include ../Makefile.linux
-endif
-
-SHARED_LIB = libi2pd.so
-all: obj $(SHARED_LIB)
-
-$(SHARED_LIB): $(OBJECTS:obj/%=obj/%)
-	$(CXX) -shared -o $(SHARED_LIB) $^
-
-.SUFFIXES:
-.SUFFIXES:	.c .cc .C .cpp .o
-
-obj/%.o : ../%.cpp
-	$(CXX) -o $@ $< -c $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -I.. -fPIC $(CPU_FLAGS)
-
-obj/api.o: api.cpp
-	$(CXX) -o obj/api.o api.cpp -c $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -I.. -fPIC $(CPU_FLAGS)
-
-obj:
-	mkdir -p obj
-
-clean:
-	rm -fr obj $(SHARED_LIB)
-
-.PHONY: all
-.PHONY: clean

api/api.h

@@ -1,31 +0,0 @@
-#ifndef API_H__
-#define API_H__
-
-#include "Identity.h"
-#include "Destination.h"
-#include "Streaming.h"
-
-namespace i2p
-{
-namespace api
-{
-	// initialization start and stop	
-	void InitI2P (int argc, char* argv[], const char * appName);
-	void StartI2P ();
-	void StopI2P ();
-
-	// destinations
-	i2p::client::ClientDestination * CreateLocalDestination (const i2p::data::PrivateKeys& keys, bool isPublic = true); 
-	i2p::client::ClientDestination * CreateLocalDestination (bool isPublic = false, i2p::data::SigningKeyType sigType = i2p::data::SIGNING_KEY_TYPE_DSA_SHA1); // transient destinations usually not published
-	void DestoroyLocalDestination (i2p::client::ClientDestination * dest);
-
-	// streams
-	void RequestLeaseSet (i2p::client::ClientDestination * dest, const i2p::data::IdentHash& remote);
-	i2p::stream::Stream * CreateStream (i2p::client::ClientDestination * dest, const i2p::data::IdentHash& remote);
-	void AcceptStream (i2p::client::ClientDestination * dest, const i2p::stream::StreamingDestination::Acceptor& acceptor);
-	void DestroyStream (i2p::stream::Stream * stream);
-}
-}
-
-#endif
-

api/filelist.mk

@@ -1,19 +0,0 @@
-
-
-CPP_FILES := ../CryptoConst.cpp ../base64.cpp ../NTCPSession.cpp ../RouterInfo.cpp \
-	../Transports.cpp ../RouterContext.cpp ../NetDb.cpp ../LeaseSet.cpp Tunnel.cpp \
-	../TunnelEndpoint.cpp ../TunnelGateway.cpp ../TransitTunnel.cpp ../I2NPProtocol.cpp \
-	../Log.cpp ../Garlic.cpp ../Streaming.cpp ../Destination.cpp ../Identity.cpp \
-	../SSU.cpp ../SSUSession.cpp ../SSUData.cpp ../util.cpp ../Reseed.cpp ../SSUData.cpp \
-	../aes.cpp ../TunnelPool.cpp ../AddressBook.cpp ../Datagram.cpp api.cpp
-
-
-H_FILES := ../CryptoConst.h ../base64.h ../NTCPSession.h ../RouterInfo.h ../Transports.h \
-	../RouterContext.h ../NetDb.h ../LeaseSet.h ../Tunnel.h ../TunnelEndpoint.h \
-	../TunnelGateway.h ../TransitTunnel.h ../I2NPProtocol.h ../Log.h ../Garlic.h \
-	../Streaming.h ../Destination.h ../Identity.h ../SSU.h ../SSUSession.h ../SSUData.h \
-	../util.h ../Reseed.h ../SSUData.h ../aes.h ../TunnelPool.h ../AddressBook.h ../version.h \
-	../Signature.h ../TransportSession.h ../Datagram.h api.h
-
-OBJECTS = $(addprefix obj/, $(notdir $(CPP_FILES:.cpp=.o)))
-

base64.cpp

@@ -79,7 +79,7 @@ namespace data
 		     outCount = 4*n;
 		else
 		     outCount = 4*(n+1);
-		if (outCount > len) return -1;
+		if (outCount > len) return 0;
 		pd = (unsigned char *)OutBuffer;
 		for ( i = 0; i<n; i++ ){
 		     acc_1 = *ps++;
@@ -158,7 +158,7 @@ namespace data
 		     outCount = 3*n;
 		else {
 		     outCount = 0;
-		     return -1;
+		     return 0;
 		}
 		
 		ps = (unsigned char *)(InBuffer + InCount - 1);

build/CMakeLists.txt

@@ -4,20 +4,18 @@ project ( "i2pd" )
 # configurale options
 option(WITH_AESNI     "Use AES-NI instructions set" OFF)
 option(WITH_HARDENING "Use hardening compiler flags" OFF)
+option(WITH_LIBRARY   "Build library" ON)
+option(WITH_STATIC    "Static build" OFF)
 
 # paths
 set ( CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake_modules" )
 set ( CMAKE_SOURCE_DIR ".." )
 
-set (SOURCES
+set (COMMON_SRC
-  "${CMAKE_SOURCE_DIR}/AddressBook.cpp"
+  "${CMAKE_SOURCE_DIR}/AddressBook.cpp"	
   "${CMAKE_SOURCE_DIR}/CryptoConst.cpp"
-  "${CMAKE_SOURCE_DIR}/Daemon.cpp"
   "${CMAKE_SOURCE_DIR}/Garlic.cpp"
-  "${CMAKE_SOURCE_DIR}/HTTPProxy.cpp"
-  "${CMAKE_SOURCE_DIR}/HTTPServer.cpp"
   "${CMAKE_SOURCE_DIR}/I2NPProtocol.cpp"
-  "${CMAKE_SOURCE_DIR}/I2PTunnel.cpp"
   "${CMAKE_SOURCE_DIR}/Identity.cpp"
   "${CMAKE_SOURCE_DIR}/LeaseSet.cpp"
   "${CMAKE_SOURCE_DIR}/Log.cpp"
@@ -26,9 +24,9 @@ set (SOURCES
   "${CMAKE_SOURCE_DIR}/Reseed.cpp"
   "${CMAKE_SOURCE_DIR}/RouterContext.cpp"
   "${CMAKE_SOURCE_DIR}/RouterInfo.cpp"
-  "${CMAKE_SOURCE_DIR}/SOCKS.cpp"
   "${CMAKE_SOURCE_DIR}/SSU.cpp"
   "${CMAKE_SOURCE_DIR}/SSUData.cpp"
+  "${CMAKE_SOURCE_DIR}/SSUSession.cpp"
   "${CMAKE_SOURCE_DIR}/Streaming.cpp"
   "${CMAKE_SOURCE_DIR}/Destination.cpp"	
   "${CMAKE_SOURCE_DIR}/TransitTunnel.cpp"
@@ -37,21 +35,34 @@ set (SOURCES
   "${CMAKE_SOURCE_DIR}/Transports.cpp"
   "${CMAKE_SOURCE_DIR}/TunnelEndpoint.cpp"
   "${CMAKE_SOURCE_DIR}/TunnelPool.cpp"
-  "${CMAKE_SOURCE_DIR}/UPnP.cpp"
   "${CMAKE_SOURCE_DIR}/aes.cpp"
   "${CMAKE_SOURCE_DIR}/base64.cpp"
-  "${CMAKE_SOURCE_DIR}/i2p.cpp"
   "${CMAKE_SOURCE_DIR}/util.cpp"
-  "${CMAKE_SOURCE_DIR}/SAM.cpp"
-  "${CMAKE_SOURCE_DIR}/ClientContext.cpp"
   "${CMAKE_SOURCE_DIR}/Datagram.cpp"		
 )
 
+set (DAEMON_SRC
+  "${CMAKE_SOURCE_DIR}/BOB.cpp"	
+  "${CMAKE_SOURCE_DIR}/ClientContext.cpp"
+  "${CMAKE_SOURCE_DIR}/Daemon.cpp"
+  "${CMAKE_SOURCE_DIR}/HTTPProxy.cpp"
+  "${CMAKE_SOURCE_DIR}/HTTPServer.cpp"
+  "${CMAKE_SOURCE_DIR}/I2PTunnel.cpp"
+  "${CMAKE_SOURCE_DIR}/SAM.cpp"
+  "${CMAKE_SOURCE_DIR}/SOCKS.cpp"
+  "${CMAKE_SOURCE_DIR}/UPnP.cpp"
+  "${CMAKE_SOURCE_DIR}/i2p.cpp"
+)
+
+set (LIBRARY_SRC
+  "${CMAKE_SOURCE_DIR}/api.cpp"
+)
+
 file (GLOB HEADERS "${CMAKE_SOURCE_DIR}/*.h")
 
 # MSVS grouping
 source_group ("Header Files" FILES ${HEADERS})
-source_group ("Source Files" FILES ${SOURCES})
+source_group ("Source Files" FILES ${COMMON_SRC} ${DAEMON_SRC} ${LIBRARY_SRC})
 
 # Default build is Debug
 if (CMAKE_BUILD_TYPE STREQUAL "Release")
@@ -61,7 +72,7 @@ else ()
 endif ()
 
 # compiler flags customization (by vendor)
-add_definitions ( "-Wall -Wextra" )
+add_definitions ( "-Wall -Wextra -fPIC" )
 
 # check for c++11 support
 include(CheckCXXCompilerFlag)
@@ -80,7 +91,6 @@ if (CMAKE_CXX_COMPILER_ID STREQUAL "GNU")
     add_definitions( "-D_FORTIFY_SOURCE=2" )
     set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wformat -Wformat-security -Werror=format-security" )
     set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fstack-protector --param ssp-buffer-size=4" )
-    set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fPIE -pie" )
   endif ()
 elseif (CMAKE_CXX_COMPILER_ID STREQUAL "Clang")
   # more tweaks
@@ -88,13 +98,15 @@ endif ()
 
 # compiler flags customization (by system)
 if (CMAKE_SYSTEM_NAME STREQUAL "Linux")
-  list (APPEND SOURCES "../DaemonLinux.cpp")
+  list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/DaemonLinux.cpp")
 elseif (CMAKE_SYSTEM_NAME STREQUAL "FreeBSD")
-  list (APPEND SOURCES "../DaemonLinux.cpp")
+  list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/DaemonLinux.cpp")
   # "'sleep_for' is not a member of 'std::this_thread'" in gcc 4.7/4.8
   add_definitions( "-D_GLIBCXX_USE_NANOSLEEP=1" )
+elseif (CMAKE_SYSTEM_NAME STREQUAL "Darwin")
+  list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/DaemonLinux.cpp")
 elseif (CMAKE_SYSTEM_NAME STREQUAL "Windows")
-  list (APPEND SOURCES "../DaemonWin32.cpp")
+  list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/DaemonWin32.cpp")
 endif ()
 
 if (WITH_AESNI)
@@ -115,7 +127,7 @@ if(NOT DEFINED CRYPTO++_INCLUDE_DIR)
 endif()
 
 # load includes
-include_directories( ${Boost_INCLUDE_DIRS} ${CRYPTO++_INCLUDE_DIR})
+include_directories( ${Boost_INCLUDE_DIRS} ${CRYPTO++_INCLUDE_DIR} "${CMAKE_SOURCE_DIR}/..")
 
 # show summary
 message(STATUS "---------------------------------------")
@@ -127,14 +139,26 @@ message(STATUS "Install prefix:    : ${CMAKE_INSTALL_PREFIX}")
 message(STATUS "Options:")
 message(STATUS "  AESNI            : ${WITH_AESNI}")
 message(STATUS "  HARDENING        : ${WITH_HARDENING}")
+message(STATUS "  LIBRARY          : ${WITH_LIBRARY}")
+message(STATUS "  STATIC BUILD     : ${WITH_STATIC}")
 message(STATUS "---------------------------------------")
 
-add_executable ( ${PROJECT_NAME} ${SOURCES} )
+add_executable ( ${PROJECT_NAME} ${COMMON_SRC} ${DAEMON_SRC})
 
 if (WITH_HARDENING AND CMAKE_CXX_COMPILER_ID STREQUAL "GNU")
   set_target_properties(${PROJECT_NAME} PROPERTIES LINK_FLAGS "-z relro -z now" )
 endif ()
 
+if (WITH_STATIC)
+  set(BUILD_SHARED_LIBS OFF)
+  set_target_properties(${PROJECT_NAME} PROPERTIES LINK_FLAGS "-static" )
+endif ()
+
 target_link_libraries( ${PROJECT_NAME} ${Boost_LIBRARIES} ${CRYPTO++_LIBRARIES} ${CMAKE_THREAD_LIBS_INIT} )
 
 install(TARGETS i2pd RUNTIME DESTINATION "bin")
+
+if (WITH_LIBRARY)
+  add_library("lib${PROJECT_NAME}" SHARED ${COMMON_SRC} ${LIBRARY_SRC})
+  install(TARGETS "lib${PROJECT_NAME}" LIBRARY DESTINATION "lib")
+endif ()

build/autotools/Makefile.in

@@ -115,7 +115,7 @@ am_i2p_OBJECTS = AddressBook.$(OBJEXT) CryptoConst.$(OBJEXT) \
 	TunnelGateway.$(OBJEXT) TunnelPool.$(OBJEXT) UPnP.$(OBJEXT) \
 	aes.$(OBJEXT) base64.$(OBJEXT) i2p.$(OBJEXT) util.$(OBJEXT) \
 	SAM.$(OBJEXT) Destination.$(OBJEXT) ClientContext.$(OBJEXT) \
-	Datagram.$(OBJEXT) SSUSession.$(OBJEXT)  
+	Datagram.$(OBJEXT) SSUSession.$(OBJEXT) BOB.$(OBJEXT)  
 i2p_OBJECTS = $(am_i2p_OBJECTS)
 i2p_LDADD = $(LDADD)
 AM_V_P = $(am__v_P_@AM_V@)
@@ -326,7 +326,7 @@ i2p_SOURCES = AddressBook.cpp CryptoConst.cpp Daemon.cpp		\
 		  Transports.cpp Tunnel.cpp TunnelEndpoint.cpp		\
 		  TunnelGateway.cpp TunnelPool.cpp UPnP.cpp aes.cpp	\
 		  base64.cpp i2p.cpp util.cpp SAM.cpp Destination.cpp \
-		  ClientContext.cpp	DataFram.cpp SSUSession.cpp					  \		
+		  ClientContext.cpp	DataFram.cpp SSUSession.cpp	BOB.cpp	\		
 		  							\
 		  AddressBook.h CryptoConst.h Daemon.h ElGamal.h	\
 		  Garlic.h HTTPProxy.h HTTPServer.h I2NPProtocol.h	\
@@ -338,7 +338,7 @@ i2p_SOURCES = AddressBook.cpp CryptoConst.cpp Daemon.cpp		\
 		  TunnelConfig.h TunnelEndpoint.h TunnelGateway.h	\
 		  TunnelPool.h UPnP.h aes.h base64.h config.h hmac.h	\
 		  util.h version.h Destination.h ClientContext.h	\
-		  TransportSession.h Datagram.h	SSUSession.h
+		  TransportSession.h Datagram.h	SSUSession.h BOB.h
 
 AM_LDFLAGS = @BOOST_DATE_TIME_LIB@ @BOOST_FILESYSTEM_LIB@		\
 		  @BOOST_PROGRAM_OPTIONS_LIB@ @BOOST_REGEX_LIB@		\
@@ -486,6 +486,7 @@ distclean-compile:
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/i2p.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/util.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/SAM.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/BOB.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ClientContext.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/Datagram.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/SSUSession.Po@am__quote@

contrib/certificates/reseed/bugme_at_mail.i2p.crt

@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIIFezCCA2OgAwIBAgIEUQYyQjANBgkqhkiG9w0BAQ0FADBuMQswCQYDVQQGEwJY
+WDELMAkGA1UECBMCWFgxCzAJBgNVBAcTAlhYMR4wHAYDVQQKExVJMlAgQW5vbnlt
+b3VzIE5ldHdvcmsxDDAKBgNVBAsTA0kyUDEXMBUGA1UEAwwOYnVnbWVAbWFpbC5p
+MnAwHhcNMTQxMTA2MDkxMTE0WhcNMjQxMTA1MDkxMTE0WjBuMQswCQYDVQQGEwJY
+WDELMAkGA1UECBMCWFgxCzAJBgNVBAcTAlhYMR4wHAYDVQQKExVJMlAgQW5vbnlt
+b3VzIE5ldHdvcmsxDDAKBgNVBAsTA0kyUDEXMBUGA1UEAwwOYnVnbWVAbWFpbC5p
+MnAwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCrThOH0eSDT0VnCSBC
+sqYmAydWH+O8eNttDXr2mSvZLhvAW+6/xHTkKhaWvkIvvS0Vh8hujMnD90Cgp4Fk
+TKCxMj9K527o5xIZwWW05OevbjlBwIpVLO1PjmsfsoD1nIX14eEzJSEoAulKsv7V
+jGUC/6hC11mmVvH9buQLSRv6sCjuAcMszmw3TAD+XYBIs+z57KuwYXtX3+OA543c
+l1/ZKLYkkwY8cwzZqWDVWqTKP5TfVae58t40HhJk3bOsr21FZsaOjlmao3GO+d/3
+exKuUGJRcolSqskL3sZ1ovFqko81obvvx0upI0YA0iMr/NRGl3VPuf/LJvRppYGc
+LsJHgy9TIgtHvaXRi5Nt4CbKl9sZh/7WkkTTI5YGvevu00btlabAN+DSAZZqdsB3
+wY8HhM1MHiA9SWsqwU65TwErcRrjNna2FiDHEu0xk5+/iAGl6CSKHZBmNcYKXSv8
+cwShB0jjmciK0a05nC638RPgj0fng7KRrSglyzfjXRrljmZ40LSBL/GGMZMWpOM7
+mEsBH5UZJ/2BEmjc9X9257zBdx8BK8y1TXpAligpNBsERcTw1WP1PJ35einZvlXW
+qI3GwMf0sl26sn+evcK0gDl27jVDZ45MtNQEq64M4NV3Tn9zq0eg/39YvjVeqrI5
+l7sxmYqYGR6BuSncwdc4x+t6swIDAQABoyEwHzAdBgNVHQ4EFgQU/REZ7NMbVZHr
+Xkao6Q8Ccqv2kAMwDQYJKoZIhvcNAQENBQADggIBACc2YjLVNbl1kJUdg2klCLJt
+5LjNTiIZa2Cha5GStlC/lyoRRge6+q/y9TN3tTptlzLPS9pI9EE1GfIQaE+HAk+e
+/bC3KUOAHgVuETvsNAbfpaVsPCdWpFuXmp/4b9iDN7qZy4afTKUPA/Ir/cLfNp14
+JULfP4z2yFOsCQZ5viNFAs1u99FrwobV2LBzUSIJQewsksuOwj96zIyau0Y629oJ
+k+og88Tifd9EH3MVZNGhdpojQDDdwHQSITnCDgfRP5yER1WIA4jg6l+mM90QkvLY
+5NjWTna5kJ3X6UizvgCk365yzT2sbN3R9UGXfCJa9GBcnnviJtJF3+/gC0abwY2f
+NtVYp32Xky45NY/NdRhDg0bjHP3psxmX+Sc0M9NuQcDQ+fUR+CzM0IGeiszkzXOs
+RG+bOou2cZ81G4oxWdAALHIRrn7VvLGlkFMxiIZyhYcTGQZzsTPT6n18dY99+DAV
+yQWZfIRdm8DOnt0G+cwfeohc/9ZwDmj4jJAAi0aeTXdY6NEGIVydk6MAycEhg2Hx
+9EV96kRwZNIW0AGY8CozECFL3Eyo2ClQVV4Q35SsBibsitDjM03usc2DJ/qjynXA
+C8HoOSWgbddiBvqZueqK8GdhykOy3J3ysr+MNN/lbG48LqkQr1OWxev9rGGQ6RJT
+wpBgPyAFAwouPy1whmnx
+-----END CERTIFICATE-----

contrib/certificates/ssl/ieb9oopo.mooo.com2.crt

@@ -0,0 +1,25 @@
+-----BEGIN CERTIFICATE-----
+MIIESzCCAzOgAwIBAgIJAKII1waVnWddMA0GCSqGSIb3DQEBCwUAMIG7MQswCQYD
+VQQGEwJERTEaMBgGA1UECAwRaWViOW9vcG8ubW9vby5jb20xGjAYBgNVBAcMEWll
+Yjlvb3BvLm1vb28uY29tMRowGAYDVQQKDBFpZWI5b29wby5tb29vLmNvbTEaMBgG
+A1UECwwRaWViOW9vcG8ubW9vby5jb20xGjAYBgNVBAMMEWllYjlvb3BvLm1vb28u
+Y29tMSAwHgYJKoZIhvcNAQkBFhFpZWI5b29wby5tb29vLmNvbTAeFw0xNDExMjIx
+MzQzNThaFw0yMDA1MTQxMzQzNThaMIG7MQswCQYDVQQGEwJERTEaMBgGA1UECAwR
+aWViOW9vcG8ubW9vby5jb20xGjAYBgNVBAcMEWllYjlvb3BvLm1vb28uY29tMRow
+GAYDVQQKDBFpZWI5b29wby5tb29vLmNvbTEaMBgGA1UECwwRaWViOW9vcG8ubW9v
+by5jb20xGjAYBgNVBAMMEWllYjlvb3BvLm1vb28uY29tMSAwHgYJKoZIhvcNAQkB
+FhFpZWI5b29wby5tb29vLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMhcnkSifOMw5bd66UlvYVsc42H22Nuy64qhtJHtggofrwBooF38kRCBVFL8
+9Xjzr0xsSshvO6p7E+CEUtA8v55l5vNbUTAvGP9WmzeZyZuCFg9Heo3orNMbIK7m
+ppwKhwh6tFEIEpUTz/+xF5NRt0+CqcS4aNHuH3JPwNugfTBuSa86GeSaqL7K4eEZ
+bZXqQ16Onvi0yyMqRJDp/ijRFxr2eKGPWb55kuRSET9PxVhlgRKULZkr39Dh9q1c
+wb9lAMLMRZIzPVnyvC9jWkIqSDl5bkAAto0n1Jkw92rRp6EVKgSLA/4vl9wTb6xf
+WfT5cs7pykAE0WXBr9TqpS3okncCAwEAAaNQME4wHQYDVR0OBBYEFGeEOHhWiKwZ
+TGbc7uuK3DD7YjYZMB8GA1UdIwQYMBaAFGeEOHhWiKwZTGbc7uuK3DD7YjYZMAwG
+A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAAzRA/0OpJtCO4kQkTn/hux9
+dRi9T6B54Xav5jG53iAPLTeMxsaLkvweh2pZ3kvEUrQhvW0JF8QBrHTsgxzb4Wd6
+FNDHSgJbZv3uCjFtWeuUh+GTG1k9uwgNIEnx7J9Vp0JCi4ezi/HMNI7c+LjinM9f
+hrAzclkeRPLYg645DkxckLyDUbrc9v1qWFoTpezXSBPO7n3Wk4sCytdoA1FkTdXh
+RF4BWCl/3uOxcrn0TqoC9vCh8RcxnllOiOO5j4+PQ1Z6NkQ/5oRCK/jjaWc3Lr6/
+FicOZJe29BVnrPGynqe0Ky1o+kTdXFflKowfr7g8dwn8k9YavjtGbl1ZSHeuMF8=
+-----END CERTIFICATE-----

contrib/certificates/ssl/link.mx24.eu.crt

@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIEDzCCAvegAwIBAgIJAMsPNG1k0yV4MA0GCSqGSIb3DQEBCwUAMIGdMQswCQYD
+VQQGEwJERTEVMBMGA1UECAwMbGluay5teDI0LmV1MRUwEwYDVQQHDAxsaW5rLm14
+MjQuZXUxFTATBgNVBAoMDGxpbmsubXgyNC5ldTEVMBMGA1UECwwMbGluay5teDI0
+LmV1MRUwEwYDVQQDDAxsaW5rLm14MjQuZXUxGzAZBgkqhkiG9w0BCQEWDGxpbmsu
+bXgyNC5ldTAeFw0xNDExMTkxOTE4NTRaFw0yMDA1MTExOTE4NTRaMIGdMQswCQYD
+VQQGEwJERTEVMBMGA1UECAwMbGluay5teDI0LmV1MRUwEwYDVQQHDAxsaW5rLm14
+MjQuZXUxFTATBgNVBAoMDGxpbmsubXgyNC5ldTEVMBMGA1UECwwMbGluay5teDI0
+LmV1MRUwEwYDVQQDDAxsaW5rLm14MjQuZXUxGzAZBgkqhkiG9w0BCQEWDGxpbmsu
+bXgyNC5ldTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL8modDBRkyh
+SHSm92pTfguO3F6n5ocsBJ4vaVoosYq3ILCsapjqmynMHZUef6gEB7+Gn5cKXsH2
+JaKOeb8DHrOFCaxfj187x1QfZj1UNMQblx2T9q4th12tqp+k4JuLwgemr+2uAUpM
+xx/uHRJXD0hf67+fHQFYNVfa+WvT46xlKGsWDQ0LBsA/z4YGnyeaV4PrS5nj3euA
+IbdfDj7rJea3bfhSqYA1ZH1cquKlsXOOYO5cIcXsa5dxDWX51QS+i7+ocph+JN1X
+dRh6ZirE9OXZVXwXXVRnJSYjgBlP/DQBdE7YkE1R3LyCVZsgxJaaLV/ujijOIK61
+SqEhHvFNRe0CAwEAAaNQME4wHQYDVR0OBBYEFB6XRz6VZlrAE+3xL6AyKrkq+y2X
+MB8GA1UdIwQYMBaAFB6XRz6VZlrAE+3xL6AyKrkq+y2XMAwGA1UdEwQFMAMBAf8w
+DQYJKoZIhvcNAQELBQADggEBADhxBA5GHisDVf5a+1hIi7FBGBjJJLqzlaKh+bFB
+gTCYfk3F4wYzndr1HpdCZSSYDtY3mXFNMWQCpwvwvy1DM+9AMRY68wKNXHa/WypW
+zQSqTfEH8cdaIXUALB7pdWFVr3rx0f7/8I0Gj/ByUbJ94rzd22vduX5riY0Rag6B
+dPtW0M9bJrC1AIjexzDcStupj9v/ceGYZQYC4zb2tZ7Ek/6q+vei8TxWZjku7Dl4
+YRPXXufyB24uQ1hJVy2fSyIJ63tIRJoEFLBNaKDOB53i10xLWBcsJpXKY57AOQMn
+flqW4HG8uGJ/o1WjhiOB9eI7T9toy08zNzt+kSI/blFIoek=
+-----END CERTIFICATE-----

contrib/certificates/ssl/www.cacert.org.crt

@@ -1,41 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIHPTCCBSWgAwIBAgIBADANBgkqhkiG9w0BAQQFADB5MRAwDgYDVQQKEwdSb290
-IENBMR4wHAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNB
-IENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRA
-Y2FjZXJ0Lm9yZzAeFw0wMzAzMzAxMjI5NDlaFw0zMzAzMjkxMjI5NDlaMHkxEDAO
-BgNVBAoTB1Jvb3QgQ0ExHjAcBgNVBAsTFWh0dHA6Ly93d3cuY2FjZXJ0Lm9yZzEi
-MCAGA1UEAxMZQ0EgQ2VydCBTaWduaW5nIEF1dGhvcml0eTEhMB8GCSqGSIb3DQEJ
-ARYSc3VwcG9ydEBjYWNlcnQub3JnMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
-CgKCAgEAziLA4kZ97DYoB1CW8qAzQIxL8TtmPzHlawI229Z89vGIj053NgVBlfkJ
-8BLPRoZzYLdufujAWGSuzbCtRRcMY/pnCujW0r8+55jE8Ez64AO7NV1sId6eINm6
-zWYyN3L69wj1x81YyY7nDl7qPv4coRQKFWyGhFtkZip6qUtTefWIonvuLwphK42y
-fk1WpRPs6tqSnqxEQR5YYGUFZvjARL3LlPdCfgv3ZWiYUQXw8wWRBB0bF4LsyFe7
-w2t6iPGwcswlWyCR7BYCEo8y6RcYSNDHBS4CMEK4JZwFaz+qOqfrU0j36NK2B5jc
-G8Y0f3/JHIJ6BVgrCFvzOKKrF11myZjXnhCLotLddJr3cQxyYN/Nb5gznZY0dj4k
-epKwDpUeb+agRThHqtdB7Uq3EvbXG4OKDy7YCbZZ16oE/9KTfWgu3YtLq1i6L43q
-laegw1SJpfvbi1EinbLDvhG+LJGGi5Z4rSDTii8aP8bQUWWHIbEZAWV/RRyH9XzQ
-QUxPKZgh/TMfdQwEUfoZd9vUFBzugcMd9Zi3aQaRIt0AUMyBMawSB3s42mhb5ivU
-fslfrejrckzzAeVLIL+aplfKkQABi6F1ITe1Yw1nPkZPcCBnzsXWWdsC4PDSy826
-YreQQejdIOQpvGQpQsgi3Hia/0PsmBsJUUtaWsJx8cTLc6nloQsCAwEAAaOCAc4w
-ggHKMB0GA1UdDgQWBBQWtTIb1Mfz4OaO873SsDrusjkY0TCBowYDVR0jBIGbMIGY
-gBQWtTIb1Mfz4OaO873SsDrusjkY0aF9pHsweTEQMA4GA1UEChMHUm9vdCBDQTEe
-MBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYDVQQDExlDQSBDZXJ0
-IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0QGNhY2Vy
-dC5vcmeCAQAwDwYDVR0TAQH/BAUwAwEB/zAyBgNVHR8EKzApMCegJaAjhiFodHRw
-czovL3d3dy5jYWNlcnQub3JnL3Jldm9rZS5jcmwwMAYJYIZIAYb4QgEEBCMWIWh0
-dHBzOi8vd3d3LmNhY2VydC5vcmcvcmV2b2tlLmNybDA0BglghkgBhvhCAQgEJxYl
-aHR0cDovL3d3dy5jYWNlcnQub3JnL2luZGV4LnBocD9pZD0xMDBWBglghkgBhvhC
-AQ0ESRZHVG8gZ2V0IHlvdXIgb3duIGNlcnRpZmljYXRlIGZvciBGUkVFIGhlYWQg
-b3ZlciB0byBodHRwOi8vd3d3LmNhY2VydC5vcmcwDQYJKoZIhvcNAQEEBQADggIB
-ACjH7pyCArpcgBLKNQodgW+JapnM8mgPf6fhjViVPr3yBsOQWqy1YPaZQwGjiHCc
-nWKdpIevZ1gNMDY75q1I08t0AoZxPuIrA2jxNGJARjtT6ij0rPtmlVOKTV39O9lg
-18p5aTuxZZKmxoGCXJzN600BiqXfEVWqFcofN8CCmHBh22p8lqOOLlQ+TyGpkO/c
-gr/c6EWtTZBzCDyUZbAEmXZ/4rzCahWqlwQ3JNgelE5tDlG+1sSPypZt90Pf6DBl
-Jzt7u0NDY8RD97LsaMzhGY4i+5jhe1o+ATc7iwiwovOVThrLm82asduycPAtStvY
-sONvRUgzEv/+PDIqVPfE94rwiCPCR/5kenHA0R6mY7AHfqQv0wGP3J8rtsYIqQ+T
-SCX8Ev2fQtzzxD72V7DX3WnRBnc0CkvSyqD/HMaMyRa+xMwyN2hzXwj7UfdJUzYF
-CpUCTPJ5GhD22Dp1nPMd8aINcGeGG7MW9S/lpOt5hvk9C8JzC6WZrG/8Z7jlLwum
-GCSNe9FINSkYQKyTYOGWhlC0elnYjyELn8+CkcY7v2vcB5G5l1YjqrZslMZIBjzk
-zk6q5PYvCdxTby78dOs6Y5nCpqyJvKeyRKANihDjbPIky/qbn3BHLt4Ui9SyIAmW
-omTxJBzcoTWcFbLUvFUufQb1nA5V9FrWk9p2rSVzTMVD
------END CERTIFICATE-----

filelist.mk

@@ -1,20 +1,14 @@
+COMMON_SRC = \
+  AddressBook.cpp CryptoConst.cpp Datagram.cpp Garlic.cpp I2NPProtocol.cpp \
+  LeaseSet.cpp Log.cpp NTCPSession.cpp NetDb.cpp Reseed.cpp RouterContext.cpp \
+  RouterInfo.cpp SSU.cpp SSUSession.cpp SSUData.cpp Streaming.cpp Identity.cpp \
+  TransitTunnel.cpp Transports.cpp Tunnel.cpp TunnelEndpoint.cpp TunnelPool.cpp \
+  TunnelGateway.cpp Destination.cpp util.cpp aes.cpp base64.cpp
 
+# also: Daemon{Linux,Win32}.cpp will be added later
+DAEMON_SRC = $(COMMON_SRC) \
+  BOB.cpp ClientContext.cpp Daemon.cpp I2PTunnel.cpp SAM.cpp SOCKS.cpp UPnP.cpp \
+  HTTPServer.cpp HTTPProxy.cpp i2p.cpp
 
-CPP_FILES := CryptoConst.cpp base64.cpp NTCPSession.cpp RouterInfo.cpp Transports.cpp \
+LIB_SRC := $(COMMON_SRC) \
-	RouterContext.cpp NetDb.cpp LeaseSet.cpp Tunnel.cpp TunnelEndpoint.cpp TunnelGateway.cpp \
+  api.cpp
-	TransitTunnel.cpp I2NPProtocol.cpp Log.cpp Garlic.cpp HTTPServer.cpp Streaming.cpp \
-	Destination.cpp Identity.cpp SSU.cpp SSUSession.cpp SSUData.cpp util.cpp Reseed.cpp \
-	DaemonLinux.cpp SSUData.cpp aes.cpp SOCKS.cpp UPnP.cpp TunnelPool.cpp HTTPProxy.cpp \
-	AddressBook.cpp Daemon.cpp I2PTunnel.cpp SAM.cpp ClientContext.cpp Datagram.cpp i2p.cpp
-
-
-H_FILES := CryptoConst.h base64.h NTCPSession.h RouterInfo.h Transports.h \
-	RouterContext.h NetDb.h LeaseSet.h Tunnel.h TunnelEndpoint.h TunnelGateway.h \
-	TransitTunnel.h I2NPProtocol.h Log.h Garlic.h HTTPServer.h Streaming.h Destination.h \
-	Identity.h SSU.h SSUSession.h SSUData.h util.h Reseed.h DaemonLinux.h SSUData.h \
-	aes.h SOCKS.h UPnP.h TunnelPool.h HTTPProxy.h AddressBook.h Daemon.h I2PTunnel.h \
-	version.h Signature.h SAM.h ClientContext.h TransportSession.h Datagram.h
-
-
-OBJECTS = $(addprefix obj/, $(notdir $(CPP_FILES:.cpp=.o)))
-

i2p.cpp

@@ -1,6 +1,7 @@
 #include <thread>
 #include <stdlib.h>
 #include "Daemon.h"
+#include "Reseed.h"
 
 int main( int argc, char* argv[] )
 {

util.cpp

@@ -211,6 +211,11 @@ namespace filesystem
 #endif
 #endif
 	}
+
+	boost::filesystem::path GetCertificatesDir()
+	{
+		return GetDataDir () / "certificates";
+	}	
 }
 
 namespace http

util.h

@@ -34,6 +34,7 @@ namespace util
 		boost::filesystem::path GetConfigFile();
 		void ReadConfigFile(std::map<std::string, std::string>& mapSettingsRet,
                 std::map<std::string, std::vector<std::string> >& mapMultiSettingsRet);
+		boost::filesystem::path GetCertificatesDir();
 	}
 
 	namespace http

version.h

@@ -2,7 +2,7 @@
 #define _VERSION_H_
 
 #define CODENAME "Purple"
-#define VERSION "0.3.0"
+#define VERSION "0.5.0"
-#define I2P_VERSION "0.9.16"
+#define I2P_VERSION "0.9.17"
 
 #endif