0.9.16 is a significant step forward in our plan to migrate from DSA to ECDSA and then EdDSA cryptographic signatures, and makes several other changes to increase your anonymity and security. Client tunnels for standard, IRC, and SOCKS IRC will use ECDSA signatures by default. In addition, we've fixed a large number of serious bugs, including console lockups.
Changes in router data structures will require i2pcontrol plugin users to update to version 0.0.9.
If you run an eepsite or a service and you are not running a recent release, or your Java or OS does not support ECDSA (as noted in the logs and on the /logs page in the console), please fix the issue as soon as possible or your users will soon be unable to connect.
Zoals gewoonlijk raden we aan om bij te werken naar deze uitgave. De beste manier om veiligheid te onderhouden en het netwerk te helpen is om de laatste uitgave te gebruiken.
RELEASE DETAILS
Changes
- Add support for stronger Router Info signatures
- Encrypt RI lookups and responses on faster boxes
- Require I2CP authorization for all messages when enabled (requires 0.9.11 or higher client)
- Disable SSLv3 and older ciphers for reseeding and other uses of SSL
- Use ECDSA by default for i2ptunnel IRC, SOCKS-IRC, and standard client tunnels
- Don't prefer floodfills in some countries
- New column sorting, set-all priority buttons, and upload ratio display in i2psnark
- Increase i2psnark tunnel default to 3 hops
- Implement bundling of multiple fragments in a single SSU message for efficiency
- New add-to-addressbook links on netdb leaseset page
- Implement I2NP DatabaseLookupMessage search type field to improve lookup efficiency
Bug Fixes
- CPUID fixes and updates for recent processors
- i2psnark fix magnet links with %-encoding
- Improve handling of SSU socket closing out from under us (hopefully fix 100% CPU)
- SSU bitfield handling fixes
- Fix HTTP header issues in i2psnark
- Fix rare NPE when building garlic message
- Fix console lockups (hopefully)
- Fix i2ptunnel js confirm-delete
Overige
- Move router data structures from i2p.jar to router.jar (breaks i2pcontrol plugin)
- New router keys now stored in router.keys.dat (eepPriv.dat format) instead of router.keys
- Improve handling of unsupported encryption throughout
- More error checking of client I2CP messages by the router
- Initial work on hooks for pluggable transports
- Enforce request timestamp in tunnel build messages
- Re-enable message status in streaming, but treat no leaseset as a soft failure for now
- Return unused DH keypairs to the pool for efficiency
- Raise failsafe tagset limit and improve deletion strategy when hit
- Change eepsite Jetty threadpool and queue configuration (new installs only)
- NTCP establishment refactoring in prep for NTCP2 and PT
- Jetty 8.1.16-v20140903
- Translation updates
- Update GeoIP data (new installs and PPA only)
SHA256 Checksums:
186bbe30a37802b6201fe129516e2d9515925cfc60e2f68645eb6413ec172953 i2pinstall_0.9.16_windows.exe 5b2a1e23273e1d76a071142adc58b836ed300e2c1f2fd80d330ac61632fab173 i2pinstall_0.9.16.jar ebc319585b9c58127676243694151c45296a56abaf51a36ae5919be3fc7f544e i2psource_0.9.16.tar.bz2 06f3ab867499fa8407f5bcf52ccee196031df6f0b76b000db98b74ef61ecd24f i2pupdate_0.9.16.zip 7d32cc4c90b35e0eedf6a75377dc3bd4b4dc962e5a42a57fdcc0df500bd2e924 i2pupdate.su2 867739321ee4e3c6e418e99f10b6337ccb3e2aeb2e32979734b209b2310c9e8e i2pupdate.su3 b7bd6b420c1ebc58aa23860b26594acc549ea26116c39c911a0b49091f954b52 i2pupdate.sud