Hi,
Here are patches updating net/i2pd to the latest version (2.46.0), one
for -current and one for -stable.
The I2P network suffers from ongoing Denial of Service attacks [1]. i2pd
was severely affected - more than the java i2p implementation - to the
point of becoming almost unusable. This update contains mitigations
against these attacks.
With the attached patches, i2pd builds on amd64, 'make test' is passing,
albeit with warnings, and 'make port-lib-depends-check' is OK. I'm
running the port on -stable for more than 24 hours now, and it's doing
great (with a Tunnel creation success rate of more than 40%, which is
very good).
I'm submitting a patch for -stable because at this point the version on
-stable (2.41.0) has become basically useless.
I've taken the liberty to remove the MAINTAINER line in these patches,
since the maintainer seems to have totally disappeared for several
months, and their email account has been deactivated.
Best regards,
Ganymede
[1] See
https://geti2p.net/en/blog/post/2023/02/09/about_the_recent_denial_of_service_attacks
and
https://www.reddit.com/r/i2p/comments/10v9uxp/network_weather_report_stormy
Index: Makefile
===================================================================
RCS file: /cvs/ports/net/i2pd/Makefile,v
retrieving revision 1.15
diff -u -p -r1.15 Makefile
--- Makefile 14 Jan 2023 22:07:59 -0000 1.15
+++ Makefile 16 Feb 2023 01:50:25 -0000
@@ -2,12 +2,10 @@ COMMENT = client for the I2P anonymous n
GH_ACCOUNT = PurpleI2P
GH_PROJECT = i2pd
-GH_TAGNAME = 2.45.1
+GH_TAGNAME = 2.46.0
CATEGORIES = net
HOMEPAGE = https://i2pd.website
-
-MAINTAINER = Dimitri Karamazov <deserter...@danwin1210.me>
# BSD
PERMIT_PACKAGE = Yes
Index: distinfo
===================================================================
RCS file: /cvs/ports/net/i2pd/distinfo,v
retrieving revision 1.10
diff -u -p -r1.10 distinfo
--- distinfo 14 Jan 2023 22:07:59 -0000 1.10
+++ distinfo 16 Feb 2023 01:50:25 -0000
@@ -1,2 +1,2 @@
-SHA256 (i2pd-2.45.1.tar.gz) = qEsePLWsRfOa+Y5jKR00cl72czfhGsvg4kWs3npbK3I=
-SIZE (i2pd-2.45.1.tar.gz) = 631280
+SHA256 (i2pd-2.46.0.tar.gz) = 2qXke7K4D72qODayCehpAXiTQh9SJd/gGeXUPT+KhtQ=
+SIZE (i2pd-2.46.0.tar.gz) = 643087
Index: patches/patch-tests_Makefile
===================================================================
RCS file: /cvs/ports/net/i2pd/patches/patch-tests_Makefile,v
retrieving revision 1.7
diff -u -p -r1.7 patch-tests_Makefile
--- patches/patch-tests_Makefile 8 Jan 2023 21:29:06 -0000 1.7
+++ patches/patch-tests_Makefile 16 Feb 2023 01:50:25 -0000
@@ -1,39 +1,12 @@
Index: tests/Makefile
--- tests/Makefile.orig
+++ tests/Makefile
-@@ -1,5 +1,5 @@
- CXXFLAGS += -Wall -Wno-unused-parameter -Wextra -pedantic -O0 -g -std=c++11 -D_GLIBCXX_USE_NANOSLEEP=1 -pthread -Wl,--unresolved-symbols=ignore-in-object-files
+@@ -1,7 +1,7 @@
+ SYS := $(shell $(CXX) -dumpmachine)
+
+ CXXFLAGS += -Wall -Wno-unused-parameter -Wextra -pedantic -O0 -g -std=c++11 -D_GLIBCXX_USE_NANOSLEEP=1 -DOPENSSL_SUPPRESS_DEPRECATED -pthread -Wl,--unresolved-symbols=ignore-in-object-files
-INCFLAGS += -I../libi2pd
+CXXFLAGS += -Wall -Wextra -pedantic -g -std=c++11 -D_GLIBCXX_USE_NANOSLEEP=1 -I../libi2pd/ -pthread -Wl,--unresolved-symbols=ignore-in-object-files
- TESTS = test-gost test-gost-sig test-base-64 test-x25519 test-aeadchacha20poly1305 test-blinding test-elligator
-
-@@ -14,8 +14,8 @@ test-base-%: ../libi2pd/Base.cpp test-base-%.cpp
- test-gost: ../libi2pd/Gost.cpp ../libi2pd/I2PEndian.cpp test-gost.cpp
- $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto
-
--test-gost-sig: ../libi2pd/Gost.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Crypto.cpp ../libi2pd/Log.cpp test-gost-sig.cpp
-- $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system
-+test-gost-sig: ../libi2pd/Gost.cpp ../libi2pd/Config.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Crypto.cpp ../libi2pd/Log.cpp test-gost-sig.cpp
-+ $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system -lboost_program_options-mt
-
- test-x25519: ../libi2pd/Ed25519.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Log.cpp ../libi2pd/Crypto.cpp test-x25519.cpp
- $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system
-@@ -23,14 +23,14 @@ test-x25519: ../libi2pd/Ed25519.cpp ../libi2pd/I2PEndi
- test-aeadchacha20poly1305: ../libi2pd/Crypto.cpp ../libi2pd/ChaCha20.cpp ../libi2pd/Poly1305.cpp test-aeadchacha20poly1305.cpp
- $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system
-
--test-blinding: ../libi2pd/Crypto.cpp ../libi2pd/Blinding.cpp ../libi2pd/Ed25519.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Log.cpp ../libi2pd/util.cpp ../libi2pd/Identity.cpp ../libi2pd/Signature.cpp ../libi2pd/Timestamp.cpp test-blinding.cpp
-- $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system
-+test-blinding: ../libi2pd/Crypto.cpp ../libi2pd/Config.cpp ../libi2pd/Blinding.cpp ../libi2pd/Ed25519.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Log.cpp ../libi2pd/util.cpp ../libi2pd/Identity.cpp ../libi2pd/Signature.cpp ../libi2pd/Timestamp.cpp test-blinding.cpp
-+ $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system -lboost_program_options-mt
-
- test-elligator: ../libi2pd/Elligator.cpp ../libi2pd/Crypto.cpp test-elligator.cpp
- $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system
-
- run: $(TESTS)
-- @for TEST in $(TESTS); do ./$$TEST ; done
-+ @for TEST in $(TESTS); do echo -n "$$TEST: "; ./$$TEST && echo OK; done
+ LIBI2PD = ../libi2pd.a
- clean:
- rm -f $(TESTS)
Index: Makefile
===================================================================
RCS file: /cvs/ports/net/i2pd/Makefile,v
retrieving revision 1.10
diff -u -p -r1.10 Makefile
--- Makefile 11 Mar 2022 19:46:04 -0000 1.10
+++ Makefile 16 Feb 2023 09:23:14 -0000
@@ -2,12 +2,10 @@ COMMENT = client for the I2P anonymous n
GH_ACCOUNT = PurpleI2P
GH_PROJECT = i2pd
-GH_TAGNAME = 2.41.0
+GH_TAGNAME = 2.46.0
CATEGORIES = net
HOMEPAGE = https://i2pd.website
-
-MAINTAINER = Dimitri Karamazov <deserter...@danwin1210.me>
# BSD
PERMIT_PACKAGE = Yes
Index: distinfo
===================================================================
RCS file: /cvs/ports/net/i2pd/distinfo,v
retrieving revision 1.7
diff -u -p -r1.7 distinfo
--- distinfo 28 Feb 2022 10:49:54 -0000 1.7
+++ distinfo 16 Feb 2023 09:23:14 -0000
@@ -1,2 +1,2 @@
-SHA256 (i2pd-2.41.0.tar.gz) = ezM80mZwkD7wZyz4eqn4lYFM4rvvLlh+adZq2UJ2ZOY=
-SIZE (i2pd-2.41.0.tar.gz) = 594453
+SHA256 (i2pd-2.46.0.tar.gz) = 2qXke7K4D72qODayCehpAXiTQh9SJd/gGeXUPT+KhtQ=
+SIZE (i2pd-2.46.0.tar.gz) = 643087
Index: patches/patch-tests_Makefile
===================================================================
RCS file: /cvs/ports/net/i2pd/patches/patch-tests_Makefile,v
retrieving revision 1.6
diff -u -p -r1.6 patch-tests_Makefile
--- patches/patch-tests_Makefile 11 Mar 2022 19:46:04 -0000 1.6
+++ patches/patch-tests_Makefile 16 Feb 2023 09:23:14 -0000
@@ -1,39 +1,12 @@
Index: tests/Makefile
--- tests/Makefile.orig
+++ tests/Makefile
-@@ -1,5 +1,5 @@
- CXXFLAGS += -Wall -Wno-unused-parameter -Wextra -pedantic -O0 -g -std=c++11 -D_GLIBCXX_USE_NANOSLEEP=1 -pthread -Wl,--unresolved-symbols=ignore-in-object-files
+@@ -1,7 +1,7 @@
+ SYS := $(shell $(CXX) -dumpmachine)
+
+ CXXFLAGS += -Wall -Wno-unused-parameter -Wextra -pedantic -O0 -g -std=c++11 -D_GLIBCXX_USE_NANOSLEEP=1 -DOPENSSL_SUPPRESS_DEPRECATED -pthread -Wl,--unresolved-symbols=ignore-in-object-files
-INCFLAGS += -I../libi2pd
+CXXFLAGS += -Wall -Wextra -pedantic -g -std=c++11 -D_GLIBCXX_USE_NANOSLEEP=1 -I../libi2pd/ -pthread -Wl,--unresolved-symbols=ignore-in-object-files
- TESTS = test-gost test-gost-sig test-base-64 test-x25519 test-aeadchacha20poly1305 test-blinding test-elligator
-
-@@ -14,8 +14,8 @@ test-base-%: ../libi2pd/Base.cpp test-base-%.cpp
- test-gost: ../libi2pd/Gost.cpp ../libi2pd/I2PEndian.cpp test-gost.cpp
- $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto
-
--test-gost-sig: ../libi2pd/Gost.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Crypto.cpp ../libi2pd/Log.cpp test-gost-sig.cpp
-- $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system
-+test-gost-sig: ../libi2pd/Gost.cpp ../libi2pd/Config.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Crypto.cpp ../libi2pd/Log.cpp test-gost-sig.cpp
-+ $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system -lboost_program_options-mt
-
- test-x25519: ../libi2pd/Ed25519.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Log.cpp ../libi2pd/Crypto.cpp test-x25519.cpp
- $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system
-@@ -23,14 +23,14 @@ test-x25519: ../libi2pd/Ed25519.cpp ../libi2pd/I2PEndi
- test-aeadchacha20poly1305: ../libi2pd/Crypto.cpp ../libi2pd/ChaCha20.cpp ../libi2pd/Poly1305.cpp test-aeadchacha20poly1305.cpp
- $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system
-
--test-blinding: ../libi2pd/Crypto.cpp ../libi2pd/Blinding.cpp ../libi2pd/Ed25519.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Log.cpp ../libi2pd/util.cpp ../libi2pd/Identity.cpp ../libi2pd/Signature.cpp ../libi2pd/Timestamp.cpp test-blinding.cpp
-- $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system
-+test-blinding: ../libi2pd/Crypto.cpp ../libi2pd/Config.cpp ../libi2pd/Blinding.cpp ../libi2pd/Ed25519.cpp ../libi2pd/I2PEndian.cpp ../libi2pd/Log.cpp ../libi2pd/util.cpp ../libi2pd/Identity.cpp ../libi2pd/Signature.cpp ../libi2pd/Timestamp.cpp test-blinding.cpp
-+ $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system -lboost_program_options-mt
-
- test-elligator: ../libi2pd/Elligator.cpp ../libi2pd/Crypto.cpp test-elligator.cpp
- $(CXX) $(CXXFLAGS) $(NEEDED_CXXFLAGS) $(INCFLAGS) -o $@ $^ -lcrypto -lssl -lboost_system
-
- run: $(TESTS)
-- @for TEST in $(TESTS); do ./$$TEST ; done
-+ @for TEST in $(TESTS); do echo -n "$$TEST: "; ./$$TEST && echo OK; done
+ LIBI2PD = ../libi2pd.a
- clean:
- rm -f $(TESTS)
Index: pkg/PLIST
===================================================================
RCS file: /cvs/ports/net/i2pd/pkg/PLIST,v
retrieving revision 1.6
diff -u -p -r1.6 PLIST
--- pkg/PLIST 11 Mar 2022 19:46:04 -0000 1.6
+++ pkg/PLIST 16 Feb 2023 09:23:14 -0000
@@ -7,7 +7,6 @@ include/i2pd/AddressBook.h
include/i2pd/BOB.h
include/i2pd/Base.h
include/i2pd/Blinding.h
-include/i2pd/BloomFilter.h
include/i2pd/CPU.h
include/i2pd/ChaCha20.h
include/i2pd/ClientContext.h
@@ -46,10 +45,8 @@ include/i2pd/RouterContext.h
include/i2pd/RouterInfo.h
include/i2pd/SAM.h
include/i2pd/SOCKS.h
-include/i2pd/SSU.h
include/i2pd/SSU2.h
-include/i2pd/SSUData.h
-include/i2pd/SSUSession.h
+include/i2pd/SSU2Session.h
include/i2pd/Signature.h
include/i2pd/Siphash.h
include/i2pd/Streaming.h
@@ -64,6 +61,7 @@ include/i2pd/TunnelConfig.h
include/i2pd/TunnelEndpoint.h
include/i2pd/TunnelGateway.h
include/i2pd/TunnelPool.h
+include/i2pd/UDPTunnel.h
include/i2pd/api.h
include/i2pd/util.h
include/i2pd/version.h
@@ -108,6 +106,7 @@ share/examples/i2pd/certificates/family/
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/family/mca2-i2p.crt
@owner
@group
+share/examples/i2pd/certificates/family/stormycloud.crt
share/examples/i2pd/certificates/family/volatile.crt
@owner _i2pd
@group _i2pd
@@ -156,6 +155,7 @@ share/examples/i2pd/certificates/reseed/
@sample ${LOCALSTATEDIR}/lib/i2pd/certificates/reseed/hottuna_at_mail.i2p.crt
@owner
@group
+share/examples/i2pd/certificates/reseed/i2p-reseed_at_mk16.de.crt
share/examples/i2pd/certificates/reseed/igor_at_novg.net.crt
@owner _i2pd
@group _i2pd
Index: pkg/README
===================================================================
RCS file: /cvs/ports/net/i2pd/pkg/README,v
retrieving revision 1.2
diff -u -p -r1.2 README
--- pkg/README 11 Mar 2022 19:46:04 -0000 1.2
+++ pkg/README 16 Feb 2023 09:23:14 -0000
@@ -5,11 +5,11 @@
Resource Limits: File Descriptors
=================================
-By default, the _i2pd user, and so the i2pd process runs in the login(1)
-class of "daemon". The default limits on file descriptors are
-insufficient to run i2pd; instead you should put the _i2pd user and
-process in their own login(1) class with tuned resources. You should
-also raise the system-wide maxfiles limit.
+By default, the i2pd process runs in the login(1) class of "daemon".
+The default limits on file descriptors are insufficient to run i2pd; instead you
+should put the _i2pd user and process in their own login(1) class with tuned
+resources.
+You should also raise the system-wide maxfiles limit.
1. Configure i2pd login class in the login.conf(5) file:
