2.34.0

Windows can throw WinAPI errors which are not handled by boost asio

Signed-off-by: R4SAS <r4sas@i2pmail.org>

.github/workflows/build-windows.yml

@@ -0,0 +1,29 @@
+name: Build on Windows
+
+on: [push, pull_request]
+
+defaults:
+  run:
+    shell: msys2 {0}
+
+jobs:
+  build:
+    name: Building for ${{ matrix.arch }}
+    runs-on: windows-latest
+    strategy:
+      fail-fast: true
+      matrix:
+        include: [
+          { msystem: MINGW64, arch: x86_64 },
+          { msystem: MINGW32, arch: i686   }
+        ]
+    steps:
+    - uses: actions/checkout@v2
+    - name: Setup MSYS2
+      uses: msys2/setup-msys2@v2
+      with:
+        msystem: ${{ matrix.msystem }}
+        install: base-devel mingw-w64-${{ matrix.arch }}-gcc mingw-w64-${{ matrix.arch }}-boost mingw-w64-${{ matrix.arch }}-openssl mingw-w64-${{ matrix.arch }}-miniupnpc
+        update: true
+    - name: build application
+      run: make USE_UPNP=yes DEBUG=no -j3

.github/workflows/build.yml

@@ -0,0 +1,21 @@
+name: Build on Ubuntu with make
+
+on: [push, pull_request]
+
+jobs:
+  build:
+    name: Building with USE_UPNP=${{ matrix.with_upnp }} flag
+    runs-on: ubuntu-16.04
+    strategy:
+      fail-fast: true
+      matrix:
+        with_upnp: ['yes', 'no']
+    steps:
+    - uses: actions/checkout@v2
+    - name: install packages
+      run: |
+        sudo add-apt-repository ppa:mhier/libboost-latest
+        sudo apt-get update
+        sudo apt-get install build-essential libboost1.74-dev libminiupnpc-dev libssl-dev zlib1g-dev
+    - name: build application
+      run: make USE_AVX=no USE_AESNI=no USE_UPNP=${{ matrix.with_upnp }} -j3

.gitignore

@@ -258,9 +258,15 @@ build/Makefile
 
 # qt 
 
-qt/i2pd_qt/*.ui.autosave
+qt/i2pd_qt/*.autosave
 qt/i2pd_qt/*.ui.bk*
 qt/i2pd_qt/*.ui_*
 
 #unknown android stuff
 android/libs/
+
+#various logs
+*LOGS/
+
+qt/build-*.sh*
+

.travis.yml

@@ -4,7 +4,7 @@ cache:
 os:
 - linux
 #- osx
-dist: trusty
+dist: xenial
 sudo: required
 compiler:
 - g++

ChangeLog

@@ -1,10 +1,188 @@
 # for this file format description,
 # see https://github.com/olivierlacan/keep-a-changelog
 
+## [2.34.0] - 2020-10-27
+### Added
+- Ping responses for streaming
+- STREAM FORWARD for SAM
+- Tunnels through ECIES-x25519 routers
+- Single thread for I2CP
+- Shared transient destination between proxies
+- Database lookups from ECIES destinations with ratchets response
+- Handle WebDAV HTTP methods 
+- Don't try to connect or build tunnels if offline
+- Validate IP when trying connect to remote peer
+- Handle ICMP responses and WinAPI errors for SSU
+### Changed
+- Removed NTCP
+- Dropped gcc 4.7 support
+- Encyption type 0,4 by default for client tunnels
+- Stripped out some HTTP header for HTTP server response
+- HTTP 1.1 addressbook requests
+- Set LeaseSet type to 3 for ratchets if not specified
+- Handle SSU v4 and v6 messages in one thread
+- Eliminate DH keys thread
+### Fixed
+- Random crashes on I2CP session disconnect
+- Stream through racthets hangs if first SYN was not acked
+- Check "Last-Modified" instead "If-Modified-Since" for addressbook reponse
+- Trim behind ECIESx25519 tags 
+- Few bugs with Android main activity
+- QT visual and layout issues
+
+## [2.33.0] - 2020-08-24
+### Added
+- Shared transient addresses
+- crypto.ratchet.inboundTags paramater
+- Multiple encryption keys through I2CP
+- Pre-calculated x25519 ephemeral keys
+- Change datagram routing path if nothing comes back in 10 seconds
+- Shared routing path for datagram session 
+### Changed
+- UDP tunnels send mix of repliable and raw datagrams in bulk
+- Encrypt SSU packet again upon resend
+- Start new tunnel message if remaining buffer is too small 
+- Use LeaseSet2 for ECIES-X25519-AEAD-Ratchet automatically
+- Save new ECIES-X25519-AEAD-Ratchet session with NSR tagset
+- Generate random padding lengths for ECIES-X25519-AEAD-Ratchet in bulk
+- Webconsole layout
+- Reseed servers list
+### Fixed
+- Don't connect through terminated SAM destination
+- Differentiate UDP server sessions by port 
+- ECIES-X25519-AEAD-Ratchet through I2CP
+- Don't save invalid address to AddressBook
+- ECDSA signatures names in SAM
+- AppArmor profile 
+
+## [2.32.1] - 2020-06-02
+### Added
+- Read explicit peers in tunnels config
+### Fixed
+- Generation of tags for detached sessions
+- Non-updating LeaseSet1
+- Start when deprecated websocket options present in i2pd.conf
+
+## [2.32.0] - 2020-05-25
+### Added
+- Multiple encryption types for local destinations
+- Next key and tagset for ECIES-X25519-AEAD-Ratchet
+- NTCP2 through SOCKS proxy
+- Throw error message if any port to bind is occupied
+- gzip parameter for UDP tunnels
+- Show ECIES-X25519-AEAD-Ratchet sessions and tags on the web console
+- Simplified implementation of gzip for no compression mode
+- Allow ECIES-X25519-AEAD-Ratchet session restart after 2 minutes
+- Added logrotate config for rpm package
+### Changed
+- Select peers for client tunnels among routers >= 0.9.36
+- Check ECIES flag for encrypted lookup reply
+- Streaming MTU size 1812 for ECIES-X25519-AEAD-Ratchet
+- Don't calculate checksum for Data message send through ECIES-X25519-AEAD-Ratchet
+- Catch network connectivity status for Windows
+- Stop as soon as no more transit tunnels during graceful shutdown for Android
+- RouterInfo gzip compression level depends on size
+- Send response to received datagram from ECIES-X25519-AEAD-Ratchet session
+- Update webconsole functional
+- Increased max transit tunnels limit
+- Reseeds list
+- Dropped windows support in cmake
+### Fixed
+- Correct timestamp check for LeaseSet2
+- Encrypted leaseset without authentication
+- Change SOCKS proxy connection response for clients without socks5h support (#1336)
+
+## [2.31.0] - 2020-04-10
+### Added
+- NTCP2 through HTTP proxy
+- Publish LeaseSet2 for I2CP destinations
+- Show status page on main activity for android
+- Handle ECIESFlag in DatabaseLookup at floodfill
+- C++17 features for eligible compilers
+### Changed
+- Droped Websockets and Lua support
+- Send DeliveryStatusMsg for LeaseSet for ECIES-X25519-AEAD-Ratchet
+- Keep sending new session reply until established for ECIES-X25519-AEAD-Ratchet
+- Updated SSU log messages
+- Reopen SSU socket on exception
+- Security hardening headers in web console
+- Various web console changes
+- Various QT changes
+### Fixed
+- NTCP2 socket descriptors leak
+- Race condition with router's identity in transport sessions
+- Not terminated streams remain forever
+
+## [2.30.0] - 2020-02-25
+### Added
+- Single threaded SAM
+- Experimental support of ECIES-X25519-AEAD-Ratchet crypto type
+### Changed
+- Minimal MTU size is 1280 for ipv6
+- Use unordered_map instead map for destination's sessions and tags list
+- Use std::shuffle instead std::random_shuffle
+- SAM is single threaded by default
+- Reseeds list
+### Fixed
+- Correct termination of streaming destination
+- Extra ',' in RouterInfo response in I2PControl
+- SAM crash on session termination
+- Storage for Android 10
+
+## [2.29.0] - 2019-10-21
+### Added
+- Client auth flag for b33 address
+### Changed
+- Remove incoming  NTCP2 session from pending list when established
+- Handle errors for NTCP2 SessionConfrimed send
+### Fixed
+- Failure to start on Windows XP
+- SAM crash if invalid lookup address
+- Possible crash when UPnP enabled on shutdown
+
+## [2.28.0] - 2019-08-27
+### Added
+- RAW datagrams in SAM
+- Publishing encrypted LeaseSet2 with DH or PSH authentication
+- Ability to disable battery optimization for Android
+- Transport Network ID Check
+### Changed
+- Set and handle published encrypted flag for LeaseSet2
+### Fixed
+- ReceiveID changes in the same stream
+- "\r\n" command terminator in SAM
+- Addressbook lines with signatures
+
+## [2.27.0] - 2019-07-03
+### Added
+- Support of PSK and DH authentication for encrypted LeaseSet2
+### Changed
+- Uptime is based on monotonic timer
+### Fixed
+- BOB status command response
+- Correct NTCP2 port if NTCP is disabled
+- Flood encrypted LeaseSet2 with store hash
+
+## [2.26.0] - 2019-06-07
+### Added
+- HTTP method "PROPFIND"
+- Detection of external ipv6 address through the SSU
+- NTCP2 publishing depends on network status
+### Changed
+- ntcp is disabled by default, ntcp2 is published by default
+- Response to BOB's "list" command
+- ipv6 address is not longer NTCP's local endpoint's address
+- Reseeds list
+- HTTP_REFERER stripping in httpproxy (#823)
+### Fixed
+- Check and handle incorrect BOB input
+- Ignore introducers for NTCP or NTCP2 addresses
+- RouterInfo check from NTCP2
+
 ## [2.25.0] - 2019-05-09
 ### Added
 - Create, publish and handle encrypted LeaseSet2
-- Support of b33 addresses 
+- Support of b33 addresses
 - RedDSA key blinding
 - .b32.i2p addresses in jump links
 - ntcp2.addressv6 parameter
@@ -36,7 +214,7 @@
 - Correct SAM response for invalid key
 - SAM crash on termination for Windows
 - Race condition for publishing
- 
+
 ## [2.23.0] - 2019-01-21
 ### Added
 - Standard LeaseSet2 support
@@ -95,7 +273,7 @@
 - NTCP2 is enabled by default
 - Show lease's expiration time in readable format in the web console
 ### Fixed
-- Correct names for transports in the web console 
+- Correct names for transports in the web console
 
 ## [2.19.0] - 2018-06-26
 ### Added

Makefile

@@ -27,10 +27,6 @@ else
 	LD_DEBUG = -s
 endif
 
-ifeq ($(WEBSOCKETS),1)
-	NEEDED_CXXFLAGS += -DWITH_EVENTS
-endif
-
 ifneq (, $(findstring darwin, $(SYS)))
 	DAEMON_SRC += $(DAEMON_SRC_DIR)/UnixDaemon.cpp
 	ifeq ($(HOMEBREW),1)
@@ -45,7 +41,7 @@ else ifneq (, $(findstring freebsd, $(SYS))$(findstring openbsd, $(SYS)))
 	DAEMON_SRC += $(DAEMON_SRC_DIR)/UnixDaemon.cpp
 	include Makefile.bsd
 else ifneq (, $(findstring mingw, $(SYS))$(findstring cygwin, $(SYS)))
-	DAEMON_SRC += Win32/DaemonWin32.cpp Win32/Win32Service.cpp Win32/Win32App.cpp
+	DAEMON_SRC += Win32/DaemonWin32.cpp Win32/Win32Service.cpp Win32/Win32App.cpp Win32/Win32NetState.cpp
 	include Makefile.mingw
 else # not supported
 	$(error Not supported platform)

Makefile.linux

@@ -1,5 +1,5 @@
 # set defaults instead redefine
-CXXFLAGS ?= ${CXX_DEBUG} -Wall -Wextra -Wno-unused-parameter -pedantic -Wno-misleading-indentation
+CXXFLAGS ?= ${CXX_DEBUG} -Wall -Wextra -Wno-unused-parameter -pedantic -Wno-misleading-indentation -Wno-psabi
 LDFLAGS ?= ${LD_DEBUG}
 
 ## NOTE: The NEEDED_CXXFLAGS are here so that custom CXXFLAGS can be specified at build time
@@ -15,13 +15,14 @@ ifeq ($(shell expr match $(CXX) 'clang'),5)
 	NEEDED_CXXFLAGS += -std=c++11
 else ifeq ($(shell expr match ${CXXVER} "4\.[0-9][0-9]"),4) # gcc >= 4.10
 	NEEDED_CXXFLAGS += -std=c++11
-else ifeq ($(shell expr match ${CXXVER} "4\.[7-9]"),3) # >= 4.7
+else ifeq ($(shell expr match ${CXXVER} "4\.[8-9]"),3) # gcc 4.8 - 4.9
 	NEEDED_CXXFLAGS += -std=c++11 -D_GLIBCXX_USE_NANOSLEEP=1
-else ifeq ($(shell expr match ${CXXVER} "4\.6"),3) # = 4.6
-	NEEDED_CXXFLAGS += -std=c++0x
-else ifeq ($(shell expr match ${CXXVER} "[5-9]"),1) # gcc >= 5
+else ifeq ($(shell expr match ${CXXVER} "[5-6]"),1) # gcc 5 - 6
 	NEEDED_CXXFLAGS += -std=c++11
 	LDLIBS = -latomic
+else ifeq ($(shell expr match ${CXXVER} "[1,7-9]"),1) # gcc >= 7
+	NEEDED_CXXFLAGS += -std=c++17
+	LDLIBS = -latomic
 else # not supported
 $(error Compiler too old)
 endif

Makefile.mingw

@@ -2,10 +2,19 @@ USE_WIN32_APP=yes
 CXX = g++
 WINDRES = windres
 CXXFLAGS := ${CXX_DEBUG} -D_MT -DWIN32 -D_WINDOWS -DWIN32_LEAN_AND_MEAN
-NEEDED_CXXFLAGS = -std=c++11
 INCFLAGS = -Idaemon -I.
 LDFLAGS := ${LD_DEBUG} -Wl,-Bstatic -static-libgcc -static-libstdc++
 
+# detect proper flag for c++11 support by compilers
+CXXVER := $(shell $(CXX) -dumpversion)
+ifeq ($(shell expr match ${CXXVER} "[4]\.[7-9]\|4\.1[0-9]\|[5-6]"),4) # gcc 4.7 - 6
+	NEEDED_CXXFLAGS += -std=c++11
+else ifeq ($(shell expr match ${CXXVER} "[1,7-9]"),1) # gcc >= 7
+	NEEDED_CXXFLAGS += -std=c++17
+else # not supported
+$(error Compiler too old)
+endif
+
 # Boost libraries suffix
 BOOST_SUFFIX = -mt
 
@@ -27,6 +36,8 @@ LDLIBS += \
 	-lws2_32 \
 	-lgdi32 \
 	-liphlpapi \
+	-lole32 \
+	-luuid \
 	-lstdc++ \
 	-lpthread
 
@@ -37,6 +48,10 @@ ifeq ($(USE_WIN32_APP), yes)
 	DAEMON_OBJS += $(patsubst %.rc,obj/%.o,$(DAEMON_RC))
 endif
 
+ifeq ($(USE_WINXP_FLAGS), yes)
+	CXXFLAGS += -DWINVER=0x0501 -D_WIN32_WINNT=0x0501
+endif
+
 # don't change following line to ifeq ($(USE_AESNI),yes) !!!
 ifeq ($(USE_AESNI),1)
 	CPU_FLAGS += -maes

Makefile.osx

@@ -2,6 +2,9 @@ CXX = clang++
 CXXFLAGS := ${CXX_DEBUG} -Wall -std=c++11 -DMAC_OSX
 INCFLAGS = -I/usr/local/include
 LDFLAGS := -Wl,-rpath,/usr/local/lib -L/usr/local/lib
+LDFLAGS += -Wl,-dead_strip
+LDFLAGS += -Wl,-dead_strip_dylibs
+LDFLAGS += -Wl,-bind_at_load
 
 ifeq ($(USE_STATIC),yes)
 	LDLIBS = -lz /usr/local/lib/libcrypto.a /usr/local/lib/libssl.a /usr/local/lib/libboost_system.a /usr/local/lib/libboost_date_time.a /usr/local/lib/libboost_filesystem.a /usr/local/lib/libboost_program_options.a -lpthread

README.md

@@ -1,5 +1,8 @@
-![GitHub release](https://img.shields.io/github/release/PurpleI2P/i2pd.svg?label=latest%20release)
-![GitHub](https://img.shields.io/github/license/PurpleI2P/i2pd.svg)
+[![GitHub release](https://img.shields.io/github/release/PurpleI2P/i2pd.svg?label=latest%20release)](https://github.com/PurpleI2P/i2pd/releases/latest)
+[![Snapcraft release](https://snapcraft.io/i2pd/badge.svg)](https://snapcraft.io/i2pd)
+[![License](https://img.shields.io/github/license/PurpleI2P/i2pd.svg)](https://github.com/PurpleI2P/i2pd/blob/openssl/LICENSE)
+[![Packaging status](https://repology.org/badge/tiny-repos/i2pd.svg)](https://repology.org/project/i2pd/versions)
+[![Docker Pulls](https://img.shields.io/docker/pulls/purplei2p/i2pd)](https://hub.docker.com/r/purplei2p/i2pd)
 
 i2pd
 ====
@@ -62,10 +65,12 @@ Build instructions:
 **Supported systems:**
 
 * GNU/Linux - [![Build Status](https://travis-ci.org/PurpleI2P/i2pd.svg?branch=openssl)](https://travis-ci.org/PurpleI2P/i2pd)
+  * CentOS / Fedora / Mageia - [![Build Status](https://copr.fedorainfracloud.org/coprs/supervillain/i2pd/package/i2pd-git/status_image/last_build.png)](https://copr.fedorainfracloud.org/coprs/supervillain/i2pd/package/i2pd-git/)
+  * Alpine, ArchLinux, openSUSE, Gentoo, Debian, Ubuntu, etc.
 * Windows - [![Build status](https://ci.appveyor.com/api/projects/status/1908qe4p48ff1x23?svg=true)](https://ci.appveyor.com/project/PurpleI2P/i2pd)
 * Mac OS X - [![Build Status](https://travis-ci.org/PurpleI2P/i2pd.svg?branch=openssl)](https://travis-ci.org/PurpleI2P/i2pd)
-* CentOS / Fedora / Mageia - [![Build Status](https://copr.fedorainfracloud.org/coprs/supervillain/i2pd/package/i2pd-git/status_image/last_build.png)](https://copr.fedorainfracloud.org/coprs/supervillain/i2pd/package/i2pd-git/)
-* Docker image - [![Build Status](https://dockerbuildbadges.quelltext.eu/status.svg?organization=meeh&repository=i2pd)](https://hub.docker.com/r/meeh/i2pd/builds/)
+* Docker image - [![Build Status](https://img.shields.io/docker/cloud/build/purplei2p/i2pd)](https://hub.docker.com/r/purplei2p/i2pd/builds/)
+* Snap - [![Snap Status](https://build.snapcraft.io/badge/PurpleI2P/i2pd-snap.svg)](https://build.snapcraft.io/user/PurpleI2P/i2pd-snap)
 * FreeBSD
 * Android
 * iOS

Win32/DaemonWin32.cpp

@@ -1,3 +1,11 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #include <thread>
 #include <clocale>
 #include "Config.h"
@@ -8,6 +16,7 @@
 #ifdef _WIN32
 #include "Win32/Win32Service.h"
 #ifdef WIN32_APP
+#include <windows.h>
 #include "Win32/Win32App.h"
 #endif
 
@@ -23,6 +32,11 @@ namespace util
 		setlocale(LC_ALL, "Russian");
 		setlocale(LC_TIME, "C");
 
+		i2p::log::SetThrowFunction ([](const std::string& s)
+			{
+				MessageBox(0, TEXT(s.c_str ()), TEXT("i2pd"), MB_ICONERROR | MB_TASKMODAL | MB_OK );
+			});
+
 		if (!Daemon_Singleton::init(argc, argv))
 			return false;
 

Win32/Win32App.cpp

@@ -1,454 +1,463 @@
-#include <string.h>
-#include <windows.h>
-#include <shellapi.h>
-#include "ClientContext.h"
-#include "Config.h"
-#include "NetDb.hpp"
-#include "RouterContext.h"
-#include "Transports.h"
-#include "Tunnel.h"
-#include "version.h"
-#include "resource.h"
-#include "Daemon.h"
-#include "Win32App.h"
-#include <stdio.h>
-
-#if defined(_MSC_VER) && _MSC_VER < 1900
-#define snprintf _snprintf
-#endif
-
-#define ID_ABOUT 2000
-#define ID_EXIT 2001
-#define ID_CONSOLE 2002
-#define ID_APP 2003
-#define ID_GRACEFUL_SHUTDOWN 2004
-#define ID_STOP_GRACEFUL_SHUTDOWN 2005
-#define ID_RELOAD 2006
-#define ID_ACCEPT_TRANSIT 2007
-#define ID_DECLINE_TRANSIT 2008
-
-#define ID_TRAY_ICON 2050
-#define WM_TRAYICON (WM_USER + 1)
-
-#define IDT_GRACEFUL_SHUTDOWN_TIMER 2100
-#define FRAME_UPDATE_TIMER 2101
-#define IDT_GRACEFUL_TUNNELCHECK_TIMER 2102
-
-namespace i2p
-{
-namespace win32
-{
-	static DWORD GracefulShutdownEndtime = 0;
-
-	static void ShowPopupMenu (HWND hWnd, POINT *curpos, int wDefaultItem)
-	{
-		HMENU hPopup = CreatePopupMenu();
-		InsertMenu (hPopup, -1, MF_BYPOSITION | MF_STRING, ID_CONSOLE, "Open &console");
-		InsertMenu (hPopup, -1, MF_BYPOSITION | MF_STRING, ID_APP, "Show app");
-		InsertMenu (hPopup, -1, MF_BYPOSITION | MF_STRING, ID_ABOUT, "&About...");
-		InsertMenu (hPopup, -1, MF_BYPOSITION | MF_SEPARATOR, 0, NULL);
-		if(!i2p::context.AcceptsTunnels())
-			InsertMenu (hPopup, -1,
-				i2p::util::DaemonWin32::Instance ().isGraceful ? MF_BYPOSITION | MF_STRING | MF_GRAYED : MF_BYPOSITION | MF_STRING,
-				ID_ACCEPT_TRANSIT, "Accept &transit");
-		else
-			InsertMenu (hPopup, -1, MF_BYPOSITION | MF_STRING, ID_DECLINE_TRANSIT, "Decline &transit");
-		InsertMenu (hPopup, -1, MF_BYPOSITION | MF_STRING, ID_RELOAD, "&Reload configs");
-		if (!i2p::util::DaemonWin32::Instance ().isGraceful)
-			InsertMenu (hPopup, -1, MF_BYPOSITION | MF_STRING, ID_GRACEFUL_SHUTDOWN, "&Graceful shutdown");
-		else
-			InsertMenu (hPopup, -1, MF_BYPOSITION | MF_STRING, ID_STOP_GRACEFUL_SHUTDOWN, "Stop &graceful shutdown");
-		InsertMenu (hPopup, -1, MF_BYPOSITION | MF_STRING, ID_EXIT, "E&xit");
-		SetMenuDefaultItem (hPopup, ID_CONSOLE, FALSE);
-		SendMessage (hWnd, WM_INITMENUPOPUP, (WPARAM)hPopup, 0);
-
-		POINT p;
-		if (!curpos)
-		{
-			GetCursorPos (&p);
-			curpos = &p;
-		}
-
-		WORD cmd = TrackPopupMenu (hPopup, TPM_LEFTALIGN | TPM_RIGHTBUTTON | TPM_RETURNCMD | TPM_NONOTIFY, curpos->x, curpos->y, 0, hWnd, NULL);
-		SendMessage (hWnd, WM_COMMAND, cmd, 0);
-
-		DestroyMenu(hPopup);
-	}
-
-	static void AddTrayIcon (HWND hWnd)
-	{
-		NOTIFYICONDATA nid;
-		memset(&nid, 0, sizeof(nid));
-		nid.cbSize = sizeof(nid);
-		nid.hWnd = hWnd;
-		nid.uID = ID_TRAY_ICON;
-		nid.uFlags = NIF_ICON | NIF_MESSAGE | NIF_TIP | NIF_INFO;
-		nid.uCallbackMessage = WM_TRAYICON;
-		nid.hIcon = LoadIcon (GetModuleHandle(NULL), MAKEINTRESOURCE (MAINICON));
-		strcpy (nid.szTip, "i2pd");
-		strcpy (nid.szInfo, "i2pd is starting");
-		Shell_NotifyIcon(NIM_ADD, &nid );
-	}
-
-	static void RemoveTrayIcon (HWND hWnd)
-	{
-		NOTIFYICONDATA nid;
-		nid.hWnd = hWnd;
-		nid.uID = ID_TRAY_ICON;
-		Shell_NotifyIcon (NIM_DELETE, &nid);
-	}
-
-	static void ShowUptime (std::stringstream& s, int seconds)
-	{
-		int num;
-
-		if ((num = seconds / 86400) > 0) {
-			s << num << " days, ";
-			seconds -= num * 86400;
-		}
-		if ((num = seconds / 3600) > 0) {
-			s << num << " hours, ";
-			seconds -= num * 3600;
-		}
-		if ((num = seconds / 60) > 0) {
-			s << num << " min, ";
-			seconds -= num * 60;
-		}
-		s << seconds << " seconds\n";
-	}
-
-	template <typename size> static void ShowTransfered (std::stringstream& s, size transfer)
-	{
-		auto bytes = transfer & 0x03ff;
-		transfer >>= 10;
-		auto kbytes = transfer & 0x03ff;
-		transfer >>= 10;
-		auto mbytes = transfer & 0x03ff;
-		transfer >>= 10;
-		auto gbytes = transfer & 0x03ff;
-
-		if (gbytes)
-			s << gbytes << " GB, ";
-		if (mbytes)
-			s << mbytes << " MB, ";
-		if (kbytes)
-			s << kbytes << " KB, ";
-		s << bytes << " Bytes\n";
-	}
-
-	static void PrintMainWindowText (std::stringstream& s)
-	{
-		s << "\n";
-		s << "Status: ";
-		switch (i2p::context.GetStatus())
-		{
-			case eRouterStatusOK: s << "OK"; break;
-			case eRouterStatusTesting: s << "Testing"; break;
-			case eRouterStatusFirewalled: s << "Firewalled"; break;
-			case eRouterStatusError:
-			{
-				switch (i2p::context.GetError())
-				{
-					case eRouterErrorClockSkew: s << "Clock skew"; break;
-					default: s << "Error";
-				}
-				break;
-			}
-			default: s << "Unknown";
-		}
-		s << "; ";
-		s << "Success Rate: " << i2p::tunnel::tunnels.GetTunnelCreationSuccessRate() << "%\n";
-		s << "Uptime: "; ShowUptime(s, i2p::context.GetUptime ());
-		if (GracefulShutdownEndtime != 0)
-		{
-			DWORD GracefulTimeLeft = (GracefulShutdownEndtime - GetTickCount()) / 1000;
-			s << "Graceful shutdown, time left: "; ShowUptime(s, GracefulTimeLeft);
-		}
-		else
-			s << "\n";
-		s << "Inbound: " << i2p::transport::transports.GetInBandwidth() / 1024 << " KiB/s; ";
-		s << "Outbound: " << i2p::transport::transports.GetOutBandwidth() / 1024 << " KiB/s\n";
-		s << "Received: "; ShowTransfered (s, i2p::transport::transports.GetTotalReceivedBytes());
-		s << "Sent: "; ShowTransfered (s, i2p::transport::transports.GetTotalSentBytes());
-		s << "\n";
-		s << "Routers: " << i2p::data::netdb.GetNumRouters () << "; ";
-		s << "Floodfills: " << i2p::data::netdb.GetNumFloodfills () << "; ";
-		s << "LeaseSets: " << i2p::data::netdb.GetNumLeaseSets () << "\n";
-		s << "Tunnels: ";
-		s << "In: " << i2p::tunnel::tunnels.CountInboundTunnels() << "; ";
-		s << "Out: " << i2p::tunnel::tunnels.CountOutboundTunnels() << "; ";
-		s << "Transit: " << i2p::tunnel::tunnels.CountTransitTunnels() << "\n";
-		s << "\n";
-	}
-
-	static LRESULT CALLBACK WndProc (HWND hWnd, UINT uMsg, WPARAM wParam, LPARAM lParam)
-	{
-		static UINT s_uTaskbarRestart;
-
-		switch (uMsg)
-		{
-			case WM_CREATE:
-			{
-				s_uTaskbarRestart = RegisterWindowMessage(TEXT("TaskbarCreated"));
-				AddTrayIcon (hWnd);
-				break;
-			}
-			case WM_CLOSE:
-			{
-				RemoveTrayIcon (hWnd);
-				KillTimer (hWnd, FRAME_UPDATE_TIMER);
-				KillTimer (hWnd, IDT_GRACEFUL_SHUTDOWN_TIMER);
-				KillTimer (hWnd, IDT_GRACEFUL_TUNNELCHECK_TIMER);
-				PostQuitMessage (0);
-				break;
-			}
-			case WM_COMMAND:
-			{
-				switch (LOWORD(wParam))
-				{
-					case ID_ABOUT:
-					{
-						std::stringstream text;
-						text << "Version: " << I2PD_VERSION << " " << CODENAME;
-						MessageBox( hWnd, TEXT(text.str ().c_str ()), TEXT("i2pd"), MB_ICONINFORMATION | MB_OK );
-						return 0;
-					}
-					case ID_EXIT:
-					{
-						PostMessage (hWnd, WM_CLOSE, 0, 0);
-						return 0;
-					}
-					case ID_ACCEPT_TRANSIT:
-					{
-						i2p::context.SetAcceptsTunnels (true);
-						std::stringstream text;
-						text << "I2Pd now accept transit tunnels";
-						MessageBox( hWnd, TEXT(text.str ().c_str ()), TEXT("i2pd"), MB_ICONINFORMATION | MB_OK );
-						return 0;
-					}
-					case ID_DECLINE_TRANSIT:
-					{
-						i2p::context.SetAcceptsTunnels (false);
-						std::stringstream text;
-						text << "I2Pd now decline new transit tunnels";
-						MessageBox( hWnd, TEXT(text.str ().c_str ()), TEXT("i2pd"), MB_ICONINFORMATION | MB_OK );
-						return 0;
-					}
-					case ID_GRACEFUL_SHUTDOWN:
-					{
-						i2p::context.SetAcceptsTunnels (false);
-						SetTimer (hWnd, IDT_GRACEFUL_SHUTDOWN_TIMER, 10*60*1000, nullptr); // 10 minutes
-						SetTimer (hWnd, IDT_GRACEFUL_TUNNELCHECK_TIMER, 1000, nullptr); // check tunnels every second
-						GracefulShutdownEndtime = GetTickCount() + 10*60*1000;
-						i2p::util::DaemonWin32::Instance ().isGraceful = true;
-						return 0;
-					}
-					case ID_STOP_GRACEFUL_SHUTDOWN:
-					{
-						i2p::context.SetAcceptsTunnels (true);
-						KillTimer (hWnd, IDT_GRACEFUL_SHUTDOWN_TIMER);
-						KillTimer (hWnd, IDT_GRACEFUL_TUNNELCHECK_TIMER);
-						GracefulShutdownEndtime = 0;
-						i2p::util::DaemonWin32::Instance ().isGraceful = false;
-						return 0;
-					}
-					case ID_RELOAD:
-					{
-						i2p::client::context.ReloadConfig();
-						std::stringstream text;
-						text << "I2Pd reloading configs...";
-						MessageBox( hWnd, TEXT(text.str ().c_str ()), TEXT("i2pd"), MB_ICONINFORMATION | MB_OK );
-						return 0;
-					}
-					case ID_CONSOLE:
-					{
-						char buf[30];
-						std::string httpAddr; i2p::config::GetOption("http.address", httpAddr);
-						uint16_t httpPort; i2p::config::GetOption("http.port", httpPort);
-						snprintf(buf, 30, "http://%s:%d", httpAddr.c_str(), httpPort);
-						ShellExecute(NULL, "open", buf, NULL, NULL, SW_SHOWNORMAL);
-						return 0;
-					}
-					case ID_APP:
-					{
-						ShowWindow(hWnd, SW_SHOW);
-						SetTimer(hWnd, FRAME_UPDATE_TIMER, 3000, NULL);
-						return 0;
-					}
-				}
-				break;
-			}
-			case WM_SYSCOMMAND:
-			{
-				switch (wParam)
-				{
-					case SC_MINIMIZE:
-					{
-						ShowWindow(hWnd, SW_HIDE);
-						KillTimer (hWnd, FRAME_UPDATE_TIMER);
-						return 0;
-					}
-					case SC_CLOSE:
-					{
-						std::string close; i2p::config::GetOption("close", close);
-						if (0 == close.compare("ask"))
-						switch(::MessageBox(hWnd, "Would you like to minimize instead of exiting?"
-						" You can add 'close' configuration option. Valid values are: ask, minimize, exit.",
-						"Minimize instead of exiting?", MB_ICONQUESTION | MB_YESNOCANCEL | MB_DEFBUTTON1))
-						{
-							case IDYES: close = "minimize"; break;
-							case IDNO: close = "exit"; break;
-							default: return 0;
-						}
-						if (0 == close.compare("minimize"))
-						{
-							ShowWindow(hWnd, SW_HIDE);
-							KillTimer (hWnd, FRAME_UPDATE_TIMER);
-							return 0;
-						}
-						if (0 != close.compare("exit"))
-						{
-							::MessageBox(hWnd, close.c_str(), "Unknown close action in config", MB_OK | MB_ICONWARNING);
-							return 0;
-						}
-					}
-				}
-			}
-			case WM_TRAYICON:
-			{
-				switch (lParam)
-				{
-					case WM_LBUTTONUP:
-					case WM_RBUTTONUP:
-					{
-						SetForegroundWindow (hWnd);
-						ShowPopupMenu(hWnd, NULL, -1);
-						PostMessage (hWnd, WM_APP + 1, 0, 0);
-						break;
-					}
-				}
-				break;
-			}
-			case WM_TIMER:
-			{
-				switch(wParam)
-				{
-					case IDT_GRACEFUL_SHUTDOWN_TIMER:
-					{
-						GracefulShutdownEndtime = 0;
-						PostMessage (hWnd, WM_CLOSE, 0, 0); // exit
-						return 0;
-					}
-					case FRAME_UPDATE_TIMER:
-					{
-						InvalidateRect(hWnd, NULL, TRUE);
-						return 0;
-					}
-					case IDT_GRACEFUL_TUNNELCHECK_TIMER:
-					{
-						if (i2p::tunnel::tunnels.CountTransitTunnels() == 0)
-							PostMessage (hWnd, WM_CLOSE, 0, 0);
-						else
-							SetTimer (hWnd, IDT_GRACEFUL_TUNNELCHECK_TIMER, 1000, nullptr);
-						return 0;
-					}
-				}
-				break;
-			}
-			case WM_PAINT:
-			{
-				HDC hDC;
-				PAINTSTRUCT ps;
-				RECT rp;
-				HFONT hFont;
-				std::stringstream s; PrintMainWindowText (s);
-				hDC = BeginPaint (hWnd, &ps);
-				GetClientRect(hWnd, &rp);
-				SetTextColor(hDC, 0x00D43B69);
-				hFont = CreateFont(18,0,0,0,0,0,0,0,DEFAULT_CHARSET,0,0,0,0,TEXT("Times New Roman"));
-				SelectObject(hDC,hFont);
-				DrawText(hDC, TEXT(s.str().c_str()), s.str().length(), &rp, DT_CENTER|DT_VCENTER);
-				DeleteObject(hFont);
-				EndPaint(hWnd, &ps);
-				break;
-			}
-			default:
-			{
-				if (uMsg == s_uTaskbarRestart)
-					AddTrayIcon (hWnd);
-				break;
-			}
-		}
-		return DefWindowProc( hWnd, uMsg, wParam, lParam);
-	}
-
-	bool StartWin32App ()
-	{
-		if (FindWindow (I2PD_WIN32_CLASSNAME, TEXT("i2pd")))
-		{
-			MessageBox(NULL, TEXT("I2Pd is running already"), TEXT("Warning"), MB_OK);
-			return false;
-		}
-		// register main window
-		auto hInst = GetModuleHandle(NULL);
-		WNDCLASSEX wclx;
-		memset (&wclx, 0, sizeof(wclx));
-		wclx.cbSize = sizeof(wclx);
-		wclx.style = 0;
-		wclx.lpfnWndProc = WndProc;
-		//wclx.cbClsExtra = 0;
-		//wclx.cbWndExtra = 0;
-		wclx.hInstance = hInst;
-		wclx.hIcon = LoadIcon (hInst, MAKEINTRESOURCE(MAINICON));
-		wclx.hCursor = LoadCursor (NULL, IDC_ARROW);
-		//wclx.hbrBackground = (HBRUSH)(COLOR_BTNFACE + 1);
-		wclx.hbrBackground = (HBRUSH)(COLOR_WINDOW + 1);
-		wclx.lpszMenuName = NULL;
-		wclx.lpszClassName = I2PD_WIN32_CLASSNAME;
-		RegisterClassEx (&wclx);
-		// create new window
-		if (!CreateWindow(I2PD_WIN32_CLASSNAME, TEXT("i2pd"), WS_OVERLAPPED | WS_CAPTION | WS_SYSMENU | WS_MINIMIZEBOX, 100, 100, 350, 210, NULL, NULL, hInst, NULL))
-		{
-			MessageBox(NULL, "Failed to create main window", TEXT("Warning!"), MB_ICONERROR | MB_OK | MB_TOPMOST);
-			return false;
-		}
-		return true;
-	}
-
-	int RunWin32App ()
-	{
-		MSG msg;
-		while (GetMessage (&msg, NULL, 0, 0 ))
-		{
-			TranslateMessage (&msg);
-			DispatchMessage (&msg);
-		}
-		return msg.wParam;
-	}
-
-	void StopWin32App ()
-	{
-		HWND hWnd = FindWindow (I2PD_WIN32_CLASSNAME, TEXT("i2pd"));
-		if (hWnd)
-			PostMessage (hWnd, WM_COMMAND, MAKEWPARAM(ID_EXIT, 0), 0);
-		UnregisterClass (I2PD_WIN32_CLASSNAME, GetModuleHandle(NULL));
-	}
-
-	bool GracefulShutdown ()
-	{
-		HWND hWnd = FindWindow (I2PD_WIN32_CLASSNAME, TEXT("i2pd"));
-		if (hWnd)
-			PostMessage (hWnd, WM_COMMAND, MAKEWPARAM(ID_GRACEFUL_SHUTDOWN, 0), 0);
-		return hWnd;
-	}
-
-	bool StopGracefulShutdown ()
-	{
-		HWND hWnd = FindWindow (I2PD_WIN32_CLASSNAME, TEXT("i2pd"));
-		if (hWnd)
-			PostMessage (hWnd, WM_COMMAND, MAKEWPARAM(ID_STOP_GRACEFUL_SHUTDOWN, 0), 0);
-		return hWnd;
-	}
-
-}
-}
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
+#include <stdio.h>
+#include <string.h>
+#include <windows.h>
+#include <shellapi.h>
+#include "ClientContext.h"
+#include "Config.h"
+#include "NetDb.hpp"
+#include "RouterContext.h"
+#include "Transports.h"
+#include "Tunnel.h"
+#include "version.h"
+#include "resource.h"
+#include "Daemon.h"
+#include "Win32App.h"
+#include "Win32NetState.h"
+
+#define ID_ABOUT 2000
+#define ID_EXIT 2001
+#define ID_CONSOLE 2002
+#define ID_APP 2003
+#define ID_GRACEFUL_SHUTDOWN 2004
+#define ID_STOP_GRACEFUL_SHUTDOWN 2005
+#define ID_RELOAD 2006
+#define ID_ACCEPT_TRANSIT 2007
+#define ID_DECLINE_TRANSIT 2008
+
+#define ID_TRAY_ICON 2050
+#define WM_TRAYICON (WM_USER + 1)
+
+#define IDT_GRACEFUL_SHUTDOWN_TIMER 2100
+#define FRAME_UPDATE_TIMER 2101
+#define IDT_GRACEFUL_TUNNELCHECK_TIMER 2102
+
+namespace i2p
+{
+namespace win32
+{
+	static DWORD GracefulShutdownEndtime = 0;
+
+	typedef DWORD (* IPN)();
+	IPN GetTickCountLocal = (IPN)GetProcAddress (GetModuleHandle ("KERNEL32.dll"), "GetTickCount");
+
+	static void ShowPopupMenu (HWND hWnd, POINT *curpos, int wDefaultItem)
+	{
+		HMENU hPopup = CreatePopupMenu();
+		InsertMenu (hPopup, -1, MF_BYPOSITION | MF_STRING, ID_CONSOLE, "Open &console");
+		InsertMenu (hPopup, -1, MF_BYPOSITION | MF_STRING, ID_APP, "Show app");
+		InsertMenu (hPopup, -1, MF_BYPOSITION | MF_STRING, ID_ABOUT, "&About...");
+		InsertMenu (hPopup, -1, MF_BYPOSITION | MF_SEPARATOR, 0, NULL);
+		if(!i2p::context.AcceptsTunnels())
+			InsertMenu (hPopup, -1,
+				i2p::util::DaemonWin32::Instance ().isGraceful ? MF_BYPOSITION | MF_STRING | MF_GRAYED : MF_BYPOSITION | MF_STRING,
+				ID_ACCEPT_TRANSIT, "Accept &transit");
+		else
+			InsertMenu (hPopup, -1, MF_BYPOSITION | MF_STRING, ID_DECLINE_TRANSIT, "Decline &transit");
+		InsertMenu (hPopup, -1, MF_BYPOSITION | MF_STRING, ID_RELOAD, "&Reload tunnels config");
+		if (!i2p::util::DaemonWin32::Instance ().isGraceful)
+			InsertMenu (hPopup, -1, MF_BYPOSITION | MF_STRING, ID_GRACEFUL_SHUTDOWN, "&Graceful shutdown");
+		else
+			InsertMenu (hPopup, -1, MF_BYPOSITION | MF_STRING, ID_STOP_GRACEFUL_SHUTDOWN, "Stop &graceful shutdown");
+		InsertMenu (hPopup, -1, MF_BYPOSITION | MF_STRING, ID_EXIT, "E&xit");
+		SetMenuDefaultItem (hPopup, ID_CONSOLE, FALSE);
+		SendMessage (hWnd, WM_INITMENUPOPUP, (WPARAM)hPopup, 0);
+
+		POINT p;
+		if (!curpos)
+		{
+			GetCursorPos (&p);
+			curpos = &p;
+		}
+
+		WORD cmd = TrackPopupMenu (hPopup, TPM_LEFTALIGN | TPM_RIGHTBUTTON | TPM_RETURNCMD | TPM_NONOTIFY, curpos->x, curpos->y, 0, hWnd, NULL);
+		SendMessage (hWnd, WM_COMMAND, cmd, 0);
+
+		DestroyMenu(hPopup);
+	}
+
+	static void AddTrayIcon (HWND hWnd)
+	{
+		NOTIFYICONDATA nid;
+		memset(&nid, 0, sizeof(nid));
+		nid.cbSize = sizeof(nid);
+		nid.hWnd = hWnd;
+		nid.uID = ID_TRAY_ICON;
+		nid.uFlags = NIF_ICON | NIF_MESSAGE | NIF_TIP | NIF_INFO;
+		nid.uCallbackMessage = WM_TRAYICON;
+		nid.hIcon = LoadIcon (GetModuleHandle(NULL), MAKEINTRESOURCE (MAINICON));
+		strcpy (nid.szTip, "i2pd");
+		strcpy (nid.szInfo, "i2pd is starting");
+		Shell_NotifyIcon(NIM_ADD, &nid );
+	}
+
+	static void RemoveTrayIcon (HWND hWnd)
+	{
+		NOTIFYICONDATA nid;
+		nid.hWnd = hWnd;
+		nid.uID = ID_TRAY_ICON;
+		Shell_NotifyIcon (NIM_DELETE, &nid);
+	}
+
+	static void ShowUptime (std::stringstream& s, int seconds)
+	{
+		int num;
+
+		if ((num = seconds / 86400) > 0) {
+			s << num << " days, ";
+			seconds -= num * 86400;
+		}
+		if ((num = seconds / 3600) > 0) {
+			s << num << " hours, ";
+			seconds -= num * 3600;
+		}
+		if ((num = seconds / 60) > 0) {
+			s << num << " min, ";
+			seconds -= num * 60;
+		}
+		s << seconds << " seconds\n";
+	}
+
+	template <typename size> static void ShowTransfered (std::stringstream& s, size transfer)
+	{
+		auto bytes = transfer & 0x03ff;
+		transfer >>= 10;
+		auto kbytes = transfer & 0x03ff;
+		transfer >>= 10;
+		auto mbytes = transfer & 0x03ff;
+		transfer >>= 10;
+		auto gbytes = transfer & 0x03ff;
+
+		if (gbytes)
+			s << gbytes << " GB, ";
+		if (mbytes)
+			s << mbytes << " MB, ";
+		if (kbytes)
+			s << kbytes << " KB, ";
+		s << bytes << " Bytes\n";
+	}
+
+	static void PrintMainWindowText (std::stringstream& s)
+	{
+		s << "\n";
+		s << "Status: ";
+		switch (i2p::context.GetStatus())
+		{
+			case eRouterStatusOK: s << "OK"; break;
+			case eRouterStatusTesting: s << "Testing"; break;
+			case eRouterStatusFirewalled: s << "Firewalled"; break;
+			case eRouterStatusError:
+			{
+				switch (i2p::context.GetError())
+				{
+					case eRouterErrorClockSkew: s << "Clock skew"; break;
+					default: s << "Error";
+				}
+				break;
+			}
+			default: s << "Unknown";
+		}
+		s << "; ";
+		s << "Success Rate: " << i2p::tunnel::tunnels.GetTunnelCreationSuccessRate() << "%\n";
+		s << "Uptime: "; ShowUptime(s, i2p::context.GetUptime ());
+		if (GracefulShutdownEndtime != 0)
+		{
+			DWORD GracefulTimeLeft = (GracefulShutdownEndtime - GetTickCountLocal()) / 1000;
+			s << "Graceful shutdown, time left: "; ShowUptime(s, GracefulTimeLeft);
+		}
+		else
+			s << "\n";
+		s << "Inbound: " << i2p::transport::transports.GetInBandwidth() / 1024 << " KiB/s; ";
+		s << "Outbound: " << i2p::transport::transports.GetOutBandwidth() / 1024 << " KiB/s\n";
+		s << "Received: "; ShowTransfered (s, i2p::transport::transports.GetTotalReceivedBytes());
+		s << "Sent: "; ShowTransfered (s, i2p::transport::transports.GetTotalSentBytes());
+		s << "\n";
+		s << "Routers: " << i2p::data::netdb.GetNumRouters () << "; ";
+		s << "Floodfills: " << i2p::data::netdb.GetNumFloodfills () << "; ";
+		s << "LeaseSets: " << i2p::data::netdb.GetNumLeaseSets () << "\n";
+		s << "Tunnels: ";
+		s << "In: " << i2p::tunnel::tunnels.CountInboundTunnels() << "; ";
+		s << "Out: " << i2p::tunnel::tunnels.CountOutboundTunnels() << "; ";
+		s << "Transit: " << i2p::tunnel::tunnels.CountTransitTunnels() << "\n";
+		s << "\n";
+	}
+
+	static LRESULT CALLBACK WndProc (HWND hWnd, UINT uMsg, WPARAM wParam, LPARAM lParam)
+	{
+		static UINT s_uTaskbarRestart;
+
+		switch (uMsg)
+		{
+			case WM_CREATE:
+			{
+				s_uTaskbarRestart = RegisterWindowMessage(TEXT("TaskbarCreated"));
+				AddTrayIcon (hWnd);
+				break;
+			}
+			case WM_CLOSE:
+			{
+				RemoveTrayIcon (hWnd);
+				KillTimer (hWnd, FRAME_UPDATE_TIMER);
+				KillTimer (hWnd, IDT_GRACEFUL_SHUTDOWN_TIMER);
+				KillTimer (hWnd, IDT_GRACEFUL_TUNNELCHECK_TIMER);
+				PostQuitMessage (0);
+				break;
+			}
+			case WM_COMMAND:
+			{
+				switch (LOWORD(wParam))
+				{
+					case ID_ABOUT:
+					{
+						std::stringstream text;
+						text << "Version: " << I2PD_VERSION << " " << CODENAME;
+						MessageBox( hWnd, TEXT(text.str ().c_str ()), TEXT("i2pd"), MB_ICONINFORMATION | MB_OK );
+						return 0;
+					}
+					case ID_EXIT:
+					{
+						PostMessage (hWnd, WM_CLOSE, 0, 0);
+						return 0;
+					}
+					case ID_ACCEPT_TRANSIT:
+					{
+						i2p::context.SetAcceptsTunnels (true);
+						std::stringstream text;
+						text << "I2Pd now accept transit tunnels";
+						MessageBox( hWnd, TEXT(text.str ().c_str ()), TEXT("i2pd"), MB_ICONINFORMATION | MB_OK );
+						return 0;
+					}
+					case ID_DECLINE_TRANSIT:
+					{
+						i2p::context.SetAcceptsTunnels (false);
+						std::stringstream text;
+						text << "I2Pd now decline new transit tunnels";
+						MessageBox( hWnd, TEXT(text.str ().c_str ()), TEXT("i2pd"), MB_ICONINFORMATION | MB_OK );
+						return 0;
+					}
+					case ID_GRACEFUL_SHUTDOWN:
+					{
+						i2p::context.SetAcceptsTunnels (false);
+						SetTimer (hWnd, IDT_GRACEFUL_SHUTDOWN_TIMER, 10*60*1000, nullptr); // 10 minutes
+						SetTimer (hWnd, IDT_GRACEFUL_TUNNELCHECK_TIMER, 1000, nullptr); // check tunnels every second
+						GracefulShutdownEndtime = GetTickCountLocal() + 10*60*1000;
+						i2p::util::DaemonWin32::Instance ().isGraceful = true;
+						return 0;
+					}
+					case ID_STOP_GRACEFUL_SHUTDOWN:
+					{
+						i2p::context.SetAcceptsTunnels (true);
+						KillTimer (hWnd, IDT_GRACEFUL_SHUTDOWN_TIMER);
+						KillTimer (hWnd, IDT_GRACEFUL_TUNNELCHECK_TIMER);
+						GracefulShutdownEndtime = 0;
+						i2p::util::DaemonWin32::Instance ().isGraceful = false;
+						return 0;
+					}
+					case ID_RELOAD:
+					{
+						i2p::client::context.ReloadConfig();
+						std::stringstream text;
+						text << "I2Pd reloading configs...";
+						MessageBox( hWnd, TEXT(text.str ().c_str ()), TEXT("i2pd"), MB_ICONINFORMATION | MB_OK );
+						return 0;
+					}
+					case ID_CONSOLE:
+					{
+						char buf[30];
+						std::string httpAddr; i2p::config::GetOption("http.address", httpAddr);
+						uint16_t httpPort; i2p::config::GetOption("http.port", httpPort);
+						snprintf(buf, 30, "http://%s:%d", httpAddr.c_str(), httpPort);
+						ShellExecute(NULL, "open", buf, NULL, NULL, SW_SHOWNORMAL);
+						return 0;
+					}
+					case ID_APP:
+					{
+						ShowWindow(hWnd, SW_SHOW);
+						SetTimer(hWnd, FRAME_UPDATE_TIMER, 3000, NULL);
+						return 0;
+					}
+				}
+				break;
+			}
+			case WM_SYSCOMMAND:
+			{
+				switch (wParam)
+				{
+					case SC_MINIMIZE:
+					{
+						ShowWindow(hWnd, SW_HIDE);
+						KillTimer (hWnd, FRAME_UPDATE_TIMER);
+						return 0;
+					}
+					case SC_CLOSE:
+					{
+						std::string close; i2p::config::GetOption("close", close);
+						if (0 == close.compare("ask"))
+						switch(::MessageBox(hWnd, "Would you like to minimize instead of exiting?"
+						" You can add 'close' configuration option. Valid values are: ask, minimize, exit.",
+						"Minimize instead of exiting?", MB_ICONQUESTION | MB_YESNOCANCEL | MB_DEFBUTTON1))
+						{
+							case IDYES: close = "minimize"; break;
+							case IDNO: close = "exit"; break;
+							default: return 0;
+						}
+						if (0 == close.compare("minimize"))
+						{
+							ShowWindow(hWnd, SW_HIDE);
+							KillTimer (hWnd, FRAME_UPDATE_TIMER);
+							return 0;
+						}
+						if (0 != close.compare("exit"))
+						{
+							::MessageBox(hWnd, close.c_str(), "Unknown close action in config", MB_OK | MB_ICONWARNING);
+							return 0;
+						}
+					}
+				}
+			}
+			case WM_TRAYICON:
+			{
+				switch (lParam)
+				{
+					case WM_LBUTTONUP:
+					case WM_RBUTTONUP:
+					{
+						SetForegroundWindow (hWnd);
+						ShowPopupMenu(hWnd, NULL, -1);
+						PostMessage (hWnd, WM_APP + 1, 0, 0);
+						break;
+					}
+				}
+				break;
+			}
+			case WM_TIMER:
+			{
+				switch(wParam)
+				{
+					case IDT_GRACEFUL_SHUTDOWN_TIMER:
+					{
+						GracefulShutdownEndtime = 0;
+						PostMessage (hWnd, WM_CLOSE, 0, 0); // exit
+						return 0;
+					}
+					case IDT_GRACEFUL_TUNNELCHECK_TIMER:
+					{
+						if (i2p::tunnel::tunnels.CountTransitTunnels() == 0)
+							PostMessage (hWnd, WM_CLOSE, 0, 0);
+						else
+							SetTimer (hWnd, IDT_GRACEFUL_TUNNELCHECK_TIMER, 1000, nullptr);
+						return 0;
+					}
+					case FRAME_UPDATE_TIMER:
+					{
+						InvalidateRect(hWnd, NULL, TRUE);
+						return 0;
+					}
+				}
+				break;
+			}
+			case WM_PAINT:
+			{
+				HDC hDC;
+				PAINTSTRUCT ps;
+				RECT rp;
+				HFONT hFont;
+				std::stringstream s; PrintMainWindowText (s);
+				hDC = BeginPaint (hWnd, &ps);
+				GetClientRect(hWnd, &rp);
+				SetTextColor(hDC, 0x00D43B69);
+				hFont = CreateFont(18,0,0,0,0,0,0,0,DEFAULT_CHARSET,0,0,0,0,TEXT("Times New Roman"));
+				SelectObject(hDC,hFont);
+				DrawText(hDC, TEXT(s.str().c_str()), s.str().length(), &rp, DT_CENTER|DT_VCENTER);
+				DeleteObject(hFont);
+				EndPaint(hWnd, &ps);
+				break;
+			}
+			default:
+			{
+				if (uMsg == s_uTaskbarRestart)
+					AddTrayIcon (hWnd);
+				break;
+			}
+		}
+		return DefWindowProc( hWnd, uMsg, wParam, lParam);
+	}
+
+	bool StartWin32App ()
+	{
+		if (FindWindow (I2PD_WIN32_CLASSNAME, TEXT("i2pd")))
+		{
+			MessageBox(NULL, TEXT("I2Pd is running already"), TEXT("Warning"), MB_OK);
+			return false;
+		}
+		// register main window
+		auto hInst = GetModuleHandle(NULL);
+		WNDCLASSEX wclx;
+		memset (&wclx, 0, sizeof(wclx));
+		wclx.cbSize = sizeof(wclx);
+		wclx.style = 0;
+		wclx.lpfnWndProc = WndProc;
+		//wclx.cbClsExtra = 0;
+		//wclx.cbWndExtra = 0;
+		wclx.hInstance = hInst;
+		wclx.hIcon = LoadIcon (hInst, MAKEINTRESOURCE(MAINICON));
+		wclx.hCursor = LoadCursor (NULL, IDC_ARROW);
+		//wclx.hbrBackground = (HBRUSH)(COLOR_BTNFACE + 1);
+		wclx.hbrBackground = (HBRUSH)(COLOR_WINDOW + 1);
+		wclx.lpszMenuName = NULL;
+		wclx.lpszClassName = I2PD_WIN32_CLASSNAME;
+		RegisterClassEx (&wclx);
+		// create new window
+		if (!CreateWindow(I2PD_WIN32_CLASSNAME, TEXT("i2pd"), WS_OVERLAPPED | WS_CAPTION | WS_SYSMENU | WS_MINIMIZEBOX, 100, 100, 350, 210, NULL, NULL, hInst, NULL))
+		{
+			MessageBox(NULL, "Failed to create main window", TEXT("Warning!"), MB_ICONERROR | MB_OK | MB_TOPMOST);
+			return false;
+		}
+		SubscribeToEvents();
+		return true;
+	}
+
+	int RunWin32App ()
+	{
+		MSG msg;
+		while (GetMessage (&msg, NULL, 0, 0 ))
+		{
+			TranslateMessage (&msg);
+			DispatchMessage (&msg);
+		}
+		return msg.wParam;
+	}
+
+	void StopWin32App ()
+	{
+		HWND hWnd = FindWindow (I2PD_WIN32_CLASSNAME, TEXT("i2pd"));
+		if (hWnd)
+			PostMessage (hWnd, WM_COMMAND, MAKEWPARAM(ID_EXIT, 0), 0);
+		// UnSubscribeFromEvents(); // TODO: understand why unsubscribing crashes app
+		UnregisterClass (I2PD_WIN32_CLASSNAME, GetModuleHandle(NULL));
+	}
+
+	bool GracefulShutdown ()
+	{
+		HWND hWnd = FindWindow (I2PD_WIN32_CLASSNAME, TEXT("i2pd"));
+		if (hWnd)
+			PostMessage (hWnd, WM_COMMAND, MAKEWPARAM(ID_GRACEFUL_SHUTDOWN, 0), 0);
+		return hWnd;
+	}
+
+	bool StopGracefulShutdown ()
+	{
+		HWND hWnd = FindWindow (I2PD_WIN32_CLASSNAME, TEXT("i2pd"));
+		if (hWnd)
+			PostMessage (hWnd, WM_COMMAND, MAKEWPARAM(ID_STOP_GRACEFUL_SHUTDOWN, 0), 0);
+		return hWnd;
+	}
+}
+}

Win32/Win32App.h

@@ -1,17 +1,25 @@
-#ifndef WIN32APP_H__
-#define WIN32APP_H__
-
-#define I2PD_WIN32_CLASSNAME "i2pd main window"
-
-namespace i2p
-{
-namespace win32
-{
-	bool StartWin32App ();
-	void StopWin32App ();
-	int RunWin32App ();
-	bool GracefulShutdown ();
-	bool StopGracefulShutdown ();
-}
-}
-#endif // WIN32APP_H__
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
+#ifndef WIN32APP_H__
+#define WIN32APP_H__
+
+#define I2PD_WIN32_CLASSNAME "i2pd main window"
+
+namespace i2p
+{
+namespace win32
+{
+	bool StartWin32App ();
+	void StopWin32App ();
+	int RunWin32App ();
+	bool GracefulShutdown ();
+	bool StopGracefulShutdown ();
+}
+}
+#endif // WIN32APP_H__

Win32/Win32NetState.cpp

@@ -0,0 +1,86 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
+#if WINVER != 0x0501 // supported since Vista
+#include "Win32NetState.h"
+#include <windows.h>
+#include "Log.h"
+
+IUnknown *pUnknown = nullptr;
+INetworkListManager *pNetworkListManager = nullptr;
+IConnectionPointContainer *pCPContainer = nullptr;
+IConnectionPoint *pConnectPoint = nullptr;
+DWORD Cookie = 0;
+
+void SubscribeToEvents()
+{
+	LogPrint(eLogInfo, "NetState: Trying to subscribe to NetworkListManagerEvents");
+	CoInitialize(NULL);
+
+	HRESULT Result = CoCreateInstance(CLSID_NetworkListManager, NULL, CLSCTX_ALL, IID_IUnknown, (void **)&pUnknown);
+	if (SUCCEEDED(Result))
+	{
+		Result = pUnknown->QueryInterface(IID_INetworkListManager, (void **)&pNetworkListManager);
+		if (SUCCEEDED(Result))
+		{
+			VARIANT_BOOL IsConnect = VARIANT_FALSE;
+			Result = pNetworkListManager->IsConnectedToInternet(&IsConnect);
+			if (SUCCEEDED(Result)) {
+				i2p::transport::transports.SetOnline (true);
+				LogPrint(eLogInfo, "NetState: current state: ", IsConnect == VARIANT_TRUE ? "connected" : "disconnected");
+			}
+
+			Result = pNetworkListManager->QueryInterface(IID_IConnectionPointContainer, (void **)&pCPContainer);
+			if (SUCCEEDED(Result))
+			{
+				Result = pCPContainer->FindConnectionPoint(IID_INetworkListManagerEvents, &pConnectPoint);
+				if(SUCCEEDED(Result))
+				{
+					CNetworkListManagerEvent *NetEvent = new CNetworkListManagerEvent;
+					Result = pConnectPoint->Advise((IUnknown *)NetEvent, &Cookie);
+					if (SUCCEEDED(Result))
+						LogPrint(eLogInfo, "NetState: Successfully subscribed to NetworkListManagerEvent messages");
+					else
+						LogPrint(eLogError, "NetState: Unable to subscribe to NetworkListManagerEvent messages");
+				} else
+					LogPrint(eLogError, "NetState: Unable to find interface connection point");
+			} else
+				LogPrint(eLogError, "NetState: Unable to query NetworkListManager interface");
+		} else
+			LogPrint(eLogError, "NetState: Unable to query global interface");
+	} else
+		LogPrint(eLogError, "NetState: Unable to create INetworkListManager interface");
+}
+
+void UnSubscribeFromEvents()
+{
+	try
+	{
+		if (pConnectPoint) {
+			pConnectPoint->Unadvise(Cookie);
+			pConnectPoint->Release();
+		}
+
+		if (pCPContainer)
+			pCPContainer->Release();
+
+		if (pNetworkListManager)
+			pNetworkListManager->Release();
+
+		if (pUnknown)
+			pUnknown->Release();
+
+		CoUninitialize();
+	}
+	catch (std::exception& ex)
+	{
+		LogPrint (eLogError, "NetState: received exception: ", ex.what ());
+	}
+}
+
+#endif // WINVER

Win32/Win32NetState.h

@@ -0,0 +1,94 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
+#ifndef WIN_32_NETSTATE_H__
+#define WIN_32_NETSTATE_H__
+
+#if WINVER != 0x0501 // supported since Vista
+#include <netlistmgr.h>
+#include <ocidl.h>
+#include "Log.h"
+#include "Transports.h"
+
+class CNetworkListManagerEvent : public INetworkListManagerEvents
+{
+public:
+	CNetworkListManagerEvent() : m_ref(1) { }
+	~CNetworkListManagerEvent() { }
+
+	HRESULT STDMETHODCALLTYPE QueryInterface(REFIID riid, void **ppvObject)
+	{
+		HRESULT Result = S_OK;
+		if (IsEqualIID(riid, IID_IUnknown)) {
+			*ppvObject = (IUnknown *)this;
+		} else if (IsEqualIID(riid ,IID_INetworkListManagerEvents)) {
+			*ppvObject = (INetworkListManagerEvents *)this;
+		} else {
+			Result = E_NOINTERFACE;
+		}
+		AddRef();
+		
+		return Result;
+	}
+
+	ULONG STDMETHODCALLTYPE AddRef()
+	{
+		return (ULONG)InterlockedIncrement(&m_ref);
+	}
+
+	ULONG STDMETHODCALLTYPE Release()
+	{
+		LONG Result = InterlockedDecrement(&m_ref);
+		if (Result == 0)
+			delete this;
+		return (ULONG)Result;
+	}
+
+	virtual HRESULT STDMETHODCALLTYPE ConnectivityChanged(NLM_CONNECTIVITY newConnectivity)
+	{
+		if (newConnectivity == NLM_CONNECTIVITY_DISCONNECTED) {
+			i2p::transport::transports.SetOnline (false);
+			LogPrint(eLogInfo, "NetState: disconnected from network");
+		}
+
+		if (((int)newConnectivity & (int)NLM_CONNECTIVITY_IPV4_INTERNET) != 0) {
+			i2p::transport::transports.SetOnline (true);
+			LogPrint(eLogInfo, "NetState: connected to internet with IPv4 capability");
+		}
+
+		if (((int)newConnectivity & (int)NLM_CONNECTIVITY_IPV6_INTERNET) != 0) {
+			i2p::transport::transports.SetOnline (true);
+			LogPrint(eLogInfo, "NetState: connected to internet with IPv6 capability");
+		}
+
+		if (
+			(((int)newConnectivity & (int)NLM_CONNECTIVITY_IPV4_INTERNET) == 0) &&
+			(((int)newConnectivity & (int)NLM_CONNECTIVITY_IPV6_INTERNET) == 0)
+		) {
+			i2p::transport::transports.SetOnline (false);
+			LogPrint(eLogInfo, "NetState: connected without internet access");
+		}
+
+		return S_OK;
+	}
+
+private:
+
+	LONG m_ref;
+};
+
+void SubscribeToEvents();
+void UnSubscribeFromEvents();
+
+#else // WINVER == 0x0501
+
+void SubscribeToEvents() { }
+void UnSubscribeFromEvents() { }
+
+#endif // WINVER
+#endif

Win32/Win32Service.cpp

@@ -1,10 +1,18 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #ifdef _WIN32
 #define _CRT_SECURE_NO_WARNINGS // to use freopen
 #endif
 
 #include "Win32Service.h"
 #include <assert.h>
-#include <strsafe.h>
+//#include <strsafe.h>
 #include <windows.h>
 
 #include "Daemon.h"

Win32/Win32Service.h

@@ -1,3 +1,11 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #ifndef WIN_32_SERVICE_H__
 #define WIN_32_SERVICE_H__
 
@@ -26,48 +34,48 @@
 
 class I2PService
 {
-public:
+	public:
 
-	I2PService(PSTR pszServiceName,
-		BOOL fCanStop = TRUE,
-		BOOL fCanShutdown = TRUE,
-		BOOL fCanPauseContinue = FALSE);
+		I2PService(PSTR pszServiceName,
+			BOOL fCanStop = TRUE,
+			BOOL fCanShutdown = TRUE,
+			BOOL fCanPauseContinue = FALSE);
 
-	virtual ~I2PService(void);
+		virtual ~I2PService(void);
 
-	static BOOL isService();
-	static BOOL Run(I2PService &service);
-	void Stop();
+		static BOOL isService();
+		static BOOL Run(I2PService &service);
+		void Stop();
 
-protected:
+	protected:
 
-	virtual void OnStart(DWORD dwArgc, PSTR *pszArgv);
-	virtual void OnStop();
-	virtual void OnPause();
-	virtual void OnContinue();
-	virtual void OnShutdown();
-	void SetServiceStatus(DWORD dwCurrentState,
-		DWORD dwWin32ExitCode = NO_ERROR,
-		DWORD dwWaitHint = 0);
+		virtual void OnStart(DWORD dwArgc, PSTR *pszArgv);
+		virtual void OnStop();
+		virtual void OnPause();
+		virtual void OnContinue();
+		virtual void OnShutdown();
+		void SetServiceStatus(DWORD dwCurrentState,
+			DWORD dwWin32ExitCode = NO_ERROR,
+			DWORD dwWaitHint = 0);
 
-private:
+	private:
 
-	static void WINAPI ServiceMain(DWORD dwArgc, LPSTR *lpszArgv);
-	static void WINAPI ServiceCtrlHandler(DWORD dwCtrl);
-	void WorkerThread();
-	void Start(DWORD dwArgc, PSTR *pszArgv);
-	void Pause();
-	void Continue();
-	void Shutdown();
-	static I2PService* s_service;
-	PSTR m_name;
-	SERVICE_STATUS m_status;
-	SERVICE_STATUS_HANDLE m_statusHandle;
+		static void WINAPI ServiceMain(DWORD dwArgc, LPSTR *lpszArgv);
+		static void WINAPI ServiceCtrlHandler(DWORD dwCtrl);
+		void WorkerThread();
+		void Start(DWORD dwArgc, PSTR *pszArgv);
+		void Pause();
+		void Continue();
+		void Shutdown();
+		static I2PService* s_service;
+		PSTR m_name;
+		SERVICE_STATUS m_status;
+		SERVICE_STATUS_HANDLE m_statusHandle;
 
-	BOOL m_fStopping;
-	HANDLE m_hStoppedEvent;
+		BOOL m_fStopping;
+		HANDLE m_hStoppedEvent;
 
-	std::thread* _worker;
+		std::thread* _worker;
 };
 
 void InstallService(
@@ -77,8 +85,8 @@ void InstallService(
 	PCSTR pszDependencies,
 	PCSTR pszAccount,
 	PCSTR pszPassword
-	);
+);
 
 void UninstallService(PCSTR pszServiceName);
 
-#endif // WIN_32_SERVICE_H__
+#endif // WIN_32_SERVICE_H__

Win32/installer.iss

@@ -1,5 +1,5 @@
 #define I2Pd_AppName "i2pd"
-#define I2Pd_ver "2.25.0"
+#define I2Pd_ver "2.34.0"
 #define I2Pd_Publisher "PurpleI2P"
 
 [Setup]

Win32/resource.h

@@ -1,11 +1,11 @@
-//{{NO_DEPENDENCIES}}
-#define MAINICON						101
-
-#ifdef APSTUDIO_INVOKED
-#ifndef APSTUDIO_READONLY_SYMBOLS
-#define _APS_NEXT_RESOURCE_VALUE		102
-#define _APS_NEXT_COMMAND_VALUE			40001
-#define _APS_NEXT_CONTROL_VALUE			1001
-#define _APS_NEXT_SYMED_VALUE			101
-#endif
-#endif
+//{{NO_DEPENDENCIES}}
+#define MAINICON                  101
+
+#ifdef APSTUDIO_INVOKED
+#ifndef APSTUDIO_READONLY_SYMBOLS
+#define _APS_NEXT_RESOURCE_VALUE  102
+#define _APS_NEXT_COMMAND_VALUE   40001
+#define _APS_NEXT_CONTROL_VALUE   1001
+#define _APS_NEXT_SYMED_VALUE     101
+#endif
+#endif

android/.gitignore

@@ -4,6 +4,7 @@ bin
 libs
 log*
 obj
+.cxx
 .gradle
 .idea
 .externalNativeBuild
@@ -12,5 +13,6 @@ local.properties
 build.sh
 android.iml
 build
-
-
+*.iml
+*.local
+*.jks

android/AndroidManifest.xml

@@ -9,13 +9,17 @@
     <uses-permission android:name="android.permission.READ_PHONE_STATE" />
     <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
     <uses-permission android:name="android.permission.FOREGROUND_SERVICE" />
+    <uses-permission android:name="android.permission.REQUEST_IGNORE_BATTERY_OPTIMIZATIONS" />
 
     <application
         android:allowBackup="true"
         android:icon="@drawable/icon"
         android:label="@string/app_name"
+        android:requestLegacyExternalStorage="true"
         android:theme="@android:style/Theme.Holo.Light.DarkActionBar"
-        >
+        android:usesCleartextTraffic="true">
+        <activity android:name=".WebConsoleActivity"></activity>
+
         <receiver android:name=".NetworkStateChangeReceiver">
             <intent-filter>
                 <action android:name="android.net.conn.CONNECTIVITY_CHANGE" />
@@ -48,4 +52,5 @@
                 android:value="org.purplei2p.i2pd.I2PDPermsAskerActivity" />
         </activity>
     </application>
-</manifest>
+
+</manifest>

android/README.md

@@ -0,0 +1,19 @@
+# how to compile?
+## Install the gradle + NDK or use android-studio
+[https://gradle.org/install/](https://gradle.org/install/)
+
+## Install the depencies
+```
+git clone https://github.com/PurpleI2P/Boost-for-Android-Prebuilt.git -b boost-1_72_0
+git clone https://github.com/PurpleI2P/android-ifaddrs.git
+git clone https://github.com/PurpleI2P/OpenSSL-for-Android-Prebuilt.git
+git clone https://github.com/PurpleI2P/MiniUPnP-for-Android-Prebuilt.git
+```
+## Set libs in jni/Application.mk on 24 line:
+```
+# change to your own
+I2PD_LIBS_PATH = /home/user/i2pd/android/
+```
+
+## compile apk file
+gradle clean assembleRelease

android/assets/i2pd.conf

@@ -42,6 +42,8 @@ inbound.quantity = 5
 outbound.length = 1
 outbound.quantity = 5
 signaturetype=7
+i2cp.leaseSetType=3
+i2cp.leaseSetEncType=0,4
 keys = proxy-keys.dat
 # addresshelper = true
 # outproxy = http://false.i2p

android/assets/tunnels.conf

@@ -1,4 +1,4 @@
-[IRC-IRC2P]
+#[IRC-IRC2P]
 #type = client
 #address = 127.0.0.1
 #port = 6668

android/build.gradle

@@ -5,7 +5,7 @@ buildscript {
         google()
     }
     dependencies {
-        classpath 'com.android.tools.build:gradle:3.3.2'
+        classpath 'com.android.tools.build:gradle:3.4.2'
     }
 }
 
@@ -16,21 +16,25 @@ repositories {
     maven {
         url 'https://maven.google.com'
     }
+    google()
 }
 
 dependencies {
-    implementation 'com.android.support:support-compat:28.0.0'
+    implementation 'androidx.core:core:1.0.2'
+    implementation 'androidx.appcompat:appcompat:1.0.2'
+    implementation 'androidx.constraintlayout:constraintlayout:1.1.3'
 }
 
 android {
-    compileSdkVersion 28
+    compileSdkVersion 29
     buildToolsVersion "28.0.3"
     defaultConfig {
         applicationId "org.purplei2p.i2pd"
-        targetSdkVersion 28
+        targetSdkVersion 29
         minSdkVersion 14
-        versionCode 2250
-        versionName "2.25.0"
+        versionCode 2340
+        versionName "2.34.0"
+        setProperty("archivesBaseName", archivesBaseName + "-" + versionName)
         ndk {
             abiFilters 'armeabi-v7a'
             abiFilters 'x86'
@@ -55,9 +59,10 @@ android {
     splits {
         abi {
             // change that to true if you need splitted apk
-            enable false
+            enable true
             reset()
-            include "armeabi-v7a", "arm64-v8a", "x86", "x86_64"
+            //include "armeabi-v7a", "arm64-v8a", "x86", "x86_64"
+            include "armeabi-v7a", "x86"
             universalApk true
         }
     }
@@ -71,7 +76,7 @@ android {
     }
     buildTypes {
         release {
-            minifyEnabled true
+            minifyEnabled false
             signingConfig signingConfigs.orignal
             proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-project.txt'
         }
@@ -81,4 +86,21 @@ android {
             path './jni/Android.mk'
         }
     }
+    compileOptions {
+        sourceCompatibility = '1.8'
+        targetCompatibility = '1.8'
+    }
+}
+
+ext.abiCodes = ['armeabi-v7a': 1, 'x86': 2, 'arm64-v8a': 3, 'x86_64': 4]
+import com.android.build.OutputFile
+
+android.applicationVariants.all { variant ->
+    variant.outputs.each { output ->
+        def baseAbiVersionCode = project.ext.abiCodes.get(output.getFilter(OutputFile.ABI))
+
+        if (baseAbiVersionCode != null) {
+            output.versionCodeOverride = baseAbiVersionCode + variant.versionCode
+        }
+    }
 }

android/gradle.properties

@@ -1 +1,3 @@
+android.enableJetifier=true
+android.useAndroidX=true
 org.gradle.parallel=true

android/gradle/wrapper/gradle-wrapper.properties

@@ -1,6 +1,6 @@
-#Thu Mar 14 18:21:08 MSK 2019
+#Tue Aug 20 14:39:08 MSK 2019
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-4.10.1-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-5.1.1-all.zip

android/jni/Android.mk

@@ -25,43 +25,43 @@ include $(BUILD_SHARED_LIBRARY)
 LOCAL_PATH := $(call my-dir)
 include $(CLEAR_VARS)
 LOCAL_MODULE := boost_system
-LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_68_0-clang/$(TARGET_ARCH_ABI)/lib/libboost_system.a
-LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_68_0-clang/include
+LOCAL_SRC_FILES := $(BOOST_PATH)/boost-1_72_0/$(TARGET_ARCH_ABI)/lib/libboost_system.a
+LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost-1_72_0/include
 include $(PREBUILT_STATIC_LIBRARY)
 
 LOCAL_PATH := $(call my-dir)
 include $(CLEAR_VARS)
 LOCAL_MODULE := boost_date_time
-LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_68_0-clang/$(TARGET_ARCH_ABI)/lib/libboost_date_time.a
-LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_68_0-clang/include
+LOCAL_SRC_FILES := $(BOOST_PATH)/boost-1_72_0/$(TARGET_ARCH_ABI)/lib/libboost_date_time.a
+LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost-1_72_0/include
 include $(PREBUILT_STATIC_LIBRARY)
 
 LOCAL_PATH := $(call my-dir)
 include $(CLEAR_VARS)
 LOCAL_MODULE := boost_filesystem
-LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_68_0-clang/$(TARGET_ARCH_ABI)/lib/libboost_filesystem.a
-LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_68_0-clang/include
+LOCAL_SRC_FILES := $(BOOST_PATH)/boost-1_72_0/$(TARGET_ARCH_ABI)/lib/libboost_filesystem.a
+LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost-1_72_0/include
 include $(PREBUILT_STATIC_LIBRARY)
 
 LOCAL_PATH := $(call my-dir)
 include $(CLEAR_VARS)
 LOCAL_MODULE := boost_program_options
-LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_68_0-clang/$(TARGET_ARCH_ABI)/lib/libboost_program_options.a
-LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_68_0-clang/include
+LOCAL_SRC_FILES := $(BOOST_PATH)/boost-1_72_0/$(TARGET_ARCH_ABI)/lib/libboost_program_options.a
+LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost-1_72_0/include
 include $(PREBUILT_STATIC_LIBRARY)
 
 LOCAL_PATH := $(call my-dir)
 include $(CLEAR_VARS)
 LOCAL_MODULE := crypto
-LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.1a-clang/$(TARGET_ARCH_ABI)/lib/libcrypto.a
-LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.1a-clang/include
+LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.1d-clang/$(TARGET_ARCH_ABI)/lib/libcrypto.a
+LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.1d-clang/include
 include $(PREBUILT_STATIC_LIBRARY)
 
 LOCAL_PATH := $(call my-dir)
 include $(CLEAR_VARS)
 LOCAL_MODULE := ssl
-LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.1a-clang/$(TARGET_ARCH_ABI)/lib/libssl.a
-LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.1a-clang/include
+LOCAL_SRC_FILES := $(OPENSSL_PATH)/openssl-1.1.1d-clang/$(TARGET_ARCH_ABI)/lib/libssl.a
+LOCAL_EXPORT_C_INCLUDES := $(OPENSSL_PATH)/openssl-1.1.1d-clang/include
 LOCAL_STATIC_LIBRARIES := crypto
 include $(PREBUILT_STATIC_LIBRARY)
 

android/jni/Application.mk

@@ -9,15 +9,15 @@ NDK_TOOLCHAIN_VERSION := clang
 #APP_STL := c++_shared
 APP_STL := c++_static
 
-# Enable c++11 extensions in source code
-APP_CPPFLAGS += -std=c++11 -fexceptions -frtti
+# Enable c++17 extensions in source code
+APP_CPPFLAGS += -std=c++17 -fexceptions -frtti
 
 APP_CPPFLAGS += -DANDROID -D__ANDROID__ -DUSE_UPNP
 ifeq ($(TARGET_ARCH_ABI),armeabi-v7a)
 APP_CPPFLAGS += -DANDROID_ARM7A
 endif
 
-# git clone https://github.com/PurpleI2P/Boost-for-Android-Prebuilt.git
+# git clone https://github.com/PurpleI2P/Boost-for-Android-Prebuilt.git -b boost-1_72_0
 # git clone https://github.com/PurpleI2P/OpenSSL-for-Android-Prebuilt.git
 # git clone https://github.com/PurpleI2P/MiniUPnP-for-Android-Prebuilt.git
 # git clone https://github.com/PurpleI2P/android-ifaddrs.git

android/jni/DaemonAndroid.cpp

@@ -1,3 +1,11 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #include <iostream>
 #include <chrono>
 #include <thread>

android/jni/DaemonAndroid.h

@@ -1,3 +1,11 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #ifndef DAEMON_ANDROID_H
 #define DAEMON_ANDROID_H
 

android/jni/i2pd_android.cpp

@@ -1,8 +1,18 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #include <jni.h>
 #include "org_purplei2p_i2pd_I2PD_JNI.h"
 #include "DaemonAndroid.h"
 #include "RouterContext.h"
+#include "ClientContext.h"
 #include "Transports.h"
+#include "Tunnel.h"
 
 JNIEXPORT jstring JNICALL Java_org_purplei2p_i2pd_I2PD_1JNI_getABICompiledWith
 	(JNIEnv *env, jclass clazz) {
@@ -61,6 +71,11 @@ JNIEXPORT void JNICALL Java_org_purplei2p_i2pd_I2PD_1JNI_startAcceptingTunnels
 	i2p::context.SetAcceptsTunnels (true);
 }
 
+JNIEXPORT void JNICALL Java_org_purplei2p_i2pd_I2PD_1JNI_reloadTunnelsConfigs
+	(JNIEnv *env, jclass clazz) {
+	i2p::client::context.ReloadConfig();
+}
+
 JNIEXPORT void JNICALL Java_org_purplei2p_i2pd_I2PD_1JNI_onNetworkStateChanged
 	(JNIEnv *env, jclass clazz, jboolean isConnected) {
 	bool isConnectedBool = (bool) isConnected;
@@ -92,3 +107,8 @@ JNIEXPORT void JNICALL Java_org_purplei2p_i2pd_I2PD_1JNI_setDataDir
 	// Set DataDir
 	i2p::android::SetDataDir(dataDir);
 }
+
+JNIEXPORT jint JNICALL Java_org_purplei2p_i2pd_I2PD_1JNI_GetTransitTunnelsCount
+	(JNIEnv *env, jclass clazz) {
+	return i2p::tunnel::tunnels.CountTransitTunnels();
+}

android/jni/org_purplei2p_i2pd_I2PD_JNI.h

@@ -1,3 +1,11 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 /* DO NOT EDIT THIS FILE - it is machine generated */
 #include <jni.h>
 /* Header for class org_purplei2p_i2pd_I2PD_JNI */
@@ -27,12 +35,18 @@ JNIEXPORT void JNICALL Java_org_purplei2p_i2pd_I2PD_1JNI_stopAcceptingTunnels
 JNIEXPORT void JNICALL Java_org_purplei2p_i2pd_I2PD_1JNI_startAcceptingTunnels
 	(JNIEnv *, jclass);
 
+JNIEXPORT void JNICALL Java_org_purplei2p_i2pd_I2PD_1JNI_reloadTunnelsConfigs
+	(JNIEnv *, jclass);
+
 JNIEXPORT void JNICALL Java_org_purplei2p_i2pd_I2PD_1JNI_onNetworkStateChanged
 	(JNIEnv * env, jclass clazz, jboolean isConnected);
 
 JNIEXPORT void JNICALL Java_org_purplei2p_i2pd_I2PD_1JNI_setDataDir
 	(JNIEnv *env, jclass clazz, jstring jdataDir);
 
+JNIEXPORT jint JNICALL Java_org_purplei2p_i2pd_I2PD_1JNI_GetTransitTunnelsCount
+	(JNIEnv *, jclass);
+
 #ifdef __cplusplus
 }
 #endif

android/project.properties

@@ -11,4 +11,4 @@
 #proguard.config=${sdk.dir}/tools/proguard/proguard-android.txt:proguard-project.txt
 
 # Project target.
-target=android-28
+target=android-29

android/res/layout/activity_perms_asker.xml

@@ -15,13 +15,12 @@
         android:layout_width="wrap_content"
         android:layout_height="wrap_content"
         android:layout_marginBottom="@dimen/horizontal_page_margin"
-        android:visibility="gone"
-        />
+        android:visibility="gone" />
 
     <Button
         android:id="@+id/button_request_write_ext_storage_perms"
         android:layout_width="wrap_content"
         android:layout_height="wrap_content"
-        android:text="Retry requesting the SD card write permissions"
-        android:visibility="gone"/>
+        android:text="@string/retryPermRequest"
+        android:visibility="gone" />
 </LinearLayout>

android/res/layout/activity_perms_explanation.xml

@@ -15,13 +15,11 @@
         android:layout_width="wrap_content"
         android:layout_height="wrap_content"
         android:layout_marginBottom="@dimen/horizontal_page_margin"
-        android:text="SD card write access is required to write the keys and other files to the I2PD folder on SD card."
-        />
+        android:text="@string/permRequired" />
 
     <Button
         android:id="@+id/button_ok"
         android:layout_width="wrap_content"
         android:layout_height="wrap_content"
-        android:text="OK"
-        />
+        android:text="@string/ok" />
 </LinearLayout>

android/res/layout/activity_web_console.xml

@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="utf-8"?>
+<LinearLayout android:id="@+id/layout_prompt"
+    xmlns:android="http://schemas.android.com/apk/res/android"
+    xmlns:tools="http://schemas.android.com/tools"
+    android:layout_width="fill_parent"
+    android:layout_height="fill_parent"
+    tools:context=".WebConsoleActivity">
+
+    <WebView
+        android:id="@+id/webview1"
+        android:layout_width="fill_parent"
+        android:layout_height="fill_parent" />
+</LinearLayout>
+

android/res/menu/options_main.xml

@@ -3,14 +3,29 @@
     xmlns:app="http://schemas.android.com/apk/res-auto"
     xmlns:tools="http://schemas.android.com/tools"
     tools:context=".I2PDActivity">
-    <item
-        android:id="@+id/action_graceful_stop"
-        android:title="@string/action_graceful_stop"
-        android:orderInCategory="98"
-        />
-    <item
-        android:id="@+id/action_stop"
-        android:title="@string/action_stop"
-        android:orderInCategory="99"
-        />
+
+    <group android:id="@+id/group_various">
+        <item
+            android:id="@+id/action_battery_otimizations"
+            android:title="@string/menu_item_battery_optimizations_str" />
+    </group>
+
+    <group android:id="@+id/group_i2pd_control">
+        <item
+            android:id="@+id/action_start_webview"
+            android:orderInCategory="96"
+            android:title="@string/action_start_webview" />
+        <item
+            android:id="@+id/action_reload_tunnels_config"
+            android:orderInCategory="97"
+            android:title="@string/action_reload_tunnels_config" />
+        <item
+            android:id="@+id/action_graceful_stop"
+            android:orderInCategory="98"
+            android:title="@string/action_graceful_stop" />
+        <item
+            android:id="@+id/action_stop"
+            android:orderInCategory="99"
+            android:title="@string/action_stop" />
+    </group>
 </menu>

android/res/values-ru/strings.xml

@@ -1,20 +1,40 @@
 <?xml version="1.0" encoding="utf-8"?>
 <resources>
     <string name="app_name">i2pd</string>
+
     <string name="action_stop">Остановить</string>
     <string name="action_graceful_stop">Корректная остановка</string>
     <string name="action_cancel_graceful_stop">Отменить корректную остановку</string>
+    <string name="action_reload_tunnels_config">Перезагрузить туннели</string>
+    <string name="action_start_webview">Открыть Веб Консоль</string>
+
     <string name="graceful_stop_is_already_in_progress">Корректная остановка уже запущена</string>
     <string name="graceful_stop_is_in_progress">Корректная остановка запущена</string>
+    <string name="gracefulShutdownInProgress">Корректная остановка запущена</string>
+
     <string name="already_stopped">Уже остановлено</string>
     <string name="uninitialized">Приложение инициализируется</string>
     <string name="starting">Приложение запускается</string>
     <string name="jniLibraryLoaded">Загружены JNI библиотеки</string>
     <string name="startedOkay">Приложение запущено</string>
     <string name="startFailed">Запуск не удался</string>
-    <string name="gracefulShutdownInProgress">Корректная остановка запущена</string>
     <string name="stopped">Приложение было остановлено</string>
     <string name="remaining">осталось</string>
+
     <string name="title_activity_i2_pdperms_asker_prompt">Запрос</string>
     <string name="permDenied">Права для записи на SD карту отклонены, вам необходимо предоставить их для продолжения</string>
+    <string name="permRequired">Права на запись на SD карту необходимы для записи ключей и других файлов в папку I2PD на внутренней памяти.</string>
+    <string name="retryPermRequest">Повторить запрос прав на запись на SD карту</string>
+
+    <string name="menu_item_battery_optimizations_str">Оптимизации аккумулятора</string>
+    <string name="battery_optimizations_enabled">Оптимизации аккумулятора включены</string>
+    <string name="battery_optimizations_enabled_explained">Ваша операционная система осуществляет оптимизации расхода аккумулятора, которые могут приводить к выгрузке I2PD из памяти и прекращению его работы с целью сэкономить заряд аккумулятора.\nРекомендуется отключить эти оптимизации.</string>
+    <string name="battery_optimizations_enabled_dialog">Ваша операционная система осуществляет оптимизации расхода аккумулятора, которые могут приводить к выгрузке I2PD из памяти и прекращению его работы с целью сэкономить заряд аккумулятора.\n\nВам сейчас будет предложено разрешить отключение этих оптимизаций.</string>
+    <string name="continue_str">Продолжить</string>
+    <string name="device_does_not_support_disabling_battery_optimizations">Ваша версия Андроид не поддерживает отключение оптимизаций аккумулятора</string>
+    <string name="os_version_does_not_support_battery_optimizations_show_os_dialog_api">Ваша версия Андроид не поддерживает показ диалога об оптимизациях аккумулятора для приложений.</string>
+
+    <string name="shutdown_canceled">Плановая остановка отменена</string>
+
+    <string name="tunnels_reloading">Перезагрузка конфигурации туннелей...</string>
 </resources>

android/res/values/strings.xml

@@ -1,20 +1,41 @@
 <?xml version="1.0" encoding="utf-8"?>
 <resources xmlns:tools="http://schemas.android.com/tools" tools:ignore="MissingTranslation">
     <string name="app_name">i2pd</string>
+
     <string name="action_stop">Stop</string>
     <string name="action_graceful_stop">Graceful Stop</string>
     <string name="action_cancel_graceful_stop">Cancel Graceful Stop</string>
+    <string name="action_reload_tunnels_config">Reload tunnels</string>
+    <string name="action_start_webview">Open Web Console</string>
+
     <string name="graceful_stop_is_already_in_progress">Graceful stop is already in progress</string>
     <string name="graceful_stop_is_in_progress">Graceful stop is in progress</string>
+    <string name="gracefulShutdownInProgress">Graceful shutdown in progress</string>
+
     <string name="already_stopped">Already stopped</string>
     <string name="uninitialized">Application initializing</string>
     <string name="starting">Application starting</string>
     <string name="jniLibraryLoaded">Loaded JNI libraries</string>
     <string name="startedOkay">Application Started</string>
     <string name="startFailed">Start failed</string>
-    <string name="gracefulShutdownInProgress">Graceful shutdown in progress</string>
     <string name="stopped">Application stopped</string>
     <string name="remaining">remaining</string>
+    <string name="ok">OK</string>
+
     <string name="title_activity_i2_pdperms_asker_prompt">Prompt</string>
     <string name="permDenied">SD card write permission denied, you need to allow this to continue</string>
+    <string name="permRequired">SD card write access is required to write the keys and other files to the I2PD folder on SD card.</string>
+    <string name="retryPermRequest">Retry requesting the SD card write permissions</string>
+
+    <string name="menu_item_battery_optimizations_str">Battery Optimizations</string>
+    <string name="battery_optimizations_enabled">Battery optimizations enabled</string>
+    <string name="battery_optimizations_enabled_explained">Your Android is doing some heavy battery optimizations on I2PD that might lead to daemon closing with no other reason.\nIt is recommended to allow disabling those battery optimizations.</string>
+    <string name="battery_optimizations_enabled_dialog">Your Android is doing some heavy battery optimizations on I2PD that might lead to daemon closing with no other reason.\n\nYou will now be asked to allow to disable those.</string>
+    <string name="continue_str">Continue</string>
+    <string name="device_does_not_support_disabling_battery_optimizations">Your Android version does not support opting out of battery optimizations</string>
+    <string name="os_version_does_not_support_battery_optimizations_show_os_dialog_api">Your Android OS version does not support showing the dialog for battery optimizations for applications.</string>
+
+    <string name="shutdown_canceled">Planned shutdown canceled</string>
+
+    <string name="tunnels_reloading">Reloading tunnels config...</string>
 </resources>

android/src/org/purplei2p/i2pd/DaemonSingleton.java

@@ -1,143 +0,0 @@
-package org.purplei2p.i2pd;
-
-import java.util.HashSet;
-import java.util.Set;
-import android.os.Environment;
-import android.util.Log;
-
-import org.purplei2p.i2pd.R;
-
-public class DaemonSingleton {
-	private static final String TAG = "i2pd";
-	private static final DaemonSingleton instance = new DaemonSingleton();
-	public interface StateUpdateListener { void daemonStateUpdate(); }
-	private final Set<StateUpdateListener> stateUpdateListeners = new HashSet<>();
-
-	public static DaemonSingleton getInstance() { return instance; }
-
-	public synchronized void addStateChangeListener(StateUpdateListener listener) { stateUpdateListeners.add(listener); }
-	public synchronized void removeStateChangeListener(StateUpdateListener listener) { stateUpdateListeners.remove(listener); }
-
-	private synchronized void setState(State newState) {
-		if(newState==null)throw new NullPointerException();
-		State oldState = state;
-		if(oldState==null)throw new NullPointerException();
-		if(oldState.equals(newState))return;
-		state=newState;
-		fireStateUpdate1();
-	}
-	public synchronized void stopAcceptingTunnels() {
-		if(isStartedOkay()){
-			setState(State.gracefulShutdownInProgress);
-			I2PD_JNI.stopAcceptingTunnels();
-		}
-	}
-
-	public synchronized void startAcceptingTunnels() {
-		if(isStartedOkay()){
-			setState(State.startedOkay);
-			I2PD_JNI.startAcceptingTunnels();
-		}
-	}
-
-	private volatile boolean startedOkay;
-
-	public enum State {
-		uninitialized(R.string.uninitialized),
-		starting(R.string.starting),
-		jniLibraryLoaded(R.string.jniLibraryLoaded),
-		startedOkay(R.string.startedOkay),
-		startFailed(R.string.startFailed),
-		gracefulShutdownInProgress(R.string.gracefulShutdownInProgress),
-		stopped(R.string.stopped);
-
-		State(int statusStringResourceId) {
-			this.statusStringResourceId = statusStringResourceId;
-		}
-
-		private final int statusStringResourceId;
-
-		public int getStatusStringResourceId() {
-			return statusStringResourceId;
-		}
-	};
-
-	private volatile State state = State.uninitialized;
-
-	public State getState() { return state; }
-
-	{
-		setState(State.starting);
-		new Thread(new Runnable(){
-
-			@Override
-			public void run() {
-				try {
-					I2PD_JNI.loadLibraries();
-					setState(State.jniLibraryLoaded);
-				} catch (Throwable tr) {
-					lastThrowable=tr;
-					setState(State.startFailed);
-					return;
-				}
-				try {
-					synchronized (DaemonSingleton.this) {
-						I2PD_JNI.setDataDir(Environment.getExternalStorageDirectory().getAbsolutePath() + "/i2pd");
-						daemonStartResult = I2PD_JNI.startDaemon();
-						if("ok".equals(daemonStartResult)){
-							setState(State.startedOkay);
-							setStartedOkay(true);
-						}else setState(State.startFailed);
-					}
-				} catch (Throwable tr) {
-					lastThrowable=tr;
-					setState(State.startFailed);
-				}
-			}
-
-		}, "i2pdDaemonStart").start();
-	}
-	private Throwable lastThrowable;
-	private String daemonStartResult="N/A";
-
-	private void fireStateUpdate1() {
-		Log.i(TAG, "daemon state change: "+state);
-		for(StateUpdateListener listener : stateUpdateListeners) {
-			try {
-				listener.daemonStateUpdate();
-			} catch (Throwable tr) {
-				Log.e(TAG, "exception in listener ignored", tr);
-			}
-		}
-	}
-
-	public Throwable getLastThrowable() {
-		return lastThrowable;
-	}
-
-	public String getDaemonStartResult() {
-		return daemonStartResult;
-	}
-
-	private final Object startedOkayLock = new Object();
-
-	public boolean isStartedOkay() {
-		synchronized (startedOkayLock) {
-			return startedOkay;
-		}
-	}
-
-	private void setStartedOkay(boolean startedOkay) {
-		synchronized (startedOkayLock) {
-			this.startedOkay = startedOkay;
-		}
-	}
-
-	public synchronized void stopDaemon() {
-		if(isStartedOkay()){
-			try {I2PD_JNI.stopDaemon();}catch(Throwable tr){Log.e(TAG, "", tr);}
-			setStartedOkay(false);
-			setState(State.stopped);
-		}
-	}
-}

android/src/org/purplei2p/i2pd/DaemonWrapper.java

@@ -0,0 +1,374 @@
+package org.purplei2p.i2pd;
+
+import java.io.BufferedReader;
+import java.io.File;
+import java.io.FileOutputStream;
+import java.io.FileReader;
+import java.io.FileWriter;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.util.HashSet;
+import java.util.Set;
+
+import android.annotation.TargetApi;
+import android.content.res.AssetManager;
+import android.net.ConnectivityManager;
+import android.net.Network;
+import android.net.NetworkCapabilities;
+import android.net.NetworkRequest;
+import android.os.Build;
+import android.os.Environment;
+import android.util.Log;
+
+import androidx.annotation.RequiresApi;
+
+public class DaemonWrapper {
+	private static final String TAG = "i2pd";
+	private final AssetManager assetManager;
+	private final ConnectivityManager connectivityManager;
+	private String i2pdpath = Environment.getExternalStorageDirectory().getAbsolutePath() + "/i2pd/";
+	private boolean assetsCopied;
+
+	public interface StateUpdateListener {
+		void daemonStateUpdate(State oldValue, State newValue);
+	}
+
+	private final Set<StateUpdateListener> stateUpdateListeners = new HashSet<>();
+
+	public synchronized void addStateChangeListener(StateUpdateListener listener) {
+		stateUpdateListeners.add(listener);
+	}
+
+	public synchronized void removeStateChangeListener(StateUpdateListener listener) {
+		stateUpdateListeners.remove(listener);
+	}
+
+	private synchronized void setState(State newState) {
+		if (newState == null)
+			throw new NullPointerException();
+
+		State oldState = state;
+
+		if (oldState == null)
+			throw new NullPointerException();
+
+		if (oldState.equals(newState))
+			return;
+
+		state = newState;
+		fireStateUpdate1(oldState, newState);
+	}
+
+	public synchronized void stopAcceptingTunnels() {
+		if (isStartedOkay()) {
+			setState(State.gracefulShutdownInProgress);
+			I2PD_JNI.stopAcceptingTunnels();
+		}
+	}
+
+	public synchronized void startAcceptingTunnels() {
+		if (isStartedOkay()) {
+			setState(State.startedOkay);
+			I2PD_JNI.startAcceptingTunnels();
+		}
+	}
+
+	public synchronized void reloadTunnelsConfigs() {
+		if (isStartedOkay()) {
+			I2PD_JNI.reloadTunnelsConfigs();
+		}
+	}
+
+	public int getTransitTunnelsCount() {
+		return I2PD_JNI.GetTransitTunnelsCount();
+	}
+
+	public enum State {
+		uninitialized(R.string.uninitialized),
+		starting(R.string.starting),
+		jniLibraryLoaded(R.string.jniLibraryLoaded),
+		startedOkay(R.string.startedOkay),
+		startFailed(R.string.startFailed),
+		gracefulShutdownInProgress(R.string.gracefulShutdownInProgress),
+		stopped(R.string.stopped);
+
+		State(int statusStringResourceId) {
+			this.statusStringResourceId = statusStringResourceId;
+		}
+
+		private final int statusStringResourceId;
+
+		public int getStatusStringResourceId() {
+			return statusStringResourceId;
+		}
+
+		public boolean isStartedOkay() {
+			return equals(State.startedOkay) || equals(State.gracefulShutdownInProgress);
+		}
+	}
+
+	private volatile State state = State.uninitialized;
+
+	public State getState() {
+		return state;
+	}
+
+	public DaemonWrapper(AssetManager assetManager, ConnectivityManager connectivityManager){
+		this.assetManager = assetManager;
+		this.connectivityManager = connectivityManager;
+		setState(State.starting);
+		new Thread(() -> {
+			try {
+				processAssets();
+				I2PD_JNI.loadLibraries();
+				setState(State.jniLibraryLoaded);
+				registerNetworkCallback();
+			} catch (Throwable tr) {
+				lastThrowable = tr;
+				setState(State.startFailed);
+				return;
+			}
+			try {
+				synchronized (DaemonWrapper.this) {
+					I2PD_JNI.setDataDir(Environment.getExternalStorageDirectory().getAbsolutePath() + "/i2pd");
+					daemonStartResult = I2PD_JNI.startDaemon();
+					if ("ok".equals(daemonStartResult)) {
+						setState(State.startedOkay);
+					} else
+						setState(State.startFailed);
+				}
+			} catch (Throwable tr) {
+				lastThrowable = tr;
+				setState(State.startFailed);
+			}
+		}, "i2pdDaemonStart").start();
+	}
+
+	private Throwable lastThrowable;
+	private String daemonStartResult = "N/A";
+
+	private void fireStateUpdate1(State oldValue, State newValue) {
+		Log.i(TAG, "daemon state change: " + state);
+		for (StateUpdateListener listener : stateUpdateListeners) {
+			try {
+				listener.daemonStateUpdate(oldValue, newValue);
+			} catch (Throwable tr) {
+				Log.e(TAG, "exception in listener ignored", tr);
+			}
+		}
+	}
+
+	public Throwable getLastThrowable() {
+		return lastThrowable;
+	}
+
+	public String getDaemonStartResult() {
+		return daemonStartResult;
+	}
+
+	public boolean isStartedOkay() {
+		return getState().isStartedOkay();
+	}
+
+	public synchronized void stopDaemon() {
+		if (isStartedOkay()) {
+			try {
+				I2PD_JNI.stopDaemon();
+			} catch(Throwable tr) {
+				Log.e(TAG, "", tr);
+			}
+
+			setState(State.stopped);
+		}
+	}
+
+	private void processAssets() {
+		if (!assetsCopied) {
+			try {
+				assetsCopied = true;
+
+				File holderFile = new File(i2pdpath, "assets.ready");
+				String versionName = BuildConfig.VERSION_NAME; // here will be app version, like 2.XX.XX
+				StringBuilder text = new StringBuilder();
+
+				if (holderFile.exists()) {
+					try { // if holder file exists, read assets version string
+						FileReader fileReader = new FileReader(holderFile);
+
+						try {
+							BufferedReader br = new BufferedReader(fileReader);
+
+							try {
+								String line;
+
+								while ((line = br.readLine()) != null) {
+									text.append(line);
+								}
+							}finally {
+								try {
+									br.close();
+								} catch (IOException e) {
+									Log.e(TAG, "", e);
+								}
+							}
+						} finally {
+							try {
+								fileReader.close();
+							} catch (IOException e) {
+								Log.e(TAG, "", e);
+							}
+						}
+					} catch (IOException e) {
+						Log.e(TAG, "", e);
+					}
+				}
+
+				// if version differs from current app version or null, try to delete certificates folder
+				if (!text.toString().contains(versionName))
+					try {
+						boolean deleteResult = holderFile.delete();
+						if (!deleteResult)
+							Log.e(TAG, "holderFile.delete() returned " + deleteResult + ", absolute path='" + holderFile.getAbsolutePath() + "'");
+						File certPath = new File(i2pdpath, "certificates");
+						deleteRecursive(certPath);
+					}
+					catch (Throwable tr) {
+						Log.e(TAG, "", tr);
+					}
+
+				// copy assets. If processed file exists, it won't be overwritten
+				copyAsset("addressbook");
+				copyAsset("certificates");
+				copyAsset("tunnels.d");
+				copyAsset("i2pd.conf");
+				copyAsset("subscriptions.txt");
+				copyAsset("tunnels.conf");
+
+				// update holder file about successful copying
+				FileWriter writer = new FileWriter(holderFile);
+				try {
+					writer.append(versionName);
+				} finally {
+					try {
+						writer.close();
+					} catch (IOException e) {
+						Log.e(TAG,"on writer close", e);
+					}
+				}
+			}
+			catch (Throwable tr)
+			{
+				Log.e(TAG,"on assets copying", tr);
+			}
+		}
+	}
+
+	/**
+	 * Copy the asset at the specified path to this app's data directory. If the
+	 * asset is a directory, its contents are also copied.
+	 *
+	 * @param path
+	 * Path to asset, relative to app's assets directory.
+	 */
+	private void copyAsset(String path) {
+		// If we have a directory, we make it and recurse. If a file, we copy its
+		// contents.
+		try {
+			String[] contents = assetManager.list(path);
+
+			// The documentation suggests that list throws an IOException, but doesn't
+			// say under what conditions. It'd be nice if it did so when the path was
+			// to a file. That doesn't appear to be the case. If the returned array is
+			// null or has 0 length, we assume the path is to a file. This means empty
+			// directories will get turned into files.
+			if (contents == null || contents.length == 0) {
+				copyFileAsset(path);
+				return;
+			}
+
+			// Make the directory.
+			File dir = new File(i2pdpath, path);
+			boolean result = dir.mkdirs();
+			Log.d(TAG, "dir.mkdirs() returned " + result);
+
+			// Recurse on the contents.
+			for (String entry : contents) {
+				copyAsset(path + '/' + entry);
+			}
+		} catch (IOException e) {
+			Log.e(TAG, "ex ignored for path='" + path + "'", e);
+		}
+	}
+
+	/**
+	 * Copy the asset file specified by path to app's data directory. Assumes
+	 * parent directories have already been created.
+	 *
+	 * @param path
+	 * Path to asset, relative to app's assets directory.
+	 */
+	private void copyFileAsset(String path) {
+		File file = new File(i2pdpath, path);
+		if (!file.exists()) {
+			try {
+				try (InputStream in = assetManager.open(path)) {
+					try (OutputStream out = new FileOutputStream(file)) {
+						byte[] buffer = new byte[1024];
+						int read = in.read(buffer);
+						while (read != -1) {
+							out.write(buffer, 0, read);
+							read = in.read(buffer);
+						}
+					}
+				}
+			} catch (IOException e) {
+				Log.e(TAG, "", e);
+			}
+		}
+	}
+
+	private void deleteRecursive(File fileOrDirectory) {
+		if (fileOrDirectory.isDirectory()) {
+			File[] files = fileOrDirectory.listFiles();
+			if (files != null) {
+				for (File child : files) {
+					deleteRecursive(child);
+				}
+			}
+		}
+		boolean deleteResult = fileOrDirectory.delete();
+		if (!deleteResult)
+			Log.e(TAG, "fileOrDirectory.delete() returned " + deleteResult + ", absolute path='" + fileOrDirectory.getAbsolutePath() + "'");
+	}
+
+	private void registerNetworkCallback(){
+		if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) registerNetworkCallback0();
+	}
+
+	@TargetApi(Build.VERSION_CODES.M)
+	private void registerNetworkCallback0() {
+		NetworkRequest request = new NetworkRequest.Builder()
+				.addCapability(NetworkCapabilities.NET_CAPABILITY_VALIDATED)
+				.build();
+		NetworkStateCallbackImpl networkCallback = new NetworkStateCallbackImpl();
+		connectivityManager.registerNetworkCallback(request, networkCallback);
+	}
+
+	@RequiresApi(api = Build.VERSION_CODES.LOLLIPOP)
+	private static final class NetworkStateCallbackImpl extends ConnectivityManager.NetworkCallback {
+		@Override
+		public void onAvailable(Network network) {
+			super.onAvailable(network);
+			I2PD_JNI.onNetworkStateChanged(true);
+			Log.i(TAG, "NetworkCallback.onAvailable");
+		}
+
+		@Override
+		public void onLost(Network network) {
+			super.onLost(network);
+			I2PD_JNI.onNetworkStateChanged(false);
+			Log.i(TAG, " NetworkCallback.onLost");
+		}
+	}
+}

android/src/org/purplei2p/i2pd/ForegroundService.java

@@ -1,6 +1,5 @@
 package org.purplei2p.i2pd;
 
-import android.annotation.TargetApi;
 import android.app.Notification;
 import android.app.NotificationChannel;
 import android.app.NotificationManager;
@@ -11,38 +10,47 @@ import android.content.Intent;
 import android.os.Binder;
 import android.os.Build;
 import android.os.IBinder;
-import android.support.annotation.RequiresApi;
-import android.support.v4.app.NotificationCompat;
+import androidx.annotation.RequiresApi;
+import androidx.core.app.NotificationCompat;
 import android.util.Log;
-import android.widget.Toast;
 
 public class ForegroundService extends Service {
 	private static final String TAG="FgService";
 
 	private volatile boolean shown;
 
-	private final DaemonSingleton.StateUpdateListener daemonStateUpdatedListener =
-			new DaemonSingleton.StateUpdateListener() {
+	private static ForegroundService instance;
+
+	private static volatile DaemonWrapper daemon;
+
+	private static final Object initDeinitLock = new Object();
+
+	private final DaemonWrapper.StateUpdateListener daemonStateUpdatedListener =
+			new DaemonWrapper.StateUpdateListener() {
 
 				@Override
-				public void daemonStateUpdate() {
-					try {
-						synchronized (ForegroundService.this) {
-							if (shown) cancelNotification();
-							showNotification();
-						}
-					} catch (Throwable tr) {
-						Log.e(TAG,"error ignored",tr);
-					}
+				public void daemonStateUpdate(DaemonWrapper.State oldValue, DaemonWrapper.State newValue) {
+					updateNotificationText();
 				}
 			};
 
+	private void updateNotificationText() {
+		try {
+			synchronized (initDeinitLock) {
+				if (shown) cancelNotification();
+				showNotification();
+			}
+		} catch (Throwable tr) {
+			Log.e(TAG,"error ignored",tr);
+		}
+	}
+
 
 	private NotificationManager notificationManager;
 
 	// Unique Identification Number for the Notification.
 	// We use it on Notification start, and to cancel it.
-	private int NOTIFICATION = 1;
+	private static final int NOTIFICATION = 1;
 
 	/**
 	 * Class for clients to access.  Because we know this service always
@@ -55,16 +63,27 @@ public class ForegroundService extends Service {
 		}
 	}
 
+	public static void init(DaemonWrapper daemon) {
+		ForegroundService.daemon = daemon;
+		initCheck();
+	}
+
+	private static void initCheck() {
+		synchronized (initDeinitLock) {
+			if (instance != null && daemon != null) instance.setListener();
+		}
+	}
+
 	@Override
 	public void onCreate() {
 		notificationManager = (NotificationManager)getSystemService(NOTIFICATION_SERVICE);
+		instance = this;
+		initCheck();
+	}
 
-		synchronized (this) {
-			DaemonSingleton.getInstance().addStateChangeListener(daemonStateUpdatedListener);
-			if (!shown) daemonStateUpdatedListener.daemonStateUpdate();
-		}
-		// Tell the user we started.
-//		Toast.makeText(this, R.string.i2pd_service_started, Toast.LENGTH_SHORT).show();
+	private void setListener() {
+		daemon.addStateChangeListener(daemonStateUpdatedListener);
+		updateNotificationText();
 	}
 
 	@Override
@@ -75,19 +94,33 @@ public class ForegroundService extends Service {
 
 	@Override
 	public void onDestroy() {
-		DaemonSingleton.getInstance().removeStateChangeListener(daemonStateUpdatedListener);
 		cancelNotification();
+		deinitCheck();
+		instance=null;
 	}
 
-	private synchronized void cancelNotification() {
-		// Cancel the persistent notification.
-		notificationManager.cancel(NOTIFICATION);
+	public static void deinit() {
+		deinitCheck();
+	}
 
-		stopForeground(true);
+	private static void deinitCheck() {
+		synchronized (initDeinitLock) {
+			if (daemon != null && instance != null)
+				daemon.removeStateChangeListener(instance.daemonStateUpdatedListener);
+		}
+	}
 
-		// Tell the user we stopped.
-		//Toast.makeText(this, R.string.i2pd_service_stopped, Toast.LENGTH_SHORT).show();
-		shown=false;
+	private void cancelNotification() {
+		synchronized (initDeinitLock) {
+			// Cancel the persistent notification.
+			notificationManager.cancel(NOTIFICATION);
+
+			stopForeground(true);
+
+			// Tell the user we stopped.
+			//Toast.makeText(this, R.string.i2pd_service_stopped, Toast.LENGTH_SHORT).show();
+			shown = false;
+		}
 	}
 
 	@Override
@@ -102,35 +135,42 @@ public class ForegroundService extends Service {
 	/**
 	 * Show a notification while this service is running.
 	 */
-	private synchronized void showNotification() {
-		// In this sample, we'll use the same text for the ticker and the expanded notification
-		CharSequence text = getText(DaemonSingleton.getInstance().getState().getStatusStringResourceId());
+	private void showNotification() {
+		synchronized (initDeinitLock) {
+			if (daemon != null) {
+				// In this sample, we'll use the same text for the ticker and the expanded notification
+				CharSequence text = getText(daemon.getState().getStatusStringResourceId());
 
-		// The PendingIntent to launch our activity if the user selects this notification
-		PendingIntent contentIntent = PendingIntent.getActivity(this, 0,
-				new Intent(this, I2PDActivity.class), 0);
+				// The PendingIntent to launch our activity if the user selects this notification
+				PendingIntent contentIntent = PendingIntent.getActivity(this, 0,
+						new Intent(this, I2PDActivity.class), 0);
 
-		// If earlier version channel ID is not used
-		// https://developer.android.com/reference/android/support/v4/app/NotificationCompat.Builder.html#NotificationCompat.Builder(android.content.Context)
-		String channelId = (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) ? createNotificationChannel() : "";
+				// If earlier version channel ID is not used
+				// https://developer.android.com/reference/android/support/v4/app/NotificationCompat.Builder.html#NotificationCompat.Builder(android.content.Context)
+				String channelId = Build.VERSION.SDK_INT >= 26 ? createNotificationChannel() : "";
 
-		// Set the info for the views that show in the notification panel.
-		Notification notification = new NotificationCompat.Builder(this, channelId)
-				.setOngoing(true)
-				.setSmallIcon(R.drawable.itoopie_notification_icon) // the status icon
-				.setPriority(Notification.PRIORITY_DEFAULT)
-				.setCategory(Notification.CATEGORY_SERVICE)
-				.setTicker(text) // the status text
-				.setWhen(System.currentTimeMillis()) // the time stamp
-				.setContentTitle(getText(R.string.app_name)) // the label of the entry
-				.setContentText(text) // the contents of the entry
-				.setContentIntent(contentIntent) // The intent to send when the entry is clicked
-				.build();
+				// Set the info for the views that show in the notification panel.
+				NotificationCompat.Builder builder = new NotificationCompat.Builder(this, channelId)
+						.setOngoing(true)
+						.setSmallIcon(R.drawable.itoopie_notification_icon); // the status icon
+				if (Build.VERSION.SDK_INT >= 16)
+					builder = builder.setPriority(Notification.PRIORITY_DEFAULT);
+				if (Build.VERSION.SDK_INT >= 21)
+					builder = builder.setCategory(Notification.CATEGORY_SERVICE);
+				Notification notification = builder
+						.setTicker(text) // the status text
+						.setWhen(System.currentTimeMillis()) // the time stamp
+						.setContentTitle(getText(R.string.app_name)) // the label of the entry
+						.setContentText(text) // the contents of the entry
+						.setContentIntent(contentIntent) // The intent to send when the entry is clicked
+						.build();
 
-		// Send the notification.
-		//mNM.notify(NOTIFICATION, notification);
-		startForeground(NOTIFICATION, notification);
-		shown = true;
+				// Send the notification.
+				//mNM.notify(NOTIFICATION, notification);
+				startForeground(NOTIFICATION, notification);
+				shown = true;
+			}
+		}
 	}
 
 	@RequiresApi(Build.VERSION_CODES.O)
@@ -141,9 +181,8 @@ public class ForegroundService extends Service {
 		//chan.setLightColor(Color.PURPLE);
 		chan.setLockscreenVisibility(Notification.VISIBILITY_PRIVATE);
 		NotificationManager service = (NotificationManager)getSystemService(Context.NOTIFICATION_SERVICE);
-		service.createNotificationChannel(chan);
+		if(service!=null)service.createNotificationChannel(chan);
+		else Log.e(TAG, "error: NOTIFICATION_SERVICE is null");
 		return channelId;
 	}
-
-	private static final DaemonSingleton daemon = DaemonSingleton.getInstance();
 }

android/src/org/purplei2p/i2pd/I2PDActivity.java

@@ -1,109 +1,120 @@
 package org.purplei2p.i2pd;
 
-import java.io.File;
-import java.io.FileReader;
-import java.io.FileWriter;
-import java.io.BufferedReader;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
 import java.io.PrintWriter;
 import java.io.StringWriter;
 import java.util.Timer;
 import java.util.TimerTask;
 
 import android.Manifest;
+import android.annotation.SuppressLint;
 import android.app.Activity;
+import android.app.AlertDialog;
+import android.content.ActivityNotFoundException;
 import android.content.ComponentName;
 import android.content.Context;
 import android.content.Intent;
 import android.content.ServiceConnection;
-import android.content.res.AssetManager;
+import android.content.SharedPreferences;
 import android.content.pm.PackageManager;
+import android.net.ConnectivityManager;
+import android.net.Uri;
 import android.os.Bundle;
 import android.os.Build;
-import android.os.Environment;
 import android.os.IBinder;
+import android.os.PowerManager;
+import android.preference.PreferenceManager;
+import android.provider.Settings;
 import android.util.Log;
 import android.view.Menu;
 import android.view.MenuItem;
 import android.widget.TextView;
 import android.widget.Toast;
-import android.support.v4.app.ActivityCompat;
-import android.support.v4.content.ContextCompat;
+
+
+import androidx.annotation.NonNull;
+import androidx.core.app.ActivityCompat;
+import androidx.core.content.ContextCompat;
 
 // For future package update checking
-import org.purplei2p.i2pd.BuildConfig;
+
+import android.webkit.WebSettings;
+import android.webkit.WebView;
+import android.webkit.WebViewClient;
+
+
+import static android.provider.Settings.ACTION_IGNORE_BATTERY_OPTIMIZATION_SETTINGS;
 
 public class I2PDActivity extends Activity {
 	private static final String TAG = "i2pdActvt";
 	private static final int MY_PERMISSION_REQUEST_WRITE_EXTERNAL_STORAGE = 1;
 	public static final int GRACEFUL_DELAY_MILLIS = 10 * 60 * 1000;
+	public static final String PACKAGE_URI_SCHEME = "package:";
 
 	private TextView textView;
-	private boolean assetsCopied;
-	private String i2pdpath = Environment.getExternalStorageDirectory().getAbsolutePath() + "/i2pd/";
+	//private ConfigParser parser = new ConfigParser(i2pdpath); // TODO
 
-	private static final DaemonSingleton daemon = DaemonSingleton.getInstance();
+	private static volatile DaemonWrapper daemon;
 
-	private final DaemonSingleton.StateUpdateListener daemonStateUpdatedListener =
-	new DaemonSingleton.StateUpdateListener() {
+	private final DaemonWrapper.StateUpdateListener daemonStateUpdatedListener = new DaemonWrapper.StateUpdateListener() {
 		@Override
-		public void daemonStateUpdate()
-		{
-			processAssets();
-			runOnUiThread(new Runnable(){
-
-				@Override
-				public void run() {
-					try {
-						if(textView==null) return;
-						Throwable tr = daemon.getLastThrowable();
-						if(tr!=null) {
-							textView.setText(throwableToString(tr));
-							return;
-						}
-						DaemonSingleton.State state = daemon.getState();
-						textView.setText(
-						String.valueOf(getText(state.getStatusStringResourceId()))+
-						(DaemonSingleton.State.startFailed.equals(state) ? ": "+daemon.getDaemonStartResult() : "")+
-						(DaemonSingleton.State.gracefulShutdownInProgress.equals(state) ? ":  "+formatGraceTimeRemaining()+" "+getText(R.string.remaining) : "")
-						);
-					} catch (Throwable tr) {
-						Log.e(TAG,"error ignored",tr);
-					}
-				}
-			});
+		public void daemonStateUpdate(DaemonWrapper.State oldValue, DaemonWrapper.State newValue) {
+			updateStatusText();
 		}
 	};
+
+	private void updateStatusText() {
+		runOnUiThread(() -> {
+			try {
+				if (textView == null)
+					return;
+				Throwable tr = daemon.getLastThrowable();
+				if (tr!=null) {
+					textView.setText(throwableToString(tr));
+					return;
+				}
+				DaemonWrapper.State state = daemon.getState();
+				String startResultStr = DaemonWrapper.State.startFailed.equals(state) ? String.format(": %s", daemon.getDaemonStartResult()) : "";
+				String graceStr = DaemonWrapper.State.gracefulShutdownInProgress.equals(state) ? String.format(": %s %s", formatGraceTimeRemaining(), getText(R.string.remaining)) : "";
+				textView.setText(String.format("%s%s%s", getText(state.getStatusStringResourceId()), startResultStr, graceStr));
+			} catch (Throwable tr) {
+				Log.e(TAG,"error ignored",tr);
+			}
+		});
+	}
+
 	private static volatile long graceStartedMillis;
-	private static final Object graceStartedMillis_LOCK=new Object();
+	private static final Object graceStartedMillis_LOCK = new Object();
+	private Menu optionsMenu;
 
 	private static String formatGraceTimeRemaining() {
 		long remainingSeconds;
-		synchronized (graceStartedMillis_LOCK){
-			remainingSeconds=Math.round(Math.max(0,graceStartedMillis+GRACEFUL_DELAY_MILLIS-System.currentTimeMillis())/1000.0D);
+		synchronized (graceStartedMillis_LOCK) {
+			remainingSeconds = Math.round(Math.max(0, graceStartedMillis + GRACEFUL_DELAY_MILLIS - System.currentTimeMillis()) / 1000.0D);
 		}
-		long remainingMinutes=(long)Math.floor(remainingSeconds/60.0D);
-		long remSec=remainingSeconds-remainingMinutes*60;
-		return remainingMinutes+":"+(remSec/10)+remSec%10;
+		long remainingMinutes = (long)Math.floor(remainingSeconds / 60.0D);
+		long remSec = remainingSeconds - remainingMinutes * 60;
+		return remainingMinutes + ":" + (remSec / 10) + remSec % 10;
 	}
 
 	@Override
 	public void onCreate(Bundle savedInstanceState) {
+		Log.i(TAG, "onCreate");
 		super.onCreate(savedInstanceState);
 
+        if (daemon==null) {
+            ConnectivityManager connectivityManager = (ConnectivityManager) getSystemService(Context.CONNECTIVITY_SERVICE);
+            daemon = new DaemonWrapper(getAssets(), connectivityManager);
+        }
+        ForegroundService.init(daemon);
+
 		textView = new TextView(this);
 		setContentView(textView);
 		daemon.addStateChangeListener(daemonStateUpdatedListener);
-		daemonStateUpdatedListener.daemonStateUpdate();
+		daemonStateUpdatedListener.daemonStateUpdate(DaemonWrapper.State.uninitialized, daemon.getState());
 
 		 // request permissions
-		if (Build.VERSION.SDK_INT >= 23)
-		{
-			if (ContextCompat.checkSelfPermission(this, Manifest.permission.WRITE_EXTERNAL_STORAGE) != PackageManager.PERMISSION_GRANTED) 
-			{
+		if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
+			if (ContextCompat.checkSelfPermission(this, Manifest.permission.WRITE_EXTERNAL_STORAGE) != PackageManager.PERMISSION_GRANTED) {
 				ActivityCompat.requestPermissions(this,
 					new String[]{Manifest.permission.WRITE_EXTERNAL_STORAGE},
 					MY_PERMISSION_REQUEST_WRITE_EXTERNAL_STORAGE);
@@ -114,49 +125,49 @@ public class I2PDActivity extends Activity {
 		doBindService();
 
 		final Timer gracefulQuitTimer = getGracefulQuitTimer();
-		if(gracefulQuitTimer!=null){
+		if (gracefulQuitTimer != null) {
 			long gracefulStopAtMillis;
 			synchronized (graceStartedMillis_LOCK) {
 				gracefulStopAtMillis = graceStartedMillis + GRACEFUL_DELAY_MILLIS;
 			}
 			rescheduleGraceStop(gracefulQuitTimer, gracefulStopAtMillis);
 		}
+
+		openBatteryOptimizationDialogIfNeeded();
+
 	}
 
 	@Override
 	protected void onDestroy() {
 		super.onDestroy();
 		textView = null;
+		ForegroundService.deinit();
 		daemon.removeStateChangeListener(daemonStateUpdatedListener);
-		//cancelGracefulStop();
-		try{
+		//cancelGracefulStop0();
+		try {
 			doUnbindService();
-			}catch(Throwable tr){
+		} catch(Throwable tr) {
 			Log.e(TAG, "", tr);
 		}
 	}
 
 	@Override
-	public void onRequestPermissionsResult(int requestCode, String permissions[], int[] grantResults) 
+	public void onRequestPermissionsResult(int requestCode, @NonNull String[] permissions, @NonNull int[] grantResults)
 	{
-		switch (requestCode) 
-		{
-			case MY_PERMISSION_REQUEST_WRITE_EXTERNAL_STORAGE:
-			{
-				if (grantResults.length > 0 && grantResults[0] == PackageManager.PERMISSION_GRANTED) 
-					Log.e(TAG, "Memory permission granted");
-				else 
-					Log.e(TAG, "Memory permission declined");
-					// TODO: terminate
-				return;
+		if (requestCode == MY_PERMISSION_REQUEST_WRITE_EXTERNAL_STORAGE) {
+			if (grantResults.length > 0 && grantResults[0] == PackageManager.PERMISSION_GRANTED)
+				Log.e(TAG, "WR_EXT_STORAGE perm granted");
+			else {
+				Log.e(TAG, "WR_EXT_STORAGE perm declined, stopping i2pd");
+				i2pdStop();
+				//TODO must work w/o this perm, ask orignal
 			}
-			default: ;
 		}
 	}
 
-	private static void cancelGracefulStop() {
+	private void cancelGracefulStop0() {
 		Timer gracefulQuitTimer = getGracefulQuitTimer();
-		if(gracefulQuitTimer!=null) {
+		if (gracefulQuitTimer != null) {
 			gracefulQuitTimer.cancel();
 			setGracefulQuitTimer(null);
 		}
@@ -201,7 +212,8 @@ public class I2PDActivity extends Activity {
 
 	private void doBindService() {
 		synchronized (I2PDActivity.class) {
-			if (mIsBound) return;
+			if (mIsBound)
+				return;
 			// Establish a connection with the service.  We use an explicit
 			// class name because we want a specific service implementation that
 			// we know will be running in our own process (and thus won't be
@@ -225,267 +237,250 @@ public class I2PDActivity extends Activity {
 	public boolean onCreateOptionsMenu(Menu menu) {
 		// Inflate the menu; this adds items to the action bar if it is present.
 		getMenuInflater().inflate(R.menu.options_main, menu);
+		menu.findItem(R.id.action_battery_otimizations).setVisible(isBatteryOptimizationsOpenOsDialogApiAvailable());
+		this.optionsMenu = menu;
 		return true;
 	}
 
+	private boolean isBatteryOptimizationsOpenOsDialogApiAvailable() {
+		return android.os.Build.VERSION.SDK_INT >= Build.VERSION_CODES.M;
+	}
+
 	@Override
-	public boolean onOptionsItemSelected(MenuItem item) {
+	public boolean onOptionsItemSelected(@NonNull MenuItem item) {
 		// Handle action bar item clicks here. The action bar will
 		// automatically handle clicks on the Home/Up button, so long
 		// as you specify a parent activity in AndroidManifest.xml.
 		int id = item.getItemId();
 
-		switch(id){
+		switch(id) {
 			case R.id.action_stop:
-			i2pdStop();
-			return true;
+				i2pdStop();
+				return true;
+
 			case R.id.action_graceful_stop:
-				if (getGracefulQuitTimer()!= null)
-				{
-					item.setTitle(R.string.action_graceful_stop);
-					i2pdCancelGracefulStop ();
+				synchronized (graceStartedMillis_LOCK) {
+					if (getGracefulQuitTimer() != null)
+						cancelGracefulStop();
+					else
+						i2pdGracefulStop();
 				}
-				else
-				{
-					item.setTitle(R.string.action_cancel_graceful_stop);	
-					i2pdGracefulStop();
-				}
-			return true;
+				return true;
+
+			case R.id.action_battery_otimizations:
+				onActionBatteryOptimizations();
+				return true;
+
+			case R.id.action_reload_tunnels_config:
+				onReloadTunnelsConfig();
+				return true;
+
+			case R.id.action_start_webview:
+				startActivity(new Intent(getApplicationContext(), WebConsoleActivity.class));
+				return true;
 		}
 
 		return super.onOptionsItemSelected(item);
 	}
 
-	private void i2pdStop() {
-		cancelGracefulStop();
-		new Thread(new Runnable(){
-
-			@Override
-			public void run() {
-				Log.d(TAG, "stopping");
-				try{
-					daemon.stopDaemon();
-					}catch (Throwable tr) {
-					Log.e(TAG, "", tr);
-				}
+	private void onActionBatteryOptimizations() {
+		if (isBatteryOptimizationsOpenOsDialogApiAvailable()) {
+			try {
+				startActivity(new Intent(ACTION_IGNORE_BATTERY_OPTIMIZATION_SETTINGS));
+			} catch (ActivityNotFoundException e) {
+				Log.e(TAG, "BATT_OPTIM_DIALOG_ActvtNotFound", e);
+				Toast.makeText(this, R.string.os_version_does_not_support_battery_optimizations_show_os_dialog_api, Toast.LENGTH_SHORT).show();
 			}
+		}
+	}
 
-		},"stop").start();
+	private void onReloadTunnelsConfig() {
+		Log.d(TAG, "reloading tunnels");
+		daemon.reloadTunnelsConfigs();
+		Toast.makeText(this, R.string.tunnels_reloading, Toast.LENGTH_SHORT).show();
+	}
+
+	private void i2pdStop() {
+		cancelGracefulStop0();
+		new Thread(() -> {
+			Log.d(TAG, "stopping");
+			try {
+				daemon.stopDaemon();
+			} catch (Throwable tr) {
+				Log.e(TAG, "", tr);
+			}
+			quit(); //TODO make menu items for starting i2pd. On my Android, I need to reboot the OS to restart i2pd.
+		}, "stop").start();
 	}
 
 	private static volatile Timer gracefulQuitTimer;
 
 	private void i2pdGracefulStop() {
-		if(daemon.getState()==DaemonSingleton.State.stopped){
-			Toast.makeText(this, R.string.already_stopped,
-			Toast.LENGTH_SHORT).show();
+		if (daemon.getState() == DaemonWrapper.State.stopped) {
+			Toast.makeText(this, R.string.already_stopped, Toast.LENGTH_SHORT).show();
 			return;
 		}
-		if(getGracefulQuitTimer()!=null){
-			Toast.makeText(this, R.string.graceful_stop_is_already_in_progress,
-			Toast.LENGTH_SHORT).show();
+		if (getGracefulQuitTimer() != null) {
+			Toast.makeText(this, R.string.graceful_stop_is_already_in_progress, Toast.LENGTH_SHORT).show();
 			return;
 		}
-		Toast.makeText(this, R.string.graceful_stop_is_in_progress,
-		Toast.LENGTH_SHORT).show();
-		new Thread(new Runnable(){
-
-			@Override
-			public void run() {
-				try {
-					Log.d(TAG, "grac stopping");
-					if(daemon.isStartedOkay()) {
-						daemon.stopAcceptingTunnels();
-						long gracefulStopAtMillis;
-						synchronized (graceStartedMillis_LOCK) {
-							graceStartedMillis = System.currentTimeMillis();
-							gracefulStopAtMillis = graceStartedMillis + GRACEFUL_DELAY_MILLIS;
-						}
-						rescheduleGraceStop(null,gracefulStopAtMillis);
-					} else {
-						i2pdStop();
+		Toast.makeText(this, R.string.graceful_stop_is_in_progress, Toast.LENGTH_SHORT).show();
+		new Thread(() -> {
+			try {
+				Log.d(TAG, "graceful stopping");
+				if (daemon.isStartedOkay()) {
+					daemon.stopAcceptingTunnels();
+					long gracefulStopAtMillis;
+					synchronized (graceStartedMillis_LOCK) {
+						graceStartedMillis = System.currentTimeMillis();
+						gracefulStopAtMillis = graceStartedMillis + GRACEFUL_DELAY_MILLIS;
 					}
-				} catch(Throwable tr) {
-					Log.e(TAG,"",tr);
-				}
+					rescheduleGraceStop(null, gracefulStopAtMillis);
+				} else
+					i2pdStop();
+			} catch(Throwable tr) {
+				Log.e(TAG, "", tr);
 			}
-
-		},"gracInit").start();
+		}, "gracInit").start();
 	}
-	
-	private void i2pdCancelGracefulStop() 
-	{
-		cancelGracefulStop();
-		Toast.makeText(this, R.string.startedOkay, Toast.LENGTH_SHORT).show();
-		new Thread(new Runnable()
-		{
-			@Override
-			public void run() 
-			{
-				try
-				{
-					Log.d(TAG, "grac stopping cancel");
-					if(daemon.isStartedOkay()) 
-						daemon.startAcceptingTunnels();
-					else
-						i2pdStop();
-				}
-				catch(Throwable tr)
-				{
-					Log.e(TAG,"",tr);
-				}
-			}
 
-		},"gracCancel").start();
+	private void cancelGracefulStop()
+	{
+		cancelGracefulStop0();
+		new Thread(() -> {
+			try {
+				Log.d(TAG, "canceling graceful stop");
+				if (daemon.isStartedOkay()) {
+					daemon.startAcceptingTunnels();
+					runOnUiThread(() -> Toast.makeText(this, R.string.shutdown_canceled, Toast.LENGTH_SHORT).show());
+				} else
+					i2pdStop();
+			} catch(Throwable tr) {
+				Log.e(TAG, "", tr);
+			}
+		}, "gracCancel").start();
 	}
 
 	private void rescheduleGraceStop(Timer gracefulQuitTimerOld, long gracefulStopAtMillis) {
-		if(gracefulQuitTimerOld!=null)gracefulQuitTimerOld.cancel();
+		if (gracefulQuitTimerOld != null)
+			gracefulQuitTimerOld.cancel();
+
+		if(daemon.getTransitTunnelsCount() <= 0) { // no tunnels left
+			Log.d(TAG, "no transit tunnels left, stopping");
+			i2pdStop();
+			return;
+		}
+
 		final Timer gracefulQuitTimer = new Timer(true);
 		setGracefulQuitTimer(gracefulQuitTimer);
-		gracefulQuitTimer.schedule(new TimerTask(){
+		gracefulQuitTimer.schedule(new TimerTask() {
 
 			@Override
 			public void run() {
 				i2pdStop();
 			}
 
-		}, Math.max(0,gracefulStopAtMillis-System.currentTimeMillis()));
+		}, Math.max(0, gracefulStopAtMillis - System.currentTimeMillis()));
 		final TimerTask tickerTask = new TimerTask() {
 			@Override
 			public void run() {
-				daemonStateUpdatedListener.daemonStateUpdate();
+				updateStatusText();
 			}
 		};
-		gracefulQuitTimer.scheduleAtFixedRate(tickerTask,0/*start delay*/,1000/*millis period*/);
+		gracefulQuitTimer.scheduleAtFixedRate(tickerTask, 0/*start delay*/, 1000/*millis period*/);
 	}
 
 	private static Timer getGracefulQuitTimer() {
 		return gracefulQuitTimer;
 	}
 
-	private static void setGracefulQuitTimer(Timer gracefulQuitTimer) {
+	private void setGracefulQuitTimer(Timer gracefulQuitTimer) {
 		I2PDActivity.gracefulQuitTimer = gracefulQuitTimer;
-	}
-
-	/**
-		* Copy the asset at the specified path to this app's data directory. If the
-		* asset is a directory, its contents are also copied.
-		*
-		* @param path
-		* Path to asset, relative to app's assets directory.
-	*/
-	private void copyAsset(String path) {
-		AssetManager manager = getAssets();
-
-		// If we have a directory, we make it and recurse. If a file, we copy its
-		// contents.
-		try {
-			String[] contents = manager.list(path);
-
-			// The documentation suggests that list throws an IOException, but doesn't
-			// say under what conditions. It'd be nice if it did so when the path was
-			// to a file. That doesn't appear to be the case. If the returned array is
-			// null or has 0 length, we assume the path is to a file. This means empty
-			// directories will get turned into files.
-			if (contents == null || contents.length == 0)
-			throw new IOException();
-
-			// Make the directory.
-			File dir = new File(i2pdpath, path);
-			dir.mkdirs();
-
-			// Recurse on the contents.
-			for (String entry : contents) {
-				copyAsset(path + "/" + entry);
-			}
-		} catch (IOException e) {
-			copyFileAsset(path);
-		}
-	}
-
-	/**
-		* Copy the asset file specified by path to app's data directory. Assumes
-		* parent directories have already been created.
-		*
-		* @param path
-		* Path to asset, relative to app's assets directory.
-	*/
-	private void copyFileAsset(String path) {
-		File file = new File(i2pdpath, path);
-		if(!file.exists()) try {
-			InputStream in = getAssets().open(path);
-			OutputStream out = new FileOutputStream(file);
-			byte[] buffer = new byte[1024];
-			int read = in.read(buffer);
-			while (read != -1) {
-				out.write(buffer, 0, read);
-				read = in.read(buffer);
-			}
-			out.close();
-			in.close();
-		} catch (IOException e) {
-			Log.e(TAG, "", e);
-		}
-	}
-
-	private void deleteRecursive(File fileOrDirectory) {
-		if (fileOrDirectory.isDirectory()) {
-			for (File child : fileOrDirectory.listFiles()) {
-				deleteRecursive(child);
-			}
-		}
-		fileOrDirectory.delete();
-	}
-
-	private void processAssets() {
-		if (!assetsCopied) try {
-			assetsCopied = true; // prevent from running on every state update
-
-			File holderfile = new File(i2pdpath, "assets.ready");
-			String versionName = BuildConfig.VERSION_NAME; // here will be app version, like 2.XX.XX
-			StringBuilder text = new StringBuilder();
-
-			if (holderfile.exists()) try { // if holder file exists, read assets version string
-				BufferedReader br = new BufferedReader(new FileReader(holderfile));
-				String line;
-
-				while ((line = br.readLine()) != null) {
-					text.append(line);
+		runOnUiThread(()-> {
+			Menu menu = optionsMenu;
+			if (menu != null) {
+				MenuItem item = menu.findItem(R.id.action_graceful_stop);
+				if (item != null) {
+					synchronized (graceStartedMillis_LOCK) {
+						item.setTitle(getGracefulQuitTimer() != null ? R.string.action_cancel_graceful_stop : R.string.action_graceful_stop);
+					}
 				}
-				br.close();
-			}
-			catch (IOException e) {
-				Log.e(TAG, "", e);
 			}
+		});
+	}
 
-			// if version differs from current app version or null, try to delete certificates folder
-			if (!text.toString().contains(versionName)) try {
-				holderfile.delete();
-				File certpath = new File(i2pdpath, "certificates");
-				deleteRecursive(certpath);
-			}
-			catch (Throwable tr) {
-				Log.e(TAG, "", tr);
-			}
-
-			// copy assets. If processed file exists, it won't be overwrited
-			copyAsset("addressbook");
-			copyAsset("certificates");
-			copyAsset("tunnels.d");
-			copyAsset("i2pd.conf");
-			copyAsset("subscriptions.txt");
-			copyAsset("tunnels.conf");
-
-			// update holder file about successful copying
-			FileWriter writer = new FileWriter(holderfile);
-			writer.append(versionName);
-			writer.flush();
-			writer.close();
+	@SuppressLint("BatteryLife")
+	private void openBatteryOptimizationDialogIfNeeded() {
+		boolean questionEnabled = getPreferences().getBoolean(getBatteryOptimizationPreferenceKey(), true);
+		Log.i(TAG, "BATT_OPTIM_questionEnabled==" + questionEnabled);
+		if (!isKnownIgnoringBatteryOptimizations()
+				&& android.os.Build.VERSION.SDK_INT >= android.os.Build.VERSION_CODES.M
+				&& questionEnabled) {
+			AlertDialog.Builder builder = new AlertDialog.Builder(this);
+			builder.setTitle(R.string.battery_optimizations_enabled);
+			builder.setMessage(R.string.battery_optimizations_enabled_dialog);
+			builder.setPositiveButton(R.string.continue_str, (dialog, which) -> {
+				try {
+					startActivity(new Intent(Settings.ACTION_REQUEST_IGNORE_BATTERY_OPTIMIZATIONS, Uri.parse(PACKAGE_URI_SCHEME + getPackageName())));
+				} catch (ActivityNotFoundException e) {
+					Log.e(TAG, "BATT_OPTIM_ActvtNotFound", e);
+					Toast.makeText(this, R.string.device_does_not_support_disabling_battery_optimizations, Toast.LENGTH_SHORT).show();
+				}
+			});
+			builder.setOnDismissListener(dialog -> setNeverAskForBatteryOptimizationsAgain());
+			final AlertDialog dialog = builder.create();
+			dialog.setCanceledOnTouchOutside(false);
+			dialog.show();
 		}
-		catch (Throwable tr)
-		{
-			Log.e(TAG,"copy assets",tr);
+	}
+
+	private void setNeverAskForBatteryOptimizationsAgain() {
+		getPreferences().edit().putBoolean(getBatteryOptimizationPreferenceKey(), false).apply();
+	}
+
+	protected boolean isKnownIgnoringBatteryOptimizations() {
+		if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
+			final PowerManager pm = (PowerManager) getSystemService(POWER_SERVICE);
+			if (pm == null) {
+				Log.i(TAG, "BATT_OPTIM: POWER_SERVICE==null");
+				return false;
+			}
+			boolean ignoring = pm.isIgnoringBatteryOptimizations(getPackageName());
+			Log.i(TAG, "BATT_OPTIM: ignoring==" + ignoring);
+			return ignoring;
+		} else {
+			Log.i(TAG, "BATT_OPTIM: old sdk version==" + Build.VERSION.SDK_INT);
+			return false;
 		}
 	}
+
+	protected SharedPreferences getPreferences() {
+		return PreferenceManager.getDefaultSharedPreferences(getApplicationContext());
+	}
+
+	private String getBatteryOptimizationPreferenceKey() {
+		@SuppressLint("HardwareIds") String device = Settings.Secure.getString(getContentResolver(), Settings.Secure.ANDROID_ID);
+		return "show_battery_optimization" + (device == null ? "" : device);
+	}
+
+	private void quit() {
+		try {
+			if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) {
+				finishAndRemoveTask();
+			} else if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN) {
+				finishAffinity();
+			} else {
+				//moveTaskToBack(true);
+				finish();
+			}
+		} catch (Throwable tr) {
+			Log.e(TAG, "", tr);
+		}
+		try {
+			daemon.stopDaemon();
+		} catch (Throwable tr) {
+			Log.e(TAG, "", tr);
+		}
+		System.exit(0);
+	}
 }

android/src/org/purplei2p/i2pd/I2PD_JNI.java

@@ -16,10 +16,14 @@ public class I2PD_JNI {
 
 	public static native void startAcceptingTunnels();
 
+	public static native void reloadTunnelsConfigs();
+
 	public static native void onNetworkStateChanged(boolean isConnected);
 
 	public static native void setDataDir(String jdataDir);
 
+	public static native int GetTransitTunnelsCount();
+
 	public static void loadLibraries() {
 		//System.loadLibrary("c++_shared");
 		System.loadLibrary("i2pd");

android/src/org/purplei2p/i2pd/WebConsoleActivity.java

@@ -0,0 +1,41 @@
+package org.purplei2p.i2pd;
+
+import androidx.appcompat.app.AppCompatActivity;
+
+import android.app.Activity;
+import android.os.Bundle;
+import android.view.MenuItem;
+import android.webkit.WebSettings;
+import android.webkit.WebView;
+import android.webkit.WebViewClient;
+
+import java.util.Objects;
+
+public class WebConsoleActivity extends Activity {
+
+    @Override
+    protected void onCreate(Bundle savedInstanceState) {
+        super.onCreate(savedInstanceState);
+        setContentView(R.layout.activity_web_console);
+
+        Objects.requireNonNull(getActionBar()).setDisplayHomeAsUpEnabled(true);
+
+        final WebView webView = findViewById(R.id.webview1);
+        webView.setWebViewClient(new WebViewClient());
+
+        final WebSettings webSettings = webView.getSettings();
+        webSettings.setBuiltInZoomControls(true);
+        webSettings.setJavaScriptEnabled(false);
+        webView.loadUrl("http://127.0.0.1:7070"); // TODO: instead 7070 I2Pd....HttpPort
+    }
+
+    public boolean onOptionsItemSelected(MenuItem item) {
+        int id = item.getItemId();
+
+        if (id==android.R.id.home) {
+            finish();
+            return true;
+        }
+        return false;
+    }
+}

android_binary_only/jni/Android.mk

@@ -26,29 +26,29 @@ include $(BUILD_EXECUTABLE)
 LOCAL_PATH := $(call my-dir)
 include $(CLEAR_VARS)
 LOCAL_MODULE := boost_system
-LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_68_0-clang/$(TARGET_ARCH_ABI)/lib/libboost_system.a
-LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_68_0-clang/include
+LOCAL_SRC_FILES := $(BOOST_PATH)/boost-1_72_0/$(TARGET_ARCH_ABI)/lib/libboost_system.a
+LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost-1_72_0/include
 include $(PREBUILT_STATIC_LIBRARY)
 
 LOCAL_PATH := $(call my-dir)
 include $(CLEAR_VARS)
 LOCAL_MODULE := boost_date_time
-LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_68_0-clang/$(TARGET_ARCH_ABI)/lib/libboost_date_time.a
-LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_68_0-clang/include
+LOCAL_SRC_FILES := $(BOOST_PATH)/boost-1_72_0/$(TARGET_ARCH_ABI)/lib/libboost_date_time.a
+LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost-1_72_0/include
 include $(PREBUILT_STATIC_LIBRARY)
 
 LOCAL_PATH := $(call my-dir)
 include $(CLEAR_VARS)
 LOCAL_MODULE := boost_filesystem
-LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_68_0-clang/$(TARGET_ARCH_ABI)/lib/libboost_filesystem.a
-LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_68_0-clang/include
+LOCAL_SRC_FILES := $(BOOST_PATH)/boost-1_72_0/$(TARGET_ARCH_ABI)/lib/libboost_filesystem.a
+LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost-1_72_0/include
 include $(PREBUILT_STATIC_LIBRARY)
 
 LOCAL_PATH := $(call my-dir)
 include $(CLEAR_VARS)
 LOCAL_MODULE := boost_program_options
-LOCAL_SRC_FILES := $(BOOST_PATH)/boost_1_68_0-clang/$(TARGET_ARCH_ABI)/lib/libboost_program_options.a
-LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost_1_68_0-clang/include
+LOCAL_SRC_FILES := $(BOOST_PATH)/boost-1_72_0/$(TARGET_ARCH_ABI)/lib/libboost_program_options.a
+LOCAL_EXPORT_C_INCLUDES := $(BOOST_PATH)/boost-1_72_0/include
 include $(PREBUILT_STATIC_LIBRARY)
 
 LOCAL_PATH := $(call my-dir)

android_binary_only/jni/Application.mk

@@ -9,8 +9,8 @@ APP_PLATFORM := android-14
 NDK_TOOLCHAIN_VERSION := clang
 APP_STL := c++_static
 
-# Enable c++11 extensions in source code
-APP_CPPFLAGS += -std=c++11 -fvisibility=default -fPIE
+# Enable c++17 extensions in source code
+APP_CPPFLAGS += -std=c++17 -fvisibility=default -fPIE
 
 APP_CPPFLAGS += -DANDROID_BINARY -DANDROID -D__ANDROID__ -DUSE_UPNP
 APP_LDFLAGS += -rdynamic -fPIE -pie
@@ -21,7 +21,7 @@ endif
 # Forcing debug optimization. Use `ndk-build NDK_DEBUG=1` instead.
 #APP_OPTIM  := debug
 
-# git clone https://github.com/PurpleI2P/Boost-for-Android-Prebuilt.git
+# git clone https://github.com/PurpleI2P/Boost-for-Android-Prebuilt.git -b boost-1_72_0
 # git clone https://github.com/PurpleI2P/OpenSSL-for-Android-Prebuilt.git
 # git clone https://github.com/PurpleI2P/MiniUPnP-for-Android-Prebuilt.git
 # git clone https://github.com/PurpleI2P/android-ifaddrs.git

appveyor.yml

@@ -1,4 +1,4 @@
-version: 2.25.0.{build}
+version: 2.34.0.{build}
 pull_requests:
   do_not_increment_build_number: true
 branches:
@@ -9,41 +9,49 @@ os: Visual Studio 2015
 shallow_clone: true
 clone_depth: 1
 
+# avoid building 32-bit if 64-bit failed already
+matrix:
+  fast_finish: true
+
 environment:
+  APPVEYOR_SAVE_CACHE_ON_ERROR: true
   MSYS2_PATH_TYPE: inherit
   CHERE_INVOKING: enabled_from_arguments
   matrix:
   - MSYSTEM: MINGW64
   - MSYSTEM: MINGW32
 
+cache:
+  - c:\msys64\var\cache\pacman\pkg\
+
 install:
-- c:\msys64\usr\bin\bash -lc "pacman --noconfirm -Rns gcc-fortran gcc"
-- c:\msys64\usr\bin\bash -lc "pacman --noconfirm -Syuu --force"
-
-- c:\msys64\usr\bin\bash -lc "pacman --noconfirm -Syuu --force"
-
-- if "%MSYSTEM%" == "MINGW64" (
-    c:\msys64\usr\bin\bash -lc "pacman --noconfirm -S mingw-w64-x86_64-boost mingw-w64-x86_64-miniupnpc"
-  ) else (
-    c:\msys64\usr\bin\bash -lc "pacman --noconfirm -S mingw-w64-i686-boost mingw-w64-i686-miniupnpc"
-  )
-
-- if "%MSYSTEM%" == "MINGW64" (
-    set "bitness=64"
-  ) else (
-    set "bitness=32"
-  )
+# install new signing keyring	
+- c:\msys64\usr\bin\bash -lc "curl -O https://mirror.selfnet.de/msys2/msys/x86_64/msys2-keyring-r21.b39fb11-1-any.pkg.tar.xz"	
+- c:\msys64\usr\bin\bash -lc "curl -O https://mirror.selfnet.de/msys2/msys/x86_64/msys2-keyring-r21.b39fb11-1-any.pkg.tar.xz.sig"	
+- c:\msys64\usr\bin\bash -lc "pacman-key --verify msys2-keyring-r21.b39fb11-1-any.pkg.tar.xz.sig"	
+- c:\msys64\usr\bin\bash -lc "pacman --noconfirm -U msys2-keyring-r21.b39fb11-1-any.pkg.tar.xz"
+# remove packages which can break build
+- c:\msys64\usr\bin\bash -lc "pacman --noconfirm -Rns gcc-fortran gcc mingw-w64-{i686,x86_64}-gcc-ada mingw-w64-{i686,x86_64}-gcc-objc"
+# update runtime
+- c:\msys64\usr\bin\bash -lc "pacman --noconfirm -Syuu"
+# Kill bash before next try
+- taskkill /T /F /IM bash.exe /IM gpg.exe /IM gpg-agent.exe | exit /B 0
+# update packages and install required
+- c:\msys64\usr\bin\bash -lc "pacman --noconfirm -Syuu $MINGW_PACKAGE_PREFIX-boost $MINGW_PACKAGE_PREFIX-miniupnpc"
 
 build_script:
-- cmd: >-
-    cd \projects\i2pd
+- c:\msys64\usr\bin\bash -lc "make USE_UPNP=yes DEBUG=no -j3"
+# prepare archive for uploading
+- set "FILELIST=i2pd.exe README.txt contrib/i2pd.conf contrib/tunnels.conf contrib/certificates contrib/tunnels.d"
+- echo This is development build, use it carefully! For running in portable mode, move all files from contrib directory here. > README.txt
+- 7z a -tzip -mx9 -mmt i2pd-%APPVEYOR_BUILD_VERSION%-%APPVEYOR_REPO_COMMIT:~0,7%-mingw-win%MSYSTEM:~-2%.zip %FILELIST%
 
-    echo MSYSTEM = %MSYSTEM%, bitness = %bitness%
-
-- c:\msys64\usr\bin\bash -lc "make USE_UPNP=yes -j2"
-- 7z a -tzip -mx9 -mmt i2pd-mingw-win%bitness%.zip i2pd.exe
+after_build:
+- c:\msys64\usr\bin\bash -lc "pacman --noconfirm -Sc"
 
 test: off
 
+deploy: off
+
 artifacts:
-- path: i2pd-mingw-win*.zip
+- path: i2pd-*.zip

build/CMakeLists.txt

@@ -1,30 +1,32 @@
-cmake_minimum_required ( VERSION 2.8.12 )
+cmake_minimum_required(VERSION 2.8.12)
 # this addresses CMP0059 with CMake > 3.3 for PCH flags
-cmake_policy( VERSION 2.8.12 )
-project ( "i2pd" )
+cmake_policy(VERSION 2.8.12)
+project("i2pd")
 
 # for debugging
 #set(CMAKE_VERBOSE_MAKEFILE on)
 
+# Win32 build with cmake is not supported
+if(WIN32 OR MSVC OR MSYS OR MINGW)
+  message(SEND_ERROR "cmake build for windows is not supported. Please use MSYS2 with makefiles in project root.")
+endif()
+
 # configurale options
-option(WITH_AESNI     "Use AES-NI instructions set" OFF)
-option(WITH_AVX       "Use AVX instructions" OFF)
-option(WITH_HARDENING "Use hardening compiler flags" OFF)
-option(WITH_LIBRARY   "Build library" ON)
-option(WITH_BINARY    "Build binary" ON)
-option(WITH_STATIC    "Static build" OFF)
-option(WITH_UPNP "Include support for UPnP client" OFF)
-option(WITH_PCH "Use precompiled header" OFF)
-option(WITH_GUI "Include GUI (currently MS Windows only)" ON)
-option(WITH_MESHNET "Build for cjdns test network" OFF)
-option(WITH_ADDRSANITIZER "Build with address sanitizer unix only" OFF)
-option(WITH_THREADSANITIZER "Build with thread sanitizer unix only" OFF)
-option(WITH_I2LUA "Build for i2lua" OFF)
-option(WITH_WEBSOCKETS "Build with websocket ui" OFF)
+option(WITH_AESNI           "Use AES-NI instructions set"             OFF)
+option(WITH_AVX             "Use AVX instructions"                    OFF)
+option(WITH_HARDENING       "Use hardening compiler flags"            OFF)
+option(WITH_LIBRARY         "Build library"                           ON)
+option(WITH_BINARY          "Build binary"                            ON)
+option(WITH_STATIC          "Static build"                            OFF)
+option(WITH_UPNP            "Include support for UPnP client"         OFF)
+option(WITH_PCH             "Use precompiled header"                  OFF)
+option(WITH_MESHNET         "Build for cjdns test network"            OFF)
+option(WITH_ADDRSANITIZER   "Build with address sanitizer unix only"  OFF)
+option(WITH_THREADSANITIZER "Build with thread sanitizer unix only"   OFF)
 
 # paths
-set ( CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake_modules" )
-set ( CMAKE_SOURCE_DIR ".." )
+set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake_modules")
+set(CMAKE_SOURCE_DIR "..")
 
 # architecture
 include(TargetArch)
@@ -32,74 +34,65 @@ target_architecture(ARCHITECTURE)
 
 set(LIBI2PD_SRC_DIR ../libi2pd)
 set(LIBI2PD_CLIENT_SRC_DIR ../libi2pd_client)
+set(DAEMON_SRC_DIR ../daemon)
 
 include_directories(${LIBI2PD_SRC_DIR})
 include_directories(${LIBI2PD_CLIENT_SRC_DIR})
+include_directories(${DAEMON_SRC_DIR})
 
-set (LIBI2PD_SRC
+set(LIBI2PD_SRC
+  "${LIBI2PD_SRC_DIR}/api.cpp"
+  "${LIBI2PD_SRC_DIR}/Base.cpp"
+  "${LIBI2PD_SRC_DIR}/Blinding.cpp"
   "${LIBI2PD_SRC_DIR}/BloomFilter.cpp"
+  "${LIBI2PD_SRC_DIR}/ChaCha20.cpp"
   "${LIBI2PD_SRC_DIR}/Config.cpp"
   "${LIBI2PD_SRC_DIR}/CPU.cpp"
   "${LIBI2PD_SRC_DIR}/Crypto.cpp"
   "${LIBI2PD_SRC_DIR}/CryptoKey.cpp"
+  "${LIBI2PD_SRC_DIR}/Datagram.cpp"
+  "${LIBI2PD_SRC_DIR}/Destination.cpp"
+  "${LIBI2PD_SRC_DIR}/ECIESX25519AEADRatchetSession.cpp"
+  "${LIBI2PD_SRC_DIR}/Ed25519.cpp"
+  "${LIBI2PD_SRC_DIR}/Elligator.cpp"
+  "${LIBI2PD_SRC_DIR}/Family.cpp"
+  "${LIBI2PD_SRC_DIR}/FS.cpp"
   "${LIBI2PD_SRC_DIR}/Garlic.cpp"
+  "${LIBI2PD_SRC_DIR}/Gost.cpp"
   "${LIBI2PD_SRC_DIR}/Gzip.cpp"
   "${LIBI2PD_SRC_DIR}/HTTP.cpp"
   "${LIBI2PD_SRC_DIR}/I2NPProtocol.cpp"
   "${LIBI2PD_SRC_DIR}/Identity.cpp"
   "${LIBI2PD_SRC_DIR}/LeaseSet.cpp"
-  "${LIBI2PD_SRC_DIR}/FS.cpp"
   "${LIBI2PD_SRC_DIR}/Log.cpp"
-  "${LIBI2PD_SRC_DIR}/NTCPSession.cpp"
-  "${LIBI2PD_SRC_DIR}/NetDbRequests.cpp"
   "${LIBI2PD_SRC_DIR}/NetDb.cpp"
+  "${LIBI2PD_SRC_DIR}/NetDbRequests.cpp"
+  "${LIBI2PD_SRC_DIR}/NTCP2.cpp"
+  "${LIBI2PD_SRC_DIR}/Poly1305.cpp"
   "${LIBI2PD_SRC_DIR}/Profiling.cpp"
   "${LIBI2PD_SRC_DIR}/Reseed.cpp"
   "${LIBI2PD_SRC_DIR}/RouterContext.cpp"
   "${LIBI2PD_SRC_DIR}/RouterInfo.cpp"
+  "${LIBI2PD_SRC_DIR}/Signature.cpp"
   "${LIBI2PD_SRC_DIR}/SSU.cpp"
   "${LIBI2PD_SRC_DIR}/SSUData.cpp"
   "${LIBI2PD_SRC_DIR}/SSUSession.cpp"
   "${LIBI2PD_SRC_DIR}/Streaming.cpp"
-  "${LIBI2PD_SRC_DIR}/Destination.cpp"
-  "${LIBI2PD_SRC_DIR}/TransitTunnel.cpp"
-  "${LIBI2PD_SRC_DIR}/Tunnel.cpp"
-  "${LIBI2PD_SRC_DIR}/TunnelGateway.cpp"
-  "${LIBI2PD_SRC_DIR}/Transports.cpp"
-  "${LIBI2PD_SRC_DIR}/TunnelEndpoint.cpp"
-  "${LIBI2PD_SRC_DIR}/TunnelPool.cpp"
-  "${LIBI2PD_SRC_DIR}/Base.cpp"
-  "${LIBI2PD_SRC_DIR}/util.cpp"
-  "${LIBI2PD_SRC_DIR}/Datagram.cpp"
-  "${LIBI2PD_SRC_DIR}/Family.cpp"
-  "${LIBI2PD_SRC_DIR}/Signature.cpp"
   "${LIBI2PD_SRC_DIR}/Timestamp.cpp"
-  "${LIBI2PD_SRC_DIR}/api.cpp"
-  "${LIBI2PD_SRC_DIR}/Event.cpp"
-  "${LIBI2PD_SRC_DIR}/Gost.cpp"
-  "${LIBI2PD_SRC_DIR}/ChaCha20.cpp"
-  "${LIBI2PD_SRC_DIR}/Poly1305.cpp"
-  "${LIBI2PD_SRC_DIR}/Ed25519.cpp"
-  "${LIBI2PD_SRC_DIR}/NTCP2.cpp"
+  "${LIBI2PD_SRC_DIR}/TransitTunnel.cpp"
+  "${LIBI2PD_SRC_DIR}/Transports.cpp"
+  "${LIBI2PD_SRC_DIR}/Tunnel.cpp"
+  "${LIBI2PD_SRC_DIR}/TunnelEndpoint.cpp"
+  "${LIBI2PD_SRC_DIR}/TunnelGateway.cpp"
+  "${LIBI2PD_SRC_DIR}/TunnelPool.cpp"
+  "${LIBI2PD_SRC_DIR}/TunnelConfig.cpp"
+  "${LIBI2PD_SRC_DIR}/util.cpp"
 )
 
-if (WITH_WEBSOCKETS)
-  add_definitions(-DWITH_EVENTS)
-  find_package(websocketpp REQUIRED)
-endif ()
-
-if (WIN32 OR MSYS)
-  list (APPEND LIBI2PD_SRC "${CMAKE_SOURCE_DIR}/I2PEndian.cpp")
-endif ()
-
-if (WITH_I2LUA)
-  add_definitions(-DI2LUA)
-endif()
-
 add_library(libi2pd ${LIBI2PD_SRC})
 set_target_properties(libi2pd PROPERTIES PREFIX "")
 
-if (WITH_LIBRARY)
+if(WITH_LIBRARY)
   install(TARGETS libi2pd
     EXPORT libi2pd
     ARCHIVE DESTINATION lib
@@ -110,7 +103,7 @@ if (WITH_LIBRARY)
 # install(EXPORT libi2pd DESTINATION ${CMAKE_INSTALL_LIBDIR})
 endif()
 
-set (CLIENT_SRC
+set(CLIENT_SRC
   "${LIBI2PD_CLIENT_SRC_DIR}/AddressBook.cpp"
   "${LIBI2PD_CLIENT_SRC_DIR}/BOB.cpp"
   "${LIBI2PD_CLIENT_SRC_DIR}/ClientContext.cpp"
@@ -121,17 +114,12 @@ set (CLIENT_SRC
   "${LIBI2PD_CLIENT_SRC_DIR}/SOCKS.cpp"
   "${LIBI2PD_CLIENT_SRC_DIR}/HTTPProxy.cpp"
   "${LIBI2PD_CLIENT_SRC_DIR}/I2CP.cpp"
-  "${LIBI2PD_CLIENT_SRC_DIR}/WebSocks.cpp"
 )
 
-if(WITH_WEBSOCKETS)
-  list (APPEND CLIENT_SRC "${LIBI2PD_CLIENT_SRC_DIR}/Websocket.cpp")
-endif ()
-
 add_library(libi2pdclient ${CLIENT_SRC})
 set_target_properties(libi2pdclient PROPERTIES PREFIX "")
 
-if (WITH_LIBRARY)
+if(WITH_LIBRARY)
   install(TARGETS libi2pdclient
     EXPORT libi2pdclient
     ARCHIVE DESTINATION lib
@@ -139,9 +127,7 @@ if (WITH_LIBRARY)
     COMPONENT Libraries)
 endif()
 
-set(DAEMON_SRC_DIR ../daemon)
-
-set (DAEMON_SRC
+set(DAEMON_SRC
   "${DAEMON_SRC_DIR}/Daemon.cpp"
   "${DAEMON_SRC_DIR}/HTTPServer.cpp"
   "${DAEMON_SRC_DIR}/I2PControl.cpp"
@@ -149,116 +135,80 @@ set (DAEMON_SRC
   "${DAEMON_SRC_DIR}/UPnP.cpp"
 )
 
-if (WITH_MESHNET)
+if(WITH_MESHNET)
   add_definitions(-DMESHNET)
-endif ()
+endif()
 
-if (WITH_UPNP)
+if(WITH_UPNP)
   add_definitions(-DUSE_UPNP)
-  if (NOT MSVC AND NOT MSYS)
-    set(DL_LIB ${CMAKE_DL_LIBS})
-  endif ()
-endif ()
+endif()
 
-# compiler flags customization (by vendor)
-if (MSVC)
-  add_definitions( -DWIN32_LEAN_AND_MEAN -DNOMINMAX )
-  # TODO Check & report to Boost dev, there should be no need for these two
-  add_definitions( -DBOOST_THREAD_NO_LIB -DBOOST_CHRONO_NO_LIB )
-  set( CMAKE_CXX_FLAGS_RELEASE "${CMAKE_CXX_FLAGS_RELEASE} /GL" )
-  set( CMAKE_EXE_LINKER_FLAGS_RELEASE "${CMAKE_EXE_LINKER_FLAGS_RELEASE} /INCREMENTAL:NO /LTCG" )
-  set( CMAKE_CXX_FLAGS_RELWITHDEBINFO "${CMAKE_CXX_FLAGS_RELEASE} /GL" )
-  set( CMAKE_EXE_LINKER_FLAGS_RELWITHDEBINFO "${CMAKE_EXE_LINKER_FLAGS_RELWITHDEBINFO} /INCREMENTAL:NO /LTCG" )
-else()
-  if (MSYS OR MINGW)
-    add_definitions( -DWIN32_LEAN_AND_MEAN )
-  endif ()
-  set( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall -Wextra -Winvalid-pch -Wno-unused-parameter" )
-  set( CMAKE_CXX_FLAGS_RELEASE "${CMAKE_CXX_FLAGS_RELEASE} -pedantic" )
-  # TODO: The following is incompatible with static build and enabled hardening for OpenWRT.
-  # Multiple definitions of __stack_chk_fail (libssp & libc)
-  set( CMAKE_CXX_FLAGS_MINSIZEREL "${CMAKE_CXX_FLAGS_MINSIZEREL} -flto -s -ffunction-sections -fdata-sections" )
-  set( CMAKE_EXE_LINKER_FLAGS_MINSIZEREL "-Wl,--gc-sections" ) # -flto is added from above
-endif ()
+set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wall -Wextra -Winvalid-pch -Wno-unused-parameter")
+set(CMAKE_CXX_FLAGS_RELEASE "${CMAKE_CXX_FLAGS_RELEASE} -pedantic")
+# TODO: The following is incompatible with static build and enabled hardening for OpenWRT.
+# Multiple definitions of __stack_chk_fail(libssp & libc)
+set(CMAKE_CXX_FLAGS_MINSIZEREL "${CMAKE_CXX_FLAGS_MINSIZEREL} -flto -s -ffunction-sections -fdata-sections")
+set(CMAKE_EXE_LINKER_FLAGS_MINSIZEREL "-Wl,--gc-sections") # -flto is added from above
 
-# check for c++11 support
+# check for c++17 & c++11 support
 include(CheckCXXCompilerFlag)
+CHECK_CXX_COMPILER_FLAG("-std=c++17" CXX17_SUPPORTED)
 CHECK_CXX_COMPILER_FLAG("-std=c++11" CXX11_SUPPORTED)
-CHECK_CXX_COMPILER_FLAG("-std=c++0x" CXX0X_SUPPORTED)
-if (CXX11_SUPPORTED)
-  set( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++11" )
-elseif (CXX0X_SUPPORTED) # gcc 4.6
-  set( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++0x" )
-elseif (NOT MSVC)
-  message(SEND_ERROR "C++11 standard not seems to be supported by compiler. Too old version?")
-endif ()
+if(CXX17_SUPPORTED)
+  set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++17")
+elseif(CXX11_SUPPORTED)
+  set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++11")
+else()
+  message(SEND_ERROR "C++17 nor C++11 standard not seems to be supported by compiler. Too old version?")
+endif()
 
-if (CMAKE_CXX_COMPILER_ID STREQUAL "GNU")
-  set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -pipe")
-  if (WITH_HARDENING)
-    add_definitions( "-D_FORTIFY_SOURCE=2" )
-    set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wformat -Wformat-security -Werror=format-security" )
-    set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fstack-protector --param ssp-buffer-size=4" )
-  endif ()
-elseif (CMAKE_CXX_COMPILER_ID STREQUAL "Clang")
+if(CMAKE_CXX_COMPILER_ID STREQUAL "GNU")
+  set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -pipe")
+  if(WITH_HARDENING)
+    add_definitions("-D_FORTIFY_SOURCE=2")
+    set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wformat -Wformat-security -Werror=format-security")
+    set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fstack-protector --param ssp-buffer-size=4")
+  endif()
+elseif(CMAKE_CXX_COMPILER_ID STREQUAL "Clang")
   # more tweaks
-  if (LINUX)
-    set (CMAKE_REQUIRED_FLAGS "${CMAKE_REQUIRED_FLAGS} -stdlib=libstdc++" ) # required for <atomic>
+  if(LINUX)
+    set(CMAKE_REQUIRED_FLAGS "${CMAKE_REQUIRED_FLAGS} -stdlib=libstdc++") # required for <atomic>
     list(APPEND CMAKE_REQUIRED_LIBRARIES "stdc++") # required to link with -stdlib=libstdc++
   endif()
-  if (NOT (MSVC OR MSYS OR APPLE))
-    set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wno-unused-const-variable -Wno-overloaded-virtual -Wno-c99-extensions" )
+  if(NOT APPLE)
+    set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wno-unused-const-variable -Wno-overloaded-virtual -Wno-c99-extensions")
   endif()
-endif ()
+endif()
 
-if (WITH_HARDENING AND MSVC)
-  # Most security options like dynamic base, buffer & stack checks are ON by default
-  set (CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} /guard:cf" )
-endif ()
-
-# compiler flags customization (by system)
-if (UNIX)
-  list (APPEND DAEMON_SRC "${DAEMON_SRC_DIR}/UnixDaemon.cpp")
-  if (NOT (CMAKE_SYSTEM_NAME STREQUAL "OpenBSD" OR APPLE))
+# compiler flags customization(by system)
+if(UNIX)
+  list(APPEND DAEMON_SRC "${DAEMON_SRC_DIR}/UnixDaemon.cpp")
+  if(NOT(CMAKE_SYSTEM_NAME STREQUAL "OpenBSD" OR APPLE))
     # "'sleep_for' is not a member of 'std::this_thread'" in gcc 4.7/4.8
-    add_definitions( "-D_GLIBCXX_USE_NANOSLEEP=1" )
-  endif ()
-elseif (WIN32 OR MSYS)
-  list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/Win32/DaemonWin32.cpp")
-  if (WITH_GUI)
-    list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/Win32/Win32App.cpp")
-    set_source_files_properties("${CMAKE_SOURCE_DIR}/Win32/DaemonWin32.cpp"
-      PROPERTIES COMPILE_DEFINITIONS WIN32_APP)
-  endif ()
-  list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/Win32/Win32Service.cpp")
-  list (APPEND DAEMON_SRC "${CMAKE_SOURCE_DIR}/Win32/Resource.rc")
-endif ()
-
-if (WITH_AESNI)
-  set( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -maes" )
-endif()
-
-if (WITH_AVX)
-  set ( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -mavx" )
-endif()
-
-if (WITH_ADDRSANITIZER)
-  if (NOT MSVC)
-    set( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=address -fno-omit-frame-pointer" )
-    set( CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fsanitize=address" )
-  else ()
-    message( SEND_ERROR "MSVC does not support address sanitizer option")
+    add_definitions("-D_GLIBCXX_USE_NANOSLEEP=1")
   endif()
 endif()
 
-if (WITH_THREADSANITIZER)
-  if (WITH_ADDRSANITIZER)
-    message( FATAL_ERROR "thread sanitizer option cannot be combined with address sanitizer")
-  elseif (NOT MSVC)
-    set( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=thread" )
-    set( CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fsanitize=thread" )
-  else ()
-    message( SEND_ERROR "MSVC does not support address sanitizer option")
+if(WITH_AESNI)
+  set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -maes")
+  add_definitions(-DAESNI)
+endif()
+
+if(WITH_AVX)
+  set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -mavx")
+endif()
+
+if(WITH_ADDRSANITIZER)
+  set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=address -fno-omit-frame-pointer")
+  set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fsanitize=address")
+endif()
+
+if(WITH_THREADSANITIZER)
+  if(WITH_ADDRSANITIZER)
+    message(FATAL_ERROR "thread sanitizer option cannot be combined with address sanitizer")
+  else()
+    set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fsanitize=thread")
+    set(CMAKE_EXE_LINKER_FLAGS "${CMAKE_EXE_LINKER_FLAGS} -fsanitize=thread")
   endif()
 endif()
 
@@ -267,141 +217,87 @@ endif()
 # TODO: once CMake 3.1+ becomes mainstream, see e.g. http://stackoverflow.com/a/29871891/673826
 # use imported Threads::Threads instead
 set(THREADS_PREFER_PTHREAD_FLAG ON)
-if (IOS)
+if(IOS)
   set(CMAKE_THREAD_LIBS_INIT "-lpthread")
   set(CMAKE_HAVE_THREADS_LIBRARY 1)
   set(CMAKE_USE_WIN32_THREADS_INIT 0)
   set(CMAKE_USE_PTHREADS_INIT 1)
 else()
-  find_package ( Threads REQUIRED )
+  find_package(Threads REQUIRED)
 endif()
 if(THREADS_HAVE_PTHREAD_ARG) # compile time flag
   set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -pthread")
 endif()
 
-if (WITH_STATIC)
+if(WITH_STATIC)
   set(Boost_USE_STATIC_LIBS ON)
   set(Boost_USE_STATIC_RUNTIME ON)
-  if (WIN32 AND NOT MSYS AND NOT MINGW)
-    # http://www.cmake.org/Wiki/CMake_FAQ#Dynamic_Replace
-    foreach(flag_var
-            CMAKE_CXX_FLAGS CMAKE_CXX_FLAGS_DEBUG CMAKE_CXX_FLAGS_RELEASE
-            CMAKE_CXX_FLAGS_MINSIZEREL CMAKE_CXX_FLAGS_RELWITHDEBINFO)
-      if(${flag_var} MATCHES "/MD")
-        string(REGEX REPLACE "/MD" "/MT" ${flag_var} "${${flag_var}}")
-      endif(${flag_var} MATCHES "/MD")
-    endforeach(flag_var)
-  else ()
-    set(CMAKE_FIND_LIBRARY_SUFFIXES .a)
-  endif ()
   set(BUILD_SHARED_LIBS OFF)
-  if (${CMAKE_CXX_COMPILER} MATCHES ".*-openwrt-.*")
-    set( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -pthread" )
-    # set( CMAKE_THREAD_LIBS_INIT "gcc_eh -Wl,--whole-archive -lpthread -Wl,--no-whole-archive" )
-    set( CMAKE_THREAD_LIBS_INIT "gcc_eh -Wl,-u,pthread_create,-u,pthread_once,-u,pthread_mutex_lock,-u,pthread_mutex_unlock,-u,pthread_join,-u,pthread_equal,-u,pthread_detach,-u,pthread_cond_wait,-u,pthread_cond_signal,-u,pthread_cond_destroy,-u,pthread_cond_broadcast,-u,pthread_cancel" )
-  endif ()
+  if(${CMAKE_CXX_COMPILER} MATCHES ".*-openwrt-.*")
+    set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -pthread")
+    # set(CMAKE_THREAD_LIBS_INIT "gcc_eh -Wl,--whole-archive -lpthread -Wl,--no-whole-archive")
+    set(CMAKE_THREAD_LIBS_INIT "gcc_eh -Wl,-u,pthread_create,-u,pthread_once,-u,pthread_mutex_lock,-u,pthread_mutex_unlock,-u,pthread_join,-u,pthread_equal,-u,pthread_detach,-u,pthread_cond_wait,-u,pthread_cond_signal,-u,pthread_cond_destroy,-u,pthread_cond_broadcast,-u,pthread_cancel")
+  endif()
 else()
-  if (NOT WIN32 AND NOT MSYS)
-    # TODO: Consider separate compilation for LIBI2PD_SRC for library.
-    # No need in -fPIC overhead for binary if not interested in library
-    # HINT: revert c266cff CMakeLists.txt: compilation speed up
-    set( CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fPIC" )
-  endif ()
+  # TODO: Consider separate compilation for LIBI2PD_SRC for library.
+  # No need in -fPIC overhead for binary if not interested in library
+  # HINT: revert c266cff CMakeLists.txt: compilation speed up
+  set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fPIC")
   add_definitions(-DBOOST_SYSTEM_DYN_LINK -DBOOST_FILESYSTEM_DYN_LINK -DBOOST_PROGRAM_OPTIONS_DYN_LINK -DBOOST_DATE_TIME_DYN_LINK -DBOOST_REGEX_DYN_LINK)
-endif ()
+endif()
 
-if (WITH_PCH)
+if(WITH_PCH)
   include_directories(BEFORE ${CMAKE_BINARY_DIR})
   add_library(stdafx STATIC "${LIBI2PD_SRC_DIR}/stdafx.cpp")
-  if(MSVC)
-    target_compile_options(stdafx PRIVATE /Ycstdafx.h /Zm155)
-    add_custom_command(TARGET stdafx POST_BUILD
-      COMMAND xcopy /y stdafx.dir\\$<CONFIG>\\*.pdb libi2pd.dir\\$<CONFIG>\\
-      COMMAND xcopy /y stdafx.dir\\$<CONFIG>\\*.pdb i2pdclient.dir\\$<CONFIG>\\
-      COMMAND xcopy /y stdafx.dir\\$<CONFIG>\\*.pdb i2pd.dir\\$<CONFIG>\\
-      WORKING_DIRECTORY ${CMAKE_BINARY_DIR}
-      )
-    target_compile_options(libi2pd PRIVATE /FIstdafx.h /Yustdafx.h /Zm155 "/Fp${CMAKE_BINARY_DIR}/stdafx.dir/$<CONFIG>/stdafx.pch")
-    target_compile_options(libi2pdclient PRIVATE /FIstdafx.h /Yustdafx.h /Zm155 "/Fp${CMAKE_BINARY_DIR}/stdafx.dir/$<CONFIG>/stdafx.pch")
-  else()
-    string(TOUPPER ${CMAKE_BUILD_TYPE} BTU)
-    get_directory_property(DEFS DEFINITIONS)
-    string(REPLACE " " ";" FLAGS "${CMAKE_CXX_FLAGS} ${CMAKE_CXX_FLAGS_${BTU}} ${DEFS}")
-    add_custom_command(TARGET stdafx PRE_BUILD
-      COMMAND ${CMAKE_CXX_COMPILER} ${FLAGS} -c ${CMAKE_CURRENT_SOURCE_DIR}/../libi2pd/stdafx.h -o ${CMAKE_BINARY_DIR}/stdafx.h.gch
-    )
-    target_compile_options(libi2pd PRIVATE -include libi2pd/stdafx.h)
-    target_compile_options(libi2pdclient PRIVATE -include libi2pd/stdafx.h)
-  endif()
+  string(TOUPPER ${CMAKE_BUILD_TYPE} BTU)
+  get_directory_property(DEFS DEFINITIONS)
+  string(REPLACE " " ";" FLAGS "${CMAKE_CXX_FLAGS} ${CMAKE_CXX_FLAGS_${BTU}} ${DEFS}")
+  add_custom_command(TARGET stdafx PRE_BUILD
+    COMMAND ${CMAKE_CXX_COMPILER} ${FLAGS} -c ${CMAKE_CURRENT_SOURCE_DIR}/../libi2pd/stdafx.h -o ${CMAKE_BINARY_DIR}/stdafx.h.gch
+  )
+  target_compile_options(libi2pd PRIVATE -include libi2pd/stdafx.h)
+  target_compile_options(libi2pdclient PRIVATE -include libi2pd/stdafx.h)
   target_link_libraries(libi2pd stdafx)
 endif()
 
 target_link_libraries(libi2pdclient libi2pd)
 
-find_package ( Boost COMPONENTS system filesystem program_options date_time REQUIRED )
+find_package(Boost COMPONENTS system filesystem program_options date_time REQUIRED)
 if(NOT DEFINED Boost_INCLUDE_DIRS)
   message(SEND_ERROR "Boost is not found, or your boost version was below 1.46. Please download Boost!")
 endif()
 
-find_package ( OpenSSL REQUIRED )
+find_package(OpenSSL REQUIRED)
 if(NOT DEFINED OPENSSL_INCLUDE_DIR)
   message(SEND_ERROR "Could not find OpenSSL. Please download and install it first!")
 endif()
 
-if (WITH_UPNP)
-  find_package ( MiniUPnPc REQUIRED )
-  include_directories( SYSTEM ${MINIUPNPC_INCLUDE_DIR} )
+if(WITH_UPNP)
+  find_package(MiniUPnPc REQUIRED)
+  if(NOT MINIUPNPC_FOUND)
+    message(SEND_ERROR "Could not find MiniUPnPc. Please download and install it first!")
+  else()
+    include_directories(SYSTEM ${MINIUPNPC_INCLUDE_DIR})
+  endif()
 endif()
 
-find_package ( ZLIB )
-if (NOT ZLIB_FOUND )
-  # We are probably on Windows
-  find_program( PATCH patch C:/Program Files/Git/usr/bin C:/msys64/usr/bin C:/msys32/usr/bin C:/Strawberry/c/bin )
-  include( ExternalProject )
-  if( CMAKE_SIZEOF_VOID_P EQUAL 8 )
-    set( ZLIB_EXTRA -DAMD64=ON )
-  else()
-    set( ZLIB_EXTRA -DASM686=ON "-DCMAKE_ASM_MASM_FLAGS=/W0 /safeseh" )
-  endif()
-  ExternalProject_Add(zlib-project
-    URL https://zlib.net/zlib-1.2.11.tar.gz
-    URL_HASH SHA256=c3e5e9fdd5004dcb542feda5ee4f0ff0744628baf8ed2dd5d66f8ca1197cb1a1
-    PREFIX ${CMAKE_CURRENT_BINARY_DIR}/zlib
-    PATCH_COMMAND "${PATCH}" -p0 < ${CMAKE_CURRENT_SOURCE_DIR}/cmake-zlib-static.patch
-      && "${PATCH}" -p0 < ${CMAKE_CURRENT_SOURCE_DIR}/cmake-zlib-amd64.patch
-    CMAKE_ARGS -DCMAKE_INSTALL_PREFIX:PATH=<INSTALL_DIR>
-      -DWITH_STATIC=${WITH_STATIC} ${ZLIB_EXTRA}
-    )
-  if (WITH_PCH)
-    add_dependencies( stdafx zlib-project )
-  else ()
-    add_dependencies( libi2pd zlib-project )
-  endif ()
-  # ExternalProject_Get_Property(zlib-project install_dir)
-  set ( ZLIB_INCLUDE_DIR "${CMAKE_CURRENT_BINARY_DIR}/zlib/include" CACHE FILEPATH "zlib include dir" FORCE)
-  if (NOT WITH_STATIC)
-    set ( ZLIB_LIBRARY debug zlibd optimized zlib CACHE STRING "zlib libraries" FORCE)
-  endif ()
-  link_directories(${CMAKE_CURRENT_BINARY_DIR}/zlib/lib)
-else()
+find_package(ZLIB)
+if(ZLIB_FOUND)
   link_directories(${ZLIB_ROOT}/lib)
-endif ()
-if (WITH_STATIC AND (MSVC OR MSYS))
-  set ( ZLIB_LIBRARY debug zlibstaticd optimized zlibstatic CACHE STRING "zlib libraries" FORCE)
-endif ()
+endif()
 
 # load includes
-include_directories( SYSTEM ${Boost_INCLUDE_DIRS} ${OPENSSL_INCLUDE_DIR} ${ZLIB_INCLUDE_DIR} )
-
+include_directories(SYSTEM ${Boost_INCLUDE_DIRS} ${OPENSSL_INCLUDE_DIR} ${ZLIB_INCLUDE_DIR})
 
 # warn if for meshnet
-if (WITH_MESHNET)
+if(WITH_MESHNET)
   message(STATUS "Building for testnet")
   message(WARNING "This build will NOT work on mainline i2p")
 endif()
 
-include(CheckAtomic)
-
+if(NOT MSYS)
+  include(CheckAtomic)
+endif()
 
 # show summary
 message(STATUS "---------------------------------------")
@@ -423,39 +319,29 @@ message(STATUS "  PCH              : ${WITH_PCH}")
 message(STATUS "  MESHNET          : ${WITH_MESHNET}")
 message(STATUS "  ADDRSANITIZER    : ${WITH_ADDRSANITIZER}")
 message(STATUS "  THREADSANITIZER  : ${WITH_THREADSANITIZER}")
-message(STATUS "  I2LUA            : ${WITH_I2LUA}")
-message(STATUS "  WEBSOCKETS       : ${WITH_WEBSOCKETS}")
 message(STATUS "---------------------------------------")
 
 #Handle paths nicely
 include(GNUInstallDirs)
 
-if (WITH_BINARY)
-  add_executable ( "${PROJECT_NAME}" ${DAEMON_SRC} )
-  if (WIN32 AND WITH_GUI)
-    set_target_properties("${PROJECT_NAME}" PROPERTIES WIN32_EXECUTABLE TRUE )
-  endif()
-  if(NOT MSVC)
-    if (WITH_STATIC)
-      set_target_properties("${PROJECT_NAME}" PROPERTIES LINK_FLAGS "-static" )
-    endif ()
+if(WITH_BINARY)
+  add_executable("${PROJECT_NAME}" ${DAEMON_SRC})
+
+  if(WITH_STATIC)
+    set_target_properties("${PROJECT_NAME}" PROPERTIES LINK_FLAGS "-static")
   endif()
 
-  if (WITH_PCH)
-    if (MSVC)
-      target_compile_options("${PROJECT_NAME}" PRIVATE /FIstdafx.h /Yustdafx.h /Zm155 "/Fp${CMAKE_BINARY_DIR}/stdafx.dir/$<CONFIG>/stdafx.pch")
-    else()
-      target_compile_options("${PROJECT_NAME}" PRIVATE -include libi2pd/stdafx.h)
-    endif()
+  if(WITH_PCH)
+    target_compile_options("${PROJECT_NAME}" PRIVATE -include libi2pd/stdafx.h)
   endif()
 
-  if (WITH_HARDENING AND CMAKE_CXX_COMPILER_ID STREQUAL "GNU" AND NOT MSYS AND NOT MINGW)
-    set_target_properties("${PROJECT_NAME}" PROPERTIES LINK_FLAGS "-z relro -z now" )
-  endif ()
+  if(WITH_HARDENING AND CMAKE_CXX_COMPILER_ID STREQUAL "GNU")
+    set_target_properties("${PROJECT_NAME}" PROPERTIES LINK_FLAGS "-z relro -z now")
+  endif()
 
-  if (WITH_UPNP)
-	  target_link_libraries("${PROJECT_NAME}" "${MINIUPNPC_LIBRARY}")
-  endif ()
+  if(WITH_UPNP)
+    set(UPNP_LIB ${MINIUPNPC_LIBRARY})
+  endif()
 
   # FindBoost pulls pthread for thread which is broken for static linking at least on Ubuntu 15.04
   list(GET Boost_LIBRARIES -1 LAST_Boost_LIBRARIES)
@@ -463,127 +349,15 @@ if (WITH_BINARY)
     list(REMOVE_AT Boost_LIBRARIES -1)
   endif()
 
-  if (MSYS OR MINGW)
-    set (MINGW_EXTRA -lws2_32 -lmswsock -liphlpapi )
-  endif ()
-  if (WITH_STATIC)
+
+  if(WITH_STATIC)
     set(DL_LIB ${CMAKE_DL_LIBS})
   endif()
-  target_link_libraries( "${PROJECT_NAME}" libi2pd libi2pdclient ${DL_LIB} ${Boost_LIBRARIES} ${OPENSSL_LIBRARIES} ${ZLIB_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} ${MINGW_EXTRA} ${DL_LIB} ${CMAKE_REQUIRED_LIBRARIES})
+
+  target_link_libraries(libi2pd ${Boost_LIBRARIES} ${ZLIB_LIBRARY})
+  target_link_libraries("${PROJECT_NAME}" libi2pd libi2pdclient ${DL_LIB} ${Boost_LIBRARIES} ${OPENSSL_LIBRARIES} ${UPNP_LIB} ${ZLIB_LIBRARY} ${CMAKE_THREAD_LIBS_INIT} ${MINGW_EXTRA} ${DL_LIB} ${CMAKE_REQUIRED_LIBRARIES})
 
   install(TARGETS "${PROJECT_NAME}" RUNTIME DESTINATION ${CMAKE_INSTALL_BINDIR} COMPONENT Runtime)
-  set (APPS "\${CMAKE_INSTALL_PREFIX}/bin/${PROJECT_NAME}${CMAKE_EXECUTABLE_SUFFIX}")
-  set (DIRS "${Boost_LIBRARY_DIR};${OPENSSL_INCLUDE_DIR}/../bin;${ZLIB_INCLUDE_DIR}/../bin;/mingw32/bin")
-  if (MSVC)
-    install(FILES $<TARGET_PDB_FILE:${PROJECT_NAME}> DESTINATION ${CMAKE_INSTALL_BINDIR} CONFIGURATIONS DEBUG RELWITHDEBINFO COMPONENT Symbols)
-    # TODO Somehow this picks lots of unrelevant stuff with MSYS. OS X testing needed.
-    INSTALL(CODE "
-      include(BundleUtilities)
-      fixup_bundle(\"${APPS}\"   \"\"   \"${DIRS}\")
-      " COMPONENT Runtime)
-  endif ()
-endif ()
-
-install(FILES ../LICENSE
-  DESTINATION .
-  COMPONENT Runtime
-  )
-# Take a copy on Appveyor
-install(FILES "C:/projects/openssl-$ENV{OPENSSL}/LICENSE"
-  DESTINATION .
-  COMPONENT Runtime
-  RENAME LICENSE_OPENSSL
-  OPTIONAL                      # for local builds only!
-  )
-
-file(GLOB_RECURSE I2PD_SOURCES "../libi2pd/*.cpp" "../libi2pd_client/*.cpp" "../daemon/*.cpp" "../build" "../Win32" "../Makefile*")
-install(FILES ${I2PD_SOURCES} DESTINATION src/ COMPONENT Source)
-# install(DIRECTORY ../ DESTINATION src/
-#   # OPTIONAL
-#   COMPONENT Source FILES_MATCHING
-#   PATTERN .git EXCLUDE
-#   PATTERN "*.cpp"
-#   )
-
-file(GLOB I2PD_HEADERS "../libi2pd/*.h" "../libi2pd_client/*.h" "../daemon/*.h")
-install(FILES ${I2PD_HEADERS} DESTINATION src/ COMPONENT Headers)
-# install(DIRECTORY ../ DESTINATION src/
-#   # OPTIONAL
-#   COMPONENT Headers FILES_MATCHING
-#   PATTERN .git EXCLUDE
-#   PATTERN "*.h"
-#   )
-
-set(CPACK_PACKAGE_DESCRIPTION_SUMMARY "Purple I2P, a C++ I2P daemon")
-set(CPACK_PACKAGE_VENDOR "Purple I2P")
-set(CPACK_PACKAGE_DESCRIPTION_FILE "${CMAKE_CURRENT_SOURCE_DIR}/../README.md")
-set(CPACK_RESOURCE_FILE_LICENSE "${CMAKE_CURRENT_SOURCE_DIR}/../LICENSE")
-file(READ ../libi2pd/version.h version_h)
-string(REGEX REPLACE ".*I2PD_VERSION_MAJOR ([0-9]+).*" "\\1" CPACK_PACKAGE_VERSION_MAJOR "${version_h}")
-string(REGEX REPLACE ".*I2PD_VERSION_MINOR ([0-9]+).*" "\\1" CPACK_PACKAGE_VERSION_MINOR "${version_h}")
-string(REGEX REPLACE ".*I2PD_VERSION_MICRO ([0-9]+).*" "\\1" CPACK_PACKAGE_VERSION_MICRO "${version_h}")
-string(REGEX REPLACE ".*I2PD_VERSION_PATCH ([0-9]+).*" "\\1" CPACK_PACKAGE_VERSION_PATCH "${version_h}")
-set(CPACK_PACKAGE_INSTALL_DIRECTORY "Purple I2P")# ${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}")
-include(CPackComponent)
-cpack_add_component(Runtime
-  DESCRIPTION "Main files"
-  REQUIRED INSTALL_TYPES minimal)
-cpack_add_component(Symbols
-  DISPLAY_NAME "Debug symbols"
-  DESCRIPTION "Debug symbols for use with WinDbg or Visual Studio"
-  INSTALL_TYPES recommended full
-  )
-cpack_add_component(Libraries
-  DESCRIPTION "Binary libraries for development"
-  INSTALL_TYPES full dev3rd
-  )
-cpack_add_component(Source
-  DISPLAY_NAME "Source code"
-  DESCRIPTION "I2pd source code"
-  INSTALL_TYPES full
-  )
-cpack_add_component(Headers
-  DISPLAY_NAME "Header files"
-  DESCRIPTION "I2pd header files for development"
-  INSTALL_TYPES full dev3rd
-  )
-install(FILES ${MINIUPNPC_INCLUDE_DIR}/miniupnpc/miniupnpc.dll
-  DESTINATION bin
-  COMPONENT MiniUPnPc
-  OPTIONAL
-  )
-install(FILES ${MINIUPNPC_INCLUDE_DIR}/miniupnpc/LICENSE
-  DESTINATION .
-  COMPONENT MiniUPnPc
-  RENAME LICENSE_MINIUPNPC
-  OPTIONAL
-  )
-cpack_add_component(MiniUPnPc
-  INSTALL_TYPES full recommended
-  # DOWNLOADED
-  # ARCHIVE_FILE miniupnpc-win32.zip
-  )
-cpack_add_install_type(recommended DISPLAY_NAME Recommended)
-cpack_add_install_type(dev3rd DISPLAY_NAME "Third party development")
-cpack_add_install_type(full DISPLAY_NAME Full)
-cpack_add_install_type(minimal DISPLAY_NAME Minimal)
-if((WIN32 OR MSYS) AND NOT UNIX)
-  # There is a bug in NSI that does not handle full unix paths properly. Make
-  # sure there is at least one set of four (4) backlasshes.
-  set(CPACK_NSIS_DEFINES "RequestExecutionLevel user")
-  set(CPACK_PACKAGE_ICON "${CMAKE_CURRENT_SOURCE_DIR}/../Win32\\\\mask.bmp")
-  set(CPACK_NSIS_INSTALLED_ICON_NAME "bin/i2pd.exe")
-  SET(CPACK_NSIS_DISPLAY_NAME "${CPACK_PACKAGE_DESCRIPTION_SUMMARY}")
-  set(CPACK_NSIS_HELP_LINK "https:\\\\\\\\github.com\\\\PurpleI2P\\\\i2pd\\\\issues")
-  set(CPACK_NSIS_URL_INFO_ABOUT "https:\\\\\\\\github.com\\\\PurpleI2P\\\\i2pd")
-  set(CPACK_NSIS_CREATE_ICONS_EXTRA "CreateShortCut '$SMPROGRAMS\\\\$STARTMENU_FOLDER\\\\Install i2pd as windows service.lnk' '$INSTDIR\\\\bin\\\\i2pd.exe' '--service=install'
-CreateShortCut '$SMPROGRAMS\\\\$STARTMENU_FOLDER\\\\Remove i2pd windows service.lnk' '$INSTDIR\\\\bin\\\\i2pd.exe' '--service=remove'")
-  set(CPACK_NSIS_DELETE_ICONS_EXTRA "Delete '$SMPROGRAMS\\\\$START_MENU\\\\Install i2pd as windows service.lnk'
-Delete '$SMPROGRAMS\\\\$START_MENU\\\\Remove i2pd windows service.lnk'")
-else()
-  set(CPACK_STRIP_FILES "bin/i2pd")
-  set(CPACK_SOURCE_STRIP_FILES "")
+  set(APPS "\${CMAKE_INSTALL_PREFIX}/bin/${PROJECT_NAME}${CMAKE_EXECUTABLE_SUFFIX}")
+  set(DIRS "${Boost_LIBRARY_DIR};${OPENSSL_INCLUDE_DIR}/../bin;${ZLIB_INCLUDE_DIR}/../bin;/mingw32/bin")
 endif()
-set(CPACK_PACKAGE_EXECUTABLES "i2pd" "C++ I2P daemon")
-set(CPACK_SOURCE_GENERATOR "TGZ")
-include(CPack)

build/build_mingw.cmd

@@ -54,6 +54,14 @@ set bitness=64
 call :BUILDING
 echo.
 
+REM building for WinXP
+set "WD=C:\msys64-xp\usr\bin\"
+set MSYSTEM=MINGW32
+set bitness=32
+set "xSH=%WD%bash -lc"
+call :BUILDING_XP
+echo.
+
 del README.txt >> nul
 
 echo Build complete...
@@ -71,5 +79,11 @@ echo Build AESNI...
 %xSH% "make DEBUG=no USE_UPNP=yes USE_AESNI=1 -j%threads% && zip -r9 build/i2pd_%tag%_win%bitness%_mingw_aesni.zip %FILELIST% && make clean" > build/build_win%bitness%_aesni_%tag%.log 2>&1
 echo Build without extensions...
 %xSH% "make DEBUG=no USE_UPNP=yes -j%threads% && zip -r9 build/i2pd_%tag%_win%bitness%_mingw.zip %FILELIST% && make clean" > build/build_win%bitness%_%tag%.log 2>&1
+goto EOF
+
+:BUILDING_XP
+%xSH% "make clean" >> nul
+echo Building i2pd %tag% for winxp...
+%xSH% "make DEBUG=no USE_UPNP=yes USE_WINXP_FLAGS=yes -j%threads% && zip -r9 build/i2pd_%tag%_winxp_mingw.zip %FILELIST% && make clean" > build/build_winxp_%tag%.log 2>&1
 
 :EOF

build/cmake-zlib-amd64.patch

@@ -1,10 +0,0 @@
---- CMakeLists.txt.orig	2015-12-07 14:19:36.447689600 -0600
-+++ CMakeLists.txt	2015-12-07 14:18:23.004419900 -0600
-@@ -165,6 +165,7 @@
- 		ENABLE_LANGUAGE(ASM_MASM)
-         set(ZLIB_ASMS
- 			contrib/masmx64/gvmat64.asm
-+			contrib/masmx64/inffas8664.c
- 			contrib/masmx64/inffasx64.asm
- 		)
-     endif()

build/cmake-zlib-static.patch

@@ -1,28 +0,0 @@
---- CMakeLists.txt.orig	2013-04-28 17:57:10.000000000 -0500
-+++ CMakeLists.txt	2015-12-03 12:53:52.371087900 -0600
-@@ -7,6 +7,7 @@
- 
- option(ASM686 "Enable building i686 assembly implementation")
- option(AMD64 "Enable building amd64 assembly implementation")
-+option(WITH_STATIC    "Static runtime on Windows" OFF)
- 
- set(INSTALL_BIN_DIR "${CMAKE_INSTALL_PREFIX}/bin" CACHE PATH "Installation directory for executables")
- set(INSTALL_LIB_DIR "${CMAKE_INSTALL_PREFIX}/lib" CACHE PATH "Installation directory for libraries")
-@@ -66,6 +67,17 @@
-     include_directories(${CMAKE_CURRENT_SOURCE_DIR})
- endif()
- 
-+if(WITH_STATIC AND (MSVC OR MSYS))
-+    # http://www.cmake.org/Wiki/CMake_FAQ#Dynamic_Replace
-+    foreach(flag_var
-+            CMAKE_C_FLAGS CMAKE_C_FLAGS_DEBUG CMAKE_C_FLAGS_RELEASE
-+            CMAKE_C_FLAGS_MINSIZEREL CMAKE_C_FLAGS_RELWITHDEBINFO)
-+      if(${flag_var} MATCHES "/MD")
-+        string(REGEX REPLACE "/MD" "/MT" ${flag_var} "${${flag_var}}")
-+      endif(${flag_var} MATCHES "/MD")
-+    endforeach(flag_var)
-+endif()
-+
- if(NOT CMAKE_CURRENT_SOURCE_DIR STREQUAL CMAKE_CURRENT_BINARY_DIR)
-     # If we're doing an out of source build and the user has a zconf.h
-     # in their source tree...

contrib/apparmor/usr.sbin.i2pd

@@ -4,33 +4,22 @@
 #
 #include <tunables/global>
 
-/usr/sbin/i2pd {
+profile i2pd /{usr/,}sbin/i2pd {
   #include <abstractions/base>
-
-  network inet dgram,
-  network inet stream,
-  network inet6 dgram,
-  network inet6 stream,
-  network netlink raw,
-
-  /etc/gai.conf r,
-  /etc/host.conf r,
-  /etc/hosts r,
-  /etc/nsswitch.conf r,
-  /etc/resolv.conf r,
-  /run/resolvconf/resolv.conf r,
-  /run/systemd/resolve/stub-resolv.conf r,
+  #include <abstractions/openssl>
+  #include <abstractions/nameservice>
 
   # path specific (feel free to modify if you have another paths)
   /etc/i2pd/** r,
-  /run/i2pd/i2pd.pid rwk,
   /var/lib/i2pd/** rw,
   /var/log/i2pd/i2pd.log w,
-  /var/run/i2pd/i2pd.pid rwk,
-  /usr/sbin/i2pd mr,
-  /usr/share/i2pd/** r,
+  /{var/,}run/i2pd/i2pd.pid rwk,
+  /{usr/,}sbin/i2pd mr,
+  @{system_share_dirs}/i2pd/** r,
 
   # user homedir (if started not by init.d or systemd)
   owner @{HOME}/.i2pd/   rw,
   owner @{HOME}/.i2pd/** rwk,
+
+  #include if exists <local/usr.sbin.i2pd>
 }

contrib/certificates/reseed/atomike_at_mail.i2p.crt

@@ -1,34 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIF5TCCA82gAwIBAgIRANFIiHpTaRY2Z30TQOiuqFcwDQYJKoZIhvcNAQELBQAw
-cDELMAkGA1UEBhMCWFgxCzAJBgNVBAcTAlhYMQswCQYDVQQJEwJYWDEeMBwGA1UE
-ChMVSTJQIEFub255bW91cyBOZXR3b3JrMQwwCgYDVQQLEwNJMlAxGTAXBgNVBAMM
-EGF0b21pa2VAbWFpbC5pMnAwHhcNMTYwODAyMTQyNDEyWhcNMjYwODAyMTQyNDEy
-WjBwMQswCQYDVQQGEwJYWDELMAkGA1UEBxMCWFgxCzAJBgNVBAkTAlhYMR4wHAYD
-VQQKExVJMlAgQW5vbnltb3VzIE5ldHdvcmsxDDAKBgNVBAsTA0kyUDEZMBcGA1UE
-AwwQYXRvbWlrZUBtYWlsLmkycDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
-ggIBAMLRmxclaAvm405JLHNNiniUi0aZaBoLJ+afwn2LGfTDUhTD5Y8lW6V9o90n
-eTNOCaiid7bWpVBkA1M4gZ9TdUnP0POa99jXZbj4PHFRl1l8k4Ap12PUO3hgwtH7
-7j7j+UPaIuE2y+U7hJbmyQ0v7r8yjGWSTtSqs+exNhyr4Mh7DvacZySZ+oqQdXYA
-vnfDpBX1dKlN1Nb4XloG0uE1OK1YfJoC+p+v8qXjKagIdZgThdmsWcQ82EGI+Q9u
-VfrE4m3CNwJy0X86wMNYqHej88wBHnJMmTm+cZtFLVmZsRqnuLAQL1wrfCbGSltR
-zhVQHTysLwMz9+llTXtzMf+R2kcEAYWiPc5IRVU+LvkN/610r5fuHW+OcQ9ZgRVn
-PMqlv5PDG2ZxdIOAQQsOd7fH0r5q3MhqlVstVE45Rl33uA+M7wjJK2cvnOoSioxp
-szn2GIZliXQXo4dJczgfN2U4PLBGRBGmrB1R2S1YsG6CrSJuMCX14VKJP69Nfm8a
-EDA5GKNke+ZpXCszPLaNMB70LVFQc9FmMhsOgLIIoJBgd61uMgokMJJMLaWN0RaK
-w1ZduxYGUmg2T2pi/clIkVzZmlcHKViUn0sMcKD+ibEPOvQIB/3HPEEt6iIkanc/
-da5IFzikkaykt/Tu6o8rreeEu65HkIxFaCHegSXLHSyxj00BAgMBAAGjejB4MA4G
-A1UdDwEB/wQEAwIChDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwDwYD
-VR0TAQH/BAUwAwEB/zAZBgNVHQ4EEgQQYXRvbWlrZUBtYWlsLmkycDAbBgNVHSME
-FDASgBBhdG9taWtlQG1haWwuaTJwMA0GCSqGSIb3DQEBCwUAA4ICAQAA0MdWfN/N
-1q5CdJqDyw4JQwzdYkA27Wr02qIcmwnqjcCEDPl4uDTyqN9gbEpJ48AcsdXRa6GE
-lLh/qJ67I6YDe63LuhndzRULNgxGHVMGS8kBJIssQehb2rOFnbUTp0gMR+0QpXXe
-omase4kL90c9uuYX1vXaO/ADssY2/QX49prwJO+UY/jGhcX4YheFI/teA85u6Qko
-ero437Shqhl0kbdK+eBkOFf9a7mGxpMT73KE1jFS6433W4fFOkybQ1dcS0qStaUM
-3qKC0EQCbAl1seAp3AGuG46swHZB0rZ1WCKVAr5yqCWSWMYO+fL6FosNg9z/VDVh
-g6FFfoGrv19yaVFa9AvQsk1ATZ+bwtHProNx2Xet9pnAI30dT16+C5wCctoR6RVf
-iOHl6CGqadjOycbMDVvOfJhypNDgWW3gBaCfXiAocJTLpR7hKNZ2bnvcP2xyXH1j
-Qz/kiMJoZ3+TV1yC/x/maAHsUIQHqqd6ZRj7x5MgJq0UBdITo2ZQVfXYI0ZGIeNm
-fMu+P5448+NdpASa9QoqS8kPFeUaHJMzMFHBKhrr8lTJeZ82hKBXt5jD3Tbef5Ck
-n5auKu2D0IjvrzsdIpNMQAhuBPT06TW/LzN/MvardZcaLcBmcutefw6Z7RsedHvj
-cGpnw4a2u9sHZIUNHzoGq32+7UWXsBI5Ow==
------END CERTIFICATE-----

contrib/certificates/reseed/backup_at_mail.i2p.crt

@@ -1,32 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIFfTCCA2WgAwIBAgIEOprmhjANBgkqhkiG9w0BAQ0FADBvMQswCQYDVQQGEwJY
-WDELMAkGA1UECBMCWFgxCzAJBgNVBAcTAlhYMR4wHAYDVQQKExVJMlAgQW5vbnlt
-b3VzIE5ldHdvcmsxDDAKBgNVBAsTA0kyUDEYMBYGA1UEAwwPYmFja3VwQG1haWwu
-aTJwMB4XDTEzMTAxMzEzNDQ1NVoXDTIzMTAxMzEzNDQ1NVowbzELMAkGA1UEBhMC
-WFgxCzAJBgNVBAgTAlhYMQswCQYDVQQHEwJYWDEeMBwGA1UEChMVSTJQIEFub255
-bW91cyBOZXR3b3JrMQwwCgYDVQQLEwNJMlAxGDAWBgNVBAMMD2JhY2t1cEBtYWls
-LmkycDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAIoAkobXwk/Enf1d
-roHyqCyvcJfZJVTwb/LgYWAvCBMCr+RGqlSgtk3g69Y3I0xU08fD2kGt3r5Pwsbr
-omXIbJAcccyLqmQ5QX6QgL+X9VpMDp9C4h2RogCrqLBAWw4cuZ4RS9VCpP1Yis7H
-uejYqENP86p7BsRnuW/4cYnfunAdMpss4LpRGQXt1nTX+kfgCYgnKFbFqwAHt7yV
-Ds+Pe6FuBHPlp+sc1amKRcUnSvhXLsv43VicnT7xYL/kUsN83wrtHA3B4aGDx3aA
-3/EzuRmIXQB0BlTZILMEyYwG/nc4OsW82QYrvEZ9BIg9A4lF/wS/KZCICPxLF2zo
-dGjnmlgkiA4s8eO+va/ElHyELjckVXqmG1eXHhSkEsDvOQJy01IUuwLinvq7cUbJ
-HfJBZJllEg+sLDCv3FkEqN+XjBNFfQN4oNew4w6IPY6YH1INVB9LL0Cmdu4DudLv
-TY8OcI8eSfez3hmm+pYQ23PJRYYnvRDnRECyIWBegkckWRh8U/WvZUYUvETK6EDl
-/0KpTtfzX6MqHA5D6bTAB8Y3ijGMLrZ/B5vj5yCoZbLiGme9X2moR2k1LEhdhtzV
-exsqezCpg6dn48FTX7mHjvR5/r4kz2jqBGmdPUWIIxnjFUzDUK3llVQiHihleHpe
-jL4LqnhBGKWFRTaVwaIkBG4zAfIzAgMBAAGjITAfMB0GA1UdDgQWBBQNkfW7bSMl
-1/4KDbgwrkf9x1Zu/TANBgkqhkiG9w0BAQ0FAAOCAgEAGg3a3rTf0EznQocmio0T
-5gCoL0n8h6yKW/PyPAIELrd9wiYjhJFcWvMTcJJJnVqmAL5vpvhaAFVtAfx70MGa
-0DZ7FvytK5hEfF4IqOFDyEEVGJR5rIpVK4MeI1nmwEsxdbW+FhODjtRzgYO8XBME
-Xj4aY1FWg9vxc3reUj6PSFsZtsB0aLiRgL9JDovJIiRw0Uqr1v2wXBte5yVCxDge
-vTREZtpK4cKetoOa68pwSXI32JwKE18j6bfdKVBCcYQKlKP/3gHGduaDrQv3w32S
-DRym5s6MREeTUOtAw4wq46KpdOX8yyAqJPrCfMwS6ORd3t+egqOw0PUnsqb97w4O
-lUtrRYvb2cOj60SmRx4vJvItyuHbKqIK7o2e1RcUZPXYoAVx2ww4XB2Wk4D7LSAs
-cS7nLj8yAqzJ2qqtBzxu+zILJtkVa12dKF0xmS0BxBp4sCYiBtmAVE8AWQqEuSHA
-FrMWqoXcjcfdvvyX487FFWWUE7ZBIn0hee2sK9J9+SPtqczJaN7TF3K3nzo65WJG
-1epltmq2Ugjb67Gz7v4y7H23DJ/qhm8yLtCHTj69HTta5I08j6Kut924WLZaiMO/
-4YoEL5AE63X0sxYibKFQiq7FW5nUJA280GRlY3xSMFzlB2ggazrUV3YAWVDhfdnI
-flpzWXkFM2D36OUaubfe9YY=
------END CERTIFICATE-----

contrib/certificates/reseed/bugme_at_mail.i2p.crt

@@ -1,32 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIFezCCA2OgAwIBAgIEUQYyQjANBgkqhkiG9w0BAQ0FADBuMQswCQYDVQQGEwJY
-WDELMAkGA1UECBMCWFgxCzAJBgNVBAcTAlhYMR4wHAYDVQQKExVJMlAgQW5vbnlt
-b3VzIE5ldHdvcmsxDDAKBgNVBAsTA0kyUDEXMBUGA1UEAwwOYnVnbWVAbWFpbC5p
-MnAwHhcNMTQxMTA2MDkxMTE0WhcNMjQxMTA1MDkxMTE0WjBuMQswCQYDVQQGEwJY
-WDELMAkGA1UECBMCWFgxCzAJBgNVBAcTAlhYMR4wHAYDVQQKExVJMlAgQW5vbnlt
-b3VzIE5ldHdvcmsxDDAKBgNVBAsTA0kyUDEXMBUGA1UEAwwOYnVnbWVAbWFpbC5p
-MnAwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCrThOH0eSDT0VnCSBC
-sqYmAydWH+O8eNttDXr2mSvZLhvAW+6/xHTkKhaWvkIvvS0Vh8hujMnD90Cgp4Fk
-TKCxMj9K527o5xIZwWW05OevbjlBwIpVLO1PjmsfsoD1nIX14eEzJSEoAulKsv7V
-jGUC/6hC11mmVvH9buQLSRv6sCjuAcMszmw3TAD+XYBIs+z57KuwYXtX3+OA543c
-l1/ZKLYkkwY8cwzZqWDVWqTKP5TfVae58t40HhJk3bOsr21FZsaOjlmao3GO+d/3
-exKuUGJRcolSqskL3sZ1ovFqko81obvvx0upI0YA0iMr/NRGl3VPuf/LJvRppYGc
-LsJHgy9TIgtHvaXRi5Nt4CbKl9sZh/7WkkTTI5YGvevu00btlabAN+DSAZZqdsB3
-wY8HhM1MHiA9SWsqwU65TwErcRrjNna2FiDHEu0xk5+/iAGl6CSKHZBmNcYKXSv8
-cwShB0jjmciK0a05nC638RPgj0fng7KRrSglyzfjXRrljmZ40LSBL/GGMZMWpOM7
-mEsBH5UZJ/2BEmjc9X9257zBdx8BK8y1TXpAligpNBsERcTw1WP1PJ35einZvlXW
-qI3GwMf0sl26sn+evcK0gDl27jVDZ45MtNQEq64M4NV3Tn9zq0eg/39YvjVeqrI5
-l7sxmYqYGR6BuSncwdc4x+t6swIDAQABoyEwHzAdBgNVHQ4EFgQU/REZ7NMbVZHr
-Xkao6Q8Ccqv2kAMwDQYJKoZIhvcNAQENBQADggIBACc2YjLVNbl1kJUdg2klCLJt
-5LjNTiIZa2Cha5GStlC/lyoRRge6+q/y9TN3tTptlzLPS9pI9EE1GfIQaE+HAk+e
-/bC3KUOAHgVuETvsNAbfpaVsPCdWpFuXmp/4b9iDN7qZy4afTKUPA/Ir/cLfNp14
-JULfP4z2yFOsCQZ5viNFAs1u99FrwobV2LBzUSIJQewsksuOwj96zIyau0Y629oJ
-k+og88Tifd9EH3MVZNGhdpojQDDdwHQSITnCDgfRP5yER1WIA4jg6l+mM90QkvLY
-5NjWTna5kJ3X6UizvgCk365yzT2sbN3R9UGXfCJa9GBcnnviJtJF3+/gC0abwY2f
-NtVYp32Xky45NY/NdRhDg0bjHP3psxmX+Sc0M9NuQcDQ+fUR+CzM0IGeiszkzXOs
-RG+bOou2cZ81G4oxWdAALHIRrn7VvLGlkFMxiIZyhYcTGQZzsTPT6n18dY99+DAV
-yQWZfIRdm8DOnt0G+cwfeohc/9ZwDmj4jJAAi0aeTXdY6NEGIVydk6MAycEhg2Hx
-9EV96kRwZNIW0AGY8CozECFL3Eyo2ClQVV4Q35SsBibsitDjM03usc2DJ/qjynXA
-C8HoOSWgbddiBvqZueqK8GdhykOy3J3ysr+MNN/lbG48LqkQr1OWxev9rGGQ6RJT
-wpBgPyAFAwouPy1whmnx
------END CERTIFICATE-----

contrib/certificates/reseed/hankhill19580_at_gmail.com.crt

@@ -0,0 +1,34 @@
+-----BEGIN CERTIFICATE-----
+MIIF3TCCA8WgAwIBAgIRAKye34BRrKyQN6kMVPHddykwDQYJKoZIhvcNAQELBQAw
+dzELMAkGA1UEBhMCWFgxCzAJBgNVBAcTAlhYMQswCQYDVQQJEwJYWDEeMBwGA1UE
+ChMVSTJQIEFub255bW91cyBOZXR3b3JrMQwwCgYDVQQLEwNJMlAxIDAeBgNVBAMM
+F2hhbmtoaWxsMTk1ODBAZ21haWwuY29tMB4XDTIwMDUwNzA1MDkxMFoXDTMwMDUw
+NzA1MDkxMFowdzELMAkGA1UEBhMCWFgxCzAJBgNVBAcTAlhYMQswCQYDVQQJEwJY
+WDEeMBwGA1UEChMVSTJQIEFub255bW91cyBOZXR3b3JrMQwwCgYDVQQLEwNJMlAx
+IDAeBgNVBAMMF2hhbmtoaWxsMTk1ODBAZ21haWwuY29tMIICIjANBgkqhkiG9w0B
+AQEFAAOCAg8AMIICCgKCAgEA5Vt7c0SeUdVkcXXEYe3M9LmCTUyiCv/PHF2Puys6
+8luLH8lO0U/pQ4j703kFKK7s4rV65jVpGNncjHWbfSCNevvs6VcbAFoo7oJX7Yjt
+5+Z4oU1g7JG86feTwU6pzfFjAs0RO2lNq2L8AyLYKWOnPsVrmuGYl2c6N5WDzTxA
+Et66IudfGsppTv7oZkgX6VNUMioV8tCjBTLaPCkSfyYKBX7r6ByHY86PflhFgYES
+zIB92Ma75YFtCB0ktCM+o6d7wmnt10Iy4I6craZ+z7szCDRF73jhf3Vk7vGzb2cN
+aCfr2riwlRJBaKrLJP5m0dGf5RdhviMgxc6JAgkN7Ius5lkxO/p3OSy5co0DrMJ7
+lvwdZ2hu0dnO75unTt6ImR4RQ90Sqj7MUdorKR/8FcYEo+twBV8cV3s9kjuO5jxV
+g976Q+GD3zDoixiege3W5UT4ff/Anm4mJpE5PKbNuO+KUjk6WA4B1PeudkEcxkO4
+tQYy0aBzfjeyENee9otd4TgN1epY4wlHIORCa3HUFmFZd9VZMQcxwv7c47wl2kc9
+Cv1L6Nae78wRzRu2CHD8zWhq+tv5q7Md2eRd3mFPI09ljsOgG2TQv6300WvHvI5M
+enNdjYjLqOTRCzUJ2Jst4BZsvDxjWYkHsSZc1UORzm2LQmh2bJvbhC3m81qANGw6
+ZhcCAwEAAaNkMGIwDgYDVR0PAQH/BAQDAgKEMB0GA1UdJQQWMBQGCCsGAQUFBwMC
+BggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MCAGA1UdDgQZBBdoYW5raGlsbDE5
+NTgwQGdtYWlsLmNvbTANBgkqhkiG9w0BAQsFAAOCAgEAVtMF7lrgkDLTNXlavI7h
+HJqFxFHjmxPk3iu2Qrgwk302Gowqg5NjVVamT20cXeuJaUa6maTTHzDyyCai3+3e
+roaosGxZQRpRf5/RBz2yhdEPLZBV9IqxGgIxvCWNqNIYB1SNk00rwC4q5heW1me0
+EsOK4Mw5IbS2jUjbi9E5th781QDj91elwltghxwtDvpE2vzAJwmxwwBhjySGsKfq
+w8SBZOxN+Ih5/IIpDnYGNoN1LSkJnBVGSkjY6OpstuJRIPYWl5zX5tJtYdaxiD+8
+qNbFHBIZ5WrktMopJ3QJJxHdERyK6BFYYSzX/a1gO7woOFCkx8qMCsVzfcE/z1pp
+JxJvshT32hnrKZ6MbZMd9JpTFclQ62RV5tNs3FPP3sbDsFtKBUtj87SW7XsimHbZ
+OrWlPacSnQDbOoV5TfDDCqWi4PW2EqzDsDcg+Lc8EnBRIquWcAox2+4zmcQI29wO
+C1TUpMT5o/wGyL/i9pf6GuTbH0D+aYukULropgSrK57EALbuvqnN3vh5l2QlX/rM
++7lCKsGCNLiJFXb0m6l/B9CC1947XVEbpMEAC/80Shwxl/UB+mKFpJxcNLFtPXzv
+FYv2ixarBPbJx/FclOO8G91QC4ZhAKbsVZn5HPMSgtZe+xWM1r0/UJVChsMTafpd
+CCOJyu3XtyzFf+tAeixOnuQ=
+-----END CERTIFICATE-----

contrib/certificates/reseed/reseed_at_diva.exchange.crt

@@ -0,0 +1,34 @@
+-----BEGIN CERTIFICATE-----
+MIIF0zCCA7ugAwIBAgIQWjHyC+NRh3emuuAwcEnKSjANBgkqhkiG9w0BAQsFADB0
+MQswCQYDVQQGEwJYWDELMAkGA1UEBxMCWFgxCzAJBgNVBAkTAlhYMR4wHAYDVQQK
+ExVJMlAgQW5vbnltb3VzIE5ldHdvcmsxDDAKBgNVBAsTA0kyUDEdMBsGA1UEAwwU
+cmVzZWVkQGRpdmEuZXhjaGFuZ2UwHhcNMjAwNjA5MDUzNjQ1WhcNMzAwNjA5MDUz
+NjQ1WjB0MQswCQYDVQQGEwJYWDELMAkGA1UEBxMCWFgxCzAJBgNVBAkTAlhYMR4w
+HAYDVQQKExVJMlAgQW5vbnltb3VzIE5ldHdvcmsxDDAKBgNVBAsTA0kyUDEdMBsG
+A1UEAwwUcmVzZWVkQGRpdmEuZXhjaGFuZ2UwggIiMA0GCSqGSIb3DQEBAQUAA4IC
+DwAwggIKAoICAQC6BJGeMEgoXk9dlzKVfmwHrT2VpwTT+wRJvh3eAM746u4uDT2y
+NPHXhdGcQ9dRRZ63T98IshWCwOmWSlm1kdWkmKkVVb93GUoMQ3gziCi0apLJMAau
+gEu/sPCbORS2dPsQeAPW2eIsJO7dSjTRiQAuquW//NcIXG4gnxDA52lgke1BvpKr
+83SJlCrqECAy6OKtZ49yn75CqmPPWFn0b/E8bxruN5ffeipTTospvdEtT41gXUqk
+hOz3k8ang+QTWiP//jOjk31KXZ2dbh0LOlNJOvRxCqQmBZafNxxCR4DH8RewfPlL
+qOiOJVzbLSP9RjqPLwnny5BOjbLWXcaybN5Qv2Pyd4mKtN3EpqBwRu7VnzXpsuuG
+gRbxNmfKJ/vBEGrZAHAxi0NkHHEEne3B7pPDc2dVZHOfTfCu31m9uDHZ4eHEsNOJ
+SJRiGjq74l0chCSlBGLrD1Y9LPyqadjdwuB9bzM0tMFC1wPflanQCflhhnEzAfbN
+BaU2GRXo/I1UCDW/dH1FIkqEe61eMW1Lwqr5tdlrUpdr5VIddTyNJRBJogbZ+HZE
+8mcoJW2lXRAkYi7KEm4b4EQNe7sbRNTF0j+fAJ+3ZOZ3O3SMHss6ignlSa+giVim
+VvL+Joc6wpSzxpeNPf6m82cEO/UvifFYeOC9TpiRriSt+vvgQVzQtfQ+fQIDAQAB
+o2EwXzAOBgNVHQ8BAf8EBAMCAoQwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUF
+BwMBMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFHJlc2VlZEBkaXZhLmV4Y2hh
+bmdlMA0GCSqGSIb3DQEBCwUAA4ICAQCFGOb1dHlwjmgFHEER6oMiGWl1mI3Hb7GX
+NNI6QUhZQ+iEWGYtsOTk3Q8xejL8t6AG/ZLXfZviLIJXZc5XZfPXk0ezDSC2cYxQ
+ZAyYPw2dRP14brI86sCSqNAFIax/U5SM3zXhCbBiTfaEoBPfDpvKjx+VliaITUnc
+sHTRn+C5ID5M8cZIqUSGECPEMU/bDtuRNJLTKYaJ98yXtYuS2CWsMEM4o0GGcnYQ
+5HOZT/lbbwfq1Ks7IyJpeIpRaS5qckGcfgkxFY4eGujDuaFeWC+HCIh9RzBJrqZR
+73Aly4Pyu7Jjg8xCCf9MswDjtqAjEHgWCmRLWL7p3H6cPipFKNMY6yomYZl5urE7
+q6DUAZFKwPqlZpyeaY4/SVvaHTxuPp7484s3db4kPhdmuQS/DOB/7d+cn/S580Vy
+ALqlFQjtjLEaT16upceAV0gYktDInE6Rtym/OsqilrtYks/Sc0GROSz8lJhDDWbr
+W3t92muSXDh0rYrEUYWl+xl1gSTpbIP75zzU+cUr1E/qlRY9qZn66FsJpOuN0I0q
+UXsQS/bPDcA+IW48Hd9LfO9gtTWZslwFTimjEvQ2nJAnUlUQP6OfuPUKHoYX/CwY
+2LCN8+pv2bKPDVHvp0lf6xrbbZNvFtzfR0G3AprZjYpuu2XgjVB5nJnwmbH74b9w
+LD8d2z2Lgg==
+-----END CERTIFICATE-----

contrib/certificates/reseed/reseedi2pnetin_at_mail.i2p.crt

@@ -1,34 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIF3DCCA8SgAwIBAgIQPxUlcrbHX/xdyJ09E36rJzANBgkqhkiG9w0BAQsFADB3
-MQswCQYDVQQGEwJYWDELMAkGA1UEBxMCWFgxCzAJBgNVBAkTAlhYMR4wHAYDVQQK
-ExVJMlAgQW5vbnltb3VzIE5ldHdvcmsxDDAKBgNVBAsTA0kyUDEgMB4GA1UEAwwX
-cmVzZWVkaTJwbmV0aW5AbWFpbC5pMnAwHhcNMTgxMjA3MTYzNDIxWhcNMjgxMjA3
-MTYzNDIxWjB3MQswCQYDVQQGEwJYWDELMAkGA1UEBxMCWFgxCzAJBgNVBAkTAlhY
-MR4wHAYDVQQKExVJMlAgQW5vbnltb3VzIE5ldHdvcmsxDDAKBgNVBAsTA0kyUDEg
-MB4GA1UEAwwXcmVzZWVkaTJwbmV0aW5AbWFpbC5pMnAwggIiMA0GCSqGSIb3DQEB
-AQUAA4ICDwAwggIKAoICAQC912NDk6x85uqB4gyQQcded0RVrbWehWOanDRv7kC3
-92jeziPbeMtqrLsfU1MdDtQiGijpNkQ/IIitPw+6vJAIh82gyOUZvsn2XOyb/Fz0
-Fu8OrDghwl39yK8kwtqCFw3VAgafgKxz2oRge9mxFBECi50vYEPIBwNhr4yc/opu
-wWUmzmRyX4gD7vKmRU6ZTwX4LXnwdl+5VbW3updcZKsDuTnKvC9FGhDRR9kIk2G9
-43sLN263nCYPykP7DaB1cUdi1vDEMw5dot+eu16qTIbuypEvYNvbB/9FyCQllm1h
-vBbSku3IYpcnRPmoeyhoR/MmCySRbK5R4SrSsVD1YBpwxgn0Q4+fzEgFzT9P4oez
-HkDGKVP2HdgmXx9j36fEqqvjqzRleWDwEWwIZVRLCFO+hhhT3JAjnNGJTWv1SQGB
-8tz9nyYTJuhvyHE/CO5owFeCdeOGMq2KPge9w34T+mvewTEEhGU8yRAt8Xp8s5Y9
-RCUGvuQ79+edRtj7FJg7yVB8pAQ+VB9msNQvzrTnPYC9Wo7chJhBiraMiIabzIhC
-f34Gg9lkX1N0dVND5rnZWwzBM6JhNG1iZZCRHVPnXdZRixUlqmFpCP/eekshksj/
-6UP/WeGA6X4HyEsC6QEf7eMhcHYjyyTzYagKrwCHg77fmIjF8rmpP2LqWSQW8bDD
-uQIDAQABo2QwYjAOBgNVHQ8BAf8EBAMCAoQwHQYDVR0lBBYwFAYIKwYBBQUHAwIG
-CCsGAQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wIAYDVR0OBBkEF3Jlc2VlZGkycG5l
-dGluQG1haWwuaTJwMA0GCSqGSIb3DQEBCwUAA4ICAQCWpXs6iuTy/w2R7q7Ua6vl
-JYZwbQ+czk5ydzkBgcNkMMMNRT7sZR9xYvV+ftiL4bFQP/3ZJyo7cYz2Q6+M3oAm
-YDcZWBkLUVihSlMxhWwmeFTKV2EL+bzwY1V/cy7wgukKnFIes75dLP/v25jgjdlw
-Xe6R+fQM0EoHeVzzrWk/qYp6oEwtQXfZnUu/Bf45hRnnHBzzh1wCql41vbEs3Niq
-+SVwY1wLT0yC1L8HqjCLX1/L5PAXxbvEGzwnXSkLKK4bPxdmVDZvS9uzXrWmTbNi
-HpKIFnOif16zSgyeaOM7HETIJuVzgooUMtt+Vsr1VGdtm6K7I9J5C+rX/ckU8oaX
-UjmzhWXudN0VTslogsKUCV6xG2CskeE3wnuT8HYXz9NMw6c/kIGH4hY7LcfU8Teu
-QjSy2RRvy6InmZNV5sY9lzzO6romEycSoUlpCa3Ltb/5KKoYZFTsXr8suqJk89lC
-e+TVMHqOZdLK/usqQDcafLypHpw9SH2Tg4jrzV/zLqacbjx6bZD5IrpY0Gf7BXg/
-pikwyA9c490G6ZcWrSEP8bzh6LL2rA2AwxaeJJNVyLHCSLrn/7DezM5J/qhd90Qg
-kcZGJrUOCSWl6mDvUZn5XiQ955XwOnZQ+wsM85B3CVX22x5bp0SYWHCQBPnthPwP
-Q5DD3jExbpwG5n35HEcHYw==
------END CERTIFICATE-----

contrib/debian/i2pd.tmpfile

@@ -1,2 +1,2 @@
-d /var/run/i2pd 0755 i2pd i2pd - -
+d /run/i2pd 0755 i2pd i2pd - -
 d /var/log/i2pd 0755 i2pd i2pd - -

contrib/docker/Dockerfile

@@ -36,9 +36,9 @@ RUN apk --no-cache --virtual build-dependendencies add make gcc g++ libtool zlib
     && cd /usr/local/bin \
     && strip i2pd \
     && rm -fr /tmp/build && apk --no-cache --purge del build-dependendencies build-base fortify-headers boost-dev zlib-dev openssl-dev \
-    boost-python3 python3 gdbm boost-unit_test_framework boost-python linux-headers boost-prg_exec_monitor \
-    boost-serialization boost-signals boost-wave boost-wserialization boost-math boost-graph boost-regex git pcre \
-    libtool g++ gcc pkgconfig
+    boost-python3 python3 gdbm boost-unit_test_framework linux-headers boost-prg_exec_monitor \
+    boost-serialization boost-wave boost-wserialization boost-math boost-graph boost-regex git pcre2 \
+    libtool g++ gcc
 
 # 2. Adding required libraries to run i2pd to ensure it will run.
 RUN apk --no-cache add boost-filesystem boost-system boost-program_options boost-date_time boost-thread boost-iostreams openssl musl-utils libstdc++

contrib/i2pd.conf

@@ -13,10 +13,10 @@
 ## Tunnels config files path
 ## Use that path to store separated tunnels in different config files.
 ## Default: ~/.i2pd/tunnels.d or /var/lib/i2pd/tunnels.d
-# tunnelsdir = /var/lib/i2pd/tunnels.conf.d
+# tunnelsdir = /var/lib/i2pd/tunnels.d
 
-## Where to write pidfile (don't write by default)
-# pidfile = /var/run/i2pd.pid
+## Where to write pidfile (default: i2pd.pid, not used in Windows)
+# pidfile = /run/i2pd.pid
 
 ## Logging configuration section
 ## By default logs go to stdout with level 'info' and higher
@@ -27,10 +27,10 @@
 ##  * syslog - use syslog, see man 3 syslog
 # log = file
 ## Path to logfile (default - autodetect)
-# logfile = /var/log/i2pd.log
-## Log messages above this level (debug, *info, warn, error, none)
+# logfile = /var/log/i2pd/i2pd.log
+## Log messages above this level (debug, info, *warn, error, none)
 ## If you set it to none, logging will be disabled
-# loglevel = info
+# loglevel = warn
 ## Write full CLF-formatted date and time to log (default: write only time)
 # logclftime = true
 

contrib/i2pd.logrotate

@@ -0,0 +1,9 @@
+"/var/log/i2pd/*.log" {
+    copytruncate
+    daily
+    rotate 5
+    compress
+    delaycompress
+    missingok
+    notifempty
+}

contrib/i2pd.service

@@ -11,9 +11,9 @@ RuntimeDirectoryMode=0700
 LogsDirectory=i2pd
 LogsDirectoryMode=0700
 Type=forking
-ExecStart=/usr/sbin/i2pd --conf=/etc/i2pd/i2pd.conf --tunconf=/etc/i2pd/tunnels.conf --tunnelsdir=/etc/i2pd/tunnels.conf.d --pidfile=/var/run/i2pd/i2pd.pid --logfile=/var/log/i2pd/i2pd.log --daemon --service
-ExecReload=/bin/kill -HUP $MAINPID
-PIDFile=/var/run/i2pd/i2pd.pid
+ExecStart=/usr/sbin/i2pd --conf=/etc/i2pd/i2pd.conf --tunconf=/etc/i2pd/tunnels.conf --tunnelsdir=/etc/i2pd/tunnels.conf.d --pidfile=/run/i2pd/i2pd.pid --logfile=/var/log/i2pd/i2pd.log --daemon --service
+ExecReload=/bin/sh -c "kill -HUP $MAINPID"
+PIDFile=/run/i2pd/i2pd.pid
 ### Uncomment, if auto restart needed
 #Restart=on-failure
 
@@ -27,7 +27,6 @@ KillSignal=SIGQUIT
 LimitNOFILE=4096
 # To enable write of coredump uncomment this
 #LimitCORE=infinity
-PrivateDevices=yes
 
 [Install]
 WantedBy=multi-user.target

contrib/rpm/i2pd-git.spec

@@ -1,31 +1,32 @@
 %define git_hash %(git rev-parse HEAD | cut -c -7)
 
-Name:           i2pd-git
-Version:        2.25.0
-Release:        git%{git_hash}%{?dist}
-Summary:        I2P router written in C++
-Conflicts:      i2pd
+Name:          i2pd-git
+Version:       2.34.0
+Release:       git%{git_hash}%{?dist}
+Summary:       I2P router written in C++
+Conflicts:     i2pd
 
-License:        BSD
-URL:            https://github.com/PurpleI2P/i2pd
-Source0:        https://github.com/PurpleI2P/i2pd/archive/openssl/i2pd-openssl.tar.gz
+License:       BSD
+URL:           https://github.com/PurpleI2P/i2pd
+Source0:       https://github.com/PurpleI2P/i2pd/archive/openssl/i2pd-openssl.tar.gz
 
-%if 0%{?rhel}  == 7
-BuildRequires:  cmake3
+%if 0%{?rhel} == 7
+BuildRequires: cmake3
 %else
-BuildRequires:  cmake
+BuildRequires: cmake
 %endif
 
-BuildRequires:  chrpath
-BuildRequires:  gcc-c++
-BuildRequires:  zlib-devel
-BuildRequires:  boost-devel
-BuildRequires:  openssl-devel
-BuildRequires:  miniupnpc-devel
-BuildRequires:  systemd-units
+BuildRequires: chrpath
+BuildRequires: gcc-c++
+BuildRequires: zlib-devel
+BuildRequires: boost-devel
+BuildRequires: openssl-devel
+BuildRequires: miniupnpc-devel
+BuildRequires: systemd-units
 
-Requires:	systemd
-Requires(pre):  %{_sbindir}/useradd %{_sbindir}/groupadd
+Requires:      logrotate
+Requires:      systemd
+Requires(pre): %{_sbindir}/useradd %{_sbindir}/groupadd
 
 %description
 C++ implementation of I2P.
@@ -55,26 +56,35 @@ cd build
 %endif
 %endif
 
+%if 0%{?mageia} > 7
+pushd build
 make %{?_smp_mflags}
+popd
+%else
+make %{?_smp_mflags}
+%endif
 
 
 %install
-cd build
+pushd build
+
 %if 0%{?mageia}
-cd build
+pushd build
 %endif
+
 chrpath -d i2pd
 %{__install} -D -m 755 i2pd %{buildroot}%{_sbindir}/i2pd
-%{__install} -D -m 755 %{_builddir}/%{name}-%{version}/contrib/i2pd.conf %{buildroot}%{_sysconfdir}/i2pd/i2pd.conf
-%{__install} -D -m 755 %{_builddir}/%{name}-%{version}/contrib/subscriptions.txt %{buildroot}%{_sysconfdir}/i2pd/subscriptions.txt
-%{__install} -D -m 755 %{_builddir}/%{name}-%{version}/contrib/tunnels.conf %{buildroot}%{_sysconfdir}/i2pd/tunnels.conf
-%{__install} -D -m 755 %{_builddir}/%{name}-%{version}/contrib/tunnels.d/README %{buildroot}%{_sysconfdir}/i2pd/tunnels.conf.d/README
-%{__install} -D -m 644 %{_builddir}/%{name}-%{version}/contrib/rpm/i2pd.service %{buildroot}%{_unitdir}/i2pd.service
-%{__install} -D -m 644 %{_builddir}/%{name}-%{version}/debian/i2pd.1 %{buildroot}%{_mandir}/man1/i2pd.1
+%{__install} -d -m 755 %{buildroot}%{_datadir}/i2pd
 %{__install} -d -m 700 %{buildroot}%{_sharedstatedir}/i2pd
 %{__install} -d -m 700 %{buildroot}%{_localstatedir}/log/i2pd
-%{__install} -d -m 755 %{buildroot}%{_datadir}/%{name}
-%{__cp} -r %{_builddir}/%{name}-%{version}/contrib/certificates/ %{buildroot}%{_datadir}/%{name}/certificates
+%{__install} -D -m 644 %{_builddir}/%{name}-%{version}/contrib/i2pd.conf %{buildroot}%{_sysconfdir}/i2pd/i2pd.conf
+%{__install} -D -m 644 %{_builddir}/%{name}-%{version}/contrib/subscriptions.txt %{buildroot}%{_sysconfdir}/i2pd/subscriptions.txt
+%{__install} -D -m 644 %{_builddir}/%{name}-%{version}/contrib/tunnels.conf %{buildroot}%{_sysconfdir}/i2pd/tunnels.conf
+%{__install} -D -m 644 %{_builddir}/%{name}-%{version}/contrib/i2pd.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/i2pd
+%{__install} -D -m 644 %{_builddir}/%{name}-%{version}/contrib/i2pd.service %{buildroot}%{_unitdir}/i2pd.service
+%{__install} -D -m 644 %{_builddir}/%{name}-%{version}/debian/i2pd.1 %{buildroot}%{_mandir}/man1/i2pd.1
+%{__cp} -r %{_builddir}/%{name}-%{version}/contrib/certificates/ %{buildroot}%{_datadir}/i2pd/certificates
+%{__cp} -r %{_builddir}/%{name}-%{version}/contrib/tunnels.d/ %{buildroot}%{_sysconfdir}/i2pd/tunnels.conf.d
 ln -s %{_datadir}/%{name}/certificates %{buildroot}%{_sharedstatedir}/i2pd/certificates
 
 
@@ -100,16 +110,54 @@ getent passwd i2pd >/dev/null || \
 %files
 %doc LICENSE README.md contrib/i2pd.conf contrib/subscriptions.txt contrib/tunnels.conf contrib/tunnels.d
 %{_sbindir}/i2pd
-%config(noreplace) %{_sysconfdir}/i2pd/*
+%config(noreplace) %{_sysconfdir}/i2pd/*.conf
+%config(noreplace) %{_sysconfdir}/i2pd/tunnels.conf.d/*.conf
+%config %{_sysconfdir}/i2pd/subscriptions.txt
+%doc %{_sysconfdir}/i2pd/tunnels.conf.d/README
+%{_sysconfdir}/logrotate.d/i2pd
 %{_unitdir}/i2pd.service
 %{_mandir}/man1/i2pd.1*
 %dir %attr(0700,i2pd,i2pd) %{_sharedstatedir}/i2pd
 %dir %attr(0700,i2pd,i2pd) %{_localstatedir}/log/i2pd
-%{_datadir}/%{name}/certificates
+%{_datadir}/i2pd/certificates
 %{_sharedstatedir}/i2pd/certificates
 
 
 %changelog
+* Tue Oct 27 2020 orignal <i2porignal@yandex.ru> - 2.34.0
+- update to 2.34.0
+
+* Mon Aug 24 2020 orignal <i2porignal@yandex.ru> - 2.33.0
+- update to 2.33.0
+
+* Tue Jun 02 2020 r4sas <r4sas@i2pmail.org> - 2.32.1
+- update to 2.32.1
+
+* Mon May 25 2020 r4sas <r4sas@i2pmail.org> - 2.32.0
+- update to 2.32.0
+- updated systemd service file (#1394)
+
+* Thu May 7 2020 Anatolii Vorona <vorona.tolik@gmail.com> - 2.31.0-3
+- added RPM logrotate config
+
+* Fri Apr 10 2020 orignal <i2porignal@yandex.ru> - 2.31.0
+- update to 2.31.0
+
+* Tue Feb 25 2020 orignal <i2porignal@yandex.ru> - 2.30.0
+- update to 2.30.0
+
+* Mon Oct 21 2019 orignal <i2porignal@yandex.ru> - 2.29.0
+- update to 2.29.0
+
+* Tue Aug 27 2019 orignal <i2porignal@yandex.ru> - 2.28.0
+- update to 2.28.0
+
+* Wed Jul 3 2019 orignal <i2porignal@yandex.ru> - 2.27.0
+- update to 2.27.0
+
+* Fri Jun 7 2019 orignal <i2porignal@yandex.ru> - 2.26.0
+- update to 2.26.0
+
 * Thu May 9 2019 orignal <i2porignal@yandex.ru> - 2.25.0
 - update to 2.25.0
 

contrib/rpm/i2pd.service

@@ -1 +0,0 @@
-../i2pd.service

contrib/rpm/i2pd.spec

@@ -1,29 +1,30 @@
-Name:           i2pd
-Version:        2.25.0
-Release:        1%{?dist}
-Summary:        I2P router written in C++
-Conflicts:      i2pd-git
+Name:          i2pd
+Version:       2.34.0
+Release:       1%{?dist}
+Summary:       I2P router written in C++
+Conflicts:     i2pd-git
 
-License:        BSD
-URL:            https://github.com/PurpleI2P/i2pd
-Source0:        https://github.com/PurpleI2P/i2pd/archive/%{version}/%name-%version.tar.gz
+License:       BSD
+URL:           https://github.com/PurpleI2P/i2pd
+Source0:       https://github.com/PurpleI2P/i2pd/archive/%{version}/%name-%version.tar.gz
 
-%if 0%{?rhel}  == 7
-BuildRequires:  cmake3
+%if 0%{?rhel} == 7
+BuildRequires: cmake3
 %else
-BuildRequires:  cmake
+BuildRequires: cmake
 %endif
 
-BuildRequires:  chrpath
-BuildRequires:  gcc-c++
-BuildRequires:  zlib-devel
-BuildRequires:  boost-devel
-BuildRequires:  openssl-devel
-BuildRequires:  miniupnpc-devel
-BuildRequires:  systemd-units
+BuildRequires: chrpath
+BuildRequires: gcc-c++
+BuildRequires: zlib-devel
+BuildRequires: boost-devel
+BuildRequires: openssl-devel
+BuildRequires: miniupnpc-devel
+BuildRequires: systemd-units
 
-Requires:	systemd
-Requires(pre):  %{_sbindir}/useradd %{_sbindir}/groupadd
+Requires:      logrotate
+Requires:      systemd
+Requires(pre): %{_sbindir}/useradd %{_sbindir}/groupadd
 
 %description
 C++ implementation of I2P.
@@ -53,27 +54,36 @@ cd build
 %endif
 %endif
 
+%if 0%{?mageia} > 7
+pushd build
 make %{?_smp_mflags}
+popd
+%else
+make %{?_smp_mflags}
+%endif
 
 
 %install
-cd build
+pushd build
+
 %if 0%{?mageia}
-cd build
+pushd build
 %endif
+
 chrpath -d i2pd
-install -D -m 755 i2pd %{buildroot}%{_sbindir}/i2pd
-install -D -m 755 %{_builddir}/%{name}-%{version}/contrib/i2pd.conf %{buildroot}%{_sysconfdir}/i2pd/i2pd.conf
-install -D -m 755 %{_builddir}/%{name}-%{version}/contrib/tunnels.conf %{buildroot}%{_sysconfdir}/i2pd/tunnels.conf
-install -d -m 755 %{buildroot}%{_datadir}/i2pd
-install -d -m 755 %{buildroot}%{_datadir}/i2pd/tunnels.conf.d
+%{__install} -D -m 755 i2pd %{buildroot}%{_sbindir}/i2pd
+%{__install} -d -m 755 %{buildroot}%{_datadir}/i2pd
+%{__install} -d -m 700 %{buildroot}%{_sharedstatedir}/i2pd
+%{__install} -d -m 700 %{buildroot}%{_localstatedir}/log/i2pd
+%{__install} -D -m 644 %{_builddir}/%{name}-%{version}/contrib/i2pd.conf %{buildroot}%{_sysconfdir}/i2pd/i2pd.conf
+%{__install} -D -m 644 %{_builddir}/%{name}-%{version}/contrib/subscriptions.txt %{buildroot}%{_sysconfdir}/i2pd/subscriptions.txt
+%{__install} -D -m 644 %{_builddir}/%{name}-%{version}/contrib/tunnels.conf %{buildroot}%{_sysconfdir}/i2pd/tunnels.conf
+%{__install} -D -m 644 %{_builddir}/%{name}-%{version}/contrib/i2pd.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/i2pd
+%{__install} -D -m 644 %{_builddir}/%{name}-%{version}/contrib/i2pd.service %{buildroot}%{_unitdir}/i2pd.service
+%{__install} -D -m 644 %{_builddir}/%{name}-%{version}/debian/i2pd.1 %{buildroot}%{_mandir}/man1/i2pd.1
 %{__cp} -r %{_builddir}/%{name}-%{version}/contrib/certificates/ %{buildroot}%{_datadir}/i2pd/certificates
 %{__cp} -r %{_builddir}/%{name}-%{version}/contrib/tunnels.d/ %{buildroot}%{_sysconfdir}/i2pd/tunnels.conf.d
-install -D -m 644 %{_builddir}/%{name}-%{version}/contrib/rpm/i2pd.service %{buildroot}%{_unitdir}/i2pd.service
-install -d -m 700 %{buildroot}%{_sharedstatedir}/i2pd
-install -d -m 700 %{buildroot}%{_localstatedir}/log/i2pd
 ln -s %{_datadir}/%{name}/certificates %{buildroot}%{_sharedstatedir}/i2pd/certificates
-ln -s %{_datadir}/i2pd/tunnels.conf.d %{buildroot}%{_sysconfdir}/i2pd/tunnels.conf.d
 
 
 %pre
@@ -96,18 +106,56 @@ getent passwd i2pd >/dev/null || \
 
 
 %files
-%doc LICENSE README.md
+%doc LICENSE README.md contrib/i2pd.conf contrib/subscriptions.txt contrib/tunnels.conf contrib/tunnels.d
 %{_sbindir}/i2pd
-%{_datadir}/i2pd/certificates
-%config(noreplace) %{_sysconfdir}/i2pd/*
-%config(noreplace) %{_sysconfdir}/i2pd/tunnels.conf.d/*
-/%{_unitdir}/i2pd.service
-%dir %attr(0700,i2pd,i2pd) %{_localstatedir}/log/i2pd
+%config(noreplace) %{_sysconfdir}/i2pd/*.conf
+%config(noreplace) %{_sysconfdir}/i2pd/tunnels.conf.d/*.conf
+%config %{_sysconfdir}/i2pd/subscriptions.txt
+%doc %{_sysconfdir}/i2pd/tunnels.conf.d/README
+%{_sysconfdir}/logrotate.d/i2pd
+%{_unitdir}/i2pd.service
+%{_mandir}/man1/i2pd.1*
 %dir %attr(0700,i2pd,i2pd) %{_sharedstatedir}/i2pd
+%dir %attr(0700,i2pd,i2pd) %{_localstatedir}/log/i2pd
+%{_datadir}/i2pd/certificates
 %{_sharedstatedir}/i2pd/certificates
 
 
 %changelog
+* Tue Oct 27 2020 orignal <i2porignal@yandex.ru> - 2.34.0
+- update to 2.34.0
+
+* Mon Aug 24 2020 orignal <i2porignal@yandex.ru> - 2.33.0
+- update to 2.33.0
+
+* Tue Jun 02 2020 r4sas <r4sas@i2pmail.org> - 2.32.1
+- update to 2.32.1
+
+* Mon May 25 2020 r4sas <r4sas@i2pmail.org> - 2.32.0
+- update to 2.32.0
+- updated systemd service file (#1394)
+
+* Thu May 7 2020 Anatolii Vorona <vorona.tolik@gmail.com> - 2.31.0-3
+- added RPM logrotate config
+
+* Fri Apr 10 2020 orignal <i2porignal@yandex.ru> - 2.31.0
+- update to 2.31.0
+
+* Tue Feb 25 2020 orignal <i2porignal@yandex.ru> - 2.30.0
+- update to 2.30.0
+
+* Mon Oct 21 2019 orignal <i2porignal@yandex.ru> - 2.29.0
+- update to 2.29.0
+
+* Tue Aug 27 2019 orignal <i2porignal@yandex.ru> - 2.28.0
+- update to 2.28.0
+
+* Wed Jul 3 2019 orignal <i2porignal@yandex.ru> - 2.27.0
+- update to 2.27.0
+
+* Fri Jun 7 2019 orignal <i2porignal@yandex.ru> - 2.26.0
+- update to 2.26.0
+
 * Thu May 9 2019 orignal <i2porignal@yandex.ru> - 2.25.0
 - update to 2.25.0
 
@@ -121,7 +169,7 @@ getent passwd i2pd >/dev/null || \
 - update to 2.22.0
 - add support of tunnelsdir option
 
-* Thu Oct 22 2018 orignal <i2porignal@yandex.ru> - 2.21.1
+* Mon Oct 22 2018 orignal <i2porignal@yandex.ru> - 2.21.1
 - update to 2.21.1
 
 * Thu Oct 4 2018 orignal <i2porignal@yandex.ru> - 2.21.0

daemon/Daemon.cpp

@@ -1,3 +1,11 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #include <thread>
 #include <memory>
 
@@ -9,7 +17,6 @@
 #include "Base.h"
 #include "version.h"
 #include "Transports.h"
-#include "NTCPSession.h"
 #include "RouterInfo.h"
 #include "RouterContext.h"
 #include "Tunnel.h"
@@ -26,9 +33,6 @@
 #include "Timestamp.h"
 #include "util.h"
 
-#include "Event.h"
-#include "Websocket.h"
-
 namespace i2p
 {
 	namespace util
@@ -43,9 +47,6 @@ namespace i2p
 			std::unique_ptr<i2p::client::I2PControlService> m_I2PControlService;
 			std::unique_ptr<i2p::transport::UPnP> UPnP;
 			std::unique_ptr<i2p::util::NTPTimeSync> m_NTPSync;
-#ifdef WITH_EVENTS
-			std::unique_ptr<i2p::event::WebsocketServer> m_WebsocketServer;
-#endif
 		};
 
 		Daemon_Singleton::Daemon_Singleton() : isDaemon(false), running(true), d(*new Daemon_Singleton_Private()) {}
@@ -62,12 +63,12 @@ namespace i2p
 			return service;
 		}
 
-        bool Daemon_Singleton::init(int argc, char* argv[]) {
-            return init(argc, argv, nullptr);
-        }
+		bool Daemon_Singleton::init(int argc, char* argv[]) {
+			return init(argc, argv, nullptr);
+		}
 
-        bool Daemon_Singleton::init(int argc, char* argv[], std::shared_ptr<std::ostream> logstream)
-        {
+		bool Daemon_Singleton::init(int argc, char* argv[], std::shared_ptr<std::ostream> logstream)
+		{
 			i2p::config::Init();
 			i2p::config::ParseCmdline(argc, argv);
 
@@ -77,18 +78,13 @@ namespace i2p
 			i2p::fs::Init();
 
 			datadir = i2p::fs::GetDataDir();
-			// TODO: drop old name detection in v2.8.0
+
 			if (config == "")
 			{
-				config = i2p::fs::DataDirPath("i2p.conf");
-				if (i2p::fs::Exists (config)) {
-					LogPrint(eLogWarning, "Daemon: please rename i2p.conf to i2pd.conf here: ", config);
-				} else {
-					config = i2p::fs::DataDirPath("i2pd.conf");
-					if (!i2p::fs::Exists (config)) {
-						// use i2pd.conf only if exists
-						config = ""; /* reset */
-					}
+				config = i2p::fs::DataDirPath("i2pd.conf");
+				if (!i2p::fs::Exists (config)) {
+					// use i2pd.conf only if exists
+					config = ""; /* reset */
 				}
 			}
 
@@ -110,10 +106,10 @@ namespace i2p
 				logs = "file";
 
 			i2p::log::Logger().SetLogLevel(loglevel);
-            if (logstream) {
-                LogPrint(eLogInfo, "Log: will send messages to std::ostream");
-                i2p::log::Logger().SendTo (logstream);
-            } else if (logs == "file") {
+			if (logstream) {
+				LogPrint(eLogInfo, "Log: will send messages to std::ostream");
+				i2p::log::Logger().SendTo (logstream);
+			} else if (logs == "file") {
 				if (logfile == "")
 					logfile = i2p::fs::DataDirPath("i2pd.log");
 				LogPrint(eLogInfo, "Log: will send messages to ", logfile);
@@ -127,7 +123,7 @@ namespace i2p
 				// use stdout -- default
 			}
 
-			LogPrint(eLogInfo,	"i2pd v", VERSION, " starting");
+			LogPrint(eLogInfo,  "i2pd v", VERSION, " starting");
 			LogPrint(eLogDebug, "FS: main config file: ", config);
 			LogPrint(eLogDebug, "FS: data directory: ", datadir);
 
@@ -151,11 +147,10 @@ namespace i2p
 				LogPrint(eLogInfo, "Daemon: accepting incoming connections at port ", port);
 				i2p::context.UpdatePort (port);
 			}
-			i2p::context.SetSupportsV6		 (ipv6);
-			i2p::context.SetSupportsV4		 (ipv4);
+			i2p::context.SetSupportsV6 (ipv6);
+			i2p::context.SetSupportsV4 (ipv4);
 
-			bool ntcp;   i2p::config::GetOption("ntcp", ntcp);
-			i2p::context.PublishNTCPAddress (ntcp, !ipv6);  
+			i2p::context.RemoveNTCPAddress (!ipv6); // TODO: remove later 
 			bool ntcp2; i2p::config::GetOption("ntcp2.enabled", ntcp2);
 			if (ntcp2)
 			{
@@ -163,7 +158,7 @@ namespace i2p
 				if (published)
 				{
 					uint16_t ntcp2port; i2p::config::GetOption("ntcp2.port", ntcp2port);
-					if (!ntcp && !ntcp2port) ntcp2port = port; // use standard port
+					if (!ntcp2port) ntcp2port = port; // use standard port
 					i2p::context.PublishNTCP2Address (ntcp2port, true); // publish
 					if (ipv6)
 					{
@@ -233,15 +228,15 @@ namespace i2p
 			if (family.length () > 0)
 				LogPrint(eLogInfo, "Daemon: family set to ", family);
 
-      bool trust; i2p::config::GetOption("trust.enabled", trust);
-      if (trust)
-      {
-        LogPrint(eLogInfo, "Daemon: explicit trust enabled");
-        std::string fam; i2p::config::GetOption("trust.family", fam);
+			bool trust; i2p::config::GetOption("trust.enabled", trust);
+			if (trust)
+			{
+				LogPrint(eLogInfo, "Daemon: explicit trust enabled");
+				std::string fam; i2p::config::GetOption("trust.family", fam);
 				std::string routers; i2p::config::GetOption("trust.routers", routers);
 				bool restricted = false;
-        if (fam.length() > 0)
-        {
+				if (fam.length() > 0)
+				{
 					std::set<std::string> fams;
 					size_t pos = 0, comma;
 					do
@@ -253,7 +248,7 @@ namespace i2p
 					while (comma != std::string::npos);
 					i2p::transport::transports.RestrictRoutesToFamilies(fams);
 					restricted  = fams.size() > 0;
-        }
+				}
 				if (routers.length() > 0) {
 					std::set<i2p::data::IdentHash> idents;
 					size_t pos = 0, comma;
@@ -271,15 +266,16 @@ namespace i2p
 					restricted = idents.size() > 0;
 				}
 				if(!restricted)
-					LogPrint(eLogError, "Daemon: no trusted routers of families specififed");
-      }
-      bool hidden; i2p::config::GetOption("trust.hidden", hidden);
-      if (hidden)
-      {
-        LogPrint(eLogInfo, "Daemon: using hidden mode");
-        i2p::data::netdb.SetHidden(true);
-      }
-      return true;
+					LogPrint(eLogError, "Daemon: no trusted routers of families specified");
+			}
+
+			bool hidden; i2p::config::GetOption("trust.hidden", hidden);
+			if (hidden)
+			{
+				LogPrint(eLogInfo, "Daemon: using hidden mode");
+				i2p::data::netdb.SetHidden(true);
+			}
+			return true;
 		}
 
 		bool Daemon_Singleton::start()
@@ -301,16 +297,18 @@ namespace i2p
 				d.m_NTPSync->Start ();
 			}
 
-			bool ntcp; i2p::config::GetOption("ntcp", ntcp);
+			bool ntcp2; i2p::config::GetOption("ntcp2.enabled", ntcp2);
 			bool ssu; i2p::config::GetOption("ssu", ssu);
+			bool checkInReserved; i2p::config::GetOption("reservedrange", checkInReserved);
 			LogPrint(eLogInfo, "Daemon: starting Transports");
 			if(!ssu) LogPrint(eLogInfo, "Daemon: ssu disabled");
-			if(!ntcp) LogPrint(eLogInfo, "Daemon: ntcp disabled");
+			if(!ntcp2) LogPrint(eLogInfo, "Daemon: ntcp2 disabled");
 
-			i2p::transport::transports.Start(ntcp, ssu);
-			if (i2p::transport::transports.IsBoundNTCP() || i2p::transport::transports.IsBoundSSU() || i2p::transport::transports.IsBoundNTCP2()) 
+			i2p::transport::transports.SetCheckReserved(checkInReserved);
+			i2p::transport::transports.Start(ntcp2, ssu);
+			if (i2p::transport::transports.IsBoundSSU() || i2p::transport::transports.IsBoundNTCP2())
 				LogPrint(eLogInfo, "Daemon: Transports started");
-			else 
+			else
 			{
 				LogPrint(eLogError, "Daemon: failed to start Transports");
 				/** shut down netdb right away */
@@ -322,10 +320,18 @@ namespace i2p
 			bool http; i2p::config::GetOption("http.enabled", http);
 			if (http) {
 				std::string httpAddr; i2p::config::GetOption("http.address", httpAddr);
-				uint16_t		httpPort; i2p::config::GetOption("http.port",		 httpPort);
-				LogPrint(eLogInfo, "Daemon: starting HTTP Server at ", httpAddr, ":", httpPort);
-				d.httpServer = std::unique_ptr<i2p::http::HTTPServer>(new i2p::http::HTTPServer(httpAddr, httpPort));
-				d.httpServer->Start();
+				uint16_t    httpPort; i2p::config::GetOption("http.port", httpPort);
+				LogPrint(eLogInfo, "Daemon: starting webconsole at ", httpAddr, ":", httpPort);
+				try 
+				{
+					d.httpServer = std::unique_ptr<i2p::http::HTTPServer>(new i2p::http::HTTPServer(httpAddr, httpPort));
+					d.httpServer->Start();
+				} 
+				catch (std::exception& ex) 
+				{
+					LogPrint (eLogError, "Daemon: failed to start webconsole: ", ex.what ());
+					ThrowFatal ("Unable to start webconsole at ", httpAddr, ":", httpPort, ": ", ex.what ());
+				}
 			}
 
 
@@ -341,29 +347,22 @@ namespace i2p
 				std::string i2pcpAddr; i2p::config::GetOption("i2pcontrol.address", i2pcpAddr);
 				uint16_t    i2pcpPort; i2p::config::GetOption("i2pcontrol.port",    i2pcpPort);
 				LogPrint(eLogInfo, "Daemon: starting I2PControl at ", i2pcpAddr, ":", i2pcpPort);
-				d.m_I2PControlService = std::unique_ptr<i2p::client::I2PControlService>(new i2p::client::I2PControlService (i2pcpAddr, i2pcpPort));
-				d.m_I2PControlService->Start ();
+				try 
+				{
+					d.m_I2PControlService = std::unique_ptr<i2p::client::I2PControlService>(new i2p::client::I2PControlService (i2pcpAddr, i2pcpPort));
+					d.m_I2PControlService->Start ();
+				} 
+				catch (std::exception& ex) 
+				{
+					LogPrint (eLogError, "Daemon: failed to start I2PControl: ", ex.what ());
+					ThrowFatal ("Unable to start I2PControl service at ", i2pcpAddr, ":", i2pcpPort, ": ", ex.what ());
+				}
 			}
-#ifdef WITH_EVENTS
-
-			bool websocket; i2p::config::GetOption("websockets.enabled", websocket);
-			if(websocket) {
-				std::string websocketAddr; i2p::config::GetOption("websockets.address", websocketAddr);
-				uint16_t		websocketPort; i2p::config::GetOption("websockets.port",		websocketPort);
-				LogPrint(eLogInfo, "Daemon: starting Websocket server at ", websocketAddr, ":", websocketPort);
-				d.m_WebsocketServer = std::unique_ptr<i2p::event::WebsocketServer>(new i2p::event::WebsocketServer (websocketAddr, websocketPort));
-				d.m_WebsocketServer->Start();
-				i2p::event::core.SetListener(d.m_WebsocketServer->ToListener());
-			}
-#endif
 			return true;
 		}
 
 		bool Daemon_Singleton::stop()
 		{
-#ifdef WITH_EVENTS
-			i2p::event::core.SetListener(nullptr);
-#endif
 			LogPrint(eLogInfo, "Daemon: shutting down");
 			LogPrint(eLogInfo, "Daemon: stopping Client");
 			i2p::client::context.Stop();
@@ -397,13 +396,6 @@ namespace i2p
 				d.m_I2PControlService->Stop ();
 				d.m_I2PControlService = nullptr;
 			}
-#ifdef WITH_EVENTS
-			if (d.m_WebsocketServer) {
-				LogPrint(eLogInfo, "Daemon: stopping Websocket server");
-				d.m_WebsocketServer->Stop();
-				d.m_WebsocketServer = nullptr;
-			}
-#endif
 			i2p::crypto::TerminateCrypto ();
 			i2p::log::Logger().Stop();
 

daemon/Daemon.h

@@ -1,3 +1,11 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #ifndef DAEMON_H__
 #define DAEMON_H__
 
@@ -13,9 +21,10 @@ namespace util
 	class Daemon_Singleton
 	{
 		public:
-            virtual bool init(int argc, char* argv[], std::shared_ptr<std::ostream> logstream);
-            virtual bool init(int argc, char* argv[]);
-            virtual bool start();
+
+			virtual bool init(int argc, char* argv[], std::shared_ptr<std::ostream> logstream);
+			virtual bool init(int argc, char* argv[]);
+			virtual bool start();
 			virtual bool stop();
 			virtual void run () {};
 
@@ -23,6 +32,7 @@ namespace util
 			bool running;
 
 		protected:
+
 			Daemon_Singleton();
 			virtual ~Daemon_Singleton();
 
@@ -39,6 +49,7 @@ namespace util
 	class DaemonQT: public i2p::util::Daemon_Singleton
 	{
 		public:
+
 			static DaemonQT& Instance()
 			{
 				static DaemonQT instance;
@@ -51,6 +62,7 @@ namespace util
 	class DaemonWin32 : public Daemon_Singleton
 	{
 		public:
+
 			static DaemonWin32& Instance()
 			{
 				static DaemonWin32 instance;
@@ -72,6 +84,7 @@ namespace util
 	class DaemonAndroid: public i2p::util::Daemon_Singleton
 	{
 		public:
+
 			static DaemonAndroid& Instance()
 			{
 				static DaemonAndroid instance;
@@ -83,6 +96,7 @@ namespace util
 	class DaemonLinux : public Daemon_Singleton
 	{
 		public:
+
 			static DaemonLinux& Instance()
 			{
 				static DaemonLinux instance;
@@ -94,10 +108,12 @@ namespace util
 			void run ();
 
 		private:
+
 			std::string pidfile;
 			int pidFH;
 
 		public:
+
 			int gracefulShutdownInterval; // in seconds
 	};
 #endif

daemon/HTTPServer.h

@@ -1,3 +1,11 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #ifndef HTTP_SERVER_H__
 #define HTTP_SERVER_H__
 
@@ -35,6 +43,7 @@ namespace http
 			void HandlePage    (const HTTPReq & req, HTTPRes & res, std::stringstream& data);
 			void HandleCommand (const HTTPReq & req, HTTPRes & res, std::stringstream& data);
 			void SendReply     (HTTPRes & res, std::string & content);
+			uint32_t CreateToken ();
 
 		private:
 
@@ -78,17 +87,17 @@ namespace http
 			std::string m_Hostname;
 	};
 
-    //all the below functions are also used by Qt GUI, see mainwindow.cpp -> getStatusPageHtml
-    enum OutputFormatEnum { forWebConsole, forQtUi };
-    void ShowStatus (std::stringstream& s, bool includeHiddenContent, OutputFormatEnum outputFormat);
-    void ShowLocalDestinations (std::stringstream& s);
-    void ShowLeasesSets(std::stringstream& s);
-    void ShowTunnels (std::stringstream& s);
-    void ShowTransitTunnels (std::stringstream& s);
-    void ShowTransports (std::stringstream& s);
-    void ShowSAMSessions (std::stringstream& s);
-    void ShowI2PTunnels (std::stringstream& s);
-    void ShowLocalDestination (std::stringstream& s, const std::string& b32);
+	//all the below functions are also used by Qt GUI, see mainwindow.cpp -> getStatusPageHtml
+	enum OutputFormatEnum { forWebConsole, forQtUi };
+	void ShowStatus (std::stringstream& s, bool includeHiddenContent, OutputFormatEnum outputFormat);
+	void ShowLocalDestinations (std::stringstream& s);
+	void ShowLeasesSets(std::stringstream& s);
+	void ShowTunnels (std::stringstream& s);
+	void ShowTransitTunnels (std::stringstream& s);
+	void ShowTransports (std::stringstream& s);
+	void ShowSAMSessions (std::stringstream& s);
+	void ShowI2PTunnels (std::stringstream& s);
+	void ShowLocalDestination (std::stringstream& s, const std::string& b32, uint32_t token);
 } // http
 } // i2p
 

daemon/I2PControl.cpp

@@ -6,12 +6,7 @@
 #include <boost/date_time/local_time/local_time.hpp>
 #include <boost/date_time/posix_time/posix_time.hpp>
 #include <boost/property_tree/ini_parser.hpp>
-
-// There is bug in boost 1.49 with gcc 4.7 coming with Debian Wheezy
-#define GCC47_BOOST149 ((BOOST_VERSION == 104900) && (__GNUC__ == 4) && (__GNUC_MINOR__ >= 7))
-#if !GCC47_BOOST149
 #include <boost/property_tree/json_parser.hpp>
-#endif
 
 #include "Crypto.h"
 #include "FS.h"
@@ -235,12 +230,6 @@ namespace client
 					}
 				}
 				std::ostringstream response;
-#if GCC47_BOOST149
-				LogPrint (eLogError, "I2PControl: json_read is not supported due bug in boost 1.49 with gcc 4.7");
-				response << "{\"id\":null,\"error\":";
-				response << "{\"code\":-32603,\"message\":\"JSON requests is not supported with this version of boost\"},";
-				response << "\"jsonrpc\":\"2.0\"}";
-#else
 				boost::property_tree::ptree pt;
 				boost::property_tree::read_json (ss, pt);
 
@@ -260,7 +249,6 @@ namespace client
 					response << "{\"code\":-32601,\"message\":\"Method not found\"},";
 					response << "\"jsonrpc\":\"2.0\"}";
 				}
-#endif
 				SendResponse (socket, buf, response, isHtml);
 			}
 			catch (std::exception& ex)
@@ -394,13 +382,15 @@ namespace client
 
 	void I2PControlService::RouterInfoHandler (const boost::property_tree::ptree& params, std::ostringstream& results)
 	{
+		bool first = true;
 		for (auto it = params.begin (); it != params.end (); it++)
 		{
 			LogPrint (eLogDebug, "I2PControl: RouterInfo request: ", it->first);
 			auto it1 = m_RouterInfoHandlers.find (it->first);
 			if (it1 != m_RouterInfoHandlers.end ())
 			{
-				if (it != params.begin ()) results << ",";
+				if (!first) results << ","; 
+				else first = false;		
 				(this->*(it1->second))(results);
 			}
 			else

daemon/I2PControl.h

@@ -1,3 +1,11 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #ifndef I2P_CONTROL_H__
 #define I2P_CONTROL_H__
 
@@ -27,6 +35,7 @@ namespace client
 	class I2PControlService
 	{
 		typedef boost::asio::ssl::stream<boost::asio::ip::tcp::socket> ssl_socket;
+
 		public:
 
 			I2PControlService (const std::string& address, int port);

daemon/UPnP.cpp

@@ -4,7 +4,6 @@
 
 #include <boost/thread/thread.hpp>
 #include <boost/asio.hpp>
-#include <boost/bind.hpp>
 
 #include "Log.h"
 
@@ -79,43 +78,59 @@ namespace transport
 
 	void UPnP::Discover ()
 	{
-#if MINIUPNPC_API_VERSION >= 14
-		int nerror = 0;
-		m_Devlist = upnpDiscover (2000, m_MulticastIf, m_Minissdpdpath, 0, 0, 2, &nerror);
-#elif ( MINIUPNPC_API_VERSION >= 8 || defined(UPNPDISCOVER_SUCCESS) )
-		int nerror = 0;
-		m_Devlist = upnpDiscover (2000, m_MulticastIf, m_Minissdpdpath, 0, 0, &nerror);
+		bool isError;
+        int err;
+
+#if ((MINIUPNPC_API_VERSION >= 8) || defined (UPNPDISCOVER_SUCCESS))
+        err = UPNPDISCOVER_SUCCESS;
+
+#if (MINIUPNPC_API_VERSION >= 14)
+		m_Devlist = upnpDiscover (UPNP_RESPONSE_TIMEOUT, NULL, NULL, 0, 0, 2, &err);
 #else
-		m_Devlist = upnpDiscover (2000, m_MulticastIf, m_Minissdpdpath, 0);
+		m_Devlist = upnpDiscover (UPNP_RESPONSE_TIMEOUT, NULL, NULL, 0, 0, &err);
 #endif
+
+		isError = err != UPNPDISCOVER_SUCCESS;
+#else  // MINIUPNPC_API_VERSION >= 8
+        err = 0;
+        m_Devlist = upnpDiscover (UPNP_RESPONSE_TIMEOUT, NULL, NULL, 0);
+		isError = m_Devlist == NULL;
+#endif // MINIUPNPC_API_VERSION >= 8
 		{
-			// notify satrting thread
+			// notify starting thread
 			std::unique_lock<std::mutex> l(m_StartedMutex);
 			m_Started.notify_all ();
 		}
 
-		int r;
-		r = UPNP_GetValidIGD (m_Devlist, &m_upnpUrls, &m_upnpData, m_NetworkAddr, sizeof (m_NetworkAddr));
-		if (r == 1)
+		if (isError)
 		{
-			r = UPNP_GetExternalIPAddress (m_upnpUrls.controlURL, m_upnpData.first.servicetype, m_externalIPAddress);
-			if(r != UPNPCOMMAND_SUCCESS)
+            LogPrint (eLogError, "UPnP: unable to discover Internet Gateway Devices: error ", err);
+			return;
+		}
+
+		err = UPNP_GetValidIGD (m_Devlist, &m_upnpUrls, &m_upnpData, m_NetworkAddr, sizeof (m_NetworkAddr));
+        m_upnpUrlsInitialized=err!=0;
+		if (err == UPNP_IGD_VALID_CONNECTED)
+		{
+            err = UPNP_GetExternalIPAddress (m_upnpUrls.controlURL, m_upnpData.first.servicetype, m_externalIPAddress);
+			if(err != UPNPCOMMAND_SUCCESS)
 			{
-				LogPrint (eLogError, "UPnP: UPNP_GetExternalIPAddress() returned ", r);
+				LogPrint (eLogError, "UPnP: unable to get external address: error ", err);
 				return;
 			}
 			else
 			{
+				LogPrint (eLogError, "UPnP: found Internet Gateway Device ", m_upnpUrls.controlURL);
 				if (!m_externalIPAddress[0])
 				{
-					LogPrint (eLogError, "UPnP: GetExternalIPAddress() failed.");
+                    LogPrint (eLogError, "UPnP: found Internet Gateway Device doesn't know our external address");
 					return;
 				}
 			}
 		}
 		else
 		{
-			LogPrint (eLogError, "UPnP: GetValidIGD() failed.");
+            LogPrint (eLogError, "UPnP: unable to find valid Internet Gateway Device: error ", err);
 			return;
 		}
 
@@ -126,6 +141,20 @@ namespace transport
 		PortMapping ();
 	}
 
+	int UPnP::CheckMapping (const char* port, const char* type)
+	{
+		int err = UPNPCOMMAND_SUCCESS;
+
+#if (MINIUPNPC_API_VERSION >= 10)
+		err = UPNP_GetSpecificPortMappingEntry(m_upnpUrls.controlURL, m_upnpData.first.servicetype, port, type, NULL, NULL, NULL, NULL, NULL, NULL);
+#elif ((MINIUPNPC_API_VERSION >= 8) || defined (UPNPDISCOVER_SUCCESS))
+		err = UPNP_GetSpecificPortMappingEntry(m_upnpUrls.controlURL, m_upnpData.first.servicetype, port, type, NULL, NULL, NULL, NULL, NULL);
+#else
+		err = UPNP_GetSpecificPortMappingEntry(m_upnpUrls.controlURL, m_upnpData.first.servicetype, port, type, NULL, NULL);
+#endif
+		return err;
+	}
+
 	void UPnP::PortMapping ()
 	{
 		const auto& a = context.GetRouterInfo().GetAddresses();
@@ -134,13 +163,47 @@ namespace transport
 			if (!address->host.is_v6 () && address->port)
 				TryPortMapping (address);
 		}
-		m_Timer.expires_from_now (boost::posix_time::minutes(20));	// every 20 minutes
+		m_Timer.expires_from_now (boost::posix_time::minutes(20)); // every 20 minutes
 		m_Timer.async_wait ([this](const boost::system::error_code& ecode)
 		{
 			if (ecode != boost::asio::error::operation_aborted)
 			PortMapping ();
 		});
+	}
 
+	void UPnP::TryPortMapping (std::shared_ptr<i2p::data::RouterInfo::Address> address)
+	{
+		std::string strType (GetProto (address)), strPort (std::to_string (address->port));
+		std::string strDesc; i2p::config::GetOption("upnp.name", strDesc);
+		int err = UPNPCOMMAND_SUCCESS;
+
+		// check for existing mapping
+		err = CheckMapping (strPort.c_str (), strType.c_str ());
+		if (err != UPNPCOMMAND_SUCCESS) // if mapping not found
+		{
+            LogPrint (eLogDebug, "UPnP: possibly port ", strPort, " is not forwarded: return code ", err);
+
+#if ((MINIUPNPC_API_VERSION >= 8) || defined (UPNPDISCOVER_SUCCESS))
+			err = UPNP_AddPortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strPort.c_str (), m_NetworkAddr, strDesc.c_str (), strType.c_str (), NULL, NULL);
+#else
+			err = UPNP_AddPortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strPort.c_str (), m_NetworkAddr, strDesc.c_str (), strType.c_str (), NULL);
+#endif
+			if (err != UPNPCOMMAND_SUCCESS)
+			{
+				LogPrint (eLogError, "UPnP: port forwarding to ", m_NetworkAddr, ":", strPort, " failed: return code ", err);
+				return;
+			}
+			else
+			{
+				LogPrint (eLogInfo, "UPnP: port successfully forwarded (", m_externalIPAddress ,":", strPort, " type ", strType, " -> ", m_NetworkAddr ,":", strPort ,")");
+				return;
+			}
+		}
+		else
+		{
+            LogPrint (eLogDebug, "UPnP: external forward from ", m_NetworkAddr, ":", strPort, " exists on current Internet Gateway Device");
+			return;
+		}
 	}
 
 	void UPnP::CloseMapping ()
@@ -153,53 +216,42 @@ namespace transport
 		}
 	}
 
-	void UPnP::TryPortMapping (std::shared_ptr<i2p::data::RouterInfo::Address> address)
-	{
-		std::string strType (GetProto (address)), strPort (std::to_string (address->port));
-		int r;
-		std::string strDesc; i2p::config::GetOption("upnp.name", strDesc);
-#ifdef UPNPDISCOVER_SUCCESS
-		r = UPNP_AddPortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strPort.c_str (), m_NetworkAddr, strDesc.c_str (), strType.c_str (), 0, "0");
-#else
-		r = UPNP_AddPortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strPort.c_str (), m_NetworkAddr, strDesc.c_str (), strType.c_str (), 0);
-#endif
-		if (r!=UPNPCOMMAND_SUCCESS)
-		{
-			LogPrint (eLogError, "UPnP: AddPortMapping (", m_NetworkAddr, ":", strPort, ") failed with code ", r);
-			return;
-		}
-		else
-		{
-			LogPrint (eLogDebug, "UPnP: Port Mapping successful. (", m_NetworkAddr ,":", strPort, " type ", strType, " -> ", m_externalIPAddress ,":", strPort ,")");
-			return;
-		}
-	}
-
 	void UPnP::CloseMapping (std::shared_ptr<i2p::data::RouterInfo::Address> address)
 	{
+        if(!m_upnpUrlsInitialized) {
+            return;
+        }
 		std::string strType (GetProto (address)), strPort (std::to_string (address->port));
-		int r = 0;
-		r = UPNP_DeletePortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strType.c_str (), 0);
-		LogPrint (eLogError, "UPnP: DeletePortMapping() returned : ", r);
+		int err = UPNPCOMMAND_SUCCESS;
+		
+		err = CheckMapping (strPort.c_str (), strType.c_str ());
+        if (err == UPNPCOMMAND_SUCCESS)
+		{
+			err = UPNP_DeletePortMapping (m_upnpUrls.controlURL, m_upnpData.first.servicetype, strPort.c_str (), strType.c_str (), NULL);
+			LogPrint (eLogError, "UPnP: DeletePortMapping() returned : ", err);
+		}
 	}
 
 	void UPnP::Close ()
 	{
 		freeUPNPDevlist (m_Devlist);
 		m_Devlist = 0;
-		FreeUPNPUrls (&m_upnpUrls);
-	}
+        if(m_upnpUrlsInitialized){
+            FreeUPNPUrls (&m_upnpUrls);
+            m_upnpUrlsInitialized=false;
+        }
+    }
 
 	std::string UPnP::GetProto (std::shared_ptr<i2p::data::RouterInfo::Address> address)
 	{
 		switch (address->transportStyle)
 		{
 			case i2p::data::RouterInfo::eTransportNTCP:
-			return "TCP";
-			break;
+				return "TCP";
+				break;
 			case i2p::data::RouterInfo::eTransportSSU:
 			default:
-			return "UDP";
+				return "UDP";
 		}
 	}
 }

daemon/UPnP.h

@@ -1,3 +1,11 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #ifndef __UPNP_H__
 #define __UPNP_H__
 
@@ -19,45 +27,55 @@ namespace i2p
 {
 namespace transport
 {
+	const int UPNP_RESPONSE_TIMEOUT = 2000; // in milliseconds
+
+	enum
+	{
+		UPNP_IGD_NONE = 0,
+		UPNP_IGD_VALID_CONNECTED = 1,
+		UPNP_IGD_VALID_NOT_CONNECTED = 2,
+		UPNP_IGD_INVALID = 3
+	};
+
 	class UPnP
 	{
-	public:
+		public:
 
-		UPnP ();
-		~UPnP ();
-        void Close ();
+			UPnP ();
+			~UPnP ();
+			void Close ();
 
-        void Start ();
-        void Stop ();
+			void Start ();
+			void Stop ();
 
-	private:
+		private:
 
-		void Discover ();
-		void PortMapping ();
-		void TryPortMapping (std::shared_ptr<i2p::data::RouterInfo::Address> address);
-		void CloseMapping ();
-		void CloseMapping (std::shared_ptr<i2p::data::RouterInfo::Address> address);
+			void Discover ();
+			int  CheckMapping (const char* port, const char* type);
+			void PortMapping ();
+			void TryPortMapping (std::shared_ptr<i2p::data::RouterInfo::Address> address);
+			void CloseMapping ();
+			void CloseMapping (std::shared_ptr<i2p::data::RouterInfo::Address> address);
 
-		void Run ();
-		std::string GetProto (std::shared_ptr<i2p::data::RouterInfo::Address> address);
+			void Run ();
+			std::string GetProto (std::shared_ptr<i2p::data::RouterInfo::Address> address);
 
-	private:
+		private:
 
-		bool m_IsRunning;
-        std::unique_ptr<std::thread> m_Thread;
-		std::condition_variable m_Started;
-		std::mutex m_StartedMutex;
-		boost::asio::io_service m_Service;
-		boost::asio::deadline_timer m_Timer;
-        struct UPNPUrls m_upnpUrls;
-        struct IGDdatas m_upnpData;
+			bool m_IsRunning;
+			std::unique_ptr<std::thread> m_Thread;
+			std::condition_variable m_Started;
+			std::mutex m_StartedMutex;
+			boost::asio::io_service m_Service;
+			boost::asio::deadline_timer m_Timer;
+			bool m_upnpUrlsInitialized = false;
+			struct UPNPUrls m_upnpUrls;
+			struct IGDdatas m_upnpData;
 
-        // For miniupnpc
-        char * m_MulticastIf = 0;
-        char * m_Minissdpdpath = 0;
-        struct UPNPDev * m_Devlist = 0;
-        char m_NetworkAddr[64];
-        char m_externalIPAddress[40];
+			// For miniupnpc
+			struct UPNPDev * m_Devlist = 0;
+			char m_NetworkAddr[64];
+			char m_externalIPAddress[40];
 	};
 }
 }
@@ -65,14 +83,15 @@ namespace transport
 #else  // USE_UPNP
 namespace i2p {
 namespace transport {
-  /* class stub */
-  class UPnP {
-  public:
-    UPnP () {};
-    ~UPnP () {};
-    void Start () { LogPrint(eLogWarning, "UPnP: this module was disabled at compile-time"); }
-    void Stop () {};
-  };
+	/* class stub */
+	class UPnP {
+		public:
+
+			UPnP () {};
+			~UPnP () {};
+			void Start () { LogPrint(eLogWarning, "UPnP: this module was disabled at compile-time"); }
+			void Stop () {};
+	};
 }
 }
 #endif // USE_UPNP

daemon/UnixDaemon.cpp

@@ -1,3 +1,11 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #include "Daemon.h"
 
 #ifndef _WIN32
@@ -167,7 +175,7 @@ namespace i2p
 			sigaction(SIGABRT, &sa, 0);
 			sigaction(SIGTERM, &sa, 0);
 			sigaction(SIGINT, &sa, 0);
-			sigaction(SIGPIPE, &sa, 0);			
+			sigaction(SIGPIPE, &sa, 0);
 
 			return Daemon_Singleton::start();
 		}
@@ -175,7 +183,6 @@ namespace i2p
 		bool DaemonLinux::stop()
 		{
 			i2p::fs::Remove(pidfile);
-
 			return Daemon_Singleton::stop();
 		}
 
@@ -197,5 +204,4 @@ namespace i2p
 		}
 	}
 }
-
 #endif

daemon/i2pd.cpp

@@ -1,24 +1,31 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #include <stdlib.h>
 #include "Daemon.h"
 
 #if defined(QT_GUI_LIB)
-
 namespace i2p
 {
 namespace qt
 {
-    int RunQT (int argc, char* argv[]);
+	int RunQT (int argc, char* argv[]);
 }
 }
-int main( int argc, char* argv[] )
-{
-    return i2p::qt::RunQT (argc, argv);
-}
 
+int main( int argc, char* argv[] )
+{
+	return i2p::qt::RunQT (argc, argv);
+}
 #else
 int main( int argc, char* argv[] )
 {
-    if (Daemon.init(argc, argv))
+	if (Daemon.init(argc, argv))
 	{
 		if (Daemon.start())
 			Daemon.run ();

debian/changelog

@@ -1,3 +1,66 @@
+i2pd (2.34.0-1) unstable; urgency=medium
+
+  * updated to version 2.34.0
+
+ -- orignal <orignal@i2pmail.org>  Tue, 27 Oct 2020 16:00:00 +0000
+
+i2pd (2.33.0-1) unstable; urgency=medium
+
+  * updated to version 2.33.0/0.9.47
+
+ -- orignal <orignal@i2pmail.org>  Mon, 24 Aug 2020 16:00:00 +0000
+
+i2pd (2.32.1-1) unstable; urgency=high
+
+  * updated to version 2.32.1
+
+ -- r4sas <r4sas@i2pmail.org>  Tue, 02 Jun 2020 16:30:00 +0000
+
+i2pd (2.32.0-1) unstable; urgency=high
+
+  * updated to version 2.32.0/0.9.46
+  * updated systemd service file (see #1394)
+  * updated apparmor profile (see 9318388007cff0495b4b360d0480f4fc1219a9dc)
+  * updated logrotate config and moved it to contrib
+
+ -- r4sas <r4sas@i2pmail.org>  Mon, 25 May 2020 12:45:00 +0000
+
+i2pd (2.31.0-1) unstable; urgency=medium
+
+  * updated to version 2.31.0
+
+ -- orignal <orignal@i2pmail.org>  Fri, 10 Apr 2020 16:00:00 +0000
+
+i2pd (2.30.0-1) unstable; urgency=medium
+
+  * updated to version 2.30.0/0.9.45
+
+ -- orignal <orignal@i2pmail.org>  Tue, 25 Feb 2020 16:00:00 +0000
+
+i2pd (2.29.0-1) unstable; urgency=medium
+
+  * updated to version 2.29.0/0.9.43
+
+ -- orignal <orignal@i2pmail.org>  Mon, 21 Oct 2019 16:00:00 +0000
+
+i2pd (2.28.0-1) unstable; urgency=medium
+
+  * updated to version 2.28.0/0.9.42
+
+ -- orignal <orignal@i2pmail.org>  Tue, 27 Aug 2019 16:00:00 +0000
+
+i2pd (2.27.0-1) unstable; urgency=medium
+
+  * updated to version 2.27.0/0.9.41
+
+ -- orignal <orignal@i2pmail.org>  Wed, 3 Jul 2019 16:00:00 +0000
+
+i2pd (2.26.0-1) unstable; urgency=medium
+
+  * updated to version 2.26.0
+
+ -- orignal <orignal@i2pmail.org>  Fri, 7 Jun 2019 16:00:00 +0000
+
 i2pd (2.25.0-1) unstable; urgency=medium
 
   * updated to version 2.25.0/0.9.40
@@ -30,7 +93,7 @@ i2pd (2.21.1-1) unstable; urgency=medium
 
   * updated to version 2.21.1
 
- -- orignal <orignal@i2pmail.org>  Thu, 22 Oct 2018 16:00:00 +0000
+ -- orignal <orignal@i2pmail.org>  Mon, 22 Oct 2018 16:00:00 +0000
 
 i2pd (2.21.0-1) unstable; urgency=medium
 

debian/copyright

@@ -3,7 +3,7 @@ Upstream-Name: i2pd
 Source: https://github.com/PurpleI2P
 
 Files: *
-Copyright: 2013-2017 PurpleI2P
+Copyright: 2013-2020 PurpleI2P
 License: BSD-3-clause
 
 Files: qt/i2pd_qt/android/src/org/kde/necessitas/ministro/IMinistro.aidl
@@ -16,8 +16,8 @@ License: BSD-2-Clause
 Files: debian/*
 Copyright: 2013-2015 Kill Your TV <killyourtv@i2pmail.org>
            2014-2016 hagen <hagen@i2pmail.org>
-           2016-2017 R4SAS <r4sas@i2pmail.org>
-           2017-2018 Yangfl <mmyangfl@gmail.com>
+           2016-2020 R4SAS <r4sas@i2pmail.org>
+           2017-2020 Yangfl <mmyangfl@gmail.com>
 License: GPL-2+
 
 License: BSD-3-clause

debian/i2pd.logrotate

@@ -1,9 +0,0 @@
-/var/log/i2pd/i2pd.log {
-        rotate 6
-        daily
-        missingok
-        notifempty
-        compress
-        delaycompress
-        copytruncate
-}

debian/i2pd.logrotate

@@ -0,0 +1 @@
+../contrib/i2pd.logrotate

debian/patches/01-tune-build-opts.patch

@@ -1,17 +1,15 @@
-diff --git a/Makefile b/Makefile
-index bdadfe0..2f71eec 100644
---- a/Makefile
-+++ b/Makefile
-@@ -9,10 +9,10 @@ DEPS := obj/make.dep
-
+Index: i2pd/Makefile
+===================================================================
+--- i2pd.orig/Makefile
++++ i2pd/Makefile
+@@ -13,8 +13,8 @@ DAEMON_SRC_DIR := daemon
+ 
  include filelist.mk
-
+ 
 -USE_AESNI	:= yes
-+USE_AESNI	:= no
 -USE_AVX		:= yes
++USE_AESNI	:= no
 +USE_AVX		:= no
  USE_STATIC	:= no
  USE_MESHNET	:= no
  USE_UPNP	:= no
- DEBUG		:= yes
- 

debian/patches/02-fix-1210.patch

@@ -4,10 +4,12 @@ Author: r4sas <r4sas@i2pmail.org>
 
 Bug: https://github.com/PurpleI2P/i2pd/issues/1210
 Reviewed-By: r4sas <r4sas@i2pmail.org>
-Last-Update: 2018-08-25
+Last-Update: 2020-05-25
 
---- a/contrib/i2pd.service
-+++ b/contrib/i2pd.service
+Index: i2pd/contrib/i2pd.service
+===================================================================
+--- i2pd.orig/contrib/i2pd.service
++++ i2pd/contrib/i2pd.service
 @@ -6,10 +6,10 @@ After=network.target
  [Service]
  User=i2pd
@@ -21,5 +23,5 @@ Last-Update: 2018-08-25
 +#LogsDirectory=i2pd
 +#LogsDirectoryMode=0700
  Type=forking
- ExecStart=/usr/sbin/i2pd --conf=/etc/i2pd/i2pd.conf --tunconf=/etc/i2pd/tunnels.conf --tunnelsdir=/etc/i2pd/tunnels.conf.d --pidfile=/var/run/i2pd/i2pd.pid --logfile=/var/log/i2pd/i2pd.log --daemon --service
- ExecReload=/bin/kill -HUP $MAINPID
+ ExecStart=/usr/sbin/i2pd --conf=/etc/i2pd/i2pd.conf --tunconf=/etc/i2pd/tunnels.conf --tunnelsdir=/etc/i2pd/tunnels.conf.d --pidfile=/run/i2pd/i2pd.pid --logfile=/var/log/i2pd/i2pd.log --daemon --service
+ ExecReload=/bin/sh -c "kill -HUP $MAINPID"

debian/postrm

@@ -6,7 +6,7 @@ if [ "$1" = "purge" ]; then
 	rm -rf /etc/i2pd
 	rm -rf /var/lib/i2pd
 	rm -rf /var/log/i2pd
-	rm -rf /var/run/i2pd
+	rm -rf /run/i2pd
 fi
 
 #DEBHELPER#

filelist.mk

@@ -5,13 +5,13 @@
 #  SSUSession.cpp SSUData.cpp Streaming.cpp Identity.cpp TransitTunnel.cpp \
 #  Transports.cpp Tunnel.cpp TunnelEndpoint.cpp TunnelPool.cpp TunnelGateway.cpp \
 #  Destination.cpp Base.cpp I2PEndian.cpp FS.cpp Config.cpp Family.cpp \
-#  Config.cpp HTTP.cpp Timestamp.cpp util.cpp api.cpp Event.cpp Gost.cpp
+#  Config.cpp HTTP.cpp Timestamp.cpp util.cpp api.cpp Gost.cpp
 
 LIB_SRC = $(wildcard $(LIB_SRC_DIR)/*.cpp)
 
 #LIB_CLIENT_SRC = \
 #	AddressBook.cpp BOB.cpp ClientContext.cpp I2PTunnel.cpp I2PService.cpp MatchedDestination.cpp \
-#	SAM.cpp SOCKS.cpp HTTPProxy.cpp I2CP.cpp WebSocks.cpp
+#	SAM.cpp SOCKS.cpp HTTPProxy.cpp I2CP.cpp
 
 LIB_CLIENT_SRC = $(wildcard $(LIB_CLIENT_SRC_DIR)/*.cpp)
 

libi2pd/Base.cpp

@@ -1,3 +1,11 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #include <stdlib.h>
 #include <string.h>
 
@@ -7,7 +15,8 @@ namespace i2p
 {
 namespace data
 {
-	static const char T32[32] = {
+	static const char T32[32] =
+	{
 		'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h',
 		'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p',
 		'q', 'r', 's', 't', 'u', 'v', 'w', 'x',
@@ -29,15 +38,16 @@ namespace data
 	* Direct Substitution Table
 	*/
 
-	static const char T64[64] = {
-		       'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H',
-		       'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P',
-		       'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X',
-		       'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f',
-		       'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n',
-		       'o', 'p', 'q', 'r', 's', 't', 'u', 'v',
-		       'w', 'x', 'y', 'z', '0', '1', '2', '3',
-		       '4', '5', '6', '7', '8', '9', '-', '~'
+	static const char T64[64] =
+	{
+		'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H',
+		'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P',
+		'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X',
+		'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f',
+		'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n',
+		'o', 'p', 'q', 'r', 's', 't', 'u', 'v',
+		'w', 'x', 'y', 'z', '0', '1', '2', '3',
+		'4', '5', '6', '7', '8', '9', '-', '~'
 	};
 
 	const char * GetBase64SubstitutionTable ()
@@ -67,14 +77,12 @@ namespace data
 	*
 	*/
 
-	size_t                                /* Number of bytes in the encoded buffer */
-	ByteStreamToBase64 (
-		    const uint8_t * InBuffer,           /* Input buffer, binary data */
-		    size_t    InCount,              /* Number of bytes in the input buffer */
-		    char  * OutBuffer,          /* output buffer */
-		size_t len			   /* length of output buffer */
+	size_t ByteStreamToBase64 (   /* Number of bytes in the encoded buffer */
+		const uint8_t * InBuffer, /* Input buffer, binary data */
+		size_t InCount,           /* Number of bytes in the input buffer */
+		char * OutBuffer,         /* output buffer */
+		size_t len                /* length of output buffer */
 	)
-
 	{
 		unsigned char * ps;
 		unsigned char * pd;
@@ -83,55 +91,60 @@ namespace data
 		int             i;
 		int             n;
 		int             m;
-		size_t outCount;
+		size_t          outCount;
 
 		ps = (unsigned char *)InBuffer;
-		n = InCount/3;
-		m = InCount%3;
+		n = InCount / 3;
+		m = InCount % 3;
 		if (!m)
-		     outCount = 4*n;
+			outCount = 4 * n;
 		else
-		     outCount = 4*(n+1);
+			outCount = 4 * (n + 1);
+
 		if (outCount > len) return 0;
+
 		pd = (unsigned char *)OutBuffer;
-		for ( i = 0; i<n; i++ ){
-		     acc_1 = *ps++;
-		     acc_2 = (acc_1<<4)&0x30;
-		     acc_1 >>= 2;              /* base64 digit #1 */
-		     *pd++ = T64[acc_1];
-		     acc_1 = *ps++;
-		     acc_2 |= acc_1 >> 4;      /* base64 digit #2 */
-		     *pd++ = T64[acc_2];
-		     acc_1 &= 0x0f;
-		     acc_1 <<=2;
-		     acc_2 = *ps++;
-		     acc_1 |= acc_2>>6;        /* base64 digit #3 */
-		     *pd++ = T64[acc_1];
-		     acc_2 &= 0x3f;            /* base64 digit #4 */
-		     *pd++ = T64[acc_2];
+		for ( i = 0; i < n; i++ )
+		{
+			acc_1 = *ps++;
+			acc_2 = (acc_1 << 4) & 0x30;
+			acc_1 >>= 2;                 /* base64 digit #1 */
+			*pd++ = T64[acc_1];
+			acc_1 = *ps++;
+			acc_2 |= acc_1 >> 4;         /* base64 digit #2 */
+			*pd++ = T64[acc_2];
+			acc_1 &= 0x0f;
+			acc_1 <<= 2;
+			acc_2 = *ps++;
+			acc_1 |= acc_2 >> 6;         /* base64 digit #3 */
+			*pd++ = T64[acc_1];
+			acc_2 &= 0x3f;               /* base64 digit #4 */
+			*pd++ = T64[acc_2];
 		}
-		if ( m == 1 ){
-		     acc_1 = *ps++;
-		     acc_2 = (acc_1<<4)&0x3f;  /* base64 digit #2 */
-		     acc_1 >>= 2;              /* base64 digit #1 */
-		     *pd++ = T64[acc_1];
-		     *pd++ = T64[acc_2];
-		     *pd++ = P64;
-		     *pd++ = P64;
+		if ( m == 1 )
+		{
+			acc_1 = *ps++;
+			acc_2 = (acc_1 << 4) & 0x3f; /* base64 digit #2 */
+			acc_1 >>= 2;                 /* base64 digit #1 */
+			*pd++ = T64[acc_1];
+			*pd++ = T64[acc_2];
+			*pd++ = P64;
+			*pd++ = P64;
 
 		}
-		else if ( m == 2 ){
-		     acc_1 = *ps++;
-		     acc_2 = (acc_1<<4)&0x3f;
-		     acc_1 >>= 2;              /* base64 digit #1 */
-		     *pd++ = T64[acc_1];
-		     acc_1 = *ps++;
-		     acc_2 |= acc_1 >> 4;      /* base64 digit #2 */
-		     *pd++ = T64[acc_2];
-		     acc_1 &= 0x0f;
-		     acc_1 <<=2;               /* base64 digit #3 */
-		     *pd++ = T64[acc_1];
-		     *pd++ = P64;
+		else if ( m == 2 )
+		{
+			acc_1 = *ps++;
+			acc_2 = (acc_1 << 4) & 0x3f;
+			acc_1 >>= 2;                 /* base64 digit #1 */
+			*pd++ = T64[acc_1];
+			acc_1 = *ps++;
+			acc_2 |= acc_1 >> 4;         /* base64 digit #2 */
+			*pd++ = T64[acc_2];
+			acc_1 &= 0x0f;
+			acc_1 <<= 2;                 /* base64 digit #3 */
+			*pd++ = T64[acc_1];
+			*pd++ = P64;
 		}
 
 		return outCount;
@@ -147,12 +160,11 @@ namespace data
 	*
 	*/
 
-	size_t                              /* Number of output bytes */
-	Base64ToByteStream (
-		      const char * InBuffer,           /* BASE64 encoded buffer */
-		      size_t    InCount,          /* Number of input bytes */
-		      uint8_t  * OutBuffer,	/* output buffer length */
-		  size_t len         	/* length of output buffer */
+	size_t Base64ToByteStream ( /* Number of output bytes */
+		const char * InBuffer,  /* BASE64 encoded buffer */
+		size_t InCount,         /* Number of input bytes */
+		uint8_t * OutBuffer,    /* output buffer length */
+		size_t len              /* length of output buffer */
 	)
 	{
 		unsigned char * ps;
@@ -162,42 +174,52 @@ namespace data
 		int             i;
 		int             n;
 		int             m;
-		size_t outCount;
+		size_t          outCount;
+
+		if (isFirstTime)
+			iT64Build();
+
+		n = InCount / 4;
+		m = InCount % 4;
 
-		if (isFirstTime) iT64Build();
-		n = InCount/4;
-		m = InCount%4;
 		if (InCount && !m)
-		     outCount = 3*n;
-		else {
-		     outCount = 0;
-		     return 0;
+			outCount = 3 * n;
+		else
+		{
+			outCount = 0;
+			return 0;
 		}
 
 		ps = (unsigned char *)(InBuffer + InCount - 1);
-		while ( *ps-- == P64 ) outCount--;
+		while ( *ps-- == P64 )
+			outCount--;
 		ps = (unsigned char *)InBuffer;
 
-		if (outCount > len) return -1;
+		if (outCount > len)
+			return -1;
+
 		pd = OutBuffer;
 		auto endOfOutBuffer = OutBuffer + outCount;
-		for ( i = 0; i < n; i++ ){
-		     acc_1 = iT64[*ps++];
-		     acc_2 = iT64[*ps++];
-		     acc_1 <<= 2;
-		     acc_1 |= acc_2>>4;
-		     *pd++  = acc_1;
-			 if (pd >= endOfOutBuffer) break;
+		for ( i = 0; i < n; i++ )
+		{
+			acc_1 = iT64[*ps++];
+			acc_2 = iT64[*ps++];
+			acc_1 <<= 2;
+			acc_1 |= acc_2 >> 4;
+			*pd++ = acc_1;
+			if (pd >= endOfOutBuffer)
+				break;
 
-		     acc_2 <<= 4;
-		     acc_1 = iT64[*ps++];
-		     acc_2 |= acc_1 >> 2;
-		     *pd++ = acc_2;
-			  if (pd >= endOfOutBuffer) break;
+			acc_2 <<= 4;
+			acc_1 = iT64[*ps++];
+			acc_2 |= acc_1 >> 2;
+			*pd++ = acc_2;
+			if (pd >= endOfOutBuffer)
+				break;
 
-		     acc_2 = iT64[*ps++];
-		     acc_2 |= acc_1 << 6;
-		     *pd++ = acc_2;
+			acc_2 = iT64[*ps++];
+			acc_2 |= acc_1 << 6;
+			*pd++ = acc_2;
 		}
 
 		return outCount;
@@ -206,20 +228,25 @@ namespace data
 	size_t Base64EncodingBufferSize (const size_t input_size)
 	{
 		auto d = div (input_size, 3);
-		if (d.rem) d.quot++;
-		return 4*d.quot;
+		if (d.rem)
+			d.quot++;
+
+		return 4 * d.quot;
 	}
 
 	std::string ToBase64Standard (const std::string& in)
 	{
-		auto len = Base64EncodingBufferSize (in.length ());	
-		char * str = new char[len+1];
+		auto len = Base64EncodingBufferSize (in.length ());
+		char * str = new char[len + 1];
 		auto l = ByteStreamToBase64 ((const uint8_t *)in.c_str (), in.length (), str, len);
 		str[l] = 0;
 		// replace '-' by '+' and '~' by '/'
 		for (size_t i = 0; i < l; i++)
-			if (str[i] == '-') str[i] = '+';
-			else if (str[i] == '~') str[i] = '/';
+			if (str[i] == '-')
+				str[i] = '+';
+			else if (str[i] == '~')
+				str[i] = '/';
+
 		std::string s(str);
 		delete[] str;
 		return s;
@@ -236,10 +263,10 @@ namespace data
 
 	static void iT64Build()
 	{
-		int  i;
+		int i;
 		isFirstTime = 0;
-		for ( i=0; i<256; i++ ) iT64[i] = -1;
-		for ( i=0; i<64; i++ ) iT64[(int)T64[i]] = i;
+		for ( i = 0; i < 256; i++ ) iT64[i] = -1;
+		for ( i = 0; i < 64; i++ ) iT64[(int)T64[i]] = i;
 		iT64[(int)P64] = 0;
 	}
 
@@ -302,4 +329,3 @@ namespace data
 	}
 }
 }
-

libi2pd/Base.h

@@ -1,3 +1,11 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #ifndef BASE_H__
 #define BASE_H__
 
@@ -15,13 +23,13 @@ namespace data {
 	size_t Base32ToByteStream (const char * inBuf, size_t len, uint8_t * outBuf, size_t outLen);
 	size_t ByteStreamToBase32 (const uint8_t * InBuf, size_t len, char * outBuf, size_t outLen);
 
- 	/**
-     Compute the size for a buffer to contain encoded base64 given that the size of the input is input_size bytes
-   	*/
+	/**
+	 Compute the size for a buffer to contain encoded base64 given that the size of the input is input_size bytes
+	*/
 	size_t Base64EncodingBufferSize(const size_t input_size);
-	
-	std::string ToBase64Standard (const std::string& in); // using standard table, for Proxy-Authorization	
-	
+
+	std::string ToBase64Standard (const std::string& in); // using standard table, for Proxy-Authorization
+
 } // data
 } // i2p
 

libi2pd/Blinding.cpp

@@ -0,0 +1,324 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
+#include <zlib.h> // for crc32
+#include <openssl/sha.h>
+#include <openssl/hmac.h>
+#include <openssl/ec.h>
+#include <openssl/bn.h>
+#include "Base.h"
+#include "Crypto.h"
+#include "Log.h"
+#include "Timestamp.h"
+#include "I2PEndian.h"
+#include "Ed25519.h"
+#include "Signature.h"
+#include "Blinding.h"
+
+namespace i2p
+{
+namespace data
+{
+	static EC_POINT * BlindPublicKeyECDSA (const EC_GROUP * group, const EC_POINT * pub, const uint8_t * seed)
+	{
+		BN_CTX * ctx = BN_CTX_new ();
+		BN_CTX_start (ctx);
+		BIGNUM * q = BN_CTX_get (ctx);
+		EC_GROUP_get_order (group, q, ctx);
+		// calculate alpha = seed mod q
+		BIGNUM * alpha = BN_CTX_get (ctx);
+		BN_bin2bn (seed, 64, alpha); // seed is in BigEndian
+		BN_mod (alpha, alpha, q, ctx); // % q
+		// A' = BLIND_PUBKEY(A, alpha) = A + DERIVE_PUBLIC(alpha)
+		auto p = EC_POINT_new (group);
+		EC_POINT_mul (group, p, alpha, nullptr, nullptr, ctx); // B*alpha
+		EC_POINT_add (group, p, pub, p, ctx); // pub + B*alpha
+		BN_CTX_end (ctx);
+		BN_CTX_free (ctx);
+		return p;
+	}
+
+	static void BlindPrivateKeyECDSA (const EC_GROUP * group, const BIGNUM * priv, const uint8_t * seed, BIGNUM * blindedPriv)
+	{
+		BN_CTX * ctx = BN_CTX_new ();
+		BN_CTX_start (ctx);
+		BIGNUM * q = BN_CTX_get (ctx);
+		EC_GROUP_get_order (group, q, ctx);
+		// calculate alpha = seed mod q
+		BIGNUM * alpha = BN_CTX_get (ctx);
+		BN_bin2bn (seed, 64, alpha); // seed is in BigEndian
+		BN_mod (alpha, alpha, q, ctx); // % q
+		BN_add (alpha, alpha, priv); // alpha = alpha + priv
+		// a' = BLIND_PRIVKEY(a, alpha) = (a + alpha) mod q
+		BN_mod (blindedPriv, alpha, q, ctx); // % q
+		BN_CTX_end (ctx);
+		BN_CTX_free (ctx);
+	}
+
+	static void BlindEncodedPublicKeyECDSA (size_t publicKeyLen, const EC_GROUP * group, const uint8_t * pub, const uint8_t * seed, uint8_t * blindedPub)
+	{
+		BIGNUM * x = BN_bin2bn (pub, publicKeyLen/2, NULL);
+		BIGNUM * y = BN_bin2bn (pub + publicKeyLen/2, publicKeyLen/2, NULL);
+		EC_POINT * p = EC_POINT_new (group);
+		EC_POINT_set_affine_coordinates_GFp (group, p, x, y, NULL);
+		EC_POINT * p1 = BlindPublicKeyECDSA (group, p, seed);
+		EC_POINT_free (p);
+		EC_POINT_get_affine_coordinates_GFp (group, p1, x, y, NULL);
+		EC_POINT_free (p1);
+		i2p::crypto::bn2buf (x, blindedPub, publicKeyLen/2);
+		i2p::crypto::bn2buf (y, blindedPub + publicKeyLen/2, publicKeyLen/2);
+		BN_free (x); BN_free (y);
+	}
+
+	static void BlindEncodedPrivateKeyECDSA (size_t publicKeyLen, const EC_GROUP * group, const uint8_t * priv, const uint8_t * seed, uint8_t * blindedPriv, uint8_t * blindedPub)
+	{
+		BIGNUM * a = BN_bin2bn (priv, publicKeyLen/2, NULL);
+		BIGNUM * a1 = BN_new ();
+		BlindPrivateKeyECDSA (group, a, seed, a1);
+		BN_free (a);
+		i2p::crypto::bn2buf (a1, blindedPriv, publicKeyLen/2);
+		auto p = EC_POINT_new (group);
+		BN_CTX * ctx = BN_CTX_new ();
+		EC_POINT_mul (group, p, a1, nullptr, nullptr, ctx); // B*a1
+		BN_CTX_free (ctx);
+		BN_free (a1);
+		BIGNUM * x = BN_new(), * y = BN_new();
+		EC_POINT_get_affine_coordinates_GFp (group, p, x, y, NULL);
+		EC_POINT_free (p);
+		i2p::crypto::bn2buf (x, blindedPub, publicKeyLen/2);
+		i2p::crypto::bn2buf (y, blindedPub + publicKeyLen/2, publicKeyLen/2);
+		BN_free (x); BN_free (y);
+	}
+
+	template<typename Fn, typename...Args>
+	static size_t BlindECDSA (i2p::data::SigningKeyType sigType, const uint8_t * key, const uint8_t * seed, Fn blind, Args&&...args)
+	// blind is BlindEncodedPublicKeyECDSA or BlindEncodedPrivateKeyECDSA
+	{
+		size_t publicKeyLength  = 0;
+		EC_GROUP * group = nullptr;
+		switch (sigType)
+		{
+			case i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA256_P256:
+			{
+				publicKeyLength = i2p::crypto::ECDSAP256_KEY_LENGTH;
+				group = EC_GROUP_new_by_curve_name (NID_X9_62_prime256v1);
+				break;
+			}
+			case i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA384_P384:
+			{
+				publicKeyLength = i2p::crypto::ECDSAP384_KEY_LENGTH;
+				group = EC_GROUP_new_by_curve_name (NID_secp384r1);
+				break;
+			}
+			case i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA512_P521:
+			{
+				publicKeyLength = i2p::crypto::ECDSAP521_KEY_LENGTH;
+				group = EC_GROUP_new_by_curve_name (NID_secp521r1);
+				break;
+			}
+			default:
+				LogPrint (eLogError, "Blinding: signature type ", (int)sigType, " is not ECDSA");
+		}
+		if (group)
+		{
+			blind (publicKeyLength, group, key, seed, std::forward<Args>(args)...);
+			EC_GROUP_free (group);
+		}
+		return publicKeyLength;
+	}
+
+//----------------------------------------------------------
+
+	const uint8_t B33_TWO_BYTES_SIGTYPE_FLAG = 0x01;
+	const uint8_t B33_PER_SECRET_FLAG = 0x02; // not used for now
+	const uint8_t B33_PER_CLIENT_AUTH_FLAG = 0x04;
+
+	BlindedPublicKey::BlindedPublicKey (std::shared_ptr<const IdentityEx> identity, bool clientAuth):
+		m_IsClientAuth (clientAuth)
+	{
+		if (!identity) return;
+		auto len = identity->GetSigningPublicKeyLen ();
+		m_PublicKey.resize (len);
+		memcpy (m_PublicKey.data (), identity->GetSigningPublicKeyBuffer (), len);
+		m_SigType = identity->GetSigningKeyType ();
+		m_BlindedSigType = m_SigType;
+	}
+
+	BlindedPublicKey::BlindedPublicKey (const std::string& b33):
+		m_SigType (0) // 0 means invalid, we can't blind DSA, set it later
+	{
+		uint8_t addr[40]; // TODO: define length from b33
+		size_t l = i2p::data::Base32ToByteStream (b33.c_str (), b33.length (), addr, 40);
+		if (l < 32)
+		{
+			LogPrint (eLogError, "Blinding: malformed b33 ", b33);
+			return;
+		}
+		uint32_t checksum = crc32 (0, addr + 3, l - 3);
+		// checksum is Little Endian
+		addr[0] ^= checksum; addr[1] ^= (checksum >> 8); addr[2] ^= (checksum >> 16);
+		uint8_t flags = addr[0];
+		size_t offset = 1;
+		if (flags & B33_TWO_BYTES_SIGTYPE_FLAG) // two bytes signatures
+		{
+			m_SigType = bufbe16toh (addr + offset); offset += 2;
+			m_BlindedSigType = bufbe16toh (addr + offset); offset += 2;
+		}
+		else // one byte sig
+		{
+			m_SigType = addr[offset]; offset++;
+			m_BlindedSigType = addr[offset]; offset++;
+		}
+		m_IsClientAuth = flags & B33_PER_CLIENT_AUTH_FLAG;
+
+		std::unique_ptr<i2p::crypto::Verifier> blindedVerifier (i2p::data::IdentityEx::CreateVerifier (m_SigType));
+		if (blindedVerifier)
+		{
+			auto len = blindedVerifier->GetPublicKeyLen ();
+			if (offset + len <= l)
+			{
+				m_PublicKey.resize (len);
+				memcpy (m_PublicKey.data (), addr + offset, len);
+			}
+			else
+				LogPrint (eLogError, "Blinding: public key in b33 address is too short for signature type ", (int)m_SigType);
+		}
+		else
+			LogPrint (eLogError, "Blinding: unknown signature type ", (int)m_SigType, " in b33");
+	}
+
+	std::string BlindedPublicKey::ToB33 () const
+	{
+		if (m_PublicKey.size () > 32) return ""; // assume 25519
+		uint8_t addr[35]; char str[60]; // TODO: define actual length
+		uint8_t flags = 0;
+		if (m_IsClientAuth) flags |= B33_PER_CLIENT_AUTH_FLAG;
+		addr[0] = flags; // flags
+		addr[1] = m_SigType; // sig type
+		addr[2] = m_BlindedSigType; // blinded sig type
+		memcpy (addr + 3, m_PublicKey.data (), m_PublicKey.size ());
+		uint32_t checksum = crc32 (0, addr + 3, m_PublicKey.size ());
+		// checksum is Little Endian
+		addr[0] ^= checksum; addr[1] ^= (checksum >> 8); addr[2] ^= (checksum >> 16);
+		auto l = ByteStreamToBase32 (addr, m_PublicKey.size () + 3, str, 60);
+		return std::string (str, str + l);
+	}
+
+	void BlindedPublicKey::GetCredential (uint8_t * credential) const
+	{
+		// A = destination's signing public key
+		// stA = signature type of A, 2 bytes big endian
+		uint16_t stA = htobe16 (GetSigType ());
+		// stA1 = signature type of blinded A, 2 bytes big endian
+		uint16_t stA1 = htobe16 (GetBlindedSigType ());
+		// credential = H("credential", A || stA || stA1)
+		H ("credential", { {GetPublicKey (), GetPublicKeyLen ()}, {(const uint8_t *)&stA, 2}, {(const uint8_t *)&stA1, 2} }, credential);
+	}
+
+	void BlindedPublicKey::GetSubcredential (const uint8_t * blinded, size_t len, uint8_t * subcredential) const
+	{
+		uint8_t credential[32];
+		GetCredential (credential);
+		// subcredential = H("subcredential", credential || blindedPublicKey)
+		H ("subcredential", { {credential, 32}, {blinded, len} }, subcredential);
+	}
+
+	void BlindedPublicKey::GenerateAlpha (const char * date, uint8_t * seed) const
+	{
+		uint16_t stA = htobe16 (GetSigType ()), stA1 = htobe16 (GetBlindedSigType ());
+		uint8_t salt[32];
+		//seed = HKDF(H("I2PGenerateAlpha", keydata), datestring || secret, "i2pblinding1", 64)
+		H ("I2PGenerateAlpha", { {GetPublicKey (), GetPublicKeyLen ()}, {(const uint8_t *)&stA, 2}, {(const uint8_t *)&stA1, 2} }, salt);
+		i2p::crypto::HKDF (salt, (const uint8_t *)date, 8, "i2pblinding1", seed);
+	}
+
+	size_t BlindedPublicKey::GetBlindedKey (const char * date, uint8_t * blindedKey) const
+	{
+		uint8_t seed[64];
+		GenerateAlpha (date, seed);
+
+		size_t publicKeyLength = 0;
+		switch (m_SigType)
+		{
+			case i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA256_P256:
+			case i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA384_P384:
+			case i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA512_P521:
+				publicKeyLength = BlindECDSA (m_SigType, GetPublicKey (), seed, BlindEncodedPublicKeyECDSA, blindedKey);
+			break;
+			case i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519:
+			case i2p::data::SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519:
+				i2p::crypto::GetEd25519 ()->BlindPublicKey (GetPublicKey (), seed, blindedKey);
+				publicKeyLength = i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH;
+			break;
+			default:
+				LogPrint (eLogError, "Blinding: can't blind signature type ", (int)m_SigType);
+		}
+		return publicKeyLength;
+	}
+
+	size_t BlindedPublicKey::BlindPrivateKey (const uint8_t * priv, const char * date, uint8_t * blindedPriv, uint8_t * blindedPub) const
+	{
+		uint8_t seed[64];
+		GenerateAlpha (date, seed);
+		size_t publicKeyLength = 0;
+		switch (m_SigType)
+		{
+			case i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA256_P256:
+			case i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA384_P384:
+			case i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA512_P521:
+				publicKeyLength = BlindECDSA (m_SigType, priv, seed, BlindEncodedPrivateKeyECDSA, blindedPriv, blindedPub);
+			break;
+			case i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519:
+				i2p::crypto::GetEd25519 ()->BlindPrivateKey (priv, seed, blindedPriv, blindedPub);
+				publicKeyLength = i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH;
+			break;
+			default:
+				LogPrint (eLogError, "Blinding: can't blind signature type ", (int)m_SigType);
+		}
+		return publicKeyLength;
+	}
+
+	void BlindedPublicKey::H (const std::string& p, const std::vector<std::pair<const uint8_t *, size_t> >& bufs, uint8_t * hash) const
+	{
+		SHA256_CTX ctx;
+		SHA256_Init (&ctx);
+		SHA256_Update (&ctx, p.c_str (), p.length ());
+		for (const auto& it: bufs)
+			SHA256_Update (&ctx, it.first, it.second);
+		SHA256_Final (hash, &ctx);
+	}
+
+	i2p::data::IdentHash BlindedPublicKey::GetStoreHash (const char * date) const
+	{
+		i2p::data::IdentHash hash;
+		uint8_t blinded[128];
+		size_t publicKeyLength = 0;
+		if (date)
+			publicKeyLength = GetBlindedKey (date, blinded);
+		else
+		{
+			char currentDate[9];
+			i2p::util::GetCurrentDate (currentDate);
+			publicKeyLength = GetBlindedKey (currentDate, blinded);
+		}
+		if (publicKeyLength)
+		{
+			auto stA1 = htobe16 (m_BlindedSigType);
+			SHA256_CTX ctx;
+			SHA256_Init (&ctx);
+			SHA256_Update (&ctx, (const uint8_t *)&stA1, 2);
+			SHA256_Update (&ctx, blinded, publicKeyLength);
+			SHA256_Final ((uint8_t *)hash, &ctx);
+		}
+		else
+			LogPrint (eLogError, "Blinding: blinded key type ", (int)m_BlindedSigType, " is not supported");
+		return hash;
+	}
+
+}
+}

libi2pd/Blinding.h

@@ -0,0 +1,55 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
+#ifndef BLINDING_H__
+#define BLINDING_H__
+
+#include <inttypes.h>
+#include <string>
+#include <vector>
+#include "Identity.h"
+
+namespace i2p
+{
+namespace data
+{
+	class BlindedPublicKey // for encrypted LS2
+	{
+		public:
+
+			BlindedPublicKey (std::shared_ptr<const IdentityEx> identity, bool clientAuth = false);
+			BlindedPublicKey (const std::string& b33); // from b33 without .b32.i2p
+			std::string ToB33 () const;
+
+			const uint8_t * GetPublicKey () const { return m_PublicKey.data (); };
+			size_t GetPublicKeyLen () const { return m_PublicKey.size (); };
+			SigningKeyType GetSigType () const  { return m_SigType; };
+			SigningKeyType GetBlindedSigType () const  { return m_BlindedSigType; };
+			bool IsValid () const { return GetSigType (); }; // signature type 0 means invalid
+
+			void GetSubcredential (const uint8_t * blinded, size_t len, uint8_t * subcredential) const; // 32 bytes
+			size_t GetBlindedKey (const char * date, uint8_t * blindedKey) const; // date is 8 chars "YYYYMMDD", return public key length
+			size_t BlindPrivateKey (const uint8_t * priv, const char * date, uint8_t * blindedPriv, uint8_t * blindedPub) const; // date is 8 chars "YYYYMMDD", return public key length
+			i2p::data::IdentHash GetStoreHash (const char * date = nullptr) const; // date is 8 chars "YYYYMMDD", use current if null
+
+		private:
+
+			void GetCredential (uint8_t * credential) const; // 32 bytes
+			void GenerateAlpha (const char * date, uint8_t * seed) const; // 64 bytes, date is 8 chars "YYYYMMDD"
+			void H (const std::string& p, const std::vector<std::pair<const uint8_t *, size_t> >& bufs, uint8_t * hash) const;
+
+		private:
+
+			std::vector<uint8_t> m_PublicKey;
+			i2p::data::SigningKeyType m_SigType, m_BlindedSigType;
+			bool m_IsClientAuth = false;
+	};
+}
+}
+
+#endif

libi2pd/BloomFilter.cpp

@@ -1,3 +1,11 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #include "BloomFilter.h"
 #include "I2PEndian.h"
 #include <array>

libi2pd/BloomFilter.h

@@ -1,3 +1,11 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #ifndef BLOOM_FILTER_H_
 #define BLOOM_FILTER_H_
 #include <memory>

libi2pd/CPU.cpp

@@ -1,3 +1,11 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #include "CPU.h"
 #if defined(__x86_64__) || defined(__i386__)
 #include <cpuid.h>

libi2pd/CPU.h

@@ -1,3 +1,11 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #ifndef LIBI2PD_CPU_H
 #define LIBI2PD_CPU_H
 
@@ -5,10 +13,10 @@ namespace i2p
 {
 namespace cpu
 {
-  extern bool aesni;
-  extern bool avx;
+	extern bool aesni;
+	extern bool avx;
 
-  void Detect();
+	void Detect();
 }
 }
 

libi2pd/ChaCha20.cpp

@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2013-2018, The PurpleI2P Project
+* Copyright (c) 2013-2020, The PurpleI2P Project
 *
 * This file is part of Purple i2pd project and licensed under BSD3
 *
@@ -12,73 +12,72 @@
 #include "I2PEndian.h"
 #include "ChaCha20.h"
 
-#if !OPENSSL_AEAD_CHACHA20_POLY1305 
+#if !OPENSSL_AEAD_CHACHA20_POLY1305
 namespace i2p
 {
 namespace crypto
 {
 namespace chacha
 {
-void u32t8le(uint32_t v, uint8_t * p) 
+void u32t8le(uint32_t v, uint8_t * p)
 {
-    p[0] = v & 0xff;
-    p[1] = (v >> 8) & 0xff;
-    p[2] = (v >> 16) & 0xff;
-    p[3] = (v >> 24) & 0xff;
+	p[0] = v & 0xff;
+	p[1] = (v >> 8) & 0xff;
+	p[2] = (v >> 16) & 0xff;
+	p[3] = (v >> 24) & 0xff;
 }
 
-uint32_t u8t32le(const uint8_t * p) 
+uint32_t u8t32le(const uint8_t * p)
 {
-    uint32_t value = p[3];
+	uint32_t value = p[3];
 
-    value = (value << 8) | p[2];
-    value = (value << 8) | p[1];
-    value = (value << 8) | p[0];
+	value = (value << 8) | p[2];
+	value = (value << 8) | p[1];
+	value = (value << 8) | p[0];
 
-    return value;
+	return value;
 }
 
-uint32_t rotl32(uint32_t x, int n) 
+uint32_t rotl32(uint32_t x, int n)
 {
-    return x << n | (x >> (-n & 31));
+	return x << n | (x >> (-n & 31));
 }
 
-void quarterround(uint32_t *x, int a, int b, int c, int d) 
+void quarterround(uint32_t *x, int a, int b, int c, int d)
 {
-    x[a] += x[b]; x[d] = rotl32(x[d] ^ x[a], 16);
-    x[c] += x[d]; x[b] = rotl32(x[b] ^ x[c], 12);
-    x[a] += x[b]; x[d] = rotl32(x[d] ^ x[a],  8);
-    x[c] += x[d]; x[b] = rotl32(x[b] ^ x[c],  7);
+	x[a] += x[b]; x[d] = rotl32(x[d] ^ x[a], 16);
+	x[c] += x[d]; x[b] = rotl32(x[b] ^ x[c], 12);
+	x[a] += x[b]; x[d] = rotl32(x[d] ^ x[a],  8);
+	x[c] += x[d]; x[b] = rotl32(x[b] ^ x[c],  7);
 }
 
 
 void Chacha20Block::operator << (const Chacha20State & st)
 {
 	int i;
-	for (i = 0; i < 16; i++) 
+	for (i = 0; i < 16; i++)
 		u32t8le(st.data[i], data + (i << 2));
 }
 
 void block (Chacha20State &input, int rounds)
 {
-    int i;
-    Chacha20State x;
-    x.Copy(input);
-
-    for (i = rounds; i > 0; i -= 2) 
-    {
-        quarterround(x.data, 0, 4,  8, 12);
-        quarterround(x.data, 1, 5,  9, 13);
-        quarterround(x.data, 2, 6, 10, 14);
-        quarterround(x.data, 3, 7, 11, 15);
-        quarterround(x.data, 0, 5, 10, 15);
-        quarterround(x.data, 1, 6, 11, 12);
-        quarterround(x.data, 2, 7,  8, 13);
-        quarterround(x.data, 3, 4,  9, 14);
-    }
-    x += input;
-    input.block << x;
+	int i;
+	Chacha20State x;
+	x.Copy(input);
 
+	for (i = rounds; i > 0; i -= 2)
+	{
+		quarterround(x.data, 0, 4,  8, 12);
+		quarterround(x.data, 1, 5,  9, 13);
+		quarterround(x.data, 2, 6, 10, 14);
+		quarterround(x.data, 3, 7, 11, 15);
+		quarterround(x.data, 0, 5, 10, 15);
+		quarterround(x.data, 1, 6, 11, 12);
+		quarterround(x.data, 2, 7,  8, 13);
+		quarterround(x.data, 3, 4,  9, 14);
+	}
+	x += input;
+	input.block << x;
 }
 
 void Chacha20Init (Chacha20State& state, const uint8_t * nonce, const uint8_t * key, uint32_t counter)
@@ -87,52 +86,52 @@ void Chacha20Init (Chacha20State& state, const uint8_t * nonce, const uint8_t *
 	state.data[1] = 0x3320646e;
 	state.data[2] = 0x79622d32;
 	state.data[3] = 0x6b206574;
-	for (size_t i = 0; i < 8; i++) 
-	    state.data[4 + i] = chacha::u8t32le(key + i * 4);
-	
+	for (size_t i = 0; i < 8; i++)
+		state.data[4 + i] = chacha::u8t32le(key + i * 4);
+
 	state.data[12] = htole32 (counter);
-	for (size_t i = 0; i < 3; i++) 
-	    state.data[13 + i] = chacha::u8t32le(nonce + i * 4);
+	for (size_t i = 0; i < 3; i++)
+		state.data[13 + i] = chacha::u8t32le(nonce + i * 4);
 }
 
 void Chacha20SetCounter (Chacha20State& state, uint32_t counter)
 {
 	state.data[12] = htole32 (counter);
 	state.offset = 0;
-}	
+}
 
 void Chacha20Encrypt (Chacha20State& state, uint8_t * buf, size_t sz)
-{	
+{
 	if (state.offset > 0)
 	{
-		// previous block if any	
-		auto s = chacha::blocksize - state.offset;		
+		// previous block if any
+		auto s = chacha::blocksize - state.offset;
 		if (sz < s) s = sz;
 		for (size_t i = 0; i < s; i++)
 			buf[i] ^= state.block.data[state.offset + i];
 		buf += s;
 		sz -= s;
 		state.offset += s;
-		if (state.offset >= chacha::blocksize) state.offset = 0;	
+		if (state.offset >= chacha::blocksize) state.offset = 0;
 	}
-	for (size_t i = 0; i < sz; i += chacha::blocksize) 
+	for (size_t i = 0; i < sz; i += chacha::blocksize)
 	{
-	    chacha::block(state, chacha::rounds);
-	    state.data[12]++;
-	    for (size_t j = i; j < i + chacha::blocksize; j++) 
-	    {
-	        if (j >= sz) 
+		chacha::block(state, chacha::rounds);
+		state.data[12]++;
+		for (size_t j = i; j < i + chacha::blocksize; j++)
+		{
+			if (j >= sz)
 			{
 				state.offset = j & 0x3F; // % 64
 				break;
 			}
-	        buf[j] ^= state.block.data[j - i];
-	    }
+			buf[j] ^= state.block.data[j - i];
+		}
 	}
 }
+
 } // namespace chacha
+} // namespace crypto
+} // namespace i2p
 
-}
-}
 #endif
-

libi2pd/ChaCha20.h

@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2013-2018, The PurpleI2P Project
+* Copyright (c) 2013-2020, The PurpleI2P Project
 *
 * This file is part of Purple i2pd project and licensed under BSD3
 *
@@ -21,23 +21,23 @@ namespace i2p
 {
 namespace crypto
 {
- 	const std::size_t CHACHA20_KEY_BYTES = 32;
-  	const std::size_t CHACHA20_NOUNCE_BYTES = 12;
-	
+	const std::size_t CHACHA20_KEY_BYTES = 32;
+	const std::size_t CHACHA20_NOUNCE_BYTES = 12;
+
 namespace chacha
 {
-	constexpr std::size_t blocksize = 64;	
+	constexpr std::size_t blocksize = 64;
 	constexpr int rounds = 20;
 
 	struct Chacha20State;
 	struct Chacha20Block
 	{
-	  Chacha20Block () {};
-	  Chacha20Block (Chacha20Block &&) = delete;
+		Chacha20Block () {};
+		Chacha20Block (Chacha20Block &&) = delete;
 
-	  uint8_t data[blocksize];
+		uint8_t data[blocksize];
 
-	  void operator << (const Chacha20State & st);
+		void operator << (const Chacha20State & st);
 	};
 
 	struct Chacha20State
@@ -54,19 +54,19 @@ namespace chacha
 
 		void Copy(const Chacha20State & other)
 		{
-		   memcpy(data, other.data, sizeof(uint32_t) * 16);
+			memcpy(data, other.data, sizeof(uint32_t) * 16);
 		}
 		uint32_t data[16];
 		Chacha20Block block;
-		size_t offset; 
+		size_t offset;
 	};
 
 	void Chacha20Init (Chacha20State& state, const uint8_t * nonce, const uint8_t * key, uint32_t counter);
 	void Chacha20SetCounter (Chacha20State& state, uint32_t counter);
-	void Chacha20Encrypt (Chacha20State& state, uint8_t * buf, size_t sz); // encrypt buf in place	
-}
-} 
-}
-#endif
+	void Chacha20Encrypt (Chacha20State& state, uint8_t * buf, size_t sz); // encrypt buf in place
+} // namespace chacha
+} // namespace crypto
+} // namespace i2p
 
 #endif
+#endif

libi2pd/Config.cpp

@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2013-2017, The PurpleI2P Project
+* Copyright (c) 2013-2020, The PurpleI2P Project
 *
 * This file is part of Purple i2pd project and licensed under BSD3
 *
@@ -35,11 +35,11 @@ namespace config {
 			("version",                                                       "Show i2pd version")
 			("conf", value<std::string>()->default_value(""),                 "Path to main i2pd config file (default: try ~/.i2pd/i2pd.conf or /var/lib/i2pd/i2pd.conf)")
 			("tunconf", value<std::string>()->default_value(""),              "Path to config with tunnels list and options (default: try ~/.i2pd/tunnels.conf or /var/lib/i2pd/tunnels.conf)")
-			("tunnelsdir", value<std::string>()->default_value(""),   "Path to extra tunnels' configs folder (default: ~/.i2pd/tunnels.d or /var/lib/i2pd/tunnels.d")
+			("tunnelsdir", value<std::string>()->default_value(""),           "Path to extra tunnels' configs folder (default: ~/.i2pd/tunnels.d or /var/lib/i2pd/tunnels.d")
 			("pidfile", value<std::string>()->default_value(""),              "Path to pidfile (default: ~/i2pd/i2pd.pid or /var/lib/i2pd/i2pd.pid)")
 			("log", value<std::string>()->default_value(""),                  "Logs destination: stdout, file, syslog (stdout if not set)")
 			("logfile", value<std::string>()->default_value(""),              "Path to logfile (stdout if not set, autodetect if daemon)")
-			("loglevel", value<std::string>()->default_value("info"),         "Set the minimal level of log messages (debug, info, warn, error, none)")
+			("loglevel", value<std::string>()->default_value("warn"),         "Set the minimal level of log messages (debug, info, warn, error, none)")
 			("logclftime", bool_switch()->default_value(false),               "Write full CLF-formatted date and time to log (default: disabled, write only time)")
 			("family", value<std::string>()->default_value(""),               "Specify a family, router belongs to")
 			("datadir", value<std::string>()->default_value(""),              "Path to storage of i2pd data (RI, keys, peer profiles, ...)")
@@ -51,6 +51,7 @@ namespace config {
 			("port", value<uint16_t>()->default_value(0),                     "Port to listen for incoming connections (default: auto)")
 			("ipv4", value<bool>()->default_value(true),                      "Enable communication through ipv4 (default: enabled)")
 			("ipv6", bool_switch()->default_value(false),                     "Enable communication through ipv6 (default: disabled)")
+			("reservedrange", value<bool>()->default_value(true),             "Check remote RI for being in blacklist of reserved IP ranges (default: enabled)")
 			("netid", value<int>()->default_value(I2PD_NET_ID),               "Specify NetID. Main I2P is 2")
 			("daemon", bool_switch()->default_value(false),                   "Router will go to background after start (default: disabled)")
 			("service", bool_switch()->default_value(false),                  "Router will use system folders like '/var/lib/i2pd' (default: disabled)")
@@ -58,9 +59,9 @@ namespace config {
 			("floodfill", bool_switch()->default_value(false),                "Router will be floodfill (default: disabled)")
 			("bandwidth", value<std::string>()->default_value(""),            "Bandwidth limit: integer in KBps or letters: L (32), O (256), P (2048), X (>9000)")
 			("share", value<int>()->default_value(100),                       "Limit of transit traffic from max bandwidth in percents. (default: 100)")
-			("ntcp", value<bool>()->default_value(true),                      "Enable NTCP transport (default: enabled)")
+			("ntcp", value<bool>()->default_value(false),                     "Ignored. Always false")
 			("ssu", value<bool>()->default_value(true),                       "Enable SSU transport (default: enabled)")
-			("ntcpproxy", value<std::string>()->default_value(""),            "Proxy URL for NTCP transport")
+			("ntcpproxy", value<std::string>()->default_value(""),            "Ignored")
 #ifdef _WIN32
 			("svcctl", value<std::string>()->default_value(""),               "Windows service management ('install' or 'remove')")
 			("insomnia", bool_switch()->default_value(false),                 "Prevent system from sleeping (default: disabled)")
@@ -88,7 +89,7 @@ namespace config {
 			("http.pass", value<std::string>()->default_value(""),              "Password for basic auth (default: random, see logs)")
 			("http.strictheaders", value<bool>()->default_value(true),          "Enable strict host checking on WebUI")
 			("http.hostname", value<std::string>()->default_value("localhost"), "Expected hostname for WebUI")
-			("http.webroot", value<std::string>()->default_value("/"),            "WebUI root path (default: / )")
+			("http.webroot", value<std::string>()->default_value("/"),          "WebUI root path (default: / )")
 		;
 
 		options_description httpproxy("HTTP Proxy options");
@@ -96,8 +97,9 @@ namespace config {
 			("httpproxy.enabled", value<bool>()->default_value(true),                 "Enable or disable HTTP Proxy")
 			("httpproxy.address", value<std::string>()->default_value("127.0.0.1"),   "HTTP Proxy listen address")
 			("httpproxy.port", value<uint16_t>()->default_value(4444),                "HTTP Proxy listen port")
-			("httpproxy.keys", value<std::string>()->default_value(""),               "File to persist HTTP Proxy keys")
-			("httpproxy.signaturetype", value<i2p::data::SigningKeyType>()->default_value(i2p::data::SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519), "Signature type for new keys. 7 (EdDSA) by default")
+			("httpproxy.keys", value<std::string>()->default_value("transient-proxy"), "File to persist HTTP Proxy keys. Transient by default")
+			("httpproxy.signaturetype", value<i2p::data::SigningKeyType>()->
+				default_value(i2p::data::SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519),      "Signature type for new keys. 7 (EdDSA) by default")
 			("httpproxy.inbound.length", value<std::string>()->default_value("3"),    "HTTP proxy inbound tunnel length")
 			("httpproxy.outbound.length", value<std::string>()->default_value("3"),   "HTTP proxy outbound tunnel length")
 			("httpproxy.inbound.quantity", value<std::string>()->default_value("5"),  "HTTP proxy inbound tunnels quantity")
@@ -106,6 +108,8 @@ namespace config {
 			("httpproxy.latency.max", value<std::string>()->default_value("0"),       "HTTP proxy max latency for tunnels")
 			("httpproxy.outproxy", value<std::string>()->default_value(""),           "HTTP proxy upstream out proxy url")
 			("httpproxy.addresshelper", value<bool>()->default_value(true),           "Enable or disable addresshelper")
+			("httpproxy.i2cp.leaseSetType", value<std::string>()->default_value("3"), "Local destination's LeaseSet type")
+			("httpproxy.i2cp.leaseSetEncType", value<std::string>()->default_value("0,4"), "Local destination's LeaseSet encryption type")
 		;
 
 		options_description socksproxy("SOCKS Proxy options");
@@ -113,8 +117,9 @@ namespace config {
 			("socksproxy.enabled", value<bool>()->default_value(true),                 "Enable or disable SOCKS Proxy")
 			("socksproxy.address", value<std::string>()->default_value("127.0.0.1"),   "SOCKS Proxy listen address")
 			("socksproxy.port", value<uint16_t>()->default_value(4447),                "SOCKS Proxy listen port")
-			("socksproxy.keys", value<std::string>()->default_value(""),               "File to persist SOCKS Proxy keys")
-			("socksproxy.signaturetype", value<i2p::data::SigningKeyType>()->default_value(i2p::data::SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519), "Signature type for new keys. 7 (EdDSA) by default")
+			("socksproxy.keys", value<std::string>()->default_value("transient-proxy"), "File to persist SOCKS Proxy keys. Transient by default")
+			("socksproxy.signaturetype", value<i2p::data::SigningKeyType>()->
+				default_value(i2p::data::SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519),       "Signature type for new keys. 7 (EdDSA) by default")
 			("socksproxy.inbound.length", value<std::string>()->default_value("3"),    "SOCKS proxy inbound tunnel length")
 			("socksproxy.outbound.length", value<std::string>()->default_value("3"),   "SOCKS proxy outbound tunnel length")
 			("socksproxy.inbound.quantity", value<std::string>()->default_value("5"),  "SOCKS proxy inbound tunnels quantity")
@@ -124,6 +129,8 @@ namespace config {
 			("socksproxy.outproxy.enabled", value<bool>()->default_value(false),       "Enable or disable SOCKS outproxy")
 			("socksproxy.outproxy", value<std::string>()->default_value("127.0.0.1"),  "Upstream outproxy address for SOCKS Proxy")
 			("socksproxy.outproxyport", value<uint16_t>()->default_value(9050),        "Upstream outproxy port for SOCKS Proxy")
+			("socksproxy.i2cp.leaseSetType", value<std::string>()->default_value("3"), "Local destination's LeaseSet type")
+			("socksproxy.i2cp.leaseSetEncType", value<std::string>()->default_value("0,4"), "Local destination's LeaseSet encryption type")
 		;
 
 		options_description sam("SAM bridge options");
@@ -131,6 +138,7 @@ namespace config {
 			("sam.enabled", value<bool>()->default_value(true),               "Enable or disable SAM Application bridge")
 			("sam.address", value<std::string>()->default_value("127.0.0.1"), "SAM listen address")
 			("sam.port", value<uint16_t>()->default_value(7656),              "SAM listen port")
+			("sam.singlethread", value<bool>()->default_value(true),          "Sessions run in the SAM bridge's thread")
 		;
 
 		options_description bob("BOB options");
@@ -145,6 +153,7 @@ namespace config {
 			("i2cp.enabled", value<bool>()->default_value(false),              "Enable or disable I2CP")
 			("i2cp.address", value<std::string>()->default_value("127.0.0.1"), "I2CP listen address")
 			("i2cp.port", value<uint16_t>()->default_value(7654),              "I2CP listen port")
+			("i2cp.singlethread", value<bool>()->default_value(true),          "Destinations run in the I2CP server's thread")
 		;
 
 		options_description i2pcontrol("I2PControl options");
@@ -188,19 +197,14 @@ namespace config {
 			("reseed.proxy", value<std::string>()->default_value(""),     "url for reseed proxy, supports http/socks")
 			("reseed.urls", value<std::string>()->default_value(
 				"https://reseed.i2p-projekt.de/,"
-				"https://i2p.mooo.com/netDb/,"
-				"https://netdb.i2p2.no/,"
-				// "https://us.reseed.i2p2.no:444/," // mamoth's shit
-				// "https://uk.reseed.i2p2.no:444/," // mamoth's shit
-				"https://reseed.i2p.net.in/,"
-				"https://download.xxlspeed.com/,"
+			    "https://reseed.diva.exchange/,"
+				"https://reseed.i2p2.no/,"
 				"https://reseed-fr.i2pd.xyz/,"
-				"https://reseed.atomike.ninja/,"
 				"https://reseed.memcpy.io/,"
 				"https://reseed.onion.im/,"
-				"https://itoopie.atomike.ninja/,"
 				"https://i2pseed.creativecowpat.net:8443/,"
-                "https://i2p.novg.net/"
+			    "https://reseed.i2pgit.org/,"                                                				
+				"https://i2p.novg.net/"
 			),                                                            "Reseed URLs, separated by comma")
 		;
 
@@ -219,11 +223,12 @@ namespace config {
 			("trust.hidden", value<bool>()->default_value(false),      "Should we hide our router from other routers?")
 		;
 
+		// Save deprecated websocket options for compatibility
 		options_description websocket("Websocket Options");
 		websocket.add_options()
-			("websockets.enabled", value<bool>()->default_value(false),              "Enable websocket server")
-			("websockets.address", value<std::string>()->default_value("127.0.0.1"), "Address to bind websocket server on")
-			("websockets.port", value<uint16_t>()->default_value(7666),              "Port to bind websocket server on")
+			("websockets.enabled", value<bool>()->default_value(false),     "Deprecated option")
+			("websockets.address", value<std::string>()->default_value(""), "Deprecated option")
+			("websockets.port", value<uint16_t>()->default_value(0),        "Deprecated option")
 		;
 
 		options_description exploratory("Exploratory Options");
@@ -236,28 +241,29 @@ namespace config {
 
 		options_description ntcp2("NTCP2 Options");
 		ntcp2.add_options()
-			("ntcp2.enabled", value<bool>()->default_value(true), "Enable NTCP2 (default: enabled)")
-			("ntcp2.published", value<bool>()->default_value(false), "Publish NTCP2 (default: disabled)")
-			("ntcp2.port", value<uint16_t>()->default_value(0), "Port to listen for incoming NTCP2 connections (default: auto)")
+			("ntcp2.enabled", value<bool>()->default_value(true),          "Enable NTCP2 (default: enabled)")
+			("ntcp2.published", value<bool>()->default_value(true),        "Publish NTCP2 (default: enabled)")
+			("ntcp2.port", value<uint16_t>()->default_value(0),            "Port to listen for incoming NTCP2 connections (default: auto)")
 			("ntcp2.addressv6", value<std::string>()->default_value("::"), "Address to bind NTCP2 on")
+			("ntcp2.proxy", value<std::string>()->default_value(""),       "Proxy URL for NTCP2 transport")
 		;
 
 		options_description nettime("Time sync options");
 		nettime.add_options()
-			("nettime.enabled", value<bool>()->default_value(false), "Disable time sync (default: disabled)")
+			("nettime.enabled", value<bool>()->default_value(false),       "Disable time sync (default: disabled)")
 			("nettime.ntpservers", value<std::string>()->default_value(
 				"0.pool.ntp.org,"
 				"1.pool.ntp.org,"
 				"2.pool.ntp.org,"
 				"3.pool.ntp.org"
-			),  "Comma separated list of NTCP servers")
-			("nettime.ntpsyncinterval", value<int>()->default_value(72),  "NTP sync interval in hours (default: 72)")
+			),                                                             "Comma separated list of NTCP servers")
+			("nettime.ntpsyncinterval", value<int>()->default_value(72),   "NTP sync interval in hours (default: 72)")
 		;
 
 		options_description persist("Network information persisting options");
 		persist.add_options()
-			("persist.profiles", value<bool>()->default_value(true), "Persist peer profiles (default: true)")
-			("persist.addressbook", value<bool>()->default_value(true), "Persist full addresses (default: true)")
+			("persist.profiles", value<bool>()->default_value(true),       "Persist peer profiles (default: true)")
+			("persist.addressbook", value<bool>()->default_value(true),    "Persist full addresses (default: true)")
 		;
 
 		m_OptionsDesc
@@ -275,7 +281,7 @@ namespace config {
 			.add(reseed)
 			.add(addressbook)
 			.add(trust)
-			.add(websocket)
+			.add(websocket) // deprecated
 			.add(exploratory)
 			.add(ntcp2)
 			.add(nettime)
@@ -306,16 +312,16 @@ namespace config {
 			std::cout << "i2pd version " << I2PD_VERSION << " (" << I2P_VERSION << ")" << std::endl;
 			std::cout << m_OptionsDesc;
 			exit(EXIT_SUCCESS);
-		} 
+		}
 		else if (m_Options.count("version"))
 		{
 			std::cout << "i2pd version " << I2PD_VERSION << " (" << I2P_VERSION << ")" << std::endl;
-			std::cout << "Boost version "     
+			std::cout << "Boost version "
 					  << BOOST_VERSION / 100000     << "."  // maj. version
 					  << BOOST_VERSION / 100 % 1000 << "."  // min. version
 					  << BOOST_VERSION % 100                // patch version
 					  << std::endl;
-#if defined(OPENSSL_VERSION_TEXT) 
+#if defined(OPENSSL_VERSION_TEXT)
 			std::cout << OPENSSL_VERSION_TEXT << std::endl;
 #endif
 #if defined(LIBRESSL_VERSION_TEXT)

libi2pd/Config.h

@@ -1,3 +1,11 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #ifndef CONFIG_H
 #define CONFIG_H
 
@@ -18,98 +26,101 @@
 
 namespace i2p {
 namespace config {
-  extern boost::program_options::variables_map m_Options;
+	extern boost::program_options::variables_map m_Options;
 
-  /**
-   * @brief  Initialize list of acceptable parameters
-   *
-   * Should be called before any Parse* functions.
-   */
-  void Init();
+	/**
+	 * @brief  Initialize list of acceptable parameters
+	 *
+	 * Should be called before any Parse* functions.
+	 */
+	void Init();
 
-  /**
-   * @brief  Parse cmdline parameters, and show help if requested
-   * @param  argc  Cmdline arguments count, should be passed from main().
-   * @param  argv  Cmdline parameters array, should be passed from main()
-   *
-   * If --help is given in parameters, shows its list with description
-   * and terminates the program with exitcode 0.
-   *
-   * In case of parameter misuse boost throws an exception.
-   * We internally handle type boost::program_options::unknown_option,
-   * and then terminate the program with exitcode 1.
-   *
-   * Other exceptions will be passed to higher level.
-   */
-  void ParseCmdline(int argc, char* argv[], bool ignoreUnknown = false);
+	/**
+	 * @brief  Parse cmdline parameters, and show help if requested
+	 * @param  argc  Cmdline arguments count, should be passed from main().
+	 * @param  argv  Cmdline parameters array, should be passed from main()
+	 *
+	 * If --help is given in parameters, shows its list with description
+	 * and terminates the program with exitcode 0.
+	 *
+	 * In case of parameter misuse boost throws an exception.
+	 * We internally handle type boost::program_options::unknown_option,
+	 * and then terminate the program with exitcode 1.
+	 *
+	 * Other exceptions will be passed to higher level.
+	 */
+	void ParseCmdline(int argc, char* argv[], bool ignoreUnknown = false);
 
-  /**
-   * @brief  Load and parse given config file
-   * @param  path  Path to config file
-   *
-   * If error occurred when opening file path is points to,
-   * we show the error message and terminate program.
-   *
-   * In case of parameter misuse boost throws an exception.
-   * We internally handle type boost::program_options::unknown_option,
-   * and then terminate program with exitcode 1.
-   *
-   * Other exceptions will be passed to higher level.
-   */
-  void ParseConfig(const std::string& path);
+	/**
+	 * @brief  Load and parse given config file
+	 * @param  path  Path to config file
+	 *
+	 * If error occurred when opening file path is points to,
+	 * we show the error message and terminate program.
+	 *
+	 * In case of parameter misuse boost throws an exception.
+	 * We internally handle type boost::program_options::unknown_option,
+	 * and then terminate program with exitcode 1.
+	 *
+	 * Other exceptions will be passed to higher level.
+	 */
+	void ParseConfig(const std::string& path);
 
-  /**
-   * @brief  Used to combine options from cmdline, config and default values
-   */
-  void Finalize();
+	/**
+	 * @brief  Used to combine options from cmdline, config and default values
+	 */
+	void Finalize();
 
-  /* @brief  Accessor to parameters by name
-   * @param  name  Name of the requested parameter
-   * @param  value Variable where to store option
-   * @return this function returns false if parameter not found
-   *
-   * Example: uint16_t port; GetOption("sam.port", port);
-   */
-  template<typename T>
-  bool GetOption(const char *name, T& value) {
-    if (!m_Options.count(name))
-      return false;
-    value = m_Options[name].as<T>();
-    return true;
-  }
+	/**
+	 * @brief  Accessor to parameters by name
+	 * @param  name  Name of the requested parameter
+	 * @param  value Variable where to store option
+	 * @return this function returns false if parameter not found
+	 *
+	 * Example: uint16_t port; GetOption("sam.port", port);
+	 */
+	template<typename T>
+	bool GetOption(const char *name, T& value)
+	{
+		if (!m_Options.count(name))
+			return false;
+		value = m_Options[name].as<T>();
+		return true;
+	}
 
-  template<typename T>
-  bool GetOption(const std::string& name, T& value)
-  {
-    return GetOption (name.c_str (), value);
-  }
+	template<typename T>
+	bool GetOption(const std::string& name, T& value)
+	{
+		return GetOption (name.c_str (), value);
+	}
 
-  bool GetOptionAsAny(const char *name, boost::any& value);
-  bool GetOptionAsAny(const std::string& name, boost::any& value);
+	bool GetOptionAsAny(const char *name, boost::any& value);
+	bool GetOptionAsAny(const std::string& name, boost::any& value);
 
-  /**
-   * @brief  Set value of given parameter
-   * @param  name  Name of settable parameter
-   * @param  value New parameter value
-   * @return true if value set up successful, false otherwise
-   *
-   * Example: uint16_t port = 2827; SetOption("bob.port", port);
-   */
-  template<typename T>
-  bool SetOption(const char *name, const T& value) {
-    if (!m_Options.count(name))
-      return false;
-    m_Options.at(name).value() = value;
-    notify(m_Options);
-    return true;
-  }
+	/**
+	 * @brief  Set value of given parameter
+	 * @param  name  Name of settable parameter
+	 * @param  value New parameter value
+	 * @return true if value set up successful, false otherwise
+	 *
+	 * Example: uint16_t port = 2827; SetOption("bob.port", port);
+	 */
+	template<typename T>
+	bool SetOption(const char *name, const T& value)
+	{
+		if (!m_Options.count(name))
+			return false;
+		m_Options.at(name).value() = value;
+		notify(m_Options);
+		return true;
+	}
 
-  /**
-   * @brief  Check is value explicitly given or default
-   * @param  name  Name of checked parameter
-   * @return true if value set to default, false otherwise
-   */
-  bool IsDefault(const char *name);
+	/**
+	 * @brief  Check is value explicitly given or default
+	 * @param  name  Name of checked parameter
+	 * @return true if value set to default, false otherwise
+	 */
+	bool IsDefault(const char *name);
 }
 }
 

libi2pd/Crypto.cpp

@@ -1,3 +1,11 @@
+/*
+* Copyright (c) 2013-2020, The PurpleI2P Project
+*
+* This file is part of Purple i2pd project and licensed under BSD3
+*
+* See full license text in LICENSE file at top of project tree
+*/
+
 #include <string.h>
 #include <string>
 #include <vector>
@@ -286,40 +294,49 @@ namespace crypto
 #if OPENSSL_X25519
 		m_Ctx = EVP_PKEY_CTX_new_id (NID_X25519, NULL);
 		m_Pkey = nullptr;
-#else		
+#else
 		m_Ctx = BN_CTX_new ();
-#endif		
-	}	
+#endif
+	}
 
 	X25519Keys::X25519Keys (const uint8_t * priv, const uint8_t * pub)
 	{
-#if OPENSSL_X25519		
+#if OPENSSL_X25519
 		m_Pkey = EVP_PKEY_new_raw_private_key (EVP_PKEY_X25519, NULL, priv, 32);
 		m_Ctx = EVP_PKEY_CTX_new (m_Pkey, NULL);
-		memcpy (m_PublicKey, pub, 32); // TODO: verify against m_Pkey
+		if (pub)
+			memcpy (m_PublicKey, pub, 32); // TODO: verify against m_Pkey
+		else
+		{
+			size_t len = 32;
+			EVP_PKEY_get_raw_public_key (m_Pkey, m_PublicKey, &len);
+		}
 #else
-		memcpy (m_PrivateKey, priv, 32);
-		memcpy (m_PublicKey, pub, 32);
 		m_Ctx = BN_CTX_new ();
-#endif		
-	}	
-	
+		memcpy (m_PrivateKey, priv, 32);
+		if (pub)
+			memcpy (m_PublicKey, pub, 32);
+		else
+			GetEd25519 ()->ScalarMulB (m_PrivateKey, m_PublicKey, m_Ctx);
+#endif
+	}
+
 	X25519Keys::~X25519Keys ()
 	{
 #if OPENSSL_X25519
 		EVP_PKEY_CTX_free (m_Ctx);
-		if (m_Pkey) EVP_PKEY_free (m_Pkey);	
-#else				
+		if (m_Pkey) EVP_PKEY_free (m_Pkey);
+#else
 		BN_CTX_free (m_Ctx);
-#endif		
-	}	
+#endif
+	}
 
 	void X25519Keys::GenerateKeys ()
 	{
 #if OPENSSL_X25519
 		if (m_Pkey)
-		{ 
-			EVP_PKEY_free (m_Pkey);	
+		{
+			EVP_PKEY_free (m_Pkey);
 			m_Pkey = nullptr;
 		}
 		EVP_PKEY_keygen_init (m_Ctx);
@@ -328,26 +345,26 @@ namespace crypto
 		m_Ctx = EVP_PKEY_CTX_new (m_Pkey, NULL); // TODO: do we really need to re-create m_Ctx?
 		size_t len = 32;
 		EVP_PKEY_get_raw_public_key (m_Pkey, m_PublicKey, &len);
-#else		
+#else
 		RAND_bytes (m_PrivateKey, 32);
 		GetEd25519 ()->ScalarMulB (m_PrivateKey, m_PublicKey, m_Ctx);
-#endif		
-	}	
+#endif
+	}
 
 	void X25519Keys::Agree (const uint8_t * pub, uint8_t * shared)
 	{
-#if OPENSSL_X25519		
+#if OPENSSL_X25519
 		EVP_PKEY_derive_init (m_Ctx);
 		auto pkey = EVP_PKEY_new_raw_public_key (EVP_PKEY_X25519, NULL, pub, 32);
 		EVP_PKEY_derive_set_peer (m_Ctx, pkey);
 		size_t len = 32;
 		EVP_PKEY_derive (m_Ctx, shared, &len);
 		EVP_PKEY_free (pkey);
-#else		
+#else
 		GetEd25519 ()->ScalarMul (pub, m_PrivateKey, shared, m_Ctx);
-#endif		
-	}		
-	
+#endif
+	}
+
 	void X25519Keys::GetPrivateKey (uint8_t * priv) const
 	{
 #if OPENSSL_X25519
@@ -358,6 +375,25 @@ namespace crypto
 #endif
 	}
 
+	void X25519Keys::SetPrivateKey (const uint8_t * priv, bool calculatePublic)
+	{
+#if OPENSSL_X25519
+		if (m_Ctx) EVP_PKEY_CTX_free (m_Ctx);
+		if (m_Pkey) EVP_PKEY_free (m_Pkey);
+		m_Pkey = EVP_PKEY_new_raw_private_key (EVP_PKEY_X25519, NULL, priv, 32);
+		m_Ctx = EVP_PKEY_CTX_new (m_Pkey, NULL);
+		if (calculatePublic)
+		{
+			size_t len = 32;
+			EVP_PKEY_get_raw_public_key (m_Pkey, m_PublicKey, &len);
+		}	
+#else
+		memcpy (m_PrivateKey, priv, 32);
+		if (calculatePublic)
+			GetEd25519 ()->ScalarMulB (m_PrivateKey, m_PublicKey, m_Ctx);
+#endif
+	}
+
 // ElGamal
 	void ElGamalEncrypt (const uint8_t * key, const uint8_t * data, uint8_t * encrypted, BN_CTX * ctx, bool zeroPadding)
 	{
@@ -660,12 +696,12 @@ namespace crypto
 
 // AES
 #ifdef __AES__
-        #ifdef ARM64AES
-                void init_aesenc(void){
+	#ifdef ARM64AES
+	void init_aesenc(void){
 			// TODO: Implementation
-		}
+	}
 
-        #endif
+	#endif
 
 	#define KeyExpansion256(round0,round1) \
 		"pshufd	$0xff, %%xmm2, %%xmm2 \n" \
@@ -863,7 +899,6 @@ namespace crypto
 		}
 	}
 
-
 	void CBCEncryption::Encrypt (int numBlocks, const ChipherBlock * in, ChipherBlock * out)
 	{
 #ifdef __AES__
@@ -1118,10 +1153,10 @@ namespace crypto
 		}
 
 		EVP_CIPHER_CTX_free (ctx);
-#else		
+#else
 		chacha::Chacha20State state;
 		// generate one time poly key
-		chacha::Chacha20Init (state, nonce, key, 0);	
+		chacha::Chacha20Init (state, nonce, key, 0);
 		uint64_t polyKey[8];
 		memset(polyKey, 0, sizeof(polyKey));
 		chacha::Chacha20Encrypt (state, (uint8_t *)polyKey, 64);
@@ -1137,7 +1172,7 @@ namespace crypto
 			{
 				// padding1
 				rem = 16 - rem;
-				polyHash.Update (padding, rem);	
+				polyHash.Update (padding, rem);
 			}
 		}
 		// encrypt/decrypt data and add to hash
@@ -1153,20 +1188,20 @@ namespace crypto
 		{
 			polyHash.Update (buf, msgLen); // before decryption
 			chacha::Chacha20Encrypt (state, buf, msgLen); // decrypt
-		}	
+		}
 
 		auto rem = msgLen & 0x0F; // %16
 		if (rem)
 		{
 			// padding2
 			rem = 16 - rem;
-			polyHash.Update (padding, rem);		
+			polyHash.Update (padding, rem);
 		}
 		// adLen and msgLen
 		htole64buf (padding, adLen);
 		htole64buf (padding + 8, msgLen);
-		polyHash.Update (padding, 16);	
-		
+		polyHash.Update (padding, 16);
+
 		if (encrypt)
 			// calculate Poly1305 tag and write in after encrypted data
 			polyHash.Finish ((uint64_t *)(buf + msgLen));
@@ -1174,7 +1209,7 @@ namespace crypto
 		{
 			uint64_t tag[4];
 			// calculate Poly1305 tag
-			polyHash.Finish (tag);	
+			polyHash.Finish (tag);
 			if (memcmp (tag, msg + msgLen, 16)) ret = false; // compare with provided
 		}
 #endif
@@ -1190,20 +1225,20 @@ namespace crypto
 		EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), 0, 0, 0);
 		EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, 12, 0);
 		EVP_EncryptInit_ex(ctx, NULL, NULL, key, nonce);
-		for (const auto& it: bufs)	
+		for (const auto& it: bufs)
 			EVP_EncryptUpdate(ctx, it.first, &outlen, it.first, it.second);
 		EVP_EncryptFinal_ex(ctx, NULL, &outlen);
 		EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, mac);
 		EVP_CIPHER_CTX_free (ctx);
-#else		
+#else
 		chacha::Chacha20State state;
 		// generate one time poly key
-		chacha::Chacha20Init (state, nonce, key, 0);	
+		chacha::Chacha20Init (state, nonce, key, 0);
 		uint64_t polyKey[8];
 		memset(polyKey, 0, sizeof(polyKey));
 		chacha::Chacha20Encrypt (state, (uint8_t *)polyKey, 64);
 		Poly1305 polyHash (polyKey);
-		// encrypt buffers	
+		// encrypt buffers
 		Chacha20SetCounter (state, 1);
 		size_t size = 0;
 		for (const auto& it: bufs)
@@ -1213,22 +1248,22 @@ namespace crypto
 			size += it.second;
 		}
 		// padding
-		uint8_t padding[16]; 
+		uint8_t padding[16];
 		memset (padding, 0, 16);
 		auto rem = size & 0x0F; // %16
 		if (rem)
 		{
 			// padding2
 			rem = 16 - rem;
-			polyHash.Update (padding, rem);		
+			polyHash.Update (padding, rem);
 		}
 		// adLen and msgLen
 		// adLen is always zero
 		htole64buf (padding + 8, size);
-		polyHash.Update (padding, 16);	
+		polyHash.Update (padding, 16);
 		// MAC
-		polyHash.Finish ((uint64_t *)mac);	
-#endif		
+		polyHash.Finish ((uint64_t *)mac);
+#endif
 	}
 
 	void ChaCha20 (const uint8_t * msg, size_t msgLen, const uint8_t * key, const uint8_t * nonce, uint8_t * out)
@@ -1244,33 +1279,47 @@ namespace crypto
 		EVP_CIPHER_CTX_free (ctx);
 #else
 		chacha::Chacha20State state;
-		chacha::Chacha20Init (state, nonce, key, 1);	
+		chacha::Chacha20Init (state, nonce, key, 1);
 		if (out != msg) memcpy (out, msg, msgLen);
 		chacha::Chacha20Encrypt (state, out, msgLen);
 #endif
 	}
 
-	void HKDF (const uint8_t * salt, const uint8_t * key, size_t keyLen, const std::string& info, uint8_t * out)
+	void HKDF (const uint8_t * salt, const uint8_t * key, size_t keyLen, const std::string& info,
+		uint8_t * out, size_t outLen)
 	{
 #if OPENSSL_HKDF
-		EVP_PKEY_CTX * pctx = EVP_PKEY_CTX_new_id (EVP_PKEY_HKDF, NULL);
+		EVP_PKEY_CTX * pctx = EVP_PKEY_CTX_new_id (EVP_PKEY_HKDF, nullptr);
 		EVP_PKEY_derive_init (pctx);
 		EVP_PKEY_CTX_set_hkdf_md (pctx, EVP_sha256());
-		EVP_PKEY_CTX_set1_hkdf_salt (pctx, salt, 32);
-		EVP_PKEY_CTX_set1_hkdf_key (pctx, key, keyLen);
+		if (key && keyLen)
+		{
+			EVP_PKEY_CTX_set1_hkdf_salt (pctx, salt, 32);
+			EVP_PKEY_CTX_set1_hkdf_key (pctx, key, keyLen);
+		}
+		else
+		{
+			// zerolen
+			EVP_PKEY_CTX_hkdf_mode (pctx, EVP_PKEY_HKDEF_MODE_EXPAND_ONLY);
+			uint8_t tempKey[32]; unsigned int len;
+			HMAC(EVP_sha256(), salt, 32, nullptr, 0, tempKey, &len);
+			EVP_PKEY_CTX_set1_hkdf_key (pctx, tempKey, len);
+		}
 		if (info.length () > 0)
 			EVP_PKEY_CTX_add1_hkdf_info (pctx, info.c_str (), info.length ());
-		size_t outlen = 64;
-		EVP_PKEY_derive (pctx, out, &outlen);
+		EVP_PKEY_derive (pctx, out, &outLen);
 		EVP_PKEY_CTX_free (pctx);
 #else
 		uint8_t prk[32]; unsigned int len;
-		HMAC(EVP_sha256(), salt, 32, key, keyLen, prk, &len); 
+		HMAC(EVP_sha256(), salt, 32, key, keyLen, prk, &len);
 		auto l = info.length ();
 		memcpy (out, info.c_str (), l); out[l] = 0x01;
 		HMAC(EVP_sha256(), prk, 32, out, l + 1, out, &len);
-		memcpy (out + 32, info.c_str (), l); out[l + 32] = 0x02;
-		HMAC(EVP_sha256(), prk, 32, out, l + 33, out + 32, &len); 
+		if (outLen > 32) // 64
+		{
+			memcpy (out + 32, info.c_str (), l); out[l + 32] = 0x02;
+			HMAC(EVP_sha256(), prk, 32, out, l + 33, out + 32, &len);
+		}
 #endif
 	}
 
@@ -1288,10 +1337,10 @@ namespace crypto
 		}
 	}*/
 
-	
+
 	void InitCrypto (bool precomputation)
 	{
-		i2p::cpu::Detect ();	
+		i2p::cpu::Detect ();
 #if LEGACY_OPENSSL
 		SSL_library_init ();
 #endif
@@ -1329,4 +1378,3 @@ namespace crypto
 	}
 }
 }
-