(Posting the version from FMS as it is clearer) On 12/07/15 00:17, toad-notrust@h2RzPS4fEzP0zU43GAfEgxqK2Y55~kEUNR01cWvYApI wrote: > On 11/07/15 23:57, > toad-notrust@h2RzPS4fEzP0zU43GAfEgxqK2Y55~kEUNR01cWvYApI wrote: >> On 11/07/15 19:09, >> operhiem1@C1aOr8GEQmP6u-gN3PxwufUSnW2ENrZhD8EmovXKH-s wrote: >>> 2015-07-11 > >>> The Freenet team is very happy to announce the stable release of >>> Freenet 0.7.5 build 1468. > >>> *Important notes*: downgrading from build 1468 is not supported; >>> if you want to go back to build 1467 without losing the upload >>> and download queues, *before* upgrading, back-up the following >>> files and directories: master.keys, persistent-temp-*/, and >>> node.db4o (see https://wiki.freenetproject.org/Program_files ). >>> Please note that running transfers will be restarted from scratch >>> too. A reminder to those testing auto-update to 1468-pre4: please >>> restore your auto-update key to the default. One way to do this >>> is to stop Freenet, remove the "node.updater.URI" line from >>> freenet.ini, and start Freenet again. > >>> db4o is gone from Fred. It is replaced with the product of toad's >>> summer of work - a custom on-disk format that is much more >>> robust against corruption and is more efficient in both CPU and >>> I/O. [0] A new crypto API (unixninja92’s Google Summer of Code) >>> is available for plugins to easily perform cryptographic >>> operations within Freenet. This new API has been designed to make >>> it as simple as possible to do the “right” thing >>> cryptographically and to follow current best security practices. >>> See freenet.crypt.EncryptedRandomAccessBuffer and >>> freenet.crypt.MessageAuthCode for details. > >> Warning to those doing big downloads/uploads with Freenet-level >> disk encryption (physical security of LOW or higher): > >> There are some serious-ish issues, we are working on them. You >> might want to delay updating. I will put out a snapshot later >> today: > >> 1. FEC decoding/encoding is not prioritised. So a big download >> finishing / upload starting can block fproxy. 2. Last summer I >> identified a problem with disk encryption: In Bouncycastle 1.50, >> there is seekable encryption (needed for disk encryption with >> purge-db4o) but actually seeking can be very slow. > >> The combination of the two is the problem reported on Frost: If >> you have LOW or higher physical security level, and have big >> downloads completing (possibly from the datastore; everything gets >> restarted), they will take hours at 100% CPU, and fproxy will >> probably stall as well . > > Sorry, the second point: I thought this was fixed in BC 1.51, it was > actually fixed in BC 1.52. Bouncycastle is the crypto library we use. > > A new release snapshot will be uploaded shortly which fixes both problem > s. > Please could people test the new snapshot?
There are two versions: - 1) Prioritised FEC. This should ensure that fproxy works even when other stuff is happening. It's just possible that there's a serious bug hiding in the relatively small changes. But it does not solve the problem for users with disk encryption enabled. - 2) Prioritised FEC *plus* the new version of BouncyCastle. This also appears to work and should solve the problem even for users doing big downloads with disk encryption. The simplest solution is to set your auto-update key to: USK@WwwjdrCO1Gzrfts7uJw5qlPV5lcBdpQnXdPKv281uaM,yi2ZCMBcag03XtYD77WFerVvsIQHq598UkHFRLf3aHM,AQACAAE/update/1469 This should automatically download the new bcprov jar (bcprov-jdk15on-152.jar). If you then downgrade back to 1468, you will need to change wrapper.conf to point to 151 rather than 152. Prioritised FEC: Replace your freenet jar file with this: CHK@SsQtY7rrVPz1xFYscFDA0eLVb09RUDZN6YsiZH6~LSs,AcB66-lwGL2C~xLwRHep480pKRfadrGUMBSUjdg~jss,AAMC--8/freenet.1468.prioritised-fec.4affe1c2f8da6a5b7e444e7f55d2d2ca2dafa0f9.jar Signature: CHK@e8Db5M1an6AU-WH0ISE2HiY5b8Vy8~-q6~hS4UlhP68,Q3aq1g~7MSTV2pYBc0Pg0R36NTIvpEl8ooSFvV3JC~0,AAMC--8/freenet.1468.prioritised-fec.4affe1c2f8da6a5b7e444e7f55d2d2ca2dafa0f9.jar.sig Source: CHK@gq9E0e1L9BGt6WQGwvpHhi38WzLtp6PO4JNmYLZfdtM,6M-Ff~akO2CJOrQ8NtNqmv8tkblhVorYBV4FzJWrcWU,AAMC--8/freenet.1468.prioritised-fec.4affe1c2f8da6a5b7e444e7f55d2d2ca2dafa0f9-source.tar.bz2 CHK@OrFf17d15rp3i4ej4vrvrX3sQ093dfbNjV99nFVQP~4,V-l~ZVQ7jyjN~wA6-qq25goLn~2hQMag2jHX53vcgPA,AAMC--8/freenet.1468.prioritised-fec.4affe1c2f8da6a5b7e444e7f55d2d2ca2dafa0f9-source.tar.bz2.sig Prioritised FEC *AND* BouncyCastle 1.52: Use the USK above, or ... Download the new bouncycastle from here: CHK@OTqMflXlJK4IcCBwDvcFcYIx5r6EjzlFSOdpd5JJuF0,D~2vk~9EqXUNrbqKaL7jm8G3I9B7DkPqrqxsyRiAlQY,AAMC--8/bcprov-jdk15on-152.jar Jar file for freenet.jar: CHK@FixtR6-J2p9DNr0o5g9rE7wtIOs0XC-InmJJU-MKA6M,aGmqB9qqHY5tX1YO3KF6-aN78~2osMLzw1rwtSyzeb4,AAMC--8/freenet.stable-1469-proposed-fixes.6f308b3bf149f86ebf1661cb549e4807b6d868eb.jar CHK@vDO-XTXamhbntJgkGHrlA-RsUky3s8MkhLfUIMF5IDM,fddUty8uqVg-pa7SR6qv6y5cZVmYODJ77olZwFCo8uU,AAMC--8/freenet.stable-1469-proposed-fixes.6f308b3bf149f86ebf1661cb549e4807b6d868eb.jar.sig Source for this is not yet uploaded but consists of the changes in the prioritised-FEC version plus changes to dependencies.properties, which tells the node how to update to the new version, and is in the jar. The filenames include the git id's and branches have been pushed.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
