Sandeep Dasika | 28 Sep 09:38 2014

Config management

Hello freenet developers,

I am a developer from India, and I am wishing to work on the config
management code, particularly adhering to the idea represented in the GSoC
ideas list

As such, it would be great if anyone of you could point me to infinity0 (as
I don't find him/her on IRC), or any of the concerned developers.

I would love to have a small chat with the concerned developer just so I
don't get things kicked off in the wrong direction.

Thanks for your time.



Florent Daigniere | 21 Oct 11:09 2014

New certificate for osprey


So, following , we are
getting a new cert... I've seized that opportunity to rekey too; Nothing fancy as the CA doesn't like ECC
keys... but a new key nevertheless.

I've deployed it onto for testing and
updated the DANE/PKP records to allow for a smooth migration

Before the switch-over can happen, we need a new release to deploy the
new intermediary CA (src/freenet/clients/http/staticfiles/startssl.pem
needs updating, so does the installer) as we were pinning that rather
than the root

For the records, the new fingerprint is:

PS: you can check the signature of this email on
Devl mailing list
(Continue reading)

xor | 17 Oct 23:15 2014

Need a list of NON-plugin WOT client apps for testing


my fred branch plugin-fcp-rewrite is nearing its completion, and I will have 
to do extensive testing soon.
The branch rewrites the Freenet FCP API which allows plugins to expose 
functionality to FCP clients by being a FCP server. This is what WOT uses to 
provide FCP services.

It has two primary code paths:
1) Both server and client plugin are running in the same node. Thats the case 
for WOT + Sone/Freemail/Freetalk/etc. The FCP data will be passed directly 
between the plugins as Java objects there, instead of using TCP network 
sockets. I'm able to test that already with the above WOT apps.
2) Server plugin (for example WOT) running inside the node, client running 
outside of the node, possibly written in a different programming language. In 
that case, the client is attached by a TCP network connection.

I need an external, non-plugin client to test code path 2. Ideally that would 
be a client application of WOT, because WOT already has been adapted to use 
the new API.
Can you folks please help me with a complete list of all of them?
- I currently only can recall Infocalypse. Btw, Steve, please tell me where 
the latest code is for that :)

Devl mailing list
(Continue reading)

John Arley Burns | 17 Oct 21:17 2014

Freenet CLI

It appears the Freenet command line interface is no longer supported, and I
can't find the sources anywhere.  I did see a post from 2005 stating how to
start a command line interface:

java -cp freenet.jar:freenet-ext.jar freenet.client.cli.Main

Any pointers on how one might use a CLI interface to freenet?  I'm
interested in this for development as it makes it much easier to test my
API calls than just using the code libraries.
Vaibhav Gupta | 30 Sep 13:13 2014
Steve Dougherty | 27 Sep 14:33 2014

Coding and commit message standards in effect

The coding standards documented in the wiki [0] apply to incoming code
and commit messages. Pull requests that do not meet them are likely to
be rejected.


Devl mailing list
Steve Dougherty | 25 Sep 03:25 2014

Your release manager is overwhelmed

Hi everyone,

I have too many tasks to do to be able complete them in the way I've
been approaching things thus far. The sheer magnitude of code I feel
obligated to review on top of other improvements I'd like to write for
1466 makes this feel more like endless unpaid work than fun volunteering.

I will try making a list of tasks to complete and going through them in
a more focused way instead of jumping around, and hopefully that will
help, but ultimately I think I need to have less fall to me for this to
be sustainable. One thing I would really appreciate is other people
reviewing and signing off on pull requests so that I can focus on other
aspects of releasing, at least for now. The purge-db4o pull request
alone (and there are others) changes ~100k LOC. This is more code than
I've ever reviewed at once, and I don't think I can do a good job on
reviewing all of it by myself in a timely manner.

Is anyone willing to volunteer to help review code? When reviewers are
happy with a pull request (which I hope will include following the
coding standards) I will merge it.

- Steve

Devl mailing list
Matthew Toseland | 19 Sep 15:39 2014

Purge-db4o release candidate (snapshot 19)

The client layer rewrite aka purge-db4o is finished. That is, it is
feature complete, and has had a reasonable amount of testing (but needs

Major changes:
- No longer uses db4o to store anything, but will migrate from old
node.db4o*'s (downloads and uploads will be restarted)
- Should be much more reliable, and cause much less disk I/O
- Uses the multi-container code even for persistent inserts
- Improved disk crypto (I may improve this further)
- Trivial changes to FCP
- New metadata format (fixes some minor bugs, but we use the old one for
now by default)
- Handles low disk space much better. Migration may use significant disk
space; if we have less than 512MB left, transient requests will fail to
avoid breaking the system, if we have less than 1GB left, persistent
requests will fail / not start.
- Various bugfixes
- Rename RandomAccessThing to RandomAccessBuffer, etc.

The latest version is here:
Branch "purge-db4o-crypt"
Signed tag "purge-db4o-snapshot-19"
Commit hash 9b7c9204fa5461ddbfa3236f81e257e379dc86eb

Uploaded jar and signature:
CHK <at> WiSJI8wGPKMZ4KJhxO7EHzd3k4OtJBmay95IQ2dUbS0,4ChtKmFXtb5EOegUgQQZ85EWpijCdUyKubelVP9AOU0,AAMC--8/freenet.purge-db4o-snapshot-19.jar
CHK <at> FwVHzsL8zuRv6cJix2B14xm~8fH2EZsO68nyggIwoqQ,P0etmFePAHcKmgBKJTtnFckxQ7ZX97qM4Wg43bokPus,AAMC--8/freenet.purge-db4o-snapshot-19.jar.sig
(Continue reading)

vmonmoonshine | 17 Sep 20:22 2014

Job opportunity: looking for a freenet dev and more

Hello Freenet folks,

We're starting a project called CeNo, based on the idea I shared with a
few of you at last year's CTS in Berlin where we had the freenet meet
up. Its about using freenet to cache censored web pages

The company where I work secured funding for a year and is
currently looking for a dev to work (alongside me!) on the project. If
the potential applicant has  extensive software dev experience with
other languages as well and is interested in other projects, there is a
good chance to get a full-time position here. If you cannot apply but
are still interested in contributing to CeNo! by sharing your thoughts
and ideas on it, please join the mailing

And here's the job:

I think is a pretty good team to work with. We concentrate on
 digital security for civil society and develop free software to defend
 online freedom  speech and other aspect of human rights. So it is the
 prefect place for those of you who have the activism itch.

Looking forward to work with you, 
Matthew Toseland | 16 Sep 19:42 2014

Should we remove disk crypto?

On 05/09/14 19:43,
localghost <at> eOC4Zm8KjRpMFhNBp6DmI8K4URaq8bQZH45y0dLHEnI wrote:>
creamsoda <at> 0vpcRHZV1ftyj4mJpZnuYaG8wpkNIvf3qa3b-LUcsZs wrote :
>> TAILS is meant to be for short-lived sessions of minutes to hours
right? That doesn't lend itself well to freenet which works better over
a longer time.
> Ya, I kinda figured that.. just curious if anybody had done it. I was
asking for a friend, as stated. I prefer to let Freenet run constantly,
to help the network- and have not used TAILS, personally..
This is exactly why "leave disk crypto to the operating system" isn't so
obviously the right policy for Freenet.

The arguments for not doing disk crypto:
- We're likely to get it wrong.
- If they download video files etc there will probably be leaks. (But it
IS possible to limit this)
- Memorising a good password is hard, and the users who are willing to
do so may be the same group as the users who will install a secure linux
distro just to run Freenet, or at least do full disk encryption on
Windows (presumably using BitLocker?)
- If we do disk crypto we need to turn on swap encryption. This is
trivial on recent Windows but arguably not a good idea.

The arguments for doing disk crypto:
- We want people to run Freenet long-term. They usually won't install a
new OS just to run Freenet, and they can't run it long-term from a
livecd. This is one of the reasons we support Windows!
(Continue reading)

Steve Dougherty | 16 Sep 05:42 2014

[RFC] Update channels

Update channels are a way to provide easier testing of development
versions, make it easier for unofficial builds to be distributed, and
can also enhance build security by allowing for multiple signatures with
offline keys.

## Channel definition

A channel definition describes an update channel: both the user-facing
information and where to fetch it. It also contains security measures
like a revocation key, a list of trusted key IDs, and the number of
valid signatures required to deploy. This number can be zero if trusting
the insert key is deemed sufficient.

It is a key-value list of:

* name
* user-facing description
* trusted key IDs
* number of valid signatures from trusted keys required to deploy
* channel revocation SSK

Depending on whether the definition is distributed with a build, the
name and description could either be literal or localization keys. Those
distributed with builds are copied to an `update_channels` directory on
the filesystem and used from there to allow for clearer operation and
have it make more sense to drop additional channel definitions in the

Trusted keys are exciting because although the update insert key must
(Continue reading)