Steve Dougherty | 10 Apr 03:27 2015

[RFC] Freenet Summer of Toad

Google Summer of Code didn't work out for us, but maybe we can have a
Freenet Summer of Toad? It's not certain yet, but Matthew might be
interested in working 35-hour weeks over the summer for FPI. He says he
wants at least $6k for 8 weeks but preferably $10k for 12 weeks. Paying
this while maintaining current operations will require a fundraiser. Are
people interested in doing this?

If we go through with it we'd put a fundraising bar on the website and
count subsequent donations toward it. It might be good to have a mark
both at $6k as the minimum and $10k as the entire summer.

Last summer purge-db4o coming into review all at once was a formative
experience for the community. We've agreed that development must now be
put up for review and merged in much, much smaller pull requests along
the way.

What would we want to direct this development time toward? My opinion is
that more code / features is not what Fred needs most right now. I'd
like to ask that Matthew document plugin APIs and work on packaging:
things like splitting freenet-ext, making a Debian / Ubuntu package, and
maybe even creating an official distro package repo in Freenet. This is
because for those utilities that already exist, Freenet is pretty
effective, but I have seen many developers give up when they see the
lack of documentation, and the lack of packages makes it harder to
install and harder to depend on. There are unofficial packages for Arch
and Gentoo, and freenet-ext being monolithic makes packaging Freenet harder.

Documenting the API will also make it clear what is considered API, and
reviewing it can then suggest improvements. If documentation is
completed it could get as far as developing improvements to the plugin
(Continue reading)

Ian Clarke | 21 Mar 18:45 2015

Github and code review

Talking to a few people, I think our current approach to code review is

For example, I've been told that some people are arguing that commits are
too granular, and need to be combined to make code review easier. This is a
mistake, there is nothing wrong with very granular commits, just as there
is nothing wrong with more verbose code if it helps clarity.  Pull requests
should be used for code review, not individual commits.  The number of
individual commits should be irrelevant.

It sounds like people are trying to use commits for code review, whereas
they should be using Github pull requests.

Here is a process that has worked well in my experience:

   - For any isolatable feature or bugfix, create a new branch just for
   that feature or bug request (perhaps put the bug id # in the name of the
   branch).  *Do not combine multiple features or bugfixes into a single
   branch.*  If it can be merged independently, it should have it's own
   - Commits to this branch can be as granular as the programmer wants,
   generally the more frequent the commits the better
   - When the programmer is ready for feedback, they should create a pull
   request between this branch and the main branch - they could post the URL
   of the pull request to IRC to encourage feedback
   - It's fine for a programmer to request feedback before the feature is
   complete, but they should note this in the title of the pull request - eg.
   - For code review, the most useful tab is "Files changed" - which shows
   all differences between the feature branch and the main branch (individual
(Continue reading)

xor | 12 Mar 12:06 2015

WOT build0014 release candidate, please test

Hey folks,

We're finally nearing a WOT release.
The release candidate 2 can be downloaded by Freenet via:

http://localhost:8888/SSK <at> QeTBVWTwBldfI-lrF~xf0nqFVDdQoSUghT~PvhyJ1NE,OjEywGD063La2H-IihD7iYtZm3rC0BP6UTvvwyF5Zh4,AQACAAE/

Testing instructions and a changelog are included in the zip as text files.
Please do read the testing instructions before using it.
Also before testing check this thread for new replies because I might post a 
new release candidate if the current one has any bugs.

Thanks for your patience with the release and thanks for testing :)

PS: Release candidate 1 was never actually released. The only change in 2 is 
changes in the text files in the zip.
Devl mailing list
Devl <at>
Tom Sparks | 8 Mar 10:11 2015

Design and Implementation of a Censorship Resistant and Fully Decentralized Name System

"Abstract: This thesis presents the design and implementation of the GNU
Alternative Domain System (GADS), a decentralized, secure name system
providing memorable names for the Internet as an alternative to the
Domain Name System (DNS). The system builds on ideas from Rivest’s
Simple Distributed Security Infrastructure (SDSI) to address a central
issue with providing a decentralized mapping of secure identifiers to
memorable names: providing a global, secure and memorable mapping is
impossible without a trusted authority.
SDSI offers an alternative by linking local name spaces; GADS uses the
transitivity provided by the SDSI design to build a decentralized and
censorship resistant name system without a trusted root based on secure
delegation of authority.
Additional details need to be considered in order to enable GADS to
integrate smoothly with the World Wide Web. While following links on the
Web matches following delegations in GADS, the existing HTTP-based
infrastructure makes many assumptions about globally unique names;
however, proxies can be used to enable legacy applications to function
with GADS.
This work presents the fundamental goals and ideas behind GADS, provides
technical details on how GADS has been implemented and discusses
deployment issues for using GADS with existing systems. We discuss how
GADS and legacy DNS can interoperate during a transition period and what
additional security advantages GADS offers over DNS with Security
Extensions (DNSSEC). Finally, we present the results of a survey into
surfing behavior, which suggests that the manual introduction of new
direct links in GADS will be infrequent.
" -

Has anybody read this paper because it has features freenet is missing

(Continue reading)

Matthew Toseland | 7 Mar 14:36 2015

Re: Freenet funding and this summer

On 16/11/14 16:36, Ian Clarke wrote:
> Hi Matthew,
> I agree that unless we get some kind of windfall in funding we should
> probably reserve current funds for Xor.  Would working as a Google Summer
> of Code student provide you with sufficient income?
Unfortunately Freenet was not accepted into GSoC this year.

I am seriously considering applying for GSoC (for some other project),
as it probably makes more sense financially than a proper office job
internship (!!). If I'm going to be working on OSS this summer, and if I
have to apply for something that my experience is relevant to, I'd
prefer to work for Freenet...

Have we exhausted all options for funding, crowdfunding, etc?

Would it help if I came up with a detailed proposal with a fixed cost?
Such a thing has a risk of being rushed, and may cause problems with
code review ... but it would be easy to crowd-fund?

Devl mailing list
Devl <at>
Arne Babenhauserheide | 25 Feb 20:51 2015

next breaks freesitemgr (pyFreenet FCP error)


As reported in mantis, the current next breaks my site uploads with
pyFreenet ( ):

    This happens to me with two freesites:

    NODE: PutFailed
    NODE: ExtraDescription=Already closed
    NODE: Fatal=true
    NODE: CodeDescription=Internal bucket error: out of disk space/permissions problem?
    NODE: Identifier=id**************
    NODE: Code=2
    NODE: Global=false
    NODE: ShortCodeDescription=Temp files error
    NODE: EndMessage

    For the id**** I first got this confirmation:

    NODE: URIGenerated
    NODE: Identifier=id****************
    NODE: Global=false
    NODE: URI=CHK <at> ****/****
    NODE: EndMessage

    My log shows stuff like this:$TempBucket, Finalizer, ERROR):
TempBucket not freed, size=158, isRAMBucket=true :$TempBucket <at> 4df9e3dd

    as well as stuff like this:

(Continue reading)

Marios Isaakidis | 22 Feb 15:27 2015

Inter-node plugin communication


Has anyone built a client-server application based on Freenet plugins?

Are there any examples of communication of plugins running on different nodes? Would that even be
possible, given that the client-side plugin knows the node description of the node running the
server-side plugin? Are there any specifications for FCP to be extended for such a scenario?

A WOT/freemail-like approach is not applicable here, since communication has to be fast.
One solution that comes to mind is plugins to override methods that listen to incoming messages
(specifically implement freenet.node.NodeToNodeMessageListener) and filter the ones with a
specific flag.

Many thanks
Devl mailing list
Devl <at>
Arne Bab. | 20 Feb 09:04 2015

fcp rewrite code review


The review of the FCP rewrite is a huge undertaking, so I’ll limit myself to the functional changes since the review of bertm.

To get only these, I filtered the commits by their commit messages[1] and removed anything which looked like a documentation change or purely stylistic changes.

As a result the number of line changes (removed + added) went down from 13834 to 1211.

As first step I’ll purely paste the diff here (and attach it along with a htmlized version for people without diff highlighting).

 <at> xor: Please have a look at the commits and check whether any important functional change is missing (if yes, please add it). Also please give us a 6-line description of the comments from bertm in his review. We must be able to verify against that, and each one of us clicking each outdated comment on github is not a viable way to do that.

Best wishes,

[1]: hg log --template "{node} : {desc|firstline}\n" -r "6c438b4c279d0a671be6516cee34052c7c3d5101::29ba0908ee2a81afdfaa1ab369382e1ad892b726" | sed "s/.*JavaDoc.*//" | sed "s/.*TODO.*//" | sed "s/.*Organize.*//" | sed s/.*ocument.*// | sed s/.*explain.*// | sed s/.*spelling.*// | sed s/.*sort.*// | sed s/.*[Ii]ndent.*// | sed s/.*[Mm]erge.*// | sed s/.*[Mm]ove.*// | sed s/.*[Ee]xtract.*// | sed s/.*[Rr]ename.*// | cut -d : -f 1 | xargs hg export

# HG changeset patch
# User xor-freenet <xor <at>>
# Date 1420557120 -3600
#      Tue Jan 06 16:12:00 2015 +0100
# Node ID 6c438b4c279d0a671be6516cee34052c7c3d5101
# Parent  754640ea02b7a7a8b2165aa759c5eb10eb02eff0
FCPPluginClient.send(): Improve readability

- Improve documentation for the codepath of delivering messages to
sendSynchronous() threads.
- Rename maybeDispatchMessageLocallyToSendSynchronousThread() to
dispatchMessageLocallyToSendSynchronousThreadIfExisting(). Thats more
(Continue reading)

Stéphane Fillion | 18 Feb 13:40 2015

Patch submission

This is my first attempt at contributing to an open source project ever so
I probably do it all wrong. As this is the first time ever, the changes I
made are *very* small. First, in the man page for fcpgenkey I corrected the
SYNTAX section that don't use the right name for the command. Second, in
the man page for fcpput, I added a slash (/) in between CHK <at>  and the
filename as this slash is required for the command to succeed. I'm thus
looking forward for your suggestions. If all goes well, I'll attempt to
update the man pages for pyFreenet for the current version of the tool
because right now those are mostly obsolete.

patch in attachment.
diff --git a/manpages/fcpgenkey.1 b/manpages/fcpgenkey.1
index a8c32ae..8acd09f 100644
--- a/manpages/fcpgenkey.1
+++ b/manpages/fcpgenkey.1
 <at>  <at>  -5,7 +5,7  <at>  <at>  fcpgenkey \- generate a single Freenet SSK <at> /USK <at>  keypair

-\fBfcpput\fP [\fIoptions\fP]
+\fBfcpgenkey\fP [\fIoptions\fP]
 fcpgenkey is a simple command\-line FCP client program for generating
diff --git a/manpages/fcpput.1 b/manpages/fcpput.1
index 078a8a3..4a97798 100644
--- a/manpages/fcpput.1
+++ b/manpages/fcpput.1
(Continue reading)

Florent Daigniere | 17 Feb 15:36 2015

Release of build 1468

We've just had a long chat with operhiem1 on IRC about release

The outcome is that 1468 will ship soon but not with the fcp/event-based
changes (5kloc of code, hundreds of commits). The release has been
stalled for too long, for no valid reason. The main argument is:

13:55 < <at> operhiem1> Event-based is better in the long run but no one has
use for it right now, so it's not release-blocking.

Going forward, release managers will frown upon any API breaking change
made. Especially if it's maid by paid developers, without much
consultation/interaction with the community and with the expectation
that volunteers will do the work to fix breakages the said API changes
will engender.

We can't keep on delaying a release (it's been months already) featuring
important bug fixes on the basis that it breaks yet-to-be-released code
written by a paid developer.

Devl mailing list
Devl <at>
Steve Dougherty | 16 Feb 06:29 2015

Whitelisting CSS calc()

I'm seeing some proposals (no patches yet though) to whitelist "calc"
[0] in CSS. Are there any problems with this? It doesn't look
particularly powerful. The only thing we've been able to think of in IRC
is displaying different contents depending on screen resolution, (by
using element attributes or relative units like vw/vh) which doesn't
seem dangerous.


- Steve


Devl mailing list
Devl <at>