Remove unused parameter.

This should reduce the impact of connections that fail at the remote
end.

.gitlab-ci.yml

@@ -17,7 +17,7 @@ test:
 
   script:
     - ./gradlew --no-daemon -Djava.security.egd=file:/dev/urandom animalSnifferMain animalSnifferTest
-    - ./gradlew --no-daemon -Djava.security.egd=file:/dev/urandom test
+    - ./gradlew --no-daemon -Djava.security.egd=file:/dev/urandom check compileOfficialDebugAndroidTestSources compileScreenshotDebugAndroidTestSources
 
   after_script:
     # these file change every time but should not be cached

.idea/codeStyles/Project.xml

@@ -1,16 +1,10 @@
 <component name="ProjectCodeStyleConfiguration">
   <code_scheme name="Project" version="173">
-    <option name="RIGHT_MARGIN" value="100" />
     <AndroidXmlCodeStyleSettings>
-      <option name="USE_CUSTOM_SETTINGS" value="true" />
+      <option name="ARRANGEMENT_SETTINGS_MIGRATED_TO_191" value="true" />
     </AndroidXmlCodeStyleSettings>
     <JavaCodeStyleSettings>
       <option name="ANNOTATION_PARAMETER_WRAP" value="1" />
-      <option name="CLASS_COUNT_TO_USE_IMPORT_ON_DEMAND" value="99" />
-      <option name="NAMES_COUNT_TO_USE_IMPORT_ON_DEMAND" value="99" />
-      <option name="PACKAGES_TO_USE_IMPORT_ON_DEMAND">
-        <value />
-      </option>
       <option name="IMPORT_LAYOUT_TABLE">
         <value>
           <package name="android" withSubpackages="true" static="false" />
@@ -77,7 +71,6 @@
       </indentOptions>
     </codeStyleSettings>
     <codeStyleSettings language="XML">
-      <option name="FORCE_REARRANGE_MODE" value="1" />
       <indentOptions>
         <option name="CONTINUATION_INDENT_SIZE" value="4" />
         <option name="USE_TAB_CHARACTER" value="true" />
@@ -90,7 +83,8 @@
               <match>
                 <AND>
                   <NAME>xmlns:android</NAME>
-                  <XML_NAMESPACE>Namespace:</XML_NAMESPACE>
+                  <XML_ATTRIBUTE />
+                  <XML_NAMESPACE>^$</XML_NAMESPACE>
                 </AND>
               </match>
             </rule>
@@ -100,7 +94,8 @@
               <match>
                 <AND>
                   <NAME>xmlns:.*</NAME>
-                  <XML_NAMESPACE>Namespace:</XML_NAMESPACE>
+                  <XML_ATTRIBUTE />
+                  <XML_NAMESPACE>^$</XML_NAMESPACE>
                 </AND>
               </match>
               <order>BY_NAME</order>
@@ -111,6 +106,7 @@
               <match>
                 <AND>
                   <NAME>.*:id</NAME>
+                  <XML_ATTRIBUTE />
                   <XML_NAMESPACE>http://schemas.android.com/apk/res/android</XML_NAMESPACE>
                 </AND>
               </match>
@@ -121,6 +117,7 @@
               <match>
                 <AND>
                   <NAME>.*:name</NAME>
+                  <XML_ATTRIBUTE />
                   <XML_NAMESPACE>http://schemas.android.com/apk/res/android</XML_NAMESPACE>
                 </AND>
               </match>
@@ -131,6 +128,7 @@
               <match>
                 <AND>
                   <NAME>name</NAME>
+                  <XML_ATTRIBUTE />
                   <XML_NAMESPACE>^$</XML_NAMESPACE>
                 </AND>
               </match>
@@ -141,6 +139,7 @@
               <match>
                 <AND>
                   <NAME>style</NAME>
+                  <XML_ATTRIBUTE />
                   <XML_NAMESPACE>^$</XML_NAMESPACE>
                 </AND>
               </match>
@@ -151,6 +150,7 @@
               <match>
                 <AND>
                   <NAME>.*</NAME>
+                  <XML_ATTRIBUTE />
                   <XML_NAMESPACE>^$</XML_NAMESPACE>
                 </AND>
               </match>
@@ -161,64 +161,12 @@
             <rule>
               <match>
                 <AND>
-                  <NAME>.*:layout_width</NAME>
+                  <NAME>.*</NAME>
+                  <XML_ATTRIBUTE />
                   <XML_NAMESPACE>http://schemas.android.com/apk/res/android</XML_NAMESPACE>
                 </AND>
               </match>
-            </rule>
-          </section>
-          <section>
-            <rule>
-              <match>
-                <AND>
-                  <NAME>.*:layout_height</NAME>
-                  <XML_NAMESPACE>http://schemas.android.com/apk/res/android</XML_NAMESPACE>
-                </AND>
-              </match>
-            </rule>
-          </section>
-          <section>
-            <rule>
-              <match>
-                <AND>
-                  <NAME>.*:layout_.*</NAME>
-                  <XML_NAMESPACE>http://schemas.android.com/apk/res/android</XML_NAMESPACE>
-                </AND>
-              </match>
-              <order>BY_NAME</order>
-            </rule>
-          </section>
-          <section>
-            <rule>
-              <match>
-                <AND>
-                  <NAME>.*:width</NAME>
-                  <XML_NAMESPACE>http://schemas.android.com/apk/res/android</XML_NAMESPACE>
-                </AND>
-              </match>
-              <order>BY_NAME</order>
-            </rule>
-          </section>
-          <section>
-            <rule>
-              <match>
-                <AND>
-                  <NAME>.*:height</NAME>
-                  <XML_NAMESPACE>http://schemas.android.com/apk/res/android</XML_NAMESPACE>
-                </AND>
-              </match>
-              <order>BY_NAME</order>
-            </rule>
-          </section>
-          <section>
-            <rule>
-              <match>
-                <AND>
-                  <NAME>.*</NAME>
-                  <XML_NAMESPACE>http://schemas.android.com/apk/res/android</XML_NAMESPACE>
-                </AND>
-              </match>
-              <order>BY_NAME</order>
+              <order>ANDROID_ATTRIBUTE_ORDER</order>
             </rule>
           </section>
           <section>
@@ -226,6 +174,7 @@
               <match>
                 <AND>
                   <NAME>.*</NAME>
+                  <XML_ATTRIBUTE />
                   <XML_NAMESPACE>.*</XML_NAMESPACE>
                 </AND>
               </match>

bramble-android/build.gradle

@@ -5,23 +5,31 @@ apply plugin: 'witness'
 apply from: 'witness.gradle'
 
 android {
-	compileSdkVersion 28
-	buildToolsVersion '28.0.3'
+	compileSdkVersion 29
+	buildToolsVersion '29.0.2'
 
 	defaultConfig {
-		minSdkVersion 14
-		targetSdkVersion 26
-		versionCode 10107
-		versionName "1.1.7"
+		minSdkVersion 16
+		targetSdkVersion 28
+		versionCode 10207
+		versionName "1.2.7"
 		consumerProguardFiles 'proguard-rules.txt'
 
-		testInstrumentationRunner "android.support.test.runner.AndroidJUnitRunner"
+		testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
 	}
 
 	compileOptions {
 		sourceCompatibility JavaVersion.VERSION_1_8
 		targetCompatibility JavaVersion.VERSION_1_8
 	}
+
+	lintOptions {
+		// FIXME
+		warning "LintError"
+		warning "InvalidPackage"
+		warning "MissingPermission"
+		warning "InlinedApi", "ObsoleteSdkInt", "Override", "NewApi", "UnusedAttribute"
+	}
 }
 
 configurations {
@@ -30,10 +38,10 @@ configurations {
 
 dependencies {
 	implementation project(path: ':bramble-core', configuration: 'default')
-	tor 'org.briarproject:tor-android:0.3.5.8@zip'
-	tor 'org.briarproject:obfs4proxy-android:0.0.9@zip'
+	tor 'org.briarproject:tor-android:0.3.5.10@zip'
+	tor 'org.briarproject:obfs4proxy-android:0.0.11-2@zip'
 
-	annotationProcessor 'com.google.dagger:dagger-compiler:2.22.1'
+	annotationProcessor 'com.google.dagger:dagger-compiler:2.24'
 
 	compileOnly 'javax.annotation:jsr250-api:1.0'
 
@@ -59,6 +67,8 @@ task unpackTorBinaries {
 		copy {
 			from configurations.tor.collect { zipTree(it) }
 			into torBinariesDir
+			// TODO: Remove after next Tor upgrade, which won't include non-PIE binaries
+			include 'geoip.zip', '*_pie.zip'
 		}
 	}
 	dependsOn cleanTorBinaries

bramble-android/src/main/java/org/briarproject/bramble/BrambleAndroidEagerSingletons.java

@@ -11,4 +11,14 @@ public interface BrambleAndroidEagerSingletons {
 	void inject(AndroidNetworkModule.EagerSingletons init);
 
 	void inject(ReportingModule.EagerSingletons init);
+
+	class Helper {
+
+		public static void injectEagerSingletons(
+				BrambleAndroidEagerSingletons c) {
+			c.inject(new AndroidBatteryModule.EagerSingletons());
+			c.inject(new AndroidNetworkModule.EagerSingletons());
+			c.inject(new ReportingModule.EagerSingletons());
+		}
+	}
 }

bramble-android/src/main/java/org/briarproject/bramble/BrambleAndroidModule.java

@@ -18,10 +18,4 @@ import dagger.Module;
 		SocksModule.class
 })
 public class BrambleAndroidModule {
-
-	public static void initEagerSingletons(BrambleAndroidEagerSingletons c) {
-		c.inject(new AndroidBatteryModule.EagerSingletons());
-		c.inject(new AndroidNetworkModule.EagerSingletons());
-		c.inject(new ReportingModule.EagerSingletons());
-	}
 }

bramble-android/src/main/java/org/briarproject/bramble/account/AndroidAccountManager.java

@@ -12,13 +12,16 @@ import org.briarproject.bramble.api.identity.IdentityManager;
 
 import java.io.File;
 import java.util.HashSet;
+import java.util.List;
 import java.util.Set;
 import java.util.logging.Logger;
 
 import javax.annotation.Nullable;
+import javax.annotation.concurrent.GuardedBy;
 import javax.inject.Inject;
 
 import static android.os.Build.VERSION.SDK_INT;
+import static java.util.Arrays.asList;
 import static java.util.logging.Level.INFO;
 import static org.briarproject.bramble.util.IoUtils.deleteFileOrDir;
 import static org.briarproject.bramble.util.LogUtils.logFileOrDir;
@@ -29,7 +32,11 @@ class AndroidAccountManager extends AccountManagerImpl
 	private static final Logger LOG =
 			Logger.getLogger(AndroidAccountManager.class.getName());
 
-	private static final String PREF_DB_KEY = "key";
+	/**
+	 * Directories that shouldn't be deleted when deleting the user's account.
+	 */
+	private static final List<String> PROTECTED_DIR_NAMES =
+			asList("cache", "code_cache", "lib", "shared_prefs");
 
 	protected final Context appContext;
 	private final SharedPreferences prefs;
@@ -53,36 +60,6 @@ class AndroidAccountManager extends AccountManagerImpl
 		return exists;
 	}
 
-	// Locking: stateChangeLock
-	@Override
-	@Nullable
-	protected String loadEncryptedDatabaseKey() {
-		String key = getDatabaseKeyFromPreferences();
-		if (key == null) key = super.loadEncryptedDatabaseKey();
-		else migrateDatabaseKeyToFile(key);
-		return key;
-	}
-
-	// Locking: stateChangeLock
-	@Nullable
-	private String getDatabaseKeyFromPreferences() {
-		String key = prefs.getString(PREF_DB_KEY, null);
-		if (key == null) LOG.info("No database key in preferences");
-		else LOG.info("Found database key in preferences");
-		return key;
-	}
-
-	// Locking: stateChangeLock
-	private void migrateDatabaseKeyToFile(String key) {
-		if (storeEncryptedDatabaseKey(key)) {
-			if (prefs.edit().remove(PREF_DB_KEY).commit())
-				LOG.info("Database key migrated to file");
-			else LOG.warning("Database key not removed from preferences");
-		} else {
-			LOG.warning("Database key not migrated to file");
-		}
-	}
-
 	@Override
 	public void deleteAccount() {
 		synchronized (stateChangeLock) {
@@ -105,14 +82,14 @@ class AndroidAccountManager extends AccountManagerImpl
 		return PreferenceManager.getDefaultSharedPreferences(appContext);
 	}
 
-	// Locking: stateChangeLock
+	@GuardedBy("stateChangeLock")
 	private void deleteAppData(SharedPreferences... clear) {
 		// Clear and commit shared preferences
 		for (SharedPreferences prefs : clear) {
 			if (!prefs.edit().clear().commit())
 				LOG.warning("Could not clear shared preferences");
 		}
-		// Delete files, except lib and shared_prefs directories
+		// Delete files, except protected directories
 		Set<File> files = new HashSet<>();
 		File dataDir = getDataDir();
 		@Nullable
@@ -121,14 +98,12 @@ class AndroidAccountManager extends AccountManagerImpl
 			LOG.warning("Could not list files in app data dir");
 		} else {
 			for (File file : fileArray) {
-				String name = file.getName();
-				if (!name.equals("lib") && !name.equals("shared_prefs")) {
+				if (!PROTECTED_DIR_NAMES.contains(file.getName())) {
 					files.add(file);
 				}
 			}
 		}
 		files.add(appContext.getFilesDir());
-		files.add(appContext.getCacheDir());
 		addIfNotNull(files, appContext.getExternalCacheDir());
 		if (SDK_INT >= 19) {
 			for (File file : appContext.getExternalCacheDirs()) {
@@ -140,12 +115,16 @@ class AndroidAccountManager extends AccountManagerImpl
 				addIfNotNull(files, file);
 			}
 		}
+		// Clear the cache directory but don't delete it
+		File cacheDir = appContext.getCacheDir();
+		File[] children = cacheDir.listFiles();
+		if (children != null) files.addAll(asList(children));
 		for (File file : files) {
+			if (LOG.isLoggable(INFO)) {
+				LOG.info("Deleting " + file.getAbsolutePath());
+			}
 			deleteFileOrDir(file);
 		}
-		// Recreate the cache dir as some OpenGL drivers expect it to exist
-		if (!new File(dataDir, "cache").mkdirs())
-			LOG.warning("Could not recreate cache dir");
 	}
 
 	private File getDataDir() {

bramble-android/src/main/java/org/briarproject/bramble/network/AndroidNetworkManager.java

@@ -32,6 +32,7 @@ import static android.content.Intent.ACTION_SCREEN_OFF;
 import static android.content.Intent.ACTION_SCREEN_ON;
 import static android.net.ConnectivityManager.CONNECTIVITY_ACTION;
 import static android.net.ConnectivityManager.TYPE_WIFI;
+import static android.net.wifi.p2p.WifiP2pManager.WIFI_P2P_THIS_DEVICE_CHANGED_ACTION;
 import static android.os.Build.VERSION.SDK_INT;
 import static android.os.PowerManager.ACTION_DEVICE_IDLE_MODE_CHANGED;
 import static java.util.concurrent.TimeUnit.MINUTES;
@@ -76,9 +77,9 @@ class AndroidNetworkManager implements NetworkManager, Service {
 		filter.addAction(ACTION_SCREEN_ON);
 		filter.addAction(ACTION_SCREEN_OFF);
 		filter.addAction(WIFI_AP_STATE_CHANGED_ACTION);
+		filter.addAction(WIFI_P2P_THIS_DEVICE_CHANGED_ACTION);
 		if (SDK_INT >= 23) filter.addAction(ACTION_DEVICE_IDLE_MODE_CHANGED);
 		appContext.registerReceiver(networkStateReceiver, filter);
-
 	}
 
 	@Override
@@ -136,7 +137,8 @@ class AndroidNetworkManager implements NetworkManager, Service {
 		}
 
 		private boolean isApEvent(@Nullable String action) {
-			return WIFI_AP_STATE_CHANGED_ACTION.equals(action);
+			return WIFI_AP_STATE_CHANGED_ACTION.equals(action) ||
+					WIFI_P2P_THIS_DEVICE_CHANGED_ACTION.equals(action);
 		}
 	}
 }

bramble-android/src/main/java/org/briarproject/bramble/plugin/bluetooth/AndroidBluetoothPlugin.java

@@ -9,6 +9,7 @@ import android.content.Context;
 import android.content.Intent;
 import android.content.IntentFilter;
 
+import org.briarproject.bramble.api.io.TimeoutMonitor;
 import org.briarproject.bramble.api.nullsafety.MethodsNotNullByDefault;
 import org.briarproject.bramble.api.nullsafety.ParametersNotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
@@ -24,7 +25,6 @@ import java.io.IOException;
 import java.security.SecureRandom;
 import java.util.ArrayList;
 import java.util.Collection;
-import java.util.Collections;
 import java.util.List;
 import java.util.UUID;
 import java.util.concurrent.BlockingQueue;
@@ -47,7 +47,10 @@ import static android.bluetooth.BluetoothAdapter.SCAN_MODE_NONE;
 import static android.bluetooth.BluetoothAdapter.STATE_OFF;
 import static android.bluetooth.BluetoothAdapter.STATE_ON;
 import static android.bluetooth.BluetoothDevice.ACTION_FOUND;
+import static android.bluetooth.BluetoothDevice.DEVICE_TYPE_LE;
 import static android.bluetooth.BluetoothDevice.EXTRA_DEVICE;
+import static android.os.Build.VERSION.SDK_INT;
+import static java.util.Collections.shuffle;
 import static java.util.concurrent.TimeUnit.MILLISECONDS;
 import static java.util.logging.Level.INFO;
 import static java.util.logging.Level.WARNING;
@@ -74,11 +77,12 @@ class AndroidBluetoothPlugin extends BluetoothPlugin<BluetoothServerSocket> {
 	private volatile BluetoothAdapter adapter = null;
 
 	AndroidBluetoothPlugin(BluetoothConnectionLimiter connectionLimiter,
-			Executor ioExecutor, AndroidExecutor androidExecutor,
-			Context appContext, SecureRandom secureRandom, Clock clock,
-			Backoff backoff, PluginCallback callback, int maxLatency) {
-		super(connectionLimiter, ioExecutor, secureRandom, backoff, callback,
-				maxLatency);
+			TimeoutMonitor timeoutMonitor, Executor ioExecutor,
+			SecureRandom secureRandom, AndroidExecutor androidExecutor,
+			Context appContext, Clock clock, Backoff backoff,
+			PluginCallback callback, int maxLatency, int maxIdleTime) {
+		super(connectionLimiter, timeoutMonitor, ioExecutor, secureRandom,
+				backoff, callback, maxLatency, maxIdleTime);
 		this.androidExecutor = androidExecutor;
 		this.appContext = appContext;
 		this.clock = clock;
@@ -170,9 +174,10 @@ class AndroidBluetoothPlugin extends BluetoothPlugin<BluetoothServerSocket> {
 		return wrapSocket(ss.accept());
 	}
 
-	private DuplexTransportConnection wrapSocket(BluetoothSocket s) {
-		return new AndroidBluetoothTransportConnection(this,
-				connectionLimiter, s);
+	private DuplexTransportConnection wrapSocket(BluetoothSocket s)
+			throws IOException {
+		return new AndroidBluetoothTransportConnection(this, connectionLimiter,
+				timeoutMonitor, s);
 	}
 
 	@Override
@@ -240,11 +245,15 @@ class AndroidBluetoothPlugin extends BluetoothPlugin<BluetoothServerSocket> {
 						break;
 					} else if (ACTION_FOUND.equals(action)) {
 						BluetoothDevice d = i.getParcelableExtra(EXTRA_DEVICE);
-						String address = d.getAddress();
-						if (LOG.isLoggable(INFO))
-							LOG.info("Discovered " + scrubMacAddress(address));
-						if (!addresses.contains(address))
-							addresses.add(address);
+						// Ignore Bluetooth LE devices
+						if (SDK_INT < 18 || d.getType() != DEVICE_TYPE_LE) {
+							String address = d.getAddress();
+							if (LOG.isLoggable(INFO))
+								LOG.info("Discovered " +
+										scrubMacAddress(address));
+							if (!addresses.contains(address))
+								addresses.add(address);
+						}
 					}
 					now = clock.currentTimeMillis();
 				}
@@ -260,7 +269,7 @@ class AndroidBluetoothPlugin extends BluetoothPlugin<BluetoothServerSocket> {
 			appContext.unregisterReceiver(receiver);
 		}
 		// Shuffle the addresses so we don't always try the same one first
-		Collections.shuffle(addresses);
+		shuffle(addresses);
 		return addresses;
 	}
 

bramble-android/src/main/java/org/briarproject/bramble/plugin/bluetooth/AndroidBluetoothPluginFactory.java

@@ -3,6 +3,7 @@ package org.briarproject.bramble.plugin.bluetooth;
 import android.content.Context;
 
 import org.briarproject.bramble.api.event.EventBus;
+import org.briarproject.bramble.api.io.TimeoutMonitor;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.Backoff;
 import org.briarproject.bramble.api.plugin.BackoffFactory;
@@ -25,6 +26,7 @@ import static org.briarproject.bramble.api.plugin.BluetoothConstants.ID;
 public class AndroidBluetoothPluginFactory implements DuplexPluginFactory {
 
 	private static final int MAX_LATENCY = 30 * 1000; // 30 seconds
+	private static final int MAX_IDLE_TIME = 30 * 1000; // 30 seconds
 	private static final int MIN_POLLING_INTERVAL = 60 * 1000; // 1 minute
 	private static final int MAX_POLLING_INTERVAL = 10 * 60 * 1000; // 10 mins
 	private static final double BACKOFF_BASE = 1.2;
@@ -35,18 +37,20 @@ public class AndroidBluetoothPluginFactory implements DuplexPluginFactory {
 	private final SecureRandom secureRandom;
 	private final EventBus eventBus;
 	private final Clock clock;
+	private final TimeoutMonitor timeoutMonitor;
 	private final BackoffFactory backoffFactory;
 
 	public AndroidBluetoothPluginFactory(Executor ioExecutor,
 			AndroidExecutor androidExecutor, Context appContext,
 			SecureRandom secureRandom, EventBus eventBus, Clock clock,
-			BackoffFactory backoffFactory) {
+			TimeoutMonitor timeoutMonitor, BackoffFactory backoffFactory) {
 		this.ioExecutor = ioExecutor;
 		this.androidExecutor = androidExecutor;
 		this.appContext = appContext;
 		this.secureRandom = secureRandom;
 		this.eventBus = eventBus;
 		this.clock = clock;
+		this.timeoutMonitor = timeoutMonitor;
 		this.backoffFactory = backoffFactory;
 	}
 
@@ -63,12 +67,13 @@ public class AndroidBluetoothPluginFactory implements DuplexPluginFactory {
 	@Override
 	public DuplexPlugin createPlugin(PluginCallback callback) {
 		BluetoothConnectionLimiter connectionLimiter =
-				new BluetoothConnectionLimiterImpl();
+				new BluetoothConnectionLimiterImpl(eventBus, clock);
 		Backoff backoff = backoffFactory.createBackoff(MIN_POLLING_INTERVAL,
 				MAX_POLLING_INTERVAL, BACKOFF_BASE);
 		AndroidBluetoothPlugin plugin = new AndroidBluetoothPlugin(
-				connectionLimiter, ioExecutor, androidExecutor, appContext,
-				secureRandom, clock, backoff, callback, MAX_LATENCY);
+				connectionLimiter, timeoutMonitor, ioExecutor, secureRandom,
+				androidExecutor, appContext, clock, backoff,
+				callback, MAX_LATENCY, MAX_IDLE_TIME);
 		eventBus.addListener(plugin);
 		return plugin;
 	}

bramble-android/src/main/java/org/briarproject/bramble/plugin/bluetooth/AndroidBluetoothTransportConnection.java

@@ -2,6 +2,7 @@ package org.briarproject.bramble.plugin.bluetooth;
 
 import android.bluetooth.BluetoothSocket;
 
+import org.briarproject.bramble.api.io.TimeoutMonitor;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.Plugin;
 import org.briarproject.bramble.api.plugin.duplex.AbstractDuplexTransportConnection;
@@ -10,24 +11,33 @@ import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
 
+import static org.briarproject.bramble.api.plugin.BluetoothConstants.PROP_ADDRESS;
+import static org.briarproject.bramble.util.AndroidUtils.isValidBluetoothAddress;
+
 @NotNullByDefault
 class AndroidBluetoothTransportConnection
 		extends AbstractDuplexTransportConnection {
 
-	private final BluetoothConnectionLimiter connectionManager;
+	private final BluetoothConnectionLimiter connectionLimiter;
 	private final BluetoothSocket socket;
+	private final InputStream in;
 
 	AndroidBluetoothTransportConnection(Plugin plugin,
-			BluetoothConnectionLimiter connectionManager,
-			BluetoothSocket socket) {
+			BluetoothConnectionLimiter connectionLimiter,
+			TimeoutMonitor timeoutMonitor, BluetoothSocket socket)
+			throws IOException {
 		super(plugin);
-		this.connectionManager = connectionManager;
+		this.connectionLimiter = connectionLimiter;
 		this.socket = socket;
+		in = timeoutMonitor.createTimeoutInputStream(
+				socket.getInputStream(), plugin.getMaxIdleTime() * 2);
+		String address = socket.getRemoteDevice().getAddress();
+		if (isValidBluetoothAddress(address)) remote.put(PROP_ADDRESS, address);
 	}
 
 	@Override
-	protected InputStream getInputStream() throws IOException {
-		return socket.getInputStream();
+	protected InputStream getInputStream() {
+		return in;
 	}
 
 	@Override
@@ -40,7 +50,7 @@ class AndroidBluetoothTransportConnection
 		try {
 			socket.close();
 		} finally {
-			connectionManager.connectionClosed(this);
+			connectionLimiter.connectionClosed(this);
 		}
 	}
 }

bramble-android/src/main/java/org/briarproject/bramble/plugin/tcp/AndroidLanTcpPlugin.java

@@ -19,7 +19,7 @@ import java.io.IOException;
 import java.net.InetAddress;
 import java.net.Socket;
 import java.net.UnknownHostException;
-import java.util.Collection;
+import java.util.List;
 import java.util.concurrent.Executor;
 import java.util.logging.Logger;
 
@@ -40,19 +40,6 @@ class AndroidLanTcpPlugin extends LanTcpPlugin implements EventListener {
 	private static final Logger LOG =
 			getLogger(AndroidLanTcpPlugin.class.getName());
 
-	private static final byte[] WIFI_AP_ADDRESS_BYTES =
-			{(byte) 192, (byte) 168, 43, 1};
-	private static final InetAddress WIFI_AP_ADDRESS;
-
-	static {
-		try {
-			WIFI_AP_ADDRESS = InetAddress.getByAddress(WIFI_AP_ADDRESS_BYTES);
-		} catch (UnknownHostException e) {
-			// Should only be thrown if the address has an illegal length
-			throw new AssertionError(e);
-		}
-	}
-
 	private final Executor connectionStatusExecutor;
 	private final ConnectivityManager connectivityManager;
 	@Nullable
@@ -62,8 +49,9 @@ class AndroidLanTcpPlugin extends LanTcpPlugin implements EventListener {
 
 	AndroidLanTcpPlugin(Executor ioExecutor, Context appContext,
 			Backoff backoff, PluginCallback callback, int maxLatency,
-			int maxIdleTime) {
-		super(ioExecutor, backoff, callback, maxLatency, maxIdleTime);
+			int maxIdleTime, int connectionTimeout) {
+		super(ioExecutor, backoff, callback, maxLatency, maxIdleTime,
+				connectionTimeout);
 		// Don't execute more than one connection status check at a time
 		connectionStatusExecutor =
 				new PoliteExecutor("AndroidLanTcpPlugin", ioExecutor, 1);
@@ -79,6 +67,7 @@ class AndroidLanTcpPlugin extends LanTcpPlugin implements EventListener {
 	@Override
 	public void start() {
 		if (used.getAndSet(true)) throw new IllegalStateException();
+		initialisePortProperty();
 		running = true;
 		updateConnectionStatus();
 	}
@@ -95,16 +84,19 @@ class AndroidLanTcpPlugin extends LanTcpPlugin implements EventListener {
 	}
 
 	@Override
-	protected Collection<InetAddress> getLocalIpAddresses() {
+	protected List<InetAddress> getUsableLocalInetAddresses() {
 		// If the device doesn't have wifi, don't open any sockets
 		if (wifiManager == null) return emptyList();
-		// If we're connected to a wifi network, use that network
+		// If we're connected to a wifi network, return its address
 		WifiInfo info = wifiManager.getConnectionInfo();
-		if (info != null && info.getIpAddress() != 0)
+		if (info != null && info.getIpAddress() != 0) {
 			return singletonList(intToInetAddress(info.getIpAddress()));
+		}
 		// If we're running an access point, return its address
-		if (super.getLocalIpAddresses().contains(WIFI_AP_ADDRESS))
-			return singletonList(WIFI_AP_ADDRESS);
+		for (InetAddress addr : getLocalInetAddresses()) {
+			if (addr.equals(WIFI_AP_ADDRESS)) return singletonList(addr);
+			if (addr.equals(WIFI_DIRECT_AP_ADDRESS)) return singletonList(addr);
+		}
 		// No suitable addresses
 		return emptyList();
 	}
@@ -144,8 +136,9 @@ class AndroidLanTcpPlugin extends LanTcpPlugin implements EventListener {
 	private void updateConnectionStatus() {
 		connectionStatusExecutor.execute(() -> {
 			if (!running) return;
-			Collection<InetAddress> addrs = getLocalIpAddresses();
-			if (addrs.contains(WIFI_AP_ADDRESS)) {
+			List<InetAddress> addrs = getUsableLocalInetAddresses();
+			if (addrs.contains(WIFI_AP_ADDRESS)
+					|| addrs.contains(WIFI_DIRECT_AP_ADDRESS)) {
 				LOG.info("Providing wifi hotspot");
 				// There's no corresponding Network object and thus no way
 				// to get a suitable socket factory, so we won't be able to

bramble-android/src/main/java/org/briarproject/bramble/plugin/tcp/AndroidLanTcpPluginFactory.java

@@ -21,10 +21,11 @@ import static org.briarproject.bramble.api.plugin.LanTcpConstants.ID;
 @NotNullByDefault
 public class AndroidLanTcpPluginFactory implements DuplexPluginFactory {
 
-	private static final int MAX_LATENCY = 30 * 1000; // 30 seconds
-	private static final int MAX_IDLE_TIME = 30 * 1000; // 30 seconds
-	private static final int MIN_POLLING_INTERVAL = 60 * 1000; // 1 minute
-	private static final int MAX_POLLING_INTERVAL = 10 * 60 * 1000; // 10 mins
+	private static final int MAX_LATENCY = 30_000; // 30 seconds
+	private static final int MAX_IDLE_TIME = 30_000; // 30 seconds
+	private static final int CONNECTION_TIMEOUT = 3_000; // 3 seconds
+	private static final int MIN_POLLING_INTERVAL = 60_000; // 1 minute
+	private static final int MAX_POLLING_INTERVAL = 600_000; // 10 mins
 	private static final double BACKOFF_BASE = 1.2;
 
 	private final Executor ioExecutor;
@@ -55,7 +56,8 @@ public class AndroidLanTcpPluginFactory implements DuplexPluginFactory {
 		Backoff backoff = backoffFactory.createBackoff(MIN_POLLING_INTERVAL,
 				MAX_POLLING_INTERVAL, BACKOFF_BASE);
 		AndroidLanTcpPlugin plugin = new AndroidLanTcpPlugin(ioExecutor,
-				appContext, backoff, callback, MAX_LATENCY, MAX_IDLE_TIME);
+				appContext, backoff, callback, MAX_LATENCY, MAX_IDLE_TIME,
+				CONNECTION_TIMEOUT);
 		eventBus.addListener(plugin);
 		return plugin;
 	}

bramble-android/src/main/java/org/briarproject/bramble/plugin/tor/AndroidTorPluginFactory.java

@@ -1,7 +1,6 @@
 package org.briarproject.bramble.plugin.tor;
 
 import android.content.Context;
-import android.os.Build;
 
 import org.briarproject.bramble.api.battery.BatteryManager;
 import org.briarproject.bramble.api.event.EventBus;
@@ -89,9 +88,15 @@ public class AndroidTorPluginFactory implements DuplexPluginFactory {
 		// Check that we have a Tor binary for this architecture
 		String architecture = null;
 		for (String abi : AndroidUtils.getSupportedArchitectures()) {
-			if (abi.startsWith("x86")) {
+			if (abi.startsWith("x86_64")) {
+				architecture = "x86_64";
+				break;
+			} else if (abi.startsWith("x86")) {
 				architecture = "x86";
 				break;
+			} else if (abi.startsWith("arm64")) {
+				architecture = "arm64";
+				break;
 			} else if (abi.startsWith("armeabi")) {
 				architecture = "arm";
 				break;
@@ -101,8 +106,8 @@ public class AndroidTorPluginFactory implements DuplexPluginFactory {
 			LOG.info("Tor is not supported on this architecture");
 			return null;
 		}
-		// Use position-independent executable for SDK >= 16
-		if (Build.VERSION.SDK_INT >= 16) architecture += "_pie";
+		// Use position-independent executable
+		architecture += "_pie";
 
 		Backoff backoff = backoffFactory.createBackoff(MIN_POLLING_INTERVAL,
 				MAX_POLLING_INTERVAL, BACKOFF_BASE);

bramble-android/src/main/java/org/briarproject/bramble/system/AndroidSecureRandomProvider.java

@@ -23,6 +23,7 @@ import javax.annotation.concurrent.Immutable;
 import javax.inject.Inject;
 
 import static android.content.Context.WIFI_SERVICE;
+import static android.os.Build.VERSION.SDK_INT;
 import static android.provider.Settings.Secure.ANDROID_ID;
 
 @Immutable
@@ -74,8 +75,7 @@ class AndroidSecureRandomProvider extends UnixSecureRandomProvider {
 		// Silence strict mode
 		StrictMode.ThreadPolicy tp = StrictMode.allowThreadDiskWrites();
 		super.writeSeed();
-		if (Build.VERSION.SDK_INT >= 16 && Build.VERSION.SDK_INT <= 18)
-			applyOpenSslFix();
+		if (SDK_INT <= 18) applyOpenSslFix();
 		StrictMode.setThreadPolicy(tp);
 	}
 

bramble-android/src/main/java/org/briarproject/bramble/util/AndroidUtils.java

@@ -6,15 +6,25 @@ import android.content.Context;
 import android.os.Build;
 import android.provider.Settings;
 
+import org.briarproject.bramble.api.Pair;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
 import java.io.File;
+import java.lang.reflect.Field;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Method;
 import java.util.ArrayList;
-import java.util.Arrays;
 import java.util.Collection;
 import java.util.List;
 
+import javax.annotation.Nullable;
+
 import static android.content.Context.MODE_PRIVATE;
 import static android.os.Build.VERSION.SDK_INT;
+import static java.util.Arrays.asList;
+import static org.briarproject.bramble.api.nullsafety.NullSafety.requireNonNull;
 
+@NotNullByDefault
 public class AndroidUtils {
 
 	// Fake Bluetooth address returned by BluetoothAdapter on API 23 and later
@@ -22,11 +32,10 @@ public class AndroidUtils {
 
 	private static final String STORED_REPORTS = "dev-reports";
 
-	@SuppressWarnings("deprecation")
 	public static Collection<String> getSupportedArchitectures() {
 		List<String> abis = new ArrayList<>();
 		if (SDK_INT >= 21) {
-			abis.addAll(Arrays.asList(Build.SUPPORTED_ABIS));
+			abis.addAll(asList(Build.SUPPORTED_ABIS));
 		} else {
 			abis.add(Build.CPU_ABI);
 			if (Build.CPU_ABI2 != null) abis.add(Build.CPU_ABI2);
@@ -36,25 +45,76 @@ public class AndroidUtils {
 
 	public static String getBluetoothAddress(Context ctx,
 			BluetoothAdapter adapter) {
+		return getBluetoothAddressAndMethod(ctx, adapter).getFirst();
+	}
+
+	public static Pair<String, String> getBluetoothAddressAndMethod(Context ctx,
+			BluetoothAdapter adapter) {
 		// Return the adapter's address if it's valid and not fake
 		@SuppressLint("HardwareIds")
 		String address = adapter.getAddress();
-		if (isValidBluetoothAddress(address)) return address;
+		if (isValidBluetoothAddress(address)) {
+			return new Pair<>(address, "adapter");
+		}
 		// Return the address from settings if it's valid and not fake
 		address = Settings.Secure.getString(ctx.getContentResolver(),
 				"bluetooth_address");
-		if (isValidBluetoothAddress(address)) return address;
+		if (isValidBluetoothAddress(address)) {
+			return new Pair<>(address, "settings");
+		}
+		// Try to get the address via reflection
+		address = getBluetoothAddressByReflection(adapter);
+		if (isValidBluetoothAddress(address)) {
+			return new Pair<>(requireNonNull(address), "reflection");
+		}
 		// Let the caller know we can't find the address
-		return "";
+		return new Pair<>("", "");
 	}
 
-	private static boolean isValidBluetoothAddress(String address) {
+	public static boolean isValidBluetoothAddress(@Nullable String address) {
 		return !StringUtils.isNullOrEmpty(address)
 				&& BluetoothAdapter.checkBluetoothAddress(address)
 				&& !address.equals(FAKE_BLUETOOTH_ADDRESS);
 	}
 
+	@Nullable
+	private static String getBluetoothAddressByReflection(
+			BluetoothAdapter adapter) {
+		try {
+			Field mServiceField =
+					adapter.getClass().getDeclaredField("mService");
+			mServiceField.setAccessible(true);
+			Object mService = mServiceField.get(adapter);
+			// mService may be null when Bluetooth is disabled
+			if (mService == null) throw new NoSuchFieldException();
+			Method getAddressMethod =
+					mService.getClass().getMethod("getAddress");
+			return (String) getAddressMethod.invoke(mService);
+		} catch (NoSuchFieldException e) {
+			return null;
+		} catch (IllegalAccessException e) {
+			return null;
+		} catch (NoSuchMethodException e) {
+			return null;
+		} catch (InvocationTargetException e) {
+			return null;
+		} catch (SecurityException e) {
+			return null;
+		}
+	}
+
 	public static File getReportDir(Context ctx) {
 		return ctx.getDir(STORED_REPORTS, MODE_PRIVATE);
 	}
+
+	/**
+	 * Returns an array of supported content types for image attachments.
+	 * GIFs can't be compressed on API < 24 so they're not supported.
+	 * <p>
+	 * TODO: Remove this restriction when large message support is added
+	 */
+	public static String[] getSupportedImageContentTypes() {
+		if (SDK_INT < 24) return new String[] {"image/jpeg", "image/png"};
+		else return new String[] {"image/jpeg", "image/png", "image/gif"};
+	}
 }

bramble-android/src/test/java/org/briarproject/bramble/account/AndroidAccountManagerTest.java

@@ -16,13 +16,10 @@ import org.junit.Test;
 
 import java.io.File;
 
-import static junit.framework.Assert.assertEquals;
 import static junit.framework.Assert.assertFalse;
 import static junit.framework.Assert.assertTrue;
 import static org.briarproject.bramble.test.TestUtils.deleteTestDirectory;
-import static org.briarproject.bramble.test.TestUtils.getRandomBytes;
 import static org.briarproject.bramble.test.TestUtils.getTestDirectory;
-import static org.briarproject.bramble.util.StringUtils.toHexString;
 
 public class AndroidAccountManagerTest extends BrambleMockTestCase {
 
@@ -40,11 +37,8 @@ public class AndroidAccountManagerTest extends BrambleMockTestCase {
 	private final Application app;
 	private final ApplicationInfo applicationInfo;
 
-	private final String encryptedKeyHex = toHexString(getRandomBytes(123));
 	private final File testDir = getTestDirectory();
 	private final File keyDir = new File(testDir, "key");
-	private final File keyFile = new File(keyDir, "db.key");
-	private final File keyBackupFile = new File(keyDir, "db.key.bak");
 	private final File dbDir = new File(testDir, "db");
 
 	private AndroidAccountManager accountManager;
@@ -75,33 +69,12 @@ public class AndroidAccountManagerTest extends BrambleMockTestCase {
 		};
 	}
 
-	@Test
-	public void testDbKeyIsMigratedFromPreferencesToFile() {
-		context.checking(new Expectations() {{
-			oneOf(prefs).getString("key", null);
-			will(returnValue(encryptedKeyHex));
-			oneOf(prefs).edit();
-			will(returnValue(editor));
-			oneOf(editor).remove("key");
-			will(returnValue(editor));
-			oneOf(editor).commit();
-			will(returnValue(true));
-		}});
-
-		assertFalse(keyFile.exists());
-		assertFalse(keyBackupFile.exists());
-
-		assertEquals(encryptedKeyHex,
-				accountManager.loadEncryptedDatabaseKey());
-
-		assertTrue(keyFile.exists());
-		assertTrue(keyBackupFile.exists());
-	}
-
 	@Test
 	public void testDeleteAccountClearsSharedPrefsAndDeletesFiles()
 			throws Exception {
-		// Directories 'lib' and 'shared_prefs' should be spared
+		// Directories 'code_cache', 'lib' and 'shared_prefs' should be spared
+		File codeCacheDir = new File(testDir, "code_cache");
+		File codeCacheFile = new File(codeCacheDir, "file");
 		File libDir = new File(testDir, "lib");
 		File libFile = new File(libDir, "file");
 		File sharedPrefsDir = new File(testDir, "shared_prefs");
@@ -140,6 +113,8 @@ public class AndroidAccountManagerTest extends BrambleMockTestCase {
 
 		assertTrue(dbDir.mkdirs());
 		assertTrue(keyDir.mkdirs());
+		assertTrue(codeCacheDir.mkdirs());
+		assertTrue(codeCacheFile.createNewFile());
 		assertTrue(libDir.mkdirs());
 		assertTrue(libFile.createNewFile());
 		assertTrue(sharedPrefsDir.mkdirs());
@@ -155,6 +130,8 @@ public class AndroidAccountManagerTest extends BrambleMockTestCase {
 
 		assertFalse(dbDir.exists());
 		assertFalse(keyDir.exists());
+		assertTrue(codeCacheDir.exists());
+		assertTrue(codeCacheFile.exists());
 		assertTrue(libDir.exists());
 		assertTrue(libFile.exists());
 		assertTrue(sharedPrefsDir.exists());

bramble-android/witness.gradle

@@ -1,44 +1,46 @@
 dependencyVerification {
     verify = [
         'cglib:cglib:3.2.0:cglib-3.2.0.jar:adb13bab79712ad6bdf1bd59f2a3918018a8016e722e8a357065afb9e6690861',
-        'com.android.tools.analytics-library:protos:26.4.0:protos-26.4.0.jar:ad760915586797d39319f402837b378bff3bb4ed583e3e0c48c965631fb2135f',
-        'com.android.tools.analytics-library:shared:26.4.0:shared-26.4.0.jar:1332106a905d48909c81268c9e414946de3e83487db394c6073b0a9b5c3d0ed2',
-        'com.android.tools.analytics-library:tracker:26.4.0:tracker-26.4.0.jar:d0020cfbfd4cd75935f2972d6a24089840d4a10df6f3ef2a796093217dd37796',
-        'com.android.tools.build:apksig:3.4.0:apksig-3.4.0.jar:91d5a1866139c69756280355a6f61b4d619d0516841580114f45a10f2177327e',
-        'com.android.tools.build:apkzlib:3.4.0:apkzlib-3.4.0.jar:8653c85f5fdf1dde840e8b8af7396aeb79c34b66e541b5860059616006535592',
-        'com.android.tools.build:builder-model:3.4.0:builder-model-3.4.0.jar:a88f138124a9f016a70bcb4760359a502f65c7deed56507ee4014f4dd9ea853b',
-        'com.android.tools.build:builder-test-api:3.4.0:builder-test-api-3.4.0.jar:31089ab1ec19ca7687a010867d2f3807513c805b8226979706f4247b5d4df26f',
-        'com.android.tools.build:builder:3.4.0:builder-3.4.0.jar:476221b5203a7f50089bf185ed95000a34b6f5020ef0a17815afd58606922679',
-        'com.android.tools.build:gradle-api:3.4.0:gradle-api-3.4.0.jar:215eca38f6719213c2f492b4d622cdd11676c66c9871f8a2aed0c66d00175628',
-        'com.android.tools.build:manifest-merger:26.4.0:manifest-merger-26.4.0.jar:29e45e690dedd165035e97c21c2ca94d0bd4ec16b6b210daa26669a582b6f220',
-        'com.android.tools.ddms:ddmlib:26.4.0:ddmlib-26.4.0.jar:93f56fe4630c3166adbd6c51d7bb602d96abb91b07ba5b1165fdcd071e88c940',
-        'com.android.tools.external.com-intellij:intellij-core:26.4.0:intellij-core-26.4.0.jar:30cb0e879d4424de9677a50b537fb628636b4a50f5470af5e52437980c41421f',
-        'com.android.tools.external.com-intellij:kotlin-compiler:26.4.0:kotlin-compiler-26.4.0.jar:dd1fe225c31a0e012dc025336363a5b783e2c5c20ffb69e77f8f57e89420d998',
-        'com.android.tools.external.org-jetbrains:uast:26.4.0:uast-26.4.0.jar:f25f3285b775a983327583ff6584dea54e447813ef69e0ce08b05a45b5f4aab0',
-        'com.android.tools.layoutlib:layoutlib-api:26.4.0:layoutlib-api-26.4.0.jar:52128f5cf293b224072be361919bfd416e59480ab7264ddcdbbf046b0d7a12e3',
-        'com.android.tools.lint:lint-api:26.4.0:lint-api-26.4.0.jar:fdb8fca8ae4c254f438338d03d72605e00ed106f2d5550405af41ca1c8509401',
-        'com.android.tools.lint:lint-checks:26.4.0:lint-checks-26.4.0.jar:4ff52d40488cd3e22b9c6b2eb67784e0c3269d0b42ef9d17689cd75a7b2bceb4',
-        'com.android.tools.lint:lint-gradle-api:26.4.0:lint-gradle-api-26.4.0.jar:714b7a85c7d2aa10daeab16e969fe7530c659d0728a7f24021da456870418d0f',
-        'com.android.tools.lint:lint-gradle:26.4.0:lint-gradle-26.4.0.jar:b8c130d273f522388734457e1b96790f41528fcec6fda9e8eaa4e4d95a07cfbb',
-        'com.android.tools.lint:lint:26.4.0:lint-26.4.0.jar:83aa062fb0405b60ed358d858c8c2955e1bae44a455b498068c6a60988755f00',
-        'com.android.tools:annotations:26.4.0:annotations-26.4.0.jar:a7955b8e19c3a2a861d6faa43a58b7c0d46ea9112188ee3e235c6f9f439ecc1a',
-        'com.android.tools:common:26.4.0:common-26.4.0.jar:ea40b94b3c1284ea7700f011388e2906a8363a66abd902891722b3c557984852',
-        'com.android.tools:dvlib:26.4.0:dvlib-26.4.0.jar:23af89c535b01ba36ceed1b6b309b672814eba624e643cd7dedf0519edad50cc',
-        'com.android.tools:repository:26.4.0:repository-26.4.0.jar:3d1763ab46199374dc6d94129bba11c70f1d5857e2c81a3ac4898abca40b176b',
-        'com.android.tools:sdk-common:26.4.0:sdk-common-26.4.0.jar:78a522525b30ffc6b7bf1299c831d24ce385f68a9f4878f8f752e9baefa31b0f',
-        'com.android.tools:sdklib:26.4.0:sdklib-26.4.0.jar:b854c23892013a326d761cf071c72cf3e038ed0469d10f4a356829fa56e4c132',
-        'com.google.code.findbugs:jsr305:1.3.9:jsr305-1.3.9.jar:905721a0eea90a81534abb7ee6ef4ea2e5e645fa1def0a5cd88402df1b46c9ed',
+        'com.android.tools.analytics-library:protos:26.5.1:protos-26.5.1.jar:8dde1130725461fe827f2a343d353f2b51e8870661fc860d7d5ebddb097ead4e',
+        'com.android.tools.analytics-library:shared:26.5.1:shared-26.5.1.jar:ccc2f3b00ec17b11401610ba68553544fc8fc517120e84439ac6eb86b875e18d',
+        'com.android.tools.analytics-library:tracker:26.5.1:tracker-26.5.1.jar:3a76984c0fe2e847ca7a8b35b4780ef0447a9d1666946cb8e60466318e0ab5ae',
+        'com.android.tools.build:aapt2-proto:0.4.0:aapt2-proto-0.4.0.jar:fac0435e08898f89eeeb9ca236bea707155ff816c12205ced285ad53604133ca',
+        'com.android.tools.build:apksig:3.5.1:apksig-3.5.1.jar:1fd33e7f009a2a0da766cfeec4211a09f548034b015c289a66d75dd8a9302f4a',
+        'com.android.tools.build:apkzlib:3.5.1:apkzlib-3.5.1.jar:9f330167cbe973b7db407692f74f4f6453b7ffa5f2048934b06280c2ceee60fa',
+        'com.android.tools.build:builder-model:3.5.1:builder-model-3.5.1.jar:39ea3c82b76b6e0c9f9fa88d93e0edc1dd4a0f1dfae0ef6fbf2d451da47e5450',
+        'com.android.tools.build:builder-test-api:3.5.1:builder-test-api-3.5.1.jar:a1b59305584cbcaa078fdc9cfb80871012755b822dd32e8da19add6f7bbcb762',
+        'com.android.tools.build:builder:3.5.1:builder-3.5.1.jar:e3a8d382434c5f60990730c4719fc814e85a898a33a1e96c1df8d627d3c6eea6',
+        'com.android.tools.build:gradle-api:3.5.1:gradle-api-3.5.1.jar:be9b41859bace11998f66b04ed944f87e413f3ad6da3c4665587699da125addc',
+        'com.android.tools.build:manifest-merger:26.5.1:manifest-merger-26.5.1.jar:dcad9ecb967251f4d750f55a4204a2b400e8fbfe5cb930a1d0d5dbe10ae8bdfc',
+        'com.android.tools.ddms:ddmlib:26.5.1:ddmlib-26.5.1.jar:b081aef2a4ed3f4d47cae4cdb128469735f25a114e026d37123bf9ffdec742a8',
+        'com.android.tools.external.com-intellij:intellij-core:26.5.1:intellij-core-26.5.1.jar:20eced30adc124805bd93488d9cd9d3e33e6bf7b48e9fe5a703d4983f894d450',
+        'com.android.tools.external.com-intellij:kotlin-compiler:26.5.1:kotlin-compiler-26.5.1.jar:5aed762dd54875b77ae7018d97c05756ff0c5b9fd02ec595dd396ccd14cc22cb',
+        'com.android.tools.external.org-jetbrains:uast:26.5.1:uast-26.5.1.jar:4bc8653d6c0943f40fee963a149e36c6baa45683d2530968a13f5007e3c40740',
+        'com.android.tools.layoutlib:layoutlib-api:26.5.1:layoutlib-api-26.5.1.jar:88732f11396c427273e515d23042e35633f4fe4295528a99b866aa2adf0efd9c',
+        'com.android.tools.lint:lint-api:26.5.1:lint-api-26.5.1.jar:ec33fcd72bfaf70dd841e03fbfd93f109c2e575aec146067c606689c3972f0de',
+        'com.android.tools.lint:lint-checks:26.5.1:lint-checks-26.5.1.jar:a1b9607d484aaae7a71dcecdc76f8003d8239af226c776894a2cf63f9e6c60d7',
+        'com.android.tools.lint:lint-gradle-api:26.5.1:lint-gradle-api-26.5.1.jar:82453fd98a8394cc84ed995c04d2cd744abd1d6589403427ba7eef53115406f3',
+        'com.android.tools.lint:lint-gradle:26.5.1:lint-gradle-26.5.1.jar:59465b56cf7db77c656d5f8195d721c3d48b6bdd0502d774de335bfe4baff00b',
+        'com.android.tools.lint:lint:26.5.1:lint-26.5.1.jar:336e4b04ec6f8b0f25879131b7a7862d77df83a1879ee5b71be26128755f8e2e',
+        'com.android.tools:annotations:26.5.1:annotations-26.5.1.jar:2c43c82f8c59d8f7a61e3239e1a2dc9f69dc342ec09af9b7c9f69b25337c0b6e',
+        'com.android.tools:common:26.5.1:common-26.5.1.jar:eccfa54486ed54c4e3123cc42195d023bd0dd21bcd2f0e4868e8c6fc70f8ef6b',
+        'com.android.tools:dvlib:26.5.1:dvlib-26.5.1.jar:46f93ad498b4756e7d867d2fe38c38890a80e7407a4ae459e4a8c8d5c5aeacfe',
+        'com.android.tools:repository:26.5.1:repository-26.5.1.jar:2b3ee791aa4c3e8ce60498c161a27ca7228816fc630eed4d9f25f2f36a106dce',
+        'com.android.tools:sdk-common:26.5.1:sdk-common-26.5.1.jar:365f749676c3574676fd465177c8a492f340816db2b520d6ed114d3b6e77bea7',
+        'com.android.tools:sdklib:26.5.1:sdklib-26.5.1.jar:007da104afb27c8c682a1628023fe9ec438249c8d15ef0fd6624c5bb8e23b696',
         'com.google.code.findbugs:jsr305:3.0.2:jsr305-3.0.2.jar:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7',
-        'com.google.code.gson:gson:2.8.0:gson-2.8.0.jar:c6221763bd79c4f1c3dc7f750b5f29a0bb38b367b81314c4f71896e340c40825',
-        'com.google.dagger:dagger-compiler:2.22.1:dagger-compiler-2.22.1.jar:e5f28302cbe70a79d3620cddebfb8ec0736814f3980ffe1e673bfe3342f507d3',
-        'com.google.dagger:dagger-producers:2.22.1:dagger-producers-2.22.1.jar:f834a0082014213a68ff06a0f048d750178d02196c58b0b15beb367d32b97e35',
-        'com.google.dagger:dagger-spi:2.22.1:dagger-spi-2.22.1.jar:4b0b922793b3bcb91b99fabb75dba77c68afd7ae4c5f0c4fd6ba681f0a291c7d',
-        'com.google.dagger:dagger:2.22.1:dagger-2.22.1.jar:329d4340f24c4f5717af016c097e90668bfea2a5376e6aa9964b01cef3fd241a',
-        'com.google.errorprone:error_prone_annotations:2.1.3:error_prone_annotations-2.1.3.jar:03d0329547c13da9e17c634d1049ea2ead093925e290567e1a364fd6b1fc7ff8',
+        'com.google.code.gson:gson:2.8.5:gson-2.8.5.jar:233a0149fc365c9f6edbd683cfe266b19bdc773be98eabdaf6b3c924b48e7d81',
+        'com.google.dagger:dagger-compiler:2.24:dagger-compiler-2.24.jar:3c5afb955fb188da485cb2c048eff37dce0e1530b9780a0f2f7187d16d1ccc1f',
+        'com.google.dagger:dagger-producers:2.24:dagger-producers-2.24.jar:f10f45b95191954d5d6b043fca9e62fb621d21bf70634b8f8476c7988b504c3a',
+        'com.google.dagger:dagger-spi:2.24:dagger-spi-2.24.jar:c038445d14dbcb4054e61bf49e05009edf26fce4fdc7ec1a9db544784f68e718',
+        'com.google.dagger:dagger:2.24:dagger-2.24.jar:550a6e46a6dfcdf1d764887b6090cea94f783327e50e5c73754f18facfc70b64',
+        'com.google.errorprone:error_prone_annotations:2.2.0:error_prone_annotations-2.2.0.jar:6ebd22ca1b9d8ec06d41de8d64e0596981d9607b42035f9ed374f9de271a481a',
         'com.google.errorprone:javac-shaded:9-dev-r4023-3:javac-shaded-9-dev-r4023-3.jar:65bfccf60986c47fbc17c9ebab0be626afc41741e0a6ec7109e0768817a36f30',
         'com.google.googlejavaformat:google-java-format:1.5:google-java-format-1.5.jar:aa19ad7850fb85178aa22f2fddb163b84d6ce4d0035872f30d4408195ca1144e',
-        'com.google.guava:guava:25.0-jre:guava-25.0-jre.jar:3fd4341776428c7e0e5c18a7c10de129475b69ab9d30aeafbb5c277bb6074fa9',
-        'com.google.guava:guava:26.0-jre:guava-26.0-jre.jar:a0e9cabad665bc20bcd2b01f108e5fc03f756e13aea80abaadb9f407033bea2c',
+        'com.google.guava:failureaccess:1.0.1:failureaccess-1.0.1.jar:a171ee4c734dd2da837e4b16be9df4661afab72a41adaf31eb84dfdaf936ca26',
+        'com.google.guava:guava:27.0.1-jre:guava-27.0.1-jre.jar:e1c814fd04492a27c38e0317eabeaa1b3e950ec8010239e400fe90ad6c9107b4',
+        'com.google.guava:guava:27.1-jre:guava-27.1-jre.jar:4a5aa70cc968a4d137e599ad37553e5cfeed2265e8c193476d7119036c536fe7',
+        'com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava:listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar:b372a037d4230aa57fbeffdef30fd6123f9c0c2db85d0aced00c91b974f33f99',
         'com.google.j2objc:j2objc-annotations:1.1:j2objc-annotations-1.1.jar:2994a7eb78f2710bd3d3bfb639b2c94e219cedac0d4d084d516e78c16dddecf6',
         'com.google.jimfs:jimfs:1.1:jimfs-1.1.jar:c4828e28d7c0a930af9387510b3bada7daa5c04d7c25a75c7b8b081f1c257ddd',
         'com.google.protobuf:protobuf-java:3.4.0:protobuf-java-3.4.0.jar:dce7e66b32456a1b1198da0caff3a8acb71548658391e798c79369241e6490a4',
@@ -55,6 +57,7 @@ dependencyVerification {
         'javax.inject:javax.inject:1:javax.inject-1.jar:91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff',
         'javax.xml.bind:jaxb-api:2.2.12-b140109.1041:jaxb-api-2.2.12-b140109.1041.jar:b5e60cd8b7b5ff01ce4a74c5dd008f4fbd14ced3495d0b47b85cfedc182211f2',
         'junit:junit:4.12:junit-4.12.jar:59721f0805e223d84b90677887d9ff567dc534d7c502ca903c0c2b17f05c116a',
+        'net.ltgt.gradle.incap:incap:0.2:incap-0.2.jar:b625b9806b0f1e4bc7a2e3457119488de3cd57ea20feedd513db070a573a4ffd',
         'net.sf.jopt-simple:jopt-simple:4.9:jopt-simple-4.9.jar:26c5856e954b5f864db76f13b86919b59c6eecf9fd930b96baa8884626baf2f5',
         'net.sf.kxml:kxml2:2.3.0:kxml2-2.3.0.jar:f264dd9f79a1fde10ce5ecc53221eff24be4c9331c830b7d52f2f08a7b633de2',
         'org.apache.ant:ant-launcher:1.9.4:ant-launcher-1.9.4.jar:7bccea20b41801ca17bcbc909a78c835d0f443f12d639c77bd6ae3d05861608d',
@@ -66,22 +69,22 @@ dependencyVerification {
         'org.beanshell:bsh:1.3.0:bsh-1.3.0.jar:9b04edc75d19db54f1b4e8b5355e9364384c6cf71eb0a1b9724c159d779879f8',
         'org.bouncycastle:bcpkix-jdk15on:1.56:bcpkix-jdk15on-1.56.jar:7043dee4e9e7175e93e0b36f45b1ec1ecb893c5f755667e8b916eb8dd201c6ca',
         'org.bouncycastle:bcprov-jdk15on:1.56:bcprov-jdk15on-1.56.jar:963e1ee14f808ffb99897d848ddcdb28fa91ddda867eb18d303e82728f878349',
-        'org.briarproject:obfs4proxy-android:0.0.9:obfs4proxy-android-0.0.9.zip:9b7e9181535ea8d8bbe8ae6338e08cf4c5fc1e357a779393e0ce49586d459ae0',
-        'org.briarproject:tor-android:0.3.5.8:tor-android-0.3.5.8.zip:42a13a6f185be1a62f42e3f30ce66a3c099ac5ec890a65e7593111b65b44a54a',
+        'org.briarproject:obfs4proxy-android:0.0.11-2:obfs4proxy-android-0.0.11-2.zip:57e55cbe87aa2aac210fdbb6cd8cdeafe15f825406a08ebf77a8b787aa2c6a8a',
+        'org.briarproject:tor-android:0.3.5.10:tor-android-0.3.5.10.zip:edd83bf557fcff2105eaa0bdb3f607a6852ebe7360920929ae3039dd5f4774c5',
         'org.checkerframework:checker-compat-qual:2.5.3:checker-compat-qual-2.5.3.jar:d76b9afea61c7c082908023f0cbc1427fab9abd2df915c8b8a3e7a509bccbc6d',
         'org.checkerframework:checker-qual:2.5.2:checker-qual-2.5.2.jar:64b02691c8b9d4e7700f8ee2e742dce7ea2c6e81e662b7522c9ee3bf568c040a',
         'org.codehaus.groovy:groovy-all:2.4.15:groovy-all-2.4.15.jar:51d6c4e71782e85674239189499854359d380fb75e1a703756e3aaa5b98a5af0',
-        'org.codehaus.mojo:animal-sniffer-annotations:1.14:animal-sniffer-annotations-1.14.jar:2068320bd6bad744c3673ab048f67e30bef8f518996fa380033556600669905d',
+        'org.codehaus.mojo:animal-sniffer-annotations:1.17:animal-sniffer-annotations-1.17.jar:92654f493ecfec52082e76354f0ebf87648dc3d5cec2e3c3cdb947c016747a53',
         'org.glassfish.jaxb:jaxb-core:2.2.11:jaxb-core-2.2.11.jar:37bcaee8ebb04362c8352a5bf6221b86967ecdab5164c696b10b9a2bb587b2aa',
         'org.glassfish.jaxb:jaxb-runtime:2.2.11:jaxb-runtime-2.2.11.jar:a874f2351cfba8e2946be3002d10c18a6da8f21b52ba2acf52f2b85d5520ed70',
         'org.glassfish.jaxb:txw2:2.2.11:txw2-2.2.11.jar:272a3ccad45a4511351920cd2a8633c53cab8d5220c7a92954da5526bb5eafea',
         'org.hamcrest:hamcrest-core:1.3:hamcrest-core-1.3.jar:66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9',
         'org.hamcrest:hamcrest-library:1.3:hamcrest-library-1.3.jar:711d64522f9ec410983bd310934296da134be4254a125080a0416ec178dfad1c',
-        'org.jetbrains.kotlin:kotlin-reflect:1.3.21:kotlin-reflect-1.3.21.jar:a3065c822633191e0a3e3ee12a29bec234fc4b2864a6bb87ef48cce3e9e0c26a',
-        'org.jetbrains.kotlin:kotlin-stdlib-common:1.3.21:kotlin-stdlib-common-1.3.21.jar:cea61f7b611895e64f58569a9757fc0ab0d582f107211e1930e0ce2a0add52a7',
-        'org.jetbrains.kotlin:kotlin-stdlib-jdk7:1.3.21:kotlin-stdlib-jdk7-1.3.21.jar:a87875604fd42140da6938ae4d35ee61081f4482536efc6d2615b8b626a198af',
-        'org.jetbrains.kotlin:kotlin-stdlib-jdk8:1.3.21:kotlin-stdlib-jdk8-1.3.21.jar:5823ed66ac122a1c55442ebca5a209a843ccd87f562edc31a787f3d2e47f74d4',
-        'org.jetbrains.kotlin:kotlin-stdlib:1.3.21:kotlin-stdlib-1.3.21.jar:38ba2370d9f06f50433e06b2ca775b94473c2e2785f410926079ab793c72b034',
+        'org.jetbrains.kotlin:kotlin-reflect:1.3.50:kotlin-reflect-1.3.50.jar:64583199ea5a54aefd1bd1595288925f784226ee562d1dd279011c6075b3d7a4',
+        'org.jetbrains.kotlin:kotlin-stdlib-common:1.3.50:kotlin-stdlib-common-1.3.50.jar:8ce678e88e4ba018b66dacecf952471e4d7dfee156a8a819760a5a5ff29d323c',
+        'org.jetbrains.kotlin:kotlin-stdlib-jdk7:1.3.50:kotlin-stdlib-jdk7-1.3.50.jar:9a026639e76212f8d57b86d55b075394c2e009f1979110751d34c05c5f75d57b',
+        'org.jetbrains.kotlin:kotlin-stdlib-jdk8:1.3.50:kotlin-stdlib-jdk8-1.3.50.jar:1b351fb6e09c14b55525c74c1f4cf48942eae43c348b7bc764a5e6e423d4da0c',
+        'org.jetbrains.kotlin:kotlin-stdlib:1.3.50:kotlin-stdlib-1.3.50.jar:e6f05746ee0366d0b52825a090fac474dcf44082c9083bbb205bd16976488d6c',
         'org.jetbrains.trove4j:trove4j:20160824:trove4j-20160824.jar:1917871c8deb468307a584680c87a44572f5a8b0b98c6d397fc0f5f86596dbe7',
         'org.jetbrains:annotations:13.0:annotations-13.0.jar:ace2a10dc8e2d5fd34925ecac03e4988b2c0f851650c94b8cef49ba1bd111478',
         'org.jmock:jmock-junit4:2.8.2:jmock-junit4-2.8.2.jar:f7ee4df4f7bd7b7f1cafad3b99eb74d579f109d5992ff625347352edb55e674c',

bramble-api/build.gradle

@@ -7,7 +7,7 @@ apply plugin: 'witness'
 apply from: 'witness.gradle'
 
 dependencies {
-	implementation "com.google.dagger:dagger:2.22.1"
+	implementation "com.google.dagger:dagger:2.24"
 	implementation 'com.google.code.findbugs:jsr305:3.0.2'
 
 	testImplementation 'junit:junit:4.12'

bramble-api/src/main/java/org/briarproject/bramble/api/FeatureFlags.java

@@ -6,6 +6,4 @@ package org.briarproject.bramble.api;
 public interface FeatureFlags {
 
 	boolean shouldEnableImageAttachments();
-
-	boolean shouldEnableRemoteContacts();
 }

bramble-api/src/main/java/org/briarproject/bramble/api/account/AccountManager.java

@@ -1,5 +1,6 @@
 package org.briarproject.bramble.api.account;
 
+import org.briarproject.bramble.api.crypto.DecryptionException;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.identity.IdentityManager;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
@@ -13,7 +14,8 @@ public interface AccountManager {
 	 * Returns true if the manager has the database key. This will be false
 	 * before {@link #createAccount(String, String)} or {@link #signIn(String)}
 	 * has been called, and true after {@link #createAccount(String, String)}
-	 * or {@link #signIn(String)} has returned true, until the process exits.
+	 * or {@link #signIn(String)} has returned true, until
+	 * {@link #deleteAccount()} is called or the process exits.
 	 */
 	boolean hasDatabaseKey();
 
@@ -22,25 +24,22 @@ public interface AccountManager {
 	 * before {@link #createAccount(String, String)} or {@link #signIn(String)}
 	 * has been called, and non-null after
 	 * {@link #createAccount(String, String)} or {@link #signIn(String)} has
-	 * returned true, until the process exits.
+	 * returned true, until {@link #deleteAccount()} is called or the process
+	 * exits.
 	 */
 	@Nullable
 	SecretKey getDatabaseKey();
 
 	/**
-	 * Returns true if the encrypted database key can be loaded from disk, and
-	 * the database directory exists and is a directory.
+	 * Returns true if the encrypted database key can be loaded from disk.
 	 */
 	boolean accountExists();
 
 	/**
 	 * Creates an identity with the given name and registers it with the
 	 * {@link IdentityManager}. Creates a database key, encrypts it with the
-	 * given password and stores it on disk.
-	 * <p/>
-	 * This method does not create the database directory, so
-	 * {@link #accountExists()} will continue to return false until the
-	 * database directory is created.
+	 * given password and stores it on disk. {@link #accountExists()} will
+	 * return true after this method returns true.
 	 */
 	boolean createAccount(String name, String password);
 
@@ -54,17 +53,19 @@ public interface AccountManager {
 	 * Loads the encrypted database key from disk and decrypts it with the
 	 * given password.
 	 *
-	 * @return true if the database key was successfully loaded and decrypted.
+	 * @throws DecryptionException If the database key could not be loaded and
+	 * decrypted.
 	 */
-	boolean signIn(String password);
+	void signIn(String password) throws DecryptionException;
 
 	/**
 	 * Loads the encrypted database key from disk, decrypts it with the old
 	 * password, encrypts it with the new password, and stores it on disk,
 	 * replacing the old key.
 	 *
-	 * @return true if the database key was successfully loaded, re-encrypted
-	 * and stored.
+	 * @throws DecryptionException If the database key could not be loaded and
+	 * decrypted.
 	 */
-	boolean changePassword(String oldPassword, String newPassword);
+	void changePassword(String oldPassword, String newPassword)
+			throws DecryptionException;
 }

bramble-api/src/main/java/org/briarproject/bramble/api/connection/ConnectionManager.java

@@ -1,8 +1,11 @@
-package org.briarproject.bramble.api.plugin;
+package org.briarproject.bramble.api.connection;
 
 import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.contact.PendingContactId;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportConnectionReader;
+import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
+import org.briarproject.bramble.api.plugin.TransportId;
 import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
 
 @NotNullByDefault

bramble-api/src/main/java/org/briarproject/bramble/api/connection/ConnectionRegistry.java

@@ -0,0 +1,130 @@
+package org.briarproject.bramble.api.connection;
+
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.contact.PendingContactId;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.PluginConfig;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.plugin.event.ConnectionClosedEvent;
+import org.briarproject.bramble.api.plugin.event.ConnectionOpenedEvent;
+import org.briarproject.bramble.api.plugin.event.ContactConnectedEvent;
+import org.briarproject.bramble.api.plugin.event.ContactDisconnectedEvent;
+import org.briarproject.bramble.api.rendezvous.event.RendezvousConnectionClosedEvent;
+import org.briarproject.bramble.api.rendezvous.event.RendezvousConnectionOpenedEvent;
+import org.briarproject.bramble.api.sync.Priority;
+
+import java.util.Collection;
+
+/**
+ * Keeps track of which contacts are currently connected by which transports.
+ */
+@NotNullByDefault
+public interface ConnectionRegistry {
+
+	/**
+	 * Registers an incoming connection from the given contact over the given
+	 * transport. The connection's {@link Priority priority} can be set later
+	 * via {@link #setPriority(ContactId, TransportId, InterruptibleConnection,
+	 * Priority)} if a priority record is received from the contact.
+	 * <p>
+	 * Broadcasts {@link ConnectionOpenedEvent}. Also broadcasts
+	 * {@link ContactConnectedEvent} if this is the only connection with the
+	 * contact.
+	 */
+	void registerIncomingConnection(ContactId c, TransportId t,
+			InterruptibleConnection conn);
+
+	/**
+	 * Registers an outgoing connection to the given contact over the given
+	 * transport.
+	 * <p>
+	 * Broadcasts {@link ConnectionOpenedEvent}. Also broadcasts
+	 * {@link ContactConnectedEvent} if this is the only connection with the
+	 * contact.
+	 * <p>
+	 * If the registry has any "better" connections with the given contact, the
+	 * given connection will be interrupted. If the registry has any "worse"
+	 * connections with the given contact, those connections will be
+	 * interrupted.
+	 * <p>
+	 * Connection A is considered "better" than connection B if both
+	 * connections have had their priorities set, and either A's transport is
+	 * {@link PluginConfig#getTransportPreferences() preferred} to B's, or
+	 * they use the same transport and A has higher {@link Priority priority}
+	 * than B.
+	 * <p>
+	 * For backward compatibility, connections without priorities are not
+	 * considered better or worse than other connections.
+	 */
+	void registerOutgoingConnection(ContactId c, TransportId t,
+			InterruptibleConnection conn, Priority priority);
+
+	/**
+	 * Unregisters a connection with the given contact over the given transport.
+	 * <p>
+	 * Broadcasts {@link ConnectionClosedEvent}. Also broadcasts
+	 * {@link ContactDisconnectedEvent} if this is the only connection with
+	 * the contact.
+	 */
+	void unregisterConnection(ContactId c, TransportId t,
+			InterruptibleConnection conn, boolean incoming, boolean exception);
+
+	/**
+	 * Sets the {@link Priority priority} of a connection that was previously
+	 * registered via {@link #registerIncomingConnection(ContactId, TransportId,
+	 * InterruptibleConnection)}.
+	 * <p>
+	 * If the registry has any "better" connections with the given contact, the
+	 * given connection will be interrupted. If the registry has any "worse"
+	 * connections with the given contact, those connections will be
+	 * interrupted.
+	 * <p>
+	 * Connection A is considered "better" than connection B if both
+	 * connections have had their priorities set, and either A's transport is
+	 * {@link PluginConfig#getTransportPreferences() preferred} to B's, or
+	 * they use the same transport and A has higher {@link Priority priority}
+	 * than B.
+	 * <p>
+	 * For backward compatibility, connections without priorities are not
+	 * considered better or worse than other connections.
+	 */
+	void setPriority(ContactId c, TransportId t, InterruptibleConnection conn,
+			Priority priority);
+
+	/**
+	 * Returns any contacts that are connected via the given transport.
+	 */
+	Collection<ContactId> getConnectedContacts(TransportId t);
+
+	/**
+	 * Returns any contacts that are connected via the given transport or any
+	 * {@link PluginConfig#getTransportPreferences() better} transport.
+	 */
+	Collection<ContactId> getConnectedOrBetterContacts(TransportId t);
+
+	/**
+	 * Returns true if the given contact is connected via the given transport.
+	 */
+	boolean isConnected(ContactId c, TransportId t);
+
+	/**
+	 * Returns true if the given contact is connected via any transport.
+	 */
+	boolean isConnected(ContactId c);
+
+	/**
+	 * Registers a connection with the given pending contact. Broadcasts
+	 * {@link RendezvousConnectionOpenedEvent} if this is the only connection
+	 * with the pending contact.
+	 *
+	 * @return True if this is the only connection with the pending contact,
+	 * false if it is redundant and should be closed
+	 */
+	boolean registerConnection(PendingContactId p);
+
+	/**
+	 * Unregisters a connection with the given pending contact. Broadcasts
+	 * {@link RendezvousConnectionClosedEvent}.
+	 */
+	void unregisterConnection(PendingContactId p, boolean success);
+}

bramble-api/src/main/java/org/briarproject/bramble/api/connection/InterruptibleConnection.java

@@ -0,0 +1,19 @@
+package org.briarproject.bramble.api.connection;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+/**
+ * A duplex sync connection that can be closed by interrupting its outgoing
+ * sync session.
+ */
+@NotNullByDefault
+public interface InterruptibleConnection {
+
+	/**
+	 * Interrupts the connection's outgoing sync session. If the underlying
+	 * transport connection is alive and the remote peer is cooperative, this
+	 * should result in both sync sessions ending and the connection being
+	 * cleanly closed.
+	 */
+	void interruptOutgoingSession();
+}

bramble-api/src/main/java/org/briarproject/bramble/api/contact/ContactManager.java

@@ -4,8 +4,10 @@ import org.briarproject.bramble.api.FormatException;
 import org.briarproject.bramble.api.Pair;
 import org.briarproject.bramble.api.UnsupportedVersionException;
 import org.briarproject.bramble.api.crypto.SecretKey;
+import org.briarproject.bramble.api.db.ContactExistsException;
 import org.briarproject.bramble.api.db.DbException;
 import org.briarproject.bramble.api.db.NoSuchContactException;
+import org.briarproject.bramble.api.db.PendingContactExistsException;
 import org.briarproject.bramble.api.db.Transaction;
 import org.briarproject.bramble.api.identity.Author;
 import org.briarproject.bramble.api.identity.AuthorId;
@@ -117,9 +119,14 @@ public interface ContactManager {
 	 * @throws FormatException If the link is invalid
 	 * @throws GeneralSecurityException If the pending contact's handshake
 	 * public key is invalid
+	 * @throws ContactExistsException If a contact with the same handshake
+	 * public key already exists
+	 * @throws PendingContactExistsException If a pending contact with the same
+	 * handshake public key already exists
 	 */
 	PendingContact addPendingContact(String link, String alias)
-			throws DbException, FormatException, GeneralSecurityException;
+			throws DbException, FormatException, GeneralSecurityException,
+			ContactExistsException, PendingContactExistsException;
 
 	/**
 	 * Returns the pending contact with the given ID.

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/CryptoComponent.java

@@ -132,17 +132,33 @@ public interface CryptoComponent {
 	 * storage. The encryption and authentication keys are derived from the
 	 * given password. The ciphertext will be decryptable using the same
 	 * password after the app restarts.
+	 *
+	 * @param keyStrengthener Used to strengthen the password-based key. If
+	 * null, the password-based key will not be strengthened
 	 */
-	byte[] encryptWithPassword(byte[] plaintext, String password);
+	byte[] encryptWithPassword(byte[] plaintext, String password,
+			@Nullable KeyStrengthener keyStrengthener);
 
 	/**
 	 * Decrypts and authenticates the given ciphertext that has been read from
 	 * storage. The encryption and authentication keys are derived from the
-	 * given password. Returns null if the ciphertext cannot be decrypted and
+	 * given password.
+	 *
+	 * @param keyStrengthener Used to strengthen the password-based key. If
+	 * null, or if strengthening was not used when encrypting the ciphertext,
+	 * the password-based key will not be strengthened
+	 * @throws DecryptionException If the ciphertext cannot be decrypted and
 	 * authenticated (for example, if the password is wrong).
 	 */
-	@Nullable
-	byte[] decryptWithPassword(byte[] ciphertext, String password);
+	byte[] decryptWithPassword(byte[] ciphertext, String password,
+			@Nullable KeyStrengthener keyStrengthener)
+			throws DecryptionException;
+
+	/**
+	 * Returns true if the given ciphertext was encrypted using a strengthened
+	 * key. The validity of the ciphertext is not checked.
+	 */
+	boolean isEncryptedWithStrengthenedKey(byte[] ciphertext);
 
 	/**
 	 * Encrypts the given plaintext to the given public key.

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/DecryptionException.java

@@ -0,0 +1,17 @@
+package org.briarproject.bramble.api.crypto;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+@NotNullByDefault
+public class DecryptionException extends Exception {
+
+	private final DecryptionResult result;
+
+	public DecryptionException(DecryptionResult result) {
+		this.result = result;
+	}
+
+	public DecryptionResult getDecryptionResult() {
+		return result;
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/DecryptionResult.java

@@ -0,0 +1,29 @@
+package org.briarproject.bramble.api.crypto;
+
+/**
+ * The result of a password-based decryption operation.
+ */
+public enum DecryptionResult {
+
+	/**
+	 * Decryption succeeded.
+	 */
+	SUCCESS,
+
+	/**
+	 * Decryption failed because the format of the ciphertext was invalid.
+	 */
+	INVALID_CIPHERTEXT,
+
+	/**
+	 * Decryption failed because the {@link KeyStrengthener} used for
+	 * encryption was not available for decryption.
+	 */
+	KEY_STRENGTHENER_ERROR,
+
+	/**
+	 * Decryption failed because the password used for decryption did not match
+	 * the password used for encryption.
+	 */
+	INVALID_PASSWORD
+}

bramble-api/src/main/java/org/briarproject/bramble/api/crypto/KeyStrengthener.java

@@ -0,0 +1,23 @@
+package org.briarproject.bramble.api.crypto;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+/**
+ * Interface for strengthening a password-based key, for example by using a
+ * key stored in a key management service or hardware security module.
+ */
+@NotNullByDefault
+public interface KeyStrengthener {
+
+	/**
+	 * Returns true if the strengthener has been initialised.
+	 */
+	@SuppressWarnings("BooleanMethodIsAlwaysInverted")
+	boolean isInitialised();
+
+	/**
+	 * Initialises the strengthener if necessary and returns a strong key
+	 * derived from the given key.
+	 */
+	SecretKey strengthenKey(SecretKey k);
+}

bramble-api/src/main/java/org/briarproject/bramble/api/db/DatabaseComponent.java

@@ -83,7 +83,7 @@ public interface DatabaseComponent extends TransactionManager {
 	/**
 	 * Stores a pending contact.
 	 */
-	void addPendingContact(Transaction txn, PendingContact p)
+	void addPendingContact(Transaction txn, PendingContact p, AuthorId local)
 			throws DbException;
 
 	/**

bramble-api/src/main/java/org/briarproject/bramble/api/db/DatabaseConfig.java

@@ -1,13 +1,29 @@
 package org.briarproject.bramble.api.db;
 
+import org.briarproject.bramble.api.crypto.KeyStrengthener;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 
 import java.io.File;
 
+import javax.annotation.Nullable;
+
 @NotNullByDefault
 public interface DatabaseConfig {
 
+	/**
+	 * Returns the directory where the database stores its data.
+	 */
 	File getDatabaseDirectory();
 
+	/**
+	 * Returns the directory where the encrypted database key is stored.
+	 */
 	File getDatabaseKeyDirectory();
+
+	/**
+	 * Returns a {@link KeyStrengthener} for strengthening the encryption of
+	 * the database key, or null if no strengthener should be used.
+	 */
+	@Nullable
+	KeyStrengthener getKeyStrengthener();
 }

bramble-api/src/main/java/org/briarproject/bramble/api/db/PendingContactExistsException.java

@@ -1,9 +1,21 @@
 package org.briarproject.bramble.api.db;
 
+import org.briarproject.bramble.api.contact.PendingContact;
+
 /**
  * Thrown when a duplicate pending contact is added to the database. This
  * exception may occur due to concurrent updates and does not indicate a
  * database error.
  */
 public class PendingContactExistsException extends DbException {
+
+	private final PendingContact pendingContact;
+
+	public PendingContactExistsException(PendingContact pendingContact) {
+		this.pendingContact = pendingContact;
+	}
+
+	public PendingContact getPendingContact() {
+		return pendingContact;
+	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/io/TimeoutMonitor.java

@@ -0,0 +1,15 @@
+package org.briarproject.bramble.api.io;
+
+import java.io.InputStream;
+
+public interface TimeoutMonitor {
+
+	/**
+	 * Returns an {@link InputStream} that wraps the given stream and allows
+	 * read timeouts to be detected.
+	 *
+	 * @param timeoutMs The read timeout in milliseconds. Timeouts will be
+	 * detected eventually but are not guaranteed to be detected immediately.
+	 */
+	InputStream createTimeoutInputStream(InputStream in, long timeoutMs);
+}

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/ConnectionRegistry.java

@@ -1,67 +0,0 @@
-package org.briarproject.bramble.api.plugin;
-
-import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.contact.PendingContactId;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.event.ConnectionClosedEvent;
-import org.briarproject.bramble.api.plugin.event.ConnectionOpenedEvent;
-import org.briarproject.bramble.api.plugin.event.ContactConnectedEvent;
-import org.briarproject.bramble.api.plugin.event.ContactDisconnectedEvent;
-import org.briarproject.bramble.api.rendezvous.event.RendezvousConnectionClosedEvent;
-import org.briarproject.bramble.api.rendezvous.event.RendezvousConnectionOpenedEvent;
-
-import java.util.Collection;
-
-/**
- * Keeps track of which contacts are currently connected by which transports.
- */
-@NotNullByDefault
-public interface ConnectionRegistry {
-
-	/**
-	 * Registers a connection with the given contact over the given transport.
-	 * Broadcasts {@link ConnectionOpenedEvent}. Also broadcasts
-	 * {@link ContactConnectedEvent} if this is the only connection with the
-	 * contact.
-	 */
-	void registerConnection(ContactId c, TransportId t, boolean incoming);
-
-	/**
-	 * Unregisters a connection with the given contact over the given transport.
-	 * Broadcasts {@link ConnectionClosedEvent}. Also broadcasts
-	 * {@link ContactDisconnectedEvent} if this is the only connection with
-	 * the contact.
-	 */
-	void unregisterConnection(ContactId c, TransportId t, boolean incoming);
-
-	/**
-	 * Returns any contacts that are connected via the given transport.
-	 */
-	Collection<ContactId> getConnectedContacts(TransportId t);
-
-	/**
-	 * Returns true if the given contact is connected via the given transport.
-	 */
-	boolean isConnected(ContactId c, TransportId t);
-
-	/**
-	 * Returns true if the given contact is connected via any transport.
-	 */
-	boolean isConnected(ContactId c);
-
-	/**
-	 * Registers a connection with the given pending contact. Broadcasts
-	 * {@link RendezvousConnectionOpenedEvent} if this is the only connection
-	 * with the pending contact.
-	 *
-	 * @return True if this is the only connection with the pending contact,
-	 * false if it is redundant and should be closed
-	 */
-	boolean registerConnection(PendingContactId p);
-
-	/**
-	 * Unregisters a connection with the given pending contact. Broadcasts
-	 * {@link RendezvousConnectionClosedEvent}.
-	 */
-	void unregisterConnection(PendingContactId p, boolean success);
-}

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/LanTcpConstants.java

@@ -4,10 +4,10 @@ public interface LanTcpConstants {
 
 	TransportId ID = new TransportId("org.briarproject.bramble.lan");
 
-	// a transport property (shared with contacts)
+	// Transport properties (shared with contacts)
 	String PROP_IP_PORTS = "ipPorts";
+	String PROP_PORT = "port";
 
-	// a local setting
+	// A local setting
 	String PREF_LAN_IP_PORTS = "ipPorts";
-
 }

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/PluginConfig.java

@@ -5,6 +5,8 @@ import org.briarproject.bramble.api.plugin.duplex.DuplexPluginFactory;
 import org.briarproject.bramble.api.plugin.simplex.SimplexPluginFactory;
 
 import java.util.Collection;
+import java.util.List;
+import java.util.Map;
 
 @NotNullByDefault
 public interface PluginConfig {
@@ -14,4 +16,11 @@ public interface PluginConfig {
 	Collection<SimplexPluginFactory> getSimplexFactories();
 
 	boolean shouldPoll();
+
+	/**
+	 * Returns a map representing transport preferences. For each entry in the
+	 * map, connections via the transports identified by the value are
+	 * preferred to connections via the transport identified by the key.
+	 */
+	Map<TransportId, List<TransportId>> getTransportPreferences();
 }

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/duplex/AbstractDuplexTransportConnection.java

@@ -4,6 +4,7 @@ import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.Plugin;
 import org.briarproject.bramble.api.plugin.TransportConnectionReader;
 import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
+import org.briarproject.bramble.api.properties.TransportProperties;
 
 import java.io.IOException;
 import java.io.InputStream;
@@ -14,6 +15,8 @@ import java.util.concurrent.atomic.AtomicBoolean;
 public abstract class AbstractDuplexTransportConnection
 		implements DuplexTransportConnection {
 
+	protected final TransportProperties remote = new TransportProperties();
+
 	private final Plugin plugin;
 	private final Reader reader;
 	private final Writer writer;
@@ -44,6 +47,11 @@ public abstract class AbstractDuplexTransportConnection
 		return writer;
 	}
 
+	@Override
+	public TransportProperties getRemoteProperties() {
+		return remote;
+	}
+
 	private class Reader implements TransportConnectionReader {
 
 		@Override

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/duplex/DuplexTransportConnection.java

@@ -3,6 +3,7 @@ package org.briarproject.bramble.api.plugin.duplex;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.TransportConnectionReader;
 import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
+import org.briarproject.bramble.api.properties.TransportProperties;
 
 /**
  * An interface for reading and writing data over a duplex transport. The
@@ -23,4 +24,10 @@ public interface DuplexTransportConnection {
 	 * for writing to the connection.
 	 */
 	TransportConnectionWriter getWriter();
+
+	/**
+	 * Returns a possibly empty set of {@link TransportProperties} describing
+	 * the remote peer.
+	 */
+	TransportProperties getRemoteProperties();
 }

bramble-api/src/main/java/org/briarproject/bramble/api/plugin/event/ConnectionClosedEvent.java

@@ -13,13 +13,14 @@ public class ConnectionClosedEvent extends Event {
 
 	private final ContactId contactId;
 	private final TransportId transportId;
-	private final boolean incoming;
+	private final boolean incoming, exception;
 
 	public ConnectionClosedEvent(ContactId contactId, TransportId transportId,
-			boolean incoming) {
+			boolean incoming, boolean exception) {
 		this.contactId = contactId;
 		this.transportId = transportId;
 		this.incoming = incoming;
+		this.exception = exception;
 	}
 
 	public ContactId getContactId() {
@@ -33,4 +34,8 @@ public class ConnectionClosedEvent extends Event {
 	public boolean isIncoming() {
 		return incoming;
 	}
+
+	public boolean isException() {
+		return exception;
+	}
 }

bramble-api/src/main/java/org/briarproject/bramble/api/properties/TransportPropertyConstants.java

@@ -11,4 +11,28 @@ public interface TransportPropertyConstants {
 	 * The maximum length of a property's key or value in UTF-8 bytes.
 	 */
 	int MAX_PROPERTY_LENGTH = 100;
+
+	/**
+	 * Message metadata key for the transport ID of a local or remote update,
+	 * as a BDF string.
+	 */
+	String MSG_KEY_TRANSPORT_ID = "transportId";
+
+	/**
+	 * Message metadata key for the version number of a local or remote update,
+	 * as a BDF long.
+	 */
+	String MSG_KEY_VERSION = "version";
+
+	/**
+	 * Message metadata key for whether an update is local or remote, as a BDF
+	 * boolean.
+	 */
+	String MSG_KEY_LOCAL = "local";
+
+	/**
+	 * Group metadata key for any discovered transport properties of the
+	 * contact, as a BDF dictionary.
+	 */
+	String GROUP_KEY_DISCOVERED = "discovered";
 }

bramble-api/src/main/java/org/briarproject/bramble/api/properties/TransportPropertyManager.java

@@ -34,6 +34,14 @@ public interface TransportPropertyManager {
 	void addRemoteProperties(Transaction txn, ContactId c,
 			Map<TransportId, TransportProperties> props) throws DbException;
 
+	/**
+	 * Stores the given properties discovered from an incoming transport
+	 * connection. They will be overridden by any properties received while
+	 * adding the contact or synced from the contact.
+	 */
+	void addRemotePropertiesFromConnection(ContactId c, TransportId t,
+			TransportProperties props) throws DbException;
+
 	/**
 	 * Returns the local transport properties for all transports.
 	 */

bramble-api/src/main/java/org/briarproject/bramble/api/sync/Priority.java

@@ -0,0 +1,23 @@
+package org.briarproject.bramble.api.sync;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+import javax.annotation.concurrent.Immutable;
+
+/**
+ * A record containing a nonce for choosing between redundant sessions.
+ */
+@Immutable
+@NotNullByDefault
+public class Priority {
+
+	private final byte[] nonce;
+
+	public Priority(byte[] nonce) {
+		this.nonce = nonce;
+	}
+
+	public byte[] getNonce() {
+		return nonce;
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/sync/PriorityHandler.java

@@ -0,0 +1,13 @@
+package org.briarproject.bramble.api.sync;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+
+/**
+ * An interface for handling a {@link Priority} record received by an
+ * incoming {@link SyncSession}.
+ */
+@NotNullByDefault
+public interface PriorityHandler {
+
+	void handle(Priority p);
+}

bramble-api/src/main/java/org/briarproject/bramble/api/sync/RecordTypes.java

@@ -10,4 +10,5 @@ public interface RecordTypes {
 	byte OFFER = 2;
 	byte REQUEST = 3;
 	byte VERSIONS = 4;
+	byte PRIORITY = 5;
 }

bramble-api/src/main/java/org/briarproject/bramble/api/sync/SyncConstants.java

@@ -49,4 +49,10 @@ public interface SyncConstants {
 	 * simultaneously.
 	 */
 	int MAX_SUPPORTED_VERSIONS = 10;
+
+	/**
+	 * The length of the priority nonce used for choosing between redundant
+	 * connections.
+	 */
+	int PRIORITY_NONCE_BYTES = 16;
 }

bramble-api/src/main/java/org/briarproject/bramble/api/sync/SyncRecordReader.java

@@ -28,4 +28,8 @@ public interface SyncRecordReader {
 	boolean hasVersions() throws IOException;
 
 	Versions readVersions() throws IOException;
+
+	boolean hasPriority() throws IOException;
+
+	Priority readPriority() throws IOException;
 }

bramble-api/src/main/java/org/briarproject/bramble/api/sync/SyncRecordWriter.java

@@ -17,5 +17,7 @@ public interface SyncRecordWriter {
 
 	void writeVersions(Versions v) throws IOException;
 
+	void writePriority(Priority p) throws IOException;
+
 	void flush() throws IOException;
 }

bramble-api/src/main/java/org/briarproject/bramble/api/sync/SyncSessionFactory.java

@@ -2,18 +2,23 @@ package org.briarproject.bramble.api.sync;
 
 import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportId;
 import org.briarproject.bramble.api.transport.StreamWriter;
 
 import java.io.InputStream;
 
+import javax.annotation.Nullable;
+
 @NotNullByDefault
 public interface SyncSessionFactory {
 
-	SyncSession createIncomingSession(ContactId c, InputStream in);
+	SyncSession createIncomingSession(ContactId c, InputStream in,
+			PriorityHandler handler);
 
-	SyncSession createSimplexOutgoingSession(ContactId c, int maxLatency,
-			StreamWriter streamWriter);
+	SyncSession createSimplexOutgoingSession(ContactId c, TransportId t,
+			int maxLatency, StreamWriter streamWriter);
 
-	SyncSession createDuplexOutgoingSession(ContactId c, int maxLatency,
-			int maxIdleTime, StreamWriter streamWriter);
+	SyncSession createDuplexOutgoingSession(ContactId c, TransportId t,
+			int maxLatency, int maxIdleTime, StreamWriter streamWriter,
+			@Nullable Priority priority);
 }

bramble-api/src/main/java/org/briarproject/bramble/api/sync/event/CloseSyncConnectionsEvent.java

@@ -0,0 +1,26 @@
+package org.briarproject.bramble.api.sync.event;
+
+import org.briarproject.bramble.api.event.Event;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportId;
+
+import javax.annotation.concurrent.Immutable;
+
+/**
+ * An event that is broadcast when all sync connections using a given
+ * transport should be closed.
+ */
+@Immutable
+@NotNullByDefault
+public class CloseSyncConnectionsEvent extends Event {
+
+	private final TransportId transportId;
+
+	public CloseSyncConnectionsEvent(TransportId transportId) {
+		this.transportId = transportId;
+	}
+
+	public TransportId getTransportId() {
+		return transportId;
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/versioning/ClientVersion.java

@@ -0,0 +1,63 @@
+package org.briarproject.bramble.api.versioning;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.sync.ClientId;
+
+import javax.annotation.concurrent.Immutable;
+
+@Immutable
+@NotNullByDefault
+public class ClientVersion implements Comparable<ClientVersion> {
+
+	private final ClientMajorVersion majorVersion;
+	private final int minorVersion;
+
+	public ClientVersion(ClientMajorVersion majorVersion,
+			int minorVersion) {
+		this.majorVersion = majorVersion;
+		this.minorVersion = minorVersion;
+	}
+
+	public ClientVersion(ClientId clientId, int majorVersion,
+			int minorVersion) {
+		this(new ClientMajorVersion(clientId, majorVersion), minorVersion);
+	}
+
+	public ClientMajorVersion getClientMajorVersion() {
+		return majorVersion;
+	}
+
+	public ClientId getClientId() {
+		return majorVersion.getClientId();
+	}
+
+	public int getMajorVersion() {
+		return majorVersion.getMajorVersion();
+	}
+
+	public int getMinorVersion() {
+		return minorVersion;
+	}
+
+	@Override
+	public boolean equals(Object o) {
+		if (o instanceof ClientVersion) {
+			ClientVersion cv = (ClientVersion) o;
+			return majorVersion.equals(cv.majorVersion)
+					&& minorVersion == cv.minorVersion;
+		}
+		return false;
+	}
+
+	@Override
+	public int hashCode() {
+		return majorVersion.hashCode();
+	}
+
+	@Override
+	public int compareTo(ClientVersion cv) {
+		int compare = majorVersion.compareTo(cv.majorVersion);
+		if (compare != 0) return compare;
+		return minorVersion - cv.minorVersion;
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/api/versioning/event/ClientVersionUpdatedEvent.java

@@ -0,0 +1,34 @@
+package org.briarproject.bramble.api.versioning.event;
+
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.event.Event;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.versioning.ClientVersion;
+
+import javax.annotation.concurrent.Immutable;
+
+/**
+ * An event that is broadcast when we receive a client versioning update from
+ * a contact.
+ */
+@Immutable
+@NotNullByDefault
+public class ClientVersionUpdatedEvent extends Event {
+
+	private final ContactId contactId;
+	private final ClientVersion clientVersion;
+
+	public ClientVersionUpdatedEvent(ContactId contactId,
+			ClientVersion clientVersion) {
+		this.contactId = contactId;
+		this.clientVersion = clientVersion;
+	}
+
+	public ContactId getContactId() {
+		return contactId;
+	}
+
+	public ClientVersion getClientVersion() {
+		return clientVersion;
+	}
+}

bramble-api/src/main/java/org/briarproject/bramble/util/IoUtils.java

@@ -117,4 +117,10 @@ public class IoUtils {
 			throw new IOException(e);
 		}
 	}
+
+	public static boolean isNonEmptyDirectory(File f) {
+		if (!f.isDirectory()) return false;
+		File[] children = f.listFiles();
+		return children != null && children.length > 0;
+	}
 }

bramble-api/witness.gradle

@@ -2,7 +2,7 @@ dependencyVerification {
     verify = [
         'cglib:cglib:3.2.0:cglib-3.2.0.jar:adb13bab79712ad6bdf1bd59f2a3918018a8016e722e8a357065afb9e6690861',
         'com.google.code.findbugs:jsr305:3.0.2:jsr305-3.0.2.jar:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7',
-        'com.google.dagger:dagger:2.22.1:dagger-2.22.1.jar:329d4340f24c4f5717af016c097e90668bfea2a5376e6aa9964b01cef3fd241a',
+        'com.google.dagger:dagger:2.24:dagger-2.24.jar:550a6e46a6dfcdf1d764887b6090cea94f783327e50e5c73754f18facfc70b64',
         'javax.inject:javax.inject:1:javax.inject-1.jar:91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff',
         'junit:junit:4.12:junit-4.12.jar:59721f0805e223d84b90677887d9ff567dc534d7c502ca903c0c2b17f05c116a',
         'org.apache.ant:ant-launcher:1.9.4:ant-launcher-1.9.4.jar:7bccea20b41801ca17bcbc909a78c835d0f443f12d639c77bd6ae3d05861608d',

bramble-core/build.gradle

@@ -17,7 +17,7 @@ dependencies {
 	implementation 'org.whispersystems:curve25519-java:0.5.0'
 	implementation 'org.briarproject:jtorctl:0.3'
 
-	annotationProcessor 'com.google.dagger:dagger-compiler:2.22.1'
+	annotationProcessor 'com.google.dagger:dagger-compiler:2.24'
 
 	testImplementation project(path: ':bramble-api', configuration: 'testOutput')
 	testImplementation 'org.hsqldb:hsqldb:2.3.5' // The last version that supports Java 1.6
@@ -26,7 +26,7 @@ dependencies {
 	testImplementation "org.jmock:jmock-junit4:2.8.2"
 	testImplementation "org.jmock:jmock-legacy:2.8.2"
 
-	testAnnotationProcessor 'com.google.dagger:dagger-compiler:2.22.1'
+	testAnnotationProcessor 'com.google.dagger:dagger-compiler:2.24'
 
 	signature 'org.codehaus.mojo.signature:java16:1.1@signature'
 }

bramble-core/src/main/java/org/briarproject/bramble/BrambleCoreEagerSingletons.java

@@ -39,18 +39,21 @@ public interface BrambleCoreEagerSingletons {
 
 	void inject(VersioningModule.EagerSingletons init);
 
-	default void injectBrambleCoreEagerSingletons() {
-		inject(new ContactModule.EagerSingletons());
-		inject(new CryptoExecutorModule.EagerSingletons());
-		inject(new DatabaseExecutorModule.EagerSingletons());
-		inject(new IdentityModule.EagerSingletons());
-		inject(new LifecycleModule.EagerSingletons());
-		inject(new RendezvousModule.EagerSingletons());
-		inject(new PluginModule.EagerSingletons());
-		inject(new PropertiesModule.EagerSingletons());
-		inject(new SystemModule.EagerSingletons());
-		inject(new TransportModule.EagerSingletons());
-		inject(new ValidationModule.EagerSingletons());
-		inject(new VersioningModule.EagerSingletons());
+	class Helper {
+
+		public static void injectEagerSingletons(BrambleCoreEagerSingletons c) {
+			c.inject(new ContactModule.EagerSingletons());
+			c.inject(new CryptoExecutorModule.EagerSingletons());
+			c.inject(new DatabaseExecutorModule.EagerSingletons());
+			c.inject(new IdentityModule.EagerSingletons());
+			c.inject(new LifecycleModule.EagerSingletons());
+			c.inject(new RendezvousModule.EagerSingletons());
+			c.inject(new PluginModule.EagerSingletons());
+			c.inject(new PropertiesModule.EagerSingletons());
+			c.inject(new SystemModule.EagerSingletons());
+			c.inject(new TransportModule.EagerSingletons());
+			c.inject(new ValidationModule.EagerSingletons());
+			c.inject(new VersioningModule.EagerSingletons());
+		}
 	}
 }

bramble-core/src/main/java/org/briarproject/bramble/BrambleCoreModule.java

@@ -1,6 +1,7 @@
 package org.briarproject.bramble;
 
 import org.briarproject.bramble.client.ClientModule;
+import org.briarproject.bramble.connection.ConnectionModule;
 import org.briarproject.bramble.contact.ContactModule;
 import org.briarproject.bramble.crypto.CryptoExecutorModule;
 import org.briarproject.bramble.crypto.CryptoModule;
@@ -9,6 +10,7 @@ import org.briarproject.bramble.db.DatabaseExecutorModule;
 import org.briarproject.bramble.db.DatabaseModule;
 import org.briarproject.bramble.event.EventModule;
 import org.briarproject.bramble.identity.IdentityModule;
+import org.briarproject.bramble.io.IoModule;
 import org.briarproject.bramble.keyagreement.KeyAgreementModule;
 import org.briarproject.bramble.lifecycle.LifecycleModule;
 import org.briarproject.bramble.plugin.PluginModule;
@@ -27,6 +29,7 @@ import dagger.Module;
 
 @Module(includes = {
 		ClientModule.class,
+		ConnectionModule.class,
 		ContactModule.class,
 		CryptoModule.class,
 		CryptoExecutorModule.class,
@@ -35,6 +38,7 @@ import dagger.Module;
 		DatabaseExecutorModule.class,
 		EventModule.class,
 		IdentityModule.class,
+		IoModule.class,
 		KeyAgreementModule.class,
 		LifecycleModule.class,
 		PluginModule.class,
@@ -50,8 +54,4 @@ import dagger.Module;
 		VersioningModule.class
 })
 public class BrambleCoreModule {
-
-	public static void initEagerSingletons(BrambleCoreEagerSingletons c) {
-		c.injectBrambleCoreEagerSingletons();
-	}
 }

bramble-core/src/main/java/org/briarproject/bramble/account/AccountManagerImpl.java

@@ -2,6 +2,8 @@ package org.briarproject.bramble.account;
 
 import org.briarproject.bramble.api.account.AccountManager;
 import org.briarproject.bramble.api.crypto.CryptoComponent;
+import org.briarproject.bramble.api.crypto.DecryptionException;
+import org.briarproject.bramble.api.crypto.KeyStrengthener;
 import org.briarproject.bramble.api.crypto.SecretKey;
 import org.briarproject.bramble.api.db.DatabaseConfig;
 import org.briarproject.bramble.api.identity.Identity;
@@ -16,12 +18,15 @@ import java.io.FileInputStream;
 import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.InputStreamReader;
+import java.nio.charset.Charset;
 import java.util.logging.Logger;
 
 import javax.annotation.Nullable;
+import javax.annotation.concurrent.GuardedBy;
 import javax.inject.Inject;
 
 import static java.util.logging.Level.WARNING;
+import static org.briarproject.bramble.api.crypto.DecryptionResult.INVALID_CIPHERTEXT;
 import static org.briarproject.bramble.util.LogUtils.logException;
 import static org.briarproject.bramble.util.StringUtils.fromHexString;
 import static org.briarproject.bramble.util.StringUtils.toHexString;
@@ -68,9 +73,10 @@ class AccountManagerImpl implements AccountManager {
 		return databaseKey;
 	}
 
-	// Locking: stateChangeLock
+	// Package access for testing
+	@GuardedBy("stateChangeLock")
 	@Nullable
-	protected String loadEncryptedDatabaseKey() {
+	String loadEncryptedDatabaseKey() {
 		String key = readDbKeyFromFile(dbKeyFile);
 		if (key == null) {
 			LOG.info("No database key in primary file");
@@ -83,7 +89,7 @@ class AccountManagerImpl implements AccountManager {
 		return key;
 	}
 
-	// Locking: stateChangeLock
+	@GuardedBy("stateChangeLock")
 	@Nullable
 	private String readDbKeyFromFile(File f) {
 		if (!f.exists()) {
@@ -92,7 +98,7 @@ class AccountManagerImpl implements AccountManager {
 		}
 		try {
 			BufferedReader reader = new BufferedReader(new InputStreamReader(
-					new FileInputStream(f), "UTF-8"));
+					new FileInputStream(f), Charset.forName("UTF-8")));
 			String key = reader.readLine();
 			reader.close();
 			return key;
@@ -102,8 +108,9 @@ class AccountManagerImpl implements AccountManager {
 		}
 	}
 
-	// Locking: stateChangeLock
-	protected boolean storeEncryptedDatabaseKey(String hex) {
+	// Package access for testing
+	@GuardedBy("stateChangeLock")
+	boolean storeEncryptedDatabaseKey(String hex) {
 		LOG.info("Storing database key in file");
 		// Create the directory if necessary
 		if (databaseConfig.getDatabaseKeyDirectory().mkdirs())
@@ -140,10 +147,10 @@ class AccountManagerImpl implements AccountManager {
 		}
 	}
 
-	// Locking: stateChangeLock
+	@GuardedBy("stateChangeLock")
 	private void writeDbKeyToFile(String key, File f) throws IOException {
 		FileOutputStream out = new FileOutputStream(f);
-		out.write(key.getBytes("UTF-8"));
+		out.write(key.getBytes(Charset.forName("UTF-8")));
 		out.flush();
 		out.close();
 	}
@@ -151,8 +158,7 @@ class AccountManagerImpl implements AccountManager {
 	@Override
 	public boolean accountExists() {
 		synchronized (stateChangeLock) {
-			return loadEncryptedDatabaseKey() != null
-					&& databaseConfig.getDatabaseDirectory().isDirectory();
+			return loadEncryptedDatabaseKey() != null;
 		}
 	}
 
@@ -170,10 +176,11 @@ class AccountManagerImpl implements AccountManager {
 		}
 	}
 
-	// Locking: stateChangeLock
+	@GuardedBy("stateChangeLock")
 	private boolean encryptAndStoreDatabaseKey(SecretKey key, String password) {
 		byte[] plaintext = key.getBytes();
-		byte[] ciphertext = crypto.encryptWithPassword(plaintext, password);
+		byte[] ciphertext = crypto.encryptWithPassword(plaintext, password,
+				databaseConfig.getKeyStrengthener());
 		return storeEncryptedDatabaseKey(toHexString(ciphertext));
 	}
 
@@ -188,37 +195,41 @@ class AccountManagerImpl implements AccountManager {
 	}
 
 	@Override
-	public boolean signIn(String password) {
+	public void signIn(String password) throws DecryptionException {
 		synchronized (stateChangeLock) {
-			SecretKey key = loadAndDecryptDatabaseKey(password);
-			if (key == null) return false;
-			databaseKey = key;
-			return true;
+			databaseKey = loadAndDecryptDatabaseKey(password);
 		}
 	}
 
-	// Locking: stateChangeLock
-	@Nullable
-	private SecretKey loadAndDecryptDatabaseKey(String password) {
+	@GuardedBy("stateChangeLock")
+	private SecretKey loadAndDecryptDatabaseKey(String password)
+			throws DecryptionException {
 		String hex = loadEncryptedDatabaseKey();
 		if (hex == null) {
 			LOG.warning("Failed to load encrypted database key");
-			return null;
+			throw new DecryptionException(INVALID_CIPHERTEXT);
 		}
 		byte[] ciphertext = fromHexString(hex);
-		byte[] plaintext = crypto.decryptWithPassword(ciphertext, password);
-		if (plaintext == null) {
-			LOG.info("Failed to decrypt database key");
-			return null;
+		KeyStrengthener keyStrengthener = databaseConfig.getKeyStrengthener();
+		byte[] plaintext = crypto.decryptWithPassword(ciphertext, password,
+				keyStrengthener);
+		SecretKey key = new SecretKey(plaintext);
+		// If the DB key was encrypted with a weak key and a key strengthener
+		// is now available, re-encrypt the DB key with a strengthened key
+		if (keyStrengthener != null &&
+				!crypto.isEncryptedWithStrengthenedKey(ciphertext)) {
+			LOG.info("Re-encrypting database key with strengthened key");
+			encryptAndStoreDatabaseKey(key, password);
 		}
-		return new SecretKey(plaintext);
+		return key;
 	}
 
 	@Override
-	public boolean changePassword(String oldPassword, String newPassword) {
+	public void changePassword(String oldPassword, String newPassword)
+			throws DecryptionException {
 		synchronized (stateChangeLock) {
 			SecretKey key = loadAndDecryptDatabaseKey(oldPassword);
-			return key != null && encryptAndStoreDatabaseKey(key, newPassword);
+			encryptAndStoreDatabaseKey(key, newPassword);
 		}
 	}
 }

bramble-core/src/main/java/org/briarproject/bramble/connection/Connection.java

@@ -0,0 +1,79 @@
+package org.briarproject.bramble.connection;
+
+import org.briarproject.bramble.api.connection.ConnectionRegistry;
+import org.briarproject.bramble.api.db.DbException;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportConnectionReader;
+import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.transport.KeyManager;
+import org.briarproject.bramble.api.transport.StreamContext;
+import org.briarproject.bramble.api.transport.StreamReaderFactory;
+import org.briarproject.bramble.api.transport.StreamWriterFactory;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.logging.Logger;
+
+import javax.annotation.Nullable;
+
+import static java.util.logging.Level.WARNING;
+import static java.util.logging.Logger.getLogger;
+import static org.briarproject.bramble.api.transport.TransportConstants.TAG_LENGTH;
+import static org.briarproject.bramble.util.IoUtils.read;
+import static org.briarproject.bramble.util.LogUtils.logException;
+
+@NotNullByDefault
+abstract class Connection {
+
+	protected static final Logger LOG = getLogger(Connection.class.getName());
+
+	final KeyManager keyManager;
+	final ConnectionRegistry connectionRegistry;
+	final StreamReaderFactory streamReaderFactory;
+	final StreamWriterFactory streamWriterFactory;
+
+	Connection(KeyManager keyManager, ConnectionRegistry connectionRegistry,
+			StreamReaderFactory streamReaderFactory,
+			StreamWriterFactory streamWriterFactory) {
+		this.keyManager = keyManager;
+		this.connectionRegistry = connectionRegistry;
+		this.streamReaderFactory = streamReaderFactory;
+		this.streamWriterFactory = streamWriterFactory;
+	}
+
+	@Nullable
+	StreamContext recogniseTag(TransportConnectionReader reader,
+			TransportId transportId) {
+		StreamContext ctx;
+		try {
+			byte[] tag = readTag(reader.getInputStream());
+			return keyManager.getStreamContext(transportId, tag);
+		} catch (IOException | DbException e) {
+			logException(LOG, WARNING, e);
+			return null;
+		}
+	}
+
+	private byte[] readTag(InputStream in) throws IOException {
+		byte[] tag = new byte[TAG_LENGTH];
+		read(in, tag);
+		return tag;
+	}
+
+	void disposeOnError(TransportConnectionReader reader, boolean recognised) {
+		try {
+			reader.dispose(true, recognised);
+		} catch (IOException e) {
+			logException(LOG, WARNING, e);
+		}
+	}
+
+	void disposeOnError(TransportConnectionWriter writer) {
+		try {
+			writer.dispose(true);
+		} catch (IOException e) {
+			logException(LOG, WARNING, e);
+		}
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/connection/ConnectionManagerImpl.java

@@ -0,0 +1,114 @@
+package org.briarproject.bramble.connection;
+
+import org.briarproject.bramble.api.connection.ConnectionManager;
+import org.briarproject.bramble.api.connection.ConnectionRegistry;
+import org.briarproject.bramble.api.contact.ContactExchangeManager;
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.contact.HandshakeManager;
+import org.briarproject.bramble.api.contact.PendingContactId;
+import org.briarproject.bramble.api.lifecycle.IoExecutor;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportConnectionReader;
+import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
+import org.briarproject.bramble.api.properties.TransportPropertyManager;
+import org.briarproject.bramble.api.sync.SyncSessionFactory;
+import org.briarproject.bramble.api.transport.KeyManager;
+import org.briarproject.bramble.api.transport.StreamReaderFactory;
+import org.briarproject.bramble.api.transport.StreamWriterFactory;
+
+import java.security.SecureRandom;
+import java.util.concurrent.Executor;
+
+import javax.annotation.concurrent.Immutable;
+import javax.inject.Inject;
+
+@Immutable
+@NotNullByDefault
+class ConnectionManagerImpl implements ConnectionManager {
+
+	private final Executor ioExecutor;
+	private final KeyManager keyManager;
+	private final StreamReaderFactory streamReaderFactory;
+	private final StreamWriterFactory streamWriterFactory;
+	private final SyncSessionFactory syncSessionFactory;
+	private final HandshakeManager handshakeManager;
+	private final ContactExchangeManager contactExchangeManager;
+	private final ConnectionRegistry connectionRegistry;
+	private final TransportPropertyManager transportPropertyManager;
+	private final SecureRandom secureRandom;
+
+	@Inject
+	ConnectionManagerImpl(@IoExecutor Executor ioExecutor,
+			KeyManager keyManager, StreamReaderFactory streamReaderFactory,
+			StreamWriterFactory streamWriterFactory,
+			SyncSessionFactory syncSessionFactory,
+			HandshakeManager handshakeManager,
+			ContactExchangeManager contactExchangeManager,
+			ConnectionRegistry connectionRegistry,
+			TransportPropertyManager transportPropertyManager,
+			SecureRandom secureRandom) {
+		this.ioExecutor = ioExecutor;
+		this.keyManager = keyManager;
+		this.streamReaderFactory = streamReaderFactory;
+		this.streamWriterFactory = streamWriterFactory;
+		this.syncSessionFactory = syncSessionFactory;
+		this.handshakeManager = handshakeManager;
+		this.contactExchangeManager = contactExchangeManager;
+		this.connectionRegistry = connectionRegistry;
+		this.transportPropertyManager = transportPropertyManager;
+		this.secureRandom = secureRandom;
+	}
+
+
+	@Override
+	public void manageIncomingConnection(TransportId t,
+			TransportConnectionReader r) {
+		ioExecutor.execute(new IncomingSimplexSyncConnection(keyManager,
+				connectionRegistry, streamReaderFactory, streamWriterFactory,
+				syncSessionFactory, transportPropertyManager, t, r));
+	}
+
+	@Override
+	public void manageIncomingConnection(TransportId t,
+			DuplexTransportConnection d) {
+		ioExecutor.execute(new IncomingDuplexSyncConnection(keyManager,
+				connectionRegistry, streamReaderFactory, streamWriterFactory,
+				syncSessionFactory, transportPropertyManager, ioExecutor,
+				t, d));
+	}
+
+	@Override
+	public void manageIncomingConnection(PendingContactId p, TransportId t,
+			DuplexTransportConnection d) {
+		ioExecutor.execute(new IncomingHandshakeConnection(keyManager,
+				connectionRegistry, streamReaderFactory, streamWriterFactory,
+				handshakeManager, contactExchangeManager, this, p, t, d));
+	}
+
+	@Override
+	public void manageOutgoingConnection(ContactId c, TransportId t,
+			TransportConnectionWriter w) {
+		ioExecutor.execute(new OutgoingSimplexSyncConnection(keyManager,
+				connectionRegistry, streamReaderFactory, streamWriterFactory,
+				syncSessionFactory, transportPropertyManager, c, t, w));
+	}
+
+	@Override
+	public void manageOutgoingConnection(ContactId c, TransportId t,
+			DuplexTransportConnection d) {
+		ioExecutor.execute(new OutgoingDuplexSyncConnection(keyManager,
+				connectionRegistry, streamReaderFactory, streamWriterFactory,
+				syncSessionFactory, transportPropertyManager, ioExecutor,
+				secureRandom, c, t, d));
+	}
+
+	@Override
+	public void manageOutgoingConnection(PendingContactId p, TransportId t,
+			DuplexTransportConnection d) {
+		ioExecutor.execute(new OutgoingHandshakeConnection(keyManager,
+				connectionRegistry, streamReaderFactory, streamWriterFactory,
+				handshakeManager, contactExchangeManager, this, p, t, d));
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/connection/ConnectionModule.java

@@ -0,0 +1,26 @@
+package org.briarproject.bramble.connection;
+
+import org.briarproject.bramble.api.connection.ConnectionManager;
+import org.briarproject.bramble.api.connection.ConnectionRegistry;
+
+import javax.inject.Singleton;
+
+import dagger.Module;
+import dagger.Provides;
+
+@Module
+public class ConnectionModule {
+
+	@Provides
+	ConnectionManager provideConnectionManager(
+			ConnectionManagerImpl connectionManager) {
+		return connectionManager;
+	}
+
+	@Provides
+	@Singleton
+	ConnectionRegistry provideConnectionRegistry(
+			ConnectionRegistryImpl connectionRegistry) {
+		return connectionRegistry;
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/connection/ConnectionRegistryImpl.java

@@ -0,0 +1,289 @@
+package org.briarproject.bramble.connection;
+
+import org.briarproject.bramble.api.Bytes;
+import org.briarproject.bramble.api.connection.ConnectionRegistry;
+import org.briarproject.bramble.api.connection.InterruptibleConnection;
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.contact.PendingContactId;
+import org.briarproject.bramble.api.event.EventBus;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.PluginConfig;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.plugin.event.ConnectionClosedEvent;
+import org.briarproject.bramble.api.plugin.event.ConnectionOpenedEvent;
+import org.briarproject.bramble.api.plugin.event.ContactConnectedEvent;
+import org.briarproject.bramble.api.plugin.event.ContactDisconnectedEvent;
+import org.briarproject.bramble.api.rendezvous.event.RendezvousConnectionClosedEvent;
+import org.briarproject.bramble.api.rendezvous.event.RendezvousConnectionOpenedEvent;
+import org.briarproject.bramble.api.sync.Priority;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+import java.util.Set;
+import java.util.logging.Logger;
+
+import javax.annotation.Nullable;
+import javax.annotation.concurrent.GuardedBy;
+import javax.annotation.concurrent.ThreadSafe;
+import javax.inject.Inject;
+
+import static java.util.Collections.emptyList;
+import static java.util.logging.Level.INFO;
+import static java.util.logging.Logger.getLogger;
+
+@ThreadSafe
+@NotNullByDefault
+class ConnectionRegistryImpl implements ConnectionRegistry {
+
+	private static final Logger LOG =
+			getLogger(ConnectionRegistryImpl.class.getName());
+
+	private final EventBus eventBus;
+	private final Map<TransportId, List<TransportId>> transportPrefs;
+
+	private final Object lock = new Object();
+	@GuardedBy("lock")
+	private final Map<ContactId, List<ConnectionRecord>> contactConnections;
+	@GuardedBy("lock")
+	private final Set<PendingContactId> connectedPendingContacts;
+
+	@Inject
+	ConnectionRegistryImpl(EventBus eventBus, PluginConfig pluginConfig) {
+		this.eventBus = eventBus;
+		transportPrefs = pluginConfig.getTransportPreferences();
+		contactConnections = new HashMap<>();
+		connectedPendingContacts = new HashSet<>();
+	}
+
+	@Override
+	public void registerIncomingConnection(ContactId c, TransportId t,
+			InterruptibleConnection conn) {
+		if (LOG.isLoggable(INFO)) {
+			LOG.info("Incoming connection registered: " + t);
+		}
+		registerConnection(c, t, conn, true);
+	}
+
+	@Override
+	public void registerOutgoingConnection(ContactId c, TransportId t,
+			InterruptibleConnection conn, Priority priority) {
+		if (LOG.isLoggable(INFO)) {
+			LOG.info("Outgoing connection registered: " + t);
+		}
+		registerConnection(c, t, conn, false);
+		setPriority(c, t, conn, priority);
+	}
+
+	private void registerConnection(ContactId c, TransportId t,
+			InterruptibleConnection conn, boolean incoming) {
+		if (LOG.isLoggable(INFO)) {
+			if (incoming) LOG.info("Incoming connection registered: " + t);
+			else LOG.info("Outgoing connection registered: " + t);
+		}
+		boolean firstConnection;
+		synchronized (lock) {
+			List<ConnectionRecord> recs = contactConnections.get(c);
+			if (recs == null) {
+				recs = new ArrayList<>();
+				contactConnections.put(c, recs);
+			}
+			firstConnection = recs.isEmpty();
+			recs.add(new ConnectionRecord(t, conn));
+		}
+		eventBus.broadcast(new ConnectionOpenedEvent(c, t, incoming));
+		if (firstConnection) {
+			LOG.info("Contact connected");
+			eventBus.broadcast(new ContactConnectedEvent(c));
+		}
+	}
+
+	@Override
+	public void setPriority(ContactId c, TransportId t,
+			InterruptibleConnection conn, Priority priority) {
+		if (LOG.isLoggable(INFO)) LOG.info("Setting connection priority: " + t);
+		List<InterruptibleConnection> toInterrupt;
+		boolean interruptNewConnection = false;
+		synchronized (lock) {
+			List<ConnectionRecord> recs = contactConnections.get(c);
+			if (recs == null) throw new IllegalArgumentException();
+			toInterrupt = new ArrayList<>(recs.size());
+			for (ConnectionRecord rec : recs) {
+				if (rec.conn == conn) {
+					// Store the priority of this connection
+					rec.priority = priority;
+				} else if (rec.priority != null) {
+					int compare = compareConnections(t, priority,
+							rec.transportId, rec.priority);
+					if (compare == -1) {
+						// The old connection is better than the new one
+						interruptNewConnection = true;
+					} else if (compare == 1 && !rec.interrupted) {
+						// The new connection is better than the old one
+						toInterrupt.add(rec.conn);
+						rec.interrupted = true;
+					}
+				}
+			}
+		}
+		if (interruptNewConnection) {
+			LOG.info("Interrupting new connection");
+			conn.interruptOutgoingSession();
+		}
+		for (InterruptibleConnection old : toInterrupt) {
+			LOG.info("Interrupting old connection");
+			old.interruptOutgoingSession();
+		}
+	}
+
+	private int compareConnections(TransportId tA, Priority pA, TransportId tB,
+			Priority pB) {
+		if (getBetterTransports(tA).contains(tB)) return -1;
+		if (getBetterTransports(tB).contains(tA)) return 1;
+		return tA.equals(tB) ? Bytes.compare(pA.getNonce(), pB.getNonce()) : 0;
+	}
+
+	private List<TransportId> getBetterTransports(TransportId t) {
+		List<TransportId> better = transportPrefs.get(t);
+		return better == null ? emptyList() : better;
+	}
+
+	@Override
+	public void unregisterConnection(ContactId c, TransportId t,
+			InterruptibleConnection conn, boolean incoming, boolean exception) {
+		if (LOG.isLoggable(INFO)) {
+			if (incoming) LOG.info("Incoming connection unregistered: " + t);
+			else LOG.info("Outgoing connection unregistered: " + t);
+		}
+		boolean lastConnection;
+		synchronized (lock) {
+			List<ConnectionRecord> recs = contactConnections.get(c);
+			if (recs == null || !recs.remove(new ConnectionRecord(t, conn)))
+				throw new IllegalArgumentException();
+			lastConnection = recs.isEmpty();
+		}
+		eventBus.broadcast(
+				new ConnectionClosedEvent(c, t, incoming, exception));
+		if (lastConnection) {
+			LOG.info("Contact disconnected");
+			eventBus.broadcast(new ContactDisconnectedEvent(c));
+		}
+	}
+
+	@Override
+	public Collection<ContactId> getConnectedContacts(TransportId t) {
+		synchronized (lock) {
+			List<ContactId> contactIds = new ArrayList<>();
+			for (Entry<ContactId, List<ConnectionRecord>> e :
+					contactConnections.entrySet()) {
+				for (ConnectionRecord rec : e.getValue()) {
+					if (rec.transportId.equals(t)) {
+						contactIds.add(e.getKey());
+						break;
+					}
+				}
+			}
+			if (LOG.isLoggable(INFO)) {
+				LOG.info(contactIds.size() + " contacts connected: " + t);
+			}
+			return contactIds;
+		}
+	}
+
+	@Override
+	public Collection<ContactId> getConnectedOrBetterContacts(TransportId t) {
+		synchronized (lock) {
+			List<TransportId> better = getBetterTransports(t);
+			List<ContactId> contactIds = new ArrayList<>();
+			for (Entry<ContactId, List<ConnectionRecord>> e :
+					contactConnections.entrySet()) {
+				for (ConnectionRecord rec : e.getValue()) {
+					if (rec.transportId.equals(t) ||
+							better.contains(rec.transportId)) {
+						contactIds.add(e.getKey());
+						break;
+					}
+				}
+			}
+			if (LOG.isLoggable(INFO)) {
+				LOG.info(contactIds.size()
+						+ " contacts connected or better: " + t);
+			}
+			return contactIds;
+		}
+	}
+
+	@Override
+	public boolean isConnected(ContactId c, TransportId t) {
+		synchronized (lock) {
+			List<ConnectionRecord> recs = contactConnections.get(c);
+			if (recs == null) return false;
+			for (ConnectionRecord rec : recs) {
+				if (rec.transportId.equals(t)) return true;
+			}
+			return false;
+		}
+	}
+
+	@Override
+	public boolean isConnected(ContactId c) {
+		synchronized (lock) {
+			List<ConnectionRecord> recs = contactConnections.get(c);
+			return recs != null && !recs.isEmpty();
+		}
+	}
+
+	@Override
+	public boolean registerConnection(PendingContactId p) {
+		boolean added;
+		synchronized (lock) {
+			added = connectedPendingContacts.add(p);
+		}
+		if (added) eventBus.broadcast(new RendezvousConnectionOpenedEvent(p));
+		return added;
+	}
+
+	@Override
+	public void unregisterConnection(PendingContactId p, boolean success) {
+		synchronized (lock) {
+			if (!connectedPendingContacts.remove(p))
+				throw new IllegalArgumentException();
+		}
+		eventBus.broadcast(new RendezvousConnectionClosedEvent(p, success));
+	}
+
+	private static class ConnectionRecord {
+
+		private final TransportId transportId;
+		private final InterruptibleConnection conn;
+		@GuardedBy("lock")
+		@Nullable
+		private Priority priority = null;
+		@GuardedBy("lock")
+		private boolean interrupted = false;
+
+		private ConnectionRecord(TransportId transportId,
+				InterruptibleConnection conn) {
+			this.transportId = transportId;
+			this.conn = conn;
+		}
+
+		@Override
+		public boolean equals(Object o) {
+			if (o instanceof ConnectionRecord) {
+				return conn == ((ConnectionRecord) o).conn;
+			} else {
+				return false;
+			}
+		}
+
+		@Override
+		public int hashCode() {
+			return conn.hashCode();
+		}
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/connection/DuplexSyncConnection.java

@@ -0,0 +1,109 @@
+package org.briarproject.bramble.connection;
+
+import org.briarproject.bramble.api.connection.ConnectionRegistry;
+import org.briarproject.bramble.api.connection.InterruptibleConnection;
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportConnectionReader;
+import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
+import org.briarproject.bramble.api.properties.TransportProperties;
+import org.briarproject.bramble.api.properties.TransportPropertyManager;
+import org.briarproject.bramble.api.sync.Priority;
+import org.briarproject.bramble.api.sync.SyncSession;
+import org.briarproject.bramble.api.sync.SyncSessionFactory;
+import org.briarproject.bramble.api.transport.KeyManager;
+import org.briarproject.bramble.api.transport.StreamContext;
+import org.briarproject.bramble.api.transport.StreamReaderFactory;
+import org.briarproject.bramble.api.transport.StreamWriter;
+import org.briarproject.bramble.api.transport.StreamWriterFactory;
+
+import java.io.IOException;
+import java.util.concurrent.Executor;
+
+import javax.annotation.Nullable;
+import javax.annotation.concurrent.GuardedBy;
+
+import static org.briarproject.bramble.api.nullsafety.NullSafety.requireNonNull;
+
+@NotNullByDefault
+abstract class DuplexSyncConnection extends SyncConnection
+		implements InterruptibleConnection {
+
+	final Executor ioExecutor;
+	final TransportId transportId;
+	final TransportConnectionReader reader;
+	final TransportConnectionWriter writer;
+	final TransportProperties remote;
+
+	private final Object interruptLock = new Object();
+
+	@GuardedBy("interruptLock")
+	@Nullable
+	private SyncSession outgoingSession = null;
+	@GuardedBy("interruptLock")
+	private boolean interruptWaiting = false;
+
+	@Override
+	public void interruptOutgoingSession() {
+		SyncSession out = null;
+		synchronized (interruptLock) {
+			if (outgoingSession == null) interruptWaiting = true;
+			else out = outgoingSession;
+		}
+		if (out != null) out.interrupt();
+	}
+
+	void setOutgoingSession(SyncSession outgoingSession) {
+		boolean interruptWasWaiting = false;
+		synchronized (interruptLock) {
+			this.outgoingSession = outgoingSession;
+			if (interruptWaiting) {
+				interruptWasWaiting = true;
+				interruptWaiting = false;
+			}
+		}
+		if (interruptWasWaiting) outgoingSession.interrupt();
+	}
+
+	DuplexSyncConnection(KeyManager keyManager,
+			ConnectionRegistry connectionRegistry,
+			StreamReaderFactory streamReaderFactory,
+			StreamWriterFactory streamWriterFactory,
+			SyncSessionFactory syncSessionFactory,
+			TransportPropertyManager transportPropertyManager,
+			Executor ioExecutor, TransportId transportId,
+			DuplexTransportConnection connection) {
+		super(keyManager, connectionRegistry, streamReaderFactory,
+				streamWriterFactory, syncSessionFactory,
+				transportPropertyManager);
+		this.ioExecutor = ioExecutor;
+		this.transportId = transportId;
+		reader = connection.getReader();
+		writer = connection.getWriter();
+		remote = connection.getRemoteProperties();
+	}
+
+	void onReadError(boolean recognised) {
+		disposeOnError(reader, recognised);
+		disposeOnError(writer);
+		interruptOutgoingSession();
+	}
+
+	void onWriteError() {
+		disposeOnError(reader, true);
+		disposeOnError(writer);
+	}
+
+	SyncSession createDuplexOutgoingSession(StreamContext ctx,
+			TransportConnectionWriter w, @Nullable Priority priority)
+			throws IOException {
+		StreamWriter streamWriter = streamWriterFactory.createStreamWriter(
+				w.getOutputStream(), ctx);
+		ContactId c = requireNonNull(ctx.getContactId());
+		return syncSessionFactory.createDuplexOutgoingSession(c,
+				ctx.getTransportId(), w.getMaxLatency(), w.getMaxIdleTime(),
+				streamWriter, priority);
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/connection/HandshakeConnection.java

@@ -0,0 +1,72 @@
+package org.briarproject.bramble.connection;
+
+import org.briarproject.bramble.api.connection.ConnectionManager;
+import org.briarproject.bramble.api.connection.ConnectionRegistry;
+import org.briarproject.bramble.api.contact.ContactExchangeManager;
+import org.briarproject.bramble.api.contact.HandshakeManager;
+import org.briarproject.bramble.api.contact.PendingContactId;
+import org.briarproject.bramble.api.db.DbException;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportConnectionReader;
+import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
+import org.briarproject.bramble.api.transport.KeyManager;
+import org.briarproject.bramble.api.transport.StreamContext;
+import org.briarproject.bramble.api.transport.StreamReaderFactory;
+import org.briarproject.bramble.api.transport.StreamWriterFactory;
+
+import javax.annotation.Nullable;
+
+import static java.util.logging.Level.WARNING;
+import static org.briarproject.bramble.util.LogUtils.logException;
+
+@NotNullByDefault
+abstract class HandshakeConnection extends Connection {
+
+	final HandshakeManager handshakeManager;
+	final ContactExchangeManager contactExchangeManager;
+	final ConnectionManager connectionManager;
+	final PendingContactId pendingContactId;
+	final TransportId transportId;
+	final DuplexTransportConnection connection;
+	final TransportConnectionReader reader;
+	final TransportConnectionWriter writer;
+
+	HandshakeConnection(KeyManager keyManager,
+			ConnectionRegistry connectionRegistry,
+			StreamReaderFactory streamReaderFactory,
+			StreamWriterFactory streamWriterFactory,
+			HandshakeManager handshakeManager,
+			ContactExchangeManager contactExchangeManager,
+			ConnectionManager connectionManager,
+			PendingContactId pendingContactId,
+			TransportId transportId, DuplexTransportConnection connection) {
+		super(keyManager, connectionRegistry, streamReaderFactory,
+				streamWriterFactory);
+		this.handshakeManager = handshakeManager;
+		this.contactExchangeManager = contactExchangeManager;
+		this.connectionManager = connectionManager;
+		this.pendingContactId = pendingContactId;
+		this.transportId = transportId;
+		this.connection = connection;
+		reader = connection.getReader();
+		writer = connection.getWriter();
+	}
+
+	@Nullable
+	StreamContext allocateStreamContext(PendingContactId pendingContactId,
+			TransportId transportId) {
+		try {
+			return keyManager.getStreamContext(pendingContactId, transportId);
+		} catch (DbException e) {
+			logException(LOG, WARNING, e);
+			return null;
+		}
+	}
+
+	void onError(boolean recognised) {
+		disposeOnError(reader, recognised);
+		disposeOnError(writer);
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/connection/IncomingDuplexSyncConnection.java

@@ -0,0 +1,107 @@
+package org.briarproject.bramble.connection;
+
+import org.briarproject.bramble.api.connection.ConnectionRegistry;
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.db.DbException;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
+import org.briarproject.bramble.api.properties.TransportPropertyManager;
+import org.briarproject.bramble.api.sync.PriorityHandler;
+import org.briarproject.bramble.api.sync.SyncSession;
+import org.briarproject.bramble.api.sync.SyncSessionFactory;
+import org.briarproject.bramble.api.transport.KeyManager;
+import org.briarproject.bramble.api.transport.StreamContext;
+import org.briarproject.bramble.api.transport.StreamReaderFactory;
+import org.briarproject.bramble.api.transport.StreamWriterFactory;
+
+import java.io.IOException;
+import java.util.concurrent.Executor;
+
+import static java.util.logging.Level.WARNING;
+import static org.briarproject.bramble.util.LogUtils.logException;
+
+@NotNullByDefault
+class IncomingDuplexSyncConnection extends DuplexSyncConnection
+		implements Runnable {
+
+	IncomingDuplexSyncConnection(KeyManager keyManager,
+			ConnectionRegistry connectionRegistry,
+			StreamReaderFactory streamReaderFactory,
+			StreamWriterFactory streamWriterFactory,
+			SyncSessionFactory syncSessionFactory,
+			TransportPropertyManager transportPropertyManager,
+			Executor ioExecutor, TransportId transportId,
+			DuplexTransportConnection connection) {
+		super(keyManager, connectionRegistry, streamReaderFactory,
+				streamWriterFactory, syncSessionFactory,
+				transportPropertyManager, ioExecutor, transportId, connection);
+	}
+
+	@Override
+	public void run() {
+		// Read and recognise the tag
+		StreamContext ctx = recogniseTag(reader, transportId);
+		if (ctx == null) {
+			LOG.info("Unrecognised tag");
+			onReadError(false);
+			return;
+		}
+		ContactId contactId = ctx.getContactId();
+		if (contactId == null) {
+			LOG.warning("Expected contact tag, got rendezvous tag");
+			onReadError(true);
+			return;
+		}
+		if (ctx.isHandshakeMode()) {
+			// TODO: Support handshake mode for contacts
+			LOG.warning("Received handshake tag, expected rotation mode");
+			onReadError(true);
+			return;
+		}
+		connectionRegistry.registerIncomingConnection(contactId, transportId,
+				this);
+		// Start the outgoing session on another thread
+		ioExecutor.execute(() -> runOutgoingSession(contactId));
+		try {
+			// Store any transport properties discovered from the connection
+			transportPropertyManager.addRemotePropertiesFromConnection(
+					contactId, transportId, remote);
+			// Update the connection registry when we receive our priority
+			PriorityHandler handler = p -> connectionRegistry.setPriority(
+					contactId, transportId, this, p);
+			// Create and run the incoming session
+			createIncomingSession(ctx, reader, handler).run();
+			reader.dispose(false, true);
+			interruptOutgoingSession();
+			connectionRegistry.unregisterConnection(contactId, transportId,
+					this, true, false);
+		} catch (DbException | IOException e) {
+			logException(LOG, WARNING, e);
+			onReadError(true);
+			connectionRegistry.unregisterConnection(contactId, transportId,
+					this, true, true);
+		}
+	}
+
+	private void runOutgoingSession(ContactId contactId) {
+		// Allocate a stream context
+		StreamContext ctx = allocateStreamContext(contactId, transportId);
+		if (ctx == null) {
+			LOG.warning("Could not allocate stream context");
+			onWriteError();
+			return;
+		}
+		try {
+			// Create and run the outgoing session
+			SyncSession out = createDuplexOutgoingSession(ctx, writer, null);
+			setOutgoingSession(out);
+			out.run();
+			writer.dispose(false);
+		} catch (IOException e) {
+			logException(LOG, WARNING, e);
+			onWriteError();
+		}
+	}
+}
+

bramble-core/src/main/java/org/briarproject/bramble/connection/IncomingHandshakeConnection.java

@@ -0,0 +1,93 @@
+package org.briarproject.bramble.connection;
+
+import org.briarproject.bramble.api.connection.ConnectionManager;
+import org.briarproject.bramble.api.connection.ConnectionRegistry;
+import org.briarproject.bramble.api.contact.ContactExchangeManager;
+import org.briarproject.bramble.api.contact.HandshakeManager;
+import org.briarproject.bramble.api.contact.HandshakeManager.HandshakeResult;
+import org.briarproject.bramble.api.contact.PendingContactId;
+import org.briarproject.bramble.api.db.DbException;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
+import org.briarproject.bramble.api.transport.KeyManager;
+import org.briarproject.bramble.api.transport.StreamContext;
+import org.briarproject.bramble.api.transport.StreamReaderFactory;
+import org.briarproject.bramble.api.transport.StreamWriter;
+import org.briarproject.bramble.api.transport.StreamWriterFactory;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import static java.util.logging.Level.WARNING;
+import static org.briarproject.bramble.util.LogUtils.logException;
+
+@NotNullByDefault
+class IncomingHandshakeConnection extends HandshakeConnection
+		implements Runnable {
+
+	IncomingHandshakeConnection(KeyManager keyManager,
+			ConnectionRegistry connectionRegistry,
+			StreamReaderFactory streamReaderFactory,
+			StreamWriterFactory streamWriterFactory,
+			HandshakeManager handshakeManager,
+			ContactExchangeManager contactExchangeManager,
+			ConnectionManager connectionManager,
+			PendingContactId pendingContactId,
+			TransportId transportId, DuplexTransportConnection connection) {
+		super(keyManager, connectionRegistry, streamReaderFactory,
+				streamWriterFactory, handshakeManager, contactExchangeManager,
+				connectionManager, pendingContactId, transportId, connection);
+	}
+
+	@Override
+	public void run() {
+		// Read and recognise the tag
+		StreamContext ctxIn = recogniseTag(reader, transportId);
+		if (ctxIn == null) {
+			LOG.info("Unrecognised tag");
+			onError(false);
+			return;
+		}
+		PendingContactId inPendingContactId = ctxIn.getPendingContactId();
+		if (inPendingContactId == null) {
+			LOG.warning("Expected rendezvous tag, got contact tag");
+			onError(true);
+			return;
+		}
+		// Allocate the outgoing stream context
+		StreamContext ctxOut =
+				allocateStreamContext(pendingContactId, transportId);
+		if (ctxOut == null) {
+			LOG.warning("Could not allocate stream context");
+			onError(true);
+			return;
+		}
+		// Close the connection if it's redundant
+		if (!connectionRegistry.registerConnection(pendingContactId)) {
+			LOG.info("Redundant rendezvous connection");
+			onError(true);
+			return;
+		}
+		// Handshake and exchange contacts
+		try {
+			InputStream in = streamReaderFactory.createStreamReader(
+					reader.getInputStream(), ctxIn);
+			// Flush the output stream to send the outgoing stream header
+			StreamWriter out = streamWriterFactory.createStreamWriter(
+					writer.getOutputStream(), ctxOut);
+			out.getOutputStream().flush();
+			HandshakeResult result =
+					handshakeManager.handshake(pendingContactId, in, out);
+			contactExchangeManager.exchangeContacts(pendingContactId,
+					connection, result.getMasterKey(), result.isAlice(), false);
+			connectionRegistry.unregisterConnection(pendingContactId, true);
+			// Reuse the connection as a transport connection
+			connectionManager.manageIncomingConnection(transportId, connection);
+		} catch (IOException | DbException e) {
+			logException(LOG, WARNING, e);
+			onError(true);
+			connectionRegistry.unregisterConnection(pendingContactId, false);
+		}
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/connection/IncomingSimplexSyncConnection.java

@@ -0,0 +1,79 @@
+package org.briarproject.bramble.connection;
+
+import org.briarproject.bramble.api.connection.ConnectionRegistry;
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportConnectionReader;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.properties.TransportPropertyManager;
+import org.briarproject.bramble.api.sync.PriorityHandler;
+import org.briarproject.bramble.api.sync.SyncSessionFactory;
+import org.briarproject.bramble.api.transport.KeyManager;
+import org.briarproject.bramble.api.transport.StreamContext;
+import org.briarproject.bramble.api.transport.StreamReaderFactory;
+import org.briarproject.bramble.api.transport.StreamWriterFactory;
+
+import java.io.IOException;
+
+import static java.util.logging.Level.WARNING;
+import static org.briarproject.bramble.util.LogUtils.logException;
+
+@NotNullByDefault
+class IncomingSimplexSyncConnection extends SyncConnection implements Runnable {
+
+	private final TransportId transportId;
+	private final TransportConnectionReader reader;
+
+	IncomingSimplexSyncConnection(KeyManager keyManager,
+			ConnectionRegistry connectionRegistry,
+			StreamReaderFactory streamReaderFactory,
+			StreamWriterFactory streamWriterFactory,
+			SyncSessionFactory syncSessionFactory,
+			TransportPropertyManager transportPropertyManager,
+			TransportId transportId, TransportConnectionReader reader) {
+		super(keyManager, connectionRegistry, streamReaderFactory,
+				streamWriterFactory, syncSessionFactory,
+				transportPropertyManager);
+		this.transportId = transportId;
+		this.reader = reader;
+	}
+
+	@Override
+	public void run() {
+		// Read and recognise the tag
+		StreamContext ctx = recogniseTag(reader, transportId);
+		if (ctx == null) {
+			LOG.info("Unrecognised tag");
+			onError(false);
+			return;
+		}
+		ContactId contactId = ctx.getContactId();
+		if (contactId == null) {
+			LOG.warning("Received rendezvous stream, expected contact");
+			onError(true);
+			return;
+		}
+		if (ctx.isHandshakeMode()) {
+			// TODO: Support handshake mode for contacts
+			LOG.warning("Received handshake tag, expected rotation mode");
+			onError(true);
+			return;
+		}
+		try {
+			// We don't expect to receive a priority for this connection
+			PriorityHandler handler = p ->
+					LOG.info("Ignoring priority for simplex connection");
+			// Create and run the incoming session
+			createIncomingSession(ctx, reader, handler).run();
+			reader.dispose(false, true);
+		} catch (IOException e) {
+			logException(LOG, WARNING, e);
+			onError(true);
+		}
+	}
+
+	private void onError(boolean recognised) {
+		disposeOnError(reader, recognised);
+	}
+}
+

bramble-core/src/main/java/org/briarproject/bramble/connection/OutgoingDuplexSyncConnection.java

@@ -0,0 +1,140 @@
+package org.briarproject.bramble.connection;
+
+import org.briarproject.bramble.api.connection.ConnectionRegistry;
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.db.DbException;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
+import org.briarproject.bramble.api.properties.TransportPropertyManager;
+import org.briarproject.bramble.api.sync.Priority;
+import org.briarproject.bramble.api.sync.PriorityHandler;
+import org.briarproject.bramble.api.sync.SyncSession;
+import org.briarproject.bramble.api.sync.SyncSessionFactory;
+import org.briarproject.bramble.api.transport.KeyManager;
+import org.briarproject.bramble.api.transport.StreamContext;
+import org.briarproject.bramble.api.transport.StreamReaderFactory;
+import org.briarproject.bramble.api.transport.StreamWriterFactory;
+
+import java.io.IOException;
+import java.security.SecureRandom;
+import java.util.concurrent.Executor;
+
+import static java.util.logging.Level.WARNING;
+import static org.briarproject.bramble.api.sync.SyncConstants.PRIORITY_NONCE_BYTES;
+import static org.briarproject.bramble.util.LogUtils.logException;
+
+@NotNullByDefault
+class OutgoingDuplexSyncConnection extends DuplexSyncConnection
+		implements Runnable {
+
+	private final SecureRandom secureRandom;
+	private final ContactId contactId;
+
+	OutgoingDuplexSyncConnection(KeyManager keyManager,
+			ConnectionRegistry connectionRegistry,
+			StreamReaderFactory streamReaderFactory,
+			StreamWriterFactory streamWriterFactory,
+			SyncSessionFactory syncSessionFactory,
+			TransportPropertyManager transportPropertyManager,
+			Executor ioExecutor, SecureRandom secureRandom, ContactId contactId,
+			TransportId transportId, DuplexTransportConnection connection) {
+		super(keyManager, connectionRegistry, streamReaderFactory,
+				streamWriterFactory, syncSessionFactory,
+				transportPropertyManager, ioExecutor, transportId, connection);
+		this.secureRandom = secureRandom;
+		this.contactId = contactId;
+	}
+
+	@Override
+	public void run() {
+		// Allocate a stream context
+		StreamContext ctx = allocateStreamContext(contactId, transportId);
+		if (ctx == null) {
+			LOG.warning("Could not allocate stream context");
+			onWriteError();
+			return;
+		}
+		if (ctx.isHandshakeMode()) {
+			// TODO: Support handshake mode for contacts
+			LOG.warning("Cannot use handshake mode stream context");
+			onWriteError();
+			return;
+		}
+		// Start the incoming session on another thread
+		Priority priority = generatePriority();
+		ioExecutor.execute(() -> runIncomingSession(priority));
+		try {
+			// Create and run the outgoing session
+			SyncSession out =
+					createDuplexOutgoingSession(ctx, writer, priority);
+			setOutgoingSession(out);
+			out.run();
+			writer.dispose(false);
+		} catch (IOException e) {
+			logException(LOG, WARNING, e);
+			onWriteError();
+		}
+	}
+
+	private void runIncomingSession(Priority priority) {
+		// Read and recognise the tag
+		StreamContext ctx = recogniseTag(reader, transportId);
+		// Unrecognised tags are suspicious in this case
+		if (ctx == null) {
+			LOG.warning("Unrecognised tag for returning stream");
+			onReadError();
+			return;
+		}
+		// Check that the stream comes from the expected contact
+		ContactId inContactId = ctx.getContactId();
+		if (inContactId == null) {
+			LOG.warning("Expected contact tag, got rendezvous tag");
+			onReadError();
+			return;
+		}
+		if (!contactId.equals(inContactId)) {
+			LOG.warning("Wrong contact ID for returning stream");
+			onReadError();
+			return;
+		}
+		if (ctx.isHandshakeMode()) {
+			// TODO: Support handshake mode for contacts
+			LOG.warning("Received handshake tag, expected rotation mode");
+			onReadError();
+			return;
+		}
+		connectionRegistry.registerOutgoingConnection(contactId, transportId,
+				this, priority);
+		try {
+			// Store any transport properties discovered from the connection
+			transportPropertyManager.addRemotePropertiesFromConnection(
+					contactId, transportId, remote);
+			// We don't expect to receive a priority for this connection
+			PriorityHandler handler = p ->
+					LOG.info("Ignoring priority for outgoing connection");
+			// Create and run the incoming session
+			createIncomingSession(ctx, reader, handler).run();
+			reader.dispose(false, true);
+			interruptOutgoingSession();
+			connectionRegistry.unregisterConnection(contactId, transportId,
+					this, false, false);
+		} catch (DbException | IOException e) {
+			logException(LOG, WARNING, e);
+			onReadError();
+			connectionRegistry.unregisterConnection(contactId, transportId,
+					this, false, true);
+		}
+	}
+
+	private void onReadError() {
+		// 'Recognised' is always true for outgoing connections
+		onReadError(true);
+	}
+
+	private Priority generatePriority() {
+		byte[] nonce = new byte[PRIORITY_NONCE_BYTES];
+		secureRandom.nextBytes(nonce);
+		return new Priority(nonce);
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/connection/OutgoingHandshakeConnection.java

@@ -0,0 +1,115 @@
+package org.briarproject.bramble.connection;
+
+import org.briarproject.bramble.api.connection.ConnectionManager;
+import org.briarproject.bramble.api.connection.ConnectionRegistry;
+import org.briarproject.bramble.api.contact.Contact;
+import org.briarproject.bramble.api.contact.ContactExchangeManager;
+import org.briarproject.bramble.api.contact.HandshakeManager;
+import org.briarproject.bramble.api.contact.HandshakeManager.HandshakeResult;
+import org.briarproject.bramble.api.contact.PendingContactId;
+import org.briarproject.bramble.api.db.DbException;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
+import org.briarproject.bramble.api.transport.KeyManager;
+import org.briarproject.bramble.api.transport.StreamContext;
+import org.briarproject.bramble.api.transport.StreamReaderFactory;
+import org.briarproject.bramble.api.transport.StreamWriter;
+import org.briarproject.bramble.api.transport.StreamWriterFactory;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import static java.util.logging.Level.WARNING;
+import static org.briarproject.bramble.util.LogUtils.logException;
+
+@NotNullByDefault
+class OutgoingHandshakeConnection extends HandshakeConnection
+		implements Runnable {
+
+	OutgoingHandshakeConnection(KeyManager keyManager,
+			ConnectionRegistry connectionRegistry,
+			StreamReaderFactory streamReaderFactory,
+			StreamWriterFactory streamWriterFactory,
+			HandshakeManager handshakeManager,
+			ContactExchangeManager contactExchangeManager,
+			ConnectionManager connectionManager,
+			PendingContactId pendingContactId,
+			TransportId transportId, DuplexTransportConnection connection) {
+		super(keyManager, connectionRegistry, streamReaderFactory,
+				streamWriterFactory, handshakeManager, contactExchangeManager,
+				connectionManager, pendingContactId, transportId, connection);
+	}
+
+	@Override
+	public void run() {
+		// Allocate the outgoing stream context
+		StreamContext ctxOut =
+				allocateStreamContext(pendingContactId, transportId);
+		if (ctxOut == null) {
+			LOG.warning("Could not allocate stream context");
+			onError();
+			return;
+		}
+		// Flush the output stream to send the outgoing stream header
+		StreamWriter out;
+		try {
+			out = streamWriterFactory.createStreamWriter(
+					writer.getOutputStream(), ctxOut);
+			out.getOutputStream().flush();
+		} catch (IOException e) {
+			logException(LOG, WARNING, e);
+			onError();
+			return;
+		}
+		// Read and recognise the tag
+		StreamContext ctxIn = recogniseTag(reader, transportId);
+		// Unrecognised tags are suspicious in this case
+		if (ctxIn == null) {
+			LOG.warning("Unrecognised tag for returning stream");
+			onError();
+			return;
+		}
+		// Check that the stream comes from the expected pending contact
+		PendingContactId inPendingContactId = ctxIn.getPendingContactId();
+		if (inPendingContactId == null) {
+			LOG.warning("Expected rendezvous tag, got contact tag");
+			onError();
+			return;
+		}
+		if (!inPendingContactId.equals(pendingContactId)) {
+			LOG.warning("Wrong pending contact ID for returning stream");
+			onError();
+			return;
+		}
+		// Close the connection if it's redundant
+		if (!connectionRegistry.registerConnection(pendingContactId)) {
+			LOG.info("Redundant rendezvous connection");
+			onError();
+			return;
+		}
+		// Handshake and exchange contacts
+		try {
+			InputStream in = streamReaderFactory.createStreamReader(
+					reader.getInputStream(), ctxIn);
+			HandshakeResult result =
+					handshakeManager.handshake(pendingContactId, in, out);
+			Contact contact = contactExchangeManager.exchangeContacts(
+					pendingContactId, connection, result.getMasterKey(),
+					result.isAlice(), false);
+			connectionRegistry.unregisterConnection(pendingContactId, true);
+			// Reuse the connection as a transport connection
+			connectionManager.manageOutgoingConnection(contact.getId(),
+					transportId, connection);
+		} catch (IOException | DbException e) {
+			logException(LOG, WARNING, e);
+			onError();
+			connectionRegistry.unregisterConnection(pendingContactId, false);
+		}
+	}
+
+	private void onError() {
+		// 'Recognised' is always true for outgoing connections
+		onError(true);
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/connection/OutgoingSimplexSyncConnection.java

@@ -0,0 +1,78 @@
+package org.briarproject.bramble.connection;
+
+import org.briarproject.bramble.api.connection.ConnectionRegistry;
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.properties.TransportPropertyManager;
+import org.briarproject.bramble.api.sync.SyncSession;
+import org.briarproject.bramble.api.sync.SyncSessionFactory;
+import org.briarproject.bramble.api.transport.KeyManager;
+import org.briarproject.bramble.api.transport.StreamContext;
+import org.briarproject.bramble.api.transport.StreamReaderFactory;
+import org.briarproject.bramble.api.transport.StreamWriter;
+import org.briarproject.bramble.api.transport.StreamWriterFactory;
+
+import java.io.IOException;
+
+import static java.util.logging.Level.WARNING;
+import static org.briarproject.bramble.api.nullsafety.NullSafety.requireNonNull;
+import static org.briarproject.bramble.util.LogUtils.logException;
+
+@NotNullByDefault
+class OutgoingSimplexSyncConnection extends SyncConnection implements Runnable {
+
+	private final ContactId contactId;
+	private final TransportId transportId;
+	private final TransportConnectionWriter writer;
+
+	OutgoingSimplexSyncConnection(KeyManager keyManager,
+			ConnectionRegistry connectionRegistry,
+			StreamReaderFactory streamReaderFactory,
+			StreamWriterFactory streamWriterFactory,
+			SyncSessionFactory syncSessionFactory,
+			TransportPropertyManager transportPropertyManager,
+			ContactId contactId, TransportId transportId,
+			TransportConnectionWriter writer) {
+		super(keyManager, connectionRegistry, streamReaderFactory,
+				streamWriterFactory, syncSessionFactory,
+				transportPropertyManager);
+		this.contactId = contactId;
+		this.transportId = transportId;
+		this.writer = writer;
+	}
+
+	@Override
+	public void run() {
+		// Allocate a stream context
+		StreamContext ctx = allocateStreamContext(contactId, transportId);
+		if (ctx == null) {
+			LOG.warning("Could not allocate stream context");
+			onError();
+			return;
+		}
+		try {
+			// Create and run the outgoing session
+			createSimplexOutgoingSession(ctx, writer).run();
+			writer.dispose(false);
+		} catch (IOException e) {
+			logException(LOG, WARNING, e);
+			onError();
+		}
+	}
+
+	private void onError() {
+		disposeOnError(writer);
+	}
+
+	private SyncSession createSimplexOutgoingSession(StreamContext ctx,
+			TransportConnectionWriter w) throws IOException {
+		StreamWriter streamWriter = streamWriterFactory.createStreamWriter(
+				w.getOutputStream(), ctx);
+		ContactId c = requireNonNull(ctx.getContactId());
+		return syncSessionFactory.createSimplexOutgoingSession(c,
+				ctx.getTransportId(), w.getMaxLatency(), streamWriter);
+	}
+}
+

bramble-core/src/main/java/org/briarproject/bramble/connection/SyncConnection.java

@@ -0,0 +1,64 @@
+package org.briarproject.bramble.connection;
+
+import org.briarproject.bramble.api.connection.ConnectionRegistry;
+import org.briarproject.bramble.api.contact.ContactId;
+import org.briarproject.bramble.api.db.DbException;
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportConnectionReader;
+import org.briarproject.bramble.api.plugin.TransportId;
+import org.briarproject.bramble.api.properties.TransportPropertyManager;
+import org.briarproject.bramble.api.sync.PriorityHandler;
+import org.briarproject.bramble.api.sync.SyncSession;
+import org.briarproject.bramble.api.sync.SyncSessionFactory;
+import org.briarproject.bramble.api.transport.KeyManager;
+import org.briarproject.bramble.api.transport.StreamContext;
+import org.briarproject.bramble.api.transport.StreamReaderFactory;
+import org.briarproject.bramble.api.transport.StreamWriterFactory;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import javax.annotation.Nullable;
+
+import static java.util.logging.Level.WARNING;
+import static org.briarproject.bramble.api.nullsafety.NullSafety.requireNonNull;
+import static org.briarproject.bramble.util.LogUtils.logException;
+
+@NotNullByDefault
+class SyncConnection extends Connection {
+
+	final SyncSessionFactory syncSessionFactory;
+	final TransportPropertyManager transportPropertyManager;
+
+	SyncConnection(KeyManager keyManager, ConnectionRegistry connectionRegistry,
+			StreamReaderFactory streamReaderFactory,
+			StreamWriterFactory streamWriterFactory,
+			SyncSessionFactory syncSessionFactory,
+			TransportPropertyManager transportPropertyManager) {
+		super(keyManager, connectionRegistry, streamReaderFactory,
+				streamWriterFactory);
+		this.syncSessionFactory = syncSessionFactory;
+		this.transportPropertyManager = transportPropertyManager;
+	}
+
+	@Nullable
+	StreamContext allocateStreamContext(ContactId contactId,
+			TransportId transportId) {
+		try {
+			return keyManager.getStreamContext(contactId, transportId);
+		} catch (DbException e) {
+			logException(LOG, WARNING, e);
+			return null;
+		}
+	}
+
+	SyncSession createIncomingSession(StreamContext ctx,
+			TransportConnectionReader r, PriorityHandler handler)
+			throws IOException {
+		InputStream streamReader = streamReaderFactory.createStreamReader(
+				r.getInputStream(), ctx);
+		ContactId c = requireNonNull(ctx.getContactId());
+		return syncSessionFactory
+				.createIncomingSession(c, streamReader, handler);
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/contact/ContactManagerImpl.java

@@ -139,7 +139,8 @@ class ContactManagerImpl implements ContactManager, EventListener {
 				pendingContactFactory.createPendingContact(link, alias);
 		Transaction txn = db.startTransaction(false);
 		try {
-			db.addPendingContact(txn, p);
+			AuthorId local = identityManager.getLocalAuthor(txn).getId();
+			db.addPendingContact(txn, p, local);
 			KeyPair ourKeyPair = identityManager.getHandshakeKeys(txn);
 			keyManager.addPendingContact(txn, p.getId(), p.getPublicKey(),
 					ourKeyPair);

bramble-core/src/main/java/org/briarproject/bramble/crypto/CryptoComponentImpl.java

@@ -7,8 +7,10 @@ import net.i2p.crypto.eddsa.KeyPairGenerator;
 import org.briarproject.bramble.api.crypto.AgreementPrivateKey;
 import org.briarproject.bramble.api.crypto.AgreementPublicKey;
 import org.briarproject.bramble.api.crypto.CryptoComponent;
+import org.briarproject.bramble.api.crypto.DecryptionException;
 import org.briarproject.bramble.api.crypto.KeyPair;
 import org.briarproject.bramble.api.crypto.KeyParser;
+import org.briarproject.bramble.api.crypto.KeyStrengthener;
 import org.briarproject.bramble.api.crypto.PrivateKey;
 import org.briarproject.bramble.api.crypto.PublicKey;
 import org.briarproject.bramble.api.crypto.SecretKey;
@@ -38,6 +40,9 @@ import static java.lang.System.arraycopy;
 import static java.util.logging.Level.INFO;
 import static org.briarproject.bramble.api.crypto.CryptoConstants.KEY_TYPE_AGREEMENT;
 import static org.briarproject.bramble.api.crypto.CryptoConstants.KEY_TYPE_SIGNATURE;
+import static org.briarproject.bramble.api.crypto.DecryptionResult.INVALID_CIPHERTEXT;
+import static org.briarproject.bramble.api.crypto.DecryptionResult.INVALID_PASSWORD;
+import static org.briarproject.bramble.api.crypto.DecryptionResult.KEY_STRENGTHENER_ERROR;
 import static org.briarproject.bramble.util.ByteUtils.INT_32_BYTES;
 import static org.briarproject.bramble.util.LogUtils.logDuration;
 import static org.briarproject.bramble.util.LogUtils.now;
@@ -51,7 +56,8 @@ class CryptoComponentImpl implements CryptoComponent {
 	private static final int SIGNATURE_KEY_PAIR_BITS = 256;
 	private static final int STORAGE_IV_BYTES = 24; // 196 bits
 	private static final int PBKDF_SALT_BYTES = 32; // 256 bits
-	private static final int PBKDF_FORMAT_SCRYPT = 0;
+	private static final byte PBKDF_FORMAT_SCRYPT = 0;
+	private static final byte PBKDF_FORMAT_SCRYPT_STRENGTHENED = 1;
 
 	private final SecureRandom secureRandom;
 	private final PasswordBasedKdf passwordBasedKdf;
@@ -311,7 +317,8 @@ class CryptoComponentImpl implements CryptoComponent {
 	}
 
 	@Override
-	public byte[] encryptWithPassword(byte[] input, String password) {
+	public byte[] encryptWithPassword(byte[] input, String password,
+			@Nullable KeyStrengthener keyStrengthener) {
 		AuthenticatedCipher cipher = new XSalsa20Poly1305AuthenticatedCipher();
 		int macBytes = cipher.getMacBytes();
 		// Generate a random salt
@@ -319,8 +326,9 @@ class CryptoComponentImpl implements CryptoComponent {
 		secureRandom.nextBytes(salt);
 		// Calibrate the KDF
 		int cost = passwordBasedKdf.chooseCostParameter();
-		// Derive the key from the password
+		// Derive the encryption key from the password
 		SecretKey key = passwordBasedKdf.deriveKey(password, salt, cost);
+		if (keyStrengthener != null) key = keyStrengthener.strengthenKey(key);
 		// Generate a random IV
 		byte[] iv = new byte[STORAGE_IV_BYTES];
 		secureRandom.nextBytes(iv);
@@ -331,7 +339,9 @@ class CryptoComponentImpl implements CryptoComponent {
 		byte[] output = new byte[outputLen];
 		int outputOff = 0;
 		// Format version
-		output[outputOff] = PBKDF_FORMAT_SCRYPT;
+		byte formatVersion = keyStrengthener == null
+				? PBKDF_FORMAT_SCRYPT : PBKDF_FORMAT_SCRYPT_STRENGTHENED;
+		output[outputOff] = formatVersion;
 		outputOff++;
 		// Salt
 		arraycopy(salt, 0, output, outputOff, salt.length);
@@ -353,21 +363,26 @@ class CryptoComponentImpl implements CryptoComponent {
 	}
 
 	@Override
-	@Nullable
-	public byte[] decryptWithPassword(byte[] input, String password) {
+	public byte[] decryptWithPassword(byte[] input, String password,
+			@Nullable KeyStrengthener keyStrengthener)
+			throws DecryptionException {
 		AuthenticatedCipher cipher = new XSalsa20Poly1305AuthenticatedCipher();
 		int macBytes = cipher.getMacBytes();
 		// The input contains the format version, salt, cost parameter, IV,
 		// ciphertext and MAC
 		if (input.length < 1 + PBKDF_SALT_BYTES + INT_32_BYTES
-				+ STORAGE_IV_BYTES + macBytes)
-			return null; // Invalid input
+				+ STORAGE_IV_BYTES + macBytes) {
+			throw new DecryptionException(INVALID_CIPHERTEXT);
+		}
 		int inputOff = 0;
 		// Format version
 		byte formatVersion = input[inputOff];
 		inputOff++;
-		if (formatVersion != PBKDF_FORMAT_SCRYPT)
-			return null; // Unknown format
+		// Check whether we support this format version
+		if (formatVersion != PBKDF_FORMAT_SCRYPT &&
+				formatVersion != PBKDF_FORMAT_SCRYPT_STRENGTHENED) {
+			throw new DecryptionException(INVALID_CIPHERTEXT);
+		}
 		// Salt
 		byte[] salt = new byte[PBKDF_SALT_BYTES];
 		arraycopy(input, inputOff, salt, 0, salt.length);
@@ -375,14 +390,22 @@ class CryptoComponentImpl implements CryptoComponent {
 		// Cost parameter
 		long cost = ByteUtils.readUint32(input, inputOff);
 		inputOff += INT_32_BYTES;
-		if (cost < 2 || cost > Integer.MAX_VALUE)
-			return null; // Invalid cost parameter
+		if (cost < 2 || cost > Integer.MAX_VALUE) {
+			throw new DecryptionException(INVALID_CIPHERTEXT);
+		}
 		// IV
 		byte[] iv = new byte[STORAGE_IV_BYTES];
 		arraycopy(input, inputOff, iv, 0, iv.length);
 		inputOff += iv.length;
-		// Derive the key from the password
+		// Derive the decryption key from the password
 		SecretKey key = passwordBasedKdf.deriveKey(password, salt, (int) cost);
+		if (formatVersion == PBKDF_FORMAT_SCRYPT_STRENGTHENED) {
+			if (keyStrengthener == null || !keyStrengthener.isInitialised()) {
+				// Can't derive the same strengthened key
+				throw new DecryptionException(KEY_STRENGTHENER_ERROR);
+			}
+			key = keyStrengthener.strengthenKey(key);
+		}
 		// Initialise the cipher
 		try {
 			cipher.init(false, key, iv);
@@ -396,10 +419,16 @@ class CryptoComponentImpl implements CryptoComponent {
 			cipher.process(input, inputOff, inputLen, output, 0);
 			return output;
 		} catch (GeneralSecurityException e) {
-			return null; // Invalid ciphertext
+			throw new DecryptionException(INVALID_PASSWORD);
 		}
 	}
 
+	@Override
+	public boolean isEncryptedWithStrengthenedKey(byte[] ciphertext) {
+		return ciphertext.length > 0 &&
+				ciphertext[0] == PBKDF_FORMAT_SCRYPT_STRENGTHENED;
+	}
+
 	@Override
 	public byte[] encryptToKey(PublicKey publicKey, byte[] plaintext) {
 		try {

bramble-core/src/main/java/org/briarproject/bramble/db/Database.java

@@ -267,6 +267,16 @@ interface Database<T> {
 	 */
 	Collection<ContactId> getContacts(T txn, AuthorId local) throws DbException;
 
+	/**
+	 * Returns the contact with the given {@code handshakePublicKey}
+	 * for the given local pseudonym or {@code null} if none exists.
+	 * <p/>
+	 * Read-only.
+	 */
+	@Nullable
+	Contact getContact(T txn, PublicKey handshakePublicKey, AuthorId local)
+			throws DbException;
+
 	/**
 	 * Returns the group with the given ID.
 	 * <p/>

bramble-core/src/main/java/org/briarproject/bramble/db/DatabaseComponentImpl.java

@@ -291,12 +291,17 @@ class DatabaseComponentImpl<T> implements DatabaseComponent {
 	}
 
 	@Override
-	public void addPendingContact(Transaction transaction, PendingContact p)
-			throws DbException {
+	public void addPendingContact(Transaction transaction, PendingContact p,
+			AuthorId local) throws DbException {
 		if (transaction.isReadOnly()) throw new IllegalArgumentException();
 		T txn = unbox(transaction);
-		if (db.containsPendingContact(txn, p.getId()))
-			throw new PendingContactExistsException();
+		Contact contact = db.getContact(txn, p.getPublicKey(), local);
+		if (contact != null)
+			throw new ContactExistsException(local, contact.getAuthor());
+		if (db.containsPendingContact(txn, p.getId())) {
+			PendingContact existing = db.getPendingContact(txn, p.getId());
+			throw new PendingContactExistsException(existing);
+		}
 		db.addPendingContact(txn, p);
 		transaction.attach(new PendingContactAddedEvent(p));
 	}

bramble-core/src/main/java/org/briarproject/bramble/db/H2Database.java

@@ -25,6 +25,7 @@ import static java.util.logging.Level.INFO;
 import static java.util.logging.Level.WARNING;
 import static java.util.logging.Logger.getLogger;
 import static org.briarproject.bramble.db.JdbcUtils.tryToClose;
+import static org.briarproject.bramble.util.IoUtils.isNonEmptyDirectory;
 import static org.briarproject.bramble.util.LogUtils.logFileOrDir;
 
 /**
@@ -69,8 +70,9 @@ class H2Database extends JdbcDatabase {
 			LOG.info("Contents of account directory before opening DB:");
 			logFileOrDir(LOG, INFO, dir.getParentFile());
 		}
-		boolean reopen = !dir.mkdirs();
+		boolean reopen = isNonEmptyDirectory(dir);
 		if (LOG.isLoggable(INFO)) LOG.info("Reopening DB: " + reopen);
+		if (!reopen && dir.mkdirs()) LOG.info("Created database directory");
 		super.open("org.h2.Driver", reopen, key, listener);
 		if (LOG.isLoggable(INFO)) {
 			LOG.info("Contents of account directory after opening DB:");

bramble-core/src/main/java/org/briarproject/bramble/db/HyperSqlDatabase.java

@@ -20,9 +20,11 @@ import java.util.logging.Logger;
 import javax.annotation.Nullable;
 import javax.inject.Inject;
 
+import static java.util.logging.Level.INFO;
 import static java.util.logging.Level.WARNING;
 import static java.util.logging.Logger.getLogger;
 import static org.briarproject.bramble.db.JdbcUtils.tryToClose;
+import static org.briarproject.bramble.util.IoUtils.isNonEmptyDirectory;
 
 /**
  * Contains all the HSQLDB-specific code for the database.
@@ -64,7 +66,10 @@ class HyperSqlDatabase extends JdbcDatabase {
 	public boolean open(SecretKey key, @Nullable MigrationListener listener)
 			throws DbException {
 		this.key = key;
-		boolean reopen = !config.getDatabaseDirectory().mkdirs();
+		File dir = config.getDatabaseDirectory();
+		boolean reopen = isNonEmptyDirectory(dir);
+		if (LOG.isLoggable(INFO)) LOG.info("Reopening DB: " + reopen);
+		if (!reopen && dir.mkdirs()) LOG.info("Created database directory");
 		super.open("org.hsqldb.jdbc.JDBCDriver", reopen, key, listener);
 		return reopen;
 	}

bramble-core/src/main/java/org/briarproject/bramble/db/JdbcDatabase.java

@@ -1465,6 +1465,47 @@ abstract class JdbcDatabase implements Database<Connection> {
 		}
 	}
 
+	@Nullable
+	@Override
+	public Contact getContact(Connection txn, PublicKey handshakePublicKey,
+			AuthorId localAuthorId) throws DbException {
+		PreparedStatement ps = null;
+		ResultSet rs = null;
+		try {
+			String sql = "SELECT contactId, authorId, formatVersion, name,"
+					+ " alias, publicKey, verified"
+					+ " FROM contacts"
+					+ " WHERE handshakePublicKey = ? AND localAuthorId = ?";
+			ps = txn.prepareStatement(sql);
+			ps.setBytes(1, handshakePublicKey.getEncoded());
+			ps.setBytes(2, localAuthorId.getBytes());
+			rs = ps.executeQuery();
+			if (!rs.next()) {
+				rs.close();
+				ps.close();
+				return null;
+			}
+			ContactId contactId = new ContactId(rs.getInt(1));
+			AuthorId authorId = new AuthorId(rs.getBytes(2));
+			int formatVersion = rs.getInt(3);
+			String name = rs.getString(4);
+			String alias = rs.getString(5);
+			PublicKey publicKey = new SignaturePublicKey(rs.getBytes(6));
+			boolean verified = rs.getBoolean(7);
+			if (rs.next()) throw new DbStateException();
+			rs.close();
+			ps.close();
+			Author author =
+					new Author(authorId, formatVersion, name, publicKey);
+			return new Contact(contactId, author, localAuthorId, alias,
+					handshakePublicKey, verified);
+		} catch (SQLException e) {
+			tryToClose(rs, LOG, WARNING);
+			tryToClose(ps, LOG, WARNING);
+			throw new DbException(e);
+		}
+	}
+
 	@Override
 	public Group getGroup(Connection txn, GroupId g) throws DbException {
 		PreparedStatement ps = null;

bramble-core/src/main/java/org/briarproject/bramble/io/IoModule.java

@@ -0,0 +1,18 @@
+package org.briarproject.bramble.io;
+
+import org.briarproject.bramble.api.io.TimeoutMonitor;
+
+import javax.inject.Singleton;
+
+import dagger.Module;
+import dagger.Provides;
+
+@Module
+public class IoModule {
+
+	@Provides
+	@Singleton
+	TimeoutMonitor provideTimeoutMonitor(TimeoutMonitorImpl timeoutMonitor) {
+		return timeoutMonitor;
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/io/TimeoutInputStream.java

@@ -0,0 +1,104 @@
+package org.briarproject.bramble.io;
+
+import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.system.Clock;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import javax.annotation.concurrent.GuardedBy;
+
+@NotNullByDefault
+class TimeoutInputStream extends InputStream {
+
+	private final Clock clock;
+	private final InputStream in;
+	private final long timeoutMs;
+	private final CloseListener listener;
+	private final Object lock = new Object();
+	@GuardedBy("lock")
+	private long readStartedMs = -1;
+
+	TimeoutInputStream(Clock clock, InputStream in, long timeoutMs,
+			CloseListener listener) {
+		this.clock = clock;
+		this.in = in;
+		this.timeoutMs = timeoutMs;
+		this.listener = listener;
+	}
+
+	@Override
+	public int read() throws IOException {
+		synchronized (lock) {
+			readStartedMs = clock.currentTimeMillis();
+		}
+		int input = in.read();
+		synchronized (lock) {
+			readStartedMs = -1;
+		}
+		return input;
+	}
+
+	@Override
+	public int read(byte[] b) throws IOException {
+		return read(b, 0, b.length);
+	}
+
+	@Override
+	public int read(byte[] b, int off, int len) throws IOException {
+		synchronized (lock) {
+			readStartedMs = clock.currentTimeMillis();
+		}
+		int read = in.read(b, off, len);
+		synchronized (lock) {
+			readStartedMs = -1;
+		}
+		return read;
+	}
+
+	@Override
+	public void close() throws IOException {
+		try {
+			in.close();
+		} finally {
+			listener.onClose(this);
+		}
+	}
+
+	@Override
+	public int available() throws IOException {
+		return in.available();
+	}
+
+	@Override
+	public void mark(int readlimit) {
+		in.mark(readlimit);
+	}
+
+	@Override
+	public boolean markSupported() {
+		return in.markSupported();
+	}
+
+	@Override
+	public void reset() throws IOException {
+		in.reset();
+	}
+
+	@Override
+	public long skip(long n) throws IOException {
+		return in.skip(n);
+	}
+
+	boolean hasTimedOut() {
+		synchronized (lock) {
+			return readStartedMs != -1 &&
+					clock.currentTimeMillis() - readStartedMs > timeoutMs;
+		}
+	}
+
+	interface CloseListener {
+
+		void onClose(TimeoutInputStream closed);
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/io/TimeoutMonitorImpl.java

@@ -0,0 +1,96 @@
+package org.briarproject.bramble.io;
+
+import org.briarproject.bramble.api.io.TimeoutMonitor;
+import org.briarproject.bramble.api.lifecycle.IoExecutor;
+import org.briarproject.bramble.api.system.Clock;
+import org.briarproject.bramble.api.system.Scheduler;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.concurrent.Executor;
+import java.util.concurrent.Future;
+import java.util.concurrent.ScheduledExecutorService;
+import java.util.logging.Logger;
+
+import javax.annotation.concurrent.GuardedBy;
+import javax.inject.Inject;
+
+import static java.util.concurrent.TimeUnit.MILLISECONDS;
+import static java.util.concurrent.TimeUnit.SECONDS;
+import static java.util.logging.Level.INFO;
+import static java.util.logging.Logger.getLogger;
+import static org.briarproject.bramble.util.LogUtils.logException;
+
+class TimeoutMonitorImpl implements TimeoutMonitor {
+
+	private static final Logger LOG =
+			getLogger(TimeoutMonitorImpl.class.getName());
+
+	private static final long CHECK_INTERVAL_MS = SECONDS.toMillis(10);
+
+	private final ScheduledExecutorService scheduler;
+	private final Executor ioExecutor;
+	private final Clock clock;
+	private final Object lock = new Object();
+	@GuardedBy("lock")
+	private final List<TimeoutInputStream> streams = new ArrayList<>();
+
+	@GuardedBy("lock")
+	private Future<?> task = null;
+
+	@Inject
+	TimeoutMonitorImpl(@Scheduler ScheduledExecutorService scheduler,
+			@IoExecutor Executor ioExecutor, Clock clock) {
+		this.scheduler = scheduler;
+		this.ioExecutor = ioExecutor;
+		this.clock = clock;
+	}
+
+	@Override
+	public InputStream createTimeoutInputStream(InputStream in,
+			long timeoutMs) {
+		TimeoutInputStream stream = new TimeoutInputStream(clock, in,
+				timeoutMs, this::removeStream);
+		synchronized (lock) {
+			if (streams.isEmpty()) {
+				task = scheduler.scheduleWithFixedDelay(this::checkTimeouts,
+						CHECK_INTERVAL_MS, CHECK_INTERVAL_MS, MILLISECONDS);
+			}
+			streams.add(stream);
+		}
+		return stream;
+	}
+
+	private void removeStream(TimeoutInputStream stream) {
+		Future<?> toCancel = null;
+		synchronized (lock) {
+			if (streams.remove(stream) && streams.isEmpty()) {
+				toCancel = task;
+				task = null;
+			}
+		}
+		if (toCancel != null) toCancel.cancel(false);
+	}
+
+	@Scheduler
+	private void checkTimeouts() {
+		ioExecutor.execute(() -> {
+			List<TimeoutInputStream> snapshot;
+			synchronized (lock) {
+				snapshot = new ArrayList<>(streams);
+			}
+			for (TimeoutInputStream stream : snapshot) {
+				if (stream.hasTimedOut()) {
+					LOG.info("Input stream has timed out");
+					try {
+						stream.close();
+					} catch (IOException e) {
+						logException(LOG, INFO, e);
+					}
+				}
+			}
+		});
+	}
+}

bramble-core/src/main/java/org/briarproject/bramble/plugin/ConnectionManagerImpl.java

@@ -1,694 +0,0 @@
-package org.briarproject.bramble.plugin;
-
-import org.briarproject.bramble.api.contact.Contact;
-import org.briarproject.bramble.api.contact.ContactExchangeManager;
-import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.contact.HandshakeManager;
-import org.briarproject.bramble.api.contact.HandshakeManager.HandshakeResult;
-import org.briarproject.bramble.api.contact.PendingContactId;
-import org.briarproject.bramble.api.db.DbException;
-import org.briarproject.bramble.api.lifecycle.IoExecutor;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.ConnectionManager;
-import org.briarproject.bramble.api.plugin.ConnectionRegistry;
-import org.briarproject.bramble.api.plugin.TransportConnectionReader;
-import org.briarproject.bramble.api.plugin.TransportConnectionWriter;
-import org.briarproject.bramble.api.plugin.TransportId;
-import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
-import org.briarproject.bramble.api.sync.SyncSession;
-import org.briarproject.bramble.api.sync.SyncSessionFactory;
-import org.briarproject.bramble.api.transport.KeyManager;
-import org.briarproject.bramble.api.transport.StreamContext;
-import org.briarproject.bramble.api.transport.StreamReaderFactory;
-import org.briarproject.bramble.api.transport.StreamWriter;
-import org.briarproject.bramble.api.transport.StreamWriterFactory;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.concurrent.Executor;
-import java.util.logging.Logger;
-
-import javax.annotation.Nullable;
-import javax.inject.Inject;
-
-import static java.util.logging.Level.WARNING;
-import static java.util.logging.Logger.getLogger;
-import static org.briarproject.bramble.api.nullsafety.NullSafety.requireNonNull;
-import static org.briarproject.bramble.api.transport.TransportConstants.TAG_LENGTH;
-import static org.briarproject.bramble.util.IoUtils.read;
-import static org.briarproject.bramble.util.LogUtils.logException;
-
-@NotNullByDefault
-class ConnectionManagerImpl implements ConnectionManager {
-
-	private static final Logger LOG =
-			getLogger(ConnectionManagerImpl.class.getName());
-
-	private final Executor ioExecutor;
-	private final KeyManager keyManager;
-	private final StreamReaderFactory streamReaderFactory;
-	private final StreamWriterFactory streamWriterFactory;
-	private final SyncSessionFactory syncSessionFactory;
-	private final HandshakeManager handshakeManager;
-	private final ContactExchangeManager contactExchangeManager;
-	private final ConnectionRegistry connectionRegistry;
-
-	@Inject
-	ConnectionManagerImpl(@IoExecutor Executor ioExecutor,
-			KeyManager keyManager, StreamReaderFactory streamReaderFactory,
-			StreamWriterFactory streamWriterFactory,
-			SyncSessionFactory syncSessionFactory,
-			HandshakeManager handshakeManager,
-			ContactExchangeManager contactExchangeManager,
-			ConnectionRegistry connectionRegistry) {
-		this.ioExecutor = ioExecutor;
-		this.keyManager = keyManager;
-		this.streamReaderFactory = streamReaderFactory;
-		this.streamWriterFactory = streamWriterFactory;
-		this.syncSessionFactory = syncSessionFactory;
-		this.handshakeManager = handshakeManager;
-		this.contactExchangeManager = contactExchangeManager;
-		this.connectionRegistry = connectionRegistry;
-	}
-
-	@Override
-	public void manageIncomingConnection(TransportId t,
-			TransportConnectionReader r) {
-		ioExecutor.execute(new ManageIncomingSimplexConnection(t, r));
-	}
-
-	@Override
-	public void manageIncomingConnection(TransportId t,
-			DuplexTransportConnection d) {
-		ioExecutor.execute(new ManageIncomingDuplexConnection(t, d));
-	}
-
-	@Override
-	public void manageIncomingConnection(PendingContactId p, TransportId t,
-			DuplexTransportConnection d) {
-		ioExecutor.execute(new ManageIncomingHandshakeConnection(p, t, d));
-	}
-
-	@Override
-	public void manageOutgoingConnection(ContactId c, TransportId t,
-			TransportConnectionWriter w) {
-		ioExecutor.execute(new ManageOutgoingSimplexConnection(c, t, w));
-	}
-
-	@Override
-	public void manageOutgoingConnection(ContactId c, TransportId t,
-			DuplexTransportConnection d) {
-		ioExecutor.execute(new ManageOutgoingDuplexConnection(c, t, d));
-	}
-
-	@Override
-	public void manageOutgoingConnection(PendingContactId p, TransportId t,
-			DuplexTransportConnection d) {
-		ioExecutor.execute(new ManageOutgoingHandshakeConnection(p, t, d));
-	}
-
-	private byte[] readTag(InputStream in) throws IOException {
-		byte[] tag = new byte[TAG_LENGTH];
-		read(in, tag);
-		return tag;
-	}
-
-	private SyncSession createIncomingSession(StreamContext ctx,
-			TransportConnectionReader r) throws IOException {
-		InputStream streamReader = streamReaderFactory.createStreamReader(
-				r.getInputStream(), ctx);
-		ContactId c = requireNonNull(ctx.getContactId());
-		return syncSessionFactory.createIncomingSession(c, streamReader);
-	}
-
-	private SyncSession createSimplexOutgoingSession(StreamContext ctx,
-			TransportConnectionWriter w) throws IOException {
-		StreamWriter streamWriter = streamWriterFactory.createStreamWriter(
-				w.getOutputStream(), ctx);
-		ContactId c = requireNonNull(ctx.getContactId());
-		return syncSessionFactory.createSimplexOutgoingSession(c,
-				w.getMaxLatency(), streamWriter);
-	}
-
-	private SyncSession createDuplexOutgoingSession(StreamContext ctx,
-			TransportConnectionWriter w) throws IOException {
-		StreamWriter streamWriter = streamWriterFactory.createStreamWriter(
-				w.getOutputStream(), ctx);
-		ContactId c = requireNonNull(ctx.getContactId());
-		return syncSessionFactory.createDuplexOutgoingSession(c,
-				w.getMaxLatency(), w.getMaxIdleTime(), streamWriter);
-	}
-
-	private void disposeOnError(TransportConnectionReader reader,
-			boolean recognised) {
-		try {
-			reader.dispose(true, recognised);
-		} catch (IOException e) {
-			logException(LOG, WARNING, e);
-		}
-	}
-
-	private void disposeOnError(TransportConnectionWriter writer) {
-		try {
-			writer.dispose(true);
-		} catch (IOException e) {
-			logException(LOG, WARNING, e);
-		}
-	}
-
-	private class ManageIncomingSimplexConnection implements Runnable {
-
-		private final TransportId transportId;
-		private final TransportConnectionReader reader;
-
-		private ManageIncomingSimplexConnection(TransportId transportId,
-				TransportConnectionReader reader) {
-			this.transportId = transportId;
-			this.reader = reader;
-		}
-
-		@Override
-		public void run() {
-			// Read and recognise the tag
-			StreamContext ctx;
-			try {
-				byte[] tag = readTag(reader.getInputStream());
-				ctx = keyManager.getStreamContext(transportId, tag);
-			} catch (IOException | DbException e) {
-				logException(LOG, WARNING, e);
-				onError(false);
-				return;
-			}
-			if (ctx == null) {
-				LOG.info("Unrecognised tag");
-				onError(false);
-				return;
-			}
-			ContactId contactId = ctx.getContactId();
-			if (contactId == null) {
-				LOG.warning("Received rendezvous stream, expected contact");
-				onError(true);
-				return;
-			}
-			if (ctx.isHandshakeMode()) {
-				// TODO: Support handshake mode for contacts
-				LOG.warning("Received handshake tag, expected rotation mode");
-				onError(true);
-				return;
-			}
-			connectionRegistry.registerConnection(contactId, transportId, true);
-			try {
-				// Create and run the incoming session
-				createIncomingSession(ctx, reader).run();
-				reader.dispose(false, true);
-			} catch (IOException e) {
-				logException(LOG, WARNING, e);
-				onError(true);
-			} finally {
-				connectionRegistry.unregisterConnection(contactId, transportId,
-						true);
-			}
-		}
-
-		private void onError(boolean recognised) {
-			disposeOnError(reader, recognised);
-		}
-	}
-
-	private class ManageOutgoingSimplexConnection implements Runnable {
-
-		private final ContactId contactId;
-		private final TransportId transportId;
-		private final TransportConnectionWriter writer;
-
-		private ManageOutgoingSimplexConnection(ContactId contactId,
-				TransportId transportId, TransportConnectionWriter writer) {
-			this.contactId = contactId;
-			this.transportId = transportId;
-			this.writer = writer;
-		}
-
-		@Override
-		public void run() {
-			// Allocate a stream context
-			StreamContext ctx;
-			try {
-				ctx = keyManager.getStreamContext(contactId, transportId);
-			} catch (DbException e) {
-				logException(LOG, WARNING, e);
-				onError();
-				return;
-			}
-			if (ctx == null) {
-				LOG.warning("Could not allocate stream context");
-				onError();
-				return;
-			}
-			connectionRegistry.registerConnection(contactId, transportId,
-					false);
-			try {
-				// Create and run the outgoing session
-				createSimplexOutgoingSession(ctx, writer).run();
-				writer.dispose(false);
-			} catch (IOException e) {
-				logException(LOG, WARNING, e);
-				onError();
-			} finally {
-				connectionRegistry.unregisterConnection(contactId, transportId,
-						false);
-			}
-		}
-
-		private void onError() {
-			disposeOnError(writer);
-		}
-	}
-
-	private class ManageIncomingDuplexConnection implements Runnable {
-
-		private final TransportId transportId;
-		private final TransportConnectionReader reader;
-		private final TransportConnectionWriter writer;
-
-		@Nullable
-		private volatile SyncSession outgoingSession = null;
-
-		private ManageIncomingDuplexConnection(TransportId transportId,
-				DuplexTransportConnection connection) {
-			this.transportId = transportId;
-			reader = connection.getReader();
-			writer = connection.getWriter();
-		}
-
-		@Override
-		public void run() {
-			// Read and recognise the tag
-			StreamContext ctx;
-			try {
-				byte[] tag = readTag(reader.getInputStream());
-				ctx = keyManager.getStreamContext(transportId, tag);
-			} catch (IOException | DbException e) {
-				logException(LOG, WARNING, e);
-				onReadError(false);
-				return;
-			}
-			if (ctx == null) {
-				LOG.info("Unrecognised tag");
-				onReadError(false);
-				return;
-			}
-			ContactId contactId = ctx.getContactId();
-			if (contactId == null) {
-				LOG.warning("Expected contact tag, got rendezvous tag");
-				onReadError(true);
-				return;
-			}
-			if (ctx.isHandshakeMode()) {
-				// TODO: Support handshake mode for contacts
-				LOG.warning("Received handshake tag, expected rotation mode");
-				onReadError(true);
-				return;
-			}
-			connectionRegistry.registerConnection(contactId, transportId, true);
-			// Start the outgoing session on another thread
-			ioExecutor.execute(() -> runOutgoingSession(contactId));
-			try {
-				// Create and run the incoming session
-				createIncomingSession(ctx, reader).run();
-				reader.dispose(false, true);
-				// Interrupt the outgoing session so it finishes cleanly
-				SyncSession out = outgoingSession;
-				if (out != null) out.interrupt();
-			} catch (IOException e) {
-				logException(LOG, WARNING, e);
-				onReadError(true);
-			} finally {
-				connectionRegistry.unregisterConnection(contactId, transportId,
-						true);
-			}
-		}
-
-		private void runOutgoingSession(ContactId contactId) {
-			// Allocate a stream context
-			StreamContext ctx;
-			try {
-				ctx = keyManager.getStreamContext(contactId, transportId);
-			} catch (DbException e) {
-				logException(LOG, WARNING, e);
-				onWriteError();
-				return;
-			}
-			if (ctx == null) {
-				LOG.warning("Could not allocate stream context");
-				onWriteError();
-				return;
-			}
-			try {
-				// Create and run the outgoing session
-				SyncSession out = createDuplexOutgoingSession(ctx, writer);
-				outgoingSession = out;
-				out.run();
-				writer.dispose(false);
-			} catch (IOException e) {
-				logException(LOG, WARNING, e);
-				onWriteError();
-			}
-		}
-
-		private void onReadError(boolean recognised) {
-			disposeOnError(reader, recognised);
-			disposeOnError(writer);
-			// Interrupt the outgoing session so it finishes
-			SyncSession out = outgoingSession;
-			if (out != null) out.interrupt();
-		}
-
-		private void onWriteError() {
-			disposeOnError(reader, true);
-			disposeOnError(writer);
-		}
-	}
-
-	private class ManageOutgoingDuplexConnection implements Runnable {
-
-		private final ContactId contactId;
-		private final TransportId transportId;
-		private final TransportConnectionReader reader;
-		private final TransportConnectionWriter writer;
-
-		@Nullable
-		private volatile SyncSession outgoingSession = null;
-
-		private ManageOutgoingDuplexConnection(ContactId contactId,
-				TransportId transportId, DuplexTransportConnection connection) {
-			this.contactId = contactId;
-			this.transportId = transportId;
-			reader = connection.getReader();
-			writer = connection.getWriter();
-		}
-
-		@Override
-		public void run() {
-			// Allocate a stream context
-			StreamContext ctx;
-			try {
-				ctx = keyManager.getStreamContext(contactId, transportId);
-			} catch (DbException e) {
-				logException(LOG, WARNING, e);
-				onWriteError();
-				return;
-			}
-			if (ctx == null) {
-				LOG.warning("Could not allocate stream context");
-				onWriteError();
-				return;
-			}
-			if (ctx.isHandshakeMode()) {
-				// TODO: Support handshake mode for contacts
-				LOG.warning("Cannot use handshake mode stream context");
-				onWriteError();
-				return;
-			}
-			// Start the incoming session on another thread
-			ioExecutor.execute(this::runIncomingSession);
-			try {
-				// Create and run the outgoing session
-				SyncSession out = createDuplexOutgoingSession(ctx, writer);
-				outgoingSession = out;
-				out.run();
-				writer.dispose(false);
-			} catch (IOException e) {
-				logException(LOG, WARNING, e);
-				onWriteError();
-			}
-		}
-
-		private void runIncomingSession() {
-			// Read and recognise the tag
-			StreamContext ctx;
-			try {
-				byte[] tag = readTag(reader.getInputStream());
-				ctx = keyManager.getStreamContext(transportId, tag);
-			} catch (IOException | DbException e) {
-				logException(LOG, WARNING, e);
-				onReadError();
-				return;
-			}
-			// Unrecognised tags are suspicious in this case
-			if (ctx == null) {
-				LOG.warning("Unrecognised tag for returning stream");
-				onReadError();
-				return;
-			}
-			// Check that the stream comes from the expected contact
-			ContactId inContactId = ctx.getContactId();
-			if (inContactId == null) {
-				LOG.warning("Expected contact tag, got rendezvous tag");
-				onReadError();
-				return;
-			}
-			if (!contactId.equals(inContactId)) {
-				LOG.warning("Wrong contact ID for returning stream");
-				onReadError();
-				return;
-			}
-			if (ctx.isHandshakeMode()) {
-				// TODO: Support handshake mode for contacts
-				LOG.warning("Received handshake tag, expected rotation mode");
-				onReadError();
-				return;
-			}
-			connectionRegistry.registerConnection(contactId, transportId,
-					false);
-			try {
-				// Create and run the incoming session
-				createIncomingSession(ctx, reader).run();
-				reader.dispose(false, true);
-				// Interrupt the outgoing session so it finishes cleanly
-				SyncSession out = outgoingSession;
-				if (out != null) out.interrupt();
-			} catch (IOException e) {
-				logException(LOG, WARNING, e);
-				onReadError();
-			} finally {
-				connectionRegistry.unregisterConnection(contactId, transportId,
-						false);
-			}
-		}
-
-		private void onReadError() {
-			// 'Recognised' is always true for outgoing connections
-			disposeOnError(reader, true);
-			disposeOnError(writer);
-			// Interrupt the outgoing session so it finishes
-			SyncSession out = outgoingSession;
-			if (out != null) out.interrupt();
-		}
-
-		private void onWriteError() {
-			disposeOnError(reader, true);
-			disposeOnError(writer);
-		}
-	}
-
-	private class ManageIncomingHandshakeConnection implements Runnable {
-
-		private final PendingContactId pendingContactId;
-		private final TransportId transportId;
-		private final DuplexTransportConnection connection;
-		private final TransportConnectionReader reader;
-		private final TransportConnectionWriter writer;
-
-		private ManageIncomingHandshakeConnection(
-				PendingContactId pendingContactId, TransportId transportId,
-				DuplexTransportConnection connection) {
-			this.pendingContactId = pendingContactId;
-			this.transportId = transportId;
-			this.connection = connection;
-			reader = connection.getReader();
-			writer = connection.getWriter();
-		}
-
-		@Override
-		public void run() {
-			// Read and recognise the tag
-			StreamContext ctxIn;
-			try {
-				byte[] tag = readTag(reader.getInputStream());
-				ctxIn = keyManager.getStreamContext(transportId, tag);
-			} catch (IOException | DbException e) {
-				logException(LOG, WARNING, e);
-				onError(false);
-				return;
-			}
-			if (ctxIn == null) {
-				LOG.info("Unrecognised tag");
-				onError(false);
-				return;
-			}
-			PendingContactId inPendingContactId = ctxIn.getPendingContactId();
-			if (inPendingContactId == null) {
-				LOG.warning("Expected rendezvous tag, got contact tag");
-				onError(true);
-				return;
-			}
-			// Allocate the outgoing stream context
-			StreamContext ctxOut;
-			try {
-				ctxOut = keyManager.getStreamContext(pendingContactId,
-						transportId);
-			} catch (DbException e) {
-				logException(LOG, WARNING, e);
-				onError(true);
-				return;
-			}
-			if (ctxOut == null) {
-				LOG.warning("Could not allocate stream context");
-				onError(true);
-				return;
-			}
-			// Close the connection if it's redundant
-			if (!connectionRegistry.registerConnection(pendingContactId)) {
-				LOG.info("Redundant rendezvous connection");
-				onError(true);
-				return;
-			}
-			// Handshake and exchange contacts
-			try {
-				InputStream in = streamReaderFactory.createStreamReader(
-						reader.getInputStream(), ctxIn);
-				// Flush the output stream to send the outgoing stream header
-				StreamWriter out = streamWriterFactory.createStreamWriter(
-						writer.getOutputStream(), ctxOut);
-				out.getOutputStream().flush();
-				HandshakeResult result = handshakeManager.handshake(
-						pendingContactId, in, out);
-				Contact contact = contactExchangeManager.exchangeContacts(
-						pendingContactId, connection, result.getMasterKey(),
-						result.isAlice(), false);
-				connectionRegistry.unregisterConnection(pendingContactId, true);
-				// Reuse the connection as a transport connection
-				manageOutgoingConnection(contact.getId(), transportId,
-						connection);
-			} catch (IOException | DbException e) {
-				logException(LOG, WARNING, e);
-				onError(true);
-				connectionRegistry.unregisterConnection(pendingContactId,
-						false);
-			}
-		}
-
-		private void onError(boolean recognised) {
-			disposeOnError(reader, recognised);
-			disposeOnError(writer);
-		}
-	}
-
-	private class ManageOutgoingHandshakeConnection implements Runnable {
-
-		private final PendingContactId pendingContactId;
-		private final TransportId transportId;
-		private final DuplexTransportConnection connection;
-		private final TransportConnectionReader reader;
-		private final TransportConnectionWriter writer;
-
-		private ManageOutgoingHandshakeConnection(
-				PendingContactId pendingContactId, TransportId transportId,
-				DuplexTransportConnection connection) {
-			this.pendingContactId = pendingContactId;
-			this.transportId = transportId;
-			this.connection = connection;
-			reader = connection.getReader();
-			writer = connection.getWriter();
-		}
-
-		@Override
-		public void run() {
-			// Allocate the outgoing stream context
-			StreamContext ctxOut;
-			try {
-				ctxOut = keyManager.getStreamContext(pendingContactId,
-						transportId);
-			} catch (DbException e) {
-				logException(LOG, WARNING, e);
-				onError();
-				return;
-			}
-			if (ctxOut == null) {
-				LOG.warning("Could not allocate stream context");
-				onError();
-				return;
-			}
-			// Flush the output stream to send the outgoing stream header
-			StreamWriter out;
-			try {
-				out = streamWriterFactory.createStreamWriter(
-						writer.getOutputStream(), ctxOut);
-				out.getOutputStream().flush();
-			} catch (IOException e) {
-				logException(LOG, WARNING, e);
-				onError();
-				return;
-			}
-			// Read and recognise the tag
-			StreamContext ctxIn;
-			try {
-				byte[] tag = readTag(reader.getInputStream());
-				ctxIn = keyManager.getStreamContext(transportId, tag);
-			} catch (IOException | DbException e) {
-				logException(LOG, WARNING, e);
-				onError();
-				return;
-			}
-			// Unrecognised tags are suspicious in this case
-			if (ctxIn == null) {
-				LOG.warning("Unrecognised tag for returning stream");
-				onError();
-				return;
-			}
-			// Check that the stream comes from the expected pending contact
-			PendingContactId inPendingContactId = ctxIn.getPendingContactId();
-			if (inPendingContactId == null) {
-				LOG.warning("Expected rendezvous tag, got contact tag");
-				onError();
-				return;
-			}
-			if (!inPendingContactId.equals(pendingContactId)) {
-				LOG.warning("Wrong pending contact ID for returning stream");
-				onError();
-				return;
-			}
-			// Close the connection if it's redundant
-			if (!connectionRegistry.registerConnection(pendingContactId)) {
-				LOG.info("Redundant rendezvous connection");
-				onError();
-				return;
-			}
-			// Handshake and exchange contacts
-			try {
-				InputStream in = streamReaderFactory.createStreamReader(
-						reader.getInputStream(), ctxIn);
-				HandshakeResult result = handshakeManager.handshake(
-						pendingContactId, in, out);
-				Contact contact = contactExchangeManager.exchangeContacts(
-						pendingContactId, connection, result.getMasterKey(),
-						result.isAlice(), false);
-				connectionRegistry.unregisterConnection(pendingContactId, true);
-				// Reuse the connection as a transport connection
-				manageOutgoingConnection(contact.getId(), transportId,
-						connection);
-			} catch (IOException | DbException e) {
-				logException(LOG, WARNING, e);
-				onError();
-				connectionRegistry.unregisterConnection(pendingContactId,
-						false);
-			}
-		}
-
-		private void onError() {
-			// 'Recognised' is always true for outgoing connections
-			disposeOnError(reader, true);
-			disposeOnError(writer);
-		}
-	}
-}

bramble-core/src/main/java/org/briarproject/bramble/plugin/ConnectionRegistryImpl.java

@@ -1,150 +0,0 @@
-package org.briarproject.bramble.plugin;
-
-import org.briarproject.bramble.api.Multiset;
-import org.briarproject.bramble.api.contact.ContactId;
-import org.briarproject.bramble.api.contact.PendingContactId;
-import org.briarproject.bramble.api.event.EventBus;
-import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.ConnectionRegistry;
-import org.briarproject.bramble.api.plugin.TransportId;
-import org.briarproject.bramble.api.plugin.event.ConnectionClosedEvent;
-import org.briarproject.bramble.api.plugin.event.ConnectionOpenedEvent;
-import org.briarproject.bramble.api.plugin.event.ContactConnectedEvent;
-import org.briarproject.bramble.api.plugin.event.ContactDisconnectedEvent;
-import org.briarproject.bramble.api.rendezvous.event.RendezvousConnectionClosedEvent;
-import org.briarproject.bramble.api.rendezvous.event.RendezvousConnectionOpenedEvent;
-
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.logging.Logger;
-
-import javax.annotation.concurrent.GuardedBy;
-import javax.annotation.concurrent.ThreadSafe;
-import javax.inject.Inject;
-
-import static java.util.logging.Level.INFO;
-import static java.util.logging.Logger.getLogger;
-
-@ThreadSafe
-@NotNullByDefault
-class ConnectionRegistryImpl implements ConnectionRegistry {
-
-	private static final Logger LOG =
-			getLogger(ConnectionRegistryImpl.class.getName());
-
-	private final EventBus eventBus;
-
-	private final Object lock = new Object();
-	@GuardedBy("lock")
-	private final Map<TransportId, Multiset<ContactId>> contactConnections;
-	@GuardedBy("lock")
-	private final Multiset<ContactId> contactCounts;
-	@GuardedBy("lock")
-	private final Set<PendingContactId> connectedPendingContacts;
-
-	@Inject
-	ConnectionRegistryImpl(EventBus eventBus) {
-		this.eventBus = eventBus;
-		contactConnections = new HashMap<>();
-		contactCounts = new Multiset<>();
-		connectedPendingContacts = new HashSet<>();
-	}
-
-	@Override
-	public void registerConnection(ContactId c, TransportId t,
-			boolean incoming) {
-		if (LOG.isLoggable(INFO)) {
-			if (incoming) LOG.info("Incoming connection registered: " + t);
-			else LOG.info("Outgoing connection registered: " + t);
-		}
-		boolean firstConnection = false;
-		synchronized (lock) {
-			Multiset<ContactId> m = contactConnections.get(t);
-			if (m == null) {
-				m = new Multiset<>();
-				contactConnections.put(t, m);
-			}
-			m.add(c);
-			if (contactCounts.add(c) == 1) firstConnection = true;
-		}
-		eventBus.broadcast(new ConnectionOpenedEvent(c, t, incoming));
-		if (firstConnection) {
-			LOG.info("Contact connected");
-			eventBus.broadcast(new ContactConnectedEvent(c));
-		}
-	}
-
-	@Override
-	public void unregisterConnection(ContactId c, TransportId t,
-			boolean incoming) {
-		if (LOG.isLoggable(INFO)) {
-			if (incoming) LOG.info("Incoming connection unregistered: " + t);
-			else LOG.info("Outgoing connection unregistered: " + t);
-		}
-		boolean lastConnection = false;
-		synchronized (lock) {
-			Multiset<ContactId> m = contactConnections.get(t);
-			if (m == null || !m.contains(c))
-				throw new IllegalArgumentException();
-			m.remove(c);
-			if (contactCounts.remove(c) == 0) lastConnection = true;
-		}
-		eventBus.broadcast(new ConnectionClosedEvent(c, t, incoming));
-		if (lastConnection) {
-			LOG.info("Contact disconnected");
-			eventBus.broadcast(new ContactDisconnectedEvent(c));
-		}
-	}
-
-	@Override
-	public Collection<ContactId> getConnectedContacts(TransportId t) {
-		synchronized (lock) {
-			Multiset<ContactId> m = contactConnections.get(t);
-			if (m == null) return Collections.emptyList();
-			List<ContactId> ids = new ArrayList<>(m.keySet());
-			if (LOG.isLoggable(INFO))
-				LOG.info(ids.size() + " contacts connected: " + t);
-			return ids;
-		}
-	}
-
-	@Override
-	public boolean isConnected(ContactId c, TransportId t) {
-		synchronized (lock) {
-			Multiset<ContactId> m = contactConnections.get(t);
-			return m != null && m.contains(c);
-		}
-	}
-
-	@Override
-	public boolean isConnected(ContactId c) {
-		synchronized (lock) {
-			return contactCounts.contains(c);
-		}
-	}
-
-	@Override
-	public boolean registerConnection(PendingContactId p) {
-		boolean added;
-		synchronized (lock) {
-			added = connectedPendingContacts.add(p);
-		}
-		if (added) eventBus.broadcast(new RendezvousConnectionOpenedEvent(p));
-		return added;
-	}
-
-	@Override
-	public void unregisterConnection(PendingContactId p, boolean success) {
-		synchronized (lock) {
-			if (!connectedPendingContacts.remove(p))
-				throw new IllegalArgumentException();
-		}
-		eventBus.broadcast(new RendezvousConnectionClosedEvent(p, success));
-	}
-}

bramble-core/src/main/java/org/briarproject/bramble/plugin/PluginManagerImpl.java

@@ -1,12 +1,12 @@
 package org.briarproject.bramble.plugin;
 
+import org.briarproject.bramble.api.connection.ConnectionManager;
 import org.briarproject.bramble.api.db.DbException;
 import org.briarproject.bramble.api.event.EventBus;
 import org.briarproject.bramble.api.lifecycle.IoExecutor;
 import org.briarproject.bramble.api.lifecycle.Service;
 import org.briarproject.bramble.api.lifecycle.ServiceException;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
-import org.briarproject.bramble.api.plugin.ConnectionManager;
 import org.briarproject.bramble.api.plugin.Plugin;
 import org.briarproject.bramble.api.plugin.PluginCallback;
 import org.briarproject.bramble.api.plugin.PluginConfig;

bramble-core/src/main/java/org/briarproject/bramble/plugin/PluginModule.java

@@ -3,8 +3,6 @@ package org.briarproject.bramble.plugin;
 import org.briarproject.bramble.api.event.EventBus;
 import org.briarproject.bramble.api.lifecycle.LifecycleManager;
 import org.briarproject.bramble.api.plugin.BackoffFactory;
-import org.briarproject.bramble.api.plugin.ConnectionManager;
-import org.briarproject.bramble.api.plugin.ConnectionRegistry;
 import org.briarproject.bramble.api.plugin.PluginConfig;
 import org.briarproject.bramble.api.plugin.PluginManager;
 
@@ -29,20 +27,6 @@ public class PluginModule {
 		return new BackoffFactoryImpl();
 	}
 
-	@Provides
-	@Singleton
-	ConnectionManager provideConnectionManager(
-			ConnectionManagerImpl connectionManager) {
-		return connectionManager;
-	}
-
-	@Provides
-	@Singleton
-	ConnectionRegistry provideConnectionRegistry(
-			ConnectionRegistryImpl connectionRegistry) {
-		return connectionRegistry;
-	}
-
 	@Provides
 	@Singleton
 	PluginManager providePluginManager(LifecycleManager lifecycleManager,

bramble-core/src/main/java/org/briarproject/bramble/plugin/PollerImpl.java

@@ -1,6 +1,8 @@
 package org.briarproject.bramble.plugin;
 
 import org.briarproject.bramble.api.Pair;
+import org.briarproject.bramble.api.connection.ConnectionManager;
+import org.briarproject.bramble.api.connection.ConnectionRegistry;
 import org.briarproject.bramble.api.contact.ContactId;
 import org.briarproject.bramble.api.contact.event.ContactAddedEvent;
 import org.briarproject.bramble.api.db.DbException;
@@ -9,8 +11,6 @@ import org.briarproject.bramble.api.event.EventListener;
 import org.briarproject.bramble.api.lifecycle.IoExecutor;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.ConnectionHandler;
-import org.briarproject.bramble.api.plugin.ConnectionManager;
-import org.briarproject.bramble.api.plugin.ConnectionRegistry;
 import org.briarproject.bramble.api.plugin.Plugin;
 import org.briarproject.bramble.api.plugin.PluginManager;
 import org.briarproject.bramble.api.plugin.TransportConnectionReader;
@@ -98,8 +98,8 @@ class PollerImpl implements Poller, EventListener {
 			ConnectionClosedEvent c = (ConnectionClosedEvent) e;
 			// Reschedule polling, the polling interval may have decreased
 			reschedule(c.getTransportId());
-			if (!c.isIncoming()) {
-				// Connect to the disconnected contact
+			// If an outgoing connection failed, try to reconnect
+			if (!c.isIncoming() && c.isException()) {
 				connectToContact(c.getContactId(), c.getTransportId());
 			}
 		} else if (e instanceof ConnectionOpenedEvent) {
@@ -215,7 +215,7 @@ class PollerImpl implements Poller, EventListener {
 			Map<ContactId, TransportProperties> remote =
 					transportPropertyManager.getRemoteProperties(t);
 			Collection<ContactId> connected =
-					connectionRegistry.getConnectedContacts(t);
+					connectionRegistry.getConnectedOrBetterContacts(t);
 			Collection<Pair<TransportProperties, ConnectionHandler>>
 					properties = new ArrayList<>();
 			for (Entry<ContactId, TransportProperties> e : remote.entrySet()) {

bramble-core/src/main/java/org/briarproject/bramble/plugin/bluetooth/BluetoothConnectionLimiter.java

@@ -3,9 +3,16 @@ package org.briarproject.bramble.plugin.bluetooth;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
 
+import static java.util.concurrent.TimeUnit.SECONDS;
+
 @NotNullByDefault
 interface BluetoothConnectionLimiter {
 
+	/**
+	 * How long a connection must remain open before it's considered stable.
+	 */
+	long STABILITY_PERIOD_MS = SECONDS.toMillis(90);
+
 	/**
 	 * Informs the limiter that key agreement has started.
 	 */
@@ -23,17 +30,9 @@ interface BluetoothConnectionLimiter {
 	boolean canOpenContactConnection();
 
 	/**
-	 * Informs the limiter that a contact connection has been opened. The
-	 * limiter may close the new connection if key agreement is in progress.
-	 * <p/>
-	 * Returns false if the limiter has closed the new connection.
+	 * Informs the limiter that the given connection has been opened.
 	 */
-	boolean contactConnectionOpened(DuplexTransportConnection conn);
-
-	/**
-	 * Informs the limiter that a key agreement connection has been opened.
-	 */
-	void keyAgreementConnectionOpened(DuplexTransportConnection conn);
+	void connectionOpened(DuplexTransportConnection conn);
 
 	/**
 	 * Informs the limiter that the given connection has been closed.

bramble-core/src/main/java/org/briarproject/bramble/plugin/bluetooth/BluetoothConnectionLimiterImpl.java

@@ -1,46 +1,53 @@
 package org.briarproject.bramble.plugin.bluetooth;
 
+import org.briarproject.bramble.api.event.EventBus;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.duplex.DuplexTransportConnection;
+import org.briarproject.bramble.api.sync.event.CloseSyncConnectionsEvent;
+import org.briarproject.bramble.api.system.Clock;
 
-import java.io.IOException;
-import java.util.ArrayList;
+import java.util.Iterator;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.logging.Logger;
 
+import javax.annotation.concurrent.GuardedBy;
 import javax.annotation.concurrent.ThreadSafe;
 
 import static java.util.logging.Level.INFO;
-import static java.util.logging.Level.WARNING;
-import static org.briarproject.bramble.util.LogUtils.logException;
+import static java.util.logging.Logger.getLogger;
+import static org.briarproject.bramble.api.plugin.BluetoothConstants.ID;
 
 @NotNullByDefault
 @ThreadSafe
 class BluetoothConnectionLimiterImpl implements BluetoothConnectionLimiter {
 
 	private static final Logger LOG =
-			Logger.getLogger(BluetoothConnectionLimiterImpl.class.getName());
+			getLogger(BluetoothConnectionLimiterImpl.class.getName());
+
+	private final EventBus eventBus;
+	private final Clock clock;
 
 	private final Object lock = new Object();
-	// The following are locking: lock
-	private final LinkedList<DuplexTransportConnection> connections =
-			new LinkedList<>();
+	@GuardedBy("lock")
+	private final List<ConnectionRecord> connections = new LinkedList<>();
+	@GuardedBy("lock")
 	private boolean keyAgreementInProgress = false;
+	@GuardedBy("lock")
+	private int connectionLimit = 2;
+
+	BluetoothConnectionLimiterImpl(EventBus eventBus, Clock clock) {
+		this.eventBus = eventBus;
+		this.clock = clock;
+	}
 
 	@Override
 	public void keyAgreementStarted() {
-		List<DuplexTransportConnection> close;
 		synchronized (lock) {
 			keyAgreementInProgress = true;
-			close = new ArrayList<>(connections);
-			connections.clear();
 		}
-		if (LOG.isLoggable(INFO)) {
-			LOG.info("Key agreement started, closing " + close.size() +
-					" connections");
-		}
-		for (DuplexTransportConnection conn : close) tryToClose(conn);
+		LOG.info("Key agreement started");
+		eventBus.broadcast(new CloseSyncConnectionsEvent(ID));
 	}
 
 	@Override
@@ -57,60 +64,81 @@ class BluetoothConnectionLimiterImpl implements BluetoothConnectionLimiter {
 			if (keyAgreementInProgress) {
 				LOG.info("Can't open contact connection during key agreement");
 				return false;
-			} else {
+			}
+			long now = clock.currentTimeMillis();
+			countStableConnections(now);
+			if (connections.size() < connectionLimit) {
 				LOG.info("Can open contact connection");
 				return true;
-			}
-		}
-	}
-
-	@Override
-	public boolean contactConnectionOpened(DuplexTransportConnection conn) {
-		boolean accept = true;
-		synchronized (lock) {
-			if (keyAgreementInProgress) {
-				LOG.info("Refusing contact connection during key agreement");
-				accept = false;
 			} else {
-				LOG.info("Accepting contact connection");
-				connections.add(conn);
+				LOG.info("Can't open contact connection due to limit");
+				return false;
 			}
 		}
-		if (!accept) tryToClose(conn);
-		return accept;
 	}
 
 	@Override
-	public void keyAgreementConnectionOpened(DuplexTransportConnection conn) {
+	public void connectionOpened(DuplexTransportConnection conn) {
 		synchronized (lock) {
-			LOG.info("Accepting key agreement connection");
-			connections.add(conn);
-		}
-	}
-
-	private void tryToClose(DuplexTransportConnection conn) {
-		try {
-			conn.getWriter().dispose(false);
-			conn.getReader().dispose(false, false);
-		} catch (IOException e) {
-			logException(LOG, WARNING, e);
+			long now = clock.currentTimeMillis();
+			countStableConnections(now);
+			connections.add(new ConnectionRecord(conn, now));
+			if (LOG.isLoggable(INFO)) {
+				LOG.info("Connection opened, " + connections.size() + " open");
+			}
 		}
 	}
 
 	@Override
 	public void connectionClosed(DuplexTransportConnection conn) {
 		synchronized (lock) {
-			connections.remove(conn);
-			if (LOG.isLoggable(INFO))
+			countStableConnections(clock.currentTimeMillis());
+			Iterator<ConnectionRecord> it = connections.iterator();
+			while (it.hasNext()) {
+				if (it.next().conn == conn) {
+					it.remove();
+					break;
+				}
+			}
+			if (LOG.isLoggable(INFO)) {
 				LOG.info("Connection closed, " + connections.size() + " open");
+			}
 		}
 	}
 
 	@Override
 	public void allConnectionsClosed() {
 		synchronized (lock) {
+			long now = clock.currentTimeMillis();
+			countStableConnections(now);
 			connections.clear();
 			LOG.info("All connections closed");
 		}
 	}
+
+	@GuardedBy("lock")
+	private void countStableConnections(long now) {
+		int stable = 0;
+		for (ConnectionRecord rec : connections) {
+			if (now - rec.timeOpened >= STABILITY_PERIOD_MS) stable++;
+		}
+		if (stable > connectionLimit) {
+			connectionLimit = stable;
+			if (LOG.isLoggable(INFO)) {
+				LOG.info("Raising connection limit to " + connectionLimit);
+			}
+		}
+	}
+
+	private static class ConnectionRecord {
+
+		private final DuplexTransportConnection conn;
+		private final long timeOpened;
+
+		private ConnectionRecord(DuplexTransportConnection conn,
+				long timeOpened) {
+			this.conn = conn;
+			this.timeOpened = timeOpened;
+		}
+	}
 }

bramble-core/src/main/java/org/briarproject/bramble/plugin/bluetooth/BluetoothPlugin.java

@@ -5,6 +5,7 @@ import org.briarproject.bramble.api.Pair;
 import org.briarproject.bramble.api.data.BdfList;
 import org.briarproject.bramble.api.event.Event;
 import org.briarproject.bramble.api.event.EventListener;
+import org.briarproject.bramble.api.io.TimeoutMonitor;
 import org.briarproject.bramble.api.keyagreement.KeyAgreementConnection;
 import org.briarproject.bramble.api.keyagreement.KeyAgreementListener;
 import org.briarproject.bramble.api.keyagreement.event.KeyAgreementListeningEvent;
@@ -60,12 +61,13 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 			getLogger(BluetoothPlugin.class.getName());
 
 	final BluetoothConnectionLimiter connectionLimiter;
+	final TimeoutMonitor timeoutMonitor;
 
 	private final Executor ioExecutor;
 	private final SecureRandom secureRandom;
 	private final Backoff backoff;
 	private final PluginCallback callback;
-	private final int maxLatency;
+	private final int maxLatency, maxIdleTime;
 	private final AtomicBoolean used = new AtomicBoolean(false);
 
 	private volatile boolean running = false, contactConnections = false;
@@ -105,14 +107,17 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 	abstract DuplexTransportConnection discoverAndConnect(String uuid);
 
 	BluetoothPlugin(BluetoothConnectionLimiter connectionLimiter,
-			Executor ioExecutor, SecureRandom secureRandom,
-			Backoff backoff, PluginCallback callback, int maxLatency) {
+			TimeoutMonitor timeoutMonitor, Executor ioExecutor,
+			SecureRandom secureRandom, Backoff backoff,
+			PluginCallback callback, int maxLatency, int maxIdleTime) {
 		this.connectionLimiter = connectionLimiter;
+		this.timeoutMonitor = timeoutMonitor;
 		this.ioExecutor = ioExecutor;
 		this.secureRandom = secureRandom;
 		this.backoff = backoff;
 		this.callback = callback;
 		this.maxLatency = maxLatency;
+		this.maxIdleTime = maxIdleTime;
 	}
 
 	void onAdapterEnabled() {
@@ -141,8 +146,7 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 
 	@Override
 	public int getMaxIdleTime() {
-		// Bluetooth detects dead connections so we don't need keepalives
-		return Integer.MAX_VALUE;
+		return maxIdleTime;
 	}
 
 	@Override
@@ -227,9 +231,10 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 				if (LOG.isLoggable(INFO)) LOG.info(e.toString());
 				return;
 			}
+			LOG.info("Connection received");
+			connectionLimiter.connectionOpened(conn);
 			backoff.reset();
-			if (connectionLimiter.contactConnectionOpened(conn))
-				callback.handleConnection(conn);
+			callback.handleConnection(conn);
 			if (!running) return;
 		}
 	}
@@ -273,13 +278,10 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 		String uuid = p.get(PROP_UUID);
 		if (isNullOrEmpty(uuid)) return;
 		ioExecutor.execute(() -> {
-			if (!isRunning() || !shouldAllowContactConnections()) return;
-			if (!connectionLimiter.canOpenContactConnection()) return;
 			DuplexTransportConnection d = createConnection(p);
 			if (d != null) {
 				backoff.reset();
-				if (connectionLimiter.contactConnectionOpened(d))
-					h.handleConnection(d);
+				h.handleConnection(d);
 			}
 		});
 	}
@@ -324,9 +326,8 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 		String uuid = p.get(PROP_UUID);
 		if (isNullOrEmpty(uuid)) return null;
 		DuplexTransportConnection conn = connect(address, uuid);
-		if (conn == null) return null;
-		// TODO: Why don't we reset the backoff here?
-		return connectionLimiter.contactConnectionOpened(conn) ? conn : null;
+		if (conn != null) connectionLimiter.connectionOpened(conn);
+		return conn;
 	}
 
 	@Override
@@ -382,7 +383,7 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 				LOG.info("Connecting to key agreement UUID " + uuid);
 			conn = connect(address, uuid);
 		}
-		if (conn != null) connectionLimiter.keyAgreementConnectionOpened(conn);
+		if (conn != null) connectionLimiter.connectionOpened(conn);
 		return conn;
 	}
 
@@ -451,7 +452,7 @@ abstract class BluetoothPlugin<SS> implements DuplexPlugin, EventListener {
 		public KeyAgreementConnection accept() throws IOException {
 			DuplexTransportConnection conn = acceptConnection(ss);
 			if (LOG.isLoggable(INFO)) LOG.info(ID + ": Incoming connection");
-			connectionLimiter.keyAgreementConnectionOpened(conn);
+			connectionLimiter.connectionOpened(conn);
 			return new KeyAgreementConnection(conn, ID);
 		}
 

bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/LanTcpPlugin.java

@@ -17,18 +17,20 @@ import java.io.IOException;
 import java.net.Inet4Address;
 import java.net.InetAddress;
 import java.net.InetSocketAddress;
+import java.net.InterfaceAddress;
 import java.net.ServerSocket;
 import java.net.Socket;
-import java.net.SocketAddress;
 import java.net.UnknownHostException;
 import java.util.ArrayList;
-import java.util.Comparator;
 import java.util.List;
+import java.util.Random;
 import java.util.concurrent.Executor;
 import java.util.logging.Logger;
 
+import javax.annotation.Nullable;
+
+import static java.lang.Integer.parseInt;
 import static java.util.Collections.addAll;
-import static java.util.Collections.emptyList;
 import static java.util.Collections.sort;
 import static java.util.logging.Level.INFO;
 import static java.util.logging.Level.WARNING;
@@ -37,6 +39,7 @@ import static org.briarproject.bramble.api.keyagreement.KeyAgreementConstants.TR
 import static org.briarproject.bramble.api.plugin.LanTcpConstants.ID;
 import static org.briarproject.bramble.api.plugin.LanTcpConstants.PREF_LAN_IP_PORTS;
 import static org.briarproject.bramble.api.plugin.LanTcpConstants.PROP_IP_PORTS;
+import static org.briarproject.bramble.api.plugin.LanTcpConstants.PROP_PORT;
 import static org.briarproject.bramble.util.ByteUtils.MAX_16_BIT_UNSIGNED;
 import static org.briarproject.bramble.util.PrivacyUtils.scrubSocketAddress;
 import static org.briarproject.bramble.util.StringUtils.isNullOrEmpty;
@@ -47,15 +50,36 @@ class LanTcpPlugin extends TcpPlugin {
 
 	private static final Logger LOG = getLogger(LanTcpPlugin.class.getName());
 
-	private static final LanAddressComparator ADDRESS_COMPARATOR =
-			new LanAddressComparator();
-
 	private static final int MAX_ADDRESSES = 4;
 	private static final String SEPARATOR = ",";
 
+	/**
+	 * The IP address of an Android device providing a wifi access point.
+	 */
+	protected static final InetAddress WIFI_AP_ADDRESS;
+
+	/**
+	 * The IP address of an Android device providing a wifi direct
+	 * legacy mode access point.
+	 */
+	protected static final InetAddress WIFI_DIRECT_AP_ADDRESS;
+
+	static {
+		try {
+			WIFI_AP_ADDRESS = InetAddress.getByAddress(
+					new byte[] {(byte) 192, (byte) 168, 43, 1});
+			WIFI_DIRECT_AP_ADDRESS = InetAddress.getByAddress(
+					new byte[] {(byte) 192, (byte) 168, 49, 1});
+		} catch (UnknownHostException e) {
+			// Should only be thrown if the address has an illegal length
+			throw new AssertionError(e);
+		}
+	}
+
 	LanTcpPlugin(Executor ioExecutor, Backoff backoff, PluginCallback callback,
-			int maxLatency, int maxIdleTime) {
-		super(ioExecutor, backoff, callback, maxLatency, maxIdleTime);
+			int maxLatency, int maxIdleTime, int connectionTimeout) {
+		super(ioExecutor, backoff, callback, maxLatency, maxIdleTime,
+				connectionTimeout);
 	}
 
 	@Override
@@ -64,37 +88,81 @@ class LanTcpPlugin extends TcpPlugin {
 	}
 
 	@Override
-	protected List<InetSocketAddress> getLocalSocketAddresses() {
-		// Use the same address and port as last time if available
+	public void start() {
+		if (used.getAndSet(true)) throw new IllegalStateException();
+		initialisePortProperty();
+		running = true;
+		bind();
+	}
+
+	protected void initialisePortProperty() {
 		TransportProperties p = callback.getLocalProperties();
+		if (isNullOrEmpty(p.get(PROP_PORT))) {
+			int port = new Random().nextInt(32768) + 32768;
+			p.put(PROP_PORT, String.valueOf(port));
+			callback.mergeLocalProperties(p);
+		}
+	}
+
+	@Override
+	protected List<InetSocketAddress> getLocalSocketAddresses() {
+		TransportProperties p = callback.getLocalProperties();
+		int preferredPort = parsePortProperty(p.get(PROP_PORT));
 		String oldIpPorts = p.get(PROP_IP_PORTS);
 		List<InetSocketAddress> olds = parseSocketAddresses(oldIpPorts);
+
 		List<InetSocketAddress> locals = new ArrayList<>();
-		for (InetAddress local : getLocalIpAddresses()) {
-			if (isAcceptableAddress(local)) {
-				// If this is the old address, try to use the same port
-				for (InetSocketAddress old : olds) {
-					if (old.getAddress().equals(local))
-						locals.add(new InetSocketAddress(local, old.getPort()));
+		List<InetSocketAddress> fallbacks = new ArrayList<>();
+		for (InetAddress local : getUsableLocalInetAddresses()) {
+			// If we've used this address before, try to use the same port
+			int port = preferredPort;
+			for (InetSocketAddress old : olds) {
+				if (old.getAddress().equals(local)) {
+					port = old.getPort();
+					break;
 				}
-				locals.add(new InetSocketAddress(local, 0));
 			}
+			locals.add(new InetSocketAddress(local, port));
+			// Fall back to any available port
+			fallbacks.add(new InetSocketAddress(local, 0));
 		}
-		sort(locals, ADDRESS_COMPARATOR);
+		locals.addAll(fallbacks);
 		return locals;
 	}
 
+	private int parsePortProperty(@Nullable String portProperty) {
+		if (isNullOrEmpty(portProperty)) return 0;
+		try {
+			return parseInt(portProperty);
+		} catch (NumberFormatException e) {
+			return 0;
+		}
+	}
+
 	private List<InetSocketAddress> parseSocketAddresses(String ipPorts) {
-		if (isNullOrEmpty(ipPorts)) return emptyList();
-		String[] split = ipPorts.split(SEPARATOR);
 		List<InetSocketAddress> addresses = new ArrayList<>();
-		for (String ipPort : split) {
+		if (isNullOrEmpty(ipPorts)) return addresses;
+		for (String ipPort : ipPorts.split(SEPARATOR)) {
 			InetSocketAddress a = parseSocketAddress(ipPort);
 			if (a != null) addresses.add(a);
 		}
 		return addresses;
 	}
 
+	protected List<InetAddress> getUsableLocalInetAddresses() {
+		List<InterfaceAddress> ifAddrs =
+				new ArrayList<>(getLocalInterfaceAddresses());
+		// Prefer longer network prefixes
+		sort(ifAddrs, (a, b) ->
+				b.getNetworkPrefixLength() - a.getNetworkPrefixLength());
+		List<InetAddress> addrs = new ArrayList<>();
+		for (InterfaceAddress ifAddr : ifAddrs) {
+			InetAddress addr = ifAddr.getAddress();
+			if (isAcceptableAddress(addr)) addrs.add(addr);
+		}
+		return addrs;
+	}
+
 	@Override
 	protected void setLocalSocketAddress(InetSocketAddress a) {
 		String ipPort = getIpPortString(a);
@@ -132,7 +200,20 @@ class LanTcpPlugin extends TcpPlugin {
 	@Override
 	protected List<InetSocketAddress> getRemoteSocketAddresses(
 			TransportProperties p) {
-		return parseSocketAddresses(p.get(PROP_IP_PORTS));
+		String ipPorts = p.get(PROP_IP_PORTS);
+		List<InetSocketAddress> remotes = parseSocketAddresses(ipPorts);
+		int port = parsePortProperty(p.get(PROP_PORT));
+		// If the contact has a preferred port, we can guess their IP:port when
+		// they're providing a wifi access point
+		if (port != 0) {
+			InetSocketAddress wifiAp =
+					new InetSocketAddress(WIFI_AP_ADDRESS, port);
+			if (!remotes.contains(wifiAp)) remotes.add(wifiAp);
+			InetSocketAddress wifiDirectAp =
+					new InetSocketAddress(WIFI_DIRECT_AP_ADDRESS, port);
+			if (!remotes.contains(wifiDirectAp)) remotes.add(wifiDirectAp);
+		}
+		return remotes;
 	}
 
 	private boolean isAcceptableAddress(InetAddress a) {
@@ -145,52 +226,33 @@ class LanTcpPlugin extends TcpPlugin {
 	}
 
 	@Override
-	protected boolean isConnectable(InetSocketAddress remote) {
+	protected boolean isConnectable(InterfaceAddress local,
+			InetSocketAddress remote) {
 		if (remote.getPort() == 0) return false;
 		if (!isAcceptableAddress(remote.getAddress())) return false;
 		// Try to determine whether the address is on the same LAN as us
-		if (socket == null) return false;
-		byte[] localIp = socket.getInetAddress().getAddress();
+		byte[] localIp = local.getAddress().getAddress();
 		byte[] remoteIp = remote.getAddress().getAddress();
-		return addressesAreOnSameLan(localIp, remoteIp);
+		int prefixLength = local.getNetworkPrefixLength();
+		return areAddressesInSameNetwork(localIp, remoteIp, prefixLength);
 	}
 
 	// Package access for testing
-	boolean addressesAreOnSameLan(byte[] localIp, byte[] remoteIp) {
-		// 10.0.0.0/8
-		if (isPrefix10(localIp)) return isPrefix10(remoteIp);
-		// 172.16.0.0/12
-		if (isPrefix172(localIp)) return isPrefix172(remoteIp);
-		// 192.168.0.0/16
-		if (isPrefix192(localIp)) return isPrefix192(remoteIp);
-		// Unrecognised prefix - may be compatible
+	static boolean areAddressesInSameNetwork(byte[] localIp, byte[] remoteIp,
+			int prefixLength) {
+		if (localIp.length != remoteIp.length) return false;
+		// Compare the first prefixLength bits of the addresses
+		for (int i = 0; i < prefixLength; i++) {
+			int byteIndex = i >> 3;
+			int bitIndex = i & 7; // 0 to 7
+			int mask = 128 >> bitIndex; // Select the bit at bitIndex
+			if ((localIp[byteIndex] & mask) != (remoteIp[byteIndex] & mask)) {
+				return false; // Addresses differ at bit i
+			}
+		}
 		return true;
 	}
 
-	private static boolean isPrefix10(byte[] ipv4) {
-		return ipv4[0] == 10;
-	}
-
-	private static boolean isPrefix172(byte[] ipv4) {
-		return ipv4[0] == (byte) 172 && (ipv4[1] & 0xF0) == 16;
-	}
-
-	private static boolean isPrefix192(byte[] ipv4) {
-		return ipv4[0] == (byte) 192 && ipv4[1] == (byte) 168;
-	}
-
-	// Returns the prefix length for an RFC 1918 address, or 0 for any other
-	// address
-	private static int getRfc1918PrefixLength(InetAddress addr) {
-		if (!(addr instanceof Inet4Address)) return 0;
-		if (!addr.isSiteLocalAddress()) return 0;
-		byte[] ipv4 = addr.getAddress();
-		if (isPrefix10(ipv4)) return 8;
-		if (isPrefix172(ipv4)) return 12;
-		if (isPrefix192(ipv4)) return 16;
-		return 0;
-	}
-
 	@Override
 	public boolean supportsKeyAgreement() {
 		return true;
@@ -229,6 +291,12 @@ class LanTcpPlugin extends TcpPlugin {
 	public DuplexTransportConnection createKeyAgreementConnection(
 			byte[] commitment, BdfList descriptor) {
 		if (!isRunning()) return null;
+		ServerSocket ss = socket;
+		InterfaceAddress local = getLocalInterfaceAddress(ss.getInetAddress());
+		if (local == null) {
+			LOG.warning("No interface for key agreement server socket");
+			return null;
+		}
 		InetSocketAddress remote;
 		try {
 			remote = parseSocketAddress(descriptor);
@@ -236,12 +304,11 @@ class LanTcpPlugin extends TcpPlugin {
 			LOG.info("Invalid IP/port in key agreement descriptor");
 			return null;
 		}
-		if (!isConnectable(remote)) {
+		if (!isConnectable(local, remote)) {
 			if (LOG.isLoggable(INFO)) {
-				SocketAddress local = socket.getLocalSocketAddress();
 				LOG.info(scrubSocketAddress(remote) +
 						" is not connectable from " +
-						scrubSocketAddress(local));
+						scrubSocketAddress(ss.getLocalSocketAddress()));
 			}
 			return null;
 		}
@@ -249,8 +316,8 @@ class LanTcpPlugin extends TcpPlugin {
 			if (LOG.isLoggable(INFO))
 				LOG.info("Connecting to " + scrubSocketAddress(remote));
 			Socket s = createSocket();
-			s.bind(new InetSocketAddress(socket.getInetAddress(), 0));
-			s.connect(remote);
+			s.bind(new InetSocketAddress(ss.getInetAddress(), 0));
+			s.connect(remote, connectionTimeout);
 			s.setSoTimeout(socketTimeout);
 			if (LOG.isLoggable(INFO))
 				LOG.info("Connected to " + scrubSocketAddress(remote));
@@ -299,19 +366,4 @@ class LanTcpPlugin extends TcpPlugin {
 			IoUtils.tryToClose(ss, LOG, WARNING);
 		}
 	}
-
-	static class LanAddressComparator implements Comparator<InetSocketAddress> {
-
-		@Override
-		public int compare(InetSocketAddress a, InetSocketAddress b) {
-			// Prefer addresses with non-zero ports
-			int aPort = a.getPort(), bPort = b.getPort();
-			if (aPort > 0 && bPort == 0) return -1;
-			if (aPort == 0 && bPort > 0) return 1;
-			// Prefer addresses with longer RFC 1918 prefixes
-			int aPrefix = getRfc1918PrefixLength(a.getAddress());
-			int bPrefix = getRfc1918PrefixLength(b.getAddress());
-			return bPrefix - aPrefix;
-		}
-	}
 }

bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/LanTcpPluginFactory.java

@@ -18,10 +18,11 @@ import static org.briarproject.bramble.api.plugin.LanTcpConstants.ID;
 @NotNullByDefault
 public class LanTcpPluginFactory implements DuplexPluginFactory {
 
-	private static final int MAX_LATENCY = 30 * 1000; // 30 seconds
-	private static final int MAX_IDLE_TIME = 30 * 1000; // 30 seconds
-	private static final int MIN_POLLING_INTERVAL = 60 * 1000; // 1 minute
-	private static final int MAX_POLLING_INTERVAL = 10 * 60 * 1000; // 10 mins
+	private static final int MAX_LATENCY = 30_000; // 30 seconds
+	private static final int MAX_IDLE_TIME = 30_000; // 30 seconds
+	private static final int CONNECTION_TIMEOUT = 3_000; // 3 seconds
+	private static final int MIN_POLLING_INTERVAL = 60_000; // 1 minute
+	private static final int MAX_POLLING_INTERVAL = 600_000; // 10 mins
 	private static final double BACKOFF_BASE = 1.2;
 
 	private final Executor ioExecutor;
@@ -48,6 +49,6 @@ public class LanTcpPluginFactory implements DuplexPluginFactory {
 		Backoff backoff = backoffFactory.createBackoff(MIN_POLLING_INTERVAL,
 				MAX_POLLING_INTERVAL, BACKOFF_BASE);
 		return new LanTcpPlugin(ioExecutor, backoff, callback, MAX_LATENCY,
-				MAX_IDLE_TIME);
+				MAX_IDLE_TIME, CONNECTION_TIMEOUT);
 	}
 }

bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/TcpPlugin.java

@@ -19,10 +19,10 @@ import org.briarproject.bramble.util.IoUtils;
 import java.io.IOException;
 import java.net.InetAddress;
 import java.net.InetSocketAddress;
+import java.net.InterfaceAddress;
 import java.net.NetworkInterface;
 import java.net.ServerSocket;
 import java.net.Socket;
-import java.net.SocketAddress;
 import java.net.SocketException;
 import java.net.UnknownHostException;
 import java.util.ArrayList;
@@ -36,7 +36,6 @@ import java.util.regex.Pattern;
 
 import javax.annotation.Nullable;
 
-import static java.net.NetworkInterface.getNetworkInterfaces;
 import static java.util.Collections.emptyList;
 import static java.util.Collections.list;
 import static java.util.logging.Level.INFO;
@@ -58,7 +57,8 @@ abstract class TcpPlugin implements DuplexPlugin {
 	protected final Executor ioExecutor, bindExecutor;
 	protected final Backoff backoff;
 	protected final PluginCallback callback;
-	protected final int maxLatency, maxIdleTime, socketTimeout;
+	protected final int maxLatency, maxIdleTime;
+	protected final int connectionTimeout, socketTimeout;
 	protected final AtomicBoolean used = new AtomicBoolean(false);
 
 	protected volatile boolean running = false;
@@ -86,15 +86,18 @@ abstract class TcpPlugin implements DuplexPlugin {
 	/**
 	 * Returns true if connections to the given address can be attempted.
 	 */
-	protected abstract boolean isConnectable(InetSocketAddress remote);
+	@SuppressWarnings("BooleanMethodIsAlwaysInverted")
+	protected abstract boolean isConnectable(InterfaceAddress local,
+			InetSocketAddress remote);
 
 	TcpPlugin(Executor ioExecutor, Backoff backoff, PluginCallback callback,
-			int maxLatency, int maxIdleTime) {
+			int maxLatency, int maxIdleTime, int connectionTimeout) {
 		this.ioExecutor = ioExecutor;
 		this.backoff = backoff;
 		this.callback = callback;
 		this.maxLatency = maxLatency;
 		this.maxIdleTime = maxIdleTime;
+		this.connectionTimeout = connectionTimeout;
 		if (maxIdleTime > Integer.MAX_VALUE / 2)
 			socketTimeout = Integer.MAX_VALUE;
 		else socketTimeout = maxIdleTime * 2;
@@ -230,13 +233,23 @@ abstract class TcpPlugin implements DuplexPlugin {
 	@Override
 	public DuplexTransportConnection createConnection(TransportProperties p) {
 		if (!isRunning()) return null;
+		ServerSocket ss = socket;
+		InterfaceAddress local = getLocalInterfaceAddress(ss.getInetAddress());
+		if (local == null) {
+			LOG.warning("No interface for server socket");
+			return null;
+		}
 		for (InetSocketAddress remote : getRemoteSocketAddresses(p)) {
-			if (!isConnectable(remote)) {
+			// Don't try to connect to our own address
+			if (!canConnectToOwnAddress() &&
+					remote.getAddress().equals(ss.getInetAddress())) {
+				continue;
+			}
+			if (!isConnectable(local, remote)) {
 				if (LOG.isLoggable(INFO)) {
-					SocketAddress local = socket.getLocalSocketAddress();
 					LOG.info(scrubSocketAddress(remote) +
 							" is not connectable from " +
-							scrubSocketAddress(local));
+							scrubSocketAddress(ss.getLocalSocketAddress()));
 				}
 				continue;
 			}
@@ -244,8 +257,8 @@ abstract class TcpPlugin implements DuplexPlugin {
 				if (LOG.isLoggable(INFO))
 					LOG.info("Connecting to " + scrubSocketAddress(remote));
 				Socket s = createSocket();
-				s.bind(new InetSocketAddress(socket.getInetAddress(), 0));
-				s.connect(remote);
+				s.bind(new InetSocketAddress(ss.getInetAddress(), 0));
+				s.connect(remote, connectionTimeout);
 				s.setSoTimeout(socketTimeout);
 				if (LOG.isLoggable(INFO))
 					LOG.info("Connected to " + scrubSocketAddress(remote));
@@ -259,6 +272,19 @@ abstract class TcpPlugin implements DuplexPlugin {
 		return null;
 	}
 
+	@Nullable
+	InterfaceAddress getLocalInterfaceAddress(InetAddress a) {
+		for (InterfaceAddress ifAddr : getLocalInterfaceAddresses()) {
+			if (ifAddr.getAddress().equals(a)) return ifAddr;
+		}
+		return null;
+	}
+
+	// Override for testing
+	protected boolean canConnectToOwnAddress() {
+		return false;
+	}
+
 	protected Socket createSocket() throws IOException {
 		return new Socket();
 	}
@@ -314,14 +340,27 @@ abstract class TcpPlugin implements DuplexPlugin {
 		throw new UnsupportedOperationException();
 	}
 
-	Collection<InetAddress> getLocalIpAddresses() {
+	List<InterfaceAddress> getLocalInterfaceAddresses() {
+		List<InterfaceAddress> addrs = new ArrayList<>();
+		for (NetworkInterface iface : getNetworkInterfaces()) {
+			addrs.addAll(iface.getInterfaceAddresses());
+		}
+		return addrs;
+	}
+
+	List<InetAddress> getLocalInetAddresses() {
+		List<InetAddress> addrs = new ArrayList<>();
+		for (NetworkInterface iface : getNetworkInterfaces()) {
+			addrs.addAll(list(iface.getInetAddresses()));
+		}
+		return addrs;
+	}
+
+	private List<NetworkInterface> getNetworkInterfaces() {
 		try {
-			Enumeration<NetworkInterface> ifaces = getNetworkInterfaces();
-			if (ifaces == null) return emptyList();
-			List<InetAddress> addrs = new ArrayList<>();
-			for (NetworkInterface iface : list(ifaces))
-				addrs.addAll(list(iface.getInetAddresses()));
-			return addrs;
+			Enumeration<NetworkInterface> ifaces =
+					NetworkInterface.getNetworkInterfaces();
+			return ifaces == null ? emptyList() : list(ifaces);
 		} catch (SocketException e) {
 			logException(LOG, WARNING, e);
 			return emptyList();

bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/WanTcpPlugin.java

@@ -10,6 +10,7 @@ import org.briarproject.bramble.api.properties.TransportProperties;
 import java.net.Inet4Address;
 import java.net.InetAddress;
 import java.net.InetSocketAddress;
+import java.net.InterfaceAddress;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.concurrent.Executor;
@@ -29,8 +30,10 @@ class WanTcpPlugin extends TcpPlugin {
 	private volatile MappingResult mappingResult;
 
 	WanTcpPlugin(Executor ioExecutor, Backoff backoff, PortMapper portMapper,
-			PluginCallback callback, int maxLatency, int maxIdleTime) {
-		super(ioExecutor, backoff, callback, maxLatency, maxIdleTime);
+			PluginCallback callback, int maxLatency, int maxIdleTime,
+			int connectionTimeout) {
+		super(ioExecutor, backoff, callback, maxLatency, maxIdleTime,
+				connectionTimeout);
 		this.portMapper = portMapper;
 	}
 
@@ -45,7 +48,7 @@ class WanTcpPlugin extends TcpPlugin {
 		TransportProperties p = callback.getLocalProperties();
 		InetSocketAddress old = parseSocketAddress(p.get(PROP_IP_PORT));
 		List<InetSocketAddress> addrs = new LinkedList<>();
-		for (InetAddress a : getLocalIpAddresses()) {
+		for (InetAddress a : getLocalInetAddresses()) {
 			if (isAcceptableAddress(a)) {
 				// If this is the old address, try to use the same port
 				if (old != null && old.getAddress().equals(a))
@@ -86,7 +89,8 @@ class WanTcpPlugin extends TcpPlugin {
 	}
 
 	@Override
-	protected boolean isConnectable(InetSocketAddress remote) {
+	protected boolean isConnectable(InterfaceAddress local,
+			InetSocketAddress remote) {
 		if (remote.getPort() == 0) return false;
 		return isAcceptableAddress(remote.getAddress());
 	}

bramble-core/src/main/java/org/briarproject/bramble/plugin/tcp/WanTcpPluginFactory.java

@@ -19,10 +19,11 @@ import static org.briarproject.bramble.api.plugin.WanTcpConstants.ID;
 @NotNullByDefault
 public class WanTcpPluginFactory implements DuplexPluginFactory {
 
-	private static final int MAX_LATENCY = 30 * 1000; // 30 seconds
-	private static final int MAX_IDLE_TIME = 30 * 1000; // 30 seconds
-	private static final int MIN_POLLING_INTERVAL = 60 * 1000; // 1 minute
-	private static final int MAX_POLLING_INTERVAL = 10 * 60 * 1000; // 10 mins
+	private static final int MAX_LATENCY = 30_000; // 30 seconds
+	private static final int MAX_IDLE_TIME = 30_000; // 30 seconds
+	private static final int CONNECTION_TIMEOUT = 30_000; // 30 seconds
+	private static final int MIN_POLLING_INTERVAL = 60_000; // 1 minute
+	private static final int MAX_POLLING_INTERVAL = 600_000; // 10 mins
 	private static final double BACKOFF_BASE = 1.2;
 
 	private final Executor ioExecutor;
@@ -52,6 +53,6 @@ public class WanTcpPluginFactory implements DuplexPluginFactory {
 				MAX_POLLING_INTERVAL, BACKOFF_BASE);
 		return new WanTcpPlugin(ioExecutor, backoff,
 				new PortMapperImpl(shutdownManager), callback, MAX_LATENCY,
-				MAX_IDLE_TIME);
+				MAX_IDLE_TIME, CONNECTION_TIMEOUT);
 	}
 }

bramble-core/src/main/java/org/briarproject/bramble/plugin/tor/TorPlugin.java

@@ -195,8 +195,6 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 		if (!assetsAreUpToDate()) installAssets();
 		if (cookieFile.exists() && !cookieFile.delete())
 			LOG.warning("Old auth cookie not deleted");
-		// Migrate old settings before having a chance to stop
-		migrateSettings();
 		// Start a new Tor process
 		LOG.info("Starting Tor");
 		String torPath = torFile.getAbsolutePath();
@@ -816,21 +814,6 @@ abstract class TorPlugin implements DuplexPlugin, EventHandler, EventListener {
 		controlConnection.setConf("ConnectionPadding", enable ? "1" : "0");
 	}
 
-	// TODO remove when sufficient time has passed. Added 2018-08-15
-	private void migrateSettings() {
-		Settings sOld = callback.getSettings();
-		int oldNetwork = sOld.getInt("network", -1);
-		if (oldNetwork == -1) return;
-		Settings s = new Settings();
-		if (oldNetwork == 0) {
-			s.putInt(PREF_TOR_NETWORK, PREF_TOR_NETWORK_NEVER);
-		} else if (oldNetwork == 1) {
-			s.putBoolean(PREF_TOR_MOBILE, false);
-		}
-		s.putInt("network", -1);
-		callback.mergeSettings(s);
-	}
-
 	private static class ConnectionStatus {
 
 		// All of the following are locking: this

bramble-core/src/main/java/org/briarproject/bramble/properties/TransportPropertyManagerImpl.java

@@ -37,6 +37,11 @@ import javax.annotation.Nullable;
 import javax.annotation.concurrent.Immutable;
 import javax.inject.Inject;
 
+import static org.briarproject.bramble.api.properties.TransportPropertyConstants.GROUP_KEY_DISCOVERED;
+import static org.briarproject.bramble.api.properties.TransportPropertyConstants.MSG_KEY_LOCAL;
+import static org.briarproject.bramble.api.properties.TransportPropertyConstants.MSG_KEY_TRANSPORT_ID;
+import static org.briarproject.bramble.api.properties.TransportPropertyConstants.MSG_KEY_VERSION;
+
 @Immutable
 @NotNullByDefault
 class TransportPropertyManagerImpl implements TransportPropertyManager,
@@ -111,10 +116,10 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 		try {
 			// Find the latest update for this transport, if any
 			BdfDictionary d = metadataParser.parse(meta);
-			TransportId t = new TransportId(d.getString("transportId"));
+			TransportId t = new TransportId(d.getString(MSG_KEY_TRANSPORT_ID));
 			LatestUpdate latest = findLatest(txn, m.getGroupId(), t, false);
 			if (latest != null) {
-				if (d.getLong("version") > latest.version) {
+				if (d.getLong(MSG_KEY_VERSION) > latest.version) {
 					// This update is newer - delete the previous update
 					db.deleteMessage(txn, latest.messageId);
 					db.deleteMessageMetadata(txn, latest.messageId);
@@ -140,6 +145,27 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 		}
 	}
 
+	@Override
+	public void addRemotePropertiesFromConnection(ContactId c, TransportId t,
+			TransportProperties props) throws DbException {
+		if (props.isEmpty()) return;
+		try {
+			db.transaction(false, txn -> {
+				Group g = getContactGroup(db.getContact(txn, c));
+				BdfDictionary meta = clientHelper.getGroupMetadataAsDictionary(
+						txn, g.getId());
+				BdfDictionary discovered =
+						meta.getOptionalDictionary(GROUP_KEY_DISCOVERED);
+				if (discovered == null) discovered = new BdfDictionary();
+				discovered.putAll(props);
+				meta.put(GROUP_KEY_DISCOVERED, discovered);
+				clientHelper.mergeGroupMetadata(txn, g.getId(), meta);
+			});
+		} catch (FormatException e) {
+			throw new DbException(e);
+		}
+	}
+
 	@Override
 	public Map<TransportId, TransportProperties> getLocalProperties()
 			throws DbException {
@@ -203,12 +229,26 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 		Group g = getContactGroup(c);
 		try {
 			// Find the latest remote update
+			TransportProperties remote;
 			LatestUpdate latest = findLatest(txn, g.getId(), t, false);
-			if (latest == null) return new TransportProperties();
-			// Retrieve and parse the latest remote properties
-			BdfList message =
-					clientHelper.getMessageAsList(txn, latest.messageId);
-			return parseProperties(message);
+			if (latest == null) {
+				remote = new TransportProperties();
+			} else {
+				// Retrieve and parse the latest remote properties
+				BdfList message =
+						clientHelper.getMessageAsList(txn, latest.messageId);
+				remote = parseProperties(message);
+			}
+			// Merge in any discovered properties
+			BdfDictionary meta =
+					clientHelper.getGroupMetadataAsDictionary(txn, g.getId());
+			BdfDictionary d = meta.getOptionalDictionary(GROUP_KEY_DISCOVERED);
+			if (d == null) return remote;
+			TransportProperties merged =
+					clientHelper.parseAndValidateTransportProperties(d);
+			// Received properties override discovered properties
+			merged.putAll(remote);
+			return merged;
 		} catch (FormatException e) {
 			throw new DbException(e);
 		}
@@ -281,9 +321,9 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 			long now = clock.currentTimeMillis();
 			Message m = clientHelper.createMessage(g, now, body);
 			BdfDictionary meta = new BdfDictionary();
-			meta.put("transportId", t.getString());
-			meta.put("version", version);
-			meta.put("local", local);
+			meta.put(MSG_KEY_TRANSPORT_ID, t.getString());
+			meta.put(MSG_KEY_VERSION, version);
+			meta.put(MSG_KEY_LOCAL, local);
 			clientHelper.addLocalMessage(txn, m, meta, shared, false);
 		} catch (FormatException e) {
 			throw new RuntimeException(e);
@@ -302,8 +342,9 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 				.getMessageMetadataAsDictionary(txn, localGroup.getId());
 		for (Entry<MessageId, BdfDictionary> e : metadata.entrySet()) {
 			BdfDictionary meta = e.getValue();
-			TransportId t = new TransportId(meta.getString("transportId"));
-			long version = meta.getLong("version");
+			TransportId t =
+					new TransportId(meta.getString(MSG_KEY_TRANSPORT_ID));
+			long version = meta.getLong(MSG_KEY_VERSION);
 			latestUpdates.put(t, new LatestUpdate(e.getKey(), version));
 		}
 		return latestUpdates;
@@ -316,9 +357,10 @@ class TransportPropertyManagerImpl implements TransportPropertyManager,
 				clientHelper.getMessageMetadataAsDictionary(txn, g);
 		for (Entry<MessageId, BdfDictionary> e : metadata.entrySet()) {
 			BdfDictionary meta = e.getValue();
-			if (meta.getString("transportId").equals(t.getString())
-					&& meta.getBoolean("local") == local) {
-				return new LatestUpdate(e.getKey(), meta.getLong("version"));
+			if (meta.getString(MSG_KEY_TRANSPORT_ID).equals(t.getString())
+					&& meta.getBoolean(MSG_KEY_LOCAL) == local) {
+				return new LatestUpdate(e.getKey(),
+						meta.getLong(MSG_KEY_VERSION));
 			}
 		}
 		return null;

bramble-core/src/main/java/org/briarproject/bramble/rendezvous/RendezvousPollerImpl.java

@@ -2,6 +2,7 @@ package org.briarproject.bramble.rendezvous;
 
 import org.briarproject.bramble.PoliteExecutor;
 import org.briarproject.bramble.api.Pair;
+import org.briarproject.bramble.api.connection.ConnectionManager;
 import org.briarproject.bramble.api.contact.PendingContact;
 import org.briarproject.bramble.api.contact.PendingContactId;
 import org.briarproject.bramble.api.contact.PendingContactState;
@@ -23,7 +24,6 @@ import org.briarproject.bramble.api.lifecycle.Service;
 import org.briarproject.bramble.api.lifecycle.ServiceException;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.plugin.ConnectionHandler;
-import org.briarproject.bramble.api.plugin.ConnectionManager;
 import org.briarproject.bramble.api.plugin.Plugin;
 import org.briarproject.bramble.api.plugin.PluginManager;
 import org.briarproject.bramble.api.plugin.TransportConnectionReader;

bramble-core/src/main/java/org/briarproject/bramble/sync/DuplexOutgoingSession.java

@@ -11,13 +11,16 @@ import org.briarproject.bramble.api.event.EventListener;
 import org.briarproject.bramble.api.lifecycle.IoExecutor;
 import org.briarproject.bramble.api.lifecycle.event.LifecycleEvent;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportId;
 import org.briarproject.bramble.api.sync.Ack;
 import org.briarproject.bramble.api.sync.Message;
 import org.briarproject.bramble.api.sync.Offer;
+import org.briarproject.bramble.api.sync.Priority;
 import org.briarproject.bramble.api.sync.Request;
 import org.briarproject.bramble.api.sync.SyncRecordWriter;
 import org.briarproject.bramble.api.sync.SyncSession;
 import org.briarproject.bramble.api.sync.Versions;
+import org.briarproject.bramble.api.sync.event.CloseSyncConnectionsEvent;
 import org.briarproject.bramble.api.sync.event.GroupVisibilityUpdatedEvent;
 import org.briarproject.bramble.api.sync.event.MessageRequestedEvent;
 import org.briarproject.bramble.api.sync.event.MessageSharedEvent;
@@ -35,6 +38,7 @@ import java.util.concurrent.atomic.AtomicBoolean;
 import java.util.concurrent.atomic.AtomicLong;
 import java.util.logging.Logger;
 
+import javax.annotation.Nullable;
 import javax.annotation.concurrent.ThreadSafe;
 
 import static java.util.concurrent.TimeUnit.MILLISECONDS;
@@ -71,9 +75,12 @@ class DuplexOutgoingSession implements SyncSession, EventListener {
 	private final EventBus eventBus;
 	private final Clock clock;
 	private final ContactId contactId;
+	private final TransportId transportId;
 	private final int maxLatency, maxIdleTime;
 	private final StreamWriter streamWriter;
 	private final SyncRecordWriter recordWriter;
+	@Nullable
+	private final Priority priority;
 	private final BlockingQueue<ThrowingRunnable<IOException>> writerTasks;
 
 	private final AtomicBoolean generateAckQueued = new AtomicBoolean(false);
@@ -86,18 +93,21 @@ class DuplexOutgoingSession implements SyncSession, EventListener {
 	private volatile boolean interrupted = false;
 
 	DuplexOutgoingSession(DatabaseComponent db, Executor dbExecutor,
-			EventBus eventBus, Clock clock, ContactId contactId, int maxLatency,
-			int maxIdleTime, StreamWriter streamWriter,
-			SyncRecordWriter recordWriter) {
+			EventBus eventBus, Clock clock, ContactId contactId,
+			TransportId transportId, int maxLatency, int maxIdleTime,
+			StreamWriter streamWriter, SyncRecordWriter recordWriter,
+			@Nullable Priority priority) {
 		this.db = db;
 		this.dbExecutor = dbExecutor;
 		this.eventBus = eventBus;
 		this.clock = clock;
 		this.contactId = contactId;
+		this.transportId = transportId;
 		this.maxLatency = maxLatency;
 		this.maxIdleTime = maxIdleTime;
 		this.streamWriter = streamWriter;
 		this.recordWriter = recordWriter;
+		this.priority = priority;
 		writerTasks = new LinkedBlockingQueue<>();
 	}
 
@@ -108,6 +118,8 @@ class DuplexOutgoingSession implements SyncSession, EventListener {
 		try {
 			// Send our supported protocol versions
 			recordWriter.writeVersions(new Versions(SUPPORTED_VERSIONS));
+			// Send our connection priority, if this is an outgoing connection
+			if (priority != null) recordWriter.writePriority(priority);
 			// Start a query for each type of record
 			generateAck();
 			generateBatch();
@@ -223,6 +235,9 @@ class DuplexOutgoingSession implements SyncSession, EventListener {
 		} else if (e instanceof LifecycleEvent) {
 			LifecycleEvent l = (LifecycleEvent) e;
 			if (l.getLifecycleState() == STOPPING) interrupt();
+		} else if (e instanceof CloseSyncConnectionsEvent) {
+			CloseSyncConnectionsEvent c = (CloseSyncConnectionsEvent) e;
+			if (c.getTransportId().equals(transportId)) interrupt();
 		}
 	}
 

bramble-core/src/main/java/org/briarproject/bramble/sync/IncomingSession.java

@@ -15,6 +15,8 @@ import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
 import org.briarproject.bramble.api.sync.Ack;
 import org.briarproject.bramble.api.sync.Message;
 import org.briarproject.bramble.api.sync.Offer;
+import org.briarproject.bramble.api.sync.Priority;
+import org.briarproject.bramble.api.sync.PriorityHandler;
 import org.briarproject.bramble.api.sync.Request;
 import org.briarproject.bramble.api.sync.SyncRecordReader;
 import org.briarproject.bramble.api.sync.SyncSession;
@@ -47,17 +49,19 @@ class IncomingSession implements SyncSession, EventListener {
 	private final EventBus eventBus;
 	private final ContactId contactId;
 	private final SyncRecordReader recordReader;
+	private final PriorityHandler priorityHandler;
 
 	private volatile boolean interrupted = false;
 
 	IncomingSession(DatabaseComponent db, Executor dbExecutor,
 			EventBus eventBus, ContactId contactId,
-			SyncRecordReader recordReader) {
+			SyncRecordReader recordReader, PriorityHandler priorityHandler) {
 		this.db = db;
 		this.dbExecutor = dbExecutor;
 		this.eventBus = eventBus;
 		this.contactId = contactId;
 		this.recordReader = recordReader;
+		this.priorityHandler = priorityHandler;
 	}
 
 	@IoExecutor
@@ -86,6 +90,9 @@ class IncomingSession implements SyncSession, EventListener {
 				} else if (recordReader.hasVersions()) {
 					Versions v = recordReader.readVersions();
 					dbExecutor.execute(new ReceiveVersions(v));
+				} else if (recordReader.hasPriority()) {
+					Priority p = recordReader.readPriority();
+					priorityHandler.handle(p);
 				} else {
 					// unknown records are ignored in RecordReader#eof()
 					throw new FormatException();

bramble-core/src/main/java/org/briarproject/bramble/sync/SimplexOutgoingSession.java

@@ -11,11 +11,13 @@ import org.briarproject.bramble.api.event.EventListener;
 import org.briarproject.bramble.api.lifecycle.IoExecutor;
 import org.briarproject.bramble.api.lifecycle.event.LifecycleEvent;
 import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
+import org.briarproject.bramble.api.plugin.TransportId;
 import org.briarproject.bramble.api.sync.Ack;
 import org.briarproject.bramble.api.sync.Message;
 import org.briarproject.bramble.api.sync.SyncRecordWriter;
 import org.briarproject.bramble.api.sync.SyncSession;
 import org.briarproject.bramble.api.sync.Versions;
+import org.briarproject.bramble.api.sync.event.CloseSyncConnectionsEvent;
 import org.briarproject.bramble.api.transport.StreamWriter;
 
 import java.io.IOException;
@@ -56,6 +58,7 @@ class SimplexOutgoingSession implements SyncSession, EventListener {
 	private final Executor dbExecutor;
 	private final EventBus eventBus;
 	private final ContactId contactId;
+	private final TransportId transportId;
 	private final int maxLatency;
 	private final StreamWriter streamWriter;
 	private final SyncRecordWriter recordWriter;
@@ -65,12 +68,14 @@ class SimplexOutgoingSession implements SyncSession, EventListener {
 	private volatile boolean interrupted = false;
 
 	SimplexOutgoingSession(DatabaseComponent db, Executor dbExecutor,
-			EventBus eventBus, ContactId contactId, int maxLatency,
-			StreamWriter streamWriter, SyncRecordWriter recordWriter) {
+			EventBus eventBus, ContactId contactId, TransportId transportId,
+			int maxLatency, StreamWriter streamWriter,
+			SyncRecordWriter recordWriter) {
 		this.db = db;
 		this.dbExecutor = dbExecutor;
 		this.eventBus = eventBus;
 		this.contactId = contactId;
+		this.transportId = transportId;
 		this.maxLatency = maxLatency;
 		this.streamWriter = streamWriter;
 		this.recordWriter = recordWriter;
@@ -123,6 +128,9 @@ class SimplexOutgoingSession implements SyncSession, EventListener {
 		} else if (e instanceof LifecycleEvent) {
 			LifecycleEvent l = (LifecycleEvent) e;
 			if (l.getLifecycleState() == STOPPING) interrupt();
+		} else if (e instanceof CloseSyncConnectionsEvent) {
+			CloseSyncConnectionsEvent c = (CloseSyncConnectionsEvent) e;
+			if (c.getTransportId().equals(transportId)) interrupt();
 		}
 	}
 

bramble-core/src/main/java/org/briarproject/bramble/sync/SyncRecordReaderImpl.java

@@ -11,6 +11,7 @@ import org.briarproject.bramble.api.sync.Message;
 import org.briarproject.bramble.api.sync.MessageFactory;
 import org.briarproject.bramble.api.sync.MessageId;
 import org.briarproject.bramble.api.sync.Offer;
+import org.briarproject.bramble.api.sync.Priority;
 import org.briarproject.bramble.api.sync.Request;
 import org.briarproject.bramble.api.sync.SyncRecordReader;
 import org.briarproject.bramble.api.sync.Versions;
@@ -26,10 +27,12 @@ import javax.annotation.concurrent.NotThreadSafe;
 import static org.briarproject.bramble.api.sync.RecordTypes.ACK;
 import static org.briarproject.bramble.api.sync.RecordTypes.MESSAGE;
 import static org.briarproject.bramble.api.sync.RecordTypes.OFFER;
+import static org.briarproject.bramble.api.sync.RecordTypes.PRIORITY;
 import static org.briarproject.bramble.api.sync.RecordTypes.REQUEST;
 import static org.briarproject.bramble.api.sync.RecordTypes.VERSIONS;
 import static org.briarproject.bramble.api.sync.SyncConstants.MAX_SUPPORTED_VERSIONS;
 import static org.briarproject.bramble.api.sync.SyncConstants.MESSAGE_HEADER_LENGTH;
+import static org.briarproject.bramble.api.sync.SyncConstants.PRIORITY_NONCE_BYTES;
 import static org.briarproject.bramble.api.sync.SyncConstants.PROTOCOL_VERSION;
 
 @NotThreadSafe
@@ -48,7 +51,7 @@ class SyncRecordReaderImpl implements SyncRecordReader {
 
 	private static boolean isKnownRecordType(byte type) {
 		return type == ACK || type == MESSAGE || type == OFFER ||
-				type == REQUEST || type == VERSIONS;
+				type == REQUEST || type == VERSIONS || type == PRIORITY;
 	}
 
 	private final MessageFactory messageFactory;
@@ -174,4 +177,23 @@ class SyncRecordReaderImpl implements SyncRecordReader {
 		nextRecord = null;
 		return supported;
 	}
+
+	@Override
+	public boolean hasPriority() throws IOException {
+		return !eof() && getNextRecordType() == PRIORITY;
+	}
+
+	@Override
+	public Priority readPriority() throws IOException {
+		if (!hasPriority()) throw new FormatException();
+		return new Priority(readNonce());
+	}
+
+	private byte[] readNonce() throws IOException {
+		if (nextRecord == null) throw new AssertionError();
+		byte[] payload = nextRecord.getPayload();
+		if (payload.length != PRIORITY_NONCE_BYTES) throw new FormatException();
+		nextRecord = null;
+		return payload;
+	}
 }

bramble-core/src/main/java/org/briarproject/bramble/sync/SyncRecordWriterImpl.java

@@ -8,6 +8,7 @@ import org.briarproject.bramble.api.sync.Message;
 import org.briarproject.bramble.api.sync.MessageFactory;
 import org.briarproject.bramble.api.sync.MessageId;
 import org.briarproject.bramble.api.sync.Offer;
+import org.briarproject.bramble.api.sync.Priority;
 import org.briarproject.bramble.api.sync.Request;
 import org.briarproject.bramble.api.sync.SyncRecordWriter;
 import org.briarproject.bramble.api.sync.Versions;
@@ -20,6 +21,7 @@ import javax.annotation.concurrent.NotThreadSafe;
 import static org.briarproject.bramble.api.sync.RecordTypes.ACK;
 import static org.briarproject.bramble.api.sync.RecordTypes.MESSAGE;
 import static org.briarproject.bramble.api.sync.RecordTypes.OFFER;
+import static org.briarproject.bramble.api.sync.RecordTypes.PRIORITY;
 import static org.briarproject.bramble.api.sync.RecordTypes.REQUEST;
 import static org.briarproject.bramble.api.sync.RecordTypes.VERSIONS;
 import static org.briarproject.bramble.api.sync.SyncConstants.PROTOCOL_VERSION;
@@ -73,6 +75,12 @@ class SyncRecordWriterImpl implements SyncRecordWriter {
 		writeRecord(VERSIONS);
 	}
 
+	@Override
+	public void writePriority(Priority p) throws IOException {
+		writer.writeRecord(
+				new Record(PROTOCOL_VERSION, PRIORITY, p.getNonce()));
+	}
+
 	@Override
 	public void flush() throws IOException {
 		writer.flush();