IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#dev
/2022/03/20
~AreEnn
~R4SAS
~acetone
~orignal
~villain
&N00B
+Xeha
+relaybot
DUHOVKIN
Leopold
Most2
Nausicaa
Ruskoye_911
Vort
anon2
b3t4f4c3
karamba_i2p
nemiga
not_bob_afk
plap
poriori
profetikla
soos
teeth
un
weko_
whothefuckami
ViktorShahter largo, создаёшь блок в tunnels.conf, ставишь type = server. Хост и порт это, собственно, тот локальный адрес и порт, на который ты хочешь попадать удалённо. При этом укажи ещё inport - порт что будет указывать удалённый клиент.
ViktorShahter В твойм случае host = 10.1.1.21. Только ключи не забудь указать чтобы адрес был всегда один.
largo Про ключи не понял. где взять?
largo Что-то не вижу что бы где-то поднялся эот inport и попытки подключиться к стриму чреез mplayer приводят к сообщению, что такой хост не обнаружен. То бишь ДНС не резолвит, хотя тут апишников нет, непонятно чо резолвить
orignal VLC по UDP?
orignal там все сложнее
zzz Does not decrypt as Session Request, attempt to decrypt as Token Request/Peer Test: Handshake header destID -4258379545499944410 pkt num 3243896805 type 187 version 191 netID 251 srcID 1785734510980643824 token 3358563715595154636 key T6M~VIDuSjoZ8AOSVJwO8G~3TXwu5OCw5356Oj~6rmw=
zzz is the destID right? that's the first 8 bytes, need to verify that first
orignal I use 8 random bytes
orignal for it
orignal should I do it differently?
zzz random is correct, but need to verify what you put in there before encryption
zzz once we confirm that we can look at the rest of the header
orignal let me print out
zzz you're sending a session request, right?
orignal let's do it
zzz print out big endian ofc
orignal let me check someting first
zzz print out big endian ofc
zzz the packet was 93 bytes (not including IP/UDP headers) which sounds about right. min size is 88
orignal yes it was 93
orignal be back in 10 minutes
orignal I have changed it it 1 and sent at 9:23. should we 106 bytes
zzz Handshake header destID -3849060384246460879 pkt num 1466189687 type 38 version 59 netID 199 srcID -8318608071136251158 token -4826061853381708388 key 738jyF5wQMKLIfUS7wHKUqEyIEGMrn7qsudhIcXGWDg=
orignal so it's defintyl not 1
orignal size is right?
zzz yes
zzz what do you mean not 1?
orignal destid
orignal I set it to 1
zzz oh, ok
orignal let's investigate deeper
zzz yeah I'm looking at your code
orignal first nonce is from 106-24 and second is 106-12. right?
orignal so there are only two things
orignal either intro key or nonce
zzz this is wrong but that's for the next message, not the problem right now:
zzz m_NoiseState->MixHash (payload, 24); // h = SHA256(h || 24 byte encrypted payload from Session Request) for SessionCreated
zzz that's the error in the spec, it's the full payload, not 24 bytes
zzz you're using my 32 byte intro key GrQCg6lOyqL9xrjJBY-1sob~jifxg-fFhdp-~HDLJo4= right?
zzz yes the nonce offsets are correct
orignal let me correct then
orignal I see the problem
orignal I use key as i
orignal and you have them different
orignal btw, why?
zzz SSU 1 vs SSU 2 you mean?
orignal in your RI
orignal you have both i and key in your SSU address
zzz one is AES and one is ChaCha; general principle, don't use the same key for two different cryptos
orignal no problem
orignal will fix it
ganimed Hey guys, where to read about router caps (shown in console in hidden area)? I mean what do they mean, in what source file do they defined?..
orignal RouterInfo.h
ganimed thx x2
orignal ganimed мгимо?))
orignal ну как не? в одной фразе 3 ошибки как в том анекдоте ))
ganimed Пф, меня понимают и ладно
ganimed Да и пагубное влияние нейтив-спикеров дает о себе знать
orignal ну так zzz тот самый нейтив спикер
ganimed Ну так я обычно не сним общась, а с самыми обычнми ребятами из асашай, которые филфаков явно не кончали
orignal асашай это что?
ganimed США
ganimed В произношении Бората
orignal а причем тут филфак?
ganimed А при том, что грамматика - вещь довольно условная и ее правила соблюдаются далеко не всеми, особенно в живом общении, в чатах. Отсюда и нестрогое следование строгим правилам :)
orignal конечно условная. ее никто не знает все просто употребляют автоматически
orignal ладно вернемся к нашим баранам
ganimed А что там с баранами?..
orignal бараны которые SSU2
orignal zzz, at 10:31:35 of 100 bytes
orignal wow seem I got reply from you
orignal can you confirm?
zzz yup, well done, stand by
orignal SSU2: Unexpected message type 128
orignal but we know why
orignal because KDF
orignal whatever let me investigate that part
zzz Invalid token 6705875313099848879 in session request
zzz I sent you a Retry
zzz not a Session Confirmed
zzz * not a Session Created
orignal so what is corect token in SessionRequest?
orignal you said I should send non-zero
zzz that would work in my test code; but in the live net, I'm enforcing tokens
orignal what is the code for retry? 128?
zzz 10?
orignal if I see 128 it's wrong anyway
orignal so what do I put into token field? zero?
zzz header key 2 is different for Session Created and Retry, so if it's not Session Created you have to re-decrypt the header
orignal got it
orignal but what key do you use for retry?
zzz retry is bob's intro key for both k1 and k2
orignal I see
zzz if you don't have a token, send a token request instead of a session request, because you don't need to do DH
zzz if you think you have a token that's not expired, send a session request, but you may still get back a retry
orignal so I shoul start with token request?
zzz the retry has the token you'll use for your second attempt
orignal is it per endpoint?
zzz I can't remember if it's per-router or per-IP
orignal please let me know
zzz maybe haven't thought that issue fully
orignal I will add this code
orignal are you able to decrypt my payload or you haven't reached that point?
zzz if the token is invalid, I don't bother to decrypt the payload
zzz to not waste DH / CPU on possible attacks
orignal let me implement tokens first then
zzz so, I store saved outbound tokens by router hash, and saved inbound tokens by IP/port. That doesn't sound right :)
zzz I'll need to research and see what QUIC does
orignal does it mean tokens are the same between addresses
orignal e.g. if I have a token for ipv4 I can reuse it for ipv6
zzz good questions, needs research and thinking
zzz the problem is, when you get an inbound token, all you know is the source ip/port... do you accept it from anywhere, or only from the ip/port you sent it to before
orignal then use endpoint
orignal not router
zzz yeah QUIC was worried about attacks where an on-path observer sees the token and then uses it himself
zzz I think you're right but I'll have to research and report back
orignal let me do it per endpoint for now
zzz it also means you'd have to clear all your saved outbound tokens if your ip changes
orignal yes, I should
orignal same of inbound
orignal because other side knows me by IP
zzz there's really two kinds of tokens:
zzz 1) when you get one in a Retry, you just use it right away, no storage, no issues about router vs. endpoint
zzz 2) when you get one in a New Token Block, that's to be saved for later, for the next time you connect
zzz for now, just worry about 1). The router vs. endpoint issue is for 2)
orignal yes I know
orignal but what if I'm Bob?
orignal I also need to store token I assign to Alices
zzz if I'm bob I just keep the "inbound establish state" open, with the token I sent, because the next message will come in on the same Dest Conn ID
zzz so I don't "store" the token in a central place
orignal agree
orignal zzz, when we send new SesionRequest as reply to Retry do we increase seqn?
orignal sorry, packet number
orignal or at least should it different?
zzz use random pkt num in Session Request and Session Created.
orignal but it must be new
zzz Session Confirmed pkt num is always 0 because it must be acked
orignal I mean SessionRequest
zzz doesn't matter in session request
orignal shoudl I generate new one or use from original request
zzz it's ignored
orignal how about nonce for chacha ?
zzz yes, use it as the nonce
orignal I mean not for payload
orignal but for long header
zzz looking...
zzz you mean for retry and token request?
orignal for next SessionRequest after retry
zzz looking...
orignal when I encrypt long header and X
zzz so the question is, what's the packet number in the 2nd Session Request?
orignal I send SessionRequest with 0, then I receive Retry, I send SessionRequest with 1
orignal but this is for payload, e.g. AEAD/Chacha/Poly
orignal but there is another chacha
orignal I'm asking about it
zzz the Noise chacha is basically "start over", because the header is different so it will be a different mixHash().
zzz so you'll use n=0 again
orignal so it's always 0 for chacha
zzz correct
orignal and sequence number for payload
orignal right?
zzz the packet number in the header?
orignal no, first is 0, second is 1 etc.
zzz I'm not sure what sequence number you mean?
orignal anyway as I understand you right we always use 0 for nonce
zzz yes, that's standard Noise
orignal until handashke finishes
orignal and when I get Retry I reset noise
zzz there's a n=1 in the Session confirmed (standard XK)
orignal that part I undertand
zzz yes, you can reset noise. I guess you could reuse the ephemeral key if you wanted?
zzz but you have to reset because you have to redo the mixhash() of the header
orignal thanks. it's clear now
orignal will try again tonight
zzz most of the time this won't happen, because you'll send a token request instead
zzz so we don't "waste" a DH
orignal race condition
orignal or restart
zzz right
orignal I believe you still know my token but you don't
zzz right
zzz but hopefully, 99% of time no reset required
orignal how do you prevent ping-pong?
orignal I send SessionRequest you don't like and send Retry
orignal I send again and you don't like again
zzz then it fails. Never send two Retry
zzz and don't retransmit Retry
orignal will do the same
zzz one other thing: put an address block in Session Request, Session Created, and Token Request payloads.
zzz that's to duplicate the "what is my ip/port?" feature of SSU 1
orignal SessionRequest? What for?
zzz also Retry
orignal why do I need to put you address from your RI?
zzz because we use SSU for address discovery
orignal I'm confused
zzz but maybe not useful for Session Request?
zzz it was in SSU 1
orignal I don't understand what to put
zzz you put bob's address when sending to bob. alice's address when sending to alice
zzz to help peers that don't know what their IP/port is
orignal dont; see in SSU
orignal what's a point of Bob's address in SessionRequest
orignal since I take it from Bob's RI
zzz it's in SSU 1 so I added it to SSU 2
zzz will have to research more
orignal where in SSU1
orignal no IP/port in SessionRequest
zzz Message format:
zzz +----+----+----+----+----+----+----+----+
zzz | X, as calculated from DH |
zzz ~ . . . ~
zzz | |
zzz +----+----+----+----+----+----+----+----+
orignal or yes I see
zzz |size| that many byte IP address (4-16) |
zzz +----+----+----+----+----+----+----+----+
zzz | arbitrary amount of uninterpreted data|
zzz ~ . . . ~
orignal idk why it's there
orignal doesn't make sense at all
zzz right now I will fail without it; ofc can be changed
orignal it was not specs
orignal only DateTime is required
orignal let's discuss tommorow
orignal probabry jrandom had something else in mind
zzz it might be part of what is signed in the 3rd message
zzz oh, you're right, the spec only requires it in session created
orignal we do it differently anyway
orignal ofc it must be in SessionCreated
zzz agreed, makes sense there
orignal because we tell Alice her actual IP
zzz so also in Retry
zzz good stuff, you're asking very smart questions
orignal I don't even decrypt Retry pyload for now ))
orignal *** afk ***
zzz yeah, probably fine, except for some possible injection attacks
R4SAS на неилитном, канал #i2pd
zzz correction, I do NOT send or require Address Block in Session Request
R4SAS там чувак попал на ту хрень с окончанием дескрипторов и у него отожрало 70 гигов логами
R4SAS с ошибкой
R4SAS так что в том PR предложение от него
orignal R4SAS нет не надо
R4SAS попросил его там зайти на i2pd-dev
R4SAS чего не надо?
orignal зеабали уже с этой идеей
R4SAS ну а чего делать предлагаешь?
R4SAS если нет возможности поднять лимит например
orignal там проблема что дескрипторы не только сокеты но и таймера
orignal пока ничего
orignal закрывать на хуй
R4SAS ну сам прокоментируй и закрой
R4SAS я ему перешлю
uis Таймеров много?
uis Я понять не могу, зачем делать фрагментацию SessionConfirmed, если IP уже может фрагментировать?
acetone orignal: добрее надо быть и люди потянутся)))
F5NAS acetone, ага)
orignal R4SAS пусть число транзитных тоннелей ограничивает
orignal uis что в mtu вписаться
orignal acetone, а?
orignal zzz, I have sent SessionRequest at 15:29:54
orignal then I have recveive Retry
orignal then send another SessionRequest and no response
orignal first was 93 bytes, second was 96 bytes
uis Впишется в два ip пакета
uis Так таймеров много?
orignal на каждую SSU сессию
orignal ну сделано было так давным давно
orignal в SSU2 разумеется будет сделано иначе
uis И на каждый таймер по файловому дескриптору? Ну и костыли!
` uis, чота не нраица7 Чемодан. Клирнет. Тор! Шутка, шутка.
uis SSU1 после реализации SSU2 больше не нужен?
zzz orignal,
zzz Bad Source Conn id Handshake header destID 3187227616902313146 pkt num 0 type 0 version 2 netID 2 srcID -5041392407515611427 token 8611805434283770328 key 7g8fcxEaO-nwjsvepvktw55vXS0-PSIoYFLMXWA-BWc= on IES2
zzz did you same the same source ID the 2nd time?
orignal should I use new one?
orignal uis ну я тогда не задумывался как в бусте таймера реализованы
orignal а оказалось через дескрипторы
zzz somehow I got a mismatch
zzz the dest conn ID matched. the source conn ID did not
zzz I didn't log what I got the first time though
orignal let me check
zzz actually the source conn id check was first
zzz I don't know if the dest conn id matched
orignal but they shoulc match, right?
orignal will fix
zzz they both should be the same as the first time
zzz ok, you found the problem?
orignal I though they must be different
orignal assuming we reset a session completely
zzz not that completely )))
zzz baby steps
orignal will fix
zzz note that the header decrypted correctly: pkt num 0 type 0 version 2 netID 2
orignal yes I saw it
legit-anon this isnt exactly dev related but...
legit-anon Deathbox MINECRAFT server hosted over i2p! learn to join here! ggdh6tgsenlz47zlmso52zbwl5cbc7z4qa66zthqaiv4fsbcf7fa.b32.i2p:2000
` MINECRA-A-A-A-A-A-A-A-AFT IS MY LIFE!
legit-anon feel free to join
` maybe minetest i will try.
` maybe.
orignal zzz, got something back after second SessionRequest
orignal of 120 bytes
orignal failed to decrypt but let me investigate
zzz Invalid token 0 in session request
zzz Got session request after retry
zzz Retransmit created
zzz Retransmit created
orignal why retransmit?
orignal what was that 120 bytes?
zzz because I never got back a session confirmed
zzz looking...
orignal you don't
orignal because it's not implemented yet ))
uis Some time ago there was another minecraft_is_my_life server
orignal my question is if you like my SessionRequest
zzz looking...
legit-anon tunnels might take a sec
zzz State after sess req: XK-SSU2 Handshake State:
zzz Symmetric State:
zzz ck: IAYKo664~0c75LKGdiZs0OTiVLusvXsWkKq9lc1iVlw=
zzz h: o-Hrp2f4AnPpaDViTnGjLC-N6s6aO~2tSYUMeWGV9Lw=
zzz Cipher State:
zzz nonce: 1
zzz poly key: p6MdZOVfh9zvL0M5mBGta~cmHwoGwnUTVA4xqx2hTg8=
zzz Local static public key (s) : O7EzKQpOIQffYq5jX4ZmeyYXncw2Zou3ad60Kgx1cD4=
zzz Remote static public key (rs) : null
zzz Local ephemeral public key (e) : null
zzz Remote ephemeral public key (re) : IPT7seztmjp8y3tqAoOzEFpp8xfFXDx65X6ya0oGvxk=
zzz 03-20 21:55:33.958 DEBUG [ handler 1/1] ort.udp.InboundEstablishState2: Processed 2 blocks
zzz all looks good :)
orignal finally
orignal and that 120 bytes was SessionCreated
zzz and thankfully, no Noise problems so far
orignal great
legit-anon is zzz a bot?
orignal zzz is main I2P dev
zzz I didn't log the size, but it sounds right. 88 bytes minimum
orignal if you didn't know it ))
orignal will fxi SessionCreated and implement SessionConfirmed
zzz hello legit-anon, not a bot
zzz congrats orignal, lots of hard work to get here
orignal legit-anon we is process of development SSU2
orignal yes, you too
orignal most of stuff is successive
orignal will continue tonight
orignal have to run now
zzz good night
uis_ Вместо четырёх байтов на время использовать четыре байта на номер файлового дескриптора и ещё как минимум 4 килобайта(или какой стоит размер страницы) для дескриптора ядром. Память эффективно используется)))
` [Алёша] Да уймись ты наконец (с)Где-то-слыша
` л
` Показалось забавным.
ViktorShahter А уже есть какие-то тестовые сборки с SSU2 или пока всё закрыто от простых смертных?
uis_ Он толком не работает, какие тестовые сборки?
ViktorShahter uis, тем не менее, старые версии i2pd крашатся именно из-за появления в базе роутеров с SSU2. Значит что-то сырое уже есть.
` ViktorShahter, товарищ прапорщик, не палились бы так.
` Интересуется тут как сеть положить..
R4SAS так это давно известно