IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#ls2
/2022/02/14
@eyedeekay
+R4SAS
+RN
+RN_
+T3s|4
+Xeha
+acetone
+not_bob
+weko
Irc2PGuest21083
Irc2PGuest86132
Onn4l7h
Onn4|7h
T3s|4_
aargh2
anon4
eyedeekay_bnc
hk
orignal_
profetikla
shiver_
u5657
x74a6
eyedeekay OK they're not perfect, but they're there which is more than I can say for the past 10 months.
eyedeekay gitlab-runners are back for the time being.
zlatinb eyedeekay: is it pulling the docker base images every time? looks like it from the logs
zlatinb also I have configured the muwire runner to upload a code coverage report as an artifact. But I can't find where to visualize them... do you need to enable some setting perhaps?
zlatinb oh looks like they're only for MRs.. that sux
eyedeekay zlatinb yeah there's some kind of issue I'm still working on re: docker-in-docker
eyedeekay Which is why it's pulling docker:stable which is causing the remaining issues
eyedeekay I also had to enable the gitlab container registry but I haven't exposed it to the rest of the internet yet.
eyedeekay When I do we can use it
Xeha eyedeekay: dind with shared socket?
eyedeekay Yes if I'm understanding it all correctly
Anomaly i think microsoft word is the best ide for programming
Anomaly how are you eyedeekay ?
eyedeekay OK. Just trying to make sure I have all of my projects ready for release time
eyedeekay I've got to update libraries across all my plugins and still may have a few adjustments to the CSS on proxy error and new install wizard
Anomaly sounds stressful
eyedeekay Nah it's only rough this time because my checklist got a lot longer this cycle
eyedeekay Sort of making the new one this week
eyedeekay And also I still don't know why goSam.client.debug=true is required for goSam to work on i2pd, which is why I have to do all the library updates, otherwise I can usually just leave that part unless I add a feature that I want to use in an app
Anomaly how long is a cycle usually ?
eyedeekay ~3-4 months. About a quarter of a year.
Anomaly interesting
Anomaly i2pd is c++ or a c language right ?
eyedeekay C++ but there's part of it with a C binding, which you can generate bindings to other languages for with SWIG
Anomaly oh ok
Anomaly lol i wish i was a good programmer
eyedeekay I've been increasing my use of C++ i2pd from Go a lot this cycle, which is pretty easy once you get it set up
Anomaly im invested in my own projects...
Anomaly thats interesting
eyedeekay One needs to give a little though to the lifecycle of the embedded i2pd router but it gets right out of your way
eyedeekay Here's sort of the minimum-example of how to use it: github.com/eyedeekay/go-i2pd
Anomaly lol you use tmux ?
Anomaly i never invested the time to learn it, but it looks interesting to me
eyedeekay It's handy for splitting terminals but basically useless if you don't learn how to configure your keyboard shortcuts
Anomaly ill keep that in mind
eyedeekay My recommendation, should you choose to use it in that way is to make the defaults a little bit "intelligent"
eyedeekay in that you should probably do what you can to discover a usable I2P router on the host before running the embedded I2P router
eyedeekay Otherwise you sometimes end up with embedded routers racing with the systemwide router to open a port, different keys in different working directories, it can make a bit of a mess
zzz what's on the agenda for today?
orignal and torrents on android
orignal from my side
eyedeekay Not really an agenda item, but I wanted to ping orignal about this PR: github.com/PurpleI2P/i2pd/pull/1728
zzz ssu2 is 1), android torrents is 2)
zzz eyedeekay, it's either for the meeting or it isn't, your choice
orignal merged
eyedeekay Good enough for me, no need for the agenda item
zzz ok then
zzz 1) SSU2
zzz orignal, how about you give your updates / status and then I will
orignal so I have have a question how we decrypt header
orignal once we receive a message where we get intro key from?
orignal based on endpoint?
zzz for almost all cases, the first header key is your intro key
orignal please explain
orignal first 8 bytes is connection id
zzz right, and the key for that is your intro key, as published in the netdb
orignal no, it's Bob's key
orignal if I'm Alice
orignal so I need to know Bob's intro key
zzz oh, you said you receive a message, I thought you were bob
orignal say I'm Alice and rfeceive SessionCreated
zzz if you're alice sending a session request to bob, you got bob's intro key from the netdb
orignal yes it's clear
orignal but when I'm Alice and receive some packet how I decrypt?
zzz that's the exception. if you're alice and receive session created, the key for that is bob's intro key
zzz when you're alice, the first header key is always your intro key, except for session created and retry
zzz in those cases, it's bob's intro key
orignal but how do I know bob's key?
orignal by endpoint where a packet came from?
zzz yes
orignal basically the way we do in SSU now
zzz correct
orignal next question
orignal what destination connection is for?
orignal if we always know endpoint
zzz the idea is to make inbound classification of packets much easier
zzz so you always try with your intro key first. that will find 99% of the sessions
zzz then fallback to lookup only pending sessions by endpoint
orignal yes, that's clear
orignal got it
zzz with connection id, you find the connection of a session even if the other end's IP changes. that's the main benefit
zzz super
orignal so I map sessions not by endoint like I do know
orignal but by this connection id
orignal I decrypt 8 bytes
orignal and then try to find session by connection id
zzz that's what I recommend, yes
orignal btw, how I know if decryption was successive or now?
orignal because I always decrypt to some 8 bytes
orignal it's chacha and xor
orignal not chacha/poly
zzz you don't. but then you decrypt the _next_ 8 bytes with the correct key for that connection.
zzz if the next 8 bytes are garbage, then you know everything failed
orignal they might not be garbage just inccorect
orignal so I know for sure when decrypt payload
zzz sure, but after that there is always a chacha/poly payload
zzz correct
orignal no more question for now
orignal the status is
orignal implement SessionRequest encryption
orignal not working on decryption of incoming packets
zzz great
zzz those were good questions too
zzz my status:
zzz still just working on test code
zzz I got retry working
orignal have you recached data phase yet?
zzz yes, data phase is working
zzz I got ack blocks working too
zzz I added a token request message so you can ask for a token without doing DH
zzz I'm starting to think more about packet numbering, because the proposal is a little inconsistent
zzz I'm starting to think about peer test and relay
orignal data with fragmentation ,etc.?
zzz I should be able to do testing with you soon
zzz my fragmentation code is sortof working, sortof buggy
orignal once I'm, done
zzz I do send both unfragmented and fragmented messages, and acks, in my test code
orignal but I'm making progress
zzz great
orignal eyedeekay we need you
eyedeekay We trying to put XD into an Android app?
orignal basically this question came from our Turkmen friend
orignal he wants to run both i2p and torrent client on his phone
orignal the question is about I2CP
orignal should we allow 127.0.0.1 connections?
eyedeekay As far as I can tell the benefits really outweigh the risks
orignal because zzz said that android local sockets can work between same developer's apps only
orignal zzz suggested to discuss it with you
eyedeekay Yeah you have to at least be using the same namespace and signing with the same keys, it's very limiting
orignal because you are the main android dev
eyedeekay There is no such limitation on TCP sockets
zzz orignal, what I2CP android torrent app are you proposing to use?
orignal what do you think? should we allow it in config?
orignal e.g. TCP/IP sockets
eyedeekay The only one I know of is BiglyBT, and I'm pretty sure it uses a hardcoded local socket or something, I don't seem to be able to get it to work with a TCP socket
eyedeekay In our app it's behind 1 settings menu and off by default. Not hard to enable but not on by default.
orignal zzz, Vuze
zzz eyedeekay, are you sure that biglybt on android supports the i2p plugin and external i2p router?
eyedeekay I'm pretty sure that it doesn't, actually
orignal e.g. BiglyBT
zzz if it doesn't then there's nothing to talk about
orignal seems it does but works the same way as for desktop
orignal zzz, we discuss ideas in general
orignal should i2cp be capable to use TCP/IP on android
eyedeekay On the desktop there is a way to configure how it connects to I2CP and also there's no limitation on the local socket unless you make one
zzz sure, but we should know how realistic the idea is
orignal the idea is
eyedeekay If it's just a matter of adding an item to enter the I2CP address, or switch between embedded and external, then it's probably not a huge chore on the BiglyBT side
orignal should we allow an external android app to connect trough I2CP
eyedeekay Ours is off-by-default, on-by-configuration, but SAM is on-by-default
zzz I think it's a security risk. I also think SAM is a security risk, but I lost that argument to eyedeekay
orignal SAM is not a question
orignal only I2CP
zzz right. just explaing that I'm both anti-SAM on android, and anti-I2CP-on-sockets on android
eyedeekay Well some of the issues are pretty much identical
orignal and how do you suggest to solve this problem?
zzz isn't there a i2pd android app?
orignal what do you mean?
zzz does i2pd have an android app?
orignal does i2pd works on adnroid or what?
zzz because if you do support i2pd on android, you could offer i2cp
orignal since 2016
zzz right, that's my question
orignal and in f-droid now
eyedeekay The issue I have with *not* doing it is that it leaves Android applications hanging with only our I2PTunnel proxies to connect to
zzz that's what I thought
orignal eyedeekay and what should torrents users do?
eyedeekay Some of them embed another I2P router of their own, then start it instead, now this small device has 2 I2P routers
zzz the correct solution is a i2psnark android app, released by us, that connects to the i2cp local socke
zlatinb I think if we want better adoption we should have i2psnark with embedded router
zlatinb if I ever decide to port muwire to android it will ship with an embedded router
zzz disagree zlatinb. with Android intents, a i2psnark app will launch the router app. that's the way it's designed
zzz no app should embed the router
zlatinb making the user install two apps is a major hurdle
zzz not that major
orignal so you want to leave I2CP as "internal" I2P protocol?
eyedeekay I don't care if they embed the router, I just don't want them to start a new one if one is already there
zzz orignal, what do you plan to do in the i2pd android app?
zlatinb I think it is. Ofc it's possible to first check if an existing router is available if such thing is possible on android
zzz yes, with intents
orignal usually people use http proxy
orignal people use i2ptunnels for irc
orignal and gostcoin through SAM
zzz do you plan to enable i2cp on a 127.0.0.1 socket in i2pd android?
orignal that's the subject of discussion
orignal for now I use local sockets
orignal but as you said it will never work
orignal and that's why it didn't work with Bote
orignal because different deleopers
orignal so for me no worth to use local sockets at all for I2CP
orignal either exlude it completely
orignal of listen 127.0.0.1
zzz str4d decided to use local sockets for security. then the permissions model changed and now needs the same developer
zzz but the security model hasn't changed for regular sockets. I still think it's a bad ide
zzz idea
orignal anyway the result is that I2CP would never work for i2pd-android
orignal is there are way we can add some authenication to I2CP?
zzz for starters, we need to know for sure if the biglybt android app supports i2p
eyedeekay It does turn Android into a walled-garden scenario at best, but the obvious solution is to give the user an option to enable it
zzz i2cp supports username/password
zzz as does sam
orignal then what's a question
orignal we should require it for android and that's all
orignal btw, is there standalone build of i2psnark for android?
eyedeekay zzz BiglyBT has a buried option to use I2P, it's under an advanced-mode checkbox then buried at the bottom of a "Network Config" menu
eyedeekay No there isn't
zzz no orignal there is no i2psnark for android, standalone or not
zzz eyedeekay, does android enable username/password for SAM by default, with randomly generated defaults?
eyedeekay No it does not
zzz I'm trying to find where we had this discussion about sam on android. maybe a trac ticket or gitlab MR or issue. would have been two years ago?
eyedeekay Making it so would be OK, probably not in the next 4 days though
eyedeekay It was on zzz.i2p IIRC
orignal how difficult to build it?
zzz orignal, there's no code for it
zzz no UI at all
orignal eyedeekay turkmen has found that item and was able to trun it on
orignal but it seems it's just desktop plugin
orignal zzz, it's Java code
orignal I don't understand the problem
orignal you mean there is no main activity or what?
zzz orignal, the desktop UI is HTML on top of jetty, but there's no jetty web server on android
eyedeekay found it: zzz.i2p/topics/2988?page=1#p16213 #22 was my analysis
eyedeekay For SAM
orignal I see now
zzz you'd have to write a native UI from scratch, or hack it on top of webview
orignal you need jetty
zzz correct
zzz or port it to webview
zzz good find eyedeekay
orignal webview is a good idea
orignal we use it in i2pd android
zzz i think snark would look like crap in a webview, it's designed for a wide screen
zzz you'd have to completely rewrite the css
orignal we need a hedaless version
eyedeekay That's an interesting idea
orignal just with config files
orignal then how I2P works for android without Jetty?
zzz I've said this for 10 years: It might be easier to take an existing torrent android app and adopt it for i2p
zzz than to add a native UI on top of snark
eyedeekay I was thinking a notification area icon and an RPC interface, all but one of the exising torrent clients on android are actually RPC clients talking to remotes by default anyway
zzz orignal, i2p android has a native UI. No HTML anywhere
orignal let me formulate differently
orignal how has implemented I2P UI for android?
orignal and why it's not possible to do the same for snark?
eyedeekay It's possible, just extensive
zzz native. I did it, then str4d worked on it
zzz correct. possible? definitely. easy? No
orignal I think it was more work than fort snark
zzz our android UI is very simple
orignal it;s not easy
orignal but this about demand
orignal people want to use torrents on android
zzz we need to find somebody to do the work. it's not going to be me
orignal just asking
zzz who is your android guy?
orignal so what's your recommendation?
eyedeekay The path of least resistance is still pretty much XD in a webview the way I did BRB, that way you only need SAM
zzz Nurp?
orignal he is Hypnosis now
zzz got it
zzz eyedeekay, there's an XD android app?
orignal do you think we should exlude I2CP for android or swith to 127.0.0.1?
orignal XD is go
eyedeekay Yes, not sure if maintained
orignal it could be build for android easily
zzz so isn't XD the answer then, if it still works?
eyedeekay Even if it doesn't it's probably easy to fix, just a sec I've got the repository bookmarked
zzz orignal, I suggest you read the discussion at zzz.i2p/topics/2988?page=1#p16213 before making a decision
orignal will do
eyedeekay Shoot I guess I don't have it bookmarked anymore
zlatinb psi's gh handle is majestrate
zlatinb if I ever port muwire to android it's going to be with a native UI
zzz I don't see a lot of answers to the possible security issues. I don't see that I ever said yes. That's why I'm thinking I just lost the argument to eyedeekay
orignal zlatinb btw how aout muwire for android?
zzz but I really don't remember
orignal another use case
zlatinb orignal: someone needs to want to write a GUI, the core should work
orignal but same problem with I2CP
zlatinb no, because I'll include an embedded router :-P
zzz boooooooooo
zzz don't do it
orignal a bad idea
zlatinb unless it's *really* easy to use intents to launch an external one, embedded it will be
zzz not really feeling like you're listening to my points on this
orignal more more people have a phone only
zzz but it's hypothetical only so I'll let it go
zlatinb I already use embedded for desktops so the code is written
zzz eyedeekay, orignal, can you two please test XD-android with i2pd and java i2p and report back next week on whether it's a good solution?
orignal if I knew how to build it for android ))
eyedeekay I dunno I kinda wanna go with zzz on this one zlatinb, it's probably not a huge deal on a Pixel but on a 50 dollar samsung burner it starts to get obstructive
orignal do you know who is wipedlefipotato?))
eyedeekay No idea
zzz sounds familiar
zlatinb eyedeekay: what about an embedded router is a big deal? If intents work as you say they do it's just larger apk download by a few megs
zzz well, if we don't trust the author, then it's not a solution, no need to test
eyedeekay Bummer, glad I knew in advance
eyedeekay well, found out
eyedeekay thanks orignall
zzz unless you want to audit the code
eyedeekay It's having both of them running at the same time that seems to cause problems
orignal I would prefer to build psi's XD
eyedeekay It's straightforward to turn psi's XD into a .aar and turn it into a library, I can re-do it in a weekend
zzz getting late, anything else on 2) ?
eyedeekay Nothing from me
zzz happy valentines day, I love you all :)
eyedeekay Thanks zzz, <3
zzz 1722 lines of code in XD android, 1182 of which is some ini file editor. that leaves only 650, easily auditable, should you care to build it yourself
zzz looks like just a webview UI
zzz zlatinb, re: intents, I believe that the intent will bring the user directly to the play store i2p app install dialog if the router app isn't installed
zzz it's all done for you, it's part of the client-side lib
zlatinb that kind of sucks actually
zlatinb is there a way to just test if an app is installed without going to the play store?
zlatinb don't worry about it for now, if I ever decide to learn android UI then I'll look into it carefully
zlatinb and it may not be possible at all (w/o a Great Rewrite) because the core uses some dynamic language features of Groovy
zzz see lib/helper/src/main/java/net/i2p/android/ui/I2PAndroidHelper.java in i2p.android.base
zzz I don't believe there's a general-purpose way to see if an app is installed
zzz unless it has a Service, then you attempt to bind to it
zzz the general-purpose way sounds bad for privacy, doesn't sound like it should be allowed, but I'm just guessing here
zzz you can certainly test by deleting the router app and then trying to start bote to see the workflow