IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#ls2
/2022/06/07
zzz not clear if the question was for simultaneous though
eyedeekay My take was that even if the app sometimes needed up to 1000 identities where identity~=destination, it's unlikely that a real-world user would be contacting all those identities simultaneously
eyedeekay So smarter management may cut down on the real-world overhead
zzz looked at peer test logs where I'm Bob
zzz alice i2pd and charlie i2pd: success
zzz alice i2pd and charlie java: charlie code 67 sig fail
zzz so we both need to double check the spec
zzz and I'm going to add sig checking at Bob to help track it down
orignal will check
orignal I think it's relay request message
zzz my bug, I was using alice hash in sig, but that's only for msgs 3 and 4
zzz you're not handling it yet as charlie? it looked right to me
orignal signatures?
orignal one sec
zzz peer test
zzz Alice i2pd FJ-F
zzz Charlie i2pd IMQc
zzz ^^ this one worked
zzz 06-07 12:24:25.092 DEBUG [ handler 1/1] .transport.udp.PeerTestManager: Got peer test msg: 1 status: 0 hash: null nonce: 1495682559 time: Jun 7, 2022, 12:24 PM ip/port: 185.244.29.91:18443 from 185.244.29.91:18443 FJ-Fcd IB2 recvAge: 27s sendAge: 27s sendAttemptAge: 27s sendACKAge: 27s lifetime: 27s RTT: 35 RTO: 1000 cwin: 5263 acwin: 5263 SST: 524288 FRTX? false consecFail: 0 msgs rcvd: 1 msgs sent: 1 pkts rcvd
zzz OK/Dup: 3/0 pkts sent OK/Dup: 2/0 IBM: 0 OBQ: 0 OBL: 0 state: null
zzz 06-07 12:24:25.092 DEBUG [ handler 1/1] .transport.udp.PeerTestManager: Send Alice RI and msg 2 to charlie on PeerTest 1495682559 IPv4 started Jun 7, 2022, 12:24 PM as BOB; Alice: /185.244.29.91:18443 Charlie: /2001:470:28:2e3:f8c5:3e90:3366:1bcd:30305; last send after 0; rcvd from Alice after 0; pkts relayed: 0
zzz 06-07 12:24:25.156 DEBUG [ handler 1/1] .transport.udp.PeerTestManager: Got peer test msg: 3 status: 0 hash: null nonce: 1495682559 time: Jun 7, 2022, 12:24 PM ip/port: 185.244.29.91:18443 from [2001:470:28:2e3:f8c5:3e90:3366:1bcd]:30305 ImQCa~ OB2 recvAge: 7m sendAge: 7m sendAttemptAge: 64ms sendACKAge: 64ms lifetime: 65m RTT: 59 RTO: 1000 cwin: 3376 acwin: 2270 SST: 2560 FRTX? false consecFail: 0 msgs rcvd: 4 msgs
zzz sent: 127 pkts rcvd OK/Dup: 134/0 pkts sent OK/Dup: 132/2 IBM: 0 OBQ: 0 OBL: 1 theyRelayToUsAs: 825018819 state: PeerTest 1495682559 IPv4 started Jun 7, 2022, 12:24 PM as BOB; Alice: /185.244.29.91:18443 Charlie: /2001:470:28:2e3:f8c5:3e90:3366:1bcd:30305; last send after 0; rcvd from Alice after 0; pkts relayed: 0
zzz 06-07 12:24:25.156 DEBUG [ handler 1/1] .transport.udp.PeerTestManager: Send Charlie RI to alice on PeerTest 1495682559 IPv4 started Jun 7, 2022, 12:24 PM as BOB; Alice: /185.244.29.91:18443 Charlie: /2001:470:28:2e3:f8c5:3e90:3366:1bcd:30305; last send after 64; rcvd from Alice after 0; rcvd from Charlie after 64; pkts relayed: 0
zzz 06-07 12:24:25.156 DEBUG [ handler 1/1] .transport.udp.PeerTestManager: Send msg 4 to alice on PeerTest 1495682559 IPv4 started Jun 7, 2022, 12:24 PM as BOB; Alice: /185.244.29.91:18443 Charlie: /2001:470:28:2e3:f8c5:3e90:3366:1bcd:30305; last send after 64; rcvd from Alice after 0; rcvd from Charlie after 64; pkts relayed: 0
orignal no, peer test is not implemented yet
orignal if (!s.Verify (r->GetIdentity (), buf + 47 + asz))
orignal LogPrint (eLogWarning, "SSU2: RelayIntro signature verification failed");
orignal return; // TODO: send relay response
orignal if you are talking about signatures
zzz this is peer test. all I know is I was bob and had i2pd on both sides, messages 1-4.
orignal for relays
zzz but I didn't check signatures
orignal what are we talking about? relays or peer tests?
zzz peer test
orignal peer test is not implemneted for Charlie yet
orignal remeber we dsicussed it yeserday
zzz you have messages 1-4 done?
orignal probably I send something back to Bob
zzz I got a message 3 back and it looked right
orignal I definitly don't check signature yet
orignal yes, message 3 works
orignal but signature was not checked
zzz so that's what I'm reporting :)
orignal I though you meant relays
zzz and reporting that I have a bug in signature checking for peer test, fixing now
orignal but you use i2pd for peer test without cap
orignal I mean it might lead to crash
orignal because I have incomplete code for it
orignal strange that router replied with msg 3
orignal because I have commited it yesterday tonight ))
orignal last commit
zzz not sure I check for cap, let me look
zzz ok, another bug, I got the 'B' cap from the SSU address, not the SSU2 address
orignal yes, I publish in SSU but not in SSU2 yet
orignal zzz, when Charlie find that Alice's endpoint from her RI doesn't match one from peer test what code should we send?
zzz its a good question
zzz for example, alice may not have any IP in her RI, if she thinks she's firewalled
zzz or it could be a different IP
zzz we can add another code if you want
zzz but in some cases charlie should accept it
orignal my question is
orignal which address is right? from message or from RI?
orignal the problem is
orignal I have enpoint in message but still need an address for intro key
zzz pick the address for v6 or v4
zzz should have code for that already, we do that in other places
orignal that's what I do
orignal but if there is an endpoint in address that doesn't match
orignal I'm sure which one is right
zzz if there's an IP, look for that, if not, look for 6 or 4 in the cap
orignal that's what I do
orignal but if there is IP and it's different from one in the message
zzz not sure
zzz maybe reject, maybe not
orignal I think we should use from message
orignal because RI might be outdated
zzz or could be testing a different ip
orignal while IP in message is current one
zzz but could be an attack also
zzz maybe should be rate limited if different
orignal also 6 and 7 are identifcal to 5 just different msg
zzz like if some attacker asked everybody to peer test putin's IP, 5 times a second
orignal attacker can publish RI with Putin's IP
orignal easily
zzz true, but routers will try it once or twice and then give up
zzz peer test is on-demand
zzz I need to look if I have any throttles now, don't remember
orignal yes, but he can flood with peer tests
zzz yes I have a throttle now. 12 per IP per 10 minutes
zzz that sounds way too high
orignal it's bad
zzz can always tweak it
orignal what if it;s floodfill?
orignal bunch of short connections
zzz I'll put it on my list to review it
orignal almost done with Charlie
orignal need to implemnt 6 and 7 but they are simple
zzz great. I'm still chasing bugs
orignal message 3 is complicated
orignal if I receive 5 before 4 should I wait for 4?
orignal because I don't know Charlie's hash from 5
orignal but I need intro key for 6
zzz from the spec:
zzz NOTE: As in SSU 1, messages 4 and 5 may arrive in either order. Message 5 and/or 7 may not be received at all if Alice is firewalled. When message 5 arrives before message 4, Alice cannot immediately send message 6, because she does not yet have Charlie's intro key to encrypt the header. When message 4 arrives before message 5, should not immediately send message 6, because she should wait to see if message 5 arrives
zzz without opening the firewall with message 6.
orignal so I have to wait 4 before sending 6
zzz correct
zzz ok the peer test signature is fixed and tested