Context Navigation

← Previous Changeset
Next Changeset →

Changeset 636016d1

Timestamp:

Feb 7, 2019 2:54:56 PM (17 months ago)

Author:

zzz <zzz@…>

Branches:

Children:

Parents:

Message:

NTCP: Add option to disable NTCP1 (ticket #2328)
Don't bid for outbound-only NTCP2 addresses
Fix NTCP2 cost when transitioning to inbound

Files:

: 6 edited

history.txt (modified) (1 diff)
router/java/src/net/i2p/router/RouterVersion.java (modified) (1 diff)
router/java/src/net/i2p/router/transport/TransportManager.java (modified) (8 diffs)
router/java/src/net/i2p/router/transport/ntcp/EstablishBase.java (modified) (2 diffs)
router/java/src/net/i2p/router/transport/ntcp/InboundEstablishState.java (modified) (3 diffs)
router/java/src/net/i2p/router/transport/ntcp/NTCPTransport.java (modified) (16 diffs)

Legend:

: Unmodified
: Added
: Removed

history.txt

-                      rb310c60
+                      r636016d1
+-02-07 zzz
+ * NTCP:
+   - Add option to disable NTCP1 (ticket #2328)
+   - Don't bid for outbound-only NTCP2 addresses
+   - Fix NTCP2 cost when transitioning to inbound
+-02-06 zzz
+ * Build: Add targets for alternate debian distros (ticket #2410)
+ * Crypto: Shortcut GroupElement representation conversion
+ * I2CP: Prevent use of repliable datagrams with offline keys
+-02-05 zzz
+ * Transport:
+   - Clean up unreachable() methods (ticket #2382)
+   - Speed up NTCP allowConnection() (ticket #2381)
+   - OutNetMessage cleanup (ticket #2386)
+   - SSU PacketHandler cleanup (ticket #2383)
+-02-04 zzz
+ * I2CP: Change format and message type of CreateLeaseSet2 message
 -02-03 zzz
  * I2CP:

router/java/src/net/i2p/router/RouterVersion.java

rb310c60	r636016d1
19	19	public final static String ID = "Monotone";
20	20	public final static String VERSION = CoreVersion.VERSION;
21		public final static long BUILD = 6;
	21	public final static long BUILD = 7;
22	22
23	23	/** for example "-test" */

router/java/src/net/i2p/router/transport/TransportManager.java

-                      rb310c60
+                      r636016d1
     private final DHSessionKeyBuilder.PrecalcRunner _dhThread;
     private final X25519KeyFactory _xdhThread;
+    private final boolean _enableUDP;
+    private final boolean _enableNTCP1;
     /** default true */
 …
     public final static String PROP_ENABLE_UPNP = "i2np.upnp.enable";
+    /** default true */
+    private static final String PROP_NTCP1_ENABLE = "i2np.ntcp1.enable";
+    private static final boolean DEFAULT_NTCP1_ENABLE = true;
     private static final String PROP_NTCP2_ENABLE = "i2np.ntcp2.enable";
     private static final boolean DEFAULT_NTCP2_ENABLE = true;
 …
         else
             _upnpManager = null;
+        _dhThread = new DHSessionKeyBuilder.PrecalcRunner(context);
+        _enableUDP = _context.getBooleanPropertyDefaultTrue(PROP_ENABLE_UDP);
+        _enableNTCP1 = isNTCPEnabled(context) &&
+                       context.getProperty(PROP_NTCP1_ENABLE, DEFAULT_NTCP1_ENABLE);
         boolean enableNTCP2 = isNTCPEnabled(context) &&
                               context.getProperty(PROP_NTCP2_ENABLE, DEFAULT_NTCP2_ENABLE);
+        _dhThread = (_enableUDP || enableNTCP2) ? new DHSessionKeyBuilder.PrecalcRunner(context) : null;
         _xdhThread = enableNTCP2 ? new X25519KeyFactory(context) : null;
+    }
 …
      *  Hook for pluggable transport creation.
+     *
+     *  @return null if both NTCP1 and SSU are disabled
      *  @since 0.9.16
      */
 …
     private void configTransports() {
-        boolean enableUDP = _context.getBooleanPropertyDefaultTrue(PROP_ENABLE_UDP);
         Transport udp = null;
         if (enableUDP) {
+        if (_enableUDP) {
             udp = new UDPTransport(_context, _dhThread);
             addTransport(udp);
 …
+        }
         if (isNTCPEnabled(_context)) {
+            Transport ntcp = new NTCPTransport(_context, _dhThread, _xdhThread);
+            DHSessionKeyBuilder.PrecalcRunner dh = _enableNTCP1 ? _dhThread : null;
+            Transport ntcp = new NTCPTransport(_context, dh, _xdhThread);
             addTransport(ntcp);
             initializeAddress(ntcp);
 …
     synchronized void startListening() {
         if (_dhThread.getState() == Thread.State.NEW)
+        if (_dhThread != null && _dhThread.getState() == Thread.State.NEW)
             _dhThread.start();
         if (_xdhThread != null && _xdhThread.getState() == Thread.State.NEW)
 …
     synchronized void shutdown() {
         stopListening();
+        _dhThread.shutdown();
+        if (_dhThread != null)
+            _dhThread.shutdown();
         if (_xdhThread != null)
             _xdhThread.shutdown();

router/java/src/net/i2p/router/transport/ntcp/EstablishBase.java

-                      rb310c60
+                      r636016d1
         _transport = transport;
         _con = con;
+        // null if NTCP1 disabled
         _dh = _transport.getDHBuilder();
         _hX_xor_bobIdentHash = SimpleByteCache.acquire(HXY_SIZE);
         if (_con.isInbound()) {
             _X = SimpleByteCache.acquire(XY_SIZE);
             _Y = _dh.getMyPublicValueBytes();
+            _Y = (_dh != null) ?_dh.getMyPublicValueBytes() : null;
         } else {
+            // OutboundNTCP2State does not extend this,
+            // can't get here with NTCP1 disabled
+            if (_dh == null)
+                throw new IllegalStateException();
             _X = _dh.getMyPublicValueBytes();
             _Y = SimpleByteCache.acquire(XY_SIZE);
 …
         SimpleByteCache.release(_curDecrypted);
         SimpleByteCache.release(_hX_xor_bobIdentHash);
         if (_dh.getPeerPublicValue() == null)
+        if (_dh != null && _dh.getPeerPublicValue() == null)
             _transport.returnUnused(_dh);
+    }

router/java/src/net/i2p/router/transport/ntcp/InboundEstablishState.java

-                      rb310c60
+                      r636016d1
         if (!_transport.isNTCP2Enabled())
             return 1;
+        if (!_transport.isNTCP1Enabled())
+            return 2;
         synchronized (_stateLock) {
             if (_state == State.IB_INIT)
 …
                     return;
+                }
+                if (remaining + _received < NTCP1_MSG1_SIZE) {
+                if (remaining + _received < NTCP1_MSG1_SIZE ||
+                    !_transport.isNTCP1Enabled()) {
                     // Less than 288 total received, assume NTCP2
                     // TODO can't change our mind later if we get more than 287
 …
                 return;
+            }
+            // TODO if NTCP1 disabled, we should allow longer padding
             if (_padlen1 > PADDING1_MAX) {
                 fail("bad msg 1 padlen: " + _padlen1);

router/java/src/net/i2p/router/transport/ntcp/NTCPTransport.java

-                      rb310c60
+                      r636016d1
     private static final int NTCP2_KEY_LEN = OutboundNTCP2State.KEY_SIZE;
     private static final long MIN_DOWNTIME_TO_REKEY = 30*24*60*60*1000L;
+    private final boolean _enableNTCP1;
     private final boolean _enableNTCP2;
     private final byte[] _ntcp2StaticPubkey;
 …
     /**
+     *  @param dh null to disable NTCP1
      *  @param xdh null to disable NTCP2
      */
 …
         _transientFail = new SharedBid(TransportBid.TRANSIENT_FAIL);
+        _enableNTCP1 = dh != null;
         _enableNTCP2 = xdh != null;
+        if (!_enableNTCP1 && !_enableNTCP2)
+            throw new IllegalArgumentException();
         if (_enableNTCP2) {
             boolean shouldSave = false;
 …
         for (int i = 0; i < addrs.size(); i++) {
             RouterAddress addr = addrs.get(i);
+            // use this to skip outbound-only NTCP2,
+            // and NTCP1 if disabled
+            if (getNTCPVersion(addr) == 0)
+                continue;
             byte[] ip = addr.getIP();
             if (!TransportUtil.isValidPort(addr.getPort()) || ip == null) {
 …
                     addNTCP2Options(props);
                     int cost = getDefaultCost(ia instanceof Inet6Address);
                     myAddress = new RouterAddress(STYLE, props, cost);
+                    myAddress = new RouterAddress(getPublishStyle(), props, cost);
                     replaceAddress(myAddress);
+                }
 …
                     addNTCP2Options(props);
                     int cost = getDefaultCost(false);
                     myAddress = new RouterAddress(STYLE, props, cost);
+                    myAddress = new RouterAddress(getPublishStyle(), props, cost);
+                }
                 if (!_endpoints.isEmpty()) {
 …
     net.i2p.router.transport.ntcp.Writer getWriter() { return _writer; }
+    /**
+     * @return always "NTCP" even if NTCP1 is disabled
+     */
     public String getStyle() { return STYLE; }
 …
     /**
+     * @return "NTCP" if NTCP1 is enabled, else "NTCP2"
+     * @since 0.9.39
+     */
+    private String getPublishStyle() {
+        return _enableNTCP1 ? STYLE : STYLE2;
+    }
+    /**
      *  Hook for NTCPConnection
      */
 …
     /**
+     *  @return null if not configured for NTCP1
      *  @since 0.9
      */
     DHSessionKeyBuilder getDHBuilder() {
         return _dhFactory.getBuilder();
+        return _dhFactory != null ? _dhFactory.getBuilder() : null;
+    }
 …
      */
     void returnUnused(DHSessionKeyBuilder builder) {
+        _dhFactory.returnUnused(builder);
+        if (_dhFactory != null)
+            _dhFactory.returnUnused(builder);
+    }
 …
         addNTCP2Options(props);
         int cost = getDefaultCost(false);
         RouterAddress addr = new RouterAddress(STYLE, props, cost);
+        RouterAddress addr = new RouterAddress(getPublishStyle(), props, cost);
         return addr;
+    }
 …
         props.setProperty("v", NTCP2_VERSION);
+    }
+    /**
+     * Is NTCP1 enabled?
+     *
+     * @since 0.9.39
+     */
+    boolean isNTCP1Enabled() { return _enableNTCP1; }
     /**
 …
             addr.getOption("s") == null ||
             (!v.equals(NTCP2_VERSION) && !v.startsWith(NTCP2_VERSION_ALT))) {
+            return (rv == 1) ? 1 : 0;
+        }
+        // todo validate s/i b64, or just catch it later?
+            // his address is NTCP1 or is outbound NTCP2 only
+            return (rv == 1 && _enableNTCP1) ? 1 : 0;
+        }
+        // his address is NTCP2
+        // do not validate the s/i b64, we will just catch it later
         return NTCP2_INT_VERSION;
+    }
 …
             newProps.putAll(oldAddr.getOptionsMap());
+        }
         RouterAddress newAddr = new RouterAddress(STYLE, newProps, cost);
+        RouterAddress newAddr = new RouterAddress(getPublishStyle(), newProps, cost);
         boolean changed = false;
 …
             if (ohost == null || ! ohost.equalsIgnoreCase(nhost)) {
                 newProps.setProperty(RouterAddress.PROP_HOST, nhost);
+                if (cost == NTCP2_OUTBOUND_COST)
+                    newAddr.setCost(DEFAULT_COST);
                 changed = true;
+            }
 …
                 _log.info("old host: " + ohost + " config: " + name + " new: " + name);
             newProps.setProperty(RouterAddress.PROP_HOST, name);
+            if (cost == NTCP2_OUTBOUND_COST)
+                newAddr.setCost(DEFAULT_COST);
             changed = true;
         } else if (ohost == null || ohost.length() <= 0) {

Note: See TracChangeset for help on using the changeset viewer.

Download in other formats:

To file a new ticket, you'll need to log in or create an account first.