Changeset a895bcc


Ignore:
Timestamp:
Jul 1, 2018 1:42:59 PM (2 years ago)
Author:
zzz <zzz@…>
Branches:
master
Children:
9ac3157
Parents:
eff0cac
Message:

NTCP2: Adjust padding defaults and size calculation
Rekey static after 30 days downtime

Location:
router/java/src/net/i2p/router/transport/ntcp
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • router/java/src/net/i2p/router/transport/ntcp/NTCPConnection.java

    reff0cac ra895bcc  
    198198    static final int REASON_S_MISMATCH = 16;
    199199    static final int REASON_BANNED = 17;
    200     static final int PADDING_MIN_DEFAULT_INT = 1;
    201     static final int PADDING_MAX_DEFAULT_INT = 2;
     200    static final int PADDING_MIN_DEFAULT_INT = 0;
     201    static final int PADDING_MAX_DEFAULT_INT = 1;
    202202    private static final float PADDING_MIN_DEFAULT = PADDING_MIN_DEFAULT_INT / 16.0f;
    203203    private static final float PADDING_MAX_DEFAULT = PADDING_MAX_DEFAULT_INT / 16.0f;
     
    208208                                                                     DUMMY_DEFAULT, DUMMY_DEFAULT,
    209209                                                                     DELAY_DEFAULT, DELAY_DEFAULT);
    210     private static final int MIN_PADDING_RANGE = 64;
     210    private static final int MIN_PADDING_RANGE = 16;
     211    private static final int MAX_PADDING_RANGE = 128;
    211212    private NTCP2Options _paddingConfig;
    212213    private int _version;
     
    903904                min = Math.max(0, min - (MIN_PADDING_RANGE - range));
    904905                range = max - min;
     906            } else if (range > MAX_PADDING_RANGE) {
     907                // Don't send too much, no matter what the config says
     908                range = MAX_PADDING_RANGE;
    905909            }
    906910            int padlen = min;
     
    909913            if (_log.shouldWarn())
    910914                _log.warn("Padding params:" +
    911                           " size: " + size +
     915                          " data size: " + size +
    912916                          " avail: " + availForPad +
    913917                          " minSend: " + minSend +
  • router/java/src/net/i2p/router/transport/ntcp/NTCPTransport.java

    reff0cac ra895bcc  
    5252import net.i2p.router.util.DecayingHashSet;
    5353import net.i2p.router.util.DecayingBloomFilter;
     54import net.i2p.router.util.EventLog;
    5455import net.i2p.util.Addresses;
    5556import net.i2p.util.ConcurrentHashSet;
     
    133134    private static final int NTCP2_IV_LEN = OutboundNTCP2State.IV_SIZE;
    134135    private static final int NTCP2_KEY_LEN = OutboundNTCP2State.KEY_SIZE;
     136    private static final long MIN_DOWNTIME_TO_REKEY = 30*24*60*60*1000L;
    135137    private final boolean _enableNTCP2;
    136138    private final byte[] _ntcp2StaticPubkey;
     
    239241            byte[] iv = null;
    240242            String b64IV = null;
    241             String s = ctx.getProperty(PROP_NTCP2_SP);
    242             if (s != null) {
    243                 priv = Base64.decode(s);
     243            String s = null;
     244            // try to determine if we've been down for 30 days or more
     245            // no stopping, no crashes, and only one start (this one)
     246            EventLog el = _context.router().eventLog();
     247            long since = _context.clock().now() - MIN_DOWNTIME_TO_REKEY;
     248            boolean shouldRekey = el.getEvents(EventLog.STOPPED, since).isEmpty() &&
     249                                  el.getEvents(EventLog.CRASHED, since).isEmpty() &&
     250                                  el.getEvents(EventLog.STARTED, since).size() <= 1;
     251            if (!shouldRekey) {
     252                s = ctx.getProperty(PROP_NTCP2_SP);
     253                if (s != null) {
     254                    priv = Base64.decode(s);
     255                }
    244256            }
    245257            if (priv == null || priv.length != NTCP2_KEY_LEN) {
Note: See TracChangeset for help on using the changeset viewer.