Opened 6 years ago

Closed 6 years ago

Last modified 6 years ago

#812 closed defect (fixed)

Invalid previous peer - attempted hostile loop?

Reported by: killyourtv Owned by: zzz
Priority: major Milestone: 0.9.5
Component: router/general Version: 0.9.3
Keywords: Cc: killyourtv@…
Parent Tickets:

Description

In case it's a problem:

12/16/12 20:14:05.486 ERROR [P reader 3/4] i2p.router.tunnel.HopProcessor: Invalid previous peer - attempted hostile loop?  from [Hash: nOEayZBcfH7X2vhjmfe3miRgsYlNhOeiTMy4aV6XR1U=], expected [Hash: yyhQoIi9Ci2EY1Yez0fGsYCSZCfVcsmup3Bd5LHrHcM=]
12/16/12 20:14:05.720 ^^^ 2 similar messages omitted ^^^
12/16/12 20:14:06.187 ERROR [P reader 4/4] i2p.router.tunnel.HopProcessor: Invalid previous peer - attempted hostile loop?  from [Hash: nOEayZBcfH7X2vhjmfe3miRgsYlNhOeiTMy4aV6XR1U=], expected [Hash: yyhQoIi9Ci2EY1Yez0fGsYCSZCfVcsmup3Bd5LHrHcM=]
12/16/12 20:14:11.089 ^^^ 17 similar messages omitted ^^^

I2P version: 0.9.3-15
Java version: Oracle Corporation 1.7.0_03 (OpenJDK Runtime Environment 1.7.0_03-b21)
Wrapper version: 3.5.16
Server version: 6.1.26
Servlet version: Jasper JSP 2.1 Engine
Platform: Linux amd64 3.2.0-4-amd64

Subtickets

Change History (6)

comment:1 Changed 6 years ago by killyourtv

  • Cc killyourtv@… added

comment:2 Changed 6 years ago by zzz

  • Status changed from new to accepted

This occurs when you are in the middle or at the endpoint of a tunnel and you get a msg not from the previous hop. The message makes it sound like an attack, but what's more likely is we haven't tried as hard as we can to eliminate duplicate tunnel IDs and catch them intelligently when it does happen.

The tunnel IDs are 4 bytes. Routers with 2500 or more part. tunnels are pretty common these days. Due to birthday paradox the chance of dups is a lot higher than you might expect. According to http://en.wikipedia.org/wiki/Birthday_problem#Calculating_the_probability Probability Table first line (32 bits) chance of a dup is 0.1% with 2900 entries and 1% with 9300 entries. These probbailities are way way too high.

Originator picks tunnel IDs in BuildRequestor?.prepare() but do we catch and reject dups in BuildHandler?? Shouldn't we check for dups when creating the ID for our own IBEP? What happens when a TBM/VTBM comes in with the dup - does the BuildHandler? get it or is it sent to the HopProcessor? for the existing tunnel? BuildRequestor? may need to check the IBEP ID against all current and pending IDs. Ditto BuildHandler?.

So go through and evaluate all these issues, reduce chance of dups and catch them when they happen.

comment:3 Changed 6 years ago by zzz

  • Priority changed from minor to major

Work started. There's a few holes to be plugged, including vectors for trouble.

comment:4 Changed 6 years ago by zzz

  • Component changed from router/transport to router/general
  • Resolution set to fixed
  • Status changed from accepted to closed

Fixed in 0.9.4-3 cb5d3531cf62f6610e96f2c15f6aaa9ec3b60422

comment:5 Changed 6 years ago by killyourtv

Just spotted

ERROR [P reader 2/4] i2p.router.tunnel.HopProcessor?: Attempted mid-tunnel injection from [Hash: eTsEV3cCSzDJK28YEO7C32A773-IJuf~aBhorV8bVhg=], expected [Hash: Lz70Z3k0kwEmgLiU~gSvHyOHMI1kOccRU9dxXcpRgwU=]

comment:6 Changed 6 years ago by killyourtv

01/07/13 23:13:46.528 ERROR [P reader 3/4] i2p.router.tunnel.HopProcessor: Attempted mid-tunnel injection from [Hash: yNi7ki-h0lBs~u~F72ytSCxeDmg61J3iNqNrjqpyLtw=], expected [Hash: xWhY89VqlWQKjYd3Y5ZQ9mU8y5XMG1nAS9KmOV1Poh4=]
01/07/13 23:13:51.309 ^^^ 2 similar messages omitted ^^^
01/07/13 23:14:27.489 ERROR [P reader 2/4] i2p.router.tunnel.HopProcessor: Attempted mid-tunnel injection from [Hash: yNi7ki-h0lBs~u~F72ytSCxeDmg61J3iNqNrjqpyLtw=], expected [Hash: xWhY89VqlWQKjYd3Y5ZQ9mU8y5XMG1nAS9KmOV1Poh4=]
01/07/13 23:14:42.945 ^^^ 2 similar messages omitted ^^^
01/07/13 23:15:54.594 ERROR [P reader 1/4] i2p.router.tunnel.HopProcessor: Attempted mid-tunnel injection from [Hash: yNi7ki-h0lBs~u~F72ytSCxeDmg61J3iNqNrjqpyLtw=], expected [Hash: xWhY89VqlWQKjYd3Y5ZQ9mU8y5XMG1nAS9KmOV1Poh4=]
01/07/13 23:16:18.637 ^^^ 6 similar messages omitted ^^^
01/07/13 23:16:21.160 ERROR [P reader 1/4] i2p.router.tunnel.HopProcessor: Attempted mid-tunnel injection from [Hash: yNi7ki-h0lBs~u~F72ytSCxeDmg61J3iNqNrjqpyLtw=], expected [Hash: xWhY89VqlWQKjYd3Y5ZQ9mU8y5XMG1nAS9KmOV1Poh4=]
01/07/13 23:16:45.633 ^^^ 8 similar messages omitted ^^^
01/07/13 23:16:48.633 ERROR [P reader 1/4] i2p.router.tunnel.HopProcessor: Attempted mid-tunnel injection from [Hash: yNi7ki-h0lBs~u~F72ytSCxeDmg61J3iNqNrjqpyLtw=], expected [Hash: xWhY89VqlWQKjYd3Y5ZQ9mU8y5XMG1nAS9KmOV1Poh4=]
01/07/13 23:17:15.801 ^^^ 9 similar messages omitted ^^^
01/07/13 23:17:18.635 ERROR [P reader 4/4] i2p.router.tunnel.HopProcessor: Attempted mid-tunnel injection from [Hash: yNi7ki-h0lBs~u~F72ytSCxeDmg61J3iNqNrjqpyLtw=], expected [Hash: xWhY89VqlWQKjYd3Y5ZQ9mU8y5XMG1nAS9KmOV1Poh4=]
01/07/13 23:17:45.651 ^^^ 14 similar messages omitted ^^^
01/07/13 23:17:48.635 ERROR [P reader 4/4] i2p.router.tunnel.HopProcessor: Attempted mid-tunnel injection from [Hash: yNi7ki-h0lBs~u~F72ytSCxeDmg61J3iNqNrjqpyLtw=], expected [Hash: xWhY89VqlWQKjYd3Y5ZQ9mU8y5XMG1nAS9KmOV1Poh4=]
01/07/13 23:18:12.929 ^^^ 11 similar messages omitted ^^^
01/07/13 23:18:15.634 ERROR [P reader 3/4] i2p.router.tunnel.HopProcessor: Attempted mid-tunnel injection from [Hash: yNi7ki-h0lBs~u~F72ytSCxeDmg61J3iNqNrjqpyLtw=], expected [Hash: xWhY89VqlWQKjYd3Y5ZQ9mU8y5XMG1nAS9KmOV1Poh4=]
01/07/13 23:18:42.232 ^^^ 26 similar messages omitted ^^^
01/07/13 23:18:44.696 ERROR [P reader 1/4] i2p.router.tunnel.HopProcessor: Attempted mid-tunnel injection from [Hash: yNi7ki-h0lBs~u~F72ytSCxeDmg61J3iNqNrjqpyLtw=], expected [Hash: xWhY89VqlWQKjYd3Y5ZQ9mU8y5XMG1nAS9KmOV1Poh4=]
01/07/13 23:19:06.637 ^^^ 17 similar messages omitted ^^^
01/07/13 23:19:13.868 ERROR [P reader 4/4] i2p.router.tunnel.HopProcessor: Attempted mid-tunnel injection from [Hash: yNi7ki-h0lBs~u~F72ytSCxeDmg61J3iNqNrjqpyLtw=], expected [Hash: xWhY89VqlWQKjYd3Y5ZQ9mU8y5XMG1nAS9KmOV1Poh4=]
01/07/13 23:19:41.063 ^^^ 21 similar messages omitted ^^^
01/07/13 23:19:43.892 ERROR [P reader 4/4] i2p.router.tunnel.HopProcessor: Attempted mid-tunnel injection from [Hash: yNi7ki-h0lBs~u~F72ytSCxeDmg61J3iNqNrjqpyLtw=], expected [Hash: xWhY89VqlWQKjYd3Y5ZQ9mU8y5XMG1nAS9KmOV1Poh4=]
01/07/13 23:20:08.299 ^^^ 33 similar messages omitted ^^^
01/07/13 23:20:11.299 ERROR [P reader 2/4] i2p.router.tunnel.HopProcessor: Attempted mid-tunnel injection from [Hash: yNi7ki-h0lBs~u~F72ytSCxeDmg61J3iNqNrjqpyLtw=], expected [Hash: xWhY89VqlWQKjYd3Y5ZQ9mU8y5XMG1nAS9KmOV1Poh4=]
01/07/13 23:20:21.643 ^^^ 9 similar messages omitted ^^^

Note: See TracTickets for help on using tickets.