#i2p-dev (irc2p) | 2.7.0-2

dr|z3d anything coming down the commit pipes, zzz? :)

zzz yeah if I can find my notes/scripts to test streamr to make sure I didn't break it

dr|z3d oh, great. so you're looking to be interoperable with orginal's implementation?

zzz zzz.i2p/topics/167 is the notes

dr|z3d caught the tail end of the conversation last night in #ls2

dr|z3d thanks for the link, will have a looksee.

zzz not trying to reimplement a dns tunnel (yet)

dr|z3d dns is an interesting proposition, either in conjunction with the existing DoH servers, or perhaps in future via a network consensus.

zzz the udp tunnel stuff is from 2009, based on welterde work in 2008, prior to I2CP ports

dr|z3d yeah, it's crufty and unloved

zzz its the basis for streamr (basically unused) and socks udp (unused and apparently very broken)

dr|z3d *nods*

dr|z3d socks functionality would be handy.

dr|z3d presumably as an extension of the http proxy client.

zzz so step 1 is to add support for i2cp ports, as any sophisticated application would require them to keep track everything

zzz think dns, or udp bittorrent announces, or socks or any thing other than one client talking to one server

dr|z3d sure, understood.

zzz zzz.i2p/topics/2468 is the udp tunnel thread

dr|z3d in the past I've tested a shadowsocks server/client setup over a server tunnel to get udp functionality. worked well enough with bittorrent, but a native solution's obviously infinitely better.

zzz every udp application is different, we're trying to provide enough of the building blocks and partial impl so the rest is easy

dr|z3d random aside: I'm mostly happy with the torrent edit section now, UI's mostly solidified: cake.i2p/file/9iirL9uyha_FHN9IqPLizkuzwzp73r5kvJWLjwMF9_sViIch9cLj/torrentedit.png

dr|z3d sure, it's a good plan. probably mumble is a good testbed, given that was orignal's motive, apparently.

dr|z3d motive/motivation

zzz yeah the topic yesterday was because we said 'we don't know how i2pd dns tunnel works and it's not documented; so we can't implement it'

zzz and orignal simply replied 'i2pd supports udp tunnels' (((

zzz so we got better answers yesterday

zzz i _think_ it mostly works the way I would do it, so that's good

dr|z3d *** chuckles. ***

dr|z3d as you know, you have to poke orignal for answers.

dr|z3d poke and peek. orignal's really a cpu masquerading as a developer :)

dr|z3d possibly of interest: github.com/dnsjava/dnsjava

dr|z3d also possibly of interest: github.com/drsjb80/JDNSS

dr|z3d both projects being actively developed.

zzz 1) we already use a dns lib for DoH; 2) a DNS i2ptunnel doesn't need to know anything about DNS, it's a passthrough

dr|z3d ok, the any dns tunnel option will essentially be a stub?

dr|z3d *so

dr|z3d that is, assuming a dns server(?) tunnel is on the cards.

zzz we don't have any confirmed plan to do a dns tunnel, I'm still not sure the application makes sense

zzz atm I'm just using the discussion as motivation to fix up our udp stub impls so it would be easier

dr|z3d fair enough. and I agree, as conceptually interesting as a dns server is, the use cases are less than obvious, though there may be some.

dr|z3d in-network dns consensus seems like it might be useful, but then again, it might be completely pointless :)

zzz its very russia-specific, and still not sure why DoH isn't a better solution

dr|z3d well, dns proxying is another level of anonymity, there's always that.

dr|z3d not so different to what Apple's proposing in one respect. shield the dns server from the client's request.

dr|z3d and with some sort of network consensus, you're leaving Tor's implementation in the dust, as you're not relying on a single (potentially dangerous) resolver.

zzz unless the application is a single-user server/client pair, it would be a single untrusted dangerous server, so again I don't really get the appeal

zzz and the latency would be annoying at best

dr|z3d you may be right, but it's an interesting concept, if nothing else.

dr|z3d 28Mb/s on a zero hop connection to outproxy, as measured by fast.com

acetone zzz: Hi. I have a bit question about headers in http proxy. What you means in "MYOB/6.66 (AN/ON)"?

dr|z3d that's the internal useragent, acetone

acetone yep, I unrestand it. But why "MYOB", "6.66" "(AN/ON)"?) What the words? :)

dr|z3d push your traffic through the http proxy tunnel (I2P/i2pd) and it'll replace your browser's useragent with that automatically to prevent browser profiling.

eyedeekay I

dr|z3d Mind Your Own Business.

dr|z3d aka MYOB.

dr|z3d 6.66, number of the beast. AN/ON, aka anonymous.

acetone dr|z3d: thanks

dr|z3d np

acetone beast's number))) holly shit

dr|z3d *** chuckles. ***

eyedeekay It's not completely effective in browsers, it's pretty easy to find the user-agent from other sources without the header

eyedeekay Safer usually to spoof it at the browser level in those cases

eyedeekay Javascript has no awareness of the tunnel, for instance, so either overriding the corresponding Javascript function or just blocking Javascript is necessary too

eyedeekay And even if the client blocks Javascript you can usually guess the UA if the screen is not letterboxed

eyedeekay Or privacy.resistFingerprinting=true/privacy.resistFingerprinting.letterboxing=true

dr|z3d how are the plugins coming along, eyedeekay?

eyedeekay 2 down, 3 to go, about to release Railroad as soon as I get the readme updated

dr|z3d nice

eyedeekay Railroad is a blog with side-by-side markdown editing/WYSIWYG output and compatibility with most themes from the Ghost blog, so I'm hoping that it will appeal to some bloggers who don't want to mess with files in eepsite/docroot

dr|z3d dynamic? what's on the backend? go?

eyedeekay Backend is in go, pages are generated dynamically but they correspond to actual markdown files, connections are set up with SAM

eyedeekay Has a webui, you set a password on the first run

eyedeekay Optionally the webui can be launched within a webview

dr|z3d of all the possible blogging platforms that are suitable for i2p, getpublii.com looks to me like the top dog.

eyedeekay Yeah you showed me that one the other day, I haven't had a chance to try it yet

dr|z3d I like the fact that it generates static content from a wordpress like admin UI, and has an importer for wordpress.

dr|z3d so potentially less avenues for possible exploitation.

eyedeekay That is handy, mirrors some of the reasons I picked the blog I did to make Railroad

eyedeekay Wordpress at this point just makes me nervous to look at

dr|z3d yeah, all too easy to lay yourself open to all manner of vulns with wordpress.. install this plugin, install that plugin.. sooner or later oh noes, zero day exploit for plugin appears!

dr|z3d separation of the front and backend definitely a good idea on i2p.

eyedeekay Or just static sites, even. jekyll+cron is a pretty good choice for people who can get it set up

dr|z3d yeah, but then you're talking about barriers to entry. most people want the simplicity of wordpress with the vulns.

dr|z3d *without

eyedeekay Yeah, that's the mark I'm hoping I can begin to hit with railroad

dr|z3d work on the assumption most people don't want to dirty themselves with html, markup, or css, then you've probably assessed the majority of i2p users :)

dr|z3d that said, for a minor investment in time to learn, bashblog will put out a decent blog.

dr|z3d re zzz.i2p/topics/3210 (console based torrent client), perhaps that's another thing to consider when building out the jsonrpc webapp.. terminal commands to control snark, in addition to commands to start/stop/restart tunnels.

zzz the rpc supports everything you need. pick your favorite client and have fun

eyedeekay Meeting in about ~30min, US folks mind the time change

eyedeekay Hi everybody, welcome to the December 7 meeting

eyedeekay 1) Hi

eyedeekay 2) 1.6.1 Release Status

eyedeekay 3) jpackage Update Status

eyedeekay 4) Monero Integrations

eyedeekay 5) New SAM Library

zzz hi

zlatinb hi

eyedeekay Hi zzz, hi zlatinb

eyedeekay Anybody else here today?

eyedeekay 2) 1.6.1 release status

eyedeekay Release 1.6.1 is available, the torrent is live, as are Debian/Ubuntu/Launchpad, Maven, GPlay, and our F-Droid

eyedeekay F-Droid's repository is still out of date, one of my tasks this week is to get our app working with their auto-build system again

eyedeekay Debian's repositories, as far as we know, aren't going to recieve our updates at this time, people who are using Debian packages should switch to deb.i2p2.de or deb.i2p2.no

eyedeekay The DMG bundle built by zlatinb has also been updated to 1.6.1 and is available on the mirrors and as an update

eyedeekay The exe bundle built by me is going to be up today, I had planned to do it yesterday but got bogged down in Windows updates so I'll do it this evening.

idk_afk Worst time for a slow IRC disconnect, my bad guys

eyedeekay OK I'm back

eyedeekay (03:06:40 PM) eyedeekay: According to stats.i2p about 20% of the network has updated

eyedeekay (03:06:47 PM) eyedeekay: Anything to add zzz, zlatinb?

zzz yes

zzz no sign of a biglybt update yet, hopefully that will come soon

zzz no user complaints yet

zzz echelon had trouble with a 1.6.1-2 dev build but we don't know why

zzz also, users of any i2p package version (current or older) may have a problem due to changing jetty9 dependencies

zzz if so, sudo apt install libservlet3.1-java manually

zlatinb re biglybt I heard from Parg earlier today regarding an unrelated matter so he is ok.

zzz may also affect bleeding-edge ubuntu jammy, not sure

zzz eot

zlatinb eot

zzz I mean debian/ubuntu package

zzz eot2

zzz this is on debian sid and maybe jammy only

zzz eot3

zzz will give him a few more days and then bug him

eyedeekay Thanks zzz, the package/dependency thing will probably bubble up on Reddit if it's a problem

eyedeekay I run sid on the day-to-day basis and haven't hit this one so far

zzz ref: bugs.debian.org/cgi-bin/bugreport.cgi?bug=997213

eyedeekay 3) jpackage Update Status

eyedeekay Partly covered this one already, zlatinb's dmg packages are up on the mirrors and listed on the site

eyedeekay I had some updates I needed to do to my Windows laptop so didn't get the exe builds done last night, got it out for after the meeting

eyedeekay I've flipped my news server over to publish zlatinb's new packages

eyedeekay I haven't heard from any users so far

zlatinb The dmg jpackage is at this point well-streamlined. We did an end-to-end test of the in-network update with 1.5.0->1.5.1 and that worked (but from the second try)

zlatinb 1 person has downloaded the torrent according to snark

zlatinb not much else to report on the mac jpackage, it basically works

zlatinb eot

eyedeekay Thanks zlatinb

eyedeekay 4) Monero Integrations

eyedeekay There was some renewed interest in getting Monero-over-I2P working automatically in the GUI wallets(like Feather in particular) over the thanksgiving holiday

eyedeekay We're doing some design mockups and analysis of the tradeoffs of different configurations over here:

eyedeekay github.com/monero-project/monero-gui/issues/2274

eyedeekay They're interested in adopting several things from us, including eventually our model for distributing software updates in-network

eyedeekay If anybody wants to participate in that discussion we're having it there mostly, and also on the Monero Matrix channel

eyedeekay Monero-Community

eyedeekay EOT

eyedeekay 5) New SAM library

zzz cool, I assume they've already looked at what bitcoin did for the low-level address protocols

zzz eot

eyedeekay Yes they have

eyedeekay The other cool thing that happened last week is the folks at diva.exchange have created a new SAM library for node.js/javascript in general

eyedeekay It's much more thoroughly and recently documented than the old one which is now unmaintained

eyedeekay Source is here: codeberg.org/diva.exchange/i2p-sam

eyedeekay NPM package is here npmjs.com/package/@diva.exchange/i2p-sam

eyedeekay Given how popular node is I'm giving it a bit of a signal boost, seems like everybody writes their webapps in node these days

eyedeekay eot

eyedeekay Anything else for the meeting?

zlatinb not from me

eyedeekay timeout 1,

eyedeekay 1m

eyedeekay OK then thanks zzz, zlatinb, next meeting will be Jan 4, 2022

eyedeekay I will post the logs shortly