dr|z3d
zzz: no, not seeing that error on a router with 4 days uptime, ipv4/6 enabled.
zzz
ok, thanks
dr|z3d
it's got a vaguely familiar smell to it, so I may have seen it before. but it's not coming up on the router I'm looking at. error class logs are persistent in the console, so I'd see it if it was there.
dr|z3d
unsupported address could be either yggdrasil or localhost?
dr|z3d
actually, I think I may have been seeing that error, one sec. I downgraded it from ERROR to WARN.
dr|z3d
yeah, not in the logs, they're only configured on that box for errors, but the fact I downgraded that error a while back suggests I was seeing it frequently enough.
dr|z3d
Seeing a bunch of warnings about no peers, despite having plenty: "No peers to put in the new tunnel! selectPeers returned null.. boo! hiss!"
dr|z3d
actually, disregard that.
dr|z3d
Plenty of "Received CORRUPT SessionConfirmed" on that router, though, at a rate of approx 1/s it looks like.
zzz
I was just looking for a reproduction of my issue, not looking to help you fix all the warnings in your log... :)
obscuratus
zzz: I'm seeing that error, but it came during a fairly narrow window.
zzz
if it were me, I'd file a ticket before changing an error to a warn, but you do you :)
zzz
my rate is 10/week
zzz
does nobody file tickets anymore?
dr|z3d
you do, apparently :)
obscuratus
I don't see any "Error in the estabisher" errors on my testing network.
dr|z3d
I figured invalid address was a reference to either localhost or possibly yggdrasil, didn't think the issue was serious enough to merit ERROR class which, as I've just said, now remains persistent in the console for +. No sense worrying the user unduly.
obscuratus
zzz: I had to snicker at #417. I had explainations for that in my commits, but the GitLab merges just kind of discarded that.
zzz
well, I assigned it to myself to investigate, doesn't look right
dr|z3d
I vaguely recall consulting java docs to get a better idea of what was causing the error, and iirc, localhost was suggested as the prime suspect.
zzz
I'm glad idk did squash because it's better than 168 revs going back 3 months imho
zzz
obscuratus, I'm sure there was a reason, so please comment in the ticket
zzz
imho there needs to be damn good reasons to break the API (see #402)
zzz
if 417 is funny it's the only one...
orignal
I want your opinion if it's a good idea or you might have something better in mind
orignal
about "writing up" you know me ))
dr|z3d
it's a relatively simple proposal, orignal, shouldn't take more than 5m to sketch it out in a document.
zzz
well...
zzz
I'm not sure the attack is very worrisome... maybe yes, maybe not. I've also forgotten a lot of the discussion. So for now... "maybe"
zzz
for the solution, there's lots of ways to do it, there are backward-compatibility issues possibly. Do we need a flag? Could we just change some HKDF to include the hash in the calculation rather than putting the actual hash in the handshake?
zzz
should the protocol change be in the SessionRequest where bob checks it, or in the SessionReply where alice checks it?
zzz
so the answer for your proposed solution is also "maybe"
dr|z3d
I think the attack is probably more severe than you give it credit for.
dr|z3d
Or maybe I'm thinking of a parallel attack where a router spoofs another router's id. I can't remember. What I do recall is seeing a ton of routers all claiming to be me.
zzz
sure, just saying I don't remember the details and somebody needs to write it down what we're trying to do
dr|z3d
I don't disagree, it's been long enough that the details are a little hazy here, too.
zzz
and if anybody is trying to trick me into writing the proposal it's not going to work :)
dr|z3d
you and your trickery paranoia *chuckle*
dr|z3d
orignal, sort it. don't be lazy. :)
dr|z3d
get chatgpt to do it for you if you must, just get it done :)
zzz
oh gosh not AI proposals (((
orignal
zzz, the nature of attack was
zzz
anyway, as I said above there's alternate solutions that don't add 35 bytes to the handshake. Are they better? dunno.
orignal
we considered fake floodfills reqachable
orignal
because we could connect to that address by SSU2
orignal
actually to a real floodfill, but we didn't have a way to know
orignal
ofc I have made a change to not rely on Alice's SSU2 connection
orignal
but this is just a workaround and not a complete solution
orignal
dr|z3d it would take 5 minutes in Russian, but not English
dr|z3d
do it in Russian, orignal, I'll handle the rest.
orignal
ok. will do ))
zzz
right. so I've forgotten 99% so even if I told you "good idea" today, you shouldn't believe me. Either spend the time to write up a nice proposal covering all the issues, or don't
zzz
just don't half-ass it. do a good job so everybody can understand all the issues and make a smart decision
dr|z3d
yeah, make sure it's a well written document (in Russian) orignal, or no chocolate covered potato chips for you. ;)
orignal
you could say it because this attack was without you
zzz
sure but you also have to explain it to everybody else
orignal
I assumes I discussed it with idk and not you
orignal
honesly I tried
zzz
no proposal is 5 minutes. It takes weeks of work.
orignal
Blinded message
orignal
simple speaking nobody cared
zzz
he told me it was a "good idea" and you agreed to write the proposal in June, so I don't know why you waited for me
zzz
afaik idk is waiting for you
dr|z3d
we had this discussion last week, orignal, before zzz teleported here, remember? :)
dr|z3d
And long before that.
dr|z3d
I told you that if you were waiting on zzz, to have a written proposal ready. :)
orignal
don't cheat youself you know why
orignal
"orignal" and "proposal" are less compatible words ))
zzz
there's no guarantees that a "good idea" stays good, orignal has changed his mind after I wrote something up and cost me weeks of work, it happens
orignal
what was that? I don't remeber
zzz
ok but somebody has to step up
zzz
I don't remember either, maybe some SSU2 subsection. Not holding a grudge, we're allowed to change our minds :)
zzz
actually, iirc it was the new TBM proposal where we thrashed back-and-forth a while
orignal
yes and I remember why
zzz
:) sometimes "good" ideas become fugly babies when you write them down...
orignal
and if we are talking about TBM
orignal
it's time to think about chacha for tunnel messages
zzz
sure, the cost/benefit analysis will be interesting
zzz
but as of today, the proposal for the streaming change 6 months ago still isn't done (((
orignal
whar was that?
orignal
you mean to verify Bob's ident?
zzz
the replay attack fix putting the hash in
orignal
yes
orignal
I have implemented it even in February
zzz
and
orignal
I remeber one day I tried to wirte a proposal
orignal
and produced so many grammar mistakes that had to give up ))
eyedeekay
Write it in Russian and post it somewhere, I have somebody who offered to help translating it
orignal
lol
obscuratus
eyedeekay: Re: pickRandomFloodfillPeers(): I've been running without any RI in my client netDb for a while now. I assume you have also? Do you still anticipate a need for this method?
obscuratus
If it turns out our client netDb actually do need their own RI, it would probably entail several other considerations also.
eyedeekay
No I don't think we'll need it anymore