orignal
we use AES instead elligator
orignal
that was added later
orignal
Basically Noise is just mane calls of HDF
orignal
that's basically HMAC over sha256
zzz
same thing 1 hour ago with 2RRY, never got any acks
zzz
please paste logs of the acks you sent
orignal
I will add logging for ack
orignal
haven't update 2RRY for few days
zzz
ok, standing by
orignal
do you want me to print all Ack block I send?
orignal
but it will be a lot
orignal
interesteing
orignal
SSU2: SessionConfirmed part 1 AEAD verification failed
orignal
it was around 1.5 hours ago
orignal
if it was yours the reason is clear
orignal
and then SSU2: Unexpected message type 240 instead 2
orignal
that makes sense
orignal
I will add termination
orignal
for this case
zzz
you keep saying you send the acks when I send retransmitted session confirmed, and data messages, but I never get any
zzz
but if you're not logging it, are you just guessing?
orignal
but today's case is different
zzz
not from my side, looks the same
orignal
today I have veru clear error
zzz
6:40:55 our time is when the handshake was
zzz
interesting
orignal
yes, 6:40:55
orignal
I guess I sent acks because I don't see error
orignal
today I cleary this the error about AEAD
orignal
*see
orignal
and today's case have clear explanation
zzz
obviously if session confirmed has AEAD error, nothing else is going to work
zzz
you can't send a termination, you don't have keys
zzz
you can fail, or retransmit session created, or wait for my retransmit of session confirmed
orignal
but I can send SessionCreated with termination block
zzz
yeah but I won't be able to decrypt it
orignal
but I was waiting for your retransmit and it also failed
orignal
<orignal> and then SSU2: Unexpected message type 240 instead 2
orignal
maybe becuase wrong Noise state
orignal
I need to check
zzz
you don't have the keys to send a different session created message either... you'd have to roll back the handshake state
orignal
the question is what caused this AEAD fail
zzz
right
orignal
better oto wait for retransmit I guee
orignal
and rollback Noise state
zzz
yeah you've already mixHash()ed the header, so you're basically screwed
orignal
please check your side
orignal
about AEAD error
orignal
it seems coming from Java only
zzz
no I've never had an AEAD error
zzz
in session confirmed
orignal
it looks like after your rfecenet change
orignal
yeasterday's
zzz
no, this has been happening all along
zzz
found a different problem from R4SAS routers:
zzz
log-router-3.txt:07-12 10:45:03.438 WARN [ handler 1/1] sport.udp.EstablishmentManager: Corrupt Session Confirmed on: IES2 62.210.85.80:24768 lifetime: 31ms Rcv ID: 4033744011722190256 Send ID: 1970155895367655394 IB_STATE_CREATED_SENT
zzz
log-router-3.txt-java.security.GeneralSecurityException: No RI in Session Confirmed
orignal
I mean AEAD
orignal
no RI is SessionConfirmed?
orignal
I will check
orignal
just no RI block?
zzz
thats right. session confirmed had only one block in it, not logged, maybe padding only?
zzz
ummm here's a problem
zzz
Router: gpUBQf-76CJFzCx7aIP2RuXFc7oUn3E0OCrydF8eqSo=
orignal
what?
zzz
nope, never mind, not that one
orignal
I don't see this problem in my logs
zzz
seen with YXEA and one other router
orignal
questuin about SessionConfirmed
zzz
BpAT is the other
orignal
when you rettans what packet num do you use?
orignal
1 or 2?
zzz
session confirmed is retransmitted as-is, packet number 0 always
zzz
has to be that way, or else the mixhash() and key agreement would not work
orignal
sorry I meeant nonce
orignal
for part 1
orignal
do you know what was his RI lenght?
zzz
everything is exactly the same, the packet must be transmitted as-is, header and payload and everything
orignal
then it's not the case
zzz
there was no RI block )))
orignal
yes but you see files in netdb
orignal
I still didn't implement split
zzz
I don't know what his RI size is when gzipped by i2pd, or what MTU you're assuming, so I can't answer
zzz
but you don't do split RI yet ????? !!!!!!!!!
orignal
no )))
orignal
I only merge from you
orignal
was going to implement it but forgot
zzz
maybe your merge has a bug and that's why the session confirmed is failing AEAD
orignal
no
orignal
because otherwise you wouldn't be able to connect
orignal
but you are connected even now
zzz
RI size isn't constant
orignal
do you send two fragments now?
zzz
I'm not logging # of fragments right now, don't know
orignal
1459
orignal
your RI now
orignal
and BpAT is 1557 ))
orignal
at least we know what his problem is
zzz
will log # of fragments to see if it correlates
orignal
strage that you don't see this problem with 2RRY
orignal
because it's 1503
orignal
as I said no frags in SessionConfirmed
orignal
but I do compression
zzz
2RRY is on the list I posted yesterday
zzz
for the retx issue
zzz
but only seen BpAT and YXEA for the missing RI issue
zzz
let me check other router
zzz
only BpAT
zzz
here's a new one from YXEAX:
zzz
07/11 19:51:05.601 INFO [ handler 1/1] ort.udp.InboundEstablishState2: Got token request from: /[2001:470:1f13:e56:0:0:0:32]:17971
zzz
07/11 19:51:05.618 INFO [ handler 1/1] ort.udp.InboundEstablishState2: Got session request after retry from: /[2001:470:1f13:e56:0:0:0:32]:17971
zzz
07/11 19:51:05.659 WARN [ handler 1/1] outer.transport.udp.PeerState2: Bad encrypted packet:
zzz
java.security.GeneralSecurityException: Data payload error
zzz
Caused by: net.i2p.data.i2np.I2NPMessageException: Corrupt compressed routerInfo size = 954
zzz
Caused by: java.io.EOFException: EOF after reading 0 bytes of 64 byte value
zzz
it was completely missing the signature in the RI
zzz
actually, not sure who that was from, will need to adjust logging
orignal
I will implement split
orignal
let me investigate compression issue
zzz
ok. may or may not be i2pd, didn't get logged
orignal
I meant outgoing session from 2RRY
orignal
how does it send SessionConfirmed
zzz
ok
orignal
do you use max compression level?
zzz
i think so, yes
orignal
I use default
orignal
probably 5
orignal
will change to 9
zzz
i have some test results on that, let me look
zzz
9 is 30% slower, 2.5% smaller than 5
zzz
5 is 15% slower, 1.5% smaller than 3
zzz
3 is my default but I use 9 for RI in session confirmed
orignal
I usually use 0 where compression is required
orignal
but here I will set to 9
orignal
for SessionConfirmed, PeerTest and RelayIntro
zzz
ok, re-enabled my code to make my RI huge, and immediately had a failure with i2pd k8vhnd
orignal
good point
orignal
I wiill check
zzz
07-12 16:09:02.394 DEBUG [ Establisher] rt.udp.OutboundEstablishState2: Sess conf pkt 0/2 bytes: 1452
zzz
07-12 16:09:02.394 DEBUG [ Establisher] rt.udp.OutboundEstablishState2: Sess conf pkt 1/2 bytes: 210
zzz
07-12 16:09:02.394 DEBUG [ Establisher] rt.udp.OutboundEstablishState2: Send confirm packets, nextSend in 3000 on OES2 k8vhnd [2a06:a004:f0b8:0:0:0:0:2]:10143 lifetime: 130ms Rcv ID: 6290103009140556641 Send ID: -2766679158290681386 OB_STATE_CONFIRMED_COMPLETELY
zzz
07-12 16:09:03.396 INFO [acket pusher] outer.transport.udp.PeerState2: ReTX Sess Conf on [2a06:a004:f0b8:0:0:0:0:2]:10143 k8vhnd OB2 recvAge: 1002ms sendAge: 52y sendAttemptAge: 1002ms sendACKAge: 1002ms lifetime: 1002ms RTT: 67 RTO: 1000 MTU: 1280 LMTU: 1500 cwin: 3840 acwin: 3709 SST: 524288 FRTX? false consecFail: 0 msgs rcvd: 0 msgs sent: 1 pkts rcvd OK/Dup: 0/0 pkts sent OK/Dup: 1/0 IBM: 0 OBQ: 0 OBL: 1
zzz
theyRelayToUsAs: 1864394615
orignal
but I hope it doesn't exceed 3K
zzz
can't remember but I think I reduced it to be sure it was under that
orignal
because I have 3K max now
zzz
going to enable it on my other router too so you get a double blast
zzz
this is strange because we tested it before. will be interesting to see what broke
zzz
already hit 3PYq, bAU~, ImQC also
orignal
maybe I have broken something recently
zzz
now tXc6
zzz
so get ready with your logging, it will get to you soon
orignal
but it will tell nothing for now
orignal
I see the issue
orignal
fragments don't fit buffer
orignal
I will fix
orignal
in 15 mintes
dr|z3d
you should hire orignal, zzz, he charges by the mint :)
orignal
what?
dr|z3d
lost in translation again *sigh*
orignal
no
orignal
just busy
dr|z3d
oh, well, don't mind me, I was just trying to be amusing. :|
orignal
dr|z3d look at that code ))
orignal
I should be fired from everywhere for this
zzz
lol
orignal
returned pounter to a local buffer
orignal
childish mistake
orignal
fixed
zzz
shit happens
zzz
good job
zzz
lets see how it goes
zzz
R4SAS, please update your routers
orignal
I told everybody already
zzz
ok
orignal
now time to fix sending
orignal
there is no ih in your RI anymore. why?
R4SAS
updated bunch of routers
zzz
thanks R4SAS
zzz
orignal, having trouble making connections because of my big RI :)
orignal
even with Java?
orignal
-Akx: 81.7.18.46 => [1912:15261]
orignal
And I see you connected
orignal
incoming conniction
zzz
no, no problems with java, but I can't publish ih unless I have SSU2 introducers :)
zzz
not guaranteed 100% of the time
orignal
but you said you can't connect
orignal
yes I understand you can't connect to i2pd due that bug
zzz
I have about 5 connections right now, none of them are introducers
orignal
how is it possible?
orignal
<orignal> -Akx: 81.7.18.46 => [1912:15261]
orignal
it's not an introducer because you didn't request relay tag
orignal
that makes sense becaus it's ipv4 only
zzz
right, I'm only v6 firewalled
zzz
will review the logs and see how things look in the morning
orignal
but my question is
orignal
if you use ipv4 connection as ipv6 introducer or not
orignal
-Akx: [2a02:180:2:92:92:92:11:15] => [1739:669] [itag:1472016776]
orignal
on 2RRY
orignal
why it was disconneted?