From 6fe9146f501b09fc9e3195c4484dcc117cf91b2b Mon Sep 17 00:00:00 2001 From: zzz Date: Tue, 6 Aug 2019 20:51:15 +0000 Subject: [PATCH 1/9] meeting 284 --- i2p2www/meetings/logs/284.log | 83 +++++++++++++++++++++++++++++++++++ i2p2www/meetings/logs/284.rst | 11 +++++ 2 files changed, 94 insertions(+) create mode 100644 i2p2www/meetings/logs/284.log create mode 100644 i2p2www/meetings/logs/284.rst diff --git a/i2p2www/meetings/logs/284.log b/i2p2www/meetings/logs/284.log new file mode 100644 index 00000000..20ebb5b9 --- /dev/null +++ b/i2p2www/meetings/logs/284.log @@ -0,0 +1,83 @@ +20:00:00 0) Hi +20:00:00 1) 0.9.41 release status remaining items (mhatta, nextloop) +20:00:00 2) 0.9.42 development status (zzz) +20:00:00 3) LS2 status (zzz) +20:00:00 4) I2P Browser "labs" project status (meeh) +20:00:00 5) Status scrum (zlatinb) +20:00:04 0) Hi +20:00:07 hi! +20:00:19 1) 0.9.41 release status remaining items (mhatta, nextloop) +20:00:46 within the last couple weeks, I see that mhatta did get 41 into sid, which is great +20:01:04 I talked to nextloop also, he didn't get 41 into fdroid, but somebody else did. +20:01:27 and nextloop promised to get back to doing f-droid going forward. super! +20:01:31 anything else on 1) ? +20:01:50 anybody else here? please say hi +20:01:58 hi +20:02:37 ok, one other. Hopefully everybody else shows up soon +20:02:50 2) .42 dev status +20:03:02 we're 5 weeks in, 3 weeks to go, 1 week to tag freeze +20:03:20 we landed the configuration splitting code I worked on with idk +20:03:58 lots of bug fixes; GMP 6.1.2; updated the debian files to work for buster +20:04:17 some ls2 fixes also +20:04:39 zlatinb, you want to mention what you're doing with your test net, and what it's yielded so far? +20:05:11 yes, so basically I set up a testnet with LXC containers +20:05:32 so far it has discovered one major bug around bloom filter usage and one minor ssu bug +20:05:58 been doing fine-tuning of different constants lately, but will put it to work to verify jogger’s patches/ideas +20:06:06 eot +20:06:23 that's really great, thanks +20:07:04 if we can get some minimal latency added in that would be even better, but it's been fun to find and fix some bottlenecks +20:07:15 anything else on 1) ? +20:07:30 woops, anything else on 2) ? +20:08:27 3) ls2 status +20:08:38 lots of progress in the last month +20:09:05 we've agreed to a small proposal, 147, to prevent test networks from cross-contaminating with the main network +20:09:12 that code will be in .42 +20:09:45 chisana has two proposals out, 152 and 153, to make tunnel building and tunnel encryption (respectively) more secure by using more modern encryption +20:10:14 we've talked about them a little, but haven't formally reviewed them yet +20:10:47 proposal 123 (LS2) continues to get some minor tweaks as we finish implementation and testing in the live network, but everything seems to be working well +20:11:26 the big one is proposal 144, new encryption. We're making slow but steady progress. We've been at it for maybe 9 months now? +20:11:58 there are still some major techincal issues to resolve before we can start test implementations +20:12:20 the biggest problem right now is finding enough of people's time to work things through +20:12:46 any questions on 3) ls2 and other proposals ? +20:13:47 ok, on to 4) I2P Browser labs project status +20:13:54 mikalv, what's the latest? +20:14:16 we're moving towards a integration with the i2p router itself, jlinked +20:14:38 on the i2pbutton side of this, we're more or less done, a few things left to fix +20:15:15 on the build scripts, we have to write it, since the devs has used a mocked extract of i2p jlinked where the browser starts it, for testing +20:15:48 what's the current beta version, and when will we see the next beta version? +20:15:52 beyond that we try to have at least two meetings a week to make it a real product and with clear goals +20:16:24 the current is still beta4, and I'm hoping to get beta5 out by the end of this week - if so, with the router embedded +20:17:27 I understand you've started a mailing list for it? would you like to announce it here or is it not ready yet? +20:18:09 sadie, zlatinb, anything you want to add about the browser +20:18:20 ? +20:19:36 anybody have any questions on 4) the browser? +20:20:21 anything else on 4) ? +20:21:10 5) scrum - take it away zlatinb +20:22:02 let’s do the scrum in parallel; in a few words - 1) what have you been working since last scrum 2) what you plan to work on next month 3) do you have any blockers or do you need help. Say “EOT” when done +20:22:34 me: 1) building a testnet, chasing bottlenecks 2) more testnet, will also take a look at jogger’s tickets 3) none really EOT +20:23:34 1) 41 release, config splitting code, bug fixes, proposals, planning for new encryption types, ls2 fixes +20:24:10 2) 42 release, bug fixes, proposals (especially research on new encryption issues), DEFCON +20:24:16 3) no blockers; EOT +20:25:18 I've been working mainly on the browser (including i2pbutton which now launches a router if found), I've also done huge improvements in my end for the outproxy, I've also started prototyping a solution for private outproxies which has so good speed I can actually use it for clearnet browsing on daily basis +20:25:53 and I've also put up mailinglists yes, which over I2P is found at https://lists.i2p/postorius/lists/ but also available from clearnet at https://lists.i2p.email/postorius/lists/ +20:26:20 anyone with constructive ideas, contribution, discussions and such are of course welcome +20:26:57 beyond that I've done some research into how we can accept creditcard donations, and how we also can sell shirs and such at the same time +20:27:10 EOT +20:27:12 noblock +20:28:14 guess that's it? zlatinb we'll leave it to you to flog the no-shows? +20:28:17 anyone else? if not scrum ends in 1 minute :) +20:28:27 ok +20:28:33 ScrumTimeoutException +20:28:41 lol +20:28:42 while we're in the 'grace period' - DEFCON! idk and I will be there this weekend! +20:29:04 Monero Village Friday afternoon, and Crypto/Privacy Village Saturday afternoon +20:29:22 workshop, q&a, and stickers both days. come say hello +20:29:57 re: outproxies, I'm going to put that on the agenda for next month, for sadie to give us a readout on what we're trying to do +20:30:06 anything else for the meeting? +20:30:52 oh, and Sadie will be presenting a paper at FOCI in San Jose next week! be sure to find her if you're there +20:30:59 nah, but I expect we got more for the browser/outproxy cases by next meeting +20:31:39 yeah, we don't have a good plan yet for either browser or outproxy. We have ideas and proofs of concept, but no plan +20:31:53 so will be good to see that come together +20:32:02 * zzz warms up the baffer +20:32:44 last baf of the summer, see you in september... +20:32:55 * zzz ****bafs**** the meeting closed diff --git a/i2p2www/meetings/logs/284.rst b/i2p2www/meetings/logs/284.rst new file mode 100644 index 00000000..70a94f8d --- /dev/null +++ b/i2p2www/meetings/logs/284.rst @@ -0,0 +1,11 @@ +I2P dev meeting, Aug. 6, 2019 @ 20:00 UTC +========================================= + +Quick recap +----------- + +* **Present:** + +mikalv, +zlatinb, +zzz From 7083beace54d6e13c6042adfe403c1be3f720799 Mon Sep 17 00:00:00 2001 From: hankhill19580 Date: Tue, 6 Aug 2019 20:59:04 +0000 Subject: [PATCH 2/9] add table to SAM documentation page, make cryptocurrency addresses scrollable textareas --- i2p2www/pages/site/docs/api/samv3.html | 173 ++++++++++++++++++-- i2p2www/pages/site/get-involved/donate.html | 12 +- i2p2www/static/styles/duck/default.css | 26 +++ 3 files changed, 187 insertions(+), 24 deletions(-) diff --git a/i2p2www/pages/site/docs/api/samv3.html b/i2p2www/pages/site/docs/api/samv3.html index dc197951..3768ba54 100644 --- a/i2p2www/pages/site/docs/api/samv3.html +++ b/i2p2www/pages/site/docs/api/samv3.html @@ -14,23 +14,158 @@ Older versions: SAM V2,

-

Version 3 Language Libraries

- +

Known SAM libraries

+ +++++++++ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
{% trans %}Library Name{% endtrans %}{% trans %}Language{% endtrans %}{% trans %}Version{% endtrans %}{% trans %}STREAM{% endtrans %}{% trans %}DGRAM{% endtrans %}{% trans %}RAW{% endtrans %}{% trans %}Site{% endtrans %}
i2psamC++, C {% trans %}wrapper{% endtrans %}3.1yesyesnogithub.com/i2p/i2psam
gosamGo3.2yesnonogithub.com/eyedeekay/goSam
sam3Go3.2yesyesyesbitbucket.org/eyedeekay/sam3
txi2pPython3.1yesnonogithub.com/str4d/txi2p
i2p.socketPython3.2yesyesyesgithub.com/majestrate/i2p.socket
i2plibPython3.1yesyesyesgithub.com/l-n-s/i2plib
i2p-rsRust3.1yesyesyesgithub.com/i2p/i2p-rs
libsam3C3.1yesyesyesgithub.com/i2p/libsam3
mooni2pLua3.1yesyesyesnotabug.org/l-n-s/mooni2p
haskell-a-l-iHaskell3.1yesyesyesgithub.com/solatis/haskell-network-anonymous-i2p
node-i2pJavascript3.0yesunkunkgithub.com/redhog/node-i2p
JsamJava3.1yesnonogithub.com/eyedeekay/Jsam
i2pdotnet.Net3.0yesunkunkgithub.com/SamuelFisher/i2pdotnet
i2p.rbRuby3.0yesnonogithub.com/dryruby/i2p.rb
+

Version 3 Changes

Version 3.0 Changes

@@ -52,7 +187,9 @@ can forward back I2P datagrams to the client's datagram server.

Version 3.1 Changes

-Version 3.1 was introduced in I2P release 0.9.14. +Version 3.1 was introduced in I2P release 0.9.14. SAM 3.1 is the recommended +minimum SAM implementation because of it's support for better signature types +than SAM 3.0.

  • DEST GENERATE and SESSION CREATE now support a SIGNATURE_TYPE parameter.
  • The MIN and MAX parameters in HELLO VERSION are now optional. diff --git a/i2p2www/pages/site/get-involved/donate.html b/i2p2www/pages/site/get-involved/donate.html index c92f390a..bd717297 100644 --- a/i2p2www/pages/site/get-involved/donate.html +++ b/i2p2www/pages/site/get-involved/donate.html @@ -28,18 +28,18 @@ the "Donate" edition. I2P funding is handled by meeh.{% endtrans %}
    that any other addresses not listed here are no longer valid. Please note that addresses may update and more coins may be added.{% endtrans %}

    -{% trans %}BTC Address{% endtrans %}: 3AtDiRUiyDHTSALRxsEZ7yqmB7piwaowaY
    +{% trans %}BTC Address{% endtrans %}:

    -{% trans %}LTC Address{% endtrans %}: MN55tu4y7UtdPXUk9WvCSfy4nGUW79DZpN
    +{% trans %}LTC Address{% endtrans %}:

    -{% trans %}ETH Address{% endtrans %}: 0xfC35D2225bA2739eCC5a1e50676a8DbC03569C27
    +{% trans %}ETH Address{% endtrans %}:

    -{% trans %}ANC Address{% endtrans %}: ANi2pB8RTeuWFf9wki6Ffiv9RJqioQydrH
    +{% trans %}ANC Address{% endtrans %}:

    -{% trans %}XMR Address{% endtrans %}: 447kucUDzM21jDxdmx7h2jFT4UT4PprD8EMjDk4Bc471gRGkbeZSfSPHcB7JtiumR7gNRJgKqf1dHa2T49nQ7jsfSZSfoLA
    +{% trans %}XMR Address{% endtrans %}:

    -

    {% trans %}We now also accept paypal donations!{% endtrans %}

    +

    {% trans %}We now also accept paypal donations!{% endtrans %}

    diff --git a/i2p2www/static/styles/duck/default.css b/i2p2www/static/styles/duck/default.css index 04d0050b..eab34cea 100644 --- a/i2p2www/static/styles/duck/default.css +++ b/i2p2www/static/styles/duck/default.css @@ -753,3 +753,29 @@ pre.literal-block { width: 128px; } +/*special formatting for tables and textareas inside the content*/ + +div#content table { + table-layout: auto; + width: 90%; + border: 1px solid; + font-size: 0.70rem; +} + +div#content td { + border: 1px solid; + overflow: hidden; + white-space: nowrap; + text-overflow: ellipsis; +} + +div#content textarea { + margin-top: .1rem; + font-size: 1rem; + font-style: bold; + white-space: nowrap; + float: right; + /*we could make this resize-horizontal so that it could display the whole + XMR address by resizing, but still look nice on the official page.*/ + resize: none; +} From f3586c580a4b547e4700349f511e4fd5acd5dd0b Mon Sep 17 00:00:00 2001 From: hankhill19580 Date: Tue, 6 Aug 2019 21:11:54 +0000 Subject: [PATCH 3/9] make textareas into a class instead and do the things in CSS that I can. --- i2p2www/pages/site/get-involved/donate.html | 10 +++++----- i2p2www/static/styles/duck/default.css | 9 +++++---- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/i2p2www/pages/site/get-involved/donate.html b/i2p2www/pages/site/get-involved/donate.html index bd717297..01565fe4 100644 --- a/i2p2www/pages/site/get-involved/donate.html +++ b/i2p2www/pages/site/get-involved/donate.html @@ -28,15 +28,15 @@ the "Donate" edition. I2P funding is handled by meeh.{% endtrans %}
    that any other addresses not listed here are no longer valid. Please note that addresses may update and more coins may be added.{% endtrans %}

    -{% trans %}BTC Address{% endtrans %}:
    +{% trans %}BTC Address{% endtrans %}:

    -{% trans %}LTC Address{% endtrans %}:
    +{% trans %}LTC Address{% endtrans %}:

    -{% trans %}ETH Address{% endtrans %}:
    +{% trans %}ETH Address{% endtrans %}:

    -{% trans %}ANC Address{% endtrans %}:
    +{% trans %}ANC Address{% endtrans %}:

    -{% trans %}XMR Address{% endtrans %}:
    +{% trans %}XMR Address{% endtrans %}:

    {% trans %}We now also accept paypal donations!{% endtrans %}

    diff --git a/i2p2www/static/styles/duck/default.css b/i2p2www/static/styles/duck/default.css index eab34cea..862cb7d9 100644 --- a/i2p2www/static/styles/duck/default.css +++ b/i2p2www/static/styles/duck/default.css @@ -769,13 +769,14 @@ div#content td { text-overflow: ellipsis; } -div#content textarea { +div#content .coinaddr { margin-top: .1rem; font-size: 1rem; font-style: bold; white-space: nowrap; + width: 80%; + height: 1.12rem; + overflow-x: hidden; float: right; - /*we could make this resize-horizontal so that it could display the whole - XMR address by resizing, but still look nice on the official page.*/ - resize: none; + resize: horizontal; } From 586ac2e37af16ef3dd0b7083f7181db258186646 Mon Sep 17 00:00:00 2001 From: hankhill19580 Date: Tue, 6 Aug 2019 21:20:39 +0000 Subject: [PATCH 4/9] textareas tweak --- i2p2www/static/styles/duck/default.css | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/i2p2www/static/styles/duck/default.css b/i2p2www/static/styles/duck/default.css index 862cb7d9..a73fd82e 100644 --- a/i2p2www/static/styles/duck/default.css +++ b/i2p2www/static/styles/duck/default.css @@ -774,7 +774,7 @@ div#content .coinaddr { font-size: 1rem; font-style: bold; white-space: nowrap; - width: 80%; + width: 68%; height: 1.12rem; overflow-x: hidden; float: right; From c87815e59a01c9a20fb4619fb9d3f67cdb655f62 Mon Sep 17 00:00:00 2001 From: hankhill19580 Date: Wed, 7 Aug 2019 01:32:46 +0000 Subject: [PATCH 5/9] textareas clipboard-on-click --- i2p2www/pages/site/get-involved/donate.html | 49 ++++++++++++++----- i2p2www/static/styles/duck/default.css | 52 ++++++++++++++++++++- 2 files changed, 88 insertions(+), 13 deletions(-) diff --git a/i2p2www/pages/site/get-involved/donate.html b/i2p2www/pages/site/get-involved/donate.html index 01565fe4..99cb2376 100644 --- a/i2p2www/pages/site/get-involved/donate.html +++ b/i2p2www/pages/site/get-involved/donate.html @@ -26,18 +26,21 @@ the "Donate" edition. I2P funding is handled by meeh.{% endtrans %}

    {% trans %}The following addresses are valid as of June 10th, 2019. Please note that any other addresses not listed here are no longer valid. Please note that -addresses may update and more coins may be added.{% endtrans %} +addresses may update and more coins may be added. {% endtrans %} +

    +{% trans %} Double-Clicking on the cryptocurrency address will copy it onto your +clipboard.{% endtrans %}

    -{% trans %}BTC Address{% endtrans %}:
    -
    -{% trans %}LTC Address{% endtrans %}:
    -
    -{% trans %}ETH Address{% endtrans %}:
    -
    -{% trans %}ANC Address{% endtrans %}:
    -
    -{% trans %}XMR Address{% endtrans %}:
    -
    + +{% trans %}BTC Address{% endtrans %}:
    + +{% trans %}LTC Address{% endtrans %}:
    + +{% trans %}ETH Address{% endtrans %}:
    + +{% trans %}ANC Address{% endtrans %}:
    + +{% trans %}XMR Address{% endtrans %}:

    {% trans %}We now also accept paypal donations!{% endtrans %}

    @@ -47,6 +50,30 @@ addresses may update and more coins may be added.{% endtrans %} +
    +

    {% trans %}Let us know about your donation{% endtrans %}

    +

    {% trans %}If you wish, you can inform us of your donation using the form just below. +This is not a required step for your donation to succeed, but if you want to +make sure we know you're out there, get ahold of us here.{% endtrans %} +

    + +
    +{% trans %}Preferred Name: {% endtrans %}
    +{% trans %}E-mail: {% endtrans %}
    +{% trans %}Message: {% endtrans %}

    + + +
    +

    {% trans %}Tax Status{% endtrans %}

    {% trans -%} diff --git a/i2p2www/static/styles/duck/default.css b/i2p2www/static/styles/duck/default.css index a73fd82e..93c18606 100644 --- a/i2p2www/static/styles/duck/default.css +++ b/i2p2www/static/styles/duck/default.css @@ -772,11 +772,59 @@ div#content td { div#content .coinaddr { margin-top: .1rem; font-size: 1rem; - font-style: bold; + font-weight: bold; white-space: nowrap; width: 68%; height: 1.12rem; overflow-x: hidden; - float: right; resize: horizontal; + margin-top: 2rem; + border: none; +} + +div#content .qrcode { + transition: transform .3s; + width: 50px; + height: 50px; +} + +div#content .qrcode:hover { + transform: scale(5); +} + +div#content .emaillabel { + width: 25%; + display: inline-block; + font-weight: bold; + margin-top: .2rem; + margin-bottom: .2rem; +} + +/*delete this section when we have an e-mail address to use on the donations page*/ +div#content .emailforms { + display: none; +} + +div#content .emailform { + width: 70%; + display: inline-block; +} + +div#content .emailbutton { + font-size: 1.s1rem; + margin: 1px; + padding: 1px; + font-weight: bold; + height: 70px; + width: 47%; + background-color: #60ab60; + border: none; + color: white; + text-align: center; + text-decoration: none; + display: inline-block; +} + +div#content .messagebox { + height: 100px; } From 3f718c5e4172741d8ebfd93d4e4b8bceb4617abb Mon Sep 17 00:00:00 2001 From: hankhill19580 Date: Wed, 7 Aug 2019 02:09:02 +0000 Subject: [PATCH 6/9] fix apostrophe --- i2p2www/pages/site/docs/api/samv3.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/i2p2www/pages/site/docs/api/samv3.html b/i2p2www/pages/site/docs/api/samv3.html index 3768ba54..22a415f5 100644 --- a/i2p2www/pages/site/docs/api/samv3.html +++ b/i2p2www/pages/site/docs/api/samv3.html @@ -188,7 +188,7 @@ can forward back I2P datagrams to the client's datagram server.

    Version 3.1 Changes

    Version 3.1 was introduced in I2P release 0.9.14. SAM 3.1 is the recommended -minimum SAM implementation because of it's support for better signature types +minimum SAM implementation because of its support for better signature types than SAM 3.0.

    • DEST GENERATE and SESSION CREATE now support a SIGNATURE_TYPE parameter. From 36c63bf66475680290d149e17a26263b2cfcbc40 Mon Sep 17 00:00:00 2001 From: hankhill19580 Date: Wed, 7 Aug 2019 02:27:05 +0000 Subject: [PATCH 7/9] mobile tweak --- i2p2www/static/styles/duck/default.css | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/i2p2www/static/styles/duck/default.css b/i2p2www/static/styles/duck/default.css index 93c18606..974c6fc5 100644 --- a/i2p2www/static/styles/duck/default.css +++ b/i2p2www/static/styles/duck/default.css @@ -789,7 +789,7 @@ div#content .qrcode { } div#content .qrcode:hover { - transform: scale(5); + transform: scale(5) translateX(20px); } div#content .emaillabel { From ecb69fbc15d5f6fa608e9734bf90573ae4bc7f87 Mon Sep 17 00:00:00 2001 From: zzz Date: Tue, 13 Aug 2019 17:50:45 +0000 Subject: [PATCH 8/9] Close proposal 147, copy changes to specs --- i2p2www/spec/ntcp2.rst | 20 ++++++++++++------- i2p2www/spec/proposals/111-ntcp-2.rst | 16 +++++++++------ .../147-transport-network-id-check.rst | 6 ++++-- i2p2www/spec/ssu.rst | 14 ++++++++++--- i2p2www/spec/updates.rst | 8 ++++++-- 5 files changed, 44 insertions(+), 20 deletions(-) diff --git a/i2p2www/spec/ntcp2.rst b/i2p2www/spec/ntcp2.rst index 0f0be16c..bae4156b 100644 --- a/i2p2www/spec/ntcp2.rst +++ b/i2p2www/spec/ntcp2.rst @@ -3,8 +3,8 @@ NTCP 2 ====== .. meta:: :category: Transports - :lastupdated: 2019-04-08 - :accuratefor: 0.9.36 + :lastupdated: August 2019 + :accuratefor: 0.9.42 .. contents:: @@ -511,12 +511,13 @@ Note: All fields are big-endian. {% highlight lang='dataspec' %} +----+----+----+----+----+----+----+----+ - |Rsvd| ver| padLen | m3p2len | Rsvd(0) | + | id | ver| padLen | m3p2len | Rsvd(0) | +----+----+----+----+----+----+----+----+ | tsA | Reserved (0) | +----+----+----+----+----+----+----+----+ - Reserved :: 7 bytes total, set to 0 for compatibility with future options + id :: 1 byte, the network ID (currently 2, except for test networks) + As of 0.9.42. See proposal 147. ver :: 1 byte, protocol version (currently 2) @@ -527,6 +528,8 @@ Note: All fields are big-endian. m3p2Len :: 2 bytes, length of the the second AEAD frame in SessionConfirmed (message 3 part 2) See notes below + Rsvd :: 2 bytes, set to 0 for compatibility with future options + tsA :: 4 bytes, Unix timestamp, unsigned seconds. Wraps around in 2106 @@ -616,9 +619,12 @@ Notes message 1 and reading in the padding. There should be no extra data from Alice, as Bob has not responded with message 2 yet. -Issues -`````` -- Is the fixed-size option block big enough? +- The network ID field is used to quickly identify cross-network connections. + If this field is nonzero, and does not match Bob's network ID, + Bob should disconnect and block future connections. + Any connections from test networks should have a different ID and will fail the test. + As of 0.9.42. See proposal 147 for more information. + diff --git a/i2p2www/spec/proposals/111-ntcp-2.rst b/i2p2www/spec/proposals/111-ntcp-2.rst index 7ad3dd31..95263809 100644 --- a/i2p2www/spec/proposals/111-ntcp-2.rst +++ b/i2p2www/spec/proposals/111-ntcp-2.rst @@ -6,7 +6,7 @@ NTCP 2 :editor: manas, str4d, zzz :created: 2014-02-13 :thread: http://zzz.i2p/topics/1577 - :lastupdated: 2019-04-08 + :lastupdated: 2019-08-13 :status: Closed :supercedes: 106 :target: 0.9.36 @@ -848,12 +848,13 @@ Note: All fields are big-endian. {% highlight lang='dataspec' %} +----+----+----+----+----+----+----+----+ - |Rsvd| ver| padLen | m3p2len | Rsvd(0) | + | id | ver| padLen | m3p2len | Rsvd(0) | +----+----+----+----+----+----+----+----+ | tsA | Reserved (0) | +----+----+----+----+----+----+----+----+ - Reserved :: 7 bytes total, set to 0 for compatibility with future options + id :: 1 byte, the network ID (currently 2, except for test networks) + As of 0.9.42. See proposal 147. ver :: 1 byte, protocol version (currently 2) @@ -864,6 +865,8 @@ Note: All fields are big-endian. m3p2Len :: 2 bytes, length of the the second AEAD frame in SessionConfirmed (message 3 part 2) See notes below + Rsvd :: 2 bytes, set to 0 for compatibility with future options + tsA :: 4 bytes, Unix timestamp, unsigned seconds. Wraps around in 2106 @@ -953,9 +956,10 @@ Notes message 1 and reading in the padding. There should be no extra data from Alice, as Bob has not responded with message 2 yet. -Issues -`````` -- Is the fixed-size option block big enough? +- The network ID field is used to quickly identify cross-network connections. + If this field is nonzero, and does not match Bob's network ID, + Bob should disconnect and block future connections. + As of 0.9.42. See proposal 147 for more information. diff --git a/i2p2www/spec/proposals/147-transport-network-id-check.rst b/i2p2www/spec/proposals/147-transport-network-id-check.rst index 0a5c8ebe..2b5fb5a6 100644 --- a/i2p2www/spec/proposals/147-transport-network-id-check.rst +++ b/i2p2www/spec/proposals/147-transport-network-id-check.rst @@ -5,8 +5,10 @@ Transport Network ID Check :author: zzz :created: 2019-02-28 :thread: http://zzz.i2p/topics/2687 - :lastupdated: 2019-08-05 - :status: Open + :lastupdated: 2019-08-13 + :status: Closed + :target: 0.9.42 + :implementedin: 0.9.42 .. contents:: diff --git a/i2p2www/spec/ssu.rst b/i2p2www/spec/ssu.rst index 026f54c1..284ad47b 100644 --- a/i2p2www/spec/ssu.rst +++ b/i2p2www/spec/ssu.rst @@ -3,8 +3,8 @@ SSU Protocol Specification ========================== .. meta:: :category: Transports - :lastupdated: July 2019 - :accuratefor: 0.9.41 + :lastupdated: August 2019 + :accuratefor: 0.9.42 .. contents:: @@ -36,7 +36,7 @@ encrypted with the appropriate key. The MAC used is HMAC-MD5, truncated to 16 bytes, while the key is a full 32 byte AES256 key. The specific construct of the MAC is the first 16 bytes from:: - HMAC-MD5(encryptedPayload + IV + (payloadLength ^ protocolVersion), macKey) + HMAC-MD5(encryptedPayload + IV + (payloadLength ^ protocolVersion ^ ((netid - 2) << 8)), macKey) where '+' means append and '^' means exclusive-or. @@ -58,6 +58,14 @@ The protocolVersion is a 2 byte unsigned integer and is currently set to 0. Peers using a different protocol version will not be able to communicate with this peer, though earlier versions not using this flag are. +The exclusive OR of ((netid - 2) << 8) is used to quickly identify cross-network connections. +As of 0.9.42. See proposal 147 for more information. +As the current network ID is 2, this is a no-op for the current network and is backward compatible. +Any connections from test networks should have a different ID and will fail the HMAC. + + + + HMAC Specification ------------------ diff --git a/i2p2www/spec/updates.rst b/i2p2www/spec/updates.rst index fff6ca41..ae68c20c 100644 --- a/i2p2www/spec/updates.rst +++ b/i2p2www/spec/updates.rst @@ -2,8 +2,8 @@ Software Update Specification ============================= .. meta:: - :lastupdated: March 2017 - :accuratefor: 0.9.29 + :lastupdated: August 2019 + :accuratefor: 0.9.42 .. contents:: @@ -338,6 +338,10 @@ Goals Specification ````````````` 1. The file must be named "i2pseeds.su3". + As of 0.9.42, the requestor should append a query string "?netid=2" to the request URL, + assuming the current network ID of 2. + This may be used to prevent cross-network connections. Test networks should set + a different network ID. See proposal 147 for details. 2. The file must be in the same directory as the router infos on the web server. From 647eca9704934d8597ca6970a24197364be16f10 Mon Sep 17 00:00:00 2001 From: zzz Date: Tue, 13 Aug 2019 21:29:02 +0000 Subject: [PATCH 9/9] More proposal 147 updates --- i2p2www/pages/site/docs/how/network-database.html | 15 +++++++++++++-- .../proposals/147-transport-network-id-check.rst | 8 ++++---- i2p2www/spec/ssu.rst | 5 +++-- 3 files changed, 20 insertions(+), 8 deletions(-) diff --git a/i2p2www/pages/site/docs/how/network-database.html b/i2p2www/pages/site/docs/how/network-database.html index 55bf1a6c..a2a44430 100644 --- a/i2p2www/pages/site/docs/how/network-database.html +++ b/i2p2www/pages/site/docs/how/network-database.html @@ -1,7 +1,7 @@ {% extends "global/layout.html" %} {% block title %}{% trans %}The Network Database{% endtrans %}{% endblock %} -{% block lastupdated %}{% trans %}January 2019{% endtrans %}{% endblock %} -{% block accuratefor %}0.9.38{% endblock %} +{% block lastupdated %}{% trans %}August 2019{% endtrans %}{% endblock %} +{% block accuratefor %}0.9.42{% endblock %} {% block content %}

      {% trans %}Overview{% endtrans %}

      @@ -88,6 +88,17 @@ Above the minimum threshold, the advertised bandwidth is not used or trusted any in the router, except for display in the user interface and for debugging and network analysis. {%- endtrans %}

      +

      Valid NetID numbers:

      +
      UsageNetID Number +
      Reserved0 +
      Reserved1 +
      Current Network (default)2 +
      Reserved Future Networks3 - 15 +
      Forks and Test Networks16 - 254 +
      Reserved255 +
      + +

      {% trans %}Additional Options{% endtrans %}

      {% trans stats=i2pconv('stats.i2p') -%} diff --git a/i2p2www/spec/proposals/147-transport-network-id-check.rst b/i2p2www/spec/proposals/147-transport-network-id-check.rst index 2b5fb5a6..fd2c14a0 100644 --- a/i2p2www/spec/proposals/147-transport-network-id-check.rst +++ b/i2p2www/spec/proposals/147-transport-network-id-check.rst @@ -88,7 +88,7 @@ Add the following specification for valid network id values: ================================== ============== - Payload Block Type NetID Number + Usage NetID Number ================================== ============== Reserved 0 Reserved 1 @@ -139,9 +139,9 @@ New: HMAC-MD5(encryptedPayload + IV + (payloadLength ^ protocolVersion ^ ((netid - 2) << 8)), macKey) '+' means append, '^' means exclusive-or, '<<' means left shift. - payloadLength is a 2 byte unsigned integer - protocolVersion is one byte 0x00 - netid is a 1 byte unsigned integer + payloadLength is a two byte unsigned integer, big endian + protocolVersion is two bytes 0x0000, big endian + netid is a two byte unsigned integer, big endian, legal values are 2-254 {% endhighlight %} diff --git a/i2p2www/spec/ssu.rst b/i2p2www/spec/ssu.rst index 284ad47b..8776f275 100644 --- a/i2p2www/spec/ssu.rst +++ b/i2p2www/spec/ssu.rst @@ -43,7 +43,7 @@ where '+' means append and '^' means exclusive-or. The IV is generated randomly for each packet. The encryptedPayload is the encrypted version of the message starting with the flag byte (encrypt-then-MAC). The payloadLength used in the MAC is a 2 byte unsigned -integer. Note that protocolVersion is 0, so the exclusive-or is a no-op. The +integer, big endian. Note that protocolVersion is 0, so the exclusive-or is a no-op. The macKey is either the introduction key or is constructed from the exchanged DH key (see details below), as specified for each message below. @@ -54,11 +54,12 @@ The payload itself (that is, the message starting with the flag byte) is AES256/CBC encrypted with the IV and the sessionKey, with replay prevention addressed within its body, explained below. -The protocolVersion is a 2 byte unsigned integer and is currently set to 0. +The protocolVersion is a 2 byte unsigned integer, big endian, and is currently set to 0. Peers using a different protocol version will not be able to communicate with this peer, though earlier versions not using this flag are. The exclusive OR of ((netid - 2) << 8) is used to quickly identify cross-network connections. +The netid is a 2 byte unsigned integer, big endian, and is currently set to 2. As of 0.9.42. See proposal 147 for more information. As the current network ID is 2, this is a no-op for the current network and is backward compatible. Any connections from test networks should have a different ID and will fail the HMAC.