diff --git a/libi2pd/NTCP2.cpp b/libi2pd/NTCP2.cpp index be584eb1..5e1cbaf6 100644 --- a/libi2pd/NTCP2.cpp +++ b/libi2pd/NTCP2.cpp @@ -718,8 +718,6 @@ namespace transport Terminate (); return; } - ri.GetProfile ()->Connected (); - i2p::data::UpdateStaticKey (addr->s, ri.GetIdentHash ()); // good static key i2p::data::netdb.PostI2NPMsg (CreateI2NPMessage (eI2NPDummyMsg, buf.data () + 3, size)); // TODO: should insert ri and not parse it twice // TODO: process options diff --git a/libi2pd/Profiling.cpp b/libi2pd/Profiling.cpp index 45e4ae22..754a2ce3 100644 --- a/libi2pd/Profiling.cpp +++ b/libi2pd/Profiling.cpp @@ -320,33 +320,5 @@ namespace data } } } - -// static keys - - struct StaticKeyProfile - { - i2p::data::IdentHash ident; - boost::posix_time::ptime lastUpdateTime; - }; - //static i2p::fs::HashedStorage g_StaticKeysProfilesStorage("statickeysProfiles", "s", "statickey-", "txt"); - static std::unordered_map<i2p::data::Tag<32>, std::shared_ptr<StaticKeyProfile> > g_StaticKeysProfiles; - static std::mutex g_StaticKeysProfilesMutex; - - bool CheckStaticKey (const i2p::data::Tag<32>& staticKey, const i2p::data::IdentHash& ident) - { - std::unique_lock<std::mutex> l(g_StaticKeysProfilesMutex); - auto it = g_StaticKeysProfiles.find (staticKey); - if (it != g_StaticKeysProfiles.end ()) - return it->second->ident == ident; - return true; - } - - void UpdateStaticKey (const i2p::data::Tag<32>& staticKey, const i2p::data::IdentHash& ident) - { - std::unique_lock<std::mutex> l(g_StaticKeysProfilesMutex); - auto res = g_StaticKeysProfiles.emplace (staticKey, std::make_shared<StaticKeyProfile>(StaticKeyProfile{ident, GetTime ()})); - if (!res.second) - res.first->second->lastUpdateTime = GetTime (); - } } } diff --git a/libi2pd/Profiling.h b/libi2pd/Profiling.h index 2520a6af..6b814893 100644 --- a/libi2pd/Profiling.h +++ b/libi2pd/Profiling.h @@ -84,7 +84,7 @@ namespace data // usage uint32_t m_NumTimesTaken; uint32_t m_NumTimesRejected; - bool m_HasConnected; // incoming connection received + bool m_HasConnected; // successful trusted(incoming or NTCP2) connection }; std::shared_ptr<RouterProfile> GetRouterProfile (const IdentHash& identHash); @@ -92,10 +92,6 @@ namespace data void DeleteObsoleteProfiles (); void SaveProfiles (); void PersistProfiles (); - - // static keys - bool CheckStaticKey (const i2p::data::Tag<32>& staticKey, const i2p::data::IdentHash& ident); - void UpdateStaticKey (const i2p::data::Tag<32>& staticKey, const i2p::data::IdentHash& ident); } } diff --git a/libi2pd/RouterInfo.cpp b/libi2pd/RouterInfo.cpp index 0cf5a0c5..5ba8a5b1 100644 --- a/libi2pd/RouterInfo.cpp +++ b/libi2pd/RouterInfo.cpp @@ -293,7 +293,8 @@ namespace data else if (!strcmp (key, "s")) // ntcp2 or ssu2 static key { Base64ToByteStream (value, strlen (value), address->s, 32); - isStaticKey = true; + if (!(address->s[31] & 0x80)) // check if x25519 public key + isStaticKey = true; } else if (!strcmp (key, "i")) // ntcp2 iv or ssu2 intro { @@ -363,9 +364,6 @@ namespace data if (!s) return; } - if ((address->s[31] & 0x80) || !i2p::data::CheckStaticKey(address->s, GetIdentHash())) - continue; // skip address - if (address->transportStyle == eTransportNTCP2) { if (isStaticKey) @@ -391,7 +389,7 @@ namespace data } } } - else if (address->transportStyle == eTransportSSU2 && isV2) + else if (address->transportStyle == eTransportSSU2 && isV2 && isStaticKey) { if (address->IsV4 ()) supportedTransports |= eSSU2V4; if (address->IsV6 ()) supportedTransports |= eSSU2V6; diff --git a/libi2pd/SSU2Session.cpp b/libi2pd/SSU2Session.cpp index efe7117d..49004437 100644 --- a/libi2pd/SSU2Session.cpp +++ b/libi2pd/SSU2Session.cpp @@ -1075,8 +1075,6 @@ namespace transport return false; } SetRemoteIdentity (ri->GetRouterIdentity ()); - ri->GetProfile ()->Connected (); - i2p::data::UpdateStaticKey (m_Address->s, ri->GetIdentHash ()); // good static key AdjustMaxPayloadSize (); m_Server.AddSessionByRouterHash (shared_from_this ()); // we know remote router now m_RemoteTransports = ri->GetCompatibleTransports (false); diff --git a/libi2pd/Transports.cpp b/libi2pd/Transports.cpp index 5693719c..f66a8f96 100644 --- a/libi2pd/Transports.cpp +++ b/libi2pd/Transports.cpp @@ -507,11 +507,6 @@ namespace transport peer.router->GetPublishedNTCP2V6Address () : peer.router->GetPublishedNTCP2V4Address (); if (address && m_CheckReserved && i2p::util::net::IsInReservedRange(address->host)) address = nullptr; - if (address && !i2p::data::CheckStaticKey (address->s, ident)) - { - LogPrint (eLogWarning, "Transports: NTCP2 address static key router mismatch ", ident.ToBase64 ()); - address = nullptr; - } if (address) { auto s = std::make_shared<NTCP2Session> (*m_NTCP2Server, peer.router, address); @@ -531,11 +526,6 @@ namespace transport peer.router->GetSSU2V6Address () : peer.router->GetSSU2V4Address (); if (address && m_CheckReserved && i2p::util::net::IsInReservedRange(address->host)) address = nullptr; - if (address && !i2p::data::CheckStaticKey (address->s, ident)) - { - LogPrint (eLogWarning, "Transports: SSU2 address static key router mismatch ", ident.ToBase64 ()); - address = nullptr; - } if (address && address->IsReachableSSU ()) { if (m_SSU2Server->CreateSession (peer.router, address)) @@ -547,11 +537,6 @@ namespace transport { if (!m_NTCP2Server) continue; auto address = peer.router->GetYggdrasilAddress (); - if (address && !i2p::data::CheckStaticKey (address->s, ident)) - { - LogPrint (eLogWarning, "Transports: Yggdrasil address static key router mismatch ", ident.ToBase64 ()); - address = nullptr; - } if (address) { auto s = std::make_shared<NTCP2Session> (*m_NTCP2Server, peer.router, address); @@ -606,7 +591,7 @@ namespace transport peer.router->GetCompatibleTransports (true); peer.numAttempts = 0; peer.priority.clear (); - bool ssu2 = rand () & 1; + bool ssu2 = peer.router->GetProfile ()->IsReal () ? (rand () & 1) : false; // try NTCP2 if router is not confirmed real const auto& priority = ssu2 ? ssu2Priority : ntcp2Priority; for (auto transport: priority) if (transport & compatibleTransports) @@ -724,6 +709,13 @@ namespace transport for (int i = 0; i < numExcluded; i++) transports |= it->second.priority[i]; i2p::data::netdb.ExcludeReachableTransports (ident, transports); + } + if (it->second.router) + { + auto transport = it->second.priority[it->second.numAttempts]; + if (transport == i2p::data::RouterInfo::eNTCP2V4 || + transport == i2p::data::RouterInfo::eNTCP2V6 || transport == i2p::data::RouterInfo::eNTCP2V6Mesh) + it->second.router->GetProfile ()->Connected (); // outgoing NTCP2 connection if always real } it->second.numAttempts = 0; it->second.router = nullptr; // we don't need RouterInfo after successive connect @@ -755,6 +747,7 @@ namespace transport if (!session->IsOutgoing ()) // incoming session->SendI2NPMessages ({ CreateDatabaseStoreMsg () }); // send DatabaseStore auto r = i2p::data::netdb.FindRouter (ident); // router should be in netdb after SessionConfirmed + if (r) r->GetProfile ()->Connected (); auto ts = i2p::util::GetSecondsSinceEpoch (); std::unique_lock<std::mutex> l(m_PeersMutex); auto it = m_Peers.insert (std::make_pair (ident, Peer{ r, ts })).first;