search

PurpleI2P / i2pd

🛡 I2P: End-to-End encrypted and anonymous Internet
https://i2pd.website
BSD 3-Clause "New" or "Revised" License
3.28k stars 424 forks source link

Encrypted lease set reliably crashes i2pd (server) instance #2124

Open mashdragon opened 23 hours ago

mashdragon commented 23 hours ago

See https://github.com/PurpleI2P/i2pd_docs_en/issues/101 for context. I wanted to set up an encrypted lease set, but when making the connection from client to server it ended up crashing i2pd with: Floating point exception (core dumped)

I compiled with compiler hardening enabled.

Here is what my tunnels.conf looked like:

server:

[my-server]
type = server
host = 127.0.0.1
port = 5000
keys = my-server.dat
inbound.length = 1
outbound.length = 1
# For keys blinding (encrypted LeaseSet)
signaturetype = 11
# Lease set config
i2p.streaming.maxOutboundSpeed = 2000000000
i2p.streaming.maxInboundSpeed = 2000000000
i2p.streaming.profile = 2
i2cp.leaseSetType = 5
i2cp.leaseSetPrivKey = <base64 encoded 32 bytes>
i2cp.dontPublishLeaseSet = true

client (machine 2):

[my-client]
type = client
address = 127.0.0.1
port = 6000
destination = <Encrypted B33 address of server's I2P tunnel>
keys = my-server-keys.dat
inbound.length = 1
outbound.length = 1

This will always crash the server i2pd. Version 3c608ec07cc39c2dbad91599ccf8f0d561481485

Also, the client gets a lot of "incoming tags". Sometimes it was small (like 26). Sometimes large (3000 or more). Is this expected? The "Tags sessions" was small, like 1.

Whether you have encrypted leases or not it still crashes. With its regular b32 address after removing the encrypted lease settings I was able to send some packets and get a response before it crashed.

The crash still happens with hardening off when compiling.

The crash still happens on release 2.54.0.

OS: Ubuntu 22.04.5 LTS

orignal commented 14 hours ago

i2cp.dontPublishLeaseSet = true why is it in a server tunnel?

Also try to remove i2p.streaming.maxOutboundSpeed and i2p.streaming.maxInboundSpeed .

mashdragon commented 14 hours ago

Good question. The docs do not explain the context very much for this option, so I did not know it was not meant to be used for servers: https://i2pd.readthedocs.io/en/latest/user-guide/tunnels/#signature-types I have only a very beginner's knowledge of lease sets.

I was trying to follow https://github.com/PurpleI2P/i2pd/discussions/2104 and it looks like I mixed up client vs server for this option.

I will try making those changes and see if it does not crash.

orignal commented 13 hours ago

Does it crash on high load or always?

mashdragon commented 13 hours ago

Thank you for your comments. I removed i2cp.dontPublishLeaseSet, i2p.streaming.maxOutboundSpeed, and i2p.streaming.maxInboundSpeed. Now i2pd no longer crashes under these settings.

The crash happened always.