2.45.1

Signed-off-by: R4SAS <r4sas@i2pmail.org>

.editorconfig

@@ -13,6 +13,11 @@ insert_final_newline = true
 indent_style = tab
 indent_size = 4
 
+[*.cmd]
+indent_style = space
+indent_size = 2
+end_of_line = crlf
+
 [*.{h,cpp}]
 indent_style = tab
 indent_size = 4

ChangeLog

@@ -1,6 +1,17 @@
 # for this file format description,
 # see https://github.com/olivierlacan/keep-a-changelog
 
+## [2.45.1] - 2023-01-11
+### Added
+- Full Cone NAT status error
+### Changed
+- Drop duplicated I2NP messages in SSU2
+- Set rejection code 30 if tunnel with id already exists
+- Network status is always OK if peer test msg 5 received
+### Fixed
+- UPnP crash if SSU2 or NTCP2 is disabled 
+- Crash on termination for some platforms
+
 ## [2.45.0] - 2023-01-03
 ### Added
 - Test for Symmetric NAT with peer test msgs 6 and 7

Makefile.linux

@@ -20,7 +20,11 @@ else ifeq ($(shell expr match ${CXXVER} "4\.[8-9]"),3) # gcc 4.8 - 4.9
 else ifeq ($(shell expr match ${CXXVER} "[5-6]"),1) # gcc 5 - 6
 	NEEDED_CXXFLAGS += -std=c++11
 	LDLIBS = -latomic
-else ifeq ($(shell expr match ${CXXVER} "[1,7-9]"),1) # gcc >= 7
+else ifeq ($(shell expr match ${CXXVER} "[7-9]"),1) # gcc 7 - 9 
+	NEEDED_CXXFLAGS += -std=c++17
+	LDLIBS = -latomic
+else ifeq ($(shell expr match ${CXXVER} "1[0-9]"),2) # gcc 10 - 19
+#	NEEDED_CXXFLAGS += -std=c++20
 	NEEDED_CXXFLAGS += -std=c++17
 	LDLIBS = -latomic
 else # not supported

contrib/docker/Dockerfile

@@ -60,8 +60,8 @@ RUN apk update \
 RUN apk --no-cache add boost-filesystem boost-system boost-program_options boost-date_time boost-thread boost-iostreams openssl miniupnpc musl-utils libstdc++
 
 # 3. Copy preconfigured config file and entrypoint
-COPY i2pd-docker.conf "$I2PD_HOME/i2pd.conf"
+COPY i2pd-docker.conf "$DATA_DIR/i2pd.conf"
-RUN chown i2pd:nobody "$I2PD_HOME/i2pd.conf"
+RUN chown i2pd:nobody "$DATA_DIR/i2pd.conf"
 COPY entrypoint.sh /entrypoint.sh
 RUN chmod a+x /entrypoint.sh
 

contrib/rpm/i2pd-git.spec

@@ -1,7 +1,7 @@
 %define git_hash %(git rev-parse HEAD | cut -c -7)
 
 Name:          i2pd-git
-Version:       2.45.0
+Version:       2.45.1
 Release:       git%{git_hash}%{?dist}
 Summary:       I2P router written in C++
 Conflicts:     i2pd
@@ -158,7 +158,10 @@ getent passwd i2pd >/dev/null || \
 
 
 %changelog
-* Mon Tue 3 2023 orignal <orignal@i2pmail.org> - 2.45.0
+* Wed Jan 11 2023 orignal <orignal@i2pmail.org> - 2.45.1
+- update to 2.45.1
+
+* Tue Jan 3 2023 orignal <orignal@i2pmail.org> - 2.45.0
 - update to 2.45.0
 
 * Sun Nov 20 2022 orignal <orignal@i2pmail.org> - 2.44.0

contrib/rpm/i2pd.spec

@@ -1,5 +1,5 @@
 Name:          i2pd
-Version:       2.45.0
+Version:       2.45.1
 Release:       1%{?dist}
 Summary:       I2P router written in C++
 Conflicts:     i2pd-git
@@ -155,6 +155,9 @@ getent passwd i2pd >/dev/null || \
 
 
 %changelog
+* Wed Jan 11 2023 orignal <orignal@i2pmail.org> - 2.45.1
+- update to 2.45.1
+
 * Tue Jan 3 2023 orignal <orignal@i2pmail.org> - 2.45.0
 - update to 2.45.0
 

daemon/HTTPServer.cpp

@@ -245,6 +245,9 @@ namespace http {
 				case eRouterErrorSymmetricNAT:
 					s << " - " << tr("Symmetric NAT");
 				break;
+				case eRouterErrorFullConeNAT:
+					s << " - " << tr("Full cone NAT");
+				break;	
 				case eRouterErrorNoDescriptors:
 					s << " - " << tr("No Descriptors");
 				break;

daemon/UPnP.cpp

@@ -163,7 +163,7 @@ namespace transport
 		if (!a) return;
 		for (const auto& address : *a)
 		{
-			if (!address->host.is_v6 () && address->port)
+			if (address && !address->host.is_v6 () && address->port)
 				TryPortMapping (address);
 		}
 		m_Timer.expires_from_now (boost::posix_time::minutes(20)); // every 20 minutes
@@ -215,7 +215,7 @@ namespace transport
 		if (!a) return;
 		for (const auto& address : *a)
 		{
-			if (!address->host.is_v6 () && address->port)
+			if (address && !address->host.is_v6 () && address->port)
 			CloseMapping (address);
 		}
 	}

debian/changelog

@@ -1,3 +1,9 @@
+i2pd (2.45.1-1) unstable; urgency=medium
+
+  * updated to version 2.45.1/0.9.57
+
+-- orignal <orignal@i2pmail.org>  Wed, 11 Jan 2023 19:00:00 +0000
+
 i2pd (2.45.0-1) unstable; urgency=high
 
   * updated to version 2.45.0/0.9.57

libi2pd/I2NPProtocol.cpp

@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2013-2022, The PurpleI2P Project
+* Copyright (c) 2013-2023, The PurpleI2P Project
 *
 * This file is part of Purple i2pd project and licensed under BSD3
 *
@@ -392,7 +392,8 @@ namespace i2p
 							clearText + ECIES_BUILD_REQUEST_RECORD_IV_KEY_OFFSET,
 							clearText[ECIES_BUILD_REQUEST_RECORD_FLAG_OFFSET] & TUNNEL_BUILD_RECORD_GATEWAY_FLAG,
 							clearText[ECIES_BUILD_REQUEST_RECORD_FLAG_OFFSET] & TUNNEL_BUILD_RECORD_ENDPOINT_FLAG);
-					i2p::tunnel::tunnels.AddTransitTunnel (transitTunnel);
+					if (!i2p::tunnel::tunnels.AddTransitTunnel (transitTunnel))
+						retCode = 30;
 				}
 				else
 					retCode = 30; // always reject with bandwidth reason (30)
@@ -590,7 +591,8 @@ namespace i2p
 						layerKey, ivKey,
 						clearText[SHORT_REQUEST_RECORD_FLAG_OFFSET] & TUNNEL_BUILD_RECORD_GATEWAY_FLAG,
 						clearText[SHORT_REQUEST_RECORD_FLAG_OFFSET] & TUNNEL_BUILD_RECORD_ENDPOINT_FLAG);
-					i2p::tunnel::tunnels.AddTransitTunnel (transitTunnel);
+					if (!i2p::tunnel::tunnels.AddTransitTunnel (transitTunnel))
+						retCode = 30;
 				}
 
 				// encrypt reply

libi2pd/NetDb.cpp

@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2013-2022, The PurpleI2P Project
+* Copyright (c) 2013-2023, The PurpleI2P Project
 *
 * This file is part of Purple i2pd project and licensed under BSD3
 *
@@ -807,6 +807,11 @@ namespace data
 		uint8_t storeType = buf[DATABASE_STORE_TYPE_OFFSET];
 		if (storeType) // LeaseSet or LeaseSet2
 		{
+			if (len > MAX_LS_BUFFER_SIZE + offset)
+			{
+				LogPrint (eLogError, "NetDb: Database store message is too long ", len);
+				return;
+			}	
 			if (!m->from) // unsolicited LS must be received directly
 			{
 				if (storeType == NETDB_STORE_TYPE_LEASESET) // 1

libi2pd/RouterContext.cpp

@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2013-2022, The PurpleI2P Project
+* Copyright (c) 2013-2023, The PurpleI2P Project
 *
 * This file is part of Purple i2pd project and licensed under BSD3
 *
@@ -240,7 +240,6 @@ namespace i2p
 		if (status != m_Status)
 		{
 			m_Status = status;
-			m_Error = eRouterErrorNone;
 			switch (m_Status)
 			{
 				case eRouterStatusOK:
@@ -249,6 +248,9 @@ namespace i2p
 				case eRouterStatusFirewalled:
 					SetUnreachable (true, false); // ipv4
 				break;
+				case eRouterStatusTesting:
+					m_Error = eRouterErrorNone;
+				break;	
 				default:
 					;
 			}
@@ -260,7 +262,6 @@ namespace i2p
 		if (status != m_StatusV6)
 		{
 			m_StatusV6 = status;
-			m_ErrorV6 = eRouterErrorNone;
 			switch (m_StatusV6)
 			{
 				case eRouterStatusOK:
@@ -269,6 +270,9 @@ namespace i2p
 				case eRouterStatusFirewalled:
 					SetUnreachable (false, true); // ipv6
 				break;
+				case eRouterStatusTesting:
+					m_ErrorV6 = eRouterErrorNone;
+				break;		
 				default:
 					;
 			}

libi2pd/RouterContext.h

@@ -48,7 +48,8 @@ namespace garlic
 		eRouterErrorClockSkew = 1,
 		eRouterErrorOffline = 2,
 		eRouterErrorSymmetricNAT = 3,
-		eRouterErrorNoDescriptors = 4
+		eRouterErrorFullConeNAT = 4,
+		eRouterErrorNoDescriptors = 5
 	};
 
 	class RouterContext: public i2p::garlic::GarlicDestination

libi2pd/RouterInfo.cpp

@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2013-2022, The PurpleI2P Project
+* Copyright (c) 2013-2023, The PurpleI2P Project
 *
 * This file is part of Purple i2pd project and licensed under BSD3
 *
@@ -206,13 +206,13 @@ namespace data
 		s.read ((char *)&m_Timestamp, sizeof (m_Timestamp));
 		m_Timestamp = be64toh (m_Timestamp);
 		// read addresses
-		auto addresses = netdb.NewRouterInfoAddresses ();
+		auto addresses = NewAddresses ();
 		uint8_t numAddresses;
 		s.read ((char *)&numAddresses, sizeof (numAddresses));
 		for (int i = 0; i < numAddresses; i++)
 		{
 			uint8_t supportedTransports = 0;
-			auto address = netdb.NewRouterInfoAddress ();
+			auto address = NewAddress ();
 			uint8_t cost; // ignore
 			s.read ((char *)&cost, sizeof (cost));
 			s.read ((char *)&address->date, sizeof (address->date));
@@ -974,6 +974,16 @@ namespace data
 		return netdb.NewRouterInfoBuffer ();
 	}
 
+	std::shared_ptr<RouterInfo::Address> RouterInfo::NewAddress () const
+	{
+		return netdb.NewRouterInfoAddress ();
+	}	
+		
+	boost::shared_ptr<RouterInfo::Addresses> RouterInfo::NewAddresses () const
+	{
+		return netdb.NewRouterInfoAddresses ();
+	}	
+		
 	void RouterInfo::RefreshTimestamp ()
 	{
 		m_Timestamp = i2p::util::GetMillisecondsSinceEpoch ();
@@ -1255,6 +1265,16 @@ namespace data
 		return std::make_shared<Buffer> ();
 	}
 
+	std::shared_ptr<RouterInfo::Address> LocalRouterInfo::NewAddress () const
+	{
+		return std::make_shared<Address> ();
+	}
+		
+	boost::shared_ptr<RouterInfo::Addresses> LocalRouterInfo::NewAddresses () const
+	{
+		return boost::make_shared<Addresses> ();
+	}	
+		
 	bool LocalRouterInfo::AddSSU2Introducer (const Introducer& introducer, bool v4)
 	{
 		auto addresses = GetAddresses ();

libi2pd/RouterInfo.h

@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2013-2022, The PurpleI2P Project
+* Copyright (c) 2013-2023, The PurpleI2P Project
 *
 * This file is part of Purple i2pd project and licensed under BSD3
 *
@@ -285,6 +285,8 @@ namespace data
 			template<typename Filter>
 			std::shared_ptr<const Address> GetAddress (Filter filter) const;
 			virtual std::shared_ptr<Buffer> NewBuffer () const;
+			virtual std::shared_ptr<Address> NewAddress () const;
+			virtual boost::shared_ptr<Addresses> NewAddresses () const;
 
 		private:
 
@@ -324,6 +326,8 @@ namespace data
 			void UpdateCapsProperty ();
 			void WriteString (const std::string& str, std::ostream& s) const;
 			std::shared_ptr<Buffer> NewBuffer () const override;
+			std::shared_ptr<Address> NewAddress () const override;
+			boost::shared_ptr<Addresses> NewAddresses () const override;
 
 		private:
 

libi2pd/SSU2Session.cpp

@@ -221,6 +221,7 @@ namespace transport
 			m_IncompleteMessages.clear ();
 			m_RelaySessions.clear ();
 			m_PeerTests.clear ();
+			m_ReceivedI2NPMsgIDs.clear ();
 			m_Server.RemoveSession (m_SourceConnID);
 			transports.PeerDisconnected (shared_from_this ());
 			LogPrint (eLogDebug, "SSU2: Session terminated");
@@ -1450,7 +1451,7 @@ namespace transport
 					nextMsg->len = nextMsg->offset + size + 7; // 7 more bytes for full I2NP header
 					memcpy (nextMsg->GetNTCP2Header (), buf + offset, size);
 					nextMsg->FromNTCP2 (); // SSU2 has the same format as NTCP2
-					m_Handler.PutNextMessage (std::move (nextMsg));
+					HandleI2NPMsg (std::move (nextMsg));
 					m_IsDataReceived = true;
 					break;
 				}
@@ -1667,23 +1668,17 @@ namespace transport
 					LogPrint (eLogInfo, "SSU2: Our port ", ep.port (), " received from ", m_RemoteEndpoint, " is different from ", m_Server.GetPort (isV4));
 					if (isV4)
 					{
-						if (i2p::context.GetStatus () == eRouterStatusTesting ||
+						if (i2p::context.GetStatus () == eRouterStatusTesting)
-						    m_State == eSSU2SessionStatePeerTest)
-						{
-							i2p::context.SetStatus (eRouterStatusFirewalled);
 							i2p::context.SetError (eRouterErrorSymmetricNAT);
-							m_Server.RescheduleIntroducersUpdateTimer ();
+						else if (m_State == eSSU2SessionStatePeerTest)
-						}
+							i2p::context.SetError (eRouterErrorFullConeNAT);
 					}
 					else
 					{
-						if (i2p::context.GetStatusV6 () == eRouterStatusTesting ||
+						if (i2p::context.GetStatusV6 () == eRouterStatusTesting)
-						    m_State == eSSU2SessionStatePeerTest)
-						{
-							i2p::context.SetStatusV6 (eRouterStatusFirewalled);
 							i2p::context.SetErrorV6 (eRouterErrorSymmetricNAT);
-							m_Server.RescheduleIntroducersUpdateTimerV6 ();
+						else if (m_State == eSSU2SessionStatePeerTest)
-						}
+							i2p::context.SetErrorV6 (eRouterErrorFullConeNAT);
 					}
 				}
 				else
@@ -1696,6 +1691,8 @@ namespace transport
 								i2p::context.SetStatus (eRouterStatusOK);
 							i2p::context.SetError (eRouterErrorNone);
 						}
+						else if (i2p::context.GetError () == eRouterErrorFullConeNAT)
+							i2p::context.SetError (eRouterErrorNone);
 					}
 					else
 					{
@@ -1705,6 +1702,8 @@ namespace transport
 								i2p::context.SetStatusV6 (eRouterStatusOK);
 							i2p::context.SetErrorV6 (eRouterErrorNone);
 						}
+						else if (i2p::context.GetErrorV6 () == eRouterErrorFullConeNAT)
+							i2p::context.SetErrorV6 (eRouterErrorNone);
 					}
 				}
 			}
@@ -1738,7 +1737,7 @@ namespace transport
 		{
 			// we have all follow-on fragments already
 			m->msg->FromNTCP2 ();
-			m_Handler.PutNextMessage (std::move (m->msg));
+			HandleI2NPMsg (std::move (m->msg));
 			m_IncompleteMessages.erase (it);
 		}
 	}
@@ -1760,14 +1759,14 @@ namespace transport
 				if (isLast)
 				{
 					it->second->msg->FromNTCP2 ();
-					m_Handler.PutNextMessage (std::move (it->second->msg));
+					HandleI2NPMsg (std::move (it->second->msg));
 					m_IncompleteMessages.erase (it);
 				}
 				else
 				{
 					if (ConcatOutOfSequenceFragments (it->second))
 					{
-						m_Handler.PutNextMessage (std::move (it->second->msg));
+						HandleI2NPMsg (std::move (it->second->msg));
 						m_IncompleteMessages.erase (it);
 					}
 					else
@@ -2268,6 +2267,29 @@ namespace transport
 		}
 	}
 
+	void SSU2Session::HandleI2NPMsg (std::shared_ptr<I2NPMessage>&& msg)
+	{	
+		if (!msg) return;
+		int32_t msgID = msg->GetMsgID ();
+#if __cplusplus >= 202002L // C++ 20 or higher
+		if (!m_ReceivedI2NPMsgIDs.contains (msgID))
+#else
+		if (!m_ReceivedI2NPMsgIDs.count (msgID))
+#endif		
+		{	
+			if (!msg->IsExpired ())
+			{
+				// m_LastActivityTimestamp is updated in ProcessData before
+				m_ReceivedI2NPMsgIDs.emplace (msgID, (uint32_t)m_LastActivityTimestamp);
+				m_Handler.PutNextMessage (std::move (msg)); 
+			}
+			else
+				LogPrint (eLogDebug, "SSU2: Message ", msgID, " expired");
+		}	
+		else
+			LogPrint (eLogDebug, "SSU2: Message ", msgID, " already received");
+	}	
+		
 	bool SSU2Session::ExtractEndpoint (const uint8_t * buf, size_t size, boost::asio::ip::udp::endpoint& ep)
 	{
 		if (size < 2) return false;
@@ -2790,6 +2812,20 @@ namespace transport
 			else
 				++it;
 		}
+		if (m_ReceivedI2NPMsgIDs.size () > SSU2_MAX_NUM_RECEIVED_I2NP_MSGIDS || ts > m_LastActivityTimestamp + SSU2_DECAY_INTERVAL)
+			// decay
+			m_ReceivedI2NPMsgIDs.clear ();
+		else
+		{
+			// delete old received msgIDs
+			for (auto it = m_ReceivedI2NPMsgIDs.begin (); it != m_ReceivedI2NPMsgIDs.end ();)
+			{
+				if (ts > it->second + SSU2_RECEIVED_I2NP_MSGIDS_CLEANUP_TIMEOUT)
+					it = m_ReceivedI2NPMsgIDs.erase (it);
+				else
+					++it;
+			}
+		}
 		if (!m_OutOfSequencePackets.empty ())
 		{
 			if (m_OutOfSequencePackets.size () > 2*SSU2_MAX_NUM_ACK_RANGES ||

libi2pd/SSU2Session.h

@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2022, The PurpleI2P Project
+* Copyright (c) 2022-2023, The PurpleI2P Project
 *
 * This file is part of Purple i2pd project and licensed under BSD3
 *
@@ -39,6 +39,9 @@ namespace transport
 	const int SSU2_RESEND_INTERVAL = 300; // in milliseconds
 	const int SSU2_MAX_NUM_RESENDS = 5;
 	const int SSU2_INCOMPLETE_MESSAGES_CLEANUP_TIMEOUT = 30; // in seconds
+	const int SSU2_MAX_NUM_RECEIVED_I2NP_MSGIDS = 5000; // how many msgID we store for duplicates check
+	const int SSU2_RECEIVED_I2NP_MSGIDS_CLEANUP_TIMEOUT = 10; // in seconds
+	const int SSU2_DECAY_INTERVAL = 20; // in seconds
 	const size_t SSU2_MIN_WINDOW_SIZE = 16; // in packets
 	const size_t SSU2_MAX_WINDOW_SIZE = 256; // in packets
 	const size_t SSU2_MIN_RTO = 100; // in milliseconds
@@ -308,6 +311,7 @@ namespace transport
 			void HandleRelayIntro (const uint8_t * buf, size_t len, int attempts = 0);
 			void HandleRelayResponse (const uint8_t * buf, size_t len);
 			void HandlePeerTest (const uint8_t * buf, size_t len);
+			void HandleI2NPMsg (std::shared_ptr<I2NPMessage>&& msg);
 			
 			size_t CreateAddressBlock (uint8_t * buf, size_t len, const boost::asio::ip::udp::endpoint& ep);
 			size_t CreateRouterInfoBlock (uint8_t * buf, size_t len, std::shared_ptr<const i2p::data::RouterInfo> r);
@@ -351,6 +355,7 @@ namespace transport
 			SSU2TerminationReason m_TerminationReason;
 			size_t m_MaxPayloadSize;
 			std::unique_ptr<i2p::data::IdentHash> m_PathChallenge;
+			std::unordered_map<uint32_t, uint32_t> m_ReceivedI2NPMsgIDs; // msgID -> timestamp in seconds
 	};
 
 	inline uint64_t CreateHeaderMask (const uint8_t * kh, const uint8_t * nonce)

libi2pd/Tunnel.cpp

@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2013-2022, The PurpleI2P Project
+* Copyright (c) 2013-2023, The PurpleI2P Project
 *
 * This file is part of Purple i2pd project and licensed under BSD3
 *
@@ -433,12 +433,16 @@ namespace tunnel
 		}
 	}
 
-	void Tunnels::AddTransitTunnel (std::shared_ptr<TransitTunnel> tunnel)
+	bool Tunnels::AddTransitTunnel (std::shared_ptr<TransitTunnel> tunnel)
 	{
 		if (m_Tunnels.emplace (tunnel->GetTunnelID (), tunnel).second)
 			m_TransitTunnels.push_back (tunnel);
 		else
+		{	
 			LogPrint (eLogError, "Tunnel: Tunnel with id ", tunnel->GetTunnelID (), " already exists");
+			return false;	
+		}		
+		return true;	
 	}
 
 	void Tunnels::Start ()

libi2pd/Tunnel.h

@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2013-2022, The PurpleI2P Project
+* Copyright (c) 2013-2023, The PurpleI2P Project
 *
 * This file is part of Purple i2pd project and licensed under BSD3
 *
@@ -210,7 +210,7 @@ namespace tunnel
 			std::shared_ptr<TunnelPool> GetExploratoryPool () const { return m_ExploratoryPool; };
 			std::shared_ptr<TunnelBase> GetTunnel (uint32_t tunnelID);
 			int GetTransitTunnelsExpirationTimeout ();
-			void AddTransitTunnel (std::shared_ptr<TransitTunnel> tunnel);
+			bool AddTransitTunnel (std::shared_ptr<TransitTunnel> tunnel);
 			void AddOutboundTunnel (std::shared_ptr<OutboundTunnel> newTunnel);
 			void AddInboundTunnel (std::shared_ptr<InboundTunnel> newTunnel);
 			std::shared_ptr<InboundTunnel> CreateInboundTunnel (std::shared_ptr<TunnelConfig> config, std::shared_ptr<TunnelPool> pool, std::shared_ptr<OutboundTunnel> outboundTunnel);

libi2pd/version.h

@@ -17,7 +17,7 @@
 
 #define I2PD_VERSION_MAJOR 2
 #define I2PD_VERSION_MINOR 45
-#define I2PD_VERSION_MICRO 0
+#define I2PD_VERSION_MICRO 1
 #define I2PD_VERSION_PATCH 0
 #ifdef GITVER
 	#define I2PD_VERSION GITVER