Merge 17399da399 into 18707dd844

don't recalculate and process ranges for every Ack block
use AEADChaCha20Poly1305Encryptor and AEADChaCha20Poly1305Decryptor for test
2025-03-07 06:09:42 +00:00 · 2025-01-06 17:08:35 +01:00 · 2025-01-03 22:04:09 -05:00 · 2025-01-02 18:30:16 -05:00 · 2025-01-02 09:04:57 -05:00 · 2024-09-25 16:55:29 +00:00
4 changed files with 113 additions and 80 deletions
--- a/contrib/docker/docker-compose.yml
+++ b/contrib/docker/docker-compose.yml
@@ -0,0 +1,13 @@
+services:
+  i2pd:
+    container_name: i2pd2
+    image: purplei2p/i2pd
+    #optional
+    entrypoint: ["./entrypoint.sh", "--loglevel error"]
+    ports:
+      - 127.0.0.1:7656:7656
+      - 127.0.0.1:7070:7070
+      - 127.0.0.1:4444:4444
+    volumes:
+      - /path/to/i2pd/data:/home/i2pd/data                 # make sure data directory and it's contents are owned by 100:65533
+      - /path/to/i2pd/i2pd_certificates:/i2pd_certificates # make sure i2pd_certificates is owned by root:root and 755 permissions on the directory
--- a/libi2pd/SSU2Session.cpp
+++ b/libi2pd/SSU2Session.cpp
@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2022-2024, The PurpleI2P Project
+* Copyright (c) 2022-2025, The PurpleI2P Project
 *
 * This file is part of Purple i2pd project and licensed under BSD3
 *
@@ -92,7 +92,7 @@ namespace transport
 		m_RTO (SSU2_INITIAL_RTO), m_RelayTag (0),m_ConnectTimer (server.GetService ()), 
 		m_TerminationReason (eSSU2TerminationReasonNormalClose),
 		m_MaxPayloadSize (SSU2_MIN_PACKET_SIZE - IPV6_HEADER_SIZE - UDP_HEADER_SIZE - 32), // min size
-		m_LastResendTime (0), m_LastResendAttemptTime (0)
+		m_LastResendTime (0), m_LastResendAttemptTime (0), m_NumRanges (0)
 	{
 		if (noise)	
 			m_NoiseState.reset (new i2p::crypto::NoiseSymmetricState);
@@ -1744,6 +1744,7 @@ namespace transport
 		HandleAckRange (firstPacketNum, ackThrough, i2p::util::GetMillisecondsSinceEpoch ()); // acnt
 		// ranges
 		len -= 5;
+		if (!len || m_SentPackets.empty ()) return; // don't handle ranges if nothing to acknowledge
 		const uint8_t * ranges = buf + 5;
 		while (len > 0 && firstPacketNum && ackThrough - firstPacketNum < SSU2_MAX_NUM_ACK_PACKETS)
 		{
@@ -2624,17 +2625,17 @@ namespace transport
 	size_t SSU2Session::CreateAckBlock (uint8_t * buf, size_t len)
 	{
 		if (len < 8) return 0;
-		int maxNumRanges = (len - 8) >> 1;
-		if (maxNumRanges > SSU2_MAX_NUM_ACK_RANGES) maxNumRanges = SSU2_MAX_NUM_ACK_RANGES;
 		buf[0] = eSSU2BlkAck;
 		uint32_t ackThrough = m_OutOfSequencePackets.empty () ? m_ReceivePacketNum : *m_OutOfSequencePackets.rbegin ();
 		htobe32buf (buf + 3, ackThrough); // Ack Through
 		uint16_t acnt = 0;
-		int numRanges = 0;
 		if (ackThrough)
 		{
 			if (m_OutOfSequencePackets.empty ())
+			{	
 				acnt = std::min ((int)ackThrough, SSU2_MAX_NUM_ACNT); // no gaps
+				m_NumRanges = 0;
+			}	
 			else
 			{
 				auto it = m_OutOfSequencePackets.rbegin (); it++; // prev packet num
@@ -2647,87 +2648,96 @@ namespace transport
 						it++;
 				}
 				// ranges
-				uint32_t lastNum = ackThrough - acnt;
-				if (acnt > SSU2_MAX_NUM_ACNT)
-				{
-					auto d = std::div (acnt - SSU2_MAX_NUM_ACNT, SSU2_MAX_NUM_ACNT);
-					acnt = SSU2_MAX_NUM_ACNT;
-					if (d.quot > maxNumRanges)
+				if (!m_NumRanges)
+				{	
+					int maxNumRanges = (len - 8) >> 1;
+					if (maxNumRanges > SSU2_MAX_NUM_ACK_RANGES) maxNumRanges = SSU2_MAX_NUM_ACK_RANGES;
+					int numRanges = 0;
+					uint32_t lastNum = ackThrough - acnt;
+					if (acnt > SSU2_MAX_NUM_ACNT)
 					{
-						d.quot = maxNumRanges;
-						d.rem = 0;
-					}
-					// Acks only ranges for acnt
-					for (int i = 0; i < d.quot; i++)
-					{
-						buf[8 + numRanges*2] = 0; buf[8 + numRanges*2 + 1] = SSU2_MAX_NUM_ACNT; // NACKs 0, Acks 255
-						numRanges++;
-					}
-					if (d.rem > 0)
-					{
-						buf[8 + numRanges*2] = 0; buf[8 + numRanges*2 + 1] = d.rem;
-						numRanges++;
-					}
-				}
-				int numPackets = acnt + numRanges*SSU2_MAX_NUM_ACNT;
-				while (it != m_OutOfSequencePackets.rend () &&
-					numRanges < maxNumRanges && numPackets < SSU2_MAX_NUM_ACK_PACKETS)
-				{
-					if (lastNum - (*it) > SSU2_MAX_NUM_ACNT)
-					{
-						// NACKs only ranges
-						if (lastNum > (*it) + SSU2_MAX_NUM_ACNT*(maxNumRanges - numRanges)) break; // too many NACKs
-						while (lastNum - (*it) > SSU2_MAX_NUM_ACNT)
+						auto d = std::div (acnt - SSU2_MAX_NUM_ACNT, SSU2_MAX_NUM_ACNT);
+						acnt = SSU2_MAX_NUM_ACNT;
+						if (d.quot > maxNumRanges)
 						{
-							buf[8 + numRanges*2] = SSU2_MAX_NUM_ACNT; buf[8 + numRanges*2 + 1] = 0; // NACKs 255, Acks 0
-							lastNum -= SSU2_MAX_NUM_ACNT;
+							d.quot = maxNumRanges;
+							d.rem = 0;
+						}
+						// Acks only ranges for acnt
+						for (int i = 0; i < d.quot; i++)
+						{
+							m_Ranges[numRanges*2] = 0; m_Ranges[numRanges*2 + 1] = SSU2_MAX_NUM_ACNT; // NACKs 0, Acks 255
+							numRanges++;
+						}
+						if (d.rem > 0)
+						{
+							m_Ranges[numRanges*2] = 0; m_Ranges[numRanges*2 + 1] = d.rem;
 							numRanges++;
-							numPackets += SSU2_MAX_NUM_ACNT;
 						}
 					}
-					// NACKs and Acks ranges
-					buf[8 + numRanges*2] = lastNum - (*it) - 1; // NACKs
-					numPackets += buf[8 + numRanges*2];
-					lastNum = *it; it++;
-					int numAcks = 1;
-					while (it != m_OutOfSequencePackets.rend () && lastNum > 0 && *it == lastNum - 1)
+					int numPackets = acnt + numRanges*SSU2_MAX_NUM_ACNT;
+					while (it != m_OutOfSequencePackets.rend () &&
+						numRanges < maxNumRanges && numPackets < SSU2_MAX_NUM_ACK_PACKETS)
 					{
-						numAcks++; lastNum--;
-						it++;
-					}
-					while (numAcks > SSU2_MAX_NUM_ACNT)
-					{
-						// Acks only ranges
-						buf[8 + numRanges*2 + 1] = SSU2_MAX_NUM_ACNT; // Acks 255
-						numAcks -= SSU2_MAX_NUM_ACNT;
-						numRanges++;
-						numPackets += SSU2_MAX_NUM_ACNT;
-						buf[8 + numRanges*2] = 0; // NACKs 0
-						if (numRanges >= maxNumRanges || numPackets >= SSU2_MAX_NUM_ACK_PACKETS) break;
-					}
-					if (numAcks > SSU2_MAX_NUM_ACNT) numAcks = SSU2_MAX_NUM_ACNT;
-					buf[8 + numRanges*2 + 1] = (uint8_t)numAcks; // Acks
-					numPackets += numAcks;
-					numRanges++;
-				}
-				if (it == m_OutOfSequencePackets.rend () &&
-					numRanges < maxNumRanges && numPackets < SSU2_MAX_NUM_ACK_PACKETS)
-				{
-					// add range between out-of-sequence and received
-					int nacks = *m_OutOfSequencePackets.begin () - m_ReceivePacketNum - 1;
-					if (nacks > 0)
-					{
-						if (nacks > SSU2_MAX_NUM_ACNT) nacks = SSU2_MAX_NUM_ACNT;
-						buf[8 + numRanges*2] = nacks;
-						buf[8 + numRanges*2 + 1] = std::min ((int)m_ReceivePacketNum + 1, SSU2_MAX_NUM_ACNT);
+						if (lastNum - (*it) > SSU2_MAX_NUM_ACNT)
+						{
+							// NACKs only ranges
+							if (lastNum > (*it) + SSU2_MAX_NUM_ACNT*(maxNumRanges - numRanges)) break; // too many NACKs
+							while (lastNum - (*it) > SSU2_MAX_NUM_ACNT)
+							{
+								m_Ranges[numRanges*2] = SSU2_MAX_NUM_ACNT; m_Ranges[numRanges*2 + 1] = 0; // NACKs 255, Acks 0
+								lastNum -= SSU2_MAX_NUM_ACNT;
+								numRanges++;
+								numPackets += SSU2_MAX_NUM_ACNT;
+							}
+						}
+						// NACKs and Acks ranges
+						m_Ranges[numRanges*2] = lastNum - (*it) - 1; // NACKs
+						numPackets += m_Ranges[numRanges*2];
+						lastNum = *it; it++;
+						int numAcks = 1;
+						while (it != m_OutOfSequencePackets.rend () && lastNum > 0 && *it == lastNum - 1)
+						{
+							numAcks++; lastNum--;
+							it++;
+						}
+						while (numAcks > SSU2_MAX_NUM_ACNT)
+						{
+							// Acks only ranges
+							m_Ranges[numRanges*2 + 1] = SSU2_MAX_NUM_ACNT; // Acks 255
+							numAcks -= SSU2_MAX_NUM_ACNT;
+							numRanges++;
+							numPackets += SSU2_MAX_NUM_ACNT;
+							m_Ranges[numRanges*2] = 0; // NACKs 0
+							if (numRanges >= maxNumRanges || numPackets >= SSU2_MAX_NUM_ACK_PACKETS) break;
+						}
+						if (numAcks > SSU2_MAX_NUM_ACNT) numAcks = SSU2_MAX_NUM_ACNT;
+						m_Ranges[numRanges*2 + 1] = (uint8_t)numAcks; // Acks
+						numPackets += numAcks;
 						numRanges++;
 					}
-				}
+					if (it == m_OutOfSequencePackets.rend () &&
+						numRanges < maxNumRanges && numPackets < SSU2_MAX_NUM_ACK_PACKETS)
+					{
+						// add range between out-of-sequence and received
+						int nacks = *m_OutOfSequencePackets.begin () - m_ReceivePacketNum - 1;
+						if (nacks > 0)
+						{
+							if (nacks > SSU2_MAX_NUM_ACNT) nacks = SSU2_MAX_NUM_ACNT;
+							m_Ranges[numRanges*2] = nacks;
+							m_Ranges[numRanges*2 + 1] = std::min ((int)m_ReceivePacketNum + 1, SSU2_MAX_NUM_ACNT);
+							numRanges++;
+						}
+					}
+					m_NumRanges = numRanges;
+				}	
+				if (m_NumRanges)
+					memcpy (buf + 8, m_Ranges, m_NumRanges*2);
 			}
 		}
 		buf[7] = (uint8_t)acnt; // acnt
-		htobe16buf (buf + 1, 5 + numRanges*2);
-		return 8 + numRanges*2;
+		htobe16buf (buf + 1, 5 + m_NumRanges*2);
+		return 8 + m_NumRanges*2;
 	}

 	size_t SSU2Session::CreatePaddingBlock (uint8_t * buf, size_t len, size_t minSize)
@@ -2961,11 +2971,17 @@ namespace transport
 					}
 					m_OutOfSequencePackets.erase (m_OutOfSequencePackets.begin (), it);
 				}
+				m_NumRanges = 0; // recalculate ranges when create next Ack
 			}
 			m_ReceivePacketNum = packetNum;
 		}
 		else
+		{
+			if (m_NumRanges && (m_OutOfSequencePackets.empty () ||
+				packetNum != (*m_OutOfSequencePackets.rbegin ()) + 1))
+				m_NumRanges = 0; // reset ranges if received packet is not next
 			m_OutOfSequencePackets.insert (packetNum);
+		}	
 		return true;
 	}

--- a/libi2pd/SSU2Session.h
+++ b/libi2pd/SSU2Session.h
@@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2022-2024, The PurpleI2P Project
+* Copyright (c) 2022-2025, The PurpleI2P Project
 *
 * This file is part of Purple i2pd project and licensed under BSD3
 *
@@ -397,6 +397,8 @@ namespace transport
 			std::unique_ptr<i2p::data::IdentHash> m_PathChallenge;
 			std::unordered_map<uint32_t, uint32_t> m_ReceivedI2NPMsgIDs; // msgID -> timestamp in seconds
 			uint64_t m_LastResendTime, m_LastResendAttemptTime; // in milliseconds
+			int m_NumRanges;
+			uint8_t m_Ranges[SSU2_MAX_NUM_ACK_RANGES*2]; // ranges sent with previous Ack if any
 	};
 	
 	inline uint64_t CreateHeaderMask (const uint8_t * kh, const uint8_t * nonce)
--- a/tests/test-aeadchacha20poly1305.cpp
+++ b/tests/test-aeadchacha20poly1305.cpp
@@ -43,18 +43,20 @@ uint8_t encrypted[114] =
 int main ()
 {
 	uint8_t buf[114+16];
+    i2p::crypto::AEADChaCha20Poly1305Encryptor encryptor;
 	// test encryption
-	i2p::crypto::AEADChaCha20Poly1305 ((uint8_t *)text, 114, ad, 12, key, nonce, buf, 114 + 16, true);
+	encryptor.Encrypt ((uint8_t *)text, 114, ad, 12, key, nonce, buf, 114 + 16);
 	assert (memcmp (buf, encrypted, 114) == 0);
 	assert (memcmp (buf + 114, tag, 16) == 0);
 	// test decryption
 	uint8_t buf1[114];
-	assert (i2p::crypto::AEADChaCha20Poly1305 (buf, 114, ad, 12, key, nonce, buf1, 114, false));
+    i2p::crypto::AEADChaCha20Poly1305Decryptor decryptor;
+	assert (decryptor.Decrypt (buf, 114, ad, 12, key, nonce, buf1, 114));
 	assert (memcmp (buf1, text, 114) == 0);
 	// test encryption of multiple buffers
 	memcpy (buf, text, 114);
 	std::vector<std::pair<uint8_t*, std::size_t> > bufs{ std::make_pair (buf, 20), std::make_pair (buf + 20, 10), std::make_pair (buf + 30, 70), std::make_pair (buf + 100, 14) };
-	i2p::crypto::AEADChaCha20Poly1305Encrypt (bufs, key, nonce, buf + 114);
-	i2p::crypto::AEADChaCha20Poly1305 (buf, 114, nullptr, 0, key, nonce, buf1, 114, false);
+	encryptor.Encrypt (bufs, key, nonce, buf + 114);
+	decryptor.Decrypt (buf, 114, nullptr, 0, key, nonce, buf1, 114);
 	assert (memcmp (buf1, text, 114) == 0);
 }
Author	SHA1	Message	Date
Pratik B.	96ea87c24d	Merge `17399da399` into `18707dd844`	2025-01-06 17:08:35 +01:00
orignal	18707dd844	don't recalculate and process ranges for every Ack block	2025-01-03 22:04:09 -05:00
orignal	fc16a70f7b	use AEADChaCha20Poly1305Encryptor and AEADChaCha20Poly1305Decryptor for test	2025-01-02 18:30:16 -05:00
orignal	619ec5d9c1	fixed AEAD/Chacha20/Poly1305 test	2025-01-02 09:04:57 -05:00
imdef	17399da399	Added example docker-compose.yml	2024-09-25 16:55:29 +00:00