The code quality of I2Pd?

[lgillis]

How can someone, who is not or only partially familiar with c/cpp, recognize the quality of the source code? How meaningful are the errors and warnings found by static code analysis programs such as cppcheck? Are the comments and annotations in the code and git sufficient and comprehensible for developers? What else should you look out for?

[anikey]

It has some bit weird behaviors. (Not gonna comment on static checkers because i didn't do them) (These below comments may or may not reflect the general state of i2pd aka its quality).

For example, sometimes (when i leave qbittorrent open) when i shutdown i2pd, after the 10 minutes runs out, it hangs, and does not shutdown. I believe this is due to that qbittorrent left connection open, but if i remember correctly, it does not stop even after i close qbittorrent, and i have to kill -9 i2pd. When it does not happen is when i quit qbittorrent before i2pd tries to shutdown, i think.

Also, in the "Local Destinations" tab, it lists one extra destination that is not in "I2P tunnels", nor in "SAM sessions". I was digging in its code some time back, and found that it appears to be a "shared local destination". One can guess that it could be used for things like fetching address books. (The weird thing here is that it's not really mentioned).

[lgillis]

A relatively well-known YouTuber, whose name I've already forgotten, said in one of his posts about Linux that once you look behind the scenes of open source software, you realize how much pixie dust is used to hold the source code together.

(shutdown: Maybe it depends on how I2Pd is shut down. There have been no such delays with systemd so far. Of course, this does not mean that you will see different behavior on other systems).

[anikey]

I'm not sure that an init system would affect this shutdown freeze issue.
I shut it down from the web console.

[lgillis]

I'm not sure that an init system would affect this shutdown freeze issue.
I shut it down from the web console.

Here is the relevant excerpt from

# Use SIGTERM to stop i2pd immediately.
# Some cleanup processes can delay stopping, so we set 30 seconds timeout and then SIGKILL i2pd.

This does not include a Daemon.gracefulShutdownInterval of 10 minutes.

Sorry, but I see no reason why I should manually stop a system service via a web console*, whose position in the system is basically like other daemons running in the background, such as DNS, proxy and e-mail servers. (* What's more, this is a really one-sided affair, stopping works, but not starting. Which in turn raises another question as to why everyone has access to this switch in a multi-user system, despite it being started as a system service.) Or have I missed something?

Available options for ultimate consumer like you and me, either pull a ticket and report it as a bug or use I2Pd as a system service or write a script that initiates a GracefulShutdown and sends a "fuck off" after the time period has expired.

[lgillis]

Btw, strictly speaking, there is still no recognized attack on I2Pd. There may be indications from the user community[fn:1] and there may also be an amateurish inquiry[fn:2] into the general state of the network, but there is no confirmation from the developers, at least not in Git[fn:3], where the traceable development is assumed to take place. After all, we regularly look for changes in Git because our security is at stake and we wouldn't entrust that to just any app … The current version is 2.51.0, released one month ago.

The developers of Java-I2P have now issued an info[4] referring to the current denial of service. They talk about I2P and I2Pd, but I doubt that the Java developers can speak for the CPP developers of I2Pd.

Does a project like I2Pd even need soft skills to inspire confidence among users?

[fn:1] viewtopic.php?p=345 "Torrenting and Network attack"

[fn:2] https://github.com/PurpleI2P/i2pd/issues/2057 "network
dead?"

[fn:3] https://github.com/PurpleI2P/i2pd "git clone https://github.com/PurpleI2P/i2pd.git"

[fn:4] i2p2www/blog/2024/04/25/stormy_weather.rst "The I2P network is currently under a Denial-of-Service attack. This attack affects I2P and i2pd but in different ways and is having a serious effect on network health […]"

[cumlord]

technically true as far as i know, there have been frequent releases on the developer side for i2p+ and i2pd to mitigate effects of things (i2p+ just released again with new GeoIP db) and official release just out for java. i don't know if the attack is specifically aimed at i2pd but i do think it was intended to abuse the sybil tool against the network. with newest dev releases i've been seeing in the 14-18% tunnel success for i2pd and around 80% for i2p+.

i2pd is useable for me now. you can get good info in irc too, the developers from all 3 have talked about the attack there. as far as lack of communication on the i2pd side through more official channels i wonder if language barrier has to do with it. there's one guy i kept seeing pestering one of the i2pd devs about his lack of english abilities but i don't see him trying to talk to him in russian.

[lgillis]

A short feedback. It is not so easy to make connections at the moment. I'm using I2Pd-Git from Sunday (d0cf385f) and it's been on for about 16 hours: Tunnel creation success rate: 24%, Routers: 3003 Floodfills: 803. (Sample at the time of writing and the figures should be treated with caution as I am currently staying out of the action for the most part.)

Perhaps you could briefly explain why you are bringing the “GeoIP” into play, cumlord?

[cumlord]

i'll take double digits for i2pd, mine are also tracking in 20%'s now. better than the 1-4% i was seeing when none of my i2pd routers could hold a tunnel open

it may or may not have been relevant to mention it as i think i missed part of the discussion, just what i remembered dr|z3d saying. at the time i thought it might have had something to do with adjusting the sybil tool or banlist for certain ip ranges regarding the attack but i could be mistaken.