Merge bitcoin/bitcoin#25355: I2P: add support for transient addresses for outbound connections

59aa54f731 i2p: log "SAM session" instead of "session" (Vasil Dimov)
d7ec30b648 doc: add release notes about the I2P transient addresses (Vasil Dimov)
47c0d02f12 doc: document I2P transient addresses usage in doc/i2p.md (Vasil Dimov)
3914e472f5 test: add a test that -i2pacceptincoming=0 creates a transient session (Vasil Dimov)
ae1e97ce86 net: use transient I2P session for outbound if -i2pacceptincoming=0 (Vasil Dimov)
a1580a04f5 net: store an optional I2P session in CNode (Vasil Dimov)
2b781ad66e i2p: add support for creating transient sessions (Vasil Dimov)

Pull request description:

  Add support for generating a transient, one-time I2P address for ourselves when making I2P outbound connection and discard it once the connection is closed.

  Background
  ---
  In I2P connections, the host that receives the connection knows the I2P address of the connection initiator. This is unlike the Tor network where the recipient does not know who is connecting to them, not even the initiator's Tor address.

  Persistent vs transient I2P addresses
  ---
  Even if an I2P node is not accepting incoming connections, they are known to other nodes by their outgoing I2P address. This creates an opportunity to white-list given nodes or treat them differently based on their I2P address. However, this also creates an opportunity to fingerprint or analyze a given node because it always uses the same I2P address when it connects to other nodes. If this is undesirable, then a node operator can use the newly introduced `-i2ptransientout` to generate a transient (disposable), one-time I2P address for each new outgoing connection. That address is never going to be reused again, not even if reconnecting to the same peer later.

ACKs for top commit:
  mzumsande:
    ACK 59aa54f731 (verified via range-diff that just a typo / `unique_ptr` initialisation were fixed)
  achow101:
    re-ACK 59aa54f731
  jonatack:
    utACK 59aa54f731 reviewed range diff, rebased to master, debug build + relevant tests + review at each commit

Tree-SHA512: 2be9b9dd7502b2d44a75e095aaece61700766bff9af0a2846c29ca4e152b0a92bdfa30f61e8e32b6edb1225f74f1a78d19b7bf069f00b8f8173e69705414a93e

test/functional/p2p_i2p_sessions.py

@@ -0,0 +1,36 @@
+#!/usr/bin/env python3
+# Copyright (c) 2022-2022 The Bitcoin Core developers
+# Distributed under the MIT software license, see the accompanying
+# file COPYING or http://www.opensource.org/licenses/mit-license.php.
+"""
+Test whether persistent or transient I2P sessions are being used, based on `-i2pacceptincoming`.
+"""
+
+from test_framework.test_framework import BitcoinTestFramework
+
+
+class I2PSessions(BitcoinTestFramework):
+    def set_test_params(self):
+        self.num_nodes = 2
+        # The test assumes that an I2P SAM proxy is not listening here.
+        self.extra_args = [
+            ["-i2psam=127.0.0.1:60000", "-i2pacceptincoming=1"],
+            ["-i2psam=127.0.0.1:60000", "-i2pacceptincoming=0"],
+        ]
+
+    def run_test(self):
+        addr = "zsxwyo6qcn3chqzwxnseusqgsnuw3maqnztkiypyfxtya4snkoka.b32.i2p"
+
+        self.log.info("Ensure we create a persistent session when -i2pacceptincoming=1")
+        node0 = self.nodes[0]
+        with node0.assert_debug_log(expected_msgs=[f"Creating persistent SAM session"]):
+            node0.addnode(node=addr, command="onetry")
+
+        self.log.info("Ensure we create a transient session when -i2pacceptincoming=0")
+        node1 = self.nodes[1]
+        with node1.assert_debug_log(expected_msgs=[f"Creating transient SAM session"]):
+            node1.addnode(node=addr, command="onetry")
+
+
+if __name__ == '__main__':
+    I2PSessions().main()

test/functional/test_runner.py

@@ -330,6 +330,7 @@ BASE_SCRIPTS = [
     'feature_blocksdir.py',
     'wallet_startup.py',
     'p2p_i2p_ports.py',
+    'p2p_i2p_sessions.py',
     'feature_config_args.py',
     'feature_presegwit_node_upgrade.py',
     'feature_settings.py',