Fix #748 - Check hash of sig instead of message contents
This commit is contained in:
parent
3527983fa6
commit
95c939a2a0
|
@ -427,6 +427,7 @@ class objectProcessor(threading.Thread):
|
|||
logger.debug('As a matter of intellectual curiosity, here is the Bitcoin address associated with the keys owned by the other person: %s ..and here is the testnet address: %s. The other person must take their private signing key from Bitmessage and import it into Bitcoin (or a service like Blockchain.info) for it to be of any use. Do not use this unless you know what you are doing.' %
|
||||
(helper_bitcoin.calculateBitcoinAddressFromPubkey(pubSigningKey), helper_bitcoin.calculateTestnetAddressFromPubkey(pubSigningKey))
|
||||
)
|
||||
sigHash = hashlib.sha512(hashlib.sha512(signature).digest()).digest()[32:] # Used to detect and ignore duplicate messages in our inbox
|
||||
|
||||
# calculate the fromRipe.
|
||||
sha = hashlib.new('sha512')
|
||||
|
@ -503,13 +504,13 @@ class objectProcessor(threading.Thread):
|
|||
body = 'Unknown encoding type.\n\n' + repr(message)
|
||||
subject = ''
|
||||
# Let us make sure that we haven't already received this message
|
||||
if helper_inbox.isMessageAlreadyInInbox(toAddress, fromAddress, subject, body, messageEncodingType):
|
||||
if helper_inbox.isMessageAlreadyInInbox(sigHash):
|
||||
logger.info('This msg is already in our inbox. Ignoring it.')
|
||||
blockMessage = True
|
||||
if not blockMessage:
|
||||
if messageEncodingType != 0:
|
||||
t = (inventoryHash, toAddress, fromAddress, subject, int(
|
||||
time.time()), body, 'inbox', messageEncodingType, 0)
|
||||
time.time()), body, 'inbox', messageEncodingType, 0, sigHash)
|
||||
helper_inbox.insert(t)
|
||||
|
||||
shared.UISignalQueue.put(('displayNewInboxMessage', (
|
||||
|
@ -701,6 +702,7 @@ class objectProcessor(threading.Thread):
|
|||
logger.debug('ECDSA verify failed')
|
||||
return
|
||||
logger.debug('ECDSA verify passed')
|
||||
sigHash = hashlib.sha512(hashlib.sha512(signature).digest()).digest()[32:] # Used to detect and ignore duplicate messages in our inbox
|
||||
|
||||
fromAddress = encodeAddress(
|
||||
sendersAddressVersion, sendersStream, calculatedRipe)
|
||||
|
@ -735,33 +737,33 @@ class objectProcessor(threading.Thread):
|
|||
subject = ''
|
||||
elif messageEncodingType == 0:
|
||||
logger.info('messageEncodingType == 0. Doing nothing with the message.')
|
||||
return
|
||||
else:
|
||||
body = 'Unknown encoding type.\n\n' + repr(message)
|
||||
subject = ''
|
||||
|
||||
toAddress = '[Broadcast subscribers]'
|
||||
if messageEncodingType != 0:
|
||||
if helper_inbox.isMessageAlreadyInInbox(toAddress, fromAddress, subject, body, messageEncodingType):
|
||||
logger.info('This broadcast is already in our inbox. Ignoring it.')
|
||||
else:
|
||||
t = (inventoryHash, toAddress, fromAddress, subject, int(
|
||||
time.time()), body, 'inbox', messageEncodingType, 0)
|
||||
helper_inbox.insert(t)
|
||||
if helper_inbox.isMessageAlreadyInInbox(sigHash):
|
||||
logger.info('This broadcast is already in our inbox. Ignoring it.')
|
||||
return
|
||||
t = (inventoryHash, toAddress, fromAddress, subject, int(
|
||||
time.time()), body, 'inbox', messageEncodingType, 0, sigHash)
|
||||
helper_inbox.insert(t)
|
||||
|
||||
shared.UISignalQueue.put(('displayNewInboxMessage', (
|
||||
inventoryHash, toAddress, fromAddress, subject, body)))
|
||||
shared.UISignalQueue.put(('displayNewInboxMessage', (
|
||||
inventoryHash, toAddress, fromAddress, subject, body)))
|
||||
|
||||
# If we are behaving as an API then we might need to run an
|
||||
# outside command to let some program know that a new message
|
||||
# has arrived.
|
||||
if shared.safeConfigGetBoolean('bitmessagesettings', 'apienabled'):
|
||||
try:
|
||||
apiNotifyPath = shared.config.get(
|
||||
'bitmessagesettings', 'apinotifypath')
|
||||
except:
|
||||
apiNotifyPath = ''
|
||||
if apiNotifyPath != '':
|
||||
call([apiNotifyPath, "newBroadcast"])
|
||||
# If we are behaving as an API then we might need to run an
|
||||
# outside command to let some program know that a new message
|
||||
# has arrived.
|
||||
if shared.safeConfigGetBoolean('bitmessagesettings', 'apienabled'):
|
||||
try:
|
||||
apiNotifyPath = shared.config.get(
|
||||
'bitmessagesettings', 'apinotifypath')
|
||||
except:
|
||||
apiNotifyPath = ''
|
||||
if apiNotifyPath != '':
|
||||
call([apiNotifyPath, "newBroadcast"])
|
||||
|
||||
# Display timing data
|
||||
logger.info('Time spent processing this interesting broadcast: %s' % (time.time() - messageProcessingStartTime,))
|
||||
|
|
|
@ -821,8 +821,9 @@ class singleWorker(threading.Thread):
|
|||
# If we are sending to ourselves or a chan, let's put the message in
|
||||
# our own inbox.
|
||||
if shared.config.has_section(toaddress):
|
||||
sigHash = hashlib.sha512(hashlib.sha512(signature).digest()).digest()[32:] # Used to detect and ignore duplicate messages in our inbox
|
||||
t = (inventoryHash, toaddress, fromaddress, subject, int(
|
||||
time.time()), message, 'inbox', 2, 0)
|
||||
time.time()), message, 'inbox', 2, 0, sigHash)
|
||||
helper_inbox.insert(t)
|
||||
|
||||
shared.UISignalQueue.put(('displayNewInboxMessage', (
|
||||
|
|
|
@ -28,7 +28,7 @@ class sqlThread(threading.Thread):
|
|||
|
||||
try:
|
||||
self.cur.execute(
|
||||
'''CREATE TABLE inbox (msgid blob, toaddress text, fromaddress text, subject text, received text, message text, folder text, encodingtype int, read bool, UNIQUE(msgid) ON CONFLICT REPLACE)''' )
|
||||
'''CREATE TABLE inbox (msgid blob, toaddress text, fromaddress text, subject text, received text, message text, folder text, encodingtype int, read bool, sighash blob, UNIQUE(msgid) ON CONFLICT REPLACE)''' )
|
||||
self.cur.execute(
|
||||
'''CREATE TABLE sent (msgid blob, toaddress text, toripe blob, fromaddress text, subject text, message text, ackdata blob, lastactiontime integer, status text, pubkeyretrynumber integer, msgretrynumber integer, folder text, encodingtype int)''' )
|
||||
self.cur.execute(
|
||||
|
@ -61,7 +61,7 @@ class sqlThread(threading.Thread):
|
|||
'''INSERT INTO subscriptions VALUES('Bitmessage new releases/announcements','BM-GtovgYdgs7qXPkoYaRgrLFuFKz1SFpsw',1)''')
|
||||
self.cur.execute(
|
||||
'''CREATE TABLE settings (key blob, value blob, UNIQUE(key) ON CONFLICT REPLACE)''' )
|
||||
self.cur.execute( '''INSERT INTO settings VALUES('version','8')''')
|
||||
self.cur.execute( '''INSERT INTO settings VALUES('version','9')''')
|
||||
self.cur.execute( '''INSERT INTO settings VALUES('lastvacuumtime',?)''', (
|
||||
int(time.time()),))
|
||||
self.cur.execute(
|
||||
|
@ -361,6 +361,20 @@ class sqlThread(threading.Thread):
|
|||
self.cur.execute(query, parameters)
|
||||
logger.debug('Finished clearing currently held pubkeys.')
|
||||
|
||||
# Add a new column to the inbox table to store the hash of the message signature.
|
||||
# We'll use this as temporary message UUID in order to detect duplicates.
|
||||
item = '''SELECT value FROM settings WHERE key='version';'''
|
||||
parameters = ''
|
||||
self.cur.execute(item, parameters)
|
||||
currentVersion = int(self.cur.fetchall()[0][0])
|
||||
if currentVersion == 8:
|
||||
logger.debug('In messages.dat database, adding sighash field to the inbox table.')
|
||||
item = '''ALTER TABLE inbox ADD sighash blob DEFAULT '' '''
|
||||
parameters = ''
|
||||
self.cur.execute(item, parameters)
|
||||
item = '''update settings set value=? WHERE key='version';'''
|
||||
parameters = (9,)
|
||||
self.cur.execute(item, parameters)
|
||||
|
||||
# Are you hoping to add a new option to the keys.dat file of existing
|
||||
# Bitmessage users or modify the SQLite database? Add it right above this line!
|
||||
|
|
|
@ -2,14 +2,14 @@ from helper_sql import *
|
|||
import shared
|
||||
|
||||
def insert(t):
|
||||
sqlExecute('''INSERT INTO inbox VALUES (?,?,?,?,?,?,?,?,?)''', *t)
|
||||
sqlExecute('''INSERT INTO inbox VALUES (?,?,?,?,?,?,?,?,?,?)''', *t)
|
||||
shared.UISignalQueue.put(('changedInboxUnread', None))
|
||||
|
||||
def trash(msgid):
|
||||
sqlExecute('''UPDATE inbox SET folder='trash' WHERE msgid=?''', msgid)
|
||||
shared.UISignalQueue.put(('removeInboxRowByMsgid',msgid))
|
||||
|
||||
def isMessageAlreadyInInbox(toAddress, fromAddress, subject, body, encodingType):
|
||||
def isMessageAlreadyInInbox(sigHash):
|
||||
queryReturn = sqlQuery(
|
||||
'''SELECT COUNT(*) FROM inbox WHERE toaddress=? AND fromaddress=? AND subject=? AND message=? AND encodingtype=? ''', toAddress, fromAddress, subject, body, encodingType)
|
||||
'''SELECT COUNT(*) FROM inbox WHERE sighash=?''', sigHash)
|
||||
return queryReturn[0][0] != 0
|
Reference in New Issue
Block a user