diff --git a/src/bitmessageqt/settings.py b/src/bitmessageqt/settings.py
index 513f285b..982328cc 100644
--- a/src/bitmessageqt/settings.py
+++ b/src/bitmessageqt/settings.py
@@ -99,6 +99,8 @@ class SettingsDialog(QtGui.QDialog):
config.getboolean('bitmessagesettings', 'socksauthentication'))
self.checkBoxSocksListen.setChecked(
config.getboolean('bitmessagesettings', 'sockslisten'))
+ self.checkBoxOnionOnly.setChecked(
+ config.safeGetBoolean('bitmessagesettings', 'onionservicesonly'))
proxy_type = config.safeGet(
'bitmessagesettings', 'socksproxytype', 'none')
@@ -110,6 +112,7 @@ class SettingsDialog(QtGui.QDialog):
self.lineEditSocksPassword.setEnabled(False)
self.checkBoxAuthentication.setEnabled(False)
self.checkBoxSocksListen.setEnabled(False)
+ self.checkBoxOnionOnly.setEnabled(False)
elif proxy_type == 'SOCKS4a':
self.comboBoxProxyType.setCurrentIndex(1)
elif proxy_type == 'SOCKS5':
@@ -200,11 +203,13 @@ class SettingsDialog(QtGui.QDialog):
self.lineEditSocksPassword.setEnabled(False)
self.checkBoxAuthentication.setEnabled(False)
self.checkBoxSocksListen.setEnabled(False)
+ self.checkBoxOnionOnly.setEnabled(False)
elif comboBoxIndex in (1, 2):
self.lineEditSocksHostname.setEnabled(True)
self.lineEditSocksPort.setEnabled(True)
self.checkBoxAuthentication.setEnabled(True)
self.checkBoxSocksListen.setEnabled(True)
+ self.checkBoxOnionOnly.setEnabled(True)
if self.checkBoxAuthentication.isChecked():
self.lineEditSocksUsername.setEnabled(True)
self.lineEditSocksPassword.setEnabled(True)
@@ -334,6 +339,11 @@ class SettingsDialog(QtGui.QDialog):
self.lineEditSocksPassword.text()))
self.config.set('bitmessagesettings', 'sockslisten', str(
self.checkBoxSocksListen.isChecked()))
+ if self.checkBoxOnionOnly.isChecked() \
+ and not self.config.safeGetBoolean('bitmessagesettings', 'onionservicesonly'):
+ self.net_restart_needed = True
+ self.config.set('bitmessagesettings', 'onionservicesonly', str(
+ self.checkBoxOnionOnly.isChecked()))
try:
# Rounding to integers just for aesthetics
self.config.set('bitmessagesettings', 'maxdownloadrate', str(
diff --git a/src/bitmessageqt/settings.ui b/src/bitmessageqt/settings.ui
index 307c06c2..963f2e64 100644
--- a/src/bitmessageqt/settings.ui
+++ b/src/bitmessageqt/settings.ui
@@ -403,6 +403,13 @@
+ -
+
+
+ Only connect to onion services (*.onion)
+
+
+
-
-
diff --git a/src/network/connectionchooser.py b/src/network/connectionchooser.py
index ead8b31b..838ca45d 100644
--- a/src/network/connectionchooser.py
+++ b/src/network/connectionchooser.py
@@ -26,6 +26,8 @@ def getDiscoveredPeer():
def chooseConnection(stream):
haveOnion = BMConfigParser().safeGet(
"bitmessagesettings", "socksproxytype")[0:5] == 'SOCKS'
+ onionOnly = BMConfigParser().safeGetBoolean(
+ "bitmessagesettings", "onionservicesonly")
if state.trustedPeer:
return state.trustedPeer
try:
@@ -49,6 +51,9 @@ def chooseConnection(stream):
logger.warning('Error in %s', peer)
rating = 0
if haveOnion:
+ # do not connect to raw IP addresses--keep all traffic within Tor overlay
+ if onionOnly and not peer.host.endswith('.onion'):
+ continue
# onion addresses have a higher priority when SOCKS
if peer.host.endswith('.onion') and rating > 0:
rating = 1