Add a checkbox to the network settings tab that allows restricting outbound connections to onion services (i.e., hosts that end with '.onion').
This commit is contained in:
parent
f0b4e4ded4
commit
b42f536d23
|
@ -99,6 +99,8 @@ class SettingsDialog(QtGui.QDialog):
|
|||
config.getboolean('bitmessagesettings', 'socksauthentication'))
|
||||
self.checkBoxSocksListen.setChecked(
|
||||
config.getboolean('bitmessagesettings', 'sockslisten'))
|
||||
self.checkBoxOnionOnly.setChecked(
|
||||
config.safeGetBoolean('bitmessagesettings', 'onionservicesonly'))
|
||||
|
||||
proxy_type = config.safeGet(
|
||||
'bitmessagesettings', 'socksproxytype', 'none')
|
||||
|
@ -110,6 +112,7 @@ class SettingsDialog(QtGui.QDialog):
|
|||
self.lineEditSocksPassword.setEnabled(False)
|
||||
self.checkBoxAuthentication.setEnabled(False)
|
||||
self.checkBoxSocksListen.setEnabled(False)
|
||||
self.checkBoxOnionOnly.setEnabled(False)
|
||||
elif proxy_type == 'SOCKS4a':
|
||||
self.comboBoxProxyType.setCurrentIndex(1)
|
||||
elif proxy_type == 'SOCKS5':
|
||||
|
@ -200,11 +203,13 @@ class SettingsDialog(QtGui.QDialog):
|
|||
self.lineEditSocksPassword.setEnabled(False)
|
||||
self.checkBoxAuthentication.setEnabled(False)
|
||||
self.checkBoxSocksListen.setEnabled(False)
|
||||
self.checkBoxOnionOnly.setEnabled(False)
|
||||
elif comboBoxIndex in (1, 2):
|
||||
self.lineEditSocksHostname.setEnabled(True)
|
||||
self.lineEditSocksPort.setEnabled(True)
|
||||
self.checkBoxAuthentication.setEnabled(True)
|
||||
self.checkBoxSocksListen.setEnabled(True)
|
||||
self.checkBoxOnionOnly.setEnabled(True)
|
||||
if self.checkBoxAuthentication.isChecked():
|
||||
self.lineEditSocksUsername.setEnabled(True)
|
||||
self.lineEditSocksPassword.setEnabled(True)
|
||||
|
@ -334,6 +339,11 @@ class SettingsDialog(QtGui.QDialog):
|
|||
self.lineEditSocksPassword.text()))
|
||||
self.config.set('bitmessagesettings', 'sockslisten', str(
|
||||
self.checkBoxSocksListen.isChecked()))
|
||||
if self.checkBoxOnionOnly.isChecked() \
|
||||
and not self.config.safeGetBoolean('bitmessagesettings', 'onionservicesonly'):
|
||||
self.net_restart_needed = True
|
||||
self.config.set('bitmessagesettings', 'onionservicesonly', str(
|
||||
self.checkBoxOnionOnly.isChecked()))
|
||||
try:
|
||||
# Rounding to integers just for aesthetics
|
||||
self.config.set('bitmessagesettings', 'maxdownloadrate', str(
|
||||
|
|
|
@ -403,6 +403,13 @@
|
|||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="4" column="1" colspan="4">
|
||||
<widget class="QCheckBox" name="checkBoxOnionOnly">
|
||||
<property name="text">
|
||||
<string>Only connect to onion services (*.onion)</string>
|
||||
</property>
|
||||
</widget>
|
||||
</item>
|
||||
<item row="0" column="1">
|
||||
<widget class="QComboBox" name="comboBoxProxyType">
|
||||
<item>
|
||||
|
|
|
@ -26,6 +26,8 @@ def getDiscoveredPeer():
|
|||
def chooseConnection(stream):
|
||||
haveOnion = BMConfigParser().safeGet(
|
||||
"bitmessagesettings", "socksproxytype")[0:5] == 'SOCKS'
|
||||
onionOnly = BMConfigParser().safeGetBoolean(
|
||||
"bitmessagesettings", "onionservicesonly")
|
||||
if state.trustedPeer:
|
||||
return state.trustedPeer
|
||||
try:
|
||||
|
@ -49,6 +51,9 @@ def chooseConnection(stream):
|
|||
logger.warning('Error in %s', peer)
|
||||
rating = 0
|
||||
if haveOnion:
|
||||
# do not connect to raw IP addresses--keep all traffic within Tor overlay
|
||||
if onionOnly and not peer.host.endswith('.onion'):
|
||||
continue
|
||||
# onion addresses have a higher priority when SOCKS
|
||||
if peer.host.endswith('.onion') and rating > 0:
|
||||
rating = 1
|
||||
|
|
Reference in New Issue
Block a user