diff --git a/.gitignore b/.gitignore index fc331499..6bc048a5 100644 --- a/.gitignore +++ b/.gitignore @@ -25,3 +25,4 @@ coverage.xml **coverage.json .buildozer .tox +*.swp diff --git a/src/bitmessageqt/__init__.py b/src/bitmessageqt/__init__.py index 3e66c364..e9aabc1b 100644 --- a/src/bitmessageqt/__init__.py +++ b/src/bitmessageqt/__init__.py @@ -1386,7 +1386,7 @@ class MyForm(settingsmixin.SMainWindow): # initialise the message notifier def notifierInit(self): def _simple_notify( - title, subtitle, category, label=None, icon=None): + title, subtitle, category, label=None, icon=QtWidgets.QSystemTrayIcon.MessageIcon.Information): self.tray.showMessage(title, subtitle, icon, 2000) self._notifier = _simple_notify @@ -1416,7 +1416,7 @@ class MyForm(settingsmixin.SMainWindow): logger.warning("No notification.sound plugin found") def notifierShow( - self, title, subtitle, category, label=None, icon=None): + self, title, subtitle, category, label=None, icon=QtWidgets.QSystemTrayIcon.MessageIcon.Information): self.playSound(category, label) self._notifier( str(title), str(subtitle), category, label, icon) diff --git a/src/network/httpd.py b/src/network/httpd.py index b69ffa99..654566c2 100644 --- a/src/network/httpd.py +++ b/src/network/httpd.py @@ -5,7 +5,7 @@ src/network/httpd.py import asyncore import socket -from tls import TLSHandshake +from .tls import TLSHandshake class HTTPRequestHandler(asyncore.dispatcher): diff --git a/src/network/https.py b/src/network/https.py index a7b8b57c..2ecf01f6 100644 --- a/src/network/https.py +++ b/src/network/https.py @@ -1,7 +1,7 @@ import asyncore from http import HTTPClient -from tls import TLSHandshake +from .tls import TLSHandshake """ self.sslSock = ssl.wrap_socket( diff --git a/src/network/knownnodes.py b/src/network/knownnodes.py index 01aa4729..7d214001 100644 --- a/src/network/knownnodes.py +++ b/src/network/knownnodes.py @@ -108,6 +108,8 @@ def addKnownNode(stream, peer, lastseen=None, is_self=False): Returns True if added a new node. """ # pylint: disable=too-many-branches + if not isinstance(peer.host, str): + peer = Peer(peer.host.decode(), peer.port) if isinstance(stream, Iterable): with knownNodesLock: for s in stream: diff --git a/src/network/tls.py b/src/network/tls.py index 7d76c48e..2f30fcc0 100644 --- a/src/network/tls.py +++ b/src/network/tls.py @@ -40,7 +40,6 @@ if ( else: sslProtocolCiphers = "AECDH-AES256-SHA" - class TLSDispatcher(AdvancedDispatcher): """TLS functionality for classes derived from AdvancedDispatcher""" # pylint: disable=too-many-instance-attributes, too-many-arguments @@ -58,17 +57,22 @@ class TLSDispatcher(AdvancedDispatcher): self.tlsDone = False self.tlsVersion = "N/A" self.isSSL = False + self.tlsPrepared = False def state_tls_init(self): """Prepare sockets for TLS handshake""" self.isSSL = True self.tlsStarted = True + + self.want_read = self.want_write = True + self.set_state("tls_handshake") + return False + + def do_tls_init(self): # Once the connection has been established, # it's safe to wrap the socket. if sys.version_info >= (2, 7, 9): - context = ssl.create_default_context( - purpose=ssl.Purpose.SERVER_AUTH - if self.server_side else ssl.Purpose.CLIENT_AUTH) + context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) context.set_ciphers(self.ciphers) context.set_ecdh_curve("secp256k1") context.check_hostname = False @@ -76,7 +80,7 @@ class TLSDispatcher(AdvancedDispatcher): # also exclude TLSv1 and TLSv1.1 in the future context.options = ssl.OP_ALL | ssl.OP_NO_SSLv2 |\ ssl.OP_NO_SSLv3 | ssl.OP_SINGLE_ECDH_USE |\ - ssl.OP_CIPHER_SERVER_PREFERENCE + ssl.OP_CIPHER_SERVER_PREFERENCE | ssl.OP_NO_TLSv1_3 self.sslSocket = context.wrap_socket( self.socket, server_side=self.server_side, do_handshake_on_connect=False) @@ -88,7 +92,6 @@ class TLSDispatcher(AdvancedDispatcher): ciphers=self.ciphers, do_handshake_on_connect=False) self.sslSocket.setblocking(0) self.want_read = self.want_write = True - self.set_state("tls_handshake") return False @staticmethod @@ -134,7 +137,11 @@ class TLSDispatcher(AdvancedDispatcher): try: # wait for write buffer flush if self.tlsStarted and not self.tlsDone and not self.write_buf: - self.tls_handshake() + if not self.tlsPrepared: + self.do_tls_init() + self.tlsPrepared = True + else: + self.tls_handshake() else: AdvancedDispatcher.handle_read(self) except AttributeError: @@ -156,7 +163,11 @@ class TLSDispatcher(AdvancedDispatcher): try: # wait for write buffer flush if self.tlsStarted and not self.tlsDone and not self.write_buf: - self.tls_handshake() + if not self.tlsPrepared: + self.do_tls_init() + self.tlsPrepared = True + else: + self.tls_handshake() else: AdvancedDispatcher.handle_write(self) except AttributeError: diff --git a/src/protocol.py b/src/protocol.py index 608343fd..d1d2771f 100644 --- a/src/protocol.py +++ b/src/protocol.py @@ -250,8 +250,6 @@ def haveSSL(server=False): python < 2.7.9's ssl library does not support ECDSA server due to missing initialisation of available curves, but client works ok """ - # XXX debug - disable TLS - return False if not server: return True elif sys.version_info >= (2, 7, 9):