Bitmessage/PyBitmessage-2025-02-02
Archived
2
0
Fork 0
Code Issues 167 Pull Requests 53 Actions Packages Projects Releases 5 Wiki Activity

Strip message headers that could possibly lead to loss of anonymity

Browse Source
This commit is contained in:
Chuck 2013-07-10 17:00:26 +07:00
parent cb7618f1b6
commit 6eea004723
4 changed files with 88 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/bitmessageqt/__init__.py
View File

@ -1757,6 +1757,10 @@ class MyForm(QtGui.QMainWindow):
self.settingsDialogInstance.ui.lineEditPOP3Port.text()))
shared.config.set('bitmessagesettings', 'pop3ssl', str(
self.settingsDialogInstance.ui.checkBoxEnablePOP3SSL.isChecked()))
shared.config.set('bitmessagesettings', 'stripmessageheadersenable', str(
self.settingsDialogInstance.ui.checkBoxStripMessageHeaders.isChecked()))
shared.config.set('bitmessagesettings', 'stripmessageheaders', str(
self.settingsDialogInstance.ui.lineEditMessageHeadersToStrip.text()))
if self.settingsDialogInstance.sslCertFile is None:
shared.config.remove_option('bitmessagesettings', 'certfile')
else:
@ -2728,6 +2732,15 @@ class settingsDialog(QtGui.QDialog):
shared.config.getboolean('bitmessagesettings', 'showtraynotifications'))
self.ui.checkBoxStartInTray.setChecked(
shared.config.getboolean('bitmessagesettings', 'startintray'))
try:
self.ui.checkBoxStripMessageHeaders.setChecked(
shared.config.getboolean('bitmessagesettings', 'stripmessageheadersenable'))
self.ui.lineEditMessageHeadersToStrip.setText(
shared.config.get('bitmessagesettings', 'stripmessageheaders'))
except:
self.ui.checkBoxStripMessageHeaders.setChecked(True)
self.ui.lineEditMessageHeadersToStrip.setText('Message-ID, User-Agent')
if shared.appdata == '':
self.ui.checkBoxPortableMode.setChecked(True)
if 'darwin' in sys.platform:
@ -2869,6 +2882,9 @@ class settingsDialog(QtGui.QDialog):
"clicked()"), self.click_FindSSLCertificate)
QtCore.QObject.connect(self.ui.pushButtonFindSSLKeyfile, QtCore.SIGNAL(
"clicked()"), self.click_FindSSLKeyfile)
QtCore.QObject.connect(self.ui.checkBoxStripMessageHeaders, QtCore.SIGNAL(
"clicked()"), self.click_StripMessageHeaders)
self.click_StripMessageHeaders()
QtGui.QWidget.resize(self, QtGui.QWidget.sizeHint(self))
@ -2879,6 +2895,9 @@ class settingsDialog(QtGui.QDialog):
QtGui.QMessageBox.information(self, 'SSL Files', _translate(
"Settings", "Because you have enabled SSL on either SMTP or POP3 servers, you must specify valid SSL Certificate and Key files before continuing."), QMessageBox.Ok)
def click_StripMessageHeaders(self):
self.ui.lineEditMessageHeadersToStrip.setEnabled(self.ui.checkBoxStripMessageHeaders.isChecked())
def configurePushButtonFindSSLCerficiate(self, fn):
self.ui.pushButtonFindSSLCertificate.setText('Find SSL Certificate...')
try:

20
src/bitmessageqt/settings.py
View File

@ -2,7 +2,7 @@
# Form implementation generated from reading ui file 'settings.ui'
#
# Created: Sat Jul 06 18:24:20 2013
# Created: Wed Jul 10 16:19:56 2013
# by: PyQt4 UI code generator 4.10.1
#
# WARNING! All changes made in this file will be lost!
@ -26,7 +26,7 @@ except AttributeError:
class Ui_settingsDialog(object):
def setupUi(self, settingsDialog):
settingsDialog.setObjectName(_fromUtf8("settingsDialog"))
settingsDialog.resize(623, 343)
settingsDialog.resize(623, 406)
self.gridLayout = QtGui.QGridLayout(settingsDialog)
self.gridLayout.setObjectName(_fromUtf8("gridLayout"))
self.buttonBox = QtGui.QDialogButtonBox(settingsDialog)
@ -354,6 +354,19 @@ class Ui_settingsDialog(object):
self.horizontalLayout_5.addWidget(self.lineEditEmailAddress)
self.gridLayout_9.addLayout(self.horizontalLayout_5, 1, 0, 1, 2)
self.gridLayout_8.addWidget(self.groupBox_3, 7, 0, 1, 7)
self.groupBox_4 = QtGui.QGroupBox(self.tab_3)
self.groupBox_4.setObjectName(_fromUtf8("groupBox_4"))
self.gridLayout_10 = QtGui.QGridLayout(self.groupBox_4)
self.gridLayout_10.setObjectName(_fromUtf8("gridLayout_10"))
self.checkBoxStripMessageHeaders = QtGui.QCheckBox(self.groupBox_4)
self.checkBoxStripMessageHeaders.setChecked(True)
self.checkBoxStripMessageHeaders.setTristate(False)
self.checkBoxStripMessageHeaders.setObjectName(_fromUtf8("checkBoxStripMessageHeaders"))
self.gridLayout_10.addWidget(self.checkBoxStripMessageHeaders, 0, 0, 1, 1)
self.lineEditMessageHeadersToStrip = QtGui.QLineEdit(self.groupBox_4)
self.lineEditMessageHeadersToStrip.setObjectName(_fromUtf8("lineEditMessageHeadersToStrip"))
self.gridLayout_10.addWidget(self.lineEditMessageHeadersToStrip, 1, 0, 1, 1)
self.gridLayout_8.addWidget(self.groupBox_4, 5, 0, 1, 7)
self.tabWidgetSettings.addTab(self.tab_3, _fromUtf8(""))
self.gridLayout.addWidget(self.tabWidgetSettings, 0, 0, 1, 1)
@ -426,5 +439,8 @@ class Ui_settingsDialog(object):
self.labelAccountStatus.setText(_translate("settingsDialog", "Account Inaccessible via SMTP/POP3. Set a password to allow access.", None))
self.label_18.setText(_translate("settingsDialog", "E-Mail Address for this Identity:", None))
self.lineEditEmailAddress.setText(_translate("settingsDialog", "fsdpffffffffffffffffffffffffffffffffffffffffffffffasdpofiasjdf", None))
self.groupBox_4.setTitle(_translate("settingsDialog", "Mail Content", None))
self.checkBoxStripMessageHeaders.setText(_translate("settingsDialog", "Strip these non-anonymizing message meaders from outgoing messages (comma-separated list):", None))
self.lineEditMessageHeadersToStrip.setText(_translate("settingsDialog", "User-Agent, Message-ID", None))
self.tabWidgetSettings.setTabText(self.tabWidgetSettings.indexOf(self.tab_3), _translate("settingsDialog", "SMTP && POP3", None))

31
src/bitmessageqt/settings.ui
View File

@ -7,7 +7,7 @@
<x>0</x>
<y>0</y>
<width>623</width>
<height>343</height>
<height>406</height>
</rect>
</property>
<property name="windowTitle">
@ -823,6 +823,35 @@
</layout>
</widget>
</item>
<item row="5" column="0" colspan="7">
<widget class="QGroupBox" name="groupBox_4">
<property name="title">
<string>Mail Content</string>
</property>
<layout class="QGridLayout" name="gridLayout_10">
<item row="0" column="0">
<widget class="QCheckBox" name="checkBoxStripMessageHeaders">
<property name="text">
<string>Strip these non-anonymizing message meaders from outgoing messages (comma-separated list):</string>
</property>
<property name="checked">
<bool>true</bool>
</property>
<property name="tristate">
<bool>false</bool>
</property>
</widget>
</item>
<item row="1" column="0">
<widget class="QLineEdit" name="lineEditMessageHeadersToStrip">
<property name="text">
<string>User-Agent, Message-ID</string>
</property>
</widget>
</item>
</layout>
</widget>
</item>
</layout>
</widget>
</widget>

22
src/class_smtpServer.py
View File

@ -333,6 +333,25 @@ class bitmessageSMTPServer(smtpd.SMTPServer):
sock = ssl.wrap_socket(sock, server_side=True, certfile=self.certfile, keyfile=self.keyfile, ssl_version=ssl.PROTOCOL_SSLv23)
bitmessageSMTPChannel(self, sock, peer_address)
@staticmethod
def stripMessageHeaders(message):
try:
if not shared.config.getboolean('bitmessagesettings', 'stripmessageheadersenable'):
return
except:
pass
try:
headersToStrip = shared.config.get('bitmessagesettings', 'stripmessageheaders')
except:
headersToStrip = "Message-ID, User-Agent"
headersToStrip = [x.strip() for x in headersToStrip.split(',') if len(x.strip()) > 0]
print(headersToStrip)
for h in headersToStrip:
if h in message:
del message[h]
def process_message(self, peer, address, rcpttos, data):
#print("Peer", peer)
#print("Mail From", address)
@ -344,12 +363,13 @@ class bitmessageSMTPServer(smtpd.SMTPServer):
message = parser.Parser().parsestr(data)
message['X-Bitmessage-Sending-Version'] = shared.softwareVersion
print(message)
bitmessageSMTPServer.stripMessageHeaders(message)
fp = StringIO()
gen = generator.Generator(fp, mangle_from_=False, maxheaderlen=128)
gen.flatten(message)
message_as_text = fp.getvalue()
print(message_as_text)
checksum = hashlib.sha256(message_as_text).digest()[:2]
checksum = (ord(checksum[0]) << 8) | ord(checksum[1])