Commit Graph

1832 Commits

Author SHA1 Message Date
51b043684d
Mitigate active internal intersection attack
There was a report that by quickly asking a large number of nodes if
they have an ACK object (which the attacker knows but it is injected
into the network by the recipient of the message), it can estimate how
an object propagates through the network, and eventually pinpoint an
originating IP address of the injection, i.e. the IP address of the
message recipient.

This patch mitigates against it by stalling when asked for a nonexisting
object (so that the attacker can't spam requests), and also upon
connection before sending its own inventory list (so that reconnecting
won't help the attacker). It estimates how long a short message takes to
propagate through the network based on how many nodes are in a stream
and bases the stalling time on that. Currently that is about 15 seconds.
Initial connection delay takes into account the time that already passed
since the connection was established.

This basically gives the attacker one shot per a combination of his own
nodes and the nodes he can connect to, and thus makes the attack much
more difficult to succeed.
2016-02-13 12:55:15 +01:00
84f2202745
Don't send ACK on subscribed chans
If somehow you manage to send a message that includes an ACK part into a
chan, the subscribers would send the ACK back. This shouldn't happen.
2016-02-13 00:30:51 +01:00
d2b9c16d5f
blacklist rendering edit fix
Editing of blacklist labels affected the rerendering, because it emits
the changed signal too, and it caused an exception because the address
field was missing at that time. This works around both.
2016-02-13 00:09:52 +01:00
2f6c36cab2
Don't send unnecessary ACKs
In some situations, it's not necessary to send an ACK. For example, when
the sender is blacklisted, when the message has no content, or when the
address has ACK sending disabled.

Also it's not necessary to rebroadcast empty messages into a mailing
list.
2016-02-12 23:36:00 +01:00
mirrorwish
0db41adfd7
Save changes to blacklist labels
Fixes mailchuck/PyBitmessage#175

Signed-off-by: Peter Surda <surda@economicsofbitcoin.com>
2016-02-12 22:20:32 +01:00
mailchuck
1690597b0b
Unused variable 2016-01-26 13:02:39 +01:00
mailchuck
a04f0c15e8
Cleanup lockfile on exit
singleton.py design was broken.
Fixed Bitmessage#775
2016-01-26 13:01:40 +01:00
mailchuck
12b71d53bb
private IP range checks
When advertising nodes and when establishing connections, private IP
range checks were not done. This could cause private IPs to be
advertised across the network. Also, some of the checks weren't
IPv6-aware.
Fixes Bitmessage#768
2016-01-26 12:04:12 +01:00
mailchuck
42833f35e5
Thread names for IPv6
Thread names for IPv6 contained ":". This caused problems in log
parsers.
2016-01-26 11:54:21 +01:00
mailchuck
6861dbb147
Newly arrives messages sorting
There could be cases where newly arrives message is not added correctly.
It won't necessarily go to the top, that depends on the sort.
2016-01-25 23:52:46 +01:00
mailchuck
ce31dacd95
Version bump for 0.5.7 2016-01-24 22:40:21 +01:00
mailchuck
58dc091536
Unread count refresh on change 2016-01-24 21:27:19 +01:00
mailchuck
573ef9211f
Typo 2016-01-24 18:50:42 +01:00
mailchuck
6503782958
Test cleanup
Safer this way
2016-01-24 18:25:35 +01:00
mailchuck
fa73cfd53e
Popup menu on folders
There are no functions associated with it but sometimes it popped up so
disable it.
2016-01-24 18:25:12 +01:00
mailchuck
6bc57f9e80
updateText was deleted so no need to call it 2016-01-24 18:23:40 +01:00
mailchuck
40fcc285be
Tree rerendering cleanup
Fixes #76
2016-01-24 18:21:27 +01:00
mailchuck
276d603777
Unread count cleanup
Addresses #128
2016-01-24 12:16:55 +01:00
mailchuck
cb28fa1b6a
BlackWhitelist rerendering
It used to show entries with no address.
Fixes #170
2016-01-24 10:55:15 +01:00
mailchuck
c5eb7f5d5e
Disabling subscriptions should rerender addressbook
Addresses #76
2016-01-24 01:16:07 +01:00
mailchuck
67d09006fb
Addressbook / Tree / Messagelist rendering
Some changes that didn't propagate correctly before now do.
Addresses #76
2016-01-23 22:18:13 +01:00
mailchuck
65127f1d8f
TreeWidget and Addressbook editing propagation
If you change, add or remove an item in a treewidget or addressbook,
messagelists will now autoupdate labels, and sender comboboxes will also
update if applicable.
Fixes #69
2016-01-23 20:24:57 +01:00
mailchuck
31b3bca252
Scroll/zoom in message composing widget
Fixes #169
2016-01-23 12:22:06 +01:00
mailchuck
18e40b3772
Messagelist subscription color
Fixes Bitmessage#842
2016-01-23 10:14:14 +01:00
mailchuck
28d9c4171f
Quoting fixes
Message compose sometimes misinterpreted quoted message as HTML, causing
rendering screwups. Since we don't support HTML composing, we will treat
all quoted messages as plain text.
2016-01-23 09:56:22 +01:00
mailchuck
550de529fc
Zooming info percent based an single step
Zooming in message body view / compose works in single steps
irrespective of wheel sensitivity, and info about zoom level is
displayed in percent rather than font pixel size.
2016-01-23 09:55:24 +01:00
mailchuck
82f7577671
Message body display handling of spaces
After the changes in the message body renderer, spaces were not
correctly handled. Fixes #168
2016-01-23 09:53:31 +01:00
mailchuck
a0c09b6bb2
Sent folder new message selection fix
Fixes Bitmessage#838
2016-01-22 20:21:14 +01:00
mailchuck
d7a52893ea
Message editor updates
- Does not allow changing fonts (it's ignored once it's sent anyway),
fixes #167
- Allows zooming, fixes #163
2016-01-22 19:17:00 +01:00
mailchuck
00e90bd38f
singleWorker shutdown fix
if singleWorker crashed, the thread couldn't be joined. This both makes
it so that it doesn't crash, as well as reorders the shutdown sequence
so that it is less likely to be triggered.
Fixes Bitmessage#549
2016-01-22 14:47:44 +01:00
mailchuck
d925ab61b3
objectProcessorQueue fixes
- it didn't shutdown correctly
- it didn't handle exception correctly (however, if I understand
correctly, this will never be triggered if using blocking get, so it
doesn't affect PyBitmessage)
- flushing size check changed from 1 to 0 (I don't know why it was 1)
2016-01-22 14:13:12 +01:00
fe0106bdce
Object processor queue class
Previous commit didn't include the class. This class takes care of queue
size monitoring so that the system doesn't run out of memory.
2016-01-22 13:49:28 +01:00
e781420f4d
Flood mitigation optimisation
Flood mitigation was done both in the ObjectProcessorQueue as well as
receiveData threads. This patch removes the mitigation in receiveData
threads and cleans up the one in the ObjectProcessorQueue
2016-01-22 11:17:10 +01:00
mailchuck
5c4cafbcc7
Typo 2016-01-21 18:13:15 +01:00
mailchuck
aa740a9d49
Typo 2016-01-21 18:03:25 +01:00
mailchuck
ebfe20dc66
OpenSSL version for support contact form 2016-01-21 17:57:10 +01:00
mailchuck
e7d2ea5e8a
Improve OpenSSL library finder 2016-01-21 17:56:21 +01:00
mailchuck
d486b251a5
DLL path fix in frozen mode
Addresses #152
2016-01-20 22:31:33 +01:00
mailchuck
313ede4487
Don't test for Qt in daemon mode
Initialisation of the daemon variable was missing at launch.

Fixes #161
2016-01-17 14:26:27 +01:00
itsexe
07bc673329
fixed some spelling errors 2016-01-13 18:59:25 +01:00
mailchuck
973cec56db
Message body focus on reply
Fixes #156
2016-01-12 16:49:12 +01:00
mailchuck
96a01d1fd7
Remember current search
@rainulf  What's the reasoning behind resetting the search?

Fixes #155
2016-01-12 16:38:46 +01:00
mailchuck
d09efca9f0
Clicks in empty message shouldn't produce an error 2016-01-10 17:46:26 +01:00
mailchuck
bf93a394c0
"All accounts" can't be renamed
Minor error
2016-01-10 17:46:00 +01:00
mailchuck
106ac6ce78
Unicode
- subject on replies was not parsed correctly (or should I say was
parsed more than necessary)
- unicode can handle invalid characters without needing a special
function

Fixes #164
2016-01-04 15:43:38 +01:00
mailchuck
376b755acc
Allow zooming of message body
Uses default system zoom settings (Ctrl-Wheel).
Fixes #163
2016-01-04 11:13:45 +01:00
mailchuck
882c414e68
UPnP status bar update fix 2015-12-29 16:36:35 +01:00
mailchuck
0d7d084e26
Save UPnP port
Fixes #129
2015-12-23 13:42:58 +01:00
mailchuck
5ed6df7436
Typo (missing) 2015-12-23 00:42:29 +01:00
mailchuck
a9f45c8061
Typo 2015-12-23 00:40:06 +01:00