Commit Graph

126 Commits

Author SHA1 Message Date
143abe3c34 Preliminary Tor hidden service support 2016-05-02 15:00:24 +02:00
b202ac6fab Do not allow port 0
Attackers injected node addresses with port 0 into the network. Port 0
is unusable on many OSes and can't be listened on. PyBitmessage won't
accept nodes that have port 0 anymore.
2016-05-02 15:00:24 +02:00
4c2ce7208c Sleep on invalid getdata
- postpone initial sleep until the first getdata is received
- also sleep when received a getdata request for an object that hasn't
been advertised to the other node yet
2016-05-02 15:00:24 +02:00
8f5d305242 Mitigate active internal intersection attack
There was a report that by quickly asking a large number of nodes if
they have an ACK object (which the attacker knows but it is injected
into the network by the recipient of the message), it can estimate how
an object propagates through the network, and eventually pinpoint an
originating IP address of the injection, i.e. the IP address of the
message recipient.

This patch mitigates against it by stalling when asked for a nonexisting
object (so that the attacker can't spam requests), and also upon
connection before sending its own inventory list (so that reconnecting
won't help the attacker). It estimates how long a short message takes to
propagate through the network based on how many nodes are in a stream
and bases the stalling time on that. Currently that is about 15 seconds.
Initial connection delay takes into account the time that already passed
since the connection was established.

This basically gives the attacker one shot per a combination of his own
nodes and the nodes he can connect to, and thus makes the attack much
more difficult to succeed.
2016-05-02 15:00:24 +02:00
mailchuck
4f26bf1059 private IP range checks
When advertising nodes and when establishing connections, private IP
range checks were not done. This could cause private IPs to be
advertised across the network. Also, some of the checks weren't
IPv6-aware.
Fixes Bitmessage#768
2016-05-02 15:00:23 +02:00
mailchuck
47f1c0c267 Thread names for IPv6
Thread names for IPv6 contained ":". This caused problems in log
parsers.
2016-05-02 15:00:23 +02:00
e4f31d25fc Flood mitigation optimisation
Flood mitigation was done both in the ObjectProcessorQueue as well as
receiveData threads. This patch removes the mitigation in receiveData
threads and cleans up the one in the ObjectProcessorQueue
2016-05-02 15:00:23 +02:00
mailchuck
e4a7e71790 SSL fixes 2016-05-02 15:00:21 +02:00
mailchuck
281630757e SSL fixes 2016-05-02 15:00:21 +02:00
mailchuck
18f7ef06e2 SSL fixes
Handle old Python compatibility better.
2016-05-02 15:00:21 +02:00
mailchuck
b7ad34cf15 Trusted peer flood protection
Is not needed.
Fixed Bitmessage#786
2016-05-02 15:00:21 +02:00
mailchuck
231219a193 Improved logging
Fixes #118

- changed almost all "print" into logger
- threads have nicer names
- logger can have configuration in "logger.dat" in the same directory as
"keys.dat", and the logger will pick the one named "default" to replace
the "console" and "file" that are in PyBitmessage otherwise

Example file for logging to syslog:

[loggers]
keys = root,syslog

[logger_root]
level=NOTSET
handlers=syslog

[logger_syslog]
level=DEBUG
handlers=syslog
qualname=default

[handlers]
keys = syslog

[handler_syslog]
class = handlers.SysLogHandler
formatter = syslog
level = DEBUG
args=(('localhost', handlers.SYSLOG_UDP_PORT),
handlers.SysLogHandler.LOG_LOCAL7)

[formatters]
keys = syslog

[formatter_syslog]
format=%(asctime)s %(threadName)s %(filename)s@%(lineno)d %(message)s
datefmt=%b %d %H:%M:%S
2016-05-02 15:00:21 +02:00
mailchuck
2fd85bfa69 SSL workaround
Python < 2.7.9 does not support anonymous SSL server through
ssl.wrap_socket, so we have to disable it. Works fine as client.
Try to prefer secp256k1 curve (again, requires python >= 2.7.9)
2016-05-02 15:00:21 +02:00
mailchuck
c7fb9e6a43 SSL fixes
- uses constants for service flags
- requires SSL to use TLSv1 version (protection against POODLE-style
attacks)
- retry if sock.recv incomplete
2016-05-02 15:00:21 +02:00
mailchuck
53b0d2749b Opportunistic encryption with TLS (1 of 2)
Fixes Bitmessage#264
Fixes Bitmessage#648
2016-05-02 15:00:20 +02:00
mailchuck
ceda22ec94 Private IP range update
Addresses Bitmessage#768
2016-05-02 15:00:20 +02:00
mailchuck
2ec04ede40 Passive version check
Bitmessage will now notify you if it encounters someone with a newer
version. Takes into account that it should not recommend switching from
stable to unstable and vice versa. Also, temporarily treats 0.5 as a
mailchuck fork.

Fixes #43
2016-05-02 15:00:19 +02:00
Jonathan Warren
cc712cb8ff finished work on specifyTTL 2015-03-09 02:35:32 -04:00
Jonathan Warren
3527983fa6 Minor refactoring 2015-02-20 17:33:17 -05:00
Jonathan Warren
0c7330f900 fix misbehaving logger.warning line 2015-01-28 14:45:29 -05:00
Jonathan Warren
0865e863ec Added ability to limit network transfer rate 2014-09-10 16:47:51 -04:00
Jonathan Warren
c306062282 Bitmessage Protocol Version Three 2014-08-27 03:14:32 -04:00
Jonathan Warren
ea6f34ade6 removed use of memoryview so that we can support python 2.7.3 2014-08-06 15:54:59 -04:00
Jonathan Warren
9e16e81283 resolve merge conflict and show transfer rate 2014-08-01 17:25:47 -04:00
Jonathan Warren
a2a7edc9be resolve merge conflict 2014-07-14 19:29:47 -04:00
Yuri
f107b0fbd9 Addition of bytes received/sent counts on the network information tab. 2014-07-07 13:30:23 -07:00
bmng-dev
1f9991bcd0 Fix syntax error 2014-06-08 14:03:58 +00:00
bmng-dev
0f9625aac7 Refactor packet header extraction and generation
Demote payloadLength from class instance variable to processData local variable as no other function was using it
Improve processData:
 -Utilise shared.Header
 -Use a memoryview to reduce memory overhead
 -Clean up variables before a recursive call
 -Strip null bytes from command
Refactor sendData
Various functions:
 -Use shared.CreatePacket to generate packets
Fix typo in _checkIPv4Address
2014-05-22 15:57:48 +00:00
antius
53a3d1635a Make addDataPadding method to avoid clutter. 2014-05-02 16:46:36 +02:00
Jonathan Warren
38d7db24ad Merge pull request #639 from bpeel/wip/trusted-peer
Add a 'trustedpeer' option to keys.dat
2014-04-30 17:42:28 -04:00
Jonathan Warren
22934441dc Fix #662 - 'PyBitmessage does not wait for verack' 2014-04-30 15:39:25 -04:00
Jonathan Warren
114ba4e23a slightly modify IPv6 modifications so that IPv4-only hosts properly handle v6 IPs 2014-04-27 18:05:43 -04:00
Neil Roberts
7da6ea958f Add support for IPv6
It will now listen on an IPv6 socket if possible or fall back to IPv4
if that doesn't work. It will no longer filter out all IPv6 addresses
and instead it will only filter out those that point to the local
network.

It looks like the DNS bootstrapping should just automatically work
because getaddrinfo already returns IPv6 addresses from the AAAA
record.

In order to convert from the ASCII representation of IPv6 addresses
and back we need inet_ntop and inet_pton. Python 2 doesn't currently
provide these for Windows so instead this patch provides a hot patch
to the socket module which wraps WSAStringToAddress and
WSAAddressToString using ctypes.
2014-03-12 01:48:48 +00:00
Neil Roberts
03263156de Add a 'trustedpeer' option to keys.dat
If this option is specified in keys.dat then Bitmessage will connect
to the host specified there instead of connecting to the hosts in the
list of known nodes. It will also stop listening for incoming
connections and the timing attack mitigation will be disabled.

The expected use case is for example where a user is running a daemon
on a dedicated machine in their local network and they occasionally
want to check for messages using a second instance of the client on
their laptop. In that case it would be much faster to catch up with
the messages by directly downloading from the dedicated machine over
the LAN. There is no need to connect to multiple peers or to do the
timing attack mitigation because the daemon is trusted.

The host is specified as hostname:port. Eg, ‘192.168.1.8:8444’.
2014-02-06 13:16:07 +00:00
Jonathan Warren
0de659a04a Ignore, and don't save to memory, messages larger than 20MB (temporary) 2014-02-05 02:45:10 -05:00
Jonathan Warren
61389b64aa fix #590 2013-12-29 22:36:23 -05:00
Jonathan Warren
45a0046e7d completed work on objectProcessorThread 2013-11-20 01:29:37 -05:00
Jonathan Warren
2a1b6dd86d some initial objectProcessorThread work 2013-11-13 22:44:42 -05:00
Jonathan Warren
a20711c2ab Fix whitelist functionality 2013-10-05 13:39:53 -04:00
Jonathan Warren
f5b92b2fa5 turn timing attack mitigation back on 2013-09-29 23:06:24 -04:00
Jonathan Warren
498928405b Chan fix: initial work completed 2013-09-29 19:24:27 -04:00
Jonathan Warren
02ea2a50d3 more v4 address work. Should be done. 2013-09-18 00:04:01 -04:00
Jonathan Warren
79f6169803 further v4 address work 2013-09-14 21:06:26 -04:00
Jonathan Warren
56168e82b5 most initial work on v4 pubkeys completed 2013-09-13 00:27:34 -04:00
Jonathan Warren
90e60d8145 delay addr messages random number of seconds 2013-09-09 19:26:32 -04:00
Jonathan Warren
f0bf3aad48 use locks when accessing dictionary inventory 2013-09-07 18:23:20 -04:00
Jonathan Warren
a9b15f83ba initial testing inv refactorization 2013-09-06 18:55:12 -04:00
Jonathan Warren
c06bbc14f8 Give user feedback when disk is full 2013-09-04 20:14:25 -04:00
Jonathan Warren
7ccdd14418 fix #474 2013-09-04 12:53:18 -04:00
Jonathan Warren
5fab298559 Refactor of the way PyBitmessage looks for interesting new objects in huge inv messages from peers 2013-09-03 22:45:45 -04:00
Jonathan Warren
6159d5e622 Show inventory lookup rate on Network Status tab 2013-09-03 18:08:29 -04:00
Grant T. Olson
92c1368691 use helper_sql in class_receiveDataThread 2013-08-29 08:03:05 -04:00
Jonathan Warren
1bb86794a8 undid support for receiving v4 addresses until more chanages are implemented 2013-08-26 15:23:12 -04:00
Jonathan Warren
82db79ca39 removed option from previous commit which allowed user-settable maximum network message size pending further discussion 2013-08-24 20:23:49 -04:00
Jonathan Warren
a5c65f11e8 resolve merge conflict 2013-08-24 20:18:46 -04:00
Jonathan Warren
0132db33dc show number of each message type processed in the API command clientStatus 2013-08-24 19:40:48 -04:00
Adam Fontenot
ef312c6e2c Updated several missed references to version 3 addresses 2013-08-15 04:26:14 -05:00
Bob Mottram
3063c256d4 Maximum message length configurable within keys.dat 2013-08-03 12:45:15 +01:00
Jonathan Warren
5c3bc63a1f Only allow 1 connection per IP 2013-08-01 12:16:31 -04:00
Gergö Barany
6b01e8aa33 Bug fixes in new peer handling. 2013-08-01 12:32:07 +02:00
nobody
d606bb1333 Fix: Distinguish peers by both IP address and port.
Until now many parts of the code assumed that IP addresses are
unique for peers. However, more than one Bitmessage instance might
be running with a given IP address due to multi-user systems or
firewalls.
2013-07-30 22:23:18 +02:00
Jonathan Warren
d036ca18ed Completed chan integration in the GUI 2013-07-22 01:10:22 -04:00
Gergö Barany
fc5da5d3ff Refactor type 2 message decoding, drop any extra lines from subject.
This allows other clients to insert headers in extra lines of text between
the Subject and Body fields of the message, as discussed on the 24x7 mailing
list. The PyBitmessage client was never able to meaningfully display
multi-line subjects, so this does not break anything. The extra lines are
thrown away and never stored anywhere, so this also protects against
watermarking attacks.
2013-07-12 12:16:34 +02:00
Jonathan Warren
21ce1f5a19 manual merge 2013-07-05 16:56:49 -04:00
Pedro Gimeno
55b899f5c1 Better fix for issue #183
The former patch was too local; this one integrates better with the structure of the code.
2013-07-02 17:43:54 +02:00
Jonathan Warren
2012096673 Merge branch 'master' of git://github.com/linkerlin/PyBitmessage into linkerlin-master 2013-07-01 15:51:55 -04:00
Pedro Gimeno
95a1afb84b Fix issue #183 (CPU 100% usage)
As per http://docs.python.org/2/howto/sockets.html#using-a-socket it's
possible that a socket recv() call returns 0 bytes if the remote closes
the connection. In that case, recv() does not obey settimeout(): it
just doesn't block and returns zero bytes immediately, which in this
case results in an infinite loop if the transmission was incomplete.
2013-07-01 07:36:22 +02:00
Linker Lin
4a84a30fc6 replace acquire lock by 'with' statement 2013-06-30 01:29:35 +08:00
Jonathan Warren
61ab0013aa added new variable: doTimingAttackMitigation 2013-06-24 17:29:15 -04:00
Jonathan Warren
3204c6b833 added new variable: doTimingAttackMitigation 2013-06-24 17:29:04 -04:00
Jonathan Warren
acb8b51e00 sock.sendall errors need-not go to stderr 2013-06-24 17:00:35 -04:00
Jonathan Warren
5a7d86cca9 Fix edge-case bug in possibleNewPubkey function 2013-06-24 16:57:19 -04:00
Jonathan Warren
c857f73d0b Continued moving code into individual modules 2013-06-24 15:51:01 -04:00
Jordan Hall
2eb6558cf1 Added a number of missing imports fixing several issues (thank you PyDev) 2013-06-23 20:52:39 +01:00
Jordan Hall
fe8998ca3a Seperating out all peer networking classes and merging with upstream 2013-06-22 00:49:50 +01:00
Jordan Hall
27a8662f22 Seperating class_singleListener, class_receiveDataThread, class_sendDataThread 2013-06-21 23:29:04 +01:00