- fixes "fast python" (multiprocessing) PoW
- python PoW (both slow and fast) interruptible on *NIX
- signal handler should handle multiple processes and threads correctly
(only tested on Linux)
- popul window asking whether to interrupt PoW when quitting QT GUI
- PoW status in "sent" folder fixes and now also displays broadcast
status which didn't exist before
- Fixes#894
- it shows that it needs to wait for PoW to finish
- it waits a bit for new objects to be distributed
- it displays a better progress indicator in the status bar
Previously, people who don't understand how PyBitmessage works sometimes
shut it down immediately after they wrote a message. This would have
caused the message to be stuck in the queue locally and not sent. Now,
it will indicate that the PoW still needs to work, and it will wait a
bit longer so that the message can spread. It's not a completely correct
approach, because it does not know whether the message was really
retrieved after the "inv" notification was sent.
- postpone initial sleep until the first getdata is received
- also sleep when received a getdata request for an object that hasn't
been advertised to the other node yet
There was a report that by quickly asking a large number of nodes if
they have an ACK object (which the attacker knows but it is injected
into the network by the recipient of the message), it can estimate how
an object propagates through the network, and eventually pinpoint an
originating IP address of the injection, i.e. the IP address of the
message recipient.
This patch mitigates against it by stalling when asked for a nonexisting
object (so that the attacker can't spam requests), and also upon
connection before sending its own inventory list (so that reconnecting
won't help the attacker). It estimates how long a short message takes to
propagate through the network based on how many nodes are in a stream
and bases the stalling time on that. Currently that is about 15 seconds.
Initial connection delay takes into account the time that already passed
since the connection was established.
This basically gives the attacker one shot per a combination of his own
nodes and the nodes he can connect to, and thus makes the attack much
more difficult to succeed.
Peter Šurda
mailchuck
Jonathan Warren