Merge branch 'crypto' of https://github.com/beardog108/Onionr into crypto
This commit is contained in:
commit
36d9ebd4f1
6 changed files with 94 additions and 23 deletions
|
@ -68,6 +68,8 @@ class API:
|
|||
self.clientToken = config.get('client')['client_hmac']
|
||||
self.timeBypassToken = base64.b16encode(os.urandom(32)).decode()
|
||||
|
||||
self.mimeType = 'text/plain'
|
||||
|
||||
with open('data/time-bypass.txt', 'w') as bypass:
|
||||
bypass.write(self.timeBypassToken)
|
||||
|
||||
|
@ -96,12 +98,17 @@ class API:
|
|||
def afterReq(resp):
|
||||
if not self.requestFailed:
|
||||
resp.headers['Access-Control-Allow-Origin'] = '*'
|
||||
else:
|
||||
resp.headers['server'] = 'Onionr'
|
||||
resp.headers['Content-Type'] = 'text/plain'
|
||||
resp.headers["Content-Security-Policy"] = "default-src 'none'"
|
||||
#else:
|
||||
# resp.headers['server'] = 'Onionr'
|
||||
resp.headers['Content-Type'] = self.mimeType
|
||||
resp.headers["Content-Security-Policy"] = "default-src 'none'; script-src 'none'; object-src 'none'; style-src data: 'unsafe-inline'; img-src data:; media-src 'none'; frame-src 'none'; font-src 'none'; connect-src 'none'"
|
||||
resp.headers['X-Frame-Options'] = 'deny'
|
||||
resp.headers['X-Content-Type-Options'] = "nosniff"
|
||||
resp.headers['server'] = 'Onionr'
|
||||
|
||||
# reset to text/plain to help prevent browser attacks
|
||||
if self.mimeType != 'text/plain':
|
||||
self.mimeType = 'text/plain'
|
||||
|
||||
return resp
|
||||
|
||||
|
@ -111,6 +118,11 @@ class API:
|
|||
timingToken = ''
|
||||
else:
|
||||
timingToken = request.args.get('timingToken')
|
||||
data = request.args.get('data')
|
||||
try:
|
||||
data = data
|
||||
except:
|
||||
data = ''
|
||||
startTime = math.floor(time.time())
|
||||
# we should keep a hash DB of requests (with hmac) to prevent replays
|
||||
action = request.args.get('action')
|
||||
|
@ -129,6 +141,15 @@ class API:
|
|||
resp = Response('pong')
|
||||
elif action == 'stats':
|
||||
resp = Response('me_irl')
|
||||
elif action == 'site':
|
||||
block = data
|
||||
siteData = self._core.getData(data)
|
||||
response = 'not found'
|
||||
if siteData != '' and siteData != False:
|
||||
self.mimeType = 'text/html'
|
||||
response = siteData.split(b'-', 2)[-1]
|
||||
resp = Response(response)
|
||||
|
||||
else:
|
||||
resp = Response('(O_o) Dude what? (invalid command)')
|
||||
endTime = math.floor(time.time())
|
||||
|
@ -149,7 +170,7 @@ class API:
|
|||
requestingPeer = request.args.get('myID')
|
||||
data = request.args.get('data')
|
||||
try:
|
||||
data
|
||||
data = data
|
||||
except:
|
||||
data = ''
|
||||
if action == 'firstConnect':
|
||||
|
@ -175,7 +196,9 @@ class API:
|
|||
resp = Response('')
|
||||
# setData should be something the communicator initiates, not this api
|
||||
elif action == 'getData':
|
||||
resp = self._core.getData(data)
|
||||
if self._utils.validateHash(data):
|
||||
if not os.path.exists('data/blocks/' + data + '.db'):
|
||||
resp = base64.b64encode(self._core.getData(data))
|
||||
if resp == False:
|
||||
abort(404)
|
||||
resp = ""
|
||||
|
|
|
@ -19,7 +19,7 @@ and code to operate as a daemon, getting commands from the command queue databas
|
|||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
'''
|
||||
import sqlite3, requests, hmac, hashlib, time, sys, os, math, logger, urllib.parse, random
|
||||
import sqlite3, requests, hmac, hashlib, time, sys, os, math, logger, urllib.parse, random, base64, binascii
|
||||
import core, onionrutils, onionrcrypto, netcontroller, onionrproofs, btc, config, onionrplugins as plugins
|
||||
|
||||
class OnionrCommunicate:
|
||||
|
@ -241,17 +241,21 @@ class OnionrCommunicate:
|
|||
data = self.performGet('getData', i, hash)
|
||||
if data == False or len(data) > 10000000:
|
||||
continue
|
||||
hasher.update(data.encode())
|
||||
try:
|
||||
data = base64.b64decode(data)
|
||||
except binascii.Error:
|
||||
data = b''
|
||||
hasher.update(data)
|
||||
digest = hasher.hexdigest()
|
||||
if type(digest) is bytes:
|
||||
digest = digest.decode()
|
||||
if digest == hash.strip():
|
||||
self._core.setData(data)
|
||||
if data.startswith('-txt-'):
|
||||
self._core.setBlockType(hash, 'txt')
|
||||
logger.info('Successfully obtained data for ' + hash, timestamp=True)
|
||||
if len(data) < 120:
|
||||
logger.debug('Block text:\n' + data)
|
||||
if data.startswith(b'-txt-'):
|
||||
self._core.setBlockType(hash, 'txt')
|
||||
if len(data) < 120:
|
||||
logger.debug('Block text:\n' + data.decode())
|
||||
else:
|
||||
logger.warn("Failed to validate " + hash + " " + " hash calculated was " + digest)
|
||||
|
||||
|
@ -263,13 +267,20 @@ class OnionrCommunicate:
|
|||
'''
|
||||
return urllib.parse.quote_plus(data)
|
||||
|
||||
def performGet(self, action, peer, data=None, skipHighFailureAddress=False, peerType='tor'):
|
||||
def performGet(self, action, peer, data=None, skipHighFailureAddress=False, peerType='tor', selfCheck=True):
|
||||
'''
|
||||
Performs a request to a peer through Tor or i2p (currently only Tor)
|
||||
'''
|
||||
|
||||
if not peer.endswith('.onion') and not peer.endswith('.onion/'):
|
||||
raise PeerError('Currently only Tor .onion peers are supported. You must manually specify .onion')
|
||||
|
||||
if len(self._core.hsAdder.strip()) == 0:
|
||||
raise Exception("Could not perform self address check in performGet due to not knowing our address")
|
||||
if selfCheck:
|
||||
if peer.replace('/', '') == self._core.hsAdder:
|
||||
logger.warn('Tried to performget to own hidden service, but selfCheck was not set to false')
|
||||
return
|
||||
|
||||
# Store peer in peerData dictionary (non permanent)
|
||||
if not peer in self.peerData:
|
||||
|
|
|
@ -44,6 +44,9 @@ class Core:
|
|||
self.addressDB = 'data/address.db'
|
||||
self.hsAdder = ''
|
||||
|
||||
self.bootstrapFileLocation = 'static-data/bootstrap-nodes.txt'
|
||||
self.bootstrapList = []
|
||||
|
||||
if not os.path.exists('data/'):
|
||||
os.mkdir('data/')
|
||||
if not os.path.exists('data/blocks/'):
|
||||
|
@ -55,9 +58,19 @@ class Core:
|
|||
with open('data/hs/hostname', 'r') as hs:
|
||||
self.hsAdder = hs.read()
|
||||
|
||||
# Load bootstrap address list
|
||||
if os.path.exists(self.bootstrapFileLocation):
|
||||
with open(self.bootstrapFileLocation, 'r') as bootstrap:
|
||||
bootstrap = bootstrap.read()
|
||||
for i in bootstrap.split('\n'):
|
||||
self.bootstrapList.append(i)
|
||||
else:
|
||||
logger.warn('Warning: address bootstrap file not found ' + self.bootstrapFileLocation)
|
||||
|
||||
self._utils = onionrutils.OnionrUtils(self)
|
||||
# Initialize the crypto object
|
||||
self._crypto = onionrcrypto.OnionrCrypto(self)
|
||||
|
||||
except Exception as error:
|
||||
logger.error('Failed to initialize core Onionr library.', error=error)
|
||||
logger.fatal('Cannot recover from error.')
|
||||
|
@ -245,7 +258,7 @@ class Core:
|
|||
Simply return the data associated to a hash
|
||||
'''
|
||||
try:
|
||||
dataFile = open(self.blockDataLocation + hash + '.dat')
|
||||
dataFile = open(self.blockDataLocation + hash + '.dat', 'rb')
|
||||
data = dataFile.read()
|
||||
dataFile.close()
|
||||
except FileNotFoundError:
|
||||
|
@ -257,8 +270,10 @@ class Core:
|
|||
'''
|
||||
Set the data assciated with a hash
|
||||
'''
|
||||
data = data.encode()
|
||||
data = data
|
||||
hasher = hashlib.sha3_256()
|
||||
if not type(data) is bytes:
|
||||
data = data.encode()
|
||||
hasher.update(data)
|
||||
dataHash = hasher.hexdigest()
|
||||
if type(dataHash) is bytes:
|
||||
|
@ -268,8 +283,8 @@ class Core:
|
|||
pass # TODO: properly check if block is already saved elsewhere
|
||||
#raise Exception("Data is already set for " + dataHash)
|
||||
else:
|
||||
blockFile = open(blockFileName, 'w')
|
||||
blockFile.write(data.decode())
|
||||
blockFile = open(blockFileName, 'wb')
|
||||
blockFile.write(data)
|
||||
blockFile.close()
|
||||
|
||||
conn = sqlite3.connect(self.blockDB)
|
||||
|
@ -574,8 +589,10 @@ class Core:
|
|||
announceAmount = 2
|
||||
nodeList = self.listAdders()
|
||||
if len(nodeList) == 0:
|
||||
self.addAddress('onionragxuddecmg.onion')
|
||||
nodeList.append('onionragxuddecmg.onion')
|
||||
for i in self.bootstrapList:
|
||||
if self._utils.validateID(i):
|
||||
self.addAddress(i)
|
||||
nodeList.append(i)
|
||||
if announceAmount > len(nodeList):
|
||||
announceAmount = len(nodeList)
|
||||
for i in range(announceAmount):
|
||||
|
|
|
@ -34,7 +34,7 @@ except ImportError:
|
|||
|
||||
ONIONR_TAGLINE = 'Anonymous P2P Platform - GPLv3 - https://Onionr.VoidNet.Tech'
|
||||
ONIONR_VERSION = '0.0.0' # for debugging and stuff
|
||||
API_VERSION = '1' # increments of 1; only change when something fundemental about how the API works changes. This way other nodes knows how to communicate without learning too much information about you.
|
||||
API_VERSION = '2' # increments of 1; only change when something fundemental about how the API works changes. This way other nodes knows how to communicate without learning too much information about you.
|
||||
|
||||
class Onionr:
|
||||
def __init__(self):
|
||||
|
@ -179,6 +179,7 @@ class Onionr:
|
|||
'add-addr': self.addAddress,
|
||||
'addaddr': self.addAddress,
|
||||
'addaddress': self.addAddress,
|
||||
'addfile': self.addFile,
|
||||
|
||||
'introduce': self.onionrCore.introduceNode,
|
||||
'connect': self.addAddress
|
||||
|
@ -200,6 +201,7 @@ class Onionr:
|
|||
'add-msg': 'Broadcasts a message to the Onionr network',
|
||||
'pm': 'Adds a private message to block',
|
||||
'get-pms': 'Shows private messages sent to you',
|
||||
'addfile': 'Create an Onionr block from a file',
|
||||
'introduce': 'Introduce your node to the public Onionr network (DAEMON MUST BE RUNNING)',
|
||||
}
|
||||
|
||||
|
@ -373,7 +375,7 @@ class Onionr:
|
|||
addedHash = self.onionrCore.setData(messageToAdd)
|
||||
self.onionrCore.addToBlockDB(addedHash, selfInsert=True)
|
||||
self.onionrCore.setBlockType(addedHash, 'txt')
|
||||
|
||||
logger.info("inserted your message as block: " + addedHash)
|
||||
return
|
||||
|
||||
def getPMs(self):
|
||||
|
@ -557,8 +559,23 @@ class Onionr:
|
|||
retVal = ''
|
||||
try:
|
||||
with open('./data/hs/hostname', 'r') as hostname:
|
||||
retval = retVal.read()
|
||||
retVal = hostname.read()
|
||||
except FileNotFoundError:
|
||||
return retVal
|
||||
|
||||
def addFile(self):
|
||||
'''command to add a file to the onionr network'''
|
||||
if len(sys.argv) >= 2:
|
||||
newFile = sys.argv[2]
|
||||
logger.info('Attempting to add file...')
|
||||
try:
|
||||
with open(newFile, 'r') as new:
|
||||
new = new.read()
|
||||
except FileNotFoundError:
|
||||
logger.warn('That file does not exist. Improper path?')
|
||||
else:
|
||||
print(new)
|
||||
self.onionrCore.insertBlock(new, header='bin')
|
||||
|
||||
|
||||
Onionr()
|
||||
|
|
|
@ -167,7 +167,7 @@ class OnionrCrypto:
|
|||
return binascii.hexlify(nacl.utils.random(nacl.secret.SecretBox.KEY_SIZE))
|
||||
|
||||
def generatePubKey(self):
|
||||
'''Generate a Ed25519 public key pair, return tuple of base64encoded pubkey, privkey'''
|
||||
'''Generate a Ed25519 public key pair, return tuple of base32encoded pubkey, privkey'''
|
||||
private_key = nacl.signing.SigningKey.generate()
|
||||
public_key = private_key.verify_key.encode(encoder=nacl.encoding.Base32Encoder())
|
||||
return (public_key.decode(), private_key.encode(encoder=nacl.encoding.Base32Encoder()).decode())
|
3
onionr/static-data/bootstrap-nodes.txt
Normal file
3
onionr/static-data/bootstrap-nodes.txt
Normal file
|
@ -0,0 +1,3 @@
|
|||
onionisrgccylxpr.onion
|
||||
aaronk3mcmglj6qedwptg62yl3wxxjwba2ucpoobrn7iudcacdxtrfad.onion
|
||||
onionragxuddecmg.onion
|
Loading…
Reference in a new issue