diff --git a/.gitignore b/.gitignore index d9c2d33e..4c21df2e 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ __pycache__/ data/config.ini data/*.db +dev-enabled \ No newline at end of file diff --git a/api.py b/api.py index 70b1d369..fdeddf8d 100755 --- a/api.py +++ b/api.py @@ -29,6 +29,11 @@ class API: return True def __init__(self, config, debug): + if os.path.exists('dev-enabled'): + print('DEVELOPMENT MODE ENABLED (THIS IS LESS SECURE!)') + self._developmentMode = True + else: + self._developmentMode = False self.config = config self.debug = debug self._privateDelayTime = 3 @@ -91,7 +96,8 @@ class API: # Public means it is publicly network accessible self.validateHost('public') action = request.args.get('action') - + if action == 'firstConnect': + pass @app.errorhandler(404) def notfound(err): @@ -122,10 +128,9 @@ class API: if not request.host.endswith('onion') and not request.hosst.endswith('i2p'): abort(403) # Validate x-requested-with, to protect against CSRF/metadata leaks - ''' - try: - request.headers['x-requested-with'] - except: - # we exit rather than abort to avoid fingerprinting - sys.exit(1) - ''' \ No newline at end of file + if self._developmentMode: + try: + request.headers['x-requested-with'] + except: + # we exit rather than abort to avoid fingerprinting + sys.exit(1) \ No newline at end of file diff --git a/core.py b/core.py index baf56d68..82e101ac 100644 --- a/core.py +++ b/core.py @@ -21,6 +21,8 @@ from Crypto import Random class Core: def __init__(self): self.queueDB = 'data/queue.db' + self.peerDB = 'data/peers.db' + #self.daemonQueue() # Call to create the DB if it doesn't exist return @@ -30,6 +32,27 @@ class Core: input_data = gpg.gen_key_input(key_type="RSA", key_length=2048, name_real='anon', name_comment='Onionr key', name_email='anon@onionr') key = gpg.gen_key(input_data) return + + def addPeer(self, id, name=''): + # This function simply adds a peer to the DB + return + + def createPeerDB(self): + # generate the peer database + conn = sqlite3.connect(self.peerDB) + c = conn.cursor() + c.execute(''' + create table users( + ID text not null, + name text, + pgpKey text, + hmacKey text, + forwardKey text, + dateSeen not null, + trust int); + ''') + conn.commit() + conn.close() def dataDirEncrypt(self, password): # Encrypt data directory (don't delete it in this function) diff --git a/onionr.py b/onionr.py index f4928752..61bcd59a 100755 --- a/onionr.py +++ b/onionr.py @@ -21,6 +21,11 @@ from colors import Colors class Onionr: def __init__(self): + if os.path.exists('dev-enabled'): + print('DEVELOPMENT MODE ENABLED (THIS IS LESS SECURE!)') + self._developmentMode = True + else: + self._developmentMode = False colors = Colors() @@ -42,7 +47,12 @@ class Onionr: else: print('Failed to decrypt: ' + result[1]) else: - os.mkdir('data') + if not os.path.exists('data/'): + os.mkdir('data/') + + if os.path.exists('data/peers.db'): + onionrCore.createPeerDB() + pass # Get configuration self.config = configparser.ConfigParser() @@ -76,10 +86,11 @@ class Onionr: print('Do', sys.argv[0], ' --help for Onionr help.') else: print(colors.RED, 'Invalid Command', colors.RESET) - return - encryptionPassword = onionrUtils.getPassword('Enter password to encrypt directory.') - onionrCore.dataDirEncrypt(encryptionPassword) - shutil.rmtree('data/') + + if not self._developmentMode: + encryptionPassword = onionrUtils.getPassword('Enter password to encrypt directory.') + onionrCore.dataDirEncrypt(encryptionPassword) + shutil.rmtree('data/') return def daemon(self): os.system('./communicator.py') diff --git a/tests.py b/tests.py index 1888230d..2d7d04c1 100755 --- a/tests.py +++ b/tests.py @@ -32,7 +32,21 @@ class OnionrTests(unittest.TestCase): self.assertTrue(False) else: self.assertTrue(True) - def testData_a_Encrypt(self): + def testPeerDBCreation(self): + print('--------------------------') + print('Running peer db creation test') + if os.path.exists('data/peers.db'): + os.remove('data/peers.db') + import core + myCore = core.Core() + myCore.createPeerDB() + if os.path.exists('data/peers.db'): + self.assertTrue(True) + else: + self.assertTrue(False) + def testData_b_Encrypt(self): + self.assertTrue(True) + return print('--------------------------') print('Running data dir encrypt test') import core @@ -42,13 +56,15 @@ class OnionrTests(unittest.TestCase): self.assertTrue(True) else: self.assertTrue(False) - def testData_b_Decrypt(self): + def testData_a_Decrypt(self): + self.assertTrue(True) + return print('--------------------------') print('Running data dir decrypt test') import core myCore = core.Core() myCore.dataDirDecrypt('password') - if os.path.exists('data.tar'): + if os.path.exists('data/'): self.assertTrue(True) else: self.assertTrue(False) @@ -69,6 +85,8 @@ class OnionrTests(unittest.TestCase): # test if the daemon queue can read/write data import core myCore = core.Core() + if not os.path.exists('data/queue.db'): + myCore.daemonQueue() while True: command = myCore.daemonQueue() if command == False: