fixed file bug, removed username setting

master
Kevin Froman 2019-01-16 23:31:56 -06:00
parent 1ebed8d606
commit 9429afba18
10 changed files with 40 additions and 59 deletions

View File

@ -82,6 +82,9 @@ class PublicAPI:
@app.before_request
def validateRequest():
'''Validate request has the correct hostname'''
# If high security level, deny requests to public
if config.get('general.security_level', default=0) > 0:
abort(403)
if type(self.torAdder) is None and type(self.i2pAdder) is None:
# abort if our hs addresses are not known
abort(403)
@ -248,6 +251,7 @@ class API:
bindPort = int(config.get('client.client.port', 59496))
self.bindPort = bindPort
# Be extremely mindful of this
self.whitelistEndpoints = ('site', 'www', 'onionrhome', 'board', 'boardContent', 'sharedContent')
self.clientToken = config.get('client.webpassword')

View File

@ -201,7 +201,7 @@ class OnionrCommunicatorDaemon:
else:
listLookupCommand += '?date=%s' % (lastLookupTime,)
try:
newBlocks = self.peerAction(peer, 'getblocklist') # get list of new block hashes
newBlocks = self.peerAction(peer, listLookupCommand) # get list of new block hashes
except Exception as error:
logger.warn('Could not get new blocks from %s.' % peer, error = error)
newBlocks = False
@ -241,6 +241,7 @@ class OnionrCommunicatorDaemon:
break
self.currentDownloading.append(blockHash) # So we can avoid concurrent downloading in other threads of same block
peerUsed = self.pickOnlinePeer()
if not self.shutdown and peerUsed.strip() != '':
logger.info("Attempting to download %s from %s..." % (blockHash[:12], peerUsed))
content = self.peerAction(peerUsed, 'getdata/' + blockHash) # block content from random peer (includes metadata)
if content != False and len(content) > 0:
@ -506,7 +507,6 @@ class OnionrCommunicatorDaemon:
logger.debug('Status check; looks good.')
open(self._core.dataDir + '.runcheck', 'w+').close()
elif cmd[0] == 'connectedPeers':
print('yup')
response = '\n'.join(list(self.onlinePeers)).strip()
if response == '':
response = 'none'

View File

@ -622,6 +622,7 @@ class Core:
for row in c.execute(execute, args):
for i in row:
rows.append(i)
conn.close()
return rows
def getBlockDate(self, blockHash):
@ -637,7 +638,7 @@ class Core:
for row in c.execute(execute, args):
for i in row:
return int(i)
conn.close()
return None
def getBlocksByType(self, blockType, orderDate=True):
@ -659,7 +660,7 @@ class Core:
for row in c.execute(execute, args):
for i in row:
rows.append(i)
conn.close()
return rows
def getExpiredBlocks(self):
@ -674,6 +675,7 @@ class Core:
for row in c.execute(execute):
for i in row:
rows.append(i)
conn.close()
return rows
def setBlockType(self, hash, blockType):

View File

@ -132,8 +132,11 @@ def raw(data, fd = sys.stdout, sensitive = False):
if get_settings() & OUTPUT_TO_CONSOLE:
ts = fd.write('%s\n' % data)
if get_settings() & OUTPUT_TO_FILE and not sensitive:
try:
with open(_outputfile, "a+") as f:
f.write(colors.filter(data) + '\n')
except OSError:
pass
def log(prefix, data, color = '', timestamp=True, fd = sys.stdout, prompt = True, sensitive = False):
'''

View File

@ -647,6 +647,7 @@ class Block:
buffer += contents.decode()
else:
file.write(contents)
file.close()
return (None if not file is None else buffer)
@ -735,6 +736,7 @@ class Block:
# return different things depending on verbosity
if verbose:
return (blocks[-1], blocks)
file.close()
return blocks[-1]
def exists(bHash):

View File

@ -162,7 +162,7 @@ class OnionrUtils:
retData += '%s:%s' % (hostname, config.get('client.client.port'))
return retData
def localCommand(self, command, data='', silent = True, post=False, postData = {}):
def localCommand(self, command, data='', silent = True, post=False, postData = {}, maxWait=10):
'''
Send a command to the local http API server, securely. Intended for local clients, DO NOT USE for remote peers.
'''
@ -170,7 +170,6 @@ class OnionrUtils:
self.getTimeBypassToken()
# TODO: URL encode parameters, just as an extra measure. May not be needed, but should be added regardless.
hostname = ''
maxWait = 5
waited = 0
while hostname == '':
try:
@ -185,9 +184,9 @@ class OnionrUtils:
payload = 'http://%s/%s%s' % (hostname, command, data)
try:
if post:
retData = requests.post(payload, data=postData, headers={'token': config.get('client.webpassword')}, timeout=(15, 30)).text
retData = requests.post(payload, data=postData, headers={'token': config.get('client.webpassword')}, timeout=(maxWait, 30)).text
else:
retData = requests.get(payload, headers={'token': config.get('client.webpassword')}, timeout=(15, 30)).text
retData = requests.get(payload, headers={'token': config.get('client.webpassword')}, timeout=(maxWait, 30)).text
except Exception as error:
if not silent:
logger.error('Failed to make local request (command: %s):%s' % (command, error))

View File

@ -31,10 +31,13 @@ class OnionrCLIUI:
self.myCore = apiInst.get_core()
return
def subCommand(self, command):
def subCommand(self, command, args=None):
try:
#subprocess.run(["./onionr.py", command])
#subprocess.Popen(['./onionr.py', command], stdin=subprocess.STD, stdout=subprocess.STDOUT, stderr=subprocess.STDOUT)
if args != None:
subprocess.call(['./onionr.py', command, args])
else:
subprocess.call(['./onionr.py', command])
except KeyboardInterrupt:
pass
@ -48,12 +51,11 @@ class OnionrCLIUI:
isOnline = 'No'
firstRun = True
choice = ''
if self.myCore._utils.localCommand('ping') == 'pong':
if self.myCore._utils.localCommand('ping', maxWait=10) == 'pong!':
firstRun = False
while showMenu:
if self.myCore._utils.localCommand('ping') == 'pong':
if self.myCore._utils.localCommand('ping', maxWait=2) == 'pong!':
isOnline = "Yes"
else:
isOnline = "No"
@ -62,8 +64,7 @@ class OnionrCLIUI:
1. Flow (Anonymous public chat, use at your own risk)
2. Mail (Secure email-like service)
3. File Sharing
4. User Settings
5. Quit (Does not shutdown daemon)
4. Quit (Does not shutdown daemon)
''')
try:
choice = input(">").strip().lower()
@ -75,13 +76,9 @@ class OnionrCLIUI:
elif choice in ("2", "mail"):
self.subCommand("mail")
elif choice in ("3", "file sharing", "file"):
print("Not supported yet")
elif choice in ("4", "user settings", "settings"):
try:
self.setName()
except (KeyboardInterrupt, EOFError) as e:
pass
elif choice in ("5", "quit"):
filename = input("Enter full path to file: ").strip()
self.subCommand("addfile", filename)
elif choice in ("4", "quit"):
showMenu = False
elif choice == "":
pass
@ -89,14 +86,6 @@ class OnionrCLIUI:
logger.error("Invalid choice")
return
def setName(self):
try:
name = input("Enter your name: ")
if name != "":
self.myCore.insertBlock("userInfo-" + str(uuid.uuid1()), sign=True, header='userInfo', meta={'name': name})
except KeyboardInterrupt:
pass
return
def on_init(api, data = None):
'''

View File

@ -28,24 +28,6 @@ plugin_name = 'metadataprocessor'
# event listeners
def _processUserInfo(api, newBlock):
'''
Set the username for a particular user, from a signed block by them
'''
myBlock = newBlock
peerName = myBlock.getMetadata('name')
try:
if len(peerName) > 20:
raise onionrexceptions.InvalidMetdata('Peer name specified is too large')
except TypeError:
pass
except onionrexceptions.InvalidMetadata:
pass
else:
if signer in self.api.get_core().listPeers():
api.get_core().setPeerInfo(signer, 'name', peerName)
logger.info('%s is now using the name %s.' % (signer, api.get_utils().escapeAnsi(peerName)))
def _processForwardKey(api, myBlock):
'''
Get the forward secrecy key specified by the user for us to use
@ -67,12 +49,8 @@ def on_processblocks(api):
# Process specific block types
# userInfo blocks, such as for setting username
if blockType == 'userInfo':
if api.data['validSig'] == True: # we use == True for type safety
_processUserInfo(api, myBlock)
# forwardKey blocks, add a new forward secrecy key for a peer
elif blockType == 'forwardKey':
if blockType == 'forwardKey':
if api.data['validSig'] == True:
_processForwardKey(api, myBlock)
# socket blocks

View File

@ -1,4 +1,5 @@
webpass = document.location.hash.replace('#', '')
nowebpass = false
if (typeof webpass == "undefined"){
webpass = localStorage['webpass']
}
@ -8,6 +9,7 @@ else{
}
if (typeof webpass == "undefined" || webpass == ""){
alert('Web password was not found in memory or URL')
nowebpass = true
}
function httpGet(theUrl) {

View File

@ -1,6 +1,8 @@
shutdownBtn = document.getElementById('shutdownNode')
shutdownBtn.onclick = function(){
if (! nowebpass){
httpGet('shutdownclean')
overlay('shutdownNotice')
}
}