added id verification

master
Kevin Froman 2018-01-26 03:46:21 -06:00
parent 3667ae0e68
commit c35242be1a
No known key found for this signature in database
GPG Key ID: 0D414D0FE405B63B
2 changed files with 34 additions and 0 deletions

View File

@ -22,6 +22,8 @@ from Crypto.Cipher import AES
from Crypto import Random from Crypto import Random
import netcontroller import netcontroller
import onionrutils
if sys.version_info < (3, 6): if sys.version_info < (3, 6):
try: try:
import sha3 import sha3
@ -39,6 +41,7 @@ class Core:
self.ownPGPID = '' self.ownPGPID = ''
self.blockDB = 'data/blocks.db' self.blockDB = 'data/blocks.db'
self.blockDataLocation = 'data/blocks/' self.blockDataLocation = 'data/blocks/'
self._utils = onionrutils.OnionrUtils(self)
return return
@ -63,6 +66,8 @@ class Core:
''' Add a peer by their ID, with an optional name, to the peer database.''' ''' Add a peer by their ID, with an optional name, to the peer database.'''
''' DOES NO SAFETY CHECKS if the ID is valid, but prepares the insertion. ''' ''' DOES NO SAFETY CHECKS if the ID is valid, but prepares the insertion. '''
# This function simply adds a peer to the DB # This function simply adds a peer to the DB
if not self._utils.validateID(peerID):
return False
conn = sqlite3.connect(self.peerDB) conn = sqlite3.connect(self.peerDB)
c = conn.cursor() c = conn.cursor()
t = (peerID, name, 'unknown') t = (peerID, name, 'unknown')

View File

@ -102,3 +102,32 @@ class OnionrUtils:
except ValueError: except ValueError:
retVal = False retVal = False
return retVal return retVal
def validateID(self, id):
'''validate if a user ID is a valid tor or i2p hidden service'''
idLength = len(id)
retVal = True
idNoDomain = ''
#if idLength != 60 and idLength != 22 and idLength != 62:
if idLength == 60:
if not id.endsWith('.b32.i2p'):
retVal = False
else:
idNoDomain = id.split('.b32.i2p')[0]
elif idLength == 22 or idLength == 62:
if not id.endsWith('.onion'):
retVal = False
else:
idNoDomain = id.split('.onion')[0]
else:
retVal = False
if retVal:
if id.endsWith('.onion'):
try:
int(idNoDomain, 16)
except ValueError:
retVal = False
elif id.endsWith('.b32.i2p'):
if not idNoDomain.isalnum():
retVal = False
return retVal