* prevent the same message from being inserted at the same time in the http api

* bumped toomanyobjs
* correct pysocks raise
fixes #34
master
Kevin Froman 2019-08-13 17:28:53 -05:00
parent 795266edaf
commit e86f154522
10 changed files with 36 additions and 10 deletions

View File

@ -31,8 +31,8 @@ import sys
# Ensure that PySocks is installed
try:
from urllib3.contrib.socks import SOCKSProxyManager
except ImportError:
raise ImportError("You need the PySocks module (for use with socks5 proxy to use Tor)")
except ModuleNotFoundError:
raise ModuleNotFoundError("You need the PySocks module (for use with socks5 proxy to use Tor)")
# Onionr imports
from etc import onionrvalues # For different Onionr related constants such as versions

View File

@ -65,6 +65,8 @@ class OnionrCommunicatorDaemon:
self.announceProgress = {}
self.announceCache = {}
self.generating_blocks = []
# amount of threads running by name, used to prevent too many
self.threadCounts = {}

View File

@ -30,6 +30,8 @@ def handle_daemon_commands(comm_inst):
events.event('daemon_command', data = {'cmd' : cmd})
if cmd[0] == 'shutdown':
comm_inst.shutdown = True
elif cmd[0] == 'remove_from_insert_list':
comm_inst.generating_blocks.remove(cmd[1])
elif cmd[0] == 'announceNode':
if len(comm_inst.onlinePeers) > 0:
comm_inst.announce(cmd[1])

View File

@ -25,11 +25,13 @@ from . import shoulddownload
from communicator import peeraction, onlinepeers
import onionrcrypto, onionrstorage, onionrblacklist, storagecounter
def download_blocks_from_communicator(comm_inst):
'''Use Onionr communicator instance to download blocks in the communicator's queue'''
assert isinstance(comm_inst, communicator.OnionrCommunicatorDaemon)
blacklist = onionrblacklist.OnionrBlackList()
storage_counter = storagecounter.StorageCounter()
LOG_SKIP_COUNT = 10
LOG_SKIP_COUNT = 10 # for how many iterations we skip logging the counter
count = 0
# Iterate the block queue in the communicator
for blockHash in list(comm_inst.blockQueue):
count += 1
if len(comm_inst.onlinePeers) == 0:

View File

@ -18,8 +18,10 @@
along with this program. If not, see <https://www.gnu.org/licenses/>.
'''
import json, threading
from flask import Blueprint, Response, request
from flask import Blueprint, Response, request, g
import onionrblocks
from onionrcrypto import hashers
from onionrutils import bytesconverter
ib = Blueprint('insertblock', __name__)
@ib.route('/insertblock', methods=['POST'])
@ -27,10 +29,17 @@ def client_api_insert_block():
encrypt = False
bData = request.get_json(force=True)
message = bData['message']
message_hash = bytesconverter.bytes_to_str(hashers.sha3_hash(message))
# Detect if message (block body) is not specified
if type(message) is None:
return 'failure', 406
return 'failure due to unspecified message', 400
# Detect if block with same message is already being inserted
if message_hash in g.too_many.get_by_string("OnionrCommunicatorDaemon").generating_blocks:
return 'failure due to duplicate insert', 400
else:
g.too_many.get_by_string("OnionrCommunicatorDaemon").generating_blocks.append(message_hash)
subject = 'temp'
encryptType = ''

View File

@ -18,7 +18,7 @@
along with this program. If not, see <https://www.gnu.org/licenses/>.
'''
import hmac
from flask import Blueprint, request, abort
from flask import Blueprint, request, abort, g
from onionrservices import httpheaders
# Be extremely mindful of this. These are endpoints available without a password
whitelist_endpoints = ('siteapi.site', 'www', 'staticfiles.onionrhome', 'staticfiles.homedata',
@ -50,6 +50,12 @@ class ClientAPISecurity:
if not hmac.compare_digest(request.form['token'], client_api.clientToken):
abort(403)
# Add shared objects
try:
g.too_many = self.client_api._too_many
except KeyError:
g.too_many = None
@client_api_security_bp.after_app_request
def after_req(resp):
# Security headers

View File

@ -143,4 +143,5 @@ def insert_block(data, header='txt', sign=False, encryptType='', symKey='', asym
events.event('insertdeniable', {'content': plaintext, 'meta': plaintextMeta, 'hash': retData, 'peer': bytesconverter.bytes_to_str(asymPeer)}, threaded = True)
else:
events.event('insertblock', {'content': plaintext, 'meta': plaintextMeta, 'hash': retData, 'peer': bytesconverter.bytes_to_str(asymPeer)}, threaded = True)
coredb.daemonqueue.daemon_queue_add('remove_from_insert_list', data=dataNonce)
return retData

View File

@ -107,7 +107,11 @@ newPostForm.onsubmit = function(){
.then((resp) => resp.text()) // Transform the data into json
.then(function(data) {
newPostForm.style.display = 'block'
alert('Queued for submission!')
if (data == 'failure due to duplicate insert'){
alert('This message is already queued')
return
}
alert('Queued for submission! ' + data)
setTimeout(function(){getBlocks()}, 3000)
})
return false

View File

@ -9,4 +9,4 @@ deadsimplekv==0.1.1
unpaddedbase32==0.1.0
streamedrequests==1.0.0
jinja2==2.10.1
toomanyobjs==1.0.0
toomanyobjs==1.1.0

View File

@ -173,8 +173,8 @@ stem==1.7.1 \
--hash=sha256:c9eaf3116cb60c15995cbd3dec3a5cbc50e9bb6e062c4d6d42201e566f498ca2
streamedrequests==1.0.0 \
--hash=sha256:1d9d07394804a6e1fd66bde74a804e71cab98e6920053865574a459f1cf7d3b7
toomanyobjs==1.0.0 \
--hash=sha256:040390188063dd00e5d903fd82a08850a175f9a384e09880d50acffb1e60ca70
toomanyobjs==1.1.0 \
--hash=sha256:99e27468f9dad19127be9e2fb086b42acd69aed9ad7e63cef74d6e4389be0534
unpaddedbase32==0.1.0 \
--hash=sha256:5e4143fcaf77c9c6b4f60d18301c7570f0dac561dcf9b9aed8b5ba6ead7f218c
urllib3==1.24.2 \