From 67054446aec500cef3121d550361769b472cbe57 Mon Sep 17 00:00:00 2001 From: Kevin Froman Date: Mon, 26 Oct 2020 08:36:53 +0000 Subject: [PATCH 1/6] bump requirements --- requirements.in | 4 ++-- requirements.txt | 30 +++++++++++++++--------------- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/requirements.in b/requirements.in index 8db4bce7..83983938 100644 --- a/requirements.in +++ b/requirements.in @@ -1,4 +1,4 @@ -urllib3==1.25.10 +urllib3==1.25.11 requests==2.24.0 PyNaCl==1.4.0 gevent==20.9.0 @@ -10,7 +10,7 @@ unpaddedbase32==0.2.0 streamedrequests==1.0.3 toomanyobjs==1.1.0 niceware==0.2.1 -psutil==5.7.2 +psutil==5.7.3 filenuke==0.0.0 watchdog==0.10.3 ujson==4.0.1 diff --git a/requirements.txt b/requirements.txt index 4793183a..dbcf8dfa 100644 --- a/requirements.txt +++ b/requirements.txt @@ -144,18 +144,18 @@ niceware==0.2.1 \ pathtools==0.1.2 \ --hash=sha256:7c35c5421a39bb82e58018febd90e3b6e5db34c5443aaaf742b3f33d4655f1c0 \ # via watchdog -psutil==5.7.2 \ - --hash=sha256:0ee3c36428f160d2d8fce3c583a0353e848abb7de9732c50cf3356dd49ad63f8 \ - --hash=sha256:10512b46c95b02842c225f58fa00385c08fa00c68bac7da2d9a58ebe2c517498 \ - --hash=sha256:4080869ed93cce662905b029a1770fe89c98787e543fa7347f075ade761b19d6 \ - --hash=sha256:5e9d0f26d4194479a13d5f4b3798260c20cecf9ac9a461e718eb59ea520a360c \ - --hash=sha256:66c18ca7680a31bf16ee22b1d21b6397869dda8059dbdb57d9f27efa6615f195 \ - --hash=sha256:68d36986ded5dac7c2dcd42f2682af1db80d4bce3faa126a6145c1637e1b559f \ - --hash=sha256:90990af1c3c67195c44c9a889184f84f5b2320dce3ee3acbd054e3ba0b4a7beb \ - --hash=sha256:a5b120bb3c0c71dfe27551f9da2f3209a8257a178ed6c628a819037a8df487f1 \ - --hash=sha256:d8a82162f23c53b8525cf5f14a355f5d1eea86fa8edde27287dd3a98399e4fdf \ - --hash=sha256:f2018461733b23f308c298653c8903d32aaad7873d25e1d228765e91ae42c3f2 \ - --hash=sha256:ff1977ba1a5f71f89166d5145c3da1cea89a0fdb044075a12c720ee9123ec818 \ +psutil==5.7.3 \ + --hash=sha256:01bc82813fbc3ea304914581954979e637bcc7084e59ac904d870d6eb8bb2bc7 \ + --hash=sha256:1cd6a0c9fb35ece2ccf2d1dd733c1e165b342604c67454fd56a4c12e0a106787 \ + --hash=sha256:2cb55ef9591b03ef0104bedf67cc4edb38a3edf015cf8cf24007b99cb8497542 \ + --hash=sha256:56c85120fa173a5d2ad1d15a0c6e0ae62b388bfb956bb036ac231fbdaf9e4c22 \ + --hash=sha256:5d9106ff5ec2712e2f659ebbd112967f44e7d33f40ba40530c485cc5904360b8 \ + --hash=sha256:6a3e1fd2800ca45083d976b5478a2402dd62afdfb719b30ca46cd28bb25a2eb4 \ + --hash=sha256:ade6af32eb80a536eff162d799e31b7ef92ddcda707c27bbd077238065018df4 \ + --hash=sha256:af73f7bcebdc538eda9cc81d19db1db7bf26f103f91081d780bbacfcb620dee2 \ + --hash=sha256:e02c31b2990dcd2431f4524b93491941df39f99619b0d312dfe1d4d530b08b4b \ + --hash=sha256:fa38ac15dbf161ab1e941ff4ce39abd64b53fec5ddf60c23290daed2bc7d1157 \ + --hash=sha256:fbcac492cb082fa38d88587d75feb90785d05d7e12d4565cbf1ecc727aff71b7 \ # via -r requirements.in pycparser==2.19 \ --hash=sha256:a988718abfad80b6b157acce7bf130a30876d27603738ac39f140993246b25b3 \ @@ -228,9 +228,9 @@ unpaddedbase32==0.2.0 \ --hash=sha256:4aacee75f8fd6c8cf129842ecba45ca59c11bfb13dae19d86f32b48fa3715403 \ --hash=sha256:b7b780c31d27d55e66abf6c221216a35690ee8892c2daacff7f2528e229bd9c3 \ # via -r requirements.in -urllib3==1.25.10 \ - --hash=sha256:91056c15fa70756691db97756772bb1eb9678fa585d9184f24534b100dc60f4a \ - --hash=sha256:e7983572181f5e1522d9c98453462384ee92a0be7fac5f1413a1e35c56cc0461 \ +urllib3==1.25.11 \ + --hash=sha256:8d7eaa5a82a1cac232164990f04874c594c9453ec55eef02eab885aa02fc17a2 \ + --hash=sha256:f5321fbe4bf3fefa0efd0bfe7fb14e90909eb62a48ccda331726b4319897dd5e \ # via -r requirements.in, requests watchdog==0.10.3 \ --hash=sha256:4214e1379d128b0588021880ccaf40317ee156d4603ac388b9adcf29165e0c04 \ From d0e6f6c4af62576b6f8b3a25253f77742640ade5 Mon Sep 17 00:00:00 2001 From: Kevin Froman Date: Mon, 26 Oct 2020 08:36:53 +0000 Subject: [PATCH 2/6] bump requirements --- requirements.in | 4 ++-- requirements.txt | 30 +++++++++++++++--------------- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/requirements.in b/requirements.in index 8db4bce7..83983938 100644 --- a/requirements.in +++ b/requirements.in @@ -1,4 +1,4 @@ -urllib3==1.25.10 +urllib3==1.25.11 requests==2.24.0 PyNaCl==1.4.0 gevent==20.9.0 @@ -10,7 +10,7 @@ unpaddedbase32==0.2.0 streamedrequests==1.0.3 toomanyobjs==1.1.0 niceware==0.2.1 -psutil==5.7.2 +psutil==5.7.3 filenuke==0.0.0 watchdog==0.10.3 ujson==4.0.1 diff --git a/requirements.txt b/requirements.txt index 4793183a..dbcf8dfa 100644 --- a/requirements.txt +++ b/requirements.txt @@ -144,18 +144,18 @@ niceware==0.2.1 \ pathtools==0.1.2 \ --hash=sha256:7c35c5421a39bb82e58018febd90e3b6e5db34c5443aaaf742b3f33d4655f1c0 \ # via watchdog -psutil==5.7.2 \ - --hash=sha256:0ee3c36428f160d2d8fce3c583a0353e848abb7de9732c50cf3356dd49ad63f8 \ - --hash=sha256:10512b46c95b02842c225f58fa00385c08fa00c68bac7da2d9a58ebe2c517498 \ - --hash=sha256:4080869ed93cce662905b029a1770fe89c98787e543fa7347f075ade761b19d6 \ - --hash=sha256:5e9d0f26d4194479a13d5f4b3798260c20cecf9ac9a461e718eb59ea520a360c \ - --hash=sha256:66c18ca7680a31bf16ee22b1d21b6397869dda8059dbdb57d9f27efa6615f195 \ - --hash=sha256:68d36986ded5dac7c2dcd42f2682af1db80d4bce3faa126a6145c1637e1b559f \ - --hash=sha256:90990af1c3c67195c44c9a889184f84f5b2320dce3ee3acbd054e3ba0b4a7beb \ - --hash=sha256:a5b120bb3c0c71dfe27551f9da2f3209a8257a178ed6c628a819037a8df487f1 \ - --hash=sha256:d8a82162f23c53b8525cf5f14a355f5d1eea86fa8edde27287dd3a98399e4fdf \ - --hash=sha256:f2018461733b23f308c298653c8903d32aaad7873d25e1d228765e91ae42c3f2 \ - --hash=sha256:ff1977ba1a5f71f89166d5145c3da1cea89a0fdb044075a12c720ee9123ec818 \ +psutil==5.7.3 \ + --hash=sha256:01bc82813fbc3ea304914581954979e637bcc7084e59ac904d870d6eb8bb2bc7 \ + --hash=sha256:1cd6a0c9fb35ece2ccf2d1dd733c1e165b342604c67454fd56a4c12e0a106787 \ + --hash=sha256:2cb55ef9591b03ef0104bedf67cc4edb38a3edf015cf8cf24007b99cb8497542 \ + --hash=sha256:56c85120fa173a5d2ad1d15a0c6e0ae62b388bfb956bb036ac231fbdaf9e4c22 \ + --hash=sha256:5d9106ff5ec2712e2f659ebbd112967f44e7d33f40ba40530c485cc5904360b8 \ + --hash=sha256:6a3e1fd2800ca45083d976b5478a2402dd62afdfb719b30ca46cd28bb25a2eb4 \ + --hash=sha256:ade6af32eb80a536eff162d799e31b7ef92ddcda707c27bbd077238065018df4 \ + --hash=sha256:af73f7bcebdc538eda9cc81d19db1db7bf26f103f91081d780bbacfcb620dee2 \ + --hash=sha256:e02c31b2990dcd2431f4524b93491941df39f99619b0d312dfe1d4d530b08b4b \ + --hash=sha256:fa38ac15dbf161ab1e941ff4ce39abd64b53fec5ddf60c23290daed2bc7d1157 \ + --hash=sha256:fbcac492cb082fa38d88587d75feb90785d05d7e12d4565cbf1ecc727aff71b7 \ # via -r requirements.in pycparser==2.19 \ --hash=sha256:a988718abfad80b6b157acce7bf130a30876d27603738ac39f140993246b25b3 \ @@ -228,9 +228,9 @@ unpaddedbase32==0.2.0 \ --hash=sha256:4aacee75f8fd6c8cf129842ecba45ca59c11bfb13dae19d86f32b48fa3715403 \ --hash=sha256:b7b780c31d27d55e66abf6c221216a35690ee8892c2daacff7f2528e229bd9c3 \ # via -r requirements.in -urllib3==1.25.10 \ - --hash=sha256:91056c15fa70756691db97756772bb1eb9678fa585d9184f24534b100dc60f4a \ - --hash=sha256:e7983572181f5e1522d9c98453462384ee92a0be7fac5f1413a1e35c56cc0461 \ +urllib3==1.25.11 \ + --hash=sha256:8d7eaa5a82a1cac232164990f04874c594c9453ec55eef02eab885aa02fc17a2 \ + --hash=sha256:f5321fbe4bf3fefa0efd0bfe7fb14e90909eb62a48ccda331726b4319897dd5e \ # via -r requirements.in, requests watchdog==0.10.3 \ --hash=sha256:4214e1379d128b0588021880ccaf40317ee156d4603ac388b9adcf29165e0c04 \ From 2837210cf4dbb1a4db8ae515736b305dc8993db6 Mon Sep 17 00:00:00 2001 From: Kevin Froman Date: Tue, 27 Oct 2020 15:58:06 +0000 Subject: [PATCH 3/6] blockapi decrypt fix --- src/onionrblocks/onionrblockapi.py | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/src/onionrblocks/onionrblockapi.py b/src/onionrblocks/onionrblockapi.py index f7797a7c..7d00cd9f 100755 --- a/src/onionrblocks/onionrblockapi.py +++ b/src/onionrblocks/onionrblockapi.py @@ -79,10 +79,7 @@ class Block: # decrypt data if self.getHeader('encryptType') == 'asym': try: - try: - self.bcontent = encryption.pub_key_decrypt(self.bcontent, encodedData=encodedData) - except (binascii.Error, ValueError) as e: - self.bcontent = encryption.pub_key_decrypt(self.bcontent, encodedData=False) + self.bcontent = encryption.pub_key_decrypt(self.bcontent, encodedData=False) bmeta = encryption.pub_key_decrypt(self.bmetadata, encodedData=encodedData) @@ -93,9 +90,11 @@ class Block: pass self.bmetadata = json.loads(bmeta) self.signature = encryption.pub_key_decrypt(self.signature, encodedData=encodedData) + self.signer = encryption.pub_key_decrypt(self.signer, encodedData=encodedData) + self.bheader['signer'] = self.signer.decode() - self.signedData = json.dumps(self.bmetadata).encode() + self.bcontent + self.signedData = json.dumps(self.bmetadata).encode() + self.bcontent if not self.signer is None: if not self.verifySig(): @@ -124,8 +123,8 @@ class Block: except (onionrexceptions.DecryptionError, nacl.exceptions.CryptoError) as e: logger.error(str(e)) pass - except nacl.exceptions.CryptoError: - logger.debug('Could not decrypt block. Either invalid key or corrupted data') + except (nacl.exceptions.CryptoError,) as e: + logger.debug(f'Could not decrypt block. encodedData: {encodedData}. Either invalid key or corrupted data ' + str(e)) except onionrexceptions.ReplayAttack: logger.warn('%s is possibly a replay attack' % (self.hash,)) else: From 2601263b870e6f4ccd1fcd62c0c5c7593addc242 Mon Sep 17 00:00:00 2001 From: Kevin Froman Date: Wed, 28 Oct 2020 02:49:21 +0000 Subject: [PATCH 4/6] disable forward secrecy for now, fix autocomplete for to address in mail --- src/httpapi/miscpublicapi/upload.py | 2 +- static-data/default-plugins/pms/web/index.html | 4 ++-- tests/runtime-result.txt | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/httpapi/miscpublicapi/upload.py b/src/httpapi/miscpublicapi/upload.py index faad4fe8..e165581b 100755 --- a/src/httpapi/miscpublicapi/upload.py +++ b/src/httpapi/miscpublicapi/upload.py @@ -36,7 +36,7 @@ def accept_upload(request): resp = 'failure' data = request.get_data() data_size = sys.getsizeof(data) - print(data) + if data_size < 30: resp = 'size' elif data_size < 100000000: diff --git a/static-data/default-plugins/pms/web/index.html b/static-data/default-plugins/pms/web/index.html index a878e46a..c838d30b 100755 --- a/static-data/default-plugins/pms/web/index.html +++ b/static-data/default-plugins/pms/web/index.html @@ -130,7 +130,7 @@
+ class="switch is-rounded is-danger">
@@ -244,7 +244,7 @@
- To: + To:
Subject: diff --git a/tests/runtime-result.txt b/tests/runtime-result.txt index 2dd96424..cce6edc0 100644 --- a/tests/runtime-result.txt +++ b/tests/runtime-result.txt @@ -1 +1 @@ -1603378318 \ No newline at end of file +1603853271 \ No newline at end of file From 256c402223ec87dc34a2655f40e7aea5f4c932b1 Mon Sep 17 00:00:00 2001 From: Kevin Froman Date: Wed, 28 Oct 2020 07:54:11 +0000 Subject: [PATCH 5/6] fix connectnewpeers not using specified peer --- src/communicatorutils/connectnewpeers.py | 3 ++- tests/runtime-result.txt | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/src/communicatorutils/connectnewpeers.py b/src/communicatorutils/connectnewpeers.py index 913ce81c..3278c569 100755 --- a/src/communicatorutils/connectnewpeers.py +++ b/src/communicatorutils/connectnewpeers.py @@ -45,7 +45,8 @@ def connect_new_peer_to_communicator(shared_state, peer='', useBootstrap=False): peerList = keydb.listkeys.list_adders() mainPeerList = keydb.listkeys.list_adders() - peerList = onionrpeers.get_score_sorted_peer_list() + if not peerList: + peerList = onionrpeers.get_score_sorted_peer_list() """ If we don't have enough peers connected or random chance, diff --git a/tests/runtime-result.txt b/tests/runtime-result.txt index cce6edc0..468a8265 100644 --- a/tests/runtime-result.txt +++ b/tests/runtime-result.txt @@ -1 +1 @@ -1603853271 \ No newline at end of file +1603867091 \ No newline at end of file From f2d7075b3a7937cbfd94e3465a111bbadeafa422 Mon Sep 17 00:00:00 2001 From: Kevin Froman Date: Wed, 28 Oct 2020 08:28:56 +0000 Subject: [PATCH 6/6] bump version --- src/etc/onionrvalues.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/etc/onionrvalues.py b/src/etc/onionrvalues.py index 33a2aaec..9d1bc68a 100755 --- a/src/etc/onionrvalues.py +++ b/src/etc/onionrvalues.py @@ -23,7 +23,7 @@ import filepaths DENIABLE_PEER_ADDRESS = "OVPCZLOXD6DC5JHX4EQ3PSOGAZ3T24F75HQLIUZSDSMYPEOXCPFA" PASSWORD_LENGTH = 25 ONIONR_TAGLINE = 'Private P2P Communication - GPLv3 - https://Onionr.net' -ONIONR_VERSION = '6.1.1' +ONIONR_VERSION = '6.2.0' ONIONR_VERSION_CODENAME = 'Genesis' ONIONR_VERSION_TUPLE = tuple(ONIONR_VERSION.split('.')) # (MAJOR, MINOR, VERSION) API_VERSION = '2' # increments of 1; only change when something fundamental about how the API works changes. This way other nodes know how to communicate without learning too much information about you.