diff options
Diffstat (limited to 'src/qt/paymentserver.cpp')
-rw-r--r-- | src/qt/paymentserver.cpp | 174 |
1 files changed, 113 insertions, 61 deletions
diff --git a/src/qt/paymentserver.cpp b/src/qt/paymentserver.cpp index 707de55290..a00916bf7f 100644 --- a/src/qt/paymentserver.cpp +++ b/src/qt/paymentserver.cpp @@ -1,11 +1,10 @@ -// Copyright (c) 2011-2013 The Bitcoin developers -// Distributed under the MIT/X11 software license, see the accompanying +// Copyright (c) 2011-2014 The Bitcoin Core developers +// Distributed under the MIT software license, see the accompanying // file COPYING or http://www.opensource.org/licenses/mit-license.php. #include "paymentserver.h" #include "bitcoinunits.h" -#include "guiconstants.h" #include "guiutil.h" #include "optionsmodel.h" @@ -19,6 +18,7 @@ #include <openssl/x509.h> #include <openssl/x509_vfy.h> + #include <QApplication> #include <QByteArray> #include <QDataStream> @@ -47,13 +47,18 @@ #endif using namespace std; -using namespace boost; const int BITCOIN_IPC_CONNECT_TIMEOUT = 1000; // milliseconds const QString BITCOIN_IPC_PREFIX("bitcoin:"); -const char* BITCOIN_REQUEST_MIMETYPE = "application/bitcoin-paymentrequest"; -const char* BITCOIN_PAYMENTACK_MIMETYPE = "application/bitcoin-paymentack"; -const char* BITCOIN_PAYMENTACK_CONTENTTYPE = "application/bitcoin-payment"; +// BIP70 payment protocol messages +const char* BIP70_MESSAGE_PAYMENTACK = "PaymentACK"; +const char* BIP70_MESSAGE_PAYMENTREQUEST = "PaymentRequest"; +// BIP71 payment protocol media types +const char* BIP71_MIMETYPE_PAYMENT = "application/bitcoin-payment"; +const char* BIP71_MIMETYPE_PAYMENTACK = "application/bitcoin-paymentack"; +const char* BIP71_MIMETYPE_PAYMENTREQUEST = "application/bitcoin-paymentrequest"; +// BIP70 max payment request size in bytes (DoS protection) +const qint64 BIP70_MAX_PAYMENTREQUEST_SIZE = 50000; X509_STORE* PaymentServer::certStore = NULL; void PaymentServer::freeCertStore() @@ -92,7 +97,7 @@ static QList<QString> savedPaymentRequests; static void ReportInvalidCertificate(const QSslCertificate& cert) { - qDebug() << "ReportInvalidCertificate : Payment server found an invalid certificate: " << cert.subjectInfo(QSslCertificate::CommonName); + qDebug() << "ReportInvalidCertificate: Payment server found an invalid certificate: " << cert.subjectInfo(QSslCertificate::CommonName); } // @@ -119,19 +124,22 @@ void PaymentServer::LoadRootCAs(X509_STORE* _store) // and get 'I don't like X.509 certificates, don't trust anybody' behavior: QString certFile = QString::fromStdString(GetArg("-rootcertificates", "-system-")); - if (certFile.isEmpty()) - return; // Empty store + // Empty store + if (certFile.isEmpty()) { + qDebug() << QString("PaymentServer::%1: Payment request authentication via X.509 certificates disabled.").arg(__func__); + return; + } QList<QSslCertificate> certList; - if (certFile != "-system-") - { + if (certFile != "-system-") { + qDebug() << QString("PaymentServer::%1: Using \"%2\" as trusted root certificate.").arg(__func__).arg(certFile); + certList = QSslCertificate::fromPath(certFile); // Use those certificates when fetching payment requests, too: QSslSocket::setDefaultCaCertificates(certList); - } - else - certList = QSslSocket::systemCaCertificates (); + } else + certList = QSslSocket::systemCaCertificates(); int nRootCerts = 0; const QDateTime currentTime = QDateTime::currentDateTime(); @@ -163,7 +171,7 @@ void PaymentServer::LoadRootCAs(X509_STORE* _store) continue; } } - qWarning() << "PaymentServer::LoadRootCAs : Loaded " << nRootCerts << " root certificates"; + qWarning() << "PaymentServer::LoadRootCAs: Loaded " << nRootCerts << " root certificates"; // Project for another day: // Fetch certificate revocation lists, and add them to certStore. @@ -184,7 +192,7 @@ void PaymentServer::LoadRootCAs(X509_STORE* _store) // Warning: ipcSendCommandLine() is called early in init, // so don't use "emit message()", but "QMessageBox::"! // -bool PaymentServer::ipcParseCommandLine(int argc, char* argv[]) +void PaymentServer::ipcParseCommandLine(int argc, char* argv[]) { for (int i = 1; i < argc; i++) { @@ -192,6 +200,10 @@ bool PaymentServer::ipcParseCommandLine(int argc, char* argv[]) if (arg.startsWith("-")) continue; + // If the bitcoin: URI contains a payment request, we are not able to detect the + // network as that would require fetching and parsing the payment request. + // That means clicking such an URI which contains a testnet payment request + // will start a mainnet instance and throw a "wrong network" error. if (arg.startsWith(BITCOIN_IPC_PREFIX, Qt::CaseInsensitive)) // bitcoin: URI { savedPaymentRequests.append(arg); @@ -216,7 +228,7 @@ bool PaymentServer::ipcParseCommandLine(int argc, char* argv[]) savedPaymentRequests.append(arg); PaymentRequestPlus request; - if (readPaymentRequest(arg, request)) + if (readPaymentRequestFromFile(arg, request)) { if (request.getDetails().network() == "main") { @@ -232,10 +244,9 @@ bool PaymentServer::ipcParseCommandLine(int argc, char* argv[]) { // Printing to debug.log is about the best we can do here, the // GUI hasn't started yet so we can't pop up a message box. - qWarning() << "PaymentServer::ipcSendCommandLine : Payment request file does not exist: " << arg; + qWarning() << "PaymentServer::ipcSendCommandLine: Payment request file does not exist: " << arg; } } - return true; } // @@ -254,6 +265,7 @@ bool PaymentServer::ipcSendCommandLine() if (!socket->waitForConnected(BITCOIN_IPC_CONNECT_TIMEOUT)) { delete socket; + socket = NULL; return false; } @@ -262,12 +274,14 @@ bool PaymentServer::ipcSendCommandLine() out.setVersion(QDataStream::Qt_4_0); out << r; out.device()->seek(0); + socket->write(block); socket->flush(); - socket->waitForBytesWritten(BITCOIN_IPC_CONNECT_TIMEOUT); socket->disconnectFromServer(); + delete socket; + socket = NULL; fResult = true; } @@ -354,10 +368,10 @@ void PaymentServer::initNetManager() if (optionsModel->getProxySettings(proxy)) { netManager->setProxy(proxy); - qDebug() << "PaymentServer::initNetManager : Using SOCKS5 proxy" << proxy.hostName() << ":" << proxy.port(); + qDebug() << "PaymentServer::initNetManager: Using SOCKS5 proxy" << proxy.hostName() << ":" << proxy.port(); } else - qDebug() << "PaymentServer::initNetManager : No active proxy server found."; + qDebug() << "PaymentServer::initNetManager: No active proxy server found."; connect(netManager, SIGNAL(finished(QNetworkReply*)), this, SLOT(netRequestFinished(QNetworkReply*))); @@ -401,12 +415,12 @@ void PaymentServer::handleURIOrFile(const QString& s) if (fetchUrl.isValid()) { - qDebug() << "PaymentServer::handleURIOrFile : fetchRequest(" << fetchUrl << ")"; + qDebug() << "PaymentServer::handleURIOrFile: fetchRequest(" << fetchUrl << ")"; fetchRequest(fetchUrl); } else { - qWarning() << "PaymentServer::handleURIOrFile : Invalid URL: " << fetchUrl; + qWarning() << "PaymentServer::handleURIOrFile: Invalid URL: " << fetchUrl; emit message(tr("URI handling"), tr("Payment request fetch URL is invalid: %1").arg(fetchUrl.toString()), CClientUIInterface::ICON_WARNING); @@ -440,7 +454,7 @@ void PaymentServer::handleURIOrFile(const QString& s) { PaymentRequestPlus request; SendCoinsRecipient recipient; - if (!readPaymentRequest(s, request)) + if (!readPaymentRequestFromFile(s, request)) { emit message(tr("Payment request file handling"), tr("Payment request file cannot be read! This can be caused by an invalid payment request file."), @@ -474,18 +488,25 @@ void PaymentServer::handleURIConnection() handleURIOrFile(msg); } -bool PaymentServer::readPaymentRequest(const QString& filename, PaymentRequestPlus& request) +// +// Warning: readPaymentRequestFromFile() is used in ipcSendCommandLine() +// so don't use "emit message()", but "QMessageBox::"! +// +bool PaymentServer::readPaymentRequestFromFile(const QString& filename, PaymentRequestPlus& request) { QFile f(filename); - if (!f.open(QIODevice::ReadOnly)) - { - qWarning() << "PaymentServer::readPaymentRequest : Failed to open " << filename; + if (!f.open(QIODevice::ReadOnly)) { + qWarning() << QString("PaymentServer::%1: Failed to open %2").arg(__func__).arg(filename); return false; } - if (f.size() > MAX_PAYMENT_REQUEST_SIZE) - { - qWarning() << "PaymentServer::readPaymentRequest : " << filename << " too large"; + // BIP70 DoS protection + if (f.size() > BIP70_MAX_PAYMENTREQUEST_SIZE) { + qWarning() << QString("PaymentServer::%1: Payment request %2 is too large (%3 bytes, allowed %4 bytes).") + .arg(__func__) + .arg(filename) + .arg(f.size()) + .arg(BIP70_MAX_PAYMENTREQUEST_SIZE); return false; } @@ -500,27 +521,23 @@ bool PaymentServer::processPaymentRequest(PaymentRequestPlus& request, SendCoins return false; if (request.IsInitialized()) { - const payments::PaymentDetails& details = request.getDetails(); - // Payment request network matches client network? - if (details.network() != Params().NetworkIDString()) - { + if (!verifyNetwork(request.getDetails())) { emit message(tr("Payment request rejected"), tr("Payment request network doesn't match client network."), CClientUIInterface::MSG_ERROR); return false; } - // Expired payment request? - if (details.has_expires() && (int64_t)details.expires() < GetTime()) - { - emit message(tr("Payment request rejected"), tr("Payment request has expired."), + // Make sure any payment requests involved are still valid. + // This is re-checked just before sending coins in WalletModel::sendCoins(). + if (verifyExpired(request.getDetails())) { + emit message(tr("Payment request rejected"), tr("Payment request expired."), CClientUIInterface::MSG_ERROR); return false; } - } - else { + } else { emit message(tr("Payment request error"), tr("Payment request is not initialized."), CClientUIInterface::MSG_ERROR); @@ -568,10 +585,10 @@ bool PaymentServer::processPaymentRequest(PaymentRequestPlus& request, SendCoins recipient.address = addresses.join("<br />"); if (!recipient.authenticatedMerchant.isEmpty()) { - qDebug() << "PaymentServer::processPaymentRequest : Secure payment request from " << recipient.authenticatedMerchant; + qDebug() << "PaymentServer::processPaymentRequest: Secure payment request from " << recipient.authenticatedMerchant; } else { - qDebug() << "PaymentServer::processPaymentRequest : Insecure payment request to " << addresses.join(", "); + qDebug() << "PaymentServer::processPaymentRequest: Insecure payment request to " << addresses.join(", "); } return true; @@ -580,10 +597,10 @@ bool PaymentServer::processPaymentRequest(PaymentRequestPlus& request, SendCoins void PaymentServer::fetchRequest(const QUrl& url) { QNetworkRequest netRequest; - netRequest.setAttribute(QNetworkRequest::User, "PaymentRequest"); + netRequest.setAttribute(QNetworkRequest::User, BIP70_MESSAGE_PAYMENTREQUEST); netRequest.setUrl(url); netRequest.setRawHeader("User-Agent", CLIENT_NAME.c_str()); - netRequest.setRawHeader("Accept", BITCOIN_REQUEST_MIMETYPE); + netRequest.setRawHeader("Accept", BIP71_MIMETYPE_PAYMENTREQUEST); netManager->get(netRequest); } @@ -594,11 +611,11 @@ void PaymentServer::fetchPaymentACK(CWallet* wallet, SendCoinsRecipient recipien return; QNetworkRequest netRequest; - netRequest.setAttribute(QNetworkRequest::User, "PaymentACK"); + netRequest.setAttribute(QNetworkRequest::User, BIP70_MESSAGE_PAYMENTACK); netRequest.setUrl(QString::fromStdString(details.payment_url())); - netRequest.setHeader(QNetworkRequest::ContentTypeHeader, BITCOIN_PAYMENTACK_CONTENTTYPE); + netRequest.setHeader(QNetworkRequest::ContentTypeHeader, BIP71_MIMETYPE_PAYMENT); netRequest.setRawHeader("User-Agent", CLIENT_NAME.c_str()); - netRequest.setRawHeader("Accept", BITCOIN_PAYMENTACK_MIMETYPE); + netRequest.setRawHeader("Accept", BIP71_MIMETYPE_PAYMENTACK); payments::Payment payment; payment.set_merchant_data(details.merchant_data()); @@ -616,7 +633,6 @@ void PaymentServer::fetchPaymentACK(CWallet* wallet, SendCoinsRecipient recipien else { CPubKey newKey; if (wallet->GetKeyFromPool(newKey)) { - LOCK(wallet->cs_wallet); // SetAddressBook CKeyID keyID = newKey.GetID(); wallet->SetAddressBook(keyID, strAccount, "refund"); @@ -627,7 +643,7 @@ void PaymentServer::fetchPaymentACK(CWallet* wallet, SendCoinsRecipient recipien else { // This should never happen, because sending coins should have // just unlocked the wallet and refilled the keypool. - qWarning() << "PaymentServer::fetchPaymentACK : Error getting refund key, refund_to not set"; + qWarning() << "PaymentServer::fetchPaymentACK: Error getting refund key, refund_to not set"; } } @@ -639,20 +655,32 @@ void PaymentServer::fetchPaymentACK(CWallet* wallet, SendCoinsRecipient recipien } else { // This should never happen, either. - qWarning() << "PaymentServer::fetchPaymentACK : Error serializing payment message"; + qWarning() << "PaymentServer::fetchPaymentACK: Error serializing payment message"; } } void PaymentServer::netRequestFinished(QNetworkReply* reply) { reply->deleteLater(); - if (reply->error() != QNetworkReply::NoError) - { + + // BIP70 DoS protection + if (reply->size() > BIP70_MAX_PAYMENTREQUEST_SIZE) { + QString msg = tr("Payment request %1 is too large (%2 bytes, allowed %3 bytes).") + .arg(reply->request().url().toString()) + .arg(reply->size()) + .arg(BIP70_MAX_PAYMENTREQUEST_SIZE); + + qWarning() << QString("PaymentServer::%1:").arg(__func__) << msg; + emit message(tr("Payment request DoS protection"), msg, CClientUIInterface::MSG_ERROR); + return; + } + + if (reply->error() != QNetworkReply::NoError) { QString msg = tr("Error communicating with %1: %2") .arg(reply->request().url().toString()) .arg(reply->errorString()); - qWarning() << "PaymentServer::netRequestFinished : " << msg; + qWarning() << "PaymentServer::netRequestFinished: " << msg; emit message(tr("Payment request error"), msg, CClientUIInterface::MSG_ERROR); return; } @@ -660,13 +688,13 @@ void PaymentServer::netRequestFinished(QNetworkReply* reply) QByteArray data = reply->readAll(); QString requestType = reply->request().attribute(QNetworkRequest::User).toString(); - if (requestType == "PaymentRequest") + if (requestType == BIP70_MESSAGE_PAYMENTREQUEST) { PaymentRequestPlus request; SendCoinsRecipient recipient; if (!request.parse(data)) { - qWarning() << "PaymentServer::netRequestFinished : Error parsing payment request"; + qWarning() << "PaymentServer::netRequestFinished: Error parsing payment request"; emit message(tr("Payment request error"), tr("Payment request cannot be parsed!"), CClientUIInterface::MSG_ERROR); @@ -676,7 +704,7 @@ void PaymentServer::netRequestFinished(QNetworkReply* reply) return; } - else if (requestType == "PaymentACK") + else if (requestType == BIP70_MESSAGE_PAYMENTACK) { payments::PaymentACK paymentACK; if (!paymentACK.ParseFromArray(data.data(), data.size())) @@ -684,7 +712,7 @@ void PaymentServer::netRequestFinished(QNetworkReply* reply) QString msg = tr("Bad response from server %1") .arg(reply->request().url().toString()); - qWarning() << "PaymentServer::netRequestFinished : " << msg; + qWarning() << "PaymentServer::netRequestFinished: " << msg; emit message(tr("Payment request error"), msg, CClientUIInterface::MSG_ERROR); } else @@ -700,7 +728,7 @@ void PaymentServer::reportSslErrors(QNetworkReply* reply, const QList<QSslError> QString errString; foreach (const QSslError& err, errs) { - qWarning() << "PaymentServer::reportSslErrors : " << err; + qWarning() << "PaymentServer::reportSslErrors: " << err; errString += err.errorString() + "\n"; } emit message(tr("Network request error"), errString, CClientUIInterface::MSG_ERROR); @@ -716,3 +744,27 @@ void PaymentServer::handlePaymentACK(const QString& paymentACKMsg) // currently we don't futher process or store the paymentACK message emit message(tr("Payment acknowledged"), paymentACKMsg, CClientUIInterface::ICON_INFORMATION | CClientUIInterface::MODAL); } + +bool PaymentServer::verifyNetwork(const payments::PaymentDetails& requestDetails) +{ + bool fVerified = requestDetails.network() == Params().NetworkIDString(); + if (!fVerified) { + qWarning() << QString("PaymentServer::%1: Payment request network \"%2\" doesn't match client network \"%3\".") + .arg(__func__) + .arg(QString::fromStdString(requestDetails.network())) + .arg(QString::fromStdString(Params().NetworkIDString())); + } + return fVerified; +} + +bool PaymentServer::verifyExpired(const payments::PaymentDetails& requestDetails) +{ + bool fVerified = (requestDetails.has_expires() && (int64_t)requestDetails.expires() < GetTime()); + if (fVerified) { + const QString requestExpires = QString::fromStdString(DateTimeStrFormat("%Y-%m-%d %H:%M:%S", (int64_t)requestDetails.expires())); + qWarning() << QString("PaymentServer::%1: Payment request expired \"%2\".") + .arg(__func__) + .arg(requestExpires); + } + return fVerified; +} |