|
|
|
#!/usr/bin/env python
|
|
|
|
#
|
|
|
|
# Electrum - lightweight Bitcoin client
|
|
|
|
# Copyright (C) 2011 thomasv@gitorious
|
|
|
|
#
|
|
|
|
# This program is free software: you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU General Public License as published by
|
|
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
|
|
# (at your option) any later version.
|
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU General Public License
|
|
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
|
|
|
|
|
|
import random, ast, re, errno, os
|
|
|
|
import threading, traceback, sys, time, json, Queue
|
|
|
|
import socks
|
|
|
|
import socket
|
|
|
|
import ssl
|
|
|
|
|
|
|
|
from version import ELECTRUM_VERSION, PROTOCOL_VERSION
|
|
|
|
from util import print_error, print_msg
|
|
|
|
from simple_config import SimpleConfig
|
|
|
|
|
|
|
|
|
|
|
|
DEFAULT_TIMEOUT = 5
|
|
|
|
proxy_modes = ['socks4', 'socks5', 'http']
|
|
|
|
|
|
|
|
|
|
|
|
def check_cert(host, cert):
|
|
|
|
from OpenSSL import crypto as c
|
|
|
|
_cert = c.load_certificate(c.FILETYPE_PEM, cert)
|
|
|
|
|
|
|
|
m = "host: %s\n"%host
|
|
|
|
m += "has_expired: %s\n"% _cert.has_expired()
|
|
|
|
m += "pubkey: %s bits\n" % _cert.get_pubkey().bits()
|
|
|
|
m += "serial number: %s\n"% _cert.get_serial_number()
|
|
|
|
#m += "issuer: %s\n"% _cert.get_issuer()
|
|
|
|
#m += "algo: %s\n"% _cert.get_signature_algorithm()
|
|
|
|
m += "version: %s\n"% _cert.get_version()
|
|
|
|
print_msg(m)
|
|
|
|
|
|
|
|
|
|
|
|
def cert_has_expired(cert_path):
|
|
|
|
try:
|
|
|
|
import OpenSSL
|
|
|
|
except:
|
|
|
|
print_error("Warning: cannot import OpenSSL")
|
|
|
|
return False
|
|
|
|
from OpenSSL import crypto as c
|
|
|
|
with open(cert_path) as f:
|
|
|
|
cert = f.read()
|
|
|
|
_cert = c.load_certificate(c.FILETYPE_PEM, cert)
|
|
|
|
return _cert.has_expired()
|
|
|
|
|
|
|
|
|
|
|
|
def check_certificates():
|
|
|
|
config = SimpleConfig()
|
|
|
|
mydir = os.path.join(config.path, "certs")
|
|
|
|
certs = os.listdir(mydir)
|
|
|
|
for c in certs:
|
|
|
|
print c
|
|
|
|
p = os.path.join(mydir,c)
|
|
|
|
with open(p) as f:
|
|
|
|
cert = f.read()
|
|
|
|
check_cert(c, cert)
|
|
|
|
|
|
|
|
|
|
|
|
def cert_verify_hostname(s):
|
|
|
|
# hostname verification (disabled)
|
|
|
|
from backports.ssl_match_hostname import match_hostname, CertificateError
|
|
|
|
try:
|
|
|
|
match_hostname(s.getpeercert(True), host)
|
|
|
|
print_error("hostname matches", host)
|
|
|
|
except CertificateError, ce:
|
|
|
|
print_error("hostname did not match", host)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class Interface(threading.Thread):
|
|
|
|
|
|
|
|
|
|
|
|
def __init__(self, server, config = None):
|
|
|
|
|
|
|
|
threading.Thread.__init__(self)
|
|
|
|
self.daemon = True
|
|
|
|
self.config = config if config is not None else SimpleConfig()
|
|
|
|
self.connect_event = threading.Event()
|
|
|
|
|
|
|
|
self.subscriptions = {}
|
|
|
|
self.lock = threading.Lock()
|
|
|
|
|
|
|
|
self.rtime = 0
|
|
|
|
self.bytes_received = 0
|
|
|
|
self.is_connected = False
|
|
|
|
self.poll_interval = 1
|
|
|
|
|
|
|
|
self.debug = False # dump network messages. can be changed at runtime using the console
|
|
|
|
|
|
|
|
#json
|
|
|
|
self.message_id = 0
|
|
|
|
self.unanswered_requests = {}
|
|
|
|
self.pending_transactions_for_notifications= []
|
|
|
|
|
|
|
|
# parse server
|
|
|
|
self.server = server
|
|
|
|
try:
|
|
|
|
host, port, protocol = self.server.split(':')
|
|
|
|
port = int(port)
|
|
|
|
except:
|
|
|
|
self.server = None
|
|
|
|
return
|
|
|
|
|
|
|
|
if protocol not in 'ghst':
|
|
|
|
raise BaseException('Unknown protocol: %s'%protocol)
|
|
|
|
|
|
|
|
self.host = host
|
|
|
|
self.port = port
|
|
|
|
self.protocol = protocol
|
|
|
|
self.use_ssl = ( protocol in 'sg' )
|
|
|
|
self.proxy = self.parse_proxy_options(self.config.get('proxy'))
|
|
|
|
if self.proxy:
|
|
|
|
self.proxy_mode = proxy_modes.index(self.proxy["mode"]) + 1
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def queue_json_response(self, c):
|
|
|
|
|
|
|
|
# uncomment to debug
|
|
|
|
if self.debug:
|
|
|
|
print_error( "<--",c )
|
|
|
|
|
|
|
|
msg_id = c.get('id')
|
|
|
|
error = c.get('error')
|
|
|
|
|
|
|
|
if error:
|
|
|
|
print_error("received error:", c)
|
|
|
|
if msg_id is not None:
|
|
|
|
with self.lock:
|
|
|
|
method, params, callback = self.unanswered_requests.pop(msg_id)
|
|
|
|
callback(self,{'method':method, 'params':params, 'error':error, 'id':msg_id})
|
|
|
|
|
|
|
|
return
|
|
|
|
|
|
|
|
if msg_id is not None:
|
|
|
|
with self.lock:
|
|
|
|
method, params, callback = self.unanswered_requests.pop(msg_id)
|
|
|
|
result = c.get('result')
|
|
|
|
|
|
|
|
else:
|
|
|
|
# notification
|
|
|
|
method = c.get('method')
|
|
|
|
params = c.get('params')
|
|
|
|
|
|
|
|
if method == 'blockchain.numblocks.subscribe':
|
|
|
|
result = params[0]
|
|
|
|
params = []
|
|
|
|
|
|
|
|
elif method == 'blockchain.headers.subscribe':
|
|
|
|
result = params[0]
|
|
|
|
params = []
|
|
|
|
|
|
|
|
elif method == 'blockchain.address.subscribe':
|
|
|
|
addr = params[0]
|
|
|
|
result = params[1]
|
|
|
|
params = [addr]
|
|
|
|
|
|
|
|
with self.lock:
|
|
|
|
for k,v in self.subscriptions.items():
|
|
|
|
if (method, params) in v:
|
|
|
|
callback = k
|
|
|
|
break
|
|
|
|
else:
|
|
|
|
print_error( "received unexpected notification", method, params)
|
|
|
|
print_error( self.subscriptions )
|
|
|
|
return
|
|
|
|
|
|
|
|
|
|
|
|
callback(self, {'method':method, 'params':params, 'result':result, 'id':msg_id})
|
|
|
|
|
|
|
|
|
|
|
|
def on_version(self, i, result):
|
|
|
|
self.server_version = result
|
|
|
|
|
|
|
|
|
|
|
|
def start_http(self):
|
|
|
|
self.session_id = None
|
|
|
|
self.is_connected = True
|
|
|
|
self.connection_msg = ('https' if self.use_ssl else 'http') + '://%s:%d'%( self.host, self.port )
|
|
|
|
try:
|
|
|
|
self.poll()
|
|
|
|
except:
|
|
|
|
print_error("http init session failed")
|
|
|
|
self.is_connected = False
|
|
|
|
return
|
|
|
|
|
|
|
|
if self.session_id:
|
|
|
|
print_error('http session:',self.session_id)
|
|
|
|
self.is_connected = True
|
|
|
|
else:
|
|
|
|
self.is_connected = False
|
|
|
|
|
|
|
|
def run_http(self):
|
|
|
|
self.is_connected = True
|
|
|
|
while self.is_connected:
|
|
|
|
try:
|
|
|
|
if self.session_id:
|
|
|
|
self.poll()
|
|
|
|
time.sleep(self.poll_interval)
|
|
|
|
except socket.gaierror:
|
|
|
|
break
|
|
|
|
except socket.error:
|
|
|
|
break
|
|
|
|
except:
|
|
|
|
traceback.print_exc(file=sys.stdout)
|
|
|
|
break
|
|
|
|
|
|
|
|
self.is_connected = False
|
|
|
|
|
|
|
|
|
|
|
|
def poll(self):
|
|
|
|
self.send([], None)
|
|
|
|
|
|
|
|
|
|
|
|
def send_http(self, messages, callback):
|
|
|
|
import urllib2, json, time, cookielib
|
|
|
|
print_error( "send_http", messages )
|
|
|
|
|
|
|
|
if self.proxy:
|
|
|
|
socks.setdefaultproxy(self.proxy_mode, self.proxy["host"], int(self.proxy["port"]) )
|
|
|
|
socks.wrapmodule(urllib2)
|
|
|
|
|
|
|
|
cj = cookielib.CookieJar()
|
|
|
|
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
|
|
|
|
urllib2.install_opener(opener)
|
|
|
|
|
|
|
|
t1 = time.time()
|
|
|
|
|
|
|
|
data = []
|
|
|
|
for m in messages:
|
|
|
|
method, params = m
|
|
|
|
if type(params) != type([]): params = [params]
|
|
|
|
data.append( { 'method':method, 'id':self.message_id, 'params':params } )
|
|
|
|
self.unanswered_requests[self.message_id] = method, params, callback
|
|
|
|
self.message_id += 1
|
|
|
|
|
|
|
|
if data:
|
|
|
|
data_json = json.dumps(data)
|
|
|
|
else:
|
|
|
|
# poll with GET
|
|
|
|
data_json = None
|
|
|
|
|
|
|
|
|
|
|
|
headers = {'content-type': 'application/json'}
|
|
|
|
if self.session_id:
|
|
|
|
headers['cookie'] = 'SESSION=%s'%self.session_id
|
|
|
|
|
|
|
|
try:
|
|
|
|
req = urllib2.Request(self.connection_msg, data_json, headers)
|
|
|
|
response_stream = urllib2.urlopen(req, timeout=DEFAULT_TIMEOUT)
|
|
|
|
except:
|
|
|
|
return
|
|
|
|
|
|
|
|
for index, cookie in enumerate(cj):
|
|
|
|
if cookie.name=='SESSION':
|
|
|
|
self.session_id = cookie.value
|
|
|
|
|
|
|
|
response = response_stream.read()
|
|
|
|
self.bytes_received += len(response)
|
|
|
|
if response:
|
|
|
|
response = json.loads( response )
|
|
|
|
if type(response) is not type([]):
|
|
|
|
self.queue_json_response(response)
|
|
|
|
else:
|
|
|
|
for item in response:
|
|
|
|
self.queue_json_response(item)
|
|
|
|
|
|
|
|
if response:
|
|
|
|
self.poll_interval = 1
|
|
|
|
else:
|
|
|
|
if self.poll_interval < 15:
|
|
|
|
self.poll_interval += 1
|
|
|
|
#print self.poll_interval, response
|
|
|
|
|
|
|
|
self.rtime = time.time() - t1
|
|
|
|
self.is_connected = True
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def start_tcp(self):
|
|
|
|
|
|
|
|
self.connection_msg = self.host + ':%d' % self.port
|
|
|
|
|
|
|
|
if self.proxy is not None:
|
|
|
|
|
|
|
|
socks.setdefaultproxy(self.proxy_mode, self.proxy["host"], int(self.proxy["port"]))
|
|
|
|
socket.socket = socks.socksocket
|
|
|
|
# prevent dns leaks, see http://stackoverflow.com/questions/13184205/dns-over-proxy
|
|
|
|
def getaddrinfo(*args):
|
|
|
|
return [(socket.AF_INET, socket.SOCK_STREAM, 6, '', (args[0], args[1]))]
|
|
|
|
socket.getaddrinfo = getaddrinfo
|
|
|
|
|
|
|
|
if self.use_ssl:
|
|
|
|
cert_path = os.path.join( self.config.path, 'certs', self.host)
|
|
|
|
|
|
|
|
if not os.path.exists(cert_path):
|
|
|
|
is_new = True
|
|
|
|
# get server certificate.
|
|
|
|
# Do not use ssl.get_server_certificate because it does not work with proxy
|
|
|
|
s = socket.socket( socket.AF_INET, socket.SOCK_STREAM )
|
|
|
|
try:
|
|
|
|
s.connect((self.host, self.port))
|
|
|
|
except:
|
|
|
|
# print_error("failed to connect", self.host, self.port)
|
|
|
|
return
|
|
|
|
|
|
|
|
try:
|
|
|
|
s = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_SSLv3, cert_reqs=ssl.CERT_NONE, ca_certs=None)
|
|
|
|
except ssl.SSLError, e:
|
|
|
|
print_error("SSL error:", self.host, e)
|
|
|
|
return
|
|
|
|
dercert = s.getpeercert(True)
|
|
|
|
s.close()
|
|
|
|
cert = ssl.DER_cert_to_PEM_cert(dercert)
|
|
|
|
# workaround android bug
|
|
|
|
cert = re.sub("([^\n])-----END CERTIFICATE-----","\\1\n-----END CERTIFICATE-----",cert)
|
|
|
|
temporary_path = cert_path + '.temp'
|
|
|
|
with open(temporary_path,"w") as f:
|
|
|
|
f.write(cert)
|
|
|
|
|
|
|
|
else:
|
|
|
|
is_new = False
|
|
|
|
|
|
|
|
|
|
|
|
s = socket.socket( socket.AF_INET, socket.SOCK_STREAM )
|
|
|
|
s.settimeout(2)
|
|
|
|
s.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
|
|
|
|
|
|
|
|
try:
|
|
|
|
s.connect(( self.host.encode('ascii'), int(self.port)))
|
|
|
|
except:
|
|
|
|
print_error("failed to connect", self.host, self.port)
|
|
|
|
return
|
|
|
|
|
|
|
|
if self.use_ssl:
|
|
|
|
try:
|
|
|
|
s = ssl.wrap_socket(s,
|
|
|
|
ssl_version=ssl.PROTOCOL_SSLv3,
|
|
|
|
cert_reqs=ssl.CERT_REQUIRED,
|
|
|
|
ca_certs= (temporary_path if is_new else cert_path),
|
|
|
|
do_handshake_on_connect=True)
|
|
|
|
except ssl.SSLError, e:
|
|
|
|
print_error("SSL error:", self.host, e)
|
|
|
|
if e.errno != 1:
|
|
|
|
return
|
|
|
|
if is_new:
|
|
|
|
os.rename(temporary_path, cert_path + '.rej')
|
|
|
|
else:
|
|
|
|
if cert_has_expired(cert_path):
|
|
|
|
print_error("certificate has expired:", cert_path)
|
|
|
|
os.unlink(cert_path)
|
|
|
|
else:
|
|
|
|
print_msg("wrong certificate", self.host)
|
|
|
|
return
|
|
|
|
except:
|
|
|
|
print_error("wrap_socket failed", self.host)
|
|
|
|
traceback.print_exc(file=sys.stdout)
|
|
|
|
return
|
|
|
|
|
|
|
|
if is_new:
|
|
|
|
print_error("saving certificate for", self.host)
|
|
|
|
os.rename(temporary_path, cert_path)
|
|
|
|
|
|
|
|
s.settimeout(60)
|
|
|
|
self.s = s
|
|
|
|
self.is_connected = True
|
|
|
|
print_error("connected to", self.host, self.port)
|
|
|
|
|
|
|
|
|
|
|
|
def run_tcp(self):
|
|
|
|
try:
|
|
|
|
#if self.use_ssl: self.s.do_handshake()
|
|
|
|
out = ''
|
|
|
|
while self.is_connected:
|
|
|
|
try:
|
|
|
|
timeout = False
|
|
|
|
msg = self.s.recv(1024)
|
|
|
|
except socket.timeout:
|
|
|
|
timeout = True
|
|
|
|
except ssl.SSLError:
|
|
|
|
timeout = True
|
|
|
|
except socket.error, err:
|
|
|
|
if err.errno in [11, 10035]:
|
|
|
|
print_error("socket errno", err.errno)
|
|
|
|
time.sleep(0.1)
|
|
|
|
continue
|
|
|
|
else:
|
|
|
|
traceback.print_exc(file=sys.stdout)
|
|
|
|
raise
|
|
|
|
|
|
|
|
if timeout:
|
|
|
|
# ping the server with server.version, as a real ping does not exist yet
|
|
|
|
self.send([('server.version', [ELECTRUM_VERSION, PROTOCOL_VERSION])], self.on_version)
|
|
|
|
continue
|
|
|
|
|
|
|
|
out += msg
|
|
|
|
self.bytes_received += len(msg)
|
|
|
|
if msg == '':
|
|
|
|
self.is_connected = False
|
|
|
|
|
|
|
|
while True:
|
|
|
|
s = out.find('\n')
|
|
|
|
if s==-1: break
|
|
|
|
c = out[0:s]
|
|
|
|
out = out[s+1:]
|
|
|
|
c = json.loads(c)
|
|
|
|
self.queue_json_response(c)
|
|
|
|
|
|
|
|
except:
|
|
|
|
traceback.print_exc(file=sys.stdout)
|
|
|
|
|
|
|
|
self.is_connected = False
|
|
|
|
|
|
|
|
|
|
|
|
def send_tcp(self, messages, callback):
|
|
|
|
"""return the ids of the requests that we sent"""
|
|
|
|
out = ''
|
|
|
|
ids = []
|
|
|
|
for m in messages:
|
|
|
|
method, params = m
|
|
|
|
request = json.dumps( { 'id':self.message_id, 'method':method, 'params':params } )
|
|
|
|
self.unanswered_requests[self.message_id] = method, params, callback
|
|
|
|
ids.append(self.message_id)
|
|
|
|
if self.debug:
|
|
|
|
print "-->", request
|
|
|
|
self.message_id += 1
|
|
|
|
out += request + '\n'
|
|
|
|
while out:
|
|
|
|
try:
|
|
|
|
sent = self.s.send( out )
|
|
|
|
out = out[sent:]
|
|
|
|
except socket.error,e:
|
|
|
|
if e[0] in (errno.EWOULDBLOCK,errno.EAGAIN):
|
|
|
|
print_error( "EAGAIN: retrying")
|
|
|
|
time.sleep(0.1)
|
|
|
|
continue
|
|
|
|
else:
|
|
|
|
traceback.print_exc(file=sys.stdout)
|
|
|
|
# this happens when we get disconnected
|
|
|
|
print_error( "Not connected, cannot send" )
|
|
|
|
return None
|
|
|
|
return ids
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def start_interface(self):
|
|
|
|
|
|
|
|
if self.protocol in 'st':
|
|
|
|
self.start_tcp()
|
|
|
|
elif self.protocol in 'gh':
|
|
|
|
self.start_http()
|
|
|
|
|
|
|
|
self.connect_event.set()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def stop_subscriptions(self):
|
|
|
|
for callback in self.subscriptions.keys():
|
|
|
|
callback(self, None)
|
|
|
|
self.subscriptions = {}
|
|
|
|
|
|
|
|
|
|
|
|
def send(self, messages, callback):
|
|
|
|
|
|
|
|
sub = []
|
|
|
|
for message in messages:
|
|
|
|
m, v = message
|
|
|
|
if m[-10:] == '.subscribe':
|
|
|
|
sub.append(message)
|
|
|
|
|
|
|
|
if sub:
|
|
|
|
with self.lock:
|
|
|
|
if self.subscriptions.get(callback) is None:
|
|
|
|
self.subscriptions[callback] = []
|
|
|
|
for message in sub:
|
|
|
|
if message not in self.subscriptions[callback]:
|
|
|
|
self.subscriptions[callback].append(message)
|
|
|
|
|
|
|
|
if not self.is_connected:
|
|
|
|
print_error("interface: trying to send while not connected")
|
|
|
|
return
|
|
|
|
|
|
|
|
if self.protocol in 'st':
|
|
|
|
with self.lock:
|
|
|
|
out = self.send_tcp(messages, callback)
|
|
|
|
else:
|
|
|
|
# do not use lock, http is synchronous
|
|
|
|
out = self.send_http(messages, callback)
|
|
|
|
|
|
|
|
return out
|
|
|
|
|
|
|
|
|
|
|
|
def parse_proxy_options(self, s):
|
|
|
|
if type(s) == type({}): return s # fixme: type should be fixed
|
|
|
|
if type(s) != type(""): return None
|
|
|
|
if s.lower() == 'none': return None
|
|
|
|
proxy = { "mode":"socks5", "host":"localhost" }
|
|
|
|
args = s.split(':')
|
|
|
|
n = 0
|
|
|
|
if proxy_modes.count(args[n]) == 1:
|
|
|
|
proxy["mode"] = args[n]
|
|
|
|
n += 1
|
|
|
|
if len(args) > n:
|
|
|
|
proxy["host"] = args[n]
|
|
|
|
n += 1
|
|
|
|
if len(args) > n:
|
|
|
|
proxy["port"] = args[n]
|
|
|
|
else:
|
|
|
|
proxy["port"] = "8080" if proxy["mode"] == "http" else "1080"
|
|
|
|
return proxy
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def stop(self):
|
|
|
|
if self.is_connected and self.protocol in 'st' and self.s:
|
|
|
|
self.s.shutdown(socket.SHUT_RDWR)
|
|
|
|
self.s.close()
|
|
|
|
|
|
|
|
|
|
|
|
def is_up_to_date(self):
|
|
|
|
return self.unanswered_requests == {}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def start(self, queue = None, wait = False):
|
|
|
|
if not self.server:
|
|
|
|
return
|
|
|
|
self.queue = queue if queue else Queue.Queue()
|
|
|
|
threading.Thread.start(self)
|
|
|
|
if wait:
|
|
|
|
self.connect_event.wait()
|
|
|
|
|
|
|
|
|
|
|
|
def run(self):
|
|
|
|
self.start_interface()
|
|
|
|
if self.is_connected:
|
|
|
|
self.send([('server.version', [ELECTRUM_VERSION, PROTOCOL_VERSION])], self.on_version)
|
|
|
|
self.change_status()
|
|
|
|
self.run_tcp() if self.protocol in 'st' else self.run_http()
|
|
|
|
self.change_status()
|
|
|
|
|
|
|
|
|
|
|
|
def change_status(self):
|
|
|
|
#print "change status", self.server, self.is_connected
|
|
|
|
self.queue.put(self)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if __name__ == "__main__":
|
|
|
|
|
|
|
|
check_certificates()
|