lukechilds
/
ethminer
mirror of https://github.com/lukechilds/ethminer.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Session id as random number and authentication popup for proxies.

cl-refactor
Christian 10 years ago
parent
78d9e1be94
commit
954d818f30
5 changed files with 35 additions and 31 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 25
      alethzero/OurWebThreeStubServer.cpp
  2. 8
      alethzero/OurWebThreeStubServer.h
  3. 18
      libweb3jsonrpc/AccountHolder.cpp
  4. 13
      libweb3jsonrpc/WebThreeStubServerBase.cpp
  5. 2
      libweb3jsonrpc/WebThreeStubServerBase.h

25
alethzero/OurWebThreeStubServer.cpp
View File

@ -51,22 +51,24 @@ bool OurWebThreeStubServer::showAuthenticationPopup(string const& _title, string
return button == QMessageBox::Ok; return button == QMessageBox::Ok;
} }
bool OurWebThreeStubServer::showCreationNotice(TransactionSkeleton const& _t) const bool OurWebThreeStubServer::showCreationNotice(TransactionSkeleton const& _t, bool _toProxy) const
{ {
return showAuthenticationPopup("Contract Creation Transaction", "ÐApp is attemping to create a contract; to be endowed with " + formatBalance(_t.value) + ", with additional network fees of up to " + formatBalance(_t.gas * _t.gasPrice) + ".\n\nMaximum total cost is <b>" + formatBalance(_t.value + _t.gas * _t.gasPrice) + "</b>."); return showAuthenticationPopup("Contract Creation Transaction", string("ÐApp is attemping to create a contract; ") + (_toProxy ? "(this transaction is not executed directly, but forwarded to another ÐApp) " : "") + "to be endowed with " + formatBalance(_t.value) + ", with additional network fees of up to " + formatBalance(_t.gas * _t.gasPrice) + ".\n\nMaximum total cost is <b>" + formatBalance(_t.value + _t.gas * _t.gasPrice) + "</b>.");
} }
bool OurWebThreeStubServer::showSendNotice(TransactionSkeleton const& _t) const bool OurWebThreeStubServer::showSendNotice(TransactionSkeleton const& _t, bool _toProxy) const
{ {
return showAuthenticationPopup("Fund Transfer Transaction", "ÐApp is attempting to send " + formatBalance(_t.value) + " to a recipient " + m_main->pretty(_t.to).toStdString() + ", with additional network fees of up to " + formatBalance(_t.gas * _t.gasPrice) + ".\n\nMaximum total cost is <b>" + formatBalance(_t.value + _t.gas * _t.gasPrice) + "</b>."); return showAuthenticationPopup("Fund Transfer Transaction", "ÐApp is attempting to send " + formatBalance(_t.value) + " to a recipient " + m_main->pretty(_t.to).toStdString() + (_toProxy ? " (this transaction is not executed directly, but forwarded to another ÐApp)" : "") +
", with additional network fees of up to " + formatBalance(_t.gas * _t.gasPrice) + ".\n\nMaximum total cost is <b>" + formatBalance(_t.value + _t.gas * _t.gasPrice) + "</b>.");
} }
bool OurWebThreeStubServer::showUnknownCallNotice(TransactionSkeleton const& _t) const bool OurWebThreeStubServer::showUnknownCallNotice(TransactionSkeleton const& _t, bool _toProxy) const
{ {
return showAuthenticationPopup("DANGEROUS! Unknown Contract Transaction!", return showAuthenticationPopup("DANGEROUS! Unknown Contract Transaction!",
"ÐApp is attempting to call into an unknown contract at address " + "ÐApp is attempting to call into an unknown contract at address " +
m_main->pretty(_t.to).toStdString() + m_main->pretty(_t.to).toStdString() + ".\n\n" +
".\n\nCall involves sending " + (_toProxy ? "This transaction is not executed directly, but forwarded to another ÐApp.\n\n" : "") +
"Call involves sending " +
formatBalance(_t.value) + " to the recipient, with additional network fees of up to " + formatBalance(_t.value) + " to the recipient, with additional network fees of up to " +
formatBalance(_t.gas * _t.gasPrice) + formatBalance(_t.gas * _t.gasPrice) +
"However, this also does other stuff which we don't understand, and does so in your name.\n\n" + "However, this also does other stuff which we don't understand, and does so in your name.\n\n" +
@ -76,25 +78,25 @@ bool OurWebThreeStubServer::showUnknownCallNotice(TransactionSkeleton const& _t)
"REJECT UNLESS YOU REALLY KNOW WHAT YOU ARE DOING!"); "REJECT UNLESS YOU REALLY KNOW WHAT YOU ARE DOING!");
} }
bool OurWebThreeStubServer::authenticate(TransactionSkeleton const& _t) bool OurWebThreeStubServer::authenticate(TransactionSkeleton const& _t, bool _toProxy)
{ {
if (_t.creation) if (_t.creation)
{ {
// recipient has no code - nothing special about this transaction, show basic value transfer info // recipient has no code - nothing special about this transaction, show basic value transfer info
return showCreationNotice(_t); return showCreationNotice(_t, _toProxy);
} }
h256 contractCodeHash = m_web3->ethereum()->postState().codeHash(_t.to); h256 contractCodeHash = m_web3->ethereum()->postState().codeHash(_t.to);
if (contractCodeHash == EmptySHA3) if (contractCodeHash == EmptySHA3)
{ {
// recipient has no code - nothing special about this transaction, show basic value transfer info // recipient has no code - nothing special about this transaction, show basic value transfer info
return showSendNotice(_t); return showSendNotice(_t, _toProxy);
} }
string userNotice = m_main->natSpec()->getUserNotice(contractCodeHash, _t.data); string userNotice = m_main->natSpec()->getUserNotice(contractCodeHash, _t.data);
if (userNotice.empty()) if (userNotice.empty())
return showUnknownCallNotice(_t); return showUnknownCallNotice(_t, _toProxy);
NatspecExpressionEvaluator evaluator; NatspecExpressionEvaluator evaluator;
userNotice = evaluator.evalExpression(QString::fromStdString(userNotice)).toStdString(); userNotice = evaluator.evalExpression(QString::fromStdString(userNotice)).toStdString();
@ -104,6 +106,7 @@ bool OurWebThreeStubServer::authenticate(TransactionSkeleton const& _t)
"ÐApp attempting to conduct contract interaction with " + "ÐApp attempting to conduct contract interaction with " +
m_main->pretty(_t.to).toStdString() + m_main->pretty(_t.to).toStdString() +
": <b>" + userNotice + "</b>.\n\n" + ": <b>" + userNotice + "</b>.\n\n" +
(_toProxy ? "This transaction is not executed directly, but forwarded to another ÐApp.\n\n" : "") +
(_t.value > 0 ? (_t.value > 0 ?
"In addition, ÐApp is attempting to send " + "In addition, ÐApp is attempting to send " +
formatBalance(_t.value) + " to said recipient, with additional network fees of up to " + formatBalance(_t.value) + " to said recipient, with additional network fees of up to " +

8
alethzero/OurWebThreeStubServer.h
View File

@ -35,16 +35,16 @@ public:
std::vector<dev::KeyPair> const& _accounts, Main* main); std::vector<dev::KeyPair> const& _accounts, Main* main);
virtual std::string shh_newIdentity() override; virtual std::string shh_newIdentity() override;
virtual bool authenticate(dev::eth::TransactionSkeleton const& _t); virtual bool authenticate(dev::eth::TransactionSkeleton const& _t, bool _toProxy);
signals: signals:
void onNewId(QString _s); void onNewId(QString _s);
private: private:
bool showAuthenticationPopup(std::string const& _title, std::string const& _text) const; bool showAuthenticationPopup(std::string const& _title, std::string const& _text) const;
bool showCreationNotice(dev::eth::TransactionSkeleton const& _t) const; bool showCreationNotice(dev::eth::TransactionSkeleton const& _t, bool _toProxy) const;
bool showSendNotice(dev::eth::TransactionSkeleton const& _t) const; bool showSendNotice(dev::eth::TransactionSkeleton const& _t, bool _toProxy) const;
bool showUnknownCallNotice(dev::eth::TransactionSkeleton const& _t) const; bool showUnknownCallNotice(dev::eth::TransactionSkeleton const& _t, bool _toProxy) const;
dev::WebThreeDirect* m_web3; dev::WebThreeDirect* m_web3;
Main* m_main; Main* m_main;

18
libweb3jsonrpc/AccountHolder.cpp
View File

@ -22,14 +22,15 @@
*/ */
#include "AccountHolder.h" #include "AccountHolder.h"
#include <random>
#include <ctime>
#include <libethereum/Client.h> #include <libethereum/Client.h>
using namespace std; using namespace std;
using namespace dev; using namespace dev;
using namespace dev::eth; using namespace dev::eth;
vector<TransactionSkeleton> emptyQueue; vector<TransactionSkeleton> g_emptyQueue;
void AccountHolder::setAccounts(vector<KeyPair> const& _accounts) void AccountHolder::setAccounts(vector<KeyPair> const& _accounts)
{ {
@ -63,12 +64,13 @@ Address const& AccountHolder::getDefaultTransactAccount() const
int AccountHolder::addProxyAccount(const Address& _account) int AccountHolder::addProxyAccount(const Address& _account)
{ {
int const c_id = m_transactionQueues.empty() ? 1 : m_transactionQueues.rbegin()->first + 1; static std::mt19937 s_randomNumberGenerator(time(0));
if (isProxyAccount(_account)) int id = std::uniform_int_distribution<int>(1)(s_randomNumberGenerator);
if (isProxyAccount(_account) || id == 0 || m_transactionQueues.count(id))
return 0; return 0;
m_proxyAccounts.insert(make_pair(_account, c_id)); m_proxyAccounts.insert(make_pair(_account, id));
m_transactionQueues[c_id].first = _account; m_transactionQueues[id].first = _account;
return c_id; return id;
} }
bool AccountHolder::removeProxyAccount(unsigned _id) bool AccountHolder::removeProxyAccount(unsigned _id)
@ -91,7 +93,7 @@ void AccountHolder::queueTransaction(TransactionSkeleton const& _transaction)
vector<TransactionSkeleton> const& AccountHolder::getQueuedTransactions(int _id) const vector<TransactionSkeleton> const& AccountHolder::getQueuedTransactions(int _id) const
{ {
if (!m_transactionQueues.count(_id)) if (!m_transactionQueues.count(_id))
return emptyQueue; return g_emptyQueue;
return m_transactionQueues.at(_id).second; return m_transactionQueues.at(_id).second;
} }

13
libweb3jsonrpc/WebThreeStubServerBase.cpp
View File

@ -41,6 +41,7 @@ using namespace std;
using namespace dev; using namespace dev;
using namespace dev::eth; using namespace dev::eth;
static Json::Value toJson(dev::eth::BlockInfo const& _bi) static Json::Value toJson(dev::eth::BlockInfo const& _bi)
{ {
Json::Value res; Json::Value res;
@ -78,7 +79,7 @@ static Json::Value toJson(dev::eth::TransactionSkeleton const& _t)
Json::Value res; Json::Value res;
res["to"] = toJS(_t.to); res["to"] = toJS(_t.to);
res["from"] = toJS(_t.from); res["from"] = toJS(_t.from);
res["gas"] = (int)_t.gas; res["gas"] = toJS(_t.gas);
res["gasPrice"] = toJS(_t.gasPrice); res["gasPrice"] = toJS(_t.gasPrice);
res["value"] = toJS(_t.value); res["value"] = toJS(_t.value);
res["data"] = jsFromBinary(_t.data); res["data"] = jsFromBinary(_t.data);
@ -709,13 +710,11 @@ std::string WebThreeStubServerBase::eth_transact(Json::Value const& _json)
if (!m_accounts->isRealAccount(t.from)) if (!m_accounts->isRealAccount(t.from))
{ {
if (m_accounts->isProxyAccount(t.from)) if (m_accounts->isProxyAccount(t.from))
{ if (authenticate(t, true))
// todo "authenticate for proxy" m_accounts->queueTransaction(t);
m_accounts->queueTransaction(t);
}
return ret; return ret;
} }
if (authenticate(t)) if (authenticate(t, false))
{ {
if (t.to) if (t.to)
// TODO: from qethereum, insert validification hook here. // TODO: from qethereum, insert validification hook here.
@ -727,7 +726,7 @@ std::string WebThreeStubServerBase::eth_transact(Json::Value const& _json)
return ret; return ret;
} }
bool WebThreeStubServerBase::authenticate(TransactionSkeleton const& _t) bool WebThreeStubServerBase::authenticate(TransactionSkeleton const& _t, bool)
{ {
cwarn << "Silently signing transaction from address" << _t.from.abridged() << ": User validation hook goes here."; cwarn << "Silently signing transaction from address" << _t.from.abridged() << ": User validation hook goes here.";
return true; return true;

2
libweb3jsonrpc/WebThreeStubServerBase.h
View File

@ -136,7 +136,7 @@ public:
std::map<dev::Public, dev::Secret> const& ids() const { return m_ids; } std::map<dev::Public, dev::Secret> const& ids() const { return m_ids; }
protected: protected:
virtual bool authenticate(dev::eth::TransactionSkeleton const& _t); virtual bool authenticate(dev::eth::TransactionSkeleton const& _t, bool _toProxy);
protected: protected:
virtual dev::eth::Interface* client() = 0; virtual dev::eth::Interface* client() = 0;

Write Preview
Loading…
Cancel
Save