# along with this program. If not, see <http://www.gnu.org/licenses/>.
-import random, socket, ast, re
+import random, ast, re, errno, os
import threading, traceback, sys, time, json, Queue
+import socks
+import socket
+import ssl
-from version import ELECTRUM_VERSION
+from version import ELECTRUM_VERSION, PROTOCOL_VERSION
+from util import print_error, print_msg
+from simple_config import SimpleConfig
+
+import x509
DEFAULT_TIMEOUT = 5
-DEFAULT_SERVERS = [ 'ecdsa.org:50001:t',
- 'electrum.novit.ro:50001:t',
- 'uncle-enzo.info:50001:t',
- 'electrum.bytesized-hosting.com:50000:t'] # list of default servers
-
-
-def replace_keys(obj, old_key, new_key):
- if isinstance(obj, dict):
- if old_key in obj:
- obj[new_key] = obj[old_key]
- del obj[old_key]
- for elem in obj.itervalues():
- replace_keys(elem, old_key, new_key)
- elif isinstance(obj, list):
- for elem in obj:
- replace_keys(elem, old_key, new_key)
-
-def old_to_new(d):
- replace_keys(d, 'blk_hash', 'block_hash')
- replace_keys(d, 'pos', 'index')
- replace_keys(d, 'nTime', 'timestamp')
- replace_keys(d, 'is_in', 'is_input')
- replace_keys(d, 'raw_scriptPubKey', 'raw_output_script')
+proxy_modes = ['socks4', 'socks5', 'http']
+
+
+
+
+def cert_verify_hostname(s):
+ # hostname verification (disabled)
+ from backports.ssl_match_hostname import match_hostname, CertificateError
+ try:
+ match_hostname(s.getpeercert(True), host)
+ print_error("hostname matches", host)
+ except CertificateError, ce:
+ print_error("hostname did not match", host)
+
class Interface(threading.Thread):
- def __init__(self, host, port):
+
+
+ def __init__(self, server, config = None):
+
threading.Thread.__init__(self)
self.daemon = True
- self.host = host
- self.port = port
+ self.config = config if config is not None else SimpleConfig()
+ self.connect_event = threading.Event()
+
+ self.subscriptions = {}
+ self.lock = threading.Lock()
- self.servers = [] # actual list from IRC
self.rtime = 0
self.bytes_received = 0
-
- self.is_connected = True
+ self.is_connected = False
self.poll_interval = 1
+ self.debug = False # dump network messages. can be changed at runtime using the console
+
#json
self.message_id = 0
- self.responses = Queue.Queue()
self.unanswered_requests = {}
- def init_socket(self):
- pass
+ # parse server
+ self.server = server
+ try:
+ host, port, protocol = self.server.split(':')
+ port = int(port)
+ except Exception:
+ self.server = None
+ return
+
+ if protocol not in 'ghst':
+ raise Exception('Unknown protocol: %s'%protocol)
+
+ self.host = host
+ self.port = port
+ self.protocol = protocol
+ self.use_ssl = ( protocol in 'sg' )
+ self.proxy = self.parse_proxy_options(self.config.get('proxy'))
+ if self.proxy:
+ self.proxy_mode = proxy_modes.index(self.proxy["mode"]) + 1
+
+
+
- def poke(self):
- # push a fake response so that the getting thread exits its loop
- self.responses.put(None)
def queue_json_response(self, c):
- #print "<--",c
+ # uncomment to debug
+ if self.debug:
+ print_error( "<--",c )
+
msg_id = c.get('id')
error = c.get('error')
if error:
- print "received error:", c
+ print_error("received error:", c)
+ if msg_id is not None:
+ with self.lock:
+ method, params, callback = self.unanswered_requests.pop(msg_id)
+ callback(self,{'method':method, 'params':params, 'error':error, 'id':msg_id})
+
return
if msg_id is not None:
- method, params = self.unanswered_requests.pop(msg_id)
+ with self.lock:
+ method, params, callback = self.unanswered_requests.pop(msg_id)
result = c.get('result')
+
else:
# notification
method = c.get('method')
result = params[0]
params = []
+ elif method == 'blockchain.headers.subscribe':
+ result = params[0]
+ params = []
+
elif method == 'blockchain.address.subscribe':
addr = params[0]
result = params[1]
params = [addr]
- self.responses.put({'method':method, 'params':params, 'result':result})
-
-
+ with self.lock:
+ for k,v in self.subscriptions.items():
+ if (method, params) in v:
+ callback = k
+ break
+ else:
+ print_error( "received unexpected notification", method, params)
+ print_error( self.subscriptions )
+ return
- def subscribe(self, addresses):
- messages = []
- for addr in addresses:
- messages.append(('blockchain.address.subscribe', [addr]))
- self.send(messages)
+ callback(self, {'method':method, 'params':params, 'result':result, 'id':msg_id})
+ def on_version(self, i, result):
+ self.server_version = result
-class PollingInterface(Interface):
- """ non-persistent connection. synchronous calls"""
- def __init__(self, host, port):
- Interface.__init__(self, host, port)
+ def start_http(self):
self.session_id = None
+ self.is_connected = True
+ self.connection_msg = ('https' if self.use_ssl else 'http') + '://%s:%d'%( self.host, self.port )
+ try:
+ self.poll()
+ except Exception:
+ print_error("http init session failed")
+ self.is_connected = False
+ return
- def get_history(self, address):
- self.send([('blockchain.address.get_history', [address] )])
-
- def poll(self):
- pass
- #if is_new or wallet.remote_url:
- # self.was_updated = True
- # is_new = wallet.synchronize()
- # wallet.update_tx_history()
- # wallet.save()
- # return is_new
- #else:
- # return False
+ if self.session_id:
+ print_error('http session:',self.session_id)
+ self.is_connected = True
+ else:
+ self.is_connected = False
- def run(self):
+ def run_http(self):
self.is_connected = True
while self.is_connected:
try:
break
except socket.error:
break
- except:
+ except Exception:
traceback.print_exc(file=sys.stdout)
break
self.is_connected = False
- self.poke()
-
-
-
-
-
-
-
-class HttpStratumInterface(PollingInterface):
-
def poll(self):
- self.send([])
+ self.send([], None)
- def send(self, messages):
+
+ def send_http(self, messages, callback):
import urllib2, json, time, cookielib
+ print_error( "send_http", messages )
+
+ if self.proxy:
+ socks.setdefaultproxy(self.proxy_mode, self.proxy["host"], int(self.proxy["port"]) )
+ socks.wrapmodule(urllib2)
cj = cookielib.CookieJar()
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cj))
t1 = time.time()
data = []
+ ids = []
for m in messages:
method, params = m
if type(params) != type([]): params = [params]
data.append( { 'method':method, 'id':self.message_id, 'params':params } )
- self.unanswered_requests[self.message_id] = method, params
+ self.unanswered_requests[self.message_id] = method, params, callback
+ ids.append(self.message_id)
self.message_id += 1
if data:
# poll with GET
data_json = None
- host = 'http://%s:%d'%( self.host, self.port )
+
headers = {'content-type': 'application/json'}
if self.session_id:
headers['cookie'] = 'SESSION=%s'%self.session_id
- req = urllib2.Request(host, data_json, headers)
- response_stream = urllib2.urlopen(req)
+ try:
+ req = urllib2.Request(self.connection_msg, data_json, headers)
+ response_stream = urllib2.urlopen(req, timeout=DEFAULT_TIMEOUT)
+ except Exception:
+ return
for index, cookie in enumerate(cj):
if cookie.name=='SESSION':
self.rtime = time.time() - t1
self.is_connected = True
+ return ids
+
+
+ def start_tcp(self):
+ self.connection_msg = self.host + ':%d' % self.port
-class TcpStratumInterface(Interface):
- """json-rpc over persistent TCP connection, asynchronous"""
+ if self.proxy is not None:
- def __init__(self, host, port):
- Interface.__init__(self, host, port)
+ socks.setdefaultproxy(self.proxy_mode, self.proxy["host"], int(self.proxy["port"]))
+ socket.socket = socks.socksocket
+ # prevent dns leaks, see http://stackoverflow.com/questions/13184205/dns-over-proxy
+ def getaddrinfo(*args):
+ return [(socket.AF_INET, socket.SOCK_STREAM, 6, '', (args[0], args[1]))]
+ socket.getaddrinfo = getaddrinfo
+
+ if self.use_ssl:
+ cert_path = os.path.join( self.config.path, 'certs', self.host)
+
+ if not os.path.exists(cert_path):
+ is_new = True
+ # get server certificate.
+ # Do not use ssl.get_server_certificate because it does not work with proxy
+ try:
+ l = socket.getaddrinfo(self.host, self.port, socket.AF_UNSPEC, socket.SOCK_STREAM)
+ except socket.gaierror:
+ print_error("error: cannot resolve", self.host)
+ return
+
+ for res in l:
+ try:
+ s = socket.socket( res[0], socket.SOCK_STREAM )
+ s.connect(res[4])
+ except:
+ s = None
+ continue
+
+ try:
+ s = ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_SSLv3, cert_reqs=ssl.CERT_NONE, ca_certs=None)
+ except ssl.SSLError, e:
+ print_error("SSL error retrieving SSL certificate:", self.host, e)
+ s = None
+
+ break
+
+ if s is None:
+ return
+
+ dercert = s.getpeercert(True)
+ s.close()
+ cert = ssl.DER_cert_to_PEM_cert(dercert)
+ # workaround android bug
+ cert = re.sub("([^\n])-----END CERTIFICATE-----","\\1\n-----END CERTIFICATE-----",cert)
+ temporary_path = cert_path + '.temp'
+ with open(temporary_path,"w") as f:
+ f.write(cert)
+
+ else:
+ is_new = False
- def init_socket(self):
- self.s = socket.socket( socket.AF_INET, socket.SOCK_STREAM )
- self.s.settimeout(60)
- self.s.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
try:
- self.s.connect(( self.host, self.port))
- self.is_connected = True
- self.send([('server.version', [ELECTRUM_VERSION])])
- print "Connected to %s:%d"%(self.host,self.port)
- except:
- self.is_connected = False
- print "Not connected"
+ addrinfo = socket.getaddrinfo(self.host, self.port, socket.AF_UNSPEC, socket.SOCK_STREAM)
+ except socket.gaierror:
+ print_error("error: cannot resolve", self.host)
+ return
- def run(self):
+ for res in addrinfo:
+ try:
+ s = socket.socket( res[0], socket.SOCK_STREAM )
+ s.settimeout(2)
+ s.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
+ s.connect(res[4])
+ except:
+ s = None
+ continue
+ break
+
+ if s is None:
+ print_error("failed to connect", self.host, self.port)
+ return
+
+ if self.use_ssl:
+ try:
+ s = ssl.wrap_socket(s,
+ ssl_version=ssl.PROTOCOL_SSLv3,
+ cert_reqs=ssl.CERT_REQUIRED,
+ ca_certs= (temporary_path if is_new else cert_path),
+ do_handshake_on_connect=True)
+ except ssl.SSLError, e:
+ print_error("SSL error:", self.host, e)
+ if e.errno != 1:
+ return
+ if is_new:
+ rej = cert_path + '.rej'
+ if os.path.exists(rej):
+ os.unlink(rej)
+ os.rename(temporary_path, rej)
+ else:
+ with open(cert_path) as f:
+ cert = f.read()
+ try:
+ x = x509.X509()
+ x.parse(cert)
+ x.slow_parse()
+ except:
+ traceback.print_exc(file=sys.stdout)
+ print_error("wrong certificate", self.host)
+ return
+ try:
+ x.check_date()
+ except:
+ print_error("certificate has expired:", cert_path)
+ os.unlink(cert_path)
+ return
+ print_error("wrong certificate", self.host)
+ return
+ except Exception:
+ print_error("wrap_socket failed", self.host)
+ traceback.print_exc(file=sys.stdout)
+ return
+
+ if is_new:
+ print_error("saving certificate for", self.host)
+ os.rename(temporary_path, cert_path)
+
+ s.settimeout(60)
+ self.s = s
+ self.is_connected = True
+ print_error("connected to", self.host, self.port)
+
+
+ def run_tcp(self):
try:
+ #if self.use_ssl: self.s.do_handshake()
out = ''
while self.is_connected:
- try: msg = self.s.recv(1024)
+ try:
+ timeout = False
+ msg = self.s.recv(1024)
except socket.timeout:
+ timeout = True
+ except ssl.SSLError:
+ timeout = True
+ except socket.error, err:
+ if err.errno == 60:
+ timeout = True
+ elif err.errno in [11, 10035]:
+ print_error("socket errno", err.errno)
+ time.sleep(0.1)
+ continue
+ else:
+ traceback.print_exc(file=sys.stdout)
+ raise
+
+ if timeout:
# ping the server with server.version, as a real ping does not exist yet
- self.send([('server.version', [ELECTRUM_VERSION])])
+ self.send([('server.version', [ELECTRUM_VERSION, PROTOCOL_VERSION])], self.on_version)
continue
+
out += msg
self.bytes_received += len(msg)
if msg == '':
self.is_connected = False
- print "disconnected."
while True:
s = out.find('\n')
c = json.loads(c)
self.queue_json_response(c)
- except:
+ except Exception:
traceback.print_exc(file=sys.stdout)
self.is_connected = False
- print "poking"
- self.poke()
- def send(self, messages):
+
+ def send_tcp(self, messages, callback):
+ """return the ids of the requests that we sent"""
out = ''
+ ids = []
for m in messages:
method, params = m
request = json.dumps( { 'id':self.message_id, 'method':method, 'params':params } )
- self.unanswered_requests[self.message_id] = method, params
- #print "-->",request
+ self.unanswered_requests[self.message_id] = method, params, callback
+ ids.append(self.message_id)
+ if self.debug:
+ print "-->", request
self.message_id += 1
out += request + '\n'
-
while out:
- sent = self.s.send( out )
- out = out[sent:]
+ try:
+ sent = self.s.send( out )
+ out = out[sent:]
+ except socket.error,e:
+ if e[0] in (errno.EWOULDBLOCK,errno.EAGAIN):
+ print_error( "EAGAIN: retrying")
+ time.sleep(0.1)
+ continue
+ else:
+ traceback.print_exc(file=sys.stdout)
+ # this happens when we get disconnected
+ print_error( "Not connected, cannot send" )
+ return None
+ return ids
- def get_history(self, addr):
- self.send([('blockchain.address.get_history', [addr])])
+ def start_interface(self):
-class WalletSynchronizer(threading.Thread):
+ if self.protocol in 'st':
+ self.start_tcp()
+ elif self.protocol in 'gh':
+ self.start_http()
- def __init__(self, wallet, loop=False):
- threading.Thread.__init__(self)
- self.daemon = True
- self.wallet = wallet
- self.loop = loop
- self.init_interface()
+ self.connect_event.set()
- def init_interface(self):
- try:
- host, port, protocol = self.wallet.server.split(':')
- port = int(port)
- except:
- self.wallet.pick_random_server()
- host, port, protocol = self.wallet.server.split(':')
- port = int(port)
- #print protocol, host, port
- if protocol == 't':
- InterfaceClass = TcpStratumInterface
- elif protocol == 'h':
- InterfaceClass = HttpStratumInterface
- else:
- print "unknown protocol"
- InterfaceClass = TcpStratumInterface
- self.interface = InterfaceClass(host, port)
- self.wallet.interface = self.interface
+ def stop_subscriptions(self):
+ for callback in self.subscriptions.keys():
+ callback(self, None)
+ self.subscriptions = {}
- def handle_response(self, r):
- if r is None:
- return
+ def send(self, messages, callback):
- method = r['method']
- params = r['params']
- result = r['result']
-
- if method == 'server.banner':
- self.wallet.banner = result
- self.wallet.was_updated = True
-
- elif method == 'server.peers.subscribe':
- servers = []
- for item in result:
- s = []
- host = item[1]
- ports = []
- if len(item)>2:
- for v in item[2]:
- if re.match("[th]\d+",v):
- ports.append((v[0],v[1:]))
- if ports:
- servers.append( (host, ports) )
- self.interface.servers = servers
-
- elif method == 'blockchain.address.subscribe':
- addr = params[0]
- self.wallet.receive_status_callback(addr, result)
-
- elif method == 'blockchain.address.get_history':
- addr = params[0]
- self.wallet.receive_history_callback(addr, result)
- self.wallet.was_updated = True
-
- elif method == 'blockchain.transaction.broadcast':
- self.wallet.tx_result = result
- self.wallet.tx_event.set()
-
- elif method == 'blockchain.numblocks.subscribe':
- self.wallet.blocks = result
- self.wallet.was_updated = True
-
- elif method == 'server.version':
- pass
+ sub = []
+ for message in messages:
+ m, v = message
+ if m[-10:] == '.subscribe':
+ sub.append(message)
+ if sub:
+ with self.lock:
+ if self.subscriptions.get(callback) is None:
+ self.subscriptions[callback] = []
+ for message in sub:
+ if message not in self.subscriptions[callback]:
+ self.subscriptions[callback].append(message)
+
+ if not self.is_connected:
+ print_error("interface: trying to send while not connected")
+ return
+
+ if self.protocol in 'st':
+ with self.lock:
+ out = self.send_tcp(messages, callback)
+ else:
+ # do not use lock, http is synchronous
+ out = self.send_http(messages, callback)
+
+ return out
+
+
+ def parse_proxy_options(self, s):
+ if type(s) == type({}): return s # fixme: type should be fixed
+ if type(s) != type(""): return None
+ if s.lower() == 'none': return None
+ proxy = { "mode":"socks5", "host":"localhost" }
+ args = s.split(':')
+ n = 0
+ if proxy_modes.count(args[n]) == 1:
+ proxy["mode"] = args[n]
+ n += 1
+ if len(args) > n:
+ proxy["host"] = args[n]
+ n += 1
+ if len(args) > n:
+ proxy["port"] = args[n]
else:
- print "unknown message:", method, params, result
+ proxy["port"] = "8080" if proxy["mode"] == "http" else "1080"
+ return proxy
- def start_interface(self):
- self.interface.init_socket()
- self.interface.start()
- if self.interface.is_connected:
- self.wallet.start_session(self.interface)
+ def stop(self):
+ if self.is_connected and self.protocol in 'st' and self.s:
+ self.s.shutdown(socket.SHUT_RDWR)
+ self.s.close()
+ self.is_connected = False
- def run(self):
- import socket, time
- self.start_interface()
- while True:
- while self.interface.is_connected:
- new_addresses = self.wallet.synchronize()
- if new_addresses:
- self.interface.subscribe(new_addresses)
-
- if self.wallet.is_up_to_date():
- if not self.wallet.up_to_date:
- self.wallet.up_to_date = True
- self.wallet.was_updated = True
- self.wallet.up_to_date_event.set()
- else:
- if self.wallet.up_to_date:
- self.wallet.up_to_date = False
- self.wallet.was_updated = True
-
- if self.wallet.was_updated:
- self.wallet.gui_callback()
- self.wallet.was_updated = False
-
- response = self.interface.responses.get()
- self.handle_response(response)
-
- self.wallet.gui_callback()
- if self.loop:
- time.sleep(5)
- self.init_interface()
- self.start_interface()
- continue
- else:
- break
+
+ def is_up_to_date(self):
+ return self.unanswered_requests == {}
+ def start(self, queue = None, wait = False):
+ if not self.server:
+ return
+ self.queue = queue if queue else Queue.Queue()
+ threading.Thread.start(self)
+ if wait:
+ self.connect_event.wait()
+
+
+ def run(self):
+ self.start_interface()
+ if self.is_connected:
+ self.send([('server.version', [ELECTRUM_VERSION, PROTOCOL_VERSION])], self.on_version)
+ self.change_status()
+ self.run_tcp() if self.protocol in 'st' else self.run_http()
+ self.change_status()
+
+
+ def change_status(self):
+ #print "change status", self.server, self.is_connected
+ self.queue.put(self)
+
+
+ def synchronous_get(self, requests, timeout=100000000):
+ queue = Queue.Queue()
+ ids = self.send(requests, lambda i,r: queue.put(r))
+ id2 = ids[:]
+ res = {}
+ while ids:
+ r = queue.get(True, timeout)
+ _id = r.get('id')
+ if _id in ids:
+ ids.remove(_id)
+ res[_id] = r.get('result')
+ out = []
+ for _id in id2:
+ out.append(res[_id])
+ return out
+
+
+
+
+def check_cert(host, cert):
+ try:
+ x = x509.X509()
+ x.parse(cert)
+ x.slow_parse()
+ except:
+ traceback.print_exc(file=sys.stdout)
+ return
+
+ try:
+ x.check_date()
+ expired = False
+ except:
+ expired = True
+
+ m = "host: %s\n"%host
+ m += "has_expired: %s\n"% expired
+ print_msg(m)
+
+
+def test_certificates():
+ config = SimpleConfig()
+ mydir = os.path.join(config.path, "certs")
+ certs = os.listdir(mydir)
+ for c in certs:
+ print c
+ p = os.path.join(mydir,c)
+ with open(p) as f:
+ cert = f.read()
+ check_cert(c, cert)
+
+if __name__ == "__main__":
+ test_certificates()