diff --git a/blocking.py b/blocking.py index 2902af43f..86a6c052d 100644 --- a/blocking.py +++ b/blocking.py @@ -186,12 +186,27 @@ def updateBlockedCache(baseDir: str, return blockedCacheLastUpdated with open(globalBlockingFilename, 'r') as fpBlocked: blockedLines = fpBlocked.readlines() + # remove newlines + for index in range(len(blockedLines)): + blockedLines[index] = blockedLines[index].replace('\n', '') + # update the cache blockedCache.clear() - for line in blockedLines: - blockedCache.append(line.replace('\n', '')) + blockedCache += blockedLines return currTime +def _getShortDomain(domain: str) -> str: + """ by checking a shorter version we can thwart adversaries + who constantly change their subdomain + e.g. subdomain123.mydomain.com becomes mydomain.com + """ + sections = domain.split('.') + noOfSections = len(sections) + if noOfSections > 2: + return sections[noOfSections-2] + '.' + sections[-1] + return None + + def isBlockedDomain(baseDir: str, domain: str, blockedCache: [] = None) -> bool: """Is the given domain blocked? @@ -202,13 +217,7 @@ def isBlockedDomain(baseDir: str, domain: str, if isEvil(domain): return True - # by checking a shorter version we can thwart adversaries - # who constantly change their subdomain - sections = domain.split('.') - noOfSections = len(sections) - shortDomain = None - if noOfSections > 2: - shortDomain = domain[noOfSections-2] + '.' + domain[noOfSections-1] + shortDomain = _getShortDomain(domain) if not brochModeIsActive(baseDir): if blockedCache: @@ -243,31 +252,58 @@ def isBlockedDomain(baseDir: str, domain: str, def isBlocked(baseDir: str, nickname: str, domain: str, - blockNickname: str, blockDomain: str) -> bool: + blockNickname: str, blockDomain: str, + blockedCache: [] = None) -> bool: """Is the given nickname blocked? """ if isEvil(blockDomain): return True - globalBlockingFilename = baseDir + '/accounts/blocking.txt' - if os.path.isfile(globalBlockingFilename): - if '*@' + blockDomain in open(globalBlockingFilename).read(): - return True - if blockNickname: - blockHandle = blockNickname + '@' + blockDomain - if blockHandle in open(globalBlockingFilename).read(): + + blockHandle = None + if blockNickname and blockDomain: + blockHandle = blockNickname + '@' + blockDomain + + if not brochModeIsActive(baseDir): + # instance level block list + if blockedCache: + for blockedStr in blockedCache: + if '*@' + domain in blockedStr: + return True + if blockHandle: + if blockHandle in blockedStr: + return True + else: + globalBlockingFilename = baseDir + '/accounts/blocking.txt' + if os.path.isfile(globalBlockingFilename): + if '*@' + blockDomain in open(globalBlockingFilename).read(): + return True + if blockHandle: + if blockHandle in open(globalBlockingFilename).read(): + return True + else: + # instance allow list + allowFilename = baseDir + '/accounts/allowedinstances.txt' + shortDomain = _getShortDomain(blockDomain) + if not shortDomain: + if blockDomain not in open(allowFilename).read(): return True - allowFilename = baseDir + '/accounts/' + \ - nickname + '@' + domain + '/allowedinstances.txt' + else: + if shortDomain not in open(allowFilename).read(): + return True + + # account level allow list + accountDir = baseDir + '/accounts/' + nickname + '@' + domain + allowFilename = accountDir + '/allowedinstances.txt' if os.path.isfile(allowFilename): if blockDomain not in open(allowFilename).read(): return True - blockingFilename = baseDir + '/accounts/' + \ - nickname + '@' + domain + '/blocking.txt' + + # account level block list + blockingFilename = accountDir + '/blocking.txt' if os.path.isfile(blockingFilename): if '*@' + blockDomain in open(blockingFilename).read(): return True - if blockNickname: - blockHandle = blockNickname + '@' + blockDomain + if blockHandle: if blockHandle in open(blockingFilename).read(): return True return False diff --git a/city.py b/city.py index 8edf14e1b..1726966d3 100644 --- a/city.py +++ b/city.py @@ -130,6 +130,7 @@ def _getCityPulse(currTimeOfDay, decoySeed: int) -> (float, float): def parseNogoString(nogoLine: str) -> []: """Parses a line from locations_nogo.txt and returns the polygon """ + nogoLine = nogoLine.replace('\n', '').replace('\r', '') polygonStr = nogoLine.split(':', 1)[1] if ';' in polygonStr: pts = polygonStr.split(';') diff --git a/daemon.py b/daemon.py index b53021918..223eace39 100644 --- a/daemon.py +++ b/daemon.py @@ -1277,6 +1277,13 @@ class PubServer(BaseHTTPRequestHandler): beginSaveTime = time.time() # save the json for later queue processing messageBytesDecoded = messageBytes.decode('utf-8') + + self.server.blockedCacheLastUpdated = \ + updateBlockedCache(self.server.baseDir, + self.server.blockedCache, + self.server.blockedCacheLastUpdated, + self.server.blockedCacheUpdateSecs) + queueFilename = \ savePostToInboxQueue(self.server.baseDir, self.server.httpPrefix, @@ -1286,7 +1293,8 @@ class PubServer(BaseHTTPRequestHandler): messageBytesDecoded, headersDict, self.path, - self.server.debug) + self.server.debug, + self.server.blockedCache) if queueFilename: # add json to the queue if queueFilename not in self.server.inboxQueue: @@ -14833,7 +14841,10 @@ class EpicyonServer(ThreadingHTTPServer): if e.errno != errno.ECONNRESET: print('ERROR: (EpicyonServer) ' + str(cls) + ", " + str(e)) pass + elif cls is BrokenPipeError: + pass else: + print('ERROR: (EpicyonServer) ' + str(cls) + ", " + str(e)) return HTTPServer.handle_error(self, request, client_address) diff --git a/inbox.py b/inbox.py index f73a9eae1..9e9751f26 100644 --- a/inbox.py +++ b/inbox.py @@ -353,7 +353,8 @@ def savePostToInboxQueue(baseDir: str, httpPrefix: str, originalPostJsonObject: {}, messageBytes: str, httpHeaders: {}, - postPath: str, debug: bool) -> str: + postPath: str, debug: bool, + blockedCache: []) -> str: """Saves the give json to the inbox queue for the person keyId specifies the actor sending the post """ @@ -384,7 +385,8 @@ def savePostToInboxQueue(baseDir: str, httpPrefix: str, pprint(postJsonObject) print('No post Domain in actor') return None - if isBlocked(baseDir, nickname, domain, postNickname, postDomain): + if isBlocked(baseDir, nickname, domain, + postNickname, postDomain, blockedCache): if debug: print('DEBUG: post from ' + postNickname + ' blocked') return None @@ -398,7 +400,7 @@ def savePostToInboxQueue(baseDir: str, httpPrefix: str, postJsonObject['object']['inReplyTo'] replyDomain, replyPort = \ getDomainFromActor(inReplyTo) - if isBlockedDomain(baseDir, replyDomain): + if isBlockedDomain(baseDir, replyDomain, blockedCache): if debug: print('WARN: post contains reply from ' + str(actor) + @@ -409,7 +411,8 @@ def savePostToInboxQueue(baseDir: str, httpPrefix: str, getNicknameFromActor(inReplyTo) if replyNickname and replyDomain: if isBlocked(baseDir, nickname, domain, - replyNickname, replyDomain): + replyNickname, replyDomain, + blockedCache): if debug: print('WARN: post contains reply from ' + str(actor) +