sido/node
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

new functions

Browse Source
This commit is contained in:
Arionum
2018-04-26 02:45:09 +03:00
parent 66dee6516a
commit 3898b7c7e0
6 changed files with 34 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
api.php
View File

@@ -71,7 +71,7 @@ OR OTHER DEALINGS IN THE SOFTWARE.
require_once("include/init.inc.php"); require_once("include/init.inc.php");
error_reporting(0); error_reporting(0);
$ip=$_SERVER['REMOTE_ADDR']; $ip=san_ip($_SERVER['REMOTE_ADDR']);
$ip=filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE); $ip=filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE);
if($_config['public_api']==false&&!in_array($ip,$_config['allowed_hosts'])){ if($_config['public_api']==false&&!in_array($ip,$_config['allowed_hosts'])){

11
include/functions.inc.php
View File

@@ -7,6 +7,17 @@ function san($a,$b=""){
return $a; return $a;
} }
function san_ip($a){
$a = preg_replace("/[^a-fA-F0-9\[\]\.\:]/", "", $a);
return $a;
}
function san_host($a){
$a = preg_replace("/[^a-zA-Z0-9\.\-\:\/]/", "", $a);
return $a;
}
// api error and exit // api error and exit
function api_err($data){ function api_err($data){
global $_config; global $_config;

4
include/init.inc.php
View File

@@ -1,6 +1,6 @@
<?php <?php
// ARO version // ARO version
define("VERSION", "0.2b"); define("VERSION", "0.3.0");
// Amsterdam timezone by default, should probably be moved to config // Amsterdam timezone by default, should probably be moved to config
date_default_timezone_set("Europe/Amsterdam"); date_default_timezone_set("Europe/Amsterdam");
@@ -73,7 +73,7 @@ if($_config['dbversion']<2) exit;
if($_config['testnet']==true) $_config['coin'].="-testnet"; if($_config['testnet']==true) $_config['coin'].="-testnet";
// current hostname // current hostname
$hostname=(!empty($_SERVER['HTTPS'])?'https':'http')."://".$_SERVER['HTTP_HOST']; $hostname=(!empty($_SERVER['HTTPS'])?'https':'http')."://".san_host($_SERVER['HTTP_HOST']);
// set the hostname to the current one // set the hostname to the current one
if($hostname!=$_config['hostname']&&$_SERVER['HTTP_HOST']!="localhost"&&$_SERVER['HTTP_HOST']!="127.0.0.1"&&$_SERVER['hostname']!='::1'&&php_sapi_name() !== 'cli' && ($_config['allow_hostname_change']!=false||empty($_config['hostname']))){ if($hostname!=$_config['hostname']&&$_SERVER['HTTP_HOST']!="localhost"&&$_SERVER['HTTP_HOST']!="127.0.0.1"&&$_SERVER['hostname']!='::1'&&php_sapi_name() !== 'cli' && ($_config['allow_hostname_change']!=false||empty($_config['hostname']))){
$db->run("UPDATE config SET val=:hostname WHERE cfg='hostname' LIMIT 1",array(":hostname"=>$hostname)); $db->run("UPDATE config SET val=:hostname WHERE cfg='hostname' LIMIT 1",array(":hostname"=>$hostname));

2
mine.php
View File

@@ -29,7 +29,7 @@ $acc=new Account();
set_time_limit(360); set_time_limit(360);
$q=$_GET['q']; $q=$_GET['q'];
$ip=$_SERVER['REMOTE_ADDR']; $ip=san_ip($_SERVER['REMOTE_ADDR']);
$ip=filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE); $ip=filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE);
// in case of testnet, all IPs are accepted for mining // in case of testnet, all IPs are accepted for mining

6
peer.php
View File

@@ -34,7 +34,7 @@ if(!empty($_POST['data'])){
// make sure it's the same coin and not testnet // make sure it's the same coin and not testnet
if($_POST['coin']!=$_config['coin']) api_err("Invalid coin"); if($_POST['coin']!=$_config['coin']) api_err("Invalid coin");
$ip=$_SERVER['REMOTE_ADDR']; $ip=san_ip($_SERVER['REMOTE_ADDR']);
$ip=filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE); $ip=filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE);
// peer with the current node // peer with the current node
@@ -43,7 +43,7 @@ if($q=="peer"){
$hostname = filter_var($data['hostname'], FILTER_SANITIZE_URL); $hostname = filter_var($data['hostname'], FILTER_SANITIZE_URL);
if (!filter_var($hostname, FILTER_VALIDATE_URL)) api_err("invalid-hostname"); if (!filter_var($hostname, FILTER_VALIDATE_URL)) api_err("invalid-hostname");
$hostname=san_host($hostname);
// if it's already peered, only repeer on request // if it's already peered, only repeer on request
$res=$db->single("SELECT COUNT(1) FROM peers WHERE hostname=:hostname AND ip=:ip",array(":hostname"=>$hostname,":ip"=>$ip)); $res=$db->single("SELECT COUNT(1) FROM peers WHERE hostname=:hostname AND ip=:ip",array(":hostname"=>$hostname,":ip"=>$ip));
if($res==1){ if($res==1){
@@ -156,7 +156,7 @@ elseif($q=="submitBlock"){
$pr=$db->row("SELECT * FROM peers WHERE ip=:ip",array(":ip"=>$ip)); $pr=$db->row("SELECT * FROM peers WHERE ip=:ip",array(":ip"=>$ip));
if(!$pr) api_err("block-too-old"); if(!$pr) api_err("block-too-old");
$peer_host=base58_encode($pr['hostname']); $peer_host=base58_encode($pr['hostname']);
$pr['ip']=escapeshellcmd($pr['ip']); $pr['ip']=escapeshellcmd(san_ip($pr['ip']));
system("php propagate.php block current '$peer_host' '$pr[ip]' > /dev/null 2>&1 &"); system("php propagate.php block current '$peer_host' '$pr[ip]' > /dev/null 2>&1 &");
_log('['.$ip."] block too old, sending our current block - $data[height]"); _log('['.$ip."] block too old, sending our current block - $data[height]");

19
sanity.php
View File

@@ -81,6 +81,8 @@ do {
$data=peer_post($url."getBlock",array("height"=>$current['height'])); $data=peer_post($url."getBlock",array("height"=>$current['height']));
if(!$data) {echo "Invalid getBlock result\n"; break; } if(!$data) {echo "Invalid getBlock result\n"; break; }
$data['id']=san($data['id']);
$data['height']=san($data['height']);
// nothing to be done, same blockchain // nothing to be done, same blockchain
if($data['id']==$current['id']) {echo "Same block\n"; break;} if($data['id']==$current['id']) {echo "Same block\n"; break;}
@@ -166,8 +168,8 @@ if($total_peers==0&&$_config['testnet']==false){
if(count($f)<2){ @unlink("tmp/sanity-lock"); die("Could nto connect to arionum.com! Will try later!\n"); } if(count($f)<2){ @unlink("tmp/sanity-lock"); die("Could nto connect to arionum.com! Will try later!\n"); }
foreach($f as $peer){ foreach($f as $peer){
//peer with all until max_peers, this will ask them to send a peering request to our peer.php where we add their peer to the db. //peer with all until max_peers, this will ask them to send a peering request to our peer.php where we add their peer to the db.
$peer=trim($peer); $peer=trim(san_host($peer));
$bad_peers=array("127.0.0.1","localhost"); $bad_peers=array("127.0.0.1","localhost","10.0.0","192.168.0");
if(str_replace($bad_peers,"",$peer)!=$peer) continue; if(str_replace($bad_peers,"",$peer)!=$peer) continue;
$peer = filter_var($peer, FILTER_SANITIZE_URL); $peer = filter_var($peer, FILTER_SANITIZE_URL);
if (!filter_var($peer, FILTER_VALIDATE_URL)) continue; if (!filter_var($peer, FILTER_VALIDATE_URL)) continue;
@@ -207,11 +209,13 @@ foreach($r as $x){
$i=0; $i=0;
foreach($data as $peer){ foreach($data as $peer){
// store the hostname as md5 hash, for easier checking // store the hostname as md5 hash, for easier checking
$peer['hostname']=san_host($peer['hostname']);
$peer['ip']=san_ip($peer['ip']);
$pid=md5($peer['hostname']); $pid=md5($peer['hostname']);
// do not peer if we are already peered // do not peer if we are already peered
if($peered[$pid]==1) continue; if($peered[$pid]==1) continue;
$peered[$pid]=1; $peered[$pid]=1;
$bad_peers=array("127.0.0.1","localhost"); $bad_peers=array("127.0.0.1","localhost","10.0.0.","192.168.0.");
if(str_replace($bad_peers,"",$peer['hostname'])!=$peer['hostname']) continue; if(str_replace($bad_peers,"",$peer['hostname'])!=$peer['hostname']) continue;
// if it's our hostname, ignore // if it's our hostname, ignore
if($peer['hostname']==$_config['hostname']) continue; if($peer['hostname']==$_config['hostname']) continue;
@@ -242,6 +246,9 @@ foreach($r as $x){
if($data===false) continue; if($data===false) continue;
// peer was responsive, mark it as good // peer was responsive, mark it as good
if($x['fails']>0) $db->run("UPDATE peers SET fails=0 WHERE id=:id",array(":id"=>$x['id'])); if($x['fails']>0) $db->run("UPDATE peers SET fails=0 WHERE id=:id",array(":id"=>$x['id']));
$data['id']=san($data['id']);
$data['height']=san($data['height']);
if($data['height']<$current['height']-500) { if($data['height']<$current['height']-500) {
$db->run("UPDATE peers SET stuckfail=stuckfail+1, blacklisted=UNIX_TIMESTAMP()+7200 WHERE id=:id",array(":id"=>$x['id'])); $db->run("UPDATE peers SET stuckfail=stuckfail+1, blacklisted=UNIX_TIMESTAMP()+7200 WHERE id=:id",array(":id"=>$x['id']));
continue; continue;
@@ -318,6 +325,9 @@ if($current['height']<$largest_height&&$largest_height>1){
$data=peer_post($url."getBlock",array("height"=>$current['height']),60); $data=peer_post($url."getBlock",array("height"=>$current['height']),60);
// invalid data // invalid data
if($data===false){ _log("Could not get block from $host - $current[height]"); continue; } if($data===false){ _log("Could not get block from $host - $current[height]"); continue; }
$data['id']=san($data['id']);
$data['height']=san($data['height']);
// if we're not on the same blockchain but the blockchain is most common with over 90% of the peers, delete the last 3 blocks and retry // if we're not on the same blockchain but the blockchain is most common with over 90% of the peers, delete the last 3 blocks and retry
if($data['id']!=$current['id']&&$data['id']==$most_common&&($most_common_size/$total_active_peers)>0.90){ if($data['id']!=$current['id']&&$data['id']==$most_common&&($most_common_size/$total_active_peers)>0.90){
$block->delete($current['height']-3); $block->delete($current['height']-3);
@@ -369,6 +379,9 @@ if($current['height']<$largest_height&&$largest_height>1){
if($data===false){_log("Could not get blocks from $host - height: $current[height]"); break; } if($data===false){_log("Could not get blocks from $host - height: $current[height]"); break; }
$good_peer=true; $good_peer=true;
foreach($data as $b){ foreach($data as $b){
$b['id']=san($b['id']);
$b['height']=san($b['height']);
if(!$block->check($b)){ if(!$block->check($b)){
_log("Block check: could not add block - $b[id] - $b[height]"); _log("Block check: could not add block - $b[id] - $b[height]");
$good_peer=false; $good_peer=false;