tnetwork: harden against eclipse attacks - electrum - Electrum Bitcoin wallet
HTML git clone https://git.parazyd.org/electrum
DIR Log
DIR Files
DIR Refs
DIR Submodules
---
DIR commit a2bffb9137ae1aaa0edf628cf767ca6f53332def
DIR parent baa02936207e5fdfbad446bf635d5d032f7cb398
HTML Author: SomberNight <somber.night@protonmail.com>
Date: Thu, 27 Jun 2019 19:10:25 +0200
network: harden against eclipse attacks
Diffstat:
M electrum/network.py | 20 +++++++++++++-------
1 file changed, 13 insertions(+), 7 deletions(-)
---
DIR diff --git a/electrum/network.py b/electrum/network.py
t@@ -476,20 +476,26 @@ class Network(Logger):
@with_recent_servers_lock
def get_servers(self):
- # start with hardcoded servers
- out = dict(constants.net.DEFAULT_SERVERS) # copy
+ # note: order of sources when adding servers here is crucial!
+ # don't let "server_peers" overwrite anything,
+ # otherwise main server can eclipse the client
+ out = dict()
+ # add servers received from main interface
+ server_peers = self.server_peers
+ if server_peers:
+ out.update(filter_version(server_peers.copy()))
+ # hardcoded servers
+ out.update(constants.net.DEFAULT_SERVERS)
# add recent servers
for s in self.recent_servers:
try:
host, port, protocol = deserialize_server(s)
except:
continue
- if host not in out:
+ if host in out:
+ out[host].update({protocol: port})
+ else:
out[host] = {protocol: port}
- # add servers received from main interface
- server_peers = self.server_peers
- if server_peers:
- out.update(filter_version(server_peers.copy()))
# potentially filter out some
if self.config.get('noonion'):
out = filter_noonion(out)