mirror of
https://github.com/kvazar-network/kevacoin.git
synced 2025-01-12 08:08:25 +00:00
[Qt] add verifySize() function to PaymentServer
- add static verifySize() function to PaymentServer and move the logging on error into the function - also use the new function in the unit test - the function checks if the size is allowed as per BIP70
This commit is contained in:
parent
c0f66ce44a
commit
be942def4b
@ -509,12 +509,7 @@ bool PaymentServer::readPaymentRequestFromFile(const QString& filename, PaymentR
|
|||||||
}
|
}
|
||||||
|
|
||||||
// BIP70 DoS protection
|
// BIP70 DoS protection
|
||||||
if (f.size() > BIP70_MAX_PAYMENTREQUEST_SIZE) {
|
if (!verifySize(f.size())) {
|
||||||
qWarning() << QString("PaymentServer::%1: Payment request %2 is too large (%3 bytes, allowed %4 bytes).")
|
|
||||||
.arg(__func__)
|
|
||||||
.arg(filename)
|
|
||||||
.arg(f.size())
|
|
||||||
.arg(BIP70_MAX_PAYMENTREQUEST_SIZE);
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -685,14 +680,13 @@ void PaymentServer::netRequestFinished(QNetworkReply* reply)
|
|||||||
reply->deleteLater();
|
reply->deleteLater();
|
||||||
|
|
||||||
// BIP70 DoS protection
|
// BIP70 DoS protection
|
||||||
if (reply->size() > BIP70_MAX_PAYMENTREQUEST_SIZE) {
|
if (!verifySize(reply->size())) {
|
||||||
QString msg = tr("Payment request %1 is too large (%2 bytes, allowed %3 bytes).")
|
Q_EMIT message(tr("Payment request rejected"),
|
||||||
.arg(reply->request().url().toString())
|
tr("Payment request %1 is too large (%2 bytes, allowed %3 bytes).")
|
||||||
.arg(reply->size())
|
.arg(reply->request().url().toString())
|
||||||
.arg(BIP70_MAX_PAYMENTREQUEST_SIZE);
|
.arg(reply->size())
|
||||||
|
.arg(BIP70_MAX_PAYMENTREQUEST_SIZE),
|
||||||
qWarning() << QString("PaymentServer::%1:").arg(__func__) << msg;
|
CClientUIInterface::MSG_ERROR);
|
||||||
Q_EMIT message(tr("Payment request DoS protection"), msg, CClientUIInterface::MSG_ERROR);
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -790,6 +784,18 @@ bool PaymentServer::verifyExpired(const payments::PaymentDetails& requestDetails
|
|||||||
return fVerified;
|
return fVerified;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
bool PaymentServer::verifySize(qint64 requestSize)
|
||||||
|
{
|
||||||
|
bool fVerified = (requestSize <= BIP70_MAX_PAYMENTREQUEST_SIZE);
|
||||||
|
if (!fVerified) {
|
||||||
|
qWarning() << QString("PaymentServer::%1: Payment request too large (%2 bytes, allowed %3 bytes).")
|
||||||
|
.arg(__func__)
|
||||||
|
.arg(requestSize)
|
||||||
|
.arg(BIP70_MAX_PAYMENTREQUEST_SIZE);
|
||||||
|
}
|
||||||
|
return fVerified;
|
||||||
|
}
|
||||||
|
|
||||||
bool PaymentServer::verifyAmount(const CAmount& requestAmount)
|
bool PaymentServer::verifyAmount(const CAmount& requestAmount)
|
||||||
{
|
{
|
||||||
bool fVerified = MoneyRange(requestAmount);
|
bool fVerified = MoneyRange(requestAmount);
|
||||||
|
@ -88,13 +88,12 @@ public:
|
|||||||
// OptionsModel is used for getting proxy settings and display unit
|
// OptionsModel is used for getting proxy settings and display unit
|
||||||
void setOptionsModel(OptionsModel *optionsModel);
|
void setOptionsModel(OptionsModel *optionsModel);
|
||||||
|
|
||||||
// This is now public, because we use it in paymentservertests.cpp
|
|
||||||
static bool readPaymentRequestFromFile(const QString& filename, PaymentRequestPlus& request);
|
|
||||||
|
|
||||||
// Verify that the payment request network matches the client network
|
// Verify that the payment request network matches the client network
|
||||||
static bool verifyNetwork(const payments::PaymentDetails& requestDetails);
|
static bool verifyNetwork(const payments::PaymentDetails& requestDetails);
|
||||||
// Verify if the payment request is expired
|
// Verify if the payment request is expired
|
||||||
static bool verifyExpired(const payments::PaymentDetails& requestDetails);
|
static bool verifyExpired(const payments::PaymentDetails& requestDetails);
|
||||||
|
// Verify the payment request size is valid as per BIP70
|
||||||
|
static bool verifySize(qint64 requestSize);
|
||||||
// Verify the payment request amount is valid
|
// Verify the payment request amount is valid
|
||||||
static bool verifyAmount(const CAmount& requestAmount);
|
static bool verifyAmount(const CAmount& requestAmount);
|
||||||
|
|
||||||
@ -131,6 +130,7 @@ protected:
|
|||||||
bool eventFilter(QObject *object, QEvent *event);
|
bool eventFilter(QObject *object, QEvent *event);
|
||||||
|
|
||||||
private:
|
private:
|
||||||
|
static bool readPaymentRequestFromFile(const QString& filename, PaymentRequestPlus& request);
|
||||||
bool processPaymentRequest(const PaymentRequestPlus& request, SendCoinsRecipient& recipient);
|
bool processPaymentRequest(const PaymentRequestPlus& request, SendCoinsRecipient& recipient);
|
||||||
void fetchRequest(const QUrl& url);
|
void fetchRequest(const QUrl& url);
|
||||||
|
|
||||||
|
@ -185,7 +185,8 @@ void PaymentServerTests::paymentServerTests()
|
|||||||
tempFile.open();
|
tempFile.open();
|
||||||
tempFile.write((const char*)randData, sizeof(randData));
|
tempFile.write((const char*)randData, sizeof(randData));
|
||||||
tempFile.close();
|
tempFile.close();
|
||||||
QCOMPARE(PaymentServer::readPaymentRequestFromFile(tempFile.fileName(), r.paymentRequest), false);
|
// compares 50001 <= BIP70_MAX_PAYMENTREQUEST_SIZE == false
|
||||||
|
QCOMPARE(PaymentServer::verifySize(tempFile.size()), false);
|
||||||
|
|
||||||
// Payment request with amount overflow (amount is set to 21000001 BTC):
|
// Payment request with amount overflow (amount is set to 21000001 BTC):
|
||||||
data = DecodeBase64(paymentrequest5_cert2_BASE64);
|
data = DecodeBase64(paymentrequest5_cert2_BASE64);
|
||||||
|
Loading…
Reference in New Issue
Block a user