@ -509,12 +509,7 @@ bool PaymentServer::readPaymentRequestFromFile(const QString& filename, PaymentR
@@ -509,12 +509,7 @@ bool PaymentServer::readPaymentRequestFromFile(const QString& filename, PaymentR
}
// BIP70 DoS protection
if ( f . size ( ) > BIP70_MAX_PAYMENTREQUEST_SIZE ) {
qWarning ( ) < < QString ( " PaymentServer::%1: Payment request %2 is too large (%3 bytes, allowed %4 bytes). " )
. arg ( __func__ )
. arg ( filename )
. arg ( f . size ( ) )
. arg ( BIP70_MAX_PAYMENTREQUEST_SIZE ) ;
if ( ! verifySize ( f . size ( ) ) ) {
return false ;
}
@ -685,14 +680,13 @@ void PaymentServer::netRequestFinished(QNetworkReply* reply)
@@ -685,14 +680,13 @@ void PaymentServer::netRequestFinished(QNetworkReply* reply)
reply - > deleteLater ( ) ;
// BIP70 DoS protection
if ( reply - > size ( ) > BIP70_MAX_PAYMENTREQUEST_SIZE ) {
QString msg = tr ( " Payment request %1 is too large (%2 bytes, allowed %3 bytes). " )
if ( ! verifySize ( reply - > size ( ) ) ) {
Q_EMIT message ( tr ( " Payment request rejected " ) ,
tr ( " Payment request %1 is too large (%2 bytes, allowed %3 bytes). " )
. arg ( reply - > request ( ) . url ( ) . toString ( ) )
. arg ( reply - > size ( ) )
. arg ( BIP70_MAX_PAYMENTREQUEST_SIZE ) ;
qWarning ( ) < < QString ( " PaymentServer::%1: " ) . arg ( __func__ ) < < msg ;
Q_EMIT message ( tr ( " Payment request DoS protection " ) , msg , CClientUIInterface : : MSG_ERROR ) ;
. arg ( BIP70_MAX_PAYMENTREQUEST_SIZE ) ,
CClientUIInterface : : MSG_ERROR ) ;
return ;
}
@ -790,6 +784,18 @@ bool PaymentServer::verifyExpired(const payments::PaymentDetails& requestDetails
@@ -790,6 +784,18 @@ bool PaymentServer::verifyExpired(const payments::PaymentDetails& requestDetails
return fVerified ;
}
bool PaymentServer : : verifySize ( qint64 requestSize )
{
bool fVerified = ( requestSize < = BIP70_MAX_PAYMENTREQUEST_SIZE ) ;
if ( ! fVerified ) {
qWarning ( ) < < QString ( " PaymentServer::%1: Payment request too large (%2 bytes, allowed %3 bytes). " )
. arg ( __func__ )
. arg ( requestSize )
. arg ( BIP70_MAX_PAYMENTREQUEST_SIZE ) ;
}
return fVerified ;
}
bool PaymentServer : : verifyAmount ( const CAmount & requestAmount )
{
bool fVerified = MoneyRange ( requestAmount ) ;