electrum

Electrum Bitcoin wallet
git clone https://git.parazyd.org/electrum
Log | Files | Refs | Submodules
commit a2bffb9137ae1aaa0edf628cf767ca6f53332def
parent baa02936207e5fdfbad446bf635d5d032f7cb398
Author: SomberNight <somber.night@protonmail.com>
Date:   Thu, 27 Jun 2019 19:10:25 +0200

network: harden against eclipse attacks

Diffstat:

Melectrum/network.py | 20+++++++++++++-------


1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/electrum/network.py b/electrum/network.py
@@ -476,20 +476,26 @@ class Network(Logger):
 
     @with_recent_servers_lock
     def get_servers(self):
-        # start with hardcoded servers
-        out = dict(constants.net.DEFAULT_SERVERS)  # copy
+        # note: order of sources when adding servers here is crucial!
+        # don't let "server_peers" overwrite anything,
+        # otherwise main server can eclipse the client
+        out = dict()
+        # add servers received from main interface
+        server_peers = self.server_peers
+        if server_peers:
+            out.update(filter_version(server_peers.copy()))
+        # hardcoded servers
+        out.update(constants.net.DEFAULT_SERVERS)
         # add recent servers
         for s in self.recent_servers:
             try:
                 host, port, protocol = deserialize_server(s)
             except:
                 continue
-            if host not in out:
+            if host in out:
+                out[host].update({protocol: port})
+            else:
                 out[host] = {protocol: port}
-        # add servers received from main interface
-        server_peers = self.server_peers
-        if server_peers:
-            out.update(filter_version(server_peers.copy()))
         # potentially filter out some
         if self.config.get('noonion'):
             out = filter_noonion(out)