search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[test] Add getblockchaininfo functional test
[bitcoinplatinum.git] / src / qt / paymentserver.cpp
blob169684cf6d84acd27f4bbd469b043c3f006f3e7a
1 // Copyright (c) 2011-2016 The Bitcoin Core developers
2 // Distributed under the MIT software license, see the accompanying
3 // file COPYING or http://www.opensource.org/licenses/mit-license.php.
4
5 #include "paymentserver.h"
6
7 #include "bitcoinunits.h"
8 #include "guiutil.h"
9 #include "optionsmodel.h"
10
11 #include "base58.h"
12 #include "chainparams.h"
13 #include "policy/policy.h"
14 #include "ui_interface.h"
15 #include "util.h"
16 #include "wallet/wallet.h"
17
18 #include <cstdlib>
19
20 #include <openssl/x509_vfy.h>
21
22 #include <QApplication>
23 #include <QByteArray>
24 #include <QDataStream>
25 #include <QDateTime>
26 #include <QDebug>
27 #include <QFile>
28 #include <QFileOpenEvent>
29 #include <QHash>
30 #include <QList>
31 #include <QLocalServer>
32 #include <QLocalSocket>
33 #include <QNetworkAccessManager>
34 #include <QNetworkProxy>
35 #include <QNetworkReply>
36 #include <QNetworkRequest>
37 #include <QSslCertificate>
38 #include <QSslError>
39 #include <QSslSocket>
40 #include <QStringList>
41 #include <QTextDocument>
42
43 #if QT_VERSION < 0x050000
44 #include <QUrl>
45 #else
46 #include <QUrlQuery>
47 #endif
48
49 const int BITCOIN_IPC_CONNECT_TIMEOUT = 1000; // milliseconds
50 const QString BITCOIN_IPC_PREFIX("bitcoin:");
51 // BIP70 payment protocol messages
52 const char* BIP70_MESSAGE_PAYMENTACK = "PaymentACK";
53 const char* BIP70_MESSAGE_PAYMENTREQUEST = "PaymentRequest";
54 // BIP71 payment protocol media types
55 const char* BIP71_MIMETYPE_PAYMENT = "application/bitcoin-payment";
56 const char* BIP71_MIMETYPE_PAYMENTACK = "application/bitcoin-paymentack";
57 const char* BIP71_MIMETYPE_PAYMENTREQUEST = "application/bitcoin-paymentrequest";
58
59 struct X509StoreDeleter {
60 void operator()(X509_STORE* b) {
61 X509_STORE_free(b);
62 }
63 };
64
65 struct X509Deleter {
66 void operator()(X509* b) { X509_free(b); }
67 };
68
69 namespace // Anon namespace
70 {
71 std::unique_ptr<X509_STORE, X509StoreDeleter> certStore;
72 }
73
74 //
75 // Create a name that is unique for:
76 // testnet / non-testnet
77 // data directory
78 //
79 static QString ipcServerName()
80 {
81 QString name("BitcoinQt");
82
83 // Append a simple hash of the datadir
84 // Note that GetDataDir(true) returns a different path
85 // for -testnet versus main net
86 QString ddir(GUIUtil::boostPathToQString(GetDataDir(true)));
87 name.append(QString::number(qHash(ddir)));
88
89 return name;
90 }
91
92 //
93 // We store payment URIs and requests received before
94 // the main GUI window is up and ready to ask the user
95 // to send payment.
96
97 static QList<QString> savedPaymentRequests;
98
99 static void ReportInvalidCertificate(const QSslCertificate& cert)
100 {
101 #if QT_VERSION < 0x050000
102 qDebug() << QString("%1: Payment server found an invalid certificate: ").arg(__func__) << cert.serialNumber() << cert.subjectInfo(QSslCertificate::CommonName) << cert.subjectInfo(QSslCertificate::OrganizationalUnitName);
103 #else
104 qDebug() << QString("%1: Payment server found an invalid certificate: ").arg(__func__) << cert.serialNumber() << cert.subjectInfo(QSslCertificate::CommonName) << cert.subjectInfo(QSslCertificate::DistinguishedNameQualifier) << cert.subjectInfo(QSslCertificate::OrganizationalUnitName);
105 #endif
106 }
107
108 //
109 // Load OpenSSL's list of root certificate authorities
110 //
111 void PaymentServer::LoadRootCAs(X509_STORE* _store)
112 {
113 // Unit tests mostly use this, to pass in fake root CAs:
114 if (_store)
115 {
116 certStore.reset(_store);
117 return;
118 }
119
120 // Normal execution, use either -rootcertificates or system certs:
121 certStore.reset(X509_STORE_new());
122
123 // Note: use "-system-" default here so that users can pass -rootcertificates=""
124 // and get 'I don't like X.509 certificates, don't trust anybody' behavior:
125 QString certFile = QString::fromStdString(gArgs.GetArg("-rootcertificates", "-system-"));
126
127 // Empty store
128 if (certFile.isEmpty()) {
129 qDebug() << QString("PaymentServer::%1: Payment request authentication via X.509 certificates disabled.").arg(__func__);
130 return;
131 }
132
133 QList<QSslCertificate> certList;
134
135 if (certFile != "-system-") {
136 qDebug() << QString("PaymentServer::%1: Using \"%2\" as trusted root certificate.").arg(__func__).arg(certFile);
137
138 certList = QSslCertificate::fromPath(certFile);
139 // Use those certificates when fetching payment requests, too:
140 QSslSocket::setDefaultCaCertificates(certList);
141 } else
142 certList = QSslSocket::systemCaCertificates();
143
144 int nRootCerts = 0;
145 const QDateTime currentTime = QDateTime::currentDateTime();
146
147 for (const QSslCertificate& cert : certList) {
148 // Don't log NULL certificates
149 if (cert.isNull())
150 continue;
151
152 // Not yet active/valid, or expired certificate
153 if (currentTime < cert.effectiveDate() || currentTime > cert.expiryDate()) {
154 ReportInvalidCertificate(cert);
155 continue;
156 }
157
158 #if QT_VERSION >= 0x050000
159 // Blacklisted certificate
160 if (cert.isBlacklisted()) {
161 ReportInvalidCertificate(cert);
162 continue;
163 }
164 #endif
165 QByteArray certData = cert.toDer();
166 const unsigned char *data = (const unsigned char *)certData.data();
167
168 std::unique_ptr<X509, X509Deleter> x509(d2i_X509(0, &data, certData.size()));
169 if (x509 && X509_STORE_add_cert(certStore.get(), x509.get()))
170 {
171 // Note: X509_STORE increases the reference count to the X509 object,
172 // we still have to release our reference to it.
173 ++nRootCerts;
174 }
175 else
176 {
177 ReportInvalidCertificate(cert);
178 continue;
179 }
180 }
181 qWarning() << "PaymentServer::LoadRootCAs: Loaded " << nRootCerts << " root certificates";
182
183 // Project for another day:
184 // Fetch certificate revocation lists, and add them to certStore.
185 // Issues to consider:
186 // performance (start a thread to fetch in background?)
187 // privacy (fetch through tor/proxy so IP address isn't revealed)
188 // would it be easier to just use a compiled-in blacklist?
189 // or use Qt's blacklist?
190 // "certificate stapling" with server-side caching is more efficient
191 }
192
193 //
194 // Sending to the server is done synchronously, at startup.
195 // If the server isn't already running, startup continues,
196 // and the items in savedPaymentRequest will be handled
197 // when uiReady() is called.
198 //
199 // Warning: ipcSendCommandLine() is called early in init,
200 // so don't use "Q_EMIT message()", but "QMessageBox::"!
201 //
202 void PaymentServer::ipcParseCommandLine(int argc, char* argv[])
203 {
204 for (int i = 1; i < argc; i++)
205 {
206 QString arg(argv[i]);
207 if (arg.startsWith("-"))
208 continue;
209
210 // If the bitcoin: URI contains a payment request, we are not able to detect the
211 // network as that would require fetching and parsing the payment request.
212 // That means clicking such an URI which contains a testnet payment request
213 // will start a mainnet instance and throw a "wrong network" error.
214 if (arg.startsWith(BITCOIN_IPC_PREFIX, Qt::CaseInsensitive)) // bitcoin: URI
215 {
216 savedPaymentRequests.append(arg);
217
218 SendCoinsRecipient r;
219 if (GUIUtil::parseBitcoinURI(arg, &r) && !r.address.isEmpty())
220 {
221 auto tempChainParams = CreateChainParams(CBaseChainParams::MAIN);
222
223 if (IsValidDestinationString(r.address.toStdString(), *tempChainParams)) {
224 SelectParams(CBaseChainParams::MAIN);
225 } else {
226 tempChainParams = CreateChainParams(CBaseChainParams::TESTNET);
227 if (IsValidDestinationString(r.address.toStdString(), *tempChainParams)) {
228 SelectParams(CBaseChainParams::TESTNET);
229 }
230 }
231 }
232 }
233 else if (QFile::exists(arg)) // Filename
234 {
235 savedPaymentRequests.append(arg);
236
237 PaymentRequestPlus request;
238 if (readPaymentRequestFromFile(arg, request))
239 {
240 if (request.getDetails().network() == "main")
241 {
242 SelectParams(CBaseChainParams::MAIN);
243 }
244 else if (request.getDetails().network() == "test")
245 {
246 SelectParams(CBaseChainParams::TESTNET);
247 }
248 }
249 }
250 else
251 {
252 // Printing to debug.log is about the best we can do here, the
253 // GUI hasn't started yet so we can't pop up a message box.
254 qWarning() << "PaymentServer::ipcSendCommandLine: Payment request file does not exist: " << arg;
255 }
256 }
257 }
258
259 //
260 // Sending to the server is done synchronously, at startup.
261 // If the server isn't already running, startup continues,
262 // and the items in savedPaymentRequest will be handled
263 // when uiReady() is called.
264 //
265 bool PaymentServer::ipcSendCommandLine()
266 {
267 bool fResult = false;
268 for (const QString& r : savedPaymentRequests)
269 {
270 QLocalSocket* socket = new QLocalSocket();
271 socket->connectToServer(ipcServerName(), QIODevice::WriteOnly);
272 if (!socket->waitForConnected(BITCOIN_IPC_CONNECT_TIMEOUT))
273 {
274 delete socket;
275 socket = nullptr;
276 return false;
277 }
278
279 QByteArray block;
280 QDataStream out(&block, QIODevice::WriteOnly);
281 out.setVersion(QDataStream::Qt_4_0);
282 out << r;
283 out.device()->seek(0);
284
285 socket->write(block);
286 socket->flush();
287 socket->waitForBytesWritten(BITCOIN_IPC_CONNECT_TIMEOUT);
288 socket->disconnectFromServer();
289
290 delete socket;
291 socket = nullptr;
292 fResult = true;
293 }
294
295 return fResult;
296 }
297
298 PaymentServer::PaymentServer(QObject* parent, bool startLocalServer) :
299 QObject(parent),
300 saveURIs(true),
301 uriServer(0),
302 netManager(0),
303 optionsModel(0)
304 {
305 // Verify that the version of the library that we linked against is
306 // compatible with the version of the headers we compiled against.
307 GOOGLE_PROTOBUF_VERIFY_VERSION;
308
309 // Install global event filter to catch QFileOpenEvents
310 // on Mac: sent when you click bitcoin: links
311 // other OSes: helpful when dealing with payment request files
312 if (parent)
313 parent->installEventFilter(this);
314
315 QString name = ipcServerName();
316
317 // Clean up old socket leftover from a crash:
318 QLocalServer::removeServer(name);
319
320 if (startLocalServer)
321 {
322 uriServer = new QLocalServer(this);
323
324 if (!uriServer->listen(name)) {
325 // constructor is called early in init, so don't use "Q_EMIT message()" here
326 QMessageBox::critical(0, tr("Payment request error"),
327 tr("Cannot start bitcoin: click-to-pay handler"));
328 }
329 else {
330 connect(uriServer, SIGNAL(newConnection()), this, SLOT(handleURIConnection()));
331 connect(this, SIGNAL(receivedPaymentACK(QString)), this, SLOT(handlePaymentACK(QString)));
332 }
333 }
334 }
335
336 PaymentServer::~PaymentServer()
337 {
338 google::protobuf::ShutdownProtobufLibrary();
339 }
340
341 //
342 // OSX-specific way of handling bitcoin: URIs and PaymentRequest mime types.
343 // Also used by paymentservertests.cpp and when opening a payment request file
344 // via "Open URI..." menu entry.
345 //
346 bool PaymentServer::eventFilter(QObject *object, QEvent *event)
347 {
348 if (event->type() == QEvent::FileOpen) {
349 QFileOpenEvent *fileEvent = static_cast<QFileOpenEvent*>(event);
350 if (!fileEvent->file().isEmpty())
351 handleURIOrFile(fileEvent->file());
352 else if (!fileEvent->url().isEmpty())
353 handleURIOrFile(fileEvent->url().toString());
354
355 return true;
356 }
357
358 return QObject::eventFilter(object, event);
359 }
360
361 void PaymentServer::initNetManager()
362 {
363 if (!optionsModel)
364 return;
365 if (netManager != nullptr)
366 delete netManager;
367
368 // netManager is used to fetch paymentrequests given in bitcoin: URIs
369 netManager = new QNetworkAccessManager(this);
370
371 QNetworkProxy proxy;
372
373 // Query active SOCKS5 proxy
374 if (optionsModel->getProxySettings(proxy)) {
375 netManager->setProxy(proxy);
376
377 qDebug() << "PaymentServer::initNetManager: Using SOCKS5 proxy" << proxy.hostName() << ":" << proxy.port();
378 }
379 else
380 qDebug() << "PaymentServer::initNetManager: No active proxy server found.";
381
382 connect(netManager, SIGNAL(finished(QNetworkReply*)),
383 this, SLOT(netRequestFinished(QNetworkReply*)));
384 connect(netManager, SIGNAL(sslErrors(QNetworkReply*, const QList<QSslError> &)),
385 this, SLOT(reportSslErrors(QNetworkReply*, const QList<QSslError> &)));
386 }
387
388 void PaymentServer::uiReady()
389 {
390 initNetManager();
391
392 saveURIs = false;
393 for (const QString& s : savedPaymentRequests)
394 {
395 handleURIOrFile(s);
396 }
397 savedPaymentRequests.clear();
398 }
399
400 void PaymentServer::handleURIOrFile(const QString& s)
401 {
402 if (saveURIs)
403 {
404 savedPaymentRequests.append(s);
405 return;
406 }
407
408 if (s.startsWith(BITCOIN_IPC_PREFIX, Qt::CaseInsensitive)) // bitcoin: URI
409 {
410 #if QT_VERSION < 0x050000
411 QUrl uri(s);
412 #else
413 QUrlQuery uri((QUrl(s)));
414 #endif
415 if (uri.hasQueryItem("r")) // payment request URI
416 {
417 QByteArray temp;
418 temp.append(uri.queryItemValue("r"));
419 QString decoded = QUrl::fromPercentEncoding(temp);
420 QUrl fetchUrl(decoded, QUrl::StrictMode);
421
422 if (fetchUrl.isValid())
423 {
424 qDebug() << "PaymentServer::handleURIOrFile: fetchRequest(" << fetchUrl << ")";
425 fetchRequest(fetchUrl);
426 }
427 else
428 {
429 qWarning() << "PaymentServer::handleURIOrFile: Invalid URL: " << fetchUrl;
430 Q_EMIT message(tr("URI handling"),
431 tr("Payment request fetch URL is invalid: %1").arg(fetchUrl.toString()),
432 CClientUIInterface::ICON_WARNING);
433 }
434
435 return;
436 }
437 else // normal URI
438 {
439 SendCoinsRecipient recipient;
440 if (GUIUtil::parseBitcoinURI(s, &recipient))
441 {
442 if (!IsValidDestinationString(recipient.address.toStdString())) {
443 Q_EMIT message(tr("URI handling"), tr("Invalid payment address %1").arg(recipient.address),
444 CClientUIInterface::MSG_ERROR);
445 }
446 else
447 Q_EMIT receivedPaymentRequest(recipient);
448 }
449 else
450 Q_EMIT message(tr("URI handling"),
451 tr("URI cannot be parsed! This can be caused by an invalid Bitcoin address or malformed URI parameters."),
452 CClientUIInterface::ICON_WARNING);
453
454 return;
455 }
456 }
457
458 if (QFile::exists(s)) // payment request file
459 {
460 PaymentRequestPlus request;
461 SendCoinsRecipient recipient;
462 if (!readPaymentRequestFromFile(s, request))
463 {
464 Q_EMIT message(tr("Payment request file handling"),
465 tr("Payment request file cannot be read! This can be caused by an invalid payment request file."),
466 CClientUIInterface::ICON_WARNING);
467 }
468 else if (processPaymentRequest(request, recipient))
469 Q_EMIT receivedPaymentRequest(recipient);
470
471 return;
472 }
473 }
474
475 void PaymentServer::handleURIConnection()
476 {
477 QLocalSocket *clientConnection = uriServer->nextPendingConnection();
478
479 while (clientConnection->bytesAvailable() < (int)sizeof(quint32))
480 clientConnection->waitForReadyRead();
481
482 connect(clientConnection, SIGNAL(disconnected()),
483 clientConnection, SLOT(deleteLater()));
484
485 QDataStream in(clientConnection);
486 in.setVersion(QDataStream::Qt_4_0);
487 if (clientConnection->bytesAvailable() < (int)sizeof(quint16)) {
488 return;
489 }
490 QString msg;
491 in >> msg;
492
493 handleURIOrFile(msg);
494 }
495
496 //
497 // Warning: readPaymentRequestFromFile() is used in ipcSendCommandLine()
498 // so don't use "Q_EMIT message()", but "QMessageBox::"!
499 //
500 bool PaymentServer::readPaymentRequestFromFile(const QString& filename, PaymentRequestPlus& request)
501 {
502 QFile f(filename);
503 if (!f.open(QIODevice::ReadOnly)) {
504 qWarning() << QString("PaymentServer::%1: Failed to open %2").arg(__func__).arg(filename);
505 return false;
506 }
507
508 // BIP70 DoS protection
509 if (!verifySize(f.size())) {
510 return false;
511 }
512
513 QByteArray data = f.readAll();
514
515 return request.parse(data);
516 }
517
518 bool PaymentServer::processPaymentRequest(const PaymentRequestPlus& request, SendCoinsRecipient& recipient)
519 {
520 if (!optionsModel)
521 return false;
522
523 if (request.IsInitialized()) {
524 // Payment request network matches client network?
525 if (!verifyNetwork(request.getDetails())) {
526 Q_EMIT message(tr("Payment request rejected"), tr("Payment request network doesn't match client network."),
527 CClientUIInterface::MSG_ERROR);
528
529 return false;
530 }
531
532 // Make sure any payment requests involved are still valid.
533 // This is re-checked just before sending coins in WalletModel::sendCoins().
534 if (verifyExpired(request.getDetails())) {
535 Q_EMIT message(tr("Payment request rejected"), tr("Payment request expired."),
536 CClientUIInterface::MSG_ERROR);
537
538 return false;
539 }
540 } else {
541 Q_EMIT message(tr("Payment request error"), tr("Payment request is not initialized."),
542 CClientUIInterface::MSG_ERROR);
543
544 return false;
545 }
546
547 recipient.paymentRequest = request;
548 recipient.message = GUIUtil::HtmlEscape(request.getDetails().memo());
549
550 request.getMerchant(certStore.get(), recipient.authenticatedMerchant);
551
552 QList<std::pair<CScript, CAmount> > sendingTos = request.getPayTo();
553 QStringList addresses;
554
555 for (const std::pair<CScript, CAmount>& sendingTo : sendingTos) {
556 // Extract and check destination addresses
557 CTxDestination dest;
558 if (ExtractDestination(sendingTo.first, dest)) {
559 // Append destination address
560 addresses.append(QString::fromStdString(EncodeDestination(dest)));
561 }
562 else if (!recipient.authenticatedMerchant.isEmpty()) {
563 // Unauthenticated payment requests to custom bitcoin addresses are not supported
564 // (there is no good way to tell the user where they are paying in a way they'd
565 // have a chance of understanding).
566 Q_EMIT message(tr("Payment request rejected"),
567 tr("Unverified payment requests to custom payment scripts are unsupported."),
568 CClientUIInterface::MSG_ERROR);
569 return false;
570 }
571
572 // Bitcoin amounts are stored as (optional) uint64 in the protobuf messages (see paymentrequest.proto),
573 // but CAmount is defined as int64_t. Because of that we need to verify that amounts are in a valid range
574 // and no overflow has happened.
575 if (!verifyAmount(sendingTo.second)) {
576 Q_EMIT message(tr("Payment request rejected"), tr("Invalid payment request."), CClientUIInterface::MSG_ERROR);
577 return false;
578 }
579
580 // Extract and check amounts
581 CTxOut txOut(sendingTo.second, sendingTo.first);
582 if (IsDust(txOut, ::dustRelayFee)) {
583 Q_EMIT message(tr("Payment request error"), tr("Requested payment amount of %1 is too small (considered dust).")
584 .arg(BitcoinUnits::formatWithUnit(optionsModel->getDisplayUnit(), sendingTo.second)),
585 CClientUIInterface::MSG_ERROR);
586
587 return false;
588 }
589
590 recipient.amount += sendingTo.second;
591 // Also verify that the final amount is still in a valid range after adding additional amounts.
592 if (!verifyAmount(recipient.amount)) {
593 Q_EMIT message(tr("Payment request rejected"), tr("Invalid payment request."), CClientUIInterface::MSG_ERROR);
594 return false;
595 }
596 }
597 // Store addresses and format them to fit nicely into the GUI
598 recipient.address = addresses.join("<br />");
599
600 if (!recipient.authenticatedMerchant.isEmpty()) {
601 qDebug() << "PaymentServer::processPaymentRequest: Secure payment request from " << recipient.authenticatedMerchant;
602 }
603 else {
604 qDebug() << "PaymentServer::processPaymentRequest: Insecure payment request to " << addresses.join(", ");
605 }
606
607 return true;
608 }
609
610 void PaymentServer::fetchRequest(const QUrl& url)
611 {
612 QNetworkRequest netRequest;
613 netRequest.setAttribute(QNetworkRequest::User, BIP70_MESSAGE_PAYMENTREQUEST);
614 netRequest.setUrl(url);
615 netRequest.setRawHeader("User-Agent", CLIENT_NAME.c_str());
616 netRequest.setRawHeader("Accept", BIP71_MIMETYPE_PAYMENTREQUEST);
617 netManager->get(netRequest);
618 }
619
620 void PaymentServer::fetchPaymentACK(CWallet* wallet, const SendCoinsRecipient& recipient, QByteArray transaction)
621 {
622 const payments::PaymentDetails& details = recipient.paymentRequest.getDetails();
623 if (!details.has_payment_url())
624 return;
625
626 QNetworkRequest netRequest;
627 netRequest.setAttribute(QNetworkRequest::User, BIP70_MESSAGE_PAYMENTACK);
628 netRequest.setUrl(QString::fromStdString(details.payment_url()));
629 netRequest.setHeader(QNetworkRequest::ContentTypeHeader, BIP71_MIMETYPE_PAYMENT);
630 netRequest.setRawHeader("User-Agent", CLIENT_NAME.c_str());
631 netRequest.setRawHeader("Accept", BIP71_MIMETYPE_PAYMENTACK);
632
633 payments::Payment payment;
634 payment.set_merchant_data(details.merchant_data());
635 payment.add_transactions(transaction.data(), transaction.size());
636
637 // Create a new refund address, or re-use:
638 QString account = tr("Refund from %1").arg(recipient.authenticatedMerchant);
639 std::string strAccount = account.toStdString();
640 std::set<CTxDestination> refundAddresses = wallet->GetAccountAddresses(strAccount);
641 if (!refundAddresses.empty()) {
642 CScript s = GetScriptForDestination(*refundAddresses.begin());
643 payments::Output* refund_to = payment.add_refund_to();
644 refund_to->set_script(&s[0], s.size());
645 }
646 else {
647 CPubKey newKey;
648 if (wallet->GetKeyFromPool(newKey)) {
649 CKeyID keyID = newKey.GetID();
650 wallet->SetAddressBook(keyID, strAccount, "refund");
651
652 CScript s = GetScriptForDestination(keyID);
653 payments::Output* refund_to = payment.add_refund_to();
654 refund_to->set_script(&s[0], s.size());
655 }
656 else {
657 // This should never happen, because sending coins should have
658 // just unlocked the wallet and refilled the keypool.
659 qWarning() << "PaymentServer::fetchPaymentACK: Error getting refund key, refund_to not set";
660 }
661 }
662
663 int length = payment.ByteSize();
664 netRequest.setHeader(QNetworkRequest::ContentLengthHeader, length);
665 QByteArray serData(length, '\0');
666 if (payment.SerializeToArray(serData.data(), length)) {
667 netManager->post(netRequest, serData);
668 }
669 else {
670 // This should never happen, either.
671 qWarning() << "PaymentServer::fetchPaymentACK: Error serializing payment message";
672 }
673 }
674
675 void PaymentServer::netRequestFinished(QNetworkReply* reply)
676 {
677 reply->deleteLater();
678
679 // BIP70 DoS protection
680 if (!verifySize(reply->size())) {
681 Q_EMIT message(tr("Payment request rejected"),
682 tr("Payment request %1 is too large (%2 bytes, allowed %3 bytes).")
683 .arg(reply->request().url().toString())
684 .arg(reply->size())
685 .arg(BIP70_MAX_PAYMENTREQUEST_SIZE),
686 CClientUIInterface::MSG_ERROR);
687 return;
688 }
689
690 if (reply->error() != QNetworkReply::NoError) {
691 QString msg = tr("Error communicating with %1: %2")
692 .arg(reply->request().url().toString())
693 .arg(reply->errorString());
694
695 qWarning() << "PaymentServer::netRequestFinished: " << msg;
696 Q_EMIT message(tr("Payment request error"), msg, CClientUIInterface::MSG_ERROR);
697 return;
698 }
699
700 QByteArray data = reply->readAll();
701
702 QString requestType = reply->request().attribute(QNetworkRequest::User).toString();
703 if (requestType == BIP70_MESSAGE_PAYMENTREQUEST)
704 {
705 PaymentRequestPlus request;
706 SendCoinsRecipient recipient;
707 if (!request.parse(data))
708 {
709 qWarning() << "PaymentServer::netRequestFinished: Error parsing payment request";
710 Q_EMIT message(tr("Payment request error"),
711 tr("Payment request cannot be parsed!"),
712 CClientUIInterface::MSG_ERROR);
713 }
714 else if (processPaymentRequest(request, recipient))
715 Q_EMIT receivedPaymentRequest(recipient);
716
717 return;
718 }
719 else if (requestType == BIP70_MESSAGE_PAYMENTACK)
720 {
721 payments::PaymentACK paymentACK;
722 if (!paymentACK.ParseFromArray(data.data(), data.size()))
723 {
724 QString msg = tr("Bad response from server %1")
725 .arg(reply->request().url().toString());
726
727 qWarning() << "PaymentServer::netRequestFinished: " << msg;
728 Q_EMIT message(tr("Payment request error"), msg, CClientUIInterface::MSG_ERROR);
729 }
730 else
731 {
732 Q_EMIT receivedPaymentACK(GUIUtil::HtmlEscape(paymentACK.memo()));
733 }
734 }
735 }
736
737 void PaymentServer::reportSslErrors(QNetworkReply* reply, const QList<QSslError> &errs)
738 {
739 Q_UNUSED(reply);
740
741 QString errString;
742 for (const QSslError& err : errs) {
743 qWarning() << "PaymentServer::reportSslErrors: " << err;
744 errString += err.errorString() + "\n";
745 }
746 Q_EMIT message(tr("Network request error"), errString, CClientUIInterface::MSG_ERROR);
747 }
748
749 void PaymentServer::setOptionsModel(OptionsModel *_optionsModel)
750 {
751 this->optionsModel = _optionsModel;
752 }
753
754 void PaymentServer::handlePaymentACK(const QString& paymentACKMsg)
755 {
756 // currently we don't further process or store the paymentACK message
757 Q_EMIT message(tr("Payment acknowledged"), paymentACKMsg, CClientUIInterface::ICON_INFORMATION | CClientUIInterface::MODAL);
758 }
759
760 bool PaymentServer::verifyNetwork(const payments::PaymentDetails& requestDetails)
761 {
762 bool fVerified = requestDetails.network() == Params().NetworkIDString();
763 if (!fVerified) {
764 qWarning() << QString("PaymentServer::%1: Payment request network \"%2\" doesn't match client network \"%3\".")
765 .arg(__func__)
766 .arg(QString::fromStdString(requestDetails.network()))
767 .arg(QString::fromStdString(Params().NetworkIDString()));
768 }
769 return fVerified;
770 }
771
772 bool PaymentServer::verifyExpired(const payments::PaymentDetails& requestDetails)
773 {
774 bool fVerified = (requestDetails.has_expires() && (int64_t)requestDetails.expires() < GetTime());
775 if (fVerified) {
776 const QString requestExpires = QString::fromStdString(DateTimeStrFormat("%Y-%m-%d %H:%M:%S", (int64_t)requestDetails.expires()));
777 qWarning() << QString("PaymentServer::%1: Payment request expired \"%2\".")
778 .arg(__func__)
779 .arg(requestExpires);
780 }
781 return fVerified;
782 }
783
784 bool PaymentServer::verifySize(qint64 requestSize)
785 {
786 bool fVerified = (requestSize <= BIP70_MAX_PAYMENTREQUEST_SIZE);
787 if (!fVerified) {
788 qWarning() << QString("PaymentServer::%1: Payment request too large (%2 bytes, allowed %3 bytes).")
789 .arg(__func__)
790 .arg(requestSize)
791 .arg(BIP70_MAX_PAYMENTREQUEST_SIZE);
792 }
793 return fVerified;
794 }
795
796 bool PaymentServer::verifyAmount(const CAmount& requestAmount)
797 {
798 bool fVerified = MoneyRange(requestAmount);
799 if (!fVerified) {
800 qWarning() << QString("PaymentServer::%1: Payment request amount out of allowed range (%2, allowed 0 - %3).")
801 .arg(__func__)
802 .arg(requestAmount)
803 .arg(MAX_MONEY);
804 }
805 return fVerified;
806 }
807
808 X509_STORE* PaymentServer::getCertStore()
809 {
810 return certStore.get();
811 }