@@ -202,31 +202,36 @@ def reloadMyAddressHashes():
202202 hasEnabledKeys = False
203203 for addressInKeysFile in configSections :
204204 if addressInKeysFile <> 'bitmessagesettings' :
205- hasEnabledKeys = True
206205 isEnabled = config .getboolean (addressInKeysFile , 'enabled' )
207206 if isEnabled :
208- if keyfileSecure :
209- status ,addressVersionNumber ,streamNumber ,hash = decodeAddress (addressInKeysFile )
210- if addressVersionNumber == 2 or addressVersionNumber == 3 :
211- # Returns a simple 32 bytes of information encoded in 64 Hex characters, or null if there was an error.
212- privEncryptionKey = decodeWalletImportFormat (
213- config .get (addressInKeysFile , 'privencryptionkey' )).encode ('hex' )
214-
215- if len (privEncryptionKey ) == 64 :#It is 32 bytes encoded as 64 hex characters
216- myECCryptorObjects [hash ] = highlevelcrypto .makeCryptor (privEncryptionKey )
217- myAddressesByHash [hash ] = addressInKeysFile
218- else :
219- sys .stderr .write ('Error in reloadMyAddressHashes: Can\' t handle address versions other than 2 or 3.\n ' )
207+ hasEnabledKeys = True
208+ status ,addressVersionNumber ,streamNumber ,hash = decodeAddress (addressInKeysFile )
209+ if addressVersionNumber == 2 or addressVersionNumber == 3 :
210+ # Returns a simple 32 bytes of information encoded in 64 Hex characters,
211+ # or null if there was an error.
212+ privEncryptionKey = decodeWalletImportFormat (
213+ config .get (addressInKeysFile , 'privencryptionkey' )).encode ('hex' )
214+
215+ if len (privEncryptionKey ) == 64 :#It is 32 bytes encoded as 64 hex characters
216+ myECCryptorObjects [hash ] = highlevelcrypto .makeCryptor (privEncryptionKey )
217+ myAddressesByHash [hash ] = addressInKeysFile
218+
219+ if not keyfileSecure :
220+ # Insecure keyfile permissions. Disable key.
221+ config .set (addressInKeysFile , 'enabled' , 'false' )
220222 else :
221- # Insecure keyfile permissions. Disable key.
222- config .set (addressInKeysFile , 'enabled' , 'false' )
223- try :
224- if not keyfileSecure :
225- with open (appdata + 'keys.dat' , 'wb' ) as keyfile :
226- config .write (keyfile )
227- except :
228- print 'Failed to disable vulnerable keyfiles.'
229- raise
223+ sys .stderr .write ('Error in reloadMyAddressHashes: Can\' t handle address '
224+ 'versions other than 2 or 3.\n ' )
225+
226+ if not keyfileSecure :
227+ fixSensitiveFilePermissions (appdata + 'keys.dat' , hasEnabledKeys )
228+ if hasEnabledKeys :
229+ try :
230+ with open (appdata + 'keys.dat' , 'wb' ) as keyfile :
231+ config .write (keyfile )
232+ except :
233+ print 'Failed to disable vulnerable keys.'
234+ raise
230235
231236def reloadBroadcastSendersForWhichImWatching ():
232237 printLock .acquire ()
@@ -318,53 +323,58 @@ def fixPotentiallyInvalidUTF8Data(text):
318323 output = 'Part of the message is corrupt. The message cannot be displayed the normal way.\n \n ' + repr (text )
319324 return output
320325
326+ # Checks sensitive file permissions for inappropriate umask during keys.dat creation.
327+ # (Or unwise subsequent chmod.)
328+ # Returns true iff file appears to have appropriate permissions.
321329def checkSensitiveFilePermissions (filename ):
322330 if sys .platform == 'win32' :
323331 # TODO: This might deserve extra checks by someone familiar with
324332 # Windows systems.
325- fileSecure = True
333+ return True
326334 else :
327- fileSecure = secureFilePermissions (filename )
328- if not fileSecure :
329- print
330- print '******************************************************************'
331- print '** !! WARNING !! **'
332- print '******************************************************************'
333- print '** Possibly major security problem: **'
334- print '** Your keyfiles were vulnerable to being read by other users **'
335- print '** (including some untrusted daemons). You may wish to consider **'
336- print '** generating new keys and discontinuing use of your old ones. **'
337- print '** Your private keys have been disabled for your security, but **'
338- print '** you may re-enable them using the "Your Identities" tab in **'
339- print '** the default GUI or by modifying keys.dat such that your keys **'
340- print '** show "enabled = true". **'
341- try :
342- fixSensitiveFilePermissions (filename )
343- print '** The problem has been automatically fixed. **'
344- print '******************************************************************'
345- print
346- except Exception , e :
347- print '** Could NOT automatically fix permissions. **'
348- print '******************************************************************'
349- print
350- raise
351- return fileSecure
352-
353-
354- # Checks sensitive file permissions for inappropriate umask during keys.dat creation.
355- # (Or unwise subsequent chmod.)
356- # Returns true iff file appears to have appropriate permissions.
357- def secureFilePermissions (filename ):
358- present_permissions = os .stat (filename )[0 ]
359- disallowed_permissions = stat .S_IRWXG | stat .S_IRWXO
360- return present_permissions & disallowed_permissions == 0
335+ present_permissions = os .stat (filename )[0 ]
336+ disallowed_permissions = stat .S_IRWXG | stat .S_IRWXO
337+ return present_permissions & disallowed_permissions == 0
361338
362339# Fixes permissions on a sensitive file.
363- def fixSensitiveFilePermissions (filename ):
364- present_permissions = os .stat (filename )[0 ]
365- disallowed_permissions = stat .S_IRWXG | stat .S_IRWXO
366- allowed_permissions = ((1 << 32 )- 1 ) ^ disallowed_permissions
367- new_permissions = (
368- allowed_permissions & present_permissions )
369- os .chmod (filename , new_permissions )
340+ def fixSensitiveFilePermissions (filename , hasEnabledKeys ):
341+ if hasEnabledKeys :
342+ print
343+ print '******************************************************************'
344+ print '** !! WARNING !! **'
345+ print '******************************************************************'
346+ print '** Possibly major security problem: **'
347+ print '** Your keyfile was vulnerable to being read by other users **'
348+ print '** (including some untrusted daemons). You may wish to consider **'
349+ print '** generating new keys and discontinuing use of your old ones. **'
350+ print '** Your private keys have been disabled for your security, but **'
351+ print '** you may re-enable them using the "Your Identities" tab in **'
352+ print '** the default GUI or by modifying keys.dat such that your keys **'
353+ print '** show "enabled = true". **'
354+ else :
355+ print '******************************************************************'
356+ print '** !! WARNING !! **'
357+ print '******************************************************************'
358+ print '** Possibly major security problem: **'
359+ print '** Your keyfile was vulnerable to being read by other users. **'
360+ print '** Fortunately, you don\' t have any enabled keys, but be aware **'
361+ print '** that any disabled keys may have been compromised by malware **'
362+ print '** running by other users and that you should reboot before **'
363+ print '** generating any new keys. **'
364+ try :
365+ present_permissions = os .stat (filename )[0 ]
366+ disallowed_permissions = stat .S_IRWXG | stat .S_IRWXO
367+ allowed_permissions = ((1 << 32 )- 1 ) ^ disallowed_permissions
368+ new_permissions = (
369+ allowed_permissions & present_permissions )
370+ os .chmod (filename , new_permissions )
371+
372+ print '** The file permissions have been automatically fixed. **'
373+ print '******************************************************************'
374+ print
375+ except Exception , e :
376+ print '** Could NOT automatically fix permissions. **'
377+ print '******************************************************************'
378+ print
379+ raise
370380
0 commit comments