Randomly choose an SDL server and recognize malicious domain without prefix

3 years ago · f601767811
3 changed files with 37 additions and 21 deletions
--- a/src/connection.cpp
+++ b/src/connection.cpp
@ -155,9 +155,21 @@ void ConnectionLoader::doAutoConnect()
        QString response = litelib_process_response(resp);

        if (response.toUpper().trimmed() != "OK") {
-            QString resp = "Error when connecting to " + config->server + ": " + response;
-            showError(resp);
-            return;
+            config->server = Settings::getRandomServer();
+
+            resp = litelib_initialize_existing(
+                config->dangerous,
+                config->server.toStdString().c_str()
+            );
+            response = litelib_process_response(resp);
+
+            if (response.toUpper().trimmed() != "OK") {
+                QString resp = "Error when connecting to " + config->server + ": " + response;
+                showError(resp);
+                return;
+            } else {
+                qDebug() << __func__ << ": Successfully connected to random server: " << config->server << " !!!";
+            }
        } else {
            qDebug() << __func__ << ": Successfully connected to " << config->server << " !!!";
        }
--- a/src/controller.cpp
+++ b/src/controller.cpp
@ -2040,7 +2040,7 @@ void Controller::shutdownhushd()
        connD.topIcon->setMovie(movie2);
        movie2->start();
        connD.status->setText(QObject::tr("Please wait for SilentDragonLite to exit"));
-        connD.statusDetail->setText(QObject::tr("Waiting for hushd to exit"));
+        connD.statusDetail->setText(QObject::tr("Please wait for SilentDragonLite to exit"));
    } else {
        QMovie *movie1 = new QMovie(":/img/res/silentdragonlite-animated-startup.gif");;
        movie1->setScaledSize(size);
--- a/src/settings.cpp
+++ b/src/settings.cpp
@ -25,15 +25,15 @@ Config Settings::getSettings() {
    
    // this domain is stolen and malicious!
    // More info: https://git.hush.is/hush/fraud/#gilardh
-    auto malicious     = "https://lite.myhush.org";
+    auto malicious     = "lite.myhush.org";
    auto server        = s.value("connection/server").toString();
    bool sticky        = s.value("connection/stickyServer").toBool();
    bool torOnly       = s.value("connection/torOnly").toBool();

    // Users that have old configs generated from old SDLs will have this hostname
-    if(server == malicious) {
+    if(server == malicious or server == (QString("https://") + malicious)) {
        qDebug() << "Replacing malicious SDL server with " << server;
-        server = "https://lite.hush.is";
+        server = getRandomServer();
        s.setValue("connection/server", server);
    }

@ -294,24 +294,27 @@ void Settings::saveRestoreTableHeader(QTableView* table, QDialog* d, QString tab

 QString Settings::getRandomServer() {
    qDebug() << __func__;
+    // The more servers from different TLDs, the better
+    QList<QString> servers = {
+    "https://lite.hush.is",
+    "https://devo.crabdance.com",
+    //"https://thisisdown1.example.com",
+    //"https://thisisdown2.example.com",
+    //"https://thisisdown3.example.com",
+    //"https://thisisdown4.example.com",
+    //"https://thisisdown5.example.com",
+    "https://lite.hush.community",
+    };
+
    // we don't need cryptographic random-ness, but we want
    // clients to never get "stuck" with the same server, which
    // prevents various attacks
-    QList<QString> servers;
-    //TODO: This should be a much larger list which we randomly choose from
-    servers[0] = "https://lite.hush.is";
-    servers[1] = "https://devo.crabdance.com";
-    servers[2] = "https://lite.hush.community";
-    //servers[3] = "https://hush.leto.net";
-    //servers[4] = "https://milktoast.attackingzcash.com";
-
-    // start at a random place in the list
-    int x       = rand() % servers.size();
+    int  x      = rand() % servers.size();
    auto server = servers[x];
-    int tries = 0;
+    int tries   = 0;

    // We try every server,in order, starting from a random place in the list
-    while (tries <= servers.size() ) {
+    while (tries < servers.size() ) {
        qDebug() << "Checking if lite server " << server << " is a alive, try=" << tries;
        char* resp = litelib_initialize_existing(false, server.toStdString().c_str());
        QString response = litelib_process_response(resp);
@ -321,8 +324,9 @@ QString Settings::getRandomServer() {
            qDebug() << "Choosing lite server " << server;
            return server;
        }
-        server = servers[++x % servers.size()];
-
+        x++;
+        x = x % servers.size();
+        server = servers[x];
        tries++;
    }
    return server;