gianistsol / python-p2p Goto Github PK
View Code? Open in Web Editor NEWdecentralized peer to peer network using TCP sockets with features like file transfer and messaging as well as opportunity to expand.
License: GNU General Public License v3.0
decentralized peer to peer network using TCP sockets with features like file transfer and messaging as well as opportunity to expand.
License: GNU General Public License v3.0
on python 3.10.1 crypto lib cannot be installed deprecated lib warning was showed
depricated log.txt
Discovering routers... Traceback (most recent call last): File "C:\Users\benin\OneDrive\Documenti\GitHub\python-p2p\pythonp2p\__main__.py", line 4, in <module> new = Node("", PORT, FILE_PORT) # start the node File "C:\Users\benin\OneDrive\Documenti\GitHub\python-p2p\pythonp2p\node.py", line 152, in __init__ portforwardlib.forwardPort(port, port, None, None, False, "TCP", 0, "", True) File "C:\Users\benin\OneDrive\Documenti\GitHub\python-p2p\pythonp2p\portforwardlib.py", line 240, in forwardPort status, message = open_port( File "C:\Users\benin\OneDrive\Documenti\GitHub\python-p2p\pythonp2p\portforwardlib.py", line 177, in open_port conn = http.client.HTTPConnection(parsedurl.hostname, parsedurl.port) File "C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.9_3.9.3568.0_x64__qbz5n2kfra8p0\lib\urllib\parse.py", line 178, in port raise ValueError(message) from None ValueError: Port could not be cast to integer value as '57970None'
https://github.com/GianisTsol/python-p2p/blob/master/p2pnetwork/node.py#L285 is one such spot.
Wrapping something in str() is not a way to sanitize input or prevent code execution.
When using the library I have encountered a "No route to host" error when it comes to file sharing. When troubleshooting I found that the connection was established with one port PORT(65432), while FILE PORT isn't established, hence causing the error.
Here's my server:
>>> from pythonp2p import Node
>>> class Mynode(Node):
... def on_message(message, sender, private):
... print('MESSAGE:', message)
...
>>>
>>> node = Mynode()
Discovering routers...
Discovering routers...
[debug] Initialisation of the Node on port: 65432
>>> node.start()
Pinger Started
>>> File Server Started
Here's my client:
>>> from pythonp2p import Node
>>> node = Node()
Discovering routers...
Discovering routers...
[debug] Initialisation of the Node on port: 65432
>>> node.connect_to('97.117.28.178')
[debug] connecting to 97.117.28.178 port 65432
[debug] connect_to: Could not connect with node. ([WinError 10060] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond)
>>>
the ip address I'm using is the ip address I get from doing a "what's my ip" search on the server machine.
I have identified a security vulnerability in the python-p2p v 1.7.1 project by our cryptographic api misuse detection tool.The issue pertains to the use of a default RSA key length of 1024 bits, which is considered insecure due to advances in computing power and cryptographic weaknesses associated with shorter key lengths.
CWE-326: Inadequate Encryption Strength
NIST SP 800-131A r2
https://github.com/GianisTsol/python-p2p/blob/master/pythonp2p/crypto_funcs.py#L10
I recommend the following actions to mitigate the vulnerability:
Upgrade the RSA key length to a more secure option, such as 2048 bits.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.