irungentoo
4b480381ee
Fixed segfault.
2013-08-19 07:18:24 -04:00
irungentoo
17890b1f61
Realloc apparently doesn't always behave like free() if size is zero.
2013-08-19 07:15:56 -04:00
irungentoo
88986f793a
Prevented possible MITM attack.
...
Friends must now send to themselves at least one encrypted ping packet
every 5 seconds.
If no encrypted ping packets are recieved from a friend within 10
seconds the connection is killed.
2013-08-19 07:00:59 -04:00
irungentoo
45fec94452
Fixed segfault and removed deprecated code.
2013-08-18 11:01:15 -04:00
irungentoo
88ea4659e9
Properly fixed possible realloc with size zero problem.
2013-08-18 10:27:03 -04:00
Sean Qureshi
1986e6b7f4
Ran it through astyle
2013-08-18 01:48:36 -07:00
Sean Qureshi
a03dcbb54e
Fixes CERT MEM04-C; CWE-131 in net_crypto.c
2013-08-18 01:31:54 -07:00
Sean Qureshi
17d3878174
Added minor error checking in Core, this helps prevent CERT MEM04-C; CWE-131
2013-08-18 01:26:11 -07:00
Sean Qureshi
71bc275284
Fixed a core memory leak
2013-08-18 00:23:50 -07:00
irungentoo
f259ab5fa7
Fixed bug.
2013-08-17 11:30:48 -04:00
irungentoo
7d092c3467
Added dynamic memory allocation to crypto connections.
...
Also fixed some possible bugs in Messenger.c
2013-08-17 11:16:08 -04:00
Michael Rose
d1d24c123d
Messenger stores / loads nickname
...
new toxic command to show nickname (mynick)
2013-08-17 11:59:28 +02:00
irungentoo
1207304f0b
Metadata collection prevention part 2 of ???
...
Improved friend request sending.
As a side effect friend requests should now be routed less than before.
See added comments for details.
2013-08-16 18:57:00 -04:00
irungentoo
88ff81d9de
Passed everything through astyle.
2013-08-16 13:11:09 -04:00
irungentoo
173101624c
Merge branch 'master' of https://github.com/irungentoo/ProjectTox-Core
2013-08-16 11:07:32 -04:00
irungentoo
095b3c4913
Some DHT hardening done.
...
See comments of added functions for details.
2013-08-16 11:04:28 -04:00
irungentoo
add81b3426
Merge pull request #471 from krisl/master
...
Add spam length to data length
2013-08-15 18:00:55 -07:00
irungentoo
b15230583c
Fixed loading and a small problem with the length of crypto requests.
2013-08-15 20:56:22 -04:00
Aaron Lipinski
ff7b4f8418
Add spam length to data length in comparison against max size
2013-08-16 08:27:03 +12:00
irungentoo
9e3d5d6488
Updated comment.
2013-08-15 14:26:26 -04:00
irungentoo
2663b9d23d
Merge branch 'master' of https://github.com/irungentoo/ProjectTox-Core
2013-08-15 14:25:36 -04:00
irungentoo
575804d19f
Small improvement to DHT. Useless file removed. Small fix to toxic.
2013-08-15 14:24:32 -04:00
Florian Hahn
3590f0a521
Check return value of realloc_friendlist and return FAERR_NOMEM on error
2013-08-15 15:34:27 +02:00
Aaron Lipinski
6b38b704a4
provide access to the close client list
2013-08-15 12:02:56 +12:00
Aaron Lipinski
93b34ef9e3
move client data struct to header file
2013-08-15 12:02:56 +12:00
irungentoo
4330bfbf87
Metadata collection prevention part 1 of ???.
...
Crypto requests packets are packets that can be routed by nodes in the
DHT. In this pull request I have merged both Natping requests and friend
requests into one common packet (Crypto request packets). Both these
packets should now only be distinguishable by the size of the data in
them to an outside observer for an example on how to send and recieve
data with these packets see: friend_requests.c
Note that these packets are prefixed with id 32 (friend request packets)
which means this change is compatible with the currently running DHT
bootstrap servers.
Also changed small thing in DHT_test.c
2013-08-14 18:26:00 -04:00
irungentoo
a3d3d37c23
Merge branch 'master' of https://github.com/irungentoo/ProjectTox-Core
2013-08-14 10:26:27 -04:00
irungentoo
5909a13ba4
Add friend now fails if it already is in DHT.
2013-08-14 10:26:02 -04:00
irungentoo
0338c3c9e8
Merge pull request #464 from slvr/crypto-fix
...
Incorrect constants: s/BOXZERO/ZERO/
2013-08-14 07:10:14 -07:00
irungentoo
8eb8fb2ab5
Messenger fix from pr #461 .
2013-08-14 09:52:03 -04:00
slvr
a854a730ec
Reduced redundant code, added new crypto test
2013-08-14 14:46:29 +01:00
slvr
ee34b51c24
s/BOXZERO/ZERO/
2013-08-14 14:29:39 +01:00
slvr
0b27a0cb35
Incorrect constants: s/BOXZERO/ZERO/
2013-08-14 14:26:04 +01:00
Chris Hall
cf5ad56a4a
fixing minor memory leak of friendlist
2013-08-14 17:35:15 +12:00
Chris Hall
0590d8325c
removing unnecessary function pointer _isset variables
2013-08-14 17:27:10 +12:00
irungentoo
63efa44dfa
Attempt to quickly fix a test.
2013-08-13 19:36:02 -04:00
irungentoo
06ccdb5b91
Simple XOR checksum added to address.
2013-08-13 19:07:59 -04:00
irungentoo
4132cdff49
clarified comment.
2013-08-13 18:30:14 -04:00
irungentoo
73163f6c98
Friend requests with different nospam fix and added saving/loading of nospam.
2013-08-13 17:25:52 -04:00
irungentoo
97f449a2f1
Fixed spam problem. (I broke the API so this will not build)
...
The friend address is what the byte string that you give away for people
to add you will be called.
1. Every friend address now contains a number set by the friend. This is
to prevent someone from randomly spamming people in the DHT with friend
requests and makes it so you need the person to actually give you the
address in some way to send the friend request. This number is expected
to be encrypted with the friend request. All requests that do not
contain this number will be rejected. This means the spammer can no
longer use the DHT to collect lists of valid addresses to spam. It also
enables users to quickly change the number in case a spammer gets hold
of the address and starts spamming it.
2. A 2 byte checksum will be added (not implemented yet) to prevent
people from accidentally adding random strings as friends. (NOTE that
this has nothing to do with the spam problem I just decided to add a
placeholder for it now.)
2013-08-13 09:32:31 -04:00
irungentoo
cb4f67b37a
Merge pull request #441 from slvr/timer
...
Timer Subsystem
2013-08-13 04:14:01 -07:00
slvr
471c148090
Portabily print out uint64_t using PRIu64
2013-08-13 09:55:49 +01:00
slvr
9e3f48c165
Removed core/Messenger.c.orig
...
Cleanup from merge conflict.
2013-08-13 09:51:18 +01:00
slvr
4bfeb2f483
timer_new -> new_timer and timer_delete -> delete_timer to avoid name conflict
2013-08-13 09:45:11 +01:00
Andreas Schneider
6b06431e9b
core: Fix a possible buffer overflow using getself_name().
...
If the passed buffer is smaller than MAX_NAME_LENGTH then, you
will probably overflow it.
2013-08-13 09:50:51 +02:00
slvr
a0c6296d6c
Resolve Merge Conflict
2013-08-12 23:47:15 +01:00
slvr
be840b46b9
Merge remote-tracking branch 'upstream/master' into timer
...
Conflicts:
core/Messenger.c
2013-08-12 23:08:48 +01:00
slvr
a56d87cd3f
remember to call timer_poll
2013-08-12 14:54:40 +01:00
slvr
c6b496d85b
Messenger Timer
2013-08-12 14:44:59 +01:00
slvr
f3511db29b
Added LAN discovery timer
2013-08-12 14:19:25 +01:00