diff options
| author | irungentoo <irungentoo@gmail.com> | 2013-08-13 09:32:31 -0400 |
|---|---|---|
| committer | irungentoo <irungentoo@gmail.com> | 2013-08-13 09:32:31 -0400 |
| commit | 97f449a2f1aa3e4fbe7f2d853efa0c7935ded967 (patch) | |
| tree | 9896c268be528828617823d7b04da9f7a0d0386f /core/Messenger.c | |
| parent | 8fe1dec5d634a2bba214b9204bda8341e8b26ed5 (diff) | |
Fixed spam problem. (I broke the API so this will not build)
The friend address is what the byte string that you give away for people
to add you will be called.
1. Every friend address now contains a number set by the friend. This is
to prevent someone from randomly spamming people in the DHT with friend
requests and makes it so you need the person to actually give you the
address in some way to send the friend request. This number is expected
to be encrypted with the friend request. All requests that do not
contain this number will be rejected. This means the spammer can no
longer use the DHT to collect lists of valid addresses to spam. It also
enables users to quickly change the number in case a spammer gets hold
of the address and starts spamming it.
2. A 2 byte checksum will be added (not implemented yet) to prevent
people from accidentally adding random strings as friends. (NOTE that
this has nothing to do with the spam problem I just decided to add a
placeholder for it now.)
Diffstat (limited to 'core/Messenger.c')
| -rw-r--r-- | core/Messenger.c | 26 |
1 files changed, 22 insertions, 4 deletions
diff --git a/core/Messenger.c b/core/Messenger.c index af102406..ae7c5ff3 100644 --- a/core/Messenger.c +++ b/core/Messenger.c | |||
| @@ -77,9 +77,23 @@ int getclient_id(Messenger *m, int friend_id, uint8_t *client_id) | |||
| 77 | } | 77 | } |
| 78 | 78 | ||
| 79 | /* | 79 | /* |
| 80 | * returns a FRIEND_ADDRESS_SIZE byte address to give to others. | ||
| 81 | * format: [client_id (32 bytes)][nospam number (4 bytes)][checksum (2 bytes)] | ||
| 82 | * | ||
| 83 | * TODO: add checksum. | ||
| 84 | */ | ||
| 85 | void getaddress(Messenger *m, uint8_t *address) | ||
| 86 | { | ||
| 87 | //memcpy(address, m->public_key, crypto_box_PUBLICKEYBYTES); //TODO | ||
| 88 | memcpy(address, self_public_key, crypto_box_PUBLICKEYBYTES); | ||
| 89 | uint32_t nospam = get_nospam(); | ||
| 90 | memcpy(address + crypto_box_PUBLICKEYBYTES, &nospam, sizeof(nospam)); | ||
| 91 | } | ||
| 92 | |||
| 93 | /* | ||
| 80 | * add a friend | 94 | * add a friend |
| 81 | * set the data that will be sent along with friend request | 95 | * set the data that will be sent along with friend request |
| 82 | * client_id is the client id of the friend | 96 | * address is the address of the friend (returned by getaddress) it must be FRIEND_ADDRESS_SIZE bytes. TODO: add checksum. |
| 83 | * data is the data and length is the length | 97 | * data is the data and length is the length |
| 84 | * returns the friend number if success | 98 | * returns the friend number if success |
| 85 | * return FA_TOOLONG if message length is too long | 99 | * return FA_TOOLONG if message length is too long |
| @@ -88,12 +102,14 @@ int getclient_id(Messenger *m, int friend_id, uint8_t *client_id) | |||
| 88 | * return FAERR_ALREADYSENT if friend request already sent or already a friend | 102 | * return FAERR_ALREADYSENT if friend request already sent or already a friend |
| 89 | * return FAERR_UNKNOWN for unknown error | 103 | * return FAERR_UNKNOWN for unknown error |
| 90 | */ | 104 | */ |
| 91 | int m_addfriend(Messenger *m, uint8_t *client_id, uint8_t *data, uint16_t length) | 105 | int m_addfriend(Messenger *m, uint8_t *address, uint8_t *data, uint16_t length) |
| 92 | { | 106 | { |
| 93 | if (length >= (MAX_DATA_SIZE - crypto_box_PUBLICKEYBYTES | 107 | if (length >= (MAX_DATA_SIZE - crypto_box_PUBLICKEYBYTES |
| 94 | - crypto_box_NONCEBYTES - crypto_box_BOXZEROBYTES | 108 | - crypto_box_NONCEBYTES - crypto_box_BOXZEROBYTES |
| 95 | + crypto_box_ZEROBYTES)) | 109 | + crypto_box_ZEROBYTES)) |
| 96 | return FAERR_TOOLONG; | 110 | return FAERR_TOOLONG; |
| 111 | uint8_t client_id[crypto_box_PUBLICKEYBYTES]; | ||
| 112 | memcpy(client_id, address, crypto_box_PUBLICKEYBYTES); | ||
| 97 | if (length < 1) | 113 | if (length < 1) |
| 98 | return FAERR_NOMESSAGE; | 114 | return FAERR_NOMESSAGE; |
| 99 | if (memcmp(client_id, self_public_key, crypto_box_PUBLICKEYBYTES) == 0) | 115 | if (memcmp(client_id, self_public_key, crypto_box_PUBLICKEYBYTES) == 0) |
| @@ -119,6 +135,7 @@ int m_addfriend(Messenger *m, uint8_t *client_id, uint8_t *data, uint16_t length | |||
| 119 | m->friendlist[i].info_size = length; | 135 | m->friendlist[i].info_size = length; |
| 120 | m->friendlist[i].message_id = 0; | 136 | m->friendlist[i].message_id = 0; |
| 121 | m->friendlist[i].receives_read_receipts = 1; /* default: YES */ | 137 | m->friendlist[i].receives_read_receipts = 1; /* default: YES */ |
| 138 | memcpy(&(m->friendlist[i].friendrequest_nospam), address + crypto_box_PUBLICKEYBYTES, sizeof(uint32_t)); | ||
| 122 | 139 | ||
| 123 | ++ m->numfriends; | 140 | ++ m->numfriends; |
| 124 | return i; | 141 | return i; |
| @@ -524,6 +541,7 @@ Messenger * initMessenger(void) | |||
| 524 | LosslessUDP_init(); | 541 | LosslessUDP_init(); |
| 525 | friendreq_init(); | 542 | friendreq_init(); |
| 526 | LANdiscovery_init(); | 543 | LANdiscovery_init(); |
| 544 | set_nospam(random_int()); | ||
| 527 | 545 | ||
| 528 | timer_single(&LANdiscovery, 0, LAN_DISCOVERY_INTERVAL); | 546 | timer_single(&LANdiscovery, 0, LAN_DISCOVERY_INTERVAL); |
| 529 | 547 | ||
| @@ -545,7 +563,7 @@ void doFriends(Messenger *m) | |||
| 545 | uint8_t temp[MAX_DATA_SIZE]; | 563 | uint8_t temp[MAX_DATA_SIZE]; |
| 546 | for (i = 0; i < m->numfriends; ++i) { | 564 | for (i = 0; i < m->numfriends; ++i) { |
| 547 | if (m->friendlist[i].status == FRIEND_ADDED) { | 565 | if (m->friendlist[i].status == FRIEND_ADDED) { |
| 548 | int fr = send_friendrequest(m->friendlist[i].client_id, m->friendlist[i].info, m->friendlist[i].info_size); | 566 | int fr = send_friendrequest(m->friendlist[i].client_id, m->friendlist[i].friendrequest_nospam, m->friendlist[i].info, m->friendlist[i].info_size); |
| 549 | if (fr == 0) /* TODO: This needs to be fixed so that it sends the friend requests a couple of times in case of packet loss */ | 567 | if (fr == 0) /* TODO: This needs to be fixed so that it sends the friend requests a couple of times in case of packet loss */ |
| 550 | set_friend_status(m, i, FRIEND_REQUESTED); | 568 | set_friend_status(m, i, FRIEND_REQUESTED); |
| 551 | else if (fr > 0) | 569 | else if (fr > 0) |
| @@ -554,7 +572,7 @@ void doFriends(Messenger *m) | |||
| 554 | if (m->friendlist[i].status == FRIEND_REQUESTED || m->friendlist[i].status == FRIEND_CONFIRMED) { /* friend is not online */ | 572 | if (m->friendlist[i].status == FRIEND_REQUESTED || m->friendlist[i].status == FRIEND_CONFIRMED) { /* friend is not online */ |
| 555 | if (m->friendlist[i].status == FRIEND_REQUESTED) { | 573 | if (m->friendlist[i].status == FRIEND_REQUESTED) { |
| 556 | if (m->friendlist[i].friend_request_id + 10 < unix_time()) { /*I know this is hackish but it should work.*/ | 574 | if (m->friendlist[i].friend_request_id + 10 < unix_time()) { /*I know this is hackish but it should work.*/ |
| 557 | send_friendrequest(m->friendlist[i].client_id, m->friendlist[i].info, m->friendlist[i].info_size); | 575 | send_friendrequest(m->friendlist[i].client_id, m->friendlist[i].friendrequest_nospam, m->friendlist[i].info, m->friendlist[i].info_size); |
| 558 | m->friendlist[i].friend_request_id = unix_time(); | 576 | m->friendlist[i].friend_request_id = unix_time(); |
| 559 | } | 577 | } |
| 560 | } | 578 | } |