7 files changed, 55 insertions, 29 deletions

diff --git a/docs/Prevent_Tracking.txt b/docs/Prevent_Tracking.txt
index 5f7aaf1e..ab091999 100644
--- a/docs/Prevent_Tracking.txt
+++ b/docs/Prevent_Tracking.txt
@@ -145,3 +145,11 @@ encrypted with temp symmetric key of Node A: [IP_Port (of us)][data to send back
 (sent from node A to us):
 
 [data to send back]
+
+
+Data packets:
+
+To tell our friend what our DHT public key is so that he can connect to us we send a data packet with id 156 and 
+the data being:[uint64_t (in network byte order) no_replay, the packet will only be accepted if this number is bigger than the last one recieved]
+[our dht public key][Node_Format * (maximum of 8) nodes closest to us so that the friend can find us faster]
+
diff --git a/docs/updates/Crypto.md b/docs/updates/Crypto.md
index 6b489c3b..a6c701d3 100644
--- a/docs/updates/Crypto.md
+++ b/docs/updates/Crypto.md
@@ -20,7 +20,7 @@ case 1: Alice adds Bobs public key and bob waits for Alice to attempt to connect
 case 2: Bob and Alice add their respective public keys to their friends list at the same time.  
     
 case 1:  
-Alice sends a crypto request packet to bob with the encrypted part containing the friends request like so:  
+Alice sends a onion data (see: Prevent_tracking.txt) packet to bob with the encrypted part containing the friends request like so:  
 ```
 [char with a value of 32][nospam number (4 bytes)][Message]
 ```
diff --git a/toxcore/Messenger.c b/toxcore/Messenger.c
index 2f270fb6..19246d7d 100644
--- a/toxcore/Messenger.c
+++ b/toxcore/Messenger.c
@@ -34,27 +34,6 @@
 #define MIN(a,b) (((a)<(b))?(a):(b))
 
 
-void host_to_net(uint8_t *num, uint16_t numbytes)
-{
-    union {
-        uint32_t i;
-        uint8_t c[4];
-    } a;
-    a.i = 1;
-
-    if (a.c[0] == 1) {
-        uint32_t i;
-        uint8_t buff[numbytes];
-
-        for (i = 0; i < numbytes; ++i) {
-            buff[i] = num[numbytes - i - 1];
-        }
-
-        memcpy(num, buff, numbytes);
-    }
-}
-#define net_to_host(x, y) host_to_net(x, y)
-
 static void set_friend_status(Messenger *m, int friendnumber, uint8_t status);
 static int write_cryptpacket_id(Messenger *m, int friendnumber, uint8_t packet_id, uint8_t *data, uint32_t length);
 
diff --git a/toxcore/onion_client.c b/toxcore/onion_client.c
index 932ffad7..e50679e5 100644
--- a/toxcore/onion_client.c
+++ b/toxcore/onion_client.c
@@ -341,7 +341,7 @@ static int handle_data_response(void *object, IP_Port source, uint8_t *packet, u
 }
 
 #define FAKEID_DATA_ID 156
-#define FAKEID_DATA_MIN_LENGTH (1 + crypto_box_PUBLICKEYBYTES)
+#define FAKEID_DATA_MIN_LENGTH (1 + sizeof(uint64_t) + crypto_box_PUBLICKEYBYTES)
 #define FAKEID_DATA_MAX_LENGTH (FAKEID_DATA_MIN_LENGTH + sizeof(Node_format)*MAX_SENT_NODES)
 static int handle_fakeid_announce(void *object, uint8_t *source_pubkey, uint8_t *data, uint32_t length)
 {
@@ -361,19 +361,29 @@ static int handle_fakeid_announce(void *object, uint8_t *source_pubkey, uint8_t
     if (friend_num == -1)
         return 1;
 
-    if (memcmp(data + 1, onion_c->friends_list[friend_num].fake_client_id, crypto_box_PUBLICKEYBYTES) != 0) {
+    uint64_t no_replay;
+    net_to_host(data + 1, sizeof(no_replay));
+    memcpy(&no_replay, data + 1, sizeof(uint64_t));
+
+    if (no_replay <= onion_c->friends_list[friend_num].last_noreplay)
+        return 1;
+
+    onion_c->friends_list[friend_num].last_noreplay = no_replay;
+
+    if (memcmp(data + 1 + sizeof(uint64_t), onion_c->friends_list[friend_num].fake_client_id,
+               crypto_box_PUBLICKEYBYTES) != 0) {
         DHT_delfriend(onion_c->dht, onion_c->friends_list[friend_num].fake_client_id);
 
-        if (DHT_addfriend(onion_c->dht, data + 1) == 1) {
+        if (DHT_addfriend(onion_c->dht, data + 1 + sizeof(uint64_t)) == 1) {
             return 1;
         }
 
-        memcpy(onion_c->friends_list[friend_num].fake_client_id, data + 1, crypto_box_PUBLICKEYBYTES);
+        memcpy(onion_c->friends_list[friend_num].fake_client_id, data + 1 + sizeof(uint64_t), crypto_box_PUBLICKEYBYTES);
     }
 
     uint16_t num_nodes = (length - FAKEID_DATA_MIN_LENGTH) / sizeof(Node_format);
     Node_format nodes[num_nodes];
-    memcpy(nodes, data + 1 + crypto_box_PUBLICKEYBYTES, sizeof(nodes));
+    memcpy(nodes, data + 1 + sizeof(uint64_t) + crypto_box_PUBLICKEYBYTES, sizeof(nodes));
     uint32_t i;
 
     for (i = 0; i < num_nodes; ++i) {
@@ -439,7 +449,7 @@ int send_onion_data(Onion_Client *onion_c, int friend_num, uint8_t *data, uint32
     return good;
 }
 
-/* Send the packets to tell our friends
+/* Send the packets to tell our friends what our DHT public key is.
  * return the number of packets sent on success
  * return -1 on failure.
  */
@@ -450,7 +460,10 @@ static int send_fakeid_announce(Onion_Client *onion_c, uint16_t friend_num)
 
     uint8_t data[FAKEID_DATA_MAX_LENGTH];
     data[0] = FAKEID_DATA_ID;
-    memcpy(data + 1, onion_c->dht->self_public_key, crypto_box_PUBLICKEYBYTES);
+    uint64_t no_replay = unix_time();
+    host_to_net((uint8_t *)&no_replay, sizeof(no_replay));
+    memcpy(data + 1, &no_replay, sizeof(no_replay));
+    memcpy(data + 1 + sizeof(uint64_t), onion_c->dht->self_public_key, crypto_box_PUBLICKEYBYTES);
     Node_format nodes[MAX_SENT_NODES];
     uint16_t num_nodes = closelist_nodes(onion_c->dht, nodes, MAX_SENT_NODES);
     memcpy(data + FAKEID_DATA_MIN_LENGTH, nodes, sizeof(Node_format) * num_nodes);
@@ -597,6 +610,9 @@ int onion_set_friend_online(Onion_Client *onion_c, int friend_num, uint8_t is_on
         return -1;
 
     onion_c->friends_list[friend_num].is_online = is_online;
+    /* Should we reset the no_replay when the other goes offline?
+    if (!is_online)
+        onion_c->friends_list[friend_num].last_noreplay = 0; */
     return 0;
 }
 
diff --git a/toxcore/onion_client.h b/toxcore/onion_client.h
index 78587846..56adc9ee 100644
--- a/toxcore/onion_client.h
+++ b/toxcore/onion_client.h
@@ -53,6 +53,8 @@ typedef struct {
     uint8_t temp_secret_key[crypto_box_SECRETKEYBYTES];
 
     uint64_t last_fakeid_sent;
+
+    uint64_t last_noreplay;
 } Onion_Friend;
 
 typedef int (*oniondata_handler_callback)(void *object, uint8_t *source_pubkey, uint8_t *data, uint32_t len);
diff --git a/toxcore/util.c b/toxcore/util.c
index 9af7262f..d56c446e 100644
--- a/toxcore/util.c
+++ b/toxcore/util.c
@@ -65,6 +65,25 @@ uint32_t id_copy(uint8_t *dest, uint8_t *src)
     return CLIENT_ID_SIZE;
 }
 
+void host_to_net(uint8_t *num, uint16_t numbytes)
+{
+    union {
+        uint32_t i;
+        uint8_t c[4];
+    } a;
+    a.i = 1;
+
+    if (a.c[0] == 1) {
+        uint32_t i;
+        uint8_t buff[numbytes];
+
+        for (i = 0; i < numbytes; ++i) {
+            buff[i] = num[numbytes - i - 1];
+        }
+
+        memcpy(num, buff, numbytes);
+    }
+}
 
 /* state load/save */
 int load_state(load_state_callback_func load_state_callback, void *outer,
diff --git a/toxcore/util.h b/toxcore/util.h
index f05a9821..ae364d52 100644
--- a/toxcore/util.h
+++ b/toxcore/util.h
@@ -37,6 +37,8 @@ int is_timeout(uint64_t timestamp, uint64_t timeout);
 bool id_equal(uint8_t *dest, uint8_t *src);
 uint32_t id_copy(uint8_t *dest, uint8_t *src); /* return value is CLIENT_ID_SIZE */
 
+void host_to_net(uint8_t *num, uint16_t numbytes);
+#define net_to_host(x, y) host_to_net(x, y)
 
 /* state load/save */
 typedef int (*load_state_callback_func)(void *outer, uint8_t *data, uint32_t len, uint16_t type);