Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
|
|
|
|
These are implemented in terms of decode/encode CipherText. They do the
exact same thing, since they are both simple length-prefixed byte arrays.
|
|
`new_nonce` has been an alias for `random_nonce` for a while now. Having
two names for the same operation is confusing. `random_nonce` better
expresses the intent. The documentation for `new_nonce` talks about
guaranteeing that the nonce is different from previous ones, which is
incorrect, it's just quite likely to be different.
|
|
This allows for easier development. It is not used on travis (yet).
|
|
Previously, all log messages generated by tox_new (which is quite a lot)
were dropped, because client code had no chance to register a logging
callback, yet. This change allows setting the log callback from the
beginning and removes the ability to unset it.
Since the log callback is forever special, since it can't be stateless,
we don't necessarily need to treat it uniformly (with `event`).
|
|
We disable the ones that fire, so we can use -Werror. We can then
investigate each warning individually and see whether to fix it or to
keep silencing it.
|
|
Compiling as C++ changes nothing semantically, but ensures that we don't
break C++ compatibility while also retaining C compatibility.
C++ compatibility is useful for tooling and additional diagnostics and
analyses.
|
|
We'll maintain it in the c-toxcore repo, where it belongs.
|
|
Cleanups:
- Fix header guards to not use reserved names.
- Avoid name shadowing.
- Removed an unused variable found by avoiding name shadowing.
|
|
OpenCV 3.1 doesn't define cvRound in C, only in C++. Thus, we now need
to compile av_test as C++ code.
|
|
Toxcore itself doesn't use this data structure. Only toxav does, so now
toxav owns the code for it.
|
|
It is still C code, so still compatible with C compilers as well. This
change lets us see more clearly where implicit conversions occur by
making them explicit.
|
|
- All global variables should be static unless they have an explicit
extern declaration in a header file.
- `to_compare` was not used in encryptsave and toxav tests.
- `break` in switch cases is not required directly after `return`,
`goto`, or a noreturn function like `abort`.
|
|
|
|
This reverts commit 21f8db12c45bd56293262cd4abfb73cd9abec821.
It is currently broken. Incoming call callbacks are not invoked, and
instead the client goes offline immediately.
|
|
|
|
|
|
|
|
size_t is unsigned long long on LLP64 and %lu prints unsigned long (32
bit), potentially causing problems.
|
|
In the future, all TODOs added either need a bug number (TODO(#NN)) or a
person's github user name. By default, I made irungentoo the owner of
all toxcore TODOs, mannol the owner of toxav TODOs, and myself the owner
of API TODOs.
|
|
It now enforces a bit more formatting. In particular, padding inside
parentheses is removed. I would like it to remove padding after unary
operators, but there seems to be no option for that.
|
|
|
|
- Any non-externally-visible declarations should be `static`.
- Casting away the `const` qualifier from pointers-to-const is
dangerous. All but one instance of this are now correct. The one
instance where we can't keep `const` is one where toxav code actually
writes to a chunk of memory marked as `const`. This code also assumes
4 byte alignment of data packets. I don't know whether that is a valid
assumption, but it's likely unportable, and *not* obviously correct.
- Replaced empty parameter lists with `(void)` to avoid passing
parameters to it. Empty parameter lists are old style declarations for
unknown number and type of arguments.
- Commented out (as `#if DHT_HARDENING` block) the hardening code that
was never executed.
- Minor style fix: don't use `default` in enum-switches unless the number
of enumerators in the default case is very large. In this case, it was
2, so we want to list them both explicitly to be warned about missing
one if we add one in the future.
- Removed the only two function declarations from nTox.h and put them
into nTox.c. They are not used outside and nTox is not a library.
|
|
- Don't cast between object and function pointers.
- Use standard compliant `__VA_ARGS__` in macros.
- Add explicit `__extension__` on unnamed union in struct (it's a GNU
extension).
- Remove ; after function definitions.
- Replace `const T foo = 3;` for integral types `T` with `enum { foo = 3 };`.
Folding integral constants like that as compile time constants is a GNU
extension. Arrays allocated with `foo` as dimension are VLAs on strictly
compliant C99 compilers.
- Replace empty initialiser list `{}` with zero-initialiser-list `{0}`.
The former is a GNU extension meaning the latter.
- Cast `T*` (where `T != void`) to `void *` in format arguments. While any
object pointer can be implicitly converted to and from `void *`, this
conversion does not happen in variadic function calls.
- Replace arithmetic on `void *` with arithmetic on `char *`. The former
is non-compliant.
- Replace non-`int`-derived types (like `uint16_t`, which is
`short`-derived) in bit fields with `int`-derived types. Using any type
other than `int` or `unsigned int` (or any of their aliases) in bit
fields is a GNU extension.
|
|
Messenger is slightly twisty when it comes to sending connection status
callbacks It will very likely need at the very least a partial refactor to
clean it up a bit. Toxcore shouldn't need void *userdata as deep as is
currently does.
(amend 1) Because of the nature of toxcore connection callbacks, I decided to
change this commit from statelessness for connections changes to statelessness
for friend requests. It's simpler this was and doesn't include doing anything
foolish in the time between commits.
group fixup because grayhatter doesn't want to do it
"arguably correct" is not how you write security sensitive code
Clear a compiler warning about types within a function.
|
|
|
|
http://llvm.org/docs/CodingStandards.html#use-early-exits-and-continue-to-simplify-code
|
|
The former is a non-standard glibc extension. On linux, it is implemented as a
call to sched_yield, so this change does nothing there. On OSX, pthread_yield
doesn't exist, and we already use sched_yield.
|
|
|
|
It was an undefined function before.
|
|
We'll revert this once we move to clang-format.
|
|
|
|
It has not been built in a while. We do want to keep this one working (or at
least compiling).
|
|
This removes the global logger (which by the way was deleted when the first tox
was killed, so other toxes would then stop logging). Various bits of the code
now carry a logger or pass it around. It's a bit less transparent now, but now
there is no need to have a global logger, and clients can decide what to log and
where.
|
|
|
|
See #40 for details.
|
|
|
|
See #27 and #40 for details.
|
|
- This PR also adds a DEBUG cmake option that enables -DTOX_DEBUG.
- We also remove `-Wall`, because there are too many warnings, and nobody really
looks at them at the moment. We'll see about fixing them soon. We'll also want
to enable `-Werror` at some point.
- Finally, this PR enables `-O3` to make sure toxcore still works correctly
under heavy compiler optimisations.
|
|
**What are we doing?**
We are moving towards stateless callbacks. This means that when registering a
callback, you no longer pass a user data pointer. Instead, you pass a user data
pointer to tox_iterate. This pointer is threaded through the code, passed to
each callback. The callback can modify the data pointed at. An extra indirection
will be needed if the pointer itself can change.
**Why?**
Currently, callbacks are registered with a user data pointer. This means the
library has N pointers for N different callbacks. These pointers need to be
managed by the client code. Managing the lifetime of the pointee can be
difficult. In C++, it takes special effort to ensure that the lifetime of user
data extends at least beyond the lifetime of the Tox instance. For other
languages, the situation is much worse. Java and other garbage collected
languages may move objects in memory, so the pointers are not stable. Tox4j goes
through a lot of effort to make the Java/Scala user experience a pleasant one by
keeping a global array of Tox+userdata on the C++ side, and communicating via
protobufs. A Haskell FFI would have to do similarly complex tricks.
Stateless callbacks ensure that a user data pointer only needs to live during a
single function call. This means that the user code (or language runtime) can
move the data around at will, as long as it sets the new location in the
callback.
**How?**
We are doing this change one callback at a time. After each callback, we ensure
that everything still works as expected. This means the toxcore change will
require 15 Pull Requests.
|
|
fix: make increment_nonce & increment_nonce_number independent of user-controlled input
fix: make crypto_core more stable agains null ptr dereference
|
|
|
|
|
|
|
|
|
|
|