Age | Commit message (Collapse) | Author |
|
|
|
Presumably the uses of `rand()` were fine because they were not used in
security-sensitive places, but having to think about whether a crappy RNG
is acceptable in each situation requires effort that could better be
spent elsewhere.
Also, this means that once we have a custom deterministic RNG for
testing, that RNG is used everywhere, so all the code is deterministic.
It also allowed us to delete a system-specific function that wasn't used
anywhere except in a call to `srand()`.
|
|
* test names in conference_test
* raise error on attempt to invite friend to group before we are connected
* revise handling of temporary invited connections
We are now careful not to prematurely delete a connection to a peer
established during the invitation process; namely, before we have sufficient
other connections and have confirmed that we have an alternative route to the
peer.
* process out-of-order messages from a peer
* don't reset names when handling a Peer Response
|
|
This almost entirely avoids any else-after-return in toxcore. One case is
left, and that one is more readable this way.
Why no else after return: https://llvm.org/docs/CodingStandards.html#don-t-use-else-after-a-return
Why exemptions exist: https://blog.mozilla.org/nnethercote/2009/08/31/no-else-after-return-considered-harmful/
|
|
Also moved some macros up to the beginning of `group.c`. This change
brings us closer to the PGC PR.
|
|
These are useful once we have persistent group chats, so clients can
store data associated with this permanent group identifier.
|
|
By changing numchats from uint32_t to uint16_t. This is done in PGC. This
PR is making that change in master to reduce the diff in the PGC branch.
Also:
* Inverted groupnumber_not_valid and renamed to is_groupnumber_valid.
* Renamed realloc_groupchats to realloc_conferences and made it return bool.
* Added setup_conference function that currently just zeroes the
conference structure but later will initialise more values.
* Made some `i` iterator variables local to the for-loop using
for-init-decl. This is also done in PGC.
|
|
Also some other cleanups. This PR means that future PRs, i.e. the PGC PR,
must not break the rules established here.
|
|
It turns out, `unix_time` is also monotonic, and is used as such, so I've
renamed the new functions to `mono_time_*`.
2018-07-08:
```
00:01 <@irungentoo> the idea used to be that the unix_time() function
could go backward in time but I think I might have started using it like
if it could not after I changed it so that it would never go back in time
```
|
|
We used to pass the actual peer numbers of peers leaving, but we no
longer know these in the PGC world, so we don't pass them anymore.
|
|
|
|
|
|
Fixes #768
|
|
We can now revert the changes to the callbacks and keep supporting them
until clients have moved off them.
|
|
fixes #606
|
|
|
|
The logic and behaviour remain the same, but PEER_EXIT and PEER_JOIN are
merged into LIST_CHANGED. This allows clients to take a first step to
adapt to the API change without us having to actually submit the full
change, yet.
|
|
This reverts commit e16d3894c5979fcfe1c57bf7dadc455ce690baf9 and
commit c5976e37eaadf663dc3d0c18376ea023355048f3.
|
|
This changes only code, no string literals or comments.
|
|
Turning this code:
```c
if (cond) { ... return 0; }
if (!cond) { ... return 0; }
return -1;
```
into:
```c
if (cond) { ... return 0; }
else { ... return 0; }
```
The `return -1` in the first variant can never happen.
|
|
|
|
|
|
|
|
|
|
Also replace &(x) with &x for consistency.
|
|
|
|
This requires that every symbol, even if static (file-scope), is unique.
The idea is that we can easily run "whole" program static analysis on
programs that include monolith.h ("whole" is in quotes, as we don't
include dependencies like libsodium in this static analysis).
|
|
socket -> net_socket
htons -> net_htons
htonl -> net_htonl
connect -> net_connect
sendto -> net_sendto_ip4
getaddrinfo -> net_getipport
sa_family_t -> Family
|
|
|
|
"All rights reserved" was incorrect. The project was licensed under GPL3,
which means a lot of rights are licensed to everybody in the world, i.e.
not reserved to the "Tox Project".
|
|
|
|
This is to allow new group chats to coexist with old group chats. We do
not rename everything in group.[ch] to conference, yet, because it's not
currently necessary, and a general internal API overhaul is due at some
point anyway.
|
|
It is still C code, so still compatible with C compilers as well. This
change lets us see more clearly where implicit conversions occur by
making them explicit.
|
|
|
|
The public one already does this, and the internal one actually assigns
`uint32_t`s.
|
|
|
|
|
|
In the future, all TODOs added either need a bug number (TODO(#NN)) or a
person's github user name. By default, I made irungentoo the owner of
all toxcore TODOs, mannol the owner of toxav TODOs, and myself the owner
of API TODOs.
|
|
1. Current module (if C file).
2. Headers from current library.
3. Headers from other library (e.g. toxcore includes in toxav).
4. System headers.
|
|
|
|
- Any non-externally-visible declarations should be `static`.
- Casting away the `const` qualifier from pointers-to-const is
dangerous. All but one instance of this are now correct. The one
instance where we can't keep `const` is one where toxav code actually
writes to a chunk of memory marked as `const`. This code also assumes
4 byte alignment of data packets. I don't know whether that is a valid
assumption, but it's likely unportable, and *not* obviously correct.
- Replaced empty parameter lists with `(void)` to avoid passing
parameters to it. Empty parameter lists are old style declarations for
unknown number and type of arguments.
- Commented out (as `#if DHT_HARDENING` block) the hardening code that
was never executed.
- Minor style fix: don't use `default` in enum-switches unless the number
of enumerators in the default case is very large. In this case, it was
2, so we want to list them both explicitly to be warned about missing
one if we add one in the future.
- Removed the only two function declarations from nTox.h and put them
into nTox.c. They are not used outside and nTox is not a library.
|
|
Messenger is slightly twisty when it comes to sending connection status
callbacks It will very likely need at the very least a partial refactor to
clean it up a bit. Toxcore shouldn't need void *userdata as deep as is
currently does.
(amend 1) Because of the nature of toxcore connection callbacks, I decided to
change this commit from statelessness for connections changes to statelessness
for friend requests. It's simpler this was and doesn't include doing anything
foolish in the time between commits.
group fixup because grayhatter doesn't want to do it
"arguably correct" is not how you write security sensitive code
Clear a compiler warning about types within a function.
|
|
http://llvm.org/docs/CodingStandards.html#use-early-exits-and-continue-to-simplify-code
|
|
|
|
See #27 and #40 for details.
|
|
|
|
fix: make increment_nonce & increment_nonce_number independent of user-controlled input
fix: make crypto_core more stable agains null ptr dereference
|
|
|
|
|
|
Friend number changed from int32_t to uint32_t.
Some lengths changed to size_t.
|