From 97f449a2f1aa3e4fbe7f2d853efa0c7935ded967 Mon Sep 17 00:00:00 2001 From: irungentoo Date: Tue, 13 Aug 2013 09:32:31 -0400 Subject: Fixed spam problem. (I broke the API so this will not build) The friend address is what the byte string that you give away for people to add you will be called. 1. Every friend address now contains a number set by the friend. This is to prevent someone from randomly spamming people in the DHT with friend requests and makes it so you need the person to actually give you the address in some way to send the friend request. This number is expected to be encrypted with the friend request. All requests that do not contain this number will be rejected. This means the spammer can no longer use the DHT to collect lists of valid addresses to spam. It also enables users to quickly change the number in case a spammer gets hold of the address and starts spamming it. 2. A 2 byte checksum will be added (not implemented yet) to prevent people from accidentally adding random strings as friends. (NOTE that this has nothing to do with the spam problem I just decided to add a placeholder for it now.) --- core/Messenger.h | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) (limited to 'core/Messenger.h') diff --git a/core/Messenger.h b/core/Messenger.h index aa9611a4..48e14cf7 100644 --- a/core/Messenger.h +++ b/core/Messenger.h @@ -38,6 +38,8 @@ extern "C" { #define MAX_NAME_LENGTH 128 #define MAX_STATUSMESSAGE_LENGTH 128 +#define FRIEND_ADDRESS_SIZE (crypto_box_PUBLICKEYBYTES + sizeof(uint32_t) + sizeof(uint16_t)) + #define PACKET_ID_NICKNAME 48 #define PACKET_ID_STATUSMESSAGE 49 #define PACKET_ID_USERSTATUS 50 @@ -89,6 +91,7 @@ typedef struct { uint16_t info_size; /* length of the info */ uint32_t message_id; /* a semi-unique id used in read receipts */ uint8_t receives_read_receipts; /* shall we send read receipts to this person? */ + uint32_t friendrequest_nospam; /*The nospam number used in the friend request*/ } Friend; typedef struct Messenger { @@ -133,10 +136,18 @@ typedef struct Messenger { } Messenger; +/* + * returns a FRIEND_ADDRESS_SIZE byte address to give to others. + * format: [client_id (32 bytes)][nospam number (4 bytes)][checksum (2 bytes)] + * + * TODO: add checksum. + */ +void getaddress(Messenger *m, uint8_t *address); + /* * add a friend * set the data that will be sent along with friend request - * client_id is the client id of the friend + * address is the address of the friend (returned by getaddress) it must be FRIEND_ADDRESS_SIZE bytes. TODO: add checksum. * data is the data and length is the length * returns the friend number if success * return -1 if message length is too long @@ -145,7 +156,7 @@ typedef struct Messenger { * return -4 if friend request already sent or already a friend * return -5 for unknown error */ -int m_addfriend(Messenger *m, uint8_t *client_id, uint8_t *data, uint16_t length); +int m_addfriend(Messenger *m, uint8_t *address, uint8_t *data, uint16_t length); /* add a friend without sending a friendrequest. -- cgit v1.2.3