Commit graph

332 commits

Author SHA1 Message Date
lilia
b1d370755a Rename AxolotlStore
// FREEBIE
2016-04-21 18:36:17 -07:00
lilia
1fe5d63015 Update protocol libs
Rename storage functions

// FREEBIE
2016-04-21 18:36:16 -07:00
lilia
6a928e3377 Fix reference error in MessageReceiver from fe82e4
Fix a reference error when resolving a key conflict on an incoming end
session message. See Signal-Android/5438.

// FREEBIE
2016-04-18 16:01:46 -07:00
lilia
2d6d2a92b9 Update libaxolotl
// FREEBIE
2016-04-06 17:33:06 -07:00
lilia
af392c077d Update libaxolotl
// FREEBIE
2016-04-03 14:25:30 -07:00
lilia
7e2c6fd6bc Remove unused argument
// FREEBIE
2016-04-01 18:12:38 -07:00
lilia
ddcdc9e2ff Log on prekey messages
// FREEBIE
2016-03-30 17:18:15 -07:00
lilia
960519d296 Add debug logging
// FREEBIE
2016-03-29 12:35:37 -07:00
lilia
2128ee63aa Update libaxolotl
// FREEBIE
2016-03-14 11:28:53 -07:00
lilia
84235ef58e Use forEach instead of loop
// FREEBIE
2016-03-13 14:15:16 -07:00
lilia
c02054d5da Pass ciphertext as ArrayBuffer instead of string
// FREEBIE
2016-03-13 04:56:30 -07:00
lilia
6053fe67ba Use built-in string conversion on protobuf
In lieu of a global helper.

// FREEBIE
2016-03-13 04:56:29 -07:00
lilia
3e0bce2b21 Move, rename, and simplify toArrayBuffer helper
This function is only ever used to convert groupIds from strings to
array buffers in sendmessage.

// FREEBIE
2016-03-13 04:56:28 -07:00
lilia
7dff9ac51b Update libaxolotl
// FREEBIE
2016-03-13 04:56:27 -07:00
lilia
57d64fe669 Fix session corruption due to database races
Prevent races between encrypt and decrypt calls, and other read/write
operations on the session store by serializing session io ops per
device.

Possible fix for #535

// FREEBIE
2016-03-10 18:37:18 -08:00
lilia
5f07c74f1a Add log statement when opening provisioning socket
Make it more obvious via logs which server someone is attempting to
register with (i.e., to disambiguate staging from prod).

// FREEBIE
2016-02-29 05:08:07 -08:00
lilia
2b7cbef8b1 Rename a function
Avoid confusing this operation with actual receipts, which are something
else.

// FREEBIE
2016-02-26 12:41:29 -08:00
lilia
8fdf58971c Add missing semicolons
// FREEBIE
2016-02-24 23:10:17 -08:00
lilia
c3bbdb393f Refactor media uploading step
Move this to its own function which encapsulates the error handling for
it.

// FREEBIE
2016-02-24 23:10:17 -08:00
lilia
44b1a6451d Add validation to Message class
// FREEBIE
2016-02-24 23:10:16 -08:00
lilia
781ada64ca Add libtextsecure support for syncing read messages
Plumbing for sending and receiving a new sync protobuf for marking
messages read on/from my other devices.

// FREEBIE
2016-02-22 17:11:17 -08:00
lilia
010297f4c5 Track groups I've left
// FREEBIE
2016-02-22 17:11:16 -08:00
lilia
7e82d1295c Handle attachment upload errors
Adds a new kind of replayable error that handles retry of pre-encryption
failures, e.g., attachment upload.

Fixes #485

// FREEBIE
2016-02-09 13:21:32 -08:00
lilia
910e37649a Let group messages use new Message class
// FREEBIE
2016-02-08 17:07:49 -08:00
lilia
3bffdd96f5 Add sendMessage to handle sending from Message class
// FREEBIE
2016-02-08 17:07:49 -08:00
lilia
ecdfa09e97 Create a helper class for constructing messages
// FREEBIE
2016-02-08 17:07:48 -08:00
lilia
b73a3aea80 Fix syntax error
// FREEBIE
2016-02-08 15:58:06 -08:00
lilia
cee2b3163a Add missing bind in messageReceiver
// FREEBIE
2016-02-08 15:49:34 -08:00
lilia
7dcad67410 Fix handleSentMessage
Missing a bind in 27fe7e3.

// FREEBIE
2016-02-05 11:11:34 -08:00
lilia
d4760452d1 Add signal agent to server requests
// FREEBIE
2016-02-04 14:13:04 -08:00
lilia
27fe7e355e Process end session flags in sync messages
Because remote clients will delete all sessions in response to an end
session message, regardless of which device it came from, when our
linked device sends an end session message, we must also end all
sessions with the destination.

This change moves the end session flag processing to processDecrypted,
which is shared between handlers of sent messages, data messages, and
messages which are re-tried after resolving identity conflicts.

// FREEBIE
2016-02-04 11:25:53 -08:00
lilia
fe82e469f2 Make end session consistent with android
Close all the sessions for a number when receiving an end session
message.

// FREEBIE
2016-02-03 17:56:24 -08:00
lilia
86132a38a8 Log envelopes and session end events
Help debug bad session errors by logging some envelope info about the
message we are about to decrypt. With this, if there is a decryption
error (e.g., bad mac or no session) it is clear from the logs what
number and device message sent the bad message.

Also log when we send and receive end session messages and when we close
sessions for certain devices.

// FREEBIE
2016-02-02 16:16:42 -08:00
lilia
a9cba1471a Update our own key on re-install
Previously we would delete our own key from the trust store when
re-linking, in case it changed. We can also immediately take one step
further and store the new key. Typically this happens in the course of
requesting sync info from the master device, except in the case of
standalone clients.

Closes #596

// FREEBIE
2016-01-21 19:25:55 -08:00
lilia
30aa13079f Fix sync request argument check
Fixes #609

// FREEBIE
2016-01-15 01:40:40 -08:00
lilia
d6da77b6f4 Throw exception on bad args to SyncRequest
// FREEBIE
2016-01-14 15:57:38 -08:00
lilia
1b68e652cc Fire group sync completion event despite errors
Sometimes an error is thrown while processing groups from a group sync
message. We still want to fire the groupsync event when we're done
handling all the data, even if some of it was bad.
2016-01-14 15:44:44 -08:00
lilia
75b2c9c5de Fix crash when removing a listener
// FREEBIE
2016-01-14 15:44:43 -08:00
lilia
f7c4fd2fed DRY up event target implementations
Dedupe event target code and make it extensible.

// FREEBIE
2016-01-14 15:44:42 -08:00
lilia
925c1bdb33 Add SyncRequest class
Similar in function to an xhr request, a textsecure.SyncRequest object
is initialized from a message sender and receiver pair and initiates a
request for sync from the master device. It later fires a success event
when both contacts and groups are done syncing, or a timeout event after
one minute.

// FREEBIE
2016-01-14 15:44:42 -08:00
Karel Bilek
d8381cfc47 Dispatch an event after processing a group sync
Related #521
2016-01-14 11:18:21 -08:00
lilia
96520e9fd4 Move envelope decode before ack
We should not ack envelope protobufs that fail to decode correctly. If
the server happens to send us such a thing it probably indicates a
protocol mismatch between it and the client, in which case the client
needs to update and re-receive the failed message.

// FREEBIE
2016-01-11 12:14:42 -08:00
lilia
44824df6cb Refactor for clarity
// FREEBIE
2016-01-11 11:00:44 -08:00
Matt Corallo
dac084b604 Send message ACKs immediately after recv, instead of after process 2016-01-11 10:55:53 -08:00
lilia
3d55f2c125 Update libtextsecure
Recompile missed in 093eb00

// FREEBIE
2015-12-25 16:52:47 -08:00
lilia
d95f869d62 More logging
// FREEBIE
2015-12-17 16:42:54 -08:00
lilia
d201c65f7c More verbose logging in message receiver
// FREEBIE
2015-12-17 16:36:13 -08:00
lilia
bc576e18d5 Fix no delivery receipts on close session messages
// FREEBIE
2015-12-11 12:06:45 -08:00
lilia
9031b4c10c Update libaxolotl
Fixes #477

// FREEBIE
2015-12-08 10:51:52 -08:00
lilia
ea980b4385 Don't surface invalid attachment urls to the user
Log them, but don't put display them in user-facing error ui.

// FREEBIE
2015-12-07 16:52:45 -08:00
lilia
7b1268e5f7 Log incoming invalid attachment urls also
Same as previous commit but for incoming.

// FREEBIE
2015-12-07 16:43:59 -08:00
lilia
fe7505c050 Log invalid attachment urls
// FREEBIE
2015-12-07 16:07:10 -08:00
lilia
9c59dfda93 Remove duplicate case statement
This line was never being hit due to the duplicate one above (#L166).
Peeking at the server code shows that 403 is only given in response to
registration attempts, where it does in fact indicate an invalid code.

// FREEBIE
2015-12-05 11:07:31 -08:00
lilia
2f469835d9 Handle group quit sync messages
Previously, we would incorrectly reject group updates originating from a
linked device instructing us to remove ourselves from the group.

// FREEBIE
2015-12-04 11:25:19 -08:00
lilia
edcb28aebb Don't save a MessageCounterError
Fixes #446

// FREEBIE
2015-12-04 11:20:12 -08:00
lilia
b00d5289cf Save message timestamp for resending
Fix bug where resending due to failed network connection would fail
silently.

Broken in 7b6820 refactor which changed arguments to transmitMessage

// FREEBIE
2015-11-29 18:02:37 -08:00
lilia
e9949152bb Always return a promise from sendSyncMessage
// FREEBIE
2015-11-27 22:26:56 -08:00
lilia
acae4afce3 Handle invalid responses better
Depending on the response code, returning an HTTPError here will let us
retry later, if appropriate.

// FREEBIE
2015-11-27 22:26:56 -08:00
lilia
52b039a900 Remove unused function
This is now used only internally in libaxolotl, which provides its own
definition.

// FREEBIE
2015-11-27 14:40:20 -08:00
lilia
6445581594 Update libaxolotl
isEqual added to internal helper module

// FREEBIE
2015-11-27 14:40:19 -08:00
lilia
63cd3b2788 Use constant time mac comparison
In libtextsecure and in libaxolotl.

// FREEBIE
2015-11-27 14:40:17 -08:00
lilia
61439a886f Validate json responses
Perform lightweight validation on json responses from the server. Ensure
that the attributes we depend on have the right type.

// FREEBIE
2015-11-25 12:16:36 -08:00
lilia
b0d4370c2c Remove unused variable
// FREEBIE
2015-11-25 11:42:16 -08:00
lilia
07702c4ee5 Let the application layer send sync messages
Previously, libtextsecure would send a sync message automatically
when appropriate. This fails if any recipient has a key conflict
or if our network connection fails mid-send.

Instead, when appropriate, return a the DataMessage encoded as an array
buffer for later syncing. This lets the application choose when to send
it, which we now do after any successful send to a recipient, rather
than after all recipients are successfully sent to.

Eventually we should move the DataMessage protobuf construction and
group sending logic to the application layer entirely, in which case
we wouldn't need libtextsecure to construct the sync message either.

Fixes #408
2015-11-24 17:11:03 -08:00
lilia
5c37c3d6ce Change return type from sending messages
Pass the whole result from the outgoing message callback on to the
caller, and preserve the names of the members.

// FREEBIE
2015-11-24 17:05:25 -08:00
lilia
7b6820d2ac Refactor messageSender/OutgoingMessage
Move encrypt and transmit to OutgoingMessage
Restore per-number queueing to messageSender

// FREEBIE
2015-11-24 17:05:24 -08:00
lilia
adf8445b85 Populate registrationIds on deviceObjects
Saves us from doing so later.

// FREEBIE
2015-11-24 17:05:23 -08:00
lilia
cf85c5e25e Fix key conflict with self after master device re-install
Fix bug where re-installing would cause sync messages to fail and
produce unresolvable error indicators on messages that were actually
sent.

// FREEBIE
2015-11-24 16:20:07 -08:00
lilia
4cc6b1ff9a Validate attachment urls
// FREEBIE
2015-11-24 16:20:07 -08:00
lilia
f006bd9ddc Update libaxolotl
Removes webcrypto, fixes padding calc

// FREEBIE
2015-11-23 16:13:32 -08:00
lilia
641a7dbc6d Update libaxolotl
encryptMessageFor now requires an array buffer instead of a protobuf.

By converting the message to an array buffer outside the Promise.all, we
avoid allocating a new copy for each device.

// FREEBIE
2015-11-17 16:58:31 -08:00
codedust
5e255e9df0 Remove 'Textsecure' from error message in api.js 2015-11-13 16:07:49 -08:00
lilia
70bde5f4fa Update libaxolotl
// FREEBIE
2015-11-13 14:01:19 -08:00
lilia
596188a630 Fix protocol version check
Fixes #392

// FREEBIE
2015-11-09 16:59:53 -08:00
lilia
847fa43520 Save group members when creating groups from non-updates
Follow up to b0da4910. When inferring membership of the sender in an
unknown group, remember to save and return the group members.

Generally, this should only effect standalone clients unless someone
managed to clear their groups db table, since linked clients get group
info synced at registration.

// FREEBIE
2015-11-06 19:09:03 -08:00
lilia
a3d29a92bb Reject messages sent to groups with no members
If you're the last member of the group, it doesn't make sense to send
messages to it. Previously, we would wait forever for a callback,
causing a stuck pending state indicator.

// FREEBIE
2015-11-06 18:51:18 -08:00
lilia
675be2b569 Don't reconnect if close was called
Fixes a bug during re-registration where we continue to re-open
the socket using old credentials.

// FREEBIE
2015-11-05 13:04:29 -08:00
lilia
f863616785 Remove api TODO comments
// FREEBIE
2015-11-04 13:52:48 -08:00
lilia
80d32103d1 Clear session store when re-registering
When we re-register, our deviceId might change, which makes our sessions
are no longer valid since the recipient will see us as a new device.

Fixes #388
2015-11-04 13:52:47 -08:00
lilia
a52d35bb1b Refactor and fixup key requests
Fix a bad loop scope bug in getKeysForNumber by using forEach.
Refactor the initial process of establishing key material for devices
that do not have open sessions.

// FREEBIE
2015-11-03 16:22:26 -08:00
lilia
b18cfd75de Check for device keys in memory before requesting more
// FREEBIE
2015-11-02 14:07:52 -08:00
lilia
2b9d039837 Serialize requests for keys
Fixes #383

// FREEBIE
2015-11-02 14:07:51 -08:00
lilia
a644b7a674 Update libaxolotl
// FREEBIE
2015-10-28 16:53:09 -07:00
lilia
1065502770 Change key conflict error message
Include the contact's number in the message for more helpful debug log
output.

// FREEBIE
2015-10-28 13:46:03 -07:00
lilia
f8fd613669 Update libaxolotl
// FREEBIE
2015-10-27 14:00:41 -07:00
lilia
ac7c95fed0 Validate argument lengths in crypto.js
These functions accept an array buffer and extract an AES and MAC key
from it without verifying it has the appropriate length. Ciphertext
messages are similarly dissected. The slice function does not raise an
error on out of bounds accesses but instead returns an empty or
partially-filled array. Empty or short arrays will be passed through to
the window.crypto.subtle API, where they will raise an error. We should
not rely on the Web Crypto API to validate key lengths or for MAC checks
to fail. Instead, validate the lengths of given parameters before
extracting their components.

// FREEBIE
2015-10-27 13:58:23 -07:00
lilia
ec6898f1ab Process incoming messages in order
This may increase processing latency a bit, particularly with large
attachments, but will ensure that messages are dispatched in the order
they are received.

It would be nice to enforce ordering on only the dispatch step, so that
we could, for example, decrypt the next websocket message while waiting
for an attachment to download, but that will require a more complicated
refactor. Will stick with the quick fix for now and revisit later.

Fixes #342

// FREEBIE
2015-10-26 14:18:24 -07:00
lilia
9b12d8a978 Reconnect provisioning socket
If the provisioning socket closes, reconnect and generate a new qr code.
Fixes #371

// FREEBIE
2015-10-23 18:33:07 -07:00
lilia
01e85b68ef Handle exceptions when fetching keys for devices
It's rare that we get in a state where we have a device record without a
session, but we should handle errors gracefully in that case. Catch them
and register them, except for identity key errors which are registered
in handleResult.

// FREEBIE

fixup error handling // FREEBIE
2015-10-23 15:53:20 -07:00
lilia
12276e691b Refactor contents of sendMessageProto
This function dynamically declares a bunch of functions which bind to
its input arguments. Instead, use a new prototypal class to define
these functions within the context of a particular message.

// FREEBIE
2015-10-23 15:53:20 -07:00
lilia
a2c7ac0df9 Serialize message sending per-recipient
Add a pendingMessages object to MessageSender. This object holds
one promise per recipient number. We init this promise with
Promise.resolve(), and chain on promises for message sending, replacing
the previous promise with the newly chained promise each time. If the
current promise resolves and finds that it is still the last promise
in the chain, it removes itself.
2015-10-23 15:53:19 -07:00
lilia
9be5efc571 Simplify keepalive resets
Websocket resources should have their keepalive timers reset whenever a
message comes in. This is a nicety that slightly reduces the amount of
traffic we send when actively messaging.

Previously this was handled by MessageReceiver, but it's a bit cleaner
to just have the WebsocketResource add an extra 'message' event handler.

// FREEBIE
2015-10-23 15:44:03 -07:00
lilia
81ebc5ffd7 Improve stack traces on HTTPErrors
Save stack even earlier, outside the promise.

// FREEBIE
2015-10-11 12:12:11 -07:00
lilia
c062fe3060 Automatically retry failed http requests
If we failed to reach the server, wait a second and try again up to 3
times.

// FREEBIE
2015-10-10 19:07:00 -07:00
lilia
816a206892 Refactor sendMessageToDevices
Split into separate encrypt and transmit functions. Let the encryption
function also handle all wire formatting (ie, jsonification and base64
encoding), which simplifes TextSecureServer.sendMessages, removes a
TODO, and lets us save fewer params to make network errors replayable.

// FREEBIE
2015-10-10 16:36:30 -07:00
lilia
e9bc39bc56 Add parens and line breaks
// FREEBIE
2015-10-10 15:12:06 -07:00
lilia
0ff38e41c2 Let keepalive listen to socket events
Wait until the socket connects before starting the keepalive timer.
Automatically stop the keepalive when the socket is closed.

// FREEBIE
2015-10-05 15:05:24 -07:00
lilia
1345899253 Use reject instead of throw
This ensures that the containing promise is rejected without triggering
the side effects of an uncaught exception, such as causing the debugger
to pause.

// FREEBIE
2015-10-03 23:19:53 -07:00
lilia
a32f3ff1f6 More work on replayable errors
Expose a button that does that retries outgoing messages if possible.

// FREEBIE
2015-10-02 18:31:07 -07:00
lilia
5bf608598c Fix MessageSender prototype
// FREEBIE
2015-10-02 15:02:25 -07:00