Commit graph

125 commits

Author SHA1 Message Date
lilia
7e82d1295c Handle attachment upload errors
Adds a new kind of replayable error that handles retry of pre-encryption
failures, e.g., attachment upload.

Fixes #485

// FREEBIE
2016-02-09 13:21:32 -08:00
lilia
910e37649a Let group messages use new Message class
// FREEBIE
2016-02-08 17:07:49 -08:00
lilia
3bffdd96f5 Add sendMessage to handle sending from Message class
// FREEBIE
2016-02-08 17:07:49 -08:00
lilia
ecdfa09e97 Create a helper class for constructing messages
// FREEBIE
2016-02-08 17:07:48 -08:00
lilia
86132a38a8 Log envelopes and session end events
Help debug bad session errors by logging some envelope info about the
message we are about to decrypt. With this, if there is a decryption
error (e.g., bad mac or no session) it is clear from the logs what
number and device message sent the bad message.

Also log when we send and receive end session messages and when we close
sessions for certain devices.

// FREEBIE
2016-02-02 16:16:42 -08:00
lilia
bc576e18d5 Fix no delivery receipts on close session messages
// FREEBIE
2015-12-11 12:06:45 -08:00
lilia
e9949152bb Always return a promise from sendSyncMessage
// FREEBIE
2015-11-27 22:26:56 -08:00
lilia
07702c4ee5 Let the application layer send sync messages
Previously, libtextsecure would send a sync message automatically
when appropriate. This fails if any recipient has a key conflict
or if our network connection fails mid-send.

Instead, when appropriate, return a the DataMessage encoded as an array
buffer for later syncing. This lets the application choose when to send
it, which we now do after any successful send to a recipient, rather
than after all recipients are successfully sent to.

Eventually we should move the DataMessage protobuf construction and
group sending logic to the application layer entirely, in which case
we wouldn't need libtextsecure to construct the sync message either.

Fixes #408
2015-11-24 17:11:03 -08:00
lilia
5c37c3d6ce Change return type from sending messages
Pass the whole result from the outgoing message callback on to the
caller, and preserve the names of the members.

// FREEBIE
2015-11-24 17:05:25 -08:00
lilia
7b6820d2ac Refactor messageSender/OutgoingMessage
Move encrypt and transmit to OutgoingMessage
Restore per-number queueing to messageSender

// FREEBIE
2015-11-24 17:05:24 -08:00
lilia
4cc6b1ff9a Validate attachment urls
// FREEBIE
2015-11-24 16:20:07 -08:00
lilia
641a7dbc6d Update libaxolotl
encryptMessageFor now requires an array buffer instead of a protobuf.

By converting the message to an array buffer outside the Promise.all, we
avoid allocating a new copy for each device.

// FREEBIE
2015-11-17 16:58:31 -08:00
lilia
a3d29a92bb Reject messages sent to groups with no members
If you're the last member of the group, it doesn't make sense to send
messages to it. Previously, we would wait forever for a callback,
causing a stuck pending state indicator.

// FREEBIE
2015-11-06 18:51:18 -08:00
lilia
12276e691b Refactor contents of sendMessageProto
This function dynamically declares a bunch of functions which bind to
its input arguments. Instead, use a new prototypal class to define
these functions within the context of a particular message.

// FREEBIE
2015-10-23 15:53:20 -07:00
lilia
a2c7ac0df9 Serialize message sending per-recipient
Add a pendingMessages object to MessageSender. This object holds
one promise per recipient number. We init this promise with
Promise.resolve(), and chain on promises for message sending, replacing
the previous promise with the newly chained promise each time. If the
current promise resolves and finds that it is still the last promise
in the chain, it removes itself.
2015-10-23 15:53:19 -07:00
lilia
816a206892 Refactor sendMessageToDevices
Split into separate encrypt and transmit functions. Let the encryption
function also handle all wire formatting (ie, jsonification and base64
encoding), which simplifes TextSecureServer.sendMessages, removes a
TODO, and lets us save fewer params to make network errors replayable.

// FREEBIE
2015-10-10 16:36:30 -07:00
lilia
a32f3ff1f6 More work on replayable errors
Expose a button that does that retries outgoing messages if possible.

// FREEBIE
2015-10-02 18:31:07 -07:00
lilia
5bf608598c Fix MessageSender prototype
// FREEBIE
2015-10-02 15:02:25 -07:00
lilia
978b3d1a98 DRY up tryMessageAgain
// FREEBIE
2015-10-01 18:43:20 -07:00
lilia
fbb65d1988 Add replayable network errors
Support for manual message retry.

// FREEBIE
2015-10-01 18:43:20 -07:00
lilia
bc03bdbfc4 Move tryMessageAgain to MessageReceiver
`tryMessageAgain` is the routine called when re-trying a message that
failed to decrypt due to an IncomingIdentityKeyError. This handling
needs to move to MessageReceiver because it depends on
`processDecrypted` to handle incoming message protos, which depends
on a server instance in order to download attachments.

// FREEBIE
2015-10-01 18:43:19 -07:00
lilia
0fc673f25f Refactor sendmessage for prototypality
// FREEBIE
2015-10-01 18:43:18 -07:00
lilia
a8f4bac2f7 Let makeAttachmentPointer resolve falsey arguments
Internalizing this pattern to the makeAttachmentPointer function lets us
DRY it up throughout the file.

// FREEBIE
2015-10-01 18:33:50 -07:00
lilia
9e9d767a30 Add MessageSender
textsecure.MessageSender takes server url and credentials and returns
a message sending interface configured for that server.

Used a wrapper function to insert a TextSecureServer instance into
sendmessage.js code at runtime. This will result in function duplication
between different MessageSender objects, pending further refactoring to
use prototypal inheritence.

// FREEBIE
2015-10-01 18:33:48 -07:00
lilia
04c5f83485 Un-nest libtextsecure errors
Fix inconsistency in error format, where we sometimes get an unexpected
Error object and sometimes get a wrapper object containing an Error.

Also start saving network errors.

// FREEBIE
2015-09-30 12:44:11 -07:00
lilia
1879e73c76 Allow one more retry if we get a 409
Handle cases where we get a 409 (missing/extra devices), handle it, then
get a 410 (stale devices by registration id).

// FREEBIE
2015-09-28 14:10:50 -07:00
lilia
6123c419d0 Remove refreshGroup
1. This is nonstandard behavior, not supported by any other clients. It
   may help sometimes but will also cause bugs (see 2)

2. iOS doesn't handle group updates with missing fields. all fields must
   be populated, and libtextsecure doesn't have any knowledge of the group
   name or avatar, so these updates will clobber group state on iOS.

// FREEBIE
2015-09-23 16:45:09 -07:00
lilia
94e1c2d123 Remove check for .humanError property
This property is no longer used by any of our errors.

// FREEBIE
2015-09-23 16:45:09 -07:00
lilia
6547538458 Use foreach instead of a loop
This syntax makes plain that the function is not used anywhere else,
and increases linearity/readability.

// FREEBIE
2015-09-23 16:45:08 -07:00
lilia
acaf7b8de2 Refactor relay consistency check
Check the device list for relay consitency and throw an exception before
attempting to encrypt to any of the mismatched devices.

// FREEBIE
2015-09-23 16:45:08 -07:00
lilia
bafc61600c Refactor sendMessageToDevices
Leverage map and Promise.all for more concise and linear code flow.
2015-09-23 16:45:07 -07:00
lilia
1d370857fc Remove unused callback arguments
Unused since d0fd3e94 afaict.

// FREEBIE
2015-09-23 16:07:21 -07:00
lilia
f764445c86 Remove erroneous license file and headers
We only use GPLV3 around here.

// FREEBIE
2015-09-07 14:58:42 -07:00
lilia
4f1ce4c493 Assume unknown recipients are single-device
Start by requesting keys for only the master device, then handle 410 as
needed. Single-device users are the more common case and this strategy
lets us avoid requesting/expending one of our own device keys when
establishing a session with sibling devices.

// FREEBIE
2015-08-05 16:06:28 -07:00
lilia
c05be725b3 Move makeAttachmentPointer
Clean up unnecessary pre-declaration of `var makeAttachmentPointer`.
2015-07-21 16:00:16 -07:00
lilia
67f25214d3 Refactor outgoing identity key conflict handling
saveKeysToDeviceObject is the detector of outgoing identity key errors.
Catch these key errors closer to the source by pulling the
getKeysForNumber into the context of sendMessageToDevices, which lets
it access registerError and the message protobuf.

Previously identity key errors would be uncaught if all existing
sessions with a recipient were closed/deleted, since we would
preemptively fetch the new identity key. The old error handling only
kicked in after a 409/410 response from the server when posting a
message encrypted for a stale session.

// FREEBIE
2015-07-21 16:00:09 -07:00
lilia
4e88d4a5cf Add missing semicolons 2015-07-20 16:13:50 -07:00
lilia
c28b5408ab Plumb keys into outgoing conflicts 2015-07-20 16:13:17 -07:00
lilia
a3ae3cab79 Use Promise.reject for simplicity
The following are equivalent, except that the first is longer and
invokes an extra function call.

```
return new Promise(function(resolve, reject) {
  reject(new Error("Unknown Group"));
});

return Promise.reject(new Error("Unknown Group"));
```
2015-07-14 13:39:36 -07:00
lilia
3711e0a6cd Convert throwHumanError to custom error type
Now with 200% more helpful stack traces.

// FREEBIE
2015-07-13 13:03:41 -07:00
lilia
8745424d3a Fix outgoing identity key conflict handling
// FREEBIE
2015-07-06 15:11:35 -07:00
lilia
5925c2fe84 Support for group sync
Protocol and handling is all analogous to contact sync: Multiple
GroupDetails structs are packed into a single attachment blob and parsed
on our end. We don't display the synced groups in the conversation list
until a new message is sent to one of them.

// FREEBIE
2015-06-25 13:24:32 -07:00
lilia
2f935dfd5e Add contact sync request protocol 2015-06-25 13:24:31 -07:00
lilia
228ffe901d Update json formatting for legacy message requests
Legacy DataMessages are sent using the `body` field, new Content
messages are sent using the `content` field.

// FREEBIE
2015-06-17 12:29:39 -07:00
lilia
a833d62a71 Implement sync protocol changes
Update protobuf definitions and refactor message receive and decrypt
codepath to support new protocol, including various flavors of sync
messages (sent messages, contacts, and groups).

Also cleans up background.js and lets libtextsecure internalize
textsecure.processDecrypted and ensure that it is called before handing
DataMessages off to the application.

The Envelope structure now has a generic content field and a
legacyMessage field for backwards compatibility. We'll send outgoing
messages as legacy messages, and sync messages as "content" while
continuing to support both legacy and non-legacy messages on the receive
side until old clients have a chance to transition.
2015-06-17 12:29:39 -07:00
lilia
a9549e2e0f Fix 410 handling
We need to close the existing session with an old registrationId.
2015-06-04 16:48:10 -07:00
lilia
7d08e1132d Fix close session 2015-06-04 14:48:59 -07:00
lilia
090cc84452 Do not include destination on group sync messages 2015-05-18 14:40:27 -07:00
lilia
748f32022a Fix up refreshGroup 2015-05-06 13:49:20 -07:00
lilia
f774047935 Make libtextsecure group storage asynchronous 2015-05-06 13:11:12 -07:00
lilia
9de1572ba6 Convert all storage.devices methods to be asynchronous 2015-05-05 17:44:57 -07:00
lilia
666f6baaca Async getSessionsForNumber 2015-05-05 17:44:56 -07:00
lilia
9e7d8c0a08 Rename textsecure.api and make it internal-only 2015-05-05 17:44:56 -07:00
lilia
96eafc7750 Integrate libaxolotl async storage changes
* Session records are now opaque strings, so treat them that way:
  - no more cross checking identity key and session records
  - Move hasOpenSession to axolotl wrapper
  - Remote registration ids must be fetched async'ly via protocol wrapper
* Implement async AxolotlStore using textsecure.storage
* Add some db stores and move prekeys and signed keys to indexeddb
* Add storage tests
* Rename identityKey storage key from libaxolotl25519KeyidentityKey to
  simply identityKey, since it's no longer hardcoded in libaxolotl
* Rework registration and key-generation, keeping logic in libtextsecure
  and rendering in options.js.
* Remove key_worker since workers are handled at the libaxolotl level
  now
2015-05-05 17:44:55 -07:00
Matt Corallo
e33c6fddda Do not rely on deviceObject.sessions anywhere in sendmessage 2015-03-25 11:56:27 -07:00
Matt Corallo
454b4726bd Replace load/decode/index around our own number with helpers 2015-03-25 11:54:55 -07:00
lilia
857eee5003 Divorce identity wipe from tryAgain functions
We'd like to live in a world where we can retry all the pending
conflicts in a conversation as a batch, which means we don't want to
wipe the identity key before processing each message. Thus, remove that
step from these handlers and encapsulate in a method on the conversation
model.
2015-03-18 16:29:02 -07:00
lilia
c642854ddf Extract app-level logic from libtextsecure
Ensure that both tryAgain functions return promises, allowing the
application to take appropriate action in the result of success or
failure. This lets us remove all dependency from libtextsecure on
app-level constructs like message objects/ids and the `extenion.trigger`
function.

Corresponding frontend changes to follow in another commit.
2015-03-18 16:29:02 -07:00
Matt Corallo
d3c158f4cf Move libaxolotl out-of-tree 2015-03-17 14:43:23 -07:00
lilia
676ad04958 Add device storage method to wipe an identity 2015-03-17 13:59:24 -07:00
Matt Corallo
9c3f8a1868 Dont send group-update right before we quit the group
Fixes #166
2015-02-25 15:59:49 -08:00
lilia
40351fcc54 Sync outgoing messages
When sending an constrct a copy of the PushMessageContent protobuf, add
a SyncMessageContext, and send it to ourselves. Do this for all kinds of
group messages, and individual text/media messages, but not closeSession
messages as the latter are device-specific.

Do not sync messages if we are the primary device, which should only be
supported in development. Normal web clients must be paired with a
android or ios master device, and even in dev, a primary/standalone web
client does not support linking additional devices.
2015-02-17 14:10:42 -08:00
lilia
0e8a5806a8 Fix textsecure.closeSession
sendIndividualProto requires a timestamp.
2015-02-12 22:12:48 -08:00
Matt Corallo
1e318a8293 Add missing TODO 2015-02-12 15:12:01 -08:00
Matt Corallo
b356403061 De-duplicate registrationId in deviceObject 2015-02-12 15:12:01 -08:00
Matt Corallo
1806210b26 Rewrite most of the device storage stuff 2015-02-12 15:12:00 -08:00
Matt Corallo
7d2d2d92fc Copy getRandomBytes from libaxolotl to libtextsecure 2015-02-12 15:11:59 -08:00
Matt Corallo
12844590f5 Move prekey sigcheck to libaxolotl 2015-02-12 15:11:59 -08:00
Matt Corallo
bb32a51d66 s/textsecure.protocol/axolotl.protocol/ 2015-02-12 15:11:58 -08:00
Matt Corallo
403ae4376d Move attachment/websocket [en|de]cryption to libtextsecure 2015-02-12 15:11:58 -08:00
Matt Corallo
66cf5b08db Naively move textsecure.crypto into axolotl.crypto 2015-02-12 15:11:58 -08:00
Matt Corallo
c112c59ce6 Fix group send (fixes #129) 2015-01-19 10:04:11 -10:00
lilia
44007ca58f Add rudimentary ui for sending a group update 2015-01-15 09:23:13 -10:00
Matt Corallo
07899557dc Give libtextsecure its own components (with way fewer deps) 2015-01-14 09:35:57 -10:00
Matt Corallo
8ad1a38b5b Move js files around for libtextsecure split 2015-01-14 09:35:57 -10:00
Renamed from js/sendmessage.js (Browse further)