Commit graph

463 commits

Author SHA1 Message Date
lilia
67f25214d3 Refactor outgoing identity key conflict handling
saveKeysToDeviceObject is the detector of outgoing identity key errors.
Catch these key errors closer to the source by pulling the
getKeysForNumber into the context of sendMessageToDevices, which lets
it access registerError and the message protobuf.

Previously identity key errors would be uncaught if all existing
sessions with a recipient were closed/deleted, since we would
preemptively fetch the new identity key. The old error handling only
kicked in after a 409/410 response from the server when posting a
message encrypted for a stale session.

// FREEBIE
2015-07-21 16:00:09 -07:00
lilia
27016e1919 Let textsecure devices throw on identity key change
Restore error format, accidentally removed in 43d6efcd

// FREEBIE
2015-07-21 15:50:11 -07:00
lilia
4e88d4a5cf Add missing semicolons 2015-07-20 16:13:50 -07:00
lilia
c28b5408ab Plumb keys into outgoing conflicts 2015-07-20 16:13:17 -07:00
lilia
cc303e0802 Update libaxolotl, handle untrusted identitykey
Previously we had no access to the new untrusted identity
for verification purposes.

// FREEBIE
2015-07-20 14:25:02 -07:00
lilia
af48ca9e4b Update libaxolotl, remove one string conversion
Previously we would convert a bytebuffer to a string, pass it to
libaxolotl where it would be parsed back into a bytebuffer.

Ideally we would just pass the bytebuffer, but it turns out that
libaxolotl's bytebyffer class is identical but separate from
libtextsecure's bytebuffer class. ¯\_(ツ)_/¯

So instead we pass the underlying array buffer, which is handled
more or less the same way as a bytebuffer, and most importantly,
does not involve any copying.

// FREEBIE
2015-07-20 14:24:19 -07:00
lilia
1ab5af338a Update libaxolotl, un-revert b790f82849
Accidentally reverted in d3c158f
2015-07-20 12:31:31 -07:00
lilia
7d3d634a2d Move/refactor keepalive logic and add disconnect timer
We now disconnect ourselves if we don't get the server's response to a
keepalive request within 30s. This way we will eventually disconnect if
the network goes away but the socket is not closed.*

* See code.google.com/p/chromium/issues/detail?id=197841 and
https://stackoverflow.com/questions/11755605/chrome-websocket-connection-not-closed-when-browser-closed

We will then try to reconnect once a minute (See 8a10c96);

Keepalives belong at this level anyway, since the format is defined by
both the websocket resource protocol and our specific server url
structure.

// FREEBIE
2015-07-16 15:01:34 -07:00
lilia
a3ae3cab79 Use Promise.reject for simplicity
The following are equivalent, except that the first is longer and
invokes an extra function call.

```
return new Promise(function(resolve, reject) {
  reject(new Error("Unknown Group"));
});

return Promise.reject(new Error("Unknown Group"));
```
2015-07-14 13:39:36 -07:00
lilia
20586e2dcc Namespace events
Naming conflict was firing the error handler twice.

// FREEBIE
2015-07-13 13:03:43 -07:00
lilia
6e74ac9e28 Dispatch all network errors, not just auth errors
Also streamline the onError handler.
2015-07-13 13:03:43 -07:00
lilia
b40a8696b7 DRY up Promise creation in api.js
Since calls to ajax() are always wrapped in promises, we can internalize
that pattern in the ajax function itself.

// FREEBIE
2015-07-13 13:03:42 -07:00
lilia
3711e0a6cd Convert throwHumanError to custom error type
Now with 200% more helpful stack traces.

// FREEBIE
2015-07-13 13:03:41 -07:00
lilia
8745424d3a Fix outgoing identity key conflict handling
// FREEBIE
2015-07-06 15:11:35 -07:00
lilia
66ae3689c1 Fix decrypt error handling
This rejection-handler was resolving its promise rather than allowing
the rejection to bubble up.
2015-07-06 12:46:32 -07:00
lilia
f8ae5556d9 Fix standalone registration 2015-07-06 12:45:09 -07:00
lilia
5242108e15 Fix group update avatar handling
The avatar handler was being added to the list of promises too late,
so we were storing the raw avatar protobuf (Long id, bytes key) rather
than the downloaded/decrypted attachment data.

Fixes #280
2015-06-26 12:23:57 -07:00
lilia
4c40861728 Fix reinstalls
Delay saving of new account info until we confirm with the server.
Explicitly delete old account info beforehand.

// FREEBIE
2015-06-25 13:24:32 -07:00
lilia
db31835f68 Handle group sync for existing groups
// FREEBIE
2015-06-25 13:24:32 -07:00
lilia
5925c2fe84 Support for group sync
Protocol and handling is all analogous to contact sync: Multiple
GroupDetails structs are packed into a single attachment blob and parsed
on our end. We don't display the synced groups in the conversation list
until a new message is sent to one of them.

// FREEBIE
2015-06-25 13:24:32 -07:00
lilia
f126e3b21b Work on auth error handling / reinstall 2015-06-25 13:24:31 -07:00
lilia
2f935dfd5e Add contact sync request protocol 2015-06-25 13:24:31 -07:00
lilia
f32ff58953 Add support for device name 2015-06-25 13:24:30 -07:00
lilia
8dc4e34aaf Bug and test fixes for contact sync
Closes #135

// FREEBIE
2015-06-18 13:48:32 -07:00
lilia
b0603bc91a Wrap message receiver for minimum api exposure
Initializing a message receiver opens the socket and starts listening
right away rather than requiring a separate call to connect. The only
other publicly accessible method is to query the socket status.

// FREEBIE
2015-06-17 12:29:40 -07:00
lilia
316838cfe9 Add tests and bug fixes for ContactBuffer 2015-06-17 12:29:40 -07:00
lilia
228ffe901d Update json formatting for legacy message requests
Legacy DataMessages are sent using the `body` field, new Content
messages are sent using the `content` field.

// FREEBIE
2015-06-17 12:29:39 -07:00
lilia
a833d62a71 Implement sync protocol changes
Update protobuf definitions and refactor message receive and decrypt
codepath to support new protocol, including various flavors of sync
messages (sent messages, contacts, and groups).

Also cleans up background.js and lets libtextsecure internalize
textsecure.processDecrypted and ensure that it is called before handing
DataMessages off to the application.

The Envelope structure now has a generic content field and a
legacyMessage field for backwards compatibility. We'll send outgoing
messages as legacy messages, and sync messages as "content" while
continuing to support both legacy and non-legacy messages on the receive
side until old clients have a chance to transition.
2015-06-17 12:29:39 -07:00
lilia
061d57c95a Fix string vs number comparison
Fix bug in device storage causing duplicate device messages after a 410.
2015-06-04 16:48:34 -07:00
lilia
a9549e2e0f Fix 410 handling
We need to close the existing session with an old registrationId.
2015-06-04 16:48:10 -07:00
lilia
7d08e1132d Fix close session 2015-06-04 14:48:59 -07:00
lilia
7e8b1319a5 Ignore sync contexts on messages not from ourselves
But process the rest of the message normally.
2015-05-20 12:42:13 -07:00
lilia
090cc84452 Do not include destination on group sync messages 2015-05-18 14:40:27 -07:00
lilia
d1bcafad65 Update libaxolotl 2015-05-15 16:30:22 -07:00
lilia
704c6ce779 Signaling key is now an array buffer 2015-05-15 11:39:22 -07:00
lilia
d230df5622 Move local identitykey and registrationid to indexeddb 2015-05-15 11:38:14 -07:00
lilia
fe1d78b5fa Load protobufs asynchronously. Fixes #223 2015-05-15 11:38:14 -07:00
lilia
7799bef86c Tweak key conflict error messages
Be generic, because sometimes it's not TextSecure, but Signal.
2015-05-07 17:43:30 -07:00
lilia
359b4a15a2 Move group storage to axolotl store
Add async get/put/removeGroup to axolotl store and let libtextsecure
use it for group state storage.
2015-05-06 17:49:23 -07:00
lilia
748f32022a Fix up refreshGroup 2015-05-06 13:49:20 -07:00
lilia
f774047935 Make libtextsecure group storage asynchronous 2015-05-06 13:11:12 -07:00
lilia
37c496f4f0 Close the provisioning socket 2015-05-05 17:44:59 -07:00
lilia
43d6efcd9e Don't save device objects to disk
Generate them from session and identity data. Save/delete pending prekey
data in an in-memory store and attach it to outgoing device objects.
2015-05-05 17:44:59 -07:00
lilia
121671c99f Store identity keys in indexeddb
Let device storage request them from axolotl store rather than storing a
copy.
2015-05-05 17:44:58 -07:00
lilia
20ebc3f890 Move identity key storage functions to axolotl store 2015-05-05 17:44:58 -07:00
lilia
f38b18ef63 Move Session storage to axolotlstore 2015-05-05 17:44:57 -07:00
lilia
9de1572ba6 Convert all storage.devices methods to be asynchronous 2015-05-05 17:44:57 -07:00
lilia
71715c95bc Async remove identity 2015-05-05 17:44:57 -07:00
lilia
26f1aa4db5 Async putSessionsForDevice 2015-05-05 17:44:57 -07:00
lilia
666f6baaca Async getSessionsForNumber 2015-05-05 17:44:56 -07:00
lilia
9e7d8c0a08 Rename textsecure.api and make it internal-only 2015-05-05 17:44:56 -07:00
lilia
45a61780af Fixup refreshPreKeys and call it whenever a prekey is deleted 2015-05-05 17:44:56 -07:00
lilia
7d0aeac8cb Use a worker to facilitate key generation 2015-05-05 17:44:55 -07:00
lilia
f465bdddbf Add textsecure.AccountManager
This class should be used for account registration and for refreshing
prekeys for your account.
2015-05-05 17:44:55 -07:00
lilia
a960acacc6 Add textsecure.refreshKeys
This helper checks the server for the number of remaining prekeys, then
generates more if there are fewer than 10 remaining.

// FREEBIE
2015-05-05 17:44:55 -07:00
lilia
96eafc7750 Integrate libaxolotl async storage changes
* Session records are now opaque strings, so treat them that way:
  - no more cross checking identity key and session records
  - Move hasOpenSession to axolotl wrapper
  - Remote registration ids must be fetched async'ly via protocol wrapper
* Implement async AxolotlStore using textsecure.storage
* Add some db stores and move prekeys and signed keys to indexeddb
* Add storage tests
* Rename identityKey storage key from libaxolotl25519KeyidentityKey to
  simply identityKey, since it's no longer hardcoded in libaxolotl
* Rework registration and key-generation, keeping logic in libtextsecure
  and rendering in options.js.
* Remove key_worker since workers are handled at the libaxolotl level
  now
2015-05-05 17:44:55 -07:00
lilia
8304aa903a Update libaxololt to a087b9e746e67995f16e077183cc0 2015-05-05 17:44:54 -07:00
lilia
2ff954d2f8 Fix api.js 2015-05-04 15:14:58 -07:00
lilia
cc6a44f35d Fix tests 2015-05-01 12:13:03 -07:00
lilia
da34b8e0f8 Rename textsecure.websocket and make it internal-only 2015-04-30 15:07:35 -07:00
lilia
89c24cd2fa Move throwHumanError to api.js
It is only used there.
2015-04-30 12:26:13 -07:00
lilia
36b1e87214 Add textsecure.MessageReceiver
Encapsulate the websocket resources and socket setup process in a
friendly OO class. The MessageReceiver constructor expects an instance
of EventTarget on which to fire message events asynchronously. The
provider of the EventTarget can then add/remove listeners as desired.
2015-04-29 16:50:20 -07:00
lilia
37e09da1cc Remove unsued argument from getDeviceObject
Last usage of the `returnIdentityKey` argument was removed in 8b9a16852.
2015-04-20 17:20:58 -07:00
lilia
7af42a27c5 Fix registerKeys using array indices for key ids
preKeys is an array whose indices may or may not be keyId-based. Since
we have an inline keyId property, use that instead.
2015-04-15 15:23:08 -07:00
lilia
23feeecbcf Wrap libts, don't leak into global namespace 2015-04-05 16:42:08 -07:00
lilia
bfe23d86aa Run key generation in a worker
Ground work for a smoother registration flow. Overall UX still needs
some polish but at least now we can have a progress gif or animation or
whatever. Also adds the phonenumber-confirmation step as a simple alert
box, which will be replaced with a nice dialogue in a later commit.
2015-03-26 10:49:52 -07:00
Matt Corallo
8b9a168524 Store session information separately 2015-03-25 11:56:28 -07:00
Matt Corallo
e33c6fddda Do not rely on deviceObject.sessions anywhere in sendmessage 2015-03-25 11:56:27 -07:00
Matt Corallo
6c0f3ff1f0 Move session-storage logic to storage/devices from axolotl_wrapper 2015-03-25 11:56:27 -07:00
Matt Corallo
169097a409 Remove stale comments in axolotl_wrapper 2015-03-25 11:56:26 -07:00
Matt Corallo
89fefe4323 Create a textsecure.storage.impl to be overriden if desired 2015-03-25 11:56:26 -07:00
Matt Corallo
56bffdcfd3 Prefix libaxolotl-stored objects with "libaxolotl" 2015-03-25 11:56:26 -07:00
Matt Corallo
00cb420d37 Merge (un)encrypted storage layers 2015-03-25 11:56:25 -07:00
Matt Corallo
454b4726bd Replace load/decode/index around our own number with helpers 2015-03-25 11:54:55 -07:00
lilia
3759fe46e9 Account for -1 HTTPError code 2015-03-25 11:46:14 -07:00
lilia
e52224e481 Remove libtextsecure's jquery dependency
Use only the finest, hand-crafted, artisanal XMLHttpRequests.
2015-03-25 10:32:14 -07:00
lilia
857eee5003 Divorce identity wipe from tryAgain functions
We'd like to live in a world where we can retry all the pending
conflicts in a conversation as a batch, which means we don't want to
wipe the identity key before processing each message. Thus, remove that
step from these handlers and encapsulate in a method on the conversation
model.
2015-03-18 16:29:02 -07:00
lilia
c642854ddf Extract app-level logic from libtextsecure
Ensure that both tryAgain functions return promises, allowing the
application to take appropriate action in the result of success or
failure. This lets us remove all dependency from libtextsecure on
app-level constructs like message objects/ids and the `extenion.trigger`
function.

Corresponding frontend changes to follow in another commit.
2015-03-18 16:29:02 -07:00
lilia
e88d4d8170 Tweak replayable errors
1. Return the value returned by the registered function, to expose the
underlying promise to the caller.

2. Stop accepting extra arguments to the replay function. The caller
should be able to do what they want with the returned promise instead.

3. Add a timestamp argument to the outgoing case, needed to re-try
sending a message.
2015-03-18 16:29:01 -07:00
Matt Corallo
d3c158f4cf Move libaxolotl out-of-tree 2015-03-17 14:43:23 -07:00
Matt Corallo
e2e06b2d3c Remove axolotl.storage usage from libtextsecure 2015-03-17 13:59:25 -07:00
lilia
b790f82849 Remove libaxolotl dependency on textsecure/errors.js
Let libaxolotl throw a generic error instead of a replayable error, and
add an helper function in libtextsecure's axolotl_wrapper to catch and
convert from the generic error to the replayable one. This allows the
ReplayableError to remain a libtextsecure-level concept only.

Somewhat unrelatedly, but nearby, fix some whitespace and add missing
semicolon.
2015-03-17 13:59:24 -07:00
lilia
676ad04958 Add device storage method to wipe an identity 2015-03-17 13:59:24 -07:00
lilia
9e04910124 Recompile curve25519 with emcc 1.29.0
Now with actual malloc/free implementations. Had to drop back to -O1
optimization because the ed25519 signature test broke with -O2. :(

Closes #153

The toolchain install and build process, for reference:
```
wget https://s3.amazonaws.com/mozilla-games/emscripten/releases/emsdk-portable.tar.gz
tar xvfz emsdk-portable.tar.gz
cd emsdk-portable
./emsdk update
./emsdk install latest
./emsdk activate latest
source ./emsdk_env.sh
cd ../TextSecure-Browser
grunt build
```
2015-03-16 16:07:47 -07:00
lilia
b9969b14b6 Always reconnect the socket except when there is an error
Turns out we can get ABNORMAL_CODE (1006) for disconnects where (for
instance) we pause the background page too long. However, in these cases
there is no preceeding ErrorEvent. In contrast, when we have bad
authentication credentials, there is an ErrorEvent. Thus, this change
ensures that we only reconnect if there was no Error.
2015-03-11 14:12:25 -07:00
lilia
0cbad730ce Don't send keepalive if socket has closed
Also shorten the timeout to see if it improves websocket connection
reliability.
2015-03-11 14:12:25 -07:00
lilia
2b073f3365 Reset keepalive timer if we're about to send
No sense in sending more keepalives than necessary.
2015-03-11 11:12:14 -07:00
lilia
7e5e558ad5 Bump keepalive to 60s 2015-03-10 18:14:12 -07:00
lilia
fd6e2954f7 Curtail over-zealous websocket reconnects
Closes #173

Previously, in the event of a failed websocket auth, we would attempt to
reconnect once a second ad infinitum. This changeset ensures that we
only reconnect automatically if the socket closed 'normally' as
indicated by the code on the socket's CloseEvent. Otherwise, show a
'Websocket closed' error on the inbox view.

Ideally we would show a more contextual error (ie, 'Unauthorized'), but
unfortunately the actual server response code is not available to our
code. It can be observed in the console output from the background page,
but programmatically, we only receive the WebSocket CloseEvent codes
listed here:
https://developer.mozilla.org/en-US/docs/Web/API/CloseEvent#Status_codes

The websocket error message is displayed by a normally-hidden but ever
present socket status element. Clicking this element will immediately
refresh the background page, which will try again to open the websocket
connection.
2015-03-09 16:04:26 -07:00
Matt Corallo
2277b41639 Remove non-existant device messages 2015-02-26 12:13:56 -08:00
Matt Corallo
5abf3073d5 Check END_SESSION messages in processDecrypted 2015-02-26 12:11:05 -08:00
Matt Corallo
29192edcb8 Ignore END_SESSION on messages with a sync context 2015-02-26 12:11:04 -08:00
Matt Corallo
9c3f8a1868 Dont send group-update right before we quit the group
Fixes #166
2015-02-25 15:59:49 -08:00
Matt Corallo
f2853d00e6 Merge pull request #167 from WhisperSystems/sync
Sync outgoing individual and group messages
2015-02-20 12:39:26 -08:00
lilia
f860cb4492 Return end session messages to the frontend
So we can save them in the message history, and because the caller
expects a promise.
2015-02-20 10:30:43 -08:00
lilia
40351fcc54 Sync outgoing messages
When sending an constrct a copy of the PushMessageContent protobuf, add
a SyncMessageContext, and send it to ourselves. Do this for all kinds of
group messages, and individual text/media messages, but not closeSession
messages as the latter are device-specific.

Do not sync messages if we are the primary device, which should only be
supported in development. Normal web clients must be paired with a
android or ios master device, and even in dev, a primary/standalone web
client does not support linking additional devices.
2015-02-17 14:10:42 -08:00
Matt Corallo
b45c09470f Merge pull request #155 from WhisperSystems/closeSession
Fix textsecure.closeSession
2015-02-13 10:44:06 -08:00
lilia
0e8a5806a8 Fix textsecure.closeSession
sendIndividualProto requires a timestamp.
2015-02-12 22:12:48 -08:00
lilia
65c70a9117 Fix provisioning flow
Fix undefined axolotl.protobufs.ProvisionMessage, referenced in
libaxolotl/protocol.js
2015-02-12 16:41:04 -08:00
Matt Corallo
148410a826 Move jquery dep from libaxolotl to libaxolotl tests 2015-02-12 15:12:02 -08:00
Matt Corallo
44a094c324 Re-run concat 2015-02-12 15:12:01 -08:00
Matt Corallo
f1f5914879 Re-run concat 2015-02-12 15:12:00 -08:00
Matt Corallo
cb6cb4ff89 Re-add jquery as it is needed for our test runners 2015-02-12 15:11:59 -08:00
Matt Corallo
8398a52c20 Re-run concat 2015-02-12 15:11:58 -08:00
Matt Corallo
02d0c58e5e Mostly done device-bringup stuff 2015-02-11 14:03:54 -08:00
lilia
c0a8c00884 Rebuild libtextsecure also 2015-02-11 12:49:33 -08:00
Matt Corallo
29b2ffc769 Update to real server provisioning API 2015-01-19 10:23:25 -10:00
Matt Corallo
c112c59ce6 Fix group send (fixes #129) 2015-01-19 10:04:11 -10:00
lilia
44007ca58f Add rudimentary ui for sending a group update 2015-01-15 09:23:13 -10:00
Matt Corallo
334550b779 Regenerate components/libts 2015-01-14 11:39:36 -10:00
Matt Corallo
5785f4033c Compile curve25519/webcrypto into libtextsecure.js 2015-01-14 09:35:57 -10:00
Matt Corallo
07899557dc Give libtextsecure its own components (with way fewer deps) 2015-01-14 09:35:57 -10:00
Matt Corallo
8ad1a38b5b Move js files around for libtextsecure split 2015-01-14 09:35:57 -10:00