diff --git a/app/src/main/java/org/thoughtcrime/securesms/dependencies/ApplicationDependencyProvider.java b/app/src/main/java/org/thoughtcrime/securesms/dependencies/ApplicationDependencyProvider.java index e8cfe52653..39832c90a9 100644 --- a/app/src/main/java/org/thoughtcrime/securesms/dependencies/ApplicationDependencyProvider.java +++ b/app/src/main/java/org/thoughtcrime/securesms/dependencies/ApplicationDependencyProvider.java @@ -316,6 +316,23 @@ public class ApplicationDependencyProvider implements AppDependencies.Provider { return new PendingRetryReceiptCache(); } + private boolean shouldUseLibsignalForWebsocket(@NonNull SignalServiceConfiguration signalServiceConfiguration) { + if (RemoteConfig.libSignalWebSocketEnabled()) { + if (RemoteConfig.libSignalWebSocketEnabledForProxies()) { + return true; + } else { + // libsignalWebSocketEnabled = true but libsignalWebSocketEnabledForProxies = false + if (signalServiceConfiguration.getCensored() || + signalServiceConfiguration.getSignalProxy().isPresent()) { + return false; + } else { + return true; + } + } + } else { + return false; + } + } @Override public @NonNull SignalWebSocket.AuthenticatedWebSocket provideAuthWebSocket(@NonNull Supplier signalServiceConfigurationSupplier, @NonNull Supplier libSignalNetworkSupplier) { SleepTimer sleepTimer = !SignalStore.account().isFcmEnabled() || SignalStore.internal().isWebsocketModeForced() ? new AlarmSleepTimer(context) : new UptimeSleepTimer(); @@ -328,7 +345,7 @@ public class ApplicationDependencyProvider implements AppDependencies.Provider { throw new WebSocketUnavailableException("Invalid auth credentials"); } - if (RemoteConfig.libSignalWebSocketEnabled()) { + if (shouldUseLibsignalForWebsocket(signalServiceConfigurationSupplier.get())) { Network network = libSignalNetworkSupplier.get(); return new LibSignalChatConnection("libsignal-auth", network, @@ -364,7 +381,7 @@ public class ApplicationDependencyProvider implements AppDependencies.Provider { SignalWebSocketHealthMonitor healthMonitor = new SignalWebSocketHealthMonitor(sleepTimer); WebSocketFactory unauthFactory = () -> { - if (RemoteConfig.libSignalWebSocketEnabled()) { + if (shouldUseLibsignalForWebsocket(signalServiceConfigurationSupplier.get())) { Network network = libSignalNetworkSupplier.get(); return new LibSignalChatConnection("libsignal-unauth", network, diff --git a/app/src/main/java/org/thoughtcrime/securesms/util/RemoteConfig.kt b/app/src/main/java/org/thoughtcrime/securesms/util/RemoteConfig.kt index 20b4a82344..0d25832579 100644 --- a/app/src/main/java/org/thoughtcrime/securesms/util/RemoteConfig.kt +++ b/app/src/main/java/org/thoughtcrime/securesms/util/RemoteConfig.kt @@ -1023,11 +1023,23 @@ object RemoteConfig { value.asLong(8.kibiBytes.inWholeBytes).bytes } - /** Whether unauthenticated chat web socket is backed by libsignal-net */ + /** Whether the chat web socket is backed by libsignal for direct connections */ @JvmStatic @get:JvmName("libSignalWebSocketEnabled") val libSignalWebSocketEnabled: Boolean by remoteValue( - key = "android.libsignalWebSocketEnabled.7", + key = "android.libsignalWebSocketEnabled.8", + hotSwappable = false + ) { value -> + value.asBoolean(false) || Environment.IS_NIGHTLY + } + + /** Whether the chat web socket is backed by libsignal for all connections, including proxied connections. + * Note, this does *not* gate HTTP proxies, which are treated as direct connections. + * This only has an effect if libSignalWebSocketEnabled is also enabled. */ + @JvmStatic + @get:JvmName("libSignalWebSocketEnabledForProxies") + val libSignalWebSocketEnabledForProxies: Boolean by remoteValue( + key = "android.libSignalWebSocketEnabledForProxies.8", hotSwappable = false ) { value -> value.asBoolean(false) || Environment.IS_NIGHTLY