Since they are so similar, we create the handlers using new
`createMessageHandler` function. This allows us to ensure both synced and
received messages go through schema upgrade pipeline.
Tested this by setting `if` condition to `true` and confirming it works.
It turns rotating a profile key is more involved and might require registering a
new account according to Matthew.
We previously processed attachments in `handleDataMessage` which is mostly a synchronous
function, except for the saving of the model. Moving the processing into the already async
`onMessageReceived` improves code clarity.
Synchronizes our protocol buffers with `libsignal-service-java` project.
**Changes**
- [x] **BREAKING:** Rename `package` from `textsecure` to `signalservice`.
⚠️~~Workaround: Rename back to `textsecure`.~~
Changed all protobuf `package` names across our project.
- [x] Rename `java_` metadata.
- [x] Move `NullMessage`, `ReceiptMessage`, and `Verified`.
- [x] Rename `Contacts.isComplete` to `Contacts.complete`. Confirmed to be
unreferenced in our project.
- [x] Rename `Settings` to `Configuration` (`textsecure.protobuf.Settings` seems
to be unused)
- [x] Rename `libtextsecure` `MessageReceiver` `settings` event to
`configuration`.
- [x] Rename `ReceiptMessage.timestamps` to `ReceiptMessage.timestamp`.
- [x] Add `AttachmentPointer` `width` and `height`.
- [x] Renamed `IncomingPushMessageSignal.proto` to `SignalService.proto` to
match server.
---
commit 2b6aa19bf9
Author: Daniel Gasienica <daniel@gasienica.ch>
Date: Wed Feb 14 19:41:24 2018 -0500
Rename protobuf `package`: `textsecure` --> `signalservice`
Brings us closer to `libsignal-service-java`.
commit 91612880a5
Author: Daniel Gasienica <daniel@gasienica.ch>
Date: Wed Feb 14 19:19:35 2018 -0500
Rename `SyncMessage.Settings` to `SyncMessage.Configuration`
commit 848eb95599
Author: Daniel Gasienica <daniel@gasienica.ch>
Date: Tue Feb 13 20:16:43 2018 -0500
Rename `ReadReceipt` `timestamps` --> `timestamp`
commit 39859e64b4
Author: Daniel Gasienica <daniel@gasienica.ch>
Date: Wed Feb 14 18:43:42 2018 -0500
Rename `IncomingPushMessageSignal.proto` to `SignalService.proto`
This matches the `libsignal-service-java` filename.
commit fd4bfd76af
Author: Daniel Gasienica <daniel@gasienica.ch>
Date: Tue Feb 13 16:24:36 2018 -0500
Revert protobuf `package` to `textsecure`
This was a breaking change and would need to be introduced with additional
changes.
commit 9f618fa917
Author: Daniel Gasienica <daniel@gasienica.ch>
Date: Tue Feb 13 16:09:55 2018 -0500
Sync service protocol buffers with Java project
Snapshot: 4684a49b2e/protobuf/SignalService.proto
* Re-enable libtextsecure unit tests, get passing, run in CI
* Save prekeys optimistically, track confirmed, new clean behavior
* Eliminate potential conflicts when rotating on startup
* Remove last symlink: get libtextsecure tests running on windows
* Log when we get a blocked numbers sync message
* Save three old signed keys in addition to the current active
* Remove the mystery from all the error-related log messages
* Log successful load of signed key - to help debug prekey errors
* removeSignedPreKey: Don't hang or crash in error cases
* Log on top-level unhandled promise rejection
* Remove trailing comma in param list, Electron 1.6 does not like
* Harden top-level error handler for strange object shapes
* Retry failed signed key rotation; start rotation when registered (#1772)
* rotateSignedPrekeys: Fix 'res is not defined' error
* If the server rejects key rotation, don't retry immediately
* Force a signed key rotation on launch of any new version
* Script for beta config; unique data dir, in-app env/type display
To release a beta build, increment the version and add -beta-N to the
end, then go through all the standard release activities.
The prepare-build npm script then updates key bits of the package.json
to ensure that the beta build can be installed alongside a production
build. This includes a new name ('Signal Beta') and a different location
for application data.
Note: Beta builds can be installed alongside production builds.
As part of this, a couple new bits of data are shown across the app:
- Environment (development or test, not shown if production)
- App Instance (disabled in production; used for multiple accounts)
These are shown in:
- The window title - both environment and app instance. You can tell
beta builds because the app name, preceding these data bits, is
different.
- The about window - both environment and app instance. You can tell
beta builds from the version number.
- The header added to the debug log - just environment. The version
number will tell us if it's a beta build, and app instance isn't
helpful.
* Turn on single-window mode in non-production modes
Because it's really frightening when you see 'unable to read from db'
errors in the console.
* aply.sh: More instructions for initial setup and testing
* Gruntfile: Get consistent with use of package.json datas
* Linux: manually update desktop keys, since macros not available
* Online/offline: Always stop timer, don't connect if closed
* Sockets: Send our own close event faster, shutdown only on close
Seems that we were too-aggressively disconnecting from all socket
events. Also, we should be able to send our own close event a lot
faster with no ill effects.
* Catch-up libtextsecure changes
* Wait to manually disconnect after receiving 'offline' event
We've received Linux logs indicating that we can get offline/online
blips - only 30ms between the two events. The app was never realy
offline. So this change slows the whole disconnect process down.
* Handle offline startup: register for online event, don't connect
* Ensure that our preload.js setImmediate call finds right function
FREEBIE
* Our own socket close event, better logging, unregistration
FREEBIE
* Return CLOSED for NetworkStatusView if we've fully disconnected
* background.js: Remove messageReceiver = null, log in connect()
A null messageReciever makes the NetworkStatusView think we're online.
FREEBIE
* Refactor delivery receipt event handler
* Rename the delivery receipt event
For less ambiguity with read receipts.
* Rename synced read event
For less ambiguity with read receipts from other Signal users.
* Add support for incoming receipt messages
Handle ReceiptMessages, which may include encrypted delivery receipts or read
receipts from recipients of our sent messages.
// FREEBIE
* Rename ReadReceipts to ReadSyncs
* Render read messages with blue double checks
* Send read receipts to senders of incoming messages
// FREEBIE
* Move ReadSyncs to their own file
// FREEBIE
* Fixup old comments on read receipts (now read syncs)
And some variable renaming for extra clarity.
// FREEBIE
* Add global setting for read receipts
Don't send read receipt messages unless the setting is enabled.
Don't process read receipts if the setting is disabled.
// FREEBIE
* Sync read receipt setting from mobile
Toggling this setting on your mobile device should sync it to Desktop. When
linking, use the setting in the provisioning message.
// FREEBIE
* Send receipt messages silently
Avoid generating phantom messages on ios
// FREEBIE
* Save recipients on the outgoing message models
For accurate tracking and display of sent/delivered/read state, even if group
membership changes later.
// FREEBIE
* Fix conversation type in profile key update handling
// FREEBIE
* Set recipients on synced sent messages
* Render saved recipients in message detail if available
For older messages, where we did not save the intended set of recipients at the
time of sending, fall back to the current group membership.
// FREEBIE
* Record who has been successfully sent to
// FREEBIE
* Record who a message has been delivered to
* Invert the not-clickable class
* Fix readReceipt setting sync when linking
* Render per recipient sent/delivered/read status
In the message detail view for outgoing messages, render each recipient's
individual sent/delivered/read status with respect to this message, as long as
there are no errors associated with the recipient (ie, safety number changes,
user not registered, etc...) since the error icon is displayed in that case.
*Messages sent before this change may not have per-recipient status lists
and will simply show no status icon.
// FREEBIE
* Add configuration sync request
Send these requests in a one-off fashion when:
1. We have just setup from a chrome app import
2. We have just upgraded to read-receipt support
// FREEBIE
* Expose sendRequestConfigurationSyncMessage
// FREEBIE
* Fix handling of incoming delivery receipts - union with array
FREEBIE
This prevents the parade of notifications if a machine wakes up from
sleep. Basically covers situations that the loading screen doesn't
already.
When disabled, notifications will be cached until they are subsequently
re-enabled, at which time all the pending notifications will be summarized.
From the background page, notifications are disabled during connection attempts
until an empty event. This means we can always safely call conversation.notify
to queue a notification for the next batch, dropping some options from message
and conversation model methods.
We've also moved the calls to check window focus and draw attention to the
window, which were previously included in the conversation model, but are now
performed by the Notification system, because the time that the notification is
displayed might be some time after the message is added by the conversation, so
decisions about focus and attention should be made in that moment and not
before.
// FREEBIE
* Disconnect from socket faster on complete loss of network access
Today we wait for a keepalive request to fail; this change forces
disconnect in the case that the browser tells us that we're now offline.
FREEBIE
* MessageReceiver: don't react to errors after explicit close()
FREEBIE
* Add AES-GCM encryption for profiles
With tests.
* Add profileKey to DataMessage protobuf
// FREEBIE
* Decrypt and save profile names
// FREEBIE
* Save incoming profile keys
* Move pad/unpad to crypto module
// FREEBIE
* Support fetching avatars from the cdn
// FREEBIE
* Translate failed authentication errors
When AES-GCM authentication fails, webcrypto returns a very generic error. The
same error is thrown for invalid length inputs, but our earlier checks in
decryptProfile should rule out those failure modes and leave us safe to assume
that we either had bad ciphertext or the wrong key.
// FREEBIE
* Handle profile avatars (wip) and log decrypt errors
// FREEBIE
* Display profile avatars
Synced contact avatars will still override profile avatars.
* Display profile names in convo list
Only if we don't have a synced contact name.
// FREEBIE
* Make cdn url an environment config
Use different ones for staging and production
// FREEBIE
* Display profile name in conversation header
* Display profile name in group messages
* Update conversation header if profile avatar changes
// FREEBIE
* Style profile names small with ~
* Save profileKeys from contact sync messages
// FREEBIE
* Save profile keys from provisioning messages
For standalone accounts, generate a random profile key.
// FREEBIE
* Special case for one-time sync of our profile key
Android will use a contact sync message to sync a profile key from Android
clients who have just upgraded and generated their profile key. Normally we
should receive this data in a provisioning message.
// FREEBIE
* Infer profile sharing from synced data messages
* Populate profile keys on outgoing messages
Requires that `profileSharing` be set on the conversation.
// FREEBIE
* Support for the profile key update flag
When receiving a message with this flag, don't init a message record, just
process the profile key and move on.
// FREEBIE
* Display profile names in group member list
* Refresh contact's profile on profile key changes
// FREEBIE
* Catch errors on profile save
// FREEBIE
* Save our own synced contact info
Don't return early if we get a contact sync for our own number
// FREEBIE
* main.js: check for truthiness of mainwindow, not === null
FREEBIE
* background.js: Connect to websocket even if we are unlinked
We know registration isn't done, but it has been done before. So instead
of sitting tight, we connect to the socket to start everything up and
attempt to the websocket once more.
FREEBIE
* Add certificate pinning on https service requests
Make https requests to the server using node apis instead of browser apis, so we
can specify our own CA list, which contains only our own CA.
This protects us from MITM by a rogue CA.
As a bonus, this let's us drop the use of non-standard ports and just use good
ol' default 443 all the time, at least for http requests.
// FREEBIE
* Make certificateAuthorities an option on requests
Modify node-based xhr implementation based on driverdan/node-XMLHttpRequest,
adding support for setting certificate authorities on each request.
This allows us to pin our master CA for requests to the server and cdn but not
to the s3 attachment server, for instance. Also fix an exception when sending
binary data in a request: it is submitted as an array buffer, and must be
converted to a node Buffer since we are now using a node based request api.
// FREEBIE
* Import node-based xhr implementation
Add a copy of https://github.com/driverdan/node-XMLHttpRequest@86ff70e, and
expose it to the renderer in the preload script.
In later commits this module will be extended to support custom certificate
authorities.
// FREEBIE
* Support "arraybuffer" responseType on requests
When fetching attachments, we want the result as binary data rather than a utf8
string. This lets our node-based XMLHttpRequest honor the responseType property
if it is set on the xhr.
Note that naively using the raw `.buffer` from a node Buffer won't work, since
it is a reuseable backing buffer that is often much larger than the actual
content defined by the Buffer's offset and length.
Instead, we'll prepare a return buffer based on the response's content length
header, and incrementally write chunks of data into it as they arrive.
// FREEBIE
* Switch to self-signed server endpoint
* Log more error info on failed requests
With the node-based xhr, relevant error info are stored in statusText and
responseText when a request fails.
// FREEBIE
* Add node-based websocket w/ support for custom CA
// FREEBIE
* Support handling array buffers instead of blobs
Our node-based websocket calls onmessage with an arraybuffer instead of a blob.
For robustness (on the off chance we switch or update the socket implementation
agian) I've kept the machinery for converting blobs to array buffers.
// FREEBIE
* Destroy all wacky server ports
// FREEBIE
Just send an event from the main process to the renderer,
The latter routes it the appropriate view method.
For now it's a no-op unless the main window exists and it is showing the inbox,
which will be addressed in a future commit.
// FREEBIE
Since we no longer have support for list-style notifications, stop
coalescing notifications into batches and just show contents of the last
message received. Also open the window when clicking on a notification
if it has previously been closed.
// FREEBIE
All Whisper.events listeners are now defined and bound in background.js,
and we no longer need global methods for opening the inbox and
conversation views, as those are handled by AppView or internally by
InboxView.
// FREEBIE
Traditionally, NODE_ENV refers to an environment variable. For clarity,
let's keep it that way and don't reuse it in the renderer. Also, add a
note about explicitly overriding env vars for node-config.
// FREEBIE
Introduce a top level view for navigating between the inbox and the
installer, enabling an in-window relink flow. Navigation is driven
through the openInbox and openInstaller global events.
// FREEBIE
