2015-09-07 21:53:43 +00:00
|
|
|
/*
|
|
|
|
|
* vim: ts=4:sw=4:expandtab
|
2015-04-29 18:56:40 +00:00
|
|
|
*/
|
|
|
|
|
|
Certificate pinning via node XMLHttpRequest implementation (#1394)
* Add certificate pinning on https service requests
Make https requests to the server using node apis instead of browser apis, so we
can specify our own CA list, which contains only our own CA.
This protects us from MITM by a rogue CA.
As a bonus, this let's us drop the use of non-standard ports and just use good
ol' default 443 all the time, at least for http requests.
// FREEBIE
* Make certificateAuthorities an option on requests
Modify node-based xhr implementation based on driverdan/node-XMLHttpRequest,
adding support for setting certificate authorities on each request.
This allows us to pin our master CA for requests to the server and cdn but not
to the s3 attachment server, for instance. Also fix an exception when sending
binary data in a request: it is submitted as an array buffer, and must be
converted to a node Buffer since we are now using a node based request api.
// FREEBIE
* Import node-based xhr implementation
Add a copy of https://github.com/driverdan/node-XMLHttpRequest@86ff70e, and
expose it to the renderer in the preload script.
In later commits this module will be extended to support custom certificate
authorities.
// FREEBIE
* Support "arraybuffer" responseType on requests
When fetching attachments, we want the result as binary data rather than a utf8
string. This lets our node-based XMLHttpRequest honor the responseType property
if it is set on the xhr.
Note that naively using the raw `.buffer` from a node Buffer won't work, since
it is a reuseable backing buffer that is often much larger than the actual
content defined by the Buffer's offset and length.
Instead, we'll prepare a return buffer based on the response's content length
header, and incrementally write chunks of data into it as they arrive.
// FREEBIE
* Switch to self-signed server endpoint
* Log more error info on failed requests
With the node-based xhr, relevant error info are stored in statusText and
responseText when a request fails.
// FREEBIE
* Add node-based websocket w/ support for custom CA
// FREEBIE
* Support handling array buffers instead of blobs
Our node-based websocket calls onmessage with an arraybuffer instead of a blob.
For robustness (on the off chance we switch or update the socket implementation
agian) I've kept the machinery for converting blobs to array buffers.
// FREEBIE
* Destroy all wacky server ports
// FREEBIE
2017-09-01 15:58:58 +00:00
|
|
|
function MessageReceiver(url, username, password, signalingKey) {
|
2017-07-25 23:00:06 +00:00
|
|
|
this.count = 0;
|
|
|
|
|
|
2015-09-01 23:59:06 +00:00
|
|
|
this.url = url;
|
|
|
|
|
this.signalingKey = signalingKey;
|
|
|
|
|
this.username = username;
|
|
|
|
|
this.password = password;
|
Certificate pinning via node XMLHttpRequest implementation (#1394)
* Add certificate pinning on https service requests
Make https requests to the server using node apis instead of browser apis, so we
can specify our own CA list, which contains only our own CA.
This protects us from MITM by a rogue CA.
As a bonus, this let's us drop the use of non-standard ports and just use good
ol' default 443 all the time, at least for http requests.
// FREEBIE
* Make certificateAuthorities an option on requests
Modify node-based xhr implementation based on driverdan/node-XMLHttpRequest,
adding support for setting certificate authorities on each request.
This allows us to pin our master CA for requests to the server and cdn but not
to the s3 attachment server, for instance. Also fix an exception when sending
binary data in a request: it is submitted as an array buffer, and must be
converted to a node Buffer since we are now using a node based request api.
// FREEBIE
* Import node-based xhr implementation
Add a copy of https://github.com/driverdan/node-XMLHttpRequest@86ff70e, and
expose it to the renderer in the preload script.
In later commits this module will be extended to support custom certificate
authorities.
// FREEBIE
* Support "arraybuffer" responseType on requests
When fetching attachments, we want the result as binary data rather than a utf8
string. This lets our node-based XMLHttpRequest honor the responseType property
if it is set on the xhr.
Note that naively using the raw `.buffer` from a node Buffer won't work, since
it is a reuseable backing buffer that is often much larger than the actual
content defined by the Buffer's offset and length.
Instead, we'll prepare a return buffer based on the response's content length
header, and incrementally write chunks of data into it as they arrive.
// FREEBIE
* Switch to self-signed server endpoint
* Log more error info on failed requests
With the node-based xhr, relevant error info are stored in statusText and
responseText when a request fails.
// FREEBIE
* Add node-based websocket w/ support for custom CA
// FREEBIE
* Support handling array buffers instead of blobs
Our node-based websocket calls onmessage with an arraybuffer instead of a blob.
For robustness (on the off chance we switch or update the socket implementation
agian) I've kept the machinery for converting blobs to array buffers.
// FREEBIE
* Destroy all wacky server ports
// FREEBIE
2017-09-01 15:58:58 +00:00
|
|
|
this.server = new TextSecureServer(url, username, password);
|
2015-04-29 18:56:40 +00:00
|
|
|
|
2016-05-03 00:15:47 +00:00
|
|
|
var address = libsignal.SignalProtocolAddress.fromString(username);
|
|
|
|
|
this.number = address.getName();
|
|
|
|
|
this.deviceId = address.getDeviceId();
|
2015-09-01 23:59:06 +00:00
|
|
|
}
|
2016-01-14 22:07:00 +00:00
|
|
|
|
|
|
|
|
MessageReceiver.prototype = new textsecure.EventTarget();
|
|
|
|
|
MessageReceiver.prototype.extend({
|
2015-09-01 23:59:06 +00:00
|
|
|
constructor: MessageReceiver,
|
|
|
|
|
connect: function() {
|
|
|
|
|
if (this.socket && this.socket.readyState !== WebSocket.CLOSED) {
|
|
|
|
|
this.socket.close();
|
|
|
|
|
}
|
|
|
|
|
// initialize the socket and start listening for messages
|
|
|
|
|
this.socket = this.server.getMessageSocket();
|
|
|
|
|
this.socket.onclose = this.onclose.bind(this);
|
|
|
|
|
this.socket.onerror = this.onerror.bind(this);
|
|
|
|
|
this.socket.onopen = this.onopen.bind(this);
|
|
|
|
|
this.wsr = new WebSocketResource(this.socket, {
|
2015-12-04 18:25:50 +00:00
|
|
|
handleRequest: this.handleRequest.bind(this),
|
2015-09-01 23:59:06 +00:00
|
|
|
keepalive: { path: '/v1/keepalive', disconnect: true }
|
|
|
|
|
});
|
2017-07-17 22:46:00 +00:00
|
|
|
|
2017-07-28 23:34:38 +00:00
|
|
|
this.pending = this.queueAllCached();
|
2017-08-07 19:41:24 +00:00
|
|
|
|
|
|
|
|
// Ensures that an immediate 'empty' event from the websocket will fire only after
|
|
|
|
|
// all cached envelopes are processed.
|
|
|
|
|
this.incoming = [this.pending];
|
2015-09-01 23:59:06 +00:00
|
|
|
},
|
|
|
|
|
close: function() {
|
2015-11-05 20:45:18 +00:00
|
|
|
this.socket.close(3000, 'called close');
|
Full export, migration banner, and full migration workflow - behind flag (#1342)
* Add support for backup and restore
This first pass works for all stores except messages, pending some scaling
improvements.
// FREEBIE
* Import of messages and attachments
Properly sanitize filenames. Logging information that will help with
debugging but won't threaten privacy (no contact or group names),
where the on-disk directories have this information to make things
human-readable
FREEBIE
* First fully operational single-action export and import!
FREEBIE
* Add migration export flow
A banner alert leads to a blocking ui for the migration. We close the socket and
wait for incoming messages to drain before starting the export.
FREEBIE
* A number of updates for the export flow
1. We don't immediately pop the directory selection dialog box, instead
showing an explicit 'choose directory' button after explaining what is
about to happen
2. We show a 'submit debug log' button on most steps of the process
3. We handle export errors and encourage the user to double-check their
filesystem then submit their log
4. We are resilient to restarts during the process
5. We handle the user cancelling out of the directory selection dialog
differently from other errors.
6. The export process is now serialized: non-messages, then messages.
7. After successful export, show where the data is on disk
FREEBUE
* Put migration behind a flag
FREEBIE
* Shut down websocket before proceeding with export
FREEBIE
* Add MigrationView to test/index.html to fix test
FREEBIE
* Remove 'Submit Debug Log' button when the export process is complete
FREEBIE
* Create a 'Signal Export' directory below user-chosen dir
This cleans things up a bit so we don't litter the user's target
directory with lots of stuff.
FREEBIE
* Clarify MessageReceiver.drain() method comments
FREEBIE
* A couple updates for clarity - event names, else handling
Also the removal of wait(), which wasn't used anywhere.
FREEBIE
* A number of wording updates for the export flow
FREEBIE
* Export complete: put dir on its own line, make text selectable
FREEBIE
2017-08-28 20:06:10 +00:00
|
|
|
return this.drain();
|
2015-09-01 23:59:06 +00:00
|
|
|
},
|
|
|
|
|
onopen: function() {
|
|
|
|
|
console.log('websocket open');
|
|
|
|
|
},
|
|
|
|
|
onerror: function(error) {
|
|
|
|
|
console.log('websocket error');
|
|
|
|
|
},
|
2017-07-25 01:43:35 +00:00
|
|
|
dispatchAndWait: function(event) {
|
|
|
|
|
return Promise.all(this.dispatchEvent(event));
|
|
|
|
|
},
|
2015-09-01 23:59:06 +00:00
|
|
|
onclose: function(ev) {
|
2015-11-05 20:45:18 +00:00
|
|
|
console.log('websocket closed', ev.code, ev.reason || '');
|
|
|
|
|
if (ev.code === 3000) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
2015-09-01 23:59:06 +00:00
|
|
|
// possible 403 or network issue. Make an request to confirm
|
2017-07-27 17:09:26 +00:00
|
|
|
return this.server.getDevices(this.number)
|
2017-07-25 01:43:35 +00:00
|
|
|
.then(this.connect.bind(this)) // No HTTP error? Reconnect
|
|
|
|
|
.catch(function(e) {
|
2015-09-01 19:13:38 +00:00
|
|
|
var ev = new Event('error');
|
2015-06-01 21:08:21 +00:00
|
|
|
ev.error = e;
|
2017-07-27 17:09:26 +00:00
|
|
|
return this.dispatchAndWait(ev);
|
2017-07-25 01:43:35 +00:00
|
|
|
}.bind(this));
|
2015-09-01 23:59:06 +00:00
|
|
|
},
|
2015-12-04 18:25:50 +00:00
|
|
|
handleRequest: function(request) {
|
2017-07-25 01:43:35 +00:00
|
|
|
this.incoming = this.incoming || [];
|
2015-12-04 06:29:49 +00:00
|
|
|
// We do the message decryption here, instead of in the ordered pending queue,
|
|
|
|
|
// to avoid exposing the time it took us to process messages through the time-to-ack.
|
|
|
|
|
|
2017-04-07 19:48:59 +00:00
|
|
|
// TODO: handle different types of requests.
|
|
|
|
|
if (request.path !== '/api/v1/message') {
|
|
|
|
|
console.log('got request', request.verb, request.path);
|
|
|
|
|
request.respond(200, 'OK');
|
2017-07-25 01:43:35 +00:00
|
|
|
|
|
|
|
|
if (request.verb === 'PUT' && request.path === '/api/v1/queue/empty') {
|
|
|
|
|
this.onEmpty();
|
|
|
|
|
}
|
2017-04-07 19:48:59 +00:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-25 01:43:35 +00:00
|
|
|
this.incoming.push(textsecure.crypto.decryptWebsocketMessage(request.body, this.signalingKey).then(function(plaintext) {
|
2016-01-11 20:08:54 +00:00
|
|
|
var envelope = textsecure.protobuf.Envelope.decode(plaintext);
|
2015-09-01 23:59:06 +00:00
|
|
|
// After this point, decoding errors are not the server's
|
2017-07-17 22:46:00 +00:00
|
|
|
// fault, and we should handle them gracefully and tell the
|
|
|
|
|
// user they received an invalid message
|
2016-09-07 00:12:45 +00:00
|
|
|
|
2017-07-17 22:46:00 +00:00
|
|
|
if (this.isBlocked(envelope.source)) {
|
|
|
|
|
return request.respond(200, 'OK');
|
2016-09-07 00:12:45 +00:00
|
|
|
}
|
2015-09-01 23:59:06 +00:00
|
|
|
|
2017-07-25 01:43:35 +00:00
|
|
|
return this.addToCache(envelope, plaintext).then(function() {
|
2017-07-17 22:46:00 +00:00
|
|
|
request.respond(200, 'OK');
|
|
|
|
|
this.queueEnvelope(envelope);
|
|
|
|
|
}.bind(this), function(error) {
|
|
|
|
|
console.log(
|
|
|
|
|
'handleRequest error trying to add message to cache:',
|
|
|
|
|
error && error.stack ? error.stack : error
|
|
|
|
|
);
|
|
|
|
|
});
|
2015-09-01 23:59:06 +00:00
|
|
|
}.bind(this)).catch(function(e) {
|
|
|
|
|
request.respond(500, 'Bad encrypted websocket message');
|
2017-07-17 22:46:00 +00:00
|
|
|
console.log("Error handling incoming message:", e && e.stack ? e.stack : e);
|
2015-09-01 23:59:06 +00:00
|
|
|
var ev = new Event('error');
|
|
|
|
|
ev.error = e;
|
2017-07-25 01:43:35 +00:00
|
|
|
return this.dispatchAndWait(ev);
|
|
|
|
|
}.bind(this)));
|
|
|
|
|
},
|
2017-07-25 23:23:13 +00:00
|
|
|
addToQueue: function(task) {
|
|
|
|
|
var count = this.count += 1;
|
|
|
|
|
var current = this.pending = this.pending.then(task, task);
|
|
|
|
|
|
|
|
|
|
var cleanup = function() {
|
|
|
|
|
this.updateProgress(count);
|
|
|
|
|
// We want to clear out the promise chain whenever possible because it could
|
|
|
|
|
// lead to large memory usage over time:
|
|
|
|
|
// https://github.com/nodejs/node/issues/6673#issuecomment-244331609
|
|
|
|
|
if (this.pending === current) {
|
|
|
|
|
this.pending = Promise.resolve();
|
|
|
|
|
}
|
|
|
|
|
}.bind(this);
|
|
|
|
|
|
|
|
|
|
current.then(cleanup, cleanup);
|
|
|
|
|
|
|
|
|
|
return current;
|
|
|
|
|
},
|
2017-07-25 01:43:35 +00:00
|
|
|
onEmpty: function() {
|
|
|
|
|
var incoming = this.incoming;
|
|
|
|
|
this.incoming = [];
|
|
|
|
|
|
|
|
|
|
var dispatchEmpty = function() {
|
2017-08-04 01:12:41 +00:00
|
|
|
console.log('MessageReceiver: emitting \'empty\' event');
|
2017-07-25 01:43:35 +00:00
|
|
|
var ev = new Event('empty');
|
|
|
|
|
return this.dispatchAndWait(ev);
|
|
|
|
|
}.bind(this);
|
|
|
|
|
|
2017-07-27 17:09:26 +00:00
|
|
|
var queueDispatch = function() {
|
2017-07-25 23:00:06 +00:00
|
|
|
// resetting count to zero so everything queued after this starts over again
|
|
|
|
|
this.count = 0;
|
|
|
|
|
|
2017-07-25 23:23:13 +00:00
|
|
|
this.addToQueue(dispatchEmpty);
|
2017-07-25 01:43:35 +00:00
|
|
|
}.bind(this);
|
|
|
|
|
|
2017-07-27 17:09:26 +00:00
|
|
|
// We first wait for all recently-received messages (this.incoming) to be queued,
|
|
|
|
|
// then we add a task to emit the 'empty' event to the queue, so all message
|
|
|
|
|
// processing is complete by the time it runs.
|
|
|
|
|
Promise.all(incoming).then(queueDispatch, queueDispatch);
|
2015-09-01 23:59:06 +00:00
|
|
|
},
|
Full export, migration banner, and full migration workflow - behind flag (#1342)
* Add support for backup and restore
This first pass works for all stores except messages, pending some scaling
improvements.
// FREEBIE
* Import of messages and attachments
Properly sanitize filenames. Logging information that will help with
debugging but won't threaten privacy (no contact or group names),
where the on-disk directories have this information to make things
human-readable
FREEBIE
* First fully operational single-action export and import!
FREEBIE
* Add migration export flow
A banner alert leads to a blocking ui for the migration. We close the socket and
wait for incoming messages to drain before starting the export.
FREEBIE
* A number of updates for the export flow
1. We don't immediately pop the directory selection dialog box, instead
showing an explicit 'choose directory' button after explaining what is
about to happen
2. We show a 'submit debug log' button on most steps of the process
3. We handle export errors and encourage the user to double-check their
filesystem then submit their log
4. We are resilient to restarts during the process
5. We handle the user cancelling out of the directory selection dialog
differently from other errors.
6. The export process is now serialized: non-messages, then messages.
7. After successful export, show where the data is on disk
FREEBUE
* Put migration behind a flag
FREEBIE
* Shut down websocket before proceeding with export
FREEBIE
* Add MigrationView to test/index.html to fix test
FREEBIE
* Remove 'Submit Debug Log' button when the export process is complete
FREEBIE
* Create a 'Signal Export' directory below user-chosen dir
This cleans things up a bit so we don't litter the user's target
directory with lots of stuff.
FREEBIE
* Clarify MessageReceiver.drain() method comments
FREEBIE
* A couple updates for clarity - event names, else handling
Also the removal of wait(), which wasn't used anywhere.
FREEBIE
* A number of wording updates for the export flow
FREEBIE
* Export complete: put dir on its own line, make text selectable
FREEBIE
2017-08-28 20:06:10 +00:00
|
|
|
drain: function() {
|
|
|
|
|
var incoming = this.incoming;
|
|
|
|
|
this.incoming = [];
|
|
|
|
|
|
|
|
|
|
var queueDispatch = function() {
|
|
|
|
|
return this.addToQueue(function() {
|
|
|
|
|
console.log('drained');
|
|
|
|
|
});
|
|
|
|
|
}.bind(this);
|
|
|
|
|
|
|
|
|
|
// This promise will resolve when there are no more messages to be processed.
|
|
|
|
|
return Promise.all(incoming).then(queueDispatch, queueDispatch);
|
|
|
|
|
},
|
2017-07-25 23:00:06 +00:00
|
|
|
updateProgress: function(count) {
|
|
|
|
|
// count by 10s
|
|
|
|
|
if (count % 10 !== 0) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
var ev = new Event('progress');
|
|
|
|
|
ev.count = count;
|
|
|
|
|
this.dispatchEvent(ev);
|
|
|
|
|
},
|
2017-07-17 22:46:00 +00:00
|
|
|
queueAllCached: function() {
|
2017-07-28 23:34:38 +00:00
|
|
|
return this.getAllFromCache().then(function(items) {
|
2017-07-17 22:46:00 +00:00
|
|
|
for (var i = 0, max = items.length; i < max; i += 1) {
|
|
|
|
|
this.queueCached(items[i]);
|
|
|
|
|
}
|
|
|
|
|
}.bind(this));
|
|
|
|
|
},
|
|
|
|
|
queueCached: function(item) {
|
|
|
|
|
try {
|
2017-08-23 20:36:49 +00:00
|
|
|
var envelopePlaintext = item.envelope;
|
|
|
|
|
|
|
|
|
|
// Up until 0.42.6 we stored envelope and decrypted as strings in IndexedDB,
|
|
|
|
|
// so we need to be ready for them.
|
|
|
|
|
if (typeof envelopePlaintext === 'string') {
|
|
|
|
|
envelopePlaintext = this.stringToArrayBuffer(envelopePlaintext);
|
|
|
|
|
}
|
2017-07-17 22:46:00 +00:00
|
|
|
var envelope = textsecure.protobuf.Envelope.decode(envelopePlaintext);
|
|
|
|
|
|
|
|
|
|
var decrypted = item.decrypted;
|
|
|
|
|
if (decrypted) {
|
2017-08-23 20:36:49 +00:00
|
|
|
var payloadPlaintext = decrypted;
|
|
|
|
|
if (typeof payloadPlaintext === 'string') {
|
|
|
|
|
payloadPlaintext = this.stringToArrayBuffer(payloadPlaintext);
|
|
|
|
|
}
|
2017-07-17 22:46:00 +00:00
|
|
|
this.queueDecryptedEnvelope(envelope, payloadPlaintext);
|
|
|
|
|
} else {
|
|
|
|
|
this.queueEnvelope(envelope);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
catch (error) {
|
|
|
|
|
console.log('queueCached error handling item', item.id);
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
getEnvelopeId: function(envelope) {
|
|
|
|
|
return envelope.source + '.' + envelope.sourceDevice + ' ' + envelope.timestamp.toNumber();
|
|
|
|
|
},
|
|
|
|
|
stringToArrayBuffer: function(string) {
|
|
|
|
|
return new dcodeIO.ByteBuffer.wrap(string, 'binary').toArrayBuffer();
|
|
|
|
|
},
|
|
|
|
|
getAllFromCache: function() {
|
|
|
|
|
console.log('getAllFromCache');
|
|
|
|
|
return textsecure.storage.unprocessed.getAll().then(function(items) {
|
|
|
|
|
console.log('getAllFromCache loaded', items.length, 'saved envelopes');
|
|
|
|
|
|
|
|
|
|
return Promise.all(_.map(items, function(item) {
|
|
|
|
|
var attempts = 1 + (item.attempts || 0);
|
|
|
|
|
if (attempts >= 5) {
|
|
|
|
|
console.log('getAllFromCache final attempt for envelope', item.id);
|
|
|
|
|
return textsecure.storage.unprocessed.remove(item.id);
|
|
|
|
|
} else {
|
|
|
|
|
return textsecure.storage.unprocessed.update(item.id, {attempts: attempts});
|
|
|
|
|
}
|
|
|
|
|
}.bind(this))).then(function() {
|
|
|
|
|
return items;
|
|
|
|
|
}, function(error) {
|
|
|
|
|
console.log(
|
|
|
|
|
'getAllFromCache error updating items after load:',
|
|
|
|
|
error && error.stack ? error.stack : error
|
|
|
|
|
);
|
|
|
|
|
return items;
|
|
|
|
|
});
|
|
|
|
|
}.bind(this));
|
|
|
|
|
},
|
|
|
|
|
addToCache: function(envelope, plaintext) {
|
|
|
|
|
var id = this.getEnvelopeId(envelope);
|
|
|
|
|
var data = {
|
|
|
|
|
id: id,
|
2017-08-23 20:36:49 +00:00
|
|
|
envelope: plaintext,
|
2017-07-17 22:46:00 +00:00
|
|
|
timestamp: Date.now(),
|
|
|
|
|
attempts: 1
|
|
|
|
|
};
|
|
|
|
|
return textsecure.storage.unprocessed.add(data);
|
|
|
|
|
},
|
|
|
|
|
updateCache: function(envelope, plaintext) {
|
|
|
|
|
var id = this.getEnvelopeId(envelope);
|
|
|
|
|
var data = {
|
2017-08-23 20:36:49 +00:00
|
|
|
decrypted: plaintext
|
2017-07-17 22:46:00 +00:00
|
|
|
};
|
|
|
|
|
return textsecure.storage.unprocessed.update(id, data);
|
|
|
|
|
},
|
|
|
|
|
removeFromCache: function(envelope) {
|
|
|
|
|
var id = this.getEnvelopeId(envelope);
|
|
|
|
|
return textsecure.storage.unprocessed.remove(id);
|
|
|
|
|
},
|
|
|
|
|
queueDecryptedEnvelope: function(envelope, plaintext) {
|
2017-07-19 19:05:24 +00:00
|
|
|
var id = this.getEnvelopeId(envelope);
|
|
|
|
|
console.log('queueing decrypted envelope', id);
|
|
|
|
|
|
|
|
|
|
var task = this.handleDecryptedEnvelope.bind(this, envelope, plaintext);
|
|
|
|
|
var taskWithTimeout = textsecure.createTaskWithTimeout(task, 'queueEncryptedEnvelope ' + id);
|
2017-07-25 23:23:13 +00:00
|
|
|
var promise = this.addToQueue(taskWithTimeout);
|
2017-07-19 19:05:24 +00:00
|
|
|
|
2017-07-25 23:23:13 +00:00
|
|
|
return promise.catch(function(error) {
|
2017-07-19 19:05:24 +00:00
|
|
|
console.log('queueDecryptedEnvelope error handling envelope', id, ':', error && error.stack ? error.stack : error);
|
2017-07-17 22:46:00 +00:00
|
|
|
});
|
|
|
|
|
},
|
2015-12-04 18:25:50 +00:00
|
|
|
queueEnvelope: function(envelope) {
|
2017-07-19 19:05:24 +00:00
|
|
|
var id = this.getEnvelopeId(envelope);
|
|
|
|
|
console.log('queueing envelope', id);
|
|
|
|
|
|
|
|
|
|
var task = this.handleEnvelope.bind(this, envelope);
|
|
|
|
|
var taskWithTimeout = textsecure.createTaskWithTimeout(task, 'queueEnvelope ' + id);
|
2017-07-25 23:23:13 +00:00
|
|
|
var promise = this.addToQueue(taskWithTimeout);
|
2017-07-19 19:05:24 +00:00
|
|
|
|
2017-07-25 23:23:13 +00:00
|
|
|
return promise.catch(function(error) {
|
2017-07-19 19:05:24 +00:00
|
|
|
console.log('queueEnvelope error handling envelope', id, ':', error && error.stack ? error.stack : error);
|
2017-07-17 22:46:00 +00:00
|
|
|
});
|
|
|
|
|
},
|
|
|
|
|
// Same as handleEnvelope, just without the decryption step. Necessary for handling
|
|
|
|
|
// messages which were successfully decrypted, but application logic didn't finish
|
|
|
|
|
// processing.
|
|
|
|
|
handleDecryptedEnvelope: function(envelope, plaintext) {
|
|
|
|
|
// No decryption is required for delivery receipts, so the decrypted field of
|
|
|
|
|
// the Unprocessed model will never be set
|
|
|
|
|
|
|
|
|
|
if (envelope.content) {
|
|
|
|
|
return this.innerHandleContentMessage(envelope, plaintext);
|
|
|
|
|
} else if (envelope.legacyMessage) {
|
|
|
|
|
return this.innerHandleLegacyMessage(envelope, plaintext);
|
|
|
|
|
} else {
|
|
|
|
|
this.removeFromCache(envelope);
|
|
|
|
|
throw new Error('Received message with no content and no legacyMessage');
|
|
|
|
|
}
|
2015-12-04 18:25:50 +00:00
|
|
|
},
|
2016-01-11 20:08:54 +00:00
|
|
|
handleEnvelope: function(envelope) {
|
2015-12-04 18:25:50 +00:00
|
|
|
if (envelope.type === textsecure.protobuf.Envelope.Type.RECEIPT) {
|
|
|
|
|
return this.onDeliveryReceipt(envelope);
|
2016-07-18 22:48:09 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (envelope.content) {
|
2015-12-04 18:25:50 +00:00
|
|
|
return this.handleContentMessage(envelope);
|
|
|
|
|
} else if (envelope.legacyMessage) {
|
|
|
|
|
return this.handleLegacyMessage(envelope);
|
|
|
|
|
} else {
|
2017-07-17 22:46:00 +00:00
|
|
|
this.removeFromCache(envelope);
|
2015-12-04 18:25:50 +00:00
|
|
|
throw new Error('Received message with no content and no legacyMessage');
|
|
|
|
|
}
|
|
|
|
|
},
|
2015-09-01 23:59:06 +00:00
|
|
|
getStatus: function() {
|
|
|
|
|
if (this.socket) {
|
|
|
|
|
return this.socket.readyState;
|
|
|
|
|
} else {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
onDeliveryReceipt: function (envelope) {
|
2017-07-25 01:43:35 +00:00
|
|
|
return new Promise(function(resolve, reject) {
|
2017-07-17 22:46:00 +00:00
|
|
|
var ev = new Event('receipt');
|
|
|
|
|
ev.confirm = this.removeFromCache.bind(this, envelope);
|
|
|
|
|
ev.proto = envelope;
|
2017-07-25 01:43:35 +00:00
|
|
|
this.dispatchAndWait(ev).then(resolve, reject);
|
2017-07-17 22:46:00 +00:00
|
|
|
}.bind(this));
|
2015-09-01 23:59:06 +00:00
|
|
|
},
|
2016-06-15 02:30:18 +00:00
|
|
|
unpad: function(paddedPlaintext) {
|
|
|
|
|
paddedPlaintext = new Uint8Array(paddedPlaintext);
|
|
|
|
|
var plaintext;
|
|
|
|
|
for (var i = paddedPlaintext.length - 1; i >= 0; i--) {
|
|
|
|
|
if (paddedPlaintext[i] == 0x80) {
|
|
|
|
|
plaintext = new Uint8Array(i);
|
|
|
|
|
plaintext.set(paddedPlaintext.subarray(0, i));
|
|
|
|
|
plaintext = plaintext.buffer;
|
|
|
|
|
break;
|
|
|
|
|
} else if (paddedPlaintext[i] !== 0x00) {
|
|
|
|
|
throw new Error('Invalid padding');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return plaintext;
|
|
|
|
|
},
|
2015-09-01 23:59:06 +00:00
|
|
|
decrypt: function(envelope, ciphertext) {
|
2015-09-26 00:25:25 +00:00
|
|
|
var promise;
|
2016-05-01 21:49:33 +00:00
|
|
|
var address = new libsignal.SignalProtocolAddress(envelope.source, envelope.sourceDevice);
|
2017-08-04 19:25:30 +00:00
|
|
|
|
|
|
|
|
var ourNumber = textsecure.storage.user.getNumber();
|
|
|
|
|
var number = address.toString().split('.')[0];
|
|
|
|
|
var options = {};
|
|
|
|
|
|
|
|
|
|
// No limit on message keys if we're communicating with our other devices
|
|
|
|
|
if (ourNumber === number) {
|
|
|
|
|
options.messageKeysLimit = false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var sessionCipher = new libsignal.SessionCipher(textsecure.storage.protocol, address, options);
|
2015-09-26 00:25:25 +00:00
|
|
|
switch(envelope.type) {
|
|
|
|
|
case textsecure.protobuf.Envelope.Type.CIPHERTEXT:
|
2017-07-17 22:46:00 +00:00
|
|
|
console.log('message from', this.getEnvelopeId(envelope));
|
2016-06-15 02:30:18 +00:00
|
|
|
promise = sessionCipher.decryptWhisperMessage(ciphertext).then(this.unpad);
|
2015-09-26 00:25:25 +00:00
|
|
|
break;
|
|
|
|
|
case textsecure.protobuf.Envelope.Type.PREKEY_BUNDLE:
|
2017-07-17 22:46:00 +00:00
|
|
|
console.log('prekey message from', this.getEnvelopeId(envelope));
|
2016-05-03 00:12:18 +00:00
|
|
|
promise = this.decryptPreKeyWhisperMessage(ciphertext, sessionCipher, address);
|
2015-09-26 00:25:25 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
promise = Promise.reject(new Error("Unknown message type"));
|
|
|
|
|
}
|
2017-07-17 22:46:00 +00:00
|
|
|
return promise.then(function(plaintext) {
|
|
|
|
|
return this.updateCache(envelope, plaintext).then(function() {
|
|
|
|
|
return plaintext;
|
|
|
|
|
}, function(error) {
|
|
|
|
|
console.log(
|
|
|
|
|
'decrypt failed to save decrypted message contents to cache:',
|
|
|
|
|
error && error.stack ? error.stack : error
|
|
|
|
|
);
|
|
|
|
|
return plaintext;
|
|
|
|
|
});
|
|
|
|
|
}.bind(this)).catch(function(error) {
|
2017-06-01 18:45:03 +00:00
|
|
|
if (error.message === 'Unknown identity key') {
|
|
|
|
|
// create an error that the UI will pick up and ask the
|
|
|
|
|
// user if they want to re-negotiate
|
|
|
|
|
var buffer = dcodeIO.ByteBuffer.wrap(ciphertext);
|
|
|
|
|
error = new textsecure.IncomingIdentityKeyError(
|
|
|
|
|
address.toString(),
|
|
|
|
|
buffer.toArrayBuffer(),
|
|
|
|
|
error.identityKey
|
|
|
|
|
);
|
|
|
|
|
}
|
2015-09-01 23:59:06 +00:00
|
|
|
var ev = new Event('error');
|
|
|
|
|
ev.error = error;
|
2015-06-01 21:08:21 +00:00
|
|
|
ev.proto = envelope;
|
2017-08-25 21:24:16 +00:00
|
|
|
ev.confirm = this.removeFromCache.bind(this, envelope);
|
2017-07-25 01:43:35 +00:00
|
|
|
|
|
|
|
|
var returnError = function() {
|
|
|
|
|
return Promise.reject(error);
|
|
|
|
|
};
|
2017-07-27 17:03:21 +00:00
|
|
|
return this.dispatchAndWait(ev).then(returnError, returnError);
|
2015-09-01 23:59:06 +00:00
|
|
|
}.bind(this));
|
|
|
|
|
},
|
2016-05-03 00:12:18 +00:00
|
|
|
decryptPreKeyWhisperMessage: function(ciphertext, sessionCipher, address) {
|
2016-06-15 02:30:18 +00:00
|
|
|
return sessionCipher.decryptPreKeyWhisperMessage(ciphertext).then(this.unpad).catch(function(e) {
|
2016-05-03 00:12:18 +00:00
|
|
|
if (e.message === 'Unknown identity key') {
|
|
|
|
|
// create an error that the UI will pick up and ask the
|
|
|
|
|
// user if they want to re-negotiate
|
2017-02-21 23:00:24 +00:00
|
|
|
var buffer = dcodeIO.ByteBuffer.wrap(ciphertext);
|
2016-05-03 00:12:18 +00:00
|
|
|
throw new textsecure.IncomingIdentityKeyError(
|
|
|
|
|
address.toString(),
|
2017-02-21 23:00:24 +00:00
|
|
|
buffer.toArrayBuffer(),
|
2016-05-03 00:12:18 +00:00
|
|
|
e.identityKey
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
throw e;
|
|
|
|
|
});
|
|
|
|
|
},
|
2017-07-17 22:46:00 +00:00
|
|
|
handleSentMessage: function(envelope, destination, timestamp, message, expirationStartTimestamp) {
|
2016-02-04 19:25:25 +00:00
|
|
|
var p = Promise.resolve();
|
|
|
|
|
if ((message.flags & textsecure.protobuf.DataMessage.Flags.END_SESSION) ==
|
|
|
|
|
textsecure.protobuf.DataMessage.Flags.END_SESSION ) {
|
|
|
|
|
p = this.handleEndSession(destination);
|
|
|
|
|
}
|
|
|
|
|
return p.then(function() {
|
2017-08-30 21:40:08 +00:00
|
|
|
return this.processDecrypted(envelope, message, this.number).then(function(message) {
|
2016-02-04 19:25:25 +00:00
|
|
|
var ev = new Event('sent');
|
2017-07-17 22:46:00 +00:00
|
|
|
ev.confirm = this.removeFromCache.bind(this, envelope);
|
2016-02-04 19:25:25 +00:00
|
|
|
ev.data = {
|
2016-09-20 21:36:57 +00:00
|
|
|
destination : destination,
|
|
|
|
|
timestamp : timestamp.toNumber(),
|
2017-07-17 22:46:00 +00:00
|
|
|
device : envelope.sourceDevice,
|
2016-10-03 02:32:32 +00:00
|
|
|
message : message
|
2016-02-04 19:25:25 +00:00
|
|
|
};
|
2016-10-03 02:32:32 +00:00
|
|
|
if (expirationStartTimestamp) {
|
|
|
|
|
ev.data.expirationStartTimestamp = expirationStartTimestamp.toNumber();
|
|
|
|
|
}
|
2017-07-25 01:43:35 +00:00
|
|
|
return this.dispatchAndWait(ev);
|
2016-02-04 19:25:25 +00:00
|
|
|
}.bind(this));
|
2016-02-05 19:10:46 +00:00
|
|
|
}.bind(this));
|
2015-09-01 23:59:06 +00:00
|
|
|
},
|
2016-04-02 01:12:38 +00:00
|
|
|
handleDataMessage: function(envelope, message) {
|
2017-08-07 19:40:45 +00:00
|
|
|
console.log('data message from', this.getEnvelopeId(envelope));
|
2016-02-03 19:04:39 +00:00
|
|
|
var p = Promise.resolve();
|
2015-09-01 23:59:06 +00:00
|
|
|
if ((message.flags & textsecure.protobuf.DataMessage.Flags.END_SESSION) ==
|
|
|
|
|
textsecure.protobuf.DataMessage.Flags.END_SESSION ) {
|
2016-02-03 19:04:39 +00:00
|
|
|
p = this.handleEndSession(envelope.source);
|
2015-09-01 23:59:06 +00:00
|
|
|
}
|
2016-02-03 19:04:39 +00:00
|
|
|
return p.then(function() {
|
2017-08-30 21:40:08 +00:00
|
|
|
return this.processDecrypted(envelope, message, envelope.source).then(function(message) {
|
2016-02-03 19:04:39 +00:00
|
|
|
var ev = new Event('message');
|
2017-07-17 22:46:00 +00:00
|
|
|
ev.confirm = this.removeFromCache.bind(this, envelope);
|
2016-02-03 19:04:39 +00:00
|
|
|
ev.data = {
|
2017-07-17 22:46:00 +00:00
|
|
|
source : envelope.source,
|
|
|
|
|
sourceDevice : envelope.sourceDevice,
|
|
|
|
|
timestamp : envelope.timestamp.toNumber(),
|
2017-08-12 00:06:48 +00:00
|
|
|
receivedAt : envelope.receivedAt,
|
2017-07-17 22:46:00 +00:00
|
|
|
message : message
|
2016-02-03 19:04:39 +00:00
|
|
|
};
|
2017-07-25 01:43:35 +00:00
|
|
|
return this.dispatchAndWait(ev);
|
2016-02-03 19:04:39 +00:00
|
|
|
}.bind(this));
|
2015-09-01 23:59:06 +00:00
|
|
|
}.bind(this));
|
|
|
|
|
},
|
|
|
|
|
handleLegacyMessage: function (envelope) {
|
2016-05-18 18:17:14 +00:00
|
|
|
return this.decrypt(envelope, envelope.legacyMessage).then(function(plaintext) {
|
2017-07-17 22:46:00 +00:00
|
|
|
return this.innerHandleLegacyMessage(envelope, plaintext);
|
2015-09-01 23:59:06 +00:00
|
|
|
}.bind(this));
|
|
|
|
|
},
|
2017-07-17 22:46:00 +00:00
|
|
|
innerHandleLegacyMessage: function (envelope, plaintext) {
|
|
|
|
|
var message = textsecure.protobuf.DataMessage.decode(plaintext);
|
|
|
|
|
return this.handleDataMessage(envelope, message);
|
|
|
|
|
},
|
2015-09-01 23:59:06 +00:00
|
|
|
handleContentMessage: function (envelope) {
|
2016-05-18 18:17:14 +00:00
|
|
|
return this.decrypt(envelope, envelope.content).then(function(plaintext) {
|
2017-08-04 01:12:41 +00:00
|
|
|
return this.innerHandleContentMessage(envelope, plaintext);
|
2015-09-01 23:59:06 +00:00
|
|
|
}.bind(this));
|
|
|
|
|
},
|
2017-07-17 22:46:00 +00:00
|
|
|
innerHandleContentMessage: function(envelope, plaintext) {
|
|
|
|
|
var content = textsecure.protobuf.Content.decode(plaintext);
|
|
|
|
|
if (content.syncMessage) {
|
|
|
|
|
return this.handleSyncMessage(envelope, content.syncMessage);
|
|
|
|
|
} else if (content.dataMessage) {
|
|
|
|
|
return this.handleDataMessage(envelope, content.dataMessage);
|
|
|
|
|
} else if (content.nullMessage) {
|
|
|
|
|
return this.handleNullMessage(envelope, content.nullMessage);
|
|
|
|
|
} else {
|
|
|
|
|
this.removeFromCache(envelope);
|
|
|
|
|
throw new Error('Unsupported content message');
|
|
|
|
|
}
|
|
|
|
|
},
|
2017-06-22 21:42:36 +00:00
|
|
|
handleNullMessage: function(envelope, nullMessage) {
|
2017-08-07 19:40:45 +00:00
|
|
|
console.log('null message from', this.getEnvelopeId(envelope));
|
2017-07-17 22:46:00 +00:00
|
|
|
this.removeFromCache(envelope);
|
2017-06-22 21:42:36 +00:00
|
|
|
},
|
2015-09-01 23:59:06 +00:00
|
|
|
handleSyncMessage: function(envelope, syncMessage) {
|
|
|
|
|
if (envelope.source !== this.number) {
|
|
|
|
|
throw new Error('Received sync message from another number');
|
|
|
|
|
}
|
|
|
|
|
if (envelope.sourceDevice == this.deviceId) {
|
|
|
|
|
throw new Error('Received sync message from our own device');
|
|
|
|
|
}
|
|
|
|
|
if (syncMessage.sent) {
|
|
|
|
|
var sentMessage = syncMessage.sent;
|
2016-02-20 00:28:08 +00:00
|
|
|
console.log('sent message to',
|
|
|
|
|
sentMessage.destination,
|
|
|
|
|
sentMessage.timestamp.toNumber(),
|
2017-08-04 01:15:47 +00:00
|
|
|
'from',
|
|
|
|
|
this.getEnvelopeId(envelope)
|
2016-02-20 00:28:08 +00:00
|
|
|
);
|
2015-09-01 23:59:06 +00:00
|
|
|
return this.handleSentMessage(
|
2017-07-17 22:46:00 +00:00
|
|
|
envelope,
|
2015-09-01 23:59:06 +00:00
|
|
|
sentMessage.destination,
|
|
|
|
|
sentMessage.timestamp,
|
2016-09-20 21:36:57 +00:00
|
|
|
sentMessage.message,
|
|
|
|
|
sentMessage.expirationStartTimestamp
|
2015-09-01 23:59:06 +00:00
|
|
|
);
|
|
|
|
|
} else if (syncMessage.contacts) {
|
2017-08-08 17:05:22 +00:00
|
|
|
return this.handleContacts(envelope, syncMessage.contacts);
|
2015-09-01 23:59:06 +00:00
|
|
|
} else if (syncMessage.groups) {
|
2017-08-08 17:05:22 +00:00
|
|
|
return this.handleGroups(envelope, syncMessage.groups);
|
2016-09-07 00:12:45 +00:00
|
|
|
} else if (syncMessage.blocked) {
|
2017-08-08 17:05:22 +00:00
|
|
|
return this.handleBlocked(envelope, syncMessage.blocked);
|
2015-12-16 22:15:43 +00:00
|
|
|
} else if (syncMessage.request) {
|
|
|
|
|
console.log('Got SyncMessage Request');
|
2017-08-08 17:05:22 +00:00
|
|
|
return this.removeFromCache(envelope);
|
2017-06-16 01:11:18 +00:00
|
|
|
} else if (syncMessage.read && syncMessage.read.length) {
|
2016-02-20 00:28:08 +00:00
|
|
|
console.log('read messages',
|
|
|
|
|
'from', envelope.source + '.' + envelope.sourceDevice);
|
2017-08-08 17:05:22 +00:00
|
|
|
return this.handleRead(envelope, syncMessage.read);
|
2017-06-19 16:08:16 +00:00
|
|
|
} else if (syncMessage.verified) {
|
2017-08-08 17:05:22 +00:00
|
|
|
return this.handleVerified(envelope, syncMessage.verified);
|
2015-09-01 23:59:06 +00:00
|
|
|
} else {
|
2015-12-16 22:15:43 +00:00
|
|
|
throw new Error('Got empty SyncMessage');
|
2015-09-01 23:59:06 +00:00
|
|
|
}
|
|
|
|
|
},
|
2017-09-01 14:42:41 +00:00
|
|
|
handleVerified: function(envelope, verified) {
|
2017-06-23 22:02:22 +00:00
|
|
|
var ev = new Event('verified');
|
2017-07-17 22:46:00 +00:00
|
|
|
ev.confirm = this.removeFromCache.bind(this, envelope);
|
2017-06-23 22:02:22 +00:00
|
|
|
ev.verified = {
|
|
|
|
|
state: verified.state,
|
|
|
|
|
destination: verified.destination,
|
|
|
|
|
identityKey: verified.identityKey.toArrayBuffer()
|
|
|
|
|
};
|
2017-07-25 01:43:35 +00:00
|
|
|
return this.dispatchAndWait(ev);
|
2017-06-15 22:00:04 +00:00
|
|
|
},
|
2017-07-17 22:46:00 +00:00
|
|
|
handleRead: function(envelope, read) {
|
2017-07-25 01:43:35 +00:00
|
|
|
var results = [];
|
2016-02-20 00:28:08 +00:00
|
|
|
for (var i = 0; i < read.length; ++i) {
|
|
|
|
|
var ev = new Event('read');
|
2017-07-17 22:46:00 +00:00
|
|
|
ev.confirm = this.removeFromCache.bind(this, envelope);
|
|
|
|
|
ev.timestamp = envelope.timestamp.toNumber();
|
2016-09-21 22:06:31 +00:00
|
|
|
ev.read = {
|
2017-07-24 19:27:48 +00:00
|
|
|
timestamp : read[i].timestamp.toNumber(),
|
|
|
|
|
sender : read[i].sender
|
2016-09-21 22:06:31 +00:00
|
|
|
}
|
2017-07-25 01:43:35 +00:00
|
|
|
results.push(this.dispatchAndWait(ev));
|
2016-02-20 00:28:08 +00:00
|
|
|
}
|
2017-07-25 01:43:35 +00:00
|
|
|
return Promise.all(results);
|
2016-02-20 00:28:08 +00:00
|
|
|
},
|
2017-07-17 22:46:00 +00:00
|
|
|
handleContacts: function(envelope, contacts) {
|
2015-12-16 23:24:07 +00:00
|
|
|
console.log('contact sync');
|
2015-09-01 23:59:06 +00:00
|
|
|
var attachmentPointer = contacts.blob;
|
|
|
|
|
return this.handleAttachment(attachmentPointer).then(function() {
|
2017-07-25 01:43:35 +00:00
|
|
|
var results = [];
|
2015-09-01 23:59:06 +00:00
|
|
|
var contactBuffer = new ContactBuffer(attachmentPointer.data);
|
|
|
|
|
var contactDetails = contactBuffer.next();
|
|
|
|
|
while (contactDetails !== undefined) {
|
|
|
|
|
var ev = new Event('contact');
|
2017-07-17 22:46:00 +00:00
|
|
|
ev.confirm = this.removeFromCache.bind(this, envelope);
|
2015-09-01 23:59:06 +00:00
|
|
|
ev.contactDetails = contactDetails;
|
2017-07-27 17:09:26 +00:00
|
|
|
results.push(this.dispatchAndWait(ev));
|
2017-06-23 19:24:07 +00:00
|
|
|
|
2015-09-01 23:59:06 +00:00
|
|
|
contactDetails = contactBuffer.next();
|
2015-06-01 21:08:21 +00:00
|
|
|
}
|
2017-07-17 22:46:00 +00:00
|
|
|
|
|
|
|
|
var ev = new Event('contactsync');
|
|
|
|
|
ev.confirm = this.removeFromCache.bind(this, envelope);
|
2017-07-27 17:09:26 +00:00
|
|
|
results.push(this.dispatchAndWait(ev));
|
2017-07-25 01:43:35 +00:00
|
|
|
|
|
|
|
|
return Promise.all(results);
|
2017-06-23 19:24:07 +00:00
|
|
|
}.bind(this));
|
2015-09-01 23:59:06 +00:00
|
|
|
},
|
2017-07-17 22:46:00 +00:00
|
|
|
handleGroups: function(envelope, groups) {
|
2015-12-16 23:24:07 +00:00
|
|
|
console.log('group sync');
|
2015-09-01 23:59:06 +00:00
|
|
|
var attachmentPointer = groups.blob;
|
|
|
|
|
return this.handleAttachment(attachmentPointer).then(function() {
|
|
|
|
|
var groupBuffer = new GroupBuffer(attachmentPointer.data);
|
|
|
|
|
var groupDetails = groupBuffer.next();
|
2016-01-01 03:19:28 +00:00
|
|
|
var promises = [];
|
2015-09-01 23:59:06 +00:00
|
|
|
while (groupDetails !== undefined) {
|
2016-01-01 03:19:28 +00:00
|
|
|
var promise = (function(groupDetails) {
|
2016-03-13 01:14:17 +00:00
|
|
|
groupDetails.id = groupDetails.id.toBinary();
|
2016-02-11 22:12:09 +00:00
|
|
|
if (groupDetails.active) {
|
|
|
|
|
return textsecure.storage.groups.getGroup(groupDetails.id).
|
|
|
|
|
then(function(existingGroup) {
|
|
|
|
|
if (existingGroup === undefined) {
|
|
|
|
|
return textsecure.storage.groups.createNewGroup(
|
|
|
|
|
groupDetails.members, groupDetails.id
|
|
|
|
|
);
|
|
|
|
|
} else {
|
|
|
|
|
return textsecure.storage.groups.updateNumbers(
|
|
|
|
|
groupDetails.id, groupDetails.members
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}).then(function() { return groupDetails });
|
|
|
|
|
} else {
|
|
|
|
|
return Promise.resolve(groupDetails);
|
|
|
|
|
}
|
|
|
|
|
})(groupDetails).then(function(groupDetails) {
|
|
|
|
|
var ev = new Event('group');
|
2017-07-17 22:46:00 +00:00
|
|
|
ev.confirm = this.removeFromCache.bind(this, envelope);
|
2016-02-11 22:12:09 +00:00
|
|
|
ev.groupDetails = groupDetails;
|
2017-07-25 01:43:35 +00:00
|
|
|
return this.dispatchAndWait(ev);
|
2017-07-17 22:46:00 +00:00
|
|
|
}.bind(this)).catch(function(e) {
|
2016-02-11 22:12:09 +00:00
|
|
|
console.log('error processing group', e);
|
|
|
|
|
});
|
2015-09-01 23:59:06 +00:00
|
|
|
groupDetails = groupBuffer.next();
|
2016-01-01 03:19:28 +00:00
|
|
|
promises.push(promise);
|
2015-06-01 21:08:21 +00:00
|
|
|
}
|
2017-07-17 22:46:00 +00:00
|
|
|
|
2016-01-01 03:19:28 +00:00
|
|
|
Promise.all(promises).then(function() {
|
2017-07-17 22:46:00 +00:00
|
|
|
var ev = new Event('groupsync');
|
|
|
|
|
ev.confirm = this.removeFromCache.bind(this, envelope);
|
2017-07-25 01:43:35 +00:00
|
|
|
return this.dispatchAndWait(ev);
|
2017-07-17 22:46:00 +00:00
|
|
|
}.bind(this));
|
|
|
|
|
}.bind(this));
|
2015-09-01 23:59:06 +00:00
|
|
|
},
|
2017-08-30 18:55:17 +00:00
|
|
|
handleBlocked: function(envelope, blocked) {
|
2016-09-07 00:12:45 +00:00
|
|
|
textsecure.storage.put('blocked', blocked.numbers);
|
|
|
|
|
},
|
|
|
|
|
isBlocked: function(number) {
|
|
|
|
|
return textsecure.storage.get('blocked', []).indexOf(number) >= 0;
|
|
|
|
|
},
|
2015-09-01 23:59:06 +00:00
|
|
|
handleAttachment: function(attachment) {
|
2017-04-18 18:12:39 +00:00
|
|
|
attachment.id = attachment.id.toString();
|
|
|
|
|
attachment.key = attachment.key.toArrayBuffer();
|
|
|
|
|
if (attachment.digest) {
|
|
|
|
|
attachment.digest = attachment.digest.toArrayBuffer();
|
|
|
|
|
}
|
2015-09-01 23:59:06 +00:00
|
|
|
function decryptAttachment(encrypted) {
|
|
|
|
|
return textsecure.crypto.decryptAttachment(
|
|
|
|
|
encrypted,
|
2017-04-18 18:12:39 +00:00
|
|
|
attachment.key,
|
|
|
|
|
attachment.digest
|
2015-09-01 23:59:06 +00:00
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function updateAttachment(data) {
|
|
|
|
|
attachment.data = data;
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-25 01:43:35 +00:00
|
|
|
return this.server.getAttachment(attachment.id)
|
|
|
|
|
.then(decryptAttachment)
|
|
|
|
|
.then(updateAttachment);
|
2015-09-01 23:59:06 +00:00
|
|
|
},
|
2017-08-12 00:16:22 +00:00
|
|
|
validateRetryContentMessage: function(content) {
|
|
|
|
|
// Today this is only called for incoming identity key errors. So it can't be a sync message.
|
|
|
|
|
if (content.syncMessage) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// We want at least one field set, but not more than one
|
|
|
|
|
var count = 0;
|
|
|
|
|
count += content.dataMessage ? 1 : 0;
|
|
|
|
|
count += content.callMessage ? 1 : 0;
|
|
|
|
|
count += content.nullMessage ? 1 : 0;
|
|
|
|
|
if (count !== 1) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// It's most likely that dataMessage will be populated, so we look at it in detail
|
|
|
|
|
var data = content.dataMessage;
|
|
|
|
|
if (data && !data.attachments.length && !data.body && !data.expireTimer && !data.flags && !data.group) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
},
|
|
|
|
|
tryMessageAgain: function(from, ciphertext, message) {
|
2016-05-03 00:12:18 +00:00
|
|
|
var address = libsignal.SignalProtocolAddress.fromString(from);
|
2017-08-12 00:16:22 +00:00
|
|
|
var sentAt = message.sent_at || Date.now();
|
2017-08-12 00:06:48 +00:00
|
|
|
var receivedAt = message.received_at || Date.now();
|
2017-08-04 19:25:30 +00:00
|
|
|
|
|
|
|
|
var ourNumber = textsecure.storage.user.getNumber();
|
2017-08-12 00:16:22 +00:00
|
|
|
var number = address.getName();
|
|
|
|
|
var device = address.getDeviceId();
|
2017-08-04 19:25:30 +00:00
|
|
|
var options = {};
|
|
|
|
|
|
|
|
|
|
// No limit on message keys if we're communicating with our other devices
|
|
|
|
|
if (ourNumber === number) {
|
|
|
|
|
options.messageKeysLimit = false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var sessionCipher = new libsignal.SessionCipher(textsecure.storage.protocol, address, options);
|
2016-05-03 00:12:18 +00:00
|
|
|
console.log('retrying prekey whisper message');
|
2016-05-18 18:17:14 +00:00
|
|
|
return this.decryptPreKeyWhisperMessage(ciphertext, sessionCipher, address).then(function(plaintext) {
|
2017-08-12 00:16:22 +00:00
|
|
|
var envelope = {
|
|
|
|
|
source: number,
|
|
|
|
|
sourceDevice: device,
|
2017-08-12 00:06:48 +00:00
|
|
|
receivedAt: receivedAt,
|
2017-08-12 00:16:22 +00:00
|
|
|
timestamp: {
|
|
|
|
|
toNumber: function() {
|
|
|
|
|
return sentAt;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
// Before June, all incoming messages were still DataMessage:
|
|
|
|
|
// - iOS: Michael Kirk says that they were sending Legacy messages until June
|
|
|
|
|
// - Desktop: https://github.com/WhisperSystems/Signal-Desktop/commit/e8548879db405d9bcd78b82a456ad8d655592c0f
|
|
|
|
|
// - Android: https://github.com/WhisperSystems/libsignal-service-java/commit/61a75d023fba950ff9b4c75a249d1a3408e12958
|
|
|
|
|
//
|
|
|
|
|
// var d = new Date('2017-06-01T07:00:00.000Z');
|
|
|
|
|
// d.getTime();
|
|
|
|
|
var startOfJune = 1496300400000;
|
|
|
|
|
if (sentAt < startOfJune) {
|
|
|
|
|
return this.innerHandleLegacyMessage(envelope, plaintext);
|
2016-02-02 21:24:29 +00:00
|
|
|
}
|
2015-09-26 00:25:25 +00:00
|
|
|
|
2017-08-12 00:16:22 +00:00
|
|
|
// This is ugly. But we don't know what kind of proto we need to decode...
|
|
|
|
|
try {
|
|
|
|
|
// Simply decoding as a Content message may throw
|
|
|
|
|
var content = textsecure.protobuf.Content.decode(plaintext);
|
|
|
|
|
|
|
|
|
|
// But it might also result in an invalid object, so we try to detect that
|
|
|
|
|
if (this.validateRetryContentMessage(content)) {
|
|
|
|
|
return this.innerHandleContentMessage(envelope, plaintext);
|
|
|
|
|
}
|
|
|
|
|
} catch(e) {
|
|
|
|
|
return this.innerHandleLegacyMessage(envelope, plaintext);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return this.innerHandleLegacyMessage(envelope, plaintext);
|
2015-09-26 00:25:25 +00:00
|
|
|
}.bind(this));
|
|
|
|
|
},
|
2016-02-03 19:04:39 +00:00
|
|
|
handleEndSession: function(number) {
|
|
|
|
|
console.log('got end session');
|
2016-05-01 22:47:07 +00:00
|
|
|
return textsecure.storage.protocol.getDeviceIds(number).then(function(deviceIds) {
|
|
|
|
|
return Promise.all(deviceIds.map(function(deviceId) {
|
|
|
|
|
var address = new libsignal.SignalProtocolAddress(number, deviceId);
|
2016-05-01 22:02:55 +00:00
|
|
|
var sessionCipher = new libsignal.SessionCipher(textsecure.storage.protocol, address);
|
|
|
|
|
|
|
|
|
|
console.log('closing session for', address.toString());
|
|
|
|
|
return sessionCipher.closeOpenSessionForDevice();
|
2016-02-03 19:04:39 +00:00
|
|
|
}));
|
|
|
|
|
});
|
|
|
|
|
},
|
2017-08-30 21:40:08 +00:00
|
|
|
processDecrypted: function(envelope, decrypted, source) {
|
2015-09-01 23:59:06 +00:00
|
|
|
// Now that its decrypted, validate the message and clean it up for consumer processing
|
|
|
|
|
// Note that messages may (generally) only perform one action and we ignore remaining fields
|
|
|
|
|
// after the first action.
|
|
|
|
|
|
2016-09-27 06:44:46 +00:00
|
|
|
if (decrypted.flags == null) {
|
2015-09-01 23:59:06 +00:00
|
|
|
decrypted.flags = 0;
|
2016-09-27 06:44:46 +00:00
|
|
|
}
|
|
|
|
|
if (decrypted.expireTimer == null) {
|
|
|
|
|
decrypted.expireTimer = 0;
|
|
|
|
|
}
|
2015-09-01 23:59:06 +00:00
|
|
|
|
2016-10-04 08:42:50 +00:00
|
|
|
if (decrypted.flags & textsecure.protobuf.DataMessage.Flags.END_SESSION) {
|
2015-09-01 23:59:06 +00:00
|
|
|
decrypted.body = null;
|
|
|
|
|
decrypted.attachments = [];
|
|
|
|
|
decrypted.group = null;
|
|
|
|
|
return Promise.resolve(decrypted);
|
2016-10-04 08:42:50 +00:00
|
|
|
} else if (decrypted.flags & textsecure.protobuf.DataMessage.Flags.EXPIRATION_TIMER_UPDATE ) {
|
|
|
|
|
decrypted.body = null;
|
|
|
|
|
decrypted.attachments = [];
|
2017-09-11 16:50:35 +00:00
|
|
|
} else if (decrypted.flags & textsecure.protobuf.DataMessage.Flags.PROFILE_KEY_UPDATE) {
|
|
|
|
|
decrypted.body = null;
|
|
|
|
|
decrypted.attachments = [];
|
2016-10-04 08:42:50 +00:00
|
|
|
} else if (decrypted.flags != 0) {
|
2015-09-01 23:59:06 +00:00
|
|
|
throw new Error("Unknown flags in message");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var promises = [];
|
|
|
|
|
|
|
|
|
|
if (decrypted.group !== null) {
|
2016-03-13 01:14:17 +00:00
|
|
|
decrypted.group.id = decrypted.group.id.toBinary();
|
2015-09-01 23:59:06 +00:00
|
|
|
|
|
|
|
|
if (decrypted.group.type == textsecure.protobuf.GroupContext.Type.UPDATE) {
|
|
|
|
|
if (decrypted.group.avatar !== null) {
|
|
|
|
|
promises.push(this.handleAttachment(decrypted.group.avatar));
|
2015-06-01 21:08:21 +00:00
|
|
|
}
|
2015-09-01 23:59:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
promises.push(textsecure.storage.groups.getNumbers(decrypted.group.id).then(function(existingGroup) {
|
|
|
|
|
if (existingGroup === undefined) {
|
|
|
|
|
if (decrypted.group.type != textsecure.protobuf.GroupContext.Type.UPDATE) {
|
2015-11-07 03:02:57 +00:00
|
|
|
decrypted.group.members = [source];
|
2015-10-02 19:53:45 +00:00
|
|
|
console.log("Got message for unknown group");
|
2015-09-01 23:59:06 +00:00
|
|
|
}
|
|
|
|
|
return textsecure.storage.groups.createNewGroup(decrypted.group.members, decrypted.group.id);
|
|
|
|
|
} else {
|
|
|
|
|
var fromIndex = existingGroup.indexOf(source);
|
|
|
|
|
|
|
|
|
|
if (fromIndex < 0) {
|
|
|
|
|
//TODO: This could be indication of a race...
|
2015-10-02 17:43:34 +00:00
|
|
|
console.log("Sender was not a member of the group they were sending from");
|
2015-09-01 23:59:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
switch(decrypted.group.type) {
|
|
|
|
|
case textsecure.protobuf.GroupContext.Type.UPDATE:
|
2017-02-09 00:52:37 +00:00
|
|
|
decrypted.body = null;
|
|
|
|
|
decrypted.attachments = [];
|
2015-09-01 23:59:06 +00:00
|
|
|
return textsecure.storage.groups.updateNumbers(
|
|
|
|
|
decrypted.group.id, decrypted.group.members
|
2017-02-09 00:52:37 +00:00
|
|
|
);
|
2015-09-01 19:13:38 +00:00
|
|
|
|
2015-09-01 23:59:06 +00:00
|
|
|
break;
|
|
|
|
|
case textsecure.protobuf.GroupContext.Type.QUIT:
|
|
|
|
|
decrypted.body = null;
|
|
|
|
|
decrypted.attachments = [];
|
2015-12-04 02:48:04 +00:00
|
|
|
if (source === this.number) {
|
|
|
|
|
return textsecure.storage.groups.deleteGroup(decrypted.group.id);
|
|
|
|
|
} else {
|
|
|
|
|
return textsecure.storage.groups.removeNumber(decrypted.group.id, source);
|
|
|
|
|
}
|
2015-09-01 23:59:06 +00:00
|
|
|
case textsecure.protobuf.GroupContext.Type.DELIVER:
|
|
|
|
|
decrypted.group.name = null;
|
|
|
|
|
decrypted.group.members = [];
|
|
|
|
|
decrypted.group.avatar = null;
|
|
|
|
|
|
|
|
|
|
break;
|
|
|
|
|
default:
|
2017-08-30 21:40:08 +00:00
|
|
|
this.removeFromCache(envelope);
|
2015-09-01 23:59:06 +00:00
|
|
|
throw new Error("Unknown group message type");
|
2015-09-01 19:13:38 +00:00
|
|
|
}
|
|
|
|
|
}
|
2015-12-04 02:48:04 +00:00
|
|
|
}.bind(this)));
|
2015-09-01 23:59:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for (var i in decrypted.attachments) {
|
|
|
|
|
promises.push(this.handleAttachment(decrypted.attachments[i]));
|
|
|
|
|
}
|
|
|
|
|
return Promise.all(promises).then(function() {
|
|
|
|
|
return decrypted;
|
|
|
|
|
});
|
|
|
|
|
}
|
2016-01-14 22:07:00 +00:00
|
|
|
});
|
2015-04-29 18:56:40 +00:00
|
|
|
|
2015-09-01 23:59:06 +00:00
|
|
|
window.textsecure = window.textsecure || {};
|
2015-09-01 19:13:38 +00:00
|
|
|
|
Certificate pinning via node XMLHttpRequest implementation (#1394)
* Add certificate pinning on https service requests
Make https requests to the server using node apis instead of browser apis, so we
can specify our own CA list, which contains only our own CA.
This protects us from MITM by a rogue CA.
As a bonus, this let's us drop the use of non-standard ports and just use good
ol' default 443 all the time, at least for http requests.
// FREEBIE
* Make certificateAuthorities an option on requests
Modify node-based xhr implementation based on driverdan/node-XMLHttpRequest,
adding support for setting certificate authorities on each request.
This allows us to pin our master CA for requests to the server and cdn but not
to the s3 attachment server, for instance. Also fix an exception when sending
binary data in a request: it is submitted as an array buffer, and must be
converted to a node Buffer since we are now using a node based request api.
// FREEBIE
* Import node-based xhr implementation
Add a copy of https://github.com/driverdan/node-XMLHttpRequest@86ff70e, and
expose it to the renderer in the preload script.
In later commits this module will be extended to support custom certificate
authorities.
// FREEBIE
* Support "arraybuffer" responseType on requests
When fetching attachments, we want the result as binary data rather than a utf8
string. This lets our node-based XMLHttpRequest honor the responseType property
if it is set on the xhr.
Note that naively using the raw `.buffer` from a node Buffer won't work, since
it is a reuseable backing buffer that is often much larger than the actual
content defined by the Buffer's offset and length.
Instead, we'll prepare a return buffer based on the response's content length
header, and incrementally write chunks of data into it as they arrive.
// FREEBIE
* Switch to self-signed server endpoint
* Log more error info on failed requests
With the node-based xhr, relevant error info are stored in statusText and
responseText when a request fails.
// FREEBIE
* Add node-based websocket w/ support for custom CA
// FREEBIE
* Support handling array buffers instead of blobs
Our node-based websocket calls onmessage with an arraybuffer instead of a blob.
For robustness (on the off chance we switch or update the socket implementation
agian) I've kept the machinery for converting blobs to array buffers.
// FREEBIE
* Destroy all wacky server ports
// FREEBIE
2017-09-01 15:58:58 +00:00
|
|
|
textsecure.MessageReceiver = function(url, username, password, signalingKey) {
|
|
|
|
|
var messageReceiver = new MessageReceiver(url, username, password, signalingKey);
|
2015-09-01 23:59:06 +00:00
|
|
|
this.addEventListener = messageReceiver.addEventListener.bind(messageReceiver);
|
|
|
|
|
this.removeEventListener = messageReceiver.removeEventListener.bind(messageReceiver);
|
|
|
|
|
this.getStatus = messageReceiver.getStatus.bind(messageReceiver);
|
|
|
|
|
this.close = messageReceiver.close.bind(messageReceiver);
|
|
|
|
|
messageReceiver.connect();
|
2015-09-26 00:25:25 +00:00
|
|
|
|
|
|
|
|
textsecure.replay.registerFunction(messageReceiver.tryMessageAgain.bind(messageReceiver), textsecure.replay.Type.INIT_SESSION);
|
2015-09-01 23:59:06 +00:00
|
|
|
};
|
2015-04-29 18:56:40 +00:00
|
|
|
|
2015-09-01 23:59:06 +00:00
|
|
|
textsecure.MessageReceiver.prototype = {
|
|
|
|
|
constructor: textsecure.MessageReceiver
|
|
|
|
|
};
|
2015-06-01 21:08:21 +00:00
|
|
|
|
