* protocol: refactor types and encoding
* clean
* smp server: batch commands (#1560)
* smp server: batch commands verification into one DB transaction
* ghc 8.10.7
* flatten transmission tuples
* diff
* only use batch logic if there is more than one transmission
* func
* reset NTF service when adding notifier
* version
* Revert "smp server: use separate database pool for reading queues and creating service records (#1561)"
This reverts commit 3df2425162.
* version
* Revert "version"
This reverts commit d80a6b74c5.
* rfc: client certificates for high volume clients (opertors' chat relays, notification servers, service bots)
* client certificates types (WIP)
* parameterize Transport
* protocol/schema/api changes
* agent API
* rename command
* agent subscriptions return local ClientServiceId to chat
* verify transmissions
* fix receiving client certificates, refactor
* ntf server: remove shared queue for all notification subscriptions (#1543)
* ntf server: remove shared queue for all notification subscriptions
* wait for subscriber with timeout
* safer
* refactor
* log
* remove unused
* WIP service subscriptions and associations, refactor
* process service subscriptions
* rename
* simplify switching subscriptions
* SMP service handshake with additional server handshake response
* notification delivery and STM persistence for services
* smp server: database storage, store log, fix encoding for STORE error, replace String with Text in locks and error
* stats
* more stats
* rename SMP commands
* service subscriptions in ntf server agent (tests fail)
* fix
* refactor
* exports
* subscribe ntf server as service for associated queues
* test ntf service connection, fix SOKS response, fix service associations not removed in STM storage
* INI option to support services
* ntf server: downgrade subscriptions when service is no longer supported, track counts of subscribed queues
* smp protocol: include service certificate fingerprint in the string signed over with entity key (TODO two tests fail)
* fix test
* ntf server prometheus stats, use Int64 in SOKS/ENDS responses (to avoid conversions), additional error status for ntf subscription
* update RFC
* refactor useServiceAuth to avoid ad hoc decisions about which commands use service signatures, and to prohibit service signatures on other commands
* remove duplicate service signature syntax check from checkCredentials, it is checked in verifyTransmission
* service errors, todos
* fix checkCredentials in ntf server, service errors
* refactor service auth
* refactor
* service agent: store returned queue count instead of expected
* refactor serverThread
* refactor serviceSig
* rename
* refactor, rename, test repeat NSUB service association
* respond with error to SUBS
* smp server: export/import service records between database and store log
* comment
* comments
* ghc 8.10.7
* parameterize transport by peer type (client/server)
* LogDebug level when test is retried
* support "flipped" HTTP2, fix test retry to avoid retrying pending tests
* move sync to the end of the tests
* ntf server: allow retries when creating subscriptions, prohibit subscriptions with the same queue but another notifier key or token
* sync files in the test
* refactor
* smp protocol: short links types and other changes from RFC
* add fields for queue link ID and data
* create queue and ntf credentials with NEW command
* all tests
* simplfiy types, update rfc
* update rfc
* include SenderId in NEW request in case queue data is sent
* store queue data and generate link ID if needed
* update rfc
* agent API and types
* SMP commands and persistence for short links
* SMP client functions for short links
* agent client functions for short links
* create rcv queue with short link (TODO secret_box)
* encryption and encoding for link data, postgres client migration
* test creating short link
* get link and data, tests
* comments
* type signature
* ntf: get messages for multiple last notifications (#1352)
* ntf: separate get ntf conns api (#1379)
* ntf: separate get ntf conns api
* nonempty
* update
* update
* remove single get api
* fix test
* refactor
* refactor
* ntf: batch get connections (#1387)
* ntf: batch get apis
* works
* fix
* fix
---------
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
* put DRG state to IORef, split STM transaction of sending notification (#1288)
* put DRG state to IORef, split STM transaction of sending notification
* remove comment
* remove comment
* add comment
* revert version
* newtype for server entity IDs, fix TRcvQueues
* Revert "put DRG state to IORef, split STM transaction of sending notification (#1288)"
This reverts commit 517933d189.
* logServer
* parameterize transport handle with transport peer to include server certificate
* include server certificate into THandle
* load server chain and sign key
* fix key type
* fix for 8.10
---------
Co-authored-by: Alexander Bondarenko <486682+dpwiz@users.noreply.github.com>
Co-authored-by: IC Rainbow <aenor.realm@gmail.com>
* smp: command authorization
* fix encoding, most tests
* remove old tests
* authorize via crypto_box
* extract authenticator to Crypto module
* make TransmissionAuth Maybe
* rfc
* support authenticators in NTF protocol, test matrix (no backwards compatibility yet from new clients to old servers)
* fix/add tests, add version config to "small" agent
* separate client and server versions for SMP protocol
* test batching SMP v7
* do not send session ID in each transmission
* refactor auth verification in the server, split tests
* server "warm up" fixes timing test
* uncomment SUB timing test
* comments, disable two timing tests
* rename version
* increase auth timing test failure threshold
* use different algorithms to authorize snd/rcv commands, use random correlation ID
* transport: fetch and store server certificate (#985)
* THandleParams (WIP, does not compile)
* transport: fetch and store server certificate
* smp: add getOnlinePubKey example to smpClientHandshake
* add server certs and sign authPub
* cleanup
* update
* style
* load server certs from test fixtures
* sign ntf authPubKey
* fix onServerCertificate
* increase delay before sending messages
* require certificate with key in SMP server handshake
---------
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
* remove dhSecret from THandle
* remove v8, merge all changes to one version
* parameterize THandle
* rfc: transmission ecnryption
* Revert "parameterize THandle"
This reverts commit 75adfc94fb.
* use batch syntax for ntf server commands
* separate encodeTransmission when there is no key
* typo
Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com>
* rename
* diff
---------
Co-authored-by: Alexander Bondarenko <486682+dpwiz@users.noreply.github.com>
Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com>
* ci: disable 2 tests on linux only, switch to ubuntu 20 and 22
* fix platform name
* keep ubuntu 22 binaries
* Revert "keep ubuntu 22 binaries"
This reverts commit a1bbb12870.
* skip 1 more test
* skip 1 more test
* log os
* log os
* unconditionally skip test
* skip 1 more test in CI
* fix tests
* batch server commands in one transport block
* subscribe to multiple queues using batched commands
* agent method to subscribe to multiple queues using batched commands
* refactor
* test for batched subscriptions
* delete part of connections in batched test
* add resubscribeConnections
* remove comment
* update SMP protocol doc
* SMP v3: encrypt message timestamp and flags together with the body between server and recipient
* v3 tests
* update protocol doc
* add test for max size message
* delay in notifications test
* simplify v3
* encrypt server message to the recipient when sent
* refactor
* exit on error restoring the messages
* refactor, increase test timeout
* style
* add prints to the test
* remove error from unsafeMaxLenBS
* update protocol
* lint, improve test, change func param
* ntf: use separate key to encrypt NMsgMeta
* key negotiation
* save key on server, use for encryption
* refactor?
* store error
* NtfQueueCreds
* server - NtfCreds
* comment, rename
* fix type
* ClientNtfCreds
* encoding
* test notification token with agent and notifications server
* notification server test with APNS mock
* set environment variables in the test
* use base64url encoding in encrypted notification data
* APN push client (WIP)
* APNS push client works
* TODO comments
* comment
* send notification and process the response
* config
* e2e encryption for notification parameter
* read apns key filename and ID from env
* connect APNS client to server, fix notification JSON encoding to use dash case
* do not connect to APNS on start to pass CI tests
* fix CI test
* remove redundant import
* agent schema/methods/types/store methods for notifications tokens
* register notification token on the server
* agent commands for notification tokens
* refactor initial servers from AgentConfig
* agent store functions for notification tokens
* server STM store methods for tokens
* fix protocol client for ntfs (use generic handshake), minimal server and agent tests
* server command to verify ntf token
