* smp: command authorization
* fix encoding, most tests
* remove old tests
* authorize via crypto_box
* extract authenticator to Crypto module
* make TransmissionAuth Maybe
* rfc
* support authenticators in NTF protocol, test matrix (no backwards compatibility yet from new clients to old servers)
* fix/add tests, add version config to "small" agent
* separate client and server versions for SMP protocol
* test batching SMP v7
* do not send session ID in each transmission
* refactor auth verification in the server, split tests
* server "warm up" fixes timing test
* uncomment SUB timing test
* comments, disable two timing tests
* rename version
* increase auth timing test failure threshold
* use different algorithms to authorize snd/rcv commands, use random correlation ID
* transport: fetch and store server certificate (#985)
* THandleParams (WIP, does not compile)
* transport: fetch and store server certificate
* smp: add getOnlinePubKey example to smpClientHandshake
* add server certs and sign authPub
* cleanup
* update
* style
* load server certs from test fixtures
* sign ntf authPubKey
* fix onServerCertificate
* increase delay before sending messages
* require certificate with key in SMP server handshake
---------
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
* remove dhSecret from THandle
* remove v8, merge all changes to one version
* parameterize THandle
* rfc: transmission ecnryption
* Revert "parameterize THandle"
This reverts commit 75adfc94fb.
* use batch syntax for ntf server commands
* separate encodeTransmission when there is no key
* typo
Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com>
* rename
* diff
---------
Co-authored-by: Alexander Bondarenko <486682+dpwiz@users.noreply.github.com>
Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com>
* xftp: add URI encoding for FileDescription
* tweak URI
* allow smaller blocks
* draft xftpReceiveFileFollow' and xftpSendFilePublic'
* add sending with redirect
* allow 64k chunks
* add migrations with redirect fields
* add test case
* fix deadlock
* revert CLI code
* WIP: working send/receive via URI
* fix field ambiguity
* cleanup
* update agent db schema
* update minimal chunk size
* add rfc
* apply suggestions from code review
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
* add createRcvFileRedirect
* extract Simplex.Messaging.ServiceScheme and reuse for files
* update db schema
* check size/digest on receive complete
* cleanup
* use SIZE/DIGEST errors for redirects too
* split digest/size errors from redirect checks
* fix redirect error encoding
* rename RedirectMeta to RedirectFileInfo
* use query encoding for file URI
* group maybe fields under RcvFileRedirect
* add extras field
* update rfc
* add extras encoding and no-redirect tests
* fix toStrict for old ghc
* extra client data in file descr URI
* remove decoded yaml file
---------
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
* xftp: test file reception - shouldn't get stuck if file is deleted on server
* comment
* expiration test
* approach
* wip
* sort by retries in other works, revert some diff
* revert diff
* modify tests
* refactor
* refactor
* remove prints
* apply to other workers
* remove import
* comment
* refactor
* revert queue size
* fix test
* rename
* comment, correct number of retries
---------
Co-authored-by: Evgeny Poberezkin <2769109+epoberezkin@users.noreply.github.com>
* agent: mark work items failed (WIP)
* add tests, created_at
* getWorkItem for snd and rcv files
* fix
* tests
* fix
* tests
* test
* tests
* rename
* fix,refactor
* add indexes
* update schema
* do not try to get more work when resuming an existing worker
---------
Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com>
* agent: notify about polled message processing (for iOS notifications)
* optionally keep key and support re-opening database
* exports
* test that cannot reopen when created with keepKey: false
* set max number of messages to receive for a notification to 3
* rfc: queue rotation
* update rfc
* messages for queue rotation
* allow multiple subscribed queues per connection in Agent/Client.hs
* refactor
* fix module name
* allow multiple queues in duplex connection type
* update commands
* add indices
* addConnectionRcvQueue
* switch connection to another queue (WIP)
* update schema/protocol
* switching queue works, but sending messages after the switch fails
* messages are delivered after rotation
* use connection-scoped queue ID
* rename queue records fields
* refactor using SMPQueue class/instances
* simplify queries
* QKEY: check queue is not secured, refactor
* update rfc
* mark queue as primary in QUSE
* queue rotation errors
* fix async ack
* fix async ACK to send OK
* correction
Co-authored-by: JRoberts <8711996+jr-simplex@users.noreply.github.com>
* use SWCH command
* rename
* take into account only active queue subscription when determining connection result if at least one queue is active
* remove comment
* only enable notifications for connections with enableNtfs = True
* async test (WIP)
* async queue rotation test
* simplify combining results
* test with 2 servers
* fix unused subscribeConnection
* switch to cabal build
* increase build timeout
* increase delay in async test
* skip queue rotation tests
* build matrix
* step name
* use ubuntu-18.04 in build matrix
* enable rotation tests
Co-authored-by: JRoberts <8711996+jr-simplex@users.noreply.github.com>
* use SQLCipher
* pass database key via options, use local direct-sqlcipher and sqlcipher-simple
* update stack.yaml
* use dependencies in git
* update sqlcipher dependencies
* store SMP client version per queue
* use versioned format for queue addresses (not compatible with v1)
* multiple server hosts in queue URI/data, versioned encoding (cross-version tests fail)
* choose server host based on socksProxy setting
* test works
* multiple server addresses mostly work
* add onion hosts for provided servers
* update SMP hosts
* ntf: use separate key to encrypt NMsgMeta
* key negotiation
* save key on server, use for encryption
* refactor?
* store error
* NtfQueueCreds
* server - NtfCreds
* comment, rename
* fix type
* ClientNtfCreds
* encoding
* support stopping and resuming agent (#385)
* export agentDbPath
* support fully closing and resuming agent
* whitespace
* clean up
* support message flags visible to SMP server to control notifications (and for any future extensions)
* simplify message flags encoding
* GET command
* make sending confirmation asynchronous
* confirm first queue synchronously (on JOIN, and delete connection on failure), second queue asynchronously (from REPLY msg)
* test to retry JOIN when the first attempt fails
* process confirmation delivery errors
* separate skipped messages from ratchet
* return diff for skipped messages instead of the whole state (tests fail)
* fix ratchet tests
* JSON encoding/decoding for ratchet state
* schema for ratchets
* split MonadUnliftIO instance for ExceptT to a separate file
* update StrEncoding instance for Str
* ratchet store methods
* updateRatchet store method
* move E2E ratchet params to Ratchet module
* x3dh key agreement for double ratchet
* test/fix x3dh, use x3dh for ratchets initialization
* store/get x3dh keys, save ratchet of fixed X448 type
* double-ratchet encryption integration (tests fail)
* fix double ratchet
* fix padding and message length
* remove unused code for "activations"
* remove comment
* add version checks for forward/backward compatibility
* split loading ratchet and skipped message keys
* remove unused encoding instances for Algorithm types
* update ratchet initialization params
* types and encodings for double ratchet integration
* upgrade stack resolver
* type classes for version agreement, encode/decode connection request links and E2E params with versioning
* encode/decode client parameters (version and DH key) in SMP queue URI using query string parameters
* restore support of the current SMP queue URI format
* update AMessage to only send queues in REPLY message (not the full connection request)
* new agent message evnvelopes (tests fail)
* new message envelopes - tests pass
* store fully encrypted messages before sending
* unify message delivery via DB queue (excluding confirmation and invitation)
* remove activateSecuredQueue
* linter hints
* remove comment
* export order
* save rachet-encrypted message, not per-queue encrypted
* delete message after it is accepted by the server, reduce message delivery interval for the tests
Co-authored-by: Efim Poberezkin <8711996+efim-poberezkin@users.noreply.github.com>
