* agent: do not mark subscriptions on expired sessions as active, do mark delayed subscriptions as active on the same session, SUBOK response in the next SMP protocol version
* client: prevent sub actions from zombie sessions (#1122)
* client: prevent sub actions from zombie sessions
* error handling
* add AERR to pass background errors to client
* switch to activeClientSession
* put closeClient under activeClientSession
* rename
* remove AERR, do not skip processing
* move check and state update to one transaction
* catch extra UPs
* fix
* check queue is still pending before making it active
---------
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
* do not forward agent error
* revert not expiring sending subs
* fixes
* track subscription responses better
* add pending connection
* Revert "revert not expiring sending subs"
This reverts commit 4310a69391.
* do not expire sending commands
* rename
* fix race
* function
---------
Co-authored-by: Alexander Bondarenko <486682+dpwiz@users.noreply.github.com>
* parameterize transport handle with transport peer to include server certificate
* include server certificate into THandle
* load server chain and sign key
* fix key type
* fix for 8.10
---------
Co-authored-by: Alexander Bondarenko <486682+dpwiz@users.noreply.github.com>
Co-authored-by: IC Rainbow <aenor.realm@gmail.com>
* smp: command authorization
* fix encoding, most tests
* remove old tests
* authorize via crypto_box
* extract authenticator to Crypto module
* make TransmissionAuth Maybe
* rfc
* support authenticators in NTF protocol, test matrix (no backwards compatibility yet from new clients to old servers)
* fix/add tests, add version config to "small" agent
* separate client and server versions for SMP protocol
* test batching SMP v7
* do not send session ID in each transmission
* refactor auth verification in the server, split tests
* server "warm up" fixes timing test
* uncomment SUB timing test
* comments, disable two timing tests
* rename version
* increase auth timing test failure threshold
* use different algorithms to authorize snd/rcv commands, use random correlation ID
* transport: fetch and store server certificate (#985)
* THandleParams (WIP, does not compile)
* transport: fetch and store server certificate
* smp: add getOnlinePubKey example to smpClientHandshake
* add server certs and sign authPub
* cleanup
* update
* style
* load server certs from test fixtures
* sign ntf authPubKey
* fix onServerCertificate
* increase delay before sending messages
* require certificate with key in SMP server handshake
---------
Co-authored-by: Evgeny Poberezkin <evgeny@poberezkin.com>
* remove dhSecret from THandle
* remove v8, merge all changes to one version
* parameterize THandle
* rfc: transmission ecnryption
* Revert "parameterize THandle"
This reverts commit 75adfc94fb.
* use batch syntax for ntf server commands
* separate encodeTransmission when there is no key
* typo
Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com>
* rename
* diff
---------
Co-authored-by: Alexander Bondarenko <486682+dpwiz@users.noreply.github.com>
Co-authored-by: spaced4ndy <8711996+spaced4ndy@users.noreply.github.com>
* add sntrup761 source
* it compiles
* Wrap bindings in non-FFI types
Test passes with a dummy RNG.
* pass ChaChaDRG via FunPtr
* Add iOS smoke test at createAgentStore
* style
* add "ssl" library dep
Attempt to fix missing _SHA512 symbol on macos.
* remove sha512 wrapper and use openssl directly
* restore names, remove dummy RNG
* Revert "remove sha512 wrapper and use openssl directly"
This reverts commit f9f7781f09.
* restore code from RFC
* shorter names
* enable all tests
* remove run test
---------
Co-authored-by: IC Rainbow <aenor.realm@gmail.com>
* agent: catch IO errors correctly in MonadError
* correction
* correction
* utils
* agentFinally to catch IO exceptions in ExceptT
* rename
* remove, inline
* rename utils
* utils unit test
* test to show catch and finally problems
* tryAllErrors
* enable all tests
* send "quota exceeded" message from SMP server when sender gets ERR QUOTA (ignored in the agent for now)
* send msg quota to the recipient to indicate that sender got ERR QUOTA, test
* switch between slow/fast retry intervals (tests do not pass yet)
* send QCONT message, refactor RetryInterval, test
* refactor
* remove comment
* remove space
* unit test for withRetryLock2
* refactor
* rfc: queue rotation
* update rfc
* messages for queue rotation
* allow multiple subscribed queues per connection in Agent/Client.hs
* refactor
* fix module name
* allow multiple queues in duplex connection type
* update commands
* add indices
* addConnectionRcvQueue
* switch connection to another queue (WIP)
* update schema/protocol
* switching queue works, but sending messages after the switch fails
* messages are delivered after rotation
* use connection-scoped queue ID
* rename queue records fields
* refactor using SMPQueue class/instances
* simplify queries
* QKEY: check queue is not secured, refactor
* update rfc
* mark queue as primary in QUSE
* queue rotation errors
* fix async ack
* fix async ACK to send OK
* correction
Co-authored-by: JRoberts <8711996+jr-simplex@users.noreply.github.com>
* use SWCH command
* rename
* take into account only active queue subscription when determining connection result if at least one queue is active
* remove comment
* only enable notifications for connections with enableNtfs = True
* async test (WIP)
* async queue rotation test
* simplify combining results
* test with 2 servers
* fix unused subscribeConnection
* switch to cabal build
* increase build timeout
* increase delay in async test
* skip queue rotation tests
* build matrix
* step name
* use ubuntu-18.04 in build matrix
* enable rotation tests
Co-authored-by: JRoberts <8711996+jr-simplex@users.noreply.github.com>
* types and encodings for double ratchet integration
* upgrade stack resolver
* type classes for version agreement, encode/decode connection request links and E2E params with versioning
* encode/decode client parameters (version and DH key) in SMP queue URI using query string parameters
* restore support of the current SMP queue URI format
* update AMessage to only send queues in REPLY message (not the full connection request)
* new agent message evnvelopes (tests fail)
* new message envelopes - tests pass
* store fully encrypted messages before sending
* unify message delivery via DB queue (excluding confirmation and invitation)
* remove activateSecuredQueue
* linter hints
* remove comment
* export order
* save rachet-encrypted message, not per-queue encrypted
* delete message after it is accepted by the server, reduce message delivery interval for the tests
Co-authored-by: Efim Poberezkin <8711996+efim-poberezkin@users.noreply.github.com>
* binary SMP protocol encoding (server tests fail)
* use 1 byte for bytestring length when encoding/decoding
* Encoding class, binary tags
* update server tests
* negotiate SMP version in client/server handshake
* add version columns to queues and connections
* split parsing SMP client commands and server responses to different functions
* check uniqueness of protocol tags
* split client commands and server responses/messages to separate types
* update types in SMP client
* remove pattern synonyms for SMP errors
* simplify getHandshake
* update SMP protocol encoding in protocol spec
* encode time as a number of seconds (64-bit integer) since epoch
