Page MenuHomePhabricator
Differential D7860

Handle client response to initial notifications encrypted message request
ClosedPublic
Actions

Authored by marcin on May 18 2023, 5:00 AM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Nov 25, 11:19 AM
Unknown Object (File)
Sat, Nov 23, 9:13 PM
Unknown Object (File)
Wed, Nov 13, 3:24 PM
Unknown Object (File)
Thu, Nov 7, 6:06 AM
Unknown Object (File)
Thu, Nov 7, 6:06 AM
Unknown Object (File)
Thu, Nov 7, 6:05 AM
Unknown Object (File)
Thu, Nov 7, 6:05 AM
Unknown Object (File)
Thu, Nov 7, 6:05 AM
View All Files
Subscribers
ashoat

Details

Reviewers
tomek
atul
bartek
Commits
rCOMMa1fd590313e8: Handle client response to initial notifications encrypted message request
rCOMMcbe5181ccb9f: Handle client response to initial notifications encrypted message request
Summary

This differential handles client response to initial notifications encrypted message request by creating new olm session for notifs.

Test Plan
  1. Log out.
  2. Comment the code in log in panel that creates olm session for notifs.
  3. Log in.
  4. Query select * from olm_sessions and ensure there is a new entry for notifs

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

marcin created this revision.May 18 2023, 5:00 AM
Herald added a subscriber: ashoat. · View Herald TranscriptMay 18 2023, 5:00 AM
marcin added a parent revision: D7859: Add method to check for missing olm sessions for notifs and use it to send relevant request.May 18 2023, 5:04 AM
marcin added a child revision: D7797: Implement olm session updater that has encrypting functionality.May 18 2023, 5:07 AM
Harbormaster completed remote builds in B19462: Diff 26627.May 18 2023, 5:18 AM
marcin requested review of this revision.May 18 2023, 5:18 AM
marcin updated this revision to Diff 26634.May 18 2023, 5:48 AM

Rebase

marcin added 1 blocking reviewer(s): atul.May 18 2023, 5:54 AM

Added @atul as blocking reviewer for entire substack since he implemented very similar diffs for SignedIdentityKeysBlob.

Harbormaster completed remote builds in B19469: Diff 26634.May 18 2023, 6:06 AM
tomek accepted this revision.May 22 2023, 2:26 AM
tomek added inline comments.
keyserver/src/socket/session-utils.js
136–137 ↗(On Diff #26634)

I know this approach was used earlier, but isn't it just tString(serverRequestTypes.INITIAL_NOTIFICATIONS_ENCRYPTED_MESSAGE)?

245–248 ↗(On Diff #26634)

It would be better if it was verified using tComb validator

253 ↗(On Diff #26634)

What is the meaning of this value?

256–258 ↗(On Diff #26634)

Is it safe to ignore the exception? Would the client ever know that something went wrong?

marcin added inline comments.May 22 2023, 5:55 AM
keyserver/src/socket/session-utils.js
136–137 ↗(On Diff #26634)

I am not sure if that is what you were thinking about but an attempt to use it in the following way:

tShape({
   type: t.String(serverRequestTypes.INITIAL_NOTIFICATIONS_ENCRYPTED_MESSAGE),
   initialNotificationsEncryptedMessage: t.String,
 }),

results in flow error:

Error ┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈┈ src/socket/session-utils.js:136:13

Cannot call t.String because a call signature declaring the expected parameter / return type is missing in
TIrreducible [1]. [prop-missing]

     src/socket/session-utils.js
     133│     signedIdentityKeysBlob: signedIdentityKeysBlobValidator,
     134│   }),
     135│   tShape({
     136│     type: t.String(serverRequestTypes.INITIAL_NOTIFICATIONS_ENCRYPTED_MESSAGE),
     137│     initialNotificationsEncryptedMessage: t.String,
     138│   }),
     139│ ]);

     ../lib/flow-typed/npm/tcomb_v3.x.x.js
 [1] 110│     +String: TIrreducible<string>,
Found 1 error
253 ↗(On Diff #26634)

The keyserver has to olm accounts: one for notifications and the other for communication with identity service. createOlmSession can be used to create session for both of this accounts. This argument informs which olm account we will use to create olm session. In this particular case we will use olm accounts for e2e notifications.

256–258 ↗(On Diff #26634)

I think it si for three reasones:

  1. It has already been used for other requests and proved to work.
  2. If it fails, the keyserver will re-attempt to retrieve this data from the client.
  3. If this fails due to some permanent db failure we will be informed by prepareEncryptedIOSNotifications function that we are constantly missing olm session for a client that has code version high enough to handle notification encryption.
  4. The client code in this stack is implemented in a way that it is aware of a case when notifications are delivered unencrypted. When this issue: https://linear.app/comm/issue/ENG-2670/c-equivalent-of-dev-flag#comment-45f70230 is resolved staff members will be informed that their notifications are delivered unencrypted.

Until the linear issue mentioned above is not resolved we don't really have a proper way to handle such failure on the client.

marcin updated this revision to Diff 26783.May 22 2023, 6:57 AM

Use tcomb to validate request

Harbormaster completed remote builds in B19598: Diff 26783.May 22 2023, 7:14 AM
atul accepted this revision.May 22 2023, 9:50 AM
This revision is now accepted and ready to land.May 22 2023, 9:50 AM
marcin updated this revision to Diff 27179.May 29 2023, 11:40 AM

Rebase before landing

marcin updated this revision to Diff 27192.May 29 2023, 11:57 AM

Rebase before landing

Harbormaster completed remote builds in B19848: Diff 27179.May 29 2023, 12:21 PM
Harbormaster completed remote builds in B19861: Diff 27192.May 29 2023, 1:02 PM
Closed by commit rCOMMcbe5181ccb9f: Handle client response to initial notifications encrypted message request (authored by marcin). · Explain WhyMay 29 2023, 1:41 PM
This revision was automatically updated to reflect the committed changes.
marcin added a commit: rCOMMcbe5181ccb9f: Handle client response to initial notifications encrypted message request.
ashoat added a reverting change: rCOMM4b66a767ea75: Revert "Handle client response to initial notifications encrypted message….May 31 2023, 4:51 AM
marcin reopened this revision.May 31 2023, 8:38 AM
This revision is now accepted and ready to land.May 31 2023, 8:38 AM
marcin updated this revision to Diff 27345.Jun 1 2023, 6:11 AM

Rebase before landing

Harbormaster completed remote builds in B19955: Diff 27345.Jun 1 2023, 6:34 AM
Closed by commit rCOMMa1fd590313e8: Handle client response to initial notifications encrypted message request (authored by marcin). · Explain WhyJun 1 2023, 6:55 AM
This revision was automatically updated to reflect the committed changes.
marcin added a commit: rCOMMa1fd590313e8: Handle client response to initial notifications encrypted message request.

Revision Contents
Changeset List

PathSize
keyserver/
src/
socket/
26 lines

Diff 27352

View Options

keyserver/src/socket/session-utils.js

Loading...