| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Client requires this always point to the previous Entered it accepted,
so a hash chain of Entered is built up, and there is no possibility for
ambiguity about which order a client received two Entered activies in.
So restoreHashes now has to try every possible combination of
known hashes for both prevEntered and prevActivity. That could be
significantly more work, but it would be unusual for there to be a lot
of known hashes, so it should be ok.
--graphviz shows this additional hash chain with grey edges
(and leaves out edges identical to the other hash chain)
While testing this with an artifical network lag, it turned out that
signature verification was failing for Reject messages sent by the
user. Didn't quite figure out what was at the bottom of that,
but the Activity Entered that was sent back in a Reject message was
clearly not useful, because it probably had both its prevEntered and
prevActivity hashes set to Nothing (because restoreHashes didn't restore
them, because the original Activity Entered was out of the expected
chain). So, switched Rejected to use a Hash.
(And renamed Rejected to EnteredRejected to make it more clear what
it's rejecting.)
Also, added a lastAccepted hash to EnteredRejected. This lets
the developer find its way back to the accepted chain when some
of its input gets rejected.
This commit was sponsored by Trenton Cronholm on Patreon.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I think there was a race where a SessionKey message had been drained
from the TChan, but not yet added to the developer state, which was
resonsible for recent instability at startup.
It manifested as protocol errors where the prevActivity hash was wrongly
Nothing.
Fixed by adding a MissingHashes type to tag things whose hashes have
been stripped, and adding back the hashes when needed, which always
happens inside atomically blocks, so won't have such a race.
|
|
Do include it in the data that gets signed, so it can be recovered
by trying each likely (recently seen) Activity as the prevMessage, and
checking the signature.
The UserState and DeveloperState already had the necessary state about
recently seen hashes, so this does not impact data use.
One tricky bit is that relayFromSocket needs to wait for the TMChan
to be empty before calling restorePrevActivityHash. Otherwise, the
hashes of items in the channel that have not been processed yet won't be
tried. The TMChan is not really being used as a channel since only 1
item can be in it. It could be converted to a TMVar, but closeTMChan is
used so I left it as a channel.
Note that the server does not restore hashes of messages that pass
through it; it's just a dumb relay.
Sending a single key press now only needs 94 bytes of data to be sent,
down from 169!
---
Also switched to SHA512, since hashes are no longer being sent over
the wire and so the larger size does not matter. SHA512 is slightly
faster and more secure.
This commit was sponsored by Ewen McNeill.
|