briar issueshttps://code.briarproject.org/briar/briar/-/issues2018-06-12T11:32:38Zhttps://code.briarproject.org/briar/briar/-/issues/115Improve Tor hidden service performance2018-06-12T11:32:38ZakwizgranImprove Tor hidden service performanceBring the Tor hidden service patch up to date and take it through the patch workshop to get it integrated upstream. Measure the performance improvements.Bring the Tor hidden service patch up to date and take it through the patch workshop to get it integrated upstream. Measure the performance improvements.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/116New polling logic2018-06-12T11:32:38ZakwizgranNew polling logicThe Tor plugin should follow Ricochet's approach to polling:
* Whenever internet access becomes available, publish the hidden service descriptor, wait for it to be published (how?), then poll once for contacts
* Don't poll again unti...The Tor plugin should follow Ricochet's approach to polling:
* Whenever internet access becomes available, publish the hidden service descriptor, wait for it to be published (how?), then poll once for contacts
* Don't poll again until the next time internet access becomes available -- contacts are responsible for connecting to us
The LAN and Bluetooth plugins should use randomised exponential backoff, starting from the time the transport becomes available.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/217Tor Connectivity Issues2018-06-12T11:32:34ZTorsten GroteTor Connectivity IssuesI have issues with Briar contacts seeing each other online. It works fine after adding the contacts. But after some time, when they have different IP addresses in the local network, they never turn up as online.
Connecting through Tor...I have issues with Briar contacts seeing each other online. It works fine after adding the contacts. But after some time, when they have different IP addresses in the local network, they never turn up as online.
Connecting through Tor does not seem to work. They try to connect to the proper hidden services addresses, but in the log there is just this without further information:
```
org.briarproject I/TorPlugin: Could not connect to [bla].onion
```
Maybe, the tor hidden service performance patch is missing from the latest tor binaries? Without that patch we used to get a lot of connection failures.
Maybe this can be investigated along with #203.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/218UTF-8 string encoding/decoding fails with POSIX locale2018-06-12T11:32:34ZakwizgranUTF-8 string encoding/decoding fails with POSIX localeThe unit tests `BdfReaderImplTest#testReadUtf8String()` and `BdfWriterImplTest#testWriteUtf8String()` fail on a Linux system with the following locale settings:
```
LANG=
LANGUAGE=
LC_CTYPE="POSIX"
LC_NUMERIC="POSIX"
LC_TIME="POS...The unit tests `BdfReaderImplTest#testReadUtf8String()` and `BdfWriterImplTest#testWriteUtf8String()` fail on a Linux system with the following locale settings:
```
LANG=
LANGUAGE=
LC_CTYPE="POSIX"
LC_NUMERIC="POSIX"
LC_TIME="POSIX"
LC_COLLATE="POSIX"
LC_MONETARY="POSIX"
LC_MESSAGES="POSIX"
LC_PAPER="POSIX"
LC_NAME="POSIX"
LC_ADDRESS="POSIX"
LC_TELEPHONE="POSIX"
LC_MEASUREMENT="POSIX"
LC_IDENTIFICATION="POSIX"
LC_ALL=
```
Compilation also produces errors for these tests along with MetadataEncoderImplTest and MetadataParserImplTest, which may be related to the use of Unicode characters in source files. Example:
```
/home/tests/briar/briar-tests/src/org/briarproject/data/MetadataEncoderParserImplTest.java:76: error: unmappable character for encoding ASCII
d.put("test", "abcdefghilkmnopqrst ?????????????????? \uFDD0\uFDD1\uFDD2\uFDD3");
```Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/224Adding existing contact with another identity fails2018-06-12T11:32:33ZTorsten GroteAdding existing contact with another identity failsSteps to reproduce:
* Add contact X with first identity A
* Create second identity B
* Add contact X with second identity B
Observe how adding contact X fails while it succeeds for user X.Steps to reproduce:
* Add contact X with first identity A
* Create second identity B
* Add contact X with second identity B
Observe how adding contact X fails while it succeeds for user X.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/225Bluetooth plugin is broken on Android 62018-06-12T11:32:33ZakwizgranBluetooth plugin is broken on Android 6Android 6 no longer allows access to the local Bluetooth address. `BluetoothAdapter.getAddress()` now returns a fixed value. This will break our ability to give our address to contacts so they can connect without performing discovery.
...Android 6 no longer allows access to the local Bluetooth address. `BluetoothAdapter.getAddress()` now returns a fixed value. This will break our ability to give our address to contacts so they can connect without performing discovery.
https://developer.android.com/intl/ko/about/versions/marshmallow/android-6.0-changes.html#behavior-hardware-id
The plugin still uses BluetoothAdapter.getAddress(), it's only `TestingActivity` and `CrashReportActivity` that look at the value in `Settings.Secure`. we need to add a method (maybe in `AndroidUtils`?) for getting the value from the adapter, checking whether it's valid, getting the value from `Settings.Secure` if it's not, and throwing an exception if there's not a valid address there either.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/226Fix logic for disabling Bluetooth at shutdown2018-06-12T11:32:33ZakwizgranFix logic for disabling Bluetooth at shutdownIf Bluetooth is disabled when the app starts and the user or another app subsequently enables it, Briar will disable it when shutting down.
The current logic checks whether Bluetooth was disable at startup, and if si, disables it at s...If Bluetooth is disabled when the app starts and the user or another app subsequently enables it, Briar will disable it when shutting down.
The current logic checks whether Bluetooth was disable at startup, and if si, disables it at shutdown. What it should do instead is check whether Bluetooth was disabled startup *and* Briar enabled it at startup, and if so, disable it at shutdown.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/227Contact list not updating when contact is removed2018-06-12T11:32:33ZakwizgranContact list not updating when contact is removedMilestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/228Briar crashes when TorPlugin tries to create a connection2018-06-12T11:32:33Zstr4dBriar crashes when TorPlugin tries to create a connection```
java.lang.NullPointerException: Attempt to write to field 'java.io.OutputStream net.sourceforge.jsocks.Proxy.out' on a null object reference
at net.sourceforge.jsocks.SocksSocket.doDirect(SocksSocket.java:279)
at net.sourceforge...```
java.lang.NullPointerException: Attempt to write to field 'java.io.OutputStream net.sourceforge.jsocks.Proxy.out' on a null object reference
at net.sourceforge.jsocks.SocksSocket.doDirect(SocksSocket.java:279)
at net.sourceforge.jsocks.SocksSocket.<init>(SocksSocket.java:100)
at org.briarproject.plugins.tor.TorPlugin.createConnection(TorPlugin.java:536)
at org.briarproject.plugins.tor.TorPlugin$2.run(TorPlugin.java:515)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
at java.lang.Thread.run(Thread.java:818)
```
In the library sources that Gradle downloaded for me, it looks like the proxy field of the jsocks `SocksSocket` constructor is ignored completely, but the `doDirect()` internal function called by that constructor uses the unset `proxy` variable. This looks like an upstream bug. I don't know how this is working for anyone else, given that the jsocks library is verified by Gradle Witness.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/234Remove consumers from BdfWriter2018-06-12T11:32:33ZakwizgranRemove consumers from BdfWriterMilestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/235Potential deadlock in TransportKeyManager2018-06-12T11:32:33ZakwizgranPotential deadlock in TransportKeyManagerTransportKeyManager uses the single-threaded DatabaseExecutor to ensure its DB tasks write to the DB in the same order as they're queued. This makes it possible to keep TransportKeyManager's internal state consistent with the state of th...TransportKeyManager uses the single-threaded DatabaseExecutor to ensure its DB tasks write to the DB in the same order as they're queued. This makes it possible to keep TransportKeyManager's internal state consistent with the state of the DB without holding locks during DB calls.
To ensure that a StreamContext is never used twice, the two getStreamContext() methods wait for their DB tasks to complete before returning. This will cause deadlock: if the methods are called on the DatabaseExecutor thread, as their DB tasks will be queued behind them and will never complete.
One way to fix this would be for TransportKeyManager to keep its own single-threaded executor for running its DB tasks. KeyManagerImpl already has a Timer thread that could be converted into an executor.
Another possibility would be to return a Future<StreamContext>.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/238Allow messages to be deleted2018-06-12T11:32:33ZakwizgranAllow messages to be deletedAllow messages to be deleted from the database. If a message being deleted is shared, we need to keep enough information about it to avoid syncing it back to life.Allow messages to be deleted from the database. If a message being deleted is shared, we need to keep enough information about it to avoid syncing it back to life.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/241Don't show persistent notification on lock screen2018-06-12T11:32:33ZakwizgranDon't show persistent notification on lock screenAndroid 5 and 6 allow notifications to be shown on the lock screen. Configure Briar's persistent notification so it doesn't appear there.Android 5 and 6 allow notifications to be shown on the lock screen. Configure Briar's persistent notification so it doesn't appear there.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/242Anonymous forum post crashes ReadForumPostActivity2018-06-12T11:32:33ZakwizgranAnonymous forum post crashes ReadForumPostActivityThe crash is caused by an IllegalStateException thrown when no author reference is retrieved from the ReferenceManager.The crash is caused by an IllegalStateException thrown when no author reference is retrieved from the ReferenceManager.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/243Rotating ReadForumPostActivity causes post to appear anonymous2018-06-12T11:32:33ZakwizgranRotating ReadForumPostActivity causes post to appear anonymousWhen viewing a pseudonymous forum post in ReadForumPostActivity, rotating the screen causes the post to appear anonymous.When viewing a pseudonymous forum post in ReadForumPostActivity, rotating the screen causes the post to appear anonymous.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/250New polling logic for Tor2018-06-12T11:32:32ZakwizgranNew polling logic for TorSubtask of #116.Subtask of #116.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/251New polling logic for Bluetooth2018-06-12T11:32:32ZakwizgranNew polling logic for BluetoothSubtask of #116.Subtask of #116.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/252New polling logic for LAN2018-06-12T11:32:32ZakwizgranNew polling logic for LANSubtask of #116.Subtask of #116.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/254Crash when keys are rotated2018-06-12T11:32:32ZakwizgranCrash when keys are rotatedThis crash happens when leaving a test phone to do nothing (see https://code.briarproject.org/akwizgran/briar/merge_requests/74#note_2358):
```
java.lang.IllegalStateException: TimerTask is scheduled already
at...This crash happens when leaving a test phone to do nothing (see https://code.briarproject.org/akwizgran/briar/merge_requests/74#note_2358):
```
java.lang.IllegalStateException: TimerTask is scheduled already
at java.util.Timer.scheduleImpl(Timer.java:569)
at java.util.Timer.schedule(Timer.java:456)
at org.briarproject.system.SystemTimer.schedule(SystemTimer.java:21)
at org.briarproject.transport.TransportKeyManager.run(TransportKeyManager.java:260)
at java.util.Timer$TimerImpl.run(Timer.java:284)
```
Looks like the issue is that TransportKeyManager re-schedules the same TimerTask instance (i.e. itself) and the Timer impl doesn't allow that. TransportKeyManager's TimerTask implementation should be broken out into a private class so a different instance can be scheduled each time.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/256Verify and bind long-term public keys when adding contacts2018-06-12T11:32:32ZakwizgranVerify and bind long-term public keys when adding contactsDesign a protocol for verifying and binding long-term public keys when adding contacts directly or via introductions.
The current Bluetooth protocol does this by generating two nonces from the ephemeral shared secret - each party sign...Design a protocol for verifying and binding long-term public keys when adding contacts directly or via introductions.
The current Bluetooth protocol does this by generating two nonces from the ephemeral shared secret - each party signs one of the nonces. We could use a similar approach for the new protocols, or an approach based on triple Diffie-Hellman.
Identities already have long-term signature keys but they don't have long-term DH keys, so if we use 3DH we either need to be sure it's safe to reuse the signature keys as DH keys, or we need to extend the identity object with a long-term DH key, signed with the long-term signature key. This has the disadvantage of committing us to a DH primitive for the long term.
Using signatures would make the key exchange undeniable, but it's debatable whether that matters in practice.Milestone Bakwizgranakwizgran