briar issueshttps://code.briarproject.org/groups/briar/-/issues2018-06-12T11:32:32Zhttps://code.briarproject.org/briar/briar/-/issues/269Race condition between adding contacts and adding transports2018-06-12T11:32:32ZakwizgranRace condition between adding contacts and adding transports`KeyManagerImpl#addContact()` runs synchronously whereas `KeyManagerImpl#addTransport()` runs asynchronously. If a transport is added and then a contact is added immediately afterwards, it's possible for the contact not to get any transp...`KeyManagerImpl#addContact()` runs synchronously whereas `KeyManagerImpl#addTransport()` runs asynchronously. If a transport is added and then a contact is added immediately afterwards, it's possible for the contact not to get any transport keys.
This is very unlikely to affect real users because transports are added early in the startup process, but it's causing SimplexTransportIntegrationTest to fail intermittently, and should be fixed anyway on principle.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/268Research how to deal with doze mode on Android 62019-02-21T10:34:00ZakwizgranResearch how to deal with doze mode on Android 6Android 6 has a new doze mode when the device is idle. Apps can't access the network in doze mode, except during short wakeup periods. This will kill our ability to receive messages while the device is idle. The recommended workaround is...Android 6 has a new doze mode when the device is idle. Apps can't access the network in doze mode, except during short wakeup periods. This will kill our ability to receive messages while the device is idle. The recommended workaround is to use Google Cloud Messaging, which obviously won't work for us.
We may need to prompt the user to add Briar to a whitelist. Thanks Google! Love ya!
http://developer.android.com/training/monitoring-device-state/doze-standby.htmlAndroid 1.1akwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/266Message queues2018-06-12T11:32:32ZakwizgranMessage queuesWrite a generic one-to-one message queue implementation that clients can use to exchange ordered messages with a contact.Write a generic one-to-one message queue implementation that clients can use to exchange ordered messages with a contact.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/264Re-Evaluate Build Expiration2018-06-11T10:14:03ZxavierRe-Evaluate Build Expirationafter some days my own build is showing this message and is blocked
"this software has expired
please install a newer version"
i understand you want dev or preusers update fast the software
but this is quite a strong way to push ...after some days my own build is showing this message and is blocked
"this software has expired
please install a newer version"
i understand you want dev or preusers update fast the software
but this is quite a strong way to push for it that to block the app completely
it look to much to a license expired message or a closed source software, which is not a good feeling
but maybe this is your own decision that i have just to accept :)https://code.briarproject.org/briar/briar/-/issues/263Deleting account does not delete Tor directory2018-06-12T11:32:32ZakwizgranDeleting account does not delete Tor directoryWhen the user's account is deleted via the password screen, the Tor directory isn't deleted. This is a serious problem as the Tor directory contains the private key for the hidden service. If the user creates a new account, the same hidd...When the user's account is deleted via the password screen, the Tor directory isn't deleted. This is a serious problem as the Tor directory contains the private key for the hidden service. If the user creates a new account, the same hidden service address is used.Milestone Cakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/262briar dos not try to reconnect by itself after connection loss2018-06-12T11:32:32Zxavierbriar dos not try to reconnect by itself after connection lossafter a loss of connection i have the feeling that briar is not trying so much to reconnect.
i have seen that several times.
briar shows all contacts offline
if i send a message to several contacts, it does not seems to try reinit c...after a loss of connection i have the feeling that briar is not trying so much to reconnect.
i have seen that several times.
briar shows all contacts offline
if i send a message to several contacts, it does not seems to try reinit connection
if i disconnect and reconnect mannually
then all contacts goes back online.
maybe sending messages to a offline client when most clients are offline shall make briar to reinit all connections.
this is more present on the 3g 4g networks.
on same wifi lan and bluetooth. i do no see that behaviorMilestone Cakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/260torbot unable to start when briar is on2018-06-12T11:32:32Zxaviertorbot unable to start when briar is onwhen briar is active on the wan then i cannot start torbot on the same device.
maybe it is something related to #259 when briar is active on the wan then i cannot start torbot on the same device.
maybe it is something related to #259 Milestone Cakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/259Connection refused when connecting to other clients via Tor2023-03-15T12:50:53ZTorsten GroteConnection refused when connecting to other clients via TorSince a few weeks my contacts seem to be unable to connect to each other via Tor. The following log is on current master `HEAD` with two contacts online and connected via the LAN Plugin.
```
I/TorPlugin: Hidden service [mine].onion
I/To...Since a few weeks my contacts seem to be unable to connect to each other via Tor. The following log is on current master `HEAD` with two contacts online and connected via the LAN Plugin.
```
I/TorPlugin: Hidden service [mine].onion
I/TorPlugin: OR connection LAUNCHED
I/TorPlugin: NOTICE Bootstrapped 85%: Finishing handshake with first hop
I/TorPlugin: NOTICE Bootstrapped 90%: Establishing a Tor circuit
I/TorPlugin: OR connection CONNECTED
I/TorPlugin: First circuit built
I/TorPlugin: NOTICE Tor has successfully opened a circuit. Looks like client functionality is working.
I/TorPlugin: NOTICE Bootstrapped 100%: Done
I/PollerImpl: Polling TorPlugin
I/TorPlugin: Connecting to [theirs].onion
I/TorPlugin: Could not connect to [theirs].onion: Connection refused
I/PollerImpl: Polling TorPlugin
I/TorPlugin: Connecting to [theirs].onion
I/TorPlugin: Could not connect to [theirs].onion: Connection refused
I/TorPlugin: Hidden service descriptor published
I/PollerImpl: Polling TorPlugin
I/TorPlugin: Connecting to [theirs].onion
I/TorPlugin: Could not connect to [theirs].onion: Connection refused
I/PollerImpl: Polling TorPlugin
I/TorPlugin: Could not connect to [theirs].onion: TTL expired
I/TorPlugin: NOTICE Tried for 120 seconds to get a connection to [scrubbed]:80. Giving up. (waiting for rendezvous desc)
I/PollerImpl: Polling TorPlugin
I/TorPlugin: Hidden service descriptor published, not polling
```https://code.briarproject.org/briar/briar/-/issues/258Replace Timer with ScheduledExecutorService2018-06-12T11:32:32ZakwizgranReplace Timer with ScheduledExecutorServiceThe Timer implementation used by PollerImpl and TransportKeyManager is based on java.util.Timer, which is sensitive to changes in the system clock:
http://stackoverflow.com/questions/18803695/how-is-the-timer-class-in-java-sensitive-t...The Timer implementation used by PollerImpl and TransportKeyManager is based on java.util.Timer, which is sensitive to changes in the system clock:
http://stackoverflow.com/questions/18803695/how-is-the-timer-class-in-java-sensitive-to-the-system-clock
Replace it with an implementation based on ScheduledExecutorService.Milestone Cakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/257Consider offering user validation alternatives2019-04-10T10:39:39ZErnir ErlingssonConsider offering user validation alternativesCurrently we are only validating users with text strings but text input, on small mobile devices especially, is little fun and for that reason some users might choose comfortability, with a short password, over security. There are severa...Currently we are only validating users with text strings but text input, on small mobile devices especially, is little fun and for that reason some users might choose comfortability, with a short password, over security. There are several possibilities available to tackle this "problem":
**1. Offer more user validation possibilities besides using a password, e.g. use the device's fingerprint sensor**
if available. This will only work for one account though, if a user has multiple accounts we will need to offer some way for the user to define which account is using his fingerprint.
**2. Define access layers with different security restrictions**
This is much more tricky and maybe not desirable at all but I feel there is sufficient discussion merit nonetheless. Currently Briar employs a single access restriction on a per account basis, i.e. you either have access to everything (for the respective account) or nothing depending on your knowledge of the password.
Another approach would be to have multiple access levels, e.g. you enter the app with a four digit pin that gives you access to the app but in order to communicate with extra-secure users (this could be marked when contacts are added) you must first confirm your password on a session basis. Here we would need to make sure that the security restriction on the communication between contacts A and B would be identical, i.e. both parties would be required to confirm the passwords in order to communicate.Android 1.1https://code.briarproject.org/briar/briar/-/issues/256Verify and bind long-term public keys when adding contacts2018-06-12T11:32:32ZakwizgranVerify and bind long-term public keys when adding contactsDesign a protocol for verifying and binding long-term public keys when adding contacts directly or via introductions.
The current Bluetooth protocol does this by generating two nonces from the ephemeral shared secret - each party sign...Design a protocol for verifying and binding long-term public keys when adding contacts directly or via introductions.
The current Bluetooth protocol does this by generating two nonces from the ephemeral shared secret - each party signs one of the nonces. We could use a similar approach for the new protocols, or an approach based on triple Diffie-Hellman.
Identities already have long-term signature keys but they don't have long-term DH keys, so if we use 3DH we either need to be sure it's safe to reuse the signature keys as DH keys, or we need to extend the identity object with a long-term DH key, signed with the long-term signature key. This has the disadvantage of committing us to a DH primitive for the long term.
Using signatures would make the key exchange undeniable, but it's debatable whether that matters in practice.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/255Client API improvements2018-06-12T11:32:32ZakwizgranClient API improvementsQuoting @grote:
> Last night I thought about the Client API as well and I tried to forget most of what I know about how things are implemented at the moment, so I can have a fresh view on how a developer writing a client without being f...Quoting @grote:
> Last night I thought about the Client API as well and I tried to forget most of what I know about how things are implemented at the moment, so I can have a fresh view on how a developer writing a client without being familiar with Briar's internals would see things.
> It is nice to being able to access the raw message, being able to put your own data structures in there. It is nice that you can encode and parse metadata. However, for many applications that might not be necessary and all the developer wants is a simple key value store. We have this already with the BdfDictionary which resembles JSON and which I like.
> So I was wondering, why we don't add a layer on top of what we have and allow the client developer to directly get a BdfDictionary (which I will call Payload) from the message. The same way, when composing the message, just let the developer provide the payload and the lower layers handle the rest.
> Here's some pseudo code to illustrate those thoughts:
```java
class MyClient extends BrambleClient {
@Override
public void receivedMessage(Message m) {
Payload payload = m.getPayload(); // this is currently called BdfDictionary
String myString = payload.getString("myString");
long myInt = payload.getIntegeger("myInt");
Object myObject = payload.getSerializable("mySerializableObject");
doSomething(myString, myInt);
}
public void sendMessage() {
Payload payload = new Payload();
payload.putString("myString", "foo");
payload.putInteger("myString", "foo");
payload.putSerializable("mySerializableObject", myObject);
Message m = messageFactory.createMessage(payload);
// if that's not possible, it can be db.addLocalMessage(group, ...)
Group group = getGroup(contact);
group.sendMessage(m);
}
public void doSomething(String s, int i) {
// payload queries for easy access to messages
List<Messages> msgs1 = db.getMessagesWithPayloadKey(group, "myString");
List<Messages> msgs2 = db.getMessagesWherePayload(group, "myString", String, s);
}
}
```
> Adding data to the payload is very similar to how intent extras or bundles work in the Android API, so many people are already familar with it.
> Also note that there's no mention of validatingMessage() because the client developer is only interesting in receiving a message, so there could be just another hook for that.
> If at all possible, I would like the client developer to write as little validation code as possible. Not having to check lengths and such things, but maybe only to see if the payload objects she expects are there.
> I think that payload queries (however they will look like) would also be a very nice addition and convenience methods for client developers, so they don't have to iterate through message lists themselves just to find the ones they are interested in.Milestone Cakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/254Crash when keys are rotated2018-06-12T11:32:32ZakwizgranCrash when keys are rotatedThis crash happens when leaving a test phone to do nothing (see https://code.briarproject.org/akwizgran/briar/merge_requests/74#note_2358):
```
java.lang.IllegalStateException: TimerTask is scheduled already
at...This crash happens when leaving a test phone to do nothing (see https://code.briarproject.org/akwizgran/briar/merge_requests/74#note_2358):
```
java.lang.IllegalStateException: TimerTask is scheduled already
at java.util.Timer.scheduleImpl(Timer.java:569)
at java.util.Timer.schedule(Timer.java:456)
at org.briarproject.system.SystemTimer.schedule(SystemTimer.java:21)
at org.briarproject.transport.TransportKeyManager.run(TransportKeyManager.java:260)
at java.util.Timer$TimerImpl.run(Timer.java:284)
```
Looks like the issue is that TransportKeyManager re-schedules the same TimerTask instance (i.e. itself) and the Timer impl doesn't allow that. TransportKeyManager's TimerTask implementation should be broken out into a private class so a different instance can be scheduled each time.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/253Show Introduction and Responses in UI2018-06-12T11:32:32ZTorsten GroteShow Introduction and Responses in UICurrently, the introduction client shows the introductions and the responses to them only in system notifications. See [the related wiki page](https://code.briarproject.org/akwizgran/briar/wikis/IntroductionClient#draft-of-user-interface...Currently, the introduction client shows the introductions and the responses to them only in system notifications. See [the related wiki page](https://code.briarproject.org/akwizgran/briar/wikis/IntroductionClient#draft-of-user-interface) for how it is done at the moment.
If the user signs out of Briar before responding via the notification, the notification will be removed leaving the user with no way to respond and the invitation protocol in limbo forever. Therefore, the received introductions should be shown somewhere else in the UI as long as they are not responded to.
Very similar to that are invitations to participate in a forum where there's also a message the user needs to respond to and that needs to be visually presented to the user in some way. That functionality is tracked in #121.
Other related tickets are [Show new messages/forum posts on dashboard](#42) and [Show recent activity on the dashboard](#88) which focus on the Dashboard which does not exist anymore. It has been proposed to show introductions/invitations in the navigation drawer in the appropriate section, so either Contacts or Forums.
There, the number of unread messages could also be shown. Later other notifications might be needed e.g. for Blogs or RSS feed reader. So a unified UI concept would be welcome.
Subtask of #118.Milestone Bhttps://code.briarproject.org/briar/briar/-/issues/252New polling logic for LAN2018-06-12T11:32:32ZakwizgranNew polling logic for LANSubtask of #116.Subtask of #116.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/251New polling logic for Bluetooth2018-06-12T11:32:32ZakwizgranNew polling logic for BluetoothSubtask of #116.Subtask of #116.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/250New polling logic for Tor2018-06-12T11:32:32ZakwizgranNew polling logic for TorSubtask of #116.Subtask of #116.Milestone Bakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/248Expose transactions to sync clients2018-06-12T11:32:32ZakwizgranExpose transactions to sync clientsSubtask of #112.Subtask of #112.Milestone Aakwizgranakwizgranhttps://code.briarproject.org/briar/briar/-/issues/247Replace Guice/Roboguice with Dagger 22018-06-12T11:32:33ZErnir ErlingssonReplace Guice/Roboguice with Dagger 2After much deliberation we decided to replace Guice and Roboguice with Dagger 2 due to these benefits:
* Better performance
* No reflection
* Smaller library
* Compile errors instead of runtime errors.After much deliberation we decided to replace Guice and Roboguice with Dagger 2 due to these benefits:
* Better performance
* No reflection
* Smaller library
* Compile errors instead of runtime errors.Milestone Chttps://code.briarproject.org/briar/briar/-/issues/246Set up unit testing for Android code2018-06-12T11:32:33ZakwizgranSet up unit testing for Android codeWe currently have unit tests for (parts of) briar-core and briar-desktop, but not for briar-android. Some of the UI logic is quite complex and should be tested. Choose an appropriate test framework and set up automated unit tests.We currently have unit tests for (parts of) briar-core and briar-desktop, but not for briar-android. Some of the UI logic is quite complex and should be tested. Choose an appropriate test framework and set up automated unit tests.Milestone C