| Age | Commit message (Collapse) | Author |
|---|
|
As mentioned in the commit introducing `Expected`, `QOlmExpected` is
simply an alias for `Expected<T, QOlmError>`. This simplifies quite
a few function signatures in `QOlm*` classes and collapses unwieldy
`std::holds_alternative<>`/`std::get<>` constructs into a neat
contextual bool cast and an invocation of `operator*` or
`value()`/`error()` accessors that don't need to specify the type.
While refactoring the code, I found a couple of cases of mismatching
`uint32_t` and `qint32_t` in return values; a couple of cases where
`decrypt()` returns `QString` which is in fact `QByteArray` (e.g., in
`QOlmSession::decrypt()`); there's a repetitive algorithm in
`Connection::Private::sessionDecryptPrekey()` and
`sessionDecryptGeneral()`
|
|
There's no particular use in letting `QOlmError` out, only to confirm
that, well, `QOlmError` is just another form of no-match.
|
|
|
|
Mainly driven by clang-tidy and SonarCloud warnings (sadly, SonarCloud
doesn't store historical reports so no link can be provided here).
|
|
QCoreApplication::processEvents() is well-known to be a _wrong_ solution
to the unresponsive UI problem; despite that, connection.cpp has long
had that call to let UI update itself while processing bulky room
updates (mainly from the initial sync). This commit finally fixes this,
after an (admittedly rare) race condition has been hit, as follows:
0. Pre-requisite: quotest runs all the tests and is about to leave
the room; there's an ongoing sync request.
1. Quotest calls /leave
2. Sync returns, with the batch of _several_ rooms (that's important)
3. The above code handles the first room in the batch
4. processEvents() is called, just in time for the /leave response.
5. The /leave response handler in quotest ends up calling
Connection::logout() (processEvents() still hasn't returned).
6. Connection::logout() calls abandon() on the ongoing SyncJob,
pulling the rug from under onSyncSuccess()/consumeRoomData().
7. processEvents() returns and the above code proceeds to the next
room - only to find that the roomDataList (that is a ref to
a structure owned by SyncJob), is now pointing to garbage.
Morals of the story:
1. processEvents() effectively makes code multi-threaded: one flow is
suspended and another one may run _on the same data_. After the first
flow is resumed, it cannot make any assumptions regarding which data
the second flow touched and/or changed.
2. The library had quite a few cases of using &&-refs, avoiding even
move operations but also leaving ownership of the data with the
original producer (SyncJob). If the lifetime of that producer ends
too soon, those refs become dangling.
The fix makes two important things, respectively:
2. Ownership of room data is now transfered to the processing side,
the moment it is scheduled (see below), in the form of moving
into a lambda capture.
1. Instead of processEvents(), processing of room data is scheduled
via QMetaObject::invokeMethod(), uncoupling the moment when the
data was received in SyncJob from the moment they are processed
in Room::updateData() (and all the numerous signal-slots it calls).
Also: Room::baseStateLoaded now causes Connection::loadedRoomState, not
the other way round - this is more natural and doesn't need Connection
to keep firstTimeRooms map around.
|
|
This makes it easier and more intuitive to build a minimal JSON payload
for a given event type. A common basicJson() call point is also
convenient in template contexts (see next commits).
|
|
Add a macro to make slicing clear in the code and quiet for static
analysis.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Store some more things in the database
|
|
|
|
Is required to correctly choose a session to use for sending messages
|
|
|
|
|
|
|
|
|
|
|
|
Make sure that the enum values correspond to the values used in the spec
and use them instead of magic constants
|
|
Probably improves the performance slightly
If we handle to room data first, if a message arrives at the same time as the to-device message containing the key and we handle the message first, it will not be decryptable and stored as undecrypted. Then, when the key is handled, the cache of undecrypted messages is searched, the message decrypted and replaced.
When handling the key first, the message can be decryped instantly.
|
|
|
|
|
|
Otherwise new one time keys will be uploaded on every start
|
|
|
|
For EncryptedFile:
- JSON converter bodies moved away to .cpp;
- instead of C-style casts, reinterpret_cast is used to convert from
(const) char* to (const) unsigned char*;
- the size for the target plain text takes into account the case where
the cipher block size can be larger than 1 (after reading
https://www.openssl.org/docs/man1.1.1/man3/EVP_DecryptUpdate.html).
- file decryption is wrapped in #ifdef Quotient_E2EE_ENABLED, to avoid
OpenSSL linking errors when compiling without E2EE.
|
|
That's a better primitive than just exposing SupportedAlgorithms list.
|
|
Using a static variable is incorrect as it doesn't load the device list
for any subsequent created Connection object.
|
|
A note on switching to QLatin1String for JSON key constants - this is
more concise and barely affects (if at all) runtime performance (padding
each QChar with zeros is trivial for assignment; and comparison can be
done directly with the same performance as for two QStrings).
|
|
The result is FTBFS as yet; next commits will fix that, along with a few
other things.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Notably, Quotient::AccountRegistry::instance() is now deprecated
in favour of Quotient::Accounts inline variable.
|
|
The original (more complex and comprehensive) solution belongs to
https://oliora.github.io/2015/12/29/pimpl-and-rule-of-zero.html - this
commit only provides a small wrapper for non-copyable Private class
implementations common throughout libQuotient. Unlike the original,
default initialisation is made explicit - you have to pass
ZeroImpl<Private>() instead (and I firmly believe it's a good thing:
normally pointers to Private should not remain nullptr). The reason
ZeroImpl<> is not a template variable is quite simple: unique_ptr is
non-copyable and so cannot be initialised from; while a template
function will initialise the value in-place thanks to copy elision.
|
|
There's no need to return lambdas where pointers to specialised function
templates would work just fine.
|
|
Co-authored-by: Alexey Rusakov <Kitsune-Ral@users.sf.net>
|
|
It causes the program to crash for some reason
|
|
|
|
|
|
|
|
|
|
Co-authored-by: Alexey Rusakov <Kitsune-Ral@users.sf.net>
|
|
|
