Merge pull request #823 from neuroscr/tls-fix

Some snode JSON parsing/keypair loading from storage guards, RSS case fix, lint
6 years ago · 8363548f01
parent beb4cdbed8 dfb5b0ed9f
commit 8363548f01
5 changed files with 51 additions and 6 deletions
--- a/app/sql.js
+++ b/app/sql.js
@ -910,7 +910,7 @@ async function updateToLokiSchemaVersion1(currentVersion, instance) {
    id: 'rss://loki.network/category/messenger-updates/feed/',
    rssFeed: 'https://loki.network/category/messenger-updates/feed/',
    closable: false,
-    name: 'Messenger updates',
+    name: 'Messenger Updates',
    profileAvatar: 'images/session/session_chat_icon.png',
  };

--- a/js/modules/loki_app_dot_net_api.js
+++ b/js/modules/loki_app_dot_net_api.js
@ -187,7 +187,7 @@ class LokiAppDotNetServerAPI {

    // if no token to verify, just bail now
    if (!token) {
-      //
+      // if we haven't forced it
      if (!forceRefresh) {
        token = await this.getOrRefreshServerToken(true);
      }
@ -452,7 +452,11 @@ class LokiAppDotNetServerAPI {
    const txtResponse = await result.text();
    if (txtResponse.match(/^Service node is not ready: not in any swarm/i)) {
      // mark snode bad
-      log.warn(`Marking random snode bad, internet address ${randSnode.ip}:${randSnode.port}`);
+      log.warn(
+        `Marking random snode bad, internet address ${randSnode.ip}:${
+          randSnode.port
+        }`
+      );
      lokiSnodeAPI.markRandomNodeUnreachable(randSnode);
      // retry (hopefully with new snode)
      // FIXME: max number of retries...
@ -582,7 +586,13 @@ class LokiAppDotNetServerAPI {
          `json: ${txtResponse}`
        );
      } else {
-        log.info(`serverRequest ${mode} error`, e.code, e.message, 'atttempting connection to', url);
+        log.info(
+          `serverRequest ${mode} error`,
+          e.code,
+          e.message,
+          'atttempting connection to',
+          url
+        );
      }
      return {
        err: e,
--- a/js/modules/loki_rpc.js
+++ b/js/modules/loki_rpc.js
@ -85,7 +85,20 @@ const sendToProxy = async (options = {}, targetNode) => {
  try {
    const jsonRes = JSON.parse(plaintext);
    // emulate nodeFetch response...
-    jsonRes.json = () => JSON.parse(jsonRes.body);
+    jsonRes.json = () => {
+      try {
+        return JSON.parse(jsonRes.body);
+      } catch (e) {
+        log.error(
+          'lokiRpc sendToProxy error',
+          e.code,
+          e.message,
+          'json',
+          jsonRes.body
+        );
+      }
+      return false;
+    };
    return jsonRes;
  } catch (e) {
    log.error(
--- a/js/modules/loki_snode_api.js
+++ b/js/modules/loki_snode_api.js
@ -156,6 +156,15 @@ class LokiSnodeAPI {
        '/storage_rpc/v1',
        snode
      );
+      if (!result) {
+        log.warn(
+          `getSwarmNodes lokiRpc on ${snode.ip}:${
+            snode.port
+          } returned falsish value`,
+          result
+        );
+        return [];
+      }
      const snodes = result.snodes.filter(tSnode => tSnode.ip !== '0.0.0.0');
      return snodes;
    } catch (e) {
--- a/libloki/crypto.js
+++ b/libloki/crypto.js
@ -48,6 +48,9 @@
    // Should we use ephemeral key pairs here rather than long term keys on each side?
    async encrypt(plaintext) {
      const myKeyPair = await textsecure.storage.protocol.getIdentityKeyPair();
+      if (!myKeyPair) {
+        throw new Error('Failed to get keypair for encryption');
+      }
      const myPrivateKey = myKeyPair.privKey;
      const symmetricKey = libsignal.Curve.calculateAgreement(
        this.pubKey,
@ -63,6 +66,9 @@

    async decrypt(ivAndCiphertext) {
      const myKeyPair = await textsecure.storage.protocol.getIdentityKeyPair();
+      if (!myKeyPair) {
+        throw new Error('Failed to get keypair for decryption');
+      }
      const myPrivateKey = myKeyPair.privKey;
      const symmetricKey = libsignal.Curve.calculateAgreement(
        this.pubKey,
@ -169,6 +175,9 @@
    data[len] = type;

    const myKeyPair = await textsecure.storage.protocol.getIdentityKeyPair();
+    if (!myKeyPair) {
+      throw new Error('Failed to get keypair for pairing signature generation');
+    }
    const signature = await libsignal.Curve.async.calculateSignature(
      myKeyPair.privKey,
      data.buffer
@ -291,7 +300,11 @@
    const serverPubKey = new Uint8Array(
      dcodeIO.ByteBuffer.fromBase64(serverPubKey64).toArrayBuffer()
    );
-    const { privKey } = await textsecure.storage.protocol.getIdentityKeyPair();
+    const keyPair = await textsecure.storage.protocol.getIdentityKeyPair();
+    if (!keyPair) {
+      throw new Error('Failed to get keypair for token decryption');
+    }
+    const { privKey } = keyPair;
    const symmetricKey = libsignal.Curve.calculateAgreement(
      serverPubKey,
      privKey