We still need the AxolotlKit model classes to migrate old sessions,
but we don't need any of the actual protocol support. This also
means we can drop HKDFKit.
Additionally, we do still use some utilities from AxolotlKit:
- AxolotlExceptions.h: NSException names, should eventually be
replaced by NSErrors everywhere
- NSData+keyVersionByte.h: prepend/remove public key type byte,
should eventually be replaced by strong types (ECPublicKey)
- SPKProtocolContext.h: defines the SPKProtocol{Read,Write}Context
marker protocols, should be replaced by direct use of
SDSAny{Read,Write}Transaction
The NSE should only run on iOS 13.3 or later where the "filtering" entitlement
is available since our notifications don't contain any content and will often
not trigger any user visible content. We control this by setting the deployment
target to iOS 13.3.
This does not handle calls as it's currently impossible to wake the main app or
launch CallKit from within the NSE. Should we reach a point where we need to use
this extension in production the service will need to be able to differentiate
between call and non-call messages and deliver them as VOIP or Vanilla pushes as
appropriate. Alternatively, Apple may introduce some way for us to signal the
main app that a call message has been received.
This does not currently address the potential for the NSE and the main app to be
running and trying to process messages at the same time. As long as the
websocket is connected and the main app is processing messages in a timely
fashion the NSE will never be called since the service will not send pushes for
these messages, but censorship circumvention users and users where the websocket
is disconnected for some reason will legitimately receive pushes and we will
want to process those messages. How we will handle these cases requires further
thought since just terminating the NSE when the app launches is not sufficient.
We could potentially do something like terminate the NSE everytime the main app
runs the message fetcher job which should only happen if either the user
pulls-to-refresh on the conversation list or the websocket is actively connected
and receiving messsages. I plan to address this in a follow-up pull request.
Currently this code will not ever be run since the service never sends vanilla
push notifications. Eventually we will need to add logic into the main app to:
a) detect we're on iOS 13.3 or later and b) update a flag on the service telling
it to stop using VOIP pushes for non-call messages. The API for requesting this
from the service does not yet exist.
* Ensure NotificationsManager has dependencies
Otherwise it's easy to mess up the order of the required dependencies.
* move AccountManager into Environment, it's heavy to construct
// FREEBIE
* Separate registering an account from registering for push notifications
* Allows us to complete registration without prompting user for
notification settings.
UX Changes
----------
* Automatically keep push tokens in sync on startup.
Push tokens *can* change, though they rarely do. It happens more often
for people switching between appstore/beta builds.
fixes#1174
* Show alert with registration failure
* add secret 8-tap debug log gesture to registration flow
* Move registration to separate flow
* don't see flash of inbox when first launching
* show useful error messages when given wrong code / no code
* remove background fetch
We werent using it, but only relying on a side effect of it which is
no longer necessary.
Code Changes
------------
* More registration logging.
* Install PromiseKit with carthage
Our dependencies are not yet framework compatible, so we can't use
cocoapods.
* Merge preferences util "category" into superclass.
The immediate reason for this is Swift interop was assuming optional
types were not optional, and exploding when a value was nil.
This is clearer anyway, since we were treating it like a subclass, and
it was the only thing using the class anyway.
* auto-genstrings now searches *.swift (and *.h, which was previously
broken) for translateable strings.
// FREEBIE
- Using same clang format file for old and new files.
- Moving out all TextSecure code to allow other clients (OS X, iOS) to
integrate easily TextSecure functionality.
- Use TextSecure API to signup.
- Fixing size classes rendering bugs.
- Supporting native iOS San Francisco font.
- Quick Reply
- Settings now slide to the left as suggested in original designed
opposed to modal.
- Simplification of restraints on many screens.
- Full-API compatiblity with iOS 9 and iOS 8 legacy support.
- Customized AddressBook Permission prompt when restrictions are
enabled. If user installed Signal previously and already approved
access to Contacts, don't bugg him again.
- Fixes crash in migration for users who installed Signal <2.1.3 but hadn't signed up
yet.
- Xcode 7 / iOS 9 Travis Support
- Bitcode Support is disabled until it is better understood how exactly
optimizations are performed. In a first time, we will split out the
crypto code into a separate binary to make it easier to optimize the
non-sensitive code. Blog post with more details coming.
- Partial ATS support. We are running our own Certificate Authority at
Open Whisper Systems. Signal is doing certificate pinning to verify
that certificates were signed by our own CA. Unfortunately Apple's App
Transport Security requires to hand over chain verification to their
framework with no control over the trust store. We have filed a radar
to get ATS features with pinned certificates. In the meanwhile, ATS is
disabled on our domain. We also followed Amazon's recommendations for
our S3 domain we use to upload/download attachments. (#891)
- Implement a unified `AFSecurityOWSPolicy` pinning strategy accross
libraries (AFNetworking RedPhone/TextSecure & SocketRocket).
- Removes large confusing UX bar and related assets. Replaced with UISwitch.
- Enhanced user experience for missed calls.
- Fixes issue where missed call would appear as incoming call in call log.
- Fixing issues where PushKit handler not called on launch.