Commit graph

3974 commits

Author SHA1 Message Date
Daniel Gultsch 1b05cbd665
use opus for voice messages on Android 10
recipients need at least Android 5 to play the message; however
Conversations has been Android 5+ for a while now
2023-08-20 07:59:45 +02:00
Daniel Gultsch 09f6343ced
Security: Introduce backup file format v2
This switches the SQL based backup format to something JSON based.

The SQL based format has always been prone to SQL injections that, for example, could delete other messages or preexisting accounts in the app. This hasn’t been a concern this far because why would anyone purposely try to restore a faulty backup? However the argument has been made that a user can be socially engineered to restore an exploited backup file.
Before version 2.12.8 a third party app could even trigger the restore process, leaving the backup password entry dialog the only hurdle.
On top of that it has been demonstrated that a backup file can be crafted in a way that puts preexisting credentials into a 'pending' message to an attacker ultimately leading to that information being leaked.

While destorying information has always been deemed an acceptable risk, leaking information is one step too far.

Starting with Conversations 2.12.9 Conversations will no longer be able to read v1 backup files. This means if you are restoring on a new device and you have a v1 backup file you must first install Conversations <= 2.12.8, restore the backup, and then upgrade to Conversations >= 2.12.9.

ceb2txt¹ has support for v2 backup files. Conceivably ceb2txt could be extended to convert between v1 and v2 file formats. (ceb2txt already recreates the database from v1 files; It is relatively straight forward to create v2 files from that database. Pull requests welcome.)

¹: https://github.com/iNPUTmice/ceb2txt/
2023-08-17 12:07:51 +02:00
Daniel Gultsch b4a07d0093
remove channel discovery from Google Play build flavor 2023-08-08 10:39:36 +02:00
Daniel Gultsch 7a9f18f223
play tones as music when silent only on android 12+ 2023-08-08 09:04:26 +02:00
Daniel Gultsch 12b34426fc
add ј to list 2023-06-29 09:56:49 +02:00
Daniel Gultsch d588e942e6
q is not cyrillic but ԛ and х are 2023-06-29 09:45:50 +02:00
Stephen Paul Weber 4c38c480fa
Use libidn for stringprep
Which actually validates according to spec instead of just being lazy.
2023-06-27 16:31:01 +02:00
Daniel Gultsch e3a121121b
UP: add custom extensions for app<->distributor interaction
On registration the app can pass in a 'Messenger' to get a direct response
instead of having to somehow wait for the broadcast receiver to fire.

The app name can be passed as a pending intent which allows the distributor
to validate the sender.
2023-06-26 16:09:01 +02:00
Daniel Gultsch ca1ee4a565
process stream features after success when we inlined bind but not sm 2023-06-25 22:15:49 +02:00
Daniel Gultsch 3b26948a9d
replace libraries hosted on jcenter 2023-06-23 18:00:58 +02:00
Daniel Gultsch 6289e048b3
catch runtime exception when trying to stop tone manager 2023-06-05 10:05:59 +02:00
Daniel Gultsch 1188a89f2a
sanity check push server url 2023-05-07 14:43:13 +02:00
Daniel Gultsch f7f34c6bdd
fix regressions after target sdk 33 update 2023-05-07 10:13:14 +02:00
Daniel Gultsch cc16811444
rename bookmarks tab to 'group chats'
fixes #38

exposing bookmarks like this was a mistake that Conversations 3 will not repeat

in the meantime we rename this to group chats which might be more broadly understood
2023-05-03 08:00:40 +02:00
Daniel Gultsch aa8e0b3c4d
remember bound stream features. fixes #45 2023-05-02 15:35:27 +02:00
Daniel Gultsch bc00f6f629
bump target sdk to 33 2023-04-12 13:28:16 +02:00
Daniel Gultsch 1fff1a0649
add ability to remove account from server 2023-04-08 09:31:17 +02:00
Daniel Gultsch 9187739450
play dial tones on STREAM_MUSIC when phone is silent
when the phone is silent only the first ~three tones are played when
attempting to play out the tone over STREAM_VOICE_CALL

it’s unclear exactly why this is the case (in the past we went back and forth
between STREAM_VOICE_CALL and STREAM_MUSIC) exactly to fix issues around silent
mode.
Apparently we failed to test this past three sounds.

This commit changes the stream back to music - but not generally as this was in
the past - but only for when the phone is on silent
2023-04-03 16:00:06 +02:00
Daniel Gultsch d38c264e7d
lock call activity in portrait mode during audio call 2023-04-03 13:38:22 +02:00
Daniel Gultsch 9456ba6f56
put timestamp in all call logs 2023-04-03 13:15:57 +02:00
Daniel Gultsch 2cb21bcb87
use static (not translated) text for Privacy policy and TOS
For a long time Quicksy had a privacy policy written by myself that explains
in plain English what data we store and how we use it.
https://quicksy.im/#privacy

Google doesn’t like that and prefers that we use some bullshit template that
is extremely vague, doesn’t explain anything and gives us permission to do
basically everything. (At least I think so. I don’t understand the text I
copy pasted)

Apparantly the text in the app is important as well (BARD didn’t explain
that very well when it reviewed our app) therfor we need a static text (not
allow translations)

Furthermore the data safety section on Google Play now claims we store the
users address book even though we don’t actually. But who cares; nobody reads
this and we just do this to make the machine happy. Cool!
2023-04-03 10:29:55 +02:00
Daniel Gultsch fbf8b09fe6
point to a privacy policy that doesn’t use anchors 2023-03-06 08:06:46 +01:00
Daniel Gultsch 9715271e92
expand emoji range to cover e14 2023-03-05 20:50:06 +01:00
Daniel Gultsch 84fa529256
use setText instead of append() 2023-02-05 09:34:29 +01:00
Daniel Gultsch 41cd96e37b
UP: null check transport verification 2023-01-10 17:22:48 +01:00
Daniel Gultsch b7c7c40b94
send directed presence to transport if endpoints are configured 2023-01-06 17:04:15 +01:00
Daniel Gultsch 0e10ae387a
periodically renew endpoints 2023-01-06 15:44:39 +01:00
Daniel Gultsch 1e0904a48d
use less entropy in SASL2 device id 2023-01-06 12:41:26 +01:00
Daniel Gultsch 4ee5c167be
do not attempt endpoint renewal when account is disabled. renew on bind 2023-01-04 20:59:08 +01:00
Daniel Gultsch b1f95d2e39
integrate UnifiedPush distributor 2023-01-04 10:23:20 +01:00
Daniel Gultsch 1000d927a7
remove work arounds for nimbuzz.com 2023-01-01 12:20:10 +01:00
Daniel Gultsch 97d9cb7dd5
remove work arounds for slack 2023-01-01 12:05:49 +01:00
Daniel Gultsch 41da2a5957
fix client crashing on empty passwords (regression) 2022-12-30 17:14:18 +01:00
Daniel Gultsch 0cec499565
make sure we don’t dispose video source twice 2022-12-30 12:16:19 +01:00
Daniel Gultsch a7fe3e8372
reset stanza count when enabling SM via SASL inline 2022-12-30 12:09:16 +01:00
Daniel Gultsch 01fba162f0
code clean up. use Optional to parse SM’s h attribute 2022-12-30 10:53:49 +01:00
Daniel Gultsch f5b7fbc441
add log when we requested token but didn’t get one 2022-12-30 09:00:42 +01:00
Daniel Gultsch 13606aae60
add todo item in turn server code 2022-12-29 14:53:05 +01:00
Daniel Gultsch ce0992036a
disable proximity sensor after switching from audio to video 2022-12-29 12:53:59 +01:00
Daniel Gultsch 909aa72b25 catch exception in getSignalingState() 2022-12-24 10:55:16 +01:00
Daniel Gultsch 36efd51a7f fix transports/descriptions not upgraded to jingle ft
fixes #4429
2022-12-20 19:28:47 +01:00
Daniel Gultsch 499c4ddd0a do not detect sm:2 as sm available
the 2.11.0 release removed support for enabling sm:2
unfortunatly sm:2 was still detected as "server supports stream managment"
down the line leading to resend loops.

fixes #4426
2022-12-16 08:07:46 +01:00
Daniel Gultsch 4ef4207593 show switch to video only if other party has caps
fixes #4421
2022-12-12 10:15:13 +01:00
Daniel Gultsch 2093aa76ad code clean up in ContactChooserTargetService 2022-12-11 20:13:09 +01:00
Daniel Gultsch bb52962f0d delay candidates until after session-init/accept 2022-12-05 15:40:07 +01:00
Daniel Gultsch 2c7c44e957 null PeerConnection reference before disposing; otherwise getState() might be issued against disposed object 2022-12-01 20:46:18 +01:00
Daniel Gultsch 80d195d35e avoid race condition when restarting ICE 2022-11-30 17:32:46 +01:00
Daniel Gultsch c178e9ad33 add switch to video menu item to call 2022-11-28 11:39:26 +01:00
Daniel Gultsch 4e8ceadfbf prepare JingleRtpConnection for content-adds 2022-11-28 08:59:23 +01:00
Daniel Gultsch 63501adc45 trim xmpp address after user input 2022-11-25 08:50:58 +01:00