1) Migrate from GSON to Jackson everywhere.
2) Add support for storing identity key conflicts on message rows.
3) Add limited support for surfacing identity key conflicts in UI.
Insecure implies an uncertainty of intention or confidence.
Unsecured is more specifically addressing the protocol which
wraps the message delivered.
Closes#1811
Long-click on a media attachment will now bring up the normal
context menu for a ConversationItem long-click, but with the
addition of a "save attachment" option.
This allows users to long-click on messages with media in them
and still see the other contextual menu options.
// FREEBIE
1) Updating a group without changing the avatar will keep that
avatar
2) Prohibit adding non-push users to an existing push group
3) Add Android contacts to the same database. Takes a small amount
more time and memory, but allows queries to not be a hack, and
enables us to dedupe numbers in JB and higher devices.
// FREEBIE
* unify single and multi contact selection activities
* follow android listview design recommendations more closely
* add contact photos to selection
* change indicator for push to be more obvious
* cache circle-cropped bitmaps
* dedupe numbers when contact has multiple of same phone number
// FREEBIE
1) On KitKat, unencrypted SMS messages are never stored in
TextSecure unless it is set as the system-wide default.
2) On KitKat, if TextSecure is set as the system-wide default,
provide an option to change the default to a different app.
3) Don't store the TextSecure challenge on KitKat+ devices.
1) If the SMS fallback preference is disabled, no outgoing
messages will succeed via the SMS transport.
2) If the SMS fallback preference is disabled, "mirroring" the
SMS db state when not the default system SMS app is disabled.
On Jelly Bean and above:
- Use the standard notification style for a better and consistent visual
appearance
- Use the JB notification actions API for the locking action
- Use a lower notification priority to prioritize other notifications
over TextSecure
On ICS:
- Use the existing custom notification layout
Everywhere:
- Allow opening the app itself from the notification
- Simplify strings: don't talk about a "cached passphrase" but about the
app being "unlocked"/"locked"
1) The system does actually enforce having a BROADCAST_SMS
permission on the SMS receiver. Break out the "delivered"
parts of this into a separate Receiver, so the permission
won't trip up GB devices.
2) The system does actually enforce having "quick response"
intents. Add a no-op for now.
3) Add a "make default" prompt.
4) Update settings to reflect what's going on in KitKat.
1) Added a new message status to MmsDatabase to
signify a pending MMS download which requires
APN settings.
2) Added a database method to query MMS messages
based on status.
3) Added login to SendReceiveService for processing
of MMS pending APN information.
4) Moved all APN/MMS settings into ApnPreferencesActivity
and transformed PromptApnActivity into a simple
informational activity.
5) Added logic to check for APN settings on send and
receive of all MMS (media, group, email) and direct
user to PromptApnActivity then ApnPreferencesActivity
if necessary.
6) Vocab/grammar adjustments.
I felt that the description of what "in-thread notification" could be difficult to understand for some. This is better, I think (though I'm not fully satisfied).
1) Allow imports from the stock SMS database at any time.
2) Provide plaintext export support, in a format compatible with
the "SMS Backup And Restore" app.
3) Fix the DB weirdness on encrypted restore that previously
required killing the app.
1) Broke out the UI elements of the major Activites into stylable
attributes.
2) Created a 'light' and 'dark' theme for the newly stylable attrs.
3) Touched up some of the UI spacing.
4) Implemented dynamic theme switching support.
1) There is no longer a concept of "verified" or "unverified."
Only "what we saw last time" and "different from last time."
2) Let's eliminate "verify session," since we're all about
identity keys now.
3) Mark manually processed key exchanges as processed.
1) We now try to hand out cursors at a minimum. There has always been
a fairly clean insertion layer that handles encrypting message bodies,
but the process of decrypting message bodies has always been less than
ideal. Here we introduce a "Reader" interface that will decrypt message
bodies when appropriate and return objects that encapsulate record state.
No more MessageDisplayHelper. The MmsSmsDatabase interface is also more
sane.
2) We finally rid ourselves of the technical debt associated with TextSecure's
initial usage of the default SMS DB. In that world, we weren't able to use
anything other than the default "Inbox, Outbox, Sent" types to describe a
message, and had to overload the message content itself with a set of
local "prefixes" to describe what it was (encrypted, asymetric encrypted,
remote encrypted, a key exchange, procssed key exchange), and so on.
This includes a major schema update that transforms the "type" field into
a bitmask that describes everything that used to be encoded in a prefix,
and prefixes have been completely eliminated from the system.
No more Prefix.java
3) Refactoring of the MultipartMessageHandler code. It's less of a mess, and
hopefully more clear as to what's going on.
The next step is to remove what we can from SmsTransportDetails and genericize
that interface for a GCM equivalent.
Currently we're flipping the radio in "MMS" mode, and connecting through
any proxies specified in the APN. This always work, or at least doesn't
seem to work on Sprint, since the configured mms proxy rejects proxy
requests.
Instead we try the following in this order:
1) Connect over normal data connection directly to MMSC.
2) Connect over MMS radio connection to MMSC.
3) Connect over MMS radio connection with any configured proxy to MMSC.
Hopefully this doesn't fuck up shit on other unknown networks.
1) Update the create, prompt, and change passphrase activities.
They are no longer dialog themed, and should look a little
less ugly.
2) Update the import DB activity to be less ugly and more robust.
3) Abstract all of the state handling stuff out of
ConversationListActivity. This is now handled by RoutingActivity,
which all launch intents move through.
1) If a message fails to be delivered, post a notification in the
status bar if that thread is not active and visible.
2) If a message fails to be delivered because there is no service,
keep retrying every time service becomes available again.
1) Refactor the master secret reset logic to properly interact with
services.
2) Add support for "BigText" and "Inbox" style notifications.
3) Decrypt message bodies when unlocked, display 'encrypted' when
locked.
1) We record time sent in SMS database (date_sent).
2) We record time received in MMS database (date_received).
3) We union this information correctly in MmsSmsDatabase.
1) Add configuration options for APN information in TextSecure settings.
2) Fall back to TextSecure settings if system settings are unavailable
while sending/receiving MMS.
3) Catch sqlite exception when devices randomly don't have the same
APN db or table structure.
1) When sending an SMS or MMS to multiple recipients, only show one
ConversationItem, but provide statistics on the number of recipients
delivered to.
2) Still break up the messages for secure and insecure messages.
1) Add >= ICS profile support (the system-supported "me" contact).
2) Improve <= Gingerbread support for me contact by auto-detecting
contacts that have the same number as the SIM card.
3) Tie in identity key import/export support to the "me" contact.
4) Don't display a "me" selection option in preference if it can
be auto-detected.
5) Refactor out the ContactAccessorNewApi back into the base class.
You know, it's much more fun listening to you in a lecture theatre. :-P
Right; any nit picks now might have to wait 3 weeks, depending on
available connectivity. Hope I did not screw this one up.
On platforms (API >= 11) that support receiving click events within
a notification, we change the notification format so that users
can "lock" TextSecure with a click.
For all platforms, we change the notification icon in the status
bar from a "lock" to an "unlock," to better reflect the situation.
This is all part of the master plan for eliminating the passphrase
timeout option.
1) Fix up the whitespace tagging so that it's a little more strict.
2) Don't display whitespace tags that we add to our own messages.
3) Make the tag detection prompt a little more visually pleasing.
1) Change all instances which use concatenation to build strings
with variables in them to use string formatting instead.
2) Extract all string literals from layouts and menus into strings.xml
3) Extract all string literals from code into strings.xml