This on-connect header will be used for lightweight "alerts" from the
server to an authenticated client. For now, it's only threaded through
to the Node implementation; the iOS and Android ones will come later.
Propagating the mp4san new feature through all the layers of libsignal.
The feature allows seamless handling of transcoded MP4 files on Android, where multiple MDAT boxes (one per chunk of A/V streams) are first compounded and then passed to mp4san for format correction.
And expose an explicit setInvalidProxy, both for testing and in case
apps want to do their own connection-poisoning.
This makes it easier to be consistent about "if you try to set a proxy
that turns out not to be valid, the ConnectionManager should end up in
the invalid state until explicitly cleared", whether the validation is
done on the Rust side of the bridge or the app language side.
This takes a full set of components describing the connection to a
proxy: a scheme, a host, and optionally a port and auth information.
The previous `setProxy(String, u16)` signature is still available for
Signal TLS proxies in particular, but now we have the flexibility to
support other kinds of proxies as well.
This takes a full URL (as a string) to use as a proxy. The previous
`setProxy(String, int)` signature is still available for Signal TLS
proxies in particular, but now we have the flexibility to support
other kinds of proxies as well.
This is necessarily a breaking change because the EC key operations
can no longer return SignalProtocolError. However, the types are still
exported through libsignal_protocol, and SignalProtocolError
implements From<CurveError>, so hopefully any clients will be guided
to update to the new usage.
Other changes:
- PublicKey::public_key_bytes no longer uses Result; any future curve
types will also need to keep their public key in a borrowable form.
- PublicKey::verify_signature also no longer uses Result; if a future
curve type does not support verifying a signature, or if the
signature is structurally invalid, that should be treated the same
as a verification failure. (This is already how structurally invalid
Curve25519 signatures were being treated.)
This change allows other crates to depend on the smaller
libsignal_core rather than all of libsignal_protocol (though it also
means libsignal_core is no longer as small as it used to be).
Validates a backup frame-by-frame, bypassing the encryption,
compression, and integrity-checking layers. Intended for use during an
export the user is waiting for, such as linking a new device.
