From 6537354e4d92c8b2b8b4c90f2cad85586fbb457e Mon Sep 17 00:00:00 2001
From: Ryan Tharp <neuro@interx.net>
Date: Wed, 15 Jul 2020 23:34:53 +0000
Subject: [PATCH 1/9] bump server submodule for patchuser fixes

---
 server | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server b/server
index 92d3b60..359a966 160000
--- a/server
+++ b/server
@@ -1 +1 @@
-Subproject commit 92d3b604aeabbb6bda36b4e21cbcfe2d3cd5aa04
+Subproject commit 359a966767abc4dcd7254b3f6dd9732a5cab8e21

From 73994f4c730f74c60852555ab4643a059183e0ef Mon Sep 17 00:00:00 2001
From: Ryan Tharp <neuro@interx.net>
Date: Thu, 16 Jul 2020 01:36:53 +0000
Subject: [PATCH 2/9] whitelist support

---
 test/tests/transport/transport.js | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/test/tests/transport/transport.js b/test/tests/transport/transport.js
index e463914..c3550d2 100644
--- a/test/tests/transport/transport.js
+++ b/test/tests/transport/transport.js
@@ -289,6 +289,18 @@ module.exports = (testInfo) => {
     });
     it('lsrpc get/submit challenge', async function() {
       const ephemeralKey = libsignal.curve.generateKeyPair();
+      // whitelist support for this test
+      if (testInfo.config.inWhiteListMode()) {
+        // need to allow this
+        var oldToken = testInfo.platformApi.token // backup
+        const modToken = await testInfo.selectModToken(testInfo.channelId);
+        testInfo.platformApi.token = modToken // switch to mod
+        const result = await testInfo.platformApi.serverRequest('loki/v1/moderation/whitelist/@' + ephemeralKey.pubKey.toString('hex'), {
+          method: 'POST',
+        });
+        assert.equal(200, result.statusCode);
+        testInfo.platformApi.token = oldToken // restore
+      }
       const getChalPayloadObj = {
         // I think this is a stream, we may need to collect it all?
         body: null,

From 2012c42ab500c77a2b8ef0315c691226f96c681c Mon Sep 17 00:00:00 2001
From: Ryan Tharp <neuro@interx.net>
Date: Thu, 16 Jul 2020 01:37:13 +0000
Subject: [PATCH 3/9] updateUserAccess refactor fix

---
 lib.config.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib.config.js b/lib.config.js
index 15c9f16..db716fb 100644
--- a/lib.config.js
+++ b/lib.config.js
@@ -91,7 +91,8 @@ const updateUserAccess = () => {
     whitelist_access = {};
     for(const pubKey in disk_config.whitelist) {
       // translate pubKey to id of user
-      cache.getUserID(pubKey, (user, err) => {
+      cache.getUserID(pubKey, (err, user) => {
+        if (err) console.error('lib.config::updateUserAccess - getUserID err', err)
         if (user) {
           whitelist_access[user.id] = true;
         } else {

From 1298137b4927784565770f71219646f36b60d505 Mon Sep 17 00:00:00 2001
From: Ryan Tharp <neuro@interx.net>
Date: Thu, 16 Jul 2020 01:38:00 +0000
Subject: [PATCH 4/9] refactor support, add channels/X/messages/Y and /users
 for unit tests

---
 dialects/control/dialect.loki_control.js | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/dialects/control/dialect.loki_control.js b/dialects/control/dialect.loki_control.js
index 83e0b03..d5f40a0 100644
--- a/dialects/control/dialect.loki_control.js
+++ b/dialects/control/dialect.loki_control.js
@@ -132,6 +132,16 @@ module.exports = (app, prefix) => {
       ok = true;
     }
 
+    // need this for transpot unit tests
+    if (req.method.toLowerCase() === 'get' && req.path === '/users') {
+      ok = true;
+    }
+
+    // need this for create_message unit tests
+    if (req.method.toLowerCase() === 'get' && req.path.match(/^\/channels\//i) && req.path.match(/\/messages\//i)) {
+      ok = true;
+    }
+
     // GET /token is valid, if you're passing a token...
     if (req.method.toLowerCase() === 'get' && req.path.match(/^\/token/i)) {
       ok = true;
@@ -166,7 +176,7 @@ module.exports = (app, prefix) => {
     // if valid URL
     if (req.token) {
       // get pubKey from token...
-      cache.getAPIUserToken(req.token, async function(usertoken, err) {
+      cache.getAPIUserToken(req.token, async function(err, usertoken) {
         if (err) {
           console.error('control middleware getAPIUserToken err', err);
         }

From f623390bcf65cc288eee12ed99221fc40748d0b4 Mon Sep 17 00:00:00 2001
From: Ryan Tharp <neuro@interx.net>
Date: Thu, 16 Jul 2020 01:39:52 +0000
Subject: [PATCH 5/9] move transport so token isnt bad

---
 test/test.js | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/test/test.js b/test/test.js
index 1b30255..2ab5c13 100644
--- a/test/test.js
+++ b/test/test.js
@@ -396,6 +396,10 @@ const runIntegrationTests = async (ourKey, ourPubKeyHex) => {
       //userid = await getUserID(ourPubKeyHex);
     });
 
+    describe('transport tests', function() {
+      require('./tests/transport/transport.js')(testInfo);
+    });
+
     // test moderator security...
     describe('moderator security tests', function() {
       it('cant promote to moderator', async function() {
@@ -726,9 +730,7 @@ const runIntegrationTests = async (ourKey, ourPubKeyHex) => {
       });
     });
   });
-  describe('transport tests', function() {
-    require('./tests/transport/transport.js')(testInfo);
-  });
+  // overlayApi.token is banned at this point...
   // I don't think there's any need to test our nodepomf glue...
   // I don't think I have enough time to write test for control
 }

From 3436867dde35d35873e74088bb07393ddd6abe14 Mon Sep 17 00:00:00 2001
From: Ryan Tharp <neuro@interx.net>
Date: Thu, 16 Jul 2020 01:41:37 +0000
Subject: [PATCH 6/9] bump server submodule

---
 server | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server b/server
index 359a966..6bf7f1d 160000
--- a/server
+++ b/server
@@ -1 +1 @@
-Subproject commit 359a966767abc4dcd7254b3f6dd9732a5cab8e21
+Subproject commit 6bf7f1d4a3bcc8c4ad68a0adcf7477603f464025

From 185bc66439e1d59829f2f6ed7e52db4a2d1591d0 Mon Sep 17 00:00:00 2001
From: Ryan Tharp <neuro@interx.net>
Date: Thu, 16 Jul 2020 04:10:38 +0000
Subject: [PATCH 7/9] file server live=>Refactor differences

---
 server | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server b/server
index 6bf7f1d..caf1ead 160000
--- a/server
+++ b/server
@@ -1 +1 @@
-Subproject commit 6bf7f1d4a3bcc8c4ad68a0adcf7477603f464025
+Subproject commit caf1ead2c9130f15a4d9bed5dee56472959ffc6a

From 86cc15156182b55a766861714c309f8cb85828b1 Mon Sep 17 00:00:00 2001
From: Ryan Tharp <neuro@interx.net>
Date: Thu, 16 Jul 2020 05:33:16 +0000
Subject: [PATCH 8/9] improve logging

---
 dialects/transport/dialect.loki_proxy.js | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/dialects/transport/dialect.loki_proxy.js b/dialects/transport/dialect.loki_proxy.js
index 4867893..b5f8743 100644
--- a/dialects/transport/dialect.loki_proxy.js
+++ b/dialects/transport/dialect.loki_proxy.js
@@ -354,7 +354,7 @@ function fixUpMiddleware(app) {
 
   // fix up runMiddleware
   app.runMiddleware = function(path, options, callback) {
-    // console.log('app.runMiddleware', path)
+    //console.log('app.runMiddleware', path)
     if (callback) callback = _.once(callback);
     if (typeof options == "function") {
       callback = options;
@@ -373,7 +373,7 @@ function fixUpMiddleware(app) {
       new_req = createReq(path, options);
     }
     new_res = createRes(callback);
-    // console.log('running', new_req.path, 'against app')
+    //console.log('running', new_req.path, 'against app')
     this(new_req, new_res);
   };
 
@@ -624,6 +624,7 @@ module.exports = (app, prefix) => {
     }, res);
   });
 
+  // proxy version
   app.post(prefix + '/loki/v1/secure_rpc', async (req, res) => {
     res.start = Date.now()
     //console.log('got secure_rpc', req.path);
@@ -632,6 +633,7 @@ module.exports = (app, prefix) => {
     //console.log('secure_rpc body', req.body, typeof req.body);
 
     if (!req.body.cipherText64) {
+      console.warn('no cipherText64')
       return sendresponse({
         meta: {
           code: 400,
@@ -656,6 +658,7 @@ module.exports = (app, prefix) => {
     const ephemeralPubKey64 = req.headers['x-loki-file-server-ephemeral-key'];
     //console.log('ephemeralPubKey', ephemeralPubKey64);
     if (!ephemeralPubKey64 || ephemeralPubKey64.length < 32) {
+      console.warn('proxy ephemeralPubKey64 error', ephemeralPubKey64)
       return sendresponse({
         meta: {
           code: 400,
@@ -700,6 +703,7 @@ module.exports = (app, prefix) => {
     try {
       decrypted = await libsignal.crypto.decrypt(symKey, ciphertext, iv);
     } catch(e) {
+      console.warn('proxy decrypt error')
       return sendresponse({
         meta: {
           code: 400,
@@ -712,6 +716,7 @@ module.exports = (app, prefix) => {
     try {
       requestObj = JSON.parse(decrypted.toString());
     } catch(e) {
+      console.warn('proxy parse unencrypted error')
       sendresponse({
         meta: {
           code: 400,
@@ -721,6 +726,7 @@ module.exports = (app, prefix) => {
       return;
     }
 
+    //console.log('JSON decoded', requestObj);
     const fakeReq = await createFakeReq(req, requestObj)
 
     /*

From 4084e95e12fd2ceb4f16e55b99b7af9a585813bc Mon Sep 17 00:00:00 2001
From: Ryan Tharp <neuro@interx.net>
Date: Thu, 16 Jul 2020 05:33:56 +0000
Subject: [PATCH 9/9] fix patch annotation only response

---
 server | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server b/server
index caf1ead..055724a 160000
--- a/server
+++ b/server
@@ -1 +1 @@
-Subproject commit caf1ead2c9130f15a4d9bed5dee56472959ffc6a
+Subproject commit 055724ad798a9059fea94f03778de143f8c3d087