WiredClient icon indicating copy to clipboard operation
WiredClient copied to clipboard

Published 20 hours ago verified publisher icon nark

Offline private messages

Open nark opened this issue 12 years ago • 2 comments

The ability to send private messages to users who are not currently logged in to the server.

nark avatar Mar 08 '13 16:03 nark

A note I wrote on offline messaging and the Wired protocol:

WIRED 2.0 PRIVATE MESSAGES

HOW IT WORKS

  • The fullname field of the user account becomes required. Every user now have a public fullname that any other authorized users can see. The 'fullname' field is added to the default "wired.user.info" message to let other clients knowing it.
  • You can use the fullname of an user to send him a private message, even if he is offline (Example: fullname@servername). If the target user is offline, the server will store the message (encrypted) into the database, linked and waiting for the wanted user to connect.
  • Users have to receive pending messages at login. New messages ("wired.message.get_messages" -> "wired.message.messages") should be added to the protocol to handle the retrieve of message sent to this user when he was offline (pull).
  • The "wired.message.send_message" message must be modified, or another new message ("wired.message.send_offline_message") must be added (the 'offline' state can be define on client side), to support the "fullname" field, in a secure way. To be defined.

SECURITY CONCERNS

  • The user's fullname must be setup by administrators and the user can't change his 'fullname' itself. This to prevent spoofing. A bit like when you choose an email address, you can't change it easily.

IMPORTANT NOTES

First of all, the Wired API must be setup to support backward/forward protocol compatibility. For example with offline messages, new clients should be able to send private message to old servers and old clients might not be able to send messages to new servers. The purpose is to check the Wired Specification at the feature level. Wired protocol messages support versioning so we have to choose the message that matches the protocol version of the target server.

nark avatar Mar 08 '13 16:03 nark

In order to setup the support for backward/forward protocol compatibility, having a look to following functions is very interesting:

wi-p7-socket.c: _wi_p7_socket_receive_compatibility_check (...)

wi-p7-socket.c: _wi_p7_socket_send_compatibility_check (...)

wi-p7-spec.c: wi_p7_spec_is_compatible_with_spec (...)

nark avatar Mar 08 '13 16:03 nark