-
Notifications
You must be signed in to change notification settings - Fork 68
Conversation
@@ -92,24 +110,52 @@ + (instancetype)sharedManager { | |||
- (instancetype)initDefault | |||
{ | |||
self = [super init]; | |||
|
|||
if (![self tryToLoadDatabase]) { | |||
// Failing to load the database is a catastrophic. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
you a word again.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
// or the keychain has become corrupt. Either way, we want to get back to a | ||
// "known good state" and behave like a new install. | ||
|
||
BOOL shouldHavePassword = [[NSUserDefaults standardUserDefaults] objectForKey:TSStorageManagerHasDatabasePassword]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think using fileExistsAtPath
would get you the same information and save a couple lines farther down. It might even be more conceptually to-the-point since that's the file that this password corresponds to.
not a blocking concern.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm, you're right. I was trying to avoid filesystem access, but "less state = more surface area for bugs."
} | ||
|
||
[self deletePasswordFromKeychain]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same as before:
We are missing the call to [TSAttachmentStream deleteAttachments];
which deletes any on-disk attachments. Instead of these lines, wipeSignalStorage
is almost what we want but won't work as is.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yup, see above.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Although... as discussed offline, I think we should convert our "media/blob" cache to a LRU cache where contents get evacuated based on some maximum size on disk. My understanding is that the app disk usage currently grows in an unbounded way, which is:
- Burdensome on/troublesome for users.
- A vector of serious "out of disk space" bugs.
Many users keep their phones very close to full at all times.
OWSAnalyticsCritical(@"Could not load database"); | ||
|
||
// Try to reset app by deleting database. | ||
[self deletePasswordFromKeychain]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We are missing the call to [TSAttachmentStream deleteAttachments];
which deletes any on-disk attachments. Instead of these lines, wipeSignalStorage
is almost what we want but won't work as is - though see below for my comment there.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Okay, I split wipeSignalStorage
into two methods to DRY this up.
[TSAttachmentStream deleteAttachments]; | ||
|
||
[[self init] setupDatabase]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't even think this setupDatabase
bit is necessary, so maybe you could use this in multiple places above if you just remove this line.
It's unnecessary, since (IIRC) the only place this is called, we immediately kill the app. In which case the database would be setup on next launch. (Users access this functionality in Settings > Delete Account)
Though should we be killing the app is a different question. Probably not.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Huh! Also, why was this calling init
?!? I'm going to take your suggestion remove this line and undo the "splitting" I mentioned above.
// We determine the database password first, since a side effect of | ||
// this can be deleting any existing database file (if we're recovering | ||
// from a corrupt keychain). | ||
NSData *databasePassword = [self databasePassword]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You know. THIS change made me curious, and I found out we were calling the cipher block which queries the keychain 25 times in quick succession on startup. =/
PTAL @michaelkirk |
// | ||
// OWSAnalytics.h | ||
// | ||
// Copyright (c) 2017 Open Whisper Systems. All rights reserved. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
wanna run precommit on all these?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
@@ -24,7 +24,7 @@ extern NSString *const TSUIDatabaseConnectionDidUpdateNotification; | |||
- (void)setupDatabase; | |||
- (void)deleteThreadsAndMessages; | |||
- (BOOL)databasePasswordAccessible; | |||
- (void)wipeSignalStorage; | |||
- (void)resetSignalStorage; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a heads up that this is used in Signal-iOS. Generally if there are breaking changes in ssk, try to open the corresponding Signal-iOS PR that can run it simultaneously.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
self.database = nil; | ||
_dbConnection = nil; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I prefer property getters wherever possible (even internally). My rationale is that some assumptions become easier when only getters, setters, dealloc, and init touch it.
I could be persuaded to always use ivars internally, but I don't think we should mix and match arbitrarily.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sure, that sounds quite reasonable. In fact, the only reason I accessed the ivar here is because this property is declared as readonly
in the header and there's no readwrite
property as one might expect in a private anonymous category. Going forward I'll fix these as I find them!
4ee4752
to
2aa0797
Compare
…l and database load errors. // FREEBIE
2aa0797
to
c5cf79c
Compare
signalapp/Signal-iOS#1578