search

AsamK / signal-cli

signal-cli provides an unofficial commandline, JSON-RPC and dbus interface for the Signal messenger.
GNU General Public License v3.0
3.22k stars 306 forks source link

Deserialization failure in zkgroup #1440

Closed piramiday closed 9 months ago

piramiday commented 9 months ago

I updated to signal-cli v0.12.7 with lib-signal v0.39.3, but the profile is now broken with the following error:

Error loading state file for user [SNIP]:
org.signal.libsignal.zkgroup.InvalidInputException: Deserialization failure in zkgroup (AssertionError)

noticed another user with the same setup and problem but he commented on a closed issue, so I opened another one.

any thoughts of what might be going on? I'm on ubuntu x86-64 with openjdk-17 (but tried and failed with 21, as well).

m-ueberall commented 9 months ago

Hopefully you have a backup. It's explicitly stated here that you cannot combine any version of the libsignal_jni library with a specific version of signal-cli (and expect it to work).

piramiday commented 9 months ago

I designed my workflow many moons ago when that was not at all apparent, as far as I remember.

in any case, I retried with the proper libsignal version, 0.36.1, and the same happens. of course I reverted my config to the pre-update state before retrying.

any suggestion?

piramiday commented 9 months ago

nevermind, that was an issue with zip not updating libsignal due to 0.12.8 having a later timestamp.

is there any programmatic way to know which libsignal version to include/update for signal-cli? I am using the libraries compiled by https://github.com/exquo/signal-libs-build.

m-ueberall commented 9 months ago

is there any programmatic way to know which libsignal version to include/update for signal-cli? I am using the libraries compiled by exquo/signal-libs-build.

@piramiday: Yes, there is. If you inspect the contents of the current signal-cli-A.BB.C.tar.gz archive attached to the release tag (…/AsamK/signal-cli/releases/tag/vA.BB.C), the required version is part of the included libsignal-client .jar filename:

% tar -tvf signal-cli-0.12.8.tar.gz | egrep 'libsignal-client.*\.jar'
-rw-r--r-- 0/0        16003388 1970-01-02 01:00 signal-cli-0.12.8/lib/libsignal-client-0.36.1.jar
piramiday commented 9 months ago

is there any way to get the same info from the source code? I know I can search for that info after the packaging, but I was wondering whether I could look in a specific dependency file or something like that. many thanks for your help!

m-ueberall commented 9 months ago

is there any way to get the same info from the source code?

Not to my knowledge (at least there does not seem to be an explicit version number). Usually CHANGELOG.md will mention this, but the only sure-fire way to "do as upstream does" is to inspect the aforementioned build artefact/archive.

m-ueberall commented 9 months ago

is there any programmatic way to know which libsignal version to include/update for signal-cli?

@piramiday: In the meantime, I found a solution using the GitHub API based on the information attached to the release (release.yml) workflow which also produces a dependency-graph JSON artifact that contains all included dependencies/packages. Since the basic steps are also applicable to the signal-cli CLI (ci.yml) workflow, you're able to determine the necessary version for every test build upstream.

The below POC ("get_library_dependency.sh") displays the libsignal-client version for the current release. Note that you need to create a personal access token $MYTOKEN for this first (without it, you're not able to retrieve artifacts):

#! /bin/bash

# Personal access token, see https://github.com/settings/tokens
MYTOKEN="ghp_…"
#WORKFLOW="signal-cli CI"
WORKFLOW="release"

# get list of all runs in JSON format
curl -s -S -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${MYTOKEN}" -H "X-GitHub-Api-Version: 2022-11-28" \
  https://api.github.com/repos/AsamK/signal-cli/actions/runs > signal-cli_actions_runs.json

# current CI test build created by latest run of workflow "signal-cli CLI (ci.yml)" (listed before previous runs of same workflow)
LATEST_RUN_URI="$(jq -r '.workflow_runs[] | select(.name=="'"${WORKFLOW}"'") | .url' signal-cli_actions_runs.json | head -1)"
LATEST_RUN="${LATEST_RUN_URI##*/}"

# get information about latest run in JSON format
curl -s -S -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${MYTOKEN}" -H "X-GitHub-Api-Version: 2022-11-28" \
  "${LATEST_RUN_URI}" > "run_${LATEST_RUN}.json"

# get commit ID for latest run
COMMIT_ID="$(jq -r '.head_sha' "run_${LATEST_RUN}.json")"

# information about artifacts produced by latest run
ATTACHED_ARTIFACTS_URI="$(jq -r '.artifacts_url' "run_${LATEST_RUN}.json")"

# get list of artifacts in JSON format
curl -s -S -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${MYTOKEN}" -H "X-GitHub-Api-Version: 2022-11-28" \
  "${ATTACHED_ARTIFACTS_URI}" > "run_${LATEST_RUN}_artifacts.json"

# download address for dependency-graph .zip file
DEPENDENCY_GRAPH_ZIP_URI="$(jq -r '.artifacts[] | select(.name=="dependency-graph") | .archive_download_url' "run_${LATEST_RUN}_artifacts.json")"

# get dependency-graph archive
curl -s -S -L -H "Authorization: Bearer ${MYTOKEN}" -H "X-GitHub-Api-Version: 2022-11-28" \
  "${DEPENDENCY_GRAPH_ZIP_URI}" > "run_${LATEST_RUN}_dependency-graph.zip"

# get version of client from JSON file included in archive
LIBSIGNAL_CLIENT_VERSION="$(unzip -qc "run_${LATEST_RUN}_dependency-graph.zip" | jq -r '.manifests[].resolved[].package_url' | grep libsignal-client)"
LIBSIGNAL_CLIENT_VERSION="${LIBSIGNAL_CLIENT_VERSION##*@}"

echo "latest run of workflow '${WORKFLOW}':"
echo "    required libsignal-client version: ${LIBSIGNAL_CLIENT_VERSION}"
echo "    commit id: ${COMMIT_ID}"