airmessage / airmessage-android

AirMessage for Android phones, tablets, and laptops
Apache License 2.0
162 stars 20 forks source link

airmessage.org SSL Certificate Expired #64

Closed Falcc closed 11 months ago

Falcc commented 12 months ago

Hello - heads up, the airmessage.org SSL certificate expired. My local airmessage server also says "no internet connection" - which it wasn't previously. I'd assume it's trying to hit airmessage.org or something and because the certs expired, it's being rejected? Airmessage is fully down for me now.

Falcc commented 12 months ago

2023-11-01 11_26_09-Certificate for _ airmessage org — Mozilla Firefox

tagavari commented 12 months ago

Thanks for the heads-up! All certificates have been updated.

Falcc commented 12 months ago

Seems to have resolved the server's issue with access to internet. Android app is still claiming "No internet connection" specifically. Tried phone restart, tried clear app cache, tried clear app cache and app data. On trying to re-login I'm still hitting "No internet connection".

zmalter99 commented 12 months ago

Same here. Haven't found a resolution yet.

working-name commented 12 months ago

Thanks for the heads-up! All certificates have been updated.

woah! This is not abandonware?!

Falcc commented 11 months ago

This is resolved now. It's all working. @tagavari - it does beg the questions:

  1. What data gets sent to and from airmessage.org, given it's a locally hosted service?
  2. If no data other than a "internet connectivity check" is sent, could that check be replaced with something more reliable such as 8.8.8.8?
tagavari commented 11 months ago

While AirMessage does rely on a Mac for iMessage functionality, most users also use AirMessage's proxy servers, which handle maintaining a connection between your Android phone / web browser and Mac, and avoid the hassle of port forwarding.

This is what happens when you sign in to AirMessage with a Google account. If instead you set up a manual / direct connection, you'll end up with a regular self-hosted service like you're thinking of.

Falcc commented 11 months ago

While AirMessage does rely on a Mac for iMessage functionality, most users also use AirMessage's proxy servers, which handle maintaining a connection between your Android phone / web browser and Mac, and avoid the hassle of port forwarding.

This is what happens when you sign in to AirMessage with a Google account. If instead you set up a manual / direct connection, you'll end up with a regular self-hosted service like you're thinking of.

Got it. Thanks. What data is passed through the proxy servers and what data is stored? (EG: Are messages traversing through the proxy server clear text? Are they encrypted end to end?)

tagavari commented 11 months ago

@Falcc It depends on how you have your server configured. If you set a password in AirMessage Server under Preferences... > Edit Password, that password will be used end-to-end to encrypt all message content sent through the proxy servers, as well as Google's push notification servers. If you don't set a password, your data is not end-to-end encrypted, but is still encrypted in transit.

Any information passed through the proxy server is treated as opaque, and isn't saved or logged. The only data that's recorded is installation identifiers and FCM tokens for message-routing purposes.

If you'd like to see this in the source code, you can see the logic here in the Android app, as well as a previous implementation of AirMessage's proxy servers.

Falcc commented 11 months ago

@tagavari Thanks for the clarification. I'll close this issue now that it's all resolved.