search

deltachat / deltachat-core-rust

Delta Chat Rust Core library, used by Android/iOS/desktop apps, bindings and bots 📧
https://delta.chat/en/contribute
Other
630 stars 80 forks source link

Do not use default iroh relays #5591

Open link2xt opened 1 month ago

link2xt commented 1 month ago

We should not use default iroh relays, but only connect to other peers that have relays if we don't have our own relay: https://github.com/deltachat/deltachat-core-rust/blob/36f1fc4f9d64520d99830c08b25e9328a28882aa/src/peer_channels.rs#L208-L210

However, disabling it now will break Rust tests because they don't connect to IMAP and cannot get the relay address from IMAP METADATA. Tests should be moved into Python deltachat-rpc-client first.

Septias commented 1 month ago

We discussed irl that just using a #[cfg(test)] flag should be enough, no?

Septias commented 1 month ago

I still think we should use the default relay because communication becomes impossible if no member in a group has a chatmail server. (no relay and direct addresses => no direct connection). For us, everyone uses chatmail, so we don't really care, but I don't know how the situation is in Cuba. If you are really concerned about security, you can make sure that you yourself are on a chatmail server or disable realtime completely. @hpk42 @r10s @adbenitez

hpk42 commented 1 month ago

On Mon, May 20, 2024 at 06:43 -0700, Sebastian Klähn wrote:

I still think we should use the default relay because communication becomes impossible if no member in a group has a chatmail server. (no relay and direct addresses => no direct connection). For us, everyone uses chatmail, so we don't really care, but I don't know how the situation is in Cuba. If you are really concerned about security, you can make sure that you yourself are on a chatmail server or disable realtime completely. @hpk42 @r10s @adbenitez

Default iroh relays might upgrade, and break the wire protocol, thus bricking previously working released DC app versions.

So if anything, we need an own fallback relay where we control the relay server version. Discussed yesterday with @link2xt that "ir.testrun.org" might be such a central relay, configured as fallback if no chatmail-one is available. It could run on "b1" for now, or be created on a separate vm. As we are still experimental, it doesn't matter that much right now.