Hi George and others,
I've been looking at OTR message fragmentation for the last few days. I
believe I've got a pretty decent implementation for fragmenting outgoing
messages. I'm still working on the implementation on the Jitsi side, but
I have been able to successfully establish a connection and authenticate
over IRC (which is originally limited to around 500 chars which was not
enough to even establish a connection in the first place) against a
pidgin client. That's not done yet, though, because the current
InstantMessageTransform implementation assumes only 1 message/event, so
I'm still fiddling around with the options there. (I've been cheating a
bit up to now.)
I would like it if you can take a look at the implementation in OTR4J
and give some feedback on the modifications I've made.
You can find it here: https://github.com/cobratbq/otr4j/tree/fragmenter
There are a few questions I still have:
1. It currently breaks the original public interface because it now
returns multiple encrypted message contents. How do you feel about that?
Any preferred alternatives?
2. I've added a method to the OtrEngineHost interface for querying about
fragmentation instructions. (I'm thinking of making this call
Just-In-Time such that we can adjust best as possible to the current
state and requirements of the transport channel.)
3. Do you have a good overview of the places where potentially a plain
text message is sent?
The current implementation always fragments and I've seen one or two
cases a plain text message announcing OTR was sent segmented. I'm not
sure if that's according to the specification.
4. I currently distinguish between 2 fragmentation instructions: 1.
Number of messages allowed to send, 2. Array with maximum message
fragment sizes (1 size per fragment, last size will be used for all
remaining message fragments)
5. It's implemented with a bunch of tests which includes some tests that
use the example messages from the OTR v2 and v3 specs.
Also, if you have any thoughts on how to implement this in Jitsi, then
I'm quite interested to know. The current IMT implementation seems to
depend on the MessageDeliveredEvent being returned and I'm quite
hesistant to "just convert everything to arrays". But, similarly I'm not
convinced that just injecting every fragment is the way to go ...
Let me know what you think!