RocketChat · sampaiodiego · Jun 30, 2021 · Jun 24, 2021 · Jun 24, 2021 · Jun 24, 2021
diff --git a/app/lib/server/startup/settings.js b/app/lib/server/startup/settings.js
@@ -995,6 +995,10 @@ settings.addGroup('General', function() {
 		],
 		public: true,
 	});
+	this.add('ECDH_Enabled', false, {
+		type: 'boolean',
+		alert: 'This_feature_is_currently_in_alpha',
+	});
 	this.section('UTF8', function() {
 		this.add('UTF8_Names_Validation', '[0-9a-zA-Z-_.]+', {
 			type: 'string',

diff --git a/app/ui-master/server/scripts.ts b/app/ui-master/server/scripts.ts
@@ -7,7 +7,7 @@ const getContent = (): string => `
 ${ process.env.DISABLE_ANIMATION ? 'window.DISABLE_ANIMATION = true;\n' : '' }
 
 ${ settings.get('API_Use_REST_For_DDP_Calls') ? 'window.USE_REST_FOR_DDP_CALLS = true;\n' : '' }
-
+${ settings.get('ECDH_Enabled') ? 'window.ECDH_Enabled = true;\n' : '' }
 // Custom_Script_Logged_Out
 window.addEventListener('Custom_Script_Logged_Out', function() {
 	${ settings.get('Custom_Script_Logged_Out') }
@@ -37,7 +37,7 @@ window.addEventListener('load', function() {
 });
 ` : '' }`;
 
-settings.get(/(API_Use_REST_For_DDP_Calls|Custom_Script_Logged_Out|Custom_Script_Logged_In|Custom_Script_On_Logout|Accounts_ForgetUserSessionOnWindowClose)/, debounce(() => {
+settings.get(/(API_Use_REST_For_DDP_Calls|Custom_Script_Logged_Out|Custom_Script_Logged_In|Custom_Script_On_Logout|Accounts_ForgetUserSessionOnWindowClose|ECDH_Enabled)/, debounce(() => {
 	const content = getContent();
 	addScript('scripts', content);
 }, 1000));
diff --git a/client/types/global.d.ts b/client/types/global.d.ts
@@ -12,4 +12,6 @@ interface Window {
 	lastMessageWindow?: Record<string, unknown>;
 	lastMessageWindowHistory?: Record<string, unknown>;
 	favico?: any;
+	USE_REST_FOR_DDP_CALLS?: boolean;
+	ECDH_Enabled?: boolean;
 }
diff --git a/client/types/meteor.d.ts b/client/types/meteor.d.ts
@@ -28,7 +28,7 @@ declare module 'meteor/meteor' {
 					send: (data: string) => void;
 				};
 				_launchConnectionAsync: () => void;
-				allowConnection: (allow: boolean) => void;
+				allowConnection: () => void;
 			};
 
 			onMessage(message: string): void;

diff --git a/client/types/window.d.ts b/client/types/window.d.ts
diff --git a/ee/client/ecdh.ts b/ee/client/ecdh.ts
@@ -1,15 +1,15 @@
 import { Meteor } from 'meteor/meteor';
 
 import { APIClient } from '../../app/utils/client';
-import { ClientSession } from '../app/ecdh/client/ClientSession';
+import type { ClientSession } from '../app/ecdh/client/ClientSession';
 
 let resolveSession: (value: ClientSession | void) => void;
 const sessionPromise = new Promise<ClientSession | void>((resolve) => {
 	resolveSession = resolve;
 });
 
 function init(session: ClientSession): void {
-	Meteor.connection._stream.allowConnection(true);
+	Meteor.connection._stream.allowConnection();
 
 	const _didMessage = Meteor.connection._stream.socket._didMessage.bind(
 		Meteor.connection._stream.socket,
@@ -27,6 +27,11 @@ function init(session: ClientSession): void {
 }
 
 async function initEncryptedSession(): Promise<void> {
+	if (!window.ECDH_Enabled) {
+		Meteor.connection._stream.allowConnection();
+		return resolveSession();
+	}
+	const { ClientSession } = await import('../app/ecdh/client/ClientSession');
 	const session = new ClientSession();
 	const clientPublicKey = await session.init();
 
@@ -41,14 +46,14 @@ async function initEncryptedSession(): Promise<void> {
 
 		if (response.status !== 200) {
 			resolveSession();
-			return Meteor.connection._stream.allowConnection(true);
+			return Meteor.connection._stream.allowConnection();
 		}
 
 		const data = await response.json();
 
 		if (data.success === false) {
 			resolveSession();
-			return Meteor.connection._stream.allowConnection(true);
+			return Meteor.connection._stream.allowConnection();
 		}
 
 		await session.setServerKey(data.publicKeyString);
@@ -57,7 +62,7 @@ async function initEncryptedSession(): Promise<void> {
 	} catch (e) {
 		console.log(e);
 		resolveSession();
-		Meteor.connection._stream.allowConnection(true);
+		Meteor.connection._stream.allowConnection();
 	}
 }
 

diff --git a/packages/rocketchat-ddp/client/index.js b/packages/rocketchat-ddp/client/index.js
@@ -1,15 +1,10 @@
 import { ClientStream } from 'meteor/socket-stream-client';
 
-ClientStream.prototype.connectionAllowed = false;
-ClientStream.prototype.allowConnection = function(allow = true) {
-	this.connectionAllowed = allow;
-	this._launchConnection();
+const { _launchConnection } = ClientStream.prototype;
+ClientStream.prototype.allowConnection = function() {
+	_launchConnection.call(this);
+	ClientStream.prototype._launchConnection = _launchConnection;
 };
 
-ClientStream.prototype._launchConnectionAsync = ClientStream.prototype._launchConnection;
 ClientStream.prototype._launchConnection = function() {
-	if (!this.connectionAllowed) {
-		return;
-	}
-	this._launchConnectionAsync();
 };
diff --git a/packages/rocketchat-i18n/i18n/en.i18n.json b/packages/rocketchat-i18n/i18n/en.i18n.json
@@ -1473,6 +1473,7 @@
   "E2E_Reset_Email_Content": "You've been automatically logged out. When you login again, Rocket.Chat will generate a new key and restore your access to any encrypted room that has one or more members online. Due to the nature of the E2E encryption, Rocket.Chat will not be able to restore access to any encrypted room that has no member online.",
   "E2E_Reset_Key_Explanation": "This option will remove your current E2E key and log you out. <BR/>When you login again, Rocket.Chat will generate you a new key and restore your access to any encrypted room that has one or more members online.<BR/>Due to the nature of the E2E encryption, Rocket.Chat will not be able to restore access to any encrypted room that has no member online.",
   "E2E_Reset_Other_Key_Warning": "Reset the current E2E key will log out the user. When the user login again, Rocket.Chat will generate a new key and restore the user access to any encrypted room that has one or more members online. Due to the nature of the E2E encryption, Rocket.Chat will not be able to restore access to any encrypted room that has no member online.",
+  "ECDH_Enabled": "Enable second layer encryption for data transport",
   "Edit": "Edit",
   "Edit_Business_Hour": "Edit Business Hour",
   "Edit_Canned_Responses": "Edit Canned Responses",
@@ -4038,6 +4039,7 @@
   "This_cant_be_undone": "This can't be undone.",
   "This_conversation_is_already_closed": "This conversation is already closed.",
   "This_email_has_already_been_used_and_has_not_been_verified__Please_change_your_password": "This email has already been used and has not been verified. Please change your password.",
+  "This_feature_is_currently_in_alpha": "This feature is currently in alpha!",
   "This_is_a_desktop_notification": "This is a desktop notification",
   "This_is_a_push_test_messsage": "This is a push test message",
   "This_message_was_rejected_by__peer__peer": "This message was rejected by <em>__peer__</em> peer.",