Refactoring for safer olm and megolm session usage

[BillCarsonFr]

Rework following investigations on strange rolling UISIs errors.
Logs contained a lot of BAD_MAC errors on both olm and megolm.

Olm bad macs can pretty much be anything, like using wrong/desync session or concurrency, or just false positive logs when iterating other known sessions (though proliferation of session might be suspicious)

Megolm could be more probably concurrent decryption, as well as desync with cache/store, as the current code was not very safe.

• The code has been refactored to create spefic classes to handle cache of sessions, and move this responsability out of the realm crypto store. Access are guarded by synchronized directive.
• Concurrent decryption attempt are guarded with mutex (per olm/megolm session)
• Access to olm account has been protected against concurrent access.
• Refactor the addInboundroupSession logic (there was some crash report of NPE there) and code could cause cache beeing out of sync
• Better logging
• EDIT Cleaner unwedging with better logs. Unwedging done at the end of the sync now, some synchronisation added.

Added a new E2E sanity test that the following is working:

• Proper key sharing to a set of user in e2e room
• Proper key backup restore from a new session
• Proper key forwarding
• Accept and replace existing session with a better forwarded one

EDIT Resurrected unwedging test

[github-actions]

Unit Test Results

  96 files  +  4    96 suites  +4   1m 15s ⏱️ -5s
172 tests +10  172 ✔️ +10  0 💤 ±0  0 ❌ ±0 
564 runs  +40  564 ✔️ +40  0 💤 ±0  0 ❌ ±0 

Results for commit 96b5174. ± Comparison against base commit bcdf004.

This pull request removes 2 and adds 12 tests. Note that renamed tests count towards both.

im.vector.app.features.onboarding.OnboardingViewModelTest ‑ given failure when handling display name updates action then emits failure event
im.vector.app.features.onboarding.OnboardingViewModelTest ‑ when handling display name updates action then updates user display name and emits name updated event

im.vector.app.features.onboarding.OnboardingViewModelTest ‑ given a selected picture when handling save selected profile picture then updates upstream avatar and completes personalization
im.vector.app.features.onboarding.OnboardingViewModelTest ‑ given no selected picture when saving selected profile picture then emits failure event
im.vector.app.features.onboarding.OnboardingViewModelTest ‑ given upstream failure when handling display name update then emits failure event
im.vector.app.features.onboarding.OnboardingViewModelTest ‑ given upstream update avatar fails when saving selected profile picture then emits failure event
im.vector.app.features.onboarding.OnboardingViewModelTest ‑ when handling display name update then updates upstream user display name
im.vector.app.features.onboarding.OnboardingViewModelTest ‑ when handling profile picture selected then updates selected picture state
im.vector.app.features.onboarding.OnboardingViewModelTest ‑ when handling profile picture skipped then completes personalization
im.vector.app.features.onboarding.UriFilenameResolverTest ‑ given a non content schema Uri when querying file name then returns last segment
im.vector.app.features.onboarding.UriFilenameResolverTest ‑ given a non hierarchical Uri when querying file name then is null
im.vector.app.features.onboarding.UriFilenameResolverTest ‑ given content schema Uri with backing content when querying file name then returns display name column
…

♻️ This comment has been updated with latest results.

[bmarty]

That's amazing work. I am not sure I understand all the code related to the crypto part. I am glad that we have some unit test. And you added lots of unit test which is also very nice. Thanks!
I would be more confident if we can have a review from someone in the crypto team. WDYT? @poljar maybe?

[poljar]

Left some small nits, logic wise nothing seems to be wrong.

[poljar]

Is there a point of this being a separate method? Why not inline it into getDeviceSessionIds?

[BillCarsonFr]

mmm, initialy it was called also in another method (that was already synchronized), so I created this. But looks like there is no point now

[BillCarsonFr]

Done

[poljar]

Again, olm sessions are between devices.

[BillCarsonFr]

fixed (and some more in crypto store interface)

[michaelkaye]

I've recently commented out some flaky integration tests that are in this area: #5449 - they seemed to be some sort of issue between two things opening a realm db at the same time. Do you think these concurrent access changes you mention might have helped there - is it worth un-ignoring those tests?

Also, it might be good to run the nightly integration tests against a PR like this that introduces more integration tests - otherwise we won't compile and run them until the night after merge.

You can do that in Actions -> "Nightly build" (in left sidebar) -> then in the blue bar, select this branch to run the workflow against.

It doesn't run them automatically any more as it takes a good long time and we don't want to slow down the PR merge time too much.

[michaelkaye]

I found myself doing this in response to slow integration tests in #5459 - do you have any more information on why 60s is better?

(we changed 30s -> 60s here, but the github is not showing me both sides of the diff atm)

[BillCarsonFr]

When doing test with several sessions everything is getting a lot slower (like E2E sanity test), each session is slower to sync, etc...
Everytime we test something with await/waitWithLatch it's using that as default timeout, and test are then failing when waiting from something coming back from the sync.
It also happens when running all tests, I wonder if we don't clean properly between test?
Previously I used the ANDROIDX_TEST_ORCHESTRATOR option to ensure that all test start with a clear state, but looks like it's not working anymore.

[michaelkaye]

We definitely don't clean up the server between tests in a single junit run, but will clean up between CI builds generally (and if you just run a demo server locally, then that won't be cleaned up unless you explicitly do so)

[bmarty]

Let's merge this PR, 1.4.4 has been released.