Signal-Desktop no longer works with Windows roaming profiles #7038
Comments
|
Sorry about this -- it seems like the app doesn't work as a result. In some situations safeStorage and DPAPI do not work well. We're considering how to address it. |
|
Yes, it's a difficult issue to solve properly, particularly with the limited encryption options in Electron. I would be perfectly happy with a switch or env flag that allowed users with more complicated environments to revert back to the plain-text key storage, even if it's just until the "real" solution is decided on. It's pretty painful as-is. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Using a supported version?
Overall summary
Like others have reported, my users are running into frequent safeStorage.decryptString errors, resulting in the conversation databases being wiped out frequently.
After reading a little on the changes that were made to encrypt the DB key, and making some huge assumptions, it looks like the use of DPAPI on Windows platforms pulls in some machine as well as user account inputs. In a virtualized environment with roaming profiles, whenever a user gets on new Windows instance, the key will fail to decrypt, and we get the familiar "Database Error" scenario.
It looks like a difficult fix, since you're leveraging the limited encryption options in Electron. I would be more than happy if the problem could be resolved by implementing the option to fall back to a clear-text key on Windows, as it already exists on Linux (--password-store="basic"). I was fine with the security we offered when it was clear-text before, and if you hide it behind a command line or env switch, only people who know the risks will make use of it.
Steps to reproduce
Expected result
Actual result
On MachineB, we get the DB error. Full debug log below, but here's the salient part:
WARN 2024-10-04T07:41:28.413Z MainSQL: Database log code=283: recovered 31 frames from WAL file [REDACTED]\sql\db.sqlite-wal
WARN 2024-10-04T07:41:28.652Z MainSQL: Database log code=26: file is not a database in "PRAGMA journal_mode = WAL"
INFO 2024-10-04T07:41:28.679Z MainSQL: migrateDatabase: Migration without cipher change failed
WARN 2024-10-04T07:41:28.763Z MainSQL: Database log code=26: statement aborts at 2: [PRAGMA user_version] file is not a database
ERROR 2024-10-04T07:41:28.764Z MainSQL: Database startup error: SqliteError: file is not a database
at Database.pragma ([REDACTED]\node_modules@signalapp\better-sqlite3\lib\methods\pragma.js:11:31)
at getUserVersion ([REDACTED]\ts\sql\util.js:132:13)
at migrateSchemaVersion ([REDACTED]\ts\sql\Server.js:406:54)
at openAndMigrateDatabase ([REDACTED]\ts\sql\Server.js:438:5)
at openAndSetUpSQLCipher ([REDACTED]\ts\sql\Server.js:460:14)
at initialize ([REDACTED]\ts\sql\Server.js:507:10)
at MessagePort. ([REDACTED]\ts\sql\mainWorker.js:69:41)
at [nodejs.internal.kHybridDispatch] (node:internal/event_target:820:20)
at MessagePort. (node:internal/per_context/messageport:23:28)
ERROR 2024-10-04T07:41:28.765Z Failed to get zoom factor {"name":"SqliteError"}
Screenshots
Signal version
7.27.0
Operating system
Windows 10 Enterprise For Virtual Desktops
Version of Signal on your phone
7.29 (341)
Link to debug log
========= System info =========
App version: 7.27.0
Environment: production
Node version: 20.17.0
OS version: Windows 10 Enterprise for Virtual Desktops
Time: 1728056524656
User agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Signal/7.27.0 Chrome/128.0.6613.162 Electron/32.1.2 Safari/537.36
========= User info =========
conversationId: [REDACTED]7bf
deviceId: 4
pni: PNI:[REDACTED]aeb
uuid: [REDACTED]8a5
========= Capabilities =========
deleteSync: true
paymentActivation: true
versionedExpirationTimer: true
========= Remote config =========
cds.disableCompatibilityMode: enabled
cds.foregroundSyncInterval.seconds: enabled 14400
cds.syncInterval.seconds: enabled 86400
desktop.calling.adhoc: disabled
desktop.calling.adhoc.create: disabled FALSE
desktop.calling.raiseHand: enabled
desktop.cdsiViaLibsignal: disabled FALSE
desktop.deleteSync.receive: enabled
desktop.deleteSync.send: enabled
desktop.experimentalTransport.enableAuth: disabled FALSE
desktop.experimentalTransportEnabled.alpha: disabled FALSE
desktop.experimentalTransportEnabled.beta: disabled FALSE
desktop.experimentalTransportEnabled.prod: disabled FALSE
desktop.internalUser: disabled
desktop.mediaQuality.levels: enabled 1:2,61:2,81:2,82:2,65:2,31:2,47:2,41:2,32:2,385:2,971:2,974:2,49:2,33:2,*:1
desktop.messageCleanup: disabled
desktop.retryRespondMaxAge: enabled 2592000000
desktop.senderKey.retry: enabled
desktop.senderKeyMaxAge: enabled 1209600000
global.attachments.maxBytes: enabled 104857600
global.backupCredentials.checkIntervalMs: enabled 1296000000
global.calling.maxGroupCallRingSize: enabled 16
global.cds.return_acis_without_uaks: enabled true
global.donations.apayDisabledRegions: enabled 98,963,53,850,7 978,7 365,7 869,7 941,7,375,1 242,1 246,1 264,1 268,1 284,1 340,1 345,1 441,1 473,1 649,1 664,1 670,1 671,1 684,1 721,1 758,1 767,1 784,1 787,1 939,1 809,1 829,1 849,1 868,1 869,1 876,20,211,213,216,218,220,221,222,223,224,225,226,227,228,229,230,231,232,233,234,235,236,237,238,239,240,241,242,243,244,245,246,248,249,250,251,252,253,254,255,256,257,258,260,261,263,264,265,266,267,268,269,290,291,297,350,355,376,383,387,389,500,501,502,503,504,505,507,508,509,53,56,58,591,592,593,594,595,596,597,598,62,63,66,670,672,673,674,675,676,677,678,679,680,681,682,683,685,686,687,688,689,690,691,692,82,84,850,855,856,880,90,91,92,93,94,95,960,961,962,963,964,965,967,968,975,976,977,98,992,993,996,998
global.donations.ccDisabledRegions: enabled 98,963,53,850,7 978,7 365,7 869,7 941,7,375
global.donations.gpayDisabledRegions: enabled 98,963,53,850,7 978,7 365,7 869,7 941,7,375,1 242,1 246,1 264,1 284,1 340,1 345,1 441,1 473,1 649,1 664,1 670,1 671,1 721,1 758,1 767,1 784,1 787,1 939,1 868,1 869,1 876,211,216,218,220,221,222,223,224,225,226,227,228,229,230,231,232,233,234,235,236,237,238,239,240,241,242,243,245,246,248,249,250,251,252,253,255,256,257,258,260,261,263,264,265,266,267,268,269,290,291,297,298,299,350,354,356,357,373,374,376,377,378,379,381,382,383,386,387,389,423,44 1481,44 1534,44 1624,500,501,502,503,504,505,506,508,509,53,58,591,592,593,594,595,596,597,670,672,673,674,675,676,677,678,679,680,681,682,683,685,686,687,688,689,690,691,692,82,850,853,855,856,86,880,91,93,95,960,963,964,967,970,975,976,977,98,992,993,995,996,998
global.donations.idealEnabledRegions: enabled 31
global.donations.paypalDisabledRegions: enabled 98,963,53,850,7 978,7 365,7 869,7 941,7,375,1 340,1 670,1 671,1 684,1 721,1 787,1 939,211,218,231,233,236,240,246,249,350,383,509,53,670,672,690,850,853,880,90,92,93,95,961,963,964,970,98,998
global.donations.sepaEnabledRegions: enabled 30,32,33,34,36,39,351,352,353,354,356,357,358,359,370,371,372,376,377,378,379,385,386,40,41,43,44,45,46,47,48,49,420,421,423
global.groupsv2.groupSizeHardLimit: enabled 1001
global.groupsv2.maxGroupSize: enabled 151
global.payments.disabledRegions: enabled 98,963,53,850,7 978,7 365,7 869,7 941
========= Statistics =========
conversationCount: at least 100
messageCount: at least 10
senderKeyCount: 0
sessionCount: at least 1
signalConnectionCount: at least 10
========= Logs =========
INFO 2024-10-04T07:41:26.956Z got fast localeOverride setting null
INFO 2024-10-04T07:41:26.957Z app.ready: hour cycle preference: UnknownPreference
INFO 2024-10-04T07:41:26.957Z app.ready: preferred system locales: en-US
INFO 2024-10-04T07:41:26.962Z locale: Supported locales: af-ZA, ar, az-AZ, bg-BG, bn-BD, bs-BA, ca, cs, da, de, el, en, es, et-EE, eu, fa-IR, fi, fr, ga-IE, gl-ES, gu-IN, he, hi-IN, hr-HR, hu, id, it, ja, ka-GE, kk-KZ, km-KH, kn-IN, ko, ky-KG, lt-LT, lv-LV, mk-MK, ml-IN, mr-IN, ms, my, nb, nl, pa-IN, pl, pt-BR, pt-PT, ro-RO, ru, sk-SK, sl-SI, sq-AL, sr, sv, sw, ta-IN, te-IN, th, tl-PH, tr, ug, uk-UA, ur, vi, yue, zh-CN, zh-HK, zh-Hant
INFO 2024-10-04T07:41:26.966Z locale: Preferred locales: en-US
INFO 2024-10-04T07:41:26.966Z locale: Locale Override: null
INFO 2024-10-04T07:41:26.968Z locale: Matched locale: en
WARN 2024-10-04T07:41:27.321Z intl.onWarn [@formatjs/intl] "defaultRichTextElements" was specified but "message" was not pre-compiled.
Please consider using "@formatjs/cli" to pre-compile your messages for performance.
For more details see https://formatjs.io/docs/getting-started/message-distribution
INFO 2024-10-04T07:41:27.322Z locale: Text info direction for en: ltr
INFO 2024-10-04T07:41:27.322Z getSQLKey: decrypting key
INFO 2024-10-04T07:41:27.323Z getSystemTraySetting saw --start-in-tray flag. Returning MinimizeToAndStartInSystemTray
INFO 2024-10-04T07:41:27.324Z app ready
INFO 2024-10-04T07:41:27.324Z starting version 7.26.0
INFO 2024-10-04T07:41:27.345Z media access status granted granted
INFO 2024-10-04T07:41:27.347Z got fast theme-setting value system
INFO 2024-10-04T07:41:27.360Z got fast theme-setting value system
INFO 2024-10-04T07:41:27.360Z got fast spellcheck setting true
INFO 2024-10-04T07:41:27.360Z visibleOnAnyScreen(window): x=343, y=118, width=800, height=610
INFO 2024-10-04T07:41:27.361Z visibleOnAnyScreen(display #3889307080): x=0, y=0, width=3432, height=1242
INFO 2024-10-04T07:41:27.361Z Initializing BrowserWindow config: {"show":false,"width":800,"height":610,"minWidth":300,"minHeight":200,"autoHideMenuBar":false,"titleBarStyle":"default","backgroundColor":"#3a76f0","webPreferences":{"devTools":false,"spellcheck":true,"enableBlinkFeatures":"CSSPseudoDir,CSSLogical","enablePreferredSizeMode":true,"nodeIntegration":false,"nodeIntegrationInWorker":false,"sandbox":false,"contextIsolation":true,"preload":"[REDACTED]\preload.wrapper.js","backgroundThrottling":true,"disableBlinkFeatures":"Accelerated2dCanvas,AcceleratedSmallCanvases"},"icon":"[REDACTED]\build\icons\win\icon.ico","x":343,"y":118}
INFO 2024-10-04T07:41:27.478Z spellcheck: user locales: ["en-US"]
INFO 2024-10-04T07:41:27.478Z spellcheck: available spellchecker languages: ["af","bg","ca","cs","cy","da","de","de-DE","el","en","en-AU","en-CA","en-GB","en-GB-oxendict","en-US","es","es-419","es-AR","es-ES","es-MX","es-US","et","fa","fo","fr","fr-FR","he","hi","hr","hu","hy","id","it","it-IT","ko","lt","lv","nb","nl","pl","pt","pt-BR","pt-PT","ro","ru","sh","sk","sl","sq","sr","sv","ta","tg","tr","uk","vi"]
INFO 2024-10-04T07:41:27.478Z spellcheck: setting languages to: ["en-US"]
WARN 2024-10-04T07:41:28.413Z MainSQL: Database log code=283: recovered 31 frames from WAL file [REDACTED]\sql\db.sqlite-wal
WARN 2024-10-04T07:41:28.652Z MainSQL: Database log code=26: file is not a database in "PRAGMA journal_mode = WAL"
INFO 2024-10-04T07:41:28.679Z MainSQL: migrateDatabase: Migration without cipher change failed
WARN 2024-10-04T07:41:28.763Z MainSQL: Database log code=26: statement aborts at 2: [PRAGMA user_version] file is not a database
ERROR 2024-10-04T07:41:28.764Z MainSQL: Database startup error: SqliteError: file is not a database
at Database.pragma ([REDACTED]\node_modules@signalapp\better-sqlite3\lib\methods\pragma.js:11:31)
at getUserVersion ([REDACTED]\ts\sql\util.js:132:13)
at migrateSchemaVersion ([REDACTED]\ts\sql\Server.js:406:54)
at openAndMigrateDatabase ([REDACTED]\ts\sql\Server.js:438:5)
at openAndSetUpSQLCipher ([REDACTED]\ts\sql\Server.js:460:14)
at initialize ([REDACTED]\ts\sql\Server.js:507:10)
at MessagePort. ([REDACTED]\ts\sql\mainWorker.js:69:41)
at [nodejs.internal.kHybridDispatch] (node:internal/event_target:820:20)
at MessagePort. (node:internal/per_context/messageport:23:28)
ERROR 2024-10-04T07:41:28.765Z Failed to get zoom factor {"name":"SqliteError"}
INFO 2024-10-04T07:41:29.335Z got fast theme-setting value system
INFO 2024-10-04T07:41:30.339Z Profile Service initialized
INFO 2024-10-04T07:41:30.562Z x-attr dependency did not load successfully
INFO 2024-10-04T07:41:30.780Z libsignal net environment resolved to [Production]
INFO 2024-10-04T07:41:30.799Z preload complete
The text was updated successfully, but these errors were encountered: