[#404] sc: refresh prekeys when they fall below 10

closes #404 (closed)

context

• we want to replenish our stash of prekeys on the signal server when they are running low, so that when new "contacts" (eg: subscribers) try fetch prekeys to initiate sessions with our channel accounts, we have some on the signal server for them to fetch
• we would like to check whether our prekeys have been depleted in a "just in time" manner, and receiving a PREKEY_BUNDLE provides just such a hook, since we receive such a bundle whenever another account wants to initiate a new session with us, and thus will be depleting our prekey reserbes by one
• in this MR, we add code to distinguish between prekey and ciphertext messages and use the former as a hook to check whether to replenish our prekeys, then replenish them if needed

changes

• add AccountManager#replenishPreKeysIfDepleted

  • check to see if prekeys below min threshold, if so, replenish our prekey reserves
  • "replenishment" is accomplished by calling #publishPrekeys, which we modify to:
    • use correct (app-wide) dispatchers
    • always return unit (since VerifiedAccount is not semantically meaningful in either context)

• perform the above check whenever we receive a prekey bundle from signal

  • in SignalReceiver#dispatch, check if we just received a PREKEY_BUNDLE (indicating a new session)
  • if so:
    • call AccountManager#refreshPreKeysIfDepleted in a background job
    • increment a counter (so we can monitor if we need to throttle the background job)

bump libsignal

• bump libisgnal to versions created in these MRS:
  • track upstream libsignal changes (bumping turasa version) version: https://0xacab.org/team-friendo/libsignal-service-java-murmur/-/merge_requests/2
  • add metrics (bumping murmur version): https://0xacab.org/team-friendo/libsignal-service-java-murmur/-/merge_requests/4
• make following modifications to obey new contracts:
  • implement a reentrant lock on all protocol store functions and pass it as an arg to ciphers
  • implement a new SenderKeyStore as part of the protocol store
• modify docker image to accomodate changed glibc deps in libsignal-client rust package
  • new libsignal required a version of glibc (2.29) not supported by underlying debian:buster image in our openjdk
  • so: we use ubuntu:20.04 which has glibc v 2.31 and install openjdk via apt

refactors

• extract sub-stores of the SignalServiceProtocolStore into delegate classes
• get rid of excess calls to #decrypt in SignalReceiver#drop (they do nothing and are somewhat costly)
• extract SignalReceiver#handleSubscribeErrors to cleanup SignalReceiver#subscribe

qa notes

QA was notably tricky for this card. See notes below for details or if desiring to recreate for future debugging:

!578 (comment 329987)