enable sealed sender
This commit is contained in:
parent
3f43a05df6
commit
def2221de8
2
Pods
2
Pods
|
@ -1 +1 @@
|
|||
Subproject commit 8a4786d9254efa9cba361afc603b60f30157d0a6
|
||||
Subproject commit aae090da2d6be24031417c0475baeced446cbb34
|
|
@ -10,11 +10,12 @@ public final class SignalMessage : NSObject {
|
|||
@objc(ttl)
|
||||
public let objc_ttl: UInt64
|
||||
@objc public let isPing: Bool
|
||||
@objc public let isFriendRequest: Bool
|
||||
|
||||
public var ttl: UInt64? { return objc_ttl != 0 ? objc_ttl : nil }
|
||||
|
||||
@objc public init(type: SSKProtoEnvelope.SSKProtoEnvelopeType, timestamp: UInt64, senderID: String, senderDeviceID: UInt32,
|
||||
content: String, recipientID: String, ttl: UInt64, isPing: Bool) {
|
||||
content: String, recipientID: String, ttl: UInt64, isPing: Bool, isFriendRequest: Bool) {
|
||||
self.type = type
|
||||
self.timestamp = timestamp
|
||||
self.senderID = senderID
|
||||
|
@ -23,6 +24,7 @@ public final class SignalMessage : NSObject {
|
|||
self.recipientID = recipientID
|
||||
self.objc_ttl = ttl
|
||||
self.isPing = isPing
|
||||
self.isFriendRequest = isFriendRequest
|
||||
super.init()
|
||||
}
|
||||
}
|
||||
|
|
|
@ -480,16 +480,7 @@ NSError *EnsureDecryptError(NSError *_Nullable error, NSString *fallbackErrorDes
|
|||
return failureBlock(error);
|
||||
}
|
||||
|
||||
if (!envelope.hasServerTimestamp) {
|
||||
NSString *errorDescription = @"UD Envelope is missing server timestamp.";
|
||||
// TODO: We're seeing incoming UD envelopes without a server timestamp on staging.
|
||||
// Until this is fixed, disabling this assert.
|
||||
// OWSFailDebug(@"%@", errorDescription);
|
||||
OWSLogError(@"%@", errorDescription);
|
||||
NSError *error = OWSErrorWithCodeDescription(OWSErrorCodeFailedToDecryptUDMessage, errorDescription);
|
||||
return failureBlock(error);
|
||||
}
|
||||
UInt64 serverTimestamp = envelope.serverTimestamp;
|
||||
UInt64 serverTimestamp = envelope.timestamp;
|
||||
|
||||
id<SMKCertificateValidator> certificateValidator =
|
||||
[[SMKCertificateDefaultValidator alloc] initWithTrustRoot:self.udManager.trustRoot];
|
||||
|
@ -599,7 +590,7 @@ NSError *EnsureDecryptError(NSError *_Nullable error, NSString *fallbackErrorDes
|
|||
}
|
||||
|
||||
NSString *source = decryptResult.senderRecipientId;
|
||||
if (source.length < 1 || !source.isValidE164) {
|
||||
if (source.length < 1) {
|
||||
NSString *errorDescription = @"Invalid UD sender.";
|
||||
OWSFailDebug(@"%@", errorDescription);
|
||||
NSError *error = OWSErrorWithCodeDescription(OWSErrorCodeFailedToDecryptUDMessage, errorDescription);
|
||||
|
@ -618,6 +609,10 @@ NSError *EnsureDecryptError(NSError *_Nullable error, NSString *fallbackErrorDes
|
|||
SSKProtoEnvelopeBuilder *envelopeBuilder = [envelope asBuilder];
|
||||
[envelopeBuilder setSource:source];
|
||||
[envelopeBuilder setSourceDevice:(uint32_t)sourceDeviceId];
|
||||
if (decryptResult.messageType == SMKMessageTypeLokiFriendRequest) {
|
||||
[envelopeBuilder setType:SSKProtoEnvelopeTypeFriendRequest];
|
||||
OWSLogInfo(@"SMKMessageTypeLokiFriendRequest");
|
||||
}
|
||||
NSError *envelopeBuilderError;
|
||||
NSData *_Nullable newEnvelopeData = [envelopeBuilder buildSerializedDataAndReturnError:&envelopeBuilderError];
|
||||
if (envelopeBuilderError || !newEnvelopeData) {
|
||||
|
|
|
@ -263,13 +263,15 @@ NS_ASSUME_NONNULL_BEGIN
|
|||
|
||||
OWSLogInfo(@"handling decrypted envelope: %@", [self descriptionForEnvelope:envelope]);
|
||||
|
||||
if (!envelope.hasSource || envelope.source.length < 1) {
|
||||
OWSFailDebug(@"incoming envelope has invalid source");
|
||||
return;
|
||||
}
|
||||
if (!envelope.hasSourceDevice || envelope.sourceDevice < 1) {
|
||||
OWSFailDebug(@"incoming envelope has invalid source device");
|
||||
return;
|
||||
if (!wasReceivedByUD) {
|
||||
if (!envelope.hasSource || envelope.source.length < 1) {
|
||||
OWSFailDebug(@"incoming envelope has invalid source");
|
||||
return;
|
||||
}
|
||||
if (!envelope.hasSourceDevice || envelope.sourceDevice < 1) {
|
||||
OWSFailDebug(@"incoming envelope has invalid source device");
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
OWSAssertDebug(![self isEnvelopeSenderBlocked:envelope]);
|
||||
|
@ -453,7 +455,7 @@ NS_ASSUME_NONNULL_BEGIN
|
|||
TSContactThread *thread = [TSContactThread getThreadWithContactId:envelope.source transaction:transaction];
|
||||
if (thread && thread.isContactFriend) {
|
||||
[self resetSessionWithContact:envelope.source transaction:transaction];
|
||||
// Let our other devices know that we have reset the session
|
||||
// Let our o ther devices know that we have reset the session
|
||||
[SSKEnvironment.shared.syncManager syncContact:envelope.source transaction:transaction];
|
||||
}
|
||||
}
|
||||
|
|
|
@ -959,7 +959,7 @@ NSString *const OWSMessageSenderRateLimitedException = @"RateLimitedException";
|
|||
NSString *contactID = messageSend.recipient.recipientId;
|
||||
BOOL isGroupMessage = messageSend.thread.isGroupThread;
|
||||
BOOL isDeviceLinkMessage = [message isKindOfClass:LKDeviceLinkMessage.class];
|
||||
if (isGroupMessage || isDeviceLinkMessage || messageSend.isUDSend) {
|
||||
if (isGroupMessage || isDeviceLinkMessage) {
|
||||
[self sendMessage:messageSend];
|
||||
} else {
|
||||
BOOL isSilentMessage = message.isSilent || [message isKindOfClass:LKEphemeralMessage.class] || [message isKindOfClass:OWSOutgoingSyncMessage.class];
|
||||
|
@ -1259,7 +1259,7 @@ NSString *const OWSMessageSenderRateLimitedException = @"RateLimitedException";
|
|||
[message saveGroupChatServerID:groupMessage.serverID in:transaction];
|
||||
[OWSPrimaryStorage.sharedManager setIDForMessageWithServerID:groupMessage.serverID to:message.uniqueId in:transaction];
|
||||
}];
|
||||
[self messageSendDidSucceed:messageSend deviceMessages:deviceMessages wasSentByUD:false wasSentByWebsocket:false];
|
||||
[self messageSendDidSucceed:messageSend deviceMessages:deviceMessages wasSentByUD:messageSend.isUDSend wasSentByWebsocket:false];
|
||||
})
|
||||
.catchOn(OWSDispatch.sendingQueue, ^(NSError *error) { // The snode is unreachable
|
||||
failedMessageSend(error);
|
||||
|
@ -1281,19 +1281,22 @@ NSString *const OWSMessageSenderRateLimitedException = @"RateLimitedException";
|
|||
NSDictionary *signalMessageInfo = deviceMessages.firstObject;
|
||||
SSKProtoEnvelopeType type = ((NSNumber *)signalMessageInfo[@"type"]).integerValue;
|
||||
uint64_t timestamp = message.timestamp;
|
||||
// NSString *senderID = type == SSKProtoEnvelopeTypeUnidentifiedSender ? @"" : userHexEncodedPublicKey;
|
||||
// uint32_t senderDeviceID = type == SSKProtoEnvelopeTypeUnidentifiedSender ? 0 : OWSDevicePrimaryDeviceId;
|
||||
NSString *senderID = userHexEncodedPublicKey;
|
||||
uint32_t senderDeviceID = OWSDevicePrimaryDeviceId;
|
||||
NSString *content = signalMessageInfo[@"content"];
|
||||
NSString *recipientID = signalMessageInfo[@"destination"];
|
||||
uint64_t ttl = ((NSNumber *)signalMessageInfo[@"ttl"]).unsignedIntegerValue;
|
||||
BOOL isPing = ((NSNumber *)signalMessageInfo[@"isPing"]).boolValue;
|
||||
LKSignalMessage *signalMessage = [[LKSignalMessage alloc] initWithType:type timestamp:timestamp senderID:senderID senderDeviceID:senderDeviceID content:content recipientID:recipientID ttl:ttl isPing:isPing];
|
||||
BOOL isFriendRequest = ((NSNumber *)signalMessageInfo[@"isFriendRequest"]).boolValue;
|
||||
LKSignalMessage *signalMessage = [[LKSignalMessage alloc] initWithType:type timestamp:timestamp senderID:senderID senderDeviceID:senderDeviceID content:content recipientID:recipientID ttl:ttl isPing:isPing isFriendRequest:isFriendRequest];
|
||||
if (!message.skipSave) {
|
||||
[self.dbConnection readWriteWithBlock:^(YapDatabaseReadWriteTransaction *transaction) {
|
||||
// Update the PoW calculation status
|
||||
[message saveIsCalculatingProofOfWork:YES withTransaction:transaction];
|
||||
// Update the message and thread if needed
|
||||
if (signalMessage.type == TSFriendRequestMessageType) {
|
||||
if (signalMessage.isFriendRequest) {
|
||||
[message.thread saveFriendRequestStatus:LKThreadFriendRequestStatusRequestSending withTransaction:transaction];
|
||||
[message saveFriendRequestStatus:LKMessageFriendRequestStatusSendingOrFailed withTransaction:transaction];
|
||||
}
|
||||
|
@ -1305,7 +1308,7 @@ NSString *const OWSMessageSenderRateLimitedException = @"RateLimitedException";
|
|||
if (!message.skipSave) {
|
||||
[self.dbConnection readWriteWithBlock:^(YapDatabaseReadWriteTransaction *transaction) {
|
||||
// Update the message and thread if needed
|
||||
if (signalMessage.type == TSFriendRequestMessageType) {
|
||||
if (signalMessage.isFriendRequest) {
|
||||
[message.thread saveFriendRequestStatus:LKThreadFriendRequestStatusNone withTransaction:transaction];
|
||||
[message saveFriendRequestStatus:LKMessageFriendRequestStatusSendingOrFailed withTransaction:transaction];
|
||||
}
|
||||
|
@ -1329,7 +1332,7 @@ NSString *const OWSMessageSenderRateLimitedException = @"RateLimitedException";
|
|||
if (isSuccess) { return; } // Succeed as soon as the first promise succeeds
|
||||
[NSNotificationCenter.defaultCenter postNotificationName:NSNotification.messageSent object:[[NSNumber alloc] initWithUnsignedLongLong:signalMessage.timestamp]];
|
||||
isSuccess = YES;
|
||||
if (signalMessage.type == TSFriendRequestMessageType) {
|
||||
if (signalMessage.isFriendRequest) {
|
||||
if (!message.skipSave) {
|
||||
[self.dbConnection readWriteWithBlock:^(YapDatabaseReadWriteTransaction *transaction) {
|
||||
// Update the thread
|
||||
|
@ -1347,7 +1350,7 @@ NSString *const OWSMessageSenderRateLimitedException = @"RateLimitedException";
|
|||
}
|
||||
}
|
||||
// Invoke the completion handler
|
||||
[self messageSendDidSucceed:messageSend deviceMessages:deviceMessages wasSentByUD:false wasSentByWebsocket:false];
|
||||
[self messageSendDidSucceed:messageSend deviceMessages:deviceMessages wasSentByUD:messageSend.isUDSend wasSentByWebsocket:false];
|
||||
})
|
||||
.catchOn(OWSDispatch.sendingQueue, ^(NSError *error) {
|
||||
errorCount += 1;
|
||||
|
@ -1919,7 +1922,8 @@ NSString *const OWSMessageSenderRateLimitedException = @"RateLimitedException";
|
|||
isOnline:false
|
||||
registrationId:0
|
||||
ttl:message.ttl
|
||||
isPing:false];
|
||||
isPing:false
|
||||
isFriendRequest:true];
|
||||
|
||||
NSError *error;
|
||||
NSDictionary *jsonDict = [MTLJSONAdapter JSONDictionaryFromModel:messageParams error:&error];
|
||||
|
@ -1948,12 +1952,12 @@ NSString *const OWSMessageSenderRateLimitedException = @"RateLimitedException";
|
|||
// Loki: Both for friend request messages and device link messages we use fallback encryption as we don't necessarily have a session yet
|
||||
BOOL isFriendRequest = [messageSend.message isKindOfClass:LKFriendRequestMessage.class];
|
||||
BOOL isDeviceLinkMessage = [messageSend.message isKindOfClass:LKDeviceLinkMessage.class];
|
||||
if (isFriendRequest || (isDeviceLinkMessage && ((LKDeviceLinkMessage *)messageSend.message).kind == LKDeviceLinkMessageKindRequest)) {
|
||||
if ((isDeviceLinkMessage && ((LKDeviceLinkMessage *)messageSend.message).kind == LKDeviceLinkMessageKindRequest)) {
|
||||
return [self throws_encryptedFriendRequestOrDeviceLinkMessageForMessageSend:messageSend deviceId:@(OWSDevicePrimaryDeviceId) plainText:plainText];
|
||||
}
|
||||
|
||||
// This may throw an exception.
|
||||
if (![storage containsSession:recipientID deviceId:@(OWSDevicePrimaryDeviceId).intValue protocolContext:transaction]) {
|
||||
if (!isFriendRequest && ![storage containsSession:recipientID deviceId:@(OWSDevicePrimaryDeviceId).intValue protocolContext:transaction]) {
|
||||
NSString *missingSessionException = @"missingSessionException";
|
||||
OWSRaiseException(missingSessionException,
|
||||
@"Unexpectedly missing session for recipient: %@, device: %@",
|
||||
|
@ -1987,6 +1991,7 @@ NSString *const OWSMessageSenderRateLimitedException = @"RateLimitedException";
|
|||
paddedPlaintext:[plainText paddedMessageBody]
|
||||
senderCertificate:messageSend.senderCertificate
|
||||
protocolContext:transaction
|
||||
isFriendRequest:isFriendRequest
|
||||
error:&error];
|
||||
SCKRaiseIfExceptionWrapperError(error);
|
||||
if (!serializedMessage || error) {
|
||||
|
@ -2016,7 +2021,8 @@ NSString *const OWSMessageSenderRateLimitedException = @"RateLimitedException";
|
|||
isOnline:isOnline
|
||||
registrationId:[cipher throws_remoteRegistrationId:transaction]
|
||||
ttl:message.ttl
|
||||
isPing:isPing];
|
||||
isPing:isPing
|
||||
isFriendRequest:isFriendRequest];
|
||||
|
||||
NSError *error;
|
||||
NSDictionary *jsonDict = [MTLJSONAdapter JSONDictionaryFromModel:messageParams error:&error];
|
||||
|
|
|
@ -30,6 +30,9 @@ NS_ASSUME_NONNULL_BEGIN
|
|||
// Loki: Wether this message is a p2p ping
|
||||
@property (nonatomic, readonly) BOOL isPing;
|
||||
|
||||
// Loki: Wether this message is a friend request
|
||||
@property (nonatomic, readonly) BOOL isFriendRequest;
|
||||
|
||||
- (instancetype)initWithType:(TSWhisperMessageType)type
|
||||
recipientId:(NSString *)destination
|
||||
device:(int)deviceId
|
||||
|
@ -38,7 +41,8 @@ NS_ASSUME_NONNULL_BEGIN
|
|||
isOnline:(BOOL)isOnline
|
||||
registrationId:(int)registrationId
|
||||
ttl:(uint)ttl
|
||||
isPing:(BOOL)isPing;
|
||||
isPing:(BOOL)isPing
|
||||
isFriendRequest:(BOOL)isFriendRequest;
|
||||
|
||||
@end
|
||||
|
||||
|
|
|
@ -24,6 +24,7 @@ NS_ASSUME_NONNULL_BEGIN
|
|||
registrationId:(int)registrationId
|
||||
ttl:(uint)ttl
|
||||
isPing:(BOOL)isPing
|
||||
isFriendRequest:(BOOL)isFriendRequest
|
||||
{
|
||||
self = [super init];
|
||||
|
||||
|
@ -40,6 +41,7 @@ NS_ASSUME_NONNULL_BEGIN
|
|||
_online = isOnline;
|
||||
_ttl = ttl;
|
||||
_isPing = isPing;
|
||||
_isFriendRequest = isFriendRequest;
|
||||
|
||||
return self;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue