diff --git a/Signal/src/Jobs/MessageFetcherJob.swift b/Signal/src/Jobs/MessageFetcherJob.swift index 432f6fe90..39457188b 100644 --- a/Signal/src/Jobs/MessageFetcherJob.swift +++ b/Signal/src/Jobs/MessageFetcherJob.swift @@ -201,10 +201,10 @@ public class MessageFetcherJob: NSObject { private func acknowledgeDelivery(envelope: SSKProtoEnvelope) { let request: TSRequest - if let source = envelope.source { - request = OWSRequestFactory.acknowledgeMessageDeliveryRequest(withSource: source, timestamp: envelope.timestamp) - } else if let serverGuid = envelope.serverGuid, envelope.hasServerTimestamp { + if let serverGuid = envelope.serverGuid, envelope.hasServerTimestamp { request = OWSRequestFactory.acknowledgeMessageDeliveryRequest(withServerGuid: serverGuid, serverTimestamp: envelope.serverTimestamp) + } else if let source = envelope.source { + request = OWSRequestFactory.acknowledgeMessageDeliveryRequest(withSource: source, timestamp: envelope.timestamp) } else { owsFailDebug("Cannot ACK message which has neither source, nor server GUID and timestamp.") return diff --git a/SignalServiceKit/src/Messages/OWSMessageDecrypter.m b/SignalServiceKit/src/Messages/OWSMessageDecrypter.m index 85b16a61a..772f47d31 100644 --- a/SignalServiceKit/src/Messages/OWSMessageDecrypter.m +++ b/SignalServiceKit/src/Messages/OWSMessageDecrypter.m @@ -4,6 +4,7 @@ #import "OWSMessageDecrypter.h" #import "NSData+messagePadding.h" +#import "NSString+SSK.h" #import "NotificationsProtocol.h" #import "OWSAnalytics.h" #import "OWSBlockingManager.h" @@ -151,6 +152,12 @@ NSError *EnsureDecryptError(NSError *_Nullable error, NSString *fallbackErrorDes DecryptSuccessBlock successBlock = ^( OWSMessageDecryptResult *result, YapDatabaseReadWriteTransaction *transaction) { + // Ensure all blocked messages are discarded. + if ([self isEnvelopeSenderBlocked:envelope]) { + OWSLogInfo(@"ignoring blocked envelope: %@", envelope.source); + return failureBlock(); + } + // Having received a valid (decryptable) message from this user, // make note of the fact that they have a valid Signal account. [SignalRecipient markRecipientAsRegistered:result.source deviceId:result.sourceDevice transaction:transaction]; @@ -161,13 +168,20 @@ NSError *EnsureDecryptError(NSError *_Nullable error, NSString *fallbackErrorDes @try { OWSLogInfo(@"decrypting envelope: %@", [self descriptionForEnvelope:envelope]); - // We block UD messages later, after they are decrypted. if (envelope.type != SSKProtoEnvelopeTypeUnidentifiedSender) { - OWSAssertDebug(envelope.source.length > 0); + if (!envelope.hasSource || envelope.source.length < 1 || !envelope.source.isValidE164) { + OWSFailDebug(@"incoming envelope has invalid source"); + return failureBlock(); + } + if (!envelope.hasSourceDevice || envelope.sourceDevice < 1) { + OWSFailDebug(@"incoming envelope has invalid source device"); + return failureBlock(); + } + + // We block UD messages later, after they are decrypted. if ([self isEnvelopeSenderBlocked:envelope]) { OWSLogInfo(@"ignoring blocked envelope: %@", envelope.source); - failureBlock(); - return; + return failureBlock(); } } @@ -421,20 +435,13 @@ NSError *EnsureDecryptError(NSError *_Nullable error, NSString *fallbackErrorDes } NSString *source = decryptResult.senderRecipientId; - if (source.length < 1) { + if (source.length < 1 || !source.isValidE164) { NSString *errorDescription = @"Invalid UD sender."; OWSFailDebug(@"%@", errorDescription); NSError *error = OWSErrorWithCodeDescription(OWSErrorCodeFailedToDecryptUDMessage, errorDescription); return failureBlock(error); } - if ([self.blockingManager.blockedPhoneNumbers containsObject:source]) { - OWSLogInfo(@"ignoring blocked UD envelope: %@", envelope.source); - NSError *error = OWSErrorWithCodeDescription( - OWSErrorCodeFailedToDecryptUDMessage, @"ignoring blocked UD envelope"); - return failureBlock(error); - } - long sourceDeviceId = decryptResult.senderDeviceId; if (sourceDeviceId < 1 || sourceDeviceId > UINT32_MAX) { NSString *errorDescription = @"Invalid UD sender device id."; @@ -478,7 +485,7 @@ NSError *EnsureDecryptError(NSError *_Nullable error, NSString *fallbackErrorDes OWSAssert(trustRootData); OWSAssert(trustRootData.length == ECCKeyLength + 1); NSError *error; - ECPublicKey *_Nullable trustRoot = [[ECPublicKey alloc] initWithKeyData:[trustRootData removeKeyType] error:&error]; + ECPublicKey *_Nullable trustRoot = [[ECPublicKey alloc] initWithSerializedKeyData:trustRootData error:&error]; if (error || !trustRoot) { // This exits. OWSFail(@"Invalid UD trust root."); diff --git a/SignalServiceKit/src/Messages/OWSMessageManager.m b/SignalServiceKit/src/Messages/OWSMessageManager.m index 74d597059..91091efd4 100644 --- a/SignalServiceKit/src/Messages/OWSMessageManager.m +++ b/SignalServiceKit/src/Messages/OWSMessageManager.m @@ -208,12 +208,15 @@ NS_ASSUME_NONNULL_BEGIN OWSLogInfo(@"handling decrypted envelope: %@", [self descriptionForEnvelope:envelope]); - if (!envelope.source.isValidE164) { + if (!envelope.hasSource || envelope.source.length < 1 || !envelope.source.isValidE164) { OWSFailDebug(@"incoming envelope has invalid source"); return; } + if (!envelope.hasSourceDevice || envelope.sourceDevice < 1) { + OWSFailDebug(@"incoming envelope has invalid source device"); + return; + } - OWSAssertDebug(envelope.source.length > 0); OWSAssertDebug(![self isEnvelopeSenderBlocked:envelope]); switch (envelope.type) { diff --git a/SignalServiceKit/src/Messages/OWSMessageSend.swift b/SignalServiceKit/src/Messages/OWSMessageSend.swift index a913cfa4c..a8e4c6bb4 100644 --- a/SignalServiceKit/src/Messages/OWSMessageSend.swift +++ b/SignalServiceKit/src/Messages/OWSMessageSend.swift @@ -5,6 +5,10 @@ import Foundation import SignalMetadataKit +// Corresponds to a single effort to send a message to a given recipient, +// which may span multiple attempts. Note that group messages may be sent +// to multiple recipients and therefore require multiple instances of +// OWSMessageSend. @objc public class OWSMessageSend: NSObject { @objc @@ -17,7 +21,6 @@ public class OWSMessageSend: NSObject { @objc public let recipient: SignalRecipient - // TODO: Should this be per-recipient or per-message? private static let kMaxRetriesPerRecipient: Int = 3 @objc