Try random UD access keys in profile gets.

7 years ago · dbe635f721
parent b65d515ac3
commit dbe635f721
4 changed files with 49 additions and 37 deletions
--- a/SignalMessaging/profiles/ProfileFetcherJob.swift
+++ b/SignalMessaging/profiles/ProfileFetcherJob.swift
@ -134,7 +134,29 @@ public class ProfileFetcherJob: NSObject {

        Logger.error("getProfile: \(recipientId)")

-        let unidentifiedAccess: SSKUnidentifiedAccess? = self.getUnidentifiedAccess(forRecipientId: recipientId)
+        // If we are in unknown mode, try using a random UD access key
+        // in case they support unrestricted access.
+        if self.udManager.unidentifiedAccessMode(recipientId: recipientId) == .unknown,
+            let randomUnidentifiedAccess = self.udManager.getRandomAccess() {
+            return requestProfile(recipientId: recipientId,
+                                  unidentifiedAccess: randomUnidentifiedAccess)
+                .recover { (_: Error) -> Promise<SignalServiceProfile> in
+                    Logger.verbose("Failing over to non-random access.")
+                    let unidentifiedAccess = self.getUnidentifiedAccess(forRecipientId: recipientId)
+                    return self.requestProfile(recipientId: recipientId,
+                                               unidentifiedAccess: unidentifiedAccess)
+            }
+        } else {
+            let unidentifiedAccess = getUnidentifiedAccess(forRecipientId: recipientId)
+            return requestProfile(recipientId: recipientId,
+                                  unidentifiedAccess: unidentifiedAccess)
+        }
+    }
+
+    private func requestProfile(recipientId: String,
+                                unidentifiedAccess: SSKUnidentifiedAccess?) -> Promise<SignalServiceProfile> {
+        AssertIsOnMainThread()
+
        let requestMaker = RequestMaker(requestFactoryBlock: { (unidentifiedAccessForRequest) -> TSRequest in
            return OWSRequestFactory.getProfileRequest(recipientId: recipientId, unidentifiedAccess: unidentifiedAccessForRequest)
        }, udAuthFailureBlock: {
@ -158,7 +180,9 @@ public class ProfileFetcherJob: NSObject {
                                     profileNameEncrypted: signalServiceProfile.profileNameEncrypted,
                                     avatarUrlPath: signalServiceProfile.avatarUrlPath)

-        updateUnidentifiedAccess(recipientId: recipientId, verifier: signalServiceProfile.unidentifiedAccessVerifier, hasUnrestrictedAccess: signalServiceProfile.hasUnrestrictedUnidentifiedAccess)
+        updateUnidentifiedAccess(recipientId: recipientId,
+                                 verifier: signalServiceProfile.unidentifiedAccessVerifier,
+                                 hasUnrestrictedAccess: signalServiceProfile.hasUnrestrictedUnidentifiedAccess)
    }

    private func updateUnidentifiedAccess(recipientId: String, verifier: Data?, hasUnrestrictedAccess: Bool) {
@ -207,6 +231,6 @@ public class ProfileFetcherJob: NSObject {
    }

    private func getUnidentifiedAccess(forRecipientId recipientId: RecipientIdentifier) -> SSKUnidentifiedAccess? {
-        return self.udManager.getAccess(forRecipientId: recipientId)?.targetUnidentifiedAccess
+        return self.udManager.getAccess(forRecipientId: recipientId)
    }
 }
--- a/SignalServiceKit/src/Messages/OWSMessageSend.swift
+++ b/SignalServiceKit/src/Messages/OWSMessageSend.swift
@ -61,7 +61,7 @@ public class OWSMessageSend: NSObject {
        self.localNumber = localNumber

        if let recipientId = recipient.uniqueId {
-            self.unidentifiedAccess = udManager.getAccess(forRecipientId: recipientId)?.targetUnidentifiedAccess
+            self.unidentifiedAccess = udManager.getAccess(forRecipientId: recipientId)
            self.isLocalNumber = localNumber == recipientId
        } else {
            owsFailDebug("SignalRecipient missing recipientId")
--- a/SignalServiceKit/src/Messages/UD/OWSUDManager.swift
+++ b/SignalServiceKit/src/Messages/UD/OWSUDManager.swift
@ -34,7 +34,13 @@ public enum UnidentifiedAccessMode: Int {
    func setUnidentifiedAccessMode(_ mode: UnidentifiedAccessMode, recipientId: String)

    @objc
-    func getAccess(forRecipientId recipientId: RecipientIdentifier) -> SSKUnidentifiedAccessPair?
+    func getRandomAccess() -> SSKUnidentifiedAccess?
+
+    @objc
+    func getAccess(forRecipientId recipientId: RecipientIdentifier) -> SSKUnidentifiedAccess?
+
+    @objc
+    func unidentifiedAccessMode(recipientId: RecipientIdentifier) -> UnidentifiedAccessMode

    // Returns the UD access key for a given recipient if:
    //
@ -124,7 +130,18 @@ public class OWSUDManagerImpl: NSObject, OWSUDManager {
    // MARK: - Recipient state

    @objc
-    public func getAccess(forRecipientId recipientId: RecipientIdentifier) -> SSKUnidentifiedAccessPair? {
+    public func getRandomAccess() -> SSKUnidentifiedAccess? {
+        guard let ourSenderCertificate = senderCertificate() else {
+            return nil
+        }
+
+        let theirAccessKey = SMKUDAccessKey(randomKeyData: ())
+
+        return SSKUnidentifiedAccess(accessKey: theirAccessKey, senderCertificate: ourSenderCertificate)
+    }
+
+    @objc
+    public func getAccess(forRecipientId recipientId: RecipientIdentifier) -> SSKUnidentifiedAccess? {
        let theirAccessMode = unidentifiedAccessMode(recipientId: recipientId)
        guard theirAccessMode == .enabled || theirAccessMode == .unrestricted else {
            return nil
@ -138,29 +155,11 @@ public class OWSUDManagerImpl: NSObject, OWSUDManager {
            return nil
        }

-        guard let ourAccessKey: SMKUDAccessKey = {
-            if shouldAllowUnrestrictedAccessLocal() {
-                return SMKUDAccessKey(randomKeyData: ())
-            } else {
-                guard let localNumber = tsAccountManager.localNumber() else {
-                    owsFailDebug("localNumber was unexpectedly nil")
-                    return nil
-                }
-
-                return enabledUDAccessKeyForRecipient(localNumber)
-            }
-        }() else {
-            return nil
-        }
-
-        let targetUnidentifiedAccess = SSKUnidentifiedAccess(accessKey: theirAccessKey, senderCertificate: ourSenderCertificate)
-        let selfUnidentifiedAccess = SSKUnidentifiedAccess(accessKey: ourAccessKey, senderCertificate: ourSenderCertificate)
-        return SSKUnidentifiedAccessPair(targetUnidentifiedAccess: targetUnidentifiedAccess,
-                                         selfUnidentifiedAccess: selfUnidentifiedAccess)
+        return SSKUnidentifiedAccess(accessKey: theirAccessKey, senderCertificate: ourSenderCertificate)
    }

    @objc
-    func unidentifiedAccessMode(recipientId: RecipientIdentifier) -> UnidentifiedAccessMode {
+    public func unidentifiedAccessMode(recipientId: RecipientIdentifier) -> UnidentifiedAccessMode {
        guard let existingRawValue = dbConnection.object(forKey: recipientId, inCollection: kUnidentifiedAccessCollection) as? Int else {
            return .unknown
        }
--- a/SignalServiceKit/src/Network/UnidentifiedAccess.swift
+++ b/SignalServiceKit/src/Network/UnidentifiedAccess.swift
@ -5,17 +5,6 @@
 import Foundation
 import SignalMetadataKit

-@objc
-public class SSKUnidentifiedAccessPair: NSObject {
-    public let targetUnidentifiedAccess: SSKUnidentifiedAccess
-    public let selfUnidentifiedAccess: SSKUnidentifiedAccess
-
-    init(targetUnidentifiedAccess: SSKUnidentifiedAccess, selfUnidentifiedAccess: SSKUnidentifiedAccess) {
-        self.targetUnidentifiedAccess = targetUnidentifiedAccess
-        self.selfUnidentifiedAccess = selfUnidentifiedAccess
-    }
-}
-
@objc
 public class SSKUnidentifiedAccess: NSObject {
    @objc