Signal/Signal-Server
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Server synced 2026-04-21 11:28:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Check for IdentityType.PNI in OptionalAccess#verify

Browse Source
This commit is contained in:
Chris Eager
2024-07-23 15:15:27 -05:00
committed by Chris Eager
parent 8afc0e6ab2
commit e4ffc932a9
7 changed files with 94 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
service/src/main/java/org/whispersystems/textsecuregcm/controllers/KeysController.java
View File

@@ -349,7 +349,7 @@ public class KeysController {
throw new NotAuthorizedException(e);
}
} else {
OptionalAccess.verify(account, accessKey, maybeTarget, deviceId);
OptionalAccess.verify(account, accessKey, maybeTarget, targetIdentifier, deviceId);
}
final Account target = maybeTarget.orElseThrow(NotFoundException::new);

3
service/src/main/java/org/whispersystems/textsecuregcm/controllers/MessageController.java
View File

@@ -374,7 +374,8 @@ public class MessageController {
throw new NotFoundException();
}
} else {
OptionalAccess.verify(source.map(AuthenticatedAccount::getAccount), accessKey, destination);
OptionalAccess.verify(source.map(AuthenticatedAccount::getAccount), accessKey, destination,
destinationIdentifier);
}
boolean needsSync = !isSyncMessage && source.isPresent() && source.get().getAccount().getDevices().size() > 1;

20
service/src/main/java/org/whispersystems/textsecuregcm/controllers/ProfileController.java
View File

@@ -19,7 +19,6 @@ import java.time.Clock;
import java.time.ZonedDateTime;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Base64;
import java.util.Collection;
import java.util.Collections;
import java.util.HexFormat;
@@ -32,7 +31,6 @@ import java.util.concurrent.CompletableFuture;
import java.util.concurrent.Executor;
import java.util.function.Function;
import java.util.stream.Collectors;
import javax.annotation.Nullable;
import javax.validation.Valid;
import javax.validation.constraints.NotNull;
import javax.ws.rs.BadRequestException;
@@ -48,7 +46,6 @@ import javax.ws.rs.PathParam;
import javax.ws.rs.ProcessingException;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.HttpHeaders;
@@ -503,7 +500,7 @@ public class ProfileController {
final Optional<Account> maybeTargetAccount = accountsManager.getByServiceIdentifier(accountIdentifier);
OptionalAccess.verify(maybeRequester, maybeAccessKey, maybeTargetAccount);
OptionalAccess.verify(maybeRequester, maybeAccessKey, maybeTargetAccount, accountIdentifier);
assert maybeTargetAccount.isPresent();
return maybeTargetAccount.get();
@@ -520,19 +517,4 @@ public class ProfileController {
now.format(PostPolicyGenerator.AWS_DATE_TIME), policy.second(), signature);
}
@Nullable
private static byte[] decodeFromBase64(@Nullable final String input) {
if (input == null) {
return null;
}
return Base64.getDecoder().decode(input);
}
@Nullable
private static String encodeToBase64(@Nullable final byte[] input) {
if (input == null) {
return null;
}
return Base64.getEncoder().encodeToString(input);
}
}