nik/signal-cli
1
0
Fork 0
mirror of https://github.com/AsamK/signal-cli.git synced 2026-05-17 13:11:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Improve destination/source checks for incoming messages

Browse Source
This commit is contained in:
AsamK 2026-05-13 18:29:26 +02:00
parent c10f618a3e
commit 0a1531dcce
1 changed files with 34 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
lib/src/main/java/org/asamk/signal/manager/helper/IncomingMessageHandler.java
View File

@ -109,8 +109,8 @@ public final class IncomingMessageHandler {
SignalServiceContent content = null; SignalServiceContent content = null;
if (!envelope.isReceipt()) { if (!envelope.isReceipt()) {
account.getIdentityKeyStore().setRetryingDecryption(true); account.getIdentityKeyStore().setRetryingDecryption(true);
final var destination = getDestination(envelope).serviceId();
try { try {
final var destination = getDestination(envelope).serviceId();
final var cipherResult = dependencies.getCipher(destination == null final var cipherResult = dependencies.getCipher(destination == null
|| destination.equals(account.getAci()) ? ServiceIdType.ACI : ServiceIdType.PNI) || destination.equals(account.getAci()) ? ServiceIdType.ACI : ServiceIdType.PNI)
.decrypt(envelope.getProto(), envelope.getServerDeliveredTimestamp()); .decrypt(envelope.getProto(), envelope.getServerDeliveredTimestamp());
@ -140,6 +140,9 @@ public final class IncomingMessageHandler {
final Manager.ReceiveMessageHandler handler final Manager.ReceiveMessageHandler handler
) { ) {
final var actions = new ArrayList<HandleAction>(); final var actions = new ArrayList<HandleAction>();
if (envelope.isPreKeySignalMessage()) {
actions.add(RefreshPreKeysAction.create());
}
SignalServiceContent content = null; SignalServiceContent content = null;
Exception exception = null; Exception exception = null;
if (envelope.getSourceServiceId() != null) { if (envelope.getSourceServiceId() != null) {
@ -148,8 +151,19 @@ public final class IncomingMessageHandler {
account.getRecipientResolver().resolveRecipient(envelope.getSourceServiceId()); account.getRecipientResolver().resolveRecipient(envelope.getSourceServiceId());
} }
if (!envelope.isReceipt()) { if (!envelope.isReceipt()) {
final var destination = getDestination(envelope).serviceId();
try { try {
final var destination = getDestination(envelope).serviceId();
if (destination == account.getPni() && envelope.getSourceServiceId() == null) {
throw new InvalidMessageException(
"Got a sealed sender message to our PNI? Invalid message, ignoring.");
}
if (envelope.getSourceServiceId() instanceof ServiceId.PNI
&& envelope.getProto().type != Envelope.Type.SERVER_DELIVERY_RECEIPT) {
throw new InvalidMessageException("Got a message from a PNI that was not a SERVER_DELIVERY_RECEIPT.");
}
final var cipherResult = dependencies.getCipher(destination == null final var cipherResult = dependencies.getCipher(destination == null
|| destination.equals(account.getAci()) ? ServiceIdType.ACI : ServiceIdType.PNI) || destination.equals(account.getAci()) ? ServiceIdType.ACI : ServiceIdType.PNI)
.decrypt(envelope.getProto(), envelope.getServerDeliveredTimestamp()); .decrypt(envelope.getProto(), envelope.getServerDeliveredTimestamp());
@ -174,7 +188,13 @@ public final class IncomingMessageHandler {
logger.debug("Received invalid message from blocked contact, ignoring."); logger.debug("Received invalid message from blocked contact, ignoring.");
} else { } else {
var serviceId = ServiceId.parseOrNull(e.getSender()); var serviceId = ServiceId.parseOrNull(e.getSender());
if (serviceId != null) { ServiceId destination;
try {
destination = getDestination(envelope).serviceId();
} catch (InvalidMessageException ex) {
destination = null;
}
if (serviceId != null && destination != null) {
final var isSelf = sender.equals(account.getSelfRecipientId()) final var isSelf = sender.equals(account.getSelfRecipientId())
&& e.getSenderDevice() == account.getDeviceId(); && e.getSenderDevice() == account.getDeviceId();
logger.debug("Received invalid message, queuing renew session action."); logger.debug("Received invalid message, queuing renew session action.");
@ -312,7 +332,12 @@ public final class IncomingMessageHandler {
final var sender = senderDeviceAddress.recipientId(); final var sender = senderDeviceAddress.recipientId();
final var senderServiceId = senderDeviceAddress.serviceId(); final var senderServiceId = senderDeviceAddress.serviceId();
final var senderDeviceId = senderDeviceAddress.deviceId(); final var senderDeviceId = senderDeviceAddress.deviceId();
final var destination = getDestination(envelope); final DeviceAddress destination;
try {
destination = getDestination(envelope);
} catch (InvalidMessageException e) {
throw new AssertionError(e);
}
if (account.getPni().equals(destination.serviceId)) { if (account.getPni().equals(destination.serviceId)) {
account.getRecipientStore().markNeedsPniSignature(destination.recipientId, true); account.getRecipientStore().markNeedsPniSignature(destination.recipientId, true);
@ -1066,10 +1091,13 @@ public final class IncomingMessageHandler {
} }
} }
private DeviceAddress getDestination(SignalServiceEnvelope envelope) { private DeviceAddress getDestination(SignalServiceEnvelope envelope) throws InvalidMessageException {
final var destination = envelope.getDestinationServiceId(); final var destination = envelope.getDestinationServiceId();
if (destination == null || destination.isUnknown()) { if (destination == null || destination.isUnknown()) {
return new DeviceAddress(account.getSelfRecipientId(), account.getAci(), account.getDeviceId()); throw new InvalidMessageException("Missing destination");
}
if (!account.getAci().equals(destination) && !account.getPni().equals(destination)) {
throw new InvalidMessageException("Message not intended for this account");
} }
return new DeviceAddress(account.getRecipientResolver().resolveRecipient(destination), return new DeviceAddress(account.getRecipientResolver().resolveRecipient(destination),
destination, destination,