Compare commits
17 commits
unofficial
...
main
Author | SHA1 | Date | |
---|---|---|---|
7bfa3bc807 | |||
|
215952a8dd | ||
|
75a6299076 | ||
|
ebf97bd571 | ||
|
abfe60edbe | ||
d6cde14350 | |||
5173711b10 | |||
186d7ec602 | |||
|
e1382092d3 | ||
61b3239300 | |||
0fab195157 | |||
|
41951d0a43 | ||
|
19f6df8197 | ||
|
5330f94872 | ||
|
fec6f65b2b | ||
|
448b6ae3c9 | ||
4bc11f17a0 |
7 changed files with 280 additions and 53 deletions
|
@ -2,18 +2,14 @@ stages:
|
||||||
- build
|
- build
|
||||||
|
|
||||||
variables:
|
variables:
|
||||||
version: "v2.15.3_unofficial_34"
|
version: "v2.15.3_unofficial_50"
|
||||||
GRADLE_OPTS: -Dorg.gradle.daemon=false
|
GRADLE_OPTS: -Dorg.gradle.daemon=false
|
||||||
|
|
||||||
build:
|
build:
|
||||||
image: gradle:7.2
|
image: gradle:7.4
|
||||||
stage: build
|
stage: build
|
||||||
script:
|
script:
|
||||||
- git clone https://github.com/Turasa/libsignal-service-java
|
- ./build.sh
|
||||||
- cd libsignal-service-java && git checkout "$version"
|
|
||||||
- git config user.email nobody@signald.org && git config user.name signald
|
|
||||||
- git am ../libsignal-service-java.patch
|
|
||||||
- gradle assemble publish
|
|
||||||
parallel:
|
parallel:
|
||||||
matrix:
|
matrix:
|
||||||
- TARGET:
|
- TARGET:
|
||||||
|
@ -22,15 +18,15 @@ build:
|
||||||
- arm-unknown-linux-gnueabihf
|
- arm-unknown-linux-gnueabihf
|
||||||
- armv7-unknown-linux-gnueabihf
|
- armv7-unknown-linux-gnueabihf
|
||||||
- x86_64-unknown-linux-gnu
|
- x86_64-unknown-linux-gnu
|
||||||
|
- x86_64-unknown-linux-musl
|
||||||
|
|
||||||
build x86_64-apple-darwin:
|
build darwin:
|
||||||
stage: build
|
stage: build
|
||||||
tags: [darwin-builder]
|
tags: [darwin-builder]
|
||||||
script:
|
script:
|
||||||
- git clone https://github.com/Turasa/libsignal-service-java
|
- ./build.sh
|
||||||
- cd libsignal-service-java && git checkout "$version"
|
parallel:
|
||||||
- git config user.email nobody@signald.org && git config user.name signald
|
matrix:
|
||||||
- git am ../libsignal-service-java.patch
|
- TARGET:
|
||||||
- ./gradlew assemble publish
|
- x86_64-apple-darwin
|
||||||
variables:
|
- aarch64-apple-darwin
|
||||||
TARGET: x86_64-apple-darwin
|
|
||||||
|
|
11
build.sh
Executable file
11
build.sh
Executable file
|
@ -0,0 +1,11 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -exuo pipefail
|
||||||
|
git clone -b "${version}" https://github.com/Turasa/libsignal-service-java.git
|
||||||
|
cd libsignal-service-java
|
||||||
|
git config user.email nobody@signald.org
|
||||||
|
git config user.name signald
|
||||||
|
git am ../libsignal-service-java.patch
|
||||||
|
git am ../update-kbs-settings.patch
|
||||||
|
python3 ../update-verification-metadata.py
|
||||||
|
git diff --color=always
|
||||||
|
gradle assemble publish || (gradle --write-verification-metadata sha256 && git diff --color=always && exit 1)
|
34
hashes.json
Normal file
34
hashes.json
Normal file
|
@ -0,0 +1,34 @@
|
||||||
|
{
|
||||||
|
"aarch64-unknown-linux-gnu": {
|
||||||
|
"jar": "802529c1472f7e621cca496c918d7bfec08314572f10e168b0d20b15a5b8101a",
|
||||||
|
"module": "48e315037d2d9af6c7cf7b811d9a81d81b1eff13cbb1837b7638a3803b68f303"
|
||||||
|
},
|
||||||
|
"arm-unknown-linux-gnueabi": {
|
||||||
|
"jar": "8ef66fe1ae28fe7b2918292824ef33a41a3432c3a981cfa55665106c89348327",
|
||||||
|
"module": "7c988dfb2fca57ff0aabd7bd88ebfa5658be8722adb0831a5140aed3d1529097"
|
||||||
|
},
|
||||||
|
"arm-unknown-linux-gnueabihf": {
|
||||||
|
"jar": "446a796b0a2a062c65d9d5cb75a3fd4aadc03ab321b52c39a5bfe1e6f9dc9891",
|
||||||
|
"module": "30e6a82cc6d2b01b57b758d8352c9d90926f31becfe6218c43d2614a309c9cbc"
|
||||||
|
},
|
||||||
|
"armv7-unknown-linux-gnueabihf": {
|
||||||
|
"jar": "3e896a52cf5816387094137403c112353de93f4b7591bcfc5965e89ef3777c5b",
|
||||||
|
"module": "39be083718c6b8afe94e2ccff63c918ea1255292881afbb60b12236cd4b70dc6"
|
||||||
|
},
|
||||||
|
"x86_64-unknown-linux-gnu": {
|
||||||
|
"jar": "b38295eb11df91939b872f49eb8b55b2faf7933da92202b95d82320f4cdcb644",
|
||||||
|
"module": "1b739335cde181864882481f5feca8fca3f7baa439f79c36ac596a781e6d4477"
|
||||||
|
},
|
||||||
|
"x86_64-apple-darwin": {
|
||||||
|
"jar": "949a72b14d81389a30e330db3162f822a475d0f19087590f334639acdb01b4eb",
|
||||||
|
"module": "7de5da969225585d36d68ba7a87c80d33886e36a04dea9d78ef8c2df9f6a3bf2"
|
||||||
|
},
|
||||||
|
"aarch64-apple-darwin": {
|
||||||
|
"jar": "e7f405b1c521054bbea8ec0ff87c54527f17e8c914079d7805c4def3589e8af1",
|
||||||
|
"module": "3c153a7e01ae317280981e387d3fd002b7106ce65653be1b6e4216a4f4d9d314"
|
||||||
|
},
|
||||||
|
"x86_64-unknown-linux-musl": {
|
||||||
|
"jar": "9a46edb376089b6284cbc76c4e6bc21fa91f8ee7e3daf221d704243cfe0c16cf",
|
||||||
|
"module": "a35abf78dc674557ddc7da348d5eb2d015b4e843d5402df95922ba2780b36169"
|
||||||
|
}
|
||||||
|
}
|
|
@ -1,27 +1,38 @@
|
||||||
From 9c663c86765a9a0b2950ae8850bffc9fe4abe335 Mon Sep 17 00:00:00 2001
|
From c51057ae26118490176af0b2421f8fa62d926c00 Mon Sep 17 00:00:00 2001
|
||||||
From: finn <finn@janky.solutions>
|
From: signald <nobody@signald.org>
|
||||||
Date: Thu, 18 Nov 2021 18:55:31 -0800
|
Date: Thu, 16 Jun 2022 13:04:00 -0700
|
||||||
Subject: [PATCH] update gradle files
|
Subject: [PATCH] update build files and provide a way for the websocket
|
||||||
|
receive callback to indicate the message was not saved
|
||||||
|
|
||||||
---
|
---
|
||||||
build.gradle | 10 +---------
|
build.gradle | 17 +++--------------
|
||||||
dependencies.gradle | 3 +--
|
dependencies.gradle | 3 +--
|
||||||
service/build.gradle | 21 ++++++++++-----------
|
gradle/verification-metadata.xml | 13 ++++++++-----
|
||||||
settings.gradle | 2 +-
|
service/build.gradle | 19 +++++++++----------
|
||||||
4 files changed, 13 insertions(+), 23 deletions(-)
|
.../signalservice/api/NotSavedException.java | 4 ++++
|
||||||
|
.../signalservice/api/SignalWebSocket.java | 13 ++++++++++---
|
||||||
|
settings.gradle | 1 -
|
||||||
|
7 files changed, 35 insertions(+), 35 deletions(-)
|
||||||
|
create mode 100644 service/src/main/java/org/whispersystems/signalservice/api/NotSavedException.java
|
||||||
|
|
||||||
diff --git a/build.gradle b/build.gradle
|
diff --git a/build.gradle b/build.gradle
|
||||||
index 5a4cded..a1d8d70 100644
|
index 2498bfcb..81f7038d 100644
|
||||||
--- a/build.gradle
|
--- a/build.gradle
|
||||||
+++ b/build.gradle
|
+++ b/build.gradle
|
||||||
@@ -1,5 +1,6 @@
|
@@ -9,11 +9,8 @@ buildscript {
|
||||||
buildscript {
|
|
||||||
repositories {
|
|
||||||
+ maven {url "https://gitlab.com/api/v4/groups/6853927/-/packages/maven"} // https://gitlab.com/groups/signald/-/packages
|
|
||||||
google()
|
|
||||||
mavenCentral()
|
|
||||||
}
|
}
|
||||||
@@ -23,15 +24,6 @@ def getRepositoryPassword() {
|
}
|
||||||
|
|
||||||
|
-plugins {
|
||||||
|
- id("io.github.gradle-nexus.publish-plugin") version "1.1.0"
|
||||||
|
-}
|
||||||
|
|
||||||
|
-project.group = "com.github.turasa"
|
||||||
|
+project.group = "org.signald"
|
||||||
|
|
||||||
|
def getRepositoryUsername() {
|
||||||
|
return hasProperty('whisperSonatypeUsername') ? whisperSonatypeUsername : ""
|
||||||
|
@@ -23,18 +20,10 @@ def getRepositoryPassword() {
|
||||||
return hasProperty('whisperSonatypePassword') ? whisperSonatypePassword : ""
|
return hasProperty('whisperSonatypePassword') ? whisperSonatypePassword : ""
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -33,29 +44,66 @@ index 5a4cded..a1d8d70 100644
|
||||||
- }
|
- }
|
||||||
- }
|
- }
|
||||||
-}
|
-}
|
||||||
-
|
|
||||||
subprojects {
|
subprojects {
|
||||||
ext.lib_signal_service_version_number = "2.15.3_unofficial_34"
|
- ext.lib_signal_service_version_number = "2.15.3_unofficial_50"
|
||||||
ext.lib_signal_service_group_info = "com.github.turasa"
|
- ext.lib_signal_service_group_info = "com.github.turasa"
|
||||||
|
+ ext.lib_signal_service_version_number = "2.15.3_unofficial_50_signald_2"
|
||||||
|
+ ext.lib_signal_service_group_info = "org.signald"
|
||||||
|
|
||||||
|
if (JavaVersion.current().isJava8Compatible()) {
|
||||||
|
allprojects {
|
||||||
diff --git a/dependencies.gradle b/dependencies.gradle
|
diff --git a/dependencies.gradle b/dependencies.gradle
|
||||||
index c1288ca..fc83d0f 100644
|
index e4b9f8a8..20e0d2f2 100644
|
||||||
--- a/dependencies.gradle
|
--- a/dependencies.gradle
|
||||||
+++ b/dependencies.gradle
|
+++ b/dependencies.gradle
|
||||||
@@ -8,8 +8,7 @@ dependencyResolutionManagement {
|
@@ -8,8 +8,7 @@ dependencyResolutionManagement {
|
||||||
alias('google-libphonenumber').to('com.googlecode.libphonenumber:libphonenumber:8.12.33')
|
alias('google-libphonenumber').to('com.googlecode.libphonenumber:libphonenumber:8.12.48')
|
||||||
|
|
||||||
// 1st Party
|
// 1st Party
|
||||||
- alias('signal-client-java').to('org.whispersystems', 'signal-client-java').versionRef('signal-client')
|
- alias('libsignal-client').to('org.signal', 'libsignal-client').versionRef('libsignal-client')
|
||||||
- alias('signal-client-android').to('org.whispersystems', 'signal-client-android').versionRef('signal-client')
|
- alias('libsignal-android').to('org.signal', 'libsignal-android').versionRef('libsignal-client')
|
||||||
+ alias('signal-client-java').to('org.whispersystems', 'signal-client-java-' + System.getenv("TARGET")).versionRef('signal-client')
|
+ alias('libsignal-client').to('org.signald', 'libsignal-client-' + System.getenv("TARGET")).versionRef('libsignal-client')
|
||||||
|
|
||||||
// Third Party
|
// Third Party
|
||||||
alias('jackson-core').to('com.fasterxml.jackson.core:jackson-databind:2.9.9.2')
|
alias('jackson-core').to('com.fasterxml.jackson.core:jackson-databind:2.13.0')
|
||||||
|
diff --git a/gradle/verification-metadata.xml b/gradle/verification-metadata.xml
|
||||||
|
index fc39d024..59fde59c 100644
|
||||||
|
--- a/gradle/verification-metadata.xml
|
||||||
|
+++ b/gradle/verification-metadata.xml
|
||||||
|
@@ -482,6 +482,9 @@
|
||||||
|
<artifact name="protoc-3.18.0-linux-x86_64.exe">
|
||||||
|
<sha256 value="e977a0b300a3b0c7c0135a02b8a4d746081e1cd8946ea747e0247412535692fe" origin="Generated by Gradle"/>
|
||||||
|
</artifact>
|
||||||
|
+ <artifact name="protoc-3.18.0-osx-x86_64.exe">
|
||||||
|
+ <sha256 value="956241e25cac149cf8d01d4f9125f2913b3bc471deea6856231367cdf4be71a4" origin="Generated by Gradle"/>
|
||||||
|
+ </artifact>
|
||||||
|
</component>
|
||||||
|
<component group="com.google.testing.platform" name="core-proto" version="0.0.8-alpha04">
|
||||||
|
<artifact name="core-proto-0.0.8-alpha04.jar">
|
||||||
|
@@ -1133,12 +1136,12 @@
|
||||||
|
<sha256 value="95510c70f1bf0fd65ddc1f39fbf7a42d75d8a064dc3a2cbe52496fa2f2c535f0" origin="Generated by Gradle"/>
|
||||||
|
</artifact>
|
||||||
|
</component>
|
||||||
|
- <component group="org.signal" name="libsignal-client" version="0.17.0">
|
||||||
|
- <artifact name="libsignal-client-0.17.0.jar">
|
||||||
|
- <sha256 value="3611dc9425d7ef85daedbafa49fa67f49e921bf89e36f601d0b79b1268315619" origin="Generated by Gradle"/>
|
||||||
|
+ <component group="org.signald" name="libsignal-client-{TARGET}" version="0.17.0">
|
||||||
|
+ <artifact name="libsignal-client-{TARGET}-0.17.0.jar">
|
||||||
|
+ <sha256 value="{TARGET_JAR_SHA256}" origin="Generated by Gradle"/>
|
||||||
|
</artifact>
|
||||||
|
- <artifact name="libsignal-client-0.17.0.module">
|
||||||
|
- <sha256 value="cc6125c6e30421eb39a115576371a41f0adde7ea501e99d2c74192264e6fb1ab" origin="Generated by Gradle"/>
|
||||||
|
+ <artifact name="libsignal-client-{TARGET}-0.17.0.module">
|
||||||
|
+ <sha256 value="{TARGET_MODULE_SHA256}" origin="Generated by Gradle"/>
|
||||||
|
</artifact>
|
||||||
|
</component>
|
||||||
|
<component group="org.tensorflow" name="tensorflow-lite-metadata" version="0.1.0-rc2">
|
||||||
diff --git a/service/build.gradle b/service/build.gradle
|
diff --git a/service/build.gradle b/service/build.gradle
|
||||||
index 98377c1..ca5a4c0 100644
|
index ae4df43a..4b0240d8 100644
|
||||||
--- a/service/build.gradle
|
--- a/service/build.gradle
|
||||||
+++ b/service/build.gradle
|
+++ b/service/build.gradle
|
||||||
@@ -23,6 +23,7 @@ compileJava {
|
@@ -21,6 +21,7 @@ compileJava {
|
||||||
}
|
}
|
||||||
|
|
||||||
repositories {
|
repositories {
|
||||||
|
@ -63,18 +111,16 @@ index 98377c1..ca5a4c0 100644
|
||||||
mavenCentral()
|
mavenCentral()
|
||||||
mavenLocal()
|
mavenLocal()
|
||||||
}
|
}
|
||||||
@@ -103,8 +104,8 @@ def getRepositoryPassword() {
|
@@ -98,7 +99,7 @@ def getRepositoryPassword() {
|
||||||
|
|
||||||
publishing {
|
publishing {
|
||||||
publications {
|
publications {
|
||||||
- mavenJava(MavenPublication) {
|
mavenJava(MavenPublication) {
|
||||||
- artifactId = 'signal-service-java'
|
- artifactId = 'signal-service-java'
|
||||||
+ library(MavenPublication) {
|
|
||||||
+ artifactId = 'signal-service-java-' + System.getenv("TARGET")
|
+ artifactId = 'signal-service-java-' + System.getenv("TARGET")
|
||||||
from components.java
|
from components.java
|
||||||
|
|
||||||
pom {
|
pom {
|
||||||
@@ -145,16 +146,14 @@ publishing {
|
@@ -139,16 +140,14 @@ publishing {
|
||||||
|
|
||||||
repositories {
|
repositories {
|
||||||
maven {
|
maven {
|
||||||
|
@ -98,18 +144,69 @@ index 98377c1..ca5a4c0 100644
|
||||||
- required { isReleaseBuild() && gradle.taskGraph.hasTask("uploadArchives") }
|
- required { isReleaseBuild() && gradle.taskGraph.hasTask("uploadArchives") }
|
||||||
- sign publishing.publications.mavenJava
|
- sign publishing.publications.mavenJava
|
||||||
-}
|
-}
|
||||||
|
diff --git a/service/src/main/java/org/whispersystems/signalservice/api/NotSavedException.java b/service/src/main/java/org/whispersystems/signalservice/api/NotSavedException.java
|
||||||
|
new file mode 100644
|
||||||
|
index 00000000..05d77d1f
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/service/src/main/java/org/whispersystems/signalservice/api/NotSavedException.java
|
||||||
|
@@ -0,0 +1,4 @@
|
||||||
|
+package org.whispersystems.signalservice.api;
|
||||||
|
+
|
||||||
|
+public class NotSavedException extends Exception {
|
||||||
|
+}
|
||||||
|
diff --git a/service/src/main/java/org/whispersystems/signalservice/api/SignalWebSocket.java b/service/src/main/java/org/whispersystems/signalservice/api/SignalWebSocket.java
|
||||||
|
index 5a98f3c4..dff24940 100644
|
||||||
|
--- a/service/src/main/java/org/whispersystems/signalservice/api/SignalWebSocket.java
|
||||||
|
+++ b/service/src/main/java/org/whispersystems/signalservice/api/SignalWebSocket.java
|
||||||
|
@@ -243,6 +243,7 @@ public final class SignalWebSocket {
|
||||||
|
while (true) {
|
||||||
|
WebSocketRequestMessage request = getWebSocket().readRequest(timeout);
|
||||||
|
WebSocketResponseMessage response = createWebSocketResponse(request);
|
||||||
|
+ boolean sendResponse = true; // indicates the acknowledgement should be sent to the server
|
||||||
|
try {
|
||||||
|
if (isSignalServiceEnvelope(request)) {
|
||||||
|
Optional<String> timestampHeader = findHeader(request);
|
||||||
|
@@ -258,13 +259,19 @@ public final class SignalWebSocket {
|
||||||
|
|
||||||
|
SignalServiceEnvelope envelope = new SignalServiceEnvelope(request.getBody().toByteArray(), timestamp);
|
||||||
|
|
||||||
|
- callback.onMessage(envelope);
|
||||||
|
+ try {
|
||||||
|
+ callback.onMessage(envelope);
|
||||||
|
+ } catch (NotSavedException e) {
|
||||||
|
+ sendResponse = false;
|
||||||
|
+ }
|
||||||
|
return Optional.of(envelope);
|
||||||
|
} else if (isSocketEmptyRequest(request)) {
|
||||||
|
return Optional.empty();
|
||||||
|
}
|
||||||
|
} finally {
|
||||||
|
- getWebSocket().sendResponse(response);
|
||||||
|
+ if(sendResponse) {
|
||||||
|
+ getWebSocket().sendResponse(response);
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@@ -315,6 +322,6 @@ public final class SignalWebSocket {
|
||||||
|
* received.
|
||||||
|
*/
|
||||||
|
public interface MessageReceivedCallback {
|
||||||
|
- void onMessage(SignalServiceEnvelope envelope);
|
||||||
|
+ void onMessage(SignalServiceEnvelope envelope) throws NotSavedException;
|
||||||
|
}
|
||||||
|
}
|
||||||
diff --git a/settings.gradle b/settings.gradle
|
diff --git a/settings.gradle b/settings.gradle
|
||||||
index 8861c00..c180376 100644
|
index 8861c008..8dd03423 100644
|
||||||
--- a/settings.gradle
|
--- a/settings.gradle
|
||||||
+++ b/settings.gradle
|
+++ b/settings.gradle
|
||||||
@@ -1,6 +1,6 @@
|
@@ -1,6 +1,5 @@
|
||||||
enableFeaturePreview('VERSION_CATALOGS')
|
enableFeaturePreview('VERSION_CATALOGS')
|
||||||
|
|
||||||
-include ':android'
|
-include ':android'
|
||||||
+
|
|
||||||
|
|
||||||
include 'libsignal-service'
|
include 'libsignal-service'
|
||||||
project(':libsignal-service').projectDir = file('service')
|
project(':libsignal-service').projectDir = file('service')
|
||||||
--
|
--
|
||||||
2.20.1
|
2.30.2
|
||||||
|
|
||||||
|
|
31
update-hashes.py
Normal file
31
update-hashes.py
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
#!/usr/bin/env python3
|
||||||
|
import requests
|
||||||
|
import hashlib
|
||||||
|
import json
|
||||||
|
|
||||||
|
VERSION = "0.17.0"
|
||||||
|
TARGETS = [
|
||||||
|
"aarch64-unknown-linux-gnu",
|
||||||
|
"arm-unknown-linux-gnueabi",
|
||||||
|
"arm-unknown-linux-gnueabihf",
|
||||||
|
"armv7-unknown-linux-gnueabihf",
|
||||||
|
"x86_64-unknown-linux-gnu",
|
||||||
|
"x86_64-apple-darwin",
|
||||||
|
"x86_64-unknown-linux-musl",
|
||||||
|
"aarch64-apple-darwin"
|
||||||
|
]
|
||||||
|
|
||||||
|
urlFormat = "https://gitlab.com/api/v4/groups/6853927/-/packages/maven/org/signald/libsignal-client-{target}/{version}/libsignal-client-{target}-{version}.{ext}"
|
||||||
|
output = {}
|
||||||
|
|
||||||
|
for target in TARGETS:
|
||||||
|
output[target] = {}
|
||||||
|
for ext in ["jar", "module"]:
|
||||||
|
url = urlFormat.format(target=target, version=VERSION, ext=ext)
|
||||||
|
print("fetching {}".format(url))
|
||||||
|
r = requests.get(url, allow_redirects=True)
|
||||||
|
r.raise_for_status()
|
||||||
|
output[target][ext] = hashlib.sha256(r.content).hexdigest()
|
||||||
|
|
||||||
|
with open('hashes.json', 'w') as f:
|
||||||
|
json.dump(output, f, indent=4)
|
38
update-kbs-settings.patch
Normal file
38
update-kbs-settings.patch
Normal file
|
@ -0,0 +1,38 @@
|
||||||
|
From d432b9234521947d7bb07434f69a30b407700f5c Mon Sep 17 00:00:00 2001
|
||||||
|
From: Greyson Parrelli <greyson@signal.org>
|
||||||
|
Date: Thu, 20 Oct 2022 13:12:27 -0400
|
||||||
|
Subject: [PATCH 2/2] [Signal-Android] Updated KBS settings.
|
||||||
|
9941ffe79c2508eb9b1f1fa78b47b84c465d1199
|
||||||
|
|
||||||
|
---
|
||||||
|
.../internal/contacts/crypto/RemoteAttestationCipher.java | 7 ++++++-
|
||||||
|
1 file changed, 6 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/service/src/main/java/org/whispersystems/signalservice/internal/contacts/crypto/RemoteAttestationCipher.java b/service/src/main/java/org/whispersystems/signalservice/internal/contacts/crypto/RemoteAttestationCipher.java
|
||||||
|
index 05073edf..32e86c70 100644
|
||||||
|
--- a/service/src/main/java/org/whispersystems/signalservice/internal/contacts/crypto/RemoteAttestationCipher.java
|
||||||
|
+++ b/service/src/main/java/org/whispersystems/signalservice/internal/contacts/crypto/RemoteAttestationCipher.java
|
||||||
|
@@ -24,6 +24,11 @@ import java.util.Set;
|
||||||
|
|
||||||
|
public final class RemoteAttestationCipher {
|
||||||
|
|
||||||
|
+ private static final Set<String> ALLOWED_ADVISORIES = new HashSet<String>() {{
|
||||||
|
+ add("INTEL-SA-00334");
|
||||||
|
+ add("INTEL-SA-00615");
|
||||||
|
+ }};
|
||||||
|
+
|
||||||
|
private RemoteAttestationCipher() {
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -100,7 +105,7 @@ public final class RemoteAttestationCipher {
|
||||||
|
if ("OK".equals(entity.getIsvEnclaveQuoteStatus())) {
|
||||||
|
return true;
|
||||||
|
} else if ("SW_HARDENING_NEEDED".equals(entity.getIsvEnclaveQuoteStatus())) {
|
||||||
|
- return entity.getAdvisoryIds().length == 1 && "INTEL-SA-00334".equals(entity.getAdvisoryIds()[0]);
|
||||||
|
+ return Arrays.stream(entity.getAdvisoryIds()).allMatch(ALLOWED_ADVISORIES::contains);
|
||||||
|
} else {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.30.2
|
||||||
|
|
20
update-verification-metadata.py
Normal file
20
update-verification-metadata.py
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
#!/usr/bin/env python3
|
||||||
|
import os
|
||||||
|
import json
|
||||||
|
|
||||||
|
filename = "gradle/verification-metadata.xml"
|
||||||
|
with open('../hashes.json') as f:
|
||||||
|
hashes = json.load(f)
|
||||||
|
|
||||||
|
target = os.getenv("TARGET")
|
||||||
|
|
||||||
|
if target not in hashes:
|
||||||
|
raise Exception("Target {} not in known hashes, please update the python script".format(os.getenv("TARGET")))
|
||||||
|
|
||||||
|
with open(filename) as f:
|
||||||
|
template = f.read()
|
||||||
|
|
||||||
|
output = template.format(TARGET=target, TARGET_JAR_SHA256=hashes[target]["jar"], TARGET_MODULE_SHA256=hashes[target]["module"])
|
||||||
|
|
||||||
|
with open(filename, 'w') as f:
|
||||||
|
f.write(output)
|
Loading…
Reference in a new issue