Use temp auth keys for address verification

2025-06-16 05:55:20 +00:00 · 2021-12-22 16:38:18 +04:00 · 2021-12-22 16:38:18 +04:00 · 216ddc4a6e
commit 216ddc4a6e
parent e85144997f
11 changed files with 71 additions and 54 deletions
--- a/submodules/MtProtoKit/PublicHeaders/MtProtoKit/MTContext.h
+++ b/submodules/MtProtoKit/PublicHeaders/MtProtoKit/MTContext.h
@ -110,7 +110,7 @@
 - (void)updateAuthTokenForDatacenterWithId:(NSInteger)datacenterId authToken:(id _Nullable)authToken;

 - (void)addressSetForDatacenterWithIdRequired:(NSInteger)datacenterId;
- (void)authInfoForDatacenterWithIdRequired:(NSInteger)datacenterId isCdn:(bool)isCdn selector:(MTDatacenterAuthInfoSelector)selector;
+- (void)authInfoForDatacenterWithIdRequired:(NSInteger)datacenterId isCdn:(bool)isCdn selector:(MTDatacenterAuthInfoSelector)selector allowUnboundEphemeralKeys:(bool)allowUnboundEphemeralKeys;
 - (void)authTokenForDatacenterWithIdRequired:(NSInteger)datacenterId authToken:(id _Nullable)authToken masterDatacenterId:(NSInteger)masterDatacenterId;

 - (void)reportProblemsWithDatacenterAddressForId:(NSInteger)datacenterId address:(MTDatacenterAddress * _Nonnull)address;
--- a/submodules/MtProtoKit/PublicHeaders/MtProtoKit/MTDatacenterAuthAction.h
+++ b/submodules/MtProtoKit/PublicHeaders/MtProtoKit/MTDatacenterAuthAction.h
@ -7,7 +7,7 @@

@interface MTDatacenterAuthAction : NSObject

- (instancetype)initWithAuthKeyInfoSelector:(MTDatacenterAuthInfoSelector)authKeyInfoSelector isCdn:(bool)isCdn completion:(void (^)(MTDatacenterAuthAction *, bool))completion;
+- (instancetype)initWithAuthKeyInfoSelector:(MTDatacenterAuthInfoSelector)authKeyInfoSelector isCdn:(bool)isCdn skipBind:(bool)skipBind completion:(void (^)(MTDatacenterAuthAction *, bool))completion;

 - (void)execute:(MTContext *)context datacenterId:(NSInteger)datacenterId;
 - (void)cancel;
--- a/submodules/MtProtoKit/PublicHeaders/MtProtoKit/MTProto.h
+++ b/submodules/MtProtoKit/PublicHeaders/MtProtoKit/MTProto.h
@ -47,6 +47,7 @@
@property (nonatomic) bool media;
@property (nonatomic) bool enforceMedia;
@property (nonatomic) bool cdn;
+@property (nonatomic) bool allowUnboundEphemeralKeys;
@property (nonatomic) bool checkForProxyConnectionIssues;
@property (nonatomic) bool canResetAuthData;
@property (nonatomic) id requiredAuthToken;
--- a/submodules/MtProtoKit/Sources/MTBackupAddressSignals.m
+++ b/submodules/MtProtoKit/Sources/MTBackupAddressSignals.m
@ -247,9 +247,8 @@ static NSString *makeRandomPadding() {
    }
    
    MTProto *mtProto = [[MTProto alloc] initWithContext:context datacenterId:address.datacenterId usageCalculationInfo:nil requiredAuthToken:nil authTokenMasterDatacenterId:0];
-    if (address.datacenterId != 0) {
-        mtProto.useTempAuthKeys = currentContext.useTempAuthKeys;
-    }
+    mtProto.useTempAuthKeys = true;
+    mtProto.allowUnboundEphemeralKeys = true;
    MTRequestMessageService *requestService = [[MTRequestMessageService alloc] initWithContext:context];
    [mtProto addMessageService:requestService];
    
--- a/submodules/MtProtoKit/Sources/MTContext.m
+++ b/submodules/MtProtoKit/Sources/MTContext.m
@ -1305,7 +1305,7 @@ static int32_t fixedTimeDifferenceValue = 0;
    }];
 }

- (void)authInfoForDatacenterWithIdRequired:(NSInteger)datacenterId isCdn:(bool)isCdn selector:(MTDatacenterAuthInfoSelector)selector
+- (void)authInfoForDatacenterWithIdRequired:(NSInteger)datacenterId isCdn:(bool)isCdn selector:(MTDatacenterAuthInfoSelector)selector allowUnboundEphemeralKeys:(bool)allowUnboundEphemeralKeys
 {
    [[MTContext contextQueue] dispatchOnQueue:^
    {
@ -1314,7 +1314,7 @@ static int32_t fixedTimeDifferenceValue = 0;
        if (_datacenterAuthActions[infoKey] == nil)
        {
            __weak MTContext *weakSelf = self;
-            MTDatacenterAuthAction *authAction = [[MTDatacenterAuthAction alloc] initWithAuthKeyInfoSelector:selector isCdn:isCdn completion:^(MTDatacenterAuthAction *action, __unused bool success) {
+            MTDatacenterAuthAction *authAction = [[MTDatacenterAuthAction alloc] initWithAuthKeyInfoSelector:selector isCdn:isCdn skipBind:allowUnboundEphemeralKeys completion:^(MTDatacenterAuthAction *action, __unused bool success) {
                [[MTContext contextQueue] dispatchOnQueue:^{
                    __strong MTContext *strongSelf = weakSelf;
                    if (strongSelf == nil) {
@ -1334,8 +1334,8 @@ static int32_t fixedTimeDifferenceValue = 0;
            switch (selector) {
                case MTDatacenterAuthInfoSelectorEphemeralMain:
                case MTDatacenterAuthInfoSelectorEphemeralMedia: {
-                    if ([self authInfoForDatacenterWithId:datacenterId selector:MTDatacenterAuthInfoSelectorPersistent] == nil) {
-                        [self authInfoForDatacenterWithIdRequired:datacenterId isCdn:false selector:MTDatacenterAuthInfoSelectorPersistent];
+                    if ([self authInfoForDatacenterWithId:datacenterId selector:MTDatacenterAuthInfoSelectorPersistent] == nil && !allowUnboundEphemeralKeys) {
+                        [self authInfoForDatacenterWithIdRequired:datacenterId isCdn:false selector:MTDatacenterAuthInfoSelectorPersistent allowUnboundEphemeralKeys:false];
                    } else {
                        [authAction execute:self datacenterId:datacenterId];
                    }
--- a/submodules/MtProtoKit/Sources/MTDatacenterAuthAction.m
+++ b/submodules/MtProtoKit/Sources/MTDatacenterAuthAction.m
@ -20,6 +20,7 @@
    void (^_completion)(MTDatacenterAuthAction *, bool);
    
    bool _isCdn;
+    bool _skipBind;
    MTDatacenterAuthInfoSelector _authKeyInfoSelector;
    
    NSInteger _datacenterId;
@ -34,11 +35,12 @@

@implementation MTDatacenterAuthAction

- (instancetype)initWithAuthKeyInfoSelector:(MTDatacenterAuthInfoSelector)authKeyInfoSelector isCdn:(bool)isCdn completion:(void (^)(MTDatacenterAuthAction *, bool))completion {
+- (instancetype)initWithAuthKeyInfoSelector:(MTDatacenterAuthInfoSelector)authKeyInfoSelector isCdn:(bool)isCdn skipBind:(bool)skipBind completion:(void (^)(MTDatacenterAuthAction *, bool))completion {
    self = [super init];
    if (self != nil) {
        _authKeyInfoSelector = authKeyInfoSelector;
        _isCdn = isCdn;
+        _skipBind = skipBind;
        _completion = [completion copy];
    }
    return self;
@ -114,45 +116,53 @@
        case MTDatacenterAuthInfoSelectorEphemeralMedia: {
            MTContext *mainContext = _context;
            if (mainContext != nil) {
-                MTDatacenterAuthInfo *persistentAuthInfo = [mainContext authInfoForDatacenterWithId:_datacenterId selector:MTDatacenterAuthInfoSelectorPersistent];
-                if (persistentAuthInfo != nil) {
-                    _bindMtProto = [[MTProto alloc] initWithContext:mainContext datacenterId:_datacenterId usageCalculationInfo:nil requiredAuthToken:nil authTokenMasterDatacenterId:0];
-                    _bindMtProto.cdn = false;
-                    _bindMtProto.useUnauthorizedMode = false;
-                    _bindMtProto.useTempAuthKeys = true;
-                    _bindMtProto.useExplicitAuthKey = authKey;
+                if (_skipBind) {
+                    MTDatacenterAuthInfo *authInfo = [[MTDatacenterAuthInfo alloc] initWithAuthKey:authKey.authKey authKeyId:authKey.authKeyId saltSet:@[[[MTDatacenterSaltInfo alloc] initWithSalt:0 firstValidMessageId:timestamp lastValidMessageId:timestamp + (29.0 * 60.0) * 4294967296]] authKeyAttributes:nil];
                    
-                    switch (_authKeyInfoSelector) {
-                        case MTDatacenterAuthInfoSelectorEphemeralMain:
-                            _bindMtProto.media = false;
-                            break;
-                        case MTDatacenterAuthInfoSelectorEphemeralMedia:
-                            _bindMtProto.media = true;
-                            _bindMtProto.enforceMedia = true;
-                            break;
-                        default:
-                            break;
-                    }
+                    [_context updateAuthInfoForDatacenterWithId:_datacenterId authInfo:authInfo selector:_authKeyInfoSelector];
                    
-                    __weak MTDatacenterAuthAction *weakSelf = self;
-                    [_bindMtProto addMessageService:[[MTBindKeyMessageService alloc] initWithPersistentKey:[[MTDatacenterAuthKey alloc] initWithAuthKey:persistentAuthInfo.authKey authKeyId:persistentAuthInfo.authKeyId notBound:false] ephemeralKey:authKey completion:^(bool success) {
-                        __strong MTDatacenterAuthAction *strongSelf = weakSelf;
-                        if (strongSelf == nil) {
-                            return;
-                        }
-                        [strongSelf->_bindMtProto stop];
+                    [self complete];
+                } else {
+                    MTDatacenterAuthInfo *persistentAuthInfo = [mainContext authInfoForDatacenterWithId:_datacenterId selector:MTDatacenterAuthInfoSelectorPersistent];
+                    if (persistentAuthInfo != nil) {
+                        _bindMtProto = [[MTProto alloc] initWithContext:mainContext datacenterId:_datacenterId usageCalculationInfo:nil requiredAuthToken:nil authTokenMasterDatacenterId:0];
+                        _bindMtProto.cdn = false;
+                        _bindMtProto.useUnauthorizedMode = false;
+                        _bindMtProto.useTempAuthKeys = true;
+                        _bindMtProto.useExplicitAuthKey = authKey;
                        
-                        if (success) {
-                            MTDatacenterAuthInfo *authInfo = [[MTDatacenterAuthInfo alloc] initWithAuthKey:authKey.authKey authKeyId:authKey.authKeyId saltSet:@[[[MTDatacenterSaltInfo alloc] initWithSalt:0 firstValidMessageId:timestamp lastValidMessageId:timestamp + (29.0 * 60.0) * 4294967296]] authKeyAttributes:nil];
-                            
-                            [strongSelf->_context updateAuthInfoForDatacenterWithId:strongSelf->_datacenterId authInfo:authInfo selector:strongSelf->_authKeyInfoSelector];
-                            
-                            [strongSelf complete];
-                        } else {
-                            [strongSelf fail];
+                        switch (_authKeyInfoSelector) {
+                            case MTDatacenterAuthInfoSelectorEphemeralMain:
+                                _bindMtProto.media = false;
+                                break;
+                            case MTDatacenterAuthInfoSelectorEphemeralMedia:
+                                _bindMtProto.media = true;
+                                _bindMtProto.enforceMedia = true;
+                                break;
+                            default:
+                                break;
                        }
-                    }]];
-                    [_bindMtProto resume];
+                        
+                        __weak MTDatacenterAuthAction *weakSelf = self;
+                        [_bindMtProto addMessageService:[[MTBindKeyMessageService alloc] initWithPersistentKey:[[MTDatacenterAuthKey alloc] initWithAuthKey:persistentAuthInfo.authKey authKeyId:persistentAuthInfo.authKeyId notBound:false] ephemeralKey:authKey completion:^(bool success) {
+                            __strong MTDatacenterAuthAction *strongSelf = weakSelf;
+                            if (strongSelf == nil) {
+                                return;
+                            }
+                            [strongSelf->_bindMtProto stop];
+                            
+                            if (success) {
+                                MTDatacenterAuthInfo *authInfo = [[MTDatacenterAuthInfo alloc] initWithAuthKey:authKey.authKey authKeyId:authKey.authKeyId saltSet:@[[[MTDatacenterSaltInfo alloc] initWithSalt:0 firstValidMessageId:timestamp lastValidMessageId:timestamp + (29.0 * 60.0) * 4294967296]] authKeyAttributes:nil];
+                                
+                                [strongSelf->_context updateAuthInfoForDatacenterWithId:strongSelf->_datacenterId authInfo:authInfo selector:strongSelf->_authKeyInfoSelector];
+                                
+                                [strongSelf complete];
+                            } else {
+                                [strongSelf fail];
+                            }
+                        }]];
+                        [_bindMtProto resume];
+                    }
                }
            }
        }
--- a/submodules/MtProtoKit/Sources/MTDiscoverConnectionSignals.m
+++ b/submodules/MtProtoKit/Sources/MTDiscoverConnectionSignals.m
@ -249,7 +249,7 @@
        MTMetaDisposable *disposable = [[MTMetaDisposable alloc] init];
        
        [[MTContext contextQueue] dispatchOnQueue:^{
-            MTDatacenterAuthAction *action = [[MTDatacenterAuthAction alloc] initWithAuthKeyInfoSelector:MTDatacenterAuthInfoSelectorEphemeralMain isCdn:false completion:^(__unused MTDatacenterAuthAction *action, bool success) {
+            MTDatacenterAuthAction *action = [[MTDatacenterAuthAction alloc] initWithAuthKeyInfoSelector:MTDatacenterAuthInfoSelectorEphemeralMain isCdn:false skipBind:false completion:^(__unused MTDatacenterAuthAction *action, bool success) {
                [subscriber putNext:@(!success)];
                [subscriber putCompletion];
            }];
--- a/submodules/MtProtoKit/Sources/MTDiscoverDatacenterAddressAction.m
+++ b/submodules/MtProtoKit/Sources/MTDiscoverDatacenterAddressAction.m
@ -119,7 +119,7 @@
        }
        else {
            
-            [context authInfoForDatacenterWithIdRequired:_targetDatacenterId isCdn:false selector:MTDatacenterAuthInfoSelectorPersistent];
+            [context authInfoForDatacenterWithIdRequired:_targetDatacenterId isCdn:false selector:MTDatacenterAuthInfoSelectorPersistent allowUnboundEphemeralKeys:false];
        }
    }
 }
--- a/submodules/MtProtoKit/Sources/MTProto.m
+++ b/submodules/MtProtoKit/Sources/MTProto.m
@ -875,7 +875,7 @@ static const NSUInteger MTMaxUnacknowledgedMessageCount = 64;
                } else {
                    [_context performBatchUpdates:^{
                        [_context updateAuthInfoForDatacenterWithId:_datacenterId authInfo:nil selector:selector];
-                        [_context authInfoForDatacenterWithIdRequired:_datacenterId isCdn:_cdn selector:selector];
+                        [_context authInfoForDatacenterWithIdRequired:_datacenterId isCdn:_cdn selector:selector allowUnboundEphemeralKeys:_allowUnboundEphemeralKeys];
                    }];
                    _mtState |= MTProtoStateAwaitingDatacenterAuthorization;
                    _awaitingAuthInfoForSelector = @(selector);
@ -2064,7 +2064,7 @@ static NSString *dumpHexString(NSData *data, int maxLength) {
        
        [_context performBatchUpdates:^{
            [_context updateAuthInfoForDatacenterWithId:_datacenterId authInfo:nil selector:authInfoSelector];
-            [_context authInfoForDatacenterWithIdRequired:_datacenterId isCdn:true selector:authInfoSelector];
+            [_context authInfoForDatacenterWithIdRequired:_datacenterId isCdn:true selector:authInfoSelector  allowUnboundEphemeralKeys:_allowUnboundEphemeralKeys];
        }];
        _mtState |= MTProtoStateAwaitingDatacenterAuthorization;
        _awaitingAuthInfoForSelector = @(authInfoSelector);
@ -2078,7 +2078,7 @@ static NSString *dumpHexString(NSData *data, int maxLength) {
            [_context removeTokenForDatacenterWithId:_datacenterId];
            [_context performBatchUpdates:^{
                [_context updateAuthInfoForDatacenterWithId:_datacenterId authInfo:nil selector:authInfoSelector];
-                [_context authInfoForDatacenterWithIdRequired:_datacenterId isCdn:false selector:authInfoSelector];
+                [_context authInfoForDatacenterWithIdRequired:_datacenterId isCdn:false selector:authInfoSelector  allowUnboundEphemeralKeys:_allowUnboundEphemeralKeys];
            }];
            _mtState |= MTProtoStateAwaitingDatacenterAuthorization;
            _awaitingAuthInfoForSelector = @(authInfoSelector);
@ -2087,7 +2087,7 @@ static NSString *dumpHexString(NSData *data, int maxLength) {
            
            [_context performBatchUpdates:^{
                [_context updateAuthInfoForDatacenterWithId:_datacenterId authInfo:nil selector:authInfoSelector];
-                [_context authInfoForDatacenterWithIdRequired:_datacenterId isCdn:false selector:authInfoSelector];
+                [_context authInfoForDatacenterWithIdRequired:_datacenterId isCdn:false selector:authInfoSelector  allowUnboundEphemeralKeys:_allowUnboundEphemeralKeys];
            }];
            _mtState |= MTProtoStateAwaitingDatacenterAuthorization;
            _awaitingAuthInfoForSelector = @(authInfoSelector);
@ -2099,7 +2099,7 @@ static NSString *dumpHexString(NSData *data, int maxLength) {
                    
                    [_context performBatchUpdates:^{
                        [_context updateAuthInfoForDatacenterWithId:_datacenterId authInfo:nil selector:authInfoSelector];
-                        [_context authInfoForDatacenterWithIdRequired:_datacenterId isCdn:false selector:authInfoSelector];
+                        [_context authInfoForDatacenterWithIdRequired:_datacenterId isCdn:false selector:authInfoSelector  allowUnboundEphemeralKeys:_allowUnboundEphemeralKeys];
                    }];
                    _mtState |= MTProtoStateAwaitingDatacenterAuthorization;
                    _awaitingAuthInfoForSelector = @(authInfoSelector);
--- a/submodules/TelegramCore/Sources/Account/Account.swift
+++ b/submodules/TelegramCore/Sources/Account/Account.swift
@ -113,7 +113,7 @@ public class UnauthorizedAccount {
            }
            for id in datacenterIds {
                if network.context.authInfoForDatacenter(withId: id, selector: .persistent) == nil {
-                    network.context.authInfoForDatacenter(withIdRequired: id, isCdn: false, selector: .ephemeralMain)
+                    network.context.authInfoForDatacenter(withIdRequired: id, isCdn: false, selector: .ephemeralMain, allowUnboundEphemeralKeys: false)
                }
            }
            network.context.beginExplicitBackupAddressDiscovery()
--- a/submodules/TelegramCore/Sources/Network/Network.swift
+++ b/submodules/TelegramCore/Sources/Network/Network.swift
@ -516,7 +516,14 @@ func initializedNetwork(accountId: AccountRecordId, arguments: NetworkInitializa
                }
            }
            #endif
-            context.setDiscoverBackupAddressListSignal(MTBackupAddressSignals.fetchBackupIps(testingEnvironment, currentContext: context, additionalSource: wrappedAdditionalSource, phoneNumber: phoneNumber))
+            
+            if !supplementary {
+                context.setDiscoverBackupAddressListSignal(MTBackupAddressSignals.fetchBackupIps(testingEnvironment, currentContext: context, additionalSource: wrappedAdditionalSource, phoneNumber: phoneNumber))
+            }
+            
+            /*#if DEBUG
+            context.beginExplicitBackupAddressDiscovery()
+            #endif*/
            
            let mtProto = MTProto(context: context, datacenterId: datacenterId, usageCalculationInfo: usageCalculationInfo(basePath: basePath, category: nil), requiredAuthToken: nil, authTokenMasterDatacenterId: 0)!
            mtProto.useTempAuthKeys = context.useTempAuthKeys