From 26c44733bbd12fb1adc38d260c207a509e33f331 Mon Sep 17 00:00:00 2001 From: Jordan Rose Date: Wed, 3 Sep 2025 18:19:36 -0700 Subject: [PATCH] Update libsignal to v0.79.1 --- Podfile | 4 +- Podfile.lock | 16 +- Pods | 2 +- Signal/Settings.bundle/Acknowledgements.plist | 210 ++++++++++-------- .../Messages/UD/OWSUDManager.swift | 2 +- .../Messages/UD/SMKSecretSessionCipher.swift | 2 +- 6 files changed, 134 insertions(+), 102 deletions(-) diff --git a/Podfile b/Podfile index 23a3428aa3..d04a070d40 100644 --- a/Podfile +++ b/Podfile @@ -11,8 +11,8 @@ source 'https://cdn.cocoapods.org/' pod 'blurhash', podspec: './ThirdParty/blurhash.podspec' pod 'SwiftProtobuf', "1.30.0" -ENV['LIBSIGNAL_FFI_PREBUILD_CHECKSUM'] = '6c7a15a9ac3e50c356b55323b4c1bc9e03cef51ce57a3c8d18bf67dbb08cd2fe' -pod 'LibSignalClient', git: 'https://github.com/signalapp/libsignal.git', tag: 'v0.79.0', testspecs: ["Tests"] +ENV['LIBSIGNAL_FFI_PREBUILD_CHECKSUM'] = 'fdeb143cff398544b3a56d62aac77ee8957f5e3fd9351ba0e744dd95b4ecae01' +pod 'LibSignalClient', git: 'https://github.com/signalapp/libsignal.git', tag: 'v0.79.1', testspecs: ["Tests"] # pod 'LibSignalClient', path: '../libsignal', testspecs: ["Tests"] ENV['RINGRTC_PREBUILD_CHECKSUM'] = '4604a499a0cbafaa3ef668022e7dc48800273f189793425ce91b321efff1a6d3' diff --git a/Podfile.lock b/Podfile.lock index 93176682a9..50e83f5dcc 100644 --- a/Podfile.lock +++ b/Podfile.lock @@ -9,8 +9,8 @@ PODS: - LibMobileCoin/CoreHTTP (6.0.2): - SwiftProtobuf (~> 1.5) - libPhoneNumber-iOS (1.2.0) - - LibSignalClient (0.79.0) - - LibSignalClient/Tests (0.79.0) + - LibSignalClient (0.79.1) + - LibSignalClient/Tests (0.79.1) - libwebp (1.3.2): - libwebp/demux (= 1.3.2) - libwebp/mux (= 1.3.2) @@ -53,8 +53,8 @@ DEPENDENCIES: - GRDB.swift/SQLCipher - LibMobileCoin/CoreHTTP (from `https://github.com/signalapp/libmobilecoin-ios-artifacts`, tag `signal/6.0.2`) - libPhoneNumber-iOS (from `https://github.com/signalapp/libPhoneNumber-iOS`, branch `signal-master`) - - LibSignalClient (from `https://github.com/signalapp/libsignal.git`, tag `v0.79.0`) - - LibSignalClient/Tests (from `https://github.com/signalapp/libsignal.git`, tag `v0.79.0`) + - LibSignalClient (from `https://github.com/signalapp/libsignal.git`, tag `v0.79.1`) + - LibSignalClient/Tests (from `https://github.com/signalapp/libsignal.git`, tag `v0.79.1`) - libwebp (from `./ThirdParty/libwebp.podspec.json`) - lottie-ios - Mantle (from `https://github.com/signalapp/Mantle`, branch `signal-master`) @@ -90,7 +90,7 @@ EXTERNAL SOURCES: :git: https://github.com/signalapp/libPhoneNumber-iOS LibSignalClient: :git: https://github.com/signalapp/libsignal.git - :tag: v0.79.0 + :tag: v0.79.1 libwebp: :podspec: "./ThirdParty/libwebp.podspec.json" Mantle: @@ -121,7 +121,7 @@ CHECKOUT OPTIONS: :git: https://github.com/signalapp/libPhoneNumber-iOS LibSignalClient: :git: https://github.com/signalapp/libsignal.git - :tag: v0.79.0 + :tag: v0.79.1 Mantle: :commit: e7e46253bb01ce39525d90aa69ed9e85e758bfc4 :git: https://github.com/signalapp/Mantle @@ -145,7 +145,7 @@ SPEC CHECKSUMS: GRDB.swift: 1395cb3556df6b16ed69dfc74c3886abc75d2825 LibMobileCoin: 8503f567fa32184a5be7bc038fbd727747dd9991 libPhoneNumber-iOS: 1a34106b49dc6e12a7f37eb9aee7c64011509547 - LibSignalClient: f91b9b65fbe0941b03196de3fbadc43f5d8d260f + LibSignalClient: 9f7fd380f6821169e6b651a741a6cd7c0555b7e4 libwebp: 1b5562124e3ca3336fb7506e76501bed7758963a Logging: beeb016c9c80cf77042d62e83495816847ef108b lottie-ios: fcb5e73e17ba4c983140b7d21095c834b3087418 @@ -158,6 +158,6 @@ SPEC CHECKSUMS: SwiftProtobuf: 3697407f0d5b23bedeba9c2eaaf3ec6fdff69349 YYImage: f1ddd15ac032a58b78bbed1e012b50302d318331 -PODFILE CHECKSUM: 7f9f4b83335dd74380fce6cef314502ebb9b11ea +PODFILE CHECKSUM: b342f2663ccb1e1faa78502c63a7c594e5d5a597 COCOAPODS: 1.15.2 diff --git a/Pods b/Pods index b443f6a746..8d8b8a5876 160000 --- a/Pods +++ b/Pods @@ -1 +1 @@ -Subproject commit b443f6a7463f77e79890df4bae2800c52e994645 +Subproject commit 8d8b8a58762936cd84030308a139e238a15c0f6f diff --git a/Signal/Settings.bundle/Acknowledgements.plist b/Signal/Settings.bundle/Acknowledgements.plist index 6978b569c6..45e8803790 100644 --- a/Signal/Settings.bundle/Acknowledgements.plist +++ b/Signal/Settings.bundle/Acknowledgements.plist @@ -288,7 +288,7 @@ DEALINGS IN THE SOFTWARE. License MIT License Title - adler2 2.0.0, anyhow 1.0.97, anyhow 1.0.98, async-trait 0.1.88, atomic-waker 1.1.2, auto_enums 0.8.7, curve25519-dalek-derive 0.1.1, derive_utils 0.15.0, displaydoc 0.2.5, dyn-clone 1.0.19, fastrand 2.3.0, home 0.5.9, itoa 1.0.15, linkme 0.3.33, linkme-impl 0.3.33, linux-raw-sys 0.9.4, minimal-lexical 0.2.1, num_enum 0.7.3, num_enum_derive 0.7.3, once_cell 1.21.3, paste 1.0.15, pin-project 1.1.10, pin-project-internal 1.1.10, pin-project-lite 0.2.16, prettyplease 0.2.32, proc-macro-crate 3.3.0, proc-macro2 1.0.94, proc-macro2 1.0.95, quote 1.0.40, rustc-hash 1.1.0, rustix 0.38.44, rustix 1.0.5, rustix 1.0.7, rustversion 1.0.20, semver 1.0.26, send_wrapper 0.6.0, serde 1.0.219, serde_derive 1.0.219, serde_json 1.0.140, syn 1.0.109, syn 2.0.100, syn 2.0.101, syn-mid 0.6.0, thiserror 1.0.69, thiserror 2.0.12, thiserror-impl 1.0.69, thiserror-impl 2.0.12, unicode-ident 1.0.18, utf-8 0.7.6 + adler2 2.0.0, anyhow 1.0.97, anyhow 1.0.98, async-trait 0.1.88, atomic-waker 1.1.2, auto_enums 0.8.7, curve25519-dalek-derive 0.1.1, derive_utils 0.15.0, displaydoc 0.2.5, dyn-clone 1.0.19, fastrand 2.3.0, home 0.5.9, itoa 1.0.15, linkme 0.3.33, linkme-impl 0.3.33, linux-raw-sys 0.9.4, minimal-lexical 0.2.1, num_enum 0.7.3, num_enum_derive 0.7.3, once_cell 1.21.3, paste 1.0.15, pin-project 1.1.10, pin-project-internal 1.1.10, pin-project-lite 0.2.16, prettyplease 0.2.32, proc-macro-crate 3.3.0, proc-macro2 1.0.94, proc-macro2 1.0.95, quote 1.0.40, rustix 0.38.44, rustix 1.0.5, rustix 1.0.7, rustversion 1.0.20, semver 1.0.26, send_wrapper 0.6.0, serde 1.0.219, serde_derive 1.0.219, serde_json 1.0.140, syn 1.0.109, syn 2.0.100, syn 2.0.101, syn-mid 0.6.0, thiserror 1.0.69, thiserror 2.0.12, thiserror-impl 1.0.69, thiserror-impl 2.0.12, unicode-ident 1.0.18, utf-8 0.7.6 Type PSGroupSpecifier @@ -1123,7 +1123,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. License BSD 3-Clause "New" or "Revised" License Title - bindgen 0.70.1 + bindgen 0.72.0 Type PSGroupSpecifier @@ -1338,7 +1338,65 @@ limitations under the License. License Apache License 2.0 Title - boring 4.15.0 + boring 4.18.0 + Type + PSGroupSpecifier + + + FooterText + Copyright (c) 2014 Alex Crichton +Copyright (c) 2020 Ivan Nikulin <ifaaan@gmail.com> + +Permission is hereby granted, free of charge, to any +person obtaining a copy of this software and associated +documentation files (the "Software"), to deal in the +Software without restriction, including without +limitation the rights to use, copy, modify, merge, +publish, distribute, sublicense, and/or sell copies of +the Software, and to permit persons to whom the Software +is furnished to do so, subject to the following +conditions: + +The above copyright notice and this permission notice +shall be included in all copies or substantial portions +of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF +ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED +TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A +PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT +SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR +IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER +DEALINGS IN THE SOFTWARE. + + License + MIT License + Title + boring-sys 4.18.0 + Type + PSGroupSpecifier + + + FooterText + /* Copyright (c) 2015, Google Inc. + * + * Permission to use, copy, modify, and/or distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY + * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION + * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN + * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ + License + ISC License + Title + boring-sys 4.18.0 Type PSGroupSpecifier @@ -1400,7 +1458,7 @@ limitations under the License. License OpenSSL License Title - boring-sys 4.15.0 + boring-sys 4.18.0 Type PSGroupSpecifier @@ -1429,65 +1487,7 @@ SOFTWARE. License MIT License Title - boring-sys 4.15.0 - Type - PSGroupSpecifier - - - FooterText - /* Copyright (c) 2015, Google Inc. - * - * Permission to use, copy, modify, and/or distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY - * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION - * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN - * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ - License - ISC License - Title - boring-sys 4.15.0 - Type - PSGroupSpecifier - - - FooterText - Copyright (c) 2014 Alex Crichton -Copyright (c) 2020 Ivan Nikulin <ifaaan@gmail.com> - -Permission is hereby granted, free of charge, to any -person obtaining a copy of this software and associated -documentation files (the "Software"), to deal in the -Software without restriction, including without -limitation the rights to use, copy, modify, merge, -publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software -is furnished to do so, subject to the following -conditions: - -The above copyright notice and this permission notice -shall be included in all copies or substantial portions -of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF -ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED -TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A -PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT -SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR -IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER -DEALINGS IN THE SOFTWARE. - - License - MIT License - Title - boring-sys 4.15.0 + boring-sys 4.18.0 Type PSGroupSpecifier @@ -2924,7 +2924,7 @@ DEALINGS IN THE SOFTWARE. License MIT License Title - either 1.15.0, itertools 0.13.0, itertools 0.14.0, petgraph 0.7.1, serde_with 3.12.0, serde_with_macros 3.12.0 + either 1.15.0, itertools 0.10.5, itertools 0.14.0, petgraph 0.7.1, serde_with 3.12.0, serde_with_macros 3.12.0 Type PSGroupSpecifier @@ -10106,29 +10106,6 @@ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND Type PSGroupSpecifier - - FooterText - Copyright 2015-2025 Brian Smith. - -Permission to use, copy, modify, and/or distribute this software for any -purpose with or without fee is hereby granted, provided that the above -copyright notice and this permission notice appear in all copies. - -THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY -SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION -OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN -CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - - License - ISC License - Title - ring 0.17.14 - Type - PSGroupSpecifier - FooterText @@ -10411,6 +10388,29 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Type PSGroupSpecifier + + FooterText + Copyright 2015-2025 Brian Smith. + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY +SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION +OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN +CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + + License + ISC License + Title + ring 0.17.14 + Type + PSGroupSpecifier + FooterText Copyright (c) 2017, Mozilla @@ -10451,6 +10451,38 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Type PSGroupSpecifier + + FooterText + Permission is hereby granted, free of charge, to any +person obtaining a copy of this software and associated +documentation files (the "Software"), to deal in the +Software without restriction, including without +limitation the rights to use, copy, modify, merge, +publish, distribute, sublicense, and/or sell copies of +the Software, and to permit persons to whom the Software +is furnished to do so, subject to the following +conditions: + +The above copyright notice and this permission notice +shall be included in all copies or substantial portions +of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF +ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED +TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A +PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT +SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR +IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER +DEALINGS IN THE SOFTWARE. + License + MIT License + Title + rustc-hash 2.1.1 + Type + PSGroupSpecifier + FooterText Copyright (c) 2016 The Rust Project Developers @@ -11786,7 +11818,7 @@ SOFTWARE. License MIT License Title - snow 0.9.6 + snow 0.10.0 Type PSGroupSpecifier @@ -12556,7 +12588,7 @@ DEALINGS IN THE SOFTWARE. License MIT License Title - tokio-boring 4.15.0 + tokio-boring 4.18.0 Type PSGroupSpecifier diff --git a/SignalServiceKit/Messages/UD/OWSUDManager.swift b/SignalServiceKit/Messages/UD/OWSUDManager.swift index 39ba84bd1a..2ed4573ce0 100644 --- a/SignalServiceKit/Messages/UD/OWSUDManager.swift +++ b/SignalServiceKit/Messages/UD/OWSUDManager.swift @@ -428,7 +428,7 @@ public class OWSUDManagerImpl: OWSUDManager { let nowMs = NSDate.ows_millisecondTimeStamp() let anHourFromNowMs = nowMs + UInt64.hourInMs - guard try certificate.validate(trustRoot: trustRoot, time: anHourFromNowMs) else { + guard certificate.validate(trustRoot: trustRoot, time: anHourFromNowMs) else { throw OWSUDError.invalidData(description: "Sender certificate failed validation") } } diff --git a/SignalServiceKit/Messages/UD/SMKSecretSessionCipher.swift b/SignalServiceKit/Messages/UD/SMKSecretSessionCipher.swift index 58cc95ef68..e35777da76 100644 --- a/SignalServiceKit/Messages/UD/SMKSecretSessionCipher.swift +++ b/SignalServiceKit/Messages/UD/SMKSecretSessionCipher.swift @@ -205,7 +205,7 @@ public class SMKSecretSessionCipher: NSObject { do { // validator.validate(content.getSenderCertificate(), timestamp); - guard try messageContent.senderCertificate.validate(trustRoot: trustRoot, time: timestamp) else { + guard messageContent.senderCertificate.validate(trustRoot: trustRoot, time: timestamp) else { throw SMKSecretSessionCipherError.invalidCertificate }