Merge branch 'release/0.19.6/master'

.github/workflows/ci-lint.yml

@@ -0,0 +1,42 @@
+name: Lint CI
+
+on:
+ # Triggers the workflow on any pull request and push to develop
+ push:
+ branches: [ develop ]
+ pull_request:
+
+ # Allows you to run this workflow manually from the Actions tab
+ workflow_dispatch:
+
+jobs:
+ lint:
+ name: pod lib lint
+ runs-on: macos-latest
+ steps:
+ # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+ - uses: actions/checkout@v2
+
+ # Common cache
+ # Note: GH actions do not support yaml anchor yet. We need to duplicate this for every job
+ - uses: actions/cache@v2
+ with:
+ path: Pods
+ key: ${{ runner.os }}-pods-${{ hashFiles('**/Podfile.lock') }}
+ restore-keys: |
+ ${{ runner.os }}-pods-
+ - uses: actions/cache@v2
+ with:
+ path: vendor/bundle
+ key: ${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}
+ restore-keys: |
+ ${{ runner.os }}-gems-
+ # Common setup
+ # Note: GH actions do not support yaml anchor yet. We need to duplicate this for every job
+ - name: Bundle install
+ run: |
+ bundle config path vendor/bundle
+ bundle install --jobs 4 --retry 3
+ # Main step
+ - name: Lint MatrixSDK.podspec
+ run: bundle exec fastlane lint_pods

.github/workflows/ci.yml → .github/workflows/ci-unit-tests.yml

@@ -1,4 +1,4 @@
-name: CI
+name: Unit Tests CI
 
 on:
  # Triggers the workflow on any pull request and push to develop
@@ -56,37 +56,3 @@ jobs:
  with:
  name: MatrixSDK-macOS.xcresult
  path: build/test/MatrixSDK-macOS.xcresult/
-
-
- lint:
- name: pod lib lint
- runs-on: macos-latest
- steps:
- # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- - uses: actions/checkout@v2
-
- # Common cache
- # Note: GH actions do not support yaml anchor yet. We need to duplicate this for every job
- - uses: actions/cache@v2
- with:
- path: Pods
- key: ${{ runner.os }}-pods-${{ hashFiles('**/Podfile.lock') }}
- restore-keys: |
- ${{ runner.os }}-pods-
- - uses: actions/cache@v2
- with:
- path: vendor/bundle
- key: ${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}
- restore-keys: |
- ${{ runner.os }}-gems-
-
- # Common setup
- # Note: GH actions do not support yaml anchor yet. We need to duplicate this for every job
- - name: Bundle install
- run: |
- bundle config path vendor/bundle
- bundle install --jobs 4 --retry 3
-
- # Main step
- - name: Lint MatrixSDK.podspec
- run: bundle exec fastlane lint_pods

CHANGES.rst

@@ -1,3 +1,33 @@
+Changes in 0.19.6 (2021-07-29)
+=================================================
+
+✨ Features
+ * 
+
+🙌 Improvements
+ * 
+
+🐛 Bugfix
+ * MXCryptoStore: Keep current store version after resetting data to avoid dead state on an initial sync (vector-im/element-ios/issues/4594).
+ * Prevent session pause until reject/hangup event is sent (vector-im/element-ios/issues/4612).
+ * Only post identity server changed notification if the server actually changed.
+ * Fix audio routing issues for Bluetooth devices (vector-im/element-ios/issues/4622).
+
+⚠️ API Changes
+ * 
+
+🗣 Translations
+ * 
+
+🧱 Build
+ * 
+
+Others
+ * Separated CI jobs into individual actions
+
+Improvements:
+
+
 Changes in 0.19.5 (2021-07-22)
 =================================================
 

MatrixSDK.podspec

@@ -1,7 +1,7 @@
 Pod::Spec.new do |s|
 
  s.name = "MatrixSDK"
- s.version = "0.19.5"
+ s.version = "0.19.6"
  s.summary = "The iOS SDK to build apps compatible with Matrix (https://www.matrix.org)"
 
  s.description = <<-DESC

MatrixSDK/Crypto/Data/MXEncryptedAttachments.h

@@ -64,10 +64,13 @@ extern NSString *const MXEncryptedAttachmentsErrorDomain;
  @param fileInfo The file information block
  @param inputStream A stream of the ciphertext
  @param outputStream Stream to write the plaintext to
- @returns NSError nil on success, otherwise an error describing what went wrong
+ @param success Called when decryption finishes, on the main thread.
+ @param failure Called if encountering errors, on the main thread.
  */
-+ (NSError *)decryptAttachment:(MXEncryptedContentFile *)fileInfo
++ (void)decryptAttachment:(MXEncryptedContentFile *)fileInfo
  inputStream:(NSInputStream *)inputStream
- outputStream:(NSOutputStream *)outputStream;
+ outputStream:(NSOutputStream *)outputStream
+ success:(void(^)(void))success
+ failure:(void(^)(NSError *))failure;
 
 @end

MatrixSDK/Crypto/Data/MXEncryptedAttachments.m

@@ -179,105 +179,130 @@ + (void)encryptAttachment:(MXMediaLoader *)uploader
 
 #pragma mark decrypt
 
-+ (NSError *)decryptAttachment:(MXEncryptedContentFile *)fileInfo
++ (void)decryptAttachment:(MXEncryptedContentFile *)fileInfo
  inputStream:(NSInputStream *)inputStream
- outputStream:(NSOutputStream *)outputStream {
+ outputStream:(NSOutputStream *)outputStream
+ success:(void(^)(void))success
+ failure:(void(^)(NSError *))failure {
  // NB. We don;t check the 'v' field here: future versions should be backwards compatible so we try to decode
  // whatever the version is. We can only really decode v1, but the difference is the IV wraparound so we can try
  // decoding v0 attachments and the worst that will happen is that it won't work.
  if (!fileInfo.key)
  {
- return [NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"missing_key"}];
+ failure([NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"missing_key"}]);
+ return;
  }
  if (![fileInfo.key.alg isEqualToString:@"A256CTR"])
  {
- return [NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"missing_or_incorrect_key_alg"}];
+ failure([NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"missing_or_incorrect_key_alg"}]);
+ return;
  }
  if (!fileInfo.key.k)
  {
- return [NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"missing_key_data"}];
+ failure([NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"missing_key_data"}]);
+ return;
  }
  if (!fileInfo.iv)
  {
- return [NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"missing_iv"}];
+ failure([NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"missing_iv"}]);
+ return;
  }
  if (!fileInfo.hashes)
  {
- return [NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"missing_hashes"}];
+ failure([NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"missing_hashes"}]);
+ return;
  }
  if (!fileInfo.hashes[@"sha256"])
  {
- return [NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"missing_sha256_hash"}];
+ failure([NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"missing_sha256_hash"}]);
+ return;
  }
 
  NSData *keyData = [[NSData alloc] initWithBase64EncodedString:[MXBase64Tools base64UrlToBase64:fileInfo.key.k]
  options:0];
  if (!keyData || keyData.length != kCCKeySizeAES256)
  {
- return [NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"bad_key_data"}];
+ failure([NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"bad_key_data"}]);
+ return;
  }
 
  NSData *ivData = [[NSData alloc] initWithBase64EncodedString:[MXBase64Tools padBase64:fileInfo.iv] options:0];
  if (!ivData || ivData.length != kCCBlockSizeAES128)
  {
- return [NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"bad_iv_data"}];
- }
-
- CCCryptorRef cryptor;
- CCCryptorStatus status;
-
- status = CCCryptorCreateWithMode(kCCDecrypt, kCCModeCTR, kCCAlgorithmAES,
- ccNoPadding, ivData.bytes, keyData.bytes, kCCKeySizeAES256,
- NULL, 0, 0, kCCModeOptionCTR_BE, &cryptor);
- if (status != kCCSuccess)
- {
- return [NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"error_creating_cryptor"}];
+ failure([NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"bad_iv_data"}]);
+ return;
  }
 
- [inputStream open];
- [outputStream open];
-
- size_t buflen = 4096;
- uint8_t *ctbuf = malloc(buflen);
- uint8_t *ptbuf = malloc(buflen);
-
- CC_SHA256_CTX sha256ctx;
- CC_SHA256_Init(&sha256ctx);
-
- NSInteger bytesRead;
- size_t bytesProduced;
- while ( (bytesRead = [inputStream read:ctbuf maxLength:buflen]) > 0)
- {
- status = CCCryptorUpdate(cryptor, ctbuf, bytesRead, ptbuf, buflen, &bytesProduced);
- if (status != kCCSuccess) {
- free(ptbuf);
- free(ctbuf);
- CCCryptorRelease(cryptor);
- return [NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"error_decrypting"}];
+ dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_BACKGROUND, 0), ^{
+
+ CCCryptorRef cryptor;
+ CCCryptorStatus status;
+
+ status = CCCryptorCreateWithMode(kCCDecrypt, kCCModeCTR, kCCAlgorithmAES,
+ ccNoPadding, ivData.bytes, keyData.bytes, kCCKeySizeAES256,
+ NULL, 0, 0, kCCModeOptionCTR_BE, &cryptor);
+ if (status != kCCSuccess)
+ {
+ dispatch_async(dispatch_get_main_queue(), ^{
+ failure([NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"error_creating_cryptor"}]);
+ });
+ return;
  }
 
- [outputStream write:ptbuf maxLength:bytesProduced];
+ [inputStream open];
+ [outputStream open];
 
- CC_SHA256_Update(&sha256ctx, ctbuf, (CC_LONG)bytesRead);
- }
- free(ctbuf);
- free(ptbuf);
- CCCryptorRelease(cryptor);
-
- [inputStream close];
- [outputStream close];
-
- NSMutableData *computedSha256 = [[NSMutableData alloc] initWithLength:CC_SHA256_DIGEST_LENGTH];
- CC_SHA256_Final(computedSha256.mutableBytes, &sha256ctx);
-
- NSData *expectedSha256 = [[NSData alloc] initWithBase64EncodedString:[MXBase64Tools padBase64:fileInfo.hashes[@"sha256"]] options:0];
-
- if (![computedSha256 isEqualToData:expectedSha256])
- {
- MXLogDebug(@"[MXEncryptedAttachments] decryptAttachment: Hash mismatch when decrypting attachment! Expected: %@, got %@", fileInfo.hashes[@"sha256"], [computedSha256 base64EncodedStringWithOptions:0]);
- return [NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"hash_mismatch"}];
- }
- return nil;
+ size_t buflen = 4096;
+ uint8_t *ctbuf = malloc(buflen);
+ uint8_t *ptbuf = malloc(buflen);
+
+ CC_SHA256_CTX sha256ctx;
+ CC_SHA256_Init(&sha256ctx);
+
+ NSInteger bytesRead;
+ size_t bytesProduced;
+ while ( (bytesRead = [inputStream read:ctbuf maxLength:buflen]) > 0)
+ {
+ status = CCCryptorUpdate(cryptor, ctbuf, bytesRead, ptbuf, buflen, &bytesProduced);
+ if (status != kCCSuccess) {
+ free(ptbuf);
+ free(ctbuf);
+ CCCryptorRelease(cryptor);
+ dispatch_async(dispatch_get_main_queue(), ^{
+ failure([NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"error_decrypting"}]);
+ });
+ return;
+ }
+
+ [outputStream write:ptbuf maxLength:bytesProduced];
+
+ CC_SHA256_Update(&sha256ctx, ctbuf, (CC_LONG)bytesRead);
+ }
+ free(ctbuf);
+ free(ptbuf);
+ CCCryptorRelease(cryptor);
+
+ [inputStream close];
+ [outputStream close];
+
+ NSMutableData *computedSha256 = [[NSMutableData alloc] initWithLength:CC_SHA256_DIGEST_LENGTH];
+ CC_SHA256_Final(computedSha256.mutableBytes, &sha256ctx);
+
+ NSData *expectedSha256 = [[NSData alloc] initWithBase64EncodedString:[MXBase64Tools padBase64:fileInfo.hashes[@"sha256"]] options:0];
+
+ if (![computedSha256 isEqualToData:expectedSha256])
+ {
+ MXLogDebug(@"[MXEncryptedAttachments] decryptAttachment: Hash mismatch when decrypting attachment! Expected: %@, got %@", fileInfo.hashes[@"sha256"], [computedSha256 base64EncodedStringWithOptions:0]);
+ dispatch_async(dispatch_get_main_queue(), ^{
+ failure([NSError errorWithDomain:MXEncryptedAttachmentsErrorDomain code:0 userInfo:@{@"err": @"hash_mismatch"}]);
+ });
+ return;
+ }
+
+ dispatch_async(dispatch_get_main_queue(), ^{
+ success();
+ });
+ });
 }
 
 @end

MatrixSDK/Crypto/Data/Store/MXRealmCryptoStore/MXRealmCryptoStore.m

@@ -32,7 +32,7 @@
 #import "MXBackgroundModeHandler.h"
 
 
-NSUInteger const kMXRealmCryptoStoreVersion = 16;
+NSUInteger const kMXRealmCryptoStoreVersion = 17;
 
 static NSString *const kMXRealmCryptoStoreFolder = @"MXRealmCryptoStore";
 
@@ -402,7 +402,7 @@ + (void)_deleteStoreWithCredentials:(MXCredentials*)credentials readOnly:(BOOL)r
  [RLMRealm deleteFilesForConfiguration:config error:&error];
  if (error)
  {
- MXLogDebug(@"[MXRealmCryptoStore] deleteStore: Error: %@", error);
+ MXLogError(@"[MXRealmCryptoStore] deleteStore: Error: %@", error);
 
  if (!readOnly)
  {
@@ -419,7 +419,7 @@ + (void)_deleteStoreWithCredentials:(MXCredentials*)credentials readOnly:(BOOL)r
  }
  else
  {
- MXLogDebug(@"[MXRealmCryptoStore] deleteStore: Cannot open realm. Error: %@", error);
+ MXLogError(@"[MXRealmCryptoStore] deleteStore: Cannot open realm. Error: %@", error);
  }
  }
  }
@@ -447,7 +447,8 @@ - (instancetype)initWithCredentials:(MXCredentials *)credentials
  {
  MXLogDebug(@"[MXRealmCryptoStore] Credentials do not match");
  [MXRealmCryptoStore deleteStoreWithCredentials:credentials];
- return [MXRealmCryptoStore createStoreWithCredentials:credentials];
+ self = [MXRealmCryptoStore createStoreWithCredentials:credentials];
+ self.cryptoVersion = MXCryptoVersionLast;
  }
  }
 
@@ -2165,6 +2166,20 @@ + (BOOL)finaliseMigrationWith:(RLMMigration *)migration oldSchemaVersion:(uint64
 
  case 15:
  MXLogDebug(@"[MXRealmCryptoStore] Migration from schema #15 -> #16: Nothing to do (added optional MXRealmSecret.encryptedSecret)");
+
+ case 16:
+ MXLogDebug(@"[MXRealmCryptoStore] Migration from schema #16 -> #17");
+
+ MXLogDebug(@"[MXRealmCryptoStore] Make sure MXRealmOlmAccount.cryptoVersion is MXCryptoVersion2");
+ [migration enumerateObjects:MXRealmOlmAccount.className block:^(RLMObject *oldObject, RLMObject *newObject) {
+ NSNumber *version;
+ MXJSONModelSetNumber(version, oldObject[@"cryptoVersion"]);
+ if (version && version.intValue == 0)
+ {
+ MXLogDebug(@"[MXRealmCryptoStore] -> Fix MXRealmOlmAccount.cryptoVersion");
+ newObject[@"cryptoVersion"] = @(MXCryptoVersion2);
+ }
+ }];
  }
  }