MirrorMirror
/
Signal-Server
mirror of https://github.com/signalapp/Signal-Server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Don't allow secondary devices to resurrect inactive device status

This commit is contained in:
Moxie Marlinspike 2019-01-22 13:19:06 -08:00
parent e5a89946f6
commit fa0745e226
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/main/java/org/whispersystems/textsecuregcm/auth/AccountAuthenticator.java
View File

@ -66,6 +66,10 @@ public class AccountAuthenticator implements Authenticator<BasicCredentials, Acc
return Optional.empty();
}
if (!device.get().isMaster() && !device.get().isActive()) {
return Optional.empty();
}
if (device.get().getAuthenticationCredentials().verify(basicCredentials.getPassword())) {
authenticationSucceededMeter.mark();
account.get().setAuthenticatedDevice(device.get());

4
src/test/java/org/whispersystems/textsecuregcm/tests/util/AuthHelper.java
View File

@ -41,9 +41,11 @@ public class AuthHelper {
when(VALID_CREDENTIALS_TWO.verify("baz")).thenReturn(true);
when(VALID_DEVICE.getAuthenticationCredentials()).thenReturn(VALID_CREDENTIALS);
when(VALID_DEVICE_TWO.getAuthenticationCredentials()).thenReturn(VALID_CREDENTIALS_TWO);
when(VALID_DEVICE.isMaster()).thenReturn(true);
when(VALID_DEVICE_TWO.isMaster()).thenReturn(true);
when(VALID_DEVICE.getId()).thenReturn(1L);
when(VALID_DEVICE_TWO.getId()).thenReturn(1L);
when(VALID_ACCOUNT.getDevice(anyLong())).thenReturn(Optional.of(VALID_DEVICE));
when(VALID_ACCOUNT.getDevice(1L)).thenReturn(Optional.of(VALID_DEVICE));
when(VALID_ACCOUNT_TWO.getDevice(eq(1L))).thenReturn(Optional.of(VALID_DEVICE_TWO));
when(VALID_ACCOUNT_TWO.getActiveDeviceCount()).thenReturn(6);
when(VALID_ACCOUNT.getNumber()).thenReturn(VALID_NUMBER);