From 11ef461123c8ec21fd902fd0ddd1ddb19b51600f Mon Sep 17 00:00:00 2001 From: Naomi Plasterer Date: Wed, 5 Jun 2024 20:32:44 -0700 Subject: [PATCH 1/6] block psks on commit proposal --- xmtp_mls/src/groups/validated_commit.rs | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/xmtp_mls/src/groups/validated_commit.rs b/xmtp_mls/src/groups/validated_commit.rs index aa5f4913f..b6a9ceb0c 100644 --- a/xmtp_mls/src/groups/validated_commit.rs +++ b/xmtp_mls/src/groups/validated_commit.rs @@ -78,6 +78,8 @@ pub enum CommitValidationError { InstallationDiff(#[from] InstallationDiffError), #[error("Failed to parse group mutable permissions: {0}")] GroupMutablePermissions(#[from] GroupMutablePermissionsError), + #[error("PSKs are not support")] + NoPSKSupport, } #[derive(Debug, Clone, PartialEq, Hash)] @@ -226,6 +228,11 @@ impl ValidatedCommit { &mutable_metadata, )?; + // Block any ReInit proposals + if staged_commit.psk_proposals().any(|_| true) { + return Err(CommitValidationError::NoPSKSupport) + } + // Get the installations actually added and removed in the commit let ProposalChanges { added_installations, From 67d342eb606ffc49017cc20c2353d1fc94ee9b8e Mon Sep 17 00:00:00 2001 From: Naomi Plasterer Date: Wed, 5 Jun 2024 20:47:52 -0700 Subject: [PATCH 2/6] check to see if the psk number is zero or not --- Cargo.lock | 12 ++++++------ Cargo.toml | 8 ++++---- bindings_ffi/Cargo.lock | 12 ++++++------ xmtp_mls/src/groups/mod.rs | 5 +++++ 4 files changed, 21 insertions(+), 16 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 60cb76c94..2b9fc91e0 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3048,7 +3048,7 @@ dependencies = [ [[package]] name = "openmls" version = "0.5.0" -source = "git+https://github.com/xmtp/openmls?rev=606bf92#606bf929e133422fe9737ba7089f6e63a4738300" +source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" dependencies = [ "backtrace", "itertools 0.10.5", @@ -3070,7 +3070,7 @@ dependencies = [ [[package]] name = "openmls_basic_credential" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=606bf92#606bf929e133422fe9737ba7089f6e63a4738300" +source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" dependencies = [ "ed25519-dalek", "openmls_traits", @@ -3083,7 +3083,7 @@ dependencies = [ [[package]] name = "openmls_memory_storage" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=606bf92#606bf929e133422fe9737ba7089f6e63a4738300" +source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" dependencies = [ "hex", "log", @@ -3096,7 +3096,7 @@ dependencies = [ [[package]] name = "openmls_rust_crypto" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=606bf92#606bf929e133422fe9737ba7089f6e63a4738300" +source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" dependencies = [ "aes-gcm", "chacha20poly1305", @@ -3120,7 +3120,7 @@ dependencies = [ [[package]] name = "openmls_test" version = "0.1.0" -source = "git+https://github.com/xmtp/openmls?rev=606bf92#606bf929e133422fe9737ba7089f6e63a4738300" +source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" dependencies = [ "ansi_term", "openmls_rust_crypto", @@ -3135,7 +3135,7 @@ dependencies = [ [[package]] name = "openmls_traits" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=606bf92#606bf929e133422fe9737ba7089f6e63a4738300" +source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" dependencies = [ "serde", "tls_codec 0.4.2-pre.1", diff --git a/Cargo.toml b/Cargo.toml index 41d96d5c9..9240df5f6 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -36,10 +36,10 @@ futures = "0.3.30" futures-core = "0.3.30" hex = "0.4.3" log = "0.4" -openmls = { git = "https://github.com/xmtp/openmls", rev = "606bf92" } -openmls_basic_credential = { git = "https://github.com/xmtp/openmls", rev = "606bf92" } -openmls_rust_crypto = { git = "https://github.com/xmtp/openmls", rev = "606bf92" } -openmls_traits = { git = "https://github.com/xmtp/openmls", rev = "606bf92" } +openmls = { git = "https://github.com/xmtp/openmls", rev = "5174c31" } +openmls_basic_credential = { git = "https://github.com/xmtp/openmls", rev = "5174c31" } +openmls_rust_crypto = { git = "https://github.com/xmtp/openmls", rev = "5174c31" } +openmls_traits = { git = "https://github.com/xmtp/openmls", rev = "5174c31" } prost = "^0.12" prost-types = "^0.12" rand = "0.8.5" diff --git a/bindings_ffi/Cargo.lock b/bindings_ffi/Cargo.lock index dd41b5e8e..d2efbcdce 100644 --- a/bindings_ffi/Cargo.lock +++ b/bindings_ffi/Cargo.lock @@ -2751,7 +2751,7 @@ dependencies = [ [[package]] name = "openmls" version = "0.5.0" -source = "git+https://github.com/xmtp/openmls?rev=606bf92#606bf929e133422fe9737ba7089f6e63a4738300" +source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" dependencies = [ "backtrace", "itertools 0.10.5", @@ -2773,7 +2773,7 @@ dependencies = [ [[package]] name = "openmls_basic_credential" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=606bf92#606bf929e133422fe9737ba7089f6e63a4738300" +source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" dependencies = [ "ed25519-dalek", "openmls_traits", @@ -2786,7 +2786,7 @@ dependencies = [ [[package]] name = "openmls_memory_storage" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=606bf92#606bf929e133422fe9737ba7089f6e63a4738300" +source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" dependencies = [ "hex", "log", @@ -2799,7 +2799,7 @@ dependencies = [ [[package]] name = "openmls_rust_crypto" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=606bf92#606bf929e133422fe9737ba7089f6e63a4738300" +source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" dependencies = [ "aes-gcm", "chacha20poly1305", @@ -2823,7 +2823,7 @@ dependencies = [ [[package]] name = "openmls_test" version = "0.1.0" -source = "git+https://github.com/xmtp/openmls?rev=606bf92#606bf929e133422fe9737ba7089f6e63a4738300" +source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" dependencies = [ "ansi_term", "openmls_rust_crypto", @@ -2838,7 +2838,7 @@ dependencies = [ [[package]] name = "openmls_traits" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=606bf92#606bf929e133422fe9737ba7089f6e63a4738300" +source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" dependencies = [ "serde", "tls_codec 0.4.2-pre.1", diff --git a/xmtp_mls/src/groups/mod.rs b/xmtp_mls/src/groups/mod.rs index f5aec739b..dfb54a6a5 100644 --- a/xmtp_mls/src/groups/mod.rs +++ b/xmtp_mls/src/groups/mod.rs @@ -165,6 +165,8 @@ pub enum GroupError { MessageHistory(#[from] MessageHistoryError), #[error("Installation diff error: {0}")] InstallationDiff(#[from] InstallationDiffError), + #[error("PSKs are not support")] + NoPSKSupport, } impl RetryableError for GroupError { @@ -326,6 +328,9 @@ impl MlsGroup { let welcome = deserialize_welcome(&welcome_bytes)?; let join_config = build_group_join_config(); + if join_config.number_of_resumption_psks > 0 { + return Err(GroupError::NoPSKSupport); + } let staged_welcome = StagedWelcome::new_from_welcome(provider, &join_config, welcome.clone(), None)?; From 3af5ca37e67f2e9eaa5e53d3536e85787a537ca1 Mon Sep 17 00:00:00 2001 From: Naomi Plasterer Date: Wed, 5 Jun 2024 20:50:01 -0700 Subject: [PATCH 3/6] fix linter issue --- xmtp_mls/src/groups/validated_commit.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/xmtp_mls/src/groups/validated_commit.rs b/xmtp_mls/src/groups/validated_commit.rs index b6a9ceb0c..18481c9ad 100644 --- a/xmtp_mls/src/groups/validated_commit.rs +++ b/xmtp_mls/src/groups/validated_commit.rs @@ -230,7 +230,7 @@ impl ValidatedCommit { // Block any ReInit proposals if staged_commit.psk_proposals().any(|_| true) { - return Err(CommitValidationError::NoPSKSupport) + return Err(CommitValidationError::NoPSKSupport); } // Get the installations actually added and removed in the commit From be169ab504b33f1a5e4341e3c873985595bc0278 Mon Sep 17 00:00:00 2001 From: Naomi Plasterer Date: Thu, 6 Jun 2024 21:51:22 -0700 Subject: [PATCH 4/6] add check for psks on processed welcome --- Cargo.lock | 12 ++++++------ Cargo.toml | 8 ++++---- bindings_ffi/Cargo.lock | 12 ++++++------ xmtp_mls/src/groups/mod.rs | 12 ++++++++---- 4 files changed, 24 insertions(+), 20 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 2b9fc91e0..a279a1868 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3048,7 +3048,7 @@ dependencies = [ [[package]] name = "openmls" version = "0.5.0" -source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" +source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" dependencies = [ "backtrace", "itertools 0.10.5", @@ -3070,7 +3070,7 @@ dependencies = [ [[package]] name = "openmls_basic_credential" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" +source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" dependencies = [ "ed25519-dalek", "openmls_traits", @@ -3083,7 +3083,7 @@ dependencies = [ [[package]] name = "openmls_memory_storage" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" +source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" dependencies = [ "hex", "log", @@ -3096,7 +3096,7 @@ dependencies = [ [[package]] name = "openmls_rust_crypto" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" +source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" dependencies = [ "aes-gcm", "chacha20poly1305", @@ -3120,7 +3120,7 @@ dependencies = [ [[package]] name = "openmls_test" version = "0.1.0" -source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" +source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" dependencies = [ "ansi_term", "openmls_rust_crypto", @@ -3135,7 +3135,7 @@ dependencies = [ [[package]] name = "openmls_traits" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" +source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" dependencies = [ "serde", "tls_codec 0.4.2-pre.1", diff --git a/Cargo.toml b/Cargo.toml index 9240df5f6..563fe8906 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -36,10 +36,10 @@ futures = "0.3.30" futures-core = "0.3.30" hex = "0.4.3" log = "0.4" -openmls = { git = "https://github.com/xmtp/openmls", rev = "5174c31" } -openmls_basic_credential = { git = "https://github.com/xmtp/openmls", rev = "5174c31" } -openmls_rust_crypto = { git = "https://github.com/xmtp/openmls", rev = "5174c31" } -openmls_traits = { git = "https://github.com/xmtp/openmls", rev = "5174c31" } +openmls = { git = "https://github.com/xmtp/openmls", rev = "2fa5d2d" } +openmls_basic_credential = { git = "https://github.com/xmtp/openmls", rev = "2fa5d2d" } +openmls_rust_crypto = { git = "https://github.com/xmtp/openmls", rev = "2fa5d2d" } +openmls_traits = { git = "https://github.com/xmtp/openmls", rev = "2fa5d2d" } prost = "^0.12" prost-types = "^0.12" rand = "0.8.5" diff --git a/bindings_ffi/Cargo.lock b/bindings_ffi/Cargo.lock index d2efbcdce..011bbc2bd 100644 --- a/bindings_ffi/Cargo.lock +++ b/bindings_ffi/Cargo.lock @@ -2751,7 +2751,7 @@ dependencies = [ [[package]] name = "openmls" version = "0.5.0" -source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" +source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" dependencies = [ "backtrace", "itertools 0.10.5", @@ -2773,7 +2773,7 @@ dependencies = [ [[package]] name = "openmls_basic_credential" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" +source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" dependencies = [ "ed25519-dalek", "openmls_traits", @@ -2786,7 +2786,7 @@ dependencies = [ [[package]] name = "openmls_memory_storage" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" +source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" dependencies = [ "hex", "log", @@ -2799,7 +2799,7 @@ dependencies = [ [[package]] name = "openmls_rust_crypto" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" +source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" dependencies = [ "aes-gcm", "chacha20poly1305", @@ -2823,7 +2823,7 @@ dependencies = [ [[package]] name = "openmls_test" version = "0.1.0" -source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" +source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" dependencies = [ "ansi_term", "openmls_rust_crypto", @@ -2838,7 +2838,7 @@ dependencies = [ [[package]] name = "openmls_traits" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=5174c31#5174c3118c9c43fd769fbc6ba469cc8e78b162af" +source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" dependencies = [ "serde", "tls_codec 0.4.2-pre.1", diff --git a/xmtp_mls/src/groups/mod.rs b/xmtp_mls/src/groups/mod.rs index dfb54a6a5..c02882781 100644 --- a/xmtp_mls/src/groups/mod.rs +++ b/xmtp_mls/src/groups/mod.rs @@ -18,7 +18,10 @@ use openmls::{ Extension, ExtensionType, Extensions, Metadata, RequiredCapabilitiesExtension, UnknownExtension, }, - group::{CreateGroupContextExtProposalError, MlsGroupCreateConfig, MlsGroupJoinConfig}, + group::{ + CreateGroupContextExtProposalError, MlsGroupCreateConfig, MlsGroupJoinConfig, + ProcessedWelcome, + }, messages::proposals::ProposalType, prelude::{ BasicCredentialError, Capabilities, CredentialWithKey, Error as TlsCodecError, GroupId, @@ -328,11 +331,12 @@ impl MlsGroup { let welcome = deserialize_welcome(&welcome_bytes)?; let join_config = build_group_join_config(); - if join_config.number_of_resumption_psks > 0 { + let processed_welcome = + ProcessedWelcome::new_from_welcome(provider, &join_config, welcome.clone())?; + if processed_welcome.psks().is_empty() { return Err(GroupError::NoPSKSupport); } - let staged_welcome = - StagedWelcome::new_from_welcome(provider, &join_config, welcome.clone(), None)?; + let staged_welcome = processed_welcome.into_staged_welcome(provider, None)?; let added_by_node = staged_welcome.welcome_sender()?; From 92c7f43f0e71748fdbc3744d72b82e23b0937d30 Mon Sep 17 00:00:00 2001 From: Naomi Plasterer Date: Fri, 7 Jun 2024 14:35:02 -0700 Subject: [PATCH 5/6] add a comment for it --- Cargo.lock | 12 ++++++------ Cargo.toml | 8 ++++---- bindings_ffi/Cargo.lock | 12 ++++++------ xmtp_mls/src/groups/validated_commit.rs | 3 ++- 4 files changed, 18 insertions(+), 17 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index a279a1868..b7d5b938a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3048,7 +3048,7 @@ dependencies = [ [[package]] name = "openmls" version = "0.5.0" -source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" +source = "git+https://github.com/xmtp/openmls?rev=99b2d5e7d0e034ac57644395e2194c5a102afb9a#99b2d5e7d0e034ac57644395e2194c5a102afb9a" dependencies = [ "backtrace", "itertools 0.10.5", @@ -3070,7 +3070,7 @@ dependencies = [ [[package]] name = "openmls_basic_credential" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" +source = "git+https://github.com/xmtp/openmls?rev=99b2d5e7d0e034ac57644395e2194c5a102afb9a#99b2d5e7d0e034ac57644395e2194c5a102afb9a" dependencies = [ "ed25519-dalek", "openmls_traits", @@ -3083,7 +3083,7 @@ dependencies = [ [[package]] name = "openmls_memory_storage" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" +source = "git+https://github.com/xmtp/openmls?rev=99b2d5e7d0e034ac57644395e2194c5a102afb9a#99b2d5e7d0e034ac57644395e2194c5a102afb9a" dependencies = [ "hex", "log", @@ -3096,7 +3096,7 @@ dependencies = [ [[package]] name = "openmls_rust_crypto" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" +source = "git+https://github.com/xmtp/openmls?rev=99b2d5e7d0e034ac57644395e2194c5a102afb9a#99b2d5e7d0e034ac57644395e2194c5a102afb9a" dependencies = [ "aes-gcm", "chacha20poly1305", @@ -3120,7 +3120,7 @@ dependencies = [ [[package]] name = "openmls_test" version = "0.1.0" -source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" +source = "git+https://github.com/xmtp/openmls?rev=99b2d5e7d0e034ac57644395e2194c5a102afb9a#99b2d5e7d0e034ac57644395e2194c5a102afb9a" dependencies = [ "ansi_term", "openmls_rust_crypto", @@ -3135,7 +3135,7 @@ dependencies = [ [[package]] name = "openmls_traits" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" +source = "git+https://github.com/xmtp/openmls?rev=99b2d5e7d0e034ac57644395e2194c5a102afb9a#99b2d5e7d0e034ac57644395e2194c5a102afb9a" dependencies = [ "serde", "tls_codec 0.4.2-pre.1", diff --git a/Cargo.toml b/Cargo.toml index 563fe8906..94c414c00 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -36,10 +36,10 @@ futures = "0.3.30" futures-core = "0.3.30" hex = "0.4.3" log = "0.4" -openmls = { git = "https://github.com/xmtp/openmls", rev = "2fa5d2d" } -openmls_basic_credential = { git = "https://github.com/xmtp/openmls", rev = "2fa5d2d" } -openmls_rust_crypto = { git = "https://github.com/xmtp/openmls", rev = "2fa5d2d" } -openmls_traits = { git = "https://github.com/xmtp/openmls", rev = "2fa5d2d" } +openmls = { git = "https://github.com/xmtp/openmls", rev = "99b2d5e7d0e034ac57644395e2194c5a102afb9a" } +openmls_basic_credential = { git = "https://github.com/xmtp/openmls", rev = "99b2d5e7d0e034ac57644395e2194c5a102afb9a" } +openmls_rust_crypto = { git = "https://github.com/xmtp/openmls", rev = "99b2d5e7d0e034ac57644395e2194c5a102afb9a" } +openmls_traits = { git = "https://github.com/xmtp/openmls", rev = "99b2d5e7d0e034ac57644395e2194c5a102afb9a" } prost = "^0.12" prost-types = "^0.12" rand = "0.8.5" diff --git a/bindings_ffi/Cargo.lock b/bindings_ffi/Cargo.lock index 011bbc2bd..8bce151aa 100644 --- a/bindings_ffi/Cargo.lock +++ b/bindings_ffi/Cargo.lock @@ -2751,7 +2751,7 @@ dependencies = [ [[package]] name = "openmls" version = "0.5.0" -source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" +source = "git+https://github.com/xmtp/openmls?rev=99b2d5e7d0e034ac57644395e2194c5a102afb9a#99b2d5e7d0e034ac57644395e2194c5a102afb9a" dependencies = [ "backtrace", "itertools 0.10.5", @@ -2773,7 +2773,7 @@ dependencies = [ [[package]] name = "openmls_basic_credential" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" +source = "git+https://github.com/xmtp/openmls?rev=99b2d5e7d0e034ac57644395e2194c5a102afb9a#99b2d5e7d0e034ac57644395e2194c5a102afb9a" dependencies = [ "ed25519-dalek", "openmls_traits", @@ -2786,7 +2786,7 @@ dependencies = [ [[package]] name = "openmls_memory_storage" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" +source = "git+https://github.com/xmtp/openmls?rev=99b2d5e7d0e034ac57644395e2194c5a102afb9a#99b2d5e7d0e034ac57644395e2194c5a102afb9a" dependencies = [ "hex", "log", @@ -2799,7 +2799,7 @@ dependencies = [ [[package]] name = "openmls_rust_crypto" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" +source = "git+https://github.com/xmtp/openmls?rev=99b2d5e7d0e034ac57644395e2194c5a102afb9a#99b2d5e7d0e034ac57644395e2194c5a102afb9a" dependencies = [ "aes-gcm", "chacha20poly1305", @@ -2823,7 +2823,7 @@ dependencies = [ [[package]] name = "openmls_test" version = "0.1.0" -source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" +source = "git+https://github.com/xmtp/openmls?rev=99b2d5e7d0e034ac57644395e2194c5a102afb9a#99b2d5e7d0e034ac57644395e2194c5a102afb9a" dependencies = [ "ansi_term", "openmls_rust_crypto", @@ -2838,7 +2838,7 @@ dependencies = [ [[package]] name = "openmls_traits" version = "0.2.0" -source = "git+https://github.com/xmtp/openmls?rev=2fa5d2d#2fa5d2d10b263db13c73d243962cdcc729d0a3ff" +source = "git+https://github.com/xmtp/openmls?rev=99b2d5e7d0e034ac57644395e2194c5a102afb9a#99b2d5e7d0e034ac57644395e2194c5a102afb9a" dependencies = [ "serde", "tls_codec 0.4.2-pre.1", diff --git a/xmtp_mls/src/groups/validated_commit.rs b/xmtp_mls/src/groups/validated_commit.rs index 18481c9ad..0dd88dbf4 100644 --- a/xmtp_mls/src/groups/validated_commit.rs +++ b/xmtp_mls/src/groups/validated_commit.rs @@ -188,6 +188,7 @@ impl MetadataFieldChange { * present in the [`AssociationState`] for the `inbox_id` presented in the credential at the `to_sequence_id` found in the * new [`GroupMembership`]. * 5. All proposals in a commit must come from the same installation + * 6. No PSK proposals will be allowed */ #[derive(Debug, Clone)] pub struct ValidatedCommit { @@ -228,7 +229,7 @@ impl ValidatedCommit { &mutable_metadata, )?; - // Block any ReInit proposals + // Block any psk proposals if staged_commit.psk_proposals().any(|_| true) { return Err(CommitValidationError::NoPSKSupport); } From 48198fc2b600017afb9c7809f8d994f5e2517a51 Mon Sep 17 00:00:00 2001 From: Naomi Plasterer Date: Mon, 10 Jun 2024 08:15:02 -0700 Subject: [PATCH 6/6] invert the logic --- xmtp_mls/src/groups/mod.rs | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/xmtp_mls/src/groups/mod.rs b/xmtp_mls/src/groups/mod.rs index c02882781..b1c4f3e14 100644 --- a/xmtp_mls/src/groups/mod.rs +++ b/xmtp_mls/src/groups/mod.rs @@ -331,9 +331,11 @@ impl MlsGroup { let welcome = deserialize_welcome(&welcome_bytes)?; let join_config = build_group_join_config(); + let processed_welcome = ProcessedWelcome::new_from_welcome(provider, &join_config, welcome.clone())?; - if processed_welcome.psks().is_empty() { + let psks = processed_welcome.psks(); + if !psks.is_empty() { return Err(GroupError::NoPSKSupport); } let staged_welcome = processed_welcome.into_staged_welcome(provider, None)?;