5 #import <Foundation/Foundation.h>
6 #include "keychain/SecureObjectSync/SOSPeer.h"
7 #include "keychain/SecureObjectSync/SOSPeerCoder.h"
8 #include "keychain/SecureObjectSync/SOSTransportMessage.h"
9 #include "keychain/SecureObjectSync/SOSAccount.h"
10 #include "keychain/SecureObjectSync/SOSCoder.h"
11 #include "keychain/SecureObjectSync/SOSEngine.h"
12 #include "keychain/SecureObjectSync/SOSDataSource.h"
13 #include "keychain/SecureObjectSync/SOSAccountTransaction.h"
14 #include "keychain/SecureObjectSync/SOSKVSKeys.h"
15 #include "keychain/SecureObjectSync/SOSPeerOTRTimer.h"
16 #include "keychain/SecureObjectSync/CKBridge/SOSCloudKeychainClient.h"
18 #include <utilities/debugging.h>
19 #include <utilities/SecCFWrappers.h>
21 #include <AssertMacros.h>
22 #include "keychain/SecureObjectSync/SOSInternal.h"
24 static int maxRetryCount = 7; //max number of times to attempt restarting OTR negotiation
26 bool SOSPeerOTRTimerHaveReachedMaxRetryAllowance(SOSAccount* account, NSString* peerid){
27 bool reachedMax = false;
28 NSMutableDictionary* attemptsPerPeer = (__bridge NSMutableDictionary*)SOSAccountGetValue(account, kSOSAccountRenegotiationRetryCount, NULL);
30 attemptsPerPeer = [NSMutableDictionary dictionary];
32 NSNumber* attempt = [attemptsPerPeer objectForKey:peerid];
33 if(attempt && [attempt intValue] >= maxRetryCount)
40 //used when evaluating whether or not securityd should start a timer for negotiation
41 bool SOSPeerOTRTimerHaveAnRTTAvailable(SOSAccount* account, NSString* peerid)
43 CFErrorRef error = NULL;
44 CFNumberRef timeout = NULL;
45 bool doesRTTExist = false;
47 CFMutableDictionaryRef timeouts = (CFMutableDictionaryRef)asDictionary(SOSAccountGetValue(account, kSOSAccountPeerNegotiationTimeouts, &error), NULL);
48 require_action_quiet(timeouts, exit, secnotice("otrtimer", "do not have an rtt yet"));
50 timeout = CFDictionaryGetValue(timeouts, (__bridge CFStringRef)peerid);
51 require_action_quiet(timeout, exit, secnotice("otrtimer", "do not have an rtt yet"));
58 //call when a timer has fired, remove the current rtt entry as the existing one isn't working
59 void SOSPeerOTRTimerRemoveRTTTimeoutForPeer(SOSAccount* account, NSString* peerid)
61 CFNumberRef timeout = NULL;
62 CFErrorRef error = NULL;
64 CFMutableDictionaryRef timeouts = (CFMutableDictionaryRef)asDictionary(SOSAccountGetValue(account, kSOSAccountPeerNegotiationTimeouts, &error), NULL);
65 require_action_quiet(timeouts && (error == NULL), exit, secnotice("otrtimer","timeout dictionary doesn't exist"));
67 timeout = CFDictionaryGetValue(timeouts, (__bridge CFStringRef)peerid);
68 require_action_quiet(timeout, exit, secnotice("otrtimer","timeout for peerid: %@, doesn't exist", (__bridge CFStringRef)peerid));
70 CFDictionaryRemoveValue(timeouts, (__bridge CFStringRef)peerid);
71 SOSAccountSetValue(account, kSOSAccountPeerNegotiationTimeouts, timeouts, &error);
73 secnotice("otrtimer","SOSAccountSetValue threw an error for key kSOSAccountPeerNegotiationTimeouts: %@", error);
79 void SOSPeerOTRTimerRemoveLastSentMessageTimestamp(SOSAccount* account, NSString* peerid)
81 NSMutableDictionary *peerToTimeLastSentDict = (__bridge NSMutableDictionary*)SOSAccountGetValue(account, kSOSAccountPeerLastSentTimestamp, NULL);
83 if(peerToTimeLastSentDict){
84 NSDate* storedDate = [peerToTimeLastSentDict objectForKey:peerid];
86 [peerToTimeLastSentDict removeObjectForKey:peerid];
87 SOSAccountSetValue(account, kSOSAccountPeerLastSentTimestamp, (__bridge CFMutableDictionaryRef)peerToTimeLastSentDict, NULL);
92 void SOSPeerOTRTimerIncreaseOTRNegotiationRetryCount(SOSAccount* account, NSString* peerid)
94 NSMutableDictionary* attemptsPerPeer = (__bridge NSMutableDictionary*)SOSAccountGetValue(account, kSOSAccountRenegotiationRetryCount, NULL);
96 attemptsPerPeer = [NSMutableDictionary dictionary];
98 NSNumber* attempt = [attemptsPerPeer objectForKey:peerid];
100 attempt = [[NSNumber alloc] initWithInt:1];
101 [attemptsPerPeer setObject:attempt forKey:peerid];
104 NSNumber* newCount = [[NSNumber alloc]initWithInt:([attempt intValue]+1)];
105 [attemptsPerPeer setObject:newCount forKey:peerid];
106 secnotice("otr","OTR negotiation retry count: %d", [newCount intValue]);
108 SOSAccountSetValue(account, kSOSAccountRenegotiationRetryCount, (__bridge CFMutableDictionaryRef)attemptsPerPeer, NULL);
111 int SOSPeerOTRTimerTimeoutValue(SOSAccount* account, SOSPeerRef peer)
113 CFErrorRef error = NULL;
114 int timeoutIntValue = 0;
116 CFMutableDictionaryRef timeouts = (CFMutableDictionaryRef)asDictionary(SOSAccountGetValue(account, kSOSAccountPeerNegotiationTimeouts, &error), NULL);
117 require_action_quiet(timeouts, xit, secnotice("otrtimer","deadline value not available yet"));
119 CFNumberRef timeout = CFDictionaryGetValue(timeouts, SOSPeerGetID(peer));
120 require_action_quiet(timeout, xit, secnotice("otrtimer","deadline value not available yet"));
122 secnotice("otrtimer", "decided to wait %d before restarting negotiation", [(__bridge NSNumber*)timeout intValue]);
123 timeoutIntValue = [(__bridge NSNumber*)timeout intValue];
126 return timeoutIntValue;
129 void SOSPeerOTRTimerSetupAwaitingTimer(SOSAccount* account, SOSPeerRef peer, SOSEngineRef engine, SOSCoderRef coder)
131 //check which timeout value to use
132 int timeoutValue = SOSPeerOTRTimerTimeoutValue(account, peer);
133 CFStringRef peerid = CFRetainSafe(SOSPeerGetID(peer));
135 secnotice("otrtimer", "setting timer for peer: %@", peer);
136 __block dispatch_source_t timer = dispatch_source_create(DISPATCH_SOURCE_TYPE_TIMER, 0, 0, dispatch_get_main_queue());
137 dispatch_source_set_timer(timer, dispatch_time(DISPATCH_TIME_NOW, timeoutValue * NSEC_PER_SEC), DISPATCH_TIME_FOREVER, 0);
138 dispatch_source_set_event_handler(timer, ^{
139 secnotice("otrtimer","otrTimerFired fired");
140 SOSCCResetOTRNegotiation_Server(peerid);
144 dispatch_source_set_cancel_handler(timer, ^{
145 CFReleaseSafe(peerid);
148 dispatch_resume(timer);
150 SOSPeerSetOTRTimer(peer, timer);
153 //clear the max retry counter in the account object
154 void SOSPeerOTRTimerClearMaxRetryCount(SOSAccount* account, NSString* peerid)
156 secnotice("otrtimer", "negotiation finished! clearing max retry counter");
157 NSMutableDictionary* attemptsPerPeer = (__bridge NSMutableDictionary*)SOSAccountGetValue(account, kSOSAccountRenegotiationRetryCount, NULL);
158 if(!attemptsPerPeer){
159 attemptsPerPeer = [NSMutableDictionary dictionary];
161 [attemptsPerPeer removeObjectForKey:peerid];
162 SOSAccountSetValue(account, kSOSAccountRenegotiationRetryCount, (__bridge CFMutableDictionaryRef)attemptsPerPeer, NULL);