1  //
  2  //  SOSPeerOTRTimer.m
  3  //
  4  
  5  #import <Foundation/Foundation.h>
  6  #include "keychain/SecureObjectSync/SOSPeer.h"
  7  #include "keychain/SecureObjectSync/SOSPeerCoder.h"
  8  #include "keychain/SecureObjectSync/SOSTransportMessage.h"
  9  #include "keychain/SecureObjectSync/SOSAccount.h"
 10  #include "keychain/SecureObjectSync/SOSCoder.h"
 11  #include "keychain/SecureObjectSync/SOSEngine.h"
 12  #include "keychain/SecureObjectSync/SOSDataSource.h"
 13  #include "keychain/SecureObjectSync/SOSAccountTransaction.h"
 14  #include "keychain/SecureObjectSync/SOSKVSKeys.h"
 15  #include "keychain/SecureObjectSync/SOSPeerOTRTimer.h"
 16  #include "keychain/SecureObjectSync/CKBridge/SOSCloudKeychainClient.h"
 17  
 18  #include <utilities/debugging.h>
 19  #include <utilities/SecCFWrappers.h>
 20  
 21  #include <AssertMacros.h>
 22  #include "keychain/SecureObjectSync/SOSInternal.h"
 23  
 24  static int maxRetryCount = 7; //max number of times to attempt restarting OTR negotiation
 25  
 26  bool SOSPeerOTRTimerHaveReachedMaxRetryAllowance(SOSAccount* account, NSString* peerid){
 27      bool reachedMax = false;
 28      NSMutableDictionary* attemptsPerPeer = (__bridge NSMutableDictionary*)SOSAccountGetValue(account, kSOSAccountRenegotiationRetryCount, NULL);
 29      if(!attemptsPerPeer){
 30          attemptsPerPeer = [NSMutableDictionary dictionary];
 31      }
 32      NSNumber* attempt = [attemptsPerPeer objectForKey:peerid];
 33      if(attempt && [attempt intValue] >= maxRetryCount)
 34      {
 35          reachedMax = true;
 36      }
 37      return reachedMax;
 38  }
 39  
 40  //used when evaluating whether or not securityd should start a timer for negotiation
 41  bool SOSPeerOTRTimerHaveAnRTTAvailable(SOSAccount* account, NSString* peerid)
 42  {
 43      CFErrorRef error = NULL;
 44      CFNumberRef timeout = NULL;
 45      bool doesRTTExist = false;
 46      
 47      CFMutableDictionaryRef timeouts = (CFMutableDictionaryRef)asDictionary(SOSAccountGetValue(account, kSOSAccountPeerNegotiationTimeouts, &error), NULL);
 48      require_action_quiet(timeouts, exit, secnotice("otrtimer", "do not have an rtt yet"));
 49      
 50      timeout = CFDictionaryGetValue(timeouts, (__bridge CFStringRef)peerid);
 51      require_action_quiet(timeout, exit, secnotice("otrtimer", "do not have an rtt yet"));
 52      
 53      doesRTTExist = true;
 54  exit:
 55      return doesRTTExist;
 56  }
 57  
 58  //call when a timer has fired, remove the current rtt entry as the existing one isn't working
 59  void SOSPeerOTRTimerRemoveRTTTimeoutForPeer(SOSAccount* account, NSString* peerid)
 60  {
 61      CFNumberRef timeout = NULL;
 62      CFErrorRef error = NULL;
 63      
 64      CFMutableDictionaryRef timeouts = (CFMutableDictionaryRef)asDictionary(SOSAccountGetValue(account, kSOSAccountPeerNegotiationTimeouts, &error), NULL);
 65      require_action_quiet(timeouts && (error == NULL), exit, secnotice("otrtimer","timeout dictionary doesn't exist"));
 66      
 67      timeout = CFDictionaryGetValue(timeouts, (__bridge CFStringRef)peerid);
 68      require_action_quiet(timeout, exit, secnotice("otrtimer","timeout for peerid: %@, doesn't exist", (__bridge CFStringRef)peerid));
 69      
 70      CFDictionaryRemoveValue(timeouts, (__bridge CFStringRef)peerid);
 71      SOSAccountSetValue(account, kSOSAccountPeerNegotiationTimeouts, timeouts, &error);
 72      if(error){
 73          secnotice("otrtimer","SOSAccountSetValue threw an error for key kSOSAccountPeerNegotiationTimeouts: %@", error);
 74      }
 75  exit:
 76      CFReleaseNull(error);
 77  }
 78  
 79  void SOSPeerOTRTimerRemoveLastSentMessageTimestamp(SOSAccount* account, NSString* peerid)
 80  {
 81      NSMutableDictionary *peerToTimeLastSentDict = (__bridge NSMutableDictionary*)SOSAccountGetValue(account, kSOSAccountPeerLastSentTimestamp, NULL);
 82      
 83      if(peerToTimeLastSentDict){
 84          NSDate* storedDate = [peerToTimeLastSentDict objectForKey:peerid];
 85          if(storedDate){
 86              [peerToTimeLastSentDict removeObjectForKey:peerid];
 87              SOSAccountSetValue(account, kSOSAccountPeerLastSentTimestamp, (__bridge CFMutableDictionaryRef)peerToTimeLastSentDict, NULL);
 88          }
 89      }
 90  }
 91  
 92  void SOSPeerOTRTimerIncreaseOTRNegotiationRetryCount(SOSAccount* account, NSString* peerid)
 93  {
 94      NSMutableDictionary* attemptsPerPeer = (__bridge NSMutableDictionary*)SOSAccountGetValue(account, kSOSAccountRenegotiationRetryCount, NULL);
 95      if(!attemptsPerPeer){
 96          attemptsPerPeer = [NSMutableDictionary dictionary];
 97      }
 98      NSNumber* attempt = [attemptsPerPeer objectForKey:peerid];
 99      if(!attempt){
100          attempt = [[NSNumber alloc] initWithInt:1];
101          [attemptsPerPeer setObject:attempt forKey:peerid];
102      }
103      else{
104          NSNumber* newCount = [[NSNumber alloc]initWithInt:([attempt intValue]+1)];
105          [attemptsPerPeer setObject:newCount forKey:peerid];
106          secnotice("otr","OTR negotiation retry count: %d", [newCount intValue]);
107      }
108      SOSAccountSetValue(account, kSOSAccountRenegotiationRetryCount, (__bridge CFMutableDictionaryRef)attemptsPerPeer, NULL);
109  }
110  
111  int SOSPeerOTRTimerTimeoutValue(SOSAccount* account, SOSPeerRef peer)
112  {
113      CFErrorRef error = NULL;
114      int timeoutIntValue = 0;
115  
116      CFMutableDictionaryRef timeouts = (CFMutableDictionaryRef)asDictionary(SOSAccountGetValue(account, kSOSAccountPeerNegotiationTimeouts, &error), NULL);
117      require_action_quiet(timeouts, xit, secnotice("otrtimer","deadline value not available yet"));
118  
119      CFNumberRef timeout = CFDictionaryGetValue(timeouts, SOSPeerGetID(peer));
120      require_action_quiet(timeout, xit, secnotice("otrtimer","deadline value not available yet"));
121  
122      secnotice("otrtimer", "decided to wait %d before restarting negotiation", [(__bridge NSNumber*)timeout intValue]);
123      timeoutIntValue = [(__bridge NSNumber*)timeout intValue];
124  
125  xit:
126      return timeoutIntValue;
127  }
128  
129  void SOSPeerOTRTimerSetupAwaitingTimer(SOSAccount* account, SOSPeerRef peer, SOSEngineRef engine, SOSCoderRef coder)
130  {
131      //check which timeout value to use
132      int timeoutValue = SOSPeerOTRTimerTimeoutValue(account, peer);
133      CFStringRef peerid = CFRetainSafe(SOSPeerGetID(peer));
134  
135      secnotice("otrtimer", "setting timer for peer: %@", peer);
136      __block dispatch_source_t timer = dispatch_source_create(DISPATCH_SOURCE_TYPE_TIMER, 0, 0, dispatch_get_main_queue());
137      dispatch_source_set_timer(timer, dispatch_time(DISPATCH_TIME_NOW, timeoutValue * NSEC_PER_SEC), DISPATCH_TIME_FOREVER, 0);
138      dispatch_source_set_event_handler(timer, ^{
139          secnotice("otrtimer","otrTimerFired fired");
140          SOSCCResetOTRNegotiation_Server(peerid);
141          
142      });
143      
144      dispatch_source_set_cancel_handler(timer, ^{
145          CFReleaseSafe(peerid);
146      });
147      
148      dispatch_resume(timer);
149      
150      SOSPeerSetOTRTimer(peer, timer);
151  }
152  
153  //clear the max retry counter in the account object
154  void SOSPeerOTRTimerClearMaxRetryCount(SOSAccount* account, NSString* peerid)
155  {
156      secnotice("otrtimer", "negotiation finished! clearing max retry counter");
157      NSMutableDictionary* attemptsPerPeer = (__bridge NSMutableDictionary*)SOSAccountGetValue(account, kSOSAccountRenegotiationRetryCount, NULL);
158      if(!attemptsPerPeer){
159          attemptsPerPeer = [NSMutableDictionary dictionary];
160      }
161      [attemptsPerPeer removeObjectForKey:peerid];
162      SOSAccountSetValue(account, kSOSAccountRenegotiationRetryCount, (__bridge CFMutableDictionaryRef)attemptsPerPeer, NULL);
163  }
164