Supports blocking third-party sources

Blocked sources cannot be added by new users, or updated for existing users.
2026-02-08 22:33:26 +01:00 · 2023-05-15 16:25:25 -05:00
parent b9dd6432a1
commit 254a9773ec
7 changed files with 151 additions and 23 deletions
--- a/AltStore.xcodeproj/project.pbxproj
+++ b/AltStore.xcodeproj/project.pbxproj
@@ -388,7 +388,7 @@
 		D5DAE0962804DF430034D8D4 /* UpdatePatronsOperation.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5DAE0952804DF430034D8D4 /* UpdatePatronsOperation.swift */; };
 		D5DB145A28F9DC5A00A8F606 /* ALTLocalizedError.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5DB145828F9DC1000A8F606 /* ALTLocalizedError.swift */; };
 		D5DB145B28F9DC5C00A8F606 /* ALTLocalizedError.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5DB145828F9DC1000A8F606 /* ALTLocalizedError.swift */; };
-		D5E1E7C128077DE90016FC96 /* FetchTrustedSourcesOperation.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5E1E7C028077DE90016FC96 /* FetchTrustedSourcesOperation.swift */; };
+		D5E1E7C128077DE90016FC96 /* UpdateKnownSourcesOperation.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5E1E7C028077DE90016FC96 /* UpdateKnownSourcesOperation.swift */; };
 		D5E3FB9828FDFAD90034B72C /* NSError+AltStore.swift in Sources */ = {isa = PBXBuildFile; fileRef = BF6C336124197D700034FD24 /* NSError+AltStore.swift */; };
 		D5F2F6A92720B7C20081CCF5 /* PatchViewController.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5F2F6A82720B7C20081CCF5 /* PatchViewController.swift */; };
 		D5F48B4829CCF21B002B52A4 /* AltStore+Async.swift in Sources */ = {isa = PBXBuildFile; fileRef = D5F48B4729CCF21B002B52A4 /* AltStore+Async.swift */; };
@@ -949,7 +949,7 @@
 		D5DAE0932804B0B80034D8D4 /* ScreenshotProcessor.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ScreenshotProcessor.swift; sourceTree = "<group>"; };
 		D5DAE0952804DF430034D8D4 /* UpdatePatronsOperation.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = UpdatePatronsOperation.swift; sourceTree = "<group>"; };
 		D5DB145828F9DC1000A8F606 /* ALTLocalizedError.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = ALTLocalizedError.swift; sourceTree = "<group>"; };
-		D5E1E7C028077DE90016FC96 /* FetchTrustedSourcesOperation.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = FetchTrustedSourcesOperation.swift; sourceTree = "<group>"; };
+		D5E1E7C028077DE90016FC96 /* UpdateKnownSourcesOperation.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = UpdateKnownSourcesOperation.swift; sourceTree = "<group>"; };
 		D5F2F6A82720B7C20081CCF5 /* PatchViewController.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = PatchViewController.swift; sourceTree = "<group>"; };
 		D5F48B4729CCF21B002B52A4 /* AltStore+Async.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = "AltStore+Async.swift"; sourceTree = "<group>"; };
 		D5F48B4929CD0B67002B52A4 /* AsyncManaged.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AsyncManaged.swift; sourceTree = "<group>"; };
@@ -1853,7 +1853,7 @@
 				BFF00D312501BDA100746320 /* BackgroundRefreshAppsOperation.swift */,
 				D57F2C9026E0070200B9FA39 /* EnableJITOperation.swift */,
 				D5DAE0952804DF430034D8D4 /* UpdatePatronsOperation.swift */,
-				D5E1E7C028077DE90016FC96 /* FetchTrustedSourcesOperation.swift */,
+				D5E1E7C028077DE90016FC96 /* UpdateKnownSourcesOperation.swift */,
 				D5ACE84428E3B8450021CAB9 /* ClearAppCacheOperation.swift */,
 				BF7B44062725A4B8005288A4 /* Patch App */,
 			);
@@ -2721,7 +2721,7 @@
 				BFE6073A231ADF82002B0E8E /* SettingsViewController.swift in Sources */,
 				D57F2C9126E0070200B9FA39 /* EnableJITOperation.swift in Sources */,
 				BF8CAE4E248AEABA004D6CCE /* UIDevice+Jailbreak.swift in Sources */,
-				D5E1E7C128077DE90016FC96 /* FetchTrustedSourcesOperation.swift in Sources */,
+				D5E1E7C128077DE90016FC96 /* UpdateKnownSourcesOperation.swift in Sources */,
 				BFE338DF22F0EADB002E24B9 /* FetchSourceOperation.swift in Sources */,
 				D54DED1428CBC44B008B27A0 /* ErrorLogTableViewCell.swift in Sources */,
 				D5CD805F29CA755E00E591B0 /* SourceDetailViewController.swift in Sources */,
--- a/Apps/AppManager.swift
+++ b/Apps/AppManager.swift
@@ -498,13 +498,13 @@ extension AppManager
    }
    
    @discardableResult
-    func fetchTrustedSources(completionHandler: @escaping (Result<[FetchTrustedSourcesOperation.TrustedSource], Error>) -> Void) -> FetchTrustedSourcesOperation
+    func updateKnownSources(completionHandler: @escaping (Result<([UpdateKnownSourcesOperation.Source], [UpdateKnownSourcesOperation.Source]), Error>) -> Void) -> UpdateKnownSourcesOperation
    {
-        let fetchTrustedSourcesOperation = FetchTrustedSourcesOperation()
-        fetchTrustedSourcesOperation.resultHandler = completionHandler
-        self.run([fetchTrustedSourcesOperation], context: nil)
+        let updateKnownSourcesOperation = UpdateKnownSourcesOperation()
+        updateKnownSourcesOperation.resultHandler = completionHandler
+        self.run([updateKnownSourcesOperation], context: nil)
        
-        return fetchTrustedSourcesOperation
+        return updateKnownSourcesOperation
    }
    
    func updatePatronsIfNeeded()
--- a/AltStore/Operations/Errors/SourceError.swift
+++ b/AltStore/Operations/Errors/SourceError.swift
@@ -18,6 +18,7 @@ extension SourceError
        case duplicateBundleID
        case duplicateVersion
        
+        case blocked
        case changedID
        case duplicate
        
@@ -28,6 +29,7 @@ extension SourceError
    static func duplicateBundleID(_ bundleID: String, source: Source) -> SourceError { SourceError(code: .duplicateBundleID, source: source, bundleID: bundleID) }
    static func duplicateVersion(_ version: String, for app: StoreApp, source: Source) -> SourceError { SourceError(code: .duplicateVersion, source: source, app: app, version: version) }
    
+    static func blocked(_ source: Source) -> SourceError { SourceError(code: .blocked, source: source) }
    static func changedID(_ identifier: String, previousID: String, source: Source) -> SourceError { SourceError(code: .changedID, source: source, sourceID: identifier, previousSourceID: previousID) }
    static func duplicate(_ source: Source, previousSourceName: String?) -> SourceError { SourceError(code: .duplicate, source: source, previousSourceName: previousSourceName) }
    
@@ -85,6 +87,10 @@ struct SourceError: ALTLocalizedError
            let failureReason = String(format: NSLocalizedString("The source “%@” contains %@ for %@.", comment: ""), self.$source.name, versionFragment, appFragment)
            return failureReason
            
+        case .blocked:
+            let failureReason = String(format: NSLocalizedString("The source “%@” has been blocked by AltStore for security reasons.", comment: ""), self.$source.name)
+            return failureReason
+            
        case .changedID:
            let failureReason = String(format: NSLocalizedString("The identifier of the source “%@” has changed.", comment: ""), self.$source.name)
            return failureReason
@@ -111,6 +117,7 @@ struct SourceError: ALTLocalizedError
    var recoverySuggestion: String? {
        switch self.code
        {
+        case .blocked: return NSLocalizedString("For your protection, please remove the source and uninstall all apps downloaded from it.", comment: "")
        case .changedID: return NSLocalizedString("A source cannot change its identifier once added. This source can no longer be updated.", comment: "")
        case .duplicate:
            let failureReason = NSLocalizedString("Please remove the existing source in order to add this one.", comment: "")
--- a/AltStore/Operations/FetchSourceOperation.swift
+++ b/AltStore/Operations/FetchSourceOperation.swift
@@ -65,7 +65,7 @@ final class FetchSourceOperation: ResultOperation<Source>
            childContext.perform {
                do
                {
-                    let (data, _) = try Result((data, response), error).get()
+                    let (data, response) = try Result((data, response), error).get()
                    
                    let decoder = AltStoreCore.JSONDecoder()
                    decoder.dateDecodingStrategy = .custom({ (decoder) -> Date in
@@ -95,7 +95,7 @@ final class FetchSourceOperation: ResultOperation<Source>
                    let source = try decoder.decode(Source.self, from: data)
                    let identifier = source.identifier
                    
-                    try self.verify(source)
+                    try self.verify(source, response: response)
                    
                    try childContext.save()
                    
@@ -127,14 +127,23 @@ final class FetchSourceOperation: ResultOperation<Source>

 private extension FetchSourceOperation
 {
-    func verify(_ source: Source) throws
+    func verify(_ source: Source, response: URLResponse) throws
    {
-        #if !BETA
-        if let trustedSourceIDs = UserDefaults.shared.trustedSourceIDs
+        if let blockedSourceIDs = UserDefaults.shared.blockedSourceIDs
        {
-            guard trustedSourceIDs.contains(source.identifier) || source.identifier == Source.altStoreIdentifier else { throw SourceError(code: .unsupported, source: source) }
+            guard !blockedSourceIDs.contains(source.identifier) else { throw SourceError.blocked(source) }
+        }
+        
+        if let blockedSourceURLs = UserDefaults.shared.blockedSourceURLs
+        {
+            guard !blockedSourceURLs.contains(source.sourceURL) else { throw SourceError.blocked(source) }
+            
+            if let responseURL = response.url
+            {
+                // responseURL may differ from sourceURL (e.g. due to redirects), so double-check it's also not blocked.
+                guard !blockedSourceURLs.contains(responseURL) else { throw SourceError.blocked(source) }
+            }
        }
-        #endif
        
        var bundleIDs = Set<String>()
        for app in source.apps
--- a/AltStore/Operations/UpdateKnownSourcesOperation.swift
+++ b/AltStore/Operations/UpdateKnownSourcesOperation.swift
@@ -0,0 +1,79 @@
+//
+//  UpdateKnownSourcesOperation.swift
+//  AltStore
+//
+//  Created by Riley Testut on 4/13/22.
+//  Copyright © 2022 Riley Testut. All rights reserved.
+//
+
+import Foundation
+
+private extension URL
+{
+    #if STAGING
+    static let sources = URL(string: "https://f000.backblazeb2.com/file/altstore-staging/altstore/sources.json")!
+    #else
+    static let sources = URL(string: "https://cdn.altstore.io/file/altstore/altstore/sources.json")!
+    #endif
+}
+
+extension UpdateKnownSourcesOperation
+{
+    struct Source: Decodable
+    {
+        var identifier: String
+        var sourceURL: URL?
+    }
+    
+    private struct Response: Decodable
+    {
+        var version: Int
+        
+        var trusted: [Source]
+        var blocked: [Source]?
+    }
+}
+
+class UpdateKnownSourcesOperation: ResultOperation<([UpdateKnownSourcesOperation.Source], [UpdateKnownSourcesOperation.Source])>
+{
+    override func main()
+    {
+        super.main()
+        
+        let dataTask = URLSession.shared.dataTask(with: .sources) { (data, response, error) in
+            do
+            {
+                if let response = response as? HTTPURLResponse
+                {
+                    guard response.statusCode != 404 else {
+                        self.finish(.failure(URLError(.fileDoesNotExist, userInfo: [NSURLErrorKey: URL.sources])))
+                        return
+                    }
+                }
+                
+                guard let data = data else { throw error! }
+                
+                let response = try Foundation.JSONDecoder().decode(Response.self, from: data)
+                let sources = (trusted: response.trusted, blocked: response.blocked ?? [])
+                
+                // Cache trusted sources
+                let trustedSourceIDs = Set(sources.trusted.map { $0.identifier })
+                UserDefaults.shared.trustedSourceIDs = trustedSourceIDs
+                
+                // Cache blocked sources
+                let blockedSourceIDs = Set(sources.blocked.map { $0.identifier })
+                let blockedSourceURLs = Set(sources.blocked.compactMap { $0.sourceURL })
+                UserDefaults.shared.blockedSourceIDs = blockedSourceIDs
+                UserDefaults.shared.blockedSourceURLs = blockedSourceURLs
+                
+                self.finish(.success(sources))
+            }
+            catch
+            {
+                self.finish(.failure(error))
+            }
+        }
+        
+        dataTask.resume()
+    }
+}
--- a/AltStore/Sources/SourcesViewController.swift
+++ b/AltStore/Sources/SourcesViewController.swift
@@ -62,7 +62,7 @@ final class SourcesViewController: UICollectionViewController
    private lazy var addedSourcesDataSource = self.makeAddedSourcesDataSource()
    private lazy var trustedSourcesDataSource = self.makeTrustedSourcesDataSource()
    
-    private var fetchTrustedSourcesOperation: FetchTrustedSourcesOperation?
+    private var fetchTrustedSourcesOperation: UpdateKnownSourcesOperation?
    private var fetchTrustedSourcesResult: Result<Void, Error>?
    private var _fetchTrustedSourcesContext: NSManagedObjectContext?
        
@@ -271,7 +271,6 @@ private extension SourcesViewController
            }
        }
        
-        //TODO: Remove this now that trusted sources aren't necessary.
        var dependencies: [Foundation.Operation] = []
        if let fetchTrustedSourcesOperation = self.fetchTrustedSourcesOperation
        {
@@ -361,14 +360,11 @@ private extension SourcesViewController
            }
        }
        
-        self.fetchTrustedSourcesOperation = AppManager.shared.fetchTrustedSources { result in
+        self.fetchTrustedSourcesOperation = AppManager.shared.updateKnownSources { result in
            switch result
            {
            case .failure(let error): finish(.failure(error))
-            case .success(let trustedSources):
-                // Cache trusted source IDs.
-                UserDefaults.shared.trustedSourceIDs = trustedSources.map { $0.identifier }
-                
+            case .success((let trustedSources, _)):
                // Don't show sources without a sourceURL.
                let featuredSourceURLs = trustedSources.compactMap { $0.sourceURL }
                
--- a/AltStoreCore/Extensions/UserDefaults+AltStore.swift
+++ b/AltStoreCore/Extensions/UserDefaults+AltStore.swift
@@ -118,3 +118,40 @@ public extension UserDefaults
        }
    }
 }
+
+public extension UserDefaults
+{
+    // Cache trustedSourceIDs just in case we need to check whether source is trusted or not.
+    @nonobjc var trustedSourceIDs: Set<String>? {
+        get {
+            guard let sourceIDs = _trustedSourceIDs else { return nil }
+            return Set(sourceIDs)
+        }
+        set {
+            _trustedSourceIDs = newValue?.map { $0 }
+        }
+    }
+    @NSManaged @objc(trustedSourceIDs) private var _trustedSourceIDs: [String]?
+    
+    @nonobjc var blockedSourceIDs: Set<String>? {
+        get {
+            guard let sourceIDs = _blockedSourceIDs else { return nil }
+            return Set(sourceIDs)
+        }
+        set {
+            _blockedSourceIDs = newValue?.map { $0 }
+        }
+    }
+    @NSManaged @objc(blockedSourceIDs) private var _blockedSourceIDs: [String]?
+    
+    @nonobjc var blockedSourceURLs: Set<URL>? {
+        get {
+            guard let sourceURLs = _blockedSourceURLs?.compactMap({ URL(string: $0) }) else { return nil }
+            return Set(sourceURLs)
+        }
+        set {
+            _blockedSourceURLs = newValue?.map { $0.absoluteString }
+        }
+    }
+    @NSManaged @objc(blockedSourceURLs) private var _blockedSourceURLs: [String]?
+}