Supports blocking third-party sources

Blocked sources cannot be added by new users, or updated for existing users.
2026-02-09 06:43:25 +01:00 · 2023-05-15 16:25:25 -05:00
parent b9dd6432a1
commit 254a9773ec
7 changed files with 151 additions and 23 deletions
--- a/AltStore/Operations/Errors/SourceError.swift
+++ b/AltStore/Operations/Errors/SourceError.swift
@@ -18,6 +18,7 @@ extension SourceError
        case duplicateBundleID
        case duplicateVersion
        
+        case blocked
        case changedID
        case duplicate
        
@@ -28,6 +29,7 @@ extension SourceError
    static func duplicateBundleID(_ bundleID: String, source: Source) -> SourceError { SourceError(code: .duplicateBundleID, source: source, bundleID: bundleID) }
    static func duplicateVersion(_ version: String, for app: StoreApp, source: Source) -> SourceError { SourceError(code: .duplicateVersion, source: source, app: app, version: version) }
    
+    static func blocked(_ source: Source) -> SourceError { SourceError(code: .blocked, source: source) }
    static func changedID(_ identifier: String, previousID: String, source: Source) -> SourceError { SourceError(code: .changedID, source: source, sourceID: identifier, previousSourceID: previousID) }
    static func duplicate(_ source: Source, previousSourceName: String?) -> SourceError { SourceError(code: .duplicate, source: source, previousSourceName: previousSourceName) }
    
@@ -85,6 +87,10 @@ struct SourceError: ALTLocalizedError
            let failureReason = String(format: NSLocalizedString("The source “%@” contains %@ for %@.", comment: ""), self.$source.name, versionFragment, appFragment)
            return failureReason
            
+        case .blocked:
+            let failureReason = String(format: NSLocalizedString("The source “%@” has been blocked by AltStore for security reasons.", comment: ""), self.$source.name)
+            return failureReason
+            
        case .changedID:
            let failureReason = String(format: NSLocalizedString("The identifier of the source “%@” has changed.", comment: ""), self.$source.name)
            return failureReason
@@ -111,6 +117,7 @@ struct SourceError: ALTLocalizedError
    var recoverySuggestion: String? {
        switch self.code
        {
+        case .blocked: return NSLocalizedString("For your protection, please remove the source and uninstall all apps downloaded from it.", comment: "")
        case .changedID: return NSLocalizedString("A source cannot change its identifier once added. This source can no longer be updated.", comment: "")
        case .duplicate:
            let failureReason = NSLocalizedString("Please remove the existing source in order to add this one.", comment: "")
--- a/AltStore/Operations/FetchSourceOperation.swift
+++ b/AltStore/Operations/FetchSourceOperation.swift
@@ -65,7 +65,7 @@ final class FetchSourceOperation: ResultOperation<Source>
            childContext.perform {
                do
                {
-                    let (data, _) = try Result((data, response), error).get()
+                    let (data, response) = try Result((data, response), error).get()
                    
                    let decoder = AltStoreCore.JSONDecoder()
                    decoder.dateDecodingStrategy = .custom({ (decoder) -> Date in
@@ -95,7 +95,7 @@ final class FetchSourceOperation: ResultOperation<Source>
                    let source = try decoder.decode(Source.self, from: data)
                    let identifier = source.identifier
                    
-                    try self.verify(source)
+                    try self.verify(source, response: response)
                    
                    try childContext.save()
                    
@@ -127,14 +127,23 @@ final class FetchSourceOperation: ResultOperation<Source>

 private extension FetchSourceOperation
 {
-    func verify(_ source: Source) throws
+    func verify(_ source: Source, response: URLResponse) throws
    {
-        #if !BETA
-        if let trustedSourceIDs = UserDefaults.shared.trustedSourceIDs
+        if let blockedSourceIDs = UserDefaults.shared.blockedSourceIDs
        {
-            guard trustedSourceIDs.contains(source.identifier) || source.identifier == Source.altStoreIdentifier else { throw SourceError(code: .unsupported, source: source) }
+            guard !blockedSourceIDs.contains(source.identifier) else { throw SourceError.blocked(source) }
+        }
+        
+        if let blockedSourceURLs = UserDefaults.shared.blockedSourceURLs
+        {
+            guard !blockedSourceURLs.contains(source.sourceURL) else { throw SourceError.blocked(source) }
+            
+            if let responseURL = response.url
+            {
+                // responseURL may differ from sourceURL (e.g. due to redirects), so double-check it's also not blocked.
+                guard !blockedSourceURLs.contains(responseURL) else { throw SourceError.blocked(source) }
+            }
        }
-        #endif
        
        var bundleIDs = Set<String>()
        for app in source.apps
--- a/AltStore/Operations/UpdateKnownSourcesOperation.swift
+++ b/AltStore/Operations/UpdateKnownSourcesOperation.swift
@@ -0,0 +1,79 @@
+//
+//  UpdateKnownSourcesOperation.swift
+//  AltStore
+//
+//  Created by Riley Testut on 4/13/22.
+//  Copyright © 2022 Riley Testut. All rights reserved.
+//
+
+import Foundation
+
+private extension URL
+{
+    #if STAGING
+    static let sources = URL(string: "https://f000.backblazeb2.com/file/altstore-staging/altstore/sources.json")!
+    #else
+    static let sources = URL(string: "https://cdn.altstore.io/file/altstore/altstore/sources.json")!
+    #endif
+}
+
+extension UpdateKnownSourcesOperation
+{
+    struct Source: Decodable
+    {
+        var identifier: String
+        var sourceURL: URL?
+    }
+    
+    private struct Response: Decodable
+    {
+        var version: Int
+        
+        var trusted: [Source]
+        var blocked: [Source]?
+    }
+}
+
+class UpdateKnownSourcesOperation: ResultOperation<([UpdateKnownSourcesOperation.Source], [UpdateKnownSourcesOperation.Source])>
+{
+    override func main()
+    {
+        super.main()
+        
+        let dataTask = URLSession.shared.dataTask(with: .sources) { (data, response, error) in
+            do
+            {
+                if let response = response as? HTTPURLResponse
+                {
+                    guard response.statusCode != 404 else {
+                        self.finish(.failure(URLError(.fileDoesNotExist, userInfo: [NSURLErrorKey: URL.sources])))
+                        return
+                    }
+                }
+                
+                guard let data = data else { throw error! }
+                
+                let response = try Foundation.JSONDecoder().decode(Response.self, from: data)
+                let sources = (trusted: response.trusted, blocked: response.blocked ?? [])
+                
+                // Cache trusted sources
+                let trustedSourceIDs = Set(sources.trusted.map { $0.identifier })
+                UserDefaults.shared.trustedSourceIDs = trustedSourceIDs
+                
+                // Cache blocked sources
+                let blockedSourceIDs = Set(sources.blocked.map { $0.identifier })
+                let blockedSourceURLs = Set(sources.blocked.compactMap { $0.sourceURL })
+                UserDefaults.shared.blockedSourceIDs = blockedSourceIDs
+                UserDefaults.shared.blockedSourceURLs = blockedSourceURLs
+                
+                self.finish(.success(sources))
+            }
+            catch
+            {
+                self.finish(.failure(error))
+            }
+        }
+        
+        dataTask.resume()
+    }
+}