backups: Validate username uniqueness

Co-authored-by: Jordan Rose <[email protected]>

Author: andrew-signal

RELEASE_NOTES.md

@@ -1,3 +1,4 @@
 v0.86.2
 
 - backups: Include more account fields into the exported JSON
+- backups: Throw validator errors if multiple contacts have the same username (a case-insensitive check)

rust/message-backup/src/backup.rs

@@ -190,6 +190,8 @@ pub enum CompletionError {
     MissingSelfRecipient,
     /// {0:?} and {1:?} have the same phone number
     DuplicateContactE164(RecipientId, RecipientId),
+    /// {0:?} and {1:?} have the same username
+    DuplicateContactUsername(RecipientId, RecipientId),
     /// {0:?} and {1:?} have the same ACI
     DuplicateContactAci(RecipientId, RecipientId),
     /// {0:?} and {1:?} have the same PNI
@@ -321,18 +323,23 @@ impl<M: Method + ReferencedTypes> CompletedBackup<M> {
                     * std::mem::size_of::<(Aci, RecipientId)>()
                 + HIGH_BUT_REASONABLE_NUMBER_OF_CONTACTS
                     * std::mem::size_of::<(Pni, RecipientId)>()
+                + HIGH_BUT_REASONABLE_NUMBER_OF_CONTACTS
+                    * std::mem::size_of::<(&str, RecipientId)>()
                 + HIGH_BUT_REASONABLE_NUMBER_OF_GROUPS
                     * std::mem::size_of::<(zkgroup::GroupMasterKeyBytes, RecipientId)>()
                 + HIGH_BUT_REASONABLE_NUMBER_OF_DISTRIBUTION_LISTS
                     * std::mem::size_of::<(uuid::Uuid, RecipientId)>()
                 + HIGH_BUT_REASONABLE_NUMBER_OF_CALL_LINKS
                     * std::mem::size_of::<(call::CallLinkRootKey, RecipientId)>()
-                < 250_000,
+                < 350_000,
         );
 
         let mut e164s = IntMap::<u64, RecipientId>::with_capacity(
             recipients.len().min(HIGH_BUT_REASONABLE_NUMBER_OF_CONTACTS),
         );
+        let mut usernames = HashMap::<&str, RecipientId>::with_capacity(
+            recipients.len().min(HIGH_BUT_REASONABLE_NUMBER_OF_CONTACTS),
+        );
         let mut acis = AssumedRandomInputHasher::map_with_capacity::<Aci, RecipientId>(
             recipients.len().min(HIGH_BUT_REASONABLE_NUMBER_OF_CONTACTS),
         );
@@ -365,7 +372,19 @@ impl<M: Method + ReferencedTypes> CompletedBackup<M> {
 
         for (id, recipient) in recipients.iter() {
             match recipient.as_ref() {
-                MinimalRecipientData::Contact { e164, aci, pni } => {
+                MinimalRecipientData::Contact {
+                    e164,
+                    aci,
+                    pni,
+                    username,
+                } => {
+                    insert_or_error(
+                        &mut usernames,
+                        username.as_deref(),
+                        id,
+                        CompletionError::DuplicateContactUsername,
+                    )?;
+
                     // We can't use insert_or_throw_error for `e164s` because it's an IntMap.
                     // Here's an inlined copy:
                     if let Some(e164) = *e164 {
@@ -1279,6 +1298,9 @@ mod test {
             (CompletionError::DuplicateContactE164, |x| {
                 x.e164 = Some(proto::Contact::TEST_E164.into());
             }),
+            (CompletionError::DuplicateContactUsername, |x| {
+                x.username = Some("duplicate.1234".to_owned());
+            }),
         ]
     )]
     fn duplicate_contact_id<M: Method + ReferencedTypes>(

rust/message-backup/src/backup/call.rs

@@ -247,6 +247,7 @@ impl<C: LookupPair<RecipientId, MinimalRecipientData, R> + ReportUnusualTimestam
                         aci: None,
                         e164: _,
                         pni: _,
+                        username: _,
                     } => Err(CallError::CallStarterHasNoAci(id)),
                     MinimalRecipientData::Contact { .. } | MinimalRecipientData::Self_ => {
                         Ok(starter.clone())
@@ -272,6 +273,7 @@ impl<C: LookupPair<RecipientId, MinimalRecipientData, R> + ReportUnusualTimestam
                         aci: None,
                         e164: _,
                         pni: _,
+                        username: _,
                     } => Err(CallError::RingerHasNoAci(id)),
                     MinimalRecipientData::Contact { .. } | MinimalRecipientData::Self_ => {
                         Ok(ringer.clone())
@@ -518,13 +520,15 @@ pub(crate) mod test {
                     proto::Contact::TEST_ACI,
                 )),
                 pni: None,
+                username: None,
             };
             static PNI_RECIPIENT: MinimalRecipientData = MinimalRecipientData::Contact {
                 e164: Some(proto::Contact::TEST_E164),
                 aci: None,
                 pni: Some(libsignal_core::Pni::from_uuid_bytes(
                     proto::Contact::TEST_PNI,
                 )),
+                username: None,
             };
             match key {
                 RecipientId(proto::Recipient::TEST_ID) => Some((&CONTACT_RECIPIENT, key)),

rust/message-backup/src/backup/chat.rs

@@ -605,6 +605,7 @@ impl<
                     e164: None,
                     aci: None,
                     pni: _,
+                    username: _,
                 },
                 Direction::Incoming { .. },
             ) => Err(ChatItemError::IncomingMessageFromContactWithoutAciOrE164(

rust/message-backup/src/backup/chat/quote.rs

@@ -88,10 +88,20 @@ impl<R: Clone, C: LookupPair<RecipientId, MinimalRecipientData, R> + ReportUnusu
             return Err(QuoteError::AuthorNotFound(author_id));
         };
         let author = match author_data {
-            MinimalRecipientData::Contact { e164: None, aci: None, pni: _ } => {
+            MinimalRecipientData::Contact {
+                e164: None,
+                aci: None,
+                pni: _,
+                username: _,
+            } => {
                 Err(QuoteError::AuthorHasNoAciOrE164(author_id))
             }
-            MinimalRecipientData::Contact { e164: _, aci: _, pni: _ } => {
+            MinimalRecipientData::Contact {
+                e164: _,
+                aci: _,
+                pni: _,
+                username: _,
+            } => {
                 Ok(author.clone())
             }
             MinimalRecipientData::Self_

rust/message-backup/src/backup/chat/reactions.rs

@@ -81,11 +81,13 @@ impl<R: Clone, C: LookupPair<RecipientId, MinimalRecipientData, R> + ReportUnusu
                 e164: None,
                 aci: None,
                 pni: _,
+                username: _,
             } => Err(ReactionError::AuthorHasNoAciOrE164(author_id)),
             MinimalRecipientData::Contact {
                 e164: _,
                 aci: _,
                 pni: _,
+                username: _,
             }
             | MinimalRecipientData::Self_ => Ok(author.clone()),
             MinimalRecipientData::Group { .. }

rust/message-backup/src/backup/recipient.rs

@@ -103,6 +103,7 @@ pub enum MinimalRecipientData {
         e164: Option<E164>,
         aci: Option<Aci>,
         pni: Option<Pni>,
+        username: Option<String>,
     },
     Group {
         master_key: zkgroup::GroupMasterKeyBytes,
@@ -388,9 +389,18 @@ impl std::ops::Deref for FullRecipientData {
 impl<R> From<Destination<R>> for MinimalRecipientData {
     fn from(value: Destination<R>) -> Self {
         match value {
-            Destination::Contact(ContactData { aci, pni, e164, .. }) => {
-                Self::Contact { e164, aci, pni }
-            }
+            Destination::Contact(ContactData {
+                aci,
+                pni,
+                username,
+                e164,
+                ..
+            }) => Self::Contact {
+                e164,
+                aci,
+                pni,
+                username,
+            },
             Destination::Group(GroupData { master_key, .. }) => Self::Group { master_key },
             Destination::DistributionList(
                 DistributionListItem::Deleted {
@@ -541,7 +551,14 @@ impl<C: ReportUnusualTimestamp> TryIntoWith<ContactData, C> for proto::Contact {
             .map(|username| {
                 usernames::Username::new(&username)
                     .map_err(|_| RecipientError::InvalidContactUsername)
-                    .map(|_| username)
+                    .map(|_| {
+                        // NB: There's a little bit of spooky at a distance here.
+                        // By storing the username in a cannonical lowercase format as soon as
+                        // we pull it in from the proto, we ensure that if this backup has multiple
+                        // usernames that are the same despite the capitalization, they will be
+                        // caught by the de-duplication check in the CompletedBackup::try_from.
+                        username.to_ascii_lowercase()
+                    })
             })
             .transpose()?;
 
@@ -713,6 +730,7 @@ impl<R: Clone, C: LookupPair<RecipientId, MinimalRecipientData, R> + ReportUnusu
                                     aci: None,
                                     pni: None,
                                     e164: _,
+                                    username: _,
                                 } => Err(RecipientError::DistributionListMemberHasNoServiceIds(id)),
                                 MinimalRecipientData::Contact { .. } => {
                                     Ok(recipient_reference.clone())