Merge pull request #1774 from gotd/feat/mtproto-tdesktop-mimic

feat(telegram): make MTProto usage indistinguishable from Telegram Desktop

fix(telegram): use permanent key only for CDN connections (#1772)

CDN datacenters reject auth.bindTempAuthKey with CDN_METHOD_INVALID, so a
CDN connection must authenticate with a permanent key only. With PFS enabled
globally, CDN pools inherited EnablePFS and attempted the temp-key bind,
tearing down the connection and breaking requests routed to a CDN DC
(notably downloads following upload.fileCdnRedirect). Disable PFS for the
CDN pool only; the primary and data connections keep PFS. Mirrors the
official clients (tdlib get_pfs_flag = use_pfs && !is_cdn; android
usePermKey = isCdnDatacenter || ...).

Merge pull request #1769 from gotd/feat/update-schema

Update Telegram schema to the latest layer

Merge pull request #1766 from gotd/feat/rich-messages

feat(message): add rich message builder and parsers

Merge pull request #1756 from gotd/dependabot/go_modules/golang-326ae…

…5767f

chore(deps): bump golang.org/x/net from 0.55.0 to 0.56.0 in the golang group

feat(updates): force getDifference for updates referencing peers with…

… unknown access hash (#1738)

* feat(updates): force getDifference for updates referencing peers with unknown access hash

When an incoming update references a user whose full access hash the manager has
not seen, it was applied directly and the access hash was never recorded, so a
later RPC that needs that peer (e.g. replying to the sender) failed with
UNRESOLVABLE_TARGET / PEER_ID_INVALID. This happens for:

  - updateShortMessage / updateShortChatMessage (no users[] at all);
  - a regular updateNewMessage / updateEditMessage inside updates / updatesCombined
    / updateShort whose sender is absent (or only min) in the envelope users[].

This is the case the existing TODO in telegram/peers/apply.go anticipates
("call some hook to get actual user if got min (e.g. force gaps to getDifference)").

Mirror the official clients (TDLib is_acceptable_update, Telegram-Android
needGetDiff): before applying a message-bearing update, check that every
referenced user peer is known; if not, run updates.getDifference, which returns
the message together with the full users[], then apply.

Known users are tracked via a new optional UserAccessHasher (Config field,
in-memory default), mirroring the existing ChannelAccessHasher. It is fed
min-aware from the authoritative users[] of updates/updatesCombined and of
getDifference results: a min user or a zero access hash does not count as known
(per /api/min). Recovered senders are recorded before dispatch, so a recovered
peer never re-triggers getDifference.

Channel message updates are intentionally excluded: min senders are routine in
megagroups, so a global getDifference per such message would be excessive — the
channel difference machinery owns that path (matching TDLib, which uses
updateChannelTooLong there).

* test(updates): cover unknown-peer getDifference helpers

Add unit coverage for the helpers introduced with the unknown-peer
getDifference recovery: messageUserIDs / messageUpdatesPeersKnown (peer,
sender, forward, saved-from, via_bot, mention extraction; non-message and
non-*tg.Message bodies ignored), saveUserHashes (min / zero-hash /
already-known / wrong-type skips) and the userPeersKnown selfID branch.