commit 2c4b103cfef5eafe276713478abf8bd1db057730 Author: Matthew Finkel Matthew.Finkel@gmail.com Date: Thu Oct 25 19:17:09 2018 +0000
Bug 28125 - Prevent non-Necko network connections --- .../base/java/org/mozilla/gecko/CrashReporter.java | 5 ++ .../base/java/org/mozilla/gecko/SuggestClient.java | 5 ++ .../homepanel/topstories/PocketStoriesLoader.java | 5 ++ .../mozilla/gecko/distribution/Distribution.java | 5 ++ .../java/org/mozilla/gecko/dlc/BaseAction.java | 6 ++ .../java/org/mozilla/gecko/home/ImageLoader.java | 7 ++ .../mozilla/gecko/icons/loader/IconDownloader.java | 11 +++ .../mozilla/gecko/search/SearchEngineManager.java | 5 ++ .../org/mozilla/gecko/switchboard/SwitchBoard.java | 6 ++ .../org/mozilla/gecko/updater/UpdateService.java | 11 +++ .../gecko/media/GeckoMediaDrmBridgeV21.java | 77 +++++++++++--------- .../exoplayer2/upstream/DefaultHttpDataSource.java | 85 ++++++++++++---------- .../service/utils/AbstractCommunicator.java | 5 ++ 13 files changed, 157 insertions(+), 76 deletions(-)
diff --git a/mobile/android/base/java/org/mozilla/gecko/CrashReporter.java b/mobile/android/base/java/org/mozilla/gecko/CrashReporter.java index f1305cfc5398..618278773c38 100644 --- a/mobile/android/base/java/org/mozilla/gecko/CrashReporter.java +++ b/mobile/android/base/java/org/mozilla/gecko/CrashReporter.java @@ -472,6 +472,11 @@ public class CrashReporter extends AppCompatActivity }
private void sendReport(File minidumpFile, Map<String, String> extras, File extrasFile) { + if (AppConstants.isTorBrowser()) { + Log.i(LOGTAG, "sendReport: This is Tor Browser. Skipping."); + return; + } + Log.i(LOGTAG, "sendReport: " + minidumpFile.getPath()); final CheckBox includeURLCheckbox = (CheckBox) findViewById(R.id.include_url);
diff --git a/mobile/android/base/java/org/mozilla/gecko/SuggestClient.java b/mobile/android/base/java/org/mozilla/gecko/SuggestClient.java index 0ebffeccdf21..137e53cc5c03 100644 --- a/mobile/android/base/java/org/mozilla/gecko/SuggestClient.java +++ b/mobile/android/base/java/org/mozilla/gecko/SuggestClient.java @@ -72,6 +72,11 @@ public class SuggestClient { return mPrevResults;
ArrayList<String> suggestions = new ArrayList<String>(); + if (AppConstants.isTorBrowser()) { + Log.i(LOGTAG, "This is Tor Browser. Skipping."); + return suggestions; + } + if (TextUtils.isEmpty(mSuggestTemplate) || TextUtils.isEmpty(query)) { return suggestions; } diff --git a/mobile/android/base/java/org/mozilla/gecko/activitystream/homepanel/topstories/PocketStoriesLoader.java b/mobile/android/base/java/org/mozilla/gecko/activitystream/homepanel/topstories/PocketStoriesLoader.java index 7ebead4cfa3f..516c13610047 100644 --- a/mobile/android/base/java/org/mozilla/gecko/activitystream/homepanel/topstories/PocketStoriesLoader.java +++ b/mobile/android/base/java/org/mozilla/gecko/activitystream/homepanel/topstories/PocketStoriesLoader.java @@ -124,6 +124,11 @@ public class PocketStoriesLoader extends AsyncTaskLoader<List<TopStory>> { }
protected String makeAPIRequestWithKey(final String apiKey) { + if (AppConstants.isTorBrowser()) { + Log.i(LOGTAG, "This is Tor Browser. Skipping."); + return null; + } + HttpURLConnection connection = null;
final Uri uri = Uri.parse(GLOBAL_ENDPOINT) diff --git a/mobile/android/base/java/org/mozilla/gecko/distribution/Distribution.java b/mobile/android/base/java/org/mozilla/gecko/distribution/Distribution.java index 7b93eb568acc..ea9534bfd741 100644 --- a/mobile/android/base/java/org/mozilla/gecko/distribution/Distribution.java +++ b/mobile/android/base/java/org/mozilla/gecko/distribution/Distribution.java @@ -534,6 +534,11 @@ public class Distribution { return false; }
+ if (AppConstants.isTorBrowser()) { + Log.i(LOGTAG, "This is Tor Browser. Skipping."); + return false; + } + URI uri = getReferredDistribution(referrer); if (uri == null) { return false; diff --git a/mobile/android/base/java/org/mozilla/gecko/dlc/BaseAction.java b/mobile/android/base/java/org/mozilla/gecko/dlc/BaseAction.java index 5b1e0004fef1..56cfde26160c 100644 --- a/mobile/android/base/java/org/mozilla/gecko/dlc/BaseAction.java +++ b/mobile/android/base/java/org/mozilla/gecko/dlc/BaseAction.java @@ -151,6 +151,12 @@ public abstract class BaseAction { protected HttpURLConnection buildHttpURLConnection(String url) throws UnrecoverableDownloadContentException, IOException { try { + if (AppConstants.isTorBrowser()) { + String erdcl = "This is Tor Browser. Downloading is disabled for: " + url; + Log.i(LOGTAG, "This is Tor Browser. Skipping."); + throw new UnrecoverableDownloadContentException(erdcl); + } + System.setProperty("http.keepAlive", "true");
HttpURLConnection connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(new URI(url)); diff --git a/mobile/android/base/java/org/mozilla/gecko/home/ImageLoader.java b/mobile/android/base/java/org/mozilla/gecko/home/ImageLoader.java index cbbe7babbba4..b6ea0249445c 100644 --- a/mobile/android/base/java/org/mozilla/gecko/home/ImageLoader.java +++ b/mobile/android/base/java/org/mozilla/gecko/home/ImageLoader.java @@ -15,6 +15,7 @@ import com.squareup.picasso.Picasso; import com.squareup.picasso.Downloader.Response; import com.squareup.picasso.UrlConnectionDownloader;
+import org.mozilla.gecko.AppConstants; import org.mozilla.gecko.util.ProxySelector;
import java.io.File; @@ -91,6 +92,12 @@ public class ImageLoader {
@Override protected HttpURLConnection openConnection(Uri path) throws IOException { + if (AppConstants.isTorBrowser()) { + String err = "This is Tor Browser. Downloading is disabled for: " + path.toString(); + Log.i(LOGTAG, "This is Tor Browser. Skipping."); + throw new IOException(err); + } + try { // This is annoying, but |path| is an android.net.Uri and // openConnectionWithProxy() accepts a java.net.URI diff --git a/mobile/android/base/java/org/mozilla/gecko/icons/loader/IconDownloader.java b/mobile/android/base/java/org/mozilla/gecko/icons/loader/IconDownloader.java index 4a03d440556d..84eb7736e94e 100644 --- a/mobile/android/base/java/org/mozilla/gecko/icons/loader/IconDownloader.java +++ b/mobile/android/base/java/org/mozilla/gecko/icons/loader/IconDownloader.java @@ -12,6 +12,7 @@ import android.support.annotation.Nullable; import android.support.annotation.VisibleForTesting; import android.util.Log;
+import org.mozilla.gecko.AppConstants; import org.mozilla.gecko.GeckoApplication; import org.mozilla.gecko.icons.decoders.FaviconDecoder; import org.mozilla.gecko.icons.decoders.LoadFaviconResult; @@ -132,6 +133,11 @@ public class IconDownloader implements IconLoader { return null; }
+ if (AppConstants.isTorBrowser()) { + Log.i(LOGTAG, "This is Tor Browser. Skipping."); + return null; + } + HttpURLConnection connection = null;
try { @@ -183,6 +189,11 @@ public class IconDownloader implements IconLoader { @VisibleForTesting @NonNull HttpURLConnection connectTo(String uri) throws URISyntaxException, IOException { + if (AppConstants.isTorBrowser()) { + Log.i(LOGTAG, "This is Tor Browser. Skipping."); + throw new IOException(); + } + final HttpURLConnection connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy( new URI(uri));
diff --git a/mobile/android/base/java/org/mozilla/gecko/search/SearchEngineManager.java b/mobile/android/base/java/org/mozilla/gecko/search/SearchEngineManager.java index 1004b7b25ef1..df9b6d67b467 100644 --- a/mobile/android/base/java/org/mozilla/gecko/search/SearchEngineManager.java +++ b/mobile/android/base/java/org/mozilla/gecko/search/SearchEngineManager.java @@ -379,6 +379,11 @@ public class SearchEngineManager implements SharedPreferences.OnSharedPreference * @return String containing the country code */ private String fetchCountryCode() { + if (AppConstants.isTorBrowser()) { + Log.i(LOG_TAG, "This is Tor Browser. Skipping."); + return null; + } + // First, we look to see if we have a cached code. final String region = GeckoSharedPrefs.forApp(context).getString(PREF_REGION_KEY, null); if (region != null) { diff --git a/mobile/android/base/java/org/mozilla/gecko/switchboard/SwitchBoard.java b/mobile/android/base/java/org/mozilla/gecko/switchboard/SwitchBoard.java index d78663060f99..e32b50ebadb5 100644 --- a/mobile/android/base/java/org/mozilla/gecko/switchboard/SwitchBoard.java +++ b/mobile/android/base/java/org/mozilla/gecko/switchboard/SwitchBoard.java @@ -409,6 +409,12 @@ public class SwitchBoard { HttpURLConnection connection = null; InputStreamReader inputStreamReader = null; BufferedReader bufferReader = null; + + if (AppConstants.isTorBrowser()) { + Log.i(TAG, "This is Tor Browser. Skipping."); + return null; + } + try { connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(url.toURI()); connection.setRequestProperty("User-Agent", HardwareUtils.isTablet() ? diff --git a/mobile/android/base/java/org/mozilla/gecko/updater/UpdateService.java b/mobile/android/base/java/org/mozilla/gecko/updater/UpdateService.java index 0598105fe108..71e1097711d9 100644 --- a/mobile/android/base/java/org/mozilla/gecko/updater/UpdateService.java +++ b/mobile/android/base/java/org/mozilla/gecko/updater/UpdateService.java @@ -379,6 +379,11 @@ public class UpdateService extends IntentService { try { URI uri = getUpdateURI(force);
+ if (AppConstants.isTorBrowser()) { + Log.i(LOGTAG, "This is Tor Browser. Skipping."); + return null; + } + if (uri == null) { Log.e(LOGTAG, "failed to get update URI"); return null; @@ -527,6 +532,12 @@ public class UpdateService extends IntentService {
private File downloadUpdatePackage(UpdateInfo info, boolean overwriteExisting) { URL url = null; + + if (AppConstants.isTorBrowser()) { + Log.i(LOGTAG, "This is Tor Browser. Skipping."); + return null; + } + try { url = info.uri.toURL(); } catch (java.net.MalformedURLException e) { diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java index d0973f3dcc17..39d10615d35c 100644 --- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java +++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java @@ -473,43 +473,48 @@ public class GeckoMediaDrmBridgeV21 implements GeckoMediaDrm {
@Override protected Void doInBackground(Void... params) { - try { - URI finalURI = new URI(mURL + "&signedRequest=" + URLEncoder.encode(new String(mDrmRequest), "UTF-8")); - HttpURLConnection urlConnection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(finalURI); - urlConnection.setRequestMethod("POST"); - if (DEBUG) Log.d(LOGTAG, "Provisioning, posting url =" + finalURI.toString()); - - // Add data - urlConnection.setRequestProperty("Accept", "*/*"); - urlConnection.setRequestProperty("User-Agent", getCDMUserAgent()); - urlConnection.setRequestProperty("Content-Type", "application/json"); - - // Execute HTTP Post Request - urlConnection.connect(); - - int responseCode = urlConnection.getResponseCode(); - if (responseCode == HttpURLConnection.HTTP_OK) { - BufferedReader in = - new BufferedReader(new InputStreamReader(urlConnection.getInputStream(), StringUtils.UTF_8)); - String inputLine; - StringBuffer response = new StringBuffer(); - - while ((inputLine = in.readLine()) != null) { - response.append(inputLine); - } - in.close(); - mResponseBody = String.valueOf(response).getBytes(StringUtils.UTF_8); - if (DEBUG) Log.d(LOGTAG, "Provisioning, response received."); - if (mResponseBody != null) Log.d(LOGTAG, "response length=" + mResponseBody.length); - } else { - Log.d(LOGTAG, "Provisioning, server returned HTTP error code :" + responseCode); - } - } catch (IOException e) { - Log.e(LOGTAG, "Got exception during posting provisioning request ...", e); - } catch (URISyntaxException e) { - Log.e(LOGTAG, "Got exception during creating uri ...", e); - } + // AppConstants.isTorBrowser() is in base/, so it's not available in geckoview/ + Log.i(LOGTAG, "This is Tor Browser. Skipping."); return null; + + /* Dead code */ + //try { + // URI finalURI = new URI(mURL + "&signedRequest=" + URLEncoder.encode(new String(mDrmRequest), "UTF-8")); + // HttpURLConnection urlConnection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(finalURI); + // urlConnection.setRequestMethod("POST"); + // if (DEBUG) Log.d(LOGTAG, "Provisioning, posting url =" + finalURI.toString()); + + // // Add data + // urlConnection.setRequestProperty("Accept", "*/*"); + // urlConnection.setRequestProperty("User-Agent", getCDMUserAgent()); + // urlConnection.setRequestProperty("Content-Type", "application/json"); + + // // Execute HTTP Post Request + // urlConnection.connect(); + + // int responseCode = urlConnection.getResponseCode(); + // if (responseCode == HttpURLConnection.HTTP_OK) { + // BufferedReader in = + // new BufferedReader(new InputStreamReader(urlConnection.getInputStream(), StringUtils.UTF_8)); + // String inputLine; + // StringBuffer response = new StringBuffer(); + + // while ((inputLine = in.readLine()) != null) { + // response.append(inputLine); + // } + // in.close(); + // mResponseBody = String.valueOf(response).getBytes(StringUtils.UTF_8); + // if (DEBUG) Log.d(LOGTAG, "Provisioning, response received."); + // if (mResponseBody != null) Log.d(LOGTAG, "response length=" + mResponseBody.length); + // } else { + // Log.d(LOGTAG, "Provisioning, server returned HTTP error code :" + responseCode); + // } + //} catch (IOException e) { + // Log.e(LOGTAG, "Got exception during posting provisioning request ...", e); + //} catch (URISyntaxException e) { + // Log.e(LOGTAG, "Got exception during creating uri ...", e); + //} + //return null; }
@Override diff --git a/mobile/android/geckoview/src/thirdparty/java/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java b/mobile/android/geckoview/src/thirdparty/java/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java index 75e1f675c5eb..22e9e1ffcb9b 100644 --- a/mobile/android/geckoview/src/thirdparty/java/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java +++ b/mobile/android/geckoview/src/thirdparty/java/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java @@ -395,51 +395,56 @@ public class DefaultHttpDataSource implements HttpDataSource { */ private HttpURLConnection makeConnection(URL url, byte[] postBody, long position, long length, boolean allowGzip, boolean followRedirects) throws IOException, URISyntaxException { + // AppConstants.isTorBrowser() is in base/, so it's not available in geckoview/ + Log.i(TAG, "This is Tor Browser. Skipping."); + throw new IOException(); + /** * Tor Project modified the way the connection object was created. For the sake of * simplicity, instead of duplicating the whole file we changed the connection object * to use the ProxySelector. */ - HttpURLConnection connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(url.toURI()); - - connection.setConnectTimeout(connectTimeoutMillis); - connection.setReadTimeout(readTimeoutMillis); - if (defaultRequestProperties != null) { - for (Map.Entry<String, String> property : defaultRequestProperties.getSnapshot().entrySet()) { - connection.setRequestProperty(property.getKey(), property.getValue()); - } - } - for (Map.Entry<String, String> property : requestProperties.getSnapshot().entrySet()) { - connection.setRequestProperty(property.getKey(), property.getValue()); - } - if (!(position == 0 && length == C.LENGTH_UNSET)) { - String rangeRequest = "bytes=" + position + "-"; - if (length != C.LENGTH_UNSET) { - rangeRequest += (position + length - 1); - } - connection.setRequestProperty("Range", rangeRequest); - } - connection.setRequestProperty("User-Agent", userAgent); - if (!allowGzip) { - connection.setRequestProperty("Accept-Encoding", "identity"); - } - connection.setInstanceFollowRedirects(followRedirects); - connection.setDoOutput(postBody != null); - if (postBody != null) { - connection.setRequestMethod("POST"); - if (postBody.length == 0) { - connection.connect(); - } else { - connection.setFixedLengthStreamingMode(postBody.length); - connection.connect(); - OutputStream os = connection.getOutputStream(); - os.write(postBody); - os.close(); - } - } else { - connection.connect(); - } - return connection; + /* Dead code */ + //HttpURLConnection connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(url.toURI()); + + //connection.setConnectTimeout(connectTimeoutMillis); + //connection.setReadTimeout(readTimeoutMillis); + //if (defaultRequestProperties != null) { + // for (Map.Entry<String, String> property : defaultRequestProperties.getSnapshot().entrySet()) { + // connection.setRequestProperty(property.getKey(), property.getValue()); + // } + //} + //for (Map.Entry<String, String> property : requestProperties.getSnapshot().entrySet()) { + // connection.setRequestProperty(property.getKey(), property.getValue()); + //} + //if (!(position == 0 && length == C.LENGTH_UNSET)) { + // String rangeRequest = "bytes=" + position + "-"; + // if (length != C.LENGTH_UNSET) { + // rangeRequest += (position + length - 1); + // } + // connection.setRequestProperty("Range", rangeRequest); + //} + //connection.setRequestProperty("User-Agent", userAgent); + //if (!allowGzip) { + // connection.setRequestProperty("Accept-Encoding", "identity"); + //} + //connection.setInstanceFollowRedirects(followRedirects); + //connection.setDoOutput(postBody != null); + //if (postBody != null) { + // connection.setRequestMethod("POST"); + // if (postBody.length == 0) { + // connection.connect(); + // } else { + // connection.setFixedLengthStreamingMode(postBody.length); + // connection.connect(); + // OutputStream os = connection.getOutputStream(); + // os.write(postBody); + // os.close(); + // } + //} else { + // connection.connect(); + //} + //return connection; }
/** diff --git a/mobile/android/stumbler/java/org/mozilla/mozstumbler/service/utils/AbstractCommunicator.java b/mobile/android/stumbler/java/org/mozilla/mozstumbler/service/utils/AbstractCommunicator.java index 9b3ee98f89db..fc3248d72219 100644 --- a/mobile/android/stumbler/java/org/mozilla/mozstumbler/service/utils/AbstractCommunicator.java +++ b/mobile/android/stumbler/java/org/mozilla/mozstumbler/service/utils/AbstractCommunicator.java @@ -68,6 +68,11 @@ public abstract class AbstractCommunicator { }
private void openConnectionAndSetHeaders() { + if (AppConstants.isTorBrowser()) { + Log.i(LOG_TAG, "This is Tor Browser. Skipping."); + throw new Exception(); + } + try { Prefs prefs = Prefs.getInstanceWithoutContext(); if (sMozApiKey == null || prefs != null) {
tor-commits@lists.torproject.org