[tbb-commits] [tor-browser/tor-browser-87.0b4-10.5-1] Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources.

sysrqb at torproject.org sysrqb at torproject.org
Thu Mar 11 20:51:21 UTC 2021


commit a2580e4377e79bea71bb7c4c2368d428d6e9593a
Author: Amogh Pradeep <amoghbl1 at gmail.com>
Date:   Fri Jun 12 02:07:45 2015 -0400

    Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources.
    
    See Bug 1357997 for partial uplift.
    
    Also:
    Bug 28051 - Use our Orbot for proxying our connections
    
    Bug 31144 - ESR68 Network Code Review
---
 .../main/java/org/mozilla/gecko/GeckoAppShell.java | 68 +++++++++++-----------
 .../java/org/mozilla/gecko/util/ProxySelector.java | 25 +++++++-
 2 files changed, 59 insertions(+), 34 deletions(-)

diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java
index ad92a7d54121..4457c7ccc186 100644
--- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java
+++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java
@@ -1787,39 +1787,41 @@ public class GeckoAppShell {
 
     @WrapForJNI
     private static URLConnection getConnection(final String url) {
-        try {
-            String spec;
-            if (url.startsWith("android://")) {
-                spec = url.substring(10);
-            } else {
-                spec = url.substring(8);
-            }
-
-            // Check if we are loading a package icon.
-            try {
-                if (spec.startsWith("icon/")) {
-                    String[] splits = spec.split("/");
-                    if (splits.length != 2) {
-                        return null;
-                    }
-                    final String pkg = splits[1];
-                    final PackageManager pm = getApplicationContext().getPackageManager();
-                    final Drawable d = pm.getApplicationIcon(pkg);
-                    final Bitmap bitmap = getBitmapFromDrawable(d);
-                    return new BitmapConnection(bitmap);
-                }
-            } catch (Exception ex) {
-                Log.e(LOGTAG, "error", ex);
-            }
-
-            // if the colon got stripped, put it back
-            int colon = spec.indexOf(':');
-            if (colon == -1 || colon > spec.indexOf('/')) {
-                spec = spec.replaceFirst("/", ":/");
-            }
-        } catch (Exception ex) {
-            return null;
-        }
+        // Bug 31144 - Prevent potential proxy-bypass
+
+        //try {
+        //    String spec;
+        //    if (url.startsWith("android://")) {
+        //        spec = url.substring(10);
+        //    } else {
+        //        spec = url.substring(8);
+        //    }
+
+        //    // Check if we are loading a package icon.
+        //    try {
+        //        if (spec.startsWith("icon/")) {
+        //            String[] splits = spec.split("/");
+        //            if (splits.length != 2) {
+        //                return null;
+        //            }
+        //            final String pkg = splits[1];
+        //            final PackageManager pm = getApplicationContext().getPackageManager();
+        //            final Drawable d = pm.getApplicationIcon(pkg);
+        //            final Bitmap bitmap = getBitmapFromDrawable(d);
+        //            return new BitmapConnection(bitmap);
+        //        }
+        //    } catch (Exception ex) {
+        //        Log.e(LOGTAG, "error", ex);
+        //    }
+
+        //    // if the colon got stripped, put it back
+        //    int colon = spec.indexOf(':');
+        //    if (colon == -1 || colon > spec.indexOf('/')) {
+        //        spec = spec.replaceFirst("/", ":/");
+        //    }
+        //} catch (Exception ex) {
+        //    return null;
+        //}
         return null;
     }
 
diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/ProxySelector.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/ProxySelector.java
index 636586b23102..552bf951b51b 100644
--- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/ProxySelector.java
+++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/ProxySelector.java
@@ -29,6 +29,10 @@ import java.net.URLConnection;
 import java.util.List;
 
 public class ProxySelector {
+    private static final String TOR_PROXY_ADDRESS = "127.0.0.1";
+    private static final int TOR_SOCKS_PROXY_PORT = 9150;
+    private static final int TOR_HTTP_PROXY_PORT = 8218;
+
     public static URLConnection openConnectionWithProxy(final URI uri) throws IOException {
         java.net.ProxySelector ps = java.net.ProxySelector.getDefault();
         Proxy proxy = Proxy.NO_PROXY;
@@ -39,7 +43,26 @@ public class ProxySelector {
             }
         }
 
-        return uri.toURL().openConnection(proxy);
+        /* Ignore the proxy we found from the VM, only use Tor. We can probably
+         * safely use the logic in this class in the future. */
+        return uri.toURL().openConnection(getProxy());
+    }
+
+    public static Proxy getProxy() {
+        // TODO make configurable
+        return new Proxy(Proxy.Type.SOCKS, new InetSocketAddress(TOR_PROXY_ADDRESS, TOR_SOCKS_PROXY_PORT));
+    }
+
+    public static String getProxyHostAddress() {
+        return TOR_PROXY_ADDRESS;
+    }
+
+    public static int getSocksProxyPort() {
+        return TOR_SOCKS_PROXY_PORT;
+    }
+
+    public static int getHttpProxyPort() {
+        return TOR_HTTP_PROXY_PORT;
     }
 
     public ProxySelector() {





More information about the tbb-commits mailing list