[tor-commits] [tor-browser/tor-browser-68.1.0esr-9.0-1] Bug 28125 - Prevent non-Necko network connections

gk at torproject.org gk at torproject.org
Sat Aug 31 19:46:16 UTC 2019


commit cf14b5eb0d976a53585266ae34dc81cf0e1e9b23
Author: Matthew Finkel <Matthew.Finkel at gmail.com>
Date:   Thu Oct 25 19:17:09 2018 +0000

    Bug 28125 - Prevent non-Necko network connections
---
 .../base/java/org/mozilla/gecko/SuggestClient.java |  5 ++
 .../homepanel/topstories/PocketStoriesLoader.java  |  5 ++
 .../mozilla/gecko/distribution/Distribution.java   |  5 ++
 .../java/org/mozilla/gecko/dlc/BaseAction.java     |  6 ++
 .../java/org/mozilla/gecko/home/ImageLoader.java   |  7 ++
 .../mozilla/gecko/icons/loader/IconDownloader.java | 11 +++
 .../mozilla/gecko/search/SearchEngineManager.java  |  5 ++
 .../org/mozilla/gecko/switchboard/SwitchBoard.java |  6 ++
 .../gecko/media/GeckoMediaDrmBridgeV21.java        |  6 ++
 .../exoplayer2/upstream/DefaultHttpDataSource.java | 85 ++++++++++++----------
 .../service/utils/AbstractCommunicator.java        |  5 ++
 11 files changed, 106 insertions(+), 40 deletions(-)

diff --git a/mobile/android/base/java/org/mozilla/gecko/SuggestClient.java b/mobile/android/base/java/org/mozilla/gecko/SuggestClient.java
index 0ebffeccdf21..137e53cc5c03 100644
--- a/mobile/android/base/java/org/mozilla/gecko/SuggestClient.java
+++ b/mobile/android/base/java/org/mozilla/gecko/SuggestClient.java
@@ -72,6 +72,11 @@ public class SuggestClient {
             return mPrevResults;
 
         ArrayList<String> suggestions = new ArrayList<String>();
+        if (AppConstants.isTorBrowser()) {
+            Log.i(LOGTAG, "This is Tor Browser. Skipping.");
+            return suggestions;
+        }
+
         if (TextUtils.isEmpty(mSuggestTemplate) || TextUtils.isEmpty(query)) {
             return suggestions;
         }
diff --git a/mobile/android/base/java/org/mozilla/gecko/activitystream/homepanel/topstories/PocketStoriesLoader.java b/mobile/android/base/java/org/mozilla/gecko/activitystream/homepanel/topstories/PocketStoriesLoader.java
index 7ebead4cfa3f..516c13610047 100644
--- a/mobile/android/base/java/org/mozilla/gecko/activitystream/homepanel/topstories/PocketStoriesLoader.java
+++ b/mobile/android/base/java/org/mozilla/gecko/activitystream/homepanel/topstories/PocketStoriesLoader.java
@@ -124,6 +124,11 @@ public class PocketStoriesLoader extends AsyncTaskLoader<List<TopStory>> {
     }
 
     protected String makeAPIRequestWithKey(final String apiKey) {
+        if (AppConstants.isTorBrowser()) {
+            Log.i(LOGTAG, "This is Tor Browser. Skipping.");
+            return null;
+        }
+
         HttpURLConnection connection = null;
 
         final Uri uri = Uri.parse(GLOBAL_ENDPOINT)
diff --git a/mobile/android/base/java/org/mozilla/gecko/distribution/Distribution.java b/mobile/android/base/java/org/mozilla/gecko/distribution/Distribution.java
index 56340987207a..2e2d07d58914 100644
--- a/mobile/android/base/java/org/mozilla/gecko/distribution/Distribution.java
+++ b/mobile/android/base/java/org/mozilla/gecko/distribution/Distribution.java
@@ -555,6 +555,11 @@ public class Distribution {
             return false;
         }
 
+        if (AppConstants.isTorBrowser()) {
+            Log.i(LOGTAG, "This is Tor Browser. Skipping.");
+            return false;
+        }
+
         URI uri = getReferredDistribution(referrer);
         if (uri == null) {
             return false;
diff --git a/mobile/android/base/java/org/mozilla/gecko/dlc/BaseAction.java b/mobile/android/base/java/org/mozilla/gecko/dlc/BaseAction.java
index 6e71bc13055e..486afe31a5cb 100644
--- a/mobile/android/base/java/org/mozilla/gecko/dlc/BaseAction.java
+++ b/mobile/android/base/java/org/mozilla/gecko/dlc/BaseAction.java
@@ -151,6 +151,12 @@ public abstract class BaseAction {
     protected HttpURLConnection buildHttpURLConnection(String url)
             throws UnrecoverableDownloadContentException, IOException {
         try {
+            if (AppConstants.isTorBrowser()) {
+                String erdcl = "This is Tor Browser. Downloading is disabled for: " + url;
+                Log.i(LOGTAG, "This is Tor Browser. Skipping.");
+                throw new UnrecoverableDownloadContentException(erdcl);
+            }
+
             System.setProperty("http.keepAlive", "true");
 
             HttpURLConnection connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(new URI(url));
diff --git a/mobile/android/base/java/org/mozilla/gecko/home/ImageLoader.java b/mobile/android/base/java/org/mozilla/gecko/home/ImageLoader.java
index cbbe7babbba4..b6ea0249445c 100644
--- a/mobile/android/base/java/org/mozilla/gecko/home/ImageLoader.java
+++ b/mobile/android/base/java/org/mozilla/gecko/home/ImageLoader.java
@@ -15,6 +15,7 @@ import com.squareup.picasso.Picasso;
 import com.squareup.picasso.Downloader.Response;
 import com.squareup.picasso.UrlConnectionDownloader;
 
+import org.mozilla.gecko.AppConstants;
 import org.mozilla.gecko.util.ProxySelector;
 
 import java.io.File;
@@ -91,6 +92,12 @@ public class ImageLoader {
 
         @Override
         protected HttpURLConnection openConnection(Uri path) throws IOException {
+            if (AppConstants.isTorBrowser()) {
+                String err = "This is Tor Browser. Downloading is disabled for: " + path.toString();
+                Log.i(LOGTAG, "This is Tor Browser. Skipping.");
+                throw new IOException(err);
+            }
+
             try {
                 // This is annoying, but |path| is an android.net.Uri and
                 // openConnectionWithProxy() accepts a java.net.URI
diff --git a/mobile/android/base/java/org/mozilla/gecko/icons/loader/IconDownloader.java b/mobile/android/base/java/org/mozilla/gecko/icons/loader/IconDownloader.java
index 4a03d440556d..84eb7736e94e 100644
--- a/mobile/android/base/java/org/mozilla/gecko/icons/loader/IconDownloader.java
+++ b/mobile/android/base/java/org/mozilla/gecko/icons/loader/IconDownloader.java
@@ -12,6 +12,7 @@ import android.support.annotation.Nullable;
 import android.support.annotation.VisibleForTesting;
 import android.util.Log;
 
+import org.mozilla.gecko.AppConstants;
 import org.mozilla.gecko.GeckoApplication;
 import org.mozilla.gecko.icons.decoders.FaviconDecoder;
 import org.mozilla.gecko.icons.decoders.LoadFaviconResult;
@@ -132,6 +133,11 @@ public class IconDownloader implements IconLoader {
             return null;
         }
 
+        if (AppConstants.isTorBrowser()) {
+            Log.i(LOGTAG, "This is Tor Browser. Skipping.");
+            return null;
+        }
+
         HttpURLConnection connection = null;
 
         try {
@@ -183,6 +189,11 @@ public class IconDownloader implements IconLoader {
     @VisibleForTesting
     @NonNull
     HttpURLConnection connectTo(String uri) throws URISyntaxException, IOException {
+        if (AppConstants.isTorBrowser()) {
+            Log.i(LOGTAG, "This is Tor Browser. Skipping.");
+            throw new IOException();
+        }
+
         final HttpURLConnection connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(
                 new URI(uri));
 
diff --git a/mobile/android/base/java/org/mozilla/gecko/search/SearchEngineManager.java b/mobile/android/base/java/org/mozilla/gecko/search/SearchEngineManager.java
index eb1892ffdc6b..dbc3e7286d5a 100644
--- a/mobile/android/base/java/org/mozilla/gecko/search/SearchEngineManager.java
+++ b/mobile/android/base/java/org/mozilla/gecko/search/SearchEngineManager.java
@@ -379,6 +379,11 @@ public class SearchEngineManager implements SharedPreferences.OnSharedPreference
      * @return String containing the country code
      */
     private String fetchCountryCode() {
+        if (AppConstants.isTorBrowser()) {
+            Log.i(LOG_TAG, "This is Tor Browser. Skipping.");
+            return null;
+        }
+
         // First, we look to see if we have a cached code.
         final String region = GeckoSharedPrefs.forApp(context).getString(PREF_REGION_KEY, null);
         if (region != null) {
diff --git a/mobile/android/base/java/org/mozilla/gecko/switchboard/SwitchBoard.java b/mobile/android/base/java/org/mozilla/gecko/switchboard/SwitchBoard.java
index e019c7d6eb77..1dc1b07aba5b 100644
--- a/mobile/android/base/java/org/mozilla/gecko/switchboard/SwitchBoard.java
+++ b/mobile/android/base/java/org/mozilla/gecko/switchboard/SwitchBoard.java
@@ -429,6 +429,12 @@ public class SwitchBoard {
         HttpURLConnection connection = null;
         InputStreamReader inputStreamReader = null;
         BufferedReader bufferReader = null;
+
+        if (AppConstants.isTorBrowser()) {
+            Log.i(TAG, "This is Tor Browser. Skipping.");
+            return null;
+        }
+
         try {
             connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(url.toURI());
             connection.setRequestProperty("User-Agent", HardwareUtils.isTablet() ?
diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
index 352d349477e0..dead9dd26570 100644
--- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
+++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
@@ -31,6 +31,7 @@ import android.util.Log;
 
 import org.mozilla.gecko.util.StringUtils;
 import org.mozilla.gecko.util.ProxySelector;
+import org.mozilla.geckoview.BuildConfig;
 
 @TargetApi(Build.VERSION_CODES.JELLY_BEAN_MR2)
 public class GeckoMediaDrmBridgeV21 implements GeckoMediaDrm {
@@ -483,6 +484,11 @@ public class GeckoMediaDrmBridgeV21 implements GeckoMediaDrm {
 
         @Override
         protected Void doInBackground(final Void... params) {
+            if (BuildConfig.TOR_BROWSER_VERSION != "") {
+                Log.i(LOGTAG, "This is Tor Browser. Skipping.");
+                return null;
+            }
+
             HttpURLConnection urlConnection = null;
             BufferedReader in = null;
             try {
diff --git a/mobile/android/geckoview/src/thirdparty/java/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java b/mobile/android/geckoview/src/thirdparty/java/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java
index 75e1f675c5eb..22e9e1ffcb9b 100644
--- a/mobile/android/geckoview/src/thirdparty/java/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java
+++ b/mobile/android/geckoview/src/thirdparty/java/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java
@@ -395,51 +395,56 @@ public class DefaultHttpDataSource implements HttpDataSource {
    */
   private HttpURLConnection makeConnection(URL url, byte[] postBody, long position,
       long length, boolean allowGzip, boolean followRedirects) throws IOException, URISyntaxException {
+    // AppConstants.isTorBrowser() is in base/, so it's not available in geckoview/
+    Log.i(TAG, "This is Tor Browser. Skipping.");
+    throw new IOException();
+
     /**
      * Tor Project modified the way the connection object was created. For the sake of
      * simplicity, instead of duplicating the whole file we changed the connection object
      * to use the ProxySelector.
      */
-    HttpURLConnection connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(url.toURI());
-
-    connection.setConnectTimeout(connectTimeoutMillis);
-    connection.setReadTimeout(readTimeoutMillis);
-    if (defaultRequestProperties != null) {
-      for (Map.Entry<String, String> property : defaultRequestProperties.getSnapshot().entrySet()) {
-        connection.setRequestProperty(property.getKey(), property.getValue());
-      }
-    }
-    for (Map.Entry<String, String> property : requestProperties.getSnapshot().entrySet()) {
-      connection.setRequestProperty(property.getKey(), property.getValue());
-    }
-    if (!(position == 0 && length == C.LENGTH_UNSET)) {
-      String rangeRequest = "bytes=" + position + "-";
-      if (length != C.LENGTH_UNSET) {
-        rangeRequest += (position + length - 1);
-      }
-      connection.setRequestProperty("Range", rangeRequest);
-    }
-    connection.setRequestProperty("User-Agent", userAgent);
-    if (!allowGzip) {
-      connection.setRequestProperty("Accept-Encoding", "identity");
-    }
-    connection.setInstanceFollowRedirects(followRedirects);
-    connection.setDoOutput(postBody != null);
-    if (postBody != null) {
-      connection.setRequestMethod("POST");
-      if (postBody.length == 0) {
-        connection.connect();
-      } else  {
-        connection.setFixedLengthStreamingMode(postBody.length);
-        connection.connect();
-        OutputStream os = connection.getOutputStream();
-        os.write(postBody);
-        os.close();
-      }
-    } else {
-      connection.connect();
-    }
-    return connection;
+    /* Dead code */
+    //HttpURLConnection connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(url.toURI());
+
+    //connection.setConnectTimeout(connectTimeoutMillis);
+    //connection.setReadTimeout(readTimeoutMillis);
+    //if (defaultRequestProperties != null) {
+    //  for (Map.Entry<String, String> property : defaultRequestProperties.getSnapshot().entrySet()) {
+    //    connection.setRequestProperty(property.getKey(), property.getValue());
+    //  }
+    //}
+    //for (Map.Entry<String, String> property : requestProperties.getSnapshot().entrySet()) {
+    //  connection.setRequestProperty(property.getKey(), property.getValue());
+    //}
+    //if (!(position == 0 && length == C.LENGTH_UNSET)) {
+    //  String rangeRequest = "bytes=" + position + "-";
+    //  if (length != C.LENGTH_UNSET) {
+    //    rangeRequest += (position + length - 1);
+    //  }
+    //  connection.setRequestProperty("Range", rangeRequest);
+    //}
+    //connection.setRequestProperty("User-Agent", userAgent);
+    //if (!allowGzip) {
+    //  connection.setRequestProperty("Accept-Encoding", "identity");
+    //}
+    //connection.setInstanceFollowRedirects(followRedirects);
+    //connection.setDoOutput(postBody != null);
+    //if (postBody != null) {
+    //  connection.setRequestMethod("POST");
+    //  if (postBody.length == 0) {
+    //    connection.connect();
+    //  } else  {
+    //    connection.setFixedLengthStreamingMode(postBody.length);
+    //    connection.connect();
+    //    OutputStream os = connection.getOutputStream();
+    //    os.write(postBody);
+    //    os.close();
+    //  }
+    //} else {
+    //  connection.connect();
+    //}
+    //return connection;
   }
 
   /**
diff --git a/mobile/android/stumbler/java/org/mozilla/mozstumbler/service/utils/AbstractCommunicator.java b/mobile/android/stumbler/java/org/mozilla/mozstumbler/service/utils/AbstractCommunicator.java
index 9b3ee98f89db..fc3248d72219 100644
--- a/mobile/android/stumbler/java/org/mozilla/mozstumbler/service/utils/AbstractCommunicator.java
+++ b/mobile/android/stumbler/java/org/mozilla/mozstumbler/service/utils/AbstractCommunicator.java
@@ -68,6 +68,11 @@ public abstract class AbstractCommunicator {
     }
 
     private void openConnectionAndSetHeaders() {
+        if (AppConstants.isTorBrowser()) {
+            Log.i(LOG_TAG, "This is Tor Browser. Skipping.");
+            throw new Exception();
+        }
+
         try {
             Prefs prefs = Prefs.getInstanceWithoutContext();
             if (sMozApiKey == null || prefs != null) {





More information about the tor-commits mailing list