From 8c7e986282a7256495357b0e71f8d91306be246b Mon Sep 17 00:00:00 2001 From: Matthew Finkel Date: Thu, 25 Oct 2018 19:17:09 +0000 Subject: [PATCH] Bug 28125 - Prevent non-Necko network connections --- .../java/org/mozilla/gecko/SuggestClient.java | 5 ++ .../topstories/PocketStoriesLoader.java | 5 ++ .../gecko/distribution/Distribution.java | 5 ++ .../org/mozilla/gecko/dlc/BaseAction.java | 6 ++ .../org/mozilla/gecko/home/ImageLoader.java | 7 ++ .../gecko/icons/loader/IconDownloader.java | 11 +++ .../gecko/search/SearchEngineManager.java | 5 ++ .../gecko/switchboard/SwitchBoard.java | 6 ++ .../gecko/media/GeckoMediaDrmBridgeV21.java | 6 ++ .../upstream/DefaultHttpDataSource.java | 85 ++++++++++--------- .../service/utils/AbstractCommunicator.java | 5 ++ 11 files changed, 106 insertions(+), 40 deletions(-) diff --git a/mobile/android/base/java/org/mozilla/gecko/SuggestClient.java b/mobile/android/base/java/org/mozilla/gecko/SuggestClient.java index 0ebffeccdf21e..137e53cc5c032 100644 --- a/mobile/android/base/java/org/mozilla/gecko/SuggestClient.java +++ b/mobile/android/base/java/org/mozilla/gecko/SuggestClient.java @@ -72,6 +72,11 @@ public class SuggestClient { return mPrevResults; ArrayList suggestions = new ArrayList(); + if (AppConstants.isTorBrowser()) { + Log.i(LOGTAG, "This is Tor Browser. Skipping."); + return suggestions; + } + if (TextUtils.isEmpty(mSuggestTemplate) || TextUtils.isEmpty(query)) { return suggestions; } diff --git a/mobile/android/base/java/org/mozilla/gecko/activitystream/homepanel/topstories/PocketStoriesLoader.java b/mobile/android/base/java/org/mozilla/gecko/activitystream/homepanel/topstories/PocketStoriesLoader.java index 7ebead4cfa3f3..516c13610047d 100644 --- a/mobile/android/base/java/org/mozilla/gecko/activitystream/homepanel/topstories/PocketStoriesLoader.java +++ b/mobile/android/base/java/org/mozilla/gecko/activitystream/homepanel/topstories/PocketStoriesLoader.java @@ -124,6 +124,11 @@ public class PocketStoriesLoader extends AsyncTaskLoader> { } protected String makeAPIRequestWithKey(final String apiKey) { + if (AppConstants.isTorBrowser()) { + Log.i(LOGTAG, "This is Tor Browser. Skipping."); + return null; + } + HttpURLConnection connection = null; final Uri uri = Uri.parse(GLOBAL_ENDPOINT) diff --git a/mobile/android/base/java/org/mozilla/gecko/distribution/Distribution.java b/mobile/android/base/java/org/mozilla/gecko/distribution/Distribution.java index 56340987207a9..2e2d07d589149 100644 --- a/mobile/android/base/java/org/mozilla/gecko/distribution/Distribution.java +++ b/mobile/android/base/java/org/mozilla/gecko/distribution/Distribution.java @@ -555,6 +555,11 @@ public class Distribution { return false; } + if (AppConstants.isTorBrowser()) { + Log.i(LOGTAG, "This is Tor Browser. Skipping."); + return false; + } + URI uri = getReferredDistribution(referrer); if (uri == null) { return false; diff --git a/mobile/android/base/java/org/mozilla/gecko/dlc/BaseAction.java b/mobile/android/base/java/org/mozilla/gecko/dlc/BaseAction.java index 6e71bc13055ef..486afe31a5cbd 100644 --- a/mobile/android/base/java/org/mozilla/gecko/dlc/BaseAction.java +++ b/mobile/android/base/java/org/mozilla/gecko/dlc/BaseAction.java @@ -151,6 +151,12 @@ public abstract class BaseAction { protected HttpURLConnection buildHttpURLConnection(String url) throws UnrecoverableDownloadContentException, IOException { try { + if (AppConstants.isTorBrowser()) { + String erdcl = "This is Tor Browser. Downloading is disabled for: " + url; + Log.i(LOGTAG, "This is Tor Browser. Skipping."); + throw new UnrecoverableDownloadContentException(erdcl); + } + System.setProperty("http.keepAlive", "true"); HttpURLConnection connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(new URI(url)); diff --git a/mobile/android/base/java/org/mozilla/gecko/home/ImageLoader.java b/mobile/android/base/java/org/mozilla/gecko/home/ImageLoader.java index cbbe7babbba4e..b6ea0249445c0 100644 --- a/mobile/android/base/java/org/mozilla/gecko/home/ImageLoader.java +++ b/mobile/android/base/java/org/mozilla/gecko/home/ImageLoader.java @@ -15,6 +15,7 @@ import com.squareup.picasso.Picasso; import com.squareup.picasso.Downloader.Response; import com.squareup.picasso.UrlConnectionDownloader; +import org.mozilla.gecko.AppConstants; import org.mozilla.gecko.util.ProxySelector; import java.io.File; @@ -91,6 +92,12 @@ public class ImageLoader { @Override protected HttpURLConnection openConnection(Uri path) throws IOException { + if (AppConstants.isTorBrowser()) { + String err = "This is Tor Browser. Downloading is disabled for: " + path.toString(); + Log.i(LOGTAG, "This is Tor Browser. Skipping."); + throw new IOException(err); + } + try { // This is annoying, but |path| is an android.net.Uri and // openConnectionWithProxy() accepts a java.net.URI diff --git a/mobile/android/base/java/org/mozilla/gecko/icons/loader/IconDownloader.java b/mobile/android/base/java/org/mozilla/gecko/icons/loader/IconDownloader.java index 4a03d440556dc..84eb7736e94e1 100644 --- a/mobile/android/base/java/org/mozilla/gecko/icons/loader/IconDownloader.java +++ b/mobile/android/base/java/org/mozilla/gecko/icons/loader/IconDownloader.java @@ -12,6 +12,7 @@ import android.support.annotation.Nullable; import android.support.annotation.VisibleForTesting; import android.util.Log; +import org.mozilla.gecko.AppConstants; import org.mozilla.gecko.GeckoApplication; import org.mozilla.gecko.icons.decoders.FaviconDecoder; import org.mozilla.gecko.icons.decoders.LoadFaviconResult; @@ -132,6 +133,11 @@ public class IconDownloader implements IconLoader { return null; } + if (AppConstants.isTorBrowser()) { + Log.i(LOGTAG, "This is Tor Browser. Skipping."); + return null; + } + HttpURLConnection connection = null; try { @@ -183,6 +189,11 @@ public class IconDownloader implements IconLoader { @VisibleForTesting @NonNull HttpURLConnection connectTo(String uri) throws URISyntaxException, IOException { + if (AppConstants.isTorBrowser()) { + Log.i(LOGTAG, "This is Tor Browser. Skipping."); + throw new IOException(); + } + final HttpURLConnection connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy( new URI(uri)); diff --git a/mobile/android/base/java/org/mozilla/gecko/search/SearchEngineManager.java b/mobile/android/base/java/org/mozilla/gecko/search/SearchEngineManager.java index eb1892ffdc6bc..dbc3e7286d5a6 100644 --- a/mobile/android/base/java/org/mozilla/gecko/search/SearchEngineManager.java +++ b/mobile/android/base/java/org/mozilla/gecko/search/SearchEngineManager.java @@ -379,6 +379,11 @@ public class SearchEngineManager implements SharedPreferences.OnSharedPreference * @return String containing the country code */ private String fetchCountryCode() { + if (AppConstants.isTorBrowser()) { + Log.i(LOG_TAG, "This is Tor Browser. Skipping."); + return null; + } + // First, we look to see if we have a cached code. final String region = GeckoSharedPrefs.forApp(context).getString(PREF_REGION_KEY, null); if (region != null) { diff --git a/mobile/android/base/java/org/mozilla/gecko/switchboard/SwitchBoard.java b/mobile/android/base/java/org/mozilla/gecko/switchboard/SwitchBoard.java index af8a4c1b607c4..089be885fea6a 100644 --- a/mobile/android/base/java/org/mozilla/gecko/switchboard/SwitchBoard.java +++ b/mobile/android/base/java/org/mozilla/gecko/switchboard/SwitchBoard.java @@ -441,6 +441,12 @@ public class SwitchBoard { HttpURLConnection connection = null; InputStreamReader inputStreamReader = null; BufferedReader bufferReader = null; + + if (AppConstants.isTorBrowser()) { + Log.i(TAG, "This is Tor Browser. Skipping."); + return null; + } + try { connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(url.toURI()); connection.setRequestProperty("User-Agent", HardwareUtils.isTablet() ? diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java index 352d349477e05..dead9dd26570b 100644 --- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java +++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java @@ -31,6 +31,7 @@ import android.util.Log; import org.mozilla.gecko.util.StringUtils; import org.mozilla.gecko.util.ProxySelector; +import org.mozilla.geckoview.BuildConfig; @TargetApi(Build.VERSION_CODES.JELLY_BEAN_MR2) public class GeckoMediaDrmBridgeV21 implements GeckoMediaDrm { @@ -483,6 +484,11 @@ public class GeckoMediaDrmBridgeV21 implements GeckoMediaDrm { @Override protected Void doInBackground(final Void... params) { + if (BuildConfig.TOR_BROWSER_VERSION != "") { + Log.i(LOGTAG, "This is Tor Browser. Skipping."); + return null; + } + HttpURLConnection urlConnection = null; BufferedReader in = null; try { diff --git a/mobile/android/geckoview/src/thirdparty/java/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java b/mobile/android/geckoview/src/thirdparty/java/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java index 75e1f675c5eb5..22e9e1ffcb9b1 100644 --- a/mobile/android/geckoview/src/thirdparty/java/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java +++ b/mobile/android/geckoview/src/thirdparty/java/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java @@ -395,51 +395,56 @@ public class DefaultHttpDataSource implements HttpDataSource { */ private HttpURLConnection makeConnection(URL url, byte[] postBody, long position, long length, boolean allowGzip, boolean followRedirects) throws IOException, URISyntaxException { + // AppConstants.isTorBrowser() is in base/, so it's not available in geckoview/ + Log.i(TAG, "This is Tor Browser. Skipping."); + throw new IOException(); + /** * Tor Project modified the way the connection object was created. For the sake of * simplicity, instead of duplicating the whole file we changed the connection object * to use the ProxySelector. */ - HttpURLConnection connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(url.toURI()); - - connection.setConnectTimeout(connectTimeoutMillis); - connection.setReadTimeout(readTimeoutMillis); - if (defaultRequestProperties != null) { - for (Map.Entry property : defaultRequestProperties.getSnapshot().entrySet()) { - connection.setRequestProperty(property.getKey(), property.getValue()); - } - } - for (Map.Entry property : requestProperties.getSnapshot().entrySet()) { - connection.setRequestProperty(property.getKey(), property.getValue()); - } - if (!(position == 0 && length == C.LENGTH_UNSET)) { - String rangeRequest = "bytes=" + position + "-"; - if (length != C.LENGTH_UNSET) { - rangeRequest += (position + length - 1); - } - connection.setRequestProperty("Range", rangeRequest); - } - connection.setRequestProperty("User-Agent", userAgent); - if (!allowGzip) { - connection.setRequestProperty("Accept-Encoding", "identity"); - } - connection.setInstanceFollowRedirects(followRedirects); - connection.setDoOutput(postBody != null); - if (postBody != null) { - connection.setRequestMethod("POST"); - if (postBody.length == 0) { - connection.connect(); - } else { - connection.setFixedLengthStreamingMode(postBody.length); - connection.connect(); - OutputStream os = connection.getOutputStream(); - os.write(postBody); - os.close(); - } - } else { - connection.connect(); - } - return connection; + /* Dead code */ + //HttpURLConnection connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(url.toURI()); + + //connection.setConnectTimeout(connectTimeoutMillis); + //connection.setReadTimeout(readTimeoutMillis); + //if (defaultRequestProperties != null) { + // for (Map.Entry property : defaultRequestProperties.getSnapshot().entrySet()) { + // connection.setRequestProperty(property.getKey(), property.getValue()); + // } + //} + //for (Map.Entry property : requestProperties.getSnapshot().entrySet()) { + // connection.setRequestProperty(property.getKey(), property.getValue()); + //} + //if (!(position == 0 && length == C.LENGTH_UNSET)) { + // String rangeRequest = "bytes=" + position + "-"; + // if (length != C.LENGTH_UNSET) { + // rangeRequest += (position + length - 1); + // } + // connection.setRequestProperty("Range", rangeRequest); + //} + //connection.setRequestProperty("User-Agent", userAgent); + //if (!allowGzip) { + // connection.setRequestProperty("Accept-Encoding", "identity"); + //} + //connection.setInstanceFollowRedirects(followRedirects); + //connection.setDoOutput(postBody != null); + //if (postBody != null) { + // connection.setRequestMethod("POST"); + // if (postBody.length == 0) { + // connection.connect(); + // } else { + // connection.setFixedLengthStreamingMode(postBody.length); + // connection.connect(); + // OutputStream os = connection.getOutputStream(); + // os.write(postBody); + // os.close(); + // } + //} else { + // connection.connect(); + //} + //return connection; } /** diff --git a/mobile/android/stumbler/java/org/mozilla/mozstumbler/service/utils/AbstractCommunicator.java b/mobile/android/stumbler/java/org/mozilla/mozstumbler/service/utils/AbstractCommunicator.java index 9b3ee98f89db7..fc3248d72219e 100644 --- a/mobile/android/stumbler/java/org/mozilla/mozstumbler/service/utils/AbstractCommunicator.java +++ b/mobile/android/stumbler/java/org/mozilla/mozstumbler/service/utils/AbstractCommunicator.java @@ -68,6 +68,11 @@ public abstract class AbstractCommunicator { } private void openConnectionAndSetHeaders() { + if (AppConstants.isTorBrowser()) { + Log.i(LOG_TAG, "This is Tor Browser. Skipping."); + throw new Exception(); + } + try { Prefs prefs = Prefs.getInstanceWithoutContext(); if (sMozApiKey == null || prefs != null) { -- GitLab