1package eu.siacs.conversations.http;
2
3import static eu.siacs.conversations.utils.Random.SECURE_RANDOM;
4
5import android.content.Context;
6import android.os.Build;
7import android.util.Log;
8
9import androidx.core.util.Consumer;
10
11import eu.siacs.conversations.BuildConfig;
12import eu.siacs.conversations.Config;
13import eu.siacs.conversations.crypto.TrustManagers;
14import eu.siacs.conversations.entities.Account;
15import eu.siacs.conversations.entities.DownloadableFile;
16import eu.siacs.conversations.entities.Message;
17import eu.siacs.conversations.services.AbstractConnectionManager;
18import eu.siacs.conversations.services.XmppConnectionService;
19import eu.siacs.conversations.utils.TLSSocketFactory;
20
21import okhttp3.HttpUrl;
22import okhttp3.OkHttpClient;
23import okhttp3.Request;
24import okhttp3.ResponseBody;
25
26import org.apache.http.conn.ssl.StrictHostnameVerifier;
27
28import java.io.IOException;
29import java.io.InputStream;
30import java.net.InetAddress;
31import java.net.InetSocketAddress;
32import java.net.Proxy;
33import java.net.UnknownHostException;
34import java.security.KeyManagementException;
35import java.security.KeyStoreException;
36import java.security.NoSuchAlgorithmException;
37import java.security.cert.CertificateException;
38import java.util.ArrayList;
39import java.util.List;
40import java.util.concurrent.Executor;
41import java.util.concurrent.Executors;
42import java.util.concurrent.TimeUnit;
43
44import javax.net.ssl.SSLSocketFactory;
45import javax.net.ssl.X509TrustManager;
46
47public class HttpConnectionManager extends AbstractConnectionManager {
48
49 private final List<HttpDownloadConnection> downloadConnections = new ArrayList<>();
50 private final List<HttpUploadConnection> uploadConnections = new ArrayList<>();
51
52 public static final Executor EXECUTOR = Executors.newFixedThreadPool(4);
53
54 private static final OkHttpClient OK_HTTP_CLIENT;
55
56 static {
57 OK_HTTP_CLIENT = new OkHttpClient.Builder()
58 .addInterceptor(chain -> {
59 final Request original = chain.request();
60 final Request modified = original.newBuilder()
61 .header("User-Agent", getUserAgent())
62 .build();
63 return chain.proceed(modified);
64 })
65 .build();
66 }
67
68
69 public static String getUserAgent() {
70 return String.format("%s/%s", BuildConfig.APP_NAME, BuildConfig.VERSION_NAME);
71 }
72
73 public HttpConnectionManager(XmppConnectionService service) {
74 super(service);
75 }
76
77 public static Proxy getProxy() {
78 final InetAddress localhost;
79 try {
80 localhost = InetAddress.getByAddress(new byte[]{127, 0, 0, 1});
81 } catch (final UnknownHostException e) {
82 throw new IllegalStateException(e);
83 }
84 if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
85 return new Proxy(Proxy.Type.SOCKS, new InetSocketAddress(localhost, 9050));
86 } else {
87 return new Proxy(Proxy.Type.HTTP, new InetSocketAddress(localhost, 8118));
88 }
89 }
90
91 public void createNewDownloadConnection(Message message) {
92 this.createNewDownloadConnection(message, false);
93 }
94
95 public void createNewDownloadConnection(final Message message, boolean interactive) {
96 createNewDownloadConnection(message, interactive, null);
97 }
98
99 public void createNewDownloadConnection(final Message message, boolean interactive, Consumer<DownloadableFile> cb) {
100 synchronized (this.downloadConnections) {
101 for (HttpDownloadConnection connection : this.downloadConnections) {
102 if (connection.getMessage() == message) {
103 Log.d(Config.LOGTAG, message.getConversation().getAccount().getJid().asBareJid() + ": download already in progress");
104 return;
105 }
106 }
107 final HttpDownloadConnection connection = new HttpDownloadConnection(message, this, cb);
108 connection.init(interactive);
109 this.downloadConnections.add(connection);
110 }
111 }
112
113 public void createNewUploadConnection(final Message message, boolean delay) {
114 createNewUploadConnection(message, delay, null);
115 }
116
117 public void createNewUploadConnection(final Message message, boolean delay, final Runnable cb) {
118 synchronized (this.uploadConnections) {
119 for (HttpUploadConnection connection : this.uploadConnections) {
120 if (connection.getMessage() == message) {
121 Log.d(Config.LOGTAG, message.getConversation().getAccount().getJid().asBareJid() + ": upload already in progress");
122 return;
123 }
124 }
125 HttpUploadConnection connection = new HttpUploadConnection(message, Method.determine(message.getConversation().getAccount()), this, cb);
126 connection.init(delay);
127 this.uploadConnections.add(connection);
128 }
129 }
130
131 void finishConnection(HttpDownloadConnection connection) {
132 synchronized (this.downloadConnections) {
133 this.downloadConnections.remove(connection);
134 }
135 }
136
137 void finishUploadConnection(HttpUploadConnection httpUploadConnection) {
138 synchronized (this.uploadConnections) {
139 this.uploadConnections.remove(httpUploadConnection);
140 }
141 }
142
143 public OkHttpClient buildHttpClient(final HttpUrl url, final Account account, boolean interactive) {
144 return buildHttpClient(url, account, 30, interactive);
145 }
146
147 public OkHttpClient buildHttpClient(final HttpUrl url, final Account account, int readTimeout, boolean interactive) {
148 final String slotHostname = url.host();
149 final boolean onionSlot = slotHostname.endsWith(".onion");
150 final OkHttpClient.Builder builder = newBuilder(mXmppConnectionService.useTorToConnect() || account.isOnion() || onionSlot);
151 builder.readTimeout(readTimeout, TimeUnit.SECONDS);
152 setupTrustManager(builder, interactive);
153 return builder.build();
154 }
155
156 private void setupTrustManager(final OkHttpClient.Builder builder, final boolean interactive) {
157 final X509TrustManager trustManager;
158 if (interactive) {
159 trustManager = mXmppConnectionService.getMemorizingTrustManager().getInteractive();
160 } else {
161 trustManager = mXmppConnectionService.getMemorizingTrustManager().getNonInteractive();
162 }
163 try {
164 final SSLSocketFactory sf = new TLSSocketFactory(new X509TrustManager[]{trustManager}, SECURE_RANDOM);
165 builder.sslSocketFactory(sf, trustManager);
166 builder.hostnameVerifier(new StrictHostnameVerifier());
167 } catch (final KeyManagementException | NoSuchAlgorithmException ignored) {
168 }
169 }
170
171 public static OkHttpClient.Builder newBuilder(final boolean tor) {
172 final OkHttpClient.Builder builder = OK_HTTP_CLIENT.newBuilder();
173 builder.writeTimeout(30, TimeUnit.SECONDS);
174 builder.readTimeout(30, TimeUnit.SECONDS);
175 if (tor) {
176 builder.proxy(HttpConnectionManager.getProxy()).build();
177 }
178 return builder;
179 }
180
181 public static InputStream open(final String url, final boolean tor) throws IOException {
182 return open(HttpUrl.get(url), tor);
183 }
184
185 public static InputStream open(final HttpUrl httpUrl, final boolean tor) throws IOException {
186 final OkHttpClient client = newBuilder(tor).build();
187 final Request request = new Request.Builder().get().url(httpUrl).build();
188 final ResponseBody body = client.newCall(request).execute().body();
189 if (body == null) {
190 throw new IOException("No response body found");
191 }
192 return body.byteStream();
193 }
194
195 public static String extractFilenameFromResponse(okhttp3.Response response) {
196 String filename = null;
197
198 // Try to extract filename from the Content-Disposition header
199 String contentDisposition = response.header("Content-Disposition");
200 if (contentDisposition != null && contentDisposition.contains("filename=")) {
201 String[] parts = contentDisposition.split(";");
202 for (String part : parts) {
203 if (part.trim().startsWith("filename=")) {
204 filename = part.substring("filename=".length()).trim().replace("\"", "");
205 break;
206 }
207 }
208 }
209
210 // If filename is not found in the Content-Disposition header, try to get it from the URL
211 if (filename == null || filename.isEmpty()) {
212 HttpUrl httpUrl = response.request().url();
213 List<String> pathSegments = httpUrl.pathSegments();
214 if (!pathSegments.isEmpty()) {
215 filename = pathSegments.get(pathSegments.size() - 1);
216 }
217 }
218
219 return filename;
220 }
221
222 public static OkHttpClient okHttpClient(final Context context) {
223 final OkHttpClient.Builder builder = HttpConnectionManager.OK_HTTP_CLIENT.newBuilder();
224 try {
225 final X509TrustManager trustManager;
226 if (Build.VERSION.SDK_INT <= Build.VERSION_CODES.N) {
227 trustManager = TrustManagers.defaultWithBundledLetsEncrypt(context);
228 } else {
229 trustManager = TrustManagers.createDefaultTrustManager();
230 }
231 final SSLSocketFactory socketFactory =
232 new TLSSocketFactory(new X509TrustManager[] {trustManager}, SECURE_RANDOM);
233 builder.sslSocketFactory(socketFactory, trustManager);
234 } catch (final IOException
235 | KeyManagementException
236 | NoSuchAlgorithmException
237 | KeyStoreException
238 | CertificateException e) {
239 Log.d(Config.LOGTAG, "not reconfiguring service to work with bundled LetsEncrypt");
240 throw new RuntimeException(e);
241 }
242 return builder.build();
243 }
244}