HttpConnectionManager.java

  1package eu.siacs.conversations.http;
  2
  3import static eu.siacs.conversations.utils.Random.SECURE_RANDOM;
  4
  5import android.content.Context;
  6import android.os.Build;
  7import android.util.Log;
  8import de.gultsch.common.TrustManagers;
  9import eu.siacs.conversations.BuildConfig;
 10import eu.siacs.conversations.Config;
 11import eu.siacs.conversations.entities.Account;
 12import eu.siacs.conversations.entities.Message;
 13import eu.siacs.conversations.services.AbstractConnectionManager;
 14import eu.siacs.conversations.services.XmppConnectionService;
 15import eu.siacs.conversations.utils.TLSSocketFactory;
 16import java.io.IOException;
 17import java.io.InputStream;
 18import java.net.InetAddress;
 19import java.net.InetSocketAddress;
 20import java.net.Proxy;
 21import java.net.UnknownHostException;
 22import java.security.KeyManagementException;
 23import java.security.KeyStoreException;
 24import java.security.NoSuchAlgorithmException;
 25import java.security.cert.CertificateException;
 26import java.util.ArrayList;
 27import java.util.List;
 28import java.util.concurrent.Executor;
 29import java.util.concurrent.Executors;
 30import java.util.concurrent.TimeUnit;
 31import javax.net.ssl.SSLSocketFactory;
 32import javax.net.ssl.X509TrustManager;
 33import okhttp3.HttpUrl;
 34import okhttp3.OkHttpClient;
 35import okhttp3.Request;
 36import okhttp3.ResponseBody;
 37import org.apache.http.conn.ssl.StrictHostnameVerifier;
 38
 39public class HttpConnectionManager extends AbstractConnectionManager {
 40
 41    private final List<HttpDownloadConnection> downloadConnections = new ArrayList<>();
 42    private final List<HttpUploadConnection> uploadConnections = new ArrayList<>();
 43
 44    public static final Executor EXECUTOR = Executors.newFixedThreadPool(4);
 45
 46    private static final OkHttpClient OK_HTTP_CLIENT;
 47
 48    static {
 49        OK_HTTP_CLIENT =
 50                new OkHttpClient.Builder()
 51                        .addInterceptor(
 52                                chain -> {
 53                                    final Request original = chain.request();
 54                                    final Request modified =
 55                                            original.newBuilder()
 56                                                    .header("User-Agent", getUserAgent())
 57                                                    .build();
 58                                    return chain.proceed(modified);
 59                                })
 60                        .build();
 61    }
 62
 63    public static String getUserAgent() {
 64        return String.format("%s/%s", BuildConfig.APP_NAME, BuildConfig.VERSION_NAME);
 65    }
 66
 67    public HttpConnectionManager(XmppConnectionService service) {
 68        super(service);
 69    }
 70
 71    public static Proxy getProxy() {
 72        final InetAddress localhost;
 73        try {
 74            localhost = InetAddress.getByAddress(new byte[] {127, 0, 0, 1});
 75        } catch (final UnknownHostException e) {
 76            throw new IllegalStateException(e);
 77        }
 78        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
 79            return new Proxy(Proxy.Type.SOCKS, new InetSocketAddress(localhost, 9050));
 80        } else {
 81            return new Proxy(Proxy.Type.HTTP, new InetSocketAddress(localhost, 8118));
 82        }
 83    }
 84
 85    public void createNewDownloadConnection(Message message) {
 86        this.createNewDownloadConnection(message, false);
 87    }
 88
 89    public void createNewDownloadConnection(final Message message, boolean interactive) {
 90        synchronized (this.downloadConnections) {
 91            for (HttpDownloadConnection connection : this.downloadConnections) {
 92                if (connection.getMessage() == message) {
 93                    Log.d(
 94                            Config.LOGTAG,
 95                            message.getConversation().getAccount().getJid().asBareJid()
 96                                    + ": download already in progress");
 97                    return;
 98                }
 99            }
100            final HttpDownloadConnection connection = new HttpDownloadConnection(message, this);
101            connection.init(interactive);
102            this.downloadConnections.add(connection);
103        }
104    }
105
106    public void createNewUploadConnection(final Message message, boolean delay) {
107        synchronized (this.uploadConnections) {
108            for (HttpUploadConnection connection : this.uploadConnections) {
109                if (connection.getMessage() == message) {
110                    Log.d(
111                            Config.LOGTAG,
112                            message.getConversation().getAccount().getJid().asBareJid()
113                                    + ": upload already in progress");
114                    return;
115                }
116            }
117            HttpUploadConnection connection =
118                    new HttpUploadConnection(
119                            message,
120                            Method.determine(message.getConversation().getAccount()),
121                            this);
122            connection.init(delay);
123            this.uploadConnections.add(connection);
124        }
125    }
126
127    void finishConnection(HttpDownloadConnection connection) {
128        synchronized (this.downloadConnections) {
129            this.downloadConnections.remove(connection);
130        }
131    }
132
133    void finishUploadConnection(HttpUploadConnection httpUploadConnection) {
134        synchronized (this.uploadConnections) {
135            this.uploadConnections.remove(httpUploadConnection);
136        }
137    }
138
139    OkHttpClient buildHttpClient(final HttpUrl url, final Account account, boolean interactive) {
140        return buildHttpClient(url, account, 30, interactive);
141    }
142
143    OkHttpClient buildHttpClient(
144            final HttpUrl url, final Account account, int readTimeout, boolean interactive) {
145        final String slotHostname = url.host();
146        final boolean onionSlot = slotHostname.endsWith(".onion");
147        final OkHttpClient.Builder builder = OK_HTTP_CLIENT.newBuilder();
148        builder.writeTimeout(30, TimeUnit.SECONDS);
149        builder.readTimeout(readTimeout, TimeUnit.SECONDS);
150        setupTrustManager(builder, interactive);
151        if (mXmppConnectionService.useTorToConnect() || account.isOnion() || onionSlot) {
152            builder.proxy(HttpConnectionManager.getProxy()).build();
153        }
154        return builder.build();
155    }
156
157    private void setupTrustManager(final OkHttpClient.Builder builder, final boolean interactive) {
158        final X509TrustManager trustManager;
159        if (interactive) {
160            trustManager = mXmppConnectionService.getMemorizingTrustManager().getInteractive();
161        } else {
162            trustManager = mXmppConnectionService.getMemorizingTrustManager().getNonInteractive();
163        }
164        try {
165            final SSLSocketFactory sf =
166                    new TLSSocketFactory(new X509TrustManager[] {trustManager}, SECURE_RANDOM);
167            builder.sslSocketFactory(sf, trustManager);
168            builder.hostnameVerifier(new StrictHostnameVerifier());
169        } catch (final KeyManagementException | NoSuchAlgorithmException ignored) {
170        }
171    }
172
173    public static InputStream open(final String url, final boolean tor) throws IOException {
174        return open(HttpUrl.get(url), tor);
175    }
176
177    public static InputStream open(final HttpUrl httpUrl, final boolean tor) throws IOException {
178        final OkHttpClient.Builder builder = OK_HTTP_CLIENT.newBuilder();
179        if (tor) {
180            builder.proxy(HttpConnectionManager.getProxy()).build();
181        }
182        final OkHttpClient client = builder.build();
183        final Request request = new Request.Builder().get().url(httpUrl).build();
184        final ResponseBody body = client.newCall(request).execute().body();
185        if (body == null) {
186            throw new IOException("No response body found");
187        }
188        return body.byteStream();
189    }
190
191    public static OkHttpClient okHttpClient(final Context context) {
192        final OkHttpClient.Builder builder = HttpConnectionManager.OK_HTTP_CLIENT.newBuilder();
193        try {
194            final X509TrustManager trustManager = TrustManagers.createForAndroidVersion(context);
195            final SSLSocketFactory socketFactory =
196                    new TLSSocketFactory(new X509TrustManager[] {trustManager}, SECURE_RANDOM);
197            builder.sslSocketFactory(socketFactory, trustManager);
198        } catch (final IOException
199                | KeyManagementException
200                | NoSuchAlgorithmException
201                | KeyStoreException
202                | CertificateException e) {
203            Log.d(Config.LOGTAG, "not reconfiguring service to work with bundled LetsEncrypt");
204            throw new RuntimeException(e);
205        }
206        return builder.build();
207    }
208}