summaryrefslogtreecommitdiffstats
path: root/packages/services
diff options
context:
space:
mode:
Diffstat (limited to 'packages/services')
-rw-r--r--packages/services/PacProcessor/src/com/android/pacprocessor/PacService.java10
-rw-r--r--packages/services/Proxy/src/com/android/proxyhandler/ProxyServer.java202
-rw-r--r--packages/services/Proxy/src/com/android/proxyhandler/ProxyService.java2
3 files changed, 177 insertions, 37 deletions
diff --git a/packages/services/PacProcessor/src/com/android/pacprocessor/PacService.java b/packages/services/PacProcessor/src/com/android/pacprocessor/PacService.java
index c6b76f1..74391eb 100644
--- a/packages/services/PacProcessor/src/com/android/pacprocessor/PacService.java
+++ b/packages/services/PacProcessor/src/com/android/pacprocessor/PacService.java
@@ -72,16 +72,22 @@ public class PacService extends Service {
@Override
public String resolvePacFile(String host, String url) throws RemoteException {
try {
+ if (host == null) {
+ throw new IllegalArgumentException("The host must not be null");
+ }
+ if (url == null) {
+ throw new IllegalArgumentException("The URL must not be null");
+ }
// Check for characters that could be used for an injection attack.
new URL(url);
for (char c : host.toCharArray()) {
if (!Character.isLetterOrDigit(c) && (c != '.') && (c != '-')) {
- throw new RemoteException("Invalid host was passed");
+ throw new IllegalArgumentException("Invalid host was passed");
}
}
return mPacNative.makeProxyRequest(url, host);
} catch (MalformedURLException e) {
- throw new RemoteException("Invalid URL was passed");
+ throw new IllegalArgumentException("Invalid URL was passed");
}
}
diff --git a/packages/services/Proxy/src/com/android/proxyhandler/ProxyServer.java b/packages/services/Proxy/src/com/android/proxyhandler/ProxyServer.java
index edb1630..ac40222 100644
--- a/packages/services/Proxy/src/com/android/proxyhandler/ProxyServer.java
+++ b/packages/services/Proxy/src/com/android/proxyhandler/ProxyServer.java
@@ -20,6 +20,7 @@ import android.util.Log;
import com.android.net.IProxyPortListener;
import com.google.android.collect.Lists;
+import com.google.android.collect.Sets;
import java.io.IOException;
import java.io.InputStream;
@@ -33,6 +34,7 @@ import java.net.SocketException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.List;
+import java.util.Set;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
@@ -46,6 +48,10 @@ public class ProxyServer extends Thread {
private static final String TAG = "ProxyServer";
+ // HTTP Headers
+ private static final String HEADER_CONNECTION = "connection";
+ private static final String HEADER_PROXY_CONNECTION = "proxy-connection";
+
private ExecutorService threadExecutor;
public boolean mIsRunning = false;
@@ -65,10 +71,6 @@ public class ProxyServer extends Thread {
public void run() {
try {
String requestLine = getLine(connection.getInputStream());
- if (requestLine == null) {
- connection.close();
- return;
- }
String[] splitLine = requestLine.split(" ");
if (splitLine.length < 3) {
connection.close();
@@ -76,22 +78,30 @@ public class ProxyServer extends Thread {
}
String requestType = splitLine[0];
String urlString = splitLine[1];
+ String httpVersion = splitLine[2];
- String host = "";
- int port = 80;
+ URI url = null;
+ String host;
+ int port;
if (requestType.equals(CONNECT)) {
String[] hostPortSplit = urlString.split(":");
host = hostPortSplit[0];
- try {
- port = Integer.parseInt(hostPortSplit[1]);
- } catch (NumberFormatException nfe) {
+ // Use default SSL port if not specified. Parse it otherwise
+ if (hostPortSplit.length < 2) {
port = 443;
+ } else {
+ try {
+ port = Integer.parseInt(hostPortSplit[1]);
+ } catch (NumberFormatException nfe) {
+ connection.close();
+ return;
+ }
}
urlString = "Https://" + host + ":" + port;
} else {
try {
- URI url = new URI(urlString);
+ url = new URI(urlString);
host = url.getHost();
port = url.getPort();
if (port < 0) {
@@ -122,44 +132,99 @@ public class ProxyServer extends Thread {
} else {
server = new Socket(host, port);
if (requestType.equals(CONNECT)) {
- while (getLine(connection.getInputStream()).length() != 0);
+ skipToRequestBody(connection);
// No proxy to respond so we must.
sendLine(connection, HTTP_OK);
} else {
- sendLine(server, requestLine);
+ // Proxying the request directly to the origin server.
+ sendAugmentedRequestToHost(connection, server,
+ requestType, url, httpVersion);
}
}
} catch (IOException ioe) {
-
+ if (Log.isLoggable(TAG, Log.VERBOSE)) {
+ Log.v(TAG, "Unable to connect to proxy " + proxy, ioe);
+ }
}
if (server != null) {
break;
}
}
- if (server == null) {
+ if (list.isEmpty()) {
server = new Socket(host, port);
if (requestType.equals(CONNECT)) {
- while (getLine(connection.getInputStream()).length() != 0);
+ skipToRequestBody(connection);
// No proxy to respond so we must.
sendLine(connection, HTTP_OK);
} else {
- sendLine(server, requestLine);
+ // Proxying the request directly to the origin server.
+ sendAugmentedRequestToHost(connection, server,
+ requestType, url, httpVersion);
}
}
// Pass data back and forth until complete.
- SocketConnect.connect(connection, server);
- } catch (IOException e) {
+ if (server != null) {
+ SocketConnect.connect(connection, server);
+ }
+ } catch (Exception e) {
Log.d(TAG, "Problem Proxying", e);
}
try {
connection.close();
} catch (IOException ioe) {
+ // Do nothing
+ }
+ }
+ /**
+ * Sends HTTP request-line (i.e. the first line in the request)
+ * that contains absolute path of a given absolute URI.
+ *
+ * @param server server to send the request to.
+ * @param requestType type of the request, a.k.a. HTTP method.
+ * @param absoluteUri absolute URI which absolute path should be extracted.
+ * @param httpVersion version of HTTP, e.g. HTTP/1.1.
+ * @throws IOException if the request-line cannot be sent.
+ */
+ private void sendRequestLineWithPath(Socket server, String requestType,
+ URI absoluteUri, String httpVersion) throws IOException {
+
+ String absolutePath = getAbsolutePathFromAbsoluteURI(absoluteUri);
+ String outgoingRequestLine = String.format("%s %s %s",
+ requestType, absolutePath, httpVersion);
+ sendLine(server, outgoingRequestLine);
+ }
+
+ /**
+ * Extracts absolute path form a given URI. E.g., passing
+ * <code>http://google.com:80/execute?query=cat#top</code>
+ * will result in <code>/execute?query=cat#top</code>.
+ *
+ * @param uri URI which absolute path has to be extracted,
+ * @return the absolute path of the URI,
+ */
+ private String getAbsolutePathFromAbsoluteURI(URI uri) {
+ String rawPath = uri.getRawPath();
+ String rawQuery = uri.getRawQuery();
+ String rawFragment = uri.getRawFragment();
+ StringBuilder absolutePath = new StringBuilder();
+
+ if (rawPath != null) {
+ absolutePath.append(rawPath);
+ } else {
+ absolutePath.append("/");
+ }
+ if (rawQuery != null) {
+ absolutePath.append("?").append(rawQuery);
}
+ if (rawFragment != null) {
+ absolutePath.append("#").append(rawFragment);
+ }
+ return absolutePath.toString();
}
private String getLine(InputStream inputStream) throws IOException {
- StringBuffer buffer = new StringBuffer();
+ StringBuilder buffer = new StringBuilder();
int byteBuffer = inputStream.read();
if (byteBuffer < 0) return "";
do {
@@ -179,6 +244,79 @@ public class ProxyServer extends Thread {
os.write('\n');
os.flush();
}
+
+ /**
+ * Reads from socket until an empty line is read which indicates the end of HTTP headers.
+ *
+ * @param socket socket to read from.
+ * @throws IOException if an exception took place during the socket read.
+ */
+ private void skipToRequestBody(Socket socket) throws IOException {
+ while (getLine(socket.getInputStream()).length() != 0);
+ }
+
+ /**
+ * Sends an augmented request to the final host (DIRECT connection).
+ *
+ * @param src socket to read HTTP headers from.The socket current position should point
+ * to the beginning of the HTTP header section.
+ * @param dst socket to write the augmented request to.
+ * @param httpMethod original request http method.
+ * @param uri original request absolute URI.
+ * @param httpVersion original request http version.
+ * @throws IOException if an exception took place during socket reads or writes.
+ */
+ private void sendAugmentedRequestToHost(Socket src, Socket dst,
+ String httpMethod, URI uri, String httpVersion) throws IOException {
+
+ sendRequestLineWithPath(dst, httpMethod, uri, httpVersion);
+ filterAndForwardRequestHeaders(src, dst);
+
+ // Currently the proxy does not support keep-alive connections; therefore,
+ // the proxy has to request the destination server to close the connection
+ // after the destination server sent the response.
+ sendLine(dst, "Connection: close");
+
+ // Sends and empty line that indicates termination of the header section.
+ sendLine(dst, "");
+ }
+
+ /**
+ * Forwards original request headers filtering out the ones that have to be removed.
+ *
+ * @param src source socket that contains original request headers.
+ * @param dst destination socket to send the filtered headers to.
+ * @throws IOException if the data cannot be read from or written to the sockets.
+ */
+ private void filterAndForwardRequestHeaders(Socket src, Socket dst) throws IOException {
+ String line;
+ do {
+ line = getLine(src.getInputStream());
+ if (line.length() > 0 && !shouldRemoveHeaderLine(line)) {
+ sendLine(dst, line);
+ }
+ } while (line.length() > 0);
+ }
+
+ /**
+ * Returns true if a given header line has to be removed from the original request.
+ *
+ * @param line header line that should be analysed.
+ * @return true if the header line should be removed and not forwarded to the destination.
+ */
+ private boolean shouldRemoveHeaderLine(String line) {
+ int colIndex = line.indexOf(":");
+ if (colIndex != -1) {
+ String headerName = line.substring(0, colIndex).trim();
+ if (headerName.regionMatches(true, 0, HEADER_CONNECTION, 0,
+ HEADER_CONNECTION.length())
+ || headerName.regionMatches(true, 0, HEADER_PROXY_CONNECTION,
+ 0, HEADER_PROXY_CONNECTION.length())) {
+ return true;
+ }
+ }
+ return false;
+ }
}
public ProxyServer() {
@@ -192,23 +330,21 @@ public class ProxyServer extends Thread {
try {
serverSocket = new ServerSocket(0);
- if (serverSocket != null) {
- setPort(serverSocket.getLocalPort());
+ setPort(serverSocket.getLocalPort());
- while (mIsRunning) {
- try {
- Socket socket = serverSocket.accept();
- // Only receive local connections.
- if (socket.getInetAddress().isLoopbackAddress()) {
- ProxyConnection parser = new ProxyConnection(socket);
+ while (mIsRunning) {
+ try {
+ Socket socket = serverSocket.accept();
+ // Only receive local connections.
+ if (socket.getInetAddress().isLoopbackAddress()) {
+ ProxyConnection parser = new ProxyConnection(socket);
- threadExecutor.execute(parser);
- } else {
- socket.close();
- }
- } catch (IOException e) {
- e.printStackTrace();
+ threadExecutor.execute(parser);
+ } else {
+ socket.close();
}
+ } catch (IOException e) {
+ e.printStackTrace();
}
}
} catch (SocketException e) {
diff --git a/packages/services/Proxy/src/com/android/proxyhandler/ProxyService.java b/packages/services/Proxy/src/com/android/proxyhandler/ProxyService.java
index cbea188..970fdc7 100644
--- a/packages/services/Proxy/src/com/android/proxyhandler/ProxyService.java
+++ b/packages/services/Proxy/src/com/android/proxyhandler/ProxyService.java
@@ -33,8 +33,6 @@ public class ProxyService extends Service {
/** Keep these values up-to-date with PacManager.java */
public static final String KEY_PROXY = "keyProxy";
public static final String HOST = "localhost";
- // STOPSHIP This being a static port means it can be hijacked by other apps.
- public static final int PORT = 8182;
public static final String EXCL_LIST = "";
@Override