X-Git-Url: http://git.megacz.com/?a=blobdiff_plain;f=src%2Forg%2Fxwt%2FHTTP.java;h=8d7ffda56f971ca4ae84511e60174c0b087463ed;hb=e1bf2123524ba1cc258188314733f62c2bf45c00;hp=8f2652830ee2a7204e8a21b2caa921870bef69c1;hpb=0373b49c4640afde70d852f2531e46b19260554f;p=org.ibex.core.git diff --git a/src/org/xwt/HTTP.java b/src/org/xwt/HTTP.java index 8f26528..8d7ffda 100644 --- a/src/org/xwt/HTTP.java +++ b/src/org/xwt/HTTP.java @@ -15,35 +15,41 @@ import org.bouncycastle.crypto.digests.*; */ public class HTTP { - /** the URL as passed to the original constructor; this is never changed */ - final String originalUrl; - /** the URL to connect to; this is munged when the url is parsed */ - URL url = null; + // Public Methods //////////////////////////////////////////////////////////////////////////////////////// + + public HTTP(String url) { this(url, false); } + public HTTP(String url, boolean skipResolveCheck) { originalUrl = url; this.skipResolveCheck = skipResolveCheck; } + + /** Performs an HTTP GET request */ + public InputStream GET() throws IOException { return makeRequest(null, null); } - /** the host to connect to */ - String host = null; + /** Performs an HTTP POST request; content is additional headers, blank line, and body */ + public InputStream POST(String contentType, String content) throws IOException { return makeRequest(contentType, content); } - /** the port to connect on */ - int port = -1; + public static class HTTPException extends IOException { public HTTPException(String s) { super(s); } } - /** true if SSL (HTTPS) should be used */ - boolean ssl = false; - /** the path (URI) to retrieve on the server */ - String path = null; + // Statics /////////////////////////////////////////////////////////////////////////////////////////////// - /** the socket */ - Socket sock = null; + static Hash resolvedHosts = new Hash(); ///< cache for resolveAndCheckIfFirewalled() + private static Hash authCache = new Hash(); ///< cache of userInfo strings, keyed on originalUrl - /** the socket's inputstream */ - InputStream in = null; - /** the username and password portions of the URL */ - String userInfo = null; + // Instance Data /////////////////////////////////////////////////////////////////////////////////////////////// - /** cache of userInfo strings, keyed on originalUrl */ - private static Hashtable authCache = new Hashtable(); + final String originalUrl; ///< the URL as passed to the original constructor; this is never changed + URL url = null; ///< the URL to connect to; this is munged when the url is parsed */ + String host = null; ///< the host to connect to + int port = -1; ///< the port to connect on + boolean ssl = false; ///< true if SSL (HTTPS) should be used + String path = null; ///< the path (URI) to retrieve on the server + Socket sock = null; ///< the socket + InputStream in = null; ///< the socket's inputstream + String userInfo = null; ///< the username and password portions of the URL + boolean firstRequest = true; ///< true iff this is the first request to be made on this socket + boolean skipResolveCheck = false; ///< allowed to skip the resolve check when downloading PAC script + boolean proxied = false; ///< true iff we're using a proxy /** this is null if the current request is the first request on * this HTTP connection; otherwise it is a Semaphore which will be @@ -51,33 +57,6 @@ public class HTTP { */ Semaphore okToRecieve = null; - /** cache for resolveAndCheckIfFirewalled() */ - static Hashtable resolvedHosts = new Hashtable(); - - /** if any request encounters an IOException, the entire HTTP connection is invalidated */ - boolean invalid = false; - - /** true iff we are allowed to skip the resolve check (only allowed when we're downloading the PAC script) */ - boolean skipResolveCheck = false; - - /** true iff we're using a proxy */ - boolean proxied = false; - - - // Public Methods //////////////////////////////////////////////////////////////////////////////////////// - - public HTTP(String url) { this(url, false); } - public HTTP(String url, boolean skipResolveCheck) { - originalUrl = url; - this.skipResolveCheck = skipResolveCheck; - } - - /** Performs an HTTP GET request */ - public InputStream GET() throws IOException { return makeRequest(null, null); } - - /** Performs an HTTP POST request; content is appended to the headers (so it should include a blank line to delimit the beginning of the body) */ - public InputStream POST(String contentType, String content) throws IOException { return makeRequest(contentType, content); } - /** * This method isn't synchronized; however, only one thread can be in the inner synchronized block at a time, and the rest of * the method is protected by in-order one-at-a-time semaphore lock-steps @@ -88,12 +67,11 @@ public class HTTP { Semaphore blockOn = null; Semaphore releaseMe = null; synchronized(this) { - if (invalid) throw new HTTPException("connection failed on a previous pipelined call"); try { connect(); sendRequest(contentType, content); } catch (IOException e) { - invalid = true; + reset(); throw e; } blockOn = okToRecieve; @@ -104,12 +82,18 @@ public class HTTP { boolean doRelease = true; try { if (blockOn != null) blockOn.block(); - if (invalid) throw new HTTPException("connection failed on a previous pipelined call"); + + // previous call wrecked the socket connection, but we already sent our request, so we can't just retry -- + // this could cause the server to receive the request twice, which could be bad (think of the case where the + // server call causes Amazon.com to ship you an item with one-click purchasing). + if (sock == null) + throw new HTTPException("a previous pipelined call messed up the socket"); Hashtable h = in == null ? null : parseHeaders(in); if (h == null) { + if (firstRequest) throw new HTTPException("server closed the socket with no response"); // sometimes the server chooses to close the stream between requests - in = null; sock = null; + reset(); releaseMe.release(); return makeRequest(contentType, content); } @@ -123,7 +107,7 @@ public class HTTP { if (h.get("HTTP").equals("1.0") && h.get("content-length") == null) { if (Log.on) Log.log(this, "proxy returned an HTTP/1.0 reply with no content-length..."); - in = null; sock = null; + reset(); } else { int cl = h.get("content-length") == null ? -1 : Integer.parseInt(h.get("content-length").toString()); new HTTPInputStream(in, cl, releaseMe).close(); @@ -145,7 +129,7 @@ public class HTTP { } - } catch (IOException e) { invalid = true; throw e; + } catch (IOException e) { reset(); throw e; } finally { if (doRelease) releaseMe.release(); } } @@ -172,32 +156,30 @@ public class HTTP { if ((quadbyte[0] == 10 || (quadbyte[0] == 192 && quadbyte[1] == 168) || (quadbyte[0] == 172 && (quadbyte[1] & 0xF0) == 16)) && !addr.equals(Main.originAddr)) - throw new HTTPException("security violation: " + host + " [" + addr.getHostAddress() + "] is in a firewalled netblock"); + throw new HTTPException("security violation: " + host + " [" + addr.getHostAddress() + + "] is in a firewalled netblock"); return; } catch (UnknownHostException uhe) { } - if (Platform.detectProxy() == null) throw new HTTPException("could not resolve hostname \"" + host + "\" and no proxy configured"); - if (Log.on) Log.log(this, " could not resolve host " + host + "; using xmlrpc.xwt.org to ensure security"); - try { - JS.Array args = new JS.Array(); - args.addElement(host); - Object ret = new XMLRPC("http://xmlrpc.xwt.org/RPC2/", "dns.resolve").call(args); - if (ret == null || !(ret instanceof String)) throw new Exception(" xmlrpc.xwt.org returned non-String: " + ret); - resolvedHosts.put(host, ret); - return; - } catch (Throwable e) { - throw new HTTPException("exception while attempting to use xmlrpc.xwt.org to resolve " + host + ": " + e); - } + if (Platform.detectProxy() == null) + throw new HTTPException("could not resolve hostname \"" + host + "\" and no proxy configured"); } // Methods to attempt socket creation ///////////////////////////////////////////////////////////////// + private Socket getSocket(String host, int port, boolean ssl, boolean negotiate) throws IOException { + Socket ret = ssl ? new SSL(host, port, negotiate) : new Socket(java.net.InetAddress.getByName(host), port); + ret.setTcpNoDelay(true); + return ret; + } + /** Attempts a direct connection */ - public Socket attemptDirect() { + private Socket attemptDirect() { try { - if (Log.verbose) Log.log(this, "attempting to create unproxied socket to " + host + ":" + port + (ssl ? " [ssl]" : "")); - return Platform.getSocket(host, port, ssl, true); + if (Log.verbose) Log.log(this, "attempting to create unproxied socket to " + + host + ":" + port + (ssl ? " [ssl]" : "")); + return getSocket(host, port, ssl, true); } catch (IOException e) { if (Log.on) Log.log(this, "exception in attemptDirect(): " + e); return null; @@ -205,23 +187,24 @@ public class HTTP { } /** Attempts to use an HTTP proxy, employing the CONNECT method if HTTPS is requested */ - public Socket attemptHttpProxy(String proxyHost, int proxyPort) { + private Socket attemptHttpProxy(String proxyHost, int proxyPort) { try { if (Log.verbose) Log.log(this, "attempting to create HTTP proxied socket using proxy " + proxyHost + ":" + proxyPort); + Socket sock = getSocket(proxyHost, proxyPort, ssl, false); - Socket sock = Platform.getSocket(proxyHost, proxyPort, ssl, false); if (!ssl) { if (!path.startsWith("http://")) path = "http://" + host + ":" + port + path; - } else { - PrintWriter pw = new PrintWriter(new OutputStreamWriter(sock.getOutputStream())); - BufferedReader br = new BufferedReader(new InputStreamReader(sock.getInputStream())); - pw.print("CONNECT " + host + ":" + port + " HTTP/1.1\r\n\r\n"); - pw.flush(); - String s = br.readLine(); - if (s.charAt(9) != '2') throw new HTTPException("proxy refused CONNECT method: \"" + s + "\""); - while (br.readLine().length() > 0) { }; - ((TinySSL)sock).negotiate(); + return sock; } + + PrintWriter pw = new PrintWriter(new OutputStreamWriter(sock.getOutputStream())); + BufferedReader br = new BufferedReader(new InputStreamReader(sock.getInputStream())); + pw.print("CONNECT " + host + ":" + port + " HTTP/1.1\r\n\r\n"); + pw.flush(); + String s = br.readLine(); + if (s.charAt(9) != '2') throw new HTTPException("proxy refused CONNECT method: \"" + s + "\""); + while (br.readLine().length() > 0) { }; + ((SSL)sock).negotiate(); return sock; } catch (IOException e) { @@ -235,7 +218,7 @@ public class HTTP { * @see http://www.socks.nec.com/protocol/socks4.protocol * @see http://www.socks.nec.com/protocol/socks4a.protocol */ - public Socket attemptSocksProxy(String proxyHost, int proxyPort) { + private Socket attemptSocksProxy(String proxyHost, int proxyPort) { // even if host is already a "x.y.z.w" string, we use this to parse it into bytes InetAddress addr = null; @@ -245,7 +228,7 @@ public class HTTP { " proxied socket using proxy " + proxyHost + ":" + proxyPort); try { - Socket sock = Platform.getSocket(proxyHost, proxyPort, ssl, false); + Socket sock = getSocket(proxyHost, proxyPort, ssl, false); DataOutputStream dos = new DataOutputStream(sock.getOutputStream()); dos.writeByte(0x04); // SOCKSv4(a) @@ -268,7 +251,7 @@ public class HTTP { dis.skip(6); // ip/port if ((int)(success & 0xff) == 90) { - if (ssl) ((TinySSL)sock).negotiate(); + if (ssl) ((SSL)sock).negotiate(); return sock; } if (Log.on) Log.log(this, "SOCKS server denied access, code " + (success & 0xff)); @@ -281,14 +264,12 @@ public class HTTP { } /** executes the PAC script and dispatches a call to one of the other attempt methods based on the result */ - public Socket attemptPAC(org.xwt.js.JS.Callable pacFunc) { + private Socket attemptPAC(org.xwt.js.JS pacFunc) { if (Log.verbose) Log.log(this, "evaluating PAC script"); String pac = null; try { - org.xwt.js.JS.Array args = new org.xwt.js.JS.Array(); - args.addElement(url.toString()); - args.addElement(url.getHost()); - Object obj = pacFunc.call(args); + org.xwt.js.JSArray args = new org.xwt.js.JSArray(); + Object obj = pacFunc.call(url.toString(), url.getHost(), null, null, 2); if (Log.verbose) Log.log(this, " PAC script returned \"" + obj + "\""); pac = obj.toString(); } catch (Throwable e) { @@ -323,10 +304,7 @@ public class HTTP { // Everything Else //////////////////////////////////////////////////////////////////////////// private synchronized void connect() throws IOException { - if (originalUrl.equals("stdio:")) { - in = new BufferedInputStream(System.in); - return; - } + if (originalUrl.equals("stdio:")) { in = new BufferedInputStream(System.in); return; } if (sock != null) { if (in == null) in = new BufferedInputStream(sock.getInputStream()); return; @@ -358,19 +336,24 @@ public class HTTP { if (Log.verbose) Log.log(this, "creating HTTP object for connection to " + host + ":" + port); Proxy pi = Platform.detectProxy(); - if (sock == null && pi != null && pi.proxyAutoConfigFunction != null) sock = attemptPAC(pi.proxyAutoConfigFunction); - if (sock == null && pi != null && ssl && pi.httpsProxyHost != null) sock = attemptHttpProxy(pi.httpsProxyHost, pi.httpsProxyPort); - if (sock == null && pi != null && pi.httpProxyHost != null) sock = attemptHttpProxy(pi.httpProxyHost, pi.httpProxyPort); - if (sock == null && pi != null && pi.socksProxyHost != null) sock = attemptSocksProxy(pi.socksProxyHost, pi.socksProxyPort); + OUTER: do { + if (pi != null) { + for(int i=0; i= 4 && buf[buflen - 4] == '\r' && buf[buflen - 3] == '\n' && buf[buflen - 2] == '\r' && buf[buflen - 1] == '\n') break; + if (buflen >= 4 && buf[buflen - 4] == '\r' && buf[buflen - 3] == '\n' && + buf[buflen - 2] == '\r' && buf[buflen - 1] == '\n') + break; if (buflen == buf.length) { byte[] newbuf = new byte[buf.length * 2]; System.arraycopy(buf, 0, newbuf, 0, buflen); @@ -648,29 +651,14 @@ public class HTTP { public Proxy() { } - /** the HTTP Proxy host to use */ - public String httpProxyHost = null; - - /** the HTTP Proxy port to use */ - public int httpProxyPort = -1; - - /** if a seperate proxy should be used for HTTPS, this is the hostname; otherwise, httpProxyHost is used */ - public String httpsProxyHost = null; - - /** if a seperate proxy should be used for HTTPS, this is the port */ + public String httpProxyHost = null; ///< the HTTP Proxy host to use + public int httpProxyPort = -1; ///< the HTTP Proxy port to use + public String httpsProxyHost = null; ///< seperate proxy for HTTPS public int httpsProxyPort = -1; - - /** the SOCKS Proxy Host to use */ - public String socksProxyHost = null; - - /** the SOCKS Proxy Port to use */ - public int socksProxyPort = -1; - - /** hosts to be excluded from proxy use; wildcards permitted */ - public String[] excluded = null; - - /** the PAC script */ - public JS.Callable proxyAutoConfigFunction = null; + public String socksProxyHost = null; ///< the SOCKS Proxy Host to use + public int socksProxyPort = -1; ///< the SOCKS Proxy Port to use + public String[] excluded = null; ///< hosts to be excluded from proxy use; wildcards permitted + public JSFunction proxyAutoConfigJSFunction = null; ///< the PAC script public static Proxy detectProxyViaManual() { Proxy ret = new Proxy(); @@ -678,7 +666,8 @@ public class HTTP { ret.httpProxyHost = Platform.getEnv("http_proxy"); if (ret.httpProxyHost != null) { if (ret.httpProxyHost.startsWith("http://")) ret.httpProxyHost = ret.httpProxyHost.substring(7); - if (ret.httpProxyHost.endsWith("/")) ret.httpProxyHost = ret.httpProxyHost.substring(0, ret.httpProxyHost.length() - 1); + if (ret.httpProxyHost.endsWith("/")) + ret.httpProxyHost = ret.httpProxyHost.substring(0, ret.httpProxyHost.length() - 1); if (ret.httpProxyHost.indexOf(':') != -1) { ret.httpProxyPort = Integer.parseInt(ret.httpProxyHost.substring(ret.httpProxyHost.indexOf(':') + 1)); ret.httpProxyHost = ret.httpProxyHost.substring(0, ret.httpProxyHost.indexOf(':')); @@ -690,7 +679,8 @@ public class HTTP { ret.httpsProxyHost = Platform.getEnv("https_proxy"); if (ret.httpsProxyHost != null) { if (ret.httpsProxyHost.startsWith("https://")) ret.httpsProxyHost = ret.httpsProxyHost.substring(7); - if (ret.httpsProxyHost.endsWith("/")) ret.httpsProxyHost = ret.httpsProxyHost.substring(0, ret.httpsProxyHost.length() - 1); + if (ret.httpsProxyHost.endsWith("/")) + ret.httpsProxyHost = ret.httpsProxyHost.substring(0, ret.httpsProxyHost.length() - 1); if (ret.httpsProxyHost.indexOf(':') != -1) { ret.httpsProxyPort = Integer.parseInt(ret.httpsProxyHost.substring(ret.httpsProxyHost.indexOf(':') + 1)); ret.httpsProxyHost = ret.httpsProxyHost.substring(0, ret.httpsProxyHost.indexOf(':')); @@ -702,7 +692,8 @@ public class HTTP { ret.socksProxyHost = Platform.getEnv("socks_proxy"); if (ret.socksProxyHost != null) { if (ret.socksProxyHost.startsWith("socks://")) ret.socksProxyHost = ret.socksProxyHost.substring(7); - if (ret.socksProxyHost.endsWith("/")) ret.socksProxyHost = ret.socksProxyHost.substring(0, ret.socksProxyHost.length() - 1); + if (ret.socksProxyHost.endsWith("/")) + ret.socksProxyHost = ret.socksProxyHost.substring(0, ret.socksProxyHost.length() - 1); if (ret.socksProxyHost.indexOf(':') != -1) { ret.socksProxyPort = Integer.parseInt(ret.socksProxyHost.substring(ret.socksProxyHost.indexOf(':') + 1)); ret.socksProxyHost = ret.socksProxyHost.substring(0, ret.socksProxyHost.indexOf(':')); @@ -722,8 +713,8 @@ public class HTTP { return ret; } - public static JS.Scope proxyAutoConfigRootScope = new ProxyAutoConfigRootScope(); - public static JS.Callable getProxyAutoConfigFunction(String url) { + public static JSScope proxyAutoConfigRootJSScope = new ProxyAutoConfigRootJSScope(); + public static JSFunction getProxyAutoConfigJSFunction(String url) { try { BufferedReader br = new BufferedReader(new InputStreamReader(new HTTP(url, true).GET())); String s = null; @@ -749,16 +740,16 @@ public class HTTP { if (Log.on) Log.log(Proxy.class, script); } - JS.CompiledFunction scr = JS.parse("PAC script at " + url, 0, new StringReader(script)); - scr.call(new JS.Array(), proxyAutoConfigRootScope); - return (JS.Callable)proxyAutoConfigRootScope.get("FindProxyForURL"); + JSFunction scr = JSFunction.fromReader("PAC script at " + url, 0, new StringReader(script)); + scr.cloneWithNewParentScope(proxyAutoConfigRootJSScope).call(null, null, null, null, 0); + return (JSFunction)proxyAutoConfigRootJSScope.get("FindProxyForURL"); } catch (Exception e) { if (Log.on) { Log.log(Platform.class, "WPAD detection failed due to:"); - if (e instanceof JS.Exn) { + if (e instanceof JSExn) { try { - org.xwt.js.JS.Array arr = new org.xwt.js.JS.Array(); - arr.addElement(((JS.Exn)e).getObject()); + org.xwt.js.JSArray arr = new org.xwt.js.JSArray(); + arr.addElement(((JSExn)e).getObject()); } catch (Exception e2) { Log.log(Platform.class, e); } @@ -778,7 +769,8 @@ public class HTTP { static public String authorization2 = null; static public Semaphore waitingForUser = new Semaphore(); - public static synchronized void getPassword(final String realm, final String style, final String proxyIP, String oldAuth) { + public static synchronized void getPassword(final String realm, final String style, + final String proxyIP, String oldAuth) { // this handles cases where multiple threads hit the proxy auth at the same time -- all but one will block on the // synchronized keyword. If 'authorization' changed while the thread was blocked, it means that the user entered @@ -786,8 +778,8 @@ public class HTTP { if (authorization != oldAuth) return; if (Log.on) Log.log(Authorization.class, "displaying proxy authorization dialog"); - Message.Q.add(new Message() { - public void perform() { + Scheduler.add(new Scheduler.Task() { + public void perform() throws Exception { Box b = new Box(); Template t = Template.getTemplate((Res)Main.builtin.get("org/xwt/builtin/proxy_authorization.xwt")); t.apply(b, null, null); @@ -798,120 +790,115 @@ public class HTTP { waitingForUser.block(); if (Log.on) Log.log(Authorization.class, "got proxy authorization info; re-attempting connection"); - } } - // ProxyAutoConfigRootScope //////////////////////////////////////////////////////////////////// + // ProxyAutoConfigRootJSScope //////////////////////////////////////////////////////////////////// - public static class ProxyAutoConfigRootScope extends JS.GlobalScope { + public static class ProxyAutoConfigRootJSScope extends JSScope.Global { - public ProxyAutoConfigRootScope() { super(null); } + public ProxyAutoConfigRootJSScope() { super(); } - public Object get(Object name) { - if (name.equals("isPlainHostName")) return isPlainHostName; - else if (name.equals("dnsDomainIs")) return dnsDomainIs; - else if (name.equals("localHostOrDomainIs")) return localHostOrDomainIs; - else if (name.equals("isResolvable")) return isResolvable; - else if (name.equals("isInNet")) return isInNet; - else if (name.equals("dnsResolve")) return dnsResolve; - else if (name.equals("myIpAddress")) return myIpAddress; - else if (name.equals("dnsDomainLevels")) return dnsDomainLevels; - else if (name.equals("shExpMatch")) return shExpMatch; - else if (name.equals("weekdayRange")) return weekdayRange; - else if (name.equals("dateRange")) return dateRange; - else if (name.equals("timeRange")) return timeRange; - else if (name.equals("ProxyConfig")) return ProxyConfig; - else return super.get(name); + public Object get(Object name) throws JSExn { + //#switch(name) + case "isPlainHostName": return METHOD; + case "dnsDomainIs": return METHOD; + case "localHostOrDomainIs": return METHOD; + case "isResolvable": return METHOD; + case "isInNet": return METHOD; + case "dnsResolve": return METHOD; + case "myIpAddress": return METHOD; + case "dnsDomainLevels": return METHOD; + case "shExpMatch": return METHOD; + case "weekdayRange": return METHOD; + case "dateRange": return METHOD; + case "timeRange": return METHOD; + case "ProxyConfig": return ProxyConfig; + //#end + return super.get(name); } - private static final JS.Obj proxyConfigBindings = new JS.Obj(); - private static final JS.Obj ProxyConfig = new JS.Obj() { + private static final JS proxyConfigBindings = new JS(); + private static final JS ProxyConfig = new JS() { public Object get(Object name) { if (name.equals("bindings")) return proxyConfigBindings; return null; } }; - - private static final JS.Callable isPlainHostName = new JS.Callable() { - public Object call(org.xwt.js.JS.Array args) throws JS.Exn { - return (args.elementAt(0).toString().indexOf('.') == -1) ? Boolean.TRUE : Boolean.FALSE; - } - }; - - private static final JS.Callable dnsDomainIs = new JS.Callable() { - public Object call(org.xwt.js.JS.Array args) throws JS.Exn { - return (args.elementAt(0).toString().endsWith(args.elementAt(1).toString())) ? Boolean.TRUE : Boolean.FALSE; - } - }; - - private static final JS.Callable localHostOrDomainIs = new JS.Callable() { - public Object call(org.xwt.js.JS.Array args) throws JS.Exn { - return (args.elementAt(0).toString().equals(args.elementAt(1).toString()) || - (args.elementAt(0).toString().indexOf('.') == -1 && args.elementAt(1).toString().startsWith(args.elementAt(0).toString()))) ? + + public Object callMethod(Object method, Object a0, Object a1, Object a2, Object[] rest, int nargs) throws JSExn { + //#switch(method) + case "isPlainHostName": return (a0.toString().indexOf('.') == -1) ? Boolean.TRUE : Boolean.FALSE; + case "dnsDomainIs": return (a0.toString().endsWith(a1.toString())) ? Boolean.TRUE : Boolean.FALSE; + case "localHostOrDomainIs": + return (a0.equals(a1) || (a0.toString().indexOf('.') == -1 && a1.toString().startsWith(a0.toString()))) ? T:F; + case "isResolvable": try { + return (InetAddress.getByName(a0.toString()) != null) ? Boolean.TRUE : Boolean.FALSE; + } catch (UnknownHostException e) { return F; } + case "isInNet": + if (nargs != 3) return Boolean.FALSE; + try { + byte[] host = InetAddress.getByName(a0.toString()).getAddress(); + byte[] net = InetAddress.getByName(a1.toString()).getAddress(); + byte[] mask = InetAddress.getByName(a2.toString()).getAddress(); + return ((host[0] & mask[0]) == net[0] && + (host[1] & mask[1]) == net[1] && + (host[2] & mask[2]) == net[2] && + (host[3] & mask[3]) == net[3]) ? Boolean.TRUE : Boolean.FALSE; + } catch (Exception e) { + throw new JSExn("exception in isInNet(): " + e); } - }; - - private static final JS.Callable isResolvable = new JS.Callable() { - public Object call(org.xwt.js.JS.Array args) throws JS.Exn { - try { - return (InetAddress.getByName(args.elementAt(0).toString()) != null) ? Boolean.TRUE : Boolean.FALSE; - } catch (UnknownHostException e) { - return Boolean.FALSE; - } - } - }; - - private static final JS.Callable isInNet = new JS.Callable() { - public Object call(org.xwt.js.JS.Array args) throws JS.Exn { - if (args.length() != 3) return Boolean.FALSE; - try { - byte[] host = InetAddress.getByName(args.elementAt(0).toString()).getAddress(); - byte[] net = InetAddress.getByName(args.elementAt(1).toString()).getAddress(); - byte[] mask = InetAddress.getByName(args.elementAt(2).toString()).getAddress(); - return ((host[0] & mask[0]) == net[0] && - (host[1] & mask[1]) == net[1] && - (host[2] & mask[2]) == net[2] && - (host[3] & mask[3]) == net[3]) ? - Boolean.TRUE : Boolean.FALSE; - } catch (Exception e) { - throw new JS.Exn("exception in isInNet(): " + e); - } - } - }; - - private static final JS.Callable dnsResolve = new JS.Callable() { - public Object call(org.xwt.js.JS.Array args) throws JS.Exn { - try { - return InetAddress.getByName(args.elementAt(0).toString()).getHostAddress(); - } catch (UnknownHostException e) { - return null; - } - } - }; - - private static final JS.Callable myIpAddress = new JS.Callable() { - public Object call(org.xwt.js.JS.Array args) throws JS.Exn { - try { - return InetAddress.getLocalHost().getHostAddress(); - } catch (UnknownHostException e) { - if (Log.on) Log.log(this, "strange... host does not know its own address"); - return null; - } + case "dnsResolve": + try { + return InetAddress.getByName(a0.toString()).getHostAddress(); + } catch (UnknownHostException e) { + return null; } - }; - - private static final JS.Callable dnsDomainLevels = new JS.Callable() { - public Object call(org.xwt.js.JS.Array args) throws JS.Exn { - String s = args.elementAt(0).toString(); - int i = 0; - while((i = s.indexOf('.', i)) != -1) i++; - return new Integer(i); + case "myIpAddress": + try { + return InetAddress.getLocalHost().getHostAddress(); + } catch (UnknownHostException e) { + if (Log.on) Log.log(this, "strange... host does not know its own address"); + return null; } - }; - + case "dnsDomainLevels": + String s = a0.toString(); + int i = 0; + while((i = s.indexOf('.', i)) != -1) i++; + return new Integer(i); + case "shExpMatch": + StringTokenizer st = new StringTokenizer(a1.toString(), "*", false); + String[] arr = new String[st.countTokens()]; + String s = a0.toString(); + for (int i=0; st.hasMoreTokens(); i++) arr[i] = st.nextToken(); + return match(arr, s, 0) ? Boolean.TRUE : Boolean.FALSE; + case "weekdayRange": + TimeZone tz = (nargs < 3 || a2 == null || !a2.equals("GMT")) ? + TimeZone.getTimeZone("UTC") : TimeZone.getDefault(); + Calendar c = new GregorianCalendar(); + c.setTimeZone(tz); + c.setTime(new java.util.Date()); + java.util.Date d = c.getTime(); + int day = d.getDay(); + String d1s = a0.toString().toUpperCase(); + int d1 = 0, d2 = 0; + for(int i=0; i= d1 && day <= d2) || (d1 > d2 && (day >= d1 || day <= d2))) ? T : F; + + case "dateRange": throw new JSExn("XWT does not support dateRange() in PAC scripts"); + case "timeRange": throw new JSExn("XWT does not support timeRange() in PAC scripts"); + //#end + return super.callMethod(method, a0, a1, a2, rest, nargs); + } private static boolean match(String[] arr, String s, int index) { if (index >= arr.length) return true; for(int i=0; i= d1 && day <= d2) || - (d1 > d2 && (day >= d1 || day <= d2))) ? - Boolean.TRUE : Boolean.FALSE; - } + } + + + /** + * An implementation of Microsoft's proprietary NTLM authentication protocol. This code was derived from Eric + * Glass's work, and is copyright as follows: + * + * Copyright (c) 2003 Eric Glass (eglass1 at comcast.net). + * + * Permission to use, copy, modify, and distribute this document for any purpose and without any fee is hereby + * granted, provided that the above copyright notice and this list of conditions appear in all copies. + * The most current version of this document may be obtained from http://davenport.sourceforge.net/ntlm.html . + */ + public static class NTLM { + + public static final byte[] type1 = new byte[] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x01, + 0x00, 0x00, 0x00, 0x00, 0x02, 0x02, 0x00 }; + + /** + * Calculates the NTLM Response for the given challenge, using the + * specified password. + * + * @param password The user's password. + * @param challenge The Type 2 challenge from the server. + * + * @return The NTLM Response. + */ + public static byte[] getNTLMResponse(String password, byte[] challenge) + throws Exception { + byte[] ntlmHash = ntlmHash(password); + return lmResponse(ntlmHash, challenge); + } + + /** + * Calculates the LM Response for the given challenge, using the specified + * password. + * + * @param password The user's password. + * @param challenge The Type 2 challenge from the server. + * + * @return The LM Response. + */ + public static byte[] getLMResponse(String password, byte[] challenge) + throws Exception { + byte[] lmHash = lmHash(password); + return lmResponse(lmHash, challenge); + } + + /** + * Calculates the NTLMv2 Response for the given challenge, using the + * specified authentication target, username, password, target information + * block, and client challenge. + * + * @param target The authentication target (i.e., domain). + * @param user The username. + * @param password The user's password. + * @param targetInformation The target information block from the Type 2 + * message. + * @param challenge The Type 2 challenge from the server. + * @param clientChallenge The random 8-byte client challenge. + * + * @return The NTLMv2 Response. + */ + public static byte[] getNTLMv2Response(String target, String user, + String password, byte[] targetInformation, byte[] challenge, + byte[] clientChallenge) throws Exception { + byte[] ntlmv2Hash = ntlmv2Hash(target, user, password); + byte[] blob = createBlob(targetInformation, clientChallenge); + return lmv2Response(ntlmv2Hash, blob, challenge); + } + + /** + * Calculates the LMv2 Response for the given challenge, using the + * specified authentication target, username, password, and client + * challenge. + * + * @param target The authentication target (i.e., domain). + * @param user The username. + * @param password The user's password. + * @param challenge The Type 2 challenge from the server. + * @param clientChallenge The random 8-byte client challenge. + * + * @return The LMv2 Response. + */ + public static byte[] getLMv2Response(String target, String user, + String password, byte[] challenge, byte[] clientChallenge) + throws Exception { + byte[] ntlmv2Hash = ntlmv2Hash(target, user, password); + return lmv2Response(ntlmv2Hash, clientChallenge, challenge); + } + + /** + * Calculates the NTLM2 Session Response for the given challenge, using the + * specified password and client challenge. + * + * @param password The user's password. + * @param challenge The Type 2 challenge from the server. + * @param clientChallenge The random 8-byte client challenge. + * + * @return The NTLM2 Session Response. This is placed in the NTLM + * response field of the Type 3 message; the LM response field contains + * the client challenge, null-padded to 24 bytes. + */ + public static byte[] getNTLM2SessionResponse(String password, + byte[] challenge, byte[] clientChallenge) throws Exception { + byte[] ntlmHash = ntlmHash(password); + MD5Digest md5 = new MD5Digest(); + md5.update(challenge, 0, challenge.length); + md5.update(clientChallenge, 0, clientChallenge.length); + byte[] sessionHash = new byte[8]; + byte[] md5_out = new byte[md5.getDigestSize()]; + md5.doFinal(md5_out, 0); + System.arraycopy(md5_out, 0, sessionHash, 0, 8); + return lmResponse(ntlmHash, sessionHash); + } + + /** + * Creates the LM Hash of the user's password. + * + * @param password The password. + * + * @return The LM Hash of the given password, used in the calculation + * of the LM Response. + */ + private static byte[] lmHash(String password) throws Exception { + /* + byte[] oemPassword = password.toUpperCase().getBytes("US-ASCII"); + int length = java.lang.Math.min(oemPassword.length, 14); + byte[] keyBytes = new byte[14]; + System.arraycopy(oemPassword, 0, keyBytes, 0, length); + Key lowKey = createDESKey(keyBytes, 0); + Key highKey = createDESKey(keyBytes, 7); + byte[] magicConstant = "KGS!@#$%".getBytes("US-ASCII"); + Cipher des = Cipher.getInstance("DES/ECB/NoPadding"); + des.init(Cipher.ENCRYPT_MODE, lowKey); + byte[] lowHash = des.doFinal(magicConstant); + des.init(Cipher.ENCRYPT_MODE, highKey); + byte[] highHash = des.doFinal(magicConstant); + byte[] lmHash = new byte[16]; + System.arraycopy(lowHash, 0, lmHash, 0, 8); + System.arraycopy(highHash, 0, lmHash, 8, 8); + return lmHash; + */ + return null; + } + + /** + * Creates the NTLM Hash of the user's password. + * + * @param password The password. + * + * @return The NTLM Hash of the given password, used in the calculation + * of the NTLM Response and the NTLMv2 and LMv2 Hashes. + */ + private static byte[] ntlmHash(String password) throws Exception { + byte[] unicodePassword = password.getBytes("UnicodeLittleUnmarked"); + MD4Digest md4 = new MD4Digest(); + md4.update(unicodePassword, 0, unicodePassword.length); + byte[] ret = new byte[md4.getDigestSize()]; + return ret; + } + + /** + * Creates the NTLMv2 Hash of the user's password. + * + * @param target The authentication target (i.e., domain). + * @param user The username. + * @param password The password. + * + * @return The NTLMv2 Hash, used in the calculation of the NTLMv2 + * and LMv2 Responses. + */ + private static byte[] ntlmv2Hash(String target, String user, + String password) throws Exception { + byte[] ntlmHash = ntlmHash(password); + String identity = user.toUpperCase() + target.toUpperCase(); + return hmacMD5(identity.getBytes("UnicodeLittleUnmarked"), ntlmHash); + } + + /** + * Creates the LM Response from the given hash and Type 2 challenge. + * + * @param hash The LM or NTLM Hash. + * @param challenge The server challenge from the Type 2 message. + * + * @return The response (either LM or NTLM, depending on the provided + * hash). + */ + private static byte[] lmResponse(byte[] hash, byte[] challenge) + throws Exception { + /* + byte[] keyBytes = new byte[21]; + System.arraycopy(hash, 0, keyBytes, 0, 16); + Key lowKey = createDESKey(keyBytes, 0); + Key middleKey = createDESKey(keyBytes, 7); + Key highKey = createDESKey(keyBytes, 14); + Cipher des = Cipher.getInstance("DES/ECB/NoPadding"); + des.init(Cipher.ENCRYPT_MODE, lowKey); + byte[] lowResponse = des.doFinal(challenge); + des.init(Cipher.ENCRYPT_MODE, middleKey); + byte[] middleResponse = des.doFinal(challenge); + des.init(Cipher.ENCRYPT_MODE, highKey); + byte[] highResponse = des.doFinal(challenge); + byte[] lmResponse = new byte[24]; + System.arraycopy(lowResponse, 0, lmResponse, 0, 8); + System.arraycopy(middleResponse, 0, lmResponse, 8, 8); + System.arraycopy(highResponse, 0, lmResponse, 16, 8); + return lmResponse; + */ + return null; + } + + /** + * Creates the LMv2 Response from the given hash, client data, and + * Type 2 challenge. + * + * @param hash The NTLMv2 Hash. + * @param clientData The client data (blob or client challenge). + * @param challenge The server challenge from the Type 2 message. + * + * @return The response (either NTLMv2 or LMv2, depending on the + * client data). + */ + private static byte[] lmv2Response(byte[] hash, byte[] clientData, + byte[] challenge) throws Exception { + byte[] data = new byte[challenge.length + clientData.length]; + System.arraycopy(challenge, 0, data, 0, challenge.length); + System.arraycopy(clientData, 0, data, challenge.length, + clientData.length); + byte[] mac = hmacMD5(data, hash); + byte[] lmv2Response = new byte[mac.length + clientData.length]; + System.arraycopy(mac, 0, lmv2Response, 0, mac.length); + System.arraycopy(clientData, 0, lmv2Response, mac.length, + clientData.length); + return lmv2Response; + } + + /** + * Creates the NTLMv2 blob from the given target information block and + * client challenge. + * + * @param targetInformation The target information block from the Type 2 + * message. + * @param clientChallenge The random 8-byte client challenge. + * + * @return The blob, used in the calculation of the NTLMv2 Response. + */ + private static byte[] createBlob(byte[] targetInformation, + byte[] clientChallenge) { + byte[] blobSignature = new byte[] { + (byte) 0x01, (byte) 0x01, (byte) 0x00, (byte) 0x00 }; - - private static final JS.Callable dateRange = new JS.Callable() { - public Object call(org.xwt.js.JS.Array args) throws JS.Exn { - throw new JS.Exn("XWT does not support dateRange() in PAC scripts"); - } + byte[] reserved = new byte[] { + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00 }; - - private static final JS.Callable timeRange = new JS.Callable() { - public Object call(org.xwt.js.JS.Array args) throws JS.Exn { - throw new JS.Exn("XWT does not support timeRange() in PAC scripts"); - } + byte[] unknown1 = new byte[] { + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00 }; - - } + byte[] unknown2 = new byte[] { + (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00 + }; + long time = System.currentTimeMillis(); + time += 11644473600000l; // milliseconds from January 1, 1601 -> epoch. + time *= 10000; // tenths of a microsecond. + // convert to little-endian byte array. + byte[] timestamp = new byte[8]; + for (int i = 0; i < 8; i++) { + timestamp[i] = (byte) time; + time >>>= 8; + } + byte[] blob = new byte[blobSignature.length + reserved.length + + timestamp.length + clientChallenge.length + + unknown1.length + targetInformation.length + + unknown2.length]; + int offset = 0; + System.arraycopy(blobSignature, 0, blob, offset, blobSignature.length); + offset += blobSignature.length; + System.arraycopy(reserved, 0, blob, offset, reserved.length); + offset += reserved.length; + System.arraycopy(timestamp, 0, blob, offset, timestamp.length); + offset += timestamp.length; + System.arraycopy(clientChallenge, 0, blob, offset, + clientChallenge.length); + offset += clientChallenge.length; + System.arraycopy(unknown1, 0, blob, offset, unknown1.length); + offset += unknown1.length; + System.arraycopy(targetInformation, 0, blob, offset, + targetInformation.length); + offset += targetInformation.length; + System.arraycopy(unknown2, 0, blob, offset, unknown2.length); + return blob; + } - } + /** + * Calculates the HMAC-MD5 hash of the given data using the specified + * hashing key. + * + * @param data The data for which the hash will be calculated. + * @param key The hashing key. + * + * @return The HMAC-MD5 hash of the given data. + */ + private static byte[] hmacMD5(byte[] data, byte[] key) throws Exception { + byte[] ipad = new byte[64]; + byte[] opad = new byte[64]; + for (int i = 0; i < 64; i++) { + ipad[i] = (byte) 0x36; + opad[i] = (byte) 0x5c; + } + for (int i = key.length - 1; i >= 0; i--) { + ipad[i] ^= key[i]; + opad[i] ^= key[i]; + } + byte[] content = new byte[data.length + 64]; + System.arraycopy(ipad, 0, content, 0, 64); + System.arraycopy(data, 0, content, 64, data.length); + MD5Digest md5 = new MD5Digest(); + md5.update(content, 0, content.length); + data = new byte[md5.getDigestSize()]; + md5.doFinal(data, 0); + content = new byte[data.length + 64]; + System.arraycopy(opad, 0, content, 0, 64); + System.arraycopy(data, 0, content, 64, data.length); + md5 = new MD5Digest(); + md5.update(content, 0, content.length); + byte[] ret = new byte[md5.getDigestSize()]; + md5.doFinal(ret, 0); + return ret; + } + /** + * Creates a DES encryption key from the given key material. + * + * @param bytes A byte array containing the DES key material. + * @param offset The offset in the given byte array at which + * the 7-byte key material starts. + * + * @return A DES encryption key created from the key material + * starting at the specified offset in the given byte array. + */ + /* + private static Key createDESKey(byte[] bytes, int offset) { + byte[] keyBytes = new byte[7]; + System.arraycopy(bytes, offset, keyBytes, 0, 7); + byte[] material = new byte[8]; + material[0] = keyBytes[0]; + material[1] = (byte) (keyBytes[0] << 7 | (keyBytes[1] & 0xff) >>> 1); + material[2] = (byte) (keyBytes[1] << 6 | (keyBytes[2] & 0xff) >>> 2); + material[3] = (byte) (keyBytes[2] << 5 | (keyBytes[3] & 0xff) >>> 3); + material[4] = (byte) (keyBytes[3] << 4 | (keyBytes[4] & 0xff) >>> 4); + material[5] = (byte) (keyBytes[4] << 3 | (keyBytes[5] & 0xff) >>> 5); + material[6] = (byte) (keyBytes[5] << 2 | (keyBytes[6] & 0xff) >>> 6); + material[7] = (byte) (keyBytes[6] << 1); + oddParity(material); + return new SecretKeySpec(material, "DES"); + } + */ + + /** + * Applies odd parity to the given byte array. + * + * @param bytes The data whose parity bits are to be adjusted for + * odd parity. + */ + private static void oddParity(byte[] bytes) { + for (int i = 0; i < bytes.length; i++) { + byte b = bytes[i]; + boolean needsParity = (((b >>> 7) ^ (b >>> 6) ^ (b >>> 5) ^ + (b >>> 4) ^ (b >>> 3) ^ (b >>> 2) ^ + (b >>> 1)) & 0x01) == 0; + if (needsParity) { + bytes[i] |= (byte) 0x01; + } else { + bytes[i] &= (byte) 0xfe; + } + } + } + + } + } }