1 // Copyright 2003 Adam Megacz, see the COPYING file for licensing [GPL]
9 import org.bouncycastle.util.encoders.Base64;
10 import org.bouncycastle.crypto.digests.*;
13 * This object encapsulates a *single* HTTP connection. Multiple requests may be pipelined over a connection (thread-safe),
14 * although any IOException encountered in a request will invalidate all later requests.
18 /** the URL as passed to the original constructor; this is never changed */
19 final String originalUrl;
21 /** the URL to connect to; this is munged when the url is parsed */
24 /** the host to connect to */
27 /** the port to connect on */
30 /** true if SSL (HTTPS) should be used */
33 /** the path (URI) to retrieve on the server */
39 /** the socket's inputstream */
40 InputStream in = null;
42 /** the username and password portions of the URL */
43 String userInfo = null;
45 /** cache of userInfo strings, keyed on originalUrl */
46 private static Hashtable authCache = new Hashtable();
48 /** this is null if the current request is the first request on
49 * this HTTP connection; otherwise it is a Semaphore which will be
50 * released once the request ahead of us has recieved its response
52 Semaphore okToRecieve = null;
54 /** cache for resolveAndCheckIfFirewalled() */
55 static Hashtable resolvedHosts = new Hashtable();
57 /** true iff we are allowed to skip the resolve check (only allowed when we're downloading the PAC script) */
58 boolean skipResolveCheck = false;
60 /** true iff we're using a proxy */
61 boolean proxied = false;
64 // Public Methods ////////////////////////////////////////////////////////////////////////////////////////
66 public HTTP(String url) { this(url, false); }
67 public HTTP(String url, boolean skipResolveCheck) {
69 this.skipResolveCheck = skipResolveCheck;
72 /** Performs an HTTP GET request */
73 public InputStream GET() throws IOException { return makeRequest(null, null); }
75 /** Performs an HTTP POST request; content is appended to the headers (so it should include a blank line to delimit the beginning of the body) */
76 public InputStream POST(String contentType, String content) throws IOException { return makeRequest(contentType, content); }
79 * This method isn't synchronized; however, only one thread can be in the inner synchronized block at a time, and the rest of
80 * the method is protected by in-order one-at-a-time semaphore lock-steps
82 private InputStream makeRequest(String contentType, String content) throws IOException {
84 // Step 1: send the request and establish a semaphore to stop any requests that pipeline after us
85 Semaphore blockOn = null;
86 Semaphore releaseMe = null;
90 sendRequest(contentType, content);
91 } catch (IOException e) {
96 blockOn = okToRecieve;
97 releaseMe = okToRecieve = new Semaphore();
100 // Step 2: wait for requests ahead of us to complete, then read the reply off the stream
101 boolean doRelease = true;
103 if (blockOn != null) blockOn.block();
105 // previous call wrecked the socket connection, but we already sent our request, so we can't just retry --
106 // this could cause the server to receive the request twice, which could be bad (think of the case where the
107 // server call causes Amazon.com to ship you an item with one-click purchasing).
109 throw new HTTPException("a previous pipelined call messed up the socket");
111 Hashtable h = in == null ? null : parseHeaders(in);
113 // sometimes the server chooses to close the stream between requests
114 in = null; sock = null;
116 return makeRequest(contentType, content);
119 String reply = h.get("STATUSLINE").toString();
121 if (reply.startsWith("407") || reply.startsWith("401")) {
123 if (reply.startsWith("407")) doProxyAuth(h, content == null ? "GET" : "POST");
124 else doWebAuth(h, content == null ? "GET" : "POST");
126 if (h.get("HTTP").equals("1.0") && h.get("content-length") == null) {
127 if (Log.on) Log.log(this, "proxy returned an HTTP/1.0 reply with no content-length...");
128 in = null; sock = null;
130 int cl = h.get("content-length") == null ? -1 : Integer.parseInt(h.get("content-length").toString());
131 new HTTPInputStream(in, cl, releaseMe).close();
134 return makeRequest(contentType, content);
136 } else if (reply.startsWith("2")) {
137 if (h.get("HTTP").equals("1.0") && h.get("content-length") == null)
138 throw new HTTPException("XWT does not support HTTP/1.0 servers which fail to return the Content-Length header");
139 int cl = h.get("content-length") == null ? -1 : Integer.parseInt(h.get("content-length").toString());
140 InputStream ret = new HTTPInputStream(in, cl, releaseMe);
141 if ("gzip".equals(h.get("content-encoding"))) ret = new java.util.zip.GZIPInputStream(ret);
146 throw new HTTPException("HTTP Error: " + reply);
150 } catch (IOException e) { sock = null; in = null; throw e;
151 } finally { if (doRelease) releaseMe.release();
156 // Safeguarded DNS Resolver ///////////////////////////////////////////////////////////////////////////
159 * resolves the hostname and returns it as a string in the form "x.y.z.w"
160 * @throws HTTPException if the host falls within a firewalled netblock
162 private void resolveAndCheckIfFirewalled(String host) throws HTTPException {
165 if (resolvedHosts.get(host) != null) return;
167 // if all scripts are trustworthy (local FS), continue
168 if (Main.originAddr == null) return;
172 InetAddress addr = InetAddress.getByName(host);
173 byte[] quadbyte = addr.getAddress();
174 if ((quadbyte[0] == 10 ||
175 (quadbyte[0] == 192 && quadbyte[1] == 168) ||
176 (quadbyte[0] == 172 && (quadbyte[1] & 0xF0) == 16)) && !addr.equals(Main.originAddr))
177 throw new HTTPException("security violation: " + host + " [" + addr.getHostAddress() + "] is in a firewalled netblock");
179 } catch (UnknownHostException uhe) { }
181 if (Platform.detectProxy() == null) throw new HTTPException("could not resolve hostname \"" + host + "\" and no proxy configured");
182 if (Log.on) Log.log(this, " could not resolve host " + host + "; using xmlrpc.xwt.org to ensure security");
184 JS.Array args = new JS.Array();
185 args.addElement(host);
186 Object ret = new XMLRPC("http://xmlrpc.xwt.org/RPC2/", "dns.resolve").call(args);
187 if (ret == null || !(ret instanceof String)) throw new Exception(" xmlrpc.xwt.org returned non-String: " + ret);
188 resolvedHosts.put(host, ret);
190 } catch (Throwable e) {
191 throw new HTTPException("exception while attempting to use xmlrpc.xwt.org to resolve " + host + ": " + e);
196 // Methods to attempt socket creation /////////////////////////////////////////////////////////////////
198 /** Attempts a direct connection */
199 public Socket attemptDirect() {
201 if (Log.verbose) Log.log(this, "attempting to create unproxied socket to " + host + ":" + port + (ssl ? " [ssl]" : ""));
202 return Platform.getSocket(host, port, ssl, true);
203 } catch (IOException e) {
204 if (Log.on) Log.log(this, "exception in attemptDirect(): " + e);
209 /** Attempts to use an HTTP proxy, employing the CONNECT method if HTTPS is requested */
210 public Socket attemptHttpProxy(String proxyHost, int proxyPort) {
212 if (Log.verbose) Log.log(this, "attempting to create HTTP proxied socket using proxy " + proxyHost + ":" + proxyPort);
214 Socket sock = Platform.getSocket(proxyHost, proxyPort, ssl, false);
216 if (!path.startsWith("http://")) path = "http://" + host + ":" + port + path;
218 PrintWriter pw = new PrintWriter(new OutputStreamWriter(sock.getOutputStream()));
219 BufferedReader br = new BufferedReader(new InputStreamReader(sock.getInputStream()));
220 pw.print("CONNECT " + host + ":" + port + " HTTP/1.1\r\n\r\n");
222 String s = br.readLine();
223 if (s.charAt(9) != '2') throw new HTTPException("proxy refused CONNECT method: \"" + s + "\"");
224 while (br.readLine().length() > 0) { };
225 ((TinySSL)sock).negotiate();
229 } catch (IOException e) {
230 if (Log.on) Log.log(this, "exception in attemptHttpProxy(): " + e);
236 * Implements SOCKSv4 with v4a DNS extension
237 * @see http://www.socks.nec.com/protocol/socks4.protocol
238 * @see http://www.socks.nec.com/protocol/socks4a.protocol
240 public Socket attemptSocksProxy(String proxyHost, int proxyPort) {
242 // even if host is already a "x.y.z.w" string, we use this to parse it into bytes
243 InetAddress addr = null;
244 try { addr = InetAddress.getByName(host); } catch (Exception e) { }
246 if (Log.verbose) Log.log(this, "attempting to create SOCKSv4" + (addr == null ? "" : "a") +
247 " proxied socket using proxy " + proxyHost + ":" + proxyPort);
250 Socket sock = Platform.getSocket(proxyHost, proxyPort, ssl, false);
252 DataOutputStream dos = new DataOutputStream(sock.getOutputStream());
253 dos.writeByte(0x04); // SOCKSv4(a)
254 dos.writeByte(0x01); // CONNECT
255 dos.writeShort(port & 0xffff); // port
256 if (addr == null) dos.writeInt(0x00000001); // bogus IP
257 else dos.write(addr.getAddress()); // actual IP
258 dos.writeByte(0x00); // no userid
260 PrintWriter pw = new PrintWriter(new OutputStreamWriter(dos));
263 dos.writeByte(0x00); // hostname null terminator
267 DataInputStream dis = new DataInputStream(sock.getInputStream());
268 dis.readByte(); // reply version
269 byte success = dis.readByte(); // success/fail
270 dis.skip(6); // ip/port
272 if ((int)(success & 0xff) == 90) {
273 if (ssl) ((TinySSL)sock).negotiate();
276 if (Log.on) Log.log(this, "SOCKS server denied access, code " + (success & 0xff));
279 } catch (IOException e) {
280 if (Log.on) Log.log(this, "exception in attemptSocksProxy(): " + e);
285 /** executes the PAC script and dispatches a call to one of the other attempt methods based on the result */
286 public Socket attemptPAC(org.xwt.js.JS.Callable pacFunc) {
287 if (Log.verbose) Log.log(this, "evaluating PAC script");
290 org.xwt.js.JS.Array args = new org.xwt.js.JS.Array();
291 args.addElement(url.toString());
292 args.addElement(url.getHost());
293 Object obj = pacFunc.call(args);
294 if (Log.verbose) Log.log(this, " PAC script returned \"" + obj + "\"");
295 pac = obj.toString();
296 } catch (Throwable e) {
297 if (Log.on) Log.log(this, "PAC script threw exception " + e);
301 StringTokenizer st = new StringTokenizer(pac, ";", false);
302 while (st.hasMoreTokens()) {
303 String token = st.nextToken().trim();
304 if (Log.verbose) Log.log(this, " trying \"" + token + "\"...");
307 if (token.startsWith("DIRECT"))
308 ret = attemptDirect();
309 else if (token.startsWith("PROXY"))
310 ret = attemptHttpProxy(token.substring(token.indexOf(' ') + 1, token.indexOf(':')),
311 Integer.parseInt(token.substring(token.indexOf(':') + 1)));
312 else if (token.startsWith("SOCKS"))
313 ret = attemptSocksProxy(token.substring(token.indexOf(' ') + 1, token.indexOf(':')),
314 Integer.parseInt(token.substring(token.indexOf(':') + 1)));
315 if (ret != null) return ret;
316 } catch (Throwable e) {
317 if (Log.on) Log.log(this, "attempt at \"" + token + "\" failed due to " + e + "; trying next token");
320 if (Log.on) Log.log(this, "all PAC results exhausted");
325 // Everything Else ////////////////////////////////////////////////////////////////////////////
327 private synchronized void connect() throws IOException {
328 if (originalUrl.equals("stdio:")) {
329 in = new BufferedInputStream(System.in);
333 if (in == null) in = new BufferedInputStream(sock.getInputStream());
336 // grab the userinfo; gcj doesn't have java.net.URL.getUserInfo()
337 String url = originalUrl;
338 userInfo = url.substring(url.indexOf("://") + 3);
339 userInfo = userInfo.indexOf('/') == -1 ? userInfo : userInfo.substring(0, userInfo.indexOf('/'));
340 if (userInfo.indexOf('@') != -1) {
341 userInfo = userInfo.substring(0, userInfo.indexOf('@'));
342 url = url.substring(0, url.indexOf("://") + 3) + url.substring(url.indexOf('@') + 1);
347 if (url.startsWith("https:")) {
348 this.url = new URL("http" + url.substring(5));
350 } else if (!url.startsWith("http:")) {
351 throw new MalformedURLException("HTTP only supports http/https urls");
353 this.url = new URL(url);
355 if (!skipResolveCheck) resolveAndCheckIfFirewalled(this.url.getHost());
356 port = this.url.getPort();
357 path = this.url.getFile();
358 if (port == -1) port = ssl ? 443 : 80;
359 host = this.url.getHost();
360 if (Log.verbose) Log.log(this, "creating HTTP object for connection to " + host + ":" + port);
362 Proxy pi = Platform.detectProxy();
363 if (sock == null && pi != null && pi.proxyAutoConfigFunction != null) sock = attemptPAC(pi.proxyAutoConfigFunction);
364 if (sock == null && pi != null && ssl && pi.httpsProxyHost != null) sock = attemptHttpProxy(pi.httpsProxyHost, pi.httpsProxyPort);
365 if (sock == null && pi != null && pi.httpProxyHost != null) sock = attemptHttpProxy(pi.httpProxyHost, pi.httpProxyPort);
366 if (sock == null && pi != null && pi.socksProxyHost != null) sock = attemptSocksProxy(pi.socksProxyHost, pi.socksProxyPort);
367 proxied = sock != null;
368 if (sock == null) sock = attemptDirect();
369 if (sock == null) throw new HTTPException("unable to contact host " + host);
370 if (in == null) in = new BufferedInputStream(sock.getInputStream());
373 public void sendRequest(String contentType, String content) throws IOException {
375 PrintWriter pw = new PrintWriter(new OutputStreamWriter(originalUrl.equals("stdio:") ? System.out : sock.getOutputStream()));
376 if (content != null) {
377 pw.print("POST " + path + " HTTP/1.1\r\n");
378 int contentLength = content.substring(0, 2).equals("\r\n") ?
379 content.length() - 2 :
380 (content.length() - content.indexOf("\r\n\r\n") - 4);
381 pw.print("Content-Length: " + contentLength + "\r\n");
382 if (contentType != null) pw.print("Content-Type: " + contentType + "\r\n");
384 pw.print("GET " + path + " HTTP/1.1\r\n");
387 pw.print("User-Agent: XWT\r\n");
388 pw.print("Accept-encoding: gzip\r\n");
389 pw.print("Host: " + (host + (port == 80 ? "" : (":" + port))) + "\r\n");
390 if (proxied) pw.print("X-RequestOrigin: " + Main.originHost + "\r\n");
392 if (Proxy.Authorization.authorization != null) pw.print("Proxy-Authorization: " + Proxy.Authorization.authorization2 + "\r\n");
393 if (authCache.get(originalUrl) != null) pw.print("Authorization: " + authCache.get(originalUrl) + "\r\n");
395 pw.print(content == null ? "\r\n" : content);
400 private void doWebAuth(Hashtable h0, String method) throws IOException {
401 if (userInfo == null) throw new HTTPException("web server demanded username/password, but none were supplied");
402 Hashtable h = parseAuthenticationChallenge(h0.get("www-authenticate").toString());
404 if (h.get("AUTHTYPE").equals("Basic")) {
405 if (authCache.get(originalUrl) != null) throw new HTTPException("username/password rejected");
406 authCache.put(originalUrl, "Basic " + new String(Base64.encode(userInfo.getBytes("US-ASCII"))));
408 } else if (h.get("AUTHTYPE").equals("Digest")) {
409 if (authCache.get(originalUrl) != null && !"true".equals(h.get("stale"))) throw new HTTPException("username/password rejected");
411 if (path2.startsWith("http://") || path2.startsWith("https://")) {
412 path2 = path2.substring(path2.indexOf("://") + 3);
413 path2 = path2.substring(path2.indexOf('/'));
415 String A1 = userInfo.substring(0, userInfo.indexOf(':')) + ":" + h.get("realm") + ":" + userInfo.substring(userInfo.indexOf(':') + 1);
416 String A2 = method + ":" + path2;
417 authCache.put(originalUrl,
419 "username=\"" + userInfo.substring(0, userInfo.indexOf(':')) + "\", " +
420 "realm=\"" + h.get("realm") + "\", " +
421 "nonce=\"" + h.get("nonce") + "\", " +
422 "uri=\"" + path2 + "\", " +
423 (h.get("opaque") == null ? "" : ("opaque=\"" + h.get("opaque") + "\", ")) +
424 "response=\"" + H(H(A1) + ":" + h.get("nonce") + ":" + H(A2)) + "\", " +
429 throw new HTTPException("unknown authentication type: " + h.get("AUTHTYPE"));
433 private void doProxyAuth(Hashtable h0, String method) throws IOException {
434 if (Log.on) Log.log(this, "Proxy AuthChallenge: " + h0.get("proxy-authenticate"));
435 Hashtable h = parseAuthenticationChallenge(h0.get("proxy-authenticate").toString());
436 String style = h.get("AUTHTYPE").toString();
437 String realm = h.get("realm").toString();
439 if (!realm.equals("Digest") || Proxy.Authorization.authorization2 == null || !"true".equals(h.get("stale")))
440 Proxy.Authorization.getPassword(realm, style, sock.getInetAddress().getHostAddress(), Proxy.Authorization.authorization);
442 if (style.equals("Basic")) {
443 Proxy.Authorization.authorization2 =
444 "Basic " + new String(Base64.encode(Proxy.Authorization.authorization.getBytes("US-ASCII")));
446 } else if (style.equals("Digest")) {
447 String A1 = Proxy.Authorization.authorization.substring(0, userInfo.indexOf(':')) + ":" + h.get("realm") + ":" +
448 Proxy.Authorization.authorization.substring(Proxy.Authorization.authorization.indexOf(':') + 1);
449 String A2 = method + ":" + path;
450 Proxy.Authorization.authorization2 =
452 "username=\"" + Proxy.Authorization.authorization.substring(0, Proxy.Authorization.authorization.indexOf(':')) + "\", " +
453 "realm=\"" + h.get("realm") + "\", " +
454 "nonce=\"" + h.get("nonce") + "\", " +
455 "uri=\"" + path + "\", " +
456 (h.get("opaque") == null ? "" : ("opaque=\"" + h.get("opaque") + "\", ")) +
457 "response=\"" + H(H(A1) + ":" + h.get("nonce") + ":" + H(A2)) + "\", " +
463 // HTTPException ///////////////////////////////////////////////////////////////////////////////////
465 static class HTTPException extends IOException { public HTTPException(String s) { super(s); } }
468 // HTTPInputStream ///////////////////////////////////////////////////////////////////////////////////
470 /** An input stream that represents a subset of a longer input stream. Supports HTTP chunking as well */
471 public class HTTPInputStream extends FilterInputStream {
473 /** if chunking, the number of bytes remaining in this subset; otherwise the remainder of the chunk */
474 private int length = 0;
476 /** this semaphore will be released when the stream is closed */
477 private Semaphore releaseMe = null;
479 /** indicates that we have encountered the zero-length terminator chunk */
480 boolean chunkedDone = false;
482 /** if we're on the first chunk, we don't pre-read a CRLF */
483 boolean firstChunk = true;
485 /** the length of the entire content body; -1 if chunked */
486 private int contentLength = 0;
487 public int getContentLength() { return contentLength; }
489 HTTPInputStream(InputStream in, int length, Semaphore releaseMe) throws IOException {
491 this.releaseMe = releaseMe;
492 this.contentLength = length;
493 this.length = length == -1 ? 0 : length;
496 public boolean markSupported() { return false; }
497 public int read(byte[] b) throws IOException { return read(b, 0, b.length); }
498 public long skip(long n) throws IOException { return read(null, -1, (int)n); }
499 public int available() throws IOException {
500 if (contentLength == -1) return java.lang.Math.min(super.available(), length);
501 return super.available();
504 public int read() throws IOException {
505 byte[] b = new byte[1];
506 int ret = read(b, 0, 1);
507 return ret == -1 ? -1 : b[0] & 0xff;
510 private void readChunk() throws IOException {
511 if (chunkedDone) return;
512 if (!firstChunk) super.skip(2); // CRLF
514 String chunkLen = "";
516 int i = super.read();
517 if (i == -1) throw new HTTPException("encountered end of stream while reading chunk length");
519 // FEATURE: handle chunking extensions
527 length = Integer.parseInt(chunkLen.trim(), 16);
528 if (length == 0) chunkedDone = true;
531 public int read(byte[] b, int off, int len) throws IOException {
532 boolean good = false;
534 if (length == 0 && contentLength == -1) {
536 if (chunkedDone) { good = true; return -1; }
538 if (length == 0) { good = true; return -1; }
540 if (len > length) len = length;
541 int ret = b == null ? (int)super.skip(len) : super.read(b, off, len);
548 if (!good) { this.HTTP.sock = null; this.HTTP.in = null; }
552 public void close() throws IOException {
553 if (contentLength == -1) {
554 while(!chunkedDone) {
555 if (length != 0) skip(length);
560 if (length != 0) skip(length);
562 if (releaseMe != null) releaseMe.release();
567 // Misc Helpers ///////////////////////////////////////////////////////////////////////////////////
569 /** reads a set of HTTP headers off of the input stream, returning null if the stream is already at its end */
570 private Hashtable parseHeaders(InputStream in) throws IOException {
571 Hashtable ret = new Hashtable();
573 // we can't use a BufferedReader directly on the input stream, since it will buffer past the end of the headers
574 byte[] buf = new byte[4096];
577 int read = in.read();
578 if (read == -1 && buflen == 0) return null;
579 if (read == -1) throw new HTTPException("stream closed while reading headers");
580 buf[buflen++] = (byte)read;
581 if (buflen >= 4 && buf[buflen - 4] == '\r' && buf[buflen - 3] == '\n' && buf[buflen - 2] == '\r' && buf[buflen - 1] == '\n') break;
582 if (buflen == buf.length) {
583 byte[] newbuf = new byte[buf.length * 2];
584 System.arraycopy(buf, 0, newbuf, 0, buflen);
589 BufferedReader br = new BufferedReader(new InputStreamReader(new ByteArrayInputStream(buf, 0, buflen)));
590 String s = br.readLine();
591 if (!s.startsWith("HTTP/")) throw new HTTPException("Expected reply to start with \"HTTP/\", got: " + s);
592 ret.put("STATUSLINE", s.substring(s.indexOf(' ') + 1));
593 ret.put("HTTP", s.substring(5, s.indexOf(' ')));
595 while((s = br.readLine()) != null && s.length() > 0) {
596 String front = s.substring(0, s.indexOf(':')).toLowerCase();
597 String back = s.substring(s.indexOf(':') + 1).trim();
598 // ugly hack: we never replace a Digest-auth with a Basic-auth (proxy + www)
599 if (front.endsWith("-authenticate") && ret.get(front) != null && !back.equals("Digest")) continue;
600 ret.put(front, back);
605 private Hashtable parseAuthenticationChallenge(String s) {
606 Hashtable ret = new Hashtable();
609 ret.put("AUTHTYPE", s.substring(0, s.indexOf(' ')));
610 s = s.substring(s.indexOf(' ')).trim();
612 while (s.length() > 0) {
614 String key = s.substring(0, s.indexOf('='));
615 s = s.substring(s.indexOf('=') + 1);
616 if (s.charAt(0) == '\"') {
618 val = s.substring(0, s.indexOf('\"'));
619 s = s.substring(s.indexOf('\"') + 1);
621 val = s.indexOf(',') == -1 ? s : s.substring(0, s.indexOf(','));
622 s = s.indexOf(',') == -1 ? "" : s.substring(s.indexOf(',') + 1);
624 if (s.length() > 0 && s.charAt(0) == ',') s = s.substring(1);
631 private String H(String s) throws IOException {
632 byte[] b = s.getBytes("US-ASCII");
633 MD5Digest md5 = new MD5Digest();
634 md5.update(b, 0, b.length);
635 byte[] out = new byte[md5.getDigestSize()];
638 for(int i=0; i<out.length; i++) {
639 ret += "0123456789abcdef".charAt((out[i] & 0xf0) >> 4);
640 ret += "0123456789abcdef".charAt(out[i] & 0x0f);
646 // Proxy ///////////////////////////////////////////////////////////
648 /** encapsulates most of the proxy logic; some is shared in HTTP.java */
649 public static class Proxy {
653 /** the HTTP Proxy host to use */
654 public String httpProxyHost = null;
656 /** the HTTP Proxy port to use */
657 public int httpProxyPort = -1;
659 /** if a seperate proxy should be used for HTTPS, this is the hostname; otherwise, httpProxyHost is used */
660 public String httpsProxyHost = null;
662 /** if a seperate proxy should be used for HTTPS, this is the port */
663 public int httpsProxyPort = -1;
665 /** the SOCKS Proxy Host to use */
666 public String socksProxyHost = null;
668 /** the SOCKS Proxy Port to use */
669 public int socksProxyPort = -1;
671 /** hosts to be excluded from proxy use; wildcards permitted */
672 public String[] excluded = null;
674 /** the PAC script */
675 public JS.Callable proxyAutoConfigFunction = null;
677 public static Proxy detectProxyViaManual() {
678 Proxy ret = new Proxy();
680 ret.httpProxyHost = Platform.getEnv("http_proxy");
681 if (ret.httpProxyHost != null) {
682 if (ret.httpProxyHost.startsWith("http://")) ret.httpProxyHost = ret.httpProxyHost.substring(7);
683 if (ret.httpProxyHost.endsWith("/")) ret.httpProxyHost = ret.httpProxyHost.substring(0, ret.httpProxyHost.length() - 1);
684 if (ret.httpProxyHost.indexOf(':') != -1) {
685 ret.httpProxyPort = Integer.parseInt(ret.httpProxyHost.substring(ret.httpProxyHost.indexOf(':') + 1));
686 ret.httpProxyHost = ret.httpProxyHost.substring(0, ret.httpProxyHost.indexOf(':'));
688 ret.httpProxyPort = 80;
692 ret.httpsProxyHost = Platform.getEnv("https_proxy");
693 if (ret.httpsProxyHost != null) {
694 if (ret.httpsProxyHost.startsWith("https://")) ret.httpsProxyHost = ret.httpsProxyHost.substring(7);
695 if (ret.httpsProxyHost.endsWith("/")) ret.httpsProxyHost = ret.httpsProxyHost.substring(0, ret.httpsProxyHost.length() - 1);
696 if (ret.httpsProxyHost.indexOf(':') != -1) {
697 ret.httpsProxyPort = Integer.parseInt(ret.httpsProxyHost.substring(ret.httpsProxyHost.indexOf(':') + 1));
698 ret.httpsProxyHost = ret.httpsProxyHost.substring(0, ret.httpsProxyHost.indexOf(':'));
700 ret.httpsProxyPort = 80;
704 ret.socksProxyHost = Platform.getEnv("socks_proxy");
705 if (ret.socksProxyHost != null) {
706 if (ret.socksProxyHost.startsWith("socks://")) ret.socksProxyHost = ret.socksProxyHost.substring(7);
707 if (ret.socksProxyHost.endsWith("/")) ret.socksProxyHost = ret.socksProxyHost.substring(0, ret.socksProxyHost.length() - 1);
708 if (ret.socksProxyHost.indexOf(':') != -1) {
709 ret.socksProxyPort = Integer.parseInt(ret.socksProxyHost.substring(ret.socksProxyHost.indexOf(':') + 1));
710 ret.socksProxyHost = ret.socksProxyHost.substring(0, ret.socksProxyHost.indexOf(':'));
712 ret.socksProxyPort = 80;
716 String noproxy = Platform.getEnv("no_proxy");
717 if (noproxy != null) {
718 StringTokenizer st = new StringTokenizer(noproxy, ",");
719 ret.excluded = new String[st.countTokens()];
720 for(int i=0; st.hasMoreTokens(); i++) ret.excluded[i] = st.nextToken();
723 if (ret.httpProxyHost == null && ret.socksProxyHost == null) return null;
727 public static JS.Scope proxyAutoConfigRootScope = new ProxyAutoConfigRootScope();
728 public static JS.Callable getProxyAutoConfigFunction(String url) {
730 BufferedReader br = new BufferedReader(new InputStreamReader(new HTTP(url, true).GET()));
733 while((s = br.readLine()) != null) script += s + "\n";
734 if (Log.on) Log.log(Proxy.class, "successfully retrieved WPAD PAC:");
735 if (Log.on) Log.log(Proxy.class, script);
738 Vector carpHosts = new Vector();
739 for(int i=0; i<script.length(); i++)
740 if (script.regionMatches(i, "new Node(", 0, 9)) {
741 String host = script.substring(i + 10, script.indexOf('\"', i + 11));
742 if (Log.on) Log.log(Proxy.class, "Detected MS Proxy Server CARP Script, Host=" + host);
743 carpHosts.addElement(host);
745 if (carpHosts.size() > 0) {
746 script = "function FindProxyForURL(url, host) {\nreturn \"";
747 for(int i=0; i<carpHosts.size(); i++)
748 script += "PROXY " + carpHosts.elementAt(i) + "; ";
750 if (Log.on) Log.log(Proxy.class, "DeCARPed PAC script:");
751 if (Log.on) Log.log(Proxy.class, script);
754 JS.CompiledFunction scr = JS.parse("PAC script at " + url, 0, new StringReader(script));
755 scr.call(new JS.Array(), proxyAutoConfigRootScope);
756 return (JS.Callable)proxyAutoConfigRootScope.get("FindProxyForURL");
757 } catch (Exception e) {
759 Log.log(Platform.class, "WPAD detection failed due to:");
760 if (e instanceof JS.Exn) {
762 org.xwt.js.JS.Array arr = new org.xwt.js.JS.Array();
763 arr.addElement(((JS.Exn)e).getObject());
764 } catch (Exception e2) {
765 Log.log(Platform.class, e);
768 else Log.log(Platform.class, e);
775 // Authorization ///////////////////////////////////////////////////////////////////////////////////
777 public static class Authorization {
779 static public String authorization = null;
780 static public String authorization2 = null;
781 static public Semaphore waitingForUser = new Semaphore();
783 public static synchronized void getPassword(final String realm, final String style, final String proxyIP, String oldAuth) {
785 // this handles cases where multiple threads hit the proxy auth at the same time -- all but one will block on the
786 // synchronized keyword. If 'authorization' changed while the thread was blocked, it means that the user entered
787 // a password, so we should reattempt authorization.
789 if (authorization != oldAuth) return;
790 if (Log.on) Log.log(Authorization.class, "displaying proxy authorization dialog");
791 Message.Q.add(new Message() {
792 public void perform() {
794 Template t = Template.getTemplate((Res)Main.builtin.get("org/xwt/builtin/proxy_authorization.xwt"));
795 t.apply(b, null, null);
796 b.put("realm", realm);
797 b.put("proxyIP", proxyIP);
801 waitingForUser.block();
802 if (Log.on) Log.log(Authorization.class, "got proxy authorization info; re-attempting connection");
808 // ProxyAutoConfigRootScope ////////////////////////////////////////////////////////////////////
810 public static class ProxyAutoConfigRootScope extends JS.GlobalScope {
812 public ProxyAutoConfigRootScope() { super(null); }
814 public Object get(Object name) {
815 if (name.equals("isPlainHostName")) return isPlainHostName;
816 else if (name.equals("dnsDomainIs")) return dnsDomainIs;
817 else if (name.equals("localHostOrDomainIs")) return localHostOrDomainIs;
818 else if (name.equals("isResolvable")) return isResolvable;
819 else if (name.equals("isInNet")) return isInNet;
820 else if (name.equals("dnsResolve")) return dnsResolve;
821 else if (name.equals("myIpAddress")) return myIpAddress;
822 else if (name.equals("dnsDomainLevels")) return dnsDomainLevels;
823 else if (name.equals("shExpMatch")) return shExpMatch;
824 else if (name.equals("weekdayRange")) return weekdayRange;
825 else if (name.equals("dateRange")) return dateRange;
826 else if (name.equals("timeRange")) return timeRange;
827 else if (name.equals("ProxyConfig")) return ProxyConfig;
828 else return super.get(name);
831 private static final JS.Obj proxyConfigBindings = new JS.Obj();
832 private static final JS.Obj ProxyConfig = new JS.Obj() {
833 public Object get(Object name) {
834 if (name.equals("bindings")) return proxyConfigBindings;
839 private static final JS.Callable isPlainHostName = new JS.Callable() {
840 public Object call(org.xwt.js.JS.Array args) throws JS.Exn {
841 return (args.elementAt(0).toString().indexOf('.') == -1) ? Boolean.TRUE : Boolean.FALSE;
845 private static final JS.Callable dnsDomainIs = new JS.Callable() {
846 public Object call(org.xwt.js.JS.Array args) throws JS.Exn {
847 return (args.elementAt(0).toString().endsWith(args.elementAt(1).toString())) ? Boolean.TRUE : Boolean.FALSE;
851 private static final JS.Callable localHostOrDomainIs = new JS.Callable() {
852 public Object call(org.xwt.js.JS.Array args) throws JS.Exn {
853 return (args.elementAt(0).toString().equals(args.elementAt(1).toString()) ||
854 (args.elementAt(0).toString().indexOf('.') == -1 && args.elementAt(1).toString().startsWith(args.elementAt(0).toString()))) ?
855 Boolean.TRUE : Boolean.FALSE;
859 private static final JS.Callable isResolvable = new JS.Callable() {
860 public Object call(org.xwt.js.JS.Array args) throws JS.Exn {
862 return (InetAddress.getByName(args.elementAt(0).toString()) != null) ? Boolean.TRUE : Boolean.FALSE;
863 } catch (UnknownHostException e) {
864 return Boolean.FALSE;
869 private static final JS.Callable isInNet = new JS.Callable() {
870 public Object call(org.xwt.js.JS.Array args) throws JS.Exn {
871 if (args.length() != 3) return Boolean.FALSE;
873 byte[] host = InetAddress.getByName(args.elementAt(0).toString()).getAddress();
874 byte[] net = InetAddress.getByName(args.elementAt(1).toString()).getAddress();
875 byte[] mask = InetAddress.getByName(args.elementAt(2).toString()).getAddress();
876 return ((host[0] & mask[0]) == net[0] &&
877 (host[1] & mask[1]) == net[1] &&
878 (host[2] & mask[2]) == net[2] &&
879 (host[3] & mask[3]) == net[3]) ?
880 Boolean.TRUE : Boolean.FALSE;
881 } catch (Exception e) {
882 throw new JS.Exn("exception in isInNet(): " + e);
887 private static final JS.Callable dnsResolve = new JS.Callable() {
888 public Object call(org.xwt.js.JS.Array args) throws JS.Exn {
890 return InetAddress.getByName(args.elementAt(0).toString()).getHostAddress();
891 } catch (UnknownHostException e) {
897 private static final JS.Callable myIpAddress = new JS.Callable() {
898 public Object call(org.xwt.js.JS.Array args) throws JS.Exn {
900 return InetAddress.getLocalHost().getHostAddress();
901 } catch (UnknownHostException e) {
902 if (Log.on) Log.log(this, "strange... host does not know its own address");
908 private static final JS.Callable dnsDomainLevels = new JS.Callable() {
909 public Object call(org.xwt.js.JS.Array args) throws JS.Exn {
910 String s = args.elementAt(0).toString();
912 while((i = s.indexOf('.', i)) != -1) i++;
913 return new Integer(i);
917 private static boolean match(String[] arr, String s, int index) {
918 if (index >= arr.length) return true;
919 for(int i=0; i<s.length(); i++) {
920 String s2 = s.substring(i);
921 if (s2.startsWith(arr[index]) && match(arr, s2.substring(arr[index].length()), index + 1)) return true;
926 private static final JS.Callable shExpMatch = new JS.Callable() {
927 public Object call(org.xwt.js.JS.Array args) throws JS.Exn {
928 StringTokenizer st = new StringTokenizer(args.elementAt(1).toString(), "*", false);
929 String[] arr = new String[st.countTokens()];
930 String s = args.elementAt(0).toString();
931 for (int i=0; st.hasMoreTokens(); i++) arr[i] = st.nextToken();
932 return match(arr, s, 0) ? Boolean.TRUE : Boolean.FALSE;
936 public static String[] days = { "SUN", "MON", "TUE", "WED", "THU", "FRI", "SAT" };
938 private static final JS.Callable weekdayRange = new JS.Callable() {
939 public Object call(org.xwt.js.JS.Array args) throws JS.Exn {
940 TimeZone tz = (args.length() < 3 || args.elementAt(2) == null || !args.elementAt(2).equals("GMT")) ? TimeZone.getTimeZone("UTC") : TimeZone.getDefault();
941 Calendar c = new GregorianCalendar();
943 c.setTime(new java.util.Date());
944 java.util.Date d = c.getTime();
945 int day = d.getDay();
947 String d1s = args.elementAt(0).toString().toUpperCase();
949 for(int i=0; i<days.length; i++) if (days[i].equals(d1s)) d1 = i;
951 if (args.length() == 1)
952 return d1 == day ? Boolean.TRUE : Boolean.FALSE;
954 String d2s = args.elementAt(1).toString().toUpperCase();
955 for(int i=0; i<days.length; i++) if (days[i].equals(d2s)) d2 = i;
958 ((d1 <= d2 && day >= d1 && day <= d2) ||
959 (d1 > d2 && (day >= d1 || day <= d2))) ?
960 Boolean.TRUE : Boolean.FALSE;
964 private static final JS.Callable dateRange = new JS.Callable() {
965 public Object call(org.xwt.js.JS.Array args) throws JS.Exn {
966 throw new JS.Exn("XWT does not support dateRange() in PAC scripts");
970 private static final JS.Callable timeRange = new JS.Callable() {
971 public Object call(org.xwt.js.JS.Array args) throws JS.Exn {
972 throw new JS.Exn("XWT does not support timeRange() in PAC scripts");
projects / org.ibex.core.git / blob