initial tor-integration to circumvent blocking attempts of the provider api

author: cyBerta <cyberta@riseup.net> 2021-06-23 03:27:17 +0200
committer: cyBerta <cyberta@riseup.net> 2021-07-21 22:02:24 +0200
commit: fe6a0e47121d17d08c7d913f1db086687a569446 (patch)
tree: 0b37235a33c490647f6222d5f1cd6072abc34506 /app/src/production/java
parent: 571c0479f7400e56cfdb27408160d8a816cc8610 (diff)
1 files changed, 46 insertions, 9 deletions
diff --git a/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java b/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java
index 70652365..b6069982 100644
--- a/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java
+++ b/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java
@@ -34,8 +34,11 @@ import okhttp3.OkHttpClient;
 import se.leap.bitmaskclient.R;
 import se.leap.bitmaskclient.base.models.Provider;
 import se.leap.bitmaskclient.base.utils.ConfigHelper;
+import se.leap.bitmaskclient.base.utils.PreferenceHelper;
 import se.leap.bitmaskclient.eip.EIP;
+import se.leap.bitmaskclient.eip.EipStatus;
 import se.leap.bitmaskclient.providersetup.connectivity.OkHttpClientGenerator;
+import se.leap.bitmaskclient.tor.TorStatusObservable;
 
 import static android.text.TextUtils.isEmpty;
 import static se.leap.bitmaskclient.BuildConfig.DEBUG_MODE;
@@ -52,6 +55,9 @@ import static se.leap.bitmaskclient.base.utils.ConfigHelper.getProviderFormatted
 import static se.leap.bitmaskclient.providersetup.ProviderAPI.ERRORS;
 import static se.leap.bitmaskclient.providersetup.ProviderSetupFailedDialog.DOWNLOAD_ERRORS.ERROR_CERTIFICATE_PINNING;
 import static se.leap.bitmaskclient.providersetup.ProviderSetupFailedDialog.DOWNLOAD_ERRORS.ERROR_CORRUPTED_PROVIDER_JSON;
+import static se.leap.bitmaskclient.tor.TorStatusObservable.TorStatus.OFF;
+import static se.leap.bitmaskclient.tor.TorStatusObservable.TorStatus.UNKOWN;
+import static se.leap.bitmaskclient.tor.TorStatusObservable.getProxyPort;
 
 /**
  * Implements the logic of the provider api http requests. The methods of this class need to be called from
@@ -221,7 +227,7 @@ public class ProviderApiManager extends ProviderApiManagerBase {
     /**
      * Fetches the geo ip Json, containing a list of gateways sorted by distance from the users current location.
      * Fetching is only allowed if the cache timeout of 1 h was reached, a valid geoip service URL exists and the
-     * vpn is not yet active. The latter condition is needed in order to guarantee that the geoip service sees
+     * vpn or tor is not running. The latter condition is needed in order to guarantee that the geoip service sees
      * the real ip of the client
      *
      * @param provider
@@ -231,7 +237,7 @@ public class ProviderApiManager extends ProviderApiManagerBase {
     protected Bundle getGeoIPJson(Provider provider) {
         Bundle result = new Bundle();
 
-        if (!provider.shouldUpdateGeoIpJson() || provider.getGeoipUrl().isDefault() || VpnStatus.isVPNActive()) {
+        if (!provider.shouldUpdateGeoIpJson() || provider.getGeoipUrl().isDefault() || VpnStatus.isVPNActive() || TorStatusObservable.getStatus() != OFF) {
             result.putBoolean(BROADCAST_RESULT_KEY, false);
             return result;
         }
@@ -285,15 +291,20 @@ public class ProviderApiManager extends ProviderApiManagerBase {
         return result;
     }
 
-    /**
-     * Tries to download the contents of the provided url using commercially validated CA certificate from chosen provider.
-     *
-     */
     private String downloadWithCommercialCA(String stringUrl, Provider provider) {
+        return downloadWithCommercialCA(stringUrl, provider, 0);
+    }
+
+        /**
+         * Tries to download the contents of the provided url using commercially validated CA certificate from chosen provider.
+         *
+         */
+    private String downloadWithCommercialCA(String stringUrl, Provider provider, int tries) {
+
         String responseString;
         JSONObject errorJson = new JSONObject();
 
-        OkHttpClient okHttpClient = clientGenerator.initCommercialCAHttpClient(errorJson);
+        OkHttpClient okHttpClient = clientGenerator.initCommercialCAHttpClient(errorJson, getProxyPort());
         if (okHttpClient == null) {
             return errorJson.toString();
         }
@@ -314,6 +325,17 @@ public class ProviderApiManager extends ProviderApiManagerBase {
             }
         }
 
+        if (tries == 0 &&
+                responseString != null &&
+                responseString.contains(ERRORS)  &&
+                PreferenceHelper.useTor(preferences) &&
+                EipStatus.getInstance().isDisconnected() &&
+                TorStatusObservable.getStatus() == OFF ||
+                TorStatusObservable.getStatus() == UNKOWN) {
+            TorStatusObservable.setProxyPort(startTorProxy());
+            return downloadWithCommercialCA(stringUrl, provider, 1);
+        }
+
         return responseString;
     }
 
@@ -330,9 +352,13 @@ public class ProviderApiManager extends ProviderApiManagerBase {
     }
 
     private String downloadFromUrlWithProviderCA(String urlString, Provider provider) {
+        return downloadFromUrlWithProviderCA(urlString, provider, 0);
+    }
+
+    private String downloadFromUrlWithProviderCA(String urlString, Provider provider, int tries) {
         String responseString;
         JSONObject errorJson = new JSONObject();
-        OkHttpClient okHttpClient = clientGenerator.initSelfSignedCAHttpClient(provider.getCaCert(), errorJson);
+        OkHttpClient okHttpClient = clientGenerator.initSelfSignedCAHttpClient(provider.getCaCert(), getProxyPort(), errorJson);
         if (okHttpClient == null) {
             return errorJson.toString();
         }
@@ -340,6 +366,17 @@ public class ProviderApiManager extends ProviderApiManagerBase {
         List<Pair<String, String>> headerArgs = getAuthorizationHeader();
         responseString = sendGetStringToServer(urlString, headerArgs, okHttpClient);
 
+        if (tries == 0 &&
+                responseString != null &&
+                responseString.contains(ERRORS)  &&
+                PreferenceHelper.useTor(preferences) &&
+                EipStatus.getInstance().isDisconnected() &&
+                TorStatusObservable.getStatus() == OFF ||
+                TorStatusObservable.getStatus() == UNKOWN) {
+            TorStatusObservable.setProxyPort(startTorProxy());
+            return downloadFromUrlWithProviderCA(urlString, provider, 1);
+        }
+
         return responseString;
     }
 
@@ -354,7 +391,7 @@ public class ProviderApiManager extends ProviderApiManagerBase {
         JSONObject initError = new JSONObject();
         String responseString;
 
-        OkHttpClient okHttpClient = clientGenerator.initSelfSignedCAHttpClient(caCert, initError);
+        OkHttpClient okHttpClient = clientGenerator.initSelfSignedCAHttpClient(caCert, getProxyPort(), initError);
         if (okHttpClient == null) {
             return initError.toString();
         }
author	cyBerta <cyberta@riseup.net>	2021-06-23 03:27:17 +0200
committer	cyBerta <cyberta@riseup.net>	2021-07-21 22:02:24 +0200
commit	fe6a0e47121d17d08c7d913f1db086687a569446 (patch)
tree	0b37235a33c490647f6222d5f1cd6072abc34506 /app/src/production/java
parent	571c0479f7400e56cfdb27408160d8a816cc8610 (diff)