summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/build.gradle2
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/base/models/Provider.java11
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java5
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerBase.java6
-rw-r--r--app/src/main/java/se/leap/bitmaskclient/providersetup/activities/CustomProviderSetupActivity.java6
-rw-r--r--app/src/normal/assets/urls/riseup.net.url2
-rw-r--r--app/src/normalProductionFatDebug/assets/urls/riseup.net.url2
-rw-r--r--app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java2
-rw-r--r--app/src/test/java/se/leap/bitmaskclient/base/utils/ConfigHelperTest.java16
-rw-r--r--app/src/test/java/se/leap/bitmaskclient/testutils/MockHelper.java1
10 files changed, 37 insertions, 16 deletions
diff --git a/app/build.gradle b/app/build.gradle
index 7eec00b0..b86a5810 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -123,7 +123,7 @@ android {
//Set app name here
appName = "Riseup VPN"
//Provider base url, e.g. '"https://example.com"'
- def customProviderUrl = '"https://riseup.net"'
+ def customProviderUrl = '"https://black.riseup.net"'
buildConfigField "String", "customProviderUrl", customProviderUrl
//static ip address of provider, using a commercially validated CA certificate to serve the provider.json
def customProviderIp = '"198.252.153.70"'
diff --git a/app/src/main/java/se/leap/bitmaskclient/base/models/Provider.java b/app/src/main/java/se/leap/bitmaskclient/base/models/Provider.java
index 7b8f22af..13463167 100644
--- a/app/src/main/java/se/leap/bitmaskclient/base/models/Provider.java
+++ b/app/src/main/java/se/leap/bitmaskclient/base/models/Provider.java
@@ -58,6 +58,7 @@ public final class Provider implements Parcelable {
private DefaultedURL mainUrl = new DefaultedURL();
private DefaultedURL apiUrl = new DefaultedURL();
private DefaultedURL geoipUrl = new DefaultedURL();
+ private String domain = "";
private String providerIp = ""; // ip of the provider main url
private String providerApiIp = ""; // ip of the provider api url
private String certificatePin = "";
@@ -253,7 +254,7 @@ public final class Provider implements Parcelable {
}
public String getDomain() {
- return mainUrl.getDomain();
+ return domain;
}
public String getMainUrlString() {
@@ -369,6 +370,7 @@ public final class Provider implements Parcelable {
@Override
public void writeToParcel(Parcel parcel, int i) {
+ parcel.writeString(getDomain());
parcel.writeString(getMainUrlString());
parcel.writeString(getProviderIp());
parcel.writeString(getProviderApiIp());
@@ -388,6 +390,7 @@ public final class Provider implements Parcelable {
//TODO: write a test for marshalling!
private Provider(Parcel in) {
try {
+ domain = in.readString();
mainUrl.setUrl(new URL(in.readString()));
String tmpString = in.readString();
if (!tmpString.isEmpty()) {
@@ -439,7 +442,8 @@ public final class Provider implements Parcelable {
public boolean equals(Object o) {
if (o instanceof Provider) {
Provider p = (Provider) o;
- return p.getDomain().equals(getDomain()) &&
+ return getDomain().equals(p.getDomain()) &&
+ mainUrl.getDomain().equals(p.mainUrl.getDomain()) &&
definition.toString().equals(p.getDefinition().toString()) &&
eipServiceJson.toString().equals(p.getEipServiceJsonString()) &&
geoIpJson.toString().equals(p.getGeoIpJsonString()) &&
@@ -471,7 +475,7 @@ public final class Provider implements Parcelable {
@Override
public int hashCode() {
- return getDomain().hashCode();
+ return getMainUrlString().hashCode();
}
@Override
@@ -488,6 +492,7 @@ public final class Provider implements Parcelable {
this.allowAnonymous = definition.getJSONObject(Provider.SERVICE).getBoolean(PROVIDER_ALLOW_ANONYMOUS);
this.allowRegistered = definition.getJSONObject(Provider.SERVICE).getBoolean(PROVIDER_ALLOWED_REGISTERED);
this.apiVersion = getDefinition().getString(Provider.API_VERSION);
+ this.domain = getDefinition().getString(Provider.DOMAIN);
return true;
} catch (JSONException | ArrayIndexOutOfBoundsException | MalformedURLException e) {
return false;
diff --git a/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java b/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java
index 91894fb8..dbcb55b0 100644
--- a/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java
+++ b/app/src/main/java/se/leap/bitmaskclient/base/utils/ConfigHelper.java
@@ -51,6 +51,7 @@ import java.util.Calendar;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
+import okhttp3.internal.publicsuffix.PublicSuffixDatabase;
import se.leap.bitmaskclient.BuildConfig;
import se.leap.bitmaskclient.R;
import se.leap.bitmaskclient.providersetup.ProviderAPI;
@@ -273,6 +274,10 @@ public class ConfigHelper {
Matcher matcher = IPv4_PATTERN.matcher(ipv4);
return matcher.matches();
}
+
+ public static String getDomainFromMainURL(@NonNull String mainUrl) throws NullPointerException {
+ return PublicSuffixDatabase.get().getEffectiveTldPlusOne(mainUrl).replaceFirst("http[s]?://", "").replaceFirst("/.*", "");
+ }
public static boolean isCalyxOSWithTetheringSupport(Context context) {
return SystemPropertiesHelper.contains("ro.calyxos.version", context) &&
diff --git a/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerBase.java b/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerBase.java
index 607339fd..7b6a3ad6 100644
--- a/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerBase.java
+++ b/app/src/main/java/se/leap/bitmaskclient/providersetup/ProviderApiManagerBase.java
@@ -41,6 +41,7 @@ import static se.leap.bitmaskclient.base.models.Provider.CA_CERT;
import static se.leap.bitmaskclient.base.models.Provider.GEOIP_URL;
import static se.leap.bitmaskclient.base.models.Provider.PROVIDER_API_IP;
import static se.leap.bitmaskclient.base.models.Provider.PROVIDER_IP;
+import static se.leap.bitmaskclient.base.utils.ConfigHelper.getDomainFromMainURL;
import static se.leap.bitmaskclient.base.utils.ConfigHelper.getFingerprintFromCertificate;
import static se.leap.bitmaskclient.base.utils.ConfigHelper.getProviderFormattedString;
import static se.leap.bitmaskclient.base.utils.ConfigHelper.parseRsaKeyFromString;
@@ -1048,11 +1049,6 @@ public abstract class ProviderApiManagerBase {
return preferences.contains(Provider.KEY + "." + domain) && preferences.contains(CA_CERT + "." + domain);
}
- protected String getDomainFromMainURL(String mainUrl) {
- return mainUrl.replaceFirst("http[s]?://", "").replaceFirst("/.*", "");
-
- }
-
/**
* Interprets the error message as a JSON object and extract the "errors" keyword pair.
* If the error message is not a JSON object, then it is returned untouched.
diff --git a/app/src/main/java/se/leap/bitmaskclient/providersetup/activities/CustomProviderSetupActivity.java b/app/src/main/java/se/leap/bitmaskclient/providersetup/activities/CustomProviderSetupActivity.java
index b90d14f8..0fff1ee2 100644
--- a/app/src/main/java/se/leap/bitmaskclient/providersetup/activities/CustomProviderSetupActivity.java
+++ b/app/src/main/java/se/leap/bitmaskclient/providersetup/activities/CustomProviderSetupActivity.java
@@ -31,6 +31,7 @@ import java.io.IOException;
import se.leap.bitmaskclient.BuildConfig;
import se.leap.bitmaskclient.R;
import se.leap.bitmaskclient.base.models.Provider;
+import se.leap.bitmaskclient.base.utils.ConfigHelper;
import se.leap.bitmaskclient.providersetup.ProviderAPICommand;
import static se.leap.bitmaskclient.BuildConfig.customProviderApiIp;
@@ -72,8 +73,9 @@ public class CustomProviderSetupActivity extends ProviderSetupBaseActivity {
try {
AssetManager assetsManager = getAssets();
Provider customProvider = new Provider(customProviderUrl, geoipUrl, customProviderIp, customProviderApiIp);
- String certificate = loadInputStreamAsString(assetsManager.open(customProvider.getDomain() + EXT_PEM));
- String providerDefinition = loadInputStreamAsString(assetsManager.open(customProvider.getDomain() + EXT_JSON));
+ String domain = ConfigHelper.getDomainFromMainURL(customProviderUrl);
+ String certificate = loadInputStreamAsString(assetsManager.open(domain + EXT_PEM));
+ String providerDefinition = loadInputStreamAsString(assetsManager.open(domain + EXT_JSON));
customProvider.setCaCert(certificate);
customProvider.define(new JSONObject(providerDefinition));
setProvider(customProvider);
diff --git a/app/src/normal/assets/urls/riseup.net.url b/app/src/normal/assets/urls/riseup.net.url
index 3c1e6b49..a33898c4 100644
--- a/app/src/normal/assets/urls/riseup.net.url
+++ b/app/src/normal/assets/urls/riseup.net.url
@@ -1,5 +1,5 @@
{
- "main_url" : "https://riseup.net",
+ "main_url" : "https://black.riseup.net",
"provider_ip" : "198.252.153.70",
"provider_api_ip" : "198.252.153.107",
"geoip_url" : "https://api.black.riseup.net:9001/json"
diff --git a/app/src/normalProductionFatDebug/assets/urls/riseup.net.url b/app/src/normalProductionFatDebug/assets/urls/riseup.net.url
index 3c1e6b49..a33898c4 100644
--- a/app/src/normalProductionFatDebug/assets/urls/riseup.net.url
+++ b/app/src/normalProductionFatDebug/assets/urls/riseup.net.url
@@ -1,5 +1,5 @@
{
- "main_url" : "https://riseup.net",
+ "main_url" : "https://black.riseup.net",
"provider_ip" : "198.252.153.70",
"provider_api_ip" : "198.252.153.107",
"geoip_url" : "https://api.black.riseup.net:9001/json"
diff --git a/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java b/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java
index 3ec04f32..0fa89bf2 100644
--- a/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java
+++ b/app/src/production/java/se/leap/bitmaskclient/providersetup/ProviderApiManager.java
@@ -263,7 +263,7 @@ public class ProviderApiManager extends ProviderApiManagerBase {
Bundle result = new Bundle();
try {
String caCertUrl = provider.getDefinition().getString(Provider.CA_CERT_URI);
- String providerDomain = getDomainFromMainURL(provider.getMainUrlString());
+ String providerDomain = provider.getDomain();
String certString = downloadWithCommercialCA(caCertUrl, provider);
if (validCertificate(provider, certString)) {
diff --git a/app/src/test/java/se/leap/bitmaskclient/base/utils/ConfigHelperTest.java b/app/src/test/java/se/leap/bitmaskclient/base/utils/ConfigHelperTest.java
index 75552226..6e0ceb56 100644
--- a/app/src/test/java/se/leap/bitmaskclient/base/utils/ConfigHelperTest.java
+++ b/app/src/test/java/se/leap/bitmaskclient/base/utils/ConfigHelperTest.java
@@ -1,5 +1,7 @@
package se.leap.bitmaskclient.base.utils;
+import static org.junit.Assert.assertEquals;
+
import com.tngtech.java.junit.dataprovider.DataProvider;
import com.tngtech.java.junit.dataprovider.DataProviderRunner;
import com.tngtech.java.junit.dataprovider.UseDataProvider;
@@ -9,8 +11,6 @@ import org.junit.runner.RunWith;
import org.powermock.modules.junit4.PowerMockRunner;
import org.powermock.modules.junit4.PowerMockRunnerDelegate;
-import static org.junit.Assert.assertEquals;
-
@RunWith(PowerMockRunner.class)
@PowerMockRunnerDelegate(DataProviderRunner.class)
public class ConfigHelperTest {
@@ -45,4 +45,16 @@ public class ConfigHelperTest {
public void testisIPv4_validIPs_returnsTrue(String ip, boolean isValidExpected) {
assertEquals(isValidExpected, ConfigHelper.isIPv4(ip));
}
+
+ @Test
+ public void testGetDomainFromMainURL_ignoreSubdomain() {
+ assertEquals("riseup.net", ConfigHelper.getDomainFromMainURL("https://black.riseup.net"));
+ assertEquals("riseup.net", ConfigHelper.getDomainFromMainURL("https://riseup.net"));
+ }
+
+ @Test
+ public void testGetDomainFromMainURL_handleSuffix() {
+ assertEquals("domain.co.uk", ConfigHelper.getDomainFromMainURL("https://subdomain.domain.co.uk"));
+ assertEquals("domain.co.uk", ConfigHelper.getDomainFromMainURL("https://domain.co.uk"));
+ }
} \ No newline at end of file
diff --git a/app/src/test/java/se/leap/bitmaskclient/testutils/MockHelper.java b/app/src/test/java/se/leap/bitmaskclient/testutils/MockHelper.java
index a455a4bf..c6ba1e6f 100644
--- a/app/src/test/java/se/leap/bitmaskclient/testutils/MockHelper.java
+++ b/app/src/test/java/se/leap/bitmaskclient/testutils/MockHelper.java
@@ -425,6 +425,7 @@ public class MockHelper {
when(ConfigHelper.timezoneDistance(anyInt(), anyInt())).thenCallRealMethod();
when(ConfigHelper.isIPv4(anyString())).thenCallRealMethod();
when(ConfigHelper.isDefaultBitmask()).thenReturn(true);
+ when(ConfigHelper.getDomainFromMainURL(anyString())).thenCallRealMethod();
when(ConfigHelper.parseRsaKeyFromString(anyString())).thenReturn(new RSAPrivateKey() {
@Override
public BigInteger getPrivateExponent() {