1 /* 2 * Copyright (c) 1998, 2015, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 #include <dlfcn.h> 27 #include <sys/socket.h> 28 #include <netinet/in.h> 29 #include <arpa/inet.h> 30 31 #include <Security/AuthSession.h> 32 #include <CoreFoundation/CoreFoundation.h> 33 #include <SystemConfiguration/SystemConfiguration.h> 34 #include <Foundation/Foundation.h> 35 36 #include "java_props_macosx.h" 37 38 // need dlopen/dlsym trick to avoid pulling in JavaRuntimeSupport before libjava.dylib is loaded 39 static void *getJRSFramework() { 40 static void *jrsFwk = NULL; 41 #ifndef STATIC_BUILD 42 // JavaRuntimeSupport doesn't support static Java runtimes 43 if (jrsFwk == NULL) { 44 jrsFwk = dlopen("/System/Library/Frameworks/JavaVM.framework/Frameworks/JavaRuntimeSupport.framework/JavaRuntimeSupport", RTLD_LAZY | RTLD_LOCAL); 45 } 46 #endif 47 return jrsFwk; 48 } 49 50 char *getPosixLocale(int cat) { 51 char *lc = setlocale(cat, NULL); 52 if ((lc == NULL) || (strcmp(lc, "C") == 0)) { 53 lc = getenv("LANG"); 54 } 55 if (lc == NULL) return NULL; 56 return strdup(lc); 57 } 58 59 #define LOCALEIDLENGTH 128 60 char *getMacOSXLocale(int cat) { 61 switch (cat) { 62 case LC_MESSAGES: 63 { 64 void *jrsFwk = getJRSFramework(); 65 if (jrsFwk == NULL) return NULL; 66 67 char *(*JRSCopyPrimaryLanguage)() = dlsym(jrsFwk, "JRSCopyPrimaryLanguage"); 68 char *primaryLanguage = JRSCopyPrimaryLanguage ? JRSCopyPrimaryLanguage() : NULL; 69 if (primaryLanguage == NULL) return NULL; 70 71 char *(*JRSCopyCanonicalLanguageForPrimaryLanguage)(char *) = dlsym(jrsFwk, "JRSCopyCanonicalLanguageForPrimaryLanguage"); 72 char *canonicalLanguage = JRSCopyCanonicalLanguageForPrimaryLanguage ? JRSCopyCanonicalLanguageForPrimaryLanguage(primaryLanguage) : NULL; 73 free (primaryLanguage); 74 75 return canonicalLanguage; 76 } 77 break; 78 default: 79 { 80 char localeString[LOCALEIDLENGTH]; 81 if (CFStringGetCString(CFLocaleGetIdentifier(CFLocaleCopyCurrent()), 82 localeString, LOCALEIDLENGTH, CFStringGetSystemEncoding())) { 83 return strdup(localeString); 84 } 85 } 86 break; 87 } 88 89 return NULL; 90 } 91 92 char *setupMacOSXLocale(int cat) { 93 char * ret = getMacOSXLocale(cat); 94 95 if (cat == LC_MESSAGES && ret != NULL) { 96 void *jrsFwk = getJRSFramework(); 97 if (jrsFwk != NULL) { 98 void (*JRSSetDefaultLocalization)(char *) = dlsym(jrsFwk, "JRSSetDefaultLocalization"); 99 if (JRSSetDefaultLocalization) JRSSetDefaultLocalization(ret); 100 } 101 } 102 103 if (ret == NULL) { 104 return getPosixLocale(cat); 105 } else { 106 return ret; 107 } 108 } 109 110 int isInAquaSession() { 111 // environment variable to bypass the aqua session check 112 char *ev = getenv("AWT_FORCE_HEADFUL"); 113 if (ev && (strncasecmp(ev, "true", 4) == 0)) { 114 // if "true" then tell the caller we're in an Aqua session without actually checking 115 return 1; 116 } 117 // Is the WindowServer available? 118 SecuritySessionId session_id; 119 SessionAttributeBits session_info; 120 OSStatus status = SessionGetInfo(callerSecuritySession, &session_id, &session_info); 121 if (status == noErr) { 122 if (session_info & sessionHasGraphicAccess) { 123 return 1; 124 } 125 } 126 return 0; 127 } 128 129 void setOSNameAndVersion(java_props_t *sprops) { 130 /* Don't rely on JRSCopyOSName because there's no guarantee the value will 131 * remain the same, or even if the JRS functions will continue to be part of 132 * Mac OS X. So hardcode os_name, and fill in os_version if we can. 133 */ 134 sprops->os_name = strdup("Mac OS X"); 135 136 void *jrsFwk = getJRSFramework(); 137 if (jrsFwk != NULL) { 138 char *(*copyOSVersion)() = dlsym(jrsFwk, "JRSCopyOSVersion"); 139 if (copyOSVersion != NULL) { 140 sprops->os_version = copyOSVersion(); 141 return; 142 } 143 } 144 sprops->os_version = strdup("Unknown"); 145 } 146 147 148 static Boolean getProxyInfoForProtocol(CFDictionaryRef inDict, CFStringRef inEnabledKey, CFStringRef inHostKey, CFStringRef inPortKey, CFStringRef *outProxyHost, int *ioProxyPort) { 149 /* See if the proxy is enabled. */ 150 CFNumberRef cf_enabled = CFDictionaryGetValue(inDict, inEnabledKey); 151 if (cf_enabled == NULL) { 152 return false; 153 } 154 155 int isEnabled = false; 156 if (!CFNumberGetValue(cf_enabled, kCFNumberIntType, &isEnabled)) { 157 return isEnabled; 158 } 159 160 if (!isEnabled) return false; 161 *outProxyHost = CFDictionaryGetValue(inDict, inHostKey); 162 163 // If cf_host is null, that means the checkbox is set, 164 // but no host was entered. We'll treat that as NOT ENABLED. 165 // If cf_port is null or cf_port isn't a number, that means 166 // no port number was entered. Treat this as ENABLED with the 167 // protocol's default port. 168 if (*outProxyHost == NULL) { 169 return false; 170 } 171 172 if (CFStringGetLength(*outProxyHost) == 0) { 173 return false; 174 } 175 176 int newPort = 0; 177 CFNumberRef cf_port = NULL; 178 if ((cf_port = CFDictionaryGetValue(inDict, inPortKey)) != NULL && 179 CFNumberGetValue(cf_port, kCFNumberIntType, &newPort) && 180 newPort > 0) { 181 *ioProxyPort = newPort; 182 } else { 183 // bad port or no port - leave *ioProxyPort unchanged 184 } 185 186 return true; 187 } 188 189 static char *createUTF8CString(const CFStringRef theString) { 190 if (theString == NULL) return NULL; 191 192 const CFIndex stringLength = CFStringGetLength(theString); 193 const CFIndex bufSize = CFStringGetMaximumSizeForEncoding(stringLength, kCFStringEncodingUTF8) + 1; 194 char *returnVal = (char *)malloc(bufSize); 195 196 if (CFStringGetCString(theString, returnVal, bufSize, kCFStringEncodingUTF8)) { 197 return returnVal; 198 } 199 200 free(returnVal); 201 return NULL; 202 } 203 204 // Return TRUE if str is a syntactically valid IP address. 205 // Using inet_pton() instead of inet_aton() for IPv6 support. 206 // len is only a hint; cstr must still be nul-terminated 207 static int looksLikeIPAddress(char *cstr, size_t len) { 208 if (len == 0 || (len == 1 && cstr[0] == '.')) return FALSE; 209 210 char dst[16]; // big enough for INET6 211 return (1 == inet_pton(AF_INET, cstr, dst) || 212 1 == inet_pton(AF_INET6, cstr, dst)); 213 } 214 215 216 217 // Convert Mac OS X proxy exception entry to Java syntax. 218 // See Radar #3441134 for details. 219 // Returns NULL if this exception should be ignored by Java. 220 // May generate a string with multiple exceptions separated by '|'. 221 static char * createConvertedException(CFStringRef cf_original) { 222 // This is done with char* instead of CFString because inet_pton() 223 // needs a C string. 224 char *c_exception = createUTF8CString(cf_original); 225 if (!c_exception) return NULL; 226 227 int c_len = strlen(c_exception); 228 229 // 1. sanitize exception prefix 230 if (c_len >= 1 && 0 == strncmp(c_exception, ".", 1)) { 231 memmove(c_exception, c_exception+1, c_len); 232 c_len -= 1; 233 } else if (c_len >= 2 && 0 == strncmp(c_exception, "*.", 2)) { 234 memmove(c_exception, c_exception+2, c_len-1); 235 c_len -= 2; 236 } 237 238 // 2. pre-reject other exception wildcards 239 if (strchr(c_exception, '*')) { 240 free(c_exception); 241 return NULL; 242 } 243 244 // 3. no IP wildcarding 245 if (looksLikeIPAddress(c_exception, c_len)) { 246 return c_exception; 247 } 248 249 // 4. allow domain suffixes 250 // c_exception is now "str\0" - change to "str|*.str\0" 251 c_exception = reallocf(c_exception, c_len+3+c_len+1); 252 if (!c_exception) return NULL; 253 254 strncpy(c_exception+c_len, "|*.", 3); 255 strncpy(c_exception+c_len+3, c_exception, c_len); 256 c_exception[c_len+3+c_len] = '\0'; 257 return c_exception; 258 } 259 260 /* 261 * Method for fetching the user.home path and storing it in the property list. 262 * For signed .apps running in the Mac App Sandbox, user.home is set to the 263 * app's sandbox container. 264 */ 265 void setUserHome(java_props_t *sprops) { 266 if (sprops == NULL) { return; } 267 NSAutoreleasePool *pool = [[NSAutoreleasePool alloc] init]; 268 sprops->user_home = createUTF8CString((CFStringRef)NSHomeDirectory()); 269 [pool drain]; 270 } 271 272 /* 273 * Method for fetching proxy info and storing it in the property list. 274 */ 275 void setProxyProperties(java_props_t *sProps) { 276 if (sProps == NULL) return; 277 278 char buf[16]; /* Used for %d of an int - 16 is plenty */ 279 CFStringRef 280 cf_httpHost = NULL, 281 cf_httpsHost = NULL, 282 cf_ftpHost = NULL, 283 cf_socksHost = NULL, 284 cf_gopherHost = NULL; 285 int 286 httpPort = 80, // Default proxy port values 287 httpsPort = 443, 288 ftpPort = 21, 289 socksPort = 1080, 290 gopherPort = 70; 291 292 CFDictionaryRef dict = SCDynamicStoreCopyProxies(NULL); 293 if (dict == NULL) return; 294 295 /* Read the proxy exceptions list */ 296 CFArrayRef cf_list = CFDictionaryGetValue(dict, kSCPropNetProxiesExceptionsList); 297 298 CFMutableStringRef cf_exceptionList = NULL; 299 if (cf_list != NULL) { 300 CFIndex len = CFArrayGetCount(cf_list), idx; 301 302 cf_exceptionList = CFStringCreateMutable(NULL, 0); 303 for (idx = (CFIndex)0; idx < len; idx++) { 304 CFStringRef cf_ehost; 305 if ((cf_ehost = CFArrayGetValueAtIndex(cf_list, idx))) { 306 /* Convert this exception from Mac OS X syntax to Java syntax. 307 See Radar #3441134 for details. This may generate a string 308 with multiple Java exceptions separated by '|'. */ 309 char *c_exception = createConvertedException(cf_ehost); 310 if (c_exception) { 311 /* Append the host to the list of exclusions. */ 312 if (CFStringGetLength(cf_exceptionList) > 0) { 313 CFStringAppendCString(cf_exceptionList, "|", kCFStringEncodingMacRoman); 314 } 315 CFStringAppendCString(cf_exceptionList, c_exception, kCFStringEncodingMacRoman); 316 free(c_exception); 317 } 318 } 319 } 320 } 321 322 if (cf_exceptionList != NULL) { 323 if (CFStringGetLength(cf_exceptionList) > 0) { 324 sProps->exceptionList = createUTF8CString(cf_exceptionList); 325 } 326 CFRelease(cf_exceptionList); 327 } 328 329 #define CHECK_PROXY(protocol, PROTOCOL) \ 330 sProps->protocol##ProxyEnabled = \ 331 getProxyInfoForProtocol(dict, kSCPropNetProxies##PROTOCOL##Enable, \ 332 kSCPropNetProxies##PROTOCOL##Proxy, \ 333 kSCPropNetProxies##PROTOCOL##Port, \ 334 &cf_##protocol##Host, &protocol##Port); \ 335 if (sProps->protocol##ProxyEnabled) { \ 336 sProps->protocol##Host = createUTF8CString(cf_##protocol##Host); \ 337 snprintf(buf, sizeof(buf), "%d", protocol##Port); \ 338 sProps->protocol##Port = malloc(strlen(buf) + 1); \ 339 strcpy(sProps->protocol##Port, buf); \ 340 } 341 342 CHECK_PROXY(http, HTTP); 343 CHECK_PROXY(https, HTTPS); 344 CHECK_PROXY(ftp, FTP); 345 CHECK_PROXY(socks, SOCKS); 346 CHECK_PROXY(gopher, Gopher); 347 348 #undef CHECK_PROXY 349 350 CFRelease(dict); 351 }