1 /*
   2  * Copyright (c) 1998, 2018, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 #include <sys/socket.h>
  27 #include <netinet/in.h>
  28 #include <arpa/inet.h>
  29 #include <objc/objc-runtime.h>
  30 
  31 #include <Security/AuthSession.h>
  32 #include <CoreFoundation/CoreFoundation.h>
  33 #include <SystemConfiguration/SystemConfiguration.h>
  34 #include <Foundation/Foundation.h>
  35 
  36 #include "java_props_macosx.h"
  37 
  38 char *getPosixLocale(int cat) {
  39     char *lc = setlocale(cat, NULL);
  40     if ((lc == NULL) || (strcmp(lc, "C") == 0)) {
  41         lc = getenv("LANG");
  42     }
  43     if (lc == NULL) return NULL;
  44     return strdup(lc);
  45 }
  46 
  47 #define LOCALEIDLENGTH  128
  48 #ifndef kCFCoreFoundationVersionNumber10_11_Max
  49 #define kCFCoreFoundationVersionNumber10_11_Max 1299
  50 #endif
  51 char *getMacOSXLocale(int cat) {
  52     const char* retVal = NULL;
  53     char languageString[LOCALEIDLENGTH];
  54     char localeString[LOCALEIDLENGTH];
  55 
  56     // Since macOS 10.12, there is no separate language selection for
  57     // "format" locale, e.g., date format. Use the preferred language
  58     // for all LC_* categories.
  59     if (kCFCoreFoundationVersionNumber >
  60         kCFCoreFoundationVersionNumber10_11_Max) {
  61         cat = LC_MESSAGES;
  62     }
  63 
  64     switch (cat) {
  65     case LC_MESSAGES:
  66         {
  67             // get preferred language code
  68             CFArrayRef languages = CFLocaleCopyPreferredLanguages();
  69             if (languages == NULL) {
  70                 return NULL;
  71             }
  72             if (CFArrayGetCount(languages) <= 0) {
  73                 CFRelease(languages);
  74                 return NULL;
  75             }
  76 
  77             CFStringRef primaryLanguage = (CFStringRef)CFArrayGetValueAtIndex(languages, 0);
  78             if (primaryLanguage == NULL) {
  79                 CFRelease(languages);
  80                 return NULL;
  81             }
  82             if (CFStringGetCString(primaryLanguage, languageString,
  83                                    LOCALEIDLENGTH, CFStringGetSystemEncoding()) == false) {
  84                 CFRelease(languages);
  85                 return NULL;
  86             }
  87             CFRelease(languages);
  88 
  89             // Explicitly supply region, if there is none
  90             char *hyphenPos = strchr(languageString, '-');
  91             int langStrLen = strlen(languageString);
  92 
  93             if (hyphenPos == NULL || // languageString contains ISO639 only, e.g., "en"
  94                 languageString + langStrLen - hyphenPos == 5) { // ISO639-ScriptCode, e.g., "en-Latn"
  95                 CFStringGetCString(CFLocaleGetIdentifier(CFLocaleCopyCurrent()),
  96                                localeString, LOCALEIDLENGTH, CFStringGetSystemEncoding());
  97                 char *underscorePos = strrchr(localeString, '_');
  98                 char *region = NULL;
  99 
 100                 if (underscorePos != NULL) {
 101                     region = underscorePos + 1;
 102                 }
 103 
 104                 if (region != NULL) {
 105                     strcat(languageString, "-");
 106                     strcat(languageString, region);
 107                 }
 108             }
 109 
 110             retVal = languageString;
 111         }
 112         break;
 113 
 114     default:
 115         {
 116             if (!CFStringGetCString(CFLocaleGetIdentifier(CFLocaleCopyCurrent()),
 117                                     localeString, LOCALEIDLENGTH, CFStringGetSystemEncoding())) {
 118                 return NULL;
 119             }
 120 
 121             retVal = localeString;
 122         }
 123         break;
 124     }
 125 
 126     if (retVal != NULL) {
 127         // convertToPOSIXLocale() does not expect any variant codes, so ignore
 128         // '@' and anything following, if present.
 129         char* rmAt = strchr(retVal, '@');
 130         if (rmAt != NULL) {
 131             *rmAt = '\0';
 132         }
 133         return strdup(convertToPOSIXLocale(retVal));
 134     }
 135 
 136     return NULL;
 137 }
 138 
 139 /* Language IDs use the language designators and (optional) region
 140  * and script designators of BCP 47.  So possible formats are:
 141  *
 142  * "en"         (language designator only)
 143  * "haw"        (3-letter lanuage designator)
 144  * "en-GB"      (language with alpha-2 region designator)
 145  * "es-419"     (language with 3-digit UN M.49 area code)
 146  * "zh-Hans"    (language with ISO 15924 script designator)
 147  * "zh-Hans-US"  (language with ISO 15924 script designator and region)
 148  * "zh-Hans-419" (language with ISO 15924 script designator and UN M.49)
 149  *
 150  * convert these tags into POSIX conforming locale string, i.e.,
 151  * lang{_region}{@script}. e.g., for "zh-Hans-US" into "zh_US@Hans"
 152  */
 153 const char * convertToPOSIXLocale(const char* src) {
 154     char* scriptRegion = strchr(src, '-');
 155     if (scriptRegion != NULL) {
 156         int length = strlen(scriptRegion);
 157         char* region = strchr(scriptRegion + 1, '-');
 158         char* atMark = NULL;
 159 
 160         if (region == NULL) {
 161             // CFLocaleGetIdentifier() returns '_' before region
 162             region = strchr(scriptRegion + 1, '_');
 163         }
 164 
 165         *scriptRegion = '_';
 166         if (length > 5) {
 167             // Region and script both exist.
 168             char tmpScript[4];
 169             int regionLength = length - 6;
 170             atMark = scriptRegion + 1 + regionLength;
 171             memcpy(tmpScript, scriptRegion + 1, 4);
 172             memmove(scriptRegion + 1, region + 1, regionLength);
 173             memcpy(atMark + 1, tmpScript, 4);
 174         } else if (length == 5) {
 175             // script only
 176             atMark = scriptRegion;
 177         }
 178 
 179         if (atMark != NULL) {
 180             *atMark = '@';
 181 
 182             // assert script code
 183             assert(isalpha(atMark[1]) &&
 184                    isalpha(atMark[2]) &&
 185                    isalpha(atMark[3]) &&
 186                    isalpha(atMark[4]));
 187         }
 188 
 189         assert(((length == 3 || length == 8) &&
 190             // '_' followed by a 2 character region designator
 191                 isalpha(scriptRegion[1]) &&
 192                 isalpha(scriptRegion[2])) ||
 193                 ((length == 4 || length == 9) &&
 194             // '_' followed by a 3-digit UN M.49 area code
 195                 isdigit(scriptRegion[1]) &&
 196                 isdigit(scriptRegion[2]) &&
 197                 isdigit(scriptRegion[3])) ||
 198             // '@' followed by a 4 character script code (already validated above)
 199                 (length == 5));
 200     }
 201 
 202     return src;
 203 }
 204 
 205 char *setupMacOSXLocale(int cat) {
 206     char * ret = getMacOSXLocale(cat);
 207 
 208     if (ret == NULL) {
 209         return getPosixLocale(cat);
 210     } else {
 211         return ret;
 212     }
 213 }
 214 
 215 // 10.9 SDK does not include the NSOperatingSystemVersion struct.
 216 // For now, create our own
 217 typedef struct {
 218         NSInteger majorVersion;
 219         NSInteger minorVersion;
 220         NSInteger patchVersion;
 221 } OSVerStruct;
 222 
 223 void setOSNameAndVersion(java_props_t *sprops) {
 224     // Hardcode os_name, and fill in os_version
 225     sprops->os_name = strdup("Mac OS X");
 226 
 227     char* osVersionCStr = NULL;
 228     // Mac OS 10.9 includes the [NSProcessInfo operatingSystemVersion] function,
 229     // but it's not in the 10.9 SDK.  So, call it via objc_msgSend_stret.
 230     if ([[NSProcessInfo processInfo] respondsToSelector:@selector(operatingSystemVersion)]) {
 231         OSVerStruct (*procInfoFn)(id rec, SEL sel) = (OSVerStruct(*)(id, SEL))objc_msgSend_stret;
 232         OSVerStruct osVer = procInfoFn([NSProcessInfo processInfo],
 233                                        @selector(operatingSystemVersion));
 234         NSString *nsVerStr;
 235         if (osVer.patchVersion == 0) { // Omit trailing ".0"
 236             nsVerStr = [NSString stringWithFormat:@"%ld.%ld",
 237                     (long)osVer.majorVersion, (long)osVer.minorVersion];
 238         } else {
 239             nsVerStr = [NSString stringWithFormat:@"%ld.%ld.%ld",
 240                     (long)osVer.majorVersion, (long)osVer.minorVersion, (long)osVer.patchVersion];
 241         }
 242         // Copy out the char*
 243         osVersionCStr = strdup([nsVerStr UTF8String]);
 244     }
 245     // Fallback if running on pre-10.9 Mac OS
 246     if (osVersionCStr == NULL) {
 247         NSDictionary *version = [NSDictionary dictionaryWithContentsOfFile :
 248                                  @"/System/Library/CoreServices/SystemVersion.plist"];
 249         if (version != NULL) {
 250             NSString *nsVerStr = [version objectForKey : @"ProductVersion"];
 251             if (nsVerStr != NULL) {
 252                 osVersionCStr = strdup([nsVerStr UTF8String]);
 253             }
 254         }
 255     }
 256     if (osVersionCStr == NULL) {
 257         osVersionCStr = strdup("Unknown");
 258     }
 259     sprops->os_version = osVersionCStr;
 260 }
 261 
 262 
 263 static Boolean getProxyInfoForProtocol(CFDictionaryRef inDict, CFStringRef inEnabledKey,
 264                                        CFStringRef inHostKey, CFStringRef inPortKey,
 265                                        CFStringRef *outProxyHost, int *ioProxyPort) {
 266     /* See if the proxy is enabled. */
 267     CFNumberRef cf_enabled = CFDictionaryGetValue(inDict, inEnabledKey);
 268     if (cf_enabled == NULL) {
 269         return false;
 270     }
 271 
 272     int isEnabled = false;
 273     if (!CFNumberGetValue(cf_enabled, kCFNumberIntType, &isEnabled)) {
 274         return isEnabled;
 275     }
 276 
 277     if (!isEnabled) return false;
 278     *outProxyHost = CFDictionaryGetValue(inDict, inHostKey);
 279 
 280     // If cf_host is null, that means the checkbox is set,
 281     //   but no host was entered. We'll treat that as NOT ENABLED.
 282     // If cf_port is null or cf_port isn't a number, that means
 283     //   no port number was entered. Treat this as ENABLED with the
 284     //   protocol's default port.
 285     if (*outProxyHost == NULL) {
 286         return false;
 287     }
 288 
 289     if (CFStringGetLength(*outProxyHost) == 0) {
 290         return false;
 291     }
 292 
 293     int newPort = 0;
 294     CFNumberRef cf_port = NULL;
 295     if ((cf_port = CFDictionaryGetValue(inDict, inPortKey)) != NULL &&
 296         CFNumberGetValue(cf_port, kCFNumberIntType, &newPort) &&
 297         newPort > 0) {
 298         *ioProxyPort = newPort;
 299     } else {
 300         // bad port or no port - leave *ioProxyPort unchanged
 301     }
 302 
 303     return true;
 304 }
 305 
 306 static char *createUTF8CString(const CFStringRef theString) {
 307     if (theString == NULL) return NULL;
 308 
 309     const CFIndex stringLength = CFStringGetLength(theString);
 310     const CFIndex bufSize = CFStringGetMaximumSizeForEncoding(stringLength, kCFStringEncodingUTF8) + 1;
 311     char *returnVal = (char *)malloc(bufSize);
 312 
 313     if (CFStringGetCString(theString, returnVal, bufSize, kCFStringEncodingUTF8)) {
 314         return returnVal;
 315     }
 316 
 317     free(returnVal);
 318     return NULL;
 319 }
 320 
 321 // Return TRUE if str is a syntactically valid IP address.
 322 // Using inet_pton() instead of inet_aton() for IPv6 support.
 323 // len is only a hint; cstr must still be nul-terminated
 324 static int looksLikeIPAddress(char *cstr, size_t len) {
 325     if (len == 0  ||  (len == 1 && cstr[0] == '.')) return FALSE;
 326 
 327     char dst[16]; // big enough for INET6
 328     return (1 == inet_pton(AF_INET, cstr, dst)  ||
 329             1 == inet_pton(AF_INET6, cstr, dst));
 330 }
 331 
 332 
 333 
 334 // Convert Mac OS X proxy exception entry to Java syntax.
 335 // See Radar #3441134 for details.
 336 // Returns NULL if this exception should be ignored by Java.
 337 // May generate a string with multiple exceptions separated by '|'.
 338 static char * createConvertedException(CFStringRef cf_original) {
 339     // This is done with char* instead of CFString because inet_pton()
 340     // needs a C string.
 341     char *c_exception = createUTF8CString(cf_original);
 342     if (!c_exception) return NULL;
 343 
 344     int c_len = strlen(c_exception);
 345 
 346     // 1. sanitize exception prefix
 347     if (c_len >= 1  &&  0 == strncmp(c_exception, ".", 1)) {
 348         memmove(c_exception, c_exception+1, c_len);
 349         c_len -= 1;
 350     } else if (c_len >= 2  &&  0 == strncmp(c_exception, "*.", 2)) {
 351         memmove(c_exception, c_exception+2, c_len-1);
 352         c_len -= 2;
 353     }
 354 
 355     // 2. pre-reject other exception wildcards
 356     if (strchr(c_exception, '*')) {
 357         free(c_exception);
 358         return NULL;
 359     }
 360 
 361     // 3. no IP wildcarding
 362     if (looksLikeIPAddress(c_exception, c_len)) {
 363         return c_exception;
 364     }
 365 
 366     // 4. allow domain suffixes
 367     // c_exception is now "str\0" - change to "str|*.str\0"
 368     c_exception = reallocf(c_exception, c_len+3+c_len+1);
 369     if (!c_exception) return NULL;
 370 
 371     strncpy(c_exception+c_len, "|*.", 3);
 372     strncpy(c_exception+c_len+3, c_exception, c_len);
 373     c_exception[c_len+3+c_len] = '\0';
 374     return c_exception;
 375 }
 376 
 377 /*
 378  * Method for fetching the user.home path and storing it in the property list.
 379  * For signed .apps running in the Mac App Sandbox, user.home is set to the
 380  * app's sandbox container.
 381  */
 382 void setUserHome(java_props_t *sprops) {
 383     if (sprops == NULL) { return; }
 384     NSAutoreleasePool *pool = [[NSAutoreleasePool alloc] init];
 385     sprops->user_home = createUTF8CString((CFStringRef)NSHomeDirectory());
 386     [pool drain];
 387 }
 388 
 389 /*
 390  * Method for fetching proxy info and storing it in the property list.
 391  */
 392 void setProxyProperties(java_props_t *sProps) {
 393     if (sProps == NULL) return;
 394 
 395     char buf[16];    /* Used for %d of an int - 16 is plenty */
 396     CFStringRef
 397     cf_httpHost = NULL,
 398     cf_httpsHost = NULL,
 399     cf_ftpHost = NULL,
 400     cf_socksHost = NULL;
 401     int
 402     httpPort = 80, // Default proxy port values
 403     httpsPort = 443,
 404     ftpPort = 21,
 405     socksPort = 1080;
 406 
 407     CFDictionaryRef dict = SCDynamicStoreCopyProxies(NULL);
 408     if (dict == NULL) return;
 409 
 410     /* Read the proxy exceptions list */
 411     CFArrayRef cf_list = CFDictionaryGetValue(dict, kSCPropNetProxiesExceptionsList);
 412 
 413     CFMutableStringRef cf_exceptionList = NULL;
 414     if (cf_list != NULL) {
 415         CFIndex len = CFArrayGetCount(cf_list), idx;
 416 
 417         cf_exceptionList = CFStringCreateMutable(NULL, 0);
 418         for (idx = (CFIndex)0; idx < len; idx++) {
 419             CFStringRef cf_ehost;
 420             if ((cf_ehost = CFArrayGetValueAtIndex(cf_list, idx))) {
 421                 /* Convert this exception from Mac OS X syntax to Java syntax.
 422                  See Radar #3441134 for details. This may generate a string
 423                  with multiple Java exceptions separated by '|'. */
 424                 char *c_exception = createConvertedException(cf_ehost);
 425                 if (c_exception) {
 426                     /* Append the host to the list of exclusions. */
 427                     if (CFStringGetLength(cf_exceptionList) > 0) {
 428                         CFStringAppendCString(cf_exceptionList, "|", kCFStringEncodingMacRoman);
 429                     }
 430                     CFStringAppendCString(cf_exceptionList, c_exception, kCFStringEncodingMacRoman);
 431                     free(c_exception);
 432                 }
 433             }
 434         }
 435     }
 436 
 437     if (cf_exceptionList != NULL) {
 438         if (CFStringGetLength(cf_exceptionList) > 0) {
 439             sProps->exceptionList = createUTF8CString(cf_exceptionList);
 440         }
 441         CFRelease(cf_exceptionList);
 442     }
 443 
 444 #define CHECK_PROXY(protocol, PROTOCOL)                                     \
 445     sProps->protocol##ProxyEnabled =                                        \
 446     getProxyInfoForProtocol(dict, kSCPropNetProxies##PROTOCOL##Enable,      \
 447     kSCPropNetProxies##PROTOCOL##Proxy,         \
 448     kSCPropNetProxies##PROTOCOL##Port,          \
 449     &cf_##protocol##Host, &protocol##Port);     \
 450     if (sProps->protocol##ProxyEnabled) {                                   \
 451         sProps->protocol##Host = createUTF8CString(cf_##protocol##Host);    \
 452         snprintf(buf, sizeof(buf), "%d", protocol##Port);                   \
 453         sProps->protocol##Port = malloc(strlen(buf) + 1);                   \
 454         strcpy(sProps->protocol##Port, buf);                                \
 455     }
 456 
 457     CHECK_PROXY(http, HTTP);
 458     CHECK_PROXY(https, HTTPS);
 459     CHECK_PROXY(ftp, FTP);
 460     CHECK_PROXY(socks, SOCKS);
 461 
 462 #undef CHECK_PROXY
 463 
 464     CFRelease(dict);
 465 }