Support for specifying domain fronting ConnectionSpecs

// FREEBIE

Author: moxie0

java/src/main/java/org/whispersystems/signalservice/internal/push/PushServiceSocket.java

@@ -48,6 +48,7 @@
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
+import java.util.Collections;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Set;
@@ -57,9 +58,11 @@
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.X509TrustManager;
 
+import okhttp3.ConnectionSpec;
 import okhttp3.Interceptor;
 import okhttp3.MediaType;
 import okhttp3.OkHttpClient;
+import okhttp3.Protocol;
 import okhttp3.Request;
 import okhttp3.RequestBody;
 import okhttp3.Response;
@@ -571,9 +574,8 @@ private Response getConnection(String urlFragment, String method, String body)
       SSLContext context = SSLContext.getInstance("TLS");
       context.init(null, trustManagers, null);
 
-      OkHttpClient okHttpClient = new OkHttpClient.Builder()
-          .sslSocketFactory(context.getSocketFactory(), (X509TrustManager)trustManagers[0])
-          .build();
+      OkHttpClient.Builder okHttpClientBuilder = new OkHttpClient.Builder()
+          .sslSocketFactory(context.getSocketFactory(), (X509TrustManager)trustManagers[0]);
 
       Request.Builder request = new Request.Builder();
       request.url(String.format("%s%s", url, urlFragment));
@@ -592,11 +594,18 @@ private Response getConnection(String urlFragment, String method, String body)
         request.addHeader("X-Signal-Agent", userAgent);
       }
 
+      if (connectionInformation.getConnectionSpec().isPresent()) {
+        okHttpClientBuilder.connectionSpecs(Collections.singletonList(connectionInformation.getConnectionSpec().get()));
+      } else {
+        okHttpClientBuilder.connectionSpecs(Util.immutableList(ConnectionSpec.MODERN_TLS, ConnectionSpec.COMPATIBLE_TLS));
+      }
+
       if (hostHeader.isPresent()) {
-        okHttpClient.networkInterceptors().add(new HostInterceptor(hostHeader.get()));
+        okHttpClientBuilder.protocols(Collections.singletonList(Protocol.HTTP_1_1));
+        request.addHeader("Host", hostHeader.get());
       }
 
-      return okHttpClient.newCall(request.build()).execute();
+      return okHttpClientBuilder.build().newCall(request.build()).execute();
     } catch (IOException e) {
       throw new PushNetworkException(e);
     } catch (NoSuchAlgorithmException | KeyManagementException e) {
@@ -650,31 +659,18 @@ public String getLocation() {
     }
   }
 
-  private static class HostInterceptor implements Interceptor {
-
-    private final String host;
-
-    HostInterceptor(String host) {
-      this.host = host;
-    }
-
-    @Override
-    public Response intercept(Chain chain) throws IOException {
-      Request request = chain.request();
-      return chain.proceed(request.newBuilder().header("Host", host).build());
-    }
-  }
-
   private static class SignalConnectionInformation {
 
-    private final String           url;
-    private final Optional<String> hostHeader;
-    private final TrustManager[]   trustManagers;
+    private final String                   url;
+    private final Optional<String>         hostHeader;
+    private final Optional<ConnectionSpec> connectionSpec;
+    private final TrustManager[]           trustManagers;
 
     private SignalConnectionInformation(SignalServiceUrl signalServiceUrl) {
-      this.url           = signalServiceUrl.getUrl();
-      this.hostHeader    = signalServiceUrl.getHostHeader();
-      this.trustManagers = BlacklistingTrustManager.createFor(signalServiceUrl.getTrustStore());
+      this.url            = signalServiceUrl.getUrl();
+      this.hostHeader     = signalServiceUrl.getHostHeader();
+      this.connectionSpec = signalServiceUrl.getConnectionSpec();
+      this.trustManagers  = BlacklistingTrustManager.createFor(signalServiceUrl.getTrustStore());
     }
 
     String getUrl() {
@@ -688,5 +684,9 @@ Optional<String> getHostHeader() {
     TrustManager[] getTrustManagers() {
       return trustManagers;
     }
+
+    Optional<ConnectionSpec> getConnectionSpec() {
+      return connectionSpec;
+    }
   }
 }

java/src/main/java/org/whispersystems/signalservice/internal/push/SignalServiceUrl.java

@@ -4,20 +4,27 @@
 import org.whispersystems.libsignal.util.guava.Optional;
 import org.whispersystems.signalservice.api.push.TrustStore;
 
+import okhttp3.ConnectionSpec;
+
 public class SignalServiceUrl {
 
-  private final String           url;
-  private final Optional<String> hostHeader;
-  private       TrustStore       trustStore;
+  private final String                   url;
+  private final Optional<String>         hostHeader;
+  private final Optional<ConnectionSpec> connectionSpec;
+  private       TrustStore               trustStore;
 
   public SignalServiceUrl(String url, TrustStore trustStore) {
-    this(url, null, trustStore);
+    this(url, null, trustStore, null);
   }
 
-  public SignalServiceUrl(String url, String hostHeader, TrustStore trustStore) {
-    this.url        = url;
-    this.hostHeader = Optional.fromNullable(hostHeader);
-    this.trustStore = trustStore;
+  public SignalServiceUrl(String url, String hostHeader,
+                          TrustStore trustStore,
+                          ConnectionSpec connectionSpec)
+  {
+    this.url            = url;
+    this.hostHeader     = Optional.fromNullable(hostHeader);
+    this.trustStore     = trustStore;
+    this.connectionSpec = Optional.fromNullable(connectionSpec);
   }
 
 
@@ -32,4 +39,8 @@ public String getUrl() {
   public TrustStore getTrustStore() {
     return trustStore;
   }
+
+  public Optional<ConnectionSpec> getConnectionSpec() {
+    return connectionSpec;
+  }
 }

java/src/main/java/org/whispersystems/signalservice/internal/util/Util.java

@@ -12,6 +12,9 @@
 import java.io.OutputStream;
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
 
 public class Util {
 
@@ -121,4 +124,8 @@ public static int toIntExact(long value) {
     return (int)value;
   }
 
+  public static <T> List<T> immutableList(T... elements) {
+    return Collections.unmodifiableList(Arrays.asList(elements.clone()));
+  }
+
 }