Prevent OkHttp from making local DNS lookups.

bramble-core/src/main/java/org/briarproject/bramble/socks/SocksSocket.java

@@ -6,9 +6,11 @@ import org.briarproject.bramble.util.IoUtils;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
+import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.net.Socket;
 import java.net.SocketAddress;
+import java.util.Arrays;
 
 class SocksSocket extends Socket {
 
@@ -24,6 +26,8 @@ class SocksSocket extends Socket {
 			"Address type not supported"
 	};
 
+	private static final byte[] UNSPECIFIED_ADDRESS = new byte[4];
+
 	private final SocketAddress proxy;
 	private final int connectToProxyTimeout;
 
@@ -40,6 +44,11 @@ class SocksSocket extends Socket {
 		if (!(endpoint instanceof InetSocketAddress))
 			throw new IllegalArgumentException();
 		InetSocketAddress inet = (InetSocketAddress) endpoint;
+		InetAddress address = inet.getAddress();
+		if (address != null
+				&& !Arrays.equals(address.getAddress(), UNSPECIFIED_ADDRESS)) {
+				throw new IllegalArgumentException();
+		}
 		String host = inet.getHostName();
 		if (host.length() > 255) throw new IllegalArgumentException();
 		int port = inet.getPort();

briar-core/src/main/java/org/briarproject/briar/feed/FeedManagerImpl.java

@@ -39,6 +39,8 @@ import org.briarproject.briar.api.feed.FeedManager;
 
 import java.io.IOException;
 import java.io.InputStream;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
 import java.security.GeneralSecurityException;
 import java.util.ArrayList;
 import java.util.Collections;
@@ -55,6 +57,7 @@ import javax.annotation.concurrent.ThreadSafe;
 import javax.inject.Inject;
 import javax.net.SocketFactory;
 
+import okhttp3.Dns;
 import okhttp3.OkHttpClient;
 import okhttp3.Request;
 import okhttp3.Response;
@@ -77,6 +80,7 @@ class FeedManagerImpl implements FeedManager, Client, EventListener {
 	private static final Logger LOG =
 			Logger.getLogger(FeedManagerImpl.class.getName());
 
+	private static final byte[] UNSPECIFIED_ADDRESS = new byte[4];
 	private static final int CONNECT_TIMEOUT = 60 * 1000; // Milliseconds
 
 	private final ScheduledExecutorService scheduler;
@@ -347,9 +351,21 @@ class FeedManagerImpl implements FeedManager, Client, EventListener {
 	}
 
 	private InputStream getFeedInputStream(String url) throws IOException {
+		// Don't make local DNS lookups
+		Dns noLookups = new Dns() {
+			@Override
+			public List<InetAddress> lookup(String hostname)
+					throws UnknownHostException {
+				InetAddress unspecified =
+						InetAddress.getByAddress(hostname, UNSPECIFIED_ADDRESS);
+				return Collections.singletonList(unspecified);
+			}
+		};
+
 		// Build HTTP Client
 		OkHttpClient client = new OkHttpClient.Builder()
 				.socketFactory(torSocketFactory)
+				.dns(noLookups)
 				.connectTimeout(CONNECT_TIMEOUT, MILLISECONDS)
 				.build();