Fix Bug 446379 - Security issue: Paho Android Service is broadcasting all messages and events system wide

Use LocalBroadcastManager instead of system wide one.  add pom.xml to download android-support-v4 package.

 Bug 446379

Change-Id: I98dad08c69992828d9867a69027fd6f6ba6c66b8
Signed-off-by: tzihan <zhtang@cn.ibm.com>

Author: tzihan

org.eclipse.paho.android.service/org.eclipse.paho.android.service/pom.xml

@@ -58,15 +58,20 @@
 	</build>
 
 	<dependencies>
-		<dependency>
-			<groupId>org.eclipse.paho</groupId>
-			<artifactId>org.eclipse.paho.client.mqttv3</artifactId>
-			<version>1.0.1-SNAPSHOT</version>
-		</dependency>
-        
-        <dependency>
-         	<groupId>com.google.android</groupId>
-    		<artifactId>android</artifactId>
-     	</dependency>
+	<dependency>
+		<groupId>org.eclipse.paho</groupId>
+		<artifactId>org.eclipse.paho.client.mqttv3</artifactId>
+		<version>1.0.1-SNAPSHOT</version>
+	</dependency>
+
+	<dependency>
+		<groupId>com.google.android</groupId>
+		<artifactId>android</artifactId>
+	</dependency>
+	<dependency>
+		<groupId>com.google.android</groupId>
+		<artifactId>support-v4</artifactId>
+		<version>r7</version>
+	</dependency> 
     </dependencies>
 </project>

org.eclipse.paho.android.service/org.eclipse.paho.android.service/src/org/eclipse/paho/android/service/MqttAndroidClient.java

@@ -49,6 +49,7 @@
 import android.content.ServiceConnection;
 import android.os.Bundle;
 import android.os.IBinder;
+import android.support.v4.content.LocalBroadcastManager;
 import android.util.SparseArray;
 
 /**
@@ -441,7 +442,7 @@ public void run() {
 	private void registerReceiver(BroadcastReceiver receiver) {
 		IntentFilter filter = new IntentFilter();
 				filter.addAction(MqttServiceConstants.CALLBACK_TO_ACTIVITY);
-				myContext.registerReceiver(receiver, filter);
+				LocalBroadcastManager.getInstance(myContext).registerReceiver(receiver, filter);
 				registerReceiver = true;
 	}
 
@@ -1595,7 +1596,7 @@ public void disconnectForcibly(long quiesceTimeout, long disconnectTimeout)
 	public void unregisterResources(){
 		if(myContext != null && registerReceiver){			
 			synchronized (MqttAndroidClient.this) {
-				myContext.unregisterReceiver(this);
+				LocalBroadcastManager.getInstance(myContext).unregisterReceiver(this);
 				registerReceiver = false;
 			}
 			if(bindedService){

org.eclipse.paho.android.service/org.eclipse.paho.android.service/src/org/eclipse/paho/android/service/MqttService.java

@@ -37,6 +37,7 @@
 import android.os.IBinder;
 import android.os.PowerManager;
 import android.os.PowerManager.WakeLock;
+import android.support.v4.content.LocalBroadcastManager;
 import android.util.Log;
 
 /**
@@ -277,7 +278,7 @@ void callbackToActivity(String clientHandle, Status status,
     if (dataBundle != null) {
       callbackIntent.putExtras(dataBundle);
     }
-    sendBroadcast(callbackIntent);
+    LocalBroadcastManager.getInstance(this).sendBroadcast(callbackIntent);
   }
 
   // The major API implementation follows :-