diff options
Diffstat (limited to 'app/src/main/java/se/leap/bitmaskclient/utils')
3 files changed, 45 insertions, 204 deletions
diff --git a/app/src/main/java/se/leap/bitmaskclient/utils/Cmd.java b/app/src/main/java/se/leap/bitmaskclient/utils/Cmd.java index a72658a4..d033ed24 100644 --- a/app/src/main/java/se/leap/bitmaskclient/utils/Cmd.java +++ b/app/src/main/java/se/leap/bitmaskclient/utils/Cmd.java @@ -18,7 +18,6 @@ package se.leap.bitmaskclient.utils; import android.support.annotation.WorkerThread; -import android.util.Log; import java.io.IOException; import java.io.InputStreamReader; @@ -43,7 +42,6 @@ public class Cmd { try { for (String cmd : cmds) { - Log.d(TAG, "executing CMD: " + cmd); out.write(cmd); out.write("\n"); } diff --git a/app/src/main/java/se/leap/bitmaskclient/utils/FirewallHelper.java b/app/src/main/java/se/leap/bitmaskclient/utils/FirewallHelper.java deleted file mode 100644 index 26e6603a..00000000 --- a/app/src/main/java/se/leap/bitmaskclient/utils/FirewallHelper.java +++ /dev/null @@ -1,196 +0,0 @@ -package se.leap.bitmaskclient.utils; -/** - * Copyright (c) 2019 LEAP Encryption Access Project and contributers - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -import android.content.Context; -import android.os.AsyncTask; -import android.util.Log; - -import java.lang.ref.WeakReference; - -import de.blinkt.openvpn.core.VpnStatus; - -import static se.leap.bitmaskclient.utils.Cmd.runBlockingCmd; - -interface FirewallCallback { - void onFirewallStarted(boolean success); - void onFirewallStopped(boolean success); - void onSuRequested(boolean success); -} - - -public class FirewallHelper implements FirewallCallback { - private static String BITMASK_CHAIN = "bitmask_fw"; - private static final String TAG = FirewallHelper.class.getSimpleName(); - - private Context context; - - public FirewallHelper(Context context) { - this.context = context; - } - - - @Override - public void onFirewallStarted(boolean success) { - if (success) { - VpnStatus.logInfo("[FIREWALL] Custom rules established"); - } else { - VpnStatus.logError("[FIREWALL] Could not establish custom rules."); - } - } - - @Override - public void onFirewallStopped(boolean success) { - if (success) { - VpnStatus.logInfo("[FIREWALL] Custom rules deleted"); - } else { - VpnStatus.logError("[FIREWALL] Could not delete custom rules"); - } - } - - @Override - public void onSuRequested(boolean success) { - PreferenceHelper.setSuPermission(context, success); - if (!success) { - VpnStatus.logError("[FIREWALL] Root permission needed to execute custom firewall rules."); - } - } - - - private static class StartFirewallTask extends AsyncTask<Void, Boolean, Boolean> { - - WeakReference<FirewallCallback> callbackWeakReference; - - StartFirewallTask(FirewallCallback callback) { - callbackWeakReference = new WeakReference<>(callback); - } - - @Override - protected Boolean doInBackground(Void... voids) { - StringBuilder log = new StringBuilder(); - String[] bitmaskChain = new String[]{ - "su", - "id", - "ip6tables --list " + BITMASK_CHAIN }; - - - try { - boolean hasBitmaskChain = runBlockingCmd(bitmaskChain, log) == 0; - boolean allowSu = log.toString().contains("uid=0"); - try { - callbackWeakReference.get().onSuRequested(allowSu); - Thread.sleep(1000); - } catch (Exception e) { - //ignore - } - - boolean success; - log = new StringBuilder(); - if (!hasBitmaskChain) { - String[] createChainAndRules = new String[]{ - "su", - "ip6tables --new-chain " + BITMASK_CHAIN, - "ip6tables --insert OUTPUT --jump " + BITMASK_CHAIN, - "ip6tables --append " + BITMASK_CHAIN + " -p tcp --jump REJECT", - "ip6tables --append " + BITMASK_CHAIN + " -p udp --jump REJECT" - }; - success = runBlockingCmd(createChainAndRules, log) == 0; - Log.d(TAG, "added " + BITMASK_CHAIN + " to ip6tables: " + success); - Log.d(TAG, log.toString()); - return success; - } else { - String[] addRules = new String[] { - "su", - "ip6tables --append " + BITMASK_CHAIN + " -p tcp --jump REJECT", - "ip6tables --append " + BITMASK_CHAIN + " -p udp --jump REJECT" }; - return runBlockingCmd(addRules, log) == 0; - } - } catch (Exception e) { - e.printStackTrace(); - Log.e(TAG, log.toString()); - } - return false; - } - - @Override - protected void onPostExecute(Boolean result) { - super.onPostExecute(result); - FirewallCallback callback = callbackWeakReference.get(); - if (callback != null) { - callback.onFirewallStarted(result); - } - } - } - - private static class ShutdownFirewallTask extends AsyncTask<Void, Boolean, Boolean> { - - WeakReference<FirewallCallback> callbackWeakReference; - - ShutdownFirewallTask(FirewallCallback callback) { - callbackWeakReference = new WeakReference<>(callback); - } - - @Override - protected Boolean doInBackground(Void... voids) { - boolean success; - StringBuilder log = new StringBuilder(); - String[] deleteChain = new String[]{ - "su", - "id", - "ip6tables --delete OUTPUT --jump " + BITMASK_CHAIN, - "ip6tables --flush " + BITMASK_CHAIN, - "ip6tables --delete-chain " + BITMASK_CHAIN - }; - try { - success = runBlockingCmd(deleteChain, log) == 0; - } catch (Exception e) { - e.printStackTrace(); - Log.e(TAG, log.toString()); - return false; - } - - try { - boolean allowSu = log.toString().contains("uid=0"); - callbackWeakReference.get().onSuRequested(allowSu); - } catch (Exception e) { - //ignore - } - return success; - } - - @Override - protected void onPostExecute(Boolean result) { - super.onPostExecute(result); - FirewallCallback callback = callbackWeakReference.get(); - if (callback != null) { - callback.onFirewallStopped(result); - } - } - } - - - public void startFirewall() { - StartFirewallTask task = new StartFirewallTask(this); - task.execute(); - } - - public void shutdownFirewall() { - ShutdownFirewallTask task = new ShutdownFirewallTask(this); - task.execute(); - } - -} diff --git a/app/src/main/java/se/leap/bitmaskclient/utils/PreferenceHelper.java b/app/src/main/java/se/leap/bitmaskclient/utils/PreferenceHelper.java index de2058c7..6f9744bc 100644 --- a/app/src/main/java/se/leap/bitmaskclient/utils/PreferenceHelper.java +++ b/app/src/main/java/se/leap/bitmaskclient/utils/PreferenceHelper.java @@ -3,35 +3,34 @@ package se.leap.bitmaskclient.utils; import android.content.Context; import android.content.SharedPreferences; import android.support.annotation.NonNull; -import android.support.annotation.Nullable; import org.json.JSONException; import org.json.JSONObject; import java.net.MalformedURLException; import java.net.URL; -import java.util.ArrayList; import java.util.HashSet; -import java.util.List; -import java.util.Locale; -import java.util.Map; import java.util.Set; import de.blinkt.openvpn.VpnProfile; import se.leap.bitmaskclient.Provider; import static android.content.Context.MODE_PRIVATE; +import static se.leap.bitmaskclient.Constants.ALLOW_TETHERING_BLUETOOTH; +import static se.leap.bitmaskclient.Constants.ALLOW_TETHERING_USB; +import static se.leap.bitmaskclient.Constants.ALLOW_TETHERING_WIFI; import static se.leap.bitmaskclient.Constants.ALWAYS_ON_SHOW_DIALOG; import static se.leap.bitmaskclient.Constants.DEFAULT_SHARED_PREFS_BATTERY_SAVER; import static se.leap.bitmaskclient.Constants.EXCLUDED_APPS; import static se.leap.bitmaskclient.Constants.LAST_USED_PROFILE; -import static se.leap.bitmaskclient.Constants.PREFERENCES_APP_VERSION; import static se.leap.bitmaskclient.Constants.PROVIDER_CONFIGURED; import static se.leap.bitmaskclient.Constants.PROVIDER_EIP_DEFINITION; import static se.leap.bitmaskclient.Constants.PROVIDER_PRIVATE_KEY; import static se.leap.bitmaskclient.Constants.PROVIDER_VPN_CERTIFICATE; import static se.leap.bitmaskclient.Constants.SHARED_PREFERENCES; +import static se.leap.bitmaskclient.Constants.SHOW_EXPERIMENTAL; import static se.leap.bitmaskclient.Constants.SU_PERMISSION; +import static se.leap.bitmaskclient.Constants.USE_IPv6_FIREWALL; import static se.leap.bitmaskclient.Constants.USE_PLUGGABLE_TRANSPORTS; /** @@ -146,6 +145,46 @@ public class PreferenceHelper { return getBoolean(context, DEFAULT_SHARED_PREFS_BATTERY_SAVER, false); } + public static void allowUsbTethering(Context context, boolean isEnabled) { + putBoolean(context, ALLOW_TETHERING_USB, isEnabled); + } + + public static boolean isUsbTetheringAllowed(Context context) { + return getBoolean(context, ALLOW_TETHERING_USB, false); + } + + public static void allowWifiTethering(Context context, boolean isEnabled) { + putBoolean(context, ALLOW_TETHERING_WIFI, isEnabled); + } + + public static boolean isWifiTetheringAllowed(Context context) { + return getBoolean(context, ALLOW_TETHERING_WIFI, false); + } + + public static void allowBluetoothTethering(Context context, boolean isEnabled) { + putBoolean(context, ALLOW_TETHERING_BLUETOOTH, isEnabled); + } + + public static boolean isBluetoothTetheringAllowed(Context context) { + return getBoolean(context, ALLOW_TETHERING_BLUETOOTH, false); + } + + public static void setShowExperimentalFeatures(Context context, boolean show) { + putBoolean(context, SHOW_EXPERIMENTAL, show); + } + + public static boolean showExperimentalFeatures(Context context) { + return getBoolean(context, SHOW_EXPERIMENTAL, false); + } + + public static void setUseIPv6Firewall(Context context, boolean useFirewall) { + putBoolean(context, USE_IPv6_FIREWALL, useFirewall); + } + + public static boolean useIpv6Firewall(Context context) { + return getBoolean(context, USE_IPv6_FIREWALL, false); + } + public static void saveShowAlwaysOnDialog(Context context, boolean showAlwaysOnDialog) { putBoolean(context, ALWAYS_ON_SHOW_DIALOG, showAlwaysOnDialog); } |