From 432a9885451dafb47e0feafb6070b415d93aac03 Mon Sep 17 00:00:00 2001 From: cyBerta Date: Sun, 8 Mar 2020 12:39:45 +0100 Subject: Show error toast and reset root feature settings if app could not obtain root permissions --- app/src/main/java/se/leap/bitmaskclient/Constants.java | 1 - .../bitmaskclient/drawer/NavigationDrawerFragment.java | 13 +++++++++---- .../se/leap/bitmaskclient/firewall/FirewallManager.java | 15 ++++++++++++++- .../se/leap/bitmaskclient/utils/PreferenceHelper.java | 9 --------- app/src/main/res/values/strings.xml | 1 + 5 files changed, 24 insertions(+), 15 deletions(-) diff --git a/app/src/main/java/se/leap/bitmaskclient/Constants.java b/app/src/main/java/se/leap/bitmaskclient/Constants.java index 60edc941..6ec3076c 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Constants.java +++ b/app/src/main/java/se/leap/bitmaskclient/Constants.java @@ -15,7 +15,6 @@ public interface Constants { String LAST_USED_PROFILE = "last_used_profile"; String EXCLUDED_APPS = "excluded_apps"; String USE_PLUGGABLE_TRANSPORTS = "usePluggableTransports"; - String SU_PERMISSION = "su_permission"; String ALLOW_TETHERING_BLUETOOTH = "tethering_bluetooth"; String ALLOW_TETHERING_WIFI = "tethering_wifi"; String ALLOW_TETHERING_USB = "tethering_usb"; diff --git a/app/src/main/java/se/leap/bitmaskclient/drawer/NavigationDrawerFragment.java b/app/src/main/java/se/leap/bitmaskclient/drawer/NavigationDrawerFragment.java index bbeb83e5..715d278d 100644 --- a/app/src/main/java/se/leap/bitmaskclient/drawer/NavigationDrawerFragment.java +++ b/app/src/main/java/se/leap/bitmaskclient/drawer/NavigationDrawerFragment.java @@ -50,7 +50,6 @@ import java.util.Observer; import java.util.Set; import de.blinkt.openvpn.core.VpnStatus; -import se.leap.bitmaskclient.Constants; import se.leap.bitmaskclient.EipFragment; import se.leap.bitmaskclient.FragmentManagerEnhanced; import se.leap.bitmaskclient.MainActivity; @@ -80,6 +79,8 @@ import static se.leap.bitmaskclient.Constants.ENABLE_DONATION; import static se.leap.bitmaskclient.Constants.PROVIDER_KEY; import static se.leap.bitmaskclient.Constants.REQUEST_CODE_SWITCH_PROVIDER; import static se.leap.bitmaskclient.Constants.SHARED_PREFERENCES; +import static se.leap.bitmaskclient.Constants.USE_IPv6_FIREWALL; +import static se.leap.bitmaskclient.Constants.USE_PLUGGABLE_TRANSPORTS; import static se.leap.bitmaskclient.R.string.about_fragment_title; import static se.leap.bitmaskclient.R.string.exclude_apps_fragment_title; import static se.leap.bitmaskclient.R.string.log_fragment_title; @@ -130,6 +131,7 @@ public class NavigationDrawerFragment extends Fragment implements SharedPreferen private final static String KEY_SHOW_SAVE_BATTERY_ALERT = "KEY_SHOW_SAVE_BATTERY_ALERT"; private volatile boolean showSaveBattery = false; AlertDialog alertDialog; + private FirewallManager firewallManager; @Override public void onCreate(Bundle savedInstanceState) { @@ -139,6 +141,8 @@ public class NavigationDrawerFragment extends Fragment implements SharedPreferen preferences = getContext().getSharedPreferences(SHARED_PREFERENCES, MODE_PRIVATE); userLearnedDrawer = preferences.getBoolean(PREF_USER_LEARNED_DRAWER, false); preferences.registerOnSharedPreferenceChangeListener(this); + firewallManager = new FirewallManager(getContext().getApplicationContext(), false); + } @Override @@ -398,13 +402,12 @@ public class NavigationDrawerFragment extends Fragment implements SharedPreferen firewall = drawerView.findViewById(R.id.enableIPv6Firewall); boolean show = showExperimentalFeatures(getContext()); firewall.setVisibility(show ? VISIBLE : GONE); - firewall.setChecked(PreferenceHelper.useIpv6Firewall(this.getContext())); + firewall.setChecked(PreferenceHelper.useIpv6Firewall(getContext())); firewall.setOnCheckedChangeListener((buttonView, isChecked) -> { if (!buttonView.isPressed()) { return; } PreferenceHelper.setUseIPv6Firewall(getContext(), isChecked); - FirewallManager firewallManager = new FirewallManager(getContext().getApplicationContext(), false); if (VpnStatus.isVPNActive()) { if (isChecked) { firewallManager.startIPv6Firewall(); @@ -650,8 +653,10 @@ public class NavigationDrawerFragment extends Fragment implements SharedPreferen @Override public void onSharedPreferenceChanged(SharedPreferences sharedPreferences, String key) { - if (key.equals(Constants.USE_PLUGGABLE_TRANSPORTS)) { + if (key.equals(USE_PLUGGABLE_TRANSPORTS)) { initUseBridgesEntry(); + } else if (key.equals(USE_IPv6_FIREWALL)) { + initFirewallEntry(); } } diff --git a/app/src/main/java/se/leap/bitmaskclient/firewall/FirewallManager.java b/app/src/main/java/se/leap/bitmaskclient/firewall/FirewallManager.java index c148497b..ace8a298 100644 --- a/app/src/main/java/se/leap/bitmaskclient/firewall/FirewallManager.java +++ b/app/src/main/java/se/leap/bitmaskclient/firewall/FirewallManager.java @@ -17,11 +17,15 @@ package se.leap.bitmaskclient.firewall; */ import android.content.Context; +import android.os.Handler; +import android.os.Looper; +import android.widget.Toast; import java.util.Observable; import java.util.Observer; import de.blinkt.openvpn.core.VpnStatus; +import se.leap.bitmaskclient.R; import se.leap.bitmaskclient.tethering.TetheringObservable; import se.leap.bitmaskclient.tethering.TetheringState; import se.leap.bitmaskclient.utils.PreferenceHelper; @@ -80,9 +84,18 @@ public class FirewallManager implements FirewallCallback, Observer { @Override public void onSuRequested(boolean success) { - PreferenceHelper.setSuPermission(context, success); if (!success) { VpnStatus.logError("[FIREWALL] Root permission needed to execute custom firewall rules."); + new Handler(Looper.getMainLooper()).post(() -> { + Toast.makeText(context.getApplicationContext(), context.getString(R.string.root_permission_error, context.getString(R.string.app_name)), Toast.LENGTH_LONG).show(); + }); + TetheringObservable.allowVpnWifiTethering(false); + TetheringObservable.allowVpnUsbTethering(false); + TetheringObservable.allowVpnBluetoothTethering(false); + PreferenceHelper.allowWifiTethering(context, false); + PreferenceHelper.allowUsbTethering(context, false); + PreferenceHelper.allowBluetoothTethering(context, false); + PreferenceHelper.setUseIPv6Firewall(context, false); } } diff --git a/app/src/main/java/se/leap/bitmaskclient/utils/PreferenceHelper.java b/app/src/main/java/se/leap/bitmaskclient/utils/PreferenceHelper.java index 6f9744bc..238b00a1 100644 --- a/app/src/main/java/se/leap/bitmaskclient/utils/PreferenceHelper.java +++ b/app/src/main/java/se/leap/bitmaskclient/utils/PreferenceHelper.java @@ -29,7 +29,6 @@ import static se.leap.bitmaskclient.Constants.PROVIDER_PRIVATE_KEY; import static se.leap.bitmaskclient.Constants.PROVIDER_VPN_CERTIFICATE; import static se.leap.bitmaskclient.Constants.SHARED_PREFERENCES; import static se.leap.bitmaskclient.Constants.SHOW_EXPERIMENTAL; -import static se.leap.bitmaskclient.Constants.SU_PERMISSION; import static se.leap.bitmaskclient.Constants.USE_IPv6_FIREWALL; import static se.leap.bitmaskclient.Constants.USE_PLUGGABLE_TRANSPORTS; @@ -121,14 +120,6 @@ public class PreferenceHelper { apply(); } - public static boolean hasSuPermission(Context context) { - return getBoolean(context, SU_PERMISSION, false); - } - - public static void setSuPermission(Context context, boolean allowed) { - putBoolean(context, SU_PERMISSION, allowed); - } - public static boolean getUsePluggableTransports(Context context) { return getBoolean(context, USE_PLUGGABLE_TRANSPORTS, false); } diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml index 61cedffb..abab24df 100644 --- a/app/src/main/res/values/strings.xml +++ b/app/src/main/res/values/strings.xml @@ -140,4 +140,5 @@ Try obfuscated connection Try standard connection Android failed to establish the VPN service. + %s cannot execute features like VPN Hotspot or IPv6 firewall without root permissions. -- cgit v1.2.3