From f8daccffc061e2f05f6605913c19d4aa807eaddb Mon Sep 17 00:00:00 2001 From: cyBerta Date: Mon, 9 Nov 2020 15:37:31 +0100 Subject: initial auto-update implementation: introducing fatweb flavor, pgpverify go library and bitmask core library, basic update mechanism --- .../java/se/leap/bitmaskclient/BitmaskApp.java | 38 +++++++++++++++- .../se/leap/bitmaskclient/ButterKnifeActivity.java | 16 +++++++ .../main/java/se/leap/bitmaskclient/Constants.java | 20 +++++++++ .../se/leap/bitmaskclient/EipSetupObserver.java | 21 +++++++++ .../leap/bitmaskclient/OkHttpClientGenerator.java | 50 +++++++++++++++------- .../java/se/leap/bitmaskclient/ProviderAPI.java | 2 +- .../se/leap/bitmaskclient/utils/ConfigHelper.java | 28 +++++++++++- .../se/leap/bitmaskclient/utils/FileHelper.java | 24 +++++++++++ 8 files changed, 181 insertions(+), 18 deletions(-) (limited to 'app/src/main/java') diff --git a/app/src/main/java/se/leap/bitmaskclient/BitmaskApp.java b/app/src/main/java/se/leap/bitmaskclient/BitmaskApp.java index bde5114b..437998e0 100644 --- a/app/src/main/java/se/leap/bitmaskclient/BitmaskApp.java +++ b/app/src/main/java/se/leap/bitmaskclient/BitmaskApp.java @@ -1,16 +1,42 @@ +/** + * Copyright (c) 2020 LEAP Encryption Access Project and contributers + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + package se.leap.bitmaskclient; import android.content.Context; +import android.content.IntentFilter; import android.content.SharedPreferences; -import androidx.multidex.MultiDexApplication; + import androidx.appcompat.app.AppCompatDelegate; +import androidx.localbroadcastmanager.content.LocalBroadcastManager; +import androidx.multidex.MultiDexApplication; import com.squareup.leakcanary.LeakCanary; import com.squareup.leakcanary.RefWatcher; +import se.leap.bitmaskclient.appUpdate.DownloadBroadcastReceiver; import se.leap.bitmaskclient.tethering.TetheringStateManager; +import static android.content.Intent.CATEGORY_DEFAULT; +import static se.leap.bitmaskclient.Constants.BROADCAST_DOWNLOAD_SERVICE_EVENT; import static se.leap.bitmaskclient.Constants.SHARED_PREFERENCES; +import static se.leap.bitmaskclient.appUpdate.DownloadBroadcastReceiver.ACTION_DOWNLOAD; +import static se.leap.bitmaskclient.appUpdate.DownloadServiceCommand.CHECK_VERSION_FILE; +import static se.leap.bitmaskclient.appUpdate.DownloadServiceCommand.DOWNLOAD_UPDATE; import static se.leap.bitmaskclient.utils.PreferenceHelper.getSavedProviderFromSharedPreferences; /** @@ -22,6 +48,7 @@ public class BitmaskApp extends MultiDexApplication { private final static String TAG = BitmaskApp.class.getSimpleName(); private RefWatcher refWatcher; private ProviderObservable providerObservable; + private DownloadBroadcastReceiver downloadBroadcastReceiver; @Override @@ -41,6 +68,15 @@ public class BitmaskApp extends MultiDexApplication { EipSetupObserver.init(this, preferences); AppCompatDelegate.setCompatVectorFromResourcesEnabled(true); TetheringStateManager.getInstance().init(this); + if (BuildConfig.FLAVOR.contains("Fatweb")) { + downloadBroadcastReceiver = new DownloadBroadcastReceiver(); + IntentFilter intentFilter = new IntentFilter(BROADCAST_DOWNLOAD_SERVICE_EVENT); + intentFilter.addAction(ACTION_DOWNLOAD); + intentFilter.addAction(CHECK_VERSION_FILE); + intentFilter.addAction(DOWNLOAD_UPDATE); + intentFilter.addCategory(CATEGORY_DEFAULT); + LocalBroadcastManager.getInstance(this.getApplicationContext()).registerReceiver(downloadBroadcastReceiver, intentFilter); + } } /** diff --git a/app/src/main/java/se/leap/bitmaskclient/ButterKnifeActivity.java b/app/src/main/java/se/leap/bitmaskclient/ButterKnifeActivity.java index 0ef77e2b..4f27f88a 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ButterKnifeActivity.java +++ b/app/src/main/java/se/leap/bitmaskclient/ButterKnifeActivity.java @@ -1,3 +1,19 @@ +/** + * Copyright (c) 2020 LEAP Encryption Access Project and contributers + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ package se.leap.bitmaskclient; import androidx.appcompat.app.AppCompatActivity; diff --git a/app/src/main/java/se/leap/bitmaskclient/Constants.java b/app/src/main/java/se/leap/bitmaskclient/Constants.java index 6462b663..dfd94759 100644 --- a/app/src/main/java/se/leap/bitmaskclient/Constants.java +++ b/app/src/main/java/se/leap/bitmaskclient/Constants.java @@ -1,3 +1,19 @@ +/** + * Copyright (c) 2020 LEAP Encryption Access Project and contributers + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ package se.leap.bitmaskclient; import android.text.TextUtils; @@ -20,6 +36,9 @@ public interface Constants { String ALLOW_TETHERING_USB = "tethering_usb"; String SHOW_EXPERIMENTAL = "show_experimental"; String USE_IPv6_FIREWALL = "use_ipv6_firewall"; + String APK_DOWNLOAD_ID = "apk_download_id"; + String VERSION_FILE_DOWNLOAD_ID = "version_file_downlaod_id"; + String SIGNATURE_DOWNLOAD_ID = "signature_file_download_id"; ////////////////////////////////////////////// @@ -105,6 +124,7 @@ public interface Constants { String BROADCAST_GATEWAY_SETUP_OBSERVER_EVENT = "BROADCAST.GATEWAY_SETUP_WATCHER_EVENT"; String BROADCAST_RESULT_CODE = "BROADCAST.RESULT_CODE"; String BROADCAST_RESULT_KEY = "BROADCAST.RESULT_KEY"; + String BROADCAST_DOWNLOAD_SERVICE_EVENT = "BROADCAST.DOWNLOAD_SERVICE_EVENT"; ////////////////////////////////////////////// diff --git a/app/src/main/java/se/leap/bitmaskclient/EipSetupObserver.java b/app/src/main/java/se/leap/bitmaskclient/EipSetupObserver.java index 7504e0c0..174e6657 100644 --- a/app/src/main/java/se/leap/bitmaskclient/EipSetupObserver.java +++ b/app/src/main/java/se/leap/bitmaskclient/EipSetupObserver.java @@ -1,3 +1,20 @@ +/** + * Copyright (c) 2020 LEAP Encryption Access Project and contributers + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + package se.leap.bitmaskclient; import android.content.BroadcastReceiver; @@ -21,6 +38,7 @@ import de.blinkt.openvpn.VpnProfile; import de.blinkt.openvpn.core.ConnectionStatus; import de.blinkt.openvpn.core.LogItem; import de.blinkt.openvpn.core.VpnStatus; +import se.leap.bitmaskclient.appUpdate.DownloadServiceCommand; import se.leap.bitmaskclient.eip.EIP; import se.leap.bitmaskclient.eip.EipCommand; import se.leap.bitmaskclient.eip.EipStatus; @@ -48,6 +66,7 @@ import static se.leap.bitmaskclient.ProviderAPI.CORRECTLY_DOWNLOADED_EIP_SERVICE import static se.leap.bitmaskclient.ProviderAPI.CORRECTLY_DOWNLOADED_GEOIP_JSON; import static se.leap.bitmaskclient.ProviderAPI.CORRECTLY_UPDATED_INVALID_VPN_CERTIFICATE; import static se.leap.bitmaskclient.ProviderAPI.INCORRECTLY_DOWNLOADED_GEOIP_JSON; +import static se.leap.bitmaskclient.appUpdate.DownloadServiceCommand.CHECK_VERSION_FILE; /** * Created by cyberta on 05.12.18. @@ -292,6 +311,8 @@ class EipSetupObserver extends BroadcastReceiver implements VpnStatus.StateListe //setupNClostestGateway > 0: at least one failed gateway -> did the provider change it's gateways? ProviderAPICommand.execute(context, ProviderAPI.DOWNLOAD_SERVICE_JSON, provider); } + + DownloadServiceCommand.execute(context, CHECK_VERSION_FILE); finishGatewaySetup(false); } else if ("TCP_CONNECT".equals(state)) { changingGateway.set(false); diff --git a/app/src/main/java/se/leap/bitmaskclient/OkHttpClientGenerator.java b/app/src/main/java/se/leap/bitmaskclient/OkHttpClientGenerator.java index 7b9874e0..576e76e0 100644 --- a/app/src/main/java/se/leap/bitmaskclient/OkHttpClientGenerator.java +++ b/app/src/main/java/se/leap/bitmaskclient/OkHttpClientGenerator.java @@ -62,7 +62,7 @@ public class OkHttpClientGenerator { Resources resources; - public OkHttpClientGenerator(SharedPreferences preferences, Resources resources) { + public OkHttpClientGenerator(/*SharedPreferences preferences,*/ Resources resources) { this.resources = resources; } @@ -74,22 +74,21 @@ public class OkHttpClientGenerator { return initHttpClient(initError, caCert); } + public OkHttpClient init() { + try { + return createClient(null); + } catch (Exception e) { + e.printStackTrace(); + } + return null; + } + private OkHttpClient initHttpClient(JSONObject initError, String certificate) { + if (resources == null) { + return null; + } try { - TLSCompatSocketFactory sslCompatFactory; - ConnectionSpec spec = getConnectionSpec(); - OkHttpClient.Builder clientBuilder = new OkHttpClient.Builder(); - - if (!isEmpty(certificate)) { - sslCompatFactory = new TLSCompatSocketFactory(certificate); - } else { - sslCompatFactory = new TLSCompatSocketFactory(); - } - sslCompatFactory.initSSLSocketFactory(clientBuilder); - clientBuilder.cookieJar(getCookieJar()) - .connectionSpecs(Collections.singletonList(spec)); - clientBuilder.dns(new DnsResolver()); - return clientBuilder.build(); + return createClient(certificate); } catch (IllegalArgumentException e) { e.printStackTrace(); // TODO ca cert is invalid - show better error ?! @@ -110,10 +109,31 @@ public class OkHttpClientGenerator { } catch (IOException e) { e.printStackTrace(); addErrorMessageToJson(initError, resources.getString(error_io_exception_user_message)); + } catch (Exception e) { + e.printStackTrace(); + // unexpected exception, should never happen + // only to shorten the method signature createClient(String certificate) } return null; } + private OkHttpClient createClient(String certificate) throws Exception { + TLSCompatSocketFactory sslCompatFactory; + ConnectionSpec spec = getConnectionSpec(); + OkHttpClient.Builder clientBuilder = new OkHttpClient.Builder(); + + if (!isEmpty(certificate)) { + sslCompatFactory = new TLSCompatSocketFactory(certificate); + } else { + sslCompatFactory = new TLSCompatSocketFactory(); + } + sslCompatFactory.initSSLSocketFactory(clientBuilder); + clientBuilder.cookieJar(getCookieJar()) + .connectionSpecs(Collections.singletonList(spec)); + clientBuilder.dns(new DnsResolver()); + return clientBuilder.build(); + } + @NonNull diff --git a/app/src/main/java/se/leap/bitmaskclient/ProviderAPI.java b/app/src/main/java/se/leap/bitmaskclient/ProviderAPI.java index 4058b824..bec16139 100644 --- a/app/src/main/java/se/leap/bitmaskclient/ProviderAPI.java +++ b/app/src/main/java/se/leap/bitmaskclient/ProviderAPI.java @@ -120,7 +120,7 @@ public class ProviderAPI extends JobIntentService implements ProviderApiManagerB private ProviderApiManager initApiManager() { SharedPreferences preferences = getSharedPreferences(SHARED_PREFERENCES, MODE_PRIVATE); - OkHttpClientGenerator clientGenerator = new OkHttpClientGenerator(preferences, getResources()); + OkHttpClientGenerator clientGenerator = new OkHttpClientGenerator(getResources()); return new ProviderApiManager(preferences, getResources(), clientGenerator, this); } } diff --git a/app/src/main/java/se/leap/bitmaskclient/utils/ConfigHelper.java b/app/src/main/java/se/leap/bitmaskclient/utils/ConfigHelper.java index 2748c944..5a142d90 100644 --- a/app/src/main/java/se/leap/bitmaskclient/utils/ConfigHelper.java +++ b/app/src/main/java/se/leap/bitmaskclient/utils/ConfigHelper.java @@ -53,6 +53,7 @@ import static se.leap.bitmaskclient.Constants.DEFAULT_BITMASK; /** * Stores constants, and implements auxiliary methods used across all Bitmask Android classes. + * Wraps BuildConfigFields for to support easier unit testing * * @author parmegv * @author MeanderingCode @@ -120,7 +121,7 @@ public class ConfigHelper { try { KeyFactory kf; if (Build.VERSION.SDK_INT < Build.VERSION_CODES.P) { - kf = KeyFactory.getInstance("RSA", "BC"); + kf = KeyFactory.getInstance("RSA", "BC"); } else { kf = KeyFactory.getInstance("RSA"); } @@ -201,4 +202,29 @@ public class ConfigHelper { return (string1 == null && string2 == null) || (string1 != null && string1.equals(string2)); } + + public static String getApkFileName() { + try { + return BuildConfig.update_apk_url.substring(BuildConfig.update_apk_url.lastIndexOf("/")); + } catch (Exception e) { + return null; + } + } + + public static String getVersionFileName() { + try { + return BuildConfig.version_file_url.substring(BuildConfig.version_file_url.lastIndexOf("/")); + } catch (Exception e) { + return null; + } + } + + public static String getSignatureFileName() { + try { + return BuildConfig.signature_url.substring(BuildConfig.signature_url.lastIndexOf("/")); + } catch (Exception e) { + return null; + } + } + } diff --git a/app/src/main/java/se/leap/bitmaskclient/utils/FileHelper.java b/app/src/main/java/se/leap/bitmaskclient/utils/FileHelper.java index 1c3e1ebb..ebcc32ba 100644 --- a/app/src/main/java/se/leap/bitmaskclient/utils/FileHelper.java +++ b/app/src/main/java/se/leap/bitmaskclient/utils/FileHelper.java @@ -1,8 +1,13 @@ package se.leap.bitmaskclient.utils; +import android.content.Context; + +import java.io.BufferedReader; import java.io.File; import java.io.FileWriter; import java.io.IOException; +import java.io.InputStream; +import java.io.InputStreamReader; /** * Created by cyberta on 18.03.18. @@ -19,4 +24,23 @@ public class FileHelper { writer.close(); } + public static String readPublicKey(Context context) { + { + InputStream inputStream; + try { + inputStream = context.getAssets().open("public.pgp"); + BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream)); + StringBuilder sb = new StringBuilder(); + String line; + while ((line = reader.readLine()) != null) { + sb.append(line).append("\n"); + } + reader.close(); + return sb.toString(); + } catch (IOException errabi) { + return null; + } + } + } + } -- cgit v1.2.3