[or-cvs] r22901: {projects} added "check" yes/no dialog prompt; debuged iptables/transpr (in projects/android/trunk/Orbot: . assets res/values res/xml src/org/torproject/android src/org/torproject/android/service)
Nathan Freitas
nathan at freitas.net
Sat Aug 14 05:08:56 UTC 2010
Author: n8fr8
Date: 2010-08-14 05:08:55 +0000 (Sat, 14 Aug 2010)
New Revision: 22901
Removed:
projects/android/trunk/Orbot/assets/iptables
Modified:
projects/android/trunk/Orbot/AndroidManifest.xml
projects/android/trunk/Orbot/assets/torrc
projects/android/trunk/Orbot/default.properties
projects/android/trunk/Orbot/res/values/strings.xml
projects/android/trunk/Orbot/res/xml/preferences.xml
projects/android/trunk/Orbot/src/org/torproject/android/Orbot.java
projects/android/trunk/Orbot/src/org/torproject/android/SettingsPreferences.java
projects/android/trunk/Orbot/src/org/torproject/android/service/TorBinaryInstaller.java
projects/android/trunk/Orbot/src/org/torproject/android/service/TorService.java
projects/android/trunk/Orbot/src/org/torproject/android/service/TorServiceConstants.java
projects/android/trunk/Orbot/src/org/torproject/android/service/TorTransProxy.java
Log:
added "check" yes/no dialog prompt; debuged iptables/transprox settings on Android 1.6 and 2.2
Modified: projects/android/trunk/Orbot/AndroidManifest.xml
===================================================================
--- projects/android/trunk/Orbot/AndroidManifest.xml 2010-08-13 20:49:12 UTC (rev 22900)
+++ projects/android/trunk/Orbot/AndroidManifest.xml 2010-08-14 05:08:55 UTC (rev 22901)
@@ -1,11 +1,11 @@
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
- package="org.torproject.android"
- android:versionName="0.2.2.14-orbot-alpha-1.0.2" android:versionCode="8">
+ package="org.torproject.android" android:versionName="0.2.2.14-orbot-alpha-1.0.2" android:versionCode="8">
<uses-permission android:name="android.permission.INTERNET" />
+
- <application android:icon="@drawable/icon" android:label="@string/app_name" android:debuggable="false">
+ <application android:icon="@drawable/icon" android:label="@string/app_name">
<activity android:name=".Orbot"
android:theme="@android:style/Theme.NoTitleBar"
@@ -19,13 +19,22 @@
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
</intent-filter>
+
+ <intent-filter>
+ <category android:name="android.intent.category.DEFAULT" />
+ <action android:name="org.torproject.android.REQUEST_HS_PORT" />
+ </intent-filter>
+ <intent-filter>
+ <category android:name="android.intent.category.DEFAULT" />
+ <action android:name="org.torproject.android.START_TOR" />
+ </intent-filter>
</activity>
<activity android:name=".SettingsPreferences" android:label="@string/app_name"/>
<activity android:name=".AppManager" android:label="@string/app_name"/>
<activity android:name=".WizardActivity" android:label="@string/app_name"/>
- <service android:name=".service.TorService" android:process=":remote" android:debuggable="false">
+ <service android:name=".service.TorService" android:process=":remote">
<intent-filter>
<action android:name="org.torproject.android.service.ITorService" />
<action android:name="org.torproject.android.service.TOR_SERVICE" />
Deleted: projects/android/trunk/Orbot/assets/iptables
===================================================================
(Binary files differ)
Modified: projects/android/trunk/Orbot/assets/torrc
===================================================================
--- projects/android/trunk/Orbot/assets/torrc 2010-08-13 20:49:12 UTC (rev 22900)
+++ projects/android/trunk/Orbot/assets/torrc 2010-08-14 05:08:55 UTC (rev 22901)
@@ -1,9 +1,8 @@
SocksPort 9050
SocksListenAddress 127.0.0.1
SafeSocks 1
-DNSPort 5400
Log notice stdout
-Log debug syslog
+##Log debug syslog
DataDirectory /data/data/org.torproject.android/data
ControlPort 9051
CookieAuthentication 1
@@ -12,3 +11,4 @@
UseBridges 0
AutomapHostsOnResolve 1
TransPort 9040
+DNSPort 5400
Modified: projects/android/trunk/Orbot/default.properties
===================================================================
--- projects/android/trunk/Orbot/default.properties 2010-08-13 20:49:12 UTC (rev 22900)
+++ projects/android/trunk/Orbot/default.properties 2010-08-14 05:08:55 UTC (rev 22901)
@@ -10,5 +10,5 @@
# Indicates whether an apk should be generated for each density.
split.density=false
# Project target.
-target=Google Inc.:Google APIs:3
+target=android-3
apk-configurations=
Modified: projects/android/trunk/Orbot/res/values/strings.xml
===================================================================
--- projects/android/trunk/Orbot/res/values/strings.xml 2010-08-13 20:49:12 UTC (rev 22900)
+++ projects/android/trunk/Orbot/res/values/strings.xml 2010-08-14 05:08:55 UTC (rev 22901)
@@ -1,5 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<resources>
+ <string name="pref_hs_group">Hidden Services</string>
<string name="app_name">Orbot</string>
<string name="app_version">1.0.2</string>
<string name="internal_web_url">http://orbot/</string>
@@ -72,7 +73,10 @@
<string name="btn_back">Back</string>
<string name="btn_finish">Finish</string>
+<string name="btn_okay">Okay</string>
+<string name="btn_cancel">Cancel</string>
+
<!-- Welcome Wizard strings (DJH) -->
<string name="wizard_welcome_msg">Orbot brings Tor to Android. Tor is free software and an open network that helps you defend against a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security known as traffic analysis.\n\n*WARNING:* Simply installing Orbot will _not_ magically anonymize your mobile traffic! This wizard will help you get started.</string>
<string name="wizard_details">Some Orbot Details</string>
@@ -115,4 +119,5 @@
<string name="connect_first_time"> You\'ve successfully connected to the Tor network - but this does NOT mean your device is secure. You can use the \'Check\' option from the menu to test your browser. \n\nVisit us at https://guardianproject.info/apps/orbot or send an email to help at guardianproject.info to learn more.</string>
+ <string name="tor_check">This will open your default web browser to https://check.torproject.org in order to see if Orbot is probably configured and you are connected to Tor.</string>
</resources>
Modified: projects/android/trunk/Orbot/res/xml/preferences.xml
===================================================================
--- projects/android/trunk/Orbot/res/xml/preferences.xml 2010-08-13 20:49:12 UTC (rev 22900)
+++ projects/android/trunk/Orbot/res/xml/preferences.xml 2010-08-14 05:08:55 UTC (rev 22901)
@@ -27,16 +27,6 @@
</PreferenceCategory>
-<!--
-<PreferenceCategory android:title="Web Proxy">
-<Preference
-android:defaultValue=""
-android:key="pref_web_proxy"
-android:title="Open Proxy Panel"
-android:summary="Set HTTP Settings (Android 2.x Experimental)"
-android:enabled="true"/>
-</PreferenceCategory>
- -->
<PreferenceCategory android:title="Bridges">
@@ -100,4 +90,9 @@
/>
</PreferenceCategory>
+<PreferenceCategory android:title="@string/pref_hs_group"><CheckBoxPreference android:title="Enable Hidden Services" android:summary="run servers accessible via the Tor network" android:key="pref_hs_enable"></CheckBoxPreference>
+<EditTextPreference android:summary="enter localhost ports for hidden services" android:title="Hidden Service Ports" android:enabled="false" android:key="pref_hs_ports"></EditTextPreference>
+
+<EditTextPreference android:key="pref_hs_hostname" android:summary="the addressable name for your hidden service (generated automatically)" android:title=".Onion Hostname"></EditTextPreference>
+</PreferenceCategory>
</PreferenceScreen>
Modified: projects/android/trunk/Orbot/src/org/torproject/android/Orbot.java
===================================================================
--- projects/android/trunk/Orbot/src/org/torproject/android/Orbot.java 2010-08-13 20:49:12 UTC (rev 22900)
+++ projects/android/trunk/Orbot/src/org/torproject/android/Orbot.java 2010-08-14 05:08:55 UTC (rev 22901)
@@ -3,10 +3,15 @@
package org.torproject.android;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
import java.util.StringTokenizer;
import org.torproject.android.service.ITorService;
import org.torproject.android.service.ITorServiceCallback;
+import org.torproject.android.service.TorServiceConstants;
import org.torproject.android.service.TorTransProxy;
import android.app.Activity;
@@ -62,6 +67,7 @@
/* Tor Service interaction */
/* The primary interface we will be calling on the service. */
ITorService mService = null;
+ private boolean autoStartOnBind = false;
Orbot mOrbot = null;
@@ -147,24 +153,19 @@
}
else if (item.getItemId() == 4)
{
- this.showSettings();
+ showSettings();
}
else if (item.getItemId() == 6)
{
- this.showMessageLog();
+ showMessageLog();
}
- else if (item.getItemId() == 2)
- {
- openBrowser(URL_TOR_CHECK);
- }
else if (item.getItemId() == 3)
{
showHelp();
}
else if (item.getItemId() == 7)
{
- //launch check.torproject.org
- openBrowser(URL_TOR_CHECK);
+ doTorCheck();
}
else if (item.getItemId() == 8)
{
@@ -180,16 +181,18 @@
private void doExit ()
{
try {
+
stopTor();
- NotificationManager mNotificationManager = (NotificationManager) getSystemService(Context.NOTIFICATION_SERVICE);
- mNotificationManager.cancelAll();
unbindService();
stopService(new Intent(ITorService.class.getName()));
+
+ NotificationManager mNotificationManager = (NotificationManager) getSystemService(Context.NOTIFICATION_SERVICE);
+ mNotificationManager.cancelAll();
+
-
} catch (RemoteException e) {
Log.w(TAG, e);
}
@@ -247,6 +250,69 @@
logBuffer.append(logText);
}
+ private void doTorCheck ()
+ {
+
+ DialogInterface.OnClickListener dialogClickListener = new DialogInterface.OnClickListener() {
+ @Override
+ public void onClick(DialogInterface dialog, int which) {
+ switch (which){
+ case DialogInterface.BUTTON_POSITIVE:
+
+ openBrowser(URL_TOR_CHECK);
+
+
+
+ break;
+
+ case DialogInterface.BUTTON_NEGATIVE:
+
+ //do nothing
+ break;
+ }
+ }
+ };
+
+ AlertDialog.Builder builder = new AlertDialog.Builder(this);
+ builder.setMessage(R.string.tor_check).setPositiveButton(R.string.btn_okay, dialogClickListener)
+ .setNegativeButton(R.string.btn_cancel, dialogClickListener).show();
+
+ }
+
+ private void enableHiddenServicePort (int hsPort)
+ {
+ SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(mOrbot);
+ Editor pEdit = prefs.edit();
+
+ String hsPortString = prefs.getString("pref_hs_ports", "");
+
+ if (hsPortString.length() > 0 && hsPortString.indexOf(hsPort+"")==-1)
+ hsPortString += ',' + hsPort;
+ else
+ hsPortString = hsPort + "";
+
+ pEdit.putString("pref_hs_ports", hsPortString);
+ pEdit.putBoolean("pref_hs_enable", true);
+
+ pEdit.commit();
+
+ try {
+ processSettings();
+
+ String onionHostname = getHiddenServiceHostname();
+
+ Intent nResult = new Intent();
+ nResult.putExtra("hs_host", onionHostname);
+ setResult(RESULT_OK, nResult);
+
+ } catch (RemoteException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+
+
+ }
+
/* (non-Javadoc)
* @see android.app.Activity#onResume()
*/
@@ -254,33 +320,80 @@
super.onResume();
- NotificationManager mNotificationManager = (NotificationManager) getSystemService(Context.NOTIFICATION_SERVICE);
- mNotificationManager.cancelAll();
-
-
- SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(mOrbot);
- boolean showWizard = prefs.getBoolean("show_wizard",true);
+ String action = getIntent().getAction();
- if (showWizard)
+ if (action != null)
{
-
- Editor pEdit = prefs.edit();
+ if (action.equals("org.torproject.android.REQUEST_HS_PORT"))
+ {
+
+ DialogInterface.OnClickListener dialogClickListener = new DialogInterface.OnClickListener() {
+ @Override
+ public void onClick(DialogInterface dialog, int which) {
+ switch (which){
+ case DialogInterface.BUTTON_POSITIVE:
+
+ int hsPort = getIntent().getIntExtra("hs_port", -1);
+
+ enableHiddenServicePort (hsPort);
+
+ finish();
+
+
+ break;
+
+ case DialogInterface.BUTTON_NEGATIVE:
+ //No button clicked
+ finish();
+ break;
+ }
+ }
+ };
+
+ int hsPort = getIntent().getIntExtra("hs_port", -1);
+
+ String requestMsg = "An app wants to open a server port (" + hsPort + ") to the Tor network. This is safe if you trust the app.";
+ AlertDialog.Builder builder = new AlertDialog.Builder(this);
+ builder.setMessage(requestMsg).setPositiveButton("Allow", dialogClickListener)
+ .setNegativeButton("Deny", dialogClickListener).show();
+
- pEdit.putBoolean("show_wizard",false);
+ }
+ else if (action.equals("org.torproject.android.START_TOR"))
+ {
+ autoStartOnBind = true;
+
+ if (mService == null)
+ bindService();
+
+ }
- pEdit.commit();
-
- showHelp();
}
else
{
+
+ NotificationManager mNotificationManager = (NotificationManager) getSystemService(Context.NOTIFICATION_SERVICE);
+ mNotificationManager.cancelAll();
+ SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(mOrbot);
+
+ boolean showWizard = prefs.getBoolean("show_wizard",true);
+ if (showWizard)
+ {
+
+ Editor pEdit = prefs.edit();
+
+ pEdit.putBoolean("show_wizard",false);
+
+ pEdit.commit();
+
+ showHelp();
+ }
}
-
}
/* (non-Javadoc)
@@ -293,9 +406,8 @@
startService(new Intent(INTENT_TOR_SERVICE));
bindService ();
- //updateStatus ("");
+ updateStatus ("");
-
}
@@ -414,8 +526,12 @@
boolean ReachableAddresses = prefs.getBoolean(PREF_REACHABLE_ADDRESSES,false);
+ boolean enableHiddenServices = prefs.getBoolean("pref_hs_enable", false);
+
+
boolean enableTransparentProxy = prefs.getBoolean(PREF_TRANSPARENT, false);
+
mService.updateTransProxy();
String bridgeList = prefs.getString(PREF_BRIDGES_LIST,"");
@@ -469,6 +585,10 @@
mService.updateConfiguration("ReachableAddresses", ReachableAddressesPorts, false);
}
+ else
+ {
+ mService.updateConfiguration("ReachableAddresses", "", false);
+ }
}
catch (Exception e)
{
@@ -487,6 +607,12 @@
mService.updateConfiguration("ExitPolicy", "reject *:*", false);
}
+ else
+ {
+ mService.updateConfiguration("ORPort", "", false);
+ mService.updateConfiguration("Nickname", "", false);
+ mService.updateConfiguration("ExitPolicy", "", false);
+ }
}
catch (Exception e)
{
@@ -495,8 +621,48 @@
return;
}
- if (mService != null)
- mService.saveConfiguration();
+ if (enableHiddenServices)
+ {
+ mService.updateConfiguration("HiddenServiceDir","/data/data/org.torproject.android/", false);
+
+ String hsPorts = prefs.getString("pref_hs_ports","");
+
+ StringTokenizer st = new StringTokenizer (hsPorts,",");
+ String hsPortConfig = null;
+
+ while (st.hasMoreTokens())
+ {
+ hsPortConfig = st.nextToken();
+
+ if (hsPortConfig.indexOf(":")==-1) //setup the port to localhost if not specifed
+ {
+ hsPortConfig = hsPortConfig + " 127.0.0.1:" + hsPortConfig;
+ }
+
+ mService.updateConfiguration("HiddenServicePort",hsPortConfig, false);
+ }
+
+ //force save now so the hostname file gets generated
+ mService.saveConfiguration();
+
+ String onionHostname = getHiddenServiceHostname();
+
+ if (onionHostname != null)
+ {
+
+ Editor pEdit = prefs.edit();
+ pEdit.putString("pref_hs_hostname",onionHostname);
+ pEdit.commit();
+
+ }
+ }
+ else
+ {
+ mService.updateConfiguration("HiddenServiceDir","", false);
+
+ }
+
+ mService.saveConfiguration();
}
catch (Exception e)
{
@@ -509,7 +675,21 @@
}
+ private String getHiddenServiceHostname ()
+ {
+ String appHome = "/data/data/" + TorServiceConstants.TOR_APP_USERNAME + "/";
+
+ File file = new File(appHome, "hostname");
+ try {
+ String onionHostname = Utils.readString(new FileInputStream(file));
+ return onionHostname.trim();
+ } catch (FileNotFoundException e) {
+ Log.i(TAG, "unable to read onion hostname file",e);
+ return null;
+ }
+ }
+
private void showAlert(String title, String msg)
{
@@ -561,7 +741,21 @@
}
+ boolean enableHiddenServices = prefs.getBoolean("pref_hs_enable", false);
+ if (enableHiddenServices)
+ {
+ String onionHostname = getHiddenServiceHostname();
+
+ if (onionHostname != null)
+ {
+ Editor pEdit = prefs.edit();
+ pEdit.putString("pref_hs_hostname",onionHostname);
+ pEdit.commit();
+
+ }
+
+ }
}
@@ -651,14 +845,18 @@
else if (mService.getStatus() == STATUS_READY)
{
- startTor();
-
+ if (event.getAction() == MotionEvent.ACTION_UP)
+ {
+ startTor();
+ }
}
else
{
- stopTor();
-
+ if (event.getAction() == MotionEvent.ACTION_DOWN)
+ {
+ stopTor();
+ }
}
}
@@ -799,18 +997,29 @@
mService = ITorService.Stub.asInterface(service);
updateStatus ("");
-
+
// We want to monitor the service for as long as we are
// connected to it.
try {
mService.registerCallback(mCallback);
+
+
+ if (autoStartOnBind)
+ {
+ autoStartOnBind = false;
+
+ startTor();
+
+ }
+
} catch (RemoteException e) {
// In this case the service has crashed before we could even
// do anything with it; we can count on soon being
// disconnected (and then reconnected if it can be restarted)
// so there is no need to do anything here.
+ Log.i(TAG,"error registering callback to service",e);
}
-
+
}
@@ -844,8 +1053,6 @@
try {
mService.unregisterCallback(mCallback);
-
-
} catch (RemoteException e) {
// There is nothing special we need to do if the service
// has crashed.
Modified: projects/android/trunk/Orbot/src/org/torproject/android/SettingsPreferences.java
===================================================================
--- projects/android/trunk/Orbot/src/org/torproject/android/SettingsPreferences.java 2010-08-13 20:49:12 UTC (rev 22900)
+++ projects/android/trunk/Orbot/src/org/torproject/android/SettingsPreferences.java 2010-08-14 05:08:55 UTC (rev 22901)
@@ -3,7 +3,6 @@
package org.torproject.android;
-import org.torproject.android.service.TorServiceUtils;
import org.torproject.android.service.TorTransProxy;
import android.content.Intent;
@@ -21,10 +20,9 @@
private CheckBoxPreference prefCBTransProxy = null;
private CheckBoxPreference prefcBTransProxyAll = null;
private Preference prefTransProxyApps = null;
- private Preference prefWebProxy = null;
+ private CheckBoxPreference prefHiddenServices = null;
-
private boolean hasRoot = false;
protected void onCreate(Bundle savedInstanceState)
@@ -37,7 +35,6 @@
}
-
@Override
protected void onResume() {
@@ -63,10 +60,13 @@
}
- //disabled for now 28/07 nf
- //prefWebProxy = ((PreferenceCategory)this.getPreferenceScreen().getPreference(1)).getPreference(0);
- //prefWebProxy.setOnPreferenceClickListener(this);
- }
+ prefHiddenServices = ((CheckBoxPreference)((PreferenceCategory)this.getPreferenceScreen().getPreference(4)).getPreference(0));
+ prefHiddenServices.setOnPreferenceClickListener(this);
+ ((PreferenceCategory)this.getPreferenceScreen().getPreference(4)).getPreference(1).setEnabled(prefHiddenServices.isChecked());
+ ((PreferenceCategory)this.getPreferenceScreen().getPreference(4)).getPreference(2).setEnabled(prefHiddenServices.isChecked());
+
+
+ };
@@ -89,18 +89,13 @@
{
startActivity(new Intent(this, AppManager.class));
}
- /*
- else if (preference == prefWebProxy)
+ else if (preference == prefHiddenServices)
{
- Intent intent = new Intent();
- intent.setClassName(this,"com.android.settings.ProxySelector");
- intent.putExtra("title", "Set host=127.0.0.1 and port=8118");
- intent.putExtra("button-label", "Save");
-
- startActivity(intent);
-
-
- }*/
+
+ ((PreferenceCategory)this.getPreferenceScreen().getPreference(4)).getPreference(1).setEnabled(prefHiddenServices.isChecked());
+ ((PreferenceCategory)this.getPreferenceScreen().getPreference(4)).getPreference(2).setEnabled(prefHiddenServices.isChecked());
+
+ }
else
{
prefcBTransProxyAll.setEnabled(prefCBTransProxy.isChecked());
Modified: projects/android/trunk/Orbot/src/org/torproject/android/service/TorBinaryInstaller.java
===================================================================
--- projects/android/trunk/Orbot/src/org/torproject/android/service/TorBinaryInstaller.java 2010-08-13 20:49:12 UTC (rev 22900)
+++ projects/android/trunk/Orbot/src/org/torproject/android/service/TorBinaryInstaller.java 2010-08-14 05:08:55 UTC (rev 22901)
@@ -37,11 +37,8 @@
boolean privoxyBinaryExists = new File(installPath + PRIVOXY_ASSET_KEY).exists();
Log.i(TAG,"Privoxy binary exists=" + privoxyBinaryExists);
-
- boolean iptablesBinaryExists = new File(installPath + IPTABLES_ASSET_KEY).exists();
- Log.i(TAG,"IPTables binary exists=" + iptablesBinaryExists);
-
- if (!(torBinaryExists && privoxyBinaryExists && iptablesBinaryExists) || force)
+
+ if (!(torBinaryExists && privoxyBinaryExists) || force)
installFromZip ();
}
@@ -72,10 +69,7 @@
zipen = zip.getEntry(ASSETS_BASE + PRIVOXYCONFIG_ASSET_KEY);
streamToFile(zip.getInputStream(zipen),installPath + PRIVOXYCONFIG_ASSET_KEY);
- zipen = zip.getEntry(ASSETS_BASE + IPTABLES_ASSET_KEY);
- streamToFile(zip.getInputStream(zipen),installPath + IPTABLES_ASSET_KEY);
-
zip.close();
Log.i(TAG,"SUCCESS: unzipped tor, privoxy, iptables binaries from apk");
Modified: projects/android/trunk/Orbot/src/org/torproject/android/service/TorService.java
===================================================================
--- projects/android/trunk/Orbot/src/org/torproject/android/service/TorService.java 2010-08-13 20:49:12 UTC (rev 22900)
+++ projects/android/trunk/Orbot/src/org/torproject/android/service/TorService.java 2010-08-14 05:08:55 UTC (rev 22901)
@@ -401,13 +401,11 @@
torBinaryPath = appHome + TOR_BINARY_ASSET_KEY;
privoxyPath = appHome + PRIVOXY_ASSET_KEY;
- String iptablesPath = appHome + IPTABLES_ASSET_KEY;
boolean torBinaryExists = new File(torBinaryPath).exists();
boolean privoxyBinaryExists = new File(privoxyPath).exists();
- boolean iptablesBinaryExists = new File(iptablesPath).exists();
-
- if (!(torBinaryExists && privoxyBinaryExists && iptablesBinaryExists))
+
+ if (!(torBinaryExists && privoxyBinaryExists))
{
killTorProcess ();
@@ -417,7 +415,7 @@
torBinaryExists = new File(torBinaryPath).exists();
privoxyBinaryExists = new File(privoxyPath).exists();
- if (torBinaryExists && privoxyBinaryExists && iptablesBinaryExists)
+ if (torBinaryExists && privoxyBinaryExists)
{
logNotice(getString(R.string.status_install_success));
@@ -439,9 +437,8 @@
{
logNotice("Found Tor binary: " + torBinaryPath);
- logNotice("Found privoxy binary: " + privoxyPath);
+ logNotice("Found Privoxy binary: " + privoxyPath);
- logNotice("Found iptables binary: " + iptablesPath);
}
@@ -455,9 +452,6 @@
String[] cmd2 = {SHELL_CMD_CHMOD + ' ' + CHMOD_EXE_VALUE + ' ' + privoxyPath};
TorServiceUtils.doShellCommand(cmd2, log, false, true);
- logNotice("(re)Setting permission on iptables binary");
- String[] cmd3 = {SHELL_CMD_CHMOD + ' ' + CHMOD_EXE_VALUE + ' ' + iptablesPath};
- TorServiceUtils.doShellCommand(cmd3, log, false, true);
return true;
}
@@ -947,8 +941,17 @@
{
//turn on
-
- return setupTransProxy(currentStatus == STATUS_ON);
+ try
+ {
+ setupTransProxy(currentStatus == STATUS_ON);
+ return true;
+ }
+ catch (Exception e)
+ {
+ Log.i(TAG, "error enabling transproxy",e);
+
+ return false;
+ }
}
public String getConfiguration (String name)
@@ -993,7 +996,19 @@
if (configBuffer == null)
configBuffer = new ArrayList<String>();
- configBuffer.add(name + ' ' + value);
+ if (value == null || value.length() == 0)
+ {
+ if (conn != null)
+ {
+ try {
+ conn.resetConf(Arrays.asList(new String[]{name}));
+ } catch (IOException e) {
+ Log.w(TAG, "Unable to reset conf",e);
+ }
+ }
+ }
+ else
+ configBuffer.add(name + ' ' + value);
return false;
}
@@ -1007,7 +1022,6 @@
if (configBuffer != null)
{
conn.setConf(configBuffer);
- //conn.saveConf();
configBuffer = null;
}
@@ -1083,6 +1097,8 @@
boolean ReachableAddresses = prefs.getBoolean(TorConstants.PREF_REACHABLE_ADDRESSES,false);
+ boolean enableHiddenServices = prefs.getBoolean("pref_hs_enable", false);
+
boolean enableTransparentProxy = prefs.getBoolean(TorConstants.PREF_TRANSPARENT, false);
@@ -1137,6 +1153,10 @@
mBinder.updateConfiguration("ReachableAddresses", ReachableAddressesPorts, false);
}
+ else
+ {
+ mBinder.updateConfiguration("ReachableAddresses", "", false);
+ }
}
catch (Exception e)
{
@@ -1155,6 +1175,12 @@
mBinder.updateConfiguration("ExitPolicy", "reject *:*", false);
}
+ else
+ {
+ mBinder.updateConfiguration("ORPort", "", false);
+ mBinder.updateConfiguration("Nickname", "", false);
+ mBinder.updateConfiguration("ExitPolicy", "", false);
+ }
}
catch (Exception e)
{
@@ -1163,12 +1189,41 @@
return;
}
+ if (enableHiddenServices)
+ {
+ mBinder.updateConfiguration("HiddenServiceDir","/data/data/org.torproject.android/", false);
+
+ String hsPorts = prefs.getString("pref_hs_ports","");
+
+ StringTokenizer st = new StringTokenizer (hsPorts,",");
+ String hsPortConfig = null;
+
+ while (st.hasMoreTokens())
+ {
+ hsPortConfig = st.nextToken();
+
+ if (hsPortConfig.indexOf(":")==-1) //setup the port to localhost if not specifed
+ {
+ hsPortConfig = hsPortConfig + " 127.0.0.1:" + hsPortConfig;
+ }
+
+ mBinder.updateConfiguration("HiddenServicePort",hsPortConfig, false);
+ }
+
+
+ }
+ else
+ {
+ mBinder.updateConfiguration("HiddenServiceDir","", false);
+
+ }
+
mBinder.saveConfiguration();
}
- private boolean setupTransProxy (boolean enabled)
+ private boolean setupTransProxy (boolean enabled) throws Exception
{
SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(getApplication());
@@ -1187,27 +1242,19 @@
if (hasRoot && enableTransparentProxy)
{
- try
- {
- TorTransProxy.setDNSProxying();
- boolean success = TorTransProxy.setTransparentProxyingByApp(this,AppManager.getApps(this),transProxyAll);
- logNotice ("TorTransProxy enabled: " + success);
+ //TorTransProxy.setDNSProxying();
+ int code = TorTransProxy.setTransparentProxyingByApp(this,AppManager.getApps(this),transProxyAll);
+
+ logNotice ("TorTransProxy resp code: " + code);
return true;
-
- } catch (Exception e) {
-
- logNotice("WARNING: Error configuring transparenty proxying: " + e.getMessage());
- Log.w(TAG, "error refreshing iptables: err=" + e.getMessage(), e);
-
- return false;
- }
+
}
else
{
- TorTransProxy.purgeIptables();
+ TorTransProxy.purgeIptables(this,AppManager.getApps(this));
}
}
@@ -1215,7 +1262,7 @@
{
if (hasRoot)
{
- TorTransProxy.purgeIptables();
+ TorTransProxy.purgeIptables(this,AppManager.getApps(this));
}
}
Modified: projects/android/trunk/Orbot/src/org/torproject/android/service/TorServiceConstants.java
===================================================================
--- projects/android/trunk/Orbot/src/org/torproject/android/service/TorServiceConstants.java 2010-08-13 20:49:12 UTC (rev 22900)
+++ projects/android/trunk/Orbot/src/org/torproject/android/service/TorServiceConstants.java 2010-08-14 05:08:55 UTC (rev 22901)
@@ -26,9 +26,6 @@
//privoxy.config
public final static String PRIVOXYCONFIG_ASSET_KEY = "privoxy.config";
-
- //iptables key
- public final static String IPTABLES_ASSET_KEY = "iptables";
//various console cmds
public final static String SHELL_CMD_CHMOD = "chmod";
Modified: projects/android/trunk/Orbot/src/org/torproject/android/service/TorTransProxy.java
===================================================================
--- projects/android/trunk/Orbot/src/org/torproject/android/service/TorTransProxy.java 2010-08-13 20:49:12 UTC (rev 22900)
+++ projects/android/trunk/Orbot/src/org/torproject/android/service/TorTransProxy.java 2010-08-14 05:08:55 UTC (rev 22901)
@@ -20,6 +20,7 @@
private final static String IPTABLES_ADD = " -A ";
+
//private final static String CMD_DNS_PROXYING_DELETE = "iptables -t nat -D PREROUTING -p udp --dport 53 -j DNAT --to 127.0.0.1:5400 || exit\n";
// - just calling a system wide flush of iptables rules
//private final static String IPTABLES_DELETE = " -D "; //not deleting manually anymore - just calling a system wide flush of iptables rules
@@ -51,6 +52,40 @@
return false;
}
+ /**
+ * Check if we have root access
+ * @return boolean true if we have root
+ */
+ public static String getIPTablesVersion() {
+
+
+ StringBuilder log = new StringBuilder();
+
+ try {
+
+ // Run an empty script just to check root access
+ String[] cmd = {"iptables -v"};
+ int exitCode = TorServiceUtils.doShellCommand(cmd, log, true, true);
+
+ String out = log.toString();
+ if (out.indexOf(" v")!=-1)
+ {
+
+ out = out.substring(out.indexOf(" v")+2);
+ out = out.substring(0,out.indexOf(":"));
+
+ return out;
+ }
+
+
+ } catch (Exception e) {
+ Log.w(TAG,"Error checking iptables version: " + e.getMessage() ,e);
+ }
+
+ Log.w(TAG, "Could not acquire check iptables: " + log.toString());
+ return null;
+ }
+
private static String findBaseDir ()
{
/*
@@ -72,10 +107,11 @@
return BASE_DIR;
}*/
- return "/system/bin/";
+ return "";
}
+ /*
public static int setDNSProxying () throws Exception
{
String baseDir = findBaseDir();
@@ -91,7 +127,7 @@
return code;
- }
+ }*/
/*
public static int setIptablesDropAll() {
@@ -109,6 +145,45 @@
}
*/
+ public static int purgeIptables(Context context, TorifiedApp[] apps) throws Exception {
+
+ String baseDir = findBaseDir();
+
+
+ final StringBuilder script = new StringBuilder();
+
+ StringBuilder res = new StringBuilder();
+ int code = -1;
+
+ for (int i = 0; i < apps.length; i++)
+ {
+
+ //flush nat for every app
+ script.append(baseDir);
+ script.append("iptables -t nat -m owner --uid-owner ");
+ script.append(apps[i].getUid());
+ script.append(" -F || exit\n");
+ script.append("iptables -t filter -m owner --uid-owner ");
+ script.append(apps[i].getUid());
+ script.append(" -F || exit\n");
+
+ }
+
+
+ String[] cmd = {script.toString()};
+ Log.i(TAG, cmd[0]);
+
+ code = TorServiceUtils.doShellCommand(cmd, res, true, true);
+
+ String msg = res.toString();
+ Log.i(TAG, msg);
+
+
+ return code;
+
+ }
+
+ /*
public static boolean purgeIptables() {
String baseDir = findBaseDir();
@@ -129,96 +204,121 @@
Log.w(TAG,"error purging iptables: " + e);
return false;
}
- }
+ }*/
- public static boolean setTransparentProxyingByApp(Context context, TorifiedApp[] apps, boolean forceAll) throws Exception
+ public static int setTransparentProxyingByApp(Context context, TorifiedApp[] apps, boolean forceAll) throws Exception
{
String baseDir = findBaseDir();
- String command = null;
+ String iptablesVersion = getIPTablesVersion();
+ Log.i(TAG, "iptables version: " + iptablesVersion);
- command = IPTABLES_ADD; //ADD
+ boolean ipTablesOld = false;
+ if (iptablesVersion != null && iptablesVersion.startsWith("1.3")){
+ ipTablesOld = true;
+ }
- final StringBuilder script = new StringBuilder();
+ StringBuilder script = new StringBuilder();
- //first we have to flush old settings
- script.append(baseDir);
- script.append(CMD_NAT_FLUSH);
- script.append(" || exit\n");
-
- script.append(baseDir);
- script.append(CMD_FILTER_FLUSH);
- script.append(" || exit\n");
-
StringBuilder res = new StringBuilder();
int code = -1;
- for (int i = 0; i < apps.length; i++)
+ for (int i = 0; i < apps.length; i++)
+ {
+
+ //flush nat for every app
+ script.append(baseDir);
+ script.append("iptables -t nat -m owner --uid-owner ");
+ script.append(apps[i].getUid());
+ script.append(" -F || exit\n");
+ script.append("iptables -t filter -m owner --uid-owner ");
+ script.append(apps[i].getUid());
+ script.append(" -F || exit\n");
+
+ }
+
+ String[] cmdFlush = {script.toString()};
+ Log.i(TAG, cmdFlush[0]);
+
+ code = TorServiceUtils.doShellCommand(cmdFlush, res, true, true);
+
+ String msg = res.toString();
+ Log.i(TAG, msg);
+
+ script = new StringBuilder();
+
+ for (int i = 0; i < apps.length; i++)
+ {
+
+ if (forceAll || apps[i].isTorified())
{
- if (forceAll || apps[i].isTorified())
+
+ if (apps[i].getUsername().equals(TorServiceConstants.TOR_APP_USERNAME))
{
+ Log.i(TAG,"detected Orbot app - will not transproxy");
- if (apps[i].getUsername().equals(TorServiceConstants.TOR_APP_USERNAME))
- {
- Log.i(TAG,"detected Orbot app - will not transproxy");
-
- continue;
- }
-
- Log.i(TAG,"enabling transproxy for app: " + apps[i].getUsername() + "(" + apps[i].getUid() + ")");
-
-
-
- //TCP
+ continue;
+ }
+
+ Log.i(TAG,"enabling transproxy for app: " + apps[i].getUsername() + "(" + apps[i].getUid() + ")");
+
+
+ //TCP
+ script.append(baseDir);
+ script.append("iptables -t nat");
+ script.append(" -A OUTPUT -p tcp --syn");
+ script.append(" -m owner --uid-owner ");
+ script.append(apps[i].getUid());
+ script.append(" -m tcp ");
+
+ if (ipTablesOld)
+ script.append(" -j DNAT --to 127.0.0.1:9040");
+ else
+ script.append(" -j REDIRECT --to-ports 9040");
+
+ script.append(" || exit\n");
+
+ //DNS
+ script.append(baseDir);
+ script.append("iptables -t nat");
+ script.append(" -A OUTPUT -p udp -m owner --uid-owner ");
+ script.append(apps[i].getUid());
+ script.append(" -m udp --dport 53");
+
+ if (ipTablesOld)
+ script.append(" -j DNAT --to 127.0.0.1:5400");
+ else
+ script.append(" -j REDIRECT --to-ports 5400");
+
+ script.append(" || exit\n");
+
+ //EVERYTHING ELSE UDP - DROP!
+ if (!ipTablesOld) //for some reason this doesn't work on iptables 1.3.7
+ {
script.append(baseDir);
- script.append("iptables -t nat");
- script.append(" -A OUTPUT -p tcp -m owner --uid-owner ");
- script.append(apps[i].getUid());
- // script.append(" -j DNAT --to 127.0.0.1:9040");
- script.append(" -m tcp --syn -j REDIRECT --to-ports 9040");
- script.append(" || exit\n");
-
- //UDP
- script.append(baseDir);
- script.append("iptables -t nat");
+ script.append("iptables");
script.append(" -A OUTPUT -p udp -m owner --uid-owner ");
script.append(apps[i].getUid());
- script.append(" --dport 53 -j REDIRECT --to-ports 5400"); //drop all UDP packets as Tor won't handle them
- script.append(" || exit\n");
-
- /*
- script.append(baseDir);
- script.append("iptables -t nat");
- script.append(" -A OUTPUT -m owner --uid-owner ");
- script.append(apps[i].getUid());
script.append(" -j DROP"); //drop all other packets as Tor won't handle them
script.append(" || exit\n");
- */
-
-
- /*
- * iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner anonymous -m tcp -j REDIRECT --to-ports 9040
-iptables -t nat -A OUTPUT -p udp -m owner --uid-owner anonymous -m udp --dport 53 -j REDIRECT --to-ports 53
-iptables -t filter -A OUTPUT -p tcp -m owner --uid-owner anonymous -m tcp --dport 9040 -j ACCEPT
-iptables -t filter -A OUTPUT -p udp -m owner --uid-owner anonymous -m udp --dport 53 -j ACCEPT
-iptables -t filter -A OUTPUT -m owner --uid-owner anonymous -j DROP
-
- */
- }
- }
+ }
+
+
+ }
+ }
+
+
+ String[] cmdAdd = {script.toString()};
+ Log.i(TAG, cmdAdd[0]);
+
+ code = TorServiceUtils.doShellCommand(cmdAdd, res, true, true);
+
+ msg = res.toString();
+ Log.i(TAG, msg);
-
- String[] cmd = {script.toString()};
- Log.i(TAG, cmd[0]);
-
- code = TorServiceUtils.doShellCommand(cmd, res, true, true);
-
- String msg = res.toString();
- Log.i(TAG, msg);
-
- return false;
+ return code;
}
More information about the tor-commits
mailing list