[tor-commits] [orbot/master] fix xtables installation and permission setting
n8fr8 at torproject.org
n8fr8 at torproject.org
Wed Jan 15 05:35:11 UTC 2014
commit f538930b7cacf3b08b61a2f96ae4090a4b963bf4
Author: Nathan Freitas <nathan at freitas.net>
Date: Tue Jan 14 23:57:20 2014 -0500
fix xtables installation and permission setting
more fixes for running from sdcard
---
.../android/service/TorBinaryInstaller.java | 255 --------------------
src/org/torproject/android/service/TorService.java | 79 +++---
.../torproject/android/service/TorTransProxy.java | 8 +-
3 files changed, 54 insertions(+), 288 deletions(-)
diff --git a/src/org/torproject/android/service/TorBinaryInstaller.java b/src/org/torproject/android/service/TorBinaryInstaller.java
deleted file mode 100644
index 3ff0a38..0000000
--- a/src/org/torproject/android/service/TorBinaryInstaller.java
+++ /dev/null
@@ -1,255 +0,0 @@
-/* Copyright (c) 2009, Nathan Freitas, Orbot / The Guardian Project - http://openideals.com/guardian */
-/* See LICENSE for licensing information */
-
-package org.torproject.android.service;
-
-import java.io.BufferedReader;
-import java.io.DataInputStream;
-import java.io.DataOutputStream;
-import java.io.File;
-import java.io.FileNotFoundException;
-import java.io.FileOutputStream;
-import java.io.FileReader;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.zip.ZipEntry;
-import java.util.zip.ZipInputStream;
-
-import org.torproject.android.R;
-import org.torproject.android.TorConstants;
-
-import android.content.Context;
-import android.util.Log;
-
-public class TorBinaryInstaller implements TorServiceConstants {
-
-
- File installFolder;
- Context context;
-
- private static int isARMv6 = -1;
- private static String CHMOD_EXEC = "700";
-
- public TorBinaryInstaller (Context context, File installFolder)
- {
- this.installFolder = installFolder;
-
- this.context = context;
- }
-
- //
- /*
- * Extract the Tor binary from the APK file using ZIP
- */
- public boolean installResources () throws IOException, FileNotFoundException
- {
-
- InputStream is;
- File outFile;
-
- is = context.getResources().openRawResource(R.raw.torrc);
- outFile = new File(installFolder, TORRC_ASSET_KEY);
- streamToFile(is,outFile, false, false);
-
- is = context.getResources().openRawResource(R.raw.torrctether);
- outFile = new File(installFolder, TORRC_TETHER_KEY);
- streamToFile(is, outFile, false, false);
-
- is = context.getResources().openRawResource(R.raw.privoxy_config);
- outFile = new File(installFolder, PRIVOXYCONFIG_ASSET_KEY);
- streamToFile(is,outFile, false, false);
-
- return true;
- }
-
- /*
- * Extract the Tor binary from the APK file using ZIP
- */
-
- public boolean installGeoIP () throws IOException, FileNotFoundException
- {
-
- InputStream is;
- File outFile;
-
- is = context.getResources().openRawResource(R.raw.geoip);
- outFile = new File(installFolder, GEOIP_ASSET_KEY);
- streamToFile(is, outFile, false, true);
-
- is = context.getResources().openRawResource(R.raw.geoip6);
- outFile = new File(installFolder, GEOIP6_ASSET_KEY);
- streamToFile(is, outFile, false, true);
-
- return true;
- }
-
- /*
- private static void copyAssetFile(Context ctx, String asset, File file) throws IOException, InterruptedException
- {
-
- DataOutputStream out = new DataOutputStream(new FileOutputStream(file));
- InputStream is = new GZIPInputStream(ctx.getAssets().open(asset));
-
- byte buf[] = new byte[8172];
- int len;
- while ((len = is.read(buf)) > 0) {
- out.write(buf, 0, len);
- }
- out.close();
- is.close();
- }*/
-
- /*
- * Write the inputstream contents to the file
- */
- private static boolean streamToFile(InputStream stm, File outFile, boolean append, boolean zip) throws IOException
-
- {
- byte[] buffer = new byte[FILE_WRITE_BUFFER_SIZE];
-
- int bytecount;
-
-
- OutputStream stmOut = new FileOutputStream(outFile, append);
- ZipInputStream zis = null;
-
- if (zip)
- {
- zis = new ZipInputStream(stm);
- ZipEntry ze = zis.getNextEntry();
- stm = zis;
-
- }
-
- while ((bytecount = stm.read(buffer)) > 0)
- {
-
- stmOut.write(buffer, 0, bytecount);
-
- }
-
- stmOut.close();
- stm.close();
-
- if (zis != null)
- zis.close();
-
-
- return true;
-
- }
-
- //copy the file from inputstream to File output - alternative impl
- public void copyFile (InputStream is, File outputFile)
- {
-
- try {
- outputFile.createNewFile();
- DataOutputStream out = new DataOutputStream(new FileOutputStream(outputFile));
- DataInputStream in = new DataInputStream(is);
-
- int b = -1;
- byte[] data = new byte[1024];
-
- while ((b = in.read(data)) != -1) {
- out.write(data);
- }
-
- if (b == -1); //rejoice
-
- //
- out.flush();
- out.close();
- in.close();
- // chmod?
-
-
-
- } catch (IOException ex) {
- Log.e(TorConstants.TAG, "error copying binary", ex);
- }
-
- }
-
-
-
- /**
- * Check if this is an ARMv6 device
- * @return true if this is ARMv6
- */
- private static boolean isARMv6() {
- if (isARMv6 == -1) {
- BufferedReader r = null;
- try {
- isARMv6 = 0;
- r = new BufferedReader(new FileReader("/proc/cpuinfo"));
- for (String line = r.readLine(); line != null; line = r.readLine()) {
- if (line.startsWith("Processor") && line.contains("ARMv6")) {
- isARMv6 = 1;
- break;
- } else if (line.startsWith("CPU architecture") && (line.contains("6TE") || line.contains("5TE"))) {
- isARMv6 = 1;
- break;
- }
- }
- } catch (Exception ex) {
- } finally {
- if (r != null) try {r.close();} catch (Exception ex) {}
- }
- }
- return (isARMv6 == 1);
- }
-
- /**
- * Copies a raw resource file, given its ID to the given location
- * @param ctx context
- * @param resid resource id
- * @param file destination file
- * @param mode file permissions (E.g.: "755")
- * @throws IOException on error
- * @throws InterruptedException when interrupted
- */
- private static void copyRawFile(Context ctx, int resid, File file, String mode, boolean isZipd) throws IOException, InterruptedException
- {
- final String abspath = file.getAbsolutePath();
- // Write the iptables binary
- final FileOutputStream out = new FileOutputStream(file);
- InputStream is = ctx.getResources().openRawResource(resid);
-
- if (isZipd)
- {
- ZipInputStream zis = new ZipInputStream(is);
- ZipEntry ze = zis.getNextEntry();
- is = zis;
- }
-
- byte buf[] = new byte[1024];
- int len;
- while ((len = is.read(buf)) > 0) {
- out.write(buf, 0, len);
- }
- out.close();
- is.close();
- // Change the permissions
- Runtime.getRuntime().exec("chmod "+mode+" "+abspath).waitFor();
- }
- /**
- * Asserts that the binary files are installed in the bin directory.
- * @param ctx context
- * @param showErrors indicates if errors should be alerted
- * @return false if the binary files could not be installed
- */
- /*
- public static boolean assertIpTablesBinaries(Context ctx, boolean showErrors) throws Exception {
- boolean changed = false;
-
- // Check iptables_g1
- File file = new File(ctx.getDir("bin",0), "iptables");
- copyRawFile(ctx, R.raw.iptables, file, CHMOD_EXEC, false);
-
- return true;
- }*/
-
-
-}
diff --git a/src/org/torproject/android/service/TorService.java b/src/org/torproject/android/service/TorService.java
index 40976aa..345737c 100644
--- a/src/org/torproject/android/service/TorService.java
+++ b/src/org/torproject/android/service/TorService.java
@@ -87,6 +87,8 @@ public class TorService extends Service implements TorServiceConstants, TorConst
private File filePrivoxy;
private File fileObfsProxy;
+ private File fileXtables;
+
private File fileTorRc;
private TorTransProxy mTransProxy;
@@ -389,30 +391,6 @@ public class TorService extends Service implements TorServiceConstants, TorConst
}
-
- /*
- public void reloadConfig ()
- {
- try
- {
- if (conn == null)
- {
- initControlConnection ();
- }
-
- if (conn != null)
- {
- conn.signal("RELOAD");
- }
- }
- catch (Exception e)
- {
- Log.d(TAG,"Unable to reload configuration",e);
- }
- }*/
-
-
-
private String getHiddenServiceHostname ()
{
@@ -467,16 +445,27 @@ public class TorService extends Service implements TorServiceConstants, TorConst
if (!fileTorLink.exists()||(fileTorOrig.length()!=fileTorLink.length()))
{
- String[] cmd = { SHELL_CMD_CP + ' ' + fileTorOrig.getAbsolutePath() + ' ' + fileTorLink.getAbsolutePath() };
+ log = new StringBuilder();
+ String[] cmd = { SHELL_CMD_RM + ' ' + fileTorLink.getAbsolutePath() };
errCode = TorServiceUtils.doShellCommand(cmd,log, false, true);
logNotice("link CP err=" + errCode + " out: " + log.toString());
+
+ log = new StringBuilder();
+ String[] cmd1 = { SHELL_CMD_CP + ' ' + fileTorOrig.getAbsolutePath() + ' ' + fileTorLink.getAbsolutePath() };
+ errCode = TorServiceUtils.doShellCommand(cmd1,log, false, true);
+ logNotice("link CP err=" + errCode + " out: " + log.toString());
}
enableBinExec(fileTorLink);
- log = new StringBuilder();
File filePrivoxyLink = new File(appBinHome,"privoxy");
if (!filePrivoxyLink.exists()||(filePrivoxy.length()!=filePrivoxyLink.length()))
{
+ log = new StringBuilder();
+ String[] cmd = { SHELL_CMD_RM + ' ' + filePrivoxyLink.getAbsolutePath() };
+ errCode = TorServiceUtils.doShellCommand(cmd,log, false, true);
+ logNotice("link CP err=" + errCode + " out: " + log.toString());
+
+ log = new StringBuilder();
String[] cmd1 = { SHELL_CMD_CP + ' ' + filePrivoxy.getAbsolutePath() + ' ' + filePrivoxyLink.getAbsolutePath() };
errCode = TorServiceUtils.doShellCommand(cmd1,log, false, true);
logNotice("link CP err=" + errCode + " out: " + log.toString());
@@ -484,10 +473,17 @@ public class TorService extends Service implements TorServiceConstants, TorConst
filePrivoxy = filePrivoxyLink;
enableBinExec(filePrivoxy);
- log = new StringBuilder();
File fileObfsProxyLink = new File(appBinHome,"obfsproxy");
if (!fileObfsProxyLink.exists()||(fileObfsProxy.length()!=fileObfsProxyLink.length()))
{
+
+ log = new StringBuilder();
+ String[] cmd1 = { SHELL_CMD_RM + ' ' + fileObfsProxyLink.getAbsolutePath() };
+ errCode = TorServiceUtils.doShellCommand(cmd1,log, false, true);
+ logNotice("link CP err=" + errCode + " out: " + log.toString());
+
+
+ log = new StringBuilder();
String[] cmd2 = { SHELL_CMD_CP + ' ' + fileObfsProxy.getAbsolutePath() + ' ' + fileObfsProxyLink.getAbsolutePath() };
errCode = TorServiceUtils.doShellCommand(cmd2,log, false, true);
logNotice("link CP err=" + errCode + " out: " + log.toString());
@@ -495,6 +491,23 @@ public class TorService extends Service implements TorServiceConstants, TorConst
fileObfsProxy = fileObfsProxyLink;
enableBinExec(fileObfsProxy);
+
+ File fileXtablesLink = new File(appBinHome,"xtables");
+ if (!fileXtablesLink.exists()||(fileXtables.length()!=fileXtablesLink.length()))
+ {
+ log = new StringBuilder();
+ String[] cmd1 = { SHELL_CMD_RM + ' ' + fileXtablesLink.getAbsolutePath() };
+ errCode = TorServiceUtils.doShellCommand(cmd1,log, false, true);
+ logNotice("link CP err=" + errCode + " out: " + log.toString());
+
+ log = new StringBuilder();
+ String[] cmd2 = { SHELL_CMD_CP + ' ' + fileXtables.getAbsolutePath() + ' ' + fileXtablesLink.getAbsolutePath() };
+ errCode = TorServiceUtils.doShellCommand(cmd2,log, false, true);
+ logNotice("link CP err=" + errCode + " out: " + log.toString());
+ }
+ fileXtables = fileXtablesLink;
+ enableBinExec(fileXtables);
+
}
else
{
@@ -517,6 +530,7 @@ public class TorService extends Service implements TorServiceConstants, TorConst
enableBinExec(filePrivoxy);
enableBinExec(fileObfsProxy);
+ enableBinExec(fileXtables);
}
@@ -643,11 +657,15 @@ public class TorService extends Service implements TorServiceConstants, TorConst
if (!fileTorRc.exists())
{
- TorBinaryInstaller installer = new TorBinaryInstaller(this, appBinHome);
+ TorResourceInstaller installer = new TorResourceInstaller(this, appBinHome);
boolean success = installer.installResources();
}
+ fileXtables = new File(appLibsHome, IPTABLES_BINARY_ASSET_KEY);
+ if (fileXtables.exists())
+ logNotice("Xtables binary exists: " + fileXtables.getAbsolutePath());
+
initTorPathLinkAndPerms();
}
@@ -717,7 +735,10 @@ public class TorService extends Service implements TorServiceConstants, TorConst
{
if (mTransProxy == null)
+ {
mTransProxy = new TorTransProxy(this);
+ mTransProxy.setXTables(fileXtables);
+ }
logMessage ("Transparent Proxying: enabling...");
@@ -1697,7 +1718,7 @@ public class TorService extends Service implements TorServiceConstants, TorConst
{
if ((!fileGeoIP.exists()))
{
- TorBinaryInstaller installer = new TorBinaryInstaller(this, appBinHome);
+ TorResourceInstaller installer = new TorResourceInstaller(this, appBinHome);
boolean success = installer.installGeoIP();
}
diff --git a/src/org/torproject/android/service/TorTransProxy.java b/src/org/torproject/android/service/TorTransProxy.java
index 7760d92..04400ac 100644
--- a/src/org/torproject/android/service/TorTransProxy.java
+++ b/src/org/torproject/android/service/TorTransProxy.java
@@ -16,14 +16,16 @@ public class TorTransProxy implements TorServiceConstants {
private boolean useSystemIpTables = false;
private String mSysIptables = null;
private TorService mTorService = null;
+ private File mFileXtables = null;
public TorTransProxy (TorService torService)
{
mTorService = torService;
}
- public TorTransProxy ()
+ public void setXTables (File fileXTables)
{
+ mFileXtables = fileXTables;
}
public String getIpTablesPath (Context context)
@@ -41,9 +43,7 @@ public class TorTransProxy implements TorServiceConstants {
}
else
{
- //use the bundled version
- File appLibsHome = new File(context.getApplicationInfo().nativeLibraryDir);
- ipTablesPath = new File(appLibsHome,IPTABLES_BINARY_ASSET_KEY).getAbsolutePath();
+ ipTablesPath = mFileXtables.getAbsolutePath();
ipTablesPath += " iptables"; //append subcommand since we are using xtables now
}
More information about the tor-commits
mailing list