Author: n8fr8 Date: 2011-04-15 16:37:33 +0000 (Fri, 15 Apr 2011) New Revision: 24627
Modified: projects/android/trunk/Orbot/src/org/torproject/android/service/TorBinaryInstaller.java projects/android/trunk/Orbot/src/org/torproject/android/service/TorService.java projects/android/trunk/Orbot/src/org/torproject/android/service/TorServiceConstants.java projects/android/trunk/Orbot/src/org/torproject/android/service/TorServiceUtils.java projects/android/trunk/Orbot/src/org/torproject/android/service/TorTransProxy.java Log: update to service with new transproxy/iptables code
Modified: projects/android/trunk/Orbot/src/org/torproject/android/service/TorBinaryInstaller.java =================================================================== --- projects/android/trunk/Orbot/src/org/torproject/android/service/TorBinaryInstaller.java 2011-04-15 16:36:36 UTC (rev 24626) +++ projects/android/trunk/Orbot/src/org/torproject/android/service/TorBinaryInstaller.java 2011-04-15 16:37:33 UTC (rev 24627) @@ -12,18 +12,23 @@ import java.util.zip.ZipEntry; import java.util.zip.ZipFile;
+import org.torproject.android.R; + +import android.content.Context; import android.util.Log;
public class TorBinaryInstaller implements TorServiceConstants {
- String installPath = null; - String apkPath = null; + String installPath; + String apkPath; + Context context; - public TorBinaryInstaller (String installPath, String apkPath) + public TorBinaryInstaller (Context context, String installPath, String apkPath) { this.installPath = installPath; this.apkPath = apkPath; + this.context = context; } /* @@ -39,13 +44,42 @@ Log.d(TAG,"Privoxy binary exists=" + privoxyBinaryExists); if (!(torBinaryExists && privoxyBinaryExists) || force) - installFromZip (); + installFromRaw (); + + } + // /* * Extract the Tor binary from the APK file using ZIP */ + private void installFromRaw () + { + + + InputStream is = context.getResources().openRawResource(R.raw.tor); + streamToFile(is,installPath + TOR_BINARY_ASSET_KEY); + + + is = context.getResources().openRawResource(R.raw.torrc); + streamToFile(is,installPath + TORRC_ASSET_KEY); + + is = context.getResources().openRawResource(R.raw.privoxy); + streamToFile(is,installPath + PRIVOXY_ASSET_KEY); + + is = context.getResources().openRawResource(R.raw.privoxy_config); + streamToFile(is,installPath + PRIVOXYCONFIG_ASSET_KEY); + + + + Log.d(TAG,"SUCCESS: installed tor, privoxy binaries from raw"); + + + } + /* + * Extract the Tor binary from the APK file using ZIP + */ private void installFromZip () {
Modified: projects/android/trunk/Orbot/src/org/torproject/android/service/TorService.java =================================================================== --- projects/android/trunk/Orbot/src/org/torproject/android/service/TorService.java 2011-04-15 16:36:36 UTC (rev 24626) +++ projects/android/trunk/Orbot/src/org/torproject/android/service/TorService.java 2011-04-15 16:37:33 UTC (rev 24627) @@ -52,12 +52,16 @@ private static final int MAX_START_TRIES = 3;
private ArrayList<String> configBuffer = null; - + private ArrayList<String> resetBuffer = null; +
- private String appHome = "/data/data/" + TOR_APP_USERNAME + "/";; - private String torBinaryPath = appHome + TOR_BINARY_ASSET_KEY; - private String privoxyPath = appHome + PRIVOXY_ASSET_KEY; + private String appHome; + private String appBinHome; + private String appDataHome;
+ private String torBinaryPath; + private String privoxyPath; + private boolean hasRoot = false;
@@ -323,7 +327,8 @@ String[] cmd = { SHELL_CMD_KILL + ' ' + procId + "" }; TorServiceUtils.doShellCommand(cmd,log, false, false); - + try { Thread.sleep(500); } + catch (Exception e){} }
while ((procId = TorServiceUtils.findProcessId(privoxyPath)) != -1) @@ -333,7 +338,8 @@ String[] cmd = { SHELL_CMD_KILL + ' ' + procId + "" };
TorServiceUtils.doShellCommand(cmd,log, false, false); - + try { Thread.sleep(500); } + catch (Exception e){} } } @@ -349,6 +355,7 @@ } }
+ /* private String findAPK () { @@ -428,39 +435,29 @@ return null; - } + }*/
+ private boolean checkTorBinaries () throws Exception { + //android.os.Debug.waitForDebugger(); - appHome = "/data/data/" + TOR_APP_USERNAME + "/"; - //appHome = getApplicationContext().getFilesDir().getAbsolutePath(); + //check and install iptables + Api.assertBinaries(this, true); + File fileInstall = getDir("",0); + String subBinPath = "bin/"; + + appHome = fileInstall.getAbsolutePath(); + appBinHome = appHome + subBinPath; + appDataHome = getCacheDir().getAbsolutePath() + '/'; logNotice( "appHome=" + appHome); - torBinaryPath = appHome + TOR_BINARY_ASSET_KEY; - privoxyPath = appHome + PRIVOXY_ASSET_KEY; + + torBinaryPath = appBinHome + TOR_BINARY_ASSET_KEY; + privoxyPath = appBinHome + PRIVOXY_ASSET_KEY; logNotice( "checking Tor binaries"); - - String apkPath = findAPK(); - - if (apkPath == null) - throw new Exception ("Unable to locate Orbot binary APK file"); - - logNotice( "found apk at: " + apkPath); - - boolean apkExists = new File(apkPath).exists(); - - if (!apkExists) - { - Log.w(TAG,"APK file not found at: " + apkPath); - Log.w(TAG,"Binary installation aborted"); - logNotice(getString(R.string.status_install_fail)); - sendCallbackStatusMessage(getString(R.string.status_install_fail)); - return false; - } - - + boolean torBinaryExists = new File(torBinaryPath).exists(); boolean privoxyBinaryExists = new File(privoxyPath).exists(); @@ -468,7 +465,7 @@ { killTorProcess (); - TorBinaryInstaller installer = new TorBinaryInstaller(appHome, apkPath); + TorBinaryInstaller installer = new TorBinaryInstaller(this, appBinHome, appBinHome); installer.start(true); torBinaryExists = new File(torBinaryPath).exists(); @@ -552,12 +549,11 @@ private void runTorShellCmd() throws Exception { - StringBuilder log = new StringBuilder(); - String torrcPath = appHome + TORRC_ASSET_KEY; + String torrcPath = appBinHome + TORRC_ASSET_KEY; - String[] torCmd = {torBinaryPath + " -f " + torrcPath + " || exit\n"}; + String[] torCmd = {torBinaryPath + " DataDirectory " + appDataHome + " -f " + torrcPath + " || exit\n"}; boolean runAsRootFalse = false; boolean waitForProcess = false; @@ -623,7 +619,7 @@ { log = new StringBuilder(); - String privoxyConfigPath = appHome + PRIVOXYCONFIG_ASSET_KEY; + String privoxyConfigPath = appBinHome + PRIVOXYCONFIG_ASSET_KEY; String[] cmds = { privoxyPath + " " + privoxyConfigPath + " &" }; @@ -680,28 +676,32 @@ torConnSocket = new Socket(IP_LOCALHOST, TOR_CONTROL_PORT); conn = TorControlConnection.getConnection(torConnSocket); + // conn.authenticate(new byte[0]); // See section 3.2 sendCallbackStatusMessage(getString(R.string.tor_process_connecting_step2));
logNotice( "SUCCESS connected to control port"); - String torAuthCookie = appHome + "data/control_auth_cookie"; + String torAuthCookie = appDataHome + TOR_CONTROL_COOKIE; File fileCookie = new File(torAuthCookie); - byte[] cookie = new byte[(int)fileCookie.length()]; - new FileInputStream(new File(torAuthCookie)).read(cookie); - conn.authenticate(cookie); - - logNotice( "SUCCESS authenticated to control port"); - sendCallbackStatusMessage(getString(R.string.tor_process_connecting_step2) + getString(R.string.tor_process_connecting_step3)); - - addEventHandler(); + if (fileCookie.exists()) + { + byte[] cookie = new byte[(int)fileCookie.length()]; + new FileInputStream(new File(torAuthCookie)).read(cookie); + conn.authenticate(cookie); + + logNotice( "SUCCESS authenticated to control port"); + + sendCallbackStatusMessage(getString(R.string.tor_process_connecting_step2) + getString(R.string.tor_process_connecting_step3)); + + addEventHandler(); + + applyPreferences(); + } - applyPreferences(); - - break; //don't need to retry } catch (Exception ce) @@ -712,8 +712,7 @@ sendCallbackStatusMessage(getString(R.string.tor_process_connecting_step4));
Thread.sleep(1000); - - + } } @@ -1052,9 +1051,14 @@ { if (configBuffer == null) configBuffer = new ArrayList<String>(); - + + if (resetBuffer == null) + resetBuffer = new ArrayList<String>(); + if (value == null || value.length() == 0) { + + /* if (conn != null) { try { @@ -1063,6 +1067,9 @@ Log.w(TAG, "Unable to reset conf",e); } } + */ + + resetBuffer.add(name); } else configBuffer.add(name + ' ' + value); @@ -1076,8 +1083,16 @@ { if (conn != null) { - if (configBuffer != null) + if (resetBuffer != null && resetBuffer.size() > 0) + { + conn.resetConf(resetBuffer); + resetBuffer = null; + } + + + if (configBuffer != null && configBuffer.size() > 0) { + conn.setConf(configBuffer); configBuffer = null; } @@ -1378,14 +1393,14 @@ } else { - TorTransProxy.purgeIptables(this,AppManager.getApps(this)); + TorTransProxy.purgeIptables(this); } } } else if (hasRoot) { - TorTransProxy.purgeIptables(this,AppManager.getApps(this)); + TorTransProxy.purgeIptables(this); } return true;
Modified: projects/android/trunk/Orbot/src/org/torproject/android/service/TorServiceConstants.java =================================================================== --- projects/android/trunk/Orbot/src/org/torproject/android/service/TorServiceConstants.java 2011-04-15 16:36:36 UTC (rev 24626) +++ projects/android/trunk/Orbot/src/org/torproject/android/service/TorServiceConstants.java 2011-04-15 16:37:33 UTC (rev 24627) @@ -19,7 +19,8 @@ //torrc (tor config file) public final static String TORRC_ASSET_KEY = "torrc"; - + public final static String TOR_CONTROL_COOKIE = "control_auth_cookie"; + //how to launch tor // public final static String TOR_COMMAND_LINE_ARGS = "-f " + TORRC_INSTALL_PATH + " || exit\n"; @@ -39,8 +40,8 @@ public final static String CHMOD_EXE_VALUE = "777"; //path of the installed APK file - public final static String APK_PATH = "/data/app/org.torproject.android.apk"; - public final static String APK_PATH_BASE = "/data/app"; + //public final static String APK_PATH = "/data/app/org.torproject.android.apk"; + //public final static String APK_PATH_BASE = "/data/app";
Modified: projects/android/trunk/Orbot/src/org/torproject/android/service/TorServiceUtils.java =================================================================== --- projects/android/trunk/Orbot/src/org/torproject/android/service/TorServiceUtils.java 2011-04-15 16:36:36 UTC (rev 24626) +++ projects/android/trunk/Orbot/src/org/torproject/android/service/TorServiceUtils.java 2011-04-15 16:37:33 UTC (rev 24627) @@ -165,7 +165,6 @@ else proc = Runtime.getRuntime().exec("sh"); - OutputStreamWriter out = new OutputStreamWriter(proc.getOutputStream());
for (int i = 0; i < cmds.length; i++) @@ -181,8 +180,6 @@ if (waitFor) { - - final char buf[] = new char[10]; // Consume the "stdout"
Modified: projects/android/trunk/Orbot/src/org/torproject/android/service/TorTransProxy.java =================================================================== --- projects/android/trunk/Orbot/src/org/torproject/android/service/TorTransProxy.java 2011-04-15 16:36:36 UTC (rev 24626) +++ projects/android/trunk/Orbot/src/org/torproject/android/service/TorTransProxy.java 2011-04-15 16:37:33 UTC (rev 24627) @@ -1,5 +1,7 @@ package org.torproject.android.service;
+import java.io.File; + import org.torproject.android.TorifiedApp;
import android.content.Context; @@ -21,6 +23,7 @@ * Check if we have root access * @return boolean true if we have root */ + /* public static String getIPTablesVersion() {
@@ -52,43 +55,42 @@ logNotice("Could not acquire check iptables: " + log.toString()); return null; - } + }*/ - - private static String findBaseDir () - { - - return ""; //just blank for now - /* - String[] cmds = {"/system/bin/iptables -t nat --list"}; + public static int purgeIptables(Context context) throws Exception { + + String ipTablesPath = new File(context.getDir("bin", 0),"iptables_n1").getAbsolutePath(); + + final StringBuilder script = new StringBuilder(); + StringBuilder res = new StringBuilder(); + int code = -1; +
- int code; - try { - code = TorServiceUtils.doShellCommand(cmds, res, true, true); + script.append(ipTablesPath); + script.append(" -t nat"); + script.append(" -F || exit\n"); + script.append(ipTablesPath); + script.append(" -t filter"); + script.append(" -F || exit\n"); + + String[] cmd = {script.toString()}; + code = TorServiceUtils.doShellCommand(cmd, res, true, true); + String msg = res.toString(); + logNotice(cmd[0] + ";errCode=" + code + ";resp=" + msg); + - if (code != 0) { - return BASE_DIR; - } - else - return "/system/bin/"; - - } catch (Exception e) { - return BASE_DIR; - } - - return ""; - - */ + return code; + } + /* + public static int purgeIptablesByApp(Context context, TorifiedApp[] apps) throws Exception {
- public static int purgeIptables(Context context, TorifiedApp[] apps) throws Exception { - //restoreDNSResolvConf(); //not working yet - String baseDir = findBaseDir(); + String ipTablesPath = new File(context.getDir("bin", 0),"iptables_n1").getAbsolutePath(); final StringBuilder script = new StringBuilder(); @@ -97,13 +99,14 @@ for (int i = 0; i < apps.length; i++) { - //flush nat for every app - script.append(baseDir); - script.append("iptables -t nat -m owner --uid-owner "); + script.append(ipTablesPath); + script.append(" -t nat -m owner --uid-owner "); script.append(apps[i].getUid()); script.append(" -F || exit\n"); - script.append("iptables -t filter -m owner --uid-owner "); + + script.append(ipTablesPath); + script.append(" -t filter -m owner --uid-owner "); script.append(apps[i].getUid()); script.append(" -F || exit\n"); @@ -118,8 +121,9 @@ return code; - } + }*/ + /* // 9/19/2010 - NF This code is in process... /etc path on System partition // is read-only on Android for now. @@ -171,39 +175,18 @@ //redirectDNSResolvConf(); //not working yet - String baseDir = findBaseDir(); + //String baseDir = context.getDir("bin", 0).getAbsolutePath() + "/"; + String ipTablesPath = new File(context.getDir("bin", 0),"iptables_n1").getAbsolutePath();
- String iptablesVersion = getIPTablesVersion(); - logNotice( "iptables version: " + iptablesVersion); - boolean ipTablesOld = false; - if (iptablesVersion != null && iptablesVersion.startsWith("1.3")){ - ipTablesOld = true; - } StringBuilder script = new StringBuilder(); StringBuilder res = new StringBuilder(); int code = -1; - for (int i = 0; i < apps.length; i++) - { - - //flush nat for every app - script.append(baseDir); - script.append("iptables -t nat -m owner --uid-owner "); - script.append(apps[i].getUid()); - script.append(" -F || exit\n"); - script.append("iptables -t filter -m owner --uid-owner "); - script.append(apps[i].getUid()); - script.append(" -F || exit\n"); - - } + purgeIptables(context); - String[] cmdFlush = {script.toString()}; - code = TorServiceUtils.doShellCommand(cmdFlush, res, true, true); - //String msg = res.toString(); //get stdout from command - script = new StringBuilder(); //build up array of shell cmds to execute under one root context @@ -231,8 +214,8 @@ //iptables -t nat -A output -p tcp -m owner --uid-owner 100 -m tcp --sync -j REDIRECT --to-ports 9040 //TCP - script.append(baseDir); - script.append("iptables -t nat"); + script.append(ipTablesPath); + script.append(" -t nat"); script.append(" -A OUTPUT -p tcp"); script.append(" -m owner --uid-owner "); script.append(apps[i].getUid()); @@ -248,8 +231,8 @@ script.append(" || exit\n"); //DNS - script.append(baseDir); - script.append("iptables -t nat"); + script.append(ipTablesPath); + script.append(" -t nat"); script.append(" -A OUTPUT -p udp -m owner --uid-owner "); script.append(apps[i].getUid()); script.append(" -m udp --dport "); @@ -268,8 +251,8 @@ //EVERYTHING ELSE - DROP! if (ipTablesOld) //for some reason this doesn't work on iptables 1.3.7 { - - script.append("iptables -t nat"); + script.append(ipTablesPath); + script.append(" -t nat"); script.append(" -A OUTPUT -m owner --uid-owner "); script.append(apps[i].getUid()); script.append(" -j DROP"); @@ -277,8 +260,8 @@ } else { - script.append(baseDir); - script.append("iptables -t filter"); + script.append(ipTablesPath); + script.append(" -t filter"); script.append(" -A OUTPUT -p tcp"); script.append(" -m owner --uid-owner "); script.append(apps[i].getUid()); @@ -287,8 +270,8 @@ script.append(" -j ACCEPT"); script.append(" || exit\n"); - script.append(baseDir); - script.append("iptables -t filter"); + script.append(ipTablesPath); + script.append(" -t filter"); script.append(" -A OUTPUT -p udp"); script.append(" -m owner --uid-owner "); script.append(apps[i].getUid()); @@ -297,8 +280,7 @@ script.append(" -j ACCEPT"); script.append(" || exit\n"); - script.append(baseDir); - script.append("iptables"); + script.append(ipTablesPath); script.append(" -t filter -A OUTPUT -m owner --uid-owner "); script.append(apps[i].getUid()); script.append(" -j DROP"); //drop all other packets as Tor won't handle them @@ -307,6 +289,9 @@ } } + else + { + } } @@ -325,15 +310,10 @@ //redirectDNSResolvConf(); //not working yet - String baseDir = findBaseDir(); + //String baseDir = context.getDir("bin",0).getAbsolutePath() + '/'; + String ipTablesPath = new File(context.getDir("bin", 0),"iptables_n1").getAbsolutePath();
- String iptablesVersion = getIPTablesVersion(); - logNotice( "iptables version: " + iptablesVersion); - boolean ipTablesOld = false; - if (iptablesVersion != null && iptablesVersion.startsWith("1.3")){ - ipTablesOld = true; - } StringBuilder script = new StringBuilder(); @@ -349,8 +329,8 @@ //TCP //iptables -t nat -A PREROUTING -i eth0 -p tcp --dport $srcPortNumber -j REDIRECT --to-port $dstPortNumbe
- script.append(baseDir); - script.append("iptables -t nat"); + script.append(ipTablesPath); + script.append(" -t nat"); script.append(" -A OUTPUT -p tcp"); script.append(" --dport "); script.append(port); @@ -365,8 +345,8 @@ script.append(" || exit\n"); - script.append(baseDir); - script.append("iptables -t nat"); + script.append(ipTablesPath); + script.append(" -t nat"); script.append(" -A OUTPUT -p udp"); script.append(" --dport "); script.append(port); @@ -381,8 +361,8 @@ script.append(" || exit\n"); //DNS - script.append(baseDir); - script.append("iptables -t nat"); + script.append(ipTablesPath); + script.append(" -t nat"); script.append(" -A OUTPUT -p udp "); script.append(" -m udp --dport "); script.append(STANDARD_DNS_PORT);