aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2017-12-05 03:50:36 +0100
committerJason A. Donenfeld <Jason@zx2c4.com>2017-12-15 06:00:45 +0100
commit345e007cb9228a47cbb98b79a5ca31100f1fa092 (patch)
tree9c491e74487d023d0021cf978c35a7359edc495f
parentVpnService: require root access (diff)
downloadwireguard-android-345e007cb9228a47cbb98b79a5ca31100f1fa092.tar.xz
wireguard-android-345e007cb9228a47cbb98b79a5ca31100f1fa092.zip
tools: build required tools with apk
-rw-r--r--.gitmodules9
-rw-r--r--app/build.gradle5
-rw-r--r--app/src/main/AndroidManifest.xml1
-rw-r--r--app/src/main/java/com/wireguard/android/backends/RootShell.java5
-rw-r--r--app/src/main/java/com/wireguard/android/backends/VpnService.java24
-rw-r--r--app/src/main/res/values/strings.xml1
-rw-r--r--app/tools/CMakeLists.txt9
m---------app/tools/libmnl0
m---------app/tools/wireguard0
m---------app/tools/wireguard-android-integration0
10 files changed, 33 insertions, 21 deletions
diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 0000000..1e0b962
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,9 @@
+[submodule "app/tools/libmnl"]
+ path = app/tools/libmnl
+ url = https://git.netfilter.org/libmnl/
+[submodule "app/tools/wireguard"]
+ path = app/tools/wireguard
+ url = https://git.zx2c4.com/WireGuard
+[submodule "app/tools/wireguard-android-integration"]
+ path = app/tools/wireguard-android-integration
+ url = https://git.zx2c4.com/android_kernel_wireguard
diff --git a/app/build.gradle b/app/build.gradle
index a961dde..ff39403 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -19,6 +19,11 @@ android {
versionCode 100
versionName '0.1.0'
}
+ externalNativeBuild {
+ cmake {
+ path 'tools/CMakeLists.txt'
+ }
+ }
}
dependencies {
diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml
index b07c00c..107f6a5 100644
--- a/app/src/main/AndroidManifest.xml
+++ b/app/src/main/AndroidManifest.xml
@@ -6,6 +6,7 @@
<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />
<application
+ android:extractNativeLibs="true"
android:allowBackup="false"
android:icon="@mipmap/ic_launcher"
android:label="@string/app_name"
diff --git a/app/src/main/java/com/wireguard/android/backends/RootShell.java b/app/src/main/java/com/wireguard/android/backends/RootShell.java
index 9fd5020..31b10f9 100644
--- a/app/src/main/java/com/wireguard/android/backends/RootShell.java
+++ b/app/src/main/java/com/wireguard/android/backends/RootShell.java
@@ -22,7 +22,7 @@ class RootShell {
* Setup commands that are run at the beginning of each root shell. The trap command ensures
* access to the return value of the last command, since su itself always exits with 0.
*/
- private static final String SETUP_TEMPLATE = "export TMPDIR=%s\ntrap 'echo $?' EXIT\n";
+ private static final String SETUP_TEMPLATE = "export PATH=\"%s/bin:$PATH\"; export TMPDIR=\"%s/temp\"; trap 'echo $?' EXIT; mkdir -p \"%s/bin\" \"%s/temp\"; ln -fs \"%s/libwg.so\" \"%s/bin/wg\" || exit 99; ln -fs \"%s/libwg-quick.so\" \"%s/bin/wg-quick\" || exit 99;";
private static final String TAG = "RootShell";
private static final Pattern ERRNO_EXTRACTOR = Pattern.compile("error=(\\d+)");
@@ -35,7 +35,8 @@ class RootShell {
RootShell(final Context context, final String shell) {
final String tmpdir = context.getCacheDir().getPath();
- setupCommands = String.format(SETUP_TEMPLATE, tmpdir).getBytes(StandardCharsets.UTF_8);
+ final String fakelibdir = context.getApplicationInfo().nativeLibraryDir;
+ setupCommands = String.format(SETUP_TEMPLATE, tmpdir, tmpdir, tmpdir, tmpdir, fakelibdir, tmpdir, fakelibdir, tmpdir).getBytes(StandardCharsets.UTF_8);
this.shell = shell;
}
diff --git a/app/src/main/java/com/wireguard/android/backends/VpnService.java b/app/src/main/java/com/wireguard/android/backends/VpnService.java
index 3a8f659..5e254d2 100644
--- a/app/src/main/java/com/wireguard/android/backends/VpnService.java
+++ b/app/src/main/java/com/wireguard/android/backends/VpnService.java
@@ -261,17 +261,6 @@ public class VpnService extends Service
private class ConfigEnabler extends AsyncTask<Void, Void, Integer> {
private final Config config;
- private final String[] paths = {
- "/system/xbin",
- "/system/sbin",
- "/system/bin",
- "/sbin",
- "/bin",
- "/xbin",
- "/usr/sbin",
- "/usr/bin",
- "/usr/xbin",
- };
private ConfigEnabler(final Config config) {
this.config = config;
@@ -281,19 +270,21 @@ public class VpnService extends Service
protected Integer doInBackground(final Void... voids) {
if (!new File("/sys/module/wireguard").exists())
return -0xfff0001;
- if (!existsInPath("wg") || !existsInPath("wg-quick"))
- return -0xfff0002;
if (!existsInPath("su"))
- return -0xfff0003;
+ return -0xfff0002;
Log.i(TAG, "Running wg-quick up for " + config.getName());
final File configFile = new File(getFilesDir(), config.getName() + ".conf");
final int ret = rootShell.run(null, "wg-quick up '" + configFile.getPath() + "'");
if (ret == 13 /* EPERM */)
- return -0xfff0003;
+ return -0xfff0002;
return ret;
}
private boolean existsInPath(final String file) {
+ final String pathEnv = System.getenv("PATH");
+ if (pathEnv == null)
+ return false;
+ final String[] paths = pathEnv.split(":");
for (final String path : paths)
if (new File(path, file).exists())
return true;
@@ -307,9 +298,6 @@ public class VpnService extends Service
if (ret == -0xfff0001) {
startActivity(new Intent(getApplicationContext(), NotSupportedActivity.class));
} else if (ret == -0xfff0002) {
- Toast.makeText(getApplicationContext(), getString(R.string.error_missing),
- Toast.LENGTH_LONG).show();
- } else if (ret == -0xfff0003) {
Toast.makeText(getApplicationContext(), getString(R.string.error_su),
Toast.LENGTH_LONG).show();
} else {
diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml
index 3c115d6..ea4acb7 100644
--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@@ -18,7 +18,6 @@
<string name="enabled">Enabled</string>
<string name="endpoint">Endpoint</string>
<string name="error_down">Error bringing down WireGuard tunnel</string>
- <string name="error_missing">Missing wg(8) and/or wg-quick(8) in PATH</string>
<string name="error_su">WireGuard currently requires root access</string>
<string name="error_up">Error bringing up WireGuard tunnel</string>
<string name="generate">Generate</string>
diff --git a/app/tools/CMakeLists.txt b/app/tools/CMakeLists.txt
new file mode 100644
index 0000000..8eabc90
--- /dev/null
+++ b/app/tools/CMakeLists.txt
@@ -0,0 +1,9 @@
+cmake_minimum_required(VERSION 3.4.1)
+set(CMAKE_RUNTIME_OUTPUT_DIRECTORY "${CMAKE_LIBRARY_OUTPUT_DIRECTORY}")
+
+add_executable(libwg-quick.so wireguard-android-integration/wg-quick.c)
+SET_TARGET_PROPERTIES(libwg-quick.so PROPERTIES COMPILE_FLAGS "-O3 -std=gnu11 -Wall -pedantic -Wno-missing-field-initializers -DWG_CONFIG_SEARCH_PATHS=\"\\\"/data/data/com.wireguard.android/files\\\"\"")
+
+FILE(GLOB WG_SOURCES wireguard/src/tools/*.c libmnl/src/*.c)
+add_executable(libwg.so ${WG_SOURCES})
+SET_TARGET_PROPERTIES(libwg.so PROPERTIES COMPILE_FLAGS "'-I${CMAKE_CURRENT_SOURCE_DIR}libmnl/src/' '-I${CMAKE_CURRENT_SOURCE_DIR}/libmnl/include/' '-I${CMAKE_CURRENT_SOURCE_DIR}/wireguard/src/tools/' -O3 -std=gnu11 -D_GNU_SOURCE -DHAVE_VISIBILITY_HIDDEN -DRUNSTATEDIR=\"\\\"/data/data/com.wireguard.android/cache\\\"\" -Wno-pointer-arith -Wno-unused-parameter")
diff --git a/app/tools/libmnl b/app/tools/libmnl
new file mode 160000
+Subproject 0930a63252958f40bb0f9d09de86985c25cea03
diff --git a/app/tools/wireguard b/app/tools/wireguard
new file mode 160000
+Subproject 44f8e4d7d0b23c949850028fd9c502b73e15d28
diff --git a/app/tools/wireguard-android-integration b/app/tools/wireguard-android-integration
new file mode 160000
+Subproject a831aa82248009ba1ee95ac6ebdbeb5234aaffe