summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2017-11-30 21:46:56 +0100
committerJason A. Donenfeld <Jason@zx2c4.com>2017-11-30 21:46:56 +0100
commit9e028ae8d6c2211b59220990f633d534bbe2f950 (patch)
treee2e9c5ed35c7c2f0858af283d46cd111507e2f14
parent417e973c8fd58eafa8b46e5924294e31ea4cd977 (diff)
VpnService: require root access
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
-rw-r--r--app/src/main/java/com/wireguard/android/backends/RootShell.java6
-rw-r--r--app/src/main/java/com/wireguard/android/backends/VpnService.java10
-rw-r--r--app/src/main/res/values/strings.xml1
3 files changed, 16 insertions, 1 deletions
diff --git a/app/src/main/java/com/wireguard/android/backends/RootShell.java b/app/src/main/java/com/wireguard/android/backends/RootShell.java
index 0b529065..9fd5020d 100644
--- a/app/src/main/java/com/wireguard/android/backends/RootShell.java
+++ b/app/src/main/java/com/wireguard/android/backends/RootShell.java
@@ -10,6 +10,8 @@ import java.io.InputStreamReader;
import java.io.OutputStream;
import java.nio.charset.StandardCharsets;
import java.util.List;
+import java.util.regex.Pattern;
+import java.util.regex.Matcher;
/**
* Helper class for running commands as root.
@@ -22,6 +24,7 @@ class RootShell {
*/
private static final String SETUP_TEMPLATE = "export TMPDIR=%s\ntrap 'echo $?' EXIT\n";
private static final String TAG = "RootShell";
+ private static final Pattern ERRNO_EXTRACTOR = Pattern.compile("error=(\\d+)");
private final byte[] setupCommands;
private final String shell;
@@ -80,6 +83,9 @@ class RootShell {
Log.d(TAG, "Session completed with exit value " + exitValue);
} catch (IOException | InterruptedException | NumberFormatException e) {
Log.w(TAG, "Session failed with exception", e);
+ final Matcher match = ERRNO_EXTRACTOR.matcher(e.toString());
+ if (match.find())
+ exitValue = Integer.valueOf(match.group(1));
}
return exitValue;
}
diff --git a/app/src/main/java/com/wireguard/android/backends/VpnService.java b/app/src/main/java/com/wireguard/android/backends/VpnService.java
index e255c245..3a8f6597 100644
--- a/app/src/main/java/com/wireguard/android/backends/VpnService.java
+++ b/app/src/main/java/com/wireguard/android/backends/VpnService.java
@@ -283,9 +283,14 @@ public class VpnService extends Service
return -0xfff0001;
if (!existsInPath("wg") || !existsInPath("wg-quick"))
return -0xfff0002;
+ if (!existsInPath("su"))
+ return -0xfff0003;
Log.i(TAG, "Running wg-quick up for " + config.getName());
final File configFile = new File(getFilesDir(), config.getName() + ".conf");
- return rootShell.run(null, "wg-quick up '" + configFile.getPath() + "'");
+ final int ret = rootShell.run(null, "wg-quick up '" + configFile.getPath() + "'");
+ if (ret == 13 /* EPERM */)
+ return -0xfff0003;
+ return ret;
}
private boolean existsInPath(final String file) {
@@ -304,6 +309,9 @@ public class VpnService extends Service
} else if (ret == -0xfff0002) {
Toast.makeText(getApplicationContext(), getString(R.string.error_missing),
Toast.LENGTH_LONG).show();
+ } else if (ret == -0xfff0003) {
+ Toast.makeText(getApplicationContext(), getString(R.string.error_su),
+ Toast.LENGTH_LONG).show();
} else {
Toast.makeText(getApplicationContext(), getString(R.string.error_up),
Toast.LENGTH_SHORT).show();
diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml
index 4687ec49..3c115d66 100644
--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@@ -19,6 +19,7 @@
<string name="endpoint">Endpoint</string>
<string name="error_down">Error bringing down WireGuard tunnel</string>
<string name="error_missing">Missing wg(8) and/or wg-quick(8) in PATH</string>
+ <string name="error_su">WireGuard currently requires root access</string>
<string name="error_up">Error bringing up WireGuard tunnel</string>
<string name="generate">Generate</string>
<string name="hint_automatic">(auto)</string>