diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2017-11-30 21:46:56 +0100 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2017-11-30 21:46:56 +0100 |
commit | 9e028ae8d6c2211b59220990f633d534bbe2f950 (patch) | |
tree | e2e9c5ed35c7c2f0858af283d46cd111507e2f14 | |
parent | 417e973c8fd58eafa8b46e5924294e31ea4cd977 (diff) |
VpnService: require root access
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
-rw-r--r-- | app/src/main/java/com/wireguard/android/backends/RootShell.java | 6 | ||||
-rw-r--r-- | app/src/main/java/com/wireguard/android/backends/VpnService.java | 10 | ||||
-rw-r--r-- | app/src/main/res/values/strings.xml | 1 |
3 files changed, 16 insertions, 1 deletions
diff --git a/app/src/main/java/com/wireguard/android/backends/RootShell.java b/app/src/main/java/com/wireguard/android/backends/RootShell.java index 0b529065..9fd5020d 100644 --- a/app/src/main/java/com/wireguard/android/backends/RootShell.java +++ b/app/src/main/java/com/wireguard/android/backends/RootShell.java @@ -10,6 +10,8 @@ import java.io.InputStreamReader; import java.io.OutputStream; import java.nio.charset.StandardCharsets; import java.util.List; +import java.util.regex.Pattern; +import java.util.regex.Matcher; /** * Helper class for running commands as root. @@ -22,6 +24,7 @@ class RootShell { */ private static final String SETUP_TEMPLATE = "export TMPDIR=%s\ntrap 'echo $?' EXIT\n"; private static final String TAG = "RootShell"; + private static final Pattern ERRNO_EXTRACTOR = Pattern.compile("error=(\\d+)"); private final byte[] setupCommands; private final String shell; @@ -80,6 +83,9 @@ class RootShell { Log.d(TAG, "Session completed with exit value " + exitValue); } catch (IOException | InterruptedException | NumberFormatException e) { Log.w(TAG, "Session failed with exception", e); + final Matcher match = ERRNO_EXTRACTOR.matcher(e.toString()); + if (match.find()) + exitValue = Integer.valueOf(match.group(1)); } return exitValue; } diff --git a/app/src/main/java/com/wireguard/android/backends/VpnService.java b/app/src/main/java/com/wireguard/android/backends/VpnService.java index e255c245..3a8f6597 100644 --- a/app/src/main/java/com/wireguard/android/backends/VpnService.java +++ b/app/src/main/java/com/wireguard/android/backends/VpnService.java @@ -283,9 +283,14 @@ public class VpnService extends Service return -0xfff0001; if (!existsInPath("wg") || !existsInPath("wg-quick")) return -0xfff0002; + if (!existsInPath("su")) + return -0xfff0003; Log.i(TAG, "Running wg-quick up for " + config.getName()); final File configFile = new File(getFilesDir(), config.getName() + ".conf"); - return rootShell.run(null, "wg-quick up '" + configFile.getPath() + "'"); + final int ret = rootShell.run(null, "wg-quick up '" + configFile.getPath() + "'"); + if (ret == 13 /* EPERM */) + return -0xfff0003; + return ret; } private boolean existsInPath(final String file) { @@ -304,6 +309,9 @@ public class VpnService extends Service } else if (ret == -0xfff0002) { Toast.makeText(getApplicationContext(), getString(R.string.error_missing), Toast.LENGTH_LONG).show(); + } else if (ret == -0xfff0003) { + Toast.makeText(getApplicationContext(), getString(R.string.error_su), + Toast.LENGTH_LONG).show(); } else { Toast.makeText(getApplicationContext(), getString(R.string.error_up), Toast.LENGTH_SHORT).show(); diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml index 4687ec49..3c115d66 100644 --- a/app/src/main/res/values/strings.xml +++ b/app/src/main/res/values/strings.xml @@ -19,6 +19,7 @@ <string name="endpoint">Endpoint</string> <string name="error_down">Error bringing down WireGuard tunnel</string> <string name="error_missing">Missing wg(8) and/or wg-quick(8) in PATH</string> + <string name="error_su">WireGuard currently requires root access</string> <string name="error_up">Error bringing up WireGuard tunnel</string> <string name="generate">Generate</string> <string name="hint_automatic">(auto)</string> |