Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 05a68401 authored by Guillaume Jacquart's avatar Guillaume Jacquart
Browse files

/e/ make appList a bypassTor list.

(cherry picked from commit 630b9fdf)
parent 877d857c
Loading
Loading
Loading
Loading
+7 −21
Original line number Diff line number Diff line
@@ -284,34 +284,20 @@ public class OrbotVpnManager implements Handler.Callback {

    private void doAppBasedRouting(VpnService.Builder builder) throws NameNotFoundException {
        var apps = TorifiedApp.Companion.getApps(mService, prefs);
        var individualAppsWereSelected = false;
        var isLockdownMode = isVpnLockdown(mService);
        var canBypass = !isVpnLockdown(mService);

        if (canBypass) {
            for (TorifiedApp app : apps) {
            if (app.isTorified() && (!app.getPackageName().equals(mService.getPackageName()))) {
                if (prefs.getBoolean(app.getPackageName() + OrbotConstants.APP_TOR_KEY, true)) {
                    builder.addAllowedApplication(app.getPackageName());
                if (app.isBypassTor()) {
                    builder.addDisallowedApplication(app.getPackageName());
                }
                individualAppsWereSelected = true;
            }
        }
        Log.i(TAG, "App based routing is enabled?=" + individualAppsWereSelected + ", isLockdownMode=" + isLockdownMode);

        if (isLockdownMode) {
             /* TODO https://github.com/guardianproject/orbot/issues/774
                Need to allow briar, onionshare, etc to enter orbot's vpn gateway, but not enter the tor
                network, that way these apps can use their own tor connection
                 // TODO  "add" these packages here...
                 */
            }

        if (!individualAppsWereSelected && !isLockdownMode) {
            // disallow orbot itself...
            builder.addDisallowedApplication(mService.getPackageName());

            // disallow tor apps to avoid tor over tor, Orbot doesnt need to concern itself with them
            for (String packageName : OrbotConstants.BYPASS_VPN_PACKAGES)
                builder.addDisallowedApplication(packageName);
        } else {
            Log.i(TAG, "Skip bypass because vpnLockdown: " + !canBypass);
        }
    }

+3 −3
Original line number Diff line number Diff line
@@ -39,7 +39,7 @@ class TorifiedApp : Comparable<TorifiedApp> {
    var packageName: String = ""

    @Serializable
    var isTorified: Boolean = false
    var isBypassTor: Boolean = false

    @Serializable
    var usesInternet: Boolean = false
@@ -99,7 +99,7 @@ class TorifiedApp : Comparable<TorifiedApp> {
                }

                // Check if this application is allowed
                app.isTorified = torifiedPackages.binarySearch(app.packageName) >= 0
                app.isBypassTor = torifiedPackages.binarySearch(app.packageName) >= 0
            }

            apps.sort()
@@ -107,7 +107,7 @@ class TorifiedApp : Comparable<TorifiedApp> {
        }

        fun sortAppsForTorifiedAndAbc(apps: List<TorifiedApp>?) {
            apps?.sortedWith(compareBy<TorifiedApp> { !it.isTorified }.thenBy {
            apps?.sortedWith(compareBy<TorifiedApp> { !it.isBypassTor }.thenBy {
                Normalizer.normalize(it.name ?: "", Normalizer.Form.NFD)
            })
        }