Loading src/main/java/org/torproject/android/service/vpn/OrbotVpnManager.java +7 −21 Original line number Diff line number Diff line Loading @@ -284,34 +284,20 @@ public class OrbotVpnManager implements Handler.Callback { private void doAppBasedRouting(VpnService.Builder builder) throws NameNotFoundException { var apps = TorifiedApp.Companion.getApps(mService, prefs); var individualAppsWereSelected = false; var isLockdownMode = isVpnLockdown(mService); var canBypass = !isVpnLockdown(mService); if (canBypass) { for (TorifiedApp app : apps) { if (app.isTorified() && (!app.getPackageName().equals(mService.getPackageName()))) { if (prefs.getBoolean(app.getPackageName() + OrbotConstants.APP_TOR_KEY, true)) { builder.addAllowedApplication(app.getPackageName()); if (app.isBypassTor()) { builder.addDisallowedApplication(app.getPackageName()); } individualAppsWereSelected = true; } } Log.i(TAG, "App based routing is enabled?=" + individualAppsWereSelected + ", isLockdownMode=" + isLockdownMode); if (isLockdownMode) { /* TODO https://github.com/guardianproject/orbot/issues/774 Need to allow briar, onionshare, etc to enter orbot's vpn gateway, but not enter the tor network, that way these apps can use their own tor connection // TODO "add" these packages here... */ } if (!individualAppsWereSelected && !isLockdownMode) { // disallow orbot itself... builder.addDisallowedApplication(mService.getPackageName()); // disallow tor apps to avoid tor over tor, Orbot doesnt need to concern itself with them for (String packageName : OrbotConstants.BYPASS_VPN_PACKAGES) builder.addDisallowedApplication(packageName); } else { Log.i(TAG, "Skip bypass because vpnLockdown: " + !canBypass); } } Loading src/main/java/org/torproject/android/service/vpn/TorifiedApp.kt +3 −3 Original line number Diff line number Diff line Loading @@ -39,7 +39,7 @@ class TorifiedApp : Comparable<TorifiedApp> { var packageName: String = "" @Serializable var isTorified: Boolean = false var isBypassTor: Boolean = false @Serializable var usesInternet: Boolean = false Loading Loading @@ -99,7 +99,7 @@ class TorifiedApp : Comparable<TorifiedApp> { } // Check if this application is allowed app.isTorified = torifiedPackages.binarySearch(app.packageName) >= 0 app.isBypassTor = torifiedPackages.binarySearch(app.packageName) >= 0 } apps.sort() Loading @@ -107,7 +107,7 @@ class TorifiedApp : Comparable<TorifiedApp> { } fun sortAppsForTorifiedAndAbc(apps: List<TorifiedApp>?) { apps?.sortedWith(compareBy<TorifiedApp> { !it.isTorified }.thenBy { apps?.sortedWith(compareBy<TorifiedApp> { !it.isBypassTor }.thenBy { Normalizer.normalize(it.name ?: "", Normalizer.Form.NFD) }) } Loading Loading
src/main/java/org/torproject/android/service/vpn/OrbotVpnManager.java +7 −21 Original line number Diff line number Diff line Loading @@ -284,34 +284,20 @@ public class OrbotVpnManager implements Handler.Callback { private void doAppBasedRouting(VpnService.Builder builder) throws NameNotFoundException { var apps = TorifiedApp.Companion.getApps(mService, prefs); var individualAppsWereSelected = false; var isLockdownMode = isVpnLockdown(mService); var canBypass = !isVpnLockdown(mService); if (canBypass) { for (TorifiedApp app : apps) { if (app.isTorified() && (!app.getPackageName().equals(mService.getPackageName()))) { if (prefs.getBoolean(app.getPackageName() + OrbotConstants.APP_TOR_KEY, true)) { builder.addAllowedApplication(app.getPackageName()); if (app.isBypassTor()) { builder.addDisallowedApplication(app.getPackageName()); } individualAppsWereSelected = true; } } Log.i(TAG, "App based routing is enabled?=" + individualAppsWereSelected + ", isLockdownMode=" + isLockdownMode); if (isLockdownMode) { /* TODO https://github.com/guardianproject/orbot/issues/774 Need to allow briar, onionshare, etc to enter orbot's vpn gateway, but not enter the tor network, that way these apps can use their own tor connection // TODO "add" these packages here... */ } if (!individualAppsWereSelected && !isLockdownMode) { // disallow orbot itself... builder.addDisallowedApplication(mService.getPackageName()); // disallow tor apps to avoid tor over tor, Orbot doesnt need to concern itself with them for (String packageName : OrbotConstants.BYPASS_VPN_PACKAGES) builder.addDisallowedApplication(packageName); } else { Log.i(TAG, "Skip bypass because vpnLockdown: " + !canBypass); } } Loading
src/main/java/org/torproject/android/service/vpn/TorifiedApp.kt +3 −3 Original line number Diff line number Diff line Loading @@ -39,7 +39,7 @@ class TorifiedApp : Comparable<TorifiedApp> { var packageName: String = "" @Serializable var isTorified: Boolean = false var isBypassTor: Boolean = false @Serializable var usesInternet: Boolean = false Loading Loading @@ -99,7 +99,7 @@ class TorifiedApp : Comparable<TorifiedApp> { } // Check if this application is allowed app.isTorified = torifiedPackages.binarySearch(app.packageName) >= 0 app.isBypassTor = torifiedPackages.binarySearch(app.packageName) >= 0 } apps.sort() Loading @@ -107,7 +107,7 @@ class TorifiedApp : Comparable<TorifiedApp> { } fun sortAppsForTorifiedAndAbc(apps: List<TorifiedApp>?) { apps?.sortedWith(compareBy<TorifiedApp> { !it.isTorified }.thenBy { apps?.sortedWith(compareBy<TorifiedApp> { !it.isBypassTor }.thenBy { Normalizer.normalize(it.name ?: "", Normalizer.Form.NFD) }) } Loading
