-
Notifications
You must be signed in to change notification settings - Fork 356
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Co-authored-by: Maor Magori <maor@magori.online>
- Loading branch information
1 parent
5c3436e
commit 035cb1b
Showing
6 changed files
with
120 additions
and
22 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
import * as fs from '../utils/fs' | ||
import * as path from 'path' | ||
|
||
/** | ||
* Copies the certificate file at `sourcePath` to the correct location within | ||
* the APK's `decodeDir`, so it can then be referenced in the Network Security | ||
* Config. | ||
*/ | ||
export default async function copyCertificateFile( | ||
decodeDir: string, | ||
sourcePath: string, | ||
) { | ||
const rawDir = path.join(decodeDir, `res/raw/`) | ||
await fs.mkdir(rawDir, { recursive: true }) | ||
|
||
const destinationPath = path.join(rawDir, path.basename(sourcePath)) | ||
await fs.copyFile(sourcePath, destinationPath) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,21 +1,45 @@ | ||
import * as fs from '../utils/fs' | ||
import * as pathUtils from 'path' | ||
|
||
const TEMPLATE = `<?xml version="1.0" encoding="utf-8"?> | ||
<!-- Intentionally lax Network Security Configuration (generated by apk-mitm) --> | ||
<network-security-config> | ||
<!-- Allow cleartext traffic --> | ||
<base-config cleartextTrafficPermitted="true"> | ||
<trust-anchors> | ||
<!-- Allow user-added (proxy) certificates --> | ||
<certificates src="user" /> | ||
/** Generates the XML contents of the Network Security File. */ | ||
const generateConfig = ({ | ||
certificatePath, | ||
}: { | ||
certificatePath: string | undefined | ||
}) => { | ||
const certificateBlock = certificatePath | ||
? generateCertificateBlock(certificatePath) | ||
: '' | ||
|
||
<certificates src="system" /> | ||
</trust-anchors> | ||
</base-config> | ||
</network-security-config>` | ||
return `<?xml version="1.0" encoding="utf-8"?> | ||
<!-- Intentionally lax Network Security Configuration (generated by apk-mitm) --> | ||
<network-security-config> | ||
<!-- Allow cleartext traffic --> | ||
<base-config cleartextTrafficPermitted="true"> | ||
<trust-anchors> | ||
<!-- Allow user-added (proxy) certificates --> | ||
<certificates src="user" />${certificateBlock} | ||
<certificates src="system" /> | ||
</trust-anchors> | ||
</base-config> | ||
</network-security-config>` | ||
} | ||
|
||
/** Generates the XML block responsible for registering a custom certificate. */ | ||
const generateCertificateBlock = (path: string) => { | ||
const fileName = pathUtils.basename(path, '.pem') | ||
|
||
export default async function createNetworkSecurityConfig(path: string) { | ||
return `\n | ||
<!-- Allow specific certificate --> | ||
<certificates src="@raw/${fileName}" />\n` | ||
} | ||
|
||
export default async function createNetworkSecurityConfig( | ||
path: string, | ||
{ certificatePath }: { certificatePath?: string } = {}, | ||
) { | ||
await fs.mkdir(pathUtils.dirname(path), { recursive: true }) | ||
await fs.writeFile(path, TEMPLATE, 'utf-8') | ||
|
||
const config = generateConfig({ certificatePath }) | ||
await fs.writeFile(path, config, 'utf-8') | ||
} |