Skip to content

Commit

Permalink
Fix SecurityException on Asus Fonepads
Browse files Browse the repository at this point in the history 
This is a bug of their ROMs but the documentation says:

> Must be required by a VpnService, to ensure that only the system can bind to it.
>
> Protection level: signature
>
> Constant Value: "android.permission.BIND_VPN_SERVICE"

And we have `android:exported="false"` set, so I think it's safe to remove this permission restriction.
  • Loading branch information
@Mygod
Mygod committed Aug 9, 2016
1 parent 10725c3 commit f7d422d
Showing 1 changed file with 0 additions and 1 deletion.
1 change: 0 additions & 1 deletion src/main/AndroidManifest.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,7 +131,6 @@
android:name=".ShadowsocksVpnService"
android:process=":bg"
android:label="@string/app_name"
android:permission="android.permission.BIND_VPN_SERVICE"
android:exported="false">
<intent-filter>
<action android:name="android.net.VpnService"/>
Expand Down

2 comments on commit f7d422d

@madeye
Copy link
Contributor

@madeye madeye commented on f7d422d Aug 9, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With this commit, I got the following error:

08-09 12:06:34.423 17668 17694 W System.err: java.lang.SecurityException: com.github.shadowsocks.ShadowsocksVpnService does not require android.permission.BIND_VPN_SERVICE
08-09 12:06:34.423 17668 17694 W System.err:    at android.os.Parcel.readException(Parcel.java:1620)
08-09 12:06:34.423 17668 17694 W System.err:    at android.os.Parcel.readException(Parcel.java:1573)
08-09 12:06:34.423 17668 17694 W System.err:    at android.net.IConnectivityManager$Stub$Proxy.establishVpn(IConnectivityManager.java:1776)
08-09 12:06:34.423 17668 17694 W System.err:    at android.net.VpnService$Builder.establish(VpnService.java:769)
08-09 12:06:34.423 17668 17694 W System.err:    at com.github.shadowsocks.ShadowsocksVpnService.startVpn(ShadowsocksVpnService.scala:386)
08-09 12:06:34.423 17668 17694 W System.err:    at com.github.shadowsocks.ShadowsocksVpnService.handleConnection(ShadowsocksVpnService.scala:185)
08-09 12:06:34.423 17668 17694 W System.err:    at com.github.shadowsocks.ShadowsocksVpnService.connect(ShadowsocksVpnService.scala:172)
08-09 12:06:34.423 17668 17694 W System.err:    at com.github.shadowsocks.BaseService$$anonfun$startRunner$1.apply$mcV$sp(BaseService.scala:191)
08-09 12:06:34.423 17668 17694 W System.err:    at com.github.shadowsocks.BaseService$$anonfun$startRunner$1.apply(BaseService.scala:191)
08-09 12:06:34.423 17668 17694 W System.err:    at com.github.shadowsocks.BaseService$$anonfun$startRunner$1.apply(BaseService.scala:191)
08-09 12:06:34.423 17668 17694 W System.err:    at scala.concurrent.impl.Future$PromiseCompletingRunnable.liftedTree1$1(Future.scala:24)
08-09 12:06:34.423 17668 17694 W System.err:    at scala.concurrent.impl.Future$PromiseCompletingRunnable.run(Future.scala:24)
08-09 12:06:34.423 17668 17694 W System.err:    at scala.concurrent.impl.ExecutionContextImpl$AdaptedForkJoinTask.exec(ExecutionContextImpl.scala:121)
08-09 12:06:34.423 17668 17694 W System.err:    at scala.concurrent.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260)
08-09 12:06:34.424 17668 17694 W System.err:    at scala.concurrent.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339)
08-09 12:06:34.424 17668 17694 W System.err:    at scala.concurrent.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979)
08-09 12:06:34.424 17668 17694 W System.err:    at scala.concurrent.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107)
08-09 12:06:34.443 17648 17648 E Shadowsocks: Error to start VPN service: Failed to connect the remote server

@Mygod
Copy link
Contributor Author

@Mygod Mygod commented on f7d422d Aug 9, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well I guess we have to revert it then.

Please sign in to comment.