feat: Add Override certificate pinning
patch (#2781)
Co-authored-by: oSumAtrIX <johan.melkonyan1@web.de>
This commit is contained in:
parent
4e81888daf
commit
94ed738515
|
@ -0,0 +1,79 @@
|
|||
package app.revanced.patches.all.misc.network.patch
|
||||
|
||||
import app.revanced.patcher.annotation.Description
|
||||
import app.revanced.patcher.annotation.Name
|
||||
import app.revanced.patcher.annotation.Version
|
||||
import app.revanced.patcher.data.ResourceContext
|
||||
import app.revanced.patcher.patch.*
|
||||
import app.revanced.patcher.patch.annotations.DependsOn
|
||||
import app.revanced.patcher.patch.annotations.Patch
|
||||
import app.revanced.patches.all.misc.debugging.patch.EnableAndroidDebuggingPatch
|
||||
import org.w3c.dom.Element
|
||||
import java.io.File
|
||||
|
||||
@Patch(false)
|
||||
@Name("Override certificate pinning")
|
||||
@Description("Overrides certificate pinning, allowing to inspect traffic via a proxy.")
|
||||
@DependsOn([EnableAndroidDebuggingPatch::class])
|
||||
class OverrideCertificatePinningPatch : ResourcePatch {
|
||||
|
||||
override fun execute(context: ResourceContext): PatchResult {
|
||||
val resXmlDirectory = context["res/xml"]
|
||||
|
||||
// Add android:networkSecurityConfig="@xml/network_security_config" and the "networkSecurityConfig" attribute if it does not exist.
|
||||
context.xmlEditor["AndroidManifest.xml"].use { editor ->
|
||||
val document = editor.file
|
||||
val applicationNode = document.getElementsByTagName("application").item(0) as Element
|
||||
|
||||
if (!applicationNode.hasAttribute("networkSecurityConfig")) {
|
||||
document.createAttribute("android:networkSecurityConfig")
|
||||
.apply { value = "@xml/network_security_config" }.let(applicationNode.attributes::setNamedItem)
|
||||
}
|
||||
}
|
||||
|
||||
// In case the file does not exist create the "network_security_config.xml" file.
|
||||
File(resXmlDirectory, "network_security_config.xml").apply {
|
||||
if (!exists()) {
|
||||
createNewFile()
|
||||
writeText(
|
||||
"""
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<network-security-config>
|
||||
<base-config cleartextTrafficPermitted="true">
|
||||
<trust-anchors>
|
||||
<certificates src="system" />
|
||||
<certificates
|
||||
src="user"
|
||||
overridePins="true" />
|
||||
</trust-anchors>
|
||||
</base-config>
|
||||
<debug-overrides>
|
||||
<trust-anchors>
|
||||
<certificates src="system" />
|
||||
<certificates
|
||||
src="user"
|
||||
overridePins="true" />
|
||||
</trust-anchors>
|
||||
</debug-overrides>
|
||||
</network-security-config>
|
||||
"""
|
||||
)
|
||||
} else {
|
||||
// If the file already exists.
|
||||
readText().let { text ->
|
||||
if (!text.contains("<certificates src=\"user\" />")) {
|
||||
writeText(
|
||||
text.replace(
|
||||
"<trust-anchors>",
|
||||
"<trust-anchors>\n<certificates src=\"user\" overridePins=\"true\" />\n<certificates src=\"system\" />"
|
||||
)
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
return PatchResultSuccess()
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue