trackersservicestandalone/src/main/java/foundation/e/advancedprivacy/trackers/service/TrackersService.kt


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120

/*
 * Copyright (C) 2023 MURENA SAS
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */
package foundation.e.advancedprivacy.trackers.service

import android.content.Intent
import android.net.VpnService
import android.os.Build
import android.os.ParcelFileDescriptor
import foundation.e.advancedprivacy.core.utils.notificationBuilder
import foundation.e.advancedprivacy.domain.entities.FeatureState
import foundation.e.advancedprivacy.domain.entities.NOTIFICATION_TRACKER_FLAG
import foundation.e.advancedprivacy.domain.entities.NotificationContent
import foundation.e.advancedprivacy.trackers.domain.externalinterfaces.TrackersSupervisor
import foundation.e.advancedprivacy.trackers.service.Config.DNS_SERVER_TO_CATCH_IPV4
import foundation.e.advancedprivacy.trackers.service.Config.DNS_SERVER_TO_CATCH_IPV6
import foundation.e.advancedprivacy.trackers.service.Config.SESSION_NAME
import foundation.e.advancedprivacy.trackers.service.data.NetworkDNSAddressRepository
import kotlinx.coroutines.CoroutineScope
import kotlinx.coroutines.Dispatchers
import org.koin.core.qualifier.named
import org.koin.java.KoinJavaComponent.get
import timber.log.Timber

class TrackersService : VpnService() {
    companion object {
        var coroutineScope = CoroutineScope(Dispatchers.IO)
    }

    private val networkDNSAddressRepository: NetworkDNSAddressRepository = get(NetworkDNSAddressRepository::class.java)
    private val trackersSupervisor: TrackersSupervisorStandalone = get(
        TrackersSupervisor::class.java
    ) as TrackersSupervisorStandalone

    private val notificationTrackerFlag: NotificationContent = get(NotificationContent::class.java, named("notificationTrackerFlag"))

    override fun onStartCommand(intent: Intent?, flags: Int, startId: Int): Int {
        startVPN()

        startForeground(
            NOTIFICATION_TRACKER_FLAG,
            notificationBuilder(
                context = this,
                content = notificationTrackerFlag
            ).build()
        )
        trackersSupervisor.mutableState.value = FeatureState.ON

        return START_STICKY
    }

    override fun onDestroy() {
        networkDNSAddressRepository.stop()
        trackersSupervisor.mutableState.value = FeatureState.OFF
        super.onDestroy()
    }

    private fun startVPN() {
        val vpnInterface = initVPN()

        if (vpnInterface != null) {
            networkDNSAddressRepository.start()

            coroutineScope = CoroutineScope(Dispatchers.IO)
            get<TunLooper>(TunLooper::class.java).apply {
                listenJob(vpnInterface, coroutineScope)
            }
        } else {
            Timber.e("Cannot get VPN interface")
        }
    }

    private fun initVPN(): ParcelFileDescriptor? {
        val builder = Builder()
        builder.setSession(SESSION_NAME)
        // IPV4:
        builder
            .addAddress(Config.ADDRESS_IPV4, 24)
            .addDnsServer(Config.VIRTUALDNS_IPV4)
            .addRoute(Config.VIRTUALDNS_IPV4, 32)

        // IPV6
        builder
            .addAddress(Config.ADDRESS_IPV6, 48)
            .addDnsServer(Config.VIRTUALDNS_IPV6)
            .addRoute(Config.VIRTUALDNS_IPV6, 128)

        DNS_SERVER_TO_CATCH_IPV4.forEach {
            builder.addRoute(it, 32)
        }
        DNS_SERVER_TO_CATCH_IPV6.forEach {
            builder.addRoute(it, 128)
        }

        // TODO: block private DNS.
        // TODO 20230821: seen in privateDNSFilter, bypass filter for google apps on Android 7/8

        builder.addDisallowedApplication(packageName)
        builder.setBlocking(true)
        builder.setMtu(Config.MTU)
        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q) {
            builder.setMetered(false) // take over defaults from underlying network
        }

        return builder.establish()
    }
}