-
-
Notifications
You must be signed in to change notification settings - Fork 443
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Add
Override certificate pinning
patch (#2781)
Co-authored-by: oSumAtrIX <[email protected]>
- Loading branch information
Showing
1 changed file
with
79 additions
and
0 deletions.
There are no files selected for viewing
79 changes: 79 additions & 0 deletions
79
...ain/kotlin/app/revanced/patches/all/misc/network/patch/OverrideCertificatePinningPatch.kt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,79 @@ | ||
package app.revanced.patches.all.misc.network.patch | ||
|
||
import app.revanced.patcher.annotation.Description | ||
import app.revanced.patcher.annotation.Name | ||
import app.revanced.patcher.annotation.Version | ||
import app.revanced.patcher.data.ResourceContext | ||
import app.revanced.patcher.patch.* | ||
import app.revanced.patcher.patch.annotations.DependsOn | ||
import app.revanced.patcher.patch.annotations.Patch | ||
import app.revanced.patches.all.misc.debugging.patch.EnableAndroidDebuggingPatch | ||
import org.w3c.dom.Element | ||
import java.io.File | ||
|
||
@Patch(false) | ||
@Name("Override certificate pinning") | ||
@Description("Overrides certificate pinning, allowing to inspect traffic via a proxy.") | ||
@DependsOn([EnableAndroidDebuggingPatch::class]) | ||
class OverrideCertificatePinningPatch : ResourcePatch { | ||
|
||
override fun execute(context: ResourceContext): PatchResult { | ||
val resXmlDirectory = context["res/xml"] | ||
|
||
// Add android:networkSecurityConfig="@xml/network_security_config" and the "networkSecurityConfig" attribute if it does not exist. | ||
context.xmlEditor["AndroidManifest.xml"].use { editor -> | ||
val document = editor.file | ||
val applicationNode = document.getElementsByTagName("application").item(0) as Element | ||
|
||
if (!applicationNode.hasAttribute("networkSecurityConfig")) { | ||
document.createAttribute("android:networkSecurityConfig") | ||
.apply { value = "@xml/network_security_config" }.let(applicationNode.attributes::setNamedItem) | ||
} | ||
} | ||
|
||
// In case the file does not exist create the "network_security_config.xml" file. | ||
File(resXmlDirectory, "network_security_config.xml").apply { | ||
if (!exists()) { | ||
createNewFile() | ||
writeText( | ||
""" | ||
<?xml version="1.0" encoding="utf-8"?> | ||
<network-security-config> | ||
<base-config cleartextTrafficPermitted="true"> | ||
<trust-anchors> | ||
<certificates src="system" /> | ||
<certificates | ||
src="user" | ||
overridePins="true" /> | ||
</trust-anchors> | ||
</base-config> | ||
<debug-overrides> | ||
<trust-anchors> | ||
<certificates src="system" /> | ||
<certificates | ||
src="user" | ||
overridePins="true" /> | ||
</trust-anchors> | ||
</debug-overrides> | ||
</network-security-config> | ||
""" | ||
) | ||
} else { | ||
// If the file already exists. | ||
readText().let { text -> | ||
if (!text.contains("<certificates src=\"user\" />")) { | ||
writeText( | ||
text.replace( | ||
"<trust-anchors>", | ||
"<trust-anchors>\n<certificates src=\"user\" overridePins=\"true\" />\n<certificates src=\"system\" />" | ||
) | ||
) | ||
} | ||
} | ||
|
||
} | ||
} | ||
|
||
return PatchResultSuccess() | ||
} | ||
} |