From 52b3436ff6013244982709ac3400bcb60a45f31a Mon Sep 17 00:00:00 2001 From: Hans-Christoph Steiner Date: Thu, 22 Feb 2018 15:08:53 +0100 Subject: [PATCH] make is_apk_and_debuggable() default to using androguard before aapt --- fdroidserver/build.py | 2 +- fdroidserver/common.py | 30 ++++++++++++++++++++++++------ fdroidserver/update.py | 2 +- tests/common.TestCase | 4 ++-- 4 files changed, 28 insertions(+), 10 deletions(-) diff --git a/fdroidserver/build.py b/fdroidserver/build.py index 41fb2251..58e4ccf4 100644 --- a/fdroidserver/build.py +++ b/fdroidserver/build.py @@ -817,7 +817,7 @@ def build_local(app, build, vcs, build_dir, output_dir, log_dir, srclib_dir, ext src = os.path.normpath(apks[0]) # Make sure it's not debuggable... - if common.isApkAndDebuggable(src): + if common.is_apk_and_debuggable(src): raise BuildException("APK is debuggable") # By way of a sanity check, make sure the version and version diff --git a/fdroidserver/common.py b/fdroidserver/common.py index 87a9d279..9c20443a 100644 --- a/fdroidserver/common.py +++ b/fdroidserver/common.py @@ -1927,7 +1927,25 @@ def get_file_extension(filename): return os.path.splitext(filename)[1].lower()[1:] -def get_apk_debuggable_aapt(apkfile): +def use_androguard(): + """Report if androguard is available, and config its debug logging""" + + try: + import androguard + if use_androguard.show_path: + logging.debug(_('Using androguard from "{path}"').format(path=androguard.__file__)) + use_androguard.show_path = False + if options and options.verbose: + logging.getLogger("androguard.axml").setLevel(logging.INFO) + return True + except ImportError: + return False + + +use_androguard.show_path = True + + +def is_apk_and_debuggable_aapt(apkfile): p = SdkToolsPopen(['aapt', 'dump', 'xmltree', apkfile, 'AndroidManifest.xml'], output=False) if p.returncode != 0: @@ -1938,7 +1956,7 @@ def get_apk_debuggable_aapt(apkfile): return False -def get_apk_debuggable_androguard(apkfile): +def is_apk_and_debuggable_androguard(apkfile): try: from androguard.core.bytecodes.apk import APK except ImportError: @@ -1952,7 +1970,7 @@ def get_apk_debuggable_androguard(apkfile): return False -def isApkAndDebuggable(apkfile): +def is_apk_and_debuggable(apkfile): """Returns True if the given file is an APK and is debuggable :param apkfile: full path to the apk to check""" @@ -1960,10 +1978,10 @@ def isApkAndDebuggable(apkfile): if get_file_extension(apkfile) != 'apk': return False - if SdkToolsPopen(['aapt', 'version'], output=False): - return get_apk_debuggable_aapt(apkfile) + if use_androguard(): + return is_apk_and_debuggable_androguard(apkfile) else: - return get_apk_debuggable_androguard(apkfile) + return is_apk_and_debuggable_aapt(apkfile) def get_apk_id_aapt(apkfile): diff --git a/fdroidserver/update.py b/fdroidserver/update.py index 7d6f4541..5b39e751 100644 --- a/fdroidserver/update.py +++ b/fdroidserver/update.py @@ -1324,7 +1324,7 @@ def process_apk(apkcache, apkfilename, repodir, knownapks, use_date_from_apk=Fal return True, None, False # Check for debuggable apks... - if common.isApkAndDebuggable(apkfile): + if common.is_apk_and_debuggable(apkfile): logging.warning('{0} is set to android:debuggable="true"'.format(apkfile)) if options.rename_apks: diff --git a/tests/common.TestCase b/tests/common.TestCase index 330d37a7..1d5678dd 100755 --- a/tests/common.TestCase +++ b/tests/common.TestCase @@ -140,7 +140,7 @@ class CommonTest(unittest.TestCase): testfiles.append(os.path.join(self.basedir, 'urzip-badsig.apk')) testfiles.append(os.path.join(self.basedir, 'urzip-badcert.apk')) for apkfile in testfiles: - debuggable = fdroidserver.common.isApkAndDebuggable(apkfile) + debuggable = fdroidserver.common.is_apk_and_debuggable(apkfile) self.assertTrue(debuggable, "debuggable APK state was not properly parsed!") # these are set NOT debuggable @@ -148,7 +148,7 @@ class CommonTest(unittest.TestCase): testfiles.append(os.path.join(self.basedir, 'urzip-release.apk')) testfiles.append(os.path.join(self.basedir, 'urzip-release-unsigned.apk')) for apkfile in testfiles: - debuggable = fdroidserver.common.isApkAndDebuggable(apkfile) + debuggable = fdroidserver.common.is_apk_and_debuggable(apkfile) self.assertFalse(debuggable, "debuggable APK state was not properly parsed!") -- 2.30.2