Initial commit

TheDauntless · TheDauntless · commit 7d782c92a1fc · 2017-12-16T14:14:36.000+01:00
diff --git a/META-INF/com/google/android/update-binary b/META-INF/com/google/android/update-binary
@@ -0,0 +1,182 @@
+#!/sbin/sh
+##########################################################################################
+#
+# Magisk Module Template Install Script
+# by topjohnwu
+#
+##########################################################################################
+
+# Detect whether in boot mode
+ps | grep zygote | grep -v grep >/dev/null && BOOTMODE=true || BOOTMODE=false
+$BOOTMODE || ps -A 2>/dev/null | grep zygote | grep -v grep >/dev/null && BOOTMODE=true
+
+# This path should work in any cases
+TMPDIR=/dev/tmp
+MOUNTPATH=/magisk
+IMG=/data/magisk.img
+if $BOOTMODE; then
+  MOUNTPATH=/dev/magisk_merge
+  IMG=/data/magisk_merge.img
+fi
+INSTALLER=$TMPDIR/install
+MAGISKBIN=/data/magisk
+
+# Default permissions
+umask 022
+
+# Initial cleanup
+rm -rf $TMPDIR 2>/dev/null
+mkdir -p $INSTALLER
+
+##########################################################################################
+# Environment
+##########################################################################################
+
+OUTFD=$2
+ZIP=$3
+
+ui_print() {
+  if $BOOTMODE; then
+    echo "$1"
+  else
+    echo -n -e "ui_print $1\n" >> /proc/self/fd/$OUTFD
+    echo -n -e "ui_print\n" >> /proc/self/fd/$OUTFD
+  fi
+}
+
+require_new_magisk() {
+  ui_print "***********************************"
+  ui_print "! $MAGISKBIN isn't setup properly!"
+  ui_print "! Please install Magisk v14.0+!"
+  ui_print "***********************************"
+  exit 1
+}
+
+ui_print "- Mounting /system, /vendor, /data, /cache"
+mount -o ro /system 2>/dev/null
+mount -o ro /vendor 2>/dev/null
+mount /data 2>/dev/null
+mount /cache 2>/dev/null
+
+# Utility functions must exist
+[ -f $MAGISKBIN/util_functions.sh ] || require_new_magisk
+# Load utility fuctions
+. $MAGISKBIN/util_functions.sh
+get_outfd
+
+$BOOTMODE && ! is_mounted /magisk && abort "! Magisk is not activated!"
+[ ! -f /system/build.prop ] && abort "! /system could not be mounted!"
+
+# Detect version and architecture
+api_level_arch_detect
+
+# You can get the Android API version from $API, the CPU architecture from $ARCH
+# Useful if you are creating Android version / platform dependent mods
+
+# We need busybox/binaries to be setup
+$BOOTMODE && boot_actions || recovery_actions
+
+##########################################################################################
+# Preparation
+##########################################################################################
+
+# Extract common files
+unzip -o "$ZIP" module.prop config.sh 'common/*' -d $INSTALLER 2>/dev/null
+
+[ ! -f $INSTALLER/config.sh ] && abort "! Unable to extract zip file!"
+# Load configurations
+. $INSTALLER/config.sh
+
+# Check the min magisk version
+MIN_VER=`grep_prop template $INSTALLER/module.prop`
+[ ! -z $MAGISK_VER_CODE -a $MAGISK_VER_CODE -ge $MIN_VER ] || require_new_magisk
+MODID=`grep_prop id $INSTALLER/module.prop`
+MODPATH=$MOUNTPATH/$MODID
+
+# Print mod name
+print_modname
+
+# Please leave this message in your flashable zip for credits :)
+ui_print "******************************"
+ui_print "Powered by Magisk (@topjohnwu)"
+ui_print "******************************"
+
+##########################################################################################
+# Install
+##########################################################################################
+
+request_zip_size_check "$ZIP"
+
+if [ -f "$IMG" ]; then
+  ui_print "- Found $IMG"
+  image_size_check $IMG
+  if [ "$reqSizeM" -gt "$curFreeM" ]; then
+    newSizeM=$(((reqSizeM + curUsedM) / 32 * 32 + 64))
+    ui_print "- Resizing $IMG to ${newSizeM}M"
+    $MAGISKBIN/magisk --resizeimg $IMG $newSizeM
+  fi
+else
+  newSizeM=$((reqSizeM / 32 * 32 + 64));
+  ui_print "- Creating $IMG with size ${newSizeM}M"
+  $MAGISKBIN/magisk --createimg $IMG $newSizeM
+fi
+
+ui_print "- Mounting $IMG to $MOUNTPATH"
+MAGISKLOOP=`$MAGISKBIN/magisk --mountimg $IMG $MOUNTPATH`
+is_mounted $MOUNTPATH || abort "! $IMG mount failed..."
+
+# Create mod paths
+rm -rf $MODPATH 2>/dev/null
+mkdir -p $MODPATH
+
+ui_print "- Extracting module files"
+unzip -o "$ZIP" 'system/*' -d $MODPATH 2>/dev/null
+
+# Handle replace folders
+for TARGET in $REPLACE; do
+  mktouch $MODPATH$TARGET/.replace
+done
+
+# Auto Mount
+$AUTOMOUNT && touch $MODPATH/auto_mount
+
+# prop files
+$PROPFILE && cp -af $INSTALLER/common/system.prop $MODPATH/system.prop
+
+# Module info
+cp -af $INSTALLER/module.prop $MODPATH/module.prop
+if $BOOTMODE; then
+  # Update info for Magisk Manager
+  mktouch /magisk/$MODID/update
+  cp -af $INSTALLER/module.prop /magisk/$MODID/module.prop
+fi
+
+# post-fs-data mode scripts
+$POSTFSDATA && cp -af $INSTALLER/common/post-fs-data.sh $MODPATH/post-fs-data.sh
+
+# service mode scripts
+$LATESTARTSERVICE && cp -af $INSTALLER/common/service.sh $MODPATH/service.sh
+
+ui_print "- Setting permissions"
+set_permissions
+
+##########################################################################################
+# Finalizing
+##########################################################################################
+
+$MAGISKBIN/magisk --umountimg $MOUNTPATH $MAGISKLOOP
+rmdir $MOUNTPATH
+
+# Shrink the image if possible
+image_size_check $IMG
+newSizeM=$((curUsedM / 32 * 32 + 64))
+if [ $curSizeM -gt $newSizeM ]; then
+  ui_print "- Shrinking $IMG to ${newSizeM}M"
+  $MAGISKBIN/magisk --resizeimg $IMG $newSizeM
+fi
+
+$BOOTMODE || recovery_cleanup
+rm -rf $TMPDIR
+
+ui_print "- Done"
+exit 0
diff --git a/META-INF/com/google/android/updater-script b/META-INF/com/google/android/updater-script
@@ -0,0 +1 @@
+#MAGISK
diff --git a/README.md b/README.md
@@ -0,0 +1,15 @@
+# Magisk Trust User Certs
+This module makes all installed user certificates part of the system certificate store, so that they will automatically be used when building the trust chain. This module makes it unnecessary to add the network_security_config property to an application's manifest.
+
+### Installation
+1. Install [Magisk](https://forum.xda-developers.com/apps/magisk/official-magisk-v7-universal-systemless-t3473445)
+2. Zip files `zip -r AlwaysTrustUserCerts.zip ./*` or download zip from releases
+3. Install in Magisk
+4. Install client certificates through [normal flow](https://support.portswigger.net/customer/portal/articles/1841102-installing-burp-s-ca-certificate-in-an-android-device)
+5. Reboot
+
+### Changelog
+#### v0.1
+* Initial release
+
+Template used from [Magisk's module template](https://github.com/topjohnwu/magisk-module-template)
diff --git a/common/post-fs-data.sh b/common/post-fs-data.sh
@@ -0,0 +1,9 @@
+#!/system/bin/sh
+# Please don't hardcode /magisk/modname/... ; instead, please use $MODDIR/...
+# This will make your scripts compatible even if Magisk change its mount point in the future
+MODDIR=${0%/*}
+
+cp -f /data/misc/user/0/cacerts-added/* $MODDIR/system/etc/security/cacerts/
+
+# This script will be executed in post-fs-data mode
+# More info in the main Magisk thread
diff --git a/common/service.sh b/common/service.sh
@@ -0,0 +1,7 @@
+#!/system/bin/sh
+# Please don't hardcode /magisk/modname/... ; instead, please use $MODDIR/...
+# This will make your scripts compatible even if Magisk change its mount point in the future
+MODDIR=${0%/*}
+
+# This script will be executed in late_start service mode
+# More info in the main Magisk thread
diff --git a/common/system.prop b/common/system.prop
@@ -0,0 +1,3 @@
+# This file will be read by resetprop
+# Example: Change dpi
+# ro.sf.lcd_density=320
diff --git a/config.sh b/config.sh
@@ -0,0 +1,91 @@
+##########################################################################################
+#
+# Magisk Module Template Config Script
+# by topjohnwu
+#
+##########################################################################################
+##########################################################################################
+#
+# Instructions:
+#
+# 1. Place your files into system folder (delete the placeholder file)
+# 2. Fill in your module's info into module.prop
+# 3. Configure the settings in this file (common/config.sh)
+# 4. For advanced features, add shell commands into the script files under common:
+#    post-fs-data.sh, service.sh
+# 5. For changing props, add your additional/modified props into common/system.prop
+#
+##########################################################################################
+
+##########################################################################################
+# Configs
+##########################################################################################
+
+# Set to true if you need to enable Magic Mount
+# Most mods would like it to be enabled
+AUTOMOUNT=true
+
+# Set to true if you need to load system.prop
+PROPFILE=false
+
+# Set to true if you need post-fs-data script
+POSTFSDATA=true
+
+# Set to true if you need late_start service script
+LATESTARTSERVICE=false
+
+##########################################################################################
+# Installation Message
+##########################################################################################
+
+# Set what you want to show when installing your mod
+
+print_modname() {
+  ui_print "****************************************"
+  ui_print "Adding user certificates to system store  "
+  ui_print "****************************************"
+}
+
+##########################################################################################
+# Replace list
+##########################################################################################
+
+# List all directories you want to directly replace in the system
+# By default Magisk will merge your files with the original system
+# Directories listed here however, will be directly mounted to the correspond directory in the system
+
+# You don't need to remove the example below, these values will be overwritten by your own list
+# This is an example
+REPLACE="
+/system/app/Youtube
+/system/priv-app/SystemUI
+/system/priv-app/Settings
+/system/framework
+"
+
+# Construct your own list here, it will overwrite the example
+# !DO NOT! remove this if you don't need to replace anything, leave it empty as it is now
+REPLACE="
+"
+
+##########################################################################################
+# Permissions
+##########################################################################################
+
+set_permissions() {
+  # Only some special files require specific permissions
+  # The default permissions should be good enough for most cases
+
+  # Here are some examples for the set_perm functions:
+
+  # set_perm_recursive  <dirname>                <owner> <group> <dirpermission> <filepermission> <contexts> (default: u:object_r:system_file:s0)
+  # set_perm_recursive  $MODPATH/system/lib       0       0       0755            0644
+
+  # set_perm  <filename>                         <owner> <group> <permission> <contexts> (default: u:object_r:system_file:s0)
+  # set_perm  $MODPATH/system/bin/app_process32   0       2000    0755         u:object_r:zygote_exec:s0
+  # set_perm  $MODPATH/system/bin/dex2oat         0       2000    0755         u:object_r:dex2oat_exec:s0
+  # set_perm  $MODPATH/system/lib/libart.so       0       0       0644
+
+  # The following is default permissions, DO NOT remove
+  set_perm_recursive  $MODPATH  0  0  0755  0644
+}
diff --git a/module.prop b/module.prop
@@ -0,0 +1,7 @@
+id=trustusercerts
+name=Always Trust User Certificates
+version=v0.1
+versionCode=1
+author=Jeroen Beckers (NVISO.be)
+description=This module adds all installed user certificates to the system trust store.
+template=1400

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+# This file will be read by resetprop`
	`2`	`+# Example: Change dpi`
	`3`	`+# ro.sf.lcd_density=320`