tailscale: Add tailssh server

Author: nekohasekai

.gitignore

@@ -1,5 +1,6 @@
 *.iml
 .gradle
+.kotlin/
 /local.properties
 /.idea/
 .DS_Store

app/src/main/aidl/io/nekohasekai/sfa/bg/IRootService.aidl

@@ -2,6 +2,7 @@ package io.nekohasekai.sfa.bg;
 
 import android.os.ParcelFileDescriptor;
 import io.nekohasekai.sfa.bg.INeighborTableCallback;
+import io.nekohasekai.sfa.bg.IRootShellSession;
 import io.nekohasekai.sfa.bg.ParceledListSlice;
 
 interface IRootService {
@@ -16,4 +17,8 @@ interface IRootService {
     void registerNeighborTableCallback(in INeighborTableCallback callback) = 4;
 
     oneway void unregisterNeighborTableCallback(in INeighborTableCallback callback) = 5;
+
+    IRootShellSession openShellSession(String user, String command, in String[] env, String term, int rows, int cols) = 6;
+
+    String lookupSFTPServer() = 7;
 }

app/src/main/aidl/io/nekohasekai/sfa/bg/IRootShellSession.aidl

@@ -0,0 +1,11 @@
+package io.nekohasekai.sfa.bg;
+
+import android.os.ParcelFileDescriptor;
+
+interface IRootShellSession {
+    ParcelFileDescriptor getMasterFD();
+    void resize(int rows, int cols);
+    void signal(int sig);
+    int waitFor();
+    void close();
+}

app/src/main/java/io/nekohasekai/sfa/bg/IntArrayIterator.kt

@@ -0,0 +1,13 @@
+package io.nekohasekai.sfa.bg
+
+import io.nekohasekai.libbox.Int32Iterator
+
+class IntArrayIterator(private val array: IntArray) : Int32Iterator {
+    private var index = 0
+
+    override fun len(): Int = array.size
+
+    override fun hasNext(): Boolean = index < array.size
+
+    override fun next(): Int = array[index++]
+}

app/src/main/java/io/nekohasekai/sfa/bg/PlatformInterfaceWrapper.kt

@@ -3,6 +3,7 @@ package io.nekohasekai.sfa.bg
 import android.annotation.SuppressLint
 import android.net.NetworkCapabilities
 import android.os.Build
+import android.os.ParcelFileDescriptor
 import android.os.Process
 import android.system.OsConstants
 import android.util.Log
@@ -15,12 +16,17 @@ import io.nekohasekai.libbox.NeighborEntryIterator
 import io.nekohasekai.libbox.NeighborUpdateListener
 import io.nekohasekai.libbox.NetworkInterfaceIterator
 import io.nekohasekai.libbox.PlatformInterface
+import io.nekohasekai.libbox.PlatformUser
+import io.nekohasekai.libbox.ShellSession
 import io.nekohasekai.libbox.StringIterator
 import io.nekohasekai.libbox.TunOptions
 import io.nekohasekai.libbox.WIFIState
 import io.nekohasekai.sfa.Application
+import io.nekohasekai.sfa.ktx.toList
+import io.nekohasekai.sfa.ktx.toStringIterator
 import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.runBlocking
+import java.io.File
 import java.net.Inet6Address
 import java.net.InetSocketAddress
 import java.net.InterfaceAddress
@@ -205,6 +211,99 @@ interface PlatformInterfaceWrapper : PlatformInterface {
         }
     }
 
+    override fun usePlatformShell(): Boolean = true
+
+    override fun checkPlatformShell() {
+        val available = RootClient.rootAvailable.value ?: runBlocking(Dispatchers.IO) {
+            RootClient.checkRootAvailable()
+        }
+        if (!available) {
+            error("missing root permission")
+        }
+    }
+
+    override fun openShellSession(
+        user: PlatformUser?,
+        command: String?,
+        environ: StringIterator?,
+        term: String?,
+        rows: Int,
+        cols: Int,
+    ): ShellSession {
+        user!!
+        val envList = environ?.toList().orEmpty()
+        if (user.uid == Process.myUid()) {
+            val resolved = ResolvedUser(user.username, user.uid, user.gid, user.homeDir)
+            val shell = UserResolver.findShell(resolved)
+            val shellEnv = buildBasicEnvironment(envList.toTypedArray(), shell, resolved.homeDir, term)
+            val args = if (command.isNullOrEmpty()) {
+                arrayOf("-" + File(shell).name)
+            } else {
+                arrayOf(File(shell).name, "-c", command)
+            }
+            val argsIter = args.asIterable().toStringIterator()
+            val envIter = shellEnv.asIterable().toStringIterator()
+            return if (term.isNullOrEmpty()) {
+                Libbox.openNativePipeSession(
+                    shell,
+                    resolved.homeDir,
+                    argsIter,
+                    envIter,
+                    -1,
+                    -1,
+                    null,
+                )
+            } else {
+                Libbox.openNativeShellSession(
+                    shell,
+                    resolved.homeDir,
+                    argsIter,
+                    envIter,
+                    term,
+                    rows,
+                    cols,
+                    -1,
+                    -1,
+                    null,
+                )
+            }
+        }
+        val rootSession = runBlocking(Dispatchers.IO) {
+            RootClient.openShellSession(
+                user.username,
+                command,
+                envList.toTypedArray(),
+                term,
+                rows,
+                cols,
+            )
+        }
+        return RootShellSessionWrapper(rootSession)
+    }
+
+    override fun readSystemSSHHostKey(): io.nekohasekai.libbox.StringBox {
+        error("not supported")
+    }
+
+    override fun lookupSFTPServer(): io.nekohasekai.libbox.StringBox {
+        val path = runBlocking(Dispatchers.IO) {
+            RootClient.lookupSFTPServer()
+        }
+        val result = io.nekohasekai.libbox.StringBox()
+        result.value = path
+        return result
+    }
+
+    override fun lookupUser(username: String?): io.nekohasekai.libbox.PlatformUser {
+        val resolved = UserResolver.resolve(Application.packageManager, username!!)
+        val platformUser = io.nekohasekai.libbox.PlatformUser()
+        platformUser.username = resolved.packageName
+        platformUser.uid = resolved.uid
+        platformUser.gid = resolved.gid
+        platformUser.homeDir = resolved.homeDir
+        return platformUser
+    }
+
     override fun registerMyInterface(name: String?) {
     }
 
@@ -216,6 +315,29 @@ interface PlatformInterfaceWrapper : PlatformInterface {
         }
     }
 
+    private class RootShellSessionWrapper(
+        private val rootSession: IRootShellSession,
+    ) : ShellSession {
+        private val masterPfd: ParcelFileDescriptor = rootSession.masterFD
+
+        override fun masterFD(): Int = masterPfd.fd
+
+        override fun resize(rows: Int, cols: Int) {
+            rootSession.resize(rows, cols)
+        }
+
+        override fun signal(signal: Int) {
+            rootSession.signal(signal)
+        }
+
+        override fun waitExit(): Int = rootSession.waitFor()
+
+        override fun close() {
+            masterPfd.close()
+            rootSession.close()
+        }
+    }
+
     private class NeighborEntryArray(private val iterator: Iterator<LibboxNeighborEntry>) : NeighborEntryIterator {
         override fun hasNext(): Boolean = iterator.hasNext()
 

app/src/main/java/io/nekohasekai/sfa/bg/RootClient.kt

@@ -144,6 +144,31 @@ object RootClient {
         }
     }
 
+    suspend fun lookupSFTPServer(): String {
+        val svc = bindService()
+        try {
+            return svc.lookupSFTPServer()
+        } catch (e: RemoteException) {
+            throw e.rethrowAsRuntime()
+        }
+    }
+
+    suspend fun openShellSession(
+        user: String,
+        command: String?,
+        env: Array<String>,
+        term: String?,
+        rows: Int,
+        cols: Int,
+    ): IRootShellSession {
+        val svc = bindService()
+        try {
+            return svc.openShellSession(user, command, env, term, rows, cols)
+        } catch (e: RemoteException) {
+            throw e.rethrowAsRuntime()
+        }
+    }
+
     suspend fun unregisterNeighborTableCallback(callback: INeighborTableCallback) {
         try {
             service?.unregisterNeighborTableCallback(callback)