From d1113285415532e75fbd7efe9287182ff88da581 Mon Sep 17 00:00:00 2001 From: Pk-web6936 <202365630+Pk-web6936@users.noreply.github.com> Date: Sat, 29 Mar 2025 06:14:21 +0330 Subject: [PATCH] Optimization (#4426) * Optimization Add security flags to CFLAGS and LDFLAGS. Use local variables instead of global variables. Clean up and simplify the script. * Optimizition Add security flags to CFLAGS and LDFLAGS. Simplify and organize the file. Makefile * Optimization Add security flags to CFLAGS and LDFLAGS. Use local variables instead of global variables. Clean up and simplify the script. * Optimization --- compile-tun2socks.sh | 39 ++++++----- tun2socks.mk | 159 +++++++++++++++++++++---------------------- 2 files changed, 99 insertions(+), 99 deletions(-) diff --git a/compile-tun2socks.sh b/compile-tun2socks.sh index c0db6218..dd9ea44f 100644 --- a/compile-tun2socks.sh +++ b/compile-tun2socks.sh @@ -1,32 +1,37 @@ #!/bin/bash + set -o errexit set -o pipefail set -o nounset + # Set magic variables for current file & dir __dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" __file="${__dir}/$(basename "${BASH_SOURCE[0]}")" -__base="$(basename ${__file} .sh)" +__base="$(basename "${__file}" .sh)" + if [[ ! -d $NDK_HOME ]]; then - echo "Android NDK: NDK_HOME not found. please set env \$NDK_HOME" - exit 1 + echo "Android NDK: NDK_HOME not found. please set env \$NDK_HOME" + exit 1 fi + TMPDIR=$(mktemp -d) clear_tmp () { - rm -rf $TMPDIR + rm -rf "$TMPDIR" } trap 'echo -e "Aborted, error $? in command: $BASH_COMMAND"; trap ERR; clear_tmp; exit 1' ERR INT -install -m644 $__dir/tun2socks.mk $TMPDIR/ -pushd $TMPDIR -ln -s $__dir/badvpn badvpn -ln -s $__dir/libancillary libancillary + +install -m644 "$__dir/tun2socks.mk" "$TMPDIR/" +pushd "$TMPDIR" +ln -s "$__dir/badvpn" badvpn +ln -s "$__dir/libancillary" libancillary $NDK_HOME/ndk-build \ - NDK_PROJECT_PATH=. \ - APP_BUILD_SCRIPT=./tun2socks.mk \ - APP_ABI=all \ - APP_PLATFORM=android-21 \ - NDK_LIBS_OUT=$TMPDIR/libs \ - NDK_OUT=$TMPDIR/tmp \ - APP_SHORT_COMMANDS=false LOCAL_SHORT_COMMANDS=false -B -j4 -cp -r $TMPDIR/libs $__dir/ + NDK_PROJECT_PATH=. \ + APP_BUILD_SCRIPT=./tun2socks.mk \ + APP_ABI=all \ + APP_PLATFORM=android-21 \ + NDK_LIBS_OUT="$TMPDIR/libs" \ + NDK_OUT="$TMPDIR/tmp" \ + APP_SHORT_COMMANDS=false LOCAL_SHORT_COMMANDS=false -B -j4 +cp -r "$TMPDIR/libs" "$__dir/" popd -rm -rf $TMPDIR +rm -rf "$TMPDIR" diff --git a/tun2socks.mk b/tun2socks.mk index 1fab134e..264d675e 100644 --- a/tun2socks.mk +++ b/tun2socks.mk @@ -15,16 +15,17 @@ # LOCAL_PATH := $(call my-dir) ROOT_PATH := $(LOCAL_PATH) + ######################################################## ## libancillary ######################################################## include $(CLEAR_VARS) ANCILLARY_SOURCE := fd_recv.c fd_send.c LOCAL_MODULE := libancillary -#LOCAL_CFLAGS += -I$(LOCAL_PATH)/libancillary LOCAL_C_INCLUDES := $(LOCAL_PATH)/libancillary LOCAL_SRC_FILES := $(addprefix libancillary/, $(ANCILLARY_SOURCE)) include $(BUILD_STATIC_LIBRARY) + ######################################################## ## tun2socks ######################################################## @@ -34,91 +35,85 @@ LOCAL_CFLAGS += -DBADVPN_THREADWORK_USE_PTHREAD -DBADVPN_LINUX -DBADVPN_BREACTOR LOCAL_CFLAGS += -DBADVPN_USE_SIGNALFD -DBADVPN_USE_EPOLL LOCAL_CFLAGS += -DBADVPN_LITTLE_ENDIAN -DBADVPN_THREAD_SAFE LOCAL_CFLAGS += -DNDEBUG -DANDROID -LOCAL_CFLAGS += -I +LOCAL_CFLAGS += -fstack-protector-strong -D_FORTIFY_SOURCE=2 +LOCAL_LDFLAGS := -Wl,-z,relro,-z,now LOCAL_STATIC_LIBRARIES := libancillary LOCAL_C_INCLUDES := \ - $(LOCAL_PATH)/badvpn/lwip/src/include/ipv4 \ - $(LOCAL_PATH)/badvpn/lwip/src/include/ipv6 \ - $(LOCAL_PATH)/badvpn/lwip/src/include \ - $(LOCAL_PATH)/badvpn/lwip/custom \ - $(LOCAL_PATH)/badvpn \ - $(LOCAL_PATH)/libancillary + $(LOCAL_PATH)/badvpn/lwip/src/include/ipv4 \ + $(LOCAL_PATH)/badvpn/lwip/src/include/ipv6 \ + $(LOCAL_PATH)/badvpn/lwip/src/include \ + $(LOCAL_PATH)/badvpn/lwip/custom \ + $(LOCAL_PATH)/badvpn \ + $(LOCAL_PATH)/libancillary + TUN2SOCKS_SOURCES := \ - base/BLog_syslog.c \ - system/BReactor_badvpn.c \ - system/BSignal.c \ - system/BConnection_common.c \ - system/BConnection_unix.c \ - system/BTime.c \ - system/BUnixSignal.c \ - system/BNetwork.c \ - system/BDatagram_common.c \ - system/BDatagram_unix.c \ - flow/StreamRecvInterface.c \ - flow/PacketRecvInterface.c \ - flow/PacketPassInterface.c \ - flow/StreamPassInterface.c \ - flow/SinglePacketBuffer.c \ - flow/BufferWriter.c \ - flow/PacketBuffer.c \ - flow/PacketStreamSender.c \ - flow/PacketPassConnector.c \ - flow/PacketProtoFlow.c \ - flow/PacketPassFairQueue.c \ - flow/PacketProtoEncoder.c \ - flow/PacketProtoDecoder.c \ - socksclient/BSocksClient.c \ - tuntap/BTap.c \ - lwip/src/core/udp.c \ - lwip/src/core/memp.c \ - lwip/src/core/init.c \ - lwip/src/core/pbuf.c \ - lwip/src/core/tcp.c \ - lwip/src/core/tcp_out.c \ - lwip/src/core/netif.c \ - lwip/src/core/def.c \ - lwip/src/core/ip.c \ - lwip/src/core/mem.c \ - lwip/src/core/tcp_in.c \ - lwip/src/core/stats.c \ - lwip/src/core/inet_chksum.c \ - lwip/src/core/timeouts.c \ - lwip/src/core/ipv4/icmp.c \ - lwip/src/core/ipv4/igmp.c \ - lwip/src/core/ipv4/ip4_addr.c \ - lwip/src/core/ipv4/ip4_frag.c \ - lwip/src/core/ipv4/ip4.c \ - lwip/src/core/ipv4/autoip.c \ - lwip/src/core/ipv6/ethip6.c \ - lwip/src/core/ipv6/inet6.c \ - lwip/src/core/ipv6/ip6_addr.c \ - lwip/src/core/ipv6/mld6.c \ - lwip/src/core/ipv6/dhcp6.c \ - lwip/src/core/ipv6/icmp6.c \ - lwip/src/core/ipv6/ip6.c \ - lwip/src/core/ipv6/ip6_frag.c \ - lwip/src/core/ipv6/nd6.c \ - lwip/custom/sys.c \ - tun2socks/tun2socks.c \ - base/DebugObject.c \ - base/BLog.c \ - base/BPending.c \ - flowextra/PacketPassInactivityMonitor.c \ - tun2socks/SocksUdpGwClient.c \ - udpgw_client/UdpGwClient.c \ - socks_udp_client/SocksUdpClient.c + base/BLog_syslog.c \ + system/BReactor_badvpn.c \ + system/BSignal.c \ + system/BConnection_common.c \ + system/BConnection_unix.c \ + system/BTime.c \ + system/BUnixSignal.c \ + system/BNetwork.c \ + system/BDatagram_common.c \ + system/BDatagram_unix.c \ + flow/StreamRecvInterface.c \ + flow/PacketRecvInterface.c \ + flow/PacketPassInterface.c \ + flow/StreamPassInterface.c \ + flow/SinglePacketBuffer.c \ + flow/BufferWriter.c \ + flow/PacketBuffer.c \ + flow/PacketStreamSender.c \ + flow/PacketPassConnector.c \ + flow/PacketProtoFlow.c \ + flow/PacketPassFairQueue.c \ + flow/PacketProtoEncoder.c \ + flow/PacketProtoDecoder.c \ + socksclient/BSocksClient.c \ + tuntap/BTap.c \ + lwip/src/core/udp.c \ + lwip/src/core/memp.c \ + lwip/src/core/init.c \ + lwip/src/core/pbuf.c \ + lwip/src/core/tcp.c \ + lwip/src/core/tcp_out.c \ + lwip/src/core/netif.c \ + lwip/src/core/def.c \ + lwip/src/core/ip.c \ + lwip/src/core/mem.c \ + lwip/src/core/tcp_in.c \ + lwip/src/core/stats.c \ + lwip/src/core/inet_chksum.c \ + lwip/src/core/timeouts.c \ + lwip/src/core/ipv4/icmp.c \ + lwip/src/core/ipv4/igmp.c \ + lwip/src/core/ipv4/ip4_addr.c \ + lwip/src/core/ipv4/ip4_frag.c \ + lwip/src/core/ipv4/ip4.c \ + lwip/src/core/ipv4/autoip.c \ + lwip/src/core/ipv6/ethip6.c \ + lwip/src/core/ipv6/inet6.c \ + lwip/src/core/ipv6/ip6_addr.c \ + lwip/src/core/ipv6/mld6.c \ + lwip/src/core/ipv6/dhcp6.c \ + lwip/src/core/ipv6/icmp6.c \ + lwip/src/core/ipv6/ip6.c \ + lwip/src/core/ipv6/ip6_frag.c \ + lwip/src/core/ipv6/nd6.c \ + lwip/custom/sys.c \ + tun2socks/tun2socks.c \ + base/DebugObject.c \ + base/BLog.c \ + base/BPending.c \ + flowextra/PacketPassInactivityMonitor.c \ + tun2socks/SocksUdpGwClient.c \ + udpgw_client/UdpGwClient.c \ + socks_udp_client/SocksUdpClient.c + LOCAL_MODULE := tun2socks LOCAL_LDLIBS := -ldl -llog -LOCAL_LDFLAGS=-Wl,--build-id=none +LOCAL_LDFLAGS := -Wl,--build-id=none LOCAL_SRC_FILES := $(addprefix badvpn/, $(TUN2SOCKS_SOURCES)) -LOCAL_BUILD_SCRIPT := BUILD_EXECUTABLE -LOCAL_MAKEFILE := $(local-makefile) -$(call check-defined-LOCAL_MODULE,$(LOCAL_BUILD_SCRIPT)) -$(call check-LOCAL_MODULE,$(LOCAL_MAKEFILE)) -$(call check-LOCAL_MODULE_FILENAME) -# we are building target objects -my := TARGET_ -$(call handle-module-filename,lib,$(TARGET_SONAME_EXTENSION)) -$(call handle-module-built) -LOCAL_MODULE_CLASS := EXECUTABLE +include $(BUILD_EXECUTABLE) include $(BUILD_SYSTEM)/build-module.mk