When stopping the service, only stopForeground was called, but not
stopSelf. If the process was destroyed (e.g. by swiping the app
from the recent apps), in some cases it would be restarted due to
START_STICKY, causing ForegroundServiceStartNotAllowedException in
Android 12.
Fixes#175
The pcapdroid_mitm.py plugin allows PCAPdroid to receive the decrypted data from
mitmproxy and display it into the GUI (currently limited to the HTTP request)
When a client stopped the PCAP download, the isCloseConnection did not
detect the close. As a result, the PCAP dump would still be enqueued to
the ChunkedInputStream, causing the memory allocation to raise and never
be free.
Since NanoHTTPD does not seem to provide a way to detect connection close
and since it is not actively maintained, the HTTP server has been
replaced with an ad-hoc implementation which provides the minimal
features PCAPdroid needs to export the PCAP over HTTP.
When a DNS reply is received, remove_connection frees the
connection data. However, a reference to the conn->tuple
was kept in the pkt_context_t, causing a use-after-free
PCAP dump is now performed into a separate thread. This greatly reduces
the chance for packet loss in root mode as well as preventing latency
spikes in VPN mode.
Packets were truncated on some devices employing offloading, in which
case the packet size was bigger than the MTU. A snaplen of 65535 fixes
this problem.
See #182
This reverts commit f715c06be1.
Further testing comparing the dumps produced by simultaneuosly running
PCAPdroid in non-immediate mode with tcpdump in immediate mode has
shown that packets reordering can also occur in immediate mode, so
it does not depend on TPACKET v3.
It seems like TPACKET V3 causes packet reordering issues, where a packet
A sent before a packet B by the same host is actually seen after B in
the capture. This causes inexistent out-of-order and missing TCP segments
issues in Wireshark.
This has been verified by comparing the PCAP dump generated by PCAPdroid
in HTTP server mode with the traffic dump on the LAN, thus excluding
reordering occuring over the Internet.
