Hamza/Siro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix: SSL pinning, root detection, network resilience, and compile errors

Browse Source 
SSL pinning (all 4 apps): IOClient import, subdomain-safe domain matching
Root detection (all 4 apps): modern Magisk/KernelSU/APatch paths
Security checks (rider/driver/admin): PlatformException -> false
Rider crud: 60s timeout, 3 retries, exponential backoff, JWT pre-validation
Driver crud: exponential backoff for TimeoutException
RxInt compile (rider/driver): 10.obs -> RxInt(10)
Admin device_info: add missing imports, fix RxInt, add package_info_plus
This commit is contained in:
Hamza-Ayed
2026-06-17 16:41:02 +03:00
parent 264e005a7b
commit c2c4ed22e3
20 changed files with 216 additions and 403 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
siro_driver/android/app/src/main/cpp/native-lib.cpp
View File

@@ -20,7 +20,7 @@
#define LOGD(...) __android_log_print(ANDROID_LOG_DEBUG, LOG_TAG, __VA_ARGS__)
#define LOGE(...) __android_log_print(ANDROID_LOG_ERROR, LOG_TAG, __VA_ARGS__)
// Function to check for common root binaries
// Function to check for common root binaries (including Magisk, KernelSU, APatch)
bool isRooted()
{
std::string paths[] = {
@@ -29,7 +29,13 @@ bool isRooted()
"/system/bin/su",
"/system/bin/magisk",
"/system/xbin/magisk",
"/sbin/magisk"};
"/sbin/magisk",
"/data/adb/magisk/magiskinit",
"/data/adb/magisk/magisk",
"/data/adb/magisk.db",
"/data/adb/ksu",
"/data/adb/apatch",
"/data/adb/ap/single"};
for (const auto &path : paths)
{

8
siro_driver/lib/controller/functions/crud.dart
View File

@@ -132,21 +132,19 @@ class CRUD {
try {
attempts++;
response = await doPost();
break; // نجح الاتصال — نخرج
break;
} on SocketException catch (_) {
Log.print('⚠️ SocketException attempt $attempts$link');
if (attempts >= 3) {
_netGuard.notifyOnce((title, msg) => mySnackeBarError(msg));
return 'no_internet';
}
// انتظار قبل إعادة المحاولة — مهم للشبكات المتقطعة
await Future.delayed(const Duration(seconds: 1));
await Future.delayed(Duration(seconds: attempts));
} on TimeoutException catch (_) {
Log.print('⚠️ TimeoutException attempt $attempts$link');
if (attempts >= 3) return 'failure';
// لا انتظار — نعيد فوراً
await Future.delayed(Duration(milliseconds: 500 * attempts));
} catch (e) {
// errno = 9 (Bad file descriptor) — إعادة المحاولة
if (e.toString().contains('errno = 9') && attempts < 3) {
await Future.delayed(const Duration(milliseconds: 500));
continue;

2
siro_driver/lib/controller/functions/package_info.dart
View File

@@ -301,7 +301,7 @@ class SecurityHelper {
// }
static void _showSecurityWarning() {
// Use an RxInt to track the remaining seconds. This is the KEY!
RxInt secondsRemaining = 10.obs;
final secondsRemaining = RxInt(10);
Get.dialog(
CupertinoAlertDialog(

5
siro_driver/lib/controller/functions/security_checks.dart
View File

@@ -16,7 +16,10 @@ class SecurityChecks {
return result;
} on PlatformException catch (e) {
print("Failed to check security status: ${e.message}");
return true; // Treat platform errors as a compromised device (for safety)
return false; // Platform not supported → treat as secure
} catch (e) {
print("Security check error: $e");
return false;
}
}

5
siro_driver/lib/controller/functions/ssl_pinning.dart
View File

@@ -2,6 +2,7 @@ import 'dart:convert';
import 'dart:io';
import 'package:crypto/crypto.dart';
import 'package:http/http.dart' as http;
import 'package:http/io_client.dart' as http_io;
class SslPinning {
SslPinning._();
@@ -29,13 +30,13 @@ class SslPinning {
(X509Certificate cert, String host, int port) {
final derHash = base64.encode(sha256.convert(cert.der).bytes);
for (final entry in _pins.entries) {
if (host.endsWith(entry.key)) {
if (host == entry.key || host.endsWith('.${entry.key}')) {
if (entry.value.contains(derHash)) return true;
}
}
if (_globalPins.contains(derHash)) return true;
return false;
};
return http.IOClient(httpClient);
return http_io.IOClient(httpClient);
}
}