Potential pull request for gomobile support #810
Comments
|
Thanks for reaching out. A) yes. B) Seems fine to me. C) Not really. D) Please put the renamed garble binary into a temporary directory. F) Search the commits for plugin support, that also required exported symbols to be left alone (plugin support has since been removed). E) We would need an automated test (Github actions if possible) to build and run a gomobile app, which computes some value from the go code, which is then verified. (If you get stuck on this send the PR anyway we can help) Are you sure all exported symbols need to stay intact or only main/root package symbols? If all symbols need to stay intact, you'll also need to disable import path obfuscation. If you need any assistance join us on slack, we're happy to help. (read CONTRIBUTING.md) |
|
Awesome. The temp dir is a good idea, I will do that. I'll start looking into E after I get F done. I am not sure if all exported symbols need to stay intact. I believe only the symbols from the main/root package. |
|
I have "gomobile bind" working for android for generating mobile libraries. Still untested on iOS, but I will do that soon. Building an actual android app with "gomobile build" will not work with this implementation. Immediately after the binary is built, gomobile tries to read the symbols from the binary, but since they have already been stripped, that fails. Offending code: Personally, I only need the bind command for generating libraries. And I feel that libraries are a much more common use case than building a full blown mobile app with go. I would guess that's pretty uncommon. Since I have accomplished my use case, I can't justify going any farther on "gomobile build" as it would require a different implementation. So the question is, are you still interested in a pull request that only supports "gomobile bind"? The latest code: |
|
Well, I guess the same PATH redirection technique could be used for the tool gomobile is calling here: And then pipe gomobile the package names it expects. That would at least get past that obstacle. |
|
I think Happy to review your PR. |
Getting the list of packages works on regex, maybe it's possible to add the list to the end of the binary ( just as text at the end) and then delete it? If the build system allows it, of course |
|
@pagran That's a clever idea. I think I'm just going to stick with "gomobile bind" though and not worry about "gomobile build". |
|
@digitalhurricane-io any updates? From what I can tell your implementation for gomobile bind is complete, no? @Mrs4s maybe you can help test this for iOS? |
|
I found a couple issues. The -debugdir flag no longer works. I have to decide how to fix that. Also I was sometimes getting an error when trying to run an obfuscated binary relating to a package not being found. Clearing the build cache and recompiling seemed to fix it. So it still needs some work. I've got some more urgent tasks to work on at the moment. I am still planning on circling back around to this in maybe a month. |
|
Thanks for the update! |
I haven't utilized Go Mobile for adapting to mobile platforms, so my experience in that area might not be particularly relevant. However, my approach involves compiling Go into a C library and then employing linking with iOS or using JNI with Android to facilitate support for mobile platforms I am currently in the process of testing the compatibility of this method with Garble. Should there be any further developments, I will make sure to update this issue with the new information. |
|
I got the -debugdir flag working again by saving the flags in an env var and reloading them when garble is called by gomobile as 'go'. However I was hoping there might be something obvious to you guys about how this implementation could affect Update: pkg.BuildID is different during obfuscation and reversing. The question is why. Reversing with a seed works as expected. Update 2: adding the proper GOOS and GOARCH allows for reversing the standard library, but not my code: |
I'm not reporting an issue so I hope it's ok if I skip the questions.
I'm interested in submitting a pull request that adds support for gomobile.
The commit message explains how it works:
0f03de8
However, it is not fully finished as it requires that no exported symbols are garbled. gobind generates bindings for exported symbols, so if those symbols are renamed, the bindings would not work. So the solution would be to not garble any exported symbols if the command is "garble mobile".
My questions are these:
A.) Are you open to a pull request like this?
B.) Do you think this is a good implementation?
C.) Do you see any pitfalls with this implementation?
D.) Are there any changes you would recommend?
E.) Are there any tests you would recommend writing?
F.) What would be the best way to add support for not garbling exported symbols if the command being run is "garble mobile"?
The text was updated successfully, but these errors were encountered: