make is_apk_and_debuggable() default to using androguard before aapt

fdroidserver/build.py

@@ -817,7 +817,7 @@ def build_local(app, build, vcs, build_dir, output_dir, log_dir, srclib_dir, ext
         src = os.path.normpath(apks[0])
 
     # Make sure it's not debuggable...
-    if common.isApkAndDebuggable(src):
+    if common.is_apk_and_debuggable(src):
         raise BuildException("APK is debuggable")
 
     # By way of a sanity check, make sure the version and version

fdroidserver/common.py

@@ -1927,7 +1927,25 @@ def get_file_extension(filename):
     return os.path.splitext(filename)[1].lower()[1:]
 
 
-def get_apk_debuggable_aapt(apkfile):
+def use_androguard():
+    """Report if androguard is available, and config its debug logging"""
+
+    try:
+        import androguard
+        if use_androguard.show_path:
+            logging.debug(_('Using androguard from "{path}"').format(path=androguard.__file__))
+            use_androguard.show_path = False
+        if options and options.verbose:
+            logging.getLogger("androguard.axml").setLevel(logging.INFO)
+        return True
+    except ImportError:
+        return False
+
+
+use_androguard.show_path = True
+
+
+def is_apk_and_debuggable_aapt(apkfile):
     p = SdkToolsPopen(['aapt', 'dump', 'xmltree', apkfile, 'AndroidManifest.xml'],
                       output=False)
     if p.returncode != 0:
@@ -1938,7 +1956,7 @@ def get_apk_debuggable_aapt(apkfile):
     return False
 
 
-def get_apk_debuggable_androguard(apkfile):
+def is_apk_and_debuggable_androguard(apkfile):
     try:
         from androguard.core.bytecodes.apk import APK
     except ImportError:
@@ -1952,7 +1970,7 @@ def get_apk_debuggable_androguard(apkfile):
     return False
 
 
-def isApkAndDebuggable(apkfile):
+def is_apk_and_debuggable(apkfile):
     """Returns True if the given file is an APK and is debuggable
 
     :param apkfile: full path to the apk to check"""
@@ -1960,10 +1978,10 @@ def isApkAndDebuggable(apkfile):
     if get_file_extension(apkfile) != 'apk':
         return False
 
-    if SdkToolsPopen(['aapt', 'version'], output=False):
-        return get_apk_debuggable_aapt(apkfile)
+    if use_androguard():
+        return is_apk_and_debuggable_androguard(apkfile)
     else:
-        return get_apk_debuggable_androguard(apkfile)
+        return is_apk_and_debuggable_aapt(apkfile)
 
 
 def get_apk_id_aapt(apkfile):

fdroidserver/update.py

@@ -1324,7 +1324,7 @@ def process_apk(apkcache, apkfilename, repodir, knownapks, use_date_from_apk=Fal
             return True, None, False
 
         # Check for debuggable apks...
-        if common.isApkAndDebuggable(apkfile):
+        if common.is_apk_and_debuggable(apkfile):
             logging.warning('{0} is set to android:debuggable="true"'.format(apkfile))
 
         if options.rename_apks:

tests/common.TestCase

@@ -140,7 +140,7 @@ class CommonTest(unittest.TestCase):
         testfiles.append(os.path.join(self.basedir, 'urzip-badsig.apk'))
         testfiles.append(os.path.join(self.basedir, 'urzip-badcert.apk'))
         for apkfile in testfiles:
-            debuggable = fdroidserver.common.isApkAndDebuggable(apkfile)
+            debuggable = fdroidserver.common.is_apk_and_debuggable(apkfile)
             self.assertTrue(debuggable,
                             "debuggable APK state was not properly parsed!")
         # these are set NOT debuggable
@@ -148,7 +148,7 @@ class CommonTest(unittest.TestCase):
         testfiles.append(os.path.join(self.basedir, 'urzip-release.apk'))
         testfiles.append(os.path.join(self.basedir, 'urzip-release-unsigned.apk'))
         for apkfile in testfiles:
-            debuggable = fdroidserver.common.isApkAndDebuggable(apkfile)
+            debuggable = fdroidserver.common.is_apk_and_debuggable(apkfile)
             self.assertFalse(debuggable,
                              "debuggable APK state was not properly parsed!")