From 38fe5f6b3cdbf1854525cebde308f5394f48a7fb Mon Sep 17 00:00:00 2001
From: Torsten Grote <t@grobox.de>
Date: Fri, 12 Jul 2024 15:18:39 -0300
Subject: [PATCH] [app] don't change installer if APK permissions don't match

---
 .../org/fdroid/fdroid/installer/ApkVerifier.java     | 10 +++++-----
 .../java/org/fdroid/fdroid/installer/Installer.java  | 12 ++----------
 2 files changed, 7 insertions(+), 15 deletions(-)

diff --git a/app/src/main/java/org/fdroid/fdroid/installer/ApkVerifier.java b/app/src/main/java/org/fdroid/fdroid/installer/ApkVerifier.java
index eb2a5fb33..8a3955ebb 100644
--- a/app/src/main/java/org/fdroid/fdroid/installer/ApkVerifier.java
+++ b/app/src/main/java/org/fdroid/fdroid/installer/ApkVerifier.java
@@ -82,11 +82,6 @@ class ApkVerifier {
             throw new ApkVerificationException("Apk file has no valid versionCode!");
         }
 
-        // verify permissions, important for unattended installer
-        if (!requestedPermissionsEqual(expectedApk.requestedPermissions, localApkInfo.requestedPermissions)) {
-            throw new ApkPermissionUnequalException("Permissions in APK and index do not match!");
-        }
-
         int localTargetSdkVersion = localApkInfo.applicationInfo.targetSdkVersion;
         int expectedTargetSdkVersion = expectedApk.targetSdkVersion;
         Utils.debugLog(TAG, "localTargetSdkVersion: " + localTargetSdkVersion);
@@ -99,6 +94,11 @@ class ApkVerifier {
                     String.format("TargetSdkVersion of apk file (%d) is not the expected targetSdkVersion (%d)!",
                             localTargetSdkVersion, expectedTargetSdkVersion));
         }
+
+        // verify permissions last, used to be important for unattended installer that had no permission prompts
+        if (!requestedPermissionsEqual(expectedApk.requestedPermissions, localApkInfo.requestedPermissions)) {
+            throw new ApkPermissionUnequalException("Permissions in APK and index do not match!");
+        }
     }
 
     /**
diff --git a/app/src/main/java/org/fdroid/fdroid/installer/Installer.java b/app/src/main/java/org/fdroid/fdroid/installer/Installer.java
index 8e0996e90..0d4ac9291 100644
--- a/app/src/main/java/org/fdroid/fdroid/installer/Installer.java
+++ b/app/src/main/java/org/fdroid/fdroid/installer/Installer.java
@@ -320,16 +320,8 @@ public abstract class Installer {
             sendBroadcastInstall(canonicalUri, Installer.ACTION_INSTALL_INTERRUPTED, e.getMessage());
             return;
         } catch (ApkVerifier.ApkPermissionUnequalException e) {
-            // if permissions of apk are not the ones listed in the repo
-            // and an unattended installer is used, a wrong permission screen
-            // has been shown, thus fallback to AOSP DefaultInstaller!
-            if (isUnattended()) {
-                Log.e(TAG, e.getMessage(), e);
-                Log.e(TAG, "Falling back to AOSP DefaultInstaller!");
-                DefaultInstaller defaultInstaller = new DefaultInstaller(context, app, apk);
-                defaultInstaller.installPackageInternal(sanitizedUri, canonicalUri);
-                return;
-            }
+            // permissions of APK are not the ones listed in the repo index
+            // TODO we could prompt the user if a non-runtime permission we consider dangerous has been added
         }
 
         installPackageInternal(sanitizedUri, canonicalUri);