|
|
|
= Snowflake Proxy for Android =
|
|
|
|
The Snowflake proxy is one of the circumvention tools used by the Tor Project, and the wiki is about implementing the proxy component of the Snowflake proxy on the Android.
|
|
|
|
|
|
|
|
[[Image(https://trac.torproject.org/projects/tor/raw-attachment/wiki/doc/SnowflakeProxyAndroid/Overall%20connection.png)]]
|
|
|
|
|
|
|
|
Shown above is the general working of the Snowflake bridge. Here, in this project, the Android device is the Snowflake proxy. Implementation of Websocket and WebRTC library is the need for this project.\\
|
|
|
|
Implementation of the project divided into two parts:\\
|
|
|
|
|
|
|
|
|
|
|
|
**Part A: Snowflake Peers Connection** - Involves the process of WEBRTC connection establishment between Snowflake peers, i.e., the Snowflake proxy and client, using the Broker as a Signaling server.\\
|
|
|
|
|
|
|
|
|
|
|
|
**Part B: Relaying Traffic to Tor** - After connection establishment is finished, the data relayed to a Tor relay. This is done through a Web Socket.\\
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[[Image(https://trac.torproject.org/projects/tor/raw-attachment/wiki/doc/SnowflakeProxyAndroid/Snowflake.png)]]
|
|
|
|
|
|
|
|
**Part A: Snowflake Peers Connection:** Establishing a WebRTC connection involves multiple steps
|
|
|
|
|
|
|
|
**Getting Client SDP Offer:** Proxy sends POST requests to the server as a long-poll, we will run this task as a service. Everything
|
|
|
|
should happen in the background, including connection establishment, relaying the data; \\ hence a background service is used. The broker endpoint for the offer is at "/proxy" read more about Broker's endpoint specifications [https://gitweb.torproject.org/pluggable-transports/snowflake.git/tree/doc/broker-spec.txt here].
|
|
|
|
|
|
|
|
Since it's long-poll, we can set a custom time-out for the connection
|
|
|
|
in OkHttpClient.
|
|
|
|
|
|
|
|
{{{
|
|
|
|
final OkHttpClient okHttp = new OkHttpClient.Builder()
|
|
|
|
.readTimeout(60, TimeUnit.SECONDS)
|
|
|
|
.connectTimeout(60, TimeUnit.SECONDS)
|
|
|
|
.build();
|
|
|
|
}}}
|
|
|
|
|
|
|
|
In the future, If we want to connect multiple snowflake clients, we can launch threads for every client. \\The bottom image illustrates the process of service and threads to serve multiple clients. We can launch and handle threads with AsyncTask, or we can use RxJava(RxAndroid).
|
|
|
|
|
|
|
|
|
|
|
|
[[Image(https://trac.torproject.org/projects/tor/raw-attachment/wiki/doc/SnowflakeProxyAndroid/Service_threads.png)]]
|
|
|
|
|
|
|
|
**Sending Answer**: After setting the offer using setLocalDescription, **createAnswer** on peer connection is used to create the answer with SDP containing ICE candidates. We send the SDP answer to the Broker at "/answer". We also set the local peer connection's remote description as this answer.
|
|
|
|
|
|
|
|
**Part B: Relaying Traffic to Tor**:
|
|
|
|
Now that WebRTC connection is established, this data should be sent to the relay using a WebSocket. For Snowflake Proxy Web, the following address is used.\\
|
|
|
|
The latest Endpoint used can be found in the configuration of web-extension [https://gitweb.torproject.org/pluggable-transports/snowflake-webext.git/tree/config.js here].
|
|
|
|
|
|
|
|
{{{
|
|
|
|
Config.prototype.relayAddr = {
|
|
|
|
host: 'snowflake.freehaven.net',
|
|
|
|
port: '443'
|
|
|
|
};
|
|
|
|
}}}
|
|
|
|
|
|
|
|
The same address can be used for Android. Snowflake supports both TLS and non-TLS WebSocket, i.e WSS and WS; by default, the server uses WSS (TLS WebSocket). We can build
|
|
|
|
the URL accordingly, just like it is done in the web version in [https://gitweb.torproject.org/pluggable-transports/snowflake-webext.git/tree/websocket.js buildUrl] function. There are many libraries to work with, WebSockets. Libraries like Scarlet, OkHttp, etc. Scarlet is designed to handle WebSockets. (Will be updated further after the decision of selection library is taken).
|
|
|
|
|
|
|
|
== Tasks ==
|
|
|
|
[[TicketQuery(keywords~=snowflake-mobile,format=table,order=priority,desc=false,col=id|summary|component|status|owner|priority|severity|time|changetime|reviewer|reporter,max=10)]]
|
|
|
|
|
|
|
|
== Roadmap ==
|
|
|
|
[X] Setting up the project. \\
|
|
|
|
[X] Setting up the libraries. \\
|
|
|
|
[X] Designing a workable UI. \\
|
|
|
|
[X] Setting up the Service to handle persistent notification. \\
|
|
|
|
[X] Setting up the Service to establish a connection. \\
|
|
|
|
[X] HTTP Call to the broker in a long polling fashion to get the offer. \\
|
|
|
|
[X] SDP De-serialization. \\
|
|
|
|
[X] SDP Serialization. \\
|
|
|
|
[X] HTTP Call to send the answer to the broker. \\
|
|
|
|
[X] Establish the WebRTC connection. \\
|
|
|
|
[ ] Handling connection termination. \\
|
|
|
|
[ ] Setting the Tor relay endpoints. \\
|
|
|
|
[ ] Building the URL. \\
|
|
|
|
[ ] Setting up WebSockets. \\
|
|
|
|
[ ] Setting up WebSocketListener. \\
|
|
|
|
[ ] Establishing the connection to Tor relay. \\
|
|
|
|
[ ] Testing the connection to the relay. \\
|
|
|
|
[ ] Relaying the data back and forth to and from WebSocket and WebRTC. \\
|
|
|
|
[ ] Changing from workable design to final design. \\
|
|
|
|
[ ] Designing MainActivity (main user screen). \\
|
|
|
|
[ ] Designing On-Boarding Activity (Instruction screen). \\
|
|
|
|
[ ] Designing Notification UI. \\
|
|
|
|
[ ] Testing the new UI. \\ |
|
|
\ No newline at end of file |
