|
|
|
= Snowflake Proxy for Android =
|
|
|
|
# Snowflake Proxy for Android
|
|
|
|
The Snowflake proxy is one of the circumvention tools used by the Tor Project, and the wiki is about implementing the proxy component of the Snowflake proxy on the Android.
|
|
|
|
|
|
|
|
[[Image(https://trac.torproject.org/projects/tor/raw-attachment/wiki/doc/SnowflakeProxyAndroid/Overall%20connection.png)]]
|
|
|
|
|
|
|
|
|
|
|
|
Shown above is the general working of the Snowflake bridge. Here, in this project, the Android device is the Snowflake proxy. Implementation of Websocket and WebRTC library is the need for this project.\\
|
|
|
|
Implementation of the project divided into two parts:\\
|
| ... | ... | @@ -14,48 +14,48 @@ Implementation of the project divided into two parts:\\ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
[[Image(https://trac.torproject.org/projects/tor/raw-attachment/wiki/doc/SnowflakeProxyAndroid/Snowflake.png)]]
|
|
|
|
|
|
|
|
|
|
|
|
**Part A: Snowflake Peers Connection:** Establishing a WebRTC connection involves multiple steps
|
|
|
|
|
|
|
|
**Getting Client SDP Offer:** Proxy sends POST requests to the server as a long-poll, we will run this task as a service. Everything
|
|
|
|
should happen in the background, including connection establishment, relaying the data; \\ hence a background service is used. The broker endpoint for the offer is at "/proxy" read more about Broker's endpoint specifications [https://gitweb.torproject.org/pluggable-transports/snowflake.git/tree/doc/broker-spec.txt here].
|
|
|
|
should happen in the background, including connection establishment, relaying the data; \\ hence a background service is used. The broker endpoint for the offer is at "/proxy" read more about Broker's endpoint specifications [here](https://gitweb.torproject.org/pluggable-transports/snowflake.git/tree/doc/broker-spec.txt).
|
|
|
|
|
|
|
|
Since it's long-poll, we can set a custom time-out for the connection
|
|
|
|
in OkHttpClient.
|
|
|
|
|
|
|
|
{{{
|
|
|
|
```
|
|
|
|
final OkHttpClient okHttp = new OkHttpClient.Builder()
|
|
|
|
.readTimeout(60, TimeUnit.SECONDS)
|
|
|
|
.connectTimeout(60, TimeUnit.SECONDS)
|
|
|
|
.build();
|
|
|
|
}}}
|
|
|
|
```
|
|
|
|
|
|
|
|
In the future, If we want to connect multiple snowflake clients, we can launch threads for every client. \\The bottom image illustrates the process of service and threads to serve multiple clients. We can launch and handle threads with AsyncTask, or we can use RxJava(RxAndroid).
|
|
|
|
|
|
|
|
|
|
|
|
[[Image(https://trac.torproject.org/projects/tor/raw-attachment/wiki/doc/SnowflakeProxyAndroid/Service_threads.png)]]
|
|
|
|
|
|
|
|
|
|
|
|
**Sending Answer**: After setting the offer using setLocalDescription, **createAnswer** on peer connection is used to create the answer with SDP containing ICE candidates. We send the SDP answer to the Broker at "/answer". We also set the local peer connection's remote description as this answer.
|
|
|
|
|
|
|
|
**Part B: Relaying Traffic to Tor**:
|
|
|
|
Now that WebRTC connection is established, this data should be sent to the relay using a WebSocket. For Snowflake Proxy Web, the following address is used.\\
|
|
|
|
The latest Endpoint used can be found in the configuration of web-extension [https://gitweb.torproject.org/pluggable-transports/snowflake-webext.git/tree/config.js here].
|
|
|
|
The latest Endpoint used can be found in the configuration of web-extension [here](https://gitweb.torproject.org/pluggable-transports/snowflake-webext.git/tree/config.js).
|
|
|
|
|
|
|
|
{{{
|
|
|
|
```
|
|
|
|
Config.prototype.relayAddr = {
|
|
|
|
host: 'snowflake.freehaven.net',
|
|
|
|
port: '443'
|
|
|
|
};
|
|
|
|
}}}
|
|
|
|
```
|
|
|
|
|
|
|
|
The same address can be used for Android. Snowflake supports both TLS and non-TLS WebSocket, i.e WSS and WS; by default, the server uses WSS (TLS WebSocket). We can build
|
|
|
|
the URL accordingly, just like it is done in the web version in [https://gitweb.torproject.org/pluggable-transports/snowflake-webext.git/tree/websocket.js buildUrl] function. There are many libraries to work with, WebSockets. Libraries like Scarlet, OkHttp, etc. Scarlet is designed to handle WebSockets. (Will be updated further after the decision of selection library is taken).
|
|
|
|
the URL accordingly, just like it is done in the web version in [buildUrl](https://gitweb.torproject.org/pluggable-transports/snowflake-webext.git/tree/websocket.js) function. There are many libraries to work with, WebSockets. Libraries like Scarlet, OkHttp, etc. Scarlet is designed to handle WebSockets. (Will be updated further after the decision of selection library is taken).
|
|
|
|
|
|
|
|
== Tasks ==
|
|
|
|
## Tasks
|
|
|
|
[[TicketQuery(keywords~=snowflake-mobile,format=table,order=priority,desc=false,col=id|summary|component|status|owner|priority|severity|time|changetime|reviewer|reporter,max=10)]]
|
|
|
|
|
|
|
|
== Roadmap ==
|
|
|
|
## Roadmap
|
|
|
|
[X] Setting up the project. \\
|
|
|
|
[X] Setting up the libraries. \\
|
|
|
|
[X] Designing a workable UI. \\
|
| ... | ... | |
