wiki:doc/SnowflakeProxyAndroid

Snowflake Proxy for Android

The Snowflake proxy is one of the circumvention tools used by the Tor Project, and the wiki is about implementing the proxy component of the Snowflake proxy on the Android.

https://trac.torproject.org/projects/tor/raw-attachment/wiki/doc/SnowflakeProxyAndroid/Overall%20connection.png

Shown above is the general working of the Snowflake bridge. Here, in this project, the Android device is the Snowflake proxy. Implementation of Websocket and WebRTC library is the need for this project.
Implementation of the project divided into two parts:

Part A: Snowflake Peers Connection ​- Involves the process of WEBRTC connection establishment between Snowflake peers, i.e., the Snowflake proxy and client, using ​the Broker​ as a ​Signaling server​.

Part B: Relaying Traffic to Tor - After connection establishment is finished, the data relayed to a Tor relay. This is done through a Web Socket.

https://trac.torproject.org/projects/tor/raw-attachment/wiki/doc/SnowflakeProxyAndroid/Snowflake.png

Part A: Snowflake Peers Connection: ​Establishing a WebRTC connection involves multiple steps

Getting Client SDP Offer: ​Proxy sends POST requests to the server as a long-poll, we will run this task as a ​service​. Everything should happen in the background, including connection establishment, relaying the data;
hence a background service is used. The broker endpoint for the offer is at "/proxy" read more about Broker's endpoint specifications here.

Since it's long-poll, we can set a custom time-out for the connection in OkHttpClient.

final ​OkHttpClient​ okHttp = ​new​ OkHttpClient.Builder()
.readTimeout(​60​, ​TimeUnit​.​SECONDS​)
.connectTimeout(​60​, ​TimeUnit​.​SECONDS​)
.build();

In the future, If we want to connect multiple snowflake clients, we can launch threads for every client.
The bottom image illustrates the process of service and threads to serve multiple clients. We can launch and handle threads with AsyncTask, or we can use RxJava(RxAndroid).

https://trac.torproject.org/projects/tor/raw-attachment/wiki/doc/SnowflakeProxyAndroid/Service_threads.png

Sending Answer: After setting the offer using setLocalDescription, createAnswer on peer connection is used to create the answer with SDP containing ICE candidates. We send the SDP answer to the Broker at "/answer". We also set the local peer connection's remote description as this answer.

Part B: Relaying Traffic to Tor: Now that WebRTC connection is established, this data should be sent to the relay using a WebSocket​. For Snowflake Proxy Web, the following address is used.
The latest Endpoint used can be found in the configuration of web-extension here.

Config​.​prototype​.relayAddr = {
host: 'snowflake.freehaven.net',
port: '443'
};

The same address can be used for Android. Snowflake supports both TLS and non-TLS WebSocket, i.e WSS and WS; by default, the server uses WSS (TLS WebSocket). We can build the URL accordingly, just like it is done in the web version in ​buildUrl​ function​. There are many libraries to work with, WebSockets. Libraries like ​Scarlet​, ​OkHttp, etc. Scarlet is designed to handle WebSockets. (Will be updated further after the decision of selection library is taken).

Tasks

Results (1 - 10 of 24)

1 2 3
Ticket Summary Component Status Owner Priority Severity Created Modified Reviewer Reporter
#34263 Library selection for using WebRTC for the project. Circumvention/Snowflake closed Medium Normal 5 months ago 5 months ago HashikD
#34264 Discussion on using a library for HTTP requests. Circumvention/Snowflake closed Medium Normal 5 months ago 5 months ago HashikD
#34265 Library selection for WebSocket communication with Tor relay. Circumvention/Snowflake new Medium Normal 5 months ago 5 months ago HashikD
#34266 Creating and setting up the libraries and the project. Circumvention/Snowflake closed Medium Normal 5 months ago 5 months ago HashikD
#34267 Compiling the WebRTC Google library. Circumvention/Snowflake closed Medium Normal 5 months ago 5 months ago cohosh HashikD
#34268 Creating a service to do the work in the background and implementing a wakelock. Circumvention/Snowflake closed Medium Normal 5 months ago 5 months ago HashikD
#34269 Library for testing memory leaks (only in debug mode). Circumvention/Snowflake closed Medium Normal 5 months ago 5 months ago HashikD
#34270 Sending POST request in longpolling fashion to the broker. Circumvention/Snowflake new Medium Normal 5 months ago 5 months ago HashikD
#34271 Formatting the SDP in the broker response to make it suitable for SDP object creation. Circumvention/Snowflake new Medium Normal 5 months ago 5 months ago HashikD
#34272 Creating answer Circumvention/Snowflake new Medium Normal 5 months ago 5 months ago HashikD
1 2 3

Roadmap

[X] Setting up the project.
[X] Setting up the libraries.
[X] Designing a workable UI.
[X] Setting up the Service to handle persistent notification.
[X] Setting up the Service to establish a connection.
[X] HTTP Call to the broker in a long polling fashion to get the offer.
[X] SDP De-serialization.
[X] SDP Serialization.
[X] HTTP Call to send the answer to the broker.
[X] Establish the WebRTC connection.
[ ] Handling connection termination.
[ ] Setting the Tor relay endpoints.
[ ] Building the URL.
[ ] Setting up WebSockets.
[ ] Setting up WebSocketListener.
[ ] Establishing the connection to Tor relay.
[ ] Testing the connection to the relay.
[ ] Relaying the data back and forth to and from WebSocket and WebRTC.
[ ] Changing from workable design to final design.
[ ] Designing MainActivity (main user screen).
[ ] Designing On-Boarding Activity (Instruction screen).
[ ] Designing Notification UI.
[ ] Testing the new UI.

Last modified 5 months ago Last modified on Jun 9, 2020, 4:36:44 PM

Attachments (3)

Download all attachments as: .zip