On Tue, Jun 2, 2015 at 5:05 AM, Jonathan Bennett <[email protected]> wrote:
> I strongly want to implement the juicessh plugin stuff. It will take > time, but it'll get there. > Looking forward to it. > One last note: the web site that was used for ip address lookup was > painfully slow. The new app doesn't do the lookup until a knock is > sent that uses "resolve ip", but I was often waiting 60 seconds or > longer for that lookup to finish. After looking a bit, I decided to > use http://whatismyip.akamai.com. It is *much* quicker to respond. I > might add an option to select which site to use in the future. It > seems that there should be a better way to get the public IP, but I > have yet to work out what that would be. Depending on a 3rd party web > site seems less than ideal, but again, I have no alternative yet. > > On my PC I use DNS query to resolve my external IP using opendns servers # dig myip.opendns.com @resolver1.opendns.com +short # or over tcp # dig myip.opendns.com @resolver1.opendns.com +short +tcp --Rabin > On Sat, May 30, 2015 at 8:23 PM, Michael Rash <[email protected]> > wrote: > > > > > > On Fri, May 29, 2015 at 10:50 PM, Jonathan Bennett < > [email protected]> > > wrote: > >> > >> > >> > >> On Fri, May 29, 2015 at 9:15 PM Michael Rash <[email protected]> > >> wrote: > >>> > >>> On Fri, May 29, 2015 at 4:03 PM, Jonathan Bennett < > [email protected]> > >>> wrote: > >>>> > >>>> I am making decent progress on the android implementation of fwknop. I > >>>> have rewritten the user interface nearly from scratch. I do have a > couple > >>>> questions, though. > >>> > >>> > >>> Excellent. > >>> > >>>> > >>>> First, the existing android app is on the marketplace under the > company > >>>> Maximum Idea. It would seem more appropriate for the app to be > distributed > >>>> by Cipherdyne. I am certain there is some history there, but we should > >>>> consider pulling the old apps and publishing under the Cipherdyne > name. > >>> > >>> > >>> Agreed - sounds like you are suggesting an official marketplace account > >>> where fwknop apps are distributed, and your rewrite could serve as the > basis > >>> for the client app. This assumes you are ok with distributing your app > via > >>> the Cipherdyne account with you as the author, etc. > >> > >> > >> Exactly this. Once I'm mostly satisfied with what I've got, I'll put the > >> source on github and get some code review & comments. Once we're > satisfied, > >> we should publish it officially to the play store. > > > > > > Ok, that sounds like a plan. Although I don't have an Android phone, I > have > > done a couple of modifications to the Android app using the Android > emulator > > on Linux. So, I should be able to help test. > >>>> > >>>> Also, in regards to capturing qr codes. There is an open source > project, > >>>> https://github.com/zxing/zxing. This is Apache 2 licensed. I can > call their > >>>> play store app. If it is not installed, the user is sent to the play > store > >>>> to install it. This is not a terrible solution, but it seems that we > could > >>>> include their library with our source and capture the qr code without > >>>> calling an external app. I prefer making this work for not only the > ease of > >>>> use, but it also seems it would be more secure to stay within the > fwknop > >>>> process. Thoughts? > >>> > >>> > >>> Hmm, not sure about this one. There is precedent in fwknop currently > for > >>> calling external programs from both fwknop and fwknopd, but it is done > via > >>> execvpe() when available with no environment, and calling external > programs > >>> generally allows fwknop to minimize library dependencies. fwknop > executes > >>> wget in -R mode in order to resolve the external IP via SSL/TLS when > wget > >>> offers this feature, and means that fwknop does not itself have to link > >>> against an SSL library. fwknopd executes firewall control binaries > directly > >>> (iptables, ipfw, etc.) instead of linking against libraries the > firewall > >>> projects may provide, and also even libpcap is an optional library > >>> dependency and can be eliminated at compile time if one is willing to > run in > >>> --udp-server mode. > >> > >> > >> My thoughts are that an Open Source Java library can be inspected and > >> generally trusted, but a precompiled app on the market cannot be > audited. > >> Probably not a huge issue. > > > > > > Yes, agreed. If this can be done within the realm of Java for the Android > > app without requiring the fwknop C code to link against a new library, > then > > I'm all for it. And, from looking at zxing, this would probably be the > most > > likely path anyway. You'll likely still want to have your app extend > libfko > > for SPA packet creation just as the current Android app does, but the > zxing > > stuff would be independent of this. > > > >>> > >>> > >>> But, the above is for the C implementation of fwknop, fwknopd, and > >>> libfko. On Android, would the zxing integration be done with their > java code > >>> into your fwknop client java code? I see they seem to have a C++ > component, > >>> but I'm assuming you're referring to the Java stuff, correct? > >> > >> I've not dug into the option there all the way, but I believe they have > >> made the central java lib available for inclusion into other projects. > >> > >>> > >>> If so, then integrating their java code into your client code would be > a > >>> nice win for ease of use for sure. Or are you thinking of integrating > the > >>> C++ code into libfko, and having a Java extension of this code like the > >>> current Android app? > >> > >> I am planning to stay in the realm of java for the moment. I think it > >> makes sense to leave libfko alone. > > > > > > Ok, cool. > > > >> > >> > >> For now, I'm leaving it an external program with the intention to go > back > >> and try to integrate it once other things are working. > >>> > >>> > >>>> > >>>> With any luck, I might have a working prototype done this weekend. > >>> > >>> > >>> Very cool. > >> > >> It's looking like I'll have all the ui stuff working soon. I haven't > >> looked closely at the call to libfko yet. Hoping that's not too complex. > >> I'll keep you all posted. > > > > > > Sounds great. > > > > --Mike > > > > > >> > >> > >> ~Jonathan Bennett > >>> > >>> > >>> Thanks, > >>> > >>> --Mike > >>> > >>>> > >>>> ~Jonathan Bennett > >>>> > >>>> > >>> > >>> > ------------------------------------------------------------------------------ > >>> _______________________________________________ > >>> Fwknop-discuss mailing list > >>> [email protected] > >>> https://lists.sourceforge.net/lists/listinfo/fwknop-discuss > > > > > > > > > > -- > > Michael Rash | Founder > > http://www.cipherdyne.org/ > > Key fingerprint = 53EA 13EA 472E 3771 894F AC69 95D8 5D6B A742 839F > > > > > ------------------------------------------------------------------------------ > > > > _______________________________________________ > > Fwknop-discuss mailing list > > [email protected] > > https://lists.sourceforge.net/lists/listinfo/fwknop-discuss > > > > > ------------------------------------------------------------------------------ > _______________________________________________ > Fwknop-discuss mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/fwknop-discuss >
------------------------------------------------------------------------------
_______________________________________________ Fwknop-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
