On Tue, Jun 2, 2015 at 5:20 AM, Rabin Yasharzadehe <[email protected]> wrote:
> > On Tue, Jun 2, 2015 at 5:05 AM, Jonathan Bennett <[email protected]> > wrote: > >> I strongly want to implement the juicessh plugin stuff. It will take >> time, but it'll get there. >> > > Looking forward to it. > > >> One last note: the web site that was used for ip address lookup was >> painfully slow. The new app doesn't do the lookup until a knock is >> sent that uses "resolve ip", but I was often waiting 60 seconds or >> longer for that lookup to finish. After looking a bit, I decided to >> use http://whatismyip.akamai.com. It is *much* quicker to respond. I >> might add an option to select which site to use in the future. It >> seems that there should be a better way to get the public IP, but I >> have yet to work out what that would be. Depending on a 3rd party web >> site seems less than ideal, but again, I have no alternative yet. >> >> > On my PC I use DNS query to resolve my external IP using opendns servers > > # dig myip.opendns.com @resolver1.opendns.com +short > # or over tcp > # dig myip.opendns.com @resolver1.opendns.com +short +tcp > This might be good to add to the fwknop client since OpenDNS will have far faster responses than the cipherdyne.org server ever could, although some users prefer to resolve via SSL. Still, it would be good to have this as an option. Thanks, --Mike > > > --Rabin > > > >> On Sat, May 30, 2015 at 8:23 PM, Michael Rash <[email protected]> >> wrote: >> > >> > >> > On Fri, May 29, 2015 at 10:50 PM, Jonathan Bennett < >> [email protected]> >> > wrote: >> >> >> >> >> >> >> >> On Fri, May 29, 2015 at 9:15 PM Michael Rash <[email protected]> >> >> wrote: >> >>> >> >>> On Fri, May 29, 2015 at 4:03 PM, Jonathan Bennett < >> [email protected]> >> >>> wrote: >> >>>> >> >>>> I am making decent progress on the android implementation of fwknop. >> I >> >>>> have rewritten the user interface nearly from scratch. I do have a >> couple >> >>>> questions, though. >> >>> >> >>> >> >>> Excellent. >> >>> >> >>>> >> >>>> First, the existing android app is on the marketplace under the >> company >> >>>> Maximum Idea. It would seem more appropriate for the app to be >> distributed >> >>>> by Cipherdyne. I am certain there is some history there, but we >> should >> >>>> consider pulling the old apps and publishing under the Cipherdyne >> name. >> >>> >> >>> >> >>> Agreed - sounds like you are suggesting an official marketplace >> account >> >>> where fwknop apps are distributed, and your rewrite could serve as >> the basis >> >>> for the client app. This assumes you are ok with distributing your >> app via >> >>> the Cipherdyne account with you as the author, etc. >> >> >> >> >> >> Exactly this. Once I'm mostly satisfied with what I've got, I'll put >> the >> >> source on github and get some code review & comments. Once we're >> satisfied, >> >> we should publish it officially to the play store. >> > >> > >> > Ok, that sounds like a plan. Although I don't have an Android phone, I >> have >> > done a couple of modifications to the Android app using the Android >> emulator >> > on Linux. So, I should be able to help test. >> >>>> >> >>>> Also, in regards to capturing qr codes. There is an open source >> project, >> >>>> https://github.com/zxing/zxing. This is Apache 2 licensed. I can >> call their >> >>>> play store app. If it is not installed, the user is sent to the play >> store >> >>>> to install it. This is not a terrible solution, but it seems that we >> could >> >>>> include their library with our source and capture the qr code without >> >>>> calling an external app. I prefer making this work for not only the >> ease of >> >>>> use, but it also seems it would be more secure to stay within the >> fwknop >> >>>> process. Thoughts? >> >>> >> >>> >> >>> Hmm, not sure about this one. There is precedent in fwknop currently >> for >> >>> calling external programs from both fwknop and fwknopd, but it is >> done via >> >>> execvpe() when available with no environment, and calling external >> programs >> >>> generally allows fwknop to minimize library dependencies. fwknop >> executes >> >>> wget in -R mode in order to resolve the external IP via SSL/TLS when >> wget >> >>> offers this feature, and means that fwknop does not itself have to >> link >> >>> against an SSL library. fwknopd executes firewall control binaries >> directly >> >>> (iptables, ipfw, etc.) instead of linking against libraries the >> firewall >> >>> projects may provide, and also even libpcap is an optional library >> >>> dependency and can be eliminated at compile time if one is willing to >> run in >> >>> --udp-server mode. >> >> >> >> >> >> My thoughts are that an Open Source Java library can be inspected and >> >> generally trusted, but a precompiled app on the market cannot be >> audited. >> >> Probably not a huge issue. >> > >> > >> > Yes, agreed. If this can be done within the realm of Java for the >> Android >> > app without requiring the fwknop C code to link against a new library, >> then >> > I'm all for it. And, from looking at zxing, this would probably be the >> most >> > likely path anyway. You'll likely still want to have your app extend >> libfko >> > for SPA packet creation just as the current Android app does, but the >> zxing >> > stuff would be independent of this. >> > >> >>> >> >>> >> >>> But, the above is for the C implementation of fwknop, fwknopd, and >> >>> libfko. On Android, would the zxing integration be done with their >> java code >> >>> into your fwknop client java code? I see they seem to have a C++ >> component, >> >>> but I'm assuming you're referring to the Java stuff, correct? >> >> >> >> I've not dug into the option there all the way, but I believe they have >> >> made the central java lib available for inclusion into other projects. >> >> >> >>> >> >>> If so, then integrating their java code into your client code would >> be a >> >>> nice win for ease of use for sure. Or are you thinking of integrating >> the >> >>> C++ code into libfko, and having a Java extension of this code like >> the >> >>> current Android app? >> >> >> >> I am planning to stay in the realm of java for the moment. I think it >> >> makes sense to leave libfko alone. >> > >> > >> > Ok, cool. >> > >> >> >> >> >> >> For now, I'm leaving it an external program with the intention to go >> back >> >> and try to integrate it once other things are working. >> >>> >> >>> >> >>>> >> >>>> With any luck, I might have a working prototype done this weekend. >> >>> >> >>> >> >>> Very cool. >> >> >> >> It's looking like I'll have all the ui stuff working soon. I haven't >> >> looked closely at the call to libfko yet. Hoping that's not too >> complex. >> >> I'll keep you all posted. >> > >> > >> > Sounds great. >> > >> > --Mike >> > >> > >> >> >> >> >> >> ~Jonathan Bennett >> >>> >> >>> >> >>> Thanks, >> >>> >> >>> --Mike >> >>> >> >>>> >> >>>> ~Jonathan Bennett >> >>>> >> >>>> >> >>> >> >>> >> ------------------------------------------------------------------------------ >> >>> _______________________________________________ >> >>> Fwknop-discuss mailing list >> >>> [email protected] >> >>> https://lists.sourceforge.net/lists/listinfo/fwknop-discuss >> > >> > >> > >> > >> > -- >> > Michael Rash | Founder >> > http://www.cipherdyne.org/ >> > Key fingerprint = 53EA 13EA 472E 3771 894F AC69 95D8 5D6B A742 839F >> > >> > >> ------------------------------------------------------------------------------ >> > >> > _______________________________________________ >> > Fwknop-discuss mailing list >> > [email protected] >> > https://lists.sourceforge.net/lists/listinfo/fwknop-discuss >> > >> >> >> ------------------------------------------------------------------------------ >> _______________________________________________ >> Fwknop-discuss mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/fwknop-discuss >> > > -- Michael Rash | Founder http://www.cipherdyne.org/ Key fingerprint = 53EA 13EA 472E 3771 894F AC69 95D8 5D6B A742 839F
------------------------------------------------------------------------------
_______________________________________________ Fwknop-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
