[prev in list] [next in list] [prev in thread] [next in thread]
List: fwknop-discuss
Subject: Re: [Fwknop-discuss] Android app
From: Michael Rash <michael.rash () gmail ! com>
Date: 2015-05-31 1:23:48
Message-ID: CAA9wn8nJner5R8jd6LLqmBwtAadEPSSd+ezrbPiJ_iiyxK8Wmw () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
On Fri, May 29, 2015 at 10:50 PM, Jonathan Bennett <jbscience87@gmail.com>
wrote:
>
>
> On Fri, May 29, 2015 at 9:15 PM Michael Rash <michael.rash@gmail.com>
> wrote:
>
>> On Fri, May 29, 2015 at 4:03 PM, Jonathan Bennett <jbscience87@gmail.com>
>> wrote:
>>
>>> I am making decent progress on the android implementation of fwknop. I
>>> have rewritten the user interface nearly from scratch. I do have a couple
>>> questions, though.
>>>
>>
>> Excellent.
>>
>>
>>> First, the existing android app is on the marketplace under the company
>>> Maximum Idea. It would seem more appropriate for the app to be distributed
>>> by Cipherdyne. I am certain there is some history there, but we should
>>> consider pulling the old apps and publishing under the Cipherdyne name.
>>>
>>
>> Agreed - sounds like you are suggesting an official marketplace account
>> where fwknop apps are distributed, and your rewrite could serve as the
>> basis for the client app. This assumes you are ok with distributing your
>> app via the Cipherdyne account with you as the author, etc.
>>
>
> Exactly this. Once I'm mostly satisfied with what I've got, I'll put the
> source on github and get some code review & comments. Once we're satisfied,
> we should publish it officially to the play store.
>
Ok, that sounds like a plan. Although I don't have an Android phone, I have
done a couple of modifications to the Android app using the Android
emulator on Linux. So, I should be able to help test.
> Also, in regards to capturing qr codes. There is an open source project,
>>> https://github.com/zxing/zxing. This is Apache 2 licensed. I can call
>>> their play store app. If it is not installed, the user is sent to the play
>>> store to install it. This is not a terrible solution, but it seems that we
>>> could include their library with our source and capture the qr code without
>>> calling an external app. I prefer making this work for not only the ease of
>>> use, but it also seems it would be more secure to stay within the fwknop
>>> process. Thoughts?
>>>
>>
>> Hmm, not sure about this one. There is precedent in fwknop currently for
>> calling external programs from both fwknop and fwknopd, but it is done via
>> execvpe() when available with no environment, and calling external programs
>> generally allows fwknop to minimize library dependencies. fwknop executes
>> wget in -R mode in order to resolve the external IP via SSL/TLS when wget
>> offers this feature, and means that fwknop does not itself have to link
>> against an SSL library. fwknopd executes firewall control binaries directly
>> (iptables, ipfw, etc.) instead of linking against libraries the firewall
>> projects may provide, and also even libpcap is an optional library
>> dependency and can be eliminated at compile time if one is willing to run
>> in --udp-server mode.
>>
>
> My thoughts are that an Open Source Java library can be inspected and
> generally trusted, but a precompiled app on the market cannot be audited.
> Probably not a huge issue.
>
Yes, agreed. If this can be done within the realm of Java for the Android
app without requiring the fwknop C code to link against a new library, then
I'm all for it. And, from looking at zxing, this would probably be the most
likely path anyway. You'll likely still want to have your app extend libfko
for SPA packet creation just as the current Android app does, but the zxing
stuff would be independent of this.
>
>> But, the above is for the C implementation of fwknop, fwknopd, and
>> libfko. On Android, would the zxing integration be done with their java
>> code into your fwknop client java code? I see they seem to have a C++
>> component, but I'm assuming you're referring to the Java stuff, correct?
>>
> I've not dug into the option there all the way, but I believe they have
> made the central java lib available for inclusion into other projects.
>
>
>> If so, then integrating their java code into your client code would be a
>> nice win for ease of use for sure. Or are you thinking of integrating the
>> C++ code into libfko, and having a Java extension of this code like the
>> current Android app?
>>
> I am planning to stay in the realm of java for the moment. I think it
> makes sense to leave libfko alone.
>
Ok, cool.
>
> For now, I'm leaving it an external program with the intention to go back
> and try to integrate it once other things are working.
>
>>
>>
>>> With any luck, I might have a working prototype done this weekend.
>>>
>>
>> Very cool.
>>
> It's looking like I'll have all the ui stuff working soon. I haven't
> looked closely at the call to libfko yet. Hoping that's not too complex.
> I'll keep you all posted.
>
Sounds great.
--Mike
>
> ~Jonathan Bennett
>
>>
>> Thanks,
>>
>> --Mike
>>
>>
>>> ~Jonathan Bennett
>>>
>>>
>> ------------------------------------------------------------------------------
>> _______________________________________________
>> Fwknop-discuss mailing list
>> Fwknop-discuss@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
>>
>
--
Michael Rash | Founder
http://www.cipherdyne.org/
Key fingerprint = 53EA 13EA 472E 3771 894F AC69 95D8 5D6B A742 839F
[Attachment #5 (text/html)]
<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On Fri, May \
29, 2015 at 10:50 PM, Jonathan Bennett <span dir="ltr"><<a \
href="mailto:jbscience87@gmail.com" \
target="_blank">jbscience87@gmail.com</a>></span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div dir="ltr"><br><br><div class="gmail_quote"><span \
class=""><div dir="ltr">On Fri, May 29, 2015 at 9:15 PM Michael Rash <<a \
href="mailto:michael.rash@gmail.com" target="_blank">michael.rash@gmail.com</a>> \
wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 \
.8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div \
class="gmail_extra"><div class="gmail_quote">On Fri, May 29, 2015 at 4:03 PM, \
Jonathan Bennett <span dir="ltr"><<a href="mailto:jbscience87@gmail.com" \
target="_blank">jbscience87@gmail.com</a>></span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><p dir="ltr">I am making decent progress on the android \
implementation of fwknop. I have rewritten the user interface nearly from scratch. I \
do have a couple questions, though. \
</p></blockquote><div><br></div></div></div></div><div dir="ltr"><div \
class="gmail_extra"><div class="gmail_quote"><div>Excellent.<br> \
<br></div></div></div></div><div dir="ltr"><div class="gmail_extra"><div \
class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 \
.8ex;border-left:1px #ccc solid;padding-left:1ex"> <p dir="ltr">First, the existing \
android app is on the marketplace under the company Maximum Idea. It would seem more \
appropriate for the app to be distributed by Cipherdyne. I am certain there is some \
history there, but we should consider pulling the old apps and publishing under the \
Cipherdyne name.</p></blockquote><div><br></div></div></div></div><div dir="ltr"><div \
class="gmail_extra"><div class="gmail_quote"><div>Agreed - sounds like you are \
suggesting an official marketplace account where fwknop apps are distributed, and \
your rewrite could serve as the basis for the client app. This assumes you are ok \
with distributing your app via the Cipherdyne account with you as the author, \
etc.<br></div></div></div></div></blockquote><div><br></div></span><div>Exactly this. \
Once I'm mostly satisfied with what I've got, I'll put the source on \
github and get some code review & comments. Once we're satisfied, we should \
publish it officially to the play store. \
</div></div></div></blockquote><div><br></div><div>Ok, that sounds like a plan. \
Although I don't have an Android phone, I have done a couple of modifications to \
the Android app using the Android emulator on Linux. So, I should be able to help \
test. <br></div><blockquote class="gmail_quote" style="margin:0 0 0 \
.8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div \
class="gmail_quote"><span class=""><blockquote class="gmail_quote" style="margin:0 0 \
0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div \
class="gmail_extra"><div class="gmail_quote"><div></div></div></div></div><div \
dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"> <p dir="ltr">Also, in regards to capturing qr codes. There \
is an open source project, <a href="https://github.com/zxing/zxing" \
target="_blank">https://github.com/zxing/zxing</a>. This is Apache 2 licensed. I can \
call their play store app. If it is not installed, the user is sent to the play store \
to install it. This is not a terrible solution, but it seems that we could include \
their library with our source and capture the qr code without calling an external \
app. I prefer making this work for not only the ease of use, but it also seems it \
would be more secure to stay within the fwknop process. \
Thoughts?</p></blockquote><div><br></div></div></div></div><div dir="ltr"><div \
class="gmail_extra"><div class="gmail_quote"><div>Hmm, not sure about this one. There \
is precedent in fwknop currently for calling external programs from both fwknop and \
fwknopd, but it is done via execvpe() when available with no environment, and calling \
external programs generally allows fwknop to minimize library dependencies. fwknop \
executes wget in -R mode in order to resolve the external IP via SSL/TLS when wget \
offers this feature, and means that fwknop does not itself have to link against an \
SSL library. fwknopd executes firewall control binaries directly (iptables, ipfw, \
etc.) instead of linking against libraries the firewall projects may provide, and \
also even libpcap is an optional library dependency and can be eliminated at compile \
time if one is willing to run in --udp-server \
mode.<br></div></div></div></div></blockquote><div><br></div></span><div>My thoughts \
are that an Open Source Java library can be inspected and generally trusted, but a \
precompiled app on the market cannot be audited. Probably not a huge issue. \
</div></div></div></blockquote><div><br></div><div>Yes, agreed. If this can be done \
within the realm of Java for the Android app without requiring the fwknop C code to \
link against a new library, then I'm all for it. And, from looking at zxing, this \
would probably be the most likely path anyway. You'll likely still want to have \
your app extend libfko for SPA packet creation just as the current Android app does, \
but the zxing stuff would be independent of this.<br> <br></div><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div dir="ltr"><div class="gmail_quote"><span \
class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px \
#ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_extra"><div \
class="gmail_quote"><div><br>But, the above is for the C implementation of fwknop, \
fwknopd, and libfko. On Android, would the zxing integration be done with their java \
code into your fwknop client java code? I see they seem to have a C++ component, but \
I'm assuming you're referring to the Java stuff, correct? \
</div></div></div></div></blockquote></span><div>I've not dug into the option \
there all the way, but I believe they have made the central java lib available for \
inclusion into other projects. </div><span class=""><div> <br></div><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div dir="ltr"><div class="gmail_extra"><div \
class="gmail_quote"><div>If so, then integrating their java code into your client \
code would be a nice win for ease of use for sure. Or are you thinking of integrating \
the C++ code into libfko, and having a Java extension of this code like the current \
Android app?<br></div></div></div></div></blockquote></span><div>I am planning to \
stay in the realm of java for the moment. I think it makes sense to leave libfko \
alone.</div></div></div></blockquote><div><br></div><div>Ok, cool.<br> \
<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px \
#ccc solid;padding-left:1ex"><div dir="ltr"><div \
class="gmail_quote"><div><br></div><div>For now, I'm leaving it an external \
program with the intention to go back and try to integrate it once other things are \
working.</div><span class=""><blockquote class="gmail_quote" style="margin:0 0 0 \
.8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div \
class="gmail_extra"><div class="gmail_quote"><div></div></div></div></div><div \
dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><div> \
<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px \
#ccc solid;padding-left:1ex"> <p dir="ltr">With any luck, I might have a working \
prototype done this weekend. </p></blockquote><div><br></div></div></div></div><div \
dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><div>Very cool. \
</div></div></div></div></blockquote></span><div>It's looking like I'll have \
all the ui stuff working soon. I haven't looked closely at the call to libfko \
yet. Hoping that's not too complex. I'll keep you all \
posted.</div></div></div></blockquote><div><br></div><div>Sounds \
great.<br><br></div><div>--Mike<br><br> <br></div><blockquote class="gmail_quote" \
style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div \
dir="ltr"><div class="gmail_quote"><div><br></div><div>~Jonathan \
Bennett</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px \
#ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_extra"><div \
class="gmail_quote"><div><br></div><div>Thanks,<br><br></div><div>--Mike<br></div><div> \
<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px \
#ccc solid;padding-left:1ex"><span><font color="#888888"> <p dir="ltr">~Jonathan \
Bennett</p></font></span><br></blockquote></div></div></div>
------------------------------------------------------------------------------<br>
_______________________________________________<br>
Fwknop-discuss mailing list<br>
<a href="mailto:Fwknop-discuss@lists.sourceforge.net" \
target="_blank">Fwknop-discuss@lists.sourceforge.net</a><br> <a \
href="https://lists.sourceforge.net/lists/listinfo/fwknop-discuss" \
target="_blank">https://lists.sourceforge.net/lists/listinfo/fwknop-discuss</a><br> \
</blockquote></div></div> </blockquote></div><br><br clear="all"><br>-- <br><div \
class="gmail_signature">Michael Rash | Founder<br><a \
href="http://www.cipherdyne.org/" \
target="_blank">http://www.cipherdyne.org/</a><br>Key fingerprint = 53EA 13EA 472E \
3771 894F AC69 95D8 5D6B A742 839F</div> </div></div>
------------------------------------------------------------------------------
_______________________________________________
Fwknop-discuss mailing list
Fwknop-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic