[guardian-dev] supporting SOCKS on Android via a custom SocketFactory
Hans-Christoph Steiner
hans at guardianproject.info
Tue Sep 6 06:54:04 EDT 2016
Michael Rogers:
> On 06/09/16 10:48, Hans-Christoph Steiner wrote:
>> Could we use this approach in NetCipher? I think Torsten that said this
>> approach requires android-14 at least, but we could just use HTTP
>> proxies to support older platforms.
>
> As far as I know this should work on any version of Android, but please
> let me know if you run into any versions/devices where it doesn't work.
>
> Feel free to use the code in NetCipher if it's useful, any OSI license
> you like.
Have you run tests yet of HTTPS verification using your technique? You
can take code from the NetCipher tests if you want.
I don't remember details now, but I know that when doing tricks with how
Socket instances are created on Android, important pieces went missing,
like hostname verification. In cases like these, it is important to
remember that Android != Java. Android only promises to provide what
they document in their SDK docs, not all of Java. And many companies
choose to take that opportunity to get lazy/sloppy with their builds of
Android.
.hc
--
PGP fingerprint: EE66 20C7 136B 0D2C 456C 0A4D E9E2 8DEA 00AA 5556
https://pgp.mit.edu/pks/lookup?op=vindex&search=0xE9E28DEA00AA5556
More information about the guardian-dev
mailing list