Task #2467

make Kerplapp broadcast the repo URL via mDNS

Added by hans about 4 years ago. Updated almost 4 years ago.

Status:ClosedStart date:11/13/2013
Priority:UrgentDue date:
Assignee:hans% Done:

0%

Category:-
Target version:0.2 - ChatSecure/Bluetooth
Component:

Description

When a Kerplapp repo is turned on, and wifi is setup, it should broadcast out the URL via mDNS.

ChatSecure uses jmdns, so Kerplapp should too.


Related issues

Related to Bazaar - Task #2468: make F-Droid accept repo URLs via mDNS Closed 11/13/2013
Related to Bazaar - Feature #2900: use jmDNS to provide discovery on Android < 16 Closed 02/19/2014
Related to Bazaar - Feature #2978: Include repo fingerprint for network service discovery. Closed 02/19/2014

Associated revisions

Revision 1756bf66
Added by pd0x almost 4 years ago

Use an FDroid specific NSD service type, based on SSL preference.

NSD service types follow a DNS SRV convention _protocol._transport used in
mDNS. Previously Kerplapp was advertising an _http._tcp service
generically. It makes more sense to advertise a _fdroidrepo._tcp service so
the FDroid client can run a discovery that it knows won't return generic
non-FDroid repo HTTP servers.

Further, we should advertise _fdroidrepo._tcp when the use_ssl preference is
disabled and _fdroidrepos._tcp when it is enabled to indicate to the
discovering peer whether we are advertising an HTTP or an HTTPS FDroid repo.

refs #2467

Revision fb980ece
Added by hans over 3 years ago

purge NSD support, later add mDNS support to FDroid using jmdns

Android's NSD is a nice API, but it turns out its flaky and only supported
on very recent Android versions. So we'll use jmdns to support older
releases and hopefully work better.

refs #2900, #2467 https://dev.guardianproject.info/issues/2900

History

#1 Updated by hans about 4 years ago

going with the vanilla, old jmDNS 3.4.1, but this might have some useful bug fixes:
https://github.com/jadahl/jmdns

#2 Updated by hans about 4 years ago

I'm starting to think that mDNS could just be too easily abused. Things like QRCode and NFC initiation require the user to do a little manual step with the person who is running the repo in question, so its automatically authenticated. Anyone can broadcast anything via mDNS, and people might get alert fatigue and just say OK whenever they see an mDNS repo.

On the other hand, perhaps this could be handled well in the UI so that there just a passive list of local repos available via mDNS, and the person would have to open that page and opt-in to use a repo. So someone tells someone, "my repo is called foobar's apps" then they just find it on the list. This would have to be TOFU, and there probably would not be a lot of repeat traffic, so the security in this situation would be pretty weak.

#3 Updated by hans about 4 years ago

  • Target version set to 0.2 - ChatSecure/Bluetooth

#4 Updated by hans about 4 years ago

  • Priority changed from Normal to Urgent

#5 Updated by pd0x almost 4 years ago

  • Status changed from New to In Progress
  • Assignee set to pd0x

Work started on integrating the natively supported Android Network Service Discovery (developer.android.com/training/connect-devices-wirelessly/nsd.html) to Kerplapp.

Service registration is implemented & bound to the HTTPD lifecycle.

The NSD specific bits of code will have to be addressed when we move to an external lib (eg jmDNS). An external library approach is required due to the API level of Android NSD (JellyBean+).

#6 Updated by pd0x almost 4 years ago

  • Status changed from In Progress to Feedback

My Kerplapp fork has working Network Service Advertisement for both HTTP and HTTPs FDroid repos ready for review.

#7 Updated by pd0x almost 4 years ago

  • Assignee changed from pd0x to hans

Assigned for review.

#8 Updated by hans almost 4 years ago

  • Status changed from Feedback to Closed

Also available in: Atom PDF