search

ThauEx / ffrk-proxy

Proxy for Final Fantasy Record Keeper written in node.js
GNU Lesser General Public License v3.0
39 stars 21 forks source link

Android 7/8 + Proxydroid issue #114

Open jdel opened 6 years ago

jdel commented 6 years ago

I updated my phone to android 7 then 8 (LineageOS 14.1 and 15.1) a couple of days ago and since then, for some reason I cannot figure out, it is impossible to use ffrk-proxy through proxydroid.

Phone is rooted fine with magisk, ffrk-proxy config file has no whitelist, 127.0.0.1 is in the proxy bypass list. Basically, everything is configured as before.

I am running another instance of ffrk-proxy with whitelist, and connecting to this one with the native android proxy config works perfectly fine. So I'm assuming it is an android / proxydroid issue.

Here is a log from a fresh start of ffrk-proxy. This confirms my phone is redirecting the traffic to ffrk-proxy but something happens after generating the 3rd cert. The last 9 lines repeat over and over as the app retries.

$ docker logs -tf ffrk-all                                    
2018-02-25T09:06:09.248559170Z Using custom config /ffrk/config/default.yml
2018-02-25T09:06:11.127762754Z ffrk-proxy 0.11.0 started
2018-02-25T09:06:11.129414429Z listening on: 0.0.0.0:5050
2018-02-25T09:06:11.139900473Z rootCA webserver started
2018-02-25T09:06:11.139956232Z listening on: 0.0.0.0:5051
2018-02-25T09:06:48.300917299Z   = will connect to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:06:48.318014505Z < connected to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:06:48.327333125Z > writing head of length 0
2018-02-25T09:06:48.392162409Z > data length = 192
2018-02-25T09:06:48.405588897Z Generating new TLS certificate for: appload.ingest.crittercism.com
2018-02-25T09:06:49.476965005Z < data length = 975
2018-02-25T09:06:49.480845661Z   = will connect to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:06:49.480943718Z   = will connect to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:06:49.482048203Z   = will connect to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:06:49.489038331Z < connected to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:06:49.489097810Z > writing head of length 0
2018-02-25T09:06:49.489122332Z < connected to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:06:49.489144940Z > writing head of length 0
2018-02-25T09:06:49.489166724Z < connected to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:06:49.489188650Z > writing head of length 0
2018-02-25T09:06:49.550303076Z > data length = 204
2018-02-25T09:06:49.557874480Z Generating new TLS certificate for: lcd-prod.appspot.com
2018-02-25T09:06:50.270132494Z > data length = 176
2018-02-25T09:06:50.271721330Z > data length = 176
2018-02-25T09:06:50.273083785Z > data length = 7
2018-02-25T09:06:50.322293652Z < data length = 955
2018-02-25T09:06:50.339435249Z > end
2018-02-25T09:06:50.339540263Z Generating new TLS certificate for: app.adjust.com
2018-02-25T09:06:50.823813490Z > data length = 126
2018-02-25T09:06:50.827999667Z < end
2018-02-25T09:06:50.830518499Z < data length = 943
2018-02-25T09:06:50.832575977Z < data length = 943
2018-02-25T09:06:50.834700905Z > end
2018-02-25T09:06:50.841217498Z < data length = 274
2018-02-25T09:06:50.845181907Z < end
2018-02-25T09:06:50.934596108Z > data length = 7
2018-02-25T09:06:50.942146319Z > data length = 7
2018-02-25T09:06:50.942350514Z > end
2018-02-25T09:06:50.942376631Z > end
2018-02-25T09:06:50.942399688Z < end
2018-02-25T09:06:50.942459339Z < end
2018-02-25T09:07:03.112820035Z   = will connect to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:07:03.122942440Z < connected to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:07:03.130904609Z > writing head of length 0
2018-02-25T09:07:03.176921463Z > data length = 204
2018-02-25T09:07:03.181378282Z < data length = 955
2018-02-25T09:07:03.284051912Z > data length = 126
2018-02-25T09:07:03.298647268Z > end
2018-02-25T09:07:03.298843684Z < data length = 274
2018-02-25T09:07:03.298877629Z < end

Has anyone run into this ? Any advice would be much appreciated.

jdel commented 6 years ago

Probably linked to the fact Android 7+ doesn't consider user's CAs anymore.

https://blog.jeroenhd.nl/article/android-7-nougat-and-certificate-authorities

craadicator commented 6 years ago

Hello,

i am using a new Phone Xiaomi Mi Mix 2s with MiUI Global 9.5.10.0 (Based on Android 8) I already changed your Cert from user to system CA but the game still won't let me in. Do you have an idea whats the problem here? Screenshot attached.

unbenannt

thx in advance

ThauEx commented 6 years ago

What exactly have you done so fare?

jdel commented 6 years ago

I have never been able to make proxydroid work with android 8. I use the native proxy configuration and it works fine.

craadicator commented 6 years ago

Well, i changed your root Cert User CA to work as System CA described in the Link that jdel posted. Afterwards, not changing anything on the server, i installed Proxydroid using the same configuration that worked on my old phone only getting the result aboth. I also tried using the new v12 releases, but i am to stupid to configure the proxy.pac correctly...

Looking around i found this thread with a configuration for drony. https://www.facebook.com/notes/ffrk-proxy-server/faq-for-android/1828322170743038/ I am using this with my v11 configuration and at the moment it's running better than proxydroid ever did. No functiuonal problems in WLAN or Mobile Data.

So yeah proxydroid is dead for me. I don't get it functional with Android 8, but drony is a (better) way that works (at least for me).

jdel commented 6 years ago

Thanks for the info, i will look into drony