search

element-hq / element-android

A Matrix collaboration client for Android.
https://element.io/
Apache License 2.0
3.31k stars 704 forks source link

Support for Socks/Http Proxy? #488

Open GammaPi opened 5 years ago

GammaPi commented 5 years ago

Since synapse is in it's early stage, a built-in proxy support (no matter it's socks or http) is necessary to keep the server safe from attackers.

1234 related

https://github.com/vector-im/riot-android/issues/1234

GammaPi commented 5 years ago

It seems that riot-android(the old app) use matrix-android-sdk to communicate with matrix server. And matrix-android-sdk uses okhttp3 to send http request. Am I correct on this?

https://github.com/matrix-org/matrix-android-sdk/search?q=import+okhttp3.OkHttpClient%3B&unscoped_q=import+okhttp3.OkHttpClient%3B

I'm wondering if I can configure proxy for okhttpclient in matrix-sdk/src/main/java/org/matrix/androidsdk/RestClient.java and then do some UI adjustments to solve this issue?

I'm looking for proxy support because it seems that Synapse (the only availabe option for Matrix home server) is still in its early stage and it may have some security vulnerbilities (Is my concern right?). Though restricting outer access to matrix home server may limit federation, this can be solved by using firewall whiltelist policy and only allow trusted federation server to access local server. Normal users have to access the server through proxy.

Since riot.im desktop apps use electronic. I can enable proxy simply by setting cmd arg "--proxy-server". For android apps, solutions like tun2socks or system-wide proxy do work, but users have to open proxy all the time which is not very decent. If riot android have a built-in proxy, then it would be a lot easier.

dklimpel commented 4 years ago

See also: https://github.com/matrix-org/matrix-android-sdk/pull/519

ghost commented 4 years ago

SOCKS support would pair well with Orbot. Orbot does support a VPN mode, but that's not a great solution for some configurations.

GammaPi commented 4 years ago

Looking forward to this

JJohnGreenSr commented 4 years ago

I feel the same, Gamma

reg3xp commented 3 years ago

SOCKS5 would be great

seth586 commented 3 years ago

yeah as an experiment I set up a onion_address:443 routed to my syanpse_server:8008, but the clients just dont seem to want to resolve onion addresses.

Adding a simple SOCKS5 proxy to pair with orbot would be a good first step in bringing anonymity to the matrix protocol!

cm157 commented 3 years ago

Please add socks5 / Orbot support so can access synapse server running as hidden service

CalunVier commented 2 years ago

Although we have many alternatives, the built-in proxy function can make our access to martix more convenient. As we all know, not all parts of the world can easily connect with the outside world.

RedSteel-1 commented 11 months ago

See this issue is quite old. It is essential for pro-privacy/security messengers to have proxy setting, so that one can route the traffic to Tor/Orbot.

Dear devs, could you add this setting?