ffrk-proxy icon indicating copy to clipboard operation
ffrk-proxy copied to clipboard

Published 20 hours ago verified publisher icon ThauEx

Android 7/8 + Proxydroid issue

Open jdel opened this issue 7 years ago • 6 comments

I updated my phone to android 7 then 8 (LineageOS 14.1 and 15.1) a couple of days ago and since then, for some reason I cannot figure out, it is impossible to use ffrk-proxy through proxydroid.

Phone is rooted fine with magisk, ffrk-proxy config file has no whitelist, 127.0.0.1 is in the proxy bypass list. Basically, everything is configured as before.

I am running another instance of ffrk-proxy with whitelist, and connecting to this one with the native android proxy config works perfectly fine. So I'm assuming it is an android / proxydroid issue.

Here is a log from a fresh start of ffrk-proxy. This confirms my phone is redirecting the traffic to ffrk-proxy but something happens after generating the 3rd cert. The last 9 lines repeat over and over as the app retries.

$ docker logs -tf ffrk-all                                    
2018-02-25T09:06:09.248559170Z Using custom config /ffrk/config/default.yml
2018-02-25T09:06:11.127762754Z ffrk-proxy 0.11.0 started
2018-02-25T09:06:11.129414429Z listening on: 0.0.0.0:5050
2018-02-25T09:06:11.139900473Z rootCA webserver started
2018-02-25T09:06:11.139956232Z listening on: 0.0.0.0:5051
2018-02-25T09:06:48.300917299Z   = will connect to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:06:48.318014505Z < connected to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:06:48.327333125Z > writing head of length 0
2018-02-25T09:06:48.392162409Z > data length = 192
2018-02-25T09:06:48.405588897Z Generating new TLS certificate for: appload.ingest.crittercism.com
2018-02-25T09:06:49.476965005Z < data length = 975
2018-02-25T09:06:49.480845661Z   = will connect to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:06:49.480943718Z   = will connect to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:06:49.482048203Z   = will connect to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:06:49.489038331Z < connected to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:06:49.489097810Z > writing head of length 0
2018-02-25T09:06:49.489122332Z < connected to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:06:49.489144940Z > writing head of length 0
2018-02-25T09:06:49.489166724Z < connected to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:06:49.489188650Z > writing head of length 0
2018-02-25T09:06:49.550303076Z > data length = 204
2018-02-25T09:06:49.557874480Z Generating new TLS certificate for: lcd-prod.appspot.com
2018-02-25T09:06:50.270132494Z > data length = 176
2018-02-25T09:06:50.271721330Z > data length = 176
2018-02-25T09:06:50.273083785Z > data length = 7
2018-02-25T09:06:50.322293652Z < data length = 955
2018-02-25T09:06:50.339435249Z > end
2018-02-25T09:06:50.339540263Z Generating new TLS certificate for: app.adjust.com
2018-02-25T09:06:50.823813490Z > data length = 126
2018-02-25T09:06:50.827999667Z < end
2018-02-25T09:06:50.830518499Z < data length = 943
2018-02-25T09:06:50.832575977Z < data length = 943
2018-02-25T09:06:50.834700905Z > end
2018-02-25T09:06:50.841217498Z < data length = 274
2018-02-25T09:06:50.845181907Z < end
2018-02-25T09:06:50.934596108Z > data length = 7
2018-02-25T09:06:50.942146319Z > data length = 7
2018-02-25T09:06:50.942350514Z > end
2018-02-25T09:06:50.942376631Z > end
2018-02-25T09:06:50.942399688Z < end
2018-02-25T09:06:50.942459339Z < end
2018-02-25T09:07:03.112820035Z   = will connect to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:07:03.122942440Z < connected to socket "/tmp/node-thin-0.5.sock"
2018-02-25T09:07:03.130904609Z > writing head of length 0
2018-02-25T09:07:03.176921463Z > data length = 204
2018-02-25T09:07:03.181378282Z < data length = 955
2018-02-25T09:07:03.284051912Z > data length = 126
2018-02-25T09:07:03.298647268Z > end
2018-02-25T09:07:03.298843684Z < data length = 274
2018-02-25T09:07:03.298877629Z < end

Has anyone run into this ? Any advice would be much appreciated.

jdel avatar Feb 25 '18 10:02 jdel

Probably linked to the fact Android 7+ doesn't consider user's CAs anymore.

https://blog.jeroenhd.nl/article/android-7-nougat-and-certificate-authorities

jdel avatar Feb 25 '18 18:02 jdel

Hello,

i am using a new Phone Xiaomi Mi Mix 2s with MiUI Global 9.5.10.0 (Based on Android 8) I already changed your Cert from user to system CA but the game still won't let me in. Do you have an idea whats the problem here? Screenshot attached.

unbenannt

thx in advance

craadicator avatar Jun 30 '18 18:06 craadicator

What exactly have you done so fare?

ThauEx avatar Jul 03 '18 07:07 ThauEx

I have never been able to make proxydroid work with android 8. I use the native proxy configuration and it works fine.

jdel avatar Jul 03 '18 12:07 jdel

Well, i changed your root Cert User CA to work as System CA described in the Link that jdel posted. Afterwards, not changing anything on the server, i installed Proxydroid using the same configuration that worked on my old phone only getting the result aboth. I also tried using the new v12 releases, but i am to stupid to configure the proxy.pac correctly...

Looking around i found this thread with a configuration for drony. https://www.facebook.com/notes/ffrk-proxy-server/faq-for-android/1828322170743038/ I am using this with my v11 configuration and at the moment it's running better than proxydroid ever did. No functiuonal problems in WLAN or Mobile Data.

So yeah proxydroid is dead for me. I don't get it functional with Android 8, but drony is a (better) way that works (at least for me).

craadicator avatar Jul 03 '18 13:07 craadicator

Thanks for the info, i will look into drony

jdel avatar Jul 03 '18 14:07 jdel