ChatSecureAndroid
ChatSecureAndroid copied to clipboard
guardianproject
[Feature Request] BOSH not supported
Hi,
I'm enjoying ChatSecure on Android but I'm really missing one feature. Is it possible to implement BOSH Support for ChatSecure? Behind many company firewalls there is no way to connect to the default xmpp port, so it would be great to add an optional BOSH Server which runs on Port 80/443.
BOSH is specified by XEP-0124: http://xmpp.org/extensions/xep-0124.html
Thanks!
I use ChatSecure 14.2.0a on Android / CM 12.1.
Works well with my Prosody XMPP server -- until I inject a public VPN (PIA, HMA) into the mix. I'm working (around) the WHY, but both seem to block/prevent XMPP traffic.
I suspect, but don't yet know, that that's due to port(range) blocking, not to packet inspection.
So, currently, to use ChatSecure's security I need to drop VPN's security :-/ Bit of a Catch22.
One way around it is to enable Prosody's BOSH server, where BOSH allows XMPP where only a unblocked HTTP(S) connection is available, front-ending it with an nginx proxy.
XMPP Technologies: BOSH
https://xmpp.org/about-xmpp/technology-overview/bosh
Setting up a BOSH server
https://prosody.im/doc/setting_up_bosh
With nginx's SNA support, the BOSH proxy could easily be added to an existing webserver-occupied IP.
For this to be useful, however, the Client needs to support BOSH as well.
Looking around, the closest I've found to bosh support for XMPP on Android is Smack (https://www.igniterealtime.org/projects/smack/).
Smack API runs native under Android, and provides bosh libs,
https://github.com/igniterealtime/Smack/tree/31c53f094c9a613821b9e101f9d7f9bfd775b4e1/smack-bosh/src/main/java/org/jivesoftware/smack/bosh
Afaict, ChatSecure does not.
Looking in ChatSecure sources, I do find,
grep -rlni bosh .
./libs/asmack-android-7.jar
But don't see any docs, or setting, that are BOSH-specific/enabling.
I do see here above,
n8fr8 added this to the v15 AWESOME APP milestone on May 8
but don't find any flag/commit for it.
(1) Does ChatSecure -- in release or dev -- currently have BOSH client support? (2) If not, can it be added?
Given CS's security focus, I'm guessing this is far more likely an issue that'd be dealt with here, sooner than elsewhere.
Up! I am currently doing testing for my secure messaging platform and I think ChatSecure fits the bill quite nicely. One of the requirements is BOSH support so it may be filtered through the security gateway and the reverse proxy for security scans. That being said, I would LOVE for the security offered in ChatSecure to include the flexibility offered in BOSH using TLS HTTPS connections. Surprisingly few (read that as 0) clients on Android support BOSH. Xabber appears to have dropped the BOSH feature request, which was put in back in 2013. If I am wrong, please let me know.
It is true that BOSH is becoming more useful, especially in an age where XMPP is seen as a non-standard protocol that can be often filtered since it is not on port 80 or 443. We are strongly considering it, though it would be as part of our work on next-generation version of ChatSecure called Zom... see https://github.com/zom and https://zom.im
I think the issue has been with the Smack XMPP library, in that historically BOSH support was not available on Android. I think that has changed, so we will take a look.
Very cool. Thank you for the quick reply. I will keep a close eye on Zom then for future updates and check out the interface/features on it. Thanks again!