Compliance verification handler for Android clients that still send verification requests

psiphon/common/protocol/protocol.go

@@ -52,6 +52,9 @@ const (
 	PSIPHON_API_STATUS_REQUEST_NAME    = "psiphon-status"
 	PSIPHON_API_OSL_REQUEST_NAME       = "psiphon-osl"
 
+	// PSIPHON_API_CLIENT_VERIFICATION_REQUEST_NAME may still be used by older Android clients
+	PSIPHON_API_CLIENT_VERIFICATION_REQUEST_NAME = "psiphon-client-verification"
+
 	PSIPHON_API_CLIENT_SESSION_ID_LENGTH = 16
 
 	PSIPHON_SSH_API_PROTOCOL = "ssh"

psiphon/server/api.go

@@ -165,6 +165,8 @@ func dispatchAPIRequestHandler(
 		return connectedAPIRequestHandler(support, geoIPData, authorizedAccessTypes, params)
 	case protocol.PSIPHON_API_STATUS_REQUEST_NAME:
 		return statusAPIRequestHandler(support, geoIPData, authorizedAccessTypes, params)
+	case protocol.PSIPHON_API_CLIENT_VERIFICATION_REQUEST_NAME:
+		return clientVerificationAPIRequestHandler(support, geoIPData, authorizedAccessTypes, params)
 	}
 
 	return nil, common.ContextError(fmt.Errorf("invalid request name: %s", name))
@@ -461,6 +463,16 @@ func statusAPIRequestHandler(
 	return make([]byte, 0), nil
 }
 
+// clientVerificationAPIRequestHandler is just a compliance stub
+// for older Android clients that still send verification requests
+func clientVerificationAPIRequestHandler(
+	support *SupportServices,
+	geoIPData GeoIPData,
+	authorizedAccessTypes []string,
+	params common.APIParameters) ([]byte, error) {
+	return make([]byte, 0), nil
+}
+
 var tacticsParams = []requestParamSpec{
 	{tactics.STORED_TACTICS_TAG_PARAMETER_NAME, isAnyString, requestParamOptional},
 	{tactics.SPEED_TEST_SAMPLES_PARAMETER_NAME, nil, requestParamOptional | requestParamJSON},

psiphon/server/webServer.go

@@ -306,3 +306,29 @@ func (webServer *webServer) statusHandler(w http.ResponseWriter, r *http.Request
 	w.WriteHeader(http.StatusOK)
 	w.Write(responsePayload)
 }
+
+// clientVerificationHandler is kept for compliance with older Android clients
+func (webServer *webServer) clientVerificationHandler(w http.ResponseWriter, r *http.Request) {
+
+	params, err := convertHTTPRequestToAPIRequest(w, r, "verificationData")
+
+	var responsePayload []byte
+	if err == nil {
+		responsePayload, err = dispatchAPIRequestHandler(
+			webServer.support,
+			protocol.PSIPHON_WEB_API_PROTOCOL,
+			webServer.lookupGeoIPData(params),
+			nil, // authorizedAccessTypes not logged in web API transport
+			protocol.PSIPHON_API_CLIENT_VERIFICATION_REQUEST_NAME,
+			params)
+	}
+
+	if err != nil {
+		log.WithContextFields(LogFields{"error": err}).Warning("failed")
+		w.WriteHeader(http.StatusNotFound)
+		return
+	}
+
+	w.WriteHeader(http.StatusOK)
+	w.Write(responsePayload)
+}