diff options
author | Parménides GV <parmegv@sdf.org> | 2015-06-08 19:56:43 +0200 |
---|---|---|
committer | Parménides GV <parmegv@sdf.org> | 2015-06-08 20:04:03 +0200 |
commit | b0a0805ab81aaa4e204ecfc77d3a6a7f7ed66b2f (patch) | |
tree | 7ebeb40d0c74a8c431b7845e403cb1add5e63be4 /app/assets/urls | |
parent | 8d39fbdb4980c95268249f21f3c6b8e36b22cf90 (diff) |
s/buildtype/flavor, changed riseup's pin
Riseup's EE certificate expired (EE = End-Entity, the commercial
certificate signed by the issuer), and we weren't able to fetch
provider.json because the pin wasn't valid.
This problem needs to be avoided in the future, using
HKPK (https://tools.ietf.org/html/rfc7469), which Micah's implementing
on Riseup.
Switching from build types from flavors enables us to run tests against
production apk, not just debug. I didn't detect this pinning problem
because tests were run only against the debug apk, which trusted
preseeded providers by default (thus bypassing pinning issue).
Diffstat (limited to 'app/assets/urls')
-rw-r--r-- | app/assets/urls/riseup.url | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/app/assets/urls/riseup.url b/app/assets/urls/riseup.url index e250e93f..4c565076 100644 --- a/app/assets/urls/riseup.url +++ b/app/assets/urls/riseup.url @@ -1,4 +1,4 @@ { "main_url" : "https://riseup.net/", - "ca_cert_fingerprint" : "c429750763322fcc20b6402d7b508ba9e754b176" + "ca_cert_fingerprint" : "aef7a642d7f8e046770521b354961a95cd4a76a8" } |