Age | Commit message (Collapse) | Author |
|
|
|
|
|
remove pins, because didn\'t work this way (solves #8455)
|
|
Riseup's EE certificate expired (EE = End-Entity, the commercial
certificate signed by the issuer), and we weren't able to fetch
provider.json because the pin wasn't valid.
This problem needs to be avoided in the future, using
HKPK (https://tools.ietf.org/html/rfc7469), which Micah's implementing
on Riseup.
Switching from build types from flavors enables us to run tests against
production apk, not just debug. I didn't detect this pinning problem
because tests were run only against the debug apk, which trusted
preseeded providers by default (thus bypassing pinning issue).
|
|
Using AndroidPinning library from Moxie, I make sure the provider.json
file Bitmask downloads is fetched from a pinned https connection, so
that the api certificate fingerprint is the good one.
|
|
|
|
This return to "app" instead of "bitmask_android" is due to this reading: https://developer.android.com/sdk/installing/studio-build.html#projectStructure
I'll have to tweak the final apk name in build.gradle.
|
|
This way, gradle commands generate apks correctly named.
|
|
|