summaryrefslogtreecommitdiff
path: root/app/src/insecure
AgeCommit message (Collapse)Author
2017-10-258757 fixes session cookie handling by implementing okHttpClient and custom ↵cyBerta
cookiejar, enables TLS 1.2 on old devices, restricts allowed cipher suites on new devices in order to harden tls based communication
2017-09-21update ics-openvpn: update classes, manifest, resources and build scriptcyBerta
2016-02-06Update build tools and compile sdk version.Parménides GV
Warn about the needed libraries for 64 bit systems.
2015-06-08s/buildtype/flavor, changed riseup's pinParménides GV
Riseup's EE certificate expired (EE = End-Entity, the commercial certificate signed by the issuer), and we weren't able to fetch provider.json because the pin wasn't valid. This problem needs to be avoided in the future, using HKPK (https://tools.ietf.org/html/rfc7469), which Micah's implementing on Riseup. Switching from build types from flavors enables us to run tests against production apk, not just debug. I didn't detect this pinning problem because tests were run only against the debug apk, which trusted preseeded providers by default (thus bypassing pinning issue).