Update upstream dependency on ics-openvpn
Motivation
Bitmask Android currently depends on a version of ics-openvpn
and that is over a year old. As a result:
- we are missing security patches that have been made to
openssl
in the last year - we may not use the most recent version of NDK, which uses
clang
for cross-compiling C code (as the outdated version ofopenssl
on which we transitively depend will only compile withgcc
)
We would like to update the dependency to increase the app's security and its compatibility with the current Android build ecosystem.
Acceptance Criteria
- When code is checked in, build runs and passes inside a docker container running Android NDK v 14b
Implementation Notes
- To close this ticket, we will have to rebase off the current HEAD of
ics-openvpn:master
. There will be lots of merge conflicts, but there are general rules for fielding them in the project's README
Questions
Can we come up with a cleaner way of handling this upstream dependency that does not involve:
- (at a minimum): reaching into the library code and altering it with custom code, creating merge conflicts and necessitating tracking patches to our git submodule?
- (ideally): using git submodules at all?