Skip to content
Snippets Groups Projects
Select Git revision
0 results

bitmask_android

  • Clone with SSH
  • Clone with HTTPS
  • Forked from leap / bitmask_android
    Source project has a limited visibility.
    user avatar
    Parménides GV authored
    Riseup's EE certificate expired (EE = End-Entity, the commercial
    certificate signed by the issuer), and we weren't able to fetch
    provider.json because the pin wasn't valid.
    
    This problem needs to be avoided in the future, using
    HKPK (https://tools.ietf.org/html/rfc7469), which Micah's implementing
    on Riseup.
    
    Switching from build types from flavors enables us to run tests against
    production apk, not just debug. I didn't detect this pinning problem
    because tests were run only against the debug apk, which trusted
    preseeded providers by default (thus bypassing pinning issue).
    b0a0805a
    History
    Name Last commit Last update