Feature #2960

preference to enable/disable https and unsigned indexes in repos

Added by hans almost 4 years ago. Updated over 2 years ago.

Status:In ProgressStart date:02/14/2014
Priority:NormalDue date:
Assignee:-% Done:


Target version:-


In FDroid, it is easy enough now to setup signed repos, and to use https with self-signed certs. FDroid should by default only use signed indexes (i.e. only look for index.jar and ignore index.xml) and expect HTTPS connections. Then via a preference, http and unsigned repos could be enabled.

Related issues

Related to Bazaar - Task #2924: if URL includes fingerprint, first download should be ind... Rejected 01/30/2014
Related to Bazaar - Bug #2901: represent bad states of signing key in ManageRepo view New 01/23/2014

Associated revisions

Revision a0970d07
Added by Hans-Christoph Steiner over 3 years ago

when adding a repo with fingerprint, make sure to store the pubkey

The logic here is crufty, so I slapped a flag in there to make sure that
the pubkey gets stored when someone configures a repo and includes the
fingerprint. When the fingerprint is set, it will first download the
index.jar and verify it against that fingerprint. The logic for storing
the pubkey permanently happens later in the XML parsing, so there needs to
be a flag to signal to store the pubkey in this case.

Before the flow was always index.xml -> get pubkey -> index.jar. Really,
there should no longer be support for unsigned repos, then all of this
stuff can be dramatically simplified.

fixes #2924 https://dev.guardianproject.info/issues/2924
refs #2960 https://dev.guardianproject.info/issues/2960

Revision b7339e94
Added by Hans-Christoph Steiner over 3 years ago

support HTTPS:// for local repo in a preference

Allow the local repo to use HTTPS:// instead of HTTP://. This is currently
default off since handling the self-signed certificate is not currently
graceful. In the future, the SPKI that AndroidPinning uses should be
included in the repo meta data, then when someone marks a repo as trusted,
that local repo's SPKI should be added to the list of trusted keys in

fixes #2960 https://dev.guardianproject.info/issues/2960


#2 Updated by hans over 3 years ago

  • Target version changed from improved security/usability to Integrate Kerplapp into FDroid

#3 Updated by hans over 3 years ago

  • Target version changed from Integrate Kerplapp into FDroid to new unified Downloader infrastructure

#4 Updated by Anonymous over 3 years ago

  • Status changed from New to Resolved

Applied in changeset fdroidclient|commit:b7339e94236f9ceac09472e1a35c677ecc708670.

#5 Updated by hans over 3 years ago

  • Subject changed from preference to enable/disable http and unsigned indexes in repos to preference to enable/disable https and unsigned indexes in repos
  • Status changed from Resolved to In Progress
  • Target version changed from new unified Downloader infrastructure to 134

#6 Updated by hans over 2 years ago

  • Target version deleted (134)

Also available in: Atom PDF