Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Conscrypt library is better as separate apk #802

Open
ale5000-git opened this issue Jun 2, 2019 · 4 comments
Open

Conscrypt library is better as separate apk #802

ale5000-git opened this issue Jun 2, 2019 · 4 comments
Labels
enhancement

Comments

@ale5000-git
Copy link
Member

ale5000-git commented Jun 2, 2019
edited
Loading

@mar-v-in
@voidstarstar

Conscrypt library alone (also with maximum compression) is bigger then the entire GmsCore, I think it would be better as separate apk.
As bonus it could be put on F-Droid default repository and updated without updating GmsCore (improving security earlier).

PS: It would be nice to update conscrypt to 2.1.0 since it include fixes for broken use of TLS_FALLBACK_SCSV that may cause problems with TLS 1.3 servers.
PS2: The code must be excluded for armeabi (NOT v7) since the library isn't included.
@voidstarstar
Copy link
Contributor

I do like the idea of making microG more modular so we can get faster security updates, but I'm not really sure how it would be implemented.

I didn't test it, but I wonder if upgrading to 2.1.0 will fix #759. The server it connects to uses TLS 1.3.

Regarding the armeabi architecture, that sounds like it should be opened as a feature request for conscrypt. I wasn't aware that they didn't support armeabi for their native libraries, but it might be an easy fix (e.g. a simple addition to their build.gradle line that lists the Android NDK architectures).

@mar-v-in
Copy link
Member

mar-v-in commented Jun 2, 2019
edited
Loading

Everything you said sounds like good ideas to me. When conscrypt is packaged through F-Droid default repository it wouldn't be picked up by the original play services "ProviderInstaller" automatically, but I can also imagine to provide a associated "client library" that would be able to do so, as this could be advantageous to many apps, even those that want to be free software.

Designing microG more modular while at the same time make it easier to develop, was on my list of todos anyway.

The same concept might make sense for maps library as well, especially as we now have two implementations. Modularity also makes it easier to update/modify/develop/test individual modules as well and invites more people to contribute alternative modules (as has happened with UnifiedNlp modules)

@Nanolx
Copy link
Contributor

Nanolx commented Jun 2, 2019

@voidstarstar nope, bumping conscrypt to 2.1.0 does not fix the issue with Discord, I've already tested that.

@voidstarstar
Copy link
Contributor

#564 might also benefit from a more modular design.

@Nanolx Oh, that's a shame, but thanks for testing it!

This was referenced Jul 3, 2019
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@mar-v-in @Nanolx @voidstarstar @ale5000-git