Previously it would direct to the LocalRepo screen, then when that code
was ported to the swap workflow, it did nothing :( Now it does as one
might expect, and actually directs the user to the swap screen.
I had a couple of months of changes which I rebased over master.
It made me sad. After doign what I thought was required to resolve
conflicts, I've now gone and fixed a few bits here and there.
This arose because I didn't try and compile after each merge conflict.
I'll take the lesson onboard and try to remember to do this in the
future :)
Previously, we would redirect to the main list of apps. Now, the swap
thing will show the specific apps in the "LocalRepo" category. It also
shows the "Swap complete" message with a nice icon carrie designed.
Instead of always showing "swap", sometimes it shouldn't be shown
at all (i.e. on the first and last screen) and on the NFC screen,
it says "skip".
There is a translated string called "skip_button_label" available
in the AndroidPreferenceFragment library, but I don't want to rely
on that. Prefer to have our awesome translators be in charge of
that label.
Previously, swap would only enable this if the user hadn't previously
said "Don't show NFC message again". However, we really want people
to be able to swap regardless of whether the actual UI message is shown
or not.
Refactored NfcBeamManager to NfcHelper, to allow extra utility methods
to live there. Specifically, the process of sending a URI over NFC.
Removed some superfluous debugging calls to Log.i().
Took a while to figure out, but the problem was that the support
libraries ListFragment would only ever use getActivity() when
creating widgets. What we really needed was the ability to use
an alternative context, namely a ContextThemeWrapper. If this is
passed to the constructor of a widget, it is themed appropriately.
To make it work, we now create our own list view in onCreateView()
(which is really a copy of the code from the android list_content.xml
file anyway). There are also some workarounds for a bug in the
support library with regards to using your own view.
I did the same as some previous code which copied code from the zxing
library and put it in the com.google.zxing namespace (but left the license
in tact - is this okay for Apache 2.0 stuff?). The reason was that they
encourage copying the relevant two files into your project and modifying
as neccesary. In this case, it wasn't about modifying for functionalities
sake, but rather for android support libraries sake. The upstream version
doesn't support android.support.v4.app.Fragments, only android.app.Fragments.
Hooking up the intent integrator from zxing almost removes the need for
the refactoring which made FDroid.java responsible for handling "new repo"
intents. However, there is still the one case of the user not using
the QR code, but rather a web browser to connect to a swap. That is, they
will click a link on the other phones web browser, which directs them to
initiate the swap. Thus, we still need FDroid.java to be able to distinguish
between a "swap" new repo request, and a regular "add repo" new repo request.
In the process, I also commented out the "It's not working" button.
Listen for a new intent, show a screen to the user mentioning
they are about to start a swap. Make FDroid receive repo intents,
then dispatch to relevant Activity.
Previously manage repo always got the intents. Now FDroid does, and
chooses whether to give to ManageRepos or Client connect.
Not sure if it is required to do it this way or not, but it seems to
work.
I had a bit of an issue getting the "Welcome to F-Droid" string to
fit on one line, because it was breaking on the hyphen. That is still
not resolved in this commit.
Still need to:
* Show error messages instead of the "connect" description
* Jar signing seems not to work when connecting to other repo.
In order to handle returning to F-Droid after connecting (or saying no)
I tagged the intent with a "handled" extra value. That way, I can ignore
trying to connect to a repo if we've already handled that event.
Finally, I also fixed an issue regarding downloading of signed
index.jar files with an uppercase fingerprint.
The fingerprint from the jar differed from that in the swap url,
in that one was upper case and the other was lower case.
This uses an .equalsIgnoreCase check instead. It also adds an
extra guard in case the repo doesn't have a fingerprint. Although
it may not even use the signed repo updater if both the pubkey
and fingerprint are null, it is nice to have the extra assurance.
Fixes issue #19.
I also left some more TODO's around. I should put them in issues,
but I'm in a bit of a hurry.
By starting the repo in the activity, both the NFC and wifi fragments
have access to it. In the future, it will make it easier to move some
of the static stuff from FDroidApp (to do with "selected apps") into
the SwapActivity, as it will not really be needed anywhere else.
The back button will take you back through each step of the swap
process now, and remove the swap Activity completely if you press
back from the first screen. Also, when the WiFi QR code is shown,
the local repo manager actually starts the relevant service.
The website now also has icons which it needs to worry about copying
across to the webroot, so I refactored the "symlink webroot to other
folders - such as /fdroid and /fdroid/repo".
Along with a bunch of networking stuff, a lot of UI to do with selecting
apps to swap was also moved. The background on the list is transparent,
which allows blue to shine through. Also, the text on the list items is
white, which will not work with a white background.
I've temporarily dropped support for searching this list too, until
I get some feedback from carrie et al.
NOTE: This stuff was written before hans fixed apcompat problems with
LocalRepoActivity, but then rebased over it later. As such, it doesn't
contain his fixes. Will need to do that before a stable release. i.e.
Still has a bit of a dependency on API 11 which needs to be resolved.
The Fragments and an Activity which tie all of the swap views together
has begun. The first bit of implementation is to get the current
wifi network displayed, which worked out alright.
This commit contains a lot of theme related stuff, particularly
involving taking assets from carries mockups and making them suitable
to use as drawables. The process for doing this is a story for another
day, but I'll document it and put it on the wiki in the future. carrie
showed me a script that a mate of hers used on another project, and
I've adapted it a little to make it work nicely here (note - it isn't
in this commit).
The button is blue, and always shown with associated text in the
ActionBar. This required a custom drawable which was set as the
background in the styles.xml.
Fixes this crash:
dalvikvm W threadid=1: thread exiting with uncaught exception (group=0xb68df4f0)
AndroidRuntime E FATAL EXCEPTION: main
E java.lang.RuntimeException: Unable to resume activity {org.fdroid.fdroid/org.fdroid.fdroid.views.ManageReposActivity}: java.lang.NullPointerException
E at android.app.ActivityThread.performResumeActivity(ActivityThread.java:2120)
E at android.app.ActivityThread.handleResumeActivity(ActivityThread.java:2135)
E at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:1668)
E at android.app.ActivityThread.access$1500(ActivityThread.java:117)
E at android.app.ActivityThread$H.handleMessage(ActivityThread.java:931)
E at android.os.Handler.dispatchMessage(Handler.java:99)
E at android.os.Looper.loop(Looper.java:130)
E at android.app.ActivityThread.main(ActivityThread.java:3683)
E at java.lang.reflect.Method.invokeNative(Native Method)
E at java.lang.reflect.Method.invoke(Method.java:507)
E at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:839)
E at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:597)
E at dalvik.system.NativeStart.main(Native Method)
E Caused by: java.lang.NullPointerException
E at org.fdroid.fdroid.views.ManageReposActivity.checkIfNewRepoOnSameWifi(ManageReposActivity.java:466)
E at org.fdroid.fdroid.views.ManageReposActivity.addRepoFromIntent(ManageReposActivity.java:455)
E at org.fdroid.fdroid.views.ManageReposActivity.onResume(ManageReposActivity.java:144)
E at android.app.Instrumentation.callActivityOnResume(Instrumentation.java:1150)
E at android.app.Activity.performResume(Activity.java:3832)
E at android.app.ActivityThread.performResumeActivity(ActivityThread.java:2110)
E ... 12 more
Rather, only show 25 progress events. I went with "25 events" rather
than "every X apps" because then it will be nice for both large repos
(e.g. F-Droid will update every ~50 apps) and small repos (something
with 20 apps will update for every one, but not add much overhead).
On my testing with an API 11 emulator here, it went from ~32s to
process ~1100 apps to ~20s. When no progress events are sent, then it
also takes ~20s, so this essentially is a 50% improvement for this part
of the update process.
Saves the new data for the repo at the end of the update process to enable the user to re-trigger the update in case the update exited prematurely.
Fixes#84.
When the user updates the repo and all packages are recent, the update dialog exited so fast, that some users might have thought that the repo didn't update. To notify them that no new updates were found, the user now gets a toast.
This reverts to only using standard HTTPS verification based on Certificate
Authorities. This means that self-signed certificates will not work at all
since that is what MemorizingTrustManager was providing. It seems to me
that this was originally working because MemorizingTrustManager was not
correctly validating. I couldn't figure out why PinningTrustManager alone
was not working. But we need to get good stable release out!
I'm leaving all the plumbing in place because this stuff should be included
once its all fixed and working properly. You can see where it was added
here: 254327f9a7700c8196e61f53801f1f12ac825806
refs #80https://gitlab.com/fdroid/fdroidclient/issues/80
The problem arose when we start with no categories other than the
three defaults, then add a repo with multiple categories. The exact
issue was that although the category spinner itself was updated,
the listener for onChange was referencing the list of categories
from before (with only three categories). Changed it to use data
from the category spinner adapter, that way it is always up to
date.
Also fixed some warnings in the file. Instance access of a static
object, and deprecated method warning.
The superuser shell has a timeout that can be specified. The timeout
was set to 5 seconds, thus the exit code from the shell is -1 (a
reserved exit code used by libsuperuse to indicate timeout).
By my estimate, it is more likely that a user will hit this error
message and get annoyed, compared to actually hitting a genuine timeout
because of some issue with superuser. Especially when we factor in slow
devices and large apps to install. Thus, the timeout has been bumped
to a more generous 30 seconds.
Replaced progress indicator methods with their "support" equivalents.
Also, it seems that on Android 4.0.4 and 4.0.3 if you request a
progress indicator in your ActionBarActivity (from the support
library), that it is set to visible to begin with. At least, that is
the conclusion I have come to, seeing as the only places it is set to
visible is on installApk() and removeApk(). Setting it to hidden in
onCreate seemed to do the trick (Couldn't use onResume, because we come
back from the "Request super user permissions" dialog, which causes
onResume to be invoked).
This commit uses alpha to make the category menu button appear darker to
match the rest of the dark theme. Since the background is black, the alpha
makes it darker. It is only used on the dark theme since alpha would
lighten the menu button on the light themes, and that would make it a worse
match.
If there is an unknown HTTPS certificate, MemorizingTrustManager puts up a
prompt to ask whether the user wants to trust the certificate. It comes at
a weird time in the lifecycle of the dialogs, so the previous dialog might
be null. Therefore add a null check.
This situation should probably be improved and better integrated.
The current HTTPS trust model is to first check if a site's key is TOFUed,
then check if it is pinned and check the CA, then prompt the user. There
is currently no way to only check the CA for validity. Ultimately, that
should probably not be needed if the repo URLs can include the HTTPS pin
info in the same way that the repo fingerprint is specified. Then it can
be added to the TOFU/POP keystore when the user accepts the Add Repo dialog
Since that idea does not exist yet, this commit adds the sites that are
likely to run their own repos in the near future:
https://f-droid.orghttps://guardianproject.infohttps://s3.amazonaws.com # multiple orgs use this
https://panicbutton.io # Amnesty International's app
https://psiphon.ca # circumvention tool
findbugs tells us:
Incorrect lazy initialization and update of static field org.fdroid.fdroid.
FDroidCertPins.PINLIST in org.fdroid.fdroid.FDroidCertPins.getPinList().
This method contains an unsynchronized lazy initialization of a static
field. After the field is set, the object stored into that location is
further updated or accessed. The setting of the field is visible to other
threads as soon as it is set. If the futher accesses in the method that set
the field serve to initialize the object, then you have a very serious
multithreading bug, unless something else prevents any other thread from
accessing the stored object until it is fully initialized.
Even if you feel confident that the method is never called by multiple
threads, it might be better to not set the static field until the value you
are setting it to is fully populated/initialized.
The third parameter in the MemorizingTrustManager constructor was not good
apparently. Here's the email from Ge0rg, the MemorizingTrustManager author:
As you added MTM into the f-droid client, I'm writing to inform you that
the MTM constructor API was incorrect, and has been changed in current
git master:
When using the three-parameter constructor, the second parameter, a
trustmanager, was only used until the user stored a certificate into
MTM, and was overwritten after that.
Please use the new MTM constructor, and pass it the pinMgr as the only
trust manager parameter.
This should help is there is ever multithreaded access to this variable.
This is an unlikely scenario, but the fix is easy.
findbugs reported this issue like this:
Incorrect lazy initialization and update of static field org.fdroid.fdroid.
FDroidApp.selectedApps in org.fdroid.fdroid.views.fragments.
SelectLocalAppsFragment.onActivityCreated(Bundle)
This method contains an unsynchronized lazy initialization of a static
field. After the field is set, the object stored into that location is
further updated or accessed. The setting of the field is visible to other
threads as soon as it is set. If the futher accesses in the method that set
the field serve to initialize the object, then you have a very serious
multithreading bug, unless something else prevents any other thread from
accessing the stored object until it is fully initialized.
findbugs found this problem and reported it like this:
Nullcheck of org.fdroid.fdroid.data.App.installedApk at line 191 of value
previously dereferenced in org.fdroid.fdroid.localrepo.LocalRepoManager.copyApksToRepo(List)
A value is checked here to see whether it is null, but this value can't be
null because it was previously dereferenced and if it were null a null
pointer exception would have occurred at the earlier dereference.
Essentially, this code and the previous dereference disagree as to whether
this value is allowed to be null. Either the check is redundant or the
previous dereference is erroneous.
default_repo_count is not used at all, and the numbering scheme is just a
vestige of that. This switches all the variables to have clear names of
what they are representing.
On Android 4.x, the category menu is showing up as pure black, and looks
very much like an app list item. I've personally witnessed many new users
struggle to find an app because the category is on "What's New" by default
and the app they are looking for is not new. Some even had troubles
remembering about the category menu after I told them. This small change
makes the category dropdown look the same on all Android versions, and
makes it a lot more apparent on newer Android releases.
This is a temporary usability fix until we can do something much better
than the category dropdown menu.
onNewIntent() is called because ManageReposActivity is set to "singleTask"
launchMode, but it is only called if ManageReposActivity is already
running. onResume() is always called, and called after onNewIntent() if it
is called, so use onNewIntent() only to set the current Intent, then parse
the Intent only in onResume().
Here is how to reproduce the original bug:
1. Close F-Droid properly and start it again.
2. Click on https://guardianproject.info/fdroid/repo in a browser (and tell
it to open with F-Droid)
3. Hit cancel on the add repo dialog
4. Leave F-Droid open and switch back to the browser
5. Open that link again.
This should result in two dialogs on top of one another. Happened from both
Firefox, Chrome, and Android browsers.
When someone clicks on a URL that F-Droid can accept, i.e. a repo URL, then
Android puts up a chooser where the user can select which app to VIEW the
URL with. That was showing up with the title "Repositories", which is the
title used for that Activity when viewing it. This keeps the Activity
title the same while changing the title in the chooser.
