Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. jrmwvu04

    pixelserv pixelserv - A Better One-pixel Webserver for Adblock

    @Jack Yaz I finally have an 18.04 Ubuntu environment set up. I have not been able to figure out cross compile, if you have any tips or can point me to a guide that would be appreciated
  2. jrmwvu04

    pixelserv pixelserv - A Better One-pixel Webserver for Adblock

    Easiest way to tell will be the tls1_3 flag in the header on the servstats page pixelserv-tls 2.2.1 (compiled: Feb 27 2019 13:10:51 flags: tls1_3)
  3. jrmwvu04

    pixelserv pixelserv - A Better One-pixel Webserver for Adblock

    Out of curiosity, I assume you’ve built the dynamic binary? I was building static on homebrew with OpenSSL 1.1 - long story short for those interested is that on most (all?) asuswrt platforms you will be limited to tls 1.2 without that.
  4. jrmwvu04

    pixelserv pixelserv - A Better One-pixel Webserver for Adblock

    It’s not in my skill set to write coherent guides on things like this where I have a sketchy understanding. I generally have to make several mistakes on the way to backing into success against the odds - it doesn’t make for a fun read for others. Someone else will probably come through before I...
  5. jrmwvu04

    pixelserv pixelserv - A Better One-pixel Webserver for Adblock

    I think that a functioning tls on a major platform warrants the version change myself. Seconded.
  6. jrmwvu04

    pixelserv pixelserv - A Better One-pixel Webserver for Adblock

    You thought you were safe I have been trying to get a build. I got pretty decent at building it from source working with kvic early in the year on the homebrew port, so to some degree I know what I’m doing. But the Catalina beta has broken so much software. It is bananas how much stuff doesn’t...
  7. jrmwvu04

    pixelserv pixelserv - A Better One-pixel Webserver for Adblock

    I'm not an expert on any of this. Some of the stuff I've dealt with enough to manipulate, some of it I have a working understanding, and some of it I've heard about for the first time this week. Whatever that is, it has nothing to do with pixelserv or the new tighter iOS/macOS rules
  8. jrmwvu04

    pixelserv pixelserv - A Better One-pixel Webserver for Adblock

    Without the proper testing which I have not done I can’t say definitively, but I assume the ExtendedKeyUsage extension will also need to be present. I hit a ton of snags trying to get a build environment going last night (Catalina breaks quite a bit of software).
  9. jrmwvu04

    pixelserv pixelserv - A Better One-pixel Webserver for Adblock

    Looks good, thanks. Comment should change to 2 years. (x509), 63072000L); // cert valid for 10yrs If anyone builds a binary for armv7, feel free to share.
  10. jrmwvu04

    pixelserv pixelserv - A Better One-pixel Webserver for Adblock

    No, that’s what I was getting at earlier. Even if the tls handshake is failing, dropped pixelserv connections are preferable to other solutions.
  11. jrmwvu04

    pixelserv pixelserv - A Better One-pixel Webserver for Adblock

    Currently I'm working with macOS because it's just easier to sit behind one keyboard to do testing. iOS behaves similarly, but doesn't give the user as many specifics. All of this pertains to Safari, by the way. I am not sure how or if other browsers are affected yet. It's worth noting, I...
  12. jrmwvu04

    pixelserv pixelserv - A Better One-pixel Webserver for Adblock

    Here's what the current result is from the latest pixelserv build widely available. 10 years, 1024 bit, etc. despite the supplied certificate being changed.
  13. jrmwvu04

    pixelserv pixelserv - A Better One-pixel Webserver for Adblock

    To be honest I've been concerned about him. For those of you not following the news, Hong Kong is not an ideal place to be lately. To quote another user, the silence is now worrisome. Yeah, the heart of this issue is that the changes to how the keys are generated need to be made inside of...
  14. jrmwvu04

    Diversion Diversion - the Router Ad-Blocker

    Well in fact the fix is pretty easy actually for those so inclined. It’s a matter of changing a 1024 to a 2048 in the source code. https://github.com/kvic-z/pixelserv-tls/issues/28 But I bring it up here because the diversion crowd is probably not the compile-it-yourself type by and large. I...
  15. jrmwvu04

    Diversion Diversion - the Router Ad-Blocker

    Be that as it may, there are no indications he's still around to solve it. I have not heard from him on any of the various usual channels for months now. So unless something changes, pixelserv will not work as it has in the past for those systems for anyone who doesn't acquire a patched binary.
  16. jrmwvu04

    Diversion Diversion - the Router Ad-Blocker

    @thelonelycoder I posted in the pixelserv thread but things there are sort of dead lately. Just a heads up that there will be an issue for all the new macOS 10.15 and iOS 13 users next month without a change to pixelserv code.
  17. jrmwvu04

    pixelserv pixelserv - A Better One-pixel Webserver for Adblock

    The gist of it is that the certificates that pixelserv generates (the _.whatever ones) use 1024 bit RSA - this is specified in pixelserv code irrespective of the ca.crt you supply to it. I saw mention of that on GitHub and have confirmed it independently by examining my generated certificates...
  18. jrmwvu04

    pixelserv pixelserv - A Better One-pixel Webserver for Adblock

    https://support.apple.com/en-us/HT210176 All TLS server certificates must comply with these new security requirements in iOS 13 and macOS 10.15: TLS server certificates and issuing CAs using RSA keys must use key sizes greater than or equal to 2048 bits. Certificates using RSA key sizes...
  19. jrmwvu04

    [Fork] Asuswrt-Merlin 374.43 LTS releases (Archive)

    You should be able to flash with no problem but you will for sure need to factory reset once you’re on 380
  20. jrmwvu04

    [Fork] Asuswrt-Merlin 374.43 LTS releases (Archive)

    He’s taking an indefinite amount of personal time away dealing with some life things. I was gone for a while too but I’m doing fine, for any who were concerned.
Top