Diversion 4.1.8 is now available
What's new in Diversion 4.1.8
- Adds warning in UI and quits blocking list update if hostslist(s) do not contain hosts URL(s).
- Adds warning in UI if blocking list(s) contain less than 200 domains.
- Correctly sets owner and permissions of all dnsmasq.log files to "nobody" and "0640" respectively.
- Correctly sets owner of /opt/var/cache/pixelserv files to "nobody".
- pixelserv-tls certificates key length is now shown in
ep, 3.
- Reverts pixelserv-tls CA certificate key length generation back to 2048 bit. This only applies for new installations or when the CA certificate is regenerated.
Important, please read.
Due to an error of judgement, I changed the pixelserv-tls CA key length generation down to 1024 bits in Diversion 4.1.7.
Along with it, I missed to change one instance of this value in one of the files that may come into play when (re)generating the CA certificate.
On devices with elevated requirements for trusted certificates - such as iPads and iPhones with iOS 13.x - this triggers an untrusted certificate error.
All is OK when:
- The pixelserv-tls CA certificate was generated off of Diversion v4.1.4
up to v4.1.6, with pixelserv-tls v2.3.0 by
@Jack Yaz or the new build v2.3.1 by
@kvic.
You will need to regenerate the certificate when:
- The pixelserv-tls CA certificate was generated off of Diversion v4.1.7, with pixelserv-tls v2.3.0 by
@Jack Yaz or the new build v2.3.1 by
@kvic.
You will need to upgrade pixelserv-tls when:
- The pixelserv-tls version is 2.2.1 or older and you use devices with elevated requirements for trusted certificates.
To test if your device works with the certificate, open
https://diversion-adblocking-ip.address in a browser. You may have to reload the page a couple of times to get the secure padlock icon.
Import the pixelserv-tls CA certificate into browsers and devices by
following this guide carefully below the
Import Pixelserv CA on client devices section:
https://github.com/kvic-z/pixelserv-tls/wiki/Create-and-Import-the-CA-Certificate
For instructions how to upgrade pixelserv-tls or regenerate the CA certificate,
see release notes for Diversion 4.1.4 (scroll down).
How to update
Use
u to update to this latest version.