Conversation

Notices

(mint@ryona.agency)'s status on Friday, 27-Jan-2023 19:56:46 JST
@cassidyclown @sam @sam @FrailLeaf What I've observed is that pleromer uses hardcoded certificate list from certifi elixir lib, and when changing some TLS-related settings, it could start ignoring the certificate check completely. Not sure how to work around it, HTTP adapter support is fucking abysmal with no signs of improvement (that's why I unpinned my Tor federation thread, btw). Enforcing TLS 1.3, on the other hand, could break federation with instances that don't support it, pretty sure there's at least a bunch of them.

In conversation Friday, 27-Jan-2023 19:56:46 JST from ryona.agency permalink
- (mint@ryona.agency)'s status on Friday, 27-Jan-2023 19:57:32 JST
  in reply to
  @cassidyclown @FrailLeaf @sam @sam You could try disabling certificate check completely, I don’t use admin-fe, but it goes like this, should work with default Hackney.
  config :pleroma, :http, adapter: [ certificates_verification: false, ssl_options: [ verify: :verify_none ] ] config :pleroma, :media_proxy, proxy_opts: [ certificates_verification: false, tls_opts: [ verify: :verify_none ] ]
  
  In conversation Friday, 27-Jan-2023 19:57:32 JST permalink
- (mint@ryona.agency)'s status on Friday, 27-Jan-2023 19:59:46 JST
  in reply to
  @FrailLeaf @cassidyclown @sam @sam JUST LOOK AT THIS SHIT
  https://github.com/elixir-tesla/tesla/issues/552
  OPEN FOR ALMOST TWO MONTHS, AND NOT A SINGLE BITCH BOTHERED TO AT LEAST COMMENT ON IT
  NOT TO MENTION THIS
  https://github.com/benoitc/hackney/issues/273
  THE BUG IS NOW OLD ENOUGH FOR PERNIA TO STOP BEING SEXUALLY ATTRACTED TO IT, ZERO FIXES, NADA
  In conversation Friday, 27-Jan-2023 19:59:46 JST permalink
  Attachments
  1. Can't connect to anything with Gun adapter using HTTP proxy · Issue #552 · elixir-tesla/tesla
    
    Tesla and Gun both with latest commits from master branch, but the same can be seen with Tesla 1.4.4 and Gun 2.0.0-rc1. gun_client = Tesla.client([], Tesla.Adapter.Gun) Tesla.get(gun_client, "...
  2. Proxy configuration not used when using follow_redirect · Issue #273 · benoitc/hackney
    
    Apparently using follow_redirect and a proxy won't work for the following requests. Initially reported by edgurgel/httpoison#112
- cassidyclown (cassidyclown@clubcyberia.co)'s status on Friday, 27-Jan-2023 20:05:26 JST cassidyclown
  in reply to
  - John Mastodon :verified:
  - God's Silliest Soldier
  @mint @sam @sam @FrailLeaf Explains why everyone except pleromer seemed happy with the certificate. You can enable multiple TLS versions including 1.3 which is what I've done - so hopefully won't break federation with most instances.
  
  In conversation Friday, 27-Jan-2023 20:05:26 JST permalink
  
  likes this.
- God's Silliest Soldier (frailleaf@silliness.observer)'s status on Friday, 27-Jan-2023 20:39:28 JST God's Silliest Soldier
  in reply to
  @pomstan @cassidyclown @sam @mint real raped pedophiles @ github.com/elixir-tesla
  
  In conversation Friday, 27-Jan-2023 20:39:28 JST permalink
  
  likes this.
- pomstan (pomstan@xn--p1abe3d.xn--80asehdb)'s status on Friday, 27-Jan-2023 20:39:30 JST pomstan
  in reply to
  @mint @cassidyclown @sam @FrailLeaf that’s what you get for writing your software in a niche language
  
  In conversation Friday, 27-Jan-2023 20:39:30 JST permalink
- cassidyclown (cassidyclown@clubcyberia.co)'s status on Friday, 27-Jan-2023 21:03:20 JST cassidyclown
  in reply to
  - John Mastodon :verified:
  - God's Silliest Soldier
  @mint @sam @sam @FrailLeaf Thanks tried these hoping media_proxy would fix the broken avi but nothing- get {:tls_alert, {:unknown_ca, 'TLS client: In state wait_cert_cr at ssl_handshake.erl:2111 generated CLIENT ALERT: Fatal - Unknown CA\n'}} in the logs when I @ to preview the avi :niggawhy:
  
  In conversation Friday, 27-Jan-2023 21:03:20 JST permalink
  
  likes this.
- (mint@ryona.agency)'s status on Friday, 27-Jan-2023 21:03:25 JST
  in reply to
  @cassidyclown @sam @sam @FrailLeaf Try this instead.
  config :pleroma, :media_proxy, proxy_opts: [ ssl_options: [ verify: :verify_none ] ]
  
  In conversation Friday, 27-Jan-2023 21:03:25 JST permalink
- (mint@ryona.agency)'s status on Friday, 27-Jan-2023 21:43:24 JST
  in reply to
  @cassidyclown @sam @sam @FrailLeaf Ok, I think I've figured it out, apologies for delay and false leads; for some reason I thought redirect_on_failure is outside of proxy_opts which resulted in some confusion.
```
config :pleroma, :media_proxy,
enabled: true,
proxy_opts: [
redirect_on_failure: false,
http: [
proxy: "127.0.0.1:8118",
ssl_options: [
verify: :verify_none
]
]
]
```
  
  In conversation Friday, 27-Jan-2023 21:43:24 JST permalink
- cassidyclown (cassidyclown@clubcyberia.co)'s status on Friday, 27-Jan-2023 21:43:25 JST cassidyclown
  in reply to
  @mint @FrailLeaf @sam @sam whitelisted returns.null and almost lost my mind because the docs recommended putting https://example.com yet nothing happened when I prefixed with https- thankfully worked with the bare returns.null . This isn't really a solution though at least it's a sanity check.
  In conversation Friday, 27-Jan-2023 21:43:25 JST permalink
  Attachments
  1. No result found on File_thumbnail lookup.
    
    Example Domain
- cassidyclown (cassidyclown@clubcyberia.co)'s status on Friday, 27-Jan-2023 21:43:26 JST cassidyclown
  in reply to
  - John Mastodon :verified:
  - God's Silliest Soldier
  @mint @sam @sam @FrailLeaf still the same :cryblood:
  
  In conversation Friday, 27-Jan-2023 21:43:26 JST permalink
- cassidyclown (cassidyclown@clubcyberia.co)'s status on Friday, 27-Jan-2023 21:50:00 JST cassidyclown
  in reply to
  - John Mastodon :verified:
  - God's Silliest Soldier
  @mint @sam @sam @FrailLeaf it works :happyday: :happyday: :happyday: thank you
  
  In conversation Friday, 27-Jan-2023 21:50:00 JST permalink
  
  likes this.

Public

Conversation

Notices

Feeds