net00

I have been able to backport some flutter iOS apps to 32bit legacy devices. This is only in some cases where all their dependencies are compatible + some tweaking of build scripts.

I wonder if Voyager can be backported, as it's crossplatform (react native?) app. Before I dig does anyone know if this is possible?

EDIT: I'm not asking the devs to do anything, I'm asking anyone familiar with the code if they know whether this is feasible before I start digging

If you stumble into this post, chances are you have scoured the internet for solutions to this issue. The few mentions of it out there are answered with completely worthless "turn it off an on again" answers.

Well after spending a few evenings picking apart this issue I finally was able to add an Outlook account using the settings app on my iPad 4 running iOS 10.3.4.

TL:DR

• Install version .12 of ssl-kill-switch2 from their repo
• Add your account :)
• Remove ssl-kill-switch2

Background

Without the above steps, if you try to add an Outlook.com account to your device within the settings app, you would only see a blank WebView splash for half a second, and then it closes. This leaves you with a null account that doesn't work. As you can see, there's not much to go on, and the internet won't be of any help as stated.

Up until a few days ago a workaround was to add your Outlook account under the Microsoft Exchange option (using an app password). However this began failing recently. Currently this approach will yield intermittent "Incorrect Password" popups (even on current iOS versions). I suspect a recent change from Microsoft broke this workaround.

Unfortunately, iOS 10 forces you to use OAuth flow to add Outlook accounts. On earlier versions, there's no issue as you can simply provide an app password to the iOS login form and be on your way.

With these conditions, the only other way to add an Outlook Account is as a manually configured IMAP email. This will provide mail, but does not include Contacts or Calendar sync. It also doesn't support Push syncing.

Investigating the issue

Without much to go on with, I suspected Microsoft was rejecting the request (as the Google & Yahoo options did not immediately close). Therefore I started sniffing HTTPS requests from iOS through mitmproxy. This revealed that iOS first makes a CONNECT request to newaccountredirectdomain.apple.com when you try adding an Outlook account. This is the only request I saw, so my iPad was not even reaching Microsoft at all before kicking me out of the authentication flow. Other account options (Gmail, Yahoo) make a call to gil.apple.com and do continue afterwards with requests to google or yahoo.

I started reading up on similar issues, and they all pointed to certificate pinning being the culprit. This eventually led me to installing ssl-kill-switch2. It appears the Settings app implements some certificate pinning. Basically the settings App has defined certificates it expects the remote servers to present, any other certificate means the connection will be dropped.

I was then led to a bunch of time waste and headaches, because the latest version of ssl-kill-switch does not properly work on iOS 10, and there's no mention of this anywhere. Ssl-kill-switch2 has hardly been properly maintained, and through some open issues I started to suspect the latest version didn't actually work (on iOS 10 at least).

Therefore I installed v.12, did a respring, and tried adding an Outlook account. I could see that the WebView started and finally presented the Microsoft login web form. It accepted my credentials and a few seconds later I had my account added.

That's about it, hopefully someone with the same issue stumbles upon this post, and saves all the time I spent on this lmao.

Decided to check back on things after a coming across a comment saying a month had already gone by. Completely unsurprisingly everything was swept under the rug. The promise to "release findings" seems now nothing but a tactic to shut up anyone calling them out and now they just act like nothing happened.

Who woulda thunk?.

On the quality issues they still manage to fuck up even with all the "new processes" Won't surprise me if sooner rather than later they just go back to the regular shitshow.

I'm reading up on self-hosting Lemmy, and I was planning on creating my own private instance for individual use on some spare Azure ASP I use to host private FreshRSS (not rich to host a public service).

This basically shuts my idea down, because I wanted to simply host my account myself and browse all of Lemmy as I please.

So is everyone hosting individual instances dealing with them being public? is there a workaround to avoid having a public service that anyone can see?