hybrid 703 with ssl

Tim Wojtulewicz timwoj at ieee.org
Sun May 15 15:51:45 EDT 2005


Hmm, I haven't ever seen that one before.  The certs were created  
with the new methods from my email you quoted?  As I hate to blame  
the client without first verifying it's not the server patch's  
problem, what client are you using that connects with SSLv3?  I use  
irssi to connect and it uses TLSv1, which seems to work just fine.

Tim

On May 6, 2005, at 10:36 PM, Alan LeVee wrote:

> Well I implemented the SSL patch you wrote but I have hit the same  
> problem I
> hit the last time when I tried to integrate it with our  
> modifications. This
> is the error I speak of, and of course, nothing is showing up in  
> the logs (I
> have it in debug mode) so I cannot find out what's causing it...
>
> --- Connection failed. Error: (336151568) error:14094410:SSL
> routines:SSL3_READ_BYTES:sslv3 alert handshake failure
>
> If you have any light on what is causing it that would be great
>
> -----Original Message-----
> From: hybrid-bounces at lists.ircd-hybrid.org
> [mailto:hybrid-bounces at lists.ircd-hybrid.org] On Behalf Of Tim  
> Wojtulewicz
> Sent: Tuesday, May 03, 2005 1:46 AM
> To: General IRCD-Hybrid Discussion
> Subject: Re: hybrid 703 with ssl
>
> I was speaking more along the lines of the problems the original
> poster was having with applying and using the patch.  The current
> patch applies and runs perfectly well against 7.0.3, and I've been
> using it on a 3-server network for many months with no problems.  The
> original poster might want to look at http://madleet.com/projects/
> 703ssl.patch.  The docs for creating the certs are different (read:
> correct) in that version.  I need to email the maintainer of the
> patch archive and have them include the new version.
>
> As for porting it to 7.1, that's a real trick.  I started working on
> that, but never really got a chance to test the changes too much
> since our network runs 7.0.3 and has no current plans to upgrade.  I
> had a preliminary patch at http://madleet.com/projects/71ssl-v2.patch
> if you want to take a look.  I can't recall what version of 7.1 that
> was created against.
>
> Tim
>
> On May 2, 2005, at 7:22 PM, Rachel Llorenna wrote:
>
>
>> Yeah. It might be better if a branch of hybrid was made instead,
>> although that would require significant amounts of extra work.  
>> Keeping
>> patch sets current is a difficult thing to do, which is why so few
>> have survived: they end up getting thrown out or merged into the main
>> ircd tree. It might be interesting to see client-to-server SSL as an
>> option for the main ircd-hybrid tree, but I doubt that's going to
>> happen any time in the near future, as it is not currently in use on
>> EFnet.
>>
>> On 5/2/05, Alan LeVee <alan.levee at prometheus-designs.net> wrote:
>>
>>
>>> Well it's more about a matter of time, which I don't have a lot of
>>> right now
>>> since I'm relocating to another state. The patch works fine it's
>>> just I have
>>> to manually write it in since I can't simply apply it due to the
>>> heavy
>>> amount of changes to the source code that was done.
>>>
>>> -----Original Message-----
>>> From: hybrid-bounces at lists.ircd-hybrid.org
>>> [mailto:hybrid-bounces at lists.ircd-hybrid.org] On Behalf Of Tim
>>> Wojtulewicz
>>> Sent: Monday, May 02, 2005 10:07 PM
>>> To: General IRCD-Hybrid Discussion
>>> Subject: Re: hybrid 703 with ssl
>>>
>>> Did you get this resolved?  Sorry it took me so long to speak up,
>>> I've been rather busy lately.
>>>
>>> Tim
>>>
>>> On Apr 24, 2005, at 4:52 AM, multi multi wrote:
>>>
>>>
>>>
>>>> Hi,
>>>>
>>>> I hope i post this in the right section, .. but anyway i have some
>>>> problems
>>>> with getting ssl working on ircd-hybrid-7.0.3 , i found out during
>>>> install
>>>> ssl isnt enabled by default, but needed a patch to set the ssl in
>>>> the conf etc
>>>> i got the patch from this website
>>>>
>>>> http://www.wohmart.com/ircd/pub/hybrid/3-Feature/timwoj-ssl/
>>>> 703ssl.patch
>>>>
>>>> its all compiled and working without ssl on a normal port
>>>> but as soon i connect to the ssl port, i get connected but
>>>> disconnected again
>>>> i made the key/pub files and the ssl cert like documentated
>>>> but no go, anyway i cant find any log of ssl, only ircd startup is
>>>> logged in ircd.log, any other way to check?
>>>> i tested this on 2 boxes : at home and another shell, both not
>>>> working
>>>> ( gentoo / debian )
>>>>
>>>> so i apparently must do something wrong or oversee something
>>>> anyone that can help me out, or got any tips to get it working?
>>>> or can tell me which hybrid version i should use with ssl , that
>>>> should work?
>>>>
>>>> also i can post the ircd.conf later if needed
>>>>
>>>> Thanks in advance
>>>>
>>>> _________________________________________________________________
>>>> MSN Webmessenger overal en altijd beschikbaar http://
>>>> webmessenger.msn.com/
>>>>
>>>>
>>>>
>>>
>>> --
>>> No virus found in this incoming message.
>>> Checked by AVG Anti-Virus.
>>> Version: 7.0.308 / Virus Database: 266.11.1 - Release Date: 5/2/2005
>>>
>>> --
>>> No virus found in this outgoing message.
>>> Checked by AVG Anti-Virus.
>>> Version: 7.0.308 / Virus Database: 266.11.1 - Release Date: 5/2/2005
>>>
>>>
>>>
>>>
>>
>>
>> -- 
>> Regards,
>>
>> Rachel Llorenna (frequency)
>>
>>
>
> -- 
> No virus found in this incoming message.
> Checked by AVG Anti-Virus.
> Version: 7.0.308 / Virus Database: 266.11.2 - Release Date: 5/2/2005
>
>
> -- 
> No virus found in this outgoing message.
> Checked by AVG Anti-Virus.
> Version: 7.0.308 / Virus Database: 266.11.5 - Release Date: 5/4/2005
>
>




More information about the hybrid mailing list