OpenSSL in current Hybrid 7.2.x tree non-functional?

David A. Desrosiers david.a.desrosiers at
Sat Apr 11 13:36:46 EDT 2009

I can confirm the issue stated in this thread:

I've tried to run the current trunk and 7.2.x as well as the default
version shipped with Debian and none of them appear to be listening
for connections on port 994 at all. My server is configured as

serverinfo {
        name                    = "";
        description             = "My Internal Server";
        hub                     = yes;
        rsa_private_key_file    = "/usr/local/irc/etc/server.key";
        ssl_cert_file           = "/usr/local/irc/etc/server.crt";

listen {
        flags   = hidden, ssl;
        port    = 994;
        ssl     = yes;

listen {
        port    = 6667;
        ssl     = no;

What is interesting however, is the broken openssl that has been
shipping recently (upstream and in distros):

# openssl s_server -ssl3 -accept 6666 -nocert -bugs -chain -timeout
Using default temp DH parameters
Using default temp ECDH parameters

And then when I connect to that from another openssl session:

# openssl s_client -ssl3 -no_ssl2 -showcerts -connect
15249:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert
handshake failure:s3_pkt.c:1053:SSL alert number 40
15249:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake

Which returns this on the s_server side:

15247:error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared
shutting down SSL

This /used to/ work, when I was using the linuxnet ircd hybrid
codebase a few years ago, but now using the current upstream codebase,
I can no longer get ircs sessions started or authenticated.

Can anyone help?

More information about the hybrid mailing list