• binkd outbound SSL on Windows

    From Warpslide@21:3/110.2 to All on Thursday, July 14, 2022 17:19:26
    Hi All,

    I've been playing around with hpt & binkd on both linux & windows. I found a

    helpful thread where Oli provided some info on how to make outbound
    connections via TLS with binkd & opensll (thanks Oli!):

    http://web.synchro.net/?page=001-forum.ssjs&sub=binkd&thread=7199

    node 1:229/664 -pipe "openssl s_client -quiet -alpn binkp -connect *H:*I" bbs.nrbbs.net:24553

    This works great on linux but not on my Telegard system under windows:

    C:\TELEGARD\BINKD>binkd -vpP 1:229/664 binkd.ini
    17:02 [3540] BEGIN standalone, binkd/1.1a-115/Win32 -vpP 1:229/664
    binkd.ini
    17:02 [3540] creating a poll for 1:229/664@fidonet (`d' flavour)
    17:02 [3540] clientmgr started
    $ -d 1:229/664@fidonet
    + 17:02 [5900] call to 1:229/664@fidonet

    And it just stops there. In order to be able to poll again I have to go and clean up the outbound directory otherwise it just says "outbound queue is empty" and won't even try.

    Yet I have opensll installed and included in the path:

    C:\TELEGARD\BINKD>openssl s_client -quiet -alpn binkp -connect bbs.nrbbs.net:24553
    depth=0 CN = bbs.nrbbs.net
    verify error:num=18:self signed certificate
    verify return:1
    depth=0 CN = bbs.nrbbs.net
    verify return:1
    OPT CRAM-MD5-59079e129cc90e4e88265eb5e9a4ce96 SYS Northern Realms LOC
    Binbrook, Ontario, Canada ZYZ Warpslide TIME Thu, 14 Jul 2022 16:56:13-0400
    VER Mystic/1.12A48 binkp/1.0 BUILD 2022/07/13 07:06:57 Raspberry Pi/32 w 1:229/664@fidonet 21:3/110@fsxnet 618:500/23@micronet 77:1/156@scinet 1:229/0@fidonet 1:12/0@fidonet 1337:3/126@tqwnet


    Under linux it works:

    jay@husky:~/fido/binkd$ binkd -vpP 1:229/664 binkd.cfg
    17:06 [148136] BEGIN, binkd/1.1a-115/Linux -vpP 1:229/664 binkd.cfg
    17:06 [148136] creating a poll for 1:229/664@fidonet (`d' flavour)
    17:06 [148136] clientmgr started
    $ -d 1:229/664@fidonet
    + 17:06 [148138] call to 1:229/664@fidonet
    + 17:06 [148138] External command 'openssl s_client -quiet -alpn binkp
    -connect bbs.nrbbs.net:24553' started, pid 148139
    17:06 [148138] connected
    + 17:06 [148138] outgoing session with bbs.nrbbs.net:24553
    Can't use SSL_get_servername
    depth=0 CN = bbs.nrbbs.net
    verify error:num=18:self signed certificate
    verify return:1
    depth=0 CN = bbs.nrbbs.net
    verify return:1
    - 17:06 [148138] OPT CRAM-MD5-ddf9fc49426a60b91f626733c318ad08
    [...]

    Under windows it never gets to the "External command" part. Anyone have any ideas?


    Jay

    ... Shout out to the people that don't know what the opposite of in is!

    --- Telegard v3.09.g2-sp4/mL
    * Origin: Northern Realms/TG ì tg.nrbbs.net ì Binbrook, ON (21:3/110.2)
  • From Oli@21:3/102 to Warpslide on Monday, July 18, 2022 11:38:13
    Warpslide wrote (2022-07-14):

    I've been playing around with hpt & binkd on both linux & windows.
    I found a helpful thread where Oli provided some info on how to make outbound connections via TLS with binkd & opensll (thanks Oli!):

    node 1:229/664 -pipe "openssl s_client -quiet -alpn binkp -connect *H:*I" bbs.nrbbs.net:24553

    This works great on linux but not on my Telegard system under windows:

    C:\TELEGARD\BINKD>> binkd -vpP 1:229/664 binkd.ini
    17:02 [3540] BEGIN standalone, binkd/1.1a-115/Win32 -vpP 1:229/664 binkd.ini
    17:02 [3540] creating a poll for 1:229/664@fidonet (`d' flavour)
    17:02 [3540] clientmgr started
    $ -d 1:229/664@fidonet
    + 17:02 [5900] call to 1:229/664@fidonet

    And it just stops there. In order to be able to poll again I have to go and clean up the outbound directory otherwise it just says "outbound
    queue is empty" and won't even try.
    [...]
    Under windows it never gets to the "External command" part. Anyone have any ideas?

    I never tried this on Windows and maybe no one ever has. It might me a problem with binkd or openssl. Maybe try ncat instead of openssl:

    https://nmap.org/ncat/

    "ncat --ssl *H:*I"

    You could also omit the "-quiet" parameter for openssl and see if you get any output then.

    The "-alpn binkp" option is not really needed (only if the remote did require ALPN, but there is no node I'm aware of). I also use the -noservername option, which prevents sending the domain name unencrypted over the wire.

    "openssl s_client -noservername ..."

    ---
    * Origin: War is Peace. Freedom is Slavery. Ignorance is Strength. (21:3/102)
  • From Oli@21:3/102 to Warpslide on Monday, July 18, 2022 11:47:48
    Warpslide wrote (2022-07-14):

    This works great on linux but not on my Telegard system under windows:

    C:\TELEGARD\BINKD>> binkd -vpP 1:229/664 binkd.ini
    17:02 [3540] BEGIN standalone, binkd/1.1a-115/Win32 -vpP 1:229/664 binkd.ini
    17:02 [3540] creating a poll for 1:229/664@fidonet (`d' flavour)
    17:02 [3540] clientmgr started
    $ -d 1:229/664@fidonet
    + 17:02 [5900] call to 1:229/664@fidonet

    And it just stops there. In order to be able to poll again I have to go and clean up the outbound directory otherwise it just says "outbound
    queue is empty" and won't even try.

    Under windows it never gets to the "External command" part. Anyone have any ideas?

    in protocol.c, line 327 (binkd 1.1a-115 sources):

    if (state->pipe)
    /* TODO: this call should be non-blocking on WIN32 */
    n = write (state->s_out, state->optr, state->oleft);

    Maybe it just does not work properly in the Windows version?

    â‚

    ---
    * Origin: War is Peace. Freedom is Slavery. Ignorance is Strength. (21:3/102)