Subj : binkd outbound SSL on Windows
To   : Warpslide
From : Oli
Date : Mon Jul 18 2022 11:38 am

Warpslide wrote (2022-07-14):

 W> I've been playing around with hpt & binkd on both linux & windows.
 W> I found a helpful thread where Oli provided some info on how to make
 W> outbound connections via TLS with binkd & opensll (thanks Oli!):

 W> node 1:229/664 -pipe "openssl s_client -quiet -alpn binkp -connect *H:*I"
 W> bbs.nrbbs.net:24553

 W> This works great on linux but not on my Telegard system under windows:

 C:\TELEGARD\BINKD>> binkd -vpP 1:229/664 binkd.ini
 W>    17:02 [3540] BEGIN standalone, binkd/1.1a-115/Win32 -vpP 1:229/664
 W> binkd.ini
 W>    17:02 [3540] creating a poll for 1:229/664@fidonet (`d' flavour)
 W>    17:02 [3540] clientmgr started
 W> $ -d 1:229/664@fidonet
 W> + 17:02 [5900] call to 1:229/664@fidonet

 W> And it just stops there.  In order to be able to poll again I have to go
 W> and clean up the outbound directory otherwise it just says "outbound
 W> queue is empty" and won't even try.
[...]
 W> Under windows it never gets to the "External command" part.  Anyone have
 W> any ideas?

I never tried this on Windows and maybe no one ever has. It might me a problem with binkd or openssl. Maybe try ncat instead of openssl:

https://nmap.org/ncat/

"ncat --ssl *H:*I"

You could also omit the "-quiet" parameter for openssl and see if you get any output then.

The "-alpn binkp" option is not really needed (only if the remote did require ALPN, but there is no node I'm aware of). I also use the -noservername option, which prevents sending the domain name unencrypted over the wire.

"openssl s_client -noservername ..."

---
 * Origin: War is Peace. Freedom is Slavery. Ignorance is Strength. (21:3/102)

.