Subj : secure binkp
To   : Al
From : Oli
Date : Thu Dec 12 2019 07:19 am

On Mon, 9 Dec 2019 17:19:34 -0800
"Al -> Oli" <0@106.4.21> wrote:

 A> Hello Oli,

 A> Did you see Rob's post in FIDONEWS?

 A> I have a Synchronet here, Equinox BBS that I have listening as Rob
 A> suggested on port 24555 for secure binkps, and also good old binkp on
 A> 24554.

 A> The details for that BBS is..

 A> Equinox BBS
 A> 1:153/757.2
 A> equinoxbbs.ddns.net

 A> I don't know how to initiate a poll over TLS from my binkd to it and
 A> I don't know if I have all the needed bits yet for a secure session
 A> over TLS but it is listening so feel free to try.

this should work with binkley
node 1:153/757.2 -pipe "openssl s_client -quiet -alpn binkp -connect *H:*I"
equinoxbbs.ddns.net:24555

but it doesn't.

? 07:12 [1059] Cannot find domain for zone 1, assuming 'fidonet'
  07:12 [1059] BEGIN, binkd/1.1a-99/Linux -p -P 1:153/757.2
/srv/ftn/binkd/binkd.cfg
? 07:12 [1059] Cannot find domain for zone 1, assuming 'fidonet'
  07:12 [1059] creating a poll for 1:153/757.2@fidonet (`d' flavour)
  07:12 [1059] clientmgr started
$ -d 1:153/757.2@fidonet
+ 07:12 [1060] call to 1:153/757.2@fidonet
+ 07:12 [1060] External command 'openssl s_client -quiet -alpn binkp -connect
equinoxbbs.ddns.net:24555' started, pid 1061
  07:12 [1060] connected
+ 07:12 [1060] outgoing session with equinoxbbs.ddns.net:24555
- 07:12 [1060] hiding aka 21:1/151@fsxnet
depth=0 C = ZZ, O = The Rusty MailBox, CN = trmb.synchro.net
verify error:num=66:EE certificate key too weak
verify return:1
depth=0 C = ZZ, O = The Rusty MailBox, CN = trmb.synchro.net
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 C = ZZ, O = The Rusty MailBox, CN = trmb.synchro.net
verify error:num=21:unable to verify the first certificate
verify return:1
1996181520:error:141A318A:SSL routines:tls_process_ske_dhe:dh key too
small:../ssl/statem/statem_clnt.c:2150:
? 07:12 [1060] recv: connection closed by foreign host
+ 07:12 [1060] holding 1:153/757.2@fidonet (2019/12/12 07:22:59)
+ 07:12 [1060] done (to 1:153/757.2@fidonet, failed, S/R: 0/0 (0/0 bytes))
  07:12 [1060] session closed, quitting...
  07:12 [1060] rc(1061)=1
  07:12 [1059] rc(1060)=0
  07:12 [1059] the queue is empty, quitting...

ncat doesn't work either. I'm mostly offline for the next couple of days or
weeks. And I will not read much of the fsx/fidonet mails.

---
 * Origin:  (21:1/151)

.