Search found 1670 matches

by Syzop
Mon Jan 07, 2019 4:52 pm
Forum: Installing and getting connected
Topic: [SSL ERROR]: too large
Replies: 14
Views: 1251

Re: [SSL ERROR]: too large

Glad to hear. And I'm probably the KVirc user you are referring to. I connected with the kvirc 4.9.3 package installed on Ubuntu 18.04, nothing special configured, just /server -s irc.xtremeirc.net 6697 from a brand new installation and indeed it worked. I disconnected myself after some time. One sm...
by Syzop
Mon Jan 07, 2019 9:57 am
Forum: Installing and getting connected
Topic: [SSL ERROR]: too large
Replies: 14
Views: 1251

Re: [SSL ERROR]: too large

HeXiLeD, his problem is not due to TLS versions or ciphers as he said before he can connect fine to irc.unrealircd.org, which only permits TLSv1.2 and PFS ciphersuites at the moment. Saying his new wildcard cert would not help anything is incorrect too, as the weechat error he pasted was due to the ...
by Syzop
Sun Jan 06, 2019 2:54 pm
Forum: Installing and getting connected
Topic: [SSL ERROR]: too large
Replies: 14
Views: 1251

Re: [SSL ERROR]: too large

Unfortunately I'll be gone for the day now, but just a quick post: |06:18:02 xtremessl =!= | gnutls: the hostname in the certificate │ | does NOT match "irc.xtremeirc.net" │06:18:02 xtremessl =!= | gnutls: peer's certificate is NOT trusted │06:18:02 xtremessl =!= | gnutls: peer's certificate issuer ...
by Syzop
Sun Jan 06, 2019 8:19 am
Forum: Installing and getting connected
Topic: [SSL ERROR]: too large
Replies: 14
Views: 1251

Re: [SSL ERROR]: too large

Thanks for the version numbers. Nothing out of the ordinary there. A configuration used by many people, Debian 9 in particular. I'm beginning to think my self-signed certificate is the problem. But damn! Wasn't ever like that before. It is true that clients are becoming more strict with regards to s...
by Syzop
Sat Jan 05, 2019 9:08 am
Forum: Installing and getting connected
Topic: [SSL ERROR]: too large
Replies: 14
Views: 1251

Re: [SSL ERROR]: too large

By default nmap does not scan all ports (1-65535), only the "most common ports", the "Not shown: 996 closed ports" is a small hint with regards to that. You have to use -p <portrange(s)> and then you'll see the port is open. Anyway, off-topic. Let's get back to your issue: I got in with hexchat via ...
by Syzop
Sat Jan 05, 2019 9:03 am
Forum: Linking servers
Topic: SSL_connect(): Broken pipe
Replies: 4
Views: 384

Re: SSL_connect(): Broken pipe

So, you are linking one UnrealIRCd to another UnrealIRCd? Or are you linking UnrealIRCd to anope? I've moved your post from "Installing and getting started" to "Linking servers" in any case. Coul you post your configuration from both sides of the link to a site like pastebin, with naturally sensitiv...
by Syzop
Fri Jan 04, 2019 8:24 am
Forum: Installing and getting connected
Topic: [SSL ERROR]: too large
Replies: 14
Views: 1251

Re: [SSL ERROR]: too large

[21:07:57] There are 1 users and 1 invisible on 1 servers [21:07:57] [SSL ERROR]: too large [21:07:57] [SOCKET ERROR]: Secure Socket Layer error [21:07:57] Connection terminated I've never seen this before: it gives this error half-way through the LUSERS info? Odd.. Did you say it depends on the cl...
by Syzop
Thu Jan 03, 2019 8:18 am
Forum: Installing and getting connected
Topic: 4.2.1: Compile Error
Replies: 7
Views: 371

Re: 4.2.1: Compile Error

UnrealIRCd 4.2.1.1 is now available for download from www.unrealircd.org. It fixes this compile issue on Debian stretch.
by Syzop
Wed Jan 02, 2019 6:32 pm
Forum: Installing and getting connected
Topic: 4.2.1: Compile Error
Replies: 7
Views: 371

Re: 4.2.1: Compile Error

Fixed in latest git, which will be in next UnrealIRCd release. Thanks for the report! Apparently Debian 9.6 ships with a libargon2 that just falls short of providing Argon2id. It has version 20160821, while version 20161029 would have been fine. The new version of the configure script now correctly ...
by Syzop
Wed Jan 02, 2019 3:45 pm
Forum: Installing and getting connected
Topic: 4.2.1: Compile Error
Replies: 7
Views: 371

Re: 4.2.1: Compile Error

Would it be possible for me to get shell access on this machine (just a user account)? syzop@unrealircd.org
by Syzop
Tue Jan 01, 2019 8:26 am
Forum: Installing and getting connected
Topic: 4.2.1: Compile Error
Replies: 7
Views: 371

Re: 4.2.1: Compile Error

Sorry for responding late, I don't watch the forums as closely as the bug tracker. 1. I see suspiciously few -I parameters in your gcc command line from 'make', which makes me wonder... did you run './Config' ? 2. Did you use any special configure parameters (last question in ./Config), like for sys...
by Syzop
Mon Dec 31, 2018 2:05 pm
Forum: Generic support
Topic: CertFP vs fail-if-no-clientcert vs sasl/authprompt login auth
Replies: 7
Views: 416

Re: CertFP vs fail-if-no-clientcert vs sasl/authprompt login auth

So, the previous post was about fixing SASL on the client (configure them to use SASL EXTERNAL if you want to authenticate by certfp). I suppose we could also enhance authprompt to attempt SASL EXTERNAL authentication for any clients with a client certificate. So, for clients that do not use SASL. I...
by Syzop
Mon Dec 31, 2018 1:57 pm
Forum: Generic support
Topic: CertFP vs fail-if-no-clientcert vs sasl/authprompt login auth
Replies: 7
Views: 416

Re: CertFP vs fail-if-no-clientcert vs sasl/authprompt login auth

Sorry for the delay, I was doing other stuff and had to test your issue first. So what I did was: Connect over SSL/TLS (duh) Use "/NS CERT ADD" to add the certificate fingerprint to my account. Reconfigure mIRC 7.54 to use the login method "SASL External (/CAP)" and then (re)connect over SSL/TLS I a...
by Syzop
Sat Dec 29, 2018 7:46 am
Forum: Generic support
Topic: CertFP vs fail-if-no-clientcert vs sasl/authprompt login auth
Replies: 7
Views: 416

Re: CertFP vs fail-if-no-clientcert vs sasl/authprompt login auth

Sorry for only replying in part below: :) basically if I want to turn authprompt for sasl users and or add the improved security and flexibility of sasl, the certFP users can't login without manually input their password. This is a bit of a bummer. If an end-user uses a client certificate and hence ...
by Syzop
Fri Dec 28, 2018 8:30 am
Forum: Generic support
Topic: CertFP vs fail-if-no-clientcert vs sasl/authprompt login auth
Replies: 7
Views: 416

Re: fail-if-no-clientcert vs sasl/authprompt login auth

I see you are someone who is really in favor of client certificates (and thus certificate fingerprints). That is great and certificate fingerprints are indeed good, but I think you are misunderstanding WHY they are good. The real benefit of a certificate fingerprint (certfp) is that it can be used a...