[SSL] My server only accepts SSL clients :(

TigrouMeow · Post by **TigrouMeow** » Thu Dec 15, 2005 4:57 am

Hello,

I have a problem with my irc server. It was compiled with SSL, and i want 6697 to be available for client with SSL or not. Is it possible ?

For now, i choose to have a port for "normal" clients (6696 et 6667), and a port for SSL clients (6697). With SSL client, 6696 and 6697 work...

listen *:6667;
listen *:6696;

listen *:6697
{
options
{
ssl;
clientsonly;
};
};

I can't go to 6667, because i'm in china, and my university block this port (but the server is in france so it must work). 6696 i can't connect without SSL, and 6697 neither.

I would like everyone can connect on 6697 with SSL or not. If it's impossible, i want SSL on 6697 and NO SSL on 6696. My configuration doesn't work.

Do you see the problem ?

Thank you.

DukePyrolator · Post by **DukePyrolator** » Fri Dec 16, 2005 8:34 am

i want 6697 to be available for client with SSL or not. Is it possible ?

no. its not possible.

http://www.vulnscan.org/UnrealIRCd/unre ... eature_ssl

You cannot connect normally to a SSL port (so don't make port 6667 ssl!),

Solutech · Post by **Solutech** » Fri Dec 16, 2005 11:27 am

if you cant use 6667 then use a different port for unsecured connects that isnt blocked . 6667 isnt the only port you can use

TigrouMeow · Post by **TigrouMeow** » Sat Dec 17, 2005 5:37 am

Sorry my english is not very good

I know i can use another port than 6667 for a normal connexion. That's the reason why i posted my configuration :

Code: Select all

listen *:6667;
listen *:6696;

listen *:6697
{
options
{
ssl;
clientsonly;
};
};

6696 must work with normal connexion, but it doesn't work... that's strange, but i can connect 6696 in SSL and not in normal... why ?

Stealth · Post by **Stealth** » Sat Dec 17, 2005 5:40 am

What does /stats P say?

TigrouMeow · Post by **TigrouMeow** » Sat Dec 17, 2005 5:42 am

I get :

-meow.fr- *** Listener on 127.0.0.1:6668, clients 1. is PERM serversonly
-
-meow.fr- *** Listener on *:6667, clients 3. is PERM
-
-meow.fr- *** Listener on *:8067, clients 0. is PERM
-
-meow.fr- *** Listener on *:6697, clients 2. is PERM clientsonly SSL

Stealth · Post by **Stealth** » Sat Dec 17, 2005 5:44 am

Port 6696 isn't even listed in that...

Either way, all those ports are listed as permanent, so to change them, you would need to restart Unreal. A rehash cannot change a permanent port.

TigrouMeow · Post by **TigrouMeow** » Sat Dec 17, 2005 5:59 am

I'm sorry i wasn't using the right configuration file

It works now !

aquanight · Post by **aquanight** » Sat Dec 17, 2005 9:57 pm

Stealth, eh ... I think the PERM just means there's an actual config block behind the listen. IIRC you can change/add/remove listen blocks without restarting, just if a listen port is in use, it becomes TEMP and doesn't go away until the last client exits off of it (which will never happen for the last listed port).