Did I miss something?

Shattoww · Post by **Shattoww** » Sat Dec 11, 2004 1:32 am

I'm having trouble linking my servers, I got the hub and anope services up and running, I just can't link any of my leafs.

I replaced the actual ips with HUB IP & LEAF IP for my protection.

Here is the HUB's listen blocks.
listen HUBIP:6667;
listen HUBIP:4001;
listen HUBIP:7325;
listen HUBIP:4000;

Now here is the Hub's link block.

link sidewinder.scrollrack.com
{
username *;
hostname LEAFIP;
bind-ip *;
port 7325;
leaf *;
password-connect "secret";
password-receive "secret";
class servers;
options {
nodnscache;
autoconnect;
ssl;
nohostcheck;
zip;
};
};

Now here is the leaf's listen blocks.

listen LEAFIP:6667;
listen LEAFIP:7325;

Now here are the Leaf's link block.

link hub.scrollrack.com
{
username *;
hostname HUBIP;
bind-ip *;
port 7325;
hub *;
password-connect "secret";
password-receive "secret";
class servers;
options {
nodnscache;
autoconnect;
ssl;
nohostcheck;
zip;
};
};

Now here is the error I'm getting when I do /connect hub.scrollrack.com from the leafs server.

-sidewinder.scrollrack.com- *** Connecting to hub.scrollrack.com[HUBIP].
-
-sidewinder.scrollrack.com- Exiting ssl client hub.scrollrack.com[@HUBIP.0]: SSL_connect(): Internal OpenSSL error or protocol error

What am I doing wrong...?

Post by **Syzop** » Sat Dec 11, 2004 2:32 am

Yes, you are connecting with SSL to a non-SSL port.

You probably want to replace this line on both sides from:
listen HUBIP:7325;
to:
listen HUBIP:7325 { options { ssl; }; };

Oh and, obviously, then anope shouldn't link to that port since anope doesn't support SSL (yet?)

Shattoww · Post by **Shattoww** » Sat Dec 11, 2004 2:54 am

From what I hear, port 7325 does support SSL as I linked it awile ago. So uh, any other ideas? And I've got anope linked on port 4000.

Post by **Syzop** » Sat Dec 11, 2004 2:56 am

So uh, any other ideas?

Yes, just a totally out of the blue idea.. perhaps you are wrong?

Ports don't become SSL magically, if the only listen line for port 7325 in your config is 'listen HUBIP:7325;' then it IS NOT SSL.
Anyway, there's a reliable way to find this out: on IRC (probably requiring oper), type '/stats P' and it will say 'SSL' for any ports that are SSL.

Shattoww · Post by **Shattoww** » Sat Dec 11, 2004 3:08 am

I dunno what to say, I linked this same server using the same port with ssl about 2 weeks ago, and everything went fine. I'll try your theory though.

Shattoww · Post by **Shattoww** » Sat Dec 11, 2004 3:44 am

My my, it appears as though I fixed it. UnrealIRCD wouldn't rehash until I actually killed the server and restarted it.

AngryWolf · Post by **AngryWolf** » Sat Dec 11, 2004 11:06 am

"UnrealIRCd wouldn't rehash" is a too strong expression, and isn't true anyway. Actually the ports can be rehashed, too, but only with a certain condition. It's just that there are some things that cannot be rehashed or require other things first, I'll show you some examples:

Any configuration changes in the me block require a full restart. (Reason here.)
Unreal cannot stop listening on, change options of ports in use. All users & servers must disconnect from that port first.
If you remove the link configuration of a link that is already established, Unreal keeps the configuration temporarily in the memory until the link is down.

Post by **Syzop** » Sat Dec 11, 2004 5:10 pm

Also 1 port can never be changed, and this depends on the order of your listen blocks.. the last one to be exact (so the one your leaf, not on your hub).

When we are at it btw, you shouldn't have autoconnect enabled on both sides.. The usual rule is to let leafs autoconnect to hubs.