1. Forum
  2. FidoNet
  3. BINKD

  • Ialternaernaernative transports

    From Tommi Koivula@2:221/360 to Oli on Friday, December 13, 2019 16:26:26
    * Replying to a msg in fidonews (fidonews)

    Hi Oli.

    12 Dec 19 18:52:22, you wrote to me:

    αAI>>>> Without BinkpTLS=true in the node section for 153/757 binkit
    doesn't AI>> send to 153/757, and with it set to true it attempts to
    send it but AI>> fails because of a bad password. 153/757 is running
    binkd and doesn't AI>> have TLS support.

    Use a proxy ;)

    Maybe someone wants to try 2:221/6:

    binkps://news.fidonet.fi:24567

    binkd to binkd TLS connection:

    + 18:48 [3125] call to 2:221/6@fidonet
    + 18:48 [3125] External command 'openssl s_client -quiet -alpn binkp
    -connect
    news.fidonet.fi:24567' started, pid 3126
    18:48 [3125] connected
    + 18:48 [3125] outgoing session with news.fidonet.fi:24567

    Would you explain this "external command"? How to run it from binkd?

    'Tommi

    ---
    * Origin: - rbb.fidonet.fi - Finland - (2:221/360)
  • From Tommi Koivula@2:221/360 to Oli on Friday, December 13, 2019 20:33:50

    Use a proxy ;)

    Maybe someone wants to try 2:221/6:

    binkps://news.fidonet.fi:24567

    binkd to binkd TLS connection:

    + 18:48 [3125] call to 2:221/6@fidonet
    + 18:48 [3125] External command 'openssl s_client -quiet -alpn binkp -connect
    news.fidonet.fi:24567' started, pid 3126
    18:48 [3125] connected
    + 18:48 [3125] outgoing session with news.fidonet.fi:24567

    Would you explain this "external command"? How to run it from binkd?

    Never mind, I got it:

    === Cut ===
    node 2:221/6 -pipe "openssl s_client -quiet -alpn binkp -connect news.fidonet.fi:24567" *
    === Cut ===

    :)

    'Tommi

    ---
    * Origin: - rbb.fidonet.fi - Finland - (2:221/360)
  • From Oli@2:280/464.47 to Tommi Koivula on Friday, December 13, 2019 22:03:43
    Would you explain this "external command"? How to run it from
    binkd?

    Never mind, I got it:

    === Cut ===
    node 2:221/6 -pipe "openssl s_client -quiet -alpn binkp -connect news.fidonet.fi:24567" *
    === Cut ===

    alternatice command is

    node 2:221/6 -pipe "ncat --ssl-alpn binkp *H *I" news.fidonet.fi:24567

    The alpn stuff is only needed if the server demands it (e.g when running webserver, xmpp server, binkp on port 443). I use "ncat --ssl-alpn binkp H* I*", because "ncat --ssl H* I*" invokes ncat with the port number "I*" instead of the real port number. I guess this is a bug in binkd. Some problem with parsing the -pipe parameter?

    I wonder, if we should directly jump to QUIC instead of implementing TLS over TCP?


    * Origin: kakistocracy (2:280/464.47)
  • From Oli@2:280/464.47 to Oli on Friday, December 13, 2019 22:45:31
    === Cut ===
    node 2:221/6 -pipe "openssl s_client -quiet -alpn binkp -connect
    news.fidonet.fi:24567" *
    === Cut ===

    alternatice command is

    node 2:221/6 -pipe "ncat --ssl-alpn binkp *H *I" news.fidonet.fi:24567

    The alpn stuff is only needed if the server demands it (e.g when
    running webserver, xmpp server, binkp on port 443). I use "ncat
    --ssl-alpn binkp H* I*", because "ncat --ssl H* I*" invokes ncat with
    the port number "I*" instead of the real port number. I guess this is
    a bug in binkd. Some problem with parsing the -pipe parameter?

    I meant *H and *I instead of H* and I*




    * Origin: kakistocracy (2:280/464.47)