1. Forum
  2. fsxNet
  3. FSX NET

  • Status

    From Avon@21:1/101 to All on Mon Mar 2 21:15:38 2020
    NET 1 has SSL BinkP polling NET 4 and vise versa

    NET 2 has SSL BinkP polling NET 4

    NET 2 has SSL BinkP polling NET 1

    NET 2 is yet to open up port 24553 (I'm working with Solaris on that) to
    enable BinkP SSL into NET 2

    NET 2 and NET 1 have been unable to SSL BinkP NET 3 at this stage

    No tests with NET 5 at this time.

    --- Mystic BBS v1.12 A46 2020/02/29 (Windows/32)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From alter ego@21:2/116 to Avon on Mon Mar 2 20:41:24 2020
    Re: Status
    By: Avon to All on Mon Mar 02 2020 09:15 pm

    NET 2 and NET 1 have been unable to SSL BinkP NET 3 at this stage

    So, here is what I see:

    3/2 07:09:00p 1216 BINKPS connection accepted from: 219.89.83.33 port 57416
    3/2 07:09:01p 1216 BINKPS TLS WARNING 'Client sent obsolete handshake for the insecure SSLv2 protocol' (-13) setting session active
    3/2 07:09:34p 1244 BINKPS connection accepted from: 219.89.83.33 port 57425
    3/2 07:09:35p 1244 BINKPS TLS WARNING 'Client sent obsolete handshake for the insecure SSLv2 protocol' (-13) setting session active

    I've put you on hold (with Taurus), and when I have some mail to send, I'll send it with SBBS BINKPS... (in fact I'll jump onto Hub 3 and generate a message).
    ...deon


    ... Constipation is the thief of time. Diarrhoea waits for no man.
    --- SBBSecho 3.10-Linux
    * Origin: I'm playing with ANSI+videotex - wanna play too? (21:2/116)
  • From alterego@21:3/100 to Avon on Mon Mar 2 20:43:38 2020
    Re: Status
    By: alter ego to Avon on Mon Mar 02 2020 08:41 pm

    I've put you on hold (with Taurus), and when I have some mail to send, I'll send it with SBBS BINKPS... (in fact I'll jump onto Hub 3 and generate a message).

    So, I'm loving that by the time I got to Hub 3 to post this test message, my message from 2/116 was already here... :)

    Anyway, a test message to generate a message for Hub 1.
    ...deon
    --- SBBSecho 3.10-Win32
    * Origin: ANSITEX-DEV: Testing InterBBS Videotex! (21:3/100)
  • From alterego@21:3/100 to Avon on Mon Mar 2 20:46:10 2020
    Re: Status
    By: alterego to Avon on Mon Mar 02 2020 08:43 pm

    Anyway, a test message to generate a message for Hub 1.

    So it looks like Hub 3 can talk to Hub 1 over SSL:

    Sent M_ADR command
    Got M_NUL command args: OPT CRAM-MD5-bfe82e6a530c6a6f0819a9da3d7593d2
    Got M_NUL command args: SYS fsxHUB Risa [NET1]
    Got M_NUL command args: ZYZ Avon
    Got M_NUL command args: TIME Mon, 02 Mar 2020 22:44:10 +1300
    Got M_NUL command args: VER Mystic/1.12A46 binkp/1.0
    Peer version: Mystic/1.12A46 binkp/1.0
    Got M_NUL command args: BUILD 2020/03/01 15:36:07 Windows/32
    Got M_ADR command args: 21:1/100@fsxnet 21:1/3@fsxnet 21:1/2@fsxnet 21:1/0@fsxnet 21:0/0@fsxnet
    Sending M_PWD command args: CRAM-MD5-de00ac3ebf5add75893b1f771959de39
    Sent M_PWD command
    Got M_OK command args: secure
    Authentication successful: secure
    Adding outbound files for 21:1/100@fsxnet
    outbox file: /MAILER/BOX/00150001.064\5e5cd54f.pkt
    Adding '/MAILER/BOX/00150001.064\5e5cd54f.pkt' as '5e5cd54f.pkt'
    Sending file: /MAILER/BOX/00150001.064\5e5cd54f.pkt (0.9KB)
    Sending M_FILE command args: 5e5cd54f.pkt 963 1583142223 0
    Sent M_FILE command
    Sending 963 bytes of data
    Sent file: /MAILER/BOX/00150001.064\5e5cd54f.pkt (0.9KB)
    Sending M_EOB command args:
    Sent M_EOB command
    Got M_NUL command args: QSIZE 0 files 0 bytes
    Got M_EOB command args:
    We got an M_EOB, but there are still 1 files pending M_GOT
    Got M_GOT command args: 5e5cd54f.pkt 963 1583142223
    Error in recv() of first byte of packet header
    Deleted file: /MAILER/BOX/00150001.064\5e5cd54f.pkt
    Unlocking C:/mailer/outbound.015\00010064.bsy.
    C:\BBS\SBBS\exec\binkit.js executed in 10.49 seconds

    Curious about this "error on recv()" - might have to ask DM about that, and I will when I confirm that test message did go out...
    ...deon
    --- SBBSecho 3.10-Win32
    * Origin: ANSITEX-DEV: Testing InterBBS Videotex! (21:3/100)
  • From alter ego@21:2/116 to Avon on Mon Mar 2 20:49:34 2020
    Re: Status
    By: alterego to Avon on Mon Mar 02 2020 08:46 pm

    and I will when I confirm that test message did go out...

    Did I mention I like the speed of delivery? (Yup, looks like messages from Hub3
    got out via SSL - which would point to a problem with mystic sending to me?)

    BTW: I can open up IPv6 to Hub 3, and it would be port 24553 - I'll do that and
    send you that address to test - then we know its your port jiggery that's the problem.
    ...deon


    ... Never drink black coffee at lunch. It will keep you awake in the afternoo --- SBBSecho 3.10-Linux
    * Origin: I'm playing with ANSI+videotex - wanna play too? (21:2/116)
  • From Oli@21:1/151 to Avon on Mon Mar 2 10:26:40 2020
    On Mon, 2 Mar 2020 21:15:39 +1300
    "Avon -> All" <0@101.1.21> wrote:

    NET 1 has SSL BinkP polling NET 4 and vise versa

    which port number? I assumed 24553, but it failed.

    + 10:21 [9046] call to 21:1/100@fsxnet
    + 10:21 [9046] External command 'openssl s_client -quiet -alpn binkp -connect agency.bbs.nz:24553' started, pid 9047
    + 10:21 [9046] outgoing session with agency.bbs.nz:24556
    depth=0 CN = agency.bbs.nz
    verify error:num=66:EE certificate key too weak
    verify return:1
    depth=0 CN = agency.bbs.nz
    verify error:num=18:self signed certificate
    verify return:1
    depth=0 CN = agency.bbs.nz
    verify return:1
    1996210192:error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small:../ssl/statem/statem_clnt.c:2150:
    ? 10:21 [9046] recv: connection closed by foreign host
    + 10:21 [9046] done (to 21:1/100@fsxnet, failed, S/R: 0/0 (0/0 bytes))

    ---
    * Origin: REPLY (21:1/151)
  • From alter ego@21:2/116 to Avon on Mon Mar 2 21:25:24 2020
    Re: Status
    By: alter ego to Avon on Mon Mar 02 2020 08:49 pm

    BTW: I can open up IPv6 to Hub 3, and it would be port 24553 - I'll do that and send you that address to test - then we know its your port jiggery that's the problem.

    OK, IPv6 is w7-1-1.ipv6.leenooks.net port 24553...
    ...deon


    ... Anything that keeps a politician humble is healthy for democracy.
    --- SBBSecho 3.10-Linux
    * Origin: I'm playing with ANSI+videotex - wanna play too? (21:2/116)
  • From Oli@21:1/151 to alterego on Mon Mar 2 11:31:30 2020
    On Mon, 2 Mar 2020 20:46:10 +1100
    "alterego -> Avon" <0@100.3.21> wrote:

    Re: Status
    By: alterego to Avon on Mon Mar 02 2020 08:43 pm

    Anyway, a test message to generate a message for Hub 1.

    So it looks like Hub 3 can talk to Hub 1 over SSL:

    But a mailer that refuses to use obsoleted technology cannot talk to binkit or mystic. Now we have three variants that have problems talking to each other: mystic, binkit and openssl based mailers. The problems with binkit are known for a while and have not been fixed.

    ---
    * Origin: REPLY (21:1/151)
  • From alter ego@21:2/116 to Oli on Mon Mar 2 21:52:34 2020
    Re: Status
    By: Oli to alterego on Mon Mar 02 2020 11:31 am

    each other: mystic, binkit and openssl based mailers. The problems with binkit are known for a while and have not been fixed.

    What are they?
    ...deon


    ... We are going to have peace even if we have to fight for it.
    --- SBBSecho 3.10-Linux
    * Origin: I'm playing with ANSI+videotex - wanna play too? (21:2/116)
  • From Oli@21:1/151 to alter ego on Mon Mar 2 17:34:24 2020
    On Mon, 2 Mar 2020 21:52:35 +1100
    "alter ego -> Oli" <0@116.2.21> wrote:

    Re: Status
    By: Oli to alterego on Mon Mar 02 2020 11:31 am

    each other: mystic, binkit and openssl based mailers. The
    problems with binkit are known for a while and have not been
    fixed.

    What are they?

    I should have written problem (singular). I guess it is just a problem with the
    cert that binkit generates.

    g00r00 wrote that mystic certs will be 2048 bits, maybe that is all that is needed.

    ---
    * Origin: REPLY (21:1/151)
  • From Oli@21:1/151 to alter ego on Mon Mar 2 17:41:16 2020
    On Mon, 2 Mar 2020 21:52:35 +1100
    "alter ego -> Oli" <0@116.2.21> wrote:

    Re: Status
    By: Oli to alterego on Mon Mar 02 2020 11:31 am

    each other: mystic, binkit and openssl based mailers. The
    problems with binkit are known for a while and have not been
    fixed.

    What are they?

    I should have written problem (singular). I guess it is just a problem with the
    cert that binkit generates.

    + 17:37 [12260] call to 21:2/116@fsxnet
    + 17:37 [12260] External command 'openssl s_client -quiet -alpn binkp -connect alterant.leenooks.net:24553' started, pid 12261
    17:37 [12260] connected
    + 17:37 [12260] outgoing session with alterant.leenooks.net:24554
    depth=0 C = ZZ, O = ALTERANT, CN = bbs.leenooks.net
    verify error:num=66:EE certificate key too weak
    verify return:1
    depth=0 C = ZZ, O = ALTERANT, CN = bbs.leenooks.net
    verify error:num=20:unable to get local issuer certificate
    verify return:1
    depth=0 C = ZZ, O = ALTERANT, CN = bbs.leenooks.net
    verify error:num=21:unable to verify the first certificate
    verify return:1
    1996054544:error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small:../ssl/statem/statem_clnt.c:2150:
    ? 17:37 [12260] recv: connection closed by foreign host
    + 17:37 [12260] done (to 21:2/116@fsxnet, failed, S/R: 0/0 (0/0 bytes))
    17:37 [12260] session closed, quitting...


    g00r00 wrote that certs generated by mystic will be 2048 bits, maybe that is all that is needed.

    ---
    * Origin: (21:1/151)
  • From Black Panther@21:1/186 to Avon on Mon Mar 2 19:01:10 2020
    On 02 Mar 2020, Avon said the following...

    NET 2 and NET 1 have been unable to SSL BinkP NET 3 at this stage

    NET 4 has SSL BinkP connections with NET 3... Well, at least it did... What
    did you do to HUB 3? :)

    Now I'm getting:

    --------------------- POLL v1.12 A46 2020/03/01 Mon, Mar 02 2020 (loglevel 2) + 2020.03.02 18:58:28 Poll BINKP node via address lookup: 21:3/100
    + 2020.03.02 18:58:28 Queued 117 files (501,142 bytes) for 21:3/100
    + 2020.03.02 18:58:28 1-Polling 21:3/100 on slot 1 via BINKP
    + 2020.03.02 18:58:28 1-Connecting to alterant.leenooks.net on port 24553
    + 2020.03.02 18:58:29 1-Connected by IPV4 SSL to 101.186.5.106
    + 2020.03.02 18:58:30 1-System Alterant
    + 2020.03.02 18:58:30 1-SysOp Alter Ego
    + 2020.03.02 18:58:30 1-Location Parkdale, VIC
    + 2020.03.02 18:58:30 1-Info NDL 115200,TCP,BINKP
    + 2020.03.02 18:58:30 1-Info TIME Tue Mar 03 2020 12:58:26 GMT+1100 (AEDT)
    + 2020.03.02 18:58:30 1-Mailer BinkIT/2.28,JSBinkP/1.122,sbbs3.17c/Linux binkp/1.1
    + 2020.03.02 18:58:30 1-Sending: 01356130.pkt (59,327 bytes)
    + 2020.03.02 18:58:30 1-Connection lost
    + 2020.03.02 18:58:30 1-Session ended (0 sent, 0 rcvd, 0 skip)
    + 2020.03.02 18:58:31 Polled 1 systems

    snip<=-

    --- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
    * Origin: Castle Rock BBS - bbs.castlerockbbs.com - (21:1/186)
  • From alter ego@21:2/116 to Black Panther on Tue Mar 3 16:23:36 2020
    Re: Re: Status
    By: Black Panther to Avon on Mon Mar 02 2020 07:01 pm

    NET 2 and NET 1 have been unable to SSL BinkP NET 3 at this stage
    What did you do to HUB 3? :)
    + 2020.03.02 18:58:28 1-Connecting to alterant.leenooks.net on port 24553

    Nothin'? :)

    Hub 3 is on port 24556.

    But if you have IPv6, you can use port 24553 (if you have to because mystic isnt letting you change that port).

    The IPv6 address is w7-1-1.ipv6.leenooks.net
    ...deon


    ... The English have an extraordinary ability for flying into a great calm.
    --- SBBSecho 3.10-Linux
    * Origin: I'm playing with ANSI+videotex - wanna play too? (21:2/116)
  • From g00r00@21:1/108 to alter ego on Tue Mar 3 13:41:00 2020
    But if you have IPv6, you can use port 24553 (if you have to because mystic isnt letting you change that port).

    What?

    --- Mystic BBS v1.12 A46 2020/03/02 (Windows/64)
    * Origin: Sector 7 (21:1/108)
  • From Avon@21:1/101 to Black Panther on Tue Mar 3 20:51:50 2020
    On 02 Mar 2020 at 07:01p, Black Panther pondered and said...

    NET 4 has SSL BinkP connections with NET 3... Well, at least it did... What did you do to HUB 3? :)

    I'm just in the process of backing up NET 4 before I apply the latest
    updates. Good lord... 39,201 files to back up.. I count PKT after PKT after
    PKT :)

    I'm picking there's a few nodes that may have some outstanding files? :)

    Anywhoo I'll finish this backup and then test SSL to NET 1 2 and 3 and report back here when done.

    I think the EchoNodeTracker function will be very helpful for us.

    --- Mystic BBS v1.12 A46 2020/02/29 (Windows/32)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From alter ego@21:2/116 to g00r00 on Tue Mar 3 20:19:46 2020
    Re: Re: Status
    By: g00r00 to alter ego on Tue Mar 03 2020 01:41 pm

    But if you have IPv6, you can use port 24553 (if you have to because
    mystic isnt letting you change that port).
    What?

    Was wondering if I would loose folks.

    Hub 3 via IPv4 is on port 24556 (I use 24553 for another system on IPv4, so NAT
    on 24556 sends it to the hub 3 host using 24553).

    However, on IPv6, Hub 3 can be connected to directly on port 24553.

    Make sense?
    ...deon


    ... Those who think they know it all, often upset those of us who do.
    --- SBBSecho 3.10-Linux
    * Origin: I'm playing with ANSI+videotex - wanna play too? (21:2/116)
  • From Black Panther@21:1/186 to Avon on Tue Mar 3 20:06:46 2020
    On 03 Mar 2020, Avon said the following...

    I'm just in the process of backing up NET 4 before I apply the latest updates. Good lord... 39,201 files to back up.. I count PKT after PKT after PKT :)

    Yup, there are a few files in there...

    I'm picking there's a few nodes that may have some outstanding files? :)

    There are. I should try emailing again and see if I get any responses.

    I think the EchoNodeTracker function will be very helpful for us.

    I do have it set up in the nightly maintenance on Hub 4. So far, it hasn't
    done anything... :(

    --- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
    * Origin: Castle Rock BBS - bbs.castlerockbbs.com - (21:1/186)
  • From Avon@21:4/100 to All on Thu Apr 23 22:21:44 2020
    166
    Updated to v1.12 A46 Windows/32 Compiled 2020/04/21 16:47:52

    --- Mystic BBS v1.12 A46 2020/04/21 (Windows/32)
    * Origin: fsxHUB Niba [NET4] (21:4/100)