Hello All,

I have a binkps listener (nginx, heh). I have brought the BBS back home now and
it is running on a slackware64 14.2 box now so things might be different than they were before on debian 10.

Can someone test out if that works OK for our purposes?

Dan and Altereego, you can feel free to send stuff there if you have success. I
don't currently have a way to poll out with tls so this listener will have to do for know.

The Rusty Mailbox's details..

binkp://trmb:24554
binkps://trmb.ca:24553

I'm interested in hearing of success or failure in all cases, so let me know how it goes if you poll.. :)

--- BBBS/Li6 v4.10 Toy-4
* Origin: The Rusty MailBox - Penticton, BC Canada (21:4/106)

On 21 Mar 2020, Al said the following...

Dan and Altereego, you can feel free to send stuff there if you have success. I don't currently have a way to poll out with tls so this listener will have to do for know.

Looks like it's working from here:

--------------------- POLL v1.12 A46 2020/03/12 Sat, Mar 21 2020 (loglevel 2) + 2020.03.21 11:58:23 Poll BINKP node via address lookup: 21:4/106
+ 2020.03.21 11:58:23 1-Polling 21:4/106 on slot 1 via BINKP
+ 2020.03.21 11:58:23 1-Connecting to trmb.ca on port 24553
+ 2020.03.21 11:58:23 1-Connected by IPV4 SSL to 104.246.155.40
+ 2020.03.21 11:58:23 1-System The Rusty MailBox
+ 2020.03.21 11:58:23 1-SysOp Alan Ianson
+ 2020.03.21 11:58:23 1-Location Penticton, BC
+ 2020.03.21 11:58:23 1-Mailer BBBS/Li6 v4.10 Toy-4 binkp/1.0
+ 2020.03.21 11:58:23 1-Info NDL XX,CM,IBN
+ 2020.03.21 11:58:24 1-Session ended (0 sent, 0 rcvd, 0 skip)
+ 2020.03.21 11:58:26 Polled 1 systems

I'll leave it set up to SSL/TLS for now. Are you still able to poll Hub 4
while that is enabled?


---

Black Panther(RCS)
Castle Rock BBS

--- Mystic BBS v1.12 A45 2020/02/18 (Linux/64)
* Origin: Castle Rock BBS - bbs.castlerockbbs.com - (21:1/186)

On Sat, 21 Mar 2020 10:49:10 -0700
"Al -> All" <0@106.4.21> wrote:

Hello All,

I have a binkps listener (nginx, heh). I have brought the BBS back
home now and it is running on a slackware64 14.2 box now so things
might be different than they were before on debian 10.

Can someone test out if that works OK for our purposes?

It does work, but TLS 1.3 is not supported.

+ 18:58 [6026] call to 21:4/106@fsxnet
+ 18:58 [6026] External command 'openssl s_client -quiet -connect trmb.ca:24553' started, pid 6027
18:58 [6026] connected
+ 18:58 [6026] outgoing session with trmb.ca:24554
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = trmb.ca
verify return:1
- 18:58 [6026] SYS The Rusty MailBox
- 18:58 [6026] ZYZ Alan Ianson
- 18:58 [6026] LOC Penticton, BC
- 18:58 [6026] VER BBBS/Li6 v4.10 Toy-4 binkp/1.0
- 18:58 [6026] NDL XX,CM,IBN
+ 18:58 [6026] addr: 1:153/757@fidonet
+ 18:58 [6026] addr: 1:153/0@fidonet
+ 18:58 [6026] addr: 21:4/106@fsxnet
+ 18:58 [6026] sending /srv/ftn/outbound/fsxnet/21.4.106.0.out as aae4c5cb.pkt (332)
+ 18:58 [6026] sent: /srv/ftn/outbound/fsxnet/21.4.106.0.out (332, 332.00 CPS, 21:4/106@fsxnet)
+ 18:58 [6026] done (to 21:4/106@fsxnet, OK, S/R: 1/0 (332/0 bytes))
18:58 [6026] session closed, quitting...

---
* Origin: (21:1/151)

Dan and Altereego, you can feel free to send stuff there if you have
success. I don't currently have a way to poll out with tls so this
listener will have to do for know.

Looks like it's working from here:

Excellent, I was hoping not to loose anything in translation.

I'll leave it set up to SSL/TLS for now.

Please do, I'll keep that listener running.

Are you still able to poll Hub 4 while that is enabled?

No, BBBS has no way of doing this that I know of. With binkd I was able to -pipe some commands and make that work.

I am trying to come up with a short, interesting and concise netmail to send Kim and get him interested. I think I can interest Kim although he's not likely
to look seriously at any of this until it settles down in a good and workable way.

--- BBBS/Li6 v4.10 Toy-4
* Origin: The Rusty MailBox - Penticton, BC Canada (21:4/106)

Can someone test out if that works OK for our purposes?

It does work, but TLS 1.3 is not supported.

Yep, that was the same situation I had with debian I think?

My nginx.conf has this line in it..

ssl_protocols TLSv1 TLSv1.1 TLSv1.2

I wonder if adding TLSv1.3 will do that? I'll experiment a bit.

--- BBBS/Li6 v4.10 Toy-4
* Origin: The Rusty MailBox - Penticton, BC Canada (21:4/106)

Can someone test out if that works OK for our purposes?

It does work, but TLS 1.3 is not supported.

I just added TLSv1.3 to my nginx.conf and restarted. I have no idea if it will be that simple or not.

Can you try and see what you get?

--- BBBS/Li6 v4.10 Toy-4
* Origin: The Rusty MailBox - Penticton, BC Canada (21:4/106)

On Sat, 21 Mar 2020 11:27:26 -0700
"Al -> Oli" <0@106.4.21> wrote:

Can someone test out if that works OK for our purposes?

It does work, but TLS 1.3 is not supported.

I just added TLSv1.3 to my nginx.conf and restarted. I have no idea
if it will be that simple or not.

Can you try and see what you get?

It doesn't work. Which nginx version is it?

$ openssl s_client -tls1_3 -connect trmb.ca:24553
CONNECTED(00000003)
1996214288:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:../ssl/record/rec_layer_s3.c:1544:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 231 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---

---
* Origin: (21:1/151)

I just added TLSv1.3 to my nginx.conf and restarted. I have no idea
if it will be that simple or not.

Can you try and see what you get?

It doesn't work. Which nginx version is it?

It is nginx 1.14.2, the same version I had on debian 10. There may be a problem
with the underlying openssl also. Slackware is running openssl-1.0.2u and I suspect that may be a bit below what debian uses.

--- BBBS/Li6 v4.10 Toy-4
* Origin: The Rusty MailBox - Penticton, BC Canada (21:4/106)

Re: binkps
By: Al to All on Sat Mar 21 2020 10:49 am

Hey Al,

Can someone test out if that works OK for our purposes?

I've set you back to binkps on Hub 3 and outoing worked a treat.
...deon


... Always mistrust a subordinate who never finds fault with his boss.
--- SBBSecho 3.10-Linux
* Origin: I'm playing with ANSI+videotex - wanna play too? (21:2/116)

On Sat, 21 Mar 2020 13:33:58 -0700
"Al -> Oli" <0@106.4.21> wrote:

I just added TLSv1.3 to my nginx.conf and restarted. I have no idea
if it will be that simple or not.

Can you try and see what you get?

It doesn't work. Which nginx version is it?

It is nginx 1.14.2, the same version I had on debian 10. There may be
a problem with the underlying openssl also. Slackware is running openssl-1.0.2u and I suspect that may be a bit below what debian uses.

In Raspbian (Debian) 10 it is

$ openssl version
OpenSSL 1.1.1d 10 Sep 2019

TLS 1.3 support was first available with OpenSSL 1.1.1.

---
* Origin: (21:1/151)

It is nginx 1.14.2, the same version I had on debian 10. There may be
a problem with the underlying openssl also. Slackware is running
openssl-1.0.2u and I suspect that may be a bit below what debian uses.

In Raspbian (Debian) 10 it is

$ openssl version
OpenSSL 1.1.1d 10 Sep 2019

OK, I see on the slackware-current changelog they just put in 1.1.1e a few days
ago.

TLS 1.3 support was first available with OpenSSL 1.1.1.

I suspect I'll need to wait for the next slackware release for TLS 1.3 support.
I could I suppose manually install openssl 1.1.1 but I'm not sure if that would break other things in slackware or not.

I don't know what Slackware wants for the next release but I don't think it'll be a long wait.

--- BBBS/Li6 v4.10 Toy-4
* Origin: The Rusty MailBox - Penticton, BC Canada (21:4/106)

On Sun, 22 Mar 2020 00:04:38 -0700
"Al -> Oli" <0@106.4.21> wrote:

It is nginx 1.14.2, the same version I had on debian 10. There may
be a problem with the underlying openssl also. Slackware is running
openssl-1.0.2u and I suspect that may be a bit below what debian
uses.

In Raspbian (Debian) 10 it is

$ openssl version
OpenSSL 1.1.1d 10 Sep 2019

OK, I see on the slackware-current changelog they just put in 1.1.1e
a few days ago.

TLS 1.3 support was first available with OpenSSL 1.1.1.

I suspect I'll need to wait for the next slackware release for TLS
1.3 support. I could I suppose manually install openssl 1.1.1 but I'm
not sure if that would break other things in slackware or not.

AFAIK OpenSSL 1.0 and 1.1 can coexist. If nginx is linked to openssl 1.0 it will still use the older version.

I don't know what Slackware wants for the next release but I don't
think it'll be a long wait.

I never used Slackware. What does "Current" mean in Slackware land? Version 14.2 seems to be pretty old.

---
* Origin: (21:1/151)

I never used Slackware. What does "Current" mean in Slackware land? Version 14.2 seems to be pretty old.

Current is the in development version of Slackware. When it's ready it'll be the next release, 15.0 I think.

It is much like sid in debian.

--- BBBS/Li6 v4.10 Toy-4
* Origin: The Rusty MailBox - Penticton, BC Canada (21:4/106)