Project

General

Profile

Bug #233

Bug #232: [STICKY] Annoying bugs in softwares used by DC

IRCd Ratbox secure S2S support is broken

Added by Marc Dequènes about 8 years ago. Updated over 1 year ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
-
Start date:
2011-06-22
Due date:
% Done:

0%

Estimated time:
Patch Available:
No
Confirmed:
No
Branch:
Entity:
DuckCorp
Security:
Yes
Help Needed:
No

Description

Linking two irc-ratbox servers fails for an unknown reason. There is no crash but an unclear error in the log. Upstream author was contacted about it on the ML but they said GNUTLS support, which is used in the Debian package for licensing reasons, is not well tested and OpenSSL works well. They do not care much about it. We need to get it working using GNUTLS.

Beware, during preliminary investigation, another bug was found, leading to password leak over the network during the link attempt. A patch was made and included in the Debian package. When this issue is fixed, both patches needs to be submitted upstream.


Related issues

Related to DuckCorp Infrastructure - Bug #79: IRC S2S SSL linking does no workRejected2010-05-05

Actions

History

#1

Updated by Marc Dequènes about 7 years ago

  • Help Needed set to No

Jilles Tjoelker said:

In ircd-charybdis which also uses libratbox, I removed gnutls support a
while ago because it was broken. Some attempts were made at fixing it,
but reliability remained sub-par. Some of these fixes probably apply to
upstream libratbox; the repository is at
https://github.com/atheme/charybdis/

Most people do not care about GNUTLS support being broken because they
use OpenSSL which works fine. The /challenge oper authentication also
requires OpenSSL.

#2

Updated by Marc Dequènes about 4 years ago

  • Status changed from New to Rejected

We plan to change software.

Also available in: Atom PDF