Features ⋅ Please enable tls between users on piter hub !
Hi. I use ncdc client with active mode. TLS not work with users, but some users offer tls. Solution is, to change ncdc to passive mode, in this way i can get tls connection ( download ). But your hub piter feardc net have many passive users, so i dont like passive mode in my client dc++ . Yorhel ( author of ncdc client ) wrote that your hub cut message with ask of tls connection, thats why connection non-tls. Please fix TLS connection for active DC++ user.
Posted by Guest on 2021-03-25 12:44
Replies
Post is locked: Resolved
Re: Please enable tls between users on piter hub !
Sorry if wrong section, You can move to correct forum section
Re: Please enable tls between users on piter hub !
Hi.It is very good that you tell us this. We work all the time to update Verlihub and make it work better. Please let me know exactly, what the hub cuts in CTM request. Or even point me to forum thread where you and Yorhel was discussing this issue.
Regards.
Re: Please enable tls between users on piter hub !
Здравствуйте. Спасибо за ответ. Это обсуждалось на хабе Yorhel , поэтому ссылку на багтрекер дать не могу. Тест состоял из задачи: включить /set log_debug true и перезапустить ncdc . Зайти на хаб piter.feardc.net и начать скачивать. Полученный лог файл я передал разработчику Yorhel и уже он сообщил что сообщение режется. Я в этом не разбираюсь. adcs://dc.blicky.net:2780 вот его хаб. На остальных хабах tls между пользователями работает замечательно (если пользователь предоставляет tls). Вне зависимости adcs:// или простой хаб без защиты.__
Hello. Thanks for the answer. This was discussed on the Yorhel hub, so I can't give a link to the bug tracker. The test consisted of a task: enable /set log_debug true and restart ncdc. Go to the piter.feardc.net hub and start downloading. I sent the received log file to the developer Yorhel and he wrote that the message was being cut. I'm not good at it. adcs://dc.blicky.net:2780 here is his hub. On other hubs, tls between users works great (if user provides tls) . Not important, adcs:// or old hub without protection.
Re: Please enable tls between users on piter hub !
@GuestНа NMDC(s) хабах Вы физически не сможете получить безопасные соединения со всеми пользователями. Например, оригинальный DC++ их там просто не умеет. Хабы же на движке PtokaX безопасные соединения режут сами.
Вообще, в ncdc крайне мягкие настройки политики TLS.
tls_policy disabled = не использовать безопасные соединения (не будет совместимо с DC++ и режимом forced для AirDC++ на ADC(s) хабах и с режимом forced для EiskaltDC++ на любых хабах)
tls_policy allow = разрешать безопасные соединения, но не запрашивать их
tls_policy prefer = запрашивать безопасные соединения, но не требовать их
Re: Please enable tls between users on piter hub !
Issue resolved in new ncdc commit:Quote
[2021-03-27 10:00:33] <[-TE-]-RoLex> Yorhel: what was the problem with ncdc tls connection between users and verlihub/my hub piter ?[2021-03-27 10:04:44] <[-TE-]-RoLex> one of ncdc users told me that verlihub cuts tls part in ctm requests
[2021-03-27 10:23:04] <[-TE-]-RoLex> i think person we are talking about is WhiteDemon
[2021-03-27 10:23:44] <[-TE-]-RoLex> i just checked supports sent by his ncdc > NoGetINFO NoHello UserIP2
[2021-03-27 10:25:51] <[-TE-]-RoLex> verlihub has a condition when allowing to send tls secured ctm, it is TLS flag in $Supports
[2021-03-27 10:26:00] <[-TE-]-RoLex> i guess this is the problem
[2021-03-27 10:27:18] <[-TE-]-RoLex> https://nmdc.sourceforge.io/NMDC.html#_tls
[2021-03-27 10:27:34] <[-TE-]-RoLex> your client does not specify this flag :)
[2021-03-27 10:27:44] <[-TE-]-RoLex> please add it and all will work
[2021-03-27 11:55:33] <Yorhel> Ah, wasn't aware that needed a $Supports flag
[2021-03-27 12:00:02] <[BOT]Kinniku> New commit on ncdc: "NMDC: Add TLS to $Supports" by Yorhel @ http://g.blicky.net/ncdc.git/commit/?id=9764c08be968b59f60541314a6994f6ac390529e
Post is locked: Resolved