----------------------------------------------------------------------------------
@MSGID: 2:5030/1997@fidonet 65b20b00
@REPLY: 2:5030/49 65b1ab21
@CHRS: CP866 2
@TZUTC: 0300
@TID: FastEcho 1.46.1 43272
Hello Sergey!
On Thu, 25 Jan 2024 00:28 +0000, in a message to Nil A, you wrote:
NA>> В бинке же нету никаких TLS
SM> Хорошая мысль. Может, кстати, вхерачим?
Есть вариант с BINKPS на выделенном порту:
=== Start of Windows Clipboard ===
= BINKD (2:5030/1997) =========================================================
Msg : 82 of 2089
From : Oli 2:280/464.47 24 Dec 19 16:21:50
To : Alan Ianson
Subj : BINKP over TLS
===============================================================================
Ol>> I posted several messages with different options how to do it (in
Ol>> fidonet and fsxnet). If you have some specific questions, I`m
Ol>> happy to help.
AI> I saw some posts by you and others but I got lost in the ports,
AI> stunnels and proxy`s.
AI> Can you give me an example to..
AI> A. Have binkd listen on port 24553 for binkps/TLS?
e.g. with nginx (change the path to a valid cert / key pair)
nginx.conf:
stream {
server {
listen 24553 ssl;
ssl_certificate /etc/haproxy/ssl/ssl-cert-snakeoil.pem;
ssl_certificate_key /etc/haproxy/ssl/ssl-cert-key-snakeoil.pem;
proxy_pass 127.0.0.1:24554;
}
}
AI> B. Poll a binkps node listening for binkps/TLS polls?
binkd.cfg:
node 1:153/757.2 -pipe "openssl s_client -quiet -alpn binkp -connect *H:*I"
equinoxbbs.ddns.net:24555
+ Origin: kakistocracy (2:280/464.47)
=== End of Windows Clipboard ===
Вместо nginx можно использовать haproxy. При желании, с помощью SSLH
можно зафигачить а-ля STARTTLS на стандартном порту. У меня так и сделано,
плюс сертификат нормальный.
... Music Station BBS |
https://bbs.bsrealm.net | telnet://bbs.bsrealm.net
--- GoldED+/W32-MSVC 1.1.5-b20230826
* Origin: Music Station |
https://ms.bsrealm.net (2:5030/1997)
SEEN-BY: 50/72 452/166 455/19 469/122 550/278
5010/275 352 5019/40 5020/101
SEEN-BY: 5020/290 545 570 715 806 848 921 1042
2992 4441 5452 9696 12000
SEEN-BY: 5022/2 77 128 5023/12 24 5029/32
5030/1081 1900 1997 5034/13 5037/28
SEEN-BY: 5055/73 5057/19 5060/900 5061/15 5075/128
6035/3 6055/7 6056/1
SEEN-BY: 6078/80
@PATH: 5030/1997 5023/24 5020/715 4441