egghelp.org community Forum Index
[ egghelp.org home | forum home ]
egghelp.org community
Discussion of eggdrop bots, shell accounts and tcl scripts.
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Linking 2 1.8.4 bots using TLS

 
Post new topic   Reply to topic    egghelp.org community Forum Index -> Eggdrop Help
View previous topic :: View next topic  
Author Message
LimeyTX
Voice


Joined: 29 Jun 2011
Posts: 19

PostPosted: Wed Apr 15, 2020 10:58 am    Post subject: Linking 2 1.8.4 bots using TLS Reply with quote

I created two bots, let's call them hub and leaf. They are on different servers. I created via .+bot on each bot a reference to the other and I did .link and they linked. Anything I typed on one bot appeared on the other bot of the botnet as you would expect. I then unlinked the two bots.

Both bots have an eggdrop.key and eggdrop.crt made using "make sslcert".

So then on the leaf I typed

Code:
.botattr hub +hp
.botattr hub |s #chan

and on hub I typed

Code:
.botattr leaf +s
.botattr leaf |s #chan

and, as I expected, hub tried to link to leaf and the following appeared on leaf.

Code:
Got STARTTLS from hub. Replying...
STARTTLS failed while linking to hub
Received challenge from hub.. sending response ...
Lost Bot: hub


Although they won't link automatically, I can .link them together but they still don't transfer the userfile. Both transfer and share are loaded.

Can anyone give me a clue as to what is going on? The fact that they linked correctly BEFORE the botattr was set but not after doesn't make any sense to me.
Back to top
View user's profile Send private message
CrazyCat
Owner


Joined: 13 Jan 2002
Posts: 533
Location: France

PostPosted: Wed Apr 15, 2020 11:28 am    Post subject: Reply with quote

Did you have a look on this issue ?
_________________
https://www.eggdrop.fr - French speaking IRC network
Back to top
View user's profile Send private message Visit poster's website
LimeyTX
Voice


Joined: 29 Jun 2011
Posts: 19

PostPosted: Wed Apr 15, 2020 11:56 am    Post subject: Reply with quote

Yes I did, not that I understood all of it, but I made sure all verify settings were set to 0 and restarted both bots. The behavior is the same. I can link them manually but if I don't when the hub tries to link to the leaf it fails as stated in my original post.
Back to top
View user's profile Send private message
LimeyTX
Voice


Joined: 29 Jun 2011
Posts: 19

PostPosted: Wed Apr 15, 2020 2:25 pm    Post subject: Reply with quote

Some additional information that may be useful. When, on hub I do
Code:
.link leaf
the following shows up on the leaf console.

Code:
<leaf> [15:51:13] Telnet connection: <hub hostname>/51363
<leaf> [15:51:13] Sent STARTTLS to hub...
<leaf> [15:51:13] Challenging hub...
<leaf> [15:51:13] TLS: handshake successful. Secure connection established.
<leaf> [15:51:13] TLS: peer did not present a certificate
<leaf> [15:51:13] TLS: cipher used: TLS_AES_256_GCM_SHA384 TLSv1.3; 256 bits (256 secret)
<leaf> [15:51:13] TLS: handshake successful. Secure connection established.
<leaf> [15:51:13] TLS: peer did not present a certificate
<leaf> [15:51:13] TLS: cipher used: TLS_AES_256_GCM_SHA384 TLSv1.3; 256 bits (256 secret)
<leaf> [15:51:13] TLS: handshake successful. Secure connection established.
<leaf> [15:51:13] TLS: peer did not present a certificate
<leaf> [15:51:13] TLS: cipher used: TLS_AES_256_GCM_SHA384 TLSv1.3; 256 bits (256 secret)
<leaf> [15:51:13] Linked to hub.


hub has a certificate so I am not sure why it wasn't presented.

Maybe this will jog someone's memory as to what is wrong.
Back to top
View user's profile Send private message
willyw
Revered One


Joined: 15 Jan 2009
Posts: 1095

PostPosted: Wed Apr 15, 2020 3:54 pm    Post subject: Reply with quote

That makes it look like the changing of flags and attempting to share user file, is not the cause of the failure to link.

I wonder - when the link did succeed, which bot did you enter the .link command on?
In other words, have you kept track and/or noticed? .... does it behave the same, from either end?

I have had trouble in the past with userfile sharing. Establishing the basic link without userfile sharing was not a problem.
Eventually, I got it. I remember thinking that it had to do with defining the reserved-portrange.

But - just now, I went and found those bots - still linked, still sharing - and played with that setting, and linked and unlinked them a time or two. It didn't seem to make a difference. Worked fine, either way.

Obviously, I am not your bot linking/userfile sharing wizard.
However, if you hang out on some irc network, I will be happy to meet you and compare notes, until we find the difference. If we succeed, you can come back here and post the solution, for all.

If you want to pm me here a network/channel/nick/botnick/whatever and when, maybe we can work it out.

p.s.
For what it is worth - I don't use "make sslcert" . I use the commands found in eggdrop.conf.
_________________
For a fun (and popular) Trivia game, visit us at: irc.librairc.net #science-fiction . Over 300K Q & A to play in BogusTrivia !
Back to top
View user's profile Send private message
LimeyTX
Voice


Joined: 29 Jun 2011
Posts: 19

PostPosted: Wed Apr 15, 2020 4:02 pm    Post subject: Reply with quote

Further information.

I corrected some details in the SSL portion of the .conf file and now the hub links to the leaf and begins the userfile transfer but then the userfile transfer is aborted and the connection closes.

Code:

<leaf> [19:50:01] Got STARTTLS from hub. Replying...
<leaf> [19:50:01] Received challenge from hub... sending response ...
<leaf> [19:50:01] TLS: handshake successful. Secure connection established.
...               Personal details on certificate edited out
<leaf> [19:50:01] TLS: certificate SHA1 Fingerprint: D9:12:E9:B7:86:1D:12:E7:E9:15:B0:BD:80:87:A8:52:84:B3:B7:D1
<leaf> [19:50:01] TLS: certificate SHA-256 Fingerprint: C7:DF:83:67:9A:57:98:AA:52:C0:D6:E0:F7:D8:C6:36:3E:A3:62:E3:D5:99:DB:5A:D3:24:69:37:82:57:9A:15
<leaf> [19:50:01] TLS: certificate valid from Apr 14 21:21:05 2020 GMT to Apr 14 21:21:05 2021 GMT
<leaf> [19:50:01] TLS: cipher used: TLS_AES_256_GCM_SHA384 TLSv1.3; 256 bits (256 secret)
<leaf> [19:50:01] TLS: handshake successful. Secure connection established.
...               Personal details on certificate edited out
<leaf> [19:50:01] TLS: certificate SHA1 Fingerprint: D9:12:E9:B7:86:1D:12:E7:E9:15:B0:BD:80:87:A8:52:84:B3:B7:D1
<leaf> [19:50:01] TLS: certificate SHA-256 Fingerprint: C7:DF:83:67:9A:57:98:AA:52:C0:D6:E0:F7:D8:C6:36:3E:A3:62:E3:D5:99:DB:5A:D3:24:69:37:82:57:9A:15
<leaf> [19:50:01] TLS: certificate valid from Apr 14 21:21:05 2020 GMT to Apr 14 21:21:05 2021 GMT
<leaf> [19:50:01] TLS: cipher used: TLS_AES_256_GCM_SHA384 TLSv1.3; 256 bits (256 secret)
<leaf> [19:50:01] TLS: handshake successful. Secure connection established.
...               Personal details on certificate edited out
<leaf> [19:50:01] TLS: certificate SHA1 Fingerprint: D9:12:E9:B7:86:1D:12:E7:E9:15:B0:BD:80:87:A8:52:84:B3:B7:D1
<leaf> [19:50:01] TLS: certificate SHA-256 Fingerprint: C7:DF:83:67:9A:57:98:AA:52:C0:D6:E0:F7:D8:C6:36:3E:A3:62:E3:D5:99:DB:5A:D3:24:69:37:82:57:9A:15
<leaf> [19:50:01] TLS: certificate valid from Apr 14 21:21:05 2020 GMT to Apr 14 21:21:05 2021 GMT
<leaf> [19:50:01] TLS: cipher used: TLS_AES_256_GCM_SHA384 TLSv1.3; 256 bits (256 secret)
<leaf> [19:50:01] Linked to hub.
<leaf> [19:50:01] Downloading user file from hub
<leaf> [19:50:07] Failed connection; aborted userfile transfer.
<leaf> [19:50:35] Disconnected from: hub. No reason (lost 1 bot and 1 user).


I'm getting closer but still need help. How can I identify what is causing the transfer to be aborted?
Back to top
View user's profile Send private message
LimeyTX
Voice


Joined: 29 Jun 2011
Posts: 19

PostPosted: Wed Apr 15, 2020 7:23 pm    Post subject: Reply with quote

willyw: Thanks for your help. If you noticed, I posted an update just after your post where I had solved my original problem.

I added +d to my console on the leaf and this is what happens...

Code:

<leaf> [22:30:01] Linked to hub.
<leaf> [22:30:01] Downloading user file from hub
<leaf> [22:30:02] TLS: attempting SSL negotiation...
<leaf> [22:30:02] TLS: state change: before SSL initialization
<leaf> [22:30:02] TLS: state change: before SSL initialization
<leaf> [22:30:02] TLS: awaiting more reads
<leaf> [22:30:02] TLS: handshake in progress
<leaf> [22:30:03] TLS: awaiting more reads
<leaf> [22:30:03] sockread EAGAIN: 15 11 (Resource temporarily unavailable)
<leaf> [22:30:04] TLS: awaiting more reads
<leaf> [22:30:04] sockread EAGAIN: 15 11 (Resource temporarily unavailable)



And then the last 2 lines repeat until it disconnects.

Does that help anyone or does anyone suggest more diagnostics I could provide?
Back to top
View user's profile Send private message
willyw
Revered One


Joined: 15 Jan 2009
Posts: 1095

PostPosted: Wed Apr 15, 2020 7:59 pm    Post subject: Reply with quote

LimeyTX wrote:
willyw: Thanks for your help.


i didn't do anything.
I wish I could.

Quote:

If you noticed, I posted an update just after your post where I had solved my original problem.


Yes.
Now, you've got what I used to get. Bots link, but it craps out if you tell them to share the user file.

Quote:

I added +d to my console on the leaf and this is what happens...


Do:
.help console
and list all the flags and examine their descriptions.

There are a couple that show raw botnet traffic. Maybe if you experiment with them, you might get lucky and spot a clue.

I've looked at the respective eggdrop.conf files on the "hub" and the "link" of mine, that work. I hope I'm not simply overlooking something.... but I'm not seeing anything special. Well, other than the reserved-portrange setting that I already mentioned, that when experimented both with and without earlier today, didn't seem to make a difference. It continued to work, either way. I guess that I was on the wrong track, back when I thought that might be the snag.

The really sad part is: Nothing is ringing a bell - as to how I got it working.
That's sad. I can understand me forgetting it, off the top of my head... but when I reviewed the .conf files today, I expected to get reminded. Sad

You might like to try the Freenode irc network. Join #eggdrop.
Sometimes there is some chatter there.
If you catch one of the admins or more experienced folks, you could give them the link to this thread. Just a thought....
_________________
For a fun (and popular) Trivia game, visit us at: irc.librairc.net #science-fiction . Over 300K Q & A to play in BogusTrivia !
Back to top
View user's profile Send private message
LimeyTX
Voice


Joined: 29 Jun 2011
Posts: 19

PostPosted: Wed Apr 15, 2020 11:11 pm    Post subject: Reply with quote

I went to #eggdrop on Freenode and they solved my problem. It came down to port-range. I had forgotten to open the ports in the port range in the firewall. Once I did that, everything was cool!
Back to top
View user's profile Send private message
willyw
Revered One


Joined: 15 Jan 2009
Posts: 1095

PostPosted: Wed Apr 15, 2020 11:33 pm    Post subject: Reply with quote

LimeyTX wrote:
I went to #eggdrop on Freenode and they solved my problem.


Great ! Smile

Quote:

It came down to port-range.


That's exactly what I did manage to remember, and mentioned above. But then I discounted it, since changing the value didn't seem to make any difference at all.

I suppose that it is possible, that on the shell that particular bot of mine is on, that none of the ports are blocked. I hadn't considered that.

Quote:

I had forgotten to open the ports in the port range in the firewall. Once I did that, everything was cool!



I'm glad you got it going.
And I'm glad that I'm not nuts. Smile
_________________
For a fun (and popular) Trivia game, visit us at: irc.librairc.net #science-fiction . Over 300K Q & A to play in BogusTrivia !
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    egghelp.org community Forum Index -> Eggdrop Help All times are GMT - 4 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Forum hosting provided by Reverse.net

Powered by phpBB © 2001, 2005 phpBB Group
subGreen style by ktauber