Hello gentlemen,
I am trying to set up a 2 node ngIRCd cluster. Clients can connect to both nodes with SSL enabled (tested with irssi or znc), but the 2 servers does not want to talk together : SSL error: Could not negotiate a supported cipher suite. [gnutls_handshake]
Packages version :
libgnutls26 2.12.23-1ubuntu1.1 ngircd 21-1
Here is my configurations :
IRC0 : [SSL] CertFile = /etc/ngircd/irc0_crt.pem DHFile = /etc/ngircd/dh.pem KeyFile = /etc/ngircd/irc0_privatekey.pem Ports = 50799
[Server] Name = irc2.xxx.net Host = irc2.xxx.net Port = 50799 PeerPassword = toto MyPassword = tata SSLConnect = yes Group = 1
IRC2 : [SSL] CertFile = /etc/ngircd/irc2_crt.pem DHFile = /etc/ngircd/dh.pem KeyFile = /etc/ngircd/irc2_privatekey.pem Ports = 50799
[Server] Name = irc0. xxx.net Host = irc0. xxx.net Port = 50799 Passive = yes MyPassword = tata PeerPassword = toto SSLConnect = yes Group = 1
And the log messages :
IRC0 : Dec 2 17:42:43 maxwell ngircd[23501]: /etc/ngircd/ngircd.conf: line 148: "Ident = yes", but ngircd was built without IDENT support! Dec 2 17:42:43 maxwell ngircd[23501]: Can't read help text file "/usr/share/doc/ngircd/Commands.txt": No such file or directory Dec 2 17:42:43 maxwell ngircd[23501]: No help text available, HELP command will be of limited use. Dec 2 17:42:43 maxwell ngircd[23501]: ngIRCd 21-IPv6+IRCPLUS+SSL+SYSLOG+ZLIB-i686/pc/linux-gnu started. Dec 2 17:42:43 maxwell ngircd[23501]: Using configuration file "/etc/ngircd/ngircd.conf" ... Dec 2 17:42:43 maxwell ngircd[23501]: GnuTLS 2.12.23 initialized. Dec 2 17:42:43 maxwell ngircd[23502]: Running as user irc(39), group irc(39), with PID 23502. Dec 2 17:42:43 maxwell ngircd[23502]: Not running with changed root directory. Dec 2 17:42:43 maxwell ngircd[23502]: IO subsystem: epoll (hint size 100, initial maxfd 100, masterfd 4). Dec 2 17:42:43 maxwell ngircd[23502]: Created pre-defined channel "#hnng". Dec 2 17:42:43 maxwell ngircd[23502]: Now listening on [0::]:50799 (socket 8). Dec 2 17:42:43 maxwell ngircd[23502]: Now listening on [0.0.0.0]:50799 (socket 9). Dec 2 17:42:44 maxwell ngircd[23502]: Preparing to establish a new server link for "irc2.xxx.net" ... Dec 2 17:42:44 maxwell ngircd[23502]: Establishing connection for "irc2.xxx.net" to "irc2.xxx.net:50799 » (—.—.—.—), socket 10 ... Dec 2 17:42:44 maxwell ngircd[23502]: SSL error: A TLS packet with unexpected length was received. [gnutls_handshake]. Dec 2 17:42:44 maxwell ngircd[23502]: SSL connection on socket 10 failed! Dec 2 17:42:44 maxwell ngircd[23502]: Shutting down connection 10 (Can't connect) with "irc2.xxx.net:50799" ... Dec 2 17:42:44 maxwell ngircd[23502]: Client unregistered (connection 10): Can't connect. Dec 2 17:42:44 maxwell ngircd[23502]: Connection 10 with "irc2.xxx.net:50799" closed (in: 0.0k, out: 0.0k).
IRC2: Dec 2 17:43:01 ampere ngircd[28153]: Accepted connection 15 from "—.—.—.—:38933" on socket 9. Dec 2 17:43:01 ampere ngircd[28153]: SSL error: Could not negotiate a supported cipher suite. [gnutls_handshake]. Dec 2 17:43:01 ampere ngircd[28153]: Shutting down connection 15 (SSL accept error, closing socket) with "—.—.—.—:38933" ... Dec 2 17:43:01 ampere ngircd[28153]: Client unregistered (connection 15): SSL accept error, closing socket. Dec 2 17:43:01 ampere ngircd[28153]: Connection 15 with "—.—.—.—:38933" closed (in: 0.0k, out: 0.0k).
Thanks in advance for your help.
-- Nicolas