Nicolas Leclercq wrote...
> Clients can connect to both nodes with SSL enabled (tested with irssi or
> znc), but the 2 servers does not want to talk together : SSL error: Could
> not negotiate a supported cipher suite. [gnutls_handshake]
> Packages version :
> libgnutls26 2.12.23-1ubuntu1.1
This is a bug in gnutls, I recently ran into that one, too:
There's a Debian bug report about it: <http://bugs.debian.org/708174>,
No such thing in Ubuntu AFAICS, or Launchpad hates me.
Unfortunately, the gnutls sources aren't very friendly for some
bisecting to identify the fix and backport it if possible. So, you'll
have to work around it.
Your options (read: Pick just one):
* Configure CipherList manually, either by lowering (potential
security breach) to "NORMAL" or even "EXPORT", or increasing to
SECURE256. I'd try the latter first unless some clients cannot deal
with it: This setting affects both client connect and server
* Re-compile ngircd with OpenSSL linkage.
* Re-compile and patch the s2s connecting code to use a different
cipher selection. Um, yes, that works. Not a very nice idea, though.
> PeerPassword = toto
> MyPassword = tata
Not the real passwords, I hope ...
ngIRCd Mailing List: ngIRCd-ML@arthur.barton.de