hbIRCS : support des connexions sécurisées SSL/TLS

Boris HUISGEN
Boris HUISGEN
|

Un nouvel version de mon serveur IRC est disponible avec le support des connexions sécurisées SSL/TLS.

Après un mois de travail, de la documentation trop succincte à ce sujet, un seul post déterminant, plusieurs implémentations et beaucoup de debug, les connexions sécurisées SSL/TLS sont enfin supportées.

Évidemment, les sockets SSL de Java 1.4 ne sont pas utilisées mais bel et bien le SSLEngine de Java 5 qui apporte la couche sécurisée aux sockets NIO. Le tout est donc en mode I/O non bloquant et multithreadé :

The SSLEngine can be used for a wide variety of I/O types, such as non-blocking I/O (polling), selectable non-blocking I/O, Socket and the traditional Input/OutputStreams, local ByteBuffers or byte arrays, future asynchronous I/O models , and so on.

Exemple de connexion sécurisée :

[00:25:21]  * Looking up localhost
[00:25:21]  * Connecting to localhost (::1) port 9999...
[00:25:21]  * * Subject: /C=FR/ST=Ile-de-France/L=Paris/O=HBIRCS/OU=HBIRCS/CN=localhost
[00:25:21]  * * Issuer: /C=FR/ST=Ile-de-France/L=Paris/O=HBIRCS/OU=HBIRCS/CN=localhost
[00:25:21]  * * Subject: /C=FR/ST=Ile-de-France/L=Paris/O=HBIRCS/OU=HBIRCS/CN=localhost
[00:25:21]  * * Issuer: /C=FR/ST=Ile-de-France/L=Paris/O=HBIRCS/OU=HBIRCS/CN=localhost
[00:25:22]  * * Certification info:
[00:25:22]  *   Subject:
[00:25:22]  *     C=FR
[00:25:22]  *     ST=Ile-de-France
[00:25:22]  *     L=Paris
[00:25:22]  *     O=HBIRCS
[00:25:22]  *     OU=HBIRCS
[00:25:22]  *     CN=localhost
[00:25:22]  *   Issuer:
[00:25:22]  *     C=FR
[00:25:22]  *     ST=Ile-de-France
[00:25:22]  *     L=Paris
[00:25:22]  *     O=HBIRCS
[00:25:22]  *     OU=HBIRCS
[00:25:22]  *     CN=localhost
[00:25:22]  *   Public key algorithm: rsaEncryption (1024 bits)
[00:25:22]  *   Sign algorithm md5WithRSAEncryption
[00:25:22]  *   Valid since Jun  1 13:10:42 2009 GMT to Aug 30 13:10:42 2009 GMT
[00:25:22]  * * Cipher info:
[00:25:22]  *   Version: TLSv1/SSLv3, cipher DHE-RSA-AES256-SHA (256 bits)
[00:25:22]  * * Verify E: self signed certificate.? (18) -- Ignored
[00:25:22]  * Connected. Now logging in...
[00:25:22]  * Welcome to the hbIRCS IRC Network bhuisgen!bhuisgen@localhost
[00:25:22]  * Your host is irc.bhuisgen.fr, running version 0.2.0-UNSTABLE
[00:25:22]  * This server was created Tue Jun 30 00:24:22 CEST 2009
[00:25:22]  * irc.bhuisgen.fr 0.2.0-UNSTABLE aiwroOs abeiIklmnoOpqrstv
[00:25:22]  * NICKLEN=15 CHANNELLEN=50 TOPICLEN=4096 PREFIX=(ov)@+ CHANTYPES=#&+!
CHANMODES=abeiIklmnoOpqrstv CASEMAPPING=UTF-8 NETWORK=hbIRCS IRC Network :are supported by this server
[00:25:22]  * There are 1 users and 0 invisible on 1 servers
[00:25:22]  * 0 :operator(s) online
[00:25:22]  * 0 :channels formed
[00:25:22]  * I have 1 clients and 0 servers.
[00:25:22]  * Current local users: 1 Max: 1
[00:25:22]  * Current global users: 1 Max: 1
[00:25:22]  * - irc.bhuisgen.fr Message of the Day -
[00:25:22]  * -
[00:25:22]  * -     _/        _/        _/_/_/  _/_/_/      _/_/_/    _/_/_/
[00:25:22]  * -    _/_/_/    _/_/_/      _/    _/    _/  _/        _/
[00:25:22]  * -   _/    _/  _/    _/    _/    _/_/_/    _/          _/_/
[00:25:22]  * -  _/    _/  _/    _/    _/    _/    _/  _/              _/
[00:25:22]  * - _/    _/  _/_/_/    _/_/_/  _/    _/    _/_/_/  _/_/_/
[00:25:22]  * -
[00:25:22]  * -                 Welcome on hbIRCS IRC server !
[00:25:22]  * End of /MOTD command
[00:25:22]  * Found your IP: [127.0.0.1]
[00:25:22]  * irc.bhuisgen.fr sets mode +w bhuisgen
[00:25:22]  * irc.bhuisgen.fr sets mode +i bhuisgen
[00:25:22]  * irc.bhuisgen.fr sets mode +s bhuisgen
[00:25:37]  * You are now an IRC operator
Boris HUISGEN
Boris HUISGEN
Blog owner
  • #hbircs