[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4688: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4690: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4691: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4692: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
DC++ • View topic - The 0.68+ SSL howto

The 0.68+ SSL howto

Technical discussion about the NMDC and <a href="http://dcpp.net/ADC.html">ADC</A> protocol. The NMDC protocol is documented in the <a href="http://dcpp.net/wiki/">Wiki</a>, so feel free to refer to it.

Moderator: Moderators

The 0.68+ SSL howto

Postby arnetheduck » 2006-01-10 18:21

The SSL support in 0.68 is...fragile...at best, but still if you want to test it, here's how:

Option 1:
1) Generate a self-signed root certificate that will be used to sign individual certs. Install this certificate in the hub.

2) Generate a certificate for each client, and sign it with the root certificate. Make sure you don't encrypt the private key, DC++ cannot handle encrypted keys (yet?).

3) Install the root (hub) certificate in each client. This is done by copying the pem formatted certificate to the client's trusted certificates directory that you set up in the certificates page in settings.

4) Point DC++ to the private key & own certificate using the same settings page.

5) Connect to the hub. The hub should request the signed cert from the user and can use that as authentication.

6) Clients, when connecting to each other will only allow connections to/from other clients whose certificates they trust - if all clients are signed by the hub and all clients trust the hub this comes for free.

Option 2:
1) Generate a self-signed certificate and point dc++ to it.

2) For every client you want to connect to, put its certificate in the trusted certs folder. This will make you trust any user whose cert is signed by the trusted folder certs as well.

3) Connect to the hub - not necessarily using SSL. Any file transfers will still be encrypted.

A few tips:
1) Most probably, in the future, DC++ will require the certificate CN field to match the base32 encoded CID much like web certs must match the domain name, so save yourself some trouble by using this convention already.

2) Search replies and any other UDP traffic are still not encrypted.

3) Only ADC hubs are supported, connect to them with the adcs:// prefix instead of adc://

4) http://www.gagravarr.org/writing/openssl-certs/ca.shtml contains a reasonable guide on how to create the certificates.

5) A [S] in your transfer bar will indicate that the transfer is encrypted.

Enjoy!
arnetheduck
The Creator Himself
 
Posts: 296
Joined: 2003-01-02 17:15

Postby ullner » 2006-01-11 13:23

Have a look at my for a cert creating tutorial for Windows...
Last edited by ullner on 2006-03-09 05:19, edited 1 time in total.
|
ullner
Forum Moderator
 
Posts: 333
Joined: 2004-09-10 11:00

Postby ConstB » 2006-02-17 15:30

ConstB
 
Posts: 2
Joined: 2006-02-17 15:27
Location: Tomsk, Russia

Postby ullner » 2006-02-17 17:06

|
ullner
Forum Moderator
 
Posts: 333
Joined: 2004-09-10 11:00

Re: The 0.68+ SSL howto

Postby rafal.prasal » 2007-01-07 07:27

rafal.prasal
 
Posts: 1
Joined: 2007-01-07 07:20

Re: The 0.68+ SSL howto

Postby GargoyleMT » 2007-01-08 18:44

GargoyleMT
DC++ Contributor
 
Posts: 3212
Joined: 2003-01-07 21:46
Location: .pa.us

encrypted dc++

Postby theanomaly » 2007-01-11 21:41

theanomaly
 
Posts: 2
Joined: 2006-08-27 22:05


Return to Protocol Alley

Who is online

Users browsing this forum: No registered users and 1 guest

cron