Here's my output:
Code: Select all
[T3256@GURY eggdrop]$ ./eggdrop -n eggdrop.conf
Eggdrop v1.8.0+publistennoident (C) 1997 Robey Pointer (C) 2010 Eggheads
[16:35:07] Allocated bind table unld (flags 1)
[16:35:07] Allocated bind table time (flags 1)
[16:35:07] Allocated bind table cron (flags 1)
[16:35:07] Allocated bind table note (flags 0)
[16:35:07] Allocated bind table nkch (flags 1)
[16:35:07] Allocated bind table load (flags 1)
[16:35:07] Allocated bind table link (flags 1)
[16:35:07] Allocated bind table filt (flags 1)
[16:35:07] Allocated bind table disc (flags 1)
[16:35:07] Allocated bind table dcc (flags 0)
[16:35:07] Allocated bind table chpt (flags 1)
[16:35:07] Allocated bind table chon (flags 1)
[16:35:07] Allocated bind table chof (flags 1)
[16:35:07] Allocated bind table chjn (flags 1)
[16:35:07] Allocated bind table chat (flags 1)
[16:35:07] Allocated bind table bot (flags 0)
[16:35:07] Allocated bind table bcst (flags 1)
[16:35:07] Allocated bind table away (flags 1)
[16:35:07] Allocated bind table act (flags 1)
[16:35:07] Allocated bind table evnt (flags 1)
[16:35:07] Allocated bind table die (flags 1)
[16:35:07] Allocated bind table log (flags 1)
[16:35:07] Allocated bind table tls (flags 1)
[16:35:07] --- Loading eggdrop v1.8.0+publistennoident (Wed Mar 16 2011)
[17:35:07] Module loaded: blowfish
[17:35:07] Module loaded: dns
[17:35:07] Module loaded: channels
[17:35:07] Allocated bind table wall (flags 1)
[17:35:07] Allocated bind table raw (flags 1)
[17:35:07] Allocated bind table notc (flags 1)
[17:35:07] Allocated bind table msgm (flags 1)
[17:35:07] Allocated bind table msg (flags 0)
[17:35:07] Allocated bind table flud (flags 1)
[17:35:07] Allocated bind table ctcr (flags 1)
[17:35:07] Allocated bind table ctcp (flags 1)
[17:35:07] Allocated bind table out (flags 1)
[17:35:07] Module loaded: server
[17:35:07] Module loaded: ctcp
[17:35:07] Allocated bind table topc (flags 1)
[17:35:07] Allocated bind table splt (flags 1)
[17:35:07] Allocated bind table sign (flags 1)
[17:35:07] Allocated bind table rejn (flags 1)
[17:35:07] Allocated bind table part (flags 1)
[17:35:07] Allocated bind table nick (flags 1)
[17:35:07] Allocated bind table mode (flags 1)
[17:35:07] Allocated bind table kick (flags 1)
[17:35:07] Allocated bind table join (flags 1)
[17:35:07] Allocated bind table pubm (flags 1)
[17:35:07] Allocated bind table pub (flags 0)
[17:35:07] Allocated bind table need (flags 1)
[17:35:07] Module loaded: irc
[17:35:07] Allocated bind table rcvd (flags 1)
[17:35:07] Allocated bind table sent (flags 1)
[17:35:07] Allocated bind table lost (flags 1)
[17:35:07] Allocated bind table tout (flags 1)
[17:35:07] LANG: Section loaded: transfer
[17:35:07] LANG: 59 messages of 66 lines loaded from ./language/transfer.english.lang
[17:35:07] LANG: 59 adds, 0 updates to message table
[17:35:07] Module loaded: transfer (with lang support)
[17:35:07] LANG: Section loaded: notes
[17:35:07] LANG: 42 messages of 48 lines loaded from ./language/notes.english.lang
[17:35:07] LANG: 42 adds, 0 updates to message table
[17:35:07] Module loaded: notes (with lang support)
[17:35:07] LANG: Section loaded: console
[17:35:07] LANG: 10 messages of 16 lines loaded from ./language/console.english.lang
[17:35:07] LANG: 10 adds, 0 updates to message table
[17:35:07] Module loaded: console (with lang support)
[17:35:07] Userinfo TCL v1.07 loaded (URL BF GF IRL EMAIL DOB PHONE ICQ).
[17:35:07] use '.help userinfo' for commands.
[17:35:07] Userfile loaded, unpacking...
[17:35:07] === Bot3256: 0 channels, 1 users.
[17:35:07] main: entering loop
[17:35:07] Trying server [irc.paraphysics.net]:+6697
[17:35:07] DNS Resolver: Creating new record
[17:35:07] DNS Resolver: Sent domain lookup request for "irc.paraphysics.net".
[17:35:07] DNS Resolver: Received nameserver reply. (qd:1 an:1 ns:0 ar:0)
[17:35:07] DNS Resolver: answered domain query: "irc.paraphysics.net"
[17:35:07] DNS Resolver: TTL: 1h
[17:35:07] DNS Resolver: TYPE: A: host address
[17:35:07] DNS Resolver: Lookup successful: irc.paraphysics.net
[17:35:07] DNS resolved irc.paraphysics.net to 198.3.160.3
[17:35:07] TLS: attempting SSL negotiation...
[17:35:07] TLS: state change: before/connect initialization
[17:35:07] TLS: state change: before/connect initialization
[17:35:07] TLS: state change: SSLv2/v3 write client hello B
[17:35:07] TLS: handshake in progress
[17:35:07] TLS: state change: SSLv2/v3 write client hello B
[17:35:09] TLS: state change: SSLv2/v3 write client hello B
[17:35:09] TLS: state change: SSLv2/v3 read server hello A
[17:35:09] sockread EAGAIN: 5 11 (Resource temporarily unavailable)
[17:35:09] TLS: state change: SSLv2/v3 read server hello A
[17:35:09] dequeue_sockets(): errno = 11 (Resource temporarily unavailable) on 5
[17:35:09] TLS: state change: SSLv3 read server hello A
[17:35:09] TLS: X509 has no subjectAltName extension
[17:35:09] TLS: state change: SSLv3 read server certificate A
[17:35:09] TLS: state change: SSLv3 read server key exchange A
[17:35:09] TLS: state change: SSLv3 read server key exchange A
[17:35:09] sockread EAGAIN: 5 11 (Resource temporarily unavailable)
[17:35:09] TLS: state change: SSLv3 read server key exchange A
[17:35:09] dequeue_sockets(): errno = 11 (Resource temporarily unavailable) on 5
[17:35:09] TLS: state change: SSLv3 read server key exchange A
[17:35:09] TLS: state change: SSLv3 read server done A
[17:35:09] TLS: state change: SSLv3 write client key exchange A
[17:35:09] TLS: state change: SSLv3 write change cipher spec A
[17:35:09] TLS: state change: SSLv3 write finished A
[17:35:09] TLS: state change: SSLv3 flush data
[17:35:09] TLS: state change: SSLv3 read finished A
[17:35:09] sockread EAGAIN: 5 11 (Resource temporarily unavailable)
[17:35:09] TLS: state change: SSLv3 read finished A
[17:35:09] dequeue_sockets(): errno = 11 (Resource temporarily unavailable) on 5
[17:35:09] TLS: state change: SSLv3 read finished A
[17:35:09] TLS: handshake successful. Secure connection established.
[17:35:09] TLS: certificate subject: C=US, ST=Texas, L=Houston, O=Paraphysics Special Effects, OU=Online, CN=Mark Miller, emailAddress=mark@pyromasters.com
[17:35:09] TLS: certificate issuer: C=US, ST=Texas, L=Houston, O=Paraphysics Special Effects, OU=Online, CN=Mark Miller, emailAddress=mark@pyromasters.com
[17:35:09] TLS: certificate MD5 Fingerprint: 9E:69:3B:07:5F:B2:96:74:EC:23:DC:7A:0F:71:07:8B
[17:35:09] TLS: certificate SHA1 Fingerprint: 80:FE:B3:AC:D1:36:01:21:8A:77:52:0C:9D:66:EE:76:FB:89:2F:34
[17:35:09] TLS: certificate valid from Dec 10 09:20:59 2008 GMT to Dec 10 09:20:59 2009 GMT
[17:35:09] TLS: cipher used: DHE-RSA-AES256-SHA TLSv1/SSLv3; 256 bits (256 secret)
[17:35:09] TLS: cipher details: DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
[17:35:09] TLS: state change: SSL negotiation finished successfully
[17:35:09] TLS: state change: SSL negotiation finished successfully
[17:35:09] sockread EAGAIN: 5 11 (Resource temporarily unavailable)
[17:35:09] net: connect! sock 5
[17:35:09] Connected to irc.paraphysics.net
[17:35:09] -NOTICE- *** Processing connection to irc.paraphysics.net
[17:35:09] -NOTICE- *** Looking up your hostname...
[17:35:09] -NOTICE- *** Checking Ident
[17:35:09] -NOTICE- *** Found your hostname
[17:35:21] -NOTICE- *** No Ident response
[17:35:21] sockread EAGAIN: 5 11 (Resource temporarily unavailable)
[17:35:21] sockread EAGAIN: 5 11 (Resource temporarily unavailable)
[17:35:21] sockread EAGAIN: 5 11 (Resource temporarily unavailable)
[17:35:21] sockread EAGAIN: 5 11 (Resource temporarily unavailable)
[17:35:21] sockread EAGAIN: 5 11 (Resource temporarily unavailable)
[17:35:21] sockread EAGAIN: 5 11 (Resource temporarily unavailable)
[17:35:21] CTCP VERSION: from ParaDMON (services@paraphysics.services)Here's my ssl settings in eggdrop.conf:
Code: Select all
##### SSL SETTINGS #####
# Settings in this section take effect when eggdrop is compiled with TLS
# support.
# File containing your private key, needed for the SSL certificate
# (see below). You can create one issuing the following command:
#
# openssl genrsa -out eggdrop.key 2048
#
# It will create a 2048 bit RSA key, strong enough for eggdrop.
# This is required for SSL hubs/listen ports, secure file transfer and
# /ctcp botnick schat
# For your convenience, you can type 'make sslcert' after 'make install'
# and you'll get a key and a certificate in your DEST directory.
set ssl-privatekey "/etc/ssl/eggdrop/CA/Assimilator-key.pem"
# Specify the filename where your SSL certificate is located. If you
# don't set this, eggdrop will not be able to act as a server in SSL
# connections, as with most ciphers a certificate and a private key
# are required on the server side. Must be in PEM format.
# If you don't have one, you can create it using the following command:
#
# openssl req -new -key eggdrop.key -x509 -out eggdrop.crt -days 365
#
# This is required for SSL hubs/listen ports, secure file transfer and
# /ctcp botnick schat
# For your convenience, you can type 'make sslcert' after 'make install'
# and you'll get a key and a certificate in your DEST directory.
set ssl-certificate "/etc/ssl/eggdrop/CA/Assimilator-cert.pem"
# Sets the maximum depth for the certificate chain verification that will
# be allowed for ssl. When certificate verification is enabled, any chain
# exceeding this depth will fail verification.
#set ssl-verify-depth 9
# Specify the location at which CA certificates for verification purposes
# are located. These certificates are trusted. If you don't set this,
# certificate verification will not work.
set ssl-capath "/etc/ssl/eggdrop/CA"
set ssl-cafile "/etc/ssl/eggdrop/CA/cacert.pem"
# Specify the list of ciphers (in order of preference) allowed for use with
# ssl. The cipher list is one or more cipher strings separated by colons,
# commas or spaces. Unavailable ciphers are silently ignored unless no useable
# cipher could be found. For the list of possible cipher strings and their
# meanings, please refer to the ciphers(1) manual.
# Note: if you set this, the value replaces any ciphers OpenSSL might use by
# default. To include the default ciphers, you can put DEFAULT as a cipher
# string in the list.
# For example:
#
# set ssl-ciphers "DEFAULT ADH"
#
# This will make eggdrop allow the default OpenSSL selection plus anonymous
# DH ciphers.
#
# set ssl-ciphers "ALL"
#
# This will make eggdrop allow all ciphers supported by OpenSSL, in a
# reasonable order.
set ssl-ciphers "ALL"
# Enable certificate authorization. Set to 1 to allow users and bots to
# identify automatically by their certificate fingerprints. Setting it
# to 2 to will force fingerprint logins. With a value of 2, users without
# a fingerprint set or with a certificate UID not matching their handle
# won't be allowed to login on SSL enabled telnet ports. Fingerprints
# must be set in advance with the .fprint and .chfinger commands.
# NOTE: this setting has no effect on plain-text ports.
set ssl-cert-auth 1
# You can control SSL certificate verification using the following variables.
# All of them are flag-based. You can set them by adding together the numbers
# for all exceptions you want to enable. By default certificate verification
# is disabled and all certificates are assumed to be valid. The numbers are
# the following:
#
# Enable certificate verification - 1
# Allow self-signed certificates - 2
# Don't check peer common or alt names - 4
# Allow expired certificates - 8
# Allow certificates which are not valid yet - 16
# Allow revoked certificates - 32
# A value of 0 disables verification.
# Control certificate verification for DCC chats (only /dcc chat botnick)
set ssl-verify-dcc 11
# Control certificate verification for linking to hubs
#set ssl-verify-bots 0
# Control cerfificate verification for SSL listening ports. This includes
# leaf bots connecting, users telneting in and /ctcp bot chat.
set ssl-verify-clients 11