I tried to get Rslight to pull from news.grc.com:563 via SSL and the
cron says it could not connect to the host.

But when I pull from port 119 without SSL enabled it works as expected.

I have no problem connecting to news.grc.com:563 with openssl s_client.

$> openssl s_client -ign_eof -connect news.grc.com:563

I triple checked to ensure SSL was set at '1' in the config.

I can't tell if the problem is with my Rslight config or grc.com SSL
config.

What should I look at? Is there a way to make the PHP output the SSL
connection handshake to a file that I can examine?

Also is there a way to do starttls at port 119?

Please advise.

--
SugarBug | https://sybershock.com

Syber Shock wrote:

> I tried to get Rslight to pull from news.grc.com:563 via SSL and the
> cron says it could not connect to the host.

> But when I pull from port 119 without SSL enabled it works as expected.

> I have no problem connecting to news.grc.com:563 with openssl s_client.

> $> openssl s_client -ign_eof -connect news.grc.com:563

> I triple checked to ensure SSL was set at '1' in the config.

This has worked in the past with a small selection of test sites I tried,
but I can confirm that it does not work now.

> I can't tell if the problem is with my Rslight config or grc.com SSL
> config.

Most likely rslight.

> What should I look at? Is there a way to make the PHP output the SSL
> connection handshake to a file that I can examine?

I will look into this now and get back with whatever results I find.

> Also is there a way to do starttls at port 119?

When working properly, it shouldn't matter the port number for the remote
server, just that SSL is set to '1'.

I'll post my test results here. (current test results is that it doesn't work :(

--
Posted on RetroBBS

Retro Guy wrote:

> Syber Shock wrote:

>> snip

> I will look into this now and get back with whatever results I find.

>> Also is there a way to do starttls at port 119?

> When working properly, it shouldn't matter the port number for the remote
> server, just that SSL is set to '1'.

> I'll post my test results here. (current test results is that it doesn't work :(

Here are my initial test results:

Fails for news.grc.com:
Starting Spoolnews...
Loaded groups
SERVER=news.grc.com PORT=563
bool(false) <- FAILS
NULL
int(0)
END

Works for news.novabbs.org:
Starting Spoolnews...
Loaded groups
SERVER=news.novabbs.org PORT=563
resource(22) of type (stream) <- WORKS
string(0) ""
int(0)
END

Works for news.newshosting.com:
Starting Spoolnews...
Loaded groups
SERVER=news.newshosting.com PORT=563
resource(23) of type (stream) <- WORKS
string(0) ""
int(0)
END

I did make one change to /var/www/html/<section>/newsportal.php:

Changed line 96 from:
$ns=@fsockopen('ssl://'.$nserver.":".$nport);

to:
$ns = fsockopen("ssl://".$nserver, $nport, $error, $errorString, 30));

If you could try a different server to see if you get the same results,
that may help.

news.novabbs.org:563 should work for rocksolid groups.

At this time, I don't yet know why it's not working for news.grc.com

--
Posted on RetroBBS