• "Warning: remote set UNSECURE session"

    From Oli@2:280/464.47 to All on Tue May 25 07:34:02 2021

    Why is this happening?

    - 07:02 [1045] VER binkd/1.1a-112/Linux binkp/1.1
    [...]
    + 07:02 [1045] Remote has 0b of mail and 0b of files for us
    - 07:02 [1045] OPT EXTCMD GZ BZ2
    + 07:02 [1045] Remote supports EXTCMD mode
    + 07:02 [1045] Remote supports GZ mode
    + 07:02 [1045] Remote supports BZ2 mode
    ? 07:02 [1045] Warning: remote set UNSECURE session
    ‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾
    + 07:02 [1045] pwd protected session (MD5)
    ? 07:02 [1045] aborted by Perl after_handshake(): CRYPT mode is required. Disconnecting ...
    [...]

    What I understand from the log is that it's a password protected session, but the remote binkd does not offer CRYPT. I tried to reproduce this behaviour with another binkd instance for testing, but I'm unable to get this warning. I tried the -r parameter, but it seems to do nothing.

    I'm also confused what UNSECURE means in that context. Without encryption? Or unsecure / non-secure as in session without a password (but it clearly says "pwd protected session (MD5)").

    The warning is in protocol.c:

    if (state->state == P_SECURE && strcmp(w, "non-secure") == 0)
    {
    state->crypt_flag=NO_CRYPT;
    /* some development binkd versions send OPT CRYPT with unsecure session */
    Log (1, "Warning: remote set UNSECURE session");
    state->state_ext = P_REMOTE_NONSECURE;
    }

    I still don't understand what's going on there.

    ---
    * Origin: . (2:280/464.47)