mIRC Home    About    Download    Register    News    Help

Print Thread
#271949 19/08/23 05:43 AM
Joined: Jul 2015
Posts: 15
T
tweek Offline OP
Pikka bird
OP Offline
Pikka bird
T
Joined: Jul 2015
Posts: 15
I join a private server. Since the past 2 updates I cannot join there I get the following error:

[Aug/19/2023 Sat:12:32:41am] * Connecting to XXXX.XXXX (+994)
-
[Aug/19/2023 Sat:12:32:42am] * Unable to connect to server (SSL legacy sigalg disallowed or unsupported)

Is there a easy workaround for me on this? Can we get some way to ignore the warning and join anyway since I know the site is safe as I have used it for many years?

Right now I use an old version to go there but I like to have latest updates for everything.

Thanks!

tweek #271951 19/08/23 11:28 AM
Joined: Dec 2002
Posts: 5,350
Hoopy frood
Offline
Hoopy frood
Joined: Dec 2002
Posts: 5,350
This is related to CVE-2009-3555, an MITM vulnerability in the SSL/TLS protocols, reported in 2009. While older OpenSSL versions had the SSL_OP_LEGACY_SERVER_CONNECT option enabled by default when using SSL_OP_ALL with SSL_CTX_set_options(), to allow connections to unpatched servers, newer versions of OpenSSL do not.

The issue is not whether the site you are using is safe/unsafe. It is that, because the SSL on your IRC server has not been updated, possibly since 2009, your SSL connections to it are not secure.

Have you contacted the owner of the server to ask them to update their server?


Link Copied to Clipboard