Martin's Hamster Page


Diese Seite auf Deutsch


Content


Hamster - what's that?

Hamster is an open source news and email server for Win32.
Here are some links to Hamster recources on the web.


Hamster and SSL/TLS

Starting with version 2.0.0.0, Hamster supports SSL (Secure Socket Layer) and TLS (Transport Layer Security). These protocols are used to encrypt tcp connections between two different computers. Special thanks to Thomas G. Liesner for incorporating the ssl code in Hamster "Classic"!

The SSL/TLS implementation uses the excellent cryptography libraries developed by the OpenSSL project. Hamster now implements the following secure protocols:

To activate SSL/TLS encryption in Hamster, you need the OpenSSL cryptography libraries. You may compile OpenSSL natively on your computer (a short instruction can be found below) or use the precompiled binaries.

Move the files libssl32.dll and libeay32.dll to the Hamster main directory. After restarting Hamster, the message "OpenSSL crypto libraries initialized" should appear in your log.

Choose "Enable advanced configuration" in the configuration menu to configure the SSL/TLS to your needs:


Windows binaries from the OpenSSL cryptography toolkit

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com).

First of all, I'd like to encourage anybody who really cares about security to build OpenSSL himself. Using the instructions for compiling it's quite easy and won't take much time.
For those who are not convinced yet, I offer some precompiled binaries for download. All files are signed with my PGP key.

  File: PGP signature:
OpenSSL 0.9.7m libraries (550 kB) openssl-0.9.7m_dlls.zip openssl-0.9.7m_dlls.zip.asc
openssl.exe 0.9.7m with docs (671 kB) openssl-0.9.7m_exe.zip openssl-0.9.7m_exe.zip.asc

 
  Major changes between OpenSSL 0.9.7l and OpenSSL 0.9.7m:
 
  o FIPS 1.1.1 module linking.
  o Various ciphersuite selection fixes.
 

NOTE: You have to accept the legal restrictions before downloading OpenSSL!


How to compile OpenSSL on Windows

This is a short description of how I compiled OpenSSL on windows. Of course, you could use another C compiler, e.g. Visual C++, Borland C or Gnu C running under Cygwin. However, I suggest the following approach:

Required software

Compiling

First install Perl and MinGW.

Decompress the OpenSSL sources. Now move the file mingw32.bat from the ms directory to the main OpenSSL directory. Start compiling OpenSSL by double clicking the mingw32.bat. After compiling the OpenSSL libraries can be found in the main directory, the other programs are in the newly created subdirectory out. Further information about installing OpenSSL provides the file Install.w32.

To convert the OpenSSL documentation to html, you might want to use this small perl script. Put the script into the doc directory and execute it. The folder doc/apps contains the documentation about openssl.exe, doc/crypto and doc/ssl contain docs for the cryptography and ssl libraries.

Compiling with Visual C++: Follow the instructions from Install.w32. For use with hamster classic, ssleay32.dll has to be renamed to libssl32.dll.

Hamster Playground and SSL: Jürgen Haible's excellent Hamster Playground is based on the Indy components. Indy requires modified OpenSSL libraries. Please refer to the informations available at the Indy SSL page.


Various tools

Creating X.509 certificates

Hamster requires X.509 certificates to use the local servers with TLS. This batch creates a self-signed X.509 certificate. Additionally, you need the program openssl.exe (see binaries from the OpenSSL toolkit).
Usage: Extract both files to the directory where you installed openssl.exe. Execute MakeCert.bat and follow the instructions given. Your public key (= certificate) and the corresponding private key will be saved to the file certificate.pem.
Download: MakeCert.zip (2 KB)

Converting certificates to hash format

Another small script will convert certificates in pem format to another format needed to use a directory as certificate store (Configuration - General Settings - SSL - path with certificates for verification). Additionally, a text file containing specific certificate information will be created. This script is written in hs2 (Hamster Script language) and does not need to be modified.
Usage: Execute the script and follow the instructions.
Download: SSL-Cert-Hash-en.hsc (7 KB)

Protocol negotiation wrapper for "openssl s_client"

If you use the program openssl s_client to connect a server that supports NNTP, SMTP, POP3 or IMAP over TLS on the standard port [RFC 2487, 2595, 2595], encryption will only be started at request of the client software. Unfortunately, openssl does not yet support that TLS protocol negotiation.
Usage: Execute SSL_Tool, configure it and start the wrapper. Then use openssl s_client to connect the wrapper instead of the server
Download: SSL_Tool.zip (186 kB)

Editor for the password file of Hamster

This small program allows you to view and edit the encrypted usernames and passwords of Hamster. It is also possible to change the "encryption base" without having to re-enter all passwords.
Usage: Please read the hamster help page passwords and the included documentation before use.
Download: HamPassEdit.zip (219 kB)


Valid HTML 4.01! Valid CSS!