UPDATE: This problem has since been resolved. See https://wink.messengergeek.com/t/important-update-regarding-the-status-of-the-escargot-server/4277/59.
Hello, all.
You may know that Escargot is back up, but along that are some huge aggravating caveats that @valtron had to deal with, which also affects us on our end.
So basically, you might know that someone has been trying to DDOS the server, and for good measure, @valtron decided to install some anti-intrusion software to try to halt the DDOSing to a minimum. Unfortunately, it halted on an error due to some nonsensical incompatibility, and in the process, took down Caddy, the thing that made Escargot support HTTPS, which is why you could still login on MD5-based versions of Messenger.
After playing around with it for a few hours, he decided on a simple fix to the problem, which fixed that. But another problem rose up: Caddy now wouldnât run as a systemd
service (basically, Admin privileges), which he found out was due to it not binding to the HTTP and HTTPS ports. Trying to set the permissions manually didnât work, either. The built-in permissions checker in systemd
didnât do anything as well. He assumed that the anti-intrusion software probably upgraded systemd
, so he decided the logical thing to do was to upgrade Caddy. The problem didnât fix itself, though, so he decided to run Caddy himself.
As it turns out, the latest version of Caddy uses version 2 of the ACME protocol, which is related to HTTPS, so it has to retreive the HTTPS certificates all over again. Since he was running it over and over a lot, this combined with the certificate retrieval resulted in a rate limits error, meaning he couldnât get any new certificates, nor could he use the old ones.
@valtron just decided to use a temporary Caddyfile, the configuration file for Caddy, and specify older certificates made before the time he had been fighting with Caddy. Apparently, theyâre valid for two months as Iâm writing this. But even though his Certificate Authority (CA) is Letâs Encrypt, which lets rate limits expire in a weekâs time, he still has the port binding issue to deal with. So if a week passes and thereâs an extended period of no connectivity to the site or on Nexus and RST-based versions of MSN, no more Escargot for a while.
So, now you see why Escargot is always âunstable.â Things have to screw @valtron over and make the experience a living hell. So in the meanwhile, enjoy these two months of Escargot use on MSN 4.7-8.5 that you have. If 2 months time passes and the server randomly shuts down, time to use 4.6 and below, and for anyone who hasnât set up their account to have old MSN client support already, either follow the password reset procedure and check the checkbox that allows for old client support when it specifies for a new password, or create a new account with old MSN client support set up on it. Just keep in mind that you MUST do this before the potential shutdown of the HTTP service within 2 months, and that MD5 is an insecure hashing algorithm. This does NOT mean that it is possible to crack, but it is possible to create similar hashes of your password and potentially let hackers break in to your account, which is not 100% or even 50% guaranteed, but be wary of what youâre putting yourself into.
For now, bye.