budRich
>> *nix users needing invites to networks ;)
fraun
Any idea why I'm banned? nick = fraun
fraun
Hi again, any luck unbanning me?
josuah
I had trouble for connecting with a client that does not handle TLS (like ii, sic, ...), and I found a solution! :)

I use an inetd stream entry which for piping the command-line TLS client* and a local TCP socket for your client to connect to. You can even have a Proxy machine which does the translation!

* openssl s_client, nc -ssl, brssl client... now you have the choice of your backend! :D Pipes are universal.

# vi /etc/services
Code:
irc-freenode    6970/tcp
irc-unix        6971/tcp
irc-other       6972/tcp
...

# vi /etc/inetd.conf
Code:
irc-freenode  stream  tcp  nowait  nobody  /usr/bin/openssl   openssl s_client -quiet -connect irc.freenode.net:6697
irc-unix      stream  tcp  nowait  nobody  /usr/bin/openssl   openssl s_client -quiet -connect unix.chat:6697
irc-other     stream  tcp  nowait  nobody  /usr/bin/openssl   openssl s_client -quiet -connect irc.other.networks:6697
...

And then start the inetd service, the inetd daemon... however you distro or you wants it... If it already runs, you can probably reload its configuration with:
# pkill -HUP inetd

You can pretty much use xinetd for this, the command itox translates the inetd format to xinetd format:
# itox < inetd.conf
Code:
service irc-unix
{
        socket_type     = stream
        protocol        = tcp
        wait            = no
        user            = nobody
        server          = /usr/bin/openssl
        server_args     = s_client -connect unix.chat:6697
}
z3bra
nice one Josuah! Taking the best from unix IPC ;)
josuah
Thank you z3bra!

For the ii client, it is possible to use UNIX sockets instead of TCP sockets:

# vi /etc/inetd.conf
Code:
/tmp/irc.freenode.net  stream  unix  nowait  nobody  /usr/bin/openssl  openssl s_client -quiet -connect irc.freenode.net:6697
/tmp/unix.chat         stream  unix  nowait  nobody  /usr/bin/openssl  openssl s_client -quiet -connect unix.chat:6697
/tmp/other...          stream  unix  nowait  nobody  /usr/bin/openssl  openssl s_client -quiet -connect irc.other.networks:6697
...

# ii -s unix.chat -u /tmp/unix.chat

And then you have ~/irc/unix.chat and not ~/irc/127.0.0.1. :)
Dog
I have to turn off verification for this server to connect. I'm getting this in weechat:

Code:
│13:49:42 | unix.chat =!= | gnutls: the hostname in the certificate does NOT match "irc.unix.chat"
│13:49:42 | unix.chat  -- | gnutls: peer's certificate is trusted
│13:49:42 | unix.chat =!= | irc: TLS handshake failed
│13:49:42 | unix.chat =!= | irc: error: Error in the certificate.

For anyone that runs into this, you can turn off verification with:

Code:
/set irc.server.<identifier>.ssl_verify off




Members  |  Stats  |  Night Mode