This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
clients [2015/04/10 10:58] jomat created |
clients [2016/07/12 12:08] jomat |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | Note: this collection is work in progress, please let us know if you had trouble with your client and how you fixed it. | ||
- | |||
==== Quassel ==== | ==== Quassel ==== | ||
- | Quasselcore <0.10 usse a manual selection for the SSL protocol, and this defaulted to SSLv3. | + | Quasselcore <0.10 usse a manual selection for the SSL protocol, and this defaulted to SSLv3.\\ |
- | In version 0.10, the selector was removed and auto negotiation was used. | + | In version 0.10, the selector was removed and auto negotiation was used.\\ |
- | However, a >=0.10 client is connected to a <0.10 core, you can't change that SSL protocol. | + | However, a >=0.10 client is connected to a <0.10 core, you can't change that SSL protocol.\\ |
- | The first option is to upgrade the core to 0.10 or later. | + | The first option is to upgrade the core to 0.10 or later.\\ |
You can also either use an old client (<0.10) to change the SSL protocol to TLSv1 for that connection (once you change it, you can go back to using whichever client version you want) or update the client to 0.12-rc1, which restores the SSL protocol selector for connections to old cores. | You can also either use an old client (<0.10) to change the SSL protocol to TLSv1 for that connection (once you change it, you can go back to using whichever client version you want) or update the client to 0.12-rc1, which restores the SSL protocol selector for connections to old cores. | ||
Line 13: | Line 11: | ||
All recent versions of irssi seem to work. If DANE verification doesn't work, ensure it is enabled and compiled in. See also https://github.com/irssi/irssi/commit/d826896f74925f2e77536d69a3d1a4b86b0cec61 | All recent versions of irssi seem to work. If DANE verification doesn't work, ensure it is enabled and compiled in. See also https://github.com/irssi/irssi/commit/d826896f74925f2e77536d69a3d1a4b86b0cec61 | ||
+ | |||
+ | <code>/connect -ssl -ssl_verify irc.darkfasel.net 6697</code> | ||
+ | |||
+ | if the above command fails, you need to specify the cacert root certificate: | ||
+ | |||
+ | <code>-ssl_cafile .irssi/ca_cacert.pem</code> | ||
+ | |||
+ | ==== weechat ==== | ||
+ | |||
+ | /server add darkfasel irc.darkfasel.net/+6697 -ssl -autoconnect | ||
+ | /set irc.server.darkfasel.ssl_verify on | ||
+ | /connect darkfasel | ||
+ | /save | ||
+ | /j #lobby | ||
+ | |||
+ | ==== Chatzilla ==== | ||
+ | Click here: <html><a href="ircs://irc.darkfasel.net">ircs://irc.darkfasel.net</a></html> | ||
+ | |||
+ | ==== HexChat ==== | ||
+ | [[clients:hexchat|Click here]] for Hexchat. | ||
+ | |||
+ | ==== Generic Clients / stunnel ==== | ||
+ | |||
+ | Configure stunnel in the following way to connect unsupported clients to localhost: | ||
+ | |||
+ | <code> | ||
+ | [irc] | ||
+ | client = yes | ||
+ | accept = 127.0.0.1:6667 | ||
+ | connect = irc.darkfasel.net:9999 | ||
+ | CAfile = /etc/ssl/certs/cacert-root.pem | ||
+ | verify = 2 | ||
+ | checkHost = irc.darkfasel.net | ||
+ | </code> |