USER_AVATAR
toucana
Chatroom Operator
 
Posts: 1398
Joined: September 20th, 2006, 10:17 am
Location: Bristol UK
Blog: View Blog (10)


Archives
- March 2019
Kingdom Death: Monster - A Hobby Game
   March 17th, 2019, 7:03 pm

+ December 2018
+ November 2018
+ April 2017
+ July 2012
+ June 2012
+ April 2012
+ October 2010
+ August 2010
+ June 2010
Search Blogs

Advanced search (keyword or author)

DALnet have recently added SSL (secure socket layer) connection capabilities to all their servers. The rolling upgrade was one of the reasons why DALnet servers were behaving so oddly a month or so ago. They had to be taken off-line one by one to have the code patches installed.

SSL is meant to provide end to end encryption of all sessions between your IRC client and server which reduces the risk of having passwords or other confidential information stolen. DALnet have also added both a new user mode +S to indicate that an SSL connection is in use, and a new optional channel mode +S for channels that require all users to be SSL connected as a condition of entry.

I wanted to test the new SSL facilities with my default IRC client MacIrssi which is basically a Cocoa GUI version of the well known Unix terminal Irssi client. There is plenty of documentation about using Irssi, but very little about MacIrssi, so I was curious to see how well this would play.

Establishing a connection to an SSL socket on a DALnet server turned out to be simple enough:

/connect -SSL irc.dal.net 6697

This asks the normal DALnet random server to redirect you to an available server using the TCP port 6697 which is mandatory for SSL connections on DALnet. (Other IRC networks may use different port numbers for SSL). The normal MOTD and connection scroll appears on screen in your console window, and a quick check on /whois nick returns an extra line of information confirming that you are using a secure connection.
So far so good.

The snag turned out to be that DCC CHAT commands no longer worked, even though my firewall and NAT router were correctly set, and DCC CHAT worked without difficulty on a non-SSL connection. It seems that the SSL connection module used in MacIrssi is hard-coded to offer only *secure* DCC chat connections which requires the creation and exchange of information between clients to validate self-written SSL authentication certificates. The only quick way of getting a DCC CHAT session to work with an unsecured peer over an SSL server connection at my end was to use the reverse DCC mode

/ctcp <nick> chat

This prompts the target nick to offer you a DCC CHAT which you then accept with

/dcc chat <nick>

After which everything else works normally inside the MacIrssi Cocoa interface.

(N.B. If you are using a different IRC client you will need to consult documentation, and in the case of mIRC, you will have to download and install an extra Open SSL code plug-in to make use of secure connections on DALnet. see http://www.mirc.com/ssl.html)

0 Comments Viewed 2352 times

Who is online

Registered users currently online: Google Adsense [Bot], Google [Bot], Lomax