On Sat, Feb 10, 2018 at 01:55:12AM +0100, Josuah Demangeon wrote:
> ---
> tools.suckless.org/ii/usage.md | 27 +++++++++++++++++++++++++++
> 1 file changed, 27 insertions(+)
>
> diff --git a/tools.suckless.org/ii/usage.md b/tools.suckless.org/ii/usage.md
> index c9720dd..0d3fc13 100644
> --- a/tools.suckless.org/ii/usage.md
> +++ b/tools.suckless.org/ii/usage.md
> _AT_@ -56,3 +56,30 @@ hysteria
> lchat
> -----
> [lchat](https://github.com/younix/lchat) is a line oriented terminal font-end.
> +
> +TLS/SSL
> +-------
> +To connect to a TLS/SSL encrypted channel, it is possible to use the [SSL patch](/patches/ssl) or a proxy:
> +
> +[stunnel](https://www.stunnel.org/) is a proxy for an unencrypted TCP connection to TLS:
> +
> +In `/etc/stunnel/stunnel.conf`:
> +
> + [irc.oftc.net]
> + accept = 127.0.0.1:<your-port>
> + connect = irc.oftc.net:6697
> +
> +[inetd](http://man.openbsd.org/inetd) listens on multiple TCP ports and can connect a program standard input and output to a TCP socket.
> +This enables it to act as a simple proxy using any command line TLS client, such as [openssl s_client](http://man.openbsd.org/openssl#S_CLIENT), [brssl client](https://bearssl.org/gitweb/?p=BearSSL;a=blob;f=tools/brssl.c;h=91372b09f42149a503f9d13db0b78cf0a123611e;hb=HEAD#l43), nc -ssl, socat... or any other:
> +
> +In `/etc/services`:
> +
> + irc-oftc <your port>/tcp
> +
> +In `/etc/inetd.conf`:
> +
> + irc-oftc stream tcp nowait nobody /usr/bin/openssl openssl s_client -quiet -connect irc.oftc.net:6697
> +
> +Then a proxy should be available at localhost:<your port> for ii to connect to:
> +
> + ii -s 127.0.0.1 -p <your port>
> --
> 2.14.2
>
>
Sure, just add it to the wiki.
--
Kind regards,
Hiltjo
Received on Sat Feb 10 2018 - 11:56:54 CET