[tor-talk] can't enable SSL with IRSSI over TOR

2012-05-06 Thread Shane 
I hope this is the right list for this. I am trying to get setup to
freenode and have irssi sasl'd over tor, but I can't seem to get this
enabled with SSL. I've tried using torsocks and socat.


On my gentoo box I start things as ...
$ /etc/init.d/tor start
$ usewithtor irssi

or if using socat ...

$  socat tcp-listen:7070,reuseaddr,fork
SOCKS4A:127.0.0.1:p4fsi4ockecnea7l.onion:7070,socksport=9050 

Here's how I have things setup. Any help much appreciated.

~/.irssi/config
---
  {
address = p4fsi4ockecnea7l.onion;
chatnet = freenode-tor;
port = 6667;
use_ssl = no;
ssl_verify = no;
  }

If I change the port to 6697 and yes to use_ssl and ssl_verify, and
use socat, I get the following ...

00:50 -!- Irssi: Looking up p4fsi4ockecnea7l.onion
00:50 -!- Irssi: Connecting to p4fsi4ockecnea7l.onion [127.0.69.0] port 6697
00:50 -!- Irssi: warning SSL handshake failed: Connection refused
00:50 -!- Irssi: Connection lost to p4fsi4ockecnea7l.onion

Here's my /etc/tor/torrc file.
---
User tor
PIDFile /var/run/tor/tor.pid
Log notice syslog
DataDirectory /var/lib/tor/data

mapaddress 10.40.40.40 p4fsi4ockecnea7l.onion


And when I connect w/ only irssi over tor, it looks like this ...
---

00:30 Math::BigInt: couldn't load specified math lib(s), fallback to
  Math::BigInt::FastCalc at
  /usr/lib64/perl5/vendor_perl/5.12.4/Crypt/DH.pm line 6
00:30
00:30 -!- Irssi: SASL: auth loaded from /home/me/.irssi/sasl.auth
00:30 -!- Irssi: Looking up p4fsi4ockecnea7l.onion
00:30 -!- Irssi: Connecting to p4fsi4ockecnea7l.onion [127.0.69.0] port 6667
00:30 -!- Irssi: Connection to p4fsi4ockecnea7l.onion established
00:30 !asimov.freenode.net *** Looking up your hostname...
00:30 !asimov.freenode.net *** Checking Ident
00:30 !asimov.freenode.net *** No Ident response
00:30 !asimov.freenode.net *** Couldn't look up your hostname
00:30 -!- Irssi: CLICAP: supported by server: account-notify extended-join
  identify-msg multi-prefix sasl
00:30 -!- Irssi: CLICAP: requesting: multi-prefix sasl
00:30 -!- Irssi: CLICAP: now enabled: multi-prefix sasl
00:31 -!- pepps!pepps@127.0.6.5 pepps You are now logged in as
  pepps.
00:31 -!- Irssi: SASL authentication successful
00:31 !asimov.freenode.net *** Spoofing your IP
00:31 -!- Welcome to the freenode Internet Relay Chat Network pepperoni
00:31 -!- Your host is asimov.freenode.net[127.0.6.5/17209], running version
  ircd-seven-1.1.3
00:31 -!- This server was created Sun Dec 11 2011 at 22:15:09 UTC
00:31 -!- asimov.freenode.net ircd-seven-1.1.3 DOQRSZaghilopswz
  CFILMPQbcefgijklmnopqrstvz bkloveqjfI
00:31 -!- CHANTYPES=# EXCEPTS INVEX CHANMODES=eIbq,k,flj,CFLMPQcgimnprstz
  CHANLIMIT=#:120 PREFIX=(ov)@+ MAXLIST=bqeI:100 MODES=4
  NETWORK=freenode KNOCK STATUSMSG=@+ CALLERID=g are supported by this
  server
00:31 -!- CASEMAPPING=rfc1459 CHARSET=ascii NICKLEN=16 CHANNELLEN=50
  TOPICLEN=390 ETRACE CPRIVMSG CNOTICE DEAF=D MONITOR=100 FNC
TARGMAX=NAMES:1,LIST:1,KICK:1,WHOIS:1,PRIVMSG:4,NOTICE:4,ACCEPT:,MONITOR: are
  supported by this server
00:31 -!- EXTBAN=$,arx WHOX CLIENTVER=3.0 SAFELIST ELIST=CTU are supported by
  this server
00:31 -!- There are 241 users and 64123 invisible on 27 servers
00:31 -!- 39 IRC Operators online
00:31 -!- 10 unknown connection(s)
00:31 -!- 42958 channels formed
00:31 -!- I have 7158 clients and 1 servers
00:31 -!- 7158 10617 Current local users 7158, max 10617
00:31 -!- 64364 81443 Current global users 64364, max 81443

...

Anyone see what I'm doing wrong.
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] can't enable SSL with IRSSI over TOR

2012-05-06 Thread Shane 
 Does Freenode's hidden service support SSL?  Does it support SSL on port 6697?


Yes it does. 6697, 7000, 7070 that I know of ... These are my latest tries.


// /etc/tor/torrc
User tor
PIDFile /var/run/tor/tor.pid
Log notice syslog
DataDirectory /var/lib/tor/data

# tried these as well
#HiddenServiceDir /var/log/tor/hidden_service
#HiddenServicePort 7000 127.0.0.1:7000

### Freenode
mapaddress 10.40.40.40 p4fsi4ockecnea7l.onion


// .irssi/config
  {
address = p4fsi4ockecnea7l.onion;
chatnet = freenode-tor;
port = 7000;
use_ssl = yes;
ssl_verify = yes;
ssl_capath = /etc/ssl/certs;
autoconnect = yes;
  }


// usewithtor irssi
01:22 Math::BigInt: couldn't load specified math lib(s), fallback to
  Math::BigInt::FastCalc at
  /usr/lib64/perl5/vendor_perl/5.12.4/Crypt/DH.pm line 6
01:22
01:22 -!- Irssi: SASL: auth loaded from /home/me/.irssi/sasl.auth
01:23 -!- Irssi: Server p4fsi4ockecnea7l.onion saved
01:23 -!- Irssi: Saved configuration to file /home/me/.irssi/config
01:23 -!- Irssi: Theme saved to /home/me/.irssi/default.theme
01:23 -!- Irssi: Looking up p4fsi4ockecnea7l.onion
01:23 -!- Irssi: Connecting to p4fsi4ockecnea7l.onion [127.0.69.0] port 7000
01:23 -!- Irssi: warning SSL handshake failed: Connection refused
01:23 -!- Irssi: Connection lost to p4fsi4ockecnea7l.onion
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] can't enable SSL with IRSSI over TOR

2012-05-06 Thread Shane 
 There's no point in adding a layer of SSL over hidden services; the
 connection is already encrypted end to end.


I thought it was more like proxy-to-proxy leaving a small in-the-clear
gaps on the ends.
___
tor-talk mailing list
tor-talk@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk