Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added basic TLS support #120

Merged
merged 1 commit into from
May 6, 2020
Merged

Added basic TLS support #120

merged 1 commit into from
May 6, 2020

Conversation

insomniacslk
Copy link
Owner

Using -key and -cert CLI optins.

Signed-off-by: Andrea Barberio [email protected]

@insomniacslk insomniacslk requested a review from janza May 4, 2020 23:57
@insomniacslk
Copy link
Owner Author

I haven't tested this yet, will do tomorrow

@insomniacslk
Copy link
Owner Author

insomniacslk commented May 4, 2020

First step to fix #5

@codecov
Copy link

codecov bot commented May 5, 2020

Codecov Report

Merging #120 into master will decrease coverage by 0.05%.
The diff coverage is 0.00%.

Impacted file tree graph

@@            Coverage Diff            @@
##           master    #120      +/-   ##
=========================================
- Coverage    3.96%   3.90%   -0.06%     
=========================================
  Files           8       8              
  Lines        1034    1049      +15     
=========================================
  Hits           41      41              
- Misses        993    1008      +15     
Impacted Files Coverage Δ
irc_context.go 0.00% <ø> (ø)
main.go 9.09% <0.00%> (-2.54%) ⬇️
server.go 0.00% <0.00%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e38b1e9...ce77838. Read the comment docs.

@insomniacslk insomniacslk force-pushed the tls branch 2 times, most recently from d90d589 to 299611e Compare May 5, 2020 18:42
@insomniacslk
Copy link
Owner Author

insomniacslk commented May 5, 2020

Testing

  • generated a Letsencrypt certificate generated with certbot
  • started the server using -cert and -key on the relevant files
  • connected to irc-slack with irssi with TLS enabled

certificate generation

sudo certbot certonly \
    -n \
    -d your.domain.example.com \
    --test-cert \
    --standalone \
    -m [email protected] \
    --agree-tos

server

Need to listen explicitly on a reachable address (I did this test over the internet, so I used 0.0.0.0)

go run . \
    -D \
    -L debug \
    -key /etc/letsencrypt/live/your.domain.example.com/privkey.pem \
    -cert /etc/letsencrypt/live/your.domain.example.com/cert.pem \
    -H 0.0.0.0

irssi

/network add SlackYourTeamName
/server add -tls -auto -network SlackYourTeamName localhost 6666 xoxp-<your-slack-token>
/connect -tls SlackYourTeamName

then received TLS handshake and greeted by irc-slack:

19:42 -!- Irssi: Certificate Chain:
19:42 -!- Irssi:   Subject: CN: your.domain.example.com
19:42 -!- Irssi:   Issuer:  CN: Fake LE Intermediate X1
19:42 -!- Irssi: Protocol: TLSv1.3 (256 bit, TLS_AES_256_GCM_SHA384)
19:42 -!- Irssi: EDH Key: 253 bit Unknown
19:42 -!- Irssi: Public Key: 2048 bit RSA, valid from May  5 17:31:03 2020 GMT to Aug  3 17:31:03 2020 GMT
19:42 -!- Irssi: Public Key Fingerprint:  XX:XX:XX:XX (SHA256)
19:42 -!- Irssi: Certificate Fingerprint: XX:XX:XX:XX (SHA256)
19:42 -!- Irssi: Connection to your.domain.example.com established
19:42 -!- Welcome to the localhost IRC chat, insomniac!
19:42 -!- This is an IRC-to-Slack gateway, written by Andrea Barberio <[email protected]>.
19:42 -!- More information at https://github.com/insomniacslk/irc-slack.

@insomniacslk
Copy link
Owner Author

This is ready to review

Using -key and -cert CLI optins.

Signed-off-by: Andrea Barberio <[email protected]>
@insomniacslk
Copy link
Owner Author

Updated README with TLS instructions

@insomniacslk
Copy link
Owner Author

This has been working consistently for me, I'll merge (but please let me know if it breaks anything for you)

@insomniacslk insomniacslk merged commit 59beccd into master May 6, 2020
@insomniacslk insomniacslk deleted the tls branch May 6, 2020 13:21
@insomniacslk insomniacslk mentioned this pull request Jul 12, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant