Package: irssi Version: 0.8.15-2
Hi, irssi seems to be doing a reverse-lookup on the IP it is connecting to, and when the x509 certificate for ssl is validated, it wants the hostname it found via the reverse-lookup. Not that of the original hostname. This causes problems when connecting to the OFTC network via SSL. For instance: $ host irc.oftc.net irc.oftc.net is an alias for irc.geo.oftc.net. irc.geo.oftc.net has address 173.225.186.74 irc.geo.oftc.net has address 207.192.72.99 irc.geo.oftc.net has address 140.211.166.64 $ host -t PTR 99.72.192.207.in-addr.arpa 99.72.192.207.in-addr.arpa domain name pointer tesla.oftc.net. Which leads to the following: Irssi: Looking up irc.oftc.net Irssi: Connecting to tesla.oftc.net [207.192.72.99] port 6697 Irssi: warning None of the Subject Alt Names in the certificate match hostname 'tesla.oftc.net' Irssi: Connection lost to tesla.oftc.net Irssi: Removed reconnection to server tesla.oftc.net port 6697 Irssi: Looking up tesla.oftc.net Irssi: Reconnecting to tesla.oftc.net [207.192.72.99] port 6697 - use /RMRECONNS to abort Irssi: warning None of the Subject Alt Names in the certificate match hostname 'tesla.oftc.net' Irssi: Connection lost to tesla.oftc.net And note that later attempts will always fail since it is now attempting to connect to tesla.oftc.net, instead of irc.oftc.net. Cheers, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
