On Sat, Feb 10, 2018 at 01:55:12AM +0100, Josuah Demangeon wrote: > --- > tools.suckless.org/ii/usage.md | 27 +++++++++++++++++++++++++++ > 1 file changed, 27 insertions(+) > > diff --git a/tools.suckless.org/ii/usage.md b/tools.suckless.org/ii/usage.md > index c9720dd..0d3fc13 100644 > --- a/tools.suckless.org/ii/usage.md > +++ b/tools.suckless.org/ii/usage.md > @@ -56,3 +56,30 @@ hysteria > lchat > ----- > [lchat](https://github.com/younix/lchat) is a line oriented terminal > font-end. > + > +TLS/SSL > +------- > +To connect to a TLS/SSL encrypted channel, it is possible to use the [SSL > patch](/patches/ssl) or a proxy: > + > +[stunnel](https://www.stunnel.org/) is a proxy for an unencrypted TCP > connection to TLS: > + > +In `/etc/stunnel/stunnel.conf`: > + > + [irc.oftc.net] > + accept = 127.0.0.1:<your-port> > + connect = irc.oftc.net:6697 > + > +[inetd](http://man.openbsd.org/inetd) listens on multiple TCP ports and can > connect a program standard input and output to a TCP socket. > +This enables it to act as a simple proxy using any command line TLS client, > such as [openssl s_client](http://man.openbsd.org/openssl#S_CLIENT), [brssl > client](https://bearssl.org/gitweb/?p=BearSSL;a=blob;f=tools/brssl.c;h=91372b09f42149a503f9d13db0b78cf0a123611e;hb=HEAD#l43), > nc -ssl, socat... or any other: > + > +In `/etc/services`: > + > + irc-oftc <your port>/tcp > + > +In `/etc/inetd.conf`: > + > + irc-oftc stream tcp nowait nobody /usr/bin/openssl > openssl s_client -quiet -connect irc.oftc.net:6697 > + > +Then a proxy should be available at localhost:<your port> for ii to connect > to: > + > + ii -s 127.0.0.1 -p <your port> > -- > 2.14.2 > >
Sure, just add it to the wiki. -- Kind regards, Hiltjo
