Hi,
I am learning more and more about using Tor to protect disclosure of my IP address on the Internet to unnessecary third-parties and networks like IRC, because IRC is notorious for doing that.
I am having issues with setting up the SSL handshake. I know that outside when I use the command "usewithtor irssi" I always get the error:
Quote:
warning SSL handshake failed: server closed connection unexpectedly
|
What bothers me is that I don't know what causes an SSL handchake to fail. It don't think it like an out of date certificate. It could mean that its not being verified somehow after I told it to explicitly verify itself. The error is not verbose enough, and I don't know how to make irssi more verbose.
So I'm trying to figure out how to troubleshoot this problem, and I've sort of tried all of my practical ideas. Here's what I've done so far:
- Correctly set up SASL for Freenode and Tor:
http://freenode.net/irc_servers.shtml
http://freenode.net/sasl/
- Secured tor with these instructions:
https://trac.torproject.org/projects...ifyHOWTO/irssi
I decided not to use
socat, but
usewithtor instead, because I am not confident on my networking knowledge, and I have no idea what I'm going with the whole "address mapping" thing. I prefer to know what I'm doing before I do it (even though it costs time and effeciency).
Now when I start up irssi without the usewithtor or torify command, it can connect to Freenode's onion address just fine. Keep in mind that I do run Privoxy, but I would dislike having it conflict with IRC stuff. I have it forwarded to SOCKS5 (not SOCKS4a). I don't think Tor should be using Privoxy on the IRC protocol, but it might. I don't know how to diagnose this.
I also solved the problem in cap_sasl.pl, which, for some reason, didn't mention that I needed other Perl libraries to function properly. How stupid. Now I have DH-BLOWFISH support, yay.
Here's my config files and errors in detail:
~/.irssi/config
Quote:
servers = (
[...]
{
address = "p4fsi4ockecnea7l.onion";
autoconnect = "no";
chatnet = "Freenode";
port = "6697";
ssl_capath = "/etc/ssl/certs";
ssl_verify = "yes";
use_ssl = "yes";
},
|
/etc/tor/torrc
Quote:
mapaddress 10.40.40.40 p4si4ockecnea7l.onion
TransPort 9040
DNSPort 5353
AutomapHostsOnResolve 1
|
The error of the beast
Quote:
[13:24] -!- Irssi: SASL: auth loaded from /home/mrrhq/.irssi/sasl.auth
[13:25] -!- Irssi: Looking up p4fsi4ockecnea7l.onion
[13:25] -!- Irssi: Connecting to p4fsi4ockecnea7l.onion [127.0.69.0] port 6697
[13:25] -!- Irssi: warning SSL handshake failed: server closed connection unexpectedly
[13:25] -!- Irssi: Connection lost to p4fsi4ockecnea7l.onion
|
I am running Debian Sid GNU/Linux, Linux kernel 3.2.0-3-amd64.