This update makes it easier to use TLS/SSL connections to IRC networks with Bip.
Just like any other TLS/SSL-capable client, in order to use its 'ca' mode of TLS/SSL server certificate validation where certificates are validated to ensure they are issued by a CA 'trusted' by the system, a set of trusted CA certificates must be available to Bip.
Fedora / EL provide a system store of trusted certificates for applications to use, but prior to this update, Bip did not know where to find it, and was not capable of using the store in the form we provide (a bundle file, as opposed to a directory containing individual certificate files). This update both makes Bip capable of using a trust store in the form of a bundle file, and allows it to find the system trust store with no special configuration required.
The result is that you can enable the 'ca' validation mode (with the 'ssl_check_mode = "ca";' configuration file directive) and enable SSL/TLS for networks which support connections and use certificates issued by recognized public CAs (or any other CA you add to the system trust store with the 'update-ca-trust' system; see 'man update-ca-trust' for more details on this). Not all networks support SSL/TLS connections, or use certificates signed by recognized public CAs if they do; check with each individual network for details on their configuration. As an example, SSL/TLS connection to the Freenode network is possible with the server address 'chat.freenode.net' on port 7000 (this will always direct you to an SSL/TLS-capable server using an appropriate certificate).
This affects only communication between Bip and the remote IRC networks. Use of SSL/TLS between your clients and your Bip server is not changed by this update.
The changes in this update are backports from upstream Bip. Use network-online.target (#862610) First build of bip for epel7
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2015-1020
Please login to add feedback.