This update makes it easier to use TLS/SSL connections to IRC networks with Bip.
Just like any other TLS/SSL-capable client, in order to use its 'ca' mode of TLS/SSL server certificate validation where certificates are validated to ensure they are issued by a CA 'trusted' by the system, a set of trusted CA certificates must be available to Bip.
Fedora / EL provide a system store of trusted certificates for applications to use, but prior to this update, Bip did not know where to find it, and was not capable of using the store in the form we provide (a bundle file, as opposed to a directory containing individual certificate files). This update both makes Bip capable of using a trust store in the form of a bundle file, and allows it to find the system trust store with no special configuration required.
The result is that you can enable the 'ca' validation mode (with the 'ssl_check_mode = "ca";' configuration file directive) and enable SSL/TLS for networks which support connections and use certificates issued by recognized public CAs (or any other CA you add to the system trust store with the 'update-ca-trust' system; see 'man update-ca-trust' for more details on this). Not all networks support SSL/TLS connections, or use certificates signed by recognized public CAs if they do; check with each individual network for details on their configuration. As an example, SSL/TLS connection to the Freenode network is possible with the server address 'chat.freenode.net' on port 7000 (this will always direct you to an SSL/TLS-capable server using an appropriate certificate).
This affects only communication between Bip and the remote IRC networks. Use of SSL/TLS between your clients and your Bip server is not changed by this update.
The changes in this update are backports from upstream Bip. Use network-online.target (#862610) First build of bip for epel7
Please login to add feedback.
This update has been submitted for testing by adamwill.
This update is currently being pushed to the Fedora EPEL 7 testing updates repository.
This update has been pushed to testing
This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes
This update has been submitted for stable by adamwill.
This update is currently being pushed to the Fedora EPEL 7 stable updates repository.
This update has been pushed to stable