Skip to content

Instantly share code, notes, and snippets.

@allcentury
Last active May 9, 2021 23:19
Show Gist options
  • Save allcentury/e1ed5800d0a98a8828a9 to your computer and use it in GitHub Desktop.
Save allcentury/e1ed5800d0a98a8828a9 to your computer and use it in GitHub Desktop.

Start weechat if you haven't already:

$ weechat

open up browser and go to: https://irc.gitter.im/ retrieve your /PASS

In weecaht run (thanks to raine):

/server add gitter irc.gitter.im -ssl -ssl_verify -ssl_dhkey_size=1024 -password=GET_THIS_FROM_IRC_GITTER_IM

If you receive an error about certifications like this:

               │15:56:35   gitter  -- | irc: connecting to server irc.gitter.im/6667 (SSL)...
               │15:56:35   gitter  -- | gnutls: connected using 1024-bit Diffie-Hellman shared secret exchange
               │15:56:35   gitter  -- | gnutls: receiving 2 certificates
               │15:56:35   gitter  -- |  - certificate[1] info:
               │15:56:35   gitter  -- |    - subject `OU=Domain Control Validated,OU=Gandi Standard Wildcard SSL,CN=*.gitter.im', issuer `C=FR,O=GANDI SAS,CN=Gandi Standard SSL CA',
               │                      | RSA key 2048 bits, signed using RSA-SHA1, activated `2014-10-27 00:00:00 UTC', expires `2015-11-20 23:59:59 UTC', SHA-1 fingerprint
               │                      | `0f519b2d14ede0a82689ef42e328403fda5052a2'
               │15:56:35   gitter  -- |  - certificate[2] info:
               │15:56:35   gitter  -- |    - subject `C=FR,O=GANDI SAS,CN=Gandi Standard SSL CA', issuer `C=US,ST=UT,L=Salt Lake City,O=The USERTRUST
               │                      | Network,OU=http://www.usertrust.com,CN=UTN-USERFirst-Hardware', RSA key 2048 bits, signed using RSA-SHA1, activated `2008-10-23 00:00:00
               │                      | UTC', expires `2020-05-30 10:48:38 UTC', SHA-1 fingerprint `a9f79883a075ce82d20d274d1368e876140d33b3'
               │15:56:35   gitter =!= | gnutls: peer's certificate is NOT trusted
               │15:56:35   gitter =!= | gnutls: peer's certificate issuer is unknown
               │15:56:35   gitter =!= | irc: TLS handshake failed
               │15:56:35   gitter =!= | irc: error: Error in the certificate.

Take the last SHA-1 fingerprint received (in my case it's 0f519b2d14ede0a82689ef42e328403fda5052a2 - yours will be different).

Then in weechat run:

/set irc.server.gitter.ssl_fingerprint YOUR_FINGER_PRINT

This will hopefully give you:

                   │09:56:13   gitter  -- | - Message of the Day -
                   │09:56:13   gitter  -- | Welcome to Gitter
                   │09:56:13   gitter  -- | (null)
                   │09:56:13   gitter  -- | Please provide your password token using /PASS <token> and your GitHub username as your /NICK.
                   │09:56:13   gitter  -- | (null)
                   │09:56:13   gitter  -- | If you don't have a password token, please visit https://irc.gitter.im.
                   │09:56:13   gitter  -- | (null)
                   │09:56:13   gitter  -- | To join room, simply type /JOIN #owner/repo or /JOIN #orgname.
                   │09:56:13   gitter  -- | (null)
                   │09:56:13   gitter  -- | This service is still very much in Beta. To report any issues, please visit http://support.gitter.im.
                   │09:56:13   gitter  -- | (null)
                   │09:56:13   gitter  -- | Be nice, have fun
                   |
                   

From there you should be good to go - enter in the /NICK & /PASS info from irc.gitter.im

@oren
Copy link

oren commented Dec 15, 2014

the firsh SHA-1 is the fingerprint of the cert and the second is the fingerprint of the CA. I had to use the first one and now it's working. thanks!

@allcentury
Copy link
Author

Thanks @oren

@fradeve
Copy link

fradeve commented Mar 2, 2015

Moreover, this seems to work only without using the secure function in Weechat. e.g., if I put the following settings:

/secure set gitter mypassssss
/set irc.server.gitter.sasl_password "${sec.data.freenode}"

and set autoconnect and autojoin, it will not connect automatically with the server, unless the

irc.server.gitter.password

option is specified (making the sasl setting useless). Don't know if this depends on Gitter's SASL support or something else. Has anyone else experienced this?

Cheers

@bchretien
Copy link

Apparently, the port is now 6697, which can be changed afterwards with:

/set irc.server.gitter.addresses "irc.gitter.im/6697"

For new users, just add the non-default port to the /server add command.

@leoj3n
Copy link

leoj3n commented Feb 2, 2016

/server add gitter irc.gitter.im/6697 -ssl -ssl_verify -ssl_dhkey_size=1024 -password=*******************************

irc: connecting to server irc.gitter.im/6697 (SSL)...
gnutls: connected using 1024-bit Diffie-Hellman shared secret exchange
gnutls: receiving 3 certificates
  - certificate[1] info:
    - subject 'OU=Domain Control Validated,OU=Gandi Standard Wildcard SSL,CN=*.gitter.im', issuer 'C=FR,ST=Paris,L=Paris,O=Gandi,CN=Gandi Standard SSL CA 2', RSA key 2048 bits, 
               signed using RSA-SHA256, activated '2015-11-11 00:00:00 UTC', expires '2016-11-11 23:59:59 UTC', SHA-1 fingerprint 'xxxeed2243f08bf7357e9810e270f82fcb150xxx'
...
...
...
gnutls: peer's certificate is NOT trusted
gnutls: peer's certificate issuer is unknown
irc: TLS handshake failed
irc: error: Error in the certificate.

/set irc.server.gitter.ssl_fingerprint xxxeed2243f08bf7357e9810e270f82fcb150xxx

👍 Works!

@a-b
Copy link

a-b commented Mar 2, 2016

looks like final irc.config should looks like

[server]
gitter.addresses = "irc.gitter.im/6697"
gitter.ssl = on
gitter.ssl_dhkey_size = 1024
gitter.ssl_fingerprint = "fingerprint from certificate[1] info goes here"
gitter.ssl_verify = on
gitter.password = "your password"

@ches
Copy link

ches commented Dec 21, 2016

@fradeve I haven't seen anything to suggest that Gitter supports SASL, but you can still use the secure feature for the password.

As of today, I found no need to explicitly specify the fingerprint nor set -ssl_dhkey_size (which is higher than 1024 by default in my weechat version), and -ssl_verify is also on by default. So the whole thing is simplified to this:

/server add gitter irc.gitter.im -ssl
/secure set gitter mypass
/set irc.server.gitter.password ${sec.data.gitter}
/connect gitter

Copy link

ghost commented May 10, 2017

I wish one of you awsome devs would port the slack weechat script functionality to like gitter script.

@sudoforge
Copy link

@MBuchaus that could be done... but why? Gitter provides IRC functionality, shouldn't that be preferred?

@bradyt
Copy link

bradyt commented Jun 9, 2018

@sudoforge a gitter plugin for weechat could potentatially have a lot of features, such as, seeing own messages from other clients, and nick completion. wee-slack even shows when other people are typing.

@puremourning
Copy link

For the record, a lot of problems with failure to verify the ssl connection are solved in weechat by ensuring the ca certificates are configured correctly:

https://weechat.org/files/doc/devel/weechat_faq.en.html#irc_ssl_freenode

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment