I have an Ubuntu 16.04 server that runs the bip IRC proxy. Until recently, I was happily accessing bip from an Ubuntu 18.04 laptop. However, when I upgraded my laptop to Ubuntu 20.04, xchat refused to connect. This post describes how I fixed that.
xchat would display the following:
Apparently the version of OpenSSL in Ubuntu 20.04 refuses to connect to servers that use DH parameters that are too small. xchat uses OpenSSL to connect to TLS-enabled servers. The ideal fix would be to configure bip to use larger or custom DH parameters. However, the version of bip in Ubuntu 16.04 doesn’t allow this; it generates the DH parameters internally with no way to override them:-(
Instead of terminating the TLS session using bip itself, I reconfigured bip to listen on a different port on localhost in plain-text, and installed stunnel4 to terminate the TLS session and proxy it to bip.
To restart it:
To install stunnel:
To enable it, edit
To enable and stunnel: