What is Charybdis?
Charybdis is a scalable IRC server used on many large IRC networks. It is customizable using extension modules, features excellent documentation and has built-in synflood mitigations. Find out more.
We have released a maintenance release for the charybdis 3.5 branch, improving STARTTLS support for non-OpenSSL backends and providing relevant security patches up to May 14, 2016.
We have released a maintenance release for the charybdis 3.5 branch, mainly importing improvements concerning ssld’s robustness as well as adding support for building with GNUTLS 3.4.
Since the inception of ircd (the late 80’s), ident and DNS lookups have been done in the ircd process. In almost every ircd 2.7 (ircu/snircd) or 2.8 (hybrid/ratbox/charybdis/dreamforge/unreal/bahamut/etc.) derivative, they are still done in the main ircd (though ratbox moved DNS to its own daemon). Obviously they’ve all undergone iterations over the years (such as removal of the DNS cache from hybrid before the ratbox fork, and the way idents are checked has been tweaked in most IRC daemons), but overall the architecture is essentially unchanged.
DECLARE_MODULE_AV1has been the way that the symbol for the module header has been created. It has stayed stable throughout 10 years of its existence in Charybdis and longer in Ratbox.
The IRCv3 working group have committed to transitioning IRC from plaintext to TLS with the 3.3 release. They plan to do this using an extension called “IRCv3 Strict Transport Security”, which will use the capability negotiation mechanism to notify clients to switch to TLS mode. In general, we agree with the goal of transitioning IRC to TLS in 2016, but we question whether STS is a sufficient transition mechanism, as well as whether or not it should be included in core or instead as an extension. This post will describe an alternative transition plan which encourages TLS usage by inverting the functionality of the secure-only (
+S) channel mode, and should serve as the recommended transition plan for operators of charybdis networks. The eventual TLS transition has been discussed with the charybdis network operator community at large for several years.
The charybdis team is proud to announce the charybdis 3.5 release series.