Starting yesterday (Thursday March 2nd, 2017) at around 20:00EST (UTC-0500), the InIRC network witnessed a major netsplit, as one of the servers ( It is still unclear the exact cause(s) of the netsplits. The ircd (Charybdis) is not very well maintained anymore and the main development branch (“Charybdis 4”) has actually been abandoned upstream. It could also be that the Charybdis upgrades performed on Feb. 28th were the cause of some of the problems. The following day, starting at around 10:00EST, many different solutions were tried, but in the end the solution was to revert the configuration files to how they were before the refactoring. This was done using One of the side-effects of the Charybdis upgrade is that TLSv1.0 is deprecated. If you are running on older platforms, you may run into problems negociating TLS connexions. Make sure your client support at least TLSv1.1. We have had reports of issues with stunnel on Debian 6 “wheezy” and a hardcoded A positive effect of the upgrades is that CertFP should now work on all servers. Remaining issues: Solutions: A detailed chatlog of the operations is attached for future reference and details. |
|
an update on this: I have managed to build charybdis against mbedtls, and in a jessie backport too. directives are here: we.riseup.net/ircd/charybdis-maintenance the package is in my home on chat0 and che. the two servers link well now, but can’t link against chat1, presumably because of the bug in gnutls. we need to figure out how to migrate over the new servers now, since we can’t link them anymore… i guess we need to flip the switch? comments? |
|
final update on this: the servers were all upgraded to latest charybdis with mbedtls recently, and the network is all cross-linked again, whee! |
|