+ngIRCd 21
+
+ - The numeric replies of some commands became split too early which
+ resulted in more numeric reply lines than necessary.
+ - Implement a new configuration option "IncludeDir" in the "[Options]"
+ section that can be used to specify a directory which can contain
+ further configuration files and configuration file snippets matching
+ the pattern "*.conf". These files are read in after the main server
+ configuration file ("ngircd.conf" by default) has been read in and
+ parsed. The default is "$SYSCONFDIR/ngircd.conf.d", so that it is
+ possible to adjust the configuration only by placing additional files
+ into this directory. (Closes bug #157)
+ - Fix use-after-free in the Lists_CheckReason() function, which is used
+ to check if a client is a member of a particular ban/invite/... list.
+ - Xcode: fix detection of host OS, vendor, and CPU type.
+ - OS X PackageMaker: use relative path names in project files and package
+ with correct file permissions (requires root privileges on "make").
+ - Add Travis-CI configuration file (".travis.yml") to project.
+ - Look for possible cloaked Masks in Lists. Users with +x usermode can
+ be banned with their cloaked hostname now.
+ - Don't read SSL client data before DNS resolver is finished which could
+ have resulted in discarding the resolved client hostname and IDENT
+ reply afterwards, because in some situations (timing dependent) the
+ NICK and USER commands could have already been read in from the client,
+ stored in the buffer, and been processed.
+ Thanks to Julian Brost for reporting the issue and testing, and to
+ Federico G. Schwindt <fgsch@lodoss.net> for helping to debug it!
+ - Increase password length limit to 64 characters. (Closes bug #154)
+ - doc/Services.txt: Update Anope status and URL.
+ - Clean up Xcode project file, remove outdated files, add missing ones.
+ - Update Doxygen configuration file.
+ - configure: search for iconv_open as well as libiconv_open, because
+ on some installations iconv_open() is actually libiconv_open().
+ iconv_open() is the glibc version while libiconv_open() is the
+ libiconv version, now both variants are supported. (Closes bug #151)
+ - ngIRCd now accepts user names including "@" characters, saves the
+ unmodified name for authentication but stores only the part in front
+ of the "@" character as "IRC user name". And the latter is how
+ ircd2.11, Bahamut, and irc-seven behave as well. (Closes bug #155)
+ - Lots of IRC "information functions" like ADMIN, INFO, ... now accept
+ server masks and names of connected users (in addition to server names)
+ for specifying the target server of the command. (Closes bug #153)
+ - Implement a new configuration option "IdleTimeout" in the "[Limits]"
+ section of the configuration file which can be used to set a timeout
+ in seconds after which the whole daemon will shutdown when no more
+ connections are left active after handling at least one client.
+ The default is 0, "never".
+ This can be useful for testing or when ngIRCd is started using "socket
+ activation" with systemd(8), for example.
+ - Implement support for systemd(8) "socket activation".
+ - contrib/README: add description for more files.
+ - Enable WHOIS to display information about IRC Services using the new
+ numeric 310(RPL_WHOISSERVICE) This numeric is used for this purpose by
+ InspIRCd, for example -- but as usual, other numerics are in use, too,
+ like 613 in UltimateIRCd ...
+ Please note that neither the Operator (+o) not the "bot status" (+B)
+ of an IRC service id displayed in the output.
+ - Exit message: use singular & plural :-)
+ - Add missing punctuation marks in log messages and adjust some
+ severity levels.
+ - AUTHORS file: Update list of contributors.
+ - Update systemd(8) example configuration files in ./contrib/ directory:
+ the "ngircd.service" file now uses the "forking" service type which
+ enhances the log messages shown by "systemctl status ngircd.service",
+ and the new "ngircd.socket" file configures a systemd socket that
+ configures a socket for ngIRCd and launches the daemon on demand.
+ - Enhance help system and the HELP command: now a "help text file" can be
+ set using the new configuration option "HelpFile" ("global" section),
+ which is read in and parsed on server startup and configuration reload,
+ and then is used to output individual help texts to specific topics.
+ Please see the file ./doc/Commands.txt for details.
+
+ngIRCd 20.2 (2013-02-15)
+
+ - Security: Fix a denial of service bug in the function handling KICK
+ commands that could be used by arbitrary users to to crash the daemon
+ (CVE-2013-1747).
+ - WHO command: Use the currently "displayed hostname" (which can be cloaked!)
+ for hostname matching, not the real one. In other words: don't display all
+ the cloaked users on a specific real hostname!
+ - configure: The header file "netinet/in_systm.h" already is optional in
+ ngIRCd, so don't require it in the configure script. Now ngIRCd can be
+ built on Minix 3 again :-)
+ - Return better "Connection not registered as server link" errors: Now ngIRCd
+ returns a more specific error message for numeric ERR_NOTREGISTERED(451)
+ when a regular user tries to use a command that isn't allowed for users but
+ for servers.
+ - Don't report ERR_NEEDMOREPARAMS(461) when a MDOE command with more modes
+ than nicknames is handled, as well as for channel limit and key changes
+ without specifying the limit or key parameters.
+ This is how a lot (all?) other IRC servers behave, including ircd2.11,
+ InspIRCd, and ircd-seven. And because of clients (tested with Textual and
+ mIRC) sending bogus MODE commands like "MODE -ooo nick", end-users got the
+ expected result as well as correct but misleading error messages ...
+ - Correctly detect when SSL subsystem must be initialized and take
+ outgoing connections (server links!) into account, too.
+ - autogen.sh: Enforce serial test harness on GNU automake >=1.13. The
+ new parallel test harness which is enabled by default starting with
+ automake 1.13 isn't compatible with our test suite.
+ And don't use "egrep -o", instead use "sed", because it isn't portable
+ and not available on OpenBSD, for example.
+
+ngIRCd 20.1 (2013-01-02)
+
+ - Allow ERROR command on server and service links only, ignore them and
+ add a penalty time on all other link types.
+ - Enforced mode setting by IRC Operators: Only check the channel user
+ modes of the initiator if he is joined to the channel and not an IRC
+ operator enforcing modes (which requires the configuration option
+ "OperCanUseMode" to be enabled), because trying to check channel user
+ modes of a non-member results in an assertion when running with debug
+ code or could crash the daemon otherwise. This closes bug #147, thanks
+ to James Kirwill <james.kirwill@bk.ru> for tracking this down!
+ - Fix build system to cope with spaces in path names.
+ - Code cleanups, mostly to fix build warnings on Cygwin.
+
+ngIRCd 20 (2012-12-17)
+
+ - Allow user names ("INDENT") up to 20 characters when ngIRCd has not
+ been configured for "strict RFC mode". This is useful if you are using
+ external (PAM) authentication mechanisms that require longer user names.
+ Patch suggested by Brett Smith <brett@w3.org>, see
+ <http://arthur.barton.de/pipermail/ngircd-ml/2012-October/000579.html>.
+
+ ngIRCd 20~rc2 (2012-12-02)
+ - Rework cloaked hostname handling and implement the "METADATA cloakhost"
+ subcommand: Now ngIRCd uses two fields internally, one to store the
+ "real" hostname and one to save the "cloaked" hostname. This allows
+ "foreign servers" (aka "IRC services") to alter the real and cloaked
+ hostnames of clients without problems, even when the user itself issues
+ additional "MODE +x" and "MODE -x" commands.
+ - RPL_UMODEIS: send correct target name, even on server links.
+ - Update platformtest.sh to follow autoconf changes and only generate
+ the "configure" script when it is missing.
+ - Fix the test suite to correctly execute test scripts even when stdout
+ is redirected.
+ - Fix some compiler warnings on NetBSD and OpenBSD.
+
+ ngIRCd 20~rc1 (2012-11-11)
+ - Update doc/Services.txt: describe the upcoming version of Anope 1.9.8,
+ then including a protocol module for ngIRCd. And remove our own patches
+ in ./contrib/Anope because they aren't supported any more ...
+ - Implement new "METADATA" command which can be used by remote servers
+ and IRC services to update client metadata like the client info text
+ ("real name"), user name, and hostname, and use this command to
+ configure an cloaked hostname (user mode "+x") on remote servers:
+ This prevents "double cloaking" of hostnames and even cloaked
+ hostnames are in sync on all servers supporting "METADATA" now.
+ - Fix error message when trying to join non-predefined channels and the
+ "PredefChannelsOnly" configuration option is set.
+ - Implement new IRC "SVSNICK" command to allow remote servers (and IRC
+ services) to change nicknames of already registered users. The SVSNICK
+ command itself doesn't change the nickname, but it becomes forwarded
+ to the server to which the user is connected to. And then this server
+ initiates the real nickname changing using regular NICK commands.
+ This allows to run mixed networks with old servers not supporting the
+ SVSNICK command, because SVSNICK commands for nicknames on such servers
+ are silently ignored and don't cause a desynchronization of the network.
+ - Make server reconnect time a little bit more random, so that two
+ servers trying to connect to each other asynchronously don't try this
+ in exactly the same time periods and kick each other off ...
+ - Don't accept connections for servers already being linked: there was a
+ time frame that could result in one connection overwriting the other,
+ e. g. the incoming connection overwriting the status of the outgoing
+ one. And this could lead to all kind of weirdness (even crashes!) later
+ on: now such incoming connections are dropped.
+ - New configuration option "MaxListSize" to configure the maximum number
+ of channels returned by a LIST command. The default is 100, as before.
+ - Implement user mode "b", "block messages": when a user has set mode "b",
+ all private messages and notices to this user are blocked if they don't
+ originate from a registered user, an IRC Op, server or service. The
+ originator gets an error numeric sent back in this case,
+ ERR_NONONREG_MSG (486), which is used by UnrealIRCd, too. (Closes #144)
+ - WHOIS: Not only show RPL_WHOISHOST_MSG to local IRC operators, but show
+ it to all IRC operators in the network. And don't show it to anybody if
+ the "more privacy" configuration option is enabled. (Closes #134)
+ - Test suite: make expect scripts more verbose displaying dots for each
+ reply of the server that it is waiting for.
+ - WHOIS: Implement numeric RPL_WHOISMODES_MSG (379) and show user modes in
+ the reply of the WHOIS command for the user himself or, if MorePrivacy
+ isn't set, for request initiated by an IRC operator. (Closes #129)
+ - Implement channel mode "V" (invite disallow): If the new channel mode
+ "V" is set, the INVITE command becomes invalid and all clients get the
+ new ERR_NOINVITE_MSG (518) reply. (Closes #143)
+ - KICK-protect IRC services.
+ - Implement channel mode "Q" and user mode "q": Both modes protect users
+ from channel kicks: only IRC operators and servers can kick users having
+ mode "q" or in channels with mode "Q". (Closes #141)
+ - Debian: require "telnet" or "telnet-ssl" for building and enable
+ CHARCONV in ngircd-full[-dbg] variants.
+ - Send RPL_REHASHING (382) numeric if a REHASH command was accepted.
+ - Fix spelling and variable names in some log messages.
+ - Allow users to "cloak" their hostname only when the configuration
+ variable "CloakHostModeX" (introduced in 19.2) is set. Otherwise, only
+ IRC operators, other servers, and services are allowed to set the user
+ mode "+x": this prevents regular users from changing their hostmask to
+ the name of the IRC server itself, which confused quite a few people ;-)
+ (Closes #133)
+ - New configuration option "OperChanPAutoOp": If disabled, IRC operators
+ don't become channel operators in persistent channels when joining.
+ Enabled by default, which has been the behavior of ngIRCd up to this
+ patch. (Closes #135)
+ - Allow IRC operators to see secret (+s) channels in LIST command as long
+ as the "MorePrivacy" configuration option isn't enabled in the
+ configuration file. (Closes #136)
+ - Enhance build system: Support new (>=1.12) and old (<=1.11) GNU automake
+ versions, update checks for required and optional features, enable
+ colored test output of automake (if available), rename configure.in to
+ more modern configure.ac, include .mailmap and all build-system files in
+ distribution archives and no longer require a GIT tree to detect the
+ correct version string.
+ - Update documentation: add doc/Contributing.txt and include version
+ numbers in doc/Modes.txt.
+ - Free all listen ports on initialization: now listen ports can be
+ reconfigured on runtime using a configuration reload.
+ - Initialize SSL when needed only, and disable SSL on errors.
+ - Implement new (optional) IRC+ "CHARCONV" command to set a client
+ character set that the server translates all messages to/from UTF-8.
+ This feature requires the "libiconv" library and must be enabled using
+ the new "--with-iconv" option of the ./configure script. See
+ doc/Protocol.txt for details. (Closes #109)
+ - Allow limited punctuation in usernames, for better PAM integration.
+ - Correctly re-initialize signal handlers on RESTART commands.
+ - Show a warning on startup if the configuration file is not a full path:
+ ngIRCd is a long-running process and changes its working directory to
+ "/" to not block mounted filesystems and the like when running as daemon
+ ("not in the foreground"); therefore the path to the configuration file
+ must be relative to "/" (or the chroot() directory), which basically is
+ "not relative", to ensure that "kill -HUP" and the "REHASH" command work
+ as expected later on. (Closes #127)
+ - Make the "&SERVER" channel definable in a [Channel] configuration block,
+ which enables server operators to overwrite the built-in topic and
+ channel modes. (Closes #131)
+ - Don't limit list size of "WHO #channel" commands, because it makes no
+ sense to not return all the users in that channel, so I removed the
+ check. But if there are more than MAX_RPL_WHO(25) replies, the client
+ requesting the list will be "penalized" one second more, then 2 in
+ total. (Closes #125)
+ - Make ngIRCd buildable using the kqueue() IO interface on FreeBSD 4.x.
+ - Fix the "NoticeAuth" configuration option when using SSL connections and
+ enhance the message to show the hostname and IDENT reply of the client.
+ - Introduce numeric RPL_HOSTHIDDEN_MSG (396): This numeric is sent to the
+ client each time it changes its displayed hostname using "MODE +/-x",
+ and if "CloakHost" is set right after the MOTD has been sent.
+ - Fix USERHOST not displaying the correctly cloaked hostname.
+ - Implement user mode "B" ("Bot flag"): it is settable and unsettable by
+ every (non-restricted) client. This is how Unreal and InspIRCd do
+ behave, and so do we :-)
+ - Dynamically allocate memory for connection passwords: This a) saves
+ memory for clients not using passwords at all and b) allows for
+ "arbitrarily" long passwords.
+ - Implement channel mode "M": Only the server, identified users and IRC
+ operators are able to talk in such a channel.
+ - Block nicknames that are reserved for services and are defined using the
+ configuration variable "ServiceMask" in "Server" blocks; And this
+ variable now can handle more than one mask separated by commas.
+ - Now "make uninstall" removes the installed "ngircd.conf" file, if it is
+ still equal to our "sample-ngircd.conf" file and therefore hasn't been
+ modified by the user. If it has been modified, it isn't removed and a
+ notice is displayed to the user. And "make install" now displays a
+ message when no ngircd.conf file exists and the "sample-ngircd.conf"
+ file will be installed as a starting point.
+ - Add contrib/ngircd.service, a systemd service file for ngircd.
+ - Implemented XOP channel user modes: "Half Op" ("+h", prefix "%") can set
+ the channel modes +imntvIbek and kick all +v and normal users; "Admin"
+ ("+a", prefix "&") can set channel modes +imntvIbekoRsz and kick all +o,
+ +h, +v and normal users; and "Owner" ("+q", prefix "~") can set channel
+ modes +imntvIbekoRsz and kick all +a, +o, +h, +v and normal users.
+ - Implement hashed cloaked hostnames for both the "CloakHost" and
+ "CloakHostModeX" configuration options: now the admin can use the new
+ '%x' placeholder to insert a hashed version of the clients hostname,
+ and the new configuration option "CloakHostSalt" defines the salt for
+ the hash function. When "CloakHostSalt" is not set (the default), a
+ random salt will be generated after each server restart. (Closes #133)
+
+ngIRCd Release 19.2 (2012-06-19)
+
+ - doc/Capabilities.txt: document "multi-prefix" capability
+
+ ngIRCd 19.2~rc1 (2012-06-13)
+ - New configuration option "CloakHostModeX" to configure the hostname
+ that gets used for IRC clients which have user mode "+x" enabled.
+ Up to now, the name of the IRC server itself has been used for this,
+ which still is the default when "CloakHostModeX" isn't set.
+ - Correctly handle asynchronously re-established server links: a race
+ condition could let the daemon loose track of an already re-established
+ incoming server link while preparing its own outgoing connection.
+ Peers that both try to connect each other could have been affected.
+ - Log a debug message when SIGUSR2 is handled in debug mode.
+ - Only allow alphanumeric characters in user-supplied user names of
+ USER command and IDENT replies.
+ - Change wording of "TLS initialized" message to make it more consistent.
+ - Don't leak file descriptors on error path when creating "PID files".
+ - Add missing mode "r" to CHANMODES in 005 "ISUPPORT" numeric.
+ - Update doc/Modes.txt and doc/Platforms.txt documents.
+ - contrib/platformtest.sh: correctly detect Open64 C compiler and handle
+ "CC=xxx MAKE=yyy ./platformtest.sh" calling convention.
+ - Add instructions for setting up Atheme IRC services.
+ - Implement support for IRC capability handling, the new "CAP" command,
+ and capablity "multi-prefix" which allows both the NAME and WHO command
+ handlers to return more than one "class prefix" to the client.
+ - Update Xcode project files: reference missing documentation files.
+ - Fix: Don't ignore "permission denied" errors when enabling chroot.
+ - FAQ: enhance description of chroot setup.
+
+ngIRCd Release 19.1 (2012-03-19)
+
+ - Fix gcc warning (v4.6.3), initialize "list" variable to NULL.
+ - Fix typos: "recieved" -> "received", "Please not" -> "Please note",
+ and fix lintian(1) warning ""hyphen-used-as-minus-sign", too.
+ - Really include _all_ patches to build the Anope module into the
+ distribution archive ... ooops!
+ - getpid.sh: Fix test case error for Debian using sbuild(1).
+ - Don't log "ngIRCd hello message" two times when starting up.
+
+ngIRCd Release 19 (2012-02-29)
+
+ - Update build system: bump config.guess and config.sub files used by
+ GNU autoconf/automake to recent versions.
+ - Fix configuration file parser: don't accept "[SSL]" blocks in the
+ configuration file when no SSL support is built in ngIRCd.
+ - Fix building ngIRCd with old gcc versions (e. g. 2.7.2).
+ - Correctly re-open syslog logging after reading of configuration
+ file: Syslog logging has been initialized before reading the
+ configuration, so ngIRCd always used the default facility and ignored
+ the "SyslogFacility" configuration option ...
+ Thanks to Patrik Schindler for reporting this issue!