ngIRCd - Next Generation IRC Server
http://ngircd.barton.de/
- (c)2001-2013 Alexander Barton and Contributors.
+ (c)2001-2015 Alexander Barton and Contributors.
ngIRCd is free software and published under the
terms of the GNU General Public License.
-- ChangeLog --
-ngIRCd 21
-
+ngIRCd 22.1 (2015-04-06)
+
+ - Update doc/Platforms.txt and doc/FAQ.txt.
+ - Fix spelling of RPL_WHOISBOT message text.
+ - Don't send nick name as default PART reason: No other IRC daemon seems
+ to do this (today?). Closes #185.
+ Reported by Cahata in #ngircd, thanks!
+ - Fix "WHO #<chan>" showing invisible users and hiding all visible, the
+ logic was reversed! This bug has been introduced by commit c74115f2,
+ "Simplify mode checking on channels and users within a channel", ngIRCd
+ releases 21, 21.1, and 22 are affected :-( Problem reported by Cahata
+ in #ngircd, Thanks!
+ - Fix typo in src/testsuite/README
+ - Auth PING: Fix our information text for manual sending of "PONG". Up to
+ now, ngIRCd doesn't send a valid IRC command at all, oops!
+ - Auth PING: Fix internal time stamp conversion and don't send a prefix in
+ our PING command. The prefix confuses WeeChat, at least, which doesn't
+ send an appropriate PONG in the case ...
+ Debugging and patch by "wowaname" on #ngircd, thanks!
+ - Fix syntax of ERR_LISTFULL_MSG(478) numeric. Pointed out by "wowaname"
+ in #ngircd, thanks!
+ - Enhance debug messages while sending CHANINFO commands.
+ - Reset "last try" timer when enabling a passive server. This results in
+ a new connection attempt as soon as possible.
+ - Change log message for "Can't resolve address" and for IP address
+ forgeries.
+ - doc/HowToRelease.txt: Add note about the bug tracker.
+ - Update "CipherList" to not enable SSLv3 by default. Idea, initial patch,
+ and testing by Christoph Biedl <ngircd.anoy@manchmal.in-ulm.de>.
+ - Change ngIRCd test suite not to use DNS lookups: Different operating
+ systems do behave quite differently when doing DNS lookups, for example
+ "127.0.0.1" sometimes resolves to "localhost" and sometimes to
+ "localhost.localdomain" (for example OpenBSD). And other OS resolve
+ "localhost" to the real host name (for example Cygwin). So not using
+ DNS at all makes the test site much more portable.
+
+ngIRCd 22 (2014-10-11)
+
+ - Match all list patterns case-insensitive: this affects the invite-,
+ ban-, and except lists, as well as G-Lines an K-Lines.
+ Problem pointed out by "wowaname" on #ngircd, thanks!
+
+ ngIRCd 22~rc1 (2014-09-29)
+ - Sync "except lists" between servers: Up to now, ban, invite, and G-Line
+ lists have been synced between servers while linking -- but obviously
+ nobody noticed that except list have been missing ever since. Until now.
+ Thanks to "j4jackj", who reported this issue in #ngircd.
+ - Allow longer user names (up to 63 characters) for authentication.
+ - Correctly check that a server has a valid hostname and port, thanks to
+ David Binderman <dcb314@hotmail.com> who reported this bug.
+ - Fix the function which generates complete "IRC masks" from user input,
+ don't destroy the source buffer and use all provided parts (nick, user,
+ host name). This fixes GLINEs/KLINEs from not working in some situations.
+ - Increase MAX_SERVERS from 16 to 64: There are installations out there
+ that would like to configure more than 16 links per server, so increase
+ this limit. Best would be to get rid of MAX_SERVERS altogether and make
+ if fully dynamic, but start with this quick and dirty hack ...
+ - Debian: Don't adjust path names that are correct by default and correctly
+ set and use "docdir".
+ - Update config.guess and config.sub to recent versions.
+ - Test suite/platformtest.sh: Detect when tests have been skipped.
+ - doc/Bopm.txt: Update "connregex" and "kline" for current ngIRCd.
+ - Allow "DefaultUserModes" to set all possible modes, including modes only
+ settable by IRC Operators.
+ - Spoofed prefixes: Really kill connection on non-server links.
+ - Implement user mode "F": "relaxed flood protection". Clients with mode
+ "F" set are allowed to rapidly send data to the daemon. This mode is only
+ settable by IRC Operators and can cause problems in the network -- so be
+ careful and only set it on "trusted" clients!
+ User mode "F" is used by Bahamut for this purpose, for example.
+ - Handle "throttling" in a single function: ngIRCd implements "command
+ throttling" and "bps throttling" (bytes per second). The states are
+ detected in different functions, Conn_Handler() and Read_Request(), but
+ handle the actual "throttling" in a common function: this enables us to
+ guarantee consistent behavior and to disable throttling for special
+ connections in only one place
+ - Use server password when PAM is compiled in but disabled.
+ - Streamline punctuation of log messages.
+ - Return ISUPPORT(005) numerics on "VERSION". This is how ircd-seven,
+ Charybdis, Hybrid, and InspIRCd behave, for example.
+ - configure: Only link "contrib/Debian" if it exists, which isn't the case
+ on "VPATH builds", for example.
+ - Show the account name in WHOIS. This uses the same numeric as Charybdis
+ and ircu families: WHOISLOGGEDIN(330).
+ - Pattern matching: Remove "range matching" in our pattern matching code
+ using the "[...]" syntax, because [ and ] are valid characters in nick
+ names and one has to quote them currently using the "\" character, which
+ is quite unexpected for users.
+ - platformtest.sh: New option "-x", don't regenerate build system and
+ allow using separate source and build trees.
+ - Test suite: explicitly enable glibc memory checking.
+ - Make "MODE -k" handling more robust and compatible, send "fake '*' key"
+ in all replies.
+ - Update configure.ng: ngIRCd requires GNU autoconf 2.61 for generating its
+ build system, so update the build system accordingly and implement all
+ changes that autoupdate(1) suggests: Update AC_PREREQ and AC_INIT, use
+ AC_LINK_IFELSE, AC_RUN_IFELSE, and AC_COMPILE_IFELSE, and remove
+ AC_TYPE_SIGNAL (we don't use RETSIGTYPE).
+ - portabtest: Actually test the functions snprintf(), strlcpy(), strlcat(),
+ and vsnprintf() for correctness, not only existence (which was quite
+ useless, because if they weren't available, the program could not have
+ been linked at all ...).
+ - Implement new configuration option "Network": it is used to set the
+ (completely optional) "network name", to which this instance of the
+ daemon belongs. When set, this name is used in the ISUPPORT(005) numeric
+ which is sent to all clients connecting to the server after logging in.
+ - Update doc/Platforms.txt.
+ - Various code cleanups, remove unused code, streamline error handling.
+ Remove all imp.h and exp.h header files, support non-standard vsnprintf()
+ return codes, and fix some K&R C portability issues. Streamline
+ DEBUG_ARRAY, DEBUG_BUFFER, DEBUG_IO, DEBUG_ZIP definitions.
+ - Increase penalty time to 10 seconds when handling OPER commands with an
+ invalid password.
+
+ngIRCd 21.1 (2014-03-25)
+
+ - Don't ignore but use the server password when PAM is compiled in but
+ disabled. Thanks to Roy Sindre Norangshol <roy.sindre@norangshol.no>!
+ - doc/Platforms.txt: Update from master branch.
+ - Really kill connections that send "spoofed prefixes" on non-server links.
+ This fixes commit 6cbe1308 which only killed the connection when the
+ spoofed prefix itself belonged to a non-server client.
+ - CHARCONV command: Fix handling conversion errors, don't overwrite already
+ converted text!
+ - doc/Services.txt: Update information for Anope 2.x.
+ - Correctly use cloaked IRC masks on "INVITE nickname": The cloaked IRC mask
+ of a user is his visible mask, so the daemon has to use it for generating
+ the "one time" entries for the invite list of the given channel, and not
+ the "real" mask which will never match while the target client is "+x", and
+ even worse, will disclose the real mask on "MODE #channel +I" commands :-/
+ Bug reported by Cahata on #ngircd, thanks!
+ - configure: Only link "contrib/Debian" if it exists. This isn't the case on
+ "VPATH builds", for example.
+ - Use $(MKDIR_P) instead of $(mkinstalldirs) in Makefile's and test for
+ "mkdir -p" using AC_PROG_MKDIR_P in "configure".
+ - Fix configure script and "make check" for TCP Wrappers (problems spotted on
+ OpenBSD): add missing #include's and static variables, and add libwrap at
+ the end of the configure run because if libwrap becomes added earlier,
+ other tests may fail.
+ - configure: add support for the LDFLAGS_END and LIBS_END variables to add
+ linker flags and libraries at the end of the configure run (CFLAGS_END has
+ been implemented already).
+ - platformtest.sh and Makefile.am: Don't use "test -e", it isn't portable.
+ - Update Copyright notices for 2014 :-)
+ - Fix permanent {G|K}LINES (with a timeout of 0 seconds).
+ - WEBIRC: Don't set the hostname received by the WEBIRC command when DNS
+ lookups are disabled, but use the IP address instead.
+ Reported by Toni Spets <toni.spets@iki.fi>, thanks!
+ - Check for working getaddrinfo() function: At least AIX 4.3.3 and 5.1 have a
+ broken implementation of getaddrinfo() which doesn't handle "0" as numeric
+ service correctly. This patch adds a configure check for this case and
+ changes all calling functions to only use getaddrinfo() if it "works".
+ See <http://www.stacken.kth.se/lists/heimdal-discuss/2004-05/msg00059.html>
+ - Only use the unsetenv() function when it is available (AIX 4.3 doesn't
+ support it, for example).
+ - Make sure that the source code is still compatible with the "ansi2knr" tool
+ and builds using non-ANSI K&R C compilers. Tested with Apple C on A/UX.
+ - Fix building ngIRCd without support for ZLIB compression. Reported by
+ "der_baer" on #ngircd, thanks!
+
+ngIRCd 21 (2013-10-30)
+
+ - ./contrib/Debian/ngircd.init: Make sure no stale PID file is left over
+ when (re-)starting ngIRCd.
+ - Change ./contrib/platformtest.sh and update ./doc/Platforms.txt to
+ allow user names up to 8 characters.
+ - Call arc4random_stir() in forked subprocesses, when available. This
+ is required by FreeBSD <10 and current NetBSD at least to correctly
+ initialize the "arc4" random number generator on these platforms.
+ - Update our own Debian package configuration and fix the default path
+ of the "HelpFile" of the "full" package variants.
+
+ ngIRCd 21~rc2 (2013-10-20)
+ - Report the correct configuration file name on configuration errors,
+ support longer configuration lines, and warn when lines are truncated.
+ - Use arc4random() function to generate "random" numbers, when available.
+ - platformtest.sh: Detect clang compiler, and clean up GIT source tree
+ before building (when possible).
+ - Update (date of) manual pages.
+ - Update "Upgrade Information" in INSTALL file, add more systems to
+ doc/Platforms.txt, and fix spelling in NEWS and ChangeLog files =:)
+ - Fix remaining compiler warnings on OpenBSD.
+
+ ngIRCd 21~rc1 (2013-10-05)
+ - Actually KILL clients on GLINE/KLINE. (Closes bug #156)
+ - Adjust log messages for invalid and spoofed prefixes, which cleans up
+ logging of commands related to already KILL'ed clients. And don't
+ forward KILL commands for (already) unknown clients any more to prevent
+ unnecessary duplicates.
+ - Add support to show all user links using the "STATS L" (uppercase)
+ command (restricted to IRC Operators).
+ - Fixed blocking of server reconnects in some error configurations.
+ - Don't ignore SSL-related errors during startup any more: abort startup
+ when SSL is requested by the configuration but can't be initialized and
+ don't continue only listening on plain text communication ports.
+ (Closes bug #163)
+ - Implement configurable SSL cipher list selection for GnuTLS and OpenSSL
+ using the new configuration option "CipherList". In addition, this
+ changes the defaults to more secure values: "HIGH:!aNULL:@STRENGTH" for
+ OpenSSL, and "SECURE128" for GnuTLS.
+ - Fix "TRACE": Correctly return ERR_NEEDMOREPARAMS(461) (which basically
+ is "syntax error") when there are too many parameters.
+ - Clean up lots of permission and parameter checks in functions handling
+ IRC commands; and more consistently add penalty times on errors.
+ - Fix error numeric of WHOIS when no nick name has been provided:
+ as per RFC it should be ERR_NONICKNAMEGIVEN(431).
+ - Only log "IDENT ... no result" messages when an IDENT looked took place
+ and didn't return any data, not when IDENT has been disabled.
+ - Show connection flag "s" (SSL) in RPL_TRACE{LINK|SERVER} messages: now
+ you can check if a server-to-server link is SSL-encrypted or not using
+ the IRC "TRACE" command.
+ - Correctly discard supplementary groups on server startup.
+ - Save client IP address text for "WebIRC" users and correctly display
+ it on WHOIS, for example. (Closes bug #159)
+ - Implement the new configuration option "DefaultUserModes" which lists
+ user modes that become automatically set on new local clients right
+ after login. Please note that only modes can be set that the client
+ could set on itself, so you can't set "a" (away) or "o" (IRC Op),
+ for example! User modes "i" (invisible) or "x" (cloaked) etc. are
+ "interesting", though. (Closes bug #160)
+ - Add support for the new METADATA "account" property, which allows
+ services to automatically identify users after netsplits and across
+ service restarts.
- Enforce "penalty times" on error conditions more consistently and in
more places. Now most error codes sent back from the IRC server to the
client should result in a 2 second "penalty".
If set to the empty string, local clients can't create new channels at
all, which equals the old "PredefChannelsOnly = yes" setting.
This change deprecates the "PredefChannelsOnly" variable, too, but it is
- still supported and translated to the apropriate "AllowedChannelTypes"
+ still supported and translated to the appropriate "AllowedChannelTypes"
setting. When the old "PredefChannelsOnly" variable is processed, a
warning message is logged. (Closes bug #152)
- Add support for "client certificate fingerprinting". When a client
into this directory. (Closes bug #157)
- Fix use-after-free in the Lists_CheckReason() function, which is used
to check if a client is a member of a particular ban/invite/... list.
- - Xcode: fix detection of host OS, vendor, and CPU type.
+ - Xcode: fix detection of host OS, vendor, and CPU type, and update
+ project settings for Xcode 5.
- OS X PackageMaker: use relative path names in project files and package
with correct file permissions (requires root privileges on "make").
- Add Travis-CI configuration file (".travis.yml") to project.
- - Look for possible cloaked Masks in Lists. Users with +x usermode can
+ - Look for possible cloaked Masks in Lists. Users with +x user mode can
be banned with their cloaked hostname now.
- Don't read SSL client data before DNS resolver is finished which could
have resulted in discarding the resolved client hostname and IDENT
InspIRCd, for example -- but as usual, other numerics are in use, too,
like 613 in UltimateIRCd ...
Please note that neither the Operator (+o) not the "bot status" (+B)
- of an IRC service id displayed in the output.
+ of an IRC service is displayed in the output.
- Exit message: use singular & plural :-)
- autogen.sh: Check for autoconf/automake wrapper scripts
- Add missing punctuation marks in log messages, adjust some severity
and then is used to output individual help texts to specific topics.
Please see the file ./doc/Commands.txt for details.
+ngIRCd 20.3 (2013-08-23)
+
+ - Security: Fix a denial of service bug (server crash) which could happen
+ when the configuration option "NoticeAuth" is enabled (which is NOT the
+ default) and ngIRCd failed to send the "notice auth" messages to new
+ clients connecting to the server (CVE-2013-5580).
+
ngIRCd 20.2 (2013-02-15)
- Security: Fix a denial of service bug in the function handling KICK
the hash function. When "CloakHostSalt" is not set (the default), a
random salt will be generated after each server restart. (Closes #133)
-ngIRCd Release 19.2 (2012-06-19)
+ngIRCd 19.2 (2012-06-19)
- doc/Capabilities.txt: document "multi-prefix" capability
- Fix: Don't ignore "permission denied" errors when enabling chroot.
- FAQ: enhance description of chroot setup.
-ngIRCd Release 19.1 (2012-03-19)
+ngIRCd 19.1 (2012-03-19)
- Fix gcc warning (v4.6.3), initialize "list" variable to NULL.
- Fix typos: "recieved" -> "received", "Please not" -> "Please note",
- getpid.sh: Fix test case error for Debian using sbuild(1).
- Don't log "ngIRCd hello message" two times when starting up.
-ngIRCd Release 19 (2012-02-29)
+ngIRCd 19 (2012-02-29)
- Update build system: bump config.guess and config.sub files used by
GNU autoconf/automake to recent versions.
asynchronous nature of the IRC protocol. So don't break server-
links, only log a message and ignore the command. (Closes #113)
-ngIRCd Release 18 (2011-07-10)
+ngIRCd 18 (2011-07-10)
- Update timestamp of ngircd(8) manual page.
- Add preliminary ngIRCd protocol module for Anope 1.9 to contrib/Anope/.
only relevant when a trusted server on a server-server link sends invalid
commands).
-ngIRCd Release 17.1 (2010-12-19)
+ngIRCd 17.1 (2010-12-19)
- --configtest: remember if MOTD is configured by file or phrase
- Enhance log messages when establishing server links a little bit
- New numeric 329: get channel creation time on "MODE #chan" commands
- Save channel creation time; new function Channel_CreationTime()
-ngIRCd Release 17 (2010-11-07)
+ngIRCd 17 (2010-11-07)
- doc: change path names in sample-ngircd.conf depending on sysconfdir
- Fix up generation and distribution of sample-ngircd.conf
- Fix "beeing" typo ...
- SSL/TLS: fix bogus "socket closed" error message.
-ngIRCd Release 16 (2010-05-02)
+ngIRCd 16 (2010-05-02)
- doc/SSL: remove line continuation marker
every channel, and c) remote clients using a server not supporting this
mode are not checked either and therefore always allowed to join.
-ngIRCd Release 15 (2009-11-07)
+ngIRCd 15 (2009-11-07)
- "ngircd --configtest": print SSL configuration options even when unset.
- Fix a few error handling glitches for SSL/TLS connections.
- Minor fixes to manual pages and documentation.
-ngIRCd Release 14.1 (2009-05-05)
+ngIRCd 14.1 (2009-05-05)
- Security: fix remotely triggerable crash in SSL/TLS code.
- BSD start script contrib/ngircd.sh has been renamed to ngircd-bsd.sh.
- Fix server list announcement.
- Do not remove host names from info text.
-ngIRCd Release 14 (2009-04-20)
+ngIRCd 14 (2009-04-20)
- Display IPv6 addresses as "[<addr>]" when accepting connections.
- Fix handling of channels containing dots.
(closes ug #93, reported by Gonosz Csiga)
-ngIRCd Release 13 (2008-12-25)
+ngIRCd 13 (2008-12-25)
- Updated documentation, especially doc/Services.txt and doc/SSL.txt.
- Make the test suite work on OpenSolaris.
ngIRCd 0.11.0-pre2 (2008-01-07)
- SECURITY: IRC_PART could reference invalid memory, causing
ngircd to crash [from HEAD]. (CVE-2008-0285)
-
+
ngIRCd 0.11.0-pre1 (2008-01-02)
- Use dotted-decimal IP address if host name is >= 64.
- Add support for /STAT u (server uptime) command.
- SECURITY: IRC_PART could reference invalid memory, causing
ngircd to crash [from HEAD]. (CVE-2008-0285)
-
+
ngIRCd 0.10.3 (2007-08-01)
- SECURITY: Fixed a severe bug in handling JOIN commands, which could
- Documentation is now installed in $(datadir)/doc/ngircd.
- Enhanced handling of NJOIN in case of nick collisions.
-ngIRCd 0.6.1, 2003-01-21
+ngIRCd 0.6.1 (2003-01-21)
- Fixed KILL: you can't crash the server by killing yourself any more,
ngIRCd no longer sends a QUIT to other servers after the KILL, and you
Older changes (sorry, only available in german language):
-ngIRCd 0.6.0, 2002-12-24
+ngIRCd 0.6.0, 24.12.2002
- ngIRCd 0.6.0-pre2, 2002-12-23
+ ngIRCd 0.6.0-pre2, 23.12.2002
- neuer Numeric 005 ("Features") beim Connect.
- LUSERS erweitert: nun wird die maximale Anzahl der lokalen und globalen
Clients, die dem Server bzw. im Netzwerk seit dem letzten (Re-)Start
dem Server gleichzeitig bekannt waren, angezeigt.
- ngIRCd 0.6.0-pre1, 2002-12-18
+ ngIRCd 0.6.0-pre1, 18.12.2002
- beim Schliessen einer Verbindung zeigt der Server nun vor dem ERROR
noch eine Statistik ueber die empfangene und gesendete Datenmenge an.
- der Server wartet bei einer eingehenden Verbindung nun laenger auf den
ngIRCd 0.5.4, 24.11.2002
- - Fehler-Handling von connect() gefixed: der Server kann sich nun auch
+ - Fehler-Handling von connect() gefixed: der Server kann sich nun auch
unter A/UX wieder zu anderen verbinden.
- in den Konfigurationsvariablen ServerUID und ServerGID kann nun nicht
nur die numerische ID, sondern auch der Name des Users bzw. der Gruppe
- ADMIN-Befehl implementiert. Die Daten hierzu werden in der Konfig-Datei
im [Global]-Abschnitt mit den Variablen "AdminInfo1", "AdminInfo2" und
"AdminEMail" konfiguriert.
-
+
ngIRCd 0.4.3, 11.06.2002
- Bei PRIVMSG und NOTICE hat der ngIRCd nicht ueberpruft, ob das Ziel
projects / ngircd-alex.git / blobdiff