X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd-alex.git;a=blobdiff_plain;f=ChangeLog;h=0ff0245b1d798492707035ce723422523e7337ae;hp=99208ede0b4f872428f830a763deb440da065412;hb=e954b59d414fb32b89291514d0d690c9ebabba49;hpb=cb3a4321a23143f310d06dab4b65dc86998ed770 diff --git a/ChangeLog b/ChangeLog index 99208ede..0ff0245b 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,14 +2,162 @@ ngIRCd - Next Generation IRC Server http://ngircd.barton.de/ - (c)2001-2015 Alexander Barton and Contributors. + (c)2001-2019 Alexander Barton and Contributors. ngIRCd is free software and published under the terms of the GNU General Public License. -- ChangeLog -- -ngIRCd 23 +ngIRCd 25 (2019-01-23) + + - Fix documentation of MotdPhrase length, which actually is 126 characters: + update sample configuration file as well as the man page. Thanks to + shankari . + Closes #254. + - Implement new configuration option "MaxPenaltyTime", which configures the + maximum penalty time increase in seconds, per penalty event. Set to -1 for + no limit (the default), 0 to disable penalties altogether. ngIRCd doesn't + use penalty increases higher than 2 seconds during normal operation, so + values higher than 1 rarely make sense. + Disabling (or reducing) penalties can greatly speed up "make check" runs + for example, see below, but are mostly a debugging feature and normally + not meant to be used on production systems! + Some example timings running "make check" from my macOS workstation: + - MaxPenaltyTime not set: 4:41,79s + - "MaxPenaltyTime = 1": 3:14,71s + - "MaxPenaltyTime = 0": 25,46s + Closes #249 and #251. + - Fix compilation without deprecated OpenSSL APIs. Thanks to Rosen Penev + for the patch! + Closes #252. + - Update Xcode project for latest Xcode version (10.0) + - Fix some compiler warnings of Apple Xcode/Clang + - Allow a 5th parameter in WEBIRC. Thanks to "ItsOnlyBinary". + Closes #247. + - Update some more documentation files and source code comments. + - Platforms.txt: Add and update systems. + + ngIRCd 25~rc1 (2018-08-11) + - Update config.guess (2018-03-08) and config.sub (2018-03-08) files. + - Correctly retry to establish an outgoing connections when forking of the + resolver sub-process failed (for example because of lack of free memory). + Until now, such a connection was never retried once this error was hit. + Thanks to Robert Obermeier for reporting this bug! + Closes #243. + - Fix a "use after free" bug which can be triggered on a newly established + connection when the daemon handles an ERROR command received from the peer + during client login. Thanks a lot to Joseph Bisch + for discovering and reporting this issue! + - Only send TOPIC updates to a channel when the topic actually changed: + This prevents the channel from becoming flooded by unnecessary TOPIC update + messages, that can happen when IRC services try to enforce a certain topic + but which is already set (at least on the local server), for example. + Therefore still forward it to all servers, but don't inform local clients + (still update setter and timestamp information, though). + - Update Xcode project for latest Xcode version (9.2). This includes adding + missing and deleting obsolete file references. + - Handle user mode "C" ("Only users that share a channel are allowed to send + messages") like user mode "b" ("block private messages and notices"): allow + messages from servers, services, and IRC Operators, too. Change proposed by + "wowaname" back in 2015 in #ngircd, thanks! + - Fix some compiler warnings. + - Add contrib/ngircd.logcheck: Some sample logcheck(8) rules. + - Allow IRC Ops and remote servers to KILL service clients: such clients + behave like regular users, therefore IRC operators and servers should be + able to KILL them: for example to resolve nick collisions. + Closes #242. + - Don't forward KILLs to other servers if they've been blocked locally: + This prevents clients from killing IRC services, for example. + Closes #238 and #239. + - Fix a cross-compiler issue related to the Get_Error() function. + Closes #240 and #241. + - Update ./doc/Services.txt, enhance configuration examples. + +ngIRCd 24 (2017-01-20) + + - Make sure that ./contrib/platformtest.sh aborts when ./autogen.sh fails. + - Update config.guess (2016-10-02) and config.sub (2016-11-04) files. + - Build Debian packages with OpenSSL instead of GnuTLS: OpenSSL allows + to reload used certificates on runtime for example (which is very + useful when using Let's Encrypt), and therefore is preferred. And + explicitly specify the "source format". + - Fix handling of connection pool allocation and enlargement: up to now, + the daemon only enlarged its connection pool when accepting new incoming + client or server connections, not when establishing new outgoing server + links, which could lead to problems when hitting the configured limit, + see "MaxConnections". Thanks to Lukas Braun (k00mi) for reporting this! + Closes #231. + + ngIRCd 24~rc1 (2017-01-07) + - Enhance systemd service file, and install it in Debian package. + - Update configuration of Debian package. + - Log privilege violations and failed OPER request with log level "error" + and send it to the "&SERVER" channel, too. + - Immediately shut down connection when receiving an "ERROR" command, + don't wait for the peer to close the connection. This allows the daemon + to forward the received "ERROR" message in the network, instead of the + very generic "client closed connection" message. + - Fix sending of entry duration (no negative values!) when synchronizing + "x-lines" (G-LINES). + - List expiration (G-LINES): use same log level as when setting, and log + this event to the &SERVER channel, too. + - Explicitly forbid remote servers to modify "x-lines" (G-LINES) when the + "AllowRemoteOper" configuration option isn't set, even when the command + seems to originate from the remote server itself: this prevents GLINE's + to become set during server handshake in this case (what wouldn't be + possible during regular runtime when a remote IRC Op sends the command) + and what can't be undone by IRC Ops later on (because of the missing + "AllowRemoteOper" option) ... + - Make scripts and init-files in ./contrib executable. + - Fix building ngIRCd with OpenSSL 1.1. Thanks to Christoph Biedl + for the patch! + - Fix code indentation warnings of gcc 6.2. + - Update config.guess (2016-04-02) and config.sub (2016-03-30) files. + - Fix warnings of the "shellcheck" linter in autogen.sh, contrib/ngindent + and contrib/platformtest.sh. + - Update Xcode project for latest Xcode version (8.0), and fix "duplicate + symbols" error messages when building (linking) the binary. + - Add "Documentation" variables to systemd configuration files. + - Make sure that SYSCONFDIR is always set, which can be handy when + using source code linters when ./configure hasn't been run already. + - Add the new "PAMServiceName" configuration option to specify the name + used as PAM service name. This setting allows to run multiple ngIRCd + instances with different PAM configurations for each instance. + Thanks to Christian Aistleitner for the + patch, closes #226. + - Add an ".editorconfig" file to the project. + - Travis-CI: use "container-based infrastructure". + - Limit the number of message targets, and suppress duplicates: This + prevents an user from flooding the server using commands like this: + "PRIVMSG nick1,nick1,nick1,...". + Duplicate targets are suppressed silently (channels and clients). + In addition, the maximum number of targets per PRIVMSG, NOTICE, ... + command are limited to MAX_HNDL_TARGETS (25). If there are more, the + daemon sends the new 407 (ERR_TOOMANYTARGETS_MSG) numeric, containing + the first target that hasn't been handled any more. Closes #187. + - Test suite: Add new test for server-server logins. + - contrib/ngindent: Fix shebang line. + - Make contrib/platformtest.sh script more portable, and only show + "runs=Y" when the test suite really has been passed successfully. + - Code cleanup in the NJON handler and the function killing clients as + well as the function sending messages to a "mask" (cleaner code, more + fault tolerant, better code comments). + - Update and enhance documentation: README file, doc/Platforms.txt, + doc/Modes.txt, doc/Commands.txt, doc/PAM.txt. + - Fix NJOIN not propagating "half ops" status: ngIRCd tested for the wrong + prefix of "half ops" when processing NJOIN commands and therefore never + classified a remote user as "half op". + Thanks to wowaname for pointing this out on #ngircd! + +ngIRCd 23 (2015-11-16) + + - Explicitly cast time_t to long when printing it out: this prevents + wrong sized data types on platforms where time_t doesn't equal a + long any more, for example on OpenBSD (which would result in garbled + output on those platforms). + - contrib/Debian/changelog: Fix email address. + - Documentation: Spelling fixes; update doc/Platforms.txt. ngIRCd 23~rc1 (2015-09-06) - Add ".clang_complete" file, which is used by the "linter-clang" package @@ -53,7 +201,7 @@ ngIRCd 23 Idea and implementation by LucentW, Thanks! Closes #207. - Update ngircd.conf.5: "CloakUserToNick" hides user _and_ real name. This closes #208. - - Fix case insensitive pattern matching: Up to now, only the the input + - Fix case insensitive pattern matching: Up to now, only the input string became lowercased and was then compared to the pattern -- which failed when the pattern itself wasn't all lowercase! - Streamline the effect of "MorePrivacy" option: Update documentation @@ -406,7 +554,7 @@ ngIRCd 20.3 (2013-08-23) ngIRCd 20.2 (2013-02-15) - Security: Fix a denial of service bug in the function handling KICK - commands that could be used by arbitrary users to to crash the daemon + commands that could be used by arbitrary users to crash the daemon (CVE-2013-1747). - WHO command: Use the currently "displayed hostname" (which can be cloaked!) for hostname matching, not the real one. In other words: don't display all