From 1284e49701c56e2688d82d0cd690c8caff4c4401 Mon Sep 17 00:00:00 2001
From: Alexander Barton
Die aktuelle stabile Version ist
- Release 26.1 vom 2. Januar 2021,
- und
- Release 27~rc1 vom 13. April 2024
- steht zum Test bereit;
+ Release 27 vom 26. April 2024,
siehe auch die
Download-Möglichkeiten.
diff --git a/news.php.de b/news.php.de
index e1a5227..e0492f1 100644
--- a/news.php.de
+++ b/news.php.de
@@ -14,10 +14,7 @@
Achtung:
- ngIRCd 20, 20.1 und 20.2 beinhalten einen Fehler,
- der zum Absturz des Servers führen kann, wenn die Konfigurationsoption
- NoticeAuth
aktiviert ist (was nicht der Default ist).
- ngIRCd 20 und 20.1 beinhaltet zudem einen Fehler, der es jedem Nutzer
- ermöglicht, den Server-Dienst zum Absturz zu bringen.
- Alle Installationen sollten auf Version 20.3 vom 23. August
- 2013 (oder neuer) aktualisiert werden!
+ ngIRCd bis einschlieÃlich Release 26.1 hat SSL-Zertifikate bei
+ Server-Server-Links nicht validiert! Falls ngIRCd in einem
+ Netzwerk mit mehreren Servern eingesetzt wird, sollte auf
+ Version 27 vom 26. April 2024 (oder neuer) aktualisiert
+ werden!
Die NEWS-Datei und das diff --git a/news.php.en b/news.php.en index 9d32986..2091ad9 100644 --- a/news.php.en +++ b/news.php.en @@ -14,10 +14,7 @@
The current stable version is - Release 26.1 of January 1 2021, - and - Release 27~rc1 of April 13 2024 - is ready for testing; + Release 27 of April 26 2024, please refer to the Download options.
@@ -41,13 +38,10 @@
Caution:
- ngIRCd 20, 20.1, and 20.2 contain an error that could crash
- the server daemon when the configuration option NoticeAuth
is
- enabled (which is not the default).
- ngIRCd 20 and 20.1 both contain an additional error that allows
- arbitrary users to crash the server daemon.
- All installations should be updated to version 20.3 (released
- August 23, 2013) or newer!
+ ngIRCd up to and including release 26.1 did not validate SSL
+ certificates on server-server links! If you run a network of ngIRCd
+ daemons you should upgrade to ngIRCd 27 (released April 26,
+ 2024) or newer!
The NEWS-file and the
--
2.39.2
From 5485c2141ac40945d0745ea6823fbe12b4e2ffec Mon Sep 17 00:00:00 2001
From: Alexander Barton
When ngIRCd is compiled with debug code, that is, its source code has -been ./configure'd with "--enable-debug" and/or "--enable-sniffer" -(witch enables debug mode automatically as well), you can use two more -command line options and two more signals to debug problems with the -daemon itself or IRC clients:
+ngIRCd can log additional debug messages, which can be enabled with +the command line option --debug (-d) or by sending the USR1 signal to +the running daemon. Some of those messages may leak personal +information, be very technical and can be very verbose. Therefore the +debug mode is meant for troubleshooting only and should definitely be +disabled during normal operation!
+In addition, a "protocol sniffer" can be enabled on build time by +passing the "--enable-sniffer" option to the ./configure script which +enables the "--sniffer" (-s) command line option (which is not available +by default): this "sniffer" logs all incoming and outgoing IRC commands +on all connections, which can be handy to debug problems with the daemon +itself or IRC clients.
+Both modes are indicated in the version string shown by the IRC +"VERSION" command: if the version ends in a dot (like in "26.1."), the +daemon operates in "normal" mode (the version used in the example is +"26.1"). If it ends in ".1" (like in "26.1.1") the "debug-mode" is +enabled; and if it ends in ".2" (like in "26.1.2") the "IRC sniffer" is +enabled, too.
Options:
Signals:
+Note: Usage of these signals is broadcasted to all users with the +s +("receive server notices") mode set!
Filename pointing to the Trusted CA Certificates. This is required +for verifying peer certificates. Default: not set, so no certificates +are trusted.
+SSL Certificate file of the private server key.
@@ -601,6 +607,10 @@ to "HIGH:!aNULL:@STRENGTH:!SSLv3" (OpenSSL) or "SECURE128:-VERS-SSL3.0" (GnuTLS). Please see 'man 1ssl ciphers' (OpenSSL) and 'man 3 gnutls_priority_init' (GnuTLS) for details.Filename of Certificate Revocation List.
+Name of the Diffie-Hellman Parameter file. Can be created with GnuTLS @@ -703,6 +713,11 @@ create the link.
Connect to the remote server using TLS/SSL. Default: false.
Verify the TLS certificate presented by the remote server. Default: +yes.
+Define a (case insensitive) list of masks matching nicknames that
--
2.39.2
From 163fd79307f55d2b2a5c866775562ddfaaa678b7 Mon Sep 17 00:00:00 2001
From: Alexander Barton