ngIRCd - Next Generation IRC Server
http://ngircd.barton.de/
- (c)2001-2015 Alexander Barton and Contributors.
+ (c)2001-2024 Alexander Barton and Contributors.
ngIRCd is free software and published under the
terms of the GNU General Public License.
-- ChangeLog --
-
-ngIRCd 23
+ngIRCd 27
+
+ ngIRCd 27~rc1 (2024-04-13)
+ - Validate certificates on server links. Up to now, ngIRCd optionally used
+ SSL/TLS encrypted server-server links but never checked and validated any
+ certificates. Now ngIRCd validates SSL/TLS certificates on outgoing
+ server-server links by default and drops(!) connections when the remote
+ certificate is invalid (for example self-signed, expired, not matching the
+ host name, ...). Therefore you have to make sure that all relevant
+ *certificates are valid* (or to disable certificate validation on this
+ connection using the new `SSLVerify = false` setting in the affected
+ `[Server]` block, where the remote certificate is not valid and you can not
+ fix this issue).
+ The original patch for OpenSSL dates back to 2009 and was written by Florian
+ Westphal and was extended for GnuTLS in 2014 by Christoph Biedl. But it took
+ us another 10 years to bring it to life ... oh my! Many thanks to both
+ Florian and Christoph!
+ Closes #120.
+ - Add support for the "sd_notify" protocol of systemd(8): Periodically
+ "ping" the service manager (every 3 seconds) and set a status message
+ showing current connection statistics which then is included in "systemctl
+ status ngircd.service" output. In addition, this enables using the
+ systemd(8) watchdog functionality ("WatchdogSec") for the "ngircd.service"
+ unit and allows it to use the "notify" service type, which results in
+ better status tracking by the service manager.
+ - Try to set file descriptor limit to its maximum and show info on startup:
+ The number of possible parallel connections is limited by the file
+ descriptor limit of the process (among other things). Therefore try to
+ upgrade the current "soft" limit to its "hard" maximum (but limited to
+ 100000 instead of "infinite"), and show an information or even warning when
+ the limit is still less than the configured "MaxConnections" setting. Please
+ note that ngIRCd and its linked libraries (like PAM) need file descriptors
+ not only for incoming and outgoing IRC connections, but for reading files
+ and inter-process communication, too! Therefore the actual connection limit
+ is less(!) than the file descriptor limit!
+ - Update and fix the logcheck(8) rules file.
+ - METADATA: Fix unsetting the "cloakhost" hostname, which did not result in
+ the original hostname being restored, but actually resulted in an empty
+ string being used as the client hostname -- which is a protocol violation.
+ - Update the "rpm" make target to use the rpmbuild(8) command.
+ - Add a "Docker file" (contrib/Dockerfile) and corresponding documentation
+ (doc/Container.md) to the project. The resulting container is based on the
+ latest Debian "stable-slim" container and built using a "build container".
+ - Remove outdated, unsupported and broken support for splint(1).
+ - Don't show the default config file name on config errors: The configuration
+ can be set in drop-in files in the include directory, too, so it is not
+ clear in which file it is actually missing.
+ - No longer use a default built-in value for the "IncludeDir" directive when
+ a configuration file was explicitly specified on the command line using
+ "--config"/"-f": This way no default include directory is scanned when a
+ possibly non-default configuration file is used which (intentionally) did
+ not specify an "IncludeDir" directive. So now you can use "-f /dev/null"
+ for checking all built-in defaults, regardless of any local configuration
+ files in the default drop-in directory (which would have been read in
+ until this change).
+ - No longer log channel keys ("passwords") for predefined channels.
+ - The server "Name" in the "[Global]" section of the configuration file no
+ longer needs to be set: When not set (or empty), ngIRCd now tries to
+ deduce a valid IRC server name from the local host name ("node name"),
+ possibly adding a ".host" extension when the host name does not contain a
+ dot (".") which is required in an IRC server name ("ID").
+ This new behavior, with all configuration parameters now being optional,
+ allows running ngIRCd without any configuration file at all.
+ - Silence some compiler warnings.
+ - autogen.sh: Prefer automake 1.11 over other releases because this is the
+ last release supporting "de-ANSI-fication" using the included ansi2knr tool.
+ And because we _want_ to support old K&R platforms, we try hard to use this
+ release of automake when available to generate our build system.
+ Note: This is only relevant for you if you are building from Git sources.
+ - Autodetect support for IPv6 by default: Until now, IPv6 support was disabled
+ by default, which seems a bit outdated in 2024. Note: You still can pass
+ "--enable-ipv6"/"--disable-ipv6" to the ./configure script to forcefully
+ activate or deactivate IPv6 support.
+ - Do IDENT requests even when DNS lookups are disabled: Up to now disabling
+ DNS in the configuration disabled IDENT lookups as well (for no good
+ reason). Now you can activate/deactivate DNS lookups and IDENT requests
+ completely separately. Thanks for reporting this, Miniontoby!
+ Closes #291.
+ - Update config.guess (2023-08-22) and config.sub (2023-09-19) files.
+ - Fix Channel Admins being able to to set Channel Owner status! "Sarah"
+ reported this back in April 2021 and proposed a patch, thanks a lot!
+ - Test suite: Update for OpenSSL 3.x, some command outputs changed, clean up
+ shell scripts and make the getpid.sh script more robust.
+ - Allow SSL client-only configurations without keys/certificates: You don't
+ need to configure certificates/keys as long as you don't configure
+ SSL-enabled listening ports. This can make sense when you want to only link
+ your local daemon to an uplink server using SSL and only have clients on
+ your local host or in your fully trusted network, where SSL is not required.
+ - Remove the unmaintained contrib/MacOSX/ folder: this includes the Xcode
+ project as well as the outdated macOS "Package Maker" configuration. The
+ sample launchd(8) configuration properties list file was moved to
+ "contrib/de.barton.ngircd.plist" and kept.
+ - Fix showing the "Ident" option in "--configtest" output which was never
+ shown because of a coding error. Whoops!
+ - Change GnuTLS "slot handling" messages to debug level: Those messages are
+ about an internal implementation detail, not relevant for an administrator
+ of ngIRCd.
+ - Enlarge buffer for log messages: For example, SSL/TLS certificate
+ information can easily get longer than 256 characters. So enlarge the log
+ buffer to 1 KB to avoid cutting off relevant information.
+ - Respect "SSLConnect" option for incoming connections and do not accept
+ incoming plain-text ("non SSL") server connections for servers configured
+ with "SSLConnect" enabled. This change prevents an authenticated
+ client-server being able to force the server-server to send its password
+ on a plain-text connection when SSL/TLS was intended.
+ - Always try to close a connection with errors immediately, but try hard
+ to avoid too much recursion. Without this patch, an outgoing server
+ connection could get stuck in an "endless" state trying to write out data
+ over and over again.
+ - Add "hopm.service" to "Wants" and "Before" dependencies in the sample
+ systemd unit file (Hopm is the successor of Bopm).
+ - Update Debian package configuration using current "dh_make", package
+ dependencies and build rules. And no longer build 3 different versions,
+ only build "ngircd" which now includes support for IDENT, PAM (disabled in
+ the ngircd.conf installed by the package), SSL (OpenSSL), ZLib and IPv6.
+ - Return ERR_NOTEXTTOSEND on empty PRIVMSG content, which matches the
+ behavior of other servers.
+ - Add a new option "Autojoin" to [Channel] blocks: When it is set, ngIRCd
+ automatically joins all local users to this channel on connect. Note: The
+ users must have permissions to access the channel, otherwise joining them
+ will fail!
+ Thanks Ivan Agarkov <i_agarkov@wargaming.net> for the initial patch!
+ - Hide invisible (+i) users on "WHOIS <pattern>": Let's behave like most(?)
+ other IRC daemons (at least ircd2.11) and hide all +i users when WHOIS is
+ used with a pattern. Otherwise privacy of this users is not guaranteed and
+ the +i mode a bit useless ...
+ Reported by Cahata on #ngircd, thanks!
+ - Update the final "closing connection" message: Add some more information
+ like nick name, user name, host name and bring it in line with some other
+ implementations (at least ircd2.11 and Hybrid).
+ - Fix RPL_INVITING message: All numeric replies must originate from an IRC
+ server, never from a client. Thanks "tommyrot" for reporting this!
+ Closes #307.
+ - Enhance some log messages, for example for errors when accepting new
+ connections.
+ - Make the debug log level ("--debug"/-"d" command line option) always
+ available, not only when ./configure'd with "--enable-debug": the latter
+ now only enables additional checks (like the tests done using assert(2))
+ and is signalled by adding "+DEBUG" to the version "feature string". This
+ change enables everyone to get even more detailed logging when required.
+ - Always report an error when a parameter is missing in a channel "MODE +k"
+ or "MODE +l" command, and better validate their parameters: return the new
+ numeric ERR_INVALIDMODEPARAM_MSG(696) on errors.
+ Thanks Val Lorentz for reporting this!
+ Closes #290.
+ - Allow IRC Operators to use the WHO command on any channel.
+ - Add configuration for "ngIRCd CI" GitHub Action, no longer use Travis-CI.
+ - Send the NAMES list and channel topic to users "forcefully" joined to a
+ channel using NJOIN, like they joined on their own using JOIN, and
+ streamline the order of NAMES list and channel topic messages.
+ Closes #288.
+ - Fix (invalid) error messages when setting modes on local channels which
+ are defined in the configuration file.
+ - Fix handling of G-Lines/K-Lines with cloaked host names.
+ - Streamline logging of debug messages.
+ - Added a new command line option "-y"/"--syslog", with which logging to
+ syslog can be activated/deactivated separately from running on the console
+ (using "--nodaemon") or in the background.
+ Thanks Katherine Peeters for the patch and pull request!
+ Closes #294.
+ - Fix a possible race condition while introducing new clients in the network.
+ - Update, enhance and extend our documentation in README.md, INSTALL.md,
+ doc/HowToRelease.txt and the manual pages ngircd(8) and ngircd.conf(5), add
+ a new doc/QuickStart.md document, and convert some more documentation files
+ to Markdown (AUTHORS.md, contrib/README.md, doc/FAQ.md, doc/SSL.md).
+
+ngIRCd 26.1 (2021-01-02)
+
+ - Fix a "format string" compiler warning (detected on OpenBSD).
+ - No longer set "AI_ADDRCONFIG" when resolving host names, even when it
+ exists: with this option set, on an IPv6-only host, we prevent 127.0.0.1
+ to get translated properly, even when the loopback interface has this
+ address configured! And as the test suite uses 127.0.0.1, it was broken
+ on IPv6-only hosts.
+ The drawback is that the resolver possibly returns more addresses now,
+ even of an unsupported/not connected address family; but this shouldn't
+ do much harm in practice, as ngIRCd iterates over all returned addresses
+ while trying to establish an outgoing connection.
+ Closes #281.
+ - Revert "Show allowed channel types in ISUPPORT(005) numeric only", which
+ was introduced in 26~rc1: This lead to some IRC clients assuming "oh, no
+ channel prefix characters at all, so no channels at all, so no PRIVMSG can
+ go to any channel" when "AllowedChannelTypes" was set to the empty string
+ ("") -- which is not the case when there are pre-defined channel set up or
+ other servers still having channels!
+ So "allowed channel types" != "supported channel types", and we always have
+ to list all supported ones in the ISUPPORT(005) numeric!
+ Closes #285.
+ - Test suite: Wait 2 seconds after reloading the daemon, which is required
+ because on reload, all listening ports are closed, configuration updated,
+ and then opened again. This lead to subsequent tests running while the
+ daemon isn't listening on any ports, and that's why some tests could fail.
+ Closes #280.
+ - platformtest.sh: Try to mangle CLang name more intelligently.
+ - Documentation: Fixed URLs of Atheme IRC services, updated all mentions
+ from CVS to Git, and updated Platforms.txt -- Oh, and it is 2021 now! ;-)
+
+ngIRCd 26 (2020-06-20)
+
+ ngIRCd 26~rc2 (2020-06-11)
+ - Add AppStream metadata file (contrib/de.barton.ngircd.metainfo.xml).
+ - Don't send invalid CHANINFO commands when a channel has mode +k set but no
+ key is known to the server. This can happen with a misconfigured predefined
+ channel, for example, and looked like this: "CHANINFO #test +Pk 0 :" --
+ note the unset key represented by the two spaces. Fix this by sending a
+ "*" in this case and update the CHANINFO documentation, too.
+ - ngircd.spec: Fix names of README.md and INSTALL.md, add ".md" extension.
+ - Update description texts in the README.md file, the RPM and Debian package
+ files and the manual page: bring them in line with the updated homepage.
+ - Server-Server protocol: Fix use-after-free when unregistering a directly
+ connected server sending a SQUIT for itself.
+ - Server-Server protocol: Detect bogus SERVER commands lacking a prefix.
+ Thanks Hilko Bengen (hillu) for finding & reporting this as well for the
+ patch & pull request (even if fixed differently).
+ Closes #275.
+ - Fix the PING-PONG logic: In ngIRCd 26~rc1 this was completely broken (while
+ trying to fix timeouts during server handshakes in bigger networks): the
+ daemon never disconnected any stale peers but kept sending out PINGs over
+ and over again ...
+ - Test suite: Add missing files needed to test SSL support to "EXTRA_DIST",
+ so that they are included in distribution archives: in rc1, "make check"
+ fails when using sources from an archive and enabling SSL support.
+ Thanks to Hilko Bengen <bengen@hilluzination.de> for the patch!
+
+ ngIRCd 26~rc1 (2020-05-10)
+ - Tweak & update doc/HowToRelease.txt, .mailmap and AUTHORS files.
+ - Allow up to 512 characters per line in MOTD and help text files (but keep
+ in mind that lines can't get that long, because they have to be prefixed
+ before being sent to the client). But this allows for more fancy MOTDs :-)
+ Closes #271.
+ - Show the actually allowed channel types in the ISUPPORT(005) numeric which
+ are configured by the "AllowedChannelTypes" configuration variable.
+ Closes #273.
+ - Handle commands in the read buffer before reading more data and don't wait
+ for the network in this case: If there are more bytes in the read buffer
+ already than a single valid IRC command can get long (513 bytes), wait for
+ this/those command(s) to be handled first and don't try to read even more
+ data from the network (which most probably would overflow the read buffer
+ of this connection soon).
+ - Update Travis-CI configuration, "sudo" is deprecated.
+ - Log G-/K-Line changes only when not initiated by a server: this prevents
+ the log from becoming spammed during "net bursts".
+ - Update test suite to include SSL tests, including checking for reloading
+ certificates during runtime.
+ - Makefile.am: Replace "make" with "${MAKE}". This fixes warnings like this:
+ "warning: jobserver unavailable: using -j1. Add `+' to parent make rule."
+ Thanks to Sam James (sam_c) <sam@cmpct.info>!
+ Closes #270.
+ - Add support for GnuTLS certificate reload, which is quite handy when using
+ Let's Encrypt, for example. Until now this was only supported when linked
+ with OpenSSL. Thanks a lot, Hilko Bengen <bengen@hilluzination.de>!
+ - Remove deprecated legacy configuration options and related functions that
+ have been marked for removal for quite some time:
+ - PredefChannelsOnly (v22)
+ - NoticeAuth (v24)
+ - NoXXX (v19)
+ - Old '[GLOBAL]' section handling (v19)
+ Thanks to Michi <michi+ngircd@dataswamp.org> for the patch!
+ - Fix recursion bug on write errors: Depending on the stack size, too many
+ clients on the same channel quitting at the same time would trigger a crash
+ due to too many recursive calls to Conn_Close(). Thanks to Michi
+ <michi+ngircd@dataswamp.org> for the patch!
+ - Fix builds using GCC option -fno-common, which is the default starting with
+ GCC 10. Thanks to Michi <michi+ngircd@dataswamp.org> for the patch!
+ Closes #266.
+ - Convert INSTALL and README files to Markdown.
+ - Allow setting arbitrary channel modes in the configuration file by handling
+ them like in MODE commands, and allow multiple "Modes =" lines per [Channel]
+ section. Thanks to Michi <michi+ngircd@dataswamp.org>!
+ Closes #55.
+ - Add "FNC" (forced nick changes) to ISUPPORT(005) numeric. Most probably
+ this doesn't make any difference to any client, but it seems correct.
+ See <http://www.irc.org/tech_docs/005.html> for details.
+ - Reuse old SSL key if loading a new one failed.
+ - Remove outdated OpenBSD/NetBSD systrace.policy.
+ - Enhance handling of command line errors, and return with exit code 0 ("no
+ error") when "--help" or "--version" is used (which resulted in exit code 1,
+ "error" before). Exit with code 2 ("command line error") for all other
+ invalid command line options, and show the error message itself on stderr
+ (instead of stdout and exit code 1, "generic error", as before).
+ This new behavior is more in line with the GNU "coding standards",
+ see <https://www.gnu.org/prep/standards/html_node/_002d_002dhelp.html>.
+ - Fix and update Xcode project: Reference correct contrib/Makefile.am file,
+ correctly sort contrib/nglog.sh and add "ORGANIZATIONNAME" setting.
+ - contrib/ngindent.sh: Add more GNU indent options for better results, and
+ add the ".sh" suffix to bring this script in line with the others in the
+ contrib/ folder.
+ - Add ./contrib/nglog.sh: This script parses the log output of ngircd(8),
+ and colorizes the messages according to their log level. Example usage:
+ ngircd -f $PWD/doc/sample-ngircd.conf -np | ./contrib/nglog.sh
+ - Log received signals with their names using strsignal(3), when available.
+ - Make test suite compatible with Haiku OS.
+ - Fix host mask cloaking bug, don't cloak multiple times: Previously, each
+ server would cloak every user's host mask. The problem is that if a network
+ has more than one server, then a user's host mask would get cloaked twice.
+ This patch ensures that a server only cloaks the host mask if it has not yet
+ been cloaked (the period indicates it's still an IP address). Thanks to
+ JRMU <jrmu@lecturify.com> for the patch!
+ Closes #228.
+ - Enlarge buffers of info texts to 128 bytes. This includes:
+ - "Real name" of a client (4th filed of the USER command).
+ - Server info text ("Info" configuration option).
+ - Admin info texts and email address ("AdminInfo1", "AdminInfo2" and
+ "AdminEmail" configuration options).
+ - Network name ("Network" configuration option).
+ The limit was 64 bytes before ...
+ Closes #258.
+ - Streamline handling of invalid and unset server name: Don't exit during
+ runtime (REHASH command, HUP signal), because the server name can't be
+ changed in this case anyway and the new invalid name will be ignored.
+ - Fix and extend documentation: Fix some typos, fix syntax of LINKS and LIST
+ commands, whitespace and spelling fixes, update dependencies and add some
+ more information about IRCv3 support.
+ Thanks to Thanks Windree, Étienne Mollier <etienne.mollier@mailoo.org> and
+ Christoph Biedl <debian.axhn@manchmal.in-ulm.de>.
+ Closes #264.
+ - Slightly reorder startup steps, and enhance logging:
+ - Show name of configuration file at the beginning of start up.
+ - Add a message when ngIRCd is ready, including its host name.
+ - Show name of configuration file on REHASH (SIGHUP), too.
+ - Change level of "done message" to NOTICE, like "starting" & "ready".
+ - Initialize IO functions before channels, connections, clients, ...
+ - configure.ng: OpenSSL can depends on lz or latomic so use pkg-config to
+ find those dependencies and fallback to existing mechanism.
+ Closes #256.
+ - ngircd.conf.5: Fix wording as suggested by lintian.
+
+ngIRCd 25 (2019-01-23)
+
+ - Fix documentation of MotdPhrase length, which actually is 126 characters:
+ update sample configuration file as well as the man page. Thanks to
+ shankari <shankari@eecs.berkeley.edu>.
+ Closes #254.
+ - Implement new configuration option "MaxPenaltyTime", which configures the
+ maximum penalty time increase in seconds, per penalty event. Set to -1 for
+ no limit (the default), 0 to disable penalties altogether. ngIRCd doesn't
+ use penalty increases higher than 2 seconds during normal operation, so
+ values higher than 1 rarely make sense.
+ Disabling (or reducing) penalties can greatly speed up "make check" runs
+ for example, see below, but are mostly a debugging feature and normally
+ not meant to be used on production systems!
+ Some example timings running "make check" from my macOS workstation:
+ - MaxPenaltyTime not set: 4:41,79s
+ - "MaxPenaltyTime = 1": 3:14,71s
+ - "MaxPenaltyTime = 0": 25,46s
+ Closes #249 and #251.
+ - Fix compilation without deprecated OpenSSL APIs. Thanks to Rosen Penev
+ <rosenp@gmail.com> for the patch!
+ Closes #252.
+ - Update Xcode project for latest Xcode version (10.0)
+ - Fix some compiler warnings of Apple Xcode/Clang
+ - Allow a 5th parameter in WEBIRC. Thanks to "ItsOnlyBinary".
+ Closes #247.
+ - Update some more documentation files and source code comments.
+ - Platforms.txt: Add and update systems.
+
+ ngIRCd 25~rc1 (2018-08-11)
+ - Update config.guess (2018-03-08) and config.sub (2018-03-08) files.
+ - Correctly retry to establish an outgoing connections when forking of the
+ resolver sub-process failed (for example because of lack of free memory).
+ Until now, such a connection was never retried once this error was hit.
+ Thanks to Robert Obermeier for reporting this bug!
+ Closes #243.
+ - Fix a "use after free" bug which can be triggered on a newly established
+ connection when the daemon handles an ERROR command received from the peer
+ during client login. Thanks a lot to Joseph Bisch <joseph.bisch@gmail.com>
+ for discovering and reporting this issue!
+ - Only send TOPIC updates to a channel when the topic actually changed:
+ This prevents the channel from becoming flooded by unnecessary TOPIC update
+ messages, that can happen when IRC services try to enforce a certain topic
+ but which is already set (at least on the local server), for example.
+ Therefore still forward it to all servers, but don't inform local clients
+ (still update setter and timestamp information, though).
+ - Update Xcode project for latest Xcode version (9.2). This includes adding
+ missing and deleting obsolete file references.
+ - Handle user mode "C" ("Only users that share a channel are allowed to send
+ messages") like user mode "b" ("block private messages and notices"): allow
+ messages from servers, services, and IRC Operators, too. Change proposed by
+ "wowaname" back in 2015 in #ngircd, thanks!
+ - Fix some compiler warnings.
+ - Add contrib/ngircd.logcheck: Some sample logcheck(8) rules.
+ - Allow IRC Ops and remote servers to KILL service clients: such clients
+ behave like regular users, therefore IRC operators and servers should be
+ able to KILL them: for example to resolve nick collisions.
+ Closes #242.
+ - Don't forward KILLs to other servers if they've been blocked locally:
+ This prevents clients from killing IRC services, for example.
+ Closes #238 and #239.
+ - Fix a cross-compiler issue related to the Get_Error() function.
+ Closes #240 and #241.
+ - Update ./doc/Services.txt, enhance configuration examples.
+
+ngIRCd 24 (2017-01-20)
+
+ - Make sure that ./contrib/platformtest.sh aborts when ./autogen.sh fails.
+ - Update config.guess (2016-10-02) and config.sub (2016-11-04) files.
+ - Build Debian packages with OpenSSL instead of GnuTLS: OpenSSL allows
+ to reload used certificates on runtime for example (which is very
+ useful when using Let's Encrypt), and therefore is preferred. And
+ explicitly specify the "source format".
+ - Fix handling of connection pool allocation and enlargement: up to now,
+ the daemon only enlarged its connection pool when accepting new incoming
+ client or server connections, not when establishing new outgoing server
+ links, which could lead to problems when hitting the configured limit,
+ see "MaxConnections". Thanks to Lukas Braun (k00mi) for reporting this!
+ Closes #231.
+
+ ngIRCd 24~rc1 (2017-01-07)
+ - Enhance systemd service file, and install it in Debian package.
+ - Update configuration of Debian package.
+ - Log privilege violations and failed OPER request with log level "error"
+ and send it to the "&SERVER" channel, too.
+ - Immediately shut down connection when receiving an "ERROR" command,
+ don't wait for the peer to close the connection. This allows the daemon
+ to forward the received "ERROR" message in the network, instead of the
+ very generic "client closed connection" message.
+ - Fix sending of entry duration (no negative values!) when synchronizing
+ "x-lines" (G-LINES).
+ - List expiration (G-LINES): use same log level as when setting, and log
+ this event to the &SERVER channel, too.
+ - Explicitly forbid remote servers to modify "x-lines" (G-LINES) when the
+ "AllowRemoteOper" configuration option isn't set, even when the command
+ seems to originate from the remote server itself: this prevents GLINE's
+ to become set during server handshake in this case (what wouldn't be
+ possible during regular runtime when a remote IRC Op sends the command)
+ and what can't be undone by IRC Ops later on (because of the missing
+ "AllowRemoteOper" option) ...
+ - Make scripts and init-files in ./contrib executable.
+ - Fix building ngIRCd with OpenSSL 1.1. Thanks to Christoph Biedl
+ <ngircd.anoy@manchmal.in-ulm.de> for the patch!
+ - Fix code indentation warnings of gcc 6.2.
+ - Update config.guess (2016-04-02) and config.sub (2016-03-30) files.
+ - Fix warnings of the "shellcheck" linter in autogen.sh, contrib/ngindent
+ and contrib/platformtest.sh.
+ - Update Xcode project for latest Xcode version (8.0), and fix "duplicate
+ symbols" error messages when building (linking) the binary.
+ - Add "Documentation" variables to systemd configuration files.
+ - Make sure that SYSCONFDIR is always set, which can be handy when
+ using source code linters when ./configure hasn't been run already.
+ - Add the new "PAMServiceName" configuration option to specify the name
+ used as PAM service name. This setting allows to run multiple ngIRCd
+ instances with different PAM configurations for each instance.
+ Thanks to Christian Aistleitner <christian@quelltextlich.at> for the
+ patch, closes #226.
+ - Add an ".editorconfig" file to the project.
+ - Travis-CI: use "container-based infrastructure".
+ - Limit the number of message targets, and suppress duplicates: This
+ prevents an user from flooding the server using commands like this:
+ "PRIVMSG nick1,nick1,nick1,...".
+ Duplicate targets are suppressed silently (channels and clients).
+ In addition, the maximum number of targets per PRIVMSG, NOTICE, ...
+ command are limited to MAX_HNDL_TARGETS (25). If there are more, the
+ daemon sends the new 407 (ERR_TOOMANYTARGETS_MSG) numeric, containing
+ the first target that hasn't been handled any more. Closes #187.
+ - Test suite: Add new test for server-server logins.
+ - contrib/ngindent: Fix shebang line.
+ - Make contrib/platformtest.sh script more portable, and only show
+ "runs=Y" when the test suite really has been passed successfully.
+ - Code cleanup in the NJOIN handler and the function killing clients as
+ well as the function sending messages to a "mask" (cleaner code, more
+ fault tolerant, better code comments).
+ - Update and enhance documentation: README file, doc/Platforms.txt,
+ doc/Modes.txt, doc/Commands.txt, doc/PAM.txt.
+ - Fix NJOIN not propagating "half ops" status: ngIRCd tested for the wrong
+ prefix of "half ops" when processing NJOIN commands and therefore never
+ classified a remote user as "half op".
+ Thanks to wowaname for pointing this out on #ngircd!
+
+ngIRCd 23 (2015-11-16)
+
+ - Explicitly cast time_t to long when printing it out: this prevents
+ wrong sized data types on platforms where time_t doesn't equal a
+ long any more, for example on OpenBSD (which would result in garbled
+ output on those platforms).
+ - contrib/Debian/changelog: Fix email address.
+ - Documentation: Spelling fixes; update doc/Platforms.txt.
ngIRCd 23~rc1 (2015-09-06)
- Add ".clang_complete" file, which is used by the "linter-clang" package
- Use "NOTICE *" before registration instead of "NOTICE AUTH". "AUTH" is
a valid nickname so sending notices to it is probably not a good idea.
Use "*" as the target instead as done with numerics when the nick is not
- available. This mimics the behaviour in Charybdis, IRCD-Hybrid, InspIRCd
+ available. This mimics the behavior in Charybdis, IRCD-Hybrid, InspIRCd
2.2, Plexus 4, etc. Closes #217.
The "NoticeAuth" configuration variable (ngircd.conf) has been renamed
to "NoticeBeforeRegistration" accordingly, but the old name is still
clients, including Pidgin and stunnel 5.06, to reuse a session.
Patch by Tom Ryder <tom@sanctum.geek.nz>, thanks! Closes #182.
- Keep track of who placed bans, invites, and excepts.
- Idee and implementation by LucentW, Thanks! Closes #203.
+ Idea and implementation by LucentW, Thanks! Closes #203.
- Make setgroups(3) function optional: For example, Interix is missing
this function, which prevented ngIRCd to build on this platform. When
setgroups(3) isn't available, a warning message is issued on startup.
- Implement numeric RPL_LISTSTART(321). lightIRC and other clients
expecting RPL_LISTSTART should now behave correctly.
- Idee and implementation by LucentW, Thanks! Closes #207.
- - Update ngircd.conf.5: "CloadUserToNick" hides user _and_ real name.
+ Idea and implementation by LucentW, Thanks! Closes #207.
+ - Update ngircd.conf.5: "CloakUserToNick" hides user _and_ real name.
This closes #208.
- - Fix case insensitive pattern matching: Up to now, only the the input
+ - Fix case insensitive pattern matching: Up to now, only the input
string became lowercased and was then compared to the pattern -- which
failed when the pattern itself wasn't all lowercase!
- Streamline the effect of "MorePrivacy" option: Update documentation
hide IP addresses/hostnames on WHOIS when "MorePrivacy" is in effect.
This closes #198.
- IRC operators now can kick anyone when "OperCanMode" is set.
- Idee and implementation by LucentW, Thanks! Closes #202.
+ Idea and implementation by LucentW, Thanks! Closes #202.
- Implement user mode "I": Hide channels on WHOIS: this mode prevents
ngIRCd from showing channels on WHOIS (IRC Operators can always see
the channel list).
- Idee and implementation by LucentW, Thanks! Closes #197.
+ Idea and implementation by LucentW, Thanks! Closes #197.
- INVITE command: Implement ERR_USERNOTONSERV(504) numeric and make sure
that the target user is on the same server when inviting other users
to local ("&") channels.
ngIRCd 20.2 (2013-02-15)
- Security: Fix a denial of service bug in the function handling KICK
- commands that could be used by arbitrary users to to crash the daemon
+ commands that could be used by arbitrary users to crash the daemon
(CVE-2013-1747).
- WHO command: Use the currently "displayed hostname" (which can be cloaked!)
for hostname matching, not the real one. In other words: don't display all
"CC=xxx MAKE=yyy ./platformtest.sh" calling convention.
- Add instructions for setting up Atheme IRC services.
- Implement support for IRC capability handling, the new "CAP" command,
- and capablity "multi-prefix" which allows both the NAME and WHO command
+ and capability "multi-prefix" which allows both the NAME and WHO command
handlers to return more than one "class prefix" to the client.
- Update Xcode project files: reference missing documentation files.
- Fix: Don't ignore "permission denied" errors when enabling chroot.
- contrib/platformtest.sh: make command name quoting consistent
ngIRCd 17~rc3 (2010-10-27)
- - Xcode builds: detect version number correctly, updateed project file
+ - Xcode builds: detect version number correctly, updated project file
to use the Mac OS X 10.5.x SDK, disable pam_fail_delay() because it
is only available starting with Mac OS X 10.6, and generate a default
PAM configuration for the Mac OS X Installer.app package of ngIRCd.
ngIRCd 17~rc2 (2010-10-25)
- ZeroConf: include header files missing since commit a988bbc86a.
- Generate ngIRCd version number from GIT tag.
- - Make sourcecode compatible with ansi2knr again. This allows to compile
+ - Make source code compatible with ansi2knr again. This allows to compile
ngIRCd using a pre-ANSI K&R C compiler again.
- ./configure: check if C compiler can compile ISO Standard C.
- ./configure: check support for C prototypes again.
Howl, Avahi or on Mac OS X).
- New configuration option "SyslogFacility" to define the syslog "facility"
(the "target"), to which ngIRCd should send its log messages.
- Possible values are system dependant, but most probably "auth", "daemon",
+ Possible values are system dependent, but most probably "auth", "daemon",
"user" and "local1" through "local7" are possible values; see syslog(3).
Default is "local5" for historical reasons.
- Dump the "internal server state" (configured servers, established
- Make configure switch "--docdir" work (closes: #108).
- Reformat and update FAQ.txt a little bit.
- INSTALL: mention SSL, IPv6, and changed handling of MotdFile.
- - Change MOTD file handling: ngIRCd now caches the contens of the MOTD
+ - Change MOTD file handling: ngIRCd now caches the contents of the MOTD
file, so the daemon now requires a HUP signal or REHASH command to
re-read the MOTD file when its content changed.
- Startup: open /dev/null before chroot'ing the daemon.
- Include netinet/{in.h, in_systm.h} when checking for netinet/ip.h
- Only include <netinet/in_systm.h> if it exists
- Updated doc/Platforms.txt
- - Enhace connection statistics counters: display total number of served
+ - Enhance connection statistics counters: display total number of served
connections on daemon shutdown and when a new client connects using
the new numeric RPL_STATSCONN (250).
ngIRCd 16~rc1 (2010-03-25)
- Various fixes to the build system and code cleanups.
- contrib/platformtest.sh: Only show latest commit.
- - Updatet doc/Platforms.txt, added new README-Interix.txt documenting
+ - Updated doc/Platforms.txt, added new README-Interix.txt documenting
how to tun ngIRCd on Microsoft Services for UNIX (MS SFU, MS SUA).
- Updated links to the ngIRCd homepage (bug tracker, mailing list).
- Added missing modes to USERMODES #define
ngIRCd 15~rc1 (2009-10-15)
- Do not add default listening port (6667) if SSL ports were specified, so
ngIRCd can be configured to only accept SSL-encrypted connections now.
- - Enable IRC operators to use the IRC command SQUIT (insted of the already
+ - Enable IRC operators to use the IRC command SQUIT (instead of the already
implemented but non-standard DISCONNECT command).
- New configuration option "AllowRemoteOper" (disabled by default) that
enables remote IRC operators to use the IRC commands SQUIT and CONNECT
- Fix memory leak when a encrypted and compressed server link goes down.
(closes bug #95, reported by Christoph, fiesh@fiesh.homeip.net)
- Fix handling of channels containing dots.
- (closes ug #93, reported by Gonosz Csiga)
+ (closes bug #93, reported by Gonosz Csiga)
ngIRCd 13 (2008-12-25)
- Fixed ./configure test for TCP Wrappers: now it runs on Mac OS X as well.
- Enhanced configure script: now you can pass an (optional) search path
to all --with-XXX parameters, e. g. "--with-ident=/opt/ident".
- - Removed typedefs for the native C datatypes.
+ - Removed typedefs for the native C data types.
Use stdbool.h / inttypes.h if available.
- New configuration option "OperServerMode" to enable a workaround needed
when running an network with ircd2 servers and "OperCanUseMode" enabled
to add a new server (ngIRCd tries to connect new servers only once!).
- Added DISCONNECT command ("DISCONNECT <name>") to disable servers.
- Restructured the documentation: Now the main language is English. The
- german documentation has been removed (until there is a maintainer).
+ German documentation has been removed (until there is a maintainer).
- Enhanced killing of users caused by a nickname collision.
- Better error detection for status code ("numerics") forwarding.
- Moved tool functions to own library: "libngtool".
member when changing his channel user modes which could crash ngIRCd.
-Older changes (sorry, only available in german language):
+Older changes (sorry, only available in German language):
ngIRCd 0.6.0, 24.12.2002
projects / ngircd-alex.git / blobdiff