]>
Commit | Line | Data |
---|---|---|
50d985a4 | 1 | -- Noteworthy changes in version 1.1.11 (2021-??-??) |
2 | * The `irc::tls_disable_certificate_verification` configuration option | |
3 | has been implemented. Setting this to `yes` turns off verification of | |
4 | the remote peer's certificate. | |
5 | Turning off certificate verification is generally discouraged and should | |
6 | be done only for experimental purposes. | |
7 | ||
8 | ||
2196a415 | 9 | -- Noteworthy changes in version 1.1.10 (2021-01-30) |
e73e10ed | 10 | * Timers have been changed to use monotonic time instead of wall-clock time |
4e9211b3 | 11 | * Fixed broken build with LibreSSL |
e73e10ed | 12 | |
13 | ||
a4951728 | 14 | -- Noteworthy changes in version 1.1.9 (2020-11-16) |
15 | * Implemented support for loading a user-provided private key and tls client | |
3fb1cb11 | 16 | certificate. The `irc::rsa_private_key_file`and `irc::tls_certificate_file` |
17 | configuration directives have been added for this. | |
18 | As a side effect this now allows HOPM to use certificate fingerprints for | |
19 | NickServ authentication | |
114873f1 | 20 | * The `vhost` configuration directive found in the irc {} and scanner {} blocks |
21 | has been renamed to `bind` | |
827b5008 | 22 | |
23 | ||
97871c8b | 24 | -- Noteworthy changes in version 1.1.8 (2020-07-05) |
da812d50 | 25 | * Minimum supported OpenSSL version is 1.1.1 now |
26 | * Experimental TLS support for the irc client part has been implemented. We | |
27 | only do TLSv1.2 and higher | |
28 | * The `irc::tls` and `irc::tls_hostname_verification` configuration directives | |
29 | have been added | |
30 | * A possible out-of-bounds write in the irc parser logic has been fixed | |
800dd43b | 31 | |
32 | ||
4d52e6c9 | 33 | -- Noteworthy changes in version 1.1.7 (2020-04-19) |
a0c1d66d | 34 | * Fixed github issue #31: hopm attempts to open `stderr` for logging in |
da812d50 | 35 | non-debug/fork mode which can cause hopm to exit silently |
ac251fbf | 36 | |
37 | ||
4141b65b | 38 | -- Noteworthy changes in version 1.1.6 (2019-04-21) |
da812d50 | 39 | * Fixed issue with ssh banner scans where hopm would test connections only |
40 | against the `target_string` that's defined last in the scanner{} block | |
41 | * Minimum supported OpenSSL version is 1.0.1f now | |
45a19128 | 42 | |
43 | ||
9fa4a0d3 | 44 | -- Noteworthy changes in version 1.1.5 (2018-10-14) |
d2aa19ae | 45 | * The `:`, and `,` nickname delimiters work again |
da812d50 | 46 | * Fixed a bug where the hopm process couldn't be restarted under certain |
47 | conditions | |
48 | * The hopm process can now be restarted from the command line via `kill -HUP` | |
49 | * Added `--enable-efence` switch to allow easy linking with the | |
50 | electric fence memory debugger library | |
51 | * Implemented proper support to kill users with vulnerable SSH versions by | |
52 | version announcement. Patch provided by falsovsky (Pedro de Oliveira). See | |
53 | `doc/reference.conf` for more information. | |
54 | * Minimum supported OpenSSL version is 1.0.1d now | |
91aa9fce | 55 | |
56 | ||
e7cfd685 | 57 | -- Noteworthy changes in version 1.1.4 (2017-04-05) |
da812d50 | 58 | * IPv6 blacklist support has been implemented |
59 | * The `CHECK` command now accepts IPv6 addresses | |
3fb1cb11 | 60 | * The negative cache has been rewritten to use latest Net::Patricia C sources |
61 | and does support IPv6 now | |
37f7fec5 | 62 | |
63 | ||
b49f5966 | 64 | -- Noteworthy changes in version 1.1.3 (2016-09-26) |
3fb1cb11 | 65 | * Allow inclusion of other configuration files in the main `hopm.conf` file. |
66 | See `doc/reference.conf` for further information on how to use the new | |
67 | `.include` configuration directive. | |
f016f3ee | 68 | |
69 | ||
dcc08bca | 70 | -- Noteworthy changes in version 1.1.2 (2016-05-15) |
3fb1cb11 | 71 | * Fixed archaic bug which can cause the scanner to either detect nothing or to |
72 | detect everything and therefore even kill legit clients | |
73f52a4a | 73 | |
74 | ||
3951d9b8 | 75 | -- Noteworthy changes in version 1.1.1 (2016-01-03) |
da812d50 | 76 | * Added `command_queue_size`, `command_interval`, and `command_timeout`, |
77 | configuration directives to the options {} block. See `doc/reference.conf` | |
78 | for more information. | |
79 | * Various updates to the `reference.conf`; added updated `connregex` directives | |
a0c1d66d | 80 | for ircd-hybrid in conjunction with user mode `F` (far connect notices), and |
da812d50 | 81 | UnrealIRCd 4.0.0, which now uses a different format for connect notices |
1864697d | 82 | |
83 | ||
b8282240 | 84 | -- Noteworthy changes in version 1.1.0 (2015-08-07) |
da812d50 | 85 | * `options::pidfile` and `options::scanlog` can now be relative pathnames |
86 | * Due to security reasons the `PROTOCOLS` command has been removed again | |
9d849d7e | 87 | |
88 | ||
a13a61fa | 89 | -- Noteworthy changes in version 1.1.0beta1 (2015-07-02) |
3fb1cb11 | 90 | * Added HTTPS support for SSL/TLS-enabled HTTP proxies which seem to be used |
91 | quite a lot on IRC nowadays. LibreSSL or OpenSSL 0.9.8o and above is required | |
92 | for this to work. | |
da812d50 | 93 | * Added new `HTTPS` and `HTTPSPOST` protocol configuration directives to the |
3fb1cb11 | 94 | scanner {} block |
a13a61fa | 95 | |
96 | ||
33be39c3 | 97 | -- Noteworthy changes in version 1.0.8 (2015-06-25) |
d2aa19ae | 98 | * Added `options::reconnectinterval` configuration option. See `doc/reference.conf` |
da812d50 | 99 | for more information. |
100 | * Added `options::dns_timeout` configuration option. See `doc/reference.conf` | |
101 | for more information. | |
102 | * Further modernizations and cleanups to the build system | |
103 | * HOPM now compiles with `-fstack-protector-strong` and `-fstack-protector`, | |
104 | respectively, depending on what the compiler supports | |
105 | * Added `--enable-assert` switch to `./configure`. assert() statements are now | |
106 | disabled by default and can be enabled with `./configure --enable-assert` | |
107 | * Added `--enable-warnings` switch to `./configure`, which enables various | |
108 | compiler warnings if supported by the compiler | |
e385b601 | 109 | |
110 | ||
111 | -- Noteworthy changes in version 1.0.7 (2015-06-06) | |
da812d50 | 112 | * HOPM can now detect Dreamboxes with default root passwords |
3fb1cb11 | 113 | * Fixed bug where the configuration parser would report syntax errors with |
114 | invalid line numbers when there are multi-line C-style comments in the | |
115 | config file | |
e385b601 | 116 | |
117 | ||
72b5d6de | 118 | -- Noteworthy changes in version 1.0.6 (2015-05-27) |
da812d50 | 119 | * HOPM now catches MikroTik HttpProxies |
72b5d6de | 120 | |
121 | ||
122 | -- Noteworthy changes in version 1.0.5 (2015-05-04) | |
3fb1cb11 | 123 | * Fixed bug where HOPM couldn't connect to the server specified in the irc {} |
124 | block on some OS | |
72b5d6de | 125 | |
126 | ||
0b9c765e | 127 | -- Noteworthy changes in version 1.0.4 (2015-03-17) |
da812d50 | 128 | * Log timestamp format is ISO8601 now |
3fb1cb11 | 129 | * Added `protocols` command which dumps a list of configured scanners and their |
130 | associated protocols/ports to a channel | |
0b9c765e | 131 | |
132 | ||
8fc539c7 | 133 | -- Noteworthy changes in version 1.0.3 (2015-01-28) |
3fb1cb11 | 134 | * Fixed bug where HOPM wouldn't try re-connecting to the server in case the |
135 | connection got lost | |
d2aa19ae | 136 | * Added `irc::notice` configuration option |
8fc539c7 | 137 | |
138 | ||
139 | -- Noteworthy changes in version 1.0.2 (2015-01-12) | |
da812d50 | 140 | * Added `options::negcache_rebuild` configuration option |
3fb1cb11 | 141 | * Added basic IPv6 support allowing HOPM to bind and connect to IPv6 addresses |
8fc539c7 | 142 | |
143 | ||
da048688 | 144 | -- Noteworthy changes in version 1.0.1 (2015-01-06) |
da812d50 | 145 | * Fixed build on OS X |
da048688 | 146 | |
147 | ||
8df558d2 | 148 | -- Noteworthy changes in version 1.0.0 (2015-01-03) |
da812d50 | 149 | * Minor stabilization and performance improvements |
8df558d2 | 150 | |
151 | ||
cc7c0ceb | 152 | -- Noteworthy changes in version 1.0.0beta2 (2014-12-31) |
da812d50 | 153 | * Added `irc::readtimeout` configuration option |
da812d50 | 154 | * Worked towards IPv6 support |
155 | * Fixed `reference.conf` from causing syntax errors | |
156 | * HOPM now uses poll() for I/O event notification instead of select() | |
cc7c0ceb | 157 | |
158 | ||
3e39ad36 | 159 | -- Noteworthy changes in version 1.0.0beta1 (2014-12-25) |
da812d50 | 160 | * **NOTE:** this is the first release of the hybrid open proxy monitor (HOPM) |
161 | fully based off the discontinued blitzed open proxy monitor (BOPM) 3.1.3 | |
162 | * Modernized and cleaned up build system | |
163 | * Modernized the example configuration file. Removed/updated blacklist entries. | |
164 | * The configuration parser now does support time and size units | |
165 | * The configuration parser now does support c++ style comments | |
166 | * Fixed a memory leak in conjunction with manual scans | |
167 | * Fixed weird behaviour in the command parser | |
168 | * Code hardening. Replaced occurences of strcpy/strcat with strlcpy/strlcat, etc. | |
169 | * Various code cleanups and optimizations | |
170 | * The `irc::away` configuration option is now optional |