]>
Commit | Line | Data |
---|---|---|
1 | # News | |
2 | ||
3 | This is charybdis 4-dev, Copyright (c) 2005-2016 Charybdis team. | |
4 | See LICENSE for licensing details (GPL v2). | |
5 | ||
6 | ## charybdis-4 | |
7 | ||
8 | ### build | |
9 | - Build system has been converted to libtool + automake for sanity reasons. | |
10 | - The compile date is now set at configure time rather than build time, allowing for | |
11 | reproducible builds. (#148, #149) | |
12 | - Support for GNUTLS 3.4 has been added. | |
13 | ||
14 | ### user | |
15 | - Import the ability to exceed MAXCHANNELS from ircd-seven. | |
16 | - Implement IRCv3.2 enhanced capability negotiation (`CAP LS 302`). | |
17 | - Implement support for receiving and sending IRCv3 message tags. | |
18 | - Implement IRCv3.2 capabilities: (#141) | |
19 | - account-tag | |
20 | - echo-message | |
21 | - invite-notify | |
22 | - sasl | |
23 | - server-time | |
24 | - SASL: certificate fingerprints are now always sent to the SASL agent, allowing for | |
25 | the certificate to be used as a second authentication factor. | |
26 | ||
27 | ### oper | |
28 | - Merge several features from ircd-seven: | |
29 | - Implement support for remote DIE/RESTART. | |
30 | - Implement support for remote MODLOAD et al commands. | |
31 | - Add the GRANT command which allows for temporarily opering a client. | |
32 | - Implement the hidden oper-only channel modes framework. | |
33 | - Implement a channel mode that disallows kicking IRC operators (+M). | |
34 | - Enhance the oper override system, allowing more flexibility and detail | |
35 | in network-wide notices. | |
36 | - DNS, ident, and blacklist lookups have been moved to a dedicated daemon known | |
37 | as authd. Some cosmetic changes to blacklist statistics and rejection notices | |
38 | have resulted. | |
39 | - An experimental OPM scanner has been added to authd. Plaintext SOCKS4, | |
40 | SOCKS5, and HTTP CONNECT proxies can be checked for. | |
41 | - The LOCOPS command has been moved from core to an extension. | |
42 | - All core modules in charybdis have descriptions, which are shown in MODLIST. | |
43 | - Suffixes should not be used when doing /MODLOAD, /MODUNLOAD, /MODRELOAD, etc. | |
44 | ||
45 | ### conf | |
46 | - Add the ability to strip color codes from topics unconditionally. | |
47 | - The obsolete hub option from server info has been removed. | |
48 | ||
49 | ### docs | |
50 | - The documentation has been cleaned up; obsolete files have been purged, and | |
51 | files have been renamed and shuffled around to be more consistent. | |
52 | ||
53 | ### code | |
54 | - `common.h` is gone. Everything useful in it was moved to `ircd_defs.h`. | |
55 | - `config.h` is gone; the few remaining knobs in it were not for configuration | |
56 | by mere mortals, and mostly existed as a 2.8 relic. Most of the knobs live in | |
57 | `defaults.h`, but one is well-advised to stay away unless they know exactly | |
58 | what they are doing. | |
59 | - A new module API has been introduced, known as AV2. It includes things such as | |
60 | module datecodes (to ensure modules don't fall out of sync with the code), | |
61 | module descriptions, and other fun things. | |
62 | - Alias and module commands are now in m_alias and m_modules, respectively, and | |
63 | can be reloaded if need be. For sanity reasons, m_modules is a core module, | |
64 | and cannot be unloaded. | |
65 | - irc_dictionary and irc_radixtree related functions are now in librb, and | |
66 | prefixed accordingly. Typedefs have been added for consistency with existing | |
67 | data structures. For example, now you would write `rb_dictionary *foo` and | |
68 | `RB_DICTIONARY_FOREACH`. | |
69 | - C99 bools are now included and used in the code. Don't use ints as simple true | |
70 | or false flags anymore. In accordance with this change, the `YES`/`NO` and | |
71 | `TRUE`/`FALSE` macros have been removed. | |
72 | - Return types from command handlers have been axed, as they have been useless | |
73 | for years. | |
74 | - libratbox has been renamed to librb, as we have diverged from upstream long | |
75 | ago. | |
76 | - Almost all 2.8-style hashtable structures have been moved to dictionaries or | |
77 | radix trees, resulting in significant memory savings. | |
78 | - The block allocator has been disabled and is no longer used. | |
79 | - The ratbox client capabilities have been ported to use the ircd capabilities | |
80 | framework, allowing for modules to provide capabilities. | |
81 | - Support for restarting ssld has been added. ssld processes which are still | |
82 | servicing clients will remain in use, but not service new connections, and | |
83 | are garbage collected when they are no longer servicing connections. | |
84 | - Support for ratbox-style 'iodebug' hooks has been removed. | |
85 | ||
86 | ## charybdis-3.5.0 | |
87 | ||
88 | ### server protocol | |
89 | - Fix propagation of ip_cloaking hostname changes (only when setting or | |
90 | unsetting the umode after connection). | |
91 | - Fix a remote-triggerable crash triggered by the CAPAB parsing code. | |
92 | - As per the TS6 spec, require QS and ENCAP capabilities. | |
93 | - Require EX and IE capabilities (+e and +I cmodes). | |
94 | - Check that UIDs start with the server's SID. | |
95 | ||
96 | ### user | |
97 | - Allow mode queries on mlocked modes. In particular, allow /mode #channel f | |
98 | to query the forward channel even if +f is mlocked. | |
99 | - Strip colours from channel topics in /list. | |
100 | - If umode +D or +g are oper-only, don't advertise them in 005. | |
101 | - If MONITOR is not enabled, don't advertise it in 005. | |
102 | - Add starttls as per ircv3. | |
103 | - Abort a whowas listing when it would exceed SendQ, which would previously | |
104 | disconnect the user. | |
105 | - Reject nicks with '~' in them, rather than truncating at the '~'. | |
106 | - Remove CHARSET=ascii from ISUPPORT | |
107 | - Use the normal rules for IP visibility in /whowas. | |
108 | - Cmode +c now strips '\x0F' (^O, formatting off), fixing weird rendering in | |
109 | some clients that internally use mIRC formatting such as highlighted | |
110 | messages in HexChat. | |
111 | - Indicate join failure because of the chm_sslonly extension (cmode +S) using | |
112 | the same 480 numeric as ircd-ratbox. | |
113 | - Do not allow SASL authentication when the configured SASL agent is unavailable. | |
114 | - Automatically add unidentified users to the ACCEPT list when a user is set +R, | |
115 | as we do when the user is set +g. | |
116 | - Implement IRCv3.2 capabilities: | |
117 | - cap-notify | |
118 | - chghost | |
119 | - userhost-in-names | |
120 | - Implement the $&, $| and $m extban types: | |
121 | - $& combines 1 or more child extbans as an AND expression | |
122 | - $| combines 1 or more child extbans as an OR expression | |
123 | - $m provides normal hostmask matching as an extban for the above | |
124 | - Do not allow STARTTLS if a connection is already using TLS. | |
125 | - Display an operator's privilege set in WHOIS. | |
126 | - The $o extban now matches against privilege set names as well as individual | |
127 | privileges. Privilege set names are preferred over individual privileges. | |
128 | ||
129 | ### oper | |
130 | - Fix a crash with /testline. | |
131 | - Complain to opers if a server that isn't a service tries to | |
132 | SU/RSFNC/NICKDELAY/SVSLOGIN. | |
133 | - Turn off umode +p (override) when deopering. | |
134 | - Make listener error messages (e.g. port already in use) visible by default | |
135 | instead of only on snomask +d and in ioerrorlog. | |
136 | - Remove snotes on +r about GET/PUT/POST commands ("HTTP Proxy disconnected"). | |
137 | - Add DNSBL snotes on snomask +r. | |
138 | ||
139 | ### config | |
140 | - Add hide_uncommon_channels extension to hide uncommon channel memberships in WHOIS, | |
141 | like in ircd-seven. | |
142 | - Add chm_nonotice extension, cmode +T to reject notices. | |
143 | - Add restrict-unauthenticated extension, prevents unauthenticated users from | |
144 | doing anything as channel operator. | |
145 | - Add no_kill_services extension, prevents local opers from killing services. | |
146 | - Allow matching specific replies of DNSBLs, using the new matches option. | |
147 | - Remove blowfish crypt since it has the BSD advertising clause. | |
148 | - Fix SHA256 ($5$) crypt. | |
149 | - Make the channel::channel_target_change option actually work (it used to be | |
150 | always on). | |
151 | - SSL/TLS listeners now have defer_accept unconditionally enabled on them. | |
152 | - The method used for certificate fingerprints (CertFP) is now configurable. | |
153 | SHA1, SHA256 and SHA512 are available options. | |
154 | - The minimum user threshold for channels in default /list output is now | |
155 | configurable. | |
156 | ||
157 | ### misc | |
158 | - Work around timerfd/signalfd brokenness on OpenVZ. | |
159 | - Fix a compilation issue in libratbox/src/sigio.c with recent glibc. | |
160 | - Extend documentation slightly. | |
161 | - Remove a BSD advertising clause that permission was granted to remove. | |
162 | - Add support for hooking PRIVMSG/NOTICE. | |
163 | - Reenable and fix the GnuTLS support. | |
164 | - Add mbedTLS backend for SSL/TLS. | |
165 | - Remove EGD support. | |
166 | - Try other DNS servers if errors or corrupt replies are encountered. | |
167 | - Rename genssl.sh script to genssl. | |
168 | - Choose more secure SSL/TLS algorithms. | |
169 | - Fix reconnecting with SSL/TLS with some clients such as ChatZilla (see | |
170 | https://bugzilla.mozilla.org/show_bug.cgi?id=858394#c34 for details.) | |
171 | - Improve error messages about the configuration file. | |
172 | - Fix a crash when compiled with recent clang on 32-bit systems. | |
173 | - Fix various memory leaks in rehash. | |
174 | - Fix various code quality issues. | |
175 | - Add --with-shared-sqlite to allow distribution packages to link to a shared | |
176 | sqlite library. Using this is not recommended for on-server compilation. | |
177 | - ISUPPORT tokens which are actually provided by modules have been moved to their | |
178 | respective modules. | |
179 | ||
180 | ## charybdis-3.4.0 | |
181 | ||
182 | ### server protocol | |
183 | - Allow overriding opers (with the new extension) to op themselves on channels. | |
184 | - Allow RSFNC to change a nickname's capitalization only. | |
185 | - Add channel ban forwarding <mask>$<channel> much like ircd-seven. Local use | |
186 | of this is controlled by the channel::use_forward config option. | |
187 | - Add ENCAP TGINFO to propagate IP addresses that exceeded target change | |
188 | limits (these get a lower limit when they reconnect). | |
189 | ||
190 | ### user | |
191 | - Consider bogus CTCP ACTION messages (without action text) CTCP (for | |
192 | cmode +C). | |
193 | - Send ERR_TOOMANYCHANNELS for each channel join that fails due to channel | |
194 | limits. | |
195 | - Add account-notify client capability to notify clients about logins and | |
196 | logouts of users in common channels. See doc/account-notify.txt. | |
197 | - Add extended-join client capability to add account name and ircname to JOIN. | |
198 | - Add topic TS and channel TS constraints for /LIST (T<, T>, C<, C> | |
199 | parameters as in some other servers). | |
200 | - Disallow wildcarded nicknames in "hunted" parameters like /stats and /motd. | |
201 | - Disallow mIRC italics in channel names when disable_fake_channels. | |
202 | - Add AUTHENTICATE EXTERNAL support, allows SASL authentication using a | |
203 | certificate fingerprint. | |
204 | - Allow channel::kick_on_split_riding to protect channels with mlocked keys. | |
205 | - The NICKLEN token in 005 now only specifies the maximum usable nick length. | |
206 | The MAXNICKLEN token specifies the maximum nick length any user can have. | |
207 | - Disallow $ in usernames as this may cause problems with ban forwarding. | |
208 | - Add an error message (numeric 743) if a ban mask is invalid. | |
209 | - Extract the underlying IPv4 address from 6to4 and Teredo IPv6 addresses. | |
210 | Show it in a remote /whois and check channel bans, quiets, D:lines and | |
211 | K:lines against it. Note that ban exceptions and auth{} blocks are not | |
212 | checked. | |
213 | - Allow normal users to perform /privs on themselves, showing some privileges | |
214 | from the auth{} block. | |
215 | - Add away-notify client capability, see doc/away-notify.txt. | |
216 | - Add rate limit for high-bandwidth commands, in particular /who <channel>. | |
217 | - Rate limit /away to help avoid flooding via away-notify. | |
218 | - Apply colour stripping (cmode +c) and CTCP checking (cmode +C) to messages | |
219 | to @/+ channel as well. | |
220 | - Channel mode +c (and other places that disallow colour codes) now also strip | |
221 | ASCII 4 (a different kind of colour code). | |
222 | ||
223 | ### oper | |
224 | - Add operspy for /list. | |
225 | - Add a server notice to snomask +b if a user exceeds target change limits. | |
226 | - Add missing server notice for kills from RSFNC and SVSLOGIN. | |
227 | - Add /stats C to show information about dynamically loaded server | |
228 | capabilities. | |
229 | ||
230 | ### config | |
231 | - Add support for linking using SSL certificate fingerprints as the link | |
232 | credential rather than the traditional password pair. | |
233 | - Add m_roleplay extension, provides various roleplay commands. | |
234 | - Add override extension, umode +p oper override for opers with oper:override | |
235 | permission, with accountability notices and timeout. Note that opers cannot | |
236 | op themselves if there are older servers on the network. | |
237 | - Add channel::disable_local_channels config option. | |
238 | - Add support for IPv6 DNSBLs. A new "type" option specifies the IP version(s) | |
239 | for which each DNSBL should be checked. | |
240 | - Make flood control settings configurable by those who know exactly what they | |
241 | are doing. | |
242 | - Add serverinfo::nicklen config option to limit the nick length for local | |
243 | users. Different values of this option do not break the server protocol. | |
244 | - Add extb_usermode extension, $m:+-<modes> extban matching against umodes. | |
245 | - Extend extb_oper extension to allow matching against oper privileges. | |
246 | - Add m_remove extension, /remove command as in ircd-seven. | |
247 | - Add general::away_interval to allow configuring /away rate limiting. | |
248 | - Add listener::defer_accept to delay accepting a connection until the client | |
249 | sends data. This depends on kernel support. It may break BOPM checking. | |
250 | ||
251 | ### misc | |
252 | - In mkpasswd, default to SHA512-based crypt instead of MD5-based crypt. | |
253 | - Add --with-custom-branding and --with-custom-version configure options to | |
254 | help forks/patchsets distinguish themselves. | |
255 | - Change version control from Mercurial to GIT. | |
256 | - Ensure SIGHUP and SIGINT keep working after a SIGINT restart. | |
257 | - Add --enable-fhs-paths configure option to allow installing into a more | |
258 | FHS-like hierarchy. | |
259 | - Remove broken GnuTLS support. SSL/TLS is now only provided using OpenSSL. | |
260 | ||
261 | ## charybdis-3.3.0 | |
262 | ||
263 | ### server protocol | |
264 | - Add new BAN command, for propagated network-wide bans (K/X:lines and RESVs). | |
265 | These will burst to new servers as they are introduced, and will stay in sync | |
266 | across the whole network (new BAN capab). | |
267 | - Add new MLOCK command, to implement ircd-side channel mode locks. This allows | |
268 | services to send out a list of mode letters for a given channel which may not | |
269 | be changed, preventing mode fights between services and client bots (new MLOCK | |
270 | capab). | |
271 | ||
272 | ### user | |
273 | - New RPL_QUIETLIST(728) and RPL_ENDOFQUIETLIST(729) numerics are used for the | |
274 | quiet (+q) list, instead of overloading the ban list numerics. | |
275 | - Users may no longer change the topic of a -t channel if they cannot send to | |
276 | it. | |
277 | - Add help for EXTBAN, describing the syntax of extended bans in general, as | |
278 | well as the most common types. | |
279 | - Changed AWAY messages are now propagated to other servers. Previously, AWAY | |
280 | was only propagated when the user was not already away. | |
281 | - Channel mode +c (and other places that disallow colour codes) now also strip | |
282 | ASCII 29 (mIRC 7 italics). | |
283 | - Add auto-accept for user mode +g (callerid): Messaging a user while set +g | |
284 | will automatically add them to your accept list. | |
285 | - Add target change for channels. It applies to unopped, unvoiced and unopered | |
286 | users. This has the effect of stopping spambots which join, message and part | |
287 | many channels at a time. | |
288 | - Show RPL_WHOISLOGGEDIN in /whowas as well as in /whois entries. This adds at | |
289 | most an additional 0.5MB of memory usage. | |
290 | ### config | |
291 | - Add general::use_propagated_bans to switch the new BAN system on or off. | |
292 | - Add general::default_ident_timeout, to control the timeout for identd (auth) | |
293 | connections. | |
294 | - Add channel::channel_target_change to switch the new channel target change limits | |
295 | on or off. | |
296 | - Fix class::number_per_ident so that it also applies to connections without | |
297 | identd. | |
298 | - Change the example sslport option to 6697, which is more standard than 9999. | |
299 | ### misc | |
300 | - The custom channel mode API has been rewritten, allowing these modules to work | |
301 | correctly when reloaded, or loaded from the config file. | |
302 | - The EFNet RBL is now recommended, instead of DroneBL. | |
303 | - Remove the unsupported modules directory. | |
304 | - Numerous bug fixes and code cleanups. | |
305 | - In mkpasswd, default to MD5 crypt instead of insecure DES. | |
306 | ||
307 | ## charybdis-3.2.0 | |
308 | ||
309 | ### server protocol | |
310 | - Apply +z to messages blocked by +b and +q as well. (new EOPMOD capab) | |
311 | - Add new topic command ETB, allowing services to set topic+setter+ts always. | |
312 | (new EOPMOD capab) | |
313 | - The slash ('/') character is now allowed in spoofs. | |
314 | ||
315 | ### user | |
316 | - Add can_kick hook, based on the ircd-seven one. | |
317 | - Add cmode +C (no CTCP) from ircd-seven. | |
318 | - Flood checking has been reworked. | |
319 | - Fix op-moderate (cmode +z) for channel names with '@'. | |
320 | - Add CERTFP support, allowing users to connect with an SSL client | |
321 | certificate and propagating the certificate fingerprint to other servers. | |
322 | Services packages can use this to identify users based on client | |
323 | certificates. | |
324 | - Maintain the list of recently used targets (for the target change | |
325 | anti-spam system) in most-recently-used order, overwriting the least | |
326 | recently used target with a new one. This should be friendlier to users | |
327 | without giving spambots anything. | |
328 | - Do not require target change slots for replying to the last five users to | |
329 | send a private message, notice or invite. | |
330 | - Apply target change restrictions to /invite. | |
331 | - Apply umode +g/+R restrictions to /invite, with the difference that | |
332 | instead of sending "<user> is messaging you" the invite is let through | |
333 | since that is just as noisy. | |
334 | ||
335 | ### oper | |
336 | - Add /rehash throttles to clear throttling. | |
337 | - Send all server notices resulting from a remote /rehash to the oper. | |
338 | - '\s' for space is now part of the matching, not a substitution at xline | |
339 | time, fixing various issues with it. | |
340 | - Display o:line "nickname" in oper-up server notices. | |
341 | - Fix sendq exceeded snotes for servers. | |
342 | - SCAN UMODES: default list-max to 500, like a global WHO. | |
343 | - Ignore directory names in MODRELOAD to avoid crashing if it is a core | |
344 | module and the path is incorrect. | |
345 | - Tweaks to spambot checks. | |
346 | ||
347 | ### config | |
348 | - Add channel::only_ascii_channels config option to restrict channel names | |
349 | to printable ascii only. | |
350 | - Add channel::resv_forcepart, forcibly parts local users on channel RESV, | |
351 | default enabled. | |
352 | ||
353 | ### misc | |
354 | - New mkpasswd from ircd-ratbox. | |
355 | - Check more system calls for errors and handle the errors. | |
356 | - Various ssld/libratbox bugfixes from ircd-ratbox. [some MERGED] | |
357 | - Fix fd passing on FreeBSD/amd64 and possibly Solaris/sparc. [MERGED] | |
358 | - Various documentation improvements. [some MERGED] | |
359 | - Fix some crash issues. [MERGED] | |
360 | - Add bandb from ircd-ratbox, which stores permanent dlines/klines/xlines/resvs | |
361 | in an sqlite database instead of a flatfile and does the storage in a | |
362 | helper process. Use bin/bantool -i to import your old bans into the | |
363 | database. | |
364 | ||
365 | ## charybdis-3.1.0 | |
366 | ||
367 | - Remove TS5 support. No TS5 servers are permitted in a network with | |
368 | charybdis 3.1.0 or newer, except jupes. | |
369 | - Replace oper flags by privilege sets (privsets). This adds an extra | |
370 | level of indirection between oper flags and operator blocks. /stats O | |
371 | (capital O) shows the configured privsets. | |
372 | - Update libratbox and ssld from upstream and use it better. | |
373 | - Add auth_user to auth{}. This allows specifying a username:password instead | |
374 | of just a password in PASS, so that a fixed user@host is not necessary | |
375 | for a specific auth{} block. | |
376 | - Add need_ssl to auth{} and operator{}. This makes these blocks reject | |
377 | the user if not connected via SSL. | |
378 | - Allow modules to provide simple channel modes without parameter. | |
379 | - Remove restrictions on CNAME in the resolver. | |
380 | - Make the resolver remember nonresponsive nameservers. | |
381 | - Move nick collision notices from +s to +k. | |
382 | - Add additional information to various server notices about server | |
383 | connections. | |
384 | - Show throttle information in /stats t. | |
385 | - Show rejectcache and throttle information in /testline. | |
386 | - Show oper reason in /testline. | |
387 | - Allow opers to see other users' umodes with /mode <nick>. | |
388 | - SCAN UMODES GLOBAL NO-LIST MASK <mask> is no longer an operspy command. | |
389 | - Also apply floodcount to messages to remote clients (except services). | |
390 | - Remove user@server messages to local users. Sending such messages to | |
391 | remote servers is still possible, for securely messaging pseudoservers | |
392 | whether service{}'ed or not. The special oper-only syntax opers@server | |
393 | remains as well. | |
394 | - Allow /list on a named +p channel. A full /list already included +p channels. | |
395 | - Add operspy /topic. | |
396 | - For remote rehashes, send error messages to the requesting oper as well. | |
397 | - Disable autoconnect for a server with excessive TS delta. | |
398 | - Disallow invites to juped channels. | |
399 | - Warn about certain duplicate and redundant auth blocks. | |
400 | - Make PRIVMSG/NOTICE behave as CPRIVMSG/CNOTICE automatically if possible. | |
401 | - Allow +z messages from outside if a channel is -n. | |
402 | - Allow coloured part reasons in -c channels. | |
403 | - Add ircu-like WHOX support. This allows requesting specific information | |
404 | in /who and allows obtaining services login name for all users in a | |
405 | channel. XChat/Conspire use WHOX to update away status more efficiently. | |
406 | - Allow opers and shide_exempt users to see hopcounts even if flatten_links | |
407 | is on. | |
408 | - Rework ip_cloaking. | |
409 | - Add the IP address to userlog, as in ircd-ratbox 3.0. | |
410 | - Split cidr_bitlen into cidr_ipv4_bitlen and cidr_ipv6_bitlen. | |
411 | - Allow using ziplinks with SSL connections. This is not as efficient as | |
412 | using OpenSSL's built in compression, but also works with older versions | |
413 | of OpenSSL. | |
414 | - Fix an off by one error with zipstats processing, which could overwrite | |
415 | a variable with NULL causing a crash on some systems. | |
416 | - Document some extensions in charybdis-oper-guide. | |
417 | - Add more server protocol documentation. | |
418 | - Add m_sendbans extension, SENDBANS command to propagate xlines and resvs | |
419 | manually. | |
420 | - Add chm_sslonly extension, cmode +S for SSL/TLS only channels. | |
421 | - Add chm_operonly extension, cmode +O for IRCop only channels. | |
422 | - Add chm_adminonly extension, cmode +A for server admin only channels. | |
423 | - Various code cleanups. | |
424 | ||
425 | ## charybdis-3.0.4 | |
426 | ||
427 | - Fix a crash on certain recent versions of Ubuntu. | |
428 | - Allow 127.x.y.z for DNSBL replies instead of just 127.0.0.x. | |
429 | - Various documentation improvements. | |
430 | ||
431 | ## charybdis-3.0.3 | |
432 | ||
433 | - Fix IPv6 D:lines | |
434 | - Fix rejectcache and unknown_count. | |
435 | - Fix genssl.sh. | |
436 | - Fix ident for SSL/TLS connections. | |
437 | - Fix SSL/TLS bugs for servers with more than about 100 connections. | |
438 | - Small bugfixes. | |
439 | ||
440 | ## charybdis-3.0.2 | |
441 | ||
442 | - Improve OLIST extension error messages. | |
443 | - Improve some kline error checking. | |
444 | - Avoid timing out clients if we are still waiting for a DNSBL lookup. | |
445 | - Fix resolver hangs with epoll. | |
446 | - Fix compilation without zlib. | |
447 | ||
448 | ## charybdis-3.0.1 | |
449 | ||
450 | - Fix occasional hung clients with kqueue. | |
451 | - Fix a rare ssld crash. | |
452 | - Fix a bug that could cause incorrect connect failure reasons to be | |
453 | reported. | |
454 | - Make the IRCd work on MacOS X again. | |
455 | ||
456 | ## charybdis-3.0.0 | |
457 | ||
458 | - Port the IRCd to libratbox, which has improved our portability and allows | |
459 | us to reuse low-level code instead of maintaining our own. | |
460 | - Change configuration of maximum number of clients to ircd-ratbox 3 way. | |
461 | - Add adminwall from ircd-ratbox, as an extension. | |
462 | - Add client and server-to-server SSL, read example.conf for setup. | |
463 | - Replace servlink with ssld (also for ziplinks). | |
464 | - A new extban, $z, has been added for ssl users (extensions/extb_ssl.so). | |
465 | - A new compatibility channel mode, +R, has been added, it sets | |
466 | +q/-q $~a (extensions/chm_operonly_compat.so). This is similar to | |
467 | the +R seen in ircd-seven. | |
468 | - A new compatibility channel mode, +S, has been added, it sets | |
469 | +b/-b $~z (extensions/chm_sslonly_compat.so). | |
470 | - A new compatibility channel mode, +O, has been added, it sets | |
471 | +iI/-iI $o (extensions/chm_operonly_compat.so). | |
472 | - Add remote D:lines. Note that these are not enabled by default. | |
473 | - Remove EFnet-style G:lines. Noone appears to use these. | |
474 | - Remove idle time checking (auto disconnecting users idle too long). | |
475 | - Display a notice to clients when the IRCd is shut down using SIGTERM. | |
476 | - Some error messages have been clarified to enhance usability. | |
477 | - Close the link to servers that send invalid nicks (e.g. nicklen mismatches). | |
478 | Formerly the users were killed from the network. | |
479 | - Enable topicburst by default in connect{}. | |
480 | - Fix a potential desync which can happen with oper override. | |
481 | - Remove "deopped" flag (TS5 legacy). | |
482 | - Use 127.0.0.1 as nameserver if none can be found in /etc/resolv.conf. | |
483 | - Only accept 127.0.0.x as a dnsbl listing. | |
484 | - Change cloaking module (same as 2.2.1, different from 2.2.0). | |
485 | - Make some more server notices about failed remote connect attempts | |
486 | network wide. | |
487 | - Make some server notices about flooders and TS delta network wide. | |
488 | - Remove redundant "<server> had been connected for <time>" server notice. | |
489 | - Add resv oper privilege to control /resv, /unresv and cmode +L and +P, | |
490 | enabled by default. | |
491 | - Add mass_notice oper privilege to control global notices and /wallops, | |
492 | enabled by default. | |
493 | - Rework unkline/undline/unxline/unresv so they show the exact item removed | |
494 | and do not rehash bans. | |
495 | - Show opers a list of recently (<24hrs) split servers in /map. | |
496 | - Add /privs command, shows effective privileges of a client. | |
497 | ||
498 | ## charybdis-2.2.0 | |
499 | ||
500 | - The I/O code has been reworked, file descriptor metadata is stored in a | |
501 | hashtable and the maximum number of clients can now be set in ircd.conf. | |
502 | - Improve error checking and error messages for kline/dline/xline/resv files. | |
503 | - Allow kline ipv6:address, unkline some.host and unkline ipv6:address | |
504 | without *@. | |
505 | - Add accountability (wallops, log) to OKICK extension. | |
506 | - Add opernick to OPME/OMODE/OJOIN log messages. | |
507 | - Add use_forward option, allows disabling cmode +fFQ and umode +Q. | |
508 | - Add keyword substitution to DNSBL reasons, making it possible to show | |
509 | things like the user's IP address in the reason. | |
510 | - Use sendto_one_notice() more. | |
511 | - Server notices about kills now include the victim's nick!user@host instead | |
512 | of just nick. | |
513 | - Include real hostname in Closing Link message for unknown connections | |
514 | that have sent USER, in particular banned users. | |
515 | - Add some documentation about the SASL client protocol. | |
516 | - Change spambot, flooder and jupe joiner notices from host to orighost. | |
517 | - Remove the last remains of server hostmasking (this made it possible to | |
518 | have multiple servers with similar names appear as a single server). | |
519 | - Keep bitmasks of modularized umodes reserved forever to the letter, | |
520 | avoiding problems when reloading umode modules in a different order. | |
521 | - Fix -logfile. | |
522 | - Update to the new revision (v8) of the TS6 spec, this fixes problems with | |
523 | joins reversing certain mode changes crossing them. This interoperates | |
524 | with older versions. | |
525 | - Put "End of Channel Quiet List" at the end of +q lists. | |
526 | - Fix invisible count getting desynched from reality if the act of opering | |
527 | up sets -i or +i. | |
528 | - Don't leak auth{} spoofed IP addresses in +f notices. | |
529 | - Shorten quit/part/kick reasons to avoid quit reasons overflowing the | |
530 | client exiting server notice (from TOPICLEN to 260). | |
531 | - Fix some cases where 10 char usernames lose their final character. | |
532 | - Move username check after xline and dnsbl checks, so it will not complain | |
533 | to opers about clients who are xlined or blacklisted anyway (both of | |
534 | which silently reject). | |
535 | - Remove invite_ops_only config option, forcing it to YES. | |
536 | - Allow /invite (but not invex) to override +r, +l, +j in addition to +i. | |
537 | - Add several new extensions, such as createoperonly. | |
538 | - Merge whois notice extensions into one and move it from snomask +y to +W. | |
539 | ||
540 | ## charybdis-2.1.2 | |
541 | ||
542 | - Fix bug that could cause all hostmangled users to be exempted when a | |
543 | single ban exception existed on a channel. | |
544 | - Tweak \s code a little. | |
545 | - Add a minor clarification to the SGML docs. | |
546 | - Avoid truncation in ip_cloaking (by removing components on the other side). | |
547 | Note that this may cause channel +bqeI modes set on such very long hosts | |
548 | to no longer match. | |
549 | ||
550 | ## charybdis-2.1.1 | |
551 | ||
552 | - Search the shortest list (user's/channel's) when looking up channel | |
553 | memberships. | |
554 | - Make the SID-collision notice look right under all conditions. | |
555 | - Move kills from services from +s to +k snomask. | |
556 | - When no_tilde is present on an auth{} block, check the non-tilde version | |
557 | of the user@host against k:lines as well. | |
558 | - Put full reason in the SQUIT reason when a server is rejected for | |
559 | insufficient parameters being passed to a command. | |
560 | - Don't redirect users to an existing domain, irc.fi. | |
561 | - Improve communication of servlink-related error messages. | |
562 | ||
563 | ## charybdis-2.1.0 | |
564 | ||
565 | - Our official website is now http://www.ircd-charybdis.org/. | |
566 | - Make RPL_ISUPPORT (005 numeric) modularizable. | |
567 | - Also do forwarding if the channel limit (+l) is exceeded. | |
568 | - Don't count opers on service{} servers in /lusers. | |
569 | - Allow servers to send to @#chan and +#chan. | |
570 | - Allow +S clients (services) to send to channels and @/+ channels always. | |
571 | - Allow normal match() on IP address also in /masktrace. | |
572 | - Add new testmask from ratbox 2.2. Allows matches on nick, ip and gecos | |
573 | in addition to user and host, and is fully analogous to masktrace. | |
574 | The numeric has changed from 724 to 727 and fields in it have changed. | |
575 | - Show IP addresses to opers in /whowas. | |
576 | - Add extb_extgecos extban option ($x:nick!user@host#gecos), from sorcery | |
577 | modules. | |
578 | - Add extb_canjoin extban option ($j:#channel), matches if the user is banned | |
579 | from the other channel. | |
580 | - Allow opers to /who based on realhost. | |
581 | - Allow opers to /masktrace, /testmask based on realhost. | |
582 | - Add general::operspy_dont_care_user_info, limits operspy accountability to | |
583 | channel-related information. | |
584 | - Make host mangling more reliable. | |
585 | - Prevent ban evasion by enabling/disabling host mangling. | |
586 | - Add EUID, sends real host and services account in the same command as other | |
587 | user information. | |
588 | - Make it possible to send CHGHOST without ENCAP (fixes problems with old | |
589 | services). | |
590 | - Allow service{} servers to manipulate the nick delay table (for "nickserv | |
591 | enforcement", aka SVSHOLD). | |
592 | - Send server notices about connections initiated by remote opers network wide. | |
593 | - Fix too early truncation of JOIN channel list. | |
594 | - Make the newconf system available to modules. | |
595 | - Add /stats s to the hurt module to list active hurts. | |
596 | - Add general::servicestring, shown in /whois for opered services (+oS). | |
597 | - Show real host/IP behind dynamic spoof in /whois to the user themselves | |
598 | and opers. | |
599 | - Document option to disable nick delay. | |
600 | - Improve logging of server connections. | |
601 | - Clean up handling of hostnames in connect blocks. | |
602 | - Remove support for resolving ip6.int, people should be using ip6.arpa. | |
603 | - Unbreak --disable-balloc (useful for debugging with tools like valgrind). | |
604 | - Make Solaris 10 I/O ports code compile. | |
605 | - Add WEBIRC module to allow showing the real host/IP of CGI:IRC users. | |
606 | - Comment out blacklist{} block in example confs, as AHBL requires | |
607 | notification before use. | |
608 | - Fix some bugs relating to the resolver. | |
609 | ||
610 | ## charybdis-2.0.0 | |
611 | ||
612 | - Replace ADNS with a new smaller resolver from ircu and hybrid. | |
613 | - Make services shortcuts (/chanserv etc) configurable in ircd.conf. | |
614 | - Add extban: extensible +bqeI matching via modules. Syntax is | |
615 | $<type>[:<data>]. By default no modules are loaded. | |
616 | - Add DNS blacklist checking. | |
617 | - Change operator{} block user@host from host to orighost. This means that | |
618 | services/+h spoofs do not work in operator{} blocks; auth{} spoofs still | |
619 | work. Check your operator{} blocks! | |
620 | - Split contrib/ into extensions/ and unsupported/. | |
621 | - Change CHGHOST do show the change to all other clients on common channels | |
622 | with quit/join/mode. | |
623 | - Add /rehash nickdelay to clear out the nickdelay tables. | |
624 | - Glines are now disabled in the example confs. | |
625 | - Show more error messages on stderr. | |
626 | - Add OMODE command to extensions/ for easier oper mode hacking. | |
627 | - Add HURT system to extensions/; this shuns clients matching certain host/ip | |
628 | unless and until they identify to services. Mainly intended for SorceryNet. | |
629 | - Show SASL success and failure counts in /stats t. | |
630 | - Allow more frequent autoconnects to servers. | |
631 | - Messaging services by nickname no longer uses target change slots. | |
632 | - Only accept SASL from servers in a service{} block. | |
633 | - New auth{} flag need_sasl to reject users who haven't done SASL | |
634 | authentication. | |
635 | - Expand blah.blah and blah:blah to *!*@... instead of ...!*@* for bans | |
636 | - Don't allow opers to fake locops/operwall to +w. | |
637 | - Documentation updates. | |
638 | - Many bugfixes. | |
639 | ||
640 | ## charybdis-1.1.0 | |
641 | ||
642 | - Implement SAFELIST. | |
643 | - Incorporate ircu's match() algorithm. | |
644 | - Improve usermode modularization. | |
645 | - Seperate server notices into a seperate snomask, freeing up many | |
646 | usermodes to be used. | |
647 | - Add support for SIGNON originating from Hyperion2. | |
648 | - Modularize many server notices into seperate modules. | |
649 | - Add hooks for can_join and can_create_channel. | |
650 | - Add support for SASL authentication. | |
651 | - Add introduce_user hook for adding new messages when a user is bursted. | |
652 | - Move a large part of the ircd into libcharybdis. | |
653 | - Don't complain "unknown user mode" if a user tries to unset | |
654 | a mode they do not have access to. | |
655 | - Update our challenge specification to the challenge implementation in | |
656 | ratbox 2.2 for interoperability. | |
657 | - Make +f notices network-wide (local host, global host, | |
658 | global user@host, local class), other notices tied to +f remain local. | |
659 | - Allow ENCAP REALHOST outside of netburst. | |
660 | - Add general::global_snotices option to make server notices be | |
661 | network-wide or not. | |
662 | - Add sno_farconnect.c to contrib, provides farconnect support. | |
663 | Could be useful for BOPM. | |
664 | - Add sno_routing.c which displays information about netsplits, netjoins | |
665 | and the clients affected by them. | |
666 | - Add CHANTRACE and TRACEMASK commands from ratbox 3.0 | |
667 | - Use IsOperAdmin() instead of IsAdmin() when sending admin-only messages, | |
668 | that way hidden admins get them too. | |
669 | - Add m_error to core_module_table, somehow it was missing. | |
670 | - Correct a format string bug that occurs when a read error is | |
671 | received. | |
672 | - Add some logging in places where we drop servers and only notify | |
673 | server operators. | |
674 | - Track hostmask limits based on a client's original host, if | |
675 | available. | |
676 | - Move HIDE_SPOOF_IPS into the general {} block in ircd.conf | |
677 | ||
678 | ## charybdis-1.0.3 | |
679 | ||
680 | - Fix /invite UID leak. (Found by logiclrd@EFnet.) | |
681 | - Incorporate ratbox bugfixes for the MONITOR system. | |
682 | - Made show_ip() less braindead. | |
683 | - Show real errno if we fail to connect to a server. | |
684 | - Don't disclose server IP's when a connection fails. | |
685 | - Do not show the channels a service is sitting in. | |
686 | - Reverted the aline code from hybrid-7.2 | |
687 | - Make sure TS6 services are recognized properly if connected remotely. | |
688 | - Tweak something in services support for cyrix boxes. | |
689 | ||
690 | ## charybdis-1.0.2 | |
691 | ||
692 | - Fix propagation of an empty SJOIN (permanant channels). | |
693 | - Fix an exploit involving a malformed /trace request. | |
694 | - Don't display a blank RPL_WHOISCHANNELS in a remote whois request. | |
695 | - Allow modules to provide new usermodes. | |
696 | - On a nickname collision, change the collided nick to their unique ID, | |
697 | if general::collision_fnc is enabled in the config. | |
698 | - Don't allow UID lookups in /monitor + and /monitor s | |
699 | - Fix a garbage issue with channel mode +j. | |
700 | - Apply proper capability flags to the proper server in me_gcap(). | |
701 | - Use find_named_person() instead of find_person() in a nick collision. | |
702 | - Prevent UID disclosure in cmode setting. | |
703 | - Prevent UID disclosure to remote clients in /kick. | |
704 | - Do not allow users to query via /whois <server> <UID>. | |
705 | - Don't allow local users to use UID's in local usermode changes. | |
706 | - Propagate +q lists on netjunction. | |
707 | - Clear +q lists on a lowerTS SJOIN. | |
708 | - Ported a generic k/d/x-line parser from hybrid-7.2 which resulted in | |
709 | duplicate code reduction. | |
710 | - Fix linebuf raw code to not truncate lines longer than 512 bytes; | |
711 | improves ziplink reliability on net junction. | |
712 | - Use find_named_person() vs find_person() in services alias code. | |
713 | - Fix issue where channel forwarding token can be lost on net junction. | |
714 | - Fix empty channel desync issues involving +P. | |
715 | - Remove unused non-ENCAP CHGHOST support. | |
716 | - Use TS6 form for SQUIT wallops. | |
717 | - Propagate nickname changes for remote clients in TS6 form if possible, | |
718 | even if sent in TS5 format. | |
719 | - Only clear oper_only_umodes for local clients on deoper. | |
720 | ||
721 | ## charybdis-1.0.1 | |
722 | ||
723 | - Display logged in status on non-local clients too. | |
724 | - Documentation updates | |
725 | - Fix a bug with forward target authorization. | |
726 | - Fix a bug with mode propagation (+Q/+F). | |
727 | - Change ERR_NOSUCHNICK to ERR_SERVICESOFFLINE in services aliases. | |
728 | - Add remote rehashing. | |
729 | - Document service { } blocks (u:lines on ircu). | |
730 | - Document identify_service and identify_command in reference.conf. | |
731 | ||
732 | ## charybdis-1.0 | |
733 | ||
734 | - Implement channel mode +L for channel list limit exemptions. | |
735 | - Implement channel mode +P primarily as a status mode, permanant | |
736 | channel -- this is usually enforced via services registrations. | |
737 | - Change behaviour of /stats p: now displays all staff members instead | |
738 | of local ones only. | |
739 | - Make oper_list global, add local_oper_list for local traffic. | |
740 | - Strip control codes from parts and quits. | |
741 | - Add channel mode +c which strips control codes from messages sent to | |
742 | the channel. | |
743 | - Add channel mode +g which enables free use of the /invite command. | |
744 | - Add channel mode +z which sends rejected messages to channel ops. | |
745 | Could be useful for Q&A sessions or other similar events. | |
746 | - Add channel quietmasks. These are recommended over the use of channel | |
747 | bans used to remove a user's ability to participate in the channel. | |
748 | - Add channel join throttling mode, +j. Used to throttle channel join | |
749 | traffic, i.e. join/part flood attacks. Syntax: +j <joins>:<timeslice> | |
750 | - Improvements to channel_modes(), from shadowircd -- allows for | |
751 | better construction of the mode string. | |
752 | - Use the undernet throttle notice instead of bancache message when | |
753 | dealing with rejected clients. (stolen from ircu2.10.12) | |
754 | - Add channel forwarding, via channel mode +f, behaves similarly to | |
755 | dancer-ircd version. | |
756 | - Update example.conf to reflect AthemeNET changes. Original ratbox | |
757 | config is now reference.conf. | |
758 | - Services account names are now tracked globally. | |
759 | - Add channel mode +Q which disables the effects of channel forwarding | |
760 | on a temporary basis. | |
761 | - Add channel mode +F which allows anybody to disable forwarding target | |
762 | authorisation, voluntarily on their channels. | |
763 | - Make wallops behave like normal wallops. | |
764 | - Add services aliases: /ns, /cs, /os, /nickserv, /chanserv, /operserv. | |
765 | - Add simple hack that enables use of server password for automatic | |
766 | identify. |