1
0
mirror of https://github.com/unrealircd/unrealircd.git synced 2026-07-01 16:06:37 +02:00
Commit Graph

2051 Commits

Author SHA1 Message Date
Bram Matthys 665d01b7ea Update release notes
[skip ci]
2026-05-02 19:34:30 +02:00
Bram Matthys 17f78de265 Bump version to 6.2.5-git 2026-05-01 19:47:03 +02:00
Bram Matthys abbbcd16a9 ** UnrealIRCd 6.2.4 ** 2026-04-17 06:13:38 +02:00
Bram Matthys 3c71a03781 Update subdomain URL 2026-04-10 17:44:25 +02:00
Bram Matthys 1334304426 Sigh...
[skip ci]
2026-04-04 08:17:34 +02:00
Bram Matthys 778cf4de82 ** UnrealIRCd 6.2.4-rc1 ** 2026-04-04 08:00:48 +02:00
Bram Matthys 7aa1157474 Downgrade libsodium to 1.0.20 to fix arm64 compile issue
Version 1.0.21 which we shipped with 6.2.3 has this bug, reported
by PhotoJim at https://bugs.unrealircd.org/view.php?id=6615.

And yes, libsodium also has this weird -stable thing, which does
have the fix, but that's basically just a snapshot of their git
version, it's a .tar.gz that gets updated every X time and it does
not have a GPG signature, while I have the policy nowadays to
verify GPG signatures for libraries we ship. So I am option to just
downgrade a version, for now, which is fine since we shipped with
1.0.20 for quite some time until recently.
2026-04-04 06:51:41 +02:00
Bram Matthys 70a05cb591 Update release notes a bit
[skip ci]
2026-04-03 19:24:10 +02:00
Bram Matthys 71fe07b445 Update release notes (fix link)
[skip ci]
2026-04-03 09:58:22 +02:00
Bram Matthys a1dc459a33 Update +H limit and write release notes regarding draft/multiline support.
For +H we now temporarily allow overshooting. This only matters for low limits.
Multiline batches are atomic so we have to choose to keep them as a whole
or remove the complete batch. So if +H 5:1h and the last message was a 15-line
multiline event, what do we do? We allow temporary overshooting to store the
15 lines. As said, the alternative would be to store 0 lines which would be
worse in terms of functionality, and the small overshoot is defensible.

For higher limits (where the +H line limit is bigger than multiline max-lines),
we always stay under the +H limit. Eg if all history in a channel consists
of 15 line multiline events and we have +H 100 then we will store 90, not 105.
It's only for +H linelimit < max-lines that this matters, because there the
zero-lines consequence sucks too much ;)
2026-04-02 20:24:21 +02:00
Bram Matthys 72de809548 Add auto-generated translations for HELPOP CHMODEF about 'p'.
To be honest i don't even like the Dutch one myself but at least
it is a placeholder. Translators are free to fix it ;).
2026-03-30 16:28:27 +02:00
Bram Matthys 1df465a6a5 Add +f subtype 'p' (for 'paste'). So [2p]:15 means max 2 pastes per 15s.
This way you can limit the number of pastes going on in a channel, as
this is from everyone in that channel (like 'm') not individual (like 't').
If it is exceeded then we will simply reject the BATCH, similar to
how action d(rop) works for some other subtypes. You won't see the paste
on the channel, only the sending user receives an error (MULTILINE_PASTE_LIMIT).

Small note: a multiline BATCH of just 2 lines is not considered a paste.
We consider a multiline of 3+ lines as a paste. I think that is reasonable,
since a two-line-multiline is not that much of a paste ;).

In the default anti-flood profile (+F normal) we also set 2p per 15s,
so this means channels are by default limited to 2 pastes per 15s max.
Of course, you can override this with +f [4p]:15 or whatever you like.
In terms of +F profiles, the defaults are (maximum x pastes per 15 seconds):
very-strict: 1p
strict: 1p
normal: 2p
relaxed: 2p
very-relaxed: 3p
2026-03-30 14:55:03 +02:00
Bram Matthys ed16dad40e Add a bunch of crule functions:
* Boolean checks: is_oper, is_local, has_swhois
* Match functions: match_class, match_server, match_vhost,
  match_realhost, match_away, match_asname, match_operlogin,
  match_operclass, match_sni, match_tls_cipher
* Numeric counters: connections_from_ip, channel_count,
  channel_member_count, idle_time
* Traffic stats: messages_sent, messages_received, bytes_sent,
  bytes_received
* Text analysis: text_byte_count, text_character_count, word_count,
  uppercase_percentage, digit_percentage, non_ascii_percentage,
  max_repeat_count, mixed_utf8_score, unicode_block_count

Will do a more thorough audit and look at adding some kind of
tests tomorrow.
2026-03-24 19:33:55 +01:00
Bram Matthys 3dd449139b Conditional Config: add @warning "aaa" and @error "bbb"
As usual, this is mostly for configuration templates that you use for
multiple servers, that sort of things, eg.

@if !environment("ADMIN")
@error "Environment variable ADMIN is not set"
@endif

This also adds a change in conf.c so @define, @error and
@warning are skipped in @if blocks that evaluate to false
(that's obviously what everyone wants :D). So that fixes a
previous bug with @define in @if.
2026-03-23 18:47:16 +01:00
Bram Matthys 3521d96f9d This adds module-version("examplemod") and using functions in $define,
such as $define ADMIN environment("ADMIN")
2026-03-23 17:58:36 +01:00
Bram Matthys cf101ca114 Conditional Config: add @if environment("VARNAME") == "something"
to check environment variables.

This also means functions can now return values, so some changes
under the hood. This also moves the <=, >=, <, > ops code.
2026-03-23 17:33:02 +01:00
Bram Matthys 93a485db21 Conditional Config: add support for @else
Actually surprisingly easy due to simply flipping item->negative :D
2026-03-22 19:36:54 +01:00
Bram Matthys 100abaa82d Conditional Config: add support for <, >, <= and >= in @if $SOMETHING ...
And also don't require double quotes on the right hand side.

So you now use something like: @if $MAXCONNECTIONS >= 1024
2026-03-22 19:16:51 +01:00
Bram Matthys 17a8182efc Condition Config: add minimum-version() and file-exists().
So: `@if minimum-version("6.2.4")` and `@if file-exists("filename")`.
2026-03-22 18:41:30 +01:00
Bram Matthys 9258875d0f Add @if module-exists("third/coolmod") so you can conditionally
loadmodule + set config items

This checks the file on-disk, which is slightly different than
@if module-loaded("third/coolmod") which checks if it is loaded.
2026-03-22 18:20:36 +01:00
Bram Matthys 27864e8d0e Add new variables in Conditional Config (https://www.unrealircd.org/docs/Conditional_config):
$CONFDIR, $DATADIR, $LOGDIR, $TMPDIR, $DOCDIR, $MODULESDIR, $MAXCONNECTIONS.
2026-03-22 18:07:17 +01:00
Bram Matthys 82481cc083 NO_GEOIP_CONFIG => NO_DEFAULT_GEOIP to make it consistent
As we also have NO_DEFAULT_RPC_SOCKET and NO_DEFAULT_LOG_MEMORY_BLOCK
2026-03-22 17:58:36 +01:00
Bram Matthys ba3fa1d7b6 Update GeoIP question in ./Config and use some magic to support both
geoip_classic and geoip_mmdb in modules.default.conf with Conditional
Config, a dynamic loadmodule line, and auto-updates.

Somewhere in a later version, probably 6.2.5, we will default to mmdb
for all cases.
2026-03-22 17:52:57 +01:00
Bram Matthys d467005816 Bleh :) 2026-03-22 16:20:25 +01:00
Bram Matthys 69c9130da1 Bump version to 6.2.4-git 2026-03-22 13:45:28 +01:00
Bram Matthys d150da8ea5 Make "geoip_mmdb" the default GEOIP module. So it receives testing.
I still need to update ./Config. I guess we will remove that question
entirely.
2026-03-22 13:38:20 +01:00
Bram Matthys 2d145b0f2c ** UnrealIRCd 6.2.3 ** 2026-03-06 08:23:30 +01:00
Bram Matthys 98709af7a3 modules.optional.conf: extjwt::service::method is required
(which is fine, i think)
2026-03-06 08:22:53 +01:00
Bram Matthys cc1c1c5a73 Update doc/unrealircd_wiki.zim for 6.2.3
[skip ci]
2026-03-06 08:02:19 +01:00
Bram Matthys a841911882 Mention extjwt { } in the release notes: it had API updates, build tests
and we now have documentation on the wiki.

Plus some other textual changes.

[skip ci]
2026-03-06 07:44:13 +01:00
Bram Matthys 7865675917 Fix OOB write if a trusted linked server sends malicious data.
NOTE: Linked servers are considered trusted in UnrealIRCd.

This is not exploitable beyond a crash, due to -fstack-protector-all,
a hardening compiler flag we added many years ago. Even without
that flag it would be rather difficult, and i didn't manage to,
but this should never happen anyway since this flag is only
missing in gcc/clang versions that are more than 15 years old.

This issue was introduced by the move to CMD_BIGLINES in
6c5de62c18 in 6.2.2 release.
2026-03-06 07:14:10 +01:00
Bram Matthys cd317e678c Update release notes on latest two changes.
[skip ci]
2026-02-25 15:21:57 +01:00
Bram Matthys bd1ccde9c3 ** UnrealIRCd 6.2.3-rc2 ** 2026-02-25 08:28:20 +01:00
Bram Matthys 2f839c85f7 Reorder some release notes items 2026-02-23 10:54:12 +01:00
Bram Matthys 93c26c2d42 Update release notes. 2026-02-23 10:04:08 +01:00
Bram Matthys 3a96bdf6ec Add set::allow-setident (default: 'no'), set::allow-setname ('yes')
Two new settings that control the use of `SETIDENT` and `SETNAME`:
* [set::allow-setident](https://www.unrealircd.org/docs/Set_block#set::allow-setident)
  now defaults to 'no'. Previously all users were allowed to change their
  ident (taking into account
  [set::allow-userhost-change](https://www.unrealircd.org/docs/Set_block#set::allow-userhost-change)
  restrictions).
* [set::allow-setname])(https://www.unrealircd.org/docs/Set_block#set::allow-setname)
  has a default of 'yes' which matches older UnrealIRCd versions (no change).
  Perhaps some admins who use controlled (web)chats may want to set this
  to 'no' if users are not supposed to change their realname/gecos.
  This is probably rare, but they have the option now.
2026-02-23 08:58:39 +01:00
Bram Matthys fb0649f14a Use full RELRO for modules (use HARDEN_LDFLAGS in MODULEFLAGS)
Previously, due to HARDEN_LDFLAGS missing in MODULEFLAGS we were
only partial RELRO instead of full RELRO. This is a defense-in-
depth measure but is good to have and the ommission was unintended.
2026-02-22 15:37:45 +01:00
Bram Matthys 8be6337e71 Update release notes
[skip ci]
2026-02-22 13:28:56 +01:00
Bram Matthys d8e631bacb ** UnrealIRCd 6.2.3-rc1 **
(not 6.2.2-rc1 :D)
[skip ci]
2026-01-31 10:14:21 +01:00
Bram Matthys bb4d1b528f ** UnrealIRCd 6.2.2-rc1 **
(Actually the Windows build is still building :D)
2026-01-31 09:44:57 +01:00
Bram Matthys 287184649c Update doc/unrealircd_wiki.zim to version of 2026-01-31. 2026-01-31 09:43:35 +01:00
Bram Matthys 4218010000 Update curl-ca-bundle to latest version (Dec 2 04:12:02 2025 GMT)
[skip ci]
2026-01-30 13:00:33 +01:00
Bram Matthys 6083c039cd Update shipped libs: PCRE2 (10.47), Jansson (2.15.0), Sodium (1.0.21) 2026-01-30 12:58:12 +01:00
Bram Matthys bd1e25d017 Slightly raise default set::handshake-timeout from 30 to 40 seconds. 2026-01-28 09:44:49 +01:00
Bram Matthys ad1b59b4bd Update release notes a bit (what we have so far)
[skip ci]
2026-01-28 09:37:45 +01:00
Bram Matthys 3925cea089 Update release notes a bit
[skip ci]
2026-01-23 08:11:01 +01:00
Bram Matthys de05bb9654 Bump version to 6.2.3-git and write some early release notes 2026-01-04 10:20:46 +01:00
Bram Matthys 21d58a7ebd Do the same as previous commit for the help.*.conf translations
This transplants commits 2868c3fedb
to doc/conf/help/help.*.conf
2026-01-04 09:47:37 +01:00
Bram Matthys 2868c3fedb help.conf: try to be consistent by documenting only end-user commands,
thus removing commands that are only supposed to be used by IRC clients.
We don't intend to document things like CAP, PONG, etc here.

Remove ISON, PONG, WATCH. Also remove DALINFO which no longer exists.

Re-index the USERCMDS and OPERCMDS table. This removes no longer existing
commands and may also have added some that were not in the index.

Moved STATS from USERCMDS to OPERCMDS since by default it is Oper-only
(and very likely is so effectively in practice).

Maybe PRIVMSG is a bit inconsistent in all this, since users don't type
that but usually it is like MSG. But yeah.. okay.. i can live with that.

As an aside, I don't like services commands being documented in HELPOP,
but that is another matter. These should be 100% documented in the wiki
first before they are scratched in the HELPOP. Right now some are still
missing.
2026-01-04 09:36:01 +01:00
Bram Matthys 806fa83dd7 ** UnrealIRCd 6.2.2 ** 2025-12-12 12:16:31 +01:00