Unfortunately we can no longer auto-download so we send the user
to a microsoft.com page when the package seems not installed.
Hopefully most users will have it installed though...
bind to (for example) the loopback interface before connecting to the
remote server.
In addition to that, we now don't bind() at all when bind-ip is not
present or is set to "*".
This allows us to successfully build on systems where pulling in poll.h
pollutes the code with a broken form of ctypes.h due to a few reasons, not
limited to, but including, usage of non-namespaced macros which clash with
our own.
method to authenticate users with SSL client certificates based
on SHA256 fingerprints. This can be used instead of the already
existing 'sslclientcert' so you don't have to use an external file.
One way to get the SHA256 fingerprint would be:
openssl x509 -in name-of-pem-file.pem -sha256 -noout -fingerprint
Suggested and patch supplied by Jobe (#4019).
- Added documentation on the new sslclientcertfp
- Moved documentation on authentication types to one place and refer
to it from each section (oper::password, vhost::password,
link::password-receive, etc).
- Disable USE_POLL on Windows, since it doesn't work with XP and has
no advantage anyway. Reported by nenolod (#4129).
- Various updates to makefile.win32 and .iss file, found during
building new versions of zlib, openssl, and curl.
Any attempt to /OPER by someone who doesn't have one of the listed
usermodes is rejected. This can be used to restrict oper blocks to
registered nicks (+r) or secure clients (SSL, +z).
server.cert.pem exists, and check it if the file doesn't exist.
You can still change the setting, just the default is correct now.
The code for this was already there but was not working correctly
causing users to go through the generation process upon each install.
If this is not set, then SASL is off and not advertised.
If the specified server is not connected, then SASL is off as well.
This prevents unnecessary delay (and the inability for some clients to
get online) when SASL is not in use or when the SASL server is down.
This allows the IRCd to enforce MLOCKs that are set by services, which
eliminates clashes between users setting modes and services enforcing
it's mlock on channels. (#3055)
queued data on the receive queue (eg: due to fake lag) was not processed
unless we got new data from the client.
Now, better document this. Also, avoid calling dbuf_put with 0 length.