===================================================================
RCS file: /home/cmunk/ircsystems/cvsroot/unreal/Changes,v
retrieving revision 1.1.1.1.2.1.2.1.2.2414
diff -u -r1.1.1.1.2.1.2.1.2.2414 Changes
--- Changes 30 May 2007 21:10:04 -0000 1.1.1.1.2.1.2.1.2.2414
+++ Changes 4 Jun 2007 17:21:12 -0000
@@ -1726,3 +1726,5 @@
"UnrealIRCd is not running" as opposed to "kill: 3426: no such process" etc.
- #0003368 patched by Stealth giving users access to do /module on remote
servers
+- #0002677 reported by aquanight, removing listen::options::remoteadmin,
+ listen::options::mask, set::options::no-stealth
===================================================================
RCS file: /home/cmunk/ircsystems/cvsroot/unreal/Changes,v
retrieving revision 1.1.1.1.2.1.2.1.2.2406
diff -u -r1.1.1.1.2.1.2.1.2.2406 Changes
--- Changes 17 May 2007 11:38:07 -0000 1.1.1.1.2.1.2.1.2.2406
+++ Changes 17 May 2007 13:22:05 -0000
@@ -1710,3 +1710,6 @@
- Added set::ssl::server-cipher-list, #002368 requested by Beastie
- Added set::ssl::renegotiate-bytes, set::ssl:renegotiate-timeout, #0002971
suggested by tabrisnet. Gets activated when >0. Please set sane values.
+- Added set::ssl::dh to indicate DH parameters. These are needed to support
+ DSA certificates and should probably make them work from now on. Code
+ originally by the inspircd team.
===================================================================
RCS file: /home/cmunk/ircsystems/cvsroot/unreal/Changes,v
retrieving revision 1.1.1.1.2.1.2.1.2.2404
diff -u -r1.1.1.1.2.1.2.1.2.2404 Changes
--- Changes 17 May 2007 09:56:42 -0000 1.1.1.1.2.1.2.1.2.2404
+++ Changes 17 May 2007 10:52:33 -0000
@@ -1707,3 +1707,4 @@
through this under load, and speeding up connection).
- IRCd now also sets the &me fd as being non blocking (wasn't before, that
was odd..)
+- Added set::ssl::server-cipher-list, #002368 requested by Beastie
===================================================================
RCS file: /home/cmunk/ircsystems/cvsroot/unreal/Changes,v
retrieving revision 1.1.1.1.2.1.2.1.2.2399
diff -u -r1.1.1.1.2.1.2.1.2.2399 Changes
--- Changes 14 May 2007 14:14:08 -0000 1.1.1.1.2.1.2.1.2.2399
+++ Changes 14 May 2007 14:22:31 -0000
@@ -1692,3 +1692,5 @@
- Changed IRCCommand::friend into IRCCommand::partner
- Removed an odd declaration in common.h regarding find_user_link
- Changed make_virthost prototype to not include a C++ keyword
+- More cleanup - this may potentially break some OS'es, but let us catch
+ this in testing
===================================================================
RCS file: /home/cmunk/ircsystems/cvsroot/unreal/Changes,v
retrieving revision 1.1.1.1.2.1.2.1.2.2398
diff -u -r1.1.1.1.2.1.2.1.2.2398 Changes
--- Changes 14 May 2007 13:41:57 -0000 1.1.1.1.2.1.2.1.2.2398
+++ Changes 14 May 2007 14:13:50 -0000
@@ -1690,3 +1690,5 @@
This change should not break extban modules, and should need some more extensive testing.
- Removed some more confusion in source (module IRC commands vs IRC commands)
- Changed IRCCommand::friend into IRCCommand::partner
+- Removed an odd declaration in common.h regarding find_user_link
+- Changed make_virthost prototype to not include a C++ keyword
===================================================================
RCS file: /home/cmunk/ircsystems/cvsroot/unreal/Changes,v
retrieving revision 1.1.1.1.2.1.2.1.2.2394
diff -u -r1.1.1.1.2.1.2.1.2.2394 Changes
--- Changes 13 May 2007 16:48:38 -0000 1.1.1.1.2.1.2.1.2.2394
+++ Changes 13 May 2007 17:56:05 -0000
@@ -1666,3 +1666,4 @@
- A bug was introduced in the patch for #0003139. Patched by WolfSage
- #0002533 reported by Dodge_Ram, patched by WolfSage, regarding notices
not being sent when /*line and /shun are used to request stats
+- Removed class.h and minor references to aClass. Patched by WolfSage
===================================================================
RCS file: /home/cmunk/ircsystems/cvsroot/unreal/Changes,v
retrieving revision 1.1.1.1.2.1.2.1.2.2343
diff -u -r1.1.1.1.2.1.2.1.2.2343 Changes
--- Changes 6 Apr 2007 22:17:27 -0000 1.1.1.1.2.1.2.1.2.2343
+++ Changes 15 Apr 2007 09:44:58 -0000
@@ -1546,3 +1546,23 @@
- Added include::bind-ip to bind an ip to download in case of having defined LIBCURL, suggested by djGrrr (#00003185).
- oper::from::userhost now accepts a CIDR address (eg *me@1.2.3.0/24), requested by djGrrr (#0003234).
- Corrected a couple of grammar errors in WebTV whois (/msg IRC WHOIS nick) output, reported by CuLpA (#0003244).
+- Implemented #0003254 - Auth type 'sslcertfingerprint-sha1', suggested by
+ djGrr. There are reservations regarding the security of this, but for most
+ purposes it should be okay. Cryptographically minded people may comment.
+ This may also be used to allow remote included opers with SSL certificate
+ fingerprints as we cannot as of yet remote include client certificates
+ (#0002832, suggested by Stealth)
+ Example use:
+ $ openssl x509 -in cert.pem -noout -sha1 -fingerprint
+ (where cert.pem is the oper's/server's/etc SSL client certificate)
+ SHA1 Fingerprint=FA:A6:A3:42:95:34:15:68:26:35:40:18:8D:50:68:D4:15:C8:12:9E
+
+ translating into this auth block:
+ password "FA:A6:A3:42:95:34:15:68:26:35:40:18:8D:50:68:D4:15:C8:12:9E" { sslcertfingerprint-sha1; };
+ (the auth code is case sensitive).
+
+ If anyone is interested in making a module for SSL client certificate
+ authentication for services, you can probably use the code in here to do it
+ quite simple.
+ .. please mind any errors, it's been years since I (Stskeeps) last committed to here :)
+
new commands SVSNOLAG/SVS2NOLAG (syntax: SVSNOLAG [+|-] NickName). Obviously, care
should be taken when giving such access to a user since he/she will be able to flood
at full speed and could possibly take down the entire IRCd (well, everyone on it).
Suggested by avb, coded by djGrrr.
- DOMAINNAME is removed from ./Config reported by satmd (#0003063).
- THROTTLING and FAST_BADWORD_REPLACE cannot be configured in config.h reported by raymondvrolijk (#0002937).
- /sqline supports sqlining for channels. #*ble* will forbid channels and *ble* will forbid only nicks (not channels).
Forbid message showed by numeric ERR_FORBIDDENCHANNEL (448) reported by aragon and Jase (#0000935, #0003012).
- conf_deny NOTICE message is replace by ERR_FORBIDDENCHANNEL.
- Fixed set::dns::bind-ip directive seen as duplicate, reported by aegis (#0003074).
- set::dns::* block is now no longer mandatory. All info has always been read from
/etc/resolv.conf (*NIX) or the registry (Win32), and the set::dns block is ignored
(except for set::dns::bind-ip, but that's a special case). Suggested by many including
djGrrr to make things slightly more logical (#0003019).
- As a consequence of the above, set::dns blocks were removed from doc/example*conf.
- Added two more characters to Catalan charset, reported by rmh (#0002995).
- Added set::pingpong-warning [yes|no] which decides whether to send the "** If you are
having problems connecting due to ping timeouts, please type /quote pong .." message
to each client when NOSPOOF is enabled (usually on Win32). The default is NO.
Previously this message was always sent if NOSPOOF was on, which often caused
confusion among users. The message was intended for non-confirming clients, but these
should be fixed by now, and those that were not fixed (self-made bots/etc) did often
not understand the message anyway. Anyway, you can still turn it on ;). (#2680).
user target string (nick!user@host:info), insteaf of doing it at like 5 places.
- Spamfilter target 'u' (user): the host field (nick!user@HOST:realname) is now escaped
with brackets if it's an IPv6 address, eg: blah!blah@[1:2:3:4:5:6:7:8]:hello, reported
by aquanight and others (#0003010).
to document it right now, just want to get it off my cvs queue ;P.
Syntax is 'WATCH A +TestUser' to have someone with away notification on your watchlist.
error message if the kick should be denied. The upper layer (thus NOT you) takes care
of OperOverride.
- Modulized channel mode +Q (src/modules/chanmodes/chmode_upQ.c)
(unmentioned: ripped out old MODE_FLOODLIMIT stuff -- 2 lines)
As a consequence of this the last parameter you get in your hook is now 'oldnick' rather
than 'newnick'. So the new nick is in sptr->name now and oldnick in last parameter.
- Added HOOKTYPE_PRE_CHANMSG, this should now be used for blocking/morphing text.
It has the parameters: sptr, chptr, text, notice
- HOOKTYPE_CHANMSG now no longer allows one to block the text (use HOOKTYPE_PRE_CHANMSG for
that). It's also moved to after the message was actually sent.
- Added HOOKTYPE_KNOCK (sptr, chptr)
- Added HOOKTYPE_MODECHAR_FIXME. Internal for now, will be replaced with a proper
HOOKTYPE_MODECHAR later (and arguments will change). It's just an internal hack for
chmode +f for now ;).
- Updated indent.pro to use length=110. It still does not indent how I want it to be though,
so don't use it yet ;).
- Moved channel mode +f to src/modules/chanmodes/chmode_f.c, interestingly enough this took
longer than recoding extcmodes paramter support and moving chan mode +j.
It's not only looking like a complex channel mode, it actually *IS* one ;).
TODO: make sure it actually works, and fix sjoining (partly not implemented yet->crash) ;p
for everything. Recode of extcmodes partially complete (only 30% or something), using a
FAST 'slot system' now in the channel structure for paramter modes instead of linked lists.
Besides the slot system being faster, it also causes less memory fragmentation (and
memory fragmentation actually causes slower CPU as well, especially when running for a
long time). Channel modes are still permanent and all.
I'm first going to move modes to modules and then later on have a go at making them non-
permanent (already know exactly how to do it, but other things go first ;p).
Documentation on how all this works will be added later as well. It's really work-in-progress
at the moment, which means: the API might (or 'will') change.
Channel modes will be in src/modules/chanmodes, named chmode_<modechar>.c, that's the
general rule at least.. Some will be 'packed together' like the RFC modes s/n/t/k/l/etc.
Channel mode 'j' has been moved to src/modules/chanmodes/chmode_j.c which seems to work ok.
Details (aka: documentation) about which loadmodule's will be needed for which modes
(like I said, since some will be bundled in for example an 'rfc' module) will also be added
later. For now it doesn't matter much, since there's only j ;).
Side note: some +j code is still in the core (only eating 4 bytes per-user and 4 bytes
per-channel, though), and will remain there for now.
I did the work of above in 2 days, so ehm.. it's still far from complete, but I don't want
to wait for one BIG commit which changes half of the ircd :P.
Added hooks (needs to be documented, like all other hooks, one day ;p):
HOOKTYPE_CAN_JOIN: called from can_join(), seems more logical than PRE_LOCAL_JOIN, also
more nicely passes the key and link stuff.
HOOKTYPE_CAN_SEND: not implemented yet. will be called from can_send()
HOOKTYPE_CLEANUP_CLIENT: called from free_client()
HOOKTYPE_CLEANUP_USER: called from free_user()
HOOKTYPE_CLEANUP_USER2: called from exit_client when freeing a user.. I know, this
might sound redundant, but then again.. some things REQUIRE a certain order (like before
freeing membership links).. Or at least I don't want to break the current logic ;).
stskeeps