* The 'ban too broad' checking was broken. This permitted glines such
as 192.168.0.0/1 being set. Now it rejects CIDR of /15 and lower.
To disable this safety measure you can (still) use:
set { options { allow-insane-bans; }; };
Docs: https://www.unrealircd.org/docs/Set_block#set::ssl::sts-policy::port
Example:
set {
ssl {
certificate "ssl/server.cert.pem";
key "ssl/server.key.pem";
sts-policy {
port 6697;
duration 180d;
};
};
};
IMPORTANT: Only use this if you know what STS is and what the
implications are. The most important things being A) set a correct
port and B) you need a 'real' SSL certificate and not a self-signed
certificate.
More documentation may follow at another place.
Module coders:
* The cap->visible(void) callback function is now cap->visible(aClient *)
* There is a new cap->parameter(aClient *) callback function.
* Various updates to subfunctions to pass 'sptr' (due to the above),
including clicap_find(sptr, ...)
* New CLICAP_FLAGS_UNREQABLE flag
Other:
* There is a new (src/)modules/cap directory containing the sts module,
well.. once I commit it :D
For example: '+f [5j#i1,5m#m1,3n]:3' and then '+f [5j#i1,5m]:3'
In that case the '3n' was not removed and still effective, as
could be seen by a '/MODE #chan'. Reported by The_Myth (#4883).
services software send this which cause a crash. Now simply rejecting at
the start of the function.
To services coders: you must maintain client lists/state, not do silly things
Note that they are NOT loaded by default at this time.
The modules are:
* extbans/textban - +b ~T:censor:*badword*
* usermodes/privdeaf - user mode +D: cannot receive PM's
* antirandom - "randomness" detector against drone attacks
* hideserver - hide servers (not real security, but requested)
* jumpserver - redirect users to another server during maintenance
* m_ircops - show which ircops are online (/IRCOPS command)
* m_staff - show custom file (/STAFF command)
* nocodes - don't just strip/block colors, do the same for reverse/bold/..
The existing README and sample configuration files for these modules
will later be added to the official UnrealIRCd documentation on
https://www.unrealircd.org/docs/Main_Page (just search on the module name).
This allows you to for example specify a specific certificate/key on an
serversonly port and in link block (a self-signed 10 year valid certificate)
and use a short-lived (XX day) Let's Encrypt certificate on the other ports.
And several other uses, of course.