Members from the public are welcome to test if there are any major release critical bugs (such as crash bugs) present, so they can be corrected before the real 3.2.10 release. Note that we do not recommend running this version on production servers.
To grab this version, go to www.unrealircd.com -> Downloads.
You can help us by testing specific items which can be found on our the Unreal3.2 testing forum. Be sure to read the first post 'READ THIS! (how to use)'.
Summary of the new features and fixes:
Code: Select all
==[ NEW ]==
- Improved socket engine. This brings some performance improvements and
also makes it easier to configure a system to hold more than 1024
clients (no more editing of header files on Linux!).
- ESVID support: services can communicate the account name of the user
back to the IRCd. This only works on ESVID-capable services:
- Extban ~a:<accountname>: matches users who are logged in to services
with that account name.
- Show account name in /WHOIS
- CAP support: this enables clients to enable certain features more easily.
Can be disabled through set::options::disable-cap.
- Now that STARTTLS is advertised in CAP it is likely to be used more often.
- away-notify: informs clients of AWAY state changes of users on the same
channels, for clients that support this.
- account-notify: similar to away-notify, inform clients of changes in the
login status and account name used by other clients on the same channels.
- SASL support. To use this, and if your services support this, you point
set::sasl-server to your services server.
- Server-side MLOCK support: the IRCd will prevent channel mode changes
depending on the MLOCK setting in services. Requires special support
from services for this feature.
- User Mode +I (IRCOp only): hide idle time
- auth-method 'sslclientcertfp': authenticate users using an SSL client
certificate by the SHA256 fingerprint of that certificate.
The documentation has a new section (3.19) called 'Authentication Types'
which contains an (improved) example of how to use SSL client certificate
authentication instead of regular passwords.
- oper::require-modes: an optional setting, which can be used to require
users to have certain user modes (such as 'z') before they can /OPER up.
- allow/deny channel: you can now optionally specify a class here as an
extra filter.
- doc/example.es.conf: Spanish translation of example configuration file.
- There have also been some behavior changes, which can be considered NEW,
see next section (CHANGED).
==[ CHANGED ]==
- Anti-spoof protection (ping cookies) can now be enabled/disabled at
run-time through set::ping-cookie [yes|no]. The default is 'yes' (enabled).
- A quit with 'Ping timeout' now shows the number of seconds since the ping.
- Print out a warning if we can't write to a log file.
- Refuse to boot if we can't write to ANY log file.
- Windows: if an SSL certificate exists, then uncheck the 'generate SSL
certificate' checkbox by default.
- *NIX with SSL: We now ask in ./Config if you want to generate an SSL
certificate. The certificate is then copied when you run 'make install'.
==[ MAJOR BUGS FIXED ]==
- None?
==[ MINOR BUGS FIXED ]==
- Various compile problems, in particular with remote includes enabled.
- Windows: the installer sometimes insisted that the Visual C++ 2008
redistributable package was not installed, when it actually was there.
- Windows: MOTD file date/time was always showing up as 1/1/1970.
- And more... see Changelog
==[ REMOVED / DROPPED ]==
- Windows 9X is no longer supported
- The networks/ directory has been removed
Code: Select all
- Automatically regenerate Makefile if ./config.status --recheck was
run.
- Fix compilation issue when disabling stacked
extbans. https://bugs.gentoo.org/389949
- Attempt to make Makefile rules more parallelism friendly.
- Fix compilation issues with bundled tre and ./curlinstall-ed curl
caused by over-generic regexes. Reported by warg.
- Fix version string in configure.ac.
- Include CMDS=STARTTLS in ISUPPORT/numeric 005 to let clients discover STARTTLS
support through VERSION, before or after registration (#4064).
- Added patch from nenotopia to use more modern LUSERS numerics (#3967).
- Fix small error in oper block documentation, reported by Stealth (#2318).
- Config parser failed to check for invalid set::ssl options, reported
and patch by fbi (#4035).
- Tweak: send actual channel name and not user supplied channel in KICK,
reported and patch by Stealth (#3298).
- Services coders: Added support for ESVID. Instead of a number you can
now store a string (of max NICKLEN size) as service stamp. See
protoctl.txt and serverprotocol.html in doc/technical for more information.
Patch from nenotopia (#3966).
- Show account name in /WHOIS, for ESVID-capable services packages, patch
from nenotopia (#3966).
- Added extended ban ~a:<account name> which matches users who are logged
in to services with that account name. This works only on services that
support ESVID. Patch from nenotopia (#3966).
- Updated extended ban documentation in help.conf and unreal32docs:
new bantype ~a, and some text about extended bans & invex (+I).
- Throw up an error if a password in the configuration file is too long
(max 48 characters), reported by JasonTik, based on patch from
WolfSage (#3223).
- Enforce matching of unrealircd version and PACKAGE_VERSION macros. Now the
UNREAL_VERSION_GENERATION, UNREAL_VERSION_MAJOR, UNREAL_VERSION_MINOR, and
UNREAL_VERSION_SUFFIX macros are autogenerated from PACKAGE_VERSION (#4014).
- Make default service stamp 0 (zero) again, instead of '*' which was
introduced by ESVID changes a few days ago. This makes anope happy,
and also means nothing will change in a non-ESVID scenario.
- Fix misuse of stdarg.h macros when calling vsyslog() (#4065 by Jimini).
- Ditch vsyslog() as it's only a waste of CPU, inspired by #4065.
- Add CAP support. Currently implemented are: multi-prefix (NAMESX), and
userhost-in-names (UHNAMES). Patch from nenotopia (#4018, #4066).
- Fix issue with CAP & NOSPOOF. Patch from nenolod (#4077).
- Advertise 'tls' (STARTTLS) capability in CAP. Patch from nenolod (#4081).
- New user mode +I (IRCOp only) which hides idle times to other users,
suggested and patch supplied by Nath & binki (#3953).
- Added remove_oper_modes(), which works just like remove_oper_snomasks(),
and ensures that the user does not have any ircop-only user modes after
de-opering. This (only) fixes the just added +I umode case, but could
also prevent future bugs.
- Get rid of networks/ directory, and all references to it. Suggested by
katsklaw and others (#4056).
- Added doc/example.es.conf, translated by Severus_Snape.
- Make the accept code check if the fd is within bounds instead of relying
on OpenFiles to be correct. This fixes a crash when f.e. 3rd party modules
have files open but don't increase OpenFiles. Might also fix a curl crash,
though nobody ever reported one.
- Moved nospoof to config file, suggested by and patch from nenolod (#4078).
This means ping cookies are now controlled by set::ping-cookie [yes|no].
The default is 'yes' (enabled).
- Even when 'M' was listed in set::oper-only-stats you could still do a
'/STATS m'. Unlike other stats characters, case insensitivity was not
checked for this one. Reported by and patch from Apocalypse (#4086).
- Added patch from Adam for poll() support (#1245).
- Various changes/fixes/enhancements to poll patch
- UnrealIRCd now supports poll() instead of select().
There are some minor speed benefits if you have more than 1K or 2K
clients, however the main noticeable difference is that on Linux you can
now easily enter a higher maximum connection count than 1024 in ./Config,
without having to edit system header files.
Of course, you still need to be allowed to use the # of sockets (type
'ulimit -n' on the shell).
Support for this is experimental at this stage, but enabled by default
so it can receive all the testing it deserves. If all goes well, it will
be the default for 3.2.10.
Stress testing is very much welcomed!
- Speed optimization: First, moved a large part of vsendto_prefix_one into
vmakebuf_local_withprefix. Then use this new function - which creates the
buffer-to-be-sent - at the top of functions like sendto_channel_butserv
and sendto_common_channels and send the prepared buffer in the loop that
comes after it. This means we only prepare the buffer once and then send
it many times, rather than both building and sending it XYZ times.
Benchmarking connect-join-quit of 10k clients:
100 users per channel: no noticeable speed improvement
1000 users per channel: 18% faster
10000 users in one channel: 50% faster
As you can see, unfortunately, for a typical irc network there isn't much
speed improvement. However, if you have a couple of 500+ user channels or get
attacked by clones then you may see some improvement in speed and/or lower
CPU usage.
- Minor documentation typos, thanks warg (#4094).
- Call m_cap_Init() when m_cap is loaded through commands.so. Reported by
nenolod.
- Fix for speed optimization a few lines up, was accidentally using ident
username (which might have been 'unknown') instead of effective username.
- Added support for SASL, patch from nenolod (#4079).
- Fix crash in AUTHENTICATE (SASL commit from an hour or so ago).
- Tweak SASL code to conform to current coding style.
- Some more SASL fixes, and more...
- Split up PROTOCTL line, since with the addition of ESVID we exceeded
MAXPARA when using ZIP links.
This caused an odd charset warning upon link.
- Poll I/O engine: get_client_by_pollfd() may return -1 when there's a race
condition. Don't abort, instead just skip those clients.
This fixes a crash I had on /SQUIT.
- Fix win32 installer: apparently it sometimes complained about not having the
Visual C++ 2008 redistributable package installed when this was not true.
- Win32 compile fix
- Print out a warning when we can't write to a log file. When booting this
goes to the boot screen. When we are already booted it's sent to all
IRCOps with a limit of max. 1 message per 5 minutes.
- Refuse to boot when we can't write to any log file.
- Remove old no-stealth configuration directive from documentation,
reported by katsklaw, patch from warg (#4036).
- Added 'away-notify' client capability, which informs the client of any AWAY
state changes of users on the same channel. Patch from nenolod (#4097).
- Add support for account-notify client capability (#4098). This capability
can be used to request passive notifications for accountname changes.
- If set::options::dont-resolve is enabled, then use only the IP information
from a WEBIRC message, reported by Ismat (#4103).
- Moved sendto_connectnotice, and thus the call to HOOKTYPE_LOCAL_CONNECT,
so it gets called after the broadcast of NICK to other servers.
- Fix bug caused by new I/O engine (both with and without USE_POLL):
queued data on the receive queue (eg: due to fake lag) was not processed
unless we got new data from the client.
Now, better document this. Also, avoid calling dbuf_put with 0 length.
- Add support for server-enforced mode locks (MLOCK), suggested in #3055
back in 2006. This allows the IRCd to enforce MLOCKs that are set by
services, which eliminates clashes between users setting modes and
services enforcing it's mlock on channels.
- Fixed another SASL crash bug. Always use HookAddEx, not HookAdd!
Crash occured after the first quit of a user after a REHASH.
Reported by Dave (#4108).
- SASL now needs to be enabled explicitly by setting a set::sasl-server.
If this is not set, then SASL is off and not advertised.
If the specified server is not connected, then SASL is off as well.
This prevents unnecessary delay (and the inability for some clients to
get online) when SASL is not in use or when the SASL server is down.
- Changed numeric 307 (RPL_WHOISREGNICK) to 'is identified for this nick',
reported by fbi (#3399).
- Win32 installer (SSL): Uncheck 'create certificate' checkbox when
server.cert.pem exists, and check it if the file doesn't exist.
You can still change the setting, just the default is correct now.
The code for this was already there but was not working correctly
causing users to go through the generation process upon each install.
- Win32 installer: Latest InnoSetup no longer supports Windows 95/98,
so update Minversion to make the .iss compile.
- Module coders: added HOOKTYPE_AWAY (sptr, away-reason).
- Add optional oper::require-modes setting to the oper block. Any
attempt to /OPER by someone who doesn't have one of the listed
usermodes is rejected. This can be used to restrict oper blocks to
registered nicks (+r) or secure clients (SSL, +z) (#4008 by
katsklaw).
- Clarify that hiddenhost-prefix must be the same on linked servers for
bans to function properly (#4090, patch from warg, reported in #4043
by maxb).
- Add /SILENCE to HTML documentation (reported by Severus_Snape in
#4072, patch from warg).
- Show "Ping timeout: XYZ seconds" instead of just "Ping timeout".
Patch from darkex (#3960).
- Install server.*.pem files, patch from katsklaw (#3988).
- The ./Config script will now ask whether to generate an SSL
certificate when it does not exist (defaults to Yes), instead of
always generating one.
- Added missing Mod_Header to m_sasl.c
- Remove old reference to networks/ directory from Windows installer
- Disable sending of UHNAMES when HTM (High Traffic Mode) is ON,
suggested by driew (#3900).
- Add 'class' option to allow/deny channel so you can allow/deny
users based on their class. Patch from fspijkerman (#4125).
- Use poll() in the remote includes functions when USE_POLL is
defined (#4091).
- Fix bug where recursive includes would hang the IRCd, patch from
binki with some minor modifications, reported by warg (#3919).
- Upgraded to c-ares 1.9.1. Updated configure & other files.
- Disable USE_POLL on Windows, since it doesn't work with XP and has
no advantage anyway. Reported by nenolod (#4129).
- Various updates to makefile.win32 and .iss file, found during
building new versions of zlib, openssl, and curl.
- Added set::options::disable-cap, which can be used to disable the
new CAP support (#4104).
- Added auth method 'sslclientcertfp' which provides an alternative
method to authenticate users with SSL client certificates based
on SHA256 fingerprints. This can be used instead of the already
existing 'sslclientcert' so you don't have to use an external file.
One way to get the SHA256 fingerprint would be:
openssl x509 -in name-of-pem-file.pem -sha256 -noout -fingerprint
Suggested and patch supplied by Jobe (#4019).
- Added documentation on the new sslclientcertfp
- Moved documentation on authentication types to one place and refer
to it from each section (oper::password, vhost::password,
link::password-receive, etc).
- Windows: fix MOTD file always showing a date of 1/1/1970, reported
by maxarturo (#4102).
- Update version to 3.2.10-rc1
- Bump version number in all translated docs as well (did not change
the 'last update' date, though).
- Removed unreal32docs.es.html (outdated since 2006-12-22),
unreal32docs.gr.html (outdated since 2006-12-02), and
unreal32docs.nl.html (outdated since 2009-01-18, possibly 2007-07-12).
These translations are out of date for many years and are causing
problems for the people who are reading this out of date information.
If you want to update these translations, or (maybe better) redo
the translation of unreal32docs in these languages, then send an
e-mail to [email protected].
Note that for all these languages we have had people in the past
offering to help out, but in the end we never heard back from them,
so please ONLY contact us if you: 1) are serious, and 2) have
sufficient time available to work on this project.
That said, users in your language will greatly appreciate your work!
Of course, if you want to translate documents in any other language
then you are welcome to contact us as well.
- Remove wircd.def, needs to be re-generated almost each build anyway..