Unreal 3.2.10-rc1 released for testing

News about the UnrealIRCd project, including release announcements
Post Reply
Syzop
UnrealIRCd head coder
Posts: 2112
Joined: Sat Mar 06, 2004 8:57 pm
Location: .nl
Contact:

Unreal 3.2.10-rc1 released for testing

Post by Syzop »

I've released UnrealIRCd 3.2.10-rc1 (Release Candidate 1) for testing today.

Members from the public are welcome to test if there are any major release critical bugs (such as crash bugs) present, so they can be corrected before the real 3.2.10 release. Note that we do not recommend running this version on production servers.

To grab this version, go to www.unrealircd.com -> Downloads.
You can help us by testing specific items which can be found on our the Unreal3.2 testing forum. Be sure to read the first post 'READ THIS! (how to use)'.

Summary of the new features and fixes:

Code: Select all

==[ NEW ]==
- Improved socket engine. This brings some performance improvements and
  also makes it easier to configure a system to hold more than 1024
  clients (no more editing of header files on Linux!).
- ESVID support: services can communicate the account name of the user
  back to the IRCd. This only works on ESVID-capable services:
  - Extban ~a:<accountname>: matches users who are logged in to services
    with that account name.
  - Show account name in /WHOIS
- CAP support: this enables clients to enable certain features more easily.
  Can be disabled through set::options::disable-cap.
- Now that STARTTLS is advertised in CAP it is likely to be used more often.
- away-notify: informs clients of AWAY state changes of users on the same
  channels, for clients that support this.
- account-notify: similar to away-notify, inform clients of changes in the
  login status and account name used by other clients on the same channels.
- SASL support. To use this, and if your services support this, you point
  set::sasl-server to your services server.
- Server-side MLOCK support: the IRCd will prevent channel mode changes
  depending on the MLOCK setting in services. Requires special support
  from services for this feature.
- User Mode +I (IRCOp only): hide idle time
- auth-method 'sslclientcertfp': authenticate users using an SSL client
  certificate by the SHA256 fingerprint of that certificate.
  The documentation has a new section (3.19) called 'Authentication Types'
  which contains an (improved) example of how to use SSL client certificate
  authentication instead of regular passwords.
- oper::require-modes: an optional setting, which can be used to require
  users to have certain user modes (such as 'z') before they can /OPER up.
- allow/deny channel: you can now optionally specify a class here as an
  extra filter.
- doc/example.es.conf: Spanish translation of example configuration file.
- There have also been some behavior changes, which can be considered NEW,
  see next section (CHANGED).

==[ CHANGED ]==
- Anti-spoof protection (ping cookies) can now be enabled/disabled at
  run-time through set::ping-cookie [yes|no]. The default is 'yes' (enabled).
- A quit with 'Ping timeout' now shows the number of seconds since the ping.
- Print out a warning if we can't write to a log file.
- Refuse to boot if we can't write to ANY log file.
- Windows: if an SSL certificate exists, then uncheck the 'generate SSL
  certificate' checkbox by default.
- *NIX with SSL: We now ask in ./Config if you want to generate an SSL
  certificate. The certificate is then copied when you run 'make install'.

==[ MAJOR BUGS FIXED ]==
- None?

==[ MINOR BUGS FIXED ]==
- Various compile problems, in particular with remote includes enabled.
- Windows: the installer sometimes insisted that the Visual C++ 2008
  redistributable package was not installed, when it actually was there.
- Windows: MOTD file date/time was always showing up as 1/1/1970.
- And more... see Changelog

==[ REMOVED / DROPPED ]==
- Windows 9X is no longer supported
- The networks/ directory has been removed
Since the above is only a summary, here's the full Changelog (if you have too much time on your hands ;p):

Code: Select all

- Automatically regenerate Makefile if ./config.status --recheck was
  run.
- Fix compilation issue when disabling stacked
  extbans. https://bugs.gentoo.org/389949
- Attempt to make Makefile rules more parallelism friendly.
- Fix compilation issues with bundled tre and ./curlinstall-ed curl
  caused by over-generic regexes. Reported by warg.
- Fix version string in configure.ac.
- Include CMDS=STARTTLS in ISUPPORT/numeric 005 to let clients discover STARTTLS
  support through VERSION, before or after registration (#4064).
- Added patch from nenotopia to use more modern LUSERS numerics (#3967).
- Fix small error in oper block documentation, reported by Stealth (#2318).
- Config parser failed to check for invalid set::ssl options, reported
  and patch by fbi (#4035).
- Tweak: send actual channel name and not user supplied channel in KICK,
  reported and patch by Stealth (#3298).
- Services coders: Added support for ESVID. Instead of a number you can
  now store a string (of max NICKLEN size) as service stamp. See
  protoctl.txt and serverprotocol.html in doc/technical for more information.
  Patch from nenotopia (#3966).
- Show account name in /WHOIS, for ESVID-capable services packages, patch
  from nenotopia (#3966).
- Added extended ban ~a:<account name> which matches users who are logged
  in to services with that account name. This works only on services that
  support ESVID. Patch from nenotopia (#3966).
- Updated extended ban documentation in help.conf and unreal32docs:
  new bantype ~a, and some text about extended bans & invex (+I).
- Throw up an error if a password in the configuration file is too long
  (max 48 characters), reported by JasonTik, based on patch from
  WolfSage (#3223).
- Enforce matching of unrealircd version and PACKAGE_VERSION macros. Now the
  UNREAL_VERSION_GENERATION, UNREAL_VERSION_MAJOR, UNREAL_VERSION_MINOR, and
  UNREAL_VERSION_SUFFIX macros are autogenerated from PACKAGE_VERSION (#4014).
- Make default service stamp 0 (zero) again, instead of '*' which was
  introduced by ESVID changes a few days ago. This makes anope happy,
  and also means nothing will change in a non-ESVID scenario.
- Fix misuse of stdarg.h macros when calling vsyslog() (#4065 by Jimini).
- Ditch vsyslog() as it's only a waste of CPU, inspired by #4065.
- Add CAP support. Currently implemented are: multi-prefix (NAMESX), and
  userhost-in-names (UHNAMES). Patch from nenotopia (#4018, #4066).
- Fix issue with CAP & NOSPOOF. Patch from nenolod (#4077).
- Advertise 'tls' (STARTTLS) capability in CAP. Patch from nenolod (#4081).
- New user mode +I (IRCOp only) which hides idle times to other users,
  suggested and patch supplied by Nath & binki (#3953).
- Added remove_oper_modes(), which works just like remove_oper_snomasks(),
  and ensures that the user does not have any ircop-only user modes after
  de-opering. This (only) fixes the just added +I umode case, but could
  also prevent future bugs.
- Get rid of networks/ directory, and all references to it. Suggested by
  katsklaw and others (#4056).
- Added doc/example.es.conf, translated by Severus_Snape.
- Make the accept code check if the fd is within bounds instead of relying
  on OpenFiles to be correct. This fixes a crash when f.e. 3rd party modules
  have files open but don't increase OpenFiles. Might also fix a curl crash,
  though nobody ever reported one.
- Moved nospoof to config file, suggested by and patch from nenolod (#4078).
  This means ping cookies are now controlled by set::ping-cookie [yes|no].
  The default is 'yes' (enabled).
- Even when 'M' was listed in set::oper-only-stats you could still do a
  '/STATS m'. Unlike other stats characters, case insensitivity was not
  checked for this one. Reported by and patch from Apocalypse (#4086).
- Added patch from Adam for poll() support (#1245).
- Various changes/fixes/enhancements to poll patch
- UnrealIRCd now supports poll() instead of select().
  There are some minor speed benefits if you have more than 1K or 2K
  clients, however the main noticeable difference is that on Linux you can
  now easily enter a higher maximum connection count than 1024 in ./Config,
  without having to edit system header files.
  Of course, you still need to be allowed to use the # of sockets (type
  'ulimit -n' on the shell).
  Support for this is experimental at this stage, but enabled by default
  so it can receive all the testing it deserves. If all goes well, it will
  be the default for 3.2.10.
  Stress testing is very much welcomed!
- Speed optimization: First, moved a large part of vsendto_prefix_one into
  vmakebuf_local_withprefix. Then use this new function - which creates the
  buffer-to-be-sent - at the top of functions like sendto_channel_butserv
  and sendto_common_channels and send the prepared buffer in the loop that
  comes after it. This means we only prepare the buffer once and then send
  it many times, rather than both building and sending it XYZ times.
  Benchmarking connect-join-quit of 10k clients:
  100 users per channel: no noticeable speed improvement
  1000 users per channel: 18% faster
  10000 users in one channel: 50% faster
  As you can see, unfortunately, for a typical irc network there isn't much
  speed improvement. However, if you have a couple of 500+ user channels or get
  attacked by clones then you may see some improvement in speed and/or lower
  CPU usage.
- Minor documentation typos, thanks warg (#4094).
- Call m_cap_Init() when m_cap is loaded through commands.so. Reported by
  nenolod.
- Fix for speed optimization a few lines up, was accidentally using ident
  username (which might have been 'unknown') instead of effective username.
- Added support for SASL, patch from nenolod (#4079).
- Fix crash in AUTHENTICATE (SASL commit from an hour or so ago).
- Tweak SASL code to conform to current coding style.
- Some more SASL fixes, and more...
- Split up PROTOCTL line, since with the addition of ESVID we exceeded
  MAXPARA when using ZIP links.
  This caused an odd charset warning upon link.
- Poll I/O engine: get_client_by_pollfd() may return -1 when there's a race
  condition. Don't abort, instead just skip those clients.
  This fixes a crash I had on /SQUIT.
- Fix win32 installer: apparently it sometimes complained about not having the
  Visual C++ 2008 redistributable package installed when this was not true.
- Win32 compile fix
- Print out a warning when we can't write to a log file. When booting this
  goes to the boot screen. When we are already booted it's sent to all
  IRCOps with a limit of max. 1 message per 5 minutes.
- Refuse to boot when we can't write to any log file.
- Remove old no-stealth configuration directive from documentation,
  reported by katsklaw, patch from warg (#4036).
- Added 'away-notify' client capability, which informs the client of any AWAY
  state changes of users on the same channel. Patch from nenolod (#4097).
- Add support for account-notify client capability (#4098). This capability
  can be used to request passive notifications for accountname changes.
- If set::options::dont-resolve is enabled, then use only the IP information
  from a WEBIRC message, reported by Ismat (#4103).
- Moved sendto_connectnotice, and thus the call to HOOKTYPE_LOCAL_CONNECT,
  so it gets called after the broadcast of NICK to other servers.
- Fix bug caused by new I/O engine (both with and without USE_POLL):
  queued data on the receive queue (eg: due to fake lag) was not processed
  unless we got new data from the client.
  Now, better document this. Also, avoid calling dbuf_put with 0 length.
- Add support for server-enforced mode locks (MLOCK), suggested in #3055
  back in 2006. This allows the IRCd to enforce MLOCKs that are set by
  services, which eliminates clashes between users setting modes and
  services enforcing it's mlock on channels.
- Fixed another SASL crash bug. Always use HookAddEx, not HookAdd!
  Crash occured after the first quit of a user after a REHASH.
  Reported by Dave (#4108).
- SASL now needs to be enabled explicitly by setting a set::sasl-server.
  If this is not set, then SASL is off and not advertised.
  If the specified server is not connected, then SASL is off as well.
  This prevents unnecessary delay (and the inability for some clients to
  get online) when SASL is not in use or when the SASL server is down.
- Changed numeric 307 (RPL_WHOISREGNICK) to 'is identified for this nick',
  reported by fbi (#3399).
- Win32 installer (SSL): Uncheck 'create certificate' checkbox when
  server.cert.pem exists, and check it if the file doesn't exist.
  You can still change the setting, just the default is correct now.
  The code for this was already there but was not working correctly
  causing users to go through the generation process upon each install.
- Win32 installer: Latest InnoSetup no longer supports Windows 95/98,
  so update Minversion to make the .iss compile.
- Module coders: added HOOKTYPE_AWAY (sptr, away-reason).
- Add optional oper::require-modes setting to the oper block. Any
  attempt to /OPER by someone who doesn't have one of the listed
  usermodes is rejected. This can be used to restrict oper blocks to
  registered nicks (+r) or secure clients (SSL, +z) (#4008 by
  katsklaw).
- Clarify that hiddenhost-prefix must be the same on linked servers for
  bans to function properly (#4090, patch from warg, reported in #4043
  by maxb).
- Add /SILENCE to HTML documentation (reported by Severus_Snape in
  #4072, patch from warg).
- Show "Ping timeout: XYZ seconds" instead of just "Ping timeout".
  Patch from darkex (#3960).
- Install server.*.pem files, patch from katsklaw (#3988).
- The ./Config script will now ask whether to generate an SSL
  certificate when it does not exist (defaults to Yes), instead of
  always generating one.
- Added missing Mod_Header to m_sasl.c
- Remove old reference to networks/ directory from Windows installer
- Disable sending of UHNAMES when HTM (High Traffic Mode) is ON,
  suggested by driew (#3900).
- Add 'class' option to allow/deny channel so you can allow/deny
  users based on their class. Patch from fspijkerman (#4125).
- Use poll() in the remote includes functions when USE_POLL is
  defined (#4091).
- Fix bug where recursive includes would hang the IRCd, patch from
  binki with some minor modifications, reported by warg (#3919).
- Upgraded to c-ares 1.9.1. Updated configure & other files.
- Disable USE_POLL on Windows, since it doesn't work with XP and has
  no advantage anyway. Reported by nenolod (#4129).
- Various updates to makefile.win32 and .iss file, found during
  building new versions of zlib, openssl, and curl.
- Added set::options::disable-cap, which can be used to disable the
  new CAP support (#4104).
- Added auth method 'sslclientcertfp' which provides an alternative
  method to authenticate users with SSL client certificates based
  on SHA256 fingerprints. This can be used instead of the already
  existing 'sslclientcert' so you don't have to use an external file.
  One way to get the SHA256 fingerprint would be:
  openssl x509 -in name-of-pem-file.pem -sha256 -noout -fingerprint
  Suggested and patch supplied by Jobe (#4019).
- Added documentation on the new sslclientcertfp
- Moved documentation on authentication types to one place and refer
  to it from each section (oper::password, vhost::password,
  link::password-receive, etc).
- Windows: fix MOTD file always showing a date of 1/1/1970, reported
  by maxarturo (#4102).
- Update version to 3.2.10-rc1
- Bump version number in all translated docs as well (did not change
  the 'last update' date, though).
- Removed unreal32docs.es.html (outdated since 2006-12-22),
  unreal32docs.gr.html (outdated since 2006-12-02), and
  unreal32docs.nl.html (outdated since 2009-01-18, possibly 2007-07-12).
  These translations are out of date for many years and are causing
  problems for the people who are reading this out of date information.
  If you want to update these translations, or (maybe better) redo
  the translation of unreal32docs in these languages, then send an
  e-mail to [email protected].
  Note that for all these languages we have had people in the past
  offering to help out, but in the end we never heard back from them,
  so please ONLY contact us if you: 1) are serious, and 2) have
  sufficient time available to work on this project.
  That said, users in your language will greatly appreciate your work!
  Of course, if you want to translate documents in any other language
  then you are welcome to contact us as well.
- Remove wircd.def, needs to be re-generated almost each build anyway..
Post Reply