UnrealIRCd 4.0.18 released

News about the UnrealIRCd project, including release announcements
Post Reply
Syzop
UnrealIRCd head coder
Posts: 1813
Joined: Sat Mar 06, 2004 8:57 pm
Location: .nl
Contact:

UnrealIRCd 4.0.18 released

Post by Syzop » Sat Jun 23, 2018 2:59 pm

UnrealIRCd 4.0.18 is now available for download.

This is a recommended upgrade because it fixes some memory leaks / security issues present in 4.0.17 and earlier versions. There's no need to rush the upgrade (there is no imminent threat), but it is advised to upgrade somewhere in the next few weeks. Naturally there are also enhancements and other bug fixes, see below.

Improvements:
  • Support for checking IPv6 addresses in DNS blacklists.
  • The blacklist module now checks WEBIRC users as well.
  • For SSL/TLS we now set the default ECDH(E) curves to be X25519:secp521r1:secp384r1:prime256v1 if using a recent version of OpenSSL/LibreSSL. This can be overridden via set::ssl::ecdh-curve.
  • You can now require SASL authentication for clients via the allow block (for example, on a dedicated server that permits proxies/tor):
    allow { ip *; class clients; maxperip 2; options { require-sasl; }; };
Major issues fixed
  • A number of (potential) security issues were fixed:
    • Memory leaks: this could allow an attacker to slowly consume all available memory and ultimately cause UnrealIRCd to crash.
    • Out of bounds read: in practice this does not seem to be exploitable due to the many restrictions that are imposed.
  • Compile issues on macOS
  • Bug in blacklist module which could have caused false negatives, allowing bad guys in which should have been denied.
  • The new optional feature 'set::cloak-method ip' caused identical cloaks
Minor issues fixed
  • When using '/REHASH -ssl' or './unrealircd reloadtls' it did not reload the SSL certificate/key if you were using ssl-options in listen, sni or link blocks. In short: it only reloaded the ones from set::ssl until now.
  • m_ircops sent a conflicting numeric, confusing some clients.
  • Starting UnrealIRCd through a non-interactive(!) ssh session could cause the ssh session to hang.
Removed:
  • Various old config.h settings that didn't have any effect.
  • A few config.h settings that should never be turned off have been removed altogether (eg: NO_FLOOD_AWAY is now always on).
  • The deprecated and unused commands "CAP CLEAR" and "CAP ACK".
Other changes:
  • The built-in time synchronization feature is now disabled by default.
    TimeSynch was added back in 2006 when lots of operating systems did not ship with time synchronization turned on by default. Since incorrect time severely breaks IRC networks this was a major problem. Nowadays this is completely different with most Linux distro's, OS X, Windows, etc. doing time synchronization out of the box. Since UnrealIRCd's implementation is less precise and lacks authentication it's best left over to the system.
    You can still re-enable timesynch via: set { timesynch { enabled yes; }; };
    .. but you should really use NTP or similar for system-wide time synchronization instead.
  • For developers there's now the --with-werror compile option which will add -Werror.
  • Added a lot more Travis-CI tests: various LibreSSL/OpenSSL versions and also test macOS. This to prevent us from releasing broken stuff.
  • Various code cleanups to get rid of lots of needless casts and to eliminate compiler warnings.
  • Just as a reminder (this change was already in version 4.0.17):
    UnrealIRCd will no longer give user mode +z to users on WEBIRC gateways using SSL/TLS IRC, unless the WEBIRC gateway gives us some assurance that the client<->webirc gateway connection is also secure (eg: https).
    This is the regular WEBIRC format:
    WEBIRC password gateway hostname ip
    This indicates a secure client connection (NEW):
    WEBIRC password gateway hostname ip :secure
    Naturally, WEBIRC gateways MUST NOT send the "secure" option if the client is using http or some other insecure protocol.
For module coders:
  • HOOKTYPE_CHANNEL_SYNCED prototype changed, the 'merge' and 'removetheirs' is now no longer an 'unsigned short' but an 'int' instead.
  • HOOKTYPE_MODE_DEOP prototype changed, the 'modechar' is now no longer a 'char' but an 'int' instead.
  • In addition to safestrdup() there's now also safestrldup() which allows you to specify a maximum allocated length (so including the nul byte). This is used in m_pass.c and m_topic.c.
  • New hook HOOKTYPE_CAN_BYPASS_CHANNEL_MESSAGE_RESTRICTION
Future versions (heads up):
  • We intend to change the default plaintext oper policy from warn to deny later this year. This will deny /OPER when issued from a non-SSL connection. For security, IRC Operators should really use SSL/TLS when connecting to an IRC server!
As always, you can download UnrealIRCd from www.unrealircd.org.

Post Reply