Changes since 8.2.42:
-- Noteworthy changes in version 8.2.43 (2022-09-26)
* Due to ongoing protocol modernizations and deprecation of old backwards
compatibility code, ircd-hybrid is now no longer link compatible to
8.2.33 and below. As for the Anope IRC Services, 2.0.8 is the minimum
supported version now.
* Implemented channel mode `V`. `INVITE` cannot be used on channels with
that mode set.
* `WHOIS` on clients connected via TLS now also shows some details about
the TLS version and cipher being used
* Removed user mode `d` (debugging notices)
Commit b7f05445c0 has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.
This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.
Approved by: portmgr (tcberner)
It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.
Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.
There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.
This commit implements such a proposal and moves one of the WWW: entries
of each pkg-descr file into the respective port's Makefile. A heuristic
attempts to identify the most relevant URL in case there is more than
one WWW: entry in some pkg-descr file. URLs that are not moved into the
Makefile are prefixed with "See also:" instead of "WWW:" in the pkg-descr
files in order to preserve them.
There are 1256 ports that had no WWW: entries in pkg-descr files. These
ports will not be touched in this commit.
The portlint port has been adjusted to expect a WWW entry in each port
Makefile, and to flag any remaining "WWW:" lines in pkg-descr files as
deprecated.
Approved by: portmgr (tcberner)
Changes since 8.2.41:
-- Noteworthy changes in version 8.2.42 (2022-08-28)
* Added support for reproducible builds using the `SOURCE_DATE_EPOCH` environment
variable. See https://reproducible-builds.org/docs/source-date-epoch/ for more
information.
* Extban `$Q` of type acting has been implemented. This extban prevents
matching users from using the `KICK` command.
* Implemented channel mode `Q`. `KICK` cannot be used on channels with that mode set.
* Implemented user mode `Z`. Users with that mode set may only receive private
messages from other users that are connected via TLS.
* Fixed issue where `WHO nick` on invisible clients (user mode `i`) wouldn't work
Changes since 8.2.40:
-- Noteworthy changes in version 8.2.41 (2022-07-15)
* Fixed issue where WHO didn't work on channel names with two or more
consequent asterisk characters
* IRCv3 WHOX has been implemented. See doc/who.txt for more information
about the new WHO options and features.
* Clients that are connected via TLS are now flagged with the letter S in
the who reply
Changes since 8.2.39:
-- Noteworthy changes in version 8.2.40 (2022-07-02)
* 'channel::disable_fake_channels' now also blocks strikethrough text (0x1E (30))
* 'KNOCK' can now be used on private channels. Channel mode 'K' may be used instead
to control whether or not 'KNOCK' is allowed on a channel.
* Support for '/dev/poll' has been dropped
* 'INFO' now also reports configured values of 'channel::default_join_flood_count'
and 'channel::default_join_flood_time'
* The founder 'q' and admin 'a' channel prefix modes have been implemented.
These are optional and can be enabled with the new 'channel::enable_owner'
and 'channel::enable_admin' configuration directives.
* Channel half-ops may now kick other half-ops
* Extban '$K' of type acting has been implemented. This extban prevents
matching users from using the 'KNOCK' command.
* Server-side channel mode locking 'MLOCK' has been implemented
* Fixed server name leak in 'WHOWAS' with 'serverhide::hide_services' enabled
There have been lots of missing CONFLICTS_INSTALL entries, either
because conflicting ports were added without updating existing ports,
due to name changes of generated packages, due to mis-understanding
the format and semantics of the conflicts entries, or just due to
typoes in package names.
This patch is the result of a comparison of all files contained in
the official packages with each other. This comparison was based on
packages built with default options and may therefore have missed
further conflicts with optionally installed files.
Where possible, version numbers in conflicts entries have been
generalized, some times taking advantage of the fact that a port
cannot conflict with itself (due to logic in bsd.port.mk that
supresses the pattern match result in that case).
A few ports that set the conflicts variables depending on complex
conditions (e.g. port options), have been left unmodified, despite
probably containing outdated package names.
These changes should only affect the installation of locally built
ports, not the package building with poudriere. They should give an
early indication of the install conflict in cases where currently
the pkg command aborts an installation when it detects that an
existing file would be overwritten,
Approved by: portmgr (implicit)
Changes since 8.2.38:
-- Noteworthy changes in version 8.2.39 (2021-08-14)
* `hidechans` and `hideidle` may now be set in `general::oper_only_umodes`
* OpenSSL 3.0 compatibility improvements
* Fixed crashing issue in the mkpasswd tool with older glibc
* Fixed issue where the ircd wouldn't listen on both IPv4 and IPv6 ports in
case only a port but no address has been specified in a listen {} block
* Fixed a `STATS P` displaying issue with compressed ipv6 loopback/inaddr_any
Changes since 8.2.37:
-- Noteworthy changes in version 8.2.38 (2021-01-17)
* Backwards compatibility mode for ircd-hybrid 8.2.22 and below has been removed
* Minimum supported version of the Anope IRC services is now 2.0.8
* Fixed displaying issue with channel MODE messages
* Characters valid for user names for local clients are now [A-Za-z0-9._-]. 'Special'
characters like }|{'^]\[$, that were allowed previously, are no longer valid.
Also user names may not begin with '.', '_', or '-'.
* The 'general::dots_in_ident' configuration directive has been renamed to
'general::specials_in_ident' and now covers the '-' and '_' characters in
addition to '.'
* Fixed issue with clients connected from IPv6 localhost that, depending on the
system's getaddrinfo() implementation, could lead to a crash of remote servers
Changes since 8.2.36:
-- Noteworthy changes in version 8.2.37 (2020-12-26)
* Implemented IRCv3 'CAP 302'
* Implemented IRCv3 'cap-notify' capability
* In case a client sends multiple 'PASS' messages, ircd only accepts the password
sent in the first 'PASS' message instead of the last one
* Missing help file for 'MONITOR' has been added
* Fixed slightly off memory count for motds in 'STATS z'
* For a full list of all changes in this release, see <https://git.io/JLMnk>
Changes since 8.2.35:
-- Noteworthy changes in version 8.2.36 (2020-12-04)
* The old WATCH implementation has been replaced with IRCv3.2 MONITOR. For this,
the `general::max_watch` configuration directive has been renamed to
`general::max_monitor`.
* User mode `B` has been implemented. Clients with that mode set are marked as a
bot in both `WHOIS` and `WHO`. This mode can only be set by IRC operators (as
long as the `bot` directive is set in `general::oper_only_umodes`), servers,
and services.
This mode can for example be used to mark HOPM as official network bot.
* For a full list of all changes in this release, see <https://git.io/JI3fG>
Changes since 8.2.34:
-- Noteworthy changes in version 8.2.35 (2020-11-14)
* Fixed issue where servers could propagate truncated ban masks during net-join
Changes since 8.2.33:
-- Noteworthy changes in version 8.2.34 (2020-11-01)
* Re-implement backwards compatibility mode for old ircd-hybrid 8.2.23 and below.
Final removal is scheduled for early 2021.
* For consistency, the `general::network_desc` configuration directive has been
renamed to `general::network_description`
* Server notices that previously have been sent to user modes +f and +u are now
sent to user mode +j (reject notices) instead. Due to this change, `unauth` and
`full` have been removed from eneral::oper_only_umodes`, `general::oper_umodes`,
and `operator::umodes`.
* User mode +b has been replaced with +f (flood). Spam/flood notices are now sent
to this user mode. For this, `bots` has been removed from
`general::oper_only_umodes`, `general::oper_umodes`, and `operator::umodes`.
`flood` has been added instead to these configuration directives.
* Stricten server/user ID validation. IDs have to be all uppercase everywhere now.
* For a full list of all changes in this release, see <https://git.io/JT7UH>
Changes since 8.2.32:
-- Noteworthy changes in version 8.2.33 (2020-09-07)
o) Added 'client' option to listener::flags
o) Added 'defer' option to listener::flags
o) IRC operators may now use CIDR notation in "WHO"
o) For a full list of all changes in this release, see https://git.io/JUZKO
Changes since 8.2.31:
-- Noteworthy changes in version 8.2.32 (2020-08-16)
o) RESV couldn't be issued in case no reason has been supplied. This has been fixed.
o) Fixed possible RPL_WHOISCHANNELS line truncation of remote replies
o) Extban $t of type 'matching' has been implemented. This extban allows matching
based on TLS protocol version and/or cipher suite
o) Implemented channel mode 'K'. KNOCK cannot be used on channels with that mode set
o) "STATS ?" is now oper-only
Changes since 8.2.30:
-- Noteworthy changes in version 8.2.31 (2020-05-03)
o) macOS compatibility fixes
o) Removed 'spoof_notice' from auth::flags. With vhosts now this notice doesn't make
much sense anymore
o) Fixed issue where ban masks might become malformed if set by remote clients/servers
o) Fixed issue with channel mode +c where high ascii characters can be erroneously
detected as control characters
o) For a full list of all changes in this release, see https://git.io/JfsmV
Instead of pointing directly to /var, now localstatedir now
points to /var/ircd-hybrid with proper permissions so that the
databases are correctly created during start up.
Also minor formatting fixes.
PR: 228582
Reported by: Bunny Evans <bunny.evans@gmail.com>
Changes since 8.2.29:
-- Noteworthy changes in version 8.2.30 (2020-03-01)
o) "QUOTE HELP extban" didn't work because the extban help file hasn't been
installed properly during 'make install'
o) Fixed broken libcrypto detection which caused the ircd not to work with
openssl under certain circumstances
o) Extban $n of type 'acting' has been implemented. This extban prevents
matching users from changing their nick while in the channel. Users
with voice or above are not affected.
o) Channel mode +N has been changed so channel members with +v can change
their nick name as well
o) For a full list of all changes in this release, see https://git.io/JvgAq
Changes since 8.2.28:
-- Noteworthy changes in version 8.2.29 (2020-02-19)
o) Extbans have been implemented. Currently supported extbans:
Matching:
$a:<account> Matches users logged into a matching account.
$c:<channel> Matches users that are on the given channel. An additional
prefix of either @, %, or + can be specified to test for
certain channel privileges.
$o:<class> Matches IRC operators that have joined a class
matching the mask.
$r:<realname> Matches users with a matching realname.
$s:<server> Matches users that are connected to a server matching the mask.
$u:<modes> Matches users having the specified user modes set or not set.
$z:<certfp> Matches users having the given TLS certificate fingerprint.
Acting:
$j:<banmask> Prevents matching users from joining the channel.
$m:<banmask> Blocks messages from matching users. Users with voice
or above are not affected.
For more details, see help/extban.
o) Added 'channel::enable_extbans' configuration option. See doc/reference.conf
for more information.
o) For a full list of all changes in this release, see https://git.io/JvBca
Changes since 8.2.27:
-- Noteworthy changes in version 8.2.28 (2020-01-26)
o) Fixed issue with topics set by TBURST not being propagated properly to clients
o) Allow IRC operators to search for real hosts in "WHO"
o) Ban/exempt/invex masks are now also tested against realhosts to prevent clients
from bypassing channel bans by activating a fakehost
o) For a full list of all changes in this release, see https://git.io/JvqpT
Renames mkpasswd to ircd-hybrid-mkpasswd to avoid conflicts with other packages.
Changes since 8.2.26:
-- Noteworthy changes in version 8.2.27 (2020-01-22)
o) Experimental support for wolfSSL has been implemented. Minimum supported version is 4.3.0
o) The --enable-openssl, --enable-gnutls switches, and their disabling counterparts
--disable-openssl and --disable-gnutls, have been replaced with the --with-tls switch
which takes one of the following options: 'openssl', 'wolfssl', 'gnutls', and 'none'.
If nothing has been specified, configure tries to autodetect in the following order:
openssl/libressl -> gnutls -> wolfssl.
o) Fixed segfault with GnuTLS/libgmp in case there's no DH parameters file
defined in 'serverinfo::ssl_dh_param_file' or if that file is missing
o) The connection timeout for connect{} blocks can now be configured via
the 'connect::timeout' configuration directive
o) Minimum supported OpenSSL version is 1.1.1 now
o) Minimum supported GnuTLS version is 3.6.5 now
o) Supported TLSv1.3 cipher suites can now be configured explicitely via the
new 'serverinfo::tls_cipher_suites' configuration directive
o) In the serverinfo {} block, the following configuration directives have been renamed:
ssl_certificate_file -> tls_certificate_file
ssl_dh_param_file -> tls_dh_param_file
ssl_dh_elliptic_curve -> tls_supported_groups
ssl_cipher_list -> tls_cipher_list
ssl_message_digest_algorithm -> tls_message_digest_algorithm
o) In the operator {} block, the following configuration directives have been renamed:
ssl_certificate_fingerprint -> tls_certificate_fingerprint
ssl_connection_required -> tls_connection_required
o) In the connect {} block, the following configuration directives have been renamed:
ssl_cipher_list -> tls_cipher_list
ssl_certificate_fingerprint -> tls_certificate_fingerprint
PR: 243204
- Removes "halfops" since it is no longer a valid option in configure.
- Updated maintainer email approved by db@ (previous maintainer).
- Adds a logfile entry to the rc.d script.
-- Noteworthy changes in version 8.2.26 (2019-05-31)
o) The 'general::tkline_expire_notices' configuration directive has been
replaced with user mode 'X'. *LINE expiration notices are sent to IRC
operators with that mode set
o) Fixed issue with '/rehash conf' creating duplicated class entries
instead of updating existing ones that are already in use
o) For a full list of all changes in this release, see https://git.io/fjEbq
-- Noteworthy changes in version 8.2.25 (2019-04-24)
o) The 'class::number_per_ip', 'class::max_local' and 'class::max_global'
configuration directives have been replaced with just 'class::number_per_ip_local'
and 'class::number_per_ip_global'. The 'class::max_local' basically was
redundant as it had the same functionality as 'class::number_per_ip'
o) Adding RESVs with wildcards no longer requires administrator privileges
o) The 'general::ignore_bogus_ts' configuration option has been deprecated
o) TLSv1.1 and TLSv1.0 are no longer supported and have been disabled in
the openssl and gnutls module
o) Minimum supported OpenSSL version is 1.0.1f now
o) Minimum supported GnuTLS version is 3.5.8 now
o) The 'serverinfo::vhost' and 'serverinfo:vhost6' configuration directives have
been deprecated. If you need to bind() a specific address you can specify one
in the connect {} block
o) The 'connect::vhost' configuration directive has been renamed to 'connect::bind'
o) For a full list of all changes in this release, see https://git.io/fjRVk
-- Noteworthy changes in version 8.2.24 (2018-04-05)
o) Added "STATS s" to show configured pseudo {} blocks
o) Implemented channel mode 'N' which prevents users from changing their
nick while in a channel with that mode set
o) Services clients are now shown with 'is a Network Service' in "WHOIS"
o) For a full list of all changes in this release, see https://git.io/fjRVt
-- Noteworthy changes in version 8.2.23 (2018-03-26)
o) irc-operators are now able to see a user's resolved hostname in /whowas,
and /whois even if the user has a fakehost/vhost
o) RPL_WELCOME now does use the rfc2812 style nick!user@host format
o) Removed rudimentary libgeoip support
o) Added --enable-efence switch to allow easy linking with the
electric fence memory debugger library
o) "JOIN 0" is no longer supported
o) Fixed bug where ircd would not remove RPL_WHOISOPERATOR based svstags
when deoppering
o) Fixed 'unknown closes' statistic in "STATS t" showing invalid values sometimes
o) For a full list of all changes in this release, see https://git.io/fjRVq
PR: 241015
Approved by: db, philip (mentor)
#######################################################################
Reminder for package maintainers of ircd-hybrid: ircd-hybrid now has
GnuTLS support as of version 8.2.13
#######################################################################
Bug report from robertames@hotmail.com
When shutting down ircd-hybrid, a confusing error is displayed
stating the pid file does not exist:
# /usr/local/etc/rc.d/ircd-hybrid stop
Stopping ircd_hybrid.
Waiting for PIDS: 14504.
rm: /var/run/ircd/ircd.pid: No such file or directory
This is because after ircd correctly cleans up it's pid file, the
rc script tries to delete the non existing file. In the rc script,
stop_postcmd is not needed.
PR: ports/224977
Submitted by: robertames@hotmail.com
===> Building package for ircd-hybrid-8.2.5
pkg-static: Unable to access file /wrkdirs/usr/ports/irc/ircd-hybrid/work/stage/usr/local/lib/ircd-hybrid/modules/autoload/m_operwall.la: No such file or directory
pkg-static: Unable to access file /wrkdirs/usr/ports/irc/ircd-hybrid/work/stage/usr/local/lib/ircd-hybrid/modules/autoload/m_operwall.so: No such file or directory
pkg-static: Unable to access file /wrkdirs/usr/ports/irc/ircd-hybrid/work/stage/usr/local/lib/ircd-hybrid/modules/autoload/m_services.la: No such file or directory
...
Reported by: pkg-fallout
Feedback from upstream:
Hello,
EGD support has been dropped in ircd-hybrid 8.1.20 which was released
on July 20, 2014.
Also the compression issue has been fixed as well sometime last year.
Greets,
Michael
Bernard Spil schrieb:
Hi,
ircd-hybrid unconditionally uses RAND_egd which has been removed from
LibreSSL. Additionally it uses compression which is moved to a separate
header.
Attached patches
1. Use autoconf to detect availability of RAND_egd in libcrypto
2. Disable EGD if RAND_egd is not available
3. Add the openssl/comp.h header to src/rsa.c to fix build
I've been working through over 60 build failures with LibreSSL and
supplying FreeBSD ports and upstream projects with patches, check
https://wiki.freebsd.org/LibreSSL and
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=198505 for this bugs
status in ports.
Please include this patch into your product. Additionally please review
completely removing EGD as no platform requires it or has required perl
EGD as a random source fer many years.
Kind regards,
Bernard Spil.
PR: ports/198505
Submitted by: spil.oss@gmail.com
literal name_enable wherever possible, and ${name}_enable
when it's not, to prepare for the demise of set_rcvar().
In cases where I had to hand-edit unusual instances also
modify formatting slightly to be more uniform (and in
some cases, correct). This includes adding some $FreeBSD$
tags, and most importantly moving rcvar= to right after
name= so it's clear that one is derived from the other.
