2021! :-) Happy new year!

ngIRCd Release 26~rc1

Update documentation to reflect "[Channel]->Modes" changes No longer mention "[Channel]->Key" and "[Channel]->MaxUsers".

2020!

Fix some typos (documentation files, ngircd.conf manual page, ...) Spotted by Étienne Mollier <etienne.mollier@mailoo.org> and Christoph Biedl <debian.axhn@manchmal.in-ulm.de>, see Debian bug #932462 (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932462). Thank you!

ngircd.conf.5: Fix wording as suggested by lintian

Fix documentation of MotdPhrase length (#254) The max length is actually 126 (< 127), since the check errors out if length >= 127. See <https://github.com/ngircd/ngircd/blob/master/src/ngircd/conf.c#L1487>. I didn't look through the history to see when the change happened. I just happened to find during a migration that my 140 character MOTD didn't work. Update sample configuration file as well as the man page.

2019!

Implement new configuration option "MaxPenaltyTime" (#251) This option configures the maximum penalty time increase in seconds, per penalty event. Set to -1 for no limit (the default), 0 to disable penalties altogether. ngIRCd doesn't use penalty increases higher than 2 seconds during normal operation, so values higher than 1 rarely make sense. Disabling (or reducing) penalties can greatly speed up "make check" runs for example, see below, but are mostly a debugging feature and normally not meant to be used on production systems! Some example timings running "make check" from my macOS workstation: - MaxPenaltyTime not set: 4:41,79s - "MaxPenaltyTime = 1": 3:14,71s - "MaxPenaltyTime = 0": 25,46s Closes #249.

2018!

2017!

ngircd.conf.5.tmpl: Fix spelling Thanks to Christoph Biedl.

Add "PAMServiceName" configuration option This setting allows to run multiple ngIRCd instances with separate PAM configurations on each instance. If one sets it to ngircd-foo, PAM will use /etc/pam.d/ngircd-foo instead of the default /etc/pam.d/ngircd. Thanks to "somechris" for the patch & pull request! Closes #226.

Add PAMServiceName setting to specify the used PAM configuration This setting allows to run multiple ngIRCd instances with PAM configurations on each instance. If one sets it to "ngircd-foo", PAM will use `/etc/pam.d/ngircd-foo` instead of the default `/etc/pam.d/ngircd`.

Update copyright notices for 2016

Merge pull request #217 from SaberUK/master+notice-auth Use "NOTICE *" before registration instead of "NOTICE AUTH".

Rename NoticeAuth to NoticeBeforeRegistration. The old name is still supported for compatibility reasons.

Use "NOTICE *" before registration instead of "NOTICE AUTH". AUTH is a valid nickname so sending notices to it is probably not a good idea. Use * as the target instead as done with numerics when the nick is not available. This mimics the behaviour in Charybdis, IRCD-Hybrid, InspIRCd 2.2, Plexus 4, etc.

Update ngircd.conf.5: "CloadUserToNick" hides user and real name Closes #208.

Streamline effect of "MorePrivacy" option (WHOIS, LIST) - Update documentation in ngircd.conf(5) - LIST: Don't hide channels for IRC Ops when "MorePrivacy" is in effect - WHOIS: Don't hide IP addresses/hostnames when "MorePrivacy" is in effect Closes #198

Merge branch 'CipherListNoSSL3' * CipherListNoSSL3: INSTALL: List the changed SSL CipherList default value. Update "CipherList" to not enable SSLv3 by default

Update "CipherList" to not enable SSLv3 by default Idea, initial patch, and testing by Christoph Biedl <ngircd.anoy@manchmal.in-ulm.de>

Allow "DefaultUserModes" to set all possible modes Let IRC_MODE() detect that the "fake" MODE command originated on the local sever, which enables all modes to be settable using "DefaultUserModes" that can be set by regular MODE commands, including modes only settable by IRC Operators.

ngircd.conf.5: Update manual page

Merge branch 'bug165-005-NETWORK' of git://arthur.barton.de/ngircd-alex * 'bug165-005-NETWORK' of git://arthur.barton.de/ngircd-alex: Implement new configuration option "Network"

Implement new configuration option "Network" The new configuration variable "Network" is used to set the (completely optional) "network name", to which this instance of the daemon belongs. When set, this name is used in the ISUPPORT(005) numeric which is sent to all clients connecting to the server after logging in. Closes bug #165.

Update (date of) manual pages

Change cipher defaults Switch cipher defaults to HIGH:!aNULL:@STRENGTH (OpenSSL) or SECURE128 (GnuTLS).

Merge remote-tracking branch 'alex/bug162-SSLCipherList' * alex/bug162-SSLCipherList: Cipher list selection for GnuTLS ConnSSL_Init_SSL(): correctly set CONN_SSL flag Cipher list selection for OpenSSL ConnSSL_InitLibrary(): Code cleanup

Cipher list selection for GnuTLS This patch implements the missing functionality for cipher list selection using GnuTLS (our OpenSSL code has this already).

Cipher list selection for OpenSSL This patch introduces the possibility to arbitrarily select ciphers which should be promoted resp. declined when establishing a SSL connection with a client by implementing the new configuration option "CipherList". By default, OpenSSL would accept low and medium strength and RC-4 ciphers, which nowadays are known to be broken. This patch only implements the feature for OpenSSL. A GnuTLS counterpart has to be implemented in another patch ... Original patch by Bastian <bastian-ngircd@t6l.de>. Closes bug #162.

Implement new configuration option "DefaultUserModes" The new configuration option "DefaultUserModes" lists user modes that become automatically set on new local clients right after login. Please note that only modes can be set that the client could set on itself, you can't set "a" (away) or "o" (IRC Op), for example! User modes "i" (invisible) or "x" (cloaked) etc. are "interesting", though. Default: set no modes (like without this patch). Closes bug #160.

Merge branch 'bug152-AllowedChannelTypes' * bug152-AllowedChannelTypes: Implement new configuration option "AllowedChannelTypes" Introduce "CHANTYPES" #define

Implement new configuration option "AllowedChannelTypes" The new configuration variable "AllowedChannelTypes" lists all allowed channel types (channel prefixes) for newly created channels on the local server. By default, all supported channel types are allowed. If set to the empty string, local clients can't create new channels at all, which equals the old "PredefChannelsOnly = yes" setting. This patch deprecates the "PredefChannelsOnly" variable, too, but it is still supported and translated to the apropriate "AllowedChannelTypes" setting. When "PredefChannelsOnly" is processed, a warning message is logged. Closes bug #152.

Implement new configuration option "IncludeDir" The option "IncludeDir" in the [Options] section can be used to specify a directory which can contain further configuration files and configuration file snippets matching the pattern "*.conf" that should be read in after the main configuration file ("ngircd.conf" by default) has been parsed. Closes bug #157.

Merge branch 'systemd' * systemd: ngircd.sock: explicitely bind to IPv4 and IPv6 addresses Show address and port of sockets passed-in by systemd(8) Check type of sockets passed-in by systemd(8) Adjust severity levels of some log messages New configuration option "IdleTimeout": exit daemon when idle Implement support for systemd(8) "socket activation" contrib/README: add more files

New configuration option "IdleTimeout": exit daemon when idle This patch implements a new configuration option "IdleTimeout" in the [Limits] section of the configuration file which can be used to set a timeout (in seconds) after which the whole daemon will shutdown when no more connections are left active after handling at least one client. The default is 0, "never". This can be useful for testing or when ngIRCd is started using "socket activation" with systemd(8), for example.

Merge branch 'bug145-ProvideHelp' * bug145-ProvideHelp: Use "${docdir}/Commands.txt" as help text file Add a note that "help file" is updated on startup and REHASH only Add doc/Commands.txt which should document all commands Implement Help() function parsing and returning the help text Document "HelpFile" in sample-ngircd.conf and ngircd.conf.5 Implement new configuration option "HelpFile" IRC_HELP(): Code cleanup Refactor Read_Motd() into Read_TextFile()

Add a note that "help file" is updated on startup and REHASH only

Document "HelpFile" in sample-ngircd.conf and ngircd.conf.5

Spelling fix: "nick name" -> "nickname"

Document new configuration option "MaxListSize"

Update manual pages Among other little things, bring project description in line with website.

New configuration option "OperChanPAutoOp" If disabled, IRC operators don't become channel operators in persistent channels when joining. Enabled by default, which has been the behavior of ngIRCd up to this patch. Closes bug #135. (Cosmetic fixes by Alex.)

Enhance "ServiceMask" to handle a list of masks The "ServiceMask" variable in "Server" blocks now can handle more than one mask using the new MatchCaseInsensitiveList() function. This makes marking "service clients" much more specific, which is a good thing per se, but which is the prerequisite for reasonably blocking these nick names, too (see commit a6dd2e3 for details).

Hashed hostnames for CloakHost Implemented support for hashed hostnames for CloakHost. The admin can use '%x' in both the CloakHost and CloakHostModeX setting. The config option CloakHostModeX was renamed to CloakHostSalt. This salt is used for both cloaking options.

Implemented hashed cloaked hostnames for +x CloakHostModeX can now contain '%x'. It will be replace by the hash of the original client hostname. The new config option CloakHostModeXSalt defines the salt for the hash function. When CloakHostModeXSalt is not set a random salt will be generated after each server restart. Spelling fix in defines.h

Merge branch 'bug124-CloakHostModeX' * bug124-CloakHostModeX: Describe "CloakHostModeX" in sample-ngircd.conf an ngircd.conf(5) Rename "CloakModeHost" option to "CloakHostModeX" Introduce new configuration option "CloakModeHost" This closes bug #124.

Describe "CloakHostModeX" in sample-ngircd.conf an ngircd.conf(5)

Fix manual page "hyphen-used-as-minus-sign" error (lintian) Thanks to Christoph Biedl for reporting this!

ngircd.conf.5: reword description of "Ports" variable

New configuration option "PAMIsOptional" When "PAMIsOptional" is set, clients not sending a password are still allowed to connect: they won't become "identified" and keep the "~" character prepended to their supplied user name.

ngircd.conf.5: strip "SSL" prefix from variables in [SSL] section

Fix some wording, use spellchecker ;-)

Merge branch 'MorePrivacy' * MorePrivacy: New configuration opion "MorePrivacy" to "censor" some user information

New configuration opion "MorePrivacy" to "censor" some user information this patch contains: * Fix for Conf_CloakUserToNick to make it conceal user details * Adds MorePrivacy-feature MorePrivacy censors some user information from being reported by the server. Signon time and idle time is censored. Part and quit messages are made to look the same. WHOWAS requests are silently dropped. All of this is useful if one wish to conceal users that access the ngircd servers from TOR or I2P.

Merge branch 'ScrubCTCP' * ScrubCTCP: Add documentation for "ScrubCTCP" configuration option New option to scrub incoming CTCP commands

Merge branch 'newconfig' * newconfig: sample-ngircd.conf: "SyslogFacility" should be commented out Move SSL-related configuration variables to new [SSL] section CheckFileReadable(): only check when a filename is given ... PAM: make clear which "Password" config option is ignored Really remove [Features] in our manual pages INSTALL: document changed location of configuration variables Update sample config file and manual page for new config structure Testsuite: update configuration files for new config file format Display configuration errors more prominent on "--configtest" conf.c: code cleanup Check for redability of SSL-related files like for MOTD file Restructure ngIRCd configuration, introduce [Limits] and [Options]

Add documentation for "ScrubCTCP" configuration option

Update sample config file and manual page for new config structure

Move SSL-related configuration variables to new [SSL] section

Really remove [Features] in our manual pages

Merge branch 'AuthPing' * AuthPing: Add documentation for "RequireAuthPing" configuration option New configuration option "RequireAuthPing": PING-PONG on login

Merge branch 'NoticeAuth' * NoticeAuth: Add documentation for "NoticeAuth" configuration option Configuration: move "NoticeAuth" to GLOBAL section New configuration option "NoticeAuth": send NOTICE AUTH on connect

Add documentation for "RequireAuthPing" configuration option

ngircd.conf.5: Add variable type to "CloakHost" and "CloakUserToNick"

Add documentation for "NoticeAuth" configuration option

Merge branches 'CloakUserHost', 'QuitOnHTTP' and 'bug72-WHOIS-List' * CloakUserHost: Add a note not to use a percent sign ("%") in CloakHost variable Rename ClientHost to CloakHost, and ClientUserNick to CloakUserToNick Don't use "the.net" in sample-ngircd.conf, use "example.net" ngircd.conf.5: document "ClientHost" and "ClientUserNick" Move "ClientHost" and "ClientUserNick" to end of [Global] section ClientUserNick setting ClientHost setting * QuitOnHTTP: Only "handle" HTTP commands on unregistered connections Don't use IRC_QUIT_HTTP() if STRICT_RFC is #define'd IRC_QUIT_HTTP(): enhance error message Move IRC_QUIT_HTTP() below IRC_QUIT() quit on HTTP commands: GET & POST * bug72-WHOIS-List: Add "whois-test" to testsuite and distribution archive Add support for up to 3 targets in WHOIS queries.

Add a note not to use a percent sign ("%") in CloakHost variable The percent sign is reserved for future extensions, for example to expand some variables like %H to a hash value of the real host name ... Idea by kaFux in #ngircd.

Rename ClientHost to CloakHost, and ClientUserNick to CloakUserToNick

ngircd.conf.5: describe types of variables Describe the possible types of variables in ngircd.conf: booleans, text strings, integer numbers. And add type information to each variable description.

ngircd.conf.5: document "ClientHost" and "ClientUserNick"

Remove support for ZeroConf/Bonjour/Rendezvous service registration

conf: move 'run-time-feature-disable' options to new FEATURE section

config: deprecate NoXX-Options ngircd unfortunately uses several options using double-negation, e.g. NoIdent = No, NoPam = No, etc. This renames all options by dropping the "No" prefix, e.g. "NoIdent = no" becomes "Ident = yes". The old options will continue to work, but will cause a warning message. Also update man pages and default config. To prevent silly 'Ident = yes' from appearing in --configtest output in the 'ident support not compiled in and Ident Option not used' case, make default value depend on feature availability. If feature is available, enable by default, otherwise disable. We might consider moving these options to a new [Feature] section, or something like that, because none of these options are essential. Another possible improvement: 'Ident = yes' option in ngircd.conf causes a warning if ngircd was built without ident support. This does not happen with e.g. zeroconf....

Manual pages: update and simplyfy AUTHORS section

New configuration option "NoZeroConf" to disable ZeroConf registration If ngIRCd is compiled to register its services using ZeroConf (e.g. using Howl, Avahi or on Mac OS X) this parameter can be used to disable service registration at runtime.

New configuration option "SyslogFacility" The new option "SyslogFacility" deines the syslog "facility" to which ngIRCd should send log messages. Possible values are system dependant, but most probably "auth", "daemon", "user" and "local1" through "local7" are possible values; see syslog(3). Default is "local5" for historical reasons.

ngircd: change MOTD file handling previously, the given MotdFile file was read whenever a client requested it. Change handling to read the MotdFile contents into memory once during config file parsing. Two side effects: - changes to the MOTD file do not have any effect until ngircds configuration is reloaded - MOTD file does no longer have to reside in the chroot directory (the MOTD contents will then not be re-read on reload in that case)

New configuration option "NoPAM" to disable PAM When the "NoPAM" configuration option is set and ngIRCd is compiled with support for PAM, ngIRCd will not call any PAM functions: all connection attemps without password will succeed instead and all connection attemps with password will fail. If ngIRCd is compiled without PAM support, this option is a dummy option and nothing changes: the global server password will still be in effect.

Implement WEBIRC command The WEBIRC command is used by some Web-to-IRC gateways to set the correct user name and host name of users instead of their own. Syntax: WEBIRC <password> <username> <hostname> <ip-address> The <password> must be set using the new configuration variable "WebircPassword" in the [Global] section of ngircd.conf. Please note that the <ip-address> is currently not used by ngIRCd (we don't store it in the CLIENT structure, only the resolved hostname).

ngircd.conf.5: Document missing "Password" variable

New configuration option "AllowRemoteOper" Added new configuration option "AllowRemoteOper" to control whether remote IRC operators are allowed to use administrative commands that affect this server or not This commit introduces the configuration variable, but actually no function is using it. That's up for the next patches to come ...

do not add default listening port if ssl ports were specified Cosmo Kastemaa reported that its impossible to create an ssl-only setup, as ngircd binds to port 6667 by default, even if setting "Ports =". Only add the default port if _both_ "Ports" and "SSLPorts" are unspecified. Fixes bugzilla #98.

manpage: move SSLConnect option to the right section

Support individual channel keys for pre-defined channels. This patch introduces the new configuration variable "KeyFile" for [Channel] sections in ngircd.conf. Here a file can be configured for each pre-defined channel which contains individual channel keys for different users. This file is line-based and must have the following syntax: <user>:<nick>:<key> <user> and <nick> can contain the wildcard character "*". Please not that these channel keys are only in effect, when the channel has a regular key set using channel mode "k"!

Fix spelling in some documents.

Spell check and enhance ngIRCd manual pages.

man ngircd.conf: line break missing before the SSLConnect description reported by Christoph Biedl.

Update the date ("Dec 2008") of the manual pages.

Fix double minus signs in manual pages This patch fixes the following lintian(1) warning: "Manual page seems to contain a hyphen where a minus sign was intended. '-' chars are interpreted as hyphens (U+2010) by groff, not as minus signs (U+002D). Since options to programs use minus signs (U+002D), this means for example in UTF-8 locales that you cannot cut&paste options, nor search for them easily. '-' must be escaped ('\-') to be interpreted as minus."

New configuration option "NoIdent" to disable IDENT lookups The new configuration option "NoIdent" in ngircd.conf can be used to disable IDENT lookups even when the ngIRCd daemon is compiled with IDENT lookups enabled.

Connection counter: count outgoing connections as well. This patch lets ngIRCd count outgoing connections as well as incoming connections (up to now only outgoing connections have been counted). This change is required because the Conn_Close() function doesn't know whether it closes an outgoing connection or not and therefore would decrement the counter below zero when an outgoing connection existed -- which would trigger an assert() call ... Please note that this patch changes the (so far undocumented but now fixed) behaviour of the "MaxConnections" configuration option to account the sum of the in- and outbound connections!

sample-ngircd.conf & ngircd.conf(5): document "ServiceMask" option.

TLS/SSL support: documentation.

make Listen parameter a comma-seperated list of addresses. this also obsoletes ListenIPv4 and ListenIPv6 options. If Listen is unset, it is treated as Listen="::,0.0.0.0". Note: ListenIPv4 and ListenIPv6 options are still recognized, but ngircd will print a warning if they are used in the config file. Also, some plattforms require that ai_socktype is set in the getaddrinfo() hints structure.

Merge commit 'aad49bd260494878aed6795c7a897ad1d28c3082'

Update ngIRCd manual pages - Update timestamp, - enhance some phrasing, - and fix "Passive" ([Server]) formatting.

Merge branch 'master' of git://git.breakpoint.cc/fw/ngircd-fw

IPv6: Add config options to disabe ipv4/ipv6 support. This also enables ipv6-only setups.

bind ListenAddress for outgoing connections ngircd would always use INADDR_ANY for outgoing connections; which might not be desirable. Added new [Server] option "Bind" to set source ip.

Introduce option to configure the maximum nick name lenth in ngircd.conf - New configuration option "MaxNickLength" to specify the allowed maximum length of user nick names. Note: must be unique in an IRC network! - Enhanced the IRC+ protocol to support an enhanced "server handshake" and enable server to recognice numeric 005 (ISUPPORT) and 376 (ENDOFMOTD). See doc/Protocol.txt for details.

New config option NoDNS: disables all DNS queries.

fix doc and manpage wrt. MaxConnections, MaxConnectionsIP and MaxJoins values

Add new server config option to disable automatic connect. (Tassilo Schweyer)

add support for predefined-channel configuration of k and l modes

Customize manual pages to reflect the actual installation location of files.