./chat/unrealircd, Advanced IRC server with IPv6 and SSL support

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 4.2.2nb1, Package name: unrealircd-4.2.2nb1, Maintainer: pkgsrc-users

UnrealIRCd is an IRC server based on the branch of IRCu called Dreamforge,
formerly used by the DALnet IRC Network. Since development started on it
(around May 1999) many new features has been added, modified, and many bugs
fixed. Unreal runs both on *nix platforms, Amiga & Windows 95/98/2k/NT.
Some features to mention: Channel Halfops, No-color channel mode,
Strip-colors channel mode, channelmode +q & +a - protect modes, Oper and
Admin only channels, exception bans, Nokicks mode (channel and user), Flood
limiter, Channel links, Host cloaking, Net* Tech and Co-Admin modes, Whois
notifies, Foreign connects monitor, Oper suspend, G:Lines, T:Lines, channel
restriction (people can only go to these channels if enabled), Trojan/DCC
Deny, RPING/RPONG, Sethost family, Token in server<->server etc.
FDlists/High Traffic Mode, SOCKS check on connect, Speeded up server
synchs, limited WebTV Client support, /vhost, and many dreamforge
optimations. UnrealIRCd is aimed to be an advanced, not an easy IRCd.

Also includes SSL and IPv6 support.

MESSAGE.inet6 [+/-]

Required to run:
[net/libcares] [devel/tre] [devel/pcre2] [security/argon2]

Required to build:
[pkgtools/cwrappers]

Package options: unrealircd-showlistmodes

Master sites:


Version history: (Expand)


CVS history: (Expand)


   2019-04-02 15:20:21 by Thomas Klausner | Files touched by this commit (2)
Log message:
unrealircd: set DIST_SUBDIR for new distfile
   2019-04-02 14:42:44 by Nia Alarie | Files touched by this commit (1) | Package updated
Log message:
unrealircd: bump PKGREVISION for distinfo change
   2019-04-02 13:29:46 by Nia Alarie | Files touched by this commit (1) | Package updated
Log message:
chat/unrealircd: update distinfo.

The tarball was silently updated without a release. After diffing this
against the git tag, the updated tarball seems to change some if statements
from if (x = y) to if (x == y)...

https://github.com/unrealircd/unrealirc … dc084e2547

The bug fixed by this change is apparently not exploitable.
   2019-03-02 16:44:33 by Nia Alarie | Files touched by this commit (2) | Package updated
Log message:
unrealircd: Update to 4.2.2.

Changes between version 4.2.1 and 4.2.2:

Improvements:

    Quicker connection handshake for clients which use CAP and/or SASL.
    With "TOPIC #chan" and "MODE #chan +b" (and +e/+I) you \ 
can see who set the topic and bans/exempts/invex. The default is to only show \ 
the nick of the person who set the item. This can be changed (not the default) \ 
by setting:

    set { topic-setter nick-user-host; };
    set { ban-setter nick-user-host; };

    The 'set by' and 'set at' information for +beI lists are now synchronized \ 
when servers link. You still see the MODE originating from the server, however \ 
when the banlist is queried you will now be able to see the original nick and \ 
time of the bansetter rather than serv.er.name. If you want the OLD behavior you \ 
can use: set { ban-setter-sync no; };
    The default maximum topic length has been increased from 307 to 360.
    You can now set more custom limits. The default settings are shown below:

    set {
            topic-length 360; /* maximum: 360 */
            away-length 307; /* maximum: 360 */
            quit-length 307; /* maximum: 395 */
            kick-length 307; /* maximum: 360 */
        };

    The message sent to users upon *LINE can now be adjusted completely via \ 
set::reject-message::kline and set::reject-message::gline.
    New set::anti-flood::max-concurrent-conversations which configures the \ 
maximum number of conversations a user can have with other users at the same \ 
time.
    Until now this was hardcoded at limiting /MSG and /INVITE to 20 different \ 
users in a 15 second period. The new default is 10 users, which serves as a \ 
protection measure against spambots.
    New set::max-targets-per-command which configures the maximum number of \ 
targets accepted for a command, such as 4 to allow e.g. /MSG \ 
nick1,nick2,nick3,nick4 hi.
    Also changed the following defaults (previously hardcoded):
        PRIVMSG from 20 to 4 targets, to counter /amsg spam
        NOTICE from 20 to 1 target, to counter /anotice spam
        KICK from 1 to 4 targets, to make it easier for channel operators to \ 
quickly kick a large amount of spambots
    Added INVITE and KNOCK flood protection (command rate limiting):
        set::anti-flood::invite-flood now defaults to 4 per 60 seconds \ 
(previously the effective limit was 1 invite per 6 seconds).
        set::anti-flood::knock-flood now defaults to 4 per 120 seconds.
    New set::outdated-tls-policy which describes what to do with clients that \ 
use outdated SSL/TLS protocols (eg: TLSv1.0) and ciphers.
    The default settings are to warn in all cases: users connecting, opers \ 
/OPER'ing up and servers linking in. The user will see a message telling them to \ 
upgrade their IRC client.
    This should help with migrating such users, since in the future, say one or \ 
two years from now, we would want to change the default to only allow TSLv1.2+ \ 
with ciphers that provide Forward Secrecy. Instead of rejecting clients without \ 
any error message, this provides a way to warn them and give them some time to \ 
upgrade their outdated IRC client.

Major issues fixed:

    Crash issue in the 'websocket' module.

Minor issues fixed:

    The advertised "link-security" was incorrectly downgraded from \ 
level 2 to 1 if spkifp was used as an authentication method.
    In case of a crash, the ./unrealircd backtrace script was not working \ 
correctly in non-English environments, leading to less accurate bug reports.
    Various crashes if a server receives incorrect commands from a trusted \ 
linked server.
    A number of memory leaks on REHASH (about 1K).
    SASL was not working post-registration, eg: when services link back in. This \ 
is now fixed in UnrealIRCd, but may require a services update as well.

Changed:

    The noctcp user mode (+T) will now only block CTCP's and not CTCP REPLIES. \ 
Also, IRCOps can bypass user mode +T restrictions.
    The server will warn if your ulines { } are matching UnrealIRCd servers.
    The m_whox module now contains various features that m_who already had.
    Also, m_whox will try to convert classic UnrealIRCd WHO requests such as \ 
"WHO +i 127.0.0.1" to whox style "WHO 127.0.0.1 i".
    Unfortunately auto-converting WHO requests is not always possible. When in \ 
doubt the WHOX syntax is assumed. Users are thus (still) encouraged to use the \ 
whox style when m_whox is loaded.

For module coders:

    New hook HOOKTYPE_WELCOME (aClient *acptr, int after_numeric): allows you to \ 
send a message at very specific places during the initial welcome.
    New Isupport functions: IsupportSet, IsupportSetFmt and IsupportDelByName.
    The M_ANNOUNCE flag in the command add functions should no longer be used as \ 
CMDS= is removed. Please update your module.
    New "SJSBY" in PROTOCTL, which is used in SJOIN to sync extra \ 
data. See the last part of the SJOIN documentation.
    For a command with 2 arguments, eg "PRIVMSG #a :txt", parv[1] is \ 
"#a", parv[2] is "txt" and parv[3] is NULL. Any arguments \ 
beyond that, such as parv[4] should not be accessed. To help module coders with \ 
detecting such bugs we now poison unused parv[] elements that should never be \ 
accessed. Note that without this poison your code will also crash, now it just \ 
crashes more consistently.

IRC protocol:
This section is intended for client coders and people interested in IRC protocol \ 
technicalities

    Many changes in the tokens used in numeric 005 (RPL_ISUPPORT):
        Removed CMDS= because this was an unnecessary abstraction and it was not \ 
picked up by any other IRCd.
        The tokens KNOCK MAP USERIP have been added (moved from CMDS=..)
        STARTTLS is no longer advertised in 005 since doing so would be too \ 
late. Also, STARTTLS is not the preferred method of using SSL/TLS.
        Added TARGMAX= to communicate set::max-targets-per-command limits.
        Removed the MAXTARGETS= token because TARGMAX= replaces it.
        Added DEAF=d to signal what user mode is used for "deaf"
        Added QUITLEN to communicate the set::quit-length setting (after all, \ 
why communicate length for KICK but not for QUIT?)
        The 005 tokens are now sorted alphabetically
    When hitting the TARGMAX limit (set::max-targets-per-command), for example \ 
with "/MSG k001,k002,k003,k004,k005 hi", you will see:
    :server 407 me k005 :Too many targets. The maximum is 4 for PRIVMSG.
    When hitting the set::anti-flood::max-concurrent-conversations limit (so not \ 
per command, but per time frame), you will see:
    :server 439 me k011 :Message target change too fast. Please wait 7 seconds
    When hitting the set::anti-flood::invite-flood limit you will get:
    :server 263 me INVITE :Flooding detected. Please wait a while and try again.
    When hitting the set::anti-flood::knock-flood limit you will get:
    :server 480 me :Cannot knock on #channel (You are KNOCK flooding)
    Not a protocol change. But when a server returns from a netsplit and syncs \ 
modes such as: :server MODE #chan +b this!is@an.old.ban
    Then later on you can query the banlist (MODE #chan b) and you may see the \ 
actual original setter and timestamp of the ban. So if a user wishes to see the \ 
banlist then IRC clients are encouraged to actively query the banlist before \ 
displaying it. Fortunately most clients do this.
    If the set::topic-setter or set::ban-setter are set to nick-user-host then \ 
the "added by" field in numerics that show these entries will contain \ 
nick!user@host instead of nick, eg:
    :server 367 me #channel this!is@some.ban bansetter!user@some.host 1549461765
   2019-02-09 16:23:16 by Nia Alarie | Files touched by this commit (18) | Package updated
Log message:
chat/unrealircd: Update to 4.2.1.1

Many changes, coming from an unsupported version, but at least
fixes CVE-2016-7144.
   2018-12-13 20:52:27 by Adam Ciarcinski | Files touched by this commit (668)
Log message:
revbump for boost 1.69.0
   2018-08-16 20:55:17 by Adam Ciarcinski | Files touched by this commit (653) | Package updated
Log message:
revbump after boost-libs update
   2018-07-04 15:40:45 by Jonathan Perkin | Files touched by this commit (423)
Log message:
*: Move SUBST_STAGE from post-patch to pre-configure

Performing substitutions during post-patch breaks tools such as mkpatches,
making it very difficult to regenerate correct patches after making changes,
and often leading to substituted string replacements being committed.