1 |
-- Noteworthy changes in version 1.1.11 (2021-??-??) |
2 |
* The `irc::tls_disable_certificate_verification` configuration option |
3 |
has been implemented. Setting this to `yes` turns off verification of |
4 |
the remote peer's certificate. |
5 |
Turning off certificate verification is generally discouraged and should |
6 |
be done only for experimental purposes. |
7 |
|
8 |
|
9 |
-- Noteworthy changes in version 1.1.10 (2021-01-30) |
10 |
* Timers have been changed to use monotonic time instead of wall-clock time |
11 |
* Fixed broken build with LibreSSL |
12 |
|
13 |
|
14 |
-- Noteworthy changes in version 1.1.9 (2020-11-16) |
15 |
* Implemented support for loading a user-provided private key and tls client |
16 |
certificate. The `irc::rsa_private_key_file`and `irc::tls_certificate_file` |
17 |
configuration directives have been added for this. |
18 |
As a side effect this now allows HOPM to use certificate fingerprints for |
19 |
NickServ authentication |
20 |
* The `vhost` configuration directive found in the irc {} and scanner {} blocks |
21 |
has been renamed to `bind` |
22 |
|
23 |
|
24 |
-- Noteworthy changes in version 1.1.8 (2020-07-05) |
25 |
* Minimum supported OpenSSL version is 1.1.1 now |
26 |
* Experimental TLS support for the irc client part has been implemented. We |
27 |
only do TLSv1.2 and higher |
28 |
* The `irc::tls` and `irc::tls_hostname_verification` configuration directives |
29 |
have been added |
30 |
* A possible out-of-bounds write in the irc parser logic has been fixed |
31 |
|
32 |
|
33 |
-- Noteworthy changes in version 1.1.7 (2020-04-19) |
34 |
* Fixed github issue #31: hopm attempts to open stderr for logging in |
35 |
non-debug/fork mode which can cause hopm to exit silently |
36 |
|
37 |
|
38 |
-- Noteworthy changes in version 1.1.6 (2019-04-21) |
39 |
* Fixed issue with ssh banner scans where hopm would test connections only |
40 |
against the `target_string` that's defined last in the scanner{} block |
41 |
* Minimum supported OpenSSL version is 1.0.1f now |
42 |
|
43 |
|
44 |
-- Noteworthy changes in version 1.1.5 (2018-10-14) |
45 |
* The `:`, and `,` nickname delimiters work again |
46 |
* Fixed a bug where the hopm process couldn't be restarted under certain |
47 |
conditions |
48 |
* The hopm process can now be restarted from the command line via `kill -HUP` |
49 |
* Added `--enable-efence` switch to allow easy linking with the |
50 |
electric fence memory debugger library |
51 |
* Implemented proper support to kill users with vulnerable SSH versions by |
52 |
version announcement. Patch provided by falsovsky (Pedro de Oliveira). See |
53 |
`doc/reference.conf` for more information. |
54 |
* Minimum supported OpenSSL version is 1.0.1d now |
55 |
|
56 |
|
57 |
-- Noteworthy changes in version 1.1.4 (2017-04-05) |
58 |
* IPv6 blacklist support has been implemented |
59 |
* The `CHECK` command now accepts IPv6 addresses |
60 |
* The negative cache has been rewritten to use latest Net::Patricia C sources |
61 |
and does support IPv6 now |
62 |
|
63 |
|
64 |
-- Noteworthy changes in version 1.1.3 (2016-09-26) |
65 |
* Allow inclusion of other configuration files in the main `hopm.conf` file. |
66 |
See `doc/reference.conf` for further information on how to use the new |
67 |
`.include` configuration directive. |
68 |
|
69 |
|
70 |
-- Noteworthy changes in version 1.1.2 (2016-05-15) |
71 |
* Fixed archaic bug which can cause the scanner to either detect nothing or to |
72 |
detect everything and therefore even kill legit clients |
73 |
|
74 |
|
75 |
-- Noteworthy changes in version 1.1.1 (2016-01-03) |
76 |
* Added `command_queue_size`, `command_interval`, and `command_timeout`, |
77 |
configuration directives to the options {} block. See `doc/reference.conf` |
78 |
for more information. |
79 |
* Various updates to the `reference.conf`; added updated `connregex` directives |
80 |
for ircd-hybrid in conjunction with user mode +F (far connect notices), and |
81 |
UnrealIRCd 4.0.0, which now uses a different format for connect notices |
82 |
|
83 |
|
84 |
-- Noteworthy changes in version 1.1.0 (2015-08-07) |
85 |
* `options::pidfile` and `options::scanlog` can now be relative pathnames |
86 |
* Due to security reasons the `PROTOCOLS` command has been removed again |
87 |
|
88 |
|
89 |
-- Noteworthy changes in version 1.1.0beta1 (2015-07-02) |
90 |
* Added HTTPS support for SSL/TLS-enabled HTTP proxies which seem to be used |
91 |
quite a lot on IRC nowadays. LibreSSL or OpenSSL 0.9.8o and above is required |
92 |
for this to work. |
93 |
* Added new `HTTPS` and `HTTPSPOST` protocol configuration directives to the |
94 |
scanner {} block |
95 |
|
96 |
|
97 |
-- Noteworthy changes in version 1.0.8 (2015-06-25) |
98 |
* Added `options::reconnectinterval` configuration option. See `doc/reference.conf` |
99 |
for more information. |
100 |
* Added `options::dns_timeout` configuration option. See `doc/reference.conf` |
101 |
for more information. |
102 |
* Further modernizations and cleanups to the build system |
103 |
* HOPM now compiles with `-fstack-protector-strong` and `-fstack-protector`, |
104 |
respectively, depending on what the compiler supports |
105 |
* Added `--enable-assert` switch to `./configure`. assert() statements are now |
106 |
disabled by default and can be enabled with `./configure --enable-assert` |
107 |
* Added `--enable-warnings` switch to `./configure`, which enables various |
108 |
compiler warnings if supported by the compiler |
109 |
|
110 |
|
111 |
-- Noteworthy changes in version 1.0.7 (2015-06-06) |
112 |
* HOPM can now detect Dreamboxes with default root passwords |
113 |
* Fixed bug where the configuration parser would report syntax errors with |
114 |
invalid line numbers when there are multi-line C-style comments in the |
115 |
config file |
116 |
|
117 |
|
118 |
-- Noteworthy changes in version 1.0.6 (2015-05-27) |
119 |
* HOPM now catches MikroTik HttpProxies |
120 |
|
121 |
|
122 |
-- Noteworthy changes in version 1.0.5 (2015-05-04) |
123 |
* Fixed bug where HOPM couldn't connect to the server specified in the irc {} |
124 |
block on some OS |
125 |
|
126 |
|
127 |
-- Noteworthy changes in version 1.0.4 (2015-03-17) |
128 |
* Log timestamp format is ISO8601 now |
129 |
* Added `protocols` command which dumps a list of configured scanners and their |
130 |
associated protocols/ports to a channel |
131 |
|
132 |
|
133 |
-- Noteworthy changes in version 1.0.3 (2015-01-28) |
134 |
* Fixed bug where HOPM wouldn't try re-connecting to the server in case the |
135 |
connection got lost |
136 |
* Added `irc::notice` configuration option |
137 |
|
138 |
|
139 |
-- Noteworthy changes in version 1.0.2 (2015-01-12) |
140 |
* Added `options::negcache_rebuild` configuration option |
141 |
* Added basic IPv6 support allowing HOPM to bind and connect to IPv6 addresses |
142 |
|
143 |
|
144 |
-- Noteworthy changes in version 1.0.1 (2015-01-06) |
145 |
* Fixed build on OS X |
146 |
|
147 |
|
148 |
-- Noteworthy changes in version 1.0.0 (2015-01-03) |
149 |
* Minor stabilization and performance improvements |
150 |
|
151 |
|
152 |
-- Noteworthy changes in version 1.0.0beta2 (2014-12-31) |
153 |
* Added `irc::readtimeout` configuration option |
154 |
* Worked towards IPv6 support |
155 |
* Fixed `reference.conf` from causing syntax errors |
156 |
* HOPM now uses poll() for I/O event notification instead of select() |
157 |
|
158 |
|
159 |
-- Noteworthy changes in version 1.0.0beta1 (2014-12-25) |
160 |
* **NOTE:** this is the first release of the hybrid open proxy monitor (HOPM) |
161 |
fully based off the discontinued blitzed open proxy monitor (BOPM) 3.1.3 |
162 |
* Modernized and cleaned up build system |
163 |
* Modernized the example configuration file. Removed/updated blacklist entries. |
164 |
* The configuration parser now does support time and size units |
165 |
* The configuration parser now does support c++ style comments |
166 |
* Fixed a memory leak in conjunction with manual scans |
167 |
* Fixed weird behaviour in the command parser |
168 |
* Code hardening. Replaced occurences of strcpy/strcat with strlcpy/strlcat, etc. |
169 |
* Various code cleanups and optimizations |
170 |
* The `irc::away` configuration option is now optional |
171 |
|
172 |
|
173 |
-------------------------------------------------------------------------------- |
174 |
|
175 |
BUG REPORTS: If you run this code and encounter problems, you must report |
176 |
the bug by EMAIL to bugs@ircd-hybrid.org |
177 |
Please include a gdb backtrace and a copy of your setup.h and |
178 |
hopm.conf with any report (with passwords and other sensitive |
179 |
information masked). |
180 |
|
181 |
DISCUSSION: There is a mailing list for discussion of hopm issues, |
182 |
including betas. To subscribe, use this link: |
183 |
https://lists.ircd-hybrid.org/mailman/listinfo/hybrid |
184 |
This is the proper place to discuss new features, bugs, etc. |
185 |
|
186 |
Questions/comments directed to bugs@ircd-hybrid.org |
187 |
|
188 |
Other files recommended for reading: README, INSTALL |
189 |
|
190 |
-------------------------------------------------------------------------------- |
191 |
$Id$ |