head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.8 pkgsrc-2013Q2-base:1.2 pkgsrc-2012Q4:1.2.0.6 pkgsrc-2012Q4-base:1.2 pkgsrc-2011Q4:1.2.0.4 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q2:1.2.0.2 pkgsrc-2011Q2-base:1.2 pkgsrc-2010Q2:1.1.0.12 pkgsrc-2010Q2-base:1.1 pkgsrc-2010Q1:1.1.0.10 pkgsrc-2010Q1-base:1.1 pkgsrc-2009Q4:1.1.0.8 pkgsrc-2009Q4-base:1.1 pkgsrc-2009Q3:1.1.0.6 pkgsrc-2009Q3-base:1.1 pkgsrc-2009Q2:1.1.0.4 pkgsrc-2009Q2-base:1.1 pkgsrc-2009Q1:1.1.0.2; locks; strict; comment @# @; 1.2 date 2010.07.25.13.18.52; author obache; state dead; branches; next 1.1; 1.1 date 2009.04.13.16.20.52; author adrianp; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2009.04.13.16.20.52; author tron; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2009.04.14.21.12.04; author tron; state Exp; branches; next ; desc @@ 1.2 log @Update unrealircd to 3.2.8.1. Unreal3.2.8.1 - Fixes a security issue, which is exploitable (crash) when allow::options::noident is in use. Unreal3.2.8 ==[ NEW ]== - set::level-on-join: this defines which privileges a user receives when creating a channel, default is 'chanop', the only other available setting is 'none' (opless). - Away notification through WATCH: This allows clients to receive a notification when someone goes away or comes back, along with a reason, a bit like IM's. There's probably no current client supporting this but it would be a nice feature in notify lists. Client developers: see Changes file for full protocol details. This feature can be disabled by setting set::watch-away-notification to 'no'. - Spamfilter: Slow spamfilter detection: For each spamfilter, Unreal will check, each time it executes, how long it takes to execute. When a certain threshold is reached the IRCd will warn or even remove the spamfilter. This could prevent a spamfilter from completely stalling the IRCd. Warning is configured through set::spamfilter::slowdetect-warn (default: 250ms) and automatic deletion is configured by set::spamfilter::slowdetect-fatal (default: 500ms). You can set both settings to 0 (zero) to disable slow spamfilter detection. This feature is currently not available on Windows. - SSL: set::ssl::server-cipher-list can be used to limit the allowed ciphers - SSL: To specify when an SSL session key should be renegotiated you can use set::ssl::renegotiate-bytes and set::ssl::renegotiate-timeout . - UHNAMES support: This sends the full nick!ident@@host in NAMES which can be used by clients for their IAL. mIRC, Klient, etc support this. - There have also been some behavior changes, which can be considered NEW, see next section (CHANGED). ==[ CHANGED ]== - IPv6: On IPv6 servers you no longer have to use ::ffff:1.2.3.4 IP's for IPv4 in the config file, you can use the simple 1.2.3.4 form, as they are converted automatically. - When someone is banned and /PARTs, the part reason (comment) is no longer shown - ChanMode +S/+c: now strips/blocks 'reverse' as well - Smart banning is now disabled by default because it was too annoying, this means that f.e. if there's a ban on *!*@@*.com then you can still add a ban on *!*@@*.aol.com - except ban { } now also protects against ZLINEs and ban ip { } - Modules: user modes and channel modes without parameters (eg: +X) no longer have to be PERManent, this means they can be upgraded/reloaded/unloaded on-the-fly. ==[ MAJOR BUGS FIXED ]== - Zip links issue (Overflowed unzipbuf) - Crash issue with 3rd party modules that introduce new channel modes w/parameters - Mac OS X: Various issues which prevented the IRCd from booting up - Remote includes (constant) crash with new curl/c-ares versions - A few rare crash issues, including a crash when linking to another server - In case of clock adjustments, the IRCd will no longer freeze when the time is adjusted backwards, nor will it incorrectly throttle clients when adjusted forward. However, because clock adjustments (time shifts) of more than xx seconds are so dangerous (and will still cause a number of issues), big warnings are now printed when they happen. Morale: synchronize your system clock, or use the built-in timesync feature. ==[ MINOR BUGS FIXED ]== - CGI:IRC: Several IPv6 issues, both on IPv6 IRCd's and CGI:IRC gateways - IP masks in oper::from::userhost sometimes didn't match when they should - (G)ZLINE's on IPv6 users were sometimes rejected - CHROOTDIR works again - OperOverride fixes - Throttling is now more accurate - And more... see Changelog @ text @$NetBSD: patch-ag,v 1.1 2009/04/13 16:20:52 adrianp Exp $ --- src/s_conf.c.orig 2007-06-27 12:36:31.000000000 +0100 +++ src/s_conf.c @@@@ -2663,25 +2663,15 @@@@ int AllowClient(aClient *cptr, struct ho Debug((DEBUG_DNS, "a_il: %s->%s", sockhost, fullname)); if (index(aconf->hostname, '@@')) { - /* - * Doing strlcpy / strlcat here - * would simply be a waste. We are - * ALREADY sure that it is proper - * lengths - */ if (aconf->flags.noident) - strcpy(uhost, username); + strlcpy(uhost, username, sizeof(uhost)); else - strcpy(uhost, cptr->username); - strcat(uhost, "@@"); + strlcpy(uhost, cptr->username, sizeof(uhost)); + strlcat(uhost, "@@", sizeof(uhost)); } else *uhost = '\0'; - /* - * Same here as above - * -Stskeeps - */ - strncat(uhost, fullname, sizeof(uhost) - strlen(uhost)); + strlcat(uhost, fullname, sizeof(uhost)); if (!match(aconf->hostname, uhost)) goto attach; } @@@@ -2692,11 +2682,11 @@@@ int AllowClient(aClient *cptr, struct ho strncpyzt(uhost, username, sizeof(uhost)); else strncpyzt(uhost, cptr->username, sizeof(uhost)); - (void)strcat(uhost, "@@"); + (void)strlcat(uhost, "@@", sizeof(uhost)); } else *uhost = '\0'; - (void)strncat(uhost, sockhost, sizeof(uhost) - strlen(uhost)); + strlcat(uhost, sockhost, sizeof(uhost)); /* Check the IP */ if (match_ip(cptr->ip, uhost, aconf->ip, aconf->netmask)) goto attach; @ 1.1 log @Add patch for http://forums.unrealircd.com/viewtopic.php?t=6204 Update MASTER_SITES PKGREVISION++ @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @file patch-ag was added on branch pkgsrc-2009Q1 on 2009-04-14 21:12:04 +0000 @ text @d1 48 @ 1.1.2.2 log @Pullup ticket #2735 - requested by adrianp: unrealircd: security patch Revisions pulled up: - chat/unrealircd/Makefile 1.26 - chat/unrealircd/distinfo 1.11 - chat/unrealircd/patches/patch-ag 1.1 --- Module Name: pkgsrc Committed By: adrianp Date: Mon Apr 13 16:20:52 UTC 2009 Modified Files: pkgsrc/chat/unrealircd: Makefile distinfo Added Files: pkgsrc/chat/unrealircd/patches: patch-ag Log Message: Add patch for http://forums.unrealircd.com/viewtopic.php?t=6204 Update MASTER_SITES PKGREVISION++ @ text @a0 48 $NetBSD: patch-ag,v 1.1 2009/04/13 16:20:52 adrianp Exp $ --- src/s_conf.c.orig 2007-06-27 12:36:31.000000000 +0100 +++ src/s_conf.c @@@@ -2663,25 +2663,15 @@@@ int AllowClient(aClient *cptr, struct ho Debug((DEBUG_DNS, "a_il: %s->%s", sockhost, fullname)); if (index(aconf->hostname, '@@')) { - /* - * Doing strlcpy / strlcat here - * would simply be a waste. We are - * ALREADY sure that it is proper - * lengths - */ if (aconf->flags.noident) - strcpy(uhost, username); + strlcpy(uhost, username, sizeof(uhost)); else - strcpy(uhost, cptr->username); - strcat(uhost, "@@"); + strlcpy(uhost, cptr->username, sizeof(uhost)); + strlcat(uhost, "@@", sizeof(uhost)); } else *uhost = '\0'; - /* - * Same here as above - * -Stskeeps - */ - strncat(uhost, fullname, sizeof(uhost) - strlen(uhost)); + strlcat(uhost, fullname, sizeof(uhost)); if (!match(aconf->hostname, uhost)) goto attach; } @@@@ -2692,11 +2682,11 @@@@ int AllowClient(aClient *cptr, struct ho strncpyzt(uhost, username, sizeof(uhost)); else strncpyzt(uhost, cptr->username, sizeof(uhost)); - (void)strcat(uhost, "@@"); + (void)strlcat(uhost, "@@", sizeof(uhost)); } else *uhost = '\0'; - (void)strncat(uhost, sockhost, sizeof(uhost) - strlen(uhost)); + strlcat(uhost, sockhost, sizeof(uhost)); /* Check the IP */ if (match_ip(cptr->ip, uhost, aconf->ip, aconf->netmask)) goto attach; @