aboutsummaryrefslogtreecommitdiffstats
path: root/NEWS
blob: 3fdb1875afc1fcbce069b88420af569b66f515af (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
-- Noteworthy changes in version 1.1.10 (2021-01-30)
* Timers have been changed to use monotonic time instead of wall-clock time
* Fixed broken build with LibreSSL


-- Noteworthy changes in version 1.1.9 (2020-11-16)
* Implemented support for loading a user-provided private key and tls client
  certificate. The `irc::rsa_private_key_file`and `irc::tls_certificate_file`
  configuration directives have been added for this.
  As a side effect this now allows HOPM to use certificate fingerprints for
  NickServ authentication
* The `vhost` configuration directive found in the irc {} and scanner {} blocks
  has been renamed to `bind`


-- Noteworthy changes in version 1.1.8 (2020-07-05)
* Minimum supported OpenSSL version is 1.1.1 now
* Experimental TLS support for the irc client part has been implemented. We
  only do TLSv1.2 and higher
* The `irc::tls` and `irc::tls_hostname_verification` configuration directives
  have been added
* A possible out-of-bounds write in the irc parser logic has been fixed


-- Noteworthy changes in version 1.1.7 (2020-04-19)
* Fixed github issue #31: hopm attempts to open stderr for logging in
  non-debug/fork mode which can cause hopm to exit silently


-- Noteworthy changes in version 1.1.6 (2019-04-21)
* Fixed issue with ssh banner scans where hopm would test connections only
  against the `target_string` that's defined last in the scanner{} block
* Minimum supported OpenSSL version is 1.0.1f now


-- Noteworthy changes in version 1.1.5 (2018-10-14)
* The `:`, and `,` nickname delimiters work again
* Fixed a bug where the hopm process couldn't be restarted under certain
  conditions
* The hopm process can now be restarted from the command line via `kill -HUP`
* Added `--enable-efence` switch to allow easy linking with the
  electric fence memory debugger library
* Implemented proper support to kill users with vulnerable SSH versions by
  version announcement. Patch provided by falsovsky (Pedro de Oliveira). See
  `doc/reference.conf` for more information.
* Minimum supported OpenSSL version is 1.0.1d now


-- Noteworthy changes in version 1.1.4 (2017-04-05)
* IPv6 blacklist support has been implemented
* The `CHECK` command now accepts IPv6 addresses
* The negative cache has been rewritten to use latest Net::Patricia C sources
  and does support IPv6 now


-- Noteworthy changes in version 1.1.3 (2016-09-26)
* Allow inclusion of other configuration files in the main `hopm.conf` file.
  See `doc/reference.conf` for further information on how to use the new
  `.include` configuration directive.


-- Noteworthy changes in version 1.1.2 (2016-05-15)
* Fixed archaic bug which can cause the scanner to either detect nothing or to
  detect everything and therefore even kill legit clients


-- Noteworthy changes in version 1.1.1 (2016-01-03)
* Added `command_queue_size`, `command_interval`, and `command_timeout`,
  configuration directives to the options {} block. See `doc/reference.conf`
  for more information.
* Various updates to the `reference.conf`; added updated `connregex` directives
  for ircd-hybrid in conjunction with user mode +F (far connect notices), and
  UnrealIRCd 4.0.0, which now uses a different format for connect notices


-- Noteworthy changes in version 1.1.0 (2015-08-07)
* `options::pidfile` and `options::scanlog` can now be relative pathnames
* Due to security reasons the `PROTOCOLS` command has been removed again


-- Noteworthy changes in version 1.1.0beta1 (2015-07-02)
* Added HTTPS support for SSL/TLS-enabled HTTP proxies which seem to be used
  quite a lot on IRC nowadays. LibreSSL or OpenSSL 0.9.8o and above is required
  for this to work.
* Added new `HTTPS` and `HTTPSPOST` protocol configuration directives to the
  scanner {} block


-- Noteworthy changes in version 1.0.8 (2015-06-25)
* Added `options::reconnectinterval` configuration option. See `doc/reference.conf`
  for more information.
* Added `options::dns_timeout` configuration option. See `doc/reference.conf`
  for more information.
* Further modernizations and cleanups to the build system
* HOPM now compiles with `-fstack-protector-strong` and `-fstack-protector`,
  respectively, depending on what the compiler supports
* Added `--enable-assert` switch to `./configure`. assert() statements are now
  disabled by default and can be enabled with `./configure --enable-assert`
* Added `--enable-warnings` switch to `./configure`, which enables various
  compiler warnings if supported by the compiler


-- Noteworthy changes in version 1.0.7 (2015-06-06)
* HOPM can now detect Dreamboxes with default root passwords
* Fixed bug where the configuration parser would report syntax errors with
  invalid line numbers when there are multi-line C-style comments in the
  config file


-- Noteworthy changes in version 1.0.6 (2015-05-27)
* HOPM now catches MikroTik HttpProxies


-- Noteworthy changes in version 1.0.5 (2015-05-04)
* Fixed bug where HOPM couldn't connect to the server specified in the irc {}
  block on some OS


-- Noteworthy changes in version 1.0.4 (2015-03-17)
* Log timestamp format is ISO8601 now
* Added `protocols` command which dumps a list of configured scanners and their
  associated protocols/ports to a channel


-- Noteworthy changes in version 1.0.3 (2015-01-28)
* Fixed bug where HOPM wouldn't try re-connecting to the server in case the
  connection got lost
* Added `irc::notice` configuration option


-- Noteworthy changes in version 1.0.2 (2015-01-12)
* Added `options::negcache_rebuild` configuration option
* Added basic IPv6 support allowing HOPM to bind and connect to IPv6 addresses


-- Noteworthy changes in version 1.0.1 (2015-01-06)
* Fixed build on OS X


-- Noteworthy changes in version 1.0.0 (2015-01-03)
* Minor stabilization and performance improvements


-- Noteworthy changes in version 1.0.0beta2 (2014-12-31)
* Added `irc::readtimeout` configuration option
* Worked towards IPv6 support
* Fixed `reference.conf` from causing syntax errors
* HOPM now uses poll() for I/O event notification instead of select()


-- Noteworthy changes in version 1.0.0beta1 (2014-12-25)
* **NOTE:**  this is the first release of the hybrid open proxy monitor (HOPM)
  fully based off the discontinued blitzed open proxy monitor (BOPM) 3.1.3
* Modernized and cleaned up build system
* Modernized the example configuration file. Removed/updated blacklist entries.
* The configuration parser now does support time and size units
* The configuration parser now does support c++ style comments
* Fixed a memory leak in conjunction with manual scans
* Fixed weird behaviour in the command parser
* Code hardening. Replaced occurences of strcpy/strcat with strlcpy/strlcat, etc.
* Various code cleanups and optimizations
* The `irc::away` configuration option is now optional


--------------------------------------------------------------------------------

BUG REPORTS: If you run this code and encounter problems, you must report
 the bug by EMAIL to bugs@ircd-hybrid.org
 Please include a gdb backtrace and a copy of your setup.h and
 hopm.conf with any report (with passwords and other sensitive
 information masked).

DISCUSSION: There is a mailing list for discussion of hopm issues,
 including betas. To subscribe, use this link:
    https://lists.ircd-hybrid.org/mailman/listinfo/hybrid
 This is the proper place to discuss new features, bugs, etc.

Questions/comments directed to bugs@ircd-hybrid.org

Other files recommended for reading: README, INSTALL

--------------------------------------------------------------------------------
$Id$