diff options
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 192 |
1 files changed, 96 insertions, 96 deletions
@@ -1,160 +1,160 @@ +-- Noteworthy changes in version 1.1.9 (2020-11-16) +* Implemented support for loading a user-provided private key and tls client + certificate. The `irc::rsa_private_key_file`and `irc::tls_certificate_file` + configuration directives have been added for this. + As a side effect this now allows HOPM to use certificate fingerprints for + NickServ authentication +* The `vhost` configuration directive found in the irc {} and scanner {} blocks + has been renamed to `bind` + + -- Noteworthy changes in version 1.1.8 (2020-07-05) -o) Minimum supported OpenSSL version is 1.1.1 now -o) Experimental TLS support for the irc client part has been implemented. We - only do TLSv1.2 and higher -o) The irc::tls and irc::tls_hostname_verification configuration directives - have been added -o) A possible out-of-bounds write in the irc parser logic has been fixed +* Minimum supported OpenSSL version is 1.1.1 now +* Experimental TLS support for the irc client part has been implemented. We + only do TLSv1.2 and higher +* The `irc::tls` and `irc::tls_hostname_verification` configuration directives + have been added +* A possible out-of-bounds write in the irc parser logic has been fixed -- Noteworthy changes in version 1.1.7 (2020-04-19) -o) Fixed github issue #31: hopm attempts to open stderr for logging in - non-debug/fork mode which can cause hopm to exit silently +* Fixed github issue #31: hopm attempts to open stderr for logging in + non-debug/fork mode which can cause hopm to exit silently -- Noteworthy changes in version 1.1.6 (2019-04-21) -o) Fixed issue with ssh banner scans where hopm would test connections only - against the 'target_string' that's defined last in the scanner{} block -o) Minimum supported OpenSSL version is 1.0.1f now +* Fixed issue with ssh banner scans where hopm would test connections only + against the `target_string` that's defined last in the scanner{} block +* Minimum supported OpenSSL version is 1.0.1f now -- Noteworthy changes in version 1.1.5 (2018-10-14) -o) The ':', and ',' nickname delimiters work again -o) Fixed a bug where the hopm process couldn't be restarted under certain - conditions -o) The hopm process can now be restarted from the command line via "kill -HUP" -o) Added --enable-efence switch to allow easy linking with the - electric fence memory debugger library -o) Implemented proper support to kill users with vulnerable SSH versions by - version announcement. Patch provided by falsovsky (Pedro de Oliveira). See - doc/reference.conf for more information. -o) Minimum supported OpenSSL version is 1.0.1d now +* The `:`, and `,` nickname delimiters work again +* Fixed a bug where the hopm process couldn't be restarted under certain + conditions +* The hopm process can now be restarted from the command line via `kill -HUP` +* Added `--enable-efence` switch to allow easy linking with the + electric fence memory debugger library +* Implemented proper support to kill users with vulnerable SSH versions by + version announcement. Patch provided by falsovsky (Pedro de Oliveira). See + `doc/reference.conf` for more information. +* Minimum supported OpenSSL version is 1.0.1d now -- Noteworthy changes in version 1.1.4 (2017-04-05) -o) IPv6 blacklist support has been implemented -o) The CHECK command now accepts IPv6 addresses -o) The negative cache has been rewritten to use latest Net::Patricia - C sources and does support IPv6 now -o) Further code cleanups and optimizations +* IPv6 blacklist support has been implemented +* The `CHECK` command now accepts IPv6 addresses +* The negative cache has been rewritten to use latest Net::Patricia C sources + and does support IPv6 now -- Noteworthy changes in version 1.1.3 (2016-09-26) -o) Allow inclusion of other configuration files in the main hopm.conf - file. See doc/reference.conf for further information on how to use - the new .include configuration directive. +* Allow inclusion of other configuration files in the main `hopm.conf` file. + See `doc/reference.conf` for further information on how to use the new + `.include` configuration directive. -- Noteworthy changes in version 1.1.2 (2016-05-15) -o) Fixed archaic bug which can cause the scanner to either detect nothing or - to detect everything and therefore even kill legit clients +* Fixed archaic bug which can cause the scanner to either detect nothing or to + detect everything and therefore even kill legit clients -- Noteworthy changes in version 1.1.1 (2016-01-03) -o) Added 'command_queue_size', 'command_interval', and 'command_timeout', - configuration directives to the options {} block. See doc/reference.conf - for more information. -o) Various updates to the reference.conf; added updated 'connregex' directives - for ircd-hybrid in conjunction with user mode +F (far connect notices), and - UnrealIRCd 4.0.0, which now uses a different format for connect notices -o) Minor code cleanups +* Added `command_queue_size`, `command_interval`, and `command_timeout`, + configuration directives to the options {} block. See `doc/reference.conf` + for more information. +* Various updates to the `reference.conf`; added updated `connregex` directives + for ircd-hybrid in conjunction with user mode +F (far connect notices), and + UnrealIRCd 4.0.0, which now uses a different format for connect notices -- Noteworthy changes in version 1.1.0 (2015-08-07) -o) options::pidfile and options::scanlog can now be relative pathnames -o) Due to security reasons the PROTOCOLS command has been removed again +* `options::pidfile` and `options::scanlog` can now be relative pathnames +* Due to security reasons the `PROTOCOLS` command has been removed again -- Noteworthy changes in version 1.1.0beta1 (2015-07-02) -o) Added HTTPS support for SSL/TLS-enabled HTTP proxies which seem to be - used quite a lot on IRC nowadays. LibreSSL or OpenSSL 0.9.8o and above - is required for this to work. -o) Added new HTTPS and HTTPSPOST protocol configuration directives to the - scanner {} block. +* Added HTTPS support for SSL/TLS-enabled HTTP proxies which seem to be used + quite a lot on IRC nowadays. LibreSSL or OpenSSL 0.9.8o and above is required + for this to work. +* Added new `HTTPS` and `HTTPSPOST` protocol configuration directives to the + scanner {} block -- Noteworthy changes in version 1.0.8 (2015-06-25) -o) Added options::reconnectinterval configuration option. See doc/reference.conf - for more information. -o) Added options::dns_timeout configuration option. See doc/reference.conf - for more information. -o) Further modernizations and cleanups to the build system -o) HOPM now compiles with -fstack-protector-strong and -fstack-protector, - respectively, depending on what the compiler supports -o) Added --enable-assert switch to ./configure. assert() statements are now - disabled by default and can be enabled with ./configure --enable-assert -o) Added --enable-warnings switch to ./configure, which enables various - compiler warnings if supported by the compiler +* Added `options::reconnectinterval` configuration option. See `doc/reference.conf` + for more information. +* Added `options::dns_timeout` configuration option. See `doc/reference.conf` + for more information. +* Further modernizations and cleanups to the build system +* HOPM now compiles with `-fstack-protector-strong` and `-fstack-protector`, + respectively, depending on what the compiler supports +* Added `--enable-assert` switch to `./configure`. assert() statements are now + disabled by default and can be enabled with `./configure --enable-assert` +* Added `--enable-warnings` switch to `./configure`, which enables various + compiler warnings if supported by the compiler -- Noteworthy changes in version 1.0.7 (2015-06-06) -o) HOPM can now detect Dreamboxes with default root passwords -o) Fixed bug where the configuration parser would report syntax errors - with invalid line numbers when there are multi-line C-style - comments in the config file -o) Minor code cleanups +* HOPM can now detect Dreamboxes with default root passwords +* Fixed bug where the configuration parser would report syntax errors with + invalid line numbers when there are multi-line C-style comments in the + config file -- Noteworthy changes in version 1.0.6 (2015-05-27) -o) HOPM now catches MikroTik HttpProxies +* HOPM now catches MikroTik HttpProxies -- Noteworthy changes in version 1.0.5 (2015-05-04) -o) Fixed bug where HOPM couldn't connect to the server specified - in the irc {} block on some OS +* Fixed bug where HOPM couldn't connect to the server specified in the irc {} + block on some OS -- Noteworthy changes in version 1.0.4 (2015-03-17) -o) Log timestamp format is ISO8601 now -o) Added 'protocols' command which dumps a list of configured scanners - and their associated protocols/ports to a channel -o) Code cleanups and performance improvements +* Log timestamp format is ISO8601 now +* Added `protocols` command which dumps a list of configured scanners and their + associated protocols/ports to a channel -- Noteworthy changes in version 1.0.3 (2015-01-28) -o) Fixed bug where HOPM wouldn't try re-connecting to the server in - case the connection got lost -o) Added irc::notice configuration option +* Fixed bug where HOPM wouldn't try re-connecting to the server in case the + connection got lost +* Added `irc::notice` configuration option -- Noteworthy changes in version 1.0.2 (2015-01-12) -o) Added options::negcache_rebuild configuration option -o) Added basic IPv6 support allowing HOPM to bind and - connect to IPv6 addresses -o) Many code cleanups and optimizations +* Added `options::negcache_rebuild` configuration option +* Added basic IPv6 support allowing HOPM to bind and connect to IPv6 addresses -- Noteworthy changes in version 1.0.1 (2015-01-06) -o) Fixed build on OS X -o) More code cleanups, no user-visible changes +* Fixed build on OS X -- Noteworthy changes in version 1.0.0 (2015-01-03) -o) Minor stabilization and performance improvements +* Minor stabilization and performance improvements -- Noteworthy changes in version 1.0.0beta2 (2014-12-31) -o) Added irc::readtimeout configuration option -o) Many code cleanups and optimizations -o) Worked towards IPv6 support -o) Fixed reference.conf from causing syntax errors -o) HOPM now uses poll() for I/O event notification instead of select() +* Added `irc::readtimeout` configuration option +* Worked towards IPv6 support +* Fixed `reference.conf` from causing syntax errors +* HOPM now uses poll() for I/O event notification instead of select() -- Noteworthy changes in version 1.0.0beta1 (2014-12-25) -######################################################################## -o) NOTE: this is the first release of the hybrid open proxy monitor (HOPM) - fully based off the discontinued blitzed open proxy monitor (BOPM) 3.1.3 -######################################################################## -o) Modernized and cleaned up build system -o) Modernized the example configuration file. Removed/updated blacklist entries. -o) The configuration parser now does support time and size units -o) The configuration parser now does support c++ style comments -o) Fixed a memory leak in conjunction with manual scans -o) Fixed weird behaviour in the command parser -o) Code hardening. Replaced occurences of strcpy/strcat with strlcpy/strlcat, etc. -o) Various code cleanups and optimizations -o) The irc::away configuration option is now optional +* **NOTE:** this is the first release of the hybrid open proxy monitor (HOPM) + fully based off the discontinued blitzed open proxy monitor (BOPM) 3.1.3 +* Modernized and cleaned up build system +* Modernized the example configuration file. Removed/updated blacklist entries. +* The configuration parser now does support time and size units +* The configuration parser now does support c++ style comments +* Fixed a memory leak in conjunction with manual scans +* Fixed weird behaviour in the command parser +* Code hardening. Replaced occurences of strcpy/strcat with strlcpy/strlcat, etc. +* Various code cleanups and optimizations +* The `irc::away` configuration option is now optional -------------------------------------------------------------------------------- |