IRC-Junkie.org – IRC News

All about Internet Relay Chat

Category Archives: IRCd

ngIRCd 16 has been released

Alexander Barton of the ngIRCd project just announced on their mailing-list the immediate availability of version 16 of their IRC daemon.

After 1 month of testing and 2 release candidates, the final release is available to download and use.

The most notable changes since ngIRCd version 15 according to the announcement are various fixes to the build system and code cleanups, a new numeric (RPL_STATSCONN 250) that displays a few enhanced connection statistics to clients on connect and adding the missing documentation for the “Password” variable.

ngIRCd has gained WEBIRC support that is used for various Webchat-clients such as Mibbit and the limit that previously restricted the number of possible IRCOps has been removed.

Channelmode +z has been introduced as well – with that mode set only clients that are connected over a SSL-encrypted connection can join that channel, clients that already are present on that channel are not checked and therefore are allowed to stay – the same goes for clients joining from a remote server that does not support CMODE +z.

The download for ngIRCd 16 can be found here and the changelog is available here.

  Copyright secured by Digiprove

ratbox-services updated to v1.2.4

ratbox-services, the services package for ircd-ratbox, have released version 1.2.4 in their stable tree.

ratbox services logo

ratbox services logo

Version 1.2.4 is mainly a bugfix release, one feature addition that this new version got is that you now can specify both the UID/GID and the path it chroots to on startup with a parameter.

Other than that, some inconsistencies with ChanServ enforcing topics have been rectified and it now “enforces topics whenever it is in the channel”. The handling of read-errors received from servers has been fixed as well as the configure-options of both MySQL and PostgreSQL which now take a path to a binary that will provide the compiler with information it needs to compile the respective support in.

The complete changelog for ratbox-services 1.2.4 can be found here and the download can be obtained from here.

  Copyright secured by Digiprove

InspIRCd 1.2.7 stable is out, fixes DoS bugs

The InspIRCd team released version 1.2.7 of their stable branch yesterday which fixes 2 critical bugs that can result in DoS conditions, so an upgrade is advised.

The first crash that has been fixed is triggerable when a remote server has the same name as a local one which possibly crashes the linking IRCd. This bug was squashed by developer danieldg in this commit.

The second bug can lead to a Denial of Service condition due to memory exhaustion which is possible since ban exception masks weren’t limited in length and numbers according to MAXBANS.

This has been rectified by this commit and they are now restricted to 250 characters in length and adhere to the MAXBANS directive.

The download for InspIRCd 1.2.7 can be found here, the whole commit-log can be viewed here.

  Copyright secured by Digiprove

ShadowIRCd project releases 6.1.0

The ShadowIRCd project just released version 6.1.0 of their Charybdis-based IRCd, just little over a month after the release of version 6.0.0.

The new release adds a few new features, configuration options and “massive helpfile updates”.

The developer team implemented a server-side /CYCLE (also called /HOP in some clients) command which parts and rejoins the user from the channel he specifies.

A lot of management-commands like those pertaining to modules (like MODLOAD) can now be executed remotely, remote stopping or restarting the IRCd through DIE and RESTART has been introduced as well.

Configuration options like a settable timeout for ident checking have been added, static QUIT and the removal of PART messages are now an option too. The flood protection for opers can now fully be turned off instead of just increasing the limit by 4 times like before – the changelog however warns to be “extremely careful” since this option allows to “flood channels/users”.

Another feature worth mentioning is the addition of HELPCHAN / HELPURL: When those are configured a user doing /QUOTE HELP will be pointed to the networks help channel or a website whereas he otherwise would get just the default help index.

The full changelog can be viewed here and the download can be obtained from here.

  Copyright secured by Digiprove

Atheme / InspIRCd m_invisible brouhaha

Those who closely follow either projects development will have noticed a few “odd” looking commits to their sourcecode in the past few days.

The commits all concerned InspIRCds m_invisible module which provides similar functionality as the old mode +I in UnrealIRCd 3.1.x.

Quoting the InspIRCd wiki page about m_invisible the module

adds support for quiet (invisible) opers. A quiet oper is invisible to normal users on channels. This can be used for surveillence of botnet channels, statistics bots, etc. Note that other opers CAN see invisible opers; +Q only hides the oper from non-opers.

The brawl emerged when Atheme developer nenolod commited a few changes to the services packages that would make such a join visible to channel members by announcing that “Channel security has been compromised” because an invisible user has joined.

This commit was followed up by danieldg of the InspIRCd developer team who moved the module out of the main – and therefore by default included – modules into the seperate “inspircd-extras” repository, but only in the 2.0 beta and 2.1 pre-alpha branches.

The initial commits to Atheme have since been reverted but there now are checks for m_invisible being loaded and the services package now refuses to link if it spots the module being present.

The module, referred to as “morally unacceptable” and “not … ethical” by nenolod, has legitimate uses such as “private networks inside offices, with special uses, those do need logging and accountability, most of them even disable private messages entirely” said developer Brain when asked about his views of this whole situation. They wrote it because “users asked for the module” and his opinion is that it “should be kept, and we’re keeping it, in third party”.

Brain says to him “it’s all about choice, the choice to run the modules or not to, we aren’t going to tell people whats right and wrong” and that “people are sensible enough and educated enough to decide for themselves”.

What’s your opinion about this? Do you use m_invisible on your network? And if so, do you tell your users that such a module is loaded? Guns don’t kill, people do?

  Copyright secured by Digiprove