Prosody is a flexible communications server for Jabber/XMPP written in Lua.
It aims to be easy to use, and light on resources. For developers it aims
to be easy to extend and give a flexible system on which to rapidly develop
added functionality, or prototype new protocols.
(Based on wip/prosody.)
0.85 - 9/10/2010
* Pretends to be iChat instead of an old version of AIM,
due to AIM blocking older clients
* Please note that bsflite is no longer in active development.
Any updates at this point will be minor. Since I do not use
AIM myself these days I am interested in finding somebody
interested in taking over bsflite development.
6.39 Sat Sep 4 02:16:28 UTC 2010
- AutoJoin.pm: Allow channel keys to be undefined
- Make the 'nickserv' command do the right thing on ratbox ircds
- Add a server_version() method
6.38 Fri Sep 3 18:33:50 UTC 2010
- Only process the first CTCP chunk we find in a message. This prevents
someone from flooding our outgoing queue by having us e.g. reply to 20
VERSION requests at a time.
- CTCP.pm: Reply to VERSION with "dev-git" when no version is available.
6.37 Tue Aug 17 22:53:22 GMT 2010
- Make all warnings fatal
- Use real temp files in tests instead of littering the dist directory
6.36 Mon Jul 26 03:53:50 GMT 2010
- Added a logged_in() method to see if we're logged into IRC
6.35 Sun Jun 27 09:32:22 GMT 2010
- Disconnecting.pod: Mention when it is appropriate to use
C<< $irc->yield('shutdown') >>.
- Connector.pm: Clear the reconnect timer when the plugin is deleted so
that we can actually shut down the IRC component.
- Depend on POE::Component::Pluggable 1.26 for irc_plugin_error
6.34 Fri Jun 25 18:16:40 GMT 2010
- CTCP.pm: Do "use POE::Component::IRC;" to avoid weird failures when
this plugin is compiled by code which hasn't done the same.
6.33 Mon Jun 21 20:27:42 GMT 2010
- BotCommand.pm: Allow user to choose how help messages are delivered
- BotCommand.pm: Require the command prefix in private messages
- BotCommand.pm: Make the help messages more context-sensitive
- BotCommand.pm: Add support for custom auth checks
- BotCommand.pm: If Eat == 1, we eat everything that looks like a command
- Cookbook: Add Gtk2 example by Damian Kaczmarek
- Logger.pm: Support a hook for custom log storage
- IRC.pm: Remove redundant version() method
- Convert distribution over to Dist::Zilla
Short list of changes:
* Erlang/OTP R12 support fixed
* Erlang/OTP R14A support added
* OpenSSL 0.9.8 or higher is required
* BOSH: New optional connection attribute process-delay
* C2S: Don't ask for client certificate when using tls
* C2S: Inform client that SSL session caching is disabled
* CTL: Fix problem when FIREWALL_WINDOW options for erl kernel were used
* CTL: Some systems delete the lock dir; in such case don't use Flock at all
* Caps: Support all the hash functions required by XEP-0115
* Config: Fix typo in --enable-transient_supervisors
* Config: New configure option: --enable-nif
* Extauth: Support parallel script running
* MUC: Allow admins to see private rooms in disco
* ODBC: Correct handling of SQL boolean types
* ODBC: Discard too old queued requests (the caller has already got a timeout)
* ODBC: Fixes wrong SQL escaping when --enable-full-xml is set
* ODBC: Use ets insead of asking supervisor in ejabberd_odbc_sup:get_pids/1
* Pubsub: Enforce disco features results
* S2S: When logging s2s out connection attempt or success, log if TLS is used
* Shared Rosters: When account is deleted, delete also member
of stored rosters
* Lots of little incremental bug fixes and enhancements in this release.
* Finally got some fixes out there for you Yahoo users behind some
particularly annoying firewalls and proxies, among other fixes. Enjoy!
Changes 2.7.2:
* We discovered a security issue in Pidgin 2.7.0 and 2.7.1 and decided to
release a patched version quickly. This release contains the fix for that
crash, and a few other minor fixes.
* Lots of little incremental bug fixes and enhancements in this release.
* Finally got some fixes out there for you Yahoo users behind some
particularly annoying firewalls and proxies, among other fixes. Enjoy!
Changes 2.7.2:
* We discovered a security issue in Pidgin 2.7.0 and 2.7.1 and decided to
release a patched version quickly. This release contains the fix for that
crash, and a few other minor fixes.
* More string format fixes in silcd and client libary
* configure: changed AC_PROG_LIBTOOL order to fix disabling shared libs
* configure: check threads support in OpenBSD
* Fixed string format vulnerability in client entry handling
* Reported and patch provided by William Cummings
* silcd: Fixed IDENTIFY command reply handling for channels
Changes 1.1.18 (server):
* silcd: Added heartbeat support
* Added support for sending SILC_PACKET_HEARTBEAT packets to connection,
to make sure they keep alive and to detect if they have died
* Set SO_KEEPALIVE for all accept()ed sockets
* silcd: Fixed SIGUSR1 signal handling
* Fixed the SIGUSR1 signal handling which can be used to dump the server
internals to /tmp.
* Changed also End of Stream handling to handle NULL idata pointer instead
of ignoring the EOS in case it is NULL.
* Changed also the DETACH timeout handling to use the packet stream
directly instead of looking up client in the callback
* More string format fixes in silcd and client libary
to trigger/signal a rebuild for the transition 5.10.1 -> 5.12.1.
The list of packages is computed by finding all packages which end
up having either of PERL5_USE_PACKLIST, BUILDLINK_API_DEPENDS.perl,
or PERL5_PACKLIST defined in their make setup (tested via
"make show-vars VARNAMES=..."), minus the packages updated after
the perl package update.
sno@ was right after all, obache@ kindly asked and he@ led the
way. Thanks!
changes:
- Add properties to get the Farsight2 session and stream
- Recognize the shm transmitter
- Ignore invalidly empty strings in tp properties
- Fix -Wshadow warnings
Unreal3.2.8.1
- Fixes a security issue, which is exploitable (crash) when allow::options::noident
is in use.
Unreal3.2.8
==[ NEW ]==
- set::level-on-join: this defines which privileges a user receives when creating a
channel, default is 'chanop', the only other available setting is 'none' (opless).
- Away notification through WATCH: This allows clients to receive a notification
when someone goes away or comes back, along with a reason, a bit like IM's.
There's probably no current client supporting this but it would be a nice feature
in notify lists. Client developers: see Changes file for full protocol details.
This feature can be disabled by setting set::watch-away-notification to 'no'.
- Spamfilter: Slow spamfilter detection: For each spamfilter, Unreal will check,
each time it executes, how long it takes to execute. When a certain threshold is
reached the IRCd will warn or even remove the spamfilter. This could prevent a
spamfilter from completely stalling the IRCd. Warning is configured through
set::spamfilter::slowdetect-warn (default: 250ms) and automatic deletion is
configured by set::spamfilter::slowdetect-fatal (default: 500ms).
You can set both settings to 0 (zero) to disable slow spamfilter detection.
This feature is currently not available on Windows.
- SSL: set::ssl::server-cipher-list can be used to limit the allowed ciphers
- SSL: To specify when an SSL session key should be renegotiated you can use
set::ssl::renegotiate-bytes <bytes> and set::ssl::renegotiate-timeout <seconds>.
- UHNAMES support: This sends the full nick!ident@host in NAMES which can be
used by clients for their IAL. mIRC, Klient, etc support this.
- There have also been some behavior changes, which can be considered NEW, see
next section (CHANGED).
==[ CHANGED ]==
- IPv6: On IPv6 servers you no longer have to use ::ffff:1.2.3.4 IP's for IPv4 in the
config file, you can use the simple 1.2.3.4 form, as they are converted automatically.
- When someone is banned and /PARTs, the part reason (comment) is no longer shown
- ChanMode +S/+c: now strips/blocks 'reverse' as well
- Smart banning is now disabled by default because it was too annoying, this means that
f.e. if there's a ban on *!*@*.com then you can still add a ban on *!*@*.aol.com
- except ban { } now also protects against ZLINEs and ban ip { }
- Modules: user modes and channel modes without parameters (eg: +X) no longer have
to be PERManent, this means they can be upgraded/reloaded/unloaded on-the-fly.
==[ MAJOR BUGS FIXED ]==
- Zip links issue (Overflowed unzipbuf)
- Crash issue with 3rd party modules that introduce new channel modes w/parameters
- Mac OS X: Various issues which prevented the IRCd from booting up
- Remote includes (constant) crash with new curl/c-ares versions
- A few rare crash issues, including a crash when linking to another server
- In case of clock adjustments, the IRCd will no longer freeze when the time is
adjusted backwards, nor will it incorrectly throttle clients when adjusted forward.
However, because clock adjustments (time shifts) of more than xx seconds are
so dangerous (and will still cause a number of issues), big warnings are now
printed when they happen.
Morale: synchronize your system clock, or use the built-in timesync feature.
==[ MINOR BUGS FIXED ]==
- CGI:IRC: Several IPv6 issues, both on IPv6 IRCd's and CGI:IRC gateways
- IP masks in oper::from::userhost sometimes didn't match when they should
- (G)ZLINE's on IPv6 users were sometimes rejected
- CHROOTDIR works again
- OperOverride fixes
- Throttling is now more accurate
- And more... see Changelog
While here, fixes PR#43618 (getline) and set LICENSE=gnu-gpl-v2.
Version 5.0
-----------
2009/07/31 .64 ChanServ DEPROTECT no longer removes channel owner mode, to
prevent abuse by rogue users. Reported by Kieron
Thwaites <ron2k.za@gmail.com>
* Special case to ignore the X509_V_ERR_UNABLE_TO_GET_CRL error
when CRL is not present in chain. Merged patch by Michal Witkowski.
* storage_ldapvcard rebind like auth_ldap for successful connection
to MS Active Directory as LDAP storage. Merged patch by x0r.
* Merged SASL External login for clients patch by Michal Witkowski.
* Merged router-filter redirect option by Ugnich Anton.
* Dropped support for PEP
* Fix for crash on empty pkt->to
Short list of changes:
* Bounce messages when closing c2s session
* Bugfixes when handling Service Discovery to contacts
* Don't send error stanza as reply to error stanza
* Don't store blocked messages in offline queue
* Extauth: Optionally cache extauth users in mnesia
* Full support for XEP-0115 Entity Capabilities v1.5
* HTTP-Bind (BOSH): Remove unneeded 100 ms delay, and export functions
to facilitate prebinding methods
* LDAP: Inband password change, Extensible match support,
and ldap_tls_verify.
* Localization: Updated most translations
* MUC: Refactor code to reduce calls to get_affiliation and get_role
* ODBC: Add created_at column also to PostgreSQL schema
* PAM: New option pam_userinfotype to provide username or JID
* Pubsub: Send created node notifications. Enforce
pubsub#presence_based_delivery, pubsub#show_values
* Vcard: Automatic vcard avatar addition in presence
* WebAdmin: New Access rule webadmin_view for read-only
