Packaged initially in wip and updated by iphydf (toxcore author)
in joyent/pkgsrc-wip#98.
Toxcore is a p2p network level library that provides encrypted
communication and data transfer between peers who can find each
other anonymously through a DHT. The peers are identified with
a 256 bit public key to be used for message encryption. The
protocol specification can be found at https://toktok.ltd/spec.
Tootstream is a command line interface for interacting with instances
on the distributed social network known as 'the Fediverse' using the
Mastodon.social API.
It is inspired by the Twitter client "Rainbowstream".
OAuth and two-factor authentication are supported.
expense of causing problems due to pkgsrc infrastructure not hiding a base
curses well enough.
We now search in the following order:
ncursesw, curses, ncurses.
With cmake under pkgsrc, it will search your /usr/lib, so I don't have a
way to hide a base curses if requested to do so.
if you're trying to use pkgsrc ncurses and have a base curses, this
will use your base curses.
bump pkgrevision.
Admin
- Stop ejabberd initialization on invalid/unknown options
- Add new options for OOM watchdog: oom_watermark and oom_queue
- Add ability to modify version string
- Add option ext_api_headers to define REST API custom headers
- Fix Erlang limits in ejabberdctl.cfg.example to reflect current
situation
- Make trusted_proxied ejabberd_http option accept ip masks
- Teach acl ip matching about ipv4 mapped ipv6 addresses
- Removed watchdog_admins option from config, as has no effect anymore
- Improve logging of external authentication failures
- ejabberd_auth: Don't use cache if the option is disabled
- Make connected_users_info and user_sessions_info DB-agnostic
Core
- Support SASL PLAIN by xmpp_stream_out
- Add Resource Binding support to xmpp_stream_out
- Improve robustness of external authentication backends
- Don't use 'unsupported-version' inside SM element
- Generate SASL failures on unencrypted connections only for s2s
- Fix reset_stream in websocket using pre-rfc protocol
- Don't crash in bosh when we receive request with RID < prev_rid
- Get rid of all calls to jlib.erl module
- Support IPv6 connections for PostgreSQL, MySQL and LDAP
- Fix authentication for usernames containing uppercase characters
- Optimize HTTP requests memory usage
- PKIX: Just warn instead of ignore a certificate containing no domain
names
- PKIX: Don't replace valid certificates with invalid ones
Modules
- Log modules startup
- mod_disco: Advertise disco#info and disco#items features
- mod_irc: is moved away from ejabberd repo to ejabberd-contrib
- mod_mam: Don't replace existing stanza ID
- HTTP upload: Generate HTTP Upload form using xdata codec
- HTTP upload: Improve error formatting
- HTTP upload: Return detailed error if HTTP upload is too large
MUC
- Always display room's xdata in disco#info
- Display muc#roomconfig_changesubject in room's disco#info
- Render roomname, allowinvites and allowpm in room disco#info
- Support for roomconfig_lang/roominfo_lang
- mod_muc_sql: Fix export to SQL
Push
- Omit summary for outgoing messages
- Further improve handling of carbons
- Also include sender/body for carbons
- Include a static body text by default
- keepalive: Increase default timeout to 3 days
- SQL: Check 'max_user_sessions' limit
Changes:
0.4.5
-----
* raise minimum Python version to 3.5.3
* add support for Python 3.7
* improve markup parsing
* fix crash on event for unloaded conversion
* add compatibility with aiohttp 3
Performing substitutions during post-patch breaks tools such as mkpatches,
making it very difficult to regenerate correct patches after making changes,
and often leading to substituted string replacements being committed.
Note that if the perl option is used, weechat segfaults at exit.
Not sure the wide-curses option does anything.
Remove conflicting patches that don't seem necessary.
Highlights:
Option to check license of scripts loaded
Completion for /set and /help commands
${VARBASE}/run/bitlbee is already handled via OWN_DIRS_PERMS so the OWN_DIRS is
not strictly needed.
Pointed out by pkgtasks (and _USE_NEW_PKGINSTALL=yes).
- At least on NetBSD every files on /var/run are removed at every
boot by mountcritlocal rc.d script. Add a bitlbee_precmd() function
to always check that a directory for the ${pidfile} exists and
create it if needed.
- Check if /etc/rc.subr exists before source-ing it.
- Introduce BITLBEE_USER and BITLBEE_GROUP variables and reuse them to avoid
hardcoding `bitlbee' and `nobody' (NFCI)
Discussed with and suggestions from <tonio>, thanks!
Similarly to ${STATEDIR}, ${VARBASE}/run/bitlbee should be owned by
bitlbee:nobody.
This fixes the case when bitlbee is started in daemon mode (via
rc.d/bitlbee) as `bitlbee' User. Now `service bitlbee start|stop'
works properly (previously the pidfile wasn't created in that case).
Approved by <tonio>, thanks!
- Don't produce a crash dump during intentional exit
- ejabberdctl: fix parameter parsing
- New hook 'component_send_packet' for sending packet from component
- gen_mod: Carefully validate options list
- gen_mod: Support global module processes
- gen_mod: Remove frontend process support
- gen_mod: Don't crash on invalid module's sub-options
- config: move section about direct-tls for c2s just under regular c2s
config
- fast_tls: Clear cache on configuration reload
- http: Add support for PATCH http method
- mod_client_state: Add 'csi_activity' hook
- mod_http_upload: Accept characters of any script
- mod_http_upload: Add MIME type for M4A files
- mod_mam: Add commands for cleaning up archives for a given user
- mod_muc: Let a MUC room to route presences from its bare JID
- mod_muc: Introduce new mod_muc option: access_register
- mod_muc_room: Add stubs for affiliation-specific backend callbacks
- mod_muc_log: Fix Code format when logging a MUC room kick/ban
- mod_multicast: Improved
- mod_push: New options include_sender and include_body
- mod_push: Don't notify on stream errors
- mod_push_keepalive: Reset timeout on messages only
- mod_roster: Use 'lserver' for configuration lookup
- mod_vcard_ldap: Fix returning value from mod_vcard_ldap's search()
callback
- mod_pubsub: Fix notification payload generated by pubsub
- mod_pubsub: Improve pubsub#itemreply implementation
- mod_pubsub: PubSub purge_node must use a transaction
- Utils: Use httpc directly instead of using p1_http wrapper
- Rest: Add flexibility on rest url config
- SystemMonitors: Get rid of useless memory/disk usage warnings
- WebSocket: Pass access option from websocket to c2s
version 2.13.0 (03/08/2018):
libpurple:
* Unified string comparison. (PR #186) (Arkadiy Illarionov)
* Properlly shell escape URI's when opening them. (PR #271 Daniel Kamil Kozar)
* Fix a one byte buffer overread in function purple_markup_linkify
* Fix an issue were utf8 was incorrectly truncated which could lead to
crashes as we were potentially feeding garbage into glib/gtk.
libgnt:
* Fixed build against curses 6.0 with opaque structs set. (#16764 dimstar)
(PR #268 Daniel Kamil Kozar)
* Fixed a crash when resizing the window. (#16680 marcus) (PR #269 Daniel Kamil Kozar)
General:
* Fixed bashism in autotools. (#16836 lameventanas) (PR #267 Daniel Kamil Kozar)
XMPP:
* Show XEP-0066 OOB URLs in any message, not just headlines
* Fix a user after free (#17200 debarshiray) (PR #266 Ethan Blanton)
* Removed pipelining from BOSH connections (#17025 PR #295 Tom Li)
* Don't try to TLS already secured BOSH connections (#17270 PR #293 Tom Li)
IRC:
* Fix "Registration timeout" on SASL auth with InspIRCd servers
(and possibly others not based on charybdis/ratbox/ircd-seven)
* Fix issues with plugins that modify outgoing messages
(such as the custom PART/QUIT feature of the IRC More plugin)
* Fix IRC buffer handling. (#12562 PR #272 Shivaram Lingamneni)
* Properly handle AUTHENTICATE as a normal command with server prefix.
(PR #316 dx)
* Fix a crash caused by a use after free of the MOTD.
* Fix an out of bounds read in irc_nick_skip_mode.
* Fix a write of a single byte before the start of a buffer in
irc_parse_ctcp.
Pidgin:
* Better support for dark themes. (#12572 Alyssa Rosenzweig and Gary Kramlich)
* Fixed IPv6 links by not escaping []'s. (#16391 cyisfor) (PR #270 Daniel Kamil Kozar)
* Only write buddy icons to the cache if they're not already cached. (PR #276 David Woodhouse)
* Rejoin persistent chats after reconnect. (#15687 PR #285 Christof Meerwald)
* Made the WIN32 Transparency plugin work on all platforms. (#3124 PR #287 Daniel Kamil Kozar)
* Ensure search results buttons are labeled (Backport from de2d88e575ee)
* Fix matching unicode smilies. (#17232 gnubfx PR #262 Daniel Kamil Kozar)
* Correctly update mute/unmute status when the remote side mutes/unmutes us. (#17273 PR #302 David Woodhouse)
* Rework the status icon blinking to not used deprecated API. (#17174 zelch PR #264 Daniel Kamil Kozar)
* Don't allow adding a buddy to protocols that don't have an add_buddy callback. (#4061 Paradox)
Finch:
* Fix handling of search results (#17238 David Woodhouse)
Voice & Video:
* Port backend-fs to newer api for farstream relay-info property (#17274 bellet)
Admin
- Avoid logging IP addresses in mod_register when it's not desired
- Command 'reload-config' allows to reload certificates
- Get rid of 'fs' package dependency
- Improve log message when module startup has failed
- mod_muc_admin: New command get_room_affiliation
- prosody2ejabberd: Report meaningful error when luerl is not
available
Configure
- Accept atoms in api_permission command lists and commands with
numbers in them
- Validate additional listen opts: inet, inet6, backlog
- Remove 'iqdisc' option
- New option –enable-group=xxx
- New option 'negotiation_timeout'
- New option 'new_sql_schema'
- New option 'validate_stream'
- ejabberd_service: New option 'global_routes' for
- mod_avatar: New 'rate_limit' option
- mod_block_strangers: New 'access' option
- mod_block_strangers: New 'captcha' option
- mod_pubsub: New option 'force_node_config'
Miscelanea
- Simplify ejabberd_sup code
- New gen_mod mod_options/1 callback to provide known options and
defaults
- Replace ?MYLANG with connection's language wherever possible
- sql/*: Add username to peer indexes
- cyrsasl: Simplify code for splitting auth string in cyrsasl
- ejabberd_auth: Cache 'isuser' queries to external auth program
- ejabberd_web_admin: Hardcode required ACL rules
- mod_admin_extra: Command check_password_hash supports all hash
methods
- mod_admin_extra: Fix srg_get_info command with @all@ and @online@
- mod_avatar: Fulfill all requirements of XEP-0398 v0.2.0
- mod_avatar: Improve validation of 'convert' option
- mod_block_strangers: Bounce groupchat to bare JID
- mod_block_strangers: Fix a typo in call to create_captcha()
- mod_caps: Only store CAPS if contact is subscribed
- mod_carboncopy: Copy outgoing MUC PMs
- mod_mam: Really run use_cache/1 and cache_nodes/1 callbacks
- mod_pubsub: Remove items of unregistered user
- mod_push_keepalive: Preserve timeout on resumption
- mod_shared_roster: Try to fix ejabberd_c2s:process_info: got
unexpected info
- mod_shared_roster_ldap: Fix processing of ldap_memberattr_format_re
option
- mod_stream_mgmt: Abort connection on count error
- mod_stream_mgmt: Clean up on timed out resumption
2.14.1 (2018-03-13)
fix performance regression on Unix
fix building plugins with some compilers
add missing gtk pixbuf theme engine in Windows installer
2.14.0 (2018-03-10)
rewrite build system in Meson
replace intltool build depenency with gettext >= 0.19.6
rename data files to use io.github.Hexchat name
add option (irc_reconnect_rejoin) to disable auto-rejoin on reconnect
add ability to set custom tray icon separate of app icon
fix building against OpenSSL 1.1.0
fix Enchant 2.0+ support
fix input box theming with Adwaita-dark
fix custom sounds not respecting omit if away option
fix detecting if a tray doesn?t exist on x11
fix cutting off ctcp text after ending \01
fix /ignore not accepting full hosts
fix characters getting cut off when their width changes (on Unix)
fix various possible crashes
change preference window to be scroll-able
remove ctrl+w binding by default
remove mpcinfo plugin
doat: fix channels with / in them
fishlim: fix key exchange
fishlim: fix building against LibreSSL
sysinfo: fix pci.ids file not being found on some distros
sysinfo: make libpci optional
lua: avoid loading the same script multiple times
update translations
update libraries on Windows, including Python to 3.6
Use boost::make_shared instead of std::make_shared in a few places
where it doesn't compile with netbsd-7/gcc4.8.5. I'm not sure, there
may be a more portable way to handle.
0.16.5
------
New features
- Add support for private channels in slack #142
Bugfix
- Slack: fixes join/parts #143, #146
- Slack: fixes away #144
0.16.4
------
Bugfix
- Fix some messages going to &messages #140
0.16.3
------
Bugfix
- Fix crash on /nick change when not logged in #141
0.16.2
------
Bugfix
- Remove crash on channel lookup of private messages
0.16.1
------
Bugfix
- Remove debug code which could cause a crash
- Only append channel name to sender once in &messages
0.16.0
------
New features
- -conf option (for a config file). See
https://github.com/42wim/matterircd/blob/master/matterircd.toml.example for
an example. Thanks @slowbro for this PR.
New config file options
JoinExclude: an array of channels that won't be joined on IRC.
Messages that get sent to unjoined channels (but you're joined on mattermost)
will get sent to the &messages channel.
You can still /JOIN exclude channels.
JoinExclude = ["#town-square","#boringchannel"]
JoinInclude: an array of channels that only will be joined on IRC.
If it's empty, it means all channels get joined (except those defined in
JoinExclude).
Messages that get sent to unjoined channels (but you're joined on mattermost)
will get sent to the &messages channel.
JoinInclude = ["#devops"]
PartFake: a bool that defines if you do a /LEAVE or /PART on IRC it will also
actually leave the channel on mattermost.
Default false
PartFake = true
- don't log passwords used with 'mattermost' and 'slack'. Closes#73
Bugfix
- Already read messages are replayed again and again #130
- Update to latest mattermost (4.6) libs
- Deprecated flags -bindinterface and -port removed
0.15.0
------
New features
- Support mattermost 4.2 and higher (4.x) (use mattermost v4 API)
- Add -mmskiptlsverify option to skip TLS certificate checks on mattermost
Enhancements
- Display nickname, if set #120
- Replace IRC parsing function with shellwords like function to allow for
passwords with spaces. (#8)
- Loosely based on joyent/pkgsrc/pull/38 by ismell@.
- Removed the static build option as it didn't work at all.
Eggdrop v1.8.3
Tcl-API changes:
- Added "handle ipaddress botport userport" syntax to the addbot Tcl
command.
General changes:
- Fixed a bug where ssl-enabled ports were not able to be reverted to
non-SSL ports via the setuser Tcl command.
- SSL certs: Fail earlier if SSL certs have issues. Also fatally error
if only one of ssl-privatekey/certificate config settings is set.
- Correctly check against invalid flags with the .match partyline
command and matchattr Tcl command.
- Prevent loop when writing to stdout in foreground mode that results
in a segfault.
- Lots of additional error checking against values for .+bot, .chaddr
and the Tcl addbot command.
- No longer trigger CHON binds when returning from a control script.
- Added the '.resetconsole' command, allowing a user to reset console
flags to those specified in the config file.
Botnet changes:
- Added the 'l' console flag to handle messages sent from linked bots,
reserving the 'b' console flag to handle messages related to botnet-
linkings.
- Split the "raw share traffic" flag into incoming (h) and outgoing (g).
- Fixed a race condition in SSL userfile sharing, causing the transfer
to stall with 511 bytes missing.
- Fixed a bug introduced in v1.8.2 with copy-to-tmp, where the userfile
being received is now properly being sent to a tmpfile first if
copy-to-tmp is set.
- Botnet sharing: A slave will now use the address of the hub (to
which it's succesfully connected) instead of an IP given by the hub
which was wrong in certain cases (especially in NAT situations).
- Bots request existing channel flags for users upon adding a new
channel.
Deprecations:
- Deprecated the "ipv4address:botport/userport" and
"[ipv6address]:botport/userport" address formats for addbot.
Eggdrop v1.8.2
eggdrop.conf changes:
- temp-path renamed to tmpfile and its purpose changed.
It is now only used by filesys.mod/transfer.mod and optional.
- blowfish-use-mode is a new setting for Tcl encrypt/decrypt.
Allows using CBC instead of ECB mode for encryption.
Tcl scripts not using the same mode are incompatible with each other.
Does NOT affect password hashing for the userfile.
CBC will be the NEW DEFAULT in a later version of eggdrop.
Will be removed in a future Eggdrop version and forced to CBC.
- global-* is renamed to default-*.
This clarifies their purpose as default channel settings,
not ones that override for existing channels.
global-* still works for backwards compatibility.
Tcl-API changes:
- encrypt/decrypt: These commands can now encrypt/decrypt in CBC
mode instead of the current ECB mode. This does NOT affect password
hashing for the userfile.
- getuser: Can now be called without a second argument. Returns a flat
key/value list (dict) of settings for that user.
- configureargs: New global variable holding the ./configure arguments.
This is a _string_, not a list. User needs to split it themselves.
- maskhost: New types 30-39 set hostmask to * (to allow e.g. nick!*@*).
General changes:
- Improved command line argument parsing.
- Portuguese language file added.
- Eggdrop no longer changes nick on every rehash if altnick uses '?'.
- Terminal-mode (commandline -nt) always has full owner access now.
- Allow spaces in server passwords in serverlist.
Eggdrop v1.8.1
- Autobotchk - Added functionality improvements to the tried-and-true
autobotchk script, allowing characters such as {} and [] to be used in
filenames
- .who linkedbot output - Truncates listings appropriately
- Minutely hook - The minutely hook was only called for missed minutes mod
60, now it is still listed in minutes but it can be greater than 60.
- New OpenSSL version detection
- Moved previously hard-coded version strings to
version.h and update them via misc/setpatch instead of misc/addpatch
- Compile cleanup - Fixed some compiler warnings
- General bugfixes
Eggdrop v1.8.0
- Support for utf-8 encoding with a fallback of iso8859-1
- Support for IPv6
- SSL support has been added for all kinds of connections, including
certificate verification and authorization, and partyline SSL.
- The wire module has been removed from eggdrop
- Config file changes: e.g. my-ip and my-hostname settings are replaced
by vhost4, vhost6 and the listen-addr.
irssi-{xmpp,icb}: catch up with distinfo file.
1.1.1:
Restore compatibility with OpenSSL < 1.0.2 (#820, #831)
Fix test compilation on some platforms (#815, #816)
Fix portability and backwards compatibility of test runner (#818, #845)
Also contains all changes from 1.0.7:
Prevent use after free error during the execution of some commands. Found by Joseph Bisch (GL#17, GL!24).
Revert netsplit print optimisation due to crashes (#465, #809, #812, #819, #824).
Fix use after free when SASL messages are received in unexpected order (GL#26, GL!33).
Fix null pointer dereference in the tab completion when an empty nick is joined (GL#24, GL!31).
Fix use after free when entering oper password (GL#22, GL!32).
Fix null pointer dereference when too many windows are opened (GL#27, #837).
Fix out of bounds access in theme strings when the last escape is incomplete. Credit to Oss-Fuzz (#842).
Fix out of bounds write when using negative counts on window resize (GL#25, GL#29, #836).
Minor help correction. By William Jackson (#834).
Version 2.0.1 (2017-12-20):
- python: fix arguments status/gnutls_rc/sock in hook_connect() callback
- python: fix argument fd in hook_fd() callback
Version 2.0 (2017-12-03):
- new plugin "fset" (fast set of WeeChat and plugins options)
- add option buflist.look.add_newline
- add two new bar items "buflist2" and "buflist3" using the same format configuration options
- add flag "input_get_empty" in buffer
- add signals "buffer_filters_enabled" and "buffer_filters_disabled"
- support loading of plugins from path in environment variable "WEECHAT_EXTRA_LIBDIR"
- add infolist "alias_default" (list of default aliases)
- make value optional in command /buffer set
- support of floating point and hexadecimal numbers in comparison of evaluated values
- add option weechat.look.save_config_with_fsync
- add support of prefix "quiet:" in function key_unbind() to quietly remove keys
- add argument "recurse_subdirs" in function exec_on_files()
- add local variable "filter" in the script buffer
- remove recursive evaluation of extra variables in buflist
- change type of arguments status/gnutls_rc/sock in hook_connect() callback from string to integer (in scripting API)
- change type of argument fd in hook_fd() callback from string to integer (in scripting API)
- fix display bugs with filtered lines
- fix display of nicks in nicklist when they are in a group with sub-groups
- call the config hook when options are renamed or removed
- fix parsing of CAP command in relay/irc
- many bugs fixed.
- Fix TLS driver memory management
- Fix privacy_set command
- Report 'fs' support as unavailable on SunOS
- Let mod_block_strangers bounce an error when a message is rejected
v1.1.0 2018-01-15 The Irssi team <staff@irssi.org>
* Colour is now re-set when reaching a comma, matching mIRC
behaviour (#742, #740, #790)
* Irssi now shows the initial nick and name on first start
(#785, #786)
* lynx is no longer required to run autogen.sh (#81, #781)
* The command history no longer permits wrapping around (#686)
* /foreach now correctly sends arguments as commands, stopping
you from embarassing AMSGs (#659)
* /server does not connect to servers anymore, use /server
connect to change servers (#559, #649).
+ Add an option to ignore all channels or ignore all queries
using /set activity_hide_targets. By Jari Matilainen (#612,
#779)
+ Add a startup warning if the TERM var is wrong inside
tmux/screen (#726)
+ Add option to hide certain levels from the textbuffer using
/window hidelevel (#746, #808)
+ Irssi now has its first unit test (for mode parsing). By
Will Storey (#793)
+ Added access to global command history when using window
history, and a binding to erase entries from the command
history (erase_history_entry) (#762)
+ -alternate_nick is now available as a network specific
property. By Paul Townsend (#120, #771)
+ On FreeBSD, Irssi now supports Capsicum sandbox (/capsicum
enter). By Edward Tomasz Napierala (#735, #755, #772)
+ Filenames (directories) ending with a / now tab-complete
(#741)
+ UTF-8 should now work in regular expressions when using
GRegex (the default) (#636, #653)
+ Nicks are now properly escaped on completion. By Oscar
Linderholm (#693, #709)
+ /server add -port <num> now works. By Jari Matilainen (#703)
+ Add a setting key_timeout to make key sequences
automatically re-set when not finished (#644, #645)
+ Warn users about expired client certificates, as servers may
refuse them (#211, #627)
+ Add a new net_start_ssl function for StartTLS. This is
available from ABI 8 and can be used by protocol modules
(#615, #622).
+ The %# code is now stored in the textbuffer, so for example
web scripts can make use of it (#626)
+ Add new setting break_wide which can be used to enable
breaking of wide characters (for east-asian
users). Originally from FreeBSD ports. (#625)
+ Add fuzzing code (#610, #620, #701, #713)
- Netsplits show properly again (#812)
- Do not error on blank lines when using /exec -o. By Fabian
Kurz (FS#902, #805)
- Detect used nickname as reported by server. By Alexandre
Morignot (#219, #804)
- Prevent use after free error during the execution of some
commands. Found by Joseph Bisch. (GL#17, GL!24)
- Fix MODE parameter parsing when colon was used at a place
Irssi didn't expect (#601, #766)
- Fixed code to compile with
-Werror=declaration-after-statement (#795)
- Clang-format is now supported for git-clang-format (#784)
- Fix use after free when changing the network of
hilights. Reported by Rui Mathias. (#787, #788)
- Fix positioning error when tab-completing non-ascii
strings. (#752, #754)
- In-development issues (#750, #751)
- Clarify Alis in /help list (#699, #712)
- Improve /lastlog performance from O(N^2) to O(N) (#715)
- Fix a segfault on "script destroyed" signal. By Stephen
Oberholtzer (#660, #661).
- Fix early ISON error (#596, #647)
- Documentation improvements. By Paolo Martini (#639).
By Tristan Pepin (#731). By Paul Townsend (#684, #736).
By Will Storey (#777)
- Minor cleanups (#590). By Edward Tomasz Napierala (#734,
#738). By Will Storey (#770)
- Fix space issue in glib-2.0.m4 (#621)
v1.0.6 2018-01-07 The Irssi team <staff@irssi.org>
- Fix invalid memory access when reading hilight configuration
(#787, #788).
- Fix null pointer dereference when the channel topic is set
without specifying a sender (GL#20, GL!25).
- Fix return of random memory when using incomplete escape
codes (GL#21, GL!26).
- Fix heap buffer overflow when completing certain strings
(GL#19, GL!27).
- Fix return of random memory when using an incomplete
variable argument (GL#18, GL!28).
The actual fix as been done by "pkglint -F */*/buildlink3.mk", and was
reviewed manually.
There are some .include lines that still are indented with zero spaces
although the surrounding .if is indented. This is existing practice.
pkgsrc
- Change installation home for Erlang libs to prevent build conflicts
with previous versions that may be present on the system, as
encountered by @gdt.
Core
- Rewrite ejabberd system monitor for efficiency
- Fix incoming XMPP processing order
- Use xmpp:try_subtag/2 wherever possible
- Better process subtag decoding errors
- Only allow compression after SASL as per XEP-0170
- Don't crash on unexpected XML events
- Fix session mnesia table cleanup
- Don't let privacy list prevent local roster update
Encryption
- Rely on Server Name Indication for incoming Direct-TLS connections
- Speedup certificate chains creation and validation
- Log warning on empty wildcard paths
- Don't call pkix_is_self_signed/1 too frequently
- Eat less memory during building certificates graph
- Avoid infinite loop between self-signed certs
- Fix function clause on filelib:wildcard/1
- Use ejabberd_pkix API in mod_sip
- Move 'certfile' based options in a single place
Groupchat
- Don't crash on malformed IQ
- Include x tag in presence errors related to nick change
- Include 110 status on shutdown
- Improve muc#roominfo and muc#roomconfig forms
- mod_mam: Never store MUC messages in user archives
PubSub
- Fix num_subscribers on node metadata
- Fix send last items on initial presence
- Send last PEP items to owner on initial presence
- Support pubsub#publish-options PRECONDITIONs
- Add pubsub#multi-items to features list (Support XEP-0060 v1.14)
- Add missing Nidx building records from sql result
- Don't force RSM in get_items when max_items is not provided
Admin
- Introduce option 'ca_file'
- Set executable permission on mac_listener when installing
- Use /bin/sh as the explicit shell when using su in ejabberdctl.
- Windows does not have /tmp, fallback to $HOME/conf for ODBC
configuration files
Logging
- Change loglevel of TLS failures
- Log a warning when a disk is almost full
- Disable default alarm handler
- Handle also process_memory_high_watermark alarm
- Kill and restart lager when it's overloaded
- Avoid excessive logging of SQL failures
Commands
- New muc_online_room_by_regex command
- Fix race between join_cluster and ejabberd_mnesia
- Fix commands rooms_unused_list and _destroy
- send_direct_invitations accepts only user jids
- ejabberd_sm: Fix get_session_sid/3
SQL
- Add missing server_host column in pg.new.sql
- Add new schema for MySQL and Sqlite
- Fix SQL serialization
Installer
- MacOS installer is signed. You can now easily install ejabberd on
your Mac.
Build
- Compile sql_pt early
- Binary installer uses OTP 20.2
Unsorted entries in PLIST files have generated a pkglint warning for at
least 12 years. Somewhat more recently, pkglint has learned to sort
PLIST files automatically. Since pkglint 5.4.23, the sorting is only
done in obvious, simple cases. These have been applied by running:
pkglint -Cnone,PLIST -Wnone,plist-sort -r -F
New features
- ACME Support
- Introduce 'certfiles' global option
- Use new API for IQ routing
Admin
- Omit "ProtectSystem" option from systemd unit
- Log warnings for c2s/s2s certfile option
- Log a message when a user gets registered
- ejabberdctl: Fix 'read' syntax for non-bash shells
- Fix renew_certificates ejabberdctl command
- Unregister commands when stopping node only if it's last one
- Halt ejabberd if the top supervisor fails to start
Build
- Avoid badarg error when running get-deps before ./configure has
created src/ejabberd.app
- Fix sed invocation that was incompatible with FreeBSD's sed
- Makefile.in: Fix "make clean && make"
- Improve --enable-system-deps
- Install binaries with 755 permissions
- Install eimp binary with +x attribute
- Remove find-outdated-deps script, we have better replacement for it
Databases
- Allow export command regardless of the configured db_type
- Add SQL_INSERT macro and update SQL queries to use server_host field
- Update SQL archive index to match mysql.sql
- mod_muc: Use correct table field name in sql query
MAM
- Always strip stanza IDs
- Announce support for stanza IDs
- Don't store from 'sm_receive_packet' hook
- Fix mod_mam reloading
- Ignore non-message stanzas earlier
- Improve handling of forked messages
- Make sure a stanza ID is always added
- Make sure archived message isn't bounced
- Prepare version 0.6.1 of XEP-0313 (MAM) support
MUC
- Properly store subject element
- Resend presences and history if presence possesses x MUC element
- Send presence-unavailable when expulsing a participant
- Add mucsub event for subscribers list changes
- Optimize muc subscriptions handling
- Show real jid in mucsub subscription change events
PubSub
- Add basic PubSub meta-data support
- Rewrite pubsub export to sql
- Cleanup tree requests, rename pubsub_node.type to pubsub_node.plugin
- Fix select_type race on plugin_init
- Implement parentnodes seek for hometree
- Delete cached item on node removal
- Fix delete item from unregistered user
- Cleanup pubsub subscriptions quering, fix pep case
- PEP services must send notifications to the account owner
Push
- Avoid notification duplicates
- Add support for SQL storage
- Add export from Mnesia database to SQL file
- Don't store xdata() in Mnesia table
- Simplify backend interface
- Fix missing -sasl_method '' in /NETWORK (#718, #719).
- Fix incorrect restoration of term state when hitting SUSP
inside screen (#737, #733).
- Fix out of bounds read when compressing colour
sequences. Found by Hanno Böck (GL#12, GL!18).
- Fix use after free condition during a race condition when
waiting on channel sync during a rejoin (GL#13, GL!19).
- Fix null pointer dereference when parsing certain malformed
CTCP DCC messages (GL#14, GL!20).
- Fix crash due to null pointer dereference when failing to
split messages due to overlong nick or target (GL#15, GL!21).
- Fix out of bounds read when trying to skip a safe channel ID
without verifying that the ID is long enough (GL#16, GL!22).
- Fix return of random memory when inet_ntop failed (#769).
- Minor statusbar help update. By Robert Bisewski (#758,
#763).
Security advisory: https://irssi.org/security/irssi_sa_2017_10.txt
Admin
- Harden ejabberdctl
- Fix ejabberdctl quoting when using iex
- Call earlier deps configure scripts during compilation
- Fix iexdebug and iexlive commands
- Quote $PEER in ping command to avoid hostnames containing "-" being
interpreted as arithmetic
- Docker: Sync containers from rroemhild and add instructions in
README
- Use eimp instead of ImageMagick calls for thumbnails creation
- Add forgotten caching options to the validator
- Fix 'make install' to work with new output from rebar list-deps
- Rewrite muc_register_nick and muc_unregister_nick to be DB
independent
- WebAdmin: Fix deletion of multiple offline messages
Encryption
- Add support for XEP-0368 in outgoing s2s: SRV records for XMPP over
TLS
- Deprecate s2s_use_starttls: required_trusted
- Don't attempt to access(2) a certificate file
- Let 'domain_certfile' take higher precedence instead of s2s_certfile
or c2s_certfile
Databases
- mysql.sql: Use multi-column index on username/ID
- Use forked repo of Riak Erlang client to support OTP20
Modules
- mod_avatar: New module with support for legacy and modern clients
- mod_block_strangers: Introduce option 'allow_transports'
- mod_block_strangers: Block messages from strangers before
mod_mam/mod_offline processing
- mod_http_upload: Don't ignore 'custom_headers'
- mod_muc: Improve presence-error and unavailable of multi-session
occupants
- mod_multicast: Fix start and reading of configured limits
- mod_mam: Simplify check for anon MUC JID filtering
- mod_mam: Refuse filtering anon MUC queries by JID
- mod_privacy: Explicitly match against
- mod_register: Introduce 'redirect_url' option
- mod_stream_mgmt: Delete 'c2s_init' hook
- mod_vcard_xupdate: Also replace vcard-x-update in direct presences
PubSub
- Fix get_items/get_item calls
- Add correct order when requesting all items
- Implement '6.5.7 Requesting the Most Recent Items'
- Fix RSM support on SQL
- Add RSM support on mnesia
- Fix node_options: default options only apply on first plugin
- Broadcast updated node configuration
- Enforce controls on publish and delete items
Miscelanea
- Preserve correct order of deserialized XML elements
- Suppress push notifications for online clients
- Extract strings and prepare translation files works again
Fixes CVE-2017-14727, CVE-2017-8073
version 1.9.1:
a crash can happen in logger plugin when converting date/time specifiers in file mask.
Two other bugs are fixed as well in buflist and relay plugins.
version 1.9:
- improve speed of nicklist bar item callback
- add auto scroll of buflist bar with new option buflist.look.auto_scroll
- add option buflist.format.name
- add variables ${format_name}, ${current_buffer} and ${merged} in buflist
- display a warning in buflist when the script buffers.pl is loaded
- add server/channel pointers in trigger IRC callbacks
- add API functions config_option_get_string and hdata_compare
- fix bind of Space key
version 1.8:
- add option weechat.completion.nick_case_sensitive
- add wilcard matching operator, cut of string and ternary operator in evaluation of expressions
- add resize of window parents with /window resize [h/v]size
- add plugin "buflist" (bar with list of buffers)
- add arraylist and dynamic string functions in API
- add option "open" in command /server
- add signal "irc_server_lag_changed" and store the lag in the server buffer (local variable)
- add aspell options to control delimiters in suggestions
- add option "-include" in commands /allchan, /allpv and /allserv
For a complete changelog, see:
https://weechat.org/files/changelog/ChangeLog-1.9.1.html
mu-conference no longer has a functional upstream and is no longer
being maintained; the hosting provider gna shut down, and queries on
the jabberd2 and pkgsrc-users lists about interest did not elicit any
replies.
Changes:
mcabber (1.1.0)
* New "VI" mode (option 'vi_mode') (Holger Weiß)
* Fix issues in buddylist rebuild (franky)
* Do not use g_slist_free_full() which requires glib2 2.28.0 (Frank Bergmann)
* Use UTF-8 validation of file content when sending a message from a file
* Documentation updates
mcabber (1.0.5)
* Much better performances with huge rosters (Frank Zschockelt)
* Fix issue with carbons (CVE-2017-5589)
* Fix small memory leak
* contrib/vim: Support reloading filetype detection
mcabber (1.0.4)
* Bugfix: Check the origin of roster pushes
Cf. Gajim's CVE-2015-8688 and
https://gultsch.de/gajim_roster_push_and_message_interception.html
mcabber (1.0.3)
* Link with the tinfo library
* Fix default modules directory on OpenBSD (Tim van der Molen)
* Create history log dir if it doesn't exist (Andrey Utkin)
* [OTR] Do not send empty subjects when using otr (franky)
* [UI] /set does not display password values anymore (Egor Kovetskiy)
* [MUC] Use nick to set the role
* Misc help/documentation updates
mcabber (1.0.2)
* Compatible with Loudmouth >=1.5.3 with SHA256 support (Frank Zschockelt)
* Ignore the untrusted certificate warning when user sets a fingerprint
(Frank Zschockelt)
* Stop HTML-escaping OTR messages - only strip known tags (Frank Zschockelt)
* Read $HOME/.mcabberrc if there is no mcabber configuration directory
* Minor documentation updates
mcabber (1.0.1)
* [PGP] Improved PGP-encryption support
* [PGP] Improved support for GnuPG v2+
* [PGP] Encrypt messages with our own PGP key and decrypt our own
encrypted messages when Carbons are enabled
* [PGP] New PGP options: 'gpg_path' and 'gpg_home' (Holger Weiß)
* [PGP] Check all signatures and stop immediately if one could be verified
(Sven Gaerner)
* Improved Carbons support (Holger Weiß)
* New option: 'clear_unread_on_carbon' (Holger Weiß)
* Improve SSL fingerprint management;
Display the server SSL fingerprint when we connect
* Use XDG configuration directory if it contains a configuration file
* Fix a few memory leaks
* Fix external password support (especially on OS X)
* Fix resizing when mcabber is built with --enable-sigwinch
* Fix reading of history log files w/o LF character (Sam Whited)
* Minor documentation updates
* Other misc. bugfixes and cleanups
Minimal IRC server which integrates with Mattermost and Slack.
Features:
- support direct messages / private channels / edited messages
- auto-join/leave to same channels as on mattermost
- reconnects with backoff on mattermost restarts
- support multiple users
- support channel backlog (messages when you're disconnected from
IRC/mattermost)
- search messages (/msg mattermost search query)
- scrollback support (/msg mattermost scrollback #channel limit)
- restrict to specified mattermost instances
- set default team/server
- WHOIS, WHO, JOIN, LEAVE, NICK, LIST, ISON, PRIVMSG, MODE, TOPIC,
LUSERS, AWAY, KICK, INVITE support
- support TLS (ssl)
- support LDAP logins (mattermost enterprise) (use your ldap
account/pass to login)
- &users channel that contains members of all teams (if mattermost is
so configured) for easy messaging
- supports mattermost roles (shows admins with @ status for now)
- gitlab auth hack by using mmtoken cookie (see
https://github.com/42wim/matterircd/issues/29)
hangups is the first third-party instant messaging client for Google
Hangouts. It includes both a Python library and a reference client
with a text-based user interface.
Unlike its predecessor Google Talk, Hangouts uses a proprietary,
non-interoperable protocol. hangups is implemented by reverse-engineering
this protocol, which allows it to support features like group
messaging that aren't available in clients that connect via XMPP.
hangups is still in an early stage of development. The reference
client is usable for basic chatting, but the API is undocumented
and subject to change.
Originally packaged by myself in pkgsrc-wip.
This even makes it an option, to disable it if necessary. It is enabled by
default here since it remains disabled by default at run-time:
/set colors_ansi_24bit
Bumps PKGREVISION.
"Go for it" maya@
Perl 5.26.0 removed "." from @INC, so add it back to the scripts
used to configure the software. The scripts are only called from
the top-level directory, so adding 'use lib ".";' is sufficient.
Core
- Erlang/OTP 17.5 or higher is required, and 20 is now supported
- Make ejabberd_cluster modular
- Replace gen_fsm with p1_fsm to avoid warnings in OTP20+
- Fix clustering table reg_users_counter
- ext_mod: Update spec from custom and allow modules dependencies
- extauth.py: Fix to support : in passwords
- Set high water mark in lager for all backends
- Fix old route record in mnesia’s route table haven’t been remove
when restarting in some cases
- ejabberd_cluster*.erl: Add copyright and fix description
- Add support of rfc6120 section 4.9.3.16 on node shutdown
Configuration
- ejabberd_c2s: Fix priority of ‘certfile’ option
- Introduce ‘hosts’ modules option
- Fix ERLANG_OPTS, INET_DIST_INTERFACE and FIREWALL_WINDOW option
- Remove unused ‘managers’ option, related to the deferred XEP-0321
Commands
- Fix errors when running ejabberdctl as root
- Fix set_presence command to work in recent ejabberd
- Rename stop_all_connections to stop_s2s_connections for consistency
- Change policy of user_resources command, from user to admin
- Remove old command calling interface
- Describe more command arguments and results
Modules
- mod_http_api: Use hide_sensitive_log_data option when registering
users
- mod_http_fileserver: Request basic auth dialog from browser
- mod_muc: Fix nick bug with MUC on riak
- mod_muc: new hooks
- mod_push: Support XEP-0357: Push Notifications
- mod_push_keepalive: New module
PubSub/PEP
- Keep disco#info on PEP compatible with XEP-0060
- Preliminary export PubSub data from Mnesia tables to SQL file
- Fix PubSub send last published items
- Fix PEP node removal
- Fix PEP node identity
- Fix disco#items on PEP service
- Fix getting cached last item
- Add import of PEP from prosody
Set PKG_SYSCONFSUBDIR where appropriate, and use {MAKE,OWN}_DIRS to
create the directory tree under ${PKG_SYSCONFDIR} instead of using
INSTALLATION_DIRS.
Bump the PKGREVISION of packages that changed due to changes in the
package install scripts.
Use ${PKG_SYSCONFDIR}, not ${PKG_SYSCONFDIR}/gale, to refer to the
config directory -- since PKG_SYSCONFSUBDIR is set to "gale",
${PKG_SYSCONFDIR} already includes that subdirectory.
Remove ${PKG_SYSCONFSUBDIR} from OWN_DIRS, since the config
directory is already automatically created by the package install
scripts if PKG_SYSCONFSUBDIR is set.
Bump the PKGREVISION due to the changes in the package install
scripts.
v1.0.4 2017-07-07 The Irssi team <staff@irssi.org>
- Fix null pointer dereference when parsing invalid timestamp (GL#10,
GL!15). Reported by Brian 'geeknik' Carpenter.
- Fix use-after-free condition when removing nicks from the internal
nicklist (GL#11, GL!16). Reported by Brian 'geeknik' Carpenter.
- Fix incorrect string comparison in DCC file names (#714).
- Fix regression in Irssi 1.0.3 where it would claim "Invalid time '-1'"
(#716, #722).
- Fix a bug when using \n to separate lines with expand_escapes (#723).
- Retain screen output on improper exit, to better see any error
messages (#287, #721).
- Minor help update (#729).
Version 17.07
=============
Core
- Close accepted socket if sockname/peername has failed.
Version 17.06
=============
New features
- The new cache system is also a new component that allows fine tuning
of ejabberd performance for either small systems or large scale
servers.
- Certificate Manager is a feature that has been requested by many
organisations, allowing administrators to manage their certificate
more easily
- Riak support for several modules
API
- Deprecate misc:encode_base64/1 and misc:decode_base64/1
- Rename is_user_exists function to user_exists
- Allow api access on both ipv4 and 6 loopback addresses
- Fix invalid argument in get_messages_susbset
Admin
- Refactor ejabberdctl
- Improve ejabberdctl parameters parsing
- Quote all paths to allow spaces in directory names
- update-deps-releases.pl: Show operations to perform before asking to
apply them
- Fix Salt import from prosody SCRAMmed password
Configuration
- Validate module options on start_module/2
- Validate new options before module reloading
- Validate second-level options
- Introduce iqdisc global option
- stream_management listen option deprecated, use mod_stream_mgmt
- Check presence of some files during option validation
- Speedup configuration options lookup
- Validate all certfiles on startup
- Only validate certfiles if public_key:short_name_hash/1 is available
- Introduce Certficate Manager
Commands
- Add clear_cache admin command
- Parse correctly presence_broadcast option in change_room_option
command
- Describe command arguments and results in mod_muc_admin
- Improve export2sql explanation; remove obsolete and duplicated
command
- Fix and document push_roster_all command
- Fix mod_muc_admin command set_room_affiliation
- Fix invalid {args,result}_examples in mod_muc_admin
- Fix srg_user_add/del for non-Mnesia database backends
- Make ext_mod api return rescode
Compilation
- Erlang 17.5 or higher is required
- Add --enable-system-deps configure option
- Add --enable-stun and --enable-sip configure options
Core
- Speedup Mnesia tables initialization
- Improve Mnesia tables creation and transformation
- Improve ejabberd_c2s:close()
- ejabberd_c2s: Don’t close session on stream resume
- Speedup loading of translation files
- Fix ejabberd_router:is_my_route/1
- Don’t let a receiver crash if a controller is unavailable
- Fix OTP-17.5 support
- websocket: Catch exception that may happen when sending data over
websocket
Databases
- New sql_connect_timeout option
- New sql_query_timeout option
- Get rid of sql_queries.erl
- Use round-robin algorithm when selecting worker from DB pool
- Add Riak as BOSH RAM backend
- Add Riak as mod_proxy65 RAM backend
- Add Riak as mod_carboncopy RAM backend
- Add Riak as router RAM backend
- Add Riak as session manager RAM backend
- Fix cleaning of Riak route table
- Add pubsub import from prosody/metronome
- Fix username in mam export
- Fix Salt import from prosody SCRAMmed password
- In offline export to SQL, first write all DELETE, later all INSERT
Cache
- Implement cache for mod_announce
- Implement cache for mod_private
- Implement cache for mod_privacy/mod_blocking
- Implement cache for mod_last
- Implement cache for mod_vcard and mod_vcard_xupdate
- Implement cache for roster
- Add cache options to the validator
- Use cache for authentication backends
- Use new cache API in mod_shared_roster_ldap
- Use new cache API in ejabberd_oauth
- Use new cache API in mod_mam
- Use new cache API in mod_caps
- Use cache in front of Redis/SQL RAM backends
Modules
- mod_http_upload: Add support for HTTP File Upload 0.3.0
- mod_mam: Added export function
- mod_metrics: Don’t leak with UDP sockets
- mod_metrics: New options ip and port
- mod_muc: Allow a room admin to un/subscribe another JID
- mod_offline: Don’t store messages via a single process
- mod_offline: Make sure only jabber❌event tag is present in offline
event
- mod_register: New option ‘access_remove’ ACL
- mod_stream_mgmt: Preserve stanza count on timeout
- mod_vcard_ldap: Parse ldap_uids like in eldap_utils
- mod_client_state: Reset state on session resume
- mod_metrics: Fix IP address parsing
- mod_pubsub: Avoid useless calls on simples subscriptions
- mod_block_strangers: Add allow_local_users option
Elixir
- Update elixir to v1.4.4
o fixes for the OSX fixes in 20170606
o new window resizer now works, can get the old one at compile time with
--with-default-resize-method=old configure option
o more fixes for OSX and @-style assignment
o fix a window rebalance when not resizing bug
o fix crashes on OSX in complex scripts using []
o fix reconnecting channels moving windows
- Fix out of bounds read when scanning expandos (GL!11).
- Fix invalid memory access with quoted filenames in DCC
(GL#8, GL!12).
- Fix null-pointer dereference on DCC without address (GL#9, GL!13).
- Improve integer overflow handling. Originally reported by
oss-fuzz#525 (#706).
- Improve nicklist performance from O(N^2) to O(N) (#705).
- Fix initial screen redraw delay. By Stephen Oberholtzer
(#680, bdo#856201).
- Fix incorrect reset of true colours when resetting background. (#711).
- Fix missing -notls option in /SERVER. By Jari Matilainen (#117, #702).
- Fix minor history glitch on overcounter (#462, #685).
- Improved OpenSSL detection at compile time. By Rodrigo Rebello (#677).
- Improved NetBSD Terminfo detection. By Maya Rashish (#694, #698).
- Add missing syntax info for COMPLETION (#687, #688).
- Minor typo correction in help. By Michael Hansen (#707).
From maya@
Patch provided by Frédéric Fauberteau via PR pkg/52215.
Changes:
Version 3.5.1:
- purple:
* Fix crash on file transfer requests from unknown contacts. This was the
result of an incomplete fix in the previous release and may result in
remote DoS. Read the full security advisory at:
https://bugs.bitlbee.org/ticket/1282
- After some investigation we decided to reclassify a crash fix from the
previous release as a security issue. Read the full security advisory at:
https://bugs.bitlbee.org/ticket/1281
- Included help.txt in the release tarball, which was missing in the previous
release and resulted in adding python as a build dependency. The release
tarball of 3.5.1 does not require python.
Finished 30 Jan 2017
Version 3.5:
- ui:
* "chat list": shows a list of existing server-side chatrooms. With some
protocols, this is often the only way to add new channels.
See 'help chat list' for details. (jgeboski)
* "plugins": lists the installed plugins and their versions (jgeboski)
* Add 'nick_lowercase' and 'nick_underscores' settings.
* "handle_unknown" can be set per-account, not just globally
- jabber:
* Add "always_use_nicks" channel setting, for non-anonymous MUCs (trac #415)
See 'help set always_use_nicks' for possible side effects.
* Properly handle rejected file transfers
* Don't send parts in a chat if someone is still connected from other devices
* hipchat: support personal oauth tokens (manually generated ones)
- twitter:
* Hide muted tweets / no-retweets, add mute/unmute commands (Flexo)
* Show full version of extended tweets (with slightly more than 140 chars)
- purple:
* Support setting chat room topics (EionRobb)
* Support for extra groupchat settings. Shows an error if any required
ones are missing. Look for purple_ prefixed settings in "chan #... set"
* SIPE: persistent chats can be joined now, thanks to the "chat list" command
and the above ("purple_uri" channel setting)
* Fix a file transfer crash bug (Mainly affected telegram)
* Honor protocol flag to not require a password (used in hangouts, telegram)
* Set the contacts' nicks to the %full_name for a few whitelisted protocols
(hangouts, funyahoo, icq, line)
* LINE: added a hack to save its auth token, to avoid re-auth every time
* Show self-messages in groupchat backlogs (before join)
- yahoo:
* Removed because they killed their old protocol on a two month notice.
Use EionRobb's funyahoo purple plugin, or better yet, don't use yahoo.
- Stuff for enterprise deployments (all done by Sevas)
* Locked down accounts, useful when pregenerating user config files. An
account that is marked with the locked="true" attribute can't be removed
and its username/password can't be changed.
* Locked down settings. Same as above, but for individual account settings.
* AllowAccountAdd setting in bitlbee.conf, to disable adding new accounts.
* PAM and LDAP authentication backends (not compiled by default)
- For packagers:
* Enabled debug symbols in non-debug builds, disabled stripping by default.
This is closer to the default behavior of autotools, and --debug=1 is mostly
to set the DEBUG macro and disable optimization.
- For plugin devs:
* Plugins should now include an "init_plugin_info" function which will be used
for ABI version checking in the future. It's optional for now, but will be
enforced later. See the commit log of d28fe1c for details. (jgeboski)
Finished 8 Jan 2017
Version 3.4.2:
- irc:
* Self-messages (messages sent by yourself from other IM clients), given
support by the IM protocols and your IRC client. See this for details:
https://wiki.bitlbee.org/SelfMessages
* IRCv3.1 support and part of 3.2: cap-3.2, sasl-3.2, multi-prefix,
away-notify, extended-join, userhost-in-names
* Send numeric errors when failing to join a channel, to not confuse clients
* Channel autojoins should be more reliable now.
- jabber:
* Carbons (XEP-0280), for self-message support. It's not widely supported
by most public XMPP servers (easier if you host your own), but this will
probably change in the next few years. Thanks kormat for the original patch.
* Fix typing notifications between two bitlbee users or with gtalk users
* Remove facebook XMPP code, point people at bitlbee-facebook.
* Show groupchat kick/ban/leave reasons
* SASL ANONYMOUS (XEP-0175), for "guest" logins, see "help set anonymous"
* Hipchat: 'chat add hipchat "channel name"' now tries to guess the JID
- purple:
* Fix problems remembering SSL certificates as trusted
* Fix /join #channel, which joined a differently named channel
* Fix crash when doing "chat with" with skypeweb
* Fix html entities appearing in some protocols
* Fix setting away states in jabber, which failed silently
* Implement notify_message UI op, to be able to show some error messages.
- skype:
* Show all messages as groupchats since we can't tell which ones are private.
* This plugin is mostly-deprecated and mostly-broken but it's still useful
for p2p-based groupchats, which aren't delivered over newer protocols.
Everyone else should use the skypeweb purple plugin or msn instead.
- msn:
* Minor tweaks. Faster login, better error reporting, fixed add/remove.
Still MSNP21. Disregard that "Next release!" in the previous release.
- otr:
* Don't use NOTICE for user messages (revmischa)
* Fix crashes when using the jabber xmlconsole
* A few minor fixes: color multiline messages, filter incoming color codes.
- Packaging:
* Show ./configure args in bitlbee -V, config.h and Makefile.settings
* Allow setting the plugin dir in bitlbee.conf, for NixOS (anderspapitto)
* Improved cross compiler support (gamaral)
- Other important bugfixes:
* Fix potential crashes when leaving temporary channels
* Fix all sorts of crashing bugs when cancelling in-progress connections.
Finished 19 Mar 2016
1.3.0
* channel/supergroup support
* support sending code tags in markdown "backtick" format (see README for example)
* reduce amount of file-transfer popups in Pidgin, auto-load media in the background
* fix stability issues for the win32 build
* fix multiple crashes in libtgl
List of changes:
* Skype4Business (S4B) and Bot support
* Receive contacts
* Updated status icons - Users that would previously show as 'Away' will now show as 'Idle'
* Fixed buddy authorisation requests and responses
* Auto reconnects when there's an error, so you shouldn't have to press the Re-Enable button
* Call display improvements
* Tooltips display for people with special characters (&, ', <, >) in their user info
* Can remove yourself from the buddy list (that annoying cid- user!)
* Fixes tiny-text being sent when copy-pasting into Pidgin
* File transfer and image transfer improvements
* Allows clearing out your "Mood" message, so you don't show as "I'm not here right now" when you're actually Online
* Better error messages when a message failed to send
This package was contributed over e-mail by Scarlett, thanks!
Skype is an instant messaging app that provides online text message and
video chat services. Users may transmit both text and video messages and
may exchange digital documents such as images, text, and video. Skype
allows video conference calls.
This package contains a libpurple protocol plugin that adds support for
Skype (WebRTC).
Make the Redis support unconditional (no extra dependencies).
Changes in 17.04:
Admin
- Add more examples on config template
- Generate ejabberd lib dir when not available in code server
- Set default prefix to /usr/local
- Start supervisors after ext_mod
- Don't log warning on successful ping reply
- New muc_register_nick command
Core
- Deprecate jlib.erl in favor of misc.erl
- Add support for file-based queues
- ejabberd_sm: Fix routing of headline and groupchat messages
- Fix c2s connection close on demand
- Improve overloaded S2S queue processing
Databases
- Improve Redis related code
- Add Redis pool support
- Improve logging of Redis errors
- Add Redis and SQL as mod_proxy65 RAM backends
- Add Redis and SQL as mod_carboncopy RAM backends
- Add Redis and SQL as mod_bosh RAM backends
- Add Redis and SQL as router RAM backends
- Add SQL as mod_muc RAM backend
- Remove obsolete Pubsub mnesia migration calls
Miscellany
- ejabberd_http: Expand @VERSION@ in custom headers
- ejabberd_http: Add "custom_headers" option
- mod_client_state: Queue stanzas of each full JID
- mod_http_upload: Don't add "Server" header line
- Pubsub: Refactor pubsub's get_last_items
- Pubsub: Fix PEP issues
Major improvements
- New modular code allows to develop modules for a wide scope of
functionalities without patching the core code such as C2S, S2S and
router
- Now 'From' and 'To' arguments must be omitted in functions and
structures related to routing
- Ejabberd used to store all in-memory shared data such as ACLs,
proxy65, sessions, routes, clustering, etc in internal Mnesia
database and this used to be hardcoded. With new API it's now possible
to store such data in any database. However, currently only Mnesia
backend is supported.
- Dynamic configuration reload allows to reload modules, database
connections, listeners, ACLs and global options without restarting
ejabberd
- Spam protection allows to block packets from non-subscribers
- S2S dialback is now an optional module
Developer
- tools/hook_deps.sh: checks hook dependencies
- tools/find-outdated-deps.pl: checks which dependences need update
- Mark as deprecated add/get_local/global_option config functions
- Change routing API
Core
- Fix some corner cases while re-reading RFC6120
- Attach IP metadata to every stanza received from stream
- Apply SASLprep before storing/converting passwords
- Send compressed in correct order
- Reset XML stream before sending SASL success
- Speedup features list when a lot of virtual hosts configured
- Fix s2s_dns_timeout issues
- Better handling of IPv6 domains
- Rename mod_sm -> mod_stream_mgmt
- Don't count resent stanzas
- Improve startup procedure, and log startup time
- Add more processes to supervision
- sm_sql: Avoid PID collisions
Admin
- Add 'supervisor' listening option
- Accept "add_commands: admin" in commands section
- Make sure that api_permissions always have "console commands"
section
- Change name of pam dep from p1_pam to epam
- Improve compilation with rebar3
- Add TLS support for external components
- Specify "ExecReload" command in systemd unit
- Don't attempt to resolve _jabber._tcp SRV record
- Improve error reporting for forbidden servers
- mod_block_strangers: New module to block packets from
non-subscribers
- mod_register: Report password change in the log
- Remove relict mod_service_log
- Remove unused mod_ip_blacklist
- Remove ejabberd_frontend_socket
- WebAdmin: improve formatting when showing erlang terms
- Import from Prosody: Fix import of SCRAM passwords, offline
API & Commands
- get_last now always returns tuple with UTC XEP-0082 and status
- Protect users from delete_old_users command using a fixed access
rule
- Separate list of strings with \n for srg_get_info in mod_http_api
- Support non-JID lines in command create_rooms_file
- stop_all_connections now stops all s2s connections via supervisor
calls
- Support scrammed passwords in ejabberdctl import_prosody
Configuration
- Provide example mod_http_api configuration with couple commands
- Clarify new modules usage in the example config
- Don't crash on malformed IP addresses
- Fix parsing of acl/access rules inside oauth sections of
api_permissions
Config reload improvements
- Start/stop auth modules when host is added/deleted
- Improve modules start/stop procedures
- Check result of gen_mod:start/2 callback
- Improve reload_config admin command
- Invalidate access permissions on configuration reload
- Start/stop virtual hosts when reloading configuration file
- Reload modules when reloading configuration file
- Restart listeners on configuration reload
- Make sure all hooks are called with proper host
Databases
- Add missing NOT NULL restrictions in schemas
- Move archive tables into lite.sql for better comparison with other
schemas
- Implement database backend interface for mod_proxy65
- Implement database backend interface for MUC, BOSH and auth_anonyous
- Implement database backend interface for ejabberd_router
- Propagate the TRANSACTION_TIMEOUT to pgsql driver
New XMPP stream behavior
- Reflect cyrsasl API changes in remaining code
- Improve return values in cyrsasl API
- More refactoring on session management
- Add xmpp_stream_out behavior and rewrite s2s/SM code
- Rewrite ejabberd_service to use new XMPP stream API
MAM & offline storage
- Make a message is not bounced if it's archived
- Archive message before delivering it to offline storage
- Include stanza ID with archived offline messages
- Add stanza-id to every archived message
PubSub
- Avoid orphan_item leak on affiliation/subscription removal
- Fix pubsub SQL schemas, add NOT NULL restrictions
- Fix last item cache for multiple hosts
Server to server
- Several improvements of S2S errors logging
- Resolve all addresses from SRV lookup
- Add s2s work-around for gmail.com
2.12.3 (2016-10-22)
* fix crash with bad translations
* fix crash and leaks in mpcinfo plugin
* add mhop command
* change ping timeout to 60 by default
* update translations
2.12.2 (2016-10-08)
* fix input box theme with Adwaita 3.20
* fix return value of hexchat_pluginpref_get_int()
* fix tab color changing when print events are eaten
* fix network name not being sanitized for scrollback files
* fix building sysinfo on OS X <= 10.9
* fix resume with DCC GET
* fix possible assertion when decoding incoming text
* fix possible crashes when plugins modify the UI during context close
* add "chanmodes" to channel list in plugin api
* lua:
o add automatic return and = handling in console
o fix pluginpref usage
* fishlim:
o fix saving nicks containing [ or ]
o add commands: /topic+, /msg+, and /notice+
o add support for /me
o add /keyx command to do DH1080 key exchanges
* improve efficiency of various timers
* reduce updates of user count in titlebar/userlist
* download extra redist for perl on Windows
* update appdata file
* update translations
* update dependencies on Windows
This is a leaf package, and in preparation of a security fix.
"please commit" gdt@
version 2.12.0 (03/09/2017):
libpurple:
* Fix an out of bounds memory read in purple_markup_unescape_entity.
CVE-2017-2640
* Fix use of uninitialised memory if running non-debug-enabled versions of glib
* Updated AIM dev and dist ID's to new ones that were assigned by AOL.
* TLS certificate verification now uses SHA-256 checksums.
* Fixed SASL external auth for Freenode.
* Removed the MSN protocol plugin. It has been unusable and dormant for some
time. MSNP18 has been discontinued and the protocol plugin would require a
large update to start working again. See: http://ismsndeadyet.com/ The
third-party Pidgin SkypeWeb plugin, however, should provide enough
functionality as a replacement if people still want to use MSN:
https://github.com/EionRobb/skype4pidgin/tree/master/skypeweb
* Removed Mxit protocol plugin. The service was closed at the end of
September 2016. See
https://pidgin.im/pipermail/devel/2016-September/024078.htm
* Removed the MySpaceIM protocol plugin. The service has been defunct for a
long time. (#15356)
* Remove the Yahoo! protocol plugin. Yahoo has completely
reimplemented their protocol, so this version is no longer operable as
of August 5th, 2016:
https://yahoo.tumblr.com/post/145715934739/q2-2016-progress-report-on-our-product
A new protocol plugin has been written to support the new protocol.
It can be found here: https://github.com/EionRobb/funyahoo-plusplus
This also removes support for Yahoo! Japan. According to
http://messenger.yahoo.co.jp/ the service ended March 26th, 2014.
* Remove the Facebook (XMPP) account option. According to
https://developers.facebook.com/docs/chat the XMPP Chat API service
ended April 30th, 2015. A new protocol plugin has been written,
using a different method, to support Facebook. It can be found at
https://github.com/dequis/purple-facebook/wiki
* Fixed gnutls certificate validation errors that mainly affected google (Dequis)
General
* Replaced instances of d.pidgin.im with developer.pidgin.im and updated the
urls to use https. (#17036)
IRC
* Fixed issue of messages being silently cut off at 500 characters. Large
messages are now split into parts and sent one by one. (#4753)
build, and this update includes a security fix.
v1.0.2 2017-03-10 The Irssi team <staff@irssi.org>
- Prevent some null-pointer crashes (GL!9).
- Fix compilation with OpenSSL 1.1.0 (#628, #597).
- Correct dereferencing of already freed server objects during
output of netjoins. Found by APic (GL!10, GL#7).
- Fix in command arg parser to detect missing arguments in tail place
(#652, #651).
- Fix regression that broke incoming DCC file transfers (#667, #656).
- Fix issue with escaping \ in evaluated strings (#669, #520).
version 2.11.0 (06/21/2016):
General:
* 2.10.12 was accidentally released with new additions to the API and
should have been released as 2.11.0. Unfortunately, we did not catch
the mistake until after 2.10.12 was released, but we're fixing it now.
See ChangeLog.API for more information.
* Include the Mozilla certificate bundle. This fixes connecting to servers
with certificates from Let's Encrypt.
* Remove all 1024-bit CAs
libpurple:
* media: fix an issue with ximagesink displaying only a corner cut-out of
a larger webcam video (Jakub Adam)
* mediamanager: update output window destruction so that it reflects recent
changes in the media pipeline structure (Jakub Adam)
* Ported Instantbird's CommandUiOps to libpurple (Dequis)
Pidgin:
* Fixed#14962
* Fixed alignment of incoming right-to-left messages in protocols that
don't support rich text
* Fix a potential crash while exiting pidgin
Windows-Specific Changes:
* Use getaddrinfo for DNS to enable IPv6 (#1075)
* Updates to dependencies:
* NSS 3.24 and NSPR 4.12.
AIM:
* Add support for the newer kerberos-based authentication of AIM 8.x
Bonjour
* Fixed building on Mac OSX (Patrick Cloke) (#16883)
ICQ:
* Stop truncating passwords to 8 characters like old ICQ clients did.
(#16692). If you actually needed this, truncate your password
manually by pressing backspace a few times.
IRC:
* Base64-decode SASL messages before passing to libsasl (#16268)
MXit
* Fixed a buffer overflow. Discovered by Yves Younan of Cisco Talos.
(TALOS-CAN-0120)
* Fixed a remote out-of-bounds read. Discovered by Yves Younan of Cisco
Talos. (TALOS-CAN-0140)
* Fixed a remote out-of-band read. Discovered by Yves Younan of Cisco
Talos. (TALOS-CAN-0138, TALOS-CAN-0135)
* Fixed an invalid read. Discovered by Yves Younan of Cisco Talos
(TALOS-CAN-0118)
* Fixed a remote buffer overflow vulnerability. Discovered by Yves
Younan of Cisco Talos. (TALOS-CAN-0119)
* Fixed an out-of-bounds read discovered by Yves Younan of Cisco Talos.
(TALOS-CAN-0123)
* Fixed a directory traversal issue. Discovered by Yves Younan of Cisco
Talos (TALOS-CAN-0128)
* Fixed a remote denial of service vulnerability that could result in
a null pointer dereference. Discovered by Yves Younan of Cisco Talos.
(TALOS-CAN-0133)
* Fixed a remote denial of service that could result in an out-of-bounds
read. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0134)
* Fixed multiple remote buffer overflows. Discovered by Yves Younan of
Cisco Talos. (TALOS-CAN-0136)
* Fixed a remote NULL pointer dereference. Discovered by Yves Younan of
Cisco Talos (TALOS-CAN-0137)
* Fixed a remote code execution issue discovered by Yves Younan of Cisco
Talos. (TALOS-CAN-0142)
* Fixed a remote denial of service vulnerability in contact mood
handling. Discovered by Yves Younan of Cisco Talos (TALOS-CAN-0141)
* Fixed a remote out-of-bounds write vulnerability. Discovered by Yves
Younan of Cisco Talos. (TALOS-CAN-0139)
* Fix a remote out-of-bounds read. Discovered by Yves Younan of Cisco
Talos. (TALOS-CAN-0143)
0.9.12
- Dependencies: Fix certificate verification failures when using
LuaSec 0.6
- mod_s2s: Lower log message to 'warn' level, standard for
remotely-triggered protocol issues
- certs/Makefile: Remove -c flag from chmod call (a GNU extension)
- Networking: Prevent writes after a handler is closed
0.9.11
- HTTP parser: Improve buffering of incoming HTTP data and add size
limits
- sessionmanager: Fix for an issue which caused people to be kicked
from conferences if mod_smacks was enabled
- Dependencies: Workaround for compatibility with LuaSec 0.6
- MUC: Accept missing form as "instant room" request
- C2S: Fix issues with destroying disconnected connections
- mod_privacy: Fix selection of the top resource(s)
- mod_presence: Make sure both users get each others presence after
adding each other
- mod_http_files: Fix traceback when serving a non-wildcard path
- mod_http_files: Preserve a trailing slash in paths
- util.datamanager: Fix error handling
- net.server_event: Fix internal socket API to allow writing from
socket.ondrain callback
- net.server_event: Fix timeout
- net.server_event: Fix traceback due to write during TLS handshake
- net.server_event: Fix buffer length check
This needs glib2 to run, and glib2 depends on perl, so no reason not to
support perl scripting here.
Requested by Dominik Bialy in PR 52008.
Bump PKGREVISION.
v1.0.1 2017-02-03 The Irssi team <staff@irssi.org>
- Fix Perl compilation in object dir. By Martijn Dekker (#602, #623).
- Disable EC cryptography on Solaris to fix build (#604, #598).
- Fix incorrect HELP SERVER example (#606, #519).
- Correct memory leak in /OP and /VOICE. By Tim Konick (#608).
- Fix regression that broke second level completion (#613, #609).
- Correct missing NULL termination in perl_parse. By Hanno Böck (#619).
- Sync broken mail.pl script (#624, #607).
Changelog:
[[v1.7]]
== Version 1.7 (2017-01-15)
New features::
* core: add option weechat.look.align_multiline_words (issue #411, issue #802)
* core: add optional command prefix in completion templates "commands", "plugins_commands" and "weechat_commands"
* core: add optional arguments in completion template, sent to the callback
* core: add option "time" in command /debug
* api: add info "uptime" (WeeChat uptime)
* api: add info "pid" (WeeChat PID) (issue #850)
* fifo: add file fifo.conf and option fifo.file.path to customize FIFO pipe path/filename (issue #850)
* irc: add server option "usermode" (issue #377, issue #820)
* irc: add tag "self_msg" on self messages (issue #840)
Improvements::
* core, xfer: display more information on fork errors (issue #573)
* core: add a slash before commands completed in arguments of /command, /debug time, /key bind, /key bindctxt, /mute, /repeat, /wait
* core: add a warning in header of configuration files to not edit by hand (issue #851)
* alias: add a slash before commands completed in arguments of /alias
* exec: add option "-oc" in command /exec to execute commands in process output, don't execute commands by default with "-o" (issue #877)
* irc: evaluate content of server option "ssl_fingerprint" (issue #858)
* irc: change default value of option irc.network.lag_reconnect from 0 to 300 (issue #818)
* trigger: do not hide email in command "/msg nickserv register password email" (issue #849)
Bug fixes::
* core: fix deadlock when quitting after a signal SIGHUP/SIGQUIT/SIGTERM is received (issue #32)
* core: fix display of empty lines in search mode (issue #829)
* api: fix crash in function string_expand_home() when the HOME environment variable is not set (issue #827)
* exec: fix memory leak in display of process output
* irc: fix option "-temp" in command /server (issue #880)
* irc: fix close of server channels which are waiting for the JOIN when the server buffer is closed (issue #873)
* irc: fix buffer switching on manual join for forwarded channels (issue #876)
* irc: add missing tags on CTCP message sent
* lua: fix integers returned in Lua >= 5.3 (issue #834)
* relay: make HTTP headers case-insensitive for WebSocket connections (issue #888)
* relay: set status to "authentication failed" and close immediately connection in case of authentication failure in weechat and irc protocols (issue #825)
* script: reload a script after upgrade only if it was loaded, set autoload only if the script was auto-loaded (issue #855)
Build::
* core, irc, xfer: fix compilation on Mac OS X (add link with resolv) (issue #276)
* core: add build of xz package with make dist (cmake)
* tests: fix compilation of tests on FreeBSD 11.0
Most relevant changes:
Admin
- Add example api_permissions: definition to config template
- Allow old-stype mod_vcard_ldap in the config
- Fix migration of old pubsub database (migrating from 2.1.x)
- Get nodes from ejabberd_cluster instead of mnesia
- mod_configure: Fix configuration commands
Core
- Fix case clauses when using compression
- Set from/to in every routed packet
- Correctly process errors from new cyrsasl API
- Improve return values in cyrsasl API
Modules
- mod_http_bind: remove and migration code to mod_bosh
- mod_muc: Allow a subscriber to create room, then set
allow_subscription=true
- mod_muc: Support legacy muc#roomconfig values
- mod_offline: Decode message before checking for expiration
Mnesia
- Let ejabberd_mnesia handles copy_type
- Fix index processing
- Speedup table setup, no i/o if EJABBERD_SCHEMA_PATH not set
SQL
- Add SSL support for SQL connections with PostgreSQL 1.1.2+
- Cope with malformed values in 'rosterusers' SQL table
- Improve tag insertion, avoid duplication
MASTER_SITES= site1 \
site2
style continuation lines to be simple repeated
MASTER_SITES+= site1
MASTER_SITES+= site2
lines. As previewed on tech-pkg. With thanks to rillig for fixing pkglint
accordingly.
* Do not attempt to reload SM modules on SIGHUP
* Cleanup config files example
* Fixed memory leak in pgsql storage driver
* Fixed two double-frees caused by dangling pointers
* Fixed c2s logger initialization point
On NetBSD, sm receives a SIGHUP shortly after being started from rc.d,
which causes a crash. With 2.5.0, sm starts correctly on boot.
Drop MESSAGE; reading NEWS on updating is standard practice and not
special about jabberd.
Drop dependency of router, sm, s2s on c2s. This did not make sense --
none of them care if c2s runs.
c2s, s2s, and sm all connect to router. So make them depend on
router, even though in theory they should retry.
Make c2s depend on sm, because if someone tries to log in before sm is
running, they will get a failure, and some clients do not retry
correctly. Getting ECONNREFUSED connecting to c2s is more likely to
be handled correctly.
No PKGREVISION; riding the impending update.
(Tested on netbsd-6 i386 in a domU.)
v1.0.0 2017-01-03 The Irssi team <staff@irssi.org>
* Removed --disable-ipv6 (#408).
* /connect Network now aborts with an error if no servers have been
added to that network (#443).
* /dcc commands now use quotes around spaces consistently.
* bell_beeps was removed (#524, #565).
* Switch to GRegex instead of regex.h (#412).
+ irssiproxy can now forward all tags through a single
port. By Lukas Mai (mauke, #425).
+ irssiproxy can also listen on unix sockets. By Lukas Mai (#427).
+ send channel -botcmds immediately when no mask is specified (#175, #399).
+ the kill buffer now remembers consecutive kills.
New bindings were added: yank_next_cutbuffer and append_next_kill
By Todd A. Pratt (#353, #414, #455)
+ connections will avoid looking up IPv6 addresses if the machine does
not have an IPv6 address assigned (exact behaviour is implementation
defined, #410).
+ Fix potential crash if scripts insert undef values into the completion
list (#413).
+ Paste warning is now also shown on pasting overlong
lines. By Manish Goregaokar (#426).
+ autolog_ignore_targets and activity_hide_targets learn a new syntax
tag/* and * to ignore whole networks or everything.
By Jari Matilainen (vague666, #437)
+ /hilight got a -matchcase flag to hilight case
sensitively. By Thibault B (isundil, #421, #476).
+ Always build irssi with TLS support.
+ Rename SSL to TLS in the code and add -tls_* versions of the -ssl_*
options to /CONNECT and /SERVER, but make sure the -ssl_* options continue
to work.
+ Use TLS for Freenode, EFnet, EsperNet, OFTC, Rizon, and IRC6 in the default
configuration.
+ Display TLS connection information upon connect. You can disable this by
setting tls_verbose_connect to FALSE.
+ Add -tls_pinned_cert and -tls_pinned_pubkey for x509 and public key pinning.
The values needed for -tls_pinned_cert and -tls_pinned_pubkey is shown
when connecting to a TLS enabled IRC server, but you can also find the
values like this: Start by downloading the certificate from a given IRC
server:
$ openssl s_client -connect chat.freenode.net:6697 < /dev/null 2>/dev/null | \
openssl x509 > freenode.cert
Find the value for -tls_pinned_cert:
$ openssl x509 -in freenode.cert -fingerprint -sha256 -noout
Find the value for -tls_pinned_pubkey:
$ openssl x509 -in freenode.cert -pubkey -noout | \
openssl pkey -pubin -outform der | \
openssl dgst -sha256 -c | \
tr a-z A-Z
+ Remove support for DANE validation of TLS certificates.
There wasn't enough support in the IRC community to push for this on the
majority of bigger IRC networks. If you believe this should be
reintroduced into irssi, then please come up with an implementation that
does not rely on the libval library. It is causing a lot of troubles for
our downstream maintainers.
+ /names and $[...] now uses utf8 string operations. By Xavier
G. (#40, #411, #471, #480).
+ New setting completion_nicks_match_case (#488).
+ /channel /server /network now support modify subcommand. By
Jari Matilainen (#338, #498).
+ Irssi::signal_remove now works with coderefs. By Tom Feist (shabble, #512).
+ /script reset got an -autorun switch (#540, #538).
+ cap_toggle can now be called from Perl, and fields
cap_active and cap_supported can be inspected (#542).
+ Make it possible to disable empty line completion. By Lauri
Tirkkonen (lotheac, #574).
+ New option sasl_disconnect_on_failure to disconnect when
SASL log-in failed (#514).
- IP addresses are no longer stored when resolve_reverse_lookup is
used.
- Removed broken support for curses (#521).
- Removed broken dummy mode (#526).
- Fix terminal state after suspend (#450, #452).
- Improve Perl library path detection (#479, #132).
- Reconnect now works on unix connections (#493).
- Fix completion warnings (#125, #496, FS#124).
- Fix a crash in the --more-- item (#501).
- Fix a display issue in /unignore (#517, bdo#577202).
- Fix a crash in some netsplits (#529, #500).
- Fix crashes with some invalid config (#550, #551, #563, #564, #587, #581, #570).
- Add support for SASL Fragmentation. By Kenny Root (kruton, #506).
- Improve netsplit dumping (#420, #465).
- Improve responsibility under DCC I/O strain (#578, #159).
- Fix query nick change on open (#580, #586).
- Correct a few help texts.
irssi 0.8.21 is a maintenance release without any new features.
Changes:
- Correct a NULL pointer dereference in the nickcmp function found by
Joseph Bisch (GL#1)
- Correct an out of bounds read in certain incomplete control codes
found by Joseph Bisch (GL#2)
- Correct an out of bounds read in certain incomplete character
sequences found by Hanno Böck and independently by J. Bisch (GL#3)
- Correct an error when receiving invalid nick message (GL#4, #466)
Due to the documenation change below, man pages are no longer supplied in pkgsrc.
New features
core: add optional argument "lowest", "highest" or level mask in command /input hotlist_clear
core: add option "cycle" in command /buffer
api: add "extra" argument to evaluate extra variables in function string_eval_expression() (issue #534)
relay: add option relay.network.allow_empty_password (issue #735)
trigger: add support for one-time triggers (issue #399, issue #509)
Improvements
core, irc, xfer: display more information in memory allocation errors (issue #573)
api: remove functions printf_date() and printf_tags()
irc: rename server options "default_msg_{kick|part|quit}" to "msg_{kick|part|quit}", evaluate them
relay: allow escape of comma in command "init" (weechat protocol) (issue #730)
Bug fixes
core, irc, xfer: refresh domain name and name server addresses before connection to servers (fix connection to servers after suspend mode) (issue #771)
api: fix return of function string_match() when there are multiple masks in the string (issue #812)
api: fix crash in function network_connect_to() if address is NULL
api: fix connection to servers with hook_connect() on Windows 10 with Windows subsystem for Linux (issue #770)
api: fix crash in function string_split_command() when the separator is not a semicolon (issue #731)
irc: fix socket leak in connection to server (issue #358, issue #801)
irc: fix display of service notice mask (message 008) (issue #429)
irc: fix NULL pointer dereference in 734 command callback (issue #738)
relay: return an empty hdata when the requested hdata or pointer is not found (issue #767)
xfer: fix crash on DCC send if option xfer.file.auto_accept_nicks is set (issue #781)
Documentation
switch to asciidoctor to build docs and man page
Build
python: add detection of Python 3.5
API / integration
- New API permissions framework
Commands
- Add configurable weight for ejabberd commands
- add_rosteritem: Support several groups separated by ;
- create_rooms_file: Fix reading room jids from file
- delete_old_messages: Fix command for SQL backends
- send_message: Don't duplicate the message
- Remove obsolete remove_node command (use leave_cluster)
- Fix reload_config
- Cleanup mod_admin_extra, add few functions
- Expose unregister API command
Core XMPP
- New BOSH module
- Use fxml_gen XML generator
- Use our new stand-alone XMPP library instead of jlib.erl
- Don't let MAM messages go into offline storage
- Add xdata generator for XMPP data form
- Get rid of excessive (io)list_to_binary/1 calls
HTTP
- Add authentication support to mod_http_fileserver
- ejabberd_http: Handle missing POST data gracefully
- Use inets instead of lhttpc in http_p1
- Add http_p1.erl, rest.erl, and oauth2 ReST backend for OAuth2 tokens
MUC
- Create room on configuration request as per XEP-0045, 10.1.3
- Ensure that presence_broadcast room option is stored
- Fix conference disco#items when running multiple virtual hosts
- Fix Result Set Management (RSM) for conference disco#items
- Introduce muc_invite hook
- Make the constant MAX_ROOMS_DISCOITEMS configurable
- mod_carboncopy: Don't copy MUC private messages
MUC/Sub
- Store the flag "Allow Subscription" room option in database
- When getting list of subscribed rooms, also check temporary ones
- Add password support in muc_subscribe
- When unsubscribes, check if room should get closed
Pubsub
- Enforce pubsub node removal
- Relational databases support
- Append ; to privacy_list_data exporting lines
- Improve relational database import
Build
- Make build system compatible with rebar3
- Produce ejabberd.service and fix for systemd usage
- Cleanup ext_mod and fix compilation path
- Fix compilation of external module with new xmpp lib
process fails if no openssl.cnf exists. Patch can likely be extended to
remove dependency on the openssl binary completely, but that's beyond
the scope of this fix.
Many of these definitely do not depend on readline.
So there must be a different underlying problem, and that
should be tracked down instead of papering over it.
Solves:
/usr/libexec/binutils225/elf/ld.gold: error: cannot find -lreadline
The missing specification is obvious on DragonFly because there's
no publically accessible version of readline in base.
New XMPP Extension support
- Support for XEP-0355 - Namespace Delegation
- Support for XEP-0356 - Privileged Entity
Elixir support
- Support for Elixir-based configuration files
MUC/Sub
- Add a new request to list MUC room subscribers
- Link MUC subscription to bare JID
- New commands unsubscribe_room and unsubscribe_room for MUC
subscriptions management through API
- Fix nick-to-jid mapping for MUC subscribers
- Fix subscribed rooms list retrieval
- Fix message routing from subscribers
- Do not update muc_online_users table on MUC/Sub operations
MUC
- Support multiple JIDs in room invitations
- Create room on configuration request as per XEP-0045, 10.1.3
PubSub
- Add SQL support for microblogging node plugin
- Fix publish with subscriber publish model and SQL backend
- node_mb: Call node_pep instead of node_hometree
Stream Management
- New Stream Management option: ack_timeout
- Fix Stream Management feature for the websocket connections
- Cancel timer when waiting for resumption
MAM and Offline
- Don't store messages of type "headline"
- Simplify "assume_mam_usage" option
- Honor hint for any non-"error" message
- Store announcements for offline users
Database
- Session backend: fix clean Redis table
- mod_shared_roster: Support SQL backend
ejabberdctcl admin tool
- ejabberdctl: do not force access rules check on register command
- ejabberdctl: do not force command line to pass a credential
- New commands unsubscribe_room and unsubscribe_room for MUC
subscriptions management
- New command create_room_with_opts to create room with custom
config
ejabberd API
- New commands unsubscribe_room and unsubscribe_room for MUC
subscriptions management
- New command create_room_with_opts to create room with custom
config
- Add X-Admin and basic auth header to CORS allowed headers in
http_api
- Properly process OPTIONS header in http_api for all paths
- Expand parsing of JSON input to be able to handle update_roster
command
- Provide proper args_desc in oauth_issue_token command
Developer features: ejabberd Hooks
- Add hooks c2s_session_pending, c2s_session_resumed,
store_offline_message, store_mam_message
- Add CSI user's JID argument to csi_filter_stanza and
csi_flush_queue hooks
- Add functions to get/set some c2s #state elements from external
modules
- mod_client_state: Let other modules filter stanzas
- rework c2s API to simplify push modules integration
previously it would create a world readable file containing chat
logs when /upgrade was used.
while a security fix, you have to jump through many hoops to be
affected by it - we don't enable perl scripts by default, we
don't run that perl script by default, and you'd have to know that
/upgrade exists in the first place, and run on a system where world
readability of files is a concern.
still, grab upstream update, bump PKGREVISION.
catch up with irssi-icb, irssi-xmpp distinfo (they grab irssi versioned
file).
comment out part of irssi-xmpp makefile which is breaking the build.
irssi 0.8.20 changes:
- Correct the name of an emitted sasl signal (#484)
- Correct the prototype for the 'message private' signal (#515)
- Corrections in away and hilight help text (#477, #518)
- /squery and /servlist commands have been restored.
- Where Irssi would previously only report "System error" on connect,
it will now try harder to retrieve the system error message.
- Fixed issue with +channels not working properly (#533)
- Fixed crash in optchan when item has no server (#485)
- Fixed random remote crash in the nicklist handling (#529)
- Fixed remote crash due to incorrect bounds checking on
formats, reported by Gabriel Campana and Adrien Guinet from
Quarkslab.
There have been many changes since the previous official release, 1.4.3, which
was published 7 years ago, so we'll only mention a few of them:
- This Loudmouth release is compatible with current Glib/GTK libraries
- The internal asyncns copy has been removed
- The security has been improved in several ways:
- Certificates: added checking of SAN(s) when CN does not match and fixed CN
wildcard handling
- SSL 2 and 3 have been deactivated; TLS 1.1 and 1.2 have been activated
- Use the default cipher suite of GnuTLS
- New API: Implementation of lm_ssl_set_ca and lm_ssl_set_cipher_list
This enables the application to choose additional CA certificates to trust
as well as the cipher suites which are used by OpenSSL or GnuTLS
- Many resolver and parser issues have been fixed
I can't find a subsequent changelog for 1.5.1 to 1.5.3 but assume "bugs fixed".
Change log:
v1.0.17 -- 23 Aug 2016
----------------------
Note: This release is not binary compatible with previous releases.
It is source compatible.
- MingW compile fixes (thanks to Florian Niebel)
- properly use winsock2 (thanks to Kau)
- a few fixes for uclibc++ compatibility (thanks to Erik Horemans)
- Message: removed bogus hard-coded namespace to fix component use
v1.0.16 -- 16 Jul 2016
----------------------
- PubSubManager: properly include publish options (thanks to Iban Ulov)
- PubSubManager: properly parse subscriptions in ctor (thanks to Joe Best)
- Resource: fixed high memory usage when receiving presence stanzas
(#259) (thanks to Manuel)
v1.0.15 -- 25 Apr 2016
----------------------
- Error: fix copy ctor (thanks to Olivier Tchilinguirian)
- ClientBase: properly fix handling of MUC invitation declines
(wrong in 1.0.14) (thanks to Martin Hillmeier and Matias Snellingen)
(#248)
- MUCRoom: handle SendRoomConfig (thanks to Matias Snellingen) (#253)
- soversion bump, missed that for 1.0.14 (thanks to Vincent Cheng)
- TLSGNUTLSClient: fixed off-by-one error in certificate verification
- IPv6 fixes
v1.0.14 -- 11 Aug 2015
----------------------
Note: This release is not binary compatible with previous releases.
It is source compatible.
- IOData: make it possible to pass more than one element as in/out/error data
- Client: fix resetting of presence status text
- TLSSChannel: fix memory leak (thanks to Alexander Weisner)
- Error: added setAppError() to set application-specific error message
- PubSub::Item: added setPayload(), setID()
- Adhoc: return clone of plugin
- PubSub::Manager: fix finding of subscription type (thanks to BillHoo)
- ChatStateFilter: fix enable logic (thanks to Ivan Shmakov)
- MessageEvent: added parsing of <id/> (thanks to Ivan Shmakov)
- MessageEvent: added id() (thanks to Ivan Shmakov)
- ClientBase: handle MUC invitation declines properly (thanks to
Matias Snellingen)
- DNS: IPv6 fix (thanks to garimacoe) (#249)
- DelayedDelivery: propagate internal state properly (#251)
- PubSub::Manager: fix GetSubscriberList and GetAffiliateList
2.12.1 (2016-05-01)
add lua plugin
change desktop file to open urls in existing instance on Unix
misc chanopt fixes
misc identd fixes
misc challengeauth fixes
re-add support for old versions of libnotify
update network list
2.12.0 (2016-03-12)
add support for IRCv3.2
add support for twitch.tv/membership cap
add support for SNI (Server Name Indication)
add ability to do DnD reordering in some settings dialogs
add option to disable middle-click closing tabs
rewrite sysinfo plugin
rewrite identd plugin
rewrite update plugin
rewrite checksum plugin
remove DH-{AES,BLOWFISH} mechanisms (insecure)
remove IRC encoding, replaced with UTF-8
remove System Default encoding, replaced with UTF-8
remove configure option to disable ipv6
remove msproxy and socks5 library support (unused)
change tab-complete to favor other user nicks over own
change url detection to support unicode
change decoding to not attempt ISO-8859-1 fixing corruption
change pluginpref to escape values
minor changes to icons
fix numerous crashes (but not #600)
fix poor performance with nick indent enabled
fix UTF-8 text in winamp plugin
fix fishlim plugin handling networks with server-time
fix logging hostname of users in new queries
fix Key Press event sending non-UTF-8 text to plugins
fix get_info( win_ptr ) from python
fix running portable-mode from another directory
fix duplicate timestamps on selection
fix cfgdir argument
fix mode-button text being cut off
fix scrollback timestamps with server-time
fix url handler accepting quoted paths with spaces
fix using correct encoding when jumping networks
improve DCC handling large files
improve python detection in configure
improve scrollback file handling (corruption, line endings)
improve building in cygwin
improve build options on unix to be more secure
update translations
update network list
2.10.2 (2014-11-25)
verify hostnames of certificates
use more secure openssl options (No SSLv2/3)
detect utf8 urls in chat
fix using multiple client certs at the same time
fix checking for Perl on some distros
fix friends list not properly updating
fix building with format-security
fix opening utf8 urls on Windows and OSX
update deps on Windows
update translations
Changes:
v0.8.19 2016-03-23 The Irssi team <staff@irssi.org>
- Fixed regression when joining and parting channels on IRCnet (#435)
- Fixed SASL EXTERNAL (#432)
- Fixed regression when not using SASL (#438)
- Fixed incorrect SSL disconnects when using SSL from modules/scripts
(#439)
- Fixed regression where proxy_string could not be configured or
certain file transfers could not be accepted (#445)
- Fixed storing layout of !channels (#183)
- Fixed restoration of bracketed paste mode on quit (#449)
- Make the usage of meta-O for cursor keys configurable with
/set term_appkey_mode off
v0.8.18 2016-02-13 The Irssi team <staff@irssi.org>
* Modules will now require to define a
void MODULENAME ## _abicheck(int *version)
method to ensure that they are compiled against the correct Irssi
version.
* The signature of "message private" has been changed to
5: server, message, nick, address, target
in order to support "self messages". Module authors should
implement this change if they are using this signal.
* Removing networks will now remove all attached servers and channels
(#45).
* The proxy module now has an /irssiproxy command.
* sb_search has been moved to scripts.irssi.org
* WIN32 has been completely removed (it had not been working and is
lacking a maintainer.)
* Garbage Collection support has been removed. This will hardly have any
effect for anyone given that it has been unsupported for several years.
+ CAP SASL PLAIN login is now supported natively.
+ Paste bracket markers can be requested from terminal with
/set paste_use_bracketed_mode on
+ "Self messages" generated by some bouncers can now be received in the
proper window.
+ Try to split long lines on spaces to avoid words being splitted. Adds
a new option: 'split_line_on_space' which defaults to on.
+ Add setting hilight_nick_matches_everywhere (#56).
+ The config parser is more robust and prints out better diagnostics on
incorrect config files.
+ Ctrl+^ (FS#721) and Ctrl+J can now be bound.
+ Command history can be cleared with /window history -clear
+ /hilight -mask -line is now supported (FS#275).
+ CHANTYPES are now supported.
+ Improved reload speed of ignores.
+ Add -date feature to /lastlog
+ irssiproxy can be more easily enabled and disabled.
+ Expando for hostname (FS#829).
+ UNIX sockets can now also be specified in the config file.
+ Disable SSLv3 due to the POODLE vulnerability.
+ SSL ciphers can now be specified per server.
+ Added SNI support for SSL.
- /ignore now respects -pattern on merge (#78).
- irssiproxy (BNC) module now uses correct line endings.
- Fix missing lines on large pastes (FS#905).
- Correctly preserve STATUSMSG prefixes (#291).
- Fix infinite recursion in key bindings (FS#817).
- Fix incomplete awaylog caused by buffering.
- Fix calculation of UTF-8 string length display in some cases.
- Fix some Perl warnings related to @ISA.
- EXEC windowitems now get proper references on the Perl side.
- Incremental help file improvements.
- ANSI attributes are now properly reset.
- Fixed regression where text would blink when terminal lacks color
support.
- Permit the usage of Freenode extban syntax in /ban (#150)
- Fixed regression in scriptassist on unload of scripts.
- Fixed regression in -actcolor %n
ejabberd 16.08
MUC
- New MUC/Sub support
- Add 'allow_subscription' room configuration option for MUC/Sub
OAuth and ReST API
- Add OAUTH SQL backend
- New special scope: ejabberd:admin and ejabberd:user, to more
easily grant group of privileges
- Add DB backend support for ejabberd_oauth
- Added ejabberdctl commands to manage OAuth tokens:
oauth_issue_token, oauth_list_tokens, oauth_list_scopes,
oauth_revoke_token
- Simplified OAuth form: username and password merged into JID
field
- User configurable validity duration for tokens on OAuth token
generation form
- Add support for sending back missing scope error to API ReST
command calls
- Oauth: several minor fixes
- Support oauth password grant type, to generate token
programmatically
Elixir support
- Update supported Elixir version to 1.2 and 1.3.
- Support installation of Elixir contributions with external
module command line tool.
PubSub
- Fix use of like parameter in sql pubsub's requests
- Fix node configuration change with sql backends
- Fix send_last_items duplication with multi-plugin setup
MAM
- Always limit result set page size
- Use hooks instead of direct calls
API
- Add support for checking access rules conformance for commands
- Add support for rich error reporting for API
- Add support for sending back missing scope error to API ReST
command calls
- Fix handling of complex values as arguments in http_api
- Improve error handling
Other improvements
- External Component Connection Hooks
- Fix compilation issues on R19
- Support for OpenSSL 1.1
- Make access rules in ejabberd_web_admin configurable
- Make modules loading in a dependent order (#1191)
- Make s2s stats commands more robust
- Preserve PID for offline sessions
- Several quoting fixes for PostgreSQL
- Switch supervised workers from temporary to transient
ejabberd 16.06
Config
- New ACL infrastructure
- Add shorter version of some common access rules definitions
- Allow @ inside acl rules user, user_glob or user_regexp to pass
both user and server in single string
- Add acl rule access_rules_validator and shaper_rules_validator
for use in mod_opt_type and opt_type callback functions.
- Allow using shapers defined by name like in s2s_shaper: fast
- Allow mod_opt_type and opt_type to transform values passed to
it, and support better error reporting
- Do not call transform_terms multiple times in configuration
processing when merging them
- Don't halt program when include_config_file is missing/can't be
read
- Allow again multiple fqdn values in configuration
Commands
- Allow passing username and ip to ejabberd_commands, and use it
in mod_http_api
- Fix path to epmd in ejabberdctl
- push_roster: must convert read strings to binaries
- set_presence: Fix command API
- Fix for modules_update_specs command
- Add ejabberdctl commands to manage oauth tokens.
Core
- Bounce messages sent to server JID
- Fix C2S session leak in rare cases
- Fix handling of queued stanzas on session timeout
- Give more time to stop and kill epmd
- When stopping ejabberd, stop modules after broadcasting c2s
shutdown
- XEP-0198: Use different error message for bounces
- XEP-0198: Add 'h' attribute to element
- XEP-0198: Also count stanzas when socket is closed
Databases
- Fix pgsql compatibility on delete_old_messages command
- Handle Redis connection in a separate module
- Report in SQL when scram is enabled but the stored password
isn't
- Update SQL escaping
- Use MEDIUMTEXT type for muc_room.opts in MySQL schema
MAM
- Send unique stanza id and archived tag also in the message
carbons
- Fix "assume_mam_usage: if_enabled"
- Fix typo in mod_mam:select()
- Updated support of XEP-0313 from version 0.4 to 0.5.1
- Mnesia: Avoid cleanup on bag when disc_only, switch in memory
- Mnesia: Don't exceed table size limit
- Mnesia: Use transactions when writing
Client State Indication
- Fix handling of chat states
- Simplify check for carbon-copied chat states
- Simplify handling of PEP stanzas
- Pass chat states of other resources
- Unwrap carbon copies when checking for chat states
- Add queue_pep option
- Queue chat state notifications
- Move CSI queue handling code from ejabberd_c2s
- When stopping, delete only the configured hooks
Other modules
- ext_mod: Set HTTP/1.0 so Github accepts the request
- gen_mod: Compile early to remove undefined behaviour warning
- mod_http_upload: Let client retry HTTP upload on file size
mismatch
- mod_last: Produce mod_last entry on account creation
- mod_muc_room: Notify on affiliation changes
- mod_register: Check password with jid:resourceprep when
registering account
- mod_roster: respect roster item changes introduced with
roster_process_item hooks upon pushing
- PubSub: Fix PubSub RSM on get_items
- PubSub: Add support for PubSub publishing options
- PEP: Fix sender in case of explicit pep subscriptions
- ejabberd_xmlrpc: Report error when conversion of argument type
fails
