v2.0.18 released!
Posted by ~Attila Molnar on October 26, 2014

What's new

InspIRCd v2.0.18 is now available, download it from the releases page.

This release fixes the issues discovered since 2.0.17.

Several new config options are now available for OpenSSL making it possible to disable SSLv3 among other things. For details please see the updated OpenSSL wiki page.

See the issue tracker for a list of reported bugs that got fixed in this version and for the pull requests that were merged.

View the complete changelog here.

Thanks to the following people for their work on this release:

Adam (4):

  • Do not use the result of the dns cache when the query type of the result is different from the type of the query. #66
  • Remove IPv6 address compaction.
  • Fix watch away numerics, #937
  • Fix m_banredirect causing bans added for hosts being rewritten as nicks

Attila Molnar (32):

  • m_sqlite3 Fix cleanup of unsuccessful database connections
  • Don’t try to set a mode in Channel::SetDefaultModes() if it needs a parameter but does not have one
  • Reject parameters that begin with a colon in Channel::SetDefaultModes()
  • m_ssl_gnutls Re-set DH params when the gnutls_certificate_credentials_t struct is reallocated
  • m_ssl_openssl Clear the error queue before every SSL_* call
  • m_ssl_openssl Enable single (EC)DH use and disable SSL v2
  • m_ssl_openssl Disable session caching and session tickets
  • m_ssl_openssl Allow configuring raw OpenSSL context options
  • m_nationalchars Rebuild core hashmaps when the national_case_insensitive_map changes
  • m_nationalchars Rebuild the hash map in m_watch when the national_case_insensitive_map changes
  • m_spanningtree Rebuild serverlist and sidlist when receiving a specific Request
  • m_nationalchars Ask m_spanningtree to rebuild its hashmaps when the national_case_insensitive_map changes
  • m_ssl_openssl Add user-friendly config options for setting a few OpenSSL context options
  • m_ssl_openssl Return an error from the IOHook read and write functions if the handshake returns 0
  • m_ssl_openssl Remove bogus errno assignment from CloseSession()
  • m_ssl_openssl Free the ssl_cert object as soon as the session is closed instead of waiting for the next VerifyCertificate() or new connection
  • m_ssl_openssl Reset data_to_write for new sessions
  • m_ssl_openssl Fix debug message
  • m_ssl_gnutls Refcount GnuTLS objects, free them when they are no longer in use instead of at /rehash ssl time
  • Add interface to SSL modules that allows other modules to obtain the raw SSL session of a socket
  • Initialize all fields of issl_session on module load in SSL modules
  • m_delayjoin Only send JOIN on mode change if the mode being changed is a prefix mode
  • Update <nationalchars> tag documentation
  • m_ssl_gnutls Add compile time option for allowing sha256 certificate fingerprints
  • m_ssl_openssl Add compile time option to enable ECDH
  • m_ssl_openssl Add compile time option that allows disabling renegotiations
  • Set the parameter of -b to the banmask actually removed
  • Check the return value of getnameinfo() on Windows in insp_inet_ntop() and return NULL if it fails
  • Fail AAAA DNS queries if inet_ntop() fails
  • m_delaymsg Add option to disallow NOTICEs too
  • Remove some dead code found by Coverity
  • Release v2.0.18

Sadie Powell (13):

  • Fix listmodes when the config does not specify a wildcard size entry.
  • Fix pkg-config not being used for OpenSSL on non-FreeBSD systems.
  • Add a work around for trampling over PKG_CONFIG_PATH.
  • Fix unit-cc not loading configure cache when building files.
  • Fix hash_map.h on non-GNU C++ standard library implementations.
  • Fix various warnings when building with LLVM 3.5.
  • Avoid calling methods on NULL pointers wherever possible.
  • Replace dodgy use of const char* and memcpy with std::string.
  • Kill some logically dead code detected by Coverity.
  • Add a workaround for compiling modules with Windows line endings.
  • Fix some small bugs in the makefile template.
  • Use clang++ on FreeBSD 10 instead of g++.
  • Use gnutls_rnd instead of gcry_randomize on newer GnuTLS versions.

Robin Burchell (2):

  • Fix an off-by-one on registration timeout handling.
  • Revert “Fix an off-by-one on registration timeout handling.”