Progress on ircd-hybrid-7.0.3-cj4-ssl patch

Alan LeVee alan.levee at
Tue Jun 14 18:35:28 EDT 2005



For all of you that read the last mailing list postings about
ircd-hybrid-7.0.3-cj4-ssl, this is an updated progress report on what is
concurrently going on with the testing. The patch has reached level 3 alpha
testing which means its close to going into the short term closed beta test
than a final release. Here is another summary of what it features and what
bugs it has fixed.


ircd-hybrid-7.0.3-cj4-ssl manifesto : features


:: Added an interface for IRC services (m_services.c) to better utilize
user-interaction with services.

:: Added SVSMODE support for HostServ and NickServ to enable the appropriate
new modes (+e and +h).

:: Added SVSNICK support to allow for services, server and IRC operator
called nickname changes.

:: Added user mode +h for virtual IP masking utilizing CRC32 tables and Gary
S. Brown's polymorphism formula.

:: Added user mode +e for identified/registered user to better handle
OperServ ACLs.

:: Added channel mode +c to block all forms of colour codes from being sent
to a channel.

:: Integrated toggle feature in code to allow the disabling and enabling of
the 3 IRC Operating Vote requirement for G: lines.

:: Added user mode +Q so that IRC operators may protect themselves from
KILL/FORCE{JOIN|PART|CYCLE}/GLINE. This is also code toggle based.

:: Added full client SSL support utilizing the patch from Tim Wojtulewicz.



ircd-hybrid-7.0.3-cj4-ssl manifesto : security and bug fixes


:: Complete re-write of WHOIS using snippets from contrib/m_whois.c and
added support for new modes, fixed WHOISACTUALLY and other problems.

:: Fixed deprecated POSIX head/tail calls that existed in configure scripts.

:: Fixed WHOISACTUALLY to transverse across hubs and leafs properly as well
as some minor security problems that existed in it.

:: Fixed WHOISIDLE to properly work for registered clients.

:: Removed show_ip clause from WHOISACTUALLY since it interfered with IP
cloaking and didn't work correctly in the first place.

:: Fixed some minor CLIENT registration bugs that were driving us nuts.

:: Fixed MAP to properly report links as well as restricting it to IRC
operators only.

:: Fixed critical security hole that existed in packet.c (CAN-2004-0605)
that was not in the source tree originally.

:: Fixed WHOISACTUALLY causing local users to get the REAL IP of other
people including spoof'd users.



ircd-hybrid-7.0.3-cj4-ssl manifesto : todo


:: Re-write the nickname collision code to utilize SVSNICK instead of
issuing KILL to solve collides.

:: Incorporate support for m_services.c (IRC Services Interface) to read
from the U: line block in the config.

:: Implement or somehow 'dirty code' in the ability to have more advanced
ACLs for caller id (+g) e.g nick!user at host.



ircd-hybrid-7.0.3-cj4-ssl manifesto : current known bugs in level 2 alpha


:: Cryptographic links apparently die when attempting to link to another
leaf/hub. Possible cause is SSL client code.



As you can see we've made some progress with the patch but it's taking time
to get this finally rolled out since myself and the lead project developer
(Michael 'PC^God' Locatelli) are rather occupied with other situations. We
hope to have it out soon though and possibly by the end of this month or
next. However, it should be noted that this is the last patch set we're
going to do for ircd-hybrid as we're looking into writing our own for
various reasons. It should also be noted that due to the extensive amount of
modifications that were done to ircd-hybrid, hybserv2 is no longer
compatible with it. Instead Anope services has been chosen as the
replacement and a patch set is already under way to be properly modified for
ircd-hybrid's IP cloaking ability and NickServ registration for user modes.


A technical white paper should be released at some point if I get around to
it (I move next Saturday) if not then this will have to suffice. If you have
any questions, please feel free to e-mail me or you may contact me until I
move on in #cservice. However, after Saturday, June
25th, I will be unavailable for an undetermined period of time whilst I get
settled in Winchester, Virginia.





Alan 'knight-' LeVee

ChatJunkies IRC Network ::

      IRC Operator

      Assistant Project Developer

      Public Relations Manager


Personal Site:

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the hybrid mailing list