From wobst.michael at web.de Sun Jul 5 10:39:34 2020 From: wobst.michael at web.de (Michael Wobst) Date: Sun, 5 Jul 2020 16:39:34 +0200 Subject: [hybrid] hybrid open proxy monitor (HOPM) release notification - hopm-1.1.8 Message-ID: http://downloads.sourceforge.net/project/ircd-hybrid/hopm/hopm-1.1.8/hopm-1.1.8.tgz md5: c7309d0f87aff3095e6ffd7a5fe3587b hopm-1.1.8.tgz sha1: 825d5142e773e45c54ae3749bb7c849231152cda hopm-1.1.8.tgz sha256: 06997fa949882ad766b7701501571211e47e6325ec0509b442c4d52647dee544 hopm-1.1.8.tgz -- Noteworthy changes in version 1.1.8 (2020-07-05) o) Minimum supported OpenSSL version is 1.1.1 now o) Experimental TLS support for the irc client part has been implemented. We only do TLSv1.2 and higher o) The irc::tls and irc::tls_hostname_verification configuration directives have been added o) A possible out-of-bounds write in the irc parser logic has been fixed -- Noteworthy changes in version 1.1.7 (2020-04-19) o) Fixed github issue #31: hopm attempts to open stderr for logging in non-debug/fork mode which can cause hopm to exit silently -- Noteworthy changes in version 1.1.6 (2019-04-21) o) Fixed issue with ssh banner scans where hopm would test connections only against the 'target_string' that's defined last in the scanner{} block o) Minimum supported OpenSSL version is 1.0.1f now -- Noteworthy changes in version 1.1.5 (2018-10-14) o) The ':', and ',' nickname delimiters work again o) Fixed a bug where the hopm process couldn't be restarted under certain conditions o) The hopm process can now be restarted from the command line via "kill -HUP" o) Added --enable-efence switch to allow easy linking with the electric fence memory debugger library o) Implemented proper support to kill users with vulnerable SSH versions by version announcement. Patch provided by falsovsky (Pedro de Oliveira). See doc/reference.conf for more information. o) Minimum supported OpenSSL version is 1.0.1d now -- Noteworthy changes in version 1.1.4 (2017-04-05) o) IPv6 blacklist support has been implemented o) The CHECK command now accepts IPv6 addresses o) The negative cache has been rewritten to use latest Net::Patricia C sources and does support IPv6 now o) Further code cleanups and optimizations -- Noteworthy changes in version 1.1.3 (2016-09-26) o) Allow inclusion of other configuration files in the main hopm.conf file. See doc/reference.conf for further information on how to use the new .include configuration directive. -- Noteworthy changes in version 1.1.2 (2016-05-15) o) Fixed archaic bug which can cause the scanner to either detect nothing or to detect everything and therefore even kill legit clients -- Noteworthy changes in version 1.1.1 (2016-01-03) o) Added 'command_queue_size', 'command_interval', and 'command_timeout', configuration directives to the options {} block. See doc/reference.conf for more information. o) Various updates to the reference.conf; added updated 'connregex' directives for ircd-hybrid in conjunction with user mode +F (far connect notices), and UnrealIRCd 4.0.0, which now uses a different format for connect notices o) Minor code cleanups -- Noteworthy changes in version 1.1.0 (2015-08-07) o) options::pidfile and options::scanlog can now be relative pathnames o) Due to security reasons the PROTOCOLS command has been removed again -- Noteworthy changes in version 1.1.0beta1 (2015-07-02) o) Added HTTPS support for SSL/TLS-enabled HTTP proxies which seem to be used quite a lot on IRC nowadays. LibreSSL or OpenSSL 0.9.8o and above is required for this to work. o) Added new HTTPS and HTTPSPOST protocol configuration directives to the scanner {} block. -- Noteworthy changes in version 1.0.8 (2015-06-25) o) Added options::reconnectinterval configuration option. See doc/reference.conf for more information. o) Added options::dns_timeout configuration option. See doc/reference.conf for more information. o) Further modernizations and cleanups to the build system o) HOPM now compiles with -fstack-protector-strong and -fstack-protector, respectively, depending on what the compiler supports o) Added --enable-assert switch to ./configure. assert() statements are now disabled by default and can be enabled with ./configure --enable-assert o) Added --enable-warnings switch to ./configure, which enables various compiler warnings if supported by the compiler -- Noteworthy changes in version 1.0.7 (2015-06-06) o) HOPM can now detect Dreamboxes with default root passwords o) Fixed bug where the configuration parser would report syntax errors with invalid line numbers when there are multi-line C-style comments in the config file o) Minor code cleanups -- Noteworthy changes in version 1.0.6 (2015-05-27) o) HOPM now catches MikroTik HttpProxies -- Noteworthy changes in version 1.0.5 (2015-05-04) o) Fixed bug where HOPM couldn't connect to the server specified in the irc {} block on some OS -- Noteworthy changes in version 1.0.4 (2015-03-17) o) Log timestamp format is ISO8601 now o) Added 'protocols' command which dumps a list of configured scanners and their associated protocols/ports to a channel o) Code cleanups and performance improvements -- Noteworthy changes in version 1.0.3 (2015-01-28) o) Fixed bug where HOPM wouldn't try re-connecting to the server in case the connection got lost o) Added irc::notice configuration option -- Noteworthy changes in version 1.0.2 (2015-01-12) o) Added options::negcache_rebuild configuration option o) Added basic IPv6 support allowing HOPM to bind and connect to IPv6 addresses o) Many code cleanups and optimizations -- Noteworthy changes in version 1.0.1 (2015-01-06) o) Fixed build on OS X o) More code cleanups, no user-visible changes -- Noteworthy changes in version 1.0.0 (2015-01-03) o) Minor stabilization and performance improvements -- Noteworthy changes in version 1.0.0beta2 (2014-12-31) o) Added irc::readtimeout configuration option o) Many code cleanups and optimizations o) Worked towards IPv6 support o) Fixed reference.conf from causing syntax errors o) HOPM now uses poll() for I/O event notification instead of select() -- Noteworthy changes in version 1.0.0beta1 (2014-12-25) ######################################################################## o) NOTE: this is the first release of the hybrid open proxy monitor (HOPM) fully based off the discontinued blitzed open proxy monitor (BOPM) 3.1.3 ######################################################################## o) Modernized and cleaned up build system o) Modernized the example configuration file. Removed/updated blacklist entries. o) The configuration parser now does support time and size units o) The configuration parser now does support c++ style comments o) Fixed a memory leak in conjunction with manual scans o) Fixed weird behaviour in the command parser o) Code hardening. Replaced occurences of strcpy/strcat with strlcpy/strlcat, etc. o) Various code cleanups and optimizations o) The irc::away configuration option is now optional -------------------------------------------------------------------------------- BUG REPORTS: If you run this code and encounter problems, you must report the bug by EMAIL to bugs at ircd-hybrid.org Please include a gdb backtrace and a copy of your setup.h and hopm.conf with any report (with passwords and other sensitive information masked). DISCUSSION: There is a mailing list for discussion of hopm issues, including betas. To subscribe, use this link: https://lists.ircd-hybrid.org/mailman/listinfo/hybrid This is the proper place to discuss new features, bugs, etc. Questions/comments directed to bugs at ircd-hybrid.org Other files recommended for reading: README, INSTALL -------------------------------------------------------------------------------- $Id: NEWS 9509 2020-07-05 13:56:14Z michael $