All notable changes to Ergo will be documented in this file.
We’re pleased to be publishing v2.13.0, a new stable release. This is a bugfix release that fixes some issues, including a crash.
This release includes no changes to the config file format or database format.
Many thanks to @dallemon, @jwheare, @Mikaela, @nealey, and @Sheikah45 for contributing patches, reporting issues, and helping test.
/
(or the configured RELAYMSG
separator) in their names (#2114, thanks @Mikaela!)Message-ID
header, improving compatibility with Gmail (#2108, #2110)REDACT_FORBIDDEN
(#2101, thanks @jwheare!)We’re pleased to be publishing v2.12.0, a new stable release. This is another bugfix release aimed at improving client compatibility and keeping up with the IRCv3 specification process.
This release includes changes to the config file format, one of which is a compatibility break: if you were using accounts.email-verification.blacklist-regexes
, you can restore the previous functionality by renaming blacklist-regexes
to address-blacklist
and setting the additional key address-blacklist-syntax: regex
. See default.yaml for an example; for more details, see the “Changed” section below.
This release includes a database change. If you have datastore.autoupgrade
set to true
in your configuration, it will be automatically applied when you restart Ergo. Otherwise, you can update the database manually by running ergo upgradedb
(see the manual for complete instructions).
Many thanks to @adsr, @avollmerhaus, @csmith, @EchedeyLR, @emersion, @eskimo, @julio-b, knolle, @KoxSosen, @Mikaela, @mogad0n, and @progval for contributing patches, reporting issues, and helping test.
accounts.email-verification.blacklist-regexes
in favor of address-blacklist
, address-blacklist-syntax
, and address-blacklist-file
. See the “Changed” section below for the semantics of these new keys. (#1997, #2088)implicit-tls
(TLS from the first byte) support for MTAs (#2048, #2049, thanks @EchedeyLR!)allow-truncation: true
(the recommended default is false
) where Ergo could truncate a message in the middle of a UTF-8 codepoint (#2074)CHATHISTORY TARGETS
being sent in a batch even without negotiation of the batch
capability (#2066, thanks @julio-b!)/REHASH
are now properly sanitized before being sent to the user, fixing an edge case where they would be dropped (#2031, thanks @eskimo!*
and ?
as wildcard characters), as opposed to the full Go regular expression syntax. To enable full regular expression syntax, set address-blacklist-syntax: regex
.CGO_ENABLED=1
. (#2023)make
target is now build
(which builds an ergo
binary in the working directory) instead of install
(which builds and installs an ergo
binary to ${GOPATH}/bin/ergo
). Take note if building from source, or testing Ergo in development! (#2047)make irctest
now depends on make install
, in an attempt to ensure that irctest runs against the intended development version of Ergo (#2047)Ergo 2.11.1 is a bugfix release, fixing a denial-of-service issue in our websocket implementation. We regret the oversight.
This release includes no changes to the config file format or database file format.
We’re pleased to be publishing v2.11.0, a new stable release. This is another bugfix release aimed at improving client compatibility and keeping up with the IRCv3 specification process.
This release includes changes to the config file format, all of which are fully backwards-compatible and do not require updating the file before upgrading. It includes no changes to the database file format.
Many thanks to dedekro, @emersion, @eskimo, @FiskFan1999, hauser, @jwheare, @kingter-sutjiadi, knolle, @Mikaela, @mogad0n, @PeGaSuS-Coder, and @progval for contributing patches, reporting issues, and helping test.
fakelag.command-budgets
, which allows each client session a limited number of specific commands that are exempt from fakelag. This improves compatibility with Goguma in particular. For the current recommended default, see default.yaml
(#1978, thanks @emersion!)server.casemapping
is now ascii
instead of precis
. PRECIS remains fully supported; if you are already running an Ergo instance, we do not recommend changing the value unless you are confident that your existing users are not relying on non-ASCII nicknames and channel names. (#1718)NickServ
now appear in WHO
responses where applicable (#1850, thanks @emersion!)extended-monitor
capability now appears under its ratified name (#2006, thanks @progval!)TAGMSG
no longer receives automatic RPL_AWAY
responses (#1983, thanks @eskimo!)UBAN
now states explicitly that bans without a time limit have “indefinite” duration (#1988, thanks @mogad0n!)WHO
with a bare nickname as an argument now shows invisible users, comparable to WHOIS
(#1991, thanks @emersion!)CHATHISTORY
005 token (#2008, #2009, thanks @emersion!)::1
in WHOX output (#1980, thanks knolle!)AWAY
with an empty parameter (the de facto standard is to treat as a synonym for no parameter, which means “back”) (#1996, thanks @emersion, @jwheare!)CS AMODE
(#2002, thanks @eskimo!)NS SAVERIFY
(#2021, thanks @FiskFan1999!)draft/persistence
capability and associated PERSISTENCE
command. This is a first attempt to standardize Ergo’s “always-on” functionality so that clients can interact with it programmatically. (#1982)SIGUSR1
to the Ergo process now prints a full goroutine stack dump to stderr, allowing debugging even when the HTTP pprof listener is disabled (#1975)We’re pleased to be publishing v2.10.0, a new stable release.
This release contains no changes to the config file format or database file format.
Many thanks to @csmith, @FiskFan1999, @Mikaela, @progval, and @thesamesam for contributing patches, and to @emersion, @eskimo, @FiskFan1999, @jigsy1, @Mikaela, @mogad0n, @progval, and @xnaas for reporting issues and helping test.
history.chathistory-maxmessages
has been increased to 1000
(previously 100
) (#1919)AMODE +v
) in a channel is now treated as a permanent invite (i.e. overriding +i
on the channel) (#1901, thanks @eskimo!)+R
, sending a direct message to an anonymous user allows them to send you replies (#1687, #1688, thanks @Mikaela and @progval!)0
is no longer valid as a nickname or account name, with a grandfather exception if it was registered on a previous version of Ergo (#1896)bot
instead of draft/bot
(#1938)SAREGISTER
is allowed even under DEFCON
levels 4 and lower (#1922)history
capability are now exempted from time cutoff restrictions on history retrieval (#1593, #1955)draft/read-marker
capability, allowing server-side tracking of read messages for synchronization across multiple clients. (#1926, thanks @emersion!)INFO
now includes the server start time (#1895, thanks @xnaas!)ACCEPT
command modeled on Charybdis/Solanum, allowing +R
users to whitelist users who can DM them (#1688, thanks @Mikaela!)NS SAVERIFY
for operators to manually complete an account verification (#1924, #1952, thanks @tacerus!)samode
operator capability made all uses of the KICK
command privileged (i.e. overriding normal channel privilege checks); this has been fixed (#1906, thanks @pcho!)LIST <n
always returning no results (#1934, thanks @progval and @mitchr!)QUIT
snotice without a corresponding CONNECT
snotice (#1941, thanks @tacerus, @xnaas!)319 RPL_WHOISCHANNELS
responses (#1935, thanks @Mikaela!)LIST
returning 403 ERR_NOSUCHCHANNEL
for a nonexistent channel; the correct response is an empty list (#1928, thanks @emersion!)+s
(“secret”) channels not appearing in LIST
even when the client is already a member (#1911, #1923, thanks @jigsy1 and @FiskFan1999!)HISTSERV DELETE
by always requiring a consistent number of parameters (#1881, #1927, thanks @FiskFan1999!)431 ERR_NONICKNAMEGIVEN
; this has been fixed (#1933, #1936, thanks @kylef!)znc.in/playback
timestamps are now parsed as pairs of exact integers, not as floats (#1918)Ergo 2.9.1 is a bugfix release, fixing a regression introduced in 2.9.0. We regret the oversight.
This release includes no changes to the config file format or database format relative to 2.9.0.
Many thanks to @FiskFan1999 for reporting the issue.
We’re pleased to be publishing 2.9.0, a new stable release. This release contains mostly bug fixes, with some enhancements to moderation tools.
This release includes changes to the config file format, all of which are fully backwards-compatible and do not require updating the file before upgrading. It includes no changes to the database file format.
Many thanks to @erincerys, @FiskFan1999, @mogad0n, and @tacerus for contributing patches, and to @ajaspers, @emersion, @FiskFan1999, @Jobe1986, @kylef, @Mikaela, @mogad0n, @pcho, and @progval for reporting issues and helping test.
lock-file
, which helps protect against accidentally starting multiple instances of Ergo. This is a no-op if unset. The recommended default value is ircd.lock
, which (like the default datastore path ircd.db
) is relative to the working directory of the Ergo process. If your datastore.path
is absolute, this path (if set) should be absolute as well. (#1823)+C
(no channel-wide CTCP messages other than ACTION) is now a recommended default channel mode (#1851)exempt-sasl
boolean to server.ip-check-script
; if enabled, IP check scripts are run only for connections without SASL, improving performance for registered users (#1888)hidden: true
is now the recommended default for operator definitions (#1730)+R
have been changed. +R
now only prevents unauthenticated users from joining, so unregistered users who have already joined can still speak. The old semantics are still available via +RM
(i.e. +R
together with the +M
“moderated-registered” mode). (#1858, thanks @ajaspers!)+I
invite exception mask can now join +R
channels (#1871)+b
bans (#1876, thanks @progval!)ban
operator capability, as opposed to accreg
(#1828, #1839, thanks @mogad0n!)NOTE AUTHENTICATE VERIFICATION_REQUIRED
standard reply code (#1852, #1853, thanks @emersion!)v
snomask is now used to send notifications about vhost changes initiated by operators (#1844, thanks @pcho!)NS PASSWD <password> * *
as expected; this has been fixed (#1883, #1884, thanks @FiskFan1999!)+b m:
; this has been fixed (#1838, thanks @mogad0n!)force-nick-equals-account
was disabled and the nick did not coincide with the account; this has been fixed (#1860, thanks @eskimo!)315 RPL_ENDOFWHO
now sends the exact, un-normalized mask argument provided by the client (#1831, thanks @progval!)$
character is now disallowed in new nicknames and account names, to avoid collision with the massmessage syntax (#1857, thanks @emersion!)o
parameter of WHO
now returns an empty list of results, instead of being ignored (#1730, thanks @kylef, @emersion, @progval!)*
instead of 0
(#1866, thanks @Jobe1986!)We’re pleased to be publishing Ergo 2.8.0. This release contains many fixes and enhancements, plus one major user-facing feature: user-initiated password resets via e-mail (#734).
This release includes changes to the config file format, all of which are fully backwards-compatible and do not require updating the file before upgrading.
This release includes a database change. If you have datastore.autoupgrade
set to true
in your configuration, it will be automatically applied when you restart Ergo. Otherwise, you can update the database manually by running ergo upgradedb
(see the manual for complete instructions).
As part of this release, our official Docker images have moved from Docker Hub to the GitHub Container Registry, at ghcr.io/ergochat/ergo
. The stable
and master
tags correspond to the respective branches. Tagged releases (e.g. v2.8.0
) are available under the corresponding named tags.
Many thanks to @ajaspers, @delthas, @mogad0n, @majiru, @ProgVal, and @tacerus for contributing patches, to @ajaspers for contributing code review, to @ajaspers, @cxxboy, @dallemon, @emersion, @erikh, @eskimo, @jwheare, @kylef, @Mikaela, @mogad0n, @MystaraTheGreat, @ProgVal, @tacerus, @tamiko, and @xnaas for reporting issues and helping test, and to our translators for contributing translations.
accounts.registration.email-verification.password-reset
block to configure e-mail-based password reset (#734, #1779)accounts.registration.email-verification.timeout
to impose a timeout on e-mail sending; the recommended default value is 60s
(60 seconds) (#1741)server.suppress-lusers
to allow hiding the LUSERS counts (#1802, thanks @eskimo!)accounts.registration.email-verification.timeout
to impose a timeout on e-mail sending; the recommended default value is 60s
(60 seconds) (#1741)email-verification
block in default.yaml
for more information.draft/extended-monitor
capability (#1761, thanks @delthas!)NS INFO
now shows the user’s email address (you can also view your own address) (#1677, thanks @ajaspers!)/WHOWAS
output (#1702, thanks @ajaspers!)+s d
snomask, for operators to receive information about session disconnections that do not result in a full QUIT (#1709, #1728, thanks @mogad0n!)SCRAM-SHA-256
SASL authentication mechanism (#175). This mechanism is not currently advertised in CAP LS
output because IRCCloud handles it incorrectly. We also recommend against using SCRAM because of its lack of genuine security benefits./UBAN LIST
output now includes the time the ban was created (#1725, #1755, thanks @Mikaela and @mogad0n!)Type=notify
systemd service (#1733)/QUOTE
(#1530)+M
(only registered users can speak) channel mode did not work; this has been fixed (#1696, thanks @Mikaela!)/RENAME
that only changed the case of the channel would delete the channel registration; this has been fixed (#1751, thanks @Mikaela!)allow-truncation: true
not actually allowing truncation of overlong lines (#1766, thanks @tacerus!)CHATHISTORY
(#1676, thanks @emersion!)TARGMAX
005 parameter that advertises this, and the default kick message (#1748, #1777, #1776), thanks @ProgVal!)/SAMODE
on a channel not producing a snomask (#1787, thanks @mogad0n, @ajaspers!)+f
to a channel with SAMODE
used to require channel operator privileges on the receiving channel; this has been fixed (#1825, thanks @Mikaela!)697 ERR_LISTMODEALREADYSET
and 698 ERR_LISTMODENOTSET
(#1727, thanks @kylef!)696 ERR_INVALIDMODEPARAM
(#1773, thanks @kylef!)+k
with an empty parameter (#1774, #1775, thanks @ProgVal!)WHOWAS
with an empty string as the parameter now produces an appropriate error response (#1703, thanks @kylef!)USER
line (#1778, thanks @ProgVal!)/UBAN ADD
of a NUH mask (i.e. a k-line) not killing affected clients (#1736, thanks @mogad0n!)+i
is configured as a default mode for channels (#1756, thanks @Mikaela!)channels.operator-only-creation
not respecting /SAJOIN
or always-on clients (#1757)/NS PASSWD
on a nonexistent account (#1738, thanks @Mikaela!)CHATHISTORY
fail message (#1731, thanks @ProgVal!)draft/register
capability to the latest draft/account-registration
iteration (#1740)+v
or higher can now speak in +R
(registered-only) channels (#1715, thanks @Mikaela and @ajaspers!)338 RPL_WHOISACTUALLY
now displays an arbitrarily chosen client IP address (#1650, thanks @MystaraTheGreat!)#
can no longer be used in new account names and nicknames, or as the RELAYMSG separator (#1679)oragono.io/nope
capability was renamed to ergo.chat/nope
(#1793)never
is no longer accepted as a value of the replay-joins
NickServ setting (/NS SET replay-joins
); user accounts which enabled this setting have been reverted to the default value of commands-only
(#1676)We’re pleased to be publishing Ergo 2.7.0, our first official release under our new name of Ergo. This release contains bug fixes and minor enhancements.
This release includes changes to the config file format, all of which are fully backwards-compatible and do not require updating the file before upgrading. This release includes no changes to the database format.
Because the name of the executable has changed from oragono
to ergo
(ergo.exe
on Windows), you may need to update your system configuration (e.g., scripts or systemd unit files that reference the executable).
Many thanks to @ajaspers and @jesopo for contributing patches, to @ajaspers, @ChrisTX, @emersion, @jwheare, @kylef, @Mikaela, @mogad0n, and @ProgVal for reporting issues and helping test, and to our translators for contributing translations.
server.listeners
now take a new key, min-tls-version
, that can be used to set the minimum required TLS version; the recommended default value is 1.2
(#1611, thanks @ChrisTX!)max-conns
(maximum connection count) and max-conn-lifetime
(maximum lifetime of a connection before it is cycled) to datastore.mysql
(#1622)massmessage
operator capability to allow sending NOTICEs to all connected users (#1153, #1629, thanks @jesopo!)require-sasl.enabled
is set to true
, tor-listeners.require-sasl
will be automatically set to true
as well (#1636)min-tls-version
key in listener configuration/NOTICE $$*
will send a NOTICE
to all users (#1153, #1629, thanks @jesopo!)server.max-line-len
configuration key. This is not recommended for use outside of “closed-circuit” deployments where IRC operators have full control of all client software. (#1651)RELAYMSG
now sends a full NUH (“nick-user-host”), instead of only the relay nickname, as the message source (#1647, thanks @ProgVal, @jwheare, and @Mikaela!)/LIST
after unregistration (#1619, thanks @ajaspers!)JOIN
lines in +u
(“auditorium”) channels (#1642)NS INFO
responses (#1627, thanks @ajaspers!)REGISTER
command would emit an invalid error message (#1633, thanks @ajaspers!)draft/resume-0.5
capability, and the associated RESUME
and BRB
commands (#1624)Oragono 2.6.1 is a bugfix release, fixing a security issue that is critical for some private server configurations. We regret the oversight.
The issue affects two classes of server configuration:
server.password
(i.e., the PASS
command) for protection. If accounts.registration.allow-before-connect
is enabled, the REGISTER
command can be used to bypass authentication. Affected operators should set this field to false
, or upgrade to 2.6.1, which disallows the insecure configuration. (If the field does not appear in the configuration file, the configuration is secure since the value defaults to false when unset.)accounts.require-sasl
for protection. If these servers do not additionally set accounts.registration.enabled
to false
, the REGISTER
command can potentially be used to bypass authentication. Affected operators should set accounts.registration.enabled
to false; this recommendation appeared in the operator manual but was not emphasized sufficiently. (Configurations that require SASL but allow open registration are potentially valid, e.g., in the case of public servers that require everyone to use a registered account; accordingly, Oragono 2.6.1 continues to permit such configurations.)This release includes no changes to the config file format or the database.
Many thanks to @ajaspers for reporting the issue.
REGISTER
command (#1634, thanks @ajaspers!)We’re pleased to announce Oragono 2.6.0, a new stable release.
This release has some user-facing enhancements, but is primarily focused on fixing bugs and advancing the state of IRCv3 standardization (by publishing a release that implements the latest drafts). Some highlights:
+B
in our implementation) (#1562)This release includes changes to the config file format, all of which are fully backwards-compatible and do not require updating the file before upgrading.
This release includes no changes to the embedded database format. If you are using MySQL for history storage, it adds a new table; this change is backwards and forwards-compatible and does not require any manual intervention.
If you are using nginx as a reverse proxy for IRC-over-websockets, previous documentation did not recommend increasing proxy_read_timeout
; the default value of 60s
is too low and can lead to user disconnections. The current recommended value is proxy_read_timeout 600s;
; see the manual for an example configuration.
Many thanks to @ajaspers and @Mikaela for contributing patches, to @aster1sk, @emersion, @eskimo, @hhirtz, @jlu5, @jwheare, @KoraggKnightWolf, @kylef, @Mikaela, @mogad0n, @ProgVal, and @szlend for reporting issues and helping test, and to our translators for contributing translations.
server.compatibility.allow-truncation
, controlling whether the server accepts messages that are too long to be relayed intact; this value defaults to true
when unset (#1577, #1586, thanks @kylef!)snomasks
operator capability; operators must have either the ban
or snomasks
capability to subscribe to additional snomasks (#1176)UTF8ONLY
guarantee, or to a text-mode websocket client (#1575, #1596, thanks @ProgVal!)UBAN
now produces snomasks and audit loglines (#1518, thanks @mogad0n!)draft/register
specification (#1568, thanks @ProgVal!)433 ERR_NICKNAMEINUSE
is no longer sent when a fully connected (“registered”) client fails to claim a reserved nickname, fixing a bad interaction with some client software (#1594, thanks @ProgVal!)znc.in/playback
commands causing client disconnections when history is disabled (#1552, thanks @szlend!)696 ERR_INVALIDMODEPARAM
response for invalid channel keys (#1563, thanks @ProgVal!)CS TRANSFER
error messages (#1534, thanks burning!)/LIST
output, even with no members (#1507)server.compatibility.allow-truncation
; this field defaults to true
when unset, preserving the legacy behavior for older config files (#1577, #1586, thanks @kylef!)+R
registered-only usermode now produce an error message (#1064, thanks @KoraggKnightWolf, @ajaspers!)CS OP
will regrant your channel AMODE
, in case you removed it (#1516, #1307, thanks @jlu5!):
(#1571)CS AMODE
and NS UNREGISTER
(#1524, #1545, thanks @Mikaela!)WARN NICK ACCOUNT_REQUIRED
is sent on failed attempts to claim a reserved nickname (#1594)NS CLIENTS LIST
displays enabled client capabilities (#1576)CS INFO
with no arguments lists your registered channels (#765)NS PASSWORD
is now accepted as an alias for NS PASSWD
(#1547)Oragono 2.5.1 is a bugfix release that fixes a significant security issue. We apologize for the oversight.
This release includes no changes to the config file format or the database.
Many thanks to @xnaas for reporting the issue.
We’re pleased to announce Oragono 2.5.0, a new stable release.
This release includes enhancements based on the needs of real-world operators, as well as bug fixes. Highlights include:
UBAN
, a new “unified ban” system for server operators, with a corresponding CHANSERV HOWTOBAN
command for channel operators (#1447)+f
(#1260)This release includes changes to the config file format, including two breaking changes. One is fairly significant: enabling a websocket listener now requires the use of server.enforce-utf8
, as has been the recommended default since 2.2.0 (so continuing to accept legacy non-UTF-8 content will require disabling websockets). The other is that the “unban” operator capability has been removed (it is now included in the “ban” capability). Other config changes are backwards compatible and do not require updating the file before upgrading.
This release includes a database change. If you have datastore.autoupgrade
set to true
in your configuration, it will be automatically applied when you restart Oragono. Otherwise, you can update the database manually by running oragono upgradedb
(see the manual for complete instructions).
Many thanks to @jlu5, @kylef and @Mikaela for contributing patches, to @bogdomania, @eskimo, @happyhater, @jlu5, @kylef, @LukeHoersten, @Mikaela, @mogad0n, @robinlemon, and @vertisan for reporting issues and helping test, and to our translators for contributing translations.
server.enforce-utf8 = true
(#1483)proxy
is now a top-level field of the listener config block; in particular, the PROXY protocol (v1 or v2) can now be required ahead of a plaintext connection. The field is still accepted in its legacy position (inside the tls
block). (#1389, thanks @robinlemon!)accounts.multiclient.always-on-expiration
, allowing always-on clients to be timed out for inactivity (#810, thanks @bogdomania!)local_
prefixes have been stripped from operator capability names, so that, e.g., local_ban
is now just ban
. The old names are still accepted. (#1442)local_unban
operator capability has been removed (unbanning is now contained in the ban
permission). (#1442)accounts.bcrypt-cost
is now 4
, the minimum acceptable value (#1497)server.ip-limits.custom-limits
now accepts networks that contain multiple CIDRs; the old syntax is still accepted (#1421, thanks @Mikaela!history.restrictions.query-cutoff
, generalizes the old history.restrictions.enforce-registration-date
(the old field is still accepted) (#1490, thanks @Mikaela!)server.override-services-hostname
, allowing the hostname of NickServ, ChanServ, etc. to be overridden (#1407, thanks @Mikaela!)hide-sts
key to the listener block; this can be used to hide the STS CAP when the listener is secured at layer 3 or 4 (e.g., by a VPN or an E2E mixnet). It will still be necessary to add the relevant IPs to secure-nets
. (#1428, thanks @Mikaela!)DEFCON 4
and lower now require Tor users to authenticate with SASL (#1450)NS UNSUSPEND
requiring the casefolded / lowercase version of the account name (#1382, thanks @mogad0n!)PRIVMSG
not being replayed (#1411)RENAME
(i.e., channel rename) (#1456, thanks @mogad0n!)KLINE
response (#1379, thanks @mogad0n!)RELAYMSG
tag name is now draft/relaymsg
, conforming to the amended draft specification (#1468, thanks @jlu5!)SAJOIN
not sending a MODE
line to the originating client (#1383, thanks @mogad0n!)CS AMODE
(#1383, thanks @mogad0n!)JOIN
line sent to some clients using the draft/resume-0.5
extension (#1397, thanks @kylef!)+o
, +v
) of always-on clients are now persisted in the database (#1345)/CHANSERV PURGE
now takes ADD
, DEL
, and LIST
subcommands; the separate UNPURGE
command has been removed; PURGE ADD
now requires a confirmation code (#1294, thanks @mogad0n!)<
, >
, '
, "
, and ;
are no longer allowed in nicknames (previously registered account names containing these characters are still accepted) (#1436, thanks @happyhater!)*!*@tor-network.onion
(#1479, thanks @mogad0n!)001 RPL_WELCOME
(#1410)RELAYMSG
can now take client-only tags (#1470)text.ircv3.net
subprotocol; negotiating this is optional for clients (#1483)UBAN
, a new command giving server operators a unified interface to D-LINEs (IP bans), K-LINEs (NUH mask bans, which are now deprecated), and account suspensions (NS SUSPEND
) (#1447)CHANSERV HOWTOBAN
, a ChanServ subcommand that helps channel operators choose an appropriate ban (#1447)+f
; users who cannot join the channel due to +i
or +l
will be forwarded to the channel specified by +f
. (#1260)/JOIN 0
(part all channels), requiring a confirmation code (#1417, thanks @Mikaela!)INVITE
(#1409, thanks @Mikaela!)/CS SET
: history-cutoff
, allowing the channel owner more fine-grained control over who can see history (#1490, thanks @Mikaela!)UTF8ONLY
ISUPPORT token, allowing the server to advertise to clients that only UTF-8 content is accepted (#1483)/NICKSERV RENAME
, an operator-only command that can change the case of an account name (#1380, thanks @LukeHoersten!)We’re pleased to announce Oragono 2.4.0, a new stable release.
This release includes a number of exciting enhancements and fixes. Here are some highlights:
+u
(“auditorium”, #1300), +U
(“op-moderated”, #1178), +M
(“moderated-registered”, #1182, thanks @ajaspers!), and +b m:
(an extban for muting users, #307)This release includes changes to the config file format, including one breaking change: roleplay.enabled
now defaults to false (the new recommended default) instead of true when unset. Other config changes are backwards compatible and do not require updating the file before upgrading.
This release includes a database change. If you have datastore.autoupgrade
set to true
in your configuration, it will be automatically applied when you restart Oragono. Otherwise, you can update the database manually by running oragono upgradedb
(see the manual for complete instructions).
Many thanks to @ajaspers, @jesopo, @moortens, and @RunBarryRun for contributing patches, to @csmith for contributing code reviews, to @ajaspers, @Amiga60077, @bogdomania, @csmith, @edk0, @eskimo, @jlu5, @jwheare, @KoraggKnightWolf, @Mitaka8, @mogad0n, @RyanSquared, and @vertisan for reporting issues and helping test, and to our translators for contributing translations.
server.ip-cloaking.enabled-for-always-on
, which generates a unique hostname for each always-on client. The recommended default value of this field is true
(#1312)server.coerce-ident
; if this is set to a string value, all user/ident fields supplied by clients are ignored and replaced with this value. The recommended default value of this field is ~u
. This simplifies bans. (#1340)accounts.nick-reservation.email-verification
section. The old format (callbacks
) is still accepted (#1075)roleplay.enabled
is now false
; this field now defaults to false when unset (#1240, #1271)server.relaymsg
section for configuring the new draft/relaymsg
capability; added the new relaymsg
operator capability for exercising it (#1119)allow-environment-overrides
config variable, allowing config options to be overridden by environment variables. See the manual for more details. (#1049, thanks @csmith!)server.ip-check-script
for configuring IP check plugins (#68, #1267, thanks @moortens!)max-concurrency
restriction to accounts.auth-script
section. The recommended default value is 64
(0
or unset disable the restriction) (#1267)accounts.registration.allow-before-connect
; this allows the use of the new REGISTER
command before connecting to the server (#1075)hidden
option in operator blocks: if set to true
, operator status is hidden from commands like WHOIS
that would otherwise display it (#1194)accounts.nick-reservation.forbid-anonymous-nick-changes
, which forbids anonymous users from changing their nicknames after initially connecting (#1337, thanks @Amiga60077!)channels.invite-expiration
, allowing invites to +i
channels to expire after a given amount of time (#1171)/NICKSERV CLIENTS LOGOUT
command for disconnecting clients connected to a user account (#1072, #1272, thanks @ajaspers!)INVITE
for invite-only channels, including an UNINVITE
command (#1171)REQUEST
, APPROVE
, and REJECT
subcommands of HOSTSERV
(#1346)PONG
is now sent with the server name as the first parameter, matching the behavior of other ircds (#1249, thanks @jesopo!)+T
no-CTCP user mode; this has been fixed (#1299, thanks @mogad0n!)/NICKSERV SAREGISTER
of confusable nicknames (#1322, thanks @mogad0n!)LUSERS
counts caused by KLINE (#1303, thanks @mogad0n!)CHATHISTORY
queries for invalid channels now get an empty batch instead of a FAIL
(#1322)fakelag.messages-per-window = 0
no longer causes a panic (#861, thanks @vertisan!)oragono importdb
command for importing a converted Anope or Atheme database; see the manual for details (#1042)ip-check-script
, a scripting API for restricting access by client IP. We provide oragono-dnsbl, an external script that can query DNSBLs for this purpose (#68, #1267, thanks @moortens!)+u
. This is an “auditorium” mode that prevents unprivileged users from seeing each other’s JOIN
and PART
lines. It’s useful for large public-announcement channels, possibly in conjunction with +m
(#1300)+U
. This is an “op-moderated” mode; messages from unprivileged users are sent only to channel operators, who can then choose to grant them +v
. (#1178)+b m:
: users matching the ban expression (e.g., +b m:*!*@j6dwi4vacx47y.irc
) will be able to join the channel, but will be unable to speak. (#307)379 RPL_WHOISMODES
line to the WHOIS
response, making it easier for operators to see other users’ modes (#769, thanks @Amiga60077 and @KoraggKnightWolf!)/CHANSERV DEOP
command for removing channel operator privileges (#361, thanks @RunBarryRun!)r
flag to /WHO
responses for registered nicknames (#1366, thanks @Amiga60077!)~u
by default, instead of ~user
; this can be changed by setting the coerce-ident
field (#1340)/NICKSERV SUSPEND
has been modified to take subcommands (ADD
, DEL
, and LIST
); the ADD
subcommand now accepts time duration and reason arguments. See /msg NickServ HELP SUSPEND
for details. (#1274, thanks @mogad0n!)/NICKSERV SESSIONS
is now /NICKSERV CLIENTS LIST
, but the old command is still accepted (#1272, thanks @ajaspers!)SETNAME
behavior for legacy clients (#1358, thanks @KoraggKnightWolf!)conventional.yaml
to traditional.yaml
(#1350)We’re pleased to announce Oragono 2.3.0, a new stable release.
This release contains primarily bug fixes, but includes one notable feature enhancement: a change contributed by @hhirtz that updates the draft/rename
specification to correspond to the new (soon-to-be) published draft.
Many thanks to @hhirtz for contributing patches, to @bogdomania, @digitalcircuit, @ivan-avalos, @jesopo, @kylef, @Mitaka8, @mogad0n, and @ProgVal for reporting issues and helping test, and to our translators for contributing translations.
This release includes no changes to the config file format or database changes.
lookup-hostnames
for configurations that cloak IPs (as has been the default since 2.1.0) is now false
(#1228)/HOSTSERV OFFERLIST
and related commands; this functionality is superseded by IP cloaking (#1190)*playback
not receiving echo-message when applicable (#1204, thanks @kylef!)We’re pleased to announce Oragono 2.2.0, a new stable release.
This release contains several notable enhancements, as well as bug fixes:
Many thanks to @clukawski and @jesopo for contributing patches, to @ajaspers, @bogdomania, @csmith, @daurnimator, @emersonveenstra, @eskil, @eskimo, Geo-, @happyhater, @jesopo, @jwheare, @k4bek4be, @KoraggKnightWolf, @kylef, @LukeHoersten, @mogad0n, r3m, @RyanSquared, savoyard, and @wrmsr for reporting issues and helping test, and to our translators for contributing translations.
This release includes changes to the config file format, including one breaking change: timeout
is no longer an acceptable value of accounts.nick-reservation.method
. (If you were using it, we suggest strict
as a replacement.) All other changes to the config file format are backwards compatible and do not require updating before restart.
This release includes a database change. If you have datastore.autoupgrade
set to true
in your configuration, it will be automatically applied when you restart Oragono. Otherwise, you can update the database manually by running oragono upgradedb
(see the manual for complete instructions).
strict
as the default enforcement method. Users who configured timeout
for their account will be upgraded to strict
. With accounts.login-via-pass-command
enabled, clients lacking support for SASL can authenticate via the PASS
(server password command) by sending account_name:account_password
as the server password. (#1027)server.enforce-utf8
, controlling whether the server enforces that messages be valid UTF-8; a value of true
for this is now the recommended default (#1151)history.tagmsg-storage
for configuring which TAGMSG are stored in history; if this is not configured, TAGMSG will not be stored (#1172)certfp
instead of fingerprint
(the old name of fingerprint
is still accepted) (#1050, thanks @RyanSquared!)accounts.auth-script
section for configuring external authentication scripts (#1107, thanks @daurnimator!)accounts.ldap
section for configuring LDAP; LDAP is now available via the auth-script plugin interface (#1142)defcon
operator capability, allowing use of the new /DEFCON
command (#328)awaylen
, kicklen
, and topiclen
limits now reflect the 512-character line limit (#1112, thanks @k4bek4be!)extjwt
section for configuring the EXTJWT extension (#948, #1136)login-via-pass-command: true
is now a recommended default (#1186)/NICKSERV SUSPEND
and /NICKSERV UNSUSPEND
commands, allowing operators to suspend access to an abusive user account (#1135)/DEFCON
command, allowing operators to respond to spam or DoS attacks by disabling features at runtime without a rehash. (This feature requires that the operator have a newly defined capability, named defcon
; this can be added to the appropriate oper blocks in the config file.) (#328, thanks @bogdomania!)BOT
ISUPPORT token, plus a B
flag for bots in 352 RPL_WHOREPLY
(#1117)+T
no-CTCP user mode (#1007, thanks @clukawski!)/NICKSERV REGISTER
(#1179, thanks @LukeHoersten!)/NICKSERV SET PASSWORD
now sends a warning (#1208)/LIST
output (#1161, thanks @bogdomania!)INVITE
not overriding a +b
ban (#1168)CHGHOST
lines during authentication with /NICKSERV IDENTIFY
under some circumstances (#1108, thanks Geo-!)CHGHOST
lines sent to users during connection registration (#1125, thanks @jesopo!)znc.in/playback
capability, in particular restoring compatibility with Palaver (#1205, thanks @kylef!)/AWAY
command (#1207)/NS SAREGISTER
(#1216)\n
(#1167, thanks @eskimo!)away-notify
lines not being sent on channel JOIN (#1198, thanks savoyard!)/NICKSERV UNREGISTER
and /NICKSERV ERASE
not deleting stored user modes (#1157)/DLINE
now operates on individual client connections (#1135)MONITOR
list (#1053, thanks @ajaspers!)MONITOR L
now lists the nicknames in the form they were originally sent with MONITOR +
, without casefolding (#1083)445 ERR_SUMMONDISABLED
and 446 ERR_USERSDISABLED
in response to the SUMMON
and USERS
commands (#1078, thanks @KoraggKnightWolf!)=
(#1067, #1069, #1091, thanks @KoraggKnightWolf and @jesopo!)history.tagmsg-storage
config block (#1172)/NICKSERV CERT ADD
with no argument now adds the user’s current TLS certificate fingerprint, when applicable (#1059, thanks @emersonveenstra!)default.yaml
, instead of oragono.yaml
(#1130, thanks @k4bek4be!)/INFO
command now includes the full git hash, when applicable (#1105)We’re pleased to announce Oragono 2.1.0, a new stable release.
Since the release of 2.0.0 in March, a number of new communities and organizations have adopted Oragono as a communications tool. This new release incorporates many improvements and fixes derived from the experiences of real-world operators and end users. Highlights include:
Many thanks to @ajaspers and @hhirtz for contributing patches, to @ajaspers, @eklitzke, and @hhirtz for contributing code reviews, to @ajaspers, @bogdomania, @clukawski, Csibesz, @csmith, @eklitzke, @nxths, @hhirtz, @jesopo, @jlnt, @justjanne, @jwheare, @k4bek4be, @KoraggKnightWolf, @kula, @kylef, @Mitaka8, @petteri, @PizzaLover2007, @prawnsalad, @RyanSquared, savoyard, and @xPaw for reporting issues, and to @bogdomania, @boppy, Nuve, stickytoffeepuddingwithcaramel, and @vegax87 for contributing translations.
This release includes changes to the config file format, including one breaking change: support for server.ip-cloaking.secret-environment-variable
has been removed. (See below for instructions on how to upgrade if you were using this feature.) All other changes to the config file format are backwards compatible and do not require updating before restart.
This release includes a database change. If you have datastore.autoupgrade
set to true
in your configuration, it will be automatically applied when you restart Oragono. Otherwise, you can update the database manually by running oragono upgradedb
(see the manual for complete instructions).
This release includes a change to the MySQL schema. This change will be applied automatically when you restart Oragono. It is fully backwards compatible (i.e., if it is necessary for you to downgrade Oragono back to 2.0.0, it will not be necessary to downgrade the schema).
websocket
attribute of individual listeners, and a new server.websockets
section, for configuring websocket listeners. (#967, thanks @hhirtz!)server.ip-cloaking.secret
), it will be automatically imported into the database. If you were using secret-environment-variable
to distribute your cloaking secret, you can import it manually after restart using the new /HOSTSERV SETCLOAKSECRET
command. (#952)accounts.nick-reservation.force-nick-equals-account
, which ensures that logged-in clients are using their account name as their nickname. This eliminates the need for extbans and is a new recommended default. (#864)guest-nickname-format
and force-guest-format
, which optionally add a prefix like Guest-
to the nicknames of unauthenticated users (#749)history.retention
section for controlling new features related to history storage and deletion (#858)accounts.multiclient.always-on
is now opt-in
(#919)accounts.default-user-modes
; the recommended default is now to set +i
on all users automatically (#942, thanks @ajaspers!)channels.list-delay
, allowing restrictions on channel listings as a defence against spambots (#964)accounts.multiclient.auto-away
, allowing always-on clients to be automatically marked as away when all their sessions disconnectaccounts.throttling
as a global throttle on the creation of new accounts (#913)accounts.callbacks.mailto
, allowing direct email sending and DKIM signing (#921)accounts.login-via-pass-command
, providing a new mechanism for legacy clients to authenticate to accounts by sending PASS account:password
pre-registration (#1020)datastore.mysql.socket-path
, allowing MySQL connections over UNIX domain sockets (#1016, thanks savoyard and @ajaspers!)roleplay
section for controlling the server’s roleplay features (#865)accounts.nick-reservation.allow-custom-enforcement
is now false
(#918)channels.registration.operator-only
, optionally restricting channel registrations to operators (#685)server.output-path
for controlling where the server writes output files (#1004)oper:
have been normalized to remove the prefix (the old names are still respected in the config file) (#868)localconnect
and localconnect-ip
have been changed to connect
and connect-ip
respectively (the old names are still respected in the config file) (#940)WHO *
queries (#991, thanks @ajaspers!)OperServ
, BotServ
, MemoServ
, and Global
(#1080, thanks @KoraggKnightWolf!)draft/multiline
messages containing blank lines (#1005, thanks @jwheare!)/SAMODE
applying user mode changes to the operator instead of the target user (#866, thanks @csmith!)/NICKSERV SET
and related commands being unavailable when account registration is disabled (#922, thanks @PizzaLover2007!)TAGMSG
not being replayed correctly in history (#1044)401 ERR_NOSUCHNICK
responses on TAGMSG
sent to a service (#1051, thanks @ajaspers!)301 RPL_AWAY
not being sent in WHOIS
responses when applicable (#850)/OPER
with no password no longer disconnects the client (#951)421 ERR_UNKNOWNCOMMAND
responses (#994, thanks @k4bek4be!)NICK
and an ident response, without waiting for USER
(#1057, thanks @KoraggKnightWolf!)+R
mode being stored in history (#1061, thanks @KoraggKnightWolf!)/INVITE
commands not sending 443 ERR_USERONCHANNEL
(#842, thanks @hhirtz!)/NICKSERV REGISTER
response displaying mailto:
out of context (#985, thanks @eklitzke!)731 RPL_MONOFFLINE
when appropriate (#1076, thanks @ajaspers!)CHANMODES
ISUPPORT token (#408, #874, thanks @hhirtz!)002 RPL_MYINFO
parameters (#1058, thanks @KoraggKnightWolf!)MONITOR
in the TARGMAX
isupport token (#1090, thanks @KoraggKnightWolf!)+k
channel mode parameter (#874, thanks @hhirtz!)account-notify
lines are now part of the labeled-response batch when applicable (#1018)+R
(#930, thanks @PizzaLover2007!)255 RPL_LUSERME
response to indicate that the number of federated peer servers is 0 (#846, thanks @RyanSquared!)/CHANSERV AMODE
now takes immediate effect (#729)+q
mode (#950, #998)draft/multiline
message batch (#817)+R
channel now send 477 ERR_NEEDREGGEDNICK
(#936, thanks @PizzaLover2007, @jesopo!)353 RPL_NAMREPLY
now always uses a trailing parameter, for compatibility with incorrect client implementations (#854, #862)/RENAME
(#827)oragono mkcerts
now generates a 2048-bit RSA certificate, instead of a NIST P-521 ECDSA certificate (#898)server.ip-cloaking.secret
. To rotate the secret, use the new /HOSTSERV SETCLOAKSECRET
command. (#952)/NICKSERV LIST
and /CHANSERV LIST
, allowing operators to list registered nicknames and channels (#974, thanks @ajaspers!)accounts.multiclient.auto-away
and /NICKSERV HELP SET
for more information (#824)/HISTSERV PLAY
, which plays back history messages as NOTICEs from the HistServ
service (#383, thanks @nxths!)/HISTSERV DELETE
for deleting history messages (see the config option history.retention.allow-individual-delete
) (#858)/HISTSERV FORGET
for deleting all history messages associated with an account (see the config option history.retention.enable-account-indexing
) (#858)/HISTSERV EXPORT
for exporting all history messages associated with an account as JSON. This can be used at the user’s request for regulatory compliance reasons (see the config option history.retention.enable-account-indexing
) (#858)PASS
command, with the account:password syntax used by Freenode. To enable this feature, set accounts.login-via-pass-command
to true
. (#1020, thanks @jlnt!)/NICKSERV ERASE
as an escape hatch for operators, allowing an account to be erased and re-registered (#793)MODE
and TOPIC
messages in history (#532)conventional.yaml
, a version of the config file that provides a more traditional IRC experience. We recommend a config file based on oragono.yaml
for production networks, and one based on conventional.yaml
for IRCv3 conformance testing. (#918)/LIST
responses sent to anonymous clients (#964)make build
now includes an abbreviated git hash in the 002 RPL_YOURHOST
and 004 RPL_MYINFO
version strings, when applicable (#1031)-trimpath
(#901)We’re pleased to announce Oragono 2.0.0, a major update with a wide range of enhancements and fixes. Highlights include:
Many thanks to @csmith, @mattouille, and @xPaw for contributing patches, to @csmith and @wrmsr for contributing code reviews, to @bogdomania, @brenns10, @daurnimator, @ekianjo, horseface, @ivucica, @jesopo, @jwheare, KoDi, lover, @notbandali, @poVoq, @TETYYS, and @zaher for reporting issues, and to @bogdomania and Nuve for contributing translations.
This release includes changes to the config file format, including two breaking changes:
server.listen
format for configuring listeners has been removed; you must now use the server.listeners
format that was introduced in 1.2.0.server.connection-limits
and server.connection-throttling
have been consolidated into one new section, server.ip-limits
.Other changes to the config file format are backwards compatible and do not require updating before restart. To minimize potential downtime, we suggest the following workflow:
oragono
binary, edit your config file to add new server.listeners
and server.ip-limits
sections, based on the example config fileoragono
binary to the new 2.0.x version and restart your serverserver.listen
, server.connection-limits
, and server.connection-throttling
sections from your config, and rehash your server to confirmThis release includes a database change. If you have datastore.autoupgrade
set to true
in your configuration, it will be automatically applied when you restart Oragono. Otherwise, you can update the database manually by running oragono upgradedb
(see the manual for complete instructions).
server.listen
in favor of server.listeners
, a breaking change (#794)server.connection-limits
and server.connection-throttling
in favor of server.ip-limits
, a breaking change (#646)server.casemapping
option to control which Unicode nicknames and channels are allowed (#693)server.lookup-hostnames
and server.forward-confirm-hostnames
options to control hostname lookup (#688)limits.multiline
section to control the new draft/multiline
capabilitydatastore.mysql
for connecting to the server and history.persistent
for controlling which messages are storedhistory.restrictions
for preventing people from retrieving arbitrarily old history messageshistory.znc-maxmessages
, allowing a higher history replay limit for bouncer emulation relative to CHATHISTORYaccounts.vhosts.offer-list
, allowing users to take pre-approved vhosts without operator approval (#737)accounts.bouncer
to accounts.multiclient
(the old name still works) (#787)server.max-sendq
, server.ip-cloaking.num-bits
, accounts.registration.bcrypt-cost
, accounts.nick-reservation.enabled
(now true), accounts.multiclient.allowed-by-default
(now true)server.ip-cloaking.secret-environment-variable
, allowing the cloaking secret to be deployed via an environment variable for use in Kubernetes (#741, thanks @daurnimator!)server.forward-confirm-hostnames
to true (#688)NS INFO
displaying the local timezone (#710)accounts.authentication-enabled
failing to disable the NS IDENTIFY
command (#721)/DEOPER
command to remove operator privileges (#549, thanks @bogdomania!)/CHANSERV TRANSFER
, allowing transfers of channel ownership (#684)/NICKSERV CERT
, allowing users to manage their authorized client certificates (#530)/HOSTSERV TAKE
, allowing users to take pre-approved vhosts without operator approval (#737)/CHANSERV PURGE
, allowing server administrators to shut down channels (#683)/CHANSERV CLEAR
, allowing channel founders to reset stored bans and privileges (#692)/CHANSERV SET
, allowing channel founders to disable channel history (#379)AUTOREPLAY-JOINS
, allowing greater control over when joins and parts appear in history replay (#616, thanks @zaher!)/DEBUG CRASHSERVER
command (#791)znc.in/playback
now supports nicknames as targets (#830)+C
to suppress CTCP messages to a channel (#756)+s v
to enable vhost snomasks) (#347, #103)draft/labeled-response-0.2
(#757)/HISTORY
now defaults to returning 100 messages, and also takes time durations like 1h
as arguments (#621, thanks lover!)znc.in/playback
commands would play every channel, regardless of the target parameter (#760, thanks @brenns10!)MODE -o
not removing all operator permissions (#725, #549, thanks @bogdomania!)message-tags
capability (#754, thanks @jesopo!)+l
mode) not persisting after server restart (#705, thanks @bogdomania!)JOIN
lines with parameters ending in a comma (#679, thanks @bogdomania!)USERHOST
command (#682)oragono upgradedb
against a missing database file (#715, thanks @bogdomania!)NS GHOST
behavior when nickname reservation is disabled (#727, thanks horseface!)ip-cloaking.netname
(#713, thanks @bogdomania!)znc.in/playback
affects channel joins (#829)oragono.io/maxline-2
capability in favor of the new draft/multiline
capability (#670, #752)oragono.io/bnc
capability (multiclient functionality is now controllable only via server config and /NS SET MULTICLIENT
) (#787)draft/acc
capability and related ACC
command (#723)We’re pleased to announce Oragono 1.2.0. This version contains bug fixes and minor improvements.
Many thanks to @bogdomania, @csmith, @edmund-huber, @jesopo, @jwheare, @poVoq, @prawnsalad, and stealthgin for reporting issues and contributing code reviews, and also to @bogdomania, Forbidden (cptbl00dra1n), Nuve, @streaps, and UnLokitoFeliz for contributing translations.
This release includes a change to the config file format: the old server.listen
format for configuring listeners has been replaced by a new server.listeners
format. See the bundled oragono.yaml
configuration file for a commented example. For now, Oragono maintains backwards compatibility with the old format. To minimize potential downtime, we recommend the following workflow:
oragono
binary to the new 1.2.x version and restart your serverserver.listeners
formatThis release includes a database change. If you have datastore.autoupgrade
set to true
in your configuration, it will be automatically applied when you restart Oragono. Otherwise, you can update the database manually by running oragono upgradedb
(see the manual for complete instructions).
server.listen
section with server.listeners
; see oragono.yaml
for a commented example (#565)history.autoresize_window
for automatically resizing history buffers (#349)CHANLIMIT
ISUPPORT token (#625, thanks @poVoq!)draft/labeled-response-0.2
capability (#555)oragono mkcerts
no longer overwrites existing certificate files (#622, thanks @poVoq!)CAP LS 302
response being potentially truncated (#594, #661)MODE
commands (#649)/msg NickServ verify
in some clients (#567, thanks @edmund-huber!)LUSERS
output is now sent at the end of connection registration (#526)WHOIS
some Unicode nicknames (#331, thanks @bogdomania!)RESUME
not clearing the BRB
reason (#592, thanks @jesopo!)BRB
timestamp wasn’t reset correctly (#642)SAMODE
issued against a different user (#585)oragono.io/bnc
is no longer advertised when disabled in the config (#595)Oragono 1.1.1 is a bugfix release for flaws in message handling, including one with security implications.
Many thanks to @streaps for reporting issues.
This release does not change the database or configuration file format.
\r
byte. An attacker could use this to spoof protocol messages from the server (depending on the implementation of the victim’s client). This has been fixed. (#610)We’re pleased to announce Oragono version 1.1.0. This version has a number of exciting improvements, including:
Many thanks to @Ascrod, @amyspark, @bogdomania, @csmith, @jesopo, @jwheare, lover, and @transitracer for reporting issues and contributing patches, and also to @bogdomania, Elvedin Hušić, Nuve, and @streaps for contributing translations.
This release includes a database change. If you have datastore.autoupgrade
set to true
in your configuration, it will be automatically applied when you restart Oragono. Otherwise, you can update the database manually by running oragono upgradedb
(see the manual for complete instructions).
No changes to your configuration file should be required for this upgrade. However, updating the file is necessary to enable some new functionality, as described below.
tor-listeners
section added for configuring listeners for use with Tor.compatibility
section added for toggling compatibility behaviors for legacy clients.ip-cloaking
section added for configuring cloaking.bouncer
section added for configuring bouncer-like features (in particular, whether multiple clients can use the same nickname).check-ident
now has recommended value false
.nick-reservation.method
now has recommended value “strict”`.fakelag.enabled
now has recommended value true
.limits.linelen.tags
removed due to ratification of the message-tags spec, which fixes the maximum tags length at 8191 bytes.limits.registration-messages
added to restrict how many messages a user can send to the server during connection registration (while connecting to the server).channels.operator-only-creation
added to optionally restrict creation of new channels to ircops (#537).+s
) now act more secret (#380, thanks @csmith!).+R
(registered-only) mode now prevents unregistered users from joining the channel, not just from speaking (#463, thanks @bogdomania!).907 ERR_SASLALREADY
(#476)./ISON
command reporting users as always being online (#479)./RENAME
command not correctly renaming the channel for some users (#300, thanks @jesopo!)./HISTORY
command now says so instead of silently failing (#429, thanks @bogdomania!)./HOSTSERV ON/OFF
commands now tell you when you don’t have a vhost (#404, thanks @bogdomania!)./SANICK
command, the snomask now says which operator did it instead of saying the target changed their nickname themselves (#360, thanks @bogdomania!).znc.in/playback
capability is now supported, which can automate history playback for clients that support it (#486)./msg NickServ help set
for details) (#466).TAGMSG
and NICK
messages are now replayable in history (#457).SETNAME
command for changing your realname (#372)./msg NickServ register <password>
, which registers the current nickname as an account, matching other services (#410).draft/message-tags-0.2
.draft/msgid
.oragono.io/maxline-2
capability has replaced oragono.io/maxline
, the new version now working alongside the ratified message-tags spec (#433).draft/resume-0.5
and the associated BRB
command, replacing draft/resume-0.3
./RENAME
command to the latest draft of the specification./ACC
command to the latest draft of the specification (#453, #455).+a
away mode as no other servers use it (#468, thanks @jesopo and @jwheare!).autoreplay-on-join
no longer replays JOIN
and PART
lines by default (#474, thanks @amyspark!).WHOIS
responses no longer include the 690 RPL_WHOISLANGUAGE
numeric, as it doesn’t show anything useful to other users (#516).ISON
now reports services (ChanServ/NickServ/etc) as online (#488).NICKSERV ENFORCE
is deprecated in favor of the new NICKSERV SET ENFORCE
(the old syntax is still available as an alias).WHO
command is now treated like PONG
in that it doesn’t count as user activity, since client software often uses it automatically (#485).NAMES
command now only returns results for the first given channel (#534).oragono.io/nope
capability to encourage clients to request capabilities safely (#511).We’ve finally made it to v1.0.0! With this release, our list of need-to-haves is rounded out, and we reckon the software’s ready for production use in smaller networks. slingamn and I have been working with our contributors and translators to prepare a cracker of a release. Thanks to @csmith our Docker builds have been updated, with automatic rebuilds as we develop the software. Thanks to @bogdomania our translation workflow has been improved a lot.
Highlights include:
draft/resume-0.3
capability, the draft IRCv3 CHATHISTORY
command, and a custom HISTORY
command.Thanks to Mauropek, @modinfo, @bogdomania, @Shillos, Tony Chen, and Remini for adding new translations. Thanks to @Ascrod, @bogdomania, @csmith, @jesopo, @jwheare, @remini1998, @enckse, and @iNecas for finding bugs and/or writing new features.
allow-custom-enforcement
key added under accounts
.allow-plaintext-resume
key added under server
.history
section added.identlen
key added under limits
.login-throttling
section added under accounts
.max-channels-per-account
key added under channels.registration
(limiting the number of channels that can be registered).max-channels-per-client
key added under channels
(limiting the number of channels that can be joined).method
key now under accounts
now allows the value "optional"
.localhost
as a value, meaning any loopback IPV4, loopback IPV6, or unix domain address.server
has been added, replacing the startup
, rehash
, and shutdown
types.6668
by default (this fixes Docker installs).oragono run
.draft/setname
.NICKSERV
, including:
PASSWD
to change account passwords.ENFORCE
to set a specific enforcement mechanism on your nick.SAREGISTER
to allow operators to manually create new user accounts.SASL PLAIN
logins now log more correctly.draft/resume
to draft/resume-0.3
.INVITE
: Fixed bug where invited users could not join the channel they were invited to (thanks to @unendingpattern!).oragono.io/maxline
capability was accidentally disabled, and is now re-enabled.oragono genpasswd
now works when piping input in (fixes Docker installs).PRIVMSG
: Messages sent to multiple clients (such as channel messages) now share the same timestamp (previously each client got a very slightly different time).WHOIS
: Now responds properly for NickServ, ChanServ, etc.CHANSERV OP
command.ISUPPORT
tokens are now explicitly rejected.server-time
timestamp format more consistent and safer./NS IDENTIFY
.run
.DLINE
and KLINE
refactored, and expired bans are now removed from the database.There’s been a host of changes in the past six months, and this Halloween release has a number of very useful improvements.
For example, passwords are now hashed in a much better way than we did it before (jlatt’s original method back from Ergonomadic was the right way to do things), the database now auto-upgrades for you when it detects a new version, thanks to Slingamn we now have vhosts, and there’s been a ton of rewrites under-the-hood to improve stability and performance.
If you have any trouble with this release, please let us know with an issue on our tracker, or by talking to us in #oragono
on Freenode.
Thanks to slingamn for a lot of heavy lifting this release and to vilmibm for contributing a documentation fix!
allow-multiple-per-connection
key removed from accounts
.autoupgrade
key added under datastore
, specifying whether to upgrade to new database versions automatically.bcrypt-cost
key added under accounts
, to control how strongly account passwords are hashed.stackimpact
section removed from debug
.unix-bind-mode
key added under server
, controlling the bind mode used for unix listening sockets.vhosts
section added under accounts
, configuring our new vhost support.accreg
, sajoin
, vhosts
and chanreg
added.ChanServ
including:
AMODE
to allow setting persistent channel modes for users.DROP
to unregister a channel.HostServ
.ChanServ
and NickServ
now show in their help output when commands have been disabled.LUSERS
to make it display correct client count and output correct params (thanks @moortens!.PROXY
support for IPv6 clients.SAMODE
crash when using it on a channel you’re not joined to.WHOIS
so that RPL_WHOISACCOUNT
is now sent correctly.And v0.11.0 finally comes along! This release has been in the works for almost four months now, with an alpha and beta helping square away the issues.
We’re adding a lot of features to improve debugging, better support international users, and make things better for network administrators. Among the new features, you can use the LANGUAGE
command to set a custom server language (see our CrowdIn to contribute), expose a debugging pprof
endpoint, reserve nicknames with NickServ
, and force email verification for new user accounts. On the improvements side we have a CAP REQ
fix, and we now have a manual that contains a nice overview of Oragono’s documentation.
If you have any trouble with this release, please let us know with an issue on our tracker, or by talking to us in #oragono
on Freenode.
Thanks a bunch to everyone for the help with this release – especially to our translators and to Slingamn for being an awesome co-maintainer!
callbacks
section added under accounts/registration
, configuring our new email verification (disabled by default).fakelag
section added, configuring our new fakelag implementation.ips-per-subnet
key renamed to connections-per-subnet
.motd-formatting
is now enabled by default.nick-reservation
section added under accounts
, configuring our new nickname ownership abilities.nofakelag
and unregister
oper classes added.pprof-listener
key added under debug
(disabled by default).skip-server-password
key added under accounts
, to better support certain clients.verify-timeout
default value changed from 120 hours to 32 hours under accounts/registration
.batch
and draft capability draft/labeled-response
.CHANSERV
, including:
OP
to op yourself or the given user (can only be run by channel founders).NICKSERV
, including:
DROP
to de-associate a nickname from your current account.GHOST
to remove the given client (if they’re logged in with your user account).GROUP
to associate a nickname with your current account.IDENTIFY
to login to an account.INFO
to see information about the given (or your own) account.REGISTER
to register an account.UNREGISTER
to delete your account.draft/languages
and draft/resume
.B
: Mark yourself as a bot, and display that you’re a bot in WHOIS.genpasswd
now requires that you confirm the input passphrase.CAP REQ
, as per the spec.This patch fixes a couple bugs, updates cap/isupport token names in response to spec changes, and allows unprivileged users to list channel bans. Ah, DLINE and KLINE also store oper names, so you can see who set those pesky bans later on!
Overall, a fairly standard patch that just improves things. No config changes, no database changes.
Also, Merry Christmas and Happy Holidays!
DLINE
/KLINE
: We now save the name of whichever oper set the ban (and display it later).draft/maxline
capability is now oragono.io/maxline
.WHO
: First parameter now must be a mask or channel name, cannot be ommitted.UTF8MAPPING
token, matching the new spec changes.This patch release fixes a bunch of crashes that were introduced in the last release, 0.10.1
.
If you have 0.10.1
running, replace it with this release.
This patch release of Oragono fixes a fairly big channel mode bug, where users could set channel modes when they weren’t actually allowed to.
recover-from-errors
key added under debug
, which enables recovery from client-caused errors (at the cost of possible server instability).SAMODE
now lists other users’ modes.There has been a bunch of new changes in this release! From sts
being ratified to supporting WEBIRC
to rewriting a whole lot of our internals, 0.10.0 represents a real step forward in terms of where Oragono’s going.
In addition to the new features, this issue fixes a bunch of fairly large bugs (such as an errant INVITE
being able to crash the server, the +mR
channel modes not working at all, and making rehashing safer).
I’d like to thank @slingamn for really contributing a lot in this release! He’s done a whole bunch of the internal work, cleaned up the code, and in general just been a great help while developing. Running Oragono on an actual network has really helped find and track down some serious bugs, and lead us to some much-needed improvements.
motd-formatting
key added under server
, which supports MOTD formatting characters.rest-api
section removed from server
(since we no longer support the Rest API).webirc
section added under server
, which specifies the gateways can use the WEBIRC
command.ws-listen
key removed from server
(since we no longer support websocket ports).INVITE
: Fixed a server crash when sending an invite for a channel that doesn’t exist (thanks @josephbisch for telling me about the bug!).WEBIRC
command, allowing gateways to connect.DLINE LIST
and KLINE LIST
.draft/sts
has been renamed to sts
, since it’s now been ratified.draft/message-ids
cap since… it doesn’t actually exist. The feature is now enabled by default when clients request the draft/message-tags-0.2
capability, as written in the Message IDs spec.AWAY
was sending an incorrect mode string, and now sends the correct mode string (thanks @jwheare for pointing this out).MONITOR
implementation which meant we weren’t returning the right info to clients.+m
) and RegisteredOnly (+R
) channel modes could not be set. Now they can be set.This is a patch release to fix compatibility with Irssi and resolve some issues! Thanks very much @dequis, @slingamn and squigz for the help and for bringing up the issues.
MODE b
syntax, which certain clients use to check lists.QUIT
: We now send the actual quit message to other users.AWAY
messages to clients without away-notify
.ERR_NOSUCHNICK
numerics (we weren’t sending the nick correctly).So many fixes! You can now set the default modes for new channels, use HAProxy again, use the umode +R
to protect yourself against unwanted PMs, and we now warn on configurations/setups that look incorrect!
In addition, this release makes testing easier, makes sure we better adhere to the SASL specification and also removes some memory leaks around the place. All in all, just a solid upgrade and less bugs across the board.
allow-multiple-per-connection
flag under accounts/registration
, which can be used for account setup by testing software. Never enable it in production.default-modes
key under channels
, which is a standard modestring that’s applied to new channels.proxy-allowed-from
key under server
, which is a list of hostnames/IPs that the HAProxy PROXY
command can be used from.R
: Only receive private messages and notices from other registered users.Just a patch release to fix a bug! The bug that’s been fixed prevented you from modifying channel privilidges at all, which isn’t great. With this release, now you can do so again!
This is one I’m gonna have to add to the testcases, to make sure it doesn’t happen again.
Lots of quality-of-life fixes, improved oversight for opers, and a proposed channel renaming command!
With this release, we’re moving to a proper Github organisation, becoming more consistent with other IRCds, and introducing a bunch more snomasks. In addition, when setting DLINE
and KLINE
bans, you can also kill all clients who match the ban by supplying the parameter ANDKILL
when you set the ban.
Channel LIST
filtering is now more useful, and I’ll keep expanding this in future releases. As well, there’s been some useful extensions to WHOIS
, and a bug with SANICK
fixed thanks to @lbeziaud. @enckse has also added Oragono to the Arch AUR, to make it easier to install on that distro.
Thanks to everyone for suggesting improvements and reporting issues! There’s a lot to do as we move forward, and I have a pretty decent plan of where to go next.
j
: Channel registration.k
: Kills, including those resulting from DLINE
s and KLINE
s.n
: Nick changes.o
: Clients opering-up.q
: Clients quitting.u
: Account registration and login.x
: Setting and removing DLINE
/KLINE
.DLINE
and KLINE
: Added ANDKILL
parameter to also kill all clients that match the ban.LIST
: Implement extended list conditions U
(which filters the channels by user count).WHOIS
: Show the target’s real IP address if you’re whoising yourself or you’re an oper.WHOIS
: Show whether the target has connected securely using TLS.JOIN 0
command (matching what InspIRCd has done here), since this is easily abusable.SANICK
works properly now (thanks @lbeziaud!).Debugging! Fixes! Better realtime monitoring!
This release isn’t too exciting, but packs large improvements to how we handle floods and similar issues. As well, the introduction of snomasks (take a look at /HELPOP snomasks
) should help opers keep a basic view over their server during use. Only the "c"
(connects) snomask is active right now, but others will be added and extended in future releases.
debug
section containing additional debug settings.modes
key on oper config, for setting modes on oper-up.stdout
in logger methods./ACC REGISTER
instead of /REG CREATE
).draft/maxline
) no longer randomly drops characters.This is a patch release of Oragono to fix discovered bugs and crashes. I’ll also be implementing some more stringent checks before pushing releases after this, to ensure these same sort of bugs don’t happen again.
This is a quick patch release of Oragono to work around a discovered bug.
This release brings channel registration with ChanServ, logging improvements, and a whole host of improvements across the board.
Thanks to a suggestion by dp-
on our channel (#oragono
on Freenode), the socket handling code has been overhauled to allow for a larger number of more stable connections. As well, improved testing has brought with it a bunch of strange hang and crash fixes, which means that Oragono should be more stable than ever.
Channel registration is really cool. Essentially, you register the channel with /CS REGISTER
as you would on any network, and then all topic changes, the +b/+e/+I
lists, and your founder status, are all remembered and re-applied when the server’s restarted.
channels
section added to control channel registration.logging
key under server
removed, replaced with logging
section.max-sendq
key added under server
.registration
and authentication-enabled
keys moved under accounts
section.samode
capability added to oper capabilities.sts
section added under server
.ChanServ
service, to allow channel registration.USERHOST
command (thanks @vegax87).SAMODE
command.DLINE
and KLINE
now let you specify years, months and days (e.g. 1y12m30d
) in durations.+m
).We’ve added a ton of new features in this release! Automated connection throttling, the ability to KLINE
, updated casemapping and line-length specifications.
I’ve also started including a new section in the changelog called Config Changes, which should help you find what you need to update across releases.
enabled
key added under the connection-limits
section.connection-throttling
section added under server
.linelen
section added under limits
.connection-throttling
section in the config.KLINE
and UNKLINE
commands. Complementing DLINE
’s per-IP and per-network bans, this lets you ban masks from the server.LUSERS
command (thanks @vegax87).draft/message-tags-0.2
and draft/message-ids
.draft/maxline
.enabled
flag under the connection-limits
section of the config.UNDLINE
didn’t save across server launches.This release includes a ton of fixes, as well as the ability to ban IP addresses from your network with the DLINE
command!
As well, there are some major fixes with the libraries Oragono depends on, which fix various DoS attacks, crashes and timeouts. In short, this release is more stable and fixes a bunch of issues.
This release also updates the database, so be sure to run the oragono upgradedb
command.
DLINE
and UNDLINE
commands.@
) on channel join, not channel founder (~
). We’ll do channel founder and all on registered chans only.MODE
changes to all clients in a channel.NICK
s, to be more safe.NOTICE
s properly.This release packs a more extensive oper privelege framework, bugfixes for capabilities/modes, support for new RP commands and more RPL_ISUPPORT
tokens. In general, a bunch of new features and bugfixes to make using Oragono more smooth.
MAXLIST
, MAXTARGETS
, MODES
, TARGMAX
in RPL_ISUPPORT
.chghost
.HELP
wouldn’t correctly display for operators, and added more help topics.MONITOR
lists.We now support dynamically reloading the config file, along with some new IRCv3 capabilities and some fixes.
The REHASH
changes are fairly extensive here, but should now be stable (this also fixes a denial of service possible with the old code).
REHASH
command.STATUSMSG
).cap-notify
and echo-message
.Improved compatibility, more features.
Now comes with a new proper Unicode-capable casemapping and integrated help!
/HELP
command).account-notify
, invite-notify
, monitor
, sasl
, and draft capability message-tags
as draft/message-tags
.+P
mode (not too useful as currently implemented, to be replaced later).PROXY
command (breaks our TLS user mode, and our integrated support for TLS should be fine).Initial release of Oragono!
RPL_ISUPPORT
numeric as advertised by most other IRCds today.+h-ov dan dan dan
).+Z
).account-tag
, away-notify
, extended-join
, sasl
, server-time
, and userhost-in-names
.O
) privilege changed to founder/admin/halfops (qah
) privileges.+p
) channel mode changed to secret (+s
), to match what’s used by servers today.+nt
), matching most other IRCds.USER
command now start with "~"
(to work with new ident support).ONICK
command to SANICK
to be more consistent with other IRCds.WHOWAS
entries configurable.THEATER
command (it broke and I’m not that interested in putting the work in to get it working again with the aim of this project. PRs accepted).<modestring>
evaluation (we were parsing all ungrabbed parameters as a modestring, when it is actually only the first param).<nick>
param on RPL_ENDOFWHOIS
.