FindClient() is not enough, because there are no restrictions to used
identifiers. They don't necessarily need to be unique, and the same
identified client might re-connect meanwhile a ghost connection is
still hanging there.
The old AttachUser() that sent JOIN without topic or names replies
would leave clients in incomplete/broken state. JoinUser() was doing
two things; depending on passed arguments it was either joining user
on the channel on IRC, or attaching clients (properly). Now JoinUser()
joins the user on IRC, and AttachUser() attaches as expected from the
method names.
ZNC currently disables SSLv2 and SSLv3 by default. To keep the ZNC
defaults (recommended, may change in the future versions) and for
example disable TLSv1 in addition, specify in the global config
section:
SSLProtocols = -TLSv1
Available (case-insentive) values are:
All, SSLv2, SSLv3, TLSv1, TLSv1.1, TLSv1.2
A non-prefixed "absolute" value overrides the ZNC defaults:
SSLProtocols = TLSV1 +TLSv1.1 +TLSv1.2
> Extend EDisableProtocol
> missing ifdef for non-ssl
> added ability to disable compression
> added new callbacks for Certificate Verification and Handshake completion
> added SNI support for client and server, cleanup some of the certificate verification callback code
- PASS [user[@identifier][/network]:]password
- USER user[@identifier][/network] ...
NOTE: There's a slight ambiguosity with the '@' character, which happens
to be a valid character in usernames, but also acts as a marker for the
identifier. Therefore, '@' is considered as part of the username if it's
followed by non-word characters (as in an email address), otherwise as
a marker for an identifier.
This is only an enabler for #343. The rest can be done with modules:
- managing client ID specific playback buffers
- filtering channels based on the client ID
The reason this should be part of ZNC core is that only global modules
have access to OnUnknownUserRaw(), which is needed to capture USER/PASS.
First of all, the aforementioned modules shouldn't be global. Furthermore,
it would be possible to have only one module that parsed and removed the
client ID so that ZNC core woulnd't choke.
> Support ECDHE exchange if available in OpenSSL
> add openssl's fix for POODLE bug in server mode.
> Give Csocket consumers the ability to disable less desirable protocols
The patch level version number is ignored in module and config
version compatibility checks. Radically simplified, bug fix
releases shall not touch the headers nor change the config file.
Make CChan keep track of the channel key, and schedule saving of the
config file when appropriate. This is more robust than trying to do
it from within the chansaver module.
Rename the current ECONFIG_NEED_WRITE to ECONFIG_NEED_VERBOSE_WRITE
as it always broadcasts the result for SIGUSR1, even on success.
Keep ECONFIG_NEED_WRITE for cases where the config should be written
without a notification of success.
Csocket has received a bunch of const correctness fixes. Notice that
the signature of one virtual method, Csock::ConvertAddress(), has
changed => CZNCSock has been updated accordingly.
The enum is a bit more verbose, but leads to more readable code:
str.Equals("foo", true)
// vs.
str.Equals("foo", CString::CaseSensitive)
Deprecate the old Equals() and leave out the length parameter
from the new version => use StartsWith() or StrCmp() instead.
The following modules are enabled by default:
- global: webadmin
- user: controlpanel, chansaver
- network: simple_away
This reduces a lot makeconf noise and fixes#541.
