« Changelog History


Oragono v0.9.0 Release Notes

Release Date: 2017-09-25 // over 6 years ago

  • 🔧 So many fixes! You can now set the default modes for new channels, use HAProxy again, use the umode +R to protect yourself against unwanted PMs, and we now warn on configurations/setups that look incorrect!

    🚀 In addition, this release makes testing easier, makes sure we better adhere to the SASL specification and also removes some memory leaks around the place. All in all, just a solid upgrade and less bugs across the board.

    Config Changes

    • Added allow-multiple-per-connection flag under accounts/registration, which can be used for account setup by testing software. Never enable it in production.
    • ➕ Added default-modes key under channels, which is a standard modestring that's applied to new channels.
    • ➕ Added proxy-allowed-from key under server, which is a list of hostnames/IPs that the HAProxy PROXY command can be used from.

    🔒 Security

    • Clients could use a nickname that isn't sane. This has the possibility of allowing clients to subvert our admin commands and monitoring features.

    ➕ Added

    • ➕ Added a warning if the server's not listening on a TLS port or if it's not listening for TLS connections on port 6697.
    • ➕ Added a warning if you're trying to run from source or an otherwise unreleased version.
    • ➕ Added INFO.md document to better explain the design decisions behind Oragono, exactly how to rehash, etc.
    • ➕ Added support for HAProxy's PROXY v1 command, useful for certain installations.
    • ➕ Added user modes, including:
      • R: Only receive private messages and notices from other registered users.

    🛠 Fixed

    • 🛠 Fixed a bug where certain clients couldn't connect as we were incorrectly rejecting their valid PTR record (thanks @slingamn!).
    • 🛠 Fixed a crash around monitoring clients.
    • 🛠 Fixed a memory leak in our socket code when clients disconnect.
    • 🛠 Fixed a SASL bug that resulted in certains clients getting caught in a cycle of trying (and failing) to abort authentication.
    • 🛠 Fixed an instance where clients could use a nickname that isn't sane (thanks @euank!).
    • 🛠 Fixed an issue where certain clients who connect incorrectly would stay connected (thanks @euank!).
    • 🛠 Fixed how we handle particularly unique Unicode strings (we now ensure they stabilize while casefolding).
    • 🛠 Fixed some issues around rehashing, where listeners wouldn't rehash in time and could crash (thanks @slingamn!).