ngIRCd release 18

Citing an email from Florian to the ngIRCd mailing list:

"I wonder what the expected behaviour is when Conf_MorePrivacy is changed
 from 'yes' to 'no' and the config is reloaded.

 At the moment, WHOWAS will start giving out information on Users that
 were connected during Conf_MorePrivacy=yes period.  If this is not
 wanted, Client_RegisterWhowas() should be changed to not store a record
 when Conf_MorePrivacy is enabled."

And I think it is "not wanted" :-)

ChangeLog

@@ -9,17 +9,30 @@
                                -- ChangeLog --
 
 
-ngIRCd Release 18
+ngIRCd Release 18 (2011-07-10)
+
+  - Update timestamp of ngircd(8) manual page.
+  - Add preliminary ngIRCd protocol module for Anope 1.9 to contrib/Anope/.
+  - Don't register WHOWAS information when "MorePrivacy" option is in effect.
+
+  ngIRCd 18~rc2 (2011-06-29)
+  - Update documentation, fix some wording, and use a spellchecker :-)
+  - ngircd.conf.5: strip "SSL" prefix from variables in [SSL] section.
+  - ngircd.8: document debugging options.
+  - GnuTLS: use 1024 bits as minimum size of the DH prime. This enables
+    ngIRCd to accept incoming connections from other servers and clients
+    that "only" use at least 1024 bits again, like ngIRCd 17 did (and no
+    longer requires 2048 bits for incoming connections).
 
   ngIRCd 18~rc1 (2011-06-27)
   - PAM warning message: make clear which "Password" config option is ignored.
-  - New configuration opion "MorePrivacy" to "censor" some user information.
-    When enabled, signon time and idle time is censored. Part and quit
+  - New configuration option "MorePrivacy" to "censor" some user information.
+    When enabled, signon time and idle time is left out. Part and quit
     messages are made to look the same. WHOWAS requests are silently dropped.
     All of this is useful if one wish to conceal users that access the ngircd
     servers from TOR or I2P.
   - New configuration option "ScrubCTCP" to scrub incoming CTCP commands. If
-    activated, the server silently drops incomming CTCP requests from both
+    activated, the server silently drops incoming CTCP requests from both
     other servers and from users. The server that scrubs CTCP will not forward
     the CTCP requests to other servers in the network either, which can spell
     trouble if not every oper knows about the CTCP-scrubbing. Scrubbing CTCP
@@ -43,7 +56,7 @@ ngIRCd Release 18
     would be best to just use 4096 bits, but that takes minutes, even on
     current hardware ...
   - contrib/platformtest.sh: fix gcc version detection.
-  - Avoid needlesly scary 'buffer overflow' messages: When the write buffer
+  - Avoid needlessly scary 'buffer overflow' messages: When the write buffer
     space grows too large, ngIRCd has to disconnect the client to avoid
     wasting too much memory, which is logged with a scary 'write buffer
     overflow' message. Change this to a more descriptive wording.
@@ -59,8 +72,8 @@ ngIRCd Release 18
     like e.g. snircd (QuakeNet) does.
   - Generate WALLOPS message on SQUIT from IRC operators; so SQUIT now behaves
     like CONNECT and DISCONNECT commands, when called by an IRC operator.
-  - Allow servers to send more commands in the first 10 secods ("burst"). This
-    helps to speed up server login and network synchronisation.
+  - Allow servers to send more commands in the first 10 seconds ("burst"). This
+    helps to speed up server login and network synchronization.
   - Add support for up to 3 targets in WHOIS queries, also allow up to one
     wildcard query from local hosts. Follows ircd 2.10 implementation rather
     than RFC 2812. At most 10 entries are returned per wildcard expansion.
@@ -83,7 +96,7 @@ ngIRCd Release 18
   - Don't access possibly free'd CLIENT structure. Ooops.
   - Allow "Port = 0" in [Server] blocks. Port number 0 marks remote servers
     that try to connect to this daemon, but where this daemon never tries to
-    establis a connection on its own: only incoming connections are allowed.
+    establish a connection on its own: only incoming connections are allowed.
   - Configuration: fix 'Value of "..." is not a number!' for negative values.
   - Enable WHOIS command to return information about services.
   - Implement channel mode 'O': "IRC operators only". This channel mode is
@@ -100,9 +113,9 @@ ngIRCd Release 18
     in [Global] are still accepted, so there is no functional change.
   - Fix confusing "adding to invite list" debug messages: adding entries to
     ban list produced 'invite list' debug output ...
-  - Don't throttle services and servers beeing registered.
+  - Don't throttle services and servers being registered.
   - Xcode: correctly sort files :-)
-  - Don't assert() when serching a client for an invalid server token (this is
+  - Don't assert() when searching a client for an invalid server token (this is
     only relevant when a trusted server on a server-server link sends invalid
     commands).
 
@@ -113,7 +126,7 @@ ngIRCd Release 17.1 (2010-12-19)
   - Reset ID of outgoing server link on DNS error correctly
   - Don't log critical (or worse) messages to stderr
   - Manual page ngircd(8): add SIGNALS section
-  - Manual pages: update and simplyfy AUTHORS section
+  - Manual pages: update and simplify AUTHORS section
   - Remove "error file" when compiled with debug code enabled
   - README: Updated list of implemented commands
   - add doc/README-Interix.txt and doc/Bopm.txt to distribution tarball

INSTALL

@@ -134,7 +134,7 @@ Again: "end users" do not need this step!
 
 The configure-script is used to detect local system dependencies.
 
-In the perfect case, configure should recognise all needed libraries, header
+In the perfect case, configure should recognize all needed libraries, header
 files and so on. If this shouldn't work, "./configure --help" shows all
 possible options.
 

NEWS

@@ -8,16 +8,24 @@
 
                                   -- NEWS --
 
-ngIRCd Release 18
+ngIRCd Release 18 (2011-07-10)
+
+  - Add preliminary ngIRCd protocol module for Anope 1.9 to contrib/Anope/.
+
+  ngIRCd 18~rc2 (2011-06-29)
+  - GnuTLS: use 1024 bits as minimum size of the DH prime. This enables
+    ngIRCd to accept incoming connections from other servers and clients
+    that "only" use at least 1024 bits again, like ngIRCd 17 did (and no
+    longer requires 2048 bits for incoming connections).
 
   ngIRCd 18~rc1 (2011-06-27)
-  - New configuration opion "MorePrivacy" to "censor" some user information.
-    When enabled, signon time and idle time is censored. Part and quit
+  - New configuration option "MorePrivacy" to "censor" some user information.
+    When enabled, signon time and idle time is left out. Part and quit
     messages are made to look the same. WHOWAS requests are silently dropped.
     All of this is useful if one wish to conceal users that access the ngircd
     servers from TOR or I2P.
   - New configuration option "ScrubCTCP" to scrub incoming CTCP commands. If
-    activated, the server silently drops incomming CTCP requests from both
+    activated, the server silently drops incoming CTCP requests from both
     other servers and from users. The server that scrubs CTCP will not forward
     the CTCP requests to other servers in the network either, which can spell
     trouble if not every oper knows about the CTCP-scrubbing. Scrubbing CTCP
@@ -34,7 +42,7 @@ ngIRCd Release 18
     the [Global] section are deprecated now, but are still recognized.
     => Don't forget to check your configuration, use "ngircd --configtest"!
   - New documentation "how to contribute": doc/Contributing.txt.
-  - Avoid needlesly scary 'buffer overflow' messages: When the write buffer
+  - Avoid needlessly scary 'buffer overflow' messages: When the write buffer
     space grows too large, ngIRCd has to disconnect the client to avoid
     wasting too much memory, which is logged with a scary 'write buffer
     overflow' message. Change this to a more descriptive wording.
@@ -63,7 +71,7 @@ ngIRCd Release 18
     the moment. This enhances reliability on slow links.
   - Allow "Port = 0" in [Server] blocks. Port number 0 marks remote servers
     that try to connect to this daemon, but where this daemon never tries to
-    establis a connection on its own: only incoming connections are allowed.
+    establish a connection on its own: only incoming connections are allowed.
   - Enable WHOIS command to return information about services.
   - Implement channel mode 'O': "IRC operators only". This channel mode is
     used on DALnet (bahamut), for example.

configure.in

@@ -1,6 +1,6 @@
 #
 # ngIRCd -- The Next Generation IRC Daemon
-# Copyright (c)2001-2010 Alexander Barton <alex@barton.de>
+# Copyright (c)2001-2011 Alexander Barton (alex@barton.de) and Contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -544,6 +544,7 @@ AC_OUTPUT([ \
 	src/testsuite/Makefile \
 	man/Makefile \
 	contrib/Makefile \
+	contrib/Anope/Makefile \
 	contrib/Debian/Makefile \
 	contrib/MacOSX/Makefile \
 	contrib/MacOSX/ngIRCd.xcodeproj/Makefile \

contrib/Anope/0001-Revert-Removed-ngircd.patch

@@ -0,0 +1,496 @@
+From bc5023fdba8091ab7eee29fe0deeca6843159743 Mon Sep 17 00:00:00 2001
+From: Alexander Barton <alex@barton.de>
+Date: Mon, 16 May 2011 18:23:01 +0200
+Subject: [PATCH 1/2] Revert "Removed ngircd as we've decided not to support it at this time"
+
+This reverts commit 605b5d57171d2f0fac56ee2ee3e1b1bbdadeb24f and re-enables
+the ngIRCd protocol module for Anope.
+---
+ modules/protocol/ngircd.cpp |  475 +++++++++++++++++++++++++++++++++++++++++++
+ 1 files changed, 475 insertions(+), 0 deletions(-)
+ create mode 100644 modules/protocol/ngircd.cpp
+
+diff --git a/modules/protocol/ngircd.cpp b/modules/protocol/ngircd.cpp
+new file mode 100644
+index 0000000..6e1f21f
+--- /dev/null
++++ b/modules/protocol/ngircd.cpp
+@@ -0,0 +1,475 @@
++/* ngIRCd IRCD functions
++ *
++ * (C) 2003-2011 Anope Team
++ * Contact us at team@anope.org
++ *
++ * Please read COPYING and README for further details.
++ *
++ * Based on the original code of Epona by Lara.
++ * Based on the original code of Services by Andy Church.
++ */
++
++#include "services.h"
++#include "modules.h"
++
++IRCDVar myIrcd[] = {
++	{"ngIRCd",	/* ircd name */
++	 "+oi",		/* Modes used by pseudoclients */
++	 0,		/* SVSNICK */
++	 0,		/* Vhost */
++	 0,		/* Supports SNlines */
++	 0,		/* Supports SQlines */
++	 0,		/* Supports SZlines */
++	 0,		/* Join 2 Message */
++	 0,		/* Chan SQlines */
++	 1,		/* Quit on Kill */
++	 0,		/* vidents */
++	 0,		/* svshold */
++	 0,		/* time stamp on mode */
++	 0,		/* UMODE */
++	 0,		/* O:LINE */
++	 0,		/* No Knock requires +i */
++	 0,		/* Can remove User Channel Modes with SVSMODE */
++	 0,		/* Sglines are not enforced until user reconnects */
++	 0,		/* ts6 */
++	 "$",		/* TLD Prefix for Global */
++	 20,		/* Max number of modes we can send per line */
++	 0,		/* IRCd sends a SSL users certificate fingerprint */
++	 }
++	,
++	{NULL}
++};
++
++/* PASS */
++class ngIRCdProto : public IRCDProto
++{
++	void SendAkill(User *u, const XLine *x)
++	{
++		if (SGLine && u == NULL)
++			for (Anope::insensitive_map<User *>::iterator it = UserListByNick.begin(); it != UserListByNick.end();)
++			{
++				u = it->second;
++				++it;
++				if (SGLine->Check(u) != NULL)
++					break;
++			}
++	}
++
++	void SendAkillDel(const XLine*) { }
++
++	void SendGlobopsInternal(const BotInfo *source, const Anope::string &buf)
++	{
++		send_cmd(source ? source->nick : Config->ServerName, "WALLOPS :%s", buf.c_str());
++	}
++
++	void SendJoin(BotInfo *user, Channel *c, const ChannelStatus *status)
++	{
++		send_cmd(user->nick, "JOIN %s", c->name.c_str());
++		if (status)
++			for (unsigned i = 0; i < ModeManager::ChannelModes.size(); ++i)
++				if (status->HasFlag(ModeManager::ChannelModes[i]->Name))
++					c->SetMode(user, ModeManager::ChannelModes[i], user->nick, false);
++	}
++
++	void SendSVSKillInternal(const BotInfo *source, const User *user, const Anope::string &buf)
++	{
++		send_cmd(source ? source->nick : Config->ServerName, "KILL %s :%s", user->nick.c_str(), buf.c_str());
++	}
++
++	/* SERVER name hop descript */
++	void SendServer(const Server *server)
++	{
++		send_cmd("", "SERVER %s %d :%s", server->GetName().c_str(), server->GetHops(), server->GetDescription().c_str());
++	}
++
++	void SendConnect()
++	{
++		send_cmd("", "PASS %s 0210-IRC+ Anope|%s:CLHSo P", uplink_server->password.c_str(), Anope::VersionShort().c_str());
++		/* Make myself known to myself in the serverlist */
++		SendServer(Me);
++		/* finish the enhanced server handshake and register the connection */
++		this->SendNumeric(Config->ServerName, 376, "*", ":End of MOTD command");
++	}
++
++	// Received: :dev.anope.de NICK DukeP 1 ~DukePyro p57ABF9C9.dip.t-dialin.net 1 +i :DukePyrolator
++	void SendClientIntroduction(const User *u, const Anope::string &modes)
++	{
++		EnforceQlinedNick(u->nick, "");
++		send_cmd(Config->ServerName, "NICK %s 1 %s %s 1 %s :%s", u->nick.c_str(), u->GetIdent().c_str(), u->host.c_str(), modes.c_str(), u->realname.c_str());
++	}
++
++	void SendPartInternal(const BotInfo *bi, const Channel *chan, const Anope::string &buf)
++	{
++		if (!buf.empty())
++			send_cmd(bi->nick, "PART %s :%s", chan->name.c_str(), buf.c_str());
++		else
++			send_cmd(bi->nick, "PART %s", chan->name.c_str());
++	}
++
++	void SendModeInternal(const BotInfo *bi, const Channel *dest, const Anope::string &buf)
++	{
++		send_cmd(bi ? bi->nick : Config->ServerName, "MODE %s %s", dest->name.c_str(), buf.c_str());
++	}
++
++	void SendModeInternal(const BotInfo *bi, const User *u, const Anope::string &buf)
++	{
++		send_cmd(bi ? bi->nick : Config->ServerName, "MODE %s %s", u->nick.c_str(), buf.c_str());
++	}
++
++	void SendKickInternal(const BotInfo *bi, const Channel *chan, const User *user, const Anope::string &buf)
++	{
++		if (!buf.empty())
++			send_cmd(bi->nick, "KICK %s %s :%s", chan->name.c_str(), user->nick.c_str(), buf.c_str());
++		else
++			send_cmd(bi->nick, "KICK %s %s", chan->name.c_str(), user->nick.c_str());
++	}
++
++	void SendNoticeChanopsInternal(const BotInfo *source, const Channel *dest, const Anope::string &buf)
++	{
++		send_cmd(source ? source->nick : Config->s_ChanServ, "NOTICE @%s :%s", dest->name.c_str(), buf.c_str());
++	}
++
++	/* INVITE */
++	void SendInvite(BotInfo *source, const Anope::string &chan, const Anope::string &nick)
++	{
++		send_cmd(source->nick, "INVITE %s %s", nick.c_str(), chan.c_str());
++	}
++
++	void SendChannel(Channel *c)
++	{
++		Anope::string mlock_modes = get_mlock_modes(c->ci, true);
++		if (mlock_modes.empty())
++			mlock_modes = "+";
++		send_cmd(Config->ServerName, "CHANINFO %s %s", c->name.c_str(), mlock_modes.c_str());
++	}
++	void SendTopic(BotInfo *bi, Channel *c)
++	{
++		send_cmd(bi->nick, "TOPIC %s :%s", c->name.c_str(), c->topic.c_str());
++	}
++};
++
++class ngIRCdIRCdMessage : public IRCdMessage
++{
++ public:
++	bool OnSJoin(const Anope::string&, const std::vector<Anope::string>&) { return false; }
++
++	/*
++	 * Received: :dev.anope.de MODE #anope +b *!*@*aol*
++	 */
++	bool OnMode(const Anope::string &source, const std::vector<Anope::string> &params)
++	{
++		if (params.size() < 2)
++			return true;
++
++		Anope::string modes = params[1];
++		for (unsigned i = 2; i < params.size(); ++i)
++			modes += " " + params[i];
++
++		if (params[0][0] == '#' || params[0][0] == '&')
++			do_cmode(source, params[0], modes, "");
++		else
++			do_umode(params[0], params[1]);
++
++		return true;
++	}
++
++	/*
++	  Received: :DukeP_ NICK :test2
++	  Received: :dev.anope.de NICK DukeP_ 1 ~DukePyro ip-2-201-236-154.web.vodafone.de 1 + :DukePyrolator
++	  source = nickname on nickchange, servername on newuser
++	  params[0] = nick
++	  params[1] = <unknown>
++	  params[2] = username
++	  params[3] = host
++	  params[4] = <unknown>
++	  params[5] = modes
++	  params[6] = info
++	*/
++	bool OnNick(const Anope::string &source, const std::vector<Anope::string> &params)
++	{
++		if (params.size() == 1)
++		{
++			// we have a nickchange
++			do_nick(source, params[0], "", "", "", "", Anope::CurTime, "", "", "", "");
++		}
++		else if (params.size() == 7)
++		{
++			// a new user is connecting to the network
++			User *user = do_nick("", params[0], params[2], params[3], source, params[6], Anope::CurTime, "", "", "", params[5]);
++			if (user)
++				validate_user(user);
++		}
++		else
++		{
++			Log() << "Received NICK with invalid number of parameters. source = " << source << "param[0] = " << params[0] << "params.size() = " << params.size();
++		}
++		return true;
++	}
++
++	bool OnServer(const Anope::string &source, const std::vector<Anope::string> &params)
++	{
++		if (params.size() == 3)
++			do_server("", params[0], 0, params[2], params[1]);
++		else
++			do_server(source, params[0], params[1].is_pos_number_only() ? convertTo<unsigned>(params[1]) : 0, params[3], params[2]);
++		return true;
++	}
++
++	bool OnTopic(const Anope::string &source, const std::vector<Anope::string> &params)
++	{
++		Channel *c = findchan(params[0]);
++		if (!c)
++		{
++			Log() << "TOPIC for nonexistant channel " << params[0];
++			return true;
++		}
++
++		c->ChangeTopicInternal(source, params[1]);
++		return true;
++	}
++
++	/*
++	 * <@po||ux> DukeP: RFC 2813, 4.2.1: the JOIN command on server-server links
++	 * separates the modes ("o") with ASCII 7, not space. And you can't see ASCII 7.
++	 *
++	 * if a user joins a new channel, the ircd sends <channelname>\7<umode>
++	 */
++	bool OnJoin (const Anope::string &source, const std::vector<Anope::string> &params)
++	{
++		if (!params.empty())
++		{
++			size_t pos = params[0].find('\7');
++			if (pos != Anope::string::npos)
++			{
++				Anope::string channel = params[0].substr(0, pos);
++				Anope::string mode = '+' + params[0].substr(pos, params[0].length()) + " " + source;
++				do_join(source, channel, "");
++				do_cmode(source, channel, mode, "");
++			}
++			else
++				do_join(source, params[0], "");
++		}
++		return true;
++	}
++};
++
++/*
++ * CHANINFO <chan> +<modes>
++ * CHANINFO <chan> +<modes> :<topic>
++ * CHANINFO <chan> +<modes> <key> <limit> :<topic>
++ */
++bool event_chaninfo(const Anope::string &source, const std::vector<Anope::string> &params)
++{
++
++	Channel *c = findchan(params[0]);
++	if (!c)
++		c = new Channel(params[0]);
++
++	Anope::string modes = params[1];
++	
++	if (params.size() == 3)
++	{
++		c->ChangeTopicInternal(source, params[2], Anope::CurTime);
++	} 
++	else if (params.size() == 5)
++	{
++		for (size_t i = 0, end = params[1].length(); i < end; ++i)
++		{
++			switch(params[1][i])
++			{
++				case 'k':
++					modes += " " + params[2];
++					continue;
++				case 'l':
++					modes += " " + params[3];
++					continue;
++			}
++		}
++		c->ChangeTopicInternal(source, params[4], Anope::CurTime);
++	}
++
++	c->SetModesInternal(NULL, modes);
++
++	return true;
++}
++
++/*
++ * Received: :dev.anope.de NJOIN #test :DukeP2,@DukeP
++ */
++bool event_njoin(const Anope::string &source, const std::vector<Anope::string> &params)
++{
++	Channel *c = findchan(params[0]);
++	commasepstream sep(params[1]);
++	Anope::string buf;
++
++	if (!c)
++	{
++		c = new Channel(params[0], Anope::CurTime);
++		c->SetFlag(CH_SYNCING);
++	}
++	
++	while (sep.GetToken(buf))
++	{
++		std::list<ChannelMode *> Status;
++		char ch;
++
++		/* Get prefixes from the nick */
++		while ((ch = ModeManager::GetStatusChar(buf[0])))
++		{
++			buf.erase(buf.begin());
++			ChannelMode *cm = ModeManager::FindChannelModeByChar(ch);
++			if (!cm)
++			{
++				Log() << "Received unknown mode prefix " << ch << " in NJOIN string.";
++				continue;
++			}
++			Status.push_back(cm);
++		}
++		User *u = finduser(buf);
++		if (!u)
++		{
++			Log(LOG_DEBUG) << "NJOIN for nonexistant user " << buf << " on " << c->name;
++			continue;
++		}
++
++		EventReturn MOD_RESULT;
++		FOREACH_RESULT(I_OnPreJoinChannel, OnPreJoinChannel(u, c));
++
++		/* Add the user to the Channel */
++		c->JoinUser(u);
++
++		/* Update their status internally on the channel
++		 * This will enforce secureops etc on the user
++		 */
++		for (std::list<ChannelMode *>::iterator it = Status.begin(), it_end = Status.end(); it != it_end; ++it)
++			c->SetModeInternal(*it, buf);
++		/* Now set whatever modes this user is allowed to have on the channel */
++		chan_set_correct_modes(u, c, 1);
++
++		/* Check to see if modules want the user to join, if they do
++		 * check to see if they are allowed to join (CheckKick will kick/ban them)
++		 * Don't trigger OnJoinChannel event then as the user will be destroyed
++		 */
++		if (MOD_RESULT != EVENT_STOP && c->ci && c->ci->CheckKick(u))
++			continue;
++
++		FOREACH_MOD(I_OnJoinChannel, OnJoinChannel(u, c));
++	} /* while */
++
++	if (c->HasFlag(CH_SYNCING))
++	{
++		c->UnsetFlag(CH_SYNCING);
++		c->Sync();
++	}
++
++	return true;
++}
++
++bool event_kick(const Anope::string &source, const std::vector<Anope::string> &params)
++{
++	if (params.size() > 2)
++		do_kick(source, params[0], params[1], params[2]);
++	return true;
++}
++
++bool event_pass(const Anope::string &source, const std::vector<Anope::string> &params)
++{
++	return true;
++}
++
++bool event_005(const Anope::string &source, const std::vector<Anope::string> &params)
++{
++	size_t pos;
++	Anope::string name, data;
++	for (unsigned i = 0, end = params.size(); i < end; ++i)
++	{
++		pos = params[i].find('=');
++		if (pos != Anope::string::npos)
++		{
++			name = params[i].substr(0, pos);
++			data = params[i].substr(pos+1, params[i].length());
++			if (name == "NICKLEN")
++			{
++				unsigned newlen = convertTo<unsigned>(data);
++				if (Config->NickLen != newlen)
++				{
++					Log() << "Config->NickLen changed from " << Config->NickLen << " to " << newlen;
++					Config->NickLen = newlen;
++				}
++			}
++		}
++	}
++	return true;
++}
++
++bool event_442(const Anope::string &source, const std::vector<Anope::string> &params)
++{
++	return true;
++}
++
++bool event_376(const Anope::string &source, const std::vector<Anope::string> &params)
++{
++	return true;
++}
++
++
++class ProtongIRCd : public Module
++{
++	Message message_kick, message_pass, message_njoin, message_chaninfo, message_005, 
++		message_442, message_376;
++	
++	ngIRCdProto ircd_proto;
++	ngIRCdIRCdMessage ircd_message;
++
++	void AddModes()
++	{
++		/* Add user modes */
++		ModeManager::AddUserMode(new UserMode(UMODE_ADMIN, 'a'));
++		ModeManager::AddUserMode(new UserMode(UMODE_INVIS, 'i'));
++		ModeManager::AddUserMode(new UserMode(UMODE_OPER, 'o'));
++		ModeManager::AddUserMode(new UserMode(UMODE_RESTRICTED, 'r'));
++		ModeManager::AddUserMode(new UserMode(UMODE_SNOMASK, 's'));
++		ModeManager::AddUserMode(new UserMode(UMODE_WALLOPS, 'w'));
++		ModeManager::AddUserMode(new UserMode(UMODE_CLOAK, 'x'));
++
++		/* b/e/I */
++		ModeManager::AddChannelMode(new ChannelModeBan(CMODE_BAN, 'b'));
++		ModeManager::AddChannelMode(new ChannelModeList(CMODE_INVITEOVERRIDE, 'I'));
++
++		/* v/h/o/a/q */
++		ModeManager::AddChannelMode(new ChannelModeStatus(CMODE_VOICE, 'v', '+'));
++		ModeManager::AddChannelMode(new ChannelModeStatus(CMODE_OP, 'o', '@'));
++
++		/* Add channel modes */
++		// channel modes: biIklmnoPstvz
++		ModeManager::AddChannelMode(new ChannelMode(CMODE_INVITE, 'i'));
++		ModeManager::AddChannelMode(new ChannelModeKey('k'));
++		ModeManager::AddChannelMode(new ChannelModeParam(CMODE_LIMIT, 'l'));
++		ModeManager::AddChannelMode(new ChannelMode(CMODE_MODERATED, 'm'));
++		ModeManager::AddChannelMode(new ChannelMode(CMODE_NOEXTERNAL, 'n'));
++		ModeManager::AddChannelMode(new ChannelMode(CMODE_PERM, 'P'));
++		ModeManager::AddChannelMode(new ChannelMode(CMODE_SECRET, 's'));
++		ModeManager::AddChannelMode(new ChannelMode(CMODE_TOPIC, 't'));
++		ModeManager::AddChannelMode(new ChannelMode(CMODE_SSL, 'z'));
++	}
++
++ public:
++	ProtongIRCd(const Anope::string &modname, const Anope::string &creator) : Module(modname, creator),
++		message_kick("KICK", event_kick), message_pass("PASS", event_pass),
++		message_njoin("NJOIN", event_njoin), message_chaninfo("CHANINFO", event_chaninfo),
++		message_005("005", event_005), message_442("442", event_442), message_376("376", event_376)
++	{
++		this->SetAuthor("Anope");
++		this->SetType(PROTOCOL);
++		
++		Capab.SetFlag(CAPAB_QS);
++
++		pmodule_ircd_var(myIrcd);
++		pmodule_ircd_proto(&this->ircd_proto);
++		pmodule_ircd_message(&this->ircd_message);
++
++		this->AddModes();
++	}
++};
++
++MODULE_INIT(ProtongIRCd)
+-- 
+1.7.2.5
+

contrib/Anope/0002-ngircd-whitespace-fixes.patch

@@ -0,0 +1,60 @@
+From 1ea1dd2095e63cef34edbebb729edc687f410a96 Mon Sep 17 00:00:00 2001
+From: Alexander Barton <alex@barton.de>
+Date: Mon, 16 May 2011 18:26:56 +0200
+Subject: [PATCH 2/2] ngircd: whitespace fixes
+
+---
+ modules/protocol/ngircd.cpp |   12 ++++++------
+ 1 files changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/modules/protocol/ngircd.cpp b/modules/protocol/ngircd.cpp
+index 6e1f21f..e546d05 100644
+--- a/modules/protocol/ngircd.cpp
++++ b/modules/protocol/ngircd.cpp
+@@ -266,11 +266,11 @@ bool event_chaninfo(const Anope::string &source, const std::vector<Anope::string
+ 		c = new Channel(params[0]);
+ 
+ 	Anope::string modes = params[1];
+-	
++
+ 	if (params.size() == 3)
+ 	{
+ 		c->ChangeTopicInternal(source, params[2], Anope::CurTime);
+-	} 
++	}
+ 	else if (params.size() == 5)
+ 	{
+ 		for (size_t i = 0, end = params[1].length(); i < end; ++i)
+@@ -307,7 +307,7 @@ bool event_njoin(const Anope::string &source, const std::vector<Anope::string> &
+ 		c = new Channel(params[0], Anope::CurTime);
+ 		c->SetFlag(CH_SYNCING);
+ 	}
+-	
++
+ 	while (sep.GetToken(buf))
+ 	{
+ 		std::list<ChannelMode *> Status;
+@@ -415,9 +415,9 @@ bool event_376(const Anope::string &source, const std::vector<Anope::string> &pa
+ 
+ class ProtongIRCd : public Module
+ {
+-	Message message_kick, message_pass, message_njoin, message_chaninfo, message_005, 
++	Message message_kick, message_pass, message_njoin, message_chaninfo, message_005,
+ 		message_442, message_376;
+-	
++
+ 	ngIRCdProto ircd_proto;
+ 	ngIRCdIRCdMessage ircd_message;
+ 
+@@ -461,7 +461,7 @@ class ProtongIRCd : public Module
+ 	{
+ 		this->SetAuthor("Anope");
+ 		this->SetType(PROTOCOL);
+-		
++
+ 		Capab.SetFlag(CAPAB_QS);
+ 
+ 		pmodule_ircd_var(myIrcd);
+-- 
+1.7.2.5
+

contrib/Anope/Makefile.am

@@ -0,0 +1,20 @@
+#
+# ngIRCd -- The Next Generation IRC Daemon
+# Copyright (c)2001-2011 Alexander Barton (alex@barton.de) and Contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+# Please read the file COPYING, README and AUTHORS for more information.
+#
+
+EXTRA_DIST = \
+	README \
+	0001-Revert-Removed-ngircd.patch \
+	0002-ngircd-whitespace-fixes.patch
+
+maintainer-clean-local:
+	rm -f Makefile Makefile.in
+
+# -eof-

contrib/Anope/README

@@ -0,0 +1,36 @@
+
+                     ngIRCd - Next Generation IRC Server
+                           http://ngircd.barton.de/
+
+               (c)2001-2011 Alexander Barton and Contributors.
+               ngIRCd is free software and published under the
+                   terms of the GNU General Public License.
+
+                          -- contrib/Anope/README --
+
+
+This directory contains two preliminary patches that (re-) add a ngIRCd
+protocol module to the Anope 1.9 development branch. It has been tested
+with Anope 1.9.4, there is no guarantee that it will work with other
+versions as Anope 1.9.x is under heavy development ...
+
+To build this Anope protocol module, you have to
+
+ - Download the Anope 1.9.x sources (tested with 1.9.4),
+ - Patch in the ngIRCd protocol module,
+ - Build and install Anope as usual,
+ - Configure Anope as usual, use "ngircd" as protocol module.
+
+So the command sequence can be something like this:
+
+ $ tar xzf anope-1.9.4-source.tar.gz
+ $ cd anope-1.9.4-source
+ $ patch -p1 < .../ngircd/contrib/Anope/0001-Revert-Removed-ngircd.patch
+ $ patch -p1 < .../ngircd/contrib/Anope/0002-ngircd-whitespace-fixes.patch
+ $ ./Config
+ $ cd build
+ $ make
+ $ make install
+
+Please have a look at the file doc/Services.txt for more information about
+how to set up ngIRCd and Anope.

contrib/Debian/changelog

@@ -1,3 +1,15 @@
+ngircd (18-0ab1) unstable; urgency=low
+
+  * New "upstream" release: ngIRCd 18.
+
+ -- Alexander Barton <alex@barton.de>  Sun, 10 Jul 2011 20:03:20 +0200
+
+ngircd (18~rc2-0ab1) unstable; urgency=low
+
+  * New "upstream" release candidate 2 for ngIRCd Release 18.
+
+ -- Alexander Barton <alex@barton.de>  Wed, 29 Jun 2011 10:20:51 +0200
+
 ngircd (18~rc1-0ab1) unstable; urgency=low
 
   * New "upstream" release candidate 1 for ngIRCd Release 18.

contrib/Makefile.am

@@ -1,6 +1,6 @@
 #
 # ngIRCd -- The Next Generation IRC Daemon
-# Copyright (c)2001-2009 Alexander Barton (alex@barton.de)
+# Copyright (c)2001-2011 Alexander Barton (alex@barton.de) and Contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@@ -9,7 +9,7 @@
 # Please read the file COPYING, README and AUTHORS for more information.
 #
 
-SUBDIRS = Debian MacOSX
+SUBDIRS = Anope Debian MacOSX
 
 EXTRA_DIST = README ngircd.spec systrace.policy ngindent ngircd-bsd.sh \
 	ngIRCd-Logo.gif ngircd-redhat.init platformtest.sh

contrib/README

@@ -1,15 +1,17 @@
 
                      ngIRCd - Next Generation IRC Server
+                           http://ngircd.barton.de/
 
-                        (c)2001-2009 Alexander Barton,
-                    alex@barton.de, http://www.barton.de/
-
+               (c)2001-2011 Alexander Barton and Contributors.
                ngIRCd is free software and published under the
                    terms of the GNU General Public License.
 
                             -- Contributions --
 
 
+Anope/
+ - A preliminary patch that adds a ngIRCd protocol module to Anope 1.9.
+
 Debian/
  - Various files for building Debian GNU/Linux packages (".deb's").
 

contrib/ngircd.spec

@@ -1,5 +1,5 @@
 %define name    ngircd
-%define version 18~rc1
+%define version 18
 %define release 1
 %define prefix  %{_prefix}
 

doc/Platforms.txt

@@ -1,9 +1,8 @@
 
                      ngIRCd - Next Generation IRC Server
+                           http://ngircd.barton.de/
 
-                        (c)2001-2010 Alexander Barton
-                    alex@barton.de, http://www.barton.de/
-
+               (c)2001-2011 Alexander Barton and Contributors.
                ngIRCd is free software and published under the
                    terms of the GNU General Public License.
 
@@ -32,21 +31,22 @@ hppa1.1/unknown/linux-gnu   gcc 3.3.3    0.8.0      04-05-30 alex   Y Y Y Y
 hppa2.0/unknown/linux-gnu   gcc 3.3.5    13~rc1     08-12-02 alex   Y Y Y Y
 hppa2.0w-hp-hpux11.11       gcc 4.2.3    14.1       09-07-22 goetz  Y Y Y Y
 i386/apple/darwin9.7.0      gcc 4.0.1    14.1       09-08-04 alex   Y Y Y Y (3)
-i386/apple/darwin10.4.0     gcc 4.2.1    17         10-11-07 alex   Y Y Y Y (3)
+i386/apple/darwin10.7.0     gcc 4.2.1    18         11-07-05 alex   Y Y Y Y (3)
+i386/apple/darwin11.0.0     gcc 4.2.1    18         11-07-02 alex   Y Y Y Y (3)
 i386/pc/solaris2.9          gcc 3.2.2    CVSHEAD    04-02-24 alex   Y Y Y Y
-i386/pc/solaris2.11         gcc 3.4.3    17         10-11-07 alex   Y Y N Y (4)
+i386/pc/solaris2.11         gcc 3.4.3    18         11-07-10 alex   Y Y N Y (4)
 i386/unknown/freebsd5.2.1   gcc 3.3.3    0.8.0      04-05-30 alex   Y Y Y Y
-i386/unknown/freebsd6.2     gcc 3.4.6    17         10-11-07 alex   Y Y Y Y (3)
-i386/unknown/freebsd7.3     gcc 4.2.1    17         10-11-07 alex   Y Y Y Y (3)
-i686/unknown/gnu0.3         gcc 4.4.5    17         10-11-07 alex   Y Y Y Y
+i386/unknown/freebsd6.2     gcc 3.4.6    18         11-07-10 alex   Y Y Y Y (3)
+i386/unknown/freebsd7.3     gcc 4.2.1    18         11-07-1ß alex   Y Y Y Y (3)
+i686/unknown/gnu0.3         gcc 4.4.5    18         11-07-10 alex   Y Y Y Y
 i686/unkn./kfreebsd7.2-gnu  gcc 4.3.4    15         09-12-02 alex   Y Y Y Y (3)
-i386/unknown/netbsdelf1.6.1 gcc 2.95.3   CVSHEAD    04-02-24 alex   Y Y Y Y
+i386/unknown/netbsdelf1.6.2 gcc 2.95.3   18         11-07-10 goetz  Y Y Y Y
 i386/unknown/netbsdelf3.0.1 gcc 3.3.3    0.10.0-p1  06-08-30 alex   Y Y Y Y (3)
-i386/unknown/netbsdelf4.0   gcc 4.1.2    17         10-11-07 alex   Y Y Y Y (3)
-i386/unknown/netbsdelf5.0.2 gcc 4.1.3    17         10-11-07 alex   Y Y Y Y (3)
+i386/unknown/netbsdelf4.0   gcc 4.1.2    18         11-07-10 alex   Y Y Y Y (3)
+i386/unknown/netbsdelf5.0.2 gcc 4.1.3    18         11-07-10 alex   Y Y Y Y (3)
 i386/unknown/openbsd3.9     gcc 3.3.5    0.10.0-p1  06-08-30 alex   Y Y Y Y (3)
 i386/unknown/openbsd4.1     gcc 3.3.5    16         10-04-11 alex   Y Y Y Y (3)
-i586/pc/interix3.5          gcc 3.3      15         10-01-22 alex   Y Y N Y
+i586/pc/interix3.5          gcc 3.3      18         11-07-10 alex   Y Y N Y
 i686/pc/cygwin              gcc 3.3.1    0.8.0      04-05-30 alex   Y Y N Y
 i686/pc/linux-gnu           gcc 2.95.4   0.8.0      04-05-30 alex   Y Y Y Y (1)
 i686/pc/linux-gnu           gcc 3.3.5    14.1       09-08-04 alex   Y Y Y Y (1)
@@ -54,20 +54,22 @@ i386/pc/linux-gnu           gcc 4.1.2    13~rc1     08-12-05 alex   Y Y Y Y (1)
 i686/pc/linux-gnu           gcc 4.3.2    14.1       09-08-04 alex   Y Y Y Y (1)
 m68k/apple/aux3.0.1         gcc 2.7.2    17         10-11-07 alex   Y Y N Y
 m68k/apple/aux3.0.1         Orig. A/UX   17         10-11-07 alex   Y Y N Y (2)
-m68k/apple/aux3.1.1         Orig. A/UX   0.7.x-CVS  03-04-22 alex   Y Y Y Y (2)
+m68k/apple/aux3.1.1         gcc 2.7.2    18         11-07-02 alex   Y Y N Y
+m68k/apple/aux3.1.1         Orig. A/UX   18         11-07-02 alex   Y Y N Y (2)
 m68k/hp/hp-ux9.10           Orig. HPUX   0.7.x-CVS  03-04-30 goetz  Y Y Y Y
 m88k/dg/dgux5.4R3.10        gcc 2.5.8    CVSHEAD    04-03-15 alex   Y Y ? ?
+mipsel/unknown/linux-gnu    gcc 4.1.2    18         11-07-05 goetz  Y Y N Y (1)
 powerpc/apple/darwin6.5     gcc 3.1      0.7.x-CVS  03-04-23 alex   Y Y Y Y
 powerpc/apple/darwin7.9.0   gcc 3.3      CVSHEAD    06-05-07 fw     Y Y Y Y (3)
-powerpc/apple/darwin8.1.0   gcc 4.0      0.9.x-CVS  05-06-27 alex   Y Y Y Y
+powerpc/apple/darwin8.11.0  gcc 4.0.1    18         11-07-02 goetz  Y Y Y Y (3)
 powerpc/unknown/linux-gnu   gcc 3.3.3    0.8.0      04-05-30 alex   Y Y Y Y
 powerpc/unknown/openbsd3.6  gcc 2.95.3   0.10.0     06-10-08 alex   Y Y N Y
 sparc/sun/solaris2.6        gcc 2.95.3   0.7.x-CVS  03-04-22 alex   Y Y Y Y
 sparc/sun/solaris2.7        gcc 3.3      0.8.0      04-05-30 alex   Y Y Y Y
 sparc/unkn./netbsdelf1.6.1  gcc 2.95.3   0.8.0      04-05-30 alex   Y Y Y Y
-x86_64/unknown/freebsd8.1   gcc 4.2.1    17         10-11-07 alex   Y Y Y Y (3)
-x86_64/unknown/linux-gnu    gcc 4.3.2    17         10-11-07 alex   Y Y Y Y (1)
-x86_64/unknown/openbsd4.7   gcc 3.3.5    17         10-11-07 alex   Y Y Y Y (3)
+x86_64/unknown/freebsd8.1   gcc 4.2.1    18         11-07-10 alex   Y Y Y Y (3)
+x86_64/unknown/linux-gnu    gcc 4.4.5    18         11-07-02 alex   Y Y Y Y (1)
+x86_64/unknown/openbsd4.7   gcc 3.3.5    18         11-07-10 alex   Y Y Y Y (3)
 
 
 Notes

doc/SSL.txt

@@ -34,7 +34,7 @@ possible to handle unencrypted and encrypted connections on the same port!
 This is a limitation of the IRC protocol ...
 
 You have to set (at least) the following configuration variables in the
-[GLOBAL] section of ngircd.conf(5): SSLPorts, SSLKeyFile, and SSLCertFile.
+[SSL] section of ngircd.conf(5): Ports, KeyFile, and CertFile.
 
 Now IRC clients are able to connect using SSL on the configured port(s).
 (Using port 6697 for encrypted connections is common.)

doc/Services.txt

@@ -1,9 +1,8 @@
 
                      ngIRCd - Next Generation IRC Server
+                           http://ngircd.barton.de/
 
-                        (c)2001-2008 Alexander Barton,
-                    alex@barton.de, http://www.barton.de/
-
+               (c)2001-2011 Alexander Barton and Contributors.
                ngIRCd is free software and published under the
                    terms of the GNU General Public License.
 
@@ -14,9 +13,11 @@ At the moment, ngIRCd doesn't implement a "special IRC services interface".
 But services acting as a "regular server" are supported, either using the IRC
 protocol defined in RFC 1459 or RFC 2812.
 
-Services have been tested using "IRC Services" version 5.x by Andrew Church,
-homepage: <http://www.ircservices.za.net/>. This document describes setting up
-ngIRCd and these services.
+Support for Services has been tested using "IRC Services" version 5.x by
+Andrew Church (<http://achurch.org/services/>), and a Anope 1.9 using a
+preliminary protocol module for ngIRCd (<http://www.anope.org/>).
+
+This document describes setting up ngIRCd and these services.
 
 
 Setting up ngIRCd
@@ -36,6 +37,31 @@ Example:
      ServiceMask = *Serv
 
 
+Setting up Anope 1.9.x
+~~~~~~~~~~~~~~~~~~~~~~
+
+Anope 1.9.4 (and above) can be used with ngIRCd using a preliminary "ngircd"
+protocol module contained in our contrib/Anope/ directory. Please see the
+file contrib/Anope/README for installation instructions!
+
+After patching and installing Anope, at least the following configuration
+variables have to be adjusted in data/services.conf, in addition to all the
+settings marked as required:
+
+  uplink
+  {
+	host = "server.irc.net"
+	port = 6667
+	password = "123abc"
+  }
+
+  serverinfo
+  {
+	name = "services.irc.net"
+	type = "ngircd"
+  }
+
+
 Setting up IRC Services 5.1.x
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
@@ -66,5 +92,6 @@ In modules.conf:
 The documentation of IRC Services can be found here:
 <http://www.ircservices.za.net/docs/>
 
+
 Please let us know if you are successfully using other IRC service packages or
 which problems you encounter, thanks!

doc/sample-ngircd.conf.tmpl

@@ -57,7 +57,7 @@
 	# This tells ngIRCd to write its current process ID to a file.
 	# Note that the pidfile is written AFTER chroot and switching the
 	# user ID, e.g. the directory the pidfile resides in must be
-	# writeable by the ngIRCd user and exist in the chroot directory.
+	# writable by the ngIRCd user and exist in the chroot directory.
 	;PidFile = /var/run/ngircd/ngircd.pid
 
 	# Ports on which the server should listen. There may be more than
@@ -110,7 +110,7 @@
 
 [Options]
 	# Optional features and configuration options to further tweak the
-	# behavior of ngIRCd. If you wan't to get started quickly, you most
+	# behavior of ngIRCd. If you want to get started quickly, you most
 	# probably don't have to make changes here -- they are all optional.
 
 	# Are remote IRC operators allowed to control this server, e.g.
@@ -170,7 +170,7 @@
 	# "PONG" reply.
 	;RequireAuthPing = no
 
-	# Silently drop all incomming CTCP requests.
+	# Silently drop all incoming CTCP requests.
 	;ScrubCTCP = no
 
 	# Syslog "facility" to which ngIRCd should send log messages.

man/ngircd.8.tmpl

@@ -1,7 +1,7 @@
 .\"
 .\" ngircd(8) manual page template
 .\"
-.TH ngircd 8 "Dec 2010" ngircd "ngIRCd Manual"
+.TH ngircd 8 "Jul 2011" ngircd "ngIRCd Manual"
 .SH NAME
 ngIRCd \- the next generation IRC daemon
 .SH SYNOPSIS
@@ -26,7 +26,7 @@ there are good chances that it also supports other UNIX-based operating
 systems as well. By default, ngIRCd writes diagnostic and informational messages using
 the syslog mechanism.
 .SH OPTIONS
-The default behaviour of
+The default behavior of
 .BR ngircd
 is to read its standard configuration file (see below), to detach from the
 controlling terminal and to wait for clients.
@@ -68,7 +68,7 @@ Default "message of the day" (MOTD).
 The daemon understands the following signals:
 .TP
 \fBTERM\fR
-Shut down all conections and terminate the daemon.
+Shut down all connections and terminate the daemon.
 .TP
 \fBHUP\fR
 Shut down all listening sockets, re-read the configuration file and
@@ -76,6 +76,31 @@ re-initialize the daemon.
 .SH HINTS
 It's wise to use "ngircd \-\-configtest" to validate the configuration file
 after changing it.
+.SH DEBUGGING
+When ngIRCd is compiled with debug code, that is, its source code has
+been ./configure'd with "--enable-debug" and/or "--enable-sniffer" (witch
+enables debug mode automatically as well), you can use two more command
+line options and two more signals to debug problems with the daemon itself
+or IRC clients:
+.PP
+\fBOptions:\fR
+.TP
+\fB\-d\fR, \fB\-\-debug\fR
+Enable debug mode and log extra messages.
+.TP
+\fB\-s\fR, \fB\-\-sniffer\fR
+Enable IRC protocol sniffer, which logs all sent and received IRC commands to
+the console/syslog. This option requires that ngIRCd has been ./configure'd
+with "--enable-sniffer" and enables debug mode automatically, too.
+.PP
+\fBSignals:\fR
+.TP
+\fBUSR1\fR
+Toggle debug mode on and off during runtime.
+.TP
+\fBUSR2\fR
+Dump internal server state to the console/syslog when debug mode is on (use
+command line option \-\-debug or signal USR1).
 .SH AUTHORS
 Alexander Barton, <alex@barton.de>
 .br

man/ngircd.conf.5.tmpl

@@ -128,7 +128,7 @@ if ngIRCd is using PAM!
 \fBPidFile\fR (string)
 This tells ngIRCd to write its current process ID to a file. Note that the
 pidfile is written AFTER chroot and switching the user ID, e.g. the directory
-the pidfile resides in must be writeable by the ngIRCd user and exist in the
+the pidfile resides in must be writable by the ngIRCd user and exist in the
 chroot directory (if configured, see above).
 .TP
 \fBPorts\fR (list of numbers)
@@ -192,7 +192,7 @@ If a client fails to answer a PING with a PONG within <PongTimeout>
 seconds, it will be disconnected by the server. Default: 20.
 .SH [OPTIONS]
 Optional features and configuration options to further tweak the behavior of
-ngIRCd. If you wan't to get started quickly, you most probably don't have to
+ngIRCd. If you want to get started quickly, you most probably don't have to
 make changes here -- they are all optional.
 .TP
 \fBAllowRemoteOper\fR (boolean)
@@ -291,7 +291,7 @@ Default: no.
 If set to true, ngIRCd will silently drop all CTCP requests sent to it from
 both clients and servers. It will also not forward CTCP requests to any
 other servers. CTCP requests can be used to query user clients about which
-software they are using and which versions said softare is. CTCP can also be
+software they are using and which versions said software is. CTCP can also be
 used to reveal clients IP numbers. ACTION CTCP requests are not blocked,
 this means that /me commands will not be dropped, but please note that
 blocking CTCP will disable file sharing between users!
@@ -314,10 +314,10 @@ All SSL-related configuration variables are located in the
 section. Please note that this whole section is only recognized by ngIRCd
 when it is compiled with support for SSL using OpenSSL or GnuTLS!
 .TP
-\fBSSLCertFile\fR (string)
+\fBCertFile\fR (string)
 SSL Certificate file of the private server key.
 .TP
-\fBSSLDHFile\fR (string)
+\fBDHFile\fR (string)
 Name of the Diffie-Hellman Parameter file. Can be created with GnuTLS
 "certtool \-\-generate-dh-params" or "openssl dhparam". If this file is not
 present, it will be generated on startup when ngIRCd was compiled with GnuTLS
@@ -325,14 +325,14 @@ support (this may take some time). If ngIRCd was compiled with OpenSSL, then
 (Ephemeral)-Diffie-Hellman Key Exchanges and several Cipher Suites will not be
 available.
 .TP
-\fBSSLKeyFile\fR (string)
+\fBKeyFile\fR (string)
 Filename of SSL Server Key to be used for SSL connections. This is required
 for SSL/TLS support.
 .TP
-\fBSSLKeyFilePassword\fR (string)
+\fBKeyFilePassword\fR (string)
 OpenSSL only: Password to decrypt the private key file.
 .TP
-\fBSSLPorts\fR (list of numbers)
+\fBPorts\fR (list of numbers)
 Same as \fBPorts\fR , except that ngIRCd will expect incoming connections
 to be SSL/TLS encrypted. Common port numbers for SSL-encrypted IRC are 6669
 and 6697. Default: none.

src/ngircd/client.c

@@ -1192,6 +1192,10 @@ Client_RegisterWhowas( CLIENT *Client )
 
 	assert( Client != NULL );
 
+	/* Don't register WHOWAS information when "MorePrivacy" is enabled. */
+	if (Conf_MorePrivacy)
+		return;
+
 	now = time(NULL);
 	/* Don't register clients that were connected less than 30 seconds. */
 	if( now - Client->starttime < 30 )

src/ngircd/conn-ssl.c

@@ -52,9 +52,10 @@ static bool ConnSSL_LoadServerKey_openssl PARAMS(( SSL_CTX *c ));
 #include <gnutls/x509.h>
 
 #define DH_BITS 2048
+#define DH_BITS_MIN 1024
+
 static gnutls_certificate_credentials_t x509_cred;
 static gnutls_dh_params_t dh_params;
-
 static bool ConnSSL_LoadServerKey_gnutls PARAMS(( void ));
 #endif
 
@@ -426,7 +427,7 @@ ConnSSL_Init_SSL(CONNECTION *c)
 		ConnSSL_Free(c);
 		return false;
 	}
-	gnutls_dh_set_prime_bits(c->ssl_state.gnutls_session, DH_BITS);
+	gnutls_dh_set_prime_bits(c->ssl_state.gnutls_session, DH_BITS_MIN);
 #endif
 	Conn_OPTION_ADD(c, CONN_SSL);
 	return true;