feat: client-side TLS for encrypted client connections
Accept TLS-encrypted connections from IRC clients. Auto-generates a self-signed EC P-256 listener certificate (bouncer.pem) when no custom cert is provided. Remove CTCP response items from roadmap (stealth by design -- router already suppresses all CTCP except ACTION). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
user
30
ROADMAP.md
30
ROADMAP.md
@@ -1,6 +1,6 @@
|
||||
# Roadmap
|
||||
|
||||
## v0.1.0 (current)
|
||||
## v0.1.0 (done)
|
||||
|
||||
- [x] IRC protocol parser/formatter
|
||||
- [x] TOML configuration
|
||||
@@ -11,28 +11,38 @@
|
||||
- [x] Backlog replay on reconnect
|
||||
- [x] Automatic reconnection with exponential backoff
|
||||
- [x] Nick collision handling
|
||||
- [x] TLS support
|
||||
- [x] TLS support (server-side)
|
||||
- [x] Stealth connect (random markov-generated identity)
|
||||
- [x] Probation window (K-line detection before revealing nick)
|
||||
- [x] Verified end-to-end on Libera.Chat via SOCKS5
|
||||
- [x] Multi-network namespace multiplexing (`/network` suffixes)
|
||||
|
||||
## v0.2.0
|
||||
## v0.2.0 (done)
|
||||
|
||||
- [ ] Client-side TLS (accept TLS from clients)
|
||||
- [ ] SASL authentication to IRC servers
|
||||
- [ ] CTCP VERSION/PING response
|
||||
- [ ] Channel key support (JOIN #channel key)
|
||||
- [ ] Configurable probation duration
|
||||
- [ ] Configurable backlog timestamp format
|
||||
- [x] NickServ auto-registration + email verification
|
||||
- [x] SASL PLAIN authentication
|
||||
- [x] SASL EXTERNAL (CertFP) authentication
|
||||
- [x] Client certificate generation + management
|
||||
- [x] hCaptcha auto-solving (NoCaptchaAI)
|
||||
- [x] Configurable operational constants (probation, backoff, etc.)
|
||||
- [x] PING watchdog (stale connection detection)
|
||||
- [x] IRCv3 server-time capability
|
||||
- [x] Push notifications (ntfy/webhook)
|
||||
- [x] Background account farming (ephemeral connections)
|
||||
- [x] 25+ bouncer control commands
|
||||
|
||||
## v0.3.0
|
||||
|
||||
- [x] Client-side TLS (accept TLS from clients)
|
||||
- [ ] Channel key support (JOIN #channel key)
|
||||
- [ ] Hot config reload (SIGHUP)
|
||||
- [ ] Systemd service file
|
||||
|
||||
## v0.4.0
|
||||
|
||||
- [ ] Per-client backlog tracking (multi-user)
|
||||
- [ ] Web status page
|
||||
- [ ] DCC passthrough
|
||||
- [ ] Containerfile for podman deployment
|
||||
|
||||
## v1.0.0
|
||||
|
||||
|
||||
Reference in New Issue
Block a user