v0.23.0

What's new?

✨ Features

• Full support for the TOC2 protocol, including documentation. Enables tons of new clients, including vAIM, Miranda ~v0.4.0.3, iEM 1.0.1 (BizTOCSock), BlueTOC, and more! @jgknight @mk6i

⚡ Enhancements

• Improved compatibility with Miranda. @siohaza
• Xtraz support and broader ICQ compatibility up to v6. @siohaza
• Implemented feedbag transactions, which prevent add/remove operations from briefly buddy "flashing" on other clients’ lists. @mk6i

🐛 Bug Fixes

• Eliminated zombie sessions caused by logging in the same account repeatedly in quick succession. @mk6i

🙏 Shout outs

• @jgknight for starting the TOC2 implementation, finding tons of bugs, and being a helpful sounding board.
• @siohaza for vastly improving ICQ support.

Changelog

• 1c3fe17 document toc 1/2 protocols
• 8076d10 add code signing server
• 263e87c replace instance with screenName in BroadcastBuddyDeparted
• 382c2d7 so far
• 0f72fcb boost test coverage on newOServiceUserInfoUpdate
• 34e7695 fix: register session cleanup before slot is visible (zombie session race)
• 0e111ce fix miranda login
• 4033cd5 ensure TOC can receive OOS System Msg
• 196b85d fix orphan connection created on pidgin signoff/signon
• 82e8793 fix double chat signon
• b19f05f log connection drops caused by login rate limiting
• 9c05c5c boot test coverage on RecvBOS
• 9f1d27a fix blank TOC commands sent to client when caps are empty
• 8c15f05 ensure toc session initialization mirrors oscar
• d964b84 fix deadlock that occurs when replacing a BOS session linked to a chat session
• c73509e toc2: add CHAT_IN_ENC response
• 46d7e87 mgmt API: fix feedbag group order on buddy add/delete, align tests
• 569e600 toc2: support comma-delimited short caps
• bac296e toc2: consolidate feedbag logic into new internal type
• faf86a2 update developer documentation
• 55af0f7 Merge pull request #174 from siohaza/webapi-test
• 40ca485 test: add basic tests for aim's webapi
• 5df28c1 complete TOC2 implementation
• f5d139c initial toc2 implementation
• 873deec Merge pull request #173 from siohaza/mra
• e5ffa0e fix: echo back requestid for MRA
• e78710f centralize account creation logic
• ba1aa83 Merge pull request #170 from siohaza/ratelimit
• bca2ef3 feat: implement seticqphone
• 4459e82 Merge pull request #169 from arefdsg/patch-2
• b1576a2 Fix typo
• 944198d Merge pull request #165 from siohaza/login-fix
• b2c2a29 ref: use html tokenizer and remove advertisedssl
• 7ae7f0c implement feedbag start/end transaction
• d0e080a Update README.md
• 0dbb1d6 Merge branch 'main' into login-fix
• 1c84b13 feat: commit various improvements to the icq

v0.22.0

What's new?

✨ Features

• Multi-connection: Users can simultaneously log in to multiple clients with the same screen name. @mk6i
• Feedbag Endpoint: New management API endpoint for adding and removing buddies to/from the buddy list. @mk6i

⚡ Enhancements

• Away messages can now be set in AIM 7.x. @mk6i
• Added support for Jimm ICQ clients. @siohaza
• Add screen names to TOC directory search results. @mk6i

🐛 Bug Fixes

• Fixed #128: Empty Kopete chat exchange selector. @siohaza
• Fixed chat messages from AIM clients appearing empty in Kopete. @mk6i
• Fixed regression that caused TOC profile requests to return blank results. @jgknight
• Fixed flaky online buddy arrival events after adding buddies to buddy list in AIM 4.8. @mk6i

🙏 Shout outs

• @jgknight for thoroughly testing this release!
• @siohaza for their first 3rd party client fix contributions.

Changelog

• 5ff32cc Update README.md
• 18ea0c0 Update README.md
• 1dd0a0b fix flaky unit tests
• 3216a06 limit max buddies to 30/group in feedbag endpoint
• e50938e validate screen names in feedbag endpoint
• e2f660b add screen name to TOC directory search output
• e29649d fix TOC profile lookup
• ea5c4e3 log debug message on ErrMaxConcurrentSessionsReached
• 57457e1 validate session state in SetUserInfoFields test
• 0b56038 don't reveal invisible user via buddy arrival notif
• 0b18d2d issue #64 - feedbag endpoint for adding/removing buddies
• 9ff8d86 Merge pull request #163 from siohaza/os-motd
• 04fa49e feat: add snac motd
• 0c486ab fix chat message encoding type sent via Kopete
• 0fdafd6 Merge pull request #161 from siohaza/kopete-fix
• cbbb101 fix: tlv order for kopete
• 937dda2 implement multisession support
• 4e90179 fix stunnel download location
• dd40eaf update .gitignore
• e0a5779 remove branding
• 0a8237b remove branding
• 733473d fix race condition in Chat DoubleLogin test

v0.21.0

What's new?

This release is the culmination of 6 months' work to implement support for AIM 6-7, which rounds out support for:

• Buddy Icons: AIM 6-7 clients can upload and retrieve buddy icons.
• Temporary Buddies: Starting an IM with someone not on your buddy list triggers proper sign-on and sign-off notifications.
• Server-side Profiles: Profiles are saved and retrieved directly to and from the server for select AIM 6 clients that support server-side profiles.
• Offline Messages: Sending and receiving offline messages is now functional. Recipients receive a notification from AOL System Msg upon sign-on that informs them that they have offline messages.

Changelog

• 91e6eb4 clarify default setting for offline message pref
• 418ebe3 rename OOS binary
• 42a19a6 exclude webapi from code coverage report
• 4718a3b upgrade go deps + gh actions
• 8c5b615 upgrade goreleaser
• 90cfba9 upgrade to mockery v3
• 9b95903 implement support for temp buddies
• 8db68f1 support offline messages in AIM 6/7
• fc49bc6 make buddy icon preview show upon upload on aim 6
• 6fe1f06 fix icon import docs
• b0e8b8a implement server-side profiles
• 1fd9199 make it easier to run OOS outside docker in SSL mode
• 6669138 we're now Open OSCAR Server
• a3250d8 Merge pull request #151 from mk6i/webapi
• 42e98c3 Add temporary buddy management to BuddyListHandler
• ec740f3 Refactor WebAPI handlers and update authentication methods

v0.20.0

What's new?

New Features

😊 Smiley Pack Support

You can now import and use classic AIM smiley packs for richer IM experiences. See the Import AIM Smiley Packs guide for setup instructions.

🚦 Dynamic Rate Limiting Based on Warning Level

User rate limiting level increases/decreases according to changes in warning level. Levels automatically recover by 10% every 5 minutes.

Changelog

• 2076981 Simplify import_bart.sh: remove jq dependency and directory processing
• d9f14a7 Apply buffer to rate limit levels to prevent AIM 4.8 instability
• 087b71a use integer data type to store lastwarntime
• 0b6306f preserve rate limits caused by warnings between sessions
• 2c18c8c Merge pull request #147 from ukozi/webapi
• 7ea2642 Merge upstream/main into webapi branch
• 8fd09b3 Implement WebAPI server for open-oscar-server
• 45d7365 filter chat TLVs for cross-client compatibility
• 5ae9c42 skip incomplete signon sessions in manager operations
• b0d84d4 make BART import script x-platform compatible
• 66df40c document importing smiley packs
• 4fcf330 enhance BART import script with type-specific bulk processing
• 631eb2b Fix example LAN IP
• 0f6751f add BART Download2 support and asset import script
• c360e5b can't warn bots
• e858b0c Replace ____ links with archive.org links (#144)
• 6d160f1 issue #41 - persist warning levels
• 01596f0 Update README.md
• 0e965c9 Update README.md
• 64ce16d implemented the delete functionality for public chats (#140)

v0.19.1

What's new?

This release addresses a few critical bugs discovered since the last release. 🐛

• Fixed crash: AIM 2.0 no longer crashes when signed off by another client.
• Fixed race condition: Bots using the /session API could send messages to sessions still in mid-signon, causing crashes. The API now excludes sessions until sign-on is complete.
• Fixed crash: macOS AIM 2.x no longer crashes when receiving a chat room message from Windows AIM 5.9.
• Memory fix: Resolved a goroutine leak in the message processor.

Changelog

• d3f6741 temp fix - exclude chat message tlvs that break macos client
• 07ed269 temp fix - exclude non-ready users from session endpoint
• b87afdc Revert "issue #41 - warning level decay + rate limit scaling"
• c8e18f1 fix DB_PATH in systemd config
• 189c3fd fix goroutine leak
• 497e00d issue #41 - warning level decay + rate limit scaling
• 39a1cda restore "starting server...." startup log
• dbf385c fix flap signoff tests and document methods
• 0b011cc fix tests
• 31abf47 fix Test_oscarServer_dispatchIncomingMessages_disconnect_new_client
• f7303df fix session signoff crash in pre-multi-conn AIM clients
• 1c730c8 log ssl advertised hosted on startup
• 8f28956 Better script compat (#138)

v0.19.0

What's new?

New Features

AIM 7.x Support

• RAS now supports all official OSCAR-based Windows AIM clients! This release adds support for remaining AIM 6.5+ and AIM 7.x clients.
• See client and server setup guides to get started.
• Buddy icon and offline messaging support coming in future releases.

Refactored OSCAR Server

• Multi-homed server support: You can now configure RAS to listen on multiple interfaces and/or ports. This simplifies setup for those who run a LAN server exposed to the Internet.
• Simplified server setup and configuration: Configure just one service port (default 5190) instead of 8 separate ports.
• Important: This release includes breaking configuration changes. Check out the new server configuration for details.

Changelog

• fb56d9f add AIM 7 to docs
• 903cd92 update docs
• 760fa3a web api scaffolding
• 0769e5d Web AIM Server API Documentation (#137)
• 73d0e1e gofmt
• 9cafd80 break out ssl listener into separate config
• 17f8149 issue #119 - fix sqlite "out of memory" error under systemd
• 1c8d863 validate toc & api listener config
• 276fe53 make listener parsing errors more useful
• da776e2 wip
• b03275d Persist database in the Docker container (#136)
• 2bddcd7 add request logging to keberos server
• 846c425 increase test coverage on session message handling
• 7d637bb send disconnect flap when server shuts down
• 94ed0e9 increase test coverage on password hashing funcs
• 7dc6b1f regen configs
• b9e56bd validate roasted kerberos auth passwords (aim 6.9+)
• 1ce5a00 so far
• 240e96a make docker env to use SSL for OSCAR
• d635fda make kerberos listener optional
• a40b2f3 kerberos: connect to BOS over SSL (unblocks AIM 6.9)
• d505572 retry TCP connection on test
• 836a206 bind to unprivileged ports for unit tests
• c94576a support multi-homed connections, consolidate svc ports

v0.18.0

What's new?

New Features

Kerberos + SSL Support

• Added support for AIM v6.2–v6.5.3.12, which uses Kerberos-style authentication over SSL.
• Includes tooling to generate certificates and configure SSL termination.
• Check out the Docker setup guide to set up an SSL-enabled instance of RAS.

Bot Support (#124)

• Accounts can now be flagged as bots.
• Bot accounts are excluded from rate limiting and expose their bot status via user info.
• The bot flag is managed via the management API.

Bug Fixes

• #112: AIM 2.0 no longer crashes when sending an OService no-op request.

Changelog

• f5793fd Revert "update docs to reference script"
• ef6c7fc fix small issues with docker setup sh
• 002865f adding in interactive Bash install script
• 812bdd0 setting these make portions to not require tty
• 97fa950 update docs to reference script
• 071c4aa dockerize + document SSL setup
• 2cfdade add docker internal host to stunnel runner
• 8a9b0ab clean up ValidateAIMHandle
• 15846bf fix username validation
• 589d58f issue #112 - add idle handlers to ODIR
• 6821618 exempt bots from rate limiting
• 5288c57 set bot flag on user info
• 1054427 issue #124: add is_bot user flag to mgmt api
• 6cfd7e3 implement kerberos auth

v0.17.0

What's new?

⚠️ Notice ⚠️

After upgrading RAS to v0.17.0, your AIM client may complain on first login with an error message You performed an action too many times in a short period. To fix this error, completely exit your AIM client and sign back on again. The error should no longer appear on subsequent signons.

New Features

Request Rate Limiting by SNAC Class

This release introduces authentic OSCAR request throttling. Clients that send too many messages in a short period are progressively:

1. Warned
2. Temporarily blocked from sending further messages
3. Disconnected if behavior continues

After being rate limited, clients must wait before resuming communication. This protects the server and other users from spammy or buggy client behavior.

Preliminary AIM 6.x Support

Open OSCAR Server now supports core functionality for AIM 6.0–6.1 clients. Features like offline messages and Kerberos auth are planned for a future release.

➡️ See the AIM 6 setup guide to get started.

Odds & Ends

• Add support for the STATS food group.
• The server only appends the "wants typing events" ICBM TLV if the client has typing events enabled.

Changelog

• 3df03e1 document AIM6 client setup
• b1a9e03 conditionally send "wants typing events" ICBM TLV
• a0d1757 refresh AIM 5.x setup documentation
• 20ba37e implement STATS foodgroup
• a421dca fix broken aim 6 signon flow
• 324f76f snac buster
• a10c7d6 fix context cancellation on shutdown
• b951334 upgrade dependencies
• 5c00023 implement SNAC class rate limiting
• ffa6e14 plumb context across all layers

v0.16.1

What's new?

This release includes a fix for login issues affecting the Java AIM client.

See the previous release notes for a list of new features and bug fixes introduced in RAS v0.16.x.

Changelog

• bcaa847 fix java AIM client login

v0.16.0

What's new?

New Features

TOC 1.0 Protocol Completion

• The TOC 1.0 implementation is now complete with the addition of these functions:
  • toc_get_status
  • toc_format_nickname
  • toc_change_passwd
  • toc_chat_whisper
  • toc_rvous_accept
  • toc_rvous_cancel

Chat Management Enhancements

• Implemented chat kick/ban API (thank you @jgknight 🎉).
• Added chat whisper functionality. This is an obscure OSCAR protocol feature that lets you DM chat room participants. TiK is the only official client that supports sending whisper messages.

New Client Support

Open OSCAR Server now supports these clients:

• BeAIM 1.6.3
• AIM 1.7.486 (Windows)
• AIM 1.1.19 (Java)
• BSFLite 0.85

File Transfer

• You can now send files over the Internet! See Setup Guide for more details.

Bug Fixes

• QIP 2005 directory search crash resolved.
• AIM 1.7.486 (Windows) no longer crashes on sign-on. (Issue #73)
• BSFLite error on sign-in (failed to unmarshal: EOF) resolved. (Issue #78)
• Tik 0.90 emoticons no longer include an unintended backslash. (Issue #88)
• Missing ras.service in Linux release tar archive. (Issue #109)
• TOC sessions now properly close on sign-off. (Issue #105)

Community Updates

• @ukozi has been hard at work on raspyman, a beautiful web frontend for the OOS admin API.

Changelog

• a7c55ec update README.md
• b8853ab Revert "issue #112 - add missing OServiceIdleNotification routes"
• f52cf28 issue #112 - add missing OServiceIdleNotification routes
• 2f10048 issue #109 - add systemd config to linux artifacts
• 792ec1c document rendezvous over internet setup
• 1bfc6d1 icbm: send TLV(0x0B) only on IM events
• d31d36f make java 1.1.19 client work
• e393cc8 fix blank IMs in BeAIM client
• a69f09f issue #78 - handle keep-alive messages during login sequence
• 1454027 Revert "replace ICQ Interests and Affiliations slices (#111)"
• 14cce1d issue #88 - unescape characters
• ddde769 replace ICQ Interests and Affiliations slices (#111)
• 0b74174 toc: don't trigger events from toc_set_config
• c8eb3b7 toc: cleanup argument parsing
• a566b57 api spec: fix wrong fields in category docs
• c3605e2 api spec: fix wrong fields in category docs
• 430e59d toc: implement rendez-vous commands
• c7f09b2 issue #105 - fix TOC shutdown
• 038b863 toc: implement toc_chat_whisper
• 14b79f8 toc: remove chat sessions on signoff
• 4fb49ed issue #104 - fix deadlock in chat sess mgr AddSession and RemoveSession
• 22fad59 Merge pull request #103 from ukozi/main
• fa1843c Update docker-compose.example.yaml
• bd5b42d Merge pull request #102 from josephcarmello/dockerfile-whitespace-and-sort
• 8b83a33 Merge branch 'main' into dockerfile-whitespace-and-sort
• 8bc6760 Merge pull request #101 from ukozi/dockerfile-fix-1
• f1cca7e Fix port sort and whitespace
• d9bcbf2 Update Dockerfile - Fixed Port Typo
• a6f9a6a toc: implement toc_get_status
• 27eb774 toc: implement toc_format_nickname
• 901bed3 toc: implement toc_change_passwd
• 947a85f Merge pull request #95 from darkain/FreeBSD
• 82725b5 Adding notes about FreeBSD
• b4a2945 Revert "make java aim client 1.1.19 work"
• e872db6 admin: add change password functionality
• bb70d80 Merge pull request #94 from jgknight/kick-ban-api
• f348bf7 Add kick/ban API
• a7596ee override for QIP 2005 TLV len bug
• 9702696 make java aim client 1.1.19 work