DC++ 0.861

The first new DC++ release in more than a year, version 0.861, brings plenty of enhancements and security updates. The following are the list of key fixes and improvements over version 0.851:

  • Just like as in the previous major release, version 0.850, there are new functions that has been requested by the users through the bug tracker. Such features are an option for autostart DC++ when Windows starts, quick-check hubs with encrypted connections in Search frame, search capability in the Notepad window, hub connectivity status icon in the public hub list and a text encoding setting for favorite NMDC hubs.
  • We’ve improved Windows 10 compatibility by fixing a visual bug in the chat and updating the UPnP mapper. The latter may fix reported issues with automatic connectivity setup under Windows 10.
  • Added an icon toolbar to the Download queue to make the control of the downloads and priorities easier.
  • Fixed security issues related to OpenSSL and also problems with keyprint validation and secure transfers.
  • As like any program that displays clickable links from outside sources should do, now DC++ also introduces a whitelist of URIs that it allows to be directly opened without an user prompt. It means that a confirmation dialog will appear before the actual opening of any type of links that’s not whitelisted. This prevents accidental launching of any 3rd party software that is registered to certain URIs in the system and might be used to exploit existing vulnerabilities or execute arbitrary code. The URI whitelist is freely configurable in the settings dialog. We’d like to thank Kacper Rybczynski for pointing out this issue and for working with us to help protect DC++ users.
  • There’s a new structure for manual connectivity settings and lots of new options available to fine tune IPv6 connectivity. The automatic connectivity setup now enables IPv6 connectivity if the bound network interface is assigned with a public v6 IP address. Note that all parts of the IPv6 connectivity is in an early beta stage and prone to failures and that v6 connections are only supported to ADC hubs and between ADC hub users.
  • With version 0.860, DC++ has ended Windows XP support and requires Windows Vista as a minimum Windows version to run. This has enabled a lot of cleaning in the code which also results performance improvements.
  • Version 0.861 introduces more significant performance improvements by being compiled with the latest MinGW technology as well as by requiring SSE2 CPU support. The latter brings extra preformance boost to 32-bit builds of DC++ in several areas, notably in the speed of hashing, download queue matching and respond to searches. This also means that DC++ requires Intel Pentium 4 / AMD Athlon64 or newer processors from now.

The list of complete changes with links to the discussions in the bug tracker are available here. Due to the nature of fixes an immediate upgrade from earlier versions of DC++ is highly recommended.

DC++ 0.851

A new security & stability update of DC++ has been released today.

There are no user visible new features this time; besides the latest OpenSSL security fixes and hardening secure connection further by disallowing weak ciphersuites this DC++ version largely focuses on mitigating malicious situations where DC++ can be used for distributed denial of service (DDoS) attacks when beeing logged in to certain malevolent NMDC hubs.

Please note that most, if not all previous DC++ versions are affected of this problem therefore this release is highly recommended for everyone still using any older DC++ versions. Once all maintained NMDC hub software implements the mitigation for this problem it is highly probable that many existing hubs will require this DC++ release as the minimum version to use.

If no critical issues found, DC++ 0.851 should be marked as the new stable DC++ release within a short period of time.

For the complete list of changes in version 0.851, please explore the changelog.

DC++ 0.850

The first new DC++ release in the last nine months, version 0.850 fixes and hardens security related functions further notably to avoid all popular TLS exploits emerged since last April.

This release also contains stability and performance updates of various 3rd party libraries and improvements of the latest version of the compiler.

For complete list of fixes and upgraded libraries, please explore the changelog items and the linked bug discussions.

DC++ 0.842

The first stable release of the 0.840 series of DC++ is out. Besides a few SSL encryption related and stability fixes this version largely focuses on implementing various features asked for or recommended by the user community through our feature tracker.

The changelog shows all the implemented new features and fixes.

DC++ 0.842 also provides protection against the infamous “Heartbleed” OpenSSL vulnerability. This security hole has existed in DC++ since version 0.799.

There’s a high chance of version 0.842 is the last mainstream DC++ release that supports Windows XP.  Due to the still large userbase of the already unsupported operating system, security and major stability fixes are possible for a few more months using a separate branch targeting XP only. The update reminder system is modified so in case of any forthcoming version targeting Vista and later being released, XP users won’t see the notification dialog anymore.

From that time on people running Windows XP will see the update nag dialog only if there’s an update targeting their old OS. However, starting with version 0.840 every XP user gets a special reminder at startup about the EOS of DC++ in their operating system.

Due to the nice new features and security fixes the upgrade is highly recommended.

DC++ 0.831

A new bug fixing service release of DC++ has been released today fixing the following problems introduced with version 0.830:

  • One of the bugs, marked as critical, prevents DC++ to respond to TTH searches on NMDC hubs.
  • A problem with too small protocol command size limits can cause problems for hubs sending large user commands.
  • The newly introduced direct encrypted private message channels are getting disconnected after some idle time.

All the fixed problems exist in version 0.830 only thus older versions are not affected. For users running DC++ 0.830 the upgrade is highly recommended.

DC++ 0.830

Today we marked the first version of  the 0.83x series of DC++ as stable. The new release brings plenty of stability updates as well as introduces a new ADC feature to improve privacy.

The privacy improvement is actually an implementation of an ADC protocol extension called CCPM. Basically, it allows two peers to initate an SSL encrypted direct connection channel for sending and receiving private messages.

Until now, all private messages in the DC network has been gone through a hub where both users were logged in. While this method is great for controlling unwanted messages (spamming) it also makes possible for the hub owner to spy on any private communications.

Enter CCPM, a feature that still needs a hub to initiate the direct encrypted connection but the hub is needed only for the start. After the direct channel has been estabilished the messages go directly between the peers in an encrypted way. The channel initiation requires the two users to be logged on a secure ADC hub (ADCS).

The whole discussion of the protocol features and CCPM implementation can be found here (the implementation details with screenshots starts in this position of the thread). The built-in help of DC++ also describes the feature in the Private message window page and the availabe controlling options in the Certificates’ settings page (once updated, links will be added to  the web version of the DC++ help, too).

The list of other fixes in version 0.830 speak for themselves yet again this time, explore the changelog items and the linked bug discussions in them for more information.

DC++ 0.828

A new stability update of DC++ is released today. Above the fixed stability issues, DC++ 0.828 also comes with a few minor feature updates. No detailed discussion of the changes this time; you can browse the changelog for the list of all improvements and fixed issues as they speak for themselves.

Upgrade is recommended for users of any earlier versions.

DC++ 0.825

A new security & stability update of DC++ is released today. There are no new features this time; the update fixes a couple of severe security vulnerabilities discovered since the release of  version 0.822. The following problems were fixed:

  • The client can crash in case of multiple partial file list uploads, requested at the same time or shortly one after the other. This problem hits the previous two releases (versions 0.820 & 0.822).
  • The originator of some type of ADC protocol messages aren’t correctly verified. This allows a malicious client to block outgoing connections of other users logged into an ADC hub by sending commands to be accepted from the hub only. This problem exists in all earlier versions of DC++ and the solution needs fixes in various ADC hubsoftware as well. More detailed description of this vulnerability can be found in the original bug report.

Due to the nature of these bugs an immediate upgrade is recommended.

DC++ 0.822

We’re happy to announce the availability of the first stable version of  the 0.82x series of DC++. The new release brings three significant improvements thus marks an important day in the history of DC++.

Native 64-bit support

As various MinGW forks that used to compile DC++ and target 64-bit are already stable enough, version 0.820 was the first DC++ that ships with native exectutables for 64 bit Windows operating systems. We provide two different portable versions for both of the architectures; on the other hand the installer package that most people use contains both the 32 and 64-bit builds and by default it automatically chooses the right binaries to install, depending on the used architecture. There’s an option though to override the default behavior and install the 32-bit version of the program on 64-bit systems.

Improved plugin interface and features

The first bits of the DC plugin API shed the light in DC++ version 0.800.  Since then the API has become matured and stable enough for wider usage.

Along with several fixes and improvements, plugins now possible to load/unload on the fly. DC++ also received new GUI controls for the most frequently used plugin functions. The new commands are available form File menu and also from the toolbar in form of a dropdown menu.

DC plugins also introduce a nice new packaging format (with .dcext file extension) that can contain several plugin binaries for different OSes and architectures as well as any additional files the creator of the plugin whishes to distribute with the plugins – all in a single compressed file.

Along with the new release of the newest plugin API in DC++ 0.822, the first DC Plugin Repository is also launched.  At the time of writing it already contains several nice new plugins made by the DC++ team to start with. We hope we’ll be able to expand the repository soon with 3rd party made plugins as well.  For more information how to download, install and use the plugins in your DC client, please visit the repository site.

The updated Plugin SDK is still available for developers;  you can also find detailed information about the plugin packaging to be able to create and distribute your own plugins. The DC Plugin repository is open for 3rd party developers and we encourage you all to create plugins for DC clients. When you ready to distribute your plugin you can find howto and contact information right there in the repository.

Introduce of expandable list items

Many DC++ users missed the expandable merged search results for a long time. They’re really useful and known from other DC clients. Good news: they’re here. Search results with the same TTH are grouped from now, you can easily add all the sources with one click or expand the results row and pick the one(s) you wish.

Due to the possibility of expandable list items the Transfers view is also completly revamped and merged from now. There’s no need of the cluttered Downloads and Connections tab anymore; all the downloads and uploads occupy one item in the list of all transfers and if there’s multiple connections to any transfer then you can view the individual connections by expanding the transfer list item. This change makes the Transfers view as usable as it was in the older versions of DC++ while the display structure is nicely adopted to the modern segmented transfers.

Various additional improvements

  • User commands in the Transfers view context menu are back again
  • It’s possible to log off from a hub without actually closing its window using the new Disconnect command in the tab’s context menu
  • The entered search values are validated if you search by TTH from now;  only valid values will be sent and you get an error message on invalid values. This prevents unnecessary traffic to hubs as well as it comes handy when you want to send a textual search but you accidentally leave the TTH option selected (and get suprised as no results coming at all)
  • HTTP transfers (hublists, version information) are shown in the Transfers view. It is useful in case of slow hublist transfers or when you want to pinpoint issues with hublist servers.
  • Added support for region- or city-level GeoIP databases; you can use new formatting values to show more precise information about the user’s location in the Country coloumn of the users list and also in the Transfers view.

Note that version 0.820 is already released a week before 0.822, marked as “testing”. Due to some additional fixes and improvements on plugins handling the version number of the current stable release is bumped to 0.822. Upgrade is strongly recommended as usual.

DC++ 0.811

A new service release of DC++ is out and marked stable. Along with some small fixes the new version improves on a couple of more important areas.

We received reports that the obligatory share format converison at the first start of DC++ 0.810 may take more time than one would expect, especially in cases when  large number of files shared or had been shared before. During the first startup conversion DC++ 0.810 may look unresponsive; worse is that when the anxious user clicks to the taskbar preview or the DC++ startup logo during the conversion period, it results an immediate “Not responding” message shown by Windows. People might get confused with this so the fix comes with DC++ 0.811 and you will never get those messages again. Also there’s a new graphical progress indicator under the DC++ splash logo so from now users are somewhat better informed about what’s happening at the startup.

Note that the first (and only the first) startup can still take unusually long when you uprgade from version 0.802 or older. Some users with extra large shares reported even 15-20 minutes long startups and that really sounds long. But again, you have to keep in mind that it’s still a lot better option than a complete rehash of your entire share.

The other bigger change in version 0.811 is the switch of the used compiler package. We changed from MinGW to MinGW-w64 for now as some tests done with DC++ built using MinGW-w64 resulted better long time stability under extra heavy load.

Version 0.811 is a stable release and immediate upgrade is recommended.