From bcf484016b17354c21e664901394bfc8dc79ea53 Mon Sep 17 00:00:00 2001
From: Sadie Powell <sadie@witchery.services>
Date: Sun, 23 Oct 2022 15:01:35 +0100
Subject: [PATCH 1/4] Only store the topic in the permchannels database if one
 is set.

---
 src/modules/m_permchannels.cpp | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/src/modules/m_permchannels.cpp b/src/modules/m_permchannels.cpp
index bec10de0b..fdfbfecc4 100644
--- a/src/modules/m_permchannels.cpp
+++ b/src/modules/m_permchannels.cpp
@@ -142,11 +142,15 @@ static bool WriteDatabase(PermChannel& permchanmode, Module* mod, bool save_list
 		}
 
 		stream << "<permchannels channel=\"" << ServerConfig::Escape(chan->name)
-			<< "\" ts=\"" << chan->age
-			<< "\" topic=\"" << ServerConfig::Escape(chan->topic)
-			<< "\" topicts=\"" << chan->topicset
-			<< "\" topicsetby=\"" << ServerConfig::Escape(chan->setby)
-			<< "\" modes=\"" << ServerConfig::Escape(chanmodes)
+			<< "\" ts=\"" << chan->age;
+		if (!chan->topic.empty())
+		{
+			// Only store the topic if one is set.
+			stream << "\" topic=\"" << ServerConfig::Escape(chan->topic)
+				<< "\" topicts=\"" << chan->topicset
+				<< "\" topicsetby=\"" << ServerConfig::Escape(chan->setby);
+		}
+		stream << "\" modes=\"" << ServerConfig::Escape(chanmodes)
 			<< "\">" << std::endl;
 	}
 

From 56aabd8b6ce3ba8361cacec70ac498f3ee59d40f Mon Sep 17 00:00:00 2001
From: Sadie Powell <sadie@witchery.services>
Date: Mon, 24 Oct 2022 20:12:00 +0100
Subject: [PATCH 2/4] Allow using sts over a proxied hook like HAProxy.

Closes #1911.
---
 src/modules/m_ircv3_sts.cpp | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/modules/m_ircv3_sts.cpp b/src/modules/m_ircv3_sts.cpp
index 801d87082..f7f03d7fa 100644
--- a/src/modules/m_ircv3_sts.cpp
+++ b/src/modules/m_ircv3_sts.cpp
@@ -28,6 +28,7 @@ class STSCap : public Cap::Capability
 	std::string host;
 	std::string plaintextpolicy;
 	std::string securepolicy;
+	mutable UserCertificateAPI sslapi;
 
 	bool OnList(LocalUser* user) CXX11_OVERRIDE
 	{
@@ -64,12 +65,19 @@ class STSCap : public Cap::Capability
 
 	const std::string* GetValue(LocalUser* user) const CXX11_OVERRIDE
 	{
-		return SSLIOHook::IsSSL(&user->eh) ? &securepolicy : &plaintextpolicy;
+		if (SSLIOHook::IsSSL(&user->eh))
+			return &securepolicy; // Normal SSL connection.
+
+		if (sslapi && sslapi->GetCertificate(user))
+			return &securepolicy; // Proxied SSL connection.
+
+		return &plaintextpolicy; // Plain text connection.
 	}
 
  public:
 	STSCap(Module* mod)
 		: Cap::Capability(mod, "sts")
+		, sslapi(mod)
 	{
 		DisableAutoRegister();
 	}
@@ -136,6 +144,10 @@ class ModuleIRCv3STS : public Module
 		{
 			ListenSocket* ls = *iter;
 
+			// Is this listener marked as providing SSL over HAProxy?
+			if (!ls->bind_tag->getString("hook").empty() && ls->bind_tag->getBool("sslhook"))
+				return true;
+
 			// Is this listener on the right port?
 			unsigned int saport = ls->bind_sa.port();
 			if (saport != port)

From 9b3ce29cc61f98fb52742f7aa6f7b206703f51e2 Mon Sep 17 00:00:00 2001
From: Sadie Powell <sadie@witchery.services>
Date: Sat, 29 Oct 2022 16:22:10 +0100
Subject: [PATCH 3/4] Fix the documentation of <options:defaultmodes>.

---
 docs/conf/inspircd.conf.example | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/conf/inspircd.conf.example b/docs/conf/inspircd.conf.example
index 096da68d9..177e5c4ed 100644
--- a/docs/conf/inspircd.conf.example
+++ b/docs/conf/inspircd.conf.example
@@ -652,8 +652,8 @@
          # 'splitmsg' - the same as split but also send a message explaining the split.
          splitwhois="no"
 
-         # defaultmodes: What modes are set on a empty channel when a user
-         # joins it and it is unregistered.
+         # defaultmodes: What modes are set on a new channel when a user creates it. Any
+         # prefix modes will be set on the creating user.
          defaultmodes="not"
 
          # xlinemessage: This is the text that is sent to a user when they are

From 121668a0b9c919d0a2aa0ad9b4e584300db5da1a Mon Sep 17 00:00:00 2001
From: Sadie Powell <sadie@witchery.services>
Date: Sat, 22 Oct 2022 15:42:58 +0100
Subject: [PATCH 4/4] Add a workaround for a conflict between libmysqlclient
 and pcre.

[skip alpine ci]
[skip macos ci]
[skip ubuntu ci]
---
 win/conanfile.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/win/conanfile.txt b/win/conanfile.txt
index 0bbd70891..60c952fe6 100644
--- a/win/conanfile.txt
+++ b/win/conanfile.txt
@@ -14,6 +14,7 @@ libpq/14.5
 pcre/8.45
 re2/20220601
 sqlite3/3.39.4
+zlib/1.2.13 # force override to fix a conflict between libmysqlclient and pcre2
 
 [options]
 argon2:shared=True