Call for INN 2.5.2 testing (new NNTP RFC 3977)

Julien ÉLIE julien at trigofacile.com
Sun Nov 15 19:41:52 UTC 2009


Hi,

Starting from inn-STABLE-20091116.tar.gz (which will be generated this Monday),
innd implements RFC 3977.

We have a new parser for NNTP commands, a syntax checker and
a change of syntax for message-IDs (compliant to RFC 5536, USEFOR).

I haven't had any issue for two weeks with that implementation.
But I do not have a full feed nor I am peering with lots of different servers.


Could someone test INN STABLE (or CURRENT) in a more realistic environment?
(full feed, lots of peers)

We have to make sure NNTP commands and message-IDs are not incorrectly rejected.


It is easy to verify since such errors are logged into news.notice.
Thus, "grep bad_command news.notice" and "grep bad_messageid news.notice"
will give errors we should investigate.
"zgrep bad_command news.notice*" in the OLD directory is also useful!

Samples (made by me):

  Nov 15 20:21:38 news innd: localhost:32 bad_command ihave
  Nov 15 20:21:43 news innd: localhost:32 bad_messageid <"te..st at test>
  Nov 15 20:21:57 news innd: localhost:32 bad_command check<test>



Thanks beforehand for your help on testing this future INN version.


For those interested in the changes since 2.5.1, here they are:


Changes in 2.5.2

    Please note that owing to the implementation of RFC 4643 (AUTHINFO
    USER/PASS) in innd, if remote peers have to authenticate in order to
    feed articles, they now have to send a username (which was previously
    wrongly optional), before sending their password.  The mandatory
    username, though unused by innd, can be whatever the remote peer wishes.
    In previous versions of INN, inncheck was already complaining when
    passwd.nntp contained an empty username associated with a password.

    * Julien Elie has implemented in innd the new version of the NNTP
      protocol described in RFC 3977, RFC 4643 and RFC 4644.  Consequently,
      innd now recognizes the CAPABILITIES command.  Notwithstanding these
      standards, three commands (IHAVE, CHECK and TAKETHIS) will continue,
      for interoperability reasons, to return a reject code (respectively
      435, 438 and 439) when the command contains a syntax error (which
      normally leads to 501).

      Major improvements are:

      * innd now has a decent parser for NNTP commands.  It permits to have
        a far better grammar parser (commands like "IHAVE<mid>", without a
        space between the command and its argument, are no longer valid) and
        to allow leading and trailing whitespaces in commands.  Besides,
        innd checks the length of the NNTP command sent by the client:  if
        the command contains more than 512 bytes (or 497 bytes for an
        argument), an error is returned and the command is discarded.  Note
        that after ten unrecognized commands, innd closes the connection
        with the appropriate code (400 instead of 500).

      * The output of the HELP command specifies the arguments expected by
        NNTP commands, the same way as nnrpd does.

      * LIST ACTIVE, LIST ACTIVE.TIMES and LIST NEWSGROUPS recognize an
        optional argument:  a wildmat can now be specified to restrict the
        results of these commands to specific newsgroups.

      * When using HEAD or STAT with an article number or a range, 412 (no
        group selected) is now returned instead of 501 (syntax error).

    * Jeffrey M. Vinocur has implemented in both innd and nnrpd support for
      whitespaces in usernames/passwords provided with AUTHINFO USER/PASS.
      They were previously considered as invalid arguments, or wrongly
      parsed.  innd and nnrpd now treat everything after the first
      whitespace character following AUTHINFO USER/PASS, up to, but not
      including, the final CRLF, as the username/password, in conformity
      with RFC 4643.

    * The syntax of message-IDs is now based on RFC 5536 (USEFOR) instead of
      RFC 1036.  The major change is that quoted-pairs have been removed
      from the syntax.

    * A new "unsigned long" type bas been added to the configuration parser.
      It will properly warn the news administrator when a variable supposed
      to be positive contains a negative integer.  It will prevent INN from
      crashing at several places where it did not expect negative values.

    * innxbatch and innxmit now recognize the new 403 code introduced by
      RFC 3977 for a problem preventing the action from being taken.

    * actsync, inews, innxbatch, innxmit, nntpget and rnews can now
      authenticate on news servers which only expect a username, without
      password, in conformity with RFC 4643.

    * The keyword generation code now generates a Keywords: header only if
      the original article does not already have one.  The generated
      Keywords: header no longer begins with a comma.  Moreover, if keyword
      generation is set to true in inn.conf but the Keywords: header is not
      stored in the overview, the news administrator is warned and keyword
      generation deactivated because it would be run for nothing.

    * Fixed two segfaults in keyword generation.  The first occurred when an
      article already had a Keywords: header the length of which is greater
      than the *keylimit* parameter.  The second was caused by a possible
      invalid pointer beyond the newly allocated Keywords: header.

    * Fixed a bug in the parsing of empty lines:  innd was not properly
      discarding an empty command, and it was closing the connection upon
      receiving only whitespaces in a command.

    * Fixed a bug in how innd responded to reader commands when readers were
      not allowed.  A superfluous blank line was sent in its response.

    * Fixed a bug in TAKETHIS:  when authentication was required, a 480 code
      was directly answered without treating the whole multi-data block
      following the command from the client, which broke the NNTP protocol.

    * Fixed a bug when empty articles were fed to innd via IHAVE or
      TAKETHIS: the article terminator was not recognized.  Therefore,
      subsequent NNTP commands were eaten inside the article.

    * Fixed a bug when innd could not provide information for LIST
      ACTIVE.TIMES and LIST NEWSGROUPS:  it was giving an invalid result,
      without any response code.  The proper 503 answer code is now
      returned.

    * Fixed a bug in both innd and nnrpd answers to LIST commands which did
      not check for a valid dot-stuffed output.

    * Fixed a bug in innreport which was not correctly summing innd stats
      when *hostname* was set as an IPv6 address instead of a fully
      qualified domain name.  Thanks to Petr Novopashenniy for the bug
      report.

    * Fixed a bug on the parsing of Message-ID: and Supersedes: headers
      which contained trailing whitespaces.  The article ended up corrupted
      because of an unexpected "\r" in the middle of the header.

    * Fixed a bug in how leading whitespaces were treated in headers.  The
      HDR, XHDR and XPAT commands were not properly showing leading
      whitespaces in header values.  Besides, "\n" and "\r" were both
      changed into spaces whereas "\r\n" just was to be removed.  As for
      archive, makehistory and tdx-util, they did not keep leading
      whitespaces in headers when generating overview data, and archive did
      not change "\n" (when not preceded by "\r") into a space when
      generating overview data.

    * Fixed a bug in cvtbatch which was returning only the size of the
      headers of an article when the "b" parameter was used with the -w
      flag.  It now correctly returns the size of the whole article, which
      is what "b" is supposed to do.  Besides, cvtbatch has a new "t"
      parameter which can be used with the -w flag, so as to retrieve the
      arrival time of an article.

    * batcher has not supported the retrieval of an article with its file
      name for a long time.  The -S flag is therefore removed.

    * news.daily no longer sends superfluous mails when the nomail keyword
      is given.  Mail is only sent when there is real output.  Previously,
      there would always be headings and empty lines useful to structure the
      full report, which are now ommitted.  Also, the output of programs
      executed with postexec is now included in the regular mail.  Thanks to
      Florian Schlichting for the patch.

    * Other minor bug fixes and documentation improvements.

-- 
Julien ÉLIE

« -- Cet homme qui est sorti du palais, nous renseignera peut-être
  sur la façon d'y entrer. Suivons-le.
  -- Mais... Il sait sortir d'accord, mais rien ne prouve qu'il
  sache entrer, et... » (Astérix) 




More information about the inn-workers mailing list