Towards INN 2.5.2
Julien ÉLIE
julien at trigofacile.com
Sat Jan 23 12:30:04 UTC 2010
Hi,
I believe it is time to prepare a release of INN 2.5.2; we have already
accumulated a *lot* of changes since INN 2.5.1.
If anyone has pending patches for INN 2.5.2, please send them.
I expect a release in March (with candidate(s) in February).
Here is the current changelog. Feel free to comment it (typos, wording,
questions?)
Changes in 2.5.2
* Julien Elie has implemented in innd the new version of the NNTP
protocol described in RFC 3977, RFC 4643 and RFC 4644. Consequently,
innd now recognizes the CAPABILITIES command. Notwithstanding these
standards, three commands (IHAVE, CHECK and TAKETHIS) will continue,
for interoperability reasons, to return a reject code (respectively
435, 438 and 439) when the command contains a syntax error (which
normally leads to 501). Besides, the mandatory username for
authenticated peers will only be enforced by INN 2.6.0.
Major improvements are:
* innd now has a decent parser for NNTP commands. It permits to have
a far better grammar parser (commands like "IHAVE<mid>", without a
space between the command and its argument, are no longer valid) and
to allow leading and trailing whitespaces in commands. Besides,
innd checks the length of the NNTP command sent by the client: if
the command contains more than 512 bytes (or 497 bytes for an
argument), an error is returned and the command is discarded. Note
that after ten unrecognized commands, innd closes the connection
with the appropriate code (400 instead of 500).
* The output of the HELP command specifies the arguments expected by
NNTP commands, the same way as nnrpd does.
* LIST ACTIVE, LIST ACTIVE.TIMES and LIST NEWSGROUPS recognize an
optional argument: a wildmat can now be specified to restrict the
results of these commands to specific newsgroups.
* When using HEAD or STAT with an article number or a range, 412 (no
group selected) is now returned instead of 501 (syntax error).
* Jeffrey M. Vinocur has implemented in both innd and nnrpd support for
whitespaces in usernames/passwords provided with AUTHINFO USER/PASS.
They were previously considered as invalid arguments, or wrongly
parsed. innd and nnrpd now treat everything after the first
whitespace character following AUTHINFO USER/PASS, up to, but not
including, the final CRLF, as the username/password, in conformity
with RFC 4643.
* The syntax of message-IDs is now based on RFC 5536 (USEFOR) instead of
RFC 1036. The major change is that quoted-pairs have been removed
from the syntax.
* Case-insensitive matches are now used for distributions, path
identities, IMAP commands, header names, and control commands.
(Newsgroups are still matched case-sensitively.) Message-IDs are
case-sensitively matched, except for history hashes.
* The new Archive:, Archive-At:, Comments:, and Summary: header fields
defined in RFC 5064 and RFC 5536 can be used in innd filters. nnrpd
now checks at injection time that an article does not contain an
Injection-Info: header, that an Injection-Date: header (if provided)
is valid, and that the Path: header does not contain ".POSTED". Note
that the generation of these two injection fields and the update of
the Path: field for locally posted articles will only be for the next
major release of INN.
* LIST SUBSCRIPTIONS recognizes an optional argument: a wildmat can now
be specified to restrict the results of this command to specific
newsgroups.
* A new LIST variant named COUNTS is supported by nnrpd: LIST COUNTS is
a combination of LIST ACTIVE and GROUP. It returns the same result as
LIST ACTIVE except that the number of articles in a newsgroup is
inserted before its status.
* A new check has been added to newsfeeds entries: "Aj", when present,
adds the capability to feed articles accepted and filed in "junk" (due
to *wanttrash*) to peers based on their newsfeeds feed patterns
applied to the Newsgroups: header as though the article were accepted
and all those groups were locally carried. This is useful if you want
to run INN with a minimal active file and propagate all posts. Thanks
to Andrew Gierth for the patch.
* A new parameter has been added to inn.conf: *logtrash* defines
whether a line for articles posted to groups not locally carried by
the news server should be added in the news log file to report
unwanted newsgroups. The default is true but it can be useful to set
it to false (especially when *wanttrash* is also used).
* A new feature has been added to sm. When the -c flag is used, it
shows a clear, decoded form of the storage API token. This was
previously done by the contrib showtoken script developed by Olaf Titz
and Marco d'Itri.
* The O flag in newsfeeds now relies on the contents of the
Injection-Info: header (or X-Trace: header if there is no
Injection-Info: header) to determine the origin of an article.
* A new "unsigned long" type bas been added to the configuration parser.
It will properly warn the news administrator when a variable supposed
to be positive contains a negative integer. It will prevent INN from
crashing at several places where it did not expect negative values.
* innxbatch and innxmit now recognize the new 403 code introduced by
RFC 3977 for a problem preventing the action from being taken.
* HDR and OVER commands now return the right 423 code (instead of 420)
when the current article number is used but the article no longer
exists.
* actsync, inews, innxbatch, innxmit, nntpget and rnews can now
authenticate on news servers which only expect a username, without
password, in conformity with RFC 4643.
* The keyword generation code now generates a Keywords: header only if
the original article does not already have one. The generated
Keywords: header no longer begins with a comma. Moreover, if keyword
generation is set to true in inn.conf but the Keywords: header is not
stored in the overview, the news administrator is warned and keyword
generation deactivated because it would be run for nothing.
* Fixed two segfaults in keyword generation. The first occurred when an
article already had a Keywords: header the length of which is greater
than the *keylimit* parameter. The second was caused by a possible
invalid pointer beyond the newly allocated Keywords: header.
* Fixed a bug in the parsing of empty lines: innd was not properly
discarding an empty command, and it was closing the connection upon
receiving only whitespaces in a command.
* Fixed a bug in how innd responded to reader commands when readers were
not allowed. A superfluous blank line was sent in its response.
* Fixed a bug in TAKETHIS: when authentication was required, a 480 code
was directly answered without treating the whole multi-data block
following the command from the client, which broke the NNTP protocol.
* Fixed a bug when empty articles were fed to innd via IHAVE or
TAKETHIS: the article terminator was not recognized. Therefore,
subsequent NNTP commands were eaten inside the article.
* Fixed a bug when innd could not provide information for LIST
ACTIVE.TIMES and LIST NEWSGROUPS: it was giving an invalid result,
without any response code. The proper 503 answer code is now
returned.
* When an unauthenticated user tried to post an article, nnrpd replied
440 (posting not allowed) instead of the right 480 (authentication
required) when the user might be able to post after authentication.
Thanks to Daniel Weber for the bug report.
* Fixed a bug in both innd and nnrpd answers to LIST commands which did
not check for a valid dot-stuffed output.
* Fixed a bug to control-only feeds: junked non-control articles were
being fed down control-only feeds. Besides, poisoned control groups
were not properly handled. Thanks to Andrew Gierth for the patch.
* Fixed a bug in innreport which was not correctly summing innd stats
when *hostname* was set as an IPv6 address instead of a fully
qualified domain name. Thanks to Petr Novopashenniy for the bug
report.
* Fixed a bug in nnrpd Perl filter: a header field whose name begins
with the name of a standardized header field was not properly taken
into account.
* Fixed a bug on how innd was parsing Message-ID: and Supersedes:
headers which contained trailing whitespaces. The article ended up
corrupted because of an unexpected "\r" in the middle of the header.
Besides, nnrpd now checks the syntax of the Message-ID: header, if
present.
* Fixed a bug in how leading whitespaces were treated in headers. The
HDR, XHDR and XPAT commands were not properly showing leading
whitespaces in header values. Besides, "\n" and "\r" were both
changed into spaces whereas "\r\n" just was to be removed. As for
archive, makehistory and tdx-util, they did not keep leading
whitespaces in headers when generating overview data, and archive did
not change "\n" (when not preceded by "\r") into a space when
generating overview data.
* Fixed a bug in the generation of overview data which may corrupt
previously generated overview data when a malicious pseudo Xref:
header field is injected in an extra overview field.
* Fixed a bug in the parsing of the *ovgrouppat* wildmat in inn.conf
that prevented overview data from being generated when poisoned groups
were specified but a latter sub-pattern made the group wanted. A
uwildmat expression is now correctly handled, and a potential segfault
has been fixed. Thanks to D. Stussy for the bug report.
* Fixed a bug when HDR, XHDR and XPAT were used when *virtualhost* was
set to true in readers.conf. The Xref: header of articles posted to
only one newsgroup appeared empty.
* Fixed a bug in tdx-util which was not properly parsing empty overview
fields when called with -A or -F.
* Fixed a bug in cvtbatch which was returning only the size of the
headers of an article when the "b" parameter was used with the -w
flag. It now correctly returns the size of the whole article, which
is what "b" is supposed to do. Besides, cvtbatch has a new "t"
parameter which can be used with the -w flag, so as to retrieve the
arrival time of an article.
* batcher has not supported the retrieval of an article with its file
name for a long time. The -S flag is therefore removed.
* news.daily no longer sends superfluous mails when the nomail keyword
is given. Mail is only sent when there is real output. Previously,
there would always be headings and empty lines useful to structure the
full report, which are now ommitted. Also, the output of programs
executed with postexec is now included in the regular mail. Thanks to
Florian Schlichting for the patch.
* innconfval no longer maps NULL string or list values to an empty
string or list. These values should really be undefined. In
particular, it fixes an issue reported by Kamil Jonca about nnrpd
inserting an empty Organization: header when the *organization*
parameter in inn.conf was unset.
* Other minor bug fixes and documentation improvements.
--
Julien ÉLIE
« La moitié des hommes politiques sont des bons à rien.
Les autres sont prêts à tout. » (Coluche)
More information about the inn-workers
mailing list