./news/inn, The public release of InterNet News (INN)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.5.5nb2, Package name: inn-2.5.5nb2, Maintainer: spz

This is the public release of InterNet News (INN). This work is
sponsored by the Internet Software Consortium.

InterNetNews is a complete Usenet system. The cornerstone of the
package is innd, an NNTP server that multiplexes all I/O. Newsreading
is handled by a separate server, nnrpd, that is spawned for each
client. Both innd and nnrpd have some slight variances from the
NNTP protocol.

You can set the environment variable INN_SPOOL to whatever you like
to change the default spool directory when building this pkg.


Required to run:
[graphics/p5-GD] [lang/perl5] [security/gnupg] [mail/p5-MIME-tools]

Required to build:
[pkgtools/cwrappers]

Package options: inet6, perl

Master sites:

SHA1: aef9be9d7e6089ef1c463a11f255e53ea1fed433
RMD160: fc16cc76cc95e64868a6cc2cce8a44cd1806afee
Filesize: 2363.126 KB

Version history: (Expand)


CVS history: (Expand)


   2017-01-19 19:52:30 by Alistair G. Crooks | Files touched by this commit (352)
Log message:
Convert all occurrences (353 by my count) of

	MASTER_SITES= 	site1 \
			site2

style continuation lines to be simple repeated

	MASTER_SITES+= site1
	MASTER_SITES+= site2

lines. As previewed on tech-pkg. With thanks to rillig for fixing pkglint
accordingly.
   2016-06-08 21:25:20 by Thomas Klausner | Files touched by this commit (2236) | Package updated
Log message:
Bump PKGREVISION for perl-5.24.
   2016-04-10 18:39:28 by Joerg Sonnenberger | Files touched by this commit (11)
Log message:
Adjust checks for _USE_DESTDIR != no or incorrect references to
USE_DESTDIR.
   2016-03-05 12:29:49 by Jonathan Perkin | Files touched by this commit (1813) | Package updated
Log message:
Bump PKGREVISION for security/openssl ABI bump.
   2015-11-03 00:49:48 by Alistair G. Crooks | Files touched by this commit (19)
Log message:
Add SHA512 digests for distfiles for news category

Existing SHA1 digests verified, all found to be the same on the
machine holding the existing distfiles (morden).  Existing SHA1
digests retained for now as an audit trail.
   2015-08-22 21:10:50 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
Update to 2.5.5, from Benedek Gergely on pkgsrc-users.

2015-05-23  iulius

	* innxmit: tidy up GetMessageID buffer handling In theory, if you
	  could get a message with an empty message-id header through
	  before anything else, it would call memcpy(NULL, p, 0) which
	  (surprisingly) has undefined behavior. This doesn't seem a very
	  likely contingency but I tidied up the code to avoid it and
	  (hopefully) be clearer anyway.

	  Thanks to Richard Kettlewell for the patch.

	* storage/cnfs/cnfs.c: don't read uninitialised cycbuffname

	  Thanks to Richard Kettlewell for the patch.

2015-05-17  iulius

	* Fixed alignment issues when storing values

2015-05-14  iulius

	* Add Richard Kettlewell as a contributor

	* Correct remap check in tradindexed lookup

	  The check was off by one; and when it happened, it invalidated
	  the 'parent' pointer, causing a use-after-munmap (or
	  use-after-free) condition.

	  Thanks to Richard Kettlewell for the bug report.

	* Correctly flush CNFS buffers when nfswriter is true in inn.conf

	* Correct remap check in tradindexed group lookup

	  Previously the remap check had an off-by-one bug and moreover
	  would never be done due to the loop condition (making the
	  off-by-one bug moot).

	  This one could be a problem in real life; if creating a group
	  causes innd to expand the index then an already-running nnrpd
	  will not automatically notice, and so won't be able to find the
	  group.

	  Thanks to Richard Kettlewell for the patch.

	* nnrpd/commands.c: paranoid checking of AUTHINFO GENERIC reply

	  Check the number of arguments returned by AUTHINFO GENERIC.

	  Thanks to Richard Kettlewell for the patch.

	* innfeed/connection.c: avoid violating C aliasing rules

	  The object was written as a 'struct sockaddr' but then read as a
	  'struct sockaddr_storage', which violates C99 s6.5#7. The fix is
	  to always access it as a 'struct sockaddr' and use a union to
	  ensure enough space for any possible address type.

	  Thanks to Richard Kettlewell for the patch.

	* nnrpd/commands.c: correct sense of PERMgeneric reply

	  The comment has always been wrong, as well as the return value
	  for ~15 years...

	  Thanks to Richard Kettlewell for the patch.

	* nnrpd/perm.c: don't dereference a null pointer if there are no
	  access groups

	  Thanks to Richard Kettlewell for the patch.

	* nnrpd/article.c: A wrong variable was used for vhost feature.

	  Since these are created by the local innd, the error should not
	  normally occur.

	  Thanks to Richard Kettlewell for the patch.

	* Verify that setuid() and setgid() actually succeed

	  See: https://lwn.net/Articles/451985/ for a discussion of the
	  issues in this area.

	  The checks in newuser.c are probably unnecessary due to the
	  subsequent tests. rnews.c is straight-up broken though.

	  Thanks to Richard Kettlewell for the patch.

2015-05-02  iulius

	* expire/fastrm.c: Fix a dereferencing issue

	* configure.ac: Build fix for current Mac OS X versions

	  The build was failing with recent versions of Mac OS X:

	  clang: error: no such file or directory:
	  '/usr/local/news/lib/libinn.3.dylib' make[1]: *** [libinn.la]
	  Error 1 make: *** [all-lib] Error 2

	  The reason is the '-multiply_defined'-part of the command line.
	  This switch is marked as obsolete in ld(1):

	  -multiply_defined treatment Previously provided a way to warn or
	  error if any of the sym- bols used from a dynamic library were
	  also available in another linked dynamic library. This option is
	  obsolete.

	  Thanks to Dennis Preiser for the report.

	* innfeed/imap_connection.c: fix support of Cyrus SASL 2.1.25 and
	  later

	  Fix how sasl_callback_ft, added with Cyrus SASL 2.1.25, was
	  handled by innfeed. See revision [9381] for more information.

	  Thanks to Dennis Preiser for the report.

	* innd/art.c: Fix a dereferencing issue when parsing
	  Injection-Info: header field

	  Thanks to David Binderman for the patch.

2015-05-01  iulius

	* Bump version number in FAQ for new INN 2.5.5 release

	  Also remove link to Elena Samsonova's web site that appears to be
	  defunct.

2015-04-23  iulius

	* mailpost: add new -t flag to specify the default temporary
	  directory

	  Check that the database directory and the temporary directory are
	  writable when mailpost is run, and otherwise die with an error.

	  Two paths are now tried by default for the temporary directory:
	  pathtmp, and then /var/tmp if pathtmp is not writable.

	* Fix GCC 5.1.0 warning for incompatible pointer type

	  Rename the "U" macro used by two tests to "SUC" (casting to
	  String of Unsigned Chars) because it otherwise conflicts with how
	  Unicode strings are declared in ISO C11, the new default mode for
	  the GCC 5 series.

2015-04-20  iulius

	* Update TODO with references to existing patches

2015-04-05  iulius

	* Mention required TLS ciphers for interoperability

	* Update TODO with current state of INN 2.6.0

2015-04-02  iulius

	* Update changelog to mention other changes for INN 2.5.5

	* Use Sys::Hostname Perl core module instead of calling
	  /bin/hostname

2015-03-24  iulius

	* Add two missing contrib programs in the exceptions of mkmanifest

	* Typo in POD formatting

	* Update copyright years (add 2015)

	* Update config.guess and config.sub to upstream versions from
	  2015-03-08

	* Update control.ctl to upstream version from 2014-06-17

2015-03-21  iulius

	* scanlogs: Limit the number of lines to show from error log files

	  When lots of lines are present in error log files, they appear in
	  the news.daily verbatim, and the resulting email is so large it
	  is bouncing.

	  Restrict the number of lines to 50 (the default value for unknown
	  lines from news.notice).

	  Thanks to Jeffrey M. Vinocur for the bug report.

	* nnrpd: Count write time stats when using SASL

	* Improve the count of sleeping channels

	  The highest file descriptor of sleeping channels was not always
	  properly updated. A new CHANresetlastsleeping() function now does
	  the job when called.

	  Also prevent innd from crashing if a channel is supposed to sleep
	  but does not have a Waker set.

	  Thanks to Petr Novopashenniy for the bug report.

	* readers.conf: improve the first example to disambiguate its
	  effect against loca l connections

2015-03-18  iulius

	* pullnews: when giving a port along with a server name, check
	  there is only one ":"

	  Otherwise, it is very likely that the given server name is an
	  IPv6 address, and therefore its end should not be interpreted as
	  a port.

2015-01-21  iulius

	* Fix the unsignedness of TMRgettime when printed

2015-01-10  eagle

	* http://www.imc.org/ietf-usefor/ appears to be gone

	  Replace this link in HACKING with a link to the usefor mailing
	  list archives and to my Usenet article format pages.

2015-01-10  iulius

	* Do not mention that TLS compression will be disabled in the next
	  INN release

	  As the CRIME attack is not exploitable in NNTP, disabling TLS
	  compression by default is pointless. No vulnerability in TLS
	  compression is currently known as far as NNTP is concerned.

	* Add a cast to fix a gcc warning

2015-01-07  iulius

	* Regenerate Makefile dependencies with gcc 4.7.2

	  Also adapt support/makedepend to keep the two leading spaces, as
	  in previous versions of gcc.

	  Backport commit [9566].

	* Cleanup in include stuff

	  - Add missing BEGIN_DECLS/END_DECLS, and also use them instead of
	  their expansion.

	  - Add missing inclusion of <inn/defines.h>.

2015-01-04  eagle

	* Remove dead link to nnrpkrb5auth

2014-12-16  iulius

	* nnrp.access2readers.conf: add default username when none is
	  specified

2014-12-14  iulius

	* Add new contrib/nnrp.access2readers.conf.in script

	  This script converts old-style nnrp.access to readers.conf.

	  Thanks to Jeffrey M. Vinocur for his contribution.

2014-12-07  iulius

	* Update Russ's mail address

	* Fix typos

2014-12-01  iulius

	* Add support for choosing the elliptic curve to use with TLS
	  support

	  The new tlseccurve parameter in inn.conf takes the name of a
	  curve OpenSSL knows about, to use for ephemeral key exchanges.

	  Thanks to Christian Mock for the patch.

2014-11-23  iulius

	* m4/sendmail.m4: add missing brackets

	  The configure script was failing when running that part of code.

2014-11-12  iulius

	* inn.conf: Improve documentation about tlsprotocols and
	  tlscompression

2014-11-11  iulius

	* Improve tuning of the SSL/TLS configuration

	  nnrpd's TLS support is basically using OpenSSL's defaults WRT
	  issues such as protocol support and cipher suites. In these days
	  of POODLEs and other vulnerabilities, it should be useful to be
	  able to have better control over what's offered. So this patch
	  adds a few options to inn.conf:

	  - tlsprotocols: allows to select the SSL/TLS versions that are
	  supported

	  - tlsciphers: allows to give an OpenSSL cipher string to tailor
	  the cipher suites that are offered to clients

	  - tlspreferserverciphers: switches on the server-side selection
	  of the cipher suite (TLS default is "client chooses")

	  - tlscompression: allows to turn off TLS compression (because of
	  the CRIME attack) if the OpenSSL version supports this.

	  Many thanks to Christian Mock for his patch.

2014-11-09  iulius

	* Mention PyClean as a Python-based variant of Cleanfeed.

2014-10-28  iulius

	* Update default paths for Debian and Fedora

	* Fix a dependency in a build rule

2014-10-03  iulius

	* innwatch: report an error when the control file is missing

2014-09-24  iulius

	* rc.news: no longer explicitly sleep before starting innwatch and
	  cnfsstat

	  Instead, make these two scripts sleep by themselves.

	  Also update documentation: improve the list of actions done by
	  rc.news, and no longer mentions that innd should be throttled
	  before being stopped (this is not true - the shutdown process
	  already does the actions throttling does).

	* innwatch: add -i flag to specify how many seconds to sleep at
	  startup

	  - Also fix previous commit [9651] that did not totally fix the
	  issue it was supposed to fix.

	  - Fix the behaviour of the -f flag (it wasn't doing anything).

	  - Fix how the -l flag was parsed (a space was required between -l
	  and its argument, whils it should not have been required).

	  - Add new POD documentation for innwatch, and update it at the
	  same time: document new -i flag, and document already existing -f
	  flag.

	* cnfsstat: add -i flag to specify how many seconds to sleep at
	  startup

	  Update documentation, and homogenize POD syntax at the same time.

2014-09-24  eagle

	* Re-add second $(LIBSTORAGE) when linking backends

	  Backend commands (such as nntpget) linked with both history and
	  storage libraries list $(LIBSTORAGE) in the link line twice. This
	  isn't a mistake; there are some unfortunate circular dependencies
	  that require listing $(LIBSTORAGE) both before and after
	  $(LIBINNHIST) in the link line or static linking will fail.

2014-09-22  iulius

	* Fix build issues on AIX 7.1

	  mmap is redefined to mmap64 when large file support is enabled.

2014-09-21  iulius

	* Fixed a warning and an unnecessary sys/stropts.h header

	* Typos

	* Fix build of contrib/respool.c

	  Remove an unused variable.

	  Add a link to libhistory.

	* Fix build of contrib/reset-cnfs.c

	  Add correct include header files.

	  Use the right DO_LARGEFILES variable instead of LARGE_FILES.

	  Reformat the code (remove tabulations).

	  Properly exit with the right status code.

	* Fix a few warnings, and update svn:ignore for contrib

	* Fix build of contrib/expirectl.c

	  Add correct include header files, and fix a few warnings in
	  printf() calls.

	  Add portability code for statfs/statvfs support.

	* Add compilation rules for contrib/auth_pass.c and
	  contrib/expirectl.c

	  Use the right socklen_t type, and add crypt.h header if
	  available.

	* FAQ: add how to feed articles arrived between two dates to
	  another server

2014-09-11  iulius

	* innupgrade: fix its execution

	  On a few systems like AIX, innupgrade failed to run during an
	  upgrade because "perl -T" was not explicitly called. Failure was:
	  "-T" is on the #! line, it must also be used on the command line

	  Thanks to The Doctor for his bug report.

2014-09-07  iulius

	* Add missing dependency for libtest.o during the build of
	  nnrpd/auth-ext.t

2014-09-05  iulius

	* Fix typos in INN_HAVE_SYS_BITYPES_H and
	  INN_MACRO_IN6_ARE_ADDR_EQUAL names

2014-08-30  iulius

	* libinn documentation: update the name of the fdflag functions

	* pullnews: improve logging when an error occurs during GROUP

	  Also rewrite a ternary condition to improve readability.

	  Patch from Geraint A. Edwards.

	* pullnews: new -a flag (hashfeed ability)

	  Add a new feature to pullnews: hashfeed to split feeds. It uses
	  MD5 and is Diablo-compatible.

	  Thanks to Geraint Edwards for the patch.

	* pullnews: new -B flag (header-only feeding)

	  Add a new feature to pullnews: header-only feeding.

	  If the article does not already have a Bytes: header field, one
	  is added. Bodies are kept only for control articles.

	  Thanks to Geraint Edwards for the patch.

	* pullnews: bug fix to rnews when -O; improved rnews reporting

	  Thanks to Geraint Edwards for the patch.

	* pullnews: improve wording

	  * When pullnews runs for the first time against a newsgroup, say
	  "never" instead of January, 1st 1970 as the last run date. *
	  Improve spaces, uppercase characters and singular forms when 1
	  article is retrieved. * Update the config file even when the
	  group is empty.

	* pullnews: remove headers matching (or not) a given regexp

	  Enable the -m flag to remove headers matching (or not) a given
	  regexp.

	  Thanks to Geraint Edwards for the patch.

2014-08-09  iulius

	* innwatch: no longer creates a child process for sleeping

	  innwatch creates a child process only for sleeping and then waits
	  on that process. The forked-off process is not killed by 'rc.news
	  stop' (only its parent is), and will only die after it's done
	  sleeping. If running under SMF on illumos/Solaris, this causes
	  the service to likely drop into maintenance state (since not all
	  processes die within timeout).

	  Thanks to Lauri Tirkkonen for the patch.

2014-06-04  iulius

	* Bump version number to 2.5.5 for STABLE.
   2015-06-12 12:52:19 by Thomas Klausner | Files touched by this commit (3152)
Log message:
Recursive PKGREVISION bump for all packages mentioning 'perl',
having a PKGNAME of p5-*, or depending such a package,
for perl-5.22.0.
   2014-10-05 18:41:09 by Thomas Klausner | Files touched by this commit (58)
Log message:
Fix ``Please add a line "# used by foo/bar/Makefile" here.'' warnings.