pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/news/inn

Module Name:    pkgsrc
Committed By:   spz
Date:           Wed Dec 16 22:10:25 UTC 2009

Modified Files:
        pkgsrc/news/inn: Makefile Makefile.common PLIST distinfo
        pkgsrc/news/inn/patches: patch-ab patch-ah patch-ai

Log Message:
The next minor version of INN. From the release announcement:
Major changes from 2.5.0 to 2.5.1

* Fixed a segfault in imap_connection which could occur when SASL was

* Fixed a segfault in the keyword generation code which was assuming
that an article was nul-terminated. Fixed another segfault in the
keyword generation code when an article already contained a Keywords:
header. Thanks to Nix for the bug reports.

* Owing to the US-CERT vulnerability note VU#238019, Cyrus SASL library
has slightly changed. imap_connection and nnrpd now handle that
change. Otherwise, some answers are too long to be properly computed
during SASL exchanges.

* Fixed a memory allocation problem which caused nnrpd to die when
retrieving via HDR/XHDR/XPAT the contents of an extra overview field
absent from the headers of an article. The NEWNEWS command was also
affected on very rare cases. Thanks to Tim Woodall for the bug

* HDR/XHDR/XPAT answers are now robust when the overview database is
inconsistent. When the overview schema was modified without the
overview database being rebuilt, wrong results could be returned for
extra fields (especially a random portion of some other header). The
desired header name is now explicitly searched for in the overview

* Fixed the source which is logged to the news log file for local
postings when the local server is not listed in incoming.conf. A
wrong name was used, taken amongst known peers. The source is now
logged as "localhost".

* Fixed a bug in the timecaf storage method: only the first 65535
articles could be retrievable in a CAF, though everything was properly
stored. (A Crunched Article File contains all the articles that
arrive to the news server during 256 seconds.)

The storage token now uses 4 bytes to store the article sequence
number for timecaf, instead of only 2 bytes. Thanks to Kamil Jonca
for the bug report and also the patch.

* Fixed a bug in both timecaf and timehash which prevented them from
working on systems where short ints were not 16-bit integers.

* When there is not enough space to write an entire CAF header, the
timecaf storage manager now uses a larger blocksize. On 32-bit
systems, the CAF header is about 300 bytes, leaving about 200 bytes
for the free bitmap index (the remaining of a 512-byte blocksize). On
64-bit systems, the size of the CAF header could exceed 512 bytes,
thus leaving no room for the free bitmap index. A 1 KB blocksize is
then used, or a larger size if need be.

* A new CNFS version has been introduced by Miquel van Smoorenburg in
the CNFS header. CNFSv4 uses 4 KB blocks instead of 512 bytes, which
more particularly makes writes faster. CNFSv4 supports
files/partitions up to 16 TB with a 4 KB blocksize.

Existing CNFS buffers are kept unchanged; only new CNFS buffers are
initialized with that new version.

* grephistory -l now returns the contents of the expires history field
as well as the hash of the message-ID. Besides, when the storage API
token does not exist, grephistory -v now also returns the hash of the
requested message-ID.

* The check on cancel messages when *verifycancels* is set to true in
inn.conf has been changed to verify that at least one newsgroup in the
cancel message can be found in the article to be cancelled. This new
feature is from Christopher Biedl.

The previous behaviour was to check whether the cancel message is from
the same person as the original post, which is extremely easy to
spoof; besides, RFC 5537 (USEPRO) mentions that "cancel control
messages are not required to contain From: and Sender: header fields
matching the target message. This requirement only encouraged cancel
issuers to conceal their identity and provided no security".

* The way the "/remember/" line in expire.ctl works has changed.
History retention for an article was done according to its original
arrival time; it is now according to its original posting date.
Otherwise, unnecessary data may be kept too long in the history file.

To achieve that, the HISremember() function in history API now expects
a fourth parameter: the article posting time.

Note that article expiration has not changed and is still based on
arrival time, unless the -p flag is passed to expire or expireover, in
which case posting time is used.

* The default value for "/remember/" has changed from 10 to 11 because
it should be one more than the *artcutoff* parameter in inn.conf, so
that articles posted one day into the future are properly retained in

* auth_krb5 has been rewritten by Russ Allbery to use modern Kerberos
APIs. Note that using ckpasswd with PAM support and a Kerberos PAM
module instead of this authenticator is still recommended.

* A new -L flag has been added by Jonathan Kamens to makehistory so as
to specify a load average limit. If the system load average exceeds
the specified limit, makehistory sleeps until it goes below the limit.

* As UTF-8 is the default character set in RFC 3977, "ctlinnd pause",
"ctlinnd readers", "ctlinnd reject", "ctlinnd reserve", "ctlinnd
throttle" and "nnrpd -r" commands now require the given reason to be
encoded in UTF-8, so that it can be properly sent to news readers.
The creator's name given to "ctlinnd newgroup" is also expected to be
encoded in UTF-8.

* The output of consistency checks for article storage and the history
file no longer appears by default when "cnfsstat -a" is used. A new
-v flag has been added to cnfsstat so as to see it.

* The default path for TLS certificates has changed from *pathnews*/lib
to *pathetc*. It only affects new INN installations or generations of
certificates with "make cert". Besides, a default value has been
added to *tlscapath* because it is required by nnrpd when TLS is used.

* gzip(1) is now the default UUCP batcher in send-uucp instead of
compress(1) because gzip is more widely available than compress, due
to old patent issues. Note that there is no impact on decompression
as it is handled by rnews.

* cnfsheadconf now uses the Perl core module "Math::BigInt" rather than
the deprecated library. When used without specifying a CNFS
buffer, it now properly displays the status of all CNFS buffers.

To generate a diff of this commit:
cvs rdiff -u -r1.99 -r1.100 pkgsrc/news/inn/Makefile
cvs rdiff -u -r1.5 -r1.6 pkgsrc/news/inn/Makefile.common
cvs rdiff -u -r1.20 -r1.21 pkgsrc/news/inn/PLIST
cvs rdiff -u -r1.23 -r1.24 pkgsrc/news/inn/distinfo
cvs rdiff -u -r1.4 -r1.5 pkgsrc/news/inn/
cvs rdiff -u -r1.8 -r1.9 pkgsrc/news/inn/patches/patch-ab
cvs rdiff -u -r1.12 -r1.13 pkgsrc/news/inn/patches/patch-ah
cvs rdiff -u -r1.6 -r1.7 pkgsrc/news/inn/patches/patch-ai

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index