Existing SHA1 digests verified, all found to be the same on the
machine holding the existing distfiles (morden). Existing SHA1
digests retained for now as an audit trail.
- Performance optimization, reported by Gary R. Schmidt.
- Fix a file descriptor leak in fetchnews.c's getbody_newno function
- When complaining that we are unable to switch the user ID, report the
current real and effective user IDs to ease debugging.
- Leafnode now enables IPv6 support by default. Use --without-ipv6 to disable.
- Leafnode now supports detecting if a peer is in a local network also
for IPv6 global addresses, providing that the host OS provides getifaddrs().
This comprises Linux, NetBSD, FreeBSD, but not, for instance, Solaris 10.
* 1.11.7, 2009-04-20
### WORKAROUND
- fetchnews: If the LN_SUPPRESS_DATE environment variable is defined and set
to any value or empty, fetchnews will not test the upstream server's time by
means of the "DATE" NNTP command.
This can be used to quench related log messages.
### BUGFIXES
- Fix logging if texpire unlinks files without further hardlinks from
message.id/NNN/
- Fix potential segfault on libcs that do not catch NULL for %s formatting
(several GNU libc versions do) when trying to retrieve delayed bodies from
corrupt article headers. Pretend success, to purge article number from
subscription file. Bug reported by Chris Carr.
- Fix & change "noactive" so that it can be overridden by "fetchnews -f", as
documented in config.example.
Regression as side effect of 1.9.50 fix, reported by Jesse F. Hughes.
- Fix logged IP address in "connected to..., reply:" message when compiled
without IPv6 support.
Fixes Mandriva Bug #45605, reported by David W. Hodgins.
- Print connected to... to console as well at proper verbosity level, found
by maintainer while debugging aforementioned bug.
- Only emit warning that no server with posting permission was found if that's
actually needed. Reported by Christian Weiske.
- If corrupted articles had been detected, fetchnews -x NNN would not be able
to re-fetch the said article because a 0-sized file remained in message.id,
making fetchnews believe the article was in the spool.
0-sized message.id/NNN/ files are now purged when checking if the article is
already in the spool.
Reported by Peter Bauernfeind. (de.comm.software.newsserver post, May 2008)
- Change interface enumeration to track incompatible NetBSD 5 changes. The
latter led to bogus connection refusals in NNTPD. SourceForge Bug #2700756,
by Aleksey Cheusov, fix suggested by Roy Marples.
- Add support for SIOCGIFALIAS where available (BSD) in order to obtain
netmasks for 4.4BSD-style IP aliases.
getifaddrs() has been suggested as well, but it isn't available everywhere,
so we would have to keep the old code around anyways, and we can just fix
that rather than introduce alternative code branches.
### BUGFIXES BACKPORTED FROM LEAFNODE 2
- lsort (used by make update) now detects and report errors.
- "make update" handles the lockfile properly now: it records its PID and
removes the lock also in cases of failure.
- "make update" restores the old groupinfo file if lsort fails.
- "make update" now builds an up-to-date lsort first.
- "make update" now uses the configured NEWS_USER and _GROUP.
- "make update" is now a phony Makefile target, i. e. it will work even
if there is a file "update" in the build directory.
### CHANGES
- When creating a Path: header (because the newsreader did not do that), use
"not-for-mail" instead of NEWS_USER (usually "news") as the user component.
This seems to resolve propagation issues with 2nd-hop-upstreams, as reported
in Debian Bug#459980 by Michael Weitzel, with Universit
- When writing to client fails, log decoded errno, too.
This can help debugging certain firewall misconfigurations more easily.
- Undoing a wordwrap in configure.ac allows for bootstrapping on Cygwin.
- Drop obsolete mysetvbuf().
- leafnode-version now supports an additional "-v" mode to print more
information on the installation. The output then is similar, but not
identical - due to different feature sets - to the way leafnode-2 prints it.
### DOCUMENTATION
- Add some comments to UNINSTALL-daemontools
- Put README-FQDN* under leafnode's license. Found to be in conflict with
Debian's DFSG by Mark Brown.
==============================================================================
* 1.11.6, 2007-03-17
### BUGFIXES
- .site TLDs are refused in FQDN.
- apply patch from Georg Schwarz to fix compilation with SGI IDO cc.
- do not delete articles if the References: lines are malformatted.
Reported by Adam Funk.
- support autoconf 2.60, fixing datarootdir-related warnings.
- do not log authentication success unless in verbose mode.
### DOCUMENTATION
- fix minor typos in README-FQDN.
- minor changes to INSTALL.
==============================================================================
* 1.11.5, 2006-04-09
### BUGFIXES
- Fix logging of invalid FQDH/FQDN.
- Do not trash delaybody download markers if the interesting.group/* files
are writeable by NEWS_USER ("news") but owned by somebody else. Found
debugging a problem described by David Aldred.
- Some syslog messages were still logged at LOG_DEBUG priority without
debugmode set.
- Support noactive = 0. Reported by Rafal Maj, Debian Bug #329760.
- Support nodesc = 0.
- Keep non-expiring groups (negative groupexpire date) in active file even if
they have expired upstream. Sourceforge Bug #1230256, Thomas Zajic.
- INSTALL: leafnode needs a "news" group as well. Found by Julien Sansonnens.
- Allow unterminated lines in regular files. Found by Ivo Maintz.
- Applyfilter unfolds headers before matching, to match fetchnews behavior.
- Applyfilter no longer unconditionally removes messages without body
if delaybody is off. The interesting.groups/group.name file might still
have pointers so that fetchnews will download the bodies later.
### CHANGES
- "killed nnn (<mess@ge.id>), already fetched before" messages have been
demoted to debug priority, to avoid syslog spamming with multiple upstream
servers or after crashes. Reported by Adam Funk.
- The RPM is now accompanied by a -debuginfo package.
- Build "grouplist" program in "make check".
- The fetchnews manual page states that -f is not to be used in cron jobs.
- The filtering documentation (applyfilter(8) man page and filters.example)
was overhauled, at the suggestion of Michael R. McCarrey.
Mike also courteously provided additional filter examples with documentation.
### WEBSITE
- http://www.leafnode.org/ is now served by SourceForge's VHOST service and
thus serves the same content as http://leafnode.sourceforge.net/
==============================================================================
* 1.11.4, 2005-11-23
### BUGFIXES
- Skip server processing when posting articles fails, for instance,
because of a protocol error or server disconnect/timeout.
Bug found when analyzing Debian #318644.
- Do not mark the active for refetch when the failed server has "noread" set
or fetchnews is in -P (post only) mode. Patch by Brian Sammon.
### COMPATIBILITY CHANGE
- GNU coreutils 5.92 are broken and can no longer create a missing directory
with "mkdir -p missing/." Work around the bug. Reported by Michael Shigorin.
### DOCUMENTATION
- Switch FAQ.pdf formatting back to XSL stylesheets and RenderX XEP 4.4,
now that a personal license for OpenSource documentation is available.
- Renamed all CAN-YYYY-NNNN to CVE-YYYY-NNNN in leafnode-SA-*.txt, ChangeLog,
NEWS and OLDNEWS to chase the CVE database change of 2005-10-19.
and to support the "inet6" option instead.
Remaining usage of USE_INET6 was solely for the benefit of the scripts
that generate the README.html files. Replace:
BUILD_DEFS+= USE_INET6
with
BUILD_DEFS+= IPV6_READY
and teach the README-generation tools to look for that instead.
This nukes USE_INET6 from pkgsrc proper. We leave a tiny bit of code
to continue to support USE_INET6 for pkgsrc-wip until it has been nuked
from there as well.
the owner of all installed files is a non-root user. This change
affects most packages that require special users or groups by making
them use the specified unprivileged user and group instead.
(1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to
unprivileged.mk. These two variables are lists of other bmake
variables that define package-specific users and groups. Packages
that have user-settable variables for users and groups, e.g. apache
and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP},
etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS
so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER}
and ${UNPRIVILEGED_GROUP}.
(2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.
INSTALL/DEINSTALL script creation within pkgsrc.
If an INSTALL or DEINSTALL script is found in the package directory,
it is automatically used as a template for the pkginstall-generated
scripts. If instead, they should be used simply as the full scripts,
then the package Makefile should set INSTALL_SRC or DEINSTALL_SRC
explicitly, e.g.:
INSTALL_SRC= ${PKGDIR}/INSTALL
DEINSTALL_SRC= # emtpy
As part of the restructuring of the pkginstall framework internals,
we now *always* generate temporary INSTALL or DEINSTALL scripts. By
comparing these temporary scripts with minimal INSTALL/DEINSTALL
scripts formed from only the base templates, we determine whether or
not the INSTALL/DEINSTALL scripts are actually needed by the package
(see the generate-install-scripts target in bsd.pkginstall.mk).
In addition, more variables in the framework have been made private.
The *_EXTRA_TMPL variables have been renamed to *_TEMPLATE, which are
more sensible names given the very few exported variables in this
framework. The only public variables relating to the templates are:
INSTALL_SRC INSTALL_TEMPLATE
DEINSTALL_SRC DEINSTALL_TEMPLATE
HEADER_TEMPLATE
The packages in pkgsrc have been modified to reflect the changes in
the pkginstall framework.
backslashes anymore. A single backslash is enough. Changed the
definition in all affected packages. For those that are not caught, an
additional check is placed into bsd.pkginstall.mk.
Changes:
### SECURITY BUGFIXES
- Fetchnews did not detect timeouts while it was downloading an article
header, which malicious upstream servers could exploit to mount
a denial of service attack against the fetchnews client. See
leafnode-SA-2005-02.txt. CVE Name: CAN-2005-1911
### BUGFIXES
- Bugfix sed expression in makesubst script. (Reported by Jeff Zacharias.)
### CHANGES
- texpire now tags the message.id expired count with "message.id" rather
than "total:" to avoid misleading the user who assumes that "total:"
would have to be the sum of the group counts. See also the FAQ change
below. SourceForge bug #1215453.
- When debugmode and verbose mode are set, leafnode programs now print a
warning to stdout that the user should check syslog.conf and the
syslog output rather than the screen print for debugging and sleeps for
three seconds.
### DOCUMENTATION
- Add FAQ entry to explain discrepancies between texpire group counts
and message.id expired articles counts.
- Add FAQ entry to explain influence of Gnus' gnus-read-active-file
setting on lost subscriptions, and extend stop fetchnews from
unsubscribing FAQ. Debian bug #307685.
- Drop FAQ entry on license issues as some parts of leafnode are in fact
GPLd.
- Drop FAQ entry on why old articles aren't posted, obsolete since
1.9.33.
- INSTALL and INSTALL_de have been polished.
- Add a hint that syslog.conf must be edited to config.example.
- leafnode(8) mentions that LIST ACTIVE keeps an existing subscription
fresh. CVS:
----------------------------------------------------------------------
----------------------------------------------------------------------
distinfo CVS:
----------------------------------------------------------------------
* Fix segfault when timeout or connection reset encountered while
article header is read.
* fetchnews will no longer re-fetch the active file for a server if it
has been completely received even if fetching articles from this server
encounters a problem. Long-standing bug. Debian bug #70052.
* fetchnews will now properly mark the active for complete re-fetch if
it says so. Previously, it forgot the mark in some circumstances. A
problem fetching the active file or descriptions for a newly added
server will now mark the active for re-fetch even if articles have
successfully been retrieved from the same server.
* Fix use-after-free segfault when server dies while body is being
received.
* Support quoted strings on the right hand side of configuration lines.
* Support IPv6 in fetchnews as well.
* In LIST ACTIVE/GROUP, keep group interesting in spite of being
pseudo (which includes empty) as long as it is interesting. Avoids
unsubscription of low-traffic groups that fall empty.
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
LEAFNODE_DATA_DIR, LEAFNODE_USER and LEAFNODE_GROUP, to be used by leafnode
to specify the data dir, the user and the group, defaulting to 'news'.
Note: the default is the same as for inn.
Pointed out by Georg Schwarz in mail to tech-pkg.
* nntpd will now disable ln_log()'s sending its logging to the
console (stderr usually), to prevent them from being seen by the
newsreader, which then gets confused.
* Usage fixes and usage info update
* Fix memory leaks
* Other bug fixes
For a full listing, please see the ChangeLog supplied with the source
code.
Pkgsrc changes since previous version:
* Add the news user if necessary (and be compatible with the INN package).
* Use bsd.pkg.install.mk.
Vendor changes since previous version:
(see the Changelog for more details)
* Security fix. Do not lock up when the news header ends prematurely.
* Revise some memory handling and catch out-of-memory conditions.
* Fixes to syslog handling.
* Support XOVER without argument.
* Fix SEGV in fetchnews.c.
==============================================================================
* 1.9.43, 2003-09-04
### INCOMPATIBLE CHANGE
- In the traditional spool, newsgroups with all-numeric components show up
with a - (minus, hyphen) prefixed to the number, the newsgroup example.1234
will be stored as /var/spool/news/example/-1234.
It is believed this change does not cause troubles because news systems that
offered the traditional spool have been incapable of providing news access,
and because the count of news groups with such names is way below 0.1% on
the news servers I have access to. The gain in functionality justifies the
incompatibility.
NOTE: this only affects newsreaders that directly access the spool.
NNTP-based newsreaders will see no difference.
### BUGFIXES
- Fix leafnode.8 manual pages (EN and DE languages) to explain 0 and negative
values for expire/groupexpire.
- Avoid premature abort (that causes .overview and groupinfo files to become
stale) when the stdout becomes disconnected. Reported by Sytse van Slooten.
- Make sure that texpire fixes the groupinfo lines of groups in "archive mode"
(groupexpire -1). Reported by Sytse van Slooten.
- Repair groupexpire 0 (= use global default, rather than expire immediately).
Broken since 1.9.23.
- Make sure that fetchnews complains when a timeout happens while reading
newsgroups lists ("active file") or newsgroup descriptions. Found after a
related report from Tim Daneliuk.
- Use different fix for newsgroup names with all-numeric components that does
not require two stat() calls in XOVER handling. Tracked down and reported by
Rein Klazes.
- Remove bogus error messages "article * is below/above the *-water mark" that
occur when reading a group that fetchnews is fetching into. Reported by Rein
Klazes.
- Make sure XOVER related error messages don't show up in the NNTP client.
### CHANGES
- fetchnews puts stdout into line buffered, or -- failing that -- unbuffered
mode (Patch by Mark Brown, Debian maintainer).
- leafnode processes warn (syslog and stderr) when a groupexpire is set to 0
(which means "use the default", which some users may not be aware of).
### DOCUMENTATION
- Added FAQ item on running leafnode as nntps server.
- Mention SuSEconfig difficulties with /etc/hosts in README-FQDN*
- Clarify item #13 in INSTALL.
==============================================================================
* 1.9.42, 2003-06-27
### SECURITY RELEVANT BUGFIXES
- Fix hang when trying to download an article that lacked mandatory headers.
(Very old bug, recently found by Joshua Crawford)
NOTE: this assertion that the bug is security relevant (denial of service)
has been made after 1.9.42 release.
### BUGFIXES
- Check lastreply() against NULL, in an effort to fix obscure sporadic and
non-reproducable crashes on OpenBSD sparc64. (Reported by Bruno Rohee)
- Fix bogus "Cannot open .../interesting.group/group.name for reading" when a
group subscription has expired. (Reported by Andreas Muck)
### CHANGES
- The ChangeLog file has been split, older parts (leafnode 1.9.31.rel and
before) have moved to the "new" ChangeLog.old file.
==============================================================================
* 1.9.41, 2003-05-22
### BUGFIXES
- Fix the "leafnode keeps fetching a group I've unsubscribed from long ago"
bug that haunted leafnode since 1.9.18 at the latest and that was more
prominent with the delaybody migration fixes of 1.9.33. Reported by Andreas
Muck and Gerry Doris.
- "make clean" no longer erases t.pcre_extract
### CHANGES
- Add an EXPERIMENTAL feature, delaybody_in_situ. This may work around
problems with particular newsreaders in delaybody mode. Do not rely on this
feature for now, and do send feedback if you use it, regardless of whether
it works or not. Defaults to off (compatible with previous versions). If you
don't know what it is about, leave it off.
- Some messages in fetchnews have been reworded to make them clearer and more
helpful.
### PORTABIILTY
- Find tcpd on OpenBSD at build time. Patch by Bruno Rohee.
==============================================================================
* 1.9.40, 2003-05-08
### BUGFIX
- Leafnode no longer aborts when using the replacement snprintf function
(FreeBSD) and is about to display a pseudo article.
Summary of changes since 1.9.31:
Bug and documentation fixes including:
* fetchnews_check_date.c: Portability: don't pass time_t to
syslog(...%ld...), sizeof time_t != sizeof long on 64bit FreeBSD,
reported by Christian Weisgerber <naddy@mips.inka.de>.
* fetchnews_check_date.c: Check for overflow of time difference.
Paranoia mode, someone needs to hose his clock by at least 68 years
to run into this.
* miscutil.c, TODO: Change to spooldir at the end of initvars()
(after changing uid/gid) to avoid barfing when run from
misconfigured cron.
* pcre_extract.c: Fix abort when extracting string, introduced with
previous strlcpy -> xstrlcpy commit. Reported by Joshua Crawford
<mortarn@softhome.net> Add debug variable to conditional TEST part
to use this code standalone.
* fetchnews.c: Several bug fixes
Please see the ChangeLog file in the source distribution for more details.
Summary of changes since 1.9.27 (please see the ChangeLog):
* Add leafnode-version.
* Various changes to fetchnews.c including:
+ In verbose mode, print if we're using the STAT
command or the HEAD workaround.
+ nntpactive: cache current time, saves time() calls and gives a
consistent 'age' for the newsgroups.
+ Avoid duplicate articles that raced from another server
against our fetchnews from ending up in failed.postings. We
assume that a server that refuses a posting with 441 435
Duplicate can at the same time deliver it to STAT (or HEAD if
the workaround is in effect).
+ Only touch active.read if the active has been successfully written.
+ Also apply only_groups_pcre when updating the active, to avoid
presenting groups that are not really fetched.
+ Bugfix: cope with multiple upstreams that have the same server name
but different ports.
* Various changes to nntpd.c including:
+ Point to syslog when reading the configuration fails.
+ Fix very subtle and intricate infinite loop bug
* Various changes to nntputil.c. Blacklist STAT for "NNTP news cache."
Whitelist NewsCache 1.1.*. Whitelist NewsCache 0.99.18, 0.99.19, 0.99.2?.
* Changes to activutil.c including:
+ Check for duplicate newsgroups after reading, before writing and after
merging the active file.
* Fixs for SEGV problems to activutil.c and artutil.c