Commit graph

156 commits

Author SHA1 Message Date
wiz
8b5d49eb78 Bump all packages that use perl, or depend on a p5-* package, or
are called p5-*.

I hope that's all of them.
2012-10-03 21:53:53 +00:00
spz
af9289fddd Update from 2.5.2 to 2.5.3 (fixes CVE-2011-0411).
While we are touching it, fix PR/45986 with the patch supplied therein
(thanks)

Changes from 2.5.2 to 2.5.3:

  * When HDR/XHDR/XPAT were used on a new article coming into a newsgroup,
    requesting a header not present in the overview database, the first
    subsequent OVER/XOVER command did not show that article.  A remap of
    the overview data file was missing in nnrpd.  Thanks to Sam
    Varshavchik for the bug report.

  * When a header field appeared more than once in an article, it was
    missing from the overview data.  OVER/XOVER, as well as HDR/XHDR/XPAT
    using the overview, were therefore returning an empty field.  The
    content of the first occurrence is now returned, in accordance with
    RFC 3977.

    Perl and Python filters for innd now also properly initialize their
    header variables with the first occurrence of header fields.  (It is
    still the last occurrence for the Perl filter for nnrpd.)

  * Fixed a possible plaintext command injection during the negotiation of
    a TLS layer.  The vulnerability detailed in CVE-2011-0411 affects the
    STARTTLS and AUTHINFO SASL commands.  nnrpd now resets its read buffer
    upon a successful negotiation of a TLS layer.  It prevents malicious
    commands, sent unencrypted, from being executed in the new encrypted
    state of the session.

  * Fixed a regression that occurred in INN 2.5.0 when leading whitespace
    characters have been made significant in header field bodies.  It
    could lead INN to drop articles and throttle itself when running as a
    slave because Xref: header fields generated by other news servers, or
    even INN 2.4.6, could contain (valid) leading whitespace.  Thanks to
    Matija Nalis for having caught this bug.

  * Fixed an invalid 431 response to CHECK commands when innd is paused:
    the message-ID of the article to defer was missing.  Also fixed
    another issue in the messages innd replied; when an error occurred
    during a write on a channel, a trailing extra junk byte was added to
    the reply.  Thanks to River Tarnell for these bug reports.

  * It is now possible to properly generate daily statistics with
    sendinpaths thanks to the new -k and -r flags that permit to control
    the interval of days for processing dump files.  The new -c flag
    permits to send a copy of the generated e-mail to the newsmaster.

    Also fixed an issue with statistics that could be missing or
    duplicated for a couple of days when monthly sent.

    The documentation has been updated and mentions a preferred daily run
    of sendinpaths.  This script is a complete rewrite in Perl, and is
    based on Mohan Kokal's initial work.

  * cnfsheadconf now properly recognizes continuation lines in
    cycbuff.conf, that is to say lines ending with a backslash ("\").
    Thanks to John F. Morse for the bug report.

  * The order of CNFS buffers in a metacycbuff is now properly read and
    written by cnfsheadconf.  There previously was a confusion between
    hexadecimal and decimal values.  Thanks again to John F. Morse.

  * When the -l flag is given to cnfsstat, the cycbuff.conf and
    storage.conf files are now reloaded if they have been modified since
    the previous output of cnfsstat.

  * A single header field line is limited to 998 bytes, per RFC 5536.
    innd was previously accepting, and also generating Xref: header field
    lines, up to 1022 bytes.  Now, nnrpd (acting as an injecting agent)
    rejects articles which contain header field lines whose length exceeds
    998 bytes.  And innd (acting as a relaying or serving agent) no longer
    checks that.

  * nnrpd advertises the COUNTS, DISTRIBUTIONS, MODERATORS, MOTD and
    SUBSCRIPTIONS variants of the LIST command in response to
    CAPABILITIES.  These commands already existed in nnrpd but RFC 6048
    had not yet been published.

  * Add support for LIST MOTD in innd.  Consequently, the motd.news
    configuration file which was previously used only by nnrpd is renamed
    to motd.nnrpd (innupgrade takes care of the rename).  innd uses the
    new motd.innd file in *pathetc* for its message of the day.

  * Fixed an issue at configure time that made INN wrongly assume that
    OpenBSD (4.6) didn't support Unix-domain sockets.  Thanks to Wim Lewis
    for the patch.

  * Fixed an issue on systems which do not have a working flock(2)
    function (Solaris, for instance).  mailpost and pullnews are reported
    not to be usable on such systems.  Many thanks to Dennis Davis for the
    bug report.

    A wrapper around shlock is now called in Perl scripts.  The
    INN::Utils::Shlock module has been added for that use.

  * Fixed an issue in the Python access hook for nnrpd:  it has not been
    working since Python 2.5 on 64-bit platforms, owing to a change to
    Python's C API, using a new Py_ssize_t type definition instead of int.
    Thanks to Raphael Barrois for the patch.

  * Improve the stability of the Perl filters for innd and nnrpd: properly
    save and restore the stack pointer when needed.

  * The Injection-Date: header, when present, is now used by innd and
    makehistory to determine the posting date of an article.  Otherwise,
    the Date: header is used.

  * controlchan now imposes a date cutoff on processing control articles.
    The *artcutoff* parameter set in inn.conf is used.  Otherwise, without
    that cutoff, old control articles could be maliciously reinjected into
    Usenet, and replayed.  (An unsigned Injection-Date: header field could
    be added to an article that only had a Date: header field.)  A new -c
    flag has been added to controlchan to disable the cutoff check, if
    needed (usually when manually invoking the program).

  * nnrpd no longer adds or updates the Path: header field when an article
    is forwarded to a moderator.  It could otherwise lead to rejects at
    injection time when the article was approved by the moderator.

  * The X-Trace: header field was not properly generated when an article
    was locally posted.  The field mentioning the IP address was skipped,
    resulting in a wrong syntax for this header.  The local "127.0.0.1" IP
    address is now used.  Besides, "localhost" is now mentioned instead of
    an obscure "stdin" in injection header fields.

  * Fixed a bug in the frequency innfeed logs its status:  too many
    useless lines were written to news.notice.  Thanks to Florian
    Schlichting for the fix.

  * When unset in innfeed.conf, the *dynamic-method* parameter now
    properly defaults to 3 (instead of 0) and *use-mmap* to false (instead
    of true).  These two values were already the recommended ones in the
    documentation and the sample file.  Note that *use-mmap* is only used
    when innfeed is given file names to send instead of storage API
    tokens, which is a fairly rare use case.

  * innfeed no longer generates an error message (logged in news.err) when
    a parameter is not defined in innfeed.conf.  All the parameters have a
    default value, so there is no need to warn the user if they are not
    present in innfeed.conf.  Thanks to Dieter Stussy for having reported
    this problem.

  * Implement an upper limit to the number of file descriptors innd can
    handle.  At most (FD_SETSIZE-1) file descriptors can be used.  This
    upper limit now overrides any superior number set with *rlimitnofile*
    in inn.conf.  Thanks to Steve Crook for the bug report.

  * A default timeout on outgoing sockets (using NNTPconnect) has been
    added by Florian Schlichting.  For a long time, there have been
    occasional problems with actsync (and probably other programs) that
    would hang until manually killed or restarted.

  * The flag -S has been added to innd by Florian Schlichting.  When used,
    innd reports the errors found in incoming.conf and exits.

  * pullnews no longer stops processing newsgroups when an error occur
    during its run (for instance when a newsgroup mentioned in the
    configuration file is removed from an upstream server).  Besides, it
    can now use authentication when posting to the downstream server.

    A few other minor bugs have been fixed as for the way pullnews counts
    the articles.

  * Fixed the way innreport handles leap years.  It now properly generates
    HTML reports; dates were assumed to be relative to the current year,
    which may break their computation during for instance the whole 2012
    leap year.  Please note that no HTML reports have been lost, and that
    they will appear when INN is updated to this new version.

  * A new parameter has been added to inn.conf to determine whether the
    status file that innd can write out (depending on the value of the
    *status* parameter) is plain text or wrapped in HTML.  It previously
    only was a compile-time option, set to true by default.  Florian
    Schlichting added the *htmlstatus* parameter to provide a configurable
    behaviour.

  * It is now possible to run a script at the end of the execution of
    innshellvars scripts.  If a file named innshellvars.local,
    innshellvars.pl.local or innshellvars.tcl.local is present and
    executable in *pathetc*, then it will be executed by the corresponding
    innshellvars script (respectively shell, INN::Config Perl module, and
    Tcl).  A typical use is to add or override variables.

  * Add support for wire-formatted articles in scanspool.

  * A lot of work on cleaning old perl4-style code has been done by
    Florian Schlichting.

  * inncheck now generates a proper non-zero exit value when errors are
    found, and allows quiet mode with the -q flag.  Florian Schlichting
    has greatly improved this script in many regards, especially with a
    config-syntax parser for incoming.conf, innfeed.conf, readers.conf and
    storage.conf.

  * inncheck now properly finds the boundaries of substituted variables in
    newsfeeds thanks to Alexander Bartolich.

  * docheckgroups no longer uses awk.  On a few systems, the script was
    failing because of the presence of an old version of awk that has a
    limit in the size of the input it can handle.  Processing large
    newsgroups files was consequently impossible.  docheckgroups now uses
    Perl instead of awk, which solves the issue reported by John F. Morse.

  * Other minor bug fixes and documentation improvements.  In particular,
    the *debug-shrinking*, *fast-exit* and *initial-sleep* keys in
    innfeed.conf are now documented.  The function "filter_end()", called
    when Perl filtering is turned off, is also documented for the innd and
    nnrpd Perl filters.
2012-08-23 19:00:41 +00:00
shattered
26ce32cfbd PR/29576 -- Use @RCD_SCRIPTS_SHELL@ in rc.d scripts, not /bin/sh 2011-10-07 22:37:02 +00:00
spz
d11720088e fix innreport to be perl 5.12 compatible 2011-09-25 14:00:09 +00:00
spz
7fbbd442a2 install the rest of the files from site as config files also (these are
the filter scripts); this closes PR pkg/44507
2011-09-25 13:58:31 +00:00
obache
3b0f2f4d0e Revision bump after updating perl5 to 5.14.1. 2011-08-14 14:14:40 +00:00
seb
c3f1e700ad Bump the PKGREVISION for all packages which depend directly on perl,
to trigger/signal a rebuild for the transition 5.10.1 -> 5.12.1.

The list of packages is computed by finding all packages which end
up having either of PERL5_USE_PACKLIST, BUILDLINK_API_DEPENDS.perl,
or PERL5_PACKLIST defined in their make setup (tested via
"make show-vars VARNAMES=..."), minus the packages updated after
the perl package update.

sno@ was right after all, obache@ kindly asked and he@ led the
way. Thanks!
2010-08-21 16:32:42 +00:00
joerg
908a1d62ce Needs user/group early in installation 2010-06-19 12:45:37 +00:00
spz
5a5e0e4ec2 update from 2.5.1 -> 2.5.2
Vendor update message (excerpt):

Many thanks to Julien ÉLIE for preparing this release.

Special notes:

The way checkpoints are handled by innreport for innd and innfeed has totally changed to provide more accurate daily statistics. The first Usenet report after an upgrade to INN 2.5.2 will probably contain incorrect statistics for incoming and outgoing articles because the beginning of the log files that will be used was generated by a previous version of INN.

A new version of innreport.conf is shipped with INN 2.5.2 but, in order to preserve any local changes, will not be automatically installed with make update. The changes are minor and not mandatory for the upgrade.

Changes from 2.5.1 to 2.5.2

    * Julien Elie has implemented in innd the new version of the NNTP protocol described in RFC 3977, RFC 4643 and RFC 4644, and innd now recognizes the CAPABILITIES command. Despite these standards, three commands (IHAVE, CHECK and TAKETHIS) will continue, for interoperability reasons, to return a reject code (respectively 435, 438, and 439) when the command contains a syntax error instead of 501. The mandatory username argument for authenticated peers is not enforced in INN 2.5.2 but will be be enforced by INN 2.6.0 when it is released.

Major improvements are:

    * innd now has a decent parser for NNTP commands. The parser is more correct (commands like "IHAVEZ<>", without a space between the command and its argument, are no longer valid) and allows leading and trailing whitespaces in commands. innd also now checks the length of the NNTP command sent by the client. If the command contains more than 512 bytes (or 497 bytes for an argument), an error is returned and the command is discarded. After ten unrecognized commands, innd closes the connection with the appropriate code (400 instead of 500).
    * The output of the HELP command specifies the arguments expected by NNTP commands, similar to nnrpd's HELP command.
    * LIST ACTIVE, LIST ACTIVE.TIMES and LIST NEWSGROUPS now allow an optional wildmat argument to restrict the results of those commands to specific newsgroups.
    * When using HEAD or STAT with an article number or a range, 412 (no group selected) is now returned instead of 501 (syntax error).
    * Jeffrey M. Vinocur has implemented support in both innd and nnrpd for whitespace in usernames/passwords provided with AUTHINFO USER/PASS. They were previously treated as invalid arguments or incorrectly parsed. innd and nnrpd now treat everything after the first whitespace character following AUTHINFO USER/PASS, up to, but not including, the final CRLF, as the username/password, in conformity with RFC 4643.
    * The syntax of message-IDs is now based on RFC 5536 (USEFOR) instead of RFC 1036. The major change is that quoted-pairs have been removed from the syntax.
    * The Perl and Python filters for innd now check the message-ID of articles arriving through TAKETHIS. Only CHECK and IHAVE commands previously used them.
    * Case-insensitive matches are now used for distributions, path identities, IMAP commands, header names, and control commands. (Newsgroups are still matched case-sensitively.) Message-IDs are case-sensitively matched, except for history hashes.
    * The new Archive:, Archive-At:, Comments:, and Summary: header fields defined in RFC 5064 and RFC 5536 can be used in innd filters. nnrpd now checks at injection time that an article does not contain an Injection-Info: header, that an Injection-Date: header (if provided) is valid, and that the Path: header does not contain ".POSTED". Note that INN does not yet generate these two injection fields or include the new Path: header field ".POSTED" keyword. These new features will be in the next major release of INN.
    * LIST SUBSCRIPTIONS now accepts an optional wildmat argument to restrict the results of this command to specific newsgroups.
    * nnrpd now supports a new LIST variant named COUNTS. LIST COUNTS is a combination of LIST ACTIVE and GROUP. It returns the same result as LIST ACTIVE except that the number of articles in a newsgroup is inserted before its status.
    * A new flag has been added to newsfeeds entries: "Aj", when present, says to feed articles accepted and filed in "junk" (due to *wanttrash*) to peers based on their newsfeeds feed patterns applied to the Newsgroups: header as though the article were accepted and all those groups were locally carried. This is useful if you want to run INN with a minimal active file and propagate all posts. Thanks to Andrew Gierth for the patch.
    * A new parameter has been added to inn.conf: *logtrash* defines whether a line for articles posted to groups not locally carried by the news server should be added in the news log file to report unwanted newsgroups. The default is true but it can be useful to set it to false (especially when *wanttrash* is also used).
    * The procbatchdir keyword has been added to news.daily to specify the backlog directory of innfeed. This is useful when several instances of innfeed are running or when its configuration file is not the default one.
    * sm now supports a new flag, -c, which shows a decoded form of the storage API token. This was previously done by the contrib showtoken script developed by Olaf Titz and Marco d'Itri.
    * The O flag in newsfeeds now relies on the contents of the Injection-Info: header field if it is present to determine the origin of an article. It falls back on X-Trace: if there is no Injection-Info: header field.
    * A new "unsigned long" type bas been added to the configuration parser. It will properly warn the news administrator when a variable supposed to be positive contains a negative integer. It will prevent INN from crashing due to misconfiguration at several places where it did not expect negative values.
    * innxbatch and innxmit now recognize the new 403 code introduced by RFC 3977 for a problem preventing the requested action from being taken.
    * HDR and OVER commands now return the correct 423 code (instead of 420) when the current article number is used but the article no longer exists.
    * actsync, inews, innxbatch, innxmit, nntpget and rnews can now authenticate to news servers which only expect a username, without password, conforming to RFC 4643.
    * The keyword generation code now generates a Keywords: header only if the original article does not already have one. The generated Keywords: header no longer begins with a comma. If keyword generation is set to true in inn.conf but the Keywords: header is not stored in the overview, the news administrator is warned and keyword generation deactivated, since it exists only to populate the overview data.
    * Two segfaults in keyword generation were fixed. The first occurred when an article already had a Keywords: header longer than the *keylimit* parameter. The second was caused by a possible invalid pointer beyond the newly allocated Keywords: header.
    * Fixed innd handling of empty lines. innd was not properly discarding an empty command and was closing the connection when it received only whitespace in a command.
    * Fixed a bug in how innd responded to reader commands when readers were not allowed. A superfluous blank line was sent in its response.
    * Fixed a bug in innd's response to TAKETHIS when authentication is required. Previously, 480 code was returned immediately without accepting the multi-line data block first, which broke synchronization in the NNTP protocol.
    * Fixed a bug in recognizing the article terminator when empty articles were fed to innd via IHAVE or TAKETHIS, leading to treating subsequent NNTP commands as part of the article.
    * When innd could not provide information for LIST ACTIVE.TIMES and LIST NEWSGROUPS, it was returning an invalid error message without a response code. The proper 503 answer code is now returned.
    * When an unauthenticated user tried to post an article, nnrpd replied 440 (posting not allowed) instead of the correct 480 (authentication required) response if the user might be able to post after authentication. Thanks to Daniel Weber for the bug report.
    * Fixed a bug in both innd and nnrpd answers to LIST commands where the output was not checked for valid dot stuffing.
    * Fixed a bug leading to junked non-control articles being sent to control-only feeds, and also fixed handling of poisoned control groups. Thanks to Andrew Gierth for the patch.
    * Fixed a bug in innreport leading to incorrect summing of innd stats when *hostname* was set to an IPv6 address instead of a fully-qualified domain name. Thanks to Petr Novopashenniy for the bug report.
    * Changed how innreport uses innd and innfeed checkpoint messages. Previously, connections held open for multiple days led to skewed and incorrect statistics on how many articles had been received or sent. The count is now more accurate and, for each connection of a feed, only depends on *incominglogfrequency* in inn.conf and *stats-period* in innfeed.conf.
    * Fixed a bug in nnrpd Perl filter: a header field whose name begins with the name of a standardized header field was not properly handled.
    * Fixed a bug in how innd was parsing Message-ID: and Supersedes: headers which contained trailing whitespace. The article was corrupted by an unexpected "\r" in the middle of the header. nnrpd now checks the syntax of the Message-ID: header field, if present.
    * Fixed various bugs in how leading whitespace was treated in headers. The HDR, XHDR and XPAT commands were not properly showing leading whitespace in header values. Lone "\n" and "\r" characters are now changed into spaces and "\r\n" is just removed. archive, makehistory, and tdx-util now keep leading whitespace in headers when generating overview data, and archive now changes "\n" (when not preceded by "\r") into a space when generating overview data.
    * Fixed a bug in the generation of overview data which may corrupt previously generated overview data when a pseudo Xref: header field is injected in an extra overview field.
    * Fixed a bug in the parsing of the *ovgrouppat* wildmat in inn.conf that prevented overview data from being generated when poisoned groups were specified but a latter sub-pattern matched the group. A uwildmat expression is now correctly handled, and a potential segfault has been fixed. Thanks to Dieter Stussy for the bug report.
    * Fixed a bug when HDR, XHDR and XPAT were used when *virtualhost* was set to true in readers.conf. The Xref: header of articles posted to only one newsgroup appeared empty.
    * Fixed a bug in tdx-util in parsing empty overview fields when called with -A or -F.
    * Fixed a bug in cvtbatch, which was returning only the size of the headers of an article when the "b" parameter was used with the -w flag. It now correctly returns the size of the whole article, which is what "b" was documented to do. cvtbatch also has a new "t" parameter, which can be used with the -w flag to retrieve the arrival time of an article.
    * Fixed a bug in how mailpost handles cross-posting feature. It was not properly detaching from sendmail. Thanks to Harald Dunkel for the patch.
    * Fixed a bug in the newsfeeds C flag: the count of followup groups was one less than the real number. When the value of the Followup-To: header field is "poster", it is no longer considered to be a followup. Thanks to Dieter Stussy for the patch.
    * When using tradindexed, the overview data for a cancelled article is now immediately removed from the overview. Thanks to Lars Magne Ingebrigtsen for the patch.
    * batcher has not supported the retrieval of an article with its file name for a long time. The -S flag has therefore been removed.
    * inews no longer rejects articles that contain more than 50 header fields. Thanks to Torsten Jerzembeck for the bug report.
    * news.daily no longer sends superfluous mails when the nomail keyword is given. Mail is only sent when there is real output. Previously, there would always be headings and empty lines left over from the structuring of the full report, which are now ommitted. Also, the output of programs executed with postexec is now included in the regular mail. Thanks to Florian Schlichting for the patch.
    * innconfval no longer maps NULL string or list values to an empty string or list and instead maps them to undefined values. This fixes an issue reported by Kamil Jonca: nnrpd was inserting an empty Organization: header when the *organization* parameter in inn.conf was unset.
    * Other minor bug fixes and documentation improvements.
2010-04-13 21:18:00 +00:00
wiz
579796a3e5 Recursive PKGREVISION bump for jpeg update to 8. 2010-01-17 12:02:03 +00:00
spz
c0dc9b8537 the patch to set the pgp path setting was both superfluous (as the path gets
reset later on) and had a typo. Add a dependency on gnupg instead to make
sure a pgp (gpg) binary is around to be used (provision should be made to
be able to use eg netpgp instead .. to be done later, hopefully after
someone else created the 'pick my favourite pgp version' infrastructure :> ).
2010-01-16 09:46:16 +00:00
spz
9e56735d16 The next minor version of INN. From the release announcement:
Major changes from 2.5.0 to 2.5.1

* Fixed a segfault in imap_connection which could occur when SASL was
used.

* Fixed a segfault in the keyword generation code which was assuming
that an article was nul-terminated. Fixed another segfault in the
keyword generation code when an article already contained a Keywords:
header. Thanks to Nix for the bug reports.

* Owing to the US-CERT vulnerability note VU#238019, Cyrus SASL library
has slightly changed. imap_connection and nnrpd now handle that
change. Otherwise, some answers are too long to be properly computed
during SASL exchanges.

* Fixed a memory allocation problem which caused nnrpd to die when
retrieving via HDR/XHDR/XPAT the contents of an extra overview field
absent from the headers of an article. The NEWNEWS command was also
affected on very rare cases. Thanks to Tim Woodall for the bug
report.

* HDR/XHDR/XPAT answers are now robust when the overview database is
inconsistent. When the overview schema was modified without the
overview database being rebuilt, wrong results could be returned for
extra fields (especially a random portion of some other header). The
desired header name is now explicitly searched for in the overview
information.

* Fixed the source which is logged to the news log file for local
postings when the local server is not listed in incoming.conf. A
wrong name was used, taken amongst known peers. The source is now
logged as "localhost".

* Fixed a bug in the timecaf storage method: only the first 65535
articles could be retrievable in a CAF, though everything was properly
stored. (A Crunched Article File contains all the articles that
arrive to the news server during 256 seconds.)

The storage token now uses 4 bytes to store the article sequence
number for timecaf, instead of only 2 bytes. Thanks to Kamil Jonca
for the bug report and also the patch.

* Fixed a bug in both timecaf and timehash which prevented them from
working on systems where short ints were not 16-bit integers.

* When there is not enough space to write an entire CAF header, the
timecaf storage manager now uses a larger blocksize. On 32-bit
systems, the CAF header is about 300 bytes, leaving about 200 bytes
for the free bitmap index (the remaining of a 512-byte blocksize). On
64-bit systems, the size of the CAF header could exceed 512 bytes,
thus leaving no room for the free bitmap index. A 1 KB blocksize is
then used, or a larger size if need be.

* A new CNFS version has been introduced by Miquel van Smoorenburg in
the CNFS header. CNFSv4 uses 4 KB blocks instead of 512 bytes, which
more particularly makes writes faster. CNFSv4 supports
files/partitions up to 16 TB with a 4 KB blocksize.

Existing CNFS buffers are kept unchanged; only new CNFS buffers are
initialized with that new version.

* grephistory -l now returns the contents of the expires history field
as well as the hash of the message-ID. Besides, when the storage API
token does not exist, grephistory -v now also returns the hash of the
requested message-ID.

* The check on cancel messages when *verifycancels* is set to true in
inn.conf has been changed to verify that at least one newsgroup in the
cancel message can be found in the article to be cancelled. This new
feature is from Christopher Biedl.

The previous behaviour was to check whether the cancel message is from
the same person as the original post, which is extremely easy to
spoof; besides, RFC 5537 (USEPRO) mentions that "cancel control
messages are not required to contain From: and Sender: header fields
matching the target message. This requirement only encouraged cancel
issuers to conceal their identity and provided no security".

* The way the "/remember/" line in expire.ctl works has changed.
History retention for an article was done according to its original
arrival time; it is now according to its original posting date.
Otherwise, unnecessary data may be kept too long in the history file.

To achieve that, the HISremember() function in history API now expects
a fourth parameter: the article posting time.

Note that article expiration has not changed and is still based on
arrival time, unless the -p flag is passed to expire or expireover, in
which case posting time is used.

* The default value for "/remember/" has changed from 10 to 11 because
it should be one more than the *artcutoff* parameter in inn.conf, so
that articles posted one day into the future are properly retained in
history.

* auth_krb5 has been rewritten by Russ Allbery to use modern Kerberos
APIs. Note that using ckpasswd with PAM support and a Kerberos PAM
module instead of this authenticator is still recommended.

* A new -L flag has been added by Jonathan Kamens to makehistory so as
to specify a load average limit. If the system load average exceeds
the specified limit, makehistory sleeps until it goes below the limit.

* As UTF-8 is the default character set in RFC 3977, "ctlinnd pause",
"ctlinnd readers", "ctlinnd reject", "ctlinnd reserve", "ctlinnd
throttle" and "nnrpd -r" commands now require the given reason to be
encoded in UTF-8, so that it can be properly sent to news readers.
The creator's name given to "ctlinnd newgroup" is also expected to be
encoded in UTF-8.

* The output of consistency checks for article storage and the history
file no longer appears by default when "cnfsstat -a" is used. A new
-v flag has been added to cnfsstat so as to see it.

* The default path for TLS certificates has changed from *pathnews*/lib
to *pathetc*. It only affects new INN installations or generations of
certificates with "make cert". Besides, a default value has been
added to *tlscapath* because it is required by nnrpd when TLS is used.

* gzip(1) is now the default UUCP batcher in send-uucp instead of
compress(1) because gzip is more widely available than compress, due
to old patent issues. Note that there is no impact on decompression
as it is handled by rnews.

* cnfsheadconf now uses the Perl core module "Math::BigInt" rather than
the deprecated bigint.pl library. When used without specifying a CNFS
buffer, it now properly displays the status of all CNFS buffers.
2009-12-16 22:10:25 +00:00
spz
73cb40ec15 fix GNUism in find syntax in the news.daily script source
(reported by Geoff Wing <gcw@pobox.com>)
2009-10-03 16:20:39 +00:00
spz
21a236b8e2 fix packaging bugs noted by Geoff Wing (gcw@pobox.com) (thanks) 2009-09-25 11:06:00 +00:00
spz
15ed507f60 Update of the INN package to the latest stable version (2.5.0). 2009-09-22 13:17:00 +00:00
joerg
62d1ba2bac Remove @dirrm entries from PLISTs 2009-06-14 18:03:28 +00:00
joerg
2d1ba244e9 Simply and speed up buildlink3.mk files and processing.
This changes the buildlink3.mk files to use an include guard for the
recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS,
BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new
variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of
enter/exit marker, which can be used to reconstruct the tree and
to determine first level includes. Avoiding := for large variables
(BUILDLINK_ORDER) speeds up parse time as += has linear complexity.
The include guard reduces system time by avoiding reading files over and
over again. For complex packages this reduces both %user and %sys time to
half of the former time.
2009-03-20 19:23:50 +00:00
spz
9a7bece7a3 update to the next minor version of INN; now also uses ln in postinstall
instead of install -l. Plus, fix a nit in the startup script.
2009-03-15 15:00:50 +00:00
spz
936035e2fb make package DESTDIR'able 2008-12-21 16:00:04 +00:00
spz
cf02deb34c make package somewhat cleaner (includes some PLIST cleanup) 2008-12-21 11:55:25 +00:00
he
b021813da0 Bump the PKGREVISION for all packages which depend directly on perl,
to trigger/signal a rebuild for the transition 5.8.8 -> 5.10.0.

The list of packages is computed by finding all packages which end
up having either of PERL5_USE_PACKLIST, BUILDLINK_API_DEPENDS.perl,
or PERL5_PACKLIST defined in their make setup (tested via
"make show-vars VARNAMES=...").
2008-10-19 19:17:40 +00:00
spz
fd3865c6ef cleaned up PLIST, fiddled with directory creation some more 2008-09-16 23:06:19 +00:00
spz
c1fa696e32 update to next tiny version 2008-09-03 21:33:29 +00:00
spz
acacb29310 make inn start successfully on a previously clean box 2008-09-03 20:19:39 +00:00
spz
adbceb7bae when installing to variable locations, make it so we actually vary where we
expect that which we installed (ie, fix PLIST)
also make sure that our installation destination is under PREFIX
fixes PR 39165
2008-09-03 06:34:32 +00:00
spz
c08277bb5a distinfo knew a patch-aj with different timestamps, fix 2008-06-23 09:15:06 +00:00
spz
537f362429 - bump inn version to 2.4.4
- major change of directory structure
- two new options (uucp and perl now both optional)
- change of maintainer
2008-06-23 09:10:53 +00:00
tnn
ad6ceadd25 Per the process outlined in revbump(1), perform a recursive revbump
on packages that are affected by the switch from the openssl 0.9.7
branch to the 0.9.8 branch. ok jlam@
2008-01-18 05:06:18 +00:00
wiz
48aee8ab57 Remove Ex-MASTER_SITE. From Zafer Aydogan. 2007-12-02 11:31:49 +00:00
jlam
07dd3147c6 Convert packages that test and use USE_INET6 to use the options framework
and to support the "inet6" option instead.

Remaining usage of USE_INET6 was solely for the benefit of the scripts
that generate the README.html files.  Replace:

	BUILD_DEFS+=	USE_INET6
with
	BUILD_DEFS+=	IPV6_READY

and teach the README-generation tools to look for that instead.

This nukes USE_INET6 from pkgsrc proper.  We leave a tiny bit of code
to continue to support USE_INET6 for pkgsrc-wip until it has been nuked
from there as well.
2007-09-07 22:12:10 +00:00
jlam
4390d56940 Make it easier to build and install packages "unprivileged", where
the owner of all installed files is a non-root user.  This change
affects most packages that require special users or groups by making
them use the specified unprivileged user and group instead.

(1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to
    unprivileged.mk.  These two variables are lists of other bmake
    variables that define package-specific users and groups.  Packages
    that have user-settable variables for users and groups, e.g. apache
    and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP},
    etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS
    so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER}
    and ${UNPRIVILEGED_GROUP}.

(2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.
2007-07-04 20:54:31 +00:00
wiz
601583c320 Whitespace cleanup, courtesy of pkglint.
Patch provided by Sergey Svishchev in private mail.
2007-02-22 19:26:05 +00:00
wiz
a9c3a0685a Update MASTER_SITES and/or HOMEPAGE, from Sergey Svishchev. 2006-10-14 07:59:09 +00:00
tron
663307ee50 Remove as maintainer of this package because I'm now longer running
INN on my home server.
2006-10-01 11:34:24 +00:00
jlam
c16221a4db Change the format of BUILDLINK_ORDER to contain depth information as well,
and add a new helper target and script, "show-buildlink3", that outputs
a listing of the buildlink3.mk files included as well as the depth at
which they are included.

For example, "make show-buildlink3" in fonts/Xft2 displays:

	zlib
	fontconfig
	    iconv
	    zlib
	    freetype2
	    expat
	freetype2
	Xrender
	    renderproto
2006-07-08 23:10:35 +00:00
jlam
9430e49307 Track information in a new variable BUILDLINK_ORDER that informs us
of the order in which buildlink3.mk files are (recursively) included
by a package Makefile.
2006-07-08 22:38:58 +00:00
jlam
802ce74fcb Modify packages that set PKG_USERS and PKG_GROUPS to follow the new
syntax as specified in pkgsrc/mk/install/bsd.pkginstall.mk:1.47.
2006-04-23 00:12:35 +00:00
rillig
96fc47c14f Aligned the last line of the buildlink3.mk files with the first line, so
that they look nicer.
2006-04-12 10:26:59 +00:00
joerg
673cecaef7 Add missing pullnews.1 to PLIST. Bump revision. 2006-04-10 16:27:02 +00:00
reed
5abef9be14 Over 1200 files touched but no revisions bumped :)
RECOMMENDED is removed. It becomes ABI_DEPENDS.

BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.

BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.

BUILDLINK_DEPENDS does not change.

IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".

Added to obsolete.mk checking for IGNORE_RECOMMENDED.

I did not manually go through and fix any aesthetic tab/spacing issues.

I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.

I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.

As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.

As discussed on tech-pkg.

I will commit to revbump, pkglint, pkg_install, createbuildlink separately.

Note that if you use wip, it will fail!  I will commit to pkgsrc-wip
later (within day).
2006-04-06 06:21:32 +00:00
tron
d6004cc912 Update "inn" package to version 2.4.3. Changes since version 2.4.1:
- Previous versions of INN had an optimization for handling XHDR
  Newsgroups that used the Xref header from overview.  While this does
  make the command much faster, it doesn't produce accurate results and
  breaks the NNTP protocol, so this optimization has been removed.
- Fixed a bug in innd that allowed it to accept articles with duplicated
  headers if the header occurred an odd number of times.  Modified the
  programs for rebuilding overview to use the last Xref header if there
  are multiple ones to avoid problems with spools that contain such
  invalid articles.
- Fixed yet another problem with verifying that a user has permissions
  to approve posts to a moderated group.  Thanks, Jens Schlegel.
- Increase the send and receive buffer on the Unix domain socket used by
  ctlinnd.  This should allow longer replies (particularly for innstat)
  on platforms with very low default Unix domain socket buffer sizes.
- rnews's handling of articles with nul characters, NNTP errors, header
  problems, and deferrals has been significantly improved.
- Thomas Parmelan added support to send-uucp for specifying the funnel
  or exploder site to flush for feeds managed through one and fixed a
  problem with picking up old stranded work files.
- INN is now licensed under a less restrictive license (about as
  minimally restrictive as possible shy of public domain), and the
  clause similar to the old BSD advertising clause has been dropped.
- make install and make update now always install the newly built
  binaries, rather than only installing them if the modification times
  are newer.  This is the behavior that people expect.  make install now
  also automatically builds a new (empty) history database if one
  doesn't already exist.
- The embedded Tcl filter code has been disabled (and will be removed
  entirely in the next major release of INN).  It hasn't worked for some
  time and causes innd crashes if compiled in (even if not used).  If
  someone wants to step forward and maintain it, I recommend starting
  from scratch and emulating the Perl and Python filters.
- ctlinnd should now successfully handle messages from INN up to the
  maximum allowable packet size in the protocol, fixing problems sites
  with many active peers were having with innstat output.
- Overview generation has been fixed in both makehistory and innd to
  follow the rules in the latest NNTP draft rather than just replacing
  special characters with spaces.  This means that the unfolding of
  folded header lines will not introduce additional, incorrect
  whitespace in the overview data.
- nnrpd now uniformly responds with a 480 or 502 status code to attempts
  to read a newsgroup to which the user does not have access, depending
  on whether the user has authenticated.  Previously, it returned a 411
  status code, claiming the group didn't exist, which confuses the
  reactive authentication capability of news readers.
- If a user is not authorized to approve articles (using the A access
  control in readers.conf), articles that include Approved headers will
  be rejected even if posted to unmoderated groups.  Some other site may
  consider that group to be moderated.
- The configuration parser used for readers.conf and others now
  correctly handles "#" inside quoted strings and is more robust against
  unmatched double quotes.
- Messages mailed to moderators had two spaces after the colons in the
  headers, rather than one.  This bug has been fixed.
- A bug that could cause heap corruption and random crashes in innd if
  INN were compiled with Python support has been fixed.
- Some problems with innd's tracking of article size and enforcement of
  the configured maximum article size have been fixed.
- pgpverify will now correctly verify signatures generated by GnuPG and
  better supports GnuPG as the PGP implementation.
- INN's code should now be more 64-bit clean in its handling of size_t,
  pointer differences, and casting of pointers, correcting problems that
  showed up on 64-bit platforms like AMD64.
- Improved the error reporting in the history database code, in inews,
  in controlchan, and in expire.
- Many other more minor bug fixes, optimization improvements, and
  documentation fixes.
2006-03-31 17:58:39 +00:00
joerg
3aae1fd0a9 Explicitly set GNU_CONFIGURE_MANDIR to ${PREFIX}/${PKGMANDIR}. 2006-03-02 19:03:20 +00:00
tron
3009c30545 Add optional Python support. Based on patches supplied by Anders Mundt Due
in PR pkg/32299.
2006-01-04 10:32:40 +00:00
jlam
dc9594e09d Remove USE_PKGINSTALL from pkgsrc now that mk/install/pkginstall.mk
automatically detects whether we want the pkginstall machinery to be
used by the package Makefile.
2005-12-29 06:21:30 +00:00
reed
be54633317 Use VARBASE instead of hardcoded "/var" for the INN_DATA_DIR.
Okayed by maintainer.
2005-12-27 17:45:40 +00:00
rillig
579e977969 Ran "pkglint --autofix", which corrected some of the quoting issues in
CONFIGURE_ARGS.
2005-12-05 23:55:01 +00:00
rillig
b71a1d488b Fixed pkglint warnings. The warnings are mostly quoting issues, for
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in

    http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html
2005-12-05 20:49:47 +00:00
tron
190c1f02c6 This package conflicts with the "libradius" package because of
"radius.conf.5".
2005-11-22 16:14:49 +00:00
rillig
0e5596048e Added patch-aj, which fixes PR 32114. 2005-11-19 12:03:22 +00:00
reed
57f7dd5644 Remove the --mandir CONFIGURE_ARGS setting as this is now done
for GNU_CONFIGURE automatically.

(This has been in my personal pkgsrc for a while.)
2005-10-07 18:08:25 +00:00