The NetBSD Project

CVS log for pkgsrc/news/inn/Makefile.common

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / news / inn

Request diff between arbitrary revisions


Default branch: MAIN
Current tag: MAIN


Revision 1.8 / (download) - annotate - [select for diffs], Sat May 20 06:53:05 2017 UTC (3 years, 5 months ago) by spz
Branch: MAIN
CVS Tags: pkgsrc-2020Q3-base, pkgsrc-2020Q3, pkgsrc-2020Q2-base, pkgsrc-2020Q2, pkgsrc-2020Q1-base, pkgsrc-2020Q1, pkgsrc-2019Q4-base, pkgsrc-2019Q4, pkgsrc-2019Q3-base, pkgsrc-2019Q3, pkgsrc-2019Q2-base, pkgsrc-2019Q2, pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3, pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1, pkgsrc-2017Q4-base, pkgsrc-2017Q4, pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-2017Q2-base, pkgsrc-2017Q2, HEAD
Changes since 1.7: +2 -1 lines
Diff to previous 1.7 (colored)

update to 2.6.1. Excerpt from NEWS:

Upgrading from 2.5 to 2.6

The following changes require your full attention because a manual intervention may be needed:

    The name and location of the pullnews configuration file have changed. It is now pullnews.marks, located in pathdb when pullnews is run as the news user, or otherwise in the running user's home directory. This file was previously stored in .pullnews in the running user's home directory (even for the news user). If you use pullnews, you need to manually move and rename the configuration file; otherwise, it will no longer work. Note that the -c flag passed to pullnews allows to specify another configuration file, if need be.

    The default location of the mailpost database directory has changed from pathtmp to pathdb. If you use mailpost without an explicitly specified database directory (using the -b flag), then you should manually move your current database files mailpost-msgid.dir and mailpost-msgid.pag from pathtmp to pathdb.

    If you have been using TLS/SSL with nnrpd before, be aware that the default value of a few inn.conf parameters have changed: the server now decides the preferred cipher (instead of the client), and only TLS protocols are allowed (using the flawed SSLv2 and SSLv3 protocols is now disabled). If you want to change these settings, the respective tlspreferserverciphers and tlsprotocols parameters can be tuned to your needs.

    The --with-kerberos configure flag used to add Kerberos v5 support has been renamed to --with-krb5.

    The --with-berkeleydb configure flag used to add Berkeley DB support has been renamed to --with-bdb.

    The --enable-ipv6 configure flag no longer exists. IPv6 is now unconditionally enabled, if available.

    $HOME is no longer exported as an environment variable by innshellvars, innshellvars.tcl and the Perl module INN::Config. It was previously overriding the default user home directory with pathnews. If you use these scripts in your own scripts, you will have to take care of that change.

    Owing to the implementation of RFC 4643 (AUTHINFO USER/PASS) in innd, if remote peers have to authenticate in order to feed articles, they now have to send a username (which was previously wrongly optional), before sending their password. The mandatory username, though currently unused by innd, can be whatever the remote peer wishes. In previous versions of INN, inncheck was already complaining when passwd.nntp contained an empty username associated with a password.

    A manual review of authenticated feeds should then be done so as to ensure that they are properly working.

    The Injection-Date: and Injection-Info: headers are now generated by nnrpd at injection time instead of the NNTP-Posting-Date:, NNTP-Posting-Host:, X-Complaints-To: and X-Trace: headers. Local scripts that were using (for authentication, privacy, etc.) these now deprecated headers should be updated. Also note that the Path: header of locally posted articles can also contain the contents of the deprecated NNTP-Posting-Host: field.

    The two addnntppostingdate and addnntppostinghost parameters in inn.conf have been respectively renamed to addinjectiondate and addinjectionpostinghost. innupgrade takes care of the modification only for inn.conf; a manual change will therefore be needed for readers.conf, if these parameters are overridden in this file.

    The default values of a few inn.conf parameters have changed to make use of the vastly expanded storage and RAM commonly available today: datamovethreshold (from 8192 to 16384), msgidcachesize (from 16000 to 64000), overcachesize (from 64 to 128), and wireformat (now enabled by default).

    The generation of status reports and performance timings are now also enabled by default: logstatus and nnrpdoverstats parameters, with a frequency of 10 minutes (status and timer parameters).

    The default value of max-queue-size has changed from 5 to 20, and use-mmap now defaults to true for innfeed.conf.

Changes in 2.6.1

    nnrpd now uses -0000 as the time zone for Date: and Injection-Date: header fields it generates. It was previously using +0000, wrongly systematically indicating a local time zone at Universal Time when localtime is set to false (which is the default) in readers.conf. The +0000 time zone will now be used only if localtime is set to true and UTC is really the local time zone of the server.

    Julien Elie has implemented in nnrpd the new COMPRESS command described in draft-murchison-nntp-compress that extends the NNTP protocol to allow a connection to be effectively and efficiently compressed. News clients that also support that extension will be able to benefit from that bandwidth optimization and improvement in speed. Moreover, using COMPRESS is more secure than TLS-level compression, as far as authentication credentials are concerned.

    The default value for the tlscompression parameter in inn.conf has changed. TLS-level compression is now disabled by default, to comply with the best current practices for a secure use of TLS in application protocols like NNTP. Using the new COMPRESS command is recommended.

    The tlscompression parameter in inn.conf now also permits to disable TLS-level compression with OpenSSL 0.9.8. It previously had an effect only when OpenSSL 1.0.0 or later was used.

    rnews no longer segfaults at startup when started setuid news. Thanks to Marcus Jodorf for the bug report.

    Fixed slow nnrpd responses for a few NNTP commands. The TCP_NODELAY option was unconditionally set whereas only BSD/OS systems needed it. Thanks to Christian Mock for having discovered that.

    Articles containing a Received: or a Posted: header field are no longer rejected by nnrpd at injection time.

    Articles containing control characters or whitespace-only content lines in their headers are now rejected by nnrpd at injection time.

    OpenSSL 1.1.0 support has been added to INN.

    When an encryption layer is negotiated during a successful use of the STARTTLS command, or after a successful authentication using a SASL mechanism that negotiates an encryption layer, nnrpd now updates the permissions of the news client according to the new secure state of his connection (that is to say auth blocks in readers.conf using the require_ssl parameter are taken into account). Previously, only connections on a dedicated port (usually 563) were taking benefit from that parameter. Thanks to Steve Crook for the bug report.

    When a data integrity layer was negotiated during a successful SASL authentication, nnrpd was wrongly reseting any knowledge obtained from the client, such as the current newsgroup and article number. This behaviour now applies only when an encryption layer is negotiated.

    nntpsend now correctly waits until all of the child innxmit processes exit before it does. It was causing nntpsend to fail to work properly on systems that use systemd, because when it exits prematurely, systemd kills all of the processes it launched, including the innxmit processes. Thanks to Jonathan Kamens for the patch.

    Update from GNU Libtool 2.4.2 to 2.4.6.

    Other minor bug fixes and documentation improvements.
Changes in 2.6.0

    The NNTP protocol requires a username to be sent before a password when authentication is used. innd was wrongly allowing only a password to be sent by authenticated peers. See the note above for more details.

    The Lines: header is no longer generated by nnrpd at injection time.

    The Injection-Date: header is now generated by nnrpd at injection time instead of the deprecated NNTP-Posting-Date: header, when addinjectiondate is set to true. Note that addnntppostingdate has been renamed to addinjectiondate in inn.conf.

    The Injection-Info: header is now generated by nnrpd at injection time instead of the deprecated NNTP-Posting-Host: (when addinjectionpostinghost is set to true), X-Complaints-To: and X-Trace: headers. Note that addnntppostinghost has been renamed to addinjectionpostinghost in inn.conf. The Path: header of locally posted articles now also contains the contents of the NNTP-Posting-Host: header.

    A new addinjectionpostingaccount parameter has been added in inn.conf. When set to true, the Injection-Info: header field contains an additional posting-account attribute that mentions the username assigned to the user at connection time or after authentication. The default value for this parameter is false.

    A few headers are now considered as obsolete by nnrpd at injection time: NNTP-Posting-Date:, NNTP-Posting-Host:, X-Complaints-To:, X-Trace:, Also-Control:, Article-Names:, Article-Updates:, and See-Also: headers.

    Besides, nnrpd will similarly reject obsolete sendsys, senduuname and version control messages.

    The presence of a Subject: header field beginning with cmsg no longer causes an article to be interpreted as a control message by nnrpd at injection time.

    nnrpd no longer differentiates IHAVE from POST. Articles injected with IHAVE are now treated as though they were injected with POST. It means that if the previous behaviour of IHAVE was expected, innd should handle itself the connection instead of nnrpd.

    The name of the pullnews configuration file is now pullnews.marks located in pathdb when pullnews is run as the news user, or otherwise in the running user's home directory. It was previously stored in .pullnews in the running user's home directory (even for the news user).

    Fixed a leak of semaphores when using buffindexed. Thanks to Richard Kettlewell for having fixed the issue.

    Building with Libtool is no longer optional. The --enable-libtool option to configure has been removed.

    DESTDIR and non-root installs are now properly supported and documented in INSTALL. The make install, make update and make cert steps properly obey DESTDIR. Besides, it is no longer a requirement that the installation step be done by the superuser, as long as the user executing the install has supplied a DESTDIR value that points to a writable directory, and the person or process performing the install corrects the file ownerships when INN is installed on the system on which it's going to run. Thanks to James Ralston for this support.

    When building INN with Berkeley DB, Cyrus SASL, Kerberos v5, OpenSSL, or zlib support, no longer add standard locations to compiler and linker include flags. Such default paths are now added only if explicitly given to one or more of the --with-bdb, --with-bdb-include, --with-bdb-lib, --with-sasl, --with-sasl-include, --with-sasl-lib, --with-krb5, --with-krb5-include, --with-krb5-lib, --with-openssl, --with-openssl-include, --with-openssl-lib, --with-zlib, --with-zlib-include, or --with-zlib-lib configure flags (the flags ending with -include and -lib are new in INN 2.6.0).

    If the Berkeley DB, Cyrus SASL, Kerberos v5, or OpenSSL SSL and crypto libraries are found at configure time, INN will now be built with support for them unless respectively the --without-bdb, --without-sasl, --without-krb5, or --without-openssl flags are explicitly passed to configure.

    Note that it was already the default behaviour for zlib support when Berkeley DB support was also enabled.

    The configure flag --enable-reduced-depends has been added to request that library probes assume shared libraries are in use and dependencies of libraries should not be probed. It therefore tries to minimize the shared library dependencies of the resulting binaries on platforms with proper shared library dependencies. This is not enabled by default, and is of interest primarily to people building packages for distributions.

    Building INN with Python support now requires the use of Python 2.2.0 or later as the distutils.sysconfig module used was introduced with Python 2.2.0.

    The INN test suite driver is now fully synchronized with the upstream version of the C TAP Harness package maintained by Russ Allbery. Keeping the INN test suite driver up-to-date will be possible thanks to a new getc-tap-harness script in the support directory that automatically fetches the latest upstream changes.

    Similarly, the new getrra-c-util script permits to keep most of the utility and portability functions synchronized with the upstream version of the rra-c-util package maintained by Russ Allbery.

    Other minor bug fixes and documentation improvements.

Revision 1.7 / (download) - annotate - [select for diffs], Sun Oct 5 16:41:08 2014 UTC (6 years ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2017Q1-base, pkgsrc-2017Q1, pkgsrc-2016Q4-base, pkgsrc-2016Q4, pkgsrc-2016Q3-base, pkgsrc-2016Q3, pkgsrc-2016Q2-base, pkgsrc-2016Q2, pkgsrc-2016Q1-base, pkgsrc-2016Q1, pkgsrc-2015Q4-base, pkgsrc-2015Q4, pkgsrc-2015Q3-base, pkgsrc-2015Q3, pkgsrc-2015Q2-base, pkgsrc-2015Q2, pkgsrc-2015Q1-base, pkgsrc-2015Q1, pkgsrc-2014Q4-base, pkgsrc-2014Q4
Changes since 1.6: +2 -1 lines
Diff to previous 1.6 (colored)

Fix ``Please add a line "# used by foo/bar/Makefile" here.'' warnings.

Revision 1.6 / (download) - annotate - [select for diffs], Wed Dec 16 22:10:25 2009 UTC (10 years, 10 months ago) by spz
Branch: MAIN
CVS Tags: pkgsrc-2014Q3-base, pkgsrc-2014Q3, pkgsrc-2014Q2-base, pkgsrc-2014Q2, pkgsrc-2014Q1-base, pkgsrc-2014Q1, pkgsrc-2013Q4-base, pkgsrc-2013Q4, pkgsrc-2013Q3-base, pkgsrc-2013Q3, pkgsrc-2013Q2-base, pkgsrc-2013Q2, pkgsrc-2013Q1-base, pkgsrc-2013Q1, pkgsrc-2012Q4-base, pkgsrc-2012Q4, pkgsrc-2012Q3-base, pkgsrc-2012Q3, pkgsrc-2012Q2-base, pkgsrc-2012Q2, pkgsrc-2012Q1-base, pkgsrc-2012Q1, pkgsrc-2011Q4-base, pkgsrc-2011Q4, pkgsrc-2011Q3-base, pkgsrc-2011Q3, pkgsrc-2011Q2-base, pkgsrc-2011Q2, pkgsrc-2011Q1-base, pkgsrc-2011Q1, pkgsrc-2010Q4-base, pkgsrc-2010Q4, pkgsrc-2010Q3-base, pkgsrc-2010Q3, pkgsrc-2010Q2-base, pkgsrc-2010Q2, pkgsrc-2010Q1-base, pkgsrc-2010Q1, pkgsrc-2009Q4-base, pkgsrc-2009Q4
Changes since 1.5: +3 -1 lines
Diff to previous 1.5 (colored)

The next minor version of INN. From the release announcement:
Major changes from 2.5.0 to 2.5.1

* Fixed a segfault in imap_connection which could occur when SASL was
used.

* Fixed a segfault in the keyword generation code which was assuming
that an article was nul-terminated. Fixed another segfault in the
keyword generation code when an article already contained a Keywords:
header. Thanks to Nix for the bug reports.

* Owing to the US-CERT vulnerability note VU#238019, Cyrus SASL library
has slightly changed. imap_connection and nnrpd now handle that
change. Otherwise, some answers are too long to be properly computed
during SASL exchanges.

* Fixed a memory allocation problem which caused nnrpd to die when
retrieving via HDR/XHDR/XPAT the contents of an extra overview field
absent from the headers of an article. The NEWNEWS command was also
affected on very rare cases. Thanks to Tim Woodall for the bug
report.

* HDR/XHDR/XPAT answers are now robust when the overview database is
inconsistent. When the overview schema was modified without the
overview database being rebuilt, wrong results could be returned for
extra fields (especially a random portion of some other header). The
desired header name is now explicitly searched for in the overview
information.

* Fixed the source which is logged to the news log file for local
postings when the local server is not listed in incoming.conf. A
wrong name was used, taken amongst known peers. The source is now
logged as "localhost".

* Fixed a bug in the timecaf storage method: only the first 65535
articles could be retrievable in a CAF, though everything was properly
stored. (A Crunched Article File contains all the articles that
arrive to the news server during 256 seconds.)

The storage token now uses 4 bytes to store the article sequence
number for timecaf, instead of only 2 bytes. Thanks to Kamil Jonca
for the bug report and also the patch.

* Fixed a bug in both timecaf and timehash which prevented them from
working on systems where short ints were not 16-bit integers.

* When there is not enough space to write an entire CAF header, the
timecaf storage manager now uses a larger blocksize. On 32-bit
systems, the CAF header is about 300 bytes, leaving about 200 bytes
for the free bitmap index (the remaining of a 512-byte blocksize). On
64-bit systems, the size of the CAF header could exceed 512 bytes,
thus leaving no room for the free bitmap index. A 1 KB blocksize is
then used, or a larger size if need be.

* A new CNFS version has been introduced by Miquel van Smoorenburg in
the CNFS header. CNFSv4 uses 4 KB blocks instead of 512 bytes, which
more particularly makes writes faster. CNFSv4 supports
files/partitions up to 16 TB with a 4 KB blocksize.

Existing CNFS buffers are kept unchanged; only new CNFS buffers are
initialized with that new version.

* grephistory -l now returns the contents of the expires history field
as well as the hash of the message-ID. Besides, when the storage API
token does not exist, grephistory -v now also returns the hash of the
requested message-ID.

* The check on cancel messages when *verifycancels* is set to true in
inn.conf has been changed to verify that at least one newsgroup in the
cancel message can be found in the article to be cancelled. This new
feature is from Christopher Biedl.

The previous behaviour was to check whether the cancel message is from
the same person as the original post, which is extremely easy to
spoof; besides, RFC 5537 (USEPRO) mentions that "cancel control
messages are not required to contain From: and Sender: header fields
matching the target message. This requirement only encouraged cancel
issuers to conceal their identity and provided no security".

* The way the "/remember/" line in expire.ctl works has changed.
History retention for an article was done according to its original
arrival time; it is now according to its original posting date.
Otherwise, unnecessary data may be kept too long in the history file.

To achieve that, the HISremember() function in history API now expects
a fourth parameter: the article posting time.

Note that article expiration has not changed and is still based on
arrival time, unless the -p flag is passed to expire or expireover, in
which case posting time is used.

* The default value for "/remember/" has changed from 10 to 11 because
it should be one more than the *artcutoff* parameter in inn.conf, so
that articles posted one day into the future are properly retained in
history.

* auth_krb5 has been rewritten by Russ Allbery to use modern Kerberos
APIs. Note that using ckpasswd with PAM support and a Kerberos PAM
module instead of this authenticator is still recommended.

* A new -L flag has been added by Jonathan Kamens to makehistory so as
to specify a load average limit. If the system load average exceeds
the specified limit, makehistory sleeps until it goes below the limit.

* As UTF-8 is the default character set in RFC 3977, "ctlinnd pause",
"ctlinnd readers", "ctlinnd reject", "ctlinnd reserve", "ctlinnd
throttle" and "nnrpd -r" commands now require the given reason to be
encoded in UTF-8, so that it can be properly sent to news readers.
The creator's name given to "ctlinnd newgroup" is also expected to be
encoded in UTF-8.

* The output of consistency checks for article storage and the history
file no longer appears by default when "cnfsstat -a" is used. A new
-v flag has been added to cnfsstat so as to see it.

* The default path for TLS certificates has changed from *pathnews*/lib
to *pathetc*. It only affects new INN installations or generations of
certificates with "make cert". Besides, a default value has been
added to *tlscapath* because it is required by nnrpd when TLS is used.

* gzip(1) is now the default UUCP batcher in send-uucp instead of
compress(1) because gzip is more widely available than compress, due
to old patent issues. Note that there is no impact on decompression
as it is handled by rnews.

* cnfsheadconf now uses the Perl core module "Math::BigInt" rather than
the deprecated bigint.pl library. When used without specifying a CNFS
buffer, it now properly displays the status of all CNFS buffers.

Revision 1.5 / (download) - annotate - [select for diffs], Sun Dec 21 11:55:25 2008 UTC (11 years, 10 months ago) by spz
Branch: MAIN
CVS Tags: pkgsrc-2009Q3-base, pkgsrc-2009Q3, pkgsrc-2009Q2-base, pkgsrc-2009Q2, pkgsrc-2009Q1-base, pkgsrc-2009Q1, pkgsrc-2008Q4-base, pkgsrc-2008Q4
Changes since 1.4: +4 -1 lines
Diff to previous 1.4 (colored)

make package somewhat cleaner (includes some PLIST cleanup)

Revision 1.4 / (download) - annotate - [select for diffs], Wed Sep 3 06:34:32 2008 UTC (12 years, 1 month ago) by spz
Branch: MAIN
CVS Tags: pkgsrc-2008Q3-base, pkgsrc-2008Q3, cube-native-xorg-base, cube-native-xorg
Changes since 1.3: +2 -2 lines
Diff to previous 1.3 (colored)

when installing to variable locations, make it so we actually vary where we
expect that which we installed (ie, fix PLIST)
also make sure that our installation destination is under PREFIX
fixes PR 39165

Revision 1.3 / (download) - annotate - [select for diffs], Mon Jun 23 09:10:53 2008 UTC (12 years, 4 months ago) by spz
Branch: MAIN
CVS Tags: pkgsrc-2008Q2-base, pkgsrc-2008Q2, cwrapper
Changes since 1.2: +3 -2 lines
Diff to previous 1.2 (colored)

- bump inn version to 2.4.4
- major change of directory structure
- two new options (uucp and perl now both optional)
- change of maintainer

Revision 1.2 / (download) - annotate - [select for diffs], Tue Dec 27 17:45:40 2005 UTC (14 years, 10 months ago) by reed
Branch: MAIN
CVS Tags: pkgsrc-2008Q1-base, pkgsrc-2008Q1, pkgsrc-2007Q4-base, pkgsrc-2007Q4, pkgsrc-2007Q3-base, pkgsrc-2007Q3, pkgsrc-2007Q2-base, pkgsrc-2007Q2, pkgsrc-2007Q1-base, pkgsrc-2007Q1, pkgsrc-2006Q4-base, pkgsrc-2006Q4, pkgsrc-2006Q3-base, pkgsrc-2006Q3, pkgsrc-2006Q2-base, pkgsrc-2006Q2, pkgsrc-2006Q1-base, pkgsrc-2006Q1
Changes since 1.1: +2 -2 lines
Diff to previous 1.1 (colored)

Use VARBASE instead of hardcoded "/var" for the INN_DATA_DIR.
Okayed by maintainer.

Revision 1.1 / (download) - annotate - [select for diffs], Tue Jul 29 16:27:26 2003 UTC (17 years, 3 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2005Q4-base, pkgsrc-2005Q4, pkgsrc-2005Q3-base, pkgsrc-2005Q3, pkgsrc-2005Q2-base, pkgsrc-2005Q2, pkgsrc-2005Q1-base, pkgsrc-2005Q1, pkgsrc-2004Q4-base, pkgsrc-2004Q4, pkgsrc-2004Q3-base, pkgsrc-2004Q3, pkgsrc-2004Q2-base, pkgsrc-2004Q2, pkgsrc-2004Q1-base, pkgsrc-2004Q1, pkgsrc-2003Q4-base, pkgsrc-2003Q4

Apply patch pkgsrc-wip/newsx/news.inn.patch:
Install header files for other packages (in particular, newsx).
Bump PKGREVISION.
Approved by tron@

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>