diff -Nurp inn-2.6.2/ChangeLog inn-2.6.3/ChangeLog --- inn-2.6.2/ChangeLog 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/ChangeLog 2019-02-07 07:02:22.000000000 -0800 @@ -1,402 +1,184 @@ -2018-03-18 iulius +2019-02-07 iulius - * FAQ: Bump the revision number of the forthcoming INN 2.6.2 stable - release + * Update to latest upstream config.guess, config.sub and libtool + versions -2018-03-17 iulius + * Bump revision number for next release and copyright year - * install-sh: avoid (low risk) race in "/tmp" - - Patch from upstream. - - Ensure that nobody can cross privilege boundaries by pre-creating - symlink on '$tmpdir' destination directory. - - Just testing 'mkdir -p' by creating "/tmp/ins$RANDOM-$$/d" is not - safe because "/tmp" directory is usually world-writeable and - "/tmp/ins$RANDOM-$$" content could be pretty easily guessed by - attacker (at least for shells where $RANDOM is not supported). - So, as the first step, create the "/tmp/ins$RANDOM-$$" without - -p. This step would fail early if somebody wanted catch us. - - Systems that implement (and have enabled) fs.protected_symlinks - kernel feature are not affected even without this commit. - -2018-03-16 iulius - - * Fix previous commit - -2018-03-15 iulius - - * Update to latest C TAP Harness upstream version - -2018-03-10 iulius - - * Stop using com_err directly - - com_err is an obsolete way of reporting Kerberos errors. Add some - additional Kerberos portability code from rra-c-util to allow - using krb5_get_error_message, which is the modern approach, and - remove the additional probing for com_err.h. - - Also, if --with-krb5 (or the equivalent for other probes) is - given and a krb5-config was found at the install root, skip the - PATH search for krb5-config to avoid confusing output. This - results in redoing the probe and using cached output when testing - multiple krb5-config features, but that seems better than the - confusing output. - - Patch from Russ Allbery. - - * libinn documentation: fix sample code - - HeaderFind() no longer exists, and a few other functions have - additionnal arguments. - - * Add check for unique Cancel-Key and Cancel-Lock header fields - (RFC 8315) in nnrpd - - * Add access to Jabber-ID header field (RFC 7259) within Perl and - Python hooks for innd. - - Also update POD documentation and the Python sample. - -2018-03-08 iulius +2019-02-04 iulius - * innreport: fix the output of the NoCeM section + * Allow again the use of UTF-8 in header fields - Previously, errors during NoCeM processing did not appear in - daily Usenet reports. + Regression since INN 2.6.1. Posts with internationalized header + fields (UTF-8) are now accepted again. - * scanspool: do not warn for consistency of Newsgroups header - fields in control pseudogroups +2018-12-29 iulius - * Add a few useful monitoring commands to run before making a - release - - Also, typo fix in checklist. - - * inncheck: do not warn when "control" is used in newsgroup pattern - - Lines that were triggering a warning (in sample control.ctl - file): newgroup:*:control|general|junk|test|to:drop - rmgroup:*:control|general|junk|test|to:drop + * Update libtool from upstream 2.4.6-6 Debian version -2018-02-16 iulius + * Update to latest upstream config.guess and config.sub files - * Update license information from rra-c-util upstream version + * Update to latest pgpverify 1.30 - Also fix two gcc warnings in addr-ipv6-t.c and snprintf-t.c. + The previous INN release was done before the official release of + pgpverify 1.30; that's why a few comments differed. - * Add support for GnuPG's gpg binary to pgpverify and perl-nocem - - gpg still validates signatures made with weak digest algorithms - like MD5 whereas gpgv no longer do. - - Thanks to Thomas Hochstein for the patch (for pgpverify), which - permits to validate control articles for hierarchies that are - still using old PGP keys. - - Also add autoconf magic to detect new $INN::Config::gpg variable - (and also for shell and Tcl scripts), and add make use of it in - perl-nocem. + * Bump version information for our libraries released with INN + 2.6.3 - Detect gpg1 in preference to gpg and gpg2. - -2018-02-04 iulius + A few interfaces have changed in libinn (fqdn function, and new + innconf parameter). - * ovdb: improve documentation, and change the default value for - readserver to true + * nnrpd: improve logging of failed connections - Using ovdb_server helper server helps improve the stability of - the ovdb overview method, so sets the default value for - readserver in ovdb.conf to true. + Properly logs the hostname of clients whose connection failed + owing to an issue during the negotiation of a TLS session or high + load average. Nothing was previously logged. - Also greatly improve the documentation for ovdb: better POD - formatting, describe what are the 3 possible versions of ovdb, - clarify what is an upgrade, document the ncache parameter (it was - absent from documentation), remove old wording for nocompact, - remove duplicate explanation of ovdb_init tasks in ovdb(5), - mention that rc.news takes care of stopping ovdb_monitor, add the - -M option to ovdb_stat synopsis, improve ovdb.conf sample file - (better wording, and consistent with the man page). + Thanks to Paolo Amoroso for the bug report. - * ovdb_stat: fix HTML output and Usage information +2018-12-17 iulius -2018-02-03 eagle - - * Handle hostnames not in DNS in GetFQDN + * Fix a const discarding when assigning a variable - If the local hostname isn't in DNS at all, GetFQDN currently - returns NULL. If a domain was provided but the hostname isn't in - DNS, append the domain to the hostname anyway and return the - results. This is possibly still a local configuration error, but - it seems like friendlier behavior, and also lets the test suite - run on hosts with an unresolvable local hostname. + Python 3.7 changed the return value of PyUnicode_AsUTF8 from char + to const char. -2018-01-29 iulius + * Update to latest C TAP Harness upstream version - * Better wording for NEWS +2018-12-02 iulius -2018-01-28 iulius + * Update comments of TLS implementation (it is not v1 only) - * Bump version information for our libraries released with INN - 2.6.2 - - A few interfaces have changed in libinn. + * Take into account return values of chdir and system commands - * Document cancels and cycbuff reallocation in storage methods + * Update to latest rra-c-util upstream version, improving Perl and + Python support at configure time - * Update to latest C TAP Harness and rra-c-util upstream versions + * Update to latest rra-c-util upstream version - Also update accordingly the rest of the INN source code. - -2018-01-23 iulius - - * Update to latest control.ctl upstream file + The Autoconf m4 macros now check that the library's key header + can be found as well as the library. It removes the need of + several checks added in configure.ac to achieve that. - Remove the gov.* hierarchy. + Also fix INN_LIB_KRB5_OPTIONAL probing in the + --enable-reduced-depends case when linking with libkrb5 is not + possible but libcom_err is present. The probes for com_err were + previously not skipped, resulting in a non-empty KRB5_LIBS + containing only -lcom_err, which incorrectly caused the macro to + indicate that Kerberos libraries were present. - * Update to latest install-sh upstream version + * Take into account new GCC 7.0 and 8.0 warnings - Do not append / to destination directory if it already ends in /. - This supports a destination directory of // on hosts where / and - // are distinct directories, as POSIX allows. + Merge commits 10193 and 10291 from CURRENT. - * Update to latest config.guess and config.sub upstream files - -2018-01-07 iulius - - * Adjust buffindexed header page size to platform + * Rewrite GetFQDN and rename to inn_getfqdn - Previously, if the platform page size was larger than 16KB, - buffindexed would just refuse to work on that platform. Instead, - increase the header page size to match the platform page size on - those platforms, but still require that the header page size be a - multiple of the platform page size. + Use getaddrinfo with AI_CANONNAME instead of the tedious code to + find an FQDN in gethostbyname results. Return a newly-allocated + string instead of using a static buffer, since this function + isn't performance-critical, avoiding buffer management + complexity. Adjust call sites to do proper memory allocation + handling of the return value. - Use sysconf(_SC_PAGESIZE) to get the page size instead of - getpagesize(), since it's the POSIX-standard way of doing this. + Remove some old disabled code to try to force canonicalization by + adding a period to the end of the DNS query. - Backport patch against CURRENT from Russ Allbery. - -2017-12-10 iulius + Patch from Russ Allbery (backported from CURRENT). - * Add support for TLS 1.3 +2018-11-11 iulius -2017-11-28 iulius + * Mention in POD documentation that TLS 1.3 no longer allows + TLS-level compression - * innstat: monitor disk usage of more directories, and add the unit + * inn.conf: Add new tlsciphers13 parameter to fine-tune TLS 1.3 + cipher suites - In daily Usenet reports, add disk usage for archive, http and tmp - directories. Also mention the unit of the size of batch and log - files. - -2017-11-25 iulius - - * Improve documentation for ovdb_server - -2017-11-05 eagle - - * Update URL for GUP - -2017-11-04 iulius - - * Enforce new GCC 6 warning options; fix possible NULL-pointer - dereferences - - Add the following warning options: -Wnull-dereference - -Wshift-overflow=2 -Wduplicated-cond - - Do not explicitly mention -Wendif-labels because it is enabled by - default. Also use -O3 instead of -O2. - - Fix in timehash and buffindexed code possible NULL-pointer - dereferences. - -2017-10-16 eagle - - * actsync: fix misleading indentation - - Only do the flush when debugging is on. Backported from r10052 on - CURRENT by iulius. - - * Suppress sign-compare warnings for innfeed lexer + A separate cipher suite configuration parameter is needed for TLS + 1.3 as TLS 1.3 cipher suites are not compatible with TLS 1.2, and + vice-versa. - Some versions of flex (such as 2.6.1-1.3 in Debian stretch) - declare a variable as int that should be size_t. We can't really - do much about that, and it's fixed in current flex, so just - suppress the warning using a gcc pragma. + The tlsciphers13 parameter is based on the already existing + tlsciphers parameter for TLS 1.2 and below. -2017-09-18 iulius +2018-11-10 iulius - * Clarify the use of FQDN in documentation - - There are two things here. First, the FQDNs that exist in the DNS - for a given host: some may be A and AAAA records, other may be - CNAME records, and the host may know them or not. - - Second, the FQDN that the host system will report (hostname - --fqdn), which is a single one, always the same as long as the - configuration will not change. With GNU/Linux, it seems to be - determined this way: - - * if the system hostname contains a dot, return it; * if the - system hostname does not contain a dot, resolve it to an FQDN - using getaddrinfo() (which will resolve it to an IP address and - then back to a name using a reverse resolution, usually using - /etc/hosts, but possibly using the DNS). - - The problem is mostly the over-usage of the term - ?\226?\128?\156FQDN?\226?\128?\157, which can sometimes be - incorrectly understood as meaning ?\226?\128?\156a host's - canonical name?\226?\128?\157. This is emphasized by the fact - that some news services, if not most of them, are referred to - with a service name such as news.example.com, which is fully - qualified, but which is just an alias to the server canonical - name such as gruyere.example.com, which will probably be the - result of a reverse lookup of its IP address as well. + * Fix the use of elliptic curve selection - Most of the time, when resolving a host name to an IP address), - the fact that it is fully qualified or not is irrelevant, as long - as it does resolve. In such cases, it is enough to just mention - ?\226?\128?\156a host name?\226?\128?\157. - - For checking a client IP address against a host name, the fact - that it is FQ or not is again irrelevant, but what is relevant is - whether this check is done by direct lookup of the configured - host name, or by reverse lookup of its IP address. - - For reporting connections with a host name rather than an IP - address, it is not relevant either, this is just a reverse - lookup, and it will almost always return an FQDN indeed, but that - depends on the system configuration. - - Thanks to Tanguy Ortolo for his suggestion of improvement. + OpenSSL 1.1.0 removed the SSL_CTX_set_ecdh_auto function + introduced with OpenSSL 1.0.2. This removal caused INN to always + enforce NIST P-256 instead of using the most secure curve (which + OpenSSL 1.1.0 does by default). Now fixed. - * Avoid a zero-size vector allocation - - Update to latest rra-c-util upstream version. +2018-06-03 eagle - * Clarify the wording about the propagation of control articles + * Enable Perl and Python when testing snapshots - * Document when Injection-Date: header field is not added by nnrpd - (case of multiple injection) - - Thanks to Thomas Hochstein for prompting to document that - behaviour. +2018-05-21 iulius -2017-07-22 iulius - - * mailpost: update the list of known header fields - - * fix writing of message-ID in lowercase + * Update to latest C TAP Harness and rra-c-util upstream versions - * mailpost: add new "-z" parameter to remove header fields + * Add trailing comment in CHECK and TAKETHIS responses - Adds a "-z" parameter to remove any undesired headers from the - gated message. + Responses to CHECK and TAKETHIS commands did not mention the + reason of a reject (notably from Python or Perl filter hook, but + also directly from innd main checks). This is now fixed. - Also, edits the incoming SMTP message's "Received:" header to - remove any "for " clause which contains the name of the - news server (or its domain). It determines the name by examining - "pathhost", "fromhost" and "domain" (from file "inn.conf"). The - reason for this is to protect the gateway mailbox from spammers - who may seek to abuse the gateway. This will also remove any - "*-To:" headers that cite the news server host or domain name - (e.g. "Errors-To:" which are set to report back which user - bounced by using a mailbox pattern in the envelope). As the - gateway mailbox name is now hidden, spammers will have to - discover it via other means. It's not meant as an anti-spam - measure by itself, but spammers can't spam that which they can't - find. Since the administrator knows the message was gated, he - knows it was delivered to the gateway mailbox, so information - deleted from the trace header isn't "lost"; just merely hidden. - "For" clauses from other "Received:" headers not specifying the - mail server's host/domain are left intact. - - Thanks to Dieter Stussy for the patch. + closes #148 -2017-07-11 iulius +2018-05-14 iulius - * mailpost: remove empty header lines within header body + * Various number of typo fixes + + Thanks to Christoph Biedl for the bug report. - * inews: fix the check of header field length + * Add support for embedded Python 3 interpreter to use with innd + and nnrpd filter hooks - The limitation of 998 bytes is for the length of a single line of - a header field, not for the whole header field. + * Update configure script to find Python 3 interpreter and + correctly set linker flags for embedding it. Python 3.3.0 or + later in the 3.x series is now supported. - Also, use MED_BUFFER instead of HEADER_STRLEN in places where a - mere buffer was expected, not related to header length. - - * Update HACKING and NEWS - -2017-07-01 iulius - - * mailpost: remove empty header fields + * Drop support for Python 2.2.0; now, Python 2.3.0 or later in + the 2.x series is required because configure looks for a shared + Python library, installed in the main library location in Python + 2.3.0 and later. - Also, fix a sprintf warning when using "mailpost -n" ($Sendmail - does not contain %s in that case). + * Add m4 macros to check for minimal Python version and module + presence at configure time. - Thanks to Kamil Jonca for the bug report. - -2017-06-05 iulius - - * Fix new implicit-fallthrough warning in GCC 7 + * Notable changes for Python 3 are: - string literals are now + considered as Unicode data whereas they were mere bytes in Python + 2. Consequently, encoding now really matters for strings, and + UTF-8 is required in return values of Python filter hooks. (Note + that compliance with NNTP would also want strings to be encoded + in UTF-8.) Care should be given to use the right str or bytes + objects in Python 3. - Indicate that some functions never return, or that fallthrough in - switch statements is expected. - - * Fix new format-truncation warning in GCC 7 + - buffer objects no longer exist: they have been replaced with + memoryview objects. Consequently, code to deal with them slighty + changed. - A few strings in innfeed status and in Sender/Injection-Info - header fields may have been truncated when generated. The case is - rare, though (240 bytes for instance in the username and - hostname). - - * FAQ: Improve instructions when re-feeding the articles of a news - server + - integers no longer exist in the C API: they have been replaced + with long integers (Py_ssize_t). - Mention to check the newsfeeds file of the new server for the - absence of controlchan; and that innxmit may have to be - re-executed during the operation. - - * innreport: Update the dictionary of ctlinnd commands + - embedded Python initialization is now done differently (with a + PyMODINIT_FUNC function). Try to homogeneize initialization with + Python 2.x. - This way, all ctlinnd commands will correctly appear in clear in - daily Usenet reports. - - * Add support for a new syntaxchecks parameter in inn.conf + * Improve error/notice logs. - This parameter permits to control the level of checks performed - by innd and nnrpd. Up to now, only one check can be - enabled/disabled: when "laxmid" is mentioned in the values of - this new parameter, INN accepts Message-IDs that contain ".." in - the left part, as well as Message-IDs with two "@" (such - Message-IDs would otherwise be considered as syntactically - invalid). - - * Update documentation to latest TLS best current practices + * Update and improve both documentation and samples accordingly. - - Using implicit TLS (port 563) is recommended per RFC 8143. + * Remove unused PYpathkey char * variable. - - The TLS_RSA_WITH_RC4_128_MD5 and - TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA cipher suites are no longer - mandatory. - -2017-05-23 iulius - - * FAQ: Update link to the news.newusers.questions homepage - -2017-04-29 eagle - - * Update URL for svn2cl + * A few typo fixes. -2017-01-12 iulius + * Fix prototypes in clientlib man page - * Mention new RFC 8054 (COMPRESS extension) as implemented in nnrpd + * Typo fixes -2016-12-17 iulius +2018-03-22 iulius - * Bump version for the next 2.6.2 release + * Bump revision number to next 2.6.3 version for STABLE diff -Nurp inn-2.6.2/INSTALL inn-2.6.3/INSTALL --- inn-2.6.2/INSTALL 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/INSTALL 2019-02-07 07:02:22.000000000 -0800 @@ -132,7 +132,7 @@ Before You Begin and versions you'll need: --with-perl Perl 5.004_03 or higher, 5.8.0+ recommended - --with-python Python 2.2.0 or higher, 2.5.0+ recommended (3.x versions currently not supported) + --with-python Python 2.3.0 or higher, 2.5.0+ recommended (in the 2.x series); Python 3.3.0 or higher (in the 3.x series) --with-bdb Berkeley DB 4.4 or higher, 4.7+ recommended --with-zlib zlib 1.x or higher --with-openssl OpenSSL 0.9.6 or higher @@ -327,9 +327,12 @@ Installing INN --with-python Enables support for Python, allowing you to install filter and authentication scripts written in Python. You will need - Python 2.2.0 or later installed on your system to enable this - option. See doc/hook-python for all the details. Please note that - Python 3.x is currently not supported. + Python 2.3.0 or later (in the 2.x series), or Python 3.3.0 or later + (in the 3.x series) installed on your system to enable this option. + See doc/hook-python for all the details. + + If the $PYTHON environment variable is set, it will be used as the + path to Python. --with-innd-port=PORT By default, innbind(8) refuses to bind to any port under 1024 other @@ -480,14 +483,14 @@ Installing INN compiled into INN; it's used primarily in some situations like building a software distribution, where software has to be installed into some file system that will later be mounted as / on the final system. Using - DESTDIR permits to build INN, install it into a virtual root directory, - and package the resulting files in a single step, without manual - intervention, by a non-root user. It is possible to build and install - INN in this way, but you must set a DESTDIR value for the install step, - and additionally, you must tell the installation process that it should - omit executing "chown" and "chgrp" commands (which will fail if the - installation step is being executed by a non-root user). To do this, - type: + DESTDIR permits building INN, installing it into a virtual root + directory, and packaging the resulting files in a single step, without + manual intervention, by a non-root user. It is possible to build and + install INN in this way, but you must set a DESTDIR value for the + install step, and additionally, you must tell the installation process + that it should omit executing "chown" and "chgrp" commands (which will + fail if the installation step is being executed by a non-root user). To + do this, type: CHOWNPROG=set CHGRPPROG=set make DESTDIR=/tmp/inn-root install @@ -1658,5 +1661,5 @@ Processing Newsgroup Control Messages you may have to remove all the user IDs except the one that matches the control.ctl entry using "gpg --edit-key" and the "delkey" command. - $Id: install.pod 10179 2017-09-18 20:13:48Z iulius $ + $Id: install.pod 10283 2018-05-14 12:43:05Z iulius $ diff -Nurp inn-2.6.2/LICENSE inn-2.6.3/LICENSE --- inn-2.6.2/LICENSE 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/LICENSE 2019-02-07 07:02:22.000000000 -0800 @@ -3,7 +3,7 @@ different licenses and/or copyrights is and license: Copyright (c) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, - 2013, 2014, 2015, 2016, 2017, 2018 + 2013, 2014, 2015, 2016, 2017, 2018, 2019 by Internet Systems Consortium, Inc. ("ISC") Copyright (c) 1991, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003 by The Internet Software Consortium and Rich Salz diff -Nurp inn-2.6.2/Makefile.global.in inn-2.6.3/Makefile.global.in --- inn-2.6.2/Makefile.global.in 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/Makefile.global.in 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -## $Id: Makefile.global.in 10229 2018-01-28 21:21:21Z iulius $ +## $Id: Makefile.global.in 10274 2018-03-22 20:36:39Z iulius $ ## ## This file is meant to be the central Makefile that configure works with ## and that all other Makefiles include. No Makefile other than this one @@ -18,7 +18,7 @@ ## keep their length reasonable; otherwise, your news server will not ## be complying with the NNTP protocol. -VERSION = 2.6.2 +VERSION = 2.6.3 VERSION_EXTRA = ## The absolute path to the top of the build directory, used to find the diff -Nurp inn-2.6.2/NEWS inn-2.6.3/NEWS --- inn-2.6.2/NEWS 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/NEWS 2019-02-07 07:02:22.000000000 -0800 @@ -1,7 +1,52 @@ +Changes in 2.6.3 + + * Fixed the selection of the elliptic curve to use with OpenSSL 1.1.0 or + later; NIST P-256 was enforced instead of using the most secure curve. + + * A new inn.conf parameter has been added to fine-tune the cipher suites + to use with TLS 1.3: the *tlsciphers13* now permits configuring them. + A separate cipher suite configuration parameter is needed for TLS 1.3 + because TLS 1.3 cipher suites are not compatible with TLS 1.2, and + vice-versa. In order to avoid issues where legacy TLS 1.2 cipher + suite configuration configured in the *tlsciphers* parameter would + inadvertently disable all TLS 1.3 cipher suites, the inn.conf + configuration has been separated out. + + * Fixed a regression since INN 2.6.1 that prevented articles with + internationalized header fields (that is to say encoded in UTF-8) from + being posted. + + * Support for Python 3 has been added to INN. Embedded Python filtering + and authentication hooks for innd and nnrpd can now use version 3.3.0 + or later of the Python interpreter. In the 2.x series, version 2.3.0 + or later is still supported. + + When configuring INN with the --with-python flag, the "PYTHON" + environment variable, when set, is used to select the interpreter to + embed. Otherwise, it is searched in standard paths. + + In case you change the Python interpreter to embed, make sure that the + Python scripts you use are written in the expected syntax for that + version of the Python interpreter. Notably, buffer objects have been + replaced with memoryview objects in Python 3, and UTF-8 encoding now + really matters for string literals (Python 3 uses bytes and Unicode + objects). + + INN documentation and samples of Python hooks have been updated to + provide more examples. + + * When a Python or Perl filter hook rejects an article, innd now + mentions the reason in response to CHECK and TAKETHIS commands. + Previously, the reason was given only for the IHAVE command. + + * nnrpd now properly logs the hostname of clients whose connection + failed owing to an issue during the negotiation of a TLS session or + high load average. + Changes in 2.6.2 * A new *syntaxchecks* parameter has been added in inn.conf. It permits - to control the level of checks performed by innd and nnrpd. Up to + controlling the level of checks performed by innd and nnrpd. Up to now, only one check can be enabled/disabled: when *laxmid* is mentioned in the values of this new parameter, INN accepts Message-IDs that contain ".." in the left part, as well as Message-IDs with two @@ -35,7 +80,7 @@ Changes in 2.6.2 * Added support for GnuPG's gpg binary (in addition to gpgv) in pgpverify. Indeed, gpg still validates signatures made with weak digest algorithms like MD5 whereas gpgv no longer do. Thanks to - Thomas Hochstein for the patch, which permits to validate control + Thomas Hochstein for the patch, which permits validating control articles for hierarchies that are still using old PGP keys. * Added similar support for GnuPG's gpg binary in perl-nocem to validate @@ -76,7 +121,7 @@ Changes in 2.6.1 with the best current practices for a secure use of TLS in application protocols like NNTP. Using the new COMPRESS command is recommended. - * The *tlscompression* parameter in inn.conf now also permits to disable + * The *tlscompression* parameter in inn.conf now also permits disabling TLS-level compression with OpenSSL 0.9.8. It previously had an effect only when OpenSSL 1.0.0 or later was used. @@ -131,7 +176,7 @@ Upgrading from 2.5 to 2.6 home directory (even for the news user). If you use pullnews, you need to manually move and rename the configuration file; otherwise, it will no longer work. Note that the -c flag passed to pullnews allows - to specify another configuration file, if need be. + specifying another configuration file, if need be. * The default location of the mailpost database directory has changed from *pathtmp* to *pathdb*. If you use mailpost without an explicitly @@ -307,7 +352,7 @@ Changes in 2.6.0 to a new getc-tap-harness script in the support directory that automatically fetches the latest upstream changes. - Similarly, the new getrra-c-util script permits to keep most of the + Similarly, the new getrra-c-util script permits keeping most of the utility and portability functions synchronized with the upstream version of the rra-c-util package maintained by Russ Allbery. @@ -318,7 +363,7 @@ Changes in 2.5.5 * New inn.conf parameters used by nnrpd to fine-tune the TLS/SSL configuration have been added: *tlsciphers*, *tlscompression*, *tlseccurve*, *tlspreferserverciphers*, and *tlsprotocols*. Many - thanks to Christian Mock for his contribution that permits to tighten + thanks to Christian Mock for his contribution that permits tightening the level of security provided by TLS/SSL. * innwatch no longer creates a child process only for sleeping and then @@ -361,8 +406,8 @@ Changes in 2.5.5 * Several improvements have been contributed to pullnews by Geraint Edwards: the new -a flag adds the Diablo-compatible hashfeed ability, the new -B flag triggers header-only feeding, the -m flag now permits - to remove headers matching (or not) a given regexp, and rnews - reporting is improved. + removing headers matching (or not) a given regexp, and rnews reporting + is improved. * innreport now properly takes into account the time nnrpd spends writing when using SASL. @@ -534,9 +579,9 @@ Changes in 2.5.3 the reply. Thanks to River Tarnell for these bug reports. * It is now possible to properly generate daily statistics with - sendinpaths thanks to the new -k and -r flags that permit to control + sendinpaths thanks to the new -k and -r flags that permit controlling the interval of days for processing dump files. The new -c flag - permits to send a copy of the generated e-mail to the newsmaster. + permits sending a copy of the generated e-mail to the newsmaster. Also fixed an issue with statistics that could be missing or duplicated for a couple of days when monthly sent. @@ -1226,7 +1271,7 @@ Changes in 2.5.0 especially checkgroups: the active and newsgroups files are now properly updated when they are processed, and all matching lines in control.ctl for a given checkgroups are honoured (which for instance - allows to use both drop and doit actions for the same checkgroups + allows using both drop and doit actions for the same checkgroups message). A new control.ctl.local file has also been added in *pathetc*. Rules @@ -1282,7 +1327,7 @@ Changes in 2.5.0 maintenance, running procbatch. * Support for *runasuser* and *runasgroup* parameters in inn.conf allows - to set the news user and the news group under which the news server + setting the news user and the news group under which the news server runs. Thanks to Ivan Shmakov for this feature. New other options have been added to configuration files: *ignore* in @@ -1383,11 +1428,11 @@ Changes in 2.4.6 the security the user wants to enforce on his system are possible. * A new improved version of docheckgroups is shipped with INN. The -u - flag permits to automatically update the newsgroups file (with a - proper number of tabulations and an alphabetical sort), removing - obsolete descriptions and adding new ones. A second argument on - command-line permits to specify which newsgroups should not be - checked, so as not to treat them. + flag permits updating automatically the newsgroups file (with a proper + number of tabulations and an alphabetical sort), removing obsolete + descriptions and adding new ones. A second argument on command-line + permits specifying which newsgroups should not be checked, so as not + to treat them. * An *email=* keyword has been added by James Ralston to news.daily in order to supply another mail address than the one set at configure @@ -1512,7 +1557,7 @@ Changes in 2.4.4 The issue was reported by Viktor Pilpenok and fixed by Marco d'Itri. * Added support for Diablo quickhash and hashfeed algorithms. It allows - to distribute the messages among several peers (new Q flag for + distributing the messages among several peers (new Q flag for newsfeeds). Thanks to Miquel van Smoorenburg for this implementation in INN. @@ -1533,7 +1578,7 @@ Changes in 2.4.4 of nnrpd spawned from innd. * A new inn.conf parameter called *pathcluster* has been added: it - allows to append a common name to the Path: header on all incoming + allows appending a common name to the Path: header on all incoming articles. *pathhost* and *pathalias* (if set) are still appended to the path as usual, but *pathcluster* is always appended as the last element (e.g. on the leftmost side of the Path: header). Thanks to @@ -2274,5 +2319,5 @@ Changes in 2.2.0 * The innshellvars.csh.in script is obsolete (and lives in the obsolete directory, for now). - $Id: news.pod 10245 2018-02-16 21:11:59Z iulius $ + $Id: news.pod 10326 2019-02-04 14:22:34Z iulius $ diff -Nurp inn-2.6.2/backends/inndf.c inn-2.6.3/backends/inndf.c --- inn-2.6.2/backends/inndf.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/backends/inndf.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: inndf.c 9891 2015-06-03 19:08:50Z iulius $ +/* $Id: inndf.c 10305 2018-12-02 14:21:56Z iulius $ ** ** Reports free kilobytes (not disk blocks) or free inodes. ** @@ -332,7 +332,7 @@ main(int argc, char *argv[]) printf("Space used is meaningless for the %s method\n", innconf->ovmethod); else - printf("%.2f%% overview space used\n", used); + printf("%.2f%% overview space used\n", (double) used); } if (overview != NULL) overview_close(overview); diff -Nurp inn-2.6.2/backends/innxbatch.c inn-2.6.3/backends/innxbatch.c --- inn-2.6.2/backends/innxbatch.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/backends/innxbatch.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: innxbatch.c 10153 2017-06-05 12:28:01Z iulius $ +/* $Id: innxbatch.c 10305 2018-12-02 14:21:56Z iulius $ ** ** Transmit batches to remote site, using the XBATCH command ** Modelled after innxmit.c and nntpbatch.c @@ -60,6 +60,9 @@ */ static bool Debug = false; static bool STATprint; +#ifdef FROMSTDIN +static bool FromStdin = false; +#endif static char *REMhost; static double STATbegin; static double STATend; diff -Nurp inn-2.6.2/backends/innxmit.c inn-2.6.3/backends/innxmit.c --- inn-2.6.2/backends/innxmit.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/backends/innxmit.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: innxmit.c 10153 2017-06-05 12:28:01Z iulius $ +/* $Id: innxmit.c 10305 2018-12-02 14:21:56Z iulius $ ** ** Transmit articles to remote site. ** Modified for NNTP streaming: 1996-01-03 Jerry Aguirre. @@ -602,7 +602,7 @@ REMsendarticle(char *Article, char *Mess return false; if (HeadersFeed) { struct iovec vec[3]; - char buf[20]; + char buf[32]; int iscmsg = 0; int len = HeadersLen(art, &iscmsg); diff -Nurp inn-2.6.2/backends/nntpget.c inn-2.6.3/backends/nntpget.c --- inn-2.6.2/backends/nntpget.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/backends/nntpget.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: nntpget.c 10153 2017-06-05 12:28:01Z iulius $ +/* $Id: nntpget.c 10305 2018-12-02 14:21:56Z iulius $ ** ** Connect to a remote site, and get news from it to offer to our local ** server. Read list on stdin, or get it via NEWNEWS command. Writes @@ -197,7 +197,7 @@ int main(int ac, char *av[]) { char buff[NNTP_MAXLEN_COMMAND]; - char mesgid[NNTP_MAXLEN_COMMAND]; + char mesgid[NNTP_MAXLEN_MSGID+10]; char tbuff[SMBUF]; char *msgidfile = NULL; int msgidfd; diff -Nurp inn-2.6.2/backends/shlock.c inn-2.6.3/backends/shlock.c --- inn-2.6.2/backends/shlock.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/backends/shlock.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: shlock.c 10153 2017-06-05 12:28:01Z iulius $ +/* $Id: shlock.c 10305 2018-12-02 14:21:56Z iulius $ ** ** Produce reliable locks for shell scripts, by Peter Honeyman as told ** to Rich $alz. @@ -131,7 +131,7 @@ main(int ac, char *av[]) char *p; int fd; char tmp[BUFSIZ]; - char tmp2[BUFSIZ]; + char tmp2[BUFSIZ+1]; char buff[BUFSIZ]; char *name; pid_t pid; diff -Nurp inn-2.6.2/configure inn-2.6.3/configure --- inn-2.6.2/configure 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/configure 2019-02-07 07:02:22.000000000 -0800 @@ -1,7 +1,7 @@ #! /bin/sh -# From configure.ac Revision: 10266 . +# From configure.ac Revision: 10306 . # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for INN 2.6.2. +# Generated by GNU Autoconf 2.69 for INN 2.6.3. # # Report bugs to . # @@ -591,8 +591,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='INN' PACKAGE_TARNAME='inn' -PACKAGE_VERSION='2.6.2' -PACKAGE_STRING='INN 2.6.2' +PACKAGE_VERSION='2.6.3' +PACKAGE_STRING='INN 2.6.3' PACKAGE_BUGREPORT='inn-workers@lists.isc.org' PACKAGE_URL='https://www.isc.org/downloads/projects/' @@ -1437,7 +1437,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures INN 2.6.2 to adapt to many kinds of systems. +\`configure' configures INN 2.6.3 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1503,7 +1503,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of INN 2.6.2:";; + short | recursive ) echo "Configuration of INN 2.6.3:";; esac cat <<\_ACEOF @@ -1679,7 +1679,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -INN configure 2.6.2 +INN configure 2.6.3 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2518,7 +2518,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by INN $as_me 2.6.2, which was +It was created by INN $as_me 2.6.3, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3013,6 +3013,8 @@ ac_configure="$SHELL $ac_aux_dir/configu + + # libtool.m4 - Configure libtool for the host system. -*-Autoconf-*- # # Copyright (C) 1996-2001, 2003-2015 Free Software Foundation, Inc. @@ -4784,6 +4786,14 @@ ac_configure="$SHELL $ac_aux_dir/configu + + + + + + + + test x"$prefix" = xNONE && prefix="$ac_default_prefix" ac_ext=c @@ -8222,11 +8232,8 @@ _LT_EOF test $ac_status = 0; }; then # Now try to grab the symbols. nlist=conftest.nm - if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist\""; } >&5 - (eval $NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } && test -s "$nlist"; then + $ECHO "$as_me:$LINENO: $NM conftest.$ac_objext | $lt_cv_sys_global_symbol_pipe > $nlist" >&5 + if eval "$NM" conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist 2>&5 && test -s "$nlist"; then # Try sorting and uniquifying the output. if sort "$nlist" | uniq > "$nlist"T; then mv -f "$nlist"T "$nlist" @@ -14220,6 +14227,7 @@ $as_echo "$ac_cv_path_PERL" >&6; } as_fn_error $? "Perl 5.004_03 or greater is required" "$LINENO" 5 fi PERL="$ac_cv_path_PERL" + fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for Perl module Encode" >&5 $as_echo_n "checking for Perl module Encode... " >&6; } @@ -14325,6 +14333,33 @@ esac PERL_LIBS="$inn_perl_core_libs" { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PERL_LIBS" >&5 $as_echo "$PERL_LIBS" >&6; } + inn_perl_save_CPPFLAGS="$CPPFLAGS" + inn_perl_save_LIBS="$LIBS" + CPPFLAGS="$PERL_CPPFLAGS $CPPFLAGS" + LIBS="$PERL_LIBS $LIBS" + ac_fn_c_check_header_mongrel "$LINENO" "EXTERN.h" "ac_cv_header_EXTERN_h" "$ac_includes_default" +if test "x$ac_cv_header_EXTERN_h" = xyes; then : + +else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "unable to compile with EXTERN.h +See \`config.log' for more details" "$LINENO" 5; } +fi + + + ac_fn_c_check_func "$LINENO" "perl_alloc" "ac_cv_func_perl_alloc" +if test "x$ac_cv_func_perl_alloc" = xyes; then : + +else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "unable to link with Perl library +See \`config.log' for more details" "$LINENO" 5; } +fi + + CPPFLAGS="$inn_perl_save_CPPFLAGS" + LIBS="$inn_perl_save_LIBS" inn_perl_core_flags=" $PERL_CPPFLAGS " if test x"$inn_enable_largefiles" != xyes; then : for f in -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGE_FILES ; do @@ -14387,7 +14422,6 @@ else fi - # Check whether --with-python was given. if test "${with_python+set}" = set; then : withval=$with_python; case $withval in #( @@ -14405,76 +14439,145 @@ else DO_PYTHON=DONT fi - if test x"$DO_PYTHON" = xDO; then : - if test x"${PYTHON}" = x ; then - # Extract the first word of "python", so it can be a program name with args. -set dummy python; ac_word=$2 -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } + +if test x"$DO_PYTHON" = xDO; then : + + if test x"2.3.0" != x; then : + inn_py_expected_ver="2.3.0 (2.x series)" +else + inn_py_expected_ver="" +fi + if test x"3.3.0" != x; then : + if test x"2.3.0" != x; then : + inn_py_expected_ver="$inn_py_expected_ver or " +fi + inn_py_expected_ver="${inn_py_expected_ver}3.3.0" +fi + if test x"$PYTHON" != x; then : + if ! test -x "$PYTHON"; then : + as_fn_error $? "Python binary $PYTHON not found" "$LINENO" 5 +fi + if ! "$PYTHON" -c ' +import sys +two_okay = False +three_okay = False +if sys.argv[1]: + two_tuple = tuple(int(i) for i in sys.argv[1].split(".")) + if sys.version_info.major == 2 and sys.version_info >= two_tuple: + two_okay = True +if sys.argv[2]: + three_tuple = tuple(int(i) for i in sys.argv[2].split(".")) + if sys.version_info.major > 2 and sys.version_info >= three_tuple: + three_okay = True +assert(two_okay or three_okay) +' '2.3.0' '3.3.0' >/dev/null 2>&1; then : + as_fn_error $? "Python $inn_py_expected_ver or greater is required" "$LINENO" 5 +fi +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for Python version $inn_py_expected_ver or later" >&5 +$as_echo_n "checking for Python version $inn_py_expected_ver or later... " >&6; } if ${ac_cv_path_PYTHON+:} false; then : $as_echo_n "(cached) " >&6 else - case $PYTHON in - [\\/]* | ?:[\\/]*) - ac_cv_path_PYTHON="$PYTHON" # Let the user override the test with a path. - ;; - *) + if test -z "$PYTHON"; then + ac_path_PYTHON_found=false + # Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. + for ac_prog in python python3 python2; do for ac_exec_ext in '' $ac_executable_extensions; do - if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then - ac_cv_path_PYTHON="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done + ac_path_PYTHON="$as_dir/$ac_prog$ac_exec_ext" + as_fn_executable_p "$ac_path_PYTHON" || continue +if "$ac_path_PYTHON" -c ' +import sys +two_okay = False +three_okay = False +if sys.argv[1]: + two_tuple = tuple(int(i) for i in sys.argv[1].split(".")) + if sys.version_info.major == 2 and sys.version_info >= two_tuple: + two_okay = True +if sys.argv[2]: + three_tuple = tuple(int(i) for i in sys.argv[2].split(".")) + if sys.version_info.major > 2 and sys.version_info >= three_tuple: + three_okay = True +assert(two_okay or three_okay) +' \ + '2.3.0' '3.3.0' >/dev/null 2>&1; then : + ac_cv_path_PYTHON="$ac_path_PYTHON" + ac_path_PYTHON_found=: +fi + $ac_path_PYTHON_found && break 3 + done + done done IFS=$as_save_IFS - - ;; -esac -fi -PYTHON=$ac_cv_path_PYTHON -if test -n "$PYTHON"; then - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PYTHON" >&5 -$as_echo "$PYTHON" >&6; } + if test -z "$ac_cv_path_PYTHON"; then + : + fi else - { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 -$as_echo "no" >&6; } + ac_cv_path_PYTHON=$PYTHON fi - fi -if test x"${PYTHON}" = x ; then - as_fn_error $? "python was not found in path and is required" "$LINENO" 5 +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_PYTHON" >&5 +$as_echo "$ac_cv_path_PYTHON" >&6; } + if test x"$ac_cv_path_PYTHON" = x; then : + as_fn_error $? "Python $inn_py_expected_ver or greater is required" "$LINENO" 5 +fi + PYTHON="$ac_cv_path_PYTHON" + fi - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for Python linkage" >&5 -$as_echo_n "checking for Python linkage... " >&6; } - py_include=`$PYTHON -c 'import distutils.sysconfig; \ - print(distutils.sysconfig.get_python_inc())'` - PYTHON_CPPFLAGS="-I$py_include" - py_ver=`$PYTHON -c 'import sys; print(sys.version[:3])'` - py_libdir=`$PYTHON -c 'import distutils.sysconfig; \ - print(distutils.sysconfig.get_python_lib(0, 1))'` - py_linkage=`$PYTHON -c 'import distutils.sysconfig; \ - print(" ".join(distutils.sysconfig.get_config_vars("LIBS", \ - "LIBC", "LIBM", "LOCALMODLIBS", "BASEMODLIBS", \ - "LINKFORSHARED", "LDFLAGS")))'` - py_configdir=`$PYTHON -c 'import distutils.sysconfig; \ - print(distutils.sysconfig.get_config_var("LIBPL"))'` - PYTHON_LIBS="-L$py_configdir -lpython$py_ver $py_linkage" - PYTHON_LIBS=`echo $PYTHON_LIBS | sed -e 's/ \\t*/ /g'` - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $py_libdir" >&5 -$as_echo "$py_libdir" >&6; } + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for flags to link with Python" >&5 +$as_echo_n "checking for flags to link with Python... " >&6; } + py_include=`$PYTHON -c 'import distutils.sysconfig; \ + print(distutils.sysconfig.get_python_inc())'` + PYTHON_CPPFLAGS="-I$py_include" + py_libdir=`$PYTHON -c 'import distutils.sysconfig; \ + print(" -L".join(distutils.sysconfig.get_config_vars("LIBDIR")))'` + py_ldlibrary=`$PYTHON -c 'import distutils.sysconfig; \ + print(distutils.sysconfig.get_config_vars("LDLIBRARY")[0])'` + py_linkage=`$PYTHON -c 'import distutils.sysconfig; \ + print(" ".join(distutils.sysconfig.get_config_vars( \ + "LIBS", "LIBC", "LIBM", "LOCALMODLIBS", "BASEMODLIBS", \ + "LINKFORSHARED", "LDFLAGS")))'` + py_libpython=`echo $py_ldlibrary | sed "s/^lib//" | sed "s/\.[a-z]*$//"` + PYTHON_LIBS="-L$py_libdir -l$py_libpython $py_linkage" + PYTHON_LIBS=`echo $PYTHON_LIBS | sed -e 's/ \\t*/ /g'` + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PYTHON_LIBS" >&5 +$as_echo "$PYTHON_LIBS" >&6; } + inn_python_save_CPPFLAGS="$CPPFLAGS" + inn_python_save_LIBS="$LIBS" + CPPFLAGS="$PYTHON_CPPFLAGS $CPPFLAGS" + LIBS="$PYTHON_LIBS $LIBS" + ac_fn_c_check_header_mongrel "$LINENO" "Python.h" "ac_cv_header_Python_h" "$ac_includes_default" +if test "x$ac_cv_header_Python_h" = xyes; then : + else - PYTHON_CPPFLAGS= - PYTHON_LIBS= + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "unable to compile with Python.h +See \`config.log' for more details" "$LINENO" 5; } fi + ac_fn_c_check_func "$LINENO" "Py_Initialize" "ac_cv_func_Py_Initialize" +if test "x$ac_cv_func_Py_Initialize" = xyes; then : + +else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "unable to link with Python library +See \`config.log' for more details" "$LINENO" 5; } +fi + + CPPFLAGS="$inn_python_save_CPPFLAGS" + LIBS="$inn_python_save_LIBS" +fi HOSTNAME=`hostname 2> /dev/null || uname -n` @@ -16656,7 +16759,9 @@ fi CPPFLAGS="$BDB_CPPFLAGS $CPPFLAGS" LDFLAGS="$BDB_LDFLAGS $LDFLAGS" LIBS="$BDB_LIBS $LIBS" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for db_create in -ldb" >&5 + ac_fn_c_check_header_mongrel "$LINENO" "db.h" "ac_cv_header_db_h" "$ac_includes_default" +if test "x$ac_cv_header_db_h" = xyes; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for db_create in -ldb" >&5 $as_echo_n "checking for db_create in -ldb... " >&6; } if ${ac_cv_lib_db_db_create+:} false; then : $as_echo_n "(cached) " >&6 @@ -16700,6 +16805,13 @@ else fi fi +else + if test x"true" = xtrue; then : + as_fn_error $? "cannot find usable Berkeley DB header" "$LINENO" 5 +fi +fi + + CPPFLAGS="$inn_BDB_save_CPPFLAGS" LDFLAGS="$inn_BDB_save_LDFLAGS" LIBS="$inn_BDB_save_LIBS" @@ -16740,7 +16852,9 @@ fi CPPFLAGS="$BDB_CPPFLAGS $CPPFLAGS" LDFLAGS="$BDB_LDFLAGS $LDFLAGS" LIBS="$BDB_LIBS $LIBS" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for db_create in -ldb" >&5 + ac_fn_c_check_header_mongrel "$LINENO" "db.h" "ac_cv_header_db_h" "$ac_includes_default" +if test "x$ac_cv_header_db_h" = xyes; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for db_create in -ldb" >&5 $as_echo_n "checking for db_create in -ldb... " >&6; } if ${ac_cv_lib_db_db_create+:} false; then : $as_echo_n "(cached) " >&6 @@ -16784,12 +16898,23 @@ else fi fi +else + if test x"false" = xtrue; then : + as_fn_error $? "cannot find usable Berkeley DB header" "$LINENO" 5 +fi +fi + + CPPFLAGS="$inn_BDB_save_CPPFLAGS" LDFLAGS="$inn_BDB_save_LDFLAGS" LIBS="$inn_BDB_save_LIBS" fi fi - if test x"$BDB_LIBS" != x; then : + if test x"$BDB_LIBS" = x; then : + BDB_CPPFLAGS= + BDB_LDFLAGS= + BDB_LIBS= +else inn_use_BDB=true $as_echo "#define HAVE_BDB 1" >>confdefs.h @@ -16928,14 +17053,8 @@ fi $as_echo "$ac_cv_lib_krb5_krb5_init_context" >&6; } if test "x$ac_cv_lib_krb5_krb5_init_context" = xyes; then : KRB5_LIBS="-lkrb5" -else - if test x"true" = xtrue; then : - as_fn_error $? "cannot find usable Kerberos library" "$LINENO" 5 -fi -fi - - LIBS="$KRB5_LIBS $LIBS" - if test x"$inn_krb5_incroot" = x; then : + LIBS="$KRB5_LIBS $LIBS" + if test x"$inn_krb5_incroot" = x; then : for ac_header in krb5.h kerberosv5/krb5.h krb5/krb5.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` @@ -16993,7 +17112,7 @@ else $as_echo "no" >&6; } fi fi - for ac_func in krb5_get_error_message + for ac_func in krb5_get_error_message do : ac_fn_c_check_func "$LINENO" "krb5_get_error_message" "ac_cv_func_krb5_get_error_message" if test "x$ac_cv_func_krb5_get_error_message" = xyes; then : @@ -17068,9 +17187,9 @@ fi $as_echo "$ac_cv_lib_ksvc_krb5_svc_get_msg" >&6; } if test "x$ac_cv_lib_ksvc_krb5_svc_get_msg" = xyes; then : KRB5_LIBS="$KRB5_LIBS -lksvc" - $as_echo "#define HAVE_KRB5_SVC_GET_MSG 1" >>confdefs.h + $as_echo "#define HAVE_KRB5_SVC_GET_MSG 1" >>confdefs.h - for ac_header in ibm_svc/krb5_svc.h + for ac_header in ibm_svc/krb5_svc.h do : ac_fn_c_check_header_compile "$LINENO" "ibm_svc/krb5_svc.h" "ac_cv_header_ibm_svc_krb5_svc_h" " #if HAVE_KRB5_H @@ -17138,7 +17257,7 @@ else fi fi - if test x"$inn_krb5_incroot" = x; then : + if test x"$inn_krb5_incroot" = x; then : for ac_header in et/com_err.h kerberosv5/com_err.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` @@ -17193,6 +17312,12 @@ done fi done +else + if test x"true" = xtrue; then : + as_fn_error $? "cannot find usable Kerberos library" "$LINENO" 5 +fi +fi + CPPFLAGS="$inn_krb5_save_CPPFLAGS" LDFLAGS="$inn_krb5_save_LDFLAGS" LIBS="$inn_krb5_save_LIBS" @@ -20635,14 +20760,8 @@ fi $as_echo "$ac_cv_lib_krb5_krb5_init_context" >&6; } if test "x$ac_cv_lib_krb5_krb5_init_context" = xyes; then : KRB5_LIBS="-lkrb5" -else - if test x"false" = xtrue; then : - as_fn_error $? "cannot find usable Kerberos library" "$LINENO" 5 -fi -fi - - LIBS="$KRB5_LIBS $LIBS" - if test x"$inn_krb5_incroot" = x; then : + LIBS="$KRB5_LIBS $LIBS" + if test x"$inn_krb5_incroot" = x; then : for ac_header in krb5.h kerberosv5/krb5.h krb5/krb5.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` @@ -20700,7 +20819,7 @@ else $as_echo "no" >&6; } fi fi - for ac_func in krb5_get_error_message + for ac_func in krb5_get_error_message do : ac_fn_c_check_func "$LINENO" "krb5_get_error_message" "ac_cv_func_krb5_get_error_message" if test "x$ac_cv_func_krb5_get_error_message" = xyes; then : @@ -20775,9 +20894,9 @@ fi $as_echo "$ac_cv_lib_ksvc_krb5_svc_get_msg" >&6; } if test "x$ac_cv_lib_ksvc_krb5_svc_get_msg" = xyes; then : KRB5_LIBS="$KRB5_LIBS -lksvc" - $as_echo "#define HAVE_KRB5_SVC_GET_MSG 1" >>confdefs.h + $as_echo "#define HAVE_KRB5_SVC_GET_MSG 1" >>confdefs.h - for ac_header in ibm_svc/krb5_svc.h + for ac_header in ibm_svc/krb5_svc.h do : ac_fn_c_check_header_compile "$LINENO" "ibm_svc/krb5_svc.h" "ac_cv_header_ibm_svc_krb5_svc_h" " #if HAVE_KRB5_H @@ -20845,7 +20964,7 @@ else fi fi - if test x"$inn_krb5_incroot" = x; then : + if test x"$inn_krb5_incroot" = x; then : for ac_header in et/com_err.h kerberosv5/com_err.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` @@ -20900,6 +21019,12 @@ done fi done +else + if test x"false" = xtrue; then : + as_fn_error $? "cannot find usable Kerberos library" "$LINENO" 5 +fi +fi + CPPFLAGS="$inn_krb5_save_CPPFLAGS" LDFLAGS="$inn_krb5_save_LDFLAGS" LIBS="$inn_krb5_save_LIBS" @@ -24347,7 +24472,9 @@ fi CPPFLAGS="$OPENSSL_CPPFLAGS $CPPFLAGS" LDFLAGS="$OPENSSL_LDFLAGS $LDFLAGS" LIBS="$OPENSSL_LIBS $LIBS" - inn_openssl_extra= + ac_fn_c_check_header_mongrel "$LINENO" "openssl/ssl.h" "ac_cv_header_openssl_ssl_h" "$ac_includes_default" +if test "x$ac_cv_header_openssl_ssl_h" = xyes; then : + inn_openssl_extra= LIBS= if test x"$inn_reduced_depends" != xtrue; then : { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing dlopen" >&5 @@ -24544,6 +24671,13 @@ fi fi fi +else + if test x"true" = xtrue; then : + as_fn_error $? "cannot find usable OpenSSL header" "$LINENO" 5 +fi +fi + + CPPFLAGS="$inn_OPENSSL_save_CPPFLAGS" LDFLAGS="$inn_OPENSSL_save_LDFLAGS" LIBS="$inn_OPENSSL_save_LIBS" @@ -24591,7 +24725,9 @@ fi CPPFLAGS="$OPENSSL_CPPFLAGS $CPPFLAGS" LDFLAGS="$OPENSSL_LDFLAGS $LDFLAGS" LIBS="$OPENSSL_LIBS $LIBS" - inn_openssl_extra= + ac_fn_c_check_header_mongrel "$LINENO" "openssl/ssl.h" "ac_cv_header_openssl_ssl_h" "$ac_includes_default" +if test "x$ac_cv_header_openssl_ssl_h" = xyes; then : + inn_openssl_extra= LIBS= if test x"$inn_reduced_depends" != xtrue; then : { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing dlopen" >&5 @@ -24788,12 +24924,26 @@ fi fi fi +else + if test x"false" = xtrue; then : + as_fn_error $? "cannot find usable OpenSSL header" "$LINENO" 5 +fi +fi + + CPPFLAGS="$inn_OPENSSL_save_CPPFLAGS" LDFLAGS="$inn_OPENSSL_save_LDFLAGS" LIBS="$inn_OPENSSL_save_LIBS" fi fi - if test x"$OPENSSL_LIBS" != x; then : + if test x"$OPENSSL_LIBS" = x; then : + OPENSSL_CPPFLAGS= + OPENSSL_LDFLAGS= + OPENSSL_LIBS= + CRYPTO_CPPFLAGS= + CRYPTO_LDFLAGS= + CRYPTO_LIBS= +else inn_use_OPENSSL=true $as_echo "#define HAVE_OPENSSL 1" >>confdefs.h @@ -24876,7 +25026,9 @@ fi CPPFLAGS="$SASL_CPPFLAGS $CPPFLAGS" LDFLAGS="$SASL_LDFLAGS $LDFLAGS" LIBS="$SASL_LIBS $LIBS" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for sasl_getprop in -lsasl2" >&5 + ac_fn_c_check_header_mongrel "$LINENO" "sasl/sasl.h" "ac_cv_header_sasl_sasl_h" "$ac_includes_default" +if test "x$ac_cv_header_sasl_sasl_h" = xyes; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for sasl_getprop in -lsasl2" >&5 $as_echo_n "checking for sasl_getprop in -lsasl2... " >&6; } if ${ac_cv_lib_sasl2_sasl_getprop+:} false; then : $as_echo_n "(cached) " >&6 @@ -24920,6 +25072,13 @@ else fi fi +else + if test x"true" = xtrue; then : + as_fn_error $? "cannot find usable Cyrus SASL header" "$LINENO" 5 +fi +fi + + CPPFLAGS="$inn_SASL_save_CPPFLAGS" LDFLAGS="$inn_SASL_save_LDFLAGS" LIBS="$inn_SASL_save_LIBS" @@ -24960,7 +25119,9 @@ fi CPPFLAGS="$SASL_CPPFLAGS $CPPFLAGS" LDFLAGS="$SASL_LDFLAGS $LDFLAGS" LIBS="$SASL_LIBS $LIBS" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for sasl_getprop in -lsasl2" >&5 + ac_fn_c_check_header_mongrel "$LINENO" "sasl/sasl.h" "ac_cv_header_sasl_sasl_h" "$ac_includes_default" +if test "x$ac_cv_header_sasl_sasl_h" = xyes; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for sasl_getprop in -lsasl2" >&5 $as_echo_n "checking for sasl_getprop in -lsasl2... " >&6; } if ${ac_cv_lib_sasl2_sasl_getprop+:} false; then : $as_echo_n "(cached) " >&6 @@ -25004,12 +25165,23 @@ else fi fi +else + if test x"false" = xtrue; then : + as_fn_error $? "cannot find usable Cyrus SASL header" "$LINENO" 5 +fi +fi + + CPPFLAGS="$inn_SASL_save_CPPFLAGS" LDFLAGS="$inn_SASL_save_LDFLAGS" LIBS="$inn_SASL_save_LIBS" fi fi - if test x"$SASL_LIBS" != x; then : + if test x"$SASL_LIBS" = x; then : + SASL_CPPFLAGS= + SASL_LDFLAGS= + SASL_LIBS= +else inn_use_SASL=true $as_echo "#define HAVE_SASL 1" >>confdefs.h @@ -25092,7 +25264,9 @@ fi CPPFLAGS="$ZLIB_CPPFLAGS $CPPFLAGS" LDFLAGS="$ZLIB_LDFLAGS $LDFLAGS" LIBS="$ZLIB_LIBS $LIBS" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for compress in -lz" >&5 + ac_fn_c_check_header_mongrel "$LINENO" "zlib.h" "ac_cv_header_zlib_h" "$ac_includes_default" +if test "x$ac_cv_header_zlib_h" = xyes; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for compress in -lz" >&5 $as_echo_n "checking for compress in -lz... " >&6; } if ${ac_cv_lib_z_compress+:} false; then : $as_echo_n "(cached) " >&6 @@ -25136,6 +25310,13 @@ else fi fi +else + if test x"true" = xtrue; then : + as_fn_error $? "cannot find usable zlib header" "$LINENO" 5 +fi +fi + + CPPFLAGS="$inn_ZLIB_save_CPPFLAGS" LDFLAGS="$inn_ZLIB_save_LDFLAGS" LIBS="$inn_ZLIB_save_LIBS" @@ -25176,7 +25357,9 @@ fi CPPFLAGS="$ZLIB_CPPFLAGS $CPPFLAGS" LDFLAGS="$ZLIB_LDFLAGS $LDFLAGS" LIBS="$ZLIB_LIBS $LIBS" - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for compress in -lz" >&5 + ac_fn_c_check_header_mongrel "$LINENO" "zlib.h" "ac_cv_header_zlib_h" "$ac_includes_default" +if test "x$ac_cv_header_zlib_h" = xyes; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for compress in -lz" >&5 $as_echo_n "checking for compress in -lz... " >&6; } if ${ac_cv_lib_z_compress+:} false; then : $as_echo_n "(cached) " >&6 @@ -25220,12 +25403,23 @@ else fi fi +else + if test x"false" = xtrue; then : + as_fn_error $? "cannot find usable zlib header" "$LINENO" 5 +fi +fi + + CPPFLAGS="$inn_ZLIB_save_CPPFLAGS" LDFLAGS="$inn_ZLIB_save_LDFLAGS" LIBS="$inn_ZLIB_save_LIBS" fi fi - if test x"$ZLIB_LIBS" != x; then : + if test x"$ZLIB_LIBS" = x; then : + ZLIB_CPPFLAGS= + ZLIB_LDFLAGS= + ZLIB_LIBS= +else inn_use_ZLIB=true $as_echo "#define HAVE_ZLIB 1" >>confdefs.h @@ -25238,41 +25432,6 @@ fi if test x"$inn_use_BDB" = xtrue; then : - inn_BDB_incroot= - inn_BDB_header_found= - if test x"$inn_BDB_includedir" != x; then : - inn_BDB_incroot="$inn_BDB_includedir" -else - if test x"$inn_BDB_root" != x; then : - inn_BDB_incroot="${inn_BDB_root}/include" -fi -fi - if test x"$inn_BDB_incroot" = x; then : - for ac_header in db.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "db.h" "ac_cv_header_db_h" "$ac_includes_default" -if test "x$ac_cv_header_db_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_DB_H 1 -_ACEOF - inn_BDB_header_found=yes -else - inn_BDB_header_found=no -fi - -done - -else - if test -f "${inn_BDB_incroot}/db.h"; then : - inn_BDB_header_found=yes - -$as_echo "#define HAVE_DB_H 1" >>confdefs.h - -else - inn_BDB_header_found=no -fi -fi - if test x"${inn_BDB_header_found}" = xyes; then : inn_BDB_save_CPPFLAGS="$CPPFLAGS" inn_BDB_save_LDFLAGS="$LDFLAGS" inn_BDB_save_LIBS="$LIBS" @@ -25319,15 +25478,6 @@ fi CPPFLAGS="$inn_BDB_save_CPPFLAGS" LDFLAGS="$inn_BDB_save_LDFLAGS" LIBS="$inn_BDB_save_LIBS" -else - if test x"$with_bdb" = x; then : - BDB_CPPFLAGS= - BDB_LDFLAGS= - BDB_LIBS= -else - as_fn_error $? "cannot find usable Berkeley DB header" "$LINENO" 5 -fi -fi fi if test x"$inn_cv_lib_bdb_ndbm" != xyes; then : @@ -25402,150 +25552,6 @@ else fi -if test x"$inn_use_ZLIB" = xtrue; then : - inn_ZLIB_incroot= - inn_ZLIB_header_found= - if test x"$inn_ZLIB_includedir" != x; then : - inn_ZLIB_incroot="$inn_ZLIB_includedir" -else - if test x"$inn_ZLIB_root" != x; then : - inn_ZLIB_incroot="${inn_ZLIB_root}/include" -fi -fi - if test x"$inn_ZLIB_incroot" = x; then : - for ac_header in zlib.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "zlib.h" "ac_cv_header_zlib_h" "$ac_includes_default" -if test "x$ac_cv_header_zlib_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_ZLIB_H 1 -_ACEOF - inn_ZLIB_header_found=yes -else - inn_ZLIB_header_found=no -fi - -done - -else - if test -f "${inn_ZLIB_incroot}/zlib.h"; then : - inn_ZLIB_header_found=yes - -$as_echo "#define HAVE_ZLIB_H 1" >>confdefs.h - -else - inn_ZLIB_header_found=no -fi -fi - if test x"${inn_ZLIB_header_found}" = xyes; then : - -else - if test x"$with_zlib" = x; then : - ZLIB_CPPFLAGS= - ZLIB_LDFLAGS= - ZLIB_LIBS= -else - as_fn_error $? "cannot find usable zlib header" "$LINENO" 5 -fi -fi -fi - -if test x"$inn_use_OPENSSL" = xtrue; then : - inn_OPENSSL_incroot= - inn_OPENSSL_header_found= - if test x"$inn_OPENSSL_includedir" != x; then : - inn_OPENSSL_incroot="$inn_OPENSSL_includedir" -else - if test x"$inn_OPENSSL_root" != x; then : - inn_OPENSSL_incroot="${inn_OPENSSL_root}/include" -fi -fi - if test x"$inn_OPENSSL_incroot" = x; then : - for ac_header in openssl/ssl.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "openssl/ssl.h" "ac_cv_header_openssl_ssl_h" "$ac_includes_default" -if test "x$ac_cv_header_openssl_ssl_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_OPENSSL_SSL_H 1 -_ACEOF - inn_OPENSSL_header_found=yes -else - inn_OPENSSL_header_found=no -fi - -done - -else - if test -f "${inn_OPENSSL_incroot}/openssl/ssl.h"; then : - inn_OPENSSL_header_found=yes - -$as_echo "#define HAVE_OPENSSL_SSL_H 1" >>confdefs.h - -else - inn_OPENSSL_header_found=no -fi -fi - if test x"${inn_OPENSSL_header_found}" = xyes; then : - -else - if test x"$with_openssl" = x; then : - OPENSSL_CPPFLAGS= - OPENSSL_LDFLAGS= - OPENSSL_LIBS= -else - as_fn_error $? "cannot find usable OpenSSL header" "$LINENO" 5 -fi -fi -fi - -if test x"$inn_use_SASL" = xtrue; then : - inn_SASL_incroot= - inn_SASL_header_found= - if test x"$inn_SASL_includedir" != x; then : - inn_SASL_incroot="$inn_SASL_includedir" -else - if test x"$inn_SASL_root" != x; then : - inn_SASL_incroot="${inn_SASL_root}/include" -fi -fi - if test x"$inn_SASL_incroot" = x; then : - for ac_header in sasl/sasl.h -do : - ac_fn_c_check_header_mongrel "$LINENO" "sasl/sasl.h" "ac_cv_header_sasl_sasl_h" "$ac_includes_default" -if test "x$ac_cv_header_sasl_sasl_h" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_SASL_SASL_H 1 -_ACEOF - inn_SASL_header_found=yes -else - inn_SASL_header_found=no -fi - -done - -else - if test -f "${inn_SASL_incroot}/sasl/sasl.h"; then : - inn_SASL_header_found=yes - -$as_echo "#define HAVE_SASL_SASL_H 1" >>confdefs.h - -else - inn_SASL_header_found=no -fi -fi - if test x"${inn_SASL_header_found}" = xyes; then : - -else - if test x"$with_sasl" = x; then : - SASL_CPPFLAGS= - SASL_LDFLAGS= - SASL_LIBS= -else - as_fn_error $? "cannot find usable Cyrus SASL header" "$LINENO" 5 -fi -fi -fi - if test x"$inn_enable_largefiles" = xyes ; then # Check whether --enable-largefile was given. if test "${enable_largefile+set}" = set; then : @@ -28986,7 +28992,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_wri # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by INN $as_me 2.6.2, which was +This file was extended by INN $as_me 2.6.3, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -29053,7 +29059,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -INN config.status 2.6.2 +INN config.status 2.6.3 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -Nurp inn-2.6.2/configure.ac inn-2.6.3/configure.ac --- inn-2.6.2/configure.ac 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/configure.ac 2019-02-07 07:02:22.000000000 -0800 @@ -1,5 +1,5 @@ dnl Process this file with Autoconf to produce a configure script. -dnl $Id: configure.ac 10266 2018-03-10 14:59:27Z iulius $ +dnl $Id: configure.ac 10306 2018-12-02 14:26:13Z iulius $ dnl dnl Please try to follow GNU conventions and Autoconf manual conventions as dnl much as possible in this file so that any macros we develop can be easily @@ -26,10 +26,10 @@ dnl bother checking for it. Compile-tim dnl useful information for someone debugging a problem than configure-time dnl errors. -AC_INIT([INN], [2.6.2], [inn-workers@lists.isc.org], +AC_INIT([INN], [2.6.3], [inn-workers@lists.isc.org], [inn], [https://www.isc.org/downloads/projects/]) AC_PREREQ([2.64]) -AC_REVISION([$Revision: 10266 $]) +AC_REVISION([$Revision: 10306 $]) AC_CONFIG_AUX_DIR([support]) dnl Lots of our macros are stored in separate files for ease of maintenance. @@ -223,8 +223,27 @@ AS_IF([test x"$DO_PERL" = xDO], AC_SUBST([PERL_LIBS]) AC_SUBST([PERL_WARNINGS])]) -dnl Check for embedded Python interpreter. -INN_ARG_PYTHON +dnl Support for embedded Python. +AC_ARG_WITH([python], + [AS_HELP_STRING([--with-python], + [Embedded Python module support @<:@no@:>@])], + [AS_CASE([$withval], + [yes], + [DO_PYTHON=DO + AC_DEFINE([DO_PYTHON], [1], + [Define to compile in Python module support.])], + [no], + [DO_PYTHON=DONT], + [AC_MSG_ERROR([invalid argument to --with-python])])], + [DO_PYTHON=DONT]) + +dnl Checks for a recent enough Python interpreter for embedded Python. +dnl Requires 2.3.0 because configure looks for a shared Python library, +dnl installed in the main library location in Python 2.3.0 and later. +dnl Python 3.3.0 and later is also supported. +AS_IF([test x"$DO_PYTHON" = xDO], + [INN_PROG_PYTHON([2.3.0], [3.3.0]) + INN_LIB_PYTHON]) dnl Set some configuration file defaults from the machine hostname. HOSTNAME=`hostname 2> /dev/null || uname -n` @@ -398,31 +417,9 @@ dnl that program. AS_IF([test x"$inn_use_KRB5" = xtrue], [KRB5_AUTH=auth_krb5]) AC_SUBST([KRB5_AUTH]) -dnl If Berkeley DB is found, check the presence of its header and whether the -dnl Berkeley DB library has ndbm support. -AS_IF([test x"$inn_use_BDB" = xtrue], - [inn_BDB_incroot= - inn_BDB_header_found= - AS_IF([test x"$inn_BDB_includedir" != x], - [inn_BDB_incroot="$inn_BDB_includedir"], - [AS_IF([test x"$inn_BDB_root" != x], - [inn_BDB_incroot="${inn_BDB_root}/include"])]) - AS_IF([test x"$inn_BDB_incroot" = x], - [AC_CHECK_HEADERS([db.h], - [inn_BDB_header_found=yes], - [inn_BDB_header_found=no])], - [AS_IF([test -f "${inn_BDB_incroot}/db.h"], - [inn_BDB_header_found=yes - AC_DEFINE([HAVE_DB_H], [1], - [Define if you have the header file.])], - [inn_BDB_header_found=no])]) - AS_IF([test x"${inn_BDB_header_found}" = xyes], - [INN_LIB_BDB_NDBM], - [AS_IF([test x"$with_bdb" = x], - [BDB_CPPFLAGS= - BDB_LDFLAGS= - BDB_LIBS=], - [AC_MSG_ERROR([cannot find usable Berkeley DB header])])])]) +dnl If Berkeley DB is found, check whether the Berkeley DB library +dnl has ndbm support. +AS_IF([test x"$inn_use_BDB" = xtrue], [INN_LIB_BDB_NDBM]) dnl The dbm libraries are a special case. If we're building with Berkeley DB, dnl just use the ndbm support provided by it. @@ -437,78 +434,6 @@ AS_IF([test x"$inn_cv_lib_bdb_ndbm" != x AC_SUBST([DBM_LIBS])]) AC_SUBST([DBM_CPPFLAGS]) -dnl If zlib support is found, check the presence of its header. -AS_IF([test x"$inn_use_ZLIB" = xtrue], - [inn_ZLIB_incroot= - inn_ZLIB_header_found= - AS_IF([test x"$inn_ZLIB_includedir" != x], - [inn_ZLIB_incroot="$inn_ZLIB_includedir"], - [AS_IF([test x"$inn_ZLIB_root" != x], - [inn_ZLIB_incroot="${inn_ZLIB_root}/include"])]) - AS_IF([test x"$inn_ZLIB_incroot" = x], - [AC_CHECK_HEADERS([zlib.h], - [inn_ZLIB_header_found=yes], - [inn_ZLIB_header_found=no])], - [AS_IF([test -f "${inn_ZLIB_incroot}/zlib.h"], - [inn_ZLIB_header_found=yes - AC_DEFINE([HAVE_ZLIB_H], [1], - [Define if you have the header file.])], - [inn_ZLIB_header_found=no])]) - AS_IF([test x"${inn_ZLIB_header_found}" = xyes], [], - [AS_IF([test x"$with_zlib" = x], - [ZLIB_CPPFLAGS= - ZLIB_LDFLAGS= - ZLIB_LIBS=], - [AC_MSG_ERROR([cannot find usable zlib header])])])]) - -dnl If OpenSSL support is found, check the presence of its header. -AS_IF([test x"$inn_use_OPENSSL" = xtrue], - [inn_OPENSSL_incroot= - inn_OPENSSL_header_found= - AS_IF([test x"$inn_OPENSSL_includedir" != x], - [inn_OPENSSL_incroot="$inn_OPENSSL_includedir"], - [AS_IF([test x"$inn_OPENSSL_root" != x], - [inn_OPENSSL_incroot="${inn_OPENSSL_root}/include"])]) - AS_IF([test x"$inn_OPENSSL_incroot" = x], - [AC_CHECK_HEADERS([openssl/ssl.h], - [inn_OPENSSL_header_found=yes], - [inn_OPENSSL_header_found=no])], - [AS_IF([test -f "${inn_OPENSSL_incroot}/openssl/ssl.h"], - [inn_OPENSSL_header_found=yes - AC_DEFINE([HAVE_OPENSSL_SSL_H], [1], - [Define if you have the header file.])], - [inn_OPENSSL_header_found=no])]) - AS_IF([test x"${inn_OPENSSL_header_found}" = xyes], [], - [AS_IF([test x"$with_openssl" = x], - [OPENSSL_CPPFLAGS= - OPENSSL_LDFLAGS= - OPENSSL_LIBS=], - [AC_MSG_ERROR([cannot find usable OpenSSL header])])])]) - -dnl If SASL support is found, check the presence of its header. -AS_IF([test x"$inn_use_SASL" = xtrue], - [inn_SASL_incroot= - inn_SASL_header_found= - AS_IF([test x"$inn_SASL_includedir" != x], - [inn_SASL_incroot="$inn_SASL_includedir"], - [AS_IF([test x"$inn_SASL_root" != x], - [inn_SASL_incroot="${inn_SASL_root}/include"])]) - AS_IF([test x"$inn_SASL_incroot" = x], - [AC_CHECK_HEADERS([sasl/sasl.h], - [inn_SASL_header_found=yes], - [inn_SASL_header_found=no])], - [AS_IF([test -f "${inn_SASL_incroot}/sasl/sasl.h"], - [inn_SASL_header_found=yes - AC_DEFINE([HAVE_SASL_SASL_H], [1], - [Define if you have the header file.])], - [inn_SASL_header_found=no])]) - AS_IF([test x"${inn_SASL_header_found}" = xyes], [], - [AS_IF([test x"$with_sasl" = x], - [SASL_CPPFLAGS= - SASL_LDFLAGS= - SASL_LIBS=], - [AC_MSG_ERROR([cannot find usable Cyrus SASL header])])])]) - dnl If configuring with large file support, determine the right flags to dnl use based on the platform. if test x"$inn_enable_largefiles" = xyes ; then diff -Nurp inn-2.6.2/contrib/auth_pass.README inn-2.6.3/contrib/auth_pass.README --- inn-2.6.2/contrib/auth_pass.README 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/contrib/auth_pass.README 2019-02-07 07:02:22.000000000 -0800 @@ -66,7 +66,7 @@ who may be interested in writing your ow unsuccessful authentication is indicated by a non-zero exit status. 4) Need I say it (again)...these programs can be a security hole unless care is - taken to avoid SUID programs and those that transmit/recieve passwords in + taken to avoid SUID programs and those that transmit/receive passwords in the clear (especially those that use login passwords). We should give some thought to doing a similiar program for Kerberos authentication (what sort of instance should we use???) and other authentication methods such as diff -Nurp inn-2.6.2/contrib/newsresp.c inn-2.6.3/contrib/newsresp.c --- inn-2.6.2/contrib/newsresp.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/contrib/newsresp.c 2019-02-07 07:02:22.000000000 -0800 @@ -190,19 +190,19 @@ ptime(void) diff = elapsed; elapsed = do_time(start); diff = elapsed - diff; - printf("%5.1f %5.1f ",((float)elapsed)/1000.0,((float)diff)/1000.0); + printf("%5.1f %5.1f ", ((double)elapsed)/1000.0, ((double)diff)/1000.0); } void -massagebuff(int bread, char *buf) +massagebuff(int bread, char *buffer) { char *p; if ( bread > 55 ) - strcpy(buf+55," [...]\n"); + strcpy(buffer+55," [...]\n"); else - buf[bread] = '\0'; - for ( p = buf; *p != '\0'; ) + buffer[bread] = '\0'; + for ( p = buffer; *p != '\0'; ) if ( *p != '\r' ) /* We like to do it RISC style. */ p++; else { diff -Nurp inn-2.6.2/control/pgpverify.in inn-2.6.3/control/pgpverify.in --- inn-2.6.2/control/pgpverify.in 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/control/pgpverify.in 2019-02-07 07:02:22.000000000 -0800 @@ -17,9 +17,9 @@ # practice. # # Changes from 1.29 -> 1.30 -# -- Support for GnuPG's gpg binary (in addition to gpgv). Indeed, gpg -# still validates signatures made with weak digest algorithms like MD5 -# whereas current versions of gpgv no longer do. +# -- Support for GnuPG's gpg binary (in addition to gpgv). gpg (from +# GnuPG 1.x) still validates signatures made with weak digest +# algorithms like MD5 whereas current versions of gpgv no longer do. # # Changes from 1.28 -> 1.29 # -- Disambiguate numbered lists from description lists in POD to silent @@ -31,7 +31,7 @@ # # Changes from 1.27 -> 1.28 # -- Use the INN::Config Perl module instead of innshellvars.pl to -# accomodate the new build process of INN 2.5. +# accommodate the new build process of INN 2.5. # # Changes from 1.26 -> 1.27 # -- Default to pubring.gpg when trustedkeys.gpg is not found in the @@ -72,7 +72,7 @@ # # Changes from 1.13 -> 1.13.1 # -- Nothing functional, just moved the innshellvars.pl line to the head of -# the script, to accomodate the build process of INN. +# the script, to accommodate the build process of INN. # # Changes from 1.12 -> 1.13 # -- Use INN's syslog_facility if available. @@ -137,7 +137,9 @@ # Path to the GnuPG gpg binary, if you have GnuPG and don't want to use # gpgv. This will be used in preference to gpgv and PGP. If you have INN # and the script is able to successfully include your INN::Config module, -# the value of $INN::Config::gpg will override this. +# the value of $INN::Config::gpg will override this. On a recent Debian +# variant, use /usr/bin/gpg1 (from the gnupg1 package) if you want to +# support old signatures with MD5 digest algorithms. # $gpg = '/usr/local/bin/gpg'; # Path to the GnuPG gpgv binary, if you have GnuPG. If you do, this will diff -Nurp inn-2.6.2/doc/FAQ inn-2.6.3/doc/FAQ --- inn-2.6.2/doc/FAQ 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/FAQ 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -$Id: FAQ 10272 2018-03-18 14:08:51Z iulius $ +$Id: FAQ 10329 2019-02-07 14:29:19Z iulius $ From: Russ Allbery Subject: INN 2.x FAQ @@ -139,7 +139,7 @@ beginner's introduction, see the news.ne Subject: 1.2. What is the current version? -The most recently released version of INN is 2.6.2. +The most recently released version of INN is 2.6.3. INN development proceeds in two branches, as with many other free software projects. The STABLE branch is maintenance of the most recently released diff -Nurp inn-2.6.2/doc/checklist inn-2.6.3/doc/checklist --- inn-2.6.2/doc/checklist 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/checklist 2019-02-07 07:02:22.000000000 -0800 @@ -1,6 +1,6 @@ Introduction - $Id: checklist.pod 10257 2018-03-08 16:17:55Z iulius $ + $Id: checklist.pod 10283 2018-05-14 12:43:05Z iulius $ This is an installation checklist written by Rebecca Ore, intended to be the beginning of a different presentation of the information in INSTALL, @@ -119,7 +119,7 @@ Configure Name the metacycbuff, then configure storage.conf. * In storage.conf, be sure that all sizes of articles can be - accomodated. If you want to throw away large articles, do it + accommodated. If you want to throw away large articles, do it explicitly by using the "trash" storage method (you can also set a lower *maxartsize* in inn.conf). diff -Nurp inn-2.6.2/doc/history inn-2.6.3/doc/history --- inn-2.6.2/doc/history 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/history 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -$Revision: 7628 $ +$Revision: 10283 $ This file contains a few messages of historical interest. Some of the information in these messages is out of date (e.g., you don't need any other software, ihave/sendme is suported, etc); see the README and @@ -109,7 +109,7 @@ control messages are not supported. Als invalid articles are dropped, rather than filed into "junk." (A log message is written with the reason, and also sent back to the upstream feed as part of the NNTP reject reply.) The active file is taken to be -the definitive list of groups that an article wants to recieve, and if +the definitive list of groups that an article wants to receive, and if none of an article's newsgroups are mentioned in the active file, then the article is invalid, logged, and dropped. diff -Nurp inn-2.6.2/doc/hook-perl inn-2.6.3/doc/hook-perl --- inn-2.6.2/doc/hook-perl 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/hook-perl 2019-02-07 07:02:22.000000000 -0800 @@ -442,7 +442,7 @@ Perl Authentication Support for nnrpd inclusion of a perl_auth: parameter in a readers.conf auth group. perl_auth: works exactly like the auth: parameter in readers.conf, except that it calls the script given as argument using the Perl hook - rather then treating it as an external program. + rather than treating it as an external program. If the processing of readers.conf requires that a perl_auth: statement be used for authentication, Perl is loaded (if it has yet to be) and the @@ -644,5 +644,5 @@ Available Packages for quotaing the number of messages any user can post to Usenet daily. It uses filter_nnrpd.pl. - $Id: hook-perl.pod 10263 2018-03-10 14:51:53Z iulius $ + $Id: hook-perl.pod 10280 2018-05-14 12:32:44Z iulius $ diff -Nurp inn-2.6.2/doc/hook-python inn-2.6.3/doc/hook-python --- inn-2.6.2/doc/hook-python 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/hook-python 2019-02-07 07:02:22.000000000 -0800 @@ -5,9 +5,8 @@ INN Python Filtering and Authentication previously added by Bob Heiney and Christophe Wolfhugel. For this filter to work successfully, you will need to have at least - Python 2.2.0 installed. You can obtain it from - . Please note that Python 3.x is currently not - supported. + Python 2.3.0 (in the 2.x series) or Python 3.3.0 (in the 3.x series) + installed. You can obtain it from . The innd Python interface and the original Python filtering documentation were written by Greg Andruk (nee Fluffy) @@ -88,15 +87,16 @@ Writing an innd Filter your INN (especially, the Xref: header, if present, is the one of the remote site which sent you the article, and not yours). - These values will be buffer objects holding the contents of the same - named article headers, except for the special "__BODY__" and - "__LINES__" items. Items not present in the article will contain - "None". - - "art['__BODY__']" is a buffer object containing the article's entire - body, and "art['__LINES__']" is an int holding innd's reckoning of - the number of lines in the article. All the other elements will be - buffers with the contents of the same-named article headers. + These values will be buffer objects (for Python 2.x) or memoryview + objects (for Python 3.x) holding the contents of the same named + article headers, except for the special "__BODY__" and "__LINES__" + items. Items not present in the article will contain "None". + + "art['__BODY__']" is a buffer/memoryview object containing the + article's entire body, and "art['__LINES__']" is a long integer + holding innd's reckoning of the number of lines in the article. All + the other elements will be buffer/memoryview objects with the + contents of the same-named article headers. The Newsgroups: header of the article is accessible inside the Python filter as "art['Newsgroups']". @@ -107,13 +107,13 @@ Writing an innd Filter # Syntax for Python 2.x. Newsgroups = intern("Newsgroups") if art[Newsgroups] == buffer("misc.test"): - print("Test group") + syslog("n", "Test group") # Syntax for Python 3.x. import sys Newsgroups = sys.intern("Newsgroups") if art[Newsgroups] == memoryview(b"misc.test"): - print("Test group") + syslog("n", "Test group") If you want to accept an article, return "None" or an empty string. To reject, return a non-empty string. The rejection strings will be @@ -122,11 +122,11 @@ Writing an innd Filter is properly encoded in UTF-8 so as to comply with the NNTP protocol. filter_messageid(*self*, *msgid*) - *msgid* is a buffer object containing the ID of an article being - offered by CHECK, IHAVE or TAKETHIS. Like with "filter_art", the - message will be refused if you return a non-empty string. If you - use this feature, keep it light because it is called at a rather - busy place in innd's main loop. + *msgid* is a string containing the ID of an article being offered by + CHECK, IHAVE or TAKETHIS. Like with "filter_art", the message will + be refused if you return a non-empty string (properly encoded in + UTF-8). If you use this feature, keep it light because it is called + at a rather busy place in innd's main loop. filter_mode(*self*, *oldmode*, *newmode*, *reason*) When the operator issues a ctlinnd "pause", "throttle", "go", @@ -179,13 +179,14 @@ Writing an innd Filter innd to see whether the methods exist and are callable, but if you define one and get the parameter counts wrong, innd WILL DIE. You have been warned. Be careful with your return values, too. The "filter_art" - and "filter_messageid" methods have to return strings, or "None". If - you return something like an int, innd will *not* be happy. + and "filter_messageid" methods have to return strings (encoded in + UTF-8), or "None". If you return something like an int, innd will *not* + be happy. A Note regarding Buffer Objects This section is not applicable to Python 3.x where buffer objects have - been replaced with memory views. + been replaced with memoryview objects. Buffer objects are cousins of strings, new in Python 1.5.2. Using buffer objects may take some getting used to, but we can create buffers @@ -288,23 +289,26 @@ Writing an innd Filter # We can look at the header or all of an article already on spool, # too. Might be useful for long-memory despamming or # authentication things. Each is returned (if present) as a - # string object; otherwise you'll end up with an empty string. + # string object (in Python 2.x) or a bytes object (in Python 3.x); + # otherwise you'll end up with an empty string. artbody = INN.article('') artheader = INN.head('') # As we can compute a hash digest for a string, we can obtain one - # for artbody. It might be of help to detect spam. + # for artbody. It might be of help to detect spam. The digest is a + # string object (in Python 2.x) or a bytes object (in Python 3.x). digest = INN.hashstring(artbody) # Finally, do you want to see if a given newsgroup is moderated or # whatever? INN.newsgroup returns the last field of a group's - # entry in active as a string. + # entry in active as a string object (in Python 2.x) or a bytes + # object (in Python 3.x). groupstatus = INN.newsgroup('alt.fan.karl-malden.nose') - if groupstatus == '': + if groupstatus == '': # Compare to b'' for Python 3.x. moderated = 'no such newsgroup' - elif groupstatus == 'y': + elif groupstatus == 'y': # Compare to b'y' for Python 3.x. moderated = "nope" - elif groupstatus == 'm': + elif groupstatus == 'm': # Compare to b'm' for Python 3.x. moderated = "yep" else: moderated = "something else" @@ -319,10 +323,10 @@ Writing an nnrpd Filter , not Erik. The remainder of this section is an introduction to the new mechanism - (which uses the *python_auth*, *python_access*, and *python_dynamic* - readers.conf parameters) with porting/migration suggestions for people - familiar with the old mechanism (identifiable by the now deprecated - *nnrpperlauth* parameter in inn.conf). + introduced in INN 2.4.0 (which uses the *python_auth*, *python_access*, + and *python_dynamic* readers.conf parameters) with porting/migration + suggestions for people familiar with the old mechanism (identifiable by + the now deprecated *nnrppythonauth* parameter in inn.conf). Other people should skip this section. @@ -407,7 +411,7 @@ Writing an nnrpd Filter inclusion of a *python_auth* parameter in a readers.conf auth group. *python_auth* works exactly like the *auth* parameter in readers.conf, except that it calls the script given as argument using the Python hook - rather then treating it as an external program. Multiple, mixed use of + rather than treating it as an external program. Multiple, mixed use of *python_auth* with other *auth* statements including *perl_auth* is permitted. Each *auth* statement will be tried in the order they appear in the auth group until either one succeeds or all are exhausted. @@ -502,10 +506,10 @@ Writing an nnrpd Filter authenticate(*self*, *attributes*) Called when a *python_auth* statement is reached in the processing of readers.conf. Connection attributes are passed in the - *attributes* dictionary. Returns a response code, an error string, - and an optional string to be used in place of the client-supplied - username (both for logging and for matching the connection with an - access group). + *attributes* dictionary. Returns a response code (as an integer), + an error string (encoded in UTF-8), and an optional string (encoded + in UTF-8) to be used in place of the client-supplied username (both + for logging and for matching the connection with an access group). The NNTP response code should be 281 (authentication successful), 481 (authentication unsuccessful), or 403 (server failure). If the @@ -530,8 +534,8 @@ Writing an nnrpd Filter access(*self*, *attributes*) Called when a *python_access* statement is reached in the processing of readers.conf. Connection attributes are passed in the - *attributes* dictionary. Returns a dictionary of values - representing statements to be included in an access group. + *attributes* dictionary. Returns a dictionary of values (encoded in + UTF-8) representing statements to be included in an access group. access_close(*self*) This method is invoked on nnrpd termination. You can use it to save @@ -546,7 +550,9 @@ Writing an nnrpd Filter Called when a client requests a newsgroup, an article or attempts to post. Connection attributes are passed in the *attributes* dictionary. Returns "None" to grant access, or a non-empty string - (which will be reported back to the client) otherwise. + encoded in UTF-8 (which will be reported back to the client in + response to GROUP or POST, and in any case logged in news logs files + for all relevant NNTP commands) otherwise. dynamic_close(*self*) This method is invoked on nnrpd termination. You can use it to save @@ -594,7 +600,7 @@ Writing an nnrpd Filter access; only valid for the "dynamic" method. All the above values are buffer objects (see the notes above on what - buffer objects are). + buffer objects are) for Python 2.x or memoryview objects for Python 3.x. How to Use these Methods with nnrpd @@ -656,5 +662,5 @@ Available Packages Cleanfeed, an extremely powerful spam filter on Usenet. It uses filter_innd.py. - $Id: hook-python.pod 10263 2018-03-10 14:51:53Z iulius $ + $Id: hook-python.pod 10282 2018-05-14 12:42:14Z iulius $ diff -Nurp inn-2.6.2/doc/man/INN__Config.3pm inn-2.6.3/doc/man/INN__Config.3pm --- inn-2.6.2/doc/man/INN__Config.3pm 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/INN__Config.3pm 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "INN::Config 3pm" -.TH INN::Config 3pm "2018-03-18" "INN 2.6.2" "InterNetNews Documentation" +.TH INN::Config 3pm "2018-05-14" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -139,7 +139,7 @@ INN::Config \- Export all the variables .SH "DESCRIPTION" .IX Header "DESCRIPTION" This Perl module sets up any and all the variables that an \s-1INN\s0 Perl script -might need. More particularly, it allows to use \fIinn.conf\fR variables: +might need. More particularly, it allows using \fIinn.conf\fR variables: they are all provided by \fBinnconfval\fR, as well as the version of \s-1INN \&\s0(in the variable \f(CW$INN::Config::VERSION\fR for its short number form, on in \&\f(CW$INN::Config::version\fR for its complete form). Other useful variables @@ -216,7 +216,7 @@ module. for InterNetNews in 1996. It was converted to the INN::Config Perl module by Julien Elie in 2007. .PP -\&\f(CW$Id:\fR Config.pm.in 10245 2018\-02\-16 21:11:59Z iulius $ +\&\f(CW$Id:\fR Config.pm.in 10283 2018\-05\-14 12:43:05Z iulius $ .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fIinn.conf\fR\|(5), \fIinnconfval\fR\|(1), \fIperl\fR\|(1). diff -Nurp inn-2.6.2/doc/man/INN__Utils__Shlock.3pm inn-2.6.3/doc/man/INN__Utils__Shlock.3pm --- inn-2.6.2/doc/man/INN__Utils__Shlock.3pm 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/INN__Utils__Shlock.3pm 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "INN::Utils::Shlock 3pm" -.TH INN::Utils::Shlock 3pm "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH INN::Utils::Shlock 3pm "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/active.5 inn-2.6.3/doc/man/active.5 --- inn-2.6.2/doc/man/active.5 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/active.5 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "ACTIVE 5" -.TH ACTIVE 5 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH ACTIVE 5 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/active.times.5 inn-2.6.3/doc/man/active.times.5 --- inn-2.6.2/doc/man/active.times.5 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/active.times.5 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "ACTIVE.TIMES 5" -.TH ACTIVE.TIMES 5 "2016-10-07" "INN 2.6.2" "InterNetNews Documentation" +.TH ACTIVE.TIMES 5 "2016-10-07" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/actsync.8 inn-2.6.3/doc/man/actsync.8 --- inn-2.6.2/doc/man/actsync.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/actsync.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "ACTSYNC 8" -.TH ACTSYNC 8 "2016-11-06" "INN 2.6.2" "InterNetNews Documentation" +.TH ACTSYNC 8 "2016-11-06" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/archive.8 inn-2.6.3/doc/man/archive.8 --- inn-2.6.2/doc/man/archive.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/archive.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "ARCHIVE 8" -.TH ARCHIVE 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH ARCHIVE 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/auth_krb5.8 inn-2.6.3/doc/man/auth_krb5.8 --- inn-2.6.2/doc/man/auth_krb5.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/auth_krb5.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "AUTH_KRB5 8" -.TH AUTH_KRB5 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH AUTH_KRB5 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/batcher.8 inn-2.6.3/doc/man/batcher.8 --- inn-2.6.2/doc/man/batcher.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/batcher.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "BATCHER 8" -.TH BATCHER 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH BATCHER 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/buffchan.8 inn-2.6.3/doc/man/buffchan.8 --- inn-2.6.2/doc/man/buffchan.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/buffchan.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "BUFFCHAN 8" -.TH BUFFCHAN 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH BUFFCHAN 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/buffindexed.conf.5 inn-2.6.3/doc/man/buffindexed.conf.5 --- inn-2.6.2/doc/man/buffindexed.conf.5 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/buffindexed.conf.5 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "BUFFINDEXED.CONF 5" -.TH BUFFINDEXED.CONF 5 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH BUFFINDEXED.CONF 5 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/ckpasswd.8 inn-2.6.3/doc/man/ckpasswd.8 --- inn-2.6.2/doc/man/ckpasswd.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/ckpasswd.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "CKPASSWD 8" -.TH CKPASSWD 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH CKPASSWD 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/clientlib.3 inn-2.6.3/doc/man/clientlib.3 --- inn-2.6.2/doc/man/clientlib.3 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/clientlib.3 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -.\" $Revision: 42 $ +.\" $Revision: 10281 $ .TH CLIENTLIB 3 .SH NAME clientlib \- NNTP clientlib part of InterNetNews library @@ -10,29 +10,22 @@ clientlib \- NNTP clientlib part of Inte .B "extern char ser_line[];" .B "char *" -.B "getserverbyfile(file)" -.B " char *file;" +.B "getserverbyfile(char *file UNUSED);" .B "int" -.B "server_init(host)" -.B " char *host;" +.B "server_init(char *host, int port);" .B "int" -.B "handle_server_response(response, host)" -.B " int reponse;" -.B " char *host;" +.B "handle_server_response(int response, char *host);" .B "void" -.B "put_server(text)" -.B " char *text;" +.B "put_server(const char *buff);" .B "int" -.B "get_server(buff, buffsize)" -.B " char *buff;" -.B " int buffsize;" +.B "get_server(char *buff, int buffsize);" .B "void" -.B "close_server()" +.B "close_server(void);" .fi .SH DESCRIPTION The routines described in this manual page are part of the InterNetNews @@ -100,6 +93,6 @@ Written by Rich $alz , is a shell-style pattern matching the newsgroup affected by the control message (especially \f(CW\*(C`?\*(C'\fR matches exactly one character, -\&\f(CW\*(C`*\*(C'\fR matches zero or more characters and \f(CW\*(C`|\*(C'\fR permits to match several +\&\f(CW\*(C`*\*(C'\fR matches zero or more characters and \f(CW\*(C`|\*(C'\fR permits matching several patterns on the same line \-\-\ for instance \f(CW\*(C`comp.*|humanities.*\*(C'\fR matches every newsgroup whose name begins with \f(CW\*(C`comp.\*(C'\fR or \f(CW\*(C`humanities.\*(C'\fR). If the control message is a checkgroups, the third field is a shell-style @@ -440,7 +440,7 @@ The newsgroup foo.bar4 is silently creat the description \*(L"A newsgroup you want.\*(R" added to the \fInewsgroups\fR file. In the absence of encoding values (either in the checkgroups message or in \fB/encoding/\fR and \fB/localencoding\fR), the default is -to decode the sentence as \s-1CP1242\s0 and reencode it as \s-1UTF\-8.\s0 +to decode the sentence as \s-1CP1242\s0 and re-encode it as \s-1UTF\-8.\s0 .Sp If \f(CW\*(C`doit=mail\*(C'\fR was used, a mail would be sent to the news administrator to inform him that foo.bar4 was successfully created. @@ -483,7 +483,7 @@ could have added them to the \fIlocalgro Written by Rich \f(CW$alz\fR for InterNetNews. Rewritten in \&\s-1POD\s0 by Russ Allbery . .PP -\&\f(CW$Id:\fR control.ctl.pod 9767 2014\-12\-07 21:13:43Z iulius $ +\&\f(CW$Id:\fR control.ctl.pod 10283 2018\-05\-14 12:43:05Z iulius $ .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fIcontrolchan\fR\|(8), \fIinn.conf\fR\|(5), \fIinnd\fR\|(8), \fInewsfeeds\fR\|(5), \fInewsgroups\fR\|(5), diff -Nurp inn-2.6.2/doc/man/controlchan.8 inn-2.6.3/doc/man/controlchan.8 --- inn-2.6.2/doc/man/controlchan.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/controlchan.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "CONTROLCHAN 8" -.TH CONTROLCHAN 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH CONTROLCHAN 8 "2018-05-14" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -204,7 +204,7 @@ If you run FreeBSD, you will need to run By default, \fBcontrolchan\fR does not process articles whose Date: or Injection-Date: header fields are too far in the past (more than \&\fIartcutoff\fR days, as set in \fIinn.conf\fR) or one day in the future. -It allows to prevent a malicious replay of old control articles. +It allows preventing a malicious replay of old control articles. .Sp Using the \fB\-c\fR flag disables this check on the cutoff date. .IP "\fB\-h\fR" 4 @@ -215,7 +215,7 @@ Gives usage information. Written by Katsuhiro Kondou for InterNetNews. Converted to \&\s-1POD\s0 by Julien Elie. .PP -\&\f(CW$Id:\fR controlchan.pod 9240 2011\-07\-12 09:51:28Z iulius $ +\&\f(CW$Id:\fR controlchan.pod 10283 2018\-05\-14 12:43:05Z iulius $ .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fIcontrol.ctl\fR\|(5), \fIinn.conf\fR\|(5). diff -Nurp inn-2.6.2/doc/man/convdate.1 inn-2.6.3/doc/man/convdate.1 --- inn-2.6.2/doc/man/convdate.1 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/convdate.1 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "CONVDATE 1" -.TH CONVDATE 1 "2016-10-07" "INN 2.6.2" "InterNetNews Documentation" +.TH CONVDATE 1 "2016-10-07" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/ctlinnd.8 inn-2.6.3/doc/man/ctlinnd.8 --- inn-2.6.2/doc/man/ctlinnd.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/ctlinnd.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "CTLINND 8" -.TH CTLINND 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH CTLINND 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/cvtbatch.8 inn-2.6.3/doc/man/cvtbatch.8 --- inn-2.6.2/doc/man/cvtbatch.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/cvtbatch.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "CVTBATCH 8" -.TH CVTBATCH 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH CVTBATCH 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/cycbuff.conf.5 inn-2.6.3/doc/man/cycbuff.conf.5 --- inn-2.6.2/doc/man/cycbuff.conf.5 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/cycbuff.conf.5 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "CYCBUFF.CONF 5" -.TH CYCBUFF.CONF 5 "2018-01-28" "INN 2.6.2" "InterNetNews Documentation" +.TH CYCBUFF.CONF 5 "2018-01-28" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/distrib.pats.5 inn-2.6.3/doc/man/distrib.pats.5 --- inn-2.6.2/doc/man/distrib.pats.5 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/distrib.pats.5 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "DISTRIB.PATS 5" -.TH DISTRIB.PATS 5 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH DISTRIB.PATS 5 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/distributions.5 inn-2.6.3/doc/man/distributions.5 --- inn-2.6.2/doc/man/distributions.5 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/distributions.5 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "DISTRIBUTIONS 5" -.TH DISTRIBUTIONS 5 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH DISTRIBUTIONS 5 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/docheckgroups.8 inn-2.6.3/doc/man/docheckgroups.8 --- inn-2.6.2/doc/man/docheckgroups.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/docheckgroups.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "DOCHECKGROUPS 8" -.TH DOCHECKGROUPS 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH DOCHECKGROUPS 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/domain.8 inn-2.6.3/doc/man/domain.8 --- inn-2.6.2/doc/man/domain.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/domain.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "DOMAIN 8" -.TH DOMAIN 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH DOMAIN 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/expire.8 inn-2.6.3/doc/man/expire.8 --- inn-2.6.2/doc/man/expire.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/expire.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "EXPIRE 8" -.TH EXPIRE 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH EXPIRE 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/expire.ctl.5 inn-2.6.3/doc/man/expire.ctl.5 --- inn-2.6.2/doc/man/expire.ctl.5 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/expire.ctl.5 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "EXPIRE.CTL 5" -.TH EXPIRE.CTL 5 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH EXPIRE.CTL 5 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/expireover.8 inn-2.6.3/doc/man/expireover.8 --- inn-2.6.2/doc/man/expireover.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/expireover.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "EXPIREOVER 8" -.TH EXPIREOVER 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH EXPIREOVER 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/expirerm.8 inn-2.6.3/doc/man/expirerm.8 --- inn-2.6.2/doc/man/expirerm.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/expirerm.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "EXPIRERM 8" -.TH EXPIRERM 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH EXPIRERM 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/fastrm.1 inn-2.6.3/doc/man/fastrm.1 --- inn-2.6.2/doc/man/fastrm.1 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/fastrm.1 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "FASTRM 1" -.TH FASTRM 1 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH FASTRM 1 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/getlist.1 inn-2.6.3/doc/man/getlist.1 --- inn-2.6.2/doc/man/getlist.1 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/getlist.1 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "GETLIST 1" -.TH GETLIST 1 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH GETLIST 1 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/grephistory.1 inn-2.6.3/doc/man/grephistory.1 --- inn-2.6.2/doc/man/grephistory.1 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/grephistory.1 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "GREPHISTORY 1" -.TH GREPHISTORY 1 "2016-10-07" "INN 2.6.2" "InterNetNews Documentation" +.TH GREPHISTORY 1 "2016-10-07" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/history.5 inn-2.6.3/doc/man/history.5 --- inn-2.6.2/doc/man/history.5 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/history.5 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -.\" $Revision: 3782 $ +.\" $Revision: 10283 $ .TH HISTORY 5 .SH NAME history \- record of current and recently expired Usenet articles @@ -60,7 +60,7 @@ This field is empty if the article has b .PP For example, an article whose Message-ID was <7q2saq$sal$1@isrv4.pa.vix.com>, posted on 26 Aug 1999 08:02:34 GMT and -recieved at 26 Aug 1999 08:06:54 GMT, could have a +received at 26 Aug 1999 08:06:54 GMT, could have a history line (broken into three lines for display) like the following: .RS @@ -82,7 +82,7 @@ Written by Rich $alz for InterNetNews and since modified, updated, and reorganized by innumerable other people. .PP -\&\f(CW$Id:\fR inn.conf.pod 10245 2018\-02\-16 21:11:59Z iulius $ +\&\f(CW$Id:\fR inn.conf.pod 10304 2018\-12\-02 14:05:50Z iulius $ .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fIinews\fR\|(1), \fIinnd\fR\|(8), \fIinnwatch\fR\|(8), \fImakehistory\fR\|(8), \fInnrpd\fR\|(8), \fIrnews\fR\|(1). diff -Nurp inn-2.6.2/doc/man/innbind.8 inn-2.6.3/doc/man/innbind.8 --- inn-2.6.2/doc/man/innbind.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/innbind.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "INNBIND 8" -.TH INNBIND 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH INNBIND 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/inncheck.8 inn-2.6.3/doc/man/inncheck.8 --- inn-2.6.2/doc/man/inncheck.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/inncheck.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "INNCHECK 8" -.TH INNCHECK 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH INNCHECK 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/innconfval.1 inn-2.6.3/doc/man/innconfval.1 --- inn-2.6.2/doc/man/innconfval.1 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/innconfval.1 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "INNCONFVAL 1" -.TH INNCONFVAL 1 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH INNCONFVAL 1 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/innd.8 inn-2.6.3/doc/man/innd.8 --- inn-2.6.2/doc/man/innd.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/innd.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "INND 8" -.TH INND 8 "2018-01-28" "INN 2.6.2" "InterNetNews Documentation" +.TH INND 8 "2018-01-28" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/inndf.8 inn-2.6.3/doc/man/inndf.8 --- inn-2.6.2/doc/man/inndf.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/inndf.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "INNDF 8" -.TH INNDF 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH INNDF 8 "2018-05-14" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -192,7 +192,7 @@ they're posted to. .IX Item "-o" Report the percentage usage of the overview database space. This is only meaningful for overview methods that pre-allocate a certain amount of -space rather than grow to accomodate more records. Currently, this flag +space rather than grow to accommodate more records. Currently, this flag is only useful for the buffindexed overview method. .SH "EXAMPLES" .IX Header "EXAMPLES" @@ -244,7 +244,7 @@ Katsuhiro Kondou added the \fB\-n\fR and reporting of percentage free disk space. Support for \fB\-f\fR and \fB\-F\fR was added by Fabien Tassin . .PP -\&\f(CW$Id:\fR inndf.pod 8232 2008\-12\-14 17:05:57Z iulius $ +\&\f(CW$Id:\fR inndf.pod 10283 2018\-05\-14 12:43:05Z iulius $ .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fIdf\fR\|(1), \fIinnwatch.ctl\fR\|(5), \fIinnstat\fR\|(8). diff -Nurp inn-2.6.2/doc/man/innfeed.8 inn-2.6.3/doc/man/innfeed.8 --- inn-2.6.2/doc/man/innfeed.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/innfeed.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "INNFEED 8" -.TH INNFEED 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH INNFEED 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/innfeed.conf.5 inn-2.6.3/doc/man/innfeed.conf.5 --- inn-2.6.2/doc/man/innfeed.conf.5 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/innfeed.conf.5 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "INNFEED.CONF 5" -.TH INNFEED.CONF 5 "2018-01-28" "INN 2.6.2" "InterNetNews Documentation" +.TH INNFEED.CONF 5 "2018-01-28" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/innmail.1 inn-2.6.3/doc/man/innmail.1 --- inn-2.6.2/doc/man/innmail.1 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/innmail.1 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "INNMAIL 1" -.TH INNMAIL 1 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH INNMAIL 1 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/innupgrade.8 inn-2.6.3/doc/man/innupgrade.8 --- inn-2.6.2/doc/man/innupgrade.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/innupgrade.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "INNUPGRADE 8" -.TH INNUPGRADE 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH INNUPGRADE 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/innwatch.8 inn-2.6.3/doc/man/innwatch.8 --- inn-2.6.2/doc/man/innwatch.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/innwatch.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "INNWATCH 8" -.TH INNWATCH 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH INNWATCH 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/innxmit.8 inn-2.6.3/doc/man/innxmit.8 --- inn-2.6.2/doc/man/innxmit.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/innxmit.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "INNXMIT 8" -.TH INNXMIT 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH INNXMIT 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/libauth.3 inn-2.6.3/doc/man/libauth.3 --- inn-2.6.2/doc/man/libauth.3 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/libauth.3 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "libauth 3" -.TH libauth 3 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH libauth 3 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/libinn.3 inn-2.6.3/doc/man/libinn.3 --- inn-2.6.2/doc/man/libinn.3 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/libinn.3 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -.\" $Revision: 10265 $ +.\" $Revision: 10304 $ .TH LIBINN 3 .SH NAME libinn \- InterNetNews library routines @@ -61,8 +61,8 @@ libinn \- InterNetNews library routines .B " bool block;" .B "char *" -.B "GetFQDN(domain)" -.B " char *domain;" +.B "inn_getfqdn(domain)" +.B " const char *domain;" .B "char *" .B "GetModeratorAddress(FromServer, ToServer, group, moderatormailer)" @@ -276,11 +276,13 @@ it will return false if the file cannot is one of: INN_LOCK_READ, INN_LOCK_WRITE, or INN_LOCK_UNLOCK. It returns false on failure or true on success. .PP -.I GetFQDN +.I inn_getfqdn returns the fully qualified domain name of the local host. .I Domain -is used if local host can not be resolved. -The returned value points to static space that is reused on subsequent calls, +is used to qualify the local host name if local host can not be resolved +in DNS. +The returned value points to newly-allocated memory that the caller is +responsible for freeing, or NULL on error. .PP .I GetModeratorAddress @@ -461,7 +463,7 @@ Written by Rich $alz for InterNetNews\ 2.4.0. .PP -\&\f(CW$Id:\fR libinnhist.pod 9073 2010\-05\-31 19:00:23Z iulius $ +\&\f(CW$Id:\fR libinnhist.pod 10283 2018\-05\-14 12:43:05Z iulius $ diff -Nurp inn-2.6.2/doc/man/libstorage.3 inn-2.6.3/doc/man/libstorage.3 --- inn-2.6.2/doc/man/libstorage.3 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/libstorage.3 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "libstorage 3" -.TH libstorage 3 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH libstorage 3 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/list.3 inn-2.6.3/doc/man/list.3 --- inn-2.6.2/doc/man/list.3 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/list.3 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "list 3" -.TH list 3 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH list 3 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/mailpost.8 inn-2.6.3/doc/man/mailpost.8 --- inn-2.6.2/doc/man/mailpost.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/mailpost.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "MAILPOST 8" -.TH MAILPOST 8 "2018-01-28" "INN 2.6.2" "InterNetNews Documentation" +.TH MAILPOST 8 "2018-01-28" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/makedbz.8 inn-2.6.3/doc/man/makedbz.8 --- inn-2.6.2/doc/man/makedbz.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/makedbz.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "MAKEDBZ 8" -.TH MAKEDBZ 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH MAKEDBZ 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/makehistory.8 inn-2.6.3/doc/man/makehistory.8 --- inn-2.6.2/doc/man/makehistory.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/makehistory.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "MAKEHISTORY 8" -.TH MAKEHISTORY 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH MAKEHISTORY 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/mod-active.8 inn-2.6.3/doc/man/mod-active.8 --- inn-2.6.2/doc/man/mod-active.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/mod-active.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "MOD-ACTIVE 8" -.TH MOD-ACTIVE 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH MOD-ACTIVE 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/moderators.5 inn-2.6.3/doc/man/moderators.5 --- inn-2.6.2/doc/man/moderators.5 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/moderators.5 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "MODERATORS 5" -.TH MODERATORS 5 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH MODERATORS 5 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/motd.news.5 inn-2.6.3/doc/man/motd.news.5 --- inn-2.6.2/doc/man/motd.news.5 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/motd.news.5 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "MOTD.NEWS 5" -.TH MOTD.NEWS 5 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH MOTD.NEWS 5 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/news.daily.8 inn-2.6.3/doc/man/news.daily.8 --- inn-2.6.2/doc/man/news.daily.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/news.daily.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "NEWS.DAILY 8" -.TH NEWS.DAILY 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH NEWS.DAILY 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/news2mail.8 inn-2.6.3/doc/man/news2mail.8 --- inn-2.6.2/doc/man/news2mail.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/news2mail.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "NEWS2MAIL 8" -.TH NEWS2MAIL 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH NEWS2MAIL 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/newsfeeds.5 inn-2.6.3/doc/man/newsfeeds.5 --- inn-2.6.2/doc/man/newsfeeds.5 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/newsfeeds.5 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "NEWSFEEDS 5" -.TH NEWSFEEDS 5 "2018-01-28" "INN 2.6.2" "InterNetNews Documentation" +.TH NEWSFEEDS 5 "2018-05-14" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -570,7 +570,7 @@ and thirteen overlapping values from \f( Only up to four totally independent values exist: \f(CW\*(C`_0\*(C'\fR, \f(CW\*(C`_4\*(C'\fR, \&\f(CW\*(C`_8\*(C'\fR and \f(CW\*(C`_12\*(C'\fR. .Sp -Therefore, it allows to a generate a second level of deterministic +Therefore, it allows generating a second level of deterministic distribution. Indeed, if a news server is fed \f(CW\*(C`Q1/2\*(C'\fR, it can go on splitting thanks to \f(CW\*(C`Q1\-3/9_4\*(C'\fR for instance. Up to four levels of deterministic distribution can be used. @@ -941,7 +941,7 @@ the standard newsfeeds entries used by m Written by Rich \f(CW$alz\fR for InterNetNews. Reformatted and rewritten in \s-1POD\s0 by Russ Allbery . .PP -\&\f(CW$Id:\fR newsfeeds.pod 10175 2017\-09\-18 19:48:24Z iulius $ +\&\f(CW$Id:\fR newsfeeds.pod 10283 2018\-05\-14 12:43:05Z iulius $ .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fIactive\fR\|(5), \fIbuffchan\fR\|(8), \fIcontrolchan\fR\|(8), \fIctlinnd\fR\|(8), \fIinn.conf\fR\|(5), \fIinnd\fR\|(8), diff -Nurp inn-2.6.2/doc/man/newsgroups.5 inn-2.6.3/doc/man/newsgroups.5 --- inn-2.6.2/doc/man/newsgroups.5 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/newsgroups.5 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "NEWSGROUPS 5" -.TH NEWSGROUPS 5 "2016-11-06" "INN 2.6.2" "InterNetNews Documentation" +.TH NEWSGROUPS 5 "2016-11-06" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/newslog.5 inn-2.6.3/doc/man/newslog.5 --- inn-2.6.2/doc/man/newslog.5 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/newslog.5 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "NEWSLOG 5" -.TH NEWSLOG 5 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH NEWSLOG 5 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/ninpaths.8 inn-2.6.3/doc/man/ninpaths.8 --- inn-2.6.2/doc/man/ninpaths.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/ninpaths.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "NINPATHS 8" -.TH NINPATHS 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH NINPATHS 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/nnrpd.8 inn-2.6.3/doc/man/nnrpd.8 --- inn-2.6.2/doc/man/nnrpd.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/nnrpd.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "NNRPD 8" -.TH NNRPD 8 "2018-01-28" "INN 2.6.2" "InterNetNews Documentation" +.TH NNRPD 8 "2018-12-02" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -350,11 +350,11 @@ run \fBnnrpd\fR. (Change the path to \f You may need to replace \f(CW\*(C`nntps\*(C'\fR with \f(CW563\fR if \f(CW\*(C`nntps\*(C'\fR isn't defined in \fI/etc/services\fR on your system. .PP -Optionally, you may set the \fItlsciphers\fR, \fItlscompression\fR, -\&\fItlseccurve\fR, \fItlspreferserverciphers\fR, and \fItlsprotocols\fR parameters -in \fIinn.conf\fR to fine-tune the behaviour of the \s-1TLS/SSL\s0 negotiation -whenever a new attack on the \s-1TLS\s0 protocol or some supported cipher -suite is discovered. +Optionally, you may set the \fItlsciphers\fR, \fItlsciphers13\fR, +\&\fItlscompression\fR, \fItlseccurve\fR, \fItlspreferserverciphers\fR, and +\&\fItlsprotocols\fR parameters in \fIinn.conf\fR to fine-tune the behaviour +of the \s-1TLS/SSL\s0 negotiation whenever a new attack on the \s-1TLS\s0 protocol +or some supported cipher suite is discovered. .SH "PROTOCOL DIFFERENCES" .IX Header "PROTOCOL DIFFERENCES" \&\fBnnrpd\fR implements the \s-1NNTP\s0 commands defined in \s-1RFC\s0\ 3977 (\s-1NNTP\s0), @@ -407,7 +407,7 @@ support added by Rob Robertston for InterNetNews. Substantially expanded by Russ Allbery . .PP -\&\f(CW$Id:\fR readers.conf.pod 10173 2017\-09\-18 19:05:32Z iulius $ +\&\f(CW$Id:\fR readers.conf.pod 10283 2018\-05\-14 12:43:05Z iulius $ .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fIauth_krb5\fR\|(8), \fIckpasswd\fR\|(8), \fIinn.conf\fR\|(5), \fIinnd\fR\|(8), \fInewsfeeds\fR\|(5), diff -Nurp inn-2.6.2/doc/man/rnews.1 inn-2.6.3/doc/man/rnews.1 --- inn-2.6.2/doc/man/rnews.1 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/rnews.1 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "RNEWS 1" -.TH RNEWS 1 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH RNEWS 1 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/scanlogs.8 inn-2.6.3/doc/man/scanlogs.8 --- inn-2.6.2/doc/man/scanlogs.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/scanlogs.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "SCANLOGS 8" -.TH SCANLOGS 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH SCANLOGS 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/scanspool.8 inn-2.6.3/doc/man/scanspool.8 --- inn-2.6.2/doc/man/scanspool.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/scanspool.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "SCANSPOOL 8" -.TH SCANSPOOL 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH SCANSPOOL 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/send-uucp.8 inn-2.6.3/doc/man/send-uucp.8 --- inn-2.6.2/doc/man/send-uucp.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/send-uucp.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "SEND-UUCP 8" -.TH SEND-UUCP 8 "2016-11-06" "INN 2.6.2" "InterNetNews Documentation" +.TH SEND-UUCP 8 "2016-11-06" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/sendinpaths.8 inn-2.6.3/doc/man/sendinpaths.8 --- inn-2.6.2/doc/man/sendinpaths.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/sendinpaths.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "SENDINPATHS 8" -.TH SENDINPATHS 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH SENDINPATHS 8 "2018-05-14" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -175,7 +175,7 @@ older than \fIkeep-days\fR days. The de remove all dump files. .Sp Setting \fIkeep-days\fR to another value can be useful for debugging purpose -because it permits to keep a few dump files. +because it permits keeping a few dump files. .IP "\fB\-n\fR" 4 .IX Item "-n" Don't e\-mail the report; instead, just print it to standard output. Don't @@ -202,7 +202,7 @@ for two addresses: .IX Header "HISTORY" \&\fBsendinpaths\fR was written by Olaf Titz . .PP -\&\f(CW$Id:\fR sendinpaths.pod 9624 2014\-03\-16 13:23:46Z iulius $ +\&\f(CW$Id:\fR sendinpaths.pod 10283 2018\-05\-14 12:43:05Z iulius $ .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fIninpaths\fR\|(8). diff -Nurp inn-2.6.2/doc/man/shlock.1 inn-2.6.3/doc/man/shlock.1 --- inn-2.6.2/doc/man/shlock.1 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/shlock.1 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "SHLOCK 1" -.TH SHLOCK 1 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH SHLOCK 1 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/simpleftp.1 inn-2.6.3/doc/man/simpleftp.1 --- inn-2.6.2/doc/man/simpleftp.1 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/simpleftp.1 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "SIMPLEFTP 1" -.TH SIMPLEFTP 1 "2016-11-06" "INN 2.6.2" "InterNetNews Documentation" +.TH SIMPLEFTP 1 "2016-11-06" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/sm.1 inn-2.6.3/doc/man/sm.1 --- inn-2.6.2/doc/man/sm.1 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/sm.1 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "SM 1" -.TH SM 1 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH SM 1 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/storage.conf.5 inn-2.6.3/doc/man/storage.conf.5 --- inn-2.6.2/doc/man/storage.conf.5 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/storage.conf.5 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "STORAGE.CONF 5" -.TH STORAGE.CONF 5 "2018-01-28" "INN 2.6.2" "InterNetNews Documentation" +.TH STORAGE.CONF 5 "2018-01-28" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/subscriptions.5 inn-2.6.3/doc/man/subscriptions.5 --- inn-2.6.2/doc/man/subscriptions.5 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/subscriptions.5 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "SUBSCRIPTIONS 5" -.TH SUBSCRIPTIONS 5 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH SUBSCRIPTIONS 5 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/tally.control.8 inn-2.6.3/doc/man/tally.control.8 --- inn-2.6.2/doc/man/tally.control.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/tally.control.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "TALLY.CONTROL 8" -.TH TALLY.CONTROL 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH TALLY.CONTROL 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/tdx-util.8 inn-2.6.3/doc/man/tdx-util.8 --- inn-2.6.2/doc/man/tdx-util.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/tdx-util.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "TDX-UTIL 8" -.TH TDX-UTIL 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH TDX-UTIL 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/tinyleaf.8 inn-2.6.3/doc/man/tinyleaf.8 --- inn-2.6.2/doc/man/tinyleaf.8 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/tinyleaf.8 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "TINYLEAF 8" -.TH TINYLEAF 8 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH TINYLEAF 8 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/tst.3 inn-2.6.3/doc/man/tst.3 --- inn-2.6.2/doc/man/tst.3 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/tst.3 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "tst 3" -.TH tst 3 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH tst 3 "2015-09-12" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l diff -Nurp inn-2.6.2/doc/man/uwildmat.3 inn-2.6.3/doc/man/uwildmat.3 --- inn-2.6.2/doc/man/uwildmat.3 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/man/uwildmat.3 2019-02-07 07:02:22.000000000 -0800 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "uwildmat 3" -.TH uwildmat 3 "2015-09-12" "INN 2.6.2" "InterNetNews Documentation" +.TH uwildmat 3 "2018-05-14" "INN 2.6.3" "InterNetNews Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -286,10 +286,10 @@ and the like rather than \fBwildmat\fR t \&\fBwildmat\fR function provided by Rich \f(CW$alz\fR's original implementation. While this code is heavily based on Rich's original code, it has substantial differences, including the extension to support \s-1UTF\-8\s0 -characters, and has noticable functionality changes. Any bugs present in +characters, and has noticeable functionality changes. Any bugs present in it aren't Rich's fault. .PP -\&\f(CW$Id:\fR uwildmat.pod 9767 2014\-12\-07 21:13:43Z iulius $ +\&\f(CW$Id:\fR uwildmat.pod 10283 2018\-05\-14 12:43:05Z iulius $ .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fIgrep\fR\|(1), \fIfnmatch\fR\|(3), \fIregex\fR\|(3), \fIregexp\fR\|(3). diff -Nurp inn-2.6.2/doc/pod/checklist.pod inn-2.6.3/doc/pod/checklist.pod --- inn-2.6.2/doc/pod/checklist.pod 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/pod/checklist.pod 2019-02-07 07:02:22.000000000 -0800 @@ -1,6 +1,6 @@ =head1 Introduction -$Id: checklist.pod 10257 2018-03-08 16:17:55Z iulius $ +$Id: checklist.pod 10283 2018-05-14 12:43:05Z iulius $ This is an installation checklist written by Rebecca Ore, intended to be the beginning of a different presentation of the information in F, @@ -146,7 +146,7 @@ Name the metacycbuff, then configure F, be sure that all sizes of articles can be -accomodated. If you want to throw away large articles, do it explicitly +accommodated. If you want to throw away large articles, do it explicitly by using the C storage method (you can also set a lower I in F). diff -Nurp inn-2.6.2/doc/pod/control.ctl.pod inn-2.6.3/doc/pod/control.ctl.pod --- inn-2.6.2/doc/pod/control.ctl.pod 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/pod/control.ctl.pod 2019-02-07 07:02:22.000000000 -0800 @@ -101,7 +101,7 @@ those of the shell's I statement; If the control message is a newgroup or rmgroup, the third field, , is a shell-style pattern matching the newsgroup affected by the control message (especially C matches exactly one character, -C<*> matches zero or more characters and C<|> permits to match several +C<*> matches zero or more characters and C<|> permits matching several patterns on the same line S<-- for> instance C matches every newsgroup whose name begins with C or C). If the control message is a checkgroups, the third field is a shell-style @@ -310,7 +310,7 @@ The newsgroup foo.bar4 is silently creat the description "A newsgroup you want." added to the F file. In the absence of encoding values (either in the checkgroups message or in B and B), the default is -to decode the sentence as CP1242 and reencode it as UTF-8. +to decode the sentence as CP1242 and re-encode it as UTF-8. If C was used, a mail would be sent to the news administrator to inform him that foo.bar4 was successfully created. @@ -362,7 +362,7 @@ could have added them to the F for InterNetNews. Rewritten in POD by Russ Allbery . -$Id: control.ctl.pod 9767 2014-12-07 21:13:43Z iulius $ +$Id: control.ctl.pod 10283 2018-05-14 12:43:05Z iulius $ =head1 SEE ALSO diff -Nurp inn-2.6.2/doc/pod/controlchan.pod inn-2.6.3/doc/pod/controlchan.pod --- inn-2.6.2/doc/pod/controlchan.pod 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/pod/controlchan.pod 2019-02-07 07:02:22.000000000 -0800 @@ -66,7 +66,7 @@ If you run FreeBSD, you will need to run By default, B does not process articles whose Date: or Injection-Date: header fields are too far in the past (more than I days, as set in F) or one day in the future. -It allows to prevent a malicious replay of old control articles. +It allows preventing a malicious replay of old control articles. Using the B<-c> flag disables this check on the cutoff date. @@ -81,7 +81,7 @@ Gives usage information. Written by Katsuhiro Kondou for InterNetNews. Converted to POD by Julien Elie. -$Id: controlchan.pod 9240 2011-07-12 09:51:28Z iulius $ +$Id: controlchan.pod 10283 2018-05-14 12:43:05Z iulius $ =head1 SEE ALSO diff -Nurp inn-2.6.2/doc/pod/hook-perl.pod inn-2.6.3/doc/pod/hook-perl.pod --- inn-2.6.2/doc/pod/hook-perl.pod 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/pod/hook-perl.pod 2019-02-07 07:02:22.000000000 -0800 @@ -464,7 +464,7 @@ Support for authentication via Perl is p inclusion of a perl_auth: parameter in a F auth group. perl_auth: works exactly like the auth: parameter in F, except that it calls the script given as argument using -the Perl hook rather then treating it as an external program. +the Perl hook rather than treating it as an external program. If the processing of readers.conf requires that a perl_auth: statement be used for authentication, Perl is loaded (if it has yet to be) and @@ -676,6 +676,6 @@ Usenet daily. It uses F installed. You can obtain it from -L. Please note that S is currently -not supported. +For this filter to work successfully, you will need to have at least +S (in the 2.x series) or S (in the 3.x +series) installed. You can obtain it from L. The B Python interface and the original Python filtering documentation were written by Greg Andruk (nee Fluffy) . The Python @@ -93,14 +92,16 @@ Note that all the above values are as th by your INN (especially, the Xref: header, if present, is the one of the remote site which sent you the article, and not yours). -These values will be buffer objects holding the contents of the -same named article headers, except for the special C<__BODY__> and C<__LINES__> +These values will be buffer objects (for S) or memoryview +objects (for S) holding the contents of the same named +article headers, except for the special C<__BODY__> and C<__LINES__> items. Items not present in the article will contain C. -C is a buffer object containing the article's entire body, and -C is an int holding B's reckoning of the number of lines -in the article. All the other elements will be buffers with the contents -of the same-named article headers. +C is a buffer/memoryview object containing the article's +entire body, and C is a long integer holding B's +reckoning of the number of lines in the article. All the other elements +will be buffer/memoryview objects with the contents of the same-named +article headers. The Newsgroups: header of the article is accessible inside the Python filter as C. @@ -111,13 +112,13 @@ C are faster: # Syntax for Python 2.x. Newsgroups = intern("Newsgroups") if art[Newsgroups] == buffer("misc.test"): - print("Test group") + syslog("n", "Test group") # Syntax for Python 3.x. import sys Newsgroups = sys.intern("Newsgroups") if art[Newsgroups] == memoryview(b"misc.test"): - print("Test group") + syslog("n", "Test group") If you want to accept an article, return C or an empty string. To reject, return a non-empty string. The rejection strings will be shown to @@ -127,10 +128,11 @@ in UTF-8 so as to comply with the NNTP p =item filter_messageid(I, I) -I is a buffer object containing the ID of an article being offered by -CHECK, IHAVE or TAKETHIS. Like with C, the message will be refused if -you return a non-empty string. If you use this feature, keep it light -because it is called at a rather busy place in B's main loop. +I is a string containing the ID of an article being offered +by CHECK, IHAVE or TAKETHIS. Like with C, the message will +be refused if you return a non-empty string (properly encoded in UTF-8). +If you use this feature, keep it light because it is called at a rather +busy place in B's main loop. =item filter_mode(I, I, I, I) @@ -185,13 +187,13 @@ methods, GET THE PARAMETER COUNTS RIGHT. whether the methods exist and are callable, but if you define one and get the parameter counts wrong, B WILL DIE. You have been warned. Be careful with your return values, too. The C and C -methods have to return strings, or C. If you return something like an -int, B will I be happy. +methods have to return strings (encoded in UTF-8), or C. If you return +something like an int, B will I be happy. =head2 A Note regarding Buffer Objects This section is not applicable to S where buffer objects have -been replaced with memory views. +been replaced with memoryview objects. Buffer objects are cousins of strings, new in S. Using buffer objects may take some getting used to, but we can create buffers much faster @@ -304,23 +306,26 @@ with the previously listed functions. # We can look at the header or all of an article already on spool, # too. Might be useful for long-memory despamming or # authentication things. Each is returned (if present) as a - # string object; otherwise you'll end up with an empty string. + # string object (in Python 2.x) or a bytes object (in Python 3.x); + # otherwise you'll end up with an empty string. artbody = INN.article('') artheader = INN.head('') # As we can compute a hash digest for a string, we can obtain one - # for artbody. It might be of help to detect spam. + # for artbody. It might be of help to detect spam. The digest is a + # string object (in Python 2.x) or a bytes object (in Python 3.x). digest = INN.hashstring(artbody) # Finally, do you want to see if a given newsgroup is moderated or # whatever? INN.newsgroup returns the last field of a group's - # entry in active as a string. + # entry in active as a string object (in Python 2.x) or a bytes + # object (in Python 3.x). groupstatus = INN.newsgroup('alt.fan.karl-malden.nose') - if groupstatus == '': + if groupstatus == '': # Compare to b'' for Python 3.x. moderated = 'no such newsgroup' - elif groupstatus == 'y': + elif groupstatus == 'y': # Compare to b'y' for Python 3.x. moderated = "nope" - elif groupstatus == 'm': + elif groupstatus == 'm': # Compare to b'm' for Python 3.x. moderated = "yep" else: moderated = "something else" @@ -334,11 +339,12 @@ combined with the new F me ; bug reports should however go to , not Erik. -The remainder of this section is an introduction to the new mechanism -(which uses the I, I, and I -F parameters) with porting/migration suggestions for -people familiar with the old mechanism (identifiable by the now -deprecated I parameter in F). +The remainder of this section is an introduction to the new +mechanism introduced in S (which uses the I, +I, and I F parameters) +with porting/migration suggestions for people familiar with the +old mechanism (identifiable by the now deprecated I +parameter in F). Other people should skip this section. @@ -423,7 +429,7 @@ Support for authentication via Python is inclusion of a I parameter in a F auth group. I works exactly like the I parameter in F, except that it calls the script given as argument -using the Python hook rather then treating it as an external +using the Python hook rather than treating it as an external program. Multiple, mixed use of I with other I statements including I is permitted. Each I statement will be tried in the order they appear in the auth group until either @@ -521,9 +527,10 @@ omitted. Called when a I statement is reached in the processing of F. Connection attributes are passed in the I -dictionary. Returns a response code, an error string, and an optional -string to be used in place of the client-supplied username (both for -logging and for matching the connection with an access group). +dictionary. Returns a response code (as an integer), an error string +(encoded in UTF-8), and an optional string (encoded in UTF-8) to be +used in place of the client-supplied username (both for logging and +for matching the connection with an access group). The NNTP response code should be 281 (authentication successful), 481 (authentication unsuccessful), or 403 (server failure). If the @@ -550,8 +557,8 @@ method may be omitted. Called when a I statement is reached in the processing of F. Connection attributes are passed in the I -dictionary. Returns a dictionary of values representing statements to -be included in an access group. +dictionary. Returns a dictionary of values (encoded in UTF-8) representing +statements to be included in an access group. =item access_close(I) @@ -567,8 +574,10 @@ method may be omitted. Called when a client requests a newsgroup, an article or attempts to post. Connection attributes are passed in the I dictionary. -Returns C to grant access, or a non-empty string (which will be -reported back to the client) otherwise. +Returns C to grant access, or a non-empty string encoded in UTF-8 +(which will be reported back to the client in response to GROUP or POST, +and in any case logged in news logs files for all relevant NNTP commands) +otherwise. =item dynamic_close(I) @@ -631,8 +640,9 @@ only valid for the C method. =back -All the above values are buffer objects (see the notes above on what -buffer objects are). +All the above values are buffer objects (see the notes above on +what buffer objects are) for S or memoryview objects for +S. =head2 How to Use these Methods with B @@ -702,6 +712,6 @@ an extremely powerful spam filter on Use =back -$Id: hook-python.pod 10263 2018-03-10 14:51:53Z iulius $ +$Id: hook-python.pod 10282 2018-05-14 12:42:14Z iulius $ =cut diff -Nurp inn-2.6.2/doc/pod/inn.conf.pod inn-2.6.3/doc/pod/inn.conf.pod --- inn-2.6.2/doc/pod/inn.conf.pod 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/pod/inn.conf.pod 2019-02-07 07:02:22.000000000 -0800 @@ -60,8 +60,8 @@ INN. This should be the domain name of the local host. It should not have a leading period, and it should not be a full host address. It is used only -if the GetFQDN() routine in libinn(3) cannot get the fully qualified -domain name by using either the gethostname(3) or gethostbyname(3) calls. +if the inn_getfqdn() routine in libinn(3) cannot get the fully qualified +domain name by using either the gethostname(3) or getaddrinfo(3) calls. The check is very simple; if either routine returns a name with a period in it, then it is assumed to have the full domain name. As this parameter is rarely used, do not use it to affect the righthand side of @@ -1118,16 +1118,32 @@ on the TLS protocol or some supported ci =item I -The string describing the cipher suites OpenSSL will support. See -OpenSSL's ciphers(1) command documentation for details. The default -is unset, which uses OpenSSL's default cipher suite list. +The string describing the cipher suites OpenSSL will support for S and below. See OpenSSL's ciphers(1) command documentation for +details. The default is unset, which uses OpenSSL's default cipher +suite list. + +=item I + +The string describing the cipher suites OpenSSL will support for S. See OpenSSL's ciphers(1) command documentation for +details. The default is unset, which uses OpenSSL's default cipher +suite list. + +Note that a separate cipher suite configuration parameter is needed for +S because S cipher suites are not compatible with +S, and vice-versa. In order to avoid issues where legacy +S cipher suite configuration configured in the I +parameter would inadvertently disable all S cipher suites, +the F configuration has been separated out. =item I -Whether to enable or disable TLS/SSL-level compression support. -This is a boolean and the default is false, that is to say compression -is disabled, so as to follow the best current practices for a secure -use of TLS in application protocols (see S for NNTP). +Whether to enable or disable TLS/SSL-level compression support, if +the negotiated protocol supports it (notably, S no longer +supports it). This is a boolean and the default is false, that is to say +compression is disabled, so as to follow the best current practices for +a secure use of TLS in application protocols (see S for NNTP). Note that enabling TLS/SSL-level compression will be possible only if the OpenSSL library INN has been built with, supports that feature. @@ -1139,7 +1155,8 @@ To see the list of curves supported by O -list_curves>. The default is unset, which means an appropriate curve is auto-selected -(if your OpenSSL version supports it) or the NIST P-256 curve is used. +(if your OpenSSL version is at least 1.0.2) or the NIST P-256 curve +is used. This option is only effective if your OpenSSL version has ECDH support. @@ -1588,7 +1605,7 @@ values for reference. Written by Rich $alz for InterNetNews and since modified, updated, and reorganized by innumerable other people. -$Id: inn.conf.pod 10245 2018-02-16 21:11:59Z iulius $ +$Id: inn.conf.pod 10304 2018-12-02 14:05:50Z iulius $ =head1 SEE ALSO diff -Nurp inn-2.6.2/doc/pod/inndf.pod inn-2.6.3/doc/pod/inndf.pod --- inn-2.6.2/doc/pod/inndf.pod 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/pod/inndf.pod 2019-02-07 07:02:22.000000000 -0800 @@ -67,7 +67,7 @@ they're posted to. Report the percentage usage of the overview database space. This is only meaningful for overview methods that pre-allocate a certain amount of -space rather than grow to accomodate more records. Currently, this flag +space rather than grow to accommodate more records. Currently, this flag is only useful for the buffindexed overview method. =back @@ -113,7 +113,7 @@ Katsuhiro Kondou added the B<-n> and B<- reporting of percentage free disk space. Support for B<-f> and B<-F> was added by Fabien Tassin . -$Id: inndf.pod 8232 2008-12-14 17:05:57Z iulius $ +$Id: inndf.pod 10283 2018-05-14 12:43:05Z iulius $ =head1 SEE ALSO diff -Nurp inn-2.6.2/doc/pod/install.pod inn-2.6.3/doc/pod/install.pod --- inn-2.6.2/doc/pod/install.pod 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/pod/install.pod 2019-02-07 07:02:22.000000000 -0800 @@ -146,7 +146,7 @@ of configure options enabling optional f versions you'll need: --with-perl Perl 5.004_03 or higher, 5.8.0+ recommended - --with-python Python 2.2.0 or higher, 2.5.0+ recommended (3.x versions currently not supported) + --with-python Python 2.3.0 or higher, 2.5.0+ recommended (in the 2.x series); Python 3.3.0 or higher (in the 3.x series) --with-bdb Berkeley DB 4.4 or higher, 4.7+ recommended --with-zlib zlib 1.x or higher --with-openssl OpenSSL 0.9.6 or higher @@ -350,9 +350,12 @@ to Perl. Enables support for Python, allowing you to install filter and authentication scripts written in Python. You will need S or later installed on your system to enable this option. -See F for all the details. Please note that S is currently not supported. +2.3.0> or later (in the 2.x series), or S or later +(in the 3.x series) installed on your system to enable this option. +See F for all the details. + +If the C<$PYTHON> environment variable is set, it will be used as the path +to Python. =item B<--with-innd-port>=PORT @@ -506,8 +509,8 @@ F for I has n affect any of the paths compiled into INN; it's used primarily in some situations like building a software distribution, where software has to be installed into some file system that will later be mounted as F -on the final system. Using DESTDIR permits to build INN, install -it into a virtual root directory, and package the resulting files +on the final system. Using DESTDIR permits building INN, installing +it into a virtual root directory, and packaging the resulting files in a single step, without manual intervention, by a non-root user. It is possible to build and install INN in this way, but you must set a DESTDIR value for the install step, and additionally, you must tell @@ -1702,6 +1705,6 @@ listed in F. If a hierarch may have to remove all the user IDs except the one that matches the F entry using C and the C command. -$Id: install.pod 10179 2017-09-18 20:13:48Z iulius $ +$Id: install.pod 10283 2018-05-14 12:43:05Z iulius $ =cut diff -Nurp inn-2.6.2/doc/pod/libinnhist.pod inn-2.6.3/doc/pod/libinnhist.pod --- inn-2.6.2/doc/pod/libinnhist.pod 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/pod/libinnhist.pod 2019-02-07 07:02:22.000000000 -0800 @@ -122,7 +122,7 @@ B returns B, else B writes a new entry to the database I associated with I. I, I, and I specify the arrival, posting, and expiry time respectively; I and I may be -specifed as <= 0 in which case that component shall be treated as +specified as <= 0 in which case that component shall be treated as absent in the database. I is associated with the specified I. B returns B on success, or B on failure. The behaviour when I is not unique with respect to the @@ -139,7 +139,7 @@ respect to the existing entries in I replaces an existing entry in the database I, associated with I. I, I, I specify the arrival, posting and expiry time respectively; I and -I may be specifed as <= 0 in which case that component shall +I may be specified as <= 0 in which case that component shall be treated as absent in the database. I is associated with the specified I; if B then the history database merely remembers that this I has been seen, together with its arrival @@ -178,7 +178,7 @@ posting and/or expiry may be zero, but t B (such entries are handled solely via the threshold mechanism). The storage token passed to the discrimination function may be updated if required (for example, as might be needed by a -hierachical storage management implementation). +hierarchical storage management implementation). Entries in the database with a posting time less than I with no token associated with them are deleted from the database. @@ -302,6 +302,6 @@ type B and will not be modified Written by Alex Kiernan for S. -$Id: libinnhist.pod 9073 2010-05-31 19:00:23Z iulius $ +$Id: libinnhist.pod 10283 2018-05-14 12:43:05Z iulius $ =cut diff -Nurp inn-2.6.2/doc/pod/news.pod inn-2.6.3/doc/pod/news.pod --- inn-2.6.2/doc/pod/news.pod 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/pod/news.pod 2019-02-07 07:02:22.000000000 -0800 @@ -1,3 +1,64 @@ +=head1 Changes in 2.6.3 + +=over 2 + +=item * + +Fixed the selection of the elliptic curve to use with S +or later; NIST P-256 was enforced instead of using the most secure curve. + +=item * + +A new F parameter has been added to fine-tune the cipher suites +to use with S: the I now permits configuring +them. A separate cipher suite configuration parameter is needed for +S because S cipher suites are not compatible with +S, and vice-versa. In order to avoid issues where legacy +S cipher suite configuration configured in the I +parameter would inadvertently disable all S cipher suites, +the F configuration has been separated out. + +=item * + +Fixed a regression since S that prevented articles with +internationalized header fields (that is to say encoded in UTF-8) +from being posted. + +=item * + +Support for S has been added to INN. Embedded Python filtering +and authentication hooks for B and B can now use S or later of the Python interpreter. In the 2.x series, S or later is still supported. + +When configuring INN with the B<--with-python> flag, the C +environment variable, when set, is used to select the interpreter +to embed. Otherwise, it is searched in standard paths. + +In case you change the Python interpreter to embed, make sure that +the Python scripts you use are written in the expected syntax for that +version of the Python interpreter. Notably, buffer objects have been +replaced with memoryview objects in S, and UTF-8 encoding +now really matters for string literals (S uses bytes and +Unicode objects). + +INN documentation and samples of Python hooks have been updated to +provide more examples. + +=item * + +When a Python or Perl filter hook rejects an article, B now mentions +the reason in response to CHECK and TAKETHIS commands. Previously, +the reason was given only for the IHAVE command. + +=item * + +B now properly logs the hostname of clients whose connection +failed owing to an issue during the negotiation of a TLS session or +high load average. + +=back + =head1 Changes in 2.6.2 =over 2 @@ -5,7 +66,7 @@ =item * A new I parameter has been added in F. -It permits to control the level of checks performed by B and +It permits controlling the level of checks performed by B and B. Up to now, only one check can be enabled/disabled: when I is mentioned in the values of this new parameter, INN accepts Message-IDs that contain C<..> in the left part, as well as Message-IDs @@ -49,7 +110,7 @@ the whole header field, as it was wrongl Added support for GnuPG's B binary (in addition to B) in B. Indeed, B still validates signatures made with weak digest algorithms like MD5 whereas B no longer do. -Thanks to Thomas Hochstein for the patch, which permits to validate +Thanks to Thomas Hochstein for the patch, which permits validating control articles for hierarchies that are still using old PGP keys. =item * @@ -112,8 +173,8 @@ protocols like NNTP. Using the new COMP =item * -The I parameter in F now also permits to -disable TLS-level compression with S. It previously +The I parameter in F now also permits +disabling TLS-level compression with S. It previously had an effect only when S or later was used. =item * @@ -193,7 +254,7 @@ This file was previously stored in F<.pu home directory (even for the news user). If you use B, you need to manually move and rename the configuration file; otherwise, it will no longer work. Note that the B<-c> flag passed to B -allows to specify another configuration file, if need be. +allows specifying another configuration file, if need be. =item * @@ -423,7 +484,7 @@ Keeping the INN test suite driver up-to- to a new B script in the F directory that automatically fetches the latest upstream changes. -Similarly, the new B script permits to keep most of +Similarly, the new B script permits keeping most of the utility and portability functions synchronized with the upstream version of the rra-c-util package maintained by Russ Allbery. @@ -442,8 +503,8 @@ Other minor bug fixes and documentation New F parameters used by B to fine-tune the TLS/SSL configuration have been added: I, I, I, I, and I. -Many thanks to Christian Mock for his contribution that permits to -tighten the level of security provided by TLS/SSL. +Many thanks to Christian Mock for his contribution that permits +tightening the level of security provided by TLS/SSL. =item * @@ -503,7 +564,7 @@ taint mode was unproperly declared. Several improvements have been contributed to B by Geraint Edwards: the new B<-a> flag adds the Diablo-compatible hashfeed ability, the new B<-B> flag triggers header-only feeding, the B<-m> -flag now permits to remove headers matching (or not) a given regexp, +flag now permits removing headers matching (or not) a given regexp, and B reporting is improved. =item * @@ -743,8 +804,8 @@ Thanks to River Tarnell for these bug re =item * It is now possible to properly generate daily statistics with B -thanks to the new B<-k> and B<-r> flags that permit to control the interval -of days for processing dump files. The new B<-c> flag permits to send a +thanks to the new B<-k> and B<-r> flags that permit controlling the interval +of days for processing dump files. The new B<-c> flag permits sending a copy of the generated e-mail to the newsmaster. Also fixed an issue with statistics that could be missing or duplicated @@ -1680,7 +1741,7 @@ descriptions. The C and C Processing control messages has been greatly improved, especially checkgroups: the F and F files are now properly updated when they are processed, and all matching lines in F -for a given checkgroups are honoured (which for instance allows to use +for a given checkgroups are honoured (which for instance allows using both B and B actions for the same checkgroups message). A new F file has also been added in I. Rules @@ -1754,7 +1815,7 @@ maintenance, running B. =item * Support for I and I parameters in F -allows to set the news user and the news group under which the news server +allows setting the news user and the news group under which the news server runs. Thanks to Ivan Shmakov for this feature. New other options have been added to configuration files: I in @@ -1897,10 +1958,10 @@ security the user wants to enforce on hi =item * A new improved version of B is shipped with INN. The B<-u> -flag permits to automatically update the F file (with a proper +flag permits updating automatically the F file (with a proper number of tabulations and an alphabetical sort), removing obsolete descriptions and adding new ones. A second argument on command-line permits -to specify which newsgroups should not be checked, so as not to treat them. +specifying which newsgroups should not be checked, so as not to treat them. =item * @@ -2081,7 +2142,7 @@ The issue was reported by Viktor Pilpeno =item * Added support for Diablo quickhash and hashfeed algorithms. -It allows to distribute the messages among several peers (new B flag +It allows distributing the messages among several peers (new B flag for F). Thanks to Miquel van Smoorenburg for this implementation in INN. @@ -2109,7 +2170,7 @@ of B spawned from B. =item * A new F parameter called I has been added: -it allows to append a common name to the Path: header +it allows appending a common name to the Path: header on all incoming articles. I and I (if set) are still appended to the path as usual, but I is always appended as the last element (e.g. on the leftmost @@ -3145,6 +3206,6 @@ directory, for now). =back -$Id: news.pod 10245 2018-02-16 21:11:59Z iulius $ +$Id: news.pod 10326 2019-02-04 14:22:34Z iulius $ =cut diff -Nurp inn-2.6.2/doc/pod/newsfeeds.pod inn-2.6.3/doc/pod/newsfeeds.pod --- inn-2.6.2/doc/pod/newsfeeds.pod 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/pod/newsfeeds.pod 2019-02-07 07:02:22.000000000 -0800 @@ -461,7 +461,7 @@ and thirteen overlapping values from C<_ Only up to four totally independent values exist: C<_0>, C<_4>, C<_8> and C<_12>. -Therefore, it allows to a generate a second level of deterministic +Therefore, it allows generating a second level of deterministic distribution. Indeed, if a news server is fed C, it can go on splitting thanks to C for instance. Up to four levels of deterministic distribution can be used. @@ -836,7 +836,7 @@ the standard newsfeeds entries used by m Written by Rich $alz for InterNetNews. Reformatted and rewritten in POD by Russ Allbery . -$Id: newsfeeds.pod 10175 2017-09-18 19:48:24Z iulius $ +$Id: newsfeeds.pod 10283 2018-05-14 12:43:05Z iulius $ =head1 SEE ALSO diff -Nurp inn-2.6.2/doc/pod/nnrpd.pod inn-2.6.3/doc/pod/nnrpd.pod --- inn-2.6.2/doc/pod/nnrpd.pod 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/pod/nnrpd.pod 2019-02-07 07:02:22.000000000 -0800 @@ -230,11 +230,11 @@ run B. (Change the path to B with C<563> if C isn't defined in F on your system. -Optionally, you may set the I, I, -I, I, and I parameters -in F to fine-tune the behaviour of the TLS/SSL negotiation -whenever a new attack on the TLS protocol or some supported cipher -suite is discovered. +Optionally, you may set the I, I, +I, I, I, and +I parameters in F to fine-tune the behaviour +of the TLS/SSL negotiation whenever a new attack on the TLS protocol +or some supported cipher suite is discovered. =head1 PROTOCOL DIFFERENCES @@ -307,7 +307,7 @@ support added by Rob Robertston to C<:12> can be used. Only up to four totally independent values exist: C<:0>, C<:4>, C<:8> and C<:12>. -Therefore, it allows to a generate a second level of deterministic +Therefore, it allows generating a second level of deterministic distribution. Indeed, if B feeds C<1/2>, it can go on splitting thanks to C<1-3/9:4> for instance. Up to four levels of deterministic distribution can be used. @@ -338,7 +338,7 @@ Geraint S greatly improved B recognized flags, fixing some bugs and integrating the B contrib script by Kai Henningsen, adding again S<6 other> flags. -$Id: pullnews.pod 9767 2014-12-07 21:13:43Z iulius $ +$Id: pullnews.pod 10283 2018-05-14 12:43:05Z iulius $ =head1 SEE ALSO diff -Nurp inn-2.6.2/doc/pod/readers.conf.pod inn-2.6.3/doc/pod/readers.conf.pod --- inn-2.6.2/doc/pod/readers.conf.pod 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/pod/readers.conf.pod 2019-02-07 07:02:22.000000000 -0800 @@ -249,7 +249,7 @@ One auth group can have multiple res: pa in the order they're listed. The results of the first successful one will be used. -Alternatively, a res block can be used instead of a res: paramater. +Alternatively, a res block can be used instead of a res: parameter. The recognized parameters in such res blocks are: =over 3 @@ -297,7 +297,7 @@ more information. A path to a perl script for authentication. The perl_auth: parameter works exactly like auth:, except that it calls the named script using -the perl hook rather then an external program. Multiple/mixed use of +the perl hook rather than an external program. Multiple/mixed use of the auth, perl_auth, and python_auth parameters is permitted within any auth group; each line is tried in the order it appears. perl_auth: has more power than auth: in that it provides the authentication @@ -310,7 +310,7 @@ configure). More information may be fou A Python script for authentication. The I parameter works exactly like I, except that it calls the named script (without its -C<.py> extension) using the Python hook rather then an external program. +C<.py> extension) using the Python hook rather than an external program. Multiple/mixed use of the I, I, and I parameters is permitted within any auth group; each line is tried in the order it appears. I has more power than I @@ -518,7 +518,7 @@ the behaviour of the I will remain in UTC, though.) This is a boolean value and the default is false. -This parameter permits to handle a relatively unusual corner case. +This parameter permits handling a relatively unusual corner case. It is mostly a tool for people who I to disclose their local time zone (it can be useful information in certain types of discussions), but whose clients don't for some reason, and who can arrange for the @@ -911,7 +911,7 @@ tunnel), use the localaddress: parameter Written by Aidan Cully for InterNetNews. Substantially expanded by Russ Allbery . -$Id: readers.conf.pod 10173 2017-09-18 19:05:32Z iulius $ +$Id: readers.conf.pod 10283 2018-05-14 12:43:05Z iulius $ =head1 SEE ALSO diff -Nurp inn-2.6.2/doc/pod/sendinpaths.pod inn-2.6.3/doc/pod/sendinpaths.pod --- inn-2.6.2/doc/pod/sendinpaths.pod 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/pod/sendinpaths.pod 2019-02-07 07:02:22.000000000 -0800 @@ -48,7 +48,7 @@ older than I days. The defau remove all dump files. Setting I to another value can be useful for debugging purpose -because it permits to keep a few dump files. +because it permits keeping a few dump files. =item B<-n> @@ -79,7 +79,7 @@ for two addresses: B was written by Olaf Titz . -$Id: sendinpaths.pod 9624 2014-03-16 13:23:46Z iulius $ +$Id: sendinpaths.pod 10283 2018-05-14 12:43:05Z iulius $ =head1 SEE ALSO diff -Nurp inn-2.6.2/doc/pod/uwildmat.pod inn-2.6.3/doc/pod/uwildmat.pod --- inn-2.6.2/doc/pod/uwildmat.pod 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/doc/pod/uwildmat.pod 2019-02-07 07:02:22.000000000 -0800 @@ -167,10 +167,10 @@ and the like rather than B to d B function provided by Rich $alz's original implementation. While this code is heavily based on Rich's original code, it has substantial differences, including the extension to support UTF-8 -characters, and has noticable functionality changes. Any bugs present in +characters, and has noticeable functionality changes. Any bugs present in it aren't Rich's fault. -$Id: uwildmat.pod 9767 2014-12-07 21:13:43Z iulius $ +$Id: uwildmat.pod 10283 2018-05-14 12:43:05Z iulius $ =head1 SEE ALSO diff -Nurp inn-2.6.2/expire/fastrm.c inn-2.6.3/expire/fastrm.c --- inn-2.6.2/expire/fastrm.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/expire/fastrm.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: fastrm.c 9844 2015-05-02 16:30:45Z iulius $ +/* $Id: fastrm.c 10283 2018-05-14 12:43:05Z iulius $ ** ** Delete a list of filenames or tokens from stdin. ** @@ -622,7 +622,7 @@ bad_path(const char *p) /* ** Main routine. Parse options, initialize the storage manager, and -** initalize various global variables, and then go into a loop calling +** initialize various global variables, and then go into a loop calling ** process_line and unlink_filelist as needed. */ int diff -Nurp inn-2.6.2/frontends/inews.c inn-2.6.3/frontends/inews.c --- inn-2.6.2/frontends/inews.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/frontends/inews.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: inews.c 10164 2017-07-11 19:38:46Z iulius $ +/* $Id: inews.c 10304 2018-12-02 14:05:50Z iulius $ ** ** Send an article (prepared by someone on the local site) to the ** master news server. @@ -404,7 +404,7 @@ CheckControl(char *ctrl) for (ctrl = p; *p && !ISWHITE(*p); p++) continue; if (p == ctrl) - die("emtpy control message"); + die("empty control message"); save = *p; *p = '\0'; @@ -608,9 +608,11 @@ ProcessHeaders(bool AddOrg, int linecoun HDR(_path) = concat(Exclusions, PATHFLUFF, (char *) 0); } else if (innconf->server != NULL) { - if ((p = GetFQDN(innconf->domain)) == NULL) - sysdie("cannot get hostname"); + p = inn_getfqdn(innconf->domain); + if (p == NULL) + sysdie("cannot get hostname"); HDR(_path) = concat(Exclusions, p, "!", PATHFLUFF, (char *) 0); + free(p); } else { HDR(_path) = concat(Exclusions, PATHFLUFF, (char *) 0); diff -Nurp inn-2.6.2/frontends/ovdb_server.c inn-2.6.3/frontends/ovdb_server.c --- inn-2.6.2/frontends/ovdb_server.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/frontends/ovdb_server.c 2019-02-07 07:02:22.000000000 -0800 @@ -279,7 +279,7 @@ process_cmd(struct reader *r) case CMD_ARTINFO: r->state = STATE_READGROUP; if(cmd->grouplen == 0) { - /* shoudn't happen... */ + /* shouldn't happen... */ r->mode = MODE_CLOSED; close(r->fd); free(r->buf); diff -Nurp inn-2.6.2/history/Makefile inn-2.6.3/history/Makefile --- inn-2.6.2/history/Makefile 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/history/Makefile 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -## $Id: Makefile 10231 2018-01-28 21:23:03Z iulius $ +## $Id: Makefile 10321 2018-12-29 13:47:14Z iulius $ include ../Makefile.global @@ -8,7 +8,7 @@ include ../Makefile.global # recover from make update. We can't use .OLD extensions for the shared # library since ldconfig will think .OLD sorts after the regular library and # will point the binaries at the old library. -LTVERSION = 3:2:0 +LTVERSION = 3:3:0 top = .. CFLAGS = $(GCFLAGS) -I. diff -Nurp inn-2.6.2/history/his.c inn-2.6.3/history/his.c --- inn-2.6.2/history/his.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/history/his.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: his.c 9748 2014-11-23 21:37:46Z iulius $ +/* $Id: his.c 10305 2018-12-02 14:21:56Z iulius $ ** ** API to history routines ** @@ -453,9 +453,9 @@ his_logger(const char *s, int code) if (HISstat_start[code].tv_sec != 0) { fprintf(HISfdlog, "%d/%d/%d %02d:%02d:%02d.%06d: [%d] %s (%.6f)\n", tm->tm_year + 1900, tm->tm_mon + 1, tm->tm_mday, tm->tm_hour, - tm->tm_min, tm->tm_sec, (int)tv.tv_usec, code, s, (float) tv.tv_sec + - (float) tv.tv_usec / 1000000 - (float) HISstat_start[code].tv_sec - - (float) HISstat_start[code].tv_usec / 1000000); + tm->tm_min, tm->tm_sec, (int)tv.tv_usec, code, s, (double) tv.tv_sec + + (double) tv.tv_usec / 1000000 - (double) HISstat_start[code].tv_sec - + (double) HISstat_start[code].tv_usec / 1000000); if (tv.tv_usec < HISstat_start[code].tv_usec) { HISstat_total[code].tv_sec++; HISstat_total[code].tv_usec += diff -Nurp inn-2.6.2/history/hisv6/hisv6.c inn-2.6.3/history/hisv6/hisv6.c --- inn-2.6.2/history/hisv6/hisv6.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/history/hisv6/hisv6.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: hisv6.c 9659 2014-08-30 08:08:11Z iulius $ +/* $Id: hisv6.c 10305 2018-12-02 14:21:56Z iulius $ ** ** History v6 implementation against the history API. ** @@ -79,9 +79,9 @@ hisv6_errloc(char *s, size_t line, off_t { if (offset != -1) { /* really we want an autoconf test for %ll/%L/%I64, sigh */ - sprintf(s, "@%.0f", (double)offset); + snprintf(s, HISV6_MAX_LOCATION, "@%lu", (unsigned long)offset); } else { - sprintf(s, ":%lu", (unsigned long)line); + snprintf(s, HISV6_MAX_LOCATION, ":%lu", (unsigned long)line); } } diff -Nurp inn-2.6.2/include/clibrary.h inn-2.6.3/include/clibrary.h --- inn-2.6.2/include/clibrary.h 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/include/clibrary.h 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: clibrary.h 10246 2018-02-16 21:12:42Z iulius $ +/* $Id: clibrary.h 10287 2018-05-21 12:42:24Z iulius $ * * Standard system includes and portability adjustments. * @@ -77,6 +77,11 @@ /* Get the bool type. */ #include "portable/stdbool.h" +/* In case uint32_t and associated limits weren't defined. */ +#ifndef UINT32_MAX +# define UINT32_MAX 4294967295UL +#endif + /* Windows provides snprintf under a different name. */ #ifdef _WIN32 # define snprintf _snprintf diff -Nurp inn-2.6.2/include/config.h.in inn-2.6.3/include/config.h.in --- inn-2.6.2/include/config.h.in 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/include/config.h.in 2019-02-07 07:02:22.000000000 -0800 @@ -73,9 +73,6 @@ /* Define if you have a dbm library. */ #undef HAVE_DBM -/* Define if you have the header file. */ -#undef HAVE_DB_H - /* Define to 1 if you have the declaration of `altzone', and to 0 if you don't. */ #undef HAVE_DECL_ALTZONE @@ -258,9 +255,6 @@ /* Define if libssl is available. */ #undef HAVE_OPENSSL -/* Define if you have the header file. */ -#undef HAVE_OPENSSL_SSL_H - /* Define if you have PAM. */ #undef HAVE_PAM @@ -282,9 +276,6 @@ /* Define if libsasl2 is available. */ #undef HAVE_SASL -/* Define if you have the header file. */ -#undef HAVE_SASL_SASL_H - /* Define to 1 if you have the header file. */ #undef HAVE_SECURITY_PAM_APPL_H @@ -458,9 +449,6 @@ /* Define if libz is available. */ #undef HAVE_ZLIB -/* Define if you have the header file. */ -#undef HAVE_ZLIB_H - /* Define to 1 if the system has the type `_Bool'. */ #undef HAVE__BOOL diff -Nurp inn-2.6.2/include/inn/dbz.h inn-2.6.3/include/inn/dbz.h --- inn-2.6.2/include/inn/dbz.h 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/include/inn/dbz.h 2019-02-07 07:02:22.000000000 -0800 @@ -69,6 +69,11 @@ extern long dbzsize(off_t contents); extern void dbzsetoptions(const dbzoptions options); extern void dbzgetoptions(dbzoptions *options); +#ifdef DBZTEST +extern int timediffms(struct timeval start, struct timeval end); +extern void RemoveDBZ(char *filename); +#endif /* DBZTEST */ + END_DECLS #endif /* INN_DBZ_H */ diff -Nurp inn-2.6.2/include/inn/innconf.h inn-2.6.3/include/inn/innconf.h --- inn-2.6.2/include/inn/innconf.h 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/include/inn/innconf.h 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: innconf.h 10149 2017-06-05 12:24:58Z iulius $ +/* $Id: innconf.h 10301 2018-11-11 14:42:17Z iulius $ ** ** inn.conf parser interface. ** @@ -133,6 +133,7 @@ struct innconf { char *tlscertfile; /* Path to the TLS/SSL certificate to use */ char *tlskeyfile; /* Path to the key for the certificate */ char *tlsciphers; /* OpenSSL-style cipher string */ + char *tlsciphers13; /* OpenSSL-style cipher string for TLS 1.3 */ bool tlscompression; /* Turn TLS compression on/off */ char *tlseccurve; /* ECDH curve name */ bool tlspreferserverciphers; /* Make server select the cipher */ diff -Nurp inn-2.6.2/include/inn/libinn.h inn-2.6.3/include/inn/libinn.h --- inn-2.6.2/include/inn/libinn.h 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/include/inn/libinn.h 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: libinn.h 10149 2017-06-05 12:24:58Z iulius $ +/* $Id: libinn.h 10304 2018-12-02 14:05:50Z iulius $ ** ** Here be declarations of functions in the InterNetNews library. */ @@ -137,9 +137,14 @@ extern FILE * CA_listopen(char *pathna const char *request); extern void CAclose(void); -extern char * GetFQDN(char *domain); -extern char * GetModeratorAddress(FILE *FromServer, FILE *ToServer, - char *group, char *moderatormailer); +/* Return the fully-qualified domain name of the local system in + newly-allocated memory, or NULL if it cannot be discovered. The caller is + responsible for freeing. If the host's domain cannot be found in DNS, use + the domain argument as a fallback. */ +extern char * inn_getfqdn(const char *domain); + +extern char * GetModeratorAddress(FILE *FromServer, FILE *ToServer, + char *group, char *moderatormailer); #define TEMPORARYOPEN 0 #define INND_HISTORY 1 diff -Nurp inn-2.6.2/innd/chan.c inn-2.6.3/innd/chan.c --- inn-2.6.2/innd/chan.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/innd/chan.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: chan.c 9905 2015-06-20 20:51:22Z iulius $ +/* $Id: chan.c 10305 2018-12-02 14:21:56Z iulius $ ** ** I/O channel (and buffer) processing. ** @@ -296,14 +296,15 @@ CHANclose_nntp(CHANNEL *cp, const char * cp->Refused - cp->Refused_checkpoint, cp->Rejected - cp->Rejected_checkpoint, cp->Duplicate - cp->Duplicate_checkpoint, - cp->Size - cp->Size_checkpoint, - cp->DuplicateSize - cp->DuplicateSize_checkpoint, - cp->RejectSize - cp->RejectSize_checkpoint); + (double) (cp->Size - cp->Size_checkpoint), + (double) (cp->DuplicateSize - cp->DuplicateSize_checkpoint), + (double) (cp->RejectSize - cp->RejectSize_checkpoint)); notice("%s closed seconds %ld accepted %ld refused %ld rejected %ld" " duplicate %ld accepted size %.0f duplicate size %.0f" " rejected size %.0f", name, (long)(Now.tv_sec - cp->Started), cp->Received, cp->Refused, cp->Rejected, cp->Duplicate, - cp->Size, cp->DuplicateSize, cp->RejectSize); + (double) cp->Size, (double) cp->DuplicateSize, + (double) cp->RejectSize); } if (cp->Data.Newsgroups.Data != NULL) { free(cp->Data.Newsgroups.Data); diff -Nurp inn-2.6.2/innd/innd.c inn-2.6.3/innd/innd.c --- inn-2.6.2/innd/innd.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/innd/innd.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: innd.c 10263 2018-03-10 14:51:53Z iulius $ +/* $Id: innd.c 10283 2018-05-14 12:43:05Z iulius $ ** ** Variable definitions, miscellany, and main(). */ @@ -716,7 +716,7 @@ main(int ac, char *av[]) if (!SMsetup(SM_RDWR, &flag) || !SMsetup(SM_PREOPEN, &flag)) die("SERVER cant set up storage manager"); if (!SMinit()) - die("SERVER cant initalize storage manager: %s", SMerrorstr); + die("SERVER cant initialize storage manager: %s", SMerrorstr); #if defined(_DEBUG_MALLOC_INC) m.i = 1; diff -Nurp inn-2.6.2/innd/innd.h inn-2.6.3/innd/innd.h --- inn-2.6.2/innd/innd.h 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/innd/innd.h 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: innd.h 10263 2018-03-10 14:51:53Z iulius $ +/* $Id: innd.h 10282 2018-05-14 12:42:14Z iulius $ ** ** Many of the data types used here have abbreviations, such as CT for a ** channel type. Here are a list of the conventions and meanings: @@ -862,6 +862,11 @@ extern void PYmode(OPERATINGMODE mode, char *reason); extern void PYsetup(void); extern void PYclose(void); +# if PY_MAJOR_VERSION >= 3 +extern PyMODINIT_FUNC PyInit_INN(void); +# else +extern void PyInit_INN(void); +# endif #endif /* DO_PYTHON */ END_DECLS diff -Nurp inn-2.6.2/innd/nc.c inn-2.6.3/innd/nc.c --- inn-2.6.2/innd/nc.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/innd/nc.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: nc.c 10149 2017-06-05 12:24:58Z iulius $ +/* $Id: nc.c 10305 2018-12-02 14:21:56Z iulius $ ** ** Routines for the NNTP channel. Other channels get the descriptors which ** we turn into NNTP channels, and over which we speak NNTP. @@ -289,9 +289,9 @@ NCpostit(CHANNEL *cp) cp->Refused - cp->Refused_checkpoint, cp->Rejected - cp->Rejected_checkpoint, cp->Duplicate - cp->Duplicate_checkpoint, - cp->Size - cp->Size_checkpoint, - cp->DuplicateSize - cp->DuplicateSize_checkpoint, - cp->RejectSize - cp->RejectSize_checkpoint); + (double) (cp->Size - cp->Size_checkpoint), + (double) (cp->DuplicateSize - cp->DuplicateSize_checkpoint), + (double) (cp->RejectSize - cp->RejectSize_checkpoint)); cp->Reported = 0; cp->Started_checkpoint = Now.tv_sec; cp->Received_checkpoint = cp->Received; @@ -642,7 +642,7 @@ NCihave(CHANNEL *cp) { char *buff = NULL; #if defined(DO_PERL) || defined(DO_PYTHON) - char *filterrc; + char *filterrc = NULL; size_t msglen; #endif /*defined(DO_PERL) || defined(DO_PYTHON) */ @@ -1801,7 +1801,7 @@ NCcheck(CHANNEL *cp) char *buff = NULL; size_t idlen, msglen; #if defined(DO_PERL) || defined(DO_PYTHON) - char *filterrc; + char *filterrc = NULL; #endif /* DO_PERL || DO_PYTHON */ cp->Check++; @@ -1819,7 +1819,8 @@ NCcheck(CHANNEL *cp) cp->Sendid.data = xmalloc(cp->Sendid.size); } if (!IsValidMessageID(cp->av[1], false, laxmid)) { - snprintf(cp->Sendid.data, cp->Sendid.size, "%d %s", + snprintf(cp->Sendid.data, cp->Sendid.size, + "%d %s Syntax error in message-ID", NNTP_FAIL_CHECK_REFUSE, cp->av[1]); NCwritereply(cp, cp->Sendid.data); syslog(L_NOTICE, "%s bad_messageid %s", CHANname(cp), @@ -1830,7 +1831,7 @@ NCcheck(CHANNEL *cp) if ((innconf->refusecybercancels) && (strncmp(cp->av[1], "Refused++; cp->Check_cybercan++; - snprintf(cp->Sendid.data, cp->Sendid.size, "%d %s", + snprintf(cp->Sendid.data, cp->Sendid.size, "%d %s Cyberspam cancel", NNTP_FAIL_CHECK_REFUSE, cp->av[1]); NCwritereply(cp, cp->Sendid.data); return; @@ -1853,8 +1854,8 @@ NCcheck(CHANNEL *cp) filterrc = PLmidfilter(cp->av[1]); if (filterrc) { cp->Refused++; - snprintf(cp->Sendid.data, cp->Sendid.size, "%d %s", - NNTP_FAIL_CHECK_REFUSE, cp->av[1]); + snprintf(cp->Sendid.data, cp->Sendid.size, "%d %s %.200s", + NNTP_FAIL_CHECK_REFUSE, cp->av[1], filterrc); NCwritereply(cp, cp->Sendid.data); return; } @@ -1865,8 +1866,8 @@ NCcheck(CHANNEL *cp) filterrc = PYmidfilter(cp->av[1], idlen); if (filterrc) { cp->Refused++; - snprintf(cp->Sendid.data, cp->Sendid.size, "%d %s", - NNTP_FAIL_CHECK_REFUSE, cp->av[1]); + snprintf(cp->Sendid.data, cp->Sendid.size, "%d %s %.200s", + NNTP_FAIL_CHECK_REFUSE, cp->av[1], filterrc); NCwritereply(cp, cp->Sendid.data); return; } @@ -1875,23 +1876,23 @@ NCcheck(CHANNEL *cp) if (HIScheck(History, cp->av[1]) || cp->Ignore) { cp->Refused++; cp->Check_got++; - snprintf(cp->Sendid.data, cp->Sendid.size, "%d %s", + snprintf(cp->Sendid.data, cp->Sendid.size, "%d %s Duplicate", NNTP_FAIL_CHECK_REFUSE, cp->av[1]); NCwritereply(cp, cp->Sendid.data); } else if (WIPinprogress(cp->av[1], cp, true)) { cp->Check_deferred++; if (cp->NoResendId) { cp->Refused++; - snprintf(cp->Sendid.data, cp->Sendid.size, "%d %s", + snprintf(cp->Sendid.data, cp->Sendid.size, "%d %s Do not resend", NNTP_FAIL_CHECK_REFUSE, cp->av[1]); } else { - snprintf(cp->Sendid.data, cp->Sendid.size, "%d %s", + snprintf(cp->Sendid.data, cp->Sendid.size, "%d %s Retry later", NNTP_FAIL_CHECK_DEFER, cp->av[1]); } NCwritereply(cp, cp->Sendid.data); } else { cp->Check_send++; - snprintf(cp->Sendid.data, cp->Sendid.size, "%d %s", + snprintf(cp->Sendid.data, cp->Sendid.size, "%d %s Send it", NNTP_OK_CHECK, cp->av[1]); NCwritereply(cp, cp->Sendid.data); } @@ -1912,7 +1913,7 @@ NCtakethis(CHANNEL *cp) size_t idlen, msglen; WIP *wp; #if defined(DO_PERL) || defined(DO_PYTHON) - char *filterrc; + char *filterrc = NULL; #endif /* DO_PERL || DO_PYTHON */ cp->Takethis++; @@ -1969,9 +1970,20 @@ NCtakethis(CHANNEL *cp) cp->Sendid.size = MED_BUFFER; cp->Sendid.data = xmalloc(cp->Sendid.size); } + /* Save ID for later NACK or ACK. */ +#if defined(DO_PERL) || defined(DO_PYTHON) + if (filterrc != NULL) { + snprintf(cp->Sendid.data, cp->Sendid.size, "%d %s %.200s", + returncode, mid, filterrc); + } else { + snprintf(cp->Sendid.data, cp->Sendid.size, "%d %s", + returncode, mid); + } +#else snprintf(cp->Sendid.data, cp->Sendid.size, "%d %s", returncode, mid); +#endif /* defined(DO_PERL) || defined(DO_PYTHON) */ cp->ArtBeg = Now.tv_sec; cp->State = CSgetheader; diff -Nurp inn-2.6.2/innd/perl.c inn-2.6.3/innd/perl.c --- inn-2.6.2/innd/perl.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/innd/perl.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: perl.c 10229 2018-01-28 21:21:21Z iulius $ +/* $Id: perl.c 10305 2018-12-02 14:21:56Z iulius $ ** ** Perl filtering support for innd. ** @@ -92,7 +92,7 @@ PLartfilter(const ARTDATA *data, char *a since it could potentially be quite large. In testing, this produced a 17% speed improvement over making a copy of the article body for a fairly heavy filter. - Available since Perl 5.7.1, newSVpvn_share allows to avoid such + Available since Perl 5.7.1, newSVpvn_share allows avoiding such a copy (getting round its use for older versions of Perl leads to unreliable SV * bodies as for regexps). And for Perl not to compute a hash for artBody, we give it "42". */ @@ -206,7 +206,7 @@ PLmidfilter(char *messageID) ** mode and the reason. */ void -PLmode(OPERATINGMODE Mode, OPERATINGMODE NewMode, char *reason) +PLmode(OPERATINGMODE CurrentMode, OPERATINGMODE NewMode, char *reason) { dSP; HV *mode; @@ -221,13 +221,13 @@ PLmode(OPERATINGMODE Mode, OPERATINGMODE the reason in $mode{reason}. */ mode = perl_get_hv("mode", 1); - if (Mode == OMrunning) + if (CurrentMode == OMrunning) (void) hv_store(mode, "Mode", 4, newSVpv("running", 7), 0); - if (Mode == OMpaused) + if (CurrentMode == OMpaused) (void) hv_store(mode, "Mode", 4, newSVpv("paused", 6), 0); - if (Mode == OMthrottled) + if (CurrentMode == OMthrottled) (void) hv_store(mode, "Mode", 4, newSVpv("throttled", 9), 0); - if (Mode == OMshutdown) + if (CurrentMode == OMshutdown) (void) hv_store(mode, "Mode", 4, newSVpv("shutdown", 8), 0); if (NewMode == OMrunning) diff -Nurp inn-2.6.2/innd/python.c inn-2.6.3/innd/python.c --- inn-2.6.2/innd/python.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/innd/python.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: python.c 10229 2018-01-28 21:21:21Z iulius $ +/* $Id: python.c 10305 2018-12-02 14:21:56Z iulius $ ** ** Embed Python in the style of innd's Perl stuff. ** @@ -41,6 +41,18 @@ typedef int Py_ssize_t; #endif +#if PY_MAJOR_VERSION >= 3 +# define PyInt_FromLong PyLong_FromLong +# define PyString_AS_STRING PyUnicode_AsUTF8 +# define PyString_FromStringAndSize PyBytes_FromStringAndSize +# define PyString_InternFromString PyUnicode_InternFromString +# define PYBUFF_FROMMEMORY(str, len) \ + PyMemoryView_FromMemory((str), (len), PyBUF_WRITE) +#else +# define PYBUFF_FROMMEMORY(str, len) \ + PyBuffer_FromMemory((str), (len)) +#endif + #include "clibrary.h" #include "inn/innconf.h" @@ -56,7 +68,7 @@ PyObject *PYFilterModule = NULL; PyObject *PYheaders = NULL; PyObject **PYheaditem; PyObject **PYheadkey; -PyObject *PYpathkey, *PYlineskey, *PYbodykey; +PyObject *PYlineskey, *PYbodykey; /* External functions. */ PyObject *msgid_method = NULL; @@ -126,7 +138,7 @@ PYartfilter(const ARTDATA *data, char *a hdrnum = 0; for (i = 0 ; i < MAX_ARTHEADER ; i++) { if (HDR_FOUND(i)) { - PYheaditem[hdrnum] = PyBuffer_FromMemory(HDR(i), HDR_LEN(i)); + PYheaditem[hdrnum] = PYBUFF_FROMMEMORY(HDR(i), HDR_LEN(i)); } else PYheaditem[hdrnum] = Py_None; PyDict_SetItem(PYheaders, PYheadkey[hdrnum], PYheaditem[hdrnum]); @@ -135,7 +147,7 @@ PYartfilter(const ARTDATA *data, char *a /* ...then the body... */ if (artLen && artBody != NULL) - PYheaditem[hdrnum] = PyBuffer_FromMemory(artBody, --artLen); + PYheaditem[hdrnum] = PYBUFF_FROMMEMORY(artBody, --artLen); else PYheaditem[hdrnum] = Py_None; PyDict_SetItem(PYheaders, PYbodykey, PYheaditem[hdrnum++]); @@ -198,7 +210,7 @@ PYmidfilter(char *messageID, int msglen) ** Tell the external module about innd's state. */ void -PYmode(OPERATINGMODE Mode, OPERATINGMODE NewMode, char *reason) +PYmode(OPERATINGMODE CurrentMode, OPERATINGMODE NewMode, char *reason) { PyObject *result; char oldmode[10], newmode[10]; @@ -206,7 +218,7 @@ PYmode(OPERATINGMODE Mode, OPERATINGMODE if (!PythonFilterActive || PYFilterObject == NULL || mode_method == NULL) return; - switch (Mode) { + switch (CurrentMode) { default: strlcpy(oldmode, "unknown", 10); break; case OMrunning: strlcpy(oldmode, "running", 10); break; case OMpaused: strlcpy(oldmode, "paused", 10); break; @@ -304,7 +316,7 @@ PY_addhist(PyObject *self UNUSED, PyObje char *msgid; Py_ssize_t msgidlen; char *articlepaths = (char *) ""; - char tbuff[12]; + char tbuff[32]; char *parambuf[6]; if (!PyArg_ParseTuple(args, (char *) "s#", &msgid, &msgidlen)) @@ -514,7 +526,8 @@ PY_hashstring(PyObject *self UNUSED, PyO /* Compress out multiple whitespace in the trimmed string. We * do a copy because this is probably an original art * buffer. */ - workstring = memcpy(xmalloc(worksize), wpos, worksize); + workstring = xmalloc(worksize + 1); + memcpy(workstring, wpos, worksize); wasspace = false; p = wpos; q = workstring; @@ -564,6 +577,36 @@ static PyMethodDef INNPyMethods[] = { METHOD(NULL, NULL, 0, "") }; +#if PY_MAJOR_VERSION >= 3 +static struct PyModuleDef INNPyModule = { + PyModuleDef_HEAD_INIT, /* m_base */ + (char *) "INN", /* m_name */ + (char *) "innd Python filter hook", /* m_doc */ + -1, /* m_size */ + INNPyMethods, /* m_methods */ + NULL, /* m_slots */ + NULL, /* m_traverse */ + NULL, /* m_clear */ + NULL, /* m_free */ +}; + +PyMODINIT_FUNC +PyInit_INN(void) { + PyObject *module = PyModule_Create(&INNPyModule); + + if (module == NULL) + syslog(L_ERROR, "failed to create innd python module"); + + return module; +} +#else +void +PyInit_INN(void) { + if (Py_InitModule3((char *) "INN", INNPyMethods, + (char *) "innd Python filter hook") == NULL) + syslog(L_ERROR, "failed to initialize innd python module"); +} +#endif /* @@ -699,11 +742,14 @@ PYsetup(void) const ARTHEADER *hp; size_t hdrcount; - /* Add path for nnrpd module. The environment variable PYTHONPATH + /* Add path for innd module. The environment variable PYTHONPATH * does it; one can also append innconf->pathfilter to sys.path once * Python has been initialized. */ setenv("PYTHONPATH", innconf->pathfilter, 1); + /* Build a module interface to certain INN functions. */ + PyImport_AppendInittab("INN", &PyInit_INN); + /* Load up the interpreter ;-O */ Py_Initialize(); @@ -718,12 +764,10 @@ PYsetup(void) return; } - /* Build a module interface to certain INN functions. */ - Py_InitModule((char *) "INN", INNPyMethods); - PYFilterModule = PyImport_ImportModule((char *) INN_PATH_PYTHON_STARTUP_M); if (PYFilterModule == NULL) - syslog(L_ERROR, "failed to import external python module"); + syslog(L_ERROR, "failed to import external %s python module", + INN_PATH_PYTHON_STARTUP_M); if (PYFilterObject == NULL) { syslog(L_ERROR, "python filter object is not defined"); @@ -742,10 +786,9 @@ PYsetup(void) PYheaditem = xmalloc((hdrcount + 2) * sizeof(PyObject *)); PYheadkey = xmalloc(hdrcount * sizeof(PyObject *)); - /* Preallocate keys for the article dictionary */ + /* Preallocate keys for the article dictionary. */ for (hp = ARTheaders; hp < ARRAY_END(ARTheaders); hp++) PYheadkey[hp - ARTheaders] = PyString_InternFromString(hp->Name); - PYpathkey = PyString_InternFromString("Path"); PYlineskey = PyString_InternFromString("__LINES__"); PYbodykey = PyString_InternFromString("__BODY__"); diff -Nurp inn-2.6.2/innd/site.c inn-2.6.3/innd/site.c --- inn-2.6.2/innd/site.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/innd/site.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: site.c 10122 2016-11-25 22:39:35Z iulius $ +/* $Id: site.c 10305 2018-12-02 14:21:56Z iulius $ ** ** Routines to implement site-feeding. Mainly working with channels to ** do buffering and determine what to send. @@ -334,7 +334,7 @@ SITEwritefromflags(SITE *sp, ARTDATA *Da HDRCONTENT *hc = Data->HdrContent; static char ITEMSEP[] = " "; static char NL[] = "\n"; - char pbuff[12]; + char pbuff[32]; char *p; bool Dirty; struct buffer *bp; diff -Nurp inn-2.6.2/innd/status.c inn-2.6.3/innd/status.c --- inn-2.6.2/innd/status.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/innd/status.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: status.c 10009 2016-05-05 12:39:19Z iulius $ +/* $Id: status.c 10305 2018-12-02 14:21:56Z iulius $ ** ** Periodic status reporting. */ @@ -85,12 +85,12 @@ static char * PrettySize(float size, char *str) { if (size > 1073741824) /* 1024*1024*1024 */ - sprintf (str, "%.1fGb", size / 1073741824.); + sprintf (str, "%.1fGb", (double) size / 1073741824.); else if (size > 1048576) /* 1024*1024 */ - sprintf (str, "%.1fMb", size / 1048576.); + sprintf (str, "%.1fMb", (double) size / 1048576.); else - sprintf (str, "%.1fkb", size / 1024.); + sprintf (str, "%.1fkb", (double) size / 1024.); return (str); } @@ -117,7 +117,7 @@ STATUSsummary(void) char other_ip_addr[INET6_ADDRSTRLEN]; char *p; STATUS *head, *status, *tmp; - char str[9]; + char str[315]; /* Maximum buffer size for PrettySize() */ time_t now; if (innconf->htmlstatus) { @@ -296,18 +296,18 @@ STATUSsummary(void) if (!offered) offered = 1; /* to avoid division by zero */ if (!size) size = 1; /* avoid divide by zero here too */ fprintf (F, " accepted: %-9lu %%accepted: %.1f%%\n", - accepted, (float) accepted / offered * 100); + accepted, (double) accepted / offered * 100); fprintf (F, " refused: %-9lu %%refused: %.1f%%\n", - refused, (float) refused / offered * 100); + refused, (double) refused / offered * 100); fprintf (F, " rejected: %-9lu %%rejected: %.1f%%\n", - rejected, (float) rejected / offered * 100); + rejected, (double) rejected / offered * 100); fprintf (F, " duplicated: %-9lu %%duplicated: %.1f%%\n", - duplicate, (float) duplicate / offered * 100); + duplicate, (double) duplicate / offered * 100); fprintf (F, " bytes: %-7s\n", PrettySize (size + DuplicateSize + RejectSize, str)); fprintf (F, " duplicated size: %-7s %%duplicated size: %.1f%%\n", - PrettySize(DuplicateSize, str), (float) DuplicateSize / size * 100); + PrettySize(DuplicateSize, str), (double) (DuplicateSize / size * 100)); fprintf (F, " rejected size: %-7s %%rejected size: %.1f%%\n", - PrettySize(RejectSize, str), (float) RejectSize / size * 100); + PrettySize(RejectSize, str), (double) (RejectSize / size * 100)); fputc ('\n', F) ; if(innconf->logstatus) { @@ -316,7 +316,7 @@ STATUSsummary(void) "accepted size %.0f duplicate size %.0f rejected size %.0f\n", "ME", (long) seconds, accepted, refused, rejected, duplicate, - size, DuplicateSize, RejectSize); + (double) size, (double) DuplicateSize, (double) RejectSize); } /* Incoming Feeds */ @@ -370,7 +370,8 @@ STATUSsummary(void) "accepted size %.0f duplicate size %.0f rejected size %.0f\n", status->name, (long) status->seconds, status->accepted, status->refused, status->rejected, status->Duplicate, - status->Size, status->DuplicateSize, status->RejectSize); + (double) status->Size, (double) status->DuplicateSize, + (double) status->RejectSize); } tmp = status->next; diff -Nurp inn-2.6.2/innfeed/config_l.c inn-2.6.3/innfeed/config_l.c --- inn-2.6.2/innfeed/config_l.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/innfeed/config_l.c 2019-02-07 07:02:22.000000000 -0800 @@ -494,7 +494,7 @@ int yy_flex_debug = 0; char *yytext; #line 1 "configfile.l" #line 2 "configfile.l" -/* $Id: configfile.l 10181 2017-10-16 04:13:18Z eagle $ +/* $Id: configfile.l 10305 2018-12-02 14:21:56Z iulius $ ** ** A flex input file for the innfeed config file. ** @@ -520,8 +520,10 @@ char *yytext; /* Some versions of flex (such as 2.6.1-1.3 in Debian stretch) declare a variable as int that should be size_t. We can't really do much about - that, and it's fixed in current flex, so just suppress the warning. */ + that, and it's fixed in current flex, so just suppress the warning. + Same thing for a possible NULL pointer dereference. */ #pragma GCC diagnostic ignored "-Wsign-compare" +#pragma GCC diagnostic ignored "-Wnull-dereference" #if defined (FLEX_DEBUG) #define YY_USER_INIT yy_flex_debug = (getenv ("YYDEBUG") == NULL ? 0 : 1) @@ -558,7 +560,7 @@ struct includeFile { int include_stack_ptr = 0; -#line 562 "lex.yy.c" +#line 564 "lex.yy.c" #define INITIAL 0 #define incl 1 @@ -780,10 +782,10 @@ YY_DECL } { -#line 71 "configfile.l" +#line 73 "configfile.l" -#line 787 "lex.yy.c" +#line 789 "lex.yy.c" while ( /*CONSTCOND*/1 ) /* loops until end-of-file is reached */ { @@ -844,42 +846,42 @@ do_action: /* This label is used only to case 1: /* rule 1 can match eol */ YY_RULE_SETUP -#line 73 "configfile.l" +#line 75 "configfile.l" lineCount++ ; YY_BREAK case 2: YY_RULE_SETUP -#line 75 "configfile.l" +#line 77 "configfile.l" { return (COLON) ; } YY_BREAK case 3: YY_RULE_SETUP -#line 77 "configfile.l" +#line 79 "configfile.l" { return (LBRACE) ; } YY_BREAK case 4: YY_RULE_SETUP -#line 79 "configfile.l" +#line 81 "configfile.l" { return (RBRACE) ; } YY_BREAK case 5: YY_RULE_SETUP -#line 81 "configfile.l" +#line 83 "configfile.l" { return (PEER) ; } YY_BREAK case 6: YY_RULE_SETUP -#line 83 "configfile.l" +#line 85 "configfile.l" BEGIN(incl); YY_BREAK case 7: YY_RULE_SETUP -#line 85 "configfile.l" +#line 87 "configfile.l" /* eat the whitespace before include filename */ YY_BREAK case 8: YY_RULE_SETUP -#line 87 "configfile.l" +#line 89 "configfile.l" { if (include_stack_ptr == MAX_INCLUDE_DEPTH - 1) { @@ -914,7 +916,7 @@ YY_RULE_SETUP YY_BREAK case YY_STATE_EOF(INITIAL): case YY_STATE_EOF(incl): -#line 119 "configfile.l" +#line 121 "configfile.l" { if ( include_stack_ptr <= 0 ) yyterminate(); @@ -928,22 +930,22 @@ case YY_STATE_EOF(incl): YY_BREAK case 9: YY_RULE_SETUP -#line 130 "configfile.l" +#line 132 "configfile.l" { return (GROUP) ; } YY_BREAK case 10: YY_RULE_SETUP -#line 132 "configfile.l" +#line 134 "configfile.l" { (void) 0 ; } YY_BREAK case 11: YY_RULE_SETUP -#line 134 "configfile.l" +#line 136 "configfile.l" { (void) 1 ; } YY_BREAK case 12: YY_RULE_SETUP -#line 136 "configfile.l" +#line 138 "configfile.l" { switch (yytext[2]) { case '\\': yylval.chr = '\\' ; break ; @@ -959,19 +961,19 @@ YY_RULE_SETUP YY_BREAK case 13: YY_RULE_SETUP -#line 149 "configfile.l" +#line 151 "configfile.l" { yylval.chr = yytext[1] ; return (CHAR) ; } YY_BREAK case 14: YY_RULE_SETUP -#line 151 "configfile.l" +#line 153 "configfile.l" { yylval.chr = (char)strtol(&yytext[2], (char **)NULL, 8); return (CHAR) ;} YY_BREAK case 15: /* rule 15 can match eol */ YY_RULE_SETUP -#line 154 "configfile.l" +#line 156 "configfile.l" {{ size_t i ; @@ -1063,17 +1065,17 @@ YY_RULE_SETUP YY_BREAK case 16: YY_RULE_SETUP -#line 243 "configfile.l" +#line 245 "configfile.l" { yylval.integer = atoi (yytext) ; return (IVAL) ; } YY_BREAK case 17: YY_RULE_SETUP -#line 245 "configfile.l" +#line 247 "configfile.l" { yylval.real = atof (yytext) ; return (RVAL) ; } YY_BREAK case 18: YY_RULE_SETUP -#line 247 "configfile.l" +#line 249 "configfile.l" { yylval.name = xstrdup (yytext) ; if (strcasecmp (yylval.name,"false") == 0) @@ -1086,10 +1088,10 @@ YY_RULE_SETUP YY_BREAK case 19: YY_RULE_SETUP -#line 257 "configfile.l" +#line 259 "configfile.l" ECHO; YY_BREAK -#line 1093 "lex.yy.c" +#line 1095 "lex.yy.c" case YY_END_OF_BUFFER: { @@ -2091,7 +2093,7 @@ void yyfree (void * ptr ) #define YYTABLES_NAME "yytables" -#line 257 "configfile.l" +#line 259 "configfile.l" diff -Nurp inn-2.6.2/innfeed/configfile.l inn-2.6.3/innfeed/configfile.l --- inn-2.6.2/innfeed/configfile.l 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/innfeed/configfile.l 2019-02-07 07:02:22.000000000 -0800 @@ -1,5 +1,5 @@ %{ -/* $Id: configfile.l 10181 2017-10-16 04:13:18Z eagle $ +/* $Id: configfile.l 10305 2018-12-02 14:21:56Z iulius $ ** ** A flex input file for the innfeed config file. ** @@ -25,8 +25,10 @@ /* Some versions of flex (such as 2.6.1-1.3 in Debian stretch) declare a variable as int that should be size_t. We can't really do much about - that, and it's fixed in current flex, so just suppress the warning. */ + that, and it's fixed in current flex, so just suppress the warning. + Same thing for a possible NULL pointer dereference. */ #pragma GCC diagnostic ignored "-Wsign-compare" +#pragma GCC diagnostic ignored "-Wnull-dereference" #if defined (FLEX_DEBUG) #define YY_USER_INIT yy_flex_debug = (getenv ("YYDEBUG") == NULL ? 0 : 1) diff -Nurp inn-2.6.2/innfeed/connection.c inn-2.6.3/innfeed/connection.c --- inn-2.6.2/innfeed/connection.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/innfeed/connection.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: connection.c 10229 2018-01-28 21:21:21Z iulius $ +/* $Id: connection.c 10283 2018-05-14 12:43:05Z iulius $ ** ** The implementation of the innfeed Connection class. ** @@ -2150,7 +2150,7 @@ static void responseIsRead (EndPoint e, } } - /* Now handle possible remaining partial reponse and set up for + /* Now handle possible remaining partial response and set up for next read. */ if (*response != '\0') { /* partial response */ @@ -2497,7 +2497,7 @@ static void writeProgress (EndPoint e UN */ /* - * This is called when the timeout for the reponse from the remote + * This is called when the timeout for the response from the remote * goes off. We tear down the connection and notify our host. */ static void responseTimeoutCbk (TimeoutId id, void *data) @@ -2727,7 +2727,7 @@ static void cxnWorkProc (EndPoint ep UNU /**************************************************************************** * - * REPONSE CODE PROCESSING. + * RESPONSE CODE PROCESSING. * ***************************************************************************/ @@ -3226,7 +3226,7 @@ static void processResponse235 (Connecti /* - * process the "send article to be transfered" reponse to the IHAVE. + * process the "send article to be transfered" response to the IHAVE. */ static void processResponse335 (Connection cxn, char *response UNUSED) { @@ -3326,7 +3326,7 @@ static void processResponse400 (Connecti /* - * process the "not wanted" reponse to the IHAVE. + * process the "not wanted" response to the IHAVE. */ static void processResponse435 (Connection cxn, char *response UNUSED) { @@ -3588,7 +3588,7 @@ static void processResponse503 (Connecti /**************************************************************************** * - * END REPONSE CODE PROCESSING. + * END RESPONSE CODE PROCESSING. * ***************************************************************************/ @@ -3677,10 +3677,10 @@ static void noSuchMessageId (Connection const char *peerName = hostPeerName (cxn->myHost) ; if (msgid == NULL || strlen (msgid) == 0) - warn ("%s:%d cxnsleep message-id missing in reponse code %d: %s", + warn ("%s:%d cxnsleep message-id missing in response code %d: %s", peerName, cxn->ident, responseCode, response) ; else - warn ("%s:%d cxnsleep message-id invalid message-id in reponse code" + warn ("%s:%d cxnsleep message-id invalid message-id in response code" " %d: %s", peerName, cxn->ident, responseCode, msgid) ; cxnLogStats (cxn,true) ; @@ -4434,7 +4434,7 @@ static int prepareWriteWithTimeout (EndP { /* Clear the read timer, since we can't expect a response until everything is sent. - XXX - would be nice to have a timeout for reponses if we're sending a + XXX - would be nice to have a timeout for responses if we're sending a string of commands. */ clearTimer (cxn->readBlockedTimerId) ; diff -Nurp inn-2.6.2/innfeed/host.c inn-2.6.3/innfeed/host.c --- inn-2.6.2/innfeed/host.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/innfeed/host.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: host.c 10153 2017-06-05 12:28:01Z iulius $ +/* $Id: host.c 10305 2018-12-02 14:21:56Z iulius $ ** ** The implementation of the innfeed Host class. ** @@ -2124,7 +2124,7 @@ bool hostCxnGone (Host host, Connection if (hostsLeft == 0) { snprintf(msgstr, sizeof(msgstr), "accsize %.0f rejsize %.0f", - procArtsSizeAccepted, procArtsSizeRejected); + (double) procArtsSizeAccepted, (double) procArtsSizeRejected); notice ("ME global seconds %ld offered %ld accepted %ld refused %ld" " rejected %ld missing %ld %s spooled %ld unspooled %ld", (long) (now - start), @@ -3473,7 +3473,7 @@ static void hostPrintStatus (Host host, double cnt = (host->blCount) ? (host->blCount) : 1.0; double size; char *tsize; - char buf[]="1.23e+5 TB"; /* usual length is shorter, like "12.3 MB" */ + char buf[]="1.234e+05 TB"; /* usual length is shorter, like "12.34 MB" */ ASSERT (host != NULL) ; ASSERT (fp != NULL) ; @@ -3614,19 +3614,20 @@ static void hostPrintStatus (Host host, #ifdef XXX_STATSHACK { - time_t now = time(NULL), sec = (long) (now - host->connectTime); - float or, ar, rr, jr; + time_t now2 = time(NULL); + time_t sec2 = (long) (now2 - host->connectTime); + double or, ar, rr, jr; - if (sec != 0) { - or = (float) host->artsOffered / (float) sec; - ar = (float) host->artsAccepted / (float) sec; - rr = (float) host->artsNotWanted / (float) sec; - jr = (float) host->artsRejected / (float) sec; - fprintf(fp, "\t\tor %02.2f ar %02.2f rr %02.2f jr %02.2f\n", + if (sec2 != 0) { + or = (double) host->artsOffered / (double) sec2; + ar = (double) host->artsAccepted / (double) sec2; + rr = (double) host->artsNotWanted / (double) sec2; + jr = (double) host->artsRejected / (double) sec2; + fprintf(fp, " or %02.2f ar %02.2f rr %02.2f jr %02.2f\n", or, ar, rr, jr); } - fprintf(fp, "\tmissing %d spooled %d\n", - host->artsMissing,host->backlogSpooled); + fprintf(fp, " missing %u spooled %u\n", + host->artsMissing, host->artsToTape); } #endif /* XXX_STATSHACK */ diff -Nurp inn-2.6.2/innfeed/host.h inn-2.6.3/innfeed/host.h --- inn-2.6.2/innfeed/host.h 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/innfeed/host.h 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: host.h 7786 2008-04-25 11:55:39Z iulius $ +/* $Id: host.h 10283 2018-05-14 12:43:05Z iulius $ ** ** The public interface to the Host class. ** @@ -40,7 +40,7 @@ extern void mainLogStatus (FILE *fp) ; * ARTTIMEOUT is the max amount of time we'll wait for a new article * from INN before considering the connection unused and we'll close * down. - * RESPTIMEOUT is the max amount of time we'll wait for any reponse + * RESPTIMEOUT is the max amount of time we'll wait for any response * from a remote. Past this we'll close down the network connection. * INITIALCXNS is the number of Connections to create at Host creation time. * MAXCXNS is the maximum number of parallel connections to the diff -Nurp inn-2.6.2/innfeed/imap_connection.c inn-2.6.3/innfeed/imap_connection.c --- inn-2.6.2/innfeed/imap_connection.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/innfeed/imap_connection.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: imap_connection.c 10184 2017-11-04 15:34:52Z iulius $ +/* $Id: imap_connection.c 10306 2018-12-02 14:26:13Z iulius $ ** ** Feed articles to an IMAP server via LMTP and IMAP. ** @@ -45,9 +45,6 @@ #include "article.h" #include "configfile.h" -#ifndef HAVE_SASL_SASL_H -# undef HAVE_SASL -#endif #ifdef HAVE_SASL # include # include @@ -1290,6 +1287,9 @@ getsecret(sasl_conn_t *conn, return SASL_OK; } +#if __GNUC__ > 7 +# pragma GCC diagnostic ignored "-Wcast-function-type" +#endif /* callbacks we support */ static sasl_callback_t saslcallbacks[] = { @@ -1306,6 +1306,10 @@ static sasl_callback_t saslcallbacks[] = } }; +#if __GNUC__ > 7 +# pragma GCC diagnostic warning "-Wcast-function-type" +#endif + static sasl_security_properties_t *make_secprops(int min,int max) { sasl_security_properties_t *ret= @@ -1354,7 +1358,8 @@ static conn_ret SetSASLProperties(sasl_c { sasl_security_properties_t *secprops=NULL; socklen_t addrsize = sizeof(struct sockaddr_in); - char localip[60], remoteip[60]; + char localip[NI_MAXHOST+NI_MAXSERV+1]; + char remoteip[NI_MAXHOST+NI_MAXSERV+1]; struct sockaddr_in saddr_l; struct sockaddr_in saddr_r; @@ -1792,7 +1797,7 @@ static void imap_writeTimeoutCbk (Timeou } /* - * This is called when the timeout for the reponse from the remote + * This is called when the timeout for the response from the remote * goes off. We tear down the connection and notify our host. */ static void imap_readTimeoutCbk (TimeoutId id, void *data) @@ -1994,7 +1999,7 @@ static void prepareReopenCbk (Connection } /* - * This is called when the timeout for the reponse from the remote + * This is called when the timeout for the response from the remote * goes off. We tear down the connection and notify our host. */ static void lmtp_readTimeoutCbk (TimeoutId id, void *data) @@ -3293,7 +3298,7 @@ static void lmtp_readCB (EndPoint e, IoS break; case LMTP_READING_LHLO: - /* recieve the response(s) */ + /* receive the response(s) */ response_code = ask_code(str); if (response_code != 250) /* was none */ @@ -3479,7 +3484,7 @@ static void lmtp_readCB (EndPoint e, IoS return; } - /* we pipelined so next we recieve the mail from response */ + /* we pipelined so next we receive the mail from response */ cxn->lmtp_state = LMTP_READING_MAILFROM; goto reset; @@ -3495,7 +3500,7 @@ static void lmtp_readCB (EndPoint e, IoS return; } - /* we pipelined so next we recieve the rcpt's */ + /* we pipelined so next we receive the rcpt's */ cxn->lmtp_state = LMTP_READING_RCPTTO; goto reset; break; diff -Nurp inn-2.6.2/innfeed/misc.c inn-2.6.3/innfeed/misc.c --- inn-2.6.2/innfeed/misc.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/innfeed/misc.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: misc.c 10040 2016-07-31 20:01:43Z iulius $ +/* $Id: misc.c 10305 2018-12-02 14:21:56Z iulius $ ** ** Helper routines for the innfeed program. ** @@ -381,7 +381,7 @@ void deadBeef (void *base, size_t byteCo bool lockFile (const char *fileName) { char buff [20] ; - char tmpName [PATH_MAX], realName [PATH_MAX] ; + char tmpName [PATH_MAX+sizeof(long)+10], realName [PATH_MAX] ; char *p ; int fd, i ; pid_t pid = getpid () ; diff -Nurp inn-2.6.2/innfeed/misc.h inn-2.6.3/innfeed/misc.h --- inn-2.6.2/innfeed/misc.h 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/innfeed/misc.h 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: misc.h 9913 2015-07-07 16:31:52Z iulius $ +/* $Id: misc.h 10283 2018-05-14 12:43:05Z iulius $ ** ** Miscellaneous utility functions for innfeed. ** @@ -56,7 +56,7 @@ void d_printf (unsigned int level, const /* for the gethostbyname() error code */ const char *host_err_str (void) ; -/* parse a reponse line into it's code and body. *rest will end up pointing +/* parse a response line into it's code and body. *rest will end up pointing into the middle of p */ bool getNntpResponse (char *p, int *code, char **rest) ; diff -Nurp inn-2.6.2/lib/Makefile inn-2.6.3/lib/Makefile --- inn-2.6.2/lib/Makefile 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/lib/Makefile 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -## $Id: Makefile 10266 2018-03-10 14:59:27Z iulius $ +## $Id: Makefile 10321 2018-12-29 13:47:14Z iulius $ include ../Makefile.global @@ -8,7 +8,7 @@ include ../Makefile.global # recover from make update. We can't use .OLD extensions for the shared # library since ldconfig will think .OLD sorts after the regular library and # will point the binaries at the old library. -LTVERSION = 5:0:0 +LTVERSION = 6:0:0 top = .. CFLAGS = $(GCFLAGS) diff -Nurp inn-2.6.2/lib/dbz.c inn-2.6.3/lib/dbz.c --- inn-2.6.2/lib/dbz.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/lib/dbz.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: dbz.c 10119 2016-11-09 20:30:01Z iulius $ +/* $Id: dbz.c 10283 2018-05-14 12:43:05Z iulius $ ** ** dbz database implementation V6.1.1 ** @@ -283,7 +283,7 @@ static hash_table etab; /* exist #endif static bool dirty; /* has a store() been done? */ static erec empty_rec; /* empty rec to compare against - initalized in dbzinit */ + initialized in dbzinit */ /* misc. forwards */ static bool getcore(hash_table *tab); diff -Nurp inn-2.6.2/lib/getfqdn.c inn-2.6.3/lib/getfqdn.c --- inn-2.6.2/lib/getfqdn.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/lib/getfqdn.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,96 +1,54 @@ -/* $Id: getfqdn.c 10235 2018-02-03 20:52:30Z eagle $ +/* $Id: getfqdn.c 10304 2018-12-02 14:05:50Z iulius $ ** +** Discover the fully-qualified domain name of the local host. */ #include "config.h" #include "clibrary.h" -#include +#include "portable/socket.h" #include "inn/libinn.h" -#include "inn/paths.h" +#include "inn/xmalloc.h" /* -** Get the fully qualified domain name for this host, as reported -** by the system. +** Return the fully-qualified domain name of the local system in +** newly-allocated memory, or NULL if it cannot be discovered. The caller is +** responsible for freeing. If the host's domain cannot be found in DNS, use +** the domain argument as a fallback. */ -char *GetFQDN(char *domain) +char * +inn_getfqdn(const char *domain) { - static char buff[SMBUF]; - struct hostent *hp; - char *p; - char **ap; -#if 0 - /* See comments below. */ - char temp[SMBUF + 2]; -#endif /* 0 */ - - /* Return any old results. */ - if (buff[0]) - return buff; - - /* Try gethostname. */ - if (gethostname(buff, (int)sizeof buff) < 0) - return NULL; - if (strchr(buff, '.') != NULL) - return buff; - - /* - ** See if DNS (or /etc/hosts) gives us a full domain name. If the host - ** doesn't exist in DNS at all but we were given a domain name, use the - ** fallback of appending that domain to the hostname. - */ - if ((hp = gethostbyname(buff)) == NULL) - goto fallback; -#if 0 - /* This code is a "feature" that allows multiple domains (NIS or - * DNS, I'm not sure) to work with a single INN server. However, - * it turns out to cause more problems for people, and they have to - * use hacks like __switch_gethostbyname, etc. So if you need this, - * turn it on, but don't complain to me. */ - if (strchr(hp->h_name, '.') == NULL) { - /* Try to force DNS lookup if NIS/whatever gets in the way. */ - strlcpy(temp, buff, sizeof(temp)); - strlcat(temp, ".", sizeof(temp)); - hp = gethostbyname(temp); - } - if (hp == NULL) { + char hostname[BUFSIZ]; + struct addrinfo hints, *res; + char *fqdn, *canon; + + /* If gethostname fails, there's nothing we can do. */ + if (gethostname(hostname, sizeof(hostname)) < 0) return NULL; - } -#endif /* 0 */ - /* First, see if the main name is a FQDN. It should be. */ - if (strchr(hp->h_name, '.') != NULL) { - if (strlen(hp->h_name) < sizeof buff - 1) { - strlcpy(buff, hp->h_name, sizeof(buff)); - return buff; + /* If the local hostname is already fully qualified, just return it. */ + if (strchr(hostname, '.') != NULL) + return xstrdup(hostname); + + /* Attempt to canonicalize with DNS. */ + memset(&hints, 0, sizeof(hints)); + hints.ai_family = AF_UNSPEC; + hints.ai_flags = AI_CANONNAME; + if (getaddrinfo(hostname, NULL, &hints, &res) == 0) { + canon = res->ai_canonname; + if (canon != NULL && strchr(canon, '.') != NULL) { + fqdn = xstrdup(canon); + freeaddrinfo(res); + return fqdn; } - /* Doesn't fit; make sure we don't return bad data next time. */ - buff[0] = '\0'; - return hp->h_name; + freeaddrinfo(res); } - /* Second, see if any aliases are. */ - if ((ap = hp->h_aliases) != NULL) - while ((p = *ap++) != NULL) - if (strchr(p, '.') != NULL) { - /* Deja-vous all over again. */ - if (strlen(p) < sizeof buff - 1) { - strlcpy(buff, p, sizeof(buff)); - return buff; - } - buff[0] = '\0'; - return p ; - } - - /* Give up: Get the domain config param and append it. */ -fallback: - if ((p = domain) == NULL || *p == '\0') - return NULL; - if (strlen(buff) + 1 + strlen(p) > sizeof buff - 1) - /* Doesn't fit. */ - return NULL; - strlcat(buff, ".", sizeof(buff)); - strlcat(buff, p, sizeof(buff)); - return buff; + /* Fall back on canonicalizing with a provided domain. */ + if (domain == NULL || domain[0] == '\0') + return NULL; + xasprintf(&fqdn, "%s.%s", hostname, domain); + return fqdn; } diff -Nurp inn-2.6.2/lib/headers.c inn-2.6.3/lib/headers.c --- inn-2.6.2/lib/headers.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/lib/headers.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: headers.c 10071 2016-09-17 20:40:43Z iulius $ +/* $Id: headers.c 10326 2019-02-04 14:22:34Z iulius $ ** ** Routines for headers: manipulation and checks. */ @@ -40,6 +40,7 @@ IsValidHeaderName(const char *p) /* ** Check whether the argument is a valid header field body. It starts ** after the space following the header field name and its colon. +** Internationalized header fields encoded in UTF-8 are allowed. ** ** We currently assume the maximal line length has already been checked. */ @@ -52,13 +53,11 @@ IsValidHeaderBody(const char *p) if (p == NULL || *p == '\0') return false; + if (!is_valid_utf8(p)) + return false; + for (; *p != '\0'; p++) { - if (isgraph((unsigned char) *p)) { - /* Current header content line contains a (non-whitespace) - * printable char. */ - emptycontentline = false; - continue; - } else if (ISWHITE(*p)) { + if (ISWHITE(*p)) { /* Skip SP and TAB. */ continue; } else if (*p == '\n' || (*p == '\r' && *++p == '\n')) { @@ -75,9 +74,15 @@ IsValidHeaderBody(const char *p) * re-initialize emptycontentline to true. */ emptycontentline = true; continue; - } else { - /* Invalid character found. */ + } else if (p[-1] == '\r') { + /* Case of CR not followed by LF (handled at the previous + * if statement). */ return false; + } else { + /* Current header content line contains a (non-whitespace) + * character. */ + emptycontentline = false; + continue; } } diff -Nurp inn-2.6.2/lib/innconf.c inn-2.6.3/lib/innconf.c --- inn-2.6.2/lib/innconf.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/lib/innconf.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: innconf.c 10149 2017-06-05 12:24:58Z iulius $ +/* $Id: innconf.c 10304 2018-12-02 14:05:50Z iulius $ ** ** Manage the global innconf struct. ** @@ -234,6 +234,7 @@ const struct config config_table[] = { { K(tlscertfile), STRING (NULL) }, { K(tlskeyfile), STRING (NULL) }, { K(tlsciphers), STRING (NULL) }, + { K(tlsciphers13), STRING (NULL) }, { K(tlscompression), BOOL (false) }, { K(tlseccurve), STRING (NULL) }, { K(tlspreferserverciphers), BOOL (true) }, @@ -331,9 +332,9 @@ innconf_set_defaults(void) /* Some parameters have defaults that depend on other parameters. */ if (innconf->fromhost == NULL) - innconf->fromhost = xstrdup(GetFQDN(innconf->domain)); + innconf->fromhost = inn_getfqdn(innconf->domain); if (innconf->pathhost == NULL) - innconf->pathhost = xstrdup(GetFQDN(innconf->domain)); + innconf->pathhost = inn_getfqdn(innconf->domain); if (innconf->pathtmp == NULL) innconf->pathtmp = xstrdup(INN_PATH_TMP); @@ -471,11 +472,14 @@ static bool innconf_validate(struct config_group *group) { bool okay = true; + char *fqdn; - if (GetFQDN(innconf->domain) == NULL) { + fqdn = inn_getfqdn(innconf->domain); + if (fqdn == NULL) { warn("hostname does not resolve or domain not set in inn.conf"); okay = false; } + free(fqdn); if (innconf->mta == NULL) { warn("must set mta in inn.conf"); okay = false; diff -Nurp inn-2.6.2/lib/inndcomm.c inn-2.6.3/lib/inndcomm.c --- inn-2.6.2/lib/inndcomm.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/lib/inndcomm.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: inndcomm.c 9761 2014-12-04 20:47:19Z iulius $ +/* $Id: inndcomm.c 10283 2018-05-14 12:43:05Z iulius $ ** ** Library routines to let other programs control innd. */ @@ -96,7 +96,7 @@ ICCopen(void) return -1; } - /* Adjust the socket buffer size to accomodate large responses. Ignore + /* Adjust the socket buffer size to accommodate large responses. Ignore failure; the message may fit anyway, and if not, we'll fail below. */ setsockopt(ICCfd, SOL_SOCKET, SO_RCVBUF, &size, sizeof(size)); diff -Nurp inn-2.6.2/lib/messageid.c inn-2.6.3/lib/messageid.c --- inn-2.6.2/lib/messageid.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/lib/messageid.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: messageid.c 10149 2017-06-05 12:24:58Z iulius $ +/* $Id: messageid.c 10304 2018-12-02 14:05:50Z iulius $ ** ** Routines for message-IDs: generation and checks. */ @@ -30,6 +30,7 @@ GenerateMessageID(char *domain) static char buff[SMBUF]; static int count; char *p; + char *fqdn = NULL; char sec32[10]; char pid32[10]; time_t now; @@ -42,10 +43,13 @@ GenerateMessageID(char *domain) && strcmp(domain, innconf->domain) != 0)) { p = domain; } else { - if ((p = GetFQDN(domain)) == NULL) - return NULL; + fqdn = inn_getfqdn(domain); + if (fqdn == NULL) + return NULL; + p = fqdn; } snprintf(buff, sizeof(buff), "<%s$%s$%d@%s>", sec32, pid32, ++count, p); + free(fqdn); return buff; } diff -Nurp inn-2.6.2/lib/uwildmat.c inn-2.6.3/lib/uwildmat.c --- inn-2.6.2/lib/uwildmat.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/lib/uwildmat.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: uwildmat.c 9767 2014-12-07 21:13:43Z iulius $ +/* $Id: uwildmat.c 10326 2019-02-04 14:22:34Z iulius $ ** ** wildmat pattern matching with Unicode UTF-8 extensions. ** @@ -63,6 +63,8 @@ #include "config.h" #include "clibrary.h" +#include + #include "inn/libinn.h" #define ABORT -1 @@ -100,7 +102,8 @@ utf8_length(const unsigned char *start, /* -** Check whether a string contains only valid UTF-8 characters. +** Check whether a string contains only valid UTF-8 characters, without +** any ASCII control characters except for \r, \n and \t. */ bool is_valid_utf8(const char *text) @@ -120,10 +123,16 @@ is_valid_utf8(const char *text) p++; - /* Valid ASCII. */ - if (length == 0) - continue; - + /* Valid printable ASCII character or CR, LF or HTAB. */ + if (length == 0) { + if(isprint((unsigned char) p[-1]) + || p[-1] == '\r' || p[-1] == '\n' || p[-1] == '\t') { + continue; + } else { + return false; + } + } + /* Invalid length. */ if (length < 2 || length > 6) return false; @@ -350,7 +359,7 @@ match_expression(const unsigned char *te return !*text ? UWILDMAT_MATCH : UWILDMAT_FAIL; end = start + strlen((const char *) start) - 1; - /* Main match loop. Find each comma that separates patterns, and attempt + /* Main match loop. Find each comma that separates patterns, and attempt to match the text with each pattern in order. The last matching pattern determines whether the whole expression matches. */ for (; p <= end + 1; p = split + 1) { diff -Nurp inn-2.6.2/m4/bdb.m4 inn-2.6.3/m4/bdb.m4 --- inn-2.6.2/m4/bdb.m4 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/m4/bdb.m4 2019-02-07 07:02:22.000000000 -0800 @@ -1,5 +1,5 @@ dnl Find the compiler and linker flags for the Berkeley DB library. -dnl $Id: bdb.m4 10246 2018-02-16 21:12:42Z iulius $ +dnl $Id: bdb.m4 10306 2018-12-02 14:26:13Z iulius $ dnl dnl Finds the compiler and linker flags for linking with the Berkeley DB dnl library. Provides the --with-bdb, --with-bdb-lib, and --with-bdb-include @@ -30,6 +30,7 @@ dnl The canonical version of this file i dnl package, available at . dnl dnl Written by Russ Allbery +dnl Copyright 2018 Russ Allbery dnl Copyright 2013 dnl The Board of Trustees of the Leland Stanford Junior University dnl @@ -53,10 +54,13 @@ dnl if "true", says to fail if the Berke AC_DEFUN([_INN_LIB_BDB_INTERNAL], [INN_LIB_HELPER_PATHS([BDB]) INN_LIB_BDB_SWITCH - AC_CHECK_LIB([db], [db_create], - [BDB_LIBS="-ldb"], + AC_CHECK_HEADER([db.h], + [AC_CHECK_LIB([db], [db_create], + [BDB_LIBS="-ldb"], + [AS_IF([test x"$1" = xtrue], + [AC_MSG_ERROR([cannot find usable Berkeley DB library])])])], [AS_IF([test x"$1" = xtrue], - [AC_MSG_ERROR([cannot find usable Berkeley DB library])])]) + [AC_MSG_ERROR([cannot find usable Berkeley DB header])])]) INN_LIB_BDB_RESTORE]) dnl The main macro for packages with mandatory Berkeley DB support. @@ -75,7 +79,8 @@ AC_DEFUN([INN_LIB_BDB_OPTIONAL], [AS_IF([test x"$inn_use_BDB" = xtrue], [_INN_LIB_BDB_INTERNAL([true])], [_INN_LIB_BDB_INTERNAL([false])])]) - AS_IF([test x"$BDB_LIBS" != x], + AS_IF([test x"$BDB_LIBS" = x], + [INN_LIB_HELPER_VAR_CLEAR([BDB])], [inn_use_BDB=true AC_DEFINE([HAVE_BDB], 1, [Define if libdb is available.])])]) diff -Nurp inn-2.6.2/m4/krb5-config.m4 inn-2.6.3/m4/krb5-config.m4 --- inn-2.6.2/m4/krb5-config.m4 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/m4/krb5-config.m4 2019-02-07 07:02:22.000000000 -0800 @@ -1,5 +1,5 @@ dnl Use krb5-config to get link paths for Kerberos libraries. -dnl $Id: krb5-config.m4 10266 2018-03-10 14:59:27Z iulius $ +dnl $Id: krb5-config.m4 10287 2018-05-21 12:42:24Z iulius $ dnl dnl Provides one macro, INN_KRB5_CONFIG, which attempts to get compiler and dnl linker flags for a library via krb5-config and sets the appropriate shell @@ -12,7 +12,8 @@ dnl The canonical version of this file i dnl package, available at . dnl dnl Written by Russ Allbery -dnl Copyright 2011-2012, 2018 +dnl Copyright 2018 Russ Allbery +dnl Copyright 2011-2012 dnl The Board of Trustees of the Leland Stanford Junior University dnl dnl This file is free software; the authors give unlimited permission to copy diff -Nurp inn-2.6.2/m4/krb5.m4 inn-2.6.3/m4/krb5.m4 --- inn-2.6.2/m4/krb5.m4 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/m4/krb5.m4 2019-02-07 07:02:22.000000000 -0800 @@ -1,5 +1,5 @@ dnl Find the compiler and linker flags for Kerberos. -dnl $Id: krb5.m4 10246 2018-02-16 21:12:42Z iulius $ +dnl $Id: krb5.m4 10306 2018-12-02 14:26:13Z iulius $ dnl dnl Finds the compiler and linker flags for linking with Kerberos libraries. dnl Provides the --with-krb5, --with-krb5-include, and --with-krb5-lib @@ -51,7 +51,7 @@ dnl The canonical version of this file i dnl package, available at . dnl dnl Written by Russ Allbery -dnl Copyright 2005-2011, 2013-2014 +dnl Copyright 2005-2011, 2013-2014, 2018 dnl The Board of Trustees of the Leland Stanford Junior University dnl dnl This file is free software; the authors give unlimited permission to copy @@ -140,26 +140,27 @@ dnl linkage. The single argument, if tr dnl be found. AC_DEFUN([_INN_LIB_KRB5_REDUCED], [INN_LIB_KRB5_SWITCH - AC_CHECK_LIB([krb5], [krb5_init_context], [KRB5_LIBS="-lkrb5"], + AC_CHECK_LIB([krb5], [krb5_init_context], + [KRB5_LIBS="-lkrb5" + LIBS="$KRB5_LIBS $LIBS" + _INN_LIB_KRB5_CHECK_HEADER_KRB5 + AC_CHECK_FUNCS([krb5_get_error_message], + [AC_CHECK_FUNCS([krb5_free_error_message])], + [AC_CHECK_FUNCS([krb5_get_error_string], [], + [AC_CHECK_FUNCS([krb5_get_err_txt], [], + [AC_CHECK_LIB([ksvc], [krb5_svc_get_msg], + [KRB5_LIBS="$KRB5_LIBS -lksvc" + AC_DEFINE([HAVE_KRB5_SVC_GET_MSG], [1]) + AC_CHECK_HEADERS([ibm_svc/krb5_svc.h], [], [], + [INN_INCLUDES_KRB5])], + [AC_CHECK_LIB([com_err], [com_err], + [KRB5_LIBS="$KRB5_LIBS -lcom_err"], + [AS_IF([test x"$1" = xtrue], + [AC_MSG_ERROR([cannot find usable com_err library])], + [KRB5_LIBS=""])]) + _INN_LIB_KRB5_CHECK_HEADER_COM_ERR])])])])], [AS_IF([test x"$1" = xtrue], [AC_MSG_ERROR([cannot find usable Kerberos library])])]) - LIBS="$KRB5_LIBS $LIBS" - _INN_LIB_KRB5_CHECK_HEADER_KRB5 - AC_CHECK_FUNCS([krb5_get_error_message], - [AC_CHECK_FUNCS([krb5_free_error_message])], - [AC_CHECK_FUNCS([krb5_get_error_string], [], - [AC_CHECK_FUNCS([krb5_get_err_txt], [], - [AC_CHECK_LIB([ksvc], [krb5_svc_get_msg], - [KRB5_LIBS="$KRB5_LIBS -lksvc" - AC_DEFINE([HAVE_KRB5_SVC_GET_MSG], [1]) - AC_CHECK_HEADERS([ibm_svc/krb5_svc.h], [], [], - [INN_INCLUDES_KRB5])], - [AC_CHECK_LIB([com_err], [com_err], - [KRB5_LIBS="$KRB5_LIBS -lcom_err"], - [AS_IF([test x"$1" = xtrue], - [AC_MSG_ERROR([cannot find usable com_err library])], - [KRB5_LIBS=""])]) - _INN_LIB_KRB5_CHECK_HEADER_COM_ERR])])])]) INN_LIB_KRB5_RESTORE]) dnl Does the appropriate library checks for Kerberos linkage when we don't diff -Nurp inn-2.6.2/m4/lib-helper.m4 inn-2.6.3/m4/lib-helper.m4 --- inn-2.6.2/m4/lib-helper.m4 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/m4/lib-helper.m4 2019-02-07 07:02:22.000000000 -0800 @@ -1,5 +1,5 @@ dnl Helper functions to manage compiler variables. -dnl $Id: lib-helper.m4 10246 2018-02-16 21:12:42Z iulius $ +dnl $Id: lib-helper.m4 10306 2018-12-02 14:26:13Z iulius $ dnl dnl These are a wide variety of helper macros to make it easier to construct dnl standard macros to probe for a library and to set library-specific @@ -13,6 +13,7 @@ dnl The canonical version of this file i dnl package, available at . dnl dnl Written by Russ Allbery +dnl Copyright 2018 Russ Allbery dnl Copyright 2011, 2013 dnl The Board of Trustees of the Leland Stanford Junior University dnl @@ -91,6 +92,14 @@ AC_DEFUN([INN_LIB_HELPER_VAR_INIT], AC_SUBST([$1][_LDFLAGS]) AC_SUBST([$1][_LIBS])]) +dnl Unset all of the variables used by a library probe. Used with the +dnl _OPTIONAL versions of header probes when a header or library wasn't found +dnl and therefore the library isn't usable. +AC_DEFUN([INN_LIB_HELPER_VAR_CLEAR], +[$1[]_CPPFLAGS= + $1[]_LDFLAGS= + $1[]_LIBS=]) + dnl Handles --with options for a non-optional library. First argument is the dnl base for the switch names. Second argument is the short description. dnl Third argument is the variable prefix. The variables set are used by diff -Nurp inn-2.6.2/m4/libtool.m4 inn-2.6.3/m4/libtool.m4 --- inn-2.6.2/m4/libtool.m4 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/m4/libtool.m4 2019-02-07 07:02:22.000000000 -0800 @@ -4063,7 +4063,8 @@ _LT_EOF if AC_TRY_EVAL(ac_compile); then # Now try to grab the symbols. nlist=conftest.nm - if AC_TRY_EVAL(NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) && test -s "$nlist"; then + $ECHO "$as_me:$LINENO: $NM conftest.$ac_objext | $lt_cv_sys_global_symbol_pipe > $nlist" >&AS_MESSAGE_LOG_FD + if eval "$NM" conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist 2>&AS_MESSAGE_LOG_FD && test -s "$nlist"; then # Try sorting and uniquifying the output. if sort "$nlist" | uniq > "$nlist"T; then mv -f "$nlist"T "$nlist" @@ -6438,7 +6439,7 @@ if test yes != "$_lt_caught_CXX_error"; # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' + output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"' else GXX=no @@ -6813,7 +6814,7 @@ if test yes != "$_lt_caught_CXX_error"; # explicitly linking system object files so we need to strip them # from the output so that they don't get included in the library # dependencies. - output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP "\-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' + output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $EGREP " \-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' ;; *) if test yes = "$GXX"; then @@ -6878,7 +6879,7 @@ if test yes != "$_lt_caught_CXX_error"; # explicitly linking system object files so we need to strip them # from the output so that they don't get included in the library # dependencies. - output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP "\-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' + output_verbose_link_cmd='templist=`($CC -b $CFLAGS -v conftest.$objext 2>&1) | $GREP " \-L"`; list= ; for z in $templist; do case $z in conftest.$objext) list="$list $z";; *.$objext);; *) list="$list $z";;esac; done; func_echo_all "$list"' ;; *) if test yes = "$GXX"; then @@ -7217,7 +7218,7 @@ if test yes != "$_lt_caught_CXX_error"; # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' + output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"' else # FIXME: insert proper C++ library support @@ -7301,7 +7302,7 @@ if test yes != "$_lt_caught_CXX_error"; # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. - output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' + output_verbose_link_cmd='$CC -shared $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"' else # g++ 2.7 appears to require '-G' NOT '-shared' on this # platform. @@ -7312,7 +7313,7 @@ if test yes != "$_lt_caught_CXX_error"; # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when # linking a shared library. - output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP "\-L"' + output_verbose_link_cmd='$CC -G $CFLAGS -v conftest.$objext 2>&1 | $GREP -v "^Configured with:" | $GREP " \-L"' fi _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='$wl-R $wl$libdir' diff -Nurp inn-2.6.2/m4/openssl.m4 inn-2.6.3/m4/openssl.m4 --- inn-2.6.2/m4/openssl.m4 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/m4/openssl.m4 2019-02-07 07:02:22.000000000 -0800 @@ -1,5 +1,5 @@ dnl Find the compiler and linker flags for OpenSSL. -dnl $Id: openssl.m4 10246 2018-02-16 21:12:42Z iulius $ +dnl $Id: openssl.m4 10306 2018-12-02 14:26:13Z iulius $ dnl dnl Finds the compiler and linker flags for linking with both the OpenSSL SSL dnl library and its crypto library. Provides the --with-openssl, @@ -28,7 +28,7 @@ dnl The canonical version of this file i dnl package, available at . dnl dnl Written by Russ Allbery -dnl Copyright 2016 Russ Allbery +dnl Copyright 2016, 2018 Russ Allbery dnl Copyright 2010, 2013 dnl The Board of Trustees of the Leland Stanford Junior University dnl @@ -49,20 +49,11 @@ dnl INN_LIB_OPENSSL_SWITCH or INN_LIB_CR AC_DEFUN([INN_LIB_OPENSSL_RESTORE], [INN_LIB_HELPER_RESTORE([OPENSSL])]) AC_DEFUN([INN_LIB_CRYPTO_RESTORE], [INN_LIB_HELPER_RESTORE([CRYPTO])]) -dnl Checks if the OpenSSL and crypto libraries are present. The single -dnl argument, if "true", says to fail if the OpenSSL SSL library could not be -dnl found. -AC_DEFUN([_INN_LIB_OPENSSL_INTERNAL], -[AC_REQUIRE([INN_ENABLE_REDUCED_DEPENDS]) - INN_LIB_HELPER_PATHS([OPENSSL]) - CRYPTO_CPPFLAGS="$OPENSSL_CPPFLAGS" - CRYPTO_LDFLAGS="$OPENSSL_LDFLAGS" - CRYPTO_LIBS= - AC_SUBST([CRYPTO_CPPFLAGS]) - AC_SUBST([CRYPTO_LDFLAGS]) - AC_SUBST([CRYPTO_LIBS]) - INN_LIB_OPENSSL_SWITCH - inn_openssl_extra= +dnl Check for the OpenSSL and crypto libraries and assemble OPENSSL_LIBS and +dnl CRYPTO_LIBS. Helper function for _INN_LIB_OPENSSL_INTERNAL. Must be +dnl called with INN_LIB_OPENSSL_SWITCH enabled. +AC_DEFUN([_INN_LIB_OPENSSL_INTERNAL_LIBS], +[inn_openssl_extra= LIBS= AS_IF([test x"$inn_reduced_depends" != xtrue], [AC_SEARCH_LIBS([dlopen], [dl])]) @@ -81,7 +72,25 @@ AC_DEFUN([_INN_LIB_OPENSSL_INTERNAL], [OPENSSL_LIBS="-lssl $CRYPTO_LIBS"], [AS_IF([test x"$1" = xtrue], [AC_MSG_ERROR([cannot find usable OpenSSL library])])], - [$CRYPTO_LIBS])]) + [$CRYPTO_LIBS])])]) + +dnl Checks if the OpenSSL header and OpenSSL and crypto libraries are present. +dnl The single argument, if "true", says to fail if the OpenSSL SSL library +dnl could not be found. +AC_DEFUN([_INN_LIB_OPENSSL_INTERNAL], +[AC_REQUIRE([INN_ENABLE_REDUCED_DEPENDS]) + INN_LIB_HELPER_PATHS([OPENSSL]) + CRYPTO_CPPFLAGS="$OPENSSL_CPPFLAGS" + CRYPTO_LDFLAGS="$OPENSSL_LDFLAGS" + CRYPTO_LIBS= + AC_SUBST([CRYPTO_CPPFLAGS]) + AC_SUBST([CRYPTO_LDFLAGS]) + AC_SUBST([CRYPTO_LIBS]) + INN_LIB_OPENSSL_SWITCH + AC_CHECK_HEADER([openssl/ssl.h], + [_INN_LIB_OPENSSL_INTERNAL_LIBS([$1])], + [AS_IF([test x"$1" = xtrue], + [AC_MSG_ERROR([cannot find usable OpenSSL header])])]) INN_LIB_OPENSSL_RESTORE]) dnl The main macro for packages with mandatory OpenSSL support. @@ -100,6 +109,8 @@ AC_DEFUN([INN_LIB_OPENSSL_OPTIONAL], [AS_IF([test x"$inn_use_OPENSSL" = xtrue], [_INN_LIB_OPENSSL_INTERNAL([true])], [_INN_LIB_OPENSSL_INTERNAL([false])])]) - AS_IF([test x"$OPENSSL_LIBS" != x], + AS_IF([test x"$OPENSSL_LIBS" = x], + [INN_LIB_HELPER_VAR_CLEAR([OPENSSL]) + INN_LIB_HELPER_VAR_CLEAR([CRYPTO])], [inn_use_OPENSSL=true AC_DEFINE([HAVE_OPENSSL], 1, [Define if libssl is available.])])]) diff -Nurp inn-2.6.2/m4/perl.m4 inn-2.6.3/m4/perl.m4 --- inn-2.6.2/m4/perl.m4 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/m4/perl.m4 2019-02-07 07:02:22.000000000 -0800 @@ -1,25 +1,32 @@ dnl Probe for Perl properties and, optionally, flags for embedding Perl. -dnl $Id: perl.m4 10246 2018-02-16 21:12:42Z iulius $ +dnl $Id: perl.m4 10307 2018-12-02 14:31:42Z iulius $ dnl dnl Provides the following macros: dnl dnl INN_PROG_PERL dnl Checks for a specific Perl version and sets the PERL environment dnl variable to the full path, or aborts the configure run if the version -dnl of Perl is not new enough or couldn't be found. +dnl of Perl is not new enough or couldn't be found. Marks PERL as a +dnl substitution variable. dnl dnl INN_PERL_CHECK_MODULE -dnl Checks for the existence of a Perl module and runs provided code based -dnl on whether or not it was found. +dnl Checks for the existence of a Perl module. Runs the second argument +dnl if it is present and the third if it is not. dnl dnl INN_LIB_PERL dnl Determines the flags required for embedding Perl and sets dnl PERL_CPPFLAGS and PERL_LIBS. dnl +dnl INN_PROG_PERL should generally be called before the other two macros. If +dnl it isn't, the PERL environment variable must be set in some other way. +dnl (It cannot be run automatically via dependencies because it takes a +dnl mandatory minimum version argument, which should be provided by the +dnl calling configure script.) +dnl dnl The canonical version of this file is maintained in the rra-c-util dnl package, available at . dnl -dnl Copyright 2016 Russ Allbery +dnl Copyright 2016, 2018 Russ Allbery dnl Copyright 2006, 2009, 2011 Internet Systems Consortium, Inc. ("ISC") dnl Copyright 1998-2003 The Internet Software Consortium dnl @@ -54,7 +61,8 @@ AC_DEFUN([INN_PROG_PERL], ac_path_PERL_found=:])])]) AS_IF([test x"$ac_cv_path_PERL" = x], [AC_MSG_ERROR([Perl $1 or greater is required])]) - PERL="$ac_cv_path_PERL"])]) + PERL="$ac_cv_path_PERL" + AC_SUBST([PERL])])]) dnl Check whether a given Perl module can be loaded. Runs the second argument dnl if it can, and the third argument if it cannot. @@ -97,4 +105,14 @@ AC_DEFUN([INN_LIB_PERL], inn_perl_core_libs=`echo "$inn_perl_core_libs" | sed 's/ *$//'` PERL_CPPFLAGS="$inn_perl_core_flags" PERL_LIBS="$inn_perl_core_libs" - AC_MSG_RESULT([$PERL_LIBS])]) + AC_MSG_RESULT([$PERL_LIBS]) + inn_perl_save_CPPFLAGS="$CPPFLAGS" + inn_perl_save_LIBS="$LIBS" + CPPFLAGS="$PERL_CPPFLAGS $CPPFLAGS" + LIBS="$PERL_LIBS $LIBS" + AC_CHECK_HEADER([EXTERN.h], [], + [AC_MSG_FAILURE([unable to compile with EXTERN.h])]) + AC_CHECK_FUNC([perl_alloc], [], + [AC_MSG_FAILURE([unable to link with Perl library])]) + CPPFLAGS="$inn_perl_save_CPPFLAGS" + LIBS="$inn_perl_save_LIBS"]) diff -Nurp inn-2.6.2/m4/python.m4 inn-2.6.3/m4/python.m4 --- inn-2.6.2/m4/python.m4 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/m4/python.m4 2019-02-07 07:02:22.000000000 -0800 @@ -1,43 +1,145 @@ -dnl python.m4 -- Probe for the details needed to embed Python. -dnl $Id: python.m4 9901 2015-06-14 15:31:12Z iulius $ +dnl Probe for Python properties and, optionally, flags for embedding Python. +dnl $Id: python.m4 10307 2018-12-02 14:31:42Z iulius $ dnl -dnl Defines INN_ARG_PYTHON, which sets up the --with-python command line -dnl argument and also sets various flags needed for embedded Python if it is -dnl requested. +dnl Provides the following macros: dnl -dnl We use the distutils.sysconfig module shipped with Python 2.2.0 and later -dnl to find the compiler and linker flags to use to embed Python. +dnl INN_PROG_PYTHON +dnl Checks for a specific Python version and sets the PYTHON environment +dnl variable to the full path, or aborts the configure run if the version +dnl of Python is not new enough or couldn't be found. Marks PYTHON as a +dnl substitution variable. +dnl +dnl The first argument is a Python version related to the 2.x series (if +dnl empty, it means that Python 2 is not supported). The second argument +dnl is a Python version related to at least the 3.x series (if empty, +dnl it means that Python 3 or later is not supported). +dnl +dnl INN_PYTHON_CHECK_MODULE +dnl Checks for the existence of a Python module. Runs the second argument +dnl if it is present and the third argument if it is not. +dnl +dnl INN_LIB_PYTHON +dnl Determines the flags required for embedding Python and sets +dnl PYTHON_CPPFLAGS and PYTHON_LIBS. +dnl +dnl INN_PROG_PYTHON should generally be called before the other two macros. +dnl If it isn't, the PYTHON environment variable must be set in some other +dnl way. (It cannot be run automatically via dependencies because it takes a +dnl mandatory minimum version argument, which should be provided by the +dnl calling configure script.) +dnl +dnl This macro uses the distutils.sysconfig module shipped with Python 2.2.0 +dnl and later to find the compiler and linker flags to use to embed Python. +dnl It also expects libpython to be in the main library location, which it is +dnl since Python 2.3.0. +dnl +dnl The canonical version of this file is maintained in the rra-c-util +dnl package, available at . +dnl +dnl Copyright 2018 Russ Allbery +dnl Copyright 2009, 2011, 2015, 2018 Julien ÉLIE +dnl Copyright 1998-2003 The Internet Software Consortium +dnl +dnl Permission to use, copy, modify, and distribute this software for any +dnl purpose with or without fee is hereby granted, provided that the above +dnl copyright notice and this permission notice appear in all copies. +dnl +dnl THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH +dnl REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +dnl MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY +dnl SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +dnl WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +dnl ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR +dnl IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +dnl +dnl SPDX-License-Identifier: ISC -AC_DEFUN([INN_ARG_PYTHON], +dnl Command used to probe the Python version. +AC_DEFUN([_INN_PROG_PYTHON_CMD], [[ +import sys +two_okay = False +three_okay = False +if sys.argv[1]: + two_tuple = tuple(int(i) for i in sys.argv[1].split(".")) + if sys.version_info.major == 2 and sys.version_info >= two_tuple: + two_okay = True +if sys.argv[2]: + three_tuple = tuple(int(i) for i in sys.argv[2].split(".")) + if sys.version_info.major > 2 and sys.version_info >= three_tuple: + three_okay = True +assert(two_okay or three_okay) +]]) + +dnl Check for the path to Python and ensure it meets our minimum version +dnl requirement. The first argument specifies the minimum Python 2 version +dnl and the second argument specifies the minimum Python 3 (or later) version. +dnl At least one constraint must be met. Honor the $PYTHON environment +dnl variable, if set. +AC_DEFUN([INN_PROG_PYTHON], [AC_ARG_VAR([PYTHON], [Location of Python interpreter]) - AC_ARG_WITH([python], - [AS_HELP_STRING([--with-python], [Embedded Python module support [no]])], - [AS_CASE([$withval], - [yes], [DO_PYTHON=DO - AC_DEFINE([DO_PYTHON], [1], - [Define to compile in Python module support.])], - [no], [DO_PYTHON=DONT], - [AC_MSG_ERROR([invalid argument to --with-python])])], - [DO_PYTHON=DONT]) - AS_IF([test x"$DO_PYTHON" = xDO], - [INN_PATH_PROG_ENSURE([PYTHON], [python]) - AC_MSG_CHECKING([for Python linkage]) - py_include=`$PYTHON -c 'import distutils.sysconfig; \ - print(distutils.sysconfig.get_python_inc())'` - PYTHON_CPPFLAGS="-I$py_include" - py_ver=`$PYTHON -c 'import sys; print(sys.version[[:3]])'` - py_libdir=`$PYTHON -c 'import distutils.sysconfig; \ - print(distutils.sysconfig.get_python_lib(0, 1))'` - py_linkage=`$PYTHON -c 'import distutils.sysconfig; \ - print(" ".join(distutils.sysconfig.get_config_vars("LIBS", \ - "LIBC", "LIBM", "LOCALMODLIBS", "BASEMODLIBS", \ - "LINKFORSHARED", "LDFLAGS")))'` - py_configdir=`$PYTHON -c 'import distutils.sysconfig; \ - print(distutils.sysconfig.get_config_var("LIBPL"))'` - PYTHON_LIBS="-L$py_configdir -lpython$py_ver $py_linkage" - PYTHON_LIBS=`echo $PYTHON_LIBS | sed -e 's/[ \\t]*/ /g'` - AC_MSG_RESULT([$py_libdir])], - [PYTHON_CPPFLAGS= - PYTHON_LIBS=]) - AC_SUBST([PYTHON_CPPFLAGS]) - AC_SUBST([PYTHON_LIBS])]) + AS_IF([test x"$1" != x], + [inn_py_expected_ver="$1 (2.x series)"], + [inn_py_expected_ver=""]) + AS_IF([test x"$2" != x], + [AS_IF([test x"$1" != x], + [inn_py_expected_ver="$inn_py_expected_ver or "]) + inn_py_expected_ver="${inn_py_expected_ver}$2"]) + AS_IF([test x"$PYTHON" != x], + [AS_IF([! test -x "$PYTHON"], + [AC_MSG_ERROR([Python binary $PYTHON not found])]) + AS_IF([! "$PYTHON" -c '_INN_PROG_PYTHON_CMD()' '$1' '$2' >/dev/null 2>&1], + [AC_MSG_ERROR([Python $inn_py_expected_ver or greater is required])])], + [AC_CACHE_CHECK([for Python version $inn_py_expected_ver or later], + [ac_cv_path_PYTHON], + [AC_PATH_PROGS_FEATURE_CHECK([PYTHON], [python python3 python2], + [AS_IF(["$ac_path_PYTHON" -c '_INN_PROG_PYTHON_CMD()' \ + '$1' '$2' >/dev/null 2>&1], + [ac_cv_path_PYTHON="$ac_path_PYTHON" + ac_path_PYTHON_found=:])])]) + AS_IF([test x"$ac_cv_path_PYTHON" = x], + [AC_MSG_ERROR([Python $inn_py_expected_ver or greater is required])]) + PYTHON="$ac_cv_path_PYTHON" + AC_SUBST([PYTHON])])]) + +dnl Check whether a given Python module can be loaded. Runs the second +dnl argument if it can, and the third argument if it cannot. +AC_DEFUN([INN_PYTHON_CHECK_MODULE], +[AS_LITERAL_IF([$1], [], [m4_fatal([$0: requires literal arguments])])dnl + AS_VAR_PUSHDEF([ac_Module], [inn_cv_python_module_$1])dnl + AC_CACHE_CHECK([for Python module $1], [ac_Module], + [AS_IF(["$PYTHON" -c 'import $1' >/dev/null 2>&1], + [AS_VAR_SET([ac_Module], [yes])], + [AS_VAR_SET([ac_Module], [no])])]) + AS_VAR_IF([ac_Module], [yes], [$2], [$3]) + AS_VAR_POPDEF([ac_Module])]) + +dnl Determine the flags used for embedding Python. +AC_DEFUN([INN_LIB_PYTHON], +[AC_SUBST([PYTHON_CPPFLAGS]) + AC_SUBST([PYTHON_LIBS]) + AC_MSG_CHECKING([for flags to link with Python]) + py_include=`$PYTHON -c 'import distutils.sysconfig; \ + print(distutils.sysconfig.get_python_inc())'` + PYTHON_CPPFLAGS="-I$py_include" + py_libdir=`$PYTHON -c 'import distutils.sysconfig; \ + print(" -L".join(distutils.sysconfig.get_config_vars("LIBDIR")))'` + py_ldlibrary=`$PYTHON -c 'import distutils.sysconfig; \ + print(distutils.sysconfig.get_config_vars("LDLIBRARY")@<:@0@:>@)'` + py_linkage=`$PYTHON -c 'import distutils.sysconfig; \ + print(" ".join(distutils.sysconfig.get_config_vars( \ + "LIBS", "LIBC", "LIBM", "LOCALMODLIBS", "BASEMODLIBS", \ + "LINKFORSHARED", "LDFLAGS")))'` + py_libpython=`echo $py_ldlibrary | sed "s/^lib//" | sed "s/\.@<:@a-z@:>@*$//"` + PYTHON_LIBS="-L$py_libdir -l$py_libpython $py_linkage" + PYTHON_LIBS=`echo $PYTHON_LIBS | sed -e 's/[ \\t]*/ /g'` + AC_MSG_RESULT([$PYTHON_LIBS]) + inn_python_save_CPPFLAGS="$CPPFLAGS" + inn_python_save_LIBS="$LIBS" + CPPFLAGS="$PYTHON_CPPFLAGS $CPPFLAGS" + LIBS="$PYTHON_LIBS $LIBS" + AC_CHECK_HEADER([Python.h], [], + [AC_MSG_FAILURE([unable to compile with Python.h])]) + AC_CHECK_FUNC([Py_Initialize], [], + [AC_MSG_FAILURE([unable to link with Python library])]) + CPPFLAGS="$inn_python_save_CPPFLAGS" + LIBS="$inn_python_save_LIBS"]) diff -Nurp inn-2.6.2/m4/sasl.m4 inn-2.6.3/m4/sasl.m4 --- inn-2.6.2/m4/sasl.m4 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/m4/sasl.m4 2019-02-07 07:02:22.000000000 -0800 @@ -1,5 +1,5 @@ dnl Find the compiler and linker flags for Cyrus SASL. -dnl $Id: sasl.m4 10246 2018-02-16 21:12:42Z iulius $ +dnl $Id: sasl.m4 10306 2018-12-02 14:26:13Z iulius $ dnl dnl Finds the compiler and linker flags for linking with the Cyrus SASL dnl library. Provides the --with-sasl, --with-sasl-lib, and @@ -26,6 +26,7 @@ dnl The canonical version of this file i dnl package, available at . dnl dnl Written by Russ Allbery +dnl Copyright 2018 Russ Allbery dnl Copyright 2013 dnl The Board of Trustees of the Leland Stanford Junior University dnl @@ -49,10 +50,13 @@ dnl "true", says to fail if the Cyrus SA AC_DEFUN([_INN_LIB_SASL_INTERNAL], [INN_LIB_HELPER_PATHS([SASL]) INN_LIB_SASL_SWITCH - AC_CHECK_LIB([sasl2], [sasl_getprop], - [SASL_LIBS="-lsasl2"], + AC_CHECK_HEADER([sasl/sasl.h], + [AC_CHECK_LIB([sasl2], [sasl_getprop], + [SASL_LIBS="-lsasl2"], + [AS_IF([test x"$1" = xtrue], + [AC_MSG_ERROR([cannot find usable Cyrus SASL library])])])], [AS_IF([test x"$1" = xtrue], - [AC_MSG_ERROR([cannot find usable Cyrus SASL library])])]) + [AC_MSG_ERROR([cannot find usable Cyrus SASL header])])]) INN_LIB_SASL_RESTORE]) dnl The main macro for packages with mandatory Cyrus SASL support. @@ -71,6 +75,7 @@ AC_DEFUN([INN_LIB_SASL_OPTIONAL], [AS_IF([test x"$inn_use_SASL" = xtrue], [_INN_LIB_SASL_INTERNAL([true])], [_INN_LIB_SASL_INTERNAL([false])])]) - AS_IF([test x"$SASL_LIBS" != x], + AS_IF([test x"$SASL_LIBS" = x], + [INN_LIB_HELPER_VAR_CLEAR([SASL])], [inn_use_SASL=true AC_DEFINE([HAVE_SASL], 1, [Define if libsasl2 is available.])])]) diff -Nurp inn-2.6.2/m4/zlib.m4 inn-2.6.3/m4/zlib.m4 --- inn-2.6.2/m4/zlib.m4 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/m4/zlib.m4 2019-02-07 07:02:22.000000000 -0800 @@ -1,5 +1,5 @@ dnl Find the compiler and linker flags for the zlib library. -dnl $Id: zlib.m4 10246 2018-02-16 21:12:42Z iulius $ +dnl $Id: zlib.m4 10306 2018-12-02 14:26:13Z iulius $ dnl dnl Finds the compiler and linker flags for linking with the zlib library. dnl Provides the --with-zlib, --with-zlib-lib, and --with-zlib-include @@ -24,6 +24,7 @@ dnl The canonical version of this file i dnl package, available at . dnl dnl Written by Russ Allbery +dnl Copyright 2018 Russ Allbery dnl Copyright 2013 dnl The Board of Trustees of the Leland Stanford Junior University dnl @@ -47,10 +48,13 @@ dnl says to fail if the zlib library cou AC_DEFUN([_INN_LIB_ZLIB_INTERNAL], [INN_LIB_HELPER_PATHS([ZLIB]) INN_LIB_ZLIB_SWITCH - AC_CHECK_LIB([z], [compress], - [ZLIB_LIBS="-lz"], + AC_CHECK_HEADER([zlib.h], + [AC_CHECK_LIB([z], [compress], + [ZLIB_LIBS="-lz"], + [AS_IF([test x"$1" = xtrue], + [AC_MSG_ERROR([cannot find usable zlib library])])])], [AS_IF([test x"$1" = xtrue], - [AC_MSG_ERROR([cannot find usable zlib library])])]) + [AC_MSG_ERROR([cannot find usable zlib header])])]) INN_LIB_ZLIB_RESTORE]) dnl The main macro for packages with mandatory zlib support. @@ -69,6 +73,7 @@ AC_DEFUN([INN_LIB_ZLIB_OPTIONAL], [AS_IF([test x"$inn_use_ZLIB" = xtrue], [_INN_LIB_ZLIB_INTERNAL([true])], [_INN_LIB_ZLIB_INTERNAL([false])])]) - AS_IF([test x"$ZLIB_LIBS" != x], + AS_IF([test x"$ZLIB_LIBS" = x], + [INN_LIB_HELPER_VAR_CLEAR([ZLIB])], [inn_use_ZLIB=true AC_DEFINE([HAVE_ZLIB], 1, [Define if libz is available.])])]) diff -Nurp inn-2.6.2/nnrpd/misc.c inn-2.6.3/nnrpd/misc.c --- inn-2.6.2/nnrpd/misc.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/nnrpd/misc.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: misc.c 10135 2017-01-12 21:09:58Z iulius $ +/* $Id: misc.c 10305 2018-12-02 14:21:56Z iulius $ ** ** Miscellaneous support routines. */ @@ -217,7 +217,7 @@ char * PostRecFilename(char *ip, char *user) { static char buff[SPOOLNAMEBUFF]; - char dirbuff[SPOOLNAMEBUFF]; + char dirbuff[SMBUF+2+3*3]; struct in_addr inaddr; unsigned long int addr; unsigned char quads[4]; diff -Nurp inn-2.6.2/nnrpd/nnrpd.c inn-2.6.3/nnrpd/nnrpd.c --- inn-2.6.2/nnrpd/nnrpd.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/nnrpd/nnrpd.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: nnrpd.c 10229 2018-01-28 21:21:21Z iulius $ +/* $Id: nnrpd.c 10320 2018-12-29 13:46:28Z iulius $ ** ** NNTP server for readers (NNRP) for InterNetNews. ** @@ -578,10 +578,10 @@ Address2Name(struct sockaddr *sa, sockle /* -** Determine access rights of the client. +** Determine hostname and IP of the client, amongst other information. */ static void -StartConnection(unsigned short port) +GetClientInfo(unsigned short port) { static const char *default_host_error = "unknown error"; struct sockaddr_storage ssc, sss; @@ -666,10 +666,6 @@ StartConnection(unsigned short port) #endif notice("%s (%s) connect - port %u", Client.host, Client.ip, port); - - PERMgetinitialaccess(NNRPACCESS); - PERMgetaccess(true); - PERMgetpermissions(); } @@ -1326,7 +1322,10 @@ main(int argc, char *argv[]) if (initialSSL) { tls_init(); if (tls_start_servertls(0, 1) == -1) { - Reply("%d Encrypted TLS connection failed\r\n", NNTP_FAIL_TERMINATING); + GetClientInfo(ListenPort); + notice("%s failure to negotiate TLS session", Client.host); + Reply("%d Encrypted TLS connection failed\r\n", + NNTP_FAIL_TERMINATING); ExitWithStats(1, false); } encryption_layer_on = true; @@ -1349,7 +1348,9 @@ main(int argc, char *argv[]) warn("cannot obtain system load"); else { if ((unsigned long)(load[0] + 0.5) > innconf->nnrpdloadlimit) { - syslog(L_NOTICE, "load %.2f > %lu", load[0], innconf->nnrpdloadlimit); + GetClientInfo(ListenPort); + notice("%s load %.2f > %lu", Client.host, + load[0], innconf->nnrpdloadlimit); Reply("%d load at %.2f, try later\r\n", NNTP_FAIL_TERMINATING, load[0]); ExitWithStats(1, true); @@ -1361,7 +1362,11 @@ main(int argc, char *argv[]) xsignal(SIGPIPE, CatchPipe); /* Get permissions and see if we can talk to this client. */ - StartConnection(ListenPort); + GetClientInfo(ListenPort); + PERMgetinitialaccess(NNRPACCESS); + PERMgetaccess(true); + PERMgetpermissions(); + if (!PERMcanread && !PERMcanpost && !PERMneedauth) { syslog(L_NOTICE, "%s no_permission", Client.host); Reply("%d You have no permission to talk. Goodbye!\r\n", diff -Nurp inn-2.6.2/nnrpd/nnrpd.h inn-2.6.3/nnrpd/nnrpd.h --- inn-2.6.2/nnrpd/nnrpd.h 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/nnrpd/nnrpd.h 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: nnrpd.h 10229 2018-01-28 21:21:21Z iulius $ +/* $Id: nnrpd.h 10306 2018-12-02 14:26:13Z iulius $ ** ** NetNews Reading Protocol server. */ @@ -26,17 +26,11 @@ #include "inn/vector.h" #include "inn/timer.h" -#ifndef HAVE_SASL_SASL_H -# undef HAVE_SASL -#endif #ifdef HAVE_SASL #include #include #endif -#if !defined(HAVE_ZLIB_H) -# undef HAVE_ZLIB -#endif #if defined(HAVE_ZLIB) # include #endif @@ -308,6 +302,11 @@ void PY_access(char* path, struct vector void PY_close_python(void); int PY_dynamic(char *Username, char *NewsGroup, int PostFlag, char **reply_message); void PY_dynamic_init (char* file); +# if PY_MAJOR_VERSION >= 3 +extern PyMODINIT_FUNC PyInit_nnrpd(void); +# else +extern void PyInit_nnrpd(void); +# endif #endif /* DO_PYTHON */ void line_free(struct line *); diff -Nurp inn-2.6.2/nnrpd/perl.c inn-2.6.3/nnrpd/perl.c --- inn-2.6.2/nnrpd/perl.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/nnrpd/perl.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: perl.c 10229 2018-01-28 21:21:21Z iulius $ +/* $Id: perl.c 10305 2018-12-02 14:21:56Z iulius $ ** ** Embedded Perl support for INN. ** @@ -45,7 +45,7 @@ extern bool PerlLoaded; /* #define DEBUG_MODIFY only if you want to see verbose output. */ #ifdef DEBUG_MODIFY static FILE *flog; -void dumpTable(char *msg); +void dumpTable(const char *msg); #endif /* DEBUG_MODIFY */ char * @@ -435,7 +435,7 @@ perlAuthenticate(char *user, char *passw #ifdef DEBUG_MODIFY void -dumpTable (char *msg) +dumpTable (const char *msg) { HEADER *hp; int i; diff -Nurp inn-2.6.2/nnrpd/post.c inn-2.6.3/nnrpd/post.c --- inn-2.6.2/nnrpd/post.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/nnrpd/post.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: post.c 10264 2018-03-10 14:52:27Z iulius $ +/* $Id: post.c 10305 2018-12-02 14:21:56Z iulius $ ** ** Check article, send it to the local server. */ @@ -341,13 +341,14 @@ ProcessHeaders(char *idbuff, bool needmo static char orgbuff[SMBUF]; static char pathidentitybuff[SMBUF]; static char complaintsbuff[SMBUF]; - static char postingaccountbuff[SMBUF]; - static char postinghostbuff[SMBUF*2]; /* Allocate enough room. */ + static char postingaccountbuff[SMBUF*2]; /* Allocate enough room. */ + static char postinghostbuff[SMBUF*2]; static char sendbuff[SMBUF*2]; - static char injectioninfobuff[SMBUF]; + static char injectioninfobuff[SMBUF*7]; static char *newpath = NULL; HEADER *hp; char *p; + char *fqdn = NULL; time_t t, now; const char *error; pid_t pid; @@ -561,11 +562,15 @@ ProcessHeaders(char *idbuff, bool needmo if (VirtualPathlen > 0) { p = PERMaccessconf->domain; } else { - if ((p = GetFQDN(PERMaccessconf->domain)) == NULL) { - p = (char *) "unknown"; - } + fqdn = inn_getfqdn(PERMaccessconf->domain); + if (fqdn == NULL) + p = (char *) "unknown"; + else + p = fqdn; } snprintf(pathidentitybuff, sizeof(pathidentitybuff), "%s", p); + free(fqdn); + p = NULL; /* Set the posting-account value. */ if (PERMaccessconf->addinjectionpostingaccount && PERMuser[0] != '\0') { diff -Nurp inn-2.6.2/nnrpd/python.c inn-2.6.3/nnrpd/python.c --- inn-2.6.2/nnrpd/python.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/nnrpd/python.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -/* $Id: python.c 10229 2018-01-28 21:21:21Z iulius $ +/* $Id: python.c 10313 2018-12-17 08:46:18Z iulius $ ** ** python.c: Embed Python in the style of nnrpd's Perl stuff ** (authentication, authorization and dynamic hooks @@ -42,6 +42,20 @@ typedef int Py_ssize_t; #endif +#if PY_MAJOR_VERSION >= 3 +# define PyInt_AS_LONG PyLong_AS_LONG +# define PyInt_Check PyLong_Check +# define PyInt_FromLong PyLong_FromLong +# define PyString_AS_STRING PyUnicode_AsUTF8 +# define PyString_AsString PyUnicode_AsUTF8 +# define PyString_Check PyUnicode_Check +# define PYBUFF_FROMMEMORY(str, len) \ + PyMemoryView_FromMemory((str), (len), PyBUF_WRITE) +#else +# define PYBUFF_FROMMEMORY(str, len) \ + PyBuffer_FromMemory((str), (len)) +#endif + #include "clibrary.h" #include "inn/innconf.h" @@ -118,13 +132,13 @@ char* dynamic_file; ** or -1 if method is not defined. */ void -PY_authenticate(char* file, char *Username, char *Password, int *code, +PY_authenticate(char* file, char *User, char *Password, int *code, char *errorstring, char *newUser) { PyObject *result, *item, *proc; int authnum; int i; - char *temp; + const char *temp; PY_load_python(); proc = PY_setup(PYTHONauthen, PYTHONmain, file); @@ -137,11 +151,11 @@ PY_authenticate(char* file, char *Userna authnum = 0; /* Client hostname. */ - PYauthitem[authnum] = PyBuffer_FromMemory(Client.host, strlen(Client.host)); + PYauthitem[authnum] = PYBUFF_FROMMEMORY(Client.host, strlen(Client.host)); PyDict_SetItemString(PYauthinfo, PYTHONhostname, PYauthitem[authnum++]); /* Client IP number. */ - PYauthitem[authnum] = PyBuffer_FromMemory(Client.ip, strlen(Client.ip)); + PYauthitem[authnum] =PYBUFF_FROMMEMORY(Client.ip, strlen(Client.ip)); PyDict_SetItemString(PYauthinfo, PYTHONipaddress, PYauthitem[authnum++]); /* Client port number. */ @@ -149,11 +163,13 @@ PY_authenticate(char* file, char *Userna PyDict_SetItemString(PYauthinfo, PYTHONport, PYauthitem[authnum++]); /* Server interface the connection comes to. */ - PYauthitem[authnum] = PyBuffer_FromMemory(Client.serverhost, strlen(Client.serverhost)); + PYauthitem[authnum] = PYBUFF_FROMMEMORY(Client.serverhost, + strlen(Client.serverhost)); PyDict_SetItemString(PYauthinfo, PYTHONinterface, PYauthitem[authnum++]); /* Server IP number. */ - PYauthitem[authnum] = PyBuffer_FromMemory(Client.serverip, strlen(Client.serverip)); + PYauthitem[authnum] = PYBUFF_FROMMEMORY(Client.serverip, + strlen(Client.serverip)); PyDict_SetItemString(PYauthinfo, PYTHONintipaddr, PYauthitem[authnum++]); /* Server port number. */ @@ -161,10 +177,10 @@ PY_authenticate(char* file, char *Userna PyDict_SetItemString(PYauthinfo, PYTHONintport, PYauthitem[authnum++]); /* Username if known. */ - if (Username == NULL) { + if (User == NULL) { PYauthitem[authnum] = Py_None; } else { - PYauthitem[authnum] = PyBuffer_FromMemory(Username, strlen(Username)); + PYauthitem[authnum] = PYBUFF_FROMMEMORY(User, strlen(User)); } PyDict_SetItemString(PYauthinfo, PYTHONuser, PYauthitem[authnum++]); @@ -172,7 +188,7 @@ PY_authenticate(char* file, char *Userna if (Password == NULL) { PYauthitem[authnum] = Py_None; } else { - PYauthitem[authnum] = PyBuffer_FromMemory(Password, strlen(Password)); + PYauthitem[authnum] = PYBUFF_FROMMEMORY(Password, strlen(Password)); } PyDict_SetItemString(PYauthinfo, PYTHONpass, PYauthitem[authnum++]); @@ -259,7 +275,7 @@ PY_authenticate(char* file, char *Userna ** If the access group cannot be generated, the connection is closed. */ void -PY_access(char* file, struct vector *access_vec, char *Username) +PY_access(char* file, struct vector *access_vec, char *User) { PyObject *result, *key, *value, *proc; char *buffer; @@ -281,11 +297,11 @@ PY_access(char* file, struct vector *acc authnum = 0; /* Client hostname. */ - PYauthitem[authnum] = PyBuffer_FromMemory(Client.host, strlen(Client.host)); + PYauthitem[authnum] = PYBUFF_FROMMEMORY(Client.host, strlen(Client.host)); PyDict_SetItemString(PYauthinfo, PYTHONhostname, PYauthitem[authnum++]); /* Client IP number. */ - PYauthitem[authnum] = PyBuffer_FromMemory(Client.ip, strlen(Client.ip)); + PYauthitem[authnum] = PYBUFF_FROMMEMORY(Client.ip, strlen(Client.ip)); PyDict_SetItemString(PYauthinfo, PYTHONipaddress, PYauthitem[authnum++]); /* Client port number. */ @@ -293,11 +309,13 @@ PY_access(char* file, struct vector *acc PyDict_SetItemString(PYauthinfo, PYTHONport, PYauthitem[authnum++]); /* Server interface the connection comes to. */ - PYauthitem[authnum] = PyBuffer_FromMemory(Client.serverhost, strlen(Client.serverhost)); + PYauthitem[authnum] = PYBUFF_FROMMEMORY(Client.serverhost, + strlen(Client.serverhost)); PyDict_SetItemString(PYauthinfo, PYTHONinterface, PYauthitem[authnum++]); /* Server IP number. */ - PYauthitem[authnum] = PyBuffer_FromMemory(Client.serverip, strlen(Client.serverip)); + PYauthitem[authnum] = PYBUFF_FROMMEMORY(Client.serverip, + strlen(Client.serverip)); PyDict_SetItemString(PYauthinfo, PYTHONintipaddr, PYauthitem[authnum++]); /* Server port number. */ @@ -305,7 +323,7 @@ PY_access(char* file, struct vector *acc PyDict_SetItemString(PYauthinfo, PYTHONintport, PYauthitem[authnum++]); /* Username. */ - PYauthitem[authnum] = PyBuffer_FromMemory(Username, strlen(Username)); + PYauthitem[authnum] = PYBUFF_FROMMEMORY(User, strlen(User)); PyDict_SetItemString(PYauthinfo, PYTHONuser, PYauthitem[authnum++]); /* Password is not known. */ @@ -392,10 +410,11 @@ PY_dynamic_init (char* file) ** Return negative value if dynamic method is not defined. */ int -PY_dynamic(char *Username, char *NewsGroup, int PostFlag, char **reply_message) +PY_dynamic(char *User, char *NewsGroup, int PostFlag, char **reply_message) { PyObject *result, *proc; - char *string, *temp; + char *string; + const char *temp; int authnum; int i; @@ -410,11 +429,11 @@ PY_dynamic(char *Username, char *NewsGro authnum = 0; /* Client hostname. */ - PYauthitem[authnum] = PyBuffer_FromMemory(Client.host, strlen(Client.host)); + PYauthitem[authnum] = PYBUFF_FROMMEMORY(Client.host, strlen(Client.host)); PyDict_SetItemString(PYauthinfo, PYTHONhostname, PYauthitem[authnum++]); /* Client IP number. */ - PYauthitem[authnum] = PyBuffer_FromMemory(Client.ip, strlen(Client.ip)); + PYauthitem[authnum] = PYBUFF_FROMMEMORY(Client.ip, strlen(Client.ip)); PyDict_SetItemString(PYauthinfo, PYTHONipaddress, PYauthitem[authnum++]); /* Client port number. */ @@ -422,11 +441,13 @@ PY_dynamic(char *Username, char *NewsGro PyDict_SetItemString(PYauthinfo, PYTHONport, PYauthitem[authnum++]); /* Server interface the connection comes to. */ - PYauthitem[authnum] = PyBuffer_FromMemory(Client.serverhost, strlen(Client.serverhost)); + PYauthitem[authnum] = PYBUFF_FROMMEMORY(Client.serverhost, + strlen(Client.serverhost)); PyDict_SetItemString(PYauthinfo, PYTHONinterface, PYauthitem[authnum++]); /* Server IP number. */ - PYauthitem[authnum] = PyBuffer_FromMemory(Client.serverip, strlen(Client.serverip)); + PYauthitem[authnum] = PYBUFF_FROMMEMORY(Client.serverip, + strlen(Client.serverip)); PyDict_SetItemString(PYauthinfo, PYTHONintipaddr, PYauthitem[authnum++]); /* Server port number. */ @@ -434,7 +455,7 @@ PY_dynamic(char *Username, char *NewsGro PyDict_SetItemString(PYauthinfo, PYTHONintport, PYauthitem[authnum++]); /* Username. */ - PYauthitem[authnum] = PyBuffer_FromMemory(Username, strlen(Username)); + PYauthitem[authnum] = PYBUFF_FROMMEMORY(User, strlen(User)); PyDict_SetItemString(PYauthinfo, PYTHONuser, PYauthitem[authnum++]); /* Password is not known. */ @@ -443,11 +464,11 @@ PY_dynamic(char *Username, char *NewsGro /* Assign authentication type. */ PYauthitem[authnum] = - PyBuffer_FromMemory((char *)(PostFlag ? "post" : "read"), 4); + PYBUFF_FROMMEMORY((char *)(PostFlag ? "post" : "read"), 4); PyDict_SetItemString(PYauthinfo, PYTHONtype, PYauthitem[authnum++]); /* Newsgroup user tries to access. */ - PYauthitem[authnum] = PyBuffer_FromMemory(NewsGroup, strlen(NewsGroup)); + PYauthitem[authnum] = PYBUFF_FROMMEMORY(NewsGroup, strlen(NewsGroup)); PyDict_SetItemString(PYauthinfo, PYTHONnewsgroup, PYauthitem[authnum++]); /* @@ -548,10 +569,10 @@ static PyObject * PY_syslog(PyObject *self UNUSED, PyObject *args) { char *loglevel; - int levellen; + Py_ssize_t levellen; char *logmsg; - int msglen; - int priority; + Py_ssize_t msglen; + int priority; /* Get loglevel and message. */ if (!PyArg_ParseTuple(args, (char *) "s#s#", &loglevel, &levellen, @@ -595,6 +616,36 @@ static PyMethodDef nnrpdPyMethods[] = { METHOD(NULL, NULL, 0, "") }; +#if PY_MAJOR_VERSION >= 3 +static struct PyModuleDef nnrpdPyModule = { + PyModuleDef_HEAD_INIT, /* m_base */ + (char *) "nnrpd", /* m_name */ + (char *) "nnrpd Python filter hook", /* m_doc */ + -1, /* m_size */ + nnrpdPyMethods, /* m_methods */ + NULL, /* m_slots */ + NULL, /* m_traverse */ + NULL, /* m_clear */ + NULL, /* m_free */ +}; + +PyMODINIT_FUNC +PyInit_nnrpd(void) { + PyObject *module = PyModule_Create(&nnrpdPyModule); + + if (module == NULL) + syslog(L_ERROR, "failed to create nnrpd python module"); + + return module; +} +#else +void +PyInit_nnrpd(void) { + if (Py_InitModule3((char *) "nnrpd", nnrpdPyMethods, + (char *) "nnrpd Python filter hook") == NULL) + syslog(L_ERROR, "failed to initialize nnrpd python module"); +} +#endif /* @@ -635,6 +686,9 @@ PY_load_python(void) */ setenv("PYTHONPATH", innconf->pathfilter, 1); + /* Build a module interface to certain nnrpd functions. */ + PyImport_AppendInittab("nnrpd", &PyInit_nnrpd); + /* Load up the interpreter ;-O */ Py_Initialize(); @@ -648,9 +702,6 @@ PY_load_python(void) return; } - /* Build a module interface to certain nnrpd functions. */ - Py_InitModule((char *) "nnrpd", nnrpdPyMethods); - /* ** Grab space for authinfo dictionary so we aren't forever ** recreating them. diff -Nurp inn-2.6.2/nnrpd/tls.c inn-2.6.3/nnrpd/tls.c --- inn-2.6.2/nnrpd/tls.c 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/nnrpd/tls.c 2019-02-07 07:02:22.000000000 -0800 @@ -1,17 +1,10 @@ -/* $Id: tls.c 10198 2017-12-10 15:22:43Z iulius $ +/* $Id: tls.c 10309 2018-12-02 14:35:10Z iulius $ ** -** tls.c -- TLSv1 functions. +** tls.c -- TLS functions. ** Copyright (C) 2000 Kenichi Okada . ** ** Author: Kenichi Okada ** Created: 2000-02-22 -** -** [RFC 2246] "The TLS Protocol Version 1.0" -** by Christopher Allen and -** Tim Dierks (1999/01) -** -** [RFC 2595] "Using TLS with IMAP, POP3 and ACAP" -** by Chris Newman (1999/06) */ #include "config.h" @@ -479,7 +472,8 @@ tls_init_serverengine(int verifydepth, i char *tls_CAfile, char *tls_CApath, char *tls_cert_file, char *tls_key_file, bool prefer_server_ciphers, bool tls_compression, struct vector *tls_proto_vect, - char *tls_ciphers, char *tls_ec_curve UNUSED) + char *tls_ciphers, char *tls_ciphers13 UNUSED, + char *tls_ec_curve UNUSED) { int off = 0; int verify_flags = SSL_VERIFY_NONE; @@ -569,12 +563,17 @@ tls_init_serverengine(int verifydepth, i if (eckey != NULL) { SSL_CTX_set_tmp_ecdh(CTX, eckey); } else { -# ifdef SSL_CTX_set_ecdh_auto +# if OPENSSL_VERSION_NUMBER < 0x010100000L +# if OPENSSL_VERSION_NUMBER >= 0x01000200fL + /* Function supported since OpenSSL 1.0.2. + * Removed since OpenSSL 1.1.0, supporting ECDH by default with + * the most appropriate parameters. */ SSL_CTX_set_ecdh_auto(CTX, 1); -# else +# else SSL_CTX_set_tmp_ecdh(CTX, EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); -# endif /* SSL_CTX_set_ecdh_auto */ +# endif /* SSL_CTX_set_ecdh_auto */ +# endif /* OpenSSL version < 1.1.0 */ } #endif /* HAVE_OPENSSL_ECC */ @@ -653,6 +652,16 @@ tls_init_serverengine(int verifydepth, i } } +#if OPENSSL_VERSION_NUMBER >= 0x01010100fL + /* New API added in OpenSSL 1.1.1 for TLSv1.3 cipher suites. */ + if (tls_ciphers13 != NULL) { + if (SSL_CTX_set_ciphersuites(CTX, tls_ciphers13) == 0) { + syslog(L_ERROR, "TLS engine: cannot set ciphersuites"); + return (-1); + } + } +#endif + if (tls_compression) { #if defined(SSL_OP_NO_COMPRESSION) && OPENSSL_VERSION_NUMBER >= 0x0009080dfL /* Function first added in OpenSSL 0.9.8m. */ @@ -709,6 +718,7 @@ tls_init(void) innconf->tlscompression, innconf->tlsprotocols, innconf->tlsciphers, + innconf->tlsciphers13, innconf->tlseccurve); if (ssl_result == -1) { diff -Nurp inn-2.6.2/nnrpd/tls.h inn-2.6.3/nnrpd/tls.h --- inn-2.6.2/nnrpd/tls.h 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/nnrpd/tls.h 2019-02-07 07:02:22.000000000 -0800 @@ -1,22 +1,12 @@ -/* $Id: tls.h 10198 2017-12-10 15:22:43Z iulius $ +/* $Id: tls.h 10309 2018-12-02 14:35:10Z iulius $ ** -** tls.h -- TLSv1 functions. +** tls.h -- TLS functions. ** Copyright (C) 2000 Kenichi Okada . ** ** Author: Kenichi Okada ** Created: 2000-02-22 -** -** [RFC 2246] "The TLS Protocol Version 1.0" -** by Christopher Allen and -** Tim Dierks (1999/01) -** -** [RFC 2595] "Using TLS with IMAP, POP3 and ACAP" -** by Chris Newman (1999/06) */ -#ifndef HAVE_OPENSSL_SSL_H -# undef HAVE_OPENSSL -#endif #ifdef HAVE_OPENSSL #ifndef TLS_H @@ -63,6 +53,7 @@ int tls_init_serverengine(int verifydept bool tls_compression, struct vector *tls_protocols, char *tls_ciphers, + char *tls_ciphers13, char *tls_ec_curve); /* Init TLS. */ diff -Nurp inn-2.6.2/perl/INN/Config.pm.in inn-2.6.3/perl/INN/Config.pm.in --- inn-2.6.2/perl/INN/Config.pm.in 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/perl/INN/Config.pm.in 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -## $Id: Config.pm.in 10245 2018-02-16 21:11:59Z iulius $ +## $Id: Config.pm.in 10283 2018-05-14 12:43:05Z iulius $ ## ## Perl module which sets up any and all variables that an ## INN Perl script might need. @@ -209,7 +209,7 @@ INN::Config - Export all the variables a =head1 DESCRIPTION This Perl module sets up any and all the variables that an INN Perl script -might need. More particularly, it allows to use F variables: +might need. More particularly, it allows using F variables: they are all provided by B, as well as the version of INN (in the variable C<$INN::Config::VERSION> for its short number form, on in C<$INN::Config::version> for its complete form). Other useful variables @@ -277,7 +277,7 @@ F was written by James for InterNetNews in 1996. It was converted to the INN::Config Perl module by Julien Elie in 2007. -$Id: Config.pm.in 10245 2018-02-16 21:11:59Z iulius $ +$Id: Config.pm.in 10283 2018-05-14 12:43:05Z iulius $ =head1 SEE ALSO diff -Nurp inn-2.6.2/samples/actsync.cfg inn-2.6.3/samples/actsync.cfg --- inn-2.6.2/samples/actsync.cfg 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/samples/actsync.cfg 2019-02-07 07:02:22.000000000 -0800 @@ -1,8 +1,8 @@ -## $Id: actsync.cfg 7651 2007-08-20 10:28:34Z iulius $ +## $Id: actsync.cfg 10283 2018-05-14 12:43:05Z iulius $ ## ## Sample actsync configuration file. ## -## It permits to synchronize, compare, or merge active files. +## It permits synchronizing, comparing, or merging active files. ## It is useful for keeping the list of carried newsgroups ## up to date. ## See the actsync man page for more information. diff -Nurp inn-2.6.2/samples/filter_innd.py inn-2.6.3/samples/filter_innd.py --- inn-2.6.2/samples/filter_innd.py 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/samples/filter_innd.py 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -## $Id: filter_innd.py 10263 2018-03-10 14:51:53Z iulius $ +## $Id: filter_innd.py 10282 2018-05-14 12:42:14Z iulius $ ## ## This is a sample filter for the Python innd hook. ## @@ -18,11 +18,11 @@ import re from string import * +import sys ## The built-in intern() method has been in the sys module ## since Python 3.0. -import sys if sys.version_info[0] >= 3: def intern(headerName): return sys.intern(headerName) @@ -157,6 +157,8 @@ class InndFilter: """ return "" # Deactivate the samples. + syslog('notice', "just seen %s" % msgid) + if self.re_none44.search(msgid): return "But I don't like spam!" if msgid[0:8] == ' Delimiter; pick from [,:@;?!]. +## Delimiter; pick from [!,:@;?]. ## State to enter if true. ## States we must be in to match. -## Command to run to test condition. -## Operator to use in test(1) command. +## Command to run to test condition. +## Operator to use in test(1) condition. ## Value to test against. ## Command for innwatch to perform; use exit, ## flush, go, pause, shutdown, skip, or throttle. diff -Nurp inn-2.6.2/samples/nnrpd_access.py inn-2.6.3/samples/nnrpd_access.py --- inn-2.6.2/samples/nnrpd_access.py 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/samples/nnrpd_access.py 2019-02-07 07:02:22.000000000 -0800 @@ -1,10 +1,10 @@ -## $Id: nnrpd_access.py 8250 2008-12-23 12:00:46Z iulius $ +## $Id: nnrpd_access.py 10282 2018-05-14 12:42:14Z iulius $ ## ## This is a sample access module for the Python nnrpd hook. ## ## See the INN Python Filtering and Authentication Hooks documentation ## for more information. -## The perl_access: parameter in readers.conf is used to load this script. +## The python_access: parameter in readers.conf is used to load this script. ## ## An instance of ACCESS class is passed to nnrpd via the set_auth_hook() ## function imported from nnrpd. The following methods of that class @@ -25,8 +25,8 @@ ## your state variables or close a ## database connection. May be omitted. ## -## If there is a problem with return codes from any of these methods, then nnrpd -## will die and syslog the exact reason. +## If there is a problem with return codes from any of these methods, +## then nnrpd will die and syslog the exact reason. ## ## There are also a few Python functions defined in nnrpd: ## @@ -53,20 +53,26 @@ class ACCESS: def access(self, attributes): """Called when python_access: is encountered in readers.conf.""" - # Just for debugging purposes. - syslog('notice', 'n_a access() invoked: hostname %s, ipaddress %s, interface %s, user %s' % ( \ - attributes['hostname'], \ - attributes['ipaddress'], \ - attributes['interface'], \ - attributes['user'])) + # Just for debugging purposes (in Python 3.x syntax). + # syslog('notice', 'n_a access() invoked: hostname %s, ipaddress %s, port %lu, interface %s, intipaddr %s, intport %lu, user %s' % ( \ + # attributes['hostname'].tobytes(), \ + # attributes['ipaddress'].tobytes(), \ + # attributes['port'], \ + # attributes['interface'].tobytes(), \ + # attributes['intipaddr'].tobytes(), \ + # attributes['intport'], \ + # (attributes['user'].tobytes() if attributes['user'] else "-"))) # Allow newsreading from specific host only. - if '127.0.0.1' == str(attributes['ipaddress']): - syslog('notice', 'authentication access by IP address succeeded') - return {'read':'*', 'post':'*'} - else: - syslog('notice', 'authentication access by IP address failed') - return {'read':'!*', 'post':'!*'} + # Python 2.x syntax: + # if '127.0.0.1' == str(attributes['ipaddress']): + # Python 3.x syntax: + # if b'127.0.0.1' == attributes['ipaddress'].tobytes(): + # syslog('notice', 'authentication access by IP address succeeded') + # return {'read':'*', 'post':'*'} + + syslog('notice', 'authentication access by IP address failed') + return {'read':'!*', 'post':'!*'} def access_close(self): """Called on nnrpd termination.""" @@ -85,9 +91,10 @@ myaccess = ACCESS() ## ...and try to hook up on nnrpd. This would make auth object methods visible ## to nnrpd. +import sys try: set_auth_hook(myaccess) syslog('notice', "access module successfully hooked into nnrpd") -except Exception, errmsg: # Syntax for Python 2.x. -#except Exception as errmsg: # Syntax for Python 3.x. - syslog('error', "Cannot obtain nnrpd hook for access method: %s" % errmsg[0]) +except Exception: # Syntax valid in both Python 2.x and 3.x. + e = sys.exc_info()[1] + syslog('error', "Cannot obtain nnrpd hook for access method: %s" % e.args[0]) diff -Nurp inn-2.6.2/samples/nnrpd_access_wrapper.py inn-2.6.3/samples/nnrpd_access_wrapper.py --- inn-2.6.2/samples/nnrpd_access_wrapper.py 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/samples/nnrpd_access_wrapper.py 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -## $Id: nnrpd_access_wrapper.py 8251 2008-12-23 12:22:03Z iulius $ +## $Id: nnrpd_access_wrapper.py 10282 2018-05-14 12:42:14Z iulius $ ## ## Example wrapper for support of old Python authentication scripts, ## by Erik Klavon. @@ -35,14 +35,16 @@ class MYACCESS: # Python 3.x uses memoryview(b'connect') because buffers # do not exist any longer. Note that the argument is # a bytes object. - # attributes['type'] = memoryview(b'connect') - attributes['type'] = buffer('connect') - perm = (self.old).authenticate(attributes) + # attributes['type'] = memoryview(b'connect') + # perm = (self.old).authenticate(attributes) + # whereas in Python 2.x: + # attributes['type'] = buffer('connect') + # perm = (self.old).authenticate(attributes) result = dict({'users': '*'}) - if perm[1] == 1: - result['read'] = perm[3] - if perm[2] == 1: - result['post'] = perm[3] + #if perm[1] == 1: + # result['read'] = perm[3] + #if perm[2] == 1: + # result['post'] = perm[3] return result def access_close(self): @@ -59,11 +61,12 @@ from nnrpd import * ## Create a class instance. myaccess = MYACCESS() -## ...and try to hook up on nnrpd. This would make access object methods visible -## to nnrpd. +## ...and try to hook up on nnrpd. This would make access object methods +## visible to nnrpd. +import sys try: set_auth_hook(myaccess) syslog('notice', "access module successfully hooked into nnrpd") -except Exception, errmsg: # Syntax for Python 2.x. -#except Exception as errmsg: # Syntax for Python 3.x. - syslog('error', "Cannot obtain nnrpd hook for access method: %s" % errmsg[0]) +except Exception: # Syntax valid in both Python 2.x and 3.x. + e = sys.exc_info()[1] + syslog('error', "Cannot obtain nnrpd hook for access method: %s" % e.args[0]) diff -Nurp inn-2.6.2/samples/nnrpd_auth.py inn-2.6.3/samples/nnrpd_auth.py --- inn-2.6.2/samples/nnrpd_auth.py 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/samples/nnrpd_auth.py 2019-02-07 07:02:22.000000000 -0800 @@ -1,10 +1,10 @@ -## $Id: nnrpd_auth.py 8639 2009-09-29 20:12:25Z iulius $ +## $Id: nnrpd_auth.py 10282 2018-05-14 12:42:14Z iulius $ ## ## This is a sample authentication module for the Python nnrpd hook. ## ## See the INN Python Filtering and Authentication Hooks documentation ## for more information. -## The perl_auth: parameter in readers.conf is used to load this script. +## The python_auth: parameter in readers.conf is used to load this script. ## ## An instance of AUTH class is passed to nnrpd via the set_auth_hook() ## function imported from nnrpd. The following methods of that class @@ -28,8 +28,8 @@ ## your state variables or close a database ## connection. May be omitted. ## -## If there is a problem with return codes from any of these methods, then nnrpd -## will die and syslog the exact reason. +## If there is a problem with return codes from any of these methods, +## then nnrpd will die and syslog the exact reason. ## ## There are also a few Python functions defined in nnrpd: ## @@ -63,21 +63,31 @@ class AUTH: def authenticate(self, attributes): """Called when python_auth: is encountered in readers.conf.""" - # Just for debugging purposes. - syslog('notice', 'n_a authenticate() invoked: hostname %s, ipaddress %s, interface %s, user %s' % ( \ - attributes['hostname'], \ - attributes['ipaddress'], \ - attributes['interface'], \ - attributes['user'])) + # Just for debugging purposes (in Python 3.x syntax). + # By default, do not log passwords (available in attributes['pass']). + # syslog('notice', 'n_a authenticate() invoked: hostname %s, ipaddress %s, port %lu, interface %s, intipaddr %s, intport %lu, user %s' % ( \ + # attributes['hostname'].tobytes(), \ + # attributes['ipaddress'].tobytes(), \ + # attributes['port'], \ + # attributes['interface'].tobytes(), \ + # attributes['intipaddr'].tobytes(), \ + # attributes['intport'], \ + # (attributes['user'].tobytes() if attributes['user'] else "-"))) # Do username password authentication. - if 'foo' == str(attributes['user']) \ - and 'foo' == str(attributes['pass']): - syslog('notice', 'authentication by username succeeded') - return (self.authcodes['ALLOWED'], 'No error', 'default_user') - else: - syslog('notice', 'authentication by username failed') - return (self.authcodes['DENIED'], 'Access Denied!') + # Python 2.x syntax: + # if attributes['user'] and attributes['pass'] \ + # and 'foo' == str(attributes['user']) \ + # and 'foo' == str(attributes['pass']): + # Python 3.x syntax: + # if attributes['user'] and attributes['pass'] \ + # and b'foo' == attributes['user'].tobytes() \ + # and b'foo' == attributes['pass'].tobytes(): + # syslog('notice', 'authentication by username succeeded') + # return (self.authcodes['ALLOWED'], 'No error', 'default_user') + + syslog('notice', 'authentication by username failed') + return (self.authcodes['DENIED'], 'Access Denied!') def authen_close(self): """Called on nnrpd termination.""" @@ -96,9 +106,10 @@ myauth = AUTH() ## ...and try to hook up on nnrpd. This would make auth object methods visible ## to nnrpd. +import sys try: set_auth_hook(myauth) syslog('notice', "authentication module successfully hooked into nnrpd") -except Exception, errmsg: # Syntax for Python 2.x. -#except Exception as errmsg: # Syntax for Python 3.x. - syslog('error', "Cannot obtain nnrpd hook for authentication method: %s" % errmsg[0]) +except Exception: # Syntax valid in both Python 2.x and 3.x. + e = sys.exc_info()[1] + syslog('error', "Cannot obtain nnrpd hook for authentication method: %s" % e.args[0]) diff -Nurp inn-2.6.2/samples/nnrpd_auth_wrapper.py inn-2.6.3/samples/nnrpd_auth_wrapper.py --- inn-2.6.2/samples/nnrpd_auth_wrapper.py 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/samples/nnrpd_auth_wrapper.py 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -## $Id: nnrpd_auth_wrapper.py 8251 2008-12-23 12:22:03Z iulius $ +## $Id: nnrpd_auth_wrapper.py 10282 2018-05-14 12:42:14Z iulius $ ## ## Example wrapper for support of old Python authentication scripts, ## by Erik Klavon. @@ -35,13 +35,17 @@ class MYAUTH: # Python 3.x uses memoryview(b'authinfo') because buffers # do not exist any longer. Note that the argument is # a bytes object. - # attributes['type'] = memoryview(b'authinfo') - attributes['type'] = buffer('authinfo') - perm = (self.old).authenticate(attributes) + # attributes['type'] = memoryview(b'authinfo') + # perm = (self.old).authenticate(attributes) + # whereas in Python 2.x: + # attributes['type'] = buffer('authinfo') + # perm = (self.old).authenticate(attributes) + response = 281 err_str = "No error" - if perm[0] == 481: - err_str = "Python authentication error!" - return (perm[0], err_str) + # if perm[0] == 481: + # response = perm[0] + # err_str = "Python authentication error!" + return (response, err_str) def authen_close(self): (self.old).close() @@ -59,9 +63,10 @@ myauth = MYAUTH() ## ...and try to hook up on nnrpd. This would make auth object methods visible ## to nnrpd. +import sys try: set_auth_hook(myauth) syslog('notice', "authentication module successfully hooked into nnrpd") -except Exception, errmsg: # Syntax for Python 2.x. -#except Exception as errmsg: # Syntax for Python 3.x. - syslog('error', "Cannot obtain nnrpd hook for authentication method: %s" % errmsg[0]) +except Exception: # Syntax valid in both Python 2.x and 3.x. + e = sys.exc_info()[1] + syslog('error', "Cannot obtain nnrpd hook for authentication method: %s" % e.args[0]) diff -Nurp inn-2.6.2/samples/nnrpd_dynamic.py inn-2.6.3/samples/nnrpd_dynamic.py --- inn-2.6.2/samples/nnrpd_dynamic.py 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/samples/nnrpd_dynamic.py 2019-02-07 07:02:22.000000000 -0800 @@ -1,10 +1,10 @@ -## $Id: nnrpd_dynamic.py 8250 2008-12-23 12:00:46Z iulius $ +## $Id: nnrpd_dynamic.py 10282 2018-05-14 12:42:14Z iulius $ ## ## This is a sample dynamic access module for the Python nnrpd hook. ## ## See the INN Python Filtering and Authentication Hooks documentation ## for more information. -## The perl_dynamic: parameter in readers.conf is used to load this script. +## The python_dynamic: parameter in readers.conf is used to load this script. ## ## An instance of DYNACCESS class is passed to nnrpd via the set_auth_hook() ## function imported from nnrpd. The following methods of that class @@ -20,13 +20,13 @@ ## newsgroup. Returns None to grant ## access, or a non-empty string (which ## will be reported back to reader) -## otherwise. +## encoded in UTF-8 otherwise. ## dynamic_close() - Called on nnrpd termination. Save ## your state variables or close a database ## connection. May be omitted. ## -## If there is a problem with return codes from any of these methods, then nnrpd -## will die and syslog the exact reason. +## If there is a problem with return codes from any of these methods, +## then nnrpd will die and syslog the exact reason. ## ## There are also a few Python functions defined in nnrpd: ## @@ -56,32 +56,40 @@ class DYNACCESS: readers.conf and a reader requests either read or post permission for particular newsgroup.""" - # Just for debugging purposes. - syslog('notice', 'n_a dynamic() invoked against type %s, hostname %s, ipaddress %s, interface %s, user %s' % ( \ - attributes['type'], \ - attributes['hostname'], \ - attributes['ipaddress'], \ - attributes['interface'], \ - attributes['user'])) + # Just for debugging purposes (in Python 3.x syntax). + # syslog('notice', 'n_a dynamic() invoked: type %s, newsgroup %s, hostname %s, ipaddress %s, port %lu, interface %s, intipaddr %s, intport %lu, user %s' % ( \ + # attributes['type'].tobytes(), \ + # attributes['newsgroup'].tobytes(), \ + # attributes['hostname'].tobytes(), \ + # attributes['ipaddress'].tobytes(), \ + # attributes['port'], \ + # attributes['interface'].tobytes(), \ + # attributes['intipaddr'].tobytes(), \ + # attributes['intport'], \ + # (attributes['user'].tobytes() if attributes['user'] else "-"))) # Allow reading of any newsgroup but not posting. - if 'post' == str(attributes['type']): - syslog('notice', 'dynamic authorization access for post access denied') - return "no posting for you" - elif 'read' == str(attributes['type']): - syslog('notice', 'dynamic authorization access for read access granted') - return None - else: - syslog('notice', 'dynamic authorization access type is not known: %s' % attributes['type']) - return "Internal error"; + # Python 2.x syntax: + # if 'post' == str(attributes['type']): + # Python 3.x syntax: + # if b'post' == attributes['type'].tobytes(): + # syslog('notice', 'dynamic authorization access for post access denied') + # return "no posting for you" + # elif 'read' == str(attributes['type']): + # syslog('notice', 'dynamic authorization access for read access granted') + # return None + # else: + # syslog('notice', 'dynamic authorization access type is not known: %s' % attributes['type']) + # return "Internal error"; + return None def dynamic_close(self): """Called on nnrpd termination.""" pass -## The rest is used to hook up the dynamic access module on nnrpd. It is unlikely -## you will ever need to modify this. +## The rest is used to hook up the dynamic access module on nnrpd. +## It is unlikely you will ever need to modify this. ## Import functions exposed by nnrpd. This import must succeed, or nothing ## will work! @@ -92,9 +100,10 @@ mydynaccess = DYNACCESS() ## ...and try to hook up on nnrpd. This would make auth object methods visible ## to nnrpd. +import sys try: set_auth_hook(mydynaccess) syslog('notice', "dynamic access module successfully hooked into nnrpd") -except Exception, errmsg: # Syntax for Python 2.x. -#except Exception as errmsg: # Syntax for Python 3.x. - syslog('error', "Cannot obtain nnrpd hook for dynamic access method: %s" % errmsg[0]) +except Exception: # Syntax valid in both Python 2.x and 3.x. + e = sys.exc_info()[1] + syslog('error', "Cannot obtain nnrpd hook for dynamic access method: %s" % e.args[0]) diff -Nurp inn-2.6.2/samples/nnrpd_dynamic_wrapper.py inn-2.6.3/samples/nnrpd_dynamic_wrapper.py --- inn-2.6.2/samples/nnrpd_dynamic_wrapper.py 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/samples/nnrpd_dynamic_wrapper.py 2019-02-07 07:02:22.000000000 -0800 @@ -1,4 +1,4 @@ -## $Id: nnrpd_dynamic_wrapper.py 8250 2008-12-23 12:00:46Z iulius $ +## $Id: nnrpd_dynamic_wrapper.py 10282 2018-05-14 12:42:14Z iulius $ ## ## Example wrapper for support of old Python authentication scripts, ## by Erik Klavon. @@ -38,8 +38,8 @@ class MYDYNACCESS: (self.old).close() -## The rest is used to hook up the dynamic access module on nnrpd. It is unlikely -## you will ever need to modify this. +## The rest is used to hook up the dynamic access module on nnrpd. +## It is unlikely you will ever need to modify this. ## Import functions exposed by nnrpd. This import must succeed, or nothing ## will work! @@ -50,9 +50,10 @@ mydynaccess = MYDYNACCESS() ## ...and try to hook up on nnrpd. This would make auth object methods visible ## to nnrpd. +import sys try: set_auth_hook(mydynaccess) syslog('notice', "dynamic access module successfully hooked into nnrpd") -except Exception, errmsg: # Syntax for Python 2.x. -#except Exception as errmsg: # Syntax for Python 3.x. - syslog('error', "Cannot obtain nnrpd hook for dynamic access method: %s" % errmsg[0]) +except Exception: # Syntax valid in both Python 2.x and 3.x. + e = sys.exc_info()[1] + syslog('error', "Cannot obtain nnrpd hook for dynamic access method: %s" % e.args[0]) diff -Nurp inn-2.6.2/samples/passwd.nntp inn-2.6.3/samples/passwd.nntp --- inn-2.6.2/samples/passwd.nntp 2018-03-18 13:03:32.000000000 -0700 +++ inn-2.6.3/samples/passwd.nntp 2019-02-07 07:02:22.000000000 -0800 @@ -1,8 +1,8 @@ -## $Id: passwd.nntp 8726 2009-11-08 18:29:57Z iulius $ +## $Id: passwd.nntp 10283 2018-05-14 12:43:05Z iulius $ ## ## Sample passwd.nntp configuration file. ## -## It permits to authenticate on remote NNTP servers. +## It permits authenticating on remote NNTP servers. ## ## Format: ## ::[: