2006-03-20  eagle

	* nnrpd/group.c: Return the correct 0 0 0 response to LISTGROUP
	  when the group is empty rather than returning no such group.
	* authprogs/libauth.c: Set the length of the IPv4 sockets on
	  platforms with a sin_len element in struct sockaddr. Reported by
	  Gea-Suan Lin.
	* scripts/innreport_inn.pm: Ignore or parse some log messages from
	  newer versions, just for better news.notice parsing when
	  bouncing between versions.

2006-03-19  eagle

	* lib/dbz.c: Various fixes from Heiko Schlichting for DBZTEST
	  mode: Remove the right file in RemoveDBZ and use concat instead
	  of a static buffer for filenames. Add a command-line option to
	  set nfswriter if desired and avoid a core dump from a missing
	  innconf. Fix debugging output from dbzclose and return checking
	  from dbzstore. Fix an off-by-one error in the line counter. Fix
	  a typo in usage.
	* tests/lib/date-t.c: Skip the Newfoundland time zone test if the
	  relevant zone is not installed.
	* tests/Makefile: hstrerror dependency bug. Thanks, Heiko
	  Schlichting.
	* tests/lib/date-t.c: Backport the fix from stable to allow for
	  ambiguous parsing of dates around daylight savings time when
	  hours repeat.
	* tests/lib/setenv-t.c, tests/lib/setenv.t: Backport the test
	  suite change from unstable to use 100KB strings instead, since
	  too many systems require more than 90KB just to load the dynamic
	  libraries.
	* samples/control.ctl: Remove abg.* entry. That maintainer is no
	  longer active. Update the sfnet.* key fingerprint.

2005-12-25  eagle

	* Makefile: Fix the code to remove prerelease in Makefile.global.

2005-12-24  eagle

	* HACKING, doc/pod/hacking.pod: Update the references section.
	* MANIFEST: Remove fixlog.
	* NEWS, doc/pod/news.pod: Add changes for INN 2.4.3.
	* support/config.guess, support/config.sub: Update config.guess
	  and config.sub to the latest Debian versions.
	* storage/overdata.c: Use the last Xref header when generating
	  overview information if the article has multiple ones.
	* HACKING, doc/pod/hacking.pod: Update make release instructions
	  for svn2cl.
	* support/fixlog, support/mkchangelog: Use svn2cl to generate the
	  ChangeLog for the release.

2005-12-15  eagle

	* doc/man/inn.conf.5, doc/pod/inn.conf.pod, lib/innconf.c,
	  nnrpd/line.c: Actually, don't impose a minimum size on
	  maxartsize and localmaxartsize. That isn't necessary. Just
	  adjust the nnrpd code so that it doesn't use localmaxartsize for
	  the max buffer size without checking it first.

2005-12-12  eagle

	* expire/makehistory.c: If there are multiple Xref headers in an
	  article, use the last one to get article data. This works around
	  a combination of a bug in other servers that caused them to add
	  multiple Xref headers and a bug in INN that caused it to accept
	  such articles and just add yet another Xref header.
	* backends/send-uucp.in, configure, configure.in,
	  scripts/innshellvars.in, scripts/innshellvars.pl.in,
	  scripts/innshellvars.tcl.in: Search the user's path for uux at
	  configure time and encode the path in innshellvars, using that
	  path in send-uucp, since apparently there are different uux's
	  with different options and the administrator needs a way to be
	  sure that the right one is used.
	* authprogs/auth_krb5.c: krb5_get_in_tkt_with_password is
	  deprecated; define the appropriate symbol for right now so that
	  we can still get a prototype.
	* authprogs/auth_krb5.c, configure, configure.in: Check for
	  et/com_err.h before com_err.h; that's where Linux appears to be
	  moving it to when com_err.h comes from e2fsprogs.
	* MANIFEST, doc/man/Makefile, doc/man/pullnews.1,
	  doc/man/pullnews.8, doc/pod/Makefile, doc/pod/pullnews.pod:
	  Convert the pullnews documentation to POD. Document the ability
	  to specify a username and password in the configuration file.

2005-12-11  eagle

	* doc/pod/inn.conf.pod, lib/innconf.c: Sanity-check the settings
	  of maxartsize and localmaxartsize. (Setting the latter too low
	  causes bizarre behavior in nnrpd.)
	* doc/man/inn.conf.5, doc/pod/inn.conf.pod, nnrpd/line.c: Allow
	  localmaxartsize of 0 in nnrpd and update the documentation for
	  both it and maxartsize to document the 0 setting and note that,
	  if set to zero, large articles can crash innd or nnrpd by
	  running them out of system memory.
	* nnrpd/post.c: Yet *another* problem checking permission to post
	  to moderated groups. We were clearing the error flag right after
	  setting it. Reported by Jens Schlegel.
	* samples/moderators: Update nl.* moderation forwarding.
	* CONTRIBUTORS, NEWS, doc/pod/news.pod: Document improvements by
	  Thomas Parmelan to send-uucp.
	* backends/send-uucp.in: If there is a stray .work file, append it
	  to the new .work file after flushing and renaming, rather than
	  before. Patch from Thomas Parmelan.
	* backends/send-uucp.in: Add a way to specify the funnel or
	  exploder to flush for a site managed via one. Patch from Thomas
	  Parmelan.
	* innd/rc.c: Close the socket for ident callbacks on errors.
	* configure, configure.in: Move the checks for external libraries
	  after the checks for networking libraries so that we don't fail
	  to find OpenSSL because of libsocket and libnsl dependencies.
	* scripts/rc.news.in: Throttle before shutting down to give Perl
	  filters a chance to save data. Fixed in a better way in CURRENT.
	* nnrpd/post.c: Remove write-only WasMailed variable.
	* samples/innreport.conf.in, scripts/innreport_inn.pm: Report on
	  the Python filter the same as we do on the Perl filter.
	* doc/man/fastrm.1: Rebuild.
	* samples/control.ctl: Resync with upstream version.
	* nnrpd/perm.c: Fix a stupid paste mistake that caused nnrpd to
	  ignore Perl scripts unless they were Python scripts.

2005-10-09  eagle

	* frontends/rnews.c: Burn three file descriptors if running
	  privileged to avoid a strange situation where starting rnews
	  with closed file descriptors could force error messages to be
	  written to unexpected places, such as network streams or article
	  files. Only bother if running privileged; otherwise, the user is
	  just creating a bizarre bug by doing strange things, which isn't
	  worth worrying about.
	* doc/pod/fastrm.pod: Warn that fastrm doesn't care about security.
	* innfeed/misc.c: Fix format string vulnerability in logOrPrint
	  (which is only used for configuration data, so not an
	  exploitable hole).
	* innd/nc.c: Fix an oddity that I found a while back when auditing
	  uses of the buffer code in innd but never returned to. If
	  NCwritereply sends its reply immediately but can only send a
	  part of it, the count of bytes remaining to send wasn't
	  decremented. We could then send random junk at the end of the
	  buffer to the peer later on.
	* innd/cc.c: Fix an input validation bug that could allow a stack
	  overwrite on a system that didn't support Unix domain sockets
	  (do any of those exist any more?).
	* innd/cc.c, lib/inndcomm.c: Increase the send and receive buffer
	  sizes of the Unix domain socket used by the control channel,
	  allowing longer replies on platforms with a low default buffer
	  size. Patch from MKI.
	* storage/cnfs/cnfs.c, storage/timecaf/timecaf.c,
	  storage/timehash/timehash.c, storage/tradspool/tradspool.c: When
	  retrieving an entire article, use MADV_WILLNEED rather than
	  MADV_SEQUENTIAL or no madvise hint at all. The performance is
	  apparently noticably better per MKI.
	* innd/art.c: Correctly detect headers duplicated an odd number of
	  times (3 copies, 5 copies, etc.) and distinguish between missing
	  and duplicated headers when reporting errors.
	* samples/control.ctl: Update to latest upstream version.
	* scripts/innshellvars.in, scripts/innshellvars.pl.in,
	  scripts/innshellvars.tcl.in: Set HOME to pathnews. This should
	  resolve Debian Bug#307765.
	* scripts/innshellvars.pl.in: Avoid a warning if PATH is not
	  defined in the environment.

2005-07-31  eagle

	* samples/control.ctl: Update to the current ftp.isc.org version.

2005-07-18  eagle

	* doc/man/nnrpd.8, doc/pod/nnrpd.pod: -p instead of -P to specify
	  a port in the default port description.

2005-07-05  eagle

	* doc/man/readers.conf.5, doc/pod/readers.conf.pod: Document that
	  at least one of res, auth, perl_auth, python_auth, or default
	  should be set in any auth group.

2005-07-04  eagle

	* doc/man/innfeed.1: Document ctlinnd flush as the recommended way
	  of cleanly shutting down and respawning innfeed.
	* doc/man/innfeed.conf.5: Clarify that the SIGHUP re-read and
	  bindaddress changes won't affect existing connections.

2005-07-03  eagle

	* frontends/rnews.c: Maintain and pass around the length of the
	  article and never run strlen on the article. This should fix the
	  truncationproblems rnews was having with articles that contained
	  nul characters.
	* frontends/rnews.c: Don't abort a whole batch on an article
	  without a mandatory header or an unterminated message ID header.
	  Instead, fail that one article and continue with the batch.
	* frontends/rnews.c: Make unknown NNTP replies equivalent to
	  failure to connect (resulting in a deferral) instead of an
	  article rejection.
	* frontends/rnews.c: Remove unneeded variables.
	* frontends/rnews.c: When we fail to feed articles to the server
	  when unspooling with -U, don't move the articles off into the
	  bad directory. Just leave them in place in the spool directory.
	  Articles that should be rejected aren't handled as failures and
	  the right thing already happens with them, and retrying later is
	  exactly what we want for deferrals and 400 errors.
	* control/pgpverify.in: Import upstream version 1.27, which falls
	  back on pubring.gpg in the default keyring location if
	  trustedkeys.gpg isn't present.

2005-07-02  eagle

	* innd/art.c: NULL-terminate GroupPointers when replacing it while
	  doing Xref slaving. Patch from Chris Caputo.
	* ., .cvsignore, MANIFEST: Ignore the snapshot.log file and add
	  mksnapshot to MANIFEST.
	* Makefile, Makefile.global.in, support/mksnapshot,
	  support/mkversion: Add support/mksnapshot and make snapshot, and
	  change the Subversion version information to prerelease from CVS
	  prerelease.

2005-06-20  eagle

	* nnrpd/nnrpd.h: ARTreadschema is no more.
	* storage/overdata.c: Free resources properly in
	  overview_extra_fields. Patch from Chris Caputo.
	* history/hisv6/hisv6.c: Pass HIS_CREAT to hisv6_new when opening
	  it for expiration. This fixes expire failing to create a new
	  history file and also addresses a long- standing problem where
	  rerunning expire after a failure would cause tons of duplicate
	  history lines. Patch from Chris Caputo.

2005-06-11  eagle

	* support/mkmanifest: Ignore .svn directories.
	* authprogs/pam.conf.example: PAM documentation is now in the
	  ckpasswd man page.

2005-06-07  eagle

	* innfeed/article.c, innfeed/buffer.c, innfeed/buffer.h:
	  Reference-count the buffers in articles we're sending, since the
	  article holding a reference to them may be deleted before we
	  finish sending the article if the peer sends the rejection
	  message immediately (like Diablo does). Patch from Miquel van
	  Smoorenburg.
	* authprogs/smbval, history, lib, storage: Also ignore the *.a
	  library files; Subversion doesn't ignore those by default the
	  way that CVS does.
	* scripts/innreport.in: Remove the ftp.sofaraway.org references,
	  as the FTP site appears to be no more.
	* storage/cnfs/cnfs.c: Write out a multiple of CNFS_BLOCKSIZE to
	  disk by zero-padding the end of the article. We don't use that
	  data anyway, since we always align the start of articles, and
	  this saves an unnecessary read if CNFS_BLOCKSIZE matches the
	  file system block size (writing a partial block requires a disk
	  read). Patch from Miquel van Smoorenburg.
	* storage/interface.c: Don't allow storage classes larger than
	  255; they can't be represented in tokens. Reported by Sebastian
	  Wiesinger.
	* doc/man/innfeed.1: The batch files now normally contain storage
	  tokens rather than file names. Reported by Todd Olson.
	* history/hisv6/hisv6.c: Fix hisv6_replace so that it actually
	  works. Open the history file in r+ mode rather than a mode,
	  since otherwise we can't write to arbitrary locations in the
	  file. Fix the length check for the new line, and space-fill the
	  new line at the right offset. Patch from Chris Caputo.
	* CONTRIBUTORS, history/hisv6/hisv6-private.h,
	  history/hisv6/hisv6.c: Calling fseeko or ftello does fflush, at
	  least on Linux, which meant that we were flushing the history
	  file after every write and not gaining the advantage of stdio
	  buffering. Stop using fseeko/ftello in favor of using an
	  internally maintained offset. This breaks multiple processes
	  writing to the history file at the same time, but in practice we
	  don't support that right now anyway. We save a significant
	  number of write and seek syscalls this way. Patch from Chris
	  Caputo.
	* doc/man/inn.conf.5, doc/pod/inn.conf.pod, nnrpd/nnrpd.c: Setting
	  timer to 0 in inn.conf should also disable the timing support in
	  nnrpd.

2005-06-06  eagle

	* nnrpd/article.c: GetHeader was giving up a bit short of the end
	  of the article due to using the same limit both for searching
	  for the header and for searching for the end of the header. Use
	  separate limits instead. Patch from Chris Caputo.
	* lib/dbz.c: Fix the length specification for madvise in getcore.
	  The incorrect value was causing it to pessimize things rather
	  than optimize. Also factor out the file length calculation to a
	  separate variable rather than constantly repeating the same
	  multiplication. Patch from Chris Caputo.
	* tests/lib/tst-t.c, tests/lib/uwildmat-t.c: Backport test fixes
	  from trunk.
	* tests/lib/articles/no-body, tests/lib/articles/strange,
	  tests/lib/articles/truncated: Restore the CRLF line endings that
	  were lost in the conversion to Subversion.
	* lib/wire.c: Backport from the trunk the fix for articles with no
	  headers.

2005-06-05  eagle

	* ., branches/STABLE-2_4: Rename branches to better names, now
	  that we're not limited by CVS.

2005-04-16  rra

	* branches/STABLE-2_4/lib/snprintf.c: Add miscellaneous fixes
	  pointed out by Hrvoje Niksic.

2005-04-11  rra

	* branches/STABLE-2_4/INSTALL,
	  branches/STABLE-2_4/doc/pod/install.pod: Note that running cron
	  jobs is incompatible, on Solaris, with having a locked account.
	* branches/STABLE-2_4/INSTALL,
	  branches/STABLE-2_4/doc/pod/install.pod: Document the configure
	  flags to change the INN user and document the use of the usenet
	  user and --with-news-master.
	* branches/STABLE-2_4/MANIFEST,
	  branches/STABLE-2_4/doc/man/ckpasswd.8,
	  branches/STABLE-2_4/doc/man/readers.conf.5,
	  branches/STABLE-2_4/doc/pod/ckpasswd.pod,
	  branches/STABLE-2_4/doc/pod/readers.conf.pod: Move the
	  documentation for PAM configuration with ckpasswd into its man
	  page and remove the (not incredibly helpful) example file. Add
	  more cross-references to ckpasswd to the readers.conf man page.
	* branches/STABLE-2_4/nnrpd/post.c: If nnrpdauthsender is set and
	  the user identity assigned is empty, don't use UNKNOWN@hostname;
	  instead, strip the Sender header completely as the documentation
	  says.
	* branches/STABLE-2_4/doc/man/readers.conf.5,
	  branches/STABLE-2_4/doc/pod/readers.conf.pod: Note that the user
	  identity is also used by nnrpdauthsender.
	* branches/STABLE-2_4/doc/man/inn.conf.5,
	  branches/STABLE-2_4/doc/pod/inn.conf.pod: Typo fix.
	* branches/STABLE-2_4/doc/man/expire.ctl.5,
	  branches/STABLE-2_4/doc/pod/expire.ctl.pod: Improve the
	  documentation of the X flag and try to clarify that expiration
	  rules are applied to newsgroups one carries, not the Newsgroups
	  header of articles.
	* branches/STABLE-2_4/doc/man/nnrpd.8,
	  branches/STABLE-2_4/doc/pod/nnrpd.pod,
	  branches/STABLE-2_4/nnrpd/nnrpd.c: Looks like -R (force
	  read-only) hasn't done anything in quite a while. Since no one
	  has complained, just remove the option rather than trying to fix
	  it.
	* branches/STABLE-2_4/INSTALL,
	  branches/STABLE-2_4/doc/pod/install.pod: Add more information
	  about software dependencies and tips for building against shared
	  libraries.
	* branches/STABLE-2_4/authprogs/Makefile: Build auth_krb5.o with
	  $KRB5INC to find include files.
	* branches/STABLE-2_4/configure, branches/STABLE-2_4/configure.in:
	  --with-kerberos was putting the -L option after -lkrb5 instead
	  of before it, which isn't particularly useful. Restructure a
	  little to fix that. Reported by Todd Olson.

2005-04-10  rra

	* branches/STABLE-2_4/doc/pod/news.pod,
	  branches/STABLE-2_4/nnrpd/article.c: Remove the optimization
	  that answers XHDR Newsgroups and XPAT Newsgroups out of the
	  overview Xref data. It makes things faster, but it breaks the
	  NNTP protocol specification.
	* branches/STABLE-2_4/NEWS, trunk/nnrpd/article.c: Remove the
	  optimization that answers XHDR Newsgroups and XPAT Newsgroups
	  out of the overview Xref data. It makes things faster, but it
	  breaks the NNTP protocol specification.
	* branches/STABLE-2_4/nnrpd/perm.c: When Perl and Python were both
	  enabled, nnrpd was attempting to parse Python access hooks as
	  Perl scripts. Fixed by checking the access type. Reported by Ken
	  Bass.
	* branches/STABLE-2_4/INSTALL,
	  branches/STABLE-2_4/doc/pod/install.pod: Add NetBSD to the list
	  of confirmed platforms.
	* branches/STABLE-2_4/control/perl-nocem.in: Add a SYNOPSIS to the
	  documentation, change the existing SYNOPSIS section to
	  DESCRIPTION, and reformat a little bit.
	* branches/STABLE-2_4/lib/sendpass.c: If called with a NULL server
	  argument and innconf->server not set, set errno to something
	  vaguely appropriate before returning since some callers use
	  errno in error reporting.

2005-04-07  rra

	* branches/STABLE-2_4/doc/man/expire.ctl.5,
	  branches/STABLE-2_4/doc/pod/expire.ctl.pod,
	  branches/STABLE-2_4/samples/expire.ctl: Change the terminology
	  to <min>:<default>:<max> from <keep> and <purge>.

2005-03-17  vinocur

	* branches/STABLE-2_4/authprogs/domain.c,
	  branches/STABLE-2_4/doc/external-auth,
	  branches/STABLE-2_4/doc/pod/external-auth.pod: Fix
	  inconsistencies between code and documentation about newline
	  handling for external-auth. Reported by Todd Olson.

2005-03-16  hkehoe

	* branches/STABLE-2_4/storage/tradindexed/tradindexed.c:
	  tradindexed_add should return "true" if the group doesn't exist,
	  like the other OV methods

2005-03-11  rra

	* branches/STABLE-2_4/scripts/inncheck.in: Recognize variable
	  settings in newsfeeds.
	* branches/STABLE-2_4/lib/date.c: The values array in
	  parsedate_rfc2822 was too short.

2005-03-05  vinocur

	* branches/STABLE-2_4/doc/hook-python,
	  branches/STABLE-2_4/doc/man/newsfeeds.5,
	  branches/STABLE-2_4/doc/pod/hook-python.pod,
	  branches/STABLE-2_4/doc/pod/newsfeeds.pod, trunk/doc/hook-perl:
	  Correct typos.

2005-01-18  rra

	* branches/STABLE-2_4/control/pgpverify.in: Return the correct
	  exit status in the event of known failures instead of always
	  returning 255. Reported by Awais Riaz.

2004-12-25  rra

	* branches/STABLE-2_4/INSTALL,
	  branches/STABLE-2_4/doc/pod/install.pod: --enable-uucp-rnews
	  only installs rnews setuid news, not setuid root.
	* branches/STABLE-2_4/configure.in: Fix the comment to clarify
	  that rnews is only installed setuid news.
	* branches/STABLE-2_4/LICENSE: Add information about
	  lib/snprintf.c.
	* branches/STABLE-2_4/LICENSE: The MIT/X Consortium license is no
	  longer less restrictive than INN's license.

2004-12-24  rra

	* branches/STABLE-2_4/doc/man/inews.1,
	  branches/STABLE-2_4/doc/pod/inews.pod: NAME, not NEWS.

2004-12-23  rra

	* branches/STABLE-2_4/innfeed/imap_connection.c: Rework
	  imap_sendAuthenticate to avoid warnings when building without
	  SASL.
	* branches/STABLE-2_4/backends/mod-active.in: GNU diff wants -U0
	  rather than -u0 these days. This seems to be supported for a
	  while into the past, so let's hope that this doesn't just create
	  other compatibility problems.
	* branches/STABLE-2_4/Makefile.global.in: Increase version number
	  to 2.4.3.

