* 1.9.54, 2004-05-20
### INCOMPATIBLE CHANGE
- Consistency: The lockfile timeout for checkgroups has changed to five
seconds, checkgroups used to wait indefinitely.
See timeout_lock and LN_LOCK_TIMEOUT below for a migration path.
- Bugfix: fetchnews and texpire would delete a lockfile held by another
process when there were problems reading the configuration file.
- Bugfix: when groupexpire settings were used, their memory was leaked at
- Robustness: texpire is a lot more careful about mids files. Johannes Berg
reported aborts related to corrupt mids files. mids files are removed at
start of any leafnode program.
- Documentation: Some minor formatting problems in the manual pages were
corrected. Reported by Laurent Fousse.
- Logging: the number of duplicates that texpire has deleted is now printed.
- Feature: The maximum time that programs wait for a lock file can now be
configured through "timeout_lock" in the configuration file and overridden
by the LN_LOCK_TIMEOUT environment variable, to simplify running fetchnews
and texpire from a cron job. A workaround was suggested by Dirk-L�der Kreie.
- Feature: texpire has a new "-r" (repair) option that checks harder whether
the hard links are correct.
- Documentation: INSTALL reminds the user to erase the distributor package
first before doing a source install.
* 1.9.53, 2004-05-05
- Bugfix: do not re-authenticate if server requires authentication for the
same command twice - to avoid an unterminated re-authentication loop.
- Bugfix: Various error conditions now cause the problem to be logged.
- Bugfix: Newly-added groups that are not in a server no longer cause
fetchnews to proceed to the next server.
- Bugfix: texpire did not repair the spool in archived groups
(groupexpire some.news.group = -1) which caused duplicates and articles
inaccessible by Message-ID after corruption. Reported by Dirk-L�der Kreie.
- Portability: One string was split for C89 conformance (string constants
cannot exceed 509 characters).
- Feature: fetchnews supports an environment variable, LN_SKIP_GROUPS, that is
treated as a comma-separated list of wildmats, any match sufficient. All
matching groups are skipped, so you can skip your binary groups during
daytime, for instance. Don Geddis had complained a configuration cheat he'd
been using had stopped working with one of the recent fixes. Let there be an
official way to do things instead.
- Feature: The time zone is back in leafnode-generated Date: headers, provided
that the operating system provides a tm_gmtoff member in struct tm (BSD,
GNU). Systems that don't offer this use GMT and report the time zone as
- Feature: The environment variable LN_DEBUG is now read as an integer. The
debug level is the greater of debugmode in the config file and the contents
- Compatibility: support forgetful servers that require re-authentication
often. Reported by Andrew Cranson.
- Consistency: the try_lock() debug message now goes to stdout, and only in
verbose mode. It used to be printed on stderr, unlike most of the other
debug messages. Reported by Kieron Dunbar.
- Consistency: "skipped group.name, not in only_groups_pcre" message is now
prefixed with the server name.
- Documentation: If the volunteered authentication early in a connection
fails, add a log that this condition may have been caused by premature
NOTE: authentication implementations differ a lot.
- Documentation: The server= examples in config.example were revised and are
now G-rated and end in domains that are guaranteed to not exist.
* 1.9.52, 2004-04-03
Note: this file contains names that have been transliterated to ISO-8859-1.
To see the names in their original spelling, view the CREDITS file.
If /your/ name is shown in CREDITS only in the transliterated spelling, feel
free to send a correction in UTF-8 character set.
### SUMMARY OF IMPORTANT CHANGES
(these are detailed below)
- Texpire is now robust against hard link attacks that try to prevent expiry.
- Fetchnews has more complete timeout handling and a new timeout_fetchnews
global configuration option.
- Low-traffic, subscribed groups will not expire any more.
- Time zone handling was rewritten from scratch once again and dropped in all
places where it isn't essential, to fix complaints and bogus data.
- A bug that cause excessive article considerations after a fetch had to be
aborted fixed was fixed.
- only_groups_pcre fixes for crosspostings, adds a new option
- A bug that caused active persistent re-downloads for upstreams running on a
non-standard server was fixed. The NEWGROUPS range now only spans the time
since the last fetchnews run.
- Bugfixes were made to connecting to upstream servers with multiple IPs.
- Quickmkdir is no longer part of the installation procedure. Leafnode
programs will create missing directories on their own.
- The user account leafnode processes run under is now configurable at compile
time, to aid OpenBSD packaging.
### INCOMPATIBLE BUGFIXES AND CHANGES
- Bugfix: "GROUP s" will now mark the group interesting iff it is interesting.
This avoids premature unsubscription from low-traffic groups.
Backported from leafnode-2. Reported by Oliver Brakmann.
- Cleanup: Logging has been overhauled. It is now more consistent, prefixes
are the server or group name where applicable, prefixes error: for errors
and warning: for warnings. Timeout and other line reading problems now
appear in the debug log with "ERROR:" on the line for easy retrieval with
grep, the end of file is also logged as "< (EOF)". The "skipping (filename),
not complete" message was demoted from LOG_NOTICE to LOG_INFO severity
- Change: fetchnews now uses timeout_fetchnews rather than timeout_client when
waiting for a server's NNTP status response.
(this includes a documentation fix provided by David Houlden)
- Cleanup: Time zone information for generated headers was unreliable and has
been dropped. We'll create the Date: header in GMT.
- Bugfix: checkgroups can now read the checkgroups file from a path relative
to the current working directory.
- Bugfix: fetchnews will wait no more than five minutes (configurable through
the new timeout_fetchnews parameter) for a server response that is not a
- Bugfix: fetchnews will not kill the group's high watermarks when it has to
abort the fetch. It will leave a snapshot file behind that is merged on the
next run for the server that failed.
The bug was introduced into 1.9.50 and discovered by Bastian Blank.
- Bugfix: "server does not carry Newsgroups:" log message only printed the
first group name rather than all.
- Bugfix: when posting, the first newsgroup in a Newsgroups:-header of a
cross-posted article that was NOT matched by only_groups_pcre stopped the
search for further articles that might still be on the server.
Reported by Joshua Crawford.
- Bugfix: log exact reason why a fetchnews connection has failed.
- Bugfix: try all IPs of a host even when the connection one of them failed.
- Bugfix: send MODE READER first, then try to authenticate.
- Bugfix: add missing error messages for NNTP connection and DATE reply
- Bugfix: Proceed to next IP when a server name has multiple IPs attached when
the greeting doesn't arrive or the upstream runs NNTPcache V2.3.
- Bugfix: Do not fetch the full newsgroup list on every fetchnews run when the
upstream runs on a non-standard port. Reported by Cory C. Albrecht and
confirmed by Joshua Crawford. This is a fix-up for a half-baked bugfix that
went into leafnode 1.9.29 that was supposed to support multiple servers with
the same name but different port (necessary for ssh tunnels for instance).
- Bugfix: Plugged a memory leak, the memory allocated for a only_group_pcre
compiled PCRE was never freed.
- Bugfix: "illegal" articles are truncated to zero size and no longer given
out, to avoid sending dangerous content to clients.
- Bugfix: Zero-size check was not applied when an article was opened by
- Bugfix: texpire relied on the hard link count to expire articles. Any user
could defeat expiry by creating a hard link to an article file, preventing
expiry of certain articles, so that the spool partition could fill up in the
long run. However, the user who can perform this attack can usually fill up
the disk directly (without instrumenting leafnode), so no security
announcement shall be issued. Code has been added to force expiry via the
Message-ID, rather than by hard link count.
- Bugfix: the date check stopped working when DST was in effect.
Replaced by timegm() function from Heimdal/Kerberos IV, calculations are now
done in GMT rather than fiddling with the GMT offset.
Caused lots of bogus "check your system clock" warnings.
- Bugfix: Do not fetch newgroups since last full active fetch, but rather
since last NEWGROUPS.
- Bugfix: leafnode: do not send warnings (for instance about misconfiguration,
when maxage is too large) to stderr, some super servers send them to the
client. Reported by Martin Klaiber.
- Cleanup: Some internal variables have been renamed to avoid name clashes
with library functions (Ralf Wildenhues).
- Cleanup: getline.c now includes string.h to avoid compiler warnings
- Cleanup: After connection failure, the connection is properly shutdown with
nntpdisconnect() or nntpquit() rather than a half-baked shutdown(2).
- Portability: quickmkdir will not start the file name with a double slash.
Patch sent by A. Alper Atici.
- Feature: The fetchnews server respone timeout is now independent of nntpd's
- Feature: New server option only_groups_match_all to make only_groups_pcre
more restrictive with respect to posting, with this option on, ALL groups of
a crossposting must match the PCRE rather than ANY before a post goes to the
server that defines this option.
- Feature: fetchnews supports a new -w option to force the XOVER updater
process to run in the foreground rather than detached.
- Portability: The user and group name that used to be hardcoded to "news" are
now configurable, to support the OpenBSD policy of prefixing daemon and
system users with an underscore character, "_". Use --with-user and
--with-group options to ./configure.
Based on patches by Cory C. Albrecht.
- Documentation: README now explains the difference between news.debug and
news.=debug in syslog.conf and recommends the former.
- Safety: multiple configurations for the same server and port now cause an
abort. Leafnode cannot handle fetching for multiple users per single server.
- Consistency: debugmode >= 1 now logs sent NNTP commands. (debugmode = 2 was
needed before for sent commands and = 1 for received replies)
- Consistency: all leafnode processes will now generate needed directories
on start-up. This effectively eliminates the need for quickmkdir, which
will continue to be built in order not to break existing packaging scripts.
Also helps Cygwin portability (which requires further patches that do not
ship with leafnode and are currently maintained by A. Alper Atici).
- Feature: debugmode >= 2 now logs - at LOG_DEBUG priority - decisions why an
article is posted or skipped for a particular server in the light of
- Efficiency: the migrate() function caused a lot of unnecessary chdir()
- Cleanup: The signal causing fetchnews to abort will now be logged.
- Cleanup: suppress 'found no server with posting permission' in fetchnews
when one or more servers have not been queried, suggested by Al Bogner.
- Cleanup: when any server has not been queried by fetchnews, print a warning
(unless -q is given) and log it.
- Cleanup: suppress 'backing up from 1 to 12345' style messages in fetchnews.
- Cleanup: texpire will now fix the group low water marks for pseudo groups,
so that LIST ACTIVE output matches GROUP output.
- Cleanup: config.example: The expire line is first, before the server line.
* 1.9.51, 2004-02-20
- fetchnews did not properly detect an existing groupinfo file in all
circumstances. This bug was introduced as a side effect of a fix that went
into release candidate #3 of 1.9.50 on February 10th but wasn't found during
release candidate testing -- it didn't show on the author's computers.
Fixes SourceForge bug #900583.
This bug was first reported by Thomas Zajic, then with a full analysis
and patch by Adam Sampson. Thanks to both of them.
* 1.9.50, 2004-02-19
### EXECUTIVE SUMMARY
- Major texpire bugfixes, it repairs a lot more spool problems, including
a move or copy that broke hard links; texpire now updates overview data,
to recover from a fetchnews crash.
- "noactive" option now works for the first time.
- Checkgroups now adds groups as it should have always done. Useful in context
with "noactive" to prime the news group list.
### INCOMPATIBLE BUGFIXES AND CHANGES
- Bugfix: most programs now generate an active from the spool contents when
they cannot read the groupinfo, to avoid bogus first/last counter resets.
- Bugfix: checknews adds groups listed in the checkgroups file that aren't
already in the groupinfo. Prints them on stderr with " NEW" next to them.
- Cleanup: made fetchnews logging and console printing more consistent to aid
debugging. Careful changes to some severities.
- Conformance: texpire -h now exits 0 (it used to exit with code 1).
- Bugfix: "noactive" has never (since its introduction into 1.9.25) worked as
documented and still fetched the active file when "forceactive" was set
(through -f or expiry of timeout_active). Align actual behaviour with the
documentation. Reported by Andrew Cranson.
- Bugfix: texpire can now relink (after file system damage) crossposted
- Bugfix: texpire can now move files into the right message.id/XXX directory
if they are in the wrong one, so nntpd can find them.
- Bugfix: texpire now logs errors in addition to printing them.
- Bugfix: Some format strings for integers in fetchnews. Harmless on 32-bit
platforms but can cause crashes or bogus output/logging on 64-bit machines.
- Bugfix: Plug a memory leak in checkgroups.
- Bugfix: The pseudo article for an empty group now has a higher number than
the last article of the group previously had, so it is actually visible in
news readers. Reported by Andreas Muck.
Cosmetic side effect: articles in new groups now start at number 3 rather
than 2 in many configurations. This is harmless.
- Bugfix: when building an active file from the news spool, use the
directory's ctime as the creation date.
- Bugfix: whenever an active file is built from the news spool, this will
force fetchnews to download the active files completely at the next run.
- Cleanup: Fetchnews quickly proceeds to the next server when serious trouble
is encountered during group fetch, that is, premature server disconnect or
missing credentials or authentication failure.
- Cleanup: Print NNTP-connect related errors on console as well (not only to
- Robustness: overview (NOV, XOVER) is now more tolerant with respect to
leading whitespace, including HTAB characters.
- Robustness: texpire handles Ctrl-C and "kill -TERM" more gracefully.
### PORTABILITY IMPROVEMENTS
- Portability: PATH_MAX is almost gone, a POSIX system need not define it. If
it is missing, we assume 4096. PATH_MAX is not used to size static array,
but only gives the initial array size for dynamically sized strings that
extend automatically when the size is insufficient.
This should help the GNU Hurd vaporware should it ever materialize.
- Portability: Skip autoconf's SETVBUF_REVERSED check on Intel C++.
- If the compiler is an Intel one, ./configure refrains from adding GCC
- Documentation: README-FQDN* was updated now that news.cis.dfn.de and
news.individual.net have been separated.
- Documentation: Updates to texpire, leafnode, fetchnews manual pages.
- Cleanup: update.sh (run by make update, to update spools written by leafnode
1.6 and older) will now remind the user he has to delete groupinfo.old.
- Texpire: now updates .overview information should a previous fetchnews run
have been interrupted hard.
- Texpire: support -q to suppress all non-error output.
- Cosmetic: texpire no longer counts unlink failures as kept articles.
* 1.9.49, 2004-01-09
### REGRESSION BUGFIX
- Fetchnews: the 1.9.48 security bugfix broke delaybody mode, it is now fixed.
Bug reported by Berthold H�llmann.
* 1.9.48, 2004-01-09
### SECURITY BUGFIX
- Fetchnews: when a. minlines=0 (default) and b. delaybody=0 (default) and
either c. no filterfile is configured (default) or a. and b. and d.
article_despite_filter=1 are configured, an article with missing mandatory
headers and without body can hang fetchnews and/or prevent the fetch of
further articles from the current group or server. CVE Name: CVE-2004-2068
Reported by Toni Viemer�, SourceForge bug 873149.
This was a denial-of-service bug, not one that could lead to local or remote
- Fetchnews: log group name when articles are skipped that match the minlines,
maxlines, maxbytes or age filters, for more consistent logging.
- Rebuilt with autoconf 2.59.
* 1.9.47, 2004-01-07
Note: many of these bugs have been long-standing.
- Fetchnews: Protocol conformance: no longer ignores lines when the XOVER data
obtained from the upstream server lacks the 8th field, Xref:. RFC-2980
suggests, but does not mandate this field. Reported by Brian Sammon.
- Fetchnews: XOVER mode did not take maxlines, minlines and maxbytes into
- Fetchnews: XHDR mode did not take minlines and maxlines into account.
- Fetchnews: XHDR mode tried to fetch bogus articles when articles had been
dropped from the fetchlist because of age or size.
- Fetchnews: XHDR required that Bytes, Date and Lines had been returned in
exactly the same order as the Message-ID headers and would go out of synch
if it didn't - but in doubt, would fetch the article. Fixed.
- Leafnode: will detect "list active.times" when trailing garbage (a group
name) is present. It used to read it as "list active" instead.
- Leafnode: XOVER now works without article number and returns data for
- Do not pass uninitialized data to setrlimit() when setting the core file
size in debugmode.
- Plugged a minor memory leak.
- Avoid crashes in XOVER related functions when the OS cannot determine the
current working directory.
- Avoid crashes or data corruption in out-of-memory conditions, replacing
strdup by critstrdup.
- Use $(SHELL) to run ./update.sh when "make update" is typed.
- fetchnews now supports a new -q option that suppresses the "found no server
with posting permission" warning, to avoid the "cron sends lots of mail"
bug. Reported by Joey Hess of Debian.
- fetchnews now supports a server-specific "noxover" option to force the
use of XHDR when a server does not work with XOVER.
- fetchnews will now try to match the "maxcrosspost" parameter against the
Xref: overview information that, albeit optional, is returned by most
servers in response to the XOVER command. This can avoid the download of
some, but not all, excessively crossposted articles.
- The news administrator address, as shown in the placeholder article, is now
configurable via the new "newsadmin" option. It used to be hardcoded to
"news@HOSTNAME", where HOSTNAME was replaced by leafnode's hostname.
- Rebuilt with automake 1.8.
- The "port" option description in config.example and leafnode.8 has been
revised to make clear that it only applies to fetchnews, not the listening
* 1.9.46, 2003-11-06
- fix fetchnews -n regression, broken since 1.9.44.rc1. (-n was ignored)
- match (and properly translate) section headers in German manual pages.
- report when active must be refetched and why.
- ntl changed the banner of their still-broken NNTP software. Apply STAT
workaround also to the new banner. Reported by Grahame Cooper.
* 1.9.45, 2003-10-30
- A fetchnews out-of-synch conditions was fixed, reported by Jan Knutar:
fetchnews cannot handle bogus group names that start with a dot.
- Fetchnews ignores newsgroups that have NULL components (start or end in a
dot or have ..), since such newsgroups cannot be handled by leafnode. Such
newsgroups do not exist on well-maintained servers or in well-administered
hierarchies. Reported by Jan Knutar.
* 1.9.44, 2003-10-22
- A texpire SIGSEGV was fixed, it struck when expiring articles from groups
that were no longer in interesting.groups. (Reported by Iain D. Broadfoot.)
- Interesting.groups expiry was bugfixed and streamlined, it now happens
before contacting the first server. (Reported by Nikita V. Youshchenko).
- Debugmode is now documented in config.example.
- Debugmode has been cleaned up in fetchnews. It is now possible to log
XOVER replies with debugmode=3.
- One meaningless system error that was included on "illegal article:" log
lines was removed from the line. (Reported by Nikita V. Youshchenko.)
- Fetchnews no longer moves articles into failed.posting if the upstream
server refuses the POST command (before seeing the article).
- The XOVER updater no longer aborts when encountering a group when there is
a sub-group with an all-numeric name. (This only happens in badly
administered newsgroup hierarchies.) Reported by D�niel Fraga.
- The RPM is now more careful when handling /etc/xinetd.d/leafnode and
/etc/cron.daily.leafnode, both are marked %config(noreplace) now. Reported
by William Hooper.
- __attribute__ is only used with __GNUC__ (gcc), to avoid compiler trouble.
- Fetchnews now accepts any 2XX reply to NEWGROUPS, to work around a problem
with an MC-link news server. (Reported by Paolo Amoroso.)
- Texpire, when in verbose mode, will now print "Expiring message.id..."
before doing just that.
- The RPM installation was revised (the German manual pages are now in
%_mandir/de/, cruft from doc_german was dropped, xinetd example is
- Leafnode excludes glibc-2.3 special ctype.h stuff to let binary compiles
work on glibc-2.2.
- Fetchnews has MUCH improved posting behaviour and is more verbose in case of
- Fetchnews speed-up in XOVER mode: avoid stat() if the article is ignored for
size or age. Reduces local I/O, particularly with -x, when recovering from
crashes or after adding new servers.
- function inlining is now checked for in ./configure, attributes.h is gone.
- There is now a new documentation file, ADD-ONS, that currently lists leafwa
and Nikita V. Youshchenko's "mlgroups" patch.
- A German manual page for leafnode-version(1) has been added.
* 1.9.43, 2003-09-04
### INCOMPATIBLE CHANGE
- In the traditional spool, newsgroups with all-numeric components show up
with a - (minus, hyphen) prefixed to the number, the newsgroup example.1234
will be stored as /var/spool/news/example/-1234.
It is believed this change does not cause troubles because news systems that
offered the traditional spool have been incapable of providing news access,
and because the count of news groups with such names is way below 0.1% on
the news servers I have access to. The gain in functionality justifies the
NOTE: this only affects newsreaders that directly access the spool.
NNTP-based newsreaders will see no difference.
- Fix leafnode.8 manual pages (EN and DE languages) to explain 0 and negative
values for expire/groupexpire.
- Avoid premature abort (that causes .overview and groupinfo files to become
stale) when the stdout becomes disconnected. Reported by Sytse van Slooten.
- Make sure that texpire fixes the groupinfo lines of groups in "archive mode"
(groupexpire -1). Reported by Sytse van Slooten.
- Repair groupexpire 0 (= use global default, rather than expire immediately).
Broken since 1.9.23.
- Make sure that fetchnews complains when a timeout happens while reading
newsgroups lists ("active file") or newsgroup descriptions. Found after a
related report from Tim Daneliuk.
- Use different fix for newsgroup names with all-numeric components that does
not require two stat() calls in XOVER handling. Tracked down and reported by
- Remove bogus error messages "article * is below/above the *-water mark" that
occur when reading a group that fetchnews is fetching into. Reported by Rein
- Make sure XOVER related error messages don't show up in the NNTP client.
- fetchnews puts stdout into line buffered, or -- failing that -- unbuffered
mode (Patch by Mark Brown, Debian maintainer).
- leafnode processes warn (syslog and stderr) when a groupexpire is set to 0
(which means "use the default", which some users may not be aware of).
- Added FAQ item on running leafnode as nntps server.
- Mention SuSEconfig difficulties with /etc/hosts in README-FQDN*
- Clarify item #13 in INSTALL.
* 1.9.42, 2003-06-27
### SECURITY RELEVANT BUGFIXES
- Fix hang when trying to download an article that lacked mandatory headers.
(Very old bug, recently found by Joshua Crawford) CVE Name: CVE-2003-0744
NOTE: this assertion that the bug is security relevant (denial of service)
has been made after 1.9.42 release.
- Check lastreply() against NULL, in an effort to fix obscure sporadic and
non-reproducable crashes on OpenBSD sparc64. (Reported by Bruno Rohee)
- Fix bogus "Cannot open .../interesting.group/group.name for reading" when a
group subscription has expired. (Reported by Andreas Muck)
- The ChangeLog file has been split, older parts (leafnode 1.9.31.rel and
before) have moved to the "new" ChangeLog.old file.
* 1.9.41, 2003-05-22
- Fix the "leafnode keeps fetching a group I've unsubscribed from long ago"
bug that haunted leafnode since 1.9.18 at the latest and that was more
prominent with the delaybody migration fixes of 1.9.33. Reported by Andreas
Muck and Gerry Doris.
- "make clean" no longer erases t.pcre_extract
- Add an EXPERIMENTAL feature, delaybody_in_situ. This may work around
problems with particular newsreaders in delaybody mode. Do not rely on this
feature for now, and do send feedback if you use it, regardless of whether
it works or not. Defaults to off (compatible with previous versions). If you
don't know what it is about, leave it off.
- Some messages in fetchnews have been reworded to make them clearer and more
- Find tcpd on OpenBSD at build time. Patch by Bruno Rohee.
* 1.9.40, 2003-05-08
- Leafnode no longer aborts when using the replacement snprintf function
(FreeBSD) and is about to display a pseudo article.
* 1.9.39, 2003-05-04
### CRITICAL BUGFIX (DATA LOSS IN LEAFNODE-TO-LEAFNODE CONVERSATION)
- Leafnode returned bogus "OK" replies to "STAT <firstname.lastname@example.org>" requests when
the currently selected group was a pseudogroup.
This caused data loss when two leafnode versions are cascaded, because the
downstream thinks the upstream already has the article and discards it.
Reported to Debian by Kyler Laird, forwarded by Mark Brown.
* 1.9.38, 2003-04-23
- The replacement snprintf trampled hash marks over digits in the output when
the output length matched the minimum field width or exceeded it, in
violation of Single Unix Specification. Fixed now. (Corresponding
conformance testing code has been added to "make check".)
- The RPM spec file checks if pcre.h is in /usr/include/pcre or /usr/include.
This hopefully addresses RedHat 9 RPM build failures. (The leafnode RPM
should rely on the pcre RPM rather than including its own copy of PCRE
files, to avoid conflicts.) This is untested because the snprintf bugfix
above is critical and does not allow for further delay for testing.
- The NewsCache compatibility code was changed to allow the DATE command
for NewsCache 0.99.22* and 0.99.2? as well as 1.1.12 and newer.
* 1.9.37, 2003-04-19
- Fetchnews properly tracks when reading the active file from a server fails
and retries and the next run.
- The replacement snprintf has received numerous bugfixes.
- Leafnode now checks if the system's snprintf function really works at build
time and substitutes its own snprintf.c if the system's snprintf function is
broken (or missing).
- Don't use format modifiers that are unsupported by the shipped snprintf.c.
- Build fixes on platforms that need special LDFLAGS (sparc64 for
example), particularly when no system PCRE library is available.
- Better portability to systems that do not provide DIR and struct in the
<dirent.h> header file.
- Fetchnews no longer checks the DATE at upstream "NewsCache" servers other
than version 0.99.22p1, they return local time rather than GMT.
### INCOMPATIBLE CHANGES
- Leafnode programs now REQUIRE that they can read the spooldir (and not only
execute it). As the spooldir has always been readable, the impact of this
change is negligible.
- The default lockfile location has changed to $spooldir/leaf.node/lock.file.
This is meant to prevent packaging errors, as the lock file must be in a
directory writable by the "news" user. --with-lockfile can be used to
configure the former lock file location which used to be
- Leafnode programs now enforce a umask of 02, just to be sure. Should have no
- There is now a "post_anygroup" option to skip the "is the group I post into
on this server" check. Useful on servers that let you post but not read.
- Fetchnews now prints an error message when saving the current working
directory fails when it tries to post articles.
- Fetchnews now prints the reply from the upstream server when reading the
newsgroup list (all or new) fails.
- The internal directory creation code has been revised.
- Debugging code (assertions) has been removed from the build.
* 1.9.36, 2003-02-25
- Fetchnews properly ignores the body of an article when it has killed an
article after sending the "ARTICLE" command rather than "HEAD". Regression
in leafnode-1.9.33, found by Oliver Schwabedissen.
- Minor fix to texpire(8) (English version) by Bruno Rohee.
* 1.9.35, 2003-02-21
- Leafnode no longer aborts if an article with Message-ID header is posted.
This fixes a regression introduced in leafnode-1.9.34.
* 1.9.34, 2003-02-19
- Don't pass time_t to %ld formatting. (reported by Christian Weisgerber)
- Check time difference for overflow when using DATE.
- Change to spooldir at start-up, to avoid barfing when leafnode is started
from a working directory that the "news" user has no access to, to address
fetchnews -P issues when started from cron.
- Minor changes to manual pages and README.
* 1.9.33, 2003-02-03
- Fix client hang when an article had suffered corruption and its Message-ID
could not be retrieved. Also consider the article broken and unlink it.
- Compatibility: leafnode 1.9.23 to 1.9.32 have used the u+x flag in out.going
to mark an article "complete". This was incompatible with versions 1.9.22
and before. It has been changed to u+r, which improves compatibility, posts
are no longer stuck in out.going, and even older versions won't read
- Switching delaybody off no longer makes bodies of article headers retrieved
before the switch inaccessible. (affects leafnode, fetchnews)
- Pseudo article display was fixed for newsgroups that were once there but
that have expired without their article pointers reset in the groupinfo file.
- Fix local article number extraction again, along the lines suggested by
Fumiaki Miura. This bug marked the wrong article for download if a header
of the structure "Xref: my.ser.ver abcabc:20 abc:10" was in the article.
- Ralf Wildenhues fixed two subtle bugs in signal handling again, making sure
we don't warp backwards in the program flow when ^C is pressed twice.
- The nodesc flag was not in effect for fetchnews -f or after adding a new
server, making fetchnews redownload the FULL active file over and over again.
- Downloaded articles don't show up in out.going in multi-server setups any
more, they did when articles to post were in out.going because fetchnews
messed up its directories.
### CHANGES: documentation
- Options added since 1.9.20 now appear with the leafnode version when the
option was introduced in the manual pages.
### CHANGES: fetchnews
- Leafnode will now use the "ARTICLE" command to download articles if no
filterfile is defined or if the new "article_despite_filter" option is set
and "delaybody" is off. This speeds up article download, particularly on
high-latency links such as interleaved DSL or satellite links.
- There is a new global option, "article_despite_filter", defaults to 0 for
- There is a new per-server option, "noread", which defaults to 0 and is
therefore compatible with previous releases of leafnode.
If set, the server is not queried for active files or articles (but
skipped), but posting to this server is still tried. Useful to complement
"nopost". Courtesy of Dmitry Samersoff <email@example.com>.
- Fetchnews compares the local clock to that of the upstream server it's
talking to if the upstream supports the "DATE" command, and warns if both
clocks are more than 10 minutes apart (but the program will continue for
### CHANGES: leafnode
- The DATE command is now supported.
* 1.9.32, 2003-01-08
- Fix packaging error: leafnode.cron.daily wasn't regenerated properly.
- Detect maxage overflow when reading the configuration and clamp to
the maximum allowed value.
- Solaris portability fixes, Solaris cannot remove a directory (not even by
name) when it's the current working directory. Linux or BSD are fine.
Include sys/time.h and time.h before netinet/in.h.
- Detect and log errors when removing empty directories in texpire or when
reading overview data.
- fetchnews logs the child process ID
* 1.9.31, 2002-12-29
- On non-BSD systems, only the first timeout was ever detected. Found and
fixed by Richard van der Hoff.
- General signal handling fixes.
- Fix build when no system PCRE lib is available. Fix detection of
-lpcre outside the system library path.
- When fetchnews is restarted after a crash that prevented updating the active
file, only print one "..as 12345 in de.test" line per group when storing the
- Only fork() in fetchnews if fork() really works. Some systems (AmigaOS) only
support vfork(), which is not sufficient.
* 1.9.30, 2002-12-04
### SECURITY BUGFIXES
- Fix subtle and rare unterminated loop (100% CPU hang) bug in doarticle(). It
can only strike when an ARTICLE, HEAD, STAT or BODY command in Message-ID
syntax accesses a crossposted article AFTER a GROUP command and if the group
name given there is part of another group's name that the article was
crossposted to. Credits to Jan Knutar for a detailed bug report.
CVE Name: CVE-2002-1661
- Only consider groups (after LIST or NEWGROUPS) that match the
only_groups_pcre, if one is configured. This avoids offering groups that are
- Detect and report write errors when writing the new active ("groupinfo")
- Whitelist STAT command for NewsCache versions 0.99.18, 0.99.19, 0.99.2?.,
- RPMs built from the included .spec file now install a "config" and "filters"
file, both are marked "noreplace". This should prevent these files from
being lost when a SuSE RPM is replaced by one built from this file.
- Leafnode will delete duplicate newsgroups from its active file. This process
is case-blind. Some badly maintained upstream servers have the same
newsgroup more than once, but only differing in capitalization. Leafnode
will prefer the group with LESS upper-case characters.
- Fix maxage = 0 regression of leafnode 1.9.21. maxage = 0 seems not to be in
- Blacklist STAT for servers that contain "NNTP news cache" in their
greetings, reported to be necessary for NTL (UK) by Robert Marshall.
- Leafnode now ships with a leafnode.cron.daily file. See INSTALL.
- Leafnode now ships with a filters.example file that was taken from the SuSE
- The newsq manual page was reworked and is more comprehensive now.
- README-FQDN was corrected in respect to the dfncis.de host name.
- FAQ has information on the Red Hat inetd vs. xinetd issue.
* 1.9.29, 2002-10-23
- Fix fetchnews SIGSEGV that happens when new groups are added. Thanks
to Ken Shan for tracking the bug and sending a patch.
- Work with multiple upstreams that have the same server name, but
* 1.9.28, 2002-10-21
- MacOS X 10.1 build has been fixed now (works on sourceforge Compile
Farm at least). The fixes of 1.9.25 did not work.
- There is now a leafnode-version program that just prints the version.
- Configuration file errors are now printed with the line number.
- New server-specific option: only_groups_pcre, to restrict the groups
that are fetched from or posted to a specific server.
- The build environment has been rebuilt with automake 1.7.1 and
* 1.9.27, 2002-09-24
- Leafnode no longer goes into an infinite loop if your interface list
as returned by ioctl(...SIOCGIFCONF...) is longer than 2047 bytes.
This was a show-stopper bug without workaround (except unconfiguring
interfaces or disabling IPv6, which is usually not an option).
The bug was less likely to strike on home computers (except routers),
as these tend to have less interfaces. More likely to strike bigger
IPv6-enabled BSD servers.
- Type issues on 64-bit machines (time_t is int) have been fixed.
- RPM build: the spec file has been revamped, the documentation
directory now has proper permissions again.
- Leafnode builds again on non-IPv6 machines such as Solaris 2.6.
- Robustness: The allowstrangers option is now "stronger", enabling it
defeats the "is the client on a local IP" check altogether -- to allow
for workarounds should further bugs in this check strike us.
- Documentation: The FAQ has been converted to DocBook XML and updated,
and the TROUBLESHOOTING document that carried only two items has been
merged into the FAQ. It comes now as plain text, HTML and PDF. The
CREDITS file has been updated.
* 1.9.26, 2002-09-20
- Add missing documentation LIESMICH-daemontools
- Fix paths in UNINSTALL-daemontools
- fetchnews will no longer try to fork in -P (postonly) mode. (The bogus
error messages around this were reported by Jan Knutar.)
- fetchnews synchronizes child and parent when handing over the lock
file, to prevent bogus error messages.
- texpire will now skip over lost+found in the top directory and log
chdir/opendir errors. (Bug reported by William Grinolds.)
/var/spool/news must still be one file system and cannot be a Coda
- newsq now prints a start banner and an explicit "the queue is empty"
if it is
* 1.9.25, 2002-08-30
- Although only a symbolic measure and no consolation to any victim,
this version is dedicated to all the people in the flooded areas of
Central and Eastern Europe, particularly Austria, the Czech republic
and Germany, where many cities have been drowned by the Moldau,
Danube, Elbe and other rivers rivers that have turned into torrential
currents by severe rainfall; whole cities in Saxony, Saxony-Anhalt and
Brandenburg and the Northwestern Czech republic had to be abandoned
temporarily. The material damage is immeasurable, and the personal
Protection of the environment is important and everybody's task.
- Leafnode's LIST EXTENSIONS reply no longer starts with leading
whitespace. The current NNTP draft no longer wants whitespace there.
- Leafnode's [X]HDR <header> <message-id> commands now return
the message-ID in front of the header, which is in conformance with
RFC-2980 but contradicts draft-ietf-nntpext-base-15.txt which has
expired on 2002-07-15 (which requires the article number to be
printed, which is not available before GROUP or which is not in unison
when the article is crossposted).
- Fix "configured hostname not accepted" issue: Leafnode now reads the
configuration file before validating the hostname or creating the lock
file, so the hostname configuration option becomes actually effective.
- The lsort program is no longer installed. When updating from a
previous version, then please remove it (the default location is
/usr/local/sbin) -- it is only used (with explicit path) when you type
"make update" and is not needed later.
- Documentation updates, including tcpserver/daemontools instructions.
- Build files have been regenerated with automake 1.6.2 (autoconf 2.53)
- A tighter integration of the included PCRE directory into the build
- German documentation is back.
- Fix some PCRE compile issues.
- The paths of the FILES sections of the manpages should now be correct.
- The FAQ file now ships.
- MacOS X 10.1/Darwin build fixes for -twolevel_namespace issue. We pass
-flat_namespace to the linker.
- Easier first-time installation: A script to aid setting up leafnode
when daemontools and tcpserver is present.
- Fix reading interface information on systems that have sa_len in
struct sockaddr, such as FreeBSD. Leafnode would erroneously refuse
connections from IPv4 clients on these machines when IPv6 interfaces
- New allow_8bit_headers configuration option (default off) to accept
unencoded 8-bit data (seems to be common in dk.* and no.* hierarchies)
- Fix lots of minor bugs that splint turned up.
- Fix some minor XHDR issues.
- Fix LIST ACTIVE.TIMES (did not work at all and returned bogus data).
- Add HDR support (same as XHDR, basically).
- Redo the HELP output.
- List HDR in LIST EXTENSIONS reply.
- Fix crash when the client terminates the connection right after a POST
command. Not exploitable, reported and fixed by Fabrizio Tironi.
- when updating the active file fails, set a flag to try downloading the
whole active file again on the next run and keep the old active data
to avoid losing group lo/hi marks.
- new server-specific option "noactive = 1" to defeat downloading the
full active file (newsgroups list) from this server. Courtesy of Mark
Brown of Debian.
* 1.9.24, 2002-07-10
### INCOMPATIBLE CHANGES:
- See all "incompatible changes" sections below.
- there will be no more prereleases or release candidates. people don't
- no longer crashes and disconnects when a client (slrn) sends "XOVER" before
"GROUP". Makes leafnode compatible again with slrn.
- address resolver fixed when IPv6 enabled
- fix ARTICLE/STAT/HEAD/BODY commands with implicit number ("current
* 1.9.23, 2002-07-08
### INCOMPATIBLE CHANGES:
- If you update to 1.9.23 and have articles in your out.going queue, fetchnews
will no longer post these. To fix, do: chmod u+x /var/spool/news/out.going/*
NOTE: 1.9.33 no longer needs this, it uses the u+r flag instead, but you
should never need to set the flag manually.
- Access from outside the local networks (as figured from IP and netmasks of the
local interfaces) is now denied by default. To restore the old behaviour,
check README and config.example for a new option "allowstrangers" and how to
enable it. Read config.example closely! Using this is deliberately difficult.
- When a client posts, syntax and semantics of the Message-ID header are
checked. These tests are essential to avoid Message-ID collisions. You can
still switch off Message-ID generation in your news reader and let leafnode
generate a Message-ID.
- Spooldir may only contain characters from the POSIX portable path name
character set. These are: the small and capital latin letters a through z, the
ten digits 0 through 9 and the individual characters ".", "-", "_", "/".
### KNOWN BUGS
- Leafnode does not handle embedded NUL characters in news correctly.
- The README now contains a new section "DEBUGGING".
- The INSTALL file now has an xinetd config example.
- The FQDN "linux.local" is now also rejected.
- Fetchnews will no longer try to post articles that nntpd is still receiving.
- Bugfixes, compile warnings fixed, memory leaks fixes, possible crashes fixed.
- Treating folded headers has improved.
- NEWGROUPS now really works, even across fetchnews -f. fetchnews -f is
now less harmful to the group low/high marks.
- There is now documentation on the fully-qualified domain name issue, in text,
pod and HTML format. See the README.FQDN* files.
- There is a new configuration option: "nopost" (server-specific). Set
"nopost=1" just below the server line to avoid posting to the server in
- Article number treatment has improved. This should fix "pseudo article not
displayed" issues for good.
- Most leafnode programs no longer see incomplete lines. Incomplete lines are
lines without trailing LF character.
- When a leafnode program recreates a directory in the spool dir, the owner is
now properly set to "news".
- Fetchnews now filters on original header lines, rather than regenerated lines.
- Will exit with code 2 when it could not connect to at least one upstream
- The client timeout is now configurable through "timeout_client",
patch courtesy of Jonathan Larmour.
- No longer confuse clients with "400 Service discontinued" messages on timeout.
- No longer resolve the local listening address to a name and use that
as fqdn (broke Message-ID generation). Reported by Andreas Muck.
- Posts with 8-bit or control data in headers or malformatted
headers are now rejected. These articles are malformatted. (illegal!)
Only broken newsreaders generate such headers.
- Better logging when groups are subscribed to; set debugmode = 1 in
your config file to enable, and look for "markinterest:" in the log.
- POST now suggests a Message-ID.
- Expire groups that are not in the group.info. (This will happen when news
groups are removed upstream and the active file is re-fetched.)
- Set groupexpire for a particular group to -1 to let texpire ignore it. Think
of this as an archive function. Patch courtesy of Andreas Meininger.
* 1.9.22, 2002-04-19
- Fix the hostname qualification logic.
- No longer use fnmatch(), but use wildmat() instead. That's well-tried
in leafnode 2.0b.
- Fix the broken NewsCache workaround.
* 1.9.21, 2002-04-08
- leafnode never fetches articles that would be expired right away as
per the current expire/groupexpire settings. Add "clamp_maxage = 0" to
your configuration to restore the old behaviour.
- no longer segfaults when the groupinfo file is empty (when the
upstream servers are all unreachable).
- gets time zone offset against GMT right.
- overview handling now detects when articles are removed from the
"middle" of a group (i. e. which are not low or high water mark)
- no longer trashes the article high water mark.
- leafnode never fetches articles that would be expired right away as
per the current expire/groupexpire settings.
- can recover state information from a SERVERINFO~ file left behind by a
previous incomplete fetchnews run.
* 1.9.20, 2002-03-25
- leafnode REQUIRES a valid fully qualified domain name now,
localhost.localdomain is invalid! Fix your /etc/hosts if leafnode
programs refuse to run.
- running leafnode without access control (such as tcpd from Wietse
Venema's tcp_wrappers package or xinetd/tcpserver's native access
control) is officially deprecated.
- leafnode no longer tries to post the article to all your servers, but
only to one, to prevent moderators from getting posts to moderated
groups more than once. Move your most reliable news servers first in
the configuration file.
- new locking scheme, prevents groupinfo corruption, the old locking
scheme was totally ineffective
- manual pages now contain proper paths to programs or files
- pattern matching has been fixed
- no more timezone messups in logs or generated Date: headers (backport
- memory and file descriptor leaks have been fixed
- some more parts of NNTP chatter are subject to timeout handling
- the included PCRE package was updated to v3.5 (but better, get PCRE
3.9 or newer and install that prior to configuring and installing
- maintainer builds now need ./configure --enable-maintainer-mode.
Results in faster compilation for end users.
- can now safely post to NewsCache servers, 1.9.19 and older would
discard all upstream posts to NewsCache servers because NewsCache lies
about the availability of an article in STAT <Message-ID>. We use HEAD
now. (workaround backported from leafnode 2.0beta)
- upstream posts are now deleted as soon as they have successfully been
- fetchnews -P no longer segfaults
- SIGPIPE now updates groupinfo and overview information, it would kill
- log port number in "connected to" log message
- Mark Brown's workaround to "no groups available" problem with
authentication failures, but after authentication failures and fixing
username/password in the configuration file, run fetchnews -f once
- buffer underrun fixed when the command consisted only of whitespace.
Bug fix by Ralf Wildenhues.
- log our and the peer's address (to hint someone he should really use
tcpd or something similar, and to overcome "I did not order this news
- now mark the correct article for download in delaybody mode if the
news reader sends BODY or ARTICLE <message-id>. (only affects
- XOVER 1- now works on pseudogroups
- XOVER -n is now supported (came for free with the previous fix ;)
- STAT/HEAD/BODY/ARTICLE with "current article pointer" now work for
- exits with 503 error message to the client if the own hostname is not
- add a new -f option to show the failed.postings queue.
- the man page has been finally fixed to document that we expire
individual articles, not threads.
Changes which are more technical and less visible:
- article numbers are now unsigned long almost everywhere
- out-of-memory conditions detected properly
- non-exploitable buffer overruns fixed
- line reading function is rock solid now, no more getaline
- mkstemp is now robust against broken implementations that
do not look at the umask
- some tuning took place, some fprintf have been replaced by fputs
- mkstemp function updated from leafnode 2.0beta
* 1.9.19 and prior: see ChangeLog.old. A separate NEWS file was not kept.