Git Product home page Git Product logo

inn's Introduction

Welcome to the InterNetNews project!

INN 2.8

Our main branch is for the current development of the next INN 2.8 major release. Head to the 2.7 branch for the maintenance of the most recently released stable version.

This code is under active development and may or may not be stable at any given time. Contributions and bug reports are welcome and encouraged.

This work is sponsored by Internet Systems Consortium.

The official homepage of the project is https://www.isc.org/othersoftware/.

You'll also find very useful information about INN on Russ Allbery's web site.

Please see:

  • CHECKLIST for a quick overview of all the installation steps and pointers to documentation,

  • INSTALL for full installation instructions,

  • FAQ for INN FAQ,

  • NEWS for what's changed from the previous release,

  • and LICENSE for the copyright, license, and distribution terms.

These files can also be found in the doc or doc/pod directories if not present at top-level.

What is INN?

INN (InterNetNews), originally written by Rich Salz, is a very full-featured and extremely flexible and configurable Usenet / Netnews news server. For a complete description of the protocols behind Usenet and Netnews, see RFC 3977 (NNTP), RFC 4642 updated by RFC 8143 (TLS/NNTP), RFC 4643 (NNTP authentication), RFC 4644 (streaming NNTP feeds), RFC 5536 (USEFOR), RFC 5537 (USEPRO), RFC 6048 (NNTP LIST additions), RFC 8054 (NNTP compression) and RFC 8315 (Cancel-Lock) or their replacements.

In brief, Netnews is a set of protocols for exchanging messages between a decentralized network of news servers. News articles are organized into newsgroups, which are themselves organized into hierarchies. Each individual news server stores locally all articles it has received for a given newsgroup, making access to stored articles extremely fast. Netnews does not require any central server; instead, each news server passes along articles it receives to all of the news servers it peers with, those servers pass the articles along to their peers, and so on, resulting in "flood fill" propagation of news articles.

A news server performs three basic functions: it accepts articles from other servers and stores them on disk, sends articles it has received out to other servers, and offers stored news articles to readers on demand. It additionally has to perform some periodic maintenance tasks, such as deleting older articles to make room for new ones.

Originally, a news server would just store all of the news articles it had received in a file system. Users could then read news by reading the article files on disk (or more commonly using news reading software that did this efficiently). These days, news servers are almost always stand-alone systems and news reading is supported via network connections. A user who wants to read a newsgroup opens that newsgroup in their newsreader software, which opens a network connection to the news server and sends requests for articles and related information. The protocol that a newsreader uses to talk to a news server and that a news server uses to talk to another news server over TCP/IP is called NNTP (Network News Transport Protocol).

INN supports accepting articles via either NNTP connections or via UUCP. innd, the heart of INN, handles NNTP feeding connections directly; UUCP newsfeeds use rnews (included in INN) to hand articles off to innd. Other parts of INN handle feeding articles out to other news servers, most commonly innfeed (for real-time outgoing feeds) or nntpsend and innxmit (used to send batches of news created by innd to a remote site via TCP/IP). INN can also handle outgoing UUCP feeds.

The part of INN that handles connections from newsreaders is nnrpd.

Also included in INN are a wide variety of supporting programs to handle periodic maintenance and recovery from crashes, process special control messages, maintain the list of active newsgroups, and generate and record a staggering variety of statistics and summary information on the usage and performance of the server.

INN also supports an extremely powerful filtering system that allows the server administrator to reject unwanted articles (such as spam and other abuses of Usenet).

INN is free software, supported by Internet Systems Consortium and volunteers around the world. See "Supporting the INN Effort" below.

Prerequisites

Compiling INN requires an ANSI C compiler (gcc is recommended). INN was originally written in K&R C, but supporting pre-ANSI compilers has become enough of a headache that a lot of the newer parts of INN will no longer compile with a non-ANSI compiler. gcc itself will compile with most vendor non-ANSI compilers, however, so if you're stuck with one, installing gcc is highly recommended. Not only will it let you build INN, it will make installing lots of other software much easier. You may also need GNU make (particularly if your system make is BSD-derived), although most SysV make programs should work fine. Compiling INN also currently requires a yacc implementation (bison will do fine).

INN uses GNU autoconf to probe the capabilities of your system, and therefore should compile on nearly any Unix system. It does, however, make extensive use of mmap(), which can cause problems on some older operating systems. See INSTALL for a list of systems it is known to work on. If you encounter problems compiling or running INN, or if you successfully run INN on a platform that isn't listed in INSTALL, please let us know (see "Reporting Bugs" below).

Perl 5.004_03 or later is required to build INN and use the embedded Perl filtering and authentication hook support (which is highly recommended; some excellent spam filters have been written for INN). Since all versions of Perl previous to 5.004 are buggy (including security problems) and have fewer features, installing Perl 5.004_03 or later (like at least Perl 5.8.0) is recommended. Depending on what language you want to write your filters and authentication hooks in, you may also want to install Python 2.3.0 or later, or Python 3.3.0 or later.

For support for authenticated control messages, you will need either PGP or GnuPG, the latter being recommended. See INSTALL for more details.

For the ovdb overview storage method, you'll need Berkeley DB 4.4 or later (4.7 or later recommended). For the ovsqlite overview storage method, you'll need SQLite 3.8.2 or later (3.20.0 or later recommended). If you have zlib available, you can also compress overview before it's stored into ovdb or ovsqlite, and enable the COMPRESS capability, an NNTP extension. For support for news reading over TLS, you'll need OpenSSL or LibreSSL. To support SASL authentication to nnrpd or to feed newsgroups to an IMAP server with SASL authentication, you'll need the Cyrus SASL libraries. INN can also check passwords against a Kerberos KDC; for this, you will need Kerberos libraries.

Getting Started

A news server can be a fairly complicated piece of software to set up just because of the wide variety of pieces that have to be configured (who is authorized to read from the server, what newsgroups it carries, and how the articles are stored on disk at a bare minimum, and if the server isn't completely stand-alone -- and very few servers are -- both incoming and outgoing feeds have to be set up and tested). Be prepared to take some time to understand what's going on and how all the pieces fit together. If you have any specific suggestions for documentation, or comments about things that are unclear, please send them to the INN maintainers (see "Reporting Bugs" below).

Download

Source code tarballs of the official releases can be downloaded from https://downloads.isc.org/isc/inn/. The InterNetNews project does not distribute releases in binary form. Yet, precompiled versions may exist on your operating system.

When installing a new INN server, you may wish to download the latest snapshot of the stable branch rather than the last official release, so that to pick up possible bug fixes.

Build and Install

See INSTALL for step-by-step instructions for setting up and configuring a news server.

Documentation

INN also comes with a very complete set of man pages; there is a man page for every configuration file and program that comes with INN. (If you find one that doesn't have a man page, that's a bug. Please do report it.) When trying to figure out some specific problem, reading the man pages for all of the configuration files involved is a very good start.

URL: https://www.eyrie.org/~eagle/software/inn/docs/ (online documentation)

Reporting Bugs

We're interested in all bug reports. Not just on the programs, but on the documentation too. Please use the GitHub issue tracker to send such bug reports, or alternatively send them to

(patches are certainly welcome, see below). Even if you post to Usenet, please CC the above address.

If you have general "how do I do this" questions or problems configuring your server that you don't believe are due to a bug in INN, you should post them to news.software.nntp. A lot of experienced INN users, including several of the INN maintainers, read that newsgroup regularly. Please don't send general questions to the above addresses; those addresses are specifically for INN, and the INN maintainers usually won't have time to answer general questions.

Testing and Development

Source Code

INN is maintained using the Git version control system. The official InterNetNews Git repository is located at https://github.com/InterNetNews/inn. A local copy of the current development source can be obtained by cloning it using a Git client:

git clone https://github.com/InterNetNews/inn.git

You can also download daily snapshots produced only if the current code compiles and passes the test suite, so they have undergone at least some basic validation, although they've not been tested by a human.

Contributing Code

If you have a patch or a utility that you'd like to be considered for inclusion into INN, please make a GitHub pull request, or alternatively mail it to

in the body of the message (not as an attachment because the mailing-list might strip it), or put it on a webpage and send a link. Patches included with a bug report as described above should follow the same procedure.

Please submit all patches against the current main branch, not against a stable release. The development version of INN is often much different than the last stable release.

Also please take a look at HACKING for information about development and coding style.

Have fun!

Mailing Lists

There are various INN-related mailing lists you can join or send messages to if you like. Some of them you must be a member of before you can send mail to them (thank the spammers for that policy), and one of them is read-only (no postings allowed).

[email protected]

Where announcements about INN are sent (only maintainers may post).

URL: https://lists.isc.org/mailman/listinfo/inn-announce

[email protected]

Discussion of INN development. If you prefer not to use GitHub to create an issue or a pull request, it is also where to send bug reports and patches for consideration for inclusion into INN (postings by members only). If you're an INN expert and have the time to help out other users, we encourage you to join this mailing list to answer questions. (You may also want to read the newsgroup news.software.nntp, which gets a lot of INN-related questions.)

URL: https://lists.isc.org/mailman/listinfo/inn-workers

[email protected]

Git commit messages for INN are sent to this list (only the automated messages are sent here, no regular posting).

URL: https://lists.isc.org/mailman/listinfo/inn-committers

[email protected]

This list used to receive Trac issues for INN, before the migration to GitHub (only the automated messages were sent here, no regular posting). Bug reports should be sent to the inn-workers mailing list, or a GitHub issue created.

URL: https://lists.isc.org/mailman/listinfo/inn-bugs

To join these lists, send a subscription request to the -request address. The addresses for the above lists are:

You can alternatively join them from the subscription form in their public web pages.

Who's Responsible / Who to Thank

See CONTRIBUTORS for a long list of past contributors as well as people from the inn-workers mailing list who have dedicated a lot of time and effort to getting this new version together. They deserve a big round of applause. They've certainly got our thanks.

This product includes software developed by UUNET Technologies, Inc. and by the University of California, Berkeley and its contributors.

Last, but certainly not least, Rich Salz, the original author of INN deserves a lion's share of the credit for writing INN in the first place and making it the most popular news server software on the planet (no NNTP yet to the moon, but we plan to be there first).

Related Packages

INN users may also be interested in the following software packages that work with INN or are based on it. Please note that none of this software is developed or maintained by ISC; we don't support it and generally can't answer questions about it.

Cleanfeed

URL: https://www.mixmin.net/cleanfeed/ (maintained by Steve Crook)

Cleanfeed is an extremely powerful spam filter, probably the most widely used spam filter on Usenet currently. It catches excessive multiposting and a host of other things, and is highly configurable. Note that it requires that INN be built with Perl support (the --with-perl option to configure).

Cleanfeed was originally developed by Jeremy Nixon who maintained it until 1998. Then Marco d'Itri until 2002. Steve Crook has been maintaining it since 2007.

A Python-based variant of Cleanfeed, named PyClean, also exists and can be found at https://github.com/crooks/PyClean.

GUP (Group Update Program)

URL: https://tracker.debian.org/pkg/gup

GUP provides a way for your peers to update their newsfeeds entries as they want without having to ask you to edit the configuration file all the time. It's useful when feeding peers take limited and very specific feeds that change periodically.

innduct

URL: https://www.chiark.greenend.org.uk/ucgi/~ian/git-manpage/innduct.git/innduct.8 (maintained by Ian Jackson)

A possible replacement for innfeed, innxmit and nntpsend that quickly and reliably streams Usenet article to a remote site. innduct is designed to be robust and not to lose any articles (when offered to peers) in case it unexpectedly dies, contrary to innfeed. It also permits a realtime feed, contrary to innxmit or nntpsend.

NewsPortal

URL: https://gitlab.com/yamo-nntp/newsportal

A PHP-based web news reader that works as a front-end to a regular news server such as INN and lets people read and post without learning a news reader.

NewsPortal was originally written by Florian Amrhein https://amrhein.eu/newsportal/doc/ and is now maintained by Stéphane Grégoire who notably did a great job fixing a few bugs and adapting it for use on smartphones.

PersonalINN

URL: http://www.ritual.org/summer/pinn/

PersonalINN is a version of INN modified for personal use and with a friendly GUI built on top of it. It is available for NEXTSTEP or OPENSTEP only, unfortunately.

suck

URL: https://github.com/lazarus-pkgs/suck

suck is a separate package for downloading a news feed via a reading connection (rather than via a direct NNTP or UUCP feed) and sending outgoing local posts via POST. It's intended primarily for personal or small-organization news servers who get their news via an ISP and are too small to warrant setting up a regular news feed.

Supporting the INN Effort

Note that INN is supported by Internet Systems Consortium, and although it is free for use and redistribution and incorporation into vendor products and export and anything else you can think of, it costs money to produce. That money comes from ISPs, hardware and software vendors, companies who make extensive use of the software, and generally kind-hearted folk such as yourself.

Internet Systems Consortium has also commissioned a DHCP server implementation and handles the official support/release of BIND. You can learn more about the ISC's goals and accomplishments from the web page at https://www.isc.org/.

Russ Allbery
Katsuhiro Kondou
<[email protected]>

inn's People

Contributors

andkem avatar blgl avatar dependabot[bot] avatar enrikb avatar evs38 avatar ewxrjk avatar julien-elie avatar kev009 avatar rra avatar scrappy avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

inn's Issues

Refer to inn.conf variables instead of /usr/local/news in install docs

Reported by eagle on 14 Dec 2008 03:34 UTC
install.pod and checklist.pod currently still refer to the default /usr/local/news installation path rather than the inn.conf variables (I<pathbin> and friends) that are used elsewhere in the documentation. They should be changed to be consistent.

Support path determination for tradspool rebuilds in tdx-util -R

Reported by eagle on 14 Dec 2008 07:05 UTC
It's often useful to rebuild a whole set of groups stored in tradindexed, but tdx-util -R requires specifying both the newsgroup and the path, making it impossible to just use xargs or feeding it a list of groups. The path to the newsgroup should be possible to determine based on the normal algorithm and the article spool root, so the path argument to -R should be optional.

rnews should defer articles if INN is throttled

Reported by eagle on 14 Dec 2008 08:44 UTC
If innd is throttled, rnews currently fails the articles and moves them into the bad directory with an error like:

Apr  7 22:32:29 genba rnews: unknown_reply after article 400 loadav [innwatch:load] 1977 gt 1500

rnews really should just defer the articles if INN is throttled, but right now it doesn't have a great way to do that. I wonder if rnews should try to query the local control socket to get INN's status before trying to post messages, at least in -U mode.

Support Cancel-Lock

Reported by eagle on 14 Dec 2008 07:14 UTC
Cancel-Lock was a draft for a way to authenticate cancels cryptographically, the idea being that all articles would contain challenges that could only be met by the person knowing the original challenge secret. A cancel would then only be honored if it had the answer to the challenge in the article.

Abuse of cancels has dropped considerably and the Cancel-Lock protocol never made it to an RFC, but it may still be worth looking at supporting this in INN.

The first attached approach is from Andreas Barth. It has the following features:

  • A user can only post cancels for articles that are local posted or were originally generated and canceled by a cancel-lock enabled newsreader. The administrator may however allow users in readers.conf to post cancels for every article.

  • The patch adds just a very small burden on accepting articles and cancels with post and almost no burden at all for transferring articles.

  • Any news system could detect whether a cancel for an article originating at your site is fraud.

The patch does the following:

  • if an article is posted, - unless existing - a user cancel lock is added, and always an admin cancel lock is added.

  • if a cancel (oder supersedes) is posted, a user cancel key is always added. Now it is checked, whether one of the keys matches one of the locks. If yes, the cancel is accepted. The cancel is also accepted, if the original article is (no longer) available, or the original article has no lock and was posted before a given time (to allow for the transition periode). Otherwise, the cancel is rejected.

You must also create the files /etc/news/canlock.def and /etc/news/canlock.adm and fill them with any characters (but please use printable characters, that makes the live of fgets easier). The patch needs some polishing before inclusion, especially review and removing of the fixed path for the secret files.

Also attached is another approach. Both require the libcanlock library, also attached.

Remove the need for the "nnrpd -s" hack: improve setproctitle() and fix /usr/ucb/ps on Solaris

Reported by eagle on 14 Dec 2008 07:43 UTC
Reported by Miroslaw Luc [email protected].

  1. ps reads all of the strings from argv, not just argv[0], to the nearest NULL. Setting argv[1] to NULL helps ps to read only argv[0].

  2. If the length of the initial args > argv[0] modified by setproctitle() then ps discards the latter and displays the initial args. The problem is that it is always true because of using SPACES in ovdb_monitor/ovdb_server and `-s' in nnrpd.

We should:

  1. Set argv[1] to NULL in setproctitle().
  2. Move the environment to malloc()'ed space to make a room for argv[0].
  3. Spawn nnrpd without `-s'.
  4. Remove SPACES from ovdb_init,monitor,server.

It's not clear if this is worth it; setproctitle() seems to be getting less and less popular.

UUCP documentation

Reported by eagle on 14 Dec 2008 08:50 UTC
We should have documentation of how UUCP article feeds work and exactly what's needed to set it up and make it work. Here are some old notes from Andrew Gierth and Olaf Titz.

To be precise, the feeding site batches up articles from a feed (using batcher), and sends them via uucp by invoking (e.g. via the -p option of batcher) a command of the form:

uux - [options](other) sitename!rnews

which means "invoke the command 'rnews' on host 'sitename', using standard input from the uux command".

(The example given in the batcher manpage is to use:

(echo '#! cunbatch'; exec compress) | uux - -r -z %s!rnews

as a -p option to batcher; this compresses the batch first.)

The receiving site shouldn't need to do anything other than ensure that rnews is permitted to the sending site, and that uucp is otherwise working, which means, at least for recent INN versions, make sure that:

  • you have a symlink of ~news/bin/rnews to /bin (so uuxqt finds it)
  • rnews is installed setgid news and executable for the uucp user

This is not done automatically, the set[ug]id thing has to be enabled in configure now.

Password encryption utility

Reported by eagle on 14 Dec 2008 07:20 UTC
ckpasswd -f expects crypt() passwords, and not everyone has a copy of htpasswd handy. Attached is a C program from Ajax Ajax [email protected] to generate the password hash. Something like this should probably be included for people who don't have htpasswd.

Support hiding groups in nnrpd

Reported by eagle on 14 Dec 2008 08:31 UTC
Currently, groups that exist but that one isn't allowed to read receive different error codes (480 or 502) than groups that don't exist (411). This lets users probe for the existence of groups, which may be an information leak.

Add support for a hide: key in readers.conf listing a wildmat of groups for which nnrpd will pretend complete non-existence, returning 411 instead of 480/502. This lets news administrators hide groups at the cost of clients not knowing when to do reactive authentication for them.

Add support for Diablo-style hash feeds

Reported by eagle on 14 Dec 2008 04:43 UTC
Diablo supports a mechanism to take an incoming feed split across multiple boxes by hashing the message ID and only feeding the articles in a particular hash bucket to a given host. This lets the hosts collectively store a full feed without handling the full traffic on each host.

INN should support this sort of hash feed via a flag in newsfeeds.

Split tagged-hash from regular history backend

Reported by eagle on 14 Dec 2008 07:30 UTC
The history backend currently uses the dbz code in lib, which builds with tagged hash depending on compile-time options. This defeats the whole point of having a pluggable history API. Tagged hash should be a separate history backend that can be selected at run-time.

This will requiring untangling the code in lib/dbz.c and updating makedbz to call into the API instead of knowing about the dbz format internally.

Use uwildmat in nnrpd, support @

Reported by eagle on 14 Dec 2008 08:22 UTC
Switch nnrpd over to using the new wildmat routines rather than breaking apart strings on commas and matching each expression separately. This involves a lot of surgery, since PERMmatch is used all over the place.

Add support for @ in group permission wildmats to not allow reading an article if it's crossposted to any excluded group.
! would keep meaning what it means everywhere else: disallow this group, but possibly still allow the article if crossposted.

Obviously, the distinction only applies to articles retrieved via message ID rather than by reading a group.

INN manual

Reported by eagle on 14 Dec 2008 08:40 UTC
A full-blown manual for INN would be great. Here is some discussion from an e-mail message that I sent in 1999.

We currently already have what's essentially a reference manual; that's the collection of all of the man pages plus the three README.*_hook files. They need some glue, and more extensive cross-referencing, but that's not too hard.

We have the beginnings of an introductory guide, in the form of README (after the work I did about a month ago) and INSTALL, plus pieces of Elena's document. What that mainly needs at the moment is an overview of how INN works, including descriptions of the major files involved, stuck in-between those two documents and some documentation of the periodic maintenance tasks that one has to do stuck after INSTALL.

We need more general discussion of how specific parts of news work and how to do specific things; we currently have a doc on control messages but that's about it. I have a few things planned here. Part of what should go in this part is schemes for setting up specific types of servers. (If I want a basic feed and reader machine, what do I do? If I want a split feed and reader setup, what do I do? If I want to share the same reader spool across a bunch of machines, what do I do? If I want to set up a standalone server for a particular hierarchy, what do I do? How do I run nnrpd standalone rather than from innd?) Elena's document has some of that.

We're badly missing internals documentation, apart from a few really outdated library man pages.

The overall structure I'd like to see is something like this:

  • Introduction

  • Basic Usenet Concepts

  • User's Manual

    • Building and Installing INN
    • Configuring INN
    • Maintaining INN
    • Platform-Specific Issues
  • Configuration Manual

    • Specific Setups
      • Mixed Feed and Reader
      • Separate Feed and Reader
        • INN as Feed Machine
        • Other Server as Feed Machine
      • Farm of Readers With Same Spool
      • Standalone Public Server
    • Performance Issues
      • Major Bottlenecks
      • Choosing a Disk Layout
      • Tuning an INN Server
    • Filter Configuration
    • Namespace Management
      • Control Message Processing
      • Using actsync
  • Reference Manual

    • Primary INN Programs
    • Configuration Files
    • Maintenance and Recovery Programs
    • File Formats
    • Library Interfaces
    • Special Issues
      • RFC Compliance
      • Theory and Practice of Control Messages
  • Programmer's Manual

    • Code Structure
    • Major Data Structures
    • Documentation Maintenance

Anyway, that's entirely off the top of my head just now, but if you look that over, we actually have a surprising amount of that already. Particularly if you count the stuff that was in the old FAQ. It just isn't well-organized, tied together, explained, cross-referenced, and indexed.

Getting documentation, any documentation, is more important right now than any particular structure, but I'd strongly encourage people to think in terms of a structure like the above and have at least a tentative idea of where the documentation that they're writing would fit in. That way, it will be much easier for us down the road to produce a coherent and readable overall set of documentation.

Retrieve history entries between two times

Reported by eagle on 14 Dec 2008 08:24 UTC
Requested by Bill Davidsen:

A mode for grephistory (or some other tool, but that seems the most natural fit) that retrieves all records between two times, for any of posting, arrival, or expiration.

Support installation in FHS paths

Reported by eagle on 14 Dec 2008 06:44 UTC
INN currently strongly assumes that it owns a directory hierarchy and most of its files are relative to that directory hierarchy. It's possible to configure it otherwise, but only with significant path customization in inn.conf. It also doesn't separate the different types of binaries (user binaries for bin, system administrator binaries for sbin, and programs only run internally by INN for /usr/lib) very well.

The old installation paths should probably remain for backward compatibility, but an --enable-fhs option to configure that puts everything in the right place for the FHS would make packaging for FHS-compliant distributions much easier.

Attached is a patch from James Ralston that starts to implement this. From his patch explanation in 2001:

  • The configure.in file now supports a --enable-fhs-dirs option, which changes the defaults for most of the other directory-related options. It's equivalent to specifying about 10 different options manually. (Unfortunately, it necessitated abandoning the nice INN_ARG_DIR macro.) Use of --enable-fhs-dirs is documented in INSTALL.

  • The directory for nnrpd authorization programs is now a separate configure option (--with-auth-dir), with its own corresponding inn.conf parameter ("pathauth"). It defaults to $(prefix)/bin/auth if not set, which is the exact same place that the auth programs are currently installed.

  • DESTDIR is now properly supported (the existing support was broken in several ways). The "make install" and "make cert" steps properly obey DESTDIR. The use of DESTDIR is now documented in INSTALL.

  • It is no longer a requirement that the installation step be done by the superuser, as long as the user executing the install has supplied a DESTDIR value that points to a writable directory, and the person or process performing the install corrects the file ownerships when INN is installed on the system on which it's going to run. Non-root installs are now documented in INSTALL.

  • Multiple typos in INSTALL were fixed.

Things left to do:

  • Make the location of the rnews.libexec subdirectory configurable, the same as auth-dir / pathauth.

  • When the --enable-fhs-dirs option is given, only shared/static libraries should be placed into libdir; relocate everything else to appropriate directories.

  • Figure out what to do about --bindir, --sbindir, and --mandir. Should we use them (probably in a way not intended by configure), or create new options? Both approaches have disadvantages.

Patch:

Obtain moderator addresses via NHNS

Reported by eagle on 14 Dec 2008 06:08 UTC
NHNS was a protocol for putting group information into DNS, including moderation addresses. This is an old patch from Marco d'Itri to add support for this. This project may now be dead; I'm not sure.

Switch to Automake

Reported by eagle on 14 Dec 2008 03:48 UTC
INN originally used a hand-rolled build system and made libtool optional because both were extremely slow on the development platform I had at the time and that's how the original conversion from the old build system was done.

It's now many years later, computers are a lot faster, and Git Autoconf and libtool are considerably faster. We're adding a lot of complexity by maintaining our own build system. (I switched to Automake for all of my other projects some time ago and never looked back.)

A non-recursive build structure would be particularly nice, although it makes partial builds more difficult, but even a traditional recursive Automake setup would be an improvement.

The dynamic generation tricks that storage and history do will need revision for Automake and probably need to be done at configure time instead.

innreport doesn't properly track checkpoints across days

Reported by eagle on 14 Dec 2008 03:40 UTC
When logging incoming article counts, innd logs two types of log messages: closing messages when the remote peer terminates the connection, which summarizes all articles received on that connection and then reset the counter, and checkpoint messages, which say how many articles were received so far.

Currently, innreport takes into account checkpoint messages if no subsequent closing message is seen, but since connections can be open for days, this can produce skewed numbers on how many articles have been received. The articles received on previous days aren't properly subtracted from the checkpoint value.

One possible solution would be to store a local file holding the last checkpoints that innreport processed, and then read that file at the beginning of a new run and subtract off those numbers from subsequent checkpoints. There would need to be some way to run innreport and not save changes to this file.

innfeed error 500 handler

Reported by eagle on 14 Dec 2008 06:32 UTC
Sven Paulus wrote in 2000:

Another problem concerning innfeed came up on de.admin.news.misc some days ago: Someone posted an article containing a Message-ID 494 characters long. Now some NNTPRelay and Diablo peers rejected this Message-ID as being too long with an 500 return code (= syntax error). innfeed logged a cxnsleep message and requeued the article for resending it later. You surely will guess what follows? innfeed is happily trying to resend this article over and over again, until you force a shutdown of the innfeed process and dig the Message-ID out of the batch files ...

The real problem is, that innfeed has only one return code handler for all commands, so you have to figure out, whether the 500 was in reply to an IHAVE, to a CHECK or to a TAKETHIS command.

My idea how a handler function for 500 replies could look like is this, but I haven't tested it yet (I'd have to setup a isolated test environment, I don't want to pollute the 'real' net with articles causing problems). But maybe who knows innfeed a little better than me could have a look on it and say if this makes sense.

Support POST in innxmit

Reported by eagle on 14 Dec 2008 06:57 UTC
From Dmitry Yasir [email protected], this is a patch to support sending articles to a remote server with POST instead of IHAVE. This is kind of broken from a protocol standpoint, but is a workaround in some situations without real feeds.

nnrpd doesn't support passwords with spaces

Reported by eagle on 14 Dec 2008 06:54 UTC
The NNTP protocol uses whitespace as a command and argument separator, which means that passwords containing whitespace don't work. The generic NNTP parser in nnrpd throws away the tail end of the password or produces a syntax error.

However, since the password is the last argument, we can hack around this problem. Here's a patch from Jeffrey M. Vinocur from 2001 that implements that fix, which may require some updating.

Support header-only feed from innfeed

Reported by eagle on 14 Dec 2008 05:44 UTC
Implements Diablo-style MODE HEADFEED. It might be better to wait for some standardization of the protocol before adding something like this.

From Miquel van Smoorenburg:

This is a patch I've had laying around for a few years and that I never got around to testing. It's against inn-2.4.1 and compiled fine in 2004, but its completely untested.

Anyway I'm posting it here so that it's in the archives, so that if anyone ever wants to implement this functionality inn innfeed they have a possible starting point.

Authenticated Path header support

Reported by eagle on 14 Dec 2008 06:00 UTC
The new USEPRO draft will recommend that netnews implementations verify that the Path header matches the expected path identity of the peer sending the article and embed a warning into the Path if not. Diablo already does something like this.

Attached to this ticket is an implementation from Andrew Gierth that doesn't use the same keywords that were finally arrived at for USEPRO, but which may be a starting point.

The patch also has other, unrelated changes which ideally should be split out into separate tickets but which I haven't had time to do. The full list of what it does is:

  • merged version of NNTPconnect/NNTPlocalopen/NNTPremoteopen; this allows the use of Unix-domain sockets for parameters like nnrpdposthost (I use this to put a filter process between nnrpd and innd)

  • patch to the innconfval program to actually recognise the INNCONF variable

  • a bugfix to control-only feeds (junked non-control articles were being fed down control-only feeds)

  • an RChostlabel function (like RChostname). (I use this in other modifications, not included here, to make most of the logging that previously used the hostname now use the feed label from incoming.conf instead, because I want to. perhaps that should be an option?)

  • a few more headers in the header list.

  • changed the HTML status filename to end in .html to keep the webserver happy.

Many of these changes are already made in CURRENT.

Support feeding junk to peers

Reported by eagle on 14 Dec 2008 06:38 UTC
This patch from Andrew Gierth adds the capability to feed articles accepted and filed in junk (due to wanttrash) to peers based on their feed patterns (applied to the Newsgroups header as if the article were accepted and all those groups were carried). This is required if you want to run INN with a minimal active file and propagate all posts.

Export the same variables from all innshellvars instances

Reported by eagle on 14 Dec 2008 04:25 UTC
The different implementations of innshellvars currently use different names for the same variables (SPOOLBASE, for example, in the shell version). We should standardize so that everyone uses the same name for the same thing and everyone exports the same variables.

This will break backward compatibility, so needs to be done in a major release.

Support GnuTLS for nnrpd TLS support

Reported by eagle on 14 Dec 2008 05:37 UTC
GnuTLS has a nicer API and a very active upstream, as well as a nicer license for some purposes. It would be nice to support either TLS library in nnrpd (which would probably require refactoring the TLS code extensively so that we could support multiple underlying layers, since the OpenSSL compatibility code in GnuTLS is probably not up to the task).

tradspool and timehash articles not deleted after rmgroup

Reported by eagle on 14 Dec 2008 08:43 UTC
When a newsgroup is removed with rmgroup, nothing cleans up the articles in tradspool and timehash (and possibly also timecaf). The old articles continue consuming disk space and, if the group is recreated, serve as land mines for the server when the article numbers get back to the same range.

The easiest way to fix this is probably to provide an interface to delete all the articles from the spool immediately on an rmgroup. We lose our current partial ability to recover from a mistaken rmgroup, but I think that's a good tradeoff.

History file format depends on configuration options

Reported by eagle on 14 Dec 2008 07:27 UTC
The current history file format on disk varies depending on whether INN was built on a 32-bit or 64-bit system, or was built with large file support or not. The on-disk file format should be standardized and dynamically updated if need be so that systems can move from 32-bit to 64-bit.

Attached is a patch from Marco d'Itri that was used for the Debian INN packages, which adds a 64-bit variant of the history backend. This isn't the best solution, but it's an interesting workaround.

Add inn man page listing the other man pages

Reported by eagle on 14 Dec 2008 03:36 UTC
INN has enough documentation that it would benefit from having an installed index page that points to the other man pages. Following Perl, having an inn(1) man page that lists the other available man pages is probably the easiest way to do this.

Limit reader connections per IP address

Reported by eagle on 14 Dec 2008 04:08 UTC
nnrpd currently has no way of limiting connections per IP address other than using the custom auth hooks. In its daemon mode, it could in theory keep track of this and support throttling. It's probably not worth trying to support this when invoked via inetd, since at that point one could just use xinetd and its built-in support for things like this.

When started from innd, this is a bit harder. innd has some basic rate limiting stuff, but nothing for tracking number of simultaneous connections over time. It may be fine to say that if you want to use this feature, you need to have nnrpd be invoked separately, not run from innd.

Support IP range matching in incoming.conf

Reported by eagle on 14 Dec 2008 03:11 UTC
innd doesn't support matching IP address ranges in incoming.conf (entries such as 192.168.0.0/16) the way that nnrpd does for readers.conf. This was requested for dealing with uu.net feeds, where they have a /24 that might send outgoing news.

Due to the way that incoming connections are matched, this isn't a trivial change. innd would need to store the strings to match instead of address structs and then use network_addr_match().

innreport creates incorrect file names at the start of the year

Reported by eagle on 14 Dec 2008 07:54 UTC
Reported by Julien ÉLIE:

There is a problem in the name of the last report of the year. Instead of being named news-notice.2006.12.31-04.15.02.html, it is named news-notice.2006.01.01-00.00.00.html and thus breaks everything in the html page (it is put at the bottom...).

And the line is Jan 1 00:00:00 -- Dec 31 23:59:59 instead of Dec 31 04:15:02 -- Jan 2 04:15:03.

Add encoding to checkgroups processing

Reported by eagle on 14 Dec 2008 03:30 UTC
Add encoding specifications such as:

  # Output encoding for newsgroups file.
  /encoding/:utf-8

  # Incoming encodings in checkgroups.
  /encoding/:*:cp1252
  /encoding/:cn.*:gb18030
  /encoding/:fido.*:utf-8
  /encoding/:fr.*:iso-8859-15

and then update docheckgroups processing to use iconv to convert newsgroup descriptions to the output encoding before adding them to newsgroups.

Add size and post time of articles to innfeed tape

Reported by eagle on 14 Dec 2008 06:16 UTC
The attached patch from Sergey Babitch [email protected] adds the article size and post time to the innfeed tape files by letting innfeed understand (in a backward-compatible way) additional information in the channel feed from innd.

The patch doesn't make use of this data, but it can be used to show total article size in backlogs or to not transmit articles if the remote peer is known not to want articles that old.

CNFS bitmap overflows with 64-bit INN

Reported by eagle on 14 Dec 2008 04:40 UTC
inn-workers mail from Christiaan den Besten [email protected]:

We have recently been starting to compile INN in 64-bit on our (newer) 64-bit Linux spool servers. Since some time I have noticed we see more and more of ..

Jul 28 12:26:24 spool nnrpd[CNFS-sm: fudge size overflows bitmaps @03147374313600000000082C271800000002@ st16:0x10f7ff3b000: 179120864
Jul 28 12:26:24 spool nnrpd[753](753]:): CNFS-sm: fudge size overflows bitmaps @03147374313600000000082C271800000002@ st16:0x10f7ff3b000: 179120864

It looks likes articles are being 'overwritten' after some period of time or something like that. From what we have noticed it looks like postings arrive 'complete', but after some weeks they get broken, which would imply something is writing to the spool file at the wrong place ... which might explain the overflows.

Perl bindings to the new INN config parser

Reported by eagle on 14 Dec 2008 03:21 UTC
The long-term intention is for the new config parser in lib/confparse.c to be used for parsing as many INN configuration files as possible. It would be nice to have Perl bindings to this interface so that Perl utilities could also make use of it (inncheck would immediately benefit).

Remove or fix installation of signcontrol

Reported by eagle on 14 Dec 2008 05:29 UTC
signcontrol is currently unconditionally installed even though it has per-site configuration, so that configuration would be overwritten on make update.

It's not clear that INN should be shipping this program at all. Only a few people will need to issue PGP-signed control messages, and those who do can easily get it as part of the pgpverify distribution (or download one of the many other programs for this purpose).

Perl module interface to ctlinnd

Reported by eagle on 14 Dec 2008 05:55 UTC
Provide a Perl interface to the ctlinnd protocol. Marco d'Itri wrote a Perl module that reimplemented the protocol in native Perl in 1999 (attached), but even better would be to provide Perl bindings to the code in lib/inndcomm.c. Cleaning that code up first and abstracting it into a nice interface and protocol specification first would be nice....

Act on checkgroups control messages instead of sending mail

Reported by eagle on 14 Dec 2008 03:26 UTC
The only difference between doit and mail in control.ctl configuration of checkgroups handling is whether controlchan runs the checkgroups through docheckgroups to generate a shell script first. There's no way to tell the server to just make the necessary changes.

If this is added, there should probably be a corresponding configuration option telling controlchan the maximum number of changes that could be made at one time before bailing and mailing the changes to the admin.

news log logging wrong source for local postings

Reported by eagle on 14 Dec 2008 05:35 UTC
Local postings are logged to the news log as originating from a site from the Path or possibly from elsewhere in memory. I see not-for-mail entries in the news logs, and other people have seen various peer sites.

tradindexed expiry speedups

Reported by eagle on 14 Dec 2008 08:26 UTC
After analysis of a syscall trace of expiration through tradindexed, the following would at least reduce the number of system calls:

  • group.index is being opened and closed between every single group expiration, which is really rather unnecessary (and mmap isn't the world's fastest system call, so it may well be noticably slower to do this).

  • Overview files that are empty shouldn't be expired in the first place; there's no point, and it would save a bunch of opens and renames.

  • Setting the file descriptors to close on exec looks pretty painful in a trace, although I'm not sure how much of a performance hit it really is. It's an additional two system calls for every open, though, and Solaris's system call interface, unlike Linux's, is pretty painful. Those are only in there for innd; we should be able to make this some sort of configuration flag, maybe another flag to pass into OVopen() like the existing modes.

gpgverify uses attached signature verifications

Reported by eagle on 14 Dec 2008 05:13 UTC
gpgverify uses the old attached signature verification method, which doesn't work properly for new-style GnuPG signatures that require Hash headers for attached signatures.

Given that pgpverify does the right thing and gpgverify was added just because it was a simplified version that assumed GnuPG, perhaps it should be removed.

Expand newsfeeds variables in other variables

Reported by eagle on 14 Dec 2008 07:58 UTC
Reported by Julien ÉLIE:

In newsfeeds, it appears that variables are not expanded when used within other variables.

For instance:

$VAR1 = group.test
$VAR2 = group.*,@$VAR1

If I feed a site with $VAR2, group.test is still sent to it.

It is not a problem of @$ since $VAR1 = @group.test or $VAR1 = !group.test leads to the same result with $VAR2 = group.*,@VAR1.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.